automatic update

author: security tracker role <sectracker@soriano.debian.org> 2019-03-18 20:10:14 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2019-03-18 20:10:14 +0000
commit: b52483e988b611ffa7ff016030b0a61101f28219 (patch)
tree: 440ead7c2c2cb0bf02ecc5929bee37f271401d72
parent: 48e42f485f4e01f92211c58abc88e5304d6a9667 (diff)
21 files changed, 113882 insertions, 113866 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index cca642087a..8fcb525b81 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -8,2622 +8,2622 @@ CVE-1999-1595
 	RESERVED
 CVE-1999-1594
 	RESERVED
-CVE-1999-1593 (Windows Internet Naming Service (WINS) allows remote attackers to ...)
+CVE-1999-1593
 	NOT-FOR-US: Windows
-CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as installed on ...)
+CVE-1999-1592
 	- sendmail <not-affected> (Concerns only ancient sendmail V5)
-CVE-1999-1591 (Microsoft Internet Information Services (IIS) server 4.0 SP4, without ...)
+CVE-1999-1591
 	NOT-FOR-US: Microsoft IIS
-CVE-1999-1590 (Directory traversal vulnerability in Muhammad A. Muquit wwwcount ...)
+CVE-1999-1590
 	NOT-FOR-US: Muhammad A. Muquit wwwcoun
-CVE-1999-1589 (Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users ...)
+CVE-1999-1589
 	NOT-FOR-US: IBM AIX
-CVE-1999-1588 (Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 ...)
+CVE-1999-1588
 	NOT-FOR-US: Sun Solaris
-CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier ...)
+CVE-1999-1587
 	NOT-FOR-US: Solaris
 CVE-1999-XXXX [Insecure access control on GNU Mach's IO ports]
 	- gnumach 1:20050801-3 (bug #46709)
 	NOTE: Nearly six years old :-)
-CVE-1999-1586 (loadmodule in SunOS 4.1.x, as used by xnews, does not properly ...)
+CVE-1999-1586
 	NOT-FOR-US: SunOS
-CVE-1999-1585 (The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly ...)
+CVE-1999-1585
 	NOT-FOR-US: Solaris
-CVE-1999-1584 (Unknown vulnerability in (1) loadmodule, and (2) modload if modload is ...)
+CVE-1999-1584
 	NOT-FOR-US: SunOS
-CVE-1999-1583 (Buffer overflow in nslookup for AIX 4.3 allows local users to execute ...)
+CVE-1999-1583
 	NOT-FOR-US: AIX
-CVE-1999-1582 (By design, the &quot;established&quot; command on the Cisco PIX firewall allows ...)
+CVE-1999-1582
 	NOT-FOR-US: Cisco
-CVE-1999-1581 (Memory leak in Simple Network Management Protocol (SNMP) agent ...)
+CVE-1999-1581
 	NOT-FOR-US: Windows
-CVE-1999-1580 (SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding ...)
+CVE-1999-1580
 	- sendmail <not-affected> (Sun-specific)
-CVE-1999-1579 (The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions ...)
+CVE-1999-1579
 	NOT-FOR-US: Windows
-CVE-1999-1578 (Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, ...)
+CVE-1999-1578
 	NOT-FOR-US: Windows
-CVE-1999-1577 (Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for ...)
+CVE-1999-1577
 	NOT-FOR-US: Windows
-CVE-1999-1576 (Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, ...)
+CVE-1999-1576
 	NOT-FOR-US: Acrobat Reader
-CVE-1999-1575 (The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation ...)
+CVE-1999-1575
 	NOT-FOR-US: Kodak/Wang tools for IE
-CVE-1999-1574 (Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow ...)
+CVE-1999-1574
 	NOT-FOR-US: AIX
-CVE-1999-1573 (Multiple unknown vulnerabilities in the &quot;r-cmnds&quot; (1) remshd, (2) ...)
+CVE-1999-1573
 	NOT-FOR-US: HP-UX
-CVE-1999-1568 (Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote ...)
+CVE-1999-1568
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1565 (Man2html 2.1 and earlier allows local users to overwrite arbitrary ...)
+CVE-1999-1565
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1556 (Microsoft SQL Server 6.5 uses weak encryption for the password for the ...)
+CVE-1999-1556
 	NOT-FOR-US: Microsoft
-CVE-1999-1550 (bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to ...)
+CVE-1999-1550
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands via an ...)
+CVE-1999-1542
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring ...)
+CVE-1999-1537
 	NOT-FOR-US: Microsoft
-CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload before ...)
+CVE-1999-1535
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a ...)
+CVE-1999-1531
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1530 (cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly ...)
+CVE-1999-1530
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1520 (A configuration problem in the Ad Server Sample directory (AdSamples) ...)
+CVE-1999-1520
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1512 (The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote ...)
+CVE-1999-1512
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1507 (Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access ...)
+CVE-1999-1507
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1494 (colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local ...)
+CVE-1999-1494
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1490 (xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access ...)
+CVE-1999-1490
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1488 (sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote ...)
+CVE-1999-1488
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1486 (sadc in IBM AIX 4.1 through 4.3, when called from programs such as ...)
+CVE-1999-1486
 	NOT-FOR-US: AIX
-CVE-1999-1481 (Squid 2.2.STABLE5 and below, when using external authentication, ...)
+CVE-1999-1481
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1478 (The Sun HotSpot Performance Engine VM allows a remote attacker to ...)
+CVE-1999-1478
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1476 (A bug in Intel Pentium processor (MMX and Overdrive) allows local ...)
+CVE-1999-1476
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1473 (When a Web site redirects the browser to another site, Internet ...)
+CVE-1999-1473
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1472 (Internet Explorer 4.0 allows remote attackers to read arbitrary text ...)
+CVE-1999-1472
 	NOT-FOR-US: Microsoft
-CVE-1999-1468 (rdist in various UNIX systems uses popen to execute sendmail, which ...)
+CVE-1999-1468
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1456 (thttpd HTTP server 2.03 and earlier allows remote attackers to read ...)
+CVE-1999-1456
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1455 (RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not ...)
+CVE-1999-1455
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1452 (GINA in Windows NT 4.0 allows attackers with physical access to ...)
+CVE-1999-1452
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1437 (ePerl 2.2.12 allows remote attackers to read arbitrary files and ...)
+CVE-1999-1437
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1433 (HP JetAdmin D.01.09 on Solaris allows local users to change the ...)
+CVE-1999-1433
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1432 (Power management (Powermanagement) on Solaris 2.4 through 2.6 does not ...)
+CVE-1999-1432
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1423 (ping in Solaris 2.3 through 2.6 allows local users to cause a denial ...)
+CVE-1999-1423
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1419 (Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and ...)
+CVE-1999-1419
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1414 (IBM Netfinity Remote Control allows local users to gain administrator ...)
+CVE-1999-1414
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1411 (The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 ...)
+CVE-1999-1411
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1409 (The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local ...)
+CVE-1999-1409
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1407 (ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows ...)
+CVE-1999-1407
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in Solaris ...)
+CVE-1999-1402
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in the ...)
+CVE-1999-1397
 	NOT-FOR-US: Microsoft
-CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running with the ...)
+CVE-1999-1386
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local ...)
+CVE-1999-1385
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1384 (Indigo Magic System Tour in the SGI system tour package (systour) for ...)
+CVE-1999-1384
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1382 (NetWare NFS mode 1 and 2 implements the &quot;Read Only&quot; flag in Unix by ...)
+CVE-1999-1382
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1380 (Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ...)
+CVE-1999-1380
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1379 (DNS allows remote attackers to use DNS name servers as traffic ...)
+CVE-1999-1379
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1365 (Windows NT searches a user's home directory (%systemroot% by default) ...)
+CVE-1999-1365
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1363 (Windows NT 3.51 and 4.0 allow local users to cause a denial of service ...)
+CVE-1999-1363
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1362 (Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a ...)
+CVE-1999-1362
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1360 (Windows NT 4.0 allows local users to cause a denial of service via a ...)
+CVE-1999-1360
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1359 (When the Ntconfig.pol file is used on a server whose name is longer ...)
+CVE-1999-1359
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1358 (When an administrator in Windows NT or Windows 2000 changes a user ...)
+CVE-1999-1358
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1356 (Compaq Integration Maintenance Utility as used in Compaq Insight ...)
+CVE-1999-1356
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1351 (Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the ...)
+CVE-1999-1351
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1341 (Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, ...)
+CVE-1999-1341
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1339 (Vulnerability when Network Address Translation (NAT) is enabled in ...)
+CVE-1999-1339
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1337 (FTP client in Midnight Commander (mc) before 4.5.11 stores usernames ...)
+CVE-1999-1337
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1336 (3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows ...)
+CVE-1999-1336
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1335 (snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux ...)
+CVE-1999-1335
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1333 (automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux ...)
+CVE-1999-1333
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1332 (gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows ...)
+CVE-1999-1332
 	{DSA-308}
 	- gzip 1.3.5-6
-CVE-1999-1331 (netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be ...)
+CVE-1999-1331
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1330 (The snprintf function in the db library 1.85.4 ignores the size ...)
+CVE-1999-1330
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1329 (Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows ...)
+CVE-1999-1329
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1328 (linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users ...)
+CVE-1999-1328
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1327 (Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows ...)
+CVE-1999-1327
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1326 (wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR ...)
+CVE-1999-1326
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1325 (SAS System 5.18 on VAX/VMS is installed with insecure permissions for ...)
+CVE-1999-1325
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1324 (VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or ...)
+CVE-1999-1324
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1321 (Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could ...)
+CVE-1999-1321
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1320 (Vulnerability in Novell NetWare 3.x and earlier allows local users to ...)
+CVE-1999-1320
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1318 (/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that ...)
+CVE-1999-1318
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1317 (Windows NT 4.0 SP4 and earlier allows local users to gain privileges ...)
+CVE-1999-1317
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1316 (Passfilt.dll in Windows NT SP2 allows users to create a password that ...)
+CVE-1999-1316
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1309 (Sendmail before 8.6.7 allows local users to gain root access via a ...)
+CVE-1999-1309
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1301 (A design flaw in the Z-Modem protocol allows the remote sender of a ...)
+CVE-1999-1301
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1298 (Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous ...)
+CVE-1999-1298
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1297 (cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier ...)
+CVE-1999-1297
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1294 (Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore ...)
+CVE-1999-1294
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1290 (Buffer overflow in nftp FTP client version 1.40 allows remote ...)
+CVE-1999-1290
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1288 (Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, ...)
+CVE-1999-1288
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1284 (NukeNabber allows remote attackers to cause a denial of service by ...)
+CVE-1999-1284
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1279 (An interaction between the AS/400 shared folders feature and Microsoft ...)
+CVE-1999-1279
 	NOT-FOR-US: Microsoft
-CVE-1999-1276 (fte-console in the fte package before 0.46b-4.1 does not drop root ...)
+CVE-1999-1276
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1263 (Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary ...)
+CVE-1999-1263
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1262 (Java in Netscape 4.5 does not properly restrict applets from ...)
+CVE-1999-1262
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1259 (Microsoft Office 98, Macintosh Edition, does not properly initialize ...)
+CVE-1999-1259
 	NOT-FOR-US: Microsoft
-CVE-1999-1258 (rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent ...)
+CVE-1999-1258
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1249 (movemail in HP-UX 10.20 has insecure permissions, which allows local ...)
+CVE-1999-1249
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1246 (Direct Mailer feature in Microsoft Site Server 3.0 saves user domain ...)
+CVE-1999-1246
 	NOT-FOR-US: Microsoft
-CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local ...)
+CVE-1999-1243
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial session ...)
+CVE-1999-1233
 	NOT-FOR-US: Microsoft
-CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to cause ...)
+CVE-1999-1226
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via a ...)
+CVE-1999-1223
 	NOT-FOR-US: Microsoft
-CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to ...)
+CVE-1999-1222
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1217 (The PATH in Windows NT includes the current working directory (.), ...)
+CVE-1999-1217
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1215 (LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes ...)
+CVE-1999-1215
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1214 (The asynchronous I/O facility in 4.4 BSD kernel does not check user ...)
+CVE-1999-1214
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1209 (Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open ...)
+CVE-1999-1209
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1208 (Buffer overflow in ping in AIX 4.2 and earlier allows local users to ...)
+CVE-1999-1208
 	NOT-FOR-US: AIX
-CVE-1999-1205 (nettune in HP-UX 10.01 and 10.00 is installed setuid root, which ...)
+CVE-1999-1205
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1204 (Check Point Firewall-1 does not properly handle certain restricted ...)
+CVE-1999-1204
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1203 (Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote ...)
+CVE-1999-1203
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1201 (Windows 95 and Windows 98 systems, when configured with multiple ...)
+CVE-1999-1201
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1199 (Apache WWW server 1.3.1 and earlier allows remote attackers to cause a ...)
+CVE-1999-1199
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1198 (BuildDisk program on NeXT systems before 2.0 does not prompt users for ...)
+CVE-1999-1198
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1197 (TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a ...)
+CVE-1999-1197
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1194 (chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which ...)
+CVE-1999-1194
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1193 (The &quot;me&quot; user in NeXT NeXTstep 2.1 and earlier has wheel group ...)
+CVE-1999-1193
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1192 (Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local ...)
+CVE-1999-1192
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1191 (Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local ...)
+CVE-1999-1191
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1189 (Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 ...)
+CVE-1999-1189
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1188 (mysqld in MySQL 3.21 creates log files with world-readable ...)
+CVE-1999-1188
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1181 (Vulnerability in On-Line Customer Registration software for IRIX 6.2 ...)
+CVE-1999-1181
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1177 (Directory traversal vulnerability in nph-publish before 1.2 allows ...)
+CVE-1999-1177
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1175 (Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS ...)
+CVE-1999-1175
 	NOT-FOR-US: Cisco
-CVE-1999-1167 (Cross-site scripting vulnerability in Third Voice Web annotation ...)
+CVE-1999-1167
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1163 (Vulnerability in HP Series 800 S/X/V Class servers allows remote ...)
+CVE-1999-1163
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1162 (Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers ...)
+CVE-1999-1162
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1161 (Vulnerability in ppl in HP-UX 10.x and earlier allows local users to ...)
+CVE-1999-1161
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1160 (Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and ...)
+CVE-1999-1160
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1159 (SSH 2.0.11 and earlier allows local users to request remote forwarding ...)
+CVE-1999-1159
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1157 (Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to ...)
+CVE-1999-1157
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to cause ...)
+CVE-1999-1156
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to cause a ...)
+CVE-1999-1148
 	NOT-FOR-US: Microsoft
-CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows ...)
+CVE-1999-1147
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x ...)
+CVE-1999-1146
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1145 (Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and ...)
+CVE-1999-1145
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1144 (Certain files in MPower in HP-UX 10.x are installed with insecure ...)
+CVE-1999-1144
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1143 (Vulnerability in runtime linker program rld in SGI IRIX 6.x and ...)
+CVE-1999-1143
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1142 (SunOS 4.1.2 and earlier allows local users to gain privileges via ...)
+CVE-1999-1142
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1140 (Buffer overflow in CrackLib 2.5 may allow local users to gain root ...)
+CVE-1999-1140
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1139 (Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier ...)
+CVE-1999-1139
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1138 (SCO UNIX System V/386 Release 3.2, and other SCO products, installs ...)
+CVE-1999-1138
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1137 (The permissions for the /dev/audio device on Solaris 2.2 and earlier, ...)
+CVE-1999-1137
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1136 (Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 ...)
+CVE-1999-1136
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1132 (Windows NT 4.0 allows remote attackers to cause a denial of service ...)
+CVE-1999-1132
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1131 (Buffer overflow in OSF Distributed Computing Environment (DCE) ...)
+CVE-1999-1131
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1127 (Windows NT 4.0 does not properly shut down invalid named pipe RPC ...)
+CVE-1999-1127
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1122 (Vulnerability in restore in SunOS 4.0.3 and earlier allows local users ...)
+CVE-1999-1122
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1121 (The default configuration for UUCP in AIX before 3.2 allows local ...)
+CVE-1999-1121
 	NOT-FOR-US: AIX
-CVE-1999-1120 (netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental ...)
+CVE-1999-1120
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1119 (FTP installation script anon.ftp in AIX insecurely configures ...)
+CVE-1999-1119
 	NOT-FOR-US: AIX
-CVE-1999-1118 (ndd in Solaris 2.6 allows local users to cause a denial of service by ...)
+CVE-1999-1118
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1117 (lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files ...)
+CVE-1999-1117
 	NOT-FOR-US: AIX
-CVE-1999-1116 (Vulnerability in runpriv in Indigo Magic System Administration ...)
+CVE-1999-1116
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1115 (Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS ...)
+CVE-1999-1115
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1114 (Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and ...)
+CVE-1999-1114
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1111 (Vulnerability in StackGuard before 1.21 allows remote attackers to ...)
+CVE-1999-1111
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1109 (Sendmail before 8.10.0 allows remote attackers to cause a denial of ...)
+CVE-1999-1109
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1105 (Windows 95, when Remote Administration and File Sharing for NetWare ...)
+CVE-1999-1105
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1104 (Windows 95 uses weak encryption for the password list (.pwl) file used ...)
+CVE-1999-1104
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1103 (dxconsole in DEC OSF/1 3.2C and earlier allows local users to read ...)
+CVE-1999-1103
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1102 (lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating ...)
+CVE-1999-1102
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1100 (Cisco PIX Private Link 4.1.6 and earlier does not properly process ...)
+CVE-1999-1100
 	NOT-FOR-US: Cisco
-CVE-1999-1099 (Kerberos 4 allows remote attackers to obtain sensitive information via ...)
+CVE-1999-1099
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1098 (Vulnerability in BSD Telnet client with encryption and Kerberos 4 ...)
+CVE-1999-1098
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1094 (Buffer overflow in Internet Explorer 4.01 and earlier allows remote ...)
+CVE-1999-1094
 	NOT-FOR-US: Microsoft
-CVE-1999-1093 (Buffer overflow in the Window.External function in the JScript ...)
+CVE-1999-1093
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1090 (The default configuration of NCSA Telnet package for Macintosh and PC ...)
+CVE-1999-1090
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1087 (Internet Explorer 4 treats a 32-bit number (&quot;dotless IP address&quot;) in ...)
+CVE-1999-1087
 	NOT-FOR-US: Microsoft
-CVE-1999-1085 (SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher ...)
+CVE-1999-1085
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1080 (rmmount in SunOS 5.7 may mount file systems without the nosuid flag ...)
+CVE-1999-1080
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1074 (Webmin before 0.5 does not restrict the number of invalid passwords ...)
+CVE-1999-1074
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1059 (Vulnerability in rexec daemon (rexecd) in AT&amp;T TCP/IP 4.0 for various ...)
+CVE-1999-1059
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1057 (VMS 4.0 through 5.3 allows local users to gain privileges via the ...)
+CVE-1999-1057
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1055 (Microsoft Excel 97 does not warn the user before executing worksheet ...)
+CVE-1999-1055
 	NOT-FOR-US: Microsoft
-CVE-1999-1048 (Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local ...)
+CVE-1999-1048
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1047 (When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular ...)
+CVE-1999-1047
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1045 (pnserver in RealServer 5.0 and earlier allows remote attackers to ...)
+CVE-1999-1045
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1044 (Vulnerability in Advanced File System Utility (advfs) in Digital UNIX ...)
+CVE-1999-1044
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary ...)
+CVE-1999-1037
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a ...)
+CVE-1999-1035
 	NOT-FOR-US: Microsoft
-CVE-1999-1034 (Vulnerability in login in AT&amp;T System V Release 4 allows local users ...)
+CVE-1999-1034
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 ...)
+CVE-1999-1032
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1028 (Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of ...)
+CVE-1999-1028
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1027 (Solaris 2.6 HW3/98 installs admintool with world-writable permissions, ...)
+CVE-1999-1027
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1021 (NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 ...)
+CVE-1999-1021
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1019 (SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a ...)
+CVE-1999-1019
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1014 (Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local ...)
+CVE-1999-1014
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1011 (The Remote Data Service (RDS) DataFactory component of Microsoft Data ...)
+CVE-1999-1011
 	NOT-FOR-US: Microsoft
-CVE-1999-1010 (An SSH 1.2.27 server allows a client to use the &quot;none&quot; cipher, even if ...)
+CVE-1999-1010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1008 (xsoldier program allows local users to gain root access via a ...)
+CVE-1999-1008
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1007 (Buffer overflow in VDO Live Player allows remote attackers to execute ...)
+CVE-1999-1007
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1005 (Groupwise web server GWWEB.EXE allows remote attackers to read ...)
+CVE-1999-1005
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1004 (Buffer overflow in the POP server POProxy for the Norton Anti-Virus ...)
+CVE-1999-1004
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1001 (Cisco Cache Engine allows a remote attacker to gain access via a null ...)
+CVE-1999-1001
 	NOT-FOR-US: Cisco
-CVE-1999-1000 (The web administration interface for Cisco Cache Engine allows remote ...)
+CVE-1999-1000
 	NOT-FOR-US: Cisco
-CVE-1999-0999 (Microsoft SQL 7.0 server allows a remote attacker to cause a denial of ...)
+CVE-1999-0999
 	NOT-FOR-US: Microsoft
-CVE-1999-0998 (Cisco Cache Engine allows an attacker to replace content in the cache. ...)
+CVE-1999-0998
 	NOT-FOR-US: Cisco
-CVE-1999-0997 (wu-ftp with FTP conversion enabled allows an attacker to execute ...)
+CVE-1999-0997
 	{DSA-377}
 	- wu-ftpd 2.6.2-15
-CVE-1999-0996 (Buffer overflow in Infoseek Ultraseek search engine allows remote ...)
+CVE-1999-0996
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0995 (Windows NT Local Security Authority (LSA) allows remote attackers to ...)
+CVE-1999-0995
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0994 (Windows NT with SYSKEY reuses the keystream that is used for ...)
+CVE-1999-0994
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0992 (HP VirtualVault with the PHSS_17692 patch allows unprivileged ...)
+CVE-1999-0992
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0991 (Buffer overflow in GoodTech Telnet Server NT allows remote users to ...)
+CVE-1999-0991
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0989 (Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) ...)
+CVE-1999-0989
 	NOT-FOR-US: Microsoft
-CVE-1999-0987 (Windows NT does not properly download a system policy if the domain ...)
+CVE-1999-0987
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0986 (The ping command in Linux 2.0.3x allows local users to cause a denial ...)
+CVE-1999-0986
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0982 (The Sun Web-Based Enterprise Management (WBEM) installation script ...)
+CVE-1999-0982
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0981 (Internet Explorer 5.01 and earlier allows a remote attacker to create ...)
+CVE-1999-0981
 	NOT-FOR-US: Microsoft
-CVE-1999-0980 (Windows NT Service Control Manager (SCM) allows remote attackers to ...)
+CVE-1999-0980
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0979 (The SCO UnixWare privileged process system allows local users to gain ...)
+CVE-1999-0979
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0978 (htdig allows remote attackers to execute commands via filenames with ...)
+CVE-1999-0978
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0977 (Buffer overflow in Solaris sadmind allows remote attackers to gain ...)
+CVE-1999-0977
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0976 (Sendmail allows local users to reinitialize the aliases database via ...)
+CVE-1999-0976
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0975 (The Windows help system can allow a local user to execute commands as ...)
+CVE-1999-0975
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0974 (Buffer overflow in Solaris snoop allows remote attackers to gain root ...)
+CVE-1999-0974
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0973 (Buffer overflow in Solaris snoop program allows remote attackers to ...)
+CVE-1999-0973
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0972 (Buffer overflow in Xshipwars xsw program. ...)
+CVE-1999-0972
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0971 (Buffer overflow in Exim allows local users to gain root privileges via ...)
+CVE-1999-0971
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0969 (The Windows NT RPC service allows remote attackers to conduct a denial ...)
+CVE-1999-0969
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0968 (Buffer overflow in BNC IRC proxy allows remote attackers to gain ...)
+CVE-1999-0968
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0967 (Buffer overflow in the HTML library used by Internet Explorer, Outlook ...)
+CVE-1999-0967
 	NOT-FOR-US: Microsoft
-CVE-1999-0966 (Buffer overflow in Solaris getopt in libc allows local users to gain ...)
+CVE-1999-0966
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0965 (Race condition in xterm allows local users to modify arbitrary files ...)
+CVE-1999-0965
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0964 (Buffer overflow in FreeBSD setlocale in the libc module allows ...)
+CVE-1999-0964
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0963 (FreeBSD mount_union command allows local users to gain root privileges ...)
+CVE-1999-0963
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0962 (Buffer overflow in HPUX passwd command allows local users to gain root ...)
+CVE-1999-0962
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0961 (HPUX sysdiag allows local users to gain root privileges via a symlink ...)
+CVE-1999-0961
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0960 (IRIX cdplayer allows local users to create directories in arbitrary ...)
+CVE-1999-0960
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0959 (IRIX startmidi program allows local users to modify arbitrary files ...)
+CVE-1999-0959
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0958 (sudo 1.5.x allows local users to execute arbitrary commands via a ...)
+CVE-1999-0958
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0957 (MajorCool mj_key_cache program allows local users to modify files via ...)
+CVE-1999-0957
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0956 (The NeXT NetInfo _writers property allows local users to gain root ...)
+CVE-1999-0956
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0955 (Race condition in wu-ftpd and BSDI ftpd allows remote attackers to ...)
+CVE-1999-0955
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0954 (WWWBoard has a default username and default password. ...)
+CVE-1999-0954
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0953 (WWWBoard stores encrypted passwords in a password file that is ...)
+CVE-1999-0953
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0951 (Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote ...)
+CVE-1999-0951
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0950 (Buffer overflow in WFTPD FTP server allows remote attackers to gain ...)
+CVE-1999-0950
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0947 (AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, ...)
+CVE-1999-0947
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0946 (Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED ...)
+CVE-1999-0946
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0945 (Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange ...)
+CVE-1999-0945
 	NOT-FOR-US: Microsoft
-CVE-1999-0943 (Buffer overflow in OpenLink 3.2 allows remote attackers to gain ...)
+CVE-1999-0943
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0942 (UnixWare dos7utils allows a local user to gain root privileges by ...)
+CVE-1999-0942
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0940 (Buffer overflow in mutt mail client allows remote attackers to execute ...)
+CVE-1999-0940
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0939 (Denial of service in Debian IRC Epic/epic4 client via a long string. ...)
+CVE-1999-0939
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0938 (MBone SDR Package allows remote attackers to execute commands via ...)
+CVE-1999-0938
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0937 (BNBForm allows remote attackers to read arbitrary files via the ...)
+CVE-1999-0937
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0936 (BNBSurvey survey.cgi program allows remote attackers to execute ...)
+CVE-1999-0936
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0935 (classifieds.cgi allows remote attackers to execute arbitrary commands ...)
+CVE-1999-0935
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0934 (classifieds.cgi allows remote attackers to read arbitrary files via ...)
+CVE-1999-0934
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0933 (TeamTrack web server allows remote attackers to read arbitrary files ...)
+CVE-1999-0933
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0932 (Mediahouse Statistics Server allows remote attackers to read the ...)
+CVE-1999-0932
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0931 (Buffer overflow in Mediahouse Statistics Server allows remote ...)
+CVE-1999-0931
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0930 (wwwboard allows a remote attacker to delete message board articles via ...)
+CVE-1999-0930
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0928 (Buffer overflow in SmartDesk WebSuite allows remote attackers to cause ...)
+CVE-1999-0928
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0927 (NTMail allows remote attackers to read arbitrary files via a .. (dot ...)
+CVE-1999-0927
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0924 (The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to ...)
+CVE-1999-0924
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0922 (An example application in ColdFusion Server 4.0 allows remote ...)
+CVE-1999-0922
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0921 (BMC Patrol allows any remote attacker to flood its UDP port, causing a ...)
+CVE-1999-0921
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0920 (Buffer overflow in the pop-2d POP daemon in the IMAP package allows ...)
+CVE-1999-0920
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0918 (Denial of service in various Windows systems via malformed, fragmented ...)
+CVE-1999-0918
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0917 (The Preloader ActiveX control used by Internet Explorer allows remote ...)
+CVE-1999-0917
 	NOT-FOR-US: Microsoft
-CVE-1999-0916 (WebTrends software stores account names and passwords in a file which ...)
+CVE-1999-0916
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0915 (URL Live! web server allows remote attackers to read arbitrary files ...)
+CVE-1999-0915
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0914 (Buffer overflow in the FTP client in the Debian GNU/Linux netstd ...)
+CVE-1999-0914
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0912 (FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of ...)
+CVE-1999-0912
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0909 (Multihomed Windows systems allow a remote attacker to bypass IP ...)
+CVE-1999-0909
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0908 (Denial of service in Solaris TCP streams driver via a malicious ...)
+CVE-1999-0908
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0907 (sccw allows local users to read arbitrary files. ...)
+CVE-1999-0907
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0906 (Buffer overflow in sccw allows local users to gain root access via the ...)
+CVE-1999-0906
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0905 (Denial of service in Axent Raptor firewall via malformed zero-length ...)
+CVE-1999-0905
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0904 (Buffer overflow in BFTelnet allows remote attackers to cause a denial ...)
+CVE-1999-0904
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0903 (genfilt in the AIX Packet Filtering Module does not properly filter ...)
+CVE-1999-0903
 	NOT-FOR-US: AIX
-CVE-1999-0902 (ypserv allows local administrators to modify password tables. ...)
+CVE-1999-0902
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0901 (ypserv allows a local user to modify the GECOS and login shells ...)
+CVE-1999-0901
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0900 (Buffer overflow in rpc.yppasswdd allows a local user to gain ...)
+CVE-1999-0900
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0899 (The Windows NT 4.0 print spooler allows a local user to execute ...)
+CVE-1999-0899
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0898 (Buffer overflows in Windows NT 4.0 print spooler allow remote ...)
+CVE-1999-0898
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0897 (iChat ROOMS Webserver allows remote attackers to read arbitrary files ...)
+CVE-1999-0897
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0896 (Buffer overflow in RealNetworks RealServer administration utility ...)
+CVE-1999-0896
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0895 (Firewall-1 does not properly restrict access to LDAP attributes. ...)
+CVE-1999-0895
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0894 (Red Hat Linux screen program does not use Unix98 ptys, allowing ...)
+CVE-1999-0894
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0893 (userOsa in SCO OpenServer allows local users to corrupt files via a ...)
+CVE-1999-0893
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0892 (Buffer overflow in Netscape Communicator before 4.7 via a dynamic font ...)
+CVE-1999-0892
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0891 (The &quot;download behavior&quot; in Internet Explorer 5 allows remote attackers ...)
+CVE-1999-0891
 	NOT-FOR-US: Microsoft
-CVE-1999-0890 (iHTML Merchant allows remote attackers to obtain sensitive information ...)
+CVE-1999-0890
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0889 (Cisco 675 routers running CBOS allow remote attackers to establish ...)
+CVE-1999-0889
 	NOT-FOR-US: Cisco
-CVE-1999-0888 (dbsnmp in Oracle Intelligent Agent allows local users to gain ...)
+CVE-1999-0888
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0887 (FTGate web interface server allows remote attackers to read files via ...)
+CVE-1999-0887
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0886 (The security descriptor for RASMAN allows users to point to an ...)
+CVE-1999-0886
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0884 (The Zeus web server administrative interface uses weak encryption for ...)
+CVE-1999-0884
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0883 (Zeus web server allows remote attackers to read arbitrary files by ...)
+CVE-1999-0883
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0881 (Falcon web server allows remote attackers to read arbitrary files via ...)
+CVE-1999-0881
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0880 (Denial of service in WU-FTPD via the SITE NEWER command, which does ...)
+CVE-1999-0880
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0879 (Buffer overflow in WU-FTPD and related FTP servers allows remote ...)
+CVE-1999-0879
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0878 (Buffer overflow in WU-FTPD and related FTP servers allows remote ...)
+CVE-1999-0878
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0877 (Internet Explorer 5 allows remote attackers to read files via an ...)
+CVE-1999-0877
 	NOT-FOR-US: Microsoft
-CVE-1999-0876 (Buffer overflow in Internet Explorer 4.0 via EMBED tag. ...)
+CVE-1999-0876
 	NOT-FOR-US: Microsoft
-CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow ...)
+CVE-1999-0875
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a denial ...)
+CVE-1999-0874
 	NOT-FOR-US: Microsoft
-CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command. ...)
+CVE-1999-0873
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read files ...)
+CVE-1999-0871
 	NOT-FOR-US: Microsoft
-CVE-1999-0870 (Internet Explorer 4.01 allows remote attackers to read arbitrary files ...)
+CVE-1999-0870
 	NOT-FOR-US: Microsoft
-CVE-1999-0869 (Internet Explorer 3.x to 4.01 allows a remote attacker to insert ...)
+CVE-1999-0869
 	NOT-FOR-US: Microsoft
-CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell ...)
+CVE-1999-0868
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with ...)
+CVE-1999-0867
 	NOT-FOR-US: Microsoft
-CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to gain ...)
+CVE-1999-0866
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP ...)
+CVE-1999-0865
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0864 (UnixWare programs that dump core allow a local user to ...)
+CVE-1999-0864
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers may ...)
+CVE-1999-0861
 	NOT-FOR-US: Microsoft
-CVE-1999-0859 (Solaris arp allows local users to read files via the -f parameter, ...)
+CVE-1999-0859
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE client's ...)
+CVE-1999-0858
 	NOT-FOR-US: Microsoft
-CVE-1999-0856 (login in Slackware 7.0 allows remote attackers to identify valid users ...)
+CVE-1999-0856
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0854 (Ultimate Bulletin Board stores data files in the cgi-bin directory, ...)
+CVE-1999-0854
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0853 (Buffer overflow in Netscape Enterprise Server and Netscape ...)
+CVE-1999-0853
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0851 (Denial of service in BIND named via naptr. ...)
+CVE-1999-0851
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0849 (Denial of service in BIND named via maxdname. ...)
+CVE-1999-0849
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0848 (Denial of service in BIND named via consuming more than &quot;fdmax&quot; file ...)
+CVE-1999-0848
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0847 (Buffer overflow in free internet chess server (FICS) program, xboard. ...)
+CVE-1999-0847
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0842 (Symantec Mail-Gear 1.0 web interface server allows remote users to ...)
+CVE-1999-0842
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0839 (Windows NT Task Scheduler installed with Internet Explorer 5 allows a ...)
+CVE-1999-0839
 	NOT-FOR-US: Microsoft
-CVE-1999-0838 (Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a ...)
+CVE-1999-0838
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0837 (Denial of service in BIND by improperly closing TCP sessions via ...)
+CVE-1999-0837
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0836 (UnixWare uidadmin allows local users to modify arbitrary files via ...)
+CVE-1999-0836
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0835 (Denial of service in BIND named via malformed SIG records. ...)
+CVE-1999-0835
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0834 (Buffer overflow in RSAREF2 via the encryption and decryption functions ...)
+CVE-1999-0834
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0833 (Buffer overflow in BIND 8.2 via NXT records. ...)
+CVE-1999-0833
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0832 (Buffer overflow in NFS server on Linux allows attackers to execute ...)
+CVE-1999-0832
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0831 (Denial of service in Linux syslogd via a large number of connections. ...)
+CVE-1999-0831
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0826 (Buffer overflow in FreeBSD angband allows local users to gain ...)
+CVE-1999-0826
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0824 (A Windows NT user can use SUBST to map a drive letter to a folder, ...)
+CVE-1999-0824
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0823 (Buffer overflow in FreeBSD xmindpath allows local users to gain ...)
+CVE-1999-0823
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0820 (FreeBSD seyon allows users to gain privileges via a modified PATH ...)
+CVE-1999-0820
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0819 (NTMail does not disable the VRFY command, even if the administrator ...)
+CVE-1999-0819
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0817 (Lynx WWW client allows a remote attacker to specify command-line ...)
+CVE-1999-0817
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0815 (Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote ...)
+CVE-1999-0815
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0814 (Red Hat pump DHCP client allows remote attackers to gain root access ...)
+CVE-1999-0814
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0813 (Cfingerd with ALLOW_EXECUTION enabled does not properly drop ...)
+CVE-1999-0813
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0812 (Race condition in Samba smbmnt allows local users to mount file ...)
+CVE-1999-0812
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0811 (Buffer overflow in Samba smbd program via a malformed message ...)
+CVE-1999-0811
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0810 (Denial of service in Samba NETBIOS name service daemon (nmbd). ...)
+CVE-1999-0810
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0809 (Netscape Communicator 4.x with Javascript enabled does not warn a user ...)
+CVE-1999-0809
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0807 (The Netscape Directory Server installation procedure leaves sensitive ...)
+CVE-1999-0807
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0806 (Buffer overflow in Solaris dtprintinfo program. ...)
+CVE-1999-0806
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0804 (Denial of service in Linux 2.2.x kernels via malformed ICMP packets ...)
+CVE-1999-0804
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0803 (The fwluser script in AIX eNetwork Firewall allows local users to ...)
+CVE-1999-0803
 	NOT-FOR-US: AIX
-CVE-1999-0802 (Buffer overflow in Internet Explorer 5 allows remote attackers to ...)
+CVE-1999-0802
 	NOT-FOR-US: Microsoft
-CVE-1999-0801 (BMC Patrol allows remote attackers to gain access to an agent by ...)
+CVE-1999-0801
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0800 (The GetFile.cfm file in Allaire Forums allows remote attackers to read ...)
+CVE-1999-0800
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0799 (Buffer overflow in bootpd 2.4.3 and earlier via a long boot file ...)
+CVE-1999-0799
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0797 (NIS finger allows an attacker to conduct a denial of service via a ...)
+CVE-1999-0797
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0796 (FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing ...)
+CVE-1999-0796
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0794 (Microsoft Excel does not warn a user when a macro is present in a ...)
+CVE-1999-0794
 	NOT-FOR-US: Microsoft
-CVE-1999-0793 (Internet Explorer allows remote attackers to read files by redirecting ...)
+CVE-1999-0793
 	NOT-FOR-US: Microsoft
-CVE-1999-0791 (Hybrid Network cable modems do not include an authentication mechanism ...)
+CVE-1999-0791
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0790 (A remote attacker can read information from a Netscape user's cache ...)
+CVE-1999-0790
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0789 (Buffer overflow in AIX ftpd in the libc library. ...)
+CVE-1999-0789
 	NOT-FOR-US: AIX
-CVE-1999-0788 (Arkiea nlservd allows remote attackers to conduct a denial of service. ...)
+CVE-1999-0788
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0787 (The SSH authentication agent follows symlinks via a UNIX domain ...)
+CVE-1999-0787
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0786 (The dynamic linker in Solaris allows a local user to create arbitrary ...)
+CVE-1999-0786
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0785 (The INN inndstart program allows local users to gain root privileges ...)
+CVE-1999-0785
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0783 (FreeBSD allows local users to conduct a denial of service by creating ...)
+CVE-1999-0783
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0782 (KDE kppp allows local users to create a directory in an arbitrary ...)
+CVE-1999-0782
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0781 (KDE allows local users to execute arbitrary commands by setting the ...)
+CVE-1999-0781
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0780 (KDE klock allows local users to kill arbitrary processes by specifying ...)
+CVE-1999-0780
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0779 (Denial of service in HP-UX SharedX recserv program. ...)
+CVE-1999-0779
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local ...)
+CVE-1999-0778
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete files on ...)
+CVE-1999-0777
 	NOT-FOR-US: Microsoft
-CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers to ...)
+CVE-1999-0775
 	NOT-FOR-US: Cisco
-CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via ...)
+CVE-1999-0774
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0773 (Buffer overflow in Solaris lpset program allows local users to gain ...)
+CVE-1999-0773
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0772 (Denial of service in Compaq Management Agents and the Compaq Survey ...)
+CVE-1999-0772
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0771 (The web components of Compaq Management Agents and the Compaq Survey ...)
+CVE-1999-0771
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0770 (Firewall-1 sets a long timeout for connections that begin with ACK or ...)
+CVE-1999-0770
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0769 (Vixie Cron on Linux systems allows local users to set parameters of ...)
+CVE-1999-0769
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0768 (Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO ...)
+CVE-1999-0768
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0766 (The Microsoft Java Virtual Machine allows a malicious Java applet to ...)
+CVE-1999-0766
 	NOT-FOR-US: Microsoft
-CVE-1999-0765 (SGI IRIX midikeys program allows local users to modify arbitrary files ...)
+CVE-1999-0765
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0764 (NetBSD allows ARP packets to overwrite static ARP entries. ...)
+CVE-1999-0764
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0763 (NetBSD on a multi-homed host allows ARP packets on one network to ...)
+CVE-1999-0763
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0762 (When Javascript is embedded within the TITLE tag, Netscape ...)
+CVE-1999-0762
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0761 (Buffer overflow in FreeBSD fts library routines allows local user to ...)
+CVE-1999-0761
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0760 (Undocumented ColdFusion Markup Language (CFML) tags and functions in ...)
+CVE-1999-0760
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0759 (Buffer overflow in FuseMAIL POP service via long USER and PASS ...)
+CVE-1999-0759
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0758 (Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote ...)
+CVE-1999-0758
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0756 (ColdFusion Administrator with Advanced Security enabled allows remote ...)
+CVE-1999-0756
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0755 (Windows NT RRAS and RAS clients cache a user's password even if the ...)
+CVE-1999-0755
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0754 (The INN inndstart program allows local users to gain privileges by ...)
+CVE-1999-0754
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0753 (The w3-msql CGI script provided with Mini SQL allows remote attackers ...)
+CVE-1999-0753
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0752 (Denial of service in Netscape Enterprise Server via a buffer overflow ...)
+CVE-1999-0752
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0751 (Buffer overflow in Accept command in Netscape Enterprise Server 3.6 ...)
+CVE-1999-0751
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0749 (Buffer overflow in Microsoft Telnet client in Windows 95 and Windows ...)
+CVE-1999-0749
 	NOT-FOR-US: Microsoft
-CVE-1999-0747 (Denial of service in BSDi Symmetric Multiprocessing (SMP) when an ...)
+CVE-1999-0747
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0746 (A default configuration of in.identd in SuSE Linux waits 120 seconds ...)
+CVE-1999-0746
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0745 (Buffer overflow in Source Code Browser Program Database Name Server ...)
+CVE-1999-0745
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0744 (Buffer overflow in Netscape Enterprise Server and FastTrask Server ...)
+CVE-1999-0744
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0743 (Trn allows local users to overwrite other users' files via symlinks. ...)
+CVE-1999-0743
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0742 (The Debian mailman package uses weak authentication, which allows ...)
+CVE-1999-0742
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0740 (Remote attackers can cause a denial of service on Linux in.telnetd ...)
+CVE-1999-0740
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0735 (KDE K-Mail allows local users to gain privileges via a symlink attack ...)
+CVE-1999-0735
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0734 (A default configuration of CiscoSecure Access Control Server (ACS) ...)
+CVE-1999-0734
 	NOT-FOR-US: Cisco
-CVE-1999-0733 (Buffer overflow in VMWare 1.0.1 for Linux via a long HOME ...)
+CVE-1999-0733
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0732 (The logging facility of the Debian smtp-refuser package allows local ...)
+CVE-1999-0732
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0731 (The KDE klock program allows local users to unlock a session using ...)
+CVE-1999-0731
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0730 (The zsoelim program in the Debian man-db package allows local users to ...)
+CVE-1999-0730
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0729 (Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to ...)
+CVE-1999-0729
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0728 (A Windows NT user can disable the keyboard or mouse by directly ...)
+CVE-1999-0728
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0727 (A kernel leak in the OpenBSD kernel allows IPsec packets to be sent ...)
+CVE-1999-0727
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by executing ...)
+CVE-1999-0726
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or ...)
+CVE-1999-0725
 	NOT-FOR-US: Microsoft
-CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via ...)
+CVE-1999-0724
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be ...)
+CVE-1999-0723
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0722 (The default configuration of Cobalt RaQ2 servers allows remote ...)
+CVE-1999-0722
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0721 (Denial of service in Windows NT Local Security Authority (LSA) through ...)
+CVE-1999-0721
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0720 (The pt_chown command in Linux allows local users to modify TTY ...)
+CVE-1999-0720
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0719 (The Guile plugin for the Gnumeric spreadsheet package allows attackers ...)
+CVE-1999-0719
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0718 (IBM GINA, when used for OS/2 domain authentication of Windows NT ...)
+CVE-1999-0718
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0717 (A remote attacker can disable the virus warning mechanism in Microsoft ...)
+CVE-1999-0717
 	NOT-FOR-US: Microsoft
-CVE-1999-0716 (Buffer overflow in Windows NT 4.0 help file utility via a malformed ...)
+CVE-1999-0716
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0715 (Buffer overflow in Remote Access Service (RAS) client allows an ...)
+CVE-1999-0715
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0714 (Vulnerability in Compaq Tru64 UNIX edauth command. ...)
+CVE-1999-0714
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0713 (The dtlogin program in Compaq Tru64 UNIX allows local users to gain ...)
+CVE-1999-0713
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0711 (The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix ...)
+CVE-1999-0711
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0710 (The Squid package in Red Hat Linux 5.2 and 6.0, and other ...)
+CVE-1999-0710
 	{DSA-576-1}
 	- squid 2.5.7-1
-CVE-1999-0708 (Buffer overflow in cfingerd allows local users to gain root privileges ...)
+CVE-1999-0708
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0707 (The default FTP configuration in HP Visualize Conference allows ...)
+CVE-1999-0707
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0706 (Linux xmonisdn package allows local users to gain root privileges by ...)
+CVE-1999-0706
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0705 (Buffer overflow in INN inews program. ...)
+CVE-1999-0705
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0704 (Buffer overflow in Berkeley automounter daemon (amd) logging facility ...)
+CVE-1999-0704
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0703 (OpenBSD, BSDI, and other Unix operating systems allow users to set ...)
+CVE-1999-0703
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0702 (Internet Explorer 5.0 and 5.01 allows remote attackers to modify or ...)
+CVE-1999-0702
 	NOT-FOR-US: Microsoft
-CVE-1999-0701 (After an unattended installation of Windows NT 4.0, an installation ...)
+CVE-1999-0701
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0700 (Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed ...)
+CVE-1999-0700
 	NOT-FOR-US: Microsoft
-CVE-1999-0699 (The Bluestone Sapphire web server allows session hijacking via easily ...)
+CVE-1999-0699
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0697 (SCO Doctor allows local users to gain root privileges through a Tools ...)
+CVE-1999-0697
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0696 (Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). ...)
+CVE-1999-0696
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0695 (The Sybase PowerDynamo personal web server allows attackers to ...)
+CVE-1999-0695
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0694 (Denial of service in AIX ptrace system call allows local users to ...)
+CVE-1999-0694
 	NOT-FOR-US: AIX
-CVE-1999-0693 (Buffer overflow in TT_SESSION environment variable in ToolTalk shared ...)
+CVE-1999-0693
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0692 (The default configuration of the Array Services daemon (arrayd) ...)
+CVE-1999-0692
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0691 (Buffer overflow in the AddSuLog function of the CDE dtaction utility ...)
+CVE-1999-0691
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0690 (HP CDE program includes the current directory in root's PATH variable. ...)
+CVE-1999-0690
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0689 (The CDE dtspcd daemon allows local users to execute arbitrary commands ...)
+CVE-1999-0689
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0688 (Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x. ...)
+CVE-1999-0688
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0687 (The ToolTalk ttsession daemon uses weak RPC authentication, which ...)
+CVE-1999-0687
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0686 (Denial of service in Netscape Enterprise Server (NES) in HP Virtual ...)
+CVE-1999-0686
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0685 (Buffer overflow in Netscape Communicator via EMBED tags in the ...)
+CVE-1999-0685
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0683 (Denial of service in Gauntlet Firewall via a malformed ICMP packet. ...)
+CVE-1999-0683
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0682 (Microsoft Exchange 5.5 allows a remote attacker to relay email ...)
+CVE-1999-0682
 	NOT-FOR-US: Microsoft
-CVE-1999-0681 (Buffer overflow in Microsoft FrontPage Server Extensions (PWS) ...)
+CVE-1999-0681
 	NOT-FOR-US: Microsoft
-CVE-1999-0680 (Windows NT Terminal Server performs extra work when a client opens a ...)
+CVE-1999-0680
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0679 (Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows ...)
+CVE-1999-0679
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0678 (A default configuration of Apache on Debian GNU/Linux sets the ...)
+CVE-1999-0678
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0676 (sdtcm_convert in Solaris 2.6 allows a local user to overwrite ...)
+CVE-1999-0676
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0675 (Check Point FireWall-1 can be subjected to a denial of service via UDP ...)
+CVE-1999-0675
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0674 (The BSD profil system call allows a local user to modify the internal ...)
+CVE-1999-0674
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0672 (Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. ...)
+CVE-1999-0672
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0671 (Buffer overflow in ToxSoft NextFTP client through CWD command. ...)
+CVE-1999-0671
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0668 (The scriptlet.typelib ActiveX control is marked as &quot;safe for ...)
+CVE-1999-0668
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0628 (The rwho/rwhod service is running, which exposes machine status ...)
+CVE-1999-0628
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0627 (The rexd service is running, which uses weak authentication that can ...)
+CVE-1999-0627
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0626 (A version of rusers is running that exposes valid user information ...)
+CVE-1999-0626
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0612 (A version of finger is running that exposes valid user information ...)
+CVE-1999-0612
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0608 (An incorrect configuration of the PDG Shopping Cart CGI program ...)
+CVE-1999-0608
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0566 (An attacker can write to syslog files from any location, causing a ...)
+CVE-1999-0566
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0551 (HP OpenMail can be misconfigured to allow users to run arbitrary ...)
+CVE-1999-0551
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0526 (An X server's access control is disabled (e.g. through an &quot;xhost +&quot; ...)
+CVE-1999-0526
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0514 (UDP messages to broadcast addresses are allowed, allowing for a ...)
+CVE-1999-0514
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0513 (ICMP messages to broadcast addresses are allowed, allowing for a ...)
+CVE-1999-0513
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0496 (A Windows NT 4.0 user can gain administrative rights by forcing ...)
+CVE-1999-0496
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0494 (Denial of service in WinGate proxy through a buffer overflow in ...)
+CVE-1999-0494
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0493 (rpc.statd allows remote attackers to forward RPC calls to the local ...)
+CVE-1999-0493
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0491 (The prompt parsing in bash allows a local user to execute commands as ...)
+CVE-1999-0491
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0487 (The DHTML Edit ActiveX control in Internet Explorer allows remote ...)
+CVE-1999-0487
 	NOT-FOR-US: Microsoft
-CVE-1999-0485 (Remote attackers can cause a system crash through ipintr() in ipq in ...)
+CVE-1999-0485
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0484 (Buffer overflow in OpenBSD ping. ...)
+CVE-1999-0484
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0483 (OpenBSD crash using nlink value in FFS and EXT2FS filesystems. ...)
+CVE-1999-0483
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0482 (OpenBSD kernel crash through TSS handling, as caused by the crashme ...)
+CVE-1999-0482
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0481 (Denial of service in &quot;poll&quot; in OpenBSD. ...)
+CVE-1999-0481
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0479 (Denial of service Netscape Enterprise Server with VirtualVault on ...)
+CVE-1999-0479
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0478 (Denial of service in HP-UX sendmail 8.8.6 related to accepting ...)
+CVE-1999-0478
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0475 (A race condition in how procmail handles .procmailrc files allows ...)
+CVE-1999-0475
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0474 (The ICQ Webserver allows remote attackers to use .. to access ...)
+CVE-1999-0474
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0473 (The rsync command before rsync 2.3.1 may inadvertently change the ...)
+CVE-1999-0473
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0472 (The SNMP default community name &quot;public&quot; is not properly removed in ...)
+CVE-1999-0472
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0471 (The remote proxy server in Winroute allows a remote attacker to ...)
+CVE-1999-0471
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0470 (A weak encryption algorithm is used for passwords in Novell ...)
+CVE-1999-0470
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0468 (Internet Explorer 5.0 allows a remote server to read arbitrary files ...)
+CVE-1999-0468
 	NOT-FOR-US: Microsoft
-CVE-1999-0466 (The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier ...)
+CVE-1999-0466
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0464 (Local users can perform a denial of service in Tripwire 1.2 and ...)
+CVE-1999-0464
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0463 (Remote attackers can perform a denial of service using IRIX fcagent. ...)
+CVE-1999-0463
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0458 (L0phtcrack 2.5 used temporary files in the system TEMP directory which ...)
+CVE-1999-0458
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0457 (Linux ftpwatch program allows local users to gain root privileges. ...)
+CVE-1999-0457
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0449 (The ExAir sample site in IIS 4 allows remote attackers to cause a ...)
+CVE-1999-0449
 	NOT-FOR-US: Microsoft
-CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how long ...)
+CVE-1999-0448
 	NOT-FOR-US: Microsoft
-CVE-1999-0447 (Local users can gain privileges using the debug utility in the MPE/iX ...)
+CVE-1999-0447
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and ...)
+CVE-1999-0446
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0445 (In Cisco routers under some versions of IOS 12.0 running NAT, some ...)
+CVE-1999-0445
 	NOT-FOR-US: Cisco
-CVE-1999-0442 (Solaris ff.core allows local users to modify files. ...)
+CVE-1999-0442
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0441 (Remote attackers can perform a denial of service in WinGate machines ...)
+CVE-1999-0441
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0440 (The byte code verifier component of the Java Virtual Machine (JVM) ...)
+CVE-1999-0440
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0439 (Buffer overflow in procmail before version 3.12 allows remote or local ...)
+CVE-1999-0439
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0438 (Remote attackers can perform a denial of service in WebRamp systems by ...)
+CVE-1999-0438
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0437 (Remote attackers can perform a denial of service in WebRamp systems by ...)
+CVE-1999-0437
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0436 (Domain Enterprise Server Management System (DESMS) in HP-UX allows ...)
+CVE-1999-0436
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0433 (XFree86 startx command is vulnerable to a symlink attack, allowing local ...)
+CVE-1999-0433
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0432 (ftp on HP-UX 11.00 allows local users to gain privileges. ...)
+CVE-1999-0432
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0430 (Cisco Catalyst LAN switches running Catalyst 5000 supervisor software ...)
+CVE-1999-0430
 	NOT-FOR-US: Cisco
-CVE-1999-0429 (The Lotus Notes 4.5 client may send a copy of encrypted mail in the ...)
+CVE-1999-0429
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0428 (OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and ...)
+CVE-1999-0428
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0425 (talkback in Netscape 4.5 allows a local user to kill an arbitrary ...)
+CVE-1999-0425
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0424 (talkback in Netscape 4.5 allows a local user to overwrite ...)
+CVE-1999-0424
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0423 (Vulnerability in hpterm on HP-UX 10.20 allows local users to gain ...)
+CVE-1999-0423
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0422 (In some cases, NetBSD 1.3.3 mount allows local users to execute ...)
+CVE-1999-0422
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0421 (During a reboot after an installation of Linux Slackware 3.6, a remote ...)
+CVE-1999-0421
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0420 (umapfs allows local users to gain root privileges by changing their ...)
+CVE-1999-0420
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0417 (64 bit Solaris 7 procfs allows local users to perform a denial of ...)
+CVE-1999-0417
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0416 (Vulnerability in Cisco 7xx series routers allows a remote attacker to ...)
+CVE-1999-0416
 	NOT-FOR-US: Cisco
-CVE-1999-0415 (The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled ...)
+CVE-1999-0415
 	NOT-FOR-US: Cisco
-CVE-1999-0414 (In Linux before version 2.0.36, remote attackers can spoof a TCP ...)
+CVE-1999-0414
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain root ...)
+CVE-1999-0413
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as ...)
+CVE-1999-0412
 	NOT-FOR-US: Microsoft
-CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow that ...)
+CVE-1999-0410
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local users to ...)
+CVE-1999-0409
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ ...)
+CVE-1999-0408
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which contains ...)
+CVE-1999-0407
 	NOT-FOR-US: Microsoft
-CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root ...)
+CVE-1999-0405
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems allows ...)
+CVE-1999-0404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0403 (A bug in Cyrix CPUs on Linux allows local users to perform a denial ...)
+CVE-1999-0403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0402 (wget 1.5.3 follows symlinks to change permissions of the target file ...)
+CVE-1999-0402
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0396 (A race condition between the select() and accept() calls in NetBSD TCP ...)
+CVE-1999-0396
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0395 (A race condition in the BackWeb Polite Agent Protocol allows an ...)
+CVE-1999-0395
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0393 (Remote attackers can cause a denial of service in Sendmail 8.8.x and ...)
+CVE-1999-0393
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0392 (Buffer overflow in Thomas Boutell's cgic library version up to 1.05. ...)
+CVE-1999-0392
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0391 (The cryptographic challenge of SMB authentication in Windows 95 and ...)
+CVE-1999-0391
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0390 (Buffer overflow in Dosemu Slang library in Linux. ...)
+CVE-1999-0390
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0388 (DataLynx suGuard trusts the PATH environment variable to execute the ...)
+CVE-1999-0388
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0387 (A legacy credential caching mechanism used in Windows 95 and Windows ...)
+CVE-1999-0387
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0386 (Microsoft Personal Web Server and FrontPage Personal Web Server in ...)
+CVE-1999-0386
 	NOT-FOR-US: Microsoft
-CVE-1999-0385 (The LDAP bind function in Exchange 5.5 has a buffer overflow that ...)
+CVE-1999-0385
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0384 (The Forms 2.0 ActiveX control (included with Visual Basic for ...)
+CVE-1999-0384
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0383 (ACC Tigris allows public access without a login. ...)
+CVE-1999-0383
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0382 (The screen saver in Windows NT does not verify that its security ...)
+CVE-1999-0382
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0380 (SLMail 3.1 and 3.2 allows local users to access any file in the NTFS ...)
+CVE-1999-0380
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0379 (Microsoft Taskpads allows remote web sites to execute commands on the ...)
+CVE-1999-0379
 	NOT-FOR-US: Microsoft
-CVE-1999-0378 (InterScan VirusWall for Solaris doesn't scan files for viruses when ...)
+CVE-1999-0378
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0377 (Process table attack in Unix systems allows a remote attacker to ...)
+CVE-1999-0377
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0376 (Local users in Windows NT can obtain administrator privileges by ...)
+CVE-1999-0376
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0375 (Buffer overflow in webd in Network Flight Recorder (NFR) ...)
+CVE-1999-0375
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0374 (Debian GNU/Linux cfengine package is susceptible to a symlink attack. ...)
+CVE-1999-0374
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0373 (Buffer overflow in the &quot;Super&quot; utility in Debian GNU/Linux, and other ...)
+CVE-1999-0373
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0372 (The installer for BackOffice Server includes account names and ...)
+CVE-1999-0372
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0371 (Lynx allows a local user to overwrite sensitive files through /tmp ...)
+CVE-1999-0371
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0369 (The Sun sdtcm_convert calendar utility for OpenWindows has a buffer ...)
+CVE-1999-0369
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0368 (Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to ...)
+CVE-1999-0368
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0367 (NetBSD netstat command allows local users to access kernel memory. ...)
+CVE-1999-0367
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0366 (In some cases, Service Pack 4 for Windows NT 4.0 can allow access to ...)
+CVE-1999-0366
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0365 (The metamail package allows remote command execution using shell ...)
+CVE-1999-0365
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0363 (SuSE 5.2 PLP lpc program has a buffer overflow that leads to root ...)
+CVE-1999-0363
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0362 (WS_FTP server remote denial of service through cwd command. ...)
+CVE-1999-0362
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0358 (Digital Unix 4.0 has a buffer overflow in the inc program of the mh ...)
+CVE-1999-0358
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0357 (Windows 98 and other operating systems allows remote attackers to ...)
+CVE-1999-0357
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0355 (Local or remote users can force ControlIT 4.5 to reboot or force a ...)
+CVE-1999-0355
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0353 (rpc.pcnfsd in HP gives remote root access by changing the permissions ...)
+CVE-1999-0353
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0351 (FTP PASV &quot;Pizza Thief&quot; denial of service and unauthorized data ...)
+CVE-1999-0351
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local ...)
+CVE-1999-0350
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows remote ...)
+CVE-1999-0349
 	NOT-FOR-US: Microsoft
-CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two ...)
+CVE-1999-0348
 	NOT-FOR-US: Microsoft
-CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the target ...)
+CVE-1999-0346
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0344 (NT users can gain debug-level access on a system process using the ...)
+CVE-1999-0344
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0343 (A malicious Palace server can force a client to execute arbitrary ...)
+CVE-1999-0343
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0342 (Linux PAM modules allow local users to gain root access using ...)
+CVE-1999-0342
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0341 (Buffer overflow in the Linux mail program &quot;deliver&quot; allows local users ...)
+CVE-1999-0341
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0340 (Buffer overflow in Linux Slackware crond program allows local users ...)
+CVE-1999-0340
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0339 (Buffer overflow in the libauth library in Solaris allows local users ...)
+CVE-1999-0339
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0338 (AIX Licensed Program Product performance tools allow local users to ...)
+CVE-1999-0338
 	NOT-FOR-US: AIX
-CVE-1999-0337 (AIX batch queue (bsh) allows local and remote users to gain additional ...)
+CVE-1999-0337
 	NOT-FOR-US: AIX
-CVE-1999-0335 (DEPRECATED.  This entry has been deprecated.  It is a duplicate of ...)
+CVE-1999-0335
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0334 (In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local ...)
+CVE-1999-0334
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0332 (Buffer overflow in NetMeeting allows denial of service and remote ...)
+CVE-1999-0332
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0329 (SGI mediad program allows local users to gain root access. ...)
+CVE-1999-0329
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0328 (SGI permissions program allows local users to gain root privileges. ...)
+CVE-1999-0328
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0327 (SGI syserr program allows local users to corrupt files. ...)
+CVE-1999-0327
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0326 (Vulnerability in HP-UX mediainit program. ...)
+CVE-1999-0326
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0325 (vhe_u_mnt program in HP-UX allows local users to create root files through ...)
+CVE-1999-0325
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0324 (ppl program in HP-UX allows local users to create root files through ...)
+CVE-1999-0324
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0323 (FreeBSD mmap function allows users to modify append-only or immutable ...)
+CVE-1999-0323
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0322 (The open() function in FreeBSD allows local attackers to write ...)
+CVE-1999-0322
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0321 (Buffer overflow in Solaris kcms_configure command allows local users ...)
+CVE-1999-0321
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0320 (SunOS rpc.cmsd allows attackers to obtain root access by overwriting ...)
+CVE-1999-0320
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0318 (Buffer overflow in xmcd 2.0p12 allows local users to gain access ...)
+CVE-1999-0318
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0316 (Buffer overflow in Linux splitvt command gives root access to local ...)
+CVE-1999-0316
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0315 (Buffer overflow in Solaris fdformat command gives root access to local ...)
+CVE-1999-0315
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0314 (ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to ...)
+CVE-1999-0314
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0313 (disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local ...)
+CVE-1999-0313
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0312 (HP ypbind allows attackers with root privileges to modify NIS data. ...)
+CVE-1999-0312
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0311 (fpkg2swpk in HP-UX allows local users to gain root access. ...)
+CVE-1999-0311
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0310 (SSH 1.2.25 on HP-UX allows access to new user accounts. ...)
+CVE-1999-0310
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0309 (HP-UX vgdisplay program gives root access to local users. ...)
+CVE-1999-0309
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0308 (HP-UX gwind program allows users to modify arbitrary files. ...)
+CVE-1999-0308
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0305 (The system configuration control (sysctl) facility in BSD based ...)
+CVE-1999-0305
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0304 (mmap function in BSD allows local attackers in the kmem group to ...)
+CVE-1999-0304
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0303 (Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. ...)
+CVE-1999-0303
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0302 (SunOS/Solaris FTP clients can be forced to execute arbitrary commands ...)
+CVE-1999-0302
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0301 (Buffer overflow in SunOS/Solaris ps command. ...)
+CVE-1999-0301
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0300 (nis_cachemgr for Solaris NIS+ allows attackers to add malicious ...)
+CVE-1999-0300
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0299 (Buffer overflow in FreeBSD lpd through long DNS hostnames. ...)
+CVE-1999-0299
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0297 (Buffer overflow in Vixie Cron library up to version 3.0 allows local ...)
+CVE-1999-0297
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0296 (Solaris volrmmount program allows attackers to read any file. ...)
+CVE-1999-0296
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0295 (Solaris sysdef command allows local users to read kernel memory, ...)
+CVE-1999-0295
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0294 (All records in a WINS database can be deleted through SNMP for ...)
+CVE-1999-0294
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0293 (AAA authentication on Cisco systems allows attackers to execute ...)
+CVE-1999-0293
 	NOT-FOR-US: Cisco
-CVE-1999-0292 (Denial of service through Winpopup using large user names. ...)
+CVE-1999-0292
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0291 (The WinGate proxy is installed without a password, which allows ...)
+CVE-1999-0291
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0290 (The WinGate telnet proxy allows remote attackers to cause a denial of ...)
+CVE-1999-0290
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0289 (The Apache web server for Win32 may provide access to restricted ...)
+CVE-1999-0289
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0288 (The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote ...)
+CVE-1999-0288
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0281 (Denial of service in IIS using long URLs. ...)
+CVE-1999-0281
 	NOT-FOR-US: Microsoft
-CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using .lnk and ...)
+CVE-1999-0280
 	NOT-FOR-US: Microsoft
-CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via ...)
+CVE-1999-0279
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by appending ...)
+CVE-1999-0278
 	NOT-FOR-US: Microsoft
-CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get root access. ...)
+CVE-1999-0277
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer overflow. ...)
+CVE-1999-0276
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0275 (Denial of service in Windows NT DNS servers by flooding port 53 with ...)
+CVE-1999-0275
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0274 (Denial of service in Windows NT DNS servers through malicious packet ...)
+CVE-1999-0274
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0273 (Denial of service through Solaris 2.5.1 telnet by sending ^D characters. ...)
+CVE-1999-0273
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0272 (Denial of service in Slmail v2.5 through the POP3 port. ...)
+CVE-1999-0272
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0270 (Directory traversal vulnerability in pfdispaly.cgi program (sometimes ...)
+CVE-1999-0270
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0269 (Netscape Enterprise servers may list files through the PageServices query. ...)
+CVE-1999-0269
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0268 (MetaInfo MetaWeb web server allows users to upload, execute, and read ...)
+CVE-1999-0268
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0267 (Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution. ...)
+CVE-1999-0267
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0266 (The info2www CGI script allows remote file access or remote ...)
+CVE-1999-0266
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0265 (ICMP redirect messages may crash or lock up a host. ...)
+CVE-1999-0265
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0264 (htmlscript CGI program allows remote read access to files. ...)
+CVE-1999-0264
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0263 (Solaris SUNWadmap can be exploited to obtain root access. ...)
+CVE-1999-0263
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0262 (Hylafax faxsurvey CGI script on Linux allows remote attackers to ...)
+CVE-1999-0262
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0260 (The jj CGI program allows command execution via shell metacharacters. ...)
+CVE-1999-0260
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0259 (cfingerd lists all users on a system via search.**@target. ...)
+CVE-1999-0259
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0256 (Buffer overflow in War FTP allows remote execution of commands. ...)
+CVE-1999-0256
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0252 (Buffer overflow in listserv allows arbitrary command execution. ...)
+CVE-1999-0252
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0251 (Denial of service in talk program allows remote attackers to ...)
+CVE-1999-0251
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0248 (A race condition in the authentication agent mechanism of sshd 1.2.17 ...)
+CVE-1999-0248
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0247 (Buffer overflow in nnrpd program in INN up to version 1.6 allows ...)
+CVE-1999-0247
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0245 (Some configurations of NIS+ in Linux allowed attackers ...)
+CVE-1999-0245
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0244 (Livingston RADIUS code has a buffer overflow which can allow remote ...)
+CVE-1999-0244
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0239 (Netscape FastTrack Web server lists files when a lowercase &quot;get&quot; ...)
+CVE-1999-0239
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0237 (Remote execution of arbitrary commands through Guestbook CGI program. ...)
+CVE-1999-0237
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0236 (ScriptAlias directory in NCSA and Apache httpd allowed attackers to ...)
+CVE-1999-0236
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0234 (Bash treats any character with a value of 255 as a command separator. ...)
+CVE-1999-0234
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0233 (IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd ...)
+CVE-1999-0233
 	NOT-FOR-US: Microsoft
-CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service. ...)
+CVE-1999-0230
 	NOT-FOR-US: Cisco
-CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. ...)
+CVE-1999-0228
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0227 (Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT ...)
+CVE-1999-0227
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0225 (Windows NT 4.0 allows remote attackers to cause a denial of service ...)
+CVE-1999-0225
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0224 (Denial of service in Windows NT messenger service through a long ...)
+CVE-1999-0224
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0223 (Solaris syslogd crashes when receiving a message from a host that ...)
+CVE-1999-0223
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0221 (Denial of service of Ascend routers through port 150 (remote ...)
+CVE-1999-0221
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0219 (Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to ...)
+CVE-1999-0219
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0218 (Livingston portmaster machines could be rebooted via a series ...)
+CVE-1999-0218
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0217 (Malicious option settings in UDP packets could force a reboot in SunOS ...)
+CVE-1999-0217
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0215 (Routed allows attackers to append data to files. ...)
+CVE-1999-0215
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0214 (Denial of service by sending forged ICMP unreachable packets. ...)
+CVE-1999-0214
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0212 (Solaris rpc.mountd generates error messages that allow a remote ...)
+CVE-1999-0212
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0211 (Extra long export lists over 256 characters in some mount daemons ...)
+CVE-1999-0211
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0210 (Automount daemon automountd allows local or remote users to gain ...)
+CVE-1999-0210
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0209 (The SunView (SunTools) selection_svc facility allows remote users to ...)
+CVE-1999-0209
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0208 (rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. ...)
+CVE-1999-0208
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0207 (Remote attacker can execute commands through Majordomo using the ...)
+CVE-1999-0207
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0206 (MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. ...)
+CVE-1999-0206
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0204 (Sendmail 8.6.9 allows remote attackers to execute root commands, using ...)
+CVE-1999-0204
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0203 (In Sendmail, attackers can gain root privileges via SMTP by specifying ...)
+CVE-1999-0203
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0202 (The GNU tar command, when used in FTP sessions, may allow an attacker ...)
+CVE-1999-0202
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0201 (A quote cwd command on FTP servers can reveal the full path of the ...)
+CVE-1999-0201
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0196 (websendmail in Webgais 1.0 allows a remote user to access arbitrary ...)
+CVE-1999-0196
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0194 (Denial of service in in.comsat allows attackers to generate messages. ...)
+CVE-1999-0194
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote ...)
+CVE-1999-0192
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite files. ...)
+CVE-1999-0191
 	NOT-FOR-US: Microsoft
-CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files and gain ...)
+CVE-1999-0190
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may not be ...)
+CVE-1999-0189
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0188 (The passwd command in Solaris can be subjected to a denial of service. ...)
+CVE-1999-0188
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0185 (In SunOS or Solaris, a remote user could connect from an FTP server's ...)
+CVE-1999-0185
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0184 (When compiled with the -DALLOW_UPDATES option, bind allows dynamic ...)
+CVE-1999-0184
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0183 (Linux implementations of TFTP would allow access to files outside the ...)
+CVE-1999-0183
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0182 (Samba has a buffer overflow which allows a remote attacker to obtain ...)
+CVE-1999-0182
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0181 (The wall daemon can be used for denial of service, social engineering ...)
+CVE-1999-0181
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0180 (in.rshd allows users to login with a NULL username and execute commands. ...)
+CVE-1999-0180
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0179 (Windows NT crashes or locks up when a Samba client executes a &quot;cd ..&quot; ...)
+CVE-1999-0179
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0178 (Buffer overflow in the win-c-sample program (win-c-sample.exe) in the ...)
+CVE-1999-0178
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0177 (The uploader program in the WebSite web server allows a remote ...)
+CVE-1999-0177
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0176 (The Webgais program allows a remote user to execute arbitrary ...)
+CVE-1999-0176
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0175 (The convert.bas program in the Novell web server allows a remote ...)
+CVE-1999-0175
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0174 (The view-source CGI program allows remote attackers to read arbitrary ...)
+CVE-1999-0174
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0173 (FormMail CGI program can be used by web servers other than the ...)
+CVE-1999-0173
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0172 (FormMail CGI program allows remote execution of commands. ...)
+CVE-1999-0172
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0170 (Remote attackers can mount an NFS file system in Ultrix or OSF, even ...)
+CVE-1999-0170
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0168 (The portmapper may act as a proxy and redirect service requests from ...)
+CVE-1999-0168
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0167 (In SunOS, NFS file handles could be guessed, giving unauthorized ...)
+CVE-1999-0167
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0166 (NFS allows users to use a &quot;cd ..&quot; command to access other directories ...)
+CVE-1999-0166
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0164 (A race condition in the Solaris ps command allows an attacker to ...)
+CVE-1999-0164
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0162 (The &quot;established&quot; keyword in some Cisco IOS software allowed ...)
+CVE-1999-0162
 	NOT-FOR-US: Cisco
-CVE-1999-0161 (In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended ...)
+CVE-1999-0161
 	NOT-FOR-US: Cisco
-CVE-1999-0160 (Some classic Cisco IOS devices have a vulnerability in the PPP CHAP ...)
+CVE-1999-0160
 	NOT-FOR-US: Cisco
-CVE-1999-0159 (Attackers can crash a Cisco IOS router or device, provided they can ...)
+CVE-1999-0159
 	NOT-FOR-US: Cisco
-CVE-1999-0158 (Cisco PIX firewall manager (PFM) on Windows NT allows attackers to ...)
+CVE-1999-0158
 	NOT-FOR-US: Cisco
-CVE-1999-0157 (Cisco PIX firewall and CBAC IP fragmentation attack results in a ...)
+CVE-1999-0157
 	NOT-FOR-US: Cisco
-CVE-1999-0155 (The ghostscript command with the -dSAFER option allows remote ...)
+CVE-1999-0155
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0153 (Windows 95/NT out of band (OOB) data denial of service through NETBIOS ...)
+CVE-1999-0153
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0152 (The DG/UX finger daemon allows remote command execution through shell ...)
+CVE-1999-0152
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0151 (The SATAN session key may be disclosed if the user points the web ...)
+CVE-1999-0151
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0150 (The Perl fingerd program allows arbitrary command execution from ...)
+CVE-1999-0150
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0149 (The wrap CGI program in IRIX allows remote attackers to view ...)
+CVE-1999-0149
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0148 (The handler CGI program in IRIX allows arbitrary command execution. ...)
+CVE-1999-0148
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0147 (The aglimpse CGI program of the Glimpse package allows remote ...)
+CVE-1999-0147
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0146 (The campas CGI program provided with some NCSA web servers allows an ...)
+CVE-1999-0146
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0145 (Sendmail WIZ command enabled, allowing root access. ...)
+CVE-1999-0145
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0143 (Kerberos 4 key servers allow a user to masquerade as another by ...)
+CVE-1999-0143
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0142 (The Java Applet Security Manager implementation in Netscape Navigator ...)
+CVE-1999-0142
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0141 (Java Bytecode Verifier allows malicious applets to execute ...)
+CVE-1999-0141
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0139 (Buffer overflow in Solaris x86 mkcookie allows local users to ...)
+CVE-1999-0139
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0138 (The suidperl and sperl program do not give up root privileges when ...)
+CVE-1999-0138
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0137 (The dip program on many Linux systems allows local users to gain root ...)
+CVE-1999-0137
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0136 (Kodak Color Management System (KCMS) on Solaris allows a local user to ...)
+CVE-1999-0136
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0135 (admintool in Solaris allows a local user to write to arbitrary files ...)
+CVE-1999-0135
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0134 (vold in Solaris 2.x allows local users to gain root access. ...)
+CVE-1999-0134
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0133 (fm_fls license server for Adobe Framemaker allows local users to ...)
+CVE-1999-0133
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0132 (Expreserve, as used in vi and ex, allows local users to overwrite ...)
+CVE-1999-0132
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0131 (Buffer overflow and denial of service in Sendmail 8.7.5 and ...)
+CVE-1999-0131
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0130 (Local users can start Sendmail in daemon mode and gain root privileges. ...)
+CVE-1999-0130
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0129 (Sendmail allows local users to write to a file and gain group ...)
+CVE-1999-0129
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0128 (Oversized ICMP ping packets can result in a denial of service, ...)
+CVE-1999-0128
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0126 (SGI IRIX buffer overflow in xterm and Xaw allows root access. ...)
+CVE-1999-0126
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0125 (Buffer overflow in SGI IRIX mailx program. ...)
+CVE-1999-0125
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0124 (Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow ...)
+CVE-1999-0124
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0122 (Buffer overflow in AIX lchangelv gives root access. ...)
+CVE-1999-0122
 	NOT-FOR-US: AIX
-CVE-1999-0120 (Sun/Solaris utmp file allows local users to gain root access if it ...)
+CVE-1999-0120
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0118 (AIX infod allows local users to gain root access through an X display. ...)
+CVE-1999-0118
 	NOT-FOR-US: AIX
-CVE-1999-0117 (AIX passwd allows local users to gain root access. ...)
+CVE-1999-0117
 	NOT-FOR-US: AIX
-CVE-1999-0116 (Denial of service when an attacker sends many SYN packets to create ...)
+CVE-1999-0116
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0115 (AIX bugfiler program allows local users to gain root access. ...)
+CVE-1999-0115
 	NOT-FOR-US: AIX
-CVE-1999-0113 (Some implementations of rlogin allow root access if given a ...)
+CVE-1999-0113
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0112 (Buffer overflow in AIX dtterm program for the CDE. ...)
+CVE-1999-0112
 	NOT-FOR-US: AIX
-CVE-1999-0111 (RIP v1 is susceptible to spoofing. ...)
+CVE-1999-0111
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0109 (Buffer overflow in ffbconfig in Solaris 2.5.1. ...)
+CVE-1999-0109
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0108 (The printers program in IRIX has a buffer overflow that gives root ...)
+CVE-1999-0108
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0103 (Echo and chargen, or other combinations of UDP services, can be used ...)
+CVE-1999-0103
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0102 (Buffer overflow in SLmail 3.x allows attackers to execute commands ...)
+CVE-1999-0102
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0101 (Buffer overflow in AIX and Solaris &quot;gethostbyname&quot; library call allows ...)
+CVE-1999-0101
 	NOT-FOR-US: AIX
-CVE-1999-0100 (Remote access in AIX innd 1.5.1, using control messages. ...)
+CVE-1999-0100
 	NOT-FOR-US: AIX
-CVE-1999-0099 (Buffer overflow in syslog utility allows local or remote attackers to ...)
+CVE-1999-0099
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0097 (The AIX FTP client can be forced to execute commands from a malicious ...)
+CVE-1999-0097
 	NOT-FOR-US: AIX
-CVE-1999-0096 (Sendmail decode alias can be used to overwrite sensitive files. ...)
+CVE-1999-0096
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0095 (The debug command in Sendmail is enabled, allowing attackers to ...)
+CVE-1999-0095
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0094 (AIX piodmgrsu command allows local users to gain additional ...)
+CVE-1999-0094
 	NOT-FOR-US: AIX
-CVE-1999-0093 (AIX nslookup command allows local users to obtain root access by not ...)
+CVE-1999-0093
 	NOT-FOR-US: AIX
-CVE-1999-0091 (Buffer overflow in AIX writesrv command allows local users to obtain ...)
+CVE-1999-0091
 	NOT-FOR-US: AIX
-CVE-1999-0090 (Buffer overflow in AIX rcp command allows local users to obtain ...)
+CVE-1999-0090
 	NOT-FOR-US: AIX
-CVE-1999-0087 (Denial of service in AIX telnet can freeze a system and prevent ...)
+CVE-1999-0087
 	NOT-FOR-US: AIX
-CVE-1999-0085 (Buffer overflow in rwhod on AIX and other operating systems allows ...)
+CVE-1999-0085
 	NOT-FOR-US: AIX
-CVE-1999-0084 (Certain NFS servers allow users to use mknod to gain privileges by ...)
+CVE-1999-0084
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0083 (getcwd() file descriptor leak in FTP. ...)
+CVE-1999-0083
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0082 (CWD ~root command in ftpd allows root access. ...)
+CVE-1999-0082
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0081 (wu-ftp allows files to be overwritten via the rnfr command. ...)
+CVE-1999-0081
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0080 (Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH ...)
+CVE-1999-0080
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0079 (Remote attackers can cause a denial of service in FTP by issuing ...)
+CVE-1999-0079
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0077 (Predictable TCP sequence numbers allow spoofing. ...)
+CVE-1999-0077
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0075 (PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV ...)
+CVE-1999-0075
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0074 (Listening TCP ports are sequentially allocated, allowing spoofing ...)
+CVE-1999-0074
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0073 (Telnet allows a remote client to specify environment variables including ...)
+CVE-1999-0073
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0072 (Buffer overflow in AIX xdat gives root access to local users. ...)
+CVE-1999-0072
 	NOT-FOR-US: AIX
-CVE-1999-0071 (Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. ...)
+CVE-1999-0071
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0070 (test-cgi program allows an attacker to list files on the server. ...)
+CVE-1999-0070
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0069 (Solaris ufsrestore buffer overflow. ...)
+CVE-1999-0069
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0068 (CGI PHP mylog script allows an attacker to read any file on the ...)
+CVE-1999-0068
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0067 (phf CGI program allows remote command execution through shell ...)
+CVE-1999-0067
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0066 (AnyForm CGI remote execution. ...)
+CVE-1999-0066
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0065 (Multiple buffer overflows in how dtmail handles attachments allows a ...)
+CVE-1999-0065
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0064 (Buffer overflow in AIX lquerylv program gives root access to local users. ...)
+CVE-1999-0064
 	NOT-FOR-US: AIX
-CVE-1999-0063 (Cisco IOS 12.0 and other versions can be crashed by malicious UDP ...)
+CVE-1999-0063
 	NOT-FOR-US: Cisco
-CVE-1999-0062 (The chpass command in OpenBSD allows a local user to gain root access ...)
+CVE-1999-0062
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0060 (Attackers can cause a denial of service in Ascend MAX and Pipeline ...)
+CVE-1999-0060
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0059 (IRIX fam service allows an attacker to obtain a list of all files ...)
+CVE-1999-0059
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0058 (Buffer overflow in PHP cgi program, php.cgi allows shell access. ...)
+CVE-1999-0058
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0057 (Vacation program allows command execution by remote users through ...)
+CVE-1999-0057
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0056 (Buffer overflow in Sun's ping program can give root access to local users. ...)
+CVE-1999-0056
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0055 (Buffer overflows in Sun libnsl allow root access. ...)
+CVE-1999-0055
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0054 (Sun's ftpd daemon can be subjected to a denial of service. ...)
+CVE-1999-0054
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0053 (TCP RST denial of service in FreeBSD. ...)
+CVE-1999-0053
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0052 (IP fragmentation denial of service in FreeBSD allows a remote attacker ...)
+CVE-1999-0052
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0051 (Arbitrary file creation and program execution using FLEXlm ...)
+CVE-1999-0051
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0050 (Buffer overflow in HP-UX newgrp program. ...)
+CVE-1999-0050
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0049 (Csetup under IRIX allows arbitrary file creation or overwriting. ...)
+CVE-1999-0049
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0048 (Talkd, when given corrupt DNS information, can be used to execute ...)
+CVE-1999-0048
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0047 (MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. ...)
+CVE-1999-0047
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0046 (Buffer overflow of rlogin program using TERM environmental variable. ...)
+CVE-1999-0046
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0045 (List of arbitrary files on Web host via nph-test-cgi script. ...)
+CVE-1999-0045
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0044 (fsdump command in IRIX allows local users to obtain root access ...)
+CVE-1999-0044
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0043 (Command execution via shell metachars in INN daemon (innd) 1.5 ...)
+CVE-1999-0043
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0042 (Buffer overflow in University of Washington's implementation of ...)
+CVE-1999-0042
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0041 (Buffer overflow in NLS (Natural Language Service). ...)
+CVE-1999-0041
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0040 (Buffer overflow in Xt library of X Windowing System allows local ...)
+CVE-1999-0040
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0039 (webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers ...)
+CVE-1999-0039
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0038 (Buffer overflow in xlock program allows local users to execute ...)
+CVE-1999-0038
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0037 (Arbitrary command execution via metamail package using message ...)
+CVE-1999-0037
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0036 (IRIX login program with a nonzero LOCKOUT parameter allows creation or ...)
+CVE-1999-0036
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0035 (Race condition in signal handling routine in ftpd, allowing read/write ...)
+CVE-1999-0035
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0034 (Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. ...)
+CVE-1999-0034
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0032 (Buffer overflow in lpr, as used in BSD-based systems including Linux, ...)
+CVE-1999-0032
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0031 (JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and ...)
+CVE-1999-0031
 	NOT-FOR-US: Microsoft
-CVE-1999-0029 (root privileges via buffer overflow in ordist command on SGI IRIX ...)
+CVE-1999-0029
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0028 (root privileges via buffer overflow in login/scheme command on SGI ...)
+CVE-1999-0028
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0027 (root privileges via buffer overflow in eject command on SGI IRIX ...)
+CVE-1999-0027
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0026 (root privileges via buffer overflow in pset command on SGI IRIX ...)
+CVE-1999-0026
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0025 (root privileges via buffer overflow in df command on SGI IRIX ...)
+CVE-1999-0025
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0024 (DNS cache poisoning via BIND, by predictable query IDs. ...)
+CVE-1999-0024
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0023 (Local user gains root privileges via buffer overflow in rdist, via ...)
+CVE-1999-0023
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0022 (Local user gains root privileges via buffer overflow in rdist, via ...)
+CVE-1999-0022
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0021 (Arbitrary command execution via buffer overflow in Count.cgi ...)
+CVE-1999-0021
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0019 (Delete or create a file via rpc.statd, due to invalid information. ...)
+CVE-1999-0019
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0018 (Buffer overflow in statd allows root privileges. ...)
+CVE-1999-0018
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0017 (FTP servers can allow an attacker to connect to arbitrary ports on ...)
+CVE-1999-0017
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0016 (Land IP denial of service. ...)
+CVE-1999-0016
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0014 (Unauthorized privileged access or denial of service via dtappgather ...)
+CVE-1999-0014
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0013 (Stolen credentials from SSH clients via ssh-agent program, allowing ...)
+CVE-1999-0013
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0012 (Some web servers under Microsoft Windows allow remote attackers ...)
+CVE-1999-0012
 	NOT-FOR-US: Microsoft
-CVE-1999-0011 (Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases ...)
+CVE-1999-0011
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0010 (Denial of Service vulnerability in BIND 8 Releases via maliciously ...)
+CVE-1999-0010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0009 (Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. ...)
+CVE-1999-0009
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0008 (Buffer overflow in NIS+, in Sun's rpc.nisd program. ...)
+CVE-1999-0008
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0007 (Information from SSL-encrypted sessions via PKCS #1. ...)
+CVE-1999-0007
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0006 (Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows ...)
+CVE-1999-0006
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0005 (Arbitrary command execution via IMAP buffer overflow in authenticate ...)
+CVE-1999-0005
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0003 (Execute commands as root via buffer overflow in Tooltalk database ...)
+CVE-1999-0003
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0002 (Buffer overflow in NFS mountd gives root access to remote attackers, ...)
+CVE-1999-0002
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1572 (cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other ...)
+CVE-1999-1572
 	{DSA-664-1}
 	- cpio 2.5-1.2 (bug #293379)
-CVE-1999-1571 (Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may ...)
+CVE-1999-1571
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1570 (Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain ...)
+CVE-1999-1570
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1569 (Quake 1 and NetQuake servers allow remote attackers to cause a denial ...)
+CVE-1999-1569
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1567 (Seapine Software TestTrack server allows a remote attacker to cause a ...)
+CVE-1999-1567
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1566 (Buffer overflow in iParty server 1.2 and earlier allows remote ...)
+CVE-1999-1566
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1564 (FreeBSD 3.2 and possibly other versions allows a local user to cause a ...)
+CVE-1999-1564
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1563 (Nachuatec D435 and D445 printer allows remote attackers to cause a ...)
+CVE-1999-1563
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1562 (gFTP FTP client 1.13, and other versions before 2.0.0, records a ...)
+CVE-1999-1562
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1561 (Nullsoft SHOUTcast server stores the administrative password in ...)
+CVE-1999-1561
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1560 (Vulnerability in a script in Texas A&amp;M University (TAMU) Tiger allows ...)
+CVE-1999-1560
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1559 (Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the ...)
+CVE-1999-1559
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1558 (Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows ...)
+CVE-1999-1558
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1557 (Buffer overflow in the login functions in IMAP server (imapd) in ...)
+CVE-1999-1557
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1555 (Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service ...)
+CVE-1999-1555
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1554 (/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the ...)
+CVE-1999-1554
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1553 (Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote ...)
+CVE-1999-1553
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1552 (dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and ...)
+CVE-1999-1552
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1551 (Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to ...)
+CVE-1999-1551
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1549 (Lynx 2.x does not properly distinguish between internal and external ...)
+CVE-1999-1549
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1548 (Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle ...)
+CVE-1999-1548
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1547 (Oracle Web Listener 2.1 allows remote attackers to bypass access ...)
+CVE-1999-1547
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1546 (netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on ...)
+CVE-1999-1546
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1545 (Joe's Own Editor (joe) 2.8 sets the world-readable permission on its ...)
+CVE-1999-1545
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1544 (Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows ...)
+CVE-1999-1544
 	NOT-FOR-US: Microsoft
-CVE-1999-1543 (MacOS uses weak encryption for passwords that are stored in the Users ...)
+CVE-1999-1543
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1541 (shell-lock in Cactus Software Shell Lock allows local users to read or ...)
+CVE-1999-1541
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1540 (shell-lock in Cactus Software Shell Lock uses weak encryption (trivial ...)
+CVE-1999-1540
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1539 (Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions ...)
+CVE-1999-1539
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1538 (When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in ...)
+CVE-1999-1538
 	NOT-FOR-US: Microsoft
-CVE-1999-1536 (.sbstart startup script in AcuShop Salesbuilder is world writable, ...)
+CVE-1999-1536
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1534 (Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia ...)
+CVE-1999-1534
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1533 (Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause ...)
+CVE-1999-1533
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1532 (Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker ...)
+CVE-1999-1532
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1529 (A buffer overflow exists in the HELO command in Trend Micro ...)
+CVE-1999-1529
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1528 (ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not ...)
+CVE-1999-1528
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1527 (Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer ...)
+CVE-1999-1527
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1526 (Auto-update feature of Macromedia Shockwave 7 transmits a user's ...)
+CVE-1999-1526
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1525 (Macromedia Shockwave before 6.0 allows a malicious webmaster to read a ...)
+CVE-1999-1525
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1524 (FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote ...)
+CVE-1999-1524
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1523 (Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to ...)
+CVE-1999-1523
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1522 (Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and ...)
+CVE-1999-1522
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1521 (Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to ...)
+CVE-1999-1521
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1519 (Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of ...)
+CVE-1999-1519
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1518 (Operating systems with shared memory implementations based on BSD 4.4 ...)
+CVE-1999-1518
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1517 (runtar in the Amanda backup system used in various UNIX operating ...)
+CVE-1999-1517
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1516 (A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows ...)
+CVE-1999-1516
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1515 (A non-default configuration in TenFour TFS Gateway 4.0 allows an ...)
+CVE-1999-1515
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1514 (Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote ...)
+CVE-1999-1514
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1513 (Management information base (MIB) for a 3Com SuperStack II hub running ...)
+CVE-1999-1513
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1511 (Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of ...)
+CVE-1999-1511
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1510 (Buffer overflows in Bisonware FTP server prior to 4.1 allow remote ...)
+CVE-1999-1510
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1509 (Directory traversal vulnerability in Etype Eserv 2.50 web server ...)
+CVE-1999-1509
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1508 (Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a ...)
+CVE-1999-1508
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1506 (Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, ...)
+CVE-1999-1506
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1505 (Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a ...)
+CVE-1999-1505
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1504 (Stalker Internet Mail Server 1.6 allows a remote attacker to cause a ...)
+CVE-1999-1504
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1503 (Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to ...)
+CVE-1999-1503
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1502 (Buffer overflows in Quake 1.9 client allows remote malicious servers ...)
+CVE-1999-1502
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1501 ((1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear ...)
+CVE-1999-1501
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1500 (Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to ...)
+CVE-1999-1500
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1499 (named in ISC BIND 4.9 and 8.1 allows local users to destroy files via ...)
+CVE-1999-1499
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1498 (Slackware Linux 3.4 pkgtool allows local attacker to read and write to ...)
+CVE-1999-1498
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1497 (Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in ...)
+CVE-1999-1497
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1496 (Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to ...)
+CVE-1999-1496
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1495 (xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary ...)
+CVE-1999-1495
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1493 (Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through ...)
+CVE-1999-1493
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1492 (Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows ...)
+CVE-1999-1492
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1491 (abuse.console in Red Hat 2.1 uses relative pathnames to find and ...)
+CVE-1999-1491
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1489 (Buffer overflow in TestChip function in XFree86 SuperProbe in ...)
+CVE-1999-1489
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1487 (Vulnerability in digest in AIX 4.3 allows printq users to gain root ...)
+CVE-1999-1487
 	NOT-FOR-US: AIX
-CVE-1999-1485 (nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP ...)
+CVE-1999-1485
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1484 (Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control ...)
+CVE-1999-1484
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1483 (Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local ...)
+CVE-1999-1483
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1482 (SVGAlib zgv 3.0-7 and earlier allows local users to gain root access ...)
+CVE-1999-1482
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1480 ((1) acledit and (2) aclput in AIX 4.3 allow local users to create or ...)
+CVE-1999-1480
 	NOT-FOR-US: AIX
-CVE-1999-1479 (The textcounter.pl by Matt Wright allows remote attackers to execute ...)
+CVE-1999-1479
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1477 (Buffer overflow in GNOME libraries 1.0.8 allows local user to gain ...)
+CVE-1999-1477
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1475 (ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords ...)
+CVE-1999-1475
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1474 (PowerPoint 95 and 97 allows remote attackers to cause an application ...)
+CVE-1999-1474
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1471 (Buffer overflow in passwd in BSD based operating systems 4.3 and ...)
+CVE-1999-1471
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1470 (Eastman Work Management 3.21 stores passwords in cleartext in the ...)
+CVE-1999-1470
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1469 (Buffer overflow in w3-auth CGI program in miniSQL package allows ...)
+CVE-1999-1469
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1467 (Vulnerability in rcp on SunOS 4.0.x allows remote attackers from ...)
+CVE-1999-1467
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1466 (Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote ...)
+CVE-1999-1466
 	NOT-FOR-US: Cisco
-CVE-1999-1465 (Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast ...)
+CVE-1999-1465
 	NOT-FOR-US: Cisco
-CVE-1999-1464 (Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast ...)
+CVE-1999-1464
 	NOT-FOR-US: Cisco
-CVE-1999-1463 (Windows NT 4.0 before SP3 allows remote attackers to bypass firewall ...)
+CVE-1999-1463
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1462 (Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b ...)
+CVE-1999-1462
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1461 (inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH ...)
+CVE-1999-1461
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1460 (BMC PATROL SNMP Agent before 3.2.07 allows local users to create ...)
+CVE-1999-1460
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1459 (BMC PATROL Agent before 3.2.07 allows local users to gain root ...)
+CVE-1999-1459
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1458 (Buffer overflow in at program in Digital UNIX 4.0 allows local users ...)
+CVE-1999-1458
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1457 (Buffer overflow in thttpd HTTP server before 2.04-31 allows remote ...)
+CVE-1999-1457
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1454 (Macromedia &quot;The Matrix&quot; screen saver on Windows 95 with the &quot;Password ...)
+CVE-1999-1454
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1453 (Internet Explorer 4 allows remote attackers (malicious web site ...)
+CVE-1999-1453
 	NOT-FOR-US: Microsoft
-CVE-1999-1451 (The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows ...)
+CVE-1999-1451
 	NOT-FOR-US: Microsoft
-CVE-1999-1450 (Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX ...)
+CVE-1999-1450
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1449 (SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial ...)
+CVE-1999-1449
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1448 (Eudora and Eudora Light before 3.05 allows remote attackers to cause a ...)
+CVE-1999-1448
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1447 (Internet Explorer 4.0 allows remote attackers to cause a denial of ...)
+CVE-1999-1447
 	NOT-FOR-US: Microsoft
-CVE-1999-1446 (Internet Explorer 3 records a history of all URL's that are visited by ...)
+CVE-1999-1446
 	NOT-FOR-US: Microsoft
-CVE-1999-1445 (Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with ...)
+CVE-1999-1445
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1444 (genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent ...)
+CVE-1999-1444
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1443 (Micah Software Full Armor Network Configurator and Zero Administration ...)
+CVE-1999-1443
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1442 (Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local ...)
+CVE-1999-1442
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1441 (Linux 2.0.34 does not properly prevent users from sending SIGIO ...)
+CVE-1999-1441
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1440 (Win32 ICQ 98a 1.30, and possibly other versions, does not display the ...)
+CVE-1999-1440
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1439 (gcc 2.7.2 allows local users to overwrite arbitrary files via a ...)
+CVE-1999-1439
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1438 (Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local ...)
+CVE-1999-1438
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1436 (Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote ...)
+CVE-1999-1436
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1435 (Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows ...)
+CVE-1999-1435
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1434 (login in Slackware Linux 3.2 through 3.5 does not properly check for ...)
+CVE-1999-1434
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1431 (ZAK in Appstation mode allows users to bypass the &quot;Run only allowed ...)
+CVE-1999-1431
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1430 (PIM software for Royal daVinci does not properly password-protext ...)
+CVE-1999-1430
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1429 (DIT TransferPro installs devices with world-readable and ...)
+CVE-1999-1429
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1428 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local ...)
+CVE-1999-1428
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1427 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files ...)
+CVE-1999-1427
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1426 (Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links ...)
+CVE-1999-1426
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1425 (Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write ...)
+CVE-1999-1425
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1424 (Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions ...)
+CVE-1999-1424
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1422 (The default configuration of Slackware 3.4, and possibly other ...)
+CVE-1999-1422
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1421 (NBase switches NH208 and NH215 run a TFTP server which allows remote ...)
+CVE-1999-1421
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1420 (NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door ...)
+CVE-1999-1420
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1418 (ICQ99 ICQ web server build 1701 with &quot;Active Homepage&quot; enabled ...)
+CVE-1999-1418
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1417 (Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd ...)
+CVE-1999-1417
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1416 (AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to ...)
+CVE-1999-1416
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1415 (Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local ...)
+CVE-1999-1415
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1413 (Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to ...)
+CVE-1999-1413
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1412 (A possible interaction between Apple MacOS X release 1.0 and Apache ...)
+CVE-1999-1412
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1410 (addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary ...)
+CVE-1999-1410
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1408 (Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users ...)
+CVE-1999-1408
 	NOT-FOR-US: AIX
-CVE-1999-1406 (dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which ...)
+CVE-1999-1406
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1405 (snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory ...)
+CVE-1999-1405
 	NOT-FOR-US: AIX
-CVE-1999-1404 (IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote ...)
+CVE-1999-1404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1403 (IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, ...)
+CVE-1999-1403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1401 (Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 ...)
+CVE-1999-1401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1400 (The Economist screen saver 1999 with the &quot;Password Protected&quot; option ...)
+CVE-1999-1400
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1399 (spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users ...)
+CVE-1999-1399
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1398 (Vulnerability in xfsdump in SGI IRIX may allow local users to obtain ...)
+CVE-1999-1398
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1396 (Vulnerability in integer multiplication emulation code on SPARC ...)
+CVE-1999-1396
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1395 (Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 ...)
+CVE-1999-1395
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1394 (BSD 4.4 based operating systems, when running at security level 1, ...)
+CVE-1999-1394
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1393 (Control Panel &quot;Password Security&quot; option for Apple Powerbooks allows ...)
+CVE-1999-1393
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1392 (Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 ...)
+CVE-1999-1392
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1391 (Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers ...)
+CVE-1999-1391
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1390 (suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain ...)
+CVE-1999-1390
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1389 (US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 ...)
+CVE-1999-1389
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1388 (passwd in SunOS 4.1.x allows local users to overwrite arbitrary files ...)
+CVE-1999-1388
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1387 (Windows NT 4.0 SP2 allows remote attackers to cause a denial of ...)
+CVE-1999-1387
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1383 ((1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain ...)
+CVE-1999-1383
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1381 (Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote ...)
+CVE-1999-1381
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1378 (dbmlparser.exe CGI guestbook program does not perform a chroot ...)
+CVE-1999-1378
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1377 (Matt Wright's download.cgi 1.0 allows remote attackers to read ...)
+CVE-1999-1377
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1376 (Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server ...)
+CVE-1999-1376
 	NOT-FOR-US: Microsoft
-CVE-1999-1375 (FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) ...)
+CVE-1999-1375
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1374 (perlshop.cgi shopping cart program stores sensitive customer ...)
+CVE-1999-1374
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1373 (FORE PowerHub before 5.0.1 allows remote attackers to cause a denial ...)
+CVE-1999-1373
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1372 (Triactive Remote Manager with Basic authentication enabled stores the ...)
+CVE-1999-1372
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1371 (Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local ...)
+CVE-1999-1371
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1370 (The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) ...)
+CVE-1999-1370
 	NOT-FOR-US: Microsoft
-CVE-1999-1369 (Real Media RealServer (rmserver) 6.0.3.353 stores a password in ...)
+CVE-1999-1369
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1368 (AV Option for MS Exchange Server option for InoculateIT 4.53, and ...)
+CVE-1999-1368
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1367 (Internet Explorer 5.0 does not properly reset the username/password ...)
+CVE-1999-1367
 	NOT-FOR-US: Microsoft
-CVE-1999-1366 (Pegasus e-mail client 3.0 and earlier uses weak encryption to store ...)
+CVE-1999-1366
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1364 (Windows NT 4.0 allows local users to cause a denial of service (crash) ...)
+CVE-1999-1364
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1361 (Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) ...)
+CVE-1999-1361
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1357 (Netscape Communicator 4.04 through 4.7 (and possibly other versions) ...)
+CVE-1999-1357
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1355 (BMC Patrol component, when installed with Compaq Insight Management ...)
+CVE-1999-1355
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1354 (E-mail client in Softarc FirstClass Internet Server 5.506 and earlier ...)
+CVE-1999-1354
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1353 (Nosque MsgCore 2.14 stores passwords in cleartext: (1) the ...)
+CVE-1999-1353
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1352 (mknod in Linux 2.2 follows symbolic links, which could allow local ...)
+CVE-1999-1352
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1350 (ARCAD Systemhaus 0.078-5 installs critical programs and files with ...)
+CVE-1999-1350
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1349 (NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to ...)
+CVE-1999-1349
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1348 (Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable ...)
+CVE-1999-1348
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1347 (Xsession in Red Hat Linux 6.1 and earlier can allow local users with ...)
+CVE-1999-1347
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1346 (PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier ...)
+CVE-1999-1346
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1345 (Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared ...)
+CVE-1999-1345
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1344 (Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in ...)
+CVE-1999-1344
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1343 (HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause ...)
+CVE-1999-1343
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1342 (ICQ ActiveList Server allows remote attackers to cause a denial of ...)
+CVE-1999-1342
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1340 (Buffer overflow in faxalter in hylafax 4.0.2 allows local users to ...)
+CVE-1999-1340
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1338 (Delegate proxy 5.9.3 and earlier creates files and directories in the ...)
+CVE-1999-1338
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1334 (Multiple buffer overflows in filter command in Elm 2.4 allows ...)
+CVE-1999-1334
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1323 (Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and ...)
+CVE-1999-1323
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1322 (The installation of 1ArcServe Backup and Inoculan AV client modules ...)
+CVE-1999-1322
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1319 (Vulnerability in object server program in SGI IRIX 5.2 through 6.1 ...)
+CVE-1999-1319
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1315 (Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP ...)
+CVE-1999-1315
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1314 (Vulnerability in union file system in FreeBSD 2.2 and earlier, and ...)
+CVE-1999-1314
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1313 (Manual page reader (man) in FreeBSD 2.2 and earlier allows local users ...)
+CVE-1999-1313
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1312 (Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP ...)
+CVE-1999-1312
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1311 (Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows ...)
+CVE-1999-1311
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-1310
 	REJECTED
-CVE-1999-1308 (Certain programs in HP-UX 10.20 do not properly handle large user IDs ...)
+CVE-1999-1308
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1307 (Vulnerability in urestore in Novell UnixWare 1.1 allows local users to ...)
+CVE-1999-1307
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1306 (Cisco IOS 9.1 and earlier does not properly handle extended IP access ...)
+CVE-1999-1306
 	NOT-FOR-US: Cisco
-CVE-1999-1305 (Vulnerability in &quot;at&quot; program in SCO UNIX 4.2 and earlier allows local ...)
+CVE-1999-1305
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1304 (Vulnerability in login in SCO UNIX 4.2 and earlier allows local users ...)
+CVE-1999-1304
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1303 (Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users ...)
+CVE-1999-1303
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1302 (Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier ...)
+CVE-1999-1302
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1300 (Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users ...)
+CVE-1999-1300
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1299 (rcp on various Linux systems including Red Hat 4.0 allows a &quot;nobody&quot; ...)
+CVE-1999-1299
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1296 (Buffer overflow in Kerberos IV compatibility libraries as used in ...)
+CVE-1999-1296
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1295 (Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 ...)
+CVE-1999-1295
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1293 (mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause ...)
+CVE-1999-1293
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1292 (Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 ...)
+CVE-1999-1292
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1291 (TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and ...)
+CVE-1999-1291
 	NOT-FOR-US: Microsoft
-CVE-1999-1289 (ICQ 98 beta on Windows NT leaks the internal IP address of a client in ...)
+CVE-1999-1289
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1287 (Vulnerability in Analog 3.0 and earlier allows remote attackers to ...)
+CVE-1999-1287
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1286 (addnetpr in SGI IRIX 6.2 and earlier allows local users to modify ...)
+CVE-1999-1286
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1285 (Linux 2.1.132 and earlier allows local users to cause a denial of ...)
+CVE-1999-1285
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1283 (Opera 3.2.1 allows remote attackers to cause a denial of service ...)
+CVE-1999-1283
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1282 (RealSystem G2 server stores the administrator password in cleartext in ...)
+CVE-1999-1282
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1281 (Development version of Breeze Network Server allows remote attackers ...)
+CVE-1999-1281
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1280 (Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant ...)
+CVE-1999-1280
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1278 (nlog CGI scripts do not properly filter shell metacharacters from the ...)
+CVE-1999-1278
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1277 (BackWeb client stores the username and password in cleartext for proxy ...)
+CVE-1999-1277
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1275 (Lotus cc:Mail release 8 stores the postoffice password in plaintext in ...)
+CVE-1999-1275
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1274 (iPass RoamServer 3.1 creates temporary files with world-writable ...)
+CVE-1999-1274
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1273 (Squid Internet Object Cache 1.1.20 allows users to bypass access ...)
+CVE-1999-1273
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1272 (Buffer overflows in CDROM Confidence Test program (cdrom) allow local ...)
+CVE-1999-1272
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1271 (Macromedia Dreamweaver uses weak encryption to store FTP passwords, ...)
+CVE-1999-1271
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1270 (KMail in KDE 1.0 provides a PGP passphrase as a command line argument ...)
+CVE-1999-1270
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1269 (Screen savers in KDE beta 3 allows local users to overwrite arbitrary ...)
+CVE-1999-1269
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1268 (Vulnerability in KDE konsole allows local users to hijack or observe ...)
+CVE-1999-1268
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1267 (KDE file manager (kfm) uses a TCP server for certain file operations, ...)
+CVE-1999-1267
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1266 (rsh daemon (rshd) generates different error messages when a valid ...)
+CVE-1999-1266
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1265 (SMTP server in SLmail 3.1 and earlier allows remote attackers to cause ...)
+CVE-1999-1265
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1264 (WebRamp M3 router does not disable remote telnet or HTTP access to ...)
+CVE-1999-1264
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1261 (Buffer overflow in Rainbow Six Multiplayer allows remote attackers to ...)
+CVE-1999-1261
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1260 (mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive ...)
+CVE-1999-1260
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1257 (Xyplex terminal server 6.0.1S1, and possibly other versions, allows ...)
+CVE-1999-1257
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1256 (Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition ...)
+CVE-1999-1256
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1255 (Hyperseek allows remote attackers to modify the hyperseek ...)
+CVE-1999-1255
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1254 (Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of ...)
+CVE-1999-1254
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1253 (Vulnerability in a kernel error handling routine in SCO OpenServer ...)
+CVE-1999-1253
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1252 (Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 ...)
+CVE-1999-1252
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1251 (Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 ...)
+CVE-1999-1251
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1250 (Vulnerability in CGI program in the Lasso application by Blue World, ...)
+CVE-1999-1250
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1248 (Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through ...)
+CVE-1999-1248
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1247 (Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x ...)
+CVE-1999-1247
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1245 (vacm ucd-snmp SNMP server, version 3.52, does not properly disable ...)
+CVE-1999-1245
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1244 (IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary ...)
+CVE-1999-1244
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1242 (Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users ...)
+CVE-1999-1242
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1241 (Internet Explorer, with a security setting below Medium, allows remote ...)
+CVE-1999-1241
 	NOT-FOR-US: Microsoft
-CVE-1999-1240 (Buffer overflow in cddbd CD database server allows remote attackers to ...)
+CVE-1999-1240
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1239 (HP-UX 9.x does not properly enable the Xauthority mechanism in certain ...)
+CVE-1999-1239
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1238 (Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 ...)
+CVE-1999-1238
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1237 (Multiple buffer overflows in smbvalid/smbval SMB authentication ...)
+CVE-1999-1237
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1236 (Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in ...)
+CVE-1999-1236
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1235 (Internet Explorer 5.0 records the username and password for FTP ...)
+CVE-1999-1235
 	NOT-FOR-US: Microsoft
-CVE-1999-1234 (LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a ...)
+CVE-1999-1234
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1232 (Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 ...)
+CVE-1999-1232
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1231 (ssh 2.0.12, and possibly other versions, allows valid user names to ...)
+CVE-1999-1231
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1230 (Quake 2 server allows remote attackers to cause a denial of service ...)
+CVE-1999-1230
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1229 (Quake 2 server 3.13 on Linux does not properly check file permissions ...)
+CVE-1999-1229
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1228 (Various modems that do not implement a guard time, or are configured ...)
+CVE-1999-1228
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1227 (Ethereal allows local users to overwrite arbitrary files via a symlink ...)
+CVE-1999-1227
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1225 (rpc.mountd on Linux, Ultrix, and possibly other operating systems, ...)
+CVE-1999-1225
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1224 (IMAP 4.1 BETA, and possibly other versions, does not properly handle ...)
+CVE-1999-1224
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1221 (dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify ...)
+CVE-1999-1221
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1220 (Majordomo 1.94.3 and earlier allows remote attackers to execute ...)
+CVE-1999-1220
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1219 (Vulnerability in sgihelp in the SGI help system and print manager in ...)
+CVE-1999-1219
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1218 (Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier ...)
+CVE-1999-1218
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1216 (Cisco routers 9.17 and earlier allow remote attackers to bypass ...)
+CVE-1999-1216
 	NOT-FOR-US: Cisco
-CVE-1999-1213 (Vulnerability in telnet service in HP-UX 10.30 allows attackers to ...)
+CVE-1999-1213
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1212 (Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local ...)
+CVE-1999-1212
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1211 (Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local ...)
+CVE-1999-1211
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1210 (xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to ...)
+CVE-1999-1210
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1207 (Buffer overflow in web-admin tool in NetXRay 2.6 allows remote ...)
+CVE-1999-1207
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1206 (SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and ...)
+CVE-1999-1206
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1202 (StarTech (1) POP3 proxy server and (2) telnet server allows remote ...)
+CVE-1999-1202
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1200 (Vintra SMTP MailServer allows remote attackers to cause a denial of ...)
+CVE-1999-1200
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1196 (Hummingbird Exceed X version 5 allows remote attackers to cause a ...)
+CVE-1999-1196
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1195 (NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus ...)
+CVE-1999-1195
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1190 (Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 ...)
+CVE-1999-1190
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1187 (Pine before version 3.94 allows local users to gain privileges via a ...)
+CVE-1999-1187
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1186 (rxvt, when compiled with the PRINT_PIPE option in various Linux ...)
+CVE-1999-1186
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1185 (Buffer overflow in SCO mscreen allows local users to gain root ...)
+CVE-1999-1185
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1184 (Buffer overflow in Elm 2.4 and earlier allows local users to gain ...)
+CVE-1999-1184
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1183 (System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote ...)
+CVE-1999-1183
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1182 (Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for ...)
+CVE-1999-1182
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1180 (O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to ...)
+CVE-1999-1180
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1179 (Vulnerability in man.sh CGI script, included in May 1998 issue of ...)
+CVE-1999-1179
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1178 (Sambar Server 4.1 beta allows remote attackers to obtain sensitive ...)
+CVE-1999-1178
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1176 (Buffer overflow in cidentd ident daemon allows local users to gain ...)
+CVE-1999-1176
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1174 (ZIP drive for Iomega ZIP-100 disks allows attackers with physical ...)
+CVE-1999-1174
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1173 (Corel Word Perfect 8 for Linux creates a temporary working directory ...)
+CVE-1999-1173
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1172 (By design, Maximizer Enterprise 4 calendar and address book program ...)
+CVE-1999-1172
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1171 (IPswitch WS_FTP allows local users to gain additional privileges and ...)
+CVE-1999-1171
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1170 (IPswitch IMail allows local users to gain additional privileges and ...)
+CVE-1999-1170
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1169 (nobo 1.2 allows remote attackers to cause a denial of service (crash) ...)
+CVE-1999-1169
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1168 (install.iss installation script for Internet Security Scanner (ISS) ...)
+CVE-1999-1168
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1166 (Linux 2.0.37 does not properly encode the Custom segment limit, which ...)
+CVE-1999-1166
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1165 (GNU fingerd 1.37 does not properly drop privileges before accessing ...)
+CVE-1999-1165
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1164 (Microsoft Outlook client allows remote attackers to cause a denial of ...)
+CVE-1999-1164
 	NOT-FOR-US: Microsoft
-CVE-1999-1158 (Buffer overflow in (1) pluggable authentication module (PAM) on ...)
+CVE-1999-1158
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1155 (LakeWeb Mail List CGI script allows remote attackers to execute ...)
+CVE-1999-1155
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1154 (LakeWeb Filemail CGI script allows remote attackers to execute ...)
+CVE-1999-1154
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1153 (HAMcards Postcard CGI script 1.0 allows remote attackers to execute ...)
+CVE-1999-1153
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1152 (Compaq/Microcom 6000 Access Integrator does not disconnect a client ...)
+CVE-1999-1152
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1151 (Compaq/Microcom 6000 Access Integrator does not cause a session ...)
+CVE-1999-1151
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1150 (Livingston Portmaster routers running ComOS use the same initial ...)
+CVE-1999-1150
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1149 (Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a ...)
+CVE-1999-1149
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1141 (Ascom Timeplex router allows remote attackers to obtain sensitive ...)
+CVE-1999-1141
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1135 (Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root ...)
+CVE-1999-1135
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1134 (Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root ...)
+CVE-1999-1134
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1133 (HP-UX 9.x and 10.x running X windows may allow local attackers to gain ...)
+CVE-1999-1133
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1130 (Default configuration of the search engine in Netscape Enterprise ...)
+CVE-1999-1130
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1129 (Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers ...)
+CVE-1999-1129
 	NOT-FOR-US: Cisco
-CVE-1999-1128 (Internet Explorer 3.01 on Windows 95 allows remote malicious web sites ...)
+CVE-1999-1128
 	NOT-FOR-US: Microsoft
-CVE-1999-1126 (Cisco Resource Manager (CRM) 1.1 and earlier creates certain files ...)
+CVE-1999-1126
 	NOT-FOR-US: Cisco
-CVE-1999-1125 (Oracle Webserver 2.1 and earlier runs setuid root, but the ...)
+CVE-1999-1125
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1124 (HTTP Client application in ColdFusion allows remote attackers to ...)
+CVE-1999-1124
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1123 (The installation of Sun Source (sunsrc) tapes allows local users to ...)
+CVE-1999-1123
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1113 (Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier ...)
+CVE-1999-1113
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1112 (Buffer overflow in IrfanView32 3.07 and earlier allows attackers to ...)
+CVE-1999-1112
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1110 (Windows Media Player ActiveX object as used in Internet Explorer 5.0 ...)
+CVE-1999-1110
 	NOT-FOR-US: Microsoft
 CVE-1999-1108
 	REJECTED
-CVE-1999-1107 (Buffer overflow in kppp in KDE allows local users to gain root access ...)
+CVE-1999-1107
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1106 (Buffer overflow in kppp in KDE allows local users to gain root access ...)
+CVE-1999-1106
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1101 (Kabsoftware Lydia utility uses weak encryption to store user passwords ...)
+CVE-1999-1101
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1097 (Microsoft NetMeeting 2.1 allows one client to read the contents of ...)
+CVE-1999-1097
 	NOT-FOR-US: Microsoft
-CVE-1999-1096 (Buffer overflow in kscreensaver in KDE klock allows local users to ...)
+CVE-1999-1096
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1095 (sort creates temporary files and follows symbolic links, which allows ...)
+CVE-1999-1095
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1092 (tin 1.40 creates the .tin directory with insecure permissions, which ...)
+CVE-1999-1092
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1091 (UNIX news readers tin and rtin create the /tmp/.tin_log file with ...)
+CVE-1999-1091
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1089 (Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows ...)
+CVE-1999-1089
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1088 (Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local ...)
+CVE-1999-1088
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1086 (Novell 5 and earlier, when running over IPX with a packet signature ...)
+CVE-1999-1086
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1084 (The &quot;AEDebug&quot; registry key is installed with insecure permissions, ...)
+CVE-1999-1084
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1083 (Directory traversal vulnerability in Jana proxy web server 1.45 allows ...)
+CVE-1999-1083
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1082 (Directory traversal vulnerability in Jana proxy web server 1.40 allows ...)
+CVE-1999-1082
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1081 (Vulnerability in files.pl script in Novell WebServer Examples Toolkit ...)
+CVE-1999-1081
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1079 (Vulnerability in ptrace in AIX 4.3 allows local users to gain ...)
+CVE-1999-1079
 	NOT-FOR-US: AIX
-CVE-1999-1078 (WS_FTP Pro 6.0 uses weak encryption for passwords in its ...)
+CVE-1999-1078
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1077 (Idle locking function in MacOS 9 allows local attackers to bypass the ...)
+CVE-1999-1077
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1076 (Idle locking function in MacOS 9 allows local users to bypass the ...)
+CVE-1999-1076
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1075 (inetd in AIX 4.1.5 dynamically assigns a port N when starting ...)
+CVE-1999-1075
 	NOT-FOR-US: AIX
-CVE-1999-1073 (Excite for Web Servers (EWS) 1.1 records the first two characters of a ...)
+CVE-1999-1073
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1072 (Excite for Web Servers (EWS) 1.1 allows local users to gain privileges ...)
+CVE-1999-1072
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1071 (Excite for Web Servers (EWS) 1.1 installs the Architext.conf ...)
+CVE-1999-1071
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1070 (Buffer overflow in ping CGI program in Xylogics Annex terminal service ...)
+CVE-1999-1070
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1069 (Directory traversal vulnerability in carbo.dll in iCat Carbo Server ...)
+CVE-1999-1069
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1068 (Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows ...)
+CVE-1999-1068
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1067 (SGI MachineInfo CGI program, installed by default on some web servers, ...)
+CVE-1999-1067
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1066 (Quake 1 server responds to an initial UDP game connection request with ...)
+CVE-1999-1066
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1065 (Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers ...)
+CVE-1999-1065
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1064 (Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow ...)
+CVE-1999-1064
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1063 (CDomain whois_raw.cgi whois CGI script allows remote attackers to ...)
+CVE-1999-1063
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1062 (HP Laserjet printers with JetDirect cards, when configured with ...)
+CVE-1999-1062
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1061 (HP Laserjet printers with JetDirect cards, when configured with ...)
+CVE-1999-1061
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1060 (Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote ...)
+CVE-1999-1060
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1058 (Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote ...)
+CVE-1999-1058
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-1056
 	REJECTED
-CVE-1999-1054 (The default configuration of FLEXlm license manager 6.0d, and possibly ...)
+CVE-1999-1054
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1053 (guestbook.pl cleanses user-inserted SSI commands by removing text ...)
+CVE-1999-1053
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1052 (Microsoft FrontPage stores form results in a default location in ...)
+CVE-1999-1052
 	NOT-FOR-US: Microsoft
-CVE-1999-1051 (Default configuration in Matt Wright FormHandler.cgi script allows ...)
+CVE-1999-1051
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1050 (Directory traversal vulnerability in Matt Wright FormHandler.cgi ...)
+CVE-1999-1050
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1049 (ARCserve NT agents use weak encryption (XOR) for passwords, which ...)
+CVE-1999-1049
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1046 (Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to ...)
+CVE-1999-1046
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1043 (Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) ...)
+CVE-1999-1043
 	NOT-FOR-US: Microsoft
-CVE-1999-1042 (Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log ...)
+CVE-1999-1042
 	NOT-FOR-US: Cisco
-CVE-1999-1041 (Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 ...)
+CVE-1999-1041
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1040 (Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on ...)
+CVE-1999-1040
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1039 (Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches ...)
+CVE-1999-1039
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1038 (Tiger 2.2.3 allows local users to overwrite arbitrary files via a ...)
+CVE-1999-1038
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1036 (COPS 1.04 allows local users to overwrite or create arbitrary files ...)
+CVE-1999-1036
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1033 (Microsoft Outlook Express before 4.72.3612.1700 allows a malicious ...)
+CVE-1999-1033
 	NOT-FOR-US: Microsoft
-CVE-1999-1031 (counter.exe 2.70 allows a remote attacker to cause a denial of service ...)
+CVE-1999-1031
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1030 (counter.exe 2.70 allows a remote attacker to cause a denial of ...)
+CVE-1999-1030
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1029 (SSH server (sshd2) before 2.0.12 does not properly record login ...)
+CVE-1999-1029
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1026 (aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files ...)
+CVE-1999-1026
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1025 (CDE screen lock program (screenlock) on Solaris 2.6 does not properly ...)
+CVE-1999-1025
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1024 (ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a ...)
+CVE-1999-1024
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1023 (useradd in Solaris 7.0 does not properly interpret certain date ...)
+CVE-1999-1023
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1022 (serial_ports administrative program in IRIX 4.x and 5.x trusts the ...)
+CVE-1999-1022
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1020 (The installation of Novell Netware NDS 5.99 provides an ...)
+CVE-1999-1020
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1018 (IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP ...)
+CVE-1999-1018
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1017 (Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail ...)
+CVE-1999-1017
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1016 (Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) ...)
+CVE-1999-1016
 	NOT-FOR-US: Microsoft
-CVE-1999-1015 (Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and ...)
+CVE-1999-1015
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1013 (named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group ...)
+CVE-1999-1013
 	NOT-FOR-US: AIX
-CVE-1999-1012 (SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other ...)
+CVE-1999-1012
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1009 (The Disney Go Express Search allows remote attackers to access and ...)
+CVE-1999-1009
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1006 (Groupwise web server GWWEB.EXE allows remote attackers to determine ...)
+CVE-1999-1006
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1003 (War FTP Daemon 1.70 allows remote attackers to cause a denial of ...)
+CVE-1999-1003
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1002 (Netscape Navigator uses weak encryption for storing a user's Netscape ...)
+CVE-1999-1002
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0993 (Modifications to ACLs (Access Control Lists) in Microsoft Exchange  ...)
+CVE-1999-0993
 	NOT-FOR-US: Microsoft
-CVE-1999-0990 (Error messages generated by gdm with the VerboseAuth setting allows an ...)
+CVE-1999-0990
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0988 (UnixWare pkgtrans allows local users to read arbitrary files via a ...)
+CVE-1999-0988
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0985 (CC Whois program whois.cgi allows remote attackers to execute commands ...)
+CVE-1999-0985
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0984 (Matt's Whois program whois.cgi allows remote attackers to ...)
+CVE-1999-0984
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0983 (Whois Internic Lookup program whois.cgi allows remote attackers to ...)
+CVE-1999-0983
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0970 (The OmniHTTPD visadmin.exe program allows a remote attacker to conduct ...)
+CVE-1999-0970
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0952 (Buffer overflow in Solaris lpstat via class argument allows local ...)
+CVE-1999-0952
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0949 (Buffer overflow in canuum program for Canna input system allows local ...)
+CVE-1999-0949
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0948 (Buffer overflow in uum program for Canna input system allows local ...)
+CVE-1999-0948
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0944 (IBM WebSphere ikeyman tool uses weak encryption to store ...)
+CVE-1999-0944
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0941 (Mutt mail client allows a remote attacker to execute commands via ...)
+CVE-1999-0941
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0929 (Novell NetWare with Novell-HTTP-Server or YAWN web servers allows ...)
+CVE-1999-0929
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0926 (Apache allows remote attackers to conduct a denial of service via a ...)
+CVE-1999-0926
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0925 (UnityMail allows remote attackers to conduct a denial of service via a ...)
+CVE-1999-0925
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0923 (Sample runnable code snippets in ColdFusion Server 4.0 allow remote ...)
+CVE-1999-0923
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0919 (A memory leak in a Motorola CableRouter allows remote attackers to ...)
+CVE-1999-0919
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0913 (dfire.cgi script in Dragon-Fire IDS allows remote users to execute ...)
+CVE-1999-0913
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0911 (Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote ...)
+CVE-1999-0911
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0910 (Microsoft Site Server and Commercial Internet System (MCIS) do not set ...)
+CVE-1999-0910
 	NOT-FOR-US: Microsoft
-CVE-1999-0885 (Alibaba web server allows remote attackers to execute commands via a ...)
+CVE-1999-0885
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0882 (Falcon web server allows remote attackers to determine the absolute ...)
+CVE-1999-0882
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0872 (Buffer overflow in Vixie cron allows local users to gain root access ...)
+CVE-1999-0872
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0863 (Buffer overflow in FreeBSD seyon via HOME environmental variable, ...)
+CVE-1999-0863
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0862 (Insecure directory permissions in RPM distribution for PostgreSQL ...)
+CVE-1999-0862
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0860 (Solaris chkperm allows local users to read files owned by bin via ...)
+CVE-1999-0860
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0857 (FreeBSD gdc program allows local users to modify files via a symlink ...)
+CVE-1999-0857
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0855 (Buffer overflow in FreeBSD gdc program. ...)
+CVE-1999-0855
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0852 (IBM WebSphere sets permissions that allow a local user to modify a ...)
+CVE-1999-0852
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0850 (The default permissions for Endymion MailMan allow local users to read ...)
+CVE-1999-0850
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0846 (Denial of service in MDaemon 2.7 via a large number of connection ...)
+CVE-1999-0846
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0845 (Buffer overflow in SCO su program allows local users to gain root ...)
+CVE-1999-0845
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0844 (Denial of service in MDaemon WorldClient and WebConfig services via ...)
+CVE-1999-0844
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0843 (Denial of service in Cisco routers running NAT via a PORT command from ...)
+CVE-1999-0843
 	NOT-FOR-US: Cisco
-CVE-1999-0841 (Buffer overflow in CDE mailtool allows local users to gain root ...)
+CVE-1999-0841
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0840 (Buffer overflow in CDE dtmail and dtmailpr programs allows local users ...)
+CVE-1999-0840
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0830 (Buffer overflow in SCO UnixWare Xsco command via a long argument. ...)
+CVE-1999-0830
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0829 (HP Secure Web Console uses weak encryption. ...)
+CVE-1999-0829
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0828 (UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam ...)
+CVE-1999-0828
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0827 (By default, Internet Explorer 5.0 and other versions enables the ...)
+CVE-1999-0827
 	NOT-FOR-US: Microsoft
-CVE-1999-0825 (The default permissions for UnixWare /var/mail allow local users to ...)
+CVE-1999-0825
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0822 (Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via ...)
+CVE-1999-0822
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0821 (FreeBSD seyon allows local users to gain privileges by providing a ...)
+CVE-1999-0821
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0818 (Buffer overflow in Solaris kcms_configure via a long NETPATH ...)
+CVE-1999-0818
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0816 (The Motorola CableRouter allows any remote user to connect to and ...)
+CVE-1999-0816
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0808 (Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 ...)
+CVE-1999-0808
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0805 (Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and ...)
+CVE-1999-0805
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0798 (Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via ...)
+CVE-1999-0798
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0795 (The NIS+ rpc.nisd server allows remote attackers to execute certain ...)
+CVE-1999-0795
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0792 (ROUTERmate has a default SNMP community name which allows remote ...)
+CVE-1999-0792
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0784 (Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed ...)
+CVE-1999-0784
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0776 (Alibaba HTTP server allows remote attackers to read files via a ...)
+CVE-1999-0776
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0767 (Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES ...)
+CVE-1999-0767
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0757 (The ColdFusion CFCRYPT program for encrypting CFML templates has weak ...)
+CVE-1999-0757
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0750 (Hotmail allows Javascript to be executed via the HTML STYLE tag, ...)
+CVE-1999-0750
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0748 (Buffer overflows in Red Hat net-tools package. ...)
+CVE-1999-0748
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0741 (QMS CrownNet Unix Utilities for 2060 allows root to log on without a ...)
+CVE-1999-0741
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0739 (The codebrws.asp sample file in IIS and Site Server allows remote ...)
+CVE-1999-0739
 	NOT-FOR-US: Microsoft
-CVE-1999-0738 (The code.asp sample file in IIS and Site Server allows remote ...)
+CVE-1999-0738
 	NOT-FOR-US: Microsoft
-CVE-1999-0737 (The viewcode.asp sample file in IIS and Site Server allows remote ...)
+CVE-1999-0737
 	NOT-FOR-US: Microsoft
-CVE-1999-0736 (The showcode.asp sample file in IIS and Site Server allows remote ...)
+CVE-1999-0736
 	NOT-FOR-US: Microsoft
-CVE-1999-0712 (A vulnerability in Caldera Open Administration System (COAS) allows ...)
+CVE-1999-0712
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0698 (Denial of service in IP protocol logger (ippl) on Red Hat and Debian ...)
+CVE-1999-0698
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0684 (Denial of service in Sendmail 8.8.6 in HPUX. ...)
+CVE-1999-0684
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0677 (The WebRamp web administration utility has a default password. ...)
+CVE-1999-0677
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0673 (Buffer overflow in ALMail32 POP3 client via From: or To: headers. ...)
+CVE-1999-0673
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0670 (Buffer overflow in the Eyedog ActiveX control allows a remote attacker ...)
+CVE-1999-0670
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0669 (The Eyedog ActiveX control is marked as &quot;safe for scripting&quot; for ...)
+CVE-1999-0669
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0667 (The ARP protocol allows any host to spoof ARP replies and poison the ...)
+CVE-1999-0667
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0665 (An application-critical Windows NT registry key has an inappropriate ...)
+CVE-1999-0665
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0664 (An application-critical Windows NT registry key has inappropriate ...)
+CVE-1999-0664
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0663 (A system-critical program, library, or file has a checksum or other ...)
+CVE-1999-0663
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0662 (A system-critical program or library does not have the appropriate ...)
+CVE-1999-0662
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0661 (A system is running a version of software that was replaced with a ...)
+CVE-1999-0661
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0660
 	REJECTED
@@ -2631,21 +2631,21 @@ CVE-1999-0659
 	REJECTED
 CVE-1999-0658
 	REJECTED
-CVE-1999-0657 (WinGate is being used. ...)
+CVE-1999-0657
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0656 (The ugidd RPC interface, by design, allows remote attackers to ...)
+CVE-1999-0656
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0655
 	REJECTED
-CVE-1999-0654 (The OS/2 or POSIX subsystem in NT is enabled. ...)
+CVE-1999-0654
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0653 (A component service related to NIS+ is running. ...)
+CVE-1999-0653
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0652
 	REJECTED
-CVE-1999-0651 (The rsh/rlogin service is running. ...)
+CVE-1999-0651
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0650 (The netstat service is running, which provides sensitive information ...)
+CVE-1999-0650
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0649
 	REJECTED
@@ -2663,35 +2663,35 @@ CVE-1999-0643
 	REJECTED
 CVE-1999-0642
 	REJECTED
-CVE-1999-0641 (The UUCP service is running. ...)
+CVE-1999-0641
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0640 (The Gopher service is running. ...)
+CVE-1999-0640
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0639 (The chargen service is running. ...)
+CVE-1999-0639
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0638 (The daytime service is running. ...)
+CVE-1999-0638
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0637 (The systat service is running. ...)
+CVE-1999-0637
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0636 (The discard service is running. ...)
+CVE-1999-0636
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0635 (The echo service is running. ...)
+CVE-1999-0635
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0634
 	REJECTED
 CVE-1999-0633
 	REJECTED
-CVE-1999-0632 (The RPC portmapper service is running. ...)
+CVE-1999-0632
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0631
 	REJECTED
-CVE-1999-0630 (The NT Alerter and Messenger services are running. ...)
+CVE-1999-0630
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0629 (The ident/identd service is running. ...)
+CVE-1999-0629
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0625 (The rpc.rquotad service is running. ...)
+CVE-1999-0625
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0624 (The rstat/rstatd service is running. ...)
+CVE-1999-0624
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0623
 	REJECTED
@@ -2703,7 +2703,7 @@ CVE-1999-0620
 	REJECTED
 CVE-1999-0619
 	REJECTED
-CVE-1999-0618 (The rexec service is running. ...)
+CVE-1999-0618
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0617
 	REJECTED
@@ -2713,451 +2713,451 @@ CVE-1999-0615
 	REJECTED
 CVE-1999-0614
 	REJECTED
-CVE-1999-0613 (The rpc.sprayd service is running. ...)
+CVE-1999-0613
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0611 (A system-critical Windows NT registry key has an inappropriate value. ...)
+CVE-1999-0611
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0610 (An incorrect configuration of the Webcart CGI program ...)
+CVE-1999-0610
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0609 (An incorrect configuration of the SoftCart CGI program ...)
+CVE-1999-0609
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0607 (quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under ...)
+CVE-1999-0607
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0606 (An incorrect configuration of the EZMall 2000 shopping cart  ...)
+CVE-1999-0606
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0605 (An incorrect configuration of the Order Form 1.0 shopping cart  ...)
+CVE-1999-0605
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0604 (An incorrect configuration of the WebStore 1.0 shopping cart ...)
+CVE-1999-0604
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0603 (In Windows NT, an inappropriate user is a member of a group, ...)
+CVE-1999-0603
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0602 (A network intrusion detection system (IDS) does not properly ...)
+CVE-1999-0602
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0601 (A network intrusion detection system (IDS) does not properly handle ...)
+CVE-1999-0601
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0600 (A network intrusion detection system (IDS) does not verify the ...)
+CVE-1999-0600
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0599 (A network intrusion detection system (IDS) does not properly handle ...)
+CVE-1999-0599
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0598 (A network intrusion detection system (IDS) does not properly handle ...)
+CVE-1999-0598
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0597 (A Windows NT account policy does not forcibly disconnect remote users ...)
+CVE-1999-0597
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0596 (A Windows NT log file has an inappropriate maximum size or retention ...)
+CVE-1999-0596
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0595 (A Windows NT system does not clear the system page file during ...)
+CVE-1999-0595
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0594 (A Windows NT system does not restrict access to removable media drives ...)
+CVE-1999-0594
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0593 (The default setting for the Winlogon key entry ShutdownWithoutLogon in ...)
+CVE-1999-0593
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0592 (The Logon box of a Windows NT system displays the name of the last ...)
+CVE-1999-0592
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0591 (An event log in Windows NT has inappropriate access permissions. ...)
+CVE-1999-0591
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0590 (A system does not present an appropriate legal message or warning to a ...)
+CVE-1999-0590
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0589 (A system-critical Windows NT registry key has inappropriate ...)
+CVE-1999-0589
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0588 (A filter in a router or firewall allows unusual fragmented packets. ...)
+CVE-1999-0588
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0587 (A WWW server is not running in a restricted file system, e.g. through ...)
+CVE-1999-0587
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0586 (A network service is running on a nonstandard port. ...)
+CVE-1999-0586
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0585 (A Windows NT administrator account has the default name of ...)
+CVE-1999-0585
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0584 (A Windows NT file system is not NTFS. ...)
+CVE-1999-0584
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0583 (There is a one-way or two-way trust relationship between Windows NT ...)
+CVE-1999-0583
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0582 (A Windows NT account policy has inappropriate, security-critical ...)
+CVE-1999-0582
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0581 (The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, ...)
+CVE-1999-0581
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0580 (The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, ...)
+CVE-1999-0580
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0579 (A Windows NT system's registry audit policy does not log an event ...)
+CVE-1999-0579
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0578 (A Windows NT system's registry audit policy does not log an event ...)
+CVE-1999-0578
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0577 (A Windows NT system's file audit policy does not log an event success ...)
+CVE-1999-0577
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0576 (A Windows NT system's file audit policy does not log an event success ...)
+CVE-1999-0576
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0575 (A Windows NT system's user audit policy does not log an event success ...)
+CVE-1999-0575
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0572 (.reg files are associated with the Windows NT registry editor ...)
+CVE-1999-0572
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0571 (A router's configuration service or management interface (such as a ...)
+CVE-1999-0571
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0570 (Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. ...)
+CVE-1999-0570
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0569 (A URL for a WWW directory allows auto-indexing, which provides a list ...)
+CVE-1999-0569
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0568 (rpc.admind in Solaris is not running in a secure mode. ...)
+CVE-1999-0568
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0565 (A Sendmail alias allows input to be piped to a program. ...)
+CVE-1999-0565
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0564 (An attacker can force a printer to print arbitrary documents (e.g. if ...)
+CVE-1999-0564
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0562 (The registry in Windows NT can be accessed remotely by users who are ...)
+CVE-1999-0562
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0561 (IIS has the #exec function enabled for Server Side Include (SSI) files. ...)
+CVE-1999-0561
 	NOT-FOR-US: Microsoft
-CVE-1999-0560 (A system-critical Windows NT file or directory has inappropriate ...)
+CVE-1999-0560
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0559 (A system-critical Unix file or directory has inappropriate ...)
+CVE-1999-0559
 	- webmin 1.160-1
-CVE-1999-0556 (Two or more Unix accounts have the same UID. ...)
+CVE-1999-0556
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0555 (A Unix account with a name other than &quot;root&quot; has UID 0, i.e. root ...)
+CVE-1999-0555
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0554 (NFS exports system-critical data to the world, e.g. / or a password ...)
+CVE-1999-0554
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0550 (A router's routing tables can be obtained from arbitrary hosts. ...)
+CVE-1999-0550
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0549 (Windows NT automatically logs in an administrator upon rebooting. ...)
+CVE-1999-0549
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0548 (A superfluous NFS server is running, but it is not importing or exporting ...)
+CVE-1999-0548
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0547 (An SSH server allows authentication through the .rhosts file. ...)
+CVE-1999-0547
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0546 (The Windows NT guest account is enabled. ...)
+CVE-1999-0546
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0541 (A password for accessing a WWW URL is guessable. ...)
+CVE-1999-0541
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0539 (A trust relationship exists between two Unix hosts. ...)
+CVE-1999-0539
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0537 (A configuration in a web browser such as Internet Explorer or Netscape ...)
+CVE-1999-0537
 	NOT-FOR-US: Microsoft
-CVE-1999-0535 (A Windows NT account policy for passwords has inappropriate, ...)
+CVE-1999-0535
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0534 (A Windows NT user has inappropriate rights or privileges, e.g. Act as ...)
+CVE-1999-0534
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0533 (A DNS server allows inverse queries. ...)
+CVE-1999-0533
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0532 (A DNS server allows zone transfers. ...)
+CVE-1999-0532
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0531
 	REJECTED
-CVE-1999-0530 (A system is operating in &quot;promiscuous&quot; mode which allows it to perform ...)
+CVE-1999-0530
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0529 (A router or firewall forwards packets that claim to come from IANA ...)
+CVE-1999-0529
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0528 (A router or firewall forwards external packets that claim to come from ...)
+CVE-1999-0528
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0527 (The permissions for system-critical data in an anonymous FTP account ...)
+CVE-1999-0527
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0525 (IP traceroute is allowed from arbitrary hosts. ...)
+CVE-1999-0525
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0524 (ICMP information such as (1) netmask and (2) timestamp is allowed from ...)
+CVE-1999-0524
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0523 (ICMP echo (ping) is allowed from arbitrary hosts. ...)
+CVE-1999-0523
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0522 (The permissions for a system-critical NIS+ table (e.g. passwd) are ...)
+CVE-1999-0522
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0521 (An NIS domain name is easily guessable. ...)
+CVE-1999-0521
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0520 (A system-critical NETBIOS/SMB share has inappropriate access control. ...)
+CVE-1999-0520
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0519 (A NETBIOS/SMB share password is the default, null, or missing. ...)
+CVE-1999-0519
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0518 (A NETBIOS/SMB share password is guessable. ...)
+CVE-1999-0518
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0517 (An SNMP community name is the default (e.g. public), null, or ...)
+CVE-1999-0517
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0516 (An SNMP community name is guessable. ...)
+CVE-1999-0516
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0515 (An unrestricted remote trust relationship for Unix systems has been ...)
+CVE-1999-0515
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0512 (A mail server is explicitly configured to allow SMTP mail relay, which ...)
+CVE-1999-0512
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0511 (IP forwarding is enabled on a machine which is not a router or ...)
+CVE-1999-0511
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0510 (A router or firewall allows source routed packets from arbitrary ...)
+CVE-1999-0510
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0509 (Perl, sh, csh, or other shell interpreters are installed in the ...)
+CVE-1999-0509
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0508 (An account on a router, firewall, or other network device has a ...)
+CVE-1999-0508
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0507 (An account on a router, firewall, or other network device has a guessable ...)
+CVE-1999-0507
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0506 (A Windows NT domain user or administrator account has a default, null, ...)
+CVE-1999-0506
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0505 (A Windows NT domain user or administrator account has a guessable ...)
+CVE-1999-0505
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0504 (A Windows NT local user or administrator account has a default, null, ...)
+CVE-1999-0504
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0503 (A Windows NT local user or administrator account has a guessable ...)
+CVE-1999-0503
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0502 (A Unix account has a default, null, blank, or missing password. ...)
+CVE-1999-0502
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0501 (A Unix account has a guessable password. ...)
+CVE-1999-0501
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0499 (NETBIOS share information may be published through SNMP registry keys ...)
+CVE-1999-0499
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0498 (TFTP is not running in a restricted directory, allowing a remote ...)
+CVE-1999-0498
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0497 (Anonymous FTP is enabled. ...)
+CVE-1999-0497
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0495 (A remote attacker can gain access to a file system using ..  (dot dot) ...)
+CVE-1999-0495
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0492 (The ffingerd 1.19 allows remote attackers to identify users on the ...)
+CVE-1999-0492
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0490 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn ...)
+CVE-1999-0490
 	NOT-FOR-US: Microsoft
-CVE-1999-0489 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste ...)
+CVE-1999-0489
 	NOT-FOR-US: Microsoft
-CVE-1999-0488 (Internet Explorer 4.0 and 5.0 allows a remote attacker to execute ...)
+CVE-1999-0488
 	NOT-FOR-US: Microsoft
-CVE-1999-0486 (Denial of service in AOL Instant Messenger when a remote attacker ...)
+CVE-1999-0486
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0480 (Local attackers can conduct a denial of service in Midnight Commander ...)
+CVE-1999-0480
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0477 (The Expression Evaluator in the ColdFusion Application Server allows a ...)
+CVE-1999-0477
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0476 (A weak encryption algorithm is used for passwords in SCO TermVision, ...)
+CVE-1999-0476
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0469 (Internet Explorer 5.0 allows window spoofing, allowing a remote ...)
+CVE-1999-0469
 	NOT-FOR-US: Microsoft
-CVE-1999-0467 (The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a ...)
+CVE-1999-0467
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0465 (Remote attackers can crash Lynx and Internet Explorer using an IMG tag ...)
+CVE-1999-0465
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0462 (suidperl in Linux Perl does not check the nosuid mount option on file ...)
+CVE-1999-0462
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0461 (Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind ...)
+CVE-1999-0461
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0460 (Buffer overflow in Linux autofs module through long directory names ...)
+CVE-1999-0460
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0459 (Local users can perform a denial of service in Alpha Linux, using MILO ...)
+CVE-1999-0459
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0455 (The Expression Evaluator sample application in ColdFusion allows ...)
+CVE-1999-0455
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0454 (A remote attacker can sometimes identify the operating system of a ...)
+CVE-1999-0454
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0453 (An attacker can identify a CISCO device by sending a SYN packet to ...)
+CVE-1999-0453
 	NOT-FOR-US: Cisco
-CVE-1999-0452 (A service or application has a backdoor password that was placed there ...)
+CVE-1999-0452
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0451 (Denial of service in Linux 2.0.36 allows local users to prevent ...)
+CVE-1999-0451
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0450 (In IIS, an attacker could determine a real path using a request for a ...)
+CVE-1999-0450
 	NOT-FOR-US: Microsoft
-CVE-1999-0444 (Remote attackers can perform a denial of service in Windows machines ...)
+CVE-1999-0444
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0443 (Patrol management software allows a remote attacker to conduct a ...)
+CVE-1999-0443
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0435 (MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain ...)
+CVE-1999-0435
 	NOT-FOR-US: HP-UX
-CVE-1999-0434 (XFree86 xfs command is vulnerable to a symlink attack, allowing ...)
+CVE-1999-0434
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0431 (Linux 2.2.3 and earlier allow a remote attacker to perform an IP ...)
+CVE-1999-0431
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0427 (Eudora 4.1 allows remote attackers to perform a denial of service by ...)
+CVE-1999-0427
 	NOT-FOR-US: Eudora
-CVE-1999-0426 (The default permissions of /dev/kmem in Linux versions before 2.0.36 ...)
+CVE-1999-0426
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0419 (When the Microsoft SMTP service attempts to send a message to a server ...)
+CVE-1999-0419
 	NOT-FOR-US: Microsoft
-CVE-1999-0418 (Denial of service in SMTP applications such as Sendmail, when a ...)
+CVE-1999-0418
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0411 (Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, ...)
+CVE-1999-0411
 	NOT-FOR-US: SCO
-CVE-1999-0406 (Digital Unix Networker program nsralist has a buffer overflow which ...)
+CVE-1999-0406
 	NOT-FOR-US: DEC UNIX
-CVE-1999-0401 (A race condition in Linux 2.2.1 allows local users to read arbitrary ...)
+CVE-1999-0401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0400 (Denial of service in Linux 2.2.0 running the ldd command on a core ...)
+CVE-1999-0400
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0399 (The DCC server command in the Mirc 5.5 client doesn't filter ...)
+CVE-1999-0399
 	NOT-FOR-US: Mirc
-CVE-1999-0398 (In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will ...)
+CVE-1999-0398
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0397 (The demo version of the Quakenbush NT Password Appraiser sends ...)
+CVE-1999-0397
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0394 (DPEC Online Courseware allows an attacker to change another user's ...)
+CVE-1999-0394
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0389 (Buffer overflow in the bootp server in the Debian Linux netstd ...)
+CVE-1999-0389
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0381 (super 3.11.6 and other versions have a buffer overflow in the syslog ...)
+CVE-1999-0381
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0370 (In Sun Solaris and SunOS, man and catman contain vulnerabilities ...)
+CVE-1999-0370
 	NOT-FOR-US: Sun
-CVE-1999-0364 (Microsoft Access 97 stores a database password as plaintext in a ...)
+CVE-1999-0364
 	NOT-FOR-US: Microsoft
-CVE-1999-0361 (NetWare version of LaserFiche stores usernames and passwords ...)
+CVE-1999-0361
 	NOT-FOR-US: NetWare
-CVE-1999-0360 (MS Site Server 2.0 with IIS 4 can allow users to upload content, ...)
+CVE-1999-0360
 	NOT-FOR-US: Windows
-CVE-1999-0359 (ptylogin in Unix systems allows users to perform a denial of service ...)
+CVE-1999-0359
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0356 (ControlIT v4.5 and earlier uses weak encryption to store ...)
+CVE-1999-0356
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0354 (Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution ...)
+CVE-1999-0354
 	NOT-FOR-US: Windows
-CVE-1999-0352 (ControlIT 4.5 and earlier (aka Remotely Possible) has weak password ...)
+CVE-1999-0352
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0347 (Internet Explorer 4.01 allows remote attackers to read local files and ...)
+CVE-1999-0347
 	NOT-FOR-US: Windows
-CVE-1999-0345 (Jolt ICMP attack causes a denial of service in Windows 95 and Windows ...)
+CVE-1999-0345
 	NOT-FOR-US: Windows
-CVE-1999-0336 (Buffer overflow in mstm in HP-UX allows local users to gain root ...)
+CVE-1999-0336
 	NOT-FOR-US: HP
-CVE-1999-0333 (HP OpenView Omniback allows remote execution of commands as root via ...)
+CVE-1999-0333
 	NOT-FOR-US: HP
-CVE-1999-0331 (Buffer overflow in Internet Explorer 4.0(1). ...)
+CVE-1999-0331
 	NOT-FOR-US: Windows
-CVE-1999-0330 (Linux bdash game has a buffer overflow that allows local users to ...)
+CVE-1999-0330
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0319 (Buffer overflow in xmcd 2.1 allows local users to gain access ...)
+CVE-1999-0319
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0317 (Buffer overflow in Linux su command gives root access to local ...)
+CVE-1999-0317
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0307 (Buffer overflow in HP-UX cstm program allows local users to gain ...)
+CVE-1999-0307
 	NOT-FOR-US: HP
-CVE-1999-0306 (buffer overflow in HP xlock program. ...)
+CVE-1999-0306
 	NOT-FOR-US: HP
-CVE-1999-0298 (ypbind with -ypset and -ypsetme options activated in Linux Slackware ...)
+CVE-1999-0298
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0287 (Vulnerability in the Wguest CGI program. ...)
+CVE-1999-0287
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0286 (In some NT web servers, appending a space at the end of a URL may ...)
+CVE-1999-0286
 	NOT-FOR-US: Windows
-CVE-1999-0285 (Denial of service in telnet from the Windows NT Resource Kit, by ...)
+CVE-1999-0285
 	NOT-FOR-US: Windows
-CVE-1999-0284 (Denial of service to NT mail servers including Ipswitch, Mdaemon, and ...)
+CVE-1999-0284
 	NOT-FOR-US: Windows
-CVE-1999-0283 (The Java Web Server would allow remote users to obtain the source ...)
+CVE-1999-0283
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0282
 	REJECTED
-CVE-1999-0271 (Progressive Networks Real Video server (pnserver) can be crashed remotely. ...)
+CVE-1999-0271
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0261 (Netmanager Chameleon SMTPd has several buffer overflows that cause a crash. ...)
+CVE-1999-0261
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0258 (Bonk variation of teardrop IP fragmentation denial of service. ...)
+CVE-1999-0258
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0257 (Nestea variation of teardrop IP fragmentation denial of service. ...)
+CVE-1999-0257
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0255 (Buffer overflow in ircd allows arbitrary command execution. ...)
+CVE-1999-0255
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0254 (A hidden SNMP community string in HP OpenView allows remote attackers ...)
+CVE-1999-0254
 	NOT-FOR-US: HP
-CVE-1999-0253 (IIS 3.0 with the iis-fix hotfix installed allows remote intruders to ...)
+CVE-1999-0253
 	NOT-FOR-US: Windows
-CVE-1999-0250 (Denial of service in Qmail through long SMTP commands. ...)
+CVE-1999-0250
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0249 (Windows NT RSHSVC program allows remote users to execute arbitrary ...)
+CVE-1999-0249
 	NOT-FOR-US: Windows
-CVE-1999-0246 (HP Remote Watch allows a remote user to gain root access. ...)
+CVE-1999-0246
 	NOT-FOR-US: HP
-CVE-1999-0243 (Linux cfingerd could be exploited to gain root access. ...)
+CVE-1999-0243
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0242 (Remote attackers can access mail files via POP3 in some Linux systems ...)
+CVE-1999-0242
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0241 (Guessable magic cookies in X Windows allows remote attackers to ...)
+CVE-1999-0241
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0240 (Some filters or firewalls allow fragmented SYN packets with IP ...)
+CVE-1999-0240
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0238 (php.cgi allows attackers to read any file on the system. ...)
+CVE-1999-0238
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0235 (Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access. ...)
+CVE-1999-0235
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0232 (Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. ...)
+CVE-1999-0232
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0231 (Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 ...)
+CVE-1999-0231
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0229 (Denial of service in Windows NT IIS server using ..\.. ...)
+CVE-1999-0229
 	NOT-FOR-US: Windows
-CVE-1999-0226 (Windows NT TCP/IP processes fragmented IP packets improperly, causing ...)
+CVE-1999-0226
 	NOT-FOR-US: Windows
-CVE-1999-0222 (Denial of service in Cisco IOS web server allows attackers to reboot ...)
+CVE-1999-0222
 	NOT-FOR-US: Cisco
-CVE-1999-0220 (Attackers can do a denial of service of IRC by crashing the server. ...)
+CVE-1999-0220
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0216 (Denial of service of inetd on Linux through SYN and RST packets. ...)
+CVE-1999-0216
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0213 (libnsl in Solaris allowed an attacker to perform a denial of service ...)
+CVE-1999-0213
 	NOT-FOR-US: Solaris
-CVE-1999-0205 (Denial of service in Sendmail 8.6.11 and 8.6.12. ...)
+CVE-1999-0205
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0200 (Windows NT FTP server (WFTP) with the guest account enabled without a ...)
+CVE-1999-0200
 	NOT-FOR-US: Windows
-CVE-1999-0198 (finger .@host on some systems may print information on some user accounts. ...)
+CVE-1999-0198
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0197 (finger 0@host on some systems may print information on some user accounts. ...)
+CVE-1999-0197
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0195 (Denial of service in RPC portmapper allows attackers to register or ...)
+CVE-1999-0195
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0193 (Denial of service in Ascend and 3com routers, which can be rebooted by ...)
+CVE-1999-0193
 	NOT-FOR-US: Ascend/3com
 CVE-1999-0187
 	REJECTED
-CVE-1999-0186 (In Solaris, an SNMP subagent has a default community string that allows remote ...)
+CVE-1999-0186
 	NOT-FOR-US: Solaris
-CVE-1999-0171 (Denial of service in syslog by sending it a large number of ...)
+CVE-1999-0171
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0169 (NFS allows attackers to read and write any file on the system by ...)
+CVE-1999-0169
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0165 (NFS cache poisoning. ...)
+CVE-1999-0165
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0163 (In older versions of Sendmail, an attacker could use a pipe character ...)
+CVE-1999-0163
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0156 (wu-ftpd FTP daemon allows any user and password combination. ...)
+CVE-1999-0156
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0154 (IIS 2.0 and 3.0 allows remote attackers to read the source code for ...)
+CVE-1999-0154
 	NOT-FOR-US: Windows
-CVE-1999-0144 (Denial of service in Qmail by specifying a large number of recipients ...)
+CVE-1999-0144
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0140 (Denial of service in RAS/PPTP on NT systems. ...)
+CVE-1999-0140
 	NOT-FOR-US: Windows
-CVE-1999-0127 (swinstall and swmodify commands in SD-UX package in HP-UX systems ...)
+CVE-1999-0127
 	NOT-FOR-US: HP-UX
-CVE-1999-0123 (Race condition in Linux mailx command allows local users to ...)
+CVE-1999-0123
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0121 (Buffer overflow in dtaction command gives root access. ...)
+CVE-1999-0121
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0119 (Windows NT 4.0 beta allows users to read and delete shares. ...)
+CVE-1999-0119
 	NOT-FOR-US: Windows
-CVE-1999-0114 (Local users can execute commands as other users, and read other users' ...)
+CVE-1999-0114
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0110
 	REJECTED
-CVE-1999-0107 (Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker ...)
+CVE-1999-0107
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0106 (Finger redirection allows finger bombs. ...)
+CVE-1999-0106
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0105 (finger allows recursive searches by using a long string of @ symbols. ...)
+CVE-1999-0105
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0104 (A later variation on the Teardrop IP denial of service attack, ...)
+CVE-1999-0104
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0098 (Buffer overflow in SMTP HELO command in Sendmail allows a remote ...)
+CVE-1999-0098
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0092 (Various vulnerabilities in the AIX portmir command allows ...)
+CVE-1999-0092
 	NOT-FOR-US: AIX
-CVE-1999-0089 (Buffer overflow in AIX libDtSvc library can allow local users ...)
+CVE-1999-0089
 	NOT-FOR-US: AIX
-CVE-1999-0088 (IRIX and AIX automountd services (autofsd) allow remote users to ...)
+CVE-1999-0088
 	NOT-FOR-US: AIX
-CVE-1999-0086 (AIX routed allows remote users to modify sensitive files. ...)
+CVE-1999-0086
 	NOT-FOR-US: AIX
-CVE-1999-0078 (pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, ...)
+CVE-1999-0078
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0076 (Buffer overflow in wu-ftp from PASV command causes a core dump. ...)
+CVE-1999-0076
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0061 (File creation and deletion, and remote execution, in the BSD ...)
+CVE-1999-0061
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0033 (Command execution in Sun systems via buffer overflow in the at ...)
+CVE-1999-0033
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0030 (root privileges via buffer overflow in xlock command on SGI IRIX ...)
+CVE-1999-0030
 	NOT-FOR-US: SGI
 CVE-1999-0020
 	REJECTED
-CVE-1999-0015 (Teardrop IP denial of service. ...)
+CVE-1999-0015
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0004 (MIME buffer overflow in email clients, e.g. Solaris mailtool ...)
+CVE-1999-0004
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0001 (ip_input.c in BSD-derived TCP/IP implementations allows remote ...)
+CVE-1999-0001
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2000.list b/data/CVE/2000.list
index dc3bc90af3..4c78bbf5d5 100644
--- a/data/CVE/2000.list
+++ b/data/CVE/2000.list
@@ -1,4 +1,4 @@
-CVE-2000-1254 (crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C ...)
+CVE-2000-1254
 	- openssl 0.9.6-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=db82b8f9bd432a59aea8e1014694e15fc457c2bb
 CVE-2000-1253
@@ -13,2479 +13,2479 @@ CVE-2000-1249
 	RESERVED
 CVE-2000-1248
 	RESERVED
-CVE-2000-1247 (The default configuration of the jserv-status handler in jserv.conf in ...)
+CVE-2000-1247
 	- apache <removed>
-CVE-2000-1246 (NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 ...)
+CVE-2000-1246
 	NOT-FOR-US: Novell NetWare
-CVE-2000-1245 (Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the ...)
+CVE-2000-1245
 	NOT-FOR-US: Novell NetWare
-CVE-2000-1244 (Computer Associates InoculateIT Agent for Exchange Server does not ...)
+CVE-2000-1244
 	NOT-FOR-US: Exchange Server
-CVE-2000-1243 (Privacy leak in Dansie Shopping Cart 3.04, and probably earlier ...)
+CVE-2000-1243
 	NOT-FOR-US: Dansie Shopping Cart
-CVE-2000-1242 (The HTTP service in American Power Conversion (APC) PowerChute uses a ...)
+CVE-2000-1242
 	NOT-FOR-US: APC PowerChute
-CVE-2000-1241 (Unspecified vulnerability in Haakon Nilsen simple, integrated ...)
+CVE-2000-1241
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1240 (Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 ...)
+CVE-2000-1240
 	NOT-FOR-US: AnyPortal
-CVE-2000-1239 (The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM ...)
+CVE-2000-1239
 	NOT-FOR-US: Tivoli
-CVE-2000-1238 (BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows ...)
+CVE-2000-1238
 	NOT-FOR-US: BEA Weblogic
-CVE-2000-1237 (The POP3 server in FTGate returns an -ERR code after receiving an ...)
+CVE-2000-1237
 	NOT-FOR-US: FTGate
-CVE-2000-1236 (SQL injection vulnerability in mod_sql in Oracle Internet Application ...)
+CVE-2000-1236
 	NOT-FOR-US: Oracle
-CVE-2000-1235 (The default configurations of (1) the port listener and (2) modplsql ...)
+CVE-2000-1235
 	NOT-FOR-US: Oracle
-CVE-2000-1234 (violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails ...)
+CVE-2000-1234
 	NOT-FOR-US: Phorum
-CVE-2000-1233 (SQL injection vulnerability in read.php3 and other scripts in Phorum ...)
+CVE-2000-1233
 	NOT-FOR-US: Phorum
-CVE-2000-1232 (upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify ...)
+CVE-2000-1232
 	NOT-FOR-US: Phorum
-CVE-2000-1231 (code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary ...)
+CVE-2000-1231
 	NOT-FOR-US: Phorum
-CVE-2000-1230 (Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to ...)
+CVE-2000-1230
 	NOT-FOR-US: Phorum
-CVE-2000-1229 (Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum ...)
+CVE-2000-1229
 	NOT-FOR-US: Phorum
-CVE-2000-1228 (Phorum 3.0.7 allows remote attackers to change the administrator ...)
+CVE-2000-1228
 	NOT-FOR-US: Phorum
-CVE-2000-1227 (Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause ...)
+CVE-2000-1227
 	NOT-FOR-US: microsoft
-CVE-2000-1226 (Snort 1.6, when running in straight ASCII packet logging mode or IDS ...)
+CVE-2000-1226
 	- snort 1.6.1-1
-CVE-2000-1225 (Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin ...)
+CVE-2000-1225
 	NOT-FOR-US: Xitami
-CVE-2000-1224 (Caucho Technology Resin 1.2 and possibly earlier allows remote ...)
+CVE-2000-1224
 	NOT-FOR-US: Caucho Technology Resin
-CVE-2000-1223 (quikstore.cgi in Quikstore Shopping Cart allows remote attackers to ...)
+CVE-2000-1223
 	NOT-FOR-US: Quikstore Shopping Cart
-CVE-2000-1222 (AIX sysback before 4.2.1.13 uses a relative path to find and execute ...)
+CVE-2000-1222
 	NOT-FOR-US: AIX
-CVE-2000-1221 (The line printer daemon (lpd) in the lpr package in multiple Linux ...)
+CVE-2000-1221
 	- lpr 1:0.48-1
-CVE-2000-1220 (The line printer daemon (lpd) in the lpr package in multiple Linux ...)
+CVE-2000-1220
 	- lpr 1:0.48-1
-CVE-2000-1219 (The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not ...)
+CVE-2000-1219
 	- gcc-3.3 1:3.3.4-1
-CVE-2000-1218 (The default configuration for the domain name resolver for Microsoft ...)
+CVE-2000-1218
 	NOT-FOR-US: Windows
-CVE-2000-1217 (Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a ...)
+CVE-2000-1217
 	NOT-FOR-US: Windows
-CVE-2000-1216 (Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt ...)
+CVE-2000-1216
 	NOT-FOR-US: AIX
-CVE-2000-1215 (The default configuration of Lotus Domino server 5.0.8 includes system ...)
+CVE-2000-1215
 	NOT-FOR-US: Lotus Domino
-CVE-2000-1212 (Zope 2.2.0 through 2.2.4 does not properly protect a data updating ...)
+CVE-2000-1212
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1211 (Zope 2.2.0 through 2.2.4 does not properly perform security ...)
+CVE-2000-1211
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1210 (Directory traversal vulnerability in source.jsp of Apache Tomcat ...)
+CVE-2000-1210
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1203 (Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to ...)
+CVE-2000-1203
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1200 (Windows NT allows remote attackers to list all users in a domain by ...)
+CVE-2000-1200
 	NOT-FOR-US: Microsoft
-CVE-2000-1196 (PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows ...)
+CVE-2000-1196
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1195 (telnet daemon (telnetd) from the Linux netkit package before ...)
+CVE-2000-1195
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1193 (Performance Metrics Collector Daemon (PMCD) in Performance Copilot in ...)
+CVE-2000-1193
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1190 (imwheel-solo in imwheel package allows local users to modify arbitrary ...)
+CVE-2000-1190
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1189 (Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and ...)
+CVE-2000-1189
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1187 (Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows ...)
+CVE-2000-1187
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1184 (telnetd in FreeBSD 4.2 and earlier, and possibly other operating ...)
+CVE-2000-1184
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1182 (WatchGuard Firebox II allows remote attackers to cause a denial of ...)
+CVE-2000-1182
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1181 (Real Networks RealServer 7 and earlier allows remote attackers to ...)
+CVE-2000-1181
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1180 (Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control ...)
+CVE-2000-1180
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1179 (Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to ...)
+CVE-2000-1179
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1178 (Joe text editor follows symbolic links when creating a rescue copy ...)
+CVE-2000-1178
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1174 (Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and ...)
+CVE-2000-1174
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1171 (Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 ...)
+CVE-2000-1171
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1170 (Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows ...)
+CVE-2000-1170
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1169 (OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent ...)
+CVE-2000-1169
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1167 (ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict ...)
+CVE-2000-1167
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1166 (Twig webmail system does not properly set the &quot;vhosts&quot; variable if it ...)
+CVE-2000-1166
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1165 (Balabit syslog-ng allows remote attackers to cause a denial of service ...)
+CVE-2000-1165
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1164 (WinVNC installs the WinVNC3 registry key with permissions that give ...)
+CVE-2000-1164
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1163 (ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental ...)
+CVE-2000-1163
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1162 (ghostscript before 5.10-16 allows local users to overwrite files of ...)
+CVE-2000-1162
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1149 (Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server ...)
+CVE-2000-1149
 	NOT-FOR-US: Microsoft
-CVE-2000-1148 (The installation of VolanoChatPro chat server sets world-readable ...)
+CVE-2000-1148
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1146 (Recourse ManTrap 1.6 allows attackers to cause a denial of service via ...)
+CVE-2000-1146
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1145 (Recourse ManTrap 1.6 allows attackers who have gained root access to ...)
+CVE-2000-1145
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1144 (Recourse ManTrap 1.6 sets up a chroot environment to hide the fact ...)
+CVE-2000-1144
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1143 (Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris ...)
+CVE-2000-1143
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1142 (Recourse ManTrap 1.6 generates an error when an attacker cd's to ...)
+CVE-2000-1142
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1141 (Recourse ManTrap 1.6 modifies the kernel so that &quot;..&quot; does not appear ...)
+CVE-2000-1141
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1140 (Recourse ManTrap 1.6 does not properly hide processes from attackers, ...)
+CVE-2000-1140
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1139 (The installation of Microsoft Exchange 2000 before Rev. A creates a ...)
+CVE-2000-1139
 	NOT-FOR-US: Microsoft
-CVE-2000-1137 (GNU ed before 0.2-18.1 allows local users to overwrite the files of ...)
+CVE-2000-1137
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1136 (elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux ...)
+CVE-2000-1136
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1135 (fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite ...)
+CVE-2000-1135
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1132 (DCForum cgforum.cgi CGI script allows remote attackers to read ...)
+CVE-2000-1132
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1131 (Bill Kendrick web site guestbook (GBook) allows remote attackers to ...)
+CVE-2000-1131
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1124 (Buffer overflow in piobe command in IBM AIX 4.3.x allows local users ...)
+CVE-2000-1124
 	NOT-FOR-US: AIX
-CVE-2000-1123 (Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may ...)
+CVE-2000-1123
 	NOT-FOR-US: AIX
-CVE-2000-1122 (Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may ...)
+CVE-2000-1122
 	NOT-FOR-US: AIX
-CVE-2000-1121 (Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow ...)
+CVE-2000-1121
 	NOT-FOR-US: AIX
-CVE-2000-1120 (Buffer overflow in digest command in IBM AIX 4.3.x and earlier ...)
+CVE-2000-1120
 	NOT-FOR-US: AIX
-CVE-2000-1119 (Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows ...)
+CVE-2000-1119
 	NOT-FOR-US: AIX
-CVE-2000-1115 (Buffer overflow in remote web administration component (webprox.dll) ...)
+CVE-2000-1115
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1113 (Buffer overflow in Microsoft Windows Media Player allows remote ...)
+CVE-2000-1113
 	NOT-FOR-US: Microsoft
-CVE-2000-1112 (Microsoft Windows Media Player 7 executes scripts in custom skin ...)
+CVE-2000-1112
 	NOT-FOR-US: Microsoft
-CVE-2000-1111 (Telnet Service for Windows 2000 Professional does not properly ...)
+CVE-2000-1111
 	NOT-FOR-US: Microsoft
-CVE-2000-1109 (Midnight Commander (mc) 4.5.51 and earlier does not properly process ...)
+CVE-2000-1109
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1108 (cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not ...)
+CVE-2000-1108
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1107 (in.identd ident server in SuSE Linux 6.x and 7.0 allows remote ...)
+CVE-2000-1107
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1106 (Trend Micro InterScan VirusWall creates an &quot;Intscan&quot; share to the ...)
+CVE-2000-1106
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1101 (Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and ...)
+CVE-2000-1101
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1099 (Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and ...)
+CVE-2000-1099
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1097 (The web server for the SonicWALL SOHO firewall allows remote attackers ...)
+CVE-2000-1097
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1096 (crontab by Paul Vixie uses predictable file names for a temporary file ...)
+CVE-2000-1096
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1095 (modprobe in the modutils 2.3.x package on Linux systems allows a local ...)
+CVE-2000-1095
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1094 (Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows ...)
+CVE-2000-1094
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1089 (Buffer overflow in Microsoft Phone Book Service allows local users to ...)
+CVE-2000-1089
 	NOT-FOR-US: Microsoft
-CVE-2000-1080 (Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers ...)
+CVE-2000-1080
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1077 (Buffer overflow in the SHTML logging functionality of iPlanet Web ...)
+CVE-2000-1077
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1075 (Directory traversal vulnerability in iPlanet Certificate Management ...)
+CVE-2000-1075
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1074 (csstart program in iCal 2.1 Patch 2 uses relative pathnames to install ...)
+CVE-2000-1074
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1073 (csstart program in iCal 2.1 Patch 2 searches for the cshttpd program ...)
+CVE-2000-1073
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1072 (iCal 2.1 Patch 2 installs many files with world-writeable permissions, ...)
+CVE-2000-1072
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1071 (The GUI installation for iCal 2.1 Patch 2 disables access control for ...)
+CVE-2000-1071
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1070 (pollit.cgi in Poll It 2.01 and earlier uses data files that are ...)
+CVE-2000-1070
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1069 (pollit.cgi in Poll It 2.01 and earlier allows remote attackers to ...)
+CVE-2000-1069
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1068 (pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary ...)
+CVE-2000-1068
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1061 (Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows ...)
+CVE-2000-1061
 	NOT-FOR-US: Microsoft
-CVE-2000-1060 (The default configuration of XFCE 3.5.1 bypasses the Xauthority access ...)
+CVE-2000-1060
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1059 (The default configuration of the Xsession file in Mandrake Linux 7.1 ...)
+CVE-2000-1059
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1058 (Buffer overflow in OverView5 CGI program in HP OpenView Network Node ...)
+CVE-2000-1058
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1057 (Vulnerabilities in database configuration scripts in HP OpenView ...)
+CVE-2000-1057
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1056 (CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to ...)
+CVE-2000-1056
 	NOT-FOR-US: Cisco
-CVE-2000-1055 (Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows ...)
+CVE-2000-1055
 	NOT-FOR-US: Cisco
-CVE-2000-1054 (Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and ...)
+CVE-2000-1054
 	NOT-FOR-US: Cisco
-CVE-2000-1051 (Directory traversal vulnerability in Allaire JRun 2.3 server allows ...)
+CVE-2000-1051
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1050 (Allaire JRun 3.0 http servlet server allows remote attackers to ...)
+CVE-2000-1050
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1049 (Allaire JRun 3.0 http servlet server allows remote attackers to cause ...)
+CVE-2000-1049
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1047 (Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier ...)
+CVE-2000-1047
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1045 (nss_ldap earlier than 121, when run with nscd (name service caching ...)
+CVE-2000-1045
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1044 (Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and ...)
+CVE-2000-1044
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1043 (Format string vulnerability in ypserv in Mandrake Linux 7.1 and ...)
+CVE-2000-1043
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1042 (Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and ...)
+CVE-2000-1042
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1041 (Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root ...)
+CVE-2000-1041
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1040 (Format string vulnerability in logging function of ypbind 3.3, while ...)
+CVE-2000-1040
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1038 (The web administration interface for IBM AS/400 Firewall allows remote ...)
+CVE-2000-1038
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1036 (Directory traversal vulnerability in Extent RBS ISP web server allows ...)
+CVE-2000-1036
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1034 (Buffer overflow in the System Monitor ActiveX control in Windows 2000 ...)
+CVE-2000-1034
 	NOT-FOR-US: Microsoft
-CVE-2000-1032 (The client authentication interface for Check Point Firewall-1 4.0 and ...)
+CVE-2000-1032
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1031 (Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through ...)
+CVE-2000-1031
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1027 (Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine ...)
+CVE-2000-1027
 	NOT-FOR-US: Cisco
-CVE-2000-1026 (Multiple buffer overflows in LBNL tcpdump allow remote attackers to ...)
+CVE-2000-1026
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1024 (eWave ServletExec 3.0C and earlier does not restrict access to the ...)
+CVE-2000-1024
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1022 (The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier ...)
+CVE-2000-1022
 	NOT-FOR-US: Cisco
-CVE-2000-1019 (Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows ...)
+CVE-2000-1019
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1018 (shred 1.0 file wiping utility does not properly open a file for ...)
+CVE-2000-1018
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1016 (The default configuration of Apache (httpd.conf) on SuSE 6.4 includes ...)
+CVE-2000-1016
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1014 (Format string vulnerability in the search97.cgi CGI script in SCO help ...)
+CVE-2000-1014
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1011 (Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and ...)
+CVE-2000-1011
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1010 (Format string vulnerability in talkd in OpenBSD and possibly other ...)
+CVE-2000-1010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1007 (I-gear 3.5.7 and earlier does not properly process log entries in ...)
+CVE-2000-1007
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1006 (Microsoft Exchange Server 5.5 does not properly handle a MIME header ...)
+CVE-2000-1006
 	NOT-FOR-US: Microsoft
-CVE-2000-1005 (Directory traversal vulnerability in html_web_store.cgi and ...)
+CVE-2000-1005
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1004 (Format string vulnerability in OpenBSD photurisd allows local users to ...)
+CVE-2000-1004
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1003 (NETBIOS client in Windows 95 and Windows 98 allows a remote attacker ...)
+CVE-2000-1003
 	NOT-FOR-US: Microsoft
-CVE-2000-1002 (POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error ...)
+CVE-2000-1002
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1001 (add_2_basket.asp in Element InstantShop allows remote attackers to ...)
+CVE-2000-1001
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1000 (Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 ...)
+CVE-2000-1000
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0996 (Format string vulnerability in OpenBSD su program (and possibly other ...)
+CVE-2000-0996
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0995 (Format string vulnerability in OpenBSD yp_passwd program (and possibly ...)
+CVE-2000-0995
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0994 (Format string vulnerability in OpenBSD fstat program (and possibly ...)
+CVE-2000-0994
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0993 (Format string vulnerability in pw_error function in BSD libutil ...)
+CVE-2000-0993
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0992 (Directory traversal vulnerability in scp in sshd 1.2.xx allows a ...)
+CVE-2000-0992
 	{CVE-2004-0175}
 	- openssh 1:3.9p1-1 (low; bug #270770)
 	[sarge] - openssh <no-dsa> (Minor issue)
 	NOTE: Rediscoved as CVE-2004-0175, see there.
-CVE-2000-0991 (Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ...)
+CVE-2000-0991
 	NOT-FOR-US: Microsoft
-CVE-2000-0990 (cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial ...)
+CVE-2000-0990
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0989 (Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service ...)
+CVE-2000-0989
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0984 (The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to ...)
+CVE-2000-0984
 	NOT-FOR-US: Cisco
-CVE-2000-0983 (Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote ...)
+CVE-2000-0983
 	NOT-FOR-US: Microsoft
-CVE-2000-0982 (Internet Explorer before 5.5 forwards cached user credentials for a ...)
+CVE-2000-0982
 	NOT-FOR-US: Microsoft
-CVE-2000-0981 (MySQL Database Engine uses a weak authentication method which leaks ...)
+CVE-2000-0981
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0980 (NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink ...)
+CVE-2000-0980
 	NOT-FOR-US: Microsoft
-CVE-2000-0979 (File and Print Sharing service in Windows 95, Windows 98, and Windows ...)
+CVE-2000-0979
 	NOT-FOR-US: Microsoft
-CVE-2000-0978 (bbd server in Big Brother System and Network Monitor before 1.5c2 ...)
+CVE-2000-0978
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0977 (mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to ...)
+CVE-2000-0977
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0976 (Buffer overflow in xlib in XFree 3.3.x possibly allows local users to ...)
+CVE-2000-0976
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0975 (Directory traversal vulnerability in apexec.pl in Anaconda Foundation ...)
+CVE-2000-0975
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0974 (GnuPG (gpg) 1.0.3 does not properly check all signatures of a file ...)
+CVE-2000-0974
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0973 (Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier ...)
+CVE-2000-0973
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0972 (HP-UX 11.00 crontab allows local users to read arbitrary files via the ...)
+CVE-2000-0972
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0970 (IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure ...)
+CVE-2000-0970
 	NOT-FOR-US: Microsoft
-CVE-2000-0969 (Format string vulnerability in Half Life dedicated server build 3104 ...)
+CVE-2000-0969
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0968 (Buffer overflow in Half Life dedicated server before build 3104 allows ...)
+CVE-2000-0968
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0967 (PHP 3 and 4 do not properly cleanse user-injected format strings, ...)
+CVE-2000-0967
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0966 (Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of ...)
+CVE-2000-0966
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0965 (The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS ...)
+CVE-2000-0965
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0964 (Buffer overflow in the web administration service for the HiNet LP5100 ...)
+CVE-2000-0964
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0962 (The IPSEC implementation in OpenBSD 2.7 does not properly handle empty ...)
+CVE-2000-0962
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0961 (Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch ...)
+CVE-2000-0961
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0960 (The POP3 server in Netscape Messaging Server 4.15p1 generates ...)
+CVE-2000-0960
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0959 (glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG ...)
+CVE-2000-0959
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0958 (HotJava Browser 3.0 allows remote attackers to access the DOM of a web ...)
+CVE-2000-0958
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0957 (The pluggable authentication module for mysql (pam_mysql) before 0.4.7 ...)
+CVE-2000-0957
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0956 (cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify ...)
+CVE-2000-0956
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0953 (Shambala Server 4.5 allows remote attackers to cause a denial of ...)
+CVE-2000-0953
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0952 (global.cgi CGI program in Global 3.55 and earlier on NetBSD allows ...)
+CVE-2000-0952
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0951 (A misconfiguration in IIS 5.0 with Index Server enabled and the Index ...)
+CVE-2000-0951
 	NOT-FOR-US: Microsoft
-CVE-2000-0949 (Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier ...)
+CVE-2000-0949
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0948 (GnoRPM before 0.95 allows local users to modify arbitrary files via a ...)
+CVE-2000-0948
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0947 (Format string vulnerability in cfd daemon in GNU CFEngine before ...)
+CVE-2000-0947
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0946 (Compaq Easy Access Keyboard software 1.3 does not properly disable ...)
+CVE-2000-0946
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0945 (The web configuration interface for Catalyst 3500 XL switches allows ...)
+CVE-2000-0945
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0944 (CGI Script Center News Update 1.1 does not properly validate the ...)
+CVE-2000-0944
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0943 (Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers ...)
+CVE-2000-0943
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0942 (The CiWebHitsFile component in Microsoft Indexing Services for Windows ...)
+CVE-2000-0942
 	NOT-FOR-US: Microsoft
-CVE-2000-0941 (Kootenay Web KW Whois 1.0 CGI program allows remote attackers to ...)
+CVE-2000-0941
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0938 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a ...)
+CVE-2000-0938
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0937 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login ...)
+CVE-2000-0937
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0936 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the ...)
+CVE-2000-0936
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0935 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users ...)
+CVE-2000-0935
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0934 (Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary ...)
+CVE-2000-0934
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0933 (The Input Method Editor (IME) in the Simplified Chinese version of ...)
+CVE-2000-0933
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0932 (MAILsweeper for SMTP 3.x does not properly handle corrupt CDA ...)
+CVE-2000-0932
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0930 (Pegasus Mail 3.12 allows remote attackers to read arbitrary files via ...)
+CVE-2000-0930
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0929 (Microsoft Windows Media Player 7 allows attackers to cause a denial of ...)
+CVE-2000-0929
 	NOT-FOR-US: Microsoft
-CVE-2000-0928 (WQuinn QuotaAdvisor 4.1 allows users to list directories and files by ...)
+CVE-2000-0928
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0927 (WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they ...)
+CVE-2000-0927
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0926 (SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote ...)
+CVE-2000-0926
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0925 (The default installation of SmartWin CyberOffice Shopping Cart 2 (aka ...)
+CVE-2000-0925
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0924 (Directory traversal vulnerability in search.cgi CGI script in Armada ...)
+CVE-2000-0924
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0923 (authenticate.cgi CGI program in Aplio PRO allows remote attackers to ...)
+CVE-2000-0923
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0922 (Directory traversal vulnerability in Bytes Interactive Web Shopper ...)
+CVE-2000-0922
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0921 (Directory traversal vulnerability in Hassan Consulting shop.cgi ...)
+CVE-2000-0921
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0920 (Directory traversal vulnerability in BOA web server 0.94.8.2 and ...)
+CVE-2000-0920
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0919 (Directory traversal vulnerability in PHPix Photo Album 1.0.2 and ...)
+CVE-2000-0919
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0917 (Format string vulnerability in use_syslog() function in LPRng 3.6.24 ...)
+CVE-2000-0917
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0915 (fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary ...)
+CVE-2000-0915
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0914 (OpenBSD 2.6 and earlier allows remote attackers to cause a denial of ...)
+CVE-2000-0914
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0913 (mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to ...)
+CVE-2000-0913
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0912 (MultiHTML CGI script allows remote attackers to read arbitrary files ...)
+CVE-2000-0912
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0911 (IMP 2.2 and earlier allows attackers to read and delete arbitrary ...)
+CVE-2000-0911
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0910 (Horde library 1.02 allows attackers to execute arbitrary commands via ...)
+CVE-2000-0910
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0909 (Buffer overflow in the automatic mail checking component of Pine 4.21 ...)
+CVE-2000-0909
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0908 (BrowseGate 2.80 allows remote attackers to cause a denial of service ...)
+CVE-2000-0908
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0901 (Format string vulnerability in screen 3.9.5 and earlier allows local ...)
+CVE-2000-0901
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0900 (Directory traversal vulnerability in ssi CGI program in thttpd 2.19 ...)
+CVE-2000-0900
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0897 (Small HTTP Server 2.03 and earlier allows remote attackers to cause a ...)
+CVE-2000-0897
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0896 (WatchGuard SOHO firewall allows remote attackers to cause a denial of ...)
+CVE-2000-0896
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0895 (Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows ...)
+CVE-2000-0895
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0894 (HTTP server on the WatchGuard SOHO firewall does not properly restrict ...)
+CVE-2000-0894
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0892 (Some telnet clients allow remote telnet servers to request environment ...)
+CVE-2000-0892
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0891 (A default ECL in Lotus Notes before 5.02 allows remote attackers to ...)
+CVE-2000-0891
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0890 (periodic in FreeBSD 4.1.1 and earlier, and possibly other operating ...)
+CVE-2000-0890
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0888 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...)
+CVE-2000-0888
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0887 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...)
+CVE-2000-0887
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0886 (IIS 5.0 allows remote attackers to execute arbitrary commands via a ...)
+CVE-2000-0886
 	NOT-FOR-US: Microsoft
-CVE-2000-0884 (IIS 4.0 and 5.0 allows remote attackers to read documents outside of ...)
+CVE-2000-0884
 	NOT-FOR-US: Microsoft
-CVE-2000-0883 (The default configuration of mod_perl for Apache as installed on ...)
+CVE-2000-0883
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0878 (The mailto CGI script allows remote attacker to execute arbitrary ...)
+CVE-2000-0878
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0877 (mailform.pl CGI script in MailForm 2.0 allows remote attackers to read ...)
+CVE-2000-0877
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0876 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the  ...)
+CVE-2000-0876
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0875 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a ...)
+CVE-2000-0875
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0874 (Eudora mail client includes the absolute path of the sender's host ...)
+CVE-2000-0874
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0873 (netstat in AIX 4.x.x does not properly restrict access to the -Zi ...)
+CVE-2000-0873
 	NOT-FOR-US: AIX
-CVE-2000-0871 (Buffer overflow in EFTP allows remote attackers to cause a denial of ...)
+CVE-2000-0871
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0870 (Buffer overflow in EFTP allows remote attackers to cause a denial of ...)
+CVE-2000-0870
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0869 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables ...)
+CVE-2000-0869
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0868 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows ...)
+CVE-2000-0868
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0867 (Kernel logging daemon (klogd) in Linux does not properly cleanse ...)
+CVE-2000-0867
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0865 (Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows ...)
+CVE-2000-0865
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0864 (Race condition in the creation of a Unix domain socket in GNOME esound ...)
+CVE-2000-0864
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0863 (Buffer overflow in listmanager earlier than 2.105.1 allows local users ...)
+CVE-2000-0863
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0862 (Vulnerability in an administrative interface utility for Allaire ...)
+CVE-2000-0862
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0861 (Mailman 1.1 allows list administrators to execute arbitrary commands ...)
+CVE-2000-0861
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0860 (The file upload capability in PHP versions 3 and 4 allows remote ...)
+CVE-2000-0860
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0859 (The web configuration server for NTMail V5 and V6 allows remote ...)
+CVE-2000-0859
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0858 (Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to ...)
+CVE-2000-0858
 	NOT-FOR-US: Microsoft
-CVE-2000-0856 (Buffer overflow in SunFTP build 9(1) allows remote attackers to cause ...)
+CVE-2000-0856
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0854 (When a Microsoft Office 2000 document is launched, the directory of ...)
+CVE-2000-0854
 	NOT-FOR-US: Microsoft
-CVE-2000-0853 (YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary ...)
+CVE-2000-0853
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0852 (Multiple buffer overflows in eject on FreeBSD and possibly other OSes ...)
+CVE-2000-0852
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0851 (Buffer overflow in the Still Image Service in Windows 2000 allows local ...)
+CVE-2000-0851
 	NOT-FOR-US: Microsoft
-CVE-2000-0850 (Netegrity SiteMinder before 4.11 allows remote attackers to bypass ...)
+CVE-2000-0850
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0849 (Race condition in Microsoft Windows Media server allows remote attackers ...)
+CVE-2000-0849
 	NOT-FOR-US: Microsoft
-CVE-2000-0848 (Buffer overflow in IBM WebSphere web application server (WAS) allows ...)
+CVE-2000-0848
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0847 (Buffer overflow in University of Washington c-client library (used by ...)
+CVE-2000-0847
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0846 (Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to ...)
+CVE-2000-0846
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0844 (Some functions that implement the locale subsystem on Unix do not  ...)
+CVE-2000-0844
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0839 (WinCOM LPD 1.00.90 allows remote attackers to cause a denial of ...)
+CVE-2000-0839
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0838 (Fastream FUR HTTP server 1.0b allows remote attackers to cause a ...)
+CVE-2000-0838
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0837 (FTP Serv-U 2.5e allows remote attackers to cause a denial of service ...)
+CVE-2000-0837
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0834 (The Windows 2000 telnet client attempts to perform NTLM authentication ...)
+CVE-2000-0834
 	NOT-FOR-US: Microsoft
-CVE-2000-0830 (annclist.exe in webTV for Windows allows remote attackers to cause a ...)
+CVE-2000-0830
 	NOT-FOR-US: Microsoft
-CVE-2000-0829 (The tmpwatch utility in Red Hat Linux forks a new process for each ...)
+CVE-2000-0829
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0825 (Ipswitch Imail 6.0 allows remote attackers to cause a denial of ...)
+CVE-2000-0825
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0824 (The unsetenv function in glibc 2.1.1 does not properly unset an ...)
+CVE-2000-0824
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0818 (The default installation for the Oracle listener program 7.3.4, 8.0.6, ...)
+CVE-2000-0818
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0816 (Linux tmpwatch --fuser option allows local users to execute arbitrary ...)
+CVE-2000-0816
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0813 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers ...)
+CVE-2000-0813
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0811 (Auction Weaver 1.0 through 1.04 allows remote attackers to read ...)
+CVE-2000-0811
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0810 (Auction Weaver 1.0 through 1.04 does not properly validate the names ...)
+CVE-2000-0810
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0809 (Buffer overflow in Getkey in the protocol checker in the inter-module ...)
+CVE-2000-0809
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0808 (The seed generation mechanism in the inter-module S/Key authentication ...)
+CVE-2000-0808
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0807 (The OPSEC communications authentication mechanism (fwn1) in Check ...)
+CVE-2000-0807
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0806 (The inter-module authentication mechanism (fwa1) in Check Point ...)
+CVE-2000-0806
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0805 (Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits ...)
+CVE-2000-0805
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0804 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers ...)
+CVE-2000-0804
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0803 (GNU Groff uses the current working directory to find a device ...)
+CVE-2000-0803
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0799 (inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local ...)
+CVE-2000-0799
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0797 (Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to ...)
+CVE-2000-0797
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0796 (Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to ...)
+CVE-2000-0796
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0795 (Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to ...)
+CVE-2000-0795
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0792 (Gnome Lokkit firewall package before 0.41 does not properly restrict ...)
+CVE-2000-0792
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0790 (The web-based folder display capability in Microsoft Internet Explorer ...)
+CVE-2000-0790
 	NOT-FOR-US: Microsoft
-CVE-2000-0788 (The Mail Merge tool in Microsoft Word does not prompt the user before ...)
+CVE-2000-0788
 	NOT-FOR-US: Microsoft
-CVE-2000-0787 (IRC Xchat client versions 1.4.2 and earlier allows remote attackers to ...)
+CVE-2000-0787
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0786 (GNU userv 1.0.0 and earlier does not properly perform file descriptor ...)
+CVE-2000-0786
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0783 (Watchguard Firebox II allows remote attackers to cause a denial of ...)
+CVE-2000-0783
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0782 (netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote ...)
+CVE-2000-0782
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0781 (uagentsetup in ARCServeIT Client Agent 6.62 does not properly check ...)
+CVE-2000-0781
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0780 (The web server in IPSWITCH IMail 6.04 and earlier allows remote ...)
+CVE-2000-0780
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote ...)
+CVE-2000-0779
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP files ...)
+CVE-2000-0778
 	NOT-FOR-US: Microsoft
-CVE-2000-0777 (The password protection feature of Microsoft Money can store the ...)
+CVE-2000-0777
 	NOT-FOR-US: Microsoft
-CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to execute ...)
+CVE-2000-0776
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0773 (Bajie HTTP web server 0.30a allows remote attackers to read arbitrary ...)
+CVE-2000-0773
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of service ...)
+CVE-2000-0771
 	NOT-FOR-US: Microsoft
-CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain types of ...)
+CVE-2000-0770
 	NOT-FOR-US: Microsoft
-CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly verify ...)
+CVE-2000-0768
 	NOT-FOR-US: Microsoft
-CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet Explorer 4.x ...)
+CVE-2000-0767
 	NOT-FOR-US: Microsoft
-CVE-2000-0766 (Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to ...)
+CVE-2000-0766
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0765 (Buffer overflow in the HTML interpreter in Microsoft Office 2000 ...)
+CVE-2000-0765
 	NOT-FOR-US: Microsoft
-CVE-2000-0764 (Intel Express 500 series switches allow a remote attacker to cause a ...)
+CVE-2000-0764
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0763 (xlockmore and xlockf do not properly cleanse user-injected format ...)
+CVE-2000-0763
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0762 (The default installation of eTrust Access Control (formerly SeOS) uses ...)
+CVE-2000-0762
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0761 (OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of ...)
+CVE-2000-0761
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0758 (The web interface for Lyris List Manager 3 and 4 allows list ...)
+CVE-2000-0758
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0754 (Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 ...)
+CVE-2000-0754
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0753 (The Microsoft Outlook mail client identifies the physical path of the ...)
+CVE-2000-0753
 	NOT-FOR-US: Microsoft
-CVE-2000-0751 (mopd (Maintenance Operations Protocol loader daemon) does not properly ...)
+CVE-2000-0751
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0750 (Buffer overflow in mopd (Maintenance Operations Protocol loader ...)
+CVE-2000-0750
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0749 (Buffer overflow in the Linux binary compatibility module in FreeBSD ...)
+CVE-2000-0749
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0747 (The logrotate script for OpenLDAP before 1.2.11 in Conectiva ...)
+CVE-2000-0747
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0745 (admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke ...)
+CVE-2000-0745
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0744 (DEPRECATED.  This entry has been deprecated.  It is a duplicate of ...)
+CVE-2000-0744
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0743 (Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows ...)
+CVE-2000-0743
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0742 (The IPX protocol implementation in Microsoft Windows 95 and 98 allows ...)
+CVE-2000-0742
 	NOT-FOR-US: Microsoft
-CVE-2000-0741 (Format string vulnerability in strong.exe program in NAI Net Tools PKI ...)
+CVE-2000-0741
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0740 (Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 ...)
+CVE-2000-0740
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0739 (Directory traversal vulnerability in strong.exe program in NAI Net ...)
+CVE-2000-0739
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0738 (WebShield SMTP 4.5 allows remote attackers to cause a denial of ...)
+CVE-2000-0738
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0737 (The Service Control Manager (SCM) in Windows 2000 creates predictable ...)
+CVE-2000-0737
 	NOT-FOR-US: Microsoft
-CVE-2000-0733 (Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans ...)
+CVE-2000-0733
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0732 (Worm HTTP server allows remote attackers to cause a denial of service ...)
+CVE-2000-0732
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0731 (Directory traversal vulnerability in Worm HTTP server allows remote ...)
+CVE-2000-0731
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0730 (Vulnerability in newgrp command in HP-UX 11.0 allows local users to ...)
+CVE-2000-0730
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0729 (FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of ...)
+CVE-2000-0729
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0728 (xpdf PDF viewer client earlier than 0.91 allows local users to ...)
+CVE-2000-0728
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0727 (xpdf PDF viewer client earlier than 0.91 does not properly launch a ...)
+CVE-2000-0727
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0726 (CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote ...)
+CVE-2000-0726
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0725 (Zope before 2.2.1 does not properly restrict access to the getRoles ...)
+CVE-2000-0725
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0720 (news.cgi in GWScripts News Publisher does not properly authenticate ...)
+CVE-2000-0720
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0718 (A race condition in MandrakeUpdate allows local users to modify RPM ...)
+CVE-2000-0718
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0717 (GoodTech FTP server allows remote attackers to cause a denial of ...)
+CVE-2000-0717
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0716 (WorldClient email client in MDaemon 2.8 includes the session ID in the ...)
+CVE-2000-0716
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0712 (Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to ...)
+CVE-2000-0712
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0711 (Netscape Communicator does not properly prevent a ServerSocket object ...)
+CVE-2000-0711
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0708 (Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows ...)
+CVE-2000-0708
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0707 (PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the ...)
+CVE-2000-0707
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0706 (Buffer overflows in ntop running in web mode allows remote attackers ...)
+CVE-2000-0706
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0705 (ntop running in web mode allows remote attackers to read arbitrary ...)
+CVE-2000-0705
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0703 (suidperl (aka sperl) does not properly cleanse the escape sequence ...)
+CVE-2000-0703
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0702 (The net.init rc script in HP-UX 11.00 (S008net.init) allows local ...)
+CVE-2000-0702
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0700 (Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit ...)
+CVE-2000-0700
 	NOT-FOR-US: Cisco
-CVE-2000-0699 (Format string vulnerability in ftpd in HP-UX 10.20 allows remote ...)
+CVE-2000-0699
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0698 (Minicom 1.82.1 and earlier on some Linux systems allows local users to ...)
+CVE-2000-0698
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0694 (pgxconfig in the Raptor GFX configuration tool allows local users to ...)
+CVE-2000-0694
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0693 (pgxconfig in the Raptor GFX configuration tool uses a relative path ...)
+CVE-2000-0693
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0685 (BEA WebLogic 5.1.x does not properly restrict access to the ...)
+CVE-2000-0685
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0684 (BEA WebLogic 5.1.x does not properly restrict access to the ...)
+CVE-2000-0684
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0683 (BEA WebLogic 5.1.x allows remote attackers to read source code for ...)
+CVE-2000-0683
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0682 (BEA WebLogic 5.1.x allows remote attackers to read source code for ...)
+CVE-2000-0682
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0681 (Buffer overflow in BEA WebLogic server proxy plugin allows remote ...)
+CVE-2000-0681
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0679 (The CVS 1.10.8 client trusts pathnames that are provided by the CVS ...)
+CVE-2000-0679
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0678 (PGP 5.5.x through 6.5.3 does not properly check if an Additional ...)
+CVE-2000-0678
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0677 (Buffer overflow in IBM Net.Data db2www CGI program allows remote ...)
+CVE-2000-0677
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0676 (Netscape Communicator and Navigator 4.04 through 4.74 allows remote ...)
+CVE-2000-0676
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0675 (Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote ...)
+CVE-2000-0675
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0674 (ftp.pl CGI program for Virtual Visions FTP browser allows remote ...)
+CVE-2000-0674
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0673 (The NetBIOS Name Server (NBNS) protocol does not perform ...)
+CVE-2000-0673
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0672 (The default configuration of Jakarta Tomcat does not restrict access ...)
+CVE-2000-0672
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0671 (Roxen web server earlier than 2.0.69 allows allows remote attackers to ...)
+CVE-2000-0671
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0670 (The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with ...)
+CVE-2000-0670
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0669 (Novell NetWare 5.0 allows remote attackers to cause a denial of ...)
+CVE-2000-0669
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0668 (pam_console PAM module in Linux systems allows a user to access the ...)
+CVE-2000-0668
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0666 (rpc.statd in the nfs-utils package in various Linux distributions does ...)
+CVE-2000-0666
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0665 (GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to ...)
+CVE-2000-0665
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0664 (AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read ...)
+CVE-2000-0664
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0663 (The registry entry for the Windows Shell executable (Explorer.exe) in ...)
+CVE-2000-0663
 	NOT-FOR-US: Microsoft
-CVE-2000-0662 (Internet Explorer 5.x and Microsoft Outlook allows remote attackers to ...)
+CVE-2000-0662
 	NOT-FOR-US: Microsoft
-CVE-2000-0661 (WircSrv IRC Server 5.07s allows remote attackers to cause a denial of ...)
+CVE-2000-0661
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0660 (The WDaemon web server for WorldClient 2.1 allows remote attackers to ...)
+CVE-2000-0660
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0655 (Netscape Communicator 4.73 and earlier allows remote attackers to ...)
+CVE-2000-0655
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0654 (Microsoft Enterprise Manager allows local users to obtain database ...)
+CVE-2000-0654
 	NOT-FOR-US: Microsoft
-CVE-2000-0652 (IBM WebSphere allows remote attackers to read source code for ...)
+CVE-2000-0652
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0651 (The ClientTrust program in Novell BorderManager does not properly ...)
+CVE-2000-0651
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0650 (The default installation of VirusScan 4.5 and NetShield 4.5 has ...)
+CVE-2000-0650
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0644 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...)
+CVE-2000-0644
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0643 (Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers ...)
+CVE-2000-0643
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0642 (The default configuration of WebActive HTTP Server 1.00 stores the web ...)
+CVE-2000-0642
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0641 (Savant web server allows remote attackers to execute arbitrary ...)
+CVE-2000-0641
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0640 (Guild FTPd allows remote attackers to determine the existence of files ...)
+CVE-2000-0640
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0639 (The default configuration of Big Brother 1.4h2 and earlier does not ...)
+CVE-2000-0639
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0638 (bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers ...)
+CVE-2000-0638
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0637 (Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary ...)
+CVE-2000-0637
 	NOT-FOR-US: Microsoft
-CVE-2000-0636 (HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow ...)
+CVE-2000-0636
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0635 (The view_page.html sample page in the MiniVend shopping cart program ...)
+CVE-2000-0635
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0634 (The web administration interface for CommuniGate Pro 3.2.5 and earlier ...)
+CVE-2000-0634
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0633 (Vulnerability in Mandrake Linux usermode package allows local users to ...)
+CVE-2000-0633
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0632 (Buffer overflow in the web archive component of L-Soft Listserv 1.8d ...)
+CVE-2000-0632
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0631 (An administrative script from IIS 3.0, later included in IIS 4.0 and ...)
+CVE-2000-0631
 	NOT-FOR-US: Microsoft
-CVE-2000-0630 (IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source ...)
+CVE-2000-0630
 	NOT-FOR-US: Microsoft
-CVE-2000-0628 (The source.asp example script in the Apache ASP module Apache::ASP ...)
+CVE-2000-0628
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0627 (BlackBoard CourseInfo 4.0 does not properly authenticate users, which ...)
+CVE-2000-0627
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0624 (Buffer overflow in Winamp 2.64 and earlier allows remote attackers to ...)
+CVE-2000-0624
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0622 (Buffer overflow in Webfind CGI program in O'Reilly WebSite ...)
+CVE-2000-0622
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0621 (Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, ...)
+CVE-2000-0621
 	NOT-FOR-US: Microsoft
-CVE-2000-0620 (libX11 X library allows remote attackers to cause a denial of service ...)
+CVE-2000-0620
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0619 (Top Layer AppSwitch 2500 allows remote attackers to cause a denial of ...)
+CVE-2000-0619
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0616 (Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain ...)
+CVE-2000-0616
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0615 (LPRng 3.6.x improperly installs lpd as setuid root, which can allow ...)
+CVE-2000-0615
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0613 (Cisco Secure PIX Firewall does not properly identify forged TCP Reset ...)
+CVE-2000-0613
 	NOT-FOR-US: Cisco
-CVE-2000-0611 (The default configuration of NetWin dMailWeb and cwMail trusts all POP ...)
+CVE-2000-0611
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0610 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...)
+CVE-2000-0610
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0604 (gkermit in Red Hat Linux is improperly installed with setgid uucp, ...)
+CVE-2000-0604
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0603 (Microsoft SQL Server 7.0 allows a local user to bypass permissions for ...)
+CVE-2000-0603
 	NOT-FOR-US: Microsoft
-CVE-2000-0602 (Secure Locate (slocate) in Red Hat Linux allows local users to gain ...)
+CVE-2000-0602
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0601 (LeafChat 1.7 IRC client allows a remote IRC server to cause a denial ...)
+CVE-2000-0601
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0600 (Netscape Enterprise Server in NetWare 5.1 allows remote attackers to ...)
+CVE-2000-0600
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0599 (Buffer overflow in iMesh 1.02 allows remote attackers to execute ...)
+CVE-2000-0599
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0598 (Fortech Proxy+ allows remote attackers to bypass access restrictions ...)
+CVE-2000-0598
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0597 (Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are ...)
+CVE-2000-0597
 	NOT-FOR-US: Microsoft
-CVE-2000-0596 (Internet Explorer 5.x does not warn a user before opening a Microsoft ...)
+CVE-2000-0596
 	NOT-FOR-US: Microsoft
-CVE-2000-0595 (libedit searches for the .editrc file in the current directory instead ...)
+CVE-2000-0595
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0594 (BitchX IRC client does not properly cleanse an untrusted format ...)
+CVE-2000-0594
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0593 (WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of ...)
+CVE-2000-0593
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0591 (Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL ...)
+CVE-2000-0591
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0590 (Poll It 2.0 CGI script allows remote attackers to read arbitrary files ...)
+CVE-2000-0590
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0588 (SawMill 5.0.21 CGI program allows remote attackers to read the first ...)
+CVE-2000-0588
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0587 (The privpath directive in glftpd 1.18 allows remote attackers to ...)
+CVE-2000-0587
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0586 (Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to ...)
+CVE-2000-0586
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0585 (ISC DHCP client program dhclient allows remote attackers to execute ...)
+CVE-2000-0585
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0584 (Buffer overflow in Canna input system allows remote attackers to ...)
+CVE-2000-0584
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0583 (vchkpw program in vpopmail before version 4.8 does not properly cleanse ...)
+CVE-2000-0583
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0582 (Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a ...)
+CVE-2000-0582
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0581 (Windows 2000 Telnet Server allows remote attackers to cause a denial ...)
+CVE-2000-0581
 	NOT-FOR-US: Microsoft
-CVE-2000-0579 (IRIX crontab creates temporary files with predictable file names and ...)
+CVE-2000-0579
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0577 (Netscape Professional Services FTP Server 1.3.6 allows remote ...)
+CVE-2000-0577
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0576 (Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows ...)
+CVE-2000-0576
 	NOT-FOR-US: AIX
-CVE-2000-0575 (SSH 1.2.27 with Kerberos authentication support stores Kerberos ...)
+CVE-2000-0575
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0573 (The lreply function in wu-ftpd 2.6.0 and earlier does not properly ...)
+CVE-2000-0573
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0571 (LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial ...)
+CVE-2000-0571
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0570 (FirstClass Internet Services server 5.770, and other versions before ...)
+CVE-2000-0570
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0569 (Sybergen Sygate allows remote attackers to cause a denial of service ...)
+CVE-2000-0569
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0568 (Sybergen Secure Desktop 2.1 does not properly protect against false ...)
+CVE-2000-0568
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0567 (Buffer overflow in Microsoft Outlook and Outlook Express allows remote ...)
+CVE-2000-0567
 	NOT-FOR-US: Microsoft
-CVE-2000-0566 (makewhatis in Linux man package allows local users to overwrite files ...)
+CVE-2000-0566
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0565 (SmartFTP Daemon 0.2 allows a local user to access arbitrary files by ...)
+CVE-2000-0565
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0561 (Buffer overflow in WebBBS 1.15 allows remote attackers to execute ...)
+CVE-2000-0561
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0558 (Buffer overflow in HP Openview Network Node Manager 6.1 allows remote ...)
+CVE-2000-0558
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0557 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote ...)
+CVE-2000-0557
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0556 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote ...)
+CVE-2000-0556
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0555 (Ceilidh allows remote attackers to cause a denial of service via a ...)
+CVE-2000-0555
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0553 (Race condition in IPFilter firewall 3.4.3 and earlier, when configured ...)
+CVE-2000-0553
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0552 (ICQwebmail client for ICQ 2000A creates a world readable temporary ...)
+CVE-2000-0552
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0551 (The file transfer mechanism in Danware NetOp 6.0 does not provide ...)
+CVE-2000-0551
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0550 (Kerberos 4 KDC program improperly frees memory twice (aka ...)
+CVE-2000-0550
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0549 (Kerberos 4 KDC program does not properly check for null termination of ...)
+CVE-2000-0549
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0548 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to ...)
+CVE-2000-0548
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0542 (Tigris remote access server before 11.5.4.22 does not properly record ...)
+CVE-2000-0542
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0541 (The Panda Antivirus console on port 2001 allows local users to execute ...)
+CVE-2000-0541
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0540 (JSP sample files in Allaire JRun 2.3.x allow remote attackers to ...)
+CVE-2000-0540
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0539 (Servlet examples in Allaire JRun 2.3.x allow remote attackers to ...)
+CVE-2000-0539
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0538 (ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows ...)
+CVE-2000-0538
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0537 (BRU backup software allows local users to append data to arbitrary ...)
+CVE-2000-0537
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0536 (xinetd 2.1.8.x does not properly restrict connections if hostnames are ...)
+CVE-2000-0536
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0534 (The apsfilter software in the FreeBSD ports package does not properly ...)
+CVE-2000-0534
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0533 (Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to ...)
+CVE-2000-0533
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0532 (A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port ...)
+CVE-2000-0532
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0530 (The KApplication class in the KDE 1.1.2 configuration file management ...)
+CVE-2000-0530
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0529 (Net Tools PKI Server allows remote attackers to cause a denial of ...)
+CVE-2000-0529
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0528 (Net Tools PKI Server does not properly restrict access to remote ...)
+CVE-2000-0528
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0525 (OpenSSH does not properly drop privileges when the UseLogin option is ...)
+CVE-2000-0525
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0523 (Buffer overflow in the logging feature of EServ 2.9.2 and earlier ...)
+CVE-2000-0523
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0522 (RSA ACE/Server allows remote attackers to cause a denial of service by ...)
+CVE-2000-0522
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0521 (Savant web server allows remote attackers to read source code of CGI ...)
+CVE-2000-0521
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0519 (Internet Explorer 4.x and 5.x does not properly re-validate an SSL ...)
+CVE-2000-0519
 	NOT-FOR-US: Microsoft
-CVE-2000-0518 (Internet Explorer 4.x and 5.x does not properly verify all contents of ...)
+CVE-2000-0518
 	NOT-FOR-US: Microsoft
-CVE-2000-0517 (Netscape 4.73 and earlier does not properly warn users about a ...)
+CVE-2000-0517
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0516 (When configured to store configuration information in an LDAP ...)
+CVE-2000-0516
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0515 (The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX ...)
+CVE-2000-0515
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0514 (GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict ...)
+CVE-2000-0514
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0513 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote ...)
+CVE-2000-0513
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0512 (CUPS (Common Unix Printing System) 1.04 and earlier does not properly ...)
+CVE-2000-0512
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0511 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote ...)
+CVE-2000-0511
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0510 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote ...)
+CVE-2000-0510
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0508 (rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to ...)
+CVE-2000-0508
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0507 (Imate Webmail Server 2.5 allows remote attackers to cause a denial of ...)
+CVE-2000-0507
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0506 (The &quot;capabilities&quot; feature in Linux before 2.2.16 allows local users ...)
+CVE-2000-0506
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0505 (The Apache 1.3.x HTTP server for Windows platforms allows remote ...)
+CVE-2000-0505
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0504 (libICE in XFree86 allows remote attackers to cause a denial of service ...)
+CVE-2000-0504
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0502 (Mcafee VirusScan 4.03 does not properly restrict access to the alert ...)
+CVE-2000-0502
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0501 (Race condition in MDaemon 2.8.5.0 POP server allows local users to ...)
+CVE-2000-0501
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0500 (The default configuration of BEA WebLogic 5.1.0 allows a remote ...)
+CVE-2000-0500
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0499 (The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a ...)
+CVE-2000-0499
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source code ...)
+CVE-2000-0498
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view source ...)
+CVE-2000-0497
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0495 (Microsoft Windows Media Encoder allows remote attackers to cause a ...)
+CVE-2000-0495
 	NOT-FOR-US: Microsoft
-CVE-2000-0494 (Veritas Volume Manager creates a world writable .server_pids file, ...)
+CVE-2000-0494
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0493 (Buffer overflow in Simple Network Time Sync (SMTS) daemon allows ...)
+CVE-2000-0493
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0490 (Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package ...)
+CVE-2000-0490
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0489 (FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of ...)
+CVE-2000-0489
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0488 (Buffer overflow in ITHouse mail server 1.04 allows remote attackers to ...)
+CVE-2000-0488
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0486 (Buffer overflow in Cisco TACACS+ tac_plus server allows remote ...)
+CVE-2000-0486
 	NOT-FOR-US: Cisco
-CVE-2000-0485 (Microsoft SQL Server allows local users to obtain database passwords ...)
+CVE-2000-0485
 	NOT-FOR-US: Microsoft
-CVE-2000-0484 (Buffer overflow in Small HTTP Server allows remote attackers to cause ...)
+CVE-2000-0484
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0483 (The DocumentTemplate package in Zope 2.2 and earlier allows a remote ...)
+CVE-2000-0483
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0482 (Check Point Firewall-1 allows remote attackers to cause a denial of ...)
+CVE-2000-0482
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0481 (Buffer overflow in KDE Kmail allows a remote attacker to cause a ...)
+CVE-2000-0481
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0478 (In some cases, Norton Antivirus for Exchange (NavExchange) enters a ...)
+CVE-2000-0478
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0477 (Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows ...)
+CVE-2000-0477
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0475 (Windows 2000 allows a local user process to access another user's ...)
+CVE-2000-0475
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0474 (Real Networks RealServer 7.x allows remote attackers to cause a denial ...)
+CVE-2000-0474
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0472 (Buffer overflow in innd 2.2.2 allows remote attackers to execute ...)
+CVE-2000-0472
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0471 (Buffer overflow in ufsrestore in Solaris 8 and earlier allows local ...)
+CVE-2000-0471
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0470 (Allegro RomPager HTTP server allows remote attackers to cause a denial ...)
+CVE-2000-0470
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0469 (Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary ...)
+CVE-2000-0469
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0468 (man in HP-UX 10.20 and 11 allows local attackers to overwrite files ...)
+CVE-2000-0468
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0467 (Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users ...)
+CVE-2000-0467
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0466 (AIX cdmount allows local users to gain root privileges via shell ...)
+CVE-2000-0466
 	NOT-FOR-US: AIX
-CVE-2000-0465 (Internet Explorer 4.x and 5.x does not properly verify the domain of a  ...)
+CVE-2000-0465
 	NOT-FOR-US: Microsoft
-CVE-2000-0464 (Internet Explorer 4.x and 5.x allows remote attackers to execute ...)
+CVE-2000-0464
 	NOT-FOR-US: Microsoft
-CVE-2000-0463 (BeOS 5.0 allows remote attackers to cause a denial of service via ...)
+CVE-2000-0463
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0462 (ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot ...)
+CVE-2000-0462
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0461 (The undocumented semconfig system call in BSD freezes the state of ...)
+CVE-2000-0461
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0460 (Buffer overflow in KDE kdesud on Linux allows local uses to gain ...)
+CVE-2000-0460
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0459 (IMP does not remove files properly if the MSWordView application ...)
+CVE-2000-0459
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0458 (The MSWordView application in IMP creates world-readable files in the ...)
+CVE-2000-0458
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0457 (ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file ...)
+CVE-2000-0457
 	NOT-FOR-US: Microsoft
-CVE-2000-0456 (NetBSD 1.4.2 and earlier allows local users to cause a denial of ...)
+CVE-2000-0456
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0455 (Buffer overflow in xlockmore xlock program version 4.16 and earlier ...)
+CVE-2000-0455
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0454 (Buffer overflow in Linux cdrecord allows local users to gain ...)
+CVE-2000-0454
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0453 (XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a ...)
+CVE-2000-0453
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0452 (Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 ...)
+CVE-2000-0452
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0451 (The Intel express 8100 ISDN router allows remote attackers to cause a ...)
+CVE-2000-0451
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0448 (The WebShield SMTP Management Tool version 4.5.44 does not properly ...)
+CVE-2000-0448
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0447 (Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to ...)
+CVE-2000-0447
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0446 (Buffer overflow in MDBMS database server allows remote attackers to ...)
+CVE-2000-0446
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0445 (The pgpk command in PGP 5.x on Unix systems uses an insufficiently ...)
+CVE-2000-0445
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0443 (The web interface server in HP Web JetAdmin 5.6 allows remote ...)
+CVE-2000-0443
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0442 (Qpopper 2.53 and earlier allows local users to gain privileges via a ...)
+CVE-2000-0442
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0441 (Vulnerability in AIX 3.2.x and 4.x allows local users to gain write ...)
+CVE-2000-0441
 	NOT-FOR-US: AIX
-CVE-2000-0440 (NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of ...)
+CVE-2000-0440
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0439 (Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain ...)
+CVE-2000-0439
 	NOT-FOR-US: Microsoft
-CVE-2000-0438 (Buffer overflow in fdmount on Linux systems allows local users in the ...)
+CVE-2000-0438
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0437 (Buffer overflow in the CyberPatrol daemon &quot;cyberdaemon&quot; used in ...)
+CVE-2000-0437
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0436 (MetaProducts Offline Explorer 1.2 and earlier allows remote attackers ...)
+CVE-2000-0436
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0435 (The allmanageup.pl file upload CGI script in the Allmanage Website ...)
+CVE-2000-0435
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0432 (The calender.pl and the calendar_admin.pl calendar scripts by Matt ...)
+CVE-2000-0432
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0431 (Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ...)
+CVE-2000-0431
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0430 (Cart32 allows remote attackers to access sensitive debugging ...)
+CVE-2000-0430
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0428 (Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and ...)
+CVE-2000-0428
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0427 (The Aladdin Knowledge Systems eToken device allows attackers with ...)
+CVE-2000-0427
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0426 (UltraBoard 1.6 and other versions allow remote attackers to cause a ...)
+CVE-2000-0426
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0425 (Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 ...)
+CVE-2000-0425
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0424 (The CGI counter 4.0.7 by George Burgyan allows remote attackers to ...)
+CVE-2000-0424
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0421 (The process_bug.cgi script in Bugzilla allows remote attackers to ...)
+CVE-2000-0421
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0419 (The Office 2000 UA ActiveX Control is marked as &quot;safe for scripting,&quot; ...)
+CVE-2000-0419
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0418 (The Cayman 3220-H DSL router allows remote attackers to cause a denial ...)
+CVE-2000-0418
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0417 (The HTTP administration interface to the Cayman 3220-H DSL router ...)
+CVE-2000-0417
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0416 (NTMail 5.x allows network users to bypass the NTMail proxy ...)
+CVE-2000-0416
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0414 (Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows ...)
+CVE-2000-0414
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0411 (Matt Wright's FormMail CGI script allows remote attackers to obtain ...)
+CVE-2000-0411
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0410 (ColdFusion Server 4.5.1 allows remote attackers to cause a denial of ...)
+CVE-2000-0410
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0409 (Netscape 4.73 and earlier follows symlinks when it imports a new ...)
+CVE-2000-0409
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0408 (IIS 4.05 and 5.0 allow remote attackers to cause a denial of service ...)
+CVE-2000-0408
 	NOT-FOR-US: Microsoft
-CVE-2000-0407 (Buffer overflow in Solaris netpr program allows local users to execute ...)
+CVE-2000-0407
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0406 (Netscape Communicator before version 4.73 and Navigator 4.07 do not ...)
+CVE-2000-0406
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0405 (Buffer overflow in L0pht AntiSniff allows remote attackers to execute ...)
+CVE-2000-0405
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0404 (The CIFS Computer Browser service allows remote attackers to cause a ...)
+CVE-2000-0404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0403 (The CIFS Computer Browser service on Windows NT 4.0 allows a remote ...)
+CVE-2000-0403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0402 (The Mixed Mode authentication capability in Microsoft SQL Server 7.0 ...)
+CVE-2000-0402
 	NOT-FOR-US: Microsoft
-CVE-2000-0399 (Buffer overflow in MDaemon POP server allows remote attackers to cause ...)
+CVE-2000-0399
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0398 (Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent ...)
+CVE-2000-0398
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0397 (The EMURL web-based email account software encodes predictable ...)
+CVE-2000-0397
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0396 (The add.exe program in the Carello shopping cart software allows ...)
+CVE-2000-0396
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0395 (Buffer overflow in CProxy 3.3 allows remote users to cause a denial of ...)
+CVE-2000-0395
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0394 (NetProwler 3.0 allows remote attackers to cause a denial of service by ...)
+CVE-2000-0394
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0393 (The KDE kscd program does not drop privileges when executing a program ...)
+CVE-2000-0393
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0392 (Buffer overflow in ksu in Kerberos 5 allows local users to gain root ...)
+CVE-2000-0392
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0391 (Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain ...)
+CVE-2000-0391
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0390 (Buffer overflow in krb425_conv_principal function in Kerberos 5 allows ...)
+CVE-2000-0390
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0389 (Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows ...)
+CVE-2000-0389
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0388 (Buffer overflow in FreeBSD libmytinfo library allows local users to ...)
+CVE-2000-0388
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0387 (The makelev program in the golddig game from the FreeBSD ports ...)
+CVE-2000-0387
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0382 (ColdFusion ClusterCATS appends stale query string arguments to a URL ...)
+CVE-2000-0382
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0381 (The Gossamer Threads DBMan db.cgi CGI script allows remote attackers ...)
+CVE-2000-0381
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0380 (The IOS HTTP service in Cisco routers and switches running IOS 11.1 ...)
+CVE-2000-0380
 	NOT-FOR-US: Cisco
-CVE-2000-0379 (The Netopia R9100 router does not prevent authenticated users from ...)
+CVE-2000-0379
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0378 (The pam_console PAM module in Linux systems performs a chown on ...)
+CVE-2000-0378
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0377 (The Remote Registry server in Windows NT 4.0 allows local ...)
+CVE-2000-0377
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0376 (Buffer overflow in the HTTP proxy server for the i-drive Filo software ...)
+CVE-2000-0376
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0375 (The kernel in FreeBSD 3.2 follows symbolic links when it creates core ...)
+CVE-2000-0375
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0374 (The default configuration of kdm in Caldera and Mandrake Linux, and ...)
+CVE-2000-0374
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0373 (Vulnerabilities in the KDE kvt terminal program allow local users to ...)
+CVE-2000-0373
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0372 (Vulnerability in Caldera rmt command in the dump package 0.4b4 allows ...)
+CVE-2000-0372
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0371 (The libmediatool library used for the KDE mediatool allows local users ...)
+CVE-2000-0371
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0370 (The debug option in Caldera Linux smail allows remote attackers to ...)
+CVE-2000-0370
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0369 (The IDENT server in Caldera Linux 2.3 creates multiple threads for ...)
+CVE-2000-0369
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0368 (Classic Cisco IOS 9.1 and later allows attackers with access to the ...)
+CVE-2000-0368
 	NOT-FOR-US: Cisco
-CVE-2000-0367 (Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to ...)
+CVE-2000-0367
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0366 (dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which ...)
+CVE-2000-0366
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0363 (Linux cdwtools 093 and earlier allows local users to gain root ...)
+CVE-2000-0363
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0362 (Buffer overflows in Linux cdwtools 093 and earlier allows local users ...)
+CVE-2000-0362
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0361 (The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a ...)
+CVE-2000-0361
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0360 (Buffer overflow in INN 2.2.1 and earlier allows remote attackers to ...)
+CVE-2000-0360
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0359 (Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to ...)
+CVE-2000-0359
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0356 (Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not ...)
+CVE-2000-0356
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0354 (mirror 2.8.x in Linux systems allows remote attackers to create files ...)
+CVE-2000-0354
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0353 (Pine 4.x allows a remote attacker to execute arbitrary commands via an ...)
+CVE-2000-0353
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0352 (Pine before version 4.21 does not properly filter shell metacharacters ...)
+CVE-2000-0352
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0351 (Some packaging commands in SCO UnixWare 7.1.0 have insecure ...)
+CVE-2000-0351
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0350 (A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is ...)
+CVE-2000-0350
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0349 (Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an ...)
+CVE-2000-0349
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0348 (A vulnerability in the Sendmail configuration file sendmail.cf as ...)
+CVE-2000-0348
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0347 (Windows 95 and Windows 98 allow a remote attacker to cause a denial of ...)
+CVE-2000-0347
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0346 (AppleShare IP 6.1 and later allows a remote attacker to read ...)
+CVE-2000-0346
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0344 (The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to ...)
+CVE-2000-0344
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0342 (Eudora 4.x allows remote attackers to bypass the user warning for ...)
+CVE-2000-0342
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0341 (ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a ...)
+CVE-2000-0341
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0340 (Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to ...)
+CVE-2000-0340
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0339 (ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source ...)
+CVE-2000-0339
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0338 (Concurrent Versions Software (CVS) uses predictable temporary file ...)
+CVE-2000-0338
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0337 (Buffer overflow in Xsun X server in Solaris 7 allows local users to ...)
+CVE-2000-0337
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0336 (Linux OpenLDAP server allows local users to modify arbitrary files via ...)
+CVE-2000-0336
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0335 (The resolver in glibc 2.1.3 uses predictable IDs, which allows a local ...)
+CVE-2000-0335
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0334 (The Allaire Spectra container editor preview tool does not properly ...)
+CVE-2000-0334
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0332 (UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows ...)
+CVE-2000-0332
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0331 (Buffer overflow in Microsoft command processor (CMD.EXE) for Windows ...)
+CVE-2000-0331
 	NOT-FOR-US: Microsoft
-CVE-2000-0330 (The networking software in Windows 95 and Windows 98 allows remote ...)
+CVE-2000-0330
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0329 (A Microsoft ActiveX control allows a remote attacker to execute a ...)
+CVE-2000-0329
 	NOT-FOR-US: Microsoft
-CVE-2000-0328 (Windows NT 4.0 generates predictable random TCP initial sequence ...)
+CVE-2000-0328
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0327 (Microsoft Virtual Machine (VM) allows remote attackers to escape the ...)
+CVE-2000-0327
 	NOT-FOR-US: Microsoft
-CVE-2000-0324 (pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of ...)
+CVE-2000-0324
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0323 (The Microsoft Jet database engine allows an attacker to modify text ...)
+CVE-2000-0323
 	NOT-FOR-US: Microsoft
-CVE-2000-0322 (The passwd.php3 CGI script in the Red Hat Piranha Virtual Server ...)
+CVE-2000-0322
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0320 (Qpopper 2.53 and 3.0 does not properly identify the \n string which ...)
+CVE-2000-0320
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0319 (mail.local in Sendmail 8.10.x does not properly identify the .\n ...)
+CVE-2000-0319
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0318 (Atrium Mercur Mail Server 3.2 allows local attackers to read other ...)
+CVE-2000-0318
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0316 (Buffer overflow in Solaris 7 lp allows local users to gain root ...)
+CVE-2000-0316
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0315 (traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged ...)
+CVE-2000-0315
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0314 (traceroute in NetBSD 1.3.3 and Linux systems allows local users to ...)
+CVE-2000-0314
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0313 (Vulnerability in OpenBSD 2.6 allows a local user to change interface ...)
+CVE-2000-0313
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0311 (The Windows 2000 domain controller allows a malicious user to modify ...)
+CVE-2000-0311
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0310 (IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause ...)
+CVE-2000-0310
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0309 (The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a ...)
+CVE-2000-0309
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0308 (Insecure file permissions for Netscape FastTrack Server 2.x, ...)
+CVE-2000-0308
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0307 (Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and ...)
+CVE-2000-0307
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0306 (Buffer overflow in calserver in SCO OpenServer allows remote attackers ...)
+CVE-2000-0306
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0305 (Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal ...)
+CVE-2000-0305
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0304 (Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory ...)
+CVE-2000-0304
 	NOT-FOR-US: Microsoft
-CVE-2000-0303 (Quake3 Arena allows malicious server operators to read or modify ...)
+CVE-2000-0303
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0302 (Microsoft Index Server allows remote attackers to view the source code ...)
+CVE-2000-0302
 	NOT-FOR-US: Microsoft
-CVE-2000-0301 (Ipswitch IMAIL server 6.02 and earlier allows remote attackers to ...)
+CVE-2000-0301
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0298 (The unattended installation of Windows 2000 with the OEMPreinstall ...)
+CVE-2000-0298
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0297 (Allaire Forums 2.0.5 allows remote attackers to bypass access ...)
+CVE-2000-0297
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0296 (fcheck allows local users to gain privileges by embedding shell ...)
+CVE-2000-0296
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0294 (Buffer overflow in healthd for FreeBSD allows local users to gain root ...)
+CVE-2000-0294
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0292 (The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a ...)
+CVE-2000-0292
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0290 (Buffer overflow in Webstar HTTP server allows remote attackers to ...)
+CVE-2000-0290
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0289 (IP masquerading in Linux 2.2.x allows remote attackers to route UDP ...)
+CVE-2000-0289
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0287 (The BizDB CGI script bizdb-search.cgi allows remote attackers to ...)
+CVE-2000-0287
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0285 (Buffer overflow in XFree86 3.3.x allows local users to execute ...)
+CVE-2000-0285
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0283 (The default installation of IRIX Performance Copilot allows remote ...)
+CVE-2000-0283
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0282 (TalentSoft webpsvr daemon in the Web+ shopping cart application allows ...)
+CVE-2000-0282
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0279 (BeOS allows remote attackers to cause a denial of service via ...)
+CVE-2000-0279
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0278 (The SalesLogix Eviewer allows remote attackers to cause a denial of ...)
+CVE-2000-0278
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0277 (Microsoft Excel 97 and 2000 does not warn the user when executing ...)
+CVE-2000-0277
 	NOT-FOR-US: Microsoft
-CVE-2000-0276 (BeOS 4.5 and 5.0 allow local users to cause a denial of service via ...)
+CVE-2000-0276
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0274 (The Linux trustees kernel patch allows attackers to cause a denial of ...)
+CVE-2000-0274
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0273 (PCAnywhere allows remote attackers to cause a denial of service by ...)
+CVE-2000-0273
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0272 (RealNetworks RealServer allows remote attackers to cause a denial of ...)
+CVE-2000-0272
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0268 (Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of ...)
+CVE-2000-0268
 	NOT-FOR-US: Cisco
-CVE-2000-0267 (Cisco Catalyst 5.4.x allows a user to gain access to the &quot;enable&quot; mode ...)
+CVE-2000-0267
 	NOT-FOR-US: Cisco
-CVE-2000-0265 (Panda Security 3.0 allows users to uninstall the Panda software via ...)
+CVE-2000-0265
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0264 (Panda Security 3.0 with registry editing disabled allows users to edit ...)
+CVE-2000-0264
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0263 (The X font server xfs in Red Hat Linux 6.x allows an attacker to cause ...)
+CVE-2000-0263
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0262 (The AVM KEN! ISDN Proxy server allows remote attackers to cause a ...)
+CVE-2000-0262
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0261 (The AVM KEN! web server allows remote attackers to read arbitrary ...)
+CVE-2000-0261
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 ...)
+CVE-2000-0260
 	NOT-FOR-US: Microsoft
-CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of service ...)
+CVE-2000-0258
 	NOT-FOR-US: Microsoft
-CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility ...)
+CVE-2000-0257
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0255 (The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a ...)
+CVE-2000-0255
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0254 (The dansie shopping cart application cart.pl allows remote attackers ...)
+CVE-2000-0254
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0253 (The dansie shopping cart application cart.pl allows remote attackers ...)
+CVE-2000-0253
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0252 (The dansie shopping cart application cart.pl allows remote attackers ...)
+CVE-2000-0252
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0251 (HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes ...)
+CVE-2000-0251
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0249 (The AIX Fast Response Cache Accelerator (FRCA) allows local users to ...)
+CVE-2000-0249
 	NOT-FOR-US: AIX
-CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain ...)
+CVE-2000-0247
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension processing ...)
+CVE-2000-0246
 	NOT-FOR-US: Microsoft
-CVE-2000-0245 (Vulnerability in SGI IRIX objectserver daemon allows remote attackers ...)
+CVE-2000-0245
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0243 (AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to ...)
+CVE-2000-0243
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0240 (vqSoft vqServer program allows remote attackers to read arbitrary ...)
+CVE-2000-0240
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0238 (Buffer overflow in the web server for Norton AntiVirus for Internet ...)
+CVE-2000-0238
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0237 (Netscape Enterprise Server with Web Publishing enabled allows remote ...)
+CVE-2000-0237
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0236 (Netscape Enterprise Server with Directory Indexing enabled allows ...)
+CVE-2000-0236
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0235 (Buffer overflow in the huh program in the orville-write package allows ...)
+CVE-2000-0235
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0234 (The default configuration of Cobalt RaQ2 and RaQ3 as specified in ...)
+CVE-2000-0234
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0233 (SuSE Linux IMAP server allows remote attackers to bypass IMAP ...)
+CVE-2000-0233
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0232 (Microsoft TCP/IP Printing Services, aka Print Services for Unix, ...)
+CVE-2000-0232
 	NOT-FOR-US: Microsoft
-CVE-2000-0231 (Linux kreatecd trusts a user-supplied path that is used to find the ...)
+CVE-2000-0231
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0230 (Buffer overflow in imwheel allows local users to gain root privileges ...)
+CVE-2000-0230
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0229 (gpm-root in the gpm package does not properly drop privileges, which ...)
+CVE-2000-0229
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers to ...)
+CVE-2000-0228
 	NOT-FOR-US: Microsoft
-CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by requesting a ...)
+CVE-2000-0226
 	NOT-FOR-US: Microsoft
-CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users from ...)
+CVE-2000-0225
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0224 (ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root ...)
+CVE-2000-0224
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0223 (Buffer overflow in the wmcdplay CD player program for the WindowMaker ...)
+CVE-2000-0223
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0222 (The installation for Windows 2000 does not activate the Administrator ...)
+CVE-2000-0222
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0221 (The Nautica Marlin bridge allows remote attackers to cause a denial of ...)
+CVE-2000-0221
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0218 (Buffer overflow in Linux mount and umount allows local users to gain ...)
+CVE-2000-0218
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0217 (The default configuration of SSH allows X forwarding, which could ...)
+CVE-2000-0217
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0215 (Vulnerability in SCO cu program in UnixWare 7.x allows local users to ...)
+CVE-2000-0215
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0212 (InterAccess TelnetD Server 4.0 allows remote attackers to conduct a ...)
+CVE-2000-0212
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0211 (The Windows Media server allows remote attackers to cause a denial of ...)
+CVE-2000-0211
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0210 (The lit program in Sun Flex License Manager (FlexLM) follows symlinks, ...)
+CVE-2000-0210
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0209 (Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and ...)
+CVE-2000-0209
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0208 (The htdig (ht://Dig) CGI program htsearch allows remote attackers to ...)
+CVE-2000-0208
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0207 (SGI InfoSearch CGI program infosrch.cgi allows remote attackers to ...)
+CVE-2000-0207
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0206 (The installation of Oracle 8.1.5.x on Linux follows symlinks and ...)
+CVE-2000-0206
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0202 (Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow ...)
+CVE-2000-0202
 	NOT-FOR-US: Microsoft
-CVE-2000-0201 (The window.showHelp() method in Internet Explorer 5.x does not ...)
+CVE-2000-0201
 	NOT-FOR-US: Microsoft
-CVE-2000-0200 (Buffer overflow in Microsoft Clip Art Gallery allows remote attackers ...)
+CVE-2000-0200
 	NOT-FOR-US: Microsoft
-CVE-2000-0196 (Buffer overflow in mhshow in the Linux nmh package allows remote ...)
+CVE-2000-0196
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0195 (setxconf in Corel Linux allows local users to gain root access via the ...)
+CVE-2000-0195
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0194 (buildxconf in Corel Linux allows local users to modify or create ...)
+CVE-2000-0194
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0193 (The default configuration of Dosemu in Corel Linux 1.0 allows local ...)
+CVE-2000-0193
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0192 (The default installation of Caldera OpenLinux 2.3 includes the CGI ...)
+CVE-2000-0192
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0191 (Axis StorPoint CD allows remote attackers to access administrator URLs ...)
+CVE-2000-0191
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0189 (ColdFusion Server 4.x allows remote attackers to determine the real ...)
+CVE-2000-0189
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0186 (Buffer overflow in the dump utility in the Linux ext2fs backup package ...)
+CVE-2000-0186
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0185 (RealMedia RealServer reveals the real IP address of a Real Server, ...)
+CVE-2000-0185
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0184 (Linux printtool sets the permissions of printer configuration files to ...)
+CVE-2000-0184
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0183 (Buffer overflow in ircII 4.4 IRC client allows remote attackers to ...)
+CVE-2000-0183
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0182 (iPlanet Web Server 4.1 allows remote attackers to cause a denial of ...)
+CVE-2000-0182
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0181 (Firewall-1 3.0 and 4.0 leaks packets with private IP address ...)
+CVE-2000-0181
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0180 (Sojourn search engine allows remote attackers to read arbitrary files ...)
+CVE-2000-0180
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0179 (HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of ...)
+CVE-2000-0179
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0178 (ServerIron switches by Foundry Networks have predictable TCP/IP ...)
+CVE-2000-0178
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0175 (Buffer overflow in StarOffice StarScheduler web server allows remote ...)
+CVE-2000-0175
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0174 (StarOffice StarScheduler web server allows remote attackers to read ...)
+CVE-2000-0174
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0172 (The mtr program only uses a seteuid call when attempting to drop ...)
+CVE-2000-0172
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0171 (atsadc in the atsar package for Linux does not properly check the ...)
+CVE-2000-0171
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0170 (Buffer overflow in the man program in Linux allows local users to ...)
+CVE-2000-0170
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0169 (Batch files in the Oracle web listener ows-bin directory allow remote ...)
+CVE-2000-0169
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0168 (Microsoft Windows 9x operating systems allow an attacker to cause a ...)
+CVE-2000-0168
 	NOT-FOR-US: Microsoft
-CVE-2000-0166 (Buffer overflow in the InterAccess telnet server TelnetD allows remote ...)
+CVE-2000-0166
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0165 (The Delegate application proxy has several buffer overflows which ...)
+CVE-2000-0165
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0164 (The installation of Sun Internet Mail Server (SIMS) creates a ...)
+CVE-2000-0164
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0162 (The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x ...)
+CVE-2000-0162
 	NOT-FOR-US: Microsoft
-CVE-2000-0161 (Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not ...)
+CVE-2000-0161
 	NOT-FOR-US: Microsoft
-CVE-2000-0159 (HP Ignite-UX does not save /etc/passwd when it creates an image of a ...)
+CVE-2000-0159
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0157 (NetBSD ptrace call on VAX allows local users to gain privileges by ...)
+CVE-2000-0157
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0156 (Internet Explorer 4.x and 5.x allows remote web servers to access ...)
+CVE-2000-0156
 	NOT-FOR-US: Microsoft
-CVE-2000-0152 (Remote attackers can cause a denial of service in Novell BorderManager ...)
+CVE-2000-0152
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0150 (Check Point Firewall-1 allows remote attackers to bypass port access ...)
+CVE-2000-0150
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0149 (Zeus web server allows remote attackers to view the source code for ...)
+CVE-2000-0149
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0148 (MySQL 3.22 allows remote attackers to bypass password authentication ...)
+CVE-2000-0148
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0146 (The Java Server in the Novell GroupWise Web Access Enhancement Pack ...)
+CVE-2000-0146
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0145 (The libguile.so library file used by gnucash in Debian GNU/Linux is ...)
+CVE-2000-0145
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0144 (Axis 700 Network Scanner does not properly restrict access to ...)
+CVE-2000-0144
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0141 (Infopop Ultimate Bulletin Board (UBB) allows remote attackers to ...)
+CVE-2000-0141
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0140 (Internet Anywhere POP3 Mail Server allows remote attackers to cause a ...)
+CVE-2000-0140
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0139 (Internet Anywhere POP3 Mail Server allows local users to cause a ...)
+CVE-2000-0139
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0131 (Buffer overflow in War FTPd 1.6x allows users to cause a denial of ...)
+CVE-2000-0131
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0130 (Buffer overflow in SCO scohelp program allows remote attackers to ...)
+CVE-2000-0130
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0128 (The Finger Server 0.82 allows remote attackers to execute commands via ...)
+CVE-2000-0128
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0127 (The Webspeed configuration program does not properly disable access to ...)
+CVE-2000-0127
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0121 (The Recycle Bin utility in Windows NT and Windows 2000 allows local ...)
+CVE-2000-0121
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0120 (The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 ...)
+CVE-2000-0120
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0117 (The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site ...)
+CVE-2000-0117
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0116 (Firewall-1 does not properly filter script tags, which allows remote ...)
+CVE-2000-0116
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0113 (The SyGate Remote Management program does not properly restrict access ...)
+CVE-2000-0113
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0112 (The default installation of Debian GNU/Linux uses an insecure Master ...)
+CVE-2000-0112
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0111 (The RightFax web client uses predictable session numbers, which allows ...)
+CVE-2000-0111
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0107 (Linux apcd program allows local attackers to modify arbitrary files ...)
+CVE-2000-0107
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0100 (The SMS Remote Control program is installed with insecure permissions, ...)
+CVE-2000-0100
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0099 (Buffer overflow in UnixWare ppptalk command allows local users to gain ...)
+CVE-2000-0099
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0098 (Microsoft Index Server allows remote attackers to determine the real ...)
+CVE-2000-0098
 	NOT-FOR-US: Microsoft
-CVE-2000-0097 (The WebHits ISAPI filter in Microsoft Index Server allows remote ...)
+CVE-2000-0097
 	NOT-FOR-US: Microsoft
-CVE-2000-0095 (The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for ...)
+CVE-2000-0095
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0094 (procfs in BSD systems allows local users to gain root privileges by ...)
+CVE-2000-0094
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0092 (The BSD make program allows local users to modify files via a symlink ...)
+CVE-2000-0092
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0091 (Buffer overflow in vchkpw/vpopmail POP authentication package allows ...)
+CVE-2000-0091
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0090 (VMWare 1.1.2 allows local users to cause a denial of service via a ...)
+CVE-2000-0090
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0089 (The rdisk utility in Microsoft Terminal Server Edition and Windows NT ...)
+CVE-2000-0089
 	NOT-FOR-US: Microsoft
-CVE-2000-0088 (Buffer overflow in the conversion utilities for Japanese, Korean and ...)
+CVE-2000-0088
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0087 (Netscape Mail Notification (nsnotify) utility in Netscape Communicator ...)
+CVE-2000-0087
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0083 (HP asecure creates the Audio Security File audio.sec with insecure ...)
+CVE-2000-0083
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0080 (AIX techlibss allows local users to overwrite files via a symlink ...)
+CVE-2000-0080
 	NOT-FOR-US: AIX
-CVE-2000-0076 (nviboot boot script in the Debian nvi package allows local users to ...)
+CVE-2000-0076
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0075 (Super Mail Transfer Package (SMTP), later called MsgCore, has a memory ...)
+CVE-2000-0075
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0073 (Buffer overflow in Microsoft Rich Text Format (RTF) reader allows ...)
+CVE-2000-0073
 	NOT-FOR-US: Microsoft
-CVE-2000-0072 (Visual Casel (Vcasel) does not properly prevent users from executing ...)
+CVE-2000-0072
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0070 (NtImpersonateClientOfPort local procedure call in Windows NT 4.0 ...)
+CVE-2000-0070
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0065 (Buffer overflow in InetServ 3.0 allows remote attackers to execute ...)
+CVE-2000-0065
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0064 (cgiproc CGI script in Nortel Contivity HTTP server allows remote ...)
+CVE-2000-0064
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0063 (cgiproc CGI script in Nortel Contivity HTTP server allows remote ...)
+CVE-2000-0063
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0062 (The DTML implementation in the Z Object Publishing Environment (Zope) ...)
+CVE-2000-0062
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0060 (Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers ...)
+CVE-2000-0060
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0057 (Cold Fusion CFCACHE tag places temporary cache files within the web ...)
+CVE-2000-0057
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0056 (IMail IMONITOR status.cgi CGI script allows remote attackers to cause ...)
+CVE-2000-0056
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0053 (Microsoft Commercial Internet System (MCIS) IMAP server allows remote ...)
+CVE-2000-0053
 	NOT-FOR-US: Microsoft
-CVE-2000-0052 (Red Hat userhelper program in the usermode package allows local users ...)
+CVE-2000-0052
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0051 (The Allaire Spectra Configuration Wizard allows remote attackers to ...)
+CVE-2000-0051
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0050 (The Allaire Spectra Webtop allows authenticated users to access other ...)
+CVE-2000-0050
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0048 (get_it program in Corel Linux Update allows local users to gain root ...)
+CVE-2000-0048
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0045 (MySQL allows local users to modify passwords for arbitrary MySQL users ...)
+CVE-2000-0045
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0044 (Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to ...)
+CVE-2000-0044
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0043 (Buffer overflow in CamShot WebCam HTTP server allows remote attackers ...)
+CVE-2000-0043
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0042 (Buffer overflow in CSM mail server allows remote attackers to cause a ...)
+CVE-2000-0042
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0041 (Macintosh systems generate large ICMP datagrams in response to ...)
+CVE-2000-0041
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0040 (glFtpD allows local users to gain privileges via metacharacters in the ...)
+CVE-2000-0040
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0039 (AltaVista search engine allows remote attackers to read files above ...)
+CVE-2000-0039
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0037 (Majordomo wrapper allows local users to gain privileges by specifying ...)
+CVE-2000-0037
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0036 (Outlook Express 5 for Macintosh downloads attachments to HTML mail ...)
+CVE-2000-0036
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0034 (Netscape 4.7 records user passwords in the preferences.js file during ...)
+CVE-2000-0034
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0033 (InterScan VirusWall SMTP scanner does not properly scan messages with ...)
+CVE-2000-0033
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0032 (Solaris dmi_cmd allows local users to crash the dmispd daemon by ...)
+CVE-2000-0032
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0031 (The initscripts package in Red Hat Linux allows local users to gain ...)
+CVE-2000-0031
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0030 (Solaris dmispd dmi_cmd allows local users to fill up restricted disk ...)
+CVE-2000-0030
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0029 (UnixWare pis and mkpis commands allow local users to gain privileges ...)
+CVE-2000-0029
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0027 (IBM Network Station Manager NetStation allows local users to gain ...)
+CVE-2000-0027
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0026 (Buffer overflow in UnixWare i2odialogd daemon allows remote attackers ...)
+CVE-2000-0026
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0025 (IIS 4.0 and Site Server 3.0 allow remote attackers to read source code ...)
+CVE-2000-0025
 	NOT-FOR-US: Microsoft
-CVE-2000-0024 (IIS does not properly canonicalize URLs, potentially allowing remote ...)
+CVE-2000-0024
 	NOT-FOR-US: Microsoft
-CVE-2000-0023 (Buffer overflow in Lotus Domino HTTP server allows remote attackers to ...)
+CVE-2000-0023
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0022 (Lotus Domino HTTP server does not properly disable anonymous access ...)
+CVE-2000-0022
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0020 (DNS PRO allows remote attackers to conduct a denial of service via a ...)
+CVE-2000-0020
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0018 (wmmon in FreeBSD allows local users to gain privileges via the ...)
+CVE-2000-0018
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0015 (CascadeView TFTP server allows local users to gain privileges via a ...)
+CVE-2000-0015
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0014 (Denial of service in Savant web server via a null character in the ...)
+CVE-2000-0014
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0013 (IRIX soundplayer program allows local users to gain privileges by ...)
+CVE-2000-0013
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0012 (Buffer overflow in w3-msql CGI program in miniSQL package allows ...)
+CVE-2000-0012
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0011 (Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote ...)
+CVE-2000-0011
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0010 (WebWho+ whois.cgi program allows remote attackers to execute commands ...)
+CVE-2000-0010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0009 (The bna_pass program in Optivity NETarchitect uses the PATH ...)
+CVE-2000-0009
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0007 (Trend Micro PC-Cillin does not restrict access to its internal proxy ...)
+CVE-2000-0007
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0006 (strace allows local users to read arbitrary files via memory mapped ...)
+CVE-2000-0006
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0004 (ZBServer Pro allows remote attackers to read source code for ...)
+CVE-2000-0004
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0003 (Buffer overflow in UnixWare rtpm program allows local users to gain ...)
+CVE-2000-0003
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0002 (Buffer overflow in ZBServer Pro 1.50 allows remote attackers to ...)
+CVE-2000-0002
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0001 (RealMedia server allows remote attackers to cause a denial of service ...)
+CVE-2000-0001
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1214 (Buffer overflows in the (1) outpack or (2) buf variables of ping in ...)
+CVE-2000-1214
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1213 (ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 ...)
+CVE-2000-1213
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1209 (The &quot;sa&quot; account is installed with a default null password on (1) ...)
+CVE-2000-1209
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1208 (Format string vulnerability in startprinting() function of printjob.c ...)
+CVE-2000-1208
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1207 (userhelper in the usermode package on Red Hat Linux executes ...)
+CVE-2000-1207
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1206 (Vulnerability in Apache httpd before 1.3.11, when configured for mass ...)
+CVE-2000-1206
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1205 (Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 ...)
+CVE-2000-1205
 	- apache 1.3.11 (unimportant)
 	NOTE: only an example script /usr/share/doc/apache-common/examples/
-CVE-2000-1204 (Vulnerability in the mod_vhost_alias virtual hosting module for Apache ...)
+CVE-2000-1204
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1202 (ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable ...)
+CVE-2000-1202
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1201 (Check Point FireWall-1 allows remote attackers to cause a denial of ...)
+CVE-2000-1201
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1199 (PostgreSQL stores usernames and passwords in plaintext in (1) ...)
+CVE-2000-1199
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1198 (qpopper POP server creates lock files with predictable names, which ...)
+CVE-2000-1198
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1197 (POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and ...)
+CVE-2000-1197
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1194 (Argosoft FRP server 1.0 allows remote attackers to cause a denial of ...)
+CVE-2000-1194
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1192 (Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote ...)
+CVE-2000-1192
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1191 (htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows ...)
+CVE-2000-1191
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1188 (Directory traversal vulnerability in Quikstore shopping cart program ...)
+CVE-2000-1188
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1186 (Buffer overflow in phf CGI program allows remote attackers to execute ...)
+CVE-2000-1186
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1185 (The telnet proxy in RideWay PN proxy server allows remote attackers to ...)
+CVE-2000-1185
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1183 (Buffer overflow in socks5 server on Linux allows attackers to execute ...)
+CVE-2000-1183
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1177 (bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and ...)
+CVE-2000-1177
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1176 (Directory traversal vulnerability in YaBB search.pl CGI script allows ...)
+CVE-2000-1176
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1175 (Buffer overflow in Koules 1.4 allows local users to execute arbitrary ...)
+CVE-2000-1175
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1173 (Microsys CyberPatrol uses weak encryption (trivial encoding) for ...)
+CVE-2000-1173
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1172 (Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol ...)
+CVE-2000-1172
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1168 (IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to ...)
+CVE-2000-1168
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1161 (The installation of AdCycle banner management system leaves the ...)
+CVE-2000-1161
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1160 (NAI Sniffer Agent allows remote attackers to cause a denial of service ...)
+CVE-2000-1160
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1159 (NAI Sniffer Agent allows remote attackers to gain privileges on the agent ...)
+CVE-2000-1159
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1158 (NAI Sniffer Agent uses base64 encoding for authentication, which ...)
+CVE-2000-1158
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1157 (Buffer overflow in NAI Sniffer Agent allows remote attackers to ...)
+CVE-2000-1157
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1156 (StarOffice 5.2 follows symlinks and sets world-readable permissions ...)
+CVE-2000-1156
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1155 (RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows ...)
+CVE-2000-1155
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1154 (RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows ...)
+CVE-2000-1154
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1153 (PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to ...)
+CVE-2000-1153
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1152 (Browser IRC client in BeOS r5 pro and earlier allows remote attackers ...)
+CVE-2000-1152
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1151 (Baxter IRC client in BeOS r5 pro and earlier allows remote attackers ...)
+CVE-2000-1151
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1150 (Felix IRC client in BeOS r5 pro and earlier allows remote attackers to ...)
+CVE-2000-1150
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1147 (Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers ...)
+CVE-2000-1147
 	NOT-FOR-US: Microsoft
-CVE-2000-1138 (Lotus Notes R5 client R5.0.5 and earlier does not properly warn users ...)
+CVE-2000-1138
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1134 (Multiple shell programs on various Unix systems, including (1) tcsh, ...)
+CVE-2000-1134
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1133 (Authentix Authentix100 allows remote attackers to bypass ...)
+CVE-2000-1133
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1130 (McAfee WebShield SMTP 4.5 allows remote attackers to bypass email ...)
+CVE-2000-1130
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1129 (McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of ...)
+CVE-2000-1129
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1128 (The default configuration of McAfee VirusScan 4.5 does not quote the ...)
+CVE-2000-1128
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1127 (registrar in the HP resource monitor service allows local users to ...)
+CVE-2000-1127
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1126 (Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier ...)
+CVE-2000-1126
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1125 (restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname ...)
+CVE-2000-1125
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1118 (24Link 1.06 web server allows remote attackers to bypass access ...)
+CVE-2000-1118
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1117 (The Extended Control List (ECL) feature of the Java Virtual Machine ...)
+CVE-2000-1117
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1116 (Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows ...)
+CVE-2000-1116
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1114 (Unify ServletExec AS v3.0C allows remote attackers to read source code ...)
+CVE-2000-1114
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1110 (document.d2w CGI program in the IBM Net.Data db2www package allows ...)
+CVE-2000-1110
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1105 (The ixsso.query ActiveX Object is marked as safe for scripting, which ...)
+CVE-2000-1105
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1104 (Variant of the &quot;IIS Cross-Site Scripting&quot; vulnerability as originally ...)
+CVE-2000-1104
 	NOT-FOR-US: Microsoft
-CVE-2000-1103 (rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before ...)
+CVE-2000-1103
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1102 (PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to ...)
+CVE-2000-1102
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1100 (The default configuration for PostACI webmail system installs the ...)
+CVE-2000-1100
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1098 (The web server for the SonicWALL SOHO firewall allows remote attackers ...)
+CVE-2000-1098
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1093 (Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote ...)
+CVE-2000-1093
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1092 (loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote ...)
+CVE-2000-1092
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1090 (Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers ...)
+CVE-2000-1090
 	NOT-FOR-US: Microsoft
-CVE-2000-1088 (The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL ...)
+CVE-2000-1088
 	NOT-FOR-US: Microsoft
-CVE-2000-1087 (The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL ...)
+CVE-2000-1087
 	NOT-FOR-US: Microsoft
-CVE-2000-1086 (The xp_printstatements function in Microsoft SQL Server 2000 and SQL ...)
+CVE-2000-1086
 	NOT-FOR-US: Microsoft
-CVE-2000-1085 (The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server ...)
+CVE-2000-1085
 	NOT-FOR-US: Microsoft
-CVE-2000-1084 (The xp_updatecolvbm function in SQL Server and Microsoft SQL Server ...)
+CVE-2000-1084
 	NOT-FOR-US: Microsoft
-CVE-2000-1083 (The xp_showcolv function in SQL Server and Microsoft SQL Server ...)
+CVE-2000-1083
 	NOT-FOR-US: Microsoft
-CVE-2000-1082 (The xp_enumresultset function in SQL Server and Microsoft SQL Server ...)
+CVE-2000-1082
 	NOT-FOR-US: Microsoft
-CVE-2000-1081 (The xp_displayparamstmt function in SQL Server and Microsoft SQL ...)
+CVE-2000-1081
 	NOT-FOR-US: Microsoft
-CVE-2000-1079 (Interactions between the CIFS Browser Protocol and NetBIOS as ...)
+CVE-2000-1079
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1078 (ICQ Web Front HTTPd allows remote attackers to cause a denial of ...)
+CVE-2000-1078
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1076 (Netscape (iPlanet) Certificate Management System 4.2 and Directory ...)
+CVE-2000-1076
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1066 (The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly ...)
+CVE-2000-1066
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1065 (Vulnerability in IP implementation of HP JetDirect printer card ...)
+CVE-2000-1065
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1064 (Buffer overflow in the LPD service in HP JetDirect printer card ...)
+CVE-2000-1064
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1063 (Buffer overflow in the Telnet service in HP JetDirect printer card ...)
+CVE-2000-1063
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1062 (Buffer overflow in the FTP service in HP JetDirect printer card ...)
+CVE-2000-1062
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1053 (Allaire JRun 2.3.3 server allows remote attackers to compile and ...)
+CVE-2000-1053
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1052 (Allaire JRun 2.3 server allows remote attackers to obtain source code ...)
+CVE-2000-1052
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1048 (Directory traversal vulnerability in the logfile service of Wingate ...)
+CVE-2000-1048
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1046 (Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c ...)
+CVE-2000-1046
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1039 (Various TCP/IP stacks and network applications allow remote attackers ...)
+CVE-2000-1039
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1037 (Check Point Firewall-1 session agent 3.0 through 4.1 generates ...)
+CVE-2000-1037
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1035 (Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote ...)
+CVE-2000-1035
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1033 (Serv-U FTP Server allows remote attackers to bypass its anti-hammering ...)
+CVE-2000-1033
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1030 (CS&amp;T CorporateTime for the Web returns different error messages for ...)
+CVE-2000-1030
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1029 (Buffer overflow in host command allows a remote attacker to execute ...)
+CVE-2000-1029
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1028 (Buffer overflow in cu program in HP-UX 11.0 may allow local users to ...)
+CVE-2000-1028
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1025 (eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, ...)
+CVE-2000-1025
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1023 (The Alabanza Control Panel does not require passwords to access ...)
+CVE-2000-1023
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1021 (Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote ...)
+CVE-2000-1021
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1020 (Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows ...)
+CVE-2000-1020
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1017 (Webteachers Webdata allows remote attackers with valid Webdata ...)
+CVE-2000-1017
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1015 (The default configuration of Slashcode before version 2.0 Alpha has a ...)
+CVE-2000-1015
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1013 (The setlocale function in FreeBSD 5.0 and earlier, and possibly other ...)
+CVE-2000-1013
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1012 (The catopen function in FreeBSD 5.0 and earlier, and possibly other ...)
+CVE-2000-1012
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1009 (dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH ...)
+CVE-2000-1009
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1008 (PalmOS 3.5.2 and earlier uses weak encryption to store the user ...)
+CVE-2000-1008
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0999 (Format string vulnerabilities in OpenBSD ssh program (and possibly ...)
+CVE-2000-0999
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0998 (Format string vulnerability in top program allows local attackers to ...)
+CVE-2000-0998
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0997 (Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, ...)
+CVE-2000-0997
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0988 (WinU 1.0 through 5.1 has a backdoor password that allows remote ...)
+CVE-2000-0988
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0987 (Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain ...)
+CVE-2000-0987
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0986 (Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, ...)
+CVE-2000-0986
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0985 (Buffer overflow in All-Mail 1.1 allows remote attackers to execute ...)
+CVE-2000-0985
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0971 (Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of ...)
+CVE-2000-0971
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0963 (Buffer overflow in ncurses library allows local users to execute ...)
+CVE-2000-0963
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0955 (Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to ...)
+CVE-2000-0955
 	NOT-FOR-US: Cisco
-CVE-2000-0954 (Shambala Server 4.5 stores passwords in plaintext, which could allow ...)
+CVE-2000-0954
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0950 (Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) ...)
+CVE-2000-0950
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0940 (Directory traversal vulnerability in Metertek pagelog.cgi allows ...)
+CVE-2000-0940
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0939 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote ...)
+CVE-2000-0939
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0931 (Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause ...)
+CVE-2000-0931
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0918 (Format string vulnerability in kvt in KDE 1.1.2 may allow local users ...)
+CVE-2000-0918
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0916 (FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an ...)
+CVE-2000-0916
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0907 (EServ 2.92 Build 2982 allows remote attackers to cause a denial of ...)
+CVE-2000-0907
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0906 (Directory traversal vulnerability in Moreover.com cached_feed.cgi ...)
+CVE-2000-0906
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0905 (QNX Embedded Resource Manager in Voyager web server 2.01B in the demo ...)
+CVE-2000-0905
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0904 (Voyager web server 2.01B in the demo disks for QNX 405 stores ...)
+CVE-2000-0904
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0903 (Directory traversal vulnerability in Voyager web server 2.01B in the ...)
+CVE-2000-0903
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0902 (getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read ...)
+CVE-2000-0902
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0899 (Small HTTP Server 2.01 allows remote attackers to cause a denial of ...)
+CVE-2000-0899
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0898 (Small HTTP Server 2.01 does not properly process Server Side Includes ...)
+CVE-2000-0898
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0893 (The presence of the Distributed GL Daemon (dgld) service on port 5232 ...)
+CVE-2000-0893
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0889 (Two Sun security certificates have been compromised, which could allow ...)
+CVE-2000-0889
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0885 (Buffer overflows in Microsoft Network Monitor (Netmon) allow remote ...)
+CVE-2000-0885
 	NOT-FOR-US: Microsoft
-CVE-2000-0882 (Intel Express 500 series switches allow a remote attacker to cause a ...)
+CVE-2000-0882
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0881 (The dccscan setuid program in LPPlus does not properly check if the ...)
+CVE-2000-0881
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0880 (LPPlus creates the lpdprocess file with world-writeable permissions, ...)
+CVE-2000-0880
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0879 (LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and ...)
+CVE-2000-0879
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0872 (explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read ...)
+CVE-2000-0872
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0866 (Interbase 6 SuperServer for Linux allows an attacker to cause a denial ...)
+CVE-2000-0866
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0857 (The logging capability in muh 2.05d IRC server does not properly ...)
+CVE-2000-0857
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0855 (SunFTP build 9(1) allows remote attackers to cause a denial of service ...)
+CVE-2000-0855
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0845 (kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to ...)
+CVE-2000-0845
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0843 (Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules ...)
+CVE-2000-0843
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0842 (The search97cgi/vtopic&quot; in the UnixWare 7 scohelphttp webserver allows ...)
+CVE-2000-0842
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0841 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...)
+CVE-2000-0841
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0840 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...)
+CVE-2000-0840
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0836 (Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to ...)
+CVE-2000-0836
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0835 (search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 ...)
+CVE-2000-0835
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0833 (Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to ...)
+CVE-2000-0833
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0832 (Htgrep CGI program allows remote attackers to read arbitrary files by ...)
+CVE-2000-0832
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0831 (Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause ...)
+CVE-2000-0831
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0828 (Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the ...)
+CVE-2000-0828
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0827 (Buffer overflow in the web authorization form of Mobius DocumentDirect ...)
+CVE-2000-0827
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0826 (Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the ...)
+CVE-2000-0826
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0817 (Buffer overflow in the HTTP protocol parser for Microsoft Network ...)
+CVE-2000-0817
 	NOT-FOR-US: Microsoft
-CVE-2000-0812 (The administration module in Sun Java web server allows remote ...)
+CVE-2000-0812
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0802 (The BAIR program does not properly restrict access to the Internet ...)
+CVE-2000-0802
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0801 (Buffer overflow in bdf program in HP-UX 11.00 may allow local users to ...)
+CVE-2000-0801
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0800 (String parsing error in rpc.kstatd in the linuxnfs or knfsd packages ...)
+CVE-2000-0800
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0798 (The truncate function in IRIX 6.x does not properly check for ...)
+CVE-2000-0798
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0794 (Buffer overflow in IRIX libgl.so library allows local users to gain ...)
+CVE-2000-0794
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0793 (Norton AntiVirus 5.00.01C with the Novell Netware client does not ...)
+CVE-2000-0793
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0791 (Trustix installs the httpsd program for Apache-SSL with ...)
+CVE-2000-0791
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0789 (WinU 5.x and earlier uses weak encryption to store its configuration ...)
+CVE-2000-0789
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0785 (WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files ...)
+CVE-2000-0785
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0784 (sshd program in the Rapidstream 2.1 Beta VPN appliance has a ...)
+CVE-2000-0784
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0775 (Buffer overflow in RobTex Viking server earlier than 1.06-370 allows ...)
+CVE-2000-0775
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0774 (The sample Java servlet &quot;test&quot; in Bajie HTTP web server 0.30a reveals ...)
+CVE-2000-0774
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0772 (The installation of Tumbleweed Messaging Management System (MMS) 4.6 ...)
+CVE-2000-0772
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0769 (O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with ...)
+CVE-2000-0769
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0760 (The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals ...)
+CVE-2000-0760
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0759 (Jakarta Tomcat 3.1 under Apache reveals physical path information when ...)
+CVE-2000-0759
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0757 (The sysgen service in Aptis Totalbill does not perform authentication, ...)
+CVE-2000-0757
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0756 (Microsoft Outlook 2000 does not properly process long or malformed ...)
+CVE-2000-0756
 	NOT-FOR-US: Microsoft
-CVE-2000-0755 (Vulnerability in the newgrp command in HP-UX 11.00 allows local users ...)
+CVE-2000-0755
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0752 (Buffer overflows in brouted in FreeBSD and possibly other OSes allows ...)
+CVE-2000-0752
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0748 (OpenLDAP 1.2.11 and earlier improperly installs the ud binary with ...)
+CVE-2000-0748
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0746 (Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against ...)
+CVE-2000-0746
 	NOT-FOR-US: Microsoft
-CVE-2000-0736 (Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier ...)
+CVE-2000-0736
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0735 (Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier ...)
+CVE-2000-0735
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0734 (eEye IRIS 1.01 beta allows remote attackers to cause a denial of ...)
+CVE-2000-0734
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0724 (The go-gnome Helix GNOME pre-installer allows local users to overwrite ...)
+CVE-2000-0724
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0723 (Helix GNOME Updater helix-update 0.5 and earlier does not properly ...)
+CVE-2000-0723
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0722 (Helix GNOME Updater helix-update 0.5 and earlier allows local users to ...)
+CVE-2000-0722
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0721 (The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip ...)
+CVE-2000-0721
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0719 (VariCAD 7.0 is installed with world-writeable files, which allows ...)
+CVE-2000-0719
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0715 (DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to ...)
+CVE-2000-0715
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0714 (umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable ...)
+CVE-2000-0714
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0713 (Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and ...)
+CVE-2000-0713
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0710 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...)
+CVE-2000-0710
 	NOT-FOR-US: Microsoft
-CVE-2000-0709 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...)
+CVE-2000-0709
 	NOT-FOR-US: Microsoft
-CVE-2000-0704 (Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to ...)
+CVE-2000-0704
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0701 (The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly ...)
+CVE-2000-0701
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0697 (The administration interface for the dwhttpd web server in Solaris ...)
+CVE-2000-0697
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0696 (The administration interface for the dwhttpd web server in Solaris ...)
+CVE-2000-0696
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0695 (Buffer overflows in pgxconfig in the Raptor GFX configuration tool ...)
+CVE-2000-0695
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0692 (ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a ...)
+CVE-2000-0692
 	- kdebase 4:2.2.2-14.6
-CVE-2000-0691 (The faxrunq and faxrunqd in the mgetty package allows local users to ...)
+CVE-2000-0691
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0690 (Auction Weaver CGI script 1.02 and earlier allows remote attackers to ...)
+CVE-2000-0690
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0689 (Account Manager LITE does not properly authenticate attempts to change ...)
+CVE-2000-0689
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0688 (Subscribe Me LITE does not properly authenticate attempts to change ...)
+CVE-2000-0688
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0687 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to ...)
+CVE-2000-0687
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0686 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to ...)
+CVE-2000-0686
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0680 (The CVS 1.10.8 server does not properly restrict users from creating ...)
+CVE-2000-0680
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0667 (Vulnerability in gpm in Caldera Linux allows local users to delete ...)
+CVE-2000-0667
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0659 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
+CVE-2000-0659
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0658 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
+CVE-2000-0658
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0657 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
+CVE-2000-0657
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0656 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
+CVE-2000-0656
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0653 (Microsoft Outlook Express allows remote attackers to monitor a user's ...)
+CVE-2000-0653
 	NOT-FOR-US: Microsoft
-CVE-2000-0649 (IIS 4.0 allows remote attackers to obtain the internal IP address of ...)
+CVE-2000-0649
 	NOT-FOR-US: Microsoft
-CVE-2000-0648 (WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of ...)
+CVE-2000-0648
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0647 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...)
+CVE-2000-0647
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0646 (WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real ...)
+CVE-2000-0646
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0645 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...)
+CVE-2000-0645
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0629 (The default configuration of the Sun Java web server 2.0 and earlier ...)
+CVE-2000-0629
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0626 (Buffer overflow in Alibaba web server allows remote attackers to cause ...)
+CVE-2000-0626
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0625 (NetZero 3.0 and earlier uses weak encryption for storing a user's ...)
+CVE-2000-0625
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0623 (Buffer overflow in O'Reilly WebSite Professional web server 2.4 and ...)
+CVE-2000-0623
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0618 (Buffer overflow in xconq and cconq game programs on Red Hat Linux ...)
+CVE-2000-0618
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0617 (Buffer overflow in xconq and cconq game programs on Red Hat Linux ...)
+CVE-2000-0617
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0614 (Tnef program in Linux systems allows remote attackers to overwrite ...)
+CVE-2000-0614
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0612 (Windows 95 and Windows 98 do not properly process spoofed ARP packets, ...)
+CVE-2000-0612
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0609 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...)
+CVE-2000-0609
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0608 (NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to ...)
+CVE-2000-0608
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0607 (Buffer overflow in fld program in Kanji on Console (KON) package on ...)
+CVE-2000-0607
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0606 (Buffer overflow in kon program in Kanji on Console (KON) package on ...)
+CVE-2000-0606
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0605 (Blackboard CourseInfo 4.0 stores the local and SQL administrator user ...)
+CVE-2000-0605
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0592 (Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow ...)
+CVE-2000-0592
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0589 (SawMill 5.0.21 uses weak encryption to store passwords, which allows ...)
+CVE-2000-0589
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0580 (Windows 2000 Server allows remote attackers to cause a denial of ...)
+CVE-2000-0580
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0578 (SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in ...)
+CVE-2000-0578
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0574 (FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do ...)
+CVE-2000-0574
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0572 (The Razor configuration management tool uses weak encryption for its ...)
+CVE-2000-0572
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0564 (The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, ...)
+CVE-2000-0564
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0563 (The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier ...)
+CVE-2000-0563
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0562 (BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and ...)
+CVE-2000-0562
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0559 (eTrust Intrusion Detection System (formerly SessionWall-3) uses weak ...)
+CVE-2000-0559
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0554 (Ceilidh allows remote attackers to obtain the real path of the Ceilidh ...)
+CVE-2000-0554
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0547 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to ...)
+CVE-2000-0547
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0546 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to ...)
+CVE-2000-0546
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0545 (Buffer overflow in mailx mail command (aka Mail) on Linux systems ...)
+CVE-2000-0545
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0544 (Windows NT and Windows 2000 hosts allow a remote attacker to cause a ...)
+CVE-2000-0544
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0543 (The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows ...)
+CVE-2000-0543
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0535 (OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the ...)
+CVE-2000-0535
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0531 (Linux gpm program allows local users to cause a denial of service by ...)
+CVE-2000-0531
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0527 (userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows ...)
+CVE-2000-0527
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0526 (mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows ...)
+CVE-2000-0526
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0524 (Microsoft Outlook and Outlook Express allow remote attackers to cause ...)
+CVE-2000-0524
 	NOT-FOR-US: Microsoft
-CVE-2000-0520 (Buffer overflow in restore program 0.4b17 and earlier in dump package ...)
+CVE-2000-0520
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0509 (Buffer overflows in the finger and whois demonstration scripts in ...)
+CVE-2000-0509
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0503 (The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows ...)
+CVE-2000-0503
 	NOT-FOR-US: Microsoft
-CVE-2000-0492 (PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, ...)
+CVE-2000-0492
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0491 (Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and ...)
+CVE-2000-0491
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0487 (The Protected Store in Windows 2000 does not properly select the ...)
+CVE-2000-0487
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0480 (Dragon telnet server allows remote attackers to cause a denial of service ...)
+CVE-2000-0480
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0479 (Dragon FTP server allows remote attackers to cause a denial of service ...)
+CVE-2000-0479
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0476 (xterm, Eterm, and rxvt allow an attacker to cause a denial of service ...)
+CVE-2000-0476
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0473 (Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker ...)
+CVE-2000-0473
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0450 (Vulnerability in bbd server in Big Brother System and Network Monitor ...)
+CVE-2000-0450
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0449 (Omnis Studio 2.4 uses weak encryption (trivial encoding) for ...)
+CVE-2000-0449
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0444 (HP Web JetAdmin 6.0 allows remote attackers to cause a denial of ...)
+CVE-2000-0444
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0434 (The administrative password for the Allmanage web site administration ...)
+CVE-2000-0434
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0433 (The SuSE aaa_base package installs some system accounts with home ...)
+CVE-2000-0433
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0429 (A backdoor password in Cart32 3.0 and earlier allows remote attackers ...)
+CVE-2000-0429
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0423 (Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers ...)
+CVE-2000-0423
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0422 (Buffer overflow in Netwin DMailWeb CGI program allows remote attackers ...)
+CVE-2000-0422
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0420 (The default configuration of SYSKEY in Windows 2000 stores the startup ...)
+CVE-2000-0420
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0415 (Buffer overflow in Outlook Express 4.x allows attackers to cause a ...)
+CVE-2000-0415
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0413 (The shtml.exe program in the FrontPage extensions package of IIS 4.0 ...)
+CVE-2000-0413
 	NOT-FOR-US: Microsoft
-CVE-2000-0412 (The gnapster and knapster clients for Napster do not properly restrict ...)
+CVE-2000-0412
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0401 (Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping ...)
+CVE-2000-0401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0400 (The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does ...)
+CVE-2000-0400
 	NOT-FOR-US: Microsoft
-CVE-2000-0386 (FileMaker Pro 5 Web Companion allows remote attackers to send ...)
+CVE-2000-0386
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0385 (FileMaker Pro 5 Web Companion allows remote attackers to bypass ...)
+CVE-2000-0385
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0384 (NetStructure 7110 and 7180 have undocumented accounts (servnow, root, ...)
+CVE-2000-0384
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0383 (The file transfer component of AOL Instant Messenger (AIM) reveals the ...)
+CVE-2000-0383
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0365 (Red Hat Linux 6.0 installs the /dev/pts file system with insecure ...)
+CVE-2000-0365
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0364 (screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of ...)
+CVE-2000-0364
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0358 (ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers ...)
+CVE-2000-0358
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0357 (ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random ...)
+CVE-2000-0357
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0355 (pg and pb in SuSE pbpg 1.x package allows an attacker to read ...)
+CVE-2000-0355
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0345 (The on-line help system options in Cisco routers allows non-privileged ...)
+CVE-2000-0345
 	NOT-FOR-US: Cisco
-CVE-2000-0343 (Buffer overflow in Sniffit 0.3.x with the -L logging option enabled ...)
+CVE-2000-0343
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0333 (tcpdump, Ethereal, and other sniffer packages allow remote attackers ...)
+CVE-2000-0333
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0326 (Meeting Maker uses weak encryption (a polyalphabetic substitution ...)
+CVE-2000-0326
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0325 (The Microsoft Jet database engine allows an attacker to execute ...)
+CVE-2000-0325
 	NOT-FOR-US: Microsoft
-CVE-2000-0321 (Buffer overflow in IC Radius package allows a remote attacker to cause ...)
+CVE-2000-0321
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0317 (Buffer overflow in Solaris 7 lpset allows local users to gain root ...)
+CVE-2000-0317
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0312 (cron in OpenBSD 2.5 allows local users to gain root privileges via an ...)
+CVE-2000-0312
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0300 (The default encryption method of PcAnywhere 9.x uses weak encryption, ...)
+CVE-2000-0300
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0299 (Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 ...)
+CVE-2000-0299
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0295 (Buffer overflow in LCDproc allows remote attackers to gain root ...)
+CVE-2000-0295
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0293 (aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow ...)
+CVE-2000-0293
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0291 (Buffer overflow in Star Office 5.1 allows attackers to cause a denial ...)
+CVE-2000-0291
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0288 (Infonautics getdoc.cgi allows remote attackers to bypass the payment ...)
+CVE-2000-0288
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0286 (X fontserver xfs allows local users to cause a denial of service via ...)
+CVE-2000-0286
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0284 (Buffer overflow in University of Washington imapd version 4.7 allows ...)
+CVE-2000-0284
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0281 (Buffer overflow in the Napster client beta 5 allows remote attackers ...)
+CVE-2000-0281
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0280 (Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 ...)
+CVE-2000-0280
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0275 (CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a ...)
+CVE-2000-0275
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0271 (read-passwd and other Lisp functions in Emacs 20 do not properly clear ...)
+CVE-2000-0271
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0270 (The make-temp-name Lisp function in Emacs 20 creates temporary files ...)
+CVE-2000-0270
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0269 (Emacs 20 does not properly set permissions for a slave PTY device when ...)
+CVE-2000-0269
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0266 (Internet Explorer 5.01 allows remote attackers to bypass the cross ...)
+CVE-2000-0266
 	NOT-FOR-US: Microsoft
-CVE-2000-0259 (The default permissions for the Cryptography\Offload registry key used ...)
+CVE-2000-0259
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0256 (Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and ...)
+CVE-2000-0256
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0250 (The crypt function in QNX uses weak encryption, which allows local ...)
+CVE-2000-0250
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0248 (The web GUI for the Linux Virtual Server (LVS) software in the Red Hat ...)
+CVE-2000-0248
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0244 (The Citrix ICA (Independent Computing Architecture) protocol uses weak ...)
+CVE-2000-0244
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0242 (WindMail allows remote attackers to read arbitrary files or execute ...)
+CVE-2000-0242
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0241 (vqSoft vqServer stores sensitive information such as passwords in ...)
+CVE-2000-0241
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0239 (Buffer overflow in the MERCUR WebView WebMail server allows remote ...)
+CVE-2000-0239
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0227 (The Linux 2.2.x kernel does not restrict the number of Unix domain ...)
+CVE-2000-0227
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0220 (ZoneAlarm sends sensitive system and network information in cleartext ...)
+CVE-2000-0220
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0219 (Red Hat 6.0 allows local users to gain root access by booting single ...)
+CVE-2000-0219
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0216 (Microsoft email clients in Outlook, Exchange, and Windows Messaging ...)
+CVE-2000-0216
 	NOT-FOR-US: Microsoft
-CVE-2000-0214 (FTP Explorer uses weak encryption for storing the username, password, ...)
+CVE-2000-0214
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0213 (The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the ...)
+CVE-2000-0213
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0205 (Trend Micro OfficeScan allows remote attackers to replay ...)
+CVE-2000-0205
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0204 (The Trend Micro OfficeScan client allows remote attackers to cause a ...)
+CVE-2000-0204
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0203 (The Trend Micro OfficeScan client tmlisten.exe allows remote attackers ...)
+CVE-2000-0203
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0199 (When a new SQL Server is registered in Enterprise Manager for ...)
+CVE-2000-0199
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0198 (Buffer overflow in POP3 and IMAP servers in the MERCUR mail server ...)
+CVE-2000-0198
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0197 (The Windows NT scheduler uses the drive mapping of the interactive ...)
+CVE-2000-0197
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0190 (AOL Instant Messenger (AIM) client allows remote attackers to cause a ...)
+CVE-2000-0190
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0188 (EZShopper 3.0 search.cgi CGI script allows remote attackers to read ...)
+CVE-2000-0188
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0187 (EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read ...)
+CVE-2000-0187
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0177 (DNSTools CGI applications allow remote attackers to execute arbitrary ...)
+CVE-2000-0177
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0176 (The default configuration of Serv-U 2.5d and earlier allows remote ...)
+CVE-2000-0176
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0173 (Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote ...)
+CVE-2000-0173
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0167 (IIS Inetinfo.exe allows local users to cause a denial of service by ...)
+CVE-2000-0167
 	NOT-FOR-US: Microsoft
-CVE-2000-0163 (asmon and ascpu in FreeBSD allow local users to gain root privileges ...)
+CVE-2000-0163
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0160 (The Microsoft Active Setup ActiveX component in Internet Explorer 4.x ...)
+CVE-2000-0160
 	NOT-FOR-US: Microsoft
-CVE-2000-0158 (Buffer overflow in MMDF server allows remote attackers to gain ...)
+CVE-2000-0158
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0155 (Windows NT Autorun executes the autorun.inf file on non-removable ...)
+CVE-2000-0155
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0154 (The ARCserve agent in UnixWare allows local attackers to modify ...)
+CVE-2000-0154
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0153 (FrontPage Personal Web Server (PWS) allows remote attackers to read ...)
+CVE-2000-0153
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0151 (GNU make follows symlinks when it reads a Makefile from stdin, which ...)
+CVE-2000-0151
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0147 (snmpd in SCO OpenServer has an SNMP community string that is writable ...)
+CVE-2000-0147
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0143 (The SSH protocol server sshd allows local users without shell access ...)
+CVE-2000-0143
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0142 (The authentication protocol in Timbuktu Pro 2.0b650 allows remote ...)
+CVE-2000-0142
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0138 (A system has a distributed denial of service (DDOS) attack master, ...)
+CVE-2000-0138
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0137 (The CartIt shopping cart application allows remote users to modify ...)
+CVE-2000-0137
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0136 (The Cart32 shopping cart application allows remote users to modify ...)
+CVE-2000-0136
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0135 (The @Retail shopping cart application allows remote users to modify ...)
+CVE-2000-0135
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0134 (The Check It Out shopping cart application allows remote users to ...)
+CVE-2000-0134
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0133 (Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to ...)
+CVE-2000-0133
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0132 (Microsoft Java Virtual Machine allows remote attackers to read ...)
+CVE-2000-0132
 	NOT-FOR-US: Microsoft
-CVE-2000-0129 (Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP ...)
+CVE-2000-0129
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0126 (Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote ...)
+CVE-2000-0126
 	NOT-FOR-US: Microsoft
-CVE-2000-0125 (wwwthreads does not properly cleanse numeric data or table names that ...)
+CVE-2000-0125
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0124 (surfCONTROL SuperScout does not properly asign a category to web sites ...)
+CVE-2000-0124
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0123 (The shopping cart application provided with Filemaker allows remote ...)
+CVE-2000-0123
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0122 (Frontpage Server Extensions allows remote attackers to determine the ...)
+CVE-2000-0122
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0119 (The default configurations for McAfee Virus Scan and Norton Anti-Virus ...)
+CVE-2000-0119
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0118 (The Red Hat Linux su program does not log failed password guesses if ...)
+CVE-2000-0118
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0115 (IIS allows local users to cause a denial of service via invalid ...)
+CVE-2000-0115
 	NOT-FOR-US: Microsoft
-CVE-2000-0114 (Frontpage Server Extensions allows remote attackers to determine the ...)
+CVE-2000-0114
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0110 (The WebSiteTool shopping cart application allows remote users to ...)
+CVE-2000-0110
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0109 (The mcsp Client Site Processor system (MultiCSP) in Standard and ...)
+CVE-2000-0109
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0108 (The Intellivend shopping cart application allows remote users to ...)
+CVE-2000-0108
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0106 (The EasyCart shopping cart application allows remote users to ...)
+CVE-2000-0106
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0105 (Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers ...)
+CVE-2000-0105
 	NOT-FOR-US: Microsoft
-CVE-2000-0104 (The Shoptron shopping cart application allows remote users to ...)
+CVE-2000-0104
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0103 (The SmartCart shopping cart application allows remote users to ...)
+CVE-2000-0103
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0102 (The SalesCart shopping cart application allows remote users to modify ...)
+CVE-2000-0102
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0101 (The Make-a-Store OrderPage shopping cart application allows remote ...)
+CVE-2000-0101
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0096 (Buffer overflow in qpopper 3.0 beta versions allows local users to ...)
+CVE-2000-0096
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0093 (An installation of Red Hat uses DES password encryption with crypt() ...)
+CVE-2000-0093
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0086 (Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which ...)
+CVE-2000-0086
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0085 (Hotmail does not properly filter JavaScript code from a user's ...)
+CVE-2000-0085
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0084 (CuteFTP uses weak encryption to store password information in its ...)
+CVE-2000-0084
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0082 (WebTV email client allows remote attackers to force the client to send ...)
+CVE-2000-0082
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0081 (Hotmail does not properly filter JavaScript code from a user's ...)
+CVE-2000-0081
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0079 (The W3C CERN httpd HTTP server allows remote attackers to determine ...)
+CVE-2000-0079
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0078 (The June 1999 version of the HP-UX aserver program allows local users ...)
+CVE-2000-0078
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0077 (The October 1998 version of the HP-UX aserver program allows local ...)
+CVE-2000-0077
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0074 (PowerScripts PlusMail CGI program allows remote attackers to execute ...)
+CVE-2000-0074
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0071 (IIS 4.0 allows a remote attacker to obtain the real pathname of the ...)
+CVE-2000-0071
 	NOT-FOR-US: Microsoft
-CVE-2000-0069 (The recover program in Solstice Backup allows local users to restore ...)
+CVE-2000-0069
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0068 (daynad program in Intel InBusiness E-mail Station does not require ...)
+CVE-2000-0068
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0067 (CyberCash Merchant Connection Kit (MCK) allows local users to modify ...)
+CVE-2000-0067
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0066 (WebSite Pro allows remote attackers to determine the real pathname of ...)
+CVE-2000-0066
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0061 (Internet Explorer 5 does not modify the security zone for a document ...)
+CVE-2000-0061
 	NOT-FOR-US: Microsoft
-CVE-2000-0059 (PHP3 with safe_mode enabled does not properly filter shell ...)
+CVE-2000-0059
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0058 (Network HotSync program in Handspring Visor does not have ...)
+CVE-2000-0058
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0055 (Buffer overflow in Solaris chkperm command allows local users to ...)
+CVE-2000-0055
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0054 (search.cgi in the SolutionScripts Home Free package allows remote ...)
+CVE-2000-0054
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0049 (Buffer overflow in Winamp client allows remote attackers to execute ...)
+CVE-2000-0049
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0047 (Buffer overflow in Yahoo Pager/Messenger client allows remote ...)
+CVE-2000-0047
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0046 (Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to ...)
+CVE-2000-0046
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0038 (glFtpD includes a default glftpd user account with a default password ...)
+CVE-2000-0038
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0035 (resend command in Majordomo allows local users to gain privileges via ...)
+CVE-2000-0035
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0028 (Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the ...)
+CVE-2000-0028
 	NOT-FOR-US: Microsoft
-CVE-2000-0021 (Lotus Domino HTTP server allows remote attackers to determine the real ...)
+CVE-2000-0021
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0019 (IMail POP3 daemon uses weak encryption, which allows local users to ...)
+CVE-2000-0019
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0017 (Buffer overflow in Linux linuxconf package allows remote attackers to ...)
+CVE-2000-0017
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0016 (Buffer overflow in Internet Anywhere POP3 Mail Server allows remote ...)
+CVE-2000-0016
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0008 (FTPPro allows local users to read sensitive information, which is ...)
+CVE-2000-0008
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0005 (HP-UX aserver program allows local users to gain privileges via a ...)
+CVE-2000-0005
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index 159ca822de..b75082f2be 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -1,6 +1,6 @@
-CVE-2001-1594 (GE Healthcare eNTEGRA P&amp;R has a password of (1) entegra for the ...)
+CVE-2001-1594
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1593 (The tempname_ensure function in lib/routines.h in a2ps 4.14 and ...)
+CVE-2001-1593
 	{DSA-2892-1}
 	- a2ps 1:4.14-1.2 (low; bug #737385)
 CVE-2001-1592
@@ -13,2312 +13,2312 @@ CVE-2001-1589
 	RESERVED
 CVE-2001-1588
 	RESERVED
-CVE-2001-1587 (NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows ...)
+CVE-2001-1587
 	NOT-FOR-US: Novell NetWare
-CVE-2001-1586 (Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier ...)
+CVE-2001-1586
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1585 (SSH protocol 2 (aka SSH-2) public key authentication in the ...)
+CVE-2001-1585
 	- openssh <not-affected> (fixed in 2001)
-CVE-2001-1584 (CardBoard 2.4 greeting card CGI by Michael Barretto allows remote ...)
+CVE-2001-1584
 	NOT-FOR-US: CardBoard
-CVE-2001-1583 (lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers ...)
+CVE-2001-1583
 	NOT-FOR-US: Solaris
-CVE-2001-1582 (Buffer overflow in the LDAP naming services library (libsldap) in Sun ...)
+CVE-2001-1582
 	NOT-FOR-US: Solaris
-CVE-2001-1581 (The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows ...)
+CVE-2001-1581
 	NOT-FOR-US: MAILsweeper
 CVE-2001-XXXX [crypt++ passes passwords through the command line]
 	- crypt++el 2.91-2.1 (bug #105562; low)
 CVE-2001-XXXX [gnupg: inproper flagging of signatures as being local]
 	- gnupg 1.0.7-1 (bug #107374)
-CVE-2001-1580 (Directory traversal vulnerability in ScriptEase viewcode.jse for ...)
+CVE-2001-1580
 	NOT-FOR-US: ScriptEase
-CVE-2001-1579 (The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not ...)
+CVE-2001-1579
 	NOT-FOR-US: UnixWare/OpenUnix
-CVE-2001-1578 (Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local ...)
+CVE-2001-1578
 	NOT-FOR-US: SCO
-CVE-2001-1577 (Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 ...)
+CVE-2001-1577
 	NOT-FOR-US: CDE
-CVE-2001-1576 (Buffer overflow in cron in Caldera UnixWare 7 allows local users to ...)
+CVE-2001-1576
 	NOTE: insufficient info to check, but not same code base
-CVE-2001-1575 (Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing ...)
+CVE-2001-1575
 	NOT-FOR-US: Apple
-CVE-2001-1574 (Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in ...)
+CVE-2001-1574
 	NOT-FOR-US: Trend Micro InterScan VirusWall
-CVE-2001-1573 (Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall ...)
+CVE-2001-1573
 	NOT-FOR-US: Trend Micro InterScan VirusWall
-CVE-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when ...)
+CVE-2001-1572
 	NOTE: presumably fixed in linux 2.4.12
-CVE-2001-1571 (The Remote Desktop client in Windows XP sends the most recent user ...)
+CVE-2001-1571
 	NOT-FOR-US: Microsoft
-CVE-2001-1570 (Windows XP with fast user switching and account lockout enabled allows ...)
+CVE-2001-1570
 	NOT-FOR-US: Microsoft
-CVE-2001-1569 (Openwave WAP gateway does not verify the fully qualified domain name ...)
+CVE-2001-1569
 	NOT-FOR-US: Openwave WAP gateway
-CVE-2001-1568 (CMG WAP gateway does not verify the fully qualified domain name URL ...)
+CVE-2001-1568
 	NOT-FOR-US: CMG WAP gateway
-CVE-2001-1567 (Lotus Domino server 5.0.9a and earlier allows remote attackers to ...)
+CVE-2001-1567
 	NOT-FOR-US: Lotus Domino
-CVE-2001-1566 (Format string vulnerability in libvanessa_logger 0.0.1 in Perdition ...)
+CVE-2001-1566
 	- vanessa-logger 0.0.2
-CVE-2001-1565 (Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through ...)
+CVE-2001-1565
 	NOT-FOR-US: MacOS
-CVE-2001-1564 (setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 ...)
+CVE-2001-1564
 	NOT-FOR-US: HP-UX
-CVE-2001-1563 (Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for ...)
+CVE-2001-1563
 	NOT-FOR-US: Tomcat 3.2.1 running on HP Secure OS
-CVE-2001-1562 (Format string vulnerability in nvi before 1.79 allows local users to ...)
+CVE-2001-1562
 	- nvi 1.79-16a.1
 	NOTE: was DSA 085
-CVE-2001-1561 (Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to ...)
+CVE-2001-1561
 	NOTE: DSA 082
 	- xvt 2.1-13
-CVE-2001-1560 (Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and ...)
+CVE-2001-1560
 	NOT-FOR-US: Microsoft
-CVE-2001-1559 (The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide ...)
+CVE-2001-1559
 	NOT-FOR-US: OpenBSD
-CVE-2001-1558 (Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 ...)
+CVE-2001-1558
 	- snort 1.8.3
-CVE-2001-1557 (Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to ...)
+CVE-2001-1557
 	NOT-FOR-US: AIX
-CVE-2001-1556 (The log files in Apache web server contain information directly ...)
+CVE-2001-1556
 	NOTE: documented issue in apache, unlikely to be changed
 	NOTE: see http://httpd.apache.org/docs/logs.html
-CVE-2001-1555 (pt_chmod in Solaris 8 does not call fdetach to reset terminal ...)
+CVE-2001-1555
 	NOT-FOR-US: Solaris
-CVE-2001-1554 (IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote ...)
+CVE-2001-1554
 	NOT-FOR-US: AIX
-CVE-2001-1553 (Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, ...)
+CVE-2001-1553
 	- setiathome <not-affected> (not suid in debian)
-CVE-2001-1552 (ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of ...)
+CVE-2001-1552
 	NOT-FOR-US: Microsoft
-CVE-2001-1551 (Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, ...)
+CVE-2001-1551
 	NOTE: no info in CVE db about fix
-CVE-2001-1550 (CentraOne 5.2 and Centra ASP with basic authentication enabled creates ...)
+CVE-2001-1550
 	NOT-FOR-US: Centra
-CVE-2001-1549 (Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass ...)
+CVE-2001-1549
 	NOT-FOR-US: Tiny Personal Firewall
-CVE-2001-1548 (ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local ...)
+CVE-2001-1548
 	NOT-FOR-US: Tiny Personal Firewall
-CVE-2001-1547 (Outlook Express 6.0, with &quot;Do not allow attachments to be saved or ...)
+CVE-2001-1547
 	NOT-FOR-US: Outlook
-CVE-2001-1546 (Pathways Homecare 6.5 uses weak encryption for user names and ...)
+CVE-2001-1546
 	NOT-FOR-US: Pathways Homecare
-CVE-2001-1545 (Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests ...)
+CVE-2001-1545
 	NOT-FOR-US: Macromedia JRun
-CVE-2001-1544 (Directory traversal vulnerability in Macromedia JRun Web Server (JWS) ...)
+CVE-2001-1544
 	NOT-FOR-US: Macromedia JRun
-CVE-2001-1543 (Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default ...)
+CVE-2001-1543
 	NOT-FOR-US: Axis network camera
-CVE-2001-1542 (NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter ...)
+CVE-2001-1542
 	NOT-FOR-US: NAI WebShield SMTP
-CVE-2001-1541 (Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS ...)
+CVE-2001-1541
 	NOT-FOR-US: BSDI UUCP
-CVE-2001-1540 (IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a ...)
+CVE-2001-1540
 	NOT-FOR-US: IPRoute router software
 	NOTE: This is not for iproute/iproute2.
 	NOTE: From Chris Gragsone's message on BUGTRAQ:
 	NOTE: "IPRoute, by David F. Mischler, is PC-based router software
 	NOTE: "for networks running the Internet Protocol (IP)."
-CVE-2001-1539 (Stack consumption vulnerability in Internet Explorer The JavaScript ...)
+CVE-2001-1539
 	NOT-FOR-US: MSIE
-CVE-2001-1538 (SpeedXess HA-120 DSL router has a default administrative password of ...)
+CVE-2001-1538
 	NOT-FOR-US: SpeedXess HA-120 DSL router
-CVE-2001-1537 (The default &quot;basic&quot; security setting' in config.php for TWIG webmail ...)
+CVE-2001-1537
 	NOTE: current twig package seems to have secure cookies enabled
 	NOTE: still uses "basic" security setting.
-CVE-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies, ...)
+CVE-2001-1536
 	NOT-FOR-US: Autogalaxy
-CVE-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random ...)
+CVE-2001-1535
 	- slash 2.2.6-8 (bug #328927; low)
 	[sarge] - slash <no-dsa> (Lack of a security feature, minor security problem)
-CVE-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's ...)
+CVE-2001-1534
 	- apache <unfixed> (bug #328919; unimportant)
 	- apache2 <unfixed> (unimportant)
 	NOTE: Cookies are only used for invading user privacy,
 	NOTE: not for authentication, so apache and apache2 should be fine.
-CVE-2001-1533 (** DISPUTED * ...)
+CVE-2001-1533
 	NOT-FOR-US: Microsoft
-CVE-2001-1532 (WebX stores authentication information in the HTTP_REFERER variable, ...)
+CVE-2001-1532
 	NOT-FOR-US: WebX
-CVE-2001-1531 (Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to ...)
+CVE-2001-1531
 	NOT-FOR-US: Claris Emailer
-CVE-2001-1530 (run.cgi in Webmin 0.80 and 0.88 creates temporary files with ...)
+CVE-2001-1530
 	NOTE: verified current webmin is ok
-CVE-2001-1529 (Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows ...)
+CVE-2001-1529
 	NOT-FOR-US: AIX
-CVE-2001-1528 (AmTote International homebet program returns different error messages ...)
+CVE-2001-1528
 	NOT-FOR-US: AmTote International homebet
-CVE-2001-1527 (easyNews 1.5 and earlier stores administration passwords in cleartext ...)
+CVE-2001-1527
 	NOT-FOR-US: easynews
-CVE-2001-1526 (Cross-site scripting (XSS) vulnerability in the comments action in ...)
+CVE-2001-1526
 	NOT-FOR-US: easynews
-CVE-2001-1525 (Directory traversal vulnerability in the comments action in easyNews ...)
+CVE-2001-1525
 	NOT-FOR-US: easynews
-CVE-2001-1524 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier ...)
+CVE-2001-1524
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1523 (Cross-site scripting (XSS) vulnerability in the DMOZGateway module for ...)
+CVE-2001-1523
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1522 (Cross-site scripting (XSS) vulnerability in im.php in IMessenger for ...)
+CVE-2001-1522
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1521 (Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 ...)
+CVE-2001-1521
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1520 (Xircom REX 6000 allows local users to obtain the 10 digit PIN by ...)
+CVE-2001-1520
 	NOT-FOR-US: Xircom REX
-CVE-2001-1519 (** DISPUTED ** ...)
+CVE-2001-1519
 	NOT-FOR-US: RunAs
-CVE-2001-1518 (RunAs (runas.exe) in Windows 2000 only creates one session instance at ...)
+CVE-2001-1518
 	NOT-FOR-US: RunAs
-CVE-2001-1517 (** DISPUTED ** ...)
+CVE-2001-1517
 	NOT-FOR-US: RunAs
-CVE-2001-1516 (Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and ...)
+CVE-2001-1516
 	NOT-FOR-US: phpReview
-CVE-2001-1515 (Macintosh clients, when using NT file system volumes on Windows 2000 ...)
+CVE-2001-1515
 	NOT-FOR-US: Macintosh clients, when using NT file system volumes on Windows
-CVE-2001-1514 (ColdFusion 4.5 and 5, when running on Windows with the advanced ...)
+CVE-2001-1514
 	NOT-FOR-US: ColdFusion
-CVE-2001-1513 (Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain ...)
+CVE-2001-1513
 	NOT-FOR-US: JRun
-CVE-2001-1512 (Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to ...)
+CVE-2001-1512
 	NOT-FOR-US: JRun
-CVE-2001-1511 (JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows ...)
+CVE-2001-1511
 	NOT-FOR-US: JRun
-CVE-2001-1510 (Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, ...)
+CVE-2001-1510
 	NOT-FOR-US: JRun
-CVE-2001-1509 (geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not ...)
+CVE-2001-1509
 	NOT-FOR-US: HP-UX
-CVE-2001-1508 (Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows ...)
+CVE-2001-1508
 	- lprng <not-affected> (Not suid in Debian)
 	- cups <not-affected> (Not suid in Debian)
 	- cupsys <not-affected> (Not suid in Debian)
-CVE-2001-1507 (OpenSSH before 3.0.1 with Kerberos V enabled does not properly ...)
+CVE-2001-1507
 	- openssh 1:3.0.1
-CVE-2001-1506 (Unknown vulnerability in the file system protection subsystem in HP ...)
+CVE-2001-1506
 	NOT-FOR-US: HP Secure OS layer
-CVE-2001-1505 (tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into ...)
+CVE-2001-1505
 	- tinc 1.0pre5-1
-CVE-2001-1504 (Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary ...)
+CVE-2001-1504
 	NOT-FOR-US: Lotus Notes
-CVE-2001-1503 (The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS ...)
+CVE-2001-1503
 	NOT-FOR-US: Sun
-CVE-2001-1502 (webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote ...)
+CVE-2001-1502
 	NOT-FOR-US: WebCart
-CVE-2001-1501 (The glob functionality in ProFTPD 1.2.1, and possibly other versions ...)
+CVE-2001-1501
 	NOTE: Fix went into proftpd CVS on 2002-12-12
 	- proftpd 1.2.8-1
-CVE-2001-1500 (ProFTPD 1.2.2rc2, and possibly other versions, does not properly ...)
+CVE-2001-1500
 	- proftpd 1.2.4-1
-CVE-2001-1499 (Check Point VPN-1 4.1SP4 using SecuRemote returns different error ...)
+CVE-2001-1499
 	NOT-FOR-US: Check Point
-CVE-2001-1498 (Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary ...)
+CVE-2001-1498
 	NOT-FOR-US: mod_bf
-CVE-2001-1497 (Microsoft Internet Explorer 4.0 through 6.0 could allow local users to ...)
+CVE-2001-1497
 	NOT-FOR-US: Microsoft
-CVE-2001-1496 (Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd ...)
+CVE-2001-1496
 	- thttpd 2.21
-CVE-2001-1495 (network_query.php in Network Query Tool 1.0 allows remote attackers ...)
+CVE-2001-1495
 	NOT-FOR-US: Network Query Tool
-CVE-2001-1494 (script command in the util-linux package before 2.11n allows local ...)
+CVE-2001-1494
 	- util-linux 2.11n-1
 CVE-2001-1492
 	REJECTED
-CVE-2001-1491 (Opera 5.11 allows remote attackers to cause a denial of service (CPU ...)
+CVE-2001-1491
 	NOT-FOR-US: Opera
-CVE-2001-1490 (Mozilla 0.9.6 allows remote attackers to cause a denial of service ...)
+CVE-2001-1490
 	NOTE: mozilla is quite easily DOSable with all sorts of large html
 	NOTE: files, probably not worth following up on.
-CVE-2001-1489 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2001-1489
 	NOT-FOR-US: Microsoft
-CVE-2001-1488 (Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 ...)
+CVE-2001-1488
 	NOT-FOR-US: Open Projects ircd
-CVE-2001-1487 (popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users ...)
+CVE-2001-1487
 	- qpopper <not-affected> (Vulnerable code verified not present)
-CVE-2001-1484 (Alcatel ADSL modems allow remote attackers to access the Trivial File ...)
+CVE-2001-1484
 	NOT-FOR-US: Alcatel hardware issue
-CVE-2001-1483 (One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows ...)
+CVE-2001-1483
 	- libpam-opie <unfixed> (bug #112279; unimportant)
 	NOTE: This is documented and not really important. In contrast to passwords
 	NOTE: used by humans
 	[sarge] - libpam-opie <no-dsa> (Documented shortcoming, minor impact)
-CVE-2001-1482 (SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 ...)
+CVE-2001-1482
 	NOTE: phpbb was initially uploaded as version 2 or phpbb has been removed now
-CVE-2001-1481 (Xitami 2.4 through 2.5 b4 stores the Administrator password in ...)
+CVE-2001-1481
 	NOT-FOR-US: Xitami
-CVE-2001-1480 (Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows ...)
+CVE-2001-1480
 	NOT-FOR-US: Sun Java
-CVE-2001-1479 (smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows ...)
+CVE-2001-1479
 	NOT-FOR-US: Sun
-CVE-2001-1478 (Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix ...)
+CVE-2001-1478
 	NOT-FOR-US: UnixWare
-CVE-2001-1477 (The Domain gateway in BEA Tuxedo 7.1 does not perform authorization ...)
+CVE-2001-1477
 	NOT-FOR-US: BEA Tuxedo
-CVE-2001-1476 (SSH before 2.0, with RC4 encryption and the &quot;disallow NULL passwords&quot; ...)
+CVE-2001-1476
 	NOT-FOR-US: Commercial SSH
-CVE-2001-1475 (SSH before 2.0, when using RC4 and password authentication, allows ...)
+CVE-2001-1475
 	NOT-FOR-US: Commercial SSH
-CVE-2001-1474 (SSH before 2.0 disables host key checking when connecting to the ...)
+CVE-2001-1474
 	NOT-FOR-US: Commercial SSH
-CVE-2001-1473 (The SSH-1 protocol allows remote servers to conduct man-in-the-middle ...)
+CVE-2001-1473
 	NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol.
-CVE-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 ...)
+CVE-2001-1472
 	- phpbb2 2.0.6c-1
-CVE-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users ...)
+CVE-2001-1471
 	- phpbb2 2.0.6c-1
-CVE-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final ...)
+CVE-2001-1470
 	NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
-CVE-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to ...)
+CVE-2001-1469
 	NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
-CVE-2001-1468 (PHP remote file inclusion vulnerability in checklogin.php in ...)
+CVE-2001-1468
 	NOT-FOR-US: phpSecurePages
-CVE-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, ...)
+CVE-2001-1467
 	- expect <not-affected> (in expect 5.42.1, mkpasswd does not seed by pid)
 	NOTE: doesn't seem to seed at all; my tests indicate it generates no dups in
 	NOTE: some 100000 passwords.
-CVE-2001-1466 (Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the ...)
+CVE-2001-1466
 	NOT-FOR-US: VanDyke SecureCRT
-CVE-2001-1465 (SurfControl SuperScout only filters packets containing both an HTTP ...)
+CVE-2001-1465
 	NOT-FOR-US: SurfControl SuperScout
-CVE-2001-1464 (Crystal Reports, when displaying data for a password protected ...)
+CVE-2001-1464
 	NOT-FOR-US: Crystal Reports
-CVE-2001-1463 (The remote administration client for RhinoSoft Serv-U 3.0 sends the ...)
+CVE-2001-1463
 	NOT-FOR-US: RhinoSoft Serv-U
-CVE-2001-1462 (WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, ...)
+CVE-2001-1462
 	NOT-FOR-US: RSA Security SecurID
-CVE-2001-1461 (Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 ...)
+CVE-2001-1461
 	NOT-FOR-US: RSA Security SecurID
-CVE-2001-1460 (SQL injection vulnerability in article.php in PostNuke 0.62 through ...)
+CVE-2001-1460
 	NOT-FOR-US: PostNuke
-CVE-2001-1459 (OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication ...)
+CVE-2001-1459
 	- openssh 1:3.0.1p1-1
-CVE-2001-1458 (Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 ...)
+CVE-2001-1458
 	NOT-FOR-US: Novell Groupwise
-CVE-2001-1457 (Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote ...)
+CVE-2001-1457
 	NOT-FOR-US: CrazyWWWBoard
-CVE-2001-1456 (Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for ...)
+CVE-2001-1456
 	NOT-FOR-US: Gauntlet Firewall
-CVE-2001-1455 (Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to ...)
+CVE-2001-1455
 	NOT-FOR-US: Netegrity SiteMinder
-CVE-2001-1454 (Buffer overflow in MySQL before 3.23.33 allows remote attackers to ...)
+CVE-2001-1454
 	- mysql-dfsg 3.23.33-1
-CVE-2001-1453 (Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier ...)
+CVE-2001-1453
 	- mysql-dfsg 3.23.33-1
-CVE-2001-1452 (By default, DNS servers on Windows NT 4.0 and Windows 2000 Server ...)
+CVE-2001-1452
 	NOT-FOR-US: Windows
-CVE-2001-1451 (Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for ...)
+CVE-2001-1451
 	NOT-FOR-US: Windows
-CVE-2001-1450 (Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause ...)
+CVE-2001-1450
 	NOT-FOR-US: Windows
-CVE-2001-1449 (The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 ...)
+CVE-2001-1449
 	- apache <not-affected> (Mandrake specific packaging flaw)
-CVE-2001-1448 (Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local ...)
+CVE-2001-1448
 	NOT-FOR-US: Magic eDeveloper
-CVE-2001-1447 (NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to ...)
+CVE-2001-1447
 	NOT-FOR-US: Windows
-CVE-2001-1446 (Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable ...)
+CVE-2001-1446
 	NOT-FOR-US: MacOS X
-CVE-2001-1445 (Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through ...)
+CVE-2001-1445
 	NOT-FOR-US: Lotus Domino
-CVE-2001-1444 (The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and ...)
+CVE-2001-1444
 	NOT-FOR-US: Generic protocol flaw
-CVE-2001-1443 (KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not ...)
+CVE-2001-1443
 	NOT-FOR-US: Generic protocol flaw
-CVE-2001-1442 (Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 ...)
+CVE-2001-1442
 	- inn2 2.3.3+20020922-1
 	- innfeed 0.10.1.7-7
-CVE-2001-1441 (Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 ...)
+CVE-2001-1441
 	NOT-FOR-US: VisualAge for Java
-CVE-2001-1440 (Unknown vulnerability in login for AIX 5.1L, when using loadable ...)
+CVE-2001-1440
 	NOT-FOR-US: AIX
-CVE-2001-1439 (Buffer overflow in the text editor functionality in HP-UX 10.01 ...)
+CVE-2001-1439
 	NOT-FOR-US: HP-UX
-CVE-2001-1438 (Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module ...)
+CVE-2001-1438
 	NOT-FOR-US: Handspring Visor
-CVE-2001-1437 (easyScripts easyNews 1.5 allows remote attackers to obtain the full ...)
+CVE-2001-1437
 	NOT-FOR-US: easyScripts easyNews
-CVE-2001-1436 (Dallas Semiconductor iButton DS1991 returns predictable values when ...)
+CVE-2001-1436
 	NOT-FOR-US: Dallas Semiconductor iButton DS1991
-CVE-2001-1435 (inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of ...)
+CVE-2001-1435
 	NOT-FOR-US: Tru64 UNIX
-CVE-2001-1434 (Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read ...)
+CVE-2001-1434
 	NOT-FOR-US: IOS
-CVE-2001-1433 (Cherokee web server before 0.2.7 does not properly drop root ...)
+CVE-2001-1433
 	NOT-FOR-US: Cherokee
-CVE-2001-1432 (Directory traversal vulnerability in Cherokee Web Server allows remote ...)
+CVE-2001-1432
 	NOT-FOR-US: Cherokee
-CVE-2001-1431 (Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 ...)
+CVE-2001-1431
 	NOT-FOR-US: Nokia Firewall appliances
-CVE-2001-1430 (Cayman 3220-H DSL Router 1.0 ship without a password set, which allows ...)
+CVE-2001-1430
 	NOT-FOR-US: Cayman DSL router
-CVE-2001-1429 (Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local ...)
+CVE-2001-1429
 	NOTE: I could track this down to this posting
 	NOTE: http://web.archive.org/web/20051206035530/http://cert.uni-stuttgart.de:80/archive/vuln-dev/2001/11/msg00104.html
 	NOTE: This looks very obscure an does not contain useful information on how this
 	NOTE: was triggered and even then it's not a problem, as mcedit usage does not
 	NOTE: have a remote impact and is not suid
-CVE-2001-1428 (The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped ...)
+CVE-2001-1428
 	NOT-FOR-US: IPC@CHIP Embedded web server
-CVE-2001-1427 (Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 ...)
+CVE-2001-1427
 	NOT-FOR-US: ColdFusion
-CVE-2001-1426 (Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through ...)
+CVE-2001-1426
 	NOT-FOR-US: Alcatel Speed Touch
-CVE-2001-1425 (The challenge-response authentication of the EXPERT user for Alcatel ...)
+CVE-2001-1425
 	NOT-FOR-US: Alcatel Speed Touch
-CVE-2001-1424 (Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, ...)
+CVE-2001-1424
 	NOT-FOR-US: Alcatel Speed Touch
-CVE-2001-1423 (Advanced Poll before 1.61, when using a flat file database, allows ...)
+CVE-2001-1423
 	NOT-FOR-US: Advanced Poll
-CVE-2001-1422 (WinVNC 3.3.3 and earlier generates the same challenge string for ...)
+CVE-2001-1422
 	NOT-FOR-US: WinVNC
-CVE-2001-1421 (AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to ...)
+CVE-2001-1421
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1420 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...)
+CVE-2001-1420
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1419 (AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote ...)
+CVE-2001-1419
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1418 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...)
+CVE-2001-1418
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1417 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...)
+CVE-2001-1417
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1416 (Multiple cross-site scripting (XSS) vulnerabilities in the log ...)
+CVE-2001-1416
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1415 (vi.recover in OpenBSD before 3.1 allows local users to remove ...)
+CVE-2001-1415
 	NOT-FOR-US: no_package
 	NOTE: Debian's nvi recover script is very different
-CVE-2001-1414 (The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does ...)
+CVE-2001-1414
 	NOT-FOR-US: Solaris
-CVE-2001-1407 (Bugzilla before 2.14 allows Bugzilla users to bypass group security ...)
+CVE-2001-1407
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1406 (process_bug.cgi in Bugzilla before 2.14 does not set the &quot;groupset&quot; ...)
+CVE-2001-1406
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1391 (Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 ...)
+CVE-2001-1391
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1386 (WFTPD 3.00 allows remote attackers to read arbitrary files by ...)
+CVE-2001-1386
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1385 (The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with ...)
+CVE-2001-1385
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1383 (initscript in setserial 2.17-4 and earlier uses predictable temporary ...)
+CVE-2001-1383
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1382 (The &quot;echo simulation&quot; traffic analysis countermeasure in OpenSSH ...)
+CVE-2001-1382
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1380 (OpenSSH before 2.9.9, while using keypairs and multiple keys of ...)
+CVE-2001-1380
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1378 (fetchmailconf in fetchmail before 5.7.4 allows local users to ...)
+CVE-2001-1378
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1375 (tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current ...)
+CVE-2001-1375
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1374 (expect before 5.32 searches for its libraries in /var/tmp before other ...)
+CVE-2001-1374
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1373 (MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 ...)
+CVE-2001-1373
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1372 (Oracle 9i Application Server 1.0.2 allows remote attackers to obtain ...)
+CVE-2001-1372
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1371 (The default configuration of Oracle Application Server 9iAS 1.0.2.2 ...)
+CVE-2001-1371
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1370 (prepend.php3 in PHPLib before 7.2d, when register_globals is enabled ...)
+CVE-2001-1370
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1369 (Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to ...)
+CVE-2001-1369
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1367 (The checkAccess function in PHPSlice 0.1.4, and all other versions ...)
+CVE-2001-1367
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1359 (Volution clients 1.0.7 and earlier attempt to contact the computer ...)
+CVE-2001-1359
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1352 (Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows ...)
+CVE-2001-1352
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1351 (Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows ...)
+CVE-2001-1351
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1350 (Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and ...)
+CVE-2001-1350
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1349 (Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local ...)
+CVE-2001-1349
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1347 (Windows 2000 allows local users to cause a denial of service and ...)
+CVE-2001-1347
 	NOT-FOR-US: Microsoft
-CVE-2001-1345 (bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied ...)
+CVE-2001-1345
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1342 (Apache before 1.3.20 on Windows and OS/2 systems allows remote ...)
+CVE-2001-1342
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1334 (Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with ...)
+CVE-2001-1334
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1328 (Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows ...)
+CVE-2001-1328
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1327 (pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with ...)
+CVE-2001-1327
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1322 (xinetd 2.1.8 and earlier runs with a default umask of 0, which could ...)
+CVE-2001-1322
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1303 (The default configuration of SecuRemote for Check Point Firewall-1 ...)
+CVE-2001-1303
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1302 (The change password option in the Windows Security interface for ...)
+CVE-2001-1302
 	NOT-FOR-US: Microsoft
-CVE-2001-1301 (rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions ...)
+CVE-2001-1301
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1299 (Zorbat Zorbstats PHP script before 0.9 allows remote attackers to ...)
+CVE-2001-1299
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1297 (PHP remote file inclusion vulnerability in Actionpoll PHP script ...)
+CVE-2001-1297
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1296 (More.groupware PHP script allows remote attackers to include arbitrary ...)
+CVE-2001-1296
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1295 (Directory traversal vulnerability in Cerberus FTP Server 1.5 and ...)
+CVE-2001-1295
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1291 (The telnet server for 3Com hardware such as PS40 SuperStack II does ...)
+CVE-2001-1291
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1279 (Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows ...)
+CVE-2001-1279
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1277 (makewhatis in the man package before 1.5i2 allows an attacker in group ...)
+CVE-2001-1277
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1276 (ispell before 3.1.20 allows local users to overwrite files of other ...)
+CVE-2001-1276
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1267 (Directory traversal vulnerability in GNU tar 1.13.19 and earlier ...)
+CVE-2001-1267
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1266 (Directory traversal vulnerability in Doug Neal's HTTPD Daemon ...)
+CVE-2001-1266
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1252 (Network Associates PGP Keyserver 7.0 allows remote attackers to bypass ...)
+CVE-2001-1252
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1251 (SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a ...)
+CVE-2001-1251
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1247 (PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read ...)
+CVE-2001-1247
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1246 (PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th ...)
+CVE-2001-1246
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1240 (The default configuration of sudo in Engarde Secure Linux 1.0.1 allows ...)
+CVE-2001-1240
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1237 (Phormation PHP script 0.9.1 and earlier allows remote attackers to ...)
+CVE-2001-1237
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1236 (myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers ...)
+CVE-2001-1236
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1235 (pSlash PHP script 0.7 and earlier allows remote attackers to execute ...)
+CVE-2001-1235
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1234 (Bharat Mediratta Gallery PHP script before 1.2.1 allows remote ...)
+CVE-2001-1234
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1231 (GroupWise 5.5 and 6 running in live remote or smart caching mode ...)
+CVE-2001-1231
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1227 (Zope before 2.2.4 allows partially trusted users to bypass security ...)
+CVE-2001-1227
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1215 (Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows ...)
+CVE-2001-1215
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1203 (Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 ...)
+CVE-2001-1203
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1201 (Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users ...)
+CVE-2001-1201
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1200 (Microsoft Windows XP allows local users to bypass a locked screen and ...)
+CVE-2001-1200
 	NOT-FOR-US: Microsoft
-CVE-2001-1199 (Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through ...)
+CVE-2001-1199
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1193 (Directory traversal vulnerability in EFTP 2.0.8.346 allows local users ...)
+CVE-2001-1193
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1186 (Microsoft IIS 5.0 allows remote attackers to cause a denial of service ...)
+CVE-2001-1186
 	NOT-FOR-US: Microsoft
-CVE-2001-1185 (Some AIO operations in FreeBSD 4.4 may be delayed until after a call ...)
+CVE-2001-1185
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1183 (PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers ...)
+CVE-2001-1183
 	NOT-FOR-US: Cisco
-CVE-2001-1180 (FreeBSD 4.3 does not properly clear shared signal handlers when ...)
+CVE-2001-1180
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1177 (ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local ...)
+CVE-2001-1177
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1176 (Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows ...)
+CVE-2001-1176
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1175 (vipw in the util-linux package before 2.10 causes /etc/shadow to be ...)
+CVE-2001-1175
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1174 (Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to ...)
+CVE-2001-1174
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1172 (OmniSecure HTTProtect 1.1.1 allows a superuser without omnish ...)
+CVE-2001-1172
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1166 (linprocfs on FreeBSD 4.3 and earlier does not properly restrict access ...)
+CVE-2001-1166
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1162 (Directory traversal vulnerability in the %m macro in the smb.conf ...)
+CVE-2001-1162
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1161 (Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows ...)
+CVE-2001-1161
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1160 (udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier ...)
+CVE-2001-1160
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1158 (Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, ...)
+CVE-2001-1158
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1155 (TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the ...)
+CVE-2001-1155
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1153 (lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of ...)
+CVE-2001-1153
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1149 (Panda Antivirus Platinum before 6.23.00 allows a remore attacker to ...)
+CVE-2001-1149
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1147 (The PAM implementation in /bin/login of the util-linux package before ...)
+CVE-2001-1147
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1146 (AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 ...)
+CVE-2001-1146
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1145 (fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and ...)
+CVE-2001-1145
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1144 (Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 ...)
+CVE-2001-1144
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1141 (The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before ...)
+CVE-2001-1141
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1132 (Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to ...)
+CVE-2001-1132
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1130 (Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to ...)
+CVE-2001-1130
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1121 (DEPRECATED.  This entry has been deprecated.  It is a duplicate of ...)
+CVE-2001-1121
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1119 (cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to ...)
+CVE-2001-1119
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1118 (A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not ...)
+CVE-2001-1118
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1117 (LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before ...)
+CVE-2001-1117
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1116 (Identix BioLogon 2.03 and earlier does not lock secondary displays on ...)
+CVE-2001-1116
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1113 (Buffer overflow in TrollFTPD 1.26 and earlier allows local users to ...)
+CVE-2001-1113
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1108 (Directory traversal vulnerability in SnapStream PVS 1.2a allows remote ...)
+CVE-2001-1108
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1106 (The default configuration of Sambar Server 5 and earlier uses a ...)
+CVE-2001-1106
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1103 (FTP Voyager ActiveX control before 8.0, when it is marked as safe for ...)
+CVE-2001-1103
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1100 (sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, ...)
+CVE-2001-1100
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1099 (The default configuration of Norton AntiVirus for Microsoft Exchange ...)
+CVE-2001-1099
 	NOT-FOR-US: Norton
-CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in ...)
+CVE-2001-1098
 	NOT-FOR-US: Cisco
-CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a ...)
+CVE-2001-1096
 	NOT-FOR-US: AIX
-CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could allow local users to execute ...)
+CVE-2001-1095
 	NOT-FOR-US: AIX
-CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to ...)
+CVE-2001-1089
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1088 (Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, ...)
+CVE-2001-1088
 	NOT-FOR-US: Microsoft
-CVE-2001-1085 (Lmail 2.7 and earlier allows local users to overwrite arbitrary files ...)
+CVE-2001-1085
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1084 (Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 ...)
+CVE-2001-1084
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1083 (Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file ...)
+CVE-2001-1083
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1081 (Format string vulnerabilities in Livingston/Lucent RADIUS before ...)
+CVE-2001-1081
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1080 (diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable ...)
+CVE-2001-1080
 	NOT-FOR-US: AIX
-CVE-2001-1079 (create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates ...)
+CVE-2001-1079
 	NOT-FOR-US: AIX
-CVE-2001-1075 (poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote ...)
+CVE-2001-1075
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1074 (Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION ...)
+CVE-2001-1074
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1072 (Apache with mod_rewrite enabled on most UNIX systems allows remote ...)
+CVE-2001-1072
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1071 (Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) ...)
+CVE-2001-1071
 	NOT-FOR-US: Cisco
-CVE-2001-1069 (libCoolType library as used in Adobe Acrobat (acroread) on Linux ...)
+CVE-2001-1069
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1067 (Buffer overflow in AOLserver 3.0 allows remote attackers to cause a ...)
+CVE-2001-1067
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1066 (ns6install installation script for Netscape 6.01 on Solaris, and other ...)
+CVE-2001-1066
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1063 (Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 ...)
+CVE-2001-1063
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1062 (Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local ...)
+CVE-2001-1062
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1059 (VMWare creates a temporary file vmware-log.USERNAME with insecure ...)
+CVE-2001-1059
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1056 (IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows ...)
+CVE-2001-1056
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1055 (The Microsoft Windows network stack allows remote attackers to cause a ...)
+CVE-2001-1055
 	NOT-FOR-US: Microsoft
-CVE-2001-1054 (PHPAdsNew PHP script allows remote attackers to include arbitrary ...)
+CVE-2001-1054
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1053 (AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to ...)
+CVE-2001-1053
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1049 (Phorecast PHP script before 0.40 allows remote attackers to include ...)
+CVE-2001-1049
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1048 (AWOL PHP script allows remote attackers to include arbitrary files ...)
+CVE-2001-1048
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1046 (Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 ...)
+CVE-2001-1046
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1043 (ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary ...)
+CVE-2001-1043
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1038 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote ...)
+CVE-2001-1038
 	NOT-FOR-US: Cisco
-CVE-2001-1037 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to ...)
+CVE-2001-1037
 	NOT-FOR-US: Cisco
-CVE-2001-1036 (GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local ...)
+CVE-2001-1036
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1035 (Binary decoding feature of slrn 0.9 and earlier allows remote ...)
+CVE-2001-1035
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1032 (admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check ...)
+CVE-2001-1032
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1030 (Squid before 2.3STABLE5 in HTTP accelerator mode does not enable ...)
+CVE-2001-1030
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1029 (libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges ...)
+CVE-2001-1029
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1028 (Buffer overflow in ultimate_source function of man 1.5 and earlier ...)
+CVE-2001-1028
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1027 (Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows ...)
+CVE-2001-1027
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1022 (Format string vulnerability in pic utility in groff 1.16.1 and other ...)
+CVE-2001-1022
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1020 (edit_image.php in Vibechild Directory Manager before 0.91 allows ...)
+CVE-2001-1020
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1017 (rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the ...)
+CVE-2001-1017
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1016 (PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, ...)
+CVE-2001-1016
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1011 (index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote ...)
+CVE-2001-1011
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1010 (Directory traversal vulnerability in pagecount CGI script in Sambar ...)
+CVE-2001-1010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1008 (Java Plugin 1.4 for JRE 1.3 executes signed applets even if the ...)
+CVE-2001-1008
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1002 (The default configuration of the DVI print filter (dvips) in Red Hat ...)
+CVE-2001-1002
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0998 (IBM HACMP 4.4 allows remote attackers to cause a denial of service via ...)
+CVE-2001-0998
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0995 (PHProjekt before 2.4a allows remote attackers to perform actions as ...)
+CVE-2001-0995
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0993 (sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause ...)
+CVE-2001-0993
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0987 (Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote ...)
+CVE-2001-0987
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0982 (Directory traversal vulnerability in IBM Tivoli WebSEAL Policy ...)
+CVE-2001-0982
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0981 (HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the &quot;unix ...)
+CVE-2001-0981
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0980 (docview before 1.0-15 allows remote attackers to execute arbitrary ...)
+CVE-2001-0980
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0978 (login in HP-UX 10.26 does not record failed login attempts in ...)
+CVE-2001-0978
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0977 (slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows ...)
+CVE-2001-0977
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0973 (BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers ...)
+CVE-2001-0973
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0969 (ipfw in FreeBSD does not properly handle the use of &quot;me&quot; in its rules ...)
+CVE-2001-0969
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0965 (glFTPD 1.23 allows remote attackers to cause a denial of service (CPU ...)
+CVE-2001-0965
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0963 (Directory traversal vulnerability in SpoonFTP 1.1 allows local and ...)
+CVE-2001-0963
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0962 (IBM WebSphere Application Server 3.02 through 3.53 uses predictable ...)
+CVE-2001-0962
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0961 (Buffer overflow in tab expansion capability of the most program allows ...)
+CVE-2001-0961
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0960 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 ...)
+CVE-2001-0960
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0959 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 ...)
+CVE-2001-0959
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0954 (Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows ...)
+CVE-2001-0954
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0951 (Windows 2000 allows remote attackers to cause a denial of service (CPU ...)
+CVE-2001-0951
 	NOT-FOR-US: Microsoft
-CVE-2001-0946 (apmscript in Apmd in Red Hat 7.2 &quot;Enigma&quot; allows local users to create ...)
+CVE-2001-0946
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0940 (Buffer overflow in the GUI authentication code of Check Point ...)
+CVE-2001-0940
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0939 (Lotus Domino 5.08 and earlier allows remote attackers to cause a ...)
+CVE-2001-0939
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0936 (Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with ...)
+CVE-2001-0936
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0929 (Cisco IOS Firewall Feature set, aka Context Based Access Control ...)
+CVE-2001-0929
 	NOT-FOR-US: Cisco
-CVE-2001-0921 (Netscape 4.79 and earlier for MacOS allows an attacker with access to ...)
+CVE-2001-0921
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0920 (Format string vulnerability in auto nice daemon (AND) 1.0.4 and ...)
+CVE-2001-0920
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0918 (Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow ...)
+CVE-2001-0918
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0917 (Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path ...)
+CVE-2001-0917
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0914 (Linux kernel before 2.4.11pre3 in multiple Linux distributions allows ...)
+CVE-2001-0914
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0912 (Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect ...)
+CVE-2001-0912
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0909 (Buffer overflow in helpctr.exe program in Microsoft Help Center for ...)
+CVE-2001-0909
 	NOT-FOR-US: Microsoft
-CVE-2001-0907 (Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows ...)
+CVE-2001-0907
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0906 (teTeX filter before 1.0.7 allows local users to gain privileges via a ...)
+CVE-2001-0906
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0905 (Race condition in signal handling of procmail 3.20 and earlier, when ...)
+CVE-2001-0905
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0902 (Microsoft IIS 5.0 allows remote attackers to spoof web log entries via ...)
+CVE-2001-0902
 	NOT-FOR-US: Microsoft
-CVE-2001-0901 (Hypermail allows remote attackers to execute arbitrary commands on a ...)
+CVE-2001-0901
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0900 (Directory traversal vulnerability in modules.php in Gallery before ...)
+CVE-2001-0900
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0899 (Network Tools 0.2 for PHP-Nuke allows remote attackers to execute ...)
+CVE-2001-0899
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0896 (Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of ...)
+CVE-2001-0896
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0895 (Multiple Cisco networking products allow remote attackers to cause a ...)
+CVE-2001-0895
 	NOT-FOR-US: Cisco
-CVE-2001-0894 (Vulnerability in Postfix SMTP server before 20010228-pl07, when ...)
+CVE-2001-0894
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0891 (Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 ...)
+CVE-2001-0891
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0889 (Exim 3.22 and earlier, in some configurations, does not properly ...)
+CVE-2001-0889
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0888 (Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers ...)
+CVE-2001-0888
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0887 (xSANE 0.81 and earlier allows local users to modify files of other ...)
+CVE-2001-0887
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0886 (Buffer overflow in glob function of glibc allows attackers to cause a ...)
+CVE-2001-0886
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0884 (Cross-site scripting vulnerability in Mailman email archiver before ...)
+CVE-2001-0884
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0879 (Format string vulnerability in the C runtime functions in SQL Server ...)
+CVE-2001-0879
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0877 (Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows ...)
+CVE-2001-0877
 	NOT-FOR-US: Microsoft
-CVE-2001-0876 (Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ...)
+CVE-2001-0876
 	NOT-FOR-US: Microsoft
-CVE-2001-0875 (Internet Explorer 5.5 and 6.0 allows remote attackers to cause the ...)
+CVE-2001-0875
 	NOT-FOR-US: Microsoft
-CVE-2001-0874 (Internet Explorer 5.5 and 6.0 allow remote attackers to read certain ...)
+CVE-2001-0874
 	NOT-FOR-US: Microsoft
-CVE-2001-0873 (uuxqt in Taylor UUCP package does not properly remove dangerous long ...)
+CVE-2001-0873
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0872 (OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly ...)
+CVE-2001-0872
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0869 (Format string vulnerability in the default logging callback function ...)
+CVE-2001-0869
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0867 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ...)
+CVE-2001-0867
 	NOT-FOR-US: Cisco
-CVE-2001-0866 (Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not ...)
+CVE-2001-0866
 	NOT-FOR-US: Cisco
-CVE-2001-0865 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ...)
+CVE-2001-0865
 	NOT-FOR-US: Cisco
-CVE-2001-0864 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ...)
+CVE-2001-0864
 	NOT-FOR-US: Cisco
-CVE-2001-0863 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ...)
+CVE-2001-0863
 	NOT-FOR-US: Cisco
-CVE-2001-0862 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ...)
+CVE-2001-0862
 	NOT-FOR-US: Cisco
-CVE-2001-0861 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier ...)
+CVE-2001-0861
 	NOT-FOR-US: Cisco
-CVE-2001-0860 (Terminal Services Manager MMC in Windows 2000 and XP trusts the Client ...)
+CVE-2001-0860
 	NOT-FOR-US: Microsoft
-CVE-2001-0859 (2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets ...)
+CVE-2001-0859
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0857 (Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 ...)
+CVE-2001-0857
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0852 (TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to ...)
+CVE-2001-0852
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0851 (Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote ...)
+CVE-2001-0851
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0850 (A configuration error in the libdb1 package in OpenLinux 3.1 uses ...)
+CVE-2001-0850
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0846 (Lotus Domino 5.x allows remote attackers to read files or execute ...)
+CVE-2001-0846
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0843 (Squid proxy server 2.4 and earlier allows remote attackers to cause a ...)
+CVE-2001-0843
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0837 (DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable ...)
+CVE-2001-0837
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0836 (Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote ...)
+CVE-2001-0836
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0834 (htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows ...)
+CVE-2001-0834
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0833 (Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local ...)
+CVE-2001-0833
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0830 (6tunnel 0.08 and earlier does not properly close sockets that were ...)
+CVE-2001-0830
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0828 (A cross-site scripting vulnerability in Caucho Technology Resin before ...)
+CVE-2001-0828
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0825 (Buffer overflow in internal string handling routines of xinetd before ...)
+CVE-2001-0825
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0823 (The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows ...)
+CVE-2001-0823
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0822 (FPF kernel module 1.0 allows a remote attacker to cause a denial of ...)
+CVE-2001-0822
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0819 (A buffer overflow in Linux fetchmail before 5.8.6 allows remote ...)
+CVE-2001-0819
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0816 (OpenSSH before 2.9.9, when running sftp using sftp-server and using ...)
+CVE-2001-0816
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0815 (Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and ...)
+CVE-2001-0815
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0806 (Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a ...)
+CVE-2001-0806
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0805 (Directory traversal vulnerability in ttawebtop.cgi in Tarantella ...)
+CVE-2001-0805
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0804 (Directory traversal vulnerability in story.pl in Interactive Story 1.3 ...)
+CVE-2001-0804
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0803 (Buffer overflow in the client connection routine of libDtSvc.so.1 in ...)
+CVE-2001-0803
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0801 (lpstat in IRIX 6.5.13f and earlier allows local users to gain root ...)
+CVE-2001-0801
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0797 (Buffer overflow in login in various System V based operating systems ...)
+CVE-2001-0797
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0796 (SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and ...)
+CVE-2001-0796
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0792 (Format string vulnerability in XChat 1.2.x allows remote attackers to ...)
+CVE-2001-0792
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0787 (LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships ...)
+CVE-2001-0787
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0784 (Directory traversal vulnerability in Icecast 1.3.10 and earlier allows ...)
+CVE-2001-0784
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0779 (Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 ...)
+CVE-2001-0779
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0774 (Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite ...)
+CVE-2001-0774
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0773 (Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial ...)
+CVE-2001-0773
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0770 (Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to ...)
+CVE-2001-0770
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0769 (Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause ...)
+CVE-2001-0769
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0765 (BisonFTP V4R1 allows local users to access directories outside of ...)
+CVE-2001-0765
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0764 (Buffer overflow in ntping in scotty 2.1.0 allows local users to ...)
+CVE-2001-0764
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0763 (Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow ...)
+CVE-2001-0763
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0760 (Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path ...)
+CVE-2001-0760
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0757 (Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC ...)
+CVE-2001-0757
 	NOT-FOR-US: Cisco
-CVE-2001-0754 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial ...)
+CVE-2001-0754
 	NOT-FOR-US: Cisco
-CVE-2001-0752 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial ...)
+CVE-2001-0752
 	NOT-FOR-US: Cisco
-CVE-2001-0751 (Cisco switches and routers running CBOS 2.3.8 and earlier use ...)
+CVE-2001-0751
 	NOT-FOR-US: Cisco
-CVE-2001-0750 (Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial ...)
+CVE-2001-0750
 	NOT-FOR-US: Cisco
-CVE-2001-0749 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to ...)
+CVE-2001-0749
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0748 (Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other ...)
+CVE-2001-0748
 	NOT-FOR-US: Cisco
-CVE-2001-0745 (Netscape 4.7x allows remote attackers to obtain sensitive information ...)
+CVE-2001-0745
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0741 (Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to ...)
+CVE-2001-0741
 	NOT-FOR-US: Cisco
-CVE-2001-0740 (3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router ...)
+CVE-2001-0740
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0739 (Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows ...)
+CVE-2001-0739
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0738 (LogLine function in klogd in sysklogd 1.3 in various Linux ...)
+CVE-2001-0738
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0733 (The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier ...)
+CVE-2001-0733
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0731 (Apache 1.3.20 with Multiviews enabled allows remote attackers to view ...)
+CVE-2001-0731
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0730 (split-logfile in Apache 1.3.20 allows remote attackers to overwrite ...)
+CVE-2001-0730
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0728 (Buffer overflow in Compaq Management Agents before 5.2, included in ...)
+CVE-2001-0728
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0727 (Internet Explorer 6.0 allows remote attackers to execute arbitrary ...)
+CVE-2001-0727
 	NOT-FOR-US: Microsoft
-CVE-2001-0726 (Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used ...)
+CVE-2001-0726
 	NOT-FOR-US: Microsoft
-CVE-2001-0724 (Internet Explorer 5.5 allows remote attackers to bypass security ...)
+CVE-2001-0724
 	NOT-FOR-US: Microsoft
-CVE-2001-0723 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and ...)
+CVE-2001-0723
 	NOT-FOR-US: Microsoft
-CVE-2001-0722 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and ...)
+CVE-2001-0722
 	NOT-FOR-US: Microsoft
-CVE-2001-0720 (Internet Explorer 5.1 for Macintosh on Mac OS X allows remote ...)
+CVE-2001-0720
 	NOT-FOR-US: Microsoft
-CVE-2001-0719 (Buffer overflow in Microsoft Windows Media Player 6.4 allows remote ...)
+CVE-2001-0719
 	NOT-FOR-US: Microsoft
-CVE-2001-0718 (Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) ...)
+CVE-2001-0718
 	NOT-FOR-US: Microsoft
-CVE-2001-0717 (Format string vulnerability in ToolTalk database server ...)
+CVE-2001-0717
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0716 (Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service ...)
+CVE-2001-0716
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0710 (NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote ...)
+CVE-2001-0710
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0706 (Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to ...)
+CVE-2001-0706
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0701 (Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and ...)
+CVE-2001-0701
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0700 (Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to ...)
+CVE-2001-0700
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0699 (Buffer overflow in cb_reset in the System Service Processor (SSP) ...)
+CVE-2001-0699
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0698 (Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b ...)
+CVE-2001-0698
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0697 (NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a ...)
+CVE-2001-0697
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0696 (NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a ...)
+CVE-2001-0696
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0692 (SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a ...)
+CVE-2001-0692
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0690 (Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in ...)
+CVE-2001-0690
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0686 (Buffer overflow in mail included with SunOS 5.8 for x86 allows a local ...)
+CVE-2001-0686
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0685 (Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt ...)
+CVE-2001-0685
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0682 (ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial ...)
+CVE-2001-0682
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0680 (Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and ...)
+CVE-2001-0680
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0677 (Eudora 5.0.2 allows a remote attacker to read arbitrary files via an ...)
+CVE-2001-0677
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0676 (Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f ...)
+CVE-2001-0676
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0675 (Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker ...)
+CVE-2001-0675
 	NOT-FOR-US: Microsoft
-CVE-2001-0670 (Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various ...)
+CVE-2001-0670
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0668 (Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 ...)
+CVE-2001-0668
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0667 (Internet Explorer 6 and earlier, when used with the Telnet client in ...)
+CVE-2001-0667
 	NOT-FOR-US: Microsoft
-CVE-2001-0666 (Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an ...)
+CVE-2001-0666
 	NOT-FOR-US: Microsoft
-CVE-2001-0665 (Internet Explorer 6 and earlier allows remote attackers to cause ...)
+CVE-2001-0665
 	NOT-FOR-US: Microsoft
-CVE-2001-0664 (Internet Explorer 5.5 and 5.01 allows remote attackers to bypass ...)
+CVE-2001-0664
 	NOT-FOR-US: Microsoft
-CVE-2001-0663 (Terminal Server in Windows NT and Windows 2000 allows remote ...)
+CVE-2001-0663
 	NOT-FOR-US: Microsoft
-CVE-2001-0662 (RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause ...)
+CVE-2001-0662
 	NOT-FOR-US: Microsoft
-CVE-2001-0660 (Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, ...)
+CVE-2001-0660
 	NOT-FOR-US: Microsoft
-CVE-2001-0659 (Buffer overflow in IrDA driver providing infrared data exchange on ...)
+CVE-2001-0659
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0658 (Cross-site scripting (CSS) vulnerability in Microsoft Internet ...)
+CVE-2001-0658
 	NOT-FOR-US: Microsoft
-CVE-2001-0653 (Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to ...)
+CVE-2001-0653
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0652 (Heap overflow in xlock in Solaris 2.6 through 8 allows local users to ...)
+CVE-2001-0652
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0650 (Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a ...)
+CVE-2001-0650
 	NOT-FOR-US: Cisco
-CVE-2001-0648 (Directory traversal vulnerability in PHProjekt 2.1 and earlier allows ...)
+CVE-2001-0648
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0646 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker ...)
+CVE-2001-0646
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0644 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in ...)
+CVE-2001-0644
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0643 (Internet Explorer 5.5 does not display the Class ID (CLSID) when it is ...)
+CVE-2001-0643
 	NOT-FOR-US: Microsoft
-CVE-2001-0641 (Buffer overflow in man program in various distributions of Linux ...)
+CVE-2001-0641
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0635 (Red Hat Linux 7.1 sets insecure permissions on swap files created ...)
+CVE-2001-0635
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0634 (Sun Chili!Soft ASP has weak permissions on various configuration ...)
+CVE-2001-0634
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0631 (Centrinity First Class Internet Services 5.50 allows for the ...)
+CVE-2001-0631
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0630 (Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a ...)
+CVE-2001-0630
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0629 (HP Event Correlation Service (ecsd) as included with OpenView Network Node  ...)
+CVE-2001-0629
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0628 (Microsoft Word 2000 does not check AutoRecovery (.asd) files for ...)
+CVE-2001-0628
 	NOT-FOR-US: Microsoft
-CVE-2001-0627 (vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker ...)
+CVE-2001-0627
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0626 (O'Reilly Website Professional 2.5.4 and earlier allows remote ...)
+CVE-2001-0626
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0625 (ftpdownload in Computer Associates InoculateIT 6.0 allows a local ...)
+CVE-2001-0625
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0622 (The web management service on Cisco Content Service series 11000 ...)
+CVE-2001-0622
 	NOT-FOR-US: Cisco
-CVE-2001-0621 (The FTP server on Cisco Content Service 11000 series switches (CSS) ...)
+CVE-2001-0621
 	NOT-FOR-US: Cisco
-CVE-2001-0616 (Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a ...)
+CVE-2001-0616
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0615 (Directory traversal vulnerability in Faust Informatics Freestyle Chat ...)
+CVE-2001-0615
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0613 (Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a ...)
+CVE-2001-0613
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0612 (McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause ...)
+CVE-2001-0612
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0611 (Becky! 2.00.05 and earlier can allow a remote attacker to gain ...)
+CVE-2001-0611
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0596 (Netscape Communicator before 4.77 allows remote attackers to execute ...)
+CVE-2001-0596
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0595 (Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 ...)
+CVE-2001-0595
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0594 (kcms_configure as included with Solaris 7 and 8 allows a local ...)
+CVE-2001-0594
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0593 (Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to ...)
+CVE-2001-0593
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0591 (Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 ...)
+CVE-2001-0591
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0590 (Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a ...)
+CVE-2001-0590
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0589 (NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and ...)
+CVE-2001-0589
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0586 (TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local ...)
+CVE-2001-0586
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0585 (Gordano NTMail 6.0.3c allows a remote attacker to create a denial of ...)
+CVE-2001-0585
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0574 (Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows ...)
+CVE-2001-0574
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0573 (lsfs in AIX 4.x allows a local user to gain additional privileges by ...)
+CVE-2001-0573
 	NOT-FOR-US: AIX
-CVE-2001-0567 (Digital Creations Zope 2.3.2 and earlier allows a local attacker ...)
+CVE-2001-0567
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0565 (Buffer overflow in mailx in Solaris 8 and earlier allows a local ...)
+CVE-2001-0565
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0564 (APC Web/SNMP Management Card prior to Firmware 310 only supports one ...)
+CVE-2001-0564
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0563 (ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a ...)
+CVE-2001-0563
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0560 (Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local ...)
+CVE-2001-0560
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0559 (crontab in Vixie cron 3.0.1 and earlier does not properly drop ...)
+CVE-2001-0559
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0558 (T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote ...)
+CVE-2001-0558
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0554 (Buffer overflow in BSD-based telnetd telnet daemon on various ...)
+CVE-2001-0554
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0553 (SSH Secure Shell 3.0.0 on Unix systems does not properly perform ...)
+CVE-2001-0553
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0550 (wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands ...)
+CVE-2001-0550
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0549 (Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a ...)
+CVE-2001-0549
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0548 (Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to ...)
+CVE-2001-0548
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0547 (Memory leak in the proxy service in Microsoft Internet Security and ...)
+CVE-2001-0547
 	NOT-FOR-US: Microsoft
-CVE-2001-0546 (Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security ...)
+CVE-2001-0546
 	NOT-FOR-US: Microsoft
-CVE-2001-0545 (IIS 4.0 with URL redirection enabled allows remote attackers to cause ...)
+CVE-2001-0545
 	NOT-FOR-US: Microsoft
-CVE-2001-0544 (IIS 5.0 allows local users to cause a denial of service (hang) via by ...)
+CVE-2001-0544
 	NOT-FOR-US: Microsoft
-CVE-2001-0543 (Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows ...)
+CVE-2001-0543
 	NOT-FOR-US: Microsoft
-CVE-2001-0541 (Buffer overflow in Microsoft Windows Media Player 7.1 and earlier ...)
+CVE-2001-0541
 	NOT-FOR-US: Microsoft
-CVE-2001-0540 (Memory leak in Terminal servers in Windows NT and Windows 2000 allows ...)
+CVE-2001-0540
 	NOT-FOR-US: Microsoft
-CVE-2001-0538 (Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and ...)
+CVE-2001-0538
 	NOT-FOR-US: Microsoft
-CVE-2001-0537 (HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass ...)
+CVE-2001-0537
 	NOT-FOR-US: Cisco
-CVE-2001-0533 (Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows ...)
+CVE-2001-0533
 	NOT-FOR-US: AIX
-CVE-2001-0530 (Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker ...)
+CVE-2001-0530
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0529 (OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a ...)
+CVE-2001-0529
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0528 (Oracle E-Business Suite Release 11i Applications Desktop Integrator ...)
+CVE-2001-0528
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0527 (DCScripts DCForum versions 2000 and earlier allow a remote attacker to ...)
+CVE-2001-0527
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0526 (Buffer overflow in the Xview library as used by mailtool in Solaris 8 ...)
+CVE-2001-0526
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0525 (Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and ...)
+CVE-2001-0525
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0522 (Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) ...)
+CVE-2001-0522
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0518 (Oracle listener before Oracle 9i allows attackers to cause a denial of ...)
+CVE-2001-0518
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0517 (Oracle listener in Oracle 8i on Solaris allows remote attackers to ...)
+CVE-2001-0517
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0514 (SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as ...)
+CVE-2001-0514
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0513 (Oracle listener process on Windows NT redirects connection requests to ...)
+CVE-2001-0513
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0508 (Vulnerability in IIS 5.0 allows remote attackers to cause a denial of ...)
+CVE-2001-0508
 	NOT-FOR-US: Microsoft
-CVE-2001-0507 (IIS 5.0 uses relative paths to find system files that will run ...)
+CVE-2001-0507
 	NOT-FOR-US: Microsoft
-CVE-2001-0506 (Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to ...)
+CVE-2001-0506
 	NOT-FOR-US: Microsoft
-CVE-2001-0504 (Vulnerability in authentication process for SMTP service in Microsoft ...)
+CVE-2001-0504
 	NOT-FOR-US: Microsoft
-CVE-2001-0503 (Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows ...)
+CVE-2001-0503
 	NOT-FOR-US: Microsoft
-CVE-2001-0502 (Running Windows 2000 LDAP Server over SSL, a function does not ...)
+CVE-2001-0502
 	NOT-FOR-US: Microsoft
-CVE-2001-0501 (Microsoft Word 2002 and earlier allows attackers to automatically ...)
+CVE-2001-0501
 	NOT-FOR-US: Microsoft
-CVE-2001-0500 (Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and ...)
+CVE-2001-0500
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0497 (dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 ...)
+CVE-2001-0497
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0495 (Directory traversal in DataWizard WebXQ server 1.204 allows remote ...)
+CVE-2001-0495
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0494 (Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior ...)
+CVE-2001-0494
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0493 (Small HTTP server 2.03 allows remote attackers to cause a denial of ...)
+CVE-2001-0493
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0489 (Format string vulnerability in gftp prior to 2.0.8 allows remote ...)
+CVE-2001-0489
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0488 (pcltotiff in HP-UX 10.x has unnecessary set group id permissions, ...)
+CVE-2001-0488
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0487 (AIX SNMP server snmpd allows remote attackers to cause a denial of ...)
+CVE-2001-0487
 	NOT-FOR-US: AIX
-CVE-2001-0486 (Remote attackers can cause a denial of service in Novell BorderManager ...)
+CVE-2001-0486
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0485 (Unknown vulnerability in netprint in IRIX 6.2, and possibly other ...)
+CVE-2001-0485
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0482 (Configuration error in Argus PitBull LX allows root users to bypass ...)
+CVE-2001-0482
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0481 (Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure ...)
+CVE-2001-0481
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0475 (index.php in Jelsoft vBulletin does not properly initialize a PHP ...)
+CVE-2001-0475
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0474 (Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local ...)
+CVE-2001-0474
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0473 (Format string vulnerability in Mutt before 1.2.5 allows a remote ...)
+CVE-2001-0473
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0469 (rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other ...)
+CVE-2001-0469
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0467 (Directory traversal vulnerability in RobTex Viking Web server before ...)
+CVE-2001-0467
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0465 (TurboTax saves passwords in a temporary file when a user imports ...)
+CVE-2001-0465
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0463 (Directory traversal vulnerability in cal_make.pl in PerlCal allows ...)
+CVE-2001-0463
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0462 (Directory traversal vulnerability in Perl web server 0.3 and earlier ...)
+CVE-2001-0462
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0461 (template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows ...)
+CVE-2001-0461
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0457 (man2html before 1.5-22 allows remote attackers to cause a denial of ...)
+CVE-2001-0457
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0456 (postinst installation script for Proftpd in Debian 2.2 does not ...)
+CVE-2001-0456
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0455 (Cisco Aironet 340 Series wireless bridge before 8.55 does not properly ...)
+CVE-2001-0455
 	NOT-FOR-US: Cisco
-CVE-2001-0449 (Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary ...)
+CVE-2001-0449
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0444 (Cisco CBOS 2.3.0.053 sends output of the &quot;sh nat&quot; (aka &quot;show nat&quot;) ...)
+CVE-2001-0444
 	NOT-FOR-US: Cisco
-CVE-2001-0442 (Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and ...)
+CVE-2001-0442
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0440 (Buffer overflow in logging functions of licq before 1.0.3 allows ...)
+CVE-2001-0440
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0439 (licq before 1.0.3 allows remote attackers to execute arbitrary ...)
+CVE-2001-0439
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0434 (The LogDataListToFile ActiveX function used in (1) Knowledge Center ...)
+CVE-2001-0434
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0430 (Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates ...)
+CVE-2001-0430
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0429 (Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an ...)
+CVE-2001-0429
 	NOT-FOR-US: Cisco
-CVE-2001-0428 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote ...)
+CVE-2001-0428
 	NOT-FOR-US: Cisco
-CVE-2001-0427 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote ...)
+CVE-2001-0427
 	NOT-FOR-US: Cisco
-CVE-2001-0423 (Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute ...)
+CVE-2001-0423
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0422 (Buffer overflow in Xsun in Solaris 8 and earlier allows local users to ...)
+CVE-2001-0422
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0416 (sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files ...)
+CVE-2001-0416
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0414 (Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and ...)
+CVE-2001-0414
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0413 (BinTec X4000 Access router, and possibly other versions, allows remote ...)
+CVE-2001-0413
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0412 (Cisco Content Services (CSS) switch products 11800 and earlier, aka ...)
+CVE-2001-0412
 	NOT-FOR-US: Cisco
-CVE-2001-0409 (vim (aka gvim) allows local users to modify files being edited by ...)
+CVE-2001-0409
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0408 (vim (aka gvim) processes VIM control codes that are embedded in a ...)
+CVE-2001-0408
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0407 (Directory traversal vulnerability in MySQL before 3.23.36 allows local ...)
+CVE-2001-0407
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0405 (ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote ...)
+CVE-2001-0405
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0402 (IPFilter 3.4.16 and earlier does not include sufficient session ...)
+CVE-2001-0402
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0394 (Remote manager service in Website Pro 3.0.37 allows remote attackers ...)
+CVE-2001-0394
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0388 (time server daemon timed allows remote attackers to cause a denial of ...)
+CVE-2001-0388
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0387 (Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows ...)
+CVE-2001-0387
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0386 (AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a ...)
+CVE-2001-0386
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0383 (banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to ...)
+CVE-2001-0383
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0379 (Vulnerability in the newgrp program included with HP9000 servers ...)
+CVE-2001-0379
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0378 (readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history ...)
+CVE-2001-0378
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0377 (Infradig Inframail prior to 3.98a allows a remote attacker to create a ...)
+CVE-2001-0377
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0375 (Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa ...)
+CVE-2001-0375
 	NOT-FOR-US: Cisco
-CVE-2001-0373 (The default configuration of the Dr. Watson program in Windows NT and ...)
+CVE-2001-0373
 	NOT-FOR-US: Microsoft
-CVE-2001-0371 (Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and ...)
+CVE-2001-0371
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0368 (Directory traversal vulnerability in BearShare 2.2.2 and earlier ...)
+CVE-2001-0368
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0366 (saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the ...)
+CVE-2001-0366
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0365 (Eudora before 5.1 allows a remote attacker to execute arbitrary code, ...)
+CVE-2001-0365
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0364 (SSH Communications Security sshd 2.4 for Windows allows remote ...)
+CVE-2001-0364
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0361 (Implementations of SSH version 1.5, including (1) OpenSSH up to ...)
+CVE-2001-0361
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0353 (Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and ...)
+CVE-2001-0353
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0351 (Microsoft Windows 2000 telnet service allows a local user to make a ...)
+CVE-2001-0351
 	NOT-FOR-US: Microsoft
-CVE-2001-0348 (Microsoft Windows 2000 telnet service allows attackers to cause a ...)
+CVE-2001-0348
 	NOT-FOR-US: Microsoft
-CVE-2001-0347 (Information disclosure vulnerability in Microsoft Windows 2000 telnet ...)
+CVE-2001-0347
 	NOT-FOR-US: Microsoft
-CVE-2001-0346 (Handle leak in Microsoft Windows 2000 telnet service allows attackers ...)
+CVE-2001-0346
 	NOT-FOR-US: Microsoft
-CVE-2001-0345 (Microsoft Windows 2000 telnet service allows attackers to prevent idle ...)
+CVE-2001-0345
 	NOT-FOR-US: Microsoft
-CVE-2001-0344 (An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using ...)
+CVE-2001-0344
 	NOT-FOR-US: Microsoft
-CVE-2001-0341 (Buffer overflow in Microsoft Visual Studio RAD Support sub-component ...)
+CVE-2001-0341
 	NOT-FOR-US: Microsoft
-CVE-2001-0340 (An interaction between the Outlook Web Access (OWA) service in ...)
+CVE-2001-0340
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0339 (Internet Explorer 5.5 and earlier allows remote attackers to display a ...)
+CVE-2001-0339
 	NOT-FOR-US: Microsoft
-CVE-2001-0338 (Internet Explorer 5.5 and earlier does not properly validate digital ...)
+CVE-2001-0338
 	NOT-FOR-US: Microsoft
-CVE-2001-0336 (The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an ...)
+CVE-2001-0336
 	NOT-FOR-US: Microsoft
-CVE-2001-0335 (FTP service in IIS 5.0 and earlier allows remote attackers to ...)
+CVE-2001-0335
 	NOT-FOR-US: Microsoft
-CVE-2001-0334 (FTP service in IIS 5.0 and earlier allows remote attackers to cause a ...)
+CVE-2001-0334
 	NOT-FOR-US: Microsoft
-CVE-2001-0333 (Directory traversal vulnerability in IIS 5.0 and earlier allows remote ...)
+CVE-2001-0333
 	NOT-FOR-US: Microsoft
-CVE-2001-0331 (Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in ...)
+CVE-2001-0331
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0330 (Bugzilla 2.10 allows remote attackers to access sensitive information, ...)
+CVE-2001-0330
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0327 (iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote ...)
+CVE-2001-0327
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0326 (Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle ...)
+CVE-2001-0326
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0321 (opendir.php script in PHP-Nuke allows remote attackers to read ...)
+CVE-2001-0321
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0319 (orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to ...)
+CVE-2001-0319
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0318 (Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to ...)
+CVE-2001-0318
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0317 (Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local ...)
+CVE-2001-0317
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0316 (Linux kernel 2.4 and 2.2 allows local users to read kernel memory and ...)
+CVE-2001-0316
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0311 (Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows ...)
+CVE-2001-0311
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0310 (sort in FreeBSD 4.1.1 and earlier, and possibly other operating ...)
+CVE-2001-0310
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0309 (inetd in Red Hat 6.2 does not properly close sockets for internal ...)
+CVE-2001-0309
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0301 (Buffer overflow in Analog before 4.16 allows remote attackers to ...)
+CVE-2001-0301
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0299 (Buffer overflow in Voyager web administration server for Nokia IP440 ...)
+CVE-2001-0299
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0295 (Directory traversal vulnerability in War FTP 1.67.04 allows remote ...)
+CVE-2001-0295
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0290 (Vulnerability in Mailman 2.0.1 and earlier allows list administrators ...)
+CVE-2001-0290
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0289 (Joe text editor 2.8 searches the current working directory (CWD) for ...)
+CVE-2001-0289
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0288 (Cisco switches and routers running IOS 12.1 and earlier produce ...)
+CVE-2001-0288
 	NOT-FOR-US: Cisco
-CVE-2001-0287 (VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to ...)
+CVE-2001-0287
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0284 (Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and ...)
+CVE-2001-0284
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0280 (Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to ...)
+CVE-2001-0280
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0279 (Buffer overflow in sudo earlier than 1.6.3p6 allows local users to ...)
+CVE-2001-0279
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0278 (Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local ...)
+CVE-2001-0278
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0276 (ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote ...)
+CVE-2001-0276
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0274 (kicq IRC client 1.0.0, and possibly later versions, allows remote ...)
+CVE-2001-0274
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0269 (pam_ldap authentication module in Solaris 8 allows remote attackers to ...)
+CVE-2001-0269
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0268 (The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD ...)
+CVE-2001-0268
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0267 (NM debug in HP MPE/iX 6.5 and earlier does not properly handle ...)
+CVE-2001-0267
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0266 (Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier ...)
+CVE-2001-0266
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0265 (ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers ...)
+CVE-2001-0265
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0260 (Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a ...)
+CVE-2001-0260
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0259 (ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local ...)
+CVE-2001-0259
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0252 (iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote ...)
+CVE-2001-0252
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0245 (Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in ...)
+CVE-2001-0245
 	NOT-FOR-US: Microsoft
-CVE-2001-0244 (Buffer overflow in Microsoft Index Server 2.0 allows remote attackers ...)
+CVE-2001-0244
 	NOT-FOR-US: Microsoft
-CVE-2001-0243 (Windows Media Player 7 and earlier stores Internet shortcuts in a ...)
+CVE-2001-0243
 	NOT-FOR-US: Microsoft
-CVE-2001-0241 (Buffer overflow in Internet Printing ISAPI extension in Windows 2000 ...)
+CVE-2001-0241
 	NOT-FOR-US: Microsoft
-CVE-2001-0240 (Microsoft Word before Word 2002 allows attackers to automatically ...)
+CVE-2001-0240
 	NOT-FOR-US: Microsoft
-CVE-2001-0239 (Microsoft Internet Security and Acceleration (ISA) Server 2000 Web ...)
+CVE-2001-0239
 	NOT-FOR-US: Microsoft
-CVE-2001-0238 (Microsoft Data Access Component Internet Publishing Provider ...)
+CVE-2001-0238
 	NOT-FOR-US: Microsoft
-CVE-2001-0237 (Memory leak in Microsoft 2000 domain controller allows remote ...)
+CVE-2001-0237
 	NOT-FOR-US: Microsoft
-CVE-2001-0236 (Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows ...)
+CVE-2001-0236
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0235 (Vulnerability in crontab allows local users to read crontab files of ...)
+CVE-2001-0235
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0234 (NewsDaemon before 0.21b allows remote attackers to execute arbitrary ...)
+CVE-2001-0234
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0233 (Buffer overflow in micq client 0.4.6 and earlier allows remote ...)
+CVE-2001-0233
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0230 (Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly ...)
+CVE-2001-0230
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0222 (webmin 0.84 and earlier allows local users to overwrite and create ...)
+CVE-2001-0222
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0221 (Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to ...)
+CVE-2001-0221
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0219 (Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 ...)
+CVE-2001-0219
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0218 (Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands. ...)
+CVE-2001-0218
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0215 (ROADS search.pl program allows remote attackers to read arbitrary ...)
+CVE-2001-0215
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0207 (Buffer overflow in bing allows remote attackers to execute arbitrary ...)
+CVE-2001-0207
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0204 (Watchguard Firebox II allows remote attackers to cause a denial of ...)
+CVE-2001-0204
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0203 (Watchguard Firebox II firewall allows users with read-only access to ...)
+CVE-2001-0203
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0197 (Format string vulnerability in print_client in icecast 1.3.8beta2 and ...)
+CVE-2001-0197
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0196 (inetd ident server in FreeBSD 4.x and earlier does not properly set ...)
+CVE-2001-0196
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0195 (sash before 3.4-4 in Debian GNU/Linux does not properly clone ...)
+CVE-2001-0195
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0194 (Buffer overflow in httpGets function in CUPS 1.1.5 allows remote ...)
+CVE-2001-0194
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0193 (Format string vulnerability in man in some Linux distributions allows ...)
+CVE-2001-0193
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0191 (gnuserv before 3.12, as shipped with XEmacs, does not properly check ...)
+CVE-2001-0191
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0190 (Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and ...)
+CVE-2001-0190
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0189 (Directory traversal vulnerability in LocalWEB2000 HTTP server allows ...)
+CVE-2001-0189
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0187 (Format string vulnerability in wu-ftp 2.6.1 and earlier, when running ...)
+CVE-2001-0187
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0185 (Netopia R9100 router version 4.6 allows authenticated users to cause a ...)
+CVE-2001-0185
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0183 (ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to ...)
+CVE-2001-0183
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0182 (FireWall-1 4.1 with a limited-IP license allows remote attackers to ...)
+CVE-2001-0182
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0179 (Allaire JRun 3.0 allows remote attackers to list contents of the ...)
+CVE-2001-0179
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0178 (kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify ...)
+CVE-2001-0178
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0176 (The setuid doroot program in Voyant Sonata 3.x executes arbitrary ...)
+CVE-2001-0176
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0175 (The caching module in Netscape Fasttrack Server 4.1 allows remote ...)
+CVE-2001-0175
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0174 (Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote ...)
+CVE-2001-0174
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0170 (glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, ...)
+CVE-2001-0170
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0169 (When using the LD_PRELOAD environmental variable in SUID or SGID ...)
+CVE-2001-0169
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0166 (Macromedia Shockwave Flash plugin version 8 and earlier allows remote ...)
+CVE-2001-0166
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0165 (Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 ...)
+CVE-2001-0165
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0164 (Buffer overflow in Netscape Directory Server 4.12 and earlier allows ...)
+CVE-2001-0164
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0157 (Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier ...)
+CVE-2001-0157
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0156 (VShell SSH gateway 1.0.1 and earlier has a default port forwarding ...)
+CVE-2001-0156
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0155 (Format string vulnerability in VShell SSH gateway 1.0.1 and earlier ...)
+CVE-2001-0155
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0154 (HTML e-mail feature in Internet Explorer 5.5 and earlier allows ...)
+CVE-2001-0154
 	NOT-FOR-US: Microsoft
-CVE-2001-0153 (Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual ...)
+CVE-2001-0153
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0152 (The password protection option for the Compressed Folders feature in ...)
+CVE-2001-0152
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0151 (IIS 5.0 allows remote attackers to cause a denial of service via a ...)
+CVE-2001-0151
 	NOT-FOR-US: Microsoft
-CVE-2001-0150 (Internet Explorer 5.5 and earlier executes Telnet sessions using ...)
+CVE-2001-0150
 	NOT-FOR-US: Microsoft
-CVE-2001-0149 (Windows Scripting Host in Internet Explorer 5.5 and earlier allows ...)
+CVE-2001-0149
 	NOT-FOR-US: Microsoft
-CVE-2001-0148 (The WMP ActiveX Control in Windows Media Player 7 allows remote ...)
+CVE-2001-0148
 	NOT-FOR-US: Microsoft
-CVE-2001-0147 (Buffer overflow in Windows 2000 event viewer snap-in allows attackers ...)
+CVE-2001-0147
 	NOT-FOR-US: Microsoft
-CVE-2001-0144 (CORE SDI SSH1 CRC-32 compensation attack detector allows remote ...)
+CVE-2001-0144
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0143 (vpop3d program in linuxconf 1.23r and earlier allows local users to ...)
+CVE-2001-0143
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0142 (squid 2.3 and earlier allows local users to overwrite arbitrary files ...)
+CVE-2001-0142
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0141 (mgetty 1.1.22 allows local users to overwrite arbitrary files via a ...)
+CVE-2001-0141
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0140 (arpwatch 2.1a4 allows local users to overwrite arbitrary files via a ...)
+CVE-2001-0140
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0139 (inn 2.2.3 allows local users to overwrite arbitrary files via a ...)
+CVE-2001-0139
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0138 (privatepw program in wu-ftpd before 2.6.1-6 allows local users to ...)
+CVE-2001-0138
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0137 (Windows Media Player 7 allows remote attackers to execute malicious ...)
+CVE-2001-0137
 	NOT-FOR-US: Microsoft
-CVE-2001-0136 (Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a ...)
+CVE-2001-0136
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0130 (Buffer overflow in HTML parser of the Lotus R5 Domino Server before ...)
+CVE-2001-0130
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0129 (Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows ...)
+CVE-2001-0129
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0128 (Zope before 2.2.4 does not properly compute local roles, which could ...)
+CVE-2001-0128
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0126 (Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to ...)
+CVE-2001-0126
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0125 (exmh 2.2 and earlier allows local users to overwrite arbitrary files ...)
+CVE-2001-0125
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0124 (Buffer overflow in exrecover in Solaris 2.6 and earlier possibly ...)
+CVE-2001-0124
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0123 (Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows ...)
+CVE-2001-0123
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0122 (Kernel leak in AfpaCache module of the Fast Response Cache Accelerator ...)
+CVE-2001-0122
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0121 (ImageCast Control Center 4.1.0 allows remote attackers to cause a ...)
+CVE-2001-0121
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0120 (useradd program in shadow-utils program may allow local users to ...)
+CVE-2001-0120
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0119 (getty_ps 2.0.7j allows local users to overwrite arbitrary files via a ...)
+CVE-2001-0119
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0118 (rdist 6.1.5 allows local users to overwrite arbitrary files via a ...)
+CVE-2001-0118
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0117 (sdiff 2.7 in the diffutils package allows local users to overwrite ...)
+CVE-2001-0117
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0116 (gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink ...)
+CVE-2001-0116
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0115 (Buffer overflow in arp command in Solaris 7 and earlier allows local users ...)
+CVE-2001-0115
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0111 (Format string vulnerability in splitvt before 1.6.5 allows local users ...)
+CVE-2001-0111
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0110 (Buffer overflow in jaZip Zip/Jaz drive manager allows local users to ...)
+CVE-2001-0110
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0109 (rctab in SuSE 7.0 and earlier allows local users to create or overwrite ...)
+CVE-2001-0109
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0108 (PHP Apache module 4.0.4 and earlier allows remote attackers to bypass ...)
+CVE-2001-0108
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0106 (Vulnerability in inetd server in HP-UX 11.04 and earlier allows ...)
+CVE-2001-0106
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0105 (Vulnerability in top in HP-UX 11.04 and earlier allows local users to ...)
+CVE-2001-0105
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0100 (bslist.cgi mailing list script allows remote attackers to execute ...)
+CVE-2001-0100
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0099 (bsguest.cgi guestbook script allows remote attackers to execute ...)
+CVE-2001-0099
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0096 (FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote ...)
+CVE-2001-0096
 	NOT-FOR-US: Microsoft
-CVE-2001-0095 (catman in Solaris 2.7 and 2.8 allows local users to overwrite ...)
+CVE-2001-0095
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0094 (Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 ...)
+CVE-2001-0094
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0092 (A function in Internet Explorer 5.0 through 5.5 does not properly ...)
+CVE-2001-0092
 	NOT-FOR-US: Microsoft
-CVE-2001-0091 (The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 ...)
+CVE-2001-0091
 	NOT-FOR-US: Microsoft
-CVE-2001-0090 (The Print Templates feature in Internet Explorer 5.5 executes ...)
+CVE-2001-0090
 	NOT-FOR-US: Microsoft
-CVE-2001-0089 (Internet Explorer 5.0 through 5.5 allows remote attackers to read ...)
+CVE-2001-0089
 	NOT-FOR-US: Microsoft
-CVE-2001-0085 (Buffer overflow in Kermit communications software in HP-UX 11.0 and ...)
+CVE-2001-0085
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0083 (Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 ...)
+CVE-2001-0083
 	NOT-FOR-US: Microsoft
-CVE-2001-0081 (swinit in nCipher does not properly disable the Operator Card Set ...)
+CVE-2001-0081
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0080 (Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to ...)
+CVE-2001-0080
 	NOT-FOR-US: Cisco
-CVE-2001-0078 (in.mond in Sun Cluster 2.x allows local users to read arbitrary files ...)
+CVE-2001-0078
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0077 (The clustmon service in Sun Cluster 2.x does not require ...)
+CVE-2001-0077
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0072 (gpg (aka GnuPG) 1.0.4 and other versions imports both public and ...)
+CVE-2001-0072
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0071 (gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached ...)
+CVE-2001-0071
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0069 (dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local ...)
+CVE-2001-0069
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0066 (Secure Locate (slocate) allows local users to corrupt memory via a ...)
+CVE-2001-0066
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0063 (procfs in FreeBSD and possibly other operating systems allows local ...)
+CVE-2001-0063
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0062 (procfs in FreeBSD and possibly other operating systems allows local ...)
+CVE-2001-0062
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0061 (procfs in FreeBSD and possibly other operating systems does not ...)
+CVE-2001-0061
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0060 (Format string vulnerability in stunnel 3.8 and earlier allows ...)
+CVE-2001-0060
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0059 (patchadd in Solaris allows local users to overwrite arbitrary files ...)
+CVE-2001-0059
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0058 (The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier ...)
+CVE-2001-0058
 	NOT-FOR-US: Cisco
-CVE-2001-0057 (Cisco 600 routers running CBOS 2.4.1 and earlier allow remote ...)
+CVE-2001-0057
 	NOT-FOR-US: Cisco
-CVE-2001-0056 (The Cisco Web Management interface in routers running CBOS 2.4.1 and ...)
+CVE-2001-0056
 	NOT-FOR-US: Cisco
-CVE-2001-0055 (CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to ...)
+CVE-2001-0055
 	NOT-FOR-US: Cisco
-CVE-2001-0054 (Directory traversal vulnerability in FTP Serv-U before 2.5i allows ...)
+CVE-2001-0054
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0053 (One-byte buffer overflow in replydirname function in BSD-based ftpd ...)
+CVE-2001-0053
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0050 (Buffer overflow in BitchX IRC client allows remote attackers to cause ...)
+CVE-2001-0050
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0043 (phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary ...)
+CVE-2001-0043
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0042 (PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read ...)
+CVE-2001-0042
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0041 (Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches ...)
+CVE-2001-0041
 	NOT-FOR-US: Cisco
-CVE-2001-0040 (APC UPS daemon, apcupsd, saves its process ID in a world-writable ...)
+CVE-2001-0040
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0039 (IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of ...)
+CVE-2001-0039
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0036 (KTH Kerberos IV allows local users to overwrite arbitrary files via a ...)
+CVE-2001-0036
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0035 (Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV ...)
+CVE-2001-0035
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0034 (KTH Kerberos IV allows local users to specify an alternate proxy using ...)
+CVE-2001-0034
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0033 (KTH Kerberos IV allows local users to change the configuration of a ...)
+CVE-2001-0033
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0028 (Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 ...)
+CVE-2001-0028
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0026 (rp-pppoe PPPoE client allows remote attackers to cause a denial of service ...)
+CVE-2001-0026
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0021 (MailMan Webmail 3.0.25 and earlier allows remote attackers to execute ...)
+CVE-2001-0021
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0020 (Directory traversal vulnerability in Arrowpoint (aka Cisco Content ...)
+CVE-2001-0020
 	NOT-FOR-US: Cisco
-CVE-2001-0018 (Windows 2000 domain controller in Windows 2000 Server, Advanced ...)
+CVE-2001-0018
 	NOT-FOR-US: Microsoft
-CVE-2001-0017 (Memory leak in PPTP server in Windows NT 4.0 allows remote attackers ...)
+CVE-2001-0017
 	NOT-FOR-US: Microsoft
-CVE-2001-0016 (NTLM Security Support Provider (NTLMSSP) service does not properly ...)
+CVE-2001-0016
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0015 (Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users ...)
+CVE-2001-0015
 	NOT-FOR-US: Microsoft
-CVE-2001-0014 (Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not ...)
+CVE-2001-0014
 	NOT-FOR-US: Microsoft
-CVE-2001-0013 (Format string vulnerability in nslookupComplain function in BIND 4 ...)
+CVE-2001-0013
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0012 (BIND 4 and BIND 8 allow remote attackers to access sensitive ...)
+CVE-2001-0012
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0011 (Buffer overflow in nslookupComplain function in BIND 4 allows remote ...)
+CVE-2001-0011
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0010 (Buffer overflow in transaction signature (TSIG) handling code in BIND ...)
+CVE-2001-0010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0009 (Directory traversal vulnerability in Lotus Domino 5.0.5 web server ...)
+CVE-2001-0009
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0008 (Backdoor account in Interbase database server allows remote attackers ...)
+CVE-2001-0008
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0007 (Buffer overflow in NetScreen Firewall WebUI allows remote attackers to ...)
+CVE-2001-0007
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0006 (The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has ...)
+CVE-2001-0006
 	NOT-FOR-US: Microsoft
-CVE-2001-0005 (Buffer overflow in the parsing mechanism of the file loader in ...)
+CVE-2001-0005
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0004 (IIS 5.0 and 4.0 allows remote attackers to read the source code for ...)
+CVE-2001-0004
 	NOT-FOR-US: Microsoft
-CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and ...)
+CVE-2001-0003
 	NOT-FOR-US: Microsoft
-CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to obtain ...)
+CVE-2001-0002
 	NOT-FOR-US: Microsoft
-CVE-2001-0001 (cookiedecode function in PHP-Nuke 4.4 allows users to bypass ...)
+CVE-2001-0001
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress ...)
+CVE-2001-1413
 	NOTE: not vulnerable according to http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge
 	NOTE: discussion at:
 	NOTE: http://archives.neohapsis.com/archives/linux/lsap/2001-q2/0081.html
 	NOTE: listed sarge version contains a fix like the patch from Gentoo
 	- ncompress 4.2.4-15
-CVE-2001-1412 (nidump on MacOS X before 10.3 allows local users to read the encrypted ...)
+CVE-2001-1412
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1411 (Format string vulnerability in gm4 (aka m4) on Mac OS X may allow ...)
+CVE-2001-1411
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1410 (Internet Explorer 6 and earlier allows remote attackers to create ...)
+CVE-2001-1410
 	NOT-FOR-US: Microsoft
-CVE-2001-1409 (dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with ...)
+CVE-2001-1409
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1408 (Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in ...)
+CVE-2001-1408
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1405 (Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, ...)
+CVE-2001-1405
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1404 (Bugzilla before 2.14 stores user passwords in plaintext and sends ...)
+CVE-2001-1404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1403 (Bugzilla before 2.14 includes the username and password in URLs, which ...)
+CVE-2001-1403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1402 (Bugzilla before 2.14 does not properly escape untrusted parameters, ...)
+CVE-2001-1402
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1401 (Bugzilla before 2.14 does not properly restrict access to confidential ...)
+CVE-2001-1401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1400 (Unknown vulnerabilities in the UDP port allocation for Linux kernel ...)
+CVE-2001-1400
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1399 (Certain operations in Linux kernel before 2.2.19 on the x86 ...)
+CVE-2001-1399
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1398 (Masquerading code for Linux kernel before 2.2.19 does not fully check ...)
+CVE-2001-1398
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1397 (The System V (SYS5) shared memory implementation for Linux kernel ...)
+CVE-2001-1397
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1396 (Unknown vulnerabilities in strnlen_user for Linux kernel before ...)
+CVE-2001-1396
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1395 (Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 ...)
+CVE-2001-1395
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1394 (Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel ...)
+CVE-2001-1394
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1393 (Unknown vulnerability in classifier code for Linux kernel before ...)
+CVE-2001-1393
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1392 (The Linux kernel before 2.2.19 does not have unregister calls for (1) ...)
+CVE-2001-1392
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1390 (Unknown vulnerability in binfmt_misc in the Linux kernel before ...)
+CVE-2001-1390
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1389 (Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional ...)
+CVE-2001-1389
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1388 (iptables before 1.2.4 does not accurately convert rate limits that are ...)
+CVE-2001-1388
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1387 (iptables-save in iptables before 1.2.4 records the &quot;--reject-with ...)
+CVE-2001-1387
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1384 (ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows ...)
+CVE-2001-1384
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1379 (The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and ...)
+CVE-2001-1379
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1377 (Multiple RADIUS implementations do not properly validate the ...)
+CVE-2001-1377
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1376 (Buffer overflow in digest calculation function of multiple RADIUS ...)
+CVE-2001-1376
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1368 (Vulnerability in iPlanet Web Server 4 included in Virtualvault ...)
+CVE-2001-1368
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1366 (netscript before 1.6.3 parses dynamic variables, which could allow ...)
+CVE-2001-1366
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1365 (Vulnerability in IntraGnat before 1.4. ...)
+CVE-2001-1365
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1364 (Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain ...)
+CVE-2001-1364
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1363 (Vulnerability in phpWebSite before 0.7.9 related to running multiple ...)
+CVE-2001-1363
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1362 (Vulnerability in the server for nPULSE before 0.53p4. ...)
+CVE-2001-1362
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1361 (Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly ...)
+CVE-2001-1361
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1360 (Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related ...)
+CVE-2001-1360
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1358 (Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly ...)
+CVE-2001-1358
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1357 (Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) ...)
+CVE-2001-1357
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1356 (NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak ...)
+CVE-2001-1356
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1355 (Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and ...)
+CVE-2001-1355
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1354 (NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in ...)
+CVE-2001-1354
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1353 (ghostscript before 6.51 allows local users to read and write arbitrary ...)
+CVE-2001-1353
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1348 (TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized ...)
+CVE-2001-1348
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1346 (Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) ...)
+CVE-2001-1346
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1344 (WSSecurity.pl in WebStore allows remote attackers to bypass ...)
+CVE-2001-1344
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1343 (ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated ...)
+CVE-2001-1343
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1341 (The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi ...)
+CVE-2001-1341
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1340 (Beck GmbH IPC@Chip TelnetD service supports only one connection and ...)
+CVE-2001-1340
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1339 (Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect ...)
+CVE-2001-1339
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1338 (Beck IPC GmbH IPC@CHIP TelnetD server generates different responses ...)
+CVE-2001-1338
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1337 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to ...)
+CVE-2001-1337
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1336 (CesarFTP 0.98b and earlier stores usernames and passwords in plaintext ...)
+CVE-2001-1336
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1335 (Directory traversal vulnerability in CesarFTP 0.98b and earlier allows ...)
+CVE-2001-1335
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1333 (Linux CUPS before 1.1.6 does not securely handle temporary files, ...)
+CVE-2001-1333
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1332 (Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers ...)
+CVE-2001-1332
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1331 (mandb in the man-db package before 2.3.16-3 allows local users to ...)
+CVE-2001-1331
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1330 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...)
+CVE-2001-1330
 	NOT-FOR-US: AIX
-CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...)
+CVE-2001-1329
 	NOT-FOR-US: AIX
-CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the ...)
+CVE-2001-1326
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow ...)
+CVE-2001-1325
 	NOT-FOR-US: Microsoft
-CVE-2001-1324 (cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not ...)
+CVE-2001-1324
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1323 (Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows ...)
+CVE-2001-1323
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1321 (Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote ...)
+CVE-2001-1321
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1320 (Network Associates PGP Keyserver 7.0 allows remote attackers to cause ...)
+CVE-2001-1320
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1319 (Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial ...)
+CVE-2001-1319
 	NOT-FOR-US: Microsoft
-CVE-2001-1318 (Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote ...)
+CVE-2001-1318
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1317 (Teamware Office Enterprise Directory allows remote attackers to cause ...)
+CVE-2001-1317
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1316 (Buffer overflows in Teamware Office Enterprise Directory allows remote ...)
+CVE-2001-1316
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1315 (Critical Path (1) InJoin Directory Server or (2) LiveContent Directory ...)
+CVE-2001-1315
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1314 (Buffer overflows in Critical Path (1) InJoin Directory Server or (2) ...)
+CVE-2001-1314
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1313 (Lotus Domino R5 before R5.0.7a allows remote attackers to cause a ...)
+CVE-2001-1313
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1312 (Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow ...)
+CVE-2001-1312
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1311 (Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote ...)
+CVE-2001-1311
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1310 (IBM SecureWay 3.2.1 allow remote attackers to cause a denial of ...)
+CVE-2001-1310
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1309 (Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to ...)
+CVE-2001-1309
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1308 (Format string vulnerabilities in iPlanet Directory Server 4.1.4 and ...)
+CVE-2001-1308
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1307 (Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) ...)
+CVE-2001-1307
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1306 (iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote ...)
+CVE-2001-1306
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1305 (ICQ 2001a Alpha and earlier allows remote attackers to automatically ...)
+CVE-2001-1305
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1304 (Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to ...)
+CVE-2001-1304
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1300 (Directory traversal vulnerability in Dynu FTP server 1.05 and earlier ...)
+CVE-2001-1300
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1298 (Webodex PHP script 1.0 and earlier allows remote attackers to include ...)
+CVE-2001-1298
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1294 (Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows ...)
+CVE-2001-1294
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1293 (Buffer overflow in web server of 3com HomeConnect Cable Modem External ...)
+CVE-2001-1293
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1292 (Sambar Telnet Proxy/Server allows remote attackers to cause a denial ...)
+CVE-2001-1292
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1290 (admin.cgi in Active Classifieds Free Edition 1.0, and possibly ...)
+CVE-2001-1290
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1289 (Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a ...)
+CVE-2001-1289
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1288 (Windows 2000 and Windows NT allows local users to cause a denial of ...)
+CVE-2001-1288
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1287 (Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier ...)
+CVE-2001-1287
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1286 (Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, ...)
+CVE-2001-1286
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1285 (Directory traversal vulnerability in readmail.cgi for Ipswitch IMail ...)
+CVE-2001-1285
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1284 (Ipswitch IMail 7.04 and earlier uses predictable session IDs for ...)
+CVE-2001-1284
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1283 (The webmail interface for Ipswitch IMail 7.04 and earlier allows ...)
+CVE-2001-1283
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1282 (Ipswitch IMail 7.04 and earlier records the physical path of ...)
+CVE-2001-1282
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1281 (Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote ...)
+CVE-2001-1281
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1280 (POP3 Server for Ipswitch IMail 7.04 and earlier generates different ...)
+CVE-2001-1280
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1278 (Zope before 2.2.4 allows partially trusted users to bypass security ...)
+CVE-2001-1278
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1275 (MySQL before 3.23.31 allows users with a MySQL account to use the SHOW ...)
+CVE-2001-1275
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1274 (Buffer overflow in MySQL before 3.23.31 allows attackers to cause a ...)
+CVE-2001-1274
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1273 (The &quot;mxcsr P4&quot; vulnerability in the Linux kernel before 2.2.17-14, ...)
+CVE-2001-1273
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1272 (wmtv 0.6.5 and earlier does not properly drop privileges, which allows ...)
+CVE-2001-1272
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1271 (Directory traversal vulnerability in rar 2.02 and earlier allows ...)
+CVE-2001-1271
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1270 (Directory traversal vulnerability in the console version of PKZip ...)
+CVE-2001-1270
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1269 (Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite ...)
+CVE-2001-1269
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1268 (Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier ...)
+CVE-2001-1268
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1265 (Directory traversal vulnerability in IBM alphaWorks Java TFTP server ...)
+CVE-2001-1265
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1264 (Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating ...)
+CVE-2001-1264
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1263 (telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers ...)
+CVE-2001-1263
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1262 (Avaya Argent Office 2.1 compares a user-provided SNMP community string ...)
+CVE-2001-1262
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1261 (Avaya Argent Office 2.1 may allow remote attackers to change hold ...)
+CVE-2001-1261
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1260 (Avaya Argent Office uses weak encryption (trivial encoding) for ...)
+CVE-2001-1260
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1259 (Avaya Argent Office allows remote attackers to cause a denial of ...)
+CVE-2001-1259
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1258 (Horde Internet Messaging Program (IMP) before 2.2.6 allows local users ...)
+CVE-2001-1258
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1257 (Cross-site scripting vulnerability in Horde Internet Messaging Program ...)
+CVE-2001-1257
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1256 (kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create ...)
+CVE-2001-1256
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1255 (WinMySQLadmin 1.1 stores the MySQL password in plain text in the ...)
+CVE-2001-1255
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1254 (Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX ...)
+CVE-2001-1254
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1253 (Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords ...)
+CVE-2001-1253
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1250 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...)
+CVE-2001-1250
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1249 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...)
+CVE-2001-1249
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1248 (vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts ...)
+CVE-2001-1248
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1245 (Opera 5.0 for Linux does not properly handle malformed HTTP headers, ...)
+CVE-2001-1245
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1244 (Multiple TCP implementations could allow remote attackers to cause a ...)
+CVE-2001-1244
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1243 (Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 ...)
+CVE-2001-1243
 	NOT-FOR-US: Microsoft
-CVE-2001-1242 (Directory traversal vulnerability in Un-CGI 1.9 and earlier allows ...)
+CVE-2001-1242
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1241 (Un-CGI 1.9 and earlier does not verify that a CGI script has the ...)
+CVE-2001-1241
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1239 (PowerNet IX allows remote attackers to cause a denial of service via a ...)
+CVE-2001-1239
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1238 (Task Manager in Windows 2000 does not allow local users to end ...)
+CVE-2001-1238
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1233 (Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with ...)
+CVE-2001-1233
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1232 (GroupWise WebAccess 5.5 with directory indexing enabled allows a ...)
+CVE-2001-1232
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1230 (Buffer overflows in Icecast before 1.3.10 allow remote attackers to ...)
+CVE-2001-1230
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1229 (Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before ...)
+CVE-2001-1229
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1228 (Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow ...)
+CVE-2001-1228
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1226 (AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, ...)
+CVE-2001-1226
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1225 (Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to ...)
+CVE-2001-1225
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1224 (get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows ...)
+CVE-2001-1224
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1223 (The web administration server for ELSA Lancom 1100 Office does not ...)
+CVE-2001-1223
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1222 (Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain ...)
+CVE-2001-1222
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1221 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses ...)
+CVE-2001-1221
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1220 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point ...)
+CVE-2001-1220
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1219 (Microsoft Internet Explorer 6.0 and earlier allows malicious website ...)
+CVE-2001-1219
 	NOT-FOR-US: Microsoft
-CVE-2001-1218 (Microsoft Internet Explorer for Unix 5.0SP1 allows local users to ...)
+CVE-2001-1218
 	NOT-FOR-US: Microsoft
-CVE-2001-1217 (Directory traversal vulnerability in PL/SQL Apache module in Oracle ...)
+CVE-2001-1217
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1216 (Buffer overflow in PL/SQL Apache module in Oracle 9i Application ...)
+CVE-2001-1216
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1214 (manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote ...)
+CVE-2001-1214
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1213 (The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a ...)
+CVE-2001-1213
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1212 (Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 ...)
+CVE-2001-1212
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1211 (Ipswitch IMail 7.0.4 and earlier allows attackers with administrator ...)
+CVE-2001-1211
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1210 (Cisco ubr900 series routers that conform to the Data-over-Cable ...)
+CVE-2001-1210
 	NOT-FOR-US: Cisco
-CVE-2001-1209 (Directory traversal vulnerability in zml.cgi allows remote attackers ...)
+CVE-2001-1209
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1208 (Format string vulnerability in DayDream BBS allows remote attackers to ...)
+CVE-2001-1208
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1207 (Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote ...)
+CVE-2001-1207
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1206 (Matrix CGI vault Last Lines 2.0 allows remote attackers to execute ...)
+CVE-2001-1206
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1205 (Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 ...)
+CVE-2001-1205
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1204 (Directory traversal vulnerability in phprocketaddin in Total PC ...)
+CVE-2001-1204
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1202 (Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does ...)
+CVE-2001-1202
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1198 (RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite ...)
+CVE-2001-1198
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1197 (klprfax_filter in KDE2 KDEUtils allows local users to overwrite ...)
+CVE-2001-1197
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1196 (Directory traversal vulnerability in edit_action.cgi of Webmin ...)
+CVE-2001-1196
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1195 (Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a ...)
+CVE-2001-1195
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1194 (Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to ...)
+CVE-2001-1194
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1192 (Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 ...)
+CVE-2001-1192
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1191 (WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote ...)
+CVE-2001-1191
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1190 (The default PAM files included with passwd in Mandrake Linux 8.1 do ...)
+CVE-2001-1190
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1189 (IBM Websphere Application Server 3.5.3 and earlier stores a password ...)
+CVE-2001-1189
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1188 (mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote ...)
+CVE-2001-1188
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1187 (csvform.pl 0.1 allows remote attackers to execute arbitrary commands ...)
+CVE-2001-1187
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1184 (wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows ...)
+CVE-2001-1184
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1182 (Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows ...)
+CVE-2001-1182
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1181 (Dynamically Loadable Kernel Module (dlkm) static kernel symbol table ...)
+CVE-2001-1181
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1179 (xman allows local users to gain privileges by modifying the MANPATH to ...)
+CVE-2001-1179
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1178 (Buffer overflow in xman allows local users to gain privileges via a ...)
+CVE-2001-1178
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1173 (Vulnerability in MasqMail before 0.1.15 allows local users to gain ...)
+CVE-2001-1173
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1171 (Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and ...)
+CVE-2001-1171
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1170 (AmTote International homebet program stores the homebet.log file in ...)
+CVE-2001-1170
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1169 (keyinit in S/Key does not require authentication to initialize a ...)
+CVE-2001-1169
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1168 (Directory traversal vulnerability in index.php in PhpMyExplorer before ...)
+CVE-2001-1168
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-1167
 	REJECTED
-CVE-2001-1165 (Intego FileGuard 4.0 uses weak encryption to store user information ...)
+CVE-2001-1165
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1164 (Buffer overflow in uucp utilities in UnixWare 7 allows local users to ...)
+CVE-2001-1164
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1163 (Buffer overflow in Munica Corporation NetSQL 1.0 allows remote ...)
+CVE-2001-1163
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1159 (load_prefs.php and supporting include files in SquirrelMail 1.0.4 and ...)
+CVE-2001-1159
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1157 (Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly ...)
+CVE-2001-1157
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1156 (TYPSoft FTP 0.95 allows remote attackers to cause a denial of service ...)
+CVE-2001-1156
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1154 (Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, ...)
+CVE-2001-1154
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1152 (Baltimore Technologies WEBsweeper 4.02, when used to manage URL ...)
+CVE-2001-1152
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1151 (Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 ...)
+CVE-2001-1151
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1150 (Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate ...)
+CVE-2001-1150
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1148 (Multiple buffer overflows in programs used by scoadmin and sysadmsh in ...)
+CVE-2001-1148
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1143 (IBM DB2 7.0 allows a remote attacker to cause a denial of service ...)
+CVE-2001-1143
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1142 (ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, ...)
+CVE-2001-1142
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1140 (BadBlue Personal Edition v1.02 beta allows remote attackers to read ...)
+CVE-2001-1140
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1139 (Directory traversal vulnerability in ASCII NT WinWrapper Professional ...)
+CVE-2001-1139
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1138 (Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker ...)
+CVE-2001-1138
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1137 (D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows ...)
+CVE-2001-1137
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1136 (The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to ...)
+CVE-2001-1136
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1135 (ZyXEL Prestige 642R and 642R-I routers do not filter the routers' ...)
+CVE-2001-1135
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1134 (Xerox DocuPrint N40 Printers allow remote attackers to cause a denial ...)
+CVE-2001-1134
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1133 (Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users ...)
+CVE-2001-1133
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1131 (Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 ...)
+CVE-2001-1131
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1129 (Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) ...)
+CVE-2001-1129
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1128 (Buffer overflow in Progress database 8.3D and 9.1C allows local users ...)
+CVE-2001-1128
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1127 (Buffer overflow in Progress database 8.3D and 9.1C could allow a local ...)
+CVE-2001-1127
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1126 (Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, ...)
+CVE-2001-1126
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1125 (Symantec LiveUpdate before 1.6 does not use cryptography to ensure the ...)
+CVE-2001-1125
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1124 (rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to ...)
+CVE-2001-1124
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1123 (Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP ...)
+CVE-2001-1123
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1122 (Windows NT 4.0 SP 6a allows a local user with write access to ...)
+CVE-2001-1122
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1120 (Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote ...)
+CVE-2001-1120
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1115 (generate.cgi in SIX-webboard 2.01 and before allows remote attackers ...)
+CVE-2001-1115
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1114 (book.cgi in NetCode NC Book 0.2b allows remote attackers to execute ...)
+CVE-2001-1114
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1112 (Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute ...)
+CVE-2001-1112
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1111 (EFTP 2.0.7.337 stores user passwords in plaintext in the ...)
+CVE-2001-1111
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1110 (EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials ...)
+CVE-2001-1110
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1109 (Directory traversal vulnerability in EFTP 2.0.7.337 allows remote ...)
+CVE-2001-1109
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1107 (SnapStream PVS 1.2a stores its passwords in plaintext in the file ...)
+CVE-2001-1107
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1105 (RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches ...)
+CVE-2001-1105
 	NOT-FOR-US: Cisco
-CVE-2001-1104 (SonicWALL SOHO uses easily predictable TCP sequence numbers, which ...)
+CVE-2001-1104
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1102 (Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users ...)
+CVE-2001-1102
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1101 (The Log Viewer function in the Check Point FireWall-1 GUI for Solaris ...)
+CVE-2001-1101
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1097 (Cisco routers and switches running IOS 12.0 through 12.2.1 allows a ...)
+CVE-2001-1097
 	NOT-FOR-US: Cisco
-CVE-2001-1094 (NetOp School 1.5 allows local users to bypass access restrictions on ...)
+CVE-2001-1094
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1093 (Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows ...)
+CVE-2001-1093
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1092 (msgchk in Digital UNIX 4.0G and earlier allows a local user to read ...)
+CVE-2001-1092
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1091 (The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 ...)
+CVE-2001-1091
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1090 (nss_postgresql 0.6.1 and before allows a remote attacker to execute ...)
+CVE-2001-1090
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1087 (The default configuration of the config.http.tunnel.allow_ports option ...)
+CVE-2001-1087
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1086 (XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using ...)
+CVE-2001-1086
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1082 (Directory traversal vulnerability in Livingston/Lucent RADIUS before ...)
+CVE-2001-1082
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1078 (Format string vulnerability in flog function of eXtremail 1.1.9 and ...)
+CVE-2001-1078
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1077 (Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users ...)
+CVE-2001-1077
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1076 (Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows ...)
+CVE-2001-1076
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1073 (Webridge PX Application Suite allows remote attackers to obtain ...)
+CVE-2001-1073
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1070 (Sage Software MAS 200 allows remote attackers to cause a denial of ...)
+CVE-2001-1070
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1068 (qpopper 4.01 with PAM based authentication on Red Hat systems ...)
+CVE-2001-1068
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1065 (Web-based configuration utility in Cisco 600 series routers running ...)
+CVE-2001-1065
 	NOT-FOR-US: Cisco
-CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows ...)
+CVE-2001-1064
 	NOT-FOR-US: Cisco
-CVE-2001-1061 (Vulnerability in lsmcode in unknown versions of AIX, possibly related ...)
+CVE-2001-1061
 	NOT-FOR-US: AIX
-CVE-2001-1060 (phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute ...)
+CVE-2001-1060
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1058 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...)
+CVE-2001-1058
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1057 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...)
+CVE-2001-1057
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1052 (Empris PHP script allows remote attackers to include arbitrary files ...)
+CVE-2001-1052
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1051 (Dark Hart Portal (darkportal) PHP script allows remote attackers to ...)
+CVE-2001-1051
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1050 (CCCSoftware CCC PHP script allows remote attackers to include ...)
+CVE-2001-1050
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1047 (Race condition in OpenBSD VFS allows local users to cause a denial of ...)
+CVE-2001-1047
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1045 (Directory traversal vulnerability in basilix.php3 in Basilix Webmail ...)
+CVE-2001-1045
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1044 (Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class ...)
+CVE-2001-1044
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1042 (Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary ...)
+CVE-2001-1042
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1041 (oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to ...)
+CVE-2001-1041
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1040 (HP LaserJet, and possibly other JetDirect devices, resets the admin ...)
+CVE-2001-1040
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1039 (The JetAdmin web interface for HP JetDirect does not set a password ...)
+CVE-2001-1039
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1034 (Format string vulnerability in Hylafax on FreeBSD allows local users ...)
+CVE-2001-1034
 	{DSA-148}
 	- hylafax 4.1.2-2.1
-CVE-2001-1033 (Compaq TruCluster 1.5 allows remote attackers to cause a denial of ...)
+CVE-2001-1033
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1031 (Directory traversal vulnerability in Meteor FTP 1.0 allows remote ...)
+CVE-2001-1031
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1026 (Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs ...)
+CVE-2001-1026
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1025 (PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL ...)
+CVE-2001-1025
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1024 (login.gas.bat and other CGI scripts in Entrust getAccess allow remote ...)
+CVE-2001-1024
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1023 (Xcache 2.1 allows remote attackers to determine the absolute path of ...)
+CVE-2001-1023
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1021 (Buffer overflows in WS_FTP 2.02 allow remote attackers to execute ...)
+CVE-2001-1021
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1019 (Directory traversal vulnerability in view_item CGI program in ...)
+CVE-2001-1019
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1018 (Lotus Domino web server 5.08 allows remote attackers to determine the ...)
+CVE-2001-1018
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1015 (Buffer overflow in Snes9x 1.37, when installed setuid root, allows ...)
+CVE-2001-1015
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1014 (eshop.pl in WebDiscount(e)shop allows remote attackers to execute ...)
+CVE-2001-1014
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1013 (Apache on Red Hat Linux with with the UserDir directive enabled ...)
+CVE-2001-1013
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1012 (Vulnerability in screen before 3.9.10, related to a multi-attach error, ...)
+CVE-2001-1012
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1009 (Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious ...)
+CVE-2001-1009
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1007 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a ...)
+CVE-2001-1007
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1006 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not ...)
+CVE-2001-1006
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1005 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak ...)
+CVE-2001-1005
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1004 (Cross-site scripting (CSS) vulnerability in gnut Gnutella client ...)
+CVE-2001-1004
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1003 (Respondus 1.1.2 for WebCT uses weak encryption to remember usernames ...)
+CVE-2001-1003
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1000 (rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and ...)
+CVE-2001-1000
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0999 (Outlook Express 6.00 allows remote attackers to execute arbitrary ...)
+CVE-2001-0999
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0997 (Textor Webmasters Ltd listrec.pl CGI program allows remote attackers ...)
+CVE-2001-0997
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0996 (POP3Lite before 0.2.4 does not properly quote a . (dot) in an email ...)
+CVE-2001-0996
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0994 (Marconi ForeThought 7.1 allows remote attackers to cause a denial of ...)
+CVE-2001-0994
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0992 (shopplus.cgi in ShopPlus shopping cart allows remote attackers to ...)
+CVE-2001-0992
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0991 (Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and ...)
+CVE-2001-0991
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0990 (Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, ...)
+CVE-2001-0990
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0989 (Buffer overflows in Pileup before 1.2 allows local users to gain root ...)
+CVE-2001-0989
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0988 (Arkeia backup server 4.2.8-2 and earlier creates its database files ...)
+CVE-2001-0988
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0986 (SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote ...)
+CVE-2001-0986
 	NOT-FOR-US: Microsoft
-CVE-2001-0985 (shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote ...)
+CVE-2001-0985
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0984 (Password Safe 1.7(1) leaves cleartext passwords in memory when a user ...)
+CVE-2001-0984
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0983 (UltraEdit uses weak encryption to record FTP passwords in the ...)
+CVE-2001-0983
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0979 (Buffer overflow in swverify in HP-UX 11.0, and possibly other ...)
+CVE-2001-0979
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0976 (Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and ...)
+CVE-2001-0976
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0975 (Buffer overflow vulnerabilities in Oracle Internet Directory Server ...)
+CVE-2001-0975
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0974 (Format string vulnerabilities in Oracle Internet Directory Server ...)
+CVE-2001-0974
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0972 (Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on ...)
+CVE-2001-0972
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0971 (Directory traversal vulnerability in ACI 4d webserver allows remote ...)
+CVE-2001-0971
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0970 (Cross-site scripting vulnerability in TDForum 1.2 CGI script ...)
+CVE-2001-0970
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0968 (Knox Arkeia server 4.2, and possibly other versions, installs its root ...)
+CVE-2001-0968
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0967 (Knox Arkeia server 4.2, and possibly other versions, uses a constant ...)
+CVE-2001-0967
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0966 (Directory traversal vulnerability in Nudester 1.10 and earlier allows ...)
+CVE-2001-0966
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0964 (Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows ...)
+CVE-2001-0964
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0958 (Buffer overflows in eManager plugin for Trend Micro InterScan ...)
+CVE-2001-0958
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0956 (speechd 0.54 and earlier, with the Festival or rsynth speech synthesis ...)
+CVE-2001-0956
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0955 (Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph ...)
+CVE-2001-0955
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0953 (Kebi WebMail allows remote attackers to access the administrator menu ...)
+CVE-2001-0953
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0952 (THQ Volition Red Faction Game allows remote attackers to cause a ...)
+CVE-2001-0952
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0950 (ValiCert Enterprise Validation Authority (EVA) Administration Server ...)
+CVE-2001-0950
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0949 (Buffer overflows in forms.exe CGI program in ValiCert Enterprise ...)
+CVE-2001-0949
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0948 (Cross-site scripting (CSS) vulnerability in ValiCert Enterprise ...)
+CVE-2001-0948
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0947 (Forms.exe CGI program in ValiCert Enterprise Validation Authority ...)
+CVE-2001-0947
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0945 (Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh ...)
+CVE-2001-0945
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0944 (DDE in mIRC allows local users to launch applications under another ...)
+CVE-2001-0944
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0943 (dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the ...)
+CVE-2001-0943
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0942 (dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment ...)
+CVE-2001-0942
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0941 (Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local ...)
+CVE-2001-0941
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0938 (Directory traversal vulnerability in AspUpload 2.1, in certain ...)
+CVE-2001-0938
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0937 (PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands ...)
+CVE-2001-0937
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0935 (Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which ...)
+CVE-2001-0935
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0934 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the ...)
+CVE-2001-0934
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0933 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the ...)
+CVE-2001-0933
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0932 (Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote ...)
+CVE-2001-0932
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0931 (Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 ...)
+CVE-2001-0931
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0930 (Sendpage.pl allows remote attackers to execute arbitrary commands via ...)
+CVE-2001-0930
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0928 (Buffer overflow in the permitted function of GNOME gtop daemon ...)
+CVE-2001-0928
 	{DSA-301}
 	- libgtop 1.0.13-4
-CVE-2001-0927 (Format string vulnerability in the permitted function of GNOME ...)
+CVE-2001-0927
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0926 (SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers ...)
+CVE-2001-0926
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0925 (The default installation of Apache before 1.3.19 allows remote ...)
+CVE-2001-0925
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0924 (Directory traversal vulnerability in ifx CGI program in Informix Web ...)
+CVE-2001-0924
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0923 (RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to ...)
+CVE-2001-0923
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0922 (ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier ...)
+CVE-2001-0922
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0919 (Internet Explorer 5.50.4134.0100 on Windows ME with &quot;Prompt to allow ...)
+CVE-2001-0919
 	NOT-FOR-US: Microsoft
-CVE-2001-0916 (Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier ...)
+CVE-2001-0916
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0915 (Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 ...)
+CVE-2001-0915
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0913 (Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and ...)
+CVE-2001-0913
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0911 (PHP-Nuke 5.1 stores user and administrator passwords in a base-64 ...)
+CVE-2001-0911
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0910 (Legato Networker before 6.1 allows remote attackers to bypass access ...)
+CVE-2001-0910
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0908 (CITRIX Metaframe 1.8 logs the Client Address (IP address) that is ...)
+CVE-2001-0908
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0904 (Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies ...)
+CVE-2001-0904
 	NOT-FOR-US: Microsoft
-CVE-2001-0903 (Linear key exchange process in High-bandwidth Digital Content ...)
+CVE-2001-0903
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0898 (Opera 6.0 and earlier allows remote attackers to access sensitive ...)
+CVE-2001-0898
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0897 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board ...)
+CVE-2001-0897
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0893 (Acme mini_httpd before 1.16 allows remote attackers to view sensitive ...)
+CVE-2001-0893
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0892 (Acme Thttpd Secure Webserver before 2.22, with the chroot option ...)
+CVE-2001-0892
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0890 (Certain backend drivers in the SANE library 1.0.3 and earlier, as used ...)
+CVE-2001-0890
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0885
 	RESERVED
@@ -2332,63 +2332,63 @@ CVE-2001-0880
 	RESERVED
 CVE-2001-0878
 	RESERVED
-CVE-2001-0871 (Directory traversal vulnerability in HTTP server for Alchemy Eye and ...)
+CVE-2001-0871
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0870 (HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through ...)
+CVE-2001-0870
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0868 (Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve ...)
+CVE-2001-0868
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0858 (Buffer overflow in pppattach and other linked PPP utilities in Caldera ...)
+CVE-2001-0858
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0856 (Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker ...)
+CVE-2001-0856
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0855 (Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local ...)
+CVE-2001-0855
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0854 (PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary ...)
+CVE-2001-0854
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0853 (Directory traversal vulnerability in Entrust GetAccess allows remote ...)
+CVE-2001-0853
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0849 (viralator CGI script in Viralator 0.9pre1 and earlier allows remote ...)
+CVE-2001-0849
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0848 (join.cfm in e-Zone Media Fuse Talk allows a local user to execute ...)
+CVE-2001-0848
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0847 (Lotus Domino Web Server 5.x allows remote attackers to gain sensitive ...)
+CVE-2001-0847
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0845 (Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 ...)
+CVE-2001-0845
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0844 (Vulnerability in (1) Book of guests and (2) Post it! allows remote ...)
+CVE-2001-0844
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0842 (Directory traversal vulnerability in Search.cgi in Leoboard LB5000 ...)
+CVE-2001-0842
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0841 (Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and ...)
+CVE-2001-0841
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0840 (Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows ...)
+CVE-2001-0840
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0839 (ibillpm.pl in iBill password management system generates weak ...)
+CVE-2001-0839
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0838 (Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows ...)
+CVE-2001-0838
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0835 (Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly ...)
+CVE-2001-0835
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0832 (Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users ...)
+CVE-2001-0832
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0831 (Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and ...)
+CVE-2001-0831
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0829 (A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a ...)
+CVE-2001-0829
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0827 (Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a ...)
+CVE-2001-0827
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0826 (Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute ...)
+CVE-2001-0826
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0824 (Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 ...)
+CVE-2001-0824
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0821 (The default configuration of DCShop 1.002 beta places sensitive files ...)
+CVE-2001-0821
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0820 (Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to ...)
+CVE-2001-0820
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0818 (A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier ...)
+CVE-2001-0818
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0817 (Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 ...)
+CVE-2001-0817
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0814
 	REJECTED
@@ -2400,160 +2400,160 @@ CVE-2001-0811
 	REJECTED
 CVE-2001-0810
 	REJECTED
-CVE-2001-0809 (Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX ...)
+CVE-2001-0809
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0808 (gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers ...)
+CVE-2001-0808
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0807 (Internet Explorer 5.0, and possibly other versions, may allow remote ...)
+CVE-2001-0807
 	NOT-FOR-US: Microsoft
 CVE-2001-0802
 	REJECTED
-CVE-2001-0800 (lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute ...)
+CVE-2001-0800
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0799 (Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote ...)
+CVE-2001-0799
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0798
 	REJECTED
-CVE-2001-0795 (Perception LiteServe 1.25 allows remote attackers to obtain source ...)
+CVE-2001-0795
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0794 (Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers ...)
+CVE-2001-0794
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0791 (Trend Micro InterScan VirusWall for Windows NT allows remote attackers ...)
+CVE-2001-0791
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0790 (Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a ...)
+CVE-2001-0790
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0789 (Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 ...)
+CVE-2001-0789
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0788 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...)
+CVE-2001-0788
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0786 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...)
+CVE-2001-0786
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0785 (Directory traversal in Webpaging interface in Internet Software ...)
+CVE-2001-0785
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0783 (Cisco TFTP server 1.1 allows remote attackers to read arbitrary files ...)
+CVE-2001-0783
 	NOT-FOR-US: Cisco
-CVE-2001-0782 (KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root ...)
+CVE-2001-0782
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to ...)
+CVE-2001-0781
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0780 (Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl ...)
+CVE-2001-0780
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0778 (OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source ...)
+CVE-2001-0778
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0777 (Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of ...)
+CVE-2001-0777
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0776 (Buffer overflow in DynFX MailServer version 2.10 allows remote ...)
+CVE-2001-0776
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0775 (Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux ...)
+CVE-2001-0775
 	{DSA-695-1}
 	- xli 1.17.0-17
-CVE-2001-0772 (Buffer overflows and other vulnerabilities in multiple Common Desktop ...)
+CVE-2001-0772
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0771 (Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator ...)
+CVE-2001-0771
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0768 (GuildFTPd 0.9.7 stores user names and passwords in plaintext in the ...)
+CVE-2001-0768
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0767 (Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers ...)
+CVE-2001-0767
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0766 (Apache on MacOS X Client 10.0.3 with the HFS+ file system allows ...)
+CVE-2001-0766
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0762 (Buffer overflow in su-wrapper 1.1.1 allows local users to execute ...)
+CVE-2001-0762
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0761 (Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager ...)
+CVE-2001-0761
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0759 (Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows ...)
+CVE-2001-0759
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0758 (Directory traversal vulnerability in Shambala 4.5 allows remote ...)
+CVE-2001-0758
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0756 (CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in ...)
+CVE-2001-0756
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0755 (Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows ...)
+CVE-2001-0755
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0753 (Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) ...)
+CVE-2001-0753
 	NOT-FOR-US: Cisco
-CVE-2001-0747 (Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, ...)
+CVE-2001-0747
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0746 (Buffer overflow in Web Publisher in iPlanet Web Server Enterprise ...)
+CVE-2001-0746
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0744 (Horde IMP 2.2.4 and earlier allows local users to overwrite files via ...)
+CVE-2001-0744
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0743 (Paging function in O'Reilly WebBoard Pager 4.10 allows remote ...)
+CVE-2001-0743
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0742 (Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows ...)
+CVE-2001-0742
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0737 (A long 'synch' delay in Logitech wireless mice and keyboard receivers ...)
+CVE-2001-0737
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0736 (Vulnerability in (1) pine before 4.33 and (2) the pico editor, ...)
+CVE-2001-0736
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0735 (Buffer overflow in cfingerd 1.4.3 and earlier with the ...)
+CVE-2001-0735
 	- cfingerd 1.4.3-1.1 (bug #104394)
 	NOTE: 1.4.3-1.2 is not in the PTS, but 1.4.3-1.2 incorporates
 	NOTE: its changes.
-CVE-2001-0734 (Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local ...)
+CVE-2001-0734
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0729 (Apache 1.3.20 on Windows servers allows remote attackers to bypass the ...)
+CVE-2001-0729
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0725
 	RESERVED
-CVE-2001-0721 (Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows ...)
+CVE-2001-0721
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0715 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...)
+CVE-2001-0715
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0714 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...)
+CVE-2001-0714
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0713 (Sendmail before 8.12.1 does not properly drop privileges when the -C ...)
+CVE-2001-0713
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0712 (The rendering engine in Internet Explorer determines the MIME type ...)
+CVE-2001-0712
 	NOT-FOR-US: Microsoft
-CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a ...)
+CVE-2001-0711
 	NOT-FOR-US: Cisco
-CVE-2001-0709 (Microsoft IIS 4.0 and before, when installed on a FAT partition, ...)
+CVE-2001-0709
 	NOT-FOR-US: Microsoft
-CVE-2001-0708 (Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a ...)
+CVE-2001-0708
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0707 (Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a ...)
+CVE-2001-0707
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0705 (Directory traversal vulnerability in tradecli.dll in Arcadia Internet ...)
+CVE-2001-0705
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0704 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...)
+CVE-2001-0704
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0703 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...)
+CVE-2001-0703
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0702 (Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial ...)
+CVE-2001-0702
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0695 (WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by ...)
+CVE-2001-0695
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0694 (Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote ...)
+CVE-2001-0694
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0693 (WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view ...)
+CVE-2001-0693
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0691 (Buffer overflows in Washington University imapd 2000a through 2000c ...)
+CVE-2001-0691
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0689 (Vulnerability in TrendMicro Virus Control System 1.8 allows a remote ...)
+CVE-2001-0689
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0688 (Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial ...)
+CVE-2001-0688
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0687 (Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker ...)
+CVE-2001-0687
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0684 (Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to ...)
+CVE-2001-0684
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0683 (Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a ...)
+CVE-2001-0683
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0681 (Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a ...)
+CVE-2001-0681
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0679 (A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote ...)
+CVE-2001-0679
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0678 (A buffer overflow in reggo.dll file used by Trend Micro InterScan ...)
+CVE-2001-0678
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0674 (Directory traversal vulnerability in RobTex Viking Web server before ...)
+CVE-2001-0674
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0673
 	RESERVED
 CVE-2001-0672
 	RESERVED
-CVE-2001-0671 (Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost ...)
+CVE-2001-0671
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0669 (Various Intrusion Detection Systems (IDS) including (1) Cisco Secure ...)
+CVE-2001-0669
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0661
 	RESERVED
@@ -2565,625 +2565,625 @@ CVE-2001-0655
 	REJECTED
 CVE-2001-0654
 	REJECTED
-CVE-2001-0649 (Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial ...)
+CVE-2001-0649
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0647 (Orange Web Server 2.1, based on GoAhead, allows a remote attacker to ...)
+CVE-2001-0647
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0645 (Symantec/AXENT NetProwler 3.5.x contains several default passwords, ...)
+CVE-2001-0645
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0642 (Directory traversal vulnerability in IncrediMail version 1400185 and ...)
+CVE-2001-0642
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0636 (Buffer overflows in Raytheon SilentRunner allow remote attackers to ...)
+CVE-2001-0636
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0633 (Directory traversal vulnerability in Sun Chili!Soft ASP on multiple ...)
+CVE-2001-0633
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0632 (Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin ...)
+CVE-2001-0632
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0624 (QNX 2.4 allows a local user to read arbitrary files by directly ...)
+CVE-2001-0624
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0623 (sendfiled, as included with Simple Asynchronous File Transfer (SAFT), ...)
+CVE-2001-0623
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0620 (iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to ...)
+CVE-2001-0620
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0619 (The Lucent Closed Network protocol can allow remote attackers to join ...)
+CVE-2001-0619
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0618 (Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of ...)
+CVE-2001-0618
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0617 (Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the ...)
+CVE-2001-0617
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0614 (Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain ...)
+CVE-2001-0614
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0610 (kfm as included with KDE 1.x can allow a local attacker to gain ...)
+CVE-2001-0610
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0609 (Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier ...)
+CVE-2001-0609
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0608 (HP architected interface facility (AIF) as includes with MPE/iX 5.5 ...)
+CVE-2001-0608
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0607 (asecure as included with HP-UX 10.01 through 11.00 can allow a local ...)
+CVE-2001-0607
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0606 (Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with ...)
+CVE-2001-0606
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0605 (Headlight Software MyGetright prior to 1.0b allows a remote attacker ...)
+CVE-2001-0605
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0604 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0604
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0603 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0603
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0602 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0602
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0601 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0601
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0600 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0600
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0599 (Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier ...)
+CVE-2001-0599
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0598 (Symantec Ghost 6.5 and earlier allows a remote attacker to create a ...)
+CVE-2001-0598
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0597 (Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and ...)
+CVE-2001-0597
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0592 (Watchguard Firebox II prior to 4.6 allows a remote attacker to create ...)
+CVE-2001-0592
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0588 (sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO ...)
+CVE-2001-0588
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0587 (deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a ...)
+CVE-2001-0587
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0584 (IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to ...)
+CVE-2001-0584
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0583 (Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a ...)
+CVE-2001-0583
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0582 (Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local ...)
+CVE-2001-0582
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0581 (Spytech Spynet Chat Server 6.5 allows a remote attacker to create a ...)
+CVE-2001-0581
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0580 (Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote ...)
+CVE-2001-0580
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0579 (lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain ...)
+CVE-2001-0579
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0578 (Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a ...)
+CVE-2001-0578
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0577 (recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker ...)
+CVE-2001-0577
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0576 (lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a  ...)
+CVE-2001-0576
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0575 (Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local ...)
+CVE-2001-0575
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0572 (The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and ...)
+CVE-2001-0572
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0571 (Directory traversal vulnerability in the web server for (1) Elron ...)
+CVE-2001-0571
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0570 (minicom 1.83.1 and earlier allows a local attacker to gain additional ...)
+CVE-2001-0570
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0569 (Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the ...)
+CVE-2001-0569
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0568 (Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker ...)
+CVE-2001-0568
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0566 (Cisco Catalyst 2900XL switch allows a remote attacker to create a denial ...)
+CVE-2001-0566
 	NOT-FOR-US: Cisco
-CVE-2001-0562 (a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a ...)
+CVE-2001-0562
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0561 (Directory traversal vulnerability in Drummond Miles A1Stats prior to ...)
+CVE-2001-0561
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0557 (T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to ...)
+CVE-2001-0557
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0556 (The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker ...)
+CVE-2001-0556
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0555 (ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote ...)
+CVE-2001-0555
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0552 (ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli ...)
+CVE-2001-0552
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0551 (Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users ...)
+CVE-2001-0551
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0542 (Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers ...)
+CVE-2001-0542
 	NOT-FOR-US: Microsoft
 CVE-2001-0539
 	RESERVED
-CVE-2001-0535 (Example applications (Exampleapps) in ColdFusion Server 4.x do not ...)
+CVE-2001-0535
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0534 (Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b ...)
+CVE-2001-0534
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0532
 	RESERVED
 CVE-2001-0531
 	RESERVED
-CVE-2001-0524 (eEye SecureIIS versions 1.0.3 and earlier does not perform length ...)
+CVE-2001-0524
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0523 (eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to ...)
+CVE-2001-0523
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0521 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...)
+CVE-2001-0521
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0520 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...)
+CVE-2001-0520
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0519 (Aladdin eSafe Gateway versions 2.x allows a remote attacker to ...)
+CVE-2001-0519
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0516 (Oracle listener between Oracle 9i and Oracle 8.0 allows remote ...)
+CVE-2001-0516
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0515 (Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause ...)
+CVE-2001-0515
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0509 (Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 ...)
+CVE-2001-0509
 	NOT-FOR-US: Microsoft
-CVE-2001-0505 (Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote ...)
+CVE-2001-0505
 	NOT-FOR-US: Microsoft
-CVE-2001-0499 (Buffer overflow in Transparent Network Substrate (TNS) Listener in ...)
+CVE-2001-0499
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0498 (Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i ...)
+CVE-2001-0498
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0496 (kdesu in kdelibs package creates world readable temporary files ...)
+CVE-2001-0496
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0492 (Netcruiser Web server version 0.1.2.8 and earlier allows remote ...)
+CVE-2001-0492
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0491 (Directory traversal vulnerability in RaidenFTPD Server 2.1 before ...)
+CVE-2001-0491
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0490 (Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute ...)
+CVE-2001-0490
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0484 (Tektronix PhaserLink 850 does not require authentication for access to ...)
+CVE-2001-0484
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0483 (Configuration error in Axent Raptor Firewall 6.5 allows remote ...)
+CVE-2001-0483
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0480 (Directory traversal vulnerability in Alex's FTP Server 0.7 allows ...)
+CVE-2001-0480
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0479 (Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier ...)
+CVE-2001-0479
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0478 (Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier ...)
+CVE-2001-0478
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0477 (Vulnerability in WebCalendar 0.9.26 allows remote command execution. ...)
+CVE-2001-0477
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0476 (Multiple buffer overflows in s.cgi program in Aspseek search engine ...)
+CVE-2001-0476
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0472 (Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) ...)
+CVE-2001-0472
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0471 (SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not ...)
+CVE-2001-0471
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0470 (Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local ...)
+CVE-2001-0470
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0468 (Buffer overflow in FTPFS allows local users to gain root privileges ...)
+CVE-2001-0468
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0466 (Directory traversal vulnerability in ustorekeeper 1.61 allows remote ...)
+CVE-2001-0466
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0464 (Buffer overflow in websync.exe in Cyberscheduler allows remote ...)
+CVE-2001-0464
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0460 (Websweeper 4.0 does not limit the length of certain HTTP headers, ...)
+CVE-2001-0460
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0459 (Buffer overflows in ascdc Afterstep while running setuid allows local ...)
+CVE-2001-0459
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0458 (Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and ...)
+CVE-2001-0458
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0454 (Directory traversal vulnerability in SlimServe HTTPd 1.1a allows ...)
+CVE-2001-0454
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0453 (Directory traversal vulnerability in BRS WebWeaver HTTP server ...)
+CVE-2001-0453
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0452 (BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to ...)
+CVE-2001-0452
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0451 (INDEXU 2.0 beta and earlier allows remote attackers to bypass ...)
+CVE-2001-0451
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0450 (Directory traversal vulnerability in Transsoft FTP Broker before 5.5 ...)
+CVE-2001-0450
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0448 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...)
+CVE-2001-0448
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0447 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...)
+CVE-2001-0447
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0446 (IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 ...)
+CVE-2001-0446
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0443 (Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote ...)
+CVE-2001-0443
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0441 (Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn ...)
+CVE-2001-0441
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0438 (Preview version of Timbuktu for Mac OS X allows local users to modify ...)
+CVE-2001-0438
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0437 (upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload ...)
+CVE-2001-0437
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0436 (dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute ...)
+CVE-2001-0436
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0435 (The split key mechanism used by PGP 7.0 allows a key share holder to ...)
+CVE-2001-0435
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0433 (Buffer overflow in Savant 3.0 web server allows remote attackers to ...)
+CVE-2001-0433
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0432 (Buffer overflows in various CGI programs in the remote administration ...)
+CVE-2001-0432
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0431 (Vulnerability in iPlanet Web Server Enterprise Edition 4.x. ...)
+CVE-2001-0431
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0426 (Buffer overflow in dtsession on Solaris, and possibly other operating ...)
+CVE-2001-0426
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0425 (AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain ...)
+CVE-2001-0425
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0424 (BubbleMon 1.31 does not properly drop group privileges before ...)
+CVE-2001-0424
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0421 (FTP server in Solaris 8 and earlier allows local and remote attackers ...)
+CVE-2001-0421
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0420 (Directory traversal vulnerability in talkback.cgi program allows ...)
+CVE-2001-0420
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0419 (Buffer overflow in shared library ndwfn4.so for iPlanet Web Server ...)
+CVE-2001-0419
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0418 (content.pl script in NCM Content Management System allows remote ...)
+CVE-2001-0418
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0417 (Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files ...)
+CVE-2001-0417
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0415 (REDIPlus program, REDI.exe, stores passwords and user names in ...)
+CVE-2001-0415
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0411 (Reliant Unix 5.44 and earlier allows remote attackers to cause a ...)
+CVE-2001-0411
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0410 (Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote ...)
+CVE-2001-0410
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0406 (Samba before 2.2.0 allows local attackers to overwrite arbitrary files ...)
+CVE-2001-0406
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0404 (Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) ...)
+CVE-2001-0404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0403 (/opt/JSparm/bin/perfmon program in Solaris allows local users to ...)
+CVE-2001-0403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0401 (Buffer overflow in tip in Solaris 8 and earlier allows local users to ...)
+CVE-2001-0401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0400 (nph-maillist.pl allows remote attackers to execute arbitrary commands ...)
+CVE-2001-0400
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0399 (Caucho Resin 1.3b1 and earlier allows remote attackers to read source ...)
+CVE-2001-0399
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0398 (The BAT! mail client allows remote attackers to bypass user warnings ...)
+CVE-2001-0398
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0397 (Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote ...)
+CVE-2001-0397
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0396 (The pre-login mode in the System Administrator interface of Lightwave ...)
+CVE-2001-0396
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0395 (Lightwave ConsoleServer 3200 does not disconnect users after ...)
+CVE-2001-0395
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0393 (Navision Financials Server 2.0 allows remote attackers to cause a ...)
+CVE-2001-0393
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0392 (Navision Financials Server 2.60 and earlier allows remote attackers to ...)
+CVE-2001-0392
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0391 (Xitami 2.5d4 and earlier allows remote attackers to crash the server ...)
+CVE-2001-0391
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0390 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a ...)
+CVE-2001-0390
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0389 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine ...)
+CVE-2001-0389
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0385 (GoAhead webserver 2.1 allows remote attackers to cause a denial of ...)
+CVE-2001-0385
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0384 (ppd in Reliant Sinix allows local users to corrupt arbitrary files via ...)
+CVE-2001-0384
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0382 (Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak ...)
+CVE-2001-0382
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0381 (The OpenPGP PGP standard allows an attacker to determine the private ...)
+CVE-2001-0381
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0380 (Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 ...)
+CVE-2001-0380
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0376 (SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC ...)
+CVE-2001-0376
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0374 (The HTTP server in Compaq web-enabled management software for (1) ...)
+CVE-2001-0374
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0372 (Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a ...)
+CVE-2001-0372
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0370 (fcheck prior to 2.57.59 calls the file signature checking program ...)
+CVE-2001-0370
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0369 (Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a ...)
+CVE-2001-0369
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0367 (Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote ...)
+CVE-2001-0367
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0360 (Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and ...)
+CVE-2001-0360
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0359 (Format string vulnerability in Sierra Half-Life build 1573 and earlier ...)
+CVE-2001-0359
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0358 (Buffer overflows in Sierra Half-Life build 1573 and earlier allow ...)
+CVE-2001-0358
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0357 (FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to ...)
+CVE-2001-0357
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0355 (Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access ...)
+CVE-2001-0355
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0354 (TheNet CheckBO 1.56 allows remote attackers to cause a denial of ...)
+CVE-2001-0354
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0352 (SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point ...)
+CVE-2001-0352
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0350 (Microsoft Windows 2000 telnet service creates named pipes with ...)
+CVE-2001-0350
 	NOT-FOR-US: Microsoft
-CVE-2001-0349 (Microsoft Windows 2000 telnet service creates named pipes with ...)
+CVE-2001-0349
 	NOT-FOR-US: Microsoft
 CVE-2001-0343
 	RESERVED
 CVE-2001-0342
 	RESERVED
-CVE-2001-0337 (The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier ...)
+CVE-2001-0337
 	NOT-FOR-US: Microsoft
-CVE-2001-0332 (Internet Explorer 5.5 and earlier does not properly verify the domain ...)
+CVE-2001-0332
 	NOT-FOR-US: Microsoft
-CVE-2001-0329 (Bugzilla 2.10 allows remote attackers to execute arbitrary commands ...)
+CVE-2001-0329
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0328 (TCP implementations that use random increments for initial sequence ...)
+CVE-2001-0328
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0325 (Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a ...)
+CVE-2001-0325
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0324 (Windows 98 and Windows 2000 Java clients allow remote attackers to ...)
+CVE-2001-0324
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0323 (The ICMP path MTU (PMTU) discovery feature in various UNIX systems ...)
+CVE-2001-0323
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0322 (MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, ...)
+CVE-2001-0322
 	NOT-FOR-US: Microsoft
-CVE-2001-0320 (bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote ...)
+CVE-2001-0320
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0315 (The locking feature in mIRC 5.7 allows local users to bypass the ...)
+CVE-2001-0315
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0314 (Buffer overflow in www.tol module in America Online (AOL) 5.0 may ...)
+CVE-2001-0314
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0313 (Borderware Firewall Server 6.1.2 allows remote attackers to cause a ...)
+CVE-2001-0313
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0312 (IBM WebSphere plugin for Netscape Enterprise server allows remote ...)
+CVE-2001-0312
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0308 (UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions ...)
+CVE-2001-0308
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0307 (Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote ...)
+CVE-2001-0307
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0306 (Directory traversal vulnerability in ITAfrica WEBactive HTTP Server ...)
+CVE-2001-0306
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0305 (Directory traversal vulnerability in store.cgi in Thinking Arts ES.One ...)
+CVE-2001-0305
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0304 (Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote ...)
+CVE-2001-0304
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0303 (tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to ...)
+CVE-2001-0303
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0302 (Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows ...)
+CVE-2001-0302
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0300 (oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory ...)
+CVE-2001-0300
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0298 (Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to ...)
+CVE-2001-0298
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0297 (Directory traversal vulnerability in Simple Server HTTPd 1.0 ...)
+CVE-2001-0297
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0296 (Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute ...)
+CVE-2001-0296
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0294 (Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows ...)
+CVE-2001-0294
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0293 (Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows ...)
+CVE-2001-0293
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0292 (PHP-Nuke 4.4.1a allows remote attackers to modify a user's email ...)
+CVE-2001-0292
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0291 (Buffer overflow in post-query sample CGI program allows remote ...)
+CVE-2001-0291
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0286 (Directory traversal vulnerability in A1 HTTP server 1.0a allows remote ...)
+CVE-2001-0286
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0285 (Buffer overflow in A1 HTTP server 1.0a allows remote attackers to ...)
+CVE-2001-0285
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0283 (Directory traversal vulnerability in SunFTP build 9 allows remote ...)
+CVE-2001-0283
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0282 (SEDUM 2.1 HTTP server allows remote attackers to cause a denial of ...)
+CVE-2001-0282
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0281 (Format string vulnerability in DbgPrint function, used in debug ...)
+CVE-2001-0281
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0277 (Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows ...)
+CVE-2001-0277
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0275 (Moby Netsuite Web Server 1.02 allows remote attackers to cause a ...)
+CVE-2001-0275
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0273 (pgp4pine Pine/PGP interface version 1.75-6 does not properly check to ...)
+CVE-2001-0273
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0272 (Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web ...)
+CVE-2001-0272
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0271 (mailnews.cgi 1.3 and earlier allows remote attackers to execute ...)
+CVE-2001-0271
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0270 (Marconi ASX-1000 ASX switches allow remote attackers to cause a denial ...)
+CVE-2001-0270
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0264 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote ...)
+CVE-2001-0264
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0263 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to ...)
+CVE-2001-0263
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0262 (Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers ...)
+CVE-2001-0262
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0261 (Microsoft Windows 2000 Encrypted File System does not properly destroy ...)
+CVE-2001-0261
 	NOT-FOR-US: Microsoft
-CVE-2001-0258 (The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server ...)
+CVE-2001-0258
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0257 (Buffer overflow in Easycom/Safecom Print Server Web service, version ...)
+CVE-2001-0257
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0256 (FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of ...)
+CVE-2001-0256
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0255 (FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary ...)
+CVE-2001-0255
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0254 (FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real ...)
+CVE-2001-0254
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0253 (Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek ...)
+CVE-2001-0253
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0251 (The Web Publishing feature in Netscape Enterprise Server 3.x allows ...)
+CVE-2001-0251
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0250 (The Web Publishing feature in Netscape Enterprise Server 4.x and ...)
+CVE-2001-0250
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0249 (Heap overflow in FTP daemon in Solaris 8 allows remote attackers to ...)
+CVE-2001-0249
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0248 (Buffer overflow in FTP server in HPUX 11 allows remote attackers to ...)
+CVE-2001-0248
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0247 (Buffer overflows in BSD-based FTP servers allows remote attackers to ...)
+CVE-2001-0247
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0246 (Internet Explorer 5.5 and earlier does not properly verify the domain ...)
+CVE-2001-0246
 	NOT-FOR-US: Microsoft
-CVE-2001-0242 (Buffer overflows in Microsoft Windows Media Player 7 and earlier allow ...)
+CVE-2001-0242
 	NOT-FOR-US: Microsoft
-CVE-2001-0232 (newsdesk.cgi in News Desk 1.2 allows remote attackers to read ...)
+CVE-2001-0232
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0231 (Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows ...)
+CVE-2001-0231
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0229 (Chili!Soft ASP for Linux before 3.6 does not properly set group ...)
+CVE-2001-0229
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0228 (Directory traversal vulnerability in GoAhead web server 2.1 and ...)
+CVE-2001-0228
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0227 (Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to ...)
+CVE-2001-0227
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0226 (Directory traversal vulnerability in BiblioWeb web server 2.0 allows ...)
+CVE-2001-0226
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0225 (fortran math component in Infobot 0.44.5.3 and earlier allows remote ...)
+CVE-2001-0225
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0224 (Muscat Empower CGI program allows remote attackers to obtain the ...)
+CVE-2001-0224
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0223 (Buffer overflow in wwwwais allows remote attackers to execute ...)
+CVE-2001-0223
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0220 (Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local ...)
+CVE-2001-0220
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0217 (Directory traversal vulnerability in PALS Library System pals-cgi ...)
+CVE-2001-0217
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0216 (PALS Library System pals-cgi program allows remote attackers to ...)
+CVE-2001-0216
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0214 (Way-board CGI program allows remote attackers to read arbitrary files ...)
+CVE-2001-0214
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0213 (Buffer overflow in pi program in PlanetIntra 2.5 allows remote ...)
+CVE-2001-0213
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0212 (Directory traversal vulnerability in HIS Auktion 1.62 allows remote ...)
+CVE-2001-0212
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0211 (Directory traversal vulnerability in WebSPIRS 3.1 allows remote ...)
+CVE-2001-0211
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0210 (Directory traversal vulnerability in commerce.cgi CGI program allows ...)
+CVE-2001-0210
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0209 (Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) ...)
+CVE-2001-0209
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0208 (MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the ...)
+CVE-2001-0208
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0206 (Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows ...)
+CVE-2001-0206
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0205 (Directory traversal vulnerability in AOLserver 3.2 and earlier allows ...)
+CVE-2001-0205
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0202 (Picserver web server allows remote attackers to read arbitrary files ...)
+CVE-2001-0202
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0201 (The Postaci frontend for PostgreSQL does not properly filter ...)
+CVE-2001-0201
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0200 (HSWeb 2.0 HTTP server allows remote attackers to obtain the physical ...)
+CVE-2001-0200
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0199 (Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows ...)
+CVE-2001-0199
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0198 (Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows ...)
+CVE-2001-0198
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0192 (Buffer overflows in CTRLServer in XMail allows attackers to execute ...)
+CVE-2001-0192
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0188 (GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to ...)
+CVE-2001-0188
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0186 (Directory traversal vulnerability in Free Java Web Server 1.0 allows ...)
+CVE-2001-0186
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0184 (eEye Iris 1.01 beta allows remote attackers to cause a denial of ...)
+CVE-2001-0184
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0181 (Format string vulnerability in the error logging code of DHCP server ...)
+CVE-2001-0181
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0180 (Lars Ellingsen guestserver.cgi allows remote attackers to execute ...)
+CVE-2001-0180
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0177 (WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a ...)
+CVE-2001-0177
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0173 (Buffer overflow in qDecoder library 5.08 and earlier, as used in ...)
+CVE-2001-0173
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0172 (Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to ...)
+CVE-2001-0172
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to ...)
+CVE-2001-0171
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0168 (Buffer overflow in AT&amp;T WinVNC (Virtual Network Computing) server ...)
+CVE-2001-0168
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0167 (Buffer overflow in AT&amp;T WinVNC (Virtual Network Computing) client ...)
+CVE-2001-0167
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0163 (Cisco AP340 base station produces predictable TCP Initial Sequence ...)
+CVE-2001-0163
 	NOT-FOR-US: Cisco
-CVE-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers ...)
+CVE-2001-0162
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does not ...)
+CVE-2001-0161
 	NOT-FOR-US: Cisco
-CVE-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization ...)
+CVE-2001-0160
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0159
 	RESERVED
 CVE-2001-0158
 	RESERVED
-CVE-2001-0146 (IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a ...)
+CVE-2001-0146
 	NOT-FOR-US: Microsoft
-CVE-2001-0145 (Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook ...)
+CVE-2001-0145
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0135 (The default installation of Ultraboard 2000 2.11 creates the Skins, ...)
+CVE-2001-0135
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0134 (Buffer overflow in cpqlogin.htm in web-enabled agents for various ...)
+CVE-2001-0134
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0133 (The web administration interface for Interscan VirusWall 3.6.x and ...)
+CVE-2001-0133
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0132 (Interscan VirusWall 3.6.x and earlier follows symbolic links when ...)
+CVE-2001-0132
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0131 (htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local ...)
+CVE-2001-0131
 	{DSA-195 DSA-188 DSA-187}
 	- apache-perl 1.3.26-1.1-1.27-3-1
 	- apache 1.3.27-1
-CVE-2001-0127 (Buffer overflow in Olivier Debon Flash plugin (not the Macromedia ...)
+CVE-2001-0127
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0114 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite ...)
+CVE-2001-0114
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0113 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute ...)
+CVE-2001-0113
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0112 (Multiple buffer overflows in splitvt before 1.6.5 allow local users ...)
+CVE-2001-0112
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0107 (Veritas Backup agent on Linux allows remote attackers to cause a denial of ...)
+CVE-2001-0107
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0104 (MDaemon Pro 3.5.1 and earlier allows local users to bypass the &quot;lock ...)
+CVE-2001-0104
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0103 (CoffeeCup Direct and Free FTP clients uses weak encryption to store ...)
+CVE-2001-0103
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0102 (&quot;Multiple Users&quot; Control Panel in Mac OS 9 allows Normal users to gain ...)
+CVE-2001-0102
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0101 (Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE ...)
+CVE-2001-0101
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0098 (Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote ...)
+CVE-2001-0098
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0097 (The Web interface for Infinite Interchange 3.6.1 allows remote ...)
+CVE-2001-0097
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0093 (Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain ...)
+CVE-2001-0093
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0088 (common.inc.php in phpWebLog 0.4.2 does not properly initialize the ...)
+CVE-2001-0088
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0087 (itetris/xitetris 1.6.2 and earlier trusts the PATH environmental ...)
+CVE-2001-0087
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0086 (CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote ...)
+CVE-2001-0086
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0084 (GTK+ library allows local users to specify arbitrary modules via the ...)
+CVE-2001-0084
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0082 (Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows ...)
+CVE-2001-0082
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0079 (Support Tools Manager (STM) A.22.00 for HP-UX allows local users to ...)
+CVE-2001-0079
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0076 (register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers ...)
+CVE-2001-0076
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0075 (Directory traversal vulnerability in main.cgi in Technote allows ...)
+CVE-2001-0075
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0074 (Directory traversal vulnerability in print.cgi in Technote allows ...)
+CVE-2001-0074
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0073 (Buffer overflow in the find_default_type function in libsecure in NSA ...)
+CVE-2001-0073
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0070 (Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to ...)
+CVE-2001-0070
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0068 (Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use ...)
+CVE-2001-0068
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0067 (The installation of J-Pilot creates the .jpilot directory with the ...)
+CVE-2001-0067
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0065 (Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a ...)
+CVE-2001-0065
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0064 (Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier ...)
+CVE-2001-0064
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0052 (IBM DB2 Universal Database version 6.1 allows users to cause a denial ...)
+CVE-2001-0052
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0051 (IBM DB2 Universal Database version 6.1 creates an account with a ...)
+CVE-2001-0051
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0049 (WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to ...)
+CVE-2001-0049
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0048 (The &quot;Configure Your Server&quot; tool in Microsoft 2000 domain controllers ...)
+CVE-2001-0048
 	NOT-FOR-US: Microsoft
-CVE-2001-0047 (The default permissions for the MTS Package Administration registry ...)
+CVE-2001-0047
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0046 (The default permissions for the SNMP Parameters registry key in ...)
+CVE-2001-0046
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0045 (The default permissions for the RAS Administration key in Windows NT ...)
+CVE-2001-0045
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0044 (Multiple buffer overflows in Lexmark MarkVision printer driver ...)
+CVE-2001-0044
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0038 (Offline Explorer 1.4 before Service Release 2 allows remote attackers ...)
+CVE-2001-0038
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0037 (Directory traversal vulnerability in HomeSeer before 1.4.29 allows ...)
+CVE-2001-0037
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0032 (Format string vulnerability in ssldump possibly allows remote ...)
+CVE-2001-0032
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0031 (BroadVision One-To-One Enterprise allows remote attackers to determine ...)
+CVE-2001-0031
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0030 (FoolProof 3.9 allows local users to bypass program execution ...)
+CVE-2001-0030
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0029 (Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other ...)
+CVE-2001-0029
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0027 (mod_sqlpw module in ProFTPD does not reset a cached password when a ...)
+CVE-2001-0027
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0025 (ad.cgi CGI program by Leif Wright allows remote attackers to execute ...)
+CVE-2001-0025
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0024 (simplestmail.cgi CGI program by Leif Wright allows remote attackers to ...)
+CVE-2001-0024
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0023 (everythingform.cgi CGI program by Leif Wright allows remote attackers to ...)
+CVE-2001-0023
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0022 (simplestguest.cgi CGI program by Leif Wright allows remote attackers to ...)
+CVE-2001-0022
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0019 (Arrowpoint (aka Cisco Content Services, or CSS) allows local users to ...)
+CVE-2001-0019
 	NOT-FOR-US: Cisco
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index 3d28749420..6af08a4d2c 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -1,8 +1,8 @@
 CVE-2002-2447
 	RESERVED
-CVE-2002-2446 (GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of ...)
+CVE-2002-2446
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2445 (GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password ...)
+CVE-2002-2445
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2483
 	- linux-2.6 2.4.20
@@ -11,7 +11,7 @@ CVE-2002-2444 [snoopy: Security hole in exec cURL]
 	- libphp-snoopy <not-affected> (affected version never was in the repo)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/18/2
 	NOTE: http://sourceforge.net/p/snoopy/bugs/13/
-CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...)
+CVE-2002-2443
 	{DSA-2701-1}
 	- krb5 1.10.1+dfsg-6 (bug #708267)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
@@ -44,648 +44,648 @@ CVE-2002-2439
 CVE-2002-2438
 	RESERVED
 	NOT-FOR-US: ancient linux 2.4 issue
-CVE-2002-2437 (The JavaScript implementation in Mozilla Firefox before 4.0, ...)
+CVE-2002-2437
 	- iceweasel 4.0-1 (unimportant)
-CVE-2002-2436 (The Cascading Style Sheets (CSS) implementation in Mozilla Firefox ...)
+CVE-2002-2436
 	- iceweasel 4.0-1 (unimportant)
-CVE-2002-2435 (The Cascading Style Sheets (CSS) implementation in Microsoft Internet ...)
+CVE-2002-2435
 	NOT-FOR-US: Internet Explorer
-CVE-2002-2434 (NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not ...)
+CVE-2002-2434
 	NOT-FOR-US: Novell NetWare
-CVE-2002-2433 (NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows ...)
+CVE-2002-2433
 	NOT-FOR-US: Novell NetWare
-CVE-2002-2432 (Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server ...)
+CVE-2002-2432
 	NOT-FOR-US: Novell NetWare
-CVE-2002-2431 (Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows ...)
+CVE-2002-2431
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2430 (GoAhead WebServer before 2.1.1 allows remote attackers to cause a ...)
+CVE-2002-2430
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2429 (webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to ...)
+CVE-2002-2429
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2428 (webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to ...)
+CVE-2002-2428
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2427 (The security handler in GoAhead WebServer before 2.1.1 allows remote ...)
+CVE-2002-2427
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2426 (Cross-site request forgery (CSRF) vulnerability in Citrix Presentation ...)
+CVE-2002-2426
 	NOT-FOR-US: predating security tracker
-CVE-2002-2425 (Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute ...)
+CVE-2002-2425
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2424 (Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 ...)
+CVE-2002-2424
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2423 (Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 ...)
+CVE-2002-2423
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2422 (Cross-site scripting (XSS) vulnerability in Compaq Insight Management ...)
+CVE-2002-2422
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2421 (acWEB 1.14 allows remote attackers to cause a denial of service ...)
+CVE-2002-2421
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2420 (site_searcher.cgi in Super Site Searcher allows remote attackers to ...)
+CVE-2002-2420
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2419 (Direct connect text client (DCTC) client 0.83.3 allows remote ...)
+CVE-2002-2419
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2418 (Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) ...)
+CVE-2002-2418
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2417 (acFTP 1.4 does not properly handle when an invalid password is ...)
+CVE-2002-2417
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2416 (Directory traversal vulnerability in Zeroo web server 1.5 allows ...)
+CVE-2002-2416
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2415 (Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote ...)
+CVE-2002-2415
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2414 (Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not ...)
+CVE-2002-2414
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2413 (WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script ...)
+CVE-2002-2413
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2412 (Winamp 2.80 stores authentication credentials in plaintext in the (1) ...)
+CVE-2002-2412
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2411 (Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers ...)
+CVE-2002-2411
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2410 (openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive ...)
+CVE-2002-2410
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2409 (Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 ...)
+CVE-2002-2409
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2408 (Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters ...)
+CVE-2002-2408
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2407 (Certain patches for QNX Neutrino realtime operating system (RTOS) ...)
+CVE-2002-2407
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2406 (Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 ...)
+CVE-2002-2406
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2405 (Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth ...)
+CVE-2002-2405
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2404 (Buffer overflow in IISPop email server 1.161 and 1.181 allows remote ...)
+CVE-2002-2404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2403 (Directory traversal vulnerability in KeyFocus web server 1.0.8 allows ...)
+CVE-2002-2403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2402 (SURECOM broadband router EP-4501 uses a default SNMP read community ...)
+CVE-2002-2402
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2401 (NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not ...)
+CVE-2002-2401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2400 (Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 ...)
+CVE-2002-2400
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2399 (Directory traversal vulnerability in viewAttachment.cgi in W3Mail ...)
+CVE-2002-2399
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2398 (The new thread posting page in APBoard 2.02 and 2.03 allows remote ...)
+CVE-2002-2398
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2397 (Sygate personal firewall 5.0 could allow remote attackers to bypass ...)
+CVE-2002-2397
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2396 (Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed ...)
+CVE-2002-2396
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2395 (InterScan VirusWall 3.52 for Windows allows remote attackers to bypass ...)
+CVE-2002-2395
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2394 (InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote ...)
+CVE-2002-2394
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2393 (Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections ...)
+CVE-2002-2393
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2392 (Winamp 2.65 through 3.0 stores skin files in a predictable file ...)
+CVE-2002-2392
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2391 (SQL injection vulnerability in index.php of WebChat 1.5 included in ...)
+CVE-2002-2391
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2390 (Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, ...)
+CVE-2002-2390
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2389 (TheServer 1.74 web server stores server.ini under the web document ...)
+CVE-2002-2389
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2388 (Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers ...)
+CVE-2002-2388
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2387 (Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows ...)
+CVE-2002-2387
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2386 (Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS ...)
+CVE-2002-2386
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2385 (Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers ...)
+CVE-2002-2385
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2384 (hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in ...)
+CVE-2002-2384
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2383 (SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote ...)
+CVE-2002-2383
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2382 (cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files ...)
+CVE-2002-2382
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2381 (Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add ...)
+CVE-2002-2381
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2380 (NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows ...)
+CVE-2002-2380
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2379 (** DISPUTED ** ...)
+CVE-2002-2379
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2378 (Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows ...)
+CVE-2002-2378
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2377 (Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 ...)
+CVE-2002-2377
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2376 (Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest ...)
+CVE-2002-2376
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2375 (Directory traversal vulnerability in CommuniGate Pro 4.0b4 and ...)
+CVE-2002-2375
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2374 (Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown ...)
+CVE-2002-2374
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2373 (The default configuration of the TCP/IP printer configuration utility ...)
+CVE-2002-2373
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2372 (The telnet server in Infoprint 21 running controller software before ...)
+CVE-2002-2372
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2371 (Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause ...)
+CVE-2002-2371
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2370 (SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause ...)
+CVE-2002-2370
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2369 (Perception LiteServe 2.0 allows remote attackers to read password ...)
+CVE-2002-2369
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2368 (Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow ...)
+CVE-2002-2368
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2367 (Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows ...)
+CVE-2002-2367
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2366 (Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 ...)
+CVE-2002-2366
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2365 (Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary ...)
+CVE-2002-2365
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2364 (Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier ...)
+CVE-2002-2364
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2363 (VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow ...)
+CVE-2002-2363
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2362 (Cross-site scripting (XSS) vulnerability in form_header.php in ...)
+CVE-2002-2362
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2361 (The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify ...)
+CVE-2002-2361
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2360 (The RPC module in Webmin 0.21 through 0.99, when installed without ...)
+CVE-2002-2360
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2359 (Cross-site scripting (XSS) vulnerability in the FTP view feature in ...)
+CVE-2002-2359
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2358 (Cross-site scripting (XSS) vulnerability in the FTP view feature in ...)
+CVE-2002-2358
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2357 (MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a ...)
+CVE-2002-2357
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2356 (HAMweather 2.x allows remote attackers to modify administrative ...)
+CVE-2002-2356
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2355 (Netgear FM114P firmware 1.3 wireless firewall, when configured to ...)
+CVE-2002-2355
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2354 (Netgear FM114P firmware 1.3 wireless firewall allows remote attackers ...)
+CVE-2002-2354
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2353 (tftpd32 2.50 and 2.50.2 allows remote attackers to read or write ...)
+CVE-2002-2353
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2352 (The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers ...)
+CVE-2002-2352
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2351 (Eudora 5.1 allows remote attackers to bypass security warnings and ...)
+CVE-2002-2351
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2350 (Cross-site scripting (XSS) vulnerability in z_user_show.php in ...)
+CVE-2002-2350
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2349 (phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which ...)
+CVE-2002-2349
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2348 (Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR ...)
+CVE-2002-2348
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2347 (Cross-site scripting (XSS) vulnerability in Oracle Java Server Page ...)
+CVE-2002-2347
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2346 (phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with ...)
+CVE-2002-2346
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2345 (Oracle 9i Application Server 9.0.2 stores the web cache administrator ...)
+CVE-2002-2345
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2344 (Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail ...)
+CVE-2002-2344
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2343 (Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 ...)
+CVE-2002-2343
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2342 (Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ...)
+CVE-2002-2342
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2341 (Cross-site scripting (XSS) vulnerability in content blocking in ...)
+CVE-2002-2341
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2340 (Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a ...)
+CVE-2002-2340
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2339 (Cross-site scripting (XSS) vulnerability in configure.asp in ...)
+CVE-2002-2339
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2338 (The POP3 mail client in Mozilla 1.0 and earlier, and Netscape ...)
+CVE-2002-2338
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2337 (Kaspersky Anti-Hacker 1.0, when configured to automatically block ...)
+CVE-2002-2337
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2336 (Norton Personal Firewall 2002 4.0, when configured to automatically ...)
+CVE-2002-2336
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2335 (Killer Protection 1.0 stores the vars.inc include file under the web ...)
+CVE-2002-2335
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2334 (Joe text editor 2.8 through 2.9.7 does not remove the group and user ...)
+CVE-2002-2334
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2333 (Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows ...)
+CVE-2002-2333
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2332 (Buffer overflow in Opera 6.01 allows remote attackers to cause a ...)
+CVE-2002-2332
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2331 (W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in ...)
+CVE-2002-2331
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2330 (Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 ...)
+CVE-2002-2330
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2329 (ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a ...)
+CVE-2002-2329
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2328 (Active Directory in Windows 2000, when supporting Kerberos V ...)
+CVE-2002-2328
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2327 (Unspecified vulnerability in the environmental monitoring subsystem in ...)
+CVE-2002-2327
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2326 (The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 ...)
+CVE-2002-2326
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2325 (The c-client library in Internet Message Access Protocol (IMAP) dated ...)
+CVE-2002-2325
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2324 (The &quot;System Restore&quot; directory and subdirectories, and possibly other ...)
+CVE-2002-2324
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2323 (Sun PC NetLink 1.0 through 1.2 does not properly set the access ...)
+CVE-2002-2323
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2322 (Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the ...)
+CVE-2002-2322
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2321 (Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) ...)
+CVE-2002-2321
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2320 (MySimpleNews 1.0 allows remote attackers to delete arbitrary email ...)
+CVE-2002-2320
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2319 (Static code injection vulnerability in users.php in MySimpleNews ...)
+CVE-2002-2319
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2318 (Cross-site scripting (XSS) vulnerability in Falcon web server ...)
+CVE-2002-2318
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2317 (Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in ...)
+CVE-2002-2317
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2316 (Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and ...)
+CVE-2002-2316
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2315 (Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect ...)
+CVE-2002-2315
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2314 (Mozilla 1.0 allows remote attackers to steal cookies from other ...)
+CVE-2002-2314
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2313 (Eudora email client 5.1.1, with &quot;use Microsoft viewer&quot; enabled, allows ...)
+CVE-2002-2313
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2312 (Opera 6.0.1 allows remote attackers to upload arbitrary file contents ...)
+CVE-2002-2312
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2311 (Microsoft Internet Explorer 6.0 and possibly others allows remote ...)
+CVE-2002-2311
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2310 (ClickCartPro 4.0 stores the admin_user.db data file under the web ...)
+CVE-2002-2310
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2309 (php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not ...)
+CVE-2002-2309
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2308 (Netscape Communicator 6.2.1 allows remote attackers to cause a denial ...)
+CVE-2002-2308
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2307 (The default configuration of BenHur Firewall release 3 update 066 fix ...)
+CVE-2002-2307
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2306 (Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to ...)
+CVE-2002-2306
 	NOT-FOR-US: KaZaA Media Desktop
-CVE-2002-2305 (SQL injection vulnerability in agentadmin.php in Immobilier allows ...)
+CVE-2002-2305
 	NOT-FOR-US: Immobilier
-CVE-2002-2304 (SQL injection vulnerability in admin/auth/checksession.php in ...)
+CVE-2002-2304
 	NOT-FOR-US: MyPHPLinks
-CVE-2002-2303 (3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for ...)
+CVE-2002-2303
 	NOT-FOR-US: ShopFactory
-CVE-2002-2302 (3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify ...)
+CVE-2002-2302
 	NOT-FOR-US: ShopFactory
-CVE-2002-2301 (Lawson Financials 8.0, when configured to use a third party relational ...)
+CVE-2002-2301
 	NOT-FOR-US: Lawson Financials
-CVE-2002-2300 (Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com ...)
+CVE-2002-2300
 	NOT-FOR-US: 3Com NBX ftpd
-CVE-2002-2299 (PHP remote file inclusion vulnerability in thatfile.php in Thatware ...)
+CVE-2002-2299
 	NOT-FOR-US: Thatware
-CVE-2002-2298 (PHP remote file inclusion vulnerability in config.php in Thatware 0.3 ...)
+CVE-2002-2298
 	NOT-FOR-US: Thatware
-CVE-2002-2297 (PHP remote file inclusion vulnerability in artlist.php in Thatware ...)
+CVE-2002-2297
 	NOT-FOR-US: Thatware
-CVE-2002-2296 (Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another ...)
+CVE-2002-2296
 	NOT-FOR-US: YABB
-CVE-2002-2295 (Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 ...)
+CVE-2002-2295
 	NOT-FOR-US: Pico Server
-CVE-2002-2294 (Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, ...)
+CVE-2002-2294
 	NOT-FOR-US: Symantec Raptor
-CVE-2002-2293 (Webshots Desktop screensaver allows local users to bypass the password ...)
+CVE-2002-2293
 	NOT-FOR-US: Webshots Desktop screensaver
-CVE-2002-2292 (Directory traversal vulnerability in Remote Console Applet in Halycon ...)
+CVE-2002-2292
 	NOT-FOR-US: Remote Console Applet in Halycon
-CVE-2002-2291 (Calisto Internet Talker 0.04 and earlier allows remote attackers to ...)
+CVE-2002-2291
 	NOT-FOR-US: Calisto Internet Talker
-CVE-2002-2290 (Mambo Site Server 4.0.11 installs with a default username and password ...)
+CVE-2002-2290
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2289 (soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows ...)
+CVE-2002-2289
 	NOT-FOR-US: BadBlue
-CVE-2002-2288 (Mambo Site Server 4.0.11 allows remote attackers to obtain the ...)
+CVE-2002-2288
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2287 (PHP remote file inclusion vulnerability in quick_reply.php for phpBB ...)
+CVE-2002-2287
 	NOT-FOR-US: phpBB Advanced Quick Reply Hack
-CVE-2002-2286 (The parse-get function in utils.c for apt-www-proxy 0.1 allows remote ...)
+CVE-2002-2286
 	NOT-FOR-US: apt-www-proxy
-CVE-2002-2285 (eTrust InoculateIT 6.0 with the &quot;Incremental Scan&quot; option enabled may ...)
+CVE-2002-2285
 	NOT-FOR-US: eTrust
-CVE-2002-2284 (Netscape Communicator 4.0 through 4.79 allows remote attackers to ...)
+CVE-2002-2284
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2283 (Microsoft Windows XP with Fast User Switching (FUS) enabled does not ...)
+CVE-2002-2283
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2002-2282 (McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, ...)
+CVE-2002-2282
 	NOT-FOR-US: McAfee VirusScan
-CVE-2002-2281 (Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator ...)
+CVE-2002-2281
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2280 (syslogd on OpenBSD 2.9 through 3.2 does not change the source IP ...)
+CVE-2002-2280
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2279 (Unspecified vulnerability in the bind function in config.inc of aldap ...)
+CVE-2002-2279
 	NOT-FOR-US: aldap
-CVE-2002-2278 (Cross-site scripting (XSS) vulnerability in mod_search/index.php in ...)
+CVE-2002-2278
 	NOT-FOR-US: PortailPHP
-CVE-2002-2277 (SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 ...)
+CVE-2002-2277
 	NOT-FOR-US: PortailPHP
-CVE-2002-2276 (Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the ...)
+CVE-2002-2276
 	NOT-FOR-US: PHP Board
-CVE-2002-2275 (Fortres 101 4.1 allows local users to bypass Fortres by pressing the ...)
+CVE-2002-2275
 	NOT-FOR-US: Fortres
-CVE-2002-2274 (akfingerd 0.5 allows local users to read arbitrary files as the ...)
+CVE-2002-2274
 	NOT-FOR-US: akfingerd
-CVE-2002-2273 (Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows ...)
+CVE-2002-2273
 	NOT-FOR-US: Webster HTTP Server
-CVE-2002-2272 (Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 ...)
+CVE-2002-2272
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2271 (Buffer overflow in BigFun 1.51b IRC client, when the Direct Client ...)
+CVE-2002-2271
 	NOT-FOR-US: BigFun
-CVE-2002-2270 (Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and ...)
+CVE-2002-2270
 	NOT-FOR-US: HP-UX
-CVE-2002-2269 (Directory traversal vulnerability in Webster HTTP Server allows remote ...)
+CVE-2002-2269
 	NOT-FOR-US: Webster HTTP Server
-CVE-2002-2268 (Buffer overflow in Webster HTTP Server allows remote attackers to ...)
+CVE-2002-2268
 	NOT-FOR-US: Webster HTTP Server
-CVE-2002-2267 (bogopass in bogofilter 0.9.0.4 allows local users to overwrite ...)
+CVE-2002-2267
 	- bogofilter 0.9.0.5
-CVE-2002-2266 (NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or ...)
+CVE-2002-2266
 	NOT-FOR-US: NetScreen
-CVE-2002-2265 (Unspecified vulnerability in LDAP Module in System Authentication of Open ...)
+CVE-2002-2265
 	NOT-FOR-US: Open Source Internet Solutions
-CVE-2002-2264 (Unspecified vulnerability in Internet Group Management Protocol (IGMP) ...)
+CVE-2002-2264
 	NOT-FOR-US: Internet Group Management Protocol
-CVE-2002-2263 (The installation program for HP-UX Visualize Conference B.11.00.11 ...)
+CVE-2002-2263
 	NOT-FOR-US: HP-UX Visualize Conference
-CVE-2002-2262 (Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows ...)
+CVE-2002-2262
 	NOT-FOR-US: HP-UX xntpd
-CVE-2002-2261 (Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass ...)
+CVE-2002-2261
 	- sendmail 8.12.7
-CVE-2002-2260 (Cross-site scripting (XSS) vulnerability in the quips feature in ...)
+CVE-2002-2260
 	{DSA-218}
 	- bugzilla 2.14.2-1
-CVE-2002-2259 (Buffer overflow in the French documentation patch for Gnuplot 3.7 in ...)
+CVE-2002-2259
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2258 (Moby NetSuite allows remote attackers to cause a denial of service ...)
+CVE-2002-2258
 	NOT-FOR-US: Moby NetSuite
-CVE-2002-2257 (Stack-based buffer overflow in the parse_field function in cgi_lib.c ...)
+CVE-2002-2257
 	NOT-FOR-US: libcgi
 	NOTE: this is another libcgi than the one we ship
-CVE-2002-2256 (Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier ...)
+CVE-2002-2256
 	NOT-FOR-US: pWins
-CVE-2002-2255 (Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 ...)
+CVE-2002-2255
 	- phpbb2 2.0.13-6sarge3
 	NOTE: might be fixed in prior versions
-CVE-2002-2254 (The experimental IP packet queuing feature in Netfilter / IPTables in ...)
+CVE-2002-2254
 	- linux-2.6 <not-affected> (Fixed before initial upload into the archive, during 2.4)
-CVE-2002-2253 (Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier ...)
+CVE-2002-2253
 	- libsieve <not-affected> (was fixed in 2.1.3 before debian version was uploaded)
-CVE-2002-2252 (SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and ...)
+CVE-2002-2252
 	NOT-FOR-US: Thatware
-CVE-2002-2251 (Buffer overflow in the changevalue function in libcgi.h for Marcos ...)
+CVE-2002-2251
 	NOT-FOR-US: Marcos Luiz Onisto
-CVE-2002-2250 (Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 ...)
+CVE-2002-2250
 	NOT-FOR-US: Sybase
-CVE-2002-2249 (PHP remote file inclusion vulnerability in News Evolution 2.0 allows ...)
+CVE-2002-2249
 	NOT-FOR-US: News Evolution
-CVE-2002-2248 (Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class ...)
+CVE-2002-2248
 	NOT-FOR-US: Netscape
-CVE-2002-2247 (The administrator/phpinfo.php script in Mambo Site Server 4.0.11 ...)
+CVE-2002-2247
 	NOT-FOR-US: Mambo
 	NOTE: mambo is in experimental
-CVE-2002-2246 (Cross-site scripting (XSS) vulnerability in VisNetic Website before ...)
+CVE-2002-2246
 	NOT-FOR-US: VisNetic Website
-CVE-2002-2245 (ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a ...)
+CVE-2002-2245
 	NOT-FOR-US: NetBSD ftpd
-CVE-2002-2244 (Akfingerd 0.5 and earlier versions allow local users to cause a denial ...)
+CVE-2002-2244
 	NOT-FOR-US: Akfingerd
-CVE-2002-2243 (Akfingerd 0.5 and possibly earlier versions only allows one connection ...)
+CVE-2002-2243
 	NOT-FOR-US: Akfingerd
-CVE-2002-2242 (The Apple Package Manager in KisMAC 0.02a and earlier modifies file ...)
+CVE-2002-2242
 	NOT-FOR-US: Apple Package Manager of KisMAC
-CVE-2002-2241 (Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before ...)
+CVE-2002-2241
 	NOT-FOR-US: Deerfield VisNetic WebSite
-CVE-2002-2240 (Directory traversal vulnerability in MyServer 0.11 and 0.2 allows ...)
+CVE-2002-2240
 	NOT-FOR-US: MyServer
-CVE-2002-2239 (The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 ...)
+CVE-2002-2239
 	NOT-FOR-US: Cisco
-CVE-2002-2238 (Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 ...)
+CVE-2002-2238
 	NOT-FOR-US: Kunani ODBC FTP Server
-CVE-2002-2237 (tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a ...)
+CVE-2002-2237
 	NOT-FOR-US: tftp32 TFTP
-CVE-2002-2236 (Format string vulnerability in the awp_log function in apt-www-proxy ...)
+CVE-2002-2236
 	NOT-FOR-US: apt-www-proxy
-CVE-2002-2235 (member2.php in vBulletin 2.2.9 and earlier does not properly restrict ...)
+CVE-2002-2235
 	NOT-FOR-US: vBulletin
-CVE-2002-2234 (NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the ...)
+CVE-2002-2234
 	NOT-FOR-US: NetScreen ScreenOS
-CVE-2002-2233 (Directory traversal vulnerability in Enceladus Server Suite 3.9 allows ...)
+CVE-2002-2233
 	NOT-FOR-US: Enceladus Server Suite
-CVE-2002-2232 (Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers ...)
+CVE-2002-2232
 	NOT-FOR-US: Enceladus Server Suite
-CVE-2002-2231 (Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows ...)
+CVE-2002-2231
 	NOT-FOR-US: Ikonboard
-CVE-2002-2230 (Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows ...)
+CVE-2002-2230
 	NOT-FOR-US: Ikonboard
-CVE-2002-2229 (Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53 ...)
+CVE-2002-2229
 	NOT-FOR-US: WebReflex
-CVE-2002-2228 (MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers ...)
+CVE-2002-2228
 	- mailscanner 4.22.5-1
-CVE-2002-2227 (Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers ...)
+CVE-2002-2227
 	- ssldump 0.9b3-1 (low)
-CVE-2002-2226 (Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote ...)
+CVE-2002-2226
 	NOT-FOR-US: Tftpd32
-CVE-2002-2225 (SafeNet VPN client allows remote attackers to cause a denial of ...)
+CVE-2002-2225
 	NOT-FOR-US: SafeNet VPN
-CVE-2002-2224 (Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 ...)
+CVE-2002-2224
 	NOT-FOR-US: PGPFreeware
-CVE-2002-2223 (Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to ...)
+CVE-2002-2223
 	NOT-FOR-US: NetScreen-Remote
-CVE-2002-2222 (isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and ...)
+CVE-2002-2222
 	NOT-FOR-US: FreeBSD
-CVE-2002-2221 (Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd ...)
+CVE-2002-2221
 	- chetcpasswd <removed> (medium)
-CVE-2002-2220 (Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when ...)
+CVE-2002-2220
 	- chetcpasswd <removed> (medium)
-CVE-2002-2219 (chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows ...)
+CVE-2002-2219
 	- chetcpasswd <removed> (low)
-CVE-2002-2218 (CRLF injection vulnerability in the setUserValue function in ...)
+CVE-2002-2218
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2217 (Multiple PHP remote file inclusion vulnerabilities in Web Server ...)
+CVE-2002-2217
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2216 (Soft3304 04WebServer before 1.20 does not properly process URL ...)
+CVE-2002-2216
 	NOT-FOR-US: 04WebServer
-CVE-2002-2215 (The imap_header function in the IMAP functionality for PHP before ...)
+CVE-2002-2215
 	- php4 4:4.3.2+rc3-1
-CVE-2002-2214 (The php_if_imap_mime_header_decode function in the IMAP functionality ...)
+CVE-2002-2214
 	- php4 4:4.3.2+rc3-1
-CVE-2002-2213 (The DNS resolver in unspecified versions of Infoblox DNS One, when ...)
+CVE-2002-2213
 	NOT-FOR-US: Infoblox DNS One
-CVE-2002-2212 (The DNS resolver in unspecified versions of Fujitsu UXP/V, when ...)
+CVE-2002-2212
 	NOT-FOR-US: Fujitsu UXP/V
-CVE-2002-2211 (BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary ...)
+CVE-2002-2211
 	- bind <removed> (unimportant)
 	- bind9 <not-affected> (does not send parallel queries)
 	NOTE: Disabling recursion does not close all attack vectors.
 	NOTE: Browser reflection attacks will still work.
 	NOTE: Bind 8 design limitations that are only addressed in bind 9 are not
 	NOTE: treated a security issues, DNS admins need to be aware what they are using
-CVE-2002-2210 (The installation of OpenOffice 1.0.1 allows local users to overwrite ...)
+CVE-2002-2210
 	- openoffice.org 1.0.2
-CVE-2002-2209 (Unspecified &quot;security vulnerability&quot; in Baby FTP Server versions ...)
+CVE-2002-2209
 	NOT-FOR-US: Baby FTP Server
-CVE-2002-2208 (Extended Interior Gateway Routing Protocol (EIGRP), as implemented in ...)
+CVE-2002-2208
 	NOT-FOR-US: IOS
-CVE-2002-2207 (Buffer overflow in ssldump 0.9b2 and earlier, when running in ...)
+CVE-2002-2207
 	- ssldump 0.9b3
-CVE-2002-2206 (The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows ...)
+CVE-2002-2206
 	NOT-FOR-US: Norton AntiVirus
-CVE-2002-2205 (Buffer overflow in Webresolve 0.1.0 and earlier allows remote ...)
+CVE-2002-2205
 	NOT-FOR-US: webresolve
-CVE-2002-2204 (The default --checksig setting in RPM Package Manager 4.0.4 checks ...)
+CVE-2002-2204
 	NOTE: verified with rpm 4.4.1, but this can hardly affect debian at
 	NOTE: all since it requires rpm be configured to trust some key,
 	NOTE: which in debian requires a manual and non-documented
 	NOTE: initialization of the rpm database which is not configured in
 	NOTE: the package
-CVE-2002-2203 (Unknown vulnerability in the System Serial Console terminal in Solaris ...)
+CVE-2002-2203
 	NOT-FOR-US: Solaris
-CVE-2002-2202 (Outlook Express 6.0 does not delete messages from dbx files, even when ...)
+CVE-2002-2202
 	NOT-FOR-US: Outlook Express
-CVE-2002-2201 (The Printer Administration module for Webmin 0.990 and earlier allows ...)
+CVE-2002-2201
 	- webmin 1.000 (high)
-CVE-2002-2200 (Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote ...)
+CVE-2002-2200
 	NOT-FOR-US: (Benjamin Lefevre Dobermann FORUM)
-CVE-2002-2199 (The default aide.conf file in Advanced Intrusion Detection Environment ...)
+CVE-2002-2199
 	NOTE: freebsd misconfiguration
-CVE-2002-2198 (Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to ...)
+CVE-2002-2198
 	- zmailer 2.99.56-1 (high)
 	NOTE: May have been fixed earlier, 2.99.51 was never uploaded to Debian.
-CVE-2002-2197 (Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a ...)
+CVE-2002-2197
 	NOT-FOR-US: Solaris
-CVE-2002-2196 (Samba before 2.2.5 does not properly terminate the ...)
+CVE-2002-2196
 	- samba 2.2.5 (high)
-CVE-2002-2195 (Buffer overflow in the version update check for Winamp 2.80 and ...)
+CVE-2002-2195
 	NOT-FOR-US: Winamp
 CVE-2002-2194
 	REJECTED
-CVE-2002-2193 (Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 ...)
+CVE-2002-2193
 	NOT-FOR-US: Mojo Mail
-CVE-2002-2192 (Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 ...)
+CVE-2002-2192
 	NOT-FOR-US: Perception LiteServe
-CVE-2002-2191 (Lotus Domino 5.0.9a and earlier, even when configured with the ...)
+CVE-2002-2191
 	NOT-FOR-US: (Lotus Domino
-CVE-2002-2190 (ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext ...)
+CVE-2002-2190
 	NOT-FOR-US: ArtsCore Studios CuteCast Forum
-CVE-2002-2189 (Cross-site scripting (XSS) vulnerability in ActiveXperts Software ...)
+CVE-2002-2189
 	NOT-FOR-US: ActiveXperts Software ActiveWebserver
-CVE-2002-2188 (OpenBSD before 3.2 allows local users to cause a denial of service ...)
+CVE-2002-2188
 	NOT-FOR-US: OpenBSD kernel
-CVE-2002-2187 (Unknown &quot;file disclosure&quot; vulnerability in Macromedia JRun 3.0, 3.1, ...)
+CVE-2002-2187
 	NOT-FOR-US: Macromedia JRun
-CVE-2002-2186 (Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the ...)
+CVE-2002-2186
 	NOT-FOR-US: Macromedia JRun
-CVE-2002-2185 (The Internet Group Management Protocol (IGMP) allows local users to ...)
+CVE-2002-2185
 	NOTE: fixed in IRIX..
-CVE-2002-2184 (Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP ...)
+CVE-2002-2184
 	NOT-FOR-US: DigiChat
-CVE-2002-2183 (phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to ...)
+CVE-2002-2183
 	NOT-FOR-US: phpShare
-CVE-2002-2182 (Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 ...)
+CVE-2002-2182
 	NOT-FOR-US: MSN666
-CVE-2002-2181 (SonicWall Content Filtering allows local users to access prohibited ...)
+CVE-2002-2181
 	NOT-FOR-US: SonicWall
-CVE-2002-2180 (The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not ...)
+CVE-2002-2180
 	NOT-FOR-US: OpenBSD kernel
-CVE-2002-2179 (The dynamic initialization feature of the ClearPath MCP environment ...)
+CVE-2002-2179
 	NOT-FOR-US: ClearPath MCP
-CVE-2002-2178 (Cross-site scripting (XSS) vulnerability in article.php module for ...)
+CVE-2002-2178
 	NOT-FOR-US: phpWebSite
-CVE-2002-2177 (BEA WebLogic Server and Express 6.1 through 7.0.0.1 buffers HTTP ...)
+CVE-2002-2177
 	NOT-FOR-US: BEA
-CVE-2002-2176 (SQL injection vulnerability in Gender MOD 1.1.3 allows remote ...)
+CVE-2002-2176
 	NOT-FOR-US: Gender MOD
-CVE-2002-2175 (phpSquidPass before 0.2 uses an incomplete regular expression to find ...)
+CVE-2002-2175
 	NOT-FOR-US: phpSquidPass
-CVE-2002-2174 (The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number ...)
+CVE-2002-2174
 	NOT-FOR-US: 602Pro LAN SUITE
-CVE-2002-2173 (Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing ...)
+CVE-2002-2173
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2172 (Informed (1) Designer and (2) Filler 3.05 does not zero out newly ...)
+CVE-2002-2172
 	NOT-FOR-US: Informed Designer, Informed Filler
-CVE-2002-2171 (Cross-site scripting (XSS) vulnerability in acWEB 1.8 and 1.14 allows ...)
+CVE-2002-2171
 	NOT-FOR-US: acWEB
-CVE-2002-2170 (Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 ...)
+CVE-2002-2170
 	NOT-FOR-US: BadBlue Enterprise Edition
-CVE-2002-2169 (Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and ...)
+CVE-2002-2169
 	NOT-FOR-US: AIM
-CVE-2002-2168 (SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 ...)
+CVE-2002-2168
 	NOT-FOR-US: 123tkShop
-CVE-2002-2167 (Directory traversal vulnerability in function_foot_1.inc.php for ...)
+CVE-2002-2167
 	NOT-FOR-US: 123tkShop
-CVE-2002-2166 (Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 ...)
+CVE-2002-2166
 	NOT-FOR-US: FuseTalk
-CVE-2002-2165 (The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER ...)
+CVE-2002-2165
 	NOT-FOR-US: IMHO Webmail for Roxen
-CVE-2002-2164 (Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows ...)
+CVE-2002-2164
 	NOT-FOR-US: MSIE
-CVE-2002-2163 (KvPoll 1.1 allows remote authenticated users to vote more than once by ...)
+CVE-2002-2163
 	NOT-FOR-US: KvPoll
-CVE-2002-2162 (Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) ...)
+CVE-2002-2162
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2161 (Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote ...)
+CVE-2002-2161
 	NOT-FOR-US: Kerio Personal Firewall
 CVE-2002-2160
 	REJECTED
-CVE-2002-2159 (Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the ...)
+CVE-2002-2159
 	NOT-FOR-US: Linksys hardware
-CVE-2002-2158 (zenTrack 2.0.3 and earlier allows remote attackers to obtain the full ...)
+CVE-2002-2158
 	NOT-FOR-US: zenTrack
 CVE-2002-2157
 	REJECTED
-CVE-2002-2156 (Buffer overflow in Trillian 0.73 allows remote IRC servers to execute ...)
+CVE-2002-2156
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2155 (Format string vulnerability in the error handling of IRC invite ...)
+CVE-2002-2155
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2154 (Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows ...)
+CVE-2002-2154
 	NOT-FOR-US: Monkey HTTP Daemon
-CVE-2002-2153 (Format string vulnerability in the administrative pages of the PL/SQL ...)
+CVE-2002-2153
 	NOT-FOR-US: Oracle Application Server
-CVE-2002-2152 (The Czech edition of Software602's Web Server before 2002.0.02.0916 ...)
+CVE-2002-2152
 	NOT-FOR-US: Software602
 CVE-2002-2151
 	REJECTED
-CVE-2002-2150 (Firewalls from multiple vendors empty state tables more slowly than ...)
+CVE-2002-2150
 	NOTE: SYN floods etc generally filed as issues in linux specifically
 	NOTE: if it is affected
-CVE-2002-2149 (Buffer overflow in Lucent Access Point 300, 600, and 1500 Service ...)
+CVE-2002-2149
 	NOT-FOR-US: Lucent Access Point
-CVE-2002-2148 (Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline ...)
+CVE-2002-2148
 	NOT-FOR-US: Lucent MAX Router
 CVE-2002-2147
 	REJECTED
-CVE-2002-2146 (cgitest.exe in Savant Web Server 3.1 and earlier allows remote ...)
+CVE-2002-2146
 	NOT-FOR-US: Savant Web Server
-CVE-2002-2145 (Savant Web Server 3.1 and earlier allows remote attackers to bypass ...)
+CVE-2002-2145
 	NOT-FOR-US: Savant Web Server
-CVE-2002-2144 (Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows ...)
+CVE-2002-2144
 	NOT-FOR-US: BearShare
-CVE-2002-2143 (The admin.html file in MySimple News 1.0 stores its administrative ...)
+CVE-2002-2143
 	NOT-FOR-US: MySimple News
-CVE-2002-2142 (An undocumented extension for the Servlet mappings in the Servlet 2.3 ...)
+CVE-2002-2142
 	NOT-FOR-US: BEA
-CVE-2002-2141 (BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets ...)
+CVE-2002-2141
 	NOT-FOR-US: BEA
-CVE-2002-2140 (Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, ...)
+CVE-2002-2140
 	NOT-FOR-US: Cisco
-CVE-2002-2139 (Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not ...)
+CVE-2002-2139
 	NOT-FOR-US: Cisco
-CVE-2002-2138 (RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when ...)
+CVE-2002-2138
 	NOT-FOR-US: HP Advanced Server
-CVE-2002-2137 (GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and ...)
+CVE-2002-2137
 	NOT-FOR-US: GlobalSunTech Wireless Access Points
 CVE-2002-2136
 	REJECTED
 CVE-2002-2135
 	REJECTED
-CVE-2002-2134 (haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP ...)
+CVE-2002-2134
 	NOT-FOR-US: PEEL
-CVE-2002-2133 (Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption ...)
+CVE-2002-2133
 	NOT-FOR-US: Telindus 1100 ASDL router
-CVE-2002-2132 (Windows File Protection (WFP) in Windows 2000 and XP does not remove ...)
+CVE-2002-2132
 	NOT-FOR-US: Windows
-CVE-2002-2131 (Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows ...)
+CVE-2002-2131
 	NOT-FOR-US: Perl-HTTPd
-CVE-2002-2130 (publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to ...)
+CVE-2002-2130
 	- gallery 1.3.3 (high)
-CVE-2002-2129 (Cross-site scripting vulnerability (XSS) in editform.php for w-Agora ...)
+CVE-2002-2129
 	NOT-FOR-US: w-Agora
-CVE-2002-2128 (editform.php in w-Agora 4.1.5 allows local users to execute arbitrary ...)
+CVE-2002-2128
 	NOT-FOR-US: w-Agora
-CVE-2002-2127 (Integrity Protection Driver (IPD) 1.2 and earlier blocks access to ...)
+CVE-2002-2127
 	NOT-FOR-US: Integrity Protection Driver (IPD)
-CVE-2002-2126 (restrictEnabled in Integrity Protection Driver (IPD) 1.2 delays driver ...)
+CVE-2002-2126
 	NOT-FOR-US: Integrity Protection Driver (IPD)
-CVE-2002-2125 (Internet Explorer 6.0 does not warn users when an expired certificate ...)
+CVE-2002-2125
 	NOT-FOR-US: MSIE
-CVE-2002-2124 (The recvn and sendn functions in nylon 0.2 do not check when the recv ...)
+CVE-2002-2124
 	NOT-FOR-US: nylon
 CVE-2002-XXXX [libnss-ldap: DoS through truncated DNS queries]
 	- libnss-ldap 199-1 (bug #169793)
@@ -693,353 +693,353 @@ CVE-2002-XXXX [sanitizer bypassal through quoted file names]
 	- sanitizer 1.76-1 (bug #149799; medium)
 	[sarge] - sanitizer <not-affected> (Sarge version already fixed)
 	NOTE: This was fixed earlier in fact, but it's unknown when
-CVE-2002-2123 (PHP remote file inclusion vulnerability in publish_xp_docs.php for ...)
+CVE-2002-2123
 	- gallery 1.3.3
-CVE-2002-2122 (Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in ...)
+CVE-2002-2122
 	NOT-FOR-US: Pointsec
-CVE-2002-2121 (SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote ...)
+CVE-2002-2121
 	NOT-FOR-US: SurfControl
-CVE-2002-2120 (Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to ...)
+CVE-2002-2120
 	NOT-FOR-US: QNX
-CVE-2002-2119 (Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which ...)
+CVE-2002-2119
 	NOT-FOR-US: Novell eDirectory
-CVE-2002-2118 (Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows ...)
+CVE-2002-2118
 	NOT-FOR-US: Blue World Lasso Web Data Engine
-CVE-2002-2117 (Microsoft Windows XP allows remote attackers to cause a denial of ...)
+CVE-2002-2117
 	NOT-FOR-US: Microsoft
-CVE-2002-2116 (Netgear RM-356 and RT-338 series SOHO routers allow remote attackers ...)
+CVE-2002-2116
 	NOT-FOR-US: Netgear RM-356 and RT-338 series SOHO routers
-CVE-2002-2115 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) ...)
+CVE-2002-2115
 	NOT-FOR-US: Hyper NIKKI System (HNS) Lite
-CVE-2002-2114 (Artekopia Netjuke before 1.0 b7 allows remote attackers to execute ...)
+CVE-2002-2114
 	- netjuke 1.0b7
-CVE-2002-2113 (search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute ...)
+CVE-2002-2113
 	NOT-FOR-US: HTMLsearch
-CVE-2002-2112 (RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must ...)
+CVE-2002-2112
 	NOT-FOR-US: RCA Digital Cable Modem
-CVE-2002-2111 (Fwmon before 1.0.10 allows remote attackers to cause a denial of ...)
+CVE-2002-2111
 	NOT-FOR-US: Fwmon
-CVE-2002-2110 (The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers ...)
+CVE-2002-2110
 	NOT-FOR-US: RCA Digital Cable Modems DCM225 and DCM225E
-CVE-2002-2109 (Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass ...)
+CVE-2002-2109
 	NOTE: debian's nms-formmail is a reimplementation of old formmail
-CVE-2002-2108 (Unknown vulnerability in the &quot;VAIO Manual&quot; software in certain Sony ...)
+CVE-2002-2108
 	NOT-FOR-US: Sony VAIO
-CVE-2002-2107 (Cross-site scripting (XSS) vulnerability in the lookup script in ...)
+CVE-2002-2107
 	NOT-FOR-US: OpenKeyServer
-CVE-2002-2106 (PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 ...)
+CVE-2002-2106
 	NOT-FOR-US: WikkiTikkiTavi
-CVE-2002-2105 (Microsoft Windows XP allows local users to prevent the system from ...)
+CVE-2002-2105
 	NOT-FOR-US: Microsoft
-CVE-2002-2104 (graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers ...)
+CVE-2002-2104
 	NOT-FOR-US: Ganglia PHP RRD Web Client
 	NOTE: not ganglia-monitor
-CVE-2002-2103 (Apache before 1.3.24, when writing to the log file, records a spoofed ...)
+CVE-2002-2103
 	- apache 1.3.24 (low)
-CVE-2002-2102 (InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to ...)
+CVE-2002-2102
 	- jzlib 0.0.7 (low)
-CVE-2002-2101 (Microsoft Outlook 2002 allows remote attackers to execute arbitrary ...)
+CVE-2002-2101
 	NOT-FOR-US: Microsoft
-CVE-2002-2100 (Microsoft Outlook 2002 allows remote attackers to embed bypass the ...)
+CVE-2002-2100
 	NOT-FOR-US: Microsoft
-CVE-2002-2099 (Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows ...)
+CVE-2002-2099
 	- ddd <not-affected> (ddd is not setuid/gid so not exploitable)
-CVE-2002-2098 (Buffer overflow in axspawn.c in Axspawn-pam before 0.2.1a allows ...)
+CVE-2002-2098
 	NOT-FOR-US: Axspawn-pam
-CVE-2002-2097 (The compression code in MaraDNS before 0.9.01 allows remote attackers ...)
+CVE-2002-2097
 	- maradns 0.9.01 (low)
-CVE-2002-2096 (Buffer overflow in Novell Remote Manager module, httpstk.nlm, in ...)
+CVE-2002-2096
 	NOT-FOR-US: Netware
-CVE-2002-2095 (Joe Testa hellbent 01 webserver allows attackers to read files that ...)
+CVE-2002-2095
 	NOT-FOR-US: Joe Testa hellbent 01 webserver
-CVE-2002-2094 (Joe Testa hellbent 01 allows remote attackers to determine the full ...)
+CVE-2002-2094
 	NOT-FOR-US: Joe Testa hellbent 01 webserver
-CVE-2002-2093 (The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is ...)
+CVE-2002-2093
 	NOT-FOR-US: SGI IRIX
-CVE-2002-2092 (Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and ...)
+CVE-2002-2092
 	NOT-FOR-US: OpenBSD/NetBSD/FreeBSD
-CVE-2002-2091 (Format string vulnerability in Deception Finger Daemon, decfingerd, ...)
+CVE-2002-2091
 	NOT-FOR-US: decfingerd
-CVE-2002-2090 (Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers ...)
+CVE-2002-2090
 	NOT-FOR-US: aucho Technology Resin server
-CVE-2002-2089 (Buffer overflow in rcp in Solaris 9.0 allows local users to execute ...)
+CVE-2002-2089
 	NOT-FOR-US: Solaris
-CVE-2002-2088 (The MOSIX Project clump/os 5.4 creates a default VNC account without a ...)
+CVE-2002-2088
 	NOT-FOR-US: clump/os
-CVE-2002-2087 (Buffer overflow in Borland InterBase 6.0 allows local users to execute ...)
+CVE-2002-2087
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2086 (Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of ...)
+CVE-2002-2086
 	NOT-FOR-US: magicHTML
-CVE-2002-2085 (Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 ...)
+CVE-2002-2085
 	NOT-FOR-US: WWWeBBB forum
-CVE-2002-2084 (Directory traversal vulnerability in index.php of Portix 0.4.02 allows ...)
+CVE-2002-2084
 	NOT-FOR-US: Portix
-CVE-2002-2083 (The Novell Netware client running on Windows 95 allows local users to ...)
+CVE-2002-2083
 	NOT-FOR-US: Novell Netware
-CVE-2002-2082 (FTGate and FTGate Pro 1.05 lock user mailboxes before authentication ...)
+CVE-2002-2082
 	NOT-FOR-US: FTGate
-CVE-2002-2081 (cphost.dll in Microsoft Site Server 3.0 allows remote attackers to ...)
+CVE-2002-2081
 	NOT-FOR-US: Microsoft
-CVE-2002-2080 (Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of ...)
+CVE-2002-2080
 	NOT-FOR-US: FTGate
-CVE-2002-2079 (mosix-protocol-stack in Multicomputer Operating System for UnIX ...)
+CVE-2002-2079
 	- kernel-patch-openmosix <removed> (bug #319621; low)
-CVE-2002-2078 (Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) ...)
+CVE-2002-2078
 	NOT-FOR-US: FTGate
-CVE-2002-2077 (The DCOM client in Windows 2000 before SP3 does not properly clear ...)
+CVE-2002-2077
 	NOT-FOR-US: Microsoft
-CVE-2002-2076 (Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 ...)
+CVE-2002-2076
 	NOT-FOR-US: Lil' HTTP server
-CVE-2002-2075 (ICQ 2001a and 2002b allows remote attackers to cause a denial of ...)
+CVE-2002-2075
 	NOT-FOR-US: ICQ
-CVE-2002-2074 (SQL injection vulnerability in Mailidx before 20020105 allows remote ...)
+CVE-2002-2074
 	NOT-FOR-US: Mailidx
-CVE-2002-2073 (Cross-site scripting (XSS) vulnerability in the default ASP pages on ...)
+CVE-2002-2073
 	NOT-FOR-US: Microsoft
-CVE-2002-2072 (java.security.AccessController in Sun Java Virtual Machine (JVM) in ...)
+CVE-2002-2072
 	NOT-FOR-US: Sun Java
-CVE-2002-2071 (Compaq Tru64 4.0 d allows remote attackers to cause a denial of ...)
+CVE-2002-2071
 	NOT-FOR-US: Tru64
-CVE-2002-2070 (SecureClean 3 build 2.0 does not clear Windows alternate data streams ...)
+CVE-2002-2070
 	NOT-FOR-US: SecureClean
-CVE-2002-2069 (PGP 6.x and 7.x does not clear Windows alternate data streams that are ...)
+CVE-2002-2069
 	NOT-FOR-US: Proprietary PGP
-CVE-2002-2068 (Eraser 5.3 does not clear Windows alternate data streams that are ...)
+CVE-2002-2068
 	NOT-FOR-US: Eraser
-CVE-2002-2067 (East-Tec Eraser 2002 does not clear Windows alternate data streams ...)
+CVE-2002-2067
 	NOT-FOR-US: Eraser
-CVE-2002-2066 (BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows ...)
+CVE-2002-2066
 	NOT-FOR-US: BCWipe
-CVE-2002-2065 (WebCalendar 0.9.34 and earlier with 'browsing in includes directory' ...)
+CVE-2002-2065
 	NOT-FOR-US: WebCalender
-CVE-2002-2064 (isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain ...)
+CVE-2002-2064
 	NOT-FOR-US: PhpWebGallery
-CVE-2002-2063 (AtGuard 3.2 allows remote attackers to bypass firwall filters and ...)
+CVE-2002-2063
 	NOT-FOR-US: AtGuard
-CVE-2002-2062 (Cross-site scripting (XSS) vulnerability in ftp.htt in Internet ...)
+CVE-2002-2062
 	NOT-FOR-US: Microsoft
-CVE-2002-2061 (Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and ...)
+CVE-2002-2061
 	NOTE: fixed in upstream 1.0.1
 	NOTE: see http://web.archive.org/web/20090628044831/http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html
 	- mozilla 2:1.1-1 (low)
-CVE-2002-2060 (Buffer overflow in Links 2.0 pre4 allows remote attackers to crash ...)
+CVE-2002-2060
 	- links2 <not-affected> (Fixed before upload into archiv; 2.0pre5)
-CVE-2002-2059 (BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not ...)
+CVE-2002-2059
 	NOT-FOR-US: Intel motherboards
-CVE-2002-2058 (TeeKai Tracking Online 1.0 uses weak encryption of web usage ...)
+CVE-2002-2058
 	NOT-FOR-US: TeeKai
-CVE-2002-2057 (TeeKai Forum 1.2 uses weak encryption of web usage statistics in ...)
+CVE-2002-2057
 	NOT-FOR-US: TeeKai
-CVE-2002-2056 (Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows ...)
+CVE-2002-2056
 	NOT-FOR-US: TeeKai
-CVE-2002-2055 (Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai ...)
+CVE-2002-2055
 	NOT-FOR-US: TeeKai
-CVE-2002-2054 (TeeKai Forum 1.2 allows remote attackers to authenticate as the ...)
+CVE-2002-2054
 	NOT-FOR-US: TeeKai
-CVE-2002-2053 (The design of the Hot Standby Routing Protocol (HSRP), as implemented ...)
+CVE-2002-2053
 	NOT-FOR-US: Cisco
-CVE-2002-2052 (Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, ...)
+CVE-2002-2052
 	NOT-FOR-US: Cisco
-CVE-2002-2051 (The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used ...)
+CVE-2002-2051
 	- modlogan 0.7.12-1 (low)
-CVE-2002-2050 (Directory traversal vulnerability in processor_web plugin for ModLogAn ...)
+CVE-2002-2050
 	- modlogan 0.7.12-1 (low)
-CVE-2002-2049 (configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when ...)
+CVE-2002-2049
 	NOTE: one day upstream webserver compromise
-CVE-2002-2048 (Buffer overflow in PFinger 0.7.8 client allows remote attackers to ...)
+CVE-2002-2048
 	NOT-FOR-US: PFinger
-CVE-2002-2047 (The file preview functionality in Sketch 0.6.12 and earlier allows ...)
+CVE-2002-2047
 	- sketch 0.6.13-1 (low)
-CVE-2002-2046 (x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers ...)
+CVE-2002-2046
 	NOT-FOR-US: X-News
-CVE-2002-2045 (x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to ...)
+CVE-2002-2045
 	NOT-FOR-US: x-stat
-CVE-2002-2044 (Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat ...)
+CVE-2002-2044
 	NOT-FOR-US: x-stat
-CVE-2002-2043 (SQL injection vulnerability in the LDAP and MySQL authentication patch ...)
+CVE-2002-2043
 	NOTE: old patch
-CVE-2002-2042 (ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 ...)
+CVE-2002-2042
 	NOT-FOR-US: QNX
-CVE-2002-2041 (Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 ...)
+CVE-2002-2041
 	NOT-FOR-US: QNX
-CVE-2002-2040 (The (1) phrafx and (2) phgrafx-startup programs in QNX realtime ...)
+CVE-2002-2040
 	NOT-FOR-US: QNX
-CVE-2002-2039 (/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows ...)
+CVE-2002-2039
 	NOT-FOR-US: QNX
-CVE-2002-2038 (Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based ...)
+CVE-2002-2038
 	NOT-FOR-US: NGPT
 	NOTE: http://lists.debian.org/debian-user/2003/10/msg03627.html
 	NOTE: NPTL does not have this problem.
-CVE-2002-2037 (The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and ...)
+CVE-2002-2037
 	NOT-FOR-US: Cisco
-CVE-2002-2036 (Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) ...)
+CVE-2002-2036
 	NOT-FOR-US: Sun
-CVE-2002-2035 (SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and ...)
+CVE-2002-2035
 	NOT-FOR-US: RealityScape
-CVE-2002-2034 (The Email Sanitizer before 1.133 for Procmail allows remote attackers ...)
+CVE-2002-2034
 	NOT-FOR-US: Email Sanitizer
-CVE-2002-2033 (faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers ...)
+CVE-2002-2033
 	NOT-FOR-US: FAQManager
-CVE-2002-2032 (sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to ...)
+CVE-2002-2032
 	NOT-FOR-US: PHPNuke
-CVE-2002-2031 (Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled ...)
+CVE-2002-2031
 	NOT-FOR-US: Microsoft
-CVE-2002-2030 (Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows ...)
+CVE-2002-2030
 	NOT-FOR-US: Microsoft
-CVE-2002-2029 (PHP, when installed on Windows with Apache and ScriptAlias for /php/ ...)
+CVE-2002-2029
 	NOT-FOR-US: PHP, Mircrosoft
-CVE-2002-2028 (The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify ...)
+CVE-2002-2028
 	NOT-FOR-US: Microsoft
-CVE-2002-2027 (Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not ...)
+CVE-2002-2027
 	NOT-FOR-US: DOOW
-CVE-2002-2026 (Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to ...)
+CVE-2002-2026
 	NOT-FOR-US: BrowseFTP
-CVE-2002-2025 (Lotus Domino server 5.0.9a and earlier allows remote attackers to ...)
+CVE-2002-2025
 	NOT-FOR-US: Lotus Domino
-CVE-2002-2024 (Horde IMP 2.2.7 allows remote attackers to obtain the full web root ...)
+CVE-2002-2024
 	- imp 3:2.2.6-5 (high)
-CVE-2002-2023 (The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and ...)
+CVE-2002-2023
 	NOT-FOR-US: We use the OTHER beep program :P
-CVE-2002-2022 (Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows ...)
+CVE-2002-2022
 	NOTE: only affects old-stable
-CVE-2002-2021 (Cross-site scripting (XSS) vulnerability in WoltLab Burning Board ...)
+CVE-2002-2021
 	NOT-FOR-US: wbboard
-CVE-2002-2020 (Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default ...)
+CVE-2002-2020
 	NOT-FOR-US: Netgear hardware
-CVE-2002-2019 (PHP remote file inclusion vulnerability in include_once.php in ...)
+CVE-2002-2019
 	NOT-FOR-US: osCommerce
-CVE-2002-2018 (sastcpd in SAS/Base 8.0 might allow local users to gain privileges by ...)
+CVE-2002-2018
 	NOT-FOR-US: SAS/Base
-CVE-2002-2017 (sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code ...)
+CVE-2002-2017
 	NOT-FOR-US: SAS/Base
-CVE-2002-2016 (User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel ...)
+CVE-2002-2016
 	- user-mode-linux 2.4.17-9 (high)
-CVE-2002-2015 (PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows ...)
+CVE-2002-2015
 	NOT-FOR-US: PostNuke
-CVE-2002-2014 (Lotus Domino 5.0.8 web server returns different error messages when a ...)
+CVE-2002-2014
 	NOT-FOR-US: Lotus Domino
-CVE-2002-2013 (Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote ...)
+CVE-2002-2013
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2012 (Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for ...)
+CVE-2002-2012
 	NOT-FOR-US: Apache
-CVE-2002-2011 (Cross-site scripting (XSS) vulnerability in the fom CGI program ...)
+CVE-2002-2011
 	NOT-FOR-US: faqomatic
-CVE-2002-2010 (Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig ...)
+CVE-2002-2010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2009 (Apache Tomcat 4.0.1 allows remote attackers to obtain the web root ...)
+CVE-2002-2009
 	NOT-FOR-US: Tomcat
-CVE-2002-2008 (Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the ...)
+CVE-2002-2008
 	NOT-FOR-US: Tomcat
-CVE-2002-2007 (The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows ...)
+CVE-2002-2007
 	NOT-FOR-US: Tomcat
-CVE-2002-2006 (The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 ...)
+CVE-2002-2006
 	NOT-FOR-US: Tomcat
-CVE-2002-2005 (Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and ...)
+CVE-2002-2005
 	NOT-FOR-US: Sun
-CVE-2002-2004 (portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to ...)
+CVE-2002-2004
 	NOT-FOR-US: Compaq
-CVE-2002-2003 (ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote ...)
+CVE-2002-2003
 	NOT-FOR-US: Compaq
-CVE-2002-2002 (Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows ...)
+CVE-2002-2002
 	NOT-FOR-US: Compaq
-CVE-2002-2001 (jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable ...)
+CVE-2002-2001
 	NOT-FOR-US: jmcce
-CVE-2002-2000 (ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use ...)
+CVE-2002-2000
 	NOT-FOR-US: OpenVMS
-CVE-2002-1999 (HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow ...)
+CVE-2002-1999
 	NOT-FOR-US: VVOS
-CVE-2002-1998 (Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 ...)
+CVE-2002-1998
 	NOT-FOR-US: UnixWare
-CVE-2002-1997 (ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering ...)
+CVE-2002-1997
 	NOT-FOR-US: ZoneAlarm
-CVE-2002-1996 (Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier ...)
+CVE-2002-1996
 	NOT-FOR-US: Postnuke
-CVE-2002-1995 (Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke ...)
+CVE-2002-1995
 	NOT-FOR-US: Postnuke
-CVE-2002-1994 (advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 ...)
+CVE-2002-1994
 	NOT-FOR-US: Windows
-CVE-2002-1993 (webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute ...)
+CVE-2002-1993
 	NOT-FOR-US: WebBBS
-CVE-2002-1992 (Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or ...)
+CVE-2002-1992
 	NOT-FOR-US: Windows
-CVE-2002-1991 (PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary ...)
+CVE-2002-1991
 	NOT-FOR-US: osCommerce
-CVE-2002-1990 (Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical ...)
+CVE-2002-1990
 	NOT-FOR-US: Resin
-CVE-2002-1989 (Resin 2.1.1 allows remote attackers to cause a denial of service ...)
+CVE-2002-1989
 	NOT-FOR-US: Resin
-CVE-2002-1988 (Resin 2.1.1 allows remote attackers to cause a denial of service ...)
+CVE-2002-1988
 	NOT-FOR-US: Resin
-CVE-2002-1987 (Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 ...)
+CVE-2002-1987
 	NOT-FOR-US: Resin
-CVE-2002-1986 (Perception LiteServe 2.0 through 2.0.1 allows remote attackers to ...)
+CVE-2002-1986
 	NOT-FOR-US: Perception LiteServe
-CVE-2002-1985 (iSMTP 5.0.1 allows remote attackers to cause a denial of service via a ...)
+CVE-2002-1985
 	NOT-FOR-US: iSMTP
-CVE-2002-1984 (Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or ...)
+CVE-2002-1984
 	NOT-FOR-US: Microsoft
-CVE-2002-1983 (The timer implementation in QNX RTOS 6.1.0 allows local users to cause ...)
+CVE-2002-1983
 	NOT-FOR-US: QNX
-CVE-2002-1982 (Directory traversal vulnerability in the list_directory function in ...)
+CVE-2002-1982
 	NOTE: verified current version is not vulnerable to exploit
-CVE-2002-1981 (Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the ...)
+CVE-2002-1981
 	NOT-FOR-US: Microsoft
-CVE-2002-1980 (Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 ...)
+CVE-2002-1980
 	NOT-FOR-US: Solaris
-CVE-2002-1979 (WatchGuard SOHO products running firmware 5.1.6 and earlier, and ...)
+CVE-2002-1979
 	NOT-FOR-US: Watchguard SOHO
-CVE-2002-1978 (IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass ...)
+CVE-2002-1978
 	NOT-FOR-US: IPFilter
-CVE-2002-1977 (Network Associates PGP 7.0.4 and 7.1 does not time out according to ...)
+CVE-2002-1977
 	NOT-FOR-US: Proprietary PGP
-CVE-2002-1976 (ifconfig, when used on the Linux kernel 2.2 and later, does not report ...)
+CVE-2002-1976
 	- net-tools <unfixed> (unimportant)
 	NOTE: This seems to be a misunderstanding of what the PROMISC flag
 	NOTE: is about. ifconfig reports properly when it is set using
 	NOTE: "ifconfig promisc".
-CVE-2002-1975 (Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of &quot;A0&quot; to encrypt ...)
+CVE-2002-1975
 	NOT-FOR-US: Zaurus hardware
-CVE-2002-1974 (The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require ...)
+CVE-2002-1974
 	NOT-FOR-US: Zaurus hardware
-CVE-2002-1973 (Buffer overflow in CHttpServer::OnParseError in the ISAPI extension ...)
+CVE-2002-1973
 	NOT-FOR-US: Microsoft
-CVE-2002-1972 (Unknown vulnerability in Parallel port powerSwitch (aka ...)
+CVE-2002-1972
 	NOT-FOR-US: pp_powerSwitch
-CVE-2002-1971 (The ping utility in networking_utils.php in Sourcecraft ...)
+CVE-2002-1971
 	NOT-FOR-US: Sourcecraft Networking Utils
-CVE-2002-1970 (SnortCenter 0.9.5, when configured to push Snort rules, stores the ...)
+CVE-2002-1970
 	NOT-FOR-US: SnortCenter
-CVE-2002-1969 (Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial ...)
+CVE-2002-1969
 	NOT-FOR-US: Magic Notebook
-CVE-2002-1968 (Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and ...)
+CVE-2002-1968
 	NOT-FOR-US: Com21 hardware
-CVE-2002-1967 (Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause ...)
+CVE-2002-1967
 	NOT-FOR-US: XiRCON
-CVE-2002-1966 (Directory traversal vulnerability in magiccard.cgi in My Postcards ...)
+CVE-2002-1966
 	NOT-FOR-US: My Postcards Platinum
-CVE-2002-1965 (Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix ...)
+CVE-2002-1965
 	NOT-FOR-US: Imatix Xitami
-CVE-2002-1964 (Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote ...)
+CVE-2002-1964
 	NOT-FOR-US: phpEventCalender
-CVE-2002-1963 (Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit ...)
+CVE-2002-1963
 	NOTE: No kernels in Sarge or sid affected
-CVE-2002-1962 (Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to ...)
+CVE-2002-1962
 	NOT-FOR-US: SurfinGate
-CVE-2002-1961 (Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to ...)
+CVE-2002-1961
 	NOT-FOR-US: SurfinGate
-CVE-2002-1960 (Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows ...)
+CVE-2002-1960
 	NOT-FOR-US: Cybozu Share
-CVE-2002-1959 (Nagios 1.0b1 through 1.0b3 allows remote attackers to execute ...)
+CVE-2002-1959
 	NOTE: Nagios was packaged for Debian after these vulnerable versions have been released
-CVE-2002-1958 (Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b ...)
+CVE-2002-1958
 	NOT-FOR-US: kmMail
-CVE-2002-1957 (Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and ...)
+CVE-2002-1957
 	- pen <not-affected> (pen was introduced after this old vulnerability)
-CVE-2002-1956 (ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, ...)
+CVE-2002-1956
 	- rox 1.3.0-1
-CVE-2002-1955 (Iomega NAS A300U uses cleartext LANMAN authentication when mounting ...)
+CVE-2002-1955
 	NOT-FOR-US: Iomega hardware issue
-CVE-2002-1954 (Cross-site scripting (XSS) vulnerability in the phpinfo function in ...)
+CVE-2002-1954
 	NOTE: According to http://bugs.php.net/bug.php?id=19881 this only affects a
 	NOTE: php function that displays the PHP logo and version information. In the bug
 	NOTE: log the developers seem unwilling to fix this, as it only affects a debug
@@ -1047,1009 +1047,1009 @@ CVE-2002-1954 (Cross-site scripting (XSS) vulnerability in the phpinfo function
 	NOTE: can not reproduce in any versions of php4 in the archive.
 	- php4 <not-affected> (bug #349260; low)
 	- php5 5.1.1-1 (bug #336654; low)
-CVE-2002-1953 (Heap-based buffer overflow in the goim handler of AOL Instant ...)
+CVE-2002-1953
 	NOT-FOR-US: AIM
-CVE-2002-1952 (phpRank 1.8 does not properly check the return codes for MySQL ...)
+CVE-2002-1952
 	NOT-FOR-US: phpRank
-CVE-2002-1951 (Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to ...)
+CVE-2002-1951
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-1950 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote ...)
+CVE-2002-1950
 	NOT-FOR-US: phpRank
-CVE-2002-1949 (The Network Attached Storage (NAS) Administration Web Page for Iomega ...)
+CVE-2002-1949
 	NOT-FOR-US: Iomega NAS
-CVE-2002-1948 (Multiple buffer overflows in Gringotts 0.5.9 allows local users to ...)
+CVE-2002-1948
 	- gringotts <not-affected> (fixed before Gringotts was in Debian)
-CVE-2002-1947 (Webmin 0.21 through 1.0 uses the same built-in SSL key for all ...)
+CVE-2002-1947
 	- webmin 1.000-2
-CVE-2002-1946 (Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software ...)
+CVE-2002-1946
 	NOT-FOR-US: VNSL
-CVE-2002-1945 (Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote ...)
+CVE-2002-1945
 	NOT-FOR-US: SmailMail
-CVE-2002-1944 (Motorola Surfboard 4200 cable modem allows remote attackers to cause a ...)
+CVE-2002-1944
 	NOT-FOR-US: Motorola Surfboard
-CVE-2002-1943 (SafeTP 1.46, when network address translation (NAT) is being used, ...)
+CVE-2002-1943
 	NOT-FOR-US: SafeTP
-CVE-2002-1942 (Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive ...)
+CVE-2002-1942
 	NOT-FOR-US: Imatix
-CVE-2002-1941 (Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote ...)
+CVE-2002-1941
 	NOT-FOR-US: RadioBird
-CVE-2002-1940 (LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes ...)
+CVE-2002-1940
 	NOT-FOR-US: LCC-Win32
-CVE-2002-1939 (FlashFXP 1.4 prints FTP passwords in plaintext when there are ...)
+CVE-2002-1939
 	NOT-FOR-US: FlashFXP
-CVE-2002-1938 (Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary ...)
+CVE-2002-1938
 	NOT-FOR-US: Virgil CGI Scanner
-CVE-2002-1937 (Symantec Firewall/VPN Appliance 100 through 200R hardcodes the ...)
+CVE-2002-1937
 	NOT-FOR-US: Symantex Appliance
-CVE-2002-1936 (UTStarcom BAS 1000 3.1.10 creates several default or back door ...)
+CVE-2002-1936
 	NOT-FOR-US: UTStarcom
-CVE-2002-1935 (Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1) Call-ID, (2) ...)
+CVE-2002-1935
 	NOT-FOR-US: Pingtel Xpressa
-CVE-2002-1934 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 ...)
+CVE-2002-1934
 	NOT-FOR-US: Pingtel Xpressa
-CVE-2002-1933 (The terminal services screensaver for Microsoft Windows 2000 does not ...)
+CVE-2002-1933
 	NOT-FOR-US: Microsoft
-CVE-2002-1932 (Microsoft Windows XP and Windows 2000, when configured to send ...)
+CVE-2002-1932
 	NOT-FOR-US: Microsoft
-CVE-2002-1931 (Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 ...)
+CVE-2002-1931
 	NOT-FOR-US: PHP Arena
-CVE-2002-1930 (Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote ...)
+CVE-2002-1930
 	NOT-FOR-US: AN HTTPd
-CVE-2002-1929 (Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena ...)
+CVE-2002-1929
 	NOT-FOR-US: PHP Arena
-CVE-2002-1928 (602Pro LAN SUITE 2002 allows remote attackers to view the directory ...)
+CVE-2002-1928
 	NOT-FOR-US: 602Pro LAN SUITE
-CVE-2002-1927 (Aquonics File Manager 1.5 allows users with edit privileges to modify ...)
+CVE-2002-1927
 	NOT-FOR-US: Aquonics File Manager
-CVE-2002-1926 (Directory traversal vulnerability in source.php in Aquonics File ...)
+CVE-2002-1926
 	NOT-FOR-US: Aquonics File Manager
-CVE-2002-1925 (Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to ...)
+CVE-2002-1925
 	NOT-FOR-US: Tiny Personal Firewall
-CVE-2002-1924 (PowerChute plus 5.0.2 creates a &quot;Pwrchute&quot; directory during ...)
+CVE-2002-1924
 	NOT-FOR-US: Powerchute
-CVE-2002-1923 (The default configuration in MySQL 3.20.32 through 3.23.52, when ...)
+CVE-2002-1923
 	- mysql <not-affected> (Windows specific)
-CVE-2002-1922 (Cross-site scripting (XSS) vulnerability in global.php in Jelsoft ...)
+CVE-2002-1922
 	NOT-FOR-US: vBulletin
-CVE-2002-1921 (The default configuration of MySQL 3.20.32 through 3.23.52, when ...)
+CVE-2002-1921
 	- mysql <not-affected> (Windows specific)
-CVE-2002-1920 (Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial ...)
+CVE-2002-1920
 	NOT-FOR-US: FtpXQ
-CVE-2002-1919 (SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows ...)
+CVE-2002-1919
 	NOT-FOR-US: VS-ASP
-CVE-2002-1918 (Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft ...)
+CVE-2002-1918
 	NOT-FOR-US: Microsoft ADO
-CVE-2002-1917 (CRLF injection vulnerability in the &quot;User Profile: Send Email&quot; feature ...)
+CVE-2002-1917
 	NOT-FOR-US: Geeklog
-CVE-2002-1916 (Pirch and RusPirch, when auto-log is enabled, allows remote attackers ...)
+CVE-2002-1916
 	NOT-FOR-US: Pirch
-CVE-2002-1915 (tip on multiple BSD-based operating systems allows local users to ...)
+CVE-2002-1915
 	NOT-FOR-US: tip
-CVE-2002-1914 (dump 0.4 b10 through b29 allows local users to cause a denial of ...)
+CVE-2002-1914
 	- dump 0.4b31-1
-CVE-2002-1913 (phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read ...)
+CVE-2002-1913
 	NOT-FOR-US: myPHPNuke
-CVE-2002-1912 (SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable ...)
+CVE-2002-1912
 	NOT-FOR-US: SkyStream
-CVE-2002-1911 (ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, ...)
+CVE-2002-1911
 	NOT-FOR-US: ZoneAlarm
-CVE-2002-1910 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak ...)
+CVE-2002-1910
 	NOT-FOR-US: Ingenium Learning Management System
-CVE-2002-1909 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the ...)
+CVE-2002-1909
 	NOT-FOR-US: Ingenium Learning Management System
-CVE-2002-1908 (Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of ...)
+CVE-2002-1908
 	NOT-FOR-US: Microsoft IIS
-CVE-2002-1907 (TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause ...)
+CVE-2002-1907
 	NOT-FOR-US: TelCondex
-CVE-2002-1906 (The web server for Polycom ViaVideo 2.2 and 3.0 allows remote ...)
+CVE-2002-1906
 	NOT-FOR-US: ViaVideo
-CVE-2002-1905 (Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 ...)
+CVE-2002-1905
 	NOT-FOR-US: ViaVideo
-CVE-2002-1904 (Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 ...)
+CVE-2002-1904
 	NOT-FOR-US: ghttpd
-CVE-2002-1903 (Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: ...)
+CVE-2002-1903
 	- pine 4.62-1 (low)
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
 	NOTE: checked listed version, and it didn't have the problem
 	NOTE: pine is non-free (alpine is free)
-CVE-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of ...)
+CVE-2002-1902
 	NOT-FOR-US: CGIForum
-CVE-2002-1901 (Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 ...)
+CVE-2002-1901
 	NOT-FOR-US: BBGallery
-CVE-2002-1900 (Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote ...)
+CVE-2002-1900
 	NOT-FOR-US: Pinboard
-CVE-2002-1899 (Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and ...)
+CVE-2002-1899
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2002-1898 (Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute ...)
+CVE-2002-1898
 	NOT-FOR-US: Mac OS X
-CVE-2002-1897 (MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a ...)
+CVE-2002-1897
 	NOT-FOR-US: MyWebserver
-CVE-2002-1896 (Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, ...)
+CVE-2002-1896
 	- alsaplayer 0.99.72-1
-CVE-2002-1895 (The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using ...)
+CVE-2002-1895
 	- tomcat4 <not-affected> (Windows-specific Tomcat problems)
-CVE-2002-1894 (Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB ...)
+CVE-2002-1894
 	- phpbb2 <not-affected> (Debian package not vulnerable, see #316071, 316295)
-CVE-2002-1893 (Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro ...)
+CVE-2002-1893
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2002-1892 (NETGEAR FVS318 running firmware 1.1 stores the username and password ...)
+CVE-2002-1892
 	NOT-FOR-US: Netgear hardware
-CVE-2002-1891 (Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to ...)
+CVE-2002-1891
 	NOT-FOR-US: IRCIT
-CVE-2002-1890 (rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite ...)
+CVE-2002-1890
 	NOT-FOR-US: RedHat specific
-CVE-2002-1889 (Off-by-one buffer overflow in the context_action function in context.c ...)
+CVE-2002-1889
 	NOT-FOR-US: Logsurfer
-CVE-2002-1888 (CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to ...)
+CVE-2002-1888
 	NOT-FOR-US: CommonName Toolbar
-CVE-2002-1887 (PHP remote file inclusion vulnerability in customize.php for ...)
+CVE-2002-1887
 	NOT-FOR-US: phpMyNewsletter
-CVE-2002-1886 (TightAuction 3.0 stores config.inc under the web document root with ...)
+CVE-2002-1886
 	NOT-FOR-US: TightAuction
-CVE-2002-1885 (PHP remote file inclusion vulnerability in showhits.php3 for ...)
+CVE-2002-1885
 	NOT-FOR-US: PPhlogger
-CVE-2002-1884 (index.php in Py-Membres 3.1 allows remote attackers to log in as an ...)
+CVE-2002-1884
 	NOT-FOR-US: Py-Membres
-CVE-2002-1883 (Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the ...)
+CVE-2002-1883
 	- qt-x11-free 2:3.0.4-1
-CVE-2002-1882 (Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business ...)
+CVE-2002-1882
 	NOT-FOR-US: Oracle
-CVE-2002-1881 (Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote ...)
+CVE-2002-1881
 	- flashplugin-nonfree 6.0.61.0-1
-CVE-2002-1880 (LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by ...)
+CVE-2002-1880
 	NOT-FOR-US: LokwaBB
-CVE-2002-1879 (SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers ...)
+CVE-2002-1879
 	NOT-FOR-US: LokwaBB
-CVE-2002-1878 (PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote ...)
+CVE-2002-1878
 	NOT-FOR-US: w-Agora
-CVE-2002-1877 (NETGEAR FM114P allows remote attackers to bypass access restrictions ...)
+CVE-2002-1877
 	NOT-FOR-US: Netgear hardware
-CVE-2002-1876 (Microsoft Exchange 2000 allows remote authenticated attackers to cause ...)
+CVE-2002-1876
 	NOT-FOR-US: Microsoft
-CVE-2002-1875 (Entercept Agent 2.5 agent for Windows, released before May 21, 2002, ...)
+CVE-2002-1875
 	NOT-FOR-US: Entercept Agent
-CVE-2002-1874 (astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers ...)
+CVE-2002-1874
 	NOT-FOR-US: Astrocam
-CVE-2002-1873 (Microsoft Exchange 2000, when used with Microsoft Remote Procedure ...)
+CVE-2002-1873
 	NOT-FOR-US: Microsoft
-CVE-2002-1872 (Microsoft SQL Server 6.0 through 2000, with SQL Authentication ...)
+CVE-2002-1872
 	NOT-FOR-US: Microsoft
-CVE-2002-1871 (pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid ...)
+CVE-2002-1871
 	NOT-FOR-US: Solaris
-CVE-2002-1870 (Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle ...)
+CVE-2002-1870
 	NOT-FOR-US: Simple Web Server
-CVE-2002-1869 (Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does ...)
+CVE-2002-1869
 	NOT-FOR-US: Heysoft EventSave
-CVE-2002-1868 (Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell ...)
+CVE-2002-1868
 	NOT-FOR-US: Dispair
-CVE-2002-1867 (The default configuration of BizDesign ImageFolio 2.23 through 2.26 ...)
+CVE-2002-1867
 	NOT-FOR-US: ImageFolio
-CVE-2002-1866 (Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file ...)
+CVE-2002-1866
 	NOT-FOR-US: Simple Web Server
-CVE-2002-1865 (Buffer overflow in the Embedded HTTP server, as used in (1) D-Link ...)
+CVE-2002-1865
 	NOT-FOR-US: Embedded HTTP server
-CVE-2002-1864 (Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 ...)
+CVE-2002-1864
 	NOT-FOR-US: Simple Web Server
-CVE-2002-1863 (Iomega Network Attached Storage (NAS) A300U, and possibly other ...)
+CVE-2002-1863
 	NOT-FOR-US: Iomega NAS
-CVE-2002-1862 (SmartMail Server 2.0 allows remote attackers to cause a denial of ...)
+CVE-2002-1862
 	NOT-FOR-US: SmartMail Server
-CVE-2002-1861 (Sybase Enterprise Application Server 4.0, when running on Windows, ...)
+CVE-2002-1861
 	NOT-FOR-US: Sybase ASE
-CVE-2002-1860 (Pramati Server 3.0, when running on Windows, allows remote attackers ...)
+CVE-2002-1860
 	NOT-FOR-US: Pramati
-CVE-2002-1859 (Orion Application Server 1.5.3, when running on Windows, allows remote ...)
+CVE-2002-1859
 	NOT-FOR-US: Orion
-CVE-2002-1858 (Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through ...)
+CVE-2002-1858
 	NOT-FOR-US: Oracle
-CVE-2002-1857 (jo! jo Webserver 1.0, when running on Windows, allows remote attackers ...)
+CVE-2002-1857
 	NOT-FOR-US: jo! jo Webserver
-CVE-2002-1856 (HP Application Server 8.0, when running on Windows, allows remote ...)
+CVE-2002-1856
 	NOT-FOR-US: HP Application Server
-CVE-2002-1855 (Macromedia JRun 3.0 through 4.0, when running on Windows, allows ...)
+CVE-2002-1855
 	NOT-FOR-US: Macromedia JRun
-CVE-2002-1854 (Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to ...)
+CVE-2002-1854
 	NOT-FOR-US: rlaj whois.cgi
-CVE-2002-1853 (Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 ...)
+CVE-2002-1853
 	NOT-FOR-US: MyNewsGroups
-CVE-2002-1852 (Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote ...)
+CVE-2002-1852
 	- monkey 0.9.2-1
 	NOTE: Vulnerable code verified not be present in any Debian version
-CVE-2002-1851 (Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute ...)
+CVE-2002-1851
 	NOT-FOR-US: WS_FTP Pro
-CVE-2002-1850 (mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly ...)
+CVE-2002-1850
 	- apache2 2.0.42-1
-CVE-2002-1849 (ParaChat Server 4.0 does not log users off if the browser's back ...)
+CVE-2002-1849
 	NOT-FOR-US: ParaChat
-CVE-2002-1848 (TightVNC before 1.2.4 running on Windows stores unencrypted passwords ...)
+CVE-2002-1848
 	NOT-FOR-US: TightVNC on Windows only
-CVE-2002-1847 (Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) ...)
+CVE-2002-1847
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2002-1846 (Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a ...)
+CVE-2002-1846
 	NOT-FOR-US: YaBB
-CVE-2002-1845 (Cross-site scripting (XSS) vulnerability in index.php in Yet Another ...)
+CVE-2002-1845
 	NOT-FOR-US: YaBB
-CVE-2002-1844 (Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, ...)
+CVE-2002-1844
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2002-1843 (Perlbot 1.9.2 allows remote attackers to execute arbitrary commands ...)
+CVE-2002-1843
 	NOT-FOR-US: Perlbot
-CVE-2002-1842 (Perlbot 1.0 beta allows remote attackers to execute arbitrary commands ...)
+CVE-2002-1842
 	NOT-FOR-US: Perlbot
-CVE-2002-1841 (The document management module in NOLA 1.1.1 and 1.1.2 does not ...)
+CVE-2002-1841
 	NOT-FOR-US: Nogusta NOLA
-CVE-2002-1840 (irssi IRC client 0.8.4, when downloaded after 14-March-2002, could ...)
+CVE-2002-1840
 	NOT-FOR-US: some irssi tarballs contained a backdoor
-CVE-2002-1839 (Trend Micro InterScan VirusWall for Windows NT 3.52 does not record ...)
+CVE-2002-1839
 	NOT-FOR-US: Trend Micro InterScan VirusWall (Windows NT 3.52)
-CVE-2002-1838 (Charities.cron 1.0.2 through 1.6.0 allows local users to write to ...)
+CVE-2002-1838
 	NOT-FOR-US: Charities.cron
-CVE-2002-1837 (The getAlbumToDisplay function in idsShared.pm for Image Display ...)
+CVE-2002-1837
 	NOT-FOR-US: Image Display System
-CVE-2002-1836 (The default configuration of Xerox DocuTech 6110 and DocuTech 6115 ...)
+CVE-2002-1836
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1835 (The default configuration of Xerox DocuTech 6110 and DocuTech 6115 ...)
+CVE-2002-1835
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1834 (The default configuration of Xerox DocuTech 6110 and DocuTech 6115 ...)
+CVE-2002-1834
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1833 (The default configurations for DocuTech 6110 and DocuTech 6115 have a ...)
+CVE-2002-1833
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1832 (Unknown vulnerability in the &quot;ipopts decode&quot; functionality in ...)
+CVE-2002-1832
 	NOT-FOR-US: Firestorm IDS
-CVE-2002-1831 (Microsoft MSN Messenger Service 1.0 through 4.6 allows remote ...)
+CVE-2002-1831
 	NOT-FOR-US: Microsoft MSN Messenger Service
-CVE-2002-1830 (Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to ...)
+CVE-2002-1830
 	NOT-FOR-US: Open Bulletin Board
-CVE-2002-1829 (Cross-site scripting (XSS) vulnerability in codeparse.php in Open ...)
+CVE-2002-1829
 	NOT-FOR-US: Open Bulletin Board
-CVE-2002-1828 (Savant Webserver 3.1 allows remote attackers to cause a denial of ...)
+CVE-2002-1828
 	NOT-FOR-US: Savant Webserver
-CVE-2002-1827 (Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of ...)
+CVE-2002-1827
 	- sendmail 8.12-4
-CVE-2002-1826 (grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass ...)
+CVE-2002-1826
 	- kernel-patch-2.4-grsecurity 1.9.6-1
-CVE-2002-1825 (Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 ...)
+CVE-2002-1825
 	NOT-FOR-US: WASD
-CVE-2002-1824 (Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a ...)
+CVE-2002-1824
 	NOT-FOR-US: MSIE
-CVE-2002-1823 (Buffer overflow in the HttpGetRequest function in Zeroo HTTP server ...)
+CVE-2002-1823
 	NOT-FOR-US: Zeroo
-CVE-2002-1822 (IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the ...)
+CVE-2002-1822
 	NOT-FOR-US: IBM HTTP Server on AS/400
-CVE-2002-1821 (Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated ...)
+CVE-2002-1821
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2002-1820 (register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an ...)
+CVE-2002-1820
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2002-1819 (Directory traversal vulnerability in TinyHTTPD 0.1 .0 allows remote ...)
+CVE-2002-1819
 	NOT-FOR-US: TinyHTTPD
-CVE-2002-1818 (ezhttpbench.php in eZ httpbench 1.1 allows remote attackers to read ...)
+CVE-2002-1818
 	NOT-FOR-US: httpbench
-CVE-2002-1817 (Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for ...)
+CVE-2002-1817
 	NOT-FOR-US: Veritas
-CVE-2002-1816 (Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ...)
+CVE-2002-1816
 	NOT-FOR-US: ATPhttpd
-CVE-2002-1815 (Directory traversal vulnerability in source.php and source.cgi in ...)
+CVE-2002-1815
 	NOT-FOR-US: Aquonics
-CVE-2002-1814 (Buffer overflow in efstools in Bonobo, when installed setuid, allows ...)
+CVE-2002-1814
 	- bonobo <not-affected> (efstool not suid on Debian)
-CVE-2002-1813 (Directory traversal vulnerability in AOL Instant Messenger (AIM) ...)
+CVE-2002-1813
 	NOT-FOR-US: AIM
-CVE-2002-1812 (Buffer overflow in gdam123 0.933 and 0.942 allows local users to ...)
+CVE-2002-1812
 	NOT-FOR-US: gdam123
-CVE-2002-1811 (Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 ...)
+CVE-2002-1811
 	NOT-FOR-US: Belkin F5D6130 Wireless Network Access Point
-CVE-2002-1810 (D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to ...)
+CVE-2002-1810
 	NOT-FOR-US: D-Link DWL-900AP+ Access Point
-CVE-2002-1809 (The default configuration of the Windows binary release of MySQL ...)
+CVE-2002-1809
 	NOT-FOR-US: MySQL windows binary
-CVE-2002-1808 (Cross-site scripting (XSS) vulnerability in Meunity Community System ...)
+CVE-2002-1808
 	NOT-FOR-US: Meunity
-CVE-2002-1807 (Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows ...)
+CVE-2002-1807
 	NOT-FOR-US: phpWebSite
-CVE-2002-1806 (Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote ...)
+CVE-2002-1806
 	NOT-FOR-US: Drupal
-CVE-2002-1805 (Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote ...)
+CVE-2002-1805
 	- dacode <removed> (bug #322605; low)
 	[sarge] - dacode <no-dsa> (Minor issue; attacker would need to bypass moderator review/approval)
 	NOTE: Sarge is affected (has same version as testing/unstable)
-CVE-2002-1804 (Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote ...)
+CVE-2002-1804
 	NOT-FOR-US: NPDS
-CVE-2002-1803 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote ...)
+CVE-2002-1803
 	NOT-FOR-US: PHP-Nuke
-CVE-2002-1802 (Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows ...)
+CVE-2002-1802
 	NOT-FOR-US: Xoops
-CVE-2002-1801 (ImageFolio 2.23 through 2.27 allows remote attackers to obtain ...)
+CVE-2002-1801
 	NOT-FOR-US: ImageFolio
-CVE-2002-1800 (phpRank 1.8 stores the administrative password in plaintext on the ...)
+CVE-2002-1800
 	NOT-FOR-US: phpRank
-CVE-2002-1799 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote ...)
+CVE-2002-1799
 	NOT-FOR-US: phpRank
-CVE-2002-1798 (MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) ...)
+CVE-2002-1798
 	NOT-FOR-US: MidiCart
-CVE-2002-1797 (ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and ...)
+CVE-2002-1797
 	NOT-FOR-US: ChaiVM
-CVE-2002-1796 (ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet ...)
+CVE-2002-1796
 	NOT-FOR-US: ChaiVM
-CVE-2002-1795 (Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft ...)
+CVE-2002-1795
 	NOT-FOR-US: Microsoft
-CVE-2002-1794 (Unknown vulnerability in pam_authz in the LDAP-UX Integration product ...)
+CVE-2002-1794
 	NOT-FOR-US: HP ldapux-pamauthz
-CVE-2002-1793 (HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS ...)
+CVE-2002-1793
 	NOT-FOR-US: HP Virtualvault OS
-CVE-2002-1792 (Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers ...)
+CVE-2002-1792
 	NOT-FOR-US: Fake Identd
-CVE-2002-1791 (SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with ...)
+CVE-2002-1791
 	NOT-FOR-US: SGI IRIX
-CVE-2002-1790 (The SMTP service in Microsoft Internet Information Services (IIS) 4.0 ...)
+CVE-2002-1790
 	NOT-FOR-US: microsoft
-CVE-2002-1789 (Format string vulnerability in newsx NNTP client before 1.4.8 allows ...)
+CVE-2002-1789
 	- newsx 1.4pl6.0-2
-CVE-2002-1788 (Format string vulnerability in the nn_exitmsg function in nn 6.6.0 ...)
+CVE-2002-1788
 	- nn 6.6.4-1
-CVE-2002-1787 (Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through ...)
+CVE-2002-1787
 	NOT-FOR-US: SGI IRIX
-CVE-2002-1786 (SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, ...)
+CVE-2002-1786
 	NOT-FOR-US: SGI IRIX
-CVE-2002-1785 (Cross-site scripting (XSS) vulnerability in Zeus Administration Server ...)
+CVE-2002-1785
 	NOT-FOR-US: Zeus Administration Server
-CVE-2002-1784 (Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a ...)
+CVE-2002-1784
 	NOT-FOR-US: HP Tru64
-CVE-2002-1783 (CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when ...)
+CVE-2002-1783
 	- php4 4:4.3.10-15
-CVE-2002-1782 (The default configuration of University of Washington IMAP daemon ...)
+CVE-2002-1782
 	- uw-imap 7:2002ddebian1-2 (bug #315499; unimportant)
 	NOTE: This only applies to very exotic setups. It's also documented in the FAQ
 	NOTE: and if someone has such a setup she will have to recompile the package with
 	NOTE: the security features enabled.
-CVE-2002-1781 (Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote ...)
+CVE-2002-1781
 	NOT-FOR-US: DeleGate
-CVE-2002-1780 (BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a ...)
+CVE-2002-1780
 	NOT-FOR-US: BPM Studio Pro
-CVE-2002-1779 (The &quot;block fragmented IP Packets&quot; option in Symantec Norton Personal ...)
+CVE-2002-1779
 	NOT-FOR-US: Norton
-CVE-2002-1778 (Symantec Norton Personal Firewall 2002 allows remote attackers to ...)
+CVE-2002-1778
 	NOT-FOR-US: Norton
-CVE-2002-1777 (** DISPUTED ** ...)
+CVE-2002-1777
 	NOT-FOR-US: Symantec
-CVE-2002-1776 (** DISPUTED ** ...)
+CVE-2002-1776
 	NOT-FOR-US: Symantec
-CVE-2002-1775 (** DISPUTED ** ...)
+CVE-2002-1775
 	NOT-FOR-US: Symantec
-CVE-2002-1774 (** DISPUTED ** ...)
+CVE-2002-1774
 	NOT-FOR-US: Symantec
-CVE-2002-1773 (Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows ...)
+CVE-2002-1773
 	NOT-FOR-US: ICQ for MacOS X
-CVE-2002-1772 (Novell Netware 5.0 through 5.1 may allow local users to gain &quot;Domain ...)
+CVE-2002-1772
 	NOT-FOR-US: Novell Netware
-CVE-2002-1771 (Matt Wright FormMail 1.9 and earlier allows remote attackers to send ...)
+CVE-2002-1771
 	NOT-FOR-US: FormMail
-CVE-2002-1770 (Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code ...)
+CVE-2002-1770
 	NOT-FOR-US: Eudora
-CVE-2002-1769 (Microsoft Site Server 3.0 prior to SP4 installs a default user, ...)
+CVE-2002-1769
 	NOT-FOR-US: Microsoft
-CVE-2002-1768 (Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows ...)
+CVE-2002-1768
 	NOT-FOR-US: Cisco
-CVE-2002-1767 (Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for ...)
+CVE-2002-1767
 	NOT-FOR-US: Oracle
-CVE-2002-1766 (Buffer overflow in Composer in Netscape 4.77 allows local users to ...)
+CVE-2002-1766
 	NOT-FOR-US: Netscape
 	NOTE: didn't check mozilla
-CVE-2002-1765 (Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of ...)
+CVE-2002-1765
 	- evolution 1.0.5
-CVE-2002-1764 (acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to ...)
+CVE-2002-1764
 	NOT-FOR-US: acrobat
-CVE-2002-1763 (The dtscreen Sun Solaris 8 CDE screensaver crashes when the &quot;Shift&quot; ...)
+CVE-2002-1763
 	NOT-FOR-US: dtscreen Sun Solaris 8 CDE screensaver
-CVE-2002-1762 (Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans ...)
+CVE-2002-1762
 	NOT-FOR-US: Microsoft
-CVE-2002-1761 (Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows ...)
+CVE-2002-1761
 	NOT-FOR-US: PHProjekt
-CVE-2002-1760 (Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 ...)
+CVE-2002-1760
 	NOT-FOR-US: PHProjekt
-CVE-2002-1759 (The upload function in PHProjekt 2.0 through 3.1 does not properly ...)
+CVE-2002-1759
 	NOT-FOR-US: PHProjekt
-CVE-2002-1758 (PHProjekt 2.0 through 3.1 allows remote attackers to view or modify ...)
+CVE-2002-1758
 	NOT-FOR-US: PHProjekt
-CVE-2002-1757 (PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for ...)
+CVE-2002-1757
 	NOT-FOR-US: PHProjekt
-CVE-2002-1756 (ACDSee 4.0 allows remote attackers to cause a denial of service ...)
+CVE-2002-1756
 	NOT-FOR-US: ACDSee
-CVE-2002-1755 (tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, ...)
+CVE-2002-1755
 	- tinc 1.0pre5
-CVE-2002-1754 (Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows ...)
+CVE-2002-1754
 	NOT-FOR-US: Novell NetWare
-CVE-2002-1753 (csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows ...)
+CVE-2002-1753
 	NOT-FOR-US: csNews
-CVE-2002-1752 (csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers ...)
+CVE-2002-1752
 	NOT-FOR-US: csChat-R-Box
-CVE-2002-1751 (csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote ...)
+CVE-2002-1751
 	NOT-FOR-US: csLiveSupport
-CVE-2002-1750 (csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote ...)
+CVE-2002-1750
 	NOT-FOR-US: csGuestbook
-CVE-2002-1749 (Windows 2000 Terminal Services, when using the disconnect feature of ...)
+CVE-2002-1749
 	NOT-FOR-US: Windows 2000 Terminal Services
-CVE-2002-1748 (Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in ...)
+CVE-2002-1748
 	- slash 2.2.3
-CVE-2002-1747 (Vtun 2.5b1 does not authenticate forwarded packets, which allows ...)
+CVE-2002-1747
 	- vtun 2.5b2
-CVE-2002-1746 (Vtun 2.5b1 allows remote attackers to inject data into user sessions ...)
+CVE-2002-1746
 	- vtun 2.5b2
-CVE-2002-1745 (Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS ...)
+CVE-2002-1745
 	NOT-FOR-US: Microsoft
-CVE-2002-1744 (Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 ...)
+CVE-2002-1744
 	NOT-FOR-US: Microsoft
-CVE-2002-1743 (AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of ...)
+CVE-2002-1743
 	NOT-FOR-US: AOL ICQ
-CVE-2002-1742 (SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary ...)
+CVE-2002-1742
 	- soap-lite 0.55
-CVE-2002-1741 (Directory traversal vulnerability in WorldClient.cgi in WorldClient ...)
+CVE-2002-1741
 	NOT-FOR-US: WorldClient
-CVE-2002-1740 (Buffer overflow in WorldClient.cgi in WorldClient in Alt-N ...)
+CVE-2002-1740
 	NOT-FOR-US: WorldClient
-CVE-2002-1739 (Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption ...)
+CVE-2002-1739
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2002-1738 (Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default ...)
+CVE-2002-1738
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2002-1737 (Astaro Security Linux 2.016 creates world-writable files and ...)
+CVE-2002-1737
 	NOT-FOR-US: Astaro Security Linux
-CVE-2002-1736 (Unknown vulnerability in CGINews before 1.06 allow remote attackers to ...)
+CVE-2002-1736
 	NOT-FOR-US: CGINews
-CVE-2002-1735 (Buffer overflow in dlogin 1.0a could allow local users to gain ...)
+CVE-2002-1735
 	NOT-FOR-US: dlogin
-CVE-2002-1734 (NewsPro 1.01 allows remote attackers to gain unauthorized ...)
+CVE-2002-1734
 	NOT-FOR-US: NewsPro
-CVE-2002-1733 (Cross-site scripting (XSS) vulnerability in the web-based message ...)
+CVE-2002-1733
 	NOT-FOR-US: Prospero MessageBoards
-CVE-2002-1732 (Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog ...)
+CVE-2002-1732
 	NOT-FOR-US: Actinic Catalog
-CVE-2002-1731 (The System Request menu in IBM AS/400 allows local users to list valid ...)
+CVE-2002-1731
 	NOT-FOR-US: IBM AS/400
-CVE-2002-1730 (ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary ...)
+CVE-2002-1730
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2002-1729 (Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 ...)
+CVE-2002-1729
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2002-1728 (askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine ...)
+CVE-2002-1728
 	NOT-FOR-US: askSam Web Publisher
-CVE-2002-1727 (Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) ...)
+CVE-2002-1727
 	NOT-FOR-US: askSam Web Publisher
-CVE-2002-1726 (secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass ...)
+CVE-2002-1726
 	NOT-FOR-US: PhotoDB
-CVE-2002-1725 (phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain ...)
+CVE-2002-1725
 	NOT-FOR-US: PHPImageView
-CVE-2002-1724 (Cross-site scripting vulnerability (XSS) in phpimageview.php for ...)
+CVE-2002-1724
 	NOT-FOR-US: PHPImageView
-CVE-2002-1723 (Powerboards 2.2b allows remote attackers to view the full path to the ...)
+CVE-2002-1723
 	NOT-FOR-US: Powerboards
-CVE-2002-1722 (Logitech iTouch keyboards allows attackers with physical access to the ...)
+CVE-2002-1722
 	NOT-FOR-US: microsoft
-CVE-2002-1721 (Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote ...)
+CVE-2002-1721
 	- altermime <not-affected> (fixed before the first Debian upload)
-CVE-2002-1720 (SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows ...)
+CVE-2002-1720
 	NOT-FOR-US: Spooky Login
-CVE-2002-1719 (Unknown vulnerability in Bavo 0.3 allows remote attackers to modify ...)
+CVE-2002-1719
 	NOT-FOR-US: Bavo
-CVE-2002-1718 (Microsoft Internet Information Server (IIS) 5.1 may allow remote ...)
+CVE-2002-1718
 	NOT-FOR-US: microsoft
-CVE-2002-1717 (Microsoft Internet Information Server (IIS) 5.1 allows remote ...)
+CVE-2002-1717
 	NOT-FOR-US: microsoft
-CVE-2002-1716 (The Host() function in the Microsoft spreadsheet component on ...)
+CVE-2002-1716
 	NOT-FOR-US: microsoft
-CVE-2002-1715 (SSH 1 through 3, and possibly other versions, allows local users to ...)
+CVE-2002-1715
 	- openssh <not-affected> ("SecurityFocus staff have been unable to reproduce this vulnerability with OpenSSH version 3.1p1.")
-CVE-2002-1714 (Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to ...)
+CVE-2002-1714
 	NOT-FOR-US: microsoft
-CVE-2002-1713 (The Standard security setting for Mandrake-Security package (msec) in ...)
+CVE-2002-1713
 	NOT-FOR-US: msec
-CVE-2002-1712 (Microsoft Windows 2000 allows remote attackers to cause a denial of ...)
+CVE-2002-1712
 	NOT-FOR-US: microsoft
-CVE-2002-1711 (BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX ...)
+CVE-2002-1711
 	NOT-FOR-US: BasiliX
-CVE-2002-1710 (The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 ...)
+CVE-2002-1710
 	NOT-FOR-US: BasiliX
-CVE-2002-1709 (SQL injection vulnerability in BasiliX Webmail 1.10 allows remote ...)
+CVE-2002-1709
 	NOT-FOR-US: BasiliX
-CVE-2002-1708 (Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 ...)
+CVE-2002-1708
 	NOT-FOR-US: BasiliX
-CVE-2002-1707 (install.php in phpBB 2.0 through 2.0.1, when &quot;allow_url_fopen&quot; and ...)
+CVE-2002-1707
 	- phpbb2 2.0.6c-1
-CVE-2002-1706 (Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and ...)
+CVE-2002-1706
 	NOT-FOR-US: Cisco
-CVE-2002-1705 (Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to ...)
+CVE-2002-1705
 	NOT-FOR-US: microsoft
-CVE-2002-1704 (Zeroboard 4.1, when the &quot;allow_url_fopen&quot; and &quot;register_globals&quot; ...)
+CVE-2002-1704
 	NOT-FOR-US: Zeroboard
-CVE-2002-1703 (Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft ...)
+CVE-2002-1703
 	NOT-FOR-US: NetAuction
-CVE-2002-1702 (Cross-site scripting vulnerability (XSS) in DeltaScripts PHP ...)
+CVE-2002-1702
 	NOT-FOR-US: DeltaScripts PHP Classifieds
-CVE-2002-1700 (Cross-site scripting vulnerability (XSS) in the missing template ...)
+CVE-2002-1700
 	NOT-FOR-US: ColdFusion
-CVE-2002-1699 (SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 ...)
+CVE-2002-1699
 	NOT-FOR-US: ASP Client Check
-CVE-2002-1698 (Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 ...)
+CVE-2002-1698
 	NOT-FOR-US: Microsoft
-CVE-2002-1697 (Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak ...)
+CVE-2002-1697
 	- vtun 2.6-1
-CVE-2002-1696 (Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently ...)
+CVE-2002-1696
 	NOT-FOR-US: Microsoft Outlook plugin
-CVE-2002-1695 (Norton Internet Security 2001 opens log files with FILE_SHARE_READ and ...)
+CVE-2002-1695
 	NOT-FOR-US: Norton
-CVE-2002-1694 (Microsoft Internet Information Server (IIS) 4.0 opens log files with ...)
+CVE-2002-1694
 	NOT-FOR-US: Microsoft
-CVE-2002-1692 (Buffer overflow in backup utility of Microsoft Windows 95 allows ...)
+CVE-2002-1692
 	NOT-FOR-US: Microsoft
-CVE-2002-1691 (Alcatel OmniPCX 4400 installs known user accounts and passwords in the ...)
+CVE-2002-1691
 	NOT-FOR-US: Alcatel hardware issue
-CVE-2002-1690 (Unknown vulnerability in AIX before 4.0 with unknown attack vectors ...)
+CVE-2002-1690
 	NOT-FOR-US: AIX
-CVE-2002-1689 (Unknown vulnerability in the login program on AIX before 4.0 could ...)
+CVE-2002-1689
 	NOT-FOR-US: AIX
-CVE-2002-1688 (The browser history feature in Microsoft Internet Explorer 5.5 through ...)
+CVE-2002-1688
 	NOT-FOR-US: Microsoft
-CVE-2002-1687 (Buffer overflow in the diagnostics library in AIX allows local users ...)
+CVE-2002-1687
 	NOT-FOR-US: AIX
-CVE-2002-1686 (Buffer overflow in lscfg of unknown versions of AIX has unknown ...)
+CVE-2002-1686
 	NOT-FOR-US: AIX
-CVE-2002-1685 (Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition ...)
+CVE-2002-1685
 	NOT-FOR-US: BadBlue Enterprise Edition
-CVE-2002-1684 (Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) ...)
+CVE-2002-1684
 	NOT-FOR-US: Deerfield D2Gfx
-CVE-2002-1683 (Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition ...)
+CVE-2002-1683
 	NOT-FOR-US: BadBlue Personal Edition
-CVE-2002-1682 (NewsReactor 1.0 uses a weak encryption scheme, which could allow local ...)
+CVE-2002-1682
 	NOT-FOR-US: NewsReactor
-CVE-2002-1681 (Cross-site scripting (XSS) vulnerability in Slashcode CVS releases ...)
+CVE-2002-1681
 	- slash <not-affected> (Only present in intermediate CVS version, not released in Debian)
-CVE-2002-1680 (Cross-site scripting (XSS) vulnerability in CGI Online Worldweb ...)
+CVE-2002-1680
 	NOT-FOR-US: COWS
-CVE-2002-1679 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 ...)
+CVE-2002-1679
 	NOT-FOR-US: vBulletin
-CVE-2002-1678 (Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft ...)
+CVE-2002-1678
 	NOT-FOR-US: vBulletin
-CVE-2002-1677 (14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine ...)
+CVE-2002-1677
 	NOT-FOR-US: mrtgconfig
-CVE-2002-1676 (BindView NetInventory 1.0, when used with NetRC 1.0, allows local ...)
+CVE-2002-1676
 	NOT-FOR-US: BindView NetInventory
-CVE-2002-1675 (Format string vulnerability in the Cio_PrintF function of cio_main.c ...)
+CVE-2002-1675
 	NOT-FOR-US: Unreal IRCd
-CVE-2002-1674 (procfs on FreeBSD before 4.5 allows local users to cause a denial of ...)
+CVE-2002-1674
 	- kfreebsd-source <not-affected> (kfreebsd/Debian uses a much more recent kernel)
-CVE-2002-1673 (The web interface for Webmin 0.92 does not properly quote or filter ...)
+CVE-2002-1673
 	- webmin 0.93 (medium)
-CVE-2002-1672 (Webmin 0.92, when installed from an RPM, creates /var/webmin with ...)
+CVE-2002-1672
 	- webmin <not-affected> (packaging flaw of an unknown RPM based distro)
 	NOTE: Permissions of Debian's webmin package look sane and FHS compliant
-CVE-2002-1671 (Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers ...)
+CVE-2002-1671
 	NOT-FOR-US: Microsoft
-CVE-2002-1670 (Microsoft Windows XP Professional upgrade edition overwrites ...)
+CVE-2002-1670
 	NOT-FOR-US: Microsoft
-CVE-2002-1669 (pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with ...)
+CVE-2002-1669
 	NOT-FOR-US: FreeBSD
-CVE-2002-1668 (HP-UX 11.11 and earlier allows local users to cause a denial of ...)
+CVE-2002-1668
 	NOT-FOR-US: HP-UX
-CVE-2002-1667 (The virtual memory management system in FreeBSD 4.5-RELEASE and ...)
+CVE-2002-1667
 	- kfreebsd-source <not-affected> (kfreebsd/Debian uses a much more recent kernel)
-CVE-2002-1666 (Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 ...)
+CVE-2002-1666
 	NOT-FOR-US: Oracle
-CVE-2002-1665 (Buffer overflow in Yahoo! Messenger before February 2002 allows remote ...)
+CVE-2002-1665
 	NOT-FOR-US: Yahoo Messenger
-CVE-2002-1664 (Yahoo! Messenger before February 2002 allows remote attackers to add ...)
+CVE-2002-1664
 	NOT-FOR-US: Yahoo Messenger
-CVE-2002-1663 (The Post_Method function in method.c for Monkey HTTP Daemon before ...)
+CVE-2002-1663
 	NOT-FOR-US: Monkey
-CVE-2002-1662 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site ...)
+CVE-2002-1662
 	NOT-FOR-US: Mambo
-CVE-2002-1660 (calendar.php in vBulletin before 2.2.0 allows remote attackers to ...)
+CVE-2002-1660
 	NOT-FOR-US: vBulletin
-CVE-2002-1659 (user_profile.asp in PortalApp 2.2 allows local users to gain ...)
+CVE-2002-1659
 	NOT-FOR-US: PortalApp
-CVE-2002-1661 (The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote ...)
+CVE-2002-1661
 	- leafnode <not-affected> (Leafnode2 development branch)
-CVE-2002-1658 (Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow ...)
+CVE-2002-1658
 	- apache 1.3.31-1
-CVE-2002-1657 (PostgreSQL uses the username for a salt when generating passwords, ...)
+CVE-2002-1657
 	- postgresql <unfixed> (unimportant)
 	NOTE: This is not a real world problem; it's only applicable in rare circurstances
 	NOTE: like someone analysing stolen user database information and even then the gain
 	NOTE: is slim. In that case SHA256 hashes would be more appropriate anyway.
-CVE-2002-1656 (X-News (x_news) 1.1 and earlier allows attackers to authenticate as ...)
+CVE-2002-1656
 	NOT-FOR-US: X-News
-CVE-2002-1655 (The Web Publishing feature in Netscape Enterprise Server 3.x and ...)
+CVE-2002-1655
 	NOT-FOR-US: Netscape Enterprise Server
-CVE-2002-1654 (iPlanet Web Server Enterprise Edition and Netscape Enterprise Server ...)
+CVE-2002-1654
 	NOT-FOR-US: iPlanet Web Server Enterprise Edition and Netscape Enterprise Server
-CVE-2002-1653 (Farm9 Cryptcat, when started in server mode with the -e option, does ...)
+CVE-2002-1653
 	- cryptcat 20031202-2
 	NOTE: don't know when it was fixed, verified above version is ok
-CVE-2002-1652 (Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers ...)
+CVE-2002-1652
 	- cgiemail 1.6-14
-CVE-2002-1651 (Cross-site scripting (XSS) vulnerability in Verity Search97 allows ...)
+CVE-2002-1651
 	NOT-FOR-US: Verity Search97
-CVE-2002-1650 (The spell checker plugin (check_me.mod.php) for SquirrelMail before ...)
+CVE-2002-1650
 	- squirrelmail 1:1.2.3
-CVE-2002-1649 (Cross-site scripting (XSS) vulnerability in read_body.php in ...)
+CVE-2002-1649
 	- squirrelmail 1:1.2.3
-CVE-2002-1648 (Cross-site request forgery (CSRF) vulnerability in compose.php in ...)
+CVE-2002-1648
 	- squirrelmail 1:1.2.3
-CVE-2002-1647 (The quick login feature in Slash Slashcode does not redirect the user ...)
+CVE-2002-1647
 	- slash 2.2.6-8 (bug #160579; low)
 	[sarge] - slash <no-dsa> (Minor security implications)
-CVE-2002-1646 (SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to ...)
+CVE-2002-1646
 	NOT-FOR-US: commercial ssh
-CVE-2002-1645 (Buffer overflow in the URL catcher feature for SSH Secure Shell for ...)
+CVE-2002-1645
 	NOT-FOR-US: commercial ssh
-CVE-2002-1644 (SSH Secure Shell for Servers and SSH Secure Shell for Workstations ...)
+CVE-2002-1644
 	NOT-FOR-US: commercial ssh
-CVE-2002-1643 (Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 ...)
+CVE-2002-1643
 	NOT-FOR-US: RealNetworks Helix Universal Server
-CVE-2002-1642 (PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction ...)
+CVE-2002-1642
 	- postgresql 7.2.3
-CVE-2002-1641 (Multiple buffer overflows in Oracle Web Cache for Oracle 9i ...)
+CVE-2002-1641
 	NOT-FOR-US: Oracle
-CVE-2002-1640 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle ...)
+CVE-2002-1640
 	NOT-FOR-US: Oracle
-CVE-2002-1639 (Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote ...)
+CVE-2002-1639
 	NOT-FOR-US: Oracle
 CVE-2002-1638
 	REJECTED
-CVE-2002-1637 (Multiple components in Oracle 9i Application Server (9iAS) are ...)
+CVE-2002-1637
 	NOT-FOR-US: Oracle
-CVE-2002-1636 (Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for ...)
+CVE-2002-1636
 	NOT-FOR-US: Oracle
-CVE-2002-1635 (The Apache configuration file (httpd.conf) in Oracle 9i Application ...)
+CVE-2002-1635
 	NOT-FOR-US: Oracle
-CVE-2002-1634 (Novell NetWare 5.1 installs sample applications that allow remote ...)
+CVE-2002-1634
 	NOT-FOR-US: NetWare
-CVE-2002-1633 (Multiple buffer overflows in QNX 4.25 may allow local users to execute ...)
+CVE-2002-1633
 	NOT-FOR-US: QNX
-CVE-2002-1632 (Oracle 9i Application Server (9iAS) installs multiple sample pages ...)
+CVE-2002-1632
 	NOT-FOR-US: Oracle
-CVE-2002-1631 (SQL injection vulnerability in the query.xsql sample page in Oracle 9i ...)
+CVE-2002-1631
 	NOT-FOR-US: Oracle
-CVE-2002-1630 (The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) ...)
+CVE-2002-1630
 	NOT-FOR-US: Oracle
-CVE-2002-1629 (Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, ...)
+CVE-2002-1629
 	NOT-FOR-US: Multi-Tech ProxyServer
-CVE-2002-1628 (Directory traversal vulnerability in vote.cgi for Mike Spice Mike's ...)
+CVE-2002-1628
 	NOT-FOR-US: Mike Spice Mike's Vote CGI
-CVE-2002-1627 (Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! ...)
+CVE-2002-1627
 	NOT-FOR-US: Mike Spice Quiz CGI
-CVE-2002-1626 (Directory traversal vulnerability in Mike Spice My Calendar before 1.5 ...)
+CVE-2002-1626
 	NOT-FOR-US: Mike Spice My Calendar
-CVE-2002-1625 (Macromedia Flash Player 6 does not terminate connections when the user ...)
+CVE-2002-1625
 	- flashplugin-nonfree 6.0.61.0-1
-CVE-2002-1624 (Buffer overflow in Lotus Domino web server before R5.0.10, when ...)
+CVE-2002-1624
 	NOT-FOR-US: Lotus Domino
-CVE-2002-1623 (The design of the Internet Key Exchange (IKE) protocol, when using ...)
+CVE-2002-1623
 	NOT-FOR-US: General protocol flaw, cannot be fixed
-CVE-2002-1622 (Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow ...)
+CVE-2002-1622
 	NOT-FOR-US: AIX
-CVE-2002-1621 (Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and ...)
+CVE-2002-1621
 	NOT-FOR-US: AIX
-CVE-2002-1620 (Unknown vulnerability in IBM AIX Parallel Systems Support Programs ...)
+CVE-2002-1620
 	NOT-FOR-US: AIX
-CVE-2002-1619 (Buffer overflow in the FC client for IBM AIX 4.3.x allows remote ...)
+CVE-2002-1619
 	NOT-FOR-US: AIX
-CVE-2002-1618 (JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not ...)
+CVE-2002-1618
 	NOT-FOR-US: HP-UX
-CVE-2002-1617 (Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to ...)
+CVE-2002-1617
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1616 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+CVE-2002-1616
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1615 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+CVE-2002-1615
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1614 (Buffer overflow in HP Tru64 UNIX allows local users to execute ...)
+CVE-2002-1614
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1613 (Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f ...)
+CVE-2002-1613
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1612 (Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+CVE-2002-1612
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1611 (Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+CVE-2002-1611
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1610 (Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, ...)
+CVE-2002-1610
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1609 (Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+CVE-2002-1609
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1608 (Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, ...)
+CVE-2002-1608
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1607 (Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+CVE-2002-1607
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1606 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+CVE-2002-1606
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1605 (Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f ...)
+CVE-2002-1605
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1604 (Multiple buffer overflows in HP Tru64 UNIX allow local and possibly ...)
+CVE-2002-1604
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1603 (GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain ...)
+CVE-2002-1603
 	NOT-FOR-US: GoAhead Web Server
-CVE-2002-1602 (Buffer overflow in the Braille module for GNU screen 3.9.11, when ...)
+CVE-2002-1602
 	- screen <not-affected> (HAVE_BRAILLE not set in binary build)
-CVE-2002-1601 (The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe ...)
+CVE-2002-1601
 	NOT-FOR-US: Adobe PhotoDeluxe
-CVE-2002-1600 (Directory traversal vulnerability in Mike Spice's My Classifieds ...)
+CVE-2002-1600
 	NOT-FOR-US: Mike Spice's My Classifieds
-CVE-2002-1599 (DansGuardian before 2.4.5-1 allows remote attackers to bypass content ...)
+CVE-2002-1599
 	- dansguardian 2.4.5-1
-CVE-2002-1598 (Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and ...)
+CVE-2002-1598
 	NOT-FOR-US: Computer Associates MLink
-CVE-2002-1597 (Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote ...)
+CVE-2002-1597
 	NOT-FOR-US: Cisco
-CVE-2002-1596 (Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote ...)
+CVE-2002-1596
 	NOT-FOR-US: Cisco
-CVE-2002-1595 (Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to ...)
+CVE-2002-1595
 	NOT-FOR-US: Cisco
-CVE-2002-1594 (Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a ...)
+CVE-2002-1594
 	- shadow <not-affected> (Debian's pwck and grpck do not overflow and are not suid)
-CVE-2002-1593 (mod_dav in Apache before 2.0.42 does not properly handle versioning ...)
+CVE-2002-1593
 	- apache2 2.0.42
-CVE-2002-1592 (The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI ...)
+CVE-2002-1592
 	- apache2 2.0.36
-CVE-2002-1591 (AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted ...)
+CVE-2002-1591
 	NOT-FOR-US: AIM in MSIE
-CVE-2002-1590 (The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) ...)
+CVE-2002-1590
 	NOT-FOR-US: Solaris
-CVE-2002-1589 (Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, ...)
+CVE-2002-1589
 	NOT-FOR-US: Solaris
-CVE-2002-1588 (Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers ...)
+CVE-2002-1588
 	NOT-FOR-US: Mailtool for OpenWindows
-CVE-2002-1587 (The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 ...)
+CVE-2002-1587
 	NOT-FOR-US: Solaris
-CVE-2002-1586 (Solaris 2.5.1 through 9 allows local users to cause a denial of ...)
+CVE-2002-1586
 	NOT-FOR-US: Solaris
-CVE-2002-1585 (Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 ...)
+CVE-2002-1585
 	NOT-FOR-US: Solaris
-CVE-2002-1584 (Unknown vulnerability in the AUTH_DES authentication for RPC in ...)
+CVE-2002-1584
 	NOT-FOR-US: Solaris
-CVE-2002-1583 (Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal ...)
+CVE-2002-1583
 	NOT-FOR-US: IBM DB2
-CVE-2002-1582 (compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail ...)
+CVE-2002-1582
 	[woody] - mailreader <not-affected> (Affects only 2.3.30-2.3.32)
 	- mailreader 2.3.33
-CVE-2002-1581 (Directory traversal vulnerability in nph-mr.cgi in Mailreader.com ...)
+CVE-2002-1581
 	{DSA-534}
 	- mailreader 2.3.29-9
-CVE-2002-1580 (Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 ...)
+CVE-2002-1580
 	{DSA-215}
 	- cyrus-imapd 1.5.19-9.10
-CVE-2002-1579 (SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of ...)
+CVE-2002-1579
 	NOT-FOR-US: SAP
-CVE-2002-1578 (The default installation of SAP R/3, when using Oracle and SQL*net V2 ...)
+CVE-2002-1578
 	NOT-FOR-US: SAP
-CVE-2002-1577 (SAP R/3 2.0B to 4.6D installs several clients with default users and ...)
+CVE-2002-1577
 	NOT-FOR-US: SAP
-CVE-2002-1576 (lserver in SAP DB 7.3 and earlier uses the current working directory ...)
+CVE-2002-1576
 	NOT-FOR-US: SAP
-CVE-2002-1575 (cgiemail allows remote attackers to use cgiemail as a spam proxy via ...)
+CVE-2002-1575
 	{DSA-437}
 	- cgiemail 1.6-20
-CVE-2002-1573 (Unspecified vulnerability in the pcilynx ieee1394 firewire driver ...)
+CVE-2002-1573
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-1572 (Signed integer overflow in the bttv_read function in the bttv driver ...)
+CVE-2002-1572
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-1571 (The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction ...)
+CVE-2002-1571
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-1570 (Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and ...)
+CVE-2002-1570
 	- ucd-snmp 4.2.3-2
-CVE-2002-1569 (gv 3.5.8, and possibly earlier versions, allows remote attackers to ...)
+CVE-2002-1569
 	- gv 1:3.5.8-27
-CVE-2002-1568 (OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks ...)
+CVE-2002-1568
 	- openssl 0.9.6g-1
-CVE-2002-1567 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows ...)
+CVE-2002-1567
 	NOTE: tomcat4 cross-site scripting vuln
-CVE-2002-1566 (netris 0.5, and possibly other versions before 0.52, when running with ...)
+CVE-2002-1566
 	- netris 0.52-1
-CVE-2002-1565 (Buffer overflow in url_filename function for wget 1.8.1 allows ...)
+CVE-2002-1565
 	- wget 1.8.2-8
-CVE-2002-1564 (Internet Explorer 5.5 and 6.0 allows remote attackers to steal ...)
+CVE-2002-1564
 	NOT-FOR-US: microsoft
-CVE-2002-1563 (stunnel 4.0.3 and earlier allows attackers to cause a denial of ...)
+CVE-2002-1563
 	- stunnel4 4.04-1
 	- stunnel 2:3.24-1
-CVE-2002-1562 (Directory traversal vulnerability in thttpd, when using virtual ...)
+CVE-2002-1562
 	{DSA-396}
 	- thttpd 2.23beta1-2.3 (bug #216677)
-CVE-2002-1561 (The RPC component in Windows 2000, Windows NT 4.0, and Windows XP ...)
+CVE-2002-1561
 	NOT-FOR-US: microsoft
-CVE-2002-1559 (Directory traversal vulnerability in ion-p.exe (aka ion-p) allows ...)
+CVE-2002-1559
 	NOT-FOR-US: ion-p
-CVE-2002-1558 (Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for ...)
+CVE-2002-1558
 	NOT-FOR-US: cisco
-CVE-2002-1557 (Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to ...)
+CVE-2002-1557
 	NOT-FOR-US: cisco
-CVE-2002-1556 (Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to ...)
+CVE-2002-1556
 	NOT-FOR-US: cisco
-CVE-2002-1555 (Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a &quot;public&quot; ...)
+CVE-2002-1555
 	NOT-FOR-US: cisco
-CVE-2002-1554 (Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames ...)
+CVE-2002-1554
 	NOT-FOR-US: cisco
-CVE-2002-1553 (Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote ...)
+CVE-2002-1553
 	NOT-FOR-US: cisco
-CVE-2002-1551 (Buffer overflow in nslookup in IBM AIX may allow attackers to cause a ...)
+CVE-2002-1551
 	NOT-FOR-US: AIX
-CVE-2002-1546 (BRS WebWeaver Web Server 1.01 allows remote attackers to bypass ...)
+CVE-2002-1546
 	NOT-FOR-US: Webweaver
-CVE-2002-1545 (CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain ...)
+CVE-2002-1545
 	NOT-FOR-US: Coolsoft
-CVE-2002-1544 (Directory traversal vulnerability in CooolSoft Personal FTP Server ...)
+CVE-2002-1544
 	NOT-FOR-US: Coolsoft
-CVE-2002-1542 (SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to ...)
+CVE-2002-1542
 	NOT-FOR-US: SolarWinds
-CVE-2002-1539 (Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote ...)
+CVE-2002-1539
 	NOT-FOR-US: MDaemon
-CVE-2002-1536 (Molly IRC bot 0.5 allows remote attackers to execute arbitrary ...)
+CVE-2002-1536
 	NOT-FOR-US: Molly
-CVE-2002-1535 (Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall ...)
+CVE-2002-1535
 	NOT-FOR-US: Symantec
-CVE-2002-1533 (Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine ...)
+CVE-2002-1533
 	- jetty <not-affected> (Fixed before upload into archive; 4.1 series)
-CVE-2002-1527 (emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine ...)
+CVE-2002-1527
 	NOT-FOR-US: EMU Webmail
-CVE-2002-1526 (Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU ...)
+CVE-2002-1526
 	NOT-FOR-US: EMU Webmail
-CVE-2002-1525 (Directory traversal vulnerability in ASTAware SearchDisk engine for ...)
+CVE-2002-1525
 	NOT-FOR-US: Sun
-CVE-2002-1523 (Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 ...)
+CVE-2002-1523
 	NOT-FOR-US: Miniserver
-CVE-2002-1522 (Buffer overflow in PowerFTP FTP server 2.24, and possibly other ...)
+CVE-2002-1522
 	NOT-FOR-US: PowerFTP
-CVE-2002-1515 (Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta ...)
+CVE-2002-1515
 	NOT-FOR-US: Coolforum
-CVE-2002-1512 (xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary ...)
+CVE-2002-1512
 	NOT-FOR-US: BRU
-CVE-2002-1508 (slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users ...)
+CVE-2002-1508
 	{DSA-227}
 	- openldap2 2.0.27-3
-CVE-2002-1507 (Unreal Tournament 2003 (ut2003) clients and servers allow remote ...)
+CVE-2002-1507
 	NOT-FOR-US: Unreal
-CVE-2002-1506 (Buffer overflow in Linuxconf before 1.28r4 allows local users to ...)
+CVE-2002-1506
 	- linuxconf <removed>
-CVE-2002-1504 (Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows ...)
+CVE-2002-1504
 	NOT-FOR-US: webserver-4everyone
-CVE-2002-1503 (Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier ...)
+CVE-2002-1503
 	NOT-FOR-US: AFD not in debian
-CVE-2002-1500 (Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD ...)
+CVE-2002-1500
 	NOT-FOR-US: NetBSD
-CVE-2002-1499 (Multiple SQL injection vulnerabilities in FactoSystem CMS allows ...)
+CVE-2002-1499
 	NOT-FOR-US: FactoSystem
-CVE-2002-1498 (Directory traversal vulnerability in SWServer 2.2 and earlier allows ...)
+CVE-2002-1498
 	NOT-FOR-US: SWServer
-CVE-2002-1495 (Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows ...)
+CVE-2002-1495
 	NOT-FOR-US: Jawmail
-CVE-2002-1492 (Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, ...)
+CVE-2002-1492
 	NOT-FOR-US: Cisco
-CVE-2002-1489 (Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote ...)
+CVE-2002-1489
 	NOT-FOR-US: PlanetDNS
-CVE-2002-1488 (The IRC component of Trillian 0.73 and 0.74 allows remote malicious ...)
+CVE-2002-1488
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1487 (The IRC component of Trillian 0.73 and 0.74 allows remote malicious ...)
+CVE-2002-1487
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1486 (Multiple buffer overflows in the IRC component of Trillian 0.73 and ...)
+CVE-2002-1486
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1485 (The AIM component of Trillian 0.73 and 0.74 allows remote attackers to ...)
+CVE-2002-1485
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1484 (DB4Web server, when configured to use verbose debug messages, allows ...)
+CVE-2002-1484
 	NOT-FOR-US: db4web
-CVE-2002-1483 (db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote ...)
+CVE-2002-1483
 	NOT-FOR-US: db4web
-CVE-2002-1482 (SQL injection vulnerability in login.php for phpGB 1.20 and earlier, ...)
+CVE-2002-1482
 	NOT-FOR-US: phpGB not in Debian
-CVE-2002-1481 (savesettings.php in phpGB 1.20 and earlier does not require ...)
+CVE-2002-1481
 	NOT-FOR-US: phpGB not in Debian
-CVE-2002-1480 (Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows ...)
+CVE-2002-1480
 	NOT-FOR-US: phpGB not in Debian
-CVE-2002-1475 (Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, ...)
+CVE-2002-1475
 	NOT-FOR-US: HPUX
-CVE-2002-1474 (Unknown vulnerability or vulnerabilities in TCP/IP component for HP ...)
+CVE-2002-1474
 	NOT-FOR-US: HPUX
-CVE-2002-1473 (Multiple buffer overflows in lp subsystem for HP-UX 10.20 through ...)
+CVE-2002-1473
 	NOT-FOR-US: HPUX
-CVE-2002-1470 (SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext ...)
+CVE-2002-1470
 	NOT-FOR-US: Shoutcase
-CVE-2002-1467 (Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to ...)
+CVE-2002-1467
 	- flashplugin-nonfree 6.0.61.0-1
-CVE-2002-1466 (CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows ...)
+CVE-2002-1466
 	NOT-FOR-US: Cafelog
-CVE-2002-1465 (SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote ...)
+CVE-2002-1465
 	NOT-FOR-US: Cafelog
-CVE-2002-1464 (Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool ...)
+CVE-2002-1464
 	NOT-FOR-US: Cafelog
-CVE-2002-1462 (details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later ...)
+CVE-2002-1462
 	NOT-FOR-US: Organic PHP
-CVE-2002-1461 (Web Shop Manager 1.1 allows remote attackers to execute arbitrary ...)
+CVE-2002-1461
 	NOT-FOR-US: Webshop Manager
-CVE-2002-1460 (L-Forum 2.40 and earlier does not properly verify whether a file was ...)
+CVE-2002-1460
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1459 (Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when ...)
+CVE-2002-1459
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1458 (Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when ...)
+CVE-2002-1458
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1457 (SQL injection vulnerability in search.php for L-Forum 2.40 allows ...)
+CVE-2002-1457
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1456 (Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to ...)
+CVE-2002-1456
 	NOT-FOR-US: mIRC
-CVE-2002-1455 (Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow ...)
+CVE-2002-1455
 	NOT-FOR-US: OmniHTTPD
-CVE-2002-1454 (MyWebServer 1.0.2 allows remote attackers to determine the absolute ...)
+CVE-2002-1454
 	NOT-FOR-US: MyWebServer
-CVE-2002-1453 (Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows ...)
+CVE-2002-1453
 	NOT-FOR-US: MyWebServer
-CVE-2002-1452 (Buffer overflow in the search capability for MyWebServer 1.0.2 allows ...)
+CVE-2002-1452
 	NOT-FOR-US: MyWebServer
-CVE-2002-1451 (Blazix before 1.2.2 allows remote attackers to read source code of JSP ...)
+CVE-2002-1451
 	NOT-FOR-US: Blazix not in Debian
-CVE-2002-1450 (IBM UniVerse with UV/ODBC allows attackers to cause a denial of ...)
+CVE-2002-1450
 	NOT-FOR-US: IBM UniVerse
-CVE-2002-1449 (eUpload 1.0 stores the password.txt password file in plaintext under ...)
+CVE-2002-1449
 	NOT-FOR-US: eUpload not in Debian
-CVE-2002-1445 (Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows ...)
+CVE-2002-1445
 	NOT-FOR-US: CERN HTTPD not in Debian
-CVE-2002-1444 (The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and ...)
+CVE-2002-1444
 	NOT-FOR-US: Google Toolbar
-CVE-2002-1442 (The Google toolbar 1.1.58 and earlier allows remote web sites to ...)
+CVE-2002-1442
 	NOT-FOR-US: Google Toolbar
-CVE-2002-1441 (Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow ...)
+CVE-2002-1441
 	NOT-FOR-US: Tomahawk
-CVE-2002-1440 (The Gateway GS-400 server has a default root password of &quot;0001n&quot; that ...)
+CVE-2002-1440
 	NOT-FOR-US: Gateway
-CVE-2002-1439 (Unknown vulnerability related to stack corruption in the TGA daemon ...)
+CVE-2002-1439
 	NOT-FOR-US: HPUX
-CVE-2002-1434 (Multiple cross-site scripting (XSS) vulnerabilities in the Web mail ...)
+CVE-2002-1434
 	NOT-FOR-US: Kerio
-CVE-2002-1433 (Kerio MailServer 5.0 allows remote attackers to cause a denial of ...)
+CVE-2002-1433
 	NOT-FOR-US: Kerio
-CVE-2002-1432 (MidiCart stores the midicart.mdb database file under the Web document ...)
+CVE-2002-1432
 	NOT-FOR-US: MidiCart
-CVE-2002-1431 (Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the ...)
+CVE-2002-1431
 	NOT-FOR-US: Belkin
-CVE-2002-1429 (Cross-site scripting vulnerability in board.php of endity.com ShoutBOX ...)
+CVE-2002-1429
 	NOT-FOR-US: ShoutBox
-CVE-2002-1428 (index.php in dotProject 0.2.1.5 allows remote attackers to bypass ...)
+CVE-2002-1428
 	NOT-FOR-US: dotproject
-CVE-2002-1427 (The print_html_to_file function in edit.cgi for Easy Homepage Creator ...)
+CVE-2002-1427
 	NOT-FOR-US: Easy Homepage Creator
-CVE-2002-1426 (HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a ...)
+CVE-2002-1426
 	NOT-FOR-US: HP
-CVE-2002-1423 (tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read ...)
+CVE-2002-1423
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in phpgroupware-fudforum is 2.5.x)
-CVE-2002-1422 (admbrowse.php in FUDforum before 2.2.0 allows remote attackers to ...)
+CVE-2002-1422
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in phpgroupware-fudforum is 2.5.x)
-CVE-2002-1421 (SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote ...)
+CVE-2002-1421
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in phpgroupware-fudforum is 2.5.x)
-CVE-2002-1416 (The POP3 service for WebEasyMail 3.4.2.2 and earlier generates ...)
+CVE-2002-1416
 	NOT-FOR-US: Webeasymail
-CVE-2002-1415 (Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 ...)
+CVE-2002-1415
 	NOT-FOR-US: Webeasymail
-CVE-2002-1411 (Directory traversal vulnerability in update.dpgs in Duma Photo Gallery ...)
+CVE-2002-1411
 	NOT-FOR-US: Duma
-CVE-2002-1410 (Easy Guestbook CGI programs do not authenticate the administrator, ...)
+CVE-2002-1410
 	NOT-FOR-US: East Guestbook
-CVE-2002-1409 (ptrace on HP-UX 11.00 through 11.11 allows local users to cause a ...)
+CVE-2002-1409
 	NOT-FOR-US: HPUX
-CVE-2002-1408 (Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 ...)
+CVE-2002-1408
 	NOT-FOR-US: HP Openview
-CVE-2002-1406 (Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown ...)
+CVE-2002-1406
 	NOT-FOR-US: HPUX
 CVE-2002-1404
 	REJECTED
-CVE-2002-1402 (Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment ...)
+CVE-2002-1402
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1401 (Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add ...)
+CVE-2002-1401
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1400 (Heap-based buffer overflow in the repeat() function for PostgreSQL ...)
+CVE-2002-1400
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1399 (Unknown vulnerability in cash_out and possibly other functions in ...)
+CVE-2002-1399
 	- postgresql 7.2.2-2
-CVE-2002-1398 (Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows ...)
+CVE-2002-1398
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1397 (Vulnerability in the cash_words() function for PostgreSQL 7.2 and ...)
+CVE-2002-1397
 	- postgresql 7.2.2-2
-CVE-2002-1395 (Internet Message (IM) 141-18 and earlier uses predictable file and ...)
+CVE-2002-1395
 	{DSA-202}
 	- im 1:141-20
-CVE-2002-1393 (Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not ...)
+CVE-2002-1393
 	{DSA-243 DSA-242 DSA-241 DSA-240 DSA-239 DSA-238 DSA-237 DSA-236 DSA-235 DSA-234}
 	- kdemultimedia 4:3.0.5a
 	- kdebase 4:3.0.5a
@@ -2061,80 +2061,80 @@ CVE-2002-1393 (Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do no
 	- kdenetwork 4:3.0.5a
 	- kdegraphics 4:3.0.5a
 	- kdeadmin 4:3.0.5a
-CVE-2002-1387 (The spray mode in traceroute-nanog (aka traceroute-ng) may allow local ...)
+CVE-2002-1387
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1386 (Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow ...)
+CVE-2002-1386
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1383 (Multiple integer overflows in Common Unix Printing System (CUPS) ...)
+CVE-2002-1383
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1379 (OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local ...)
+CVE-2002-1379
 	{DSA-227}
 	- openldap2 2.0.27-3
-CVE-2002-1378 (Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier ...)
+CVE-2002-1378
 	{DSA-227}
 	- openldap2 2.0.27-3
-CVE-2002-1376 (libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to ...)
+CVE-2002-1376
 	{DSA-212}
 	- mysql <removed>
 CVE-2002-1370
 	REJECTED
-CVE-2002-1368 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ...)
+CVE-2002-1368
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1360 (Multiple SSH2 servers and clients do not properly handle strings with ...)
+CVE-2002-1360
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1359 (Multiple SSH2 servers and clients do not properly handle large packets ...)
+CVE-2002-1359
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1358 (Multiple SSH2 servers and clients do not properly handle lists with ...)
+CVE-2002-1358
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1357 (Multiple SSH2 servers and clients do not properly handle packets or ...)
+CVE-2002-1357
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1356 (Ethereal 0.9.7 and earlier allows remote attackers to cause a denial ...)
+CVE-2002-1356
 	- ethereal 0.9.8-1
-CVE-2002-1355 (Multiple integer signedness errors in the BGP dissector in Ethereal ...)
+CVE-2002-1355
 	- ethereal 0.9.8-1
-CVE-2002-1354 (Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows ...)
+CVE-2002-1354
 	NOT-FOR-US: TYPSoft FTP Server
-CVE-2002-1353 (LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under ...)
+CVE-2002-1353
 	NOT-FOR-US: LocalWEB2000 HTTP server
-CVE-2002-1352 (Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and ...)
+CVE-2002-1352
 	NOT-FOR-US: CartMan
-CVE-2002-1351 (Buffer overflow in Melange Chat System 1.10 allows remote attackers to ...)
+CVE-2002-1351
 	NOT-FOR-US: Melange Chat System
-CVE-2002-1347 (Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier ...)
+CVE-2002-1347
 	- cyrus-sasl2 2.1.10-1
 CVE-2002-1346
 	RESERVED
-CVE-2002-1345 (Directory traversal vulnerabilities in multiple FTP clients on UNIX ...)
+CVE-2002-1345
 	NOTE: multiple ftp client issues
-CVE-2002-1344 (Directory traversal vulnerability in wget before 1.8.2-4 allows a ...)
+CVE-2002-1344
 	{DSA-209}
 	- wget 1.8.2-8
 CVE-2002-1343
 	RESERVED
-CVE-2002-1342 (Unknown vulnerability in smb2www 980804-16 and earlier allows remote ...)
+CVE-2002-1342
 	{DSA-203}
 	- smb2www 980804-17
-CVE-2002-1341 (Cross-site scripting (XSS) vulnerability in read_body.php for ...)
+CVE-2002-1341
 	{DSA-220}
 	- squirrelmail 1:1.3.2-2
-CVE-2002-1340 (The &quot;ConnectionFile&quot; property in the DataSourceControl component in ...)
+CVE-2002-1340
 	NOT-FOR-US: Office Web Components
-CVE-2002-1339 (The &quot;XMLURL&quot; property in the Spreadsheet component of Office Web ...)
+CVE-2002-1339
 	NOT-FOR-US: Office Web Components
-CVE-2002-1338 (The Load method in the Chart component of Office Web Components (OWC) ...)
+CVE-2002-1338
 	NOT-FOR-US: Office Web Components
-CVE-2002-1335 (Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape ...)
+CVE-2002-1335
 	{DSA-251 DSA-250 DSA-249}
 	- w3m 0.3.2.2-1
 	- w3mmee 0.3.p24.17-3
 	- w3m-ssl <removed>
-CVE-2002-1334 (Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 ...)
+CVE-2002-1334
 	NOT-FOR-US: BizDesign
 CVE-2002-1333
 	RESERVED
@@ -2152,23 +2152,23 @@ CVE-2002-1326
 	RESERVED
 CVE-2002-1324
 	RESERVED
-CVE-2002-1322 (Rational ClearCase 4.1, 2002.05, and possibly other versions allows ...)
+CVE-2002-1322
 	NOT-FOR-US: ClearCase
-CVE-2002-1321 (Multiple buffer overflows in RealOne and RealPlayer allow remote ...)
+CVE-2002-1321
 	NOT-FOR-US: Realplayer
-CVE-2002-1316 (importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, ...)
+CVE-2002-1316
 	NOT-FOR-US: iPlanet
-CVE-2002-1315 (Cross-site scripting (XSS) vulnerability in the Admin Server for ...)
+CVE-2002-1315
 	NOT-FOR-US: iPlanet
 CVE-2002-1314
 	RESERVED
-CVE-2002-1312 (Buffer overflow in the Web management interface in Linksys BEFW11S4 ...)
+CVE-2002-1312
 	NOT-FOR-US: Linksys
-CVE-2002-1310 (Heap-based buffer overflow in the error-handling mechanism for the IIS ...)
+CVE-2002-1310
 	NOT-FOR-US: Macromedia
-CVE-2002-1309 (Heap-based buffer overflow in the error-handling mechanism for the IIS ...)
+CVE-2002-1309
 	NOT-FOR-US: Macromedia
-CVE-2002-1306 (Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and ...)
+CVE-2002-1306
 	{DSA-214}
 	- kdenetwork 4:2.2.2-14.20
 CVE-2002-1305
@@ -2189,68 +2189,68 @@ CVE-2002-1298
 	REJECTED
 CVE-2002-1297
 	REJECTED
-CVE-2002-1295 (The Microsoft Java implementation, as used in Internet Explorer, ...)
+CVE-2002-1295
 	NOT-FOR-US: Microsoft
-CVE-2002-1294 (The Microsoft Java implementation, as used in Internet Explorer, can ...)
+CVE-2002-1294
 	NOT-FOR-US: Microsoft
-CVE-2002-1293 (The Microsoft Java implementation, as used in Internet Explorer, ...)
+CVE-2002-1293
 	NOT-FOR-US: Microsoft
-CVE-2002-1292 (The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as ...)
+CVE-2002-1292
 	NOT-FOR-US: Microsoft
-CVE-2002-1291 (The Microsoft Java implementation, as used in Internet Explorer, ...)
+CVE-2002-1291
 	NOT-FOR-US: Microsoft
-CVE-2002-1290 (The Microsoft Java implementation, as used in Internet Explorer, ...)
+CVE-2002-1290
 	NOT-FOR-US: Microsoft
-CVE-2002-1289 (The Microsoft Java implementation, as used in Internet Explorer, ...)
+CVE-2002-1289
 	NOT-FOR-US: Microsoft
-CVE-2002-1288 (The Microsoft Java implementation, as used in Internet Explorer, ...)
+CVE-2002-1288
 	NOT-FOR-US: Microsoft
-CVE-2002-1287 (Stack-based buffer overflow in the Microsoft Java implementation, as ...)
+CVE-2002-1287
 	NOT-FOR-US: Microsoft
-CVE-2002-1286 (The Microsoft Java implementation, as used in Internet Explorer, ...)
+CVE-2002-1286
 	NOT-FOR-US: Microsoft
-CVE-2002-1285 (runlpr in the LPRng package allows the local lp user to gain root ...)
+CVE-2002-1285
 	NOT-FOR-US: SuSE-specific lprfilter package
-CVE-2002-1283 (Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote ...)
+CVE-2002-1283
 	NOT-FOR-US: Novell iManager (eMFrame)
-CVE-2002-1282 (Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of ...)
+CVE-2002-1282
 	{DSA-204}
 	- kdelibs 4:3.1.0-1
-CVE-2002-1281 (Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of ...)
+CVE-2002-1281
 	{DSA-204}
 	- kdelibs 4:3.1.0-1
-CVE-2002-1280 (Memory leak in RealSecure Event Collector 6.5 allows attackers to ...)
+CVE-2002-1280
 	NOT-FOR-US: RealSecure Event Collector
-CVE-2002-1279 (Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, ...)
+CVE-2002-1279
 	{DSA-194}
 	- masqmail 0.2.15-1
-CVE-2002-1276 (An incomplete fix for a cross-site scripting (XSS) vulnerability in ...)
+CVE-2002-1276
 	{DSA-191}
 	- squirrelmail 1:1.2.8-1.1
-CVE-2002-1275 (Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when ...)
+CVE-2002-1275
 	{DSA-192}
 	- html2ps 1.0b3-2
 CVE-2002-1274
 	RESERVED
 CVE-2002-1273
 	RESERVED
-CVE-2002-1269 (Unknown vulnerability in NetInfo Manager application in Mac OS X ...)
+CVE-2002-1269
 	NOT-FOR-US: MacOS
 CVE-2002-1263
 	REJECTED
-CVE-2002-1262 (Internet Explorer 5.5 and 6.0 does not perform complete security ...)
+CVE-2002-1262
 	NOT-FOR-US: Microsoft
 CVE-2002-1261
 	REJECTED
 CVE-2002-1259
 	REJECTED
-CVE-2002-1258 (Two vulnerabilities in Microsoft Virtual Machine (VM) up to and ...)
+CVE-2002-1258
 	NOT-FOR-US: Microsoft
-CVE-2002-1254 (Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the ...)
+CVE-2002-1254
 	NOT-FOR-US: Microsoft
 CVE-2002-1249
 	RESERVED
-CVE-2002-1247 (Buffer overflow in LISa allows local users to gain access to a raw ...)
+CVE-2002-1247
 	{DSA-193}
 	- kdenetwork 4:2.2.2-14.3
 CVE-2002-1246
@@ -2261,47 +2261,47 @@ CVE-2002-1241
 	RESERVED
 CVE-2002-1240
 	RESERVED
-CVE-2002-1238 (Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote ...)
+CVE-2002-1238
 	NOT-FOR-US: Peter Sandvik's Simple Web Server
 CVE-2002-1237
 	RESERVED
-CVE-2002-1235 (The kadm_ser_in function in (1) the Kerberos v4compatibility ...)
+CVE-2002-1235
 	{DSA-185 DSA-184 DSA-183}
 	- heimdal 0.4e-22
 	- krb4 1.1-11-8
 	- krb5 1.2.6-2
 CVE-2002-1234
 	REJECTED
-CVE-2002-1233 (A regression error in the Debian distributions of the apache-ssl ...)
+CVE-2002-1233
 	{DSA-195 DSA-188 DSA-187}
 	- apache-perl 1.3.26-1.1-1.27-3-1
 	- apache 1.3.27-1
-CVE-2002-1229 (Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier ...)
+CVE-2002-1229
 	NOT-FOR-US: Avaya Cajun switches
-CVE-2002-1228 (Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows ...)
+CVE-2002-1228
 	NOT-FOR-US: Solaris
-CVE-2002-1226 (Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, ...)
+CVE-2002-1226
 	{DSA-178}
 	- heimdal 0.4e-21
-CVE-2002-1225 (Multiple buffer overflows in Heimdal before 0.5, possibly in both the ...)
+CVE-2002-1225
 	{DSA-178}
 	- heimdal 0.4e-21
 CVE-2002-1218
 	RESERVED
-CVE-2002-1217 (Cross-Frame scripting vulnerability in the WebBrowser control as used ...)
+CVE-2002-1217
 	NOT-FOR-US: Microsoft
-CVE-2002-1216 (GNU tar 1.13.19 and other versions before 1.13.25 allows remote ...)
+CVE-2002-1216
 	- tar 1.13.25
-CVE-2002-1215 (Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier ...)
+CVE-2002-1215
 	{DSA-174}
 	- heartbeat 0.4.9.2-1
-CVE-2002-1213 (Directory traversal vulnerability in RadioBird Software WebServer 4 ...)
+CVE-2002-1213
 	NOT-FOR-US: RadioBird Software WebServer 4 Everyone
-CVE-2002-1212 (Buffer overflow in RadioBird Software WebServer 4 Everyone 1.23 and ...)
+CVE-2002-1212
 	NOT-FOR-US: RadioBird Software WebServer 4 Everyone
-CVE-2002-1210 (Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email ...)
+CVE-2002-1210
 	NOT-FOR-US: Eudora
-CVE-2002-1209 (Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, ...)
+CVE-2002-1209
 	NOT-FOR-US: SolarWinds TFTP Server
 CVE-2002-1208
 	RESERVED
@@ -2311,32 +2311,32 @@ CVE-2002-1206
 	RESERVED
 CVE-2002-1205
 	RESERVED
-CVE-2002-1204 (Netscape Communicator 4.x allows attackers to use a link to steal a ...)
+CVE-2002-1204
 	NOT-FOR-US: Netscape Communicator 4.x
-CVE-2002-1203 (IBM SecureWay Firewall before 4.2.2 performs extra processing before ...)
+CVE-2002-1203
 	NOT-FOR-US: IBM SecureWay Firewall
-CVE-2002-1202 (Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A ...)
+CVE-2002-1202
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1201 (IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of ...)
+CVE-2002-1201
 	NOT-FOR-US: AIX
-CVE-2002-1194 (Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other ...)
+CVE-2002-1194
 	NOT-FOR-US: NetBSD
-CVE-2002-1192 (Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD ...)
+CVE-2002-1192
 	NOT-FOR-US: NetBSD
-CVE-2002-1191 (The Sabserv client component in Sabre Desktop Reservation Software 4.2 ...)
+CVE-2002-1191
 	NOT-FOR-US: Sabre Desktop
-CVE-2002-1190 (Cisco Unity 2.x and 3.x uses well-known default user accounts, which ...)
+CVE-2002-1190
 	NOT-FOR-US: Cisco
-CVE-2002-1181 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2002-1181
 	NOT-FOR-US: Microsoft IIS
-CVE-2002-1177 (Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the ...)
+CVE-2002-1177
 	NOT-FOR-US: Winamp
-CVE-2002-1176 (Buffer overflow in Winamp 2.81 allows remote attackers to execute ...)
+CVE-2002-1176
 	NOT-FOR-US: Winamp
-CVE-2002-1175 (The getmxrecord function in Fetchmail 6.0.0 and earlier does not ...)
+CVE-2002-1175
 	{DSA-171}
 	- fetchmail 6.1.0-1
-CVE-2002-1174 (Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers ...)
+CVE-2002-1174
 	{DSA-171}
 	- fetchmail 6.1.0-1
 CVE-2002-1173
@@ -2345,819 +2345,819 @@ CVE-2002-1172
 	RESERVED
 CVE-2002-1171
 	RESERVED
-CVE-2002-1168 (Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express ...)
+CVE-2002-1168
 	NOT-FOR-US: IBM Websphere
-CVE-2002-1167 (Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express ...)
+CVE-2002-1167
 	NOT-FOR-US: IBM Websphere
-CVE-2002-1166 (Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows ...)
+CVE-2002-1166
 	- wn <removed>
-CVE-2002-1165 (Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, ...)
+CVE-2002-1165
 	- sendmail 8.12.3-5
 CVE-2002-1161
 	REJECTED
-CVE-2002-1155 (Buffer overflow in KON kon2 0.3.9b and earlier allows local users to ...)
+CVE-2002-1155
 	NOTE: kon2. patched, but I don't know when.
 	NOTE: assuming the current unstable/testing version is ok then..
 	- kon2 0.3.9b-18
-CVE-2002-1150 (The Remote Desktop Sharing (RDS) Screen Saver Protection capability ...)
+CVE-2002-1150
 	NOT-FOR-US: Microsoft Netmeeting
-CVE-2002-1149 (The installation procedure for Invision Board suggests that users ...)
+CVE-2002-1149
 	NOT-FOR-US: Invision Board
-CVE-2002-1145 (The xp_runwebtask stored procedure in the Web Tasks component of ...)
+CVE-2002-1145
 	NOT-FOR-US: Microsoft SQL
 CVE-2002-1144
 	RESERVED
-CVE-2002-1143 (Microsoft Word and Excel allow remote attackers to steal sensitive ...)
+CVE-2002-1143
 	NOT-FOR-US: Microsoft Word & Excel
 CVE-2002-1136
 	RESERVED
-CVE-2002-1134 (Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES ...)
+CVE-2002-1134
 	NOT-FOR-US: HP Tru64
-CVE-2002-1133 (Encoded directory traversal vulnerability in Dino's web server 2.1 ...)
+CVE-2002-1133
 	NOT-FOR-US: Dino's Webserver
-CVE-2002-1131 (Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and ...)
+CVE-2002-1131
 	{DSA-191}
 	- squirrelmail 1:1.2.8-1.1
 CVE-2002-1130
 	RESERVED
-CVE-2002-1129 (Buffer overflow in dxterm allows local users to execute arbitrary code ...)
+CVE-2002-1129
 	NOT-FOR-US: HP Tru64
-CVE-2002-1128 (Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows ...)
+CVE-2002-1128
 	NOT-FOR-US: HP Tru64
-CVE-2002-1127 (Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to ...)
+CVE-2002-1127
 	NOT-FOR-US: HP Tru64
-CVE-2002-1125 (FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and ...)
+CVE-2002-1125
 	NOT-FOR-US: FreeBSD
-CVE-2002-1124 (Multiple buffer overflows in purity 1-16 allow local users to gain ...)
+CVE-2002-1124
 	{DSA-166}
 	- purity 1-16
-CVE-2002-1121 (SMTP content filter engines, including (1) GFI MailSecurity for ...)
+CVE-2002-1121
 	NOTE: Some SMTP mailscanners can be bypassed by fragmenting messages.
-CVE-2002-1120 (Buffer overflow in Savant Web Server 3.1 and earlier allows remote ...)
+CVE-2002-1120
 	NOT-FOR-US: Savant Web Server
-CVE-2002-1115 (Mantis 0.17.4a and earlier allows remote attackers to view private ...)
+CVE-2002-1115
 	{DSA-161}
 	- mantis 0.17.5-2
-CVE-2002-1114 (config_inc2.php in Mantis before 0.17.4 allows remote attackers to ...)
+CVE-2002-1114
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1110 (Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, ...)
+CVE-2002-1110
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1103 (Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, ...)
+CVE-2002-1103
 	NOT-FOR-US: Cisco
-CVE-2002-1101 (Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, ...)
+CVE-2002-1101
 	NOT-FOR-US: Cisco
-CVE-2002-1100 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote ...)
+CVE-2002-1100
 	NOT-FOR-US: Cisco
-CVE-2002-1094 (Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x ...)
+CVE-2002-1094
 	NOT-FOR-US: Cisco
-CVE-2002-1090 (Buffer overflow in read_smtp_response of protocol.c in libesmtp before ...)
+CVE-2002-1090
 	- libesmtp 0.8.11-1
-CVE-2002-1089 (rwcgi60 CGI program in Oracle Reports Server, by design, provides ...)
+CVE-2002-1089
 	NOT-FOR-US: Oracle
-CVE-2002-1087 (The scripts (1) createdir.php, (2) removedir.php and (3) ...)
+CVE-2002-1087
 	NOT-FOR-US: ezContents
-CVE-2002-1086 (Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier ...)
+CVE-2002-1086
 	NOT-FOR-US: ezContents
-CVE-2002-1085 (Multiple cross-site scripting vulnerabilities in ezContents 1.41 and ...)
+CVE-2002-1085
 	NOT-FOR-US: ezContents
-CVE-2002-1084 (The VerifyLogin function in ezContents 1.41 and earlier does not ...)
+CVE-2002-1084
 	NOT-FOR-US: ezContents
-CVE-2002-1083 (Directory traversal vulnerabilities in ezContents 1.41 and earlier ...)
+CVE-2002-1083
 	NOT-FOR-US: ezContents
-CVE-2002-1082 (The Image Upload capability for ezContents 1.40 and earlier allows ...)
+CVE-2002-1082
 	NOT-FOR-US: ezContents
-CVE-2002-1080 (The Administration console for Abyss Web Server 1.0.3 before Patch 2 ...)
+CVE-2002-1080
 	NOT-FOR-US: Abyss
-CVE-2002-1078 (Abyss Web Server 1.0.3 allows remote attackers to list directory ...)
+CVE-2002-1078
 	NOT-FOR-US: Abyss
-CVE-2002-1077 (IPSwitch IMail Web Calendaring service (iwebcal) allows remote ...)
+CVE-2002-1077
 	NOT-FOR-US: IPSwitch
-CVE-2002-1075 (Buffer overflow in Pegasus mail client 4.01 and earlier allows remote ...)
+CVE-2002-1075
 	NOT-FOR-US: Pegasus
-CVE-2002-1073 (Buffer overflow in the control service for MERCUR Mailserver 4.2 ...)
+CVE-2002-1073
 	NOT-FOR-US: MERCUR Mailserver
-CVE-2002-1072 (ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows ...)
+CVE-2002-1072
 	NOT-FOR-US: ZyXEL
-CVE-2002-1071 (ZyXEL Prestige 642R allows remote attackers to cause a denial of ...)
+CVE-2002-1071
 	NOT-FOR-US: ZyXEL
-CVE-2002-1070 (Cross-site scripting vulnerability in PHPWiki Postnuke wiki module ...)
+CVE-2002-1070
 	- phpwiki 1.3.4-1
-CVE-2002-1069 (The remote administration capability for the D-Link DI-804 router 4.68 ...)
+CVE-2002-1069
 	NOT-FOR-US: D-Link hardware
-CVE-2002-1068 (The web server for D-Link DP-300 print server allows remote attackers ...)
+CVE-2002-1068
 	NOT-FOR-US: D-Link hardware
-CVE-2002-1067 (Administrative web interface for IC9 Pocket Print Server Firmware ...)
+CVE-2002-1067
 	NOT-FOR-US: IC9 Print Server
-CVE-2002-1066 (Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to ...)
+CVE-2002-1066
 	NOT-FOR-US: Jana Server
-CVE-2002-1065 (Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, ...)
+CVE-2002-1065
 	NOT-FOR-US: Jana Server
-CVE-2002-1064 (Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, ...)
+CVE-2002-1064
 	NOT-FOR-US: Jana Server
-CVE-2002-1063 (Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, ...)
+CVE-2002-1063
 	NOT-FOR-US: Jana Server
-CVE-2002-1062 (Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and ...)
+CVE-2002-1062
 	NOT-FOR-US: Jana Server
-CVE-2002-1061 (Multiple buffer overflows in Thomas Hauck Jana Server 2.x through ...)
+CVE-2002-1061
 	NOT-FOR-US: Jana Server
-CVE-2002-1058 (Directory traversal vulnerability in splashAdmin.php for Cobalt Qube ...)
+CVE-2002-1058
 	NOT-FOR-US: Cobalt Qube
-CVE-2002-1055 (Buffer overflow in administrative web server for Brother NC-3100h ...)
+CVE-2002-1055
 	NOT-FOR-US: Brother hardware
-CVE-2002-1052 (Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS ...)
+CVE-2002-1052
 	NOT-FOR-US: Jigsaw
-CVE-2002-1048 (HP JetDirect printers allow remote attackers to obtain the ...)
+CVE-2002-1048
 	NOT-FOR-US: HP printers
-CVE-2002-1047 (The FTP service in Watchguard Soho Firewall 5.0.35a allows remote ...)
+CVE-2002-1047
 	NOT-FOR-US: Soho Firewall
-CVE-2002-1045 (Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of ...)
+CVE-2002-1045
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2002-1044 (Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to ...)
+CVE-2002-1044
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2002-1043 (Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of ...)
+CVE-2002-1043
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2002-1042 (Directory traversal vulnerability in search engine for iPlanet web ...)
+CVE-2002-1042
 	NOT-FOR-US: iPlanet
-CVE-2002-1041 (Unknown vulnerability in DCE (1) SMIT panels and (2) configuration ...)
+CVE-2002-1041
 	NOT-FOR-US: SMIT
-CVE-2002-1040 (Unknown vulnerability in the WebSecure (DFSWeb) configuration ...)
+CVE-2002-1040
 	NOT-FOR-US: WebSecure
-CVE-2002-1038 (Double Choco Latte (DCL) before 20020706 does not properly verify if a ...)
+CVE-2002-1038
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.2-1
-CVE-2002-1037 (Cross-site scripting vulnerability in Double Choco Latte (DCL) before ...)
+CVE-2002-1037
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.2-1
-CVE-2002-1036 (Cross-site scripting vulnerability in search.pl for Fluid Dynamics ...)
+CVE-2002-1036
 	NOT-FOR-US: Fluid Dynamics
-CVE-2002-1034 (none.php for SunPS iRunbook 2.5.2 allows remote attackers to read ...)
+CVE-2002-1034
 	NOT-FOR-US: iRunBook
-CVE-2002-1033 (Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 ...)
+CVE-2002-1033
 	NOT-FOR-US: iRunBook
-CVE-2002-1032 (Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows ...)
+CVE-2002-1032
 	NOT-FOR-US: KeyFocus Web Server
-CVE-2002-1029 (Res Manager in Worldspan for Windows Gateway 4.1 allows remote ...)
+CVE-2002-1029
 	NOT-FOR-US: Worldspam for Windows
-CVE-2002-1028 (Multiple buffer overflows in the CGI programs for Oddsock Song ...)
+CVE-2002-1028
 	NOT-FOR-US: Oddsock Winamp plugin
-CVE-2002-1027 (Cross-site scripting vulnerability in the default HTTP 500 error ...)
+CVE-2002-1027
 	NOT-FOR-US: Macromedia Sitespring
-CVE-2002-1026 (Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine ...)
+CVE-2002-1026
 	NOT-FOR-US: Macromedia Sitespring
-CVE-2002-1023 (BadBlue server allows remote attackers to cause a denial of service ...)
+CVE-2002-1023
 	NOT-FOR-US: BadBlue
-CVE-2002-1022 (BadBlue server stores passwords in plaintext in the ext.ini file, ...)
+CVE-2002-1022
 	NOT-FOR-US: BadBlue
-CVE-2002-1021 (BadBlue server allows remote attackers to read restricted files, such ...)
+CVE-2002-1021
 	NOT-FOR-US: BadBlue
-CVE-2002-1020 (The library feature for Adobe Content Server 3.0 allows a remote ...)
+CVE-2002-1020
 	NOT-FOR-US: Adobe
-CVE-2002-1019 (The library feature for Adobe Content Server 3.0 allows a remote ...)
+CVE-2002-1019
 	NOT-FOR-US: Adobe
-CVE-2002-1018 (The library feature for Adobe Content Server 3.0 does not verify if a ...)
+CVE-2002-1018
 	NOT-FOR-US: Adobe
-CVE-2002-1017 (Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other ...)
+CVE-2002-1017
 	NOT-FOR-US: Adobe
-CVE-2002-1016 (Adobe eBook Reader allows a user to bypass restrictions for copy, ...)
+CVE-2002-1016
 	NOT-FOR-US: Adobe
-CVE-2002-1012 (Buffer overflow in web server for Tivoli Management Framework (TMF) ...)
+CVE-2002-1012
 	NOT-FOR-US: Tivoli
-CVE-2002-1011 (Buffer overflow in web server for Tivoli Management Framework (TMF) ...)
+CVE-2002-1011
 	NOT-FOR-US: Tivoli
-CVE-2002-1010 (Lotus Domino R4 allows remote attackers to bypass access restrictions ...)
+CVE-2002-1010
 	NOT-FOR-US: Domino
-CVE-2002-1009 (Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as ...)
+CVE-2002-1009
 	NOT-FOR-US: PowerBASIC
-CVE-2002-1008 (Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as ...)
+CVE-2002-1008
 	NOT-FOR-US: PowerBASIC
-CVE-2002-1007 (Cross-site scripting vulnerabilities in Blackboard 5 allow remote ...)
+CVE-2002-1007
 	NOT-FOR-US: Blackboard
-CVE-2002-1005 (ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to ...)
+CVE-2002-1005
 	NOT-FOR-US: ArGoSoft
-CVE-2002-1003 (Buffer overflow in MyWebServer 1.02 and earlier allows remote ...)
+CVE-2002-1003
 	NOT-FOR-US: MyWebServer
-CVE-2002-1001 (Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers ...)
+CVE-2002-1001
 	NOT-FOR-US: AnalogX Proxy
-CVE-2002-0999 (Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 ...)
+CVE-2002-0999
 	NOT-FOR-US: CARE
-CVE-2002-0998 (Directory traversal vulnerability in cafenews.php for CARE 2002 before ...)
+CVE-2002-0998
 	NOT-FOR-US: CARE
-CVE-2002-0997 (Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 ...)
+CVE-2002-0997
 	NOT-FOR-US: Novell
-CVE-2002-0996 (Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C ...)
+CVE-2002-0996
 	NOT-FOR-US: Novell
-CVE-2002-0994 (SunPCi II VNC uses a weak authentication scheme, which allows remote ...)
+CVE-2002-0994
 	NOT-FOR-US: SunPci II VNC
-CVE-2002-0993 (Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) ...)
+CVE-2002-0993
 	NOT-FOR-US: HP
-CVE-2002-0992 (Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced ...)
+CVE-2002-0992
 	NOT-FOR-US: HP
-CVE-2002-0991 (Buffer overflows in the cifslogin command for HP CIFS/9000 Client ...)
+CVE-2002-0991
 	NOT-FOR-US: HP
-CVE-2002-0983 (IRC client irssi in irssi-text before 0.8.4 allows remote attackers to ...)
+CVE-2002-0983
 	{DSA-157}
 	- irssi-text 0.8.5-2
-CVE-2002-0982 (Microsoft SQL Server 2000 SP2, when configured as a distributor, ...)
+CVE-2002-0982
 	NOT-FOR-US: Microsoft
-CVE-2002-0980 (The Web Folder component for Internet Explorer 5.5 and 6.0 writes an ...)
+CVE-2002-0980
 	NOT-FOR-US: Microsoft
-CVE-2002-0979 (The Java logging feature for the Java Virtual Machine in Internet ...)
+CVE-2002-0979
 	NOT-FOR-US: Microsoft
-CVE-2002-0978 (Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 ...)
+CVE-2002-0978
 	NOT-FOR-US: Microsoft
-CVE-2002-0977 (Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX ...)
+CVE-2002-0977
 	NOT-FOR-US: Microsoft
-CVE-2002-0976 (Internet Explorer 4.0 and later allows remote attackers to read ...)
+CVE-2002-0976
 	NOT-FOR-US: Microsoft
-CVE-2002-0975 (Buffer overflow in Microsoft DirectX Files Viewer ActiveX control ...)
+CVE-2002-0975
 	NOT-FOR-US: Microsoft
-CVE-2002-0973 (Integer signedness error in several system calls for FreeBSD 4.6.1 ...)
+CVE-2002-0973
 	NOT-FOR-US: FreeBSD
-CVE-2002-0972 (Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial ...)
+CVE-2002-0972
 	{DSA-165}
 	- postgresql 7.2.2-1
-CVE-2002-0971 (Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to ...)
+CVE-2002-0971
 	NOT-FOR-US: Microsoft Windows specific
-CVE-2002-0966 (Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause ...)
+CVE-2002-0966
 	NOT-FOR-US: 4D web server
-CVE-2002-0963 (SQL injection vulnerability in comment.php for GeekLog 1.3.5 and ...)
+CVE-2002-0963
 	NOT-FOR-US: GeekLog
-CVE-2002-0962 (Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier ...)
+CVE-2002-0962
 	NOT-FOR-US: GeekLog
-CVE-2002-0961 (Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote ...)
+CVE-2002-0961
 	NOT-FOR-US: Voxel Dot Net CBMS
-CVE-2002-0960 (Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS ...)
+CVE-2002-0960
 	NOT-FOR-US: Voxel Dot Net CBMS
-CVE-2002-0959 (Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote ...)
+CVE-2002-0959
 	NOT-FOR-US: Splatt Forum
-CVE-2002-0957 (The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a ...)
+CVE-2002-0957
 	NOT-FOR-US: BlackICE Agent
-CVE-2002-0956 (BlackICE Agent 3.1.eal does not always reactivate after a system ...)
+CVE-2002-0956
 	NOT-FOR-US: BlackICE Agent
-CVE-2002-0955 (Cross-site scripting vulnerability in YaBB.cgi for Yet Another ...)
+CVE-2002-0955
 	NOT-FOR-US: YaBB
-CVE-2002-0954 (The encryption algorithms for enable and passwd commands on Cisco PIX ...)
+CVE-2002-0954
 	NOT-FOR-US: Cisco
-CVE-2002-0951 (SQL injection vulnerability in Ruslan &lt;Body&gt;Builder allows remote ...)
+CVE-2002-0951
 	NOT-FOR-US: Ruslan
-CVE-2002-0950 (Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and ...)
+CVE-2002-0950
 	NOT-FOR-US: TransWARE Active!
-CVE-2002-0949 (Telindus 1100 series ADSL router allows remote attackers to gain ...)
+CVE-2002-0949
 	NOT-FOR-US: Telindus ADSL router
-CVE-2002-0948 (Scripts For Educators MakeBook 2.2 CGI program allows remote attackers ...)
+CVE-2002-0948
 	NOT-FOR-US: MakeBook
-CVE-2002-0944 (Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 ...)
+CVE-2002-0944
 	NOT-FOR-US: DeepMetrix LiveStats
-CVE-2002-0943 (MetaCart2.sql stores the user database under the web document root ...)
+CVE-2002-0943
 	NOT-FOR-US: MetaCart
-CVE-2002-0942 (Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers ...)
+CVE-2002-0942
 	NOT-FOR-US: Lugiment Log Explorer
-CVE-2002-0940 (domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use ...)
+CVE-2002-0940
 	NOT-FOR-US: nCipher MSCAPI
-CVE-2002-0939 (The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator ...)
+CVE-2002-0939
 	NOT-FOR-US: nCipher MSCAPI
-CVE-2002-0937 (The Java Server Pages (JSP) engine in JRun allows web page owners to ...)
+CVE-2002-0937
 	NOT-FOR-US: JRun
-CVE-2002-0936 (The Java Server Pages (JSP) engine in Tomcat allows web page owners to ...)
+CVE-2002-0936
 	- tomcat 3.2.3-1
-CVE-2002-0934 (Directory traversal vulnerability in Jon Hedley AlienForm2 (typically ...)
+CVE-2002-0934
 	NOT-FOR-US: Jon Hedley AlienForm2
-CVE-2002-0933 (Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords ...)
+CVE-2002-0933
 	NOT-FOR-US: Datalex PLC BooktIt Consumer
-CVE-2002-0932 (SQL injection vulnerability in index.php for MyHelpDesk 20020509, and ...)
+CVE-2002-0932
 	NOT-FOR-US: MyHelpDesk
-CVE-2002-0931 (Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and ...)
+CVE-2002-0931
 	NOT-FOR-US: MyHelpDesk
-CVE-2002-0930 (Format string vulnerability in the FTP server for Novell Netware 6.0 ...)
+CVE-2002-0930
 	NOT-FOR-US: Netware
-CVE-2002-0929 (Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote ...)
+CVE-2002-0929
 	NOT-FOR-US: Netware
-CVE-2002-0928 (Buffer overflow in the Pirch 98 IRC client allows remote attackers to ...)
+CVE-2002-0928
 	NOT-FOR-US: pirch
-CVE-2002-0926 (Directory traversal vulnerability in Wolfram Research webMathematica ...)
+CVE-2002-0926
 	NOT-FOR-US: webMathematica
-CVE-2002-0925 (Format string vulnerability in mmsyslog function allows remote ...)
+CVE-2002-0925
 	NOT-FOR-US: mmftpd not in Debian anymore
-CVE-2002-0924 (CGIScript.net csNews.cgi allows remote authenticated users to execute ...)
+CVE-2002-0924
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0923 (CGIScript.net csNews.cgi allows remote authenticated users to read ...)
+CVE-2002-0923
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0922 (CGIScript.net csNews.cgi allows remote attackers to obtain database ...)
+CVE-2002-0922
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0921 (CGIScript.net csNews.cgi allows remote attackers to obtain potentially ...)
+CVE-2002-0921
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0920 (CGIScript.net csPassword.cgi stores usernames and unencrypted ...)
+CVE-2002-0920
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0919 (CGIScript.net csPassword.cgi allows remote authenticated users to ...)
+CVE-2002-0919
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0918 (CGIScript.net csPassword.cgi leaks sensitive information such as the ...)
+CVE-2002-0918
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0917 (CGIScript.net csPassword.cgi stores .htpasswd files under the web ...)
+CVE-2002-0917
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0915 (autorun in Xandros based Linux distributions allows local users to ...)
+CVE-2002-0915
 	NOT-FOR-US: Xandros specific tool
-CVE-2002-0913 (Format string vulnerability in log_doit function of Slurp NNTP client ...)
+CVE-2002-0913
 	NOT-FOR-US: Slurp NNTP
-CVE-2002-0912 (in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other ...)
+CVE-2002-0912
 	NOTE: DSA-129
-CVE-2002-0910 (Buffer overflows in netstd 3.07-17 package allows remote DNS servers ...)
+CVE-2002-0910
 	NOTE: netstd
-CVE-2002-0909 (Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote ...)
+CVE-2002-0909
 	NOT-FOR-US: mnews
-CVE-2002-0908 (Directory traversal vulnerability in the web server for Cisco IDS ...)
+CVE-2002-0908
 	NOT-FOR-US: Cisco
-CVE-2002-0907 (Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 ...)
+CVE-2002-0907
 	NOT-FOR-US: SHOUTcast
-CVE-2002-0905 (Buffer overflow in sqlexec for Informix SE-7.25 allows local users to ...)
+CVE-2002-0905
 	NOT-FOR-US: Informix
-CVE-2002-0903 (register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small ...)
+CVE-2002-0903
 	NOT-FOR-US: wbboard
-CVE-2002-0902 (Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows ...)
+CVE-2002-0902
 	- phpbb2 2.0.6c-1
-CVE-2002-0901 (Multiple buffer overflows in Advanced Maryland Automatic Network Disk ...)
+CVE-2002-0901
 	- amanda 2.4.0b6-1
-CVE-2002-0899 (Falcon web server 2.0.0.1021 and earlier allows remote attackers to ...)
+CVE-2002-0899
 	NOT-FOR-US: Falcon
-CVE-2002-0896 (The throttle capability in Swatch may fail to report certain events if ...)
+CVE-2002-0896
 	- swatch 3.0.4-1
-CVE-2002-0894 (NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a ...)
+CVE-2002-0894
 	NOT-FOR-US: NewAtlanta ServletExec
-CVE-2002-0893 (Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 ...)
+CVE-2002-0893
 	NOT-FOR-US: NewAtlanta ServletExec
-CVE-2002-0888 (3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, ...)
+CVE-2002-0888
 	NOT-FOR-US: 3com
-CVE-2002-0886 (Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote ...)
+CVE-2002-0886
 	NOT-FOR-US: Cisco
-CVE-2002-0885 (Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and ...)
+CVE-2002-0885
 	NOT-FOR-US: Solaris
-CVE-2002-0884 (Multiple format string vulnerabilities in in.rarpd (ARP server) on ...)
+CVE-2002-0884
 	NOT-FOR-US: Solaris
-CVE-2002-0883 (Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator ...)
+CVE-2002-0883
 	NOT-FOR-US: Compaq
-CVE-2002-0882 (The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 ...)
+CVE-2002-0882
 	NOT-FOR-US: Cisco
-CVE-2002-0881 (Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default ...)
+CVE-2002-0881
 	NOT-FOR-US: Cisco
-CVE-2002-0880 (Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote ...)
+CVE-2002-0880
 	NOT-FOR-US: Cisco
-CVE-2002-0879 (showtemp.cfm for Gafware CFXImage 1.6.6 allows remote attackers to ...)
+CVE-2002-0879
 	NOT-FOR-US: CFXImage
-CVE-2002-0878 (SQL injection vulnerability in the login form for LogiSense software ...)
+CVE-2002-0878
 	NOT-FOR-US: LogiSense
-CVE-2002-0877 (Directory traversal vulnerability in the FTP server for Shambala 4.5 ...)
+CVE-2002-0877
 	NOT-FOR-US: Shambala
-CVE-2002-0876 (Web server for Shambala 4.5 allows remote attackers to cause a denial ...)
+CVE-2002-0876
 	NOT-FOR-US: Shambala
-CVE-2002-0874 (Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when ...)
+CVE-2002-0874
 	{DSA-150}
 	- interchange 4.8.6-1
-CVE-2002-0870 (The original patch for the Cisco Content Service Switch 11000 Series ...)
+CVE-2002-0870
 	NOT-FOR-US: Cisco
-CVE-2002-0869 (Unknown vulnerability in the hosting process (dllhost.exe) for ...)
+CVE-2002-0869
 	NOT-FOR-US: IIS
 CVE-2002-0868
 	RESERVED
-CVE-2002-0863 (Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and ...)
+CVE-2002-0863
 	NOT-FOR-US: Windows
-CVE-2002-0862 (The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, ...)
+CVE-2002-0862
 	NOT-FOR-US: Microsoft
-CVE-2002-0861 (Microsoft Office Web Components (OWC) 2000 and 2002 allows remote ...)
+CVE-2002-0861
 	NOT-FOR-US: Microsoft
-CVE-2002-0858 (catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a ...)
+CVE-2002-0858
 	NOT-FOR-US: Oracle
-CVE-2002-0857 (Format string vulnerabilities in Oracle Listener Control utility ...)
+CVE-2002-0857
 	NOT-FOR-US: Oracle
-CVE-2002-0855 (Cross-site scripting vulnerability in Mailman before 2.0.12 allows ...)
+CVE-2002-0855
 	{DSA-147}
 	- mailman 2.0.12-1
-CVE-2002-0854 (Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) ...)
+CVE-2002-0854
 	NOT-FOR-US: SuSE specific
-CVE-2002-0852 (Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 ...)
+CVE-2002-0852
 	NOT-FOR-US: Cisco
-CVE-2002-0849 (Linux-iSCSI iSCSI implementation installs the iscsi.conf file with ...)
+CVE-2002-0849
 	NOT-FOR-US: iSCSI
-CVE-2002-0843 (Buffer overflows in the ApacheBench benchmark support program (ab.c) ...)
+CVE-2002-0843
 	{DSA-195 DSA-188 DSA-187}
 	- apache 1.3.27-0.1
 	- apache-perl 1.3.26-1.1-1.27-3-1
 CVE-2002-0841
 	REJECTED
-CVE-2002-0839 (The shared memory scoreboard in the HTTP daemon for Apache 1.3.x ...)
+CVE-2002-0839
 	{DSA-195 DSA-188 DSA-187}
 	- apache 1.3.27-0.1
 	- apache-perl 1.3.26-1.1-1.27-3-1
-CVE-2002-0838 (Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and ...)
+CVE-2002-0838
 	{DSA-182 DSA-179 DSA-176}
 	- kdegraphics 4:2.2.2-6.9
 	- gnome-gv 1.99.7-9
 	- gv 1:3.5.8-27
-CVE-2002-0837 (wordtrans 1.1pre8 and earlier in the wordtrans-web package allows ...)
+CVE-2002-0837
 	- wordtrans 1.1pre9
-CVE-2002-0834 (Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier ...)
+CVE-2002-0834
 	{DSA-162}
 	- ethereal 0.9.6-1
-CVE-2002-0833 (Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly ...)
+CVE-2002-0833
 	NOT-FOR-US: Eudora
-CVE-2002-0832 (Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass ...)
+CVE-2002-0832
 	NOT-FOR-US: Internet Explorer
 CVE-2002-0828
 	REJECTED
-CVE-2002-0827 (Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows ...)
+CVE-2002-0827
 	NOT-FOR-US: UnixWare
-CVE-2002-0825 (Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 ...)
+CVE-2002-0825
 	- libnss-ldap 199-1
-CVE-2002-0822 (Ethereal 0.9.4 and earlier allows remote attackers to cause a denial ...)
+CVE-2002-0822
 	- ethereal 0.9.4-1woody1
-CVE-2002-0821 (Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers ...)
+CVE-2002-0821
 	- ethereal 0.9.4-1woody1
-CVE-2002-0820 (FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 ...)
+CVE-2002-0820
 	NOT-FOR-US: FreeBSD
-CVE-2002-0819 (Format string vulnerability in artsd, when called by artswrapper, ...)
+CVE-2002-0819
 	- arts <not-affected> (artscontrol not suid root)
-CVE-2002-0815 (The Javascript &quot;Same Origin Policy&quot; (SOP), as implemented in (1) ...)
+CVE-2002-0815
 	- mozilla 2:1.0.0-1
-CVE-2002-0812 (Information leak in Compaq WL310, and the Orinoco Residential Gateway ...)
+CVE-2002-0812
 	NOT-FOR-US: Compaq hardware
-CVE-2002-0811 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote ...)
+CVE-2002-0811
 	NOTE: bugzilla 2.16.0-2.1
-CVE-2002-0807 (Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, ...)
+CVE-2002-0807
 	NOTE: bugzilla 2.16.0-2.1
-CVE-2002-0803 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote ...)
+CVE-2002-0803
 	NOTE: bugzilla 2.16.0-2.1
-CVE-2002-0800 (BadBlue 1.7.0 allows remote attackers to list the contents of ...)
+CVE-2002-0800
 	NOT-FOR-US: BadBlue
-CVE-2002-0799 (Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers ...)
+CVE-2002-0799
 	NOT-FOR-US: YoungZoft
-CVE-2002-0798 (Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local ...)
+CVE-2002-0798
 	NOT-FOR-US: HP
-CVE-2002-0797 (Buffer overflow in the MIB parsing component of mibiisa for Solaris ...)
+CVE-2002-0797
 	NOT-FOR-US: Solaris
-CVE-2002-0796 (Format string vulnerability in the logging component of snmpdx for ...)
+CVE-2002-0796
 	NOT-FOR-US: Solaris
-CVE-2002-0793 (Hard link and possibly symbolic link following vulnerabilities in QNX ...)
+CVE-2002-0793
 	NOT-FOR-US: QNX
-CVE-2002-0792 (The web management interface for Cisco Content Service Switch (CSS) ...)
+CVE-2002-0792
 	NOT-FOR-US: Cisco
-CVE-2002-0791 (Novell Netware FTP server NWFTPD before 5.02r allows remote attackers ...)
+CVE-2002-0791
 	NOT-FOR-US: Novell
-CVE-2002-0787 (Cross-site scripting vulnerabilities in iCon administrative web server ...)
+CVE-2002-0787
 	NOT-FOR-US: iCon
-CVE-2002-0786 (iCon administrative web server for Critical Path inJoin Directory ...)
+CVE-2002-0786
 	NOT-FOR-US: Critical Path inJoin Directory Server
-CVE-2002-0784 (Directory traversal vulnerability in Lysias Lidik web server 0.7b ...)
+CVE-2002-0784
 	NOT-FOR-US: Lidik web server
-CVE-2002-0783 (Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary ...)
+CVE-2002-0783
 	NOT-FOR-US: Opera
-CVE-2002-0782 (Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled ...)
+CVE-2002-0782
 	NOT-FOR-US: Novell
-CVE-2002-0781 (RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers ...)
+CVE-2002-0781
 	NOT-FOR-US: Novell
-CVE-2002-0780 (IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote ...)
+CVE-2002-0780
 	NOT-FOR-US: Novell
-CVE-2002-0779 (FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote ...)
+CVE-2002-0779
 	NOT-FOR-US: Novell
-CVE-2002-0775 (browse.asp in Hosting Controller allows remote attackers to view ...)
+CVE-2002-0775
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0774 (Hosting Controller creates a default user AdvWebadmin with a default ...)
+CVE-2002-0774
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0773 (imp_rootdir.asp for Hosting Controller allows remote attackers to copy ...)
+CVE-2002-0773
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0772 (Directory traversal vulnerability in dsnmanager.asp for Hosting ...)
+CVE-2002-0772
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0771 (Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 ...)
+CVE-2002-0771
 	- viewcvs 0.9.2-5
-CVE-2002-0770 (Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain ...)
+CVE-2002-0770
 	NOT-FOR-US: Historic Quake2 issue
-CVE-2002-0769 (The web-based configuration interface for the Cisco ATA 186 Analog ...)
+CVE-2002-0769
 	NOT-FOR-US: Cisco
-CVE-2002-0767 (simpleinit on Linux systems does not close a read/write FIFO file ...)
+CVE-2002-0767
 	NOT-FOR-US: simpleinit
-CVE-2002-0764 (Phorum 3.3.2a allows remote attackers to execute arbitrary commands ...)
+CVE-2002-0764
 	NOT-FOR-US: Phorum
-CVE-2002-0763 (Vulnerability in administration server for HP VirtualVault 4.5 on ...)
+CVE-2002-0763
 	NOT-FOR-US: HP
-CVE-2002-0757 ((1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled ...)
+CVE-2002-0757
 	- webmin 0.980-1
 	- usermin 0.910-1
-CVE-2002-0756 (Cross-site scripting vulnerability in the authentication page for (1) ...)
+CVE-2002-0756
 	- webmin 0.980-1
 	- usermin 0.910-1
-CVE-2002-0753 (Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to ...)
+CVE-2002-0753
 	NOT-FOR-US: Talentsoft
-CVE-2002-0752 (CGIscript.net csMailto.cgi program exports feedback to a file that is ...)
+CVE-2002-0752
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0751 (CGIscript.net csMailto.cgi program allows remote attackers to use ...)
+CVE-2002-0751
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0750 (CGIscript.net csMailto.cgi program allows remote attackers to read ...)
+CVE-2002-0750
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0749 (CGIscript.net csMailto.cgi allows remote attackers to execute ...)
+CVE-2002-0749
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0747 (Buffer overflow in lsmcode in AIX 4.3.3. ...)
+CVE-2002-0747
 	NOT-FOR-US: AIX
-CVE-2002-0746 (Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure ...)
+CVE-2002-0746
 	NOT-FOR-US: AIX
-CVE-2002-0745 (Buffer overflow in uucp in AIX 4.3.3. ...)
+CVE-2002-0745
 	NOT-FOR-US: AIX
-CVE-2002-0744 (namerslv in AIX 4.3.3 core dumps when called with a very long ...)
+CVE-2002-0744
 	NOT-FOR-US: AIX
-CVE-2002-0743 (mail and mailx in AIX 4.3.3 core dump when called with a very long ...)
+CVE-2002-0743
 	NOT-FOR-US: AIX
-CVE-2002-0742 (Buffer overflow in pioout on AIX 4.3.3. ...)
+CVE-2002-0742
 	NOT-FOR-US: AIX
-CVE-2002-0740 (Buffer overflow in slrnpull for the SLRN package, when installed ...)
+CVE-2002-0740
 	- slrn 0.9.6.2-9
-CVE-2002-0739 (Cross-site scripting in PostCalendar 3.02 allows remote attackers to ...)
+CVE-2002-0739
 	NOT-FOR-US: PostCalendat
-CVE-2002-0735 (Format string vulnerability in the logging() function in C-Note Squid ...)
+CVE-2002-0735
 	- squid <not-affected> (Historic vulnerability, fixed before Woody was released)
-CVE-2002-0732 (Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote ...)
+CVE-2002-0732
 	NOT-FOR-US: MyGuestbook
-CVE-2002-0731 (Cross-site scripting vulnerability in demonstration scripts for ...)
+CVE-2002-0731
 	NOT-FOR-US: vqServer
-CVE-2002-0730 (Cross-site scripting vulnerability in guestbook.pl for Philip ...)
+CVE-2002-0730
 	NOT-FOR-US: guestbook
-CVE-2002-0728 (Buffer overflow in the progressive reader for libpng 1.2.x before ...)
+CVE-2002-0728
 	{DSA-140}
 	- libpng 1.0.12-4
 	- libpng3 1.2.1-2
-CVE-2002-0725 (NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local ...)
+CVE-2002-0725
 	NOT-FOR-US: windows
-CVE-2002-0724 (Buffer overflow in SMB (Server Message Block) protocol in Microsoft ...)
+CVE-2002-0724
 	NOT-FOR-US: windows
-CVE-2002-0723 (Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the ...)
+CVE-2002-0723
 	NOT-FOR-US: internet explorer
-CVE-2002-0721 (Microsoft SQL Server 7.0 and 2000 installs with weak permissions for ...)
+CVE-2002-0721
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2002-0717 (PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of ...)
+CVE-2002-0717
 	- php4 4:4.2.2-1
-CVE-2002-0715 (Vulnerability in Squid before 2.4.STABLE6 related to proxy ...)
+CVE-2002-0715
 	- squid 2.4.6-2
-CVE-2002-0713 (Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to ...)
+CVE-2002-0713
 	- squid 2.4.6-2
-CVE-2002-0712 (Entrust Authority Security Manager (EASM) 6.0 does not properly ...)
+CVE-2002-0712
 	NOT-FOR-US: EASM
-CVE-2002-0711 (Unknown vulnerability in Cluster Interconnect for HP TruCluster Server ...)
+CVE-2002-0711
 	NOT-FOR-US: HP
-CVE-2002-0709 (SQL injection vulnerabilities in the Web Reports Server for ...)
+CVE-2002-0709
 	NOT-FOR-US: no_package
-CVE-2002-0708 (Directory traversal vulnerability in the Web Reports Server for ...)
+CVE-2002-0708
 	NOT-FOR-US: no_package
-CVE-2002-0707 (The Web Reports Server for SurfControl SuperScout WebFilter allows ...)
+CVE-2002-0707
 	NOT-FOR-US: no_package
-CVE-2002-0706 (UserManager.js in the Web Reports Server for SurfControl SuperScout ...)
+CVE-2002-0706
 	NOT-FOR-US: no_package
-CVE-2002-0705 (The Web Reports Server for SurfControl SuperScout WebFilter stores the ...)
+CVE-2002-0705
 	NOT-FOR-US: no_package
-CVE-2002-0702 (Format string vulnerabilities in the logging routines for dynamic DNS ...)
+CVE-2002-0702
 	- dhcp3 3.0+3.0.1rc9-1
-CVE-2002-0699 (Unknown vulnerability in the Certificate Enrollment ActiveX Control in ...)
+CVE-2002-0699
 	NOT-FOR-US: windows
-CVE-2002-0693 (Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in ...)
+CVE-2002-0693
 	NOT-FOR-US: windows
-CVE-2002-0690 (Format string vulnerability in McAfee Security ePolicy Orchestrator ...)
+CVE-2002-0690
 	NOT-FOR-US: McAfee
 CVE-2002-0689
 	RESERVED
-CVE-2002-0686 (Buffer overflow in the search component for iPlanet Web Server (iWS) ...)
+CVE-2002-0686
 	NOT-FOR-US: no_package
-CVE-2002-0684 (Buffer overflow in DNS resolver functions that perform lookup of ...)
+CVE-2002-0684
 	- glibc 2.2.5-8
-CVE-2002-0683 (Directory traversal vulnerability in Carello 1.3 allows remote ...)
+CVE-2002-0683
 	NOT-FOR-US: no_package
-CVE-2002-0681 (Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows ...)
+CVE-2002-0681
 	NOT-FOR-US: no_package
-CVE-2002-0680 (Directory traversal vulnerability in GoAhead Web Server 2.1 allows ...)
+CVE-2002-0680
 	NOT-FOR-US: no_package
-CVE-2002-0677 (CDE ToolTalk database server (ttdbserver) allows remote attackers to ...)
+CVE-2002-0677
 	NOT-FOR-US: no_package
-CVE-2002-0675 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 ...)
+CVE-2002-0675
 	NOT-FOR-US: no_package
-CVE-2002-0670 (The web interface for Pingtel xpressa SIP-based voice-over-IP phone ...)
+CVE-2002-0670
 	NOT-FOR-US: no_package
-CVE-2002-0669 (The web interface for Pingtel xpressa SIP-based voice-over-IP phone ...)
+CVE-2002-0669
 	NOT-FOR-US: no_package
-CVE-2002-0667 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 ...)
+CVE-2002-0667
 	NOT-FOR-US: no_package
-CVE-2002-0666 (IPSEC implementations including (1) FreeS/WAN and (2) KAME do not ...)
+CVE-2002-0666
 	{DSA-201}
 	- freeswan 1.99-1
-CVE-2002-0664 (The default Access Control Lists (ACLs) of the administration database ...)
+CVE-2002-0664
 	NOT-FOR-US: ZMerge
-CVE-2002-0661 (Directory traversal vulnerability in Apache 2.0 through 2.0.39 on ...)
+CVE-2002-0661
 	- apache2 2.0.40
-CVE-2002-0660 (Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 ...)
+CVE-2002-0660
 	{DSA-140}
 	- libpng 1.0.12-4
 	- libpng3 1.2.1-2
-CVE-2002-0659 (The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ...)
+CVE-2002-0659
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-0657 (Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos ...)
+CVE-2002-0657
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-0656 (Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ...)
+CVE-2002-0656
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-0655 (OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not ...)
+CVE-2002-0655
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-1412 (Gallery photo album package before 1.3.1 allows local and possibly ...)
+CVE-2002-1412
 	{DSA-138}
 	- gallery 1.3-3
-CVE-2002-1574 (Buffer overflow in the ixj telephony card driver in Linux before ...)
+CVE-2002-1574
 	NOTE: fixed after 2.6/2.4.20 kernel
-CVE-2002-1560 (index.php in gBook 1.4 allows remote attackers to bypass ...)
+CVE-2002-1560
 	NOT-FOR-US: gbook not in Debian
-CVE-2002-1552 (Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users ...)
+CVE-2002-1552
 	NOT-FOR-US: novell
-CVE-2002-1550 (dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary ...)
+CVE-2002-1550
 	NOT-FOR-US: AIX
-CVE-2002-1549 (Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to ...)
+CVE-2002-1549
 	NOT-FOR-US: lhttpd not in Debian
-CVE-2002-1548 (Unknown vulnerability in autofs on AIX 4.3.0, when using executable ...)
+CVE-2002-1548
 	NOT-FOR-US: AIX
-CVE-2002-1547 (Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers ...)
+CVE-2002-1547
 	NOT-FOR-US: Netscreen
-CVE-2002-1543 (Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users ...)
+CVE-2002-1543
 	NOT-FOR-US: NetBSD
-CVE-2002-1541 (BadBlue 1.7 allows remote attackers to bypass password protections for ...)
+CVE-2002-1541
 	NOT-FOR-US: BadBlue not in Debian
-CVE-2002-1540 (The client for Symantec Norton AntiVirus Corporate Edition 7.5.x ...)
+CVE-2002-1540
 	NOT-FOR-US: norton
-CVE-2002-1538 (Acuma Acusend 4, and possibly earlier versions, allows remote ...)
+CVE-2002-1538
 	NOT-FOR-US: acusend not in Debian
-CVE-2002-1537 (admin_ug_auth.php in phpBB 2.0.0 allows local users to gain ...)
+CVE-2002-1537
 	- phpbb2 2.0.6c-1
 	NOTE: according to http://www.securityfocus.com/archive/1/297419
 	NOTE: phpBB versions above 2.0.0 are not vulnerable.
-CVE-2002-1534 (Macromedia Flash Player allows remote attackers to read arbitrary ...)
+CVE-2002-1534
 	NOTE: only affects flash 6.0 - 6.0.47.0, which is not in Debian
-CVE-2002-1532 (The administrative web interface (STEMWADM) for SurfControl SuperScout ...)
+CVE-2002-1532
 	NOT-FOR-US: surfcontrol
-CVE-2002-1531 (The administrative web interface (STEMWADM) for SurfControl SuperScout ...)
+CVE-2002-1531
 	NOT-FOR-US: surfcontrol
-CVE-2002-1530 (The administrative web interface (STEMWADM) for SurfControl SuperScout ...)
+CVE-2002-1530
 	NOT-FOR-US: surfcontrol
-CVE-2002-1529 (Cross-site scripting (XSS) vulnerability in msgError.asp for the ...)
+CVE-2002-1529
 	NOT-FOR-US: surfcontrol
-CVE-2002-1528 (MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the ...)
+CVE-2002-1528
 	NOT-FOR-US: mondosearch
-CVE-2002-1524 (Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) ...)
+CVE-2002-1524
 	NOT-FOR-US: winamp
-CVE-2002-1521 (Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD ...)
+CVE-2002-1521
 	NOT-FOR-US: webserver 4D
-CVE-2002-1520 (The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and ...)
+CVE-2002-1520
 	NOT-FOR-US: WatchGuard
-CVE-2002-1519 (Format string vulnerability in the CLI interface for WatchGuard ...)
+CVE-2002-1519
 	NOT-FOR-US: WatchGuard
-CVE-2002-1518 (mv in IRIX 6.5 creates a directory with world-writable permissions ...)
+CVE-2002-1518
 	NOT-FOR-US: IRIX
-CVE-2002-1517 (fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file ...)
+CVE-2002-1517
 	NOT-FOR-US: IRIX
-CVE-2002-1516 (rpcbind in SGI IRIX, when using the -w command line switch, allows ...)
+CVE-2002-1516
 	NOT-FOR-US: IRIX
-CVE-2002-1514 (gds_lock_mgr in Borland InterBase allows local users to overwrite ...)
+CVE-2002-1514
 	NOT-FOR-US: interbase
-CVE-2002-1513 (The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 ...)
+CVE-2002-1513
 	NOT-FOR-US: OpenVMS
-CVE-2002-1511 (The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() ...)
+CVE-2002-1511
 	- vnc 3.3.3r2-21
-CVE-2002-1510 (xdm, with the authComplain variable set to false, allows arbitrary ...)
+CVE-2002-1510
 	- xfree86 4.1.0-7
-CVE-2002-1509 (A patch for shadow-utils 20000902 causes the useradd command to create ...)
+CVE-2002-1509
 	NOT-FOR-US: redhat and mandrake only
-CVE-2002-1505 (SQL injection vulnerability in board.php for WoltLab Burning Board ...)
+CVE-2002-1505
 	NOT-FOR-US: WoltLab Burning Board not in Debian
-CVE-2002-1502 (Symbolic link vulnerability in xbreaky before 0.5.5 allows local users ...)
+CVE-2002-1502
 	NOT-FOR-US: xbreaky not in Debian
-CVE-2002-1501 (The MPS functionality in Enterasys SSR8000 (Smart Switch Router) ...)
+CVE-2002-1501
 	NOT-FOR-US: Enterasys
-CVE-2002-1497 (Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and ...)
+CVE-2002-1497
 	NOT-FOR-US: Null HTTP Server not in Debian
-CVE-2002-1496 (Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier ...)
+CVE-2002-1496
 	NOT-FOR-US: Null HTTP Server not in Debian
-CVE-2002-1494 (Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS allows ...)
+CVE-2002-1494
 	NOT-FOR-US: Aestiva
-CVE-2002-1493 (Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook ...)
+CVE-2002-1493
 	NOT-FOR-US: Lycos
-CVE-2002-1491 (The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most ...)
+CVE-2002-1491
 	NOT-FOR-US: Cisco
-CVE-2002-1490 (NetBSD 1.4 through 1.6 beta allows local users to cause a denial of ...)
+CVE-2002-1490
 	NOT-FOR-US: NetBSD
-CVE-2002-1479 (Cacti before 0.6.8 stores a MySQL username and password in plaintext ...)
+CVE-2002-1479
 	- cacti 0.6.8-1
-CVE-2002-1478 (Cacti before 0.6.8 allows attackers to execute arbitrary commands via ...)
+CVE-2002-1478
 	{DSA-164}
 	- cacti 0.6.8a-2
-CVE-2002-1477 (graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti ...)
+CVE-2002-1477
 	{DSA-164}
 	- cacti 0.6.8a-2
-CVE-2002-1476 (Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and ...)
+CVE-2002-1476
 	NOT-FOR-US: NetBSD
-CVE-2002-1472 (Untrusted search path vulnerability in libX11.so in xfree86, when used ...)
+CVE-2002-1472
 	- xfree86 4.2.1-1 (bug #280872)
-CVE-2002-1471 (The camel component for Ximian Evolution 1.0.x and earlier does not ...)
+CVE-2002-1471
 	- evolution 1.2.0-1 (bug #280883)
-CVE-2002-1469 (scponly does not properly verify the path when finding the (1) scp or ...)
+CVE-2002-1469
 	- scponly 3.8-1
 	NOTE: according to http://web.archive.org/web/20150425070754/http://sublimation.org/scponly/ (scponly home page)
 	NOTE: only versions of scponly older than scponly-2.4 are affected
-CVE-2002-1468 (Buffer overflow in errpt in AIX 4.3.3 allows local users to execute ...)
+CVE-2002-1468
 	NOT-FOR-US: AIX
-CVE-2002-1463 (Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and ...)
+CVE-2002-1463
 	NOT-FOR-US: symantec
-CVE-2002-1448 (An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya ...)
+CVE-2002-1448
 	NOT-FOR-US: Avaya P330, P130, and M770-ATM Cajun products
-CVE-2002-1447 (Buffer overflow in the vpnclient program for UNIX VPN Client before ...)
+CVE-2002-1447
 	NOT-FOR-US: Cisco
-CVE-2002-1446 (The error checking routine used for the C_Verify call on a symmetric ...)
+CVE-2002-1446
 	NOT-FOR-US: nCipher PKCS#11 library
-CVE-2002-1443 (The Google toolbar 1.1.58 and earlier allows remote web sites to ...)
+CVE-2002-1443
 	NOT-FOR-US: Google toolbar
-CVE-2002-1438 (The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 ...)
+CVE-2002-1438
 	NOT-FOR-US: Perl on Novell
-CVE-2002-1437 (Directory traversal vulnerability in the web handler for Perl 5.003 on ...)
+CVE-2002-1437
 	NOT-FOR-US: Perl on Novell
-CVE-2002-1436 (The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 ...)
+CVE-2002-1436
 	NOT-FOR-US: Perl on Novell
-CVE-2002-1435 (class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except ...)
+CVE-2002-1435
 	NOT-FOR-US: Achievo not in Debian
-CVE-2002-1430 (Unknown vulnerability in Sympoll 1.2 allows remote attackers to read ...)
+CVE-2002-1430
 	NOT-FOR-US: Sympoll not in Debian
-CVE-2002-1425 (Directory traversal vulnerability in munpack in mpack 1.5 and earlier ...)
+CVE-2002-1425
 	{DSA-141}
 	- mpack 1.5-9
-CVE-2002-1424 (Buffer overflow in munpack in mpack 1.5 and earlier allows remote ...)
+CVE-2002-1424
 	- mpack 1.5-9
-CVE-2002-1420 (Integer signedness error in select() on OpenBSD 3.1 and earlier allows ...)
+CVE-2002-1420
 	NOT-FOR-US: OpenBSD
-CVE-2002-1419 (The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes ...)
+CVE-2002-1419
 	NOT-FOR-US: IRIX on Origin
-CVE-2002-1418 (Buffer overflow in the interpreter for Novell NetBasic Scripting ...)
+CVE-2002-1418
 	NOT-FOR-US: Novell NetBasic Scripting Server
-CVE-2002-1417 (Directory traversal vulnerability in Novell NetBasic Scripting Server ...)
+CVE-2002-1417
 	NOT-FOR-US: Novell NetBasic Scripting Server
-CVE-2002-1414 (Buffer overflow in qmailadmin allows local users to gain privileges ...)
+CVE-2002-1414
 	- qmailadmin 1.0.6-1
-CVE-2002-1413 (RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, ...)
+CVE-2002-1413
 	NOT-FOR-US: RCONAG6 for Novell Netware SP2
-CVE-2002-1407 (TinySSL 1.02 and earlier does not verify the Basic Constraints for an ...)
+CVE-2002-1407
 	NOT-FOR-US: TinySSL not in Debian
-CVE-2002-1405 (CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote ...)
+CVE-2002-1405
 	{DSA-210}
 	- lynx 2.8.4.1b-4
 	- lynx-ssl 1:2.8.4.1b-3.1
 CVE-2002-XXXX [Cross-Site-Scripting in Bugzilla]
 	- bugzilla 2.16.2-1
-CVE-2002-1403 (dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to ...)
+CVE-2002-1403
 	{DSA-219}
 	- dhcpcd 1:1.3.22pl2-2
 	NOTE: Debian sarge uses dhcp >= 2.0
-CVE-2002-1396 (Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 ...)
+CVE-2002-1396
 	- php4 4:4.3.2+rc3-1
 	NOTE: according to http://www.securityfocus.com/bid/6488
 	NOTE: woody is not vulnerable
-CVE-2002-1394 (Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet ...)
+CVE-2002-1394
 	{DSA-225}
 	- tomcat4 4.1.16-1
-CVE-2002-1392 (faxspool in mgetty before 1.1.29 uses a world-writable spool directory ...)
+CVE-2002-1392
 	- mgetty 1.1.30-1
 	NOTE: woody version seems to be vulnerable see bug #199351
-CVE-2002-1391 (Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote ...)
+CVE-2002-1391
 	- mgetty 1.1.30-1
 	NOTE: woody version seems to be vulnerable see bug #199351
-CVE-2002-1390 (The daemon for GeneWeb before 4.09 does not properly handle requested ...)
+CVE-2002-1390
 	{DSA-223}
 	- geneweb 4.09-1
-CVE-2002-1389 (Buffer overflow in typespeed 0.4.2 and earlier allows local users to ...)
+CVE-2002-1389
 	{DSA-217}
 	- typespeed 0.4.2-2
-CVE-2002-1388 (Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 ...)
+CVE-2002-1388
 	{DSA-221}
 	- mhonarc 2.5.14-1
-CVE-2002-1385 (openwebmail_init in Open WebMail 1.81 and earlier allows local users ...)
+CVE-2002-1385
 	- openwebmail 1.90-1
-CVE-2002-1384 (Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, ...)
+CVE-2002-1384
 	{DSA-232 DSA-226 DSA-222}
 	- xpdf-i 2.01-2
 	- xpdf 2.01-2
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1382 (Macromedia Flash Player before 6.0.65.0 allows remote attackers to ...)
+CVE-2002-1382
 	- flashplugin-nonfree 6.0.69-1
-CVE-2002-1381 (Format string vulnerability in daemon.c for Exim 4.x through 4.10, and ...)
+CVE-2002-1381
 	- exim4 4.11-0.0.1
 	- exim 3.36-14
-CVE-2002-1380 (Linux kernel 2.2.x allows local users to cause a denial of service ...)
+CVE-2002-1380
 	{DSA-336}
 	- kernel-source-2.2.25 2.2.25-2
-CVE-2002-1377 (vim 6.0 and 6.1, and possibly other versions, allows attackers to ...)
+CVE-2002-1377
 	- vim 6.1.263-1
 	NOTE: woody seems to be still vulnerable
 	NOTE: according to bug #178102 a fixed package was uploaded to the security team in January 2003
@@ -3165,1254 +3165,1254 @@ CVE-2002-1377 (vim 6.0 and 6.1, and possibly other versions, allows attackers to
 	NOTE: I've mailed maintainer Luca Filipozzi <lfilipoz@debian.org> about this.
 	NOTE: No response from maintainer, I have mailed security team.
 	NOTE: Martin Schulze don't consider this as an issue for updating woody.
-CVE-2002-1375 (The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to ...)
+CVE-2002-1375
 	{DSA-212}
 	- mysql <removed>
-CVE-2002-1374 (The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x ...)
+CVE-2002-1374
 	{DSA-212}
 	- mysql <removed>
-CVE-2002-1373 (Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL ...)
+CVE-2002-1373
 	{DSA-212}
 	- mysql <removed>
-CVE-2002-1372 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not ...)
+CVE-2002-1372
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1371 (filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 ...)
+CVE-2002-1371
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1369 (jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 ...)
+CVE-2002-1369
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1367 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ...)
+CVE-2002-1367
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1366 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local ...)
+CVE-2002-1366
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1365 (Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not ...)
+CVE-2002-1365
 	{DSA-216}
 	- fetchmail 6.2.0-1
-CVE-2002-1364 (Buffer overflow in the get_origin function in traceroute-nanog allows ...)
+CVE-2002-1364
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1363 (Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does ...)
+CVE-2002-1363
 	{DSA-213}
 	- libpng 1.0.12-7
 	- libpng3 1.2.5-8
-CVE-2002-1362 (mICQ 0.4.9 and earlier allows remote attackers to cause a denial of ...)
+CVE-2002-1362
 	{DSA-211}
 	- micq 0.4.9.4-1
-CVE-2002-1361 (overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security ...)
+CVE-2002-1361
 	NOT-FOR-US: sun
-CVE-2002-1350 (The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly ...)
+CVE-2002-1350
 	{DSA-206}
 	- tcpdump 3.7.2-1
 	NOTE: The fix from 3.6.2-2.2 was not upload to unstable.
 CVE-2002-XXXX [Multiple buffer overflows in gtetrinet]
 	- gtetrinet 0.4.4-1
-CVE-2002-1349 (Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 ...)
+CVE-2002-1349
 	NOT-FOR-US: PC-cillin
-CVE-2002-1348 (w3m before 0.3.2.2 does not properly escape HTML tags in the ALT ...)
+CVE-2002-1348
 	{DSA-251 DSA-250 DSA-249}
 	- w3m 0.3.2.2-1
 	- w3mmee 0.3.p24.17-3
-CVE-2002-1337 (Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to ...)
+CVE-2002-1337
 	{DSA-257}
 	- sendmail 8.13.0.PreAlpha4-0
 	- sendmail-wine <removed>
 	NOTE: problem in sendmail 8.12, sarge uses 8.13
-CVE-2002-1336 (TightVNC before 1.2.6 generates the same challenge string for multiple ...)
+CVE-2002-1336
 	- tightvnc 1.2.6-1
-CVE-2002-1327 (Buffer overflow in the Windows Shell function in Microsoft Windows XP ...)
+CVE-2002-1327
 	NOT-FOR-US: windows
-CVE-2002-1325 (Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows ...)
+CVE-2002-1325
 	NOT-FOR-US: windows
-CVE-2002-1323 (Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may ...)
+CVE-2002-1323
 	{DSA-208}
 	- perl 5.8.0-14
-CVE-2002-1320 (Pine 4.44 and earlier allows remote attackers to cause a denial of ...)
+CVE-2002-1320
 	NOT-FOR-US: pine not in Debian
-CVE-2002-1319 (The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 ...)
+CVE-2002-1319
 	NOTE: fixed after 2.4.20 kernel (2.6 not vulnerable)
-CVE-2002-1318 (Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers ...)
+CVE-2002-1318
 	{DSA-200}
 	- samba 2.2.7
-CVE-2002-1317 (Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on ...)
+CVE-2002-1317
 	NOT-FOR-US: solaris
-CVE-2002-1313 (nullmailer 1.00RC5 and earlier allows local users to cause a denial of ...)
+CVE-2002-1313
 	{DSA-198}
 	- nullmailer 1.00RC5-17
-CVE-2002-1311 (Courier sqwebmail before 0.40.0 does not quickly drop privileges after ...)
+CVE-2002-1311
 	{DSA-197}
 	- courier 0.40.0-1
-CVE-2002-1308 (Heap-based buffer overflow in Netscape and Mozilla allows remote ...)
+CVE-2002-1308
 	- mozilla 2:1.2-1
 	NOTE: woody is vulnerable see #237422
-CVE-2002-1307 (Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier ...)
+CVE-2002-1307
 	{DSA-199}
 	- mhonarc 2.5.13-1
-CVE-2002-1296 (Directory traversal vulnerability in priocntl system call in Solaris ...)
+CVE-2002-1296
 	NOT-FOR-US: Solaris
-CVE-2002-1284 (The wizard in KGPG 0.6 through 0.8.2 does not properly provide the ...)
+CVE-2002-1284
 	- kdeutils 4:3.2.1-1
-CVE-2002-1278 (The mailconf module in Linuxconf 1.24, and other versions before 1.28, ...)
+CVE-2002-1278
 	NOTE: Linuxconf not in testing/unstable
-CVE-2002-1277 (Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow ...)
+CVE-2002-1277
 	{DSA-190}
 	- wmaker 0.80.1-4
-CVE-2002-1272 (Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a ...)
+CVE-2002-1272
 	NOT-FOR-US: Alcatel
-CVE-2002-1271 (The Mail::Mailer Perl module in the perl-MailTools package 1.47 and ...)
+CVE-2002-1271
 	{DSA-386}
 	- libmailtools-perl 1.51 (bug #168381)
-CVE-2002-1270 (Mac OS X 10.2.2 allows local users to read files that only allow write ...)
+CVE-2002-1270
 	NOT-FOR-US: Mac OS X
-CVE-2002-1268 (Mac OS X 10.2.2 allows local users to gain privileges via a mounted ...)
+CVE-2002-1268
 	NOT-FOR-US: Mac OS X
-CVE-2002-1267 (Mac OS X 10.2.2 allows remote attackers to cause a denial of service ...)
+CVE-2002-1267
 	NOT-FOR-US: Mac OS X
-CVE-2002-1266 (Mac OS X 10.2.2 allows local users to gain privileges by mounting a ...)
+CVE-2002-1266
 	NOT-FOR-US: Mac OS X
-CVE-2002-1265 (The Sun RPC functionality in multiple libc implementations does not ...)
+CVE-2002-1265
 	NOTE: don't know which version of glibc fix this
 	NOTE: I've mailed maintainers.
-CVE-2002-1264 (Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 ...)
+CVE-2002-1264
 	NOT-FOR-US: oracle
-CVE-2002-1260 (The Java Database Connectivity (JDBC) APIs in Microsoft Virtual ...)
+CVE-2002-1260
 	NOT-FOR-US: Microsoft JVM
-CVE-2002-1257 (Microsoft Virtual Machine (VM) up to and including build 5.0.3805 ...)
+CVE-2002-1257
 	NOT-FOR-US: Microsoft JVM
-CVE-2002-1256 (The SMB signing capability in the Server Message Block (SMB) protocol ...)
+CVE-2002-1256
 	NOT-FOR-US: Microsoft Windows
-CVE-2002-1255 (Microsoft Outlook 2002 allows remote attackers to cause a denial of ...)
+CVE-2002-1255
 	NOT-FOR-US: Microsoft Outlook
-CVE-2002-1253 (Abuse 2.00 and earlier allows local users to gain privileges via ...)
+CVE-2002-1253
 	NOT-FOR-US: Abuse 2.00 not in Debian
-CVE-2002-1252 (The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as ...)
+CVE-2002-1252
 	NOT-FOR-US: PeopleSoft
-CVE-2002-1251 (Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to ...)
+CVE-2002-1251
 	{DSA-186}
 	- log2mail 0.2.6-1
-CVE-2002-1250 (Buffer overflow in Abuse 2.00 and earlier allows local users to gain ...)
+CVE-2002-1250
 	NOT-FOR-US: Abuse 2.00 not in Debian
-CVE-2002-1248 (Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other ...)
+CVE-2002-1248
 	NOT-FOR-US: Xeneo Web Server
-CVE-2002-1245 (Maped in LuxMan 0.41 uses the user-provided search path to find and ...)
+CVE-2002-1245
 	{DSA-189}
 	- luxman 0.41-19
-CVE-2002-1244 (Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly ...)
+CVE-2002-1244
 	NOT-FOR-US: Pablo FTP Server
-CVE-2002-1242 (SQL injection vulnerability in PHP-Nuke before 6.0 allows remote ...)
+CVE-2002-1242
 	NOT-FOR-US: PHP-Nuke not in Debian
-CVE-2002-1239 (QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and ...)
+CVE-2002-1239
 	NOT-FOR-US: QNX
-CVE-2002-1236 (The remote management web server for Linksys BEFSR41 EtherFast ...)
+CVE-2002-1236
 	NOT-FOR-US: Linksys
-CVE-2002-1232 (Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS ...)
+CVE-2002-1232
 	{DSA-180}
 	- nis 3.9-6.2
-CVE-2002-1231 (SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a ...)
+CVE-2002-1231
 	NOT-FOR-US: SCO
-CVE-2002-1230 (NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows ...)
+CVE-2002-1230
 	NOT-FOR-US: Windows NT
-CVE-2002-1227 (PAM 0.76 treats a disabled password as if it were an empty (null) ...)
+CVE-2002-1227
 	{DSA-177}
 	- pam 0.76-6
-CVE-2002-1224 (Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE ...)
+CVE-2002-1224
 	- kdenetwork 4:3.1.0-1
-CVE-2002-1223 (Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView ...)
+CVE-2002-1223
 	- kdegraphics 4:3.1.0-1
-CVE-2002-1222 (Buffer overflow in the embedded HTTP server for Cisco Catalyst ...)
+CVE-2002-1222
 	NOT-FOR-US: CISCO
-CVE-2002-1221 (BIND 8.x through 8.3.3 allows remote attackers to cause a denial of ...)
+CVE-2002-1221
 	{DSA-196}
 	- bind 1:8.3.3-3
 	- bind9 <not-affected>
-CVE-2002-1220 (BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of ...)
+CVE-2002-1220
 	{DSA-196}
 	- bind 1:8.3.3-3
 	- bind9 <not-affected>
-CVE-2002-1219 (Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 ...)
+CVE-2002-1219
 	{DSA-196}
 	- bind 1:8.3.3-3
 	- bind9 <not-affected>
-CVE-2002-1214 (Buffer overflow in Microsoft PPTP Service on Windows XP and Windows ...)
+CVE-2002-1214
 	NOT-FOR-US: Microsoft
-CVE-2002-1211 (Prometheus 6.0 and earlier allows remote attackers to execute ...)
+CVE-2002-1211
 	NOT-FOR-US: Prometheus not in Debian
-CVE-2002-1200 (Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when ...)
+CVE-2002-1200
 	{DSA-175}
 	- syslog-ng 1.5.21-1
-CVE-2002-1199 (The getdbm procedure in ypxfrd allows local users to read arbitrary ...)
+CVE-2002-1199
 	NOT-FOR-US: ypxfrd not in Debian
-CVE-2002-1198 (Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes ...)
+CVE-2002-1198
 	- bugzilla 2.16.1-1
 	NOTE: woody seems to be vulnerable, bug #282500
-CVE-2002-1197 (bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x ...)
+CVE-2002-1197
 	- bugzilla 2.16.1-1
 	NOTE: woody seems to be vulnerable, bug #282501
-CVE-2002-1196 (editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before ...)
+CVE-2002-1196
 	{DSA-173}
 	- bugzilla 2.16.0-2.1
-CVE-2002-1195 (Cross-site scripting vulnerability (XSS) in the PHP interface for ...)
+CVE-2002-1195
 	{DSA-169}
 	- htcheck 1:1.1-1.2
-CVE-2002-1193 (tkmail before 4.0beta9-8.1 allows local users to create or overwrite ...)
+CVE-2002-1193
 	{DSA-172}
 	- tkmail <removed>
-CVE-2002-1189 (The default configuration of Cisco Unity 2.x and 3.x does not block ...)
+CVE-2002-1189
 	NOT-FOR-US: CISCO
-CVE-2002-1188 (Internet Explorer 5.01 through 6.0 allows remote attackers to identify ...)
+CVE-2002-1188
 	NOT-FOR-US: Microsoft
-CVE-2002-1187 (Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 ...)
+CVE-2002-1187
 	NOT-FOR-US: Microsoft
-CVE-2002-1186 (Internet Explorer 5.01 through 6.0 does not properly perform security ...)
+CVE-2002-1186
 	NOT-FOR-US: Microsoft
-CVE-2002-1185 (Internet Explorer 5.01 through 6.0 does not properly check certain ...)
+CVE-2002-1185
 	NOT-FOR-US: Microsoft
-CVE-2002-1184 (The system root folder of Microsoft Windows 2000 has default ...)
+CVE-2002-1184
 	NOT-FOR-US: Microsoft
-CVE-2002-1183 (Microsoft Windows 98 and Windows NT 4.0 do not properly verify the ...)
+CVE-2002-1183
 	NOT-FOR-US: Microsoft
-CVE-2002-1182 (IIS 5.0 and 5.1 allows remote attackers to cause a denial of service ...)
+CVE-2002-1182
 	NOT-FOR-US: Microsoft
-CVE-2002-1180 (A typographical error in the script source access permissions for ...)
+CVE-2002-1180
 	NOT-FOR-US: Microsoft
-CVE-2002-1179 (Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook ...)
+CVE-2002-1179
 	NOT-FOR-US: Microsoft
-CVE-2002-1178 (Directory traversal vulnerability in the CGIServlet for Jetty HTTP ...)
+CVE-2002-1178
 	- jetty 4.1.0
-CVE-2002-1170 (The handle_var_requests function in snmp_agent.c for the SNMP daemon ...)
+CVE-2002-1170
 	- net-snmp 5.0.6
-CVE-2002-1169 (IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before ...)
+CVE-2002-1169
 	NOT-FOR-US: IBM Web Traffic Express Caching Proxy Server
-CVE-2002-1160 (The default configuration of the pam_xauth module forwards ...)
+CVE-2002-1160
 	NOT-FOR-US: pam_xauth
-CVE-2002-1159 (Canna 3.6 and earlier does not properly validate requests, which ...)
+CVE-2002-1159
 	{DSA-224}
 	- canna 3.6p1-1
-CVE-2002-1158 (Buffer overflow in the irw_through function for Canna 3.5b2 and ...)
+CVE-2002-1158
 	{DSA-224}
 	- canna 3.6p1-1
-CVE-2002-1157 (Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 ...)
+CVE-2002-1157
 	{DSA-181}
 	- libapache-mod-ssl 2.8.9-2.3
-CVE-2002-1156 (Apache 2.0.42 allows remote attackers to view the source code of a CGI ...)
+CVE-2002-1156
 	- apache2 2.0.43
-CVE-2002-1154 (anlgform.pl in Analog before 5.23 does not restrict access to the ...)
+CVE-2002-1154
 	- analog 2:5.23
-CVE-2002-1153 (IBM Websphere 4.0.3 allows remote attackers to cause a denial of ...)
+CVE-2002-1153
 	NOT-FOR-US: IBM Websphere
-CVE-2002-1152 (Konqueror in KDE 3.0 through 3.0.2 does not properly detect the ...)
+CVE-2002-1152
 	- kdebase 3.03
-CVE-2002-1151 (The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 ...)
+CVE-2002-1151
 	{DSA-167}
 	- kdelibs 4:2.2.2-14
-CVE-2002-1148 (The default servlet (org.apache.catalina.servlets.DefaultServlet) in ...)
+CVE-2002-1148
 	{DSA-170}
 	- tomcat4 4.1.12-1
-CVE-2002-1147 (The HTTP administration interface for HP Procurve 4000M Switch ...)
+CVE-2002-1147
 	NOT-FOR-US: HP Procurve 4000M Switch firmware
-CVE-2002-1146 (The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries ...)
+CVE-2002-1146
 	NOTE: see http://www.kb.cert.org/vuls/id/AAMN-5D28K6 (glibc)
 	NOTE: see http://www.kb.cert.org/vuls/id/AAMN-5D287U (bind)
 	- glibc 2.3
 	- bind 1:8.3.3
-CVE-2002-1142 (Heap-based buffer overflow in the Remote Data Services (RDS) component ...)
+CVE-2002-1142
 	NOT-FOR-US: Microsoft
-CVE-2002-1141 (An input validation error in the Sun Microsystems RPC library Services ...)
+CVE-2002-1141
 	NOT-FOR-US: Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP
-CVE-2002-1140 (The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as ...)
+CVE-2002-1140
 	NOT-FOR-US: Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP
-CVE-2002-1139 (The Compressed Folders feature in Microsoft Windows 98 with Plus! ...)
+CVE-2002-1139
 	NOT-FOR-US: Microsoft
-CVE-2002-1138 (Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine ...)
+CVE-2002-1138
 	NOT-FOR-US: Microsoft
-CVE-2002-1137 (Buffer overflow in the Database Console Command (DBCC) that handles ...)
+CVE-2002-1137
 	NOT-FOR-US: Microsoft
-CVE-2002-1135 (modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, ...)
+CVE-2002-1135
 	NOT-FOR-US: phpWebSite
-CVE-2002-1132 (SquirrelMail 1.2.7 and earlier allows remote attackers to determine ...)
+CVE-2002-1132
 	{DSA-191}
 	- squirrelmail 1:1.2.8-1.1
-CVE-2002-1126 (Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape ...)
+CVE-2002-1126
 	- mozilla 2:1.2
-CVE-2002-1123 (Buffer overflow in the authentication function for Microsoft SQL ...)
+CVE-2002-1123
 	NOT-FOR-US: Microsoft
-CVE-2002-1122 (Buffer overflow in the parsing mechanism for ISS Internet Scanner ...)
+CVE-2002-1122
 	NOT-FOR-US: Microsoft
-CVE-2002-1119 (os._execvpe from os.py in Python 2.2.1 and earlier creates temporary ...)
+CVE-2002-1119
 	{DSA-159}
 	- python1.5 1.5.2-24
 	- python2.1 2.1.3-6a
 	- python2.2 2.2.1-8
 	- python2.3 <not-affected>
-CVE-2002-1118 (TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and ...)
+CVE-2002-1118
 	NOT-FOR-US: Oracle
-CVE-2002-1117 (Veritas Backup Exec 8.5 and earlier requires that the ...)
+CVE-2002-1117
 	NOT-FOR-US: Veritas Backup Exec
-CVE-2002-1116 (The &quot;View Bugs&quot; page (view_all_bug_page.php) in Mantis 0.17.4a and ...)
+CVE-2002-1116
 	{DSA-161}
 	- mantis 0.17.5-2
-CVE-2002-1113 (summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote ...)
+CVE-2002-1113
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1112 (Mantis before 0.17.4 allows remote attackers to list project bugs ...)
+CVE-2002-1112
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1111 (print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify ...)
+CVE-2002-1111
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1109 (securetar, as used in AMaViS shell script 0.2.1 and earlier, allows ...)
+CVE-2002-1109
 	NOTE: old amavis shell script
-CVE-2002-1108 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x ...)
+CVE-2002-1108
 	NOT-FOR-US: Cisco
-CVE-2002-1107 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x ...)
+CVE-2002-1107
 	NOT-FOR-US: Cisco
-CVE-2002-1106 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x ...)
+CVE-2002-1106
 	NOT-FOR-US: Cisco
-CVE-2002-1105 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x ...)
+CVE-2002-1105
 	NOT-FOR-US: Cisco
-CVE-2002-1104 (Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x ...)
+CVE-2002-1104
 	NOT-FOR-US: Cisco
-CVE-2002-1102 (The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, ...)
+CVE-2002-1102
 	NOT-FOR-US: Cisco
-CVE-2002-1099 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote ...)
+CVE-2002-1099
 	NOT-FOR-US: Cisco
-CVE-2002-1098 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an ...)
+CVE-2002-1098
 	NOT-FOR-US: Cisco
-CVE-2002-1097 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows ...)
+CVE-2002-1097
 	NOT-FOR-US: Cisco
-CVE-2002-1096 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows ...)
+CVE-2002-1096
 	NOT-FOR-US: Cisco
-CVE-2002-1095 (Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, ...)
+CVE-2002-1095
 	NOT-FOR-US: Cisco
-CVE-2002-1093 (HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before ...)
+CVE-2002-1093
 	NOT-FOR-US: Cisco
-CVE-2002-1092 (Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when ...)
+CVE-2002-1092
 	NOT-FOR-US: Cisco
-CVE-2002-1091 (Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers ...)
+CVE-2002-1091
 	- mozilla 2:1.0.2
-CVE-2002-1088 (Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote ...)
+CVE-2002-1088
 	NOT-FOR-US: Novell GroupWise
-CVE-2002-1081 (The Administration console for Abyss Web Server 1.0.3 allows remote ...)
+CVE-2002-1081
 	NOT-FOR-US: Abyss Web Server
-CVE-2002-1079 (Directory traversal vulnerability in Abyss Web Server 1.0.3 allows ...)
+CVE-2002-1079
 	NOT-FOR-US: Abyss Web Server
-CVE-2002-1076 (Buffer overflow in the Web Messaging daemon for Ipswitch IMail before ...)
+CVE-2002-1076
 	NOT-FOR-US: Ipswitch IMail
-CVE-2002-1060 (Cross-site scripting (XSS) vulnerability in Blue Coat Systems ...)
+CVE-2002-1060
 	NOT-FOR-US: CacheFlow CacheOS
-CVE-2002-1059 (Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x ...)
+CVE-2002-1059
 	NOT-FOR-US: Van Dyke SecureCRT SSH client
-CVE-2002-1057 (Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows ...)
+CVE-2002-1057
 	NOT-FOR-US: SmartMax MailMax POP3 daemon
-CVE-2002-1056 (Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word ...)
+CVE-2002-1056
 	NOT-FOR-US: Microsoft
-CVE-2002-1054 (Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and ...)
+CVE-2002-1054
 	NOT-FOR-US: Pablo FTP server
-CVE-2002-1053 (Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server ...)
+CVE-2002-1053
 	NOT-FOR-US: W3C Jigsaw Proxy Server
-CVE-2002-1051 (Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG ...)
+CVE-2002-1051
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1050 (Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote ...)
+CVE-2002-1050
 	{DSA-148}
 	- hylafax 4.1.2-2.1
-CVE-2002-1049 (Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows ...)
+CVE-2002-1049
 	{DSA-148}
 	- hylafax 4.1.2-2.1
-CVE-2002-1046 (Dynamic VPN Configuration Protocol service (DVCP) in Watchguard ...)
+CVE-2002-1046
 	NOT-FOR-US: Watchguard Firebox firmware
-CVE-2002-1039 (Directory traversal vulnerability in Double Choco Latte (DCL) before ...)
+CVE-2002-1039
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/20020706
-CVE-2002-1035 (Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of ...)
+CVE-2002-1035
 	NOT-FOR-US: Omnicron OmniHTTPd
-CVE-2002-1031 (KeyFocus (KF) web server 1.0.2 allows remote attackers to list ...)
+CVE-2002-1031
 	NOT-FOR-US: KeyFocus (KF) web server
-CVE-2002-1030 (Race condition in Performance Pack in BEA WebLogic Server and Express ...)
+CVE-2002-1030
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2002-1025 (JRun 3.0 through 4.0 allows remote attackers to read JSP source code ...)
+CVE-2002-1025
 	NOT-FOR-US: JRun
-CVE-2002-1024 (Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote ...)
+CVE-2002-1024
 	NOT-FOR-US: Cisco
-CVE-2002-1015 (RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold ...)
+CVE-2002-1015
 	NOT-FOR-US: Real
-CVE-2002-1014 (Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne ...)
+CVE-2002-1014
 	NOT-FOR-US: Real
-CVE-2002-1013 (Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 ...)
+CVE-2002-1013
 	NOT-FOR-US: Inktomi
-CVE-2002-1006 (Cross-site scripting (XSS) vulnerability in BBC Education Text to ...)
+CVE-2002-1006
 	NOT-FOR-US: Betsie
-CVE-2002-1004 (Directory traversal vulnerability in webmail feature of ArGoSoft Mail ...)
+CVE-2002-1004
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2002-1002 (Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote ...)
+CVE-2002-1002
 	NOT-FOR-US: Novell
-CVE-2002-1000 (Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote ...)
+CVE-2002-1000
 	NOT-FOR-US: AnalogX SimpleServer:Shout
-CVE-2002-0995 (login.php for PHPAuction allows remote attackers to gain privileges ...)
+CVE-2002-0995
 	NOT-FOR-US: PHPAuction
-CVE-2002-0990 (The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 ...)
+CVE-2002-0990
 	NOT-FOR-US: Symantec
-CVE-2002-0989 (The URL handler in the manual browser option for Gaim before 0.59.1 ...)
+CVE-2002-0989
 	{DSA-158}
 	- gaim 1:0.59.1-2
-CVE-2002-0988 (Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare ...)
+CVE-2002-0988
 	NOT-FOR-US: Xsco
-CVE-2002-0987 (X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop ...)
+CVE-2002-0987
 	NOT-FOR-US: Xsco
-CVE-2002-0986 (The mail function in PHP 4.x to 4.2.2 does not filter ASCII control ...)
+CVE-2002-0986
 	{DSA-168}
 	- php3 3:3.0.18-23.2
 	- php4 4:4.2.3-3
-CVE-2002-0985 (Argument injection vulnerability in the mail function for PHP 4.x to ...)
+CVE-2002-0985
 	{DSA-168}
 	- php3 3:3.0.18-23.2
 	- php4 4:4.2.3-3
-CVE-2002-0984 (The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x ...)
+CVE-2002-0984
 	{DSA-156}
 	- epic4-script-light 1:2.7.30p5-2
-CVE-2002-0981 (Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX ...)
+CVE-2002-0981
 	NOT-FOR-US: ndcfg
-CVE-2002-0974 (Help and Support Center for Windows XP allows remote attackers to ...)
+CVE-2002-0974
 	NOT-FOR-US: Help and Support Center for Windows XP
-CVE-2002-0970 (The SSL capability for Konqueror in KDE 3.0.2 and earlier does not ...)
+CVE-2002-0970
 	{DSA-155}
 	- kdelibs 4:2.2.2-14
-CVE-2002-0969 (Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta ...)
+CVE-2002-0969
 	NOTE: mysql problem only affects Windows
-CVE-2002-0968 (Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows ...)
+CVE-2002-0968
 	NOT-FOR-US: AnalogX SimpleServer:WWW
-CVE-2002-0967 (Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote ...)
+CVE-2002-0967
 	NOT-FOR-US: eDonkey
-CVE-2002-0965 (Buffer overflow in TNS Listener for Oracle 9i Database Server on ...)
+CVE-2002-0965
 	NOT-FOR-US: Oracle
-CVE-2002-0964 (Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause ...)
+CVE-2002-0964
 	NOT-FOR-US: Half Life
-CVE-2002-0958 (Cross-site scripting vulnerability in browse.php for PHP(Reactor) ...)
+CVE-2002-0958
 	NOT-FOR-US: PHP Reactor
-CVE-2002-0953 (globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen ...)
+CVE-2002-0953
 	NOT-FOR-US: PHP Address
-CVE-2002-0952 (Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 ...)
+CVE-2002-0952
 	NOT-FOR-US: Cisco
-CVE-2002-0947 (Buffer overflow in rwcgi60 CGI program for Oracle Reports Server ...)
+CVE-2002-0947
 	NOT-FOR-US: Oracle
-CVE-2002-0946 (Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601 ...)
+CVE-2002-0946
 	NOT-FOR-US: SeaNox Devwex
-CVE-2002-0945 (Buffer overflow in SeaNox Devwex allows remote attackers to cause a ...)
+CVE-2002-0945
 	NOT-FOR-US: SeaNox Devwex
-CVE-2002-0941 (The ConsoleCallBack class for nCipher running under JRE 1.4.0 and ...)
+CVE-2002-0941
 	NOT-FOR-US: Java on Windows
-CVE-2002-0938 (Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows ...)
+CVE-2002-0938
 	NOT-FOR-US: Cisco
-CVE-2002-0935 (Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, ...)
+CVE-2002-0935
 	- tomcat4 4.1.9-1
-CVE-2002-0916 (Format string vulnerability in the allowuser code for the Stellar-X ...)
+CVE-2002-0916
 	- squid 2.4.7
-CVE-2002-0914 (Double Precision Courier e-mail MTA allows remote attackers to cause a ...)
+CVE-2002-0914
 	- courier 0.46
-CVE-2002-0911 (Caldera Volution Manager 1.1 stores the Directory Administrator ...)
+CVE-2002-0911
 	NOT-FOR-US: Caldera Volution Manager
-CVE-2002-0906 (Buffer overflow in Sendmail before 8.12.5, when configured to use a ...)
+CVE-2002-0906
 	- sendmail 8.12.5
-CVE-2002-0904 (SayText function in Kismet 2.2.1 and earlier allows remote attackers ...)
+CVE-2002-0904
 	- kismet 2.2.2-1
-CVE-2002-0900 (Buffer overflow in pks PGP public key web server before 0.9.5 allows ...)
+CVE-2002-0900
 	NOT-FOR-US: pks
-CVE-2002-0898 (Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary ...)
+CVE-2002-0898
 	NOT-FOR-US: Opera
-CVE-2002-0897 (LocalWEB2000 2.1.0 web server allows remote attackers to bypass access ...)
+CVE-2002-0897
 	NOT-FOR-US: LocalWEB2000
-CVE-2002-0895 (Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote ...)
+CVE-2002-0895
 	NOT-FOR-US: MatuFtpServer
-CVE-2002-0892 (The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows ...)
+CVE-2002-0892
 	NOT-FOR-US: NewAtlanta ServletExec ISAPI
-CVE-2002-0891 (The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and ...)
+CVE-2002-0891
 	NOT-FOR-US: NetScreen ScreenOS
-CVE-2002-0889 (Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local ...)
+CVE-2002-0889
 	- qpopper 4.0.5-1
-CVE-2002-0887 (scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users ...)
+CVE-2002-0887
 	NOT-FOR-US: scoadmin
-CVE-2002-0875 (Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows ...)
+CVE-2002-0875
 	{DSA-154}
 	- fam 2.6.8-1
-CVE-2002-0873 (Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the ...)
+CVE-2002-0873
 	{DSA-152}
 	- l2tpd 0.68-1
-CVE-2002-0872 (l2tpd 0.67 does not initialize the random number generator, which ...)
+CVE-2002-0872
 	{DSA-152}
 	- l2tpd 0.68-1
-CVE-2002-0871 (xinetd 2.3.4 leaks file descriptors for the signal pipe to services ...)
+CVE-2002-0871
 	{DSA-151}
 	- xinetd 1:2.3.7-1
-CVE-2002-0867 (Microsoft Virtual Machine (VM) up to and including build 5.0.3805 ...)
+CVE-2002-0867
 	NOT-FOR-US: Microsoft
-CVE-2002-0866 (Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine ...)
+CVE-2002-0866
 	NOT-FOR-US: Microsoft
-CVE-2002-0865 (A certain class that supports XML (Extensible Markup Language) in ...)
+CVE-2002-0865
 	NOT-FOR-US: Microsoft
-CVE-2002-0864 (The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP ...)
+CVE-2002-0864
 	NOT-FOR-US: Microsoft
-CVE-2002-0860 (The LoadText method in the spreadsheet component in Microsoft Office ...)
+CVE-2002-0860
 	NOT-FOR-US: Microsoft
-CVE-2002-0859 (Buffer overflow in the OpenDataSource function of the Jet engine on ...)
+CVE-2002-0859
 	NOT-FOR-US: Microsoft
-CVE-2002-0856 (SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote ...)
+CVE-2002-0856
 	NOT-FOR-US: Oracle
-CVE-2002-0853 (Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows ...)
+CVE-2002-0853
 	NOT-FOR-US: Cisco
-CVE-2002-0851 (Format string vulnerability in ISDN Point to Point Protocol (PPP) ...)
+CVE-2002-0851
 	- isdnutils 1:3.2
-CVE-2002-0850 (Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers ...)
+CVE-2002-0850
 	NOT-FOR-US: PGP corporate desktop
-CVE-2002-0848 (Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, ...)
+CVE-2002-0848
 	NOT-FOR-US: Cisco
-CVE-2002-0847 (tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers ...)
+CVE-2002-0847
 	{DSA-145}
 	- tinyproxy 1.4.3-3
-CVE-2002-0846 (The decoder for Macromedia Shockwave Flash allows remote attackers to ...)
+CVE-2002-0846
 	- flashplugin-nonfree 6.0.47
-CVE-2002-0845 (Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows ...)
+CVE-2002-0845
 	NOT-FOR-US: Sun ONE
-CVE-2002-0844 (Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD ...)
+CVE-2002-0844
 	- cvs 1:1.11.2
-CVE-2002-0842 (Format string vulnerability in certain third party modifications to ...)
+CVE-2002-0842
 	NOTE: mod_dav for apache not vulnerable according to
 	NOTE: lists.netsys.com/pipermail/full-disclosure/2003-February/003875.html
-CVE-2002-0840 (Cross-site scripting (XSS) vulnerability in the default error page of ...)
+CVE-2002-0840
 	{DSA-195 DSA-188 DSA-187}
 	- apache2 2.0.43-1
 	- apache 1.3.27-0.1
 	- apache-perl 1.3.26-1.1-1.27-3-1
-CVE-2002-0836 (dvips converter for Postscript files in the tetex package calls the ...)
+CVE-2002-0836
 	{DSA-207}
 	- tetex-bin 1.0.7+20021025-4
-CVE-2002-0835 (Preboot eXecution Environment (PXE) server allows remote attackers to ...)
+CVE-2002-0835
 	NOT-FOR-US: RedHat/Intel PXE daemon
 	NOTE: this is not the one in Debian
-CVE-2002-0831 (The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local ...)
+CVE-2002-0831
 	NOT-FOR-US: FreeBSD
-CVE-2002-0830 (Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, ...)
+CVE-2002-0830
 	NOT-FOR-US: BSD/NFS
-CVE-2002-0829 (Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD ...)
+CVE-2002-0829
 	NOT-FOR-US: FreeBSD
-CVE-2002-0826 (Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated ...)
+CVE-2002-0826
 	NOT-FOR-US: WS FTP server
-CVE-2002-0824 (BSD pppd allows local users to change the permissions of arbitrary ...)
+CVE-2002-0824
 	NOT-FOR-US: BSD/pppd
-CVE-2002-0823 (Buffer overflow in Winhlp32.exe allows remote attackers to execute ...)
+CVE-2002-0823
 	NOT-FOR-US: Windows
-CVE-2002-0818 (wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote ...)
+CVE-2002-0818
 	{DSA-144}
 	- wwwoffle 2.7d-1
-CVE-2002-0817 (Format string vulnerability in super for Linux allows local users to ...)
+CVE-2002-0817
 	{DSA-139}
 	- super 3.18.0-3
-CVE-2002-0816 (Buffer overflow in su in Tru64 Unix 5.x allows local users to gain ...)
+CVE-2002-0816
 	NOT-FOR-US: HP Tru64
-CVE-2002-0814 (Buffer overflow in VMware Authorization Service for VMware GSX Server ...)
+CVE-2002-0814
 	NOT-FOR-US: VMware
-CVE-2002-0813 (Heap-based buffer overflow in the TFTP server capability in Cisco IOS ...)
+CVE-2002-0813
 	NOT-FOR-US: Cisco
-CVE-2002-0810 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error ...)
+CVE-2002-0810
 	- bugzilla 2.16.0
-CVE-2002-0809 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not ...)
+CVE-2002-0809
 	- bugzilla 2.16.0
-CVE-2002-0808 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing ...)
+CVE-2002-0808
 	- bugzilla 2.16.0
-CVE-2002-0806 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows ...)
+CVE-2002-0806
 	- bugzilla 2.16.0
-CVE-2002-0805 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new ...)
+CVE-2002-0805
 	- bugzilla 2.16.0
-CVE-2002-0804 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured ...)
+CVE-2002-0804
 	- bugzilla 2.16.0
-CVE-2002-0802 (The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding ...)
+CVE-2002-0802
 	- postgresql 7.2
-CVE-2002-0801 (Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows ...)
+CVE-2002-0801
 	NOT-FOR-US: Macromedia / Windows
-CVE-2002-0795 (The rc system startup script for FreeBSD 4 through 4.5 allows local ...)
+CVE-2002-0795
 	NOT-FOR-US: FreeBSD
-CVE-2002-0794 (The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly ...)
+CVE-2002-0794
 	NOT-FOR-US: FreeBSD
-CVE-2002-0790 (clchkspuser and clpasswdremote in AIX expose an encrypted password in ...)
+CVE-2002-0790
 	NOT-FOR-US: AIX
-CVE-2002-0789 (Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows ...)
+CVE-2002-0789
 	- mnogosearch 3.1.19-3
-CVE-2002-0788 (An interaction between PGP 7.0.3 with the &quot;wipe deleted files&quot; option, ...)
+CVE-2002-0788
 	NOT-FOR-US: windows
-CVE-2002-0785 (AOL Instant Messenger (AIM) allows remote attackers to cause a denial ...)
+CVE-2002-0785
 	NOT-FOR-US: AOL AIM
-CVE-2002-0778 (The default configuration of the proxy for Cisco Cache Engine and ...)
+CVE-2002-0778
 	NOT-FOR-US: CISCO
-CVE-2002-0777 (Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and ...)
+CVE-2002-0777
 	NOT-FOR-US: Ipswitch not in Debian
-CVE-2002-0776 (getuserdesc.asp in Hosting Controller 2002 allows remote attackers to ...)
+CVE-2002-0776
 	NOT-FOR-US: Hosting Controller 2002
-CVE-2002-0768 (Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and ...)
+CVE-2002-0768
 	- lukemftp 1.5-7
-CVE-2002-0766 (OpenBSD 2.9 through 3.1 allows local users to cause a denial of ...)
+CVE-2002-0766
 	NOT-FOR-US: OpenBSD
-CVE-2002-0765 (sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain ...)
+CVE-2002-0765
 	- openssh 1:3.3p1-0.0woody1
-CVE-2002-0762 (shadow package in SuSE 8.0 allows local users to destroy the ...)
+CVE-2002-0762
 	NOT-FOR-US: SUSE specific
-CVE-2002-0761 (bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and ...)
+CVE-2002-0761
 	NOT-FOR-US: FreeBSD and OpenLinux
-CVE-2002-0760 (Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, ...)
+CVE-2002-0760
 	NOT-FOR-US: FreeBSD and OpenLinux
-CVE-2002-0759 (bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and ...)
+CVE-2002-0759
 	NOT-FOR-US: FreeBSD and OpenLinux
-CVE-2002-0758 (ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote ...)
+CVE-2002-0758
 	NOT-FOR-US: SUSE specific
-CVE-2002-0755 (Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a ...)
+CVE-2002-0755
 	NOT-FOR-US: FreeBSD
-CVE-2002-0754 (Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin ...)
+CVE-2002-0754
 	NOT-FOR-US: FreeBSD
-CVE-2002-0748 (LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause ...)
+CVE-2002-0748
 	NOT-FOR-US: Labview
-CVE-2002-0741 (psyBNC 2.3 allows remote attackers to cause a denial of service (CPU ...)
+CVE-2002-0741
 	NOT-FOR-US: psyBNC
-CVE-2002-0738 (MHonArc 2.5.2 and earlier does not properly filter Javascript from ...)
+CVE-2002-0738
 	{DSA-163}
 	- mhonarc 2.5.11-1
-CVE-2002-0737 (Sambar web server before 5.2 beta 1 allows remote attackers to obtain ...)
+CVE-2002-0737
 	NOT-FOR-US: Sambar web server
-CVE-2002-0736 (Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by ...)
+CVE-2002-0736
 	NOT-FOR-US: Microsoft
-CVE-2002-0734 (b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly ...)
+CVE-2002-0734
 	NOT-FOR-US: B2
-CVE-2002-0733 (Cross-site scripting vulnerability in thttpd 2.20 and earlier allows ...)
+CVE-2002-0733
 	- thttpd 2.21
-CVE-2002-0729 (Microsoft SQL Server 2000 allows remote attackers to cause a denial of ...)
+CVE-2002-0729
 	NOT-FOR-US: Microsoft
-CVE-2002-0727 (The Host function in Microsoft Office Web Components (OWC) 2000 and ...)
+CVE-2002-0727
 	NOT-FOR-US: Microsoft
-CVE-2002-0726 (Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ...)
+CVE-2002-0726
 	NOT-FOR-US: Microsoft
-CVE-2002-0722 (Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers ...)
+CVE-2002-0722
 	NOT-FOR-US: Microsoft
-CVE-2002-0720 (A handler routine for the Network Connection Manager (NCM) in Windows ...)
+CVE-2002-0720
 	NOT-FOR-US: Microsoft
-CVE-2002-0719 (SQL injection vulnerability in the function that services for ...)
+CVE-2002-0719
 	NOT-FOR-US: Microsoft
-CVE-2002-0718 (Web authoring command in Microsoft Content Management Server (MCMS) ...)
+CVE-2002-0718
 	NOT-FOR-US: Microsoft
-CVE-2002-0716 (Format string vulnerability in crontab for SCO OpenServer 5.0.5 and ...)
+CVE-2002-0716
 	NOT-FOR-US: SCO OpenServer
-CVE-2002-0714 (FTP proxy in Squid before 2.4.STABLE6 does not compare the IP ...)
+CVE-2002-0714
 	- squid 2.4.6
-CVE-2002-0710 (Directory traversal vulnerability in sendform.cgi 1.44 and earlier ...)
+CVE-2002-0710
 	NOT-FOR-US: sendform.cgi
-CVE-2002-0704 (The Network Address Translation (NAT) capability for Netfilter ...)
+CVE-2002-0704
 	NOTE: kernel netfilter bug, not in user space
 	NOTE: this is fixed in kernel 2.4.20
 	- kernel-image-2.4.18-i386 <unfixed> (bug #152152; unimportant)
-CVE-2002-0703 (An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl ...)
+CVE-2002-0703
 	- perl 5.8.0-7 (bug #282527)
-CVE-2002-0701 (ktrace in BSD-based operating systems allows the owner of a process ...)
+CVE-2002-0701
 	NOT-FOR-US: BSD
-CVE-2002-0700 (Buffer overflow in a system function that performs user authentication ...)
+CVE-2002-0700
 	NOT-FOR-US: Microsoft
-CVE-2002-0698 (Buffer overflow in Internet Mail Connector (IMC) for Microsoft ...)
+CVE-2002-0698
 	NOT-FOR-US: Microsoft
-CVE-2002-0697 (Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to ...)
+CVE-2002-0697
 	NOT-FOR-US: Microsoft
-CVE-2002-0696 (Microsoft Visual FoxPro 6.0 does not register its associated files ...)
+CVE-2002-0696
 	NOT-FOR-US: Microsoft
-CVE-2002-0695 (Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of ...)
+CVE-2002-0695
 	NOT-FOR-US: Microsoft
-CVE-2002-0694 (The HTML Help facility in Microsoft Windows 98, 98 Second Edition, ...)
+CVE-2002-0694
 	NOT-FOR-US: Microsoft
-CVE-2002-0692 (Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft ...)
+CVE-2002-0692
 	NOT-FOR-US: Microsoft
-CVE-2002-0691 (Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to ...)
+CVE-2002-0691
 	NOT-FOR-US: Microsoft
-CVE-2002-0688 (ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 ...)
+CVE-2002-0688
 	{DSA-490}
 	- zope 2.6.0-0.1
-CVE-2002-0687 (The &quot;through the web code&quot; capability for Zope 2.0 through 2.5.1 b1 ...)
+CVE-2002-0687
 	- zope 2.5.1b2
-CVE-2002-0685 (Heap-based buffer overflow in the message decoding functionality for ...)
+CVE-2002-0685
 	NOT-FOR-US: PGP Outlook Encryption Plug-In
-CVE-2002-0682 (Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows ...)
+CVE-2002-0682
 	- tomcat 4.0.4
-CVE-2002-0679 (Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC ...)
+CVE-2002-0679
 	NOT-FOR-US: CDE
-CVE-2002-0678 (CDE ToolTalk database server (ttdbserver) allows local users to ...)
+CVE-2002-0678
 	NOT-FOR-US: CDE ToolTalk
-CVE-2002-0676 (SoftwareUpdate for MacOS 10.1.x does not use authentication when ...)
+CVE-2002-0676
 	NOT-FOR-US: MacOS
-CVE-2002-0674 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 ...)
+CVE-2002-0674
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0673 (The enrollment process for Pingtel xpressa SIP-based voice-over-IP ...)
+CVE-2002-0673
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0672 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 ...)
+CVE-2002-0672
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0671 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 ...)
+CVE-2002-0671
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0668 (The web interface for Pingtel xpressa SIP-based voice-over-IP phone ...)
+CVE-2002-0668
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0665 (Macromedia JRun Administration Server allows remote attackers to ...)
+CVE-2002-0665
 	NOT-FOR-US: Microsoft
-CVE-2002-0663 (Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet ...)
+CVE-2002-0663
 	NOT-FOR-US: Norton
-CVE-2002-0662 (scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users ...)
+CVE-2002-0662
 	{DSA-160}
 	- scrollkeeper 0.3.11-2
-CVE-2002-0658 (OSSP mm library (libmm) before 1.2.0 allows the local Apache user to ...)
+CVE-2002-0658
 	{DSA-137}
 	- mm 1.1.3-7
-CVE-2002-0653 (Off-by-one buffer overflow in the ssl_compat_directive function, as ...)
+CVE-2002-0653
 	{DSA-135}
 	- libapache-mod-ssl 2.8.9-2
-CVE-2002-0651 (Buffer overflow in the DNS resolver code used in libc, glibc, and ...)
+CVE-2002-0651
 	- glibc 2.2.5-8
-CVE-2002-0650 (The keep-alive mechanism for Microsoft SQL Server 2000 allows remote ...)
+CVE-2002-0650
 	NOT-FOR-US: microsoft
-CVE-2002-0648 (The legacy &lt;script&gt; data-island capability for XML in Microsoft ...)
+CVE-2002-0648
 	NOT-FOR-US: microsoft
-CVE-2002-0647 (Buffer overflow in a legacy ActiveX control used to display specially ...)
+CVE-2002-0647
 	NOT-FOR-US: microsoft
-CVE-2002-0642 (The registry key containing the SQL Server service account information ...)
+CVE-2002-0642
 	NOT-FOR-US: microsoft
-CVE-2002-0640 (Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote ...)
+CVE-2002-0640
 	- openssh 1:3.4 (high)
-CVE-2002-0639 (Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote ...)
+CVE-2002-0639
 	- openssh 1:3.4 (high)
-CVE-2002-0638 (setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 ...)
+CVE-2002-0638
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0631 (Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 ...)
+CVE-2002-0631
 	NOT-FOR-US: SGI
-CVE-2002-0630 (The Telnet service for Polycom ViewStation before 7.2.4 allows remote ...)
+CVE-2002-0630
 	NOT-FOR-US: Polycom
-CVE-2002-0627 (The Web server for Polycom ViewStation before 7.2.4 allows remote ...)
+CVE-2002-0627
 	NOT-FOR-US: Polycom
-CVE-2002-0623 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce ...)
+CVE-2002-0623
 	NOT-FOR-US: Microsoft
-CVE-2002-0622 (The Office Web Components (OWC) package installer for Microsoft ...)
+CVE-2002-0622
 	NOT-FOR-US: Microsoft
-CVE-2002-0621 (Buffer overflow in the Office Web Components (OWC) package installer ...)
+CVE-2002-0621
 	NOT-FOR-US: Microsoft
-CVE-2002-0619 (The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft ...)
+CVE-2002-0619
 	NOT-FOR-US: Microsoft
-CVE-2002-0618 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows ...)
+CVE-2002-0618
 	NOT-FOR-US: Microsoft
-CVE-2002-0617 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows ...)
+CVE-2002-0617
 	NOT-FOR-US: Microsoft
-CVE-2002-0616 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows ...)
+CVE-2002-0616
 	NOT-FOR-US: Microsoft
-CVE-2002-0615 (The Windows Media Active Playlist in Microsoft Windows Media Player ...)
+CVE-2002-0615
 	NOT-FOR-US: Microsoft
-CVE-2002-0613 (dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote ...)
+CVE-2002-0613
 	NOT-FOR-US: DNSTools
-CVE-2002-0605 (Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 ...)
+CVE-2002-0605
 	NOT-FOR-US: Flash
-CVE-2002-0601 (ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers ...)
+CVE-2002-0601
 	NOT-FOR-US: ISS
-CVE-2002-0599 (Blahz-DNS 0.2 and earlier allows remote attackers to bypass ...)
+CVE-2002-0599
 	NOT-FOR-US: Blahz
-CVE-2002-0598 (Format string vulnerability in Foundstone FScan 1.12 with banner ...)
+CVE-2002-0598
 	NOT-FOR-US: Foundstone
-CVE-2002-0597 (LANMAN service on Microsoft Windows 2000 allows remote attackers to ...)
+CVE-2002-0597
 	NOT-FOR-US: Microsoft
-CVE-2002-0594 (Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to ...)
+CVE-2002-0594
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0576 (ColdFusion 5.0 and earlier on Windows systems allows remote attackers ...)
+CVE-2002-0576
 	NOT-FOR-US: ColdFusion
-CVE-2002-0575 (Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with ...)
+CVE-2002-0575
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0574 (Memory leak in FreeBSD 4.5 and earlier allows remote attackers to ...)
+CVE-2002-0574
 	NOT-FOR-US: FreeBSD
-CVE-2002-0573 (Format string vulnerability in RPC wall daemon (rpc.rwalld) for ...)
+CVE-2002-0573
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0571 (Oracle Oracle9i database server 9.0.1.x allows local users to access ...)
+CVE-2002-0571
 	NOT-FOR-US: Oracle
-CVE-2002-0569 (Oracle 9i Application Server allows remote attackers to bypass access ...)
+CVE-2002-0569
 	NOT-FOR-US: Oracle
-CVE-2002-0567 (Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) ...)
+CVE-2002-0567
 	NOT-FOR-US: Oracle
-CVE-2002-0553 (Cross-site scripting vulnerability in SunShop 2.5 and earlier allows ...)
+CVE-2002-0553
 	NOT-FOR-US: SunShop
-CVE-2002-0546 (Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 ...)
+CVE-2002-0546
 	NOT-FOR-US: Winamp
-CVE-2002-0545 (Cisco Aironet before 11.21 with Telnet enabled allows remote attackers ...)
+CVE-2002-0545
 	NOT-FOR-US: Cisco
-CVE-2002-0543 (Directory traversal vulnerability in Aprelium Abyss Web Server ...)
+CVE-2002-0543
 	NOT-FOR-US: Aprelium
-CVE-2002-0542 (mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in ...)
+CVE-2002-0542
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0539 (Demarc PureSecure 1.05 allows remote attackers to gain administrative ...)
+CVE-2002-0539
 	NOT-FOR-US: Demarc
-CVE-2002-0538 (FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 ...)
+CVE-2002-0538
 	NOT-FOR-US: Symantec
-CVE-2002-0536 (PHPGroupware 0.9.12 and earlier, when running with the ...)
+CVE-2002-0536
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0532 (EMU Webmail allows local users to execute arbitrary programs via a .. ...)
+CVE-2002-0532
 	NOT-FOR-US: EMU
-CVE-2002-0531 (Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x ...)
+CVE-2002-0531
 	NOT-FOR-US: EMU
-CVE-2002-0516 (SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users ...)
+CVE-2002-0516
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0513 (The PHP administration script in popper_mod 1.2.1 and earlier relies ...)
+CVE-2002-0513
 	NOT-FOR-US: popper_mod
-CVE-2002-0512 (startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the ...)
+CVE-2002-0512
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0511 (The default configuration of Name Service Cache Daemon (nscd) in ...)
+CVE-2002-0511
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0506 (Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 ...)
+CVE-2002-0506
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0505 (Memory leak in the Call Telephony Integration (CTI) Framework ...)
+CVE-2002-0505
 	NOT-FOR-US: Cisco
-CVE-2002-0501 (Format string vulnerability in log_print() function of Posadis DNS ...)
+CVE-2002-0501
 	NOT-FOR-US: Posadis
-CVE-2002-0497 (Buffer overflow in mtr 0.46 and earlier, when installed setuid root, ...)
+CVE-2002-0497
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0495 (csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to ...)
+CVE-2002-0495
 	NOT-FOR-US: csSearch
-CVE-2002-0494 (Cross-site scripting vulnerability in WebSight Directory System 0.1 ...)
+CVE-2002-0494
 	NOT-FOR-US: WebSight
-CVE-2002-0493 (Apache Tomcat may be started without proper security settings if ...)
+CVE-2002-0493
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0490 (Instant Web Mail before 0.60 does not properly filter CR/LF sequences, ...)
+CVE-2002-0490
 	NOT-FOR-US: Instant Web Mail
-CVE-2002-0488 (Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote ...)
+CVE-2002-0488
 	NOT-FOR-US: Linux Directory Penguin
-CVE-2002-0484 (move_uploaded_file in PHP does not does not check for the base ...)
+CVE-2002-0484
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0473 (db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote ...)
+CVE-2002-0473
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0464 (Directory traversal vulnerability in Hosting Controller 1.4.1 and ...)
+CVE-2002-0464
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0463 (home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote ...)
+CVE-2002-0463
 	NOT-FOR-US: ARSC
-CVE-2002-0462 (bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone ...)
+CVE-2002-0462
 	NOT-FOR-US: Big Sam
-CVE-2002-0454 (Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote ...)
+CVE-2002-0454
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0451 (filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote ...)
+CVE-2002-0451
 	NOT-FOR-US: PHProjekt
-CVE-2002-0445 (article.php in PHP FirstPost 0.1 allows allows remote attackers to ...)
+CVE-2002-0445
 	NOT-FOR-US: PHP FirstPost
-CVE-2002-0444 (Microsoft Windows 2000 running the Terminal Server 90-day trial ...)
+CVE-2002-0444
 	NOT-FOR-US: Windows
-CVE-2002-0443 (Microsoft Windows 2000 allows local users to bypass the policy that ...)
+CVE-2002-0443
 	NOT-FOR-US: Windows
-CVE-2002-0442 (Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 ...)
+CVE-2002-0442
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0441 (Directory traversal vulnerability in imlist.php for Php Imglist allows ...)
+CVE-2002-0441
 	NOT-FOR-US: PHP Imglist
-CVE-2002-0437 (Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote ...)
+CVE-2002-0437
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0435 (Race condition in the recursive (1) directory deletion and (2) ...)
+CVE-2002-0435
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0431 (XTux allows remote attackers to cause a denial of service (CPU ...)
+CVE-2002-0431
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0429 (The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 ...)
+CVE-2002-0429
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.2.20 <removed>
-CVE-2002-0425 (mIRC DCC server protocol allows remote attackers to gain sensitive ...)
+CVE-2002-0425
 	NOT-FOR-US: mIRC
-CVE-2002-0424 (efingerd 1.61 and earlier, when configured without the -u option, ...)
+CVE-2002-0424
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0423 (Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, ...)
+CVE-2002-0423
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0414 (KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, ...)
+CVE-2002-0414
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0412 (Format string vulnerability in TraceEvent function for ntop before 2.1 ...)
+CVE-2002-0412
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0406 (Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause ...)
+CVE-2002-0406
 	NOT-FOR-US: SPHERE
-CVE-2002-0404 (Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote ...)
+CVE-2002-0404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0403 (DNS dissector in Ethereal before 0.9.3 allows remote attackers to ...)
+CVE-2002-0403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0402 (Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows ...)
+CVE-2002-0402
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0401 (SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to ...)
+CVE-2002-0401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0400 (ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of ...)
+CVE-2002-0400
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0398 (Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to ...)
+CVE-2002-0398
 	NOT-FOR-US: Red-M
-CVE-2002-0397 (Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, ...)
+CVE-2002-0397
 	NOT-FOR-US: Red-M
-CVE-2002-0396 (The web management server for Red-M 1050 (Bluetooth Access Point) does ...)
+CVE-2002-0396
 	NOT-FOR-US: Red-M
-CVE-2002-0395 (The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be ...)
+CVE-2002-0395
 	NOT-FOR-US: Red-M
-CVE-2002-0394 (Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, ...)
+CVE-2002-0394
 	NOT-FOR-US: Red-M
-CVE-2002-0392 (Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote ...)
+CVE-2002-0392
 	- apache2 2.0.37
-CVE-2002-0391 (Integer overflow in xdr_array function in RPC servers for operating ...)
+CVE-2002-0391
 	{DSA-333 DSA-149 DSA-146 DSA-143 DSA-142}
 	- acm 5.0-10
 	- glibc 2.2.5-13
 	- dietlibc 0.20-0cvs20020808
 	- krb5 1.2.5-2
 	- openafs 1.2.6-1
-CVE-2002-0389 (Pipermail in Mailman stores private mail messages with predictable ...)
+CVE-2002-0389
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0387 (Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module ...)
+CVE-2002-0387
 	NOT-FOR-US: Sun
-CVE-2002-0384 (Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows ...)
+CVE-2002-0384
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0382 (XChat IRC client allows remote attackers to execute arbitrary commands ...)
+CVE-2002-0382
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0381 (The TCP implementation in various BSD operating systems (tcp_input.c) ...)
+CVE-2002-0381
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0380 (Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers ...)
+CVE-2002-0380
 	{DSA-255}
 	- tcpdump 3.7.1-1.2
-CVE-2002-0379 (Buffer overflow in University of Washington imap server (uw-imapd) ...)
+CVE-2002-0379
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0377 (Gaim 0.57 stores sensitive information in world-readable and ...)
+CVE-2002-0377
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0376 (Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote ...)
+CVE-2002-0376
 	NOT-FOR-US: Apple
-CVE-2002-0374 (Format string vulnerability in the logging function for the pam_ldap ...)
+CVE-2002-0374
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0373 (The Windows Media Device Manager (WMDM) Service in Microsoft Windows ...)
+CVE-2002-0373
 	NOT-FOR-US: Microsoft
-CVE-2002-0372 (Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player ...)
+CVE-2002-0372
 	NOT-FOR-US: Microsoft
-CVE-2002-0369 (Buffer overflow in ASP.NET Worker Process allows remote attackers to ...)
+CVE-2002-0369
 	NOT-FOR-US: Microsoft
-CVE-2002-0368 (The Store Service in Microsoft Exchange 2000 allows remote attackers ...)
+CVE-2002-0368
 	NOT-FOR-US: Microsoft
-CVE-2002-0367 (smss.exe debugging subsystem in Windows NT and Windows 2000 does not ...)
+CVE-2002-0367
 	NOT-FOR-US: Microsoft
-CVE-2002-0366 (Buffer overflow in Remote Access Service (RAS) phonebook for Windows ...)
+CVE-2002-0366
 	NOT-FOR-US: Microsoft
-CVE-2002-0364 (Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 ...)
+CVE-2002-0364
 	NOT-FOR-US: Microsoft
-CVE-2002-0363 (ghostscript before 6.53 allows attackers to execute arbitrary commands ...)
+CVE-2002-0363
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0362 (Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows ...)
+CVE-2002-0362
 	NOT-FOR-US: AOL
-CVE-2002-0359 (xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which ...)
+CVE-2002-0359
 	NOT-FOR-US: IRIX
-CVE-2002-0358 (MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows ...)
+CVE-2002-0358
 	NOT-FOR-US: MediaMail
-CVE-2002-0357 (Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI ...)
+CVE-2002-0357
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0356 (Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX ...)
+CVE-2002-0356
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0355 (netstat in SGI IRIX before 6.5.12 allows local users to determine the ...)
+CVE-2002-0355
 	NOT-FOR-US: SGI
-CVE-2002-0339 (Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) ...)
+CVE-2002-0339
 	NOT-FOR-US: Cisco
-CVE-2002-0330 (Cross-site scripting vulnerability in codeparse.php of Open Bulletin ...)
+CVE-2002-0330
 	NOT-FOR-US: OpenBB
-CVE-2002-0329 (Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and ...)
+CVE-2002-0329
 	NOT-FOR-US: Snitz
-CVE-2002-0318 (FreeRADIUS RADIUS server allows remote attackers to cause a denial of ...)
+CVE-2002-0318
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0313 (Buffer overflow in Essentia Web Server 2.1 allows remote attackers to ...)
+CVE-2002-0313
 	NOT-FOR-US: Essentia
-CVE-2002-0309 (SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the ...)
+CVE-2002-0309
 	NOT-FOR-US: Symantec
-CVE-2002-0302 (The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops ...)
+CVE-2002-0302
 	NOT-FOR-US: Symantec
-CVE-2002-0300 (gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, ...)
+CVE-2002-0300
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0299 (CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code ...)
+CVE-2002-0299
 	NOT-FOR-US: CatchUp
-CVE-2002-0292 (Cross-site scripting vulnerability in Slash before 2.2.5, as used in ...)
+CVE-2002-0292
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0290 (Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows ...)
+CVE-2002-0290
 	NOT-FOR-US: WebNews
-CVE-2002-0287 (pforum 1.14 and earlier does not explicitly enable PHP magic quotes, ...)
+CVE-2002-0287
 	NOT-FOR-US: pforum
-CVE-2002-0276 (Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, ...)
+CVE-2002-0276
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0275 (Falcon web server 2.0.0.1020 and earlier allows remote attackers to ...)
+CVE-2002-0275
 	NOT-FOR-US: Falcon
-CVE-2002-0274 (Exim 3.34 and earlier may allow local users to gain privileges via a ...)
+CVE-2002-0274
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0267 (preferences.php in Simple Internet Publishing System (SIPS) before ...)
+CVE-2002-0267
 	NOT-FOR-US: SIPS
-CVE-2002-0265 (Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file ...)
+CVE-2002-0265
 	NOT-FOR-US: Sawmill
-CVE-2002-0251 (Buffer overflow in licq 1.0.4 and earlier allows remote attackers to ...)
+CVE-2002-0251
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0250 (Web configuration utility in HP AdvanceStack hubs J3200A through ...)
+CVE-2002-0250
 	NOT-FOR-US: HP
-CVE-2002-0246 (Format string vulnerability in the message catalog library functions ...)
+CVE-2002-0246
 	NOT-FOR-US: UnixWare
-CVE-2002-0241 (NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 ...)
+CVE-2002-0241
 	NOT-FOR-US: Cisco
-CVE-2002-0237 (Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE ...)
+CVE-2002-0237
 	NOT-FOR-US: ISS
-CVE-2002-0226 (retrieve_password.pl in DCForum 6.x and 2000 generates predictable new ...)
+CVE-2002-0226
 	NOT-FOR-US: DCForum
-CVE-2002-0213 (xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read ...)
+CVE-2002-0213
 	NOT-FOR-US: Xinet
-CVE-2002-0211 (Race condition in the installation script for Tarantella Enterprise 3 ...)
+CVE-2002-0211
 	NOT-FOR-US: Tarantella
-CVE-2002-0209 (Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing ...)
+CVE-2002-0209
 	NOT-FOR-US: Nortel
-CVE-2002-0207 (Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows ...)
+CVE-2002-0207
 	NOT-FOR-US: Real Networks
-CVE-2002-0197 (psyBNC 2.3 beta and earlier allows remote attackers to spoof ...)
+CVE-2002-0197
 	NOT-FOR-US: psyBNC
-CVE-2002-0196 (GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the ...)
+CVE-2002-0196
 	NOT-FOR-US: ACD
-CVE-2002-0193 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to ...)
+CVE-2002-0193
 	NOT-FOR-US: Microsoft
-CVE-2002-0191 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers ...)
+CVE-2002-0191
 	NOT-FOR-US: Microsoft
-CVE-2002-0190 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers ...)
+CVE-2002-0190
 	NOT-FOR-US: Microsoft
-CVE-2002-0188 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to ...)
+CVE-2002-0188
 	NOT-FOR-US: Microsoft
-CVE-2002-0187 (Cross-site scripting vulnerability in the SQLXML component of ...)
+CVE-2002-0187
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0186 (Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server ...)
+CVE-2002-0186
 	NOT-FOR-US: Microsoft
-CVE-2002-0185 (mod_python version 2.7.6 and earlier allows a module indirectly ...)
+CVE-2002-0185
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0184 (Heap-based buffer overflow in sudo before 1.6.6 may allow local users ...)
+CVE-2002-0184
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0181 (Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and ...)
+CVE-2002-0181
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0179 (Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows ...)
+CVE-2002-0179
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0178 (uudecode, as available in the sharutils package before 4.2.1, does not ...)
+CVE-2002-0178
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0176 (The printf wrappers in libsafe 2.0-11 and earlier do not properly ...)
+CVE-2002-0176
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0175 (libsafe 2.0-11 and earlier allows attackers to bypass protection ...)
+CVE-2002-0175
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0174 (nsd on SGI IRIX before 6.5.11 allows local users to overwrite ...)
+CVE-2002-0174
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0173 (Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart ...)
+CVE-2002-0173
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0172 (/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with ...)
+CVE-2002-0172
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0171 (IRISconsole 2.0 may allow users to log into the icadmin account with ...)
+CVE-2002-0171
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0170 (Zope 2.2.0 through 2.5.1 does not properly verify the access for ...)
+CVE-2002-0170
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0169 (The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is ...)
+CVE-2002-0169
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0168 (Vulnerability in Imlib before 1.9.13 allows attackers to cause a ...)
+CVE-2002-0168
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0167 (Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted ...)
+CVE-2002-0167
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0166 (Cross-site scripting vulnerability in analog before 5.22 allows remote ...)
+CVE-2002-0166
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0163 (Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 ...)
+CVE-2002-0163
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0160 (The administration function in Cisco Secure Access Control Server ...)
+CVE-2002-0160
 	NOT-FOR-US: Cisco
-CVE-2002-0159 (Format string vulnerability in the administration function in Cisco ...)
+CVE-2002-0159
 	NOT-FOR-US: Cisco
-CVE-2002-0158 (Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to ...)
+CVE-2002-0158
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0157 (Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary ...)
+CVE-2002-0157
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0155 (Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN ...)
+CVE-2002-0155
 	NOT-FOR-US: Microsoft
-CVE-2002-0153 (Internet Explorer 5.1 for Macintosh allows remote attackers to bypass ...)
+CVE-2002-0153
 	NOT-FOR-US: Microsoft
-CVE-2002-0152 (Buffer overflow in various Microsoft applications for Macintosh allows ...)
+CVE-2002-0152
 	NOT-FOR-US: Microsoft
-CVE-2002-0151 (Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows ...)
+CVE-2002-0151
 	NOT-FOR-US: Microsoft
-CVE-2002-0150 (Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 ...)
+CVE-2002-0150
 	NOT-FOR-US: Microsoft
-CVE-2002-0149 (Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 ...)
+CVE-2002-0149
 	NOT-FOR-US: Microsoft
-CVE-2002-0148 (Cross-site scripting vulnerability in Internet Information Server ...)
+CVE-2002-0148
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0147 (Buffer overflow in the ASP data transfer mechanism in Internet ...)
+CVE-2002-0147
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0146 (fetchmail email client before 5.9.10 does not properly limit the ...)
+CVE-2002-0146
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0143 (Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier ...)
+CVE-2002-0143
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0139 (Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect ...)
+CVE-2002-0139
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0128 (cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers ...)
+CVE-2002-0128
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0123 (MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, ...)
+CVE-2002-0123
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0121 (PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name ...)
+CVE-2002-0121
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0120 (Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup ...)
+CVE-2002-0120
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0117 (Cross-site scripting vulnerability in Yet Another Bulletin Board ...)
+CVE-2002-0117
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0115 (Snort 1.8.3 does not properly define the minimum ICMP header size, ...)
+CVE-2002-0115
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0111 (Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and ...)
+CVE-2002-0111
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0107 (Web administration interface in CacheFlow CacheOS 4.0.13 and earlier ...)
+CVE-2002-0107
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0098 (Buffer overflow in index.cgi administration interface for Boozt! ...)
+CVE-2002-0098
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0097 (Geeklog 1.3 allows remote attackers to hijack user accounts, including ...)
+CVE-2002-0097
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0096 (The installation of Geeklog 1.3 creates an extra group_assignments ...)
+CVE-2002-0096
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0095 (The default configuration of BSCW (Basic Support for Cooperative Work) ...)
+CVE-2002-0095
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0094 (config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x ...)
+CVE-2002-0094
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0092 (CVS before 1.10.8 does not properly initialize a global variable, ...)
+CVE-2002-0092
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0090 (Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 ...)
+CVE-2002-0090
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0083 (Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 ...)
+CVE-2002-0083
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0082 (The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and ...)
+CVE-2002-0082
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0081 (Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 ...)
+CVE-2002-0081
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0080 (rsync, when running in daemon mode, does not properly call setgroups ...)
+CVE-2002-0080
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0079 (Buffer overflow in the chunked encoding transfer mechanism in Internet ...)
+CVE-2002-0079
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0078 (The zone determination function in Microsoft Internet Explorer 5.5 and ...)
+CVE-2002-0078
 	NOT-FOR-US: Microsoft
-CVE-2002-0076 (Java Runtime Environment (JRE) Bytecode Verifier allows remote ...)
+CVE-2002-0076
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0075 (Cross-site scripting vulnerability for Internet Information Server ...)
+CVE-2002-0075
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0074 (Cross-site scripting vulnerability in Help File search facility for ...)
+CVE-2002-0074
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0073 (The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 ...)
+CVE-2002-0073
 	NOT-FOR-US: Microsoft
-CVE-2002-0072 (The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET ...)
+CVE-2002-0072
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0071 (Buffer overflow in the ism.dll ISAPI extension that implements HTR ...)
+CVE-2002-0071
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0070 (Buffer overflow in Windows Shell (used as the Windows Desktop) allows ...)
+CVE-2002-0070
 	NOT-FOR-US: Microsoft
-CVE-2002-0069 (Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote ...)
+CVE-2002-0069
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0068 (Squid 2.4 STABLE3 and earlier allows remote attackers to cause a ...)
+CVE-2002-0068
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0067 (Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even ...)
+CVE-2002-0067
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0066 (Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that ...)
+CVE-2002-0066
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0065 (Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host ...)
+CVE-2002-0065
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0064 (Funk Software Proxy Host 3.x is installed with insecure permissions ...)
+CVE-2002-0064
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0063 (Buffer overflow in ippRead function of CUPS before 1.1.14 may allow ...)
+CVE-2002-0063
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0062 (Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package ...)
+CVE-2002-0062
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0061 (Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows ...)
+CVE-2002-0061
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0060 (IRC connection tracking helper module in the netfilter subsystem for ...)
+CVE-2002-0060
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0059 (The decompression algorithm in zlib 1.1.3 and earlier, as used in many ...)
+CVE-2002-0059
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0057 (XMLHTTP control in Microsoft XML Core Services 2.6 and later does not ...)
+CVE-2002-0057
 	NOT-FOR-US: Microsoft
-CVE-2002-0055 (SMTP service in Microsoft Windows 2000, Windows XP Professional, and ...)
+CVE-2002-0055
 	NOT-FOR-US: Microsoft
-CVE-2002-0054 (SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail ...)
+CVE-2002-0054
 	NOT-FOR-US: Microsoft
-CVE-2002-0052 (Internet Explorer 6.0 and earlier does not properly handle VBScript in ...)
+CVE-2002-0052
 	NOT-FOR-US: Microsoft
-CVE-2002-0051 (Windows 2000 allows local users to prevent the application of new ...)
+CVE-2002-0051
 	NOT-FOR-US: Microsoft
-CVE-2002-0050 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce ...)
+CVE-2002-0050
 	NOT-FOR-US: Microsoft
-CVE-2002-0049 (Microsoft Exchange Server 2000 System Attendant gives &quot;Everyone&quot; group ...)
+CVE-2002-0049
 	NOT-FOR-US: Microsoft
-CVE-2002-0047 (CIPE VPN package before 1.3.0-3 allows remote attackers to cause a ...)
+CVE-2002-0047
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0046 (Linux kernel, and possibly other operating systems, allows remote ...)
+CVE-2002-0046
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0045 (slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous ...)
+CVE-2002-0045
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0044 (GNU Enscript 1.6.1 and earlier allows local users to overwrite ...)
+CVE-2002-0044
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0043 (sudo 1.6.0 through 1.6.3p7 does not properly clear the environment ...)
+CVE-2002-0043
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0042 (Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows ...)
+CVE-2002-0042
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0040 (Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to ...)
+CVE-2002-0040
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0038 (Vulnerability in the cache-limiting function of the unified name ...)
+CVE-2002-0038
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0036 (Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 ...)
+CVE-2002-0036
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0033 (Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd ...)
+CVE-2002-0033
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0032 (Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to ...)
+CVE-2002-0032
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0028 (Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows ...)
+CVE-2002-0028
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0027 (Internet Explorer 5.5 and 6.0 allows remote attackers to read certain ...)
+CVE-2002-0027
 	NOT-FOR-US: Microsoft
-CVE-2002-0026 (Internet Explorer 5.5 and 6.0 allows remote attackers to bypass ...)
+CVE-2002-0026
 	NOT-FOR-US: Microsoft
-CVE-2002-0025 (Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the ...)
+CVE-2002-0025
 	NOT-FOR-US: Microsoft
-CVE-2002-0024 (File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an ...)
+CVE-2002-0024
 	NOT-FOR-US: Microsoft
-CVE-2002-0023 (Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read ...)
+CVE-2002-0023
 	NOT-FOR-US: Microsoft
-CVE-2002-0022 (Buffer overflow in the implementation of an HTML directive in ...)
+CVE-2002-0022
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0021 (Network Product Identification (PID) Checker in Microsoft Office v. X ...)
+CVE-2002-0021
 	NOT-FOR-US: Microsoft
-CVE-2002-0020 (Buffer overflow in telnet server in Windows 2000 and Interix 2.2 ...)
+CVE-2002-0020
 	NOT-FOR-US: Microsoft
-CVE-2002-0018 (In Microsoft Windows NT and Windows 2000, a trusting domain that ...)
+CVE-2002-0018
 	NOT-FOR-US: Microsoft
-CVE-2002-0017 (Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m ...)
+CVE-2002-0017
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0014 (URL-handling code in Pine 4.43 and earlier allows remote attackers to ...)
+CVE-2002-0014
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0011 (Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may ...)
+CVE-2002-0011
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0009 (show_bug.cgi in Bugzilla before 2.14.1 allows a user with &quot;Bugs ...)
+CVE-2002-0009
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0007 (CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote ...)
+CVE-2002-0007
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0006 (XChat 1.8.7 and earlier, including default configurations of 1.4.2 and ...)
+CVE-2002-0006
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0005 (Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and ...)
+CVE-2002-0005
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0004 (Heap corruption vulnerability in the &quot;at&quot; program allows local users ...)
+CVE-2002-0004
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0003 (Buffer overflow in the preprocessor in groff 1.16 and earlier allows ...)
+CVE-2002-0003
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0002 (Format string vulnerability in stunnel before 3.22 when used in client ...)
+CVE-2002-0002
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0654 (Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote ...)
+CVE-2002-0654
 	- apache2 2.0.40
-CVE-2002-0652 (xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute ...)
+CVE-2002-0652
 	NOT-FOR-US: IRIX
-CVE-2002-0649 (Multiple buffer overflows in the Resolution Service for Microsoft SQL ...)
+CVE-2002-0649
 	NOT-FOR-US: Microsoft
 CVE-2002-0646
 	REJECTED
-CVE-2002-0645 (SQL injection vulnerability in stored procedures for Microsoft SQL ...)
+CVE-2002-0645
 	NOT-FOR-US: Microsoft
-CVE-2002-0644 (Buffer overflow in several Database Consistency Checkers (DBCCs) for ...)
+CVE-2002-0644
 	NOT-FOR-US: Microsoft
-CVE-2002-0643 (The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and ...)
+CVE-2002-0643
 	NOT-FOR-US: Microsoft
-CVE-2002-0641 (Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, ...)
+CVE-2002-0641
 	NOT-FOR-US: Microsoft
-CVE-2002-0637 (InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass ...)
+CVE-2002-0637
 	NOT-FOR-US: InterScan
 CVE-2002-0636
 	RESERVED
@@ -4422,606 +4422,606 @@ CVE-2002-0634
 	REJECTED
 CVE-2002-0633
 	REJECTED
-CVE-2002-0632 (Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier ...)
+CVE-2002-0632
 	NOT-FOR-US: SGI
-CVE-2002-0629 (The Telnet service for Polycom ViewStation before 7.2.4 allows remote ...)
+CVE-2002-0629
 	NOT-FOR-US: Polycom
-CVE-2002-0628 (The Telnet service for Polycom ViewStation before 7.2.4 does not ...)
+CVE-2002-0628
 	NOT-FOR-US: Polycom
-CVE-2002-0626 (Polycom ViewStation before 7.2.4 has a default null password for the ...)
+CVE-2002-0626
 	NOT-FOR-US: Polycom
-CVE-2002-0624 (Buffer overflow in the password encryption function of Microsoft SQL ...)
+CVE-2002-0624
 	NOT-FOR-US: Microsoft
-CVE-2002-0620 (Buffer overflow in the Profile Service of Microsoft Commerce Server ...)
+CVE-2002-0620
 	NOT-FOR-US: Microsoft
-CVE-2002-0614 (PHP-Survey 20000615 and earlier stores the global.inc file under the ...)
+CVE-2002-0614
 	NOT-FOR-US: PHP-Survey
-CVE-2002-0612 (FileSeek.cgi allows remote attackers to execute arbitrary commands via ...)
+CVE-2002-0612
 	NOT-FOR-US: FileSeek
-CVE-2002-0611 (Directory traversal vulnerability in FileSeek.cgi allows remote ...)
+CVE-2002-0611
 	NOT-FOR-US: FileSeek
-CVE-2002-0610 (Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not ...)
+CVE-2002-0610
 	NOT-FOR-US: HP
-CVE-2002-0609 (Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a ...)
+CVE-2002-0609
 	NOT-FOR-US: HP
-CVE-2002-0608 (Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to ...)
+CVE-2002-0608
 	NOT-FOR-US: Matu
-CVE-2002-0607 (members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows ...)
+CVE-2002-0607
 	NOT-FOR-US: Snitz
-CVE-2002-0606 (Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to ...)
+CVE-2002-0606
 	NOT-FOR-US: 3Cdaemon
-CVE-2002-0604 (Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to ...)
+CVE-2002-0604
 	NOT-FOR-US: Snapgear
-CVE-2002-0603 (Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a ...)
+CVE-2002-0603
 	NOT-FOR-US: Snapgear
-CVE-2002-0602 (Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to ...)
+CVE-2002-0602
 	NOT-FOR-US: Snapgear
-CVE-2002-0600 (Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote ...)
+CVE-2002-0600
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0596 (WebTrends Reporting Center 4.0d allows remote attackers to determine ...)
+CVE-2002-0596
 	NOT-FOR-US: WebTrends
-CVE-2002-0595 (Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends ...)
+CVE-2002-0595
 	NOT-FOR-US: WebTrends
-CVE-2002-0593 (Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows ...)
+CVE-2002-0593
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0592 (AOL Instant Messenger (AIM) allows remote attackers to steal files ...)
+CVE-2002-0592
 	NOT-FOR-US: AOL
-CVE-2002-0591 (Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 ...)
+CVE-2002-0591
 	NOT-FOR-US: AOL
-CVE-2002-0590 (Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows ...)
+CVE-2002-0590
 	NOT-FOR-US: IncrediBB
-CVE-2002-0589 (PVote before 1.9 allows remote attackers to change the administrative ...)
+CVE-2002-0589
 	NOT-FOR-US: PVote
-CVE-2002-0588 (PVote before 1.9 does not authenticate users for restricted ...)
+CVE-2002-0588
 	NOT-FOR-US: PVote
-CVE-2002-0587 (Buffer overflow in Ns_PdLog function for the external database driver ...)
+CVE-2002-0587
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0586 (Format string vulnerability in Ns_PdLog function for the external ...)
+CVE-2002-0586
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0585 (Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches ...)
+CVE-2002-0585
 	NOT-FOR-US: HP-UX
-CVE-2002-0584 (WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets ...)
+CVE-2002-0584
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0583 (WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric ...)
+CVE-2002-0583
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0582 (WorkforceROI Xpede 4.1 stores temporary expense claim reports in a ...)
+CVE-2002-0582
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0581 (WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary ...)
+CVE-2002-0581
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0580 (WorkforceROI Xpede 4.1 allows remote attackers to obtain the database ...)
+CVE-2002-0580
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0579 (WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as ...)
+CVE-2002-0579
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0578 (Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause ...)
+CVE-2002-0578
 	NOT-FOR-US: 4D WebServer
-CVE-2002-0577 (Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users ...)
+CVE-2002-0577
 	NOT-FOR-US: HP-UX
-CVE-2002-0572 (FreeBSD 4.5 and earlier, and possibly other BSD-based operating ...)
+CVE-2002-0572
 	NOT-FOR-US: FreeBSD
-CVE-2002-0570 (The encrypted loop device in Linux kernel 2.4.10 and earlier does not ...)
+CVE-2002-0570
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0568 (Oracle 9i Application Server stores XSQL and SOAP configuration files ...)
+CVE-2002-0568
 	NOT-FOR-US: Oracle
-CVE-2002-0566 (PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows ...)
+CVE-2002-0566
 	NOT-FOR-US: Oracle
-CVE-2002-0565 (Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with ...)
+CVE-2002-0565
 	NOT-FOR-US: Oracle
-CVE-2002-0564 (PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows ...)
+CVE-2002-0564
 	NOT-FOR-US: Oracle
-CVE-2002-0563 (The default configuration of Oracle 9i Application Server 1.0.2.x ...)
+CVE-2002-0563
 	NOT-FOR-US: Oracle
-CVE-2002-0562 (The default configuration of Oracle 9i Application Server 1.0.2.x ...)
+CVE-2002-0562
 	NOT-FOR-US: Oracle
-CVE-2002-0561 (The default configuration of the PL/SQL Gateway web administration ...)
+CVE-2002-0561
 	NOT-FOR-US: Oracle
-CVE-2002-0560 (PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows ...)
+CVE-2002-0560
 	NOT-FOR-US: Oracle
-CVE-2002-0559 (Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application ...)
+CVE-2002-0559
 	NOT-FOR-US: Oracle
-CVE-2002-0558 (Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and ...)
+CVE-2002-0558
 	NOT-FOR-US: TYPSoft
-CVE-2002-0557 (Vulnerability in OpenBSD 3.0, when using YP with netgroups in the ...)
+CVE-2002-0557
 	NOT-FOR-US: OpenBSD
-CVE-2002-0556 (Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows ...)
+CVE-2002-0556
 	NOT-FOR-US: Quik-Serv
-CVE-2002-0555 (IBM Informix Web DataBlade 4.12 unescapes user input even if an ...)
+CVE-2002-0555
 	NOT-FOR-US: IBM
-CVE-2002-0554 (webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers ...)
+CVE-2002-0554
 	NOT-FOR-US: IBM
-CVE-2002-0552 (Multiple buffer overflows in Melange Chat server 2.02 allow remote or ...)
+CVE-2002-0552
 	NOT-FOR-US: Melange
-CVE-2002-0551 (Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows ...)
+CVE-2002-0551
 	NOT-FOR-US: Dynamic Guestbook
-CVE-2002-0550 (Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary ...)
+CVE-2002-0550
 	NOT-FOR-US: Dynamic Guestbook
-CVE-2002-0549 (Cross-site scripting vulnerabilities in Anthill allow remote attackers ...)
+CVE-2002-0549
 	NOT-FOR-US: Anthill
-CVE-2002-0548 (Anthill allows remote attackers to bypass authentication and file bug ...)
+CVE-2002-0548
 	NOT-FOR-US: Anthill
-CVE-2002-0547 (Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows ...)
+CVE-2002-0547
 	NOT-FOR-US: Winamp
-CVE-2002-0544 (Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the ...)
+CVE-2002-0544
 	NOT-FOR-US: Aprelium
-CVE-2002-0541 (Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage ...)
+CVE-2002-0541
 	NOT-FOR-US: Tivoli
-CVE-2002-0540 (Nortel CVX 1800 is installed with a default &quot;public&quot; community string, ...)
+CVE-2002-0540
 	NOT-FOR-US: Nortel
-CVE-2002-0537 (The admin.html file in StepWeb Search Engine (SWS) 2.5 stores ...)
+CVE-2002-0537
 	NOT-FOR-US: SWS
-CVE-2002-0535 (Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier ...)
+CVE-2002-0535
 	NOT-FOR-US: PostBoard
-CVE-2002-0534 (PostBoard 2.0.1 and earlier with BBcode allows remote attackers to ...)
+CVE-2002-0534
 	NOT-FOR-US: PostBoard
-CVE-2002-0533 (phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a ...)
+CVE-2002-0533
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0530 (Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows ...)
+CVE-2002-0530
 	NOT-FOR-US: Novell
-CVE-2002-0529 (HP Photosmart printer driver for Mac OS X installs the ...)
+CVE-2002-0529
 	NOT-FOR-US: HP/Apple
-CVE-2002-0528 (Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP ...)
+CVE-2002-0528
 	NOT-FOR-US: Watchguard
-CVE-2002-0527 (Watchguard SOHO firewall before 5.0.35 allows remote attackers to ...)
+CVE-2002-0527
 	NOT-FOR-US: Watchguard
-CVE-2002-0526 (Vulnerability in (1) inews or (2) rnews for INN 2.2.3 and earlier, ...)
+CVE-2002-0526
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0525 (Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 ...)
+CVE-2002-0525
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0524 (ASP-Nuke RC2 and earlier allows remote attackers to determine the ...)
+CVE-2002-0524
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0523 (ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in ...)
+CVE-2002-0523
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0522 (ASP-Nuke RC2 and earlier allows remote attackers to bypass ...)
+CVE-2002-0522
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0521 (Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow ...)
+CVE-2002-0521
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0520 (Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke ...)
+CVE-2002-0520
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0518 (The SYN cache (syncache) and SYN cookie (syncookie) mechanism in ...)
+CVE-2002-0518
 	NOT-FOR-US: FreeBSD
-CVE-2002-0517 (Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, ...)
+CVE-2002-0517
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0515 (IPFilter 3.4.25 and earlier sets a different TTL when a port is being ...)
+CVE-2002-0515
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0514 (PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the ...)
+CVE-2002-0514
 	NOT-FOR-US: OpenBSD
-CVE-2002-0510 (The UDP implementation in Linux 2.4.x kernels keeps the IP ...)
+CVE-2002-0510
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0509 (Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 ...)
+CVE-2002-0509
 	NOT-FOR-US: Oracle
-CVE-2002-0508 (wwwisis 3.45 and earlier allows remote attackers to execute arbitrary ...)
+CVE-2002-0508
 	NOT-FOR-US: wwwisis
-CVE-2002-0507 (An interaction between Microsoft Outlook Web Access (OWA) with RSA ...)
+CVE-2002-0507
 	NOT-FOR-US: Microsoft
-CVE-2002-0504 (Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier ...)
+CVE-2002-0504
 	NOT-FOR-US: Citrix
-CVE-2002-0503 (Directory traversal vulnerability in boilerplate.asp for Citrix NFuse ...)
+CVE-2002-0503
 	NOT-FOR-US: Citrix
-CVE-2002-0502 (Citrix NFuse 1.6 may allow remote attackers to list applications ...)
+CVE-2002-0502
 	NOT-FOR-US: Citrix
-CVE-2002-0500 (Internet Explorer 5.0 through 6.0 allows remote attackers to determine ...)
+CVE-2002-0500
 	NOT-FOR-US: Microsoft
-CVE-2002-0499 (The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and ...)
+CVE-2002-0499
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0498 (Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID ...)
+CVE-2002-0498
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0496 (The HTTP server for SouthWest Talker server 1.0.0 allows remote ...)
+CVE-2002-0496
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0492 (dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete ...)
+CVE-2002-0492
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0491 (admin.php in AlGuest 1.0 guestbook checks for the existence of the ...)
+CVE-2002-0491
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0489 (Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows ...)
+CVE-2002-0489
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0487 (Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript ...)
+CVE-2002-0487
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0486 (Intellisol Xpede 4.1 uses weak encryption to store authentication ...)
+CVE-2002-0486
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0485 (Norton Anti-Virus (NAV) allows remote attackers to bypass content ...)
+CVE-2002-0485
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0483 (index.php for PHP-Nuke 5.4 and earlier allows remote attackers to ...)
+CVE-2002-0483
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0482 (Directory traversal vulnerability in PCI Netsupport Manager before ...)
+CVE-2002-0482
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0481 (An interaction between Windows Media Player (WMP) and Outlook 2002 ...)
+CVE-2002-0481
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0480 (ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is ...)
+CVE-2002-0480
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0479 (Gravity Storm Service Pack Manager 2000 creates a hidden share ...)
+CVE-2002-0479
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0478 (The default configuration of Foundry Networks EdgeIron 4802F allows ...)
+CVE-2002-0478
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0477 (Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote ...)
+CVE-2002-0477
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0476 (Standalone Macromedia Flash Player 5.0 allows remote attackers to save ...)
+CVE-2002-0476
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0475 (Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows ...)
+CVE-2002-0475
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0474 (Cross-site scripting vulnerability in ZeroForum allows remote ...)
+CVE-2002-0474
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0472 (MSN Messenger Service 3.6, and possibly other versions, uses weak ...)
+CVE-2002-0472
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0471 (PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code ...)
+CVE-2002-0471
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0470 (PHPNetToolpack 0.1 relies on its environment's PATH to find and ...)
+CVE-2002-0470
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0469 (Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does ...)
+CVE-2002-0469
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0468 (Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot ...)
+CVE-2002-0468
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0467 (Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot ...)
+CVE-2002-0467
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0466 (Hosting Controller 1.4.1 and earlier allows remote attackers to browse ...)
+CVE-2002-0466
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0465 (Directory traversal vulnerability in filemanager.asp for Hosting ...)
+CVE-2002-0465
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0461 (Internet Explorer 5.01 through 6 allows remote attackers to cause a ...)
+CVE-2002-0461
 	NOT-FOR-US: Microsoft
-CVE-2002-0460 (Bitvise WinSSHD before 2002-03-16 allows remote attackers to cause a ...)
+CVE-2002-0460
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0459 (Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier ...)
+CVE-2002-0459
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0458 (Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier ...)
+CVE-2002-0458
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0457 (Cross-site scripting vulnerability in signgbook.php for BG GuestBook ...)
+CVE-2002-0457
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0456 (Eudora 5.1 and earlier versions stores attachments in a directory with ...)
+CVE-2002-0456
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0455 (IncrediMail stores attachments in a directory with a fixed name, which ...)
+CVE-2002-0455
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0453 (The account lockout capability in Oblix NetPoint 5.2 and earlier only ...)
+CVE-2002-0453
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0452 (Foundry Networks ServerIron switches do not decode URIs when applying ...)
+CVE-2002-0452
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0450 (Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote ...)
+CVE-2002-0450
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0449 (Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier ...)
+CVE-2002-0449
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0448 (Xerver Free Web Server 2.10 and earlier allows remote attackers to ...)
+CVE-2002-0448
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0447 (Directory traversal vulnerability in Xerver Free Web Server 2.10 and ...)
+CVE-2002-0447
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0446 (categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows ...)
+CVE-2002-0446
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0440 (Trend Micro InterScan VirusWall HTTP proxy 3.6 with the &quot;Skip scanning ...)
+CVE-2002-0440
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0439 (Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and ...)
+CVE-2002-0439
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0438 (ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial ...)
+CVE-2002-0438
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0436 (sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows ...)
+CVE-2002-0436
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0434 (Marcus S. Xenakis directory.php script allows remote attackers to ...)
+CVE-2002-0434
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0433 (Pi3Web 2.0.0 allows remote attackers to view restricted files via an ...)
+CVE-2002-0433
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0432 (Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of ...)
+CVE-2002-0432
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0430 (MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration ...)
+CVE-2002-0430
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0428 (Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows ...)
+CVE-2002-0428
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0427 (Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow ...)
+CVE-2002-0427
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0426 (VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router ...)
+CVE-2002-0426
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0422 (IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to ...)
+CVE-2002-0422
 	NOT-FOR-US: Microsoft
-CVE-2002-0421 (IIS 4.0 allows local users to bypass the &quot;User cannot change password&quot; ...)
+CVE-2002-0421
 	NOT-FOR-US: Microsoft
-CVE-2002-0420 (Vulnerability in PureTLS before 0.9b2 related to injection attacks, ...)
+CVE-2002-0420
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0419 (Information leaks in IIS 4 through 5.1 allow remote attackers to ...)
+CVE-2002-0419
 	NOT-FOR-US: Microsoft
-CVE-2002-0418 (Directory traversal vulnerability in the ...)
+CVE-2002-0418
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0417 (Directory traversal vulnerability in Endymion MailMan before 3.1 ...)
+CVE-2002-0417
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0416 (Buffer overflow in SH39 MailServer 1.21 and earlier allows remote ...)
+CVE-2002-0416
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0415 (Directory traversal vulnerability in the web server used in RealPlayer ...)
+CVE-2002-0415
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0413 (Cross-site scripting vulnerability in ReBB allows remote attackers to ...)
+CVE-2002-0413
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0411 (Cross-site scripting vulnerability in message.php for AeroMail before ...)
+CVE-2002-0411
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0410 (send_message.php in AeroMail before 1.45 allows remote attackers to ...)
+CVE-2002-0410
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0409 (orderdetails.aspx, as made available to Microsoft .NET developers as ...)
+CVE-2002-0409
 	NOT-FOR-US: Microsoft
-CVE-2002-0408 (htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when ...)
+CVE-2002-0408
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0407 (htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote ...)
+CVE-2002-0407
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0405 (Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows ...)
+CVE-2002-0405
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0399 (Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, ...)
+CVE-2002-0399
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0393 (Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web ...)
+CVE-2002-0393
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0390
 	RESERVED
-CVE-2002-0388 (Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow ...)
+CVE-2002-0388
 	{DSA-147}
 	- mailman 2.0.12-1
-CVE-2002-0386 (The administration module for Oracle Web Cache in Oracle9iAS (9i ...)
+CVE-2002-0386
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0385 (Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain ...)
+CVE-2002-0385
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0383
 	RESERVED
-CVE-2002-0378 (The default configuration of LPRng print spooler in Red Hat Linux 7.0 ...)
+CVE-2002-0378
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0375 (Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows ...)
+CVE-2002-0375
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0371 (Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 ...)
+CVE-2002-0371
 	NOT-FOR-US: Microsoft
-CVE-2002-0370 (Buffer overflow in the ZIP capability for multiple products allows ...)
+CVE-2002-0370
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0365
 	RESERVED
 CVE-2002-0361
 	RESERVED
-CVE-2002-0360 (Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote ...)
+CVE-2002-0360
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0354 (The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 ...)
+CVE-2002-0354
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0353 (The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers ...)
+CVE-2002-0353
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0352 (Phorum 3.3.2 allows remote attackers to determine the email addresses ...)
+CVE-2002-0352
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0351 (Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x ...)
+CVE-2002-0351
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0350 (HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows ...)
+CVE-2002-0350
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0349 (Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, ...)
+CVE-2002-0349
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0348 (service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial ...)
+CVE-2002-0348
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0347 (Directory traversal vulnerability in Cobalt RAQ 4 allows remote ...)
+CVE-2002-0347
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0346 (Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote ...)
+CVE-2002-0346
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0345 (Symantec Ghost 7.0 stores usernames and passwords in plaintext in the ...)
+CVE-2002-0345
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0344 (Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores ...)
+CVE-2002-0344
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0343 (Hotline Client 1.8.5 stores sensitive user information, including ...)
+CVE-2002-0343
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0342 (Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of ...)
+CVE-2002-0342
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0341 (GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, ...)
+CVE-2002-0341
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0340 (Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, ...)
+CVE-2002-0340
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0338 (The Bat! 1.53d and 1.54beta, and possibly other versions, allows ...)
+CVE-2002-0338
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0337 (RealPlayer 8 allows remote attackers to cause a denial of service (CPU ...)
+CVE-2002-0337
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0336 (Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier ...)
+CVE-2002-0336
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0335 (Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier ...)
+CVE-2002-0335
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0334 (xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local ...)
+CVE-2002-0334
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0333 (Directory traversal vulnerability in xtell (xtelld) 1.91.1 and ...)
+CVE-2002-0333
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0332 (Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before ...)
+CVE-2002-0332
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0331 (Directory traversal vulnerability in the HTTP server for BPM Studio ...)
+CVE-2002-0331
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0328 (Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote ...)
+CVE-2002-0328
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0327 (Buffer overflow in Century Software TERM allows local users to gain ...)
+CVE-2002-0327
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0326 (Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows ...)
+CVE-2002-0326
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0325 (Directory traversal vulnerability in BadBlue before 1.6.1 allows ...)
+CVE-2002-0325
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0324 (Greymatter 1.21c and earlier with the Bookmarklet feature enabled ...)
+CVE-2002-0324
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0323 (comment2.jse in ScriptEase:WebServer allows remote attackers to read ...)
+CVE-2002-0323
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0322 (Yahoo! Messenger 4.0 sends user passwords in cleartext, which could ...)
+CVE-2002-0322
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0321 (Yahoo! Messenger 5.0 allows remote attackers to spoof other users by ...)
+CVE-2002-0321
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0320 (Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to ...)
+CVE-2002-0320
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0319 (Cross-site scripting vulnerability in edituser.php for pforum 1.14 and ...)
+CVE-2002-0319
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0317 (Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites ...)
+CVE-2002-0317
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0316 (Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x ...)
+CVE-2002-0316
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0315 (fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus ...)
+CVE-2002-0315
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0314 (fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) ...)
+CVE-2002-0314
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0312 (Directory traversal vulnerability in Essentia Web Server 2.1 allows ...)
+CVE-2002-0312
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0311 (Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows ...)
+CVE-2002-0311
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0310 (Netwin WebNews 1.1k CGI program includes several default usernames and ...)
+CVE-2002-0310
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0308 (admin.asp in AdMentor 2.11 allows remote attackers to bypass ...)
+CVE-2002-0308
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0307 (Directory traversal vulnerability in ans.pl in Avenger's News System ...)
+CVE-2002-0307
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0306 (ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote ...)
+CVE-2002-0306
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0305 (Zero One Tech (ZOT) P100s print server does not properly disable the ...)
+CVE-2002-0305
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0304 (Lil HTTP Server 2.1 allows remote attackers to read password-protected ...)
+CVE-2002-0304
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0303 (GroupWise 6, when using LDAP authentication and when Post Office has a ...)
+CVE-2002-0303
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0301 (Citrix NFuse 1.6 allows remote attackers to bypass authentication and ...)
+CVE-2002-0301
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0298 (ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a ...)
+CVE-2002-0298
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0297 (Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote ...)
+CVE-2002-0297
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0296 (The installation of Tarantella Enterprise 3 allows local users to ...)
+CVE-2002-0296
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0295 (Alcatel OmniPCX 4400 installs files with world-writable permissions, ...)
+CVE-2002-0295
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0294 (Alcatel 4400 installs the /chetc/shutdown command with setgid ...)
+CVE-2002-0294
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0293 (FTP service in Alcatel OmniPCX 4400 allows the &quot;halt&quot; user to gain ...)
+CVE-2002-0293
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0291 (Dino's Webserver 1.2 allows remote attackers to cause a denial of ...)
+CVE-2002-0291
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0289 (Buffer overflow in Phusion web server 1.0 allows remote attackers to ...)
+CVE-2002-0289
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0288 (Directory traversal vulnerability in Phusion web server 1.0 allows ...)
+CVE-2002-0288
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0286 (The GetPassword function in function.php of SiteNews 0.10 and 0.11 ...)
+CVE-2002-0286
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0285 (Outlook Express 5.5 and 6.0 on Windows treats a carriage return (&quot;CR&quot;) ...)
+CVE-2002-0285
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0284 (Winamp 2.78 and 2.77, when opening a wma file that requires a license, ...)
+CVE-2002-0284
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0283 (Windows XP with port 445 open allows remote attackers to cause a ...)
+CVE-2002-0283
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0282 (DCP-Portal 3.7 through 4.5 allows remote attackers to obtain the ...)
+CVE-2002-0282
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0281 (Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier ...)
+CVE-2002-0281
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0280 (Buffer overflow in CodeBlue 4 and earlier, and possibly other ...)
+CVE-2002-0280
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0279 (The kernel in HP-UX 11.11 does not properly provide arguments for ...)
+CVE-2002-0279
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0278 (Directory traversal vulnerability in Add2it Mailman Free 1.73 and ...)
+CVE-2002-0278
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0277 (Add2it Mailman Free 1.73 and earlier allows remote attackers to ...)
+CVE-2002-0277
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0273 (Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote ...)
+CVE-2002-0273
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0272 (Buffer overflows in mpg321 before 0.2.9 allows local and possibly ...)
+CVE-2002-0272
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0271 (Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows ...)
+CVE-2002-0271
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0270 (Opera, when configured with the &quot;Determine action by MIME type&quot; option ...)
+CVE-2002-0270
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0269 (Internet Explorer 5.x and 6 interprets an object as an HTML document ...)
+CVE-2002-0269
 	NOT-FOR-US: Microsoft
-CVE-2002-0268 (Identix BioLogon 3 allows users with physical access to the system to ...)
+CVE-2002-0268
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0266 (Thunderstone Texis CGI script allows remote attackers to obtain the ...)
+CVE-2002-0266
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0264 (PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive ...)
+CVE-2002-0264
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0263 (Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote ...)
+CVE-2002-0263
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0262 (Directory traversal vulnerability in netget for Sybex E-Trainer web ...)
+CVE-2002-0262
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0261 (Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 ...)
+CVE-2002-0261
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0260 (Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows ...)
+CVE-2002-0260
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0259 (InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and ...)
+CVE-2002-0259
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0258 (Merak Mail IceWarp Web Mail uses a static identifier as a user session ...)
+CVE-2002-0258
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0257 (Cross-site scripting vulnerability in auction.pl of MakeBid Auction ...)
+CVE-2002-0257
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0256 (The telnet port in Arescom NetDSL 1000 router allows remote attackers ...)
+CVE-2002-0256
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0255 (The default configuration of Arescom NetDSL 800 does not require ...)
+CVE-2002-0255
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0254 (ICQ 2001b Build 3659 allows remote attackers to cause a denial of ...)
+CVE-2002-0254
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0253 (PHP, when not configured with the &quot;display_errors = Off&quot; setting in ...)
+CVE-2002-0253
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0252 (Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote ...)
+CVE-2002-0252
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0249 (PHP for Windows, when installed on Apache 2.0.28 beta as a standalone ...)
+CVE-2002-0249
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0248 (wmtv 0.6.5 and earlier allows local users to modify arbitrary files ...)
+CVE-2002-0248
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0247 (Buffer overflows in wmtv 0.6.5 and earlier may allow local users to ...)
+CVE-2002-0247
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0245 (Lotus Domino server 5.0.8 with NoBanner enabled allows remote ...)
+CVE-2002-0245
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0244 (Directory traversal vulnerability in chroot function in AtheOS 0.3.7 ...)
+CVE-2002-0244
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0243 (Cross-site scripting vulnerability in Opera 6.0 and earlier allows ...)
+CVE-2002-0243
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0242 (Cross-site scripting vulnerability in Internet Explorer 6 earlier ...)
+CVE-2002-0242
 	NOT-FOR-US: Microsoft
-CVE-2002-0240 (PHP, when installed with Apache and configured to search for index.php ...)
+CVE-2002-0240
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0239 (Buffer overflow in hanterm 3.3.1 and earlier allows local users to ...)
+CVE-2002-0239
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0238 (Cross-site scripting vulnerability in web administration interface for ...)
+CVE-2002-0238
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0236 (Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and ...)
+CVE-2002-0236
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0235 (Castelle FaxPress, possibly 6.3 and other versions, when configured to ...)
+CVE-2002-0235
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0234 (NetScreen ScreenOS before 2.6.1 does not support a maximum number of ...)
+CVE-2002-0234
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0233 (Directory traversal vulnerability in eshare Expressions 4 Web server ...)
+CVE-2002-0233
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0232 (Directory traversal vulnerability in Multi Router Traffic Grapher ...)
+CVE-2002-0232
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0231 (Buffer overflow in mIRC 5.91 and earlier allows a remote server to ...)
+CVE-2002-0231
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0230 (Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 ...)
+CVE-2002-0230
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0229 (Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows ...)
+CVE-2002-0229
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0228 (Microsoft MSN Messenger allows remote attackers to use Javascript that ...)
+CVE-2002-0228
 	NOT-FOR-US: Microsoft
-CVE-2002-0227 (KICQ 2.0.0b1 allows remote attackers to cause a denial of service ...)
+CVE-2002-0227
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0225 (tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, ...)
+CVE-2002-0225
 	NOT-FOR-US: Cisco
-CVE-2002-0224 (The MSDTC (Microsoft Distributed Transaction Service Coordinator) for ...)
+CVE-2002-0224
 	NOT-FOR-US: Microsoft
-CVE-2002-0223 (Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 ...)
+CVE-2002-0223
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0222 (Etype Eserv 2.97 allows remote attackers to redirect traffic to other ...)
+CVE-2002-0222
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0221 (Etype Eserv 2.97 allows remote attackers to cause a denial of service ...)
+CVE-2002-0221
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0220 (phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute ...)
+CVE-2002-0220
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0219 (Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn ...)
+CVE-2002-0219
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0218 (Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or ...)
+CVE-2002-0218
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0217 (Cross-site scripting (CSS) vulnerabilities in the Private Message ...)
+CVE-2002-0217
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0216 (userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain ...)
+CVE-2002-0216
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0215 (Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers ...)
+CVE-2002-0215
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0214 (Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through ...)
+CVE-2002-0214
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0212 (The login for Hosting Controller 1.1 through 1.4.1 returns different ...)
+CVE-2002-0212
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0210 (setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 ...)
+CVE-2002-0210
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0208 (PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack ...)
+CVE-2002-0208
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0206 (index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly ...)
+CVE-2002-0206
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0205 (Cross-site scripting (CSS) vulnerability in error.asp for Plumtree ...)
+CVE-2002-0205
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0204 (Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified ...)
+CVE-2002-0204
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0203 (ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and ...)
+CVE-2002-0203
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0202 (PaintBBS 1.2 installs certain files and directories with insecure ...)
+CVE-2002-0202
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0201 (Cyberstop Web Server for Windows 0.1 allows remote attackers to cause ...)
+CVE-2002-0201
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0200 (Cyberstop Web Server for Windows 0.1 allows remote attackers to cause ...)
+CVE-2002-0200
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0199 (Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 ...)
+CVE-2002-0199
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0198 (Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in ...)
+CVE-2002-0198
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0195
 	RESERVED
@@ -5029,140 +5029,140 @@ CVE-2002-0194
 	RESERVED
 CVE-2002-0192
 	REJECTED
-CVE-2002-0189 (Cross-site scripting vulnerability in Internet Explorer 6.0 allows ...)
+CVE-2002-0189
 	NOT-FOR-US: Microsoft
 CVE-2002-0182
 	RESERVED
-CVE-2002-0180 (Buffer overflow in Webalizer 2.01-06, when configured to use reverse ...)
+CVE-2002-0180
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0177 (Buffer overflows in icecast 1.3.11 and earlier allows remote attackers ...)
+CVE-2002-0177
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0165 (LogWatch 2.5 allows local users to gain root privileges via a symlink ...)
+CVE-2002-0165
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0164 (Vulnerability in the MIT-SHM extension of the X server on Linux ...)
+CVE-2002-0164
 	{DSA-380}
 	- xfree86 4.2.1-11
-CVE-2002-0162 (LogWatch before 2.5 allows local users to execute arbitrary code via a ...)
+CVE-2002-0162
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0161
 	RESERVED
-CVE-2002-0154 (Buffer overflows in extended stored procedures for Microsoft SQL ...)
+CVE-2002-0154
 	NOT-FOR-US: Microsoft
-CVE-2002-0145 (chuid 1.2 and earlier does not properly verify the ownership of files ...)
+CVE-2002-0145
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0144 (Directory traversal vulnerability in chuid 1.2 and earlier allows ...)
+CVE-2002-0144
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0142 (CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows ...)
+CVE-2002-0142
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0141 (Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of ...)
+CVE-2002-0141
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0140 (Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote ...)
+CVE-2002-0140
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0138 (CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via ...)
+CVE-2002-0138
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0137 (CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files ...)
+CVE-2002-0137
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0136 (Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages ...)
+CVE-2002-0136
 	NOT-FOR-US: Microsoft
-CVE-2002-0135 (Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to ...)
+CVE-2002-0135
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0134 (Telnet proxy in Avirt Gateway Suite 4.2 does not require ...)
+CVE-2002-0134
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0133 (Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to ...)
+CVE-2002-0133
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0132 (Buffer overflow in Chinput 3.0 allows local users to execute arbitrary ...)
+CVE-2002-0132
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0131 (ActivePython ActiveX control for Python in the AXScript package, when ...)
+CVE-2002-0131
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0130 (Buffer overflow in efax 0.9 and earlier, when installed setuid root, ...)
+CVE-2002-0130
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0129 (efax 0.9 and earlier, when installed setuid root, allows local users ...)
+CVE-2002-0129
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0127 (Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured ...)
+CVE-2002-0127
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0126 (Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote ...)
+CVE-2002-0126
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0125 (Buffer overflow in ClanLib library 0.5 may allow local users to ...)
+CVE-2002-0125
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0124 (MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote ...)
+CVE-2002-0124
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0122 (Siemens 3568i WAP mobile phones allows remote attackers to cause a ...)
+CVE-2002-0122
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0119 (Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a ...)
+CVE-2002-0119
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0118 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board ...)
+CVE-2002-0118
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0116 (Palm OS 3.5h and possibly other versions, as used in Handspring Visor ...)
+CVE-2002-0116
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0114 (EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords ...)
+CVE-2002-0114
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0113 (EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files ...)
+CVE-2002-0113
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0112 (Etype Eserv 2.97 allows remote attackers to view password protected ...)
+CVE-2002-0112
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0110 (Nevrona Designs MiraMail 1.04 and earlier stores authentication ...)
+CVE-2002-0110
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0109 (Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly ...)
+CVE-2002-0109
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0108 (Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote ...)
+CVE-2002-0108
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0106 (BEA Systems Weblogic Server 6.1 allows remote attackers to cause a ...)
+CVE-2002-0106
 	NOT-FOR-US: BEA WebLogic
-CVE-2002-0105 (CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating ...)
+CVE-2002-0105
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0104 (AFTPD 5.4.4 allows remote attackers to gain sensitive information via ...)
+CVE-2002-0104
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0103 (An installer program for Oracle9iAS Web Cache 2.0.0.x creates ...)
+CVE-2002-0103
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0102 (Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial ...)
+CVE-2002-0102
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0101 (Microsoft Internet Explorer 6.0 and earlier allows local users to ...)
+CVE-2002-0101
 	NOT-FOR-US: Microsoft
-CVE-2002-0100 (AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass ...)
+CVE-2002-0100
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0099 (Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote ...)
+CVE-2002-0099
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0093 (Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow ...)
+CVE-2002-0093
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0091 (Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote ...)
+CVE-2002-0091
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0089 (Buffer overflow in admintool in Solaris 2.5 through 8 allows local ...)
+CVE-2002-0089
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0088 (Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local ...)
+CVE-2002-0088
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0087 (bindsock in Lotus Domino 5.07 on Solaris allows local users to create ...)
+CVE-2002-0087
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0086 (Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux ...)
+CVE-2002-0086
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0085 (cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a ...)
+CVE-2002-0085
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0084 (Buffer overflow in the fscache_setup function of cachefsd in Solaris ...)
+CVE-2002-0084
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0077 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked ...)
+CVE-2002-0077
 	NOT-FOR-US: Microsoft
-CVE-2002-0058 (Vulnerability in Java Runtime Environment (JRE) allows remote ...)
+CVE-2002-0058
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0056 (Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to ...)
+CVE-2002-0056
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0053 (Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows ...)
+CVE-2002-0053
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0048 (Multiple signedness errors (mixed signed and unsigned numbers) in the ...)
+CVE-2002-0048
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0041 (Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and ...)
+CVE-2002-0041
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0039 (rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier ...)
+CVE-2002-0039
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0037 (Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass ...)
+CVE-2002-0037
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0035
 	REJECTED
-CVE-2002-0034 (The Microsoft CONVERT.EXE program, when used on Windows 2000 and ...)
+CVE-2002-0034
 	NOT-FOR-US: Microsoft
-CVE-2002-0031 (Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows ...)
+CVE-2002-0031
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0030 (The digital signature mechanism for the Adobe Acrobat PDF viewer only ...)
+CVE-2002-0030
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0029 (Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 ...)
+CVE-2002-0029
 	{DSA-196}
 	- bind9 <not-affected>
 	- bind 1:8.3.3-3
@@ -5172,13 +5172,13 @@ CVE-2002-0016
 	RESERVED
 CVE-2002-0015
 	RESERVED
-CVE-2002-0013 (Vulnerabilities in the SNMPv1 request handling of a large number of ...)
+CVE-2002-0013
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0012 (Vulnerabilities in a large number of SNMP implementations allow ...)
+CVE-2002-0012
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0010 (Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL ...)
+CVE-2002-0010
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0008 (Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user ...)
+CVE-2002-0008
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0001 (Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt ...)
+CVE-2002-0001
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2003.list b/data/CVE/2003.list
index 07dfab53e4..8ee500c744 100644
--- a/data/CVE/2003.list
+++ b/data/CVE/2003.list
@@ -1,9 +1,9 @@
-CVE-2003-1605 (curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote ...)
+CVE-2003-1605
 	- curl 7.10.7-1
 	NOTE: https://curl.haxx.se/docs/CVE-2003-1605.html
-CVE-2003-1603 (GE Healthcare Discovery VH has a default password of (1) interfile for ...)
+CVE-2003-1603
 	NOT-FOR-US: GE Healthcare Discovery VH
-CVE-2003-1604 (The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in ...)
+CVE-2003-1604
 	- linux <not-affected> (Fixed before rename to src:linux)
 	- linux-2.6 <not-affected> (Fixed before initial upload of linux-2.6 in Debian)
 	NOTE: https://marc.info/?l=netfilter-devel&m=106668497403047&w=2
@@ -13,594 +13,594 @@ CVE-2003-1601
 	RESERVED
 CVE-2003-1600
 	RESERVED
-CVE-2003-1599 (PHP remote file inclusion vulnerability in wp-links/links.all.php in ...)
+CVE-2003-1599
 	NOT-FOR-US: WordPress plugin wp-links
-CVE-2003-1598 (SQL injection vulnerability in log.header.php in WordPress 0.7 and ...)
+CVE-2003-1598
 	- wordpress 1.0.1-1
 CVE-2003-1597
 	RESERVED
-CVE-2003-1596 (NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not ...)
+CVE-2003-1596
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1595 (NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does ...)
+CVE-2003-1595
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1594 (NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does ...)
+CVE-2003-1594
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1593 (NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 ...)
+CVE-2003-1593
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1592 (Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell ...)
+CVE-2003-1592
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1591 (NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 ...)
+CVE-2003-1591
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1590 (Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3 ...)
+CVE-2003-1590
 	NOT-FOR-US: Sun ONE Web Server
-CVE-2003-1589 (Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 ...)
+CVE-2003-1589
 	NOT-FOR-US: Sun ONE Web Server
-CVE-2003-1588 (Sun Cluster 2.2, when HA-Oracle or HA-Sybase DBMS services are used, ...)
+CVE-2003-1588
 	NOT-FOR-US: Sun Cluster
-CVE-2003-1587 (Cross-site scripting (XSS) vulnerability in LoganPro allows remote ...)
+CVE-2003-1587
 	NOT-FOR-US: LoganPro
-CVE-2003-1586 (Cross-site scripting (XSS) vulnerability in WebExpert allows remote ...)
+CVE-2003-1586
 	NOT-FOR-US: WebExpert
-CVE-2003-1585 (Cross-site scripting (XSS) vulnerability in WebLogExpert allows remote ...)
+CVE-2003-1585
 	NOT-FOR-US: WebLogExpert
-CVE-2003-1584 (Cross-site scripting (XSS) vulnerability in SurfStats allows remote ...)
+CVE-2003-1584
 	NOT-FOR-US: SurfStats
-CVE-2003-1583 (Cross-site scripting (XSS) vulnerability in WebTrends allows remote ...)
+CVE-2003-1583
 	NOT-FOR-US: WebTrends
-CVE-2003-1582 (Microsoft Internet Information Services (IIS) 6.0, when DNS resolution ...)
+CVE-2003-1582
 	NOT-FOR-US: Microsoft
-CVE-2003-1581 (The Apache HTTP Server 2.0.44, when DNS resolution is enabled for ...)
+CVE-2003-1581
 	- apache <removed> (unimportant)
 	- apache2 <unfixed> (unimportant; bug #570740)
 	NOTE: not really an apache issue; if an apache log analyzer is known vulnerable,
 	NOTE: then that itself should be fixed
-CVE-2003-1580 (The Apache HTTP Server 2.0.44, when DNS resolution is enabled for ...)
+CVE-2003-1580
 	- apache <removed> (unimportant)
 	- apache2 <unfixed> (unimportant; bug #570740)
 	NOTE: not really an apache issue; if an apache log analyzer is known vulnerable,
 	NOTE: then that itself should be fixed
-CVE-2003-1579 (Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is ...)
+CVE-2003-1579
 	NOT-FOR-US: Sun ONE (aka iPlanet) Web Server 6 on Windows
-CVE-2003-1578 (Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, ...)
+CVE-2003-1578
 	NOT-FOR-US: Sun ONE (aka iPlanet) Web Server 6 on Windows
-CVE-2003-1577 (Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, ...)
+CVE-2003-1577
 	NOT-FOR-US: Sun ONE (aka iPlanet) Web Server 6 on Windows
-CVE-2003-1576 (Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun ...)
+CVE-2003-1576
 	NOT-FOR-US: Sun Management Center
-CVE-2003-1575 (VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling ...)
+CVE-2003-1575
 	NOT-FOR-US: VERITAS File System
-CVE-2003-1574 (TikiWiki 1.6.1 allows remote attackers to bypass authentication by ...)
+CVE-2003-1574
 	- tikiwiki <removed>
-CVE-2003-1573 (The PointBase 4.6 database component in the J2EE 1.4 reference ...)
+CVE-2003-1573
 	NOT-FOR-US: Historic issues in proprietary Java
-CVE-2003-1572 (Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned ...)
+CVE-2003-1572
 	NOT-FOR-US: Historic issues in proprietary Java
-CVE-2003-1571 (Web Wiz Guestbook 6.0 stores sensitive information under the web root ...)
+CVE-2003-1571
 	NOT-FOR-US: Web Wiz Guestbook
-CVE-2003-1570 (The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before ...)
+CVE-2003-1570
 	NOT-FOR-US: Tivoli
-CVE-2003-1569 (GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote ...)
+CVE-2003-1569
 	NOT-FOR-US: Windows
-CVE-2003-1568 (GoAhead WebServer before 2.1.6 allows remote attackers to cause a ...)
+CVE-2003-1568
 	NOT-FOR-US: GoAhead WebServer
-CVE-2003-1567 (The undocumented TRACK method in Microsoft Internet Information ...)
+CVE-2003-1567
 	NOT-FOR-US: IIS
-CVE-2003-1566 (Microsoft Internet Information Services (IIS) 5.0 does not log ...)
+CVE-2003-1566
 	NOT-FOR-US: IIS
-CVE-2003-1564 (libxml2, possibly before 2.5.0, does not properly detect recursion ...)
+CVE-2003-1564
 	NOT-FOR-US: Old CVE id
-CVE-2003-1563 (Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real ...)
+CVE-2003-1563
 	NOT-FOR-US: Oracle
-CVE-2003-1562 (sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled ...)
+CVE-2003-1562
 	- openssh 1:3.8.1p1-8.sarge.4 (low)
-CVE-2003-1561 (Opera, probably before 7.50, sends Referer headers containing https:// ...)
+CVE-2003-1561
 	NOT-FOR-US: ancient issue
-CVE-2003-1560 (Netscape 4 sends Referer headers containing https:// URLs in requests ...)
+CVE-2003-1560
 	NOT-FOR-US: ancient issue
-CVE-2003-1559 (Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, ...)
+CVE-2003-1559
 	NOT-FOR-US: ancient issue
-CVE-2003-1558 (Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to ...)
+CVE-2003-1558
 	- fnord 1.7-1 (low)
-CVE-2003-1557 (Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, ...)
+CVE-2003-1557
 	- spamassassin 3.1.7-2
-CVE-2003-1556 (Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI ...)
+CVE-2003-1556
 	NOT-FOR-US: CGI City CC Guestbook
-CVE-2003-1555 (ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive ...)
+CVE-2003-1555
 	NOT-FOR-US: ScozNet ScozBook
-CVE-2003-1554 (Cross-site scripting (XSS) vulnerability in scozbook/add.php in ...)
+CVE-2003-1554
 	NOT-FOR-US: ScozNet ScozBook
-CVE-2003-1553 (Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores ...)
+CVE-2003-1553
 	NOT-FOR-US: Haakon Nilsen Simple Internet Publishing System
-CVE-2003-1552 (Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 ...)
+CVE-2003-1552
 	NOT-FOR-US: Uploader
-CVE-2003-1551 (Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before ...)
+CVE-2003-1551
 	NOT-FOR-US: Novell GroupWise
-CVE-2003-1550 (XOOPS 2.0, and possibly earlier versions, allows remote attackers to ...)
+CVE-2003-1550
 	NOT-FOR-US: XOOPS
-CVE-2003-1549 (Cross-site scripting (XSS) vulnerability in header.php in ...)
+CVE-2003-1549
 	NOT-FOR-US: MyABraCaDaWeb
-CVE-2003-1548 (MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain ...)
+CVE-2003-1548
 	NOT-FOR-US: MyABraCaDaWeb
-CVE-2003-1547 (Cross-site scripting (XSS) vulnerability in block-Forums.php in the ...)
+CVE-2003-1547
 	NOT-FOR-US: Splatt Forum module for PHP-Nuke
-CVE-2003-1546 (Cross-site scripting (XSS) vulnerability in gbook.php in Filebased ...)
+CVE-2003-1546
 	NOT-FOR-US: Filebased guestbook
-CVE-2003-1545 (Absolute path traversal vulnerability in nukestyles.com viewpage.php ...)
+CVE-2003-1545
 	NOT-FOR-US: nukestyles.com addon for PHP-Nuke
-CVE-2003-1544 (Unrestricted critical resource lock in Terminal Services for Windows ...)
+CVE-2003-1544
 	NOT-FOR-US: Windows
-CVE-2003-1543 (Cross-site scripting (XSS) vulnerability in Bajie Http Web Server ...)
+CVE-2003-1543
 	NOT-FOR-US: Bajie Http Web Server
-CVE-2003-1542 (Directory traversal vulnerability in plugins/file.php in ...)
+CVE-2003-1542
 	NOT-FOR-US: phpWebFileManager
-CVE-2003-1541 (PlanetMoon Guestbook tr3.a stores sensitive information under the web ...)
+CVE-2003-1541
 	NOT-FOR-US: PlanetMoon Guestbook
-CVE-2003-1540 (WF-Chat 1.0 Beta stores sensitive information under the web root with ...)
+CVE-2003-1540
 	NOT-FOR-US: WF-Chat
-CVE-2003-1539 (Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File ...)
+CVE-2003-1539
 	NOT-FOR-US: ONEdotOH Simple File
-CVE-2003-1538 (susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and ...)
+CVE-2003-1538
 	NOT-FOR-US: predating security tracker
-CVE-2003-1537 (Directory traversal vulnerability in PostNuke 0.723 and earlier allows ...)
+CVE-2003-1537
 	NOT-FOR-US: PostNuke
-CVE-2003-1536 (Multiple cross-site scripting (XSS) vulnerabilities in Codeworx ...)
+CVE-2003-1536
 	NOT-FOR-US: Codeworx Technologies DCP-Portal
-CVE-2003-1535 (Justice Guestbook 1.3 allows remote attackers to obtain the full ...)
+CVE-2003-1535
 	NOT-FOR-US: Justice Guestbook
-CVE-2003-1534 (Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice ...)
+CVE-2003-1534
 	NOT-FOR-US: Justice Guestbook
-CVE-2003-1533 (SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows ...)
+CVE-2003-1533
 	NOT-FOR-US: PhpPass
-CVE-2003-1532 (SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows ...)
+CVE-2003-1532
 	NOT-FOR-US: PhpMyShop
-CVE-2003-1531 (Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi ...)
+CVE-2003-1531
 	NOT-FOR-US: Lilikoi Software Ceilidh
-CVE-2003-1530 (SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier ...)
+CVE-2003-1530
 	- phpbb2 <not-affected> (Vulnerable versions too old to have been in Debian)
-CVE-2003-1529 (Directory traversal vulnerability in Seagull Software Systems J Walk ...)
+CVE-2003-1529
 	NOT-FOR-US: Seagull Software Systems J Walk
-CVE-2003-1528 (nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to ...)
+CVE-2003-1528
 	NOT-FOR-US: Fujitsu Siemens NetWorker
-CVE-2003-1527 (BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when ...)
+CVE-2003-1527
 	NOT-FOR-US: not processed, predates tracker
-CVE-2003-1526 (PHP-Nuke 7.0 allows remote attackers to obtain the installation path ...)
+CVE-2003-1526
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1525 (Unspecified vulnerability in My Photo Gallery 3.5, and possibly ...)
+CVE-2003-1525
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1524 (PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch ...)
+CVE-2003-1524
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1523 (SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows ...)
+CVE-2003-1523
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1522 (Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server ...)
+CVE-2003-1522
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1521 (Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to ...)
+CVE-2003-1521
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1520 (SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows ...)
+CVE-2003-1520
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1519 (Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine ...)
+CVE-2003-1519
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1518 (Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial ...)
+CVE-2003-1518
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1517 (cart.pl in Dansie shopping cart allows remote attackers to obtain the ...)
+CVE-2003-1517
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1516 (The org.apache.xalan.processor.XSLProcessorVersion class in Java ...)
+CVE-2003-1516
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1515 (Origo ASR-8100 ADSL Router 3.21 has an administration service running ...)
+CVE-2003-1515
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1514 (eMule 0.29c allows remote attackers to cause a denial of service ...)
+CVE-2003-1514
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1513 (Multiple cross-site scripting (XSS) vulnerabilities in example scripts ...)
+CVE-2003-1513
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1512 (Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause ...)
+CVE-2003-1512
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1511 (Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server ...)
+CVE-2003-1511
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1510 (TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU ...)
+CVE-2003-1510
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1509 (Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player ...)
+CVE-2003-1509
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1508 (Buffer overflow in mIRC 6.12, when the DCC get dialog window has been ...)
+CVE-2003-1508
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1507 (Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a ...)
+CVE-2003-1507
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1506 (Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix ...)
+CVE-2003-1506
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1505 (Microsoft Internet Explorer 6.0 allows remote attackers to cause a ...)
+CVE-2003-1505
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1504 (SQL injection vulnerability in variables.php in Goldlink 3.0 allows ...)
+CVE-2003-1504
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1503 (Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote ...)
+CVE-2003-1503
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1502 (mod_throttle 3.0 allows local users with Apache privileges to access ...)
+CVE-2003-1502
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1501 (Directory traversal vulnerability in the file upload CGI of Gast ...)
+CVE-2003-1501
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1500 (PHP remote file inclusion vulnerability in _functions.php in ...)
+CVE-2003-1500
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1499 (Directory traversal vulnerability in index.php in Bytehoard 0.7 allows ...)
+CVE-2003-1499
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1498 (Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT ...)
+CVE-2003-1498
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1497 (Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 ...)
+CVE-2003-1497
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1496 (Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through ...)
+CVE-2003-1496
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1495 (Unspecified vulnerability in the non-SSL web agent in various HP ...)
+CVE-2003-1495
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1494 (Unspecified vulnerability in HP OpenView Network Node Manager (NNM) ...)
+CVE-2003-1494
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2003-1493 (Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 ...)
+CVE-2003-1493
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2003-1492 (Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access ...)
+CVE-2003-1492
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1491 (Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept ...)
+CVE-2003-1491
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2003-1490 (SonicWall Pro running firmware 6.4.0.1 allows remote attackers to ...)
+CVE-2003-1490
 	NOT-FOR-US: SonicWall Pro
-CVE-2003-1489 (upload.php in Truegalerie 1.0 allows remote attackers to read ...)
+CVE-2003-1489
 	NOT-FOR-US: Truegalerie
-CVE-2003-1488 (The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie ...)
+CVE-2003-1488
 	NOT-FOR-US: Truegalerie
-CVE-2003-1487 (Multiple &quot;command injection&quot; vulnerabilities in Phorum 3.4 through ...)
+CVE-2003-1487
 	NOT-FOR-US: Phorum
-CVE-2003-1486 (Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full ...)
+CVE-2003-1486
 	NOT-FOR-US: Phorum
-CVE-2003-1485 (Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to ...)
+CVE-2003-1485
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-1484 (Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a ...)
+CVE-2003-1484
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1483 (FlashFXP 1.4 uses a weak encryption algorithm for user passwords, ...)
+CVE-2003-1483
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1482 (The backup configuration file for Microsoft MN-500 wireless base ...)
+CVE-2003-1482
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1481 (CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer ...)
+CVE-2003-1481
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1480 (MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, ...)
+CVE-2003-1480
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1479 (Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and ...)
+CVE-2003-1479
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1478 (Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of ...)
+CVE-2003-1478
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1477 (MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause ...)
+CVE-2003-1477
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1476 (Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, ...)
+CVE-2003-1476
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1475 (Netbus 1.5 through 1.7 allows more than one client to be connected at ...)
+CVE-2003-1475
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1474 (slashem-tty in the FreeBSD Ports Collection is installed with write ...)
+CVE-2003-1474
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1473 (Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 ...)
+CVE-2003-1473
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1472 (Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to ...)
+CVE-2003-1472
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1471 (MDaemon POP server 6.0.7 and earlier allows remote authenticated users ...)
+CVE-2003-1471
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1470 (Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows ...)
+CVE-2003-1470
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1469 (The default configuration of ColdFusion MX has the &quot;Enable Robust ...)
+CVE-2003-1469
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1468 (The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote ...)
+CVE-2003-1468
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1467 (Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, ...)
+CVE-2003-1467
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1466 (Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote ...)
+CVE-2003-1466
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1465 (Directory traversal vulnerability in download.php in Phorum 3.4 ...)
+CVE-2003-1465
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1464 (Buffer overflow in Siemens 45 series mobile phones allows remote ...)
+CVE-2003-1464
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1463 (Absolute path traversal vulnerability in Alt-N Technologies WebAdmin ...)
+CVE-2003-1463
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1462 (mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey ...)
+CVE-2003-1462
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1461 (Buffer overflow in rwrite for HP-UX 11.0 could allow local users to ...)
+CVE-2003-1461
 	NOT-FOR-US: HP-UX
-CVE-2003-1460 (Worker Filemanager 1.0 through 2.7 sets the permissions on the ...)
+CVE-2003-1460
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1459 (Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ...)
+CVE-2003-1459
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1458 (SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum ...)
+CVE-2003-1458
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1457 (Auerswald COMsuite CTI ControlCenter 3.1 creates a default ...)
+CVE-2003-1457
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1456 (Album.pl 6.1 allows remote attackers to execute arbitrary commands, ...)
+CVE-2003-1456
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1455 (Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c ...)
+CVE-2003-1455
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1454 (Invision Power Services Invision Board 1.0 through 1.1.1, when a forum ...)
+CVE-2003-1454
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1453 (Cross-site scripting (XSS) vulnerability in the MytextSanitizer ...)
+CVE-2003-1453
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1452 (Untrusted search path vulnerability in Qualcomm qpopper 4.0 through ...)
+CVE-2003-1452
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1451 (Buffer overflow in Symantec Norton AntiVirus 2002 allows remote ...)
+CVE-2003-1451
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1450 (BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to ...)
+CVE-2003-1450
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1449 (Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the ...)
+CVE-2003-1449
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1448 (Memory leak in the Windows 2000 kernel allows remote attackers to ...)
+CVE-2003-1448
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1447 (IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption ...)
+CVE-2003-1447
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1446 (Buffer overflow in the save_into_file function in save.c for Rogue ...)
+CVE-2003-1446
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1445 (Stack-based buffer overflow in Far Manager 1.70beta1 and earlier ...)
+CVE-2003-1445
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1444 (Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial ...)
+CVE-2003-1444
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1443 (Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files ...)
+CVE-2003-1443
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1442 (The web administration page for the Ericsson HM220dp ADSL modem does ...)
+CVE-2003-1442
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1441 (Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a ...)
+CVE-2003-1441
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1440 (SpamProbe 0.8a allows remote attackers to cause a denial of service ...)
+CVE-2003-1440
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1439 (Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores ...)
+CVE-2003-1439
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1438 (Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, ...)
+CVE-2003-1438
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1437 (BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores ...)
+CVE-2003-1437
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1436 (PHP remote file inclusion vulnerability in nukebrowser.php in ...)
+CVE-2003-1436
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1435 (SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote ...)
+CVE-2003-1435
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1434 (login_ldap 3.1 and 3.2 allows remote attackers to initiate ...)
+CVE-2003-1434
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1433 (Epic Games Unreal Engine 226f through 436 does not validate the ...)
+CVE-2003-1433
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1432 (Epic Games Unreal Engine 226f through 436 allows remote attackers to ...)
+CVE-2003-1432
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1431 (Buffer overflow in Epic Games Unreal Engine 226f through 436 allows ...)
+CVE-2003-1431
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1430 (Directory traversal vulnerability in Unreal Tournament Server 436 and ...)
+CVE-2003-1430
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1429 (Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to ...)
+CVE-2003-1429
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1428 (Gallery 1.3.3 creates directories with insecure permissions, which ...)
+CVE-2003-1428
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1427 (Directory traversal vulnerability in the web configuration interface ...)
+CVE-2003-1427
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1426 (Openwebmail in cPanel 5.0, when run using suid Perl, adds the ...)
+CVE-2003-1426
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1425 (guestbook.cgi in cPanel 5.0 allows remote attackers to execute ...)
+CVE-2003-1425
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1424 (message.php in Petitforum does not properly authenticate users, which ...)
+CVE-2003-1424
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1423 (Petitforum stores the liste.txt data file under the web document root ...)
+CVE-2003-1423
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1422 (Multiple unspecified vulnerabilities in the installer for SYSLINUX ...)
+CVE-2003-1422
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1421 (Unspecified vulnerability in mod_mysql_logger shared object in SuckBot ...)
+CVE-2003-1421
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1420 (Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with ...)
+CVE-2003-1420
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1419 (Netscape 7.0 allows remote attackers to cause a denial of service ...)
+CVE-2003-1419
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1418 (Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote ...)
+CVE-2003-1418
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1417 (nCipher Support Software 6.00, when using generatekey KeySafe to ...)
+CVE-2003-1417
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1416 (BisonFTP Server 4 release 2 allows remote attackers to cause a denial ...)
+CVE-2003-1416
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1415 (NetCharts XBRL Server 4.0.0 allows remote attackers to obtain ...)
+CVE-2003-1415
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1414 (Directory traversal vulnerability in parse_xml.cg Apple Darwin ...)
+CVE-2003-1414
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1413 (parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote ...)
+CVE-2003-1413
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1412 (PHP remote file inclusion vulnerability in index.php for GONiCUS ...)
+CVE-2003-1412
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1411 (PHP remote file inclusion vulnerability in ...)
+CVE-2003-1411
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1410 (PHP remote file inclusion vulnerability in email.php (aka email.php3) ...)
+CVE-2003-1410
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1409 (TOPo 1.43 allows remote attackers to obtain sensitive information by ...)
+CVE-2003-1409
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1408 (Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the ...)
+CVE-2003-1408
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1407 (Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to ...)
+CVE-2003-1407
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1406 (PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 ...)
+CVE-2003-1406
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1405 (DotBr 0.1 allows remote attackers to execute arbitrary shell commands ...)
+CVE-2003-1405
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1404 (DotBr 0.1 stores config.inc with insufficient access control under the ...)
+CVE-2003-1404
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1403 (foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive ...)
+CVE-2003-1403
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1402 (PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and ...)
+CVE-2003-1402
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1401 (login.php in php-Board 1.0 stores plaintext passwords in $username.txt ...)
+CVE-2003-1401
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1400 (Cross-site scripting (XSS) vulnerability in the Your_Account module ...)
+CVE-2003-1400
 	NOT-FOR-US: PhpNuke
-CVE-2003-1399 (eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, ...)
+CVE-2003-1399
 	- eject 2.0.13-1
-CVE-2003-1398 (Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts ...)
+CVE-2003-1398
 	NOT-FOR-US: Cisco
-CVE-2003-1397 (The PluginContext object of Opera 6.05 and 7.0 allows remote attackers ...)
+CVE-2003-1397
 	NOT-FOR-US: Opera
-CVE-2003-1396 (Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote ...)
+CVE-2003-1396
 	NOT-FOR-US: Opera
-CVE-2003-1395 (Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to ...)
+CVE-2003-1395
 	NOT-FOR-US: KaZaA Media Desktop
-CVE-2003-1394 (CoffeeCup Software Password Wizard 4.0 stores sensitive information ...)
+CVE-2003-1394
 	NOT-FOR-US: CoffeeCup Software Password Wizard
-CVE-2003-1393 (Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to ...)
+CVE-2003-1393
 	NOT-FOR-US: Gupta SQLBase
-CVE-2003-1392 (CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to ...)
+CVE-2003-1392
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1391 (RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the ...)
+CVE-2003-1391
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1390 (RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a ...)
+CVE-2003-1390
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1389 (RTS CryptoBuddy 1.2 and earlier truncates long passphrases without ...)
+CVE-2003-1389
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1388 (Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to ...)
+CVE-2003-1388
 	NOT-FOR-US: Opera
-CVE-2003-1387 (Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, ...)
+CVE-2003-1387
 	NOT-FOR-US: Opera
-CVE-2003-1386 (AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to ...)
+CVE-2003-1386
 	NOT-FOR-US: AXIS 2400 Video Server
-CVE-2003-1385 (ipchat.php in Invision Power Board 1.1.1 allows remote attackers to ...)
+CVE-2003-1385
 	NOT-FOR-US: Invision Power Board
-CVE-2003-1384 (Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor ...)
+CVE-2003-1384
 	NOT-FOR-US: PY-Livredor
-CVE-2003-1383 (WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2003-1383
 	NOT-FOR-US: WEB-ERP
-CVE-2003-1382 (Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to ...)
+CVE-2003-1382
 	NOT-FOR-US: ISMail
-CVE-2003-1381 (Format string vulnerability in AMX 0.9.2 and earlier, a plugin for ...)
+CVE-2003-1381
 	NOT-FOR-US: AMX Half-Life Server
-CVE-2003-1380 (Directory traversal vulnerability in BisonFTP Server 4 release 2 ...)
+CVE-2003-1380
 	NOT-FOR-US: BisonFTP Server
-CVE-2003-1379 (clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to ...)
+CVE-2003-1379
 	NOT-FOR-US: clarkconnectd
-CVE-2003-1378 (Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone ...)
+CVE-2003-1378
 	NOT-FOR-US: Microsoft Outlook
-CVE-2003-1377 (Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) ...)
+CVE-2003-1377
 	NOT-FOR-US: Smart IRC Daemon
-CVE-2003-1376 (WinZip 8.0 uses weak random number generation for password protected ...)
+CVE-2003-1376
 	NOT-FOR-US: WinZip 8.0
-CVE-2003-1375 (Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local ...)
+CVE-2003-1375
 	NOT-FOR-US: HP-UX 10.20
-CVE-2003-1374 (Buffer overflow in disable of HP-UX 11.0 may allow local users to ...)
+CVE-2003-1374
 	NOT-FOR-US: HP-UX 11.0
-CVE-2003-1373 (Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through ...)
+CVE-2003-1373
 	- phpbb2 <not-affected> (phpbb was the vulnerable one)
-CVE-2003-1372 (Cross-site scripting (XSS) vulnerability in links.php script in ...)
+CVE-2003-1372
 	NOT-FOR-US: myPHPNuke
-CVE-2003-1371 (Nuked-Klan 1.3b, and possibly earlier versions, allows remote ...)
+CVE-2003-1371
 	NOT-FOR-US: Nuked-Klan
-CVE-2003-1370 (Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b ...)
+CVE-2003-1370
 	NOT-FOR-US: Nuked-Klan
-CVE-2003-1369 (Buffer overflow in ByteCatcher FTP client 1.04b allows remote ...)
+CVE-2003-1369
 	NOT-FOR-US: ByteCatcher FTP client
-CVE-2003-1368 (Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers ...)
+CVE-2003-1368
 	NOT-FOR-US: 32bit FTP client
-CVE-2003-1367 (The which_access variable for Majordomo 2.0 through 1.94.4, and ...)
+CVE-2003-1367
 	NOT-FOR-US: Majordomo
-CVE-2003-1366 (chpass in OpenBSD 2.0 through 3.2 allows local users to read portions ...)
+CVE-2003-1366
 	NOT-FOR-US: OpenBSD 2.0
-CVE-2003-1365 (The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does ...)
+CVE-2003-1365
 	NOT-FOR-US: CGI::Lite 2.0
-CVE-2003-1364 (Aprelium Technologies Abyss Web Server 1.1.2, and possibly other ...)
+CVE-2003-1364
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1363 (The remote web management interface of Aprelium Technologies Abyss Web ...)
+CVE-2003-1363
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1362 (Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly ...)
+CVE-2003-1362
 	NOT-FOR-US: HP-UX
-CVE-2003-1361 (Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli ...)
+CVE-2003-1361
 	NOT-FOR-US: HP-UX
-CVE-2003-1360 (Buffer overflow in the setupterm function of (1) lanadmin and (2) ...)
+CVE-2003-1360
 	NOT-FOR-US: HP-UX
-CVE-2003-1359 (Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows ...)
+CVE-2003-1359
 	NOT-FOR-US: HP-UX
-CVE-2003-1358 (rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment ...)
+CVE-2003-1358
 	NOT-FOR-US: HP-UX
-CVE-2003-1357 (ProxyView has a default administrator password of Administrator for ...)
+CVE-2003-1357
 	NOT-FOR-US: ProxyView
-CVE-2003-1356 (The &quot;file handling&quot; in sort in HP-UX 10.01 through 10.20, and 11.00 ...)
+CVE-2003-1356
 	NOT-FOR-US: HP-UX
-CVE-2003-1355 (Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 ...)
+CVE-2003-1355
 	NOT-FOR-US: Battlefield
-CVE-2003-1354 (Multiple GameSpy 3D 2.62 compatible gaming servers generate very large ...)
+CVE-2003-1354
 	NOT-FOR-US: Battlefield
-CVE-2003-1353 (Multiple cross-site scripting (XSS) vulnerabilities in Outreach ...)
+CVE-2003-1353
 	NOT-FOR-US: Outreach
-CVE-2003-1352 (Gabber 0.8.7 sends an email to a specific address during user login ...)
+CVE-2003-1352
 	- gabber 0.8.8-1
 	- gabber2 <not-affected> (No code to send data to update@jabber.org)
-CVE-2003-1351 (Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows ...)
+CVE-2003-1351
 	NOT-FOR-US: EditTag
-CVE-2003-1350 (List Site Pro 2.0 allows remote attackers to hijack user accounts by ...)
+CVE-2003-1350
 	NOT-FOR-US: List Site Pro 2.0
-CVE-2003-1349 (Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 ...)
+CVE-2003-1349
 	NOT-FOR-US: NITE ftp-server
-CVE-2003-1348 (Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org ...)
+CVE-2003-1348
 	NOT-FOR-US: Guestbook
-CVE-2003-1347 (Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 ...)
+CVE-2003-1347
 	NOT-FOR-US: Geeklog
-CVE-2003-1346 (D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 ...)
+CVE-2003-1346
 	NOT-FOR-US: DWL-900AP
-CVE-2003-1345 (Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 ...)
+CVE-2003-1345
 	NOT-FOR-US: WebCollection
-CVE-2003-1344 (Trend Micro Virus Control System (TVCS) Log Collector allows remote ...)
+CVE-2003-1344
 	NOT-FOR-US: Trend Micro Virus Control System
-CVE-2003-1343 (Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 ...)
+CVE-2003-1343
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2003-1342 (Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows ...)
+CVE-2003-1342
 	NOT-FOR-US: Trend Micro Virus Control System
-CVE-2003-1341 (The default installation of Trend Micro OfficeScan 3.0 through 3.54 ...)
+CVE-2003-1341
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2003-1340 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 ...)
+CVE-2003-1340
 	NOT-FOR-US: Php-Nuke
-CVE-2003-1339 (Stack-based buffer overflow in eZnet.exe, as used in eZ (a) ...)
+CVE-2003-1339
 	NOT-FOR-US: eZnet
-CVE-2003-1338 (CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and ...)
+CVE-2003-1338
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1337 (Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and ...)
+CVE-2003-1337
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1336 (Buffer overflow in mIRC before 6.11 allows remote attackers to execute ...)
+CVE-2003-1336
 	NOT-FOR-US: mIRC
-CVE-2003-1335 (Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple ...)
+CVE-2003-1335
 	NOT-FOR-US: snif
-CVE-2003-1334 (Cross-site scripting (XSS) vulnerability in Kai Blankenhorn Bitfolge ...)
+CVE-2003-1334
 	NOT-FOR-US: snif
-CVE-2003-1333 (Unspecified vulnerability in the Cache' Server Page (CSP) ...)
+CVE-2003-1333
 	NOT-FOR-US: InterSystems Cache
-CVE-2003-1332 (Stack-based buffer overflow in the reply_nttrans function in Samba ...)
+CVE-2003-1332
 	- samba <not-affected> (Vulnerable version not in any suite)
-CVE-2003-1331 (Stack-based buffer overflow in the mysql_real_connect function in the ...)
+CVE-2003-1331
 	- mysql-dfsg-5.0 <not-affected> (Newer versions in all suites apart oldstable)
 	NOTE: oldstable is affected, everything else uses libmysqlclient15
-CVE-2003-1330 (Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom &quot;on ...)
+CVE-2003-1330
 	NOT-FOR-US: MAILsweeper
-CVE-2003-1329 (ftpd.c in wu-ftpd 2.6.2, when running on &quot;operating systems that only ...)
+CVE-2003-1329
 	- wu-ftpd 2.6.2-4
-CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and ...)
+CVE-2003-1327
 	- wu-ftpd 2.6.2-26 (unimportant; bug #425162)
 	NOTE: Linux' limit is 4096 chars
-CVE-2003-1325 (The SV_CheckForDuplicateNames function in Valve Software Half-Life ...)
+CVE-2003-1325
 	NOT-FOR-US: Half-Life
-CVE-2003-1324 (Race condition in the can_open function in Elm ME+ 2.4, when installed ...)
+CVE-2003-1324
 	NOT-FOR-US: Elm, removed in 2002
-CVE-2003-1323 (Elm ME+ 2.4 before PL109S, when installed setgid mail and the ...)
+CVE-2003-1323
 	NOT-FOR-US: Elm, removed in 2002
-CVE-2003-1322 (Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR ...)
+CVE-2003-1322
 	NOT-FOR-US: MERCUR IMAPD
-CVE-2003-1321 (Buffer overflow in Avant Browser 8.02 allows remote attackers to cause ...)
+CVE-2003-1321
 	NOT-FOR-US: Avant Browser
-CVE-2003-1320 (SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a ...)
+CVE-2003-1320
 	NOT-FOR-US: SonicWALL
-CVE-2003-1319 (Multiple buffer overflows in SmartFTP 1.0.973, and other versions ...)
+CVE-2003-1319
 	NOT-FOR-US: SmartFTP
-CVE-2003-1318 (Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial ...)
+CVE-2003-1318
 	NOT-FOR-US: Twilight Webserver
-CVE-2003-1317 (Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 ...)
+CVE-2003-1317
 	NOT-FOR-US: eNdonesia CMS
-CVE-2003-1316 (mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive ...)
+CVE-2003-1316
 	NOT-FOR-US: eNdonesia CMS
-CVE-2003-1315 (SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 ...)
+CVE-2003-1315
 	NOT-FOR-US: Land Down Under (LDU)
-CVE-2003-1314 (PHP remote file inclusion vulnerability in admin/auth.php in ...)
+CVE-2003-1314
 	NOT-FOR-US: EternalMart Guestbook (EMGB)
-CVE-2003-1313 (Multiple PHP remote file inclusion vulnerabilities in EternalMart ...)
+CVE-2003-1313
 	NOT-FOR-US: EternalMart Mailing List Manager (EMLM)
-CVE-2003-1312 (siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a ...)
+CVE-2003-1312
 	NOT-FOR-US: Netegrity SiteMinder
-CVE-2003-1311 (siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ...)
+CVE-2003-1311
 	NOT-FOR-US: Netegrity SiteMinder
-CVE-2003-1310 (The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) ...)
+CVE-2003-1310
 	NOT-FOR-US: Norton
-CVE-2003-1309 (The DeviceIoControl function in the TrueVector Device Driver ...)
+CVE-2003-1309
 	NOT-FOR-US: ZoneAlarm
-CVE-2003-1308 (CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x ...)
+CVE-2003-1308
 	- fvwm 2.5.10-1
-CVE-2003-1307 (** DISPUTED ** ...)
+CVE-2003-1307
 	NOTE: More of an apache flaw than a php flaw. And just one more reason
 	NOTE: why you have lost as soon as an attacker can execute arbitrary
 	NOTE: php scripts.
@@ -609,790 +609,790 @@ CVE-2003-1307 (** DISPUTED ** ...)
 	NOTE: program, you can do $BADSTUFF anyway.
 	- apache <unfixed> (unimportant)
 	- apache2 <unfixed> (unimportant)
-CVE-2003-1306 (Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, ...)
+CVE-2003-1306
 	NOT-FOR-US: Microsoft
-CVE-2003-1305 (Microsoft Internet Explorer allows remote attackers to cause a denial ...)
+CVE-2003-1305
 	NOT-FOR-US: Microsoft
-CVE-2003-1304 (EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under ...)
+CVE-2003-1304
 	NOT-FOR-US: EarlyImpact ProductCart
-CVE-2003-1303 (Buffer overflow in the imap_fetch_overview function in the IMAP ...)
+CVE-2003-1303
 	NOT-FOR-US: Microsoft Internet Explore
-CVE-2003-1302 (The IMAP functionality in PHP before 4.3.1 allows remote attackers to ...)
+CVE-2003-1302
 	- php4 4:4.3.2+rc3-1
-CVE-2003-1301 (Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x ...)
+CVE-2003-1301
 	- sun-java5 1.5.0-06-1 (low; bug #384734)
-CVE-2003-1300 (Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May ...)
+CVE-2003-1300
 	NOT-FOR-US: Baby FTP Server
-CVE-2003-1299 (Directory traversal vulnerability in Baby FTP Server 1.2, and possibly ...)
+CVE-2003-1299
 	NOT-FOR-US: Baby FTP Server
-CVE-2003-1298 (Multiple directory traversal vulnerabilities in siteman.php3 in ...)
+CVE-2003-1298
 	NOT-FOR-US: Veritas Backup
-CVE-2003-1297 (Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka ...)
+CVE-2003-1297
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2003-1296 (Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated ...)
+CVE-2003-1296
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2003-1295 (Unspecified vulnerability in xscreensaver 4.12, and possibly other ...)
+CVE-2003-1295
 	- xscreensaver 4.21-1
 	NOTE: Might be fixed earlier, but I've verified that the SuSE patch is included
 	NOTE: in the Sarge version --jmm
-CVE-2003-1294 (Xscreensaver before 4.15 creates temporary files insecurely in (1) ...)
+CVE-2003-1294
 	- xscreensaver 4.15-1
-CVE-2003-1293 (Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb ...)
+CVE-2003-1293
 	NOT-FOR-US: NukedWeb
-CVE-2003-1292 (PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 ...)
+CVE-2003-1292
 	NOT-FOR-US: Derek Ashauer ashNews
-CVE-2003-1291 (VMware ESX Server 1.5.2 before Patch 4 allows local users to execute ...)
+CVE-2003-1291
 	NOT-FOR-US: VMware
-CVE-2003-1290 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI ...)
+CVE-2003-1290
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1289 (The iBCS2 system call translator for statfs in NetBSD 1.5 through ...)
+CVE-2003-1289
 	NOT-FOR-US: NetBSD
-CVE-2003-1288 (Multiple race conditions in Linux-VServer 1.22 with Linux kernel ...)
+CVE-2003-1288
 	- kernel-patch-ctx 1:1.29-1
 CVE-2003-XXXX [Insecure tempfile in x-face-el]
 	- x-face-el 1.3.6.23-1
 	NOTE: DSA-340
-CVE-2003-1287 (Sambar Server before 6.0 beta 3 allows attackers with physical access ...)
+CVE-2003-1287
 	NOT-FOR-US: Sambar
-CVE-2003-1286 (HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks ...)
+CVE-2003-1286
 	NOT-FOR-US: Sambar
-CVE-2003-1285 (Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server ...)
+CVE-2003-1285
 	NOT-FOR-US: Sambar
-CVE-2003-1284 (Sambar Server before 6.0 beta 6 allows remote attackers to obtain ...)
+CVE-2003-1284
 	NOT-FOR-US: Sambar
-CVE-2003-1283 (KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet ...)
+CVE-2003-1283
 	NOT-FOR-US: Kazaa
-CVE-2003-1282 (IBM Net.Data allows remote attackers to obtain sensitive information ...)
+CVE-2003-1282
 	NOT-FOR-US: IBM Net.Data
-CVE-2003-1281 (cgihtml 1.69 allows local users to overwrite arbitrary files via a ...)
+CVE-2003-1281
 	NOT-FOR-US: cgihtml
-CVE-2003-1280 (Directory traversal vulnerability in cgihtml 1.69 allows remote ...)
+CVE-2003-1280
 	NOT-FOR-US: cgihtml
-CVE-2003-1279 (S-PLUS 6.0 allows local users to overwrite arbitrary files and ...)
+CVE-2003-1279
 	NOT-FOR-US: S-PLUS
-CVE-2003-1278 (Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows ...)
+CVE-2003-1278
 	NOT-FOR-US: OpenTopic
-CVE-2003-1277 (Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin ...)
+CVE-2003-1277
 	NOT-FOR-US: YaBB
-CVE-2003-1276 (Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's ...)
+CVE-2003-1276
 	NOT-FOR-US: NetTelephone
-CVE-2003-1275 (Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a ...)
+CVE-2003-1275
 	NOT-FOR-US: Pocket Internet Explorer
-CVE-2003-1274 (Winamp 3.0 allows remote attackers to cause a denial of service ...)
+CVE-2003-1274
 	NOT-FOR-US: Winamp
-CVE-2003-1273 (Winamp 3.0 allows remote attackers to cause a denial of service ...)
+CVE-2003-1273
 	NOT-FOR-US: Winamp
-CVE-2003-1272 (Multiple buffer overflows in Winamp 3.0 allow remote attackers to ...)
+CVE-2003-1272
 	NOT-FOR-US: Winamp
-CVE-2003-1271 (Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows ...)
+CVE-2003-1271
 	NOT-FOR-US: AN HTTP
-CVE-2003-1270 (AN HTTP 1.41e allows remote attackers to cause a denial of service ...)
+CVE-2003-1270
 	NOT-FOR-US: AN HTTP
-CVE-2003-1269 (AN HTTP 1.41e allows remote attackers to obtain the root web server ...)
+CVE-2003-1269
 	NOT-FOR-US: AN HTTP
-CVE-2003-1268 (Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) ...)
+CVE-2003-1268
 	NOT-FOR-US: a.shopKart
-CVE-2003-1267 (GuildFTPd 0.999 allows remote attackers to cause a denial of service ...)
+CVE-2003-1267
 	NOT-FOR-US: GuildFTPd
-CVE-2003-1266 (The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 ...)
+CVE-2003-1266
 	NOT-FOR-US: EServer
-CVE-2003-1265 (Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the ...)
+CVE-2003-1265
 	NOT-FOR-US: Ancient Mozilla issue
-CVE-2003-1264 (TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, ...)
+CVE-2003-1264
 	NOT-FOR-US: Longshine hardware
-CVE-2003-1263 (ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of ...)
+CVE-2003-1263
 	NOT-FOR-US: iCal
-CVE-2003-1262 (Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and ...)
+CVE-2003-1262
 	- libhttpfetcher 1.1.0-1
-CVE-2003-1261 (Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a ...)
+CVE-2003-1261
 	NOT-FOR-US: CuteFTP
-CVE-2003-1260 (Buffer overflow in CuteFTP 5.0 allows remote attackers to execute ...)
+CVE-2003-1260
 	NOT-FOR-US: CuteFTP
-CVE-2003-1259 (Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to ...)
+CVE-2003-1259
 	NOT-FOR-US: CuteFTP
-CVE-2003-1258 (activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows ...)
+CVE-2003-1258
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2003-1257 (find_theni_home.php in E-theni allows remote attackers to obtain ...)
+CVE-2003-1257
 	NOT-FOR-US: E-theni
-CVE-2003-1256 (aff_liste_langue.php in E-theni allows remote attackers to execute ...)
+CVE-2003-1256
 	NOT-FOR-US: E-theni
-CVE-2003-1255 (add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote ...)
+CVE-2003-1255
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2003-1254 (Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute ...)
+CVE-2003-1254
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2003-1253 (PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows ...)
+CVE-2003-1253
 	NOT-FOR-US: Bookmark4U
-CVE-2003-1252 (register.php in S8Forum 3.0 allows remote attackers to execute ...)
+CVE-2003-1252
 	NOT-FOR-US: S8Forum
-CVE-2003-1251 (The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php ...)
+CVE-2003-1251
 	NOT-FOR-US: N/X 2000
-CVE-2003-1250 (Efficient Networks 5861 DSL router, when running firmware 5.3.80 ...)
+CVE-2003-1250
 	NOT-FOR-US: Efficient Networks hardware issue
-CVE-2003-1249 (WebIntelligence 2.7.1 uses guessable user session cookies, which ...)
+CVE-2003-1249
 	NOT-FOR-US: WebIntelligence
-CVE-2003-1248 (H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary ...)
+CVE-2003-1248
 	NOT-FOR-US: WebShell
-CVE-2003-1247 (Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote ...)
+CVE-2003-1247
 	NOT-FOR-US: WebShell
-CVE-2003-1246 (NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver ...)
+CVE-2003-1246
 	NOT-FOR-US: Integrity Protection Driver
-CVE-2003-1245 (index2.php in Mambo 4.0.12 allows remote attackers to gain ...)
+CVE-2003-1245
 	NOT-FOR-US: Mambo
-CVE-2003-1244 (SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and ...)
+CVE-2003-1244
 	- phpbb2 <not-affected> (Fixed before upload into archive; 2.0.3)
-CVE-2003-1243 (Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote ...)
+CVE-2003-1243
 	NOT-FOR-US: Sage
-CVE-2003-1242 (Sage 1.0 b3 allows remote attackers to obtain the root web server path ...)
+CVE-2003-1242
 	NOT-FOR-US: Sage
-CVE-2003-1241 (Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) ...)
+CVE-2003-1241
 	NOT-FOR-US: MyGuestbook
-CVE-2003-1240 (PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote ...)
+CVE-2003-1240
 	NOT-FOR-US: CuteNews
-CVE-2003-1239 (Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 ...)
+CVE-2003-1239
 	NOT-FOR-US: WihPhoto
-CVE-2003-1238 (Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and ...)
+CVE-2003-1238
 	NOT-FOR-US: Nuked-Klan
-CVE-2003-1237 (Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and ...)
+CVE-2003-1237
 	NOT-FOR-US: WWWBoard
-CVE-2003-1236 (Multiple format string vulnerabilities in the logger function in ...)
+CVE-2003-1236
 	NOT-FOR-US: Tanne
-CVE-2003-1235 (BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server ...)
+CVE-2003-1235
 	NOT-FOR-US: BRW WebWeaver
-CVE-2003-1234 (Integer overflow in the f_count counter in FreeBSD before 4.2 through ...)
+CVE-2003-1234
 	NOT-FOR-US: Old FreeBSD bug, should be fixed wrt the KFreeBSD port
-CVE-2003-1233 (Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier ...)
+CVE-2003-1233
 	NOT-FOR-US: Integrity Protection Driver
 CVE-2003-XXXX [fuzz: Insecure temp file usage]
 	- fuzz 0.6-7.1 (bug #183047)
 CVE-2003-XXXX [Insecure temp files in lilo]
 	- lilo 1:22.4-1 (bug #173238; bug #292073; low)
-CVE-2003-1232 (Emacs 21.2.1 does not prompt or warn the user before executing Lisp ...)
+CVE-2003-1232
 	- emacs21 21.3-1 (bug #286183; medium)
-CVE-2003-1231 (Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5 ...)
+CVE-2003-1231
 	NOT-FOR-US: ECW-Shop
-CVE-2003-1230 (The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through ...)
+CVE-2003-1230
 	NOT-FOR-US: (FreeBSD)
 	NOTE: old freebsd, before it was introduced in Debian
-CVE-2003-1229 (X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and ...)
+CVE-2003-1229
 	NOT-FOR-US: Sun JSSE and JRE
-CVE-2003-1228 (Buffer overflow in the prepare_reply function in request.c for Mathopd ...)
+CVE-2003-1228
 	- mathopd 1.5b14
-CVE-2003-1227 (PHP remote file include vulnerability in index.php for Gallery 1.4 and ...)
+CVE-2003-1227
 	- gallery 1.4.1
-CVE-2003-1226 (BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets ...)
+CVE-2003-1226
 	NOT-FOR-US: BEA
-CVE-2003-1225 (The default CredentialMapper for BEA WebLogic Server and Express 7.0 ...)
+CVE-2003-1225
 	NOT-FOR-US: BEA
-CVE-2003-1224 (Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 ...)
+CVE-2003-1224
 	NOT-FOR-US: BEA
-CVE-2003-1223 (The Node Manager for BEA WebLogic Express and Server 6.1 through 8.1 ...)
+CVE-2003-1223
 	NOT-FOR-US: BEA
-CVE-2003-1222 (BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a ...)
+CVE-2003-1222
 	NOT-FOR-US: BEA
-CVE-2003-1221 (BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain ...)
+CVE-2003-1221
 	NOT-FOR-US: BEA
-CVE-2003-1220 (BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server ...)
+CVE-2003-1220
 	NOT-FOR-US: BEA
-CVE-2003-1219 (Cross-site scripting (XSS) vulnerability in the tep_href_link function ...)
+CVE-2003-1219
 	NOT-FOR-US: osCommerce
 CVE-2003-1218
 	REJECTED
 CVE-2003-1217
 	REJECTED
-CVE-2003-1216 (SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier ...)
+CVE-2003-1216
 	- phpbb2 2.0.8a-1
-CVE-2003-1215 (SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier ...)
+CVE-2003-1215
 	- phpbb2 2.0.8a-1
-CVE-2003-1214 (Unknown vulnerability in the server login for VisualShapers ezContents ...)
+CVE-2003-1214
 	NOT-FOR-US: VisualShapers
-CVE-2003-1213 (The default installation of MaxWebPortal 1.30 stores the portal ...)
+CVE-2003-1213
 	NOT-FOR-US: MaxWebPortal
-CVE-2003-1212 (MaxWebPortal 1.30 allows remote attackers to perform unauthorized ...)
+CVE-2003-1212
 	NOT-FOR-US: MaxWebPortal
-CVE-2003-1211 (Cross-site scripting (XSS) vulnerability in search.asp for ...)
+CVE-2003-1211
 	NOT-FOR-US: PHP-Nuke
-CVE-2003-1210 (Multiple SQL injection vulnerabilities in the Downloads module for ...)
+CVE-2003-1210
 	NOT-FOR-US: MaxWebPortal
-CVE-2003-1209 (The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows ...)
+CVE-2003-1209
 	NOT-FOR-US: Monkey
-CVE-2003-1208 (Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local ...)
+CVE-2003-1208
 	NOT-FOR-US: Oracle
-CVE-2003-1207 (Crob FTP Server 3.5.1 allows remote authenticated users to cause a ...)
+CVE-2003-1207
 	NOT-FOR-US: Crob
-CVE-2003-1206 (Format string vulnerability in Crob FTP Server 2.60.1 allows remote ...)
+CVE-2003-1206
 	NOT-FOR-US: Crob
-CVE-2003-1205 (Crob FTP Server 2.60.1 allows remote authenticated users to cause a ...)
+CVE-2003-1205
 	NOT-FOR-US: Crob
-CVE-2003-1204 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site ...)
+CVE-2003-1204
 	NOT-FOR-US: Mambo
-CVE-2003-1203 (Cross-site scripting (XSS) vulnerability in index.php for Mambo Site ...)
+CVE-2003-1203
 	NOT-FOR-US: Mambo
-CVE-2003-1197 (Cross-site scripting (XSS) vulnerability in index.php for ...)
+CVE-2003-1197
 	NOT-FOR-US: LedForums
-CVE-2003-1168 (HTTP Commander 4.0 allows remote attackers to obtain sensitive ...)
+CVE-2003-1168
 	NOT-FOR-US: HTTP Commander
-CVE-2003-1202 (The checklogin function in omail.pl for omail webmail 0.98.4 and ...)
+CVE-2003-1202
 	NOT-FOR-US: omail webmail
-CVE-2003-1201 (ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for ...)
+CVE-2003-1201
 	- openldap2 2.1.17-1
-CVE-2003-1200 (Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 ...)
+CVE-2003-1200
 	NOT-FOR-US: MDaemon
-CVE-2003-1199 (Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows ...)
+CVE-2003-1199
 	NOT-FOR-US: MyProxy
-CVE-2003-1198 (connection.c in Cherokee web server before 0.4.6 allows remote ...)
+CVE-2003-1198
 	- cherokee 0.4.21b01-1
-CVE-2003-1196 (SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows ...)
+CVE-2003-1196
 	NOT-FOR-US: VieBoard
-CVE-2003-1195 (SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 ...)
+CVE-2003-1195
 	NOT-FOR-US: VieBoard
-CVE-2003-1194 (Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 ...)
+CVE-2003-1194
 	NOT-FOR-US: Booby
-CVE-2003-1193 (Multiple SQL injection vulnerabilities in the Portal DB (1) List of ...)
+CVE-2003-1193
 	NOT-FOR-US: Portal DB
-CVE-2003-1192 (Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote ...)
+CVE-2003-1192
 	NOT-FOR-US: IA WebMail Server
-CVE-2003-1191 (chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a ...)
+CVE-2003-1191
 	NOT-FOR-US: e107
-CVE-2003-1190 (Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through ...)
+CVE-2003-1190
 	NOT-FOR-US: PHPRecipeBook
-CVE-2003-1189 (Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, ...)
+CVE-2003-1189
 	NOT-FOR-US: Nokia IPSO
-CVE-2003-1188 (Unichat allows remote attackers to cause a denial of service (crash) ...)
+CVE-2003-1188
 	NOT-FOR-US: Unichat
-CVE-2003-1187 (Cross-site scripting (XSS) vulnerability in include.php in PHPKIT ...)
+CVE-2003-1187
 	NOT-FOR-US: PHPKIT
-CVE-2003-1186 (Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 ...)
+CVE-2003-1186
 	NOT-FOR-US: TelCondex SimpleWebServer
-CVE-2003-1185 (Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 ...)
+CVE-2003-1185
 	NOT-FOR-US: ThWboard
-CVE-2003-1184 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta ...)
+CVE-2003-1184
 	NOT-FOR-US: ThWboard
-CVE-2003-1183 (The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and ...)
+CVE-2003-1183
 	NOT-FOR-US: Oracle Collaboration Suite
-CVE-2003-1182 (Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows ...)
+CVE-2003-1182
 	NOT-FOR-US: MPM Guestbook
-CVE-2003-1181 (Advanced Poll 2.0.2 allows remote attackers to obtain sensitive ...)
+CVE-2003-1181
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1180 (Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote ...)
+CVE-2003-1180
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1179 (Multiple PHP remote file inclusion vulnerabilities in Advanced Poll ...)
+CVE-2003-1179
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1178 (Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 ...)
+CVE-2003-1178
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1177 (Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before ...)
+CVE-2003-1177
 	NOT-FOR-US: MERCUR Mailserver
-CVE-2003-1176 (post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote ...)
+CVE-2003-1176
 	NOT-FOR-US: Web Wiz Forums
-CVE-2003-1175 (Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 ...)
+CVE-2003-1175
 	NOT-FOR-US: Sympoll
-CVE-2003-1174 (Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users ...)
+CVE-2003-1174
 	NOT-FOR-US: NullSoft Shoutcast Server
-CVE-2003-1173 (Centrinity FirstClass 7.1 allows remote attackers to access sensitive ...)
+CVE-2003-1173
 	NOT-FOR-US: Centrinity FirstClass
-CVE-2003-1172 (Directory traversal vulnerability in the view-source sample file in ...)
+CVE-2003-1172
 	NOT-FOR-US: Apache Software Foundation Cocoon
-CVE-2003-1171 (Heap-based buffer overflow in the sec_filter_out function in ...)
+CVE-2003-1171
 	- libapache-mod-security 1.8.4-1
-CVE-2003-1170 (Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 ...)
+CVE-2003-1170
 	NOT-FOR-US: kpopup
-CVE-2003-1169 (DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for ...)
+CVE-2003-1169
 	NOT-FOR-US: DATEV Nutzungskontrolle
-CVE-2003-1167 (misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing ...)
+CVE-2003-1167
 	NOT-FOR-US: kpopup
-CVE-2003-1166 (Directory traversal vulnerability in (1) Openfile.aspx and (2) ...)
+CVE-2003-1166
 	NOT-FOR-US: HTTP Commander
-CVE-2003-1165 (Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote ...)
+CVE-2003-1165
 	NOT-FOR-US: BRS WebWeaver
-CVE-2003-1164 (Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows ...)
+CVE-2003-1164
 	- mldonkey 2.5.11-1
-CVE-2003-1163 (hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a ...)
+CVE-2003-1163
 	NOT-FOR-US: Ganglia gmond
-CVE-2003-1162 (index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to ...)
+CVE-2003-1162
 	NOT-FOR-US: Tritanium Bulletin Board
-CVE-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, ...)
+CVE-2003-1161
 	- linux-2.6 <not-affected> (Never released, only temporary in Bitkeeper)
-CVE-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to bypass ...)
+CVE-2003-1160
 	NOT-FOR-US: FlexWATCH
-CVE-2003-1159 (Plug and Play Web Server Proxy 1.0002c allows remote attackers to ...)
+CVE-2003-1159
 	NOT-FOR-US: Plug and Play Web Server
-CVE-2003-1158 (Multiple buffer overflows in the FTP service in Plug and Play Web ...)
+CVE-2003-1158
 	NOT-FOR-US: Plug and Play Web Server
-CVE-2003-1157 (Cross-site scripting (XSS) vulnerability in login.asp in Citrix ...)
+CVE-2003-1157
 	NOT-FOR-US: Citrix
-CVE-2003-1156 (Java Runtime Environment (JRE) and Software Development Kit (SDK) ...)
+CVE-2003-1156
 	NOT-FOR-US: Sun JRE/SDK
-CVE-2003-1155 (X-CD-Roast 0.98 alpha10 through alpha14 allows local users to ...)
+CVE-2003-1155
 	- xcdroast 0.98+0alpha15-1 (bug #310046)
-CVE-2003-1154 (MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus ...)
+CVE-2003-1154
 	NOT-FOR-US: MAILsweeper
-CVE-2003-1153 (byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files ...)
+CVE-2003-1153
 	NOT-FOR-US: byteHoard
-CVE-2003-1152 (WebTide 7.04 allows remote attackers to list arbitrary directories via ...)
+CVE-2003-1152
 	NOT-FOR-US: WebTide
-CVE-2003-1151 (Cross-site scripting (XSS) vulnerability in Fastream NETFile Server ...)
+CVE-2003-1151
 	NOT-FOR-US: Fastream
-CVE-2003-1150 (Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare ...)
+CVE-2003-1150
 	NOT-FOR-US: Novell portmapper
-CVE-2003-1149 (Cross-site scripting (XSS) vulnerability in Symantec Norton Internet ...)
+CVE-2003-1149
 	NOT-FOR-US: Symantec Norton Internet Security
-CVE-2003-1148 (Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS ...)
+CVE-2003-1148
 	NOT-FOR-US: Les Visiteurs
 CVE-2003-1147
 	REJECTED
-CVE-2003-1146 (Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo ...)
+CVE-2003-1146
 	NOT-FOR-US: Easy PHP Photo Album
-CVE-2003-1145 (Cross-site scripting (XSS) vulnerability in friendmail.php in ...)
+CVE-2003-1145
 	NOT-FOR-US: OpenAutoClassifieds
-CVE-2003-1144 (Buffer overflow in the log viewing interface in Perception LiteServe ...)
+CVE-2003-1144
 	NOT-FOR-US: Perception LiteServe
-CVE-2003-1143 (Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter ...)
+CVE-2003-1143
 	NOT-FOR-US: Croteam Serious Sam demo
-CVE-2003-1142 (Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows ...)
+CVE-2003-1142
 	NOT-FOR-US: NIPrint LPD-LPR
-CVE-2003-1141 (Buffer overflow in NIPrint 4.10 allows remote attackers to execute ...)
+CVE-2003-1141
 	NOT-FOR-US: NIPrint LPD-LPR
-CVE-2003-1140 (Buffer overflow in Musicqueue 1.2.0 allows local users to execute ...)
+CVE-2003-1140
 	NOT-FOR-US: Musicqueue
-CVE-2003-1139 (Musicqueue 1.2.0 allows local users to overwrite arbitrary files by ...)
+CVE-2003-1139
 	NOT-FOR-US: Musicqueue
-CVE-2003-1138 (The default configuration of Apache 2.0.40, as shipped with Red Hat ...)
+CVE-2003-1138
 	- apache2 <not-affected> (Red Hat specific default config)
-CVE-2003-1137 (Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to ...)
+CVE-2003-1137
 	NOT-FOR-US: sh-httpd
-CVE-2003-1136 (Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook ...)
+CVE-2003-1136
 	NOT-FOR-US: Chi Kien Uong Guestbook
-CVE-2003-1135 (Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to ...)
+CVE-2003-1135
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2003-1134 (Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial ...)
+CVE-2003-1134
 	NOT-FOR-US: Sun JVM
-CVE-2003-1133 (Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts ...)
+CVE-2003-1133
 	NOT-FOR-US: The Bat!
-CVE-2003-1132 (The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, ...)
+CVE-2003-1132
 	NOT-FOR-US: Cisco
-CVE-2003-1131 (PHP remote file inclusion vulnerability in index.php in ...)
+CVE-2003-1131
 	NOT-FOR-US: ActiveCampaign KnowledgeBuilder
 CVE-2003-1130
 	REJECTED
-CVE-2003-1129 (Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ...)
+CVE-2003-1129
 	NOT-FOR-US: Yahoo Audio Conferencing ActiveX control
-CVE-2003-1128 (XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between ...)
+CVE-2003-1128
 	NOT-FOR-US: X2 XMMS Remote
-CVE-2003-1127 (Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers ...)
+CVE-2003-1127
 	NOT-FOR-US: e-Gap
-CVE-2003-1126 (Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on ...)
+CVE-2003-1126
 	NOT-FOR-US: SunOne/iPlanet
-CVE-2003-1125 (Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, ...)
+CVE-2003-1125
 	NOT-FOR-US: SunOne
-CVE-2003-1124 (Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and ...)
+CVE-2003-1124
 	NOT-FOR-US: Sun Management Center
-CVE-2003-1123 (Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows ...)
+CVE-2003-1123
 	NOT-FOR-US: Sun JRE
-CVE-2003-1122 (ScriptLogic 4.01, and possibly other versions before 4.14, uses ...)
+CVE-2003-1122
 	NOT-FOR-US: ScriptLogic
-CVE-2003-1121 (Services in ScriptLogic 4.01, and possibly other versions before 4.14, ...)
+CVE-2003-1121
 	NOT-FOR-US: ScriptLogic
-CVE-2003-1120 (Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the ...)
+CVE-2003-1120
 	NOT-FOR-US: SSH Tectia Server
-CVE-2003-1119 (SSH Secure Shell before 3.2.9 allows remote attackers to cause a ...)
+CVE-2003-1119
 	- openssh <not-affected>
-CVE-2003-1118 (Buffer overflow in the SETI@home client 3.03 and other versions allows ...)
+CVE-2003-1118
 	- setiathome 3.04
-CVE-2003-1117 (Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem ...)
+CVE-2003-1117
 	NOT-FOR-US: RealSystem Server
-CVE-2003-1116 (The communications protocol for the Report Review Agent (RRA), aka FND ...)
+CVE-2003-1116
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2003-1115 (The Session Initiation Protocol (SIP) implementation in Nortel ...)
+CVE-2003-1115
 	NOT-FOR-US: Nortel Networks Succession Communication Server
-CVE-2003-1114 (The Session Initiation Protocol (SIP) implementation in Mediatrix ...)
+CVE-2003-1114
 	NOT-FOR-US: Mediatrix Telecom VoIP Access Devices and Gateways
-CVE-2003-1113 (The Session Initiation Protocol (SIP) implementation in IPTel SIP ...)
+CVE-2003-1113
 	NOT-FOR-US: IPTel SIP Express Router
-CVE-2003-1112 (The Session Initiation Protocol (SIP) implementation in Ingate ...)
+CVE-2003-1112
 	NOT-FOR-US: Ingate Firewall and Ingate SIParator
-CVE-2003-1111 (The Session Initiation Protocol (SIP) implementation in multiple ...)
+CVE-2003-1111
 	NOT-FOR-US: dynamicsoft
-CVE-2003-1110 (The Session Initiation Protocol (SIP) implementation in Columbia SIP ...)
+CVE-2003-1110
 	NOT-FOR-US: Columbia SIP User Agent
-CVE-2003-1109 (The Session Initiation Protocol (SIP) implementation in multiple Cisco ...)
+CVE-2003-1109
 	NOT-FOR-US: Cisco
-CVE-2003-1108 (The Session Initiation Protocol (SIP) implementation in Alcatel ...)
+CVE-2003-1108
 	NOT-FOR-US: Alcatel
-CVE-2003-1107 (The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, ...)
+CVE-2003-1107
 	NOT-FOR-US: Microsoft
-CVE-2003-1106 (The SMTP service in Microsoft Windows 2000 before SP4 allows remote ...)
+CVE-2003-1106
 	NOT-FOR-US: Microsoft
-CVE-2003-1105 (Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 ...)
+CVE-2003-1105
 	NOT-FOR-US: MSIE
-CVE-2003-1104 (Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows ...)
+CVE-2003-1104
 	NOT-FOR-US: IBM Tivoli Firewall Toolbox
-CVE-2003-1103 (SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS ...)
+CVE-2003-1103
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1102 (Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses ...)
+CVE-2003-1102
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1101 (Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to ...)
+CVE-2003-1101
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1100 (Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird ...)
+CVE-2003-1100
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1099 (shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files ...)
+CVE-2003-1099
 	NOT-FOR-US: shar on HP-UX
-CVE-2003-1098 (The Xserver for HP-UX 11.22 was not properly built, which introduced a ...)
+CVE-2003-1098
 	NOT-FOR-US: HP-UX)
-CVE-2003-1097 (Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when ...)
+CVE-2003-1097
 	NOT-FOR-US: HP-UX)
-CVE-2003-1096 (The Cisco LEAP challenge/response authentication mechanism uses ...)
+CVE-2003-1096
 	NOT-FOR-US: Cisco
-CVE-2003-1095 (BEA WebLogic Server and Express 7.0 and 7.0.0.1, when using &quot;memory&quot; ...)
+CVE-2003-1095
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1094 (BEA WebLogic Server and Express version 7.0 SP3 may follow certain ...)
+CVE-2003-1094
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1093 (BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a ...)
+CVE-2003-1093
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1092 (Unknown vulnerability in the &quot;Automatic File Content Type Recognition ...)
+CVE-2003-1092
 	- file 3.4.1
-CVE-2003-1091 (Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin ...)
+CVE-2003-1091
 	NOT-FOR-US: Apple QuickTime/Darwin Streaming Server
-CVE-2003-1090 (Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote ...)
+CVE-2003-1090
 	NOT-FOR-US: AbsoluteTelnet
-CVE-2003-1089 (index.php for Zorum 3.4 allows remote attackers to determine the full ...)
+CVE-2003-1089
 	NOT-FOR-US: Zorum
-CVE-2003-1088 (Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 ...)
+CVE-2003-1088
 	NOT-FOR-US: Zorum
-CVE-2003-1087 (Unknown vulnerability in diagmond and possibly other applications in ...)
+CVE-2003-1087
 	NOT-FOR-US: diagmond on HP-UX
-CVE-2003-1086 (PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine ...)
+CVE-2003-1086
 	NOT-FOR-US: pMachine
-CVE-2003-1085 (The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ...)
+CVE-2003-1085
 	NOT-FOR-US: Thomson cable modem
-CVE-2003-1084 (Monit 1.4 to 4.1 allows remote attackers to cause a denial of service ...)
+CVE-2003-1084
 	- monit 1:4.2.1-1
-CVE-2003-1083 (Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote ...)
+CVE-2003-1083
 	- monit 1:4.2.1-1
-CVE-2003-1082 (Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local ...)
+CVE-2003-1082
 	NOT-FOR-US: Solaris
-CVE-2003-1081 (Aspppls for Solaris 8 allows local users to overwrite arbitrary files ...)
+CVE-2003-1081
 	NOT-FOR-US: Solaris
-CVE-2003-1080 (Unknown vulnerability in mail for Solaris 2.6 through 9 allows local ...)
+CVE-2003-1080
 	NOT-FOR-US: Solaris
-CVE-2003-1079 (Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for ...)
+CVE-2003-1079
 	NOT-FOR-US: Solaris
-CVE-2003-1078 (The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag ...)
+CVE-2003-1078
 	NOT-FOR-US: Solaris
-CVE-2003-1077 (Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging ...)
+CVE-2003-1077
 	NOT-FOR-US: Solaris
-CVE-2003-1076 (Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local ...)
+CVE-2003-1076
 	NOT-FOR-US: Solaris
-CVE-2003-1075 (Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 ...)
+CVE-2003-1075
 	NOT-FOR-US: Solaris
-CVE-2003-1074 (Unknown vulnerability in newtask for Solaris 9 allows local ...)
+CVE-2003-1074
 	NOT-FOR-US: Solaris
-CVE-2003-1073 (A race condition in the at command for Solaris 2.6 through 9 allows ...)
+CVE-2003-1073
 	NOT-FOR-US: Solaris
-CVE-2003-1072 (Memory leak in lofiadm in Solaris 8 allows local users to cause a ...)
+CVE-2003-1072
 	NOT-FOR-US: Solaris
-CVE-2003-1071 (rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users ...)
+CVE-2003-1071
 	NOT-FOR-US: Solaris
-CVE-2003-1070 (Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows ...)
+CVE-2003-1070
 	NOT-FOR-US: Solaris
-CVE-2003-1069 (The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote ...)
+CVE-2003-1069
 	NOT-FOR-US: Solaris
-CVE-2003-1068 (Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local ...)
+CVE-2003-1068
 	NOT-FOR-US: Solaris
-CVE-2003-1067 (Multiple buffer overflows in the (1) dbm_open function, as used in ...)
+CVE-2003-1067
 	NOT-FOR-US: Solaris
-CVE-2003-1066 (Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows ...)
+CVE-2003-1066
 	NOT-FOR-US: Solaris
-CVE-2003-1065 (Unknown vulnerability in patches 108993-14 through 108993-19 and ...)
+CVE-2003-1065
 	NOT-FOR-US: Solaris
-CVE-2003-1064 (Solaris 8 with IPv6 enabled allows remote attackers to cause a denial ...)
+CVE-2003-1064
 	NOT-FOR-US: Solaris
-CVE-2003-1063 (The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) ...)
+CVE-2003-1063
 	NOT-FOR-US: Solaris
-CVE-2003-1062 (Unknown vulnerability in the sysinfo system call for Solaris for SPARC ...)
+CVE-2003-1062
 	NOT-FOR-US: Solaris
-CVE-2003-1061 (Race condition in Solaris 2.6 through 9 allows local users to cause a ...)
+CVE-2003-1061
 	NOT-FOR-US: Solaris
-CVE-2003-1060 (The NFS Server for Solaris 7, 8, and 9 allows remote attackers to ...)
+CVE-2003-1060
 	NOT-FOR-US: Solaris
-CVE-2003-1059 (Unknown vulnerability in the libraries for the PGX32 frame buffer in ...)
+CVE-2003-1059
 	NOT-FOR-US: Solaris
-CVE-2003-1058 (The Xsun server for Sun Solaris 2.6 through 9, when running in Direct ...)
+CVE-2003-1058
 	NOT-FOR-US: Solaris
-CVE-2003-1057 (Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun ...)
+CVE-2003-1057
 	NOT-FOR-US: Solaris
-CVE-2003-1056 (The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to ...)
+CVE-2003-1056
 	NOT-FOR-US: Solaris
-CVE-2003-1055 (Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 ...)
+CVE-2003-1055
 	NOT-FOR-US: Solaris
-CVE-2003-1054 (mod_access_referer 1.0.2 allows remote attackers to cause a denial of ...)
+CVE-2003-1054
 	NOT-FOR-US: mod_access_referer
-CVE-2003-1053 (Multiple buffer overflows in XShisen allow attackers to execute ...)
+CVE-2003-1053
 	- xshisen 1.51-1-1 (bug #213957)
 CVE-2003-1565
 	REJECTED
-CVE-2003-1052 (IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by ...)
+CVE-2003-1052
 	NOT-FOR-US: IBM DB2
-CVE-2003-1051 (Multiple format string vulnerabilities in IBM DB2 Universal Database ...)
+CVE-2003-1051
 	NOT-FOR-US: IBM DB2
-CVE-2003-1050 (Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow ...)
+CVE-2003-1050
 	NOT-FOR-US: IBM DB2
-CVE-2003-1049 (IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS ...)
+CVE-2003-1049
 	NOT-FOR-US: IBM DB2
-CVE-2003-1048 (Double free vulnerability in mshtml.dll for certain versions of ...)
+CVE-2003-1048
 	NOT-FOR-US: microsoft
 CVE-2003-1047
 	REJECTED
-CVE-2003-1046 (describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly ...)
+CVE-2003-1046
 	- bugzilla 2.16.4-1
-CVE-2003-1045 (votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, ...)
+CVE-2003-1045
 	- bugzilla 2.16.4-1
-CVE-2003-1044 (editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is ...)
+CVE-2003-1044
 	- bugzilla 2.16.4-1
-CVE-2003-1043 (SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 ...)
+CVE-2003-1043
 	- bugzilla 2.16.4-1
-CVE-2003-1042 (SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and ...)
+CVE-2003-1042
 	- bugzilla 2.16.4-1
-CVE-2003-1041 (Internet Explorer 5.x and 6.0 allows remote attackers to execute ...)
+CVE-2003-1041
 	NOT-FOR-US: microsoft
-CVE-2003-1040 (kmod in the Linux kernel does not set its uid, suid, gid, or sgid to ...)
+CVE-2003-1040
 	NOTE: linux kernel kmod local DoS, fixed in all current kernels
-CVE-2003-1039 (Multiple buffer overflows in the mySAP.com architecture for SAP allow ...)
+CVE-2003-1039
 	NOT-FOR-US: SAP
-CVE-2003-1038 (The AGate component for SAP Internet Transaction Server (ITS) allows ...)
+CVE-2003-1038
 	NOT-FOR-US: SAP
-CVE-2003-1037 (Format string vulnerability in the WGate component for SAP Internet ...)
+CVE-2003-1037
 	NOT-FOR-US: SAP
-CVE-2003-1036 (Multiple buffer overflows in the AGate component for SAP Internet ...)
+CVE-2003-1036
 	NOT-FOR-US: SAP
-CVE-2003-1035 (The default installation of SAP R/3 46C/D allows remote attackers to ...)
+CVE-2003-1035
 	NOT-FOR-US: SAP
-CVE-2003-1034 (The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) ...)
+CVE-2003-1034
 	NOT-FOR-US: SAP
-CVE-2003-1033 (The (1) instdbmsrv and (2) instlserver programs in SAP DB Development ...)
+CVE-2003-1033
 	NOT-FOR-US: SAP
-CVE-2003-1032 (Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured ...)
+CVE-2003-1032
 	NOT-FOR-US: Pi3Web not in debian
-CVE-2003-1031 (Cross-site scripting (XSS) vulnerability in register.php for vBulletin ...)
+CVE-2003-1031
 	NOT-FOR-US: VBulletin
-CVE-2003-1030 (Buffer overflow in DameWare Mini Remote Control before 3.73 allows ...)
+CVE-2003-1030
 	NOT-FOR-US: Dameware
-CVE-2003-1029 (The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote ...)
+CVE-2003-1029
 	{DSA-425}
 	- tcpdump 3.8.3-1
 	NOTE: Upstream version 3.8.3 is fixed; may have been fixed earlier.
-CVE-2003-1028 (The download function of Internet Explorer 6 SP1 allows remote ...)
+CVE-2003-1028
 	NOT-FOR-US: microsoft
-CVE-2003-1027 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct ...)
+CVE-2003-1027
 	NOT-FOR-US: microsoft
-CVE-2003-1026 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass ...)
+CVE-2003-1026
 	NOT-FOR-US: microsoft
-CVE-2003-1025 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof ...)
+CVE-2003-1025
 	NOT-FOR-US: microsoft
-CVE-2003-1024 (Unknown vulnerability in the ls-F builtin function in tcsh on Solaris ...)
+CVE-2003-1024
 	NOT-FOR-US: solaris
-CVE-2003-1023 (Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c ...)
+CVE-2003-1023
 	{DSA-424}
 	- mc 1:4.6.0-4.6.1-pre1-1
-CVE-2003-1021 (The scosession program in OpenServer 5.0.6 and 5.0.7 allows local ...)
+CVE-2003-1021
 	NOT-FOR-US: SCO
-CVE-2003-1020 (The format_send_to_gui function in formats.c for irssi before 0.8.9 ...)
+CVE-2003-1020
 	- irssi-text 0.8.9-0.1
 CVE-2003-1019
 	RESERVED
-CVE-2003-1018 (Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 ...)
+CVE-2003-1018
 	NOT-FOR-US: AIX
-CVE-2003-1017 (Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a ...)
+CVE-2003-1017
 	- flashplugin-nonfree 7.0.25-1
-CVE-2003-1016 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2003-1016
 	NOTE: Multiple vendor MIME quote bypass filtering
-CVE-2003-1015 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2003-1015
 	- mime-tools 5.411-2
-CVE-2003-1014 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2003-1014
 	NOTE: Multiple vendor MIME RFC822 comment bypass filtering
-CVE-2003-1013 (The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows ...)
+CVE-2003-1013
 	{DSA-407}
 	- ethereal 0.10.0-1
-CVE-2003-1012 (The SMB dissector in Ethereal before 0.10.0 allows remote attackers to ...)
+CVE-2003-1012
 	{DSA-407}
 	- ethereal 0.10.0-1
-CVE-2003-1011 (Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB ...)
+CVE-2003-1011
 	NOT-FOR-US: Apple
-CVE-2003-1010 (Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and ...)
+CVE-2003-1010
 	NOT-FOR-US: Apple
-CVE-2003-1009 (Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 ...)
+CVE-2003-1009
 	NOT-FOR-US: Apple
-CVE-2003-1008 (Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users ...)
+CVE-2003-1008
 	NOT-FOR-US: Apple
-CVE-2003-1007 (AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not ...)
+CVE-2003-1007
 	NOT-FOR-US: Apple
-CVE-2003-1006 (Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 ...)
+CVE-2003-1006
 	NOT-FOR-US: Apple
-CVE-2003-1005 (The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote ...)
+CVE-2003-1005
 	NOT-FOR-US: Apple
-CVE-2003-1004 (Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN ...)
+CVE-2003-1004
 	NOT-FOR-US: Cisco
-CVE-2003-1003 (Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote ...)
+CVE-2003-1003
 	NOT-FOR-US: Cisco
-CVE-2003-1002 (Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 ...)
+CVE-2003-1002
 	NOT-FOR-US: Cisco
-CVE-2003-1001 (Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco ...)
+CVE-2003-1001
 	NOT-FOR-US: Cisco
-CVE-2003-1000 (xchat 2.0.6 allows remote attackers to cause a denial of service ...)
+CVE-2003-1000
 	- xchat 2.0.7
-CVE-2003-0999 (Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint ...)
+CVE-2003-0999
 	NOT-FOR-US: Solaris
-CVE-2003-0998 (Unknown &quot;potential system security vulnerability&quot; in Computer ...)
+CVE-2003-0998
 	NOT-FOR-US: Computer Associates (CA) Unicenter Remote Control
-CVE-2003-0997 (Unknown &quot;Denial of Service Attack&quot; vulnerability in Computer ...)
+CVE-2003-0997
 	NOT-FOR-US: Computer Associates (CA) Unicenter Remote Control
-CVE-2003-0995 (Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows ...)
+CVE-2003-0995
 	NOT-FOR-US: Microsoft
-CVE-2003-0992 (Cross-site scripting (XSS) vulnerability in the create CGI script for ...)
+CVE-2003-0992
 	- mailman 2.1.3
-CVE-2003-0990 (The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 ...)
+CVE-2003-0990
 	- squirrelmail 1.4.2 (low)
 	NOTE: Only potentially exploitable withexternel GPG Plugin, see
 	NOTE: http://www.securityfocus.com/archive/1/348366
 	NOTE: The potential problems have been fixed as of 1.4.2
-CVE-2003-0989 (tcpdump before 3.8.1 allows remote attackers to cause a denial of ...)
+CVE-2003-0989
 	{DSA-425}
 	- tcpdump 3.8.1
-CVE-2003-0987 (mod_digest for Apache before 1.3.31 does not properly verify the nonce ...)
+CVE-2003-0987
 	- apache 1.3.29.0.2-5
-CVE-2003-0986 (Various routines for the ppc64 architecture on Linux kernel 2.6 prior ...)
+CVE-2003-0986
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.24)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.2)
-CVE-2003-0984 (Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do ...)
+CVE-2003-0984
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.2)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.24-rc1)
-CVE-2003-0983 (Cisco Unity on IBM servers is shipped with default settings that ...)
+CVE-2003-0983
 	NOT-FOR-US: Cisco
-CVE-2003-0982 (Buffer overflow in the authentication module for Cisco ACNS 4.x before ...)
+CVE-2003-0982
 	NOT-FOR-US: Cisco
-CVE-2003-0981 (FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name ...)
+CVE-2003-0981
 	NOT-FOR-US: visitorbook.pl
-CVE-2003-0980 (Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE ...)
+CVE-2003-0980
 	NOT-FOR-US: visitorbook.pl
-CVE-2003-0979 (FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape ...)
+CVE-2003-0979
 	NOT-FOR-US: visitorbook.pl
-CVE-2003-0978 (Format string vulnerability in gpgkeys_hkp (experimental HKP ...)
+CVE-2003-0978
 	NOT-FOR-US: gpgkeys_hkp
-CVE-2003-0977 (CVS server before 1.11.10 may allow attackers to cause the CVS server ...)
+CVE-2003-0977
 	- cvs 1:1.11.10
-CVE-2003-0976 (NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce ...)
+CVE-2003-0976
 	NOT-FOR-US: netware
-CVE-2003-0975 (Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 ...)
+CVE-2003-0975
 	NOT-FOR-US: MacOS
-CVE-2003-0974 (Applied Watch Command Center allows remote attackers to conduct ...)
+CVE-2003-0974
 	NOT-FOR-US: Applied Watch Command Center
-CVE-2003-0973 (Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x ...)
+CVE-2003-0973
 	{DSA-452}
 	- libapache-mod-python 2:2.7.10-1
-CVE-2003-0972 (Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, ...)
+CVE-2003-0972
 	{DSA-408}
 	- screen 4.0.2-0.1
-CVE-2003-0971 (GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal ...)
+CVE-2003-0971
 	{DSA-429}
 	- gnupg 1.2.4-1
-CVE-2003-0970 (The Network Management Port on Sun Fire B1600 systems allows remote ...)
+CVE-2003-0970
 	NOT-FOR-US: Sun Fire B1600
-CVE-2003-0968 (Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb ...)
+CVE-2003-0968
 	- freeradius 1.0.1 (unimportant)
 	NOTE: freeradius module in question is not built in debian package
-CVE-2003-0967 (rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to ...)
+CVE-2003-0967
 	- freeradius 0.9.2-4
-CVE-2003-0996 (Unknown &quot;System Security Vulnerability&quot; in Computer Associates (CA) ...)
+CVE-2003-0996
 	NOT-FOR-US: Computer Associates (CA) Unicenter Remote Control
-CVE-2003-0965 (Cross-site scripting (XSS) vulnerability in the admin CGI script for ...)
+CVE-2003-0965
 	{DSA-436}
 	- mailman 2.1.4-1
 CVE-2003-0964
 	REJECTED
-CVE-2003-0963 (Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for ...)
+CVE-2003-0963
 	{DSA-406}
 	- lftp 2.6.10-1
-CVE-2003-0962 (Heap-based buffer overflow in rsync before 2.5.7, when running in ...)
+CVE-2003-0962
 	{DSA-404}
 	- rsync 2.5.6-1.1
-CVE-2003-0961 (Integer overflow in the do_brk function for the brk system call in ...)
+CVE-2003-0961
 	{DSA-475 DSA-470 DSA-450 DSA-442 DSA-440 DSA-439 DSA-433 DSA-423 DSA-417 DSA-403}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.23-pre7)
-CVE-2003-0960 (OpenCA before 0.9.1.4 does not use the correct certificate in a chain ...)
+CVE-2003-0960
 	NOT-FOR-US: OpenCA
-CVE-2003-0959 (Multiple integer overflows in the 32bit emulation for AMD64 ...)
+CVE-2003-0959
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21)
 CVE-2003-0958
 	RESERVED
 CVE-2003-0957
 	RESERVED
-CVE-2003-0956 (Multiple race conditions in the handling of O_DIRECT in Linux kernel ...)
+CVE-2003-0956
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.22)
-CVE-2003-0955 (OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of ...)
+CVE-2003-0955
 	NOT-FOR-US: OpenBSD
-CVE-2003-0954 (Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users ...)
+CVE-2003-0954
 	NOT-FOR-US: rcp
 CVE-2003-0953
 	REJECTED
 CVE-2003-0952
 	REJECTED
-CVE-2003-0951 (Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate ...)
+CVE-2003-0951
 	NOT-FOR-US: HP-UX
-CVE-2003-0950 (PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to ...)
+CVE-2003-0950
 	NOT-FOR-US: PeopleSoft PeopleTools
-CVE-2003-0949 (xsok 1.02 does not properly drop privileges before finding and ...)
+CVE-2003-0949
 	{DSA-405}
 	- xsok 1.02-11
-CVE-2003-0948 (Buffer overflow in iwconfig allows local users to execute arbitrary ...)
+CVE-2003-0948
 	- wireless-tools <not-affected> (iwconfig not setuid/setgid in Debian)
-CVE-2003-0947 (Buffer overflow in iwconfig, when installed setuid, allows local users ...)
+CVE-2003-0947
 	- wireless-tools <not-affected> (iwconfig not setuid/setgid in Debian)
-CVE-2003-0946 (Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 ...)
+CVE-2003-0946
 	- clamav 0.65
-CVE-2003-0945 (The Web Database Manager in web-tools for SAP DB before 7.4.03.30 ...)
+CVE-2003-0945
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0944 (Buffer overflow in the WAECHO default service in web-tools in SAP DB ...)
+CVE-2003-0944
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0943 (web-tools in SAP DB before 7.4.03.30 installs several services that ...)
+CVE-2003-0943
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0942 (Buffer overflow in Web Agent Administration service in web-tools for ...)
+CVE-2003-0942
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0941 (web-tools in SAP DB before 7.4.03.30 allows remote attackers to access ...)
+CVE-2003-0941
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0940 (Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB ...)
+CVE-2003-0940
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0939 (eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) ...)
+CVE-2003-0939
 	NOT-FOR-US: SAP database server (SAP DB)
-CVE-2003-0938 (vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows ...)
+CVE-2003-0938
 	NOT-FOR-US: SAP database server (SAP DB)
-CVE-2003-0937 (SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to ...)
+CVE-2003-0937
 	NOT-FOR-US: UnixWare
-CVE-2003-0936 (Symantec PCAnywhere 10.x and 11, when started as a service, allows ...)
+CVE-2003-0936
 	NOT-FOR-US: PCAnywhere
-CVE-2003-0935 (Net-SNMP before 5.0.9 allows a user or community to access data in MIB ...)
+CVE-2003-0935
 	- net-snmp 5.0.9
-CVE-2003-0934 (Symbol Access Portable Data Terminal (PDT) 8100 does not hide the ...)
+CVE-2003-0934
 	NOT-FOR-US: Symbol Access Portable Data Terminal
-CVE-2003-0933 (Buffer overflow in conquest 7.2 and earlier may allow a local user to ...)
+CVE-2003-0933
 	{DSA-398}
 	- conquest 7.2-5
-CVE-2003-0932 (Buffer overflow in omega-rpg 0.90 allows local users to execute ...)
+CVE-2003-0932
 	{DSA-400}
 	- omega-rpg 1:0.90-pa9-11
-CVE-2003-0931 (Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial ...)
+CVE-2003-0931
 	NOT-FOR-US: Sygate Enforcer
-CVE-2003-0930 (Clearswift MAILsweeper before 4.3.15 does not properly detect ...)
+CVE-2003-0930
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0929 (Clearswift MAILsweeper before 4.3.15 does not properly detect and ...)
+CVE-2003-0929
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0928 (Clearswift MAILsweeper before 4.3.15 does not properly detect and ...)
+CVE-2003-0928
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0927 (Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows ...)
+CVE-2003-0927
 	{DSA-407}
 	- ethereal 0.9.16-0.1
-CVE-2003-0926 (Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to ...)
+CVE-2003-0926
 	{DSA-407}
 	- ethereal 0.9.16-0.1
-CVE-2003-0925 (Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers ...)
+CVE-2003-0925
 	{DSA-407}
 	- ethereal 0.9.16-0.1
 CVE-2003-0923
@@ -1413,49 +1413,49 @@ CVE-2003-0916
 	RESERVED
 CVE-2003-0915
 	RESERVED
-CVE-2003-0914 (ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote ...)
+CVE-2003-0914
 	{DSA-409}
 	- bind 1:8.4.3-1
-CVE-2003-0913 (Unknown vulnerability in the Terminal application for Mac OS X 10.3 ...)
+CVE-2003-0913
 	NOT-FOR-US: MacOS
 CVE-2003-0912
 	RESERVED
 CVE-2003-0911
 	RESERVED
-CVE-2003-0910 (The NtSetLdtEntries function in the programming interface for the ...)
+CVE-2003-0910
 	NOT-FOR-US: Windows
-CVE-2003-0909 (Windows XP allows local users to execute arbitrary programs by ...)
+CVE-2003-0909
 	NOT-FOR-US: Windows
-CVE-2003-0908 (The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe ...)
+CVE-2003-0908
 	NOT-FOR-US: Windows
-CVE-2003-0907 (Help and Support Center in Microsoft Windows XP SP1 does not properly ...)
+CVE-2003-0907
 	NOT-FOR-US: Windows
-CVE-2003-0906 (Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) ...)
+CVE-2003-0906
 	NOT-FOR-US: Windows
-CVE-2003-0904 (Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured ...)
+CVE-2003-0904
 	NOT-FOR-US: Windows
-CVE-2003-0902 (Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and ...)
+CVE-2003-0902
 	{DSA-402}
 	- minimalist 2.4-1
-CVE-2003-0901 (Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before ...)
+CVE-2003-0901
 	{DSA-397}
 	- postgresql 7.3.4-1
 	NOTE: 7.3.4-1 was uploaded to unstable in August 2003, well before the
 	NOTE: DSA, that's why the DSA says that unstable is not affected.
-CVE-2003-0900 (Perl 5.8.1 on Fedora Core does not properly initialize the random ...)
+CVE-2003-0900
 	- perl 5.8.2
-CVE-2003-0899 (Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 ...)
+CVE-2003-0899
 	{DSA-396}
 	- thttpd 2.23beta1-2.3
-CVE-2003-0898 (IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, ...)
+CVE-2003-0898
 	NOT-FOR-US: IBM DB2
-CVE-2003-0897 (&quot;Shatter&quot; vulnerability in CommCtl32.dll in Windows XP may allow local ...)
+CVE-2003-0897
 	NOT-FOR-US: microsoft
-CVE-2003-0896 (The loadClass method of the sun.applet.AppletClassLoader class in the ...)
+CVE-2003-0896
 	NOT-FOR-US: Sun/Java
-CVE-2003-0895 (Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local ...)
+CVE-2003-0895
 	NOT-FOR-US: Apple
-CVE-2003-0894 (Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle ...)
+CVE-2003-0894
 	NOT-FOR-US: Oracle
 CVE-2003-0893
 	RESERVED
@@ -1469,43 +1469,43 @@ CVE-2003-0889
 	RESERVED
 CVE-2003-0888
 	RESERVED
-CVE-2003-0887 (ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache ...)
+CVE-2003-0887
 	NOTE: verified Debian is not explitable; we don't put the cache in /tmp
-CVE-2003-0886 (Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier ...)
+CVE-2003-0886
 	{DSA-401}
 	- hylafax 1:4.1.8-1
-CVE-2003-0885 (Xscreensaver 4.14 contains certain debugging code that should have ...)
+CVE-2003-0885
 	- xscreensaver 4.15
 CVE-2003-0884
 	RESERVED
-CVE-2003-0883 (The System Preferences capability in Mac OS X before 10.3 allows local ...)
+CVE-2003-0883
 	NOT-FOR-US: Apple
-CVE-2003-0882 (Mac OS X before 10.3 initializes the TCP timestamp with a constant ...)
+CVE-2003-0882
 	NOT-FOR-US: Apple
-CVE-2003-0881 (Mail in Mac OS X before 10.3, when configured to use MD5 Challenge ...)
+CVE-2003-0881
 	NOT-FOR-US: Apple
-CVE-2003-0880 (Unknown vulnerability in Mac OS X before 10.3 allows local users to ...)
+CVE-2003-0880
 	NOT-FOR-US: Apple
 CVE-2003-0879
 	REJECTED
-CVE-2003-0878 (slpd daemon in Mac OS X before 10.3 allows local users to overwrite ...)
+CVE-2003-0878
 	NOT-FOR-US: Apple
-CVE-2003-0877 (Mac OS X before 10.3 with core files enabled allows local users to ...)
+CVE-2003-0877
 	NOT-FOR-US: Apple
-CVE-2003-0876 (Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute ...)
+CVE-2003-0876
 	NOT-FOR-US: Apple
-CVE-2003-0875 (Symbolic link vulnerability in the slpd script slpd.all_init for ...)
+CVE-2003-0875
 	NOTE: Vulnerable code not shipped in the binary package
 	- openslp 1.0.11a-1 (unimportant)
-CVE-2003-0874 (Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier ...)
+CVE-2003-0874
 	NOT-FOR-US: Deskpro
 CVE-2003-0873
 	REJECTED
-CVE-2003-0872 (Certain scripts in OpenServer before 5.0.6 allow local users to ...)
+CVE-2003-0872
 	NOT-FOR-US: SCO
-CVE-2003-0871 (Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X ...)
+CVE-2003-0871
 	NOT-FOR-US: Apple
-CVE-2003-0870 (Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote ...)
+CVE-2003-0870
 	NOT-FOR-US: Opera
 CVE-2003-0869
 	REJECTED
@@ -1513,153 +1513,153 @@ CVE-2003-0868
 	REJECTED
 CVE-2003-0867
 	REJECTED
-CVE-2003-0866 (The Catalina org.apache.catalina.connector.http package in Tomcat ...)
+CVE-2003-0866
 	{DSA-395}
 	- tomcat4 4.1.24-2
-CVE-2003-0865 (Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r ...)
+CVE-2003-0865
 	{DSA-435}
 	- mpg123 0.59r-15
-CVE-2003-0864 (Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to ...)
+CVE-2003-0864
 	- ircd-irc2 2.10.3p5-1
-CVE-2003-0863 (The php_check_safe_mode_include_dir function in fopen_wrappers.c of ...)
+CVE-2003-0863
 	NOTE: php4, this bug appears not to have been fixed.
 	NOTE: submitted to BTS on libapache-mod-php4
 	NOTE: developer claims there is no problem
 CVE-2003-0862
 	REJECTED
-CVE-2003-0861 (Integer overflows in (1) base64_encode and (2) the GD library for PHP ...)
+CVE-2003-0861
 	- php4 4:4.3.3-1
-CVE-2003-0860 (Buffer overflows in PHP before 4.3.3 have unknown impact and unknown ...)
+CVE-2003-0860
 	- php4 4:4.3.3-1
-CVE-2003-0859 (The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows ...)
+CVE-2003-0859
 	NOTE: affects glibc 2.2.4, Debian uses 2.3.2
-CVE-2003-0858 (Zebra 0.93b and earlier, and quagga before 0.95, allows local users to ...)
+CVE-2003-0858
 	{DSA-415}
 	- quagga 0.96.4x-4
-CVE-2003-0857 (The (1) ipq_read and (2) ipulog_read functions in iptables allow local ...)
+CVE-2003-0857
 	NOT-FOR-US: Data predating security tracker
-CVE-2003-0856 (iproute 2.4.7 and earlier allows local users to cause a denial of ...)
+CVE-2003-0856
 	{DSA-492}
 	- iproute 20010824-13.1
-CVE-2003-0855 (Pan 0.13.3 and earlier allows remote attackers to cause a denial of ...)
+CVE-2003-0855
 	- pan 0.13.4-1
-CVE-2003-0854 (ls in the fileutils or coreutils packages allows local users to ...)
+CVE-2003-0854
 	- coreutils 5.2.1-1
-CVE-2003-0853 (An integer overflow in ls in the fileutils or coreutils packages may ...)
+CVE-2003-0853
 	- coreutils 5.2.1-1
-CVE-2003-0852 (Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 ...)
+CVE-2003-0852
 	- sylpheed-claws 0.9.8claws-1
-CVE-2003-0851 (OpenSSL 0.9.6k allows remote attackers to cause a denial of service ...)
+CVE-2003-0851
 	- openssl096 0.9.6l
-CVE-2003-0850 (The TCP reassembly functionality in libnids before 1.18 allows remote ...)
+CVE-2003-0850
 	{DSA-410}
 	- libnids 1.18-1
-CVE-2003-0849 (Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote ...)
+CVE-2003-0849
 	- cfengine2 2.0.9+2.1.0b3-1
-CVE-2003-0848 (Heap-based buffer overflow in main.c of slocate 2.6, and possibly ...)
+CVE-2003-0848
 	{DSA-428}
 	- slocate 2.7-3
-CVE-2003-0847 (SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows ...)
+CVE-2003-0847
 	NOT-FOR-US: SuSE
-CVE-2003-0846 (SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro ...)
+CVE-2003-0846
 	NOT-FOR-US: SuSE
-CVE-2003-0845 (Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 ...)
+CVE-2003-0845
 	NOT-FOR-US: JBoss
-CVE-2003-0844 (mod_gzip 1.3.26.1a and earlier, and possibly later official versions, ...)
+CVE-2003-0844
 	- libapache-mod-gzip <unfixed> (unimportant)
 	NOTE: Debian doesn't enable vulnerable debug mode.
-CVE-2003-0843 (Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a ...)
+CVE-2003-0843
 	- libapache-mod-gzip <unfixed> (unimportant)
 	NOTE: Debian doesn't enable vulnerable debug mode.
-CVE-2003-0842 (Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a ...)
+CVE-2003-0842
 	- libapache-mod-gzip <unfixed> (unimportant)
 	NOTE: Debian doesn't enable vulnerable debug mode.
-CVE-2003-0841 (The grid option in PeopleSoft 8.42 stores temporary .xls files in ...)
+CVE-2003-0841
 	NOT-FOR-US: Peoplesoft
-CVE-2003-0840 (Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other ...)
+CVE-2003-0840
 	NOT-FOR-US: HPUX
-CVE-2003-0839 (Directory traversal vulnerability in the &quot;Shell Folders&quot; capability in ...)
+CVE-2003-0839
 	NOT-FOR-US: microsoft
-CVE-2003-0838 (Internet Explorer allows remote attackers to bypass zone restrictions ...)
+CVE-2003-0838
 	NOT-FOR-US: microsoft
-CVE-2003-0837 (Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for ...)
+CVE-2003-0837
 	NOT-FOR-US: IBM DB2
-CVE-2003-0836 (Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before ...)
+CVE-2003-0836
 	NOT-FOR-US: IBM DB2
-CVE-2003-0835 (Multiple buffer overflows in asf_http_request of MPlayer before 0.92 ...)
+CVE-2003-0835
 	NOTE: mplayer fixed before upload
-CVE-2003-0834 (Buffer overflow in CDE libDtHelp library allows local users to execute ...)
+CVE-2003-0834
 	NOT-FOR-US: CDE
-CVE-2003-0833 (Stack-based buffer overflow in webfs before 1.20 allows attackers to ...)
+CVE-2003-0833
 	{DSA-392}
 	- webfs 1.20
-CVE-2003-0832 (Directory traversal vulnerability in webfs before 1.20 allows remote ...)
+CVE-2003-0832
 	{DSA-392}
 	- webfs 1.20
-CVE-2003-0831 (ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline ...)
+CVE-2003-0831
 	- proftpd 1.2.9-1
-CVE-2003-0830 (Buffer overflow in marbles 1.0.2 and earlier allows local users to ...)
+CVE-2003-0830
 	{DSA-390}
 	- marbles <removed>
 CVE-2003-0829
 	RESERVED
-CVE-2003-0828 (Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local ...)
+CVE-2003-0828
 	{DSA-391}
 	- freesweep 0.88-4.1 (bug #242616)
-CVE-2003-0827 (The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote ...)
+CVE-2003-0827
 	NOT-FOR-US: IBM DB2
-CVE-2003-0826 (lsh daemon (lshd) does not properly return from certain functions in ...)
+CVE-2003-0826
 	{DSA-717-1}
 	- lsh-utils 1.4.2-6
-CVE-2003-0824 (Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in ...)
+CVE-2003-0824
 	NOT-FOR-US: microsoft
-CVE-2003-0823 (Internet Explorer 6 SP1 and earlier allows remote attackers to direct ...)
+CVE-2003-0823
 	NOT-FOR-US: microsoft
-CVE-2003-0822 (Buffer overflow in the debug functionality in fp30reg.dll of Microsoft ...)
+CVE-2003-0822
 	NOT-FOR-US: microsoft
-CVE-2003-0821 (Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute ...)
+CVE-2003-0821
 	NOT-FOR-US: microsoft
-CVE-2003-0820 (Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites ...)
+CVE-2003-0820
 	NOT-FOR-US: microsoft
-CVE-2003-0819 (Buffer overflow in the H.323 filter of Microsoft Internet Security and ...)
+CVE-2003-0819
 	NOT-FOR-US: microsoft
-CVE-2003-0818 (Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as ...)
+CVE-2003-0818
 	NOT-FOR-US: microsoft
-CVE-2003-0817 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass ...)
+CVE-2003-0817
 	NOT-FOR-US: microsoft
-CVE-2003-0816 (Internet Explorer 6 SP1 and earlier allows remote attackers to bypass ...)
+CVE-2003-0816
 	NOT-FOR-US: microsoft
-CVE-2003-0815 (Internet Explorer 6 SP1 and earlier allows remote attackers to bypass ...)
+CVE-2003-0815
 	NOT-FOR-US: microsoft
-CVE-2003-0814 (Internet Explorer 6 SP1 and earlier allows remote attackers to bypass ...)
+CVE-2003-0814
 	NOT-FOR-US: microsoft
-CVE-2003-0813 (A multi-threaded race condition in the Windows RPC DCOM functionality ...)
+CVE-2003-0813
 	NOT-FOR-US: microsoft
-CVE-2003-0812 (Stack-based buffer overflow in a logging function for Windows ...)
+CVE-2003-0812
 	NOT-FOR-US: microsoft
 CVE-2003-0811
 	RESERVED
 CVE-2003-0810
 	RESERVED
-CVE-2003-0809 (Internet Explorer 5.01 through 6.0 does not properly handle object ...)
+CVE-2003-0809
 	NOT-FOR-US: microsoft
 CVE-2003-0808
 	RESERVED
-CVE-2003-0807 (Buffer overflow in the COM Internet Services and in the RPC over HTTP ...)
+CVE-2003-0807
 	NOT-FOR-US: microsoft
-CVE-2003-0806 (Buffer overflow in the Windows logon process (winlogon) in Microsoft ...)
+CVE-2003-0806
 	NOT-FOR-US: microsoft
-CVE-2003-0805 (Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x ...)
+CVE-2003-0805
 	{DSA-387}
 	- gopher 3.0.6
 	NOTE: gopherd was removed from the gopher package in version 3.0.6.
-CVE-2003-0804 (The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before ...)
+CVE-2003-0804
 	NOT-FOR-US: BSD
-CVE-2003-0803 (Nokia Electronic Documentation (NED) 5.0 allows remote attackers to ...)
+CVE-2003-0803
 	NOT-FOR-US: Nokia
-CVE-2003-0802 (Nokia Electronic Documentation (NED) 5.0 allows remote attackers to ...)
+CVE-2003-0802
 	NOT-FOR-US: Nokia
-CVE-2003-0801 (Cross-site scripting (XSS) vulnerability in Nokia Electronic ...)
+CVE-2003-0801
 	NOT-FOR-US: Nokia
 CVE-2003-0800
 	REJECTED
@@ -1667,512 +1667,512 @@ CVE-2003-0799
 	REJECTED
 CVE-2003-0798
 	REJECTED
-CVE-2003-0797 (Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 ...)
+CVE-2003-0797
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0796 (Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 ...)
+CVE-2003-0796
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0795 (The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, ...)
+CVE-2003-0795
 	{DSA-415}
 	- quagga 0.96.4x-4
-CVE-2003-0794 (GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit ...)
+CVE-2003-0794
 	- gdm 2.4.4.4
-CVE-2003-0793 (GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not ...)
+CVE-2003-0793
 	- gdm 2.4.4.4
-CVE-2003-0792 (Fetchmail 6.2.4 and earlier does not properly allocate memory for long ...)
+CVE-2003-0792
 	- fetchmail 6.2.5
-CVE-2003-0791 (The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and ...)
+CVE-2003-0791
 	- mozilla 2:1.5
 CVE-2003-0790
 	REJECTED
-CVE-2003-0789 (mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not ...)
+CVE-2003-0789
 	- apache2 2.0.48
-CVE-2003-0788 (Unknown vulnerability in the Internet Printing Protocol (IPP) ...)
+CVE-2003-0788
 	- cups 1.1.19
 	- cupsys 1.1.19
-CVE-2003-0787 (The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets ...)
+CVE-2003-0787
 	- openssh 1:3.7.1p2
-CVE-2003-0786 (The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and ...)
+CVE-2003-0786
 	- openssh 1:3.7.1p2
-CVE-2003-0785 (ipmasq before 3.5.12, in certain configurations, may forward packets ...)
+CVE-2003-0785
 	{DSA-389}
 	- ipmasq 3.5.12
-CVE-2003-0784 (Format string vulnerability in tsm for the bos.rte.security fileset on ...)
+CVE-2003-0784
 	NOT-FOR-US: IBM TSM
-CVE-2003-0783 (Multiple buffer overflows in hztty 2.0 allow local users to gain root ...)
+CVE-2003-0783
 	{DSA-385}
 	- hztty 2.0-6
-CVE-2003-0782 (Multiple buffer overflows in ecartis before 1.0.0 allow attackers to ...)
+CVE-2003-0782
 	{DSA-467}
 	- ecartis 1.0.0+cvs.20030911
-CVE-2003-0781 (Unknown vulnerability in ecartis before 1.0.0 does not properly ...)
+CVE-2003-0781
 	{DSA-467}
 	- ecartis 1.0.0+cvs.20030911
-CVE-2003-0780 (Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL ...)
+CVE-2003-0780
 	{DSA-381}
 	- mysql-dfsg 4.0.15-1
-CVE-2003-0779 (SQL injection vulnerability in the Call Detail Record (CDR) logging ...)
+CVE-2003-0779
 	- asterisk 0.7.0
-CVE-2003-0778 (saned in sane-backends 1.0.7 and earlier, and possibly later versions, ...)
+CVE-2003-0778
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0777 (saned in sane-backends 1.0.7 and earlier, when debug messages are ...)
+CVE-2003-0777
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0776 (saned in sane-backends 1.0.7 and earlier does not properly &quot;check the ...)
+CVE-2003-0776
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0775 (saned in sane-backends 1.0.7 and earlier calls malloc with an ...)
+CVE-2003-0775
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0774 (saned in sane-backends 1.0.7 and earlier does not quickly handle ...)
+CVE-2003-0774
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0773 (saned in sane-backends 1.0.7 and earlier does not check the IP address ...)
+CVE-2003-0773
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0772 (Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated ...)
+CVE-2003-0772
 	NOT-FOR-US: WS_FTP server
-CVE-2003-0771 (Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary ...)
+CVE-2003-0771
 	- libapache-gallery-perl 0.7
-CVE-2003-0770 (FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not ...)
+CVE-2003-0770
 	NOT-FOR-US: IkonBoard
-CVE-2003-0769 (Cross-site scripting (XSS) vulnerability in the ICQ Web Front ...)
+CVE-2003-0769
 	NOT-FOR-US: ICQ Web Front
-CVE-2003-0768 (Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site ...)
+CVE-2003-0768
 	NOT-FOR-US: microsoft
-CVE-2003-0767 (Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, ...)
+CVE-2003-0767
 	NOT-FOR-US: RogerWilco
-CVE-2003-0766 (Multiple heap-based buffer overflows in FTP Desktop client 3.5, and ...)
+CVE-2003-0766
 	NOT-FOR-US: ftp desktop (windows)
-CVE-2003-0765 (The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, ...)
+CVE-2003-0765
 	NOT-FOR-US: winamp
-CVE-2003-0764 (Escapade Scripting Engine (ESP) allows remote attackers to obtain ...)
+CVE-2003-0764
 	NOT-FOR-US: Escapade Scripting Engine (ESP
-CVE-2003-0763 (Cross-site scripting (XSS) vulnerability in Escapade Scripting Engine ...)
+CVE-2003-0763
 	NOT-FOR-US: Escapade Scripting Engine (ESP
-CVE-2003-0762 (Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 ...)
+CVE-2003-0762
 	NOT-FOR-US: foxweb
-CVE-2003-0761 (Buffer overflow in the get_msg_text of chan_sip.c in the Session ...)
+CVE-2003-0761
 	- asterisk 0.5.0
-CVE-2003-0760 (Blubster 2.5 allows remote attackers to cause a denial of service ...)
+CVE-2003-0760
 	NOT-FOR-US: optisoft blubster
-CVE-2003-0759 (Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before ...)
+CVE-2003-0759
 	NOT-FOR-US: IBM DB2
-CVE-2003-0758 (Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before ...)
+CVE-2003-0758
 	NOT-FOR-US: IBM DB2
-CVE-2003-0757 (Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers ...)
+CVE-2003-0757
 	NOT-FOR-US: check point firewall
-CVE-2003-0756 (Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder ...)
+CVE-2003-0756
 	NOT-FOR-US: sitebuilder
-CVE-2003-0755 (Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows ...)
+CVE-2003-0755
 	NOT-FOR-US: gtkftpd
-CVE-2003-0754 (nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass ...)
+CVE-2003-0754
 	NOT-FOR-US: newsPHP
-CVE-2003-0753 (nphpd.php in newsPHP 216 and earlier allows remote attackers to read ...)
+CVE-2003-0753
 	NOT-FOR-US: newsPHP
-CVE-2003-0752 (SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and ...)
+CVE-2003-0752
 	NOT-FOR-US: AttilaPHP
-CVE-2003-0751 (SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and ...)
+CVE-2003-0751
 	NOT-FOR-US: PY-Membres
-CVE-2003-0750 (secure.php in PY-Membres 4.2 and earlier allows remote attackers to ...)
+CVE-2003-0750
 	NOT-FOR-US: PY-Membres
-CVE-2003-0749 (Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet ...)
+CVE-2003-0749
 	NOT-FOR-US: SAP
-CVE-2003-0748 (Directory traversal vulnerability in wgate.dll for SAP Internet ...)
+CVE-2003-0748
 	NOT-FOR-US: SAP
-CVE-2003-0747 (wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 ...)
+CVE-2003-0747
 	NOT-FOR-US: SAP
-CVE-2003-0746 (Various Distributed Computing Environment (DCE) implementations, ...)
+CVE-2003-0746
 	NOT-FOR-US: Distributed Computing Environment (DCE) not in Deb
-CVE-2003-0745 (SNMPc 6.0.8 and earlier performs authentication to the server on the ...)
+CVE-2003-0745
 	NOT-FOR-US: castlerock SNMPc
-CVE-2003-0744 (The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote ...)
+CVE-2003-0744
 	- leafnode 1.9.42
-CVE-2003-0743 (Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 ...)
+CVE-2003-0743
 	{DSA-376}
 	- exim 3.36-8
-CVE-2003-0742 (SCO Internet Manager (mana) allows local users to execute arbitrary ...)
+CVE-2003-0742
 	NOT-FOR-US: SCO
 CVE-2003-0741
 	REJECTED
-CVE-2003-0740 (Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor ...)
+CVE-2003-0740
 	- stunnel 2:3.26 (bug #278942)
 	- stunnel4 2:4.04
-CVE-2003-0739 (VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows ...)
+CVE-2003-0739
 	NOT-FOR-US: VMware
-CVE-2003-0738 (The calendar module in phpWebSite 0.9.x and earlier allows remote ...)
+CVE-2003-0738
 	NOT-FOR-US: phpWebSite
-CVE-2003-0737 (The calendar module in phpWebSite 0.9.x and earlier allows remote ...)
+CVE-2003-0737
 	NOT-FOR-US: phpWebSite
-CVE-2003-0736 (Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite ...)
+CVE-2003-0736
 	NOT-FOR-US: phpWebSite
-CVE-2003-0735 (SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x ...)
+CVE-2003-0735
 	NOT-FOR-US: phpWebSite
-CVE-2003-0734 (Unknown vulnerability in the pam_filter mechanism in pam_ldap before ...)
+CVE-2003-0734
 	- libpam-ldap 164-1
 	- libnss-ldap 207-1
-CVE-2003-0733 (Multiple cross-site scripting (XSS) vulnerabilities in WebLogic ...)
+CVE-2003-0733
 	NOT-FOR-US: BEA weblogic
-CVE-2003-0732 (CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows ...)
+CVE-2003-0732
 	NOT-FOR-US: cisco
-CVE-2003-0731 (CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows ...)
+CVE-2003-0731
 	NOT-FOR-US: cisco
-CVE-2003-0730 (Multiple integer overflows in the font libraries for XFree86 4.3.0 ...)
+CVE-2003-0730
 	{DSA-380}
 	- xfree86 4.2.1-12
-CVE-2003-0729 (Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to ...)
+CVE-2003-0729
 	NOT-FOR-US: tellurian tftpdNT
-CVE-2003-0728 (Horde before 2.2.4 allows remote malicious web sites to steal session ...)
+CVE-2003-0728
 	- horde2 2.2.4
-CVE-2003-0727 (Multiple buffer overflows in the XML Database (XDB) functionality for ...)
+CVE-2003-0727
 	NOT-FOR-US: oracle
-CVE-2003-0726 (RealOne player allows remote attackers to execute arbitrary script in ...)
+CVE-2003-0726
 	NOT-FOR-US: RealOne player
-CVE-2003-0725 (Buffer overflow in the RTSP protocol parser for the View Source ...)
+CVE-2003-0725
 	NOT-FOR-US: Real Networks Server / Helix Server
-CVE-2003-0724 (ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA ...)
+CVE-2003-0724
 	NOT-FOR-US: HP Tru64
-CVE-2003-0723 (Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow ...)
+CVE-2003-0723
 	- gkrellm 2.1.14
-CVE-2003-0722 (The default installation of sadmind on Solaris uses weak ...)
+CVE-2003-0722
 	NOT-FOR-US: solaris
-CVE-2003-0721 (Integer signedness error in rfc2231_get_param from strings.c in PINE ...)
+CVE-2003-0721
 	- pine 4.58
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
-CVE-2003-0720 (Buffer overflow in PINE before 4.58 allows remote attackers to execute ...)
+CVE-2003-0720
 	- pine 4.58
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
-CVE-2003-0719 (Buffer overflow in the Private Communications Transport (PCT) protocol ...)
+CVE-2003-0719
 	NOT-FOR-US: microsoft
-CVE-2003-0718 (The WebDAV Message Handler for Internet Information Services (IIS) ...)
+CVE-2003-0718
 	NOT-FOR-US: microsoft
-CVE-2003-0717 (The Messenger Service for Windows NT through Server 2003 does not ...)
+CVE-2003-0717
 	NOT-FOR-US: microsoft
 CVE-2003-0716
 	RESERVED
-CVE-2003-0715 (Heap-based buffer overflow in the Distributed Component Object Model ...)
+CVE-2003-0715
 	NOT-FOR-US: microsoft
-CVE-2003-0714 (The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 ...)
+CVE-2003-0714
 	NOT-FOR-US: microsoft
 CVE-2003-0713
 	RESERVED
-CVE-2003-0712 (Cross-site scripting (XSS) vulnerability in the HTML encoding for the ...)
+CVE-2003-0712
 	NOT-FOR-US: microsoft
-CVE-2003-0711 (Stack-based buffer overflow in the PCHealth system in the Help and ...)
+CVE-2003-0711
 	NOT-FOR-US: pchealth for windows
 CVE-2003-0710
 	RESERVED
-CVE-2003-0709 (Buffer overflow in the whois client, which is not setuid but is ...)
+CVE-2003-0709
 	- whois 4.6.7
-CVE-2003-0708 (Format string vulnerability in LinuxNode (node) before 0.3.2 may allow ...)
+CVE-2003-0708
 	{DSA-375}
 	- node 0.3.2-1
-CVE-2003-0707 (Buffer overflow in LinuxNode (node) before 0.3.2 allows remote ...)
+CVE-2003-0707
 	{DSA-375}
 	- node 0.3.2-1
-CVE-2003-0706 (Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote ...)
+CVE-2003-0706
 	{DSA-378}
 	- mah-jong 1.5.6-2
-CVE-2003-0705 (Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers ...)
+CVE-2003-0705
 	{DSA-378}
 	- mah-jong 1.5.6-2
-CVE-2003-0704 (KisMAC before 0.05d trusts user-supplied variables when chown'ing ...)
+CVE-2003-0704
 	NOT-FOR-US: KisMAC for Mac OS X
-CVE-2003-0703 (KisMAC before 0.05d trusts user-supplied variables to load arbitrary ...)
+CVE-2003-0703
 	NOT-FOR-US: KisMAC for Mac OS X
-CVE-2003-0702 (Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU ...)
+CVE-2003-0702
 	NOT-FOR-US: microsoft
-CVE-2003-0701 (Buffer overflow in Internet Explorer 6 SP1 for certain languages that ...)
+CVE-2003-0701
 	NOT-FOR-US: microsoft
-CVE-2003-0700 (The C-Media PCI sound driver in Linux before 2.4.22 does not use the ...)
+CVE-2003-0700
 	NOTE: fixed in 2.4.22-pre3
-CVE-2003-0699 (The C-Media PCI sound driver in Linux before 2.4.21 does not use the ...)
+CVE-2003-0699
 	NOTE: fixed in 2.4.21-rc2
 CVE-2003-0698
 	REJECTED
-CVE-2003-0697 (Format string vulnerability in lpd in the bos.rte.printers fileset for ...)
+CVE-2003-0697
 	NOT-FOR-US: AIX
-CVE-2003-0696 (The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close ...)
+CVE-2003-0696
 	NOT-FOR-US: AIX
-CVE-2003-0695 (Multiple &quot;buffer management errors&quot; in OpenSSH before 3.7.1 may allow ...)
+CVE-2003-0695
 	{DSA-383 DSA-382}
 	- openssh 1:3.7.1
-CVE-2003-0694 (The prescan function in Sendmail 8.12.9 allows remote attackers to ...)
+CVE-2003-0694
 	{DSA-384}
 	- sendmail 8.12.10-1
-CVE-2003-0693 (A &quot;buffer management error&quot; in buffer_append_space of buffer.c for ...)
+CVE-2003-0693
 	{DSA-383 DSA-382}
 	- openssh 1:3.6.1p2-6.0
-CVE-2003-0692 (KDM in KDE 3.1.3 and earlier uses a weak session cookie generation ...)
+CVE-2003-0692
 	{DSA-388}
 	- kdebase 4:3.2
 CVE-2003-0691
 	REJECTED
-CVE-2003-0690 (KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred ...)
+CVE-2003-0690
 	{DSA-443 DSA-388}
 	- xfree86 4.3.0-0pre1v2
 	- kdebase 4:3.2
-CVE-2003-0689 (The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows ...)
+CVE-2003-0689
 	- glibc 2.2.5
-CVE-2003-0688 (The DNS map code in Sendmail 8.12.8 and earlier, when using the ...)
+CVE-2003-0688
 	- sendmail 8.12.9
 CVE-2003-0687
 	REJECTED
-CVE-2003-0686 (Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when ...)
+CVE-2003-0686
 	{DSA-374}
 	- libpam-smb <removed>
-CVE-2003-0685 (Buffer overflow in Netris 0.52 and earlier, and possibly other ...)
+CVE-2003-0685
 	{DSA-372}
 	- netris 0.52-1
 CVE-2003-0684
 	REJECTED
-CVE-2003-0683 (NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in ...)
+CVE-2003-0683
 	NOT-FOR-US: SGI
-CVE-2003-0682 (&quot;Memory bugs&quot; in OpenSSH 3.7.1 and earlier, with unknown impact, a ...)
+CVE-2003-0682
 	{DSA-383 DSA-382}
 	- openssh 1:3.6.1p2-9
-CVE-2003-0681 (A &quot;potential buffer overflow in ruleset parsing&quot; for Sendmail 8.12.9, ...)
+CVE-2003-0681
 	{DSA-384}
 	- sendmail 8.12.10-1
-CVE-2003-0680 (Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow ...)
+CVE-2003-0680
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0679 (Unknown vulnerability in the libcpr library for the Checkpoint/Restart ...)
+CVE-2003-0679
 	NOT-FOR-US: SGI IRIX
 CVE-2003-0678
 	REJECTED
-CVE-2003-0677 (Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to ...)
+CVE-2003-0677
 	NOT-FOR-US: Cisco
-CVE-2003-0676 (Directory traversal vulnerability in ViewLog for iPlanet ...)
+CVE-2003-0676
 	NOT-FOR-US: Sun iPlanet
-CVE-2003-0672 (Format string vulnerability in pam-pgsql 0.5.2 and earlier allows ...)
+CVE-2003-0672
 	{DSA-370}
 	- pam-pgsql 0.5.2-7
-CVE-2003-0671 (Format string vulnerability in tcpflow, when used in a setuid context, ...)
+CVE-2003-0671
 	NOT-FOR-US: sustworks IPNetSentryX
-CVE-2003-0670 (Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff ...)
+CVE-2003-0670
 	NOT-FOR-US: sustworks IPNetSentryX
-CVE-2003-0669 (Unknown vulnerability in Solaris 2.6 through 9 causes a denial of ...)
+CVE-2003-0669
 	NOT-FOR-US: solaris
 CVE-2003-0668
 	RESERVED
 CVE-2003-0667
 	RESERVED
-CVE-2003-0666 (Buffer overflow in Microsoft Wordperfect Converter allows remote ...)
+CVE-2003-0666
 	NOT-FOR-US: microsoft
-CVE-2003-0665 (Buffer overflow in the ActiveX control for Microsoft Access Snapshot ...)
+CVE-2003-0665
 	NOT-FOR-US: microsoft
-CVE-2003-0664 (Microsoft Word 2002, 2000, 97, and 98(J) does not properly check ...)
+CVE-2003-0664
 	NOT-FOR-US: microsoft
-CVE-2003-0663 (Unknown vulnerability in the Local Security Authority Subsystem ...)
+CVE-2003-0663
 	NOT-FOR-US: microsoft
-CVE-2003-0662 (Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in ...)
+CVE-2003-0662
 	NOT-FOR-US: microsoft
-CVE-2003-0661 (The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, ...)
+CVE-2003-0661
 	NOT-FOR-US: microsoft
-CVE-2003-0660 (The Authenticode capability in Microsoft Windows NT through Server ...)
+CVE-2003-0660
 	NOT-FOR-US: microsoft
-CVE-2003-0659 (Buffer overflow in a function in User32.dll on Windows NT through ...)
+CVE-2003-0659
 	NOT-FOR-US: microsoft
-CVE-2003-0658 (Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, ...)
+CVE-2003-0658
 	NOT-FOR-US: docview / caldera
-CVE-2003-0657 (Multiple SQL injection vulnerabilities in the infolog module for ...)
+CVE-2003-0657
 	{DSA-365}
 	- phpgroupware 0.9.14.007-1
-CVE-2003-0656 (eroaster before 2.2.0 allows local users to overwrite arbitrary files ...)
+CVE-2003-0656
 	{DSA-366}
 	- eroaster 2.2.0-0.5-1
-CVE-2003-0655 (rscsi in cdrtools 2.01 and earlier allows local users to overwrite ...)
+CVE-2003-0655
 	- cdrtools 4:2.0+a18-1
-CVE-2003-0654 (Buffer overflow in autorespond may allow remote attackers to execute ...)
+CVE-2003-0654
 	{DSA-373}
 	- autorespond 2.0.4-1
-CVE-2003-0653 (The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier ...)
+CVE-2003-0653
 	NOT-FOR-US: NetBSD
-CVE-2003-0652 (Buffer overflow in xtokkaetama allows local users to gain privileges ...)
+CVE-2003-0652
 	{DSA-367}
 	- xtokkaetama 1.0b-9
-CVE-2003-0651 (Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 ...)
+CVE-2003-0651
 	NOT-FOR-US: mod_mylo for apache
-CVE-2003-0650 (Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, ...)
+CVE-2003-0650
 	NOT-FOR-US: gamespy
-CVE-2003-0649 (Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local ...)
+CVE-2003-0649
 	{DSA-368}
 	- xpcd 2.08-9
-CVE-2003-0648 (Multiple buffer overflows in vfte, based on FTE, before 0.50, allow ...)
+CVE-2003-0648
 	{DSA-472}
 	- fte 0.50.0-1.1 (bug #203871)
-CVE-2003-0647 (Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier ...)
+CVE-2003-0647
 	NOT-FOR-US: Cisco
-CVE-2003-0646 (Multiple buffer overflows in ActiveX controls used by Trend Micro ...)
+CVE-2003-0646
 	NOT-FOR-US: ActiveX
-CVE-2003-0645 (man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE ...)
+CVE-2003-0645
 	{DSA-364}
 	- man-db 2.4.1-13
-CVE-2003-0644 (Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc ...)
+CVE-2003-0644
 	- kdbg 1.2.9-1
-CVE-2003-0643 (Integer signedness error in the Linux Socket Filter implementation ...)
+CVE-2003-0643
 	{DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in archive; 2.4.22-pre10)
-CVE-2003-0642 (WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local ...)
+CVE-2003-0642
 	NOT-FOR-US: Watchguard / win
-CVE-2003-0641 (WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local ...)
+CVE-2003-0641
 	NOT-FOR-US: Watchguard / win
-CVE-2003-0640 (BEA WebLogic Server and Express, when using NodeManager to start ...)
+CVE-2003-0640
 	NOT-FOR-US: BEA WebLogic
-CVE-2003-0639 (Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 ...)
+CVE-2003-0639
 	NOT-FOR-US: novell ichain
-CVE-2003-0638 (Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, ...)
+CVE-2003-0638
 	NOT-FOR-US: novell ichain
-CVE-2003-0637 (Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a ...)
+CVE-2003-0637
 	NOT-FOR-US: novell ichain
-CVE-2003-0636 (Novell iChain 2.2 before Support Pack 1 does not properly verify that ...)
+CVE-2003-0636
 	NOT-FOR-US: novell ichain
-CVE-2003-0635 (Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before ...)
+CVE-2003-0635
 	NOT-FOR-US: novell ichain
-CVE-2003-0634 (Stack-based buffer overflow in the PL/SQL EXTPROC functionality for ...)
+CVE-2003-0634
 	NOT-FOR-US: oracle
-CVE-2003-0633 (Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J ...)
+CVE-2003-0633
 	NOT-FOR-US: oracle
-CVE-2003-0632 (Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) ...)
+CVE-2003-0632
 	NOT-FOR-US: oracle
-CVE-2003-0631 (VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 ...)
+CVE-2003-0631
 	NOT-FOR-US: VMware
-CVE-2003-0630 (Multiple buffer overflows in the atari800.svgalib setuid program of ...)
+CVE-2003-0630
 	{DSA-359}
 	- atari800 1.3.1-2
-CVE-2003-0629 (Cross-site scripting (XSS) vulnerability in PeopleSoft IScript ...)
+CVE-2003-0629
 	NOT-FOR-US: peoplesoft
-CVE-2003-0628 (PeopleSoft Gateway Administration servlet (gateway.administration) in ...)
+CVE-2003-0628
 	NOT-FOR-US: peoplesoft
-CVE-2003-0627 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote ...)
+CVE-2003-0627
 	NOT-FOR-US: peoplesoft
-CVE-2003-0626 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote ...)
+CVE-2003-0626
 	NOT-FOR-US: peoplesoft
-CVE-2003-0625 (Off-by-one error in certain versions of xfstt allows remote attackers ...)
+CVE-2003-0625
 	{DSA-360}
 	- xfstt 1.5.1-1
-CVE-2003-0624 (Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for ...)
+CVE-2003-0624
 	NOT-FOR-US: BEA WebLogic
-CVE-2003-0623 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2003-0623
 	NOT-FOR-US: BEA Tuxedo
-CVE-2003-0622 (The Administration Console for BEA Tuxedo 8.1 and earlier allows ...)
+CVE-2003-0622
 	NOT-FOR-US: BEA Tuxedo
-CVE-2003-0621 (The Administration Console for BEA Tuxedo 8.1 and earlier allows ...)
+CVE-2003-0621
 	NOT-FOR-US: BEA Tuxedo
-CVE-2003-0620 (Multiple buffer overflows in man-db 2.4.1 and earlier, when installed ...)
+CVE-2003-0620
 	{DSA-364}
 	- man-db 2.4.1-13
-CVE-2003-0619 (Integer signedness error in the decode_fh function of nfs3xdr.c in ...)
+CVE-2003-0619
 	{DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in archive; 2.4.21-pre3)
-CVE-2003-0618 (Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local ...)
+CVE-2003-0618
 	{DSA-431}
 	- perl 5.8.3-3
-CVE-2003-0617 (mindi 0.58 and earlier does not properly create temporary files, which ...)
+CVE-2003-0617
 	{DSA-362}
 	- mindi 0.86-1
-CVE-2003-0616 (Format string vulnerability in ePO service for McAfee ePolicy ...)
+CVE-2003-0616
 	NOT-FOR-US: McAfee
-CVE-2003-0615 (Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm ...)
+CVE-2003-0615
 	{DSA-371}
 	- perl 5.8.0-19
-CVE-2003-0614 (Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 ...)
+CVE-2003-0614
 	{DSA-355}
 	- gallery 1.3.4-3
-CVE-2003-0613 (Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows ...)
+CVE-2003-0613
 	{DSA-369}
 	- zblast 1.2.1-7
-CVE-2003-0612 (Multiple buffer overflows in main.c for Crafty 19.3 allow local users ...)
+CVE-2003-0612
 	- crafty 19.3-1
-CVE-2003-0611 (Multiple buffer overflows in xtokkaetama 1.0 allow local users to ...)
+CVE-2003-0611
 	{DSA-356}
 	- xtokkaetama 1.0b-8
-CVE-2003-0610 (Directory traversal vulnerability in ePO agent for McAfee ePolicy ...)
+CVE-2003-0610
 	NOT-FOR-US: McAfee
-CVE-2003-0609 (Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris ...)
+CVE-2003-0609
 	NOT-FOR-US: Solaris
 CVE-2003-0608
 	RESERVED
-CVE-2003-0607 (Buffer overflow in xconq 7.4.1 allows local users to become part of ...)
+CVE-2003-0607
 	{DSA-354}
 	- xconq 7.4.1-2.1 (bug #202963)
-CVE-2003-0606 (sup 1.8 and earlier does not properly create temporary files, which ...)
+CVE-2003-0606
 	{DSA-353}
 	- sup 1.8-9
-CVE-2003-0605 (The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote ...)
+CVE-2003-0605
 	NOT-FOR-US: Microsoft
-CVE-2003-0604 (Windows Media Player (WMP) 7 and 8, as running on Internet Explorer ...)
+CVE-2003-0604
 	NOT-FOR-US: Microsoft
-CVE-2003-0603 (Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier ...)
+CVE-2003-0603
 	- bugzilla 2.16.3
-CVE-2003-0602 (Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x ...)
+CVE-2003-0602
 	- bugzilla 2.16.3
-CVE-2003-0601 (Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does ...)
+CVE-2003-0601
 	NOT-FOR-US: Apple
 CVE-2003-0600
 	RESERVED
-CVE-2003-0599 (Unknown vulnerability in the Virtual File System (VFS) capability for ...)
+CVE-2003-0599
 	{DSA-365}
 	- phpgroupware 0.9.14.007-1
 CVE-2003-0598
 	REJECTED
-CVE-2003-0597 (Unknown vulnerability in display of Merge before 5.3.23a in UnixWare ...)
+CVE-2003-0597
 	NOT-FOR-US: Unixware
-CVE-2003-0596 (FDclone 2.00a, and other versions before 2.02a, creates temporary ...)
+CVE-2003-0596
 	{DSA-352}
 	- fdclone 2.04-1
-CVE-2003-0595 (Buffer overflow in WiTango Application Server and Tango 2000 allows ...)
+CVE-2003-0595
 	NOT-FOR-US: WiTango Application Server and Tango 2000
-CVE-2003-0594 (Mozilla allows remote attackers to bypass intended cookie access ...)
+CVE-2003-0594
 	NOTE: cannot find reference to it being fixed.
-CVE-2003-0593 (Opera allows remote attackers to bypass intended cookie access ...)
+CVE-2003-0593
 	NOT-FOR-US: opera
-CVE-2003-0592 (Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers ...)
+CVE-2003-0592
 	{DSA-459}
 	- kdelibs 4:3.1.3-1
 CVE-2003-0591
 	REJECTED
-CVE-2003-0590 (Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote ...)
+CVE-2003-0590
 	NOT-FOR-US: Splatt Forum
-CVE-2003-0589 (admin.php in Digi-ads 1.1 allows remote attackers to bypass ...)
+CVE-2003-0589
 	NOT-FOR-US: Digi-ads
-CVE-2003-0588 (admin.php in Digi-news 1.1 allows remote attackers to bypass ...)
+CVE-2003-0588
 	NOT-FOR-US: Digi-news
-CVE-2003-0587 (Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin ...)
+CVE-2003-0587
 	NOT-FOR-US: Infopop Ultimate Bulletin Board (UBB)
-CVE-2003-0586 (Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain ...)
+CVE-2003-0586
 	NOT-FOR-US: Brooky eStore
-CVE-2003-0585 (SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 ...)
+CVE-2003-0585
 	NOT-FOR-US: Brooky eStore
-CVE-2003-0584 (Format string vulnerability in Backup and Restore Utility for Unix ...)
+CVE-2003-0584
 	NOT-FOR-US: BRU
-CVE-2003-0583 (Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and ...)
+CVE-2003-0583
 	NOT-FOR-US: BRU
 CVE-2003-0582
 	REJECTED
-CVE-2003-0581 (X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to ...)
+CVE-2003-0581
 	{DSA-360}
 	- xfstt 1.5-1
-CVE-2003-0580 (Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier ...)
+CVE-2003-0580
 	NOT-FOR-US: IBM U2 UniVerse
-CVE-2003-0579 (uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the ...)
+CVE-2003-0579
 	NOT-FOR-US: IBM U2 UniVerse
-CVE-2003-0578 (cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and ...)
+CVE-2003-0578
 	NOT-FOR-US: IBM U2 UniVerse
-CVE-2003-0577 (mpg123 0.59r allows remote attackers to cause a denial of service and ...)
+CVE-2003-0577
 	- mpg123 0.59r-1
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2003-0576 (Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and ...)
+CVE-2003-0576
 	NOT-FOR-US: IRIX
-CVE-2003-0575 (Heap-based buffer overflow in the name services daemon (nsd) in SGI ...)
+CVE-2003-0575
 	NOT-FOR-US: IRIX
-CVE-2003-0574 (Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly ...)
+CVE-2003-0574
 	NOT-FOR-US: IRIX
-CVE-2003-0573 (The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and ...)
+CVE-2003-0573
 	NOT-FOR-US: IRIX
-CVE-2003-0572 (Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and ...)
+CVE-2003-0572
 	NOT-FOR-US: IRIX
 CVE-2003-0571
 	REJECTED
@@ -2182,241 +2182,241 @@ CVE-2003-0569
 	REJECTED
 CVE-2003-0568
 	REJECTED
-CVE-2003-0567 (Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause ...)
+CVE-2003-0567
 	NOT-FOR-US: Cisco
 CVE-2003-0566
 	RESERVED
-CVE-2003-0565 (Multiple vulnerabilities in multiple vendor implementations of the ...)
+CVE-2003-0565
 	NOTE: affects many implementations of the X.400 protocol
-CVE-2003-0564 (Multiple vulnerabilities in multiple vendor implementations of the ...)
+CVE-2003-0564
 	NOTE: affects multiple S/MIME implementations
 	NOTE: checked current mozilla, which contains safe NSS 3.9.1
 	- mozilla 2:1.7.3
 CVE-2003-0563
 	RESERVED
-CVE-2003-0562 (Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 ...)
+CVE-2003-0562
 	NOT-FOR-US: Novell Netware
-CVE-2003-0561 (Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers ...)
+CVE-2003-0561
 	NOT-FOR-US: IglooFTP
-CVE-2003-0560 (SQL injection vulnerability in shopexd.asp for VP-ASP allows remote ...)
+CVE-2003-0560
 	NOT-FOR-US: VP-ASP
-CVE-2003-0559 (mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows ...)
+CVE-2003-0559
 	NOT-FOR-US: phpforum
-CVE-2003-0558 (Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to ...)
+CVE-2003-0558
 	NOT-FOR-US: LeapFTP
-CVE-2003-0557 (SQL injection vulnerability in login.asp for StoreFront 6.0, and ...)
+CVE-2003-0557
 	NOT-FOR-US: StoreFront
-CVE-2003-0556 (Polycom MGC 25 allows remote attackers to cause a denial of service ...)
+CVE-2003-0556
 	NOT-FOR-US: Polycom MGC
-CVE-2003-0555 (ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of ...)
+CVE-2003-0555
 	NOTE: imagemagick %x exploit failed with 6.0.6.2-1.5
-CVE-2003-0554 (NeoModus Direct Connect 1.0 build 9, and possibly other versions, ...)
+CVE-2003-0554
 	NOT-FOR-US: NeoModus Direct Connect
-CVE-2003-0553 (Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) ...)
+CVE-2003-0553
 	NOT-FOR-US: Netscape
-CVE-2003-0552 (Linux 2.4.x allows remote attackers to spoof the bridge Forwarding ...)
+CVE-2003-0552
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre3)
-CVE-2003-0551 (The STP protocol implementation in Linux 2.4.x does not properly ...)
+CVE-2003-0551
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre3)
-CVE-2003-0550 (The STP protocol, as enabled in Linux 2.4.x, does not provide ...)
+CVE-2003-0550
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre3)
-CVE-2003-0549 (The X Display Manager Control Protocol (XDMCP) support for GDM before ...)
+CVE-2003-0549
 	- gdm 2.4.1.5
-CVE-2003-0548 (The X Display Manager Control Protocol (XDMCP) support for GDM before ...)
+CVE-2003-0548
 	- gdm 2.4.1.5
-CVE-2003-0547 (GDM before 2.4.1.6, when using the &quot;examine session errors&quot; feature, ...)
+CVE-2003-0547
 	- gdm 2.4.1.5
-CVE-2003-0546 (up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, ...)
+CVE-2003-0546
 	NOT-FOR-US: up2date
-CVE-2003-0545 (Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to ...)
+CVE-2003-0545
 	{DSA-394 DSA-393}
 	- openssl 0.9.7c
 	- openssl096 0.9.6k
-CVE-2003-0544 (OpenSSL 0.9.6 and 0.9.7 does not properly track the number of ...)
+CVE-2003-0544
 	{DSA-394 DSA-393}
 	- openssl 0.9.7c
 	- openssl096 0.9.6k
-CVE-2003-0543 (Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to ...)
+CVE-2003-0543
 	{DSA-394 DSA-393}
 	- openssl 0.9.7c
 	- openssl096 0.9.6k
-CVE-2003-0542 (Multiple stack-based buffer overflows in (1) mod_alias and (2) ...)
+CVE-2003-0542
 	- apache2 2.0.48
 	- apache 1.3.29
-CVE-2003-0541 (gtkhtml before 1.1.10, as used in Evolution, allows remote attackers ...)
+CVE-2003-0541
 	{DSA-710-1}
 	- evolution <not-affected> (Does not affect evolution on debian)
 	- gtkhtml 1.0.4-6.2
-CVE-2003-0540 (The address parser code in Postfix 1.1.12 and earlier allows remote ...)
+CVE-2003-0540
 	{DSA-363}
 	- postfix 1.1.12
-CVE-2003-0539 (skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and ...)
+CVE-2003-0539
 	{DSA-343}
 	- skk 10.62a-6
 	- ddskk 12.1.cvs.20030622-1
-CVE-2003-0538 (The mailcap file for mozart 1.2.5 and earlier causes Oz applications ...)
+CVE-2003-0538
 	{DSA-342}
 	- mozart 1.2.5.20030212-2
-CVE-2003-0537 (The liece Emacs IRC client 2.0+0.20030527 and earlier creates ...)
+CVE-2003-0537
 	{DSA-341}
 	- liece 2.0+0.20030527cvs-1
-CVE-2003-0536 (Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows ...)
+CVE-2003-0536
 	{DSA-346}
 	- phpsysinfo 2.1-1
-CVE-2003-0535 (Buffer overflow in xbl 1.0k and earlier allows local users to gain ...)
+CVE-2003-0535
 	{DSA-345}
 	- xbl 1.0k-6
 CVE-2003-0534
 	RESERVED
-CVE-2003-0533 (Stack-based buffer overflow in certain Active Directory service ...)
+CVE-2003-0533
 	NOT-FOR-US: Microsoft
-CVE-2003-0532 (Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine ...)
+CVE-2003-0532
 	NOT-FOR-US: Microsoft
-CVE-2003-0531 (Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to ...)
+CVE-2003-0531
 	NOT-FOR-US: Microsoft
-CVE-2003-0530 (Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer ...)
+CVE-2003-0530
 	NOT-FOR-US: Microsoft
 CVE-2003-0529
 	RESERVED
-CVE-2003-0528 (Heap-based buffer overflow in the Distributed Component Object Model ...)
+CVE-2003-0528
 	NOT-FOR-US: Microsoft
 CVE-2003-0527
 	RESERVED
-CVE-2003-0526 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2003-0526
 	NOT-FOR-US: Microsoft
-CVE-2003-0525 (The getCanonicalPath function in Windows NT 4.0 may free memory that ...)
+CVE-2003-0525
 	NOT-FOR-US: Microsoft
-CVE-2003-0524 (Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary ...)
+CVE-2003-0524
 	- qt-x11-free <not-affected> (appears specific to the knoppix CD)
-CVE-2003-0523 (Cross-site scripting (XSS) vulnerability in msg.asp for certain ...)
+CVE-2003-0523
 	NOT-FOR-US: ProductCart
-CVE-2003-0522 (Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 ...)
+CVE-2003-0522
 	NOT-FOR-US: ProductCart
-CVE-2003-0521 (Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote ...)
+CVE-2003-0521
 	NOT-FOR-US: cPanel is not our cpanel
-CVE-2003-0520 (Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a ...)
+CVE-2003-0520
 	NOT-FOR-US: Cerulean Trillian
-CVE-2003-0519 (Certain versions of Internet Explorer 5 and 6, in certain Windows ...)
+CVE-2003-0519
 	NOT-FOR-US: Microsoft
-CVE-2003-0518 (The screen saver in MacOS X allows users with physical access to cause ...)
+CVE-2003-0518
 	NOT-FOR-US: MacOS
-CVE-2003-0517 (faxrunqd.in in mgetty 1.1.28 and earlier allows local users to ...)
+CVE-2003-0517
 	- mgetty 1.1.29 (bug #199351)
-CVE-2003-0516 (cnd.c in mgetty 1.1.28 and earlier does not properly filter ...)
+CVE-2003-0516
 	- mgetty 1.1.29 (bug #199351)
-CVE-2003-0515 (SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL ...)
+CVE-2003-0515
 	{DSA-347}
 	- teapop 0.3.5-2
-CVE-2003-0514 (Apple Safari allows remote attackers to bypass intended cookie access ...)
+CVE-2003-0514
 	NOT-FOR-US: Safari
-CVE-2003-0513 (Microsoft Internet Explorer allows remote attackers to bypass intended ...)
+CVE-2003-0513
 	NOT-FOR-US: MSIE
-CVE-2003-0512 (Cisco IOS 12.2 and earlier generates a &quot;% Login invalid&quot; message ...)
+CVE-2003-0512
 	NOT-FOR-US: Cisco
-CVE-2003-0511 (The web server for Cisco Aironet AP1x00 Series Wireless devices ...)
+CVE-2003-0511
 	NOT-FOR-US: Cisco
-CVE-2003-0510 (Format string vulnerability in ezbounce 1.0 through 1.50 allows remote ...)
+CVE-2003-0510
 	NOT-FOR-US: ezbounce
-CVE-2003-0509 (SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier ...)
+CVE-2003-0509
 	NOT-FOR-US: Cyberstrong eShop
-CVE-2003-0508 (Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat ...)
+CVE-2003-0508
 	NOT-FOR-US: acroread
-CVE-2003-0507 (Stack-based buffer overflow in Active Directory in Windows 2000 before ...)
+CVE-2003-0507
 	NOT-FOR-US: Microsoft
-CVE-2003-0506 (Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to ...)
+CVE-2003-0506
 	NOT-FOR-US: Microsoft
-CVE-2003-0505 (Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 ...)
+CVE-2003-0505
 	NOT-FOR-US: Microsoft
-CVE-2003-0504 (Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware ...)
+CVE-2003-0504
 	{DSA-365}
 	- phpgroupware 0.9.14.007-1
-CVE-2003-0503 (Buffer overflow in the ShellExecute API function of SHELL32.DLL in ...)
+CVE-2003-0503
 	NOT-FOR-US: Microsoft
-CVE-2003-0502 (Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote ...)
+CVE-2003-0502
 	NOT-FOR-US: Apple Quicktime
-CVE-2003-0501 (The /proc filesystem in Linux allows local users to obtain sensitive ...)
+CVE-2003-0501
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre10)
-CVE-2003-0500 (SQL injection vulnerability in the PostgreSQL authentication module ...)
+CVE-2003-0500
 	{DSA-338}
 	- proftpd 1.2.8-8
-CVE-2003-0499 (Mantis 0.17.5 and earlier stores its database password in cleartext in ...)
+CVE-2003-0499
 	{DSA-335}
 	- mantis 0.17.5-6
-CVE-2003-0498 (Cach&#233; Database 5.x installs the /cachesys/csp directory with insecure ...)
+CVE-2003-0498
 	NOT-FOR-US: Intersystems Cache database
-CVE-2003-0497 (Cach&#233; Database 5.x installs /cachesys/bin/cache with world-writable ...)
+CVE-2003-0497
 	NOT-FOR-US: Intersystems Cache database
-CVE-2003-0496 (Microsoft SQL Server before Windows 2000 SP4 allows local users to ...)
+CVE-2003-0496
 	NOT-FOR-US: Microsoft
-CVE-2003-0495 (Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote ...)
+CVE-2003-0495
 	NOT-FOR-US: lednews; not in debian
-CVE-2003-0494 (password.asp in Snitz Forums 3.4.03 and earlier allows remote ...)
+CVE-2003-0494
 	NOT-FOR-US: snitz forums; not in debian
-CVE-2003-0493 (Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as ...)
+CVE-2003-0493
 	NOT-FOR-US: snitz forums; not in debian
-CVE-2003-0492 (Cross-site scripting (XSS) vulnerability in search.asp for Snitz ...)
+CVE-2003-0492
 	NOT-FOR-US: snitz forums; not in debian
-CVE-2003-0491 (The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers ...)
+CVE-2003-0491
 	NOT-FOR-US: Xoops
-CVE-2003-0490 (The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, ...)
+CVE-2003-0490
 	NOT-FOR-US: Dantz Retrospect
-CVE-2003-0489 (tcptraceroute 1.4 and earlier does not fully drop privileges after ...)
+CVE-2003-0489
 	{DSA-330}
 	- tcptraceroute 1.4-4
-CVE-2003-0488 (Multiple cross-site scripting (XSS) vulnerabilities in Kerio ...)
+CVE-2003-0488
 	NOT-FOR-US: Kerio Mail server
-CVE-2003-0487 (Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote ...)
+CVE-2003-0487
 	NOT-FOR-US: Kerio Mail server
-CVE-2003-0486 (SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and ...)
+CVE-2003-0486
 	- phpbb2 2.0.6
-CVE-2003-0485 (Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows ...)
+CVE-2003-0485
 	NOT-FOR-US: Progress 4GL Compiler
-CVE-2003-0484 (Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB ...)
+CVE-2003-0484
 	- phpbb2 2.0.6d-3
-CVE-2003-0483 (Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium ...)
+CVE-2003-0483
 	NOT-FOR-US: XMB Forum
-CVE-2003-0482 (TUTOS 1.1 allows remote attackers to execute arbitrary code by ...)
+CVE-2003-0482
 	- tutos 1.1.20030715-1
-CVE-2003-0481 (Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow ...)
+CVE-2003-0481
 	- tutos 1.1.20030715-1
-CVE-2003-0480 (VMware Workstation 4.0 for Linux allows local users to overwrite ...)
+CVE-2003-0480
 	NOT-FOR-US: VMware
-CVE-2003-0479 (Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS ...)
+CVE-2003-0479
 	NOT-FOR-US: WebBBS; not in debian
-CVE-2003-0478 (Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, ...)
+CVE-2003-0478
 	NOT-FOR-US: bahamut and other irc daemons; not in debian
-CVE-2003-0477 (wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial ...)
+CVE-2003-0477
 	- wzdftpd 0.2
-CVE-2003-0476 (The execve system call in Linux 2.4.x records the file descriptor of ...)
+CVE-2003-0476
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre4)
-CVE-2003-0475 (Directory traversal vulnerability in iWeb Server 2 allows remote ...)
+CVE-2003-0475
 	NOT-FOR-US: iWeb server
-CVE-2003-0474 (Directory traversal vulnerability in iWeb Server allows remote ...)
+CVE-2003-0474
 	NOT-FOR-US: iWeb server
-CVE-2003-0473 (Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes ...)
+CVE-2003-0473
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0472 (The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a ...)
+CVE-2003-0472
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0471 (Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers ...)
+CVE-2003-0471
 	NOT-FOR-US: webadmin / win
-CVE-2003-0470 (Buffer overflow in the &quot;RuFSI Utility Class&quot; ActiveX control (aka ...)
+CVE-2003-0470
 	NOT-FOR-US: symantec activex
-CVE-2003-0469 (Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows ...)
+CVE-2003-0469
 	NOT-FOR-US: microsoft
-CVE-2003-0468 (Postfix 1.1.11 and earlier allows remote attackers to use Postfix to ...)
+CVE-2003-0468
 	{DSA-363}
 	- postfix 1.1.12
-CVE-2003-0467 (Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux ...)
+CVE-2003-0467
 	NOTE: fixed in linux 2.4.21
-CVE-2003-0466 (Off-by-one error in the fb_realpath() function, as derived from the ...)
+CVE-2003-0466
 	{DSA-357}
 	- wu-ftpd 2.6.2-12
-CVE-2003-0465 (The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the ...)
+CVE-2003-0465
 	- linux-2.6 <not-affected> (Generic C version fixed in 2.6.x)
 	NOTE: generic .c version fixed in 2.6.x but not in 2.4.x
 	NOTE: arch specific asm versions:
@@ -2425,655 +2425,655 @@ CVE-2003-0465 (The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pa
 	NOTE: not an issue on alpha, see bug #280492
 	- kernel-source-2.4.27 2.4.27-8
 	NOTE: above fixes s390x, ppc64 and s390 and generic C version
-CVE-2003-0464 (The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are ...)
+CVE-2003-0464
 	NOTE: fixed in linux 2.4.22-pre8
 CVE-2003-0463
 	REJECTED
-CVE-2003-0462 (A race condition in the way env_start and env_end pointers are ...)
+CVE-2003-0462
 	{DSA-423 DSA-358}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.1)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre10)
-CVE-2003-0461 (/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of ...)
+CVE-2003-0461
 	{DSA-423 DSA-358}
 	[sarge] - kernel-source-2.6.8 <not-affected> (Fixed before upload into archive; 2.6.1)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.1)
 	- kernel-source-2.4.27 2.4.27-1
-CVE-2003-0460 (The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 ...)
+CVE-2003-0460
 	- apache <not-affected> (Affects only Apache for Windows and OS/2)
-CVE-2003-0459 (KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication ...)
+CVE-2003-0459
 	{DSA-361}
 	- kdelibs 4:3.1.3-1
-CVE-2003-0458 (Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and ...)
+CVE-2003-0458
 	NOT-FOR-US: HP
 CVE-2003-0457
 	RESERVED
-CVE-2003-0456 (VisNetic WebSite 3.5 allows remote attackers to obtain the full ...)
+CVE-2003-0456
 	NOT-FOR-US: visnetic website
-CVE-2003-0455 (The imagemagick libmagick library 5.5 and earlier creates temporary ...)
+CVE-2003-0455
 	{DSA-331}
 	- imagemagick 4:5.5.7-1
-CVE-2003-0454 (Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local ...)
+CVE-2003-0454
 	{DSA-334}
 	- xgalaga 2.0.34-22
-CVE-2003-0453 (traceroute-nanog 6.1.1 allows local users to overwrite unauthorized ...)
+CVE-2003-0453
 	{DSA-348}
 	- traceroute-nanog 6.3.6-3
-CVE-2003-0452 (Buffer overflows in osh before 1.7-11 allow local users to execute ...)
+CVE-2003-0452
 	{DSA-329}
 	- osh 1.7-12
-CVE-2003-0451 (Multiple buffer overflows in xbl before 1.0k allow local users to gain ...)
+CVE-2003-0451
 	{DSA-327}
 	- xbl 1.0k-5
-CVE-2003-0450 (Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows ...)
+CVE-2003-0450
 	{DSA-321}
 	- radiusd-cistron 1.6.6-2
-CVE-2003-0449 (Progress Database 9.1 to 9.1D06 trusts user input to find and load ...)
+CVE-2003-0449
 	NOT-FOR-US: progress database
-CVE-2003-0448 (Portmon 1.7 and possibly earlier versions allows local users to read ...)
+CVE-2003-0448
 	NOT-FOR-US: portmon; not in debian
-CVE-2003-0447 (The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and ...)
+CVE-2003-0447
 	NOT-FOR-US: microsoft
-CVE-2003-0446 (Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly ...)
+CVE-2003-0446
 	NOT-FOR-US: microsoft
-CVE-2003-0445 (Buffer overflow in webfs before 1.17.1 allows remote attackers to ...)
+CVE-2003-0445
 	{DSA-328}
 	- webfs 1.20
-CVE-2003-0444 (Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote ...)
+CVE-2003-0444
 	{DSA-337}
 	- gtksee 0.5.6-1
 CVE-2003-0443
 	RESERVED
-CVE-2003-0442 (Cross-site scripting (XSS) vulnerability in the transparent SID ...)
+CVE-2003-0442
 	{DSA-351}
 	- php4 4:4.3.2+rc3-1
-CVE-2003-0441 (Multiple buffer overflows in Orville Write (orville-write) 2.53 and ...)
+CVE-2003-0441
 	{DSA-326}
 	- orville-write 2.54-1
-CVE-2003-0440 (The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and ...)
+CVE-2003-0440
 	{DSA-339}
 	- semi 1.14.5+20030609-1 (bug #223456)
 	- wemi <removed>
 CVE-2003-0439
 	REJECTED
-CVE-2003-0438 (eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local ...)
+CVE-2003-0438
 	{DSA-325}
 	- eldav 0.7.2-1
-CVE-2003-0437 (Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote ...)
+CVE-2003-0437
 	- mnogosearch 3.2.11
-CVE-2003-0436 (Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote ...)
+CVE-2003-0436
 	- mnogosearch 3.2.11
-CVE-2003-0435 (Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier ...)
+CVE-2003-0435
 	{DSA-322}
 	- typespeed 0.4.4
-CVE-2003-0434 (Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 ...)
+CVE-2003-0434
 	- kdegraphics <not-affected> (kdf does not seem to support hyperlinks; so not vulnerable)
 	- gpdf <not-affected> (gpdf 2.8.0 does not seem to be vulnerable)
 	- xpdf 2.02pl1-1
-CVE-2003-0433 (Multiple buffer overflows in gnocatan 0.6.1 and earlier allow ...)
+CVE-2003-0433
 	{DSA-315}
 	- gnocatan 0.8.0-1 (bug #328136)
 	- pioneers <not-affected> (bug #328136)
-CVE-2003-0432 (Ethereal 0.9.12 and earlier does not handle certain strings properly, ...)
+CVE-2003-0432
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0431 (The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not ...)
+CVE-2003-0431
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0430 (The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote ...)
+CVE-2003-0430
 	- ethereal 0.9.13-1
-CVE-2003-0429 (The OSI dissector in Ethereal 0.9.12 and earlier allows remote ...)
+CVE-2003-0429
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0428 (Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal ...)
+CVE-2003-0428
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0427 (Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to ...)
+CVE-2003-0427
 	{DSA-320}
 	- mikmod 3.1.6-6
-CVE-2003-0426 (The installation of Apple QuickTime / Darwin Streaming Server before ...)
+CVE-2003-0426
 	NOT-FOR-US: Apple
-CVE-2003-0425 (Directory traversal vulnerability in Apple QuickTime / Darwin ...)
+CVE-2003-0425
 	NOT-FOR-US: Apple
-CVE-2003-0424 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote ...)
+CVE-2003-0424
 	NOT-FOR-US: Apple
-CVE-2003-0423 (parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before ...)
+CVE-2003-0423
 	NOT-FOR-US: Apple
-CVE-2003-0422 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote ...)
+CVE-2003-0422
 	NOT-FOR-US: Apple
-CVE-2003-0421 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote ...)
+CVE-2003-0421
 	NOT-FOR-US: Apple
-CVE-2003-0420 (Information leak in dsimportexport for Apple Macintosh OS X Server ...)
+CVE-2003-0420
 	NOT-FOR-US: Apple
-CVE-2003-0419 (SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR ...)
+CVE-2003-0419
 	NOT-FOR-US: SMC
-CVE-2003-0418 (The Linux 2.0 kernel IP stack does not properly calculate the size of ...)
+CVE-2003-0418
 	- kernel-source-2.4.27 <not-affected> (Affects only Linux 2.0.x)
 	- linux-2.6 <not-affected> (Affects only Linux 2.0.x)
-CVE-2003-0417 (Directory traversal vulnerability in Son hServer 0.2 allows remote ...)
+CVE-2003-0417
 	NOT-FOR-US: Son hServer
-CVE-2003-0416 (Cross-site scripting (XSS) vulnerability in index.cgi for Bandmin 1.4 ...)
+CVE-2003-0416
 	NOT-FOR-US: bandmin;
-CVE-2003-0415 (Remote PC Access Server 2.2 allows remote attackers to cause a denial ...)
+CVE-2003-0415
 	NOT-FOR-US: Remote PC Access
-CVE-2003-0414 (The installation of Sun ONE Application Server 7.0 for Windows 2000/XP ...)
+CVE-2003-0414
 	NOT-FOR-US: Sun ONE
-CVE-2003-0413 (Cross-site scripting (XSS) vulnerability in the webapps-simple sample ...)
+CVE-2003-0413
 	NOT-FOR-US: Sun ONE
-CVE-2003-0412 (Sun ONE Application Server 7.0 for Windows 2000/XP does not log the ...)
+CVE-2003-0412
 	NOT-FOR-US: Sun ONE
-CVE-2003-0411 (Sun ONE Application Server 7.0 for Windows 2000/XP allows remote ...)
+CVE-2003-0411
 	NOT-FOR-US: Sun ONE
-CVE-2003-0410 (Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to ...)
+CVE-2003-0410
 	NOT-FOR-US: AnalogX proxy
-CVE-2003-0409 (Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote ...)
+CVE-2003-0409
 	NOT-FOR-US: BRS WebWeaver
-CVE-2003-0408 (Buffer overflow in Uptime Client (UpClient) 5.0b7, and possibly other ...)
+CVE-2003-0408
 	NOT-FOR-US: Uptimes Project upclient;
-CVE-2003-0407 (Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows ...)
+CVE-2003-0407
 	- gbatnav 1.0.4-4
-CVE-2003-0406 (PalmVNC 1.40 and earlier stores passwords in plaintext in the ...)
+CVE-2003-0406
 	NOT-FOR-US: PalmVNC
-CVE-2003-0405 (Vignette StoryServer 5 and Vignette V/6 allows remote attackers to ...)
+CVE-2003-0405
 	NOT-FOR-US: Vignette
-CVE-2003-0404 (Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette ...)
+CVE-2003-0404
 	NOT-FOR-US: Vignette
-CVE-2003-0403 (Vignette StoryServer 5 and Vignette V/5 allows remote attackers to ...)
+CVE-2003-0403
 	NOT-FOR-US: Vignette
-CVE-2003-0402 (The default login template (/vgn/login) in Vignette StoryServer 5 and ...)
+CVE-2003-0402
 	NOT-FOR-US: Vignette
-CVE-2003-0401 (Vignette StoryServer and Vignette V/5 allows remote attackers to ...)
+CVE-2003-0401
 	NOT-FOR-US: Vignette
-CVE-2003-0400 (Vignette StoryServer and Vignette V/5 does not properly calculate the ...)
+CVE-2003-0400
 	NOT-FOR-US: Vignette / AIX
-CVE-2003-0399 (Vignette StoryServer 4 and 5, Vignette V/5, and possibly other ...)
+CVE-2003-0399
 	NOT-FOR-US: Vignette StoryServer
-CVE-2003-0398 (Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI ...)
+CVE-2003-0398
 	NOT-FOR-US: Vignette StoryServer
-CVE-2003-0397 (Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 ...)
+CVE-2003-0397
 	NOT-FOR-US: FastTrack network code (Kazaa)
-CVE-2003-0396 (Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if ...)
+CVE-2003-0396
 	- linux-atm 2.4.1
-CVE-2003-0395 (Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute ...)
+CVE-2003-0395
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2003-0394 (objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute ...)
+CVE-2003-0394
 	NOT-FOR-US: BLNews
-CVE-2003-0393 (Privacyware Privatefirewall 3.0 does not block certain incoming ...)
+CVE-2003-0393
 	NOT-FOR-US: Privacyware Privatefirewall
-CVE-2003-0392 (Directory traversal vulnerability in ST FTP Service 3.0 allows remote ...)
+CVE-2003-0392
 	NOT-FOR-US: ST FTP Service (DOS)
-CVE-2003-0391 (Format string vulnerability in Magic WinMail Server 2.3, and possibly ...)
+CVE-2003-0391
 	NOT-FOR-US: Magic WinMail Server
-CVE-2003-0390 (Multiple buffer overflows in Options Parsing Tool (OPT) shared library ...)
+CVE-2003-0390
 	- opt 3.19
-CVE-2003-0389 (Cross-site scripting (XSS) vulnerability in the secure redirect ...)
+CVE-2003-0389
 	NOT-FOR-US: RSA ACE/Agent
-CVE-2003-0388 (pam_wheel in Linux-PAM 0.78, with the trust option enabled and the ...)
+CVE-2003-0388
 	- pam <not-affected> (pam is not vulnerable at all in sarge, according to maintainer)
 	NOTE: From the libc documentation:
 	NOTE: "The user cannot do anything to fool these functions."
 	NOTE: This means that this is not a bug in getlogin.
 CVE-2003-0387
 	RESERVED
-CVE-2003-0386 (OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP ...)
+CVE-2003-0386
 	- openssh 1:3.8p1-1
-CVE-2003-0385 (Buffer overflow in xaos 3.0-23 and earlier, when running setuid, ...)
+CVE-2003-0385
 	{DSA-310}
 	- xaos 3.1r-4
 CVE-2003-0384
 	RESERVED
-CVE-2003-0382 (Buffer overflow in Eterm 0.9.2 allows local users to gain privileges ...)
+CVE-2003-0382
 	{DSA-309}
 	- eterm 0.9.2-1
-CVE-2003-0381 (Multiple vulnerabilities in noweb 2.9 and earlier creates temporary ...)
+CVE-2003-0381
 	{DSA-323}
 	- noweb 2.10c-3.1 (bug #271146)
-CVE-2003-0380 (Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and ...)
+CVE-2003-0380
 	{DSA-314}
 	- atftp 0.6.2
-CVE-2003-0379 (Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X ...)
+CVE-2003-0379
 	NOT-FOR-US: MaxOS
-CVE-2003-0378 (The Kerberos login authentication feature in Mac OS X, when used with ...)
+CVE-2003-0378
 	NOT-FOR-US: MaxOS
-CVE-2003-0377 (SQL injection vulnerability in the web-based administration interface ...)
+CVE-2003-0377
 	NOT-FOR-US: iisPROTECT
-CVE-2003-0376 (Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a ...)
+CVE-2003-0376
 	NOT-FOR-US: Eudora
-CVE-2003-0375 (Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB ...)
+CVE-2003-0375
 	NOT-FOR-US: XMBforum aka Partagium)
-CVE-2003-0374 (Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus ...)
+CVE-2003-0374
 	- nessus-core 2.0.6
-CVE-2003-0373 (Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow ...)
+CVE-2003-0373
 	- nessus-core 2.0.6
-CVE-2003-0372 (Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows ...)
+CVE-2003-0372
 	- nessus-core 2.0.6
-CVE-2003-0371 (Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers ...)
+CVE-2003-0371
 	NOT-FOR-US: Prishtina FTP client
-CVE-2003-0370 (Konqueror Embedded and KDE 2.2.2 and earlier does not validate the ...)
+CVE-2003-0370
 	{DSA-361}
 	- kdelibs 4:3.1.3-1
 CVE-2003-0369
 	RESERVED
-CVE-2003-0368 (Nokia Gateway GPRS support node (GGSN) allows remote attackers to ...)
+CVE-2003-0368
 	NOT-FOR-US: Nokia Gateway GPRS
-CVE-2003-0367 (znew in the gzip package allows local users to overwrite arbitrary ...)
+CVE-2003-0367
 	{DSA-308}
 	- gzip 1.3.5-6
-CVE-2003-0366 (lyskom-server 2.0.7 and earlier allows unauthenticated users to cause ...)
+CVE-2003-0366
 	{DSA-318}
 	- lyskom-server 2.0.7-2
-CVE-2003-0365 (ICQLite 2003a creates the ICQ Lite directory with an ACE for &quot;Full ...)
+CVE-2003-0365
 	NOT-FOR-US: ICQLite
-CVE-2003-0364 (The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows ...)
+CVE-2003-0364
 	{DSA-442 DSA-336 DSA-332 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc6)
-CVE-2003-0363 (Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other ...)
+CVE-2003-0363
 	- licq 1.2-7-1
-CVE-2003-0362 (Buffer overflow in gPS before 0.10.2 may allow local users to cause a ...)
+CVE-2003-0362
 	{DSA-307}
 	- gps 1.1.0-1
-CVE-2003-0361 (gPS before 1.1.0 does not properly follow the rgpsp connection source ...)
+CVE-2003-0361
 	{DSA-307}
 	- gps 1.1.0-1
-CVE-2003-0360 (Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause ...)
+CVE-2003-0360
 	{DSA-307}
 	- gps 1.1.0-1
-CVE-2003-0359 (nethack 3.4.0 and earlier installs certain setgid binaries with ...)
+CVE-2003-0359
 	{DSA-316}
 	- nethack 3.4.1-1
 	- jnethack 1.1.5-15
 	- slashem 0.0.6E4F8-6
-CVE-2003-0358 (Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye ...)
+CVE-2003-0358
 	{DSA-350 DSA-316}
 	- falconseye 1.9.3-9
 	- nethack 3.4.1-1
 	- slashem 0.0.6E4F8-6
 	- jnethack 1.1.5-15
-CVE-2003-0357 (Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and ...)
+CVE-2003-0357
 	{DSA-313}
 	- ethereal 0.9.12-1
-CVE-2003-0356 (Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier ...)
+CVE-2003-0356
 	{DSA-313}
 	- ethereal 0.9.12-1
-CVE-2003-0355 (Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name ...)
+CVE-2003-0355
 	NOT-FOR-US: Safari
-CVE-2003-0354 (Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers ...)
+CVE-2003-0354
 	- gs-gpl 7.07
-CVE-2003-0353 (Buffer overflow in a component of SQL-DMO for Microsoft Data Access ...)
+CVE-2003-0353
 	NOT-FOR-US: Microsoft
-CVE-2003-0352 (Buffer overflow in a certain DCOM interface for RPC in Microsoft ...)
+CVE-2003-0352
 	NOT-FOR-US: Microsoft
 CVE-2003-0351
 	REJECTED
-CVE-2003-0350 (The control for listing accessibility options in the Accessibility ...)
+CVE-2003-0350
 	NOT-FOR-US: Microsoft
-CVE-2003-0349 (Buffer overflow in the streaming media component for logging multicast ...)
+CVE-2003-0349
 	NOT-FOR-US: Microsoft
-CVE-2003-0348 (A certain Microsoft Windows Media Player 9 Series ActiveX control ...)
+CVE-2003-0348
 	NOT-FOR-US: Microsoft
-CVE-2003-0347 (Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual ...)
+CVE-2003-0347
 	NOT-FOR-US: Microsoft
-CVE-2003-0346 (Multiple integer overflows in a Microsoft Windows DirectX MIDI library ...)
+CVE-2003-0346
 	NOT-FOR-US: Microsoft
-CVE-2003-0345 (Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, ...)
+CVE-2003-0345
 	NOT-FOR-US: Microsoft
-CVE-2003-0344 (Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 ...)
+CVE-2003-0344
 	NOT-FOR-US: Microsoft
-CVE-2003-0343 (BlackMoon FTP Server 2.6 Free Edition, and possibly other ...)
+CVE-2003-0343
 	NOT-FOR-US: BlackMoon FTP Server
-CVE-2003-0342 (BlackMoon FTP Server 2.6 Free Edition, and possibly other ...)
+CVE-2003-0342
 	NOT-FOR-US: BlackMoon FTP Server
-CVE-2003-0341 (Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 ...)
+CVE-2003-0341
 	NOT-FOR-US: Owl Intranet Engine
-CVE-2003-0340 (Demarc Puresecure 1.6 stores authentication information for the ...)
+CVE-2003-0340
 	NOT-FOR-US: Puresecure
-CVE-2003-0339 (Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 ...)
+CVE-2003-0339
 	NOT-FOR-US: WsMp3
-CVE-2003-0338 (Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and ...)
+CVE-2003-0338
 	NOT-FOR-US: WsMp3
-CVE-2003-0337 (The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 ...)
+CVE-2003-0337
 	NOT-FOR-US: lsadmin
-CVE-2003-0336 (Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files ...)
+CVE-2003-0336
 	NOT-FOR-US: Eudora
-CVE-2003-0335 (rc.M in Slackware 9.0 calls quotacheck with the -M option, which ...)
+CVE-2003-0335
 	NOT-FOR-US: Slaskware specific
-CVE-2003-0334 (BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a ...)
+CVE-2003-0334
 	- ircii-pana 1:1.0-0c19.20030512-1
-CVE-2003-0333 (Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit ...)
+CVE-2003-0333
 	NOT-FOR-US: C-Kermit on HP-UX
-CVE-2003-0332 (The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier ...)
+CVE-2003-0332
 	NOT-FOR-US: BadBlue
-CVE-2003-0331 (SQL injection vulnerability in ttForum allows remote attackers to ...)
+CVE-2003-0331
 	NOT-FOR-US: ttForum
-CVE-2003-0330 (Buffer overflow in unknown versions of Maelstrom allows local users to ...)
+CVE-2003-0330
 	- maelstrom <not-affected> (Melstrom in Sarge tests not vulnerable to exploit. Unsure when fixed.)
-CVE-2003-0329 (CesarFTP 0.99g stores user names and passwords in plaintext in the ...)
+CVE-2003-0329
 	NOT-FOR-US: CesarFTP
-CVE-2003-0328 (EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later ...)
+CVE-2003-0328
 	{DSA-399 DSA-306}
 	- epic4 1:1.1.11.20030409-2
 	- ircii-pana 1:1.0-0c19-8
-CVE-2003-0327 (Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers ...)
+CVE-2003-0327
 	NOT-FOR-US: Sybase Adaptive Server Enterprise
-CVE-2003-0326 (Integer overflow in parse_decode_path() of slocate may allow attackers ...)
+CVE-2003-0326
 	- slocate <not-affected> (Only an issue if kernel has been recompiled to allow 512 MB of command line arguments)
 	NOTE: Even if exploited, you get only slocate gid.
-CVE-2003-0325 (Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local ...)
+CVE-2003-0325
 	- maelstrom <not-affected> (Melstrom in Sarge tests not vulnerable to exploit. Unsure when fixed.)
-CVE-2003-0324 (Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote ...)
+CVE-2003-0324
 	{DSA-287}
 	- epic4 1:1.1.11.20030409-1
 	- epic 3.004-19
-CVE-2003-0323 (Multiple buffer overflows in ircII 20020912 allows remote malicious ...)
+CVE-2003-0323
 	{DSA-298 DSA-291}
 	- epic4 1:1.1.11.20030409-1
 	- ircii 20030315-1
-CVE-2003-0322 (Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows ...)
+CVE-2003-0322
 	{DSA-306}
 	- ircii-pana 1:1.0-0c19-8
-CVE-2003-0321 (Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier ...)
+CVE-2003-0321
 	{DSA-306}
 	- ircii-pana 1:1.0-0c19-8
-CVE-2003-0320 (header.php in ttCMS 2.3 and earlier allows remote attackers to inject ...)
+CVE-2003-0320
 	NOT-FOR-US: ttCMS
-CVE-2003-0319 (Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax ...)
+CVE-2003-0319
 	NOT-FOR-US: SmartMax MailMax
-CVE-2003-0318 (Cross-site scripting (XSS) vulnerability in the Statistics module for ...)
+CVE-2003-0318
 	NOT-FOR-US: PHP-Nuke
-CVE-2003-0317 (iisPROTECT 2.1 and 2.2 allows remote attackers to bypass ...)
+CVE-2003-0317
 	NOT-FOR-US: iisPROTECT
-CVE-2003-0316 (Venturi Client before 2.2, as used in certain Fourelle and Venturi ...)
+CVE-2003-0316
 	NOT-FOR-US: Venturi Client
-CVE-2003-0315 (Snowblind Web Server 1.0 allows remote attackers to cause a denial of ...)
+CVE-2003-0315
 	NOT-FOR-US: Snowblind Web Server
-CVE-2003-0314 (Snowblind Web Server 1.0 allows remote attackers to cause a denial of ...)
+CVE-2003-0314
 	NOT-FOR-US: Snowblind Web Server
-CVE-2003-0313 (Directory traversal vulnerability in Snowblind Web Server 1.0 allows ...)
+CVE-2003-0313
 	NOT-FOR-US: Snowblind Web Server
-CVE-2003-0312 (Directory traversal vulnerability in Snowblind Web Server 1.0 allows ...)
+CVE-2003-0312
 	NOT-FOR-US: Snowblind Web Server
 CVE-2003-0311
 	RESERVED
-CVE-2003-0310 (Cross-site scripting (XSS) vulnerability in articleview.php for eZ ...)
+CVE-2003-0310
 	- ezpublish 2.2.8-1
-CVE-2003-0309 (Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass ...)
+CVE-2003-0309
 	NOT-FOR-US: MSIE
-CVE-2003-0308 (The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely ...)
+CVE-2003-0308
 	{DSA-305}
 	- sendmail 8.12.9-2
-CVE-2003-0307 (Poster version.two allows remote authenticated users to gain ...)
+CVE-2003-0307
 	NOT-FOR-US: Poster version.two
-CVE-2003-0306 (Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to ...)
+CVE-2003-0306
 	NOT-FOR-US: Windows
-CVE-2003-0305 (The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka ...)
+CVE-2003-0305
 	NOT-FOR-US: Cisco
-CVE-2003-0304 (one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers ...)
+CVE-2003-0304
 	NOT-FOR-US: one||zero (aka One or Zero) Helpdesk
-CVE-2003-0303 (SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk ...)
+CVE-2003-0303
 	NOT-FOR-US: one||zero (aka One or Zero) Helpdesk
-CVE-2003-0302 (The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers ...)
+CVE-2003-0302
 	NOT-FOR-US: Eudora
-CVE-2003-0301 (The IMAP Client for Outlook Express 6.00.2800.1106 allows remote ...)
+CVE-2003-0301
 	NOT-FOR-US: Microsort
-CVE-2003-0300 (The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP ...)
+CVE-2003-0300
 	NOT-FOR-US: Historic Sylpheed issues, only a crasher anyway
-CVE-2003-0299 (The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote ...)
+CVE-2003-0299
 	NOT-FOR-US: Historic mutt and Balsa issues, only a crasher anyway
-CVE-2003-0298 (The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP ...)
+CVE-2003-0298
 	- mozilla 2:1.5-1
 	NOTE: May have been fixed in an earlier version. Not clear how
 	NOTE: Mozilla's a/b versions map to the Debian version.
-CVE-2003-0297 (c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows ...)
+CVE-2003-0297
 	- uw-imap 7:2002c
 	- pine 4.62-1
 	- alpine <not-affected> (this was fixed in pine before alpine was released to the public)
 	NOTE: pine maybe fixed in earlier uploads, 4.62-1 is the sarge version and not vulnerable
-CVE-2003-0296 (The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP ...)
+CVE-2003-0296
 	- evolution 1.3.2
-CVE-2003-0295 (Cross-site scripting (XSS) vulnerability in private.php for vBulletin ...)
+CVE-2003-0295
 	NOT-FOR-US: vBulletin
-CVE-2003-0294 (autohtml.php in php-proxima 6.0 and earlier allows remote attackers to ...)
+CVE-2003-0294
 	NOT-FOR-US: php-proxima
-CVE-2003-0293 (PalmOS allows remote attackers to cause a denial of service (CPU ...)
+CVE-2003-0293
 	NOT-FOR-US: PalmOS
-CVE-2003-0292 (Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server ...)
+CVE-2003-0292
 	NOT-FOR-US: Inktomi
-CVE-2003-0291 (3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly ...)
+CVE-2003-0291
 	NOT-FOR-US: 3com OfficeConnect Remote 812 ADSL Router
-CVE-2003-0290 (Memory leak in eServ 2.9x allows remote attackers to cause a denial of ...)
+CVE-2003-0290
 	NOT-FOR-US: eServ
-CVE-2003-0289 (Format string vulnerability in scsiopen.c of the cdrecord program in ...)
+CVE-2003-0289
 	- cdrtools 4:2.0+a14-1
-CVE-2003-0288 (Buffer overflow in the file &amp; folder transfer mechanism for IP ...)
+CVE-2003-0288
 	NOT-FOR-US: IP Messenger for Win
-CVE-2003-0287 (Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, ...)
+CVE-2003-0287
 	NOT-FOR-US: Movable Type
-CVE-2003-0286 (SQL injection vulnerability in register.asp in Snitz Forums 2000 ...)
+CVE-2003-0286
 	NOT-FOR-US: Snitz Forums
-CVE-2003-0285 (IBM AIX 5.2 and earlier distributes Sendmail with a configuration file ...)
+CVE-2003-0285
 	NOT-FOR-US: bad sendmail config on AIX
-CVE-2003-0284 (Adobe Acrobat 5 does not properly validate JavaScript in PDF files, ...)
+CVE-2003-0284
 	NOT-FOR-US: Adobe Acrobat
-CVE-2003-0283 (Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows ...)
+CVE-2003-0283
 	NOT-FOR-US: Phorum
-CVE-2003-0282 (Directory traversal vulnerability in UnZip 5.50 allows attackers to ...)
+CVE-2003-0282
 	{DSA-344}
 	- unzip 5.50-3
-CVE-2003-0281 (Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and ...)
+CVE-2003-0281
 	- firebird2 1.5.1-1 (bug #251458)
-CVE-2003-0280 (Multiple buffer overflows in the SMTP Service for ESMTP CMailServer ...)
+CVE-2003-0280
 	NOT-FOR-US: SMTP Service for ESMTP CMailServer
-CVE-2003-0279 (Multiple SQL injection vulnerabilities in the Web_Links module for ...)
+CVE-2003-0279
 	NOT-FOR-US: PHP-Nuke
-CVE-2003-0278 (Cross-site scripting (XSS) vulnerability in normal_html.cgi in ...)
+CVE-2003-0278
 	NOT-FOR-US: HappyMail
-CVE-2003-0277 (Directory traversal vulnerability in normal_html.cgi in Happycgi.com ...)
+CVE-2003-0277
 	NOT-FOR-US: HappyMail
-CVE-2003-0276 (Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a ...)
+CVE-2003-0276
 	NOT-FOR-US: Pi3Web
-CVE-2003-0275 (SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary ...)
+CVE-2003-0275
 	NOT-FOR-US: YaBB SE
-CVE-2003-0274 (Buffer overflow in catmail for ListProc 8.2.09 and earlier allows ...)
+CVE-2003-0274
 	NOT-FOR-US: ListProc
-CVE-2003-0273 (Cross-site scripting (XSS) vulnerability in the web interface for ...)
+CVE-2003-0273
 	- request-tracker3.4 <not-affected> (Affects older versions of Request Tracker not in Debian)
-CVE-2003-0272 (admin.php in miniPortail allows remote attackers to gain ...)
+CVE-2003-0272
 	NOT-FOR-US: miniPortail
-CVE-2003-0271 (Buffer overflow in Personal FTP Server allows remote attackers to ...)
+CVE-2003-0271
 	NOT-FOR-US: Personal FTP Server
-CVE-2003-0270 (The administration capability for Apple AirPort 802.11 wireless access ...)
+CVE-2003-0270
 	NOT-FOR-US: Apple Airport
-CVE-2003-0269 (Buffer overflow in youbin allows local users to gain privileges via a ...)
+CVE-2003-0269
 	NOT-FOR-US: youbin
-CVE-2003-0268 (SLWebMail 3 on Windows systems allows remote attackers to identify the ...)
+CVE-2003-0268
 	NOT-FOR-US: SLWebMail on Windows
-CVE-2003-0267 (ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote ...)
+CVE-2003-0267
 	NOT-FOR-US: SLWebMail on Windows
-CVE-2003-0266 (Multiple buffer overflows in SLWebMail 3 on Windows systems allows ...)
+CVE-2003-0266
 	NOT-FOR-US: SLWebMail on Windows
-CVE-2003-0265 (Race condition in SDBINST for SAP database 7.3.0.29 creates critical ...)
+CVE-2003-0265
 	NOT-FOR-US: SDBINST for SAP database
-CVE-2003-0264 (Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers ...)
+CVE-2003-0264
 	NOT-FOR-US: SLMail
-CVE-2003-0263 (Multiple buffer overflows in Floosietek FTGate Pro Mail Server ...)
+CVE-2003-0263
 	NOT-FOR-US: FTGatePro
-CVE-2003-0262 (leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, ...)
+CVE-2003-0262
 	{DSA-299}
 	- leksbot 1.2-5 (bug #186421)
-CVE-2003-0261 (fuzz 0.6 and earlier creates temporary files insecurely, which could ...)
+CVE-2003-0261
 	{DSA-302}
 	- fuzz 0.6-7.1
-CVE-2003-0260 (Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client ...)
+CVE-2003-0260
 	NOT-FOR-US: Cisco
-CVE-2003-0259 (Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client ...)
+CVE-2003-0259
 	NOT-FOR-US: Cisco
-CVE-2003-0258 (Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client ...)
+CVE-2003-0258
 	NOT-FOR-US: Cisco
-CVE-2003-0257 (Format string vulnerability in the printer capability for IBM AIX .3, ...)
+CVE-2003-0257
 	NOT-FOR-US: AIX
-CVE-2003-0256 (The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the ...)
+CVE-2003-0256
 	- kdenetwork 3.2.0
-CVE-2003-0255 (The key validation code in GnuPG before 1.2.2 does not properly ...)
+CVE-2003-0255
 	- gnupg 1.2.2
-CVE-2003-0254 (Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers ...)
+CVE-2003-0254
 	- apache2 2.0.47
-CVE-2003-0253 (The prefork MPM in Apache 2 before 2.0.47 does not properly handle ...)
+CVE-2003-0253
 	- apache2 2.0.47
-CVE-2003-0252 (Off-by-one error in the xlog function of mountd in the Linux NFS utils ...)
+CVE-2003-0252
 	{DSA-349}
 	- nfs-utils 1:1.0.3-2
-CVE-2003-0251 (ypserv NIS server before 2.7 allows remote attackers to cause a denial ...)
+CVE-2003-0251
 	NOTE: actually, we need ypserv 2.7, nis 3.11 has ypserv 2.13
 	- nis 3.11
 CVE-2003-0250
 	RESERVED
-CVE-2003-0249 (** DISPUTED ** ...)
+CVE-2003-0249
 	NOTE: unimportant (php)
-CVE-2003-0248 (The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU ...)
+CVE-2003-0248
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.22-pre10)
 	- linux-2.6 <not-affected>
-CVE-2003-0247 (Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows ...)
+CVE-2003-0247
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc4)
 	- linux-2.6 <not-affected>
-CVE-2003-0246 (The ioperm system call in Linux kernel 2.4.20 and earlier does not ...)
+CVE-2003-0246
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc4)
 	- linux-2.6 <not-affected>
-CVE-2003-0245 (Vulnerability in the apr_psprintf function in the Apache Portable ...)
+CVE-2003-0245
 	- apache2 2.0.46
-CVE-2003-0244 (The route cache implementation in Linux 2.4, and the Netfilter IP ...)
+CVE-2003-0244
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc2)
 	- linux-2.6 <not-affected>
-CVE-2003-0243 (Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute ...)
+CVE-2003-0243
 	NOT-FOR-US: Happycgi.com Happymall
-CVE-2003-0242 (IPSec in Mac OS X before 10.2.6 does not properly handle certain ...)
+CVE-2003-0242
 	NOT-FOR-US: MacOS
-CVE-2003-0241 (FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly ...)
+CVE-2003-0241
 	NOT-FOR-US: FrontRange GoldMine / win
-CVE-2003-0240 (The web-based administration capability for various Axis Network ...)
+CVE-2003-0240
 	NOT-FOR-US: Axis Network Camera
-CVE-2003-0239 (icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a ...)
+CVE-2003-0239
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0238 (The Message Session window in Mirabilis ICQ Pro 2003a allows remote ...)
+CVE-2003-0238
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0237 (The &quot;ICQ Features on Demand&quot; functionality for Mirabilis ICQ Pro 2003a ...)
+CVE-2003-0237
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0236 (Integer signedness errors in the POP3 client for Mirabilis ICQ Pro ...)
+CVE-2003-0236
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0235 (Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a ...)
+CVE-2003-0235
 	NOT-FOR-US: Mirabilis ICQ / windows
 CVE-2003-0234
 	RESERVED
-CVE-2003-0233 (Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, ...)
+CVE-2003-0233
 	NOT-FOR-US: microsoft
-CVE-2003-0232 (Microsoft SQL Server 7, 2000, and MSDE allows local users to execute ...)
+CVE-2003-0232
 	NOT-FOR-US: microsoft
-CVE-2003-0231 (Microsoft SQL Server 7, 2000, and MSDE allows local or remote ...)
+CVE-2003-0231
 	NOT-FOR-US: microsoft
-CVE-2003-0230 (Microsoft SQL Server 7, 2000, and MSDE allows local users to gain ...)
+CVE-2003-0230
 	NOT-FOR-US: microsoft
 CVE-2003-0229
 	RESERVED
-CVE-2003-0228 (Directory traversal vulnerability in Microsoft Windows Media Player ...)
+CVE-2003-0228
 	NOT-FOR-US: microsoft
-CVE-2003-0227 (The logging capability for unicast and multicast transmissions in the ...)
+CVE-2003-0227
 	NOT-FOR-US: microsoft
-CVE-2003-0226 (Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows ...)
+CVE-2003-0226
 	NOT-FOR-US: microsoft
-CVE-2003-0225 (The ASP function Response.AddHeader in Microsoft Internet Information ...)
+CVE-2003-0225
 	NOT-FOR-US: microsoft
-CVE-2003-0224 (Buffer overflow in ssinc.dll for Microsoft Internet Information ...)
+CVE-2003-0224
 	NOT-FOR-US: microsoft
-CVE-2003-0223 (Cross-site scripting vulnerability (XSS) in the ASP function ...)
+CVE-2003-0223
 	NOT-FOR-US: microsoft
-CVE-2003-0222 (Stack-based buffer overflow in Oracle Net Services for Oracle Database ...)
+CVE-2003-0222
 	NOT-FOR-US: oracle
-CVE-2003-0221 (The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and ...)
+CVE-2003-0221
 	NOT-FOR-US: HP tru64
-CVE-2003-0220 (Buffer overflow in the administrator authentication process for Kerio ...)
+CVE-2003-0220
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2003-0219 (Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote ...)
+CVE-2003-0219
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2003-0218 (Buffer overflow in PostMethod() function for Monkey HTTP Daemon ...)
+CVE-2003-0218
 	NOT-FOR-US: Monkey http daemon; not in debian
-CVE-2003-0217 (Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual ...)
+CVE-2003-0217
 	NOT-FOR-US: Neoteris Instant Virtual Extranet
-CVE-2003-0216 (Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to ...)
+CVE-2003-0216
 	NOT-FOR-US: cisco
-CVE-2003-0215 (SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier ...)
+CVE-2003-0215
 	NOT-FOR-US: bttlxeForum / win
-CVE-2003-0214 (run-mailcap in mime-support 3.22 and earlier allows local users to ...)
+CVE-2003-0214
 	{DSA-292}
 	- mime-support 3.23-1
-CVE-2003-0213 (ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote ...)
+CVE-2003-0213
 	{DSA-295}
 	- pptpd 1.1.4-0.b3.2
-CVE-2003-0212 (handleAccept in rinetd before 0.62 does not properly resize the ...)
+CVE-2003-0212
 	{DSA-289}
 	- rinetd 0.61-2
-CVE-2003-0211 (Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial ...)
+CVE-2003-0211
 	- xinetd 1:2.3.11
-CVE-2003-0210 (Buffer overflow in the administration service (CSAdmin) for Cisco ...)
+CVE-2003-0210
 	NOT-FOR-US: cisco
-CVE-2003-0209 (Integer overflow in the TCP stream reassembly module (stream4) for ...)
+CVE-2003-0209
 	{DSA-297}
 	- snort 2.0.0-1
-CVE-2003-0208 (Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user ...)
+CVE-2003-0208
 	NOT-FOR-US: macromedia flash
-CVE-2003-0207 (ps2epsi creates insecure temporary files when calling ghostscript, ...)
+CVE-2003-0207
 	{DSA-286}
 	- gs-common 0.3.3.1
-CVE-2003-0206 (gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote ...)
+CVE-2003-0206
 	{DSA-294}
 	- gkrellm-newsticker <removed>
-CVE-2003-0205 (gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote ...)
+CVE-2003-0205
 	{DSA-294}
 	- gkrellm-newsticker <removed>
-CVE-2003-0204 (KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to ...)
+CVE-2003-0204
 	{DSA-296 DSA-293 DSA-284}
 	- kdebase 4:3.1.0-1
 	- kdegraphics 4:3.1.0-1
-CVE-2003-0203 (Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP ...)
+CVE-2003-0203
 	{DSA-281}
 	- moxftp 2.2-18.20
-CVE-2003-0202 (The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow ...)
+CVE-2003-0202
 	{DSA-279}
 	- metrics <removed>
-CVE-2003-0201 (Buffer overflow in the call_trans2open function in trans2.c for Samba ...)
+CVE-2003-0201
 	{DSA-280}
 	- samba 3.0
 CVE-2003-0200
 	REJECTED
 CVE-2003-0199
 	REJECTED
-CVE-2003-0198 (Mac OS X before 10.2.5 allows guest users to modify the permissions of ...)
+CVE-2003-0198
 	NOT-FOR-US: MacOS
-CVE-2003-0197 (Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local ...)
+CVE-2003-0197
 	NOT-FOR-US: Interbase Database
-CVE-2003-0196 (Multiple buffer overflows in Samba before 2.2.8a may allow remote ...)
+CVE-2003-0196
 	{DSA-280}
 	- samba 3.0
-CVE-2003-0195 (CUPS before 1.1.19 allows remote attackers to cause a denial of ...)
+CVE-2003-0195
 	{DSA-317}
 	- cups 1.1.19final-1
 	- cupsys 1.1.19final-1
-CVE-2003-0194 (tcpdump does not properly drop privileges to the pcap user when ...)
+CVE-2003-0194
 	- tcpdump <not-affected> (Apparently a Red Hat specific compilation packaging flaw)
-CVE-2003-0193 (msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users ...)
+CVE-2003-0193
 	{DSA-575-1}
 	- catdoc 0.91.5-2
-CVE-2003-0192 (Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache ...)
+CVE-2003-0192
 	- apache2 2.0.47
-CVE-2003-0190 (OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support ...)
+CVE-2003-0190
 	- openssh 1:3.8.1p1-8.sarge.4 (bug #196413)
-CVE-2003-0189 (The authentication module for Apache 2.0.40 through 2.0.45 on Unix ...)
+CVE-2003-0189
 	- apache2 2.0.46
-CVE-2003-0188 (lv reads a .lv file from the current working directory, which allows ...)
+CVE-2003-0188
 	{DSA-304}
 	- lv 4.49.5-2
-CVE-2003-0187 (The connection tracking core of Netfilter for Linux 2.4.20, with ...)
+CVE-2003-0187
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.21)
 CVE-2003-0186
 	RESERVED
@@ -3085,281 +3085,281 @@ CVE-2003-0183
 	RESERVED
 CVE-2003-0182
 	RESERVED
-CVE-2003-0181 (Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote ...)
+CVE-2003-0181
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0180 (Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote ...)
+CVE-2003-0180
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0179 (Buffer overflow in the COM Object Control Handler for Lotus Domino ...)
+CVE-2003-0179
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0178 (Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 ...)
+CVE-2003-0178
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0177 (SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does ...)
+CVE-2003-0177
 	NOT-FOR-US: IRIX
-CVE-2003-0176 (The Name Service Daemon (nsd), when running on an NIS master on SGI ...)
+CVE-2003-0176
 	NOT-FOR-US: IRIX
-CVE-2003-0175 (SGI IRIX before 6.5.21 allows local users to cause a denial of service ...)
+CVE-2003-0175
 	NOT-FOR-US: IRIX
-CVE-2003-0174 (The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not ...)
+CVE-2003-0174
 	NOT-FOR-US: IRIX
-CVE-2003-0173 (xfsdq in xfsdump does not create quota information files securely, ...)
+CVE-2003-0173
 	{DSA-283}
 	- xfsdump 2.2.8-1
-CVE-2003-0172 (Buffer overflow in openlog function for PHP 4.3.1 on Windows operating ...)
+CVE-2003-0172
 	- php4 <not-affected> (Non-issue; see http://marc.info/?l=bugtraq&m=104931415307111&w=2)
-CVE-2003-0171 (DirectoryServices in MacOS X trusts the PATH environment variable to ...)
+CVE-2003-0171
 	NOT-FOR-US: MacOS
-CVE-2003-0170 (Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use ...)
+CVE-2003-0170
 	NOT-FOR-US: AIX
-CVE-2003-0169 (hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before ...)
+CVE-2003-0169
 	NOT-FOR-US: HP Instant TopTools
-CVE-2003-0168 (Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows ...)
+CVE-2003-0168
 	NOT-FOR-US: Apple QuickTime Player
-CVE-2003-0167 (Multiple off-by-one buffer overflows in the IMAP capability for Mutt ...)
+CVE-2003-0167
 	{DSA-300 DSA-274}
 	- balsa 2.0.10
 	- mutt 1.4.0
-CVE-2003-0166 (Integer signedness error in emalloc() function for PHP before 4.3.2 ...)
+CVE-2003-0166
 	- php4 <not-affected> (Non-issue; see http://marc.info/?l=bugtraq&m=104931415307111&w=2)
-CVE-2003-0165 (Format string vulnerability in Eye Of Gnome (EOG) allows attackers to ...)
+CVE-2003-0165
 	- eog 2.2.1
 CVE-2003-0164
 	RESERVED
-CVE-2003-0163 (decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does ...)
+CVE-2003-0163
 	- gaim-encryption <not-affected> (fixed before first upload; 1.16)
-CVE-2003-0162 (Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote ...)
+CVE-2003-0162
 	{DSA-271}
 	- ecartis 1.0.0+cvs.20030321-1
-CVE-2003-0161 (The prescan() function in the address parser (parseaddr.c) in Sendmail ...)
+CVE-2003-0161
 	{DSA-290 DSA-278}
 	- sendmail-wide 8.12.9+3.5Wbeta-1
 	- sendmail 8.12.9-1
-CVE-2003-0160 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail ...)
+CVE-2003-0160
 	- squirrelmail 1:1.2.11
-CVE-2003-0159 (Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and ...)
+CVE-2003-0159
 	- ethereal 0.9.10
 CVE-2003-0158
 	REJECTED
 CVE-2003-0157
 	REJECTED
-CVE-2003-0156 (Directory traversal vulnerability in Cross-Referencing Linux (LXR) ...)
+CVE-2003-0156
 	{DSA-264}
 	- lxr 0.3-4
-CVE-2003-0155 (bonsai Mozilla CVS query tool allows remote attackers to gain access ...)
+CVE-2003-0155
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0154 (Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query ...)
+CVE-2003-0154
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0153 (bonsai Mozilla CVS query tool leaks the absolute pathname of the tool ...)
+CVE-2003-0153
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0152 (Unknown vulnerability in bonsai Mozilla CVS query tool allows remote ...)
+CVE-2003-0152
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0151 (BEA WebLogic Server and Express 6.0 through 7.0 does not properly ...)
+CVE-2003-0151
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-0150 (MySQL 3.23.55 and earlier creates world-writeable files and allows ...)
+CVE-2003-0150
 	- mysql <removed>
-CVE-2003-0149 (Heap-based buffer overflow in ePO agent for McAfee ePolicy ...)
+CVE-2003-0149
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2003-0148 (The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 ...)
+CVE-2003-0148
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2003-0147 (OpenSSL does not use RSA blinding by default, which allows local and ...)
+CVE-2003-0147
 	{DSA-288}
 	- openssl 0.9.7b-1
 	- openssl096 0.9.6j-1
-CVE-2003-0146 (Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly ...)
+CVE-2003-0146
 	{DSA-263}
 	- lpr 1:2000.05.07-4.20
 	- netpbm-free 2:9.20-9
-CVE-2003-0144 (Buffer overflow in the lprm command in the lprold lpr package on SuSE ...)
+CVE-2003-0144
 	{DSA-275 DSA-267}
 	- lpr 1:2000.05.07-4.20
 	- lpr-ppd 1:0.72-3
-CVE-2003-0142 (Adobe Acrobat Reader (acroread) 6, under certain circumstances when ...)
+CVE-2003-0142
 	NOT-FOR-US: acroread
-CVE-2003-0141 (The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, ...)
+CVE-2003-0141
 	NOT-FOR-US: Real
-CVE-2003-0140 (Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up ...)
+CVE-2003-0140
 	{DSA-268}
 	- mutt 1.5.4-1
-CVE-2003-0139 (Certain weaknesses in the implementation of version 4 of the Kerberos ...)
+CVE-2003-0139
 	{DSA-273 DSA-266}
 	- krb4 1.2.2-1
 	- krb5 1.2.7-3
-CVE-2003-0138 (Version 4 of the Kerberos protocol (krb4), as used in Heimdal and ...)
+CVE-2003-0138
 	{DSA-273 DSA-269 DSA-266}
 	- krb4 1.2.2-1
 	- heimdal 0.5.2-1
 	- krb5 1.2.7-3
-CVE-2003-0137 (SNMP daemon in the DX200 based network element for Nokia Serving GPRS ...)
+CVE-2003-0137
 	NOT-FOR-US: Nokia Serving GPRS support node
-CVE-2003-0136 (psbanner in the LPRng package allows local users to overwrite ...)
+CVE-2003-0136
 	{DSA-285}
 	- lprng 3.8.20-4.
-CVE-2003-0135 (vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP ...)
+CVE-2003-0135
 	- vsftpd <not-affected> (Red Hat specific packaging flaw)
-CVE-2003-0134 (Unknown vulnerability in filestat.c for Apache running on OS2, ...)
+CVE-2003-0134
 	- apache2 2.0.46
-CVE-2003-0133 (GtkHTML, as included in Evolution before 1.2.4, allows remote ...)
+CVE-2003-0133
 	- evolution 1.2.4
-CVE-2003-0132 (A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to ...)
+CVE-2003-0132
 	- apache2 2.0.45
-CVE-2003-0131 (The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and ...)
+CVE-2003-0131
 	{DSA-288}
 	- openssl 0.9.7b-1
 	- openssl096 0.9.6j-1
-CVE-2003-0130 (The handle_image function in mail-format.c for Ximian Evolution Mail ...)
+CVE-2003-0130
 	- evolution 1.2.3
-CVE-2003-0129 (Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote ...)
+CVE-2003-0129
 	- evolution 1.2.3
-CVE-2003-0128 (The try_uudecoding function in mail-format.c for Ximian Evolution Mail ...)
+CVE-2003-0128
 	- evolution 1.2.3
-CVE-2003-0127 (The kernel module loader in Linux kernel 2.2.x before 2.2.25, and ...)
+CVE-2003-0127
 	{DSA-495 DSA-423 DSA-336 DSA-332 DSA-312 DSA-311 DSA-276 DSA-270}
 	[sarge] - kernel-source-2.6.8 <not-affected>
 	- linux-2.6 <not-affected>
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive, in 2.4.21)
-CVE-2003-0126 (The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, ...)
+CVE-2003-0126
 	NOT-FOR-US: SOHO Routefinder 550 firmware
-CVE-2003-0121 (Clearswift MAILsweeper 4.x allows remote attackers to bypass ...)
+CVE-2003-0121
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0119 (The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet ...)
+CVE-2003-0119
 	NOT-FOR-US: AIX
-CVE-2003-0118 (SQL injection vulnerability in the Document Tracking and ...)
+CVE-2003-0118
 	NOT-FOR-US: Microsoft
-CVE-2003-0117 (Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ...)
+CVE-2003-0117
 	NOT-FOR-US: Microsoft
-CVE-2003-0116 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check ...)
+CVE-2003-0116
 	NOT-FOR-US: Microsoft
-CVE-2003-0115 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check ...)
+CVE-2003-0115
 	NOT-FOR-US: Microsoft
-CVE-2003-0114 (The file upload control in Microsoft Internet Explorer 5.01, 5.5, and ...)
+CVE-2003-0114
 	NOT-FOR-US: Microsoft
-CVE-2003-0113 (Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 ...)
+CVE-2003-0113
 	NOT-FOR-US: Microsoft
-CVE-2003-0112 (Buffer overflow in Windows Kernel allows local users to gain ...)
+CVE-2003-0112
 	NOT-FOR-US: Microsoft
-CVE-2003-0111 (The ByteCode Verifier component of Microsoft Virtual Machine (VM) ...)
+CVE-2003-0111
 	NOT-FOR-US: Microsoft
-CVE-2003-0110 (The Winsock Proxy service in Microsoft Proxy Server 2.0 and the ...)
+CVE-2003-0110
 	NOT-FOR-US: Microsoft
-CVE-2003-0109 (Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT ...)
+CVE-2003-0109
 	NOT-FOR-US: Microsoft
-CVE-2003-0106 (The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy ...)
+CVE-2003-0106
 	NOT-FOR-US: Symantec Enterprise Firewall
-CVE-2003-0105 (ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP ...)
+CVE-2003-0105
 	NOT-FOR-US: ServerMask
-CVE-2003-0101 (miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 ...)
+CVE-2003-0101
 	{DSA-319}
 	- webmin 1.070-1
-CVE-2003-0099 (Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before ...)
+CVE-2003-0099
 	{DSA-277}
 	- apcupsd 3.8.5-1.2
-CVE-2003-0098 (Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before ...)
+CVE-2003-0098
 	{DSA-277}
 	- apcupsd 3.8.5-1.2
-CVE-2003-0096 (Multiple buffer overflows in Oracle 9i Database release 2, Release 1, ...)
+CVE-2003-0096
 	NOT-FOR-US: Oracle
-CVE-2003-0092 (Heap-based buffer overflow in dtsession for Solaris 2.5.1 through ...)
+CVE-2003-0092
 	NOT-FOR-US: Solaris
-CVE-2003-0091 (Stack-based buffer overflow in the bsd_queue() function for lpq on ...)
+CVE-2003-0091
 	NOT-FOR-US: Solaris
 CVE-2003-0090
 	REJECTED
-CVE-2003-0089 (Buffer overflow in the Software Distributor utilities for HP-UX ...)
+CVE-2003-0089
 	NOT-FOR-US: HP-UX
-CVE-2003-0086 (The code for writing reg files in Samba before 2.2.8 allows local ...)
+CVE-2003-0086
 	{DSA-262}
 	- samba 2.2.8
-CVE-2003-0085 (Buffer overflow in the SMB/CIFS packet fragment re-assembly code for ...)
+CVE-2003-0085
 	{DSA-262}
 	- samba 2.2.8
-CVE-2003-0084 (mod_auth_any package in Red Hat Enterprise Linux 2.1 and other ...)
+CVE-2003-0084
 	NOT-FOR-US: mod_auth_any not in Debian
-CVE-2003-0083 (Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not ...)
+CVE-2003-0083
 	- apache2 2.0.46
 	- apache 1.3.25
-CVE-2003-0082 (The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and ...)
+CVE-2003-0082
 	{DSA-266}
 	- krb5 1.3.3-2
-CVE-2003-0080 (The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not ...)
+CVE-2003-0080
 	- gnome-lokkit 0.50.22-4
-CVE-2003-0076 (Unknown vulnerability in the directory parser for Direct Connect 4 ...)
+CVE-2003-0076
 	- dcgui 0.2.2
-CVE-2003-0074 (Format string vulnerability in mpmain.c for plpnfsd of the plptools ...)
+CVE-2003-0074
 	- plptools 0.12-0
-CVE-2003-0072 (The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and ...)
+CVE-2003-0072
 	{DSA-266}
 	- krb5 1.2.7-3
 	NOTE: changelog does not mention this one, verified patch from upstream was applied to this version.
-CVE-2003-0061 (Buffer overflow in passwd for HP UX B.10.20 allows local users to ...)
+CVE-2003-0061
 	NOT-FOR-US: HP UX
-CVE-2003-0060 (Format string vulnerabilities in the logging routines for MIT Kerberos ...)
+CVE-2003-0060
 	- krb5 1.2.4
-CVE-2003-0057 (Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote ...)
+CVE-2003-0057
 	{DSA-248}
 	- hypermail 2.1.6-1
-CVE-2003-0056 (Buffer overflow in secure locate (slocate) before 2.7 allows local ...)
+CVE-2003-0056
 	{DSA-252}
 	- slocate 2.7-1
-CVE-2003-0049 (Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows ...)
+CVE-2003-0049
 	NOT-FOR-US: MacOS
-CVE-2003-0048 (PuTTY 0.53b and earlier does not clear logon credentials from memory, ...)
+CVE-2003-0048
 	- putty 0.53-b-2003-01-04-1
 	NOTE: apparently fixed upstream 2002-11-12 changelog
-CVE-2003-0047 (SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX ...)
+CVE-2003-0047
 	NOT-FOR-US: commercial ssh clients
-CVE-2003-0046 (AbsoluteTelnet SSH2 client does not clear logon credentials from ...)
+CVE-2003-0046
 	NOT-FOR-US: commercial ssh clients
-CVE-2003-0044 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2003-0044
 	{DSA-246}
 	- tomcat <removed>
-CVE-2003-0042 (Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, ...)
+CVE-2003-0042
 	{DSA-246}
 	- tomcat <removed>
-CVE-2003-0041 (Kerberos FTP client allows remote FTP sites to execute arbitrary code ...)
+CVE-2003-0041
 	- krb5 <not-affected> (Verified sarge version of krb5-clients not vulnerable, nothing in changelogs)
-CVE-2003-0038 (Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 ...)
+CVE-2003-0038
 	{DSA-436}
 	- mailman 2.1.1-1
-CVE-2003-0037 (Buffer overflows in noffle news server 1.0.1 and earlier allow remote ...)
+CVE-2003-0037
 	{DSA-244}
 	- noffle 1.1.2-1
-CVE-2003-0036 (ml85p, as included in the printer-drivers package for Mandrake Linux, ...)
+CVE-2003-0036
 	NOT-FOR-US: ml85p, as included in the printer-drivers package for Mandrake Linux
-CVE-2003-0035 (Buffer overflow in escputil, as included in the printer-drivers ...)
+CVE-2003-0035
 	NOT-FOR-US: ml85p, as included in the printer-drivers package for Mandrake Linux
-CVE-2003-0034 (Buffer overflow in the mtink status monitor, as included in the ...)
+CVE-2003-0034
 	- mtink <not-affected> (Not installed setuid or setgid, so this is not exploitable)
 	NOTE: HOME overflow was fixed in mainSrc/rcfile.c, but not in
 	NOTE: chooser/mtinkc.c's version, which goes into mtinkc
-CVE-2003-0031 (Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to ...)
+CVE-2003-0031
 	{DSA-228}
 	- libmcrypt 2.5.5-1
-CVE-2003-0030 (Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension ...)
+CVE-2003-0030
 	NOT-FOR-US: Protegrity Secure.Data Extension Feature
 CVE-2003-0029
 	RESERVED
-CVE-2003-0028 (Integer overflow in the xdrmem_getbytes() function, and possibly other ...)
+CVE-2003-0028
 	{DSA-282 DSA-272 DSA-266}
 	- glibc 2.3.1-16
 	- dietlibc 0.22-2
 	- krb5 1.3.3-2
 	NOTE: krb5: changelog does not mention this one, verified patch from Tom Yu was applied to this version.
-CVE-2003-0026 (Multiple stack-based buffer overflows in the error handling routines ...)
+CVE-2003-0026
 	{DSA-231}
 	- dhcp3 3.0+3.0.1rc11-1
-CVE-2003-0025 (Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow ...)
+CVE-2003-0025
 	{DSA-229}
 	- imp 2.2.6-7
 	- imp3 <not-affected>
-CVE-2003-0014 (gsinterf.c in bmv 1.2 and earlier allows local users to overwrite ...)
+CVE-2003-0014
 	{DSA-633-1}
 	- bmv 1.2-17
-CVE-2003-0011 (Unknown vulnerability in the DNS intrusion detection application ...)
+CVE-2003-0011
 	NOT-FOR-US: Microsoft
-CVE-2003-0010 (Integer overflow in JsArrayFunctionHeapSort function used by Windows ...)
+CVE-2003-0010
 	NOT-FOR-US: Windows Script Engine for JScript
 CVE-2003-0008
 	RESERVED
@@ -3367,209 +3367,209 @@ CVE-2003-0006
 	RESERVED
 CVE-2003-0005
 	RESERVED
-CVE-2003-0001 (Multiple ethernet Network Interface Card (NIC) device drivers do not ...)
+CVE-2003-0001
 	{DSA-442 DSA-423 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-pre5)
-CVE-2003-1328 (The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and ...)
+CVE-2003-1328
 	NOT-FOR-US: windows
-CVE-2003-1326 (Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers ...)
+CVE-2003-1326
 	NOT-FOR-US: windows
-CVE-2003-1022 (Directory traversal vulnerability in fsp before 2.81.b18 allows remote ...)
+CVE-2003-1022
 	{DSA-416}
 	- fsp 2.81.b18-1
-CVE-2003-0994 (The GUI functionality for an interactive session in Symantec ...)
+CVE-2003-0994
 	NOT-FOR-US: norton
-CVE-2003-0993 (mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit ...)
+CVE-2003-0993
 	- apache 1.3.29.0.2-4
-CVE-2003-0991 (Unknown vulnerability in the mail command handler in Mailman before ...)
+CVE-2003-0991
 	{DSA-436}
 	- mailman 2.1-1
 	NOTE: I have mailed Tollef Fog Heen <tfheen@debian.org> about this.
 	NOTE: Tollef Fog Heen reply to me that 2.1 versions are not vulnerable
-CVE-2003-0988 (Buffer overflow in the VCF file information reader for KDE Personal ...)
+CVE-2003-0988
 	- kdepim 4:3.1.5-1
-CVE-2003-0985 (The mremap system call (do_mremap) in Linux kernel 2.4.x before ...)
+CVE-2003-0985
 	{DSA-475 DSA-470 DSA-450 DSA-442 DSA-440 DSA-439 DSA-427 DSA-423 DSA-417 DSA-413}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.24-rc1)
-CVE-2003-0969 (mpg321 0.2.10 allows remote attackers to overwrite memory and possibly ...)
+CVE-2003-0969
 	{DSA-411}
 	- mpg321 0.2.10.3
-CVE-2003-0966 (Buffer overflow in the frm command in elm 2.5.6 and earlier, and ...)
+CVE-2003-0966
 	NOT-FOR-US: elm
-CVE-2003-0924 (netpbm 9.25 and earlier does not properly create temporary files, ...)
+CVE-2003-0924
 	{DSA-426}
 	- netpbm-free 2:9.25-9
-CVE-2003-0905 (Unknown vulnerability in Windows Media Station Service and Windows ...)
+CVE-2003-0905
 	NOT-FOR-US: microsoft
-CVE-2003-0903 (Buffer overflow in a component of Microsoft Data Access Components ...)
+CVE-2003-0903
 	NOT-FOR-US: microsoft
-CVE-2003-0825 (The Windows Internet Naming Service (WINS) for Microsoft Windows ...)
+CVE-2003-0825
 	NOT-FOR-US: microsoft
-CVE-2003-0145 (Unknown vulnerability in tcpdump before 3.7.2 related to an inability ...)
+CVE-2003-0145
 	{DSA-261}
 	- tcpdump 3.7.2-1
-CVE-2003-0143 (The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null ...)
+CVE-2003-0143
 	{DSA-259}
 	- qpopper 4.0.4-9
-CVE-2003-0125 (Buffer overflow in the web interface for SOHO Routefinder 550 before ...)
+CVE-2003-0125
 	NOT-FOR-US: SOHO Routefinder
-CVE-2003-0124 (man before 1.5l allows attackers to execute arbitrary code via a ...)
+CVE-2003-0124
 	NOT-FOR-US: man before 1.51
-CVE-2003-0123 (Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 ...)
+CVE-2003-0123
 	NOT-FOR-US: lotus notes
-CVE-2003-0122 (Buffer overflow in Notes server before Lotus Notes R4, R5 before ...)
+CVE-2003-0122
 	NOT-FOR-US: lotus notes
-CVE-2003-0120 (adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local ...)
+CVE-2003-0120
 	{DSA-256}
 	- mhc 0.25+20030224-1
-CVE-2003-0108 (isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers ...)
+CVE-2003-0108
 	{DSA-255}
 	- tcpdump 3.7.1-1.2
-CVE-2003-0107 (Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is ...)
+CVE-2003-0107
 	- zlib 1:1.1.4-10
-CVE-2003-0104 (Directory traversal vulnerability in PeopleTools 8.10 through 8.18, ...)
+CVE-2003-0104
 	NOT-FOR-US: peopletools
-CVE-2003-0103 (Format string vulnerability in Nokia 6210 handset allows remote ...)
+CVE-2003-0103
 	NOT-FOR-US: nokia handset
-CVE-2003-0102 (Buffer overflow in tryelf() in readelf.c of the file command allows ...)
+CVE-2003-0102
 	{DSA-260}
 	- file 3.40-1.1
-CVE-2003-0100 (Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers ...)
+CVE-2003-0100
 	NOT-FOR-US: cisco
-CVE-2003-0097 (Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to ...)
+CVE-2003-0097
 	- php4 4:4.3.2+rc3-1
-CVE-2003-0095 (Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, ...)
+CVE-2003-0095
 	NOT-FOR-US: oracle
-CVE-2003-0094 (A patch for mcookie in the util-linux package for Mandrake Linux 8.2 ...)
+CVE-2003-0094
 	NOT-FOR-US: mandrake specific
-CVE-2003-0093 (The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote ...)
+CVE-2003-0093
 	{DSA-261}
 	- tcpdump 3.7.1-1
-CVE-2003-0088 (TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to ...)
+CVE-2003-0088
 	NOT-FOR-US: macosX
-CVE-2003-0087 (Buffer overflow in libIM library (libIM.a) for National Language ...)
+CVE-2003-0087
 	NOT-FOR-US: AIX
-CVE-2003-0081 (Format string vulnerability in packet-socks.c of the SOCKS dissector ...)
+CVE-2003-0081
 	{DSA-258}
 	- ethereal 0.9.9-2
-CVE-2003-0079 (The DEC UDK processing feature in the hanterm (hanterm-xf) terminal ...)
+CVE-2003-0079
 	NOT-FOR-US: hanterm before 2.0.5
-CVE-2003-0078 (ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before ...)
+CVE-2003-0078
 	{DSA-253}
 	- openssl 0.9.7a-1
-CVE-2003-0077 (The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and ...)
+CVE-2003-0077
 	NOT-FOR-US: hanterm before 2.0.5
-CVE-2003-0075 (Integer signedness error in the myFseek function of samplein.c for ...)
+CVE-2003-0075
 	NOT-FOR-US: blade encoder not in Debian
-CVE-2003-0073 (Double-free vulnerability in mysqld for MySQL before 3.23.55 allows ...)
+CVE-2003-0073
 	{DSA-303}
 	- mysql-dfsg 4.0.12-2
-CVE-2003-0071 (The DEC UDK processing feature in the xterm terminal emulator in ...)
+CVE-2003-0071
 	{DSA-380}
 	- xfree86 4.2.1-11
-CVE-2003-0070 (VTE, as used by default in gnome-terminal terminal emulator 2.2 and as ...)
+CVE-2003-0070
 	- vte 1:0.11.10-1
-CVE-2003-0069 (The PuTTY terminal emulator 0.53 allows attackers to modify the window ...)
+CVE-2003-0069
 	- putty 0.54-1
-CVE-2003-0068 (The Eterm terminal emulator 0.9.1 and earlier allows attackers to ...)
+CVE-2003-0068
 	{DSA-496}
 	- eterm 0.9.2-6
-CVE-2003-0067 (The aterm terminal emulator 0.42 allows attackers to modify the window ...)
+CVE-2003-0067
 	NOTE: I have mailed Goran Weinholt <weinholt@debian.org> about this.
 	NOTE: Goran Weinholt <weinholt@debian.org> tell me that aterm 0.4.2 was
 	NOTE: never vulnerable to the problem described.
 	NOTE: this CVE is bogus.
-CVE-2003-0066 (The rxvt terminal emulator 2.7.8 and earlier allows attackers to ...)
+CVE-2003-0066
 	- rxvt 1:2.6.4-6.1 (bug #244810)
 	NOTE: woody version is still vulnerable
-CVE-2003-0065 (The uxterm terminal emulator allows attackers to modify the window ...)
+CVE-2003-0065
 	NOT-FOR-US: uxterm not in Debian
-CVE-2003-0064 (The dtterm terminal emulator allows attackers to modify the window ...)
+CVE-2003-0064
 	NOT-FOR-US: dtterm not in Debian
-CVE-2003-0063 (The xterm terminal emulator in XFree86 4.2.0 and earlier allows ...)
+CVE-2003-0063
 	{DSA-380}
 	- xfree86 4.2.1-11
-CVE-2003-0062 (Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows ...)
+CVE-2003-0062
 	NOT-FOR-US: NOD32 not in Debian
-CVE-2003-0059 (Unknown vulnerability in the chk_trans.c of the libkrb5 library for ...)
+CVE-2003-0059
 	- krb5 1.2.5-1
-CVE-2003-0058 (MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows ...)
+CVE-2003-0058
 	- krb5 1.2.5-1
-CVE-2003-0055 (Buffer overflow in the MP3 broadcasting module of Apple Darwin ...)
+CVE-2003-0055
 	NOT-FOR-US: apple
-CVE-2003-0054 (Apple Darwin Streaming Administration Server 4.1.2 and QuickTime ...)
+CVE-2003-0054
 	NOT-FOR-US: apple
-CVE-2003-0053 (Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple ...)
+CVE-2003-0053
 	NOT-FOR-US: apple
-CVE-2003-0052 (parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 ...)
+CVE-2003-0052
 	NOT-FOR-US: apple
-CVE-2003-0051 (parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 ...)
+CVE-2003-0051
 	NOT-FOR-US: apple
-CVE-2003-0050 (parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 ...)
+CVE-2003-0050
 	NOT-FOR-US: apple
-CVE-2003-0045 (Jakarta Tomcat before 3.3.1a on certain Windows systems may allow ...)
+CVE-2003-0045
 	NOT-FOR-US: windows
-CVE-2003-0043 (Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, ...)
+CVE-2003-0043
 	{DSA-246}
 	- tomcat 3.3.1a-1
-CVE-2003-0040 (SQL injection vulnerability in the PostgreSQL auth module for courier ...)
+CVE-2003-0040
 	{DSA-247}
 	- courier 0.40.2-3
 	- courier-ssl 0.40.2-3
-CVE-2003-0039 (ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other ...)
+CVE-2003-0039
 	{DSA-245}
 	- dhcp3 3.0+3.0.1rc11-3
 	NOTE: Version information in DSA is wrong.
-CVE-2003-0033 (Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before ...)
+CVE-2003-0033
 	{DSA-297}
 	- snort 2.0.0-1
-CVE-2003-0032 (Memory leak in libmcrypt before 2.5.5 allows attackers to cause a ...)
+CVE-2003-0032
 	{DSA-228}
 	- libmcrypt 2.5.5-1
-CVE-2003-0027 (Directory traversal vulnerability in Sun Kodak Color Management System ...)
+CVE-2003-0027
 	NOT-FOR-US: sun
-CVE-2003-0024 (The menuBar feature in aterm 0.42 allows attackers to modify menu ...)
+CVE-2003-0024
 	NOTE: I have mailed Goran Weinholt <weinholt@debian.org> about this.
 	NOTE: Goran Weinholt <weinholt@debian.org> tell me that aterm 0.4.2 was
 	NOTE: never vulnerable to the problem described.
 	NOTE: this CVE is bogus.
-CVE-2003-0023 (The menuBar feature in rxvt 2.7.8 allows attackers to modify menu ...)
+CVE-2003-0023
 	- rxvt 1:2.6.4-6.1
-CVE-2003-0022 (The &quot;screen dump&quot; feature in rxvt 2.7.8 allows attackers to overwrite ...)
+CVE-2003-0022
 	- rxvt 1:2.6.4-6.1
-CVE-2003-0021 (The &quot;screen dump&quot; feature in Eterm 0.9.1 and earlier allows attackers ...)
+CVE-2003-0021
 	- eterm 0.9.2-1
 	NOTE: According to upstream changelog and http://marc.info/?l=bugtraq&m=104612710031920&w=2
 	NOTE: this is fixed in eterm 0.9.2
-CVE-2003-0020 (Apache does not filter terminal escape sequences from its error logs, ...)
+CVE-2003-0020
 	- apache2 2.0.49
 	- apache 1.3.29.0.2-4
-CVE-2003-0019 (uml_net in the kernel-utils package for Red Hat Linux 8.0 has ...)
+CVE-2003-0019
 	NOT-FOR-US: redhat 8.0 only
-CVE-2003-0018 (Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the ...)
+CVE-2003-0018
 	{DSA-423 DSA-358}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; in 2.5.27)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; in 2.4.21)
-CVE-2003-0017 (Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers ...)
+CVE-2003-0017
 	NOT-FOR-US: apache on windows
-CVE-2003-0016 (Apache before 2.0.44, when running on unpatched Windows 9x and Me ...)
+CVE-2003-0016
 	NOT-FOR-US: apache on windows
-CVE-2003-0015 (Double-free vulnerability in CVS 1.11.4 and earlier allows remote ...)
+CVE-2003-0015
 	{DSA-233}
 	- cvs 1.11.2-5.1
-CVE-2003-0013 (The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, ...)
+CVE-2003-0013
 	{DSA-230}
 	- bugzilla 2.16.2-1
-CVE-2003-0012 (The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x ...)
+CVE-2003-0012
 	{DSA-230}
 	- bugzilla 2.16.2-1
-CVE-2003-0009 (Cross-site scripting (XSS) vulnerability in Help and Support Center ...)
+CVE-2003-0009
 	NOT-FOR-US: windows
-CVE-2003-0007 (Microsoft Outlook 2002 does not properly handle requests to encrypt ...)
+CVE-2003-0007
 	NOT-FOR-US: windows
-CVE-2003-0004 (Buffer overflow in the Windows Redirector function in Microsoft ...)
+CVE-2003-0004
 	NOT-FOR-US: windows
-CVE-2003-0003 (Buffer overflow in the RPC Locator service for Microsoft Windows NT ...)
+CVE-2003-0003
 	NOT-FOR-US: windows
-CVE-2003-0002 (Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for ...)
+CVE-2003-0002
 	NOT-FOR-US: windows
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index 5a5ef9521c..f5b275c2f9 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -1,10 +1,10 @@
-CVE-2004-2779 (id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b ...)
+CVE-2004-2779
 	- libid3tag 0.15.1b-5 (bug #304913)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=162647
 	NOTE: https://sources.debian.org/patches/libid3tag/0.15.1b-13/10_utf16.dpatch/
-CVE-2004-2778 (Ebuild in Gentoo may change directory and file permissions depending ...)
+CVE-2004-2778
 	NOT-FOR-US: Gentoo ebuilds dir permissions at install time
-CVE-2004-2777 (GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet ...)
+CVE-2004-2777
 	NOT-FOR-US: GE Healthcare Centricity Image Vault
 CVE-2004-XXXX [base-passwd: sets valid shells for system services]
 	- base-passwd 3.5.30 (unimportant; bug #274229)
@@ -20,615 +20,615 @@ CVE-2004-2773
 	RESERVED
 CVE-2004-2772
 	RESERVED
-CVE-2004-2771 (The expand function in fio.c in Heirloom mailx 12.5 and earlier and ...)
+CVE-2004-2771
 	{DSA-3105-1 DLA-114-1}
 	- heirloom-mailx 12.5-3.1 (bug #773417)
 	- bsd-mailx 8.1.2-0.20071201cvs-1
 	- mailx 1:8.1.2-0.20040524cvs-2 (bug #278748)
 CVE-2004-2770
 	REJECTED
-CVE-2004-2769 (Cerberus FTP Server before 4.0.3.0 allows remote authenticated users ...)
+CVE-2004-2769
 	NOT-FOR-US: Cerberus FTP Server
-CVE-2004-2768 (dpkg 1.9.21 does not properly reset the metadata of a file during ...)
+CVE-2004-2768
 	- dpkg 1.10.19 (bug #225692)
-CVE-2004-2767 (NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not ...)
+CVE-2004-2767
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2766 (Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server ...)
+CVE-2004-2766
 	NOT-FOR-US: iPlanet Messaging Server/Sun ONE Messaging Server
-CVE-2004-2765 (Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE ...)
+CVE-2004-2765
 	NOT-FOR-US: iPlanet Messaging Server/Sun ONE Messaging Server
-CVE-2004-2764 (Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, ...)
+CVE-2004-2764
 	NOT-FOR-US: Historic issues in proprietary Java
-CVE-2004-2763 (The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 ...)
+CVE-2004-2763
 	NOT-FOR-US: Sun ONE iPlanet Web Server
-CVE-2004-2762 (The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x ...)
+CVE-2004-2762
 	NOT-FOR-US: Tivoli
-CVE-2004-2761 (The MD5 Message-Digest Algorithm is not collision resistant, which ...)
+CVE-2004-2761
 	NOT-FOR-US: General MD5 weakness, doesn't need to tracked package-wise
-CVE-2004-2760 (sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately ...)
+CVE-2004-2760
 	- openssh 1:3.6p1-1 (unimportant)
-CVE-2004-2759 (Shared Sun StorEdge QFS and SAM-QFS file systems, as used in ...)
+CVE-2004-2759
 	NOT-FOR-US: Shared Sun StorEdge QFS and SAM-QFS
-CVE-2004-2758 (Multiple unspecified vulnerabilities in the H.323 protocol ...)
+CVE-2004-2758
 	NOT-FOR-US: Sun SunForum
-CVE-2004-2757 (Cross-site scripting (XSS) vulnerability in the failed login page in ...)
+CVE-2004-2757
 	NOT-FOR-US: Novell iChain
-CVE-2004-2756 (Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops ...)
+CVE-2004-2756
 	NOT-FOR-US: Xoops
-CVE-2004-2755 (Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, ...)
+CVE-2004-2755
 	NOT-FOR-US: Symantec Web Security
-CVE-2004-2754 (SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and ...)
+CVE-2004-2754
 	NOT-FOR-US: YaBB
-CVE-2004-2753 (Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and ...)
+CVE-2004-2753
 	NOT-FOR-US: HP-UX
-CVE-2004-2752 (Cross-site scripting (XSS) vulnerability in the Downloads module in ...)
+CVE-2004-2752
 	NOT-FOR-US: PostNuke
-CVE-2004-2751 (SQL injection vulnerability in the members_list module in PostNuke ...)
+CVE-2004-2751
 	NOT-FOR-US: PostNuke
-CVE-2004-2750 (Directory traversal vulnerability in browser.php in JBrowser 1.0 ...)
+CVE-2004-2750
 	NOT-FOR-US: JBrowser
-CVE-2004-2749 (Directory traversal vulnerability in wra/public/wralogin in 2Wire ...)
+CVE-2004-2749
 	NOT-FOR-US: 2Wire Gateway
-CVE-2004-2748 (viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition ...)
+CVE-2004-2748
 	NOT-FOR-US: WebTrends Reporting Center
-CVE-2004-2747 (Directory traversal vulnerability in Pablo Software Solutions Quick 'n ...)
+CVE-2004-2747
 	NOT-FOR-US: Quick 'n Easy FTP Server (Windows only)
-CVE-2004-2746 (SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo ...)
+CVE-2004-2746
 	NOT-FOR-US: XTREME ASP Photo Gallery
-CVE-2004-2745 (Directory traversal vulnerability in Anteco Visual Technologies ...)
+CVE-2004-2745
 	NOT-FOR-US: Anteco Visual Technologies OwnServer
-CVE-2004-2744 (Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has ...)
+CVE-2004-2744
 	NOT-FOR-US: Tincan Limited PHPlist
-CVE-2004-2743 (upload.cgi in Mega Upload Progress Bar before 1.45 allows remote ...)
+CVE-2004-2743
 	NOT-FOR-US: Mega Upload Progress Bar
-CVE-2004-2742 (Cross-site scripting (XSS) vulnerability in the report viewer in ...)
+CVE-2004-2742
 	NOT-FOR-US: Crystal Enterprise
-CVE-2004-2741 (Cross-site scripting (XSS) vulnerability in the &quot;help window&quot; ...)
+CVE-2004-2741
 	- horde2 <removed>
-CVE-2004-2740 (PHP remote file inclusion vulnerability in authform.inc.php in ...)
+CVE-2004-2740
 	NOT-FOR-US: PHProjekt
-CVE-2004-2739 (The setup routine (setup.php) in PHProjekt 4.2.1 and earlier allows ...)
+CVE-2004-2739
 	NOT-FOR-US: PHProjekt
-CVE-2004-2738 (Cross-site scripting (XSS) vulnerability in check_user_id.php in ...)
+CVE-2004-2738
 	NOT-FOR-US: Zero board
-CVE-2004-2737 (SQL injection vulnerability in problist.asp in NetSupport DNA HelpDesk ...)
+CVE-2004-2737
 	NOT-FOR-US: NetSupport DNA HelpDesk
-CVE-2004-2736 (Polar HelpDesk 3.0 allows remote attackers to bypass authentication by ...)
+CVE-2004-2736
 	NOT-FOR-US: Polar HelpDesk
-CVE-2004-2735 (Cross-site scripting (XSS) vulnerability in P4DB 2.01 and earlier ...)
+CVE-2004-2735
 	NOT-FOR-US: P4DB
-CVE-2004-2734 (webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses ...)
+CVE-2004-2734
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2733 (Web Wiz Forums 7.7a uses invalid logic to determine user privileges, ...)
+CVE-2004-2733
 	NOT-FOR-US: Web Wiz Forums
-CVE-2004-2732 (nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain ...)
+CVE-2004-2732
 	NOT-FOR-US: Netbilling
-CVE-2004-2731 (Multiple integer overflows in Sbus PROM driver ...)
+CVE-2004-2731
 	{DSA-1503-2 DSA-1503-1}
 	- linux-2.6 2.6.18-1
 	NOTE: bufsize is unsigned since (at least) 2.6.18, might be fixed in prior versions
-CVE-2004-2730 (Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, ...)
+CVE-2004-2730
 	NOT-FOR-US: PsTools
-CVE-2004-2729 (Inetd32 Administration Tool of Hummingbird Connectivity 7.1 and 9.0 ...)
+CVE-2004-2729
 	NOT-FOR-US: Hummingbird Connectivity
-CVE-2004-2728 (Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and ...)
+CVE-2004-2728
 	NOT-FOR-US: Hummingbird Connectivity
-CVE-2004-2727 (Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 ...)
+CVE-2004-2727
 	NOT-FOR-US: MailEnable
-CVE-2004-2726 (HTTPMail service in MailEnable Professional 1.18 does not properly ...)
+CVE-2004-2726
 	NOT-FOR-US: MailEnable
-CVE-2004-2725 (Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 ...)
+CVE-2004-2725
 	NOT-FOR-US: Aztek Forum
-CVE-2004-2724 (LionMax Software Chat Anywhere 2.72a allows remote attackers to cause ...)
+CVE-2004-2724
 	NOT-FOR-US: Chat Anywhere
-CVE-2004-2723 (NessusWX 1.4.4 stores account passwords in plaintext in .session ...)
+CVE-2004-2723
 	NOT-FOR-US: NessusWXdd
-CVE-2004-2722 (** DISPUTED ** ...)
+CVE-2004-2722
 	- nessus-core <unfixed> (unimportant)
 	NOTE: this is no security issue assuming correct permissions
-CVE-2004-2721 (The CheckGroup function in openSkat VTMF before 2.1 generates public ...)
+CVE-2004-2721
 	NOT-FOR-US: openSkat
-CVE-2004-2720 (Cross-site scripting (XSS) vulnerability in register.asp in Snitz ...)
+CVE-2004-2720
 	NOT-FOR-US: Snitz Forums
-CVE-2004-2719 (Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail ...)
+CVE-2004-2719
 	NOT-FOR-US: Foxmail
-CVE-2004-2718 (PHPMyChat 0.14.5 does not remove or protect setup.php3 after ...)
+CVE-2004-2718
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2717 (Multiple directory traversal vulnerabilities in admin.php3 in ...)
+CVE-2004-2717
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2716 (Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat ...)
+CVE-2004-2716
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2715 (edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass ...)
+CVE-2004-2715
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2714 (Unspecified vulnerability in Window Maker 0.80.2 and earlier allows ...)
+CVE-2004-2714
 	- wmaker 0.90-1
-CVE-2004-2713 (** DISPUTED ** ...)
+CVE-2004-2713
 	NOT-FOR-US: ZoneAlarm
-CVE-2004-2712 (Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 ...)
+CVE-2004-2712
 	NOT-FOR-US: Gyach-E
-CVE-2004-2711 (Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 ...)
+CVE-2004-2711
 	NOT-FOR-US: Gyach-E
-CVE-2004-2710 (Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 ...)
+CVE-2004-2710
 	NOT-FOR-US: Gyach-E
-CVE-2004-2709 (Buffer overflow in the strip_html_tags method for Gyach Enhanced ...)
+CVE-2004-2709
 	NOT-FOR-US: Gyach-E
-CVE-2004-2708 (Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, ...)
+CVE-2004-2708
 	NOT-FOR-US: Gyach-E
-CVE-2004-2707 (Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) ...)
+CVE-2004-2707
 	NOT-FOR-US: Gyach-E
-CVE-2004-2706 (Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 ...)
+CVE-2004-2706
 	NOT-FOR-US: Gyach-E
-CVE-2004-2705 (Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) ...)
+CVE-2004-2705
 	- pvpgn 1.6.4+20040826-1
-CVE-2004-2704 (Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) ...)
+CVE-2004-2704
 	- hastymail <removed>
-CVE-2004-2703 (Clearswift MIMEsweeper 5.0.5, when it has been upgraded from ...)
+CVE-2004-2703
 	NOT-FOR-US: MIMEsweeper
-CVE-2004-2702 (Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 ...)
+CVE-2004-2702
 	NOT-FOR-US: Plesk
-CVE-2004-2701 (Cross-site scripting (XSS) vulnerability in signin.aspx for ...)
+CVE-2004-2701
 	NOT-FOR-US: AspDotNetStorefront
-CVE-2004-2700 (Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 ...)
+CVE-2004-2700
 	NOT-FOR-US: AspDotNetStorefront
-CVE-2004-2699 (deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to ...)
+CVE-2004-2699
 	NOT-FOR-US: AspDotNetStorefront
-CVE-2004-2698 (Race condition in IMWheel 1.0.0pre11 and earlier, when running with ...)
+CVE-2004-2698
 	- imwheel 1.0.0pre12-1
-CVE-2004-2697 (The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 ...)
+CVE-2004-2697
 	NOT-FOR-US: InvScoutd
-CVE-2004-2696 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using ...)
+CVE-2004-2696
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-2695 (SQL injection vulnerability in the Authorize.net callback code ...)
+CVE-2004-2695
 	NOT-FOR-US: vBulletin
-CVE-2004-2694 (Microsoft Outlook Express 6.0 allows remote attackers to bypass ...)
+CVE-2004-2694
 	NOT-FOR-US: Outlook
-CVE-2004-2693 (HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries ...)
+CVE-2004-2693
 	NOT-FOR-US: HP-UX
-CVE-2004-2692 (The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe ...)
+CVE-2004-2692
 	NOT-FOR-US: php-exec-dir patch
-CVE-2004-2691 (Unspecified vulnerability in 3Com SuperStack 3 4400 switches with ...)
+CVE-2004-2691
 	NOT-FOR-US: 3Com firmware
-CVE-2004-2690 (Unrestricted file upload vulnerability in the Administration Panel for ...)
+CVE-2004-2690
 	NOT-FOR-US: NewsPHP
-CVE-2004-2689 (NewsPHP allows remote attackers to gain unauthorized administrative ...)
+CVE-2004-2689
 	NOT-FOR-US: NewsPHP
-CVE-2004-2688 (Cross-site scripting (XSS) vulnerability in index.php in NewsPHP ...)
+CVE-2004-2688
 	NOT-FOR-US: NewsPHP
-CVE-2004-2687 (distcc 2.x, as used in XCode 1.5 and others, when not configured to ...)
+CVE-2004-2687
 	- distcc 2.18.1-1 (low)
 	NOTE: since 2.18.1-1 there is the --allow switch to control network access
 	NOTE: https://github.com/distcc/distcc/issues/155
 	NOTE: Fix in depth is only in later version 3.3, cf.
 	NOTE: https://bugs.debian.org/892973
-CVE-2004-2686 (Directory traversal vulnerability in the vfs_getvfssw function in ...)
+CVE-2004-2686
 	NOT-FOR-US: Solaris
-CVE-2004-2685 (Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote ...)
+CVE-2004-2685
 	NOT-FOR-US: Ccproxy
-CVE-2004-2684 (Unspecified vulnerability in the %template package in InterSystems ...)
+CVE-2004-2684
 	NOT-FOR-US: InterSystems Cache
-CVE-2004-2683 (Unspecified vulnerability in the %XML.Utils.SchemaServer class in ...)
+CVE-2004-2683
 	NOT-FOR-US: InterSystems Cache
-CVE-2004-2682 (PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which ...)
+CVE-2004-2682
 	- matrixssl 1.1-1
-CVE-2004-2681 (PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely ...)
+CVE-2004-2681
 	- matrixssl 1.1-1
-CVE-2004-2680 (mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly ...)
+CVE-2004-2680
 	- libapache2-mod-python 3.2.8-1 (low)
-CVE-2004-2679 (Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to ...)
+CVE-2004-2679
 	NOT-FOR-US: CheckPoint Firewall
-CVE-2004-2678 (Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and ...)
+CVE-2004-2678
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2004-2677 (Format string vulnerability in qwik-smtpd.c in QwikMail SMTP ...)
+CVE-2004-2677
 	NOT-FOR-US: QwikMail SMTP
-CVE-2004-2676 (The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy ...)
+CVE-2004-2676
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2004-2675 (ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users ...)
+CVE-2004-2675
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2674 (Directory traversal vulnerability in ArGoSoft FTP Server before ...)
+CVE-2004-2674
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2673 (Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow ...)
+CVE-2004-2673
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2672 (Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows ...)
+CVE-2004-2672
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2671 (mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive ...)
+CVE-2004-2671
 	NOT-FOR-US: eNdonesia CMS
-CVE-2004-2670 (Multiple cross-site scripting (XSS) vulnerabilities in mod.php in ...)
+CVE-2004-2670
 	NOT-FOR-US: eNdonesia
-CVE-2004-2669 (Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 ...)
+CVE-2004-2669
 	NOT-FOR-US: Land Down Under
-CVE-2004-2668 (SQL injection vulnerability in Interchange before 4.8.9 allows remote ...)
+CVE-2004-2668
 	- interchange 4.9.8-1
-CVE-2004-2667 (Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before ...)
+CVE-2004-2667
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2666 (Mantis before 20041016 provides a complete Issue History (Bug History) ...)
+CVE-2004-2666
 	- mantis 0.19.2-1
-CVE-2004-2665 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
+CVE-2004-2665
 	NOT-FOR-US: HP-UX
-CVE-2004-2664 (John Lim ADOdb Library for PHP before 4.23 allows remote attackers to ...)
+CVE-2004-2664
 	- libphp-adodb <not-affected>
 	- egroupware <not-affected>
 	- moodle <not-affected>
 	- phppgadmin 4.0.1-2 (unimportant)
 	- gallery2 <not-affected>
 	- phpwiki <unfixed> (unimportant)
-CVE-2004-2663 (The (1) SetDebugging and (2) RunEgatherer methods in IBM Access ...)
+CVE-2004-2663
 	NOT-FOR-US: IBM
-CVE-2004-2662 (Soft3304 04WebServer before 1.41 allows remote attackers to cause a ...)
+CVE-2004-2662
 	NOT-FOR-US: 04WebServer
-CVE-2004-2661 (Soft3304 04WebServer before 1.41 does not properly check file names, ...)
+CVE-2004-2661
 	NOT-FOR-US: 04WebServer
-CVE-2004-2660 (Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows ...)
+CVE-2004-2660
 	{DSA-1184-2}
 	- linux-2.6 <not-affected> (fixed before the first upload)
-CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to execute a ...)
+CVE-2004-2659
 	NOT-FOR-US: Opera
-CVE-2004-2658 (resmgr in SUSE CORE 9 does not properly identify terminal names, which ...)
+CVE-2004-2658
 	- resmgr <not-affected>
-CVE-2004-2657 (** DISPUTED ** ...)
+CVE-2004-2657
 	- mozilla-firefox <not-affected>
 	- firefox <not-affected>
-CVE-2004-2656 (Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like ...)
+CVE-2004-2656
 	- slash <not-affected> (Vulnerable code introduced in 2002, while Debian's is older!, see #390469)
-CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, ...)
+CVE-2004-2655
 	- xscreensaver 4.18-1 (low)
-CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web Proxy Cache ...)
+CVE-2004-2654
 	- squid 2.5.6
-CVE-2004-2653 (Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows ...)
+CVE-2004-2653
 	NOT-FOR-US: PD9 Software MegaBBS
-CVE-2004-2652 (The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when ...)
+CVE-2004-2652
 	- snort 2.3.0-1
-CVE-2004-2651 (Multiple cross-site scripting (XSS) vulnerabilities in YaCy before ...)
+CVE-2004-2651
 	NOT-FOR-US: YaCy
-CVE-2004-2650 (Spooler in Apache Foundation James 2.2.0 allows local users to cause a ...)
+CVE-2004-2650
 	NOT-FOR-US: Apache James
-CVE-2004-2649 (Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in ...)
+CVE-2004-2649
 	NOT-FOR-US: Eudora
-CVE-2004-2648 (FreezeX 1.00.100.0666 allows local users with administrator privileges ...)
+CVE-2004-2648
 	NOT-FOR-US: FreezeX
-CVE-2004-2647 (Free Web Chat 2.0 allows remote attackers to cause a denial of service ...)
+CVE-2004-2647
 	NOT-FOR-US: Free Web Chat
-CVE-2004-2646 (The addUser function in UserManager.java in Free Web Chat 2.0 allows ...)
+CVE-2004-2646
 	NOT-FOR-US: Free Web Chat
-CVE-2004-2645 (Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has ...)
+CVE-2004-2645
 	- asn1c <not-affected> (Fixed before upload into archive; 0.9.7)
-CVE-2004-2644 (Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has ...)
+CVE-2004-2644
 	- asn1c <not-affected> (Fixed before upload into archive; 0.9.7)
-CVE-2004-2643 (Directory traversal vulnerability in Microsoft cabarc allows remote ...)
+CVE-2004-2643
 	NOT-FOR-US: Microsoft cabarc
-CVE-2004-2642 (Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which ...)
+CVE-2004-2642
 	NOT-FOR-US: Yeemp
-CVE-2004-2641 (Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire ...)
+CVE-2004-2641
 	NOT-FOR-US: Sun appliances
-CVE-2004-2640 (Directory traversal vulnerability in lstat.cgi in LinuxStat before ...)
+CVE-2004-2640
 	NOT-FOR-US: LinuxStat
-CVE-2004-2639 (Unspecified vulnerability in Journalness 3.0.7 and earlier allows ...)
+CVE-2004-2639
 	NOT-FOR-US: Journalness
-CVE-2004-2638 (The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote ...)
+CVE-2004-2638
 	NOT-FOR-US: osCommerce
-CVE-2004-2637 (The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code ...)
+CVE-2004-2637
 	NOT-FOR-US: Zyxel hardware
-CVE-2004-2636 (TinyWeb 1.9 allows remote attackers to read source code of scripts via ...)
+CVE-2004-2636
 	NOT-FOR-US: TinyWeb
-CVE-2004-2635 (An ActiveX control for McAfee Security Installer Control System ...)
+CVE-2004-2635
 	NOT-FOR-US: McAfee
-CVE-2004-2634 (The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX ...)
+CVE-2004-2634
 	NOT-FOR-US: AIX
-CVE-2004-2633 (Unspecified vulnerability in Sesamie 1.0 allows remote anonymous ...)
+CVE-2004-2633
 	NOT-FOR-US: Sesamie
-CVE-2004-2632 (phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify ...)
+CVE-2004-2632
 	- phpmyadmin 1:2.5.7-pl1-1
-CVE-2004-2631 (Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to ...)
+CVE-2004-2631
 	- phpmyadmin 1:2.5.7-pl1-1
-CVE-2004-2630 (The MIME transformation system ...)
+CVE-2004-2630
 	- phpmyadmin 2:2.6.0-pl2-1
-CVE-2004-2629 (Multiple vulnerabilities in the H.323 protocol implementation for ...)
+CVE-2004-2629
 	NOT-FOR-US: Click to Meet express
-CVE-2004-2628 (Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, ...)
+CVE-2004-2628
 	- thttpd <not-affected> (Windows-specific vulnerabilities)
-CVE-2004-2627 (Java 2 Micro Edition (J2ME) does not properly validate bytecode, which ...)
+CVE-2004-2627
 	NOT-FOR-US: J2ME
-CVE-2004-2626 (GUI overlay vulnerability in the Java API in Siemens S55 cellular ...)
+CVE-2004-2626
 	NOT-FOR-US: Siemens cell phone
-CVE-2004-2625 (Cross-site scripting (XSS) vulnerability in Outblaze Email allows ...)
+CVE-2004-2625
 	NOT-FOR-US: Outblaze Email
-CVE-2004-2624 (Cross-site scripting (XSS) vulnerability in &quot;TextSearch&quot; in WackoWiki ...)
+CVE-2004-2624
 	NOT-FOR-US: WackoWiki
-CVE-2004-2623 (Unknown vulnerability in Rippy the Aggregator before 0.10, when ...)
+CVE-2004-2623
 	NOT-FOR-US: Rippy the Aggregator
-CVE-2004-2622 (AClient.exe in Altiris Deployment Solution 6.x and 5.x does not ...)
+CVE-2004-2622
 	NOT-FOR-US: Altiris Deployment Solution
-CVE-2004-2621 (Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when ...)
+CVE-2004-2621
 	NOT-FOR-US: Nortel Contivity VPN client
-CVE-2004-2620 (The MIMEH_read_headers function in ripMIME 1.3.1.0 does not properly ...)
+CVE-2004-2620
 	NOT-FOR-US: ripMIME
-CVE-2004-2619 (ripMIME 1.3.2.3 and earlier allows remote attackers to bypass e-mail ...)
+CVE-2004-2619
 	NOT-FOR-US: ripMIME
-CVE-2004-2618 (Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) ...)
+CVE-2004-2618
 	NOT-FOR-US: Pegasi Web Server
-CVE-2004-2617 (Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 ...)
+CVE-2004-2617
 	NOT-FOR-US: Pegasi Web Server
-CVE-2004-2616 (The file server in ActivePost Standard 3.1 and earlier allows remote ...)
+CVE-2004-2616
 	NOT-FOR-US: ActivePost Standard
-CVE-2004-2615 (The documentation for CuteNews 1.3.6 and possibly other versions ...)
+CVE-2004-2615
 	NOT-FOR-US: Cutenews
-CVE-2004-2614 (Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial ...)
+CVE-2004-2614
 	NOT-FOR-US: MyWeb
-CVE-2004-2613 (Unspecified vulnerability in procfs in the Linux-VServer stable branch ...)
+CVE-2004-2613
 	- kernel-patch-ctx 1:1.28-1 (bug #262903; medium)
-CVE-2004-2612 (BNC 2.9.0 only grants access when an incorrect password is provided, ...)
+CVE-2004-2612
 	NOT-FOR-US: BNC
-CVE-2004-2611 (The Change Permissions function in the Sophster suite before 0.9.6 28 ...)
+CVE-2004-2611
 	NOT-FOR-US: Sophster suite
-CVE-2004-2610 (mntd_mount.c in mntd before 0.4.2 might allow local users to gain ...)
+CVE-2004-2610
 	NOT-FOR-US: mntd
-CVE-2004-2609 (The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 ...)
+CVE-2004-2609
 	NOT-FOR-US: Symantec PowerQuest DeployCenter
-CVE-2004-2608 (SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the &quot;news ...)
+CVE-2004-2608
 	NOT-FOR-US: SmartWebby Smart Guest Book
-CVE-2004-2607 (A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to ...)
+CVE-2004-2607
 	{DSA-1018-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.6)
-CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with ...)
+CVE-2004-2606
 	NOT-FOR-US: Linksys hardware
-CVE-2004-2605 (aStats 1.6.5 allows local users to overwrite arbitrary files via a ...)
+CVE-2004-2605
 	- astats <removed> (bug #287604)
-CVE-2004-2604 (Cross-site scripting (XSS) vulnerability in index.php in PHProxy ...)
+CVE-2004-2604
 	NOT-FOR-US: PHProxy
-CVE-2004-2603 (Cross-site scripting (XSS) vulnerability in the Search module in ...)
+CVE-2004-2603
 	NOT-FOR-US: UberTec Help Center Live
-CVE-2004-2602 (PHP remote file inclusion vulnerability in UberTec Help Center Live ...)
+CVE-2004-2602
 	NOT-FOR-US: UberTec Help Center Live
-CVE-2004-2601 (PHP remote file inclusion vulnerability in UberTec Help Center Live ...)
+CVE-2004-2601
 	NOT-FOR-US: UberTec Help Center Live
-CVE-2004-2600 (The firmware for Intelligent Platform Management Interface (IPMI) ...)
+CVE-2004-2600
 	NOT-FOR-US: Intel hardware
-CVE-2004-2599 (Multiple buffer overflows in Quake II server before R1Q2, as used in ...)
+CVE-2004-2599
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
 	NOTE: There is a big note in the quake2 package stating that it is not secure.
 	NOTE: Otherwise severity would be high.
-CVE-2004-2598 (Quake II server before R1Q2, as used in multiple products, allows ...)
+CVE-2004-2598
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2597 (Quake II server before R1Q2, as used in multiple products, allows ...)
+CVE-2004-2597
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2596 (Quake II server before R1Q2, as used in multiple products, allows ...)
+CVE-2004-2596
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2595 (Absolute path traversal vulnerability in Quake II server before R1Q2 ...)
+CVE-2004-2595
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2594 (Absolute path traversal vulnerability in Quake II server before R1Q2 ...)
+CVE-2004-2594
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2593 (Buffer overflow in command-packet processing of Quake II server before ...)
+CVE-2004-2593
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2592 (Quake II server before R1Q2, as used in multiple products, allows ...)
+CVE-2004-2592
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2591 (The data-overwrite capability of ButtUglySoftware CleanCache 2.19 does ...)
+CVE-2004-2591
 	NOT-FOR-US: ButtUglySoftware CleanCache
-CVE-2004-2590 (Unspecified vulnerability in meindlSOFT Cute PHP Library (aka cphplib) ...)
+CVE-2004-2590
 	NOT-FOR-US: meindlSOFT Cute PHP Library
-CVE-2004-2589 (Gaim before 0.82 allows remote servers to cause a denial of service ...)
+CVE-2004-2589
 	- gaim 0.82-1 (medium)
-CVE-2004-2588 (Intentional information leak in phpinfo.php in XMB (aka extreme ...)
+CVE-2004-2588
 	NOT-FOR-US: XMB
-CVE-2004-2587 (login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows ...)
+CVE-2004-2587
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2586 (Directory traversal vulnerability in frmGetAttachment.aspx in ...)
+CVE-2004-2586
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2585 (Cross-site scripting (XSS) vulnerability in frmCompose.aspx in ...)
+CVE-2004-2585
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2584 (frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 ...)
+CVE-2004-2584
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2583 (SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows ...)
+CVE-2004-2583
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2582 (Novell iChain 2.3 includes the build number in the VIA line of the ...)
+CVE-2004-2582
 	NOT-FOR-US: iChain
-CVE-2004-2581 (Novell iChain 2.3 allows attackers to cause a denial of service via a ...)
+CVE-2004-2581
 	NOT-FOR-US: iChain
-CVE-2004-2580 (Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows ...)
+CVE-2004-2580
 	NOT-FOR-US: iChain
-CVE-2004-2579 (ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access ...)
+CVE-2004-2579
 	NOT-FOR-US: iChain
-CVE-2004-2578 (phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) ...)
+CVE-2004-2578
 	- phpgroupware 0.9.16.002-1
-CVE-2004-2577 (The acl_check function in phpGroupWare 0.9.16RC2 always returns True, ...)
+CVE-2004-2577
 	- phpgroupware 0.9.14-0.RC3.1
-CVE-2004-2576 (class.vfs_dav.inc.php in phpGroupWare 0.9.16.000 does not create ...)
+CVE-2004-2576
 	- phpgroupware 0.9.16.000.1.cvs.20040620-1
-CVE-2004-2575 (phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain ...)
+CVE-2004-2575
 	- phpgroupware 0.9.14.007
-CVE-2004-2574 (Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare ...)
+CVE-2004-2574
 	- phpgroupware 0.9.14.007
-CVE-2004-2573 (PHP remote file inclusion vulnerability in tables_update.inc.php in ...)
+CVE-2004-2573
 	- phpgroupware 0.9.14.007
-CVE-2004-2572 (AMAX Magic Winmail Server 3.6 allows remote attackers to obtain ...)
+CVE-2004-2572
 	NOT-FOR-US: AMAX Magic Winmail
-CVE-2004-2571 (Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote ...)
+CVE-2004-2571
 	- isoqlog 2.2-0.1
-CVE-2004-2570 (Opera before 7.54 allows remote attackers to modify properties and ...)
+CVE-2004-2570
 	NOT-FOR-US: Opera
-CVE-2004-2568 (Multiple cross-site scripting (XSS) vulnerabilities in ReciPants 1.1.1 ...)
+CVE-2004-2568
 	NOT-FOR-US: ReciPants
-CVE-2004-2567 (Multiple SQL injection vulnerabilities in ReciPants 1.1.1 allow remote ...)
+CVE-2004-2567
 	NOT-FOR-US: ReciPants
-CVE-2004-2566 (Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld ...)
+CVE-2004-2566
 	NOT-FOR-US: LiveWorld
-CVE-2004-2565 (Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta ...)
+CVE-2004-2565
 	NOT-FOR-US: Sambar
-CVE-2004-2564 (Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server ...)
+CVE-2004-2564
 	NOT-FOR-US: Sambar
-CVE-2004-2563 (Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive ...)
+CVE-2004-2563
 	NOT-FOR-US: Serena TeamTrack
-CVE-2004-2562 (SQL injection vulnerability in jobedit.asp in Leigh Business ...)
+CVE-2004-2562
 	NOT-FOR-US: Leigh Business Enterprises
-CVE-2004-2561 (Multiple SQL injection vulnerabilities in Internet Software Sciences ...)
+CVE-2004-2561
 	NOT-FOR-US: ISS Web+Center
-CVE-2004-2560 (DokuWiki before 2004-10-19, when used on a web server that permits ...)
+CVE-2004-2560
 	- dokuwiki <not-affected> (Fixed before upload into the archive)
-CVE-2004-2559 (DokuWiki before 2004-10-19 allows remote attackers to access ...)
+CVE-2004-2559
 	- dokuwiki <not-affected> (Fixed before upload into the archive)
-CVE-2004-2569 (ipmenu 0.0.3 before Debian GNU/Linux ipmenu_0.0.3-5 allows local users ...)
+CVE-2004-2569
 	{DSA-907-1}
 	- ipmenu 0.0.3-5
-CVE-2004-2558 (Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, ...)
+CVE-2004-2558
 	NOT-FOR-US: Tivoli
-CVE-2004-2557 (NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a ...)
+CVE-2004-2557
 	NOT-FOR-US: Netgear hardware
-CVE-2004-2556 (NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and ...)
+CVE-2004-2556
 	NOT-FOR-US: Netgear hardware
-CVE-2004-2555 (Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses ...)
+CVE-2004-2555
 	NOT-FOR-US: FoolProof Security
-CVE-2004-2554 (Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost ...)
+CVE-2004-2554
 	NOT-FOR-US: Novell Client Firewall
-CVE-2004-2553 (The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows ...)
+CVE-2004-2553
 	NOT-FOR-US: ignitionServer
-CVE-2004-2552 (Buffer overflow in XBoard 4.2.7 and earlier might allow local users to ...)
+CVE-2004-2552
 	- xboard 4.2.7-3 (bug #343560; unimportant)
-CVE-2004-2551 (Multiple SQL injection vulnerabilities in Layton HelpBox 3.0.1 allow ...)
+CVE-2004-2551
 	NOT-FOR-US: Layton HelpBox
-CVE-2004-2550 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
+CVE-2004-2550
 	NOT-FOR-US: SandSurfer
-CVE-2004-2549 (Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 ...)
+CVE-2004-2549
 	NOT-FOR-US: Nortel hardware
-CVE-2004-2548 (Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) ...)
+CVE-2004-2548
 	NOT-FOR-US: SurgeMail
-CVE-2004-2547 (NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote ...)
+CVE-2004-2547
 	NOT-FOR-US: SurgeMail
-CVE-2004-2546 (Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a ...)
+CVE-2004-2546
 	- samba 3.0.6-1
-CVE-2004-2545 (Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote ...)
+CVE-2004-2545
 	NOT-FOR-US: Sidewinder G2
-CVE-2004-2544 (Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 ...)
+CVE-2004-2544
 	NOT-FOR-US: Sidewinder G2
-CVE-2004-2543 (Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote ...)
+CVE-2004-2543
 	NOT-FOR-US: Sidewinder G2
-CVE-2004-2542 (Multiple SQL injection vulnerabilities in Dynix (formerly known as ...)
+CVE-2004-2542
 	NOT-FOR-US: Dynix WebPac
-CVE-2004-2541 (Buffer overflow in Cscope 15.5, and possibly multiple overflows, ...)
+CVE-2004-2541
 	{DSA-1064-1}
 	- cscope 15.5+cvs20050816-1.1 (bug #340177; medium)
 	NOTE: Sarge and Woody are affected
-CVE-2004-2540 (readObject in (1) Java Runtime Environment (JRE) and (2) Software ...)
+CVE-2004-2540
 	NOT-FOR-US: Proprietary Java
-CVE-2004-2539 (Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP ...)
+CVE-2004-2539
 	NOT-FOR-US: NetCache
-CVE-2004-2538 (Direct static code injection vulnerability in the PCG simple ...)
+CVE-2004-2538
 	NOT-FOR-US: phpCodeGenie
-CVE-2004-2537 (Unspecified vulnerability in SurgeMail before 2.2c10 has unknown ...)
+CVE-2004-2537
 	NOT-FOR-US: SurgeMail
-CVE-2004-2536 (The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 ...)
+CVE-2004-2536
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.6)
 	- kernel-source-2.4.27 <not-affected>
 	[sarge] - kernel-source-2.6.8 <not-affected> (Fixed before upload into archive; 2.6.6)
-CVE-2004-2535 (The person-to-person secure messaging feature in Sticker before 3.1.0 ...)
+CVE-2004-2535
 	NOT-FOR-US: Sticker
-CVE-2004-2534 (Fastream NETFile Server 7.1.2 does not properly handle keep-alive ...)
+CVE-2004-2534
 	NOT-FOR-US: NETFile Server
-CVE-2004-2533 (Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause ...)
+CVE-2004-2533
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2004-2532 (Serv-U FTP server before 5.1.0.0 has a default account and password ...)
+CVE-2004-2532
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2004-2531 (X.509 Certificate Signature Verification in Gnu transport layer ...)
+CVE-2004-2531
 	- gnutls11 1.0.16-8 (bug #336006; low)
 	- gnutls12 <not-affected> (fixed before upload)
-CVE-2004-2530 (Visual truncation vulnerability in Gadu-Gadu allows remote attackers ...)
+CVE-2004-2530
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-2529 (Gadu-Gadu allows remote attackers to bypass the &quot;image send&quot; option by ...)
+CVE-2004-2529
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-2528 (Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam ...)
+CVE-2004-2528
 	NOT-FOR-US: Webcam Watchdog
-CVE-2004-2527 (The local and remote desktop login screens in Microsoft Windows XP ...)
+CVE-2004-2527
 	NOT-FOR-US: Microsoft
-CVE-2004-2526 (Directory traversal vulnerability in ldacgi.exe in IBM Tivoli ...)
+CVE-2004-2526
 	NOT-FOR-US: Tivoli
-CVE-2004-2525 (Cross-site scripting (XSS) vulnerability in compat.php in Serendipity ...)
+CVE-2004-2525
 	- serendipity 1.0-1
-CVE-2004-2524 (clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier ...)
+CVE-2004-2524
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-2523 (Format string vulnerability in the msg command (cat_message function ...)
+CVE-2004-2523
 	NOT-FOR-US: OpenFTPD
-CVE-2004-2522 (Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server ...)
+CVE-2004-2522
 	NOT-FOR-US: Gattaca
-CVE-2004-2521 (Mail server in Gattaca Server 2003 1.1.10.0 allows remote attackers to ...)
+CVE-2004-2521
 	NOT-FOR-US: Gattaca
-CVE-2004-2520 (POP3 protocol in Gattaca Server 2003 1.1.10.0 allows remote ...)
+CVE-2004-2520
 	NOT-FOR-US: Gattaca
-CVE-2004-2519 (Gattaca Server 2003 1.1.10.0 allows remote attackers to cause a denial ...)
+CVE-2004-2519
 	NOT-FOR-US: Gattaca
-CVE-2004-2518 (Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain ...)
+CVE-2004-2518
 	NOT-FOR-US: Gattaca
-CVE-2004-2517 (myServer 0.7.1 allows remote attackers to cause a denial of service ...)
+CVE-2004-2517
 	NOT-FOR-US: myServer
-CVE-2004-2516 (Directory traversal vulnerability in myServer 0.7 allows remote ...)
+CVE-2004-2516
 	NOT-FOR-US: myServer
-CVE-2004-2515 (Format string vulnerability in VMware Workstation 4.5.2 build-8848, if ...)
+CVE-2004-2515
 	NOT-FOR-US: VMWare Workstation
-CVE-2004-2514 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2004-2514
 	NOT-FOR-US: PowerPortal
-CVE-2004-2513 (Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 ...)
+CVE-2004-2513
 	NOT-FOR-US: Mercury Mail
-CVE-2004-2512 (CRLF injection vulnerability in calendar.php in DCP-Portal 5.3.2 and ...)
+CVE-2004-2512
 	NOT-FOR-US: DCP-Portal
-CVE-2004-2511 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal ...)
+CVE-2004-2511
 	NOT-FOR-US: DCP-Portal
-CVE-2004-2510 (Cross-site scripting (XSS) vulnerability in showflat.php in Infopop ...)
+CVE-2004-2510
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2004-2509 (Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) ...)
+CVE-2004-2509
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2004-2508 (Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B ...)
+CVE-2004-2508
 	NOT-FOR-US: Linksys hardware
-CVE-2004-2507 (Absolute path traversal vulnerability in main.cgi in Linksys WVC11B ...)
+CVE-2004-2507
 	NOT-FOR-US: Linksys hardware
-CVE-2004-2506 (Unparsed web content delivery vulnerability in WIKINDX before 0.9.9g ...)
+CVE-2004-2506
 	NOT-FOR-US: WIKINDX
-CVE-2004-2505 (Macromedia ColdFusion MX before 6.1 does not restrict the size of ...)
+CVE-2004-2505
 	NOT-FOR-US: ColdFusion
-CVE-2004-2504 (The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, ...)
+CVE-2004-2504
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2004-2503 (INweb Mail Server 2.40 allows remote attackers to cause a denial of ...)
+CVE-2004-2503
 	NOT-FOR-US: Inweb Mail Server
-CVE-2004-2502 (im-switch before 11.4-46.1 in Fedora Core 2 allows local users to ...)
+CVE-2004-2502
 	- im-switch <not-affected> (Debian's version is somehow derived from RH, but not affected)
-CVE-2004-2501 (Buffer overflow in the IMAP service of MailEnable Professional Edition ...)
+CVE-2004-2501
 	NOT-FOR-US: MailEnable Professional
-CVE-2004-2500 (Unknown vulnerability in IlohaMail before 0.8.14-rc1 has unknown ...)
+CVE-2004-2500
 	- ilohamail 0.8.14-0rc1
-CVE-2004-2499 (Unspecified vulnerability in Hitachi Web Page Generator and Web Page ...)
+CVE-2004-2499
 	NOT-FOR-US: Hitachi Web Page Generator
-CVE-2004-2498 (Unspecified vulnerability in the error handler in Hitachi Web Page ...)
+CVE-2004-2498
 	NOT-FOR-US: Hitachi Web Page Generator
-CVE-2004-2497 (Cross-site scripting (XSS) vulnerability in the error handler in ...)
+CVE-2004-2497
 	NOT-FOR-US: Hitachi Web Page Generator
-CVE-2004-2496 (The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote ...)
+CVE-2004-2496
 	NOT-FOR-US: OpenText FirstClass
-CVE-2004-2495 (The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail ...)
+CVE-2004-2495
 	NOT-FOR-US: Ability Mail Server
-CVE-2004-2494 (Cross-site scripting (XSS) vulnerability in _error in Ability Mail ...)
+CVE-2004-2494
 	NOT-FOR-US: Ability Mail Server
-CVE-2004-2493 (Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) ...)
+CVE-2004-2493
 	NOT-FOR-US: GmaxWWW
-CVE-2004-2492 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web ...)
+CVE-2004-2492
 	NOT-FOR-US: GmaxWWW
-CVE-2004-2491 (A race condition in Opera web browser 7.53 Build 3850 causes Opera to ...)
+CVE-2004-2491
 	NOT-FOR-US: Opera
-CVE-2004-2490 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and ...)
+CVE-2004-2490
 	NOT-FOR-US: Informix Dynamic Server
-CVE-2004-2489 (Format string vulnerability in IBM Informix Dynamic Server (IDS) ...)
+CVE-2004-2489
 	NOT-FOR-US: Informix Dynamic Server
-CVE-2004-2488 (Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 ...)
+CVE-2004-2488
 	NOT-FOR-US: Nexgen FTP Server
-CVE-2004-2487 (Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 ...)
+CVE-2004-2487
 	NOT-FOR-US: Nexgen FTP Server
-CVE-2004-2486 (The DSS verification code in Dropbear SSH Server before 0.43 frees ...)
+CVE-2004-2486
 	- dropbear 0.43-2
-CVE-2004-2485 (Unspecified vulnerability in PHP Live! before 2.8.2, due to a &quot;major ...)
+CVE-2004-2485
 	NOT-FOR-US: PHP Live!
-CVE-2004-2484 (Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 ...)
+CVE-2004-2484
 	NOT-FOR-US: PHP Gift Registry
 CVE-2004-XXXX [Unspecified buffer overflow in libmng]
 	- libmng 1.0.8-1 (bug #250106)
@@ -642,1718 +642,1718 @@ CVE-2004-XXXX [Two vulnerabilities in sredird]
 	- sredird 2.2.1-1.1 (bug #267098)
 CVE-2004-XXXX [phpwiki shares a cookie for all wikis on a host]
 	- phpwiki 1.3.12p2-1 (bug #282565; medium)
-CVE-2004-2483 (Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries ...)
+CVE-2004-2483
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2004-2482 (Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word ...)
+CVE-2004-2482
 	NOT-FOR-US: Outlook
-CVE-2004-2481 (MyProxy 6.58 allows remote authenticated users in the Users Tab to ...)
+CVE-2004-2481
 	NOT-FOR-US: MyProxy
-CVE-2004-2480 (Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass ...)
+CVE-2004-2480
 	NOTE: could not reproduce this with squid 2.5, neither could the redhat guys
 	NOTE: see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166522
 	- squid 2.5
-CVE-2004-2479 (Squid Web Proxy Cache 2.5 might allow remote attackers to obtain ...)
+CVE-2004-2479
 	- squid 2.5.8
-CVE-2004-2478 (Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM ...)
+CVE-2004-2478
 	NOTE: "the original vendor report is too vague to know whether this issue is already identified by another CVE name."
-CVE-2004-2477 (DiamondCS Process Guard Free 2.000 allows local users to disable the ...)
+CVE-2004-2477
 	NOT-FOR-US: DiamondCS
-CVE-2004-2476 (Microsoft Internet Explorer 6.0 allows remote attackers to cause a ...)
+CVE-2004-2476
 	NOT-FOR-US: MS IE
-CVE-2004-2475 (Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 ...)
+CVE-2004-2475
 	NOT-FOR-US: Google Toolbar
-CVE-2004-2474 (SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers ...)
+CVE-2004-2474
 	NOT-FOR-US: PHPNews
-CVE-2004-2473 (wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows ...)
+CVE-2004-2473
 	NOT-FOR-US: wmFrog
-CVE-2004-2472 (Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a ...)
+CVE-2004-2472
 	NOT-FOR-US: Outpost Pro
-CVE-2004-2471 (SQL injection vulnerability in the sloth TCL script in QuoteEngine ...)
+CVE-2004-2471
 	NOT-FOR-US: QuoteEngine
-CVE-2004-2470 (Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact ...)
+CVE-2004-2470
 	NOT-FOR-US: MadBMS
-CVE-2004-2469 (Unspecified vulnerability in Reservation.class.php for phpScheduleIt ...)
+CVE-2004-2469
 	NOT-FOR-US: phpScheduleIt
-CVE-2004-2468 (Cross-site scripting (XSS) vulnerability in SillySearch 2.3 and ...)
+CVE-2004-2468
 	NOT-FOR-US: SillySearch
-CVE-2004-2467 (chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a ...)
+CVE-2004-2467
 	NOT-FOR-US: Easy Chat Server
-CVE-2004-2466 (chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a ...)
+CVE-2004-2466
 	NOT-FOR-US: Easy Chat Server
-CVE-2004-2465 (Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat ...)
+CVE-2004-2465
 	NOT-FOR-US: Easy Chat Server
-CVE-2004-2464 (Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 ...)
+CVE-2004-2464
 	NOT-FOR-US: ADA Image Server
-CVE-2004-2463 (Buffer overflow in ADA Image Server (ImgSvr) 0.4 allows remote ...)
+CVE-2004-2463
 	NOT-FOR-US: ADA Image Server
-CVE-2004-2462 (cplay 1.49 on Linux allows local users to overwrite arbitrary files ...)
+CVE-2004-2462
 	- cplay 1.49-3 (medium)
-CVE-2004-2461 (Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to ...)
+CVE-2004-2461
 	- gnubiff 2.0.0 (medium)
-CVE-2004-2460 (Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote ...)
+CVE-2004-2460
 	- gnubiff 2.0.0 (medium)
-CVE-2004-2459 (Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users ...)
+CVE-2004-2459
 	- gnubiff 2.0.0 (medium)
-CVE-2004-2458 (Open WebMail 2.30 and earlier, when use_syshomedir is disabled or ...)
+CVE-2004-2458
 	NOT-FOR-US: Open WebMail
-CVE-2004-2457 (Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows ...)
+CVE-2004-2457
 	NOT-FOR-US: 3Com OfficeConnect ADSL 11g Router
-CVE-2004-2456 (SQL injection vulnerability in index.php in miniBB 1.7f and earlier ...)
+CVE-2004-2456
 	NOT-FOR-US: miniBB
-CVE-2004-2455 (Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows ...)
+CVE-2004-2455
 	NOT-FOR-US: Sweex Wireless Broadband Router/Accesspoint 802.11g
-CVE-2004-2454 (aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive ...)
+CVE-2004-2454
 	NOT-FOR-US: aMSN 0.90 for Microsoft Windows
-CVE-2004-2453 (Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and ...)
+CVE-2004-2453
 	NOT-FOR-US: Tutti Nova
-CVE-2004-2452 (Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, ...)
+CVE-2004-2452
 	NOT-FOR-US: Hitachi Cosminexus Portal Framework
-CVE-2004-2451 (Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or ...)
+CVE-2004-2451
 	NOT-FOR-US: Roger Wilco
-CVE-2004-2450 (The client and server for Roger Wilco 1.4.1.6 and earlier or Roger ...)
+CVE-2004-2450
 	NOT-FOR-US: Roger Wilco
-CVE-2004-2449 (Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and ...)
+CVE-2004-2449
 	NOT-FOR-US: Roger Wilco
-CVE-2004-2448 (S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web ...)
+CVE-2004-2448
 	NOT-FOR-US: S-Mart Shopping Cart or RediCart
-CVE-2004-2447 (Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 ...)
+CVE-2004-2447
 	NOT-FOR-US: *1st Class Mail Server
-CVE-2004-2446 (Directory traversal vulnerability in 1st Class Mail Server 4.01 allows ...)
+CVE-2004-2446
 	NOT-FOR-US: *1st Class Mail Server
-CVE-2004-2445 (Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows ...)
+CVE-2004-2445
 	NOT-FOR-US: Jaws
-CVE-2004-2444 (Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 ...)
+CVE-2004-2444
 	NOT-FOR-US: Jaws
-CVE-2004-2443 (Jaws 0.3 allows remote attackers to bypass authentication and via an ...)
+CVE-2004-2443
 	NOT-FOR-US: Jaws
-CVE-2004-2442 (Multiple interpretation error in various F-Secure Anti-Virus products, ...)
+CVE-2004-2442
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-2441 (Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown ...)
+CVE-2004-2441
 	NOT-FOR-US: Kerio
-CVE-2004-2440 (Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and ...)
+CVE-2004-2440
 	- proxytunnel 1.2.0-1
-CVE-2004-2439 (The remote upgrade capability in HP LaserJet 4200 and 4300 printers ...)
+CVE-2004-2439
 	NOT-FOR-US: HP printers
-CVE-2004-2438 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows ...)
+CVE-2004-2438
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-2437 (SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers ...)
+CVE-2004-2437
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-2436 (Computer Associates Unicenter Common Services 3.0 and earlier stores ...)
+CVE-2004-2436
 	NOT-FOR-US: Computer Associates Unicenter Common Services
-CVE-2004-2435 (Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources ...)
+CVE-2004-2435
 	NOT-FOR-US: PeopleSoft Human Resources Management System (HRMS)
-CVE-2004-2434 (Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a ...)
+CVE-2004-2434
 	NOT-FOR-US: MS IE
-CVE-2004-2433 (Buffer overflow in the IsValidFile function in the ADM ActiveX control ...)
+CVE-2004-2433
 	NOT-FOR-US: ADM ActiveX control
-CVE-2004-2432 (WinAgents TFTP Server 3.0 allows remote attackers to cause a denial of ...)
+CVE-2004-2432
 	NOT-FOR-US: WinAgents TFTP Server
-CVE-2004-2431 (Unknown vulnerability in The Ignition Project ignitionServer 0.1.2 ...)
+CVE-2004-2431
 	NOT-FOR-US: ignitionServer
-CVE-2004-2430 (Trend OfficeScan Corporate Edition 5.58 and possibly earler does not ...)
+CVE-2004-2430
 	NOT-FOR-US: Trend OfficeScan
-CVE-2004-2429 (Multiple stack-based and heap-based buffer overflows in EnderUNIX ...)
+CVE-2004-2429
 	NOT-FOR-US: EnderUNIX spamGuard
-CVE-2004-2428 (Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document ...)
+CVE-2004-2428
 	NOT-FOR-US: WWWguestbook
-CVE-2004-2427 (Axis Network Camera 2.40 and earlier, and Video Server 3.12 and ...)
+CVE-2004-2427
 	NOT-FOR-US: Axis Network Camera
-CVE-2004-2426 (Directory traversal vulnerability in Axis Network Camera 2.40 and ...)
+CVE-2004-2426
 	NOT-FOR-US: Axis Network Camera
-CVE-2004-2425 (Axis Network Camera 2.40 and earlier, and Video Server 3.12 and ...)
+CVE-2004-2425
 	NOT-FOR-US: Axis Network Camera
-CVE-2004-2424 (BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow ...)
+CVE-2004-2424
 	NOT-FOR-US: BEA
-CVE-2004-2423 (Unknown vulnerability in the Web calendaring component of Ipswitch ...)
+CVE-2004-2423
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2004-2422 (Multiple features in Ipswitch IMail Server before 8.13 allow remote ...)
+CVE-2004-2422
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2004-2421 (Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File ...)
+CVE-2004-2421
 	NOT-FOR-US: Hitachi Job Management Partner
-CVE-2004-2420 (Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP ...)
+CVE-2004-2420
 	NOT-FOR-US: Hitachi Job Management Partner
-CVE-2004-2419 (Keene Digital Media Server 1.0.2 allows local users to obtain ...)
+CVE-2004-2419
 	NOT-FOR-US: Keene Digital Media Server
-CVE-2004-2418 (Buffer overflow in SlimFTPd 3.15 and earlier allows local users to ...)
+CVE-2004-2418
 	NOT-FOR-US: slimftpd not in debian
-CVE-2004-2417 (Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier ...)
+CVE-2004-2417
 	NOT-FOR-US: smtp.proxy
-CVE-2004-2416 (Buffer overflow in the logging component of CCProxy allows remote ...)
+CVE-2004-2416
 	NOT-FOR-US: ccproxy
-CVE-2004-2415 (Davenport before 0.9.10 allows attackers to cause a denial of service ...)
+CVE-2004-2415
 	NOT-FOR-US: Davenport
-CVE-2004-2414 (Novell NetWare 6.5 SP 1.1, when installing or upgrading using the ...)
+CVE-2004-2414
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2413 (SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 ...)
+CVE-2004-2413
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2004-2412 (Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 ...)
+CVE-2004-2412
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2004-2411 (The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart ...)
+CVE-2004-2411
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2004-2410 (Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through ...)
+CVE-2004-2410
 	- samhain 2.0.2
-CVE-2004-2409 (Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 ...)
+CVE-2004-2409
 	- samhain 2.0.2
-CVE-2004-2408 (Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and ...)
+CVE-2004-2408
 	- kernel-patch-vserver 1.9.2
-CVE-2004-2407 (Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown ...)
+CVE-2004-2407
 	- phpgroupware 0.9.14.002
-CVE-2004-2406 (Unknown &quot;overflow&quot; in the phpgw_config table for phpGroupWare before ...)
+CVE-2004-2406
 	- phpgroupware 0.9.14.002
-CVE-2004-2405 (Buffer overflow in multiple F-Secure Anti-Virus products, including ...)
+CVE-2004-2405
 	NOT-FOR-US: F-Secure Anti-Virus
 CVE-2004-2404
 	REJECTED
-CVE-2004-2403 (Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP ...)
+CVE-2004-2403
 	NOT-FOR-US: YaBB
-CVE-2004-2402 (Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP ...)
+CVE-2004-2402
 	NOT-FOR-US: YaBB
-CVE-2004-2401 (Stack-based buffer overflow in Ipswitch IMail Express Web Messaging ...)
+CVE-2004-2401
 	NOT-FOR-US: Ipswitch IMail
-CVE-2004-2400 (WinFTP Server 1.6 stores username and password credentials in ...)
+CVE-2004-2400
 	NOT-FOR-US: WinFTP Server
-CVE-2004-2399 (Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote ...)
+CVE-2004-2399
 	NOT-FOR-US: Sidewinder
-CVE-2004-2398 (Netenberg Fantastico De Luxe 2.8 uses database file names that contain ...)
+CVE-2004-2398
 	NOT-FOR-US: Netenberg Fantastico De Luxe
-CVE-2004-2397 (The web-based Management Console in Blue Coat Security Gateway OS 3.0 ...)
+CVE-2004-2397
 	NOT-FOR-US: Blue Coat
-CVE-2004-2396 (passwd 0.68 does not check the return code for the pam_start function, ...)
+CVE-2004-2396
 	NOTE: shadow is a different code base, and does not have this problem
-CVE-2004-2395 (Memory leak in passwd 0.68 allows local users to cause a denial of ...)
+CVE-2004-2395
 	NOTE: shadow is a different code base, and does not have this problem
-CVE-2004-2394 (Off-by-one error in passwd 0.68 and earlier, when using the --stdin ...)
+CVE-2004-2394
 	NOTE: shadow is a different code base, and does not have this problem
-CVE-2004-2393 (Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not ...)
+CVE-2004-2393
 	NOT-FOR-US: Sun JSSE
-CVE-2004-2392 (libuser 0.51.7 allows attackers to cause a denial of service (crash or ...)
+CVE-2004-2392
 	NOT-FOR-US: libuser
-CVE-2004-2391 (Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before ...)
+CVE-2004-2391
 	NOT-FOR-US: jabber-gg-transport
-CVE-2004-2390 (The roster import functionality in Jabber Gadu-Gadu Transport ...)
+CVE-2004-2390
 	NOT-FOR-US: jabber-gg-transport
-CVE-2004-2389 (Unknown vulnerability in Jabber Gadu-Gadu Transport ...)
+CVE-2004-2389
 	NOT-FOR-US: jabber-gg-transport
-CVE-2004-2388 (rexecd for AIX 4.3.3 does not properly use a local copy of the pwd ...)
+CVE-2004-2388
 	NOT-FOR-US: rexecd
-CVE-2004-2387 (Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 ...)
+CVE-2004-2387
 	NOT-FOR-US: sercd
-CVE-2004-2386 (Format string vulnerability in the LogMsg function in sercd before ...)
+CVE-2004-2386
 	NOT-FOR-US: sercd
-CVE-2004-2385 (EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path ...)
+CVE-2004-2385
 	NOT-FOR-US: EMU Webmail
-CVE-2004-2384 (NullSoft Winamp 5.02 allows remote attackers to cause a denial of ...)
+CVE-2004-2384
 	NOT-FOR-US: Winamp
-CVE-2004-2383 (Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to ...)
+CVE-2004-2383
 	NOT-FOR-US: Microsoft
-CVE-2004-2382 (The PerfectNav plugin for Microsoft Internet Explorer allows remote ...)
+CVE-2004-2382
 	NOT-FOR-US: Microsoft
-CVE-2004-2381 (HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote ...)
+CVE-2004-2381
 	- jetty 4.2.19-1 (medium)
-CVE-2004-2380 (Directory traversal vulnerability in postfile.exe for Twilight ...)
+CVE-2004-2380
 	NOT-FOR-US: Twilight Utilities Web Server
-CVE-2004-2379 (Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for ...)
+CVE-2004-2379
 	NOT-FOR-US: @Mail
-CVE-2004-2378 (@Mail 3.64 for Windows allows remote attackers to cause a denial of ...)
+CVE-2004-2378
 	NOT-FOR-US: @Mail
-CVE-2004-2377 (Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a ...)
+CVE-2004-2377
 	NOT-FOR-US: Alcatel OmniSwitch
-CVE-2004-2376 (Buffer overflow in postfile.exe for Twilight Utilities Web Server ...)
+CVE-2004-2376
 	NOT-FOR-US: Twilight Utilities Web Server
-CVE-2004-2375 (Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows ...)
+CVE-2004-2375
 	NOT-FOR-US: 1st Class Mail Server
-CVE-2004-2374 (BadBlue 2.4 allows remote attackers to obtain the location of the ...)
+CVE-2004-2374
 	NOT-FOR-US: BadBlue
-CVE-2004-2373 (The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is ...)
+CVE-2004-2373
 	NOT-FOR-US: AIM
-CVE-2004-2372 (Buffer overflow in Bochs before 2.1.1, if installed setuid, allows ...)
+CVE-2004-2372
 	- bochs 2.1.1-1
-CVE-2004-2371 (Multiple Red Storm web-based games, including Ghost Recon 1.4 and ...)
+CVE-2004-2371
 	NOT-FOR-US: Red Storm Games
-CVE-2004-2370 (Stack-based buffer overflow in Trillian 0.71 through 0.74f and ...)
+CVE-2004-2370
 	NOT-FOR-US: Cerulean Trillian
-CVE-2004-2369 (Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 ...)
+CVE-2004-2369
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2368 (PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 ...)
+CVE-2004-2368
 	NOT-FOR-US: Opt-X
-CVE-2004-2367 (The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows ...)
+CVE-2004-2367
 	NOT-FOR-US: WFTPD
-CVE-2004-2366 (Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 ...)
+CVE-2004-2366
 	NOT-FOR-US: GlobalScape Secure FTP Server
-CVE-2004-2365 (Memory leak in Microsoft Windows XP and Windows Server 2003 allows ...)
+CVE-2004-2365
 	NOT-FOR-US: Microsoft
-CVE-2004-2364 (Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through ...)
+CVE-2004-2364
 	NOT-FOR-US: PHPX CMS
-CVE-2004-2363 (Validate-Before-Canonicalize vulnerability in the checkURI function in ...)
+CVE-2004-2363
 	NOT-FOR-US: PHPX CMS
-CVE-2004-2362 (PHPX 3.2.6 and earlier allows remote attackers to obtain the physical ...)
+CVE-2004-2362
 	NOT-FOR-US: PHPX CMS
-CVE-2004-2361 (Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 ...)
+CVE-2004-2361
 	NOT-FOR-US: Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 and Desert Rats vs. Afrika Korps 1.0
-CVE-2004-2360 (Targem Battle Mages 1.0 allows remote attackers to cause a denial of ...)
+CVE-2004-2360
 	NOT-FOR-US: Targem Battle Mages
-CVE-2004-2359 (Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does ...)
+CVE-2004-2359
 	NOT-FOR-US: Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet
-CVE-2004-2358 (Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB ...)
+CVE-2004-2358
 	- phpbb2 2.0.6c (low)
-CVE-2004-2357 (The embedded MySQL 4.0 server for Proofpoint Protection Server does ...)
+CVE-2004-2357
 	NOT-FOR-US: roofpoint Protection Server
-CVE-2004-2356 (Early termination vulnerability in Fizmez Web Server 1.0 allows remote ...)
+CVE-2004-2356
 	NOT-FOR-US: Fizmez
-CVE-2004-2355 (Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help ...)
+CVE-2004-2355
 	NOT-FOR-US: Crafty Syntax Live Help
-CVE-2004-2354 (SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 ...)
+CVE-2004-2354
 	NOT-FOR-US: 4nGuestbook
-CVE-2004-2353 (BugPort before 1.099 stores its configuration file (conf/config.conf) ...)
+CVE-2004-2353
 	NOT-FOR-US: BugPort
-CVE-2004-2352 (Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 ...)
+CVE-2004-2352
 	NOT-FOR-US: GBook
-CVE-2004-2351 (Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 ...)
+CVE-2004-2351
 	NOT-FOR-US: GBook
-CVE-2004-2350 (SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 ...)
+CVE-2004-2350
 	- phpbb2 2.0.8 (low)
-CVE-2004-2349 (Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow ...)
+CVE-2004-2349
 	NOT-FOR-US: Tunez
-CVE-2004-2348 (Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to ...)
+CVE-2004-2348
 	NOT-FOR-US: Sybari AntiGen for Domino
-CVE-2004-2347 (blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote ...)
+CVE-2004-2347
 	NOT-FOR-US: Leif M. Wright Web Blog
-CVE-2004-2346 (Multiple cross-site scripting (XSS) vulnerabilities in Forum Web ...)
+CVE-2004-2346
 	NOT-FOR-US: Forum Web Server
-CVE-2004-2345 (Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, ...)
+CVE-2004-2345
 	NOT-FOR-US: Oracle
-CVE-2004-2344 (Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec ...)
+CVE-2004-2344
 	NOT-FOR-US: VocalTec
-CVE-2004-2343 (** DISPUTED ** ...)
+CVE-2004-2343
 	NOTE: apache disputes this and I agree -- joeyh
-CVE-2004-2342 (ChatterBox 2.0 allows remote attackers to cause a denial of service ...)
+CVE-2004-2342
 	NOT-FOR-US: ChatterBox
-CVE-2004-2341 (PHP file include injection vulnerability in isearch.inc.php for ...)
+CVE-2004-2341
 	NOT-FOR-US: iSearch
-CVE-2004-2340 (** UNVERIFIABLE ** ...)
+CVE-2004-2340
 	NOT-FOR-US: PunkBuster Screenshot Database
-CVE-2004-2339 (** DISPUTED ** ...)
+CVE-2004-2339
 	NOT-FOR-US: Microsoft
-CVE-2004-2338 (OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules ...)
+CVE-2004-2338
 	NOT-FOR-US: OpenBSD
-CVE-2004-2337 (The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed ...)
+CVE-2004-2337
 	NOT-FOR-US: inlook
-CVE-2004-2336 (Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 ...)
+CVE-2004-2336
 	NOT-FOR-US: Novel Groupwise
-CVE-2004-2335 (The Macromedia installers and e-licensing client on Mac OS X, as used ...)
+CVE-2004-2335
 	NOT-FOR-US: Macromedia installers and e-licensing client on Mac OS X
-CVE-2004-2334 (Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail ...)
+CVE-2004-2334
 	NOT-FOR-US: EMU Webmail
-CVE-2004-2333 (Bodington 2.1.0 RC1 and earlier does not secure the file upload area, ...)
+CVE-2004-2333
 	NOT-FOR-US: Bodington
-CVE-2004-2332 (Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form ...)
+CVE-2004-2332
 	NOT-FOR-US: WWW::Form
-CVE-2004-2331 (ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox ...)
+CVE-2004-2331
 	NOT-FOR-US: ColdFusion
-CVE-2004-2330 (ColdFusion MX 6.1 and 6.1 J2EE allows remote attackers to cause a ...)
+CVE-2004-2330
 	NOT-FOR-US: ColdFusion
-CVE-2004-2329 (Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute ...)
+CVE-2004-2329
 	NOT-FOR-US: Kerio Personal Firewal
-CVE-2004-2328 (Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers ...)
+CVE-2004-2328
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2004-2327 (Vizer Web Server 1.9.1 allows remote attackers to cause a denial of ...)
+CVE-2004-2327
 	NOT-FOR-US: Vizer
-CVE-2004-2326 (SQL injection vulnerability in IP3 Networks NetAccess Appliance before ...)
+CVE-2004-2326
 	NOT-FOR-US: IP3 Networks NetAccess
-CVE-2004-2325 (Cross-site scripting (XSS) vulnerability in EditModule.aspx for ...)
+CVE-2004-2325
 	NOT-FOR-US: DotNetNuke
-CVE-2004-2324 (SQL injection vulnerability in DotNetNuke (formerly IBuySpy Workshop) ...)
+CVE-2004-2324
 	NOT-FOR-US: DotNetNuke
-CVE-2004-2323 (DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows ...)
+CVE-2004-2323
 	NOT-FOR-US: DotNetNuke
-CVE-2004-2322 (SQL injection vulnerability in the (1) announce and (2) notes modules ...)
+CVE-2004-2322
 	NOT-FOR-US: phpWebSite
-CVE-2004-2321 (BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users ...)
+CVE-2004-2321
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-2320 (The default configuration of BEA WebLogic Server and Express 8.1 SP2 ...)
+CVE-2004-2320
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-2319 (IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users ...)
+CVE-2004-2319
 	NOT-FOR-US: IBM Informatik Dynamic Server
-CVE-2004-2318 (The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server ...)
+CVE-2004-2318
 	NOT-FOR-US: SurgeFTP Server
-CVE-2004-2317 (Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 ...)
+CVE-2004-2317
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2316 (Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to ...)
+CVE-2004-2316
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2315 (Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to ...)
+CVE-2004-2315
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2314 (The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b ...)
+CVE-2004-2314
 	NOT-FOR-US: Novell iChain Server
-CVE-2004-2313 (Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error ...)
+CVE-2004-2313
 	- courier <unfixed> (unimportant)
 	NOTE: This is a lack of a security feature, but not a direct vulnerability
-CVE-2004-2312 (Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, ...)
+CVE-2004-2312
 	NOT-FOR-US: AIX only
-CVE-2004-2311 (Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 ...)
+CVE-2004-2311
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2310 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus ...)
+CVE-2004-2310
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2309 (Directory traversal vulnerability in Crob FTP Server 3.5.1 allows ...)
+CVE-2004-2309
 	NOT-FOR-US: Crob FTP Server
-CVE-2004-2308 (Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly ...)
+CVE-2004-2308
 	NOT-FOR-US: cPanel; see www.cpanel.net; has nothing to do with Debian package cpanel
-CVE-2004-2307 (Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote ...)
+CVE-2004-2307
 	NOT-FOR-US: MS IE
-CVE-2004-2306 (Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled ...)
+CVE-2004-2306
 	NOT-FOR-US: Solaris
-CVE-2004-2305 (Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote ...)
+CVE-2004-2305
 	NOT-FOR-US: Computer Associates
-CVE-2004-2304 (Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 ...)
+CVE-2004-2304
 	NOT-FOR-US: Cerulean Trillian
-CVE-2004-2303 (MTools Mformat before 3.9.9, when installed setuid root, creates files ...)
+CVE-2004-2303
 	- mtools 3.9.9
-CVE-2004-2302 (Race condition in the sysfs_read_file and sysfs_write_file functions ...)
+CVE-2004-2302
 	{DSA-922-1 DTSA-16-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2004-2301 (Eudora before 6.1.1 allows remote attackers to cause a denial of ...)
+CVE-2004-2301
 	NOT-FOR-US: Eudora
-CVE-2004-2300 (Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed ...)
+CVE-2004-2300
 	- net-snmp <not-affected> (snmpd is neither setuid nor setgid in Debian)
-CVE-2004-2299 (Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote ...)
+CVE-2004-2299
 	NOT-FOR-US: Omnicron
-CVE-2004-2298 (Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 ...)
+CVE-2004-2298
 	NOT-FOR-US: Novell Internet Messaging System
-CVE-2004-2162 (Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow ...)
+CVE-2004-2162
 	{DSA-980-1}
 	- tutos 1.1.20031017-2.1 (bug #318633; medium)
-CVE-2004-2161 (SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows ...)
+CVE-2004-2161
 	{DSA-980-1}
 	- tutos 1.1.20031017-2.1 (bug #318633; medium)
-CVE-2004-2297 (The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to ...)
+CVE-2004-2297
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2296 (The preview_review function in the Reviews module in PHP-Nuke 6.0 to ...)
+CVE-2004-2296
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2295 (SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to ...)
+CVE-2004-2295
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2294 (Canonicalize-before-filter error in the send_review function in the ...)
+CVE-2004-2294
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2293 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to ...)
+CVE-2004-2293
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2292 (Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to ...)
+CVE-2004-2292
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2004-2291 (Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote ...)
+CVE-2004-2291
 	NOT-FOR-US: Microsoft
-CVE-2004-2290 (Microsoft Windows XP Explorer allows attackers to execute arbitrary ...)
+CVE-2004-2290
 	NOT-FOR-US: Microsoft
-CVE-2004-2289 (Microsoft Windows XP Explorer allows local users to execute arbitrary ...)
+CVE-2004-2289
 	NOT-FOR-US: Microsoft
-CVE-2004-2288 (Cross-site scripting (XSS) vulnerability in index.php in Jelsoft ...)
+CVE-2004-2288
 	NOT-FOR-US: vBulletin
-CVE-2004-2287 (Directory traversal vulnerability in explorer.php in DSM Light Web ...)
+CVE-2004-2287
 	NOT-FOR-US: Light Web File Manager
-CVE-2004-2286 (Integer overflow in the duplication operator in ActivePerl allows ...)
+CVE-2004-2286
 	NOT-FOR-US: ActivePerl
 CVE-2004-2285
 	REJECTED
-CVE-2004-2284 (The read_list_from_file function in vacation.pl for OpenWebmail before ...)
+CVE-2004-2284
 	NOT-FOR-US: OpenWebmail
-CVE-2004-2283 (Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote ...)
+CVE-2004-2283
 	- dansguardian 2.6.1-13 (medium)
-CVE-2004-2282 (DansGuardian before 2.7.7-2 allows remote attackers to bypass URL ...)
+CVE-2004-2282
 	- dansguardian 2.7.7-2
-CVE-2004-2281 (Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 ...)
+CVE-2004-2281
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2004-2280 (Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before ...)
+CVE-2004-2280
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2004-2279 (Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 ...)
+CVE-2004-2279
 	NOT-FOR-US: Invision Power Board
-CVE-2004-2278 (Unknown cross-site scripting (XSS) vulnerability in the web GUI in ...)
+CVE-2004-2278
 	NOT-FOR-US: vHost
-CVE-2004-2277 (Buffer overflow in aGSM Half-Life client allows remote Half-Life ...)
+CVE-2004-2277
 	NOT-FOR-US: aGSM Half-Life
-CVE-2004-2276 (F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and ...)
+CVE-2004-2276
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-2275 (i-mall.cgi in I-Mall Commerce allows remote attackers to execute ...)
+CVE-2004-2275
 	NOT-FOR-US: I-Mall Commerce
-CVE-2004-2274 (Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and ...)
+CVE-2004-2274
 	NOT-FOR-US: w3m Jigsaw
-CVE-2004-2273 (efFingerD 0.2.12 allows remote attackers to cause a denial of service ...)
+CVE-2004-2273
 	NOT-FOR-US: efFingerD
-CVE-2004-2272 (Buffer overflow in the sockFinger_DataArrival function in efFingerD ...)
+CVE-2004-2272
 	NOT-FOR-US: efFingerD
-CVE-2004-2271 (Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers ...)
+CVE-2004-2271
 	NOT-FOR-US: MiniShare
-CVE-2004-2270 (Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 ...)
+CVE-2004-2270
 	NOT-FOR-US: IBM Parallel Environment
-CVE-2004-2269 (Stack-based buffer overflow in pads.c in Passive Asset Detection ...)
+CVE-2004-2269
 	- pads 1.1.1 (high)
-CVE-2004-2268 (PimenGest2 before 1.1.1 allows remote attackers to obtain the database ...)
+CVE-2004-2268
 	NOT-FOR-US: PimenGest2
-CVE-2004-2267 (Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier ...)
+CVE-2004-2267
 	NOT-FOR-US: Ansel
-CVE-2004-2266 (SQL injection vulnerability in Ansel 2.1 and earlier allows remote ...)
+CVE-2004-2266
 	NOT-FOR-US: Ansel
-CVE-2004-2265 (UUDeview 0.5.20 and earlier handles temporary files insecurely during ...)
+CVE-2004-2265
 	- uudeview 0.5.20-2.1 (bug #320541; low)
 	[sarge] - uudeview <no-dsa> (Hardly exploitable)
 	NOTE: dnprogs apparetly not vulnerable, unsafe code is not called (#358500)
-CVE-2004-2264 (** DISPUTED ** ...)
+CVE-2004-2264
 	- less <not-affected> (less is not suid, explotability unlikely)
-CVE-2004-2263 (SQL injection vulnerability in the valid function in fr_left.php in ...)
+CVE-2004-2263
 	NOT-FOR-US: PlaySMS
-CVE-2004-2262 (ImageManager in e107 before 0.617 does not properly check the types of ...)
+CVE-2004-2262
 	NOT-FOR-US: e107
-CVE-2004-2261 (Cross-site scripting (XSS) vulnerability in e107 allows remote ...)
+CVE-2004-2261
 	NOT-FOR-US: e107
-CVE-2004-2260 (Opera Browser 7.23, and other versions before 7.50, updates the ...)
+CVE-2004-2260
 	NOT-FOR-US: Opera
-CVE-2004-2259 (vsftpd before 1.2.2, when under heavy load, allows attackers to cause ...)
+CVE-2004-2259
 	- vsftpd 2.0.1-1 (low)
-CVE-2004-2258 (Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen ...)
+CVE-2004-2258
 	NOT-FOR-US: Hummingbird Exceed
-CVE-2004-2257 (phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to ...)
+CVE-2004-2257
 	NOT-FOR-US: phpMyFAQ
-CVE-2004-2256 (Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows ...)
+CVE-2004-2256
 	NOT-FOR-US: phpMyFAQ
-CVE-2004-2255 (Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote ...)
+CVE-2004-2255
 	NOT-FOR-US: phpMyFAQ
-CVE-2004-2254 (SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, ...)
+CVE-2004-2254
 	NOT-FOR-US: SurgeLDAP
-CVE-2004-2253 (Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and ...)
+CVE-2004-2253
 	NOT-FOR-US: SurgeLDAP
-CVE-2004-2252 (The firewall in Astaro Security Linux before 4.024 sends responses to ...)
+CVE-2004-2252
 	NOT-FOR-US: Astaro suite
-CVE-2004-2251 (The PPTP server in Astaro Security Linux before 4.024 provides ...)
+CVE-2004-2251
 	NOT-FOR-US: Astaro suite
-CVE-2004-2250 (Unknown vulnerability in the &quot;access code&quot; in RemoteEditor before ...)
+CVE-2004-2250
 	NOT-FOR-US: RemoteEditor
-CVE-2004-2249 (Unknown vulnerability in the &quot;access code&quot; in SecureEditor before ...)
+CVE-2004-2249
 	NOT-FOR-US: SecureEditor
-CVE-2004-2248 (Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact ...)
+CVE-2004-2248
 	NOT-FOR-US: RemoteEditor
-CVE-2004-2247 (Unknown vulnerability in the &quot;admin of paypal email addresses&quot; in ...)
+CVE-2004-2247
 	NOT-FOR-US: AudienceConnect
-CVE-2004-2246 (Cross-site scripting (XSS) vulnerability in Goollery before 0.04b ...)
+CVE-2004-2246
 	NOT-FOR-US: Goollery
-CVE-2004-2245 (Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows ...)
+CVE-2004-2245
 	NOT-FOR-US: Goollery
-CVE-2004-2244 (The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and ...)
+CVE-2004-2244
 	NOT-FOR-US: Oracle
-CVE-2004-2243 (Phorum allows remote attackers to hijack sessions of other users by ...)
+CVE-2004-2243
 	NOT-FOR-US: Phorum
-CVE-2004-2242 (Cross-site scripting (XSS) vulnerability in search.php in Phorum, ...)
+CVE-2004-2242
 	NOT-FOR-US: Phorum
-CVE-2004-2241 (Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier ...)
+CVE-2004-2241
 	NOT-FOR-US: Phorum
-CVE-2004-2240 (Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier ...)
+CVE-2004-2240
 	NOT-FOR-US: Phorum
-CVE-2004-2239 (Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow ...)
+CVE-2004-2239
 	- vpopmail <removed> (bug #320608; low)
-CVE-2004-2238 (** DISPUTED ** ...)
+CVE-2004-2238
 	NOTE: format string vuln in vpopmail doesn't seem to be real
-CVE-2004-2237 (Unknown vulnerability in Moodle before 1.3.4 has unknown impact and ...)
+CVE-2004-2237
 	- moodle 1.4-1
-CVE-2004-2236 (Unknown vulnerability in Moodle before 1.3.3 has unknown impact and ...)
+CVE-2004-2236
 	- moodle 1.3.3-1
-CVE-2004-2235 (Unknown vulnerability in Moodle before 1.2 has unknown impact and ...)
+CVE-2004-2235
 	- moodle 1.2.1-1
-CVE-2004-2234 (Unknown vulnerability in Moodle before 1.2 allows teachers to log in ...)
+CVE-2004-2234
 	- moodle 1.2.1-1
-CVE-2004-2233 (Unknown &quot;front page vulnerability with Moodle servers&quot; for Moodle ...)
+CVE-2004-2233
 	- moodle 1.3.2-1
-CVE-2004-2232 (SQL injection vulnerability in sql.php in the Glossary module in ...)
+CVE-2004-2232
 	- moodle 1.4.2-1
-CVE-2004-2231 (Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local ...)
+CVE-2004-2231
 	NOT-FOR-US: InstallAnywhere
-CVE-2004-2230 (Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 ...)
+CVE-2004-2230
 	NOT-FOR-US: OpenBSD
-CVE-2004-2229 (Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server ...)
+CVE-2004-2229
 	NOT-FOR-US: Oracle
-CVE-2004-2228 (Mozilla Firefox before 1.0 is installed with world-writable ...)
+CVE-2004-2228
 	- mozilla-firefox <not-affected> (Only affects Firefox on MacOS)
-CVE-2004-2227 (Mozilla Firefox before 1.0 truncates long filenames in the file ...)
+CVE-2004-2227
 	- mozilla-firefox 1.0-1
-CVE-2004-2226 (Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when ...)
+CVE-2004-2226
 	- mozilla-thunderbird 1.0-3
-CVE-2004-2225 (Mozilla Firefox before 0.10.1 allows remote attackers to delete ...)
+CVE-2004-2225
 	- mozilla-firefox 0.99+1.0RC1-1
-CVE-2004-2224 (Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause ...)
+CVE-2004-2224
 	NOT-FOR-US: Message Foundry
-CVE-2004-2223 (FsPHPGallery before 1.2 allows remote attackers to cause a denial of ...)
+CVE-2004-2223
 	NOT-FOR-US: FsPHPGallery
-CVE-2004-2222 (Directory traversal vulnerability in index.php in FsPHPGallery before ...)
+CVE-2004-2222
 	NOT-FOR-US: FsPHPGallery
-CVE-2004-2221 (Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows ...)
+CVE-2004-2221
 	NOT-FOR-US: SoftCart
-CVE-2004-2220 (F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not ...)
+CVE-2004-2220
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-2219 (Microsoft Internet Explorer 6 allows remote attackers to spoof the ...)
+CVE-2004-2219
 	NOT-FOR-US: Microsoft
-CVE-2004-2218 (SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and ...)
+CVE-2004-2218
 	NOT-FOR-US: PHPMyWebHosting
-CVE-2004-2217 (Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow ...)
+CVE-2004-2217
 	NOT-FOR-US: yChat
-CVE-2004-2216 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and ...)
+CVE-2004-2216
 	NOT-FOR-US: Sun Java
-CVE-2004-2215 (RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, ...)
+CVE-2004-2215
 	- rxvt-unicode 3.8-1
-CVE-2004-2214 (Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to ...)
+CVE-2004-2214
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2213 (Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to ...)
+CVE-2004-2213
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2212 (SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 ...)
+CVE-2004-2212
 	NOT-FOR-US: AliveSites
-CVE-2004-2211 (Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 ...)
+CVE-2004-2211
 	NOT-FOR-US: AliveSites
-CVE-2004-2210 (Multiple cross-site scripting (XSS) vulnerabilities in Express-Web ...)
+CVE-2004-2210
 	NOT-FOR-US: Express-Web
-CVE-2004-2209 (SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through ...)
+CVE-2004-2209
 	NOT-FOR-US: IdealBB
-CVE-2004-2208 (CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through ...)
+CVE-2004-2208
 	NOT-FOR-US: IdealBB
-CVE-2004-2207 (Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB ...)
+CVE-2004-2207
 	NOT-FOR-US: IdealBB
-CVE-2004-2206 (SQL injection vulnerability in NatterChat 1.12 allows remote attackers ...)
+CVE-2004-2206
 	NOT-FOR-US: NatterChat
-CVE-2004-2205 (Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 ...)
+CVE-2004-2205
 	NOT-FOR-US: Veritas
-CVE-2004-2204 (Macromedia ColdFusion MX 6.0 and 6.1 application server, when running ...)
+CVE-2004-2204
 	NOT-FOR-US: Cold Fusion
-CVE-2004-2203 (Ansel 1.2 through 2.0 uses insecure default permissions, which allows ...)
+CVE-2004-2203
 	NOT-FOR-US: Ansel
-CVE-2004-2202 (Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 ...)
+CVE-2004-2202
 	NOT-FOR-US: DUclassified
-CVE-2004-2201 (SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows ...)
+CVE-2004-2201
 	NOT-FOR-US: DUforum
-CVE-2004-2200 (Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through ...)
+CVE-2004-2200
 	NOT-FOR-US: DUforum
-CVE-2004-2199 (Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 ...)
+CVE-2004-2199
 	NOT-FOR-US: DUclassified
-CVE-2004-2198 (account.asp in DUware DUclassmate 1.0 through 1.1 allows remote ...)
+CVE-2004-2198
 	NOT-FOR-US: DUclassmate
-CVE-2004-2197 (kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ...)
+CVE-2004-2197
 	NOT-FOR-US: kdocker
-CVE-2004-2196 (Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of ...)
+CVE-2004-2196
 	NOT-FOR-US: Zanfi
-CVE-2004-2195 (PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite ...)
+CVE-2004-2195
 	NOT-FOR-US: Zanfi
-CVE-2004-2194 (MailEnable Professional Edition before 1.53 and Enterprise Edition ...)
+CVE-2004-2194
 	NOT-FOR-US: MailEnable
-CVE-2004-2193 (Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill ...)
+CVE-2004-2193
 	NOT-FOR-US: CJOverkill
-CVE-2004-2192 (SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic ...)
+CVE-2004-2192
 	NOT-FOR-US: Turbo Traffic Trader
-CVE-2004-2191 (Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo ...)
+CVE-2004-2191
 	NOT-FOR-US: Turbo Traffic Trader
-CVE-2004-2190 (Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact ...)
+CVE-2004-2190
 	- unzoo 4.4-3 (bug #306164)
-CVE-2004-2189 (SQL injection vulnerability in DMXReady Site Chassis Manager allows ...)
+CVE-2004-2189
 	NOT-FOR-US: DMXReady
-CVE-2004-2188 (Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis ...)
+CVE-2004-2188
 	NOT-FOR-US: DMXReady
-CVE-2004-2187 (Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to ...)
+CVE-2004-2187
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2186 (SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers ...)
+CVE-2004-2186
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2185 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 ...)
+CVE-2004-2185
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2184 (Directory traversal vulnerability in Digicraft Yak! server 2.0 through ...)
+CVE-2004-2184
 	NOT-FOR-US: Digicraft Yak!
-CVE-2004-2183 (Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to ...)
+CVE-2004-2183
 	NOT-FOR-US: WeHelpBUS
-CVE-2004-2182 (Session fixation vulnerability in Macromedia JRun 4.0 allows remote ...)
+CVE-2004-2182
 	NOT-FOR-US: Macromedia JRun
-CVE-2004-2181 (Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow ...)
+CVE-2004-2181
 	NOT-FOR-US: WowBB Forum
-CVE-2004-2180 (Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum ...)
+CVE-2004-2180
 	NOT-FOR-US: WowBB Forum
-CVE-2004-2179 (asycpict.dll, as used in Microsoft products such as Front Page 97 and ...)
+CVE-2004-2179
 	NOT-FOR-US: Microsoft
-CVE-2004-2178 (SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote ...)
+CVE-2004-2178
 	NOT-FOR-US: DevoyBB
-CVE-2004-2177 (Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 ...)
+CVE-2004-2177
 	NOT-FOR-US: DevoyBB
-CVE-2004-2176 (The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is ...)
+CVE-2004-2176
 	NOT-FOR-US: Microsoft
-CVE-2004-2175 (Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow ...)
+CVE-2004-2175
 	NOT-FOR-US: ReviewPost
-CVE-2004-2174 (Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ...)
+CVE-2004-2174
 	NOT-FOR-US: EarlyImpact
-CVE-2004-2173 (SQL injection vulnerability in advSearch_h.asp in EarlyImpact ...)
+CVE-2004-2173
 	NOT-FOR-US: EarlyImpact
-CVE-2004-2172 (EarlyImpact ProductCart uses a weak encryption scheme to encrypt ...)
+CVE-2004-2172
 	NOT-FOR-US: EarlyImpact
-CVE-2004-2171 (Cross-site scripting (XSS) vulnerability in Cherokee before 0.4.8 ...)
+CVE-2004-2171
 	- cherokee 0.4.8
-CVE-2004-2170 (Directory traversal vulnerability in sample_showcode.html in Caravan ...)
+CVE-2004-2170
 	NOT-FOR-US: Caravan
-CVE-2004-2169 (Application Access Server (A-A-S) 1.0.37 and earlier allows remote ...)
+CVE-2004-2169
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2004-2168 (BaSoMail 1.24 allows remote attackers to cause a denial of service ...)
+CVE-2004-2168
 	NOT-FOR-US: BaSoMail
-CVE-2004-2167 (Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other ...)
+CVE-2004-2167
 	- latex2rtf 1.9.16
-CVE-2004-2166 (The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and ...)
+CVE-2004-2166
 	NOT-FOR-US: Canon ImageRUNNER
-CVE-2004-2165 (Lords of the Realm III 1.01 and earlier, when in the lobby stage, ...)
+CVE-2004-2165
 	NOT-FOR-US: Lords of the Realm
-CVE-2004-2164 (shoprestoreorder.asp in VP-ASP 5.0 does not close the database ...)
+CVE-2004-2164
 	NOT-FOR-US: VP-ASP
-CVE-2004-2163 (login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not ...)
+CVE-2004-2163
 	NOT-FOR-US: OpenBSD
-CVE-2004-2160 (Format string vulnerability in xml_elem.c for XMLStarlet Command Line ...)
+CVE-2004-2160
 	- xmlstarlet 1.0.0-1
-CVE-2004-2159 (Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 ...)
+CVE-2004-2159
 	- xmlstarlet 1.0.0-1
-CVE-2004-2158 (SQL injection vulnerability in Serendipity 0.7-beta1 allows remote ...)
+CVE-2004-2158
 	- serendipity 1.0-1
-CVE-2004-2157 (Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity ...)
+CVE-2004-2157
 	- serendipity 1.0-1
-CVE-2004-2156 (Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have ...)
+CVE-2004-2156
 	NOT-FOR-US: Online Recruitment Agency
-CVE-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass its ...)
+CVE-2004-2155
 	NOT-FOR-US: Online-bookmarks
-CVE-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as ...)
+CVE-2004-2154
 	- cups 1.1.20final+rc1-1 (low)
 	- cupsys 1.1.20final+rc1-1 (low)
-CVE-2004-2153 (Multiple unknown vulnerabilities in Real Estate Management Software ...)
+CVE-2004-2153
 	NOT-FOR-US: Real Estate Management Software
-CVE-2004-2152 (Cross-site scripting (XSS) vulnerability in 'raw' page output mode for ...)
+CVE-2004-2152
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2151 (Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a ...)
+CVE-2004-2151
 	NOT-FOR-US: Chatman
-CVE-2004-2150 (Nettica Corporation INTELLIPEER Email Server 1.01 displays different ...)
+CVE-2004-2150
 	NOT-FOR-US: INTELLIPEER Email Server
-CVE-2004-2149 (Buffer overflow in the prepared statements API in libmysqlclient for ...)
+CVE-2004-2149
 	- mysql-dfsg-4.1 4.1.5-1
-CVE-2004-2148 (Unknown local vulnerability in the &quot;change user&quot; feature of Slava ...)
+CVE-2004-2148
 	- fprobe-ng 1.1-1
 	- fprobe 1.1-4
 	NOTE: fprobe was fixed in upstrem release 1.0.6 and since 1.1-4 fprobe-ng package
 	NOTE: replaced fprobe therefore marking as fixed in 1.1-4
-CVE-2004-2147 (Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook ...)
+CVE-2004-2147
 	NOT-FOR-US: Symantec Antivirus
-CVE-2004-2146 (CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows ...)
+CVE-2004-2146
 	NOT-FOR-US: MegaBBS
-CVE-2004-2145 (SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows ...)
+CVE-2004-2145
 	NOT-FOR-US: MegaBBS
-CVE-2004-2144 (Baal Smart Forms before 3.2 allows remote attackers to bypass ...)
+CVE-2004-2144
 	NOT-FOR-US: Baal Smart Forms
-CVE-2004-2143 (SQL injection vulnerability in the ReMOSitory Server add-on module to ...)
+CVE-2004-2143
 	NOT-FOR-US: Mambo Portal
-CVE-2004-2142 (Unknown vulnerability in the remote tape support (remote.c) in the RMT ...)
+CVE-2004-2142
 	- sdd 1.52-1
 CVE-2004-2141
 	REJECTED
-CVE-2004-2140 (CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote ...)
+CVE-2004-2140
 	NOT-FOR-US: YaBB
-CVE-2004-2139 (Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows ...)
+CVE-2004-2139
 	NOT-FOR-US: YaBB
-CVE-2004-2138 (Cross-site scripting (XSS) vulnerability in AWSguest.php in ...)
+CVE-2004-2138
 	NOT-FOR-US: MySQLGuest
-CVE-2004-2137 (Outlook Express 6.0, when sending multipart e-mail messages using the ...)
+CVE-2004-2137
 	NOT-FOR-US: Microsoft
-CVE-2004-2136 (dm-crypt on Linux kernel 2.6.x, when used on certain file systems ...)
+CVE-2004-2136
 	- linux-2.6 2.6.10-1 (low)
 	- linux-2.6.24 <not-affected> (fixed before initial upload)
-CVE-2004-2135 (cryptoloop on Linux kernel 2.6.x, when used on certain file systems ...)
+CVE-2004-2135
 	- linux-2.6 2.6.32-2 (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
 	NOTE: minor issue; solution (removal of cryptoloop) would be a significant change
 	NOTE: if backported to the stable releases
 	NOTE: mitigation: use dm-crypt or loop-aes for disk encrytion instead of cryptoloop
-CVE-2004-2134 (Oracle toplink mapping workBench uses a weak encryption algorithm for ...)
+CVE-2004-2134
 	NOT-FOR-US: Oracle
-CVE-2004-2133 (Certain third-party packages for CVSup 16.1h, such as SuSE Linux, ...)
+CVE-2004-2133
 	NOT-FOR-US: CVSup third party modules
-CVE-2004-2132 (Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo ...)
+CVE-2004-2132
 	NOT-FOR-US: PJ CGI Nero
-CVE-2004-2131 (Stack-based buffer overflow in ontape for IBM Informix Dynamic Server ...)
+CVE-2004-2131
 	NOT-FOR-US: Informix Dynamic Server
-CVE-2004-2130 (Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in ...)
+CVE-2004-2130
 	- phpbb2 2.0.6d-2
-CVE-2004-2129 (SurfNOW 2.2 allows remote attackers to cause a denial of service ...)
+CVE-2004-2129
 	NOT-FOR-US: SurfNOW
-CVE-2004-2128 (Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows ...)
+CVE-2004-2128
 	NOT-FOR-US: WebWeaver
-CVE-2004-2127 (Directory traversal vulnerability in Web Blog 1.1 allows remote ...)
+CVE-2004-2127
 	NOT-FOR-US: Web Blog
-CVE-2004-2126 (The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure ...)
+CVE-2004-2126
 	NOT-FOR-US: BlackICE
-CVE-2004-2125 (Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other ...)
+CVE-2004-2125
 	NOT-FOR-US: BlackICE
-CVE-2004-2124 (The register_globals simulation capability in Gallery 1.3.1 through ...)
+CVE-2004-2124
 	- gallery 1.4.4-pl1-1
-CVE-2004-2123 (Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com ...)
+CVE-2004-2123
 	NOT-FOR-US: Nextplace
-CVE-2004-2122 (Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra ...)
+CVE-2004-2122
 	NOT-FOR-US: Intra Forum
-CVE-2004-2121 (Multiple directory traversal vulnerabilities in Borland Web Server ...)
+CVE-2004-2121
 	NOT-FOR-US: Borland Web Server
-CVE-2004-2120 (Reptile Web Server allows remote attackers to cause a denial of ...)
+CVE-2004-2120
 	NOT-FOR-US: Reptile Web Server
-CVE-2004-2119 (Cross-site scripting (XSS) vulnerability in Tiny Server 1.1 allows ...)
+CVE-2004-2119
 	NOT-FOR-US: Tiny Server
-CVE-2004-2118 (Tiny Server 1.1 allows remote attackers to cause a denial of service ...)
+CVE-2004-2118
 	NOT-FOR-US: Tiny Server
-CVE-2004-2117 (Tiny Server 1.1 allows remote attackers to cause a denial of service ...)
+CVE-2004-2117
 	NOT-FOR-US: Tiny Server
-CVE-2004-2116 (Directory traversal vulnerability in Tiny Server 1.1 allows remote ...)
+CVE-2004-2116
 	NOT-FOR-US: Tiny Server
-CVE-2004-2115 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP ...)
+CVE-2004-2115
 	NOT-FOR-US: Oracle
-CVE-2004-2114 (Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and ...)
+CVE-2004-2114
 	NOT-FOR-US: ProxyNow!
-CVE-2004-2113 (Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows ...)
+CVE-2004-2113
 	NOT-FOR-US: BremsServer
-CVE-2004-2112 (Directory traversal vulnerability in BremsServer 1.2.4 allows remote ...)
+CVE-2004-2112
 	NOT-FOR-US: BremsServer
-CVE-2004-2111 (Stack-based buffer overflow in the site chmod command in Serv-U FTP ...)
+CVE-2004-2111
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2004-2110 (SQL injection vulnerability in register.php in Phorum before 3.4.6 ...)
+CVE-2004-2110
 	NOT-FOR-US: Phorum
-CVE-2004-2109 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2004-2109
 	NOT-FOR-US: Q-Shop
-CVE-2004-2108 (Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote ...)
+CVE-2004-2108
 	NOT-FOR-US: Q-Shop
-CVE-2004-2107 (Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not ...)
+CVE-2004-2107
 	NOT-FOR-US: Finjan SurfinGate
-CVE-2004-2106 (Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote ...)
+CVE-2004-2106
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2105 (The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 ...)
+CVE-2004-2105
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2104 (Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote ...)
+CVE-2004-2104
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2103 (Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise ...)
+CVE-2004-2103
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2102 (Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified ...)
+CVE-2004-2102
 	NOT-FOR-US: Freesco
-CVE-2004-2101 (The sysinfo script in GeoHttpServer allows remote attackers to cause a ...)
+CVE-2004-2101
 	NOT-FOR-US: GeoHttpServer
-CVE-2004-2100 (GeoHttpServer, when configured to authenticate users, allows remote ...)
+CVE-2004-2100
 	NOT-FOR-US: GeoHttpServer
-CVE-2004-2099 (Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), ...)
+CVE-2004-2099
 	NOT-FOR-US: Need for Speed game
-CVE-2004-2098 (Cross-site scripting (XSS) vulnerability in the banner engine (TBE) ...)
+CVE-2004-2098
 	NOT-FOR-US: Banner engine
-CVE-2004-2097 (Multiple scripts on SuSE Linux 9.0 allow local users to overwrite ...)
+CVE-2004-2097
 	- fvwm <not-affected> (Used mktemp)
 	- xbase-clients <not-affected> (x11perfcomp uses mkdir atomically)
 	- lvm10 <not-affected> (does not contain lvmcreate_initrd)
-CVE-2004-2096 (Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 ...)
+CVE-2004-2096
 	NOT-FOR-US: Mephistoles
-CVE-2004-2095 (Honeyd before 0.8 replies to TCP packets with the SYN and RST flags ...)
+CVE-2004-2095
 	- honeyd 0.8-1
-CVE-2004-2094 (Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows ...)
+CVE-2004-2094
 	NOT-FOR-US: WebcamXP
-CVE-2004-2093 (Buffer overflow in the open_socket_out function in socket.c for rsync ...)
+CVE-2004-2093
 	- rsync 2.6.1-1
-CVE-2004-2092 (eTrust InoculateIT for Linux 6.0 uses insecure permissions for ...)
+CVE-2004-2092
 	NOT-FOR-US: InoculateIT
-CVE-2004-2091 (Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly ...)
+CVE-2004-2091
 	NOT-FOR-US: Microsoft
-CVE-2004-2090 (Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers ...)
+CVE-2004-2090
 	NOT-FOR-US: Microsoft
-CVE-2004-2089 (Matrix FTP Server allows remote attackers to cause a denial of service ...)
+CVE-2004-2089
 	NOT-FOR-US: Matrix FTP Server
-CVE-2004-2088 (Sophos Anti-Virus 3.78 allows remote attackers to bypass virus ...)
+CVE-2004-2088
 	NOT-FOR-US: Sophos
-CVE-2004-2087 (Unknown vulnerability in SandSurfer before 1.7.0 allows remote ...)
+CVE-2004-2087
 	NOT-FOR-US: SandSurfer
-CVE-2004-2086 (Stack-based buffer overflow in results.stm for Sambar Server before ...)
+CVE-2004-2086
 	NOT-FOR-US: Sambar
-CVE-2004-2085 (Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears ...)
+CVE-2004-2085
 	NOT-FOR-US: phpcodeCabinet
-CVE-2004-2084 (Cross-site scripting (XSS) vulnerability in search.php in JShop ...)
+CVE-2004-2084
 	NOT-FOR-US: JShop
-CVE-2004-2083 (Opera Web Browser 7.0 through 7.23 allows remote attackers to trick ...)
+CVE-2004-2083
 	NOT-FOR-US: Opera
-CVE-2004-2082 (The samiftp.dll library in Sami FTP Server 1.1.3 allows remote ...)
+CVE-2004-2082
 	NOT-FOR-US: Sami FTP Server
-CVE-2004-2081 (The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to ...)
+CVE-2004-2081
 	NOT-FOR-US: Sami FTP Server
-CVE-2004-2080 (Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple ...)
+CVE-2004-2080
 	NOT-FOR-US: Red-Alert
-CVE-2004-2079 (Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication ...)
+CVE-2004-2079
 	NOT-FOR-US: Red-Alert
-CVE-2004-2078 (Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote ...)
+CVE-2004-2078
 	NOT-FOR-US: Red-Alert
-CVE-2004-2077 (Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 ...)
+CVE-2004-2077
 	NOT-FOR-US: Nadeo
-CVE-2004-2076 (Cross-site scripting (XSS) vulnerability in search.php for Jelsoft ...)
+CVE-2004-2076
 	NOT-FOR-US: Jelsoft Bulletin
-CVE-2004-2075 (Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of ...)
+CVE-2004-2075
 	NOT-FOR-US: Sophos
-CVE-2004-2074 (Format string vulnerability in Dream FTP 1.02 allows local users to ...)
+CVE-2004-2074
 	NOT-FOR-US: Dream FTP
-CVE-2004-2073 (Linux-VServer 1.24 allows local users with root privileges on a ...)
+CVE-2004-2073
 	- kernel-patch-vserver 1.9.4-1
-CVE-2004-2072 (Cross-site scripting (XSS) vulnerability in index.php for Mambo Open ...)
+CVE-2004-2072
 	NOT-FOR-US: Mambo
-CVE-2004-2071 (Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier ...)
+CVE-2004-2071
 	NOT-FOR-US: Macallan
-CVE-2004-2070 (The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) ...)
+CVE-2004-2070
 	NOT-FOR-US: Altiris Client Service for Windows
-CVE-2004-2067 (SQL injection vulnerability in controlpanel.php in Jaws Framework and ...)
+CVE-2004-2067
 	NOT-FOR-US: JAWS
-CVE-2004-2066 (SQL injection vulnerability in session.php in LinPHA 0.9.4 allows ...)
+CVE-2004-2066
 	NOT-FOR-US: LinPHA
-CVE-2004-2065 (DansGuardian 2.8 and earlier allows remote attackers to bypass the ...)
+CVE-2004-2065
 	- dansguardian 2.5.2-0-0.1
-CVE-2004-2064 (Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier ...)
+CVE-2004-2064
 	NOT-FOR-US: lostBook
-CVE-2004-2063 (Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard ...)
+CVE-2004-2063
 	NOT-FOR-US: AntiBoard
-CVE-2004-2062 (SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and ...)
+CVE-2004-2062
 	NOT-FOR-US: AntiBoard
-CVE-2004-2061 (RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use ...)
+CVE-2004-2061
 	NOT-FOR-US: RiSearch
-CVE-2004-2060 (ASPRunner 2.4 stores the database under the web root in the db ...)
+CVE-2004-2060
 	NOT-FOR-US: ASPRunner
-CVE-2004-2059 (Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow ...)
+CVE-2004-2059
 	NOT-FOR-US: ASPRunner
-CVE-2004-2058 (ASPRunner 2.4 allows remote attackers to gain sensitive information ...)
+CVE-2004-2058
 	NOT-FOR-US: ASPRunner
-CVE-2004-2057 (SQL injection vulnerability in ASPRunner 2.4 allows remote attackers ...)
+CVE-2004-2057
 	NOT-FOR-US: ASPRunner
-CVE-2004-2056 (SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows ...)
+CVE-2004-2056
 	NOT-FOR-US: ASPRunner
-CVE-2004-2055 (Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 ...)
+CVE-2004-2055
 	- phpbb2 2.0.10-1
-CVE-2004-2054 (CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote ...)
+CVE-2004-2054
 	- phpbb2 2.0.10-1
-CVE-2004-2053 (PHP remote file inclusion vulnerability in index.php in EasyIns ...)
+CVE-2004-2053
 	NOT-FOR-US: Easyins Stadtportal
-CVE-2004-2052 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier ...)
+CVE-2004-2052
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2051 (The Phoenix browser in eSeSIX Thintune thin clients running firmware ...)
+CVE-2004-2051
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2050 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow ...)
+CVE-2004-2050
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2049 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store ...)
+CVE-2004-2049
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2048 (radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and ...)
+CVE-2004-2048
 	NOT-FOR-US: no_package
-CVE-2004-2047 (Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for ...)
+CVE-2004-2047
 	NOT-FOR-US: no_package
-CVE-2004-2046 (Unknown vulnerability in APC PowerChute Business Edition 6.0 through ...)
+CVE-2004-2046
 	NOT-FOR-US: no_package
-CVE-2004-2045 (The HTTP administration interface on Conceptronic CADSLR1 ADSL router ...)
+CVE-2004-2045
 	NOT-FOR-US: no_package
-CVE-2004-2044 (PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such ...)
+CVE-2004-2044
 	NOT-FOR-US: no_package
-CVE-2004-2043 (Buffer overflow in ibserver for Firebird Database 1.0 and other ...)
+CVE-2004-2043
 	{DSA-1014-1}
 	- firebird2 1.5.3.4870-3 (bug #357580)
-CVE-2004-2042 (Multiple SQL injection vulnerabilities in e107 0.615 allow remote ...)
+CVE-2004-2042
 	NOT-FOR-US: no_package
-CVE-2004-2041 (PHP remote file inclusion vulnerability in secure_img_render.php in ...)
+CVE-2004-2041
 	NOT-FOR-US: no_package
-CVE-2004-2040 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 ...)
+CVE-2004-2040
 	NOT-FOR-US: no_package
-CVE-2004-2039 (e107 0.615 allows remote attackers to obtain sensitive information via ...)
+CVE-2004-2039
 	NOT-FOR-US: no_package
-CVE-2004-2038 (Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) ...)
+CVE-2004-2038
 	NOT-FOR-US: no_package
-CVE-2004-2037 (Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote ...)
+CVE-2004-2037
 	NOT-FOR-US: no_package
-CVE-2004-2036 (SQL injection vulnerability in the art_print function in print.inc.php ...)
+CVE-2004-2036
 	NOT-FOR-US: no_package
-CVE-2004-2035 (MiniShare 1.3.2 allows remote attackers to cause a denial of service ...)
+CVE-2004-2035
 	NOT-FOR-US: no_package
-CVE-2004-2034 (Buffer overflow in the (1) WTHoster and (2) WebDriver modules in ...)
+CVE-2004-2034
 	NOT-FOR-US: no_package
-CVE-2004-2033 (Orenosv 0.5.9f allows remote attackers to cause a denial of service ...)
+CVE-2004-2033
 	NOT-FOR-US: no_package
-CVE-2004-2032 (Netgear RP114 allows remote attackers to bypass the keyword based URL ...)
+CVE-2004-2032
 	NOT-FOR-US: no_package
-CVE-2004-2031 (Cross-site scripting (XSS) vulnerability in user.php in e107 allows ...)
+CVE-2004-2031
 	NOT-FOR-US: no_package
-CVE-2004-2030 (Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for ...)
+CVE-2004-2030
 	NOT-FOR-US: no_package
-CVE-2004-2029 (The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 ...)
+CVE-2004-2029
 	NOT-FOR-US: no_package
-CVE-2004-2028 (Cross-site scripting (XSS) vulnerability in stats.php in e107 allows ...)
+CVE-2004-2028
 	NOT-FOR-US: no_package
-CVE-2004-2027 (Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers ...)
+CVE-2004-2027
 	- icecast2 2.0.1.debian-1
-CVE-2004-2026 (Format string vulnerability in the logmsg function in svc.c for Pound ...)
+CVE-2004-2026
 	- pound 1.7-1
-CVE-2004-2025 (SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 ...)
+CVE-2004-2025
 	NOT-FOR-US: no_package
-CVE-2004-2024 (The distribution of Zen Cart 1.1.4 before patch 2 includes certain ...)
+CVE-2004-2024
 	NOT-FOR-US: no_package
-CVE-2004-2023 (SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 ...)
+CVE-2004-2023
 	NOT-FOR-US: no_package
-CVE-2004-2022 (ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, ...)
+CVE-2004-2022
 	NOT-FOR-US: various perls on Windows
-CVE-2004-2021 (Directory traversal vulnerability in file_manager.php in osCommerce ...)
+CVE-2004-2021
 	NOT-FOR-US: osCommerce
-CVE-2004-2020 (Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x ...)
+CVE-2004-2020
 	NOT-FOR-US: php-nuke
-CVE-2004-2019 (The WebLinks module in Php-Nuke 6.x through 7.3 allows remote ...)
+CVE-2004-2019
 	NOT-FOR-US: php-nuke
-CVE-2004-2018 (PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x ...)
+CVE-2004-2018
 	NOT-FOR-US: php-nuke
-CVE-2004-2017 (Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic ...)
+CVE-2004-2017
 	NOT-FOR-US: Turbo Traffic Trader C (TTT-C)
-CVE-2004-2016 (Stack-based buffer overflow in the HTTP server in NetChat 7.3 and ...)
+CVE-2004-2016
 	NOT-FOR-US: netchat
-CVE-2004-2015 (Cross-site scripting (XSS) vulnerability in WebCT Campus Edition ...)
+CVE-2004-2015
 	NOT-FOR-US: WebCT
-CVE-2004-2014 (Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via ...)
+CVE-2004-2014
 	- wget 1.9.1-12
-CVE-2004-2013 (Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in ...)
+CVE-2004-2013
 	NOTE: kernel 2.4.23-pre5 to 2.4.25; 2.4.26 and 2.6 are reported ok
-CVE-2004-2012 (The systrace_exit function in the systrace utility for NetBSD-current ...)
+CVE-2004-2012
 	NOT-FOR-US: NetBSD
-CVE-2004-2011 (msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to ...)
+CVE-2004-2011
 	NOT-FOR-US: MSIE
-CVE-2004-2010 (PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 ...)
+CVE-2004-2010
 	NOT-FOR-US: phpShop
-CVE-2004-2009 (NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full ...)
+CVE-2004-2009
 	NOT-FOR-US: NukeJokes
-CVE-2004-2008 (SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta ...)
+CVE-2004-2008
 	NOT-FOR-US: NukeJokes
-CVE-2004-2007 (Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes ...)
+CVE-2004-2007
 	NOT-FOR-US: NukeJokes
-CVE-2004-2006 (Trend Micro OfficeScan 3.0 - 6.0 has default permissions of &quot;Everyone ...)
+CVE-2004-2006
 	NOT-FOR-US: OfficeScan
-CVE-2004-2005 (Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows ...)
+CVE-2004-2005
 	NOT-FOR-US: Eudora
-CVE-2004-2004 (The Live CD in SUSE LINUX 9.1 Personal edition is configured without a ...)
+CVE-2004-2004
 	NOT-FOR-US: SUSE Live CD
-CVE-2004-2003 (Buffer overflow in the ssl_prcert function in the SSLway filter ...)
+CVE-2004-2003
 	NOT-FOR-US: DeleGate
-CVE-2004-2002 (Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote ...)
+CVE-2004-2002
 	NOT-FOR-US: IRIX
-CVE-2004-2001 (ifconfig &quot;-arp&quot; in SGI IRIX 6.5 through 6.5.22m does not properly ...)
+CVE-2004-2001
 	NOT-FOR-US: IRIX
-CVE-2004-2000 (SQL injection vulnerability in the Downloads module in Php-Nuke 6.x ...)
+CVE-2004-2000
 	NOT-FOR-US: Php-Nuke
-CVE-2004-1999 (Cross-site scripting (XSS) vulnerability in the Downloads module in ...)
+CVE-2004-1999
 	NOT-FOR-US: Windows
-CVE-2004-1998 (The Downloads module in Php-Nuke 6.x through 7.2 allows remote ...)
+CVE-2004-1998
 	NOT-FOR-US: php-nuke
-CVE-2004-1997 (Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, ...)
+CVE-2004-1997
 	NOT-FOR-US: kolab
-CVE-2004-1996 (Cross-site scripting (XSS) vulnerability in Simple Machines Forum ...)
+CVE-2004-1996
 	NOT-FOR-US: Simple Machines Forum
-CVE-2004-1995 (Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows ...)
+CVE-2004-1995
 	NOT-FOR-US: FuseTalk
-CVE-2004-1994 (FuseTalk 4.0 allows remote attackers to ban other users via a direct ...)
+CVE-2004-1994
 	NOT-FOR-US: FuseTalk
-CVE-2004-1993 (The patch to the checklogin function in omail.pl for omail webmail ...)
+CVE-2004-1993
 	NOT-FOR-US: omail
-CVE-2004-1992 (Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote ...)
+CVE-2004-1992
 	NOT-FOR-US: Serv-U
-CVE-2004-1991 (Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 ...)
+CVE-2004-1991
 	NOT-FOR-US: aweb
-CVE-2004-1990 (Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive ...)
+CVE-2004-1990
 	NOT-FOR-US: aweb
-CVE-2004-1989 (PHP remote file inclusion vulnerability in theme.php in Coppermine ...)
+CVE-2004-1989
 	NOT-FOR-US: Coppermine
-CVE-2004-1988 (PHP remote file inclusion vulnerability in init.inc.php in Coppermine ...)
+CVE-2004-1988
 	NOT-FOR-US: Coppermine
-CVE-2004-1987 (picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 ...)
+CVE-2004-1987
 	NOT-FOR-US: Coppermine
-CVE-2004-1986 (Directory traversal vulnerability in modules.php in Coppermine Photo ...)
+CVE-2004-1986
 	NOT-FOR-US: Coppermine
-CVE-2004-1985 (Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine ...)
+CVE-2004-1985
 	NOT-FOR-US: Coppermine
-CVE-2004-1984 (Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers ...)
+CVE-2004-1984
 	NOT-FOR-US: Coppermine
-CVE-2004-1983 (The arch_get_unmapped_area function in mmap.c in the PaX patches for ...)
+CVE-2004-1983
 	- kernel-patch-adamantix <not-affected> (Only affects PaX for kernel 2.6)
-CVE-2004-1982 (Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify ...)
+CVE-2004-1982
 	NOT-FOR-US: YaBB
-CVE-2004-1981 (The web interface for Crystal Reports allows remote attackers to cause ...)
+CVE-2004-1981
 	NOT-FOR-US: Crystal Reports
-CVE-2004-1980 (Directory traversal vulnerability in glossary.php in PROPS 0.6.1 ...)
+CVE-2004-1980
 	NOT-FOR-US: PROPS
-CVE-2004-1979 (Cross-site scripting (XSS) vulnerability in do_search.php in PROPS ...)
+CVE-2004-1979
 	NOT-FOR-US: PROPS
-CVE-2004-1978 (Cross-site scripting (XSS) vulnerability in help.php in Moodle before ...)
+CVE-2004-1978
 	- moodle 1.3
-CVE-2004-1977 (3com NBX IP VOIP NetSet Configuration Manager allows remote attackers ...)
+CVE-2004-1977
 	NOT-FOR-US: 3com NBX IP VOIP NetSet Configuration Manager
-CVE-2004-1976 (SMC Barricade broadband router 7008ABR and 7004VBR enable remote ...)
+CVE-2004-1976
 	NOT-FOR-US: SMC Barricade broadband router 7008ABR and 7004VBR
-CVE-2004-1975 (Cross-site scripting (XSS) vulnerability in the category module in ...)
+CVE-2004-1975
 	NOT-FOR-US: paFileDB
-CVE-2004-1974 (paFileDB 3.1 allows remote attackers to gain sensitive information via ...)
+CVE-2004-1974
 	NOT-FOR-US: paFileDB
-CVE-2004-1973 (DiGi Web Server allows remote attackers to cause a denial of service ...)
+CVE-2004-1973
 	NOT-FOR-US: DiGi Web Server
-CVE-2004-1972 (SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery ...)
+CVE-2004-1972
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1971 (modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote ...)
+CVE-2004-1971
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1970 (Samsung SmartEther SS6215S switch, and possibly other Samsung ...)
+CVE-2004-1970
 	NOT-FOR-US: Samsung SmartEther SS6215Sswitch
-CVE-2004-1969 (The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and ...)
+CVE-2004-1969
 	NOT-FOR-US: OpenBB
-CVE-2004-1968 (The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 ...)
+CVE-2004-1968
 	NOT-FOR-US: OpenBB
-CVE-2004-1967 (Cross-site request forgery (CSRF) vulnerabilities in (1) ...)
+CVE-2004-1967
 	NOT-FOR-US: OpenBB
-CVE-2004-1966 (Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) ...)
+CVE-2004-1966
 	NOT-FOR-US: OpenBB
-CVE-2004-1965 (Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin ...)
+CVE-2004-1965
 	NOT-FOR-US: OpenBB
-CVE-2004-1964 (Cross-site scripting (XSS) vulnerability in nqt.php in Network Query ...)
+CVE-2004-1964
 	NOT-FOR-US: Network Query Tool (NQT)
-CVE-2004-1963 (nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to ...)
+CVE-2004-1963
 	NOT-FOR-US: Network Query Tool (NQT)
-CVE-2004-1962 (SQL injection vulnerability in index.php in Protector System 1.15b1 ...)
+CVE-2004-1962
 	NOT-FOR-US: Protector System
-CVE-2004-1961 (blocker.php in Protector System 1.15b1 allows remote attackers to ...)
+CVE-2004-1961
 	NOT-FOR-US: Protector System
-CVE-2004-1960 (Cross-site scripting (XSS) vulnerability in blocker_query.php in ...)
+CVE-2004-1960
 	NOT-FOR-US: Protector System
-CVE-2004-1959 (blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows ...)
+CVE-2004-1959
 	NOT-FOR-US: Protector System
-CVE-2004-1958 (Directory traversal vulnerability in manifest.ini in Unreal engine ...)
+CVE-2004-1958
 	NOT-FOR-US: Unreal engine
-CVE-2004-1957 (Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 ...)
+CVE-2004-1957
 	NOT-FOR-US: PostNuke
-CVE-2004-1956 (PostNuke 0.7.2.6 allows remote attackers to gain information via a ...)
+CVE-2004-1956
 	NOT-FOR-US: PostNuke
-CVE-2004-1955 (SQL injection vulnerability in modules.php in phProfession 2.5 allows ...)
+CVE-2004-1955
 	NOT-FOR-US: phProfession
-CVE-2004-1954 (Cross-site scripting (XSS) vulnerability in modules.php in ...)
+CVE-2004-1954
 	NOT-FOR-US: phProfession
-CVE-2004-1953 (phProfession 2.5 allows remote attackers to gain sensitive information ...)
+CVE-2004-1953
 	NOT-FOR-US: phProfession
-CVE-2004-1952 (SQL injection vulnerability in Advanced Guestbook 2.2 allows remote ...)
+CVE-2004-1952
 	NOT-FOR-US: Advanced Guestbook
-CVE-2004-1951 (xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui ...)
+CVE-2004-1951
 	- xine-ui 0.99.1
-CVE-2004-1950 (phpBB 2.0.8a and earlier trusts the IP address that is in the ...)
+CVE-2004-1950
 	- phpbb2 2.0.9
-CVE-2004-1949 (SQL injection vulnerability in PostNuke 7.2.6 and earlier allows ...)
+CVE-2004-1949
 	NOT-FOR-US: PostNuke
-CVE-2004-1948 (NcFTP client 3.1.6 and 3.1.7, when the username and password are ...)
+CVE-2004-1948
 	- ncftp 2:3.1.8-1 (low)
-CVE-2004-1947 (The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender ...)
+CVE-2004-1947
 	NOT-FOR-US: bitdefender
-CVE-2004-1946 (Format string vulnerability in the PRINT_ERROR function in common.c ...)
+CVE-2004-1946
 	- cherokee 0.4.21b01-1
-CVE-2004-1945 (Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to ...)
+CVE-2004-1945
 	NOT-FOR-US: Kinesphere eXchange POP3
-CVE-2004-1944 (Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a ...)
+CVE-2004-1944
 	NOT-FOR-US: Eudora
-CVE-2004-1943 (PHP remote file inclusion vulnerability in album_portal.php in phpBB ...)
+CVE-2004-1943
 	NOT-FOR-US: phpbb as modified by przemo
-CVE-2004-1942 (The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 ...)
+CVE-2004-1942
 	NOT-FOR-US: Solaris
-CVE-2004-1941 (Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to ...)
+CVE-2004-1941
 	NOT-FOR-US: Fastream NETFile FTP/Web Server
-CVE-2004-1940 (sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to ...)
+CVE-2004-1940
 	- kphone 1:4.0.2
-CVE-2004-1939 (Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows ...)
+CVE-2004-1939
 	NOT-FOR-US: Zaep
-CVE-2004-1938 (SQL injection vulnerability in userlogin.php in Phorum 3.4.7 allows ...)
+CVE-2004-1938
 	NOT-FOR-US: Phorum
-CVE-2004-1937 (Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and ...)
+CVE-2004-1937
 	NOT-FOR-US: Nuked-KlaN
-CVE-2004-1936 (ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote ...)
+CVE-2004-1936
 	NOT-FOR-US: ZoneAlarm
-CVE-2004-1935 (Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows ...)
+CVE-2004-1935
 	NOT-FOR-US: SCT Campus Pipeline
-CVE-2004-1934 (PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 ...)
+CVE-2004-1934
 	NOT-FOR-US: Gemitel
-CVE-2004-1933 (Citadel/UX 5.00 through 6.14 installs the database directory and files ...)
+CVE-2004-1933
 	NOT-FOR-US: Citadel
-CVE-2004-1932 (SQL injection vulnerability in (1) auth.php and (2) admin.php in ...)
+CVE-2004-1932
 	NOT-FOR-US: PhpNuke
-CVE-2004-1930 (Cross-site scripting (XSS) vulnerability in the cookiedecode function ...)
+CVE-2004-1930
 	NOT-FOR-US: PhpNuke
-CVE-2004-1929 (SQL injection vulnerability in the bblogin function in functions.php ...)
+CVE-2004-1929
 	NOT-FOR-US: PhpNuke
-CVE-2004-1928 (The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and ...)
+CVE-2004-1928
 	NOT-FOR-US: tikiwiki
-CVE-2004-1927 (Directory traversal vulnerability in the map feature (tiki-map.phtml) ...)
+CVE-2004-1927
 	NOT-FOR-US: tikiwiki
-CVE-2004-1926 (Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote ...)
+CVE-2004-1926
 	NOT-FOR-US: tikiwiki
-CVE-2004-1925 (Multiple SQL injection vulnerabilities in Tiki CMS/Groupware ...)
+CVE-2004-1925
 	NOT-FOR-US: tikiwiki
-CVE-2004-1924 (Multiple cross-site scripting (XSS) vulnerabilities in Tiki ...)
+CVE-2004-1924
 	NOT-FOR-US: tikiwiki
-CVE-2004-1923 (Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote ...)
+CVE-2004-1923
 	NOT-FOR-US: tikiwiki
-CVE-2004-1922 (Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the ...)
+CVE-2004-1922
 	NOT-FOR-US: MSIE
-CVE-2004-1921 (X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded &quot;1502&quot; ...)
+CVE-2004-1921
 	NOT-FOR-US: X-Micro WLAN 11b Broadband Router
-CVE-2004-1920 (X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 ...)
+CVE-2004-1920
 	NOT-FOR-US: X-Micro WLAN 11b Broadband Router
-CVE-2004-1919 (The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote ...)
+CVE-2004-1919
 	NOT-FOR-US: Crackalaka
-CVE-2004-1918 (RSniff 1.0 allows remote attackers to cause a denial of service ...)
+CVE-2004-1918
 	NOT-FOR-US: rsniff
-CVE-2004-1917 (Format string vulnerability in test_func_func in LCDProc 0.4.1 and ...)
+CVE-2004-1917
 	- lcdproc 0.4.5
-CVE-2004-1916 (Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x ...)
+CVE-2004-1916
 	- lcdproc 0.4.5
-CVE-2004-1915 (Buffer overflow in the parse_all_client_messages function in LCDproc ...)
+CVE-2004-1915
 	- lcdproc 0.4.5
-CVE-2004-1914 (SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as ...)
+CVE-2004-1914
 	NOT-FOR-US: phpnuke
-CVE-2004-1913 (Cross-site scripting (XSS) vulnerability in modules.php in ...)
+CVE-2004-1913
 	NOT-FOR-US: phpnuke
-CVE-2004-1912 (The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, ...)
+CVE-2004-1912
 	NOT-FOR-US: phpnuke
-CVE-2004-1911 (Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 ...)
+CVE-2004-1911
 	NOT-FOR-US: AzDGDatingLite
-CVE-2004-1910 (rufsi.dll in Symantec Virus Detection allows remote attackers to cause ...)
+CVE-2004-1910
 	NOT-FOR-US: Symantec
-CVE-2004-1909 (Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to ...)
+CVE-2004-1909
 	- clamav 0.68.1
-CVE-2004-1908 (McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows ...)
+CVE-2004-1908
 	NOT-FOR-US: Mcafee FreeScan
-CVE-2004-1907 (The Web Filtering functionality in Kerio Personal Firewall (KPF) ...)
+CVE-2004-1907
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2004-1906 (Mcafee FreeScan allows remote attackers to cause a denial of service ...)
+CVE-2004-1906
 	NOT-FOR-US: Mcafee FreeScan
-CVE-2004-1905 (ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause ...)
+CVE-2004-1905
 	NOT-FOR-US: Panda ActiveScan
-CVE-2004-1904 (Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote ...)
+CVE-2004-1904
 	NOT-FOR-US: Panda ActiveScan
-CVE-2004-1903 (Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute ...)
+CVE-2004-1903
 	NOT-FOR-US: blaxxun
-CVE-2004-1902 (The Citrix MetaFrame Password Manager 2.0, when a central credential ...)
+CVE-2004-1902
 	NOT-FOR-US: Citrix MetaFrame Password Manager
-CVE-2004-1901 (Portage before 2.0.50-r3 allows local users to overwrite arbitrary ...)
+CVE-2004-1901
 	NOT-FOR-US: gentoo portage
-CVE-2004-1900 (Format string vulnerability in the logging function in IGI 2 Covert ...)
+CVE-2004-1900
 	NOT-FOR-US: IGI 2 Covert Strike server
-CVE-2004-1899 (The administration interface in Monit 1.4 through 4.2 allows remote ...)
+CVE-2004-1899
 	- monit 1:4.2.1
-CVE-2004-1898 (Stack-based buffer overflow in the administration interface in Monit ...)
+CVE-2004-1898
 	- monit 1:4.2.1-1
-CVE-2004-1897 (Administration interface in Monit 1.4 through 4.2 allows remote ...)
+CVE-2004-1897
 	- monit 1:4.2.1-1
-CVE-2004-1896 (Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 ...)
+CVE-2004-1896
 	NOT-FOR-US: no_package
-CVE-2004-1895 (YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to ...)
+CVE-2004-1895
 	NOT-FOR-US: no_package
-CVE-2004-1894 (TEXutil in ConTEXt, when executed with the --silent option, allows ...)
+CVE-2004-1894
 	NOT-FOR-US: no_package
-CVE-2004-1893 (Dreamweaver MX, when &quot;Using Driver On Testing Server&quot; or &quot;Using DSN on ...)
+CVE-2004-1893
 	NOT-FOR-US: no_package
-CVE-2004-1892 (Stack-based buffer overflow in DecodeBase16 function, as used in the ...)
+CVE-2004-1892
 	NOT-FOR-US: no_package
-CVE-2004-1891 (The ftp_syslog function in ftpd in SGI IRIX 6.5.20 &quot;doesn't work with ...)
+CVE-2004-1891
 	NOT-FOR-US: no_package
-CVE-2004-1890 (Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows ...)
+CVE-2004-1890
 	NOT-FOR-US: no_package
-CVE-2004-1889 (Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows ...)
+CVE-2004-1889
 	NOT-FOR-US: no_package
-CVE-2004-1888 (display.cgi in Aborior Encore WebForum allows remote to execute ...)
+CVE-2004-1888
 	NOT-FOR-US: no_package
-CVE-2004-1887 (Ada Image Server (ImgSvr) 0.4 allows remote attackers to view ...)
+CVE-2004-1887
 	NOT-FOR-US: no_package
 CVE-2004-1886
 	REJECTED
-CVE-2004-1885 (Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to ...)
+CVE-2004-1885
 	NOT-FOR-US: no_package
-CVE-2004-1884 (Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with ...)
+CVE-2004-1884
 	NOT-FOR-US: no_package
-CVE-2004-1883 (Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow ...)
+CVE-2004-1883
 	NOT-FOR-US: no_package
-CVE-2004-1882 (Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in ...)
+CVE-2004-1882
 	NOT-FOR-US: no_package
-CVE-2004-1881 (SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp ...)
+CVE-2004-1881
 	NOT-FOR-US: no_package
-CVE-2004-1880 (Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier ...)
+CVE-2004-1880
 	- openldap2 2.1.17-1
-CVE-2004-1879 (Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows ...)
+CVE-2004-1879
 	NOT-FOR-US: no_package
-CVE-2004-1878 (LINBOX LIN:BOX allows remote attackers to bypass authentication, ...)
+CVE-2004-1878
 	NOT-FOR-US: no_package
-CVE-2004-1877 (The p_submit_url value in the sample login form in the Oracle 9i ...)
+CVE-2004-1877
 	NOT-FOR-US: no_package
-CVE-2004-1876 (The &quot;%f&quot; feature in the VirusEvent directive in Clam AntiVirus daemon ...)
+CVE-2004-1876
 	- clamav 0.70-1
-CVE-2004-1875 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel ...)
+CVE-2004-1875
 	NOT-FOR-US: no_package
-CVE-2004-1874 (Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp ...)
+CVE-2004-1874
 	NOT-FOR-US: no_package
-CVE-2004-1873 (SQL injection vulnerability in category.asp in A-CART Pro and A-CART ...)
+CVE-2004-1873
 	NOT-FOR-US: no_package
-CVE-2004-1872 (Cross-site scripting (XSS) vulnerability in WebCT Campus Edition ...)
+CVE-2004-1872
 	NOT-FOR-US: no_package
-CVE-2004-1871 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP ...)
+CVE-2004-1871
 	NOT-FOR-US: no_package
-CVE-2004-1870 (Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and ...)
+CVE-2004-1870
 	NOT-FOR-US: no_package
-CVE-2004-1869 (Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier ...)
+CVE-2004-1869
 	NOT-FOR-US: no_package
-CVE-2004-1868 (Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 ...)
+CVE-2004-1868
 	NOT-FOR-US: no_package
-CVE-2004-1867 (Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest ...)
+CVE-2004-1867
 	NOT-FOR-US: no_package
-CVE-2004-1866 (nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a ...)
+CVE-2004-1866
 	- nstx 1.1-beta4-1
-CVE-2004-1865 (Cross-site scripting (XSS) vulnerability in the administration panel ...)
+CVE-2004-1865
 	NOT-FOR-US: no_package
-CVE-2004-1864 (SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta ...)
+CVE-2004-1864
 	NOT-FOR-US: no_package
-CVE-2004-1863 (Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka ...)
+CVE-2004-1863
 	NOT-FOR-US: no_package
-CVE-2004-1862 (Multiple cross-site scripting (XSS) vulnerabilities in Extreme ...)
+CVE-2004-1862
 	NOT-FOR-US: no_package
-CVE-2004-1861 (Invision NetSupport School Pro uses a weak encryption algorithm to ...)
+CVE-2004-1861
 	NOT-FOR-US: no_package
-CVE-2004-1860 (Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 ...)
+CVE-2004-1860
 	NOT-FOR-US: no_package
-CVE-2004-1859 (Directory traversal vulnerability in Trend Micro Interscan Web ...)
+CVE-2004-1859
 	NOT-FOR-US: no_package
-CVE-2004-1858 (HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of ...)
+CVE-2004-1858
 	NOT-FOR-US: no_package
-CVE-2004-1857 (Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin ...)
+CVE-2004-1857
 	NOT-FOR-US: no_package
-CVE-2004-1856 (devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when ...)
+CVE-2004-1856
 	NOT-FOR-US: no_package
-CVE-2004-1855 (Dark Age of Camelot before 1.68 live patch does not sign the RSA ...)
+CVE-2004-1855
 	NOT-FOR-US: no_package
-CVE-2004-1854 (Buffer overflow in the logging function in Picophone 1.63 and earlier ...)
+CVE-2004-1854
 	NOT-FOR-US: no_package
-CVE-2004-1853 (Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote ...)
+CVE-2004-1853
 	NOT-FOR-US: no_package
-CVE-2004-1852 (DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 ...)
+CVE-2004-1852
 	NOT-FOR-US: no_package
-CVE-2004-1851 (Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data ...)
+CVE-2004-1851
 	NOT-FOR-US: no_package
-CVE-2004-1850 (The Rage 1.01 and earlier allows remote attackers to cause a denial of ...)
+CVE-2004-1850
 	NOT-FOR-US: no_package
-CVE-2004-1849 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 ...)
+CVE-2004-1849
 	NOT-FOR-US: no_package
-CVE-2004-1848 (Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial ...)
+CVE-2004-1848
 	NOT-FOR-US: no_package
-CVE-2004-1847 (News Manager Lite 2.5 allows remote attackers to bypass authentication ...)
+CVE-2004-1847
 	NOT-FOR-US: no_package
-CVE-2004-1846 (Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow ...)
+CVE-2004-1846
 	NOT-FOR-US: no_package
-CVE-2004-1845 (Multiple cross-site scripting (XSS) vulnerabilities in News Manager ...)
+CVE-2004-1845
 	NOT-FOR-US: no_package
-CVE-2004-1844 (Cross-site scripting (XSS) vulnerability in Member Management System ...)
+CVE-2004-1844
 	NOT-FOR-US: no_package
-CVE-2004-1843 (SQL injection vulnerability in Member Management System 2.1 allows ...)
+CVE-2004-1843
 	NOT-FOR-US: no_package
-CVE-2004-1842 (Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x ...)
+CVE-2004-1842
 	NOT-FOR-US: no_package
-CVE-2004-1841 (SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke ...)
+CVE-2004-1841
 	NOT-FOR-US: no_package
-CVE-2004-1840 (Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis ...)
+CVE-2004-1840
 	NOT-FOR-US: no_package
-CVE-2004-1839 (MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain ...)
+CVE-2004-1839
 	NOT-FOR-US: no_package
-CVE-2004-1838 (Directory traversal vulnerability in xweb 1.0 allows remote attackers ...)
+CVE-2004-1838
 	NOT-FOR-US: no_package
-CVE-2004-1837 (Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before ...)
+CVE-2004-1837
 	NOT-FOR-US: no_package
-CVE-2004-1836 (SQL injection vulnerability in index.php in Invision Power Top Site ...)
+CVE-2004-1836
 	NOT-FOR-US: no_package
-CVE-2004-1835 (Multiple SQL injection vulnerabilities in index.php in Invision ...)
+CVE-2004-1835
 	NOT-FOR-US: no_package
-CVE-2004-1834 (mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, ...)
+CVE-2004-1834
 	- apache2 2.0.53-1
-CVE-2004-1833 (The admin.ib file in Borland Interbase 7.1 for Linux has default world ...)
+CVE-2004-1833
 	NOT-FOR-US: no_package
-CVE-2004-1832 (Buffer overflow in the GUI admin service in Mac OS X Server 10.3 ...)
+CVE-2004-1832
 	NOT-FOR-US: no_package
-CVE-2004-1831 (Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers ...)
+CVE-2004-1831
 	NOT-FOR-US: no_package
-CVE-2004-1830 (error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote ...)
+CVE-2004-1830
 	NOT-FOR-US: no_package
-CVE-2004-1829 (Multiple cross-site scripting (XSS) vulnerabilities in error.php in ...)
+CVE-2004-1829
 	NOT-FOR-US: no_package
-CVE-2004-1828 (Vcard 2.9 and possibly other versions does not require authorization ...)
+CVE-2004-1828
 	NOT-FOR-US: no_package
-CVE-2004-1827 (Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and ...)
+CVE-2004-1827
 	NOT-FOR-US: no_package
-CVE-2004-1826 (SQL injection vulnerability in index.php in Mambo Open Source 4.5 ...)
+CVE-2004-1826
 	NOT-FOR-US: no_package
-CVE-2004-1825 (Cross-site scripting (XSS) vulnerability in index.php in Mambo Open ...)
+CVE-2004-1825
 	NOT-FOR-US: no_package
-CVE-2004-1824 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before ...)
+CVE-2004-1824
 	NOT-FOR-US: no_package
-CVE-2004-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft ...)
+CVE-2004-1823
 	NOT-FOR-US: no_package
-CVE-2004-1822 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 ...)
+CVE-2004-1822
 	NOT-FOR-US: no_package
-CVE-2004-1821 (SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through ...)
+CVE-2004-1821
 	NOT-FOR-US: no_package
-CVE-2004-1820 (PHP remote file inclusion vulnerability in displaycategory.php in ...)
+CVE-2004-1820
 	NOT-FOR-US: no_package
-CVE-2004-1819 (4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to ...)
+CVE-2004-1819
 	NOT-FOR-US: no_package
-CVE-2004-1818 (Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum ...)
+CVE-2004-1818
 	NOT-FOR-US: no_package
-CVE-2004-1817 (Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke ...)
+CVE-2004-1817
 	NOT-FOR-US: no_package
-CVE-2004-1816 (Unknown vulnerability in Sun Java System Application Server 7.0 Update ...)
+CVE-2004-1816
 	NOT-FOR-US: no_package
-CVE-2004-1815 (Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when ...)
+CVE-2004-1815
 	NOT-FOR-US: no_package
-CVE-2004-1814 (Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 ...)
+CVE-2004-1814
 	NOT-FOR-US: no_package
-CVE-2004-1813 (VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass ...)
+CVE-2004-1813
 	NOT-FOR-US: no_package
-CVE-2004-1812 (Multiple stack-based buffer overflows in Agent Common Services (1) ...)
+CVE-2004-1812
 	NOT-FOR-US: no_package
-CVE-2004-1811 (The SSL HTTP Server in HP Web-enabled Management Software 5.0 through ...)
+CVE-2004-1811
 	NOT-FOR-US: no_package
-CVE-2004-1810 (The Javascript engine in Opera 7.23 allows remote attackers to cause a ...)
+CVE-2004-1810
 	NOT-FOR-US: no_package
-CVE-2004-1809 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier ...)
+CVE-2004-1809
 	- phpbb2 2.0.10-1
 	NOTE: probably fixed in 2.0.6d-3
-CVE-2004-1808 (Extcompose in metamail does not verify the output file before writing ...)
+CVE-2004-1808
 	NOTE: according to Jeroen van Wolffelaar this is not a bug in metamail
 	NOTE: see bug #308875
-CVE-2004-1807 (Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore ...)
+CVE-2004-1807
 	NOT-FOR-US: no_package
-CVE-2004-1806 (SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows ...)
+CVE-2004-1806
 	NOT-FOR-US: no_package
-CVE-2004-1805 (Format string vulnerability in games using the Epic Games Unreal ...)
+CVE-2004-1805
 	NOT-FOR-US: no_package
-CVE-2004-1804 (wMCam server 2.1.348 allows remote attackers to cause a denial of ...)
+CVE-2004-1804
 	NOT-FOR-US: no_package
-CVE-2004-1802 (Chat Anywhere 2.72 and earlier allows remote attackers to hide their ...)
+CVE-2004-1802
 	NOT-FOR-US: no_package
-CVE-2004-1801 (Directory traversal vulnerability in PWebServer 0.3.3 allows remote ...)
+CVE-2004-1801
 	NOT-FOR-US: no_package
-CVE-2004-1800 (Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier ...)
+CVE-2004-1800
 	NOT-FOR-US: no_package
-CVE-2004-1799 (PF in certain OpenBSD versions, when stateful filtering is enabled, ...)
+CVE-2004-1799
 	NOT-FOR-US: no_package
-CVE-2004-1798 (RealOne player 6.0.11.868 allows remote attackers to execute arbitrary ...)
+CVE-2004-1798
 	NOT-FOR-US: no_package
-CVE-2004-1797 (Cross-site scripting (XSS) vulnerability in search.php for FreznoShop ...)
+CVE-2004-1797
 	NOT-FOR-US: no_package
-CVE-2004-1796 (PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier ...)
+CVE-2004-1796
 	NOT-FOR-US: no_package
-CVE-2004-1795 (Info Touch Surfnet kiosk allows local users to access the underlying ...)
+CVE-2004-1795
 	NOT-FOR-US: no_package
-CVE-2004-1794 (Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows ...)
+CVE-2004-1794
 	NOT-FOR-US: no_package
-CVE-2004-1793 (Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and ...)
+CVE-2004-1793
 	NOT-FOR-US: no_package
-CVE-2004-1792 (swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers ...)
+CVE-2004-1792
 	NOT-FOR-US: no_package
-CVE-2004-1791 (The web management interface in Edimax AR-6004 ADSL Routers uses a ...)
+CVE-2004-1791
 	NOT-FOR-US: Edimax Router
-CVE-2004-1790 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2004-1790
 	NOT-FOR-US: Edimax Router
-CVE-2004-1789 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2004-1789
 	NOT-FOR-US: ZyWALL
-CVE-2004-1788 (ASP-Nuke 1.3 and earlier places user credentials under the web ...)
+CVE-2004-1788
 	NOT-FOR-US: ASP-Nuke
-CVE-2004-1787 (SQL injection vulnerability in PostCalendar 4.0.0 allows remote ...)
+CVE-2004-1787
 	NOT-FOR-US: PostCalendar
-CVE-2004-1786 (PortalApp places user credentials under the web root with insufficient ...)
+CVE-2004-1786
 	NOT-FOR-US: PortalApp
-CVE-2004-1785 (SQL injection vulnerability in calendar.php for Invision Power Board ...)
+CVE-2004-1785
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1784 (Buffer overflow in the web server of Webcam Watchdog 3.63 allows ...)
+CVE-2004-1784
 	NOT-FOR-US: web server of Webcam Watchdog
-CVE-2004-1783 (Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 ...)
+CVE-2004-1783
 	NOT-FOR-US: Net2Soft Flash FTP Server
-CVE-2004-1782 (athenareg.php in Athena Web Registration allows remote attackers to ...)
+CVE-2004-1782
 	NOT-FOR-US: Athena Web Registration
-CVE-2004-1781 (Info Touch Surfnet kiosk allows local users to crash Surfnet and ...)
+CVE-2004-1781
 	NOT-FOR-US: Info Touch Surfnet kiosk
-CVE-2004-1780 (Info Touch Surfnet kiosk allows local users to deposit extra time into ...)
+CVE-2004-1780
 	NOT-FOR-US: Info Touch Surfnet kiosk
-CVE-2004-1779 (Cross-site scripting (XSS) vulnerability in board.php for ThWboard ...)
+CVE-2004-1779
 	NOT-FOR-US: ThWboard
-CVE-2004-2069 (sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, ...)
+CVE-2004-2069
 	- openssh 1:3.8p1
-CVE-2004-2068 (fetchnews in leafnode 1.9.47 and earlier allows remote attackers to ...)
+CVE-2004-2068
 	- leafnode <not-affected> (Leafnode2 development branch)
-CVE-2004-1778 (Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, ...)
+CVE-2004-1778
 	NOT-FOR-US: Skype
-CVE-2004-1777 (A &quot;range check error&quot; in Skype for Windows before 0.98.0.28 allows ...)
+CVE-2004-1777
 	NOT-FOR-US: Skype
-CVE-2004-1776 (Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and ...)
+CVE-2004-1776
 	NOT-FOR-US: Cisco
-CVE-2004-1775 (Cisco VACM (View-based Access Control MIB) for Catalyst Operating ...)
+CVE-2004-1775
 	NOT-FOR-US: Cisco
-CVE-2004-1774 (Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package ...)
+CVE-2004-1774
 	NOT-FOR-US: Oracle
-CVE-2004-1773 (Multiple buffer overflows in sharutils 4.2.1 and earlier may allow ...)
+CVE-2004-1773
 	- sharutils 1:4.2.1-12
-CVE-2004-1772 (Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows ...)
+CVE-2004-1772
 	- sharutils 1:4.2.1-11
-CVE-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass ...)
+CVE-2004-1771
 	NOT-FOR-US: Scalable OGo (SOGo)
-CVE-2004-1770 (The login page for cPanel 9.1.0, and possibly other versions, allows ...)
+CVE-2004-1770
 	NOT-FOR-US: not our cpanel
-CVE-2004-1769 (The &quot;Allow cPanel users to reset their password via email&quot; feature in ...)
+CVE-2004-1769
 	NOT-FOR-US: not our cpanel
-CVE-2004-1768 (The character converters in the Spamhunter and Language ID modules for ...)
+CVE-2004-1768
 	NOT-FOR-US: Symantec Brightmail AntiSpam
-CVE-2004-1767 (The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain ...)
+CVE-2004-1767
 	NOT-FOR-US: Solaris
-CVE-2004-1766 (The default installation of NetScreen-Security Manager before Feature ...)
+CVE-2004-1766
 	NOT-FOR-US: NetScreen-Security Manager
-CVE-2004-1765 (Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for ...)
+CVE-2004-1765
 	- libapache-mod-security <not-affected> (only seems to affect 1.7.4, not the newer branch in Debian)
-CVE-2004-1764 (Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, ...)
+CVE-2004-1764
 	NOT-FOR-US: HP-UX
-CVE-2004-1763 (Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 ...)
+CVE-2004-1763
 	NOT-FOR-US: hsrun.exe
-CVE-2004-1762 (Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux ...)
+CVE-2004-1762
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-1761 (Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to ...)
+CVE-2004-1761
 	- ethereal 0.10.3
-CVE-2004-1760 (The default installation of Cisco voice products, when running the IBM ...)
+CVE-2004-1760
 	NOT-FOR-US: Cisco
-CVE-2004-1759 (Cisco voice products, when running the IBM Director Agent on IBM ...)
+CVE-2004-1759
 	NOT-FOR-US: Cisco
-CVE-2004-1758 (BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up ...)
+CVE-2004-1758
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1757 (BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the ...)
+CVE-2004-1757
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1756 (BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 ...)
+CVE-2004-1756
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1755 (The Web Services fat client for BEA WebLogic Server and Express 7.0 ...)
+CVE-2004-1755
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1754 (The DNS proxy (DNSd) for multiple Symantec Gateway Security products ...)
+CVE-2004-1754
 	NOT-FOR-US: Symantec DNSd
-CVE-2004-1753 (The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, ...)
+CVE-2004-1753
 	NOT-FOR-US: Apple Java plugin
-CVE-2004-1752 (Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote ...)
+CVE-2004-1752
 	NOT-FOR-US: Gaucho
-CVE-2004-1751 (Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote ...)
+CVE-2004-1751
 	NOT-FOR-US: Ground Control II
-CVE-2004-1750 (RealVNC 4.0 and earlier allows remote attackers to cause a denial of ...)
+CVE-2004-1750
 	NOT-FOR-US: RealVNC
-CVE-2004-1749 (Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when ...)
+CVE-2004-1749
 	NOT-FOR-US: Attack Mitigator IPS 5500
-CVE-2004-1748 (NtRegmon before 6.12 allows local users to cause a denial of service ...)
+CVE-2004-1748
 	NOT-FOR-US: NtRegmon
-CVE-2004-1747 (Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 ...)
+CVE-2004-1747
 	NOT-FOR-US: NetworkEverywhere NR041
-CVE-2004-1746 (Cross-site scripting (XSS) vulnerability in index.php in PHP Code ...)
+CVE-2004-1746
 	NOT-FOR-US: PHP Code Snippet Library
-CVE-2004-1745 (Buffer overflow in Painkiller 1.3.1 and earlier allows remote ...)
+CVE-2004-1745
 	NOT-FOR-US: Painkiller
-CVE-2004-1744 (Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to ...)
+CVE-2004-1744
 	NOT-FOR-US: ESF Webserver
-CVE-2004-1743 (Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view ...)
+CVE-2004-1743
 	NOT-FOR-US: ESF Webserver
-CVE-2004-1742 (Directory traversal vulnerability in WebAPP 0.9.9 allows remote ...)
+CVE-2004-1742
 	NOT-FOR-US: WebAPP
-CVE-2004-1741 (Music daemon (musicd) 0.0.3 and earlier allows remote attackers to ...)
+CVE-2004-1741
 	NOT-FOR-US: musicd
-CVE-2004-1740 (Music daemon (musicd) 0.0.3 and earlier allows remote attackers to ...)
+CVE-2004-1740
 	NOT-FOR-US: musicd
-CVE-2004-1739 (Bird Chat 1.61 allows remote attackers to cause a denial of service ...)
+CVE-2004-1739
 	NOT-FOR-US: Bird Chat
-CVE-2004-1738 (Cross-site scripting (XSS) vulnerability in page.php in JShop allows ...)
+CVE-2004-1738
 	NOT-FOR-US: JShop
-CVE-2004-1737 (SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows ...)
+CVE-2004-1737
 	- cacti 0.8.5a-5
-CVE-2004-1736 (Cacti 0.8.5a allows remote attackers to gain sensitive information via ...)
+CVE-2004-1736
 	- cacti 0.8.5a-5
-CVE-2004-1735 (Cross-site scripting (XSS) vulnerability in the create list option in ...)
+CVE-2004-1735
 	- sympa 4.1.5-4 (bug #298105; unimportant)
 	NOTE: A user with the privilege to create new mailing lists needs to be trustworthy
-CVE-2004-1734 (PHP remote file inclusion vulnerability in Mantis 0.19.0a allows ...)
+CVE-2004-1734
 	- mantis 0.19.2-1
-CVE-2004-1733 (Directory traversal vulnerability in MyDMS 1.4.2 and other versions ...)
+CVE-2004-1733
 	- mydms 1.4.3-1
-CVE-2004-1732 (SQL injection vulnerability in out.ViewFolder.php in MyDMS before ...)
+CVE-2004-1732
 	- mydms 1.4.3-1
-CVE-2004-1731 (signup_page.php in Mantis bugtracker allows remote attackers to send ...)
+CVE-2004-1731
 	- mantis 0.19.0-1
-CVE-2004-1730 (Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows ...)
+CVE-2004-1730
 	- mantis 0.19.0-1
-CVE-2004-1729 (Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 ...)
+CVE-2004-1729
 	NOT-FOR-US: Nihuo Web Log Analyzer
-CVE-2004-1728 (Buffer overflow in British National Corpus SARA (sarad) allows remote ...)
+CVE-2004-1728
 	NOT-FOR-US: sarad
-CVE-2004-1727 (BadBlue 2.5 allows remote attackers to cause a denial of service ...)
+CVE-2004-1727
 	NOT-FOR-US: BadBlue
-CVE-2004-1726 (Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) ...)
+CVE-2004-1726
 	NOT-FOR-US: XV
-CVE-2004-1725 (Stack-based buffer overflow in xvbmp.c in XV allows remote attackers ...)
+CVE-2004-1725
 	NOT-FOR-US: XV
-CVE-2004-1724 (The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the ...)
+CVE-2004-1724
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-1723 (The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion ...)
+CVE-2004-1723
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-1722 (SQL injection vulnerability in calendar.html in Merak Mail Server ...)
+CVE-2004-1722
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1721 (The (1) function.php or (2) function.view.php scripts in Merak Mail ...)
+CVE-2004-1721
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1720 (The (1) address.html and possibly (2) calendar.html pages in Merak ...)
+CVE-2004-1720
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1719 (Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail ...)
+CVE-2004-1719
 	NOT-FOR-US: Merak Webmail Server
-CVE-2004-1718 (The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 ...)
+CVE-2004-1718
 	NOT-FOR-US: IPD
-CVE-2004-1717 (Multiple buffer overflows in the psscan function in ps.c for gv ...)
+CVE-2004-1717
 	- gv 1:3.6.1-1
-CVE-2004-1716 (Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows ...)
+CVE-2004-1716
 	NOT-FOR-US: PForum
-CVE-2004-1715 (Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 ...)
+CVE-2004-1715
 	NOT-FOR-US: MIMEsweeper
-CVE-2004-1714 (BlackICE PC Protection and Server Protection installs (1) ...)
+CVE-2004-1714
 	NOT-FOR-US: BlackICE PC Protection
-CVE-2004-1713 (Unknown vulnerability in HP Process Resource Manager (PRM) ...)
+CVE-2004-1713
 	NOT-FOR-US: PRM on HP-UX
-CVE-2004-1712 (Cross-site scripting (XSS) vulnerability in TypePad allows remote ...)
+CVE-2004-1712
 	NOT-FOR-US: TypePad
-CVE-2004-1711 (Cross-site scripting (XSS) vulnerability in post.php in Moodle before ...)
+CVE-2004-1711
 	- moodle 1.4-1
-CVE-2004-1710 (page.cgi allows remote attackers to execute arbitrary commands via ...)
+CVE-2004-1710
 	NOT-FOR-US: page.cgi
-CVE-2004-1709 (Datakey Rainbow iKey2032 USB token, when using the CIP client package, ...)
+CVE-2004-1709
 	NOT-FOR-US: Datakey Rainbow iKey2032 USB token
-CVE-2004-1708 (Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of ...)
+CVE-2004-1708
 	NOT-FOR-US: Webbsyte
-CVE-2004-1707 (The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and ...)
+CVE-2004-1707
 	NOT-FOR-US: Oracle
-CVE-2004-1706 (The U.S. Robotics USR808054 wireless access point allows remote ...)
+CVE-2004-1706
 	NOT-FOR-US: U.S. Robotics wireless access point
-CVE-2004-1705 (Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers ...)
+CVE-2004-1705
 	NOT-FOR-US: Citadel/UX
-CVE-2004-1704 (WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain ...)
+CVE-2004-1704
 	NOT-FOR-US: WpQuiz
-CVE-2004-1703 (Fusion News 3.6.1 allows remote attackers to add user accounts, if the ...)
+CVE-2004-1703
 	NOT-FOR-US: Fusion News
-CVE-2004-0838 (Lexar Safe Guard for JumpDrive Secure 1.0 stores the password ...)
+CVE-2004-0838
 	NOT-FOR-US: Lexar Safe Guard
-CVE-2004-1702 (The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to ...)
+CVE-2004-1702
 	- cfengine2 2.1.8-1
-CVE-2004-1701 (Heap-based buffer overflow in the AuthenticationDialogue function in ...)
+CVE-2004-1701
 	- cfengine2 2.1.8-1
-CVE-2004-1700 (Cross-site scripting (XSS) vulnerability in SettingsBase.php in ...)
+CVE-2004-1700
 	NOT-FOR-US: Pinnacle ShowCenter
-CVE-2004-1699 (SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers ...)
+CVE-2004-1699
 	NOT-FOR-US: Pinnacle ShowCenter
-CVE-2004-1698 (The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and ...)
+CVE-2004-1698
 	NOT-FOR-US: PopMessenger
-CVE-2004-1697 (The &quot;Forgot your Password&quot; link in Computer Associates (CA) Unicenter ...)
+CVE-2004-1697
 	NOT-FOR-US: Computer Associates Unicenter Management Portal
-CVE-2004-1696 (EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to ...)
+CVE-2004-1696
 	NOT-FOR-US: EmuLive Server4
-CVE-2004-1695 (EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to ...)
+CVE-2004-1695
 	NOT-FOR-US: EmuLive Server4
-CVE-2004-1694 (Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default ...)
+CVE-2004-1694
 	NOT-FOR-US: Symantec
-CVE-2004-1693 (PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 ...)
+CVE-2004-1693
 	NOT-FOR-US: Mambo
-CVE-2004-1692 (Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 ...)
+CVE-2004-1692
 	NOT-FOR-US: Mambo
-CVE-2004-1691 (The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a ...)
+CVE-2004-1691
 	NOT-FOR-US: DNS4Me
-CVE-2004-1690 (Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me ...)
+CVE-2004-1690
 	NOT-FOR-US: DNS4Me
-CVE-2004-1689 (sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root ...)
+CVE-2004-1689
 	- sudo 1.6.8p3-1
-CVE-2004-1688 (Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a ...)
+CVE-2004-1688
 	NOT-FOR-US: Pigeon Server
-CVE-2004-1687 (CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 ...)
+CVE-2004-1687
 	NOT-FOR-US: Snitz Forums
-CVE-2004-1686 (Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to ...)
+CVE-2004-1686
 	NOT-FOR-US: MSIE
-CVE-2004-1685 (SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU ...)
+CVE-2004-1685
 	NOT-FOR-US: SMC router
-CVE-2004-1684 (Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ...)
+CVE-2004-1684
 	NOT-FOR-US: Zyxel
-CVE-2004-1683 (A race condition in crrtrap for QNX RTP 6.1 allows local users to gain ...)
+CVE-2004-1683
 	NOT-FOR-US: crrtrap
-CVE-2004-1682 (Format string vulnerability in QNX 6.1 FTP client allows remote ...)
+CVE-2004-1682
 	NOT-FOR-US: QNX FTP
-CVE-2004-1681 (Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) ...)
+CVE-2004-1681
 	NOT-FOR-US: QNX
-CVE-2004-1680 (application.cgi in the Pingtel Xpressa handset running firmware ...)
+CVE-2004-1680
 	NOT-FOR-US: Pingtel Xpressa
-CVE-2004-1679 (Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote ...)
+CVE-2004-1679
 	NOT-FOR-US: TwinFTP
-CVE-2004-1678 (Directory traversal vulnerability in pdesk.cgi in PerlDesk allows ...)
+CVE-2004-1678
 	NOT-FOR-US: PerlDesk
-CVE-2004-1677 (pdesk.cgi in PerlDesk allows remote attackers to gain sensitive ...)
+CVE-2004-1677
 	NOT-FOR-US: PerlDesk
-CVE-2004-1676 (Heap-based buffer overflow in the image sending feature in Gadu-Gadu ...)
+CVE-2004-1676
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1675 (Serv-U FTP server 4.x and 5.x allows remote attackers to cause a ...)
+CVE-2004-1675
 	NOT-FOR-US: Serv-U FTP
-CVE-2004-1674 (viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 ...)
+CVE-2004-1674
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1673 (accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web ...)
+CVE-2004-1673
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1672 (attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 ...)
+CVE-2004-1672
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1671 (Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other ...)
+CVE-2004-1671
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1670 (Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 ...)
+CVE-2004-1670
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1669 (Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 ...)
+CVE-2004-1669
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1668 (Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 ...)
+CVE-2004-1668
 	NOT-FOR-US: Subjects
-CVE-2004-1667 (Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote ...)
+CVE-2004-1667
 	NOT-FOR-US: Halo Combat Evolved
-CVE-2004-1666 (Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN ...)
+CVE-2004-1666
 	NOT-FOR-US: Cerulean Trillian
-CVE-2004-1665 (Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 ...)
+CVE-2004-1665
 	NOT-FOR-US: PsNews
-CVE-2004-1664 (Call of Duty 1.4 and earlier allows remote attackers to cause a denial ...)
+CVE-2004-1664
 	NOT-FOR-US: Call of Duty
-CVE-2004-1663 (Engenio/LSI Logic storage controllers, as used in products such as ...)
+CVE-2004-1663
 	NOT-FOR-US: Engenio/LSI Logic storage controllers
-CVE-2004-1662 (YaBB SE 1.5.1 allows remote attackers to obtain sensitive information ...)
+CVE-2004-1662
 	NOT-FOR-US: YaBB
-CVE-2004-1661 (MailWorks Professional allows remote attackers to bypass ...)
+CVE-2004-1661
 	NOT-FOR-US: MailWorks
-CVE-2004-1660 (PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier ...)
+CVE-2004-1660
 	NOT-FOR-US: CuteNews
-CVE-2004-1659 (Cross-site scripting (XSS) vulnerability in index.php in CuteNews ...)
+CVE-2004-1659
 	NOT-FOR-US: CuteNews
-CVE-2004-1658 (Kerio Personal Firewall 4.0 (KPF4) allows local users with ...)
+CVE-2004-1658
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2004-1657 (Cross-site scripting (XSS) vulnerability in the Activity and Events ...)
+CVE-2004-1657
 	NOT-FOR-US: DasBlog
-CVE-2004-1656 (CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows ...)
+CVE-2004-1656
 	NOT-FOR-US: Comersus Shopping Cart
-CVE-2004-1655 (Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and ...)
+CVE-2004-1655
 	NOT-FOR-US: phpWebsite
-CVE-2004-1654 (SQL injection vulnerability in the calendar module in phpWebsite ...)
+CVE-2004-1654
 	NOT-FOR-US: phpWebsite
-CVE-2004-1653 (The default configuration for OpenSSH enables AllowTcpForwarding, ...)
+CVE-2004-1653
 	- openssh <not-affected> (Documented SSH protocol behaviour, cannot be "fixed")
 	NOTE: See bug #296547 for details
-CVE-2004-1652 (phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if ...)
+CVE-2004-1652
 	NOT-FOR-US: phpScheduleIt
-CVE-2004-1651 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2004-1651
 	NOT-FOR-US: phpScheduleIt
-CVE-2004-1650 (D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP ...)
+CVE-2004-1650
 	NOT-FOR-US: D-Link DCS-900
-CVE-2004-1649 (Buffer overflow in Microsoft Msinfo32.exe might allow local users to ...)
+CVE-2004-1649
 	NOT-FOR-US: Msinfo32.exe
-CVE-2004-1648 (Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ...)
+CVE-2004-1648
 	NOT-FOR-US: Password Protect
-CVE-2004-1647 (SQL injection vulnerability in Password Protect allows remote ...)
+CVE-2004-1647
 	NOT-FOR-US: Password Protect
-CVE-2004-1646 (Directory traversal vulnerability in Xedus 1.0 allows remote attackers ...)
+CVE-2004-1646
 	NOT-FOR-US: Xedus
-CVE-2004-1645 (Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote ...)
+CVE-2004-1645
 	NOT-FOR-US: Xedus
-CVE-2004-1644 (Xedus 1.0 allows remote attackers to cause a denial of service (refuse ...)
+CVE-2004-1644
 	NOT-FOR-US: Xedus
-CVE-2004-1643 (WS_FTP 5.0.2 allows remote authenticated users to cause a denial of ...)
+CVE-2004-1643
 	NOT-FOR-US: WS_FTP
-CVE-2004-1642 (WFTPD Pro Server 3.21 allows remote authenticated users to cause a ...)
+CVE-2004-1642
 	NOT-FOR-US: WS_FTP
-CVE-2004-1641 (Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote ...)
+CVE-2004-1641
 	NOT-FOR-US: Titan
-CVE-2004-1640 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and ...)
+CVE-2004-1640
 	NOT-FOR-US: XOOPS
-CVE-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows ...)
+CVE-2004-1639
 	NOTE: This is not a real security issue; it just describes the fact that the Gecko
 	NOTE: engine of the Mozillae may be lead into a crash if you feed it with large chunks
 	NOTE: of arbitrary binary data and label it as HTML. As the parsing garbage is displayed
@@ -2364,835 +2364,835 @@ CVE-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allo
 	- firefox <removed> (unimportant)
 	- iceweasel <removed> (unimportant)
 	- mozilla <removed> (unimportant)
-CVE-2004-1638 (Buffer overflow in MailCarrier 2.51 allows remote attackers to execute ...)
+CVE-2004-1638
 	NOT-FOR-US: mailcarrier
-CVE-2004-1637 (The Hawking Technologies HAR11A modem/router allows remote attackers ...)
+CVE-2004-1637
 	NOT-FOR-US: Hawking Technologies HAR11A modem/router
-CVE-2004-1636 (Heap-based buffer overflow in the WvTFTPServer::new_connection ...)
+CVE-2004-1636
 	NOT-FOR-US: WvTftp
-CVE-2004-1635 (Bugzilla 2.17.1 through 2.18rc2 and 2.19 from cvs, when using the ...)
+CVE-2004-1635
 	NOTE: does not affect older 2.16.7 in sid.
-CVE-2004-1634 (show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, ...)
+CVE-2004-1634
 	NOTE: does not affect older 2.16.7 in sid.
-CVE-2004-1633 (process_bug.cgi in Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS does ...)
+CVE-2004-1633
 	- bugzilla 2.16.7
-CVE-2004-1632 (Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 ...)
+CVE-2004-1632
 	- moniwiki 1.0.9
-CVE-2004-1631 (Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to ...)
+CVE-2004-1631
 	NOT-FOR-US: Open WorkFlow Engine
-CVE-2004-1630 (Cross-site scripting (XSS) vulnerability in the login form in Open ...)
+CVE-2004-1630
 	NOT-FOR-US: Open WorkFlow Engine
-CVE-2004-1629 (Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier ...)
+CVE-2004-1629
 	NOT-FOR-US: Dwc_articles
-CVE-2004-1628 (Format string vulnerability in log.c in rssh before 2.2.2 allows ...)
+CVE-2004-1628
 	- rssh 2.2.2
-CVE-2004-1627 (Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other ...)
+CVE-2004-1627
 	NOT-FOR-US: ability server
-CVE-2004-1626 (Buffer overflow in Ability Server 2.34, and possibly other versions, ...)
+CVE-2004-1626
 	NOT-FOR-US: ability server
-CVE-2004-1625 (pGina 1.7.6 and possibly older versions, when the Restart or Shutdown ...)
+CVE-2004-1625
 	NOT-FOR-US: pGina
-CVE-2004-1624 (Carbon Copy 6.0.5257 does not drop system privileges when opening ...)
+CVE-2004-1624
 	NOT-FOR-US: Carbon Copy
-CVE-2004-1623 (The WAV file property handler in Windows XP SP1 allows remote ...)
+CVE-2004-1623
 	NOT-FOR-US: Microsoft
-CVE-2004-1622 (SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x ...)
+CVE-2004-1622
 	NOT-FOR-US: UBB.threads
-CVE-2004-1621 (** DISPUTED ** ...)
+CVE-2004-1621
 	NOT-FOR-US: Lotus Notes
-CVE-2004-1620 (CRLF injection vulnerability in Serendipity before 0.7rc1 allows ...)
+CVE-2004-1620
 	NOT-FOR-US: Serendipity
-CVE-2004-1619 (Buffer overflow in Privateer's Bounty: Age of Sail II allows ...)
+CVE-2004-1619
 	NOT-FOR-US: Privateer's Bounty: Age of Sail II
-CVE-2004-1618 (Vypress Tonecast 1.3 and earlier allows remote attackers to cause a ...)
+CVE-2004-1618
 	NOT-FOR-US: Tonecast
-CVE-2004-1617 (Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers ...)
+CVE-2004-1617
 	{DSA-1077-1 DSA-1076-1}
 	- lynx 2.8.5-2sarge1.2 (bug #296340; bug #384725; low)
 	- lynx-cur 2.8.6-6 (low)
 	- lynx-ssl <removed>
-CVE-2004-1616 (Links allows remote attackers to cause a denial of service (memory ...)
+CVE-2004-1616
 	- links 0.99+1.00pre12-1 (bug #296341; low)
-CVE-2004-1615 (Opera allows remote attackers to cause a denial of service (invalid ...)
+CVE-2004-1615
 	NOT-FOR-US: Opera
-CVE-2004-1614 (Mozilla allows remote attackers to cause a denial of service ...)
+CVE-2004-1614
 	- mozilla-firefox <not-affected> (assuming this is mozilla_die2.html, does not bother firefox 1.0+dfsg.1-6)
 	NOTE: mozilla-browser 1.7.5-1 also ok
-CVE-2004-1613 (Mozilla allows remote attackers to cause a denial of service ...)
+CVE-2004-1613
 	NOTE: example page did not bother firefox 1.0+dfsg.1-6
 	NOTE: mozilla-browser 1.7.5-1 also ok
-CVE-2004-1612 (Directory traversal vulnerability in SalesLogix 6.1 allows remote ...)
+CVE-2004-1612
 	NOT-FOR-US: SalesLogix
-CVE-2004-1611 (SalesLogix 6.1 does not verify if a user is authenticated before ...)
+CVE-2004-1611
 	NOT-FOR-US: SalesLogix
-CVE-2004-1610 (SalesLogix 6.1 uses client-specified pathnames for writing certain ...)
+CVE-2004-1610
 	NOT-FOR-US: SalesLogix
-CVE-2004-1609 (SalesLogix 6.1 includes usernames, passwords, and other sensitive ...)
+CVE-2004-1609
 	NOT-FOR-US: SalesLogix
-CVE-2004-1608 (SQL injection vulnerability in SalesLogix 6.1 allows remote attackers ...)
+CVE-2004-1608
 	NOT-FOR-US: SalesLogix
-CVE-2004-1607 (slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain ...)
+CVE-2004-1607
 	NOT-FOR-US: SalesLogix
-CVE-2004-1606 (slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial ...)
+CVE-2004-1606
 	NOT-FOR-US: SalesLogix
-CVE-2004-1605 (SalesLogix 6.1 allows remote attackers to bypass authentication by ...)
+CVE-2004-1605
 	NOT-FOR-US: SalesLogix
-CVE-2004-1604 (cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod ...)
+CVE-2004-1604
 	NOT-FOR-US: not our cpanel
-CVE-2004-1603 (cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users ...)
+CVE-2004-1603
 	NOT-FOR-US: not our cpanel
-CVE-2004-1602 (ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different ...)
+CVE-2004-1602
 	- proftpd 1.2.10-4
-CVE-2004-1601 (Directory traversal vulnerability in index.php in CoolPHP 1.0-stable ...)
+CVE-2004-1601
 	NOT-FOR-US: coolphp
-CVE-2004-1600 (index.php in CoolPHP 1.0-stable allows remote attackers to gain ...)
+CVE-2004-1600
 	NOT-FOR-US: CoolPHP
-CVE-2004-1599 (Cross-site scripting (XSS) vulnerability in index.php in CoolPHP ...)
+CVE-2004-1599
 	NOT-FOR-US: CoolPHP
-CVE-2004-1598 (Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read ...)
+CVE-2004-1598
 	NOT-FOR-US: Acrobat
-CVE-2004-1597 (RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote ...)
+CVE-2004-1597
 	NOT-FOR-US: RIM Blackberry
-CVE-2004-1596 (The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows ...)
+CVE-2004-1596
 	NOT-FOR-US: 3COM router
-CVE-2004-1595 (Buffer overflow in ShixxNote 6.net build 117 allows remote attackers ...)
+CVE-2004-1595
 	NOT-FOR-US: ShixxNote
-CVE-2004-1594 (Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote ...)
+CVE-2004-1594
 	NOT-FOR-US: FuseTalk
-CVE-2004-1593 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2004-1593
 	NOT-FOR-US: SCT email client
-CVE-2004-1592 (PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 ...)
+CVE-2004-1592
 	- ocportal <itp> (bug #625865)
-CVE-2004-1591 (The web interface for Micronet Wireless Broadband Router SP916BM ...)
+CVE-2004-1591
 	NOT-FOR-US: Micronet Wireless Router
-CVE-2004-1590 (Clientexec allows remote attackers to gain sensitive information via ...)
+CVE-2004-1590
 	NOT-FOR-US: clientexec
-CVE-2004-1589 (Cross-site scripting (XSS) vulnerability in GoSmart Message Board ...)
+CVE-2004-1589
 	NOT-FOR-US: GoSmart
-CVE-2004-1588 (SQL injection vulnerability in GoSmart Message Board allows remote ...)
+CVE-2004-1588
 	NOT-FOR-US: GoSmart
-CVE-2004-1587 (Buffer overflow in Monolith games including (1) Alien versus Predator ...)
+CVE-2004-1587
 	NOT-FOR-US: Monolith Games
-CVE-2004-1586 (Flash Messaging clients can ignore disconnecting commands such as ...)
+CVE-2004-1586
 	NOT-FOR-US: Flash Messaging
-CVE-2004-1585 (Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers ...)
+CVE-2004-1585
 	NOT-FOR-US: Flash Messaging
-CVE-2004-1584 (CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows ...)
+CVE-2004-1584
 	- wordpress 1.2.1-1.1
-CVE-2004-1583 (Directory traversal vulnerability in the FTP server in TriDComm 1.3 ...)
+CVE-2004-1583
 	NOT-FOR-US: FTP server in TriDComm
-CVE-2004-1582 (PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows ...)
+CVE-2004-1582
 	NOT-FOR-US: BlackBoard
-CVE-2004-1581 (BlackBoard 1.5.1 allows remote attackers to gain sensitive information ...)
+CVE-2004-1581
 	NOT-FOR-US: BlackBoard
-CVE-2004-1580 (SQL injection vulnerability in index.php in CubeCart 2.0.1 allows ...)
+CVE-2004-1580
 	NOT-FOR-US: CubeCart
-CVE-2004-1579 (index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive ...)
+CVE-2004-1579
 	NOT-FOR-US: CubeCart
-CVE-2004-1578 (Cross-site scripting (XSS) vulnerability in index.php in Invision ...)
+CVE-2004-1578
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1577 (index.php in PHP Links allows remote attackers to gain sensitive ...)
+CVE-2004-1577
 	NOT-FOR-US: phplinks
-CVE-2004-1576 (Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and ...)
+CVE-2004-1576
 	NOT-FOR-US: Judge Dredd
-CVE-2004-1575 (The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a ...)
+CVE-2004-1575
 	- xerces25 2.5.0-4
 	- xerces24 2.4.0-4
 	- xerces23 <not-affected> (not affected, see bug #296432)
 	- xerces21 <not-affected> (not affected, see bug #296466)
-CVE-2004-1574 (Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote ...)
+CVE-2004-1574
 	NOT-FOR-US: Vypress
-CVE-2004-1573 (The documentation for AJ-Fork 167 implies that users should set ...)
+CVE-2004-1573
 	NOT-FOR-US: AJ-Fork
-CVE-2004-1572 (AJ-Fork 167 does not restrict access to directories such as (1) data, ...)
+CVE-2004-1572
 	NOT-FOR-US: AJ-Fork
-CVE-2004-1571 (AJ-Fork 167 allows remote attackers to gain sensitive information via ...)
+CVE-2004-1571
 	NOT-FOR-US: AJ-Fork
-CVE-2004-1570 (SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote ...)
+CVE-2004-1570
 	NOT-FOR-US: bBlog
-CVE-2004-1569 (Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) ...)
+CVE-2004-1569
 	NOT-FOR-US: dbPowerAmp
-CVE-2004-1568 (Directory traversal vulnerability in ParaChat Server 5.5 allows remote ...)
+CVE-2004-1568
 	NOT-FOR-US: Parachat
-CVE-2004-1567 (profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers ...)
+CVE-2004-1567
 	NOT-FOR-US: Silent Storm Portal
-CVE-2004-1566 (Cross-site scripting (XSS) vulnerability in index.php in Silent Storm ...)
+CVE-2004-1566
 	NOT-FOR-US: Silent Storm Portal
-CVE-2004-1565 (list.php in w-Agora 4.1.6a allows remote attackers to reveal the full ...)
+CVE-2004-1565
 	NOT-FOR-US: w-Agora
-CVE-2004-1564 (CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a ...)
+CVE-2004-1564
 	NOT-FOR-US: w-Agora
-CVE-2004-1563 (Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow ...)
+CVE-2004-1563
 	NOT-FOR-US: w-Agora
-CVE-2004-1562 (SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows ...)
+CVE-2004-1562
 	NOT-FOR-US: w-Agora
-CVE-2004-1561 (Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers ...)
+CVE-2004-1561
 	- icecast2 2.0.2.debian-1
-CVE-2004-1560 (Microsoft SQL Server 7.0 allows remote attackers to cause a denial of ...)
+CVE-2004-1560
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2004-1559 (Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 ...)
+CVE-2004-1559
 	- wordpress 1.2.2-1.1
-CVE-2004-1558 (Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 ...)
+CVE-2004-1558
 	NOT-FOR-US: YahooPOPS
-CVE-2004-1557 (MyWebServer 1.0.3 allows remote attackers to bypass authentication, ...)
+CVE-2004-1557
 	NOT-FOR-US: MyWebServer
-CVE-2004-1556 (MyWebServer 1.0.3 allows remote attackers to cause a denial of service ...)
+CVE-2004-1556
 	NOT-FOR-US: MyWebServer
-CVE-2004-1555 (Multiple SQL injection vulnerabilities in BroadBoard Instant ASP ...)
+CVE-2004-1555
 	NOT-FOR-US: BroadBoard Instant ASP Message Board
-CVE-2004-1554 (PHP remote file inclusion vulnerability in livre_include.php in @lex ...)
+CVE-2004-1554
 	NOT-FOR-US: @lex GuestBook
-CVE-2004-1553 (SQL injection vulnerability in aspWebAlbum allows remote attackers to ...)
+CVE-2004-1553
 	NOT-FOR-US: aspWebAlbum
-CVE-2004-1552 (SQL injection vulnerability in aspWebCalendar allows remote attackers ...)
+CVE-2004-1552
 	NOT-FOR-US: aspWebCalendar
-CVE-2004-1551 (Cross-site scripting (XSS) vulnerability in the (1) email or (2) file ...)
+CVE-2004-1551
 	NOT-FOR-US: PafileDB
-CVE-2004-1550 (Motorola Wireless Router WR850G running firmware 4.03 allows remote ...)
+CVE-2004-1550
 	NOT-FOR-US: Motorola Router
-CVE-2004-1549 (The conference menu in ActivePost Standard 3.1 sends passwords of ...)
+CVE-2004-1549
 	NOT-FOR-US: ActivePost
-CVE-2004-1548 (Directory traversal vulnerability in the file server in ActivePost ...)
+CVE-2004-1548
 	NOT-FOR-US: ActivePost
-CVE-2004-1547 (The file server in ActivePost Standard 3.1 and earlier allows remote ...)
+CVE-2004-1547
 	NOT-FOR-US: ActivePost
-CVE-2004-1546 (Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to ...)
+CVE-2004-1546
 	NOT-FOR-US: MDaemon
-CVE-2004-1545 (UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache ...)
+CVE-2004-1545
 	- moniwiki 1.0.9-4
-CVE-2004-1544 (Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki ...)
+CVE-2004-1544
 	- jspwiki 2.0.52-8
-CVE-2004-1543 (Directory traversal vulnerability in viewimg.php in KorWeblog ...)
+CVE-2004-1543
 	NOT-FOR-US: KorWeblog
-CVE-2004-1542 (Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows ...)
+CVE-2004-1542
 	NOT-FOR-US: Soldier of Fortune
-CVE-2004-1541 (SecureCRT 4.0, 4.1, and possibly other versions, allows remote ...)
+CVE-2004-1541
 	NOT-FOR-US: SecureCRT
-CVE-2004-1540 (ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other ...)
+CVE-2004-1540
 	NOT-FOR-US: ZyXEL Routers
-CVE-2004-1539 (Halo: Combat Evolved 1.05 and earlier allows remote game servers to ...)
+CVE-2004-1539
 	NOT-FOR-US: Halo: Combat Evolved
-CVE-2004-1538 (SQL injection vulnerability in include.php in PHPKIT 1.6.03 through ...)
+CVE-2004-1538
 	NOT-FOR-US: PHPKIT
-CVE-2004-1537 (Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 ...)
+CVE-2004-1537
 	NOT-FOR-US: PHPKIT
-CVE-2004-1536 (SQL injection vulnerability in index.php in the ibProArcade module for ...)
+CVE-2004-1536
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1535 (PHP remote file inclusion vulnerability in admin_cash.php for the Cash ...)
+CVE-2004-1535
 	NOT-FOR-US: Cash Mod module of phpbb2
-CVE-2004-1534 (ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, ...)
+CVE-2004-1534
 	NOT-FOR-US: ZoneAlarm
-CVE-2004-1533 (Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier ...)
+CVE-2004-1533
 	NOT-FOR-US: DMS POP3
-CVE-2004-1532 (AppServ 2.5.x and earlier installs a default username and password, ...)
+CVE-2004-1532
 	NOT-FOR-US: AppServ
-CVE-2004-1531 (SQL injection vulnerability in post.php in Invision Power Board (IPB) ...)
+CVE-2004-1531
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1530 (SQL injection vulnerability in the Event Calendar module 2.13 for ...)
+CVE-2004-1530
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1529 (Cross-site scripting (XSS) vulnerability in the Event Calendar module ...)
+CVE-2004-1529
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1528 (The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to ...)
+CVE-2004-1528
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1527 (Microsoft Internet Explorer 6.0 SP1 does not properly handle certain ...)
+CVE-2004-1527
 	NOT-FOR-US: MSIE
-CVE-2004-1526 (Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game ...)
+CVE-2004-1526
 	NOT-FOR-US: Hired Team
-CVE-2004-1525 (Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause ...)
+CVE-2004-1525
 	NOT-FOR-US: Hired Team
-CVE-2004-1524 (Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to ...)
+CVE-2004-1524
 	NOT-FOR-US: Hired Team
-CVE-2004-1523 (Format string vulnerability in the game console in Hired Team: Trial ...)
+CVE-2004-1523
 	NOT-FOR-US: Hired Team
-CVE-2004-1522 (Format string vulnerability in Army Men RTS 1.0 allows remote ...)
+CVE-2004-1522
 	NOT-FOR-US: Army Men RTS
-CVE-2004-1521 (Eudora 6.2.0.14 does not issue a warning when a user forwards an ...)
+CVE-2004-1521
 	NOT-FOR-US: Eudora
-CVE-2004-1520 (Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote ...)
+CVE-2004-1520
 	NOT-FOR-US: IPSwitch IMail
-CVE-2004-1519 (SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows ...)
+CVE-2004-1519
 	NOT-FOR-US: phpBugTracker
-CVE-2004-1518 (SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier ...)
+CVE-2004-1518
 	NOT-FOR-US: Phorum
-CVE-2004-1517 (Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers ...)
+CVE-2004-1517
 	NOT-FOR-US: Zone Labs IMsecure
-CVE-2004-1516 (CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows ...)
+CVE-2004-1516
 	NOT-FOR-US: phpWebSite
-CVE-2004-1515 (SQL injection vulnerability in (1) ttlast.php and (2) last10.php in ...)
+CVE-2004-1515
 	NOT-FOR-US: vBulletin
-CVE-2004-1514 (04WebServer 1.42 allows remote attackers to cause a denial of service ...)
+CVE-2004-1514
 	NOT-FOR-US: 04Webserver
-CVE-2004-1513 (04WebServer 1.42 does not adequately filter data that is written to ...)
+CVE-2004-1513
 	NOT-FOR-US: 04Webserver
-CVE-2004-1512 (Cross-site scripting (XSS) vulnerability in Response_default.html in ...)
+CVE-2004-1512
 	NOT-FOR-US: 04Webserver
-CVE-2004-1511 (Hotfoon 4.0 does not notify users before opening links in web ...)
+CVE-2004-1511
 	NOT-FOR-US: Hotfoon
-CVE-2004-1510 (WebCalendar allows remote attackers to gain privileges by modifying ...)
+CVE-2004-1510
 	- webcalendar 0.9.45-1
-CVE-2004-1509 (validate.php in WebCalendar allows remote attackers to gain sensitive ...)
+CVE-2004-1509
 	- webcalendar 0.9.45-1
-CVE-2004-1508 (init.php in WebCalendar allows remote attackers to execute arbitrary ...)
+CVE-2004-1508
 	- webcalendar 0.9.45-1
-CVE-2004-1507 (CRLF injection vulnerability in login.php in WebCalendar allows remote ...)
+CVE-2004-1507
 	- webcalendar 0.9.45-1
-CVE-2004-1506 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)
+CVE-2004-1506
 	- webcalendar 0.9.45-1
-CVE-2004-1505 (Directory traversal vulnerability in index.php in Just Another Flat ...)
+CVE-2004-1505
 	NOT-FOR-US: JAF
-CVE-2004-1504 (The displaycontent function in config.php for Just Another Flat file ...)
+CVE-2004-1504
 	NOT-FOR-US: JAF
-CVE-2004-1503 (Integer overflow in the InitialDirContext in Java Runtime Environment ...)
+CVE-2004-1503
 	NOT-FOR-US: Sun JRE
-CVE-2004-1502 (The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows ...)
+CVE-2004-1502
 	NOT-FOR-US: 602 Lan Suite
-CVE-2004-1501 (The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows ...)
+CVE-2004-1501
 	NOT-FOR-US: 602 Lan Suite
-CVE-2004-1500 (Format string vulnerability in the Lithtech engine, as used in ...)
+CVE-2004-1500
 	NOT-FOR-US: Lithtech
-CVE-2004-1499 (Cross-site scripting (XSS) vulnerability in the compose message form ...)
+CVE-2004-1499
 	NOT-FOR-US: HELM
-CVE-2004-1498 (SQL injection vulnerability in the compose message form in HELM 3.1.19 ...)
+CVE-2004-1498
 	NOT-FOR-US: HELM
-CVE-2004-1497 (Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext ...)
+CVE-2004-1497
 	NOT-FOR-US: Web Forums Server
-CVE-2004-1496 (Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 ...)
+CVE-2004-1496
 	NOT-FOR-US: Web Forums Server
-CVE-2004-1495 (The Repair Archive command in WinRAR 3.40 allows remote attackers to ...)
+CVE-2004-1495
 	NOT-FOR-US: WinRAR
-CVE-2004-1494 (Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 ...)
+CVE-2004-1494
 	NOT-FOR-US: XDICT
-CVE-2004-1493 (Master of Orion III 1.2.5 and earlier allows remote attackers to cause ...)
+CVE-2004-1493
 	NOT-FOR-US: Master of Orion
-CVE-2004-1492 (Master of Orion III 1.2.5 and earlier allows remote attackers to cause ...)
+CVE-2004-1492
 	NOT-FOR-US: Master of Orion
-CVE-2004-1491 (Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME ...)
+CVE-2004-1491
 	NOT-FOR-US: Opera
-CVE-2004-1490 (Opera 7.54 and earlier allows remote attackers to spoof file types in ...)
+CVE-2004-1490
 	NOT-FOR-US: Opera
-CVE-2004-1489 (Opera 7.54 and earlier does not properly limit an applet's access to ...)
+CVE-2004-1489
 	NOT-FOR-US: Opera
-CVE-2004-1488 (wget 1.8.x and 1.9.x does not filter or quote control characters when ...)
+CVE-2004-1488
 	- wget 1.9.1-11
-CVE-2004-1487 (wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite ...)
+CVE-2004-1487
 	- wget 1.9.1-11
 CVE-2004-9999
 	REJECTED
 CVE-2004-9998
 	REJECTED
-CVE-2004-1486 (Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and ...)
+CVE-2004-1486
 	NOT-FOR-US: Serviceguard and Cluster Object Manager on HP-UX, HP Linux
-CVE-2004-1485 (Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote ...)
+CVE-2004-1485
 	- inetutils <not-affected> (inetutils 2:1.4.2+20040207-4; not vulnerable and its tftpd is not shipped)
 	- atftp <not-affected> (atftp checks h_length)
 	- netkit-tftp <not-affected> (netkit-tftp not vulnerable)
 	- tftp-hpa <not-affected> (bug #295297; not exploitable)
 	NOTE: The address length comes from libc, not the network.
-CVE-2004-1484 (Format string vulnerability in the _msg function in error.c in socat ...)
+CVE-2004-1484
 	- socat 1.4.0.3-1
-CVE-2004-1483 (Multiple unknown vulnerabilities in the ActiveX and HTML file browsers ...)
+CVE-2004-1483
 	NOT-FOR-US: Symantec Clientless VPN Gateway 4400 Series
-CVE-2004-1482 (The sbuf_getmsg function in BNC incorrectly handles backspace ...)
+CVE-2004-1482
 	NOT-FOR-US: BNC irc proxy
-CVE-2004-1481 (Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 ...)
+CVE-2004-1481
 	NOT-FOR-US: Real
-CVE-2004-1480 (Unknown vulnerability in the management station in HP StorageWorks ...)
+CVE-2004-1480
 	NOT-FOR-US: HP StorageWorks Command View XP
 CVE-2004-1479
 	REJECTED
-CVE-2004-1478 (JRun 4.0 does not properly generate and handle the JSESSIONID, which ...)
+CVE-2004-1478
 	NOT-FOR-US: JRun
-CVE-2004-1477 (Cross-site scripting (XSS) vulnerability in the Management Console in ...)
+CVE-2004-1477
 	NOT-FOR-US: JRun
-CVE-2004-1476 (Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib ...)
+CVE-2004-1476
 	- xine-lib 1-rc6
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
 	- libcdio 0.69
-CVE-2004-1475 (Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 ...)
+CVE-2004-1475
 	- xine-lib 1-rc6
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2004-1474 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...)
+CVE-2004-1474
 	NOT-FOR-US: Symantec Enterprise Firewall/VPN Appliances
-CVE-2004-1473 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...)
+CVE-2004-1473
 	NOT-FOR-US: Symantec Enterprise Firewall/VPN Appliances
-CVE-2004-1472 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...)
+CVE-2004-1472
 	NOT-FOR-US: Symantec Enterprise Firewall/VPN Appliances
-CVE-2004-1471 (Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, ...)
+CVE-2004-1471
 	- cvs 1:1.12.9
-CVE-2004-1470 (CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions ...)
+CVE-2004-1470
 	NOT-FOR-US: snipsnap
-CVE-2004-1469 (Format string vulnerability in the log function in SUS 2.0.2, and ...)
+CVE-2004-1469
 	NOT-FOR-US: SUS
-CVE-2004-1468 (The web mail functionality in Usermin 1.x and Webmin 1.x allows remote ...)
+CVE-2004-1468
 	- webmin 1.160
 	- usermin 1.090
-CVE-2004-1467 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare ...)
+CVE-2004-1467
 	- egroupware 1.0.00.004
-CVE-2004-1466 (The set_time_limit function in Gallery before 1.4.4_p2 deletes ...)
+CVE-2004-1466
 	- gallery 1.4.4-pl2
-CVE-2004-1465 (Multiple buffer overflows in WinZip 9.0 and earlier may allow ...)
+CVE-2004-1465
 	NOT-FOR-US: WinZip
-CVE-2004-1464 (Cisco IOS 12.2(15) and earlier allows remote attackers to cause a ...)
+CVE-2004-1464
 	NOT-FOR-US: Cisco
-CVE-2004-1463 (Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, ...)
+CVE-2004-1463
 	- moin 1.2.3-1
-CVE-2004-1462 (Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote ...)
+CVE-2004-1462
 	- moin 1.2.3-1
-CVE-2004-1461 (Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a ...)
+CVE-2004-1461
 	NOT-FOR-US: Cisco
-CVE-2004-1460 (Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when ...)
+CVE-2004-1460
 	NOT-FOR-US: Cisco
-CVE-2004-1459 (Cisco Secure Access Control Server (ACS) 3.2, when configured as a ...)
+CVE-2004-1459
 	NOT-FOR-US: Cisco
-CVE-2004-1458 (The CSAdmin web administration interface for Cisco Secure Access ...)
+CVE-2004-1458
 	NOT-FOR-US: Cisco
-CVE-2004-1457 (The Virtual Private Network (VPN) capability in Novell Bordermanager ...)
+CVE-2004-1457
 	NOT-FOR-US: Novell
-CVE-2004-1456 (filediff in CVStrac allows remote attackers to execute arbitrary ...)
+CVE-2004-1456
 	- cvstrac 1.1.4-1
-CVE-2004-1455 (Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and ...)
+CVE-2004-1455
 	- xine-lib 1-rc5-1.1
 	- vlc <not-affected> (vulnerable component of xine-lib code copy not present)
-CVE-2004-1454 (Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) ...)
+CVE-2004-1454
 	NOT-FOR-US: Cisco
-CVE-2004-1453 (GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, ...)
+CVE-2004-1453
 	- glibc 2.3.5 (bug #272210; unimportant)
 	NOTE: according to GOTO Masanori this is not a security problem
 	NOTE: Jakub Jelinek confirms http://sources.redhat.com/ml/libc-hacker/2004-08/msg00059.html
 	NOTE: Although not a real issue we should play safe with 2.3.5, where the code
 	NOTE: was reorganized
-CVE-2004-1452 (Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions ...)
+CVE-2004-1452
 	NOT-FOR-US: Gentoo specific
-CVE-2004-1451 (Mozilla before 1.6 does not display the entire URL in the status bar ...)
+CVE-2004-1451
 	- mozilla 2:1.6-1
-CVE-2004-1450 (Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote ...)
+CVE-2004-1450
 	- mozilla 2:1.7.1-1
-CVE-2004-1449 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 ...)
+CVE-2004-1449
 	- mozilla 2:1.7-1
-CVE-2004-1448 (Jetbox One 2.0.8 and possibly other versions allow remote attackers ...)
+CVE-2004-1448
 	NOT-FOR-US: Jetbox One
-CVE-2004-1447 (Jetbox One 2.0.8 and possibly other versions stores passwords in the ...)
+CVE-2004-1447
 	NOT-FOR-US: Jetbox One
-CVE-2004-1446 (Unknown vulnerability in ScreenOS in Juniper Networks NetScreen ...)
+CVE-2004-1446
 	NOT-FOR-US: ScreenOS
-CVE-2004-1445 (A race condition in nessus-adduser in Nessus 2.0.11 and possibly ...)
+CVE-2004-1445
 	- nessus-core 2.0.12-1
-CVE-2004-1444 (Directory traversal vulnerability in Roundup 0.6.4 and earlier allows ...)
+CVE-2004-1444
 	- roundup 0.7.3-1
-CVE-2004-1443 (Cross-site scripting (XSS) vulnerability in the inline MIME viewer in ...)
+CVE-2004-1443
 	- imp3 3.2.5-1
-CVE-2004-1442 (Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in ...)
+CVE-2004-1442
 	NOT-FOR-US: db2www
-CVE-2004-1441 (Cross-site scripting (XSS) vulnerability in icq.cgi in Board Power ...)
+CVE-2004-1441
 	NOT-FOR-US: Board Power
-CVE-2004-1440 (Multiple heap-based buffer overflows in the modpow function in PuTTY ...)
+CVE-2004-1440
 	- putty 0.56-1
-CVE-2004-1439 (Buffer overflow in BlackJumboDog 3.x allows remote attackers to ...)
+CVE-2004-1439
 	NOT-FOR-US: BlackJumboDog
-CVE-2004-1438 (The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier ...)
+CVE-2004-1438
 	- subversion 1.0.6-1
-CVE-2004-1437 (Multiple buffer overflows in the digest authentication functionality ...)
+CVE-2004-1437
 	- pavuk 0.9pl28-3.1
-CVE-2004-1436 (The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 ...)
+CVE-2004-1436
 	NOT-FOR-US: Cisco
-CVE-2004-1435 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, ...)
+CVE-2004-1435
 	NOT-FOR-US: Cisco
-CVE-2004-1434 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, ...)
+CVE-2004-1434
 	NOT-FOR-US: Cisco
-CVE-2004-1433 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, ...)
+CVE-2004-1433
 	NOT-FOR-US: Cisco
-CVE-2004-1432 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, ...)
+CVE-2004-1432
 	NOT-FOR-US: Cisco
-CVE-2004-1431 (FormMail.php 5.0, and possibly other versions, allows remote attackers ...)
+CVE-2004-1431
 	NOT-FOR-US: FormMail.php != nms-formmail
-CVE-2004-1430 (SQL injection vulnerability in the show_stats module in Arcade.php in ...)
+CVE-2004-1430
 	NOT-FOR-US: Arcade.php
-CVE-2004-1429 (ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times ...)
+CVE-2004-1429
 	NOT-FOR-US: ArGoSoft
-CVE-2004-1428 (ArGoSoft FTP before 1.4.2.1 generates an error message if the user ...)
+CVE-2004-1428
 	NOT-FOR-US: ArGoSoft
-CVE-2004-1427 (PHP remote file inclusion vulnerability in main.inc in KorWeblog ...)
+CVE-2004-1427
 	NOT-FOR-US: KorWeblog
-CVE-2004-1426 (Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs ...)
+CVE-2004-1426
 	NOT-FOR-US: KorWeblog
-CVE-2004-1425 (Directory traversal vulnerability in file.php in Moodle 1.4.2 and ...)
+CVE-2004-1425
 	- moodle 1.4.3-1
-CVE-2004-1424 (Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 ...)
+CVE-2004-1424
 	- moodle 1.4.3-1
-CVE-2004-1423 (Multiple PHP remote file inclusion vulnerabilities in Sean Proctor ...)
+CVE-2004-1423
 	NOT-FOR-US: PHP-Calendar
-CVE-2004-1422 (WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain ...)
+CVE-2004-1422
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1421 (Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, ...)
+CVE-2004-1421
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1420 (Multiple cross-site scripting (XSS) vulnerabilities in header.php in ...)
+CVE-2004-1420
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1419 (PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and ...)
+CVE-2004-1419
 	NOT-FOR-US: ZeroBoard
-CVE-2004-1418 (Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and ...)
+CVE-2004-1418
 	NOT-FOR-US: WPKontakt
-CVE-2004-1417 (Cross-site scripting (XSS) vulnerability in login.php in PsychoStats ...)
+CVE-2004-1417
 	NOT-FOR-US: PsychoStats
-CVE-2004-1416 (pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as ...)
+CVE-2004-1416
 	NOT-FOR-US: RealOne IE plugin
-CVE-2004-1415 (SQL injection vulnerability in (1) disp_album.php and possibly (2) ...)
+CVE-2004-1415
 	NOT-FOR-US: 2Bgal
-CVE-2004-1414 (Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of ...)
+CVE-2004-1414
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1413 (Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow ...)
+CVE-2004-1413
 	NOT-FOR-US: Kayako
-CVE-2004-1412 (Cross-site scripting (XSS) vulnerability in index.php in Kayako ...)
+CVE-2004-1412
 	NOT-FOR-US: Kayako
-CVE-2004-1411 (Gadu-Gadu build 155 and earlier allows remote attackers to cause a ...)
+CVE-2004-1411
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1410 (Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and ...)
+CVE-2004-1410
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1409 (Multiple cross-site scripting vulnerabilities in Image Gallery Web ...)
+CVE-2004-1409
 	NOT-FOR-US: Image Gallery Web Application
-CVE-2004-1408 (The addImage method for admin.class.php in Image Gallery Web ...)
+CVE-2004-1408
 	NOT-FOR-US: Image Gallery Web Application
-CVE-2004-1407 (Multiple directory traversal vulnerabilities in singapore Image ...)
+CVE-2004-1407
 	NOT-FOR-US: Image Gallery Web Application
-CVE-2004-1406 (SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 ...)
+CVE-2004-1406
 	NOT-FOR-US: Ikonboard
-CVE-2004-1405 (MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not ...)
+CVE-2004-1405
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-1404 (Attachment Mod 2.3.10 module for phpBB, when used with Apache ...)
+CVE-2004-1404
 	NOT-FOR-US: Attachment Mod for phpBB
-CVE-2004-1403 (PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 ...)
+CVE-2004-1403
 	NOT-FOR-US: GNUBoard
-CVE-2004-1402 (SQL injection vulnerability in iWebNegar allows remote attackers to ...)
+CVE-2004-1402
 	NOT-FOR-US: iWebNegar
-CVE-2004-1401 (SQL injection vulnerability in verify.asp in Asp-rider allows remote ...)
+CVE-2004-1401
 	NOT-FOR-US: Asp-rider
-CVE-2004-1400 (The control panel in ASP Calendar does not require authentication to ...)
+CVE-2004-1400
 	NOT-FOR-US: ASP Calendar
-CVE-2004-1399 (Directory traversal vulnerability in the Attachment module 2.3.10 and ...)
+CVE-2004-1399
 	NOT-FOR-US: Attachment Mod for phpBB
-CVE-2004-1398 (Format string vulnerability in prelink.c in kextload in Apple OS X, as ...)
+CVE-2004-1398
 	NOT-FOR-US: MacOSX
-CVE-2004-1397 (Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows ...)
+CVE-2004-1397
 	- usemod-wiki 1.0-6
-CVE-2004-1396 (Winamp 5.07 and possibly other versions, allows remote attackers to ...)
+CVE-2004-1396
 	NOT-FOR-US: Winamp
-CVE-2004-1395 (The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) ...)
+CVE-2004-1395
 	NOT-FOR-US: Lithtech engine
-CVE-2004-1394 (The pfexec function for Sun Solaris 8 and 9 does not properly handle ...)
+CVE-2004-1394
 	NOT-FOR-US: Solaris
-CVE-2004-1393 (Unknown vulnerability in the tcsetattr function for Sun Solaris ...)
+CVE-2004-1393
 	NOT-FOR-US: Solaris
-CVE-2004-1392 (PHP 4.0 with cURL functions allows remote attackers to bypass the ...)
+CVE-2004-1392
 	- php4 4:4.3.10-3
-CVE-2004-1391 (Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in ...)
+CVE-2004-1391
 	NOT-FOR-US: PPPoE daemon (PPPoEd) in QNX RTP
-CVE-2004-1390 (Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 ...)
+CVE-2004-1390
 	NOT-FOR-US: PPPoE daemon (PPPoEd) in QNX RTP
-CVE-2004-1389 (Unknown vulnerability in the Veritas NetBackup Administrative ...)
+CVE-2004-1389
 	NOT-FOR-US: Veritas NetBackup Administrative Assistant
-CVE-2004-1388 (Format string vulnerability in the gpsd_report function for BerliOS ...)
+CVE-2004-1388
 	- gpsd 2.7-4
-CVE-2004-1387 (The check_forensic script in apache-utils package 1.3.31 allows local ...)
+CVE-2004-1387
 	- apache 1.3.33-3
-CVE-2004-1386 (TikiWiki before 1.8.4.1 does not properly verify uploaded images, ...)
+CVE-2004-1386
 	NOT-FOR-US: TikiWiki
-CVE-2004-1385 (phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain ...)
+CVE-2004-1385
 	- phpgroupware 0.9.16.005-1 (unimportant)
 	NOTE: path disclosure only, path is known on Debian anyway
-CVE-2004-1384 (Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare ...)
+CVE-2004-1384
 	- phpgroupware 0.9.16.005-1
-CVE-2004-1383 (Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and ...)
+CVE-2004-1383
 	- phpgroupware 0.9.16.005-1
-CVE-2004-1382 (The glibcbug script in glibc 2.3.4 and earlier allows local users to ...)
+CVE-2004-1382
 	- glibc 2.3.2.ds1-19
-CVE-2004-1381 (Firefox before 1.0 and Mozilla before 1.7.5 allow inactive ...)
+CVE-2004-1381
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2004-1380 (Firefox before 1.0 and Mozilla before 1.7.5 allows inactive ...)
+CVE-2004-1380
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2004-1379 (Heap-based buffer overflow in the DVD subpicture decoder in xine ...)
+CVE-2004-1379
 	{DSA-657-1}
 	- xine-lib 1-rc6a-1
-CVE-2004-1378 (The expat XML parser code, as used in the open source Jabber (jabberd) ...)
+CVE-2004-1378
 	- jabber 1.4.3-3 (unimportant)
 	NOTE: We do not ship jadc2s.
-CVE-2004-1377 (The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) ...)
+CVE-2004-1377
 	- a2ps 1:4.13b-4.3 (bug #286387; bug #286385)
-CVE-2004-1376 (Directory traversal vulnerability in Microsoft Internet Explorer 5.01, ...)
+CVE-2004-1376
 	NOT-FOR-US: MSIE
-CVE-2004-1375 (Unknown vulnerability in System Administration Manager (SAM) in HP-UX ...)
+CVE-2004-1375
 	NOT-FOR-US: HP-UX
-CVE-2004-1374 (Multiple buffer overflows in NetBSD kernel may allow local users to ...)
+CVE-2004-1374
 	NOT-FOR-US: NetBSD
-CVE-2004-1373 (Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers ...)
+CVE-2004-1373
 	NOT-FOR-US: Shoutcast
-CVE-2004-1372 (Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow ...)
+CVE-2004-1372
 	NOT-FOR-US: IBM DB2
-CVE-2004-1371 (Stack-based buffer overflow in Oracle 9i and 10g allows remote ...)
+CVE-2004-1371
 	NOT-FOR-US: Oracle
-CVE-2004-1370 (Multiple SQL injection vulnerabilities in PL/SQL procedures that run ...)
+CVE-2004-1370
 	NOT-FOR-US: Oracle
-CVE-2004-1369 (The TNS Listener in Oracle 10g allows remote attackers to cause a ...)
+CVE-2004-1369
 	NOT-FOR-US: Oracle
-CVE-2004-1368 (ISQL*Plus in Oracle 10g Application Server allows remote attackers to ...)
+CVE-2004-1368
 	NOT-FOR-US: Oracle
-CVE-2004-1367 (Oracle 10g Database Server, when installed with a password that ...)
+CVE-2004-1367
 	NOT-FOR-US: Oracle
-CVE-2004-1366 (Oracle 10g Database Server stores the password for the SYSMAN account ...)
+CVE-2004-1366
 	NOT-FOR-US: Oracle
-CVE-2004-1365 (Extproc in Oracle 9i and 10g does not require authentication to load a ...)
+CVE-2004-1365
 	NOT-FOR-US: Oracle
-CVE-2004-1364 (Directory traversal vulnerability in extproc in Oracle 9i and 10g ...)
+CVE-2004-1364
 	NOT-FOR-US: Oracle
-CVE-2004-1363 (Buffer overflow in extproc in Oracle 10g allows remote attackers to ...)
+CVE-2004-1363
 	NOT-FOR-US: Oracle
-CVE-2004-1362 (The PL/SQL module for the Oracle HTTP Server in Oracle Application ...)
+CVE-2004-1362
 	NOT-FOR-US: Oracle
-CVE-2004-1361 (Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through ...)
+CVE-2004-1361
 	NOT-FOR-US: Windows
-CVE-2004-1360 (Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when ...)
+CVE-2004-1360
 	NOT-FOR-US: Solaris
-CVE-2004-1359 (Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 ...)
+CVE-2004-1359
 	NOT-FOR-US: Solaris
-CVE-2004-1358 (The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable ...)
+CVE-2004-1358
 	NOT-FOR-US: Solaris
-CVE-2004-1357 (The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not ...)
+CVE-2004-1357
 	NOT-FOR-US: ssh on Solaris
-CVE-2004-1356 (Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 ...)
+CVE-2004-1356
 	NOT-FOR-US: Solaris
-CVE-2004-1355 (Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 ...)
+CVE-2004-1355
 	NOT-FOR-US: Solaris
-CVE-2004-1354 (The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates ...)
+CVE-2004-1354
 	NOT-FOR-US: Solaris
-CVE-2004-1353 (Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role ...)
+CVE-2004-1353
 	NOT-FOR-US: Solaris
-CVE-2004-1352 (Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may ...)
+CVE-2004-1352
 	NOT-FOR-US: Solaris
-CVE-2004-1351 (Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 ...)
+CVE-2004-1351
 	NOT-FOR-US: Solaris
-CVE-2004-1350 (Multiple buffer overflows in Sun Java System Web Proxy Server ...)
+CVE-2004-1350
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2004-1349 (gzip before 1.3 in Solaris 8, when called with the -f or -force flags, ...)
+CVE-2004-1349
 	- gzip <not-affected> (gzip on Solaris)
-CVE-2004-1348 (Unknown vulnerability in in.named on Solaris 8 allows remote attackers ...)
+CVE-2004-1348
 	NOT-FOR-US: Solaris
-CVE-2004-1347 (X Display Manager (XDM) on Solaris 8 allows remote attackers to cause ...)
+CVE-2004-1347
 	- xfree86 <not-affected> (xdm on Solaris)
 	- xorg-x11 <not-affected> (xdm on Solaris)
-CVE-2004-1346 (The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users ...)
+CVE-2004-1346
 	NOT-FOR-US: Solaris
-CVE-2004-1345 (Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) ...)
+CVE-2004-1345
 	NOT-FOR-US: Sun StorEdge Enterprise Storage Manager
 CVE-2004-1344
 	REJECTED
-CVE-2004-1343 (CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when ...)
+CVE-2004-1343
 	{DSA-715-1}
 	- cvs 1:1.12.9-12
-CVE-2004-1342 (CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid ...)
+CVE-2004-1342
 	{DSA-715-1}
 	- cvs 1:1.12.9-12
-CVE-2004-1341 (Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 ...)
+CVE-2004-1341
 	{DSA-711-1}
 	- info2www 1.2.2.9-23 (bug #281655)
-CVE-2004-1340 (Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the ...)
+CVE-2004-1340
 	{DSA-659-1}
 	- libpam-radius-auth 1.3.16-1.1
-CVE-2004-1339 (SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and ...)
+CVE-2004-1339
 	NOT-FOR-US: oracle
-CVE-2004-1338 (The triggers in Oracle 9i and 10g allow local users to gain privileges ...)
+CVE-2004-1338
 	NOT-FOR-US: oracle
-CVE-2004-1337 (The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 ...)
+CVE-2004-1337
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.11)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2004-1336 (The xdvizilla script in tetex-bin 2.0.2 creates temporary files with ...)
+CVE-2004-1336
 	- tetex-bin 2.0.2-25
-CVE-2004-1335 (Memory leak in the ip_options_get function in the Linux kernel before ...)
+CVE-2004-1335
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2004-1334 (Integer overflow in the ip_options_get function in the Linux kernel ...)
+CVE-2004-1334
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 <not-affected>
-CVE-2004-1333 (Integer overflow in the vc_resize function in the Linux kernel 2.4 and ...)
+CVE-2004-1333
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2004-1332 (Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with ...)
+CVE-2004-1332
 	NOT-FOR-US: hpux
-CVE-2004-1331 (The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows ...)
+CVE-2004-1331
 	NOT-FOR-US: microsoft
-CVE-2004-1330 (Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users ...)
+CVE-2004-1330
 	NOT-FOR-US: AIX
-CVE-2004-1329 (Untrusted execution path vulnerability in the diag commands (1) ...)
+CVE-2004-1329
 	NOT-FOR-US: AIX
-CVE-2004-1328 (Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 ...)
+CVE-2004-1328
 	NOT-FOR-US: hpux
-CVE-2004-1327 (Buffer overflow in Crystal FTP Client 2.8 allows remote malicious ...)
+CVE-2004-1327
 	NOT-FOR-US: Crystal FTP client
-CVE-2004-1326 (Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute ...)
+CVE-2004-1326
 	NOT-FOR-US: Ultrix
-CVE-2004-1325 (The getItemInfoByAtom function in the ActiveX control for Microsoft ...)
+CVE-2004-1325
 	NOT-FOR-US: Microsoft
-CVE-2004-1324 (The Microsoft Windows Media Player 9.0 ActiveX control may allow ...)
+CVE-2004-1324
 	NOT-FOR-US: Microsoft
-CVE-2004-1323 (Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow ...)
+CVE-2004-1323
 	NOT-FOR-US: Netbsd
-CVE-2004-1322 (Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft ...)
+CVE-2004-1322
 	NOT-FOR-US: Cisco
-CVE-2004-1321 (The configuration backup in Asante FM2008 running firmware 1.06 stores ...)
+CVE-2004-1321
 	NOT-FOR-US: Asante FM2008
-CVE-2004-1320 (Asante FM2008 running firmware 1.06 is shipped with a default username ...)
+CVE-2004-1320
 	NOT-FOR-US: Asante FM2008
-CVE-2004-1319 (The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject ...)
+CVE-2004-1319
 	NOT-FOR-US: MSIE
-CVE-2004-1318 (Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu ...)
+CVE-2004-1318
 	{DSA-627-1}
 	- namazu2 2.0.14-1
-CVE-2004-1317 (Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, ...)
+CVE-2004-1317
 	- netcat <not-affected> (only affects netcat in Windows)
-CVE-2004-1316 (Heap-based buffer overflow in MSG_UnEscapeSearchUrl in ...)
+CVE-2004-1316
 	- mozilla 2:1.7.5-1 (bug #288047)
-CVE-2004-1315 (viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the ...)
+CVE-2004-1315
 	- phpbb2 2.0.10-3
-CVE-2004-1314 (Safari 1.x allows remote attackers to spoof arbitrary web sites by ...)
+CVE-2004-1314
 	NOT-FOR-US: MacOS
-CVE-2004-1313 (The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly ...)
+CVE-2004-1313
 	NOT-FOR-US: My Firewall Plus
-CVE-2004-1312 (A bug in the HTML parser in a certain Microsoft HTML library, as used ...)
+CVE-2004-1312
 	NOT-FOR-US: Microsoft
-CVE-2004-1311 (Integer overflow in the real_setup_and_get_header function in real.c ...)
+CVE-2004-1311
 	- mplayer 1.0~pre6a-1
-CVE-2004-1310 (Stack-based buffer overflow in the asf_mmst_streaming.c functionality ...)
+CVE-2004-1310
 	- mplayer 1.0~pre6a-1
-CVE-2004-1309 (Heap-based buffer overflow in the demux_open_bmp function in ...)
+CVE-2004-1309
 	- mplayer 1.0~pre6a-1
-CVE-2004-1308 (Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff ...)
+CVE-2004-1308
 	{DSA-617-1}
 	- tiff 3.6.1-4
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-1307 (Integer overflow in the TIFFFetchStripThing function in tif_dirread.c ...)
+CVE-2004-1307
 	- tiff 3.7.0 (low)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-1306 (Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 ...)
+CVE-2004-1306
 	NOT-FOR-US: Windows
-CVE-2004-1305 (The Windows Animated Cursor (ANI) capability in Windows NT, Windows ...)
+CVE-2004-1305
 	NOT-FOR-US: Microsoft
-CVE-2004-1304 (Stack-based buffer overflow in the ELF header parsing code in file ...)
+CVE-2004-1304
 	- file 4.12
-CVE-2004-1303 (Buffer overflow in the get function in get.c for Yanf 0.4 allows ...)
+CVE-2004-1303
 	NOT-FOR-US: Yanf
-CVE-2004-1302 (The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote ...)
+CVE-2004-1302
 	NOT-FOR-US: YAMT
-CVE-2004-1301 (Buffer overflow in the book_format_sql function in format.c for ...)
+CVE-2004-1301
 	NOT-FOR-US: xlreader
-CVE-2004-1300 (Buffer overflow in the open_aiff_file function in demux_aiff.c for ...)
+CVE-2004-1300
 	- xine-lib 1-rc8-1
 	- vlc <not-affected> (vulnerable component of xine-lib code copy not present)
-CVE-2004-1299 (Buffer overflow in the get_attr function in html.c for vilistextum ...)
+CVE-2004-1299
 	NOT-FOR-US: vilistextum
-CVE-2004-1298 (Buffer overflow in the parse function in vb2c.c for vb2c 0.02 allows ...)
+CVE-2004-1298
 	NOT-FOR-US: vb2c
-CVE-2004-1297 (Buffer overflow in the process_font_table function in convert.c for ...)
+CVE-2004-1297
 	- unrtf 0.19.3-1.1 (bug #287038)
-CVE-2004-1296 (The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow ...)
+CVE-2004-1296
 	- groff 1.18.1.1-5
-CVE-2004-1295 (The slip_down function in slip.c for the uml_net program in ...)
+CVE-2004-1295
 	- uml-utilities <not-affected> (uml_net is only executable by users in group uml-net)
-CVE-2004-1294 (The mget function in cmds.c for tnftp 20030825 allows remote FTP ...)
+CVE-2004-1294
 	- tnftp 20050625-0.1 (bug #285902; medium)
-CVE-2004-1293 (Buffer overflow in the ReadFontTbl function in reader.c for ...)
+CVE-2004-1293
 	NOT-FOR-US: rtf2latex2e
-CVE-2004-1292 (Buffer overflow in the parse_emelody function in parse_emelody.c for ...)
+CVE-2004-1292
 	NOT-FOR-US: ringtonetools
-CVE-2004-1291 (Buffer overflow in qwik-smtpd allows remote attackers to use the ...)
+CVE-2004-1291
 	NOT-FOR-US: qwik-smtpd
-CVE-2004-1290 (Buffer overflow in the process_moves function in pgn2web.c for pgn2web ...)
+CVE-2004-1290
 	NOT-FOR-US: pgn2web
-CVE-2004-1289 (Multiple buffer overflows in (1) the getline function in pcalutil.c ...)
+CVE-2004-1289
 	{DSA-625-1}
 	- pcal 4.8.0-1
-CVE-2004-1288 (Buffer overflow in the parse_html function in o3read.c for o3read ...)
+CVE-2004-1288
 	NOT-FOR-US: o3read
-CVE-2004-1287 (Buffer overflow in the error function in preproc.c for NASM 0.98.38 ...)
+CVE-2004-1287
 	{DSA-623-1}
 	- nasm 0.98.38-1.1 (bug #285889)
-CVE-2004-1286 (Buffer overflow in the auto_filter_extern function in auto.c for ...)
+CVE-2004-1286
 	NOT-FOR-US: NapShare
-CVE-2004-1285 (Buffer overflow in the get_header function in asf_mmst_streaming.c for ...)
+CVE-2004-1285
 	NOT-FOR-US: mplayer
-CVE-2004-1284 (Buffer overflow in the find_next_file function in playlist.c for ...)
+CVE-2004-1284
 	NOTE: Previous fix 0.59r-18 introduced new integer overflows and caused regressions
 	- mpg123 0.59r-20 (bug #287043)
-CVE-2004-1283 (Buffer overflow in the Mesh::type method in mesh.c for the mview ...)
+CVE-2004-1283
 	NOT-FOR-US: mview
-CVE-2004-1282 (Buffer overflow in the strexpand function in string.c for LinPopUp ...)
+CVE-2004-1282
 	{DSA-632-1}
 	- linpopup 1.2.0-7
-CVE-2004-1281 (The ftp_retr function in junkie 0.3.1 allows remote malicious FTP ...)
+CVE-2004-1281
 	NOT-FOR-US: junkie
-CVE-2004-1280 (The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 ...)
+CVE-2004-1280
 	NOT-FOR-US: junkie
-CVE-2004-1279 (Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 ...)
+CVE-2004-1279
 	NOT-FOR-US: jpegtoavi
-CVE-2004-1278 (Buffer overflow in the switch_voice function in parse.c for jcabc2ps ...)
+CVE-2004-1278
 	NOT-FOR-US: jcabc2ps
-CVE-2004-1277 (The download_selection_recursive() function in ftplist.c for IglooFTP ...)
+CVE-2004-1277
 	NOT-FOR-US: IglooFTP
-CVE-2004-1276 (IglooFTP 0.6.1, when recursively uploading a directory, allows local ...)
+CVE-2004-1276
 	NOT-FOR-US: IglooFTP
-CVE-2004-1275 (Buffer overflow in the remove_quote function in convert.c for ...)
+CVE-2004-1275
 	NOT-FOR-US: html2hdml
-CVE-2004-1274 (The DownloadLoop function in main.c for greed 0.81p allows remote ...)
+CVE-2004-1274
 	NOT-FOR-US: greed
 	NOTE: not the game in debian, the file download tool
-CVE-2004-1273 (Buffer overflow in the DownloadLoop function in main.c for greed 0.81p ...)
+CVE-2004-1273
 	NOT-FOR-US: greed
 	NOTE: not the game in debian, the file download tool
-CVE-2004-1272 (Buffer overflow in the save_embedded_address function in filter.c for ...)
+CVE-2004-1272
 	- filter 2.4.2-1.1
-CVE-2004-1271 (Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows ...)
+CVE-2004-1271
 	NOT-FOR-US: dxfscope
-CVE-2004-1270 (lppasswd in CUPS 1.1.22, when run in environments that do not ensure ...)
+CVE-2004-1270
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1269 (lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it ...)
+CVE-2004-1269
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1268 (lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS ...)
+CVE-2004-1268
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1267 (Buffer overflow in the ParseCommand function in hpgl-input.c in the ...)
+CVE-2004-1267
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1266 (Buffer overflow in the get_field_headers function in csv2xml.cpp for ...)
+CVE-2004-1266
 	NOT-FOR-US: csv2xml
-CVE-2004-1265 (Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the ...)
+CVE-2004-1265
 	NOT-FOR-US: Convex
-CVE-2004-1264 (Buffer overflow in the simplify_path function in config.c for ChBg 1.5 ...)
+CVE-2004-1264
 	{DSA-644-1}
 	- chbg 1.5-4
-CVE-2004-1263 (changepassword.cgi in ChangePassword 0.8, when installed setuid, ...)
+CVE-2004-1263
 	NOT-FOR-US: ChangePassword
-CVE-2004-1262 (Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm ...)
+CVE-2004-1262
 	NOT-FOR-US: bsb2ppm
-CVE-2004-1261 (Multiple buffer overflows in the preparse function in asp2php 0.76.23 ...)
+CVE-2004-1261
 	NOT-FOR-US: asp2php
-CVE-2004-1260 (Multiple buffer overflows in the (1) write_heading function in ...)
+CVE-2004-1260
 	NOT-FOR-US: abctab2ps
-CVE-2004-1259 (Multiple buffer overflows in the handle_directive function in abcpp.c ...)
+CVE-2004-1259
 	NOT-FOR-US: abcpp
-CVE-2004-1258 (Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 ...)
+CVE-2004-1258
 	- abcm2ps 4.8.5-1
-CVE-2004-1257 (Buffer overflow in the process_abc function in abc.c for abc2mtex ...)
+CVE-2004-1257
 	NOT-FOR-US: abc2mtex
-CVE-2004-1256 (Multiple buffer overflows in the (1) event_text and (2) event_specific ...)
+CVE-2004-1256
 	- abcmidi 20050101-1
-CVE-2004-1255 (Buffer overflow in the expandtabs function in 2fax 3.04 allows remote ...)
+CVE-2004-1255
 	NOT-FOR-US: 2fax
-CVE-2004-1254 (WinRAR 3.40, and possibly earlier versions, allows remote attackers to ...)
+CVE-2004-1254
 	NOT-FOR-US: WinRAR
 CVE-2004-1253
 	RESERVED
@@ -3212,7 +3212,7 @@ CVE-2004-1246
 	RESERVED
 CVE-2004-1245
 	RESERVED
-CVE-2004-1244 (Windows Media Player 9 allows remote attackers to execute arbitrary ...)
+CVE-2004-1244
 	NOT-FOR-US: Microsoft
 CVE-2004-1243
 	REJECTED
@@ -3226,111 +3226,111 @@ CVE-2004-1239
 	REJECTED
 CVE-2004-1238
 	REJECTED
-CVE-2004-1237 (Unknown vulnerability in the system call filtering code in the audit ...)
+CVE-2004-1237
 	- linux-2.6 <not-affected> (Apparently Red Hat specific)
-CVE-2004-1236 (Buffer overflow in the LDAP component for Netscape Directory Server ...)
+CVE-2004-1236
 	NOT-FOR-US: Netscape Directory Server on HP-UX
-CVE-2004-1235 (Race condition in the (1) load_elf_library and (2) binfmt_aout ...)
+CVE-2004-1235
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-8 (bug #289202; bug #289708; bug #291053; high)
-CVE-2004-1234 (load_elf_binary in Linux before 2.4.26 allows local users to cause a ...)
+CVE-2004-1234
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26)
-CVE-2004-1233 (Integer overflow in Gadu-Gadu allows remote attackers to cause a ...)
+CVE-2004-1233
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1232 (Stack-based buffer overflow in the code that sends images in Gadu-Gadu ...)
+CVE-2004-1232
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1231 (Directory traversal vulnerability in Gadu-Gadu allows remote attackers ...)
+CVE-2004-1231
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1230 (Gadu-Gadu allows remote attackers to gain sensitive information and ...)
+CVE-2004-1230
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1229 (Cross-site scripting vulnerability in the parser for Gadu-Gadu allows ...)
+CVE-2004-1229
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1228 (The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not ...)
+CVE-2004-1228
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1227 (Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and ...)
+CVE-2004-1227
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1226 (SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to ...)
+CVE-2004-1226
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1225 (SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a ...)
+CVE-2004-1225
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1224 (Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 ...)
+CVE-2004-1224
 	- mtr 0.67-1
-CVE-2004-1223 (The Management Agent in F-Secure Policy Manager 5.11.2810 allows ...)
+CVE-2004-1223
 	NOT-FOR-US: F-Secure Policy Manager
-CVE-2004-1222 (weblibs.pl in WebLibs 1.0 allows remote attackers to execute arbitrary ...)
+CVE-2004-1222
 	NOT-FOR-US: weblibs.pl
-CVE-2004-1221 (Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows ...)
+CVE-2004-1221
 	NOT-FOR-US: weblibs.pl
-CVE-2004-1220 (Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and ...)
+CVE-2004-1220
 	NOT-FOR-US: Battlefield 1942, Battlefield Vietnam
-CVE-2004-1219 (paFileDB 3.1, when using sessions authentication and while the ...)
+CVE-2004-1219
 	NOT-FOR-US: paFileDB
-CVE-2004-1218 (Remote Execute 2.30 allows remote attackers to cause a denial of ...)
+CVE-2004-1218
 	NOT-FOR-US: Remote Execute
-CVE-2004-1217 (Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows ...)
+CVE-2004-1217
 	NOT-FOR-US: Hosting Controller
-CVE-2004-1216 (The scripts that handle players in Kreed 1.05 and earlier allow remote ...)
+CVE-2004-1216
 	NOT-FOR-US: Kreed
-CVE-2004-1215 (Kreed 1.05 and earlier allows remote attackers to cause a denial of ...)
+CVE-2004-1215
 	NOT-FOR-US: Kreed
-CVE-2004-1214 (Format string vulnerability in Kreed 1.05 and earlier allows remote ...)
+CVE-2004-1214
 	NOT-FOR-US: Kreed
-CVE-2004-1213 (Cross-site scripting (XSS) vulnerability in index.php in Advanced ...)
+CVE-2004-1213
 	NOT-FOR-US: Advanced Guestbook
-CVE-2004-1212 (Directory traversal vulnerability in btdownload.php in Blog Torrent ...)
+CVE-2004-1212
 	NOT-FOR-US: Blog Torrent
-CVE-2004-1211 (Multiple buffer overflows in the IMAP service in Mercury/32 4.01a ...)
+CVE-2004-1211
 	NOT-FOR-US: Mercury Mail
-CVE-2004-1210 (Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop ...)
+CVE-2004-1210
 	NOT-FOR-US: IpCop
-CVE-2004-1209 (Verisign Payflow Link, when running with empty Accepted URL fields, ...)
+CVE-2004-1209
 	NOT-FOR-US: Verisign Payflow Link
-CVE-2004-1208 (Buffer overflow in Orbz 2.10 and earlier allows remote attackers to ...)
+CVE-2004-1208
 	NOT-FOR-US: Orbz
-CVE-2004-1207 (The Serious engine, as used in (1) Alpha Black Zero Intrepid Protocol ...)
+CVE-2004-1207
 	NOT-FOR-US: The Serious engine, as used in (1) Alpha Black Zero, (2) Nitro family, and (3) Serious Sam Second Encounter
-CVE-2004-1206 (Directory traversal vulnerability in codebrowserpntm.php in ...)
+CVE-2004-1206
 	NOT-FOR-US: pnTresMailer
-CVE-2004-1205 (codebrowserpntm.php in PnTresMailer 6.03 allows remote attackers to ...)
+CVE-2004-1205
 	NOT-FOR-US: pnTresMailer
-CVE-2004-1204 (FluxBox 0.9.10 and earlier versions allows local users to cause a ...)
+CVE-2004-1204
 	NOTE: at best a local DOS by the user running fluxbox.
 	NOTE: Where's the security hole?
 	- fluxbox 0.9.11-1
-CVE-2004-1203 (parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug ...)
+CVE-2004-1203
 	NOT-FOR-US: phpCMS
-CVE-2004-1202 (Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 ...)
+CVE-2004-1202
 	NOT-FOR-US: phpCMS
-CVE-2004-1201 (Opera 7.54 allows remote attackers to cause a denial of service ...)
+CVE-2004-1201
 	NOT-FOR-US: Opera
-CVE-2004-1200 (Firefox and Mozilla allow remote attackers to cause a denial of ...)
+CVE-2004-1200
 	NOTE: memory leak, doubt it's usefully exploitable
 	NOTE: did not followup
-CVE-2004-1199 (Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a ...)
+CVE-2004-1199
 	NOT-FOR-US: Safari
-CVE-2004-1198 (Microsoft Internet Explorer allows remote attackers to cause a denial ...)
+CVE-2004-1198
 	NOT-FOR-US: MSIE
-CVE-2004-1197 (Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop ...)
+CVE-2004-1197
 	NOT-FOR-US: inShop
-CVE-2004-1196 (Cross-site scripting (XSS) vulnerability in inmail.pl in Insite Inmail ...)
+CVE-2004-1196
 	NOT-FOR-US: Insite Inmail
-CVE-2004-1195 (Star Wars Battlefront 1.11 and earlier allows remote attackers to ...)
+CVE-2004-1195
 	NOT-FOR-US: Star Wars Battlefront
-CVE-2004-1194 (Buffer overflow in Star Wars Battlefront 1.11 and earlier allows ...)
+CVE-2004-1194
 	NOT-FOR-US: Star Wars Battlefront
-CVE-2004-1193 (Prevx Home 1.0 allows local users with administrator privileges to ...)
+CVE-2004-1193
 	NOT-FOR-US: Prevex Home
-CVE-2004-1192 (Format string vulnerability in the lprintf function in Citadel/UX 6.27 ...)
+CVE-2004-1192
 	NOT-FOR-US: Citadel/UX
-CVE-2004-1191 (Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems ...)
+CVE-2004-1191
 	NOTE: turned out that kernel-source-2.6.8 2.6.8-14 was incompletly fixed
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 2.4.27-6
 	- linux-2.6 <not-affected> (fixed before initial upload)
 	- linux-2.6.24 <not-affected> (fixed before initial upload)
-CVE-2004-1190 (SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not ...)
+CVE-2004-1190
 	NOTE: Response from Suse people reveals that http://linux.bkbits.net:8080/linux-2.6/hist/drivers/block/scsi_ioctl.c
 	NOTE: has a misleading entry titled "Fix exploitable hole"
 	NOTE: http://www.securityfocus.com/advisories/7579
@@ -3340,164 +3340,164 @@ CVE-2004-1190 (SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 d
 	NOTE: 2.6.10 is actually fixed, but 2.6.8 is not
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2004-1189 (The add_to_history function in svr_principal.c in libkadm5srv for MIT ...)
+CVE-2004-1189
 	{DSA-629-1}
 	- krb5 1.3.6-1
-CVE-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other ...)
+CVE-2004-1188
 	- xine-lib 1-rc8-1
 	- mplayer <not-affected> (fixed in 1.0-pre5 which precedes the version included in etch)
-CVE-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for xine ...)
+CVE-2004-1187
 	- xine-lib 1-rc8-1
 	- mplayer <not-affected> (fixed in 1.0-pre5 which precedes the version included in etch)
-CVE-2004-1186 (Multiple buffer overflows in enscript 1.6.3 allow remote attackers or ...)
+CVE-2004-1186
 	{DSA-654-1}
 	- enscript 1.6.4-6
-CVE-2004-1185 (Enscript 1.6.3 does not sanitize filenames, which allows remote ...)
+CVE-2004-1185
 	{DSA-654-1}
 	- enscript 1.6.4-6
-CVE-2004-1184 (The EPSF pipe support in enscript 1.6.3 allows remote attackers or ...)
+CVE-2004-1184
 	{DSA-654-1}
 	- enscript 1.6.4-6
-CVE-2004-1183 (Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier ...)
+CVE-2004-1183
 	{DSA-626-1}
 	- tiff 3.6.1-5
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-1182 (hfaxd in HylaFAX before 4.2.1, when installed with a &quot;weak&quot; ...)
+CVE-2004-1182
 	{DSA-634-1}
 	- hylafax 1:4.2.1-1
-CVE-2004-1181 (htmlheadline before 21.8 allows local users to overwrite arbitrary ...)
+CVE-2004-1181
 	{DSA-622-1}
 	- htmlheadline <removed>
-CVE-2004-1180 (Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on ...)
+CVE-2004-1180
 	{DSA-678-1}
 	- netkit-rwho 0.17-8
-CVE-2004-1179 (The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before ...)
+CVE-2004-1179
 	{DSA-615-1}
 	- debmake 3.7.7
 CVE-2004-1178
 	RESERVED
-CVE-2004-1177 (Cross-site scripting (XSS) vulnerability in the driver script in ...)
+CVE-2004-1177
 	{DSA-674-1}
 	- mailman 2.1.5-5
-CVE-2004-1176 (Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and ...)
+CVE-2004-1176
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1175 (fish.c in midnight commander allows remote attackers to execute ...)
+CVE-2004-1175
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1174 (direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows ...)
+CVE-2004-1174
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1173 (Internet Explorer 6 allows remote attackers to bypass the popup ...)
+CVE-2004-1173
 	NOT-FOR-US: MSIE
-CVE-2004-1172 (Stack-based buffer overflow in the Agent Browser in Veritas Backup ...)
+CVE-2004-1172
 	NOT-FOR-US: Veritas Backup Exec
-CVE-2004-1171 (KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are ...)
+CVE-2004-1171
 	- kdelibs 4:3.3.1-2
 	- kdebase 4:3.3.1-3
-CVE-2004-1170 (a2ps 4.13 allows remote attackers to execute arbitrary commands via ...)
+CVE-2004-1170
 	{DSA-612-1}
 	- a2ps 1:4.13b-4.2 (bug #283134)
-CVE-2004-1169 (MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause ...)
+CVE-2004-1169
 	- maxdb-7.5.00 7.5.00.19-1
-CVE-2004-1168 (Stack-based buffer overflow in the WebDav handler in MaxDB WebTools ...)
+CVE-2004-1168
 	- maxdb-7.5.00 7.5.00.19-1
-CVE-2004-1167 (mirrorselect before 0.89 creates temporary files in a world-writable ...)
+CVE-2004-1167
 	NOT-FOR-US: gentoo mirrorselect
-CVE-2004-1166 (CRLF injection vulnerability in Microsoft Internet Explorer ...)
+CVE-2004-1166
 	NOT-FOR-US: Microsoft
-CVE-2004-1165 (Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP ...)
+CVE-2004-1165
 	{DSA-631-1}
 	- kdelibs 4:3.3.2-1
-CVE-2004-1164 (The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 ...)
+CVE-2004-1164
 	NOT-FOR-US: Cisco
-CVE-2004-1163 (Cisco CNS Network Registrar Central Configuration Management (CCM) ...)
+CVE-2004-1163
 	NOT-FOR-US: Cisco
-CVE-2004-1162 (The unison command in scponly before 4.0 does not properly restrict ...)
+CVE-2004-1162
 	- scponly 4.0-1
-CVE-2004-1161 (rssh 2.2.2 and earlier does not properly restrict programs that can be ...)
+CVE-2004-1161
 	- rssh 2.2.3-1
-CVE-2004-1160 (Netscape 7.x to 7.2, and possibly other versions, allows remote ...)
+CVE-2004-1160
 	NOT-FOR-US: Netscape
 CVE-2004-1159
 	REJECTED
-CVE-2004-1158 (Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows ...)
+CVE-2004-1158
 	- kdelibs 4:3.3.1-3
 	- kdebase 4:3.3.1-4
-CVE-2004-1157 (Opera 7.x up to 7.54, and possibly other versions, allows remote ...)
+CVE-2004-1157
 	NOT-FOR-US: Opera
-CVE-2004-1156 (Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote ...)
+CVE-2004-1156
 	- mozilla 2:1.7.6-1
 	- mozilla-firefox 1.0.1
-CVE-2004-1155 (Internet Explorer 5.01 through 6 allows remote attackers to spoof ...)
+CVE-2004-1155
 	NOT-FOR-US: Microsoft MSIE
-CVE-2004-1154 (Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x ...)
+CVE-2004-1154
 	{DSA-701-1}
 	- samba 3.0.10-1
-CVE-2004-1153 (Format string vulnerability in Adobe Acrobat Reader 6.0.0 through ...)
+CVE-2004-1153
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2004-1152 (Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader ...)
+CVE-2004-1152
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2) ...)
+CVE-2004-1151
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1150 (Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 ...)
+CVE-2004-1150
 	NOT-FOR-US: Winamp
-CVE-2004-1149 (Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including ...)
+CVE-2004-1149
 	NOT-FOR-US: Computer Associates eTrust EZ Antivirus
-CVE-2004-1148 (phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...)
+CVE-2004-1148
 	- phpmyadmin 2:2.6.1-rc1-1
-CVE-2004-1147 (phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external ...)
+CVE-2004-1147
 	- phpmyadmin 2:2.6.1-rc1-1
-CVE-2004-1146 (Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and ...)
+CVE-2004-1146
 	- cvstrac 1.1.5
-CVE-2004-1145 (Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) ...)
+CVE-2004-1145
 	- kdelibs 4:3.3.2-1
-CVE-2004-1144 (Unknown vulnerability in the 32bit emulation code in Linux 2.4 on ...)
+CVE-2004-1144
 	NOTE: amd64 specific
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2004-1143 (The password generation in mailman before 2.1.5 generates only 5 ...)
+CVE-2004-1143
 	- mailman 2.1.5-5
-CVE-2004-1142 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a ...)
+CVE-2004-1142
 	{DSA-613-1}
 	- ethereal 0.10.8-1
-CVE-2004-1141 (The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote ...)
+CVE-2004-1141
 	- ethereal 0.10.8-1
-CVE-2004-1140 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a ...)
+CVE-2004-1140
 	- ethereal 0.10.8-1
-CVE-2004-1139 (Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 ...)
+CVE-2004-1139
 	- ethereal 0.10.8-1
-CVE-2004-1138 (VIM before 6.3 and gVim before 6.3 allow local users to execute ...)
+CVE-2004-1138
 	- vim 1:6.3-046+0sarge1
-CVE-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux kernel ...)
+CVE-2004-1137
 	- linux-2.6 <not-affected> (Fixed before upload into the archive)
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-1136 (Buffer overflow in CuteFTP Professional 6.0, and possibly other ...)
+CVE-2004-1136
 	NOT-FOR-US: CuteFTP
-CVE-2004-1135 (Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow ...)
+CVE-2004-1135
 	NOT-FOR-US: WS-Ftpd
-CVE-2004-1134 (Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote ...)
+CVE-2004-1134
 	NOT-FOR-US: Microsoft
-CVE-2004-1133 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ...)
+CVE-2004-1133
 	NOT-FOR-US: Microsoft
 CVE-2004-1132
 	RESERVED
-CVE-2004-1131 (Multiple buffer overflows in the enable command for SCO OpenServer ...)
+CVE-2004-1131
 	NOT-FOR-US: SCO
-CVE-2004-1130 (Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer ...)
+CVE-2004-1130
 	NOT-FOR-US: CMailServer
-CVE-2004-1129 (SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and ...)
+CVE-2004-1129
 	NOT-FOR-US: CMailServer
-CVE-2004-1128 (Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote ...)
+CVE-2004-1128
 	NOT-FOR-US: CMailServer
-CVE-2004-1127 (Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with ...)
+CVE-2004-1127
 	- opendchub 0.7.14-1.1 (bug #284350; bug #283061)
 CVE-2004-1126
 	RESERVED
-CVE-2004-1125 (Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, ...)
+CVE-2004-1125
 	{DSA-621-1 DSA-619-1}
 	- xpdf 3.00-11
 	- cupsys 1.1.22-2
@@ -3505,193 +3505,193 @@ CVE-2004-1125 (Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3
 	- tetex-bin 2.0.2-25
 	- gpdf 2.8.2-1
 	- koffice 1:1.3.5-1
-CVE-2004-1124 (Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 ...)
+CVE-2004-1124
 	NOT-FOR-US: UnixWare
-CVE-2004-1123 (Darwin Streaming Server 5.0.1, and possibly earlier versions, allows ...)
+CVE-2004-1123
 	NOT-FOR-US: Darwin Streaming Server
-CVE-2004-1122 (Safari 1.x to 1.2.4, and possibly other versions, allows inactive ...)
+CVE-2004-1122
 	NOT-FOR-US: Safari
-CVE-2004-1121 (Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the ...)
+CVE-2004-1121
 	NOT-FOR-US: Safari
-CVE-2004-1120 (Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c ...)
+CVE-2004-1120
 	{DSA-663-1}
 	- prozilla 1:1.3.7.3-1
-CVE-2004-1119 (Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and ...)
+CVE-2004-1119
 	NOT-FOR-US: Winamp
-CVE-2004-1118 (Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component ...)
+CVE-2004-1118
 	NOT-FOR-US: WodFtpDLX.ocx ActiveX component
-CVE-2004-1117 (The init scripts in ChessBrain 20407 and earlier execute user-owned ...)
+CVE-2004-1117
 	NOT-FOR-US: ChessBrain
-CVE-2004-1116 (The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 ...)
+CVE-2004-1116
 	NOT-FOR-US: GIMPS
-CVE-2004-1115 (The init scripts in Search for Extraterrestrial Intelligence (SETI) ...)
+CVE-2004-1115
 	- setiathome <not-affected> (Gentoo-specific vulnerability)
-CVE-2004-1114 (Buffer overflow in the handling of command line arguments in Skype ...)
+CVE-2004-1114
 	NOT-FOR-US: Skype
-CVE-2004-1113 (SQL injection vulnerability in SQLgrey Postfix greylisting service ...)
+CVE-2004-1113
 	- sqlgrey 1.2.0
-CVE-2004-1112 (The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 ...)
+CVE-2004-1112
 	NOT-FOR-US: Cisco
-CVE-2004-1111 (Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, ...)
+CVE-2004-1111
 	NOT-FOR-US: Cisco
-CVE-2004-1110 (The mtink status monitor before 1.0.5 for Epson printers allows local ...)
+CVE-2004-1110
 	- mtink 1.0.5
 	NOTE: debian not vulnerable except in edge case
-CVE-2004-1109 (The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier ...)
+CVE-2004-1109
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2004-1108 (qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to ...)
+CVE-2004-1108
 	NOT-FOR-US: Gentoolkit
-CVE-2004-1107 (dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to ...)
+CVE-2004-1107
 	NOT-FOR-US: Portage
-CVE-2004-1106 (Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and ...)
+CVE-2004-1106
 	{DSA-642-1}
 	- gallery 1.4.4-pl4-1
-CVE-2004-1105 (Nortel Networks Contivity VPN Client displays a different error ...)
+CVE-2004-1105
 	NOT-FOR-US: Nortel Networks Contivity VPN Client
-CVE-2004-1104 (Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a ...)
+CVE-2004-1104
 	NOT-FOR-US: Microsoft
-CVE-2004-1103 (MailPost 5.1.1sv, and possibly earlier versions, when debug mode is ...)
+CVE-2004-1103
 	NOT-FOR-US: MailPost
-CVE-2004-1102 (MailPost 5.1.1sv, and possibly earlier versions, displays a different ...)
+CVE-2004-1102
 	NOT-FOR-US: MailPost
-CVE-2004-1101 (mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, ...)
+CVE-2004-1101
 	NOT-FOR-US: MailPost
-CVE-2004-1100 (Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost ...)
+CVE-2004-1100
 	NOT-FOR-US: MailPost
-CVE-2004-1099 (Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco ...)
+CVE-2004-1099
 	NOT-FOR-US: Cisco
-CVE-2004-1098 (MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus ...)
+CVE-2004-1098
 	- mime-tools 5.415-1
-CVE-2004-1097 (Format string vulnerability in the cherokee_logger_ncsa_write_string ...)
+CVE-2004-1097
 	- cherokee <not-affected> (Fixed before upload into archive)
-CVE-2004-1096 (Archive::Zip Perl module before 1.14, when used by antivirus programs ...)
+CVE-2004-1096
 	- libarchive-zip-perl 1.14-1
-CVE-2004-1095 (Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) ...)
+CVE-2004-1095
 	{DSA-608-1}
 	- zgv 5.7-1.3 (bug #284124)
-CVE-2004-1094 (Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version ...)
+CVE-2004-1094
 	NOT-FOR-US: RealPlayer
-CVE-2004-1093 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
+CVE-2004-1093
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1092 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
+CVE-2004-1092
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1091 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
+CVE-2004-1091
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1090 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
+CVE-2004-1090
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1089 (Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using ...)
+CVE-2004-1089
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1088 (Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows ...)
+CVE-2004-1088
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1087 (Terminal for Apple Mac OS X 10.3.6 may indicate that &quot;Secure Keyboard ...)
+CVE-2004-1087
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1086 (Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows ...)
+CVE-2004-1086
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1085 (Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows ...)
+CVE-2004-1085
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1084 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to ...)
+CVE-2004-1084
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1083 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files ...)
+CVE-2004-1083
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1081 (The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and ...)
+CVE-2004-1081
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1082 (mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does ...)
+CVE-2004-1082
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1080 (The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, ...)
+CVE-2004-1080
 	NOT-FOR-US: Microsoft
-CVE-2004-1079 (Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs ...)
+CVE-2004-1079
 	- ncpfs 2.2.5-2
-CVE-2004-1078 (Stack-based buffer overflow in the client for Citrix Program ...)
+CVE-2004-1078
 	NOT-FOR-US: Citrix
-CVE-2004-1077 (Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and ...)
+CVE-2004-1077
 	NOT-FOR-US: Citrix
-CVE-2004-1076 (Multiple buffer overflows in the RtConfigLoad function in rt-config.c ...)
+CVE-2004-1076
 	{DSA-609-1}
 	- atari800 1.3.2-1
-CVE-2004-1075 (Cross-site scripting (XSS) vulnerability in standard_error_message.dtml ...)
+CVE-2004-1075
 	- zope-zwiki 0.37.0-1
-CVE-2004-1074 (The binfmt functionality in the Linux kernel, when &quot;memory overcommit&quot; ...)
+CVE-2004-1074
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-1073 (The open_exec function in the execve functionality (exec.c) in Linux ...)
+CVE-2004-1073
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1072 (The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to ...)
+CVE-2004-1072
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1071 (The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to ...)
+CVE-2004-1071
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1070 (The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) ...)
+CVE-2004-1070
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1069 (Race condition in SELinux 2.6.x through 2.6.9 allows local users to ...)
+CVE-2004-1069
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 <not-affected> (2.6 only issue)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1068 (A &quot;missing serialization&quot; error in the unix_dgram_recvmsg function in ...)
+CVE-2004-1068
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 	- kernel-source-2.4.27 2.4.27-7
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1067 (Off-by-one error in the mysasl_canon_user function in Cyrus IMAP ...)
+CVE-2004-1067
 	- cyrus21-imapd <not-affected> (Only affected 2.2 series)
-CVE-2004-1066 (The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and ...)
+CVE-2004-1066
 	NOT-FOR-US: FreeBSD
-CVE-2004-1065 (Buffer overflow in the exif_read_data function in PHP before 4.3.10 ...)
+CVE-2004-1065
 	- php4 4:4.3.10-1
-CVE-2004-1064 (The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate ...)
+CVE-2004-1064
 	- php4 4:4.3.10-1
-CVE-2004-1063 (PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a ...)
+CVE-2004-1063
 	- php4 4:4.3.10-1
-CVE-2004-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 ...)
+CVE-2004-1062
 	- viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.3 (bug #287771)
-CVE-2004-1061 (Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, ...)
+CVE-2004-1061
 	- bugzilla 2.16.7-2
-CVE-2004-1060 (Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) ...)
+CVE-2004-1060
 	NOTE: Linux kernel verifies TCP sequence numbers on ICMP errors
-CVE-2004-1059 (Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch ...)
+CVE-2004-1059
 	- mnogosearch 3.2.18-2.2
-CVE-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read the ...)
+CVE-2004-1058
 	{DSA-1018-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2004-1057 (Multiple drivers in Linux kernel 2.4.19 and earlier do not properly ...)
+CVE-2004-1057
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-10
-CVE-2004-1056 (Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not ...)
+CVE-2004-1056
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-8
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1055 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2004-1055
 	- phpmyadmin 2:2.6.0-pl3-1
-CVE-2004-1054 (Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, ...)
+CVE-2004-1054
 	NOT-FOR-US: AIX
-CVE-2004-1053 (Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote ...)
+CVE-2004-1053
 	NOT-FOR-US: fetch on FreeBSD
-CVE-2004-1052 (Buffer overflow in the getnickuserhost function in BNC 2.8.9, and ...)
+CVE-2004-1052
 	{DSA-595-1}
 	- bnc <removed>
-CVE-2004-1051 (sudo before 1.6.8p2 allows local users to execute arbitrary commands ...)
+CVE-2004-1051
 	{DSA-596-2}
 	- sudo 1.6.8p3-1
-CVE-2004-1050 (Heap-based buffer overflow in Internet Explorer 6 allows remote ...)
+CVE-2004-1050
 	NOT-FOR-US: Microsoft
-CVE-2004-1049 (Integer overflow in the LoadImage API of the USER32 Lib for Microsoft ...)
+CVE-2004-1049
 	NOT-FOR-US: Microsoft
 CVE-2004-1048
 	RESERVED
@@ -3703,7 +3703,7 @@ CVE-2004-1045
 	RESERVED
 CVE-2004-1044
 	RESERVED
-CVE-2004-1043 (Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to ...)
+CVE-2004-1043
 	NOT-FOR-US: MSIE
 CVE-2004-1042
 	RESERVED
@@ -3711,109 +3711,109 @@ CVE-2004-1041
 	RESERVED
 CVE-2004-1040
 	RESERVED
-CVE-2004-1039 (The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, ...)
+CVE-2004-1039
 	NOT-FOR-US: SCO UnixWare
-CVE-2004-1038 (A design error in the IEEE1394 specification allows attackers with ...)
+CVE-2004-1038
 	NOT-FOR-US: IEEE1394 specification bug, physical security
-CVE-2004-1037 (The search function in TWiki 20030201 allows remote attackers to ...)
+CVE-2004-1037
 	- twiki 20030201-6
-CVE-2004-1036 (Cross-site scripting (XSS) vulnerability in the decoding of encoded ...)
+CVE-2004-1036
 	- squirrelmail 2:1.4.3a-3
-CVE-2004-1035 (Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, ...)
+CVE-2004-1035
 	- up-imapproxy 1.2.2+1.2.3rc2-1
-CVE-2004-1034 (Buffer overflow in the http_open function in Kaffeine before 0.5, ...)
+CVE-2004-1034
 	- kaffeine 0.4.3.1-3
 	- gxine 0.4-rc1
-CVE-2004-1033 (Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file ...)
+CVE-2004-1033
 	- fcron 2.9.5.1-1
-CVE-2004-1032 (fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions ...)
+CVE-2004-1032
 	- fcron 2.9.5.1-1
-CVE-2004-1031 (fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions ...)
+CVE-2004-1031
 	- fcron 2.9.5.1-1
-CVE-2004-1030 (fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions ...)
+CVE-2004-1030
 	- fcron 2.9.5.1-1
-CVE-2004-1029 (The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) ...)
+CVE-2004-1029
 	NOT-FOR-US: Sun JRE
-CVE-2004-1028 (Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, ...)
+CVE-2004-1028
 	NOT-FOR-US: AIX
-CVE-2004-1027 (Directory traversal vulnerability in the -x (extract) command line ...)
+CVE-2004-1027
 	{DSA-652-1}
 	- arj <not-affected> (sarge's unarj is from a different code base, probably not vulnerable)
-CVE-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14 and ...)
+CVE-2004-1026
 	{DSA-628-1 DSA-618-1}
 	- imlib 1.9.14-17.1 (bug #284925)
 	- imlib+png2 1.9.14-16.1
 	- imlib2 1.1.2-2.1
-CVE-2004-1025 (Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, ...)
+CVE-2004-1025
 	{DSA-618-1}
 	- imlib 1.9.14-17.1 (bug #284925)
 	- imlib+png2 1.9.14-16.1
 CVE-2004-1024
 	RESERVED
-CVE-2004-1023 (Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and ...)
+CVE-2004-1023
 	NOT-FOR-US: Kerio
-CVE-2004-1022 (Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and ...)
+CVE-2004-1022
 	NOT-FOR-US: Kerio
-CVE-2004-1021 (iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does ...)
+CVE-2004-1021
 	NOT-FOR-US: MacOS
-CVE-2004-1020 (The addslashes function in PHP 4.3.9 does not properly escape a NULL ...)
+CVE-2004-1020
 	- php4 4:4.3.10-1
-CVE-2004-1019 (The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 ...)
+CVE-2004-1019
 	- php4 4:4.3.10-1
-CVE-2004-1018 (Multiple integer handling errors in PHP before 4.3.10 allow attackers ...)
+CVE-2004-1018
 	- php4 4:4.3.10-1
 	- php3 3:3.0.18-29
-CVE-2004-1017 (Multiple &quot;overflows&quot; in the io_edgeport driver for Linux kernel 2.4.x ...)
+CVE-2004-1017
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1 DSA-1017-1}
 	- linux-2.6 <not-affected> (2.4 specific vulnerability)
-CVE-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up to ...)
+CVE-2004-1016
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-1015 (Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, ...)
+CVE-2004-1015
 	- cyrus-imapd <not-affected> (cyrus-imapd not vulnerable)
 	- cyrus21-imapd <not-affected> (cyrus21-imapd not vulnerable)
-CVE-2004-1014 (statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE ...)
+CVE-2004-1014
 	{DSA-606-1}
 	- nfs-utils 1:1.0.6-3.1
-CVE-2004-1013 (The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x ...)
+CVE-2004-1013
 	{DSA-597-1}
 	- cyrus-imapd 1.5.19-20
 	- cyrus21-imapd 2.1.17-1
-CVE-2004-1012 (The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 ...)
+CVE-2004-1012
 	{DSA-597-1}
 	- cyrus-imapd 1.5.19-20
 	- cyrus21-imapd 2.1.17-1
-CVE-2004-1011 (Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, ...)
+CVE-2004-1011
 	- cyrus-imapd <not-affected> (cyrus-imapd not vulnerable)
 	- cyrus21-imapd <not-affected> (cyrus21-imapd not vulnerable)
-CVE-2004-1010 (Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when ...)
+CVE-2004-1010
 	{DSA-624-1}
 	- zip 2.30-8
-CVE-2004-1009 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
+CVE-2004-1009
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1008 (Integer signedness error in the ssh2_rdpkt function in PuTTY before ...)
+CVE-2004-1008
 	- putty 0.56-1
-CVE-2004-1007 (The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows ...)
+CVE-2004-1007
 	- bogofilter 0.92.8-1
-CVE-2004-1006 (Format string vulnerability in the log functions in dhcpd for dhcp 2.x ...)
+CVE-2004-1006
 	{DSA-584-1}
 	- dhcp 2.0pl5-19.1
-CVE-2004-1005 (Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and ...)
+CVE-2004-1005
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1004 (Multiple format string vulnerabilities in Midnight Commander (mc) ...)
+CVE-2004-1004
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1003 (Trend ScanMail allows remote attackers to obtain potentially sensitive ...)
+CVE-2004-1003
 	NOT-FOR-US: Trend ScanMail
-CVE-2004-1002 (Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote ...)
+CVE-2004-1002
 	- ppp 2.4.2+20040428-3
-CVE-2004-1001 (Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, ...)
+CVE-2004-1001
 	{DSA-585-1}
 	NOTE: Fixed in 	shadow 1:4.0.3-30.3 for the first time.
 	NOTE: Apparently, the fix was lost somehow, see #309587.
@@ -3821,233 +3821,233 @@ CVE-2004-1001 (Unknown vulnerability in the passwd_check function in Shadow 4.0.
 	NOTE: version 1:4.0.3-35.
 	- shadow 1:4.0.3-35
 	[sarge] - shadow 1:4.0.3-31sarge5 (bug #309587)
-CVE-2004-1000 (lintian 1.23 and earlier removes the working directory even if it was ...)
+CVE-2004-1000
 	{DSA-630-1}
 	- lintian 1.23.6 (bug #286379; low)
-CVE-2004-0999 (zgv 5.5.3 allows remote attackers to cause a denial of service ...)
+CVE-2004-0999
 	{DSA-608-1}
 	- zgv 5.7-1.3 (bug #284124)
 	NOTE: changelog says he only patched 1095, but diff comparison
 	NOTE: shows 0999 was also fixed.
-CVE-2004-0998 (Format string vulnerability in telnetd-ssl 0.17 and earlier allows ...)
+CVE-2004-0998
 	{DSA-616-1}
 	- netkit-telnet-ssl 0.17.24+0.1-6
-CVE-2004-0997 (Unspecified vulnerability in the ptrace MIPS assembly code in Linux ...)
+CVE-2004-0997
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (fixed before first upload)
-CVE-2004-0996 (main.c in cscope 15-4 and 15-5 creates temporary files with ...)
+CVE-2004-0996
 	{DSA-610-1}
 	- cscope 15.5-1.1 (bug #282815)
 	NOTE: Patch in debian bts from ubuntu is good. All other patches are crap.
 CVE-2004-0995
 	REJECTED
-CVE-2004-0994 (Multiple integer overflows in xzgv 0.8 and earlier allow remote ...)
+CVE-2004-0994
 	{DSA-614-1}
 	NOTE: only indication that it's this CVE is in the debian package changelog
 	- xzgv 0.8-3
-CVE-2004-0993 (Buffer overflow in hpsockd before 0.6 allows remote attackers to cause ...)
+CVE-2004-0993
 	{DSA-604-1}
 	- hpsockd 0.14
-CVE-2004-0992 (Format string vulnerability in the -a option (daemon mode) in ...)
+CVE-2004-0992
 	NOT-FOR-US: Proxytunnel
-CVE-2004-0991 (Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to ...)
+CVE-2004-0991
 	- mpg123 0.59r-19
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2004-0990 (Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and ...)
+CVE-2004-0990
 	{DSA-602-1 DSA-601-1 DSA-591-1 DSA-589-1}
 	- libgd2 2.0.30-1
 	- libgd 1.8.4-36.1
-CVE-2004-0989 (Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and ...)
+CVE-2004-0989
 	{DSA-582-1}
 	- libxml 1:1.8.17-9
 	- libxml2 2.6.11-5
-CVE-2004-0988 (Integer overflow on Apple QuickTime before 6.5.2, when running on ...)
+CVE-2004-0988
 	NOT-FOR-US: Apple
-CVE-2004-0987 (Buffer overflow in the process_menu function in yardradius 1.0.20 ...)
+CVE-2004-0987
 	{DSA-598-1}
 	- yardradius 1.0.20-15
-CVE-2004-0986 (Iptables before 1.2.11, under certain conditions, does not properly ...)
+CVE-2004-0986
 	{DSA-580-1}
 	- iptables 1.2.11-4
-CVE-2004-0985 (Internet Explorer 6.x on Windows XP SP2 allows remote attackers to ...)
+CVE-2004-0985
 	NOT-FOR-US: windows
-CVE-2004-0984 (Unknown vulnerability in the dotlock implementation in mailutils ...)
+CVE-2004-0984
 	- mailutils 1:0.5-4
-CVE-2004-0983 (The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows ...)
+CVE-2004-0983
 	{DSA-586-1}
 	- ruby1.8 1.8.1+1.8.2pre2-4
 	- ruby1.6 1.6.8-12
 	- ruby <removed>
-CVE-2004-0982 (Buffer overflow in the getauthfromURL function in httpget.c in mpg123 ...)
+CVE-2004-0982
 	{DSA-578-1}
 	- mpg123 0.59r-18
 	NOTE: Original fix in -17 was incomplete
-CVE-2004-0981 (Buffer overflow in the EXIF parsing routine in ImageMagick before ...)
+CVE-2004-0981
 	{DSA-593-1}
 	- imagemagick 6:6.0.6.2-1.5 (bug #278401)
 	- graphicsmagick 1.1.7-1
-CVE-2004-0980 (Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 ...)
+CVE-2004-0980
 	{DSA-592-1}
 	- ez-ipupdate 3.0.11b8-8
-CVE-2004-0979 (Internet Explorer on Windows XP does not properly modify the &quot;Drag and ...)
+CVE-2004-0979
 	NOT-FOR-US: windows
-CVE-2004-0978 (Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX ...)
+CVE-2004-0978
 	NOT-FOR-US: windows
-CVE-2004-0977 (The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local ...)
+CVE-2004-0977
 	{DSA-577-1}
 	- postgresql 7.4.6-1
-CVE-2004-0976 (Multiple scripts in the perl package in Trustix Secure Linux 1.5 ...)
+CVE-2004-0976
 	{DSA-620-1}
 	- perl 5.8.4-4
-CVE-2004-0975 (The der_chop script in the openssl package in Trustix Secure Linux 1.5 ...)
+CVE-2004-0975
 	{DSA-603-1}
 	- openssl 0.9.7e-3
 	NOTE: -1 claimed to include it, but it was missing
-CVE-2004-0974 (The netatalk package in Trustix Secure Linux 1.5 through 2.1, and ...)
+CVE-2004-0974
 	- netatalk 1.6.4a-1 (low)
 CVE-2004-0973
 	REJECTED
-CVE-2004-0972 (The lvmcreate_initrd script in the lvm package in Trustix Secure Linux ...)
+CVE-2004-0972
 	{DSA-583-1}
 	- lvm10 1:1.0.8-8
-CVE-2004-0971 (The krb5-send-pr script in the kerberos5 (krb5) package in Trustix ...)
+CVE-2004-0971
 	NOTE: Not shipped in the krb5 binary package
 	- krb5 <unfixed> (bug #278271; unimportant)
 	- arla 0.36.2-11
-CVE-2004-0970 (The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as ...)
+CVE-2004-0970
 	{DSA-588-1}
 	- gzip 1.3.5-8 (bug #259043; bug #257314; medium)
-CVE-2004-0969 (The groffer script in the Groff package 1.18 and later versions, as ...)
+CVE-2004-0969
 	- groff 1.18.1.1-2
-CVE-2004-0968 (The catchsegv script in glibc 2.3.2 and earlier allows local users to ...)
+CVE-2004-0968
 	{DSA-636-1}
 	- glibc 2.3.2.ds1-19
-CVE-2004-0967 (The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts ...)
+CVE-2004-0967
 	- gs-common 0.3.6-0.1
 	- gs-gpl 8.56.dfsg.1-1 (bug #291373; unimportant)
 	NOTE: ps2epsi hole present in gs-gpl, but not shipped in binary
-CVE-2004-0966 (The (1) autopoint and (2) gettextize scripts in the GNU gettext ...)
+CVE-2004-0966
 	- gettext 0.14.1-6
-CVE-2004-0965 (stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified ...)
+CVE-2004-0965
 	NOT-FOR-US: HP-UX
-CVE-2004-0964 (Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for ...)
+CVE-2004-0964
 	{DSA-587-1}
 	- zinf <not-affected> (According to DSA-587 not affected, as module was rewritten)
 	- freeamp <removed>
-CVE-2004-0963 (Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and ...)
+CVE-2004-0963
 	NOT-FOR-US: windows
-CVE-2004-0962 (Apple Remote Desktop Client 1.2.4 executes a GUI application as root ...)
+CVE-2004-0962
 	NOT-FOR-US: Apple Remote Desktop Client
-CVE-2004-0961 (Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to ...)
+CVE-2004-0961
 	- freeradius 1.0.1
-CVE-2004-0960 (FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of ...)
+CVE-2004-0960
 	- freeradius 1.0.1
-CVE-2004-0959 (rfc1867.c in PHP before 5.0.2 allows local users to upload files to ...)
+CVE-2004-0959
 	- php4 4:4.3.9
-CVE-2004-0958 (php_variables.c in PHP before 5.0.2 allows remote attackers to read ...)
+CVE-2004-0958
 	- php4 4:4.3.9
-CVE-2004-0957 (Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user ...)
+CVE-2004-0957
 	{DSA-707-1}
 	- mysql-dfsg-4.1 4.1.10a-6
 	- mysql-dfsg 4.0.24-5
-CVE-2004-0956 (MySQL before 4.0.20 allows remote attackers to cause a denial of ...)
+CVE-2004-0956
 	- mysql-dfsg <not-affected> (Not vulnerable, http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge)
 CVE-2004-0955
 	REJECTED
 CVE-2004-0954
 	REJECTED
-CVE-2004-0953 (Buffer overflow in the C2S module in the open source Jabber 2.x server ...)
+CVE-2004-0953
 	- jabber <not-affected> (Jabber version 2 is vulnerable, we have an older version that seems not)
-CVE-2004-0952 (HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the ...)
+CVE-2004-0952
 	NOT-FOR-US: HP-UX
-CVE-2004-0951 (The make_recovery command for the TFTP server in HP Ignite-UX before ...)
+CVE-2004-0951
 	NOT-FOR-US: HP-UX
-CVE-2004-0950 (NetOp Host before 7.65 build 2004278 allows remote attackers to obtain ...)
+CVE-2004-0950
 	NOT-FOR-US: NetOp Host
-CVE-2004-0949 (The smb_recv_trans2 function call in the samba filesystem (smbfs) in ...)
+CVE-2004-0949
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 CVE-2004-0948
 	REJECTED
-CVE-2004-0947 (Buffer overflow in unarj before 2.63a-r2 allows remote attackers to ...)
+CVE-2004-0947
 	{DSA-652-1}
 	NOTE: see http://lwn.net/Alerts/110733/
 	- arj <not-affected> (sarge's unarj is from a different code base, probably not vulnerable)
-CVE-2004-0946 (rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit ...)
+CVE-2004-0946
 	- nfs-utils <not-affected> (does not apply per maintainer)
-CVE-2004-0945 (The web management interface for Mitel 3300 Integrated Communications ...)
+CVE-2004-0945
 	NOT-FOR-US: Mitel 3300 Integrated Communications Platform
-CVE-2004-0944 (The web management interface for Mitel 3300 Integrated Communications ...)
+CVE-2004-0944
 	NOT-FOR-US: Mitel 3300 Integrated Communications Platform
 CVE-2004-0943
 	REJECTED
-CVE-2004-0942 (Apache webserver 2.0.52 and earlier allows remote attackers to cause a ...)
+CVE-2004-0942
 	- apache2 2.0.52-2
-CVE-2004-0941 (Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 ...)
+CVE-2004-0941
 	{DSA-602-1 DSA-601-1}
 	- libgd2 2.0.33-1.1
 	- libgd 1.8.4-36.1
-CVE-2004-0940 (Buffer overflow in the get_tag function in mod_include for Apache ...)
+CVE-2004-0940
 	{DSA-594-1}
 	- apache 1.3.33-2
-CVE-2004-0939 (changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and ...)
+CVE-2004-0939
 	NOT-FOR-US: Neoteris Instant Virtual Extranet
-CVE-2004-0938 (FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of ...)
+CVE-2004-0938
 	- freeradius 1.0.1
-CVE-2004-0937 (Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, ...)
+CVE-2004-0937
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2004-0936 (RAV antivirus allows remote attackers to bypass antivirus protection ...)
+CVE-2004-0936
 	NOT-FOR-US: RAV antivirus
-CVE-2004-0935 (Eset Anti-Virus before 1.020 (16th September 2004) allows remote ...)
+CVE-2004-0935
 	NOT-FOR-US: Eset anti-virus
-CVE-2004-0934 (Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus ...)
+CVE-2004-0934
 	NOT-FOR-US: Kaspersky antivirus
-CVE-2004-0933 (Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 ...)
+CVE-2004-0933
 	NOT-FOR-US: Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus
-CVE-2004-0932 (McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th ...)
+CVE-2004-0932
 	NOT-FOR-US: McAfee Anti-Virus Engine DATS drivers
-CVE-2004-0931 (MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial ...)
+CVE-2004-0931
 	- maxdb-7.5.00 7.5.00.18
-CVE-2004-0930 (The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other ...)
+CVE-2004-0930
 	- samba 3.0.8-1
-CVE-2004-0929 (Heap-based buffer overflow in the OJPEGVSetField function in ...)
+CVE-2004-0929
 	- tiff3g <removed>
-CVE-2004-0928 (The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX ...)
+CVE-2004-0928
 	NOT-FOR-US: Macromedia
-CVE-2004-0927 (ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example ...)
+CVE-2004-0927
 	NOT-FOR-US: MacOS
-CVE-2004-0926 (Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through ...)
+CVE-2004-0926
 	NOT-FOR-US: MacOS
-CVE-2004-0925 (Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, ...)
+CVE-2004-0925
 	NOT-FOR-US: MacOS
-CVE-2004-0924 (NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial ...)
+CVE-2004-0924
 	NOT-FOR-US: MacOS
-CVE-2004-0923 (CUPS 1.1.20 and earlier records authentication information for a ...)
+CVE-2004-0923
 	{DSA-566-1}
 	- cupsys 1.1.20final+rc1-9
 	- cups 1.1.20final+rc1-9
-CVE-2004-0922 (AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, ...)
+CVE-2004-0922
 	NOT-FOR-US: MacOS
-CVE-2004-0921 (AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an ...)
+CVE-2004-0921
 	NOT-FOR-US: MacOS
-CVE-2004-0920 (Symantec Norton AntiVirus 2004, and earlier versions, allows a virus ...)
+CVE-2004-0920
 	NOT-FOR-US: norton
-CVE-2004-0919 (The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to ...)
+CVE-2004-0919
 	NOT-FOR-US: FreeBSD
-CVE-2004-0918 (The asn_parse_header function (asn1.c) in the SNMP module for Squid ...)
+CVE-2004-0918
 	{DSA-576-1}
 	- squid 2.5.7
-CVE-2004-0917 (The default installation of Vignette Application Portal installs the ...)
+CVE-2004-0917
 	NOT-FOR-US: Vignette Application Portal
-CVE-2004-0916 (Directory traversal vulnerability in cabextract before 1.1 allows ...)
+CVE-2004-0916
 	{DSA-574-1}
 	- cabextract 1.1-1
-CVE-2004-0915 (Multiple unknown vulnerabilities in viewcvs before 0.9.2, when ...)
+CVE-2004-0915
 	{DSA-605-1}
 	- viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.2 (bug #284237)
-CVE-2004-0914 (Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in ...)
+CVE-2004-0914
 	{DSA-607-1}
 	NOTE: Previous -9 fix had some issues of its own
 	- xfree86 4.3.0.dfsg.1-14 (bug #309143)
@@ -4057,74 +4057,74 @@ CVE-2004-0914 (Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used
 	- lesstif2 1:0.93.94-11.2
 	- openmotif 2.2.3-1.1 (bug #309819; medium)
 	[sarge] - openmotif <no-dsa> (Non-free)
-CVE-2004-0913 (Unknown vulnerability in ecartis 0.x before ...)
+CVE-2004-0913
 	{DSA-572-1}
 	- ecartis 1.0.0+cvs.20030911-8
 CVE-2004-0912
 	RESERVED
-CVE-2004-0911 (telnetd for netkit 0.17 and earlier, and possibly other versions, on ...)
+CVE-2004-0911
 	{DSA-569-1 DSA-556-1}
 	- netkit-telnet-ssl 0.17.24+0.1-4
 	- netkit-telnet 0.17-26
 CVE-2004-0910
 	REJECTED
-CVE-2004-0909 (Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and ...)
+CVE-2004-0909
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0908 (Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and ...)
+CVE-2004-0908
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0907 (The Linux install .tar.gz archives for Mozilla Firefox before the ...)
+CVE-2004-0907
 	- mozilla-firefox <not-affected> (non-Debian packaging issue)
-CVE-2004-0906 (The XPInstall installer in Mozilla Firefox before the Preview Release, ...)
+CVE-2004-0906
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0905 (Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and ...)
+CVE-2004-0905
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0904 (Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox ...)
+CVE-2004-0904
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0903 (Stack-based buffer overflow in the writeGroup function in ...)
+CVE-2004-0903
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0902 (Multiple heap-based buffer overflows in Mozilla Firefox before the ...)
+CVE-2004-0902
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0901 (Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in ...)
+CVE-2004-0901
 	NOT-FOR-US: Microsoft
-CVE-2004-0900 (The DHCP Server service for Microsoft Windows NT 4.0 Server and ...)
+CVE-2004-0900
 	NOT-FOR-US: Microsoft
-CVE-2004-0899 (The DHCP Server service for Microsoft Windows NT 4.0 Server and ...)
+CVE-2004-0899
 	NOT-FOR-US: Microsoft
 CVE-2004-0898
 	RESERVED
-CVE-2004-0897 (The Indexing Service for Microsoft Windows XP and Server 2003 does not ...)
+CVE-2004-0897
 	NOT-FOR-US: Windows
 CVE-2004-0896
 	RESERVED
 CVE-2004-0895
 	RESERVED
-CVE-2004-0894 (LSASS (Local Security Authority Subsystem Service) of Windows 2000 ...)
+CVE-2004-0894
 	NOT-FOR-US: Microsoft
-CVE-2004-0893 (The Local Procedure Call (LPC) interface of the Windows Kernel for ...)
+CVE-2004-0893
 	NOT-FOR-US: Microsoft
-CVE-2004-0892 (Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is ...)
+CVE-2004-0892
 	NOT-FOR-US: Microsoft
-CVE-2004-0891 (Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 ...)
+CVE-2004-0891
 	- gaim 1:1.0.2
 CVE-2004-0890
 	REJECTED
-CVE-2004-0889 (Multiple integer overflows in xpdf 3.0, and other packages that use ...)
+CVE-2004-0889
 	- xpdf 3.00-10 (medium)
-CVE-2004-0888 (Multiple integer overflows in xpdf 2.0 and 3.0, and other packages ...)
+CVE-2004-0888
 	{DSA-599-1 DSA-581-1 DSA-573-1}
 	- koffice 1:1.3.4-1
 	- tetex-bin 2.0.2-23
@@ -4136,34 +4136,34 @@ CVE-2004-0888 (Multiple integer overflows in xpdf 2.0 and 3.0, and other package
 	NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
 	NOTE: In version 1.1.20final+rc1-10, the dormant code in the source
 	NOTE: package was fixed.
-CVE-2004-0887 (SUSE Linux Enterprise Server 9 on the S/390 platform does not properly ...)
+CVE-2004-0887
 	{DSA-1018-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.6.8 2.6.8-10
-CVE-2004-0886 (Multiple integer overflows in libtiff 3.6.1 and earlier allow remote ...)
+CVE-2004-0886
 	{DSA-567-1}
 	- kdegraphics 3.3.2-1
 	- tiff 3.6.1-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-0885 (The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the ...)
+CVE-2004-0885
 	- apache2 2.0.52-2
 	- libapache-mod-ssl 2.8.20-1
-CVE-2004-0884 (The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and ...)
+CVE-2004-0884
 	{DSA-568-1 DSA-563-3}
 	- cyrus-sasl <removed>
 	- cyrus-sasl2 2.1.19-1.3 (bug #275431; bug #276865; bug #275432; bug #275553)
-CVE-2004-0883 (Multiple vulnerabilities in the samba filesystem (smbfs) in Linux ...)
+CVE-2004-0883
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.10)
 	- kernel-source-2.4.27 2.4.27-6
 	[sarge] - kernel-source-2.6.8 2.6.8-13
-CVE-2004-0882 (Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x ...)
+CVE-2004-0882
 	NOTE: details http://security.e-matters.de/advisories/132004.html
 	- samba 3.0.7
-CVE-2004-0881 (getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as ...)
+CVE-2004-0881
 	{DSA-553-1}
 	- getmail 3.2.5-1
-CVE-2004-0880 (getmail 4.x before 4.2.0, when run as root, allows local users to ...)
+CVE-2004-0880
 	{DSA-553-1}
 	- getmail 3.2.5-1
 CVE-2004-0879
@@ -4174,31 +4174,31 @@ CVE-2004-0877
 	RESERVED
 CVE-2004-0876
 	RESERVED
-CVE-2004-0875 (Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware ...)
+CVE-2004-0875
 	- phpgroupware 0.9.16.002
 CVE-2004-0874
 	REJECTED
-CVE-2004-0873 (Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to ...)
+CVE-2004-0873
 	NOT-FOR-US: apple
-CVE-2004-0872 (Opera does not prevent cookies that are sent over an insecure ...)
+CVE-2004-0872
 	NOT-FOR-US: Opera
-CVE-2004-0871 (Mozilla does not prevent cookies that are sent over an insecure ...)
+CVE-2004-0871
 	NOTE: upstream knows about the problem, no fix expected
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=252342
 	NOTE: http://www.securitytracker.com/alerts/2004/Sep/1011331.html
 	NOTE: fix doesn't look likely any time soon
-CVE-2004-0870 (KDE Konqueror does not prevent cookies that are sent over an insecure ...)
+CVE-2004-0870
 	NOTE: upstream knows about the problem, no fix expected
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=252342
 	NOTE: http://www.securitytracker.com/alerts/2004/Sep/1011331.html
 	NOTE: fix doesn't look likely any time soon
-CVE-2004-0869 (Internet Explorer does not prevent cookies that are sent over an ...)
+CVE-2004-0869
 	NOT-FOR-US: MSIE
 CVE-2004-0868
 	REJECTED
-CVE-2004-0867 (Mozilla Firefox 0.9.2 allows web sites to set cookies for ...)
+CVE-2004-0867
 	- mozilla-firefox 0.9.3
-CVE-2004-0866 (Internet Explorer 6.0 allows web sites to set cookies for ...)
+CVE-2004-0866
 	NOT-FOR-US: MSIE
 CVE-2004-0865
 	RESERVED
@@ -4226,334 +4226,334 @@ CVE-2004-0854
 	REJECTED
 CVE-2004-0853
 	REJECTED
-CVE-2004-0852 (Buffer overflow in htget 0.93 allows remote attackers to execute ...)
+CVE-2004-0852
 	{DSA-611-1}
 	- htget <removed>
-CVE-2004-0851 (The (1) write_list and (2) dump_curr_list functions in Net-Acct before ...)
+CVE-2004-0851
 	{DSA-559-1}
 	- net-acct 0.71-7
-CVE-2004-0850 (Star before 1.5_alpha46 does not drop the effective user ID (euid) ...)
+CVE-2004-0850
 	- star 1.5a46
-CVE-2004-0849 (Integer overflow in the asn_decode_string() function defined in asn1.c ...)
+CVE-2004-0849
 	NOT-FOR-US: GNU Radius
-CVE-2004-0848 (Buffer overflow in Microsoft Office XP allows remote attackers to ...)
+CVE-2004-0848
 	NOT-FOR-US: microsoft
-CVE-2004-0847 (The Microsoft .NET forms authentication capability for ASP.NET allows ...)
+CVE-2004-0847
 	NOT-FOR-US: microsoft
-CVE-2004-0846 (Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and ...)
+CVE-2004-0846
 	NOT-FOR-US: microsoft
-CVE-2004-0845 (Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL ...)
+CVE-2004-0845
 	NOT-FOR-US: microsoft
-CVE-2004-0844 (Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows ...)
+CVE-2004-0844
 	NOT-FOR-US: microsoft
-CVE-2004-0843 (Internet Explorer 5.5 and 6 does not properly handle plug-in ...)
+CVE-2004-0843
 	NOT-FOR-US: microsoft
-CVE-2004-0842 (Internet Explorer 6.0 SP1 and earlier, and possibly other versions, ...)
+CVE-2004-0842
 	NOT-FOR-US: microsoft
-CVE-2004-0841 (Internet Explorer 6.x allows remote attackers to install arbitrary ...)
+CVE-2004-0841
 	NOT-FOR-US: microsoft
-CVE-2004-0840 (The SMTP (Simple Mail Transfer Protocol) component of Microsoft ...)
+CVE-2004-0840
 	NOT-FOR-US: microsoft
-CVE-2004-0839 (Internet Explorer in Windows XP SP2, and other versions including 5.01 ...)
+CVE-2004-0839
 	NOT-FOR-US: microsoft
-CVE-2004-0837 (MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to ...)
+CVE-2004-0837
 	{DSA-562-2}
 	- mysql <removed>
-CVE-2004-0836 (Buffer overflow in the mysql_real_connect function in MySQL 4.x before ...)
+CVE-2004-0836
 	{DSA-562-2}
 	- mysql <removed>
-CVE-2004-0835 (MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and ...)
+CVE-2004-0835
 	{DSA-562-2}
 	- mysql <removed>
-CVE-2004-0834 (Format string vulnerability in Speedtouch USB driver before 1.3.1 ...)
+CVE-2004-0834
 	- speedtouch 1.3.1
-CVE-2004-0833 (Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and ...)
+CVE-2004-0833
 	{DSA-554-1}
 	- sendmail 8.13.1-13
-CVE-2004-0832 (The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid ...)
+CVE-2004-0832
 	- squid 2.5.6-8
-CVE-2004-0831 (McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing ...)
+CVE-2004-0831
 	NOT-FOR-US: McAfee
-CVE-2004-0830 (The Content Scanner Server in F-Secure Anti-Virus for Microsoft ...)
+CVE-2004-0830
 	NOT-FOR-US: Microsoft
-CVE-2004-0829 (smbd in Samba before 2.2.11 allows remote attackers to cause a denial ...)
+CVE-2004-0829
 	- samba 2.2.11
-CVE-2004-0828 (The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and ...)
+CVE-2004-0828
 	NOTE: not-fos-us (AIX)
-CVE-2004-0827 (Multiple buffer overflows in the ImageMagick graphics library 5.x ...)
+CVE-2004-0827
 	{DSA-547-1}
 	- imagemagick 5:6.0.7.1-1
-CVE-2004-0826 (Heap-based buffer overflow in Netscape Network Security Services (NSS) ...)
+CVE-2004-0826
 	NOT-FOR-US: netscape NSS
-CVE-2004-0825 (QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and ...)
+CVE-2004-0825
 	NOT-FOR-US: Apple
-CVE-2004-0824 (PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to ...)
+CVE-2004-0824
 	NOT-FOR-US: Apple
-CVE-2004-0823 (OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 ...)
+CVE-2004-0823
 	NOT-FOR-US: Apple
-CVE-2004-0822 (Buffer overflow in The Core Foundation framework ...)
+CVE-2004-0822
 	NOT-FOR-US: Apple
-CVE-2004-0821 (The CFPlugIn in Core Foundation framework in Mac OS X allows user ...)
+CVE-2004-0821
 	NOT-FOR-US: Apple
-CVE-2004-0820 (Winamp before 5.0.4 allows remote attackers to execute arbitrary ...)
+CVE-2004-0820
 	NOT-FOR-US: winamp
-CVE-2004-0819 (The bridge functionality in OpenBSD 3.4 and 3.5, when running a ...)
+CVE-2004-0819
 	NOT-FOR-US: openbsd
 CVE-2004-0818
 	REJECTED
-CVE-2004-0817 (Multiple heap-based buffer overflows in the imlib BMP image handler ...)
+CVE-2004-0817
 	{DSA-548-2}
 	- imlib+png2 1.9.14-16.2
 	- imlib 1.9.14-17 (bug #285025)
-CVE-2004-0816 (Integer underflow in the firewall logging rules for iptables in Linux ...)
+CVE-2004-0816
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8)
 	- kernel-source-2.4.27 <not-affected> (2.6 specific issue)
-CVE-2004-0815 (The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x ...)
+CVE-2004-0815
 	{DSA-600-1}
 	- samba 3.0.6-1 (bug #274342)
-CVE-2004-0814 (Multiple race conditions in the terminal layer in Linux 2.4.x, and ...)
+CVE-2004-0814
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 	[sarge] - kernel-source-2.6.8 2.6.8-8
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-0813 (Unknown vulnerability in the SG_IO functionality in ide-cd allows ...)
+CVE-2004-0813
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.10)
 	- kernel-source-2.4.27 <not-affected> (Only an issue with botched permissions)
-CVE-2004-0812 (Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD ...)
+CVE-2004-0812
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.0-test10)
 	- kernel-source-2.4.27 <not-affected> (2.4 not support for amd64)
-CVE-2004-0811 (Unknown vulnerability in Apache 2.0.51 prevents &quot;the merging of the ...)
+CVE-2004-0811
 	- apache2 2.0.52
-CVE-2004-0810 (Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to ...)
+CVE-2004-0810
 	NOT-FOR-US: Netopia Timbuktu
-CVE-2004-0809 (The mod_dav module in Apache 2.0.50 and earlier allows remote ...)
+CVE-2004-0809
 	{DSA-558-1}
 	- apache2 2.0.51-1
 	- libapache-mod-dav 1.0.3-10
-CVE-2004-0808 (The process_logon_packet function in the nmbd server for Samba 3.0.6 ...)
+CVE-2004-0808
 	- samba 3.0.7
-CVE-2004-0807 (Samba 3.0.6 and earlier allows remote attackers to cause a denial of ...)
+CVE-2004-0807
 	- samba 3.0.7
-CVE-2004-0806 (cdrecord in the cdrtools package before 2.01, when installed setuid ...)
+CVE-2004-0806
 	- cdrtools 4:2.0+a34-2
-CVE-2004-0805 (Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s ...)
+CVE-2004-0805
 	{DSA-564-1}
 	- mpg123 0.59r-16
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2004-0804 (Vulnerability in tif_dirread.c for libtiff allows remote attackers to ...)
+CVE-2004-0804
 	{DSA-567-1}
 	- kdegraphics 3.3.2-1
 	- tiff 3.6.1-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-0803 (Multiple vulnerabilities in the RLE (run length encoding) decoders for ...)
+CVE-2004-0803
 	{DSA-567-1}
 	- kdegraphics 3.3.2-1
 	- tiff 3.6.1-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-0802 (Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote ...)
+CVE-2004-0802
 	{DSA-552-1}
 	- imlib2 1.1.0-12.4
-CVE-2004-0801 (Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows ...)
+CVE-2004-0801
 	- foomatic-filters 3.0.2
-CVE-2004-0800 (Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 ...)
+CVE-2004-0800
 	NOT-FOR-US: Solaris
-CVE-2004-0799 (The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows ...)
+CVE-2004-0799
 	NOT-FOR-US: Ipswitch WhatsUp Gold
-CVE-2004-0798 (Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp ...)
+CVE-2004-0798
 	NOT-FOR-US: Ipswitch WhatsUp Gold
-CVE-2004-0797 (The error handling in the (1) inflate and (2) inflateBack functions in ...)
+CVE-2004-0797
 	- zlib 1:1.2.1.1-6
 	[woody] - zlib <not-affected> (zlib 1.1 is not affected)
-CVE-2004-0796 (SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to ...)
+CVE-2004-0796
 	- spamassassin 2.64
-CVE-2004-0795 (DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe ...)
+CVE-2004-0795
 	NOT-FOR-US: IBM DB2 DB2RCMD.EXE
-CVE-2004-0794 (Multiple signal handler race conditions in lukemftpd (aka tnftpd ...)
+CVE-2004-0794
 	{DSA-551-1}
 	- lukemftpd 1.1-2.2 (bug #266370)
-CVE-2004-0793 (The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop ...)
+CVE-2004-0793
 	- bsdmainutils 6.0.15
-CVE-2004-0792 (Directory traversal vulnerability in the sanitize_path function in ...)
+CVE-2004-0792
 	{DSA-538}
 	- rsync 2.6.2-3
-CVE-2004-0791 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...)
+CVE-2004-0791
 	- kernel-source-2.4.27 <not-affected> (Kernel verifies the TCP sequence nr. on errors, will never abort)
 	- linux-2.6 <not-affected> (Kernel verifies the TCP sequence nr. on errors, will never abort)
-CVE-2004-0790 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...)
+CVE-2004-0790
 	- kernel-source-2.6.8 2.6.8-16 (bug #305664)
 	- kernel-source-2.4.27 2.4.27-10 (bug #305664)
-CVE-2004-0789 (Multiple implementations of the DNS protocol, including (1) Poslib ...)
+CVE-2004-0789
 	NOT-FOR-US: DNS impleementations not in Debian
-CVE-2004-0788 (Integer overflow in the ICO image decoder for (1) gdk-pixbuf before ...)
+CVE-2004-0788
 	{DSA-549-1 DSA-546-1}
 	- gtk+2.0 2.4.9-2
 	- gdk-pixbuf 0.22.0-7
-CVE-2004-0787 (Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA ...)
+CVE-2004-0787
 	NOT-FOR-US: OpenCA
-CVE-2004-0786 (The IPv6 URI parsing routines in the apr-util library for Apache ...)
+CVE-2004-0786
 	- apache <not-affected>	(not vulnerable according to http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge)
 	- apache2 2.0.51
-CVE-2004-0785 (Multiple buffer overflows in Gaim before 0.82 allow remote attackers ...)
+CVE-2004-0785
 	- gaim 1:0.82
-CVE-2004-0784 (The smiley theme functionality in Gaim before 0.82 allows remote ...)
+CVE-2004-0784
 	- gaim 1:0.82
-CVE-2004-0783 (Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM ...)
+CVE-2004-0783
 	{DSA-549-1}
 	- gtk+2.0 2.4.9-2
-CVE-2004-0782 (Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image ...)
+CVE-2004-0782
 	{DSA-549-1 DSA-546-1}
 	- gtk+2.0 2.4.9-2
 	- gdk-pixbuf 0.22.0-7
-CVE-2004-0781 (Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast ...)
+CVE-2004-0781
 	{DSA-541}
 	- icecast-server 1:1.3.12-8
-CVE-2004-0780 (Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to ...)
+CVE-2004-0780
 	NOT-FOR-US: Solaris
-CVE-2004-0779 (The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers ...)
+CVE-2004-0779
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0778 (CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote ...)
+CVE-2004-0778
 	- cvs 1:1.12.9
-CVE-2004-0777 (Format string vulnerability in the auth_debug function in Courier-IMAP ...)
+CVE-2004-0777
 	- courier 0.45.6-1 (medium; bug #266723)
 	NOTE: 0.45.6-1 is the first upload after the debug stuff rewrite
 	NOTE: mentioned in the bug report.
 CVE-2004-0776
 	RESERVED
-CVE-2004-0775 (Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in ...)
+CVE-2004-0775
 	NOT-FOR-US: Windows
-CVE-2004-0774 (RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for ...)
+CVE-2004-0774
 	NOT-FOR-US: Real Helix server
 CVE-2004-0773
 	RESERVED
-CVE-2004-0772 (Double free vulnerabilities in error handling code in krb524d for MIT ...)
+CVE-2004-0772
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0771 (Buffer overflow in the extract_one function from lhext.c in LHA may ...)
+CVE-2004-0771
 	- lha 1.14i-9 (bug #279870)
-CVE-2004-0770 (romload.c in DGen Emulator 1.23 and earlier allows local users to ...)
+CVE-2004-0770
 	- dgen 1.23-6
-CVE-2004-0769 (Buffer overflow in LHA allows remote attackers to execute arbitrary ...)
+CVE-2004-0769
 	- lha 1.14i-9 (bug #279870)
-CVE-2004-0768 (libpng 1.2.5 and earlier does not properly calculate certain buffer ...)
+CVE-2004-0768
 	{DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0767 (NGSEC StackDefender 1.10 allows attackers to cause a denial of service ...)
+CVE-2004-0767
 	NOT-FOR-US: NGSEC StackDefender
-CVE-2004-0766 (NGSEC StackDefender 2.0 allows attackers to cause a denial of service ...)
+CVE-2004-0766
 	NOT-FOR-US: NGSEC StackDefender
-CVE-2004-0765 (The cert_TestHostName function in Mozilla before 1.7, Firefox before ...)
+CVE-2004-0765
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0764 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, ...)
+CVE-2004-0764
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0763 (Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof ...)
+CVE-2004-0763
 	- mozilla-firefox 0.9.3
-CVE-2004-0762 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, ...)
+CVE-2004-0762
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0761 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, ...)
+CVE-2004-0761
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0760 (Mozilla allows remote attackers to cause Mozilla to open a URI as a ...)
+CVE-2004-0760
 	- mozilla 2:1.7.2
 	- mozilla-firefox 0.9.3
-CVE-2004-0759 (Mozilla before 1.7 allows remote web servers to read arbitrary files ...)
+CVE-2004-0759
 	- mozilla 2:1.7
-CVE-2004-0758 (Mozilla 1.5 through 1.7 allows a CA certificate to be imported even ...)
+CVE-2004-0758
 	- mozilla 2:1.7.2
 	- mozilla-firefox 0.9.3
-CVE-2004-0757 (Heap-based buffer overflow in the SendUidl in the POP3 capability for ...)
+CVE-2004-0757
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
 CVE-2004-0756
 	REJECTED
-CVE-2004-0755 (The FileStore capability in CGI::Session for Ruby before 1.8.1, and ...)
+CVE-2004-0755
 	{DSA-537}
 	- ruby1.8 1.8.1+1.8.2pre1-4
 	- ruby <removed>
-CVE-2004-0754 (Integer overflow in Gaim before 0.82 allows remote attackers to cause ...)
+CVE-2004-0754
 	- gaim 1:0.82.1-1
-CVE-2004-0753 (The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 ...)
+CVE-2004-0753
 	{DSA-546-1}
 	- gdk-pixbuf 0.22.0-7
-CVE-2004-0752 (OpenOffice (OOo) 1.1.2 creates predictable directory names with ...)
+CVE-2004-0752
 	- openoffice.org 1.1.2-4
-CVE-2004-0751 (The char_buffer_read function in the mod_ssl module for Apache 2.x, ...)
+CVE-2004-0751
 	- apache2 2.0.50-11
-CVE-2004-0750 (Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares ...)
+CVE-2004-0750
 	NOT-FOR-US: Red Hat specific
-CVE-2004-0749 (The mod_authz_svn module in Subversion 1.0.7 and earlier does not ...)
+CVE-2004-0749
 	- subversion 1.0.9-2
-CVE-2004-0748 (mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause ...)
+CVE-2004-0748
 	- apache2 2.0.51
-CVE-2004-0747 (Buffer overflow in Apache 2.0.50 and earlier allows local users to ...)
+CVE-2004-0747
 	[sarge] - apache2 <not-affected>
 	- apache2 2.0.51
-CVE-2004-0746 (Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for ...)
+CVE-2004-0746
 	[sarge] - kdelibs 4:3.2.3-3.sarge.1
 	- kdelibs 4:3.3
-CVE-2004-0745 (LHA 1.14 and earlier allows attackers to execute arbitrary commands ...)
+CVE-2004-0745
 	- lha 1.14i-10 (bug #279870)
-CVE-2004-0744 (The TCP/IP Networking component in Mac OS X before 10.3.5 allows ...)
+CVE-2004-0744
 	NOT-FOR-US: MacOS
-CVE-2004-0743 (Safari in Mac OS X before 10.3.5, after sending form data using the ...)
+CVE-2004-0743
 	NOT-FOR-US: MacOS
-CVE-2004-0742 (Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote ...)
+CVE-2004-0742
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2004-0741 (LionMax Software WWW File Share Pro 2.60 allows remote attackers to ...)
+CVE-2004-0741
 	NOT-FOR-US: LionMax Software WWW File Share Pro
-CVE-2004-0740 (The HTTP server in Lexmark T522 and possibly other models allows ...)
+CVE-2004-0740
 	NOT-FOR-US: Lexmark
-CVE-2004-0739 (Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers ...)
+CVE-2004-0739
 	NOT-FOR-US: Whisper FTP Surfer
-CVE-2004-0738 (Multiple SQL injection vulnerabilities in the Search module in ...)
+CVE-2004-0738
 	NOT-FOR-US: phpnuke
-CVE-2004-0737 (Multiple cross-site scripting vulnerabilities in index.php in the ...)
+CVE-2004-0737
 	NOT-FOR-US: phpnuke
-CVE-2004-0736 (The search module in Php-Nuke allows remote attackers to gain ...)
+CVE-2004-0736
 	NOT-FOR-US: phpnuke
-CVE-2004-0735 (Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and ...)
+CVE-2004-0735
 	NOT-FOR-US: various windows games
-CVE-2004-0734 (Web_Store.cgi allows remote attackers to execute arbitrary commands ...)
+CVE-2004-0734
 	NOT-FOR-US: Web_Store.cgi
-CVE-2004-0733 (Format string vulnerability in OllyDbg 1.10 allows remote attackers to ...)
+CVE-2004-0733
 	NOT-FOR-US: OllyDbg
-CVE-2004-0732 (SQL injection vulnerability in index.php in the Search module for ...)
+CVE-2004-0732
 	NOT-FOR-US: phpnuke
-CVE-2004-0731 (Cross-site scripting (XSS) vulnerability in index.php in the Search ...)
+CVE-2004-0731
 	NOT-FOR-US: phpnuke
-CVE-2004-0730 (Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 ...)
+CVE-2004-0730
 	- phpbb2 2.0.10
-CVE-2004-0729 (PhpBB 2.0.8 allows remote attackers to gain sensitive information via ...)
+CVE-2004-0729
 	- phpbb2 2.0.10
-CVE-2004-0728 (The Remote Control Client service in Microsoft's Systems Management ...)
+CVE-2004-0728
 	NOT-FOR-US: Microsoft
-CVE-2004-0727 (Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, ...)
+CVE-2004-0727
 	NOT-FOR-US: Microsoft
-CVE-2004-0726 (The Windows Media Player control in Microsoft Windows 2000 allows ...)
+CVE-2004-0726
 	NOT-FOR-US: Microsoft
-CVE-2004-0725 (Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 ...)
+CVE-2004-0725
 	- moodle 1.4
-CVE-2004-0724 (The Half-Life engine before July 7 2004 allows remote attackers to ...)
+CVE-2004-0724
 	NOT-FOR-US: Half Life
-CVE-2004-0723 (Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers ...)
+CVE-2004-0723
 	NOT-FOR-US: Microsoft
-CVE-2004-0722 (Integer overflow in the SOAPParameter object constructor in (1) ...)
+CVE-2004-0722
 	- mozilla 2:1.6
-CVE-2004-0721 (Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly ...)
+CVE-2004-0721
 	[sarge] - kdebase 4:3.2.3-1.sarge.1
 	[sarge] - kdelibs 4:3.2.3-3.sarge.1
 	- kdelibs 4:3.3.0-1
 	- kdebase 4:3.3.0-1
-CVE-2004-0720 (Safari 1.2.2 does not properly prevent a frame in one domain from ...)
+CVE-2004-0720
 	NOT-FOR-US: Safari
-CVE-2004-0719 (Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, ...)
+CVE-2004-0719
 	NOT-FOR-US: Microsoft
-CVE-2004-0718 (The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) ...)
+CVE-2004-0718
 	{DSA-810-1 DSA-777-1 DSA-775-1 DTSA-7-1 DTSA-8-2 DTSA-14-1}
 	NOTE: This has been fixed in mozilla-firefox 0.8 and mozilla 1.6, but recent
 	NOTE: upstream versions became vulnerable again, see
@@ -4561,80 +4561,80 @@ CVE-2004-0718 (The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) .
 	NOTE: and were fixed again, it got CVE-2005-1937 for the reversion
 	- mozilla 2:1.7.10-1 (medium)
 	- mozilla-firefox 1.0.6-1 (medium)
-CVE-2004-0717 (Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a ...)
+CVE-2004-0717
 	NOT-FOR-US: opera 7.50
-CVE-2004-0716 (Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper ...)
+CVE-2004-0716
 	NOT-FOR-US: HP-UX
-CVE-2004-0715 (The WebLogic Authentication provider for BEA WebLogic Server and ...)
+CVE-2004-0715
 	NOT-FOR-US: BEA WebLogic Server and WebLogic Express
-CVE-2004-0714 (Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts ...)
+CVE-2004-0714
 	NOT-FOR-US: Cisco
-CVE-2004-0713 (The remove method in a stateful Enterprise JavaBean (EJB) in BEA ...)
+CVE-2004-0713
 	NOT-FOR-US: BEA WebLogic Server and WebLogic Express
-CVE-2004-0712 (The configuration tools (1) config.sh in Unix or (2) config.cmd in ...)
+CVE-2004-0712
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-0711 (The URL pattern matching feature in BEA WebLogic Server 6.x matches ...)
+CVE-2004-0711
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-0710 (IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series ...)
+CVE-2004-0710
 	NOT-FOR-US: Cisco
-CVE-2004-0709 (HP OpenView Select Access 5.0 through 6.0 does not correctly decode ...)
+CVE-2004-0709
 	NOT-FOR-US: HP OpenView Select Access
-CVE-2004-0708 (MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges ...)
+CVE-2004-0708
 	- moin 1.2.2
-CVE-2004-0707 (SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before ...)
+CVE-2004-0707
 	- bugzilla 2.16.7-0.1
-CVE-2004-0706 (Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, ...)
+CVE-2004-0706
 	[woody] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	[sarge] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	- bugzilla 2.18-1
-CVE-2004-0705 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2004-0705
 	- bugzilla 2.16.7-0.1
-CVE-2004-0704 (Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in ...)
+CVE-2004-0704
 	- bugzilla 2.16.7-0.1
-CVE-2004-0703 (Unknown vulnerability in the administrative controls in Bugzilla ...)
+CVE-2004-0703
 	[woody] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	[sarge] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	- bugzilla 2.18-1
-CVE-2004-0702 (DBI in Bugzilla 2.17.1 through 2.17.7 displays the database password ...)
+CVE-2004-0702
 	[woody] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	[sarge] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	- bugzilla 2.18-1
-CVE-2004-0701 (Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 ...)
+CVE-2004-0701
 	NOT-FOR-US: Solaris
-CVE-2004-0700 (Format string vulnerability in the mod_proxy hook functions function ...)
+CVE-2004-0700
 	{DSA-532}
 	- libapache-mod-ssl 2.8.19-1
-CVE-2004-0699 (Heap-based buffer overflow in ASN.1 decoding library in Check Point ...)
+CVE-2004-0699
 	NOT-FOR-US: Check Point VPN
-CVE-2004-0698 (4D WebSTAR 5.3.2 and earlier allows local users to read and modify ...)
+CVE-2004-0698
 	NOT-FOR-US: WebSTAR
-CVE-2004-0697 (Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote ...)
+CVE-2004-0697
 	NOT-FOR-US: WebSTAR
-CVE-2004-0696 (The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows ...)
+CVE-2004-0696
 	NOT-FOR-US: WebSTAR
-CVE-2004-0695 (Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 ...)
+CVE-2004-0695
 	NOT-FOR-US: WebSTAR
-CVE-2004-0694 (Buffer overflow in LHA 1.14 and earlier allows remote attackers to ...)
+CVE-2004-0694
 	- lha 1.14i-10 (bug #279870)
-CVE-2004-0693 (The GIF parser in the QT library (qt3) before 3.3.3 allows remote ...)
+CVE-2004-0693
 	{DSA-542-1}
 	- qt-x11-free 3:3.3.3-4
 	- qt-copy <removed>
-CVE-2004-0692 (The XPM parser in the QT library (qt3) before 3.3.3 allows remote ...)
+CVE-2004-0692
 	{DSA-542-1}
 	- qt-x11-free 3:3.3.3-4
 	- qt-copy <removed>
-CVE-2004-0691 (Heap-based buffer overflow in the BMP image format parser for the QT ...)
+CVE-2004-0691
 	{DSA-542-1}
 	- qt-x11-free 3:3.3.3-4
 	- qt-copy <removed>
-CVE-2004-0690 (The DCOPServer in KDE 3.2.3 and earlier allows local users to gain ...)
+CVE-2004-0690
 	[sarge] - kdelibs 4:3.2.3-3.sarge.1
 	- kdelibs 4:3.3.0-1
-CVE-2004-0689 (KDE before 3.3.0 does not properly handle when certain symbolic links ...)
+CVE-2004-0689
 	{DSA-539}
 	- kdelibs 4:3.3.0-1
-CVE-2004-0688 (Multiple integer overflows in (1) the xpmParseColors function in ...)
+CVE-2004-0688
 	{DSA-561-1 DSA-560-1}
 	NOTE: Matej Vela has checked that these are backported to lesstif1 as well
 	- lesstif1-1 1:0.93.94-10
@@ -4642,7 +4642,7 @@ CVE-2004-0688 (Multiple integer overflows in (1) the xpmParseColors function in
 	[sarge] - openmotif <no-dsa> (Non-free)
 	- xfree86 4.3.0.dfsg.1-8
 	- xorg-x11 <not-affected> (Fixed before introduction into archive)
-CVE-2004-0687 (Multiple stack-based buffer overflows in (1) xpmParseColors in ...)
+CVE-2004-0687
 	{DSA-561-1 DSA-560-1}
 	NOTE: Matej Vela has checked that these are backported to lesstif1 as well
 	- lesstif1-1 1:0.93.94-10
@@ -4650,572 +4650,572 @@ CVE-2004-0687 (Multiple stack-based buffer overflows in (1) xpmParseColors in ..
 	[sarge] - openmotif <no-dsa> (Non-free)
 	- xfree86 4.3.0.dfsg.1-8
 	- xorg-x11 <not-affected> (Fixed before introduction into archive)
-CVE-2004-0686 (Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the ...)
+CVE-2004-0686
 	- samba 3.0.5 (bug #260839; bug #260838)
-CVE-2004-0685 (Certain USB drivers in the Linux 2.4 kernel use the copy_to_user ...)
+CVE-2004-0685
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 2.4.27-1
-CVE-2004-0684 (WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, ...)
+CVE-2004-0684
 	NOT-FOR-US: WebSphere Edge Server
-CVE-2004-0683 (Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to ...)
+CVE-2004-0683
 	NOT-FOR-US: Norton
-CVE-2004-0682 (comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other ...)
+CVE-2004-0682
 	NOT-FOR-US: Comersus Cart
-CVE-2004-0681 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2004-0681
 	NOT-FOR-US: Comersus Cart
-CVE-2004-0680 (Zoom X3 ADSL modem has a terminal running on port 254 that can be ...)
+CVE-2004-0680
 	NOT-FOR-US: Zoom DSL modem
-CVE-2004-0679 (The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly ...)
+CVE-2004-0679
 	NOT-FOR-US: UnrealIRCd
-CVE-2004-0678 (Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in ...)
+CVE-2004-0678
 	NOT-FOR-US: 12Planet Chat Server
-CVE-2004-0677 (Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote ...)
+CVE-2004-0677
 	NOT-FOR-US: Fastream NETFile FTP Server
-CVE-2004-0676 (Directory traversal vulnerability in Fastream NETFile FTP/Web Server ...)
+CVE-2004-0676
 	NOT-FOR-US: Fastream NETFile FTP Server
-CVE-2004-0675 (Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) ...)
+CVE-2004-0675
 	NOT-FOR-US: c32web.exe
-CVE-2004-0674 (Enterasys XSR-1800 series Security Routers, when running firmware ...)
+CVE-2004-0674
 	NOT-FOR-US: Enterasys XSR-1800 series Security Routers
-CVE-2004-0673 (Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server ...)
+CVE-2004-0673
 	NOT-FOR-US: SCI Photo Chat Server
-CVE-2004-0672 (Multiple cross-site scripting (XSS) vulnerabilities in the primary and ...)
+CVE-2004-0672
 	NOT-FOR-US: Netegrity IdentityMinder Web Edition
-CVE-2004-0671 (Brightmail Spamfilter 6.0 and earlier beta releases allows remote ...)
+CVE-2004-0671
 	NOT-FOR-US: Brightmail Spamfilter
-CVE-2004-0670 (Prestige 650HW-31 running Rompager 4.7 software allows remote ...)
+CVE-2004-0670
 	NOT-FOR-US: Rompager
-CVE-2004-0669 (Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote ...)
+CVE-2004-0669
 	NOT-FOR-US: Lotus
-CVE-2004-0668 (Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a ...)
+CVE-2004-0668
 	NOT-FOR-US: Lotus
-CVE-2004-0667 (Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows ...)
+CVE-2004-0667
 	NOTE: kernel-patch-adamantix contain the RSBAC patch v1.2.2 and is vulnerable.
 	- kernel-patch-adamantix 1.6
-CVE-2004-0666 (Off-by-one error in the POP3_readmsg function in popclient 3.0b6 ...)
+CVE-2004-0666
 	NOT-FOR-US: popclient
-CVE-2004-0665 (csFAQ.cgi in csFAQ allows remote attackers to gain sensitive ...)
+CVE-2004-0665
 	NOT-FOR-US: csFAQ
-CVE-2004-0664 (Directory traversal vulnerability in modules.php in PowerPortal 1.x ...)
+CVE-2004-0664
 	NOT-FOR-US: PowerPortal
-CVE-2004-0663 (Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal ...)
+CVE-2004-0663
 	NOT-FOR-US: PowerPortal
-CVE-2004-0662 (PowerPortal 1.x allows remote attackers to gain sensitive information ...)
+CVE-2004-0662
 	NOT-FOR-US: PowerPortal
-CVE-2004-0661 (Integer signedness error in D-Link AirPlus DI-614+ running firmware ...)
+CVE-2004-0661
 	NOT-FOR-US: D-Link AirPlus DI-614+
-CVE-2004-0660 (Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) ...)
+CVE-2004-0660
 	NOT-FOR-US: CuteNews
-CVE-2004-0659 (Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 ...)
+CVE-2004-0659
 	- mplayer <not-affected> (fixed before upload in archive; 1.0pre5)
-CVE-2004-0658 (Integer overflow in the hpsb_alloc_packet function (incorrectly ...)
+CVE-2004-0658
 	- linux-2.6 <not-affected> (Invalid, according to Ben Collins)
 	- kernel-source-2.4.27 <not-affected> (Invalid, according to Ben Collins)
-CVE-2004-0657 (Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP ...)
+CVE-2004-0657
 	- ntp 4.0
-CVE-2004-0656 (The accept_client function in PureFTPd 1.0.18 and earlier allows ...)
+CVE-2004-0656
 	- pure-ftpd 1.0.19-1
-CVE-2004-0655 (eupdatedb in esearch 0.6.1 and earlier allows local users to create ...)
+CVE-2004-0655
 	NOT-FOR-US: Gentoo specific
-CVE-2004-0654 (Unknown vulnerability in the Basic Security Module (BSM), when ...)
+CVE-2004-0654
 	NOT-FOR-US: Solaris
-CVE-2004-0653 (Solaris 9, when configured as a Kerberos client with patch 112908-12 ...)
+CVE-2004-0653
 	NOT-FOR-US: Solaris
-CVE-2004-0652 (BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack ...)
+CVE-2004-0652
 	NOT-FOR-US: BEA WebLogic Server and WebLogic Express
-CVE-2004-0651 (Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 ...)
+CVE-2004-0651
 	NOT-FOR-US: Sun JRE
-CVE-2004-0650 (UploadServlet in Cisco Collaboration Server (CCS) running ServletExec ...)
+CVE-2004-0650
 	NOT-FOR-US: Cisco
-CVE-2004-0649 (Buffer overflow in write_packet in control.c for l2tpd may allow ...)
+CVE-2004-0649
 	{DSA-530}
 	- l2tpd 0.70-pre20031121-2
-CVE-2004-0648 (Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird ...)
+CVE-2004-0648
 	- mozilla 2:1.7.1
 	- mozilla-firefox 0.9.2
 	- mozilla-thunderbird 0.7.2
-CVE-2004-0647 (shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local ...)
+CVE-2004-0647
 	- shorewall 2.0.3a
-CVE-2004-0646 (Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 ...)
+CVE-2004-0646
 	NOT-FOR-US: JRun
-CVE-2004-0645 (Buffer overflow in the wvHandleDateTimePicture function in wv library ...)
+CVE-2004-0645
 	{DSA-579-1 DSA-550-1}
 	- abiword 2.0.8
 	- wv 1.0.2-0.1 (bug #264972)
 	NOTE: fixed version of abiword based on http://xforce.iss.net/xforce/xfdb/16660
-CVE-2004-0644 (The asn1buf_skiptail function in the ASN.1 decoder library for MIT ...)
+CVE-2004-0644
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0643 (Double free vulnerability in the krb5_rd_cred function for MIT ...)
+CVE-2004-0643
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0642 (Double free vulnerabilities in the error handling code for ASN.1 ...)
+CVE-2004-0642
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0641 (Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and ...)
+CVE-2004-0641
 	NOT-FOR-US: Thomson hardware ADSL router
-CVE-2004-0640 (Format string vulnerability in the SSL_set_verify function in ...)
+CVE-2004-0640
 	{DSA-529}
 	- netkit-telnet-ssl 0.17.24+0.1-2
-CVE-2004-0639 (Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail ...)
+CVE-2004-0639
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0638 (Buffer overflow in the KSDWRTB function in the dbms_system package ...)
+CVE-2004-0638
 	NOT-FOR-US: Oracle
-CVE-2004-0637 (Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to ...)
+CVE-2004-0637
 	NOT-FOR-US: Oracle
-CVE-2004-0636 (Buffer overflow in the goaway function in the aim:goaway URI handler ...)
+CVE-2004-0636
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2004-0635 (The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote ...)
+CVE-2004-0635
 	{DSA-528}
 	- ethereal 0.10.5-1
-CVE-2004-0634 (The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows ...)
+CVE-2004-0634
 	- ethereal 0.10.5
 	[woody] - ethereal <not-affected> (Not vulnerable according to DSA-528)
-CVE-2004-0633 (The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote ...)
+CVE-2004-0633
 	- ethereal 0.10.5
 	[woody] - ethereal <not-affected> (Not vulnerable according to DSA-528)
-CVE-2004-0632 (Adobe Reader 6.0 does not properly handle null characters when ...)
+CVE-2004-0632
 	NOT-FOR-US: adobe reader
-CVE-2004-0631 (Buffer overflow in the uudecoding feature for Adobe Acrobat Reader ...)
+CVE-2004-0631
 	NOT-FOR-US: adobe acrobat
-CVE-2004-0630 (The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for ...)
+CVE-2004-0630
 	NOT-FOR-US: adobe acrobat
-CVE-2004-0629 (Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat ...)
+CVE-2004-0629
 	NOT-FOR-US: adobe acrobat
-CVE-2004-0628 (Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, ...)
+CVE-2004-0628
 	- mysql <not-affected> (Apparently 3.2 not exploitable, see #330164)
 	- mysql-dfsg <not-affected> (Apparently 4.0 not exploitable, see #330164)
 	- mysql-dfsg-4.1 <not-affected> (fixed before first upload; in 4.1.3)
 	- mysql-dfsg-5.0 <not-affected> (fixed before first upload; in 5.0.0)
-CVE-2004-0627 (The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, ...)
+CVE-2004-0627
 	- mysql <not-affected> (Apparently 3.2 not exploitable, see #330164)
 	- mysql-dfsg <not-affected> (Apparently 4.0 not exploitable, see #330164)
 	- mysql-dfsg-4.1 4.1.11a-1 (bug #330164; bug #380507; medium)
 	- mysql-dfsg-5.0 <not-affected> (Was fixed before MySQL 5.0 was uploaded into the archive)
-CVE-2004-0626 (The tcp_find_option function of the netfilter subsystem in Linux ...)
+CVE-2004-0626
 	[sarge] - kernel-source-2.6.8 2.6.8-1
 	- kernel-source-2.4.27 <not-affected>
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8)
-CVE-2004-0625 (SQL injection vulnerability in Infinity WEB 1.0 allows remote ...)
+CVE-2004-0625
 	NOT-FOR-US: Infinity WEB
-CVE-2004-0624 (PHP remote file inclusion vulnerability in index.php for Artmedic ...)
+CVE-2004-0624
 	NOT-FOR-US: Artmedic links
-CVE-2004-0623 (Format string vulnerability in misc.c in GNU GNATS 4.00 may allow ...)
+CVE-2004-0623
 	{DSA-590-1}
 	- gnats 4.0-6.1
-CVE-2004-0622 (Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does ...)
+CVE-2004-0622
 	NOT-FOR-US: MacOS
-CVE-2004-0621 (admin.php in Newsletter ZWS allows remote attackers to gain ...)
+CVE-2004-0621
 	NOT-FOR-US: Newsletter ZWS
-CVE-2004-0620 (Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) ...)
+CVE-2004-0620
 	NOT-FOR-US: vBulletin
-CVE-2004-0619 (Integer overflow in the ubsec_keysetup function for Linux Broadcom ...)
+CVE-2004-0619
 	NOT-FOR-US: Linux Broadcom 5820 cryptonet driver
 	NOTE: does not seem to be part of linux kernel or other package
-CVE-2004-0618 (FreeBSD 5.1 for the Alpha processor allows local users to cause a ...)
+CVE-2004-0618
 	NOT-FOR-US: freebsd
-CVE-2004-0617 (Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows ...)
+CVE-2004-0617
 	NOT-FOR-US: ArbitroWeb
-CVE-2004-0616 (The BT Voyager 2000 Wireless ADSL Router has a default public SNMP ...)
+CVE-2004-0616
 	NOT-FOR-US: BT Voyager 2000 Wireless ADSL Router
-CVE-2004-0615 (Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router ...)
+CVE-2004-0615
 	NOT-FOR-US: D-Link DI-614+ SOHO router
-CVE-2004-0614 (osTicket trusts a hidden form field in the submit form to limit the ...)
+CVE-2004-0614
 	NOT-FOR-US: osTicket
-CVE-2004-0613 (osTicket allows remote attackers to view sensitive uploaded files and ...)
+CVE-2004-0613
 	NOT-FOR-US: osTicket
-CVE-2004-0612 (The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter ...)
+CVE-2004-0612
 	NOT-FOR-US: ZoneAlarm Pro
-CVE-2004-0611 (Web-Based Administration in Netgear FVS318 VPN Router allows remote ...)
+CVE-2004-0611
 	NOT-FOR-US: Netgear FVS318 VPN Router
-CVE-2004-0610 (The Web administration interface in Microsoft MN-500 Wireless Router ...)
+CVE-2004-0610
 	NOT-FOR-US: Microsoft MN-500 Wireless Router
-CVE-2004-0609 (rssh 2.0 through 2.1.x expands command line arguments before entering ...)
+CVE-2004-0609
 	- rssh 2.2.1
-CVE-2004-0608 (The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation ...)
+CVE-2004-0608
 	NOT-FOR-US: Unreal Engine
-CVE-2004-0607 (The eay_check_x509cert function in KAME Racoon successfully verifies ...)
+CVE-2004-0607
 	- ipsec-tools 0.3.3-1
-CVE-2004-0606 (Cross-site scripting (XSS) vulnerability in Infoblox DNS One running ...)
+CVE-2004-0606
 	NOT-FOR-US: Infoblox DNS One
-CVE-2004-0605 (Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ...)
+CVE-2004-0605
 	NOTE: Dossibly fixed in ircd-hybrid 7.0.2: "fixed flood limit bug".
-CVE-2004-0604 (The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows ...)
+CVE-2004-0604
 	NOT-FOR-US: giFT-FastTrack not in debian
-CVE-2004-0603 (gzexe in gzip 1.3.3 and earlier will execute an argument when the ...)
+CVE-2004-0603
 	- gzip <not-affected> (Gentoo-specific bug in gzip introduced by botched security fix)
-CVE-2004-0602 (The binary compatibility mode for FreeBSD 4.x and 5.x does not ...)
+CVE-2004-0602
 	NOT-FOR-US: FreeBSD
-CVE-2004-0601 (distcc before 2.16, when running on 64-bit platforms, does not ...)
+CVE-2004-0601
 	- distcc 2.18.1-4
-CVE-2004-0600 (Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba ...)
+CVE-2004-0600
 	- samba 3.0.5 (bug #260838)
-CVE-2004-0599 (Multiple integer overflows in the (1) png_read_png in pngread.c or (2) ...)
+CVE-2004-0599
 	{DSA-571-1 DSA-570-1 DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0598 (The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote ...)
+CVE-2004-0598
 	{DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0597 (Multiple buffer overflows in libpng 1.2.5 and earlier, as used in ...)
+CVE-2004-0597
 	{DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0596 (The Equalizer Load-balancer for serial network interfaces (eql.c) in ...)
+CVE-2004-0596
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2004-0595 (The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to ...)
+CVE-2004-0595
 	{DSA-669-1 DSA-531}
 	- php3 3:3.0.18-27
 	- php4 4:4.3.8-1
-CVE-2004-0594 (The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to ...)
+CVE-2004-0594
 	{DSA-669-1 DSA-531}
 	- php4 4:4.3.8-1
-CVE-2004-0593 (Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before ...)
+CVE-2004-0593
 	NOT-FOR-US: Sygate Enforcer
-CVE-2004-0592 (The tcp_find_option function of the netfilter subsystem for IPv6 in ...)
+CVE-2004-0592
 	NOT-FOR-US: linux 2.4 with usagi patches
-CVE-2004-0591 (Cross-site scripting (XSS) vulnerability in the print_header_uc ...)
+CVE-2004-0591
 	{DSA-533}
 	- courier 0.45.4-4
-CVE-2004-0590 (FreeS/WAN 1.x and 2.x, and other related products including ...)
+CVE-2004-0590
 	- freeswan 2.04-10
 	- openswan 2.2.0
-CVE-2004-0589 (Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when ...)
+CVE-2004-0589
 	NOT-FOR-US: Cisco
-CVE-2004-0588 (Cross-site scripting (XSS) vulnerability in the web mail module for ...)
+CVE-2004-0588
 	- usermin 1.090-1
-CVE-2004-0587 (Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in ...)
+CVE-2004-0587
 	- qla2x00 7.01.01-1
-CVE-2004-0586 (acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary ...)
+CVE-2004-0586
 	NOT-FOR-US: Windows
 CVE-2004-0585
 	REJECTED
-CVE-2004-0584 (Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a ...)
+CVE-2004-0584
 	- imp3 3.2.4
-CVE-2004-0583 (The account lockout functionality in (1) Webmin 1.140 and (2) Usermin ...)
+CVE-2004-0583
 	{DSA-526}
 	- usermin 1.090-1
 	- webmin 1.150-1
-CVE-2004-0582 (Unknown vulnerability in Webmin 1.140 allows remote attackers to ...)
+CVE-2004-0582
 	{DSA-526}
 	- usermin 1.090-1
 	- webmin 1.150-1
-CVE-2004-0581 (ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate ...)
+CVE-2004-0581
 	NOT-FOR-US: Mandrake script
-CVE-2004-0580 (DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL ...)
+CVE-2004-0580
 	NOT-FOR-US: Linksys routers
-CVE-2004-0579 (Format string vulnerability in super before 3.23 allows local users to ...)
+CVE-2004-0579
 	{DSA-522}
 	- super 3.23.0-1
-CVE-2004-0578 (WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions ...)
+CVE-2004-0578
 	NOT-FOR-US: Wingate
-CVE-2004-0577 (WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions ...)
+CVE-2004-0577
 	NOT-FOR-US: Wingate
-CVE-2004-0576 (The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the ...)
+CVE-2004-0576
 	NOT-FOR-US: GNU radius
-CVE-2004-0575 (Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP ...)
+CVE-2004-0575
 	NOT-FOR-US: Windows
-CVE-2004-0574 (The Network News Transfer Protocol (NNTP) component of Microsoft ...)
+CVE-2004-0574
 	NOT-FOR-US: Windows
-CVE-2004-0573 (Buffer overflow in the converter for Microsoft WordPerfect 5.x on ...)
+CVE-2004-0573
 	NOT-FOR-US: Windows
-CVE-2004-0572 (Buffer overflow in the Windows Program Group Converter (grpconv.exe) ...)
+CVE-2004-0572
 	NOT-FOR-US: Windows
-CVE-2004-0571 (Microsoft Word for Windows 6.0 Converter does not properly validate ...)
+CVE-2004-0571
 	NOT-FOR-US: Microsoft
 CVE-2004-0570
 	RESERVED
-CVE-2004-0569 (The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote ...)
+CVE-2004-0569
 	NOT-FOR-US: Windows
-CVE-2004-0568 (HyperTerminal application for Windows NT 4.0, Windows 2000, Windows ...)
+CVE-2004-0568
 	NOT-FOR-US: HyperTerminal
-CVE-2004-0567 (The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP ...)
+CVE-2004-0567
 	NOT-FOR-US: Windows
-CVE-2004-0566 (Integer overflow in imgbmp.cxx for Windows 2000 allows remote ...)
+CVE-2004-0566
 	NOT-FOR-US: Windows
-CVE-2004-0565 (Floating point information leak in the context switch code for Linux ...)
+CVE-2004-0565
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 <not-affected> (fixed before first upload)
-CVE-2004-0564 (Roaring Penguin pppoe (rp-ppoe), if installed or configured to run ...)
+CVE-2004-0564
 	{DSA-557-1}
 	- rp-pppoe 3.5-4 (bug #343264)
-CVE-2004-0563 (The tspc.conf configuration file in freenet6 before 0.9.6 and before ...)
+CVE-2004-0563
 	{DSA-555-1}
 	- freenet6 1.0-2.2
 CVE-2004-0562
 	REJECTED
-CVE-2004-0561 (Format string vulnerability in the log routine for gopher daemon ...)
+CVE-2004-0561
 	{DSA-638-1}
 	- gopher 3.0.6
 	NOTE: removed, deprecated in favor of pygopherd
-CVE-2004-0560 (Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote ...)
+CVE-2004-0560
 	{DSA-638-1}
 	- gopher 3.0.6
 	NOTE: removed, deprecated in favor of pygopherd
-CVE-2004-0559 (The maketemp.pl script in Usermin 1.070 and 1.080 allows local users ...)
+CVE-2004-0559
 	{DSA-544-1}
 	- webmin 1.160-1
 	- usermin 1.090-1
-CVE-2004-0558 (The Internet Printing Protocol (IPP) implementation in CUPS before ...)
+CVE-2004-0558
 	{DSA-545-1}
 	- cups 1.1.20final+rc1-6
 	- cupsys 1.1.20final+rc1-6
-CVE-2004-0557 (Multiple buffer overflows in the st_wavstartread function in wav.c for ...)
+CVE-2004-0557
 	{DSA-565-1}
 	- sox 12.17.4-9 (bug #262083)
 CVE-2004-0556
 	REJECTED
-CVE-2004-0555 (Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 ...)
+CVE-2004-0555
 	{DSA-643-1}
 	- queue 1.30.1-5
-CVE-2004-0554 (Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a ...)
+CVE-2004-0554
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 2.6.12-1 (bug #261521)
 CVE-2004-0553
 	RESERVED
-CVE-2004-0552 (Sophos Small Business Suite 1.00 on Windows does not properly handle ...)
+CVE-2004-0552
 	NOT-FOR-US: Sophos Small Business Suite
-CVE-2004-0551 (Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and ...)
+CVE-2004-0551
 	NOT-FOR-US: Cisco
-CVE-2004-0550 (Buffer overflow in Real Networks RealPlayer 10 allows remote attackers ...)
+CVE-2004-0550
 	NOT-FOR-US: Real Player
-CVE-2004-0549 (The WebBrowser ActiveX control, or the Internet Explorer HTML ...)
+CVE-2004-0549
 	NOT-FOR-US: Windows
-CVE-2004-0548 (Multiple stack-based buffer overflows in the word-list-compress ...)
+CVE-2004-0548
 	- aspell 0.50.5-3
-CVE-2004-0547 (Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows ...)
+CVE-2004-0547
 	{DSA-516}
 	- postgresql 07.03.0200-3
 CVE-2004-0546
 	RESERVED
-CVE-2004-0545 (LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary ...)
+CVE-2004-0545
 	NOT-FOR-US: AIX
-CVE-2004-0544 (Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users ...)
+CVE-2004-0544
 	NOT-FOR-US: AIX
-CVE-2004-0543 (Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and ...)
+CVE-2004-0543
 	NOT-FOR-US: Oracle
-CVE-2004-0542 (PHP before 4.3.7 on Win32 platforms does not properly filter all shell ...)
+CVE-2004-0542
 	- php4 <not-affected> (Only affects Windows)
-CVE-2004-0541 (Buffer overflow in the ntlm_check_auth (NTLM authentication) function ...)
+CVE-2004-0541
 	- squid 2.5.5-5
-CVE-2004-0540 (Microsoft Windows 2000, when running in a domain whose Fully Qualified ...)
+CVE-2004-0540
 	NOT-FOR-US: Windows
-CVE-2004-0539 (The &quot;Show in Finder&quot; button in the Safari web browser in Mac OS X ...)
+CVE-2004-0539
 	NOT-FOR-US: MacOS
-CVE-2004-0538 (LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers ...)
+CVE-2004-0538
 	NOT-FOR-US: MacOS
-CVE-2004-0537 (Opera 7.50 and earlier allows remote web sites to provide a &quot;Shortcut ...)
+CVE-2004-0537
 	NOT-FOR-US: Opera
-CVE-2004-0536 (Format string vulnerability in Tripwire commercial 4.0.1 and earlier, ...)
+CVE-2004-0536
 	- tripwire 2.3.1.2.0-2.1
-CVE-2004-0535 (The e1000 driver for Linux kernel 2.4.26 and earlier does not properly ...)
+CVE-2004-0535
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.6)
-CVE-2004-0534 (Cross-site scripting (XSS) vulnerability in Business Objects InfoView ...)
+CVE-2004-0534
 	NOT-FOR-US: Business Objects WebIntelligence
-CVE-2004-0533 (Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces ...)
+CVE-2004-0533
 	NOT-FOR-US: Business Objects WebIntelligence
 CVE-2004-0532
 	RESERVED
 CVE-2004-0531
 	RESERVED
-CVE-2004-0530 (The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a ...)
+CVE-2004-0530
 	- php4 <not-affected> (Slackware specific rpath issue)
-CVE-2004-0529 (The modified suexec program in cPanel, when configured for mod_php and ...)
+CVE-2004-0529
 	NOT-FOR-US: cPanel is not our cpanel
-CVE-2004-0528 (Netscape Navigator 7.1 allows remote attackers to spoof a legitimate ...)
+CVE-2004-0528
 	NOT-FOR-US: Netscape Navigator 7.1
-CVE-2004-0527 (KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a ...)
+CVE-2004-0527
 	- kdebase 2.2.3
-CVE-2004-0526 (Unknown versions of Internet Explorer and Outlook allow remote ...)
+CVE-2004-0526
 	NOT-FOR-US: Windows
-CVE-2004-0525 (HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 ...)
+CVE-2004-0525
 	NOT-FOR-US: iLO
-CVE-2004-0524 (Buffer overflow in the chpasswd command in the Change_passwd plugin ...)
+CVE-2004-0524
 	NOT-FOR-US: Change_passwd SquirrelMail plugin not present in debian
-CVE-2004-0523 (Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos ...)
+CVE-2004-0523
 	{DSA-520}
 	- krb5 1.3.3-2
-CVE-2004-0522 (Gallery 1.4.3 and earlier allows remote attackers to bypass ...)
+CVE-2004-0522
 	{DSA-512}
 	- gallery 1.4.3-pl2-1
-CVE-2004-0521 (SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows ...)
+CVE-2004-0521
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0520 (Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail ...)
+CVE-2004-0520
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0519 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail ...)
+CVE-2004-0519
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0518 (Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related ...)
+CVE-2004-0518
 	NOT-FOR-US: MacOS
-CVE-2004-0517 (Unknown vulnerability in Mac OS X 10.3.4, related to &quot;handling of ...)
+CVE-2004-0517
 	NOT-FOR-US: MacOS
-CVE-2004-0516 (Unknown vulnerability in Mac OS X 10.3.4, related to &quot;package ...)
+CVE-2004-0516
 	NOT-FOR-US: MacOS
-CVE-2004-0515 (Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to ...)
+CVE-2004-0515
 	NOT-FOR-US: MacOS
-CVE-2004-0514 (Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to ...)
+CVE-2004-0514
 	NOT-FOR-US: MacOS
-CVE-2004-0513 (Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact ...)
+CVE-2004-0513
 	NOT-FOR-US: MacOS
-CVE-2004-0512 (Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and ...)
+CVE-2004-0512
 	NOT-FOR-US: SCO MMDF
-CVE-2004-0511 (Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and ...)
+CVE-2004-0511
 	NOT-FOR-US: SCO MMDF
-CVE-2004-0510 (Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and ...)
+CVE-2004-0510
 	NOT-FOR-US: SCO MMDF
 CVE-2004-0509
 	RESERVED
 CVE-2004-0508
 	RESERVED
-CVE-2004-0507 (Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 ...)
+CVE-2004-0507
 	- ethereal 0.10.4
-CVE-2004-0506 (The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote ...)
+CVE-2004-0506
 	- ethereal 0.10.4
-CVE-2004-0505 (The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause ...)
+CVE-2004-0505
 	- ethereal 0.10.4
-CVE-2004-0504 (Ethereal 0.10.3 allows remote attackers to cause a denial of service ...)
+CVE-2004-0504
 	- ethereal 0.10.4
-CVE-2004-0503 (Microsoft Outlook 2003 allows remote attackers to bypass the default ...)
+CVE-2004-0503
 	NOT-FOR-US: Microsoft
-CVE-2004-0502 (Outlook 2003, when replying to an e-mail message, stores certain files ...)
+CVE-2004-0502
 	NOT-FOR-US: Microsoft
-CVE-2004-0501 (Outlook 2003 allows remote attackers to bypass intended access ...)
+CVE-2004-0501
 	NOT-FOR-US: Microsoft
-CVE-2004-0500 (Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c ...)
+CVE-2004-0500
 	- gaim 1:0.81-3
 CVE-2004-0499
 	REJECTED
-CVE-2004-0498 (The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and ...)
+CVE-2004-0498
 	NOT-FOR-US: StoneSoft firewall engine
-CVE-2004-0497 (Unknown vulnerability in Linux kernel 2.x may allow local users to ...)
+CVE-2004-0497
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
-CVE-2004-0496 (Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users ...)
+CVE-2004-0496
 	NOTE: fixed in 2.6.7
-CVE-2004-0495 (Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow ...)
+CVE-2004-0495
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.27-rc1)
-CVE-2004-0494 (Multiple extfs backend scripts for GNOME virtual file system (VFS) ...)
+CVE-2004-0494
 	- gnome-vfs 1.0.1
-CVE-2004-0493 (The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows ...)
+CVE-2004-0493
 	- apache2 2.0.50-1
-CVE-2004-0492 (Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache ...)
+CVE-2004-0492
 	{DSA-525}
 	- apache 1.3.31-2
-CVE-2004-0491 (The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not ...)
+CVE-2004-0491
 	NOTE: appears redhat specific
-CVE-2004-0490 (cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec ...)
+CVE-2004-0490
 	NOT-FOR-US: cPanel is not our cpanel
-CVE-2004-0489 (Argument injection vulnerability in the SSH URI handler for Safari on ...)
+CVE-2004-0489
 	NOT-FOR-US: MacOS
-CVE-2004-0488 (Stack-based buffer overflow in the ssl_util_uuencode_binary function ...)
+CVE-2004-0488
 	{DSA-532}
 	- apache2 2.0.50-1
 	- libapache-mod-ssl 2.8.19-1
-CVE-2004-0487 (A certain ActiveX control in Symantec Norton AntiVirus 2004 allows ...)
+CVE-2004-0487
 	NOT-FOR-US: Norton
-CVE-2004-0486 (HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did ...)
+CVE-2004-0486
 	NOT-FOR-US: MacOS
-CVE-2004-0485 (The default protocol helper for the disk: URI on Mac OS X 10.3.3 and ...)
+CVE-2004-0485
 	NOT-FOR-US: MacOS
-CVE-2004-0484 (mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to ...)
+CVE-2004-0484
 	NOT-FOR-US: Microsoft
-CVE-2004-0483 (Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote ...)
+CVE-2004-0483
 	NOT-FOR-US: IRIX
-CVE-2004-0482 (Multiple integer overflows in (1) procfs_cmdline.c, (2) ...)
+CVE-2004-0482
 	NOT-FOR-US: OpenBSD
-CVE-2004-0481 (The logging feature in kcms_configure in the KCMS package on Solaris 8 ...)
+CVE-2004-0481
 	NOT-FOR-US: the KCMS on Solaris
-CVE-2004-0480 (Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 ...)
+CVE-2004-0480
 	NOT-FOR-US: Lotus Notes
-CVE-2004-0479 (Internet Explorer 6 allows remote attackers to cause a denial of ...)
+CVE-2004-0479
 	NOT-FOR-US: Microsoft
-CVE-2004-0478 (Unknown versions of Mozilla allow remote attackers to cause a denial ...)
+CVE-2004-0478
 	NOTE: only a Mozilla DOS
-CVE-2004-0477 (Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router ...)
+CVE-2004-0477
 	NOT-FOR-US: 3Com OfficeConnect Remote 812 ADSL Router
-CVE-2004-0476 (Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 ...)
+CVE-2004-0476
 	NOT-FOR-US: 3Com OfficeConnect Remote 812 ADSL Router
-CVE-2004-0475 (The showHelp function in Internet Explorer 6 on Windows XP Pro allows ...)
+CVE-2004-0475
 	NOT-FOR-US: Microsoft
-CVE-2004-0474 (Help Center (HelpCtr.exe) may allow remote attackers to read or ...)
+CVE-2004-0474
 	NOT-FOR-US: Help Center (HelpCtr.exe)
-CVE-2004-0473 (Argument injection vulnerability in Opera before 7.50 does not ...)
+CVE-2004-0473
 	NOT-FOR-US: opera
 CVE-2004-0472
 	REJECTED
-CVE-2004-0471 (BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 ...)
+CVE-2004-0471
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-0470 (BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 ...)
+CVE-2004-0470
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-0469 (Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and ...)
+CVE-2004-0469
 	NOT-FOR-US: Check Point VPN
-CVE-2004-0468 (Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows ...)
+CVE-2004-0468
 	NOT-FOR-US: Juniper JUNOS
-CVE-2004-0467 (Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a ...)
+CVE-2004-0467
 	NOT-FOR-US: Juniper JUNOS
-CVE-2004-0466 (WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote ...)
+CVE-2004-0466
 	NOT-FOR-US: WebConnect
-CVE-2004-0465 (Directory traversal vulnerability in jretest.html in WebConnect 6.5 ...)
+CVE-2004-0465
 	NOT-FOR-US: WebConnect
 CVE-2004-0464
 	REJECTED
 CVE-2004-0463
 	REJECTED
-CVE-2004-0462 (The built-in web servers for multiple networking devices do not set ...)
+CVE-2004-0462
 	NOT-FOR-US: Multiple embedded hardware vendors
-CVE-2004-0461 (The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when ...)
+CVE-2004-0461
 	- dhcp3 3.0.1
-CVE-2004-0460 (Buffer overflow in the logging capability for the DHCP daemon (DHCPD) ...)
+CVE-2004-0460
 	- dhcp3 3.0.1
-CVE-2004-0459 (The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 ...)
+CVE-2004-0459
 	NOT-FOR-US: DOS in 802.11 protocol
-CVE-2004-0458 (mah-jong before 1.6.2 allows remote attackers to cause a denial of ...)
+CVE-2004-0458
 	{DSA-503}
 	- mah-jong 1.6.2-1
-CVE-2004-0457 (The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the ...)
+CVE-2004-0457
 	{DSA-540}
 	- mysql-dfsg 4.0.20-11
 	- mysql <removed>
-CVE-2004-0456 (Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly ...)
+CVE-2004-0456
 	{DSA-527}
 	- pavuk 0.9pl28-3 (bug #264684)
-CVE-2004-0455 (Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to ...)
+CVE-2004-0455
 	{DSA-523}
 	- www-sql 0.5.7-18
-CVE-2004-0454 (Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 ...)
+CVE-2004-0454
 	{DSA-524}
 	- rlpr 2.02-7.1 (bug #255402)
-CVE-2004-0453 (Format string vulnerability in the monitor &quot;memory dump&quot; command in ...)
+CVE-2004-0453
 	- vice 1.14-2
-CVE-2004-0452 (Race condition in the rmtree function in the File::Path module in Perl ...)
+CVE-2004-0452
 	{DSA-1678-1 DSA-620-1}
 	- perl 5.8.4-5
-CVE-2004-0451 (Multiple format string vulnerabilities in the (1) logquit, (2) logerr, ...)
+CVE-2004-0451
 	{DSA-521}
 	- sup 1.8-11
-CVE-2004-0450 (Format string vulnerability in the printlog function in log2mail ...)
+CVE-2004-0450
 	{DSA-513}
 	- log2mail 0.2.8-3
 CVE-2004-0449
 	REJECTED
-CVE-2004-0448 (Format string vulnerability in the log function for jftpgw 0.13.4 and ...)
+CVE-2004-0448
 	{DSA-510}
 	- jftpgw 0.13.4-1
-CVE-2004-0447 (Unknown vulnerability in Linux before 2.4.26 for IA64 allows local ...)
+CVE-2004-0447
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26)
 CVE-2004-0446
 	RESERVED
-CVE-2004-0445 (The SYMDNS.SYS driver in Symantec Norton Internet Security and ...)
+CVE-2004-0445
 	NOT-FOR-US: Norton
-CVE-2004-0444 (Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet ...)
+CVE-2004-0444
 	NOT-FOR-US: Norton
 CVE-2004-0443
 	RESERVED
@@ -5229,555 +5229,555 @@ CVE-2004-0439
 	RESERVED
 CVE-2004-0438
 	RESERVED
-CVE-2004-0437 (Titan FTP Server version 3.01 build 163, and possibly other versions ...)
+CVE-2004-0437
 	NOT-FOR-US: Titan FTP Server
 CVE-2004-0436
 	RESERVED
-CVE-2004-0435 (Certain &quot;programming errors&quot; in the msync system call for FreeBSD ...)
+CVE-2004-0435
 	NOT-FOR-US: FreeBSD
-CVE-2004-0434 (k5admind (kadmind) for Heimdal allows remote attackers to execute ...)
+CVE-2004-0434
 	{DSA-504}
 	- heimdal 0.6.2-1
-CVE-2004-0433 (Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) ...)
+CVE-2004-0433
 	- mplayer 1.0~pre6a-1
 	- xine-lib 1-rc4
-CVE-2004-0432 (ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL ...)
+CVE-2004-0432
 	- proftpd 1.2.9-4
-CVE-2004-0431 (Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 ...)
+CVE-2004-0431
 	NOT-FOR-US: Apple QuickTime
-CVE-2004-0430 (Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and ...)
+CVE-2004-0430
 	NOT-FOR-US: MacOS
-CVE-2004-0429 (Unknown vulnerability related to &quot;the handling of large requests&quot; in ...)
+CVE-2004-0429
 	NOT-FOR-US: RAdmin for Mac OS X
-CVE-2004-0428 (Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS ...)
+CVE-2004-0428
 	NOT-FOR-US: Mac OS X)
-CVE-2004-0427 (The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before ...)
+CVE-2004-0427
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload of linux-2.6 package into the archive; 2.6.6)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload of package into the archive; 2.4.26)
-CVE-2004-0426 (rsync before 2.6.1 does not properly sanitize paths when running a ...)
+CVE-2004-0426
 	{DSA-499}
 	- rsync 2.6.1-1
-CVE-2004-0425 (Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows ...)
+CVE-2004-0425
 	NOT-FOR-US: windows
-CVE-2004-0424 (Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 ...)
+CVE-2004-0424
 	NOTE: fixed after 2.6.4/2.4.26 kernel
-CVE-2004-0423 (The log_event function in ssmtp 2.50.6 and earlier allows local users ...)
+CVE-2004-0423
 	- ssmtp <unfixed> (unimportant)
 	NOTE: bug still exists in the ssmtp source, but is only activated if
 	NOTE: --enable-logfile is used in ./configure
 	NOTE: The package doesn't enable that flag so it is safe.
-CVE-2004-0422 (flim before 1.14.3 creates temporary files insecurely, which allows ...)
+CVE-2004-0422
 	{DSA-500}
 	- flim 1:1.14.6+0.20040415-1
-CVE-2004-0421 (The Portable Network Graphics library (libpng) 1.0.15 and earlier ...)
+CVE-2004-0421
 	{DSA-498}
 	- libpng 1.0.15-5
 	- libpng3 1.2.5.0-6
-CVE-2004-0420 (The Windows Shell application in Windows 98, Windows ME, Windows NT ...)
+CVE-2004-0420
 	NOT-FOR-US: windows
-CVE-2004-0419 (XDM in XFree86 opens a chooserFd TCP socket even when ...)
+CVE-2004-0419
 	[sarge] - xfree86 <not-affected> (vulnerable code not present)
 	- xdm <not-affected> (vulnerable code not present)
-CVE-2004-0418 (serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, ...)
+CVE-2004-0418
 	{DSA-519}
 	- cvs 1:1.12.9-1
-CVE-2004-0417 (Integer overflow in the &quot;Max-dotdot&quot; CVS protocol command ...)
+CVE-2004-0417
 	{DSA-519}
 	- cvs 1:1.12.9-1
-CVE-2004-0416 (Double free vulnerability for the error_prog_name string in CVS 1.12.x ...)
+CVE-2004-0416
 	{DSA-519}
 	- cvs 1:1.12.9-1
-CVE-2004-0415 (Linux kernel does not properly convert 64-bit file offset pointers to ...)
+CVE-2004-0415
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.27-rc6)
-CVE-2004-0414 (CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not ...)
+CVE-2004-0414
 	{DSA-517}
 	- cvs 1:1.12.9-1
-CVE-2004-0413 (libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) ...)
+CVE-2004-0413
 	- subversion 1.0.5-1
-CVE-2004-0412 (Mailman before 2.1.5 allows remote attackers to obtain user passwords ...)
+CVE-2004-0412
 	- mailman 2.1.4-5
-CVE-2004-0411 (The URI handlers in Konqueror for KDE 3.2.2 and earlier do not ...)
+CVE-2004-0411
 	{DSA-518}
 	- kdelibs 4:3.2.3
 CVE-2004-0410
 	REJECTED
-CVE-2004-0409 (Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 ...)
+CVE-2004-0409
 	{DSA-493}
 	- xchat 2.0.8-1
-CVE-2004-0408 (Buffer overflow in the child_service function in the ident2 ident ...)
+CVE-2004-0408
 	{DSA-494}
 	- ident2 1.04-2
-CVE-2004-0407 (The HTML form upload capability in ColdFusion MX 6.1 does not reclaim ...)
+CVE-2004-0407
 	NOT-FOR-US: ColdFusion
 CVE-2004-0406
 	REJECTED
-CVE-2004-0405 (CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot ...)
+CVE-2004-0405
 	{DSA-486}
 	- cvs 1:1.12.5-4 (medium)
-CVE-2004-0404 (logcheck before 1.1.1 allows local users to overwrite arbitrary files ...)
+CVE-2004-0404
 	{DSA-488}
 	- logcheck 1.1.1-13.2
-CVE-2004-0403 (Racoon before 20040408a allows remote attackers to cause a denial of ...)
+CVE-2004-0403
 	- ipsec-tools 0.3.1-3
-CVE-2004-0402 (Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other ...)
+CVE-2004-0402
 	{DSA-508}
 	- xpcd 2.08-10
-CVE-2004-0401 (Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before ...)
+CVE-2004-0401
 	- libtasn1 0.1.2-2
-CVE-2004-0400 (Stack-based buffer overflow in Exim 4 before 4.33, when the ...)
+CVE-2004-0400
 	{DSA-502 DSA-501}
 	- exim 3.36-11
 	- exim4 4.33-1
 	- exim-tls <removed>
-CVE-2004-0399 (Stack-based buffer overflow in Exim 3.35, and other versions before 4, ...)
+CVE-2004-0399
 	{DSA-502 DSA-501}
 	- exim 3.36-11
 	- exim4 4.33-1
 	- exim-tls <removed>
-CVE-2004-0398 (Heap-based buffer overflow in the ne_rfc1036_parse date parsing ...)
+CVE-2004-0398
 	{DSA-507 DSA-506}
 	- cadaver 0.22.1-3
 	- neon 0.24.6.dfsg-1
-CVE-2004-0397 (Stack-based buffer overflow during the apr_time_t data conversion in ...)
+CVE-2004-0397
 	- subversion 1.0.3-1 (bug #249791)
-CVE-2004-0396 (Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up ...)
+CVE-2004-0396
 	{DSA-505}
 	- cvs 1:1.12.5-6
-CVE-2004-0395 (The xatitv program in the gatos package does not properly drop root ...)
+CVE-2004-0395
 	{DSA-509}
 	- gatos 0.0.5-12
-CVE-2004-0394 (A &quot;potential&quot; buffer overflow exists in the panic() function in Linux ...)
+CVE-2004-0394
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected>
 	NOTE: patch: http://www.ultramonkey.org/bugs/cve-patch/CAN-2004-0394.patch
-CVE-2004-0393 (Format string vulnerability in the msg function for rlpr daemon ...)
+CVE-2004-0393
 	{DSA-524}
 	- rlpr 2.02-7.1 (bug #255402)
-CVE-2004-0392 (racoon before 20040407b allows remote attackers to cause a denial of ...)
+CVE-2004-0392
 	- apache 1.3.31-2
-CVE-2004-0391 (Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting ...)
+CVE-2004-0391
 	NOT-FOR-US: Cisco
-CVE-2004-0390 (SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style ...)
+CVE-2004-0390
 	NOT-FOR-US: SCO OpenServer
-CVE-2004-0389 (RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote ...)
+CVE-2004-0389
 	NOT-FOR-US: RealNetworks Helix Universal Server
-CVE-2004-0388 (The mysqld_multi script in MySQL allows local users to overwrite ...)
+CVE-2004-0388
 	{DSA-483}
 	- mysql-dfsg 4.0.18-6
-CVE-2004-0387 (Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer ...)
+CVE-2004-0387
 	NOT-FOR-US: RealPlayer plugin
-CVE-2004-0386 (Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, ...)
+CVE-2004-0386
 	- mplayer 1.0~pre6a-1
-CVE-2004-0385 (Heap-based buffer overflow in Oracle 9i Application Server Web Cache ...)
+CVE-2004-0385
 	NOT-FOR-US: Oracle 9i Application Server Web Cache
 CVE-2004-0384
 	RESERVED
-CVE-2004-0383 (Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with ...)
+CVE-2004-0383
 	NOT-FOR-US: Mail for Mac OS X
-CVE-2004-0382 (Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 ...)
+CVE-2004-0382
 	NOT-FOR-US: CUPS printing system in Mac OS X
-CVE-2004-0381 (mysqlbug in MySQL allows local users to overwrite arbitrary files via ...)
+CVE-2004-0381
 	{DSA-483}
 	- mysql-dfsg 4.0.18-4
-CVE-2004-0380 (The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 ...)
+CVE-2004-0380
 	NOT-FOR-US: Microsoft Outlook Express
-CVE-2004-0379 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ...)
+CVE-2004-0379
 	NOT-FOR-US: Microsoft SharePoint Portal Server 2001
 CVE-2004-0378
 	REJECTED
-CVE-2004-0377 (Buffer overflow in the win32_stat function for (1) ActiveState's ...)
+CVE-2004-0377
 	- perl <not-affected> (Win32 specific)
-CVE-2004-0376 (oftpd 0.3.6 and earlier allows remote attackers to cause a denial of ...)
+CVE-2004-0376
 	{DSA-473}
 	- oftpd 20040304-1 (bug #353882)
-CVE-2004-0375 (SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton ...)
+CVE-2004-0375
 	NOT-FOR-US: Symantec Norton Internet Security
-CVE-2004-0374 (Interchange before 5.0.1 allows remote attackers to &quot;expose the ...)
+CVE-2004-0374
 	{DSA-471}
 	- interchange 5.0.1-1
 CVE-2004-0373
 	RESERVED
-CVE-2004-0372 (xine allows local users to overwrite arbitrary files via a symlink ...)
+CVE-2004-0372
 	{DSA-477}
 	- xine-ui 0.99.1-1
-CVE-2004-0371 (Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly ...)
+CVE-2004-0371
 	{DSA-476}
 	- heimdal 0.6.1-1
-CVE-2004-0370 (The setsockopt call in the KAME Project IPv6 implementation, as used ...)
+CVE-2004-0370
 	NOT-FOR-US: KAME
-CVE-2004-0369 (Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec ...)
+CVE-2004-0369
 	NOT-FOR-US: Entrust LibKmp ISAKMP library
-CVE-2004-0368 (Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and ...)
+CVE-2004-0368
 	NOT-FOR-US: CDE
-CVE-2004-0367 (Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of ...)
+CVE-2004-0367
 	- ethereal 0.10.3 (bug #239576)
 	[woody] - ethereal <not-affected> (Not vulnerable per DSA-511)
-CVE-2004-0366 (SQL injection vulnerability in the libpam-pgsql library before 0.5.2 ...)
+CVE-2004-0366
 	{DSA-469}
 	- pam-pgsql 0.5.2-7.1
 	NOTE: fix was accidentially reverted in a later upload and later re-introduced in 0.5.2-9
-CVE-2004-0365 (The dissect_attribute_value_pairs function in packet-radius.c for ...)
+CVE-2004-0365
 	- ethereal 0.10.3 (bug #239576)
 	[woody] - ethereal <not-affected> (Not vulnerable per DSA-511)
-CVE-2004-0364 (The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet ...)
+CVE-2004-0364
 	NOT-FOR-US: WrapNISUM ActiveX
-CVE-2004-0363 (Stack-based buffer overflow in the SymSpamHelper ActiveX component ...)
+CVE-2004-0363
 	NOT-FOR-US: SymSpamHelper ActiveX
-CVE-2004-0362 (Multiple stack-based buffer overflows in the ICQ parsing routines of ...)
+CVE-2004-0362
 	NOT-FOR-US: ISS Protocol Analysis Module
-CVE-2004-0361 (The Javascript engine in Safari 1.2 and earlier allows remote ...)
+CVE-2004-0361
 	NOT-FOR-US: safari
-CVE-2004-0360 (Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local ...)
+CVE-2004-0360
 	NOT-FOR-US: solaris
-CVE-2004-0359 (Cross-site scripting (XSS) vulnerability in index.php for Invision ...)
+CVE-2004-0359
 	NOT-FOR-US: Invision Power Board
-CVE-2004-0358 (Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro ...)
+CVE-2004-0358
 	NOT-FOR-US: VirtuaNews Admin Panel
-CVE-2004-0357 (Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote ...)
+CVE-2004-0357
 	NOT-FOR-US: SL Mail Pro
-CVE-2004-0355 (Invision Power Board 1.3 Final allows remote attackers to gain ...)
+CVE-2004-0355
 	NOT-FOR-US: Invision Power Board
-CVE-2004-0354 (Multiple format string vulnerabilities in GNU Anubis 3.6.0 through ...)
+CVE-2004-0354
 	NOT-FOR-US: GNU Anubis
-CVE-2004-0353 (Multiple buffer overflows in auth_ident() function in auth.c for GNU ...)
+CVE-2004-0353
 	NOT-FOR-US: GNU Anubis
-CVE-2004-0352 (Cisco 11000 Series Content Services Switches (CSS) running WebNS ...)
+CVE-2004-0352
 	NOT-FOR-US: Cisco
-CVE-2004-0351 (Spider Sales shopping cart stores the private key in the same database ...)
+CVE-2004-0351
 	NOT-FOR-US: Spider Sales
-CVE-2004-0350 (SpiderSales shopping cart does not enforce a minimum length for the ...)
+CVE-2004-0350
 	NOT-FOR-US: Spider Sales
-CVE-2004-0349 (Directory traversal vulnerability in GWeb HTTP Server 0.6 allows ...)
+CVE-2004-0349
 	NOT-FOR-US: GWeb HTTP Server
-CVE-2004-0348 (SQL injection vulnerability in viewCart.asp in SpiderSales shopping ...)
+CVE-2004-0348
 	NOT-FOR-US: SpiderSales
-CVE-2004-0346 (Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 ...)
+CVE-2004-0346
 	- proftpd 1.2.9
-CVE-2004-0345 (Buffer overflow in Red Faction client 1.20 and earlier allows remote ...)
+CVE-2004-0345
 	NOT-FOR-US: Red Faction
-CVE-2004-0344 (Directory traversal vulnerability in ModifyMessage.php in YaBB SE ...)
+CVE-2004-0344
 	NOT-FOR-US: YaBB SE
-CVE-2004-0343 (Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b ...)
+CVE-2004-0343
 	NOT-FOR-US: YaBB SE
-CVE-2004-0342 (WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option ...)
+CVE-2004-0342
 	NOT-FOR-US: WFPTD
-CVE-2004-0341 (WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a ...)
+CVE-2004-0341
 	NOT-FOR-US: WFPTD
-CVE-2004-0340 (Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro ...)
+CVE-2004-0340
 	NOT-FOR-US: WFPTD
-CVE-2004-0339 (Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, ...)
+CVE-2004-0339
 	- phpbb2 2.0.6d
-CVE-2004-0338 (SQL injection vulnerability in search.php for Invision Board Forum ...)
+CVE-2004-0338
 	NOT-FOR-US: Invision Board Forum
-CVE-2004-0337 (Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro ...)
+CVE-2004-0337
 	NOT-FOR-US: 602LAN SUITE
-CVE-2004-0335 (LAN SUITE Web Mail 602Pro, when configured to use the &quot;Directory ...)
+CVE-2004-0335
 	NOT-FOR-US: 602LAN SUITE
-CVE-2004-0334 (InnoMedia VideoPhone allows remote attackers to bypass Basic ...)
+CVE-2004-0334
 	NOT-FOR-US: AXIS 2100
-CVE-2004-0333 (Buffer overflow in the UUDeview package, as used in WinZip 6.2 through ...)
+CVE-2004-0333
 	- uudeview 0.5.20 (medium)
-CVE-2004-0332 (Extremail 1.5.9 does not check passwords correctly when they are all ...)
+CVE-2004-0332
 	NOT-FOR-US: extremail
-CVE-2004-0331 (Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows ...)
+CVE-2004-0331
 	NOT-FOR-US: Dell OpenManage Web Server
-CVE-2004-0330 (Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote ...)
+CVE-2004-0330
 	NOT-FOR-US: Serv-U
-CVE-2004-0329 (FreeChat 1.1.1a allows remote attackers to cause a denial of service ...)
+CVE-2004-0329
 	NOT-FOR-US: FreeChat
-CVE-2004-0328 (Gigabyte Gn-B46B 2.4Ghz wireless broadband router firmware 1.003.00 ...)
+CVE-2004-0328
 	NOT-FOR-US: Gigabyte Broadband Router
-CVE-2004-0327 (Directory traversal vulnerability in functions.php in PhpNewsManager ...)
+CVE-2004-0327
 	NOT-FOR-US: PhpNewsManager
-CVE-2004-0326 (Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote ...)
+CVE-2004-0326
 	NOT-FOR-US: GateKeeper Pro
-CVE-2004-0325 (TYPSoft FTP Server 1.10 allows remote authenticated users to cause a ...)
+CVE-2004-0325
 	NOT-FOR-US: TypSoft
-CVE-2004-0324 (Confirm 0.62 and earlier could allow remote attackers to execute ...)
+CVE-2004-0324
 	NOT-FOR-US: confirm 0.70
-CVE-2004-0323 (Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow ...)
+CVE-2004-0323
 	NOT-FOR-US: xmb 1.8 final sp2
-CVE-2004-0322 (Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final ...)
+CVE-2004-0322
 	NOT-FOR-US: xmb 1.8 final sp2
-CVE-2004-0321 (Team Factor 1.25 and earlier allows remote attackers to cause a denial ...)
+CVE-2004-0321
 	NOT-FOR-US: Team Factor
-CVE-2004-0319 (Cross-site scripting (XSS) vulnerability in the font tag in ezBoard ...)
+CVE-2004-0319
 	NOT-FOR-US: ezBoard
-CVE-2004-0318 (Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID ...)
+CVE-2004-0318
 	NOT-FOR-US: Load Sharing Facility
-CVE-2004-0317 (Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x ...)
+CVE-2004-0317
 	NOT-FOR-US: Load Sharing Facility
-CVE-2004-0316 (Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a ...)
+CVE-2004-0316
 	NOT-FOR-US: Avirt
-CVE-2004-0315 (Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a ...)
+CVE-2004-0315
 	NOT-FOR-US: Avirt
-CVE-2004-0314 (Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 ...)
+CVE-2004-0314
 	NOT-FOR-US: WebzEdit
-CVE-2004-0313 (Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a ...)
+CVE-2004-0313
 	NOT-FOR-US: PSOProxy
-CVE-2004-0312 (Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP ...)
+CVE-2004-0312
 	NOT-FOR-US: LINKSYS
-CVE-2004-0311 (American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 ...)
+CVE-2004-0311
 	NOT-FOR-US: APC
-CVE-2004-0310 (Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 ...)
+CVE-2004-0310
 	NOT-FOR-US: LiveJournal
-CVE-2004-0308 (Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 ...)
+CVE-2004-0308
 	NOT-FOR-US: cisco
-CVE-2004-0305 (Cross-site scripting (XSS) vulnerability in error.asp in WebCortex ...)
+CVE-2004-0305
 	NOT-FOR-US: WebCortex WebStores
-CVE-2004-0304 (SQL injection vulnerability in browse_items.asp in WebCortex WebStores ...)
+CVE-2004-0304
 	NOT-FOR-US: WebCortex WebStores
-CVE-2004-0303 (OWLS 1.0 allows remote attackers to retrieve arbitrary files via ...)
+CVE-2004-0303
 	NOT-FOR-US: OWLS 1.0
-CVE-2004-0302 (Directory traversal vulnerability in OWLS 1.0 allows remote attackers ...)
+CVE-2004-0302
 	NOT-FOR-US: OWLS 1.0
-CVE-2004-0301 (Cross-site scripting (XSS) vulnerability in more.php for Online Store ...)
+CVE-2004-0301
 	NOT-FOR-US: Online Store Kit
-CVE-2004-0300 (SQL injection vulnerability in Online Store Kit 3.0 allows remote ...)
+CVE-2004-0300
 	NOT-FOR-US: Online Store Kit
-CVE-2004-0299 (Buffer overflow in smallftpd 0.99 allows local users to cause a denial ...)
+CVE-2004-0299
 	NOT-FOR-US: smallftpd;
-CVE-2004-0298 (CesarFTP 0.99e allows remote attackers to cause a denial of service ...)
+CVE-2004-0298
 	NOT-FOR-US: CesarFTP; Win32
-CVE-2004-0296 (TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a ...)
+CVE-2004-0296
 	NOT-FOR-US: Broker FTP 6.1.0.0; Win32
-CVE-2004-0295 (TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a ...)
+CVE-2004-0295
 	NOT-FOR-US: Broker FTP 6.1.0.0 again; Win32
-CVE-2004-0294 (YaBB 1 SP 1.3.1 displays different error messages when a user exists ...)
+CVE-2004-0294
 	NOT-FOR-US: yabb;
-CVE-2004-0293 (Directory traversal vulnerability in ShopCartCGI 2.3 allows remote ...)
+CVE-2004-0293
 	NOT-FOR-US: ShopCartCGI 2.3;
-CVE-2004-0292 (Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote ...)
+CVE-2004-0292
 	NOT-FOR-US: KarjaSoft Sami HTTP Server 1.0.4; Win32
-CVE-2004-0291 (SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 ...)
+CVE-2004-0291
 	NOT-FOR-US: YaBB;
-CVE-2004-0290 (Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game ...)
+CVE-2004-0290
 	NOT-FOR-US: Purge Jihad;
-CVE-2004-0289 (Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to ...)
+CVE-2004-0289
 	NOT-FOR-US: SignatureDB;
-CVE-2004-0288 (Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 ...)
+CVE-2004-0288
 	- mnogosearch 3.2.18
 	NOTE: it's not quite clear which version exactly fixes the problem;
 	NOTE: I checked the source code of the most recent version and compared
 	NOTE: it with the problematic section described in the advisory
 	NOTE: (http://marc.info/?l=bugtraq&m=107695139930726&w=2)
 	NOTE: and I can confirm the buffer overflow is fixed there
-CVE-2004-0287 (Xlight FTP server 1.52 allows remote authenticated users to cause a ...)
+CVE-2004-0287
 	NOT-FOR-US: Xlight FTP server 1.52;
-CVE-2004-0286 (Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote ...)
+CVE-2004-0286
 	NOT-FOR-US: RobotFTP;
-CVE-2004-0285 (PHP remote file inclusion vulnerabilities in include/footer.inc.php in ...)
+CVE-2004-0285
 	NOT-FOR-US: PHP scripts
-CVE-2004-0284 (Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow ...)
+CVE-2004-0284
 	NOT-FOR-US: MSIE bugs
-CVE-2004-0283 (Mailmgr 1.2.3 allows local users to overwrite arbitrary files via a ...)
+CVE-2004-0283
 	NOT-FOR-US: mailmgr;
-CVE-2004-0282 (Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of ...)
+CVE-2004-0282
 	NOT-FOR-US: Crob FTP;
-CVE-2004-0281 (Caucho Technology Resin 2.1.12 allows remote attackers to gain ...)
+CVE-2004-0281
 	NOT-FOR-US: Caucho Technology Resin;
-CVE-2004-0280 (Caucho Technology Resin 2.1.12 allows remote attackers to view JSP ...)
+CVE-2004-0280
 	NOT-FOR-US: Caucho Technology Resin;
-CVE-2004-0279 (AIM Sniff (aimSniff.pl) 0.9b allows local users to overwrite arbitrary ...)
+CVE-2004-0279
 	NOT-FOR-US: AIMSniff;
-CVE-2004-0278 (Ratbag game engine, as used in products such as Dirt Track Racing, ...)
+CVE-2004-0278
 	NOT-FOR-US: Ratbag game engine;
-CVE-2004-0277 (Format string vulnerability in Dream FTP 1.02 allows remote attackers ...)
+CVE-2004-0277
 	NOT-FOR-US: Dream FTP;
-CVE-2004-0275 (SQL injection vulnerability in calendar_download.php in BosDates 3.2 ...)
+CVE-2004-0275
 	NOT-FOR-US: BosDates;
-CVE-2004-0272 (SQL injection vulnerability in MaxWebPortal allows remote attackers to ...)
+CVE-2004-0272
 	NOT-FOR-US: MaxWebPortal;
-CVE-2004-0271 (Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal ...)
+CVE-2004-0271
 	NOT-FOR-US: MaxWebPortal;
-CVE-2004-0269 (SQL injection vulnerability in PHP-Nuke 6.9 and earlier, and possibly ...)
+CVE-2004-0269
 	NOT-FOR-US: PHP-Nuke;
-CVE-2004-0268 (Multiple buffer overflows in EvolutionX 3921 and 3935 allow remote ...)
+CVE-2004-0268
 	NOT-FOR-US: EvolutionX;
-CVE-2004-0267 (The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust ...)
+CVE-2004-0267
 	NOT-FOR-US: eTrust InoculateIT;
-CVE-2004-0266 (SQL injection vulnerability in the &quot;public message&quot; capability ...)
+CVE-2004-0266
 	NOT-FOR-US: PHP-Nuke;
-CVE-2004-0265 (Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke ...)
+CVE-2004-0265
 	NOT-FOR-US: PHP-Nuke;
-CVE-2004-0264 (palmhttpd for PalmOS allows remote attackers to cause a denial of ...)
+CVE-2004-0264
 	NOT-FOR-US: PalmOS
-CVE-2004-0262 (Stack-based buffer overflow in The Palace 3.5 and earlier client ...)
+CVE-2004-0262
 	NOT-FOR-US: The Palace;
-CVE-2004-0260 (The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains ...)
+CVE-2004-0260
 	NOT-FOR-US: CactuShop;
-CVE-2004-0259 (The check_referer() function in Formmail.php 5.0 and earlier allows ...)
+CVE-2004-0259
 	NOT-FOR-US: formmail.php;
-CVE-2004-0258 (Multiple buffer overflows in RealOne Player, RealOne Player 2.0, ...)
+CVE-2004-0258
 	NOT-FOR-US: RealPlayer
-CVE-2004-0255 (Xlight 1.52, with log to screen enabled, allows remote attackers to ...)
+CVE-2004-0255
 	NOT-FOR-US: Xlight;
-CVE-2004-0254 (Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x ...)
+CVE-2004-0254
 	NOT-FOR-US: Discuz;
-CVE-2004-0253 (IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to ...)
+CVE-2004-0253
 	NOT-FOR-US: IBM Cloudscape
-CVE-2004-0252 (TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of ...)
+CVE-2004-0252
 	NOT-FOR-US: TYPSoft FTP Server
-CVE-2004-0251 (Cross-site scripting (XSS) vulnerability in rxgoogle.cgi allows remote ...)
+CVE-2004-0251
 	NOT-FOR-US: rxgoogle.cgi
-CVE-2004-0250 (SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier ...)
+CVE-2004-0250
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2004-0249 (PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other ...)
+CVE-2004-0249
 	NOT-FOR-US: PHPX
-CVE-2004-0248 (Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote ...)
+CVE-2004-0248
 	NOT-FOR-US: PHPX
-CVE-2004-0247 (The client and server of Chaser 1.50 and earlier allow remote ...)
+CVE-2004-0247
 	NOT-FOR-US: Chaser
-CVE-2004-0246 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
+CVE-2004-0246
 	NOT-FOR-US: Les Commentaires
-CVE-2004-0245 (Web Crossing 4.x and 5.x allows remote attackers to cause a denial of ...)
+CVE-2004-0245
 	NOT-FOR-US: Web Crossing
-CVE-2004-0244 (Cisco 6000, 6500, and 7600 series systems with Multilayer Switch ...)
+CVE-2004-0244
 	NOT-FOR-US: Cisco
-CVE-2004-0243 (AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, ...)
+CVE-2004-0243
 	NOT-FOR-US: AIX
-CVE-2004-0242 (X-Cart 3.4.3 allows remote attackers to gain sensitive information via ...)
+CVE-2004-0242
 	NOT-FOR-US: X-Cart 3.4.3
-CVE-2004-0241 (X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via ...)
+CVE-2004-0241
 	NOT-FOR-US: X-Cart 3.4.3
-CVE-2004-0240 (Directory traversal vulnerability in X-Cart 3.4.3 allows remote ...)
+CVE-2004-0240
 	NOT-FOR-US: X-Cart 3.4.3
-CVE-2004-0239 (SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 ...)
+CVE-2004-0239
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2004-0238 (Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow ...)
+CVE-2004-0238
 	- overkill 0.16-7
-CVE-2004-0237 (Directory traversal vulnerability in index.php in Aprox PHP Portal ...)
+CVE-2004-0237
 	NOT-FOR-US: Aprox PHP Portal
-CVE-2004-0236 (SQL injection vulnerability in login.asp in thePHOTOtool allows remote ...)
+CVE-2004-0236
 	NOT-FOR-US: thePHOTOtool
-CVE-2004-0235 (Multiple directory traversal vulnerabilities in LHA 1.14 allow remote ...)
+CVE-2004-0235
 	{DSA-515}
 	- lha 1.14i-8
-CVE-2004-0234 (Multiple stack-based buffer overflows in the get_header function in ...)
+CVE-2004-0234
 	{DSA-515}
 	- lha 1.14i-8
-CVE-2004-0233 (Utempter allows device names that contain .. (dot dot) directory ...)
+CVE-2004-0233
 	NOT-FOR-US: utempter
-CVE-2004-0232 (Multiple format string vulnerabilities in Midnight Commander (mc) ...)
+CVE-2004-0232
 	{DSA-497}
 	- mc 1:4.6.0-4.6.1-pre1-2
-CVE-2004-0231 (Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with ...)
+CVE-2004-0231
 	{DSA-497}
 	- mc 1:4.6.0-4.6.1-pre1-2
-CVE-2004-0230 (TCP, when using a large Window Size, makes it easier for remote ...)
+CVE-2004-0230
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
 	NOTE: the attack works with a certain non-negligible probability, but even
 	NOTE: when successful, it only causes a TCP disconnect, which will (in most
 	NOTE: circumstances) be reestablished right away, causing essentially no impact
-CVE-2004-0229 (The framebuffer driver in Linux kernel 2.6.x does not properly use the ...)
+CVE-2004-0229
 	- linux-2.6 2.6.6-1
 	- linux-2.6.24 <not-affected>
-CVE-2004-0228 (Integer signedness error in the cpufreq proc handler (cpufreq_procctl) ...)
+CVE-2004-0228
 	- kernel-source-2.4.27 <not-affected> (2.4 does not have cpufreq)
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
-CVE-2004-0227 (Buffer overflow in the zms script in ZoneMinder before 1.19.2 may ...)
+CVE-2004-0227
 	- zoneminder 1.22.3-1
 	NOTE: fixed in 1.19.2, which was released before initial upload of 1.22.3
-CVE-2004-0226 (Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may ...)
+CVE-2004-0226
 	{DSA-497}
 	- mc 1:4.6.0-4.6.1-pre1-2
 CVE-2004-0225
 	RESERVED
-CVE-2004-0224 (Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for ...)
+CVE-2004-0224
 	- courier 0.45.1-1
 CVE-2004-0223
 	RESERVED
-CVE-2004-0222 (Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow ...)
+CVE-2004-0222
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0221 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a ...)
+CVE-2004-0221
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0220 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a ...)
+CVE-2004-0220
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0219 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a ...)
+CVE-2004-0219
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0218 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a ...)
+CVE-2004-0218
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0217 (The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan ...)
+CVE-2004-0217
 	NOT-FOR-US: Symantec AntiVirus Scan Engine for Red Hat
-CVE-2004-0216 (Integer overflow in the Install Engine (inseng.dll) for Internet ...)
+CVE-2004-0216
 	NOT-FOR-US: MSIE bug
-CVE-2004-0215 (Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of ...)
+CVE-2004-0215
 	NOT-FOR-US: MS-Outlook-Express
-CVE-2004-0214 (Buffer overflow in Microsoft Internet Explorer and Explorer on Windows ...)
+CVE-2004-0214
 	NOT-FOR-US: MSIE bug
-CVE-2004-0213 (Utility Manager in Windows 2000 launches winhlp32.exe while Utility ...)
+CVE-2004-0213
 	NOT-FOR-US: Windows bug
-CVE-2004-0212 (Stack-based buffer overflow in the Task Scheduler for Windows 2000 and ...)
+CVE-2004-0212
 	NOT-FOR-US: Windows bug
-CVE-2004-0211 (The kernel for Microsoft Windows Server 2003 does not reset certain ...)
+CVE-2004-0211
 	NOT-FOR-US: Windows bug
-CVE-2004-0210 (The POSIX component of Microsoft Windows NT and Windows 2000 allows ...)
+CVE-2004-0210
 	NOT-FOR-US: Windows bug
-CVE-2004-0209 (Unknown vulnerability in the Graphics Rendering Engine processes of ...)
+CVE-2004-0209
 	NOT-FOR-US: Windows bug
-CVE-2004-0208 (The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, ...)
+CVE-2004-0208
 	NOT-FOR-US: Windows bug
-CVE-2004-0207 (&quot;Shatter&quot; style vulnerability in the Window Management application ...)
+CVE-2004-0207
 	NOT-FOR-US: Windows bug
-CVE-2004-0206 (Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows ...)
+CVE-2004-0206
 	NOT-FOR-US: Windows bug
-CVE-2004-0205 (Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 ...)
+CVE-2004-0205
 	NOT-FOR-US: Windows bug
-CVE-2004-0204 (Directory traversal vulnerability in the web viewers for Business ...)
+CVE-2004-0204
 	NOT-FOR-US: Visual Studio bug
-CVE-2004-0203 (Cross-site scripting (XSS) vulnerability in Outlook Web Access for ...)
+CVE-2004-0203
 	NOT-FOR-US: Exchange bug
-CVE-2004-0202 (IDirectPlay4 Application Programming Interface (API) of Microsoft ...)
+CVE-2004-0202
 	NOT-FOR-US: DirectX
-CVE-2004-0201 (Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML ...)
+CVE-2004-0201
 	NOT-FOR-US: Windows HTML Help
-CVE-2004-0200 (Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft ...)
+CVE-2004-0200
 	NOT-FOR-US: famous Windows GDI+ JPEG parsing bug
-CVE-2004-0199 (Help and Support Center in Microsoft Windows XP and Windows Server ...)
+CVE-2004-0199
 	NOT-FOR-US: Windows bug
 CVE-2004-0198
 	RESERVED
-CVE-2004-0197 (Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote ...)
+CVE-2004-0197
 	NOT-FOR-US: MSJet bug
 CVE-2004-0196
 	RESERVED
 CVE-2004-0195
 	RESERVED
-CVE-2004-0192 (Cross-site scripting (XSS) vulnerability in the Management Service for ...)
+CVE-2004-0192
 	NOT-FOR-US: Symantec Gateway Security
 CVE-2004-0187
 	REJECTED
-CVE-2004-0184 (Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier ...)
+CVE-2004-0184
 	{DSA-478}
 	- tcpdump 3.7.2-4
-CVE-2004-0183 (TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of ...)
+CVE-2004-0183
 	{DSA-478}
 	- tcpdump 3.7.2-4
-CVE-2004-0182 (Mailman before 2.0.13 allows remote attackers to cause a denial of ...)
+CVE-2004-0182
 	- mailman <not-affected> (RedHat specific bug)
-CVE-2004-0181 (The JFS file system code in Linux 2.4.x has an information leak in ...)
+CVE-2004-0181
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-pre5)
-CVE-2004-0180 (The client for CVS before 1.11 allows a remote malicious CVS server to ...)
+CVE-2004-0180
 	{DSA-486}
 	- cvs 1:1.12.5-4 (medium)
-CVE-2004-0179 (Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, ...)
+CVE-2004-0179
 	{DSA-487}
 	- neon 0.24.5-1
-CVE-2004-0178 (The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before ...)
+CVE-2004-0178
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-pre3)
-CVE-2004-0177 (The ext3 code in Linux 2.4.x before 2.4.26 does not properly ...)
+CVE-2004-0177
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-pre4)
-CVE-2004-0176 (Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote ...)
+CVE-2004-0176
 	{DSA-511}
 	- ethereal 0.10.3-1 (bug #239576)
-CVE-2004-0175 (Directory traversal vulnerability in scp for OpenSSH before 3.4p1 ...)
+CVE-2004-0175
 	{CVE-2000-0992}
 	- openssh 1:3.9p1-1 (low; bug #270770)
 	[sarge] - openssh <no-dsa> (Minor issue)
@@ -5785,50 +5785,50 @@ CVE-2004-0175 (Directory traversal vulnerability in scp for OpenSSH before 3.4p1
 	NOTE: The "SUID/SGID across trust boundaries" issue remains, but is
 	NOTE: largely theoretic. This is a rediscovery of CVE-2000-0992.
 	NOTE: jmm: 3.9p1 thus marked as fixed version
-CVE-2004-0174 (Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using ...)
+CVE-2004-0174
 	- apache 1.3.29.0.2-5
-CVE-2004-0172 (Heap-based buffer overflow in the search_for_command function of ...)
+CVE-2004-0172
 	- ltrace <not-affected> (Not setuid/setgid in Debian)
 CVE-2004-0170
 	RESERVED
-CVE-2004-0168 (Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related ...)
+CVE-2004-0168
 	NOT-FOR-US: CoreFoundation for Mac OS X
-CVE-2004-0166 (Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 ...)
+CVE-2004-0166
 	NOT-FOR-US: Safari
-CVE-2004-0164 (KAME IKE daemon (racoon) does not properly handle hash values, which ...)
+CVE-2004-0164
 	- ipsec-tools 0.3.3-1
 	NOTE: not mentioned in the changelog, so I don't know which version exactly fixes
 	NOTE: the problem, but the patch that fixes the bug is applied:
 	NOTE: http://marc.info/?l=bugtraq&m=107411758202662&w=2
-CVE-2004-0163 (Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the ...)
+CVE-2004-0163
 	NOT-FOR-US: Sygate Secure Enterprise
-CVE-2004-0162 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2004-0162
 	NOT-FOR-US: general MIME bug with security gateways
-CVE-2004-0161 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2004-0161
 	NOT-FOR-US: general MIME bug with security gateways
-CVE-2004-0158 (Buffer overflow in lbreakout2 allows local users to gain 'games' group ...)
+CVE-2004-0158
 	{DSA-445}
 	- lbreakout2 2.4
-CVE-2004-0157 (x11.c in xonix 1.4 and earlier uses the current working directory to ...)
+CVE-2004-0157
 	{DSA-484}
 	- xonix 1.4-21
-CVE-2004-0156 (Format string vulnerabilities in the (1) die or (2) log_event ...)
+CVE-2004-0156
 	{DSA-485}
 	- ssmtp 2.60.7
-CVE-2004-0155 (The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, ...)
+CVE-2004-0155
 	- ipsec-tools 0.2.5-2
-CVE-2004-0154 (rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers ...)
+CVE-2004-0154
 	- nfs-utils 1:1.0.5-3
-CVE-2004-0153 (Multiple format string vulnerabilities in emil 2.1.0 and earlier may ...)
+CVE-2004-0153
 	{DSA-468}
 	- emil 2.1.0-beta9-14
-CVE-2004-0152 (Multiple stack-based buffer overflows in (1) the encode_mime function, ...)
+CVE-2004-0152
 	{DSA-468}
 	- emil 2.1.0-beta9-14
-CVE-2004-0151 (Unknown vulnerability in xitalk 1.1.11 and earlier allows local users ...)
+CVE-2004-0151
 	{DSA-462}
 	- xitalk 1.1.11-11
-CVE-2004-0149 (Multiple buffer overflows in xboing before 2.4 allow local users to ...)
+CVE-2004-0149
 	{DSA-451}
 	- xboing 2.4-26.1 (bug #174924)
 CVE-2004-0147
@@ -5839,7 +5839,7 @@ CVE-2004-0145
 	REJECTED
 CVE-2004-0144
 	REJECTED
-CVE-2004-0143 (Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote ...)
+CVE-2004-0143
 	NOT-FOR-US: Nokia mobile phones
 CVE-2004-0142
 	REJECTED
@@ -5847,66 +5847,66 @@ CVE-2004-0141
 	REJECTED
 CVE-2004-0140
 	REJECTED
-CVE-2004-0139 (Unknown vulnerability in the bsd.a kernel networking for SGI IRIX ...)
+CVE-2004-0139
 	NOT-FOR-US: SGI IRIX
-CVE-2004-0138 (The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to ...)
+CVE-2004-0138
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (fixed before first upload)
-CVE-2004-0137 (Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows ...)
+CVE-2004-0137
 	NOT-FOR-US: IRIX init
-CVE-2004-0136 (The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows ...)
+CVE-2004-0136
 	NOT-FOR-US: IRIX
-CVE-2004-0135 (The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 ...)
+CVE-2004-0135
 	NOT-FOR-US: IRIX
-CVE-2004-0134 (cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain ...)
+CVE-2004-0134
 	NOT-FOR-US: IRIX
-CVE-2004-0133 (The XFS file system code in Linux 2.4.x has an information leak in ...)
+CVE-2004-0133
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-rc2)
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.5)
-CVE-2004-0132 (Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 ...)
+CVE-2004-0132
 	NOT-FOR-US: ezContents
-CVE-2004-0130 (login.php in phpGedView 2.65 and earlier allows remote attackers to ...)
+CVE-2004-0130
 	NOT-FOR-US: phpGedView
-CVE-2004-0127 (Directory traversal vulnerability in editconfig_gedcom.php for ...)
+CVE-2004-0127
 	NOT-FOR-US: phpGedView
-CVE-2004-0125 (The jail system call in FreeBSD 4.x before 4.10-RELEASE does not ...)
+CVE-2004-0125
 	NOT-FOR-US: FreeBSD jail
-CVE-2004-0124 (The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and ...)
+CVE-2004-0124
 	NOT-FOR-US: Windows bug
-CVE-2004-0123 (Double free vulnerability in the ASN.1 library as used in Windows NT ...)
+CVE-2004-0123
 	NOT-FOR-US: Windows bug
-CVE-2004-0120 (The Microsoft Secure Sockets Layer (SSL) library, as used in Windows ...)
+CVE-2004-0120
 	NOT-FOR-US: Windows bug
-CVE-2004-0119 (The Negotiate Security Software Provider (SSP) interface in Windows ...)
+CVE-2004-0119
 	NOT-FOR-US: Windows bug
-CVE-2004-0118 (The component for the Virtual DOS Machine (VDM) subsystem in Windows ...)
+CVE-2004-0118
 	NOT-FOR-US: Windows bug
-CVE-2004-0117 (Unknown vulnerability in the H.323 protocol implementation in Windows ...)
+CVE-2004-0117
 	NOT-FOR-US: Windows bug
-CVE-2004-0116 (An Activation function in the RPCSS Service involved with DCOM ...)
+CVE-2004-0116
 	NOT-FOR-US: Windows bug
-CVE-2004-0112 (The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, ...)
+CVE-2004-0112
 	- openssl 0.9.7d-1
-CVE-2004-0110 (Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft ...)
+CVE-2004-0110
 	{DSA-455}
 	- libxml 1:1.8.17-5
 	- libxml2 2.6.6-1
-CVE-2004-0109 (Buffer overflow in the ISO9660 file system component for Linux kernel ...)
+CVE-2004-0109
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-rc4)
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.6)
-CVE-2004-0107 (The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier ...)
+CVE-2004-0107
 	- sysstat 5.0.2-1
-CVE-2004-0106 (Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to ...)
+CVE-2004-0106
 	{DSA-443}
 	- xfree86 4.3.0-2
-CVE-2004-0105 (Multiple buffer overflows in Metamail 2.7 and earlier allow remote ...)
+CVE-2004-0105
 	{DSA-449}
 	- metamail 2.7-45.2
-CVE-2004-0104 (Multiple format string vulnerabilities in Metamail 2.7 and earlier ...)
+CVE-2004-0104
 	{DSA-449}
 	- metamail 2.7-45.2
-CVE-2004-0103 (crawl before 4.0.0 beta23 does not properly &quot;apply a size check&quot; when ...)
+CVE-2004-0103
 	{DSA-432}
 	- crawl 1:4.0.0beta26-4
 CVE-2004-0102
@@ -5917,113 +5917,113 @@ CVE-2004-0100
 	RESERVED
 CVE-2004-0098
 	REJECTED
-CVE-2004-0097 (Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers ...)
+CVE-2004-0097
 	{DSA-448}
 	- pwlib 1.5.2-4
-CVE-2004-0092 (Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and ...)
+CVE-2004-0092
 	NOT-FOR-US: Safari
-CVE-2004-0091 (** DISPUTED ** ...)
+CVE-2004-0091
 	NOT-FOR-US: vBulletin
-CVE-2004-0090 (Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 ...)
+CVE-2004-0090
 	NOT-FOR-US: MacOS
-CVE-2004-0088 (The System Configuration subsystem in Mac OS 10.2.8 allows local users ...)
+CVE-2004-0088
 	NOT-FOR-US: MacOS
-CVE-2004-0087 (The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows ...)
+CVE-2004-0087
 	NOT-FOR-US: MacOS
-CVE-2004-0086 (Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has ...)
+CVE-2004-0086
 	NOT-FOR-US: MacOS
-CVE-2004-0085 (Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and ...)
+CVE-2004-0085
 	NOT-FOR-US: MacOS
-CVE-2004-0084 (Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to ...)
+CVE-2004-0084
 	{DSA-443}
 	- xfree86 4.3.0-2
-CVE-2004-0083 (Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 ...)
+CVE-2004-0083
 	{DSA-443}
 	- xfree86 4.3.0-2
-CVE-2004-0081 (OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message ...)
+CVE-2004-0081
 	{DSA-465}
 	- openssl 0.9.6d-1
-CVE-2004-0079 (The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and ...)
+CVE-2004-0079
 	{DSA-465}
 	- openssl 0.9.7d-1
 	- openssl096 0.9.6m-1
 CVE-2004-0076
 	REJECTED
-CVE-2004-0074 (Multiple buffer overflows in xsok 1.02 allows local users to gain ...)
+CVE-2004-0074
 	- xsok <not-affected> (Not vulnerable. See bug #278777)
-CVE-2004-0073 (PHP remote file inclusion vulnerability in (1) config.php and (2) ...)
+CVE-2004-0073
 	NOT-FOR-US: EasyDynamicPages
-CVE-2004-0072 (Directory traversal vulnerability in Accipiter Direct Server 6.0 ...)
+CVE-2004-0072
 	NOT-FOR-US: Accipiter Direct Server 6.0
-CVE-2004-0071 (Directory traversal vulnerability in buildManPage in ...)
+CVE-2004-0071
 	NOT-FOR-US: PHP Man Page Lookup 1.2.0
-CVE-2004-0069 (Format string vulnerability in HD Soft Windows FTP Server 1.6 and ...)
+CVE-2004-0069
 	NOT-FOR-US: HD Soft Windows FTP Server 1.6
-CVE-2004-0067 (Multiple cross-site scripting (XSS) vulnerabilities in phpGedView ...)
+CVE-2004-0067
 	NOT-FOR-US: phpGedView
-CVE-2004-0066 (phpGedView before 2.65 allows remote attackers to obtain the absolute ...)
+CVE-2004-0066
 	NOT-FOR-US: phpGedView
-CVE-2004-0065 (Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow ...)
+CVE-2004-0065
 	NOT-FOR-US: phpGedView
-CVE-2004-0064 (The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows ...)
+CVE-2004-0064
 	NOT-FOR-US: SuSE YaST
-CVE-2004-0062 (Integer overflow in the rnd arithmetic rounding function for various ...)
+CVE-2004-0062
 	NOT-FOR-US: FishCart
-CVE-2004-0061 (WWW File Share Pro 2.42 and earlier allows remote attackers to bypass ...)
+CVE-2004-0061
 	NOT-FOR-US: WWW File Share Pro 2.42
-CVE-2004-0060 (WWW File Share Pro 2.42 and earlier allows remote attackers to cause a ...)
+CVE-2004-0060
 	NOT-FOR-US: WWW File Share Pro 2.42
-CVE-2004-0059 (Directory traversal vulnerability in upload capability of WWW File ...)
+CVE-2004-0059
 	NOT-FOR-US: WWW File Share Pro 2.42
-CVE-2004-0058 (Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local ...)
+CVE-2004-0058
 	NOT-FOR-US: Antivir
-CVE-2004-0057 (The rawprint function in the ISAKMP decoding routines (print-isakmp.c) ...)
+CVE-2004-0057
 	{DSA-425}
 	- tcpdump 3.8.3-1
 	NOTE: Upstream version 3.8.3 is fixed; may have been fixed earlier.
-CVE-2004-0056 (Multiple vulnerabilities in the H.323 protocol implementation for ...)
+CVE-2004-0056
 	NOT-FOR-US: Nortel Networks products
-CVE-2004-0055 (The print_attr_string function in print-radius.c for tcpdump 3.8.1 and ...)
+CVE-2004-0055
 	{DSA-425}
 	- tcpdump 3.8.3-1
 	NOTE: Upstream version 3.8.3 is fixed; may have been fixed earlier.
-CVE-2004-0054 (Multiple vulnerabilities in the H.323 protocol implementation for ...)
+CVE-2004-0054
 	NOT-FOR-US: Cisco
-CVE-2004-0053 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2004-0053
 	NOT-FOR-US: Multiple security gateways MIME parsing stuff
-CVE-2004-0052 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2004-0052
 	NOT-FOR-US: Multiple security gateways MIME parsing stuff
-CVE-2004-0051 (Multiple content security gateway and antivirus products allow remote ...)
+CVE-2004-0051
 	NOT-FOR-US: Multiple security gateways MIME parsing stuff
-CVE-2004-0050 (Verity Ultraseek before 5.2.2 allows remote attackers to obtain the ...)
+CVE-2004-0050
 	NOT-FOR-US: Verity Ultraseek
 CVE-2004-0048
 	RESERVED
-CVE-2004-0047 (Multiple programs in trr19 1.0 do not properly drop privileges before ...)
+CVE-2004-0047
 	{DSA-430}
 	- trr19 1.0beta5-17.1 (bug #264702)
-CVE-2004-0046 (Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows ...)
+CVE-2004-0046
 	NOT-FOR-US: SnapStream PVS LITE
-CVE-2004-0043 (Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier ...)
+CVE-2004-0043
 	NOT-FOR-US: Yahoo Instant Messenger
-CVE-2004-0042 (vsftpd 1.1.3 generates different error messages depending on whether ...)
+CVE-2004-0042
 	- vsftpd 2.0.1-1
 	NOTE: can't find any mention of the bug being fixed, but vsftpd doesn't
 	NOTE: show the beaviour described in http://www.securitytracker.com/alerts/2004/Jan/1008628.html
-CVE-2004-0041 (The mod_auth_shadow module 1.4 and earlier does not properly enforce ...)
+CVE-2004-0041
 	{DSA-421}
 	- mod-auth-shadow 1.4-1
-CVE-2004-0039 (Multiple format string vulnerabilities in HTTP Application ...)
+CVE-2004-0039
 	NOT-FOR-US: Check Point Firewall
-CVE-2004-0038 (McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 ...)
+CVE-2004-0038
 	NOT-FOR-US: McAfee
-CVE-2004-0037 (FirstClass Desktop Client 7.1 allows remote attackers to execute ...)
+CVE-2004-0037
 	NOT-FOR-US: FistClass Desktop Client
-CVE-2004-0034 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 ...)
+CVE-2004-0034
 	NOT-FOR-US: Phorum
-CVE-2004-0030 (PHP remote file inclusion vulnerability in (1) functions.php, (2) ...)
+CVE-2004-0030
 	NOT-FOR-US: PHPGEDVIEW
-CVE-2004-0029 (Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration ...)
+CVE-2004-0029
 	NOT-FOR-US: Lotus Notes Domino
 CVE-2004-0027
 	RESERVED
@@ -6045,203 +6045,203 @@ CVE-2004-0019
 	RESERVED
 CVE-2004-0018
 	RESERVED
-CVE-2004-0017 (Multiple SQL injection vulnerabilities in the (1) calendar and (2) ...)
+CVE-2004-0017
 	{DSA-419}
 	- phpgroupware 0.9.14.007-4
-CVE-2004-0014 (Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier ...)
+CVE-2004-0014
 	{DSA-412}
 	- nd 0.8.2-1
 CVE-2004-0012
 	REJECTED
-CVE-2004-0010 (Stack-based buffer overflow in the ncp_lookup function for ncpfs in ...)
+CVE-2004-0010
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.25-pre7)
-CVE-2004-0008 (Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before ...)
+CVE-2004-0008
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0007 (Buffer overflow in the Extract Info Field Function for (1) MSN and (2) ...)
+CVE-2004-0007
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0006 (Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic ...)
+CVE-2004-0006
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0005 (Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause ...)
+CVE-2004-0005
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0003 (Unknown vulnerability in Linux kernel before 2.4.22 allows local users ...)
+CVE-2004-0003
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-rc4)
-CVE-2004-0002 (The TCP MSS (maximum segment size) functionality in netinet allows ...)
+CVE-2004-0002
 	NOT-FOR-US: FreeBSD netinet
-CVE-2004-0356 (Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro ...)
+CVE-2004-0356
 	NOT-FOR-US: windows mta
-CVE-2004-0347 (Cross-site scripting (XSS) vulnerability in delhomepage.cgi in ...)
+CVE-2004-0347
 	NOT-FOR-US: juniper router
-CVE-2004-0336 (LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive ...)
+CVE-2004-0336
 	NOT-FOR-US: windows mta
-CVE-2004-0320 (Unknown vulnerability in nCipher Hardware Security Modules (HSM) ...)
+CVE-2004-0320
 	NOT-FOR-US: ncipher hardware
-CVE-2004-0309 (Stack-based buffer overflow in the SMTP service support in vsmon.exe ...)
+CVE-2004-0309
 	NOT-FOR-US: windows firewall
-CVE-2004-0307 (Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 ...)
+CVE-2004-0307
 	NOT-FOR-US: cisco
-CVE-2004-0306 (Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD ...)
+CVE-2004-0306
 	NOT-FOR-US: cisco
-CVE-2004-0297 (Buffer overflow in the Lightweight Directory Access Protocol (LDAP) ...)
+CVE-2004-0297
 	NOT-FOR-US: windows mta
-CVE-2004-0276 (The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and ...)
+CVE-2004-0276
 	NOT-FOR-US: monkeyd, not in debian
-CVE-2004-0274 (Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can ...)
+CVE-2004-0274
 	- eggdrop 1.6.17
-CVE-2004-0273 (Directory traversal vulnerability in RealOne Player, RealOne Player ...)
+CVE-2004-0273
 	NOT-FOR-US: realone player
-CVE-2004-0270 (libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a ...)
+CVE-2004-0270
 	- clamav 0.80
-CVE-2004-0263 (PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global ...)
+CVE-2004-0263
 	- php4 4.3.9
-CVE-2004-0261 (oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to ...)
+CVE-2004-0261
 	NOT-FOR-US: openjournal, not in debian
-CVE-2004-0257 (OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a ...)
+CVE-2004-0257
 	NOT-FOR-US: open/netbsd
-CVE-2004-0256 (GNU libtool before 1.5.2, during compile time, allows local users to ...)
+CVE-2004-0256
 	- libtool 1.5.6
-CVE-2004-0194 (Stack-based buffer overflow in the OutputDebugString function for ...)
+CVE-2004-0194
 	NOT-FOR-US: acroread
-CVE-2004-0193 (Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), ...)
+CVE-2004-0193
 	NOT-FOR-US: realsecure/blackice
-CVE-2004-0191 (Mozilla before 1.4.2 executes Javascript events in the context of a ...)
+CVE-2004-0191
 	- mozilla 2:1.7.3
-CVE-2004-0190 (Symantec FireWall/VPN Appliance model 200 records a cleartext ...)
+CVE-2004-0190
 	NOT-FOR-US: symantec
-CVE-2004-0189 (The &quot;%xx&quot; URL decoding function in Squid 2.5STABLE4 and earlier allows ...)
+CVE-2004-0189
 	{DSA-474}
 	- squid 2.5.5-1
-CVE-2004-0188 (Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local ...)
+CVE-2004-0188
 	{DSA-461}
 	- calife 2.8.6-1 (bug #235157)
-CVE-2004-0186 (smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, ...)
+CVE-2004-0186
 	{DSA-463}
 	- samba 3.0.2-2
-CVE-2004-0185 (Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp ...)
+CVE-2004-0185
 	{DSA-457}
 	- wu-ftpd 2.6.2-17.1
-CVE-2004-0173 (Directory traversal vulnerability in Apache 1.3.29 and earlier, and ...)
+CVE-2004-0173
 	NOT-FOR-US: apache/cygwin
-CVE-2004-0171 (FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote ...)
+CVE-2004-0171
 	NOT-FOR-US: freebsd/os x
-CVE-2004-0169 (QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote ...)
+CVE-2004-0169
 	NOT-FOR-US: os x
-CVE-2004-0167 (DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly ...)
+CVE-2004-0167
 	NOT-FOR-US: os x
-CVE-2004-0165 (Format string vulnerability in Point-to-Point Protocol (PPP) daemon ...)
+CVE-2004-0165
 	NOT-FOR-US: os x
-CVE-2004-0160 (Synaesthesia 2.2 and earlier allows local users to execute arbitrary ...)
+CVE-2004-0160
 	{DSA-446}
 	- synaesthesia 2.1-3
 	NOTE: synaesthesia is no longer setuid in Debian.
-CVE-2004-0159 (Format string vulnerability in hsftp 1.11 allows remote authenticated ...)
+CVE-2004-0159
 	{DSA-447}
 	- hsftp 1.15-1
-CVE-2004-0150 (Buffer overflow in the getaddrinfo function in Python 2.2 before ...)
+CVE-2004-0150
 	{DSA-458-3}
 	- python2.2 2.2.2
-CVE-2004-0148 (wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, ...)
+CVE-2004-0148
 	{DSA-457}
 	- wu-ftpd 2.6.2-17.1
-CVE-2004-0131 (The rad_print_request function in logger.c for GNU Radius daemon ...)
+CVE-2004-0131
 	NOT-FOR-US: gnu radiusd, not in debian
-CVE-2004-0129 (Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 ...)
+CVE-2004-0129
 	- phpmyadmin 2:2.6.0-pl2
-CVE-2004-0128 (PHP remote file inclusion vulnerability in the GEDCOM configuration ...)
+CVE-2004-0128
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0126 (The jail_attach system call in FreeBSD 5.1 and 5.2 changes the ...)
+CVE-2004-0126
 	NOT-FOR-US: freebsd
-CVE-2004-0122 (Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain ...)
+CVE-2004-0122
 	NOT-FOR-US: microsoft
-CVE-2004-0121 (Argument injection vulnerability in Microsoft Outlook 2002 does not ...)
+CVE-2004-0121
 	NOT-FOR-US: microsoft
-CVE-2004-0115 (VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 ...)
+CVE-2004-0115
 	NOT-FOR-US: microsoft
-CVE-2004-0114 (The shmat system call in the System V Shared Memory interface for ...)
+CVE-2004-0114
 	NOT-FOR-US: bsd
-CVE-2004-0113 (Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 ...)
+CVE-2004-0113
 	- apache2 2.0.52
-CVE-2004-0111 (gdk-pixbuf before 0.20 allows attackers to cause a denial of service ...)
+CVE-2004-0111
 	{DSA-464}
 	- gdk-pixbuf 0.22.0-3
-CVE-2004-0108 (The isag utility, which processes sysstat data, allows local users to ...)
+CVE-2004-0108
 	{DSA-460}
 	- sysstat 5.0.2-1
-CVE-2004-0099 (mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when ...)
+CVE-2004-0099
 	NOT-FOR-US: freebsd
-CVE-2004-0096 (Unknown vulnerability in mod_python 2.7.9 allows remote attackers to ...)
+CVE-2004-0096
 	- libapache-mod-python 2:2.7.10
-CVE-2004-0095 (McAfee ePolicy Orchestrator agent allows remote attackers to cause a ...)
+CVE-2004-0095
 	NOT-FOR-US: mcafee
-CVE-2004-0094 (Integer signedness errors in XFree86 4.1.0 allow remote attackers to ...)
+CVE-2004-0094
 	{DSA-443}
 	- xfree86 4.2.1-6
-CVE-2004-0093 (XFree86 4.1.0 allows remote attackers to cause a denial of service and ...)
+CVE-2004-0093
 	{DSA-443}
 	- xfree86 4.2.1-6
-CVE-2004-0089 (Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x ...)
+CVE-2004-0089
 	NOT-FOR-US: os x
-CVE-2004-0082 (The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and ...)
+CVE-2004-0082
 	- samba 3.0.7
-CVE-2004-0080 (The login program in util-linux 2.11 and earlier uses a pointer after ...)
+CVE-2004-0080
 	NOT-FOR-US: debian uses different login
-CVE-2004-0078 (Buffer overflow in the index menu code (menu_pad_string of menu.c) for ...)
+CVE-2004-0078
 	- mutt 1.5.6-20040722+1
-CVE-2004-0077 (The do_mremap function for the mremap system call in Linux 2.2 to ...)
+CVE-2004-0077
 	{DSA-514 DSA-475 DSA-470 DSA-466 DSA-456 DSA-454 DSA-453 DSA-450 DSA-444 DSA-442 DSA-441 DSA-440 DSA-439 DSA-438}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.26-pre3)
 	- kernel-source-2.2.20 <removed>
-CVE-2004-0075 (The Vicam USB driver in Linux before 2.4.25 does not use the ...)
+CVE-2004-0075
 	- kernel-source-2.4.24 2.4.24-3
 	NOTE: fixed in 2.4.26-pre3
-CVE-2004-0070 (PHP remote file inclusion vulnerability in module.php for ezContents ...)
+CVE-2004-0070
 	NOT-FOR-US: ezcontents, commercial
-CVE-2004-0068 (PHP remote file inclusion vulnerability in config.php for PhpDig 1.6.5 ...)
+CVE-2004-0068
 	NOT-FOR-US: phpdig, not in debian
-CVE-2004-0063 (The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, ...)
+CVE-2004-0063
 	NOT-FOR-US: ncipher hsm
-CVE-2004-0049 (Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote ...)
+CVE-2004-0049
 	NOT-FOR-US: real helix
-CVE-2004-0045 (Buffer overflow in the ARTpost function in art.c in the control ...)
+CVE-2004-0045
 	- inn2 2.4.1+20040820
 	[woody] - inn2 <not-affected>
-CVE-2004-0044 (Cisco Personal Assistant 1.4(1) and 1.4(2) disables password ...)
+CVE-2004-0044
 	NOT-FOR-US: cisco
-CVE-2004-0040 (Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through ...)
+CVE-2004-0040
 	NOT-FOR-US: checkpoint
-CVE-2004-0036 (SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x ...)
+CVE-2004-0036
 	NOT-FOR-US: vbulletin, commercial
-CVE-2004-0035 (SQL injection vulnerability in register.php for Phorum 3.4.5 and ...)
+CVE-2004-0035
 	NOT-FOR-US: phorum, not in debian
-CVE-2004-0033 (admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain ...)
+CVE-2004-0033
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0032 (Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW ...)
+CVE-2004-0032
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0031 (PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and ...)
+CVE-2004-0031
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0028 (jitterbug 1.6.2 does not properly sanitize inputs, which allows remote ...)
+CVE-2004-0028
 	{DSA-420}
 	- jitterbug 1.6.2-4.5
-CVE-2004-0016 (The calendar module for phpgroupware 0.9.14 does not enforce the &quot;save ...)
+CVE-2004-0016
 	{DSA-419}
 	- phpgroupware 0.9.14.007-4
-CVE-2004-0015 (vbox3 0.1.8 and earlier does not properly drop privileges before ...)
+CVE-2004-0015
 	{DSA-418}
 	- vbox3 0.1.8
-CVE-2004-0013 (jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly ...)
+CVE-2004-0013
 	{DSA-414}
 	- jabber 1.4.3-1
-CVE-2004-0011 (Buffer overflow in fsp before 2.81.b18 allows remote users to execute ...)
+CVE-2004-0011
 	{DSA-416}
 	- fsp 2.81.b18-1
-CVE-2004-0009 (Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 ...)
+CVE-2004-0009
 	- apache-ssl 1.3.31
-CVE-2004-0004 (The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 ...)
+CVE-2004-0004
 	NOT-FOR-US: openca, not in debian
-CVE-2004-0001 (Unknown vulnerability in the eflags checking in the 32-bit ptrace ...)
+CVE-2004-0001
 	- kernel-image-2.6.8-9-amd64-generic <unfixed>
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index fa7b91d6a2..f7539708eb 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,4 +1,4 @@
-CVE-2005-4900 (SHA-1 is not collision resistant, which makes it easier for ...)
+CVE-2005-4900
 	NOT-FOR-US: Generic protocol issue
 CVE-2005-4899
 	RESERVED
@@ -11,7 +11,7 @@ CVE-2005-4896
 CVE-2005-XXXX [more related to CVE-2005-4890]
 	- shadow <unfixed> (unimportant; bug #628843)
 	NOTE: only affects the su executable, so if you use sudo you're not affected
-CVE-2005-4895 (Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools ...)
+CVE-2005-4895
 	- google-perftools 0.7-1
 CVE-2005-4894
 	RESERVED
@@ -29,256 +29,256 @@ CVE-2005-4890 [login: tty hijacking possible in "su" via TIOCSTI ioctl]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008
 	- sudo 1.7.4p4 (low; bug #657784)
 	NOTE: sudo might be fixed earlier, use_pty present in stable
-CVE-2005-4889 (lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of ...)
+CVE-2005-4889
 	- rpm 4.7.0-1 (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2005-4888 (NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows ...)
+CVE-2005-4888
 	NOT-FOR-US: Novell NetWare
-CVE-2005-4887 (NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 ...)
+CVE-2005-4887
 	NOT-FOR-US: Novell NetWare
-CVE-2005-4886 (The selinux_parse_skb_ipv6 function in security/selinux/hooks.c in the ...)
+CVE-2005-4886
 	- linux-2.6 2.6.12-1
 	- linux-2.6.24 <not-affected> (fixed before 2.6.24)
-CVE-2005-4885 (Unspecified vulnerability on certain Sun StorEdge 6130 (SE6130) ...)
+CVE-2005-4885
 	NOT-FOR-US: Sun StorEdge 6130
-CVE-2005-4884 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2005-4884
 	NOT-FOR-US: Oracle Database Server
-CVE-2005-4883 (Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote ...)
+CVE-2005-4883
 	NOT-FOR-US: Tftpd32
-CVE-2005-4882 (tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse ...)
+CVE-2005-4882
 	NOT-FOR-US: Tftpd32
-CVE-2005-4881 (The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and ...)
+CVE-2005-4881
 	- linux-2.6 2.6.13-1 (low)
 	- linux-2.6.24 <not-affected> (fixed prior to first upload of 2.6.24)
-CVE-2005-4880 (Jax Guestbook 3.1 and 3.31 stores sensitive information under the web ...)
+CVE-2005-4880
 	NOT-FOR-US: Jax Guestbook
-CVE-2005-4879 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-4879
 	NOT-FOR-US: Jax Guestbook
-CVE-2005-4878 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2005-4878
 	- acidbase 1.2.1-1
-CVE-2005-4877 (Cross-site scripting (XSS) vulnerability in the login form (login.jsp) ...)
+CVE-2005-4877
 	NOT-FOR-US: Openfire
-CVE-2005-4876 (Cross-site scripting (XSS) vulnerability in the login form (login.jsp) ...)
+CVE-2005-4876
 	NOT-FOR-US: Openfire
-CVE-2005-4875 (TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2005-4875
 	- typo3-src 4.0.2-1
-CVE-2005-4874 (The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE ...)
+CVE-2005-4874
 	- iceweasel <not-affected> (old version and CVE)
-CVE-2005-4873 (Multiple stack-based buffer overflows in the phpcups PHP module for ...)
+CVE-2005-4873
 	- cups 1.1.23-10sarge1
 	- cupsys 1.1.23-10sarge1
-CVE-2005-4872 (Perl-Compatible Regular Expression (PCRE) library before 6.2 does not ...)
+CVE-2005-4872
 	- pcre3 6.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
-CVE-2005-4871 (Certain XML functions in IBM DB2 8.1 run with the privileges of DB2 ...)
+CVE-2005-4871
 	NOT-FOR-US: IBM DB2
-CVE-2005-4870 (Stack-based buffer overflows in the (1) xmlvarcharfromfile, (2) ...)
+CVE-2005-4870
 	NOT-FOR-US: IBM DB2
-CVE-2005-4869 (The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local ...)
+CVE-2005-4869
 	NOT-FOR-US: IBM DB2
-CVE-2005-4868 (Shared memory sections and events in IBM DB2 8.1 have default ...)
+CVE-2005-4868
 	NOT-FOR-US: IBM DB2
-CVE-2005-4867 (Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, ...)
+CVE-2005-4867
 	NOT-FOR-US: IBM DB2
-CVE-2005-4866 (Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 ...)
+CVE-2005-4866
 	NOT-FOR-US: IBM DB2
-CVE-2005-4865 (Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows ...)
+CVE-2005-4865
 	NOT-FOR-US: IBM DB2
-CVE-2005-4864 (Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows ...)
+CVE-2005-4864
 	NOT-FOR-US: IBM DB2
-CVE-2005-4863 (Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows ...)
+CVE-2005-4863
 	NOT-FOR-US: IBM DB2
-CVE-2005-4862 (The search functionality in XWiki 0.9.793 indexes cleartext user ...)
+CVE-2005-4862
 	NOT-FOR-US: Xwiki
-CVE-2005-4861 (functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows ...)
+CVE-2005-4861
 	NOT-FOR-US: Ragnarok
-CVE-2005-4860 (Spectrum Cash Receipting System before 6.504 uses weak cryptography ...)
+CVE-2005-4860
 	NOT-FOR-US: Spectrum Cash Receipting System
-CVE-2005-4859 (mimicboard2 (Mimic2) 086 and earlier stores sensitive information ...)
+CVE-2005-4859
 	NOT-FOR-US: mimicboard2
-CVE-2005-4858 (Multiple cross-site scripting (XSS) vulnerabilities in mimic2.cgi in ...)
+CVE-2005-4858
 	NOT-FOR-US: mimicboard2
-CVE-2005-4857 (eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and ...)
+CVE-2005-4857
 	- ezpublish <removed>
-CVE-2005-4856 (The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, ...)
+CVE-2005-4856
 	- ezpublish <removed>
-CVE-2005-4855 (Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, ...)
+CVE-2005-4855
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4854 (eZ publish 3.5 through 3.7 before 20050830 does not use a folder's ...)
+CVE-2005-4854
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4853 (The default configuration of the forum package in eZ publish 3.5 ...)
+CVE-2005-4853
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4852 (The siteaccess URIMatching implementation in eZ publish 3.5 through ...)
+CVE-2005-4852
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4851 (eZ publish 3.4.4 through 3.7 before 20050722 applies certain ...)
+CVE-2005-4851
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4850 (eZ publish 3.5 through 3.7 before 20050608 requires both edit and ...)
+CVE-2005-4850
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4849 (Apache Derby before 10.1.2.1 exposes the (1) user and (2) password ...)
+CVE-2005-4849
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: http://issues.apache.org/jira/browse/DERBY-530
 	NOTE: http://issues.apache.org/jira/browse/DERBY-559
-CVE-2005-4848 (Buffer overflow in the decompression algorithm in Research in Motion ...)
+CVE-2005-4848
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2005-4847 (Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack ...)
+CVE-2005-4847
 	NOT-FOR-US: Spey
-CVE-2005-4846 (Format string vulnerability in Logger.cc for Spey 0.3.3 allows ...)
+CVE-2005-4846
 	NOT-FOR-US: Spey
-CVE-2005-4845 (The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and ...)
+CVE-2005-4845
 	NOT-FOR-US: Sun Java on Microsoft Windows
-CVE-2005-4844 (The CLSID_ApprenticeICW control allows remote attackers to cause a ...)
+CVE-2005-4844
 	NOT-FOR-US: Microsoft
-CVE-2005-4843 (The SmartConnect Class control allows remote attackers to cause a ...)
+CVE-2005-4843
 	NOT-FOR-US: Microsoft
-CVE-2005-4842 (The System Monitor Source Properties control allows remote attackers ...)
+CVE-2005-4842
 	NOT-FOR-US: Microsoft
-CVE-2005-4841 (The Outlook Progress Ctl control allows remote attackers to cause a ...)
+CVE-2005-4841
 	NOT-FOR-US: Microsoft
-CVE-2005-4840 (The Outlook Express Address Book control, when using Internet Explorer ...)
+CVE-2005-4840
 	NOT-FOR-US: Microsoft
-CVE-2005-4839 (PureTLS before 0.9b5 does not clear optional Extensions and ...)
+CVE-2005-4839
 	NOT-FOR-US: PureTLS
-CVE-2005-4838 (Multiple cross-site scripting (XSS) vulnerabilities in the example web ...)
+CVE-2005-4838
 	- tomcat5.5 5.5.15-1 (low)
-CVE-2005-4837 (snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before ...)
+CVE-2005-4837
 	- net-snmp 5.2.2-1 (medium)
-CVE-2005-4836 (The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not ...)
+CVE-2005-4836
 	[sarge] - tomcat4 <no-dsa> (affects deprecated HTTP/1.1 connector only)
-CVE-2005-4835 (The ath_rate_sample function in the ath_rate/sample/sample.c sample ...)
+CVE-2005-4835
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2005-4834 (IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows ...)
+CVE-2005-4834
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2005-4833 (IBM WebSphere Application Server (WAS) 6.0 before 20050201, when ...)
+CVE-2005-4833
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2005-4832 (SQL injection vulnerability in the Oracle Database Server 10g allows ...)
+CVE-2005-4832
 	NOT-FOR-US: Oracle Database Server
-CVE-2005-4831 (viewcvs in ViewCVS 0.9.2 allows remote attackers to set the ...)
+CVE-2005-4831
 	- viewvc 0.9.4+svn20060318-1 (low)
-CVE-2005-4830 (CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote ...)
+CVE-2005-4830
 	- viewvc 0.9.4+svn20060318-1 (low)
 	NOTE: referring to http://www.securityfocus.com/archive/1/461427/100/0/threaded this
 	NOTE: has been fixed in cvs for 0.9.3
-CVE-2005-4829 (VirtueMart before 1.0.1 does not properly handle errors when a user is ...)
+CVE-2005-4829
 	NOT-FOR-US: VirtueMart
-CVE-2005-4828 (Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large ...)
+CVE-2005-4828
 	- kolabd <not-affected> (Only vulnerable in 2.0-2.1; not packaged Debian)
-CVE-2005-4827 (Internet Explorer 6.0, and possibly other versions, allows remote ...)
+CVE-2005-4827
 	NOT-FOR-US: Microsoft
-CVE-2005-4826 (Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature ...)
+CVE-2005-4826
 	NOT-FOR-US: Cisco
-CVE-2005-4825 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager ...)
+CVE-2005-4825
 	NOT-FOR-US: Cisco
-CVE-2005-4824 (PHP remote file inclusion vulnerability in web/classes.php in ...)
+CVE-2005-4824
 	NOT-FOR-US: siteframe
-CVE-2005-4823 (Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP ...)
+CVE-2005-4823
 	NOT-FOR-US: HP
-CVE-2005-4822 (SQL injection vulnerability in projects/project-edit.asp in Digger ...)
+CVE-2005-4822
 	NOT-FOR-US: Digger Solutions Intranet Open Source (IOS)
-CVE-2005-4821 (Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 ...)
+CVE-2005-4821
 	NOT-FOR-US: Land Down Under
-CVE-2005-4820 (SMC Wireless Router model SMC7904WBRA allows remote attackers to cause ...)
+CVE-2005-4820
 	NOT-FOR-US: SMC
-CVE-2005-4819 (Cross-site scripting (XSS) vulnerability in Lotus Domino versions ...)
+CVE-2005-4819
 	NOT-FOR-US: Lotus Domino
-CVE-2005-4818 (Multiple SQL injection vulnerabilities in Copernicus Europa allow ...)
+CVE-2005-4818
 	NOT-FOR-US: Copernicus Europa
-CVE-2005-4817 (Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) ...)
+CVE-2005-4817
 	- tmsnc 0.2.5-1
-CVE-2005-4816 (Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote ...)
+CVE-2005-4816
 	{DSA-1245-1}
 	- proftpd-dfsg 1.2.10+1.3.0rc5-1 (bug #404751; medium)
-CVE-2005-4815 (SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before ...)
+CVE-2005-4815
 	NOT-FOR-US: SAP
-CVE-2005-4814 (Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when ...)
+CVE-2005-4814
 	NOT-FOR-US: Segue CMS
-CVE-2005-4813 (Unspecified vulnerability in Report Application Server ...)
+CVE-2005-4813
 	NOT-FOR-US: Business Objects Crystal Reports
-CVE-2005-4812 (The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, ...)
+CVE-2005-4812
 	NOT-FOR-US: SISCO OSI stack for Windows
-CVE-2005-4811 (The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and ...)
+CVE-2005-4811
 	{DSA-1304}
 	- linux-2.6 2.6.14
-CVE-2005-4810 (Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote ...)
+CVE-2005-4810
 	NOT-FOR-US: Microsoft
-CVE-2005-4809 (Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla ...)
+CVE-2005-4809
 	- mozilla <removed> (low)
 	- firefox <not-affected> (at least 1.5.0.6 is not vulnerable)
 	- xulrunner <not-affected>
 	[sarge] - mozilla <no-dsa> (Conceptual problem, not fixable in a backport)
-CVE-2005-4808 (Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) ...)
+CVE-2005-4808
 	- binutils 2.17-1 (low)
 	[sarge] - binutils <no-dsa> (Only a security-problems in far-fetched configurations)
-CVE-2005-4807 (Stack-based buffer overflow in the as_bad function in messages.c in ...)
+CVE-2005-4807
 	- binutils 2.17-1 (low)
 	[sarge] - binutils <no-dsa> (Only a security-problems in far-fetched configurations)
-CVE-2005-2468 (Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and ...)
+CVE-2005-2468
 	NOT-FOR-US: MySQL Eventum
-CVE-2005-2467 (Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum ...)
+CVE-2005-2467
 	NOT-FOR-US: MySQL Eventum
-CVE-2005-2466 (Multiple SQL injection vulnerabilities in the auth_user function in ...)
+CVE-2005-2466
 	NOT-FOR-US: OpenBook
-CVE-2005-2465 (Cross-site scripting (XSS) vulnerability in pm.php in PCXP/TOPPE CMS ...)
+CVE-2005-2465
 	NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS
-CVE-2005-2464 (login.php in PCXP/TOPPE CMS allows remote attackers to bypass ...)
+CVE-2005-2464
 	NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS
-CVE-2005-2463 (Kayako liveResponse 2.x allows remote attackers to obtain sensitive ...)
+CVE-2005-2463
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-2462 (Kayako liveResponse 2.x, when logging in a user, records the password ...)
+CVE-2005-2462
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-2461 (Multiple SQL injection vulnerabilities in the calendar feature in ...)
+CVE-2005-2461
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-2460 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako ...)
+CVE-2005-2460
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-4806 (Multiple unspecified vulnerabilities in Sun Java System Web Proxy ...)
+CVE-2005-4806
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2005-4805 (Unspecified vulnerability in Sun Java System Application Server 7 ...)
+CVE-2005-4805
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-4804 (Unspecified vulnerability in Sun Java System Application Server ...)
+CVE-2005-4804
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-1755 (PHP remote file inclusion vulnerability in poll_vote.php in PHP Poll ...)
+CVE-2005-1755
 	NOT-FOR-US: PHP Poll Creator
-CVE-2005-1754 (** DISPUTED ** ...)
+CVE-2005-1754
 	NOT-FOR-US: JavaMail API
 	NOTE: vulnerable file not in Debian
-CVE-2005-1753 (** DISPUTED ** ...)
+CVE-2005-1753
 	NOT-FOR-US: JavaMail API
 	NOTE: vulnerable file not in Debian
-CVE-2005-1752 (viewFile.php in the scm component of Gforge before 4.0 allows remote ...)
+CVE-2005-1752
 	- gforge 3.1-30
 	NOTE: viewFile.php disabled in 3.1-30
-CVE-2005-4803 (graphviz before 2.2.1 allows local users to overwrite arbitrary files ...)
+CVE-2005-4803
 	{DSA-857-1}
 	- graphviz 2.2.1-1sarge1 (bug #336985; low)
-CVE-2005-4802 (Flexbackup 1.2.1 and earlier allows local users to overwrite files and ...)
+CVE-2005-4802
 	{DSA-1216}
 	- flexbackup 1.2.1-3 (bug #334350; low)
-CVE-2005-4801 (Multiple cross-site request forgery (CSRF) vulnerabilities in Yet ...)
+CVE-2005-4801
 	NOT-FOR-US: YaPIG
-CVE-2005-4800 (Direct static code injection vulnerability in Yet Another PHP Image ...)
+CVE-2005-4800
 	NOT-FOR-US: YaPIG
-CVE-2005-4799 (Multiple cross-site scripting (XSS) vulnerabilities in Yet Another PHP ...)
+CVE-2005-4799
 	NOT-FOR-US: YaPIG
-CVE-2005-4798 (Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to ...)
+CVE-2005-4798
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 <not-affected>
-CVE-2005-4797 (Directory traversal vulnerability in printd line printer daemon (lpd) ...)
+CVE-2005-4797
 	NOT-FOR-US: Solaris
-CVE-2005-4796 (Unspecified vulnerability in the XView library (libxview.so) in ...)
+CVE-2005-4796
 	- xview <not-affected> (xview on Solaris)
 	NOTE: Is only relevant for suid binaries, but xview is not really suitable for
 	NOTE: those anyway. Exact information is not available, but a similar problem
 	NOTE: is already fixed in the Debian package.
-CVE-2005-4795 (Unspecified vulnerability in the multi-language environment library ...)
+CVE-2005-4795
 	NOT-FOR-US: Solaris
-CVE-2005-4794 (Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and ...)
+CVE-2005-4794
 	NOT-FOR-US: Cisco
-CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in ...)
+CVE-2005-4793
 	NOT-FOR-US: Hitachi
-CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...)
+CVE-2005-4792
 	NOT-FOR-US: phpWebSite
-CVE-2005-4791 (Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 ...)
+CVE-2005-4791
 	{DTSA-107-1}
 	- beagle 0.2.13-1 (low)
 	[etch] - beagle <no-dsa> (Minor issue)
@@ -288,417 +288,417 @@ CVE-2005-4791 (Multiple untrusted search path vulnerabilities in SUSE Linux 10.0
 	- blam 1.8.4-1 (low)
 	[etch] - blam <no-dsa> (Minor issue)
 	NOTE: lintian bug filed: #451559
-CVE-2005-4790 (Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and ...)
+CVE-2005-4790
 	- tomboy 0.8.1-2 (low)
 	[etch] - tomboy <no-dsa> (Minor issue)
-CVE-2005-4789 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, ...)
+CVE-2005-4789
 	- resmgr <not-affected>
-CVE-2005-4788 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, ...)
+CVE-2005-4788
 	- resmgr <not-affected>
-CVE-2005-4787 (** DISPUTED ** ...)
+CVE-2005-4787
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2005-4786 (Buffer overflow in the archive decompression library (vrAZMain.dll ...)
+CVE-2005-4786
 	NOT-FOR-US: HAURI anti-virus
-CVE-2005-4785 (Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and ...)
+CVE-2005-4785
 	NOT-FOR-US: QuickBlogger
-CVE-2005-4784 (Multiple buffer overflows in the POSIX readdir_r function, as used in ...)
+CVE-2005-4784
 	NOTE: this does not affect linux
-CVE-2005-4783 (kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not ...)
+CVE-2005-4783
 	NOT-FOR-US: NetBSD
-CVE-2005-4782 (NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is ...)
+CVE-2005-4782
 	NOT-FOR-US: NetBSD
-CVE-2005-4781 (Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 ...)
+CVE-2005-4781
 	NOT-FOR-US: SergiD Top Music module
-CVE-2005-4780 (** DISPUTED ** ...)
+CVE-2005-4780
 	NOT-FOR-US: LightHouse CMS
-CVE-2005-4779 (verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with ...)
+CVE-2005-4779
 	NOT-FOR-US: NetBSD
-CVE-2005-4778 (The powersave daemon in SUSE Linux 10.0 before 20051007 has an ...)
+CVE-2005-4778
 	- powersave 0.12.7-1
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=119628&x=18&y=11&=Find
-CVE-2005-4777 (Tashcom ASPEdit 2.9 stores the administration password (aka the FTP ...)
+CVE-2005-4777
 	NOT-FOR-US: Tashcom ASPEdit
-CVE-2005-4776 (Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in ...)
+CVE-2005-4776
 	NOT-FOR-US: NetBSD
-CVE-2005-4775 (Michael Scholz and Sebastian Stein Contineo 2.0, when the admin ...)
+CVE-2005-4775
 	NOT-FOR-US: Contineo
-CVE-2005-4774 (Cross-site scripting (XSS) vulnerability in Xerver 4.17 allows remote ...)
+CVE-2005-4774
 	NOT-FOR-US: Xerver
-CVE-2005-4773 (The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and 2.5.x ...)
+CVE-2005-4773
 	NOT-FOR-US: VMware
-CVE-2005-4772 (liby2util in Yet another Setup Tool (YaST) in SUSE Linux before ...)
+CVE-2005-4772
 	NOT-FOR-US: YaST
-CVE-2005-4771 (Trusted Mobility Agent PC Policy in Trust Digital Trusted Mobility ...)
+CVE-2005-4771
 	NOT-FOR-US: Trusted Mobility Agent
-CVE-2005-4770 (SQL injection vulnerability in an unspecified Accelerated Enterprise ...)
+CVE-2005-4770
 	NOT-FOR-US: Accelerated E Solutions
-CVE-2005-4769 (SQL injection vulnerability in addrbook.php in Belchior Foundry vCard ...)
+CVE-2005-4769
 	NOT-FOR-US: Belchior Foundry vCard
-CVE-2005-4768 (SQL injection vulnerability in manage_account.php in Tux Racer TuxBank ...)
+CVE-2005-4768
 	NOT-FOR-US: Tux Racer TuxBank
-CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...)
+CVE-2005-4767
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)
+CVE-2005-4766
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4765 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 ...)
+CVE-2005-4765
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4764 (BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out ...)
+CVE-2005-4764
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4763 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 ...)
+CVE-2005-4763
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4762 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 ...)
+CVE-2005-4762
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4761 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 ...)
+CVE-2005-4761
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4760 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 ...)
+CVE-2005-4760
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4759 (BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a ...)
+CVE-2005-4759
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4758 (Unspecified vulnerability in the Administration server in BEA WebLogic ...)
+CVE-2005-4758
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4757 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 ...)
+CVE-2005-4757
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4756 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)
+CVE-2005-4756
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4755 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) ...)
+CVE-2005-4755
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4754 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow ...)
+CVE-2005-4754
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4753 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)
+CVE-2005-4753
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4752 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)
+CVE-2005-4752
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4751 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
+CVE-2005-4751
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4750 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 ...)
+CVE-2005-4750
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4749 (HTTP request smuggling vulnerability in BEA WebLogic Server and ...)
+CVE-2005-4749
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4748 (PHP remote file include vulnerability in functions_admin.php in ...)
+CVE-2005-4748
 	NOT-FOR-US: Virtual War
-CVE-2005-4747 (Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd ...)
+CVE-2005-4747
 	NOT-FOR-US: WebHost Automation Ltd Helm
-CVE-2005-4746 (Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote ...)
+CVE-2005-4746
 	{DSA-1145-1}
 	- freeradius 1.0.5-1
-CVE-2005-4745 (SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS ...)
+CVE-2005-4745
 	{DSA-1145-1}
 	- freeradius 1.0.5-1
-CVE-2005-4744 (Off-by-one error in the sql_error function in sql_unixodbc.c in ...)
+CVE-2005-4744
 	{DSA-1089-1}
 	- freeradius 1.0.5-1
-CVE-2005-4743 (Multiple SQL injection vulnerabilities in index.php in NeLogic Nephp ...)
+CVE-2005-4743
 	NOT-FOR-US: NeLogic Nephp Publisher
-CVE-2005-4742 (Unspecified vulnerability in Echelog 0.6.2 allows attackers to ...)
+CVE-2005-4742
 	NOT-FOR-US: Echelog
-CVE-2005-4741 (NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 ...)
+CVE-2005-4741
 	NOT-FOR-US: NetBSD
-CVE-2005-4740 (IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows ...)
+CVE-2005-4740
 	NOT-FOR-US: IBM DB2
-CVE-2005-4739 (IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 ...)
+CVE-2005-4739
 	NOT-FOR-US: IBM DB2
-CVE-2005-4738 (IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ...)
+CVE-2005-4738
 	NOT-FOR-US: IBM DB2
-CVE-2005-4737 (IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows ...)
+CVE-2005-4737
 	NOT-FOR-US: IBM DB2
-CVE-2005-4736 (IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote ...)
+CVE-2005-4736
 	NOT-FOR-US: IBM DB2
-CVE-2005-4735 (IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote ...)
+CVE-2005-4735
 	NOT-FOR-US: IBM DB2
-CVE-2005-4734 (Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication ...)
+CVE-2005-4734
 	NOT-FOR-US: RSA Authentication Agent for Web
-CVE-2005-4733 (NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow ...)
+CVE-2005-4733
 	NOT-FOR-US: NetBSD
-CVE-2005-4732 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2005-4732
 	NOT-FOR-US: TuxBank
 CVE-2005-XXXX [xsupplicant information leak]
 	- xsupplicant 1.0.1-5 (bug #317703; low)
-CVE-2005-4731 (The Next action in PEAR HTML_QuickForm_Controller 1.0.4 includes the ...)
+CVE-2005-4731
 	NOT-FOR-US: PEAR HTML_QuickForm_Controller
-CVE-2005-4730 (Unspecified vulnerability in PEAR Text_Password 1.0 has unknown impact ...)
+CVE-2005-4730
 	NOT-FOR-US: PEAR Text_Password
-CVE-2005-4729 (SQL injection vulnerability in show.php in VBZooM Forum allows remote ...)
+CVE-2005-4729
 	NOT-FOR-US: VBZooM
-CVE-2005-4728 (Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian ...)
+CVE-2005-4728
 	- amaya 9.4-1 (bug #341424)
 	[sarge] - amaya <not-affected> (The Sarge version doesn't have an rpath set)
-CVE-2005-4727 (Cross-site scripting (XSS) vulnerability in gbook.cgi in gBook before ...)
+CVE-2005-4727
 	NOT-FOR-US: gBook
-CVE-2005-4726 (MUTE 0.4 uses improper flood protection algorithms, which allows ...)
+CVE-2005-4726
 	NOT-FOR-US: MUTE
-CVE-2005-4725 (Geeklog before 1.3.11sr3 allows remote attackers to bypass intended ...)
+CVE-2005-4725
 	NOT-FOR-US: Geeklog
-CVE-2005-4724 (SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows ...)
+CVE-2005-4724
 	NOT-FOR-US: PhpTagCool
-CVE-2005-4723 (D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 ...)
+CVE-2005-4723
 	NOT-FOR-US: D-Link hardware
-CVE-2005-4722 (_Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to ...)
+CVE-2005-4722
 	NOT-FOR-US: tmsPUBLISHER
-CVE-2005-4721 (Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER ...)
+CVE-2005-4721
 	NOT-FOR-US: tmsPUBLISHER
-CVE-2005-4720 (Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to ...)
+CVE-2005-4720
 	{DSA-1044-1}
 	- mozilla-firefox 1.5.dfsg+1.5.0.2 (low)
 	- firefox 1.5.dfsg-1
-CVE-2005-4719 (Multiple SQL injection vulnerabilities in Sysbotz Systems Panel 1.0.6 ...)
+CVE-2005-4719
 	NOT-FOR-US: Sysbotz Systems Panel
-CVE-2005-4718 (Opera 8.02 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-4718
 	NOT-FOR-US: Opera
-CVE-2005-4717 (Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 ...)
+CVE-2005-4717
 	NOT-FOR-US: Microsoft
-CVE-2005-4716 (Hitachi TP1/Server Base and TP1/NET/Library 2 on IBM AIX allow remote ...)
+CVE-2005-4716
 	NOT-FOR-US: Hitachi TP1
-CVE-2005-4715 (Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, ...)
+CVE-2005-4715
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-4714 (Format string vulnerability in the vmps_log function in OpenVMPS (VLAN ...)
+CVE-2005-4714
 	NOT-FOR-US: OpenVMPS
-CVE-2005-4713 (Unspecified vulnerability in the SQL logging facility in PAM-MySQL ...)
+CVE-2005-4713
 	- pam-mysql 0.6.2-1 (bug #353589; low)
 	[sarge] - pam-mysql <not-affected> (Vulnerable code not present)
-CVE-2005-4712 (CRLF injection vulnerability in process_signup.php in PHP Handicapper ...)
+CVE-2005-4712
 	NOT-FOR-US: Handicapper
-CVE-2005-4711 (SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 ...)
+CVE-2005-4711
 	NOT-FOR-US: Land Down Under
-CVE-2005-4710 (Unspecified vulnerability in multiple Autodesk and AutoCAD products ...)
+CVE-2005-4710
 	NOT-FOR-US: AutoCAD
-CVE-2005-4709 (The popSubjectContext method in the SecurityAssociation class in JBoss ...)
+CVE-2005-4709
 	NOT-FOR-US: JBoss Enterprise Java Beans
-CVE-2005-4708 (Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute ...)
+CVE-2005-4708
 	NOT-FOR-US: Adobe Macromedia MX products (Captivate, Contribute and eLicensing client)
-CVE-2005-4707 (Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before ...)
+CVE-2005-4707
 	NOT-FOR-US: PHP GEN
-CVE-2005-4706 (Unspecified vulnerability in the &quot;privilege management&quot; feature of Sun ...)
+CVE-2005-4706
 	NOT-FOR-US: Solaris 10
-CVE-2005-4705 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through ...)
+CVE-2005-4705
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4704 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
+CVE-2005-4704
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4703 (Apache Tomcat 4.0.3, when running on Windows, allows remote attackers ...)
+CVE-2005-4703
 	NOT-FOR-US: Windows Tomcat vulnerability
-CVE-2005-4702 (SQL injection vulnerability in the favorites module in index.php in ...)
+CVE-2005-4702
 	NOT-FOR-US: IPBProArcade
-CVE-2005-4701 (Unspecified vulnerability in Process File System (procfs) in Sun ...)
+CVE-2005-4701
 	NOT-FOR-US: Solaris 10
-CVE-2005-4700 (TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) ...)
+CVE-2005-4700
 	NOT-FOR-US: TellMe
-CVE-2005-4699 (Argument injection vulnerability in TellMe 1.2 and earlier allows ...)
+CVE-2005-4699
 	NOT-FOR-US: TellMe
-CVE-2005-4698 (Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier ...)
+CVE-2005-4698
 	NOT-FOR-US: TellMe
-CVE-2005-4697 (The Microsoft Wireless Zero Configuration system (WZCS) allows local ...)
+CVE-2005-4697
 	NOT-FOR-US: Microsoft
-CVE-2005-4696 (The Microsoft Wireless Zero Configuration system (WZCS) stores WEP ...)
+CVE-2005-4696
 	NOT-FOR-US: Microsoft
-CVE-2005-4695 (Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers ...)
+CVE-2005-4695
 	NOT-FOR-US: Symantec Brightmail AntiSpam
-CVE-2005-4694 (Unspecified vulnerability in the www_add method in Asset.pm in Plain ...)
+CVE-2005-4694
 	NOT-FOR-US: WebGUI
-CVE-2005-4693 (Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to ...)
+CVE-2005-4693
 	- gaim-encryption 3.0~beta5-3 (low; bug #337127)
 	[sarge] - gaim-encryption <no-dsa> (Minor issue)
-CVE-2005-4692 (Unspecified vulnerability in mroovca stats (mroovcastats) before ...)
+CVE-2005-4692
 	NOT-FOR-US: mroovca
-CVE-2005-4691 (imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, ...)
+CVE-2005-4691
 	NOT-FOR-US: NetBSD
-CVE-2005-4690 (Six Apart Movable Type 3.16 allows local users with blog-creation ...)
+CVE-2005-4690
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2005-4689 (Six Apart Movable Type 3.16 stores account names and password hashes ...)
+CVE-2005-4689
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2005-4688 (PunBB 1.2.9 does not require password entry when changing the e-mail ...)
+CVE-2005-4688
 	NOT-FOR-US: PunBB
-CVE-2005-4687 (PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's ...)
+CVE-2005-4687
 	NOT-FOR-US: PunBB
-CVE-2005-4686 (PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes ...)
+CVE-2005-4686
 	NOT-FOR-US: PunBB
-CVE-2005-4685 (Firefox and Mozilla can associate a cookie with multiple domains when ...)
+CVE-2005-4685
 	NOTE: see CVE-2005-4684
 	- firefox <removed> (unimportant)
 	- iceweasel <removed> (unimportant)
 	- mozilla <removed> (unimportant)
 	[sarge] - mozilla <no-dsa> (Hardly exploitable)
 	- xulrunner <unfixed> (unimportant)
-CVE-2005-4684 (Konqueror can associate a cookie with multiple domains when the DNS ...)
+CVE-2005-4684
 	NOTE: http://www.redhat.com/archives/fedora-extras-commits/2006-August/msg01104.html says "ignore (kdebase) not fixed upstream, low, can't fix"
 	- kdebase <unfixed> (unimportant)
 	[sarge] - kdebase <no-dsa> (Hardly exploitable)
-CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents of ...)
+CVE-2005-4683
 	- migrationtools 46-2.1 (bug #338920; unimportant)
 	NOTE: The temp fix makes use of TMPDIR
-CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in AudienceView ...)
+CVE-2005-4682
 	NOT-FOR-US: AudienceView
-CVE-2005-4681 (** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 ...)
+CVE-2005-4681
 	NOT-FOR-US: mIRC
-CVE-2005-4680 (Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, ...)
+CVE-2005-4680
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2005-4679 (Internet Explorer 6 for Windows XP Service Pack 2 allows remote ...)
+CVE-2005-4679
 	NOT-FOR-US: Internet Explorer 6
-CVE-2005-4678 (Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the ...)
+CVE-2005-4678
 	NOT-FOR-US: Apple
-CVE-2005-4677 (SQL injection vulnerability in additional_images.php (aka the ...)
+CVE-2005-4677
 	NOT-FOR-US: osCommerce
-CVE-2005-4676 (Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null ...)
+CVE-2005-4676
 	- exiv2 0.9
-CVE-2005-4675 (Cross-site scripting (XSS) vulnerability in list.php in Complete PHP ...)
+CVE-2005-4675
 	NOT-FOR-US: Complete PHP Counter
-CVE-2005-4674 (Multiple SQL injection vulnerabilities in list.php in Complete PHP ...)
+CVE-2005-4674
 	NOT-FOR-US: Complete PHP Counter
-CVE-2005-4673 (ioFTPD 0.5.84 u responds with different messages depending on whether ...)
+CVE-2005-4673
 	NOT-FOR-US: ioFTPD
-CVE-2005-4672 (Cross-site scripting (XSS) vulnerability in image-editor-52/index.php ...)
+CVE-2005-4672
 	NOT-FOR-US: CityPost Simple Image-Editor
-CVE-2005-4671 (Cross-site scripting (XSS) vulnerability in simple-upload-53.php in ...)
+CVE-2005-4671
 	NOT-FOR-US: CityPost Simple PHP Upload
-CVE-2005-4670 (Cross-site scripting (XSS) vulnerability in message.php in CityPost ...)
+CVE-2005-4670
 	NOT-FOR-US: CityPost Simple PHP Upload
-CVE-2005-4669 (SQL injection vulnerability in RT Internet Solutions (RTIS) WebAdmin ...)
+CVE-2005-4669
 	NOT-FOR-US: RT Internet Solutions (RTIS) WebAdmin
-CVE-2005-4668 (The embedded HSQLDB in ParosProxy before 3.2.7, when running with JDK ...)
+CVE-2005-4668
 	NOT-FOR-US: ParoxProxy
-CVE-2005-4667 (Buffer overflow in UnZip 5.50 and earlier allows user-assisted ...)
+CVE-2005-4667
 	{DSA-1012-1}
 	- unzip 5.52-7 (low; bug #349794)
-CVE-2005-4666 (Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 ...)
+CVE-2005-4666
 	NOT-FOR-US: PHlyMail
-CVE-2005-4665 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier ...)
+CVE-2005-4665
 	NOT-FOR-US: PunBB
-CVE-2005-4664 (SQL injection vulnerability in OcoMon 1.21, and possibly other ...)
+CVE-2005-4664
 	NOT-FOR-US: OcoMon
-CVE-2005-4663 (Cross-site scripting (XSS) vulnerability in OcoMon 1.20, and possibly ...)
+CVE-2005-4663
 	NOT-FOR-US: OcoMon
-CVE-2005-4662 (Multiple SQL injection vulnerabilities in OcoMon 1.20, and possibly ...)
+CVE-2005-4662
 	NOT-FOR-US: OcoMon
-CVE-2005-4661 (The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail ...)
+CVE-2005-4661
 	NOT-FOR-US: Campsite
-CVE-2005-4660 (Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow ...)
+CVE-2005-4660
 	NOT-FOR-US: IPCop
-CVE-2005-4659 (IPCop (aka IPCop Firewall) before 1.4.10 has world-readable ...)
+CVE-2005-4659
 	NOT-FOR-US: IPCop
-CVE-2005-4658 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-4658
 	NOT-FOR-US: ASP-Programmers.com ASPKnowledgebase
-CVE-2005-4657 (Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass ...)
+CVE-2005-4657
 	NOT-FOR-US: Ocean12
-CVE-2005-4656 (SQL injection vulnerability in index.php in TClanPortal 1.1.3 and ...)
+CVE-2005-4656
 	NOT-FOR-US: TClanPortal
-CVE-2005-4655 (Cross-site scripting (XSS) vulnerability in submit.php in PHP-Fusion ...)
+CVE-2005-4655
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-4654 (Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) ...)
+CVE-2005-4654
 	NOT-FOR-US: Oracle
-CVE-2005-4653 (Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier ...)
+CVE-2005-4653
 	NOT-FOR-US: AL-Caricatier
-CVE-2005-4652 (SQL injection vulnerability in PHlyMail 3.02.01 allows remote ...)
+CVE-2005-4652
 	NOT-FOR-US: PHlyMail
-CVE-2005-4651 (SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 ...)
+CVE-2005-4651
 	NOT-FOR-US: AlstraSoft EPay Pro
-CVE-2005-4650 (Joomla! 1.03 does not restrict the number of &quot;Search&quot; Mambots, which ...)
+CVE-2005-4650
 	NOT-FOR-US: Joomla!
-CVE-2005-4649 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced ...)
+CVE-2005-4649
 	NOT-FOR-US: Advanced Guestbook
-CVE-2005-4648 (Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and ...)
+CVE-2005-4648
 	NOT-FOR-US: Illustrate dBpowerAMP Music Converter
-CVE-2005-4647 (Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4 ...)
+CVE-2005-4647
 	NOT-FOR-US: PEARLINGER Pearl Forums
-CVE-2005-4646 (Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 ...)
+CVE-2005-4646
 	NOT-FOR-US: PEARLINGER Pearl Forums
-CVE-2005-4645 (SQL injection vulnerability in index.php in 3CFR allows remote ...)
+CVE-2005-4645
 	NOT-FOR-US: 3CFR
-CVE-2005-4644 (Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in ...)
+CVE-2005-4644
 	{DSA-951-2}
 	- trac 0.9.3-1
 	[sarge] - trac 0.8.1-3sarge4 (medium)
-CVE-2005-4643 (SQL injection vulnerability in index.php in Antharia OnContent // CMS ...)
+CVE-2005-4643
 	NOT-FOR-US: Antharia OnContent
-CVE-2005-4642 (Multiple cross-site scripting (XSS) vulnerabilities in HydroBB 1.0.0 ...)
+CVE-2005-4642
 	NOT-FOR-US: HydroBB
-CVE-2005-4641 (SQL injection vulnerability in home.php in eazyCMS 2.0 allows remote ...)
+CVE-2005-4641
 	NOT-FOR-US: eazyCMS
-CVE-2005-4640 (SQL injection vulnerability in index.php in class-1 Poll Software 0.4 ...)
+CVE-2005-4640
 	NOT-FOR-US: class-1 Poll
-CVE-2005-4639 (Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST ...)
+CVE-2005-4639
 	- linux-2.6 2.6.15-1 (low)
-CVE-2005-4638 (index.php in Kayako SupportSuite 3.00.26 and earlier allow remote ...)
+CVE-2005-4638
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2005-4637 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2005-4637
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2005-4636 (OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, ...)
+CVE-2005-4636
 	- openoffice.org <unfixed> (unimportant)
 	NOTE: This is a non-issue IMO (neilm). OOo just launches a web browser.
 	NOTE: If the admin doesn't web browsing, why is one installed/enabled?
-CVE-2005-4635 (The nl_fib_input function in fib_frontend.c in the Linux kernel before ...)
+CVE-2005-4635
 	NOTE: Unclear, whether this is really exploitable, re-pinged Dann and Horms
-CVE-2005-4634 (SQL injection vulnerability in index.php in ActiveCampaign SupportTrio ...)
+CVE-2005-4634
 	NOT-FOR-US: ActiveCampaign SupportTrio
 CVE-2005-4633
 	REJECTED
-CVE-2005-4632 (SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and ...)
+CVE-2005-4632
 	NOT-FOR-US: Vote!Pro
-CVE-2005-4631 (SQL injection vulnerability in index.php in Zina 0.12.07 and earlier ...)
+CVE-2005-4631
 	NOT-FOR-US: Zina
-CVE-2005-4630 (SQL injection vulnerability in index.php in ClientExec 2.3 allows ...)
+CVE-2005-4630
 	NOT-FOR-US: ClientExec
-CVE-2005-4629 (SQL injection vulnerability in SMBCMS 2.1 allows remote attackers to ...)
+CVE-2005-4629
 	NOT-FOR-US: SMBCMS
-CVE-2005-4628 (SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and ...)
+CVE-2005-4628
 	NOT-FOR-US: HelpDeskPoint
-CVE-2005-4627 (Cross-site scripting (XSS) vulnerability in index.php in (1) GmailSite ...)
+CVE-2005-4627
 	NOT-FOR-US: GmailSite
-CVE-2005-4626 (The default configuration of Recruitment Software installs ...)
+CVE-2005-4626
 	NOT-FOR-US: Recruitment Software
-CVE-2005-4625 (Drivers for certain display adapters, including (1) an unspecified ATI ...)
+CVE-2005-4625
 	NOT-FOR-US: Strange Windows drivers
-CVE-2005-4624 (The m_join function in channel.c for PTnet ircd 1.5 and 1.6 allows ...)
+CVE-2005-4624
 	NOT-FOR-US: PTnet ircd
-CVE-2005-4623 (upload.exe in eFileGo 3.01 allows remote attackers to cause a denial ...)
+CVE-2005-4623
 	NOT-FOR-US: eFileGo
-CVE-2005-4622 (Directory traversal vulnerability in eFileGo 3.01 allows remote ...)
+CVE-2005-4622
 	NOT-FOR-US: eFileGo
-CVE-2005-4621 (Cross-site scripting (XSS) vulnerability in the editavatar page in ...)
+CVE-2005-4621
 	NOT-FOR-US: vBulletin
-CVE-2005-4620 (Buffer overflow in WinRAR 3.50 and earlier allows local users to ...)
+CVE-2005-4620
 	NOT-FOR-US: WinRAR
-CVE-2005-4619 (SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum ...)
+CVE-2005-4619
 	NOT-FOR-US: phpoutsourcing Zorum Forum
-CVE-2005-4618 (Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows ...)
+CVE-2005-4618
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.15-1
 CVE-2005-XXXX [World-readable config file with sensitive data in b2evolution]
 	- b2evolution 0.9.1b-4 (bug #344000)
-CVE-2005-4617 (SQL injection vulnerability in tickets.php in cSupport 1.0 and earlier ...)
+CVE-2005-4617
 	NOT-FOR-US: cSupport
-CVE-2005-4616 (SQL injection vulnerability in index.php in iSupport 1.06 allows ...)
+CVE-2005-4616
 	NOT-FOR-US: iSupport
-CVE-2005-4615 (SQL injection vulnerability in news.php in DapperDesk 3.0.1 and ...)
+CVE-2005-4615
 	NOT-FOR-US: DapperDesk
-CVE-2005-4614 (Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier ...)
+CVE-2005-4614
 	NOT-FOR-US: digiSHOP
-CVE-2005-4613 (Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows ...)
+CVE-2005-4613
 	NOT-FOR-US: VUBB alpha
-CVE-2005-4612 (Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote ...)
+CVE-2005-4612
 	NOT-FOR-US: VUBB alpha
-CVE-2005-4611 (SQL injection vulnerability in search.php in Free ClickBank 1.0 and ...)
+CVE-2005-4611
 	NOT-FOR-US: Free ClickBank
-CVE-2005-4610 (Format string vulnerability in the server for Dopewars before 1.5.12, ...)
+CVE-2005-4610
 	- dopewars <not-affected> (According to upstream Windows-specific)
-CVE-2005-4609 (index.php in BugPort 1.147 and earlier allows remote attackers to ...)
+CVE-2005-4609
 	NOT-FOR-US: BugPort
-CVE-2005-4608 (SQL injection vulnerability in index.php in BugPort 1.147 allows ...)
+CVE-2005-4608
 	NOT-FOR-US: BugPort
-CVE-2005-4607 (Cross-site scripting (XSS) vulnerability in index.php in BugPort 1.147 ...)
+CVE-2005-4607
 	NOT-FOR-US: BugPort
-CVE-2005-4606 (SQL injection vulnerability in check_user.asp in multiple Web Wiz ...)
+CVE-2005-4606
 	NOT-FOR-US: Web Wiz
-CVE-2005-4605 (The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions ...)
+CVE-2005-4605
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-1
 	- kernel-source-2.4.27 <not-affected> (2.4's proc_file_lseek contains a sanity check)
 CVE-2005-XXXX [xshisen follows symlinks for shared gid games files]
 	- xshisen 1.51-1-2 (bug #291613)
-CVE-2005-4604 (Buffer overflow in MTink in the printer-filters-utils package allows ...)
+CVE-2005-4604
 	- mtink <not-affected> (mtink not installed SUID root)
-CVE-2005-4603 (Cross-site scripting (XSS) vulnerability in printthread.php in MyBB ...)
+CVE-2005-4603
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4602 (SQL injection vulnerability in inc/function_upload.php in MyBB before ...)
+CVE-2005-4602
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4600 (Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE ...)
+CVE-2005-4600
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
 	- moodle <not-affected> (has newer version)
 	- wordpress 2.5.1-3
@@ -706,133 +706,133 @@ CVE-2005-4600 (Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE
 	NOTE: this was possibly fixed before 2.5.1 in wordpress but since 2.5.1-3 wordpress
 	NOTE: uses the system copy of tinymce and the exact fixed version is not
 	NOTE: really determinably anymore
-CVE-2005-4599 (Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in ...)
+CVE-2005-4599
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2005-4598 (Cross-site scripting (XSS) vulnerability in home.php in OoApp ...)
+CVE-2005-4598
 	NOT-FOR-US: OoApp Guestbook
-CVE-2005-4597 (Cross-site scripting (XSS) vulnerability in index.php in iPei ...)
+CVE-2005-4597
 	NOT-FOR-US: iPei Guestbook
-CVE-2005-4596 (Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook ...)
+CVE-2005-4596
 	NOT-FOR-US: AdesGuestbook
-CVE-2005-4595 (Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView ...)
+CVE-2005-4595
 	NOT-FOR-US: NView and XnView, different from nview from nvi
-CVE-2005-4594 (Stack-based buffer overflow in TUGZip 3.4.0.0 allows remote attackers ...)
+CVE-2005-4594
 	NOT-FOR-US: TUGZip
-CVE-2005-4593 (PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and ...)
+CVE-2005-4593
 	NOT-FOR-US: phpDocumentor
-CVE-2005-4592 (Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows ...)
+CVE-2005-4592
 	- bogofilter 0.96.3
 	[sarge] - bogofilter <not-affected> (Only some 0.96 CVS versions were affected)
-CVE-2005-4591 (Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, ...)
+CVE-2005-4591
 	- bogofilter 0.96.3
 	[sarge] - bogofilter <not-affected> (Sarge version doesn't include Unicode)
-CVE-2005-4590 (Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on ...)
+CVE-2005-4590
 	NOT-FOR-US: Spb Kiosk Engine
-CVE-2005-4589 (Spb Kiosk Engine 1.0.0.1 stores the administrator's passcode in the ...)
+CVE-2005-4589
 	NOT-FOR-US: Spb Kiosk Engine
-CVE-2005-4588 (Cross-site scripting (XSS) vulnerability in Koobi 5 allows remote ...)
+CVE-2005-4588
 	NOT-FOR-US: Koobi
-CVE-2005-4587 (Juniper NetScreen-Security Manager (NSM) 2004 FP2 and FP3 allow remote ...)
+CVE-2005-4587
 	NOT-FOR-US: Juniper
-CVE-2005-4586 (Multiple SQL injection vulnerabilities in PHPSurveyor before 0.991 ...)
+CVE-2005-4586
 	NOT-FOR-US: PHPSurveyor
 CVE-2005-XXXX [snort: DoS in verbose mode]
 	- snort 2.3.3-2 (bug #328134; low)
 	[woody] - snort <no-dsa> (Only exploitable in obscure setups not used in production environments, see #328134)
 	[sarge] - snort <no-dsa> (Only exploitable in obscure setups not used in production environments, see #328134)
-CVE-2005-4601 (The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers ...)
+CVE-2005-4601
 	{DSA-957-2}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345238; medium)
 	NOTE: Exploitable through Gnus and Thunderbird.
 	- graphicsmagick 1.1.7-1
-CVE-2005-4585 (Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to ...)
+CVE-2005-4585
 	- ethereal 0.10.14-1 (bug #345243; low)
 	NOTE: This affects Woody and Sarge
-CVE-2005-4584 (BZFlag server 2.0.4 and earlier allows remote attackers to cause a ...)
+CVE-2005-4584
 	- bzflag 2.0.6.20060412-1 (bug #345245; low)
 	[sarge] - bzflag <no-dsa> (Minor DoS against a game)
-CVE-2005-4583 (Unspecified vulnerability in the Management Interface in VMware ESX ...)
+CVE-2005-4583
 	NOT-FOR-US: VMWare
-CVE-2005-4582 (Electric Sheep 2.6.3 does not require authentication or integrity ...)
+CVE-2005-4582
 	- electricsheep 2.6.3+cvs20051206-1 (unimportant)
 	NOTE: Even an authenticated server might serve unwanted content, so
 	NOTE: this can't be considered a real vulnerability.
-CVE-2005-4581 (Buffer overflow in Electric Sheep 2.6.3 client allows local users to ...)
+CVE-2005-4581
 	- electricsheep 2.6.3+cvs20051206-1 (unimportant)
 	NOTE: This does not seem to be exploitable.
-CVE-2005-4580 (Cross-site scripting (XSS) vulnerability in Day Communique 4 allows ...)
+CVE-2005-4580
 	NOT-FOR-US: Day Communique
-CVE-2005-4579 (Multiple HTTP response splitting vulnerabilities in Hitachi Business ...)
+CVE-2005-4579
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2005-4578 (Multiple SQL injection vulnerabilities in Hitachi Business Logic - ...)
+CVE-2005-4578
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2005-4577 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi ...)
+CVE-2005-4577
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2005-4576 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2005-4576
 	NOT-FOR-US: Fatwire Update Engine
-CVE-2005-4575 (PaperThin CommonSpot Content Server 4.5 and earlier allow remote ...)
+CVE-2005-4575
 	NOT-FOR-US: CommonSpot Content Server
-CVE-2005-4574 (Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin ...)
+CVE-2005-4574
 	{DSA-1201-1}
 	NOT-FOR-US: CommonSpot Content Server
-CVE-2005-4573 (PHP remote file include vulnerability in plog-admin-functions.php in ...)
+CVE-2005-4573
 	NOT-FOR-US: Plogger
-CVE-2005-4572 (Multiple SQL injection vulnerabilities in myEZshop Shopping Cart allow ...)
+CVE-2005-4572
 	NOT-FOR-US: myEZshop Shopping Cart
-CVE-2005-4571 (Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart ...)
+CVE-2005-4571
 	NOT-FOR-US: myEZshop Shopping Cart
-CVE-2005-4570 (The Internet Key Exchange version 1 (IKEv1) implementations in ...)
+CVE-2005-4570
 	NOT-FOR-US: FortiOS
-CVE-2005-4569 (Stack-based buffer overflow in index.fts in FTGate Technology ...)
+CVE-2005-4569
 	NOT-FOR-US: FTGate
-CVE-2005-4568 (Multiple format string vulnerabilities in FTGate Technology (formerly ...)
+CVE-2005-4568
 	NOT-FOR-US: FTGate
-CVE-2005-4567 (Multiple cross-site scripting (XSS) vulnerabilities in FTGate ...)
+CVE-2005-4567
 	NOT-FOR-US: FTGate
-CVE-2005-4566 (Buffer overflow in the Internet Key Exchange version 1 (IKEv1) ...)
+CVE-2005-4566
 	NOT-FOR-US: NetVanta
-CVE-2005-4565 (Format string vulnerability in the Internet Key Exchange version 1 ...)
+CVE-2005-4565
 	NOT-FOR-US: NetVanta
-CVE-2005-4564 (The Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN ...)
+CVE-2005-4564
 	NOT-FOR-US: NetVanta
-CVE-2005-4563 (SQL injection vulnerability in main.php in Enterprise Heart Enterprise ...)
+CVE-2005-4563
 	NOT-FOR-US: Enterprise Heart Enterprise Connector
 CVE-2005-4562
 	REJECTED
 CVE-2005-4561
 	REJECTED
-CVE-2005-4560 (The Windows Graphical Device Interface library (GDI32.DLL) in ...)
+CVE-2005-4560
 	{CVE-2006-0106}
 	NOT-FOR-US: Microsoft
-CVE-2005-4559 (mail/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail ...)
+CVE-2005-4559
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4558 (IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and ...)
+CVE-2005-4558
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4557 (dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail ...)
+CVE-2005-4557
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4556 (PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as ...)
+CVE-2005-4556
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4555 (Cross-site scripting (XSS) vulnerability in add.php in DEV web ...)
+CVE-2005-4555
 	NOT-FOR-US: DEV web management system
-CVE-2005-4554 (Multiple SQL injection vulnerabilities in DEV web management system ...)
+CVE-2005-4554
 	NOT-FOR-US: DEV web management system
-CVE-2005-4553 (Buffer overflow in Golden FTP Server 1.92 allows remote attackers to ...)
+CVE-2005-4553
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-4552 (The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC NetLink 2.0 ...)
+CVE-2005-4552
 	NOT-FOR-US: Sun Solaris PC NetLink
-CVE-2005-4551 (Cross-site scripting (XSS) vulnerability in sign.php in codegrrl ...)
+CVE-2005-4551
 	NOT-FOR-US: codegrrl SimpBook
-CVE-2005-4550 (The PORTAL schema in Oracle Application Server (OracleAS) Discussion ...)
+CVE-2005-4550
 	NOT-FOR-US: Oracle
-CVE-2005-4549 (Cross-site scripting (XSS) vulnerability in Oracle Application Server ...)
+CVE-2005-4549
 	NOT-FOR-US: Oracle
-CVE-2005-4548 (SQL injection vulnerability in the &quot;user area&quot; in RWS Statistics ...)
+CVE-2005-4548
 	NOT-FOR-US: RWS Statistics Counter
-CVE-2005-4547 (Cross-site scripting (XSS) vulnerability in home/search.php in eggblog ...)
+CVE-2005-4547
 	NOT-FOR-US: eggblog
-CVE-2005-4546 (search.php in eggblog 2.0 allows remote attackers to obtain the full ...)
+CVE-2005-4546
 	NOT-FOR-US: eggblog
-CVE-2005-4545 (Cross-site scripting (XSS) vulnerability in search.asp in NetDirect ...)
+CVE-2005-4545
 	NOT-FOR-US: NetDirect ShopEngine
 CVE-2005-4544
 	REJECTED
@@ -850,140 +850,140 @@ CVE-2005-4538
 	REJECTED
 CVE-2005-4537
 	REJECTED
-CVE-2005-4536 (Mail::Audit module in libmail-audit-perl 2.1-5, when logging is ...)
+CVE-2005-4536
 	{DSA-960-3}
 	- libmail-audit-perl 2.1-5.1 (bug #344029; medium)
 CVE-2005-4535
 	REJECTED
-CVE-2005-4533 (Argument injection vulnerability in scponlyc in scponly 4.1 and ...)
+CVE-2005-4533
 	{DSA-969-1}
 	- scponly 4.6-1 (bug #344418)
-CVE-2005-4532 (scponlyc in scponly 4.1 and earlier, when the operating system ...)
+CVE-2005-4532
 	{DSA-969-1}
 	- scponly 4.6-1 (bug #344418)
 CVE-2005-4531
 	REJECTED
-CVE-2005-4530 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay ...)
+CVE-2005-4530
 	NOT-FOR-US: EPay Enterprise
-CVE-2005-4529 (The Chatspot 2.0.0a7 module for phpBB might allow remote attackers to ...)
+CVE-2005-4529
 	NOT-FOR-US: phpBB addon
-CVE-2005-4528 (SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB ...)
+CVE-2005-4528
 	NOT-FOR-US: phpBB addon
-CVE-2005-4527 (Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote ...)
+CVE-2005-4527
 	NOT-FOR-US: Direct News
-CVE-2005-4526 (Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 ...)
+CVE-2005-4526
 	NOT-FOR-US: MIMEsweeper For Web
-CVE-2005-4525 (SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local ...)
+CVE-2005-4525
 	NOT-FOR-US: Sygate
-CVE-2005-4524 (Mantis 1.0.0rc3 does not properly handle &quot;Make note private&quot; when a ...)
+CVE-2005-4524
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4523 (Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS ...)
+CVE-2005-4523
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4522 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2005-4522
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4521 (CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows ...)
+CVE-2005-4521
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4520 (Unspecified &quot;port injection&quot; vulnerabilities in filters in Mantis ...)
+CVE-2005-4520
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4519 (Multiple SQL injection vulnerabilities in the manage user page ...)
+CVE-2005-4519
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4518 (Mantis before 0.19.4 allows remote attackers to bypass the file upload ...)
+CVE-2005-4518
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4517 (SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 ...)
+CVE-2005-4517
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-4516 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion ...)
+CVE-2005-4516
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-4515 (** DISPUTED ** ...)
+CVE-2005-4515
 	NOT-FOR-US: WebDB
-CVE-2005-4514 (** DISPUTED ** ...)
+CVE-2005-4514
 	NOT-FOR-US: Webwasher
-CVE-2005-4513 (Cross-site scripting (XSS) vulnerability in WANDSOFT e-SEARCH allows ...)
+CVE-2005-4513
 	NOT-FOR-US: WANDSOFT e-SEARCH
-CVE-2005-4512 (Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier ...)
+CVE-2005-4512
 	NOT-FOR-US: WAXTRAPP
-CVE-2005-4511 (Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows ...)
+CVE-2005-4511
 	NOT-FOR-US: TN3270 Resource Gateway
-CVE-2005-4510 (Directory traversal vulnerability in server.np in NetPublish Server 7 ...)
+CVE-2005-4510
 	NOT-FOR-US: Netpublish Server
-CVE-2005-4509 (SQL injection vulnerability in index.asp in pTools allows remote ...)
+CVE-2005-4509
 	NOT-FOR-US: pTools
-CVE-2005-4508 (Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to ...)
+CVE-2005-4508
 	NOT-FOR-US: Nexus Concepts Dev Hound
-CVE-2005-4507 (Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts ...)
+CVE-2005-4507
 	NOT-FOR-US: Nexus Concepts Dev Hound
-CVE-2005-4506 (Nexus Concepts Dev Hound 2.24 and earlier stores username and password ...)
+CVE-2005-4506
 	NOT-FOR-US: Nexus Concepts Dev Hound
-CVE-2005-4505 (Unquoted Windows search path vulnerability in McAfee VirusScan ...)
+CVE-2005-4505
 	NOT-FOR-US: McAfee
-CVE-2005-4504 (The khtml::RenderTableSection::ensureRows function in KHTMLParser in ...)
+CVE-2005-4504
 	- kdelibs <not-affected>
 	NOTE: Konqueror from sid doesn't crash, will test an older version later
-CVE-2005-4503 (httprint v202, and possibly other versions before v301, allows remote ...)
+CVE-2005-4503
 	NOT-FOR-US: httprint
-CVE-2005-4502 (Cross-site scripting (XSS) vulnerability in httprint v202, and ...)
+CVE-2005-4502
 	NOT-FOR-US: httprint
-CVE-2005-4501 (MediaWiki before 1.5.4 uses a hard-coded &quot;internal placeholder ...)
+CVE-2005-4501
 	- mediawiki 1.4.13-1 (bug #345280)
-CVE-2005-4500 (SQL injection vulnerability in MusicBox 2.3 allows remote attackers to ...)
+CVE-2005-4500
 	NOT-FOR-US: MusicBox
-CVE-2005-4499 (The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 ...)
+CVE-2005-4499
 	NOT-FOR-US: Cisco
-CVE-2005-4498 (Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier ...)
+CVE-2005-4498
 	NOT-FOR-US: Text-e
-CVE-2005-4497 (Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and ...)
+CVE-2005-4497
 	NOT-FOR-US: Tangora Portal
-CVE-2005-4496 (Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 ...)
+CVE-2005-4496
 	NOT-FOR-US: Syntax CMS
-CVE-2005-4495 (** DISPUTED ** ...)
+CVE-2005-4495
 	NOT-FOR-US: SpireMedia
-CVE-2005-4494 (Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier ...)
+CVE-2005-4494
 	- spip 2.0.6-1 (medium; bug #352078)
-CVE-2005-4493 (Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier ...)
+CVE-2005-4493
 	NOT-FOR-US: SpearTek
-CVE-2005-4492 (Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 ...)
+CVE-2005-4492
 	NOT-FOR-US: Starphire SiteSage
-CVE-2005-4491 (Multiple cross-site scripting (XSS) vulnerabilities in Sitekit CMS 6.6 ...)
+CVE-2005-4491
 	NOT-FOR-US: Sitekit CMS
-CVE-2005-4490 (Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and ...)
+CVE-2005-4490
 	NOT-FOR-US: SCOOP!
-CVE-2005-4489 (Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier ...)
+CVE-2005-4489
 	NOT-FOR-US: Scoop
-CVE-2005-4488 (Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in ...)
+CVE-2005-4488
 	NOT-FOR-US: Redakto WCMS
-CVE-2005-4487 (Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and ...)
+CVE-2005-4487
 	NOT-FOR-US: RAMSite
-CVE-2005-4486 (** DISPUTED ** ...)
+CVE-2005-4486
 	NOT-FOR-US: Quantum Art
-CVE-2005-4485 (Multiple cross-site scripting (XSS) vulnerabilities in ProjectApp 3.3 ...)
+CVE-2005-4485
 	NOT-FOR-US: ProjectApp
-CVE-2005-4484 (Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 ...)
+CVE-2005-4484
 	NOT-FOR-US: IntranetApp
-CVE-2005-4483 (Cross-site scripting (XSS) vulnerability in login.asp in SiteEnable ...)
+CVE-2005-4483
 	NOT-FOR-US: SiteEnable
-CVE-2005-4482 (Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 ...)
+CVE-2005-4482
 	NOT-FOR-US: PortalApp
-CVE-2005-4481 (** DISPUTED ** ...)
+CVE-2005-4481
 	NOT-FOR-US: Polypoly
-CVE-2005-4480 (Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and ...)
+CVE-2005-4480
 	NOT-FOR-US: Plexcor CMS
-CVE-2005-4479 (SQL injection vulnerability in article.php in phpSlash 0.8.1 and ...)
+CVE-2005-4479
 	NOT-FOR-US: phpSlash
-CVE-2005-4478 (Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier ...)
+CVE-2005-4478
 	NOT-FOR-US: Papoo
-CVE-2005-4477 (Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and ...)
+CVE-2005-4477
 	NOT-FOR-US: papaya CMS
-CVE-2005-4476 (Cross-site scripting (XSS) vulnerability in store/search/results.html ...)
+CVE-2005-4476
 	NOT-FOR-US: OpenEdit
-CVE-2005-4475 (Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier ...)
+CVE-2005-4475
 	NOT-FOR-US: OpenCms
-CVE-2005-4534 (The shadow database feature (syncshadowdb) in Bugzilla 2.9 through ...)
+CVE-2005-4534
 	{DSA-1208-1}
 	- bugzilla 2.18 (bug #329387; low)
 	NOTE: The vulnerable script has been removed in the 2.18 upstream release
@@ -991,361 +991,361 @@ CVE-2005-XXXX [Insecure tempfile in libjpeg6b's exifautotran]
 	- libjpeg6b 6b-11 (bug #340079; low)
 	[woody] - libjpeg6b <not-affected> (Does not include exifautotran)
 	[sarge] - libjpeg6b <no-dsa> (Creates tempfile in cwd, only very far-fetched attack vectors applicable)
-CVE-2005-4474 (Buffer overflow in the &quot;Add to archive&quot; command in WinRAR 3.51 allows ...)
+CVE-2005-4474
 	NOT-FOR-US: WinRAR
-CVE-2005-4473 (Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows ...)
+CVE-2005-4473
 	NOT-FOR-US: Macromedia JRun 4 web server
-CVE-2005-4472 (Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) ...)
+CVE-2005-4472
 	NOT-FOR-US: Macromedia JRun 4 web server
-CVE-2005-4471 (POP3 service in Avaya Modular Messaging Message Storage Server (MSS) ...)
+CVE-2005-4471
 	NOT-FOR-US: Avaya Modular Messaging Message Storage Server
-CVE-2005-4470 (Heap-based buffer overflow in the get_bhead function in readfile.c in ...)
+CVE-2005-4470
 	{DSA-1039-1 DTSA-29-1}
 	- blender 2.40-1 (bug #344398; medium)
 	[woody] - blender <no-dsa> (Woody has it in non-free and it is binary-only)
-CVE-2005-4469 (Multiple direct static code injection vulnerabilities in PHPGedView ...)
+CVE-2005-4469
 	NOT-FOR-US: PHPGedView
-CVE-2005-4468 (PHP remote file include vulnerability in help_text_vars.php in ...)
+CVE-2005-4468
 	NOT-FOR-US: PHPGedView
-CVE-2005-4467 (Directory traversal vulnerability in help_text_vars.php in PHPGedView ...)
+CVE-2005-4467
 	NOT-FOR-US: PHPGedView
-CVE-2005-4466 (Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll ...)
+CVE-2005-4466
 	NOT-FOR-US: SIP Proxy
-CVE-2005-4465 (The Internet Key Exchange version 1 (IKEv1) implementation in NEC ...)
+CVE-2005-4465
 	NOT-FOR-US: NEC UNIVERGE IX1000, IX2000, and IX3000
-CVE-2005-4464 (Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote ...)
+CVE-2005-4464
 	NOT-FOR-US: Ingate Firewall / SIParator
-CVE-2005-4463 (WordPress before 1.5.2 allows remote attackers to obtain sensitive ...)
+CVE-2005-4463
 	- wordpress 1.5.2-1 (unimportant)
 	NOTE: Only path disclosure
-CVE-2005-4462 (PHP remote file include vulnerability in usermods.php in Tolva PHP ...)
+CVE-2005-4462
 	NOT-FOR-US: Tolva PHP website system
-CVE-2005-4461 (SQL injection vulnerability in index.php in Beehive Forum 0.6.2 and ...)
+CVE-2005-4461
 	NOT-FOR-US: Beehive Forum
-CVE-2005-4460 (Cross-site scripting (XSS) vulnerability in Beehive Forum 0.6.2 and ...)
+CVE-2005-4460
 	NOT-FOR-US: Beehive Forum
-CVE-2005-4459 (Heap-based buffer overflow in the NAT networking components vmnat.exe ...)
+CVE-2005-4459
 	NOT-FOR-US: VMWare
-CVE-2005-4458 (Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly ...)
+CVE-2005-4458
 	NOT-FOR-US: Metadot Portal Server
-CVE-2005-4457 (MailEnable Enterprise 1.1 before patch ME-10009 allows remote ...)
+CVE-2005-4457
 	NOT-FOR-US: MailEnable
-CVE-2005-4456 (Multiple buffer overflows in MailEnable Professional 1.71 and ...)
+CVE-2005-4456
 	NOT-FOR-US: MailEnable
-CVE-2005-4455 (cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote ...)
+CVE-2005-4455
 	NOT-FOR-US: livejournal
 	NOTE: liblivejournal-perl doesn't seem to embed any of the affected code
-CVE-2005-4454 (Validate-before-filter vulnerability in cleanhtml.pl 1.129 in ...)
+CVE-2005-4454
 	NOT-FOR-US: livejournal
 	NOTE: liblivejournal-perl doesn't seem to embed any of the affected code
-CVE-2005-4453 (UserProfile.cs in Ultraapps Issue Manager before 2.1 allows remote ...)
+CVE-2005-4453
 	NOT-FOR-US: Ultraapps Issue Manager
-CVE-2005-4452 (Information Call Center stores the CallCenterData.mdb database under ...)
+CVE-2005-4452
 	NOT-FOR-US: Information Call Center
-CVE-2005-4451 (Unspecified vulnerability in Software Distributor in HP-UX B.11.11 ...)
+CVE-2005-4451
 	NOT-FOR-US: HP-UX
-CVE-2005-4450 (Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.7.0 ...)
+CVE-2005-4450
 	NOTE: According to the description possibly a dupe of the non-issue CVE-2005-4349
-CVE-2005-4449 (verify.php in FlatNuke 2.5.6 allows remote authenticated ...)
+CVE-2005-4449
 	NOT-FOR-US: FlatNuke
-CVE-2005-4448 (FlatNuke 2.5.6 verifies authentication credentials based on an MD5 ...)
+CVE-2005-4448
 	NOT-FOR-US: FlatNuke
-CVE-2005-4447 (SQL injection vulnerability in articles\articles_funcs.php in phpCOIN ...)
+CVE-2005-4447
 	NOT-FOR-US: phpCOIN
-CVE-2005-4446 (Cross-site scripting (XSS) vulnerability in index.asp in ASPBite 8.x ...)
+CVE-2005-4446
 	NOT-FOR-US: ASPBite
-CVE-2005-4445 (Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows ...)
+CVE-2005-4445
 	NOT-FOR-US: Pegasus Mail
-CVE-2005-4444 (Stack-based buffer overflow in the trace message functionality in ...)
+CVE-2005-4444
 	NOT-FOR-US: Pegasus Mail
-CVE-2005-4443 (Untrusted search path vulnerability in Gauche before 0.8.6-r1 on ...)
+CVE-2005-4443
 	- gauche <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4442 (Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on ...)
+CVE-2005-4442
 	- openldap2 <not-affected> (Gentoo-specific packaging flaw)
 	- openldap2.2 <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4441 (The PVLAN protocol allows remote attackers to bypass network ...)
+CVE-2005-4441
 	NOT-FOR-US: VLAN protocol flaws, likely fixed in current kernels
-CVE-2005-4440 (The 802.1q VLAN protocol allows remote attackers to bypass network ...)
+CVE-2005-4440
 	NOT-FOR-US: VLAN protocol flaws, likely fixed in current kernels
-CVE-2005-4439 (Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to ...)
+CVE-2005-4439
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1 (bug #349528; high)
-CVE-2005-4438 (Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in ...)
+CVE-2005-4438
 	NOT-FOR-US: Dec2Rar
-CVE-2005-4437 (MD5 Neighbor Authentication in Extended Interior Gateway Routing ...)
+CVE-2005-4437
 	NOT-FOR-US: IOS
-CVE-2005-4436 (Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented ...)
+CVE-2005-4436
 	NOT-FOR-US: IOS
-CVE-2005-4435 (Cross-site scripting (XSS) vulnerability in index.php AbleDesign D-Man ...)
+CVE-2005-4435
 	NOT-FOR-US: AbleDesign D-Man
-CVE-2005-4434 (Cross-site scripting (XSS) vulnerability in AbleDesign ReSearch 2.x ...)
+CVE-2005-4434
 	NOT-FOR-US: AbleDesign ReSearch
-CVE-2005-4433 (Cross-site scripting (XSS) vulnerability in search.php in Esselbach ...)
+CVE-2005-4433
 	NOT-FOR-US: Esselbach Storyteller CMS
-CVE-2005-4432 (Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 ...)
+CVE-2005-4432
 	NOT-FOR-US: PlaySMS
-CVE-2005-4431 (SQL injection vulnerability in WowBB 1.65 allows remote attackers to ...)
+CVE-2005-4431
 	NOT-FOR-US: WowBB
-CVE-2005-4430 (SQL injection vulnerability in LogicBill 1.0 and earlier allows remote ...)
+CVE-2005-4430
 	NOT-FOR-US: LogicBill
-CVE-2005-4429 (SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers ...)
+CVE-2005-4429
 	NOT-FOR-US: CS-Cart
-CVE-2005-4428 (Cross-site scripting (XSS) vulnerability in index.php in Cerberus ...)
+CVE-2005-4428
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-4427 (Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow ...)
+CVE-2005-4427
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-4426 (Interpretation conflict in YaBB before 2.1 allows remote authenticated ...)
+CVE-2005-4426
 	NOT-FOR-US: YaBB
-CVE-2005-4425 (Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 ...)
+CVE-2005-4425
 	NOT-FOR-US: Kerio Firewall
-CVE-2005-4424 (Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might ...)
+CVE-2005-4424
 	NOT-FOR-US: PHPKIT
-CVE-2005-4423 (Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows ...)
+CVE-2005-4423
 	NOT-FOR-US: PHPFM
-CVE-2005-4422 (Unrestricted file upload vulnerability in toendaCMS before 0.6.2 ...)
+CVE-2005-4422
 	NOT-FOR-US: toendaCMS
-CVE-2005-4421 (Dev-Editor 3.0 allows remote attackers to access any directory outside ...)
+CVE-2005-4421
 	NOT-FOR-US: Dev-Editor
-CVE-2005-4420 (Cross-site scripting (XSS) vulnerability in Honeycomb Archive ...)
+CVE-2005-4420
 	NOT-FOR-US: Honeycomb Archive Enterprise
-CVE-2005-4419 (Multiple SQL injection vulnerabilities in CategoryResults.cfm in ...)
+CVE-2005-4419
 	NOT-FOR-US: Honeycomb Archive Enterprise
-CVE-2005-4417 (The default configuration of Widcomm Bluetooth for Windows (BTW) ...)
+CVE-2005-4417
 	NOT-FOR-US: Widcomm Bluetooth for Windows
-CVE-2005-4416 (SQL injection vulnerability in index.php in TML CMS 0.5 allows remote ...)
+CVE-2005-4416
 	NOT-FOR-US: TML CMS
-CVE-2005-4415 (Cross-site scripting (XSS) vulnerability in index.php in TML CMS 0.5 ...)
+CVE-2005-4415
 	NOT-FOR-US: TML CMS
-CVE-2005-4414 (Unspecified vulnerability in Teamwork 3 before alpha 1.7 has unknown ...)
+CVE-2005-4414
 	NOT-FOR-US: Teamwork 3
-CVE-2005-4413 (Multiple cross-site scripting (XSS) vulnerabilities in sample scripts ...)
+CVE-2005-4413
 	NOT-FOR-US: Websphere
-CVE-2005-4412 (Citrix Program Neighborhood client before 9.150 caches the user ...)
+CVE-2005-4412
 	NOT-FOR-US: Citrix
-CVE-2005-4411 (Buffer overflow in Mercury Mail Transport System 4.01b allows remote ...)
+CVE-2005-4411
 	NOT-FOR-US: Mercury Mail Transport System
-CVE-2005-4410 (Cross-site scripting (XSS) vulnerability in NQcontent 3 allows remote ...)
+CVE-2005-4410
 	NOT-FOR-US: NQcontent
-CVE-2005-4409 (Cross-site scripting (XSS) vulnerability in MMBase 1.7.4 and earlier ...)
+CVE-2005-4409
 	NOT-FOR-US: MMBase
-CVE-2005-4408 (Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and ...)
+CVE-2005-4408
 	NOT-FOR-US: Miraserver
-CVE-2005-4407 (Cross-site scripting (XSS) vulnerability in index.cfm in Mercury CMS ...)
+CVE-2005-4407
 	NOT-FOR-US: Mercury CMS
-CVE-2005-4406 (SQL injection vulnerability in index.cfm in Mercury CMS 4.0 and ...)
+CVE-2005-4406
 	NOT-FOR-US: Mercury CMS
-CVE-2005-4405 (redqueen.cgi in Red Queen 1.02 and earlier allows remote attackers to ...)
+CVE-2005-4405
 	NOT-FOR-US: Red Queen
-CVE-2005-4404 (SQL injection vulnerability in default.asp in Media2 CMS Shop 18.x ...)
+CVE-2005-4404
 	NOT-FOR-US: Media2 CMS
-CVE-2005-4403 (SQL injection vulnerability in index.php in Marwel 2.7 and earlier ...)
+CVE-2005-4403
 	NOT-FOR-US: Marwel
-CVE-2005-4402 (Buffer overflow in MailEnable Professional 1.71 and earlier, and ...)
+CVE-2005-4402
 	NOT-FOR-US: MailEnable Professional
-CVE-2005-4401 (Cross-site scripting (XSS) vulnerability in Lutece 1.2.3 and earlier ...)
+CVE-2005-4401
 	NOT-FOR-US: Lutece
-CVE-2005-4400 (Cross-site scripting (XSS) vulnerability in downloads/portal_ent in ...)
+CVE-2005-4400
 	NOT-FOR-US: Liferay Portal Professional
-CVE-2005-4399 (Cross-site scripting (XSS) vulnerability in search/index.php in ...)
+CVE-2005-4399
 	NOT-FOR-US: Libertas Enterprise CMS
-CVE-2005-4398 (** DISPUTED ** ...)
+CVE-2005-4398
 	NOT-FOR-US: lemoon
-CVE-2005-4397 (SQL injection vulnerability in RunScript.asp iCMS allows remote ...)
+CVE-2005-4397
 	NOT-FOR-US: iCMS
-CVE-2005-4396 (Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS ...)
+CVE-2005-4396
 	NOT-FOR-US: iCMS
-CVE-2005-4395 (Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier ...)
+CVE-2005-4395
 	NOT-FOR-US: FarCry
-CVE-2005-4394 (Cross-site scripting (XSS) vulnerability in EPiX 3.1.2 and earlier ...)
+CVE-2005-4394
 	NOT-FOR-US: EPiX
-CVE-2005-4393 (Cross-site scripting (XSS) vulnerability in show.cfm in e-publish CMS ...)
+CVE-2005-4393
 	NOT-FOR-US: e-publish CMS
-CVE-2005-4392 (SQL injection vulnerability in printer_friendly.cfm in e-publish CMS ...)
+CVE-2005-4392
 	NOT-FOR-US: e-publish CMS
-CVE-2005-4391 (Cross-site scripting (XSS) vulnerability in damoon allows remote ...)
+CVE-2005-4391
 	NOT-FOR-US: damoon
-CVE-2005-4390 (SQL injection vulnerability in index.php in ContentServ 3.1 and ...)
+CVE-2005-4390
 	NOT-FOR-US: ContentServ
-CVE-2005-4389 (search.cfm in CONTENS 3.0 and earlier allows remote attackers to ...)
+CVE-2005-4389
 	NOT-FOR-US: CONTENS
-CVE-2005-4388 (Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 ...)
+CVE-2005-4388
 	NOT-FOR-US: CONTENS
-CVE-2005-4387 (Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 ...)
+CVE-2005-4387
 	NOT-FOR-US: contenite
-CVE-2005-4386 (Cross-site scripting (XSS) vulnerability in Colony CMS 2.75 and ...)
+CVE-2005-4386
 	NOT-FOR-US: Colony CMS
-CVE-2005-4385 (Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 ...)
+CVE-2005-4385
 	NOT-FOR-US: Cofax
-CVE-2005-4384 (CitySoft Community Enterprise 4.x allows remote attackers to obtain ...)
+CVE-2005-4384
 	NOT-FOR-US: CitySoft Community Enterprise
-CVE-2005-4383 (Cross-site scripting (XSS) vulnerability in index.cfm in CitySoft ...)
+CVE-2005-4383
 	NOT-FOR-US: CitySoft Community Enterprise
-CVE-2005-4382 (SQL injection vulnerability in CitySoft Community Enterprise 4.x ...)
+CVE-2005-4382
 	NOT-FOR-US: CitySoft Community Enterprise
-CVE-2005-4381 (Multiple cross-site scripting (XSS) vulnerabilities in Caravel CMS 3.0 ...)
+CVE-2005-4381
 	NOT-FOR-US: Caravel CMS
-CVE-2005-4380 (Multiple SQL injection vulnerabilities in Bitweaver 1.1 and 1.1.1 beta ...)
+CVE-2005-4380
 	NOT-FOR-US: Bitweaver
-CVE-2005-4379 (Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.1 ...)
+CVE-2005-4379
 	NOT-FOR-US: Bitweaver
-CVE-2005-4378 (SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and ...)
+CVE-2005-4378
 	NOT-FOR-US: Baseline CMS
-CVE-2005-4377 (Cross-site scripting (XSS) vulnerability in Page.asp in Baseline CMS ...)
+CVE-2005-4377
 	NOT-FOR-US: Baseline CMS
-CVE-2005-4376 (Directory traversal vulnerability in Amaxus 3 and earlier allows ...)
+CVE-2005-4376
 	NOT-FOR-US: Amaxus
-CVE-2005-4375 (Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier ...)
+CVE-2005-4375
 	NOT-FOR-US: Amaxus
-CVE-2005-4374 (Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 ...)
+CVE-2005-4374
 	NOT-FOR-US: Allinta
-CVE-2005-4373 (Adaptive Website Framework (AWF) 2.10 and earlier allows remote ...)
+CVE-2005-4373
 	NOT-FOR-US: Adaptive Website Framework
-CVE-2005-4372 (Cross-site scripting (XSS) vulnerability in account.html in Adaptive ...)
+CVE-2005-4372
 	NOT-FOR-US: Adaptive Website Framework
-CVE-2005-4371 (Acidcat 2.1.13 and earlier stores the database under the web root with ...)
+CVE-2005-4371
 	NOT-FOR-US: Acidcat
-CVE-2005-4370 (SQL injection vulnerability in main_content.asp in Acidcat 2.1.13 and ...)
+CVE-2005-4370
 	NOT-FOR-US: Acidcat
-CVE-2005-4369 (Cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2 allows ...)
+CVE-2005-4369
 	NOT-FOR-US: Acuity CMS
-CVE-2005-4368 (roundcube webmail Alpha, with a default high verbose level ...)
+CVE-2005-4368
 	- roundcube <not-affected> (Quotes are stripped now and if the task can't be found there is a default of mail)
-CVE-2005-4367 (Cross-site scripting (XSS) vulnerability in register_domain.php in ...)
+CVE-2005-4367
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4366 (Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote ...)
+CVE-2005-4366
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4365 (Multiple cross-site scripting (XSS) vulnerabilities in FLIP 0.9.0.1029 ...)
+CVE-2005-4365
 	NOT-FOR-US: FLIP
-CVE-2005-4364 (Cross-site scripting (XSS) vulnerability in index.cfm in Hot Banana ...)
+CVE-2005-4364
 	NOT-FOR-US: Hot Banana Web Content Management Suite
-CVE-2005-4363 (Cross-site scripting (XSS) vulnerability in the search engine in ...)
+CVE-2005-4363
 	NOT-FOR-US: Komodo CMS
-CVE-2005-4362 (SQL injection vulnerability in page.php in Komodo CMS 2.1 allows ...)
+CVE-2005-4362
 	NOT-FOR-US: Komodo CMS
-CVE-2005-4361 (Cross-site scripting (XSS) vulnerability in search.html in Magnolia ...)
+CVE-2005-4361
 	NOT-FOR-US: Magnolia Content Management Suite
-CVE-2005-4360 (The URL parser in Microsoft Internet Information Services (IIS) 5.1 on ...)
+CVE-2005-4360
 	NOT-FOR-US: IIS
-CVE-2005-4359 (SQL injection vulnerability in includes/core.inc.php in ODFaq 2.1.0 ...)
+CVE-2005-4359
 	NOT-FOR-US: ODFaq
-CVE-2005-4358 (admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to ...)
+CVE-2005-4358
 	- phpbb2 <unfixed> (unimportant)
-CVE-2005-4357 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when ...)
+CVE-2005-4357
 	- phpbb2 2.0.21-1 (bug #344674; low)
 	[sarge] - phpbb2 <no-dsa> (Affects only an inherently unsafe option only suitable for trusted users)
 	NOTE: According to the maintainer only affects a config option that is strongly
 	NOTE: discouraged due to potential security problems
-CVE-2005-4356 (SQL injection vulnerability in UStore allows remote attackers to ...)
+CVE-2005-4356
 	NOT-FOR-US: UStore
-CVE-2005-4355 (Multiple cross-site scripting (XSS) vulnerabilities in UStore allow ...)
+CVE-2005-4355
 	NOT-FOR-US: UStore
-CVE-2005-4354 (Cross-site scripting (XSS) vulnerability in webglimpse.cgi in ...)
+CVE-2005-4354
 	NOT-FOR-US: Webglimpse
-CVE-2005-4353 (SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when ...)
+CVE-2005-4353
 	NOT-FOR-US: toendaCMS
-CVE-2005-4352 (The securelevels implementation in NetBSD 2.1 and earlier, and Linux ...)
+CVE-2005-4352
 	- linux-2.6 2.6.18-3
-CVE-2005-4351 (The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up ...)
+CVE-2005-4351
 	- linux-2.6 2.6.18-3
-CVE-2005-4350 (Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 ...)
+CVE-2005-4350
 	NOT-FOR-US: WBEM Services
-CVE-2005-4349 (** DISPUTED ** ...)
+CVE-2005-4349
 	- phpmyadmin <unfixed> (unimportant)
 	NOTE: Only for authenticated used, will possibly be rejected
-CVE-2005-4348 (fetchmail before 6.3.1 and before 6.2.5.5, when configured for ...)
+CVE-2005-4348
 	{DSA-939-1}
 	- fetchmail 6.3.1-1 (bug #343836; bug #345944; low)
-CVE-2005-4418 (util-vserver before 0.30.208-1 with kernel-patch-vserver before ...)
+CVE-2005-4418
 	{DSA-1011-1}
 	- util-vserver 0.30.208-1
-CVE-2005-4347 (The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and ...)
+CVE-2005-4347
 	{DSA-1011-1}
 	- util-vserver 0.30.208-1 (bug #329090; medium)
 	- kernel-patch-vserver 2.3 (bug #329087; medium)
 	NOTE: both util-vserver and the kernel-patch-vserver need to be upgraded to fix this vulnerability
-CVE-2005-4346 (Invalid SQL syntax error in blog.php in phpBB Blog 2.2.2 and earlier ...)
+CVE-2005-4346
 	NOT-FOR-US: phpBB Blog
-CVE-2005-4345 (Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password ...)
+CVE-2005-4345
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4344 (Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the ...)
+CVE-2005-4344
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4343 (Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and ...)
+CVE-2005-4343
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4342 (ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, ...)
+CVE-2005-4342
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4341 (Blackboard Learning and Community Portal System in Academic Suite ...)
+CVE-2005-4341
 	NOT-FOR-US: Academic Suite
 CVE-2005-4340
 	REJECTED
-CVE-2005-4339 (Cross-site scripting (XSS) vulnerability in Blackboard Learning and ...)
+CVE-2005-4339
 	NOT-FOR-US: Academic Suite
-CVE-2005-4338 (announcement.pl in Blackboard Learning and Community Portal System in ...)
+CVE-2005-4338
 	NOT-FOR-US: Academic Suite
-CVE-2005-4337 (The login page in Blackboard Learning and Community Portal System in ...)
+CVE-2005-4337
 	NOT-FOR-US: Academic Suite
-CVE-2005-4336 (Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and ...)
+CVE-2005-4336
 	NOT-FOR-US: ProjectForum
-CVE-2005-4335 (ProjectForum 4.7.0 and earlier allows remote attackers to cause a ...)
+CVE-2005-4335
 	NOT-FOR-US: ProjectForum
-CVE-2005-4334 (SQL injection vulnerability in ZixForum 1.12 allows remote attackers ...)
+CVE-2005-4334
 	NOT-FOR-US: ZixForum
-CVE-2005-4333 (Multiple cross-site scripting (XSS) vulnerabilities in Binary Board ...)
+CVE-2005-4333
 	NOT-FOR-US: Binary Board System
-CVE-2005-4332 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager ...)
+CVE-2005-4332
 	NOT-FOR-US: Secure Smart Manager
-CVE-2005-4331 (SQL injection vulnerability in merchant.ihtml in iHTML Merchant ...)
+CVE-2005-4331
 	NOT-FOR-US: iHTML Merchant
-CVE-2005-4330 (SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall ...)
+CVE-2005-4330
 	NOT-FOR-US: iHTML Merchant
-CVE-2005-4329 (SQL injection vulnerability in pafiledb.php in PHP Arena paFileDB ...)
+CVE-2005-4329
 	NOT-FOR-US: paFileDB
-CVE-2005-4328 (Cross-site scripting (XSS) vulnerability in webglimpse.cgi in ...)
+CVE-2005-4328
 	NOT-FOR-US: WebGlimpse
-CVE-2005-4327 (Multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt ...)
+CVE-2005-4327
 	NOT-FOR-US: Michael Arndt WebCal
-CVE-2005-4326 (The web interface for American Power Conversion (APC) PowerChute ...)
+CVE-2005-4326
 	NOT-FOR-US: APC hardware issue
-CVE-2005-4325 (Multiple unspecified vulnerabilities in Driverse before 0.56b have ...)
+CVE-2005-4325
 	NOT-FOR-US: Driverse
-CVE-2005-4324 (Hitachi Groupmax Mail SMTP 06-50 through 06-52-/A and 07-00 through ...)
+CVE-2005-4324
 	NOT-FOR-US: Hitachi Groupmax Mail SMTP
-CVE-2005-4323 (Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal ...)
+CVE-2005-4323
 	NOT-FOR-US: Hitachi Cosminexus Collaboration Portal
-CVE-2005-4322 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi ...)
+CVE-2005-4322
 	NOT-FOR-US: Hitachi Cosminexus Collaboration Portal
-CVE-2005-4321 (The Internet Key Exchange version 1 (IKEv1) implementation in Apani ...)
+CVE-2005-4321
 	NOT-FOR-US: Apani Networks EpiForce
-CVE-2005-4320 (Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the ...)
+CVE-2005-4320
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4319 (Directory traversal vulnerability in index2.php in Limbo CMS 1.0.4.2 ...)
+CVE-2005-4319
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4318 (SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and ...)
+CVE-2005-4318
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4317 (Limbo CMS 1.0.4.2 and earlier, with register_globals off, does not ...)
+CVE-2005-4317
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4316 (HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers ...)
+CVE-2005-4316
 	NOT-FOR-US: HP-UX
-CVE-2005-4315 (SQL injection vulnerability in the search function in Plexum PLEXCART ...)
+CVE-2005-4315
 	NOT-FOR-US: Plexum PLEXCART
-CVE-2005-4314 (Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal ...)
+CVE-2005-4314
 	NOT-FOR-US: PPCal Shopping Cart
-CVE-2005-4313 (SQL injection vulnerability in index.php in AlmondSoft Almond ...)
+CVE-2005-4313
 	NOT-FOR-US: AlmondSoft Almond Personals
-CVE-2005-4312 (SQL injection vulnerability in index.php in AlmondSoft Almond ...)
+CVE-2005-4312
 	NOT-FOR-US: AlmondSoft Almond Personals
-CVE-2005-4311 (Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, ...)
+CVE-2005-4311
 	NOT-FOR-US: DCForum
-CVE-2005-4310 (SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based ...)
+CVE-2005-4310
 	NOT-FOR-US: SSH Tectia Server
-CVE-2005-4309 (SQL injection vulnerability in ezUpload Pro 2.2 and earlier allows ...)
+CVE-2005-4309
 	NOT-FOR-US: ezUpload Pro
-CVE-2005-4308 (index.php in ezUpload Pro 2.2 and earlier allows remote attackers to ...)
+CVE-2005-4308
 	NOT-FOR-US: ezUpload Pro
-CVE-2005-4307 (Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier ...)
+CVE-2005-4307
 	NOT-FOR-US: ScareCrow
-CVE-2005-4306 (Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 ...)
+CVE-2005-4306
 	NOT-FOR-US: SiteNet BBS
-CVE-2005-4305 (Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, ...)
+CVE-2005-4305
 	- trac 0.9.3-1 (bug #344006)
 	[sarge] - trac <unfixed> (medium)
 	NOTE: upstream bts at http://trac.edgewall.org/ticket/2473 claims this is
@@ -1354,244 +1354,244 @@ CVE-2005-4305 (Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.
 	NOTE: of input being escape()'d are no longer done so, and instead a
 	NOTE: Markup() function replaces them, and special checks are done
 	NOTE: on rendered HTML output to prevent XSS code from being displayed.
-CVE-2005-4304 (index.php in ezDatabase 2.1.2 and earlier allows remote attackers to ...)
+CVE-2005-4304
 	NOT-FOR-US: ezDatabase
-CVE-2005-4303 (SQL injection vulnerability in index.php for ezDatabase 2.1.2 and ...)
+CVE-2005-4303
 	NOT-FOR-US: ezDatabase
-CVE-2005-4302 (Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and ...)
+CVE-2005-4302
 	NOT-FOR-US: ezDatabase
-CVE-2005-4301 (Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and ...)
+CVE-2005-4301
 	NOT-FOR-US: pgpXplorer
-CVE-2005-4300 (Format string vulnerability in the lire_pop function in pop.c in ...)
+CVE-2005-4300
 	NOT-FOR-US: libremail
-CVE-2005-4299 (Cross-site scripting (XSS) vulnerability in atl.cgi in Atlant Pro 4.02 ...)
+CVE-2005-4299
 	NOT-FOR-US: Atlant Pro
-CVE-2005-4298 (Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum ...)
+CVE-2005-4298
 	NOT-FOR-US: AtlantForum
-CVE-2005-4297 (Cross-site scripting (XSS) vulnerability in bbBoard 2.56 and earlier ...)
+CVE-2005-4297
 	NOT-FOR-US: bbBoard
-CVE-2005-4296 (AppServ Open Project 2.5.3 allows remote attackers to cause a denial ...)
+CVE-2005-4296
 	NOT-FOR-US: AppServ Open Project
-CVE-2005-4295 (Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE ...)
+CVE-2005-4295
 	NOT-FOR-US: Absolute Image Gallery XE
-CVE-2005-4294 (Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before ...)
+CVE-2005-4294
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2005-4293 (Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro ...)
+CVE-2005-4293
 	NOT-FOR-US: ClickCartPro
-CVE-2005-4292 (Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and ...)
+CVE-2005-4292
 	NOT-FOR-US: CommerceSQL
-CVE-2005-4291 (Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS ...)
+CVE-2005-4291
 	NOT-FOR-US: ECTOOLS Onlineshop
-CVE-2005-4290 (Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 ...)
+CVE-2005-4290
 	NOT-FOR-US: ECW-Cart
-CVE-2005-4289 (Cross-site scripting (XSS) vulnerability in EDCstore.pl in eDatCat 0.3 ...)
+CVE-2005-4289
 	NOT-FOR-US: eDatCat
-CVE-2005-4288 (Cross-site scripting (XSS) vulnerability in index.php in MarmaraWeb ...)
+CVE-2005-4288
 	NOT-FOR-US: MarmaraWeb E-commerce
-CVE-2005-4287 (PHP remote file include vulnerability in MarmaraWeb E-commerce allows ...)
+CVE-2005-4287
 	NOT-FOR-US: MarmaraWeb E-commerce
-CVE-2005-4286 (Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote ...)
+CVE-2005-4286
 	NOT-FOR-US: PhpLogCon
-CVE-2005-4285 (Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick ...)
+CVE-2005-4285
 	NOT-FOR-US: Dick Copits PDEstore
-CVE-2005-4284 (Cross-site scripting (XSS) vulnerability in StaticStore Search Engine ...)
+CVE-2005-4284
 	NOT-FOR-US: StaticStore Search Engine
-CVE-2005-4283 (Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and ...)
+CVE-2005-4283
 	NOT-FOR-US: The CITY Shop
-CVE-2005-4282 (Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and ...)
+CVE-2005-4282
 	NOT-FOR-US: Zaygo DomainCart
-CVE-2005-4281 (Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and ...)
+CVE-2005-4281
 	NOT-FOR-US: Zaygo HostingCart
-CVE-2005-4280 (Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo ...)
+CVE-2005-4280
 	- cmake <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4279 (Untrusted search path vulnerability in Qt-UnixODBC before 3.3.4-r1 on ...)
+CVE-2005-4279
 	- qt-x11-free <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4278 (Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo ...)
+CVE-2005-4278
 	- perl <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4277 (Cross-site scripting (XSS) vulnerability in index.php in toendaCMS ...)
+CVE-2005-4277
 	NOT-FOR-US: toendaCMS
-CVE-2005-4276 (Westell Versalink 327W allows remote attackers to cause a denial of ...)
+CVE-2005-4276
 	NOT-FOR-US: Westell Versalink
-CVE-2005-4275 (Scientific Atlanta DPX2100 Cable Modem allows remote attackers to ...)
+CVE-2005-4275
 	NOT-FOR-US: Scientific Atlanta DPX2100 Cable Modem
-CVE-2005-4274 (Unspecified vulnerability in Business Objects WebIntelligence 6.5x ...)
+CVE-2005-4274
 	NOT-FOR-US: Business Objects WebIntelligence
-CVE-2005-4273 (Multiple unspecified vulnerabilities in (1) getShell and (2) ...)
+CVE-2005-4273
 	NOT-FOR-US: AIX
-CVE-2005-4272 (Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote ...)
+CVE-2005-4272
 	NOT-FOR-US: AIX
-CVE-2005-4271 (Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local ...)
+CVE-2005-4271
 	NOT-FOR-US: AIX
-CVE-2005-4270 (Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows ...)
+CVE-2005-4270
 	NOT-FOR-US: Watchfire AppScan
-CVE-2005-4269 (mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer ...)
+CVE-2005-4269
 	NOT-FOR-US: Microsoft Windows
-CVE-2005-4268 (Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a ...)
+CVE-2005-4268
 	- cpio 2.6-10 (bug #344134; medium)
 	[sarge] - cpio <unfixed> (medium)
 	[woody] - cpio <unfixed> (medium)
-CVE-2005-4267 (Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote ...)
+CVE-2005-4267
 	NOT-FOR-US: Qualcomm WorldMail
 CVE-2005-XXXX [rageirc IRC daemon always allows login with empty password]
 	NOTE: not reproducible
 	- rageircd <not-affected> (bug #343543; medium)
-CVE-2005-4266 (WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a ...)
+CVE-2005-4266
 	NOT-FOR-US: Alt-N MDaemon and WorldClient
 CVE-2005-4265
 	REJECTED
-CVE-2005-4264 (Multiple SQL injection vulnerabilities in index.php in PHP Support ...)
+CVE-2005-4264
 	NOT-FOR-US: PHP Support Tickets
-CVE-2005-4263 (SQL injection vulnerability in the News module in Envolution allows ...)
+CVE-2005-4263
 	NOT-FOR-US: Envolution
-CVE-2005-4262 (Cross-site scripting (XSS) vulnerability in the News module in ...)
+CVE-2005-4262
 	NOT-FOR-US: Envolution
-CVE-2005-4261 (Unspecified vulnerability in Positive Software Corporation CP+ ...)
+CVE-2005-4261
 	NOT-FOR-US: CP+
-CVE-2005-4260 (Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and ...)
+CVE-2005-4260
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-4259 (Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote ...)
+CVE-2005-4259
 	NOT-FOR-US: ASPBB
-CVE-2005-4258 (Unspecified Cisco Catalyst Switches allow remote attackers to cause a ...)
+CVE-2005-4258
 	NOT-FOR-US: Cisco
-CVE-2005-4257 (Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial ...)
+CVE-2005-4257
 	NOT-FOR-US: Linksys hardware
-CVE-2005-4256 (Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM ...)
+CVE-2005-4256
 	NOT-FOR-US: ASP-DEV XM Forum
-CVE-2005-4255 (Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki ...)
+CVE-2005-4255
 	NOT-FOR-US: WikkaWiki
-CVE-2005-4254 (SQL injection vulnerability in view_Results.php in DreamLevels ...)
+CVE-2005-4254
 	NOT-FOR-US: DreamLevels DreamPoll
-CVE-2005-4253 (Cross-site scripting (XSS) vulnerability in getdox.php in Torrential ...)
+CVE-2005-4253
 	NOT-FOR-US: Torrential
-CVE-2005-4252 (Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and ...)
+CVE-2005-4252
 	NOT-FOR-US: mcGallery PRO
-CVE-2005-4251 (Multiple SQL injection vulnerabilities in mcGallery PRO 2.2 and ...)
+CVE-2005-4251
 	NOT-FOR-US: mcGallery PRO
-CVE-2005-4250 (Directory traversal vulnerability in mcGallery PRO 2.2 and earlier ...)
+CVE-2005-4250
 	NOT-FOR-US: mcGallery PRO
-CVE-2005-4249 (ADP Forum 2.0 through 2.0.3 stores sensitive information in plaintext ...)
+CVE-2005-4249
 	NOT-FOR-US: ADP Forum
-CVE-2005-4248 (Multiple cross-site scripting (XSS) vulnerabilities in QuickPayPro 3.1 ...)
+CVE-2005-4248
 	NOT-FOR-US: QuickPayPro
-CVE-2005-4247 (Cross-site scripting (XSS) vulnerability in index.php in Plogger Beta ...)
+CVE-2005-4247
 	NOT-FOR-US: Plogger
-CVE-2005-4246 (SQL injection vulnerability in Plogger Beta 2 and earlier allows ...)
+CVE-2005-4246
 	NOT-FOR-US: Plogger
-CVE-2005-4245 (Cross-site scripting (XSS) vulnerability in search.php in Snipe ...)
+CVE-2005-4245
 	NOT-FOR-US: Snipe Gallery
-CVE-2005-4244 (SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows ...)
+CVE-2005-4244
 	NOT-FOR-US: Snipe Gallery
-CVE-2005-4243 (Multiple SQL injection vulnerabilities in QuickPayPro 3.1 allow remote ...)
+CVE-2005-4243
 	NOT-FOR-US: QuickPayPro
-CVE-2005-4241 (Cross-site scripting (XSS) vulnerability in the category page in ...)
+CVE-2005-4241
 	NOT-FOR-US: VCD-db
-CVE-2005-4240 (SQL injection vulnerability in search.php in VCD-db 0.98 and earlier ...)
+CVE-2005-4240
 	NOT-FOR-US: VCD-db
-CVE-2005-4239 (Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php ...)
+CVE-2005-4239
 	NOT-FOR-US: PHP JackKnife
-CVE-2005-4238 (Cross-site scripting (XSS) vulnerability in view_filters_page.php in ...)
+CVE-2005-4238
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4237 (Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and ...)
+CVE-2005-4237
 	NOT-FOR-US: MySQL Auction
-CVE-2005-4236 (Cross-site scripting (XSS) vulnerability in search.php in CKGOLD ...)
+CVE-2005-4236
 	NOT-FOR-US: CKGOLD
-CVE-2005-4235 (Cross-site scripting (XSS) vulnerability in knowledgebase.php in ...)
+CVE-2005-4235
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2005-4234 (SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and ...)
+CVE-2005-4234
 	NOT-FOR-US: EncapsGallery
-CVE-2005-4233 (SQL injection vulnerability in advertiser_statistic.php in Ad Manager ...)
+CVE-2005-4233
 	NOT-FOR-US: Ad Manager Pro
-CVE-2005-4232 (** DISPUTED ** ...)
+CVE-2005-4232
 	NOT-FOR-US: Jamit Job Board
-CVE-2005-4231 (Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and ...)
+CVE-2005-4231
 	NOT-FOR-US: Link Up Gold
-CVE-2005-4230 (SQL injection vulnerability in poll.php in Link Up Gold 2.5 and ...)
+CVE-2005-4230
 	NOT-FOR-US: Link Up Gold
-CVE-2005-4229 (Cross-site scripting (XSS) vulnerability in auction.pl in EveryAuction ...)
+CVE-2005-4229
 	NOT-FOR-US: EveryAuction
-CVE-2005-4228 (Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and ...)
+CVE-2005-4228
 	NOT-FOR-US: PhpWebGallery
-CVE-2005-4227 (Multiple &quot;potential&quot; SQL injection vulnerabilities in DCP-Portal 6.1.1 ...)
+CVE-2005-4227
 	NOT-FOR-US: DCP-Portal
-CVE-2005-4226 (Multiple &quot;potential&quot; SQL injection vulnerabilities in phpWebThings 1.4 ...)
+CVE-2005-4226
 	NOT-FOR-US: pgpWebThings
-CVE-2005-4225 (Multiple &quot;potential&quot; SQL injection vulnerabilities in myBloggie 2.1.3 ...)
+CVE-2005-4225
 	NOT-FOR-US: myBloggie
-CVE-2005-4224 (Multiple &quot;potential&quot; SQL injection vulnerabilities in e107 0.7 might ...)
+CVE-2005-4224
 	NOT-FOR-US: e107
-CVE-2005-4223 (Multiple &quot;potential&quot; SQL injection vulnerabilities in Utopia News Pro ...)
+CVE-2005-4223
 	NOT-FOR-US: Utopia News Pro
-CVE-2005-4222 (Multiple cross-site scripting (XSS) vulnerabilities in guestbook.cgi ...)
+CVE-2005-4222
 	NOT-FOR-US: Lars Ellingsen Guestserver
-CVE-2005-4221 (SQL injection vulnerability in link.php in Arab Portal System 2 Beta 2 ...)
+CVE-2005-4221
 	NOT-FOR-US: Arab Portal System
-CVE-2005-4220 (Netgear RP114, and possibly other versions and devices, allows remote ...)
+CVE-2005-4220
 	NOT-FOR-US: Netgear hardware issue
-CVE-2005-4219 (setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains ...)
+CVE-2005-4219
 	NOT-FOR-US: Innovative CMS
-CVE-2005-4218 (SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows ...)
+CVE-2005-4218
 	NOT-FOR-US: PHPWebThings
-CVE-2005-4217 (Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges ...)
+CVE-2005-4217
 	- perl <not-affected> (MacOS specific vulnerability)
-CVE-2005-4216 (The Administration Service (FMSAdmin.exe) in Macromedia Flash Media ...)
+CVE-2005-4216
 	NOT-FOR-US: Macromedia Flash Media Server
-CVE-2005-4215 (Motorola SB5100E Cable Modem allows remote attackers to cause a denial ...)
+CVE-2005-4215
 	NOT-FOR-US: Motorola hardware
-CVE-2005-4214 (phpCOIN 1.2.2 allows remote attackers to obtain the installation path ...)
+CVE-2005-4214
 	NOT-FOR-US: phpCOIN
-CVE-2005-4213 (SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote ...)
+CVE-2005-4213
 	NOT-FOR-US: phpCOIN
-CVE-2005-4212 (Directory traversal vulnerability in coin_includes/db.php in phpCOIN ...)
+CVE-2005-4212
 	NOT-FOR-US: phpCOIN
-CVE-2005-4211 (PHP remote file inclusion vulnerability in coin_includes/db.php in ...)
+CVE-2005-4211
 	NOT-FOR-US: phpCOIN
-CVE-2005-4210 (Opera before 8.51, when running on Windows with Input Method Editor ...)
+CVE-2005-4210
 	NOT-FOR-US: Opera
-CVE-2005-4209 (WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to ...)
+CVE-2005-4209
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2005-4208 (Directory traversal vulnerability in Flatnuke 2.5.6 allows remote ...)
+CVE-2005-4208
 	NOT-FOR-US: Flatnuke
-CVE-2005-4207 (SQL injection vulnerability in BTGrup Admin WebController Script ...)
+CVE-2005-4207
 	NOT-FOR-US: BTGrup Admin WebController Script
-CVE-2005-4206 (Blackboard Learning and Community Portal System in Academic Suite ...)
+CVE-2005-4206
 	NOT-FOR-US: Blackboard Learning and Community Port Systems
-CVE-2005-4205 (Cross-site scripting (XSS) vulnerability in searchdb.asp in LocazoList ...)
+CVE-2005-4205
 	NOT-FOR-US: LocazoList
-CVE-2005-4204 (Cross-site scripting (XSS) vulnerability in LogiSphere 0.9.9j allows ...)
+CVE-2005-4204
 	NOT-FOR-US: LogiSphere
-CVE-2005-4203 (LogiSphere 0.9.9j does not restrict the number of messages that can be ...)
+CVE-2005-4203
 	NOT-FOR-US: LogiSphere
-CVE-2005-4202 (Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j ...)
+CVE-2005-4202
 	NOT-FOR-US: LogiSphere
-CVE-2005-4201 (Directory traversal vulnerability in My Album Online 1.0 allows remote ...)
+CVE-2005-4201
 	NOT-FOR-US: My Album Online
-CVE-2005-4200 (Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before ...)
+CVE-2005-4200
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4199 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) ...)
+CVE-2005-4199
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4198 (SQL injection vulnerability in index.php in Netref 3.0 allows remote ...)
+CVE-2005-4198
 	NOT-FOR-US: Netref
-CVE-2005-4197 (tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to ...)
+CVE-2005-4197
 	NOT-FOR-US: Nortel SSL VPN
-CVE-2005-4196 (Multiple cross-site scripting (XSS) vulnerabilities in Scout Portal ...)
+CVE-2005-4196
 	NOT-FOR-US: Scout Portal Toolkit
-CVE-2005-4195 (Multiple SQL injection vulnerabilities in Scout Portal Toolkit (SPT) ...)
+CVE-2005-4195
 	NOT-FOR-US: Scout Portal Toolkit
-CVE-2005-4194 (Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming ...)
+CVE-2005-4194
 	NOT-FOR-US: Sights 'n Sounds Streaming Media Server
-CVE-2005-4193 (Cross-site scripting (XSS) vulnerability in UseBB before 0.7 allows ...)
+CVE-2005-4193
 	NOT-FOR-US: UseBB
-CVE-2005-4242 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 ...)
+CVE-2005-4242
 	- turba2 2.0.5-1 (bug #342946; medium)
-CVE-2005-4192 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-4192
 	- mnemo2 2.0.3-1 (bug #342944; medium)
-CVE-2005-4191 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-4191
 	- nag2 2.0.4-1 (bug #342945; medium)
-CVE-2005-4190 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
+CVE-2005-4190
 	{DSA-1033-1}
 	- horde3 3.0.9-1 (bug #342942; bug #354512; medium)
-CVE-2005-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
+CVE-2005-4189
 	{DSA-970-1}
 	- kronolith2 2.0.6-1 (bug #342943; medium)
 	- kronolith <removed> (bug #349261; medium)
@@ -1615,112 +1615,112 @@ CVE-2005-4180
 	RESERVED
 CVE-2005-4179
 	RESERVED
-CVE-2005-4177 (Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book ...)
+CVE-2005-4177
 	NOT-FOR-US: Magic Book Personal and Professional
-CVE-2005-4176 (AWARD Bios Modular 4.50pg does not clear the keyboard buffer after ...)
+CVE-2005-4176
 	NOT-FOR-US: AWARD BIOS
-CVE-2005-4175 (Insyde BIOS V190 does not clear the keyboard buffer after reading the ...)
+CVE-2005-4175
 	NOT-FOR-US: Insyde BIOS
-CVE-2005-4174 (eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow ...)
+CVE-2005-4174
 	NOT-FOR-US: eFiction
-CVE-2005-4173 (eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive ...)
+CVE-2005-4173
 	NOT-FOR-US: eFiction
-CVE-2005-4172 (eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive ...)
+CVE-2005-4172
 	NOT-FOR-US: eFiction
-CVE-2005-4171 (The &quot;Upload new image&quot; command in the &quot;Manage Images&quot; eFiction 1.1, ...)
+CVE-2005-4171
 	NOT-FOR-US: eFiction
-CVE-2005-4170 (SQL injection vulnerability in eFiction 1.1 allows remote attackers to ...)
+CVE-2005-4170
 	NOT-FOR-US: eFiction
-CVE-2005-4169 (Multiple SQL injection vulnerabilities in eFiction 1.0 allow remote ...)
+CVE-2005-4169
 	NOT-FOR-US: eFiction
-CVE-2005-4168 (Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 ...)
+CVE-2005-4168
 	NOT-FOR-US: eFiction
-CVE-2005-4167 (Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 ...)
+CVE-2005-4167
 	NOT-FOR-US: eFiction
-CVE-2005-4166 (Cross-site scripting (XSS) vulnerability in password.asp in DUWare ...)
+CVE-2005-4166
 	NOT-FOR-US: DUportal
-CVE-2005-4165 (Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum ...)
+CVE-2005-4165
 	NOT-FOR-US: ASP-DEV ASP Resources Forum
-CVE-2005-4178 (Buffer overflow in Dropbear server before 0.47 allows authenticated ...)
+CVE-2005-4178
 	{DSA-923-1}
 	- dropbear 0.47-1 (high)
-CVE-2005-4164 (SQL injection vulnerability in view.php in PHP-addressbook 1.2 allows ...)
+CVE-2005-4164
 	NOT-FOR-US: PHP-addressbook
-CVE-2005-4163 (Directory traversal vulnerability in captcha.php in Captcha PHP 0.9 ...)
+CVE-2005-4163
 	NOT-FOR-US: Captcha
-CVE-2005-4162 (Cross-site scripting (XSS) vulnerability in cal_make.pl in ACME ...)
+CVE-2005-4162
 	NOT-FOR-US: ACME PerlCal
-CVE-2005-4161 (** DISPUTED ** ...)
+CVE-2005-4161
 	NOT-FOR-US: MilliScripts
-CVE-2005-4160 (Directory traversal vulnerability in getdox.php in Torrential 1.2 ...)
+CVE-2005-4160
 	NOT-FOR-US: Torrential
-CVE-2005-4159 (** DISPUTED ** ...)
+CVE-2005-4159
 	NOT-FOR-US: Simple Machines Forum
-CVE-2005-4158 (Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear ...)
+CVE-2005-4158
 	{DSA-946-2}
 	- sudo 1.6.8p12-1 (bug #342948; medium)
-CVE-2005-4157 (Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 ...)
+CVE-2005-4157
 	NOT-FOR-US: Kerio Firewall
-CVE-2005-4156 (Unspecified vulnerability in Mambo 4.5 (1.0.0) through 4.5 (1.0.9), ...)
+CVE-2005-4156
 	NOT-FOR-US: Mambo
-CVE-2005-4155 (registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to ...)
+CVE-2005-4155
 	NOT-FOR-US: ATutor
-CVE-2005-4154 (Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows ...)
+CVE-2005-4154
 	- php5 5.1.1-1
 	NOTE: PHP 5 in Debian is vulnerable according to the changelog.
-CVE-2005-4153 (Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial ...)
+CVE-2005-4153
 	{DSA-955-1}
 	- mailman 2.1.5-10
-CVE-2005-4152 (Soti Pocket Controller-Professional 5.0 allows remote attackers to ...)
+CVE-2005-4152
 	NOT-FOR-US: Soti Pocket Controller-Professional
-CVE-2005-4151 (The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop ...)
+CVE-2005-4151
 	NOT-FOR-US: PGP Desktop Home
-CVE-2005-4150 (Cross-site scripting (XSS) vulnerability in the portal login page in ...)
+CVE-2005-4150
 	NOT-FOR-US: CA Clever Path
-CVE-2005-4149 (Lyris ListManager 8.8 through 8.9b allows remote attackers to obtain ...)
+CVE-2005-4149
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4148 (Lyris ListManager 8.5, and possibly other versions before 8.8, ...)
+CVE-2005-4148
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4147 (The TCLHTTPd service in Lyris ListManager before 8.9b allows remote ...)
+CVE-2005-4147
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4146 (Lyris ListManager before 8.9b allows remote attackers to obtain ...)
+CVE-2005-4146
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4145 (The MSDE version of Lyris ListManager 5.0 through 8.9b configures the ...)
+CVE-2005-4145
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4144 (Lyris ListManager 5.0 through 8.9a allows remote attackers to add ...)
+CVE-2005-4144
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4143 (SQL injection vulnerability in Lyris ListManager 5.0 through 8.9a ...)
+CVE-2005-4143
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4142 (The web interface for subscribing new users in Lyris ListManager 5.0 ...)
+CVE-2005-4142
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...)
+CVE-2005-4141
 	NOT-FOR-US: ASPMForum
-CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker ...)
+CVE-2005-4140
 	NOT-FOR-US: Website Baker
-CVE-2005-4139 (Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 ...)
+CVE-2005-4139
 	NOT-FOR-US: ThWboard
-CVE-2005-4138 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard before ...)
+CVE-2005-4138
 	NOT-FOR-US: ThWboard
-CVE-2005-4137 (SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows ...)
+CVE-2005-4137
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4136 (Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 ...)
+CVE-2005-4136
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4135 (Direct static code injection vulnerability in includes/newtopic.php in ...)
+CVE-2005-4135
 	NOT-FOR-US: SimpleBBS
-CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before ...)
+CVE-2005-4134
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (unimportant)
 	- mozilla 2:1.7.13-0.1 (unimportant)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (unimportant)
 	NOTE: Not exploitable beyond a sluggish browser startup, see
 	NOTE: http://web.archive.org/web/20141206010602/https://www.mozilla.org/security/history-title.html
-CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...)
+CVE-2005-4133
 	NOT-FOR-US: Solaris
-CVE-2005-4132 (Unspecified &quot;security leak&quot; vulnerability in Contenido before 4.6.4, ...)
+CVE-2005-4132
 	NOT-FOR-US: Contenido
-CVE-2005-4131 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in ...)
+CVE-2005-4131
 	NOT-FOR-US: Excel
-CVE-2005-4130 (** UNVERIFIABLE, PRERELEASE ** ...)
+CVE-2005-4130
 	NOT-FOR-US: Pre-Notification for RealMedia vulnerability, which never appeared
 CVE-2005-4129
 	REJECTED
@@ -1728,7 +1728,7 @@ CVE-2005-4128
 	REJECTED
 CVE-2005-4127
 	REJECTED
-CVE-2005-4126 (** UNVERIFIABLE, PRERELEASE ** ...)
+CVE-2005-4126
 	NOT-FOR-US: Pre-Notification for RealMedia vulnerability, which never appeared
 CVE-2005-4125
 	REJECTED
@@ -1790,102 +1790,102 @@ CVE-2005-4097
 	REJECTED
 CVE-2005-4096
 	REJECTED
-CVE-2005-4095 (Directory traversal vulnerability in connector.php in the ...)
+CVE-2005-4095
 	NOT-FOR-US: DoceboLMS
-CVE-2005-4094 (connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows ...)
+CVE-2005-4094
 	NOT-FOR-US: DoceboLMS
-CVE-2005-4093 (Check Point VPN-1 SecureClient NG with Application Intelligence R56, ...)
+CVE-2005-4093
 	NOT-FOR-US: Check Point
-CVE-2005-4092 (Multiple heap-based buffer overflows in QuickTime.qts in Apple ...)
+CVE-2005-4092
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-4091 (Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script ...)
+CVE-2005-4091
 	NOT-FOR-US: 1-Script 1-Search
-CVE-2005-4090 (Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is ...)
+CVE-2005-4090
 	NOT-FOR-US: HP-UX
-CVE-2005-4089 (Microsoft Internet Explorer allows remote attackers to bypass ...)
+CVE-2005-4089
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-4088 (SQL injection vulnerability in index.php in phpForumPro 2.2 allows ...)
+CVE-2005-4088
 	NOT-FOR-US: phpForumPro
-CVE-2005-4087 (PHP remote file include vulnerability in acceptDecline.php in Sugar ...)
+CVE-2005-4087
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2005-4086 (Directory traversal vulnerability in acceptDecline.php in Sugar Suite ...)
+CVE-2005-4086
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2005-4085 (Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web ...)
+CVE-2005-4085
 	NOT-FOR-US: BlueCoat WinProxy
-CVE-2005-4084 (xs_edit.php in the phpBB eXtreme Styles module 2.2.1 and earlier ...)
+CVE-2005-4084
 	NOT-FOR-US: phpBB eXtreme Styles module
-CVE-2005-4083 (Directory traversal vulnerability in xs_edit.php in the eXtreme Styles ...)
+CVE-2005-4083
 	NOT-FOR-US: phpBB eXtreme Styles module
-CVE-2005-4082 (The dhcp.client program for QNX 4.25 vmware is setuid, possibly by ...)
+CVE-2005-4082
 	NOT-FOR-US: QNX
-CVE-2005-4081 (Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow ...)
+CVE-2005-4081
 	NOT-FOR-US: Alisveristr E-commerce
-CVE-2005-4080 (Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 ...)
+CVE-2005-4080
 	- imp4 4.0.4-1 (bug #342654; unimportant)
 	NOTE: Internet Explorer bug, most definitely fixed since long, didn't check though
-CVE-2005-4079 (The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote ...)
+CVE-2005-4079
 	- phpmyadmin <not-affected> (Affects only 2.7.0)
-CVE-2005-4078 (Multiple cross-site scripting (XSS) vulnerabilities in Ideal BB.NET ...)
+CVE-2005-4078
 	NOT-FOR-US: Ideal BB.NET
-CVE-2005-4076 (Buffer overflow in Appfluent Technology Database IDS 2.0 allows local ...)
+CVE-2005-4076
 	NOT-FOR-US: Appfluent Technology Database IDS 2.0
-CVE-2005-4075 (Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in ...)
+CVE-2005-4075
 	NOT-FOR-US: CF_Nuke
-CVE-2005-4074 (Directory traversal vulnerability in index.cfm in CF_Nuke 4.6 and ...)
+CVE-2005-4074
 	NOT-FOR-US: CF_Nuke
-CVE-2005-4073 (SQL injection vulnerability in view_archive.cfm in CFMagic Magic List ...)
+CVE-2005-4073
 	NOT-FOR-US: Magic List Pro
-CVE-2005-4072 (Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum ...)
+CVE-2005-4072
 	NOT-FOR-US: Magic Personal Forum
-CVE-2005-4071 (Multiple SQL injection vulnerabilities in CFMagic Magic Forum Personal ...)
+CVE-2005-4071
 	NOT-FOR-US: Magic Personal Forum
 CVE-2005-4070
 	REJECTED
-CVE-2005-4069 (SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure ...)
+CVE-2005-4069
 	NOT-FOR-US: Sony root kit
-CVE-2005-4068 (Unspecified &quot;absolute path vulnerability&quot; in umountall in IBM AIX 5.1 ...)
+CVE-2005-4068
 	NOT-FOR-US: AIX
 CVE-2005-4067
 	REJECTED
-CVE-2005-4066 (Total Commander 6.53 uses weak encryption to store FTP usernames and ...)
+CVE-2005-4066
 	NOT-FOR-US: Total Commander
-CVE-2005-4065 (SQL injection vulnerability in the search module in Edgewall Trac ...)
+CVE-2005-4065
 	{DSA-951-2}
 	- trac 0.9.2-1 (bug #342232; medium)
 	[sarge] - trac 0.8.1-3sarge4
-CVE-2005-4064 (Multiple SQL injection vulnerabilities in A-FAQ 1.0 allow remote ...)
+CVE-2005-4064
 	NOT-FOR-US: A-FAQ
-CVE-2005-4063 (Multiple cross-site scripting (XSS) vulnerabilities in NetAuctionHelp ...)
+CVE-2005-4063
 	NOT-FOR-US: NetAuctionHelp
-CVE-2005-4062 (Cross-site scripting (XSS) vulnerability in CPSearch.asp in ...)
+CVE-2005-4062
 	NOT-FOR-US: XcClassified
-CVE-2005-4061 (Cross-site scripting (XSS) vulnerability in PASearch.asp in ...)
+CVE-2005-4061
 	NOT-FOR-US: XcPhotoAlbum
-CVE-2005-4060 (Cross-site scripting (XSS) vulnerability in search.asp in rwAuction ...)
+CVE-2005-4060
 	NOT-FOR-US: rwAuction
-CVE-2005-4059 (SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and ...)
+CVE-2005-4059
 	NOT-FOR-US: LocazoList
-CVE-2005-4058 (SQL injection vulnerability in saralblog 1 and earlier allows remote ...)
+CVE-2005-4058
 	NOT-FOR-US: saralblog
-CVE-2005-4057 (Cross-site scripting (XSS) vulnerability in search.php in PluggedOut ...)
+CVE-2005-4057
 	NOT-FOR-US: PluggedOut Nexus
-CVE-2005-4056 (SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 ...)
+CVE-2005-4056
 	NOT-FOR-US: PluggedOut Nexus
-CVE-2005-4055 (SQL injection vulnerability in index.php in Cars Portal 1.1 and ...)
+CVE-2005-4055
 	NOT-FOR-US: Cars Portal
-CVE-2005-4054 (SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and ...)
+CVE-2005-4054
 	NOT-FOR-US: PluggedOut Bot
-CVE-2005-4053 (Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote ...)
+CVE-2005-4053
 	NOT-FOR-US: coWiki
-CVE-2005-4052 (e107 0.6174 allows remote attackers to redirect users to other web ...)
+CVE-2005-4052
 	NOT-FOR-US: e107
-CVE-2005-4051 (e107 0.6174 allows remote attackers to vote multiple times for a ...)
+CVE-2005-4051
 	NOT-FOR-US: e107
-CVE-2005-4050 (Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with ...)
+CVE-2005-4050
 	NOT-FOR-US: MultiVOIP hardware
-CVE-2005-4049 (Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote ...)
+CVE-2005-4049
 	NOT-FOR-US: Blog System
-CVE-2005-4048 (Heap-based buffer overflow in the avcodec_default_get_buffer function ...)
+CVE-2005-4048
 	{DSA-1005-1 DSA-1004-1 DSA-992-1}
 	- ffmpeg 0.cvs20050918-5.1 (bug #342207; medium)
 	- xmovie <removed>
@@ -1895,402 +1895,402 @@ CVE-2005-4048 (Heap-based buffer overflow in the avcodec_default_get_buffer func
 	- vlc 0.8.4.debian-2 (medium)
 	NOTE: kino, smilutils, motion and vlc link statically against libavcodec, need a recompile once ffmpeg is fixed
 	NOTE: smilutils, motion, kino link statically against libavcodec, but don't use the vulnerable function
-CVE-2005-4047 (Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ...)
+CVE-2005-4047
 	NOT-FOR-US: IISWorks ASPKnowledgeBase
-CVE-2005-4046 (Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java ...)
+CVE-2005-4046
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-4045 (Unspecified vulnerability in System Communications Services 6 ...)
+CVE-2005-4045
 	NOT-FOR-US: Sun Java System Messaging Server
-CVE-2005-4044 (Cross-site scripting (XSS) vulnerability in search.cgi in Amazon ...)
+CVE-2005-4044
 	NOT-FOR-US: Amazon Search Directory
-CVE-2005-4043 (SQL injection vulnerability in view.php in Hobosworld HobSR 1.0 and ...)
+CVE-2005-4043
 	NOT-FOR-US: Hobosworld HobSR
-CVE-2005-4042 (Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and ...)
+CVE-2005-4042
 	NOT-FOR-US: Warm Links
-CVE-2005-4041 (Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy ...)
+CVE-2005-4041
 	NOT-FOR-US: MR CGI Guy Hot Links SQL
-CVE-2005-4040 (SQL injection vulnerability in FileLister 0.51 and earlier allows ...)
+CVE-2005-4040
 	NOT-FOR-US: FileLister
-CVE-2005-4039 (Directory traversal vulnerability in arhiva.php in Web4Future Portal ...)
+CVE-2005-4039
 	NOT-FOR-US: Web4Future Portal Solutions News Portal
-CVE-2005-4038 (SQL injection vulnerability in comentarii.php in Web4Future Portal ...)
+CVE-2005-4038
 	NOT-FOR-US: Web4Future Portal Solutions News Portal
-CVE-2005-4037 (SQL injection vulnerability in functions.php in Web4Future Affiliate ...)
+CVE-2005-4037
 	NOT-FOR-US: Web4Future Affiliate Manager
-CVE-2005-4036 (Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future ...)
+CVE-2005-4036
 	NOT-FOR-US: Web4Future Keyboard Frequency Counter
-CVE-2005-4035 (Multiple SQL injection vulnerabilities in Web4Future eCommerce ...)
+CVE-2005-4035
 	NOT-FOR-US: Web4Future eCommerce Enterprise Edition
-CVE-2005-4034 (Multiple SQL injection vulnerabilities in Web4Future eDating ...)
+CVE-2005-4034
 	NOT-FOR-US: Web4Future eDating Professional
-CVE-2005-4033 (Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data ...)
+CVE-2005-4033
 	NOT-FOR-US: Nodezilla
-CVE-2005-4032 (Cross-site scripting (XSS) vulnerability in search.cgi in Easy Search ...)
+CVE-2005-4032
 	NOT-FOR-US: Easy Search System
-CVE-2005-4031 (Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows ...)
+CVE-2005-4031
 	- mediawiki <not-affected> (Only affects the 1.5 branch)
-CVE-2005-4030 (SQL injection vulnerability in Quicksilver Forums before 1.5.1 allows ...)
+CVE-2005-4030
 	NOT-FOR-US: Quicksilver Forums
-CVE-2005-4029 (WebEOC before 6.0.2 allows remote attackers to obtain valid usernames ...)
+CVE-2005-4029
 	NOT-FOR-US: WebEOC
-CVE-2005-4028 (Multiple cross-site scripting (XSS) vulnerabilities in aMember allow ...)
+CVE-2005-4028
 	NOT-FOR-US: aMember
-CVE-2005-4027 (SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers ...)
+CVE-2005-4027
 	NOT-FOR-US: SimpleBBS
-CVE-2005-4026 (search.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before ...)
+CVE-2005-4026
 	NOT-FOR-US: Geeklog
-CVE-2005-4025 (Help Desk Reloaded Free Help Desk does not remove or protect ...)
+CVE-2005-4025
 	NOT-FOR-US: Help Desk Reloaded Free Help Desk
-CVE-2005-4024 (Cross-site scripting (XSS) vulnerability in Interspire FastFind 2004 ...)
+CVE-2005-4024
 	NOT-FOR-US: Interspire FastFind
-CVE-2005-4023 (Unspecified vulnerability in the zipcart module in Gallery 2.0 before ...)
+CVE-2005-4023
 	- gallery2 2.0.2-1 (medium)
-CVE-2005-4022 (Cross-site scripting (XSS) vulnerability in the &quot;Add Image From Web&quot; ...)
+CVE-2005-4022
 	- gallery2 2.0.2-1 (medium)
-CVE-2005-4021 (The installer for Gallery 2.0 before 2.0.2 stores the install log ...)
+CVE-2005-4021
 	- gallery2 2.0.2-1 (low)
-CVE-2005-4020 (SQL injection vulnerability in create.php in Widget Imprint 1.0.26 and ...)
+CVE-2005-4020
 	NOT-FOR-US: Widget Imprint
-CVE-2005-4019 (SQL injection vulnerability in index.php in Relative Real Estate ...)
+CVE-2005-4019
 	NOT-FOR-US: Relative Real Estate Systems
-CVE-2005-4018 (SQL injection vulnerability in ls.php in Landshop Real Estate Commerce ...)
+CVE-2005-4018
 	NOT-FOR-US: Landshop Real Estate Commerce System
-CVE-2005-4017 (property.php in Widget Property 1.1.19 allows remote attackers to ...)
+CVE-2005-4017
 	NOT-FOR-US: Widget Property
-CVE-2005-4016 (SQL injection vulnerability in Widget Property 1.1.19 allows remote ...)
+CVE-2005-4016
 	NOT-FOR-US: Widget Property
-CVE-2005-4015 (PHP Web Statistik 1.4 does not rotate the log database or limit the ...)
+CVE-2005-4015
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4014 (stat.php in PHP Web Statistik 1.4 allows remote attackers to cause a ...)
+CVE-2005-4014
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4013 (PHP Web Statistik 1.4 stores the stat.cfg file under the web root with ...)
+CVE-2005-4013
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4012 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Web ...)
+CVE-2005-4012
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4011 (SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar ...)
+CVE-2005-4011
 	NOT-FOR-US: Codewalkers ltwCalendar
-CVE-2005-4010 (SQL injection vulnerability in KBase Express 1.0.0 and earlier allows ...)
+CVE-2005-4010
 	NOT-FOR-US: Kbase Express
-CVE-2005-4009 (Multiple SQL injection vulnerabilities in PHP Lite Calendar Express ...)
+CVE-2005-4009
 	NOT-FOR-US: PHP Lite Calender Express
-CVE-2005-4008 (SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 ...)
+CVE-2005-4008
 	NOT-FOR-US: Jax Calendar
-CVE-2005-4077 (Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 ...)
+CVE-2005-4077
 	{DSA-919-2}
 	- curl 7.15.1-1 (bug #342339; bug #342696; medium)
-CVE-2005-4007 (Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, ...)
+CVE-2005-4007
 	NOT-FOR-US: SAPID CMS
-CVE-2005-4006 (SAPID CMS before 1.2.3.03 allows remote attackers to bypass ...)
+CVE-2005-4006
 	NOT-FOR-US: SAPID CMS
-CVE-2005-4005 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 ...)
+CVE-2005-4005
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-4004 (Cross-site scripting (XSS) vulnerability in search.asp in ...)
+CVE-2005-4004
 	NOT-FOR-US: MyTemplateSite
-CVE-2005-4003 (Multiple SQL injection vulnerabilities in Absolute Shopping Package ...)
+CVE-2005-4003
 	NOT-FOR-US: Absolute Shopping Package Solutions (ASPS) Shopping Cart
-CVE-2005-4002 (WebEOC before 6.0.2 uses the same secret key for all installations, ...)
+CVE-2005-4002
 	NOT-FOR-US: WebEOC
-CVE-2005-4001 (Multiple SQL injection vulnerabilities in phpYellowTM Pro Edition and ...)
+CVE-2005-4001
 	NOT-FOR-US: phpYellowTM Pro Edition
-CVE-2005-4000 (Cross-site scripting (XSS) vulnerability in archive.asp in SiteBeater ...)
+CVE-2005-4000
 	NOT-FOR-US: SiteBeater News System
-CVE-2005-3999 (Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater ...)
+CVE-2005-3999
 	NOT-FOR-US: SiteBeater MP3 Catalog
-CVE-2005-3998 (Cross-site scripting (XSS) vulnerability in search.asp in Solupress ...)
+CVE-2005-3998
 	NOT-FOR-US: Solupress News
-CVE-2005-3997 (Zen Cart 1.2.6d and earlier, under certain PHP configurations, allows ...)
+CVE-2005-3997
 	NOT-FOR-US: Zen Cart
-CVE-2005-3996 (SQL injection vulnerability in admin/password_forgotten.php in ...)
+CVE-2005-3996
 	NOT-FOR-US: Zen Cart
-CVE-2005-3995 (Format string vulnerability in the dosyslog function in the OBEX ...)
+CVE-2005-3995
 	NOT-FOR-US: Sobexsrv
 	NOTE: Checked obexserver source package, not vulnerable
 CVE-2005-3994
 	REJECTED
-CVE-2005-3993 (Multiple unspecified vulnerabilities in MailEnable Professional 1.6 ...)
+CVE-2005-3993
 	NOT-FOR-US: MailEnable
-CVE-2005-3992 (Multiple buffer overflows in WinEggDropShell remote access trojan ...)
+CVE-2005-3992
 	NOT-FOR-US: WinEggDropShell
-CVE-2005-3991 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat ...)
+CVE-2005-3991
 	NOT-FOR-US: phpMyChat
 CVE-2005-3990
 	REJECTED
-CVE-2005-3989 (Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack ...)
+CVE-2005-3989
 	NOT-FOR-US: Avaya hardware
-CVE-2005-3988 (SQL injection vulnerability in article.php in Pineapple Technologies ...)
+CVE-2005-3988
 	NOT-FOR-US: Pineapple Technologies Lore
-CVE-2005-3987 (Multiple SQL injection vulnerabilities in Tradesoft CMS allow remote ...)
+CVE-2005-3987
 	NOT-FOR-US: Tradesoft CMS
-CVE-2005-3986 (Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and ...)
+CVE-2005-3986
 	NOT-FOR-US: Instant Photo Gallery
-CVE-2005-3985 (The Internet Key Exchange version 1 (IKEv1) implementation in Astaro ...)
+CVE-2005-3985
 	NOT-FOR-US: Astaro Security Linux
-CVE-2005-3984 (SQL injection vulnerability in WebCalendar 1.0.1 allows remote ...)
+CVE-2005-3984
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #342090)
-CVE-2005-3983 (Unknown vulnerability in the login page for HP Systems Insight Manager ...)
+CVE-2005-3983
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2005-3982 (CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 ...)
+CVE-2005-3982
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #342090)
-CVE-2005-3981 (** DISPUTED ** ...)
+CVE-2005-3981
 	NOT-FOR-US: Windows
-CVE-2005-3980 (SQL injection vulnerability in the ticket query module in Edgewall ...)
+CVE-2005-3980
 	- trac 0.9.1-1 (bug #341697; medium)
 	[sarge] - trac <not-affected>
-CVE-2005-3979 (relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 ...)
+CVE-2005-3979
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-3978 (Multiple SQL injection vulnerabilities in NetClassifieds Premium ...)
+CVE-2005-3978
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2005-3977 (Cross-site scripting (XSS) vulnerability in QualityEBiz Quality PPC ...)
+CVE-2005-3977
 	NOT-FOR-US: QualityEBiz Quality PPC
-CVE-2005-3976 (SQL injection vulnerability in type.asp, as used in multiple DUware ...)
+CVE-2005-3976
 	NOT-FOR-US: Multipke DuWare products
-CVE-2005-3975 (Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and ...)
+CVE-2005-3975
 	{DSA-958-1}
 	- drupal 4.5.6-1 (bug #348811; medium)
-CVE-2005-3974 (Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on ...)
+CVE-2005-3974
 	{DSA-958-1}
 	- drupal 4.5.6-1 (low)
-CVE-2005-3973 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 ...)
+CVE-2005-3973
 	{DSA-958-1}
 	- drupal 4.5.6-1 (bug #348811; medium)
-CVE-2005-3972 (Cross-site scripting (XSS) vulnerability in extremesearch.php in ...)
+CVE-2005-3972
 	NOT-FOR-US: Extreme Search Corporate Edition
-CVE-2005-3971 (Cross-site scripting (XSS) vulnerability in the login form in Citrix ...)
+CVE-2005-3971
 	NOT-FOR-US: Citrix
-CVE-2005-3970 (Cross-site scripting (XSS) vulnerability in MXChange before ...)
+CVE-2005-3970
 	NOT-FOR-US: MXChange
-CVE-2005-3969 (SQL injection vulnerability in MXChange before 0.2.0-pre10 PL492 ...)
+CVE-2005-3969
 	NOT-FOR-US: MXChange
-CVE-2005-3968 (SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier ...)
+CVE-2005-3968
 	NOT-FOR-US: PHPX
-CVE-2005-3967 (Cross-site scripting (XSS) vulnerability in the dosearchsite.action ...)
+CVE-2005-3967
 	NOT-FOR-US: Atlassian Confluence
-CVE-2005-3966 (Cross-site scripting (XSS) vulnerability in search.jsp in Java Search ...)
+CVE-2005-3966
 	NOT-FOR-US: Java Search Engine
 CVE-2005-3965
 	REJECTED
-CVE-2005-3964 (Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, ...)
+CVE-2005-3964
 	- openmotif 2.2.3-1.4 (bug #342092; medium)
 	[sarge] - openmotif <no-dsa> (Non-free)
-CVE-2005-3963 (SQL injection vulnerability in session.php in DotClear before 1.2.3 ...)
+CVE-2005-3963
 	NOT-FOR-US: DotClear
-CVE-2005-3962 (Integer overflow in the format string functionality (Perl_sv_vcatpvfn) ...)
+CVE-2005-3962
 	{DSA-943-1}
 	- perl 5.8.7-9 (bug #341542; medium)
-CVE-2005-3961 (export_handler.php in WebCalendar 1.0.1 allows remote attackers to ...)
+CVE-2005-3961
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #341208; medium)
-CVE-2005-3960 (Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of ...)
+CVE-2005-3960
 	NOT-FOR-US: Kadu
-CVE-2005-3959 (Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 ...)
+CVE-2005-3959
 	NOT-FOR-US: FreeWebStat
-CVE-2005-3958 (SQL injection vulnerability in index.php in Entergal MX 2.0 allows ...)
+CVE-2005-3958
 	NOT-FOR-US: Entergal MX
-CVE-2005-3957 (Unspecified vulnerability in the Trackback functionality in DotClear ...)
+CVE-2005-3957
 	NOT-FOR-US: DotClear
-CVE-2005-3956 (Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 ...)
+CVE-2005-3956
 	NOT-FOR-US: DMANews
-CVE-2005-3955 (Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, ...)
+CVE-2005-3955
 	NOT-FOR-US: MagpieRSS
-CVE-2005-3954 (Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows ...)
+CVE-2005-3954
 	NOT-FOR-US: blogBuddies
-CVE-2005-3953 (SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers ...)
+CVE-2005-3953
 	NOT-FOR-US: Bedeng PSP
-CVE-2005-3952 (SQL injection vulnerability in PHP Labs Top Auction allows remote ...)
+CVE-2005-3952
 	NOT-FOR-US: PHP Labs Top Auction
-CVE-2005-3951 (SQL injection vulnerability in survey.php in PHP Labs Survey Wizard ...)
+CVE-2005-3951
 	NOT-FOR-US: PHP Labs Survey Wizard
-CVE-2005-3950 (nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users ...)
+CVE-2005-3950
 	- nufw 1.0.16-1 (bug #341544; medium)
-CVE-2005-3949 (Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow ...)
+CVE-2005-3949
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #341208; medium)
-CVE-2005-3948 (Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and ...)
+CVE-2005-3948
 	NOT-FOR-US: PHPAlbum
-CVE-2005-3947 (Directory traversal vulnerability in index.php in PHP Upload Center ...)
+CVE-2005-3947
 	NOT-FOR-US: PHP Upload Center
-CVE-2005-3946 (Opera 8.50 allows remote attackers to cause a denial of service ...)
+CVE-2005-3946
 	NOT-FOR-US: Opera
-CVE-2005-3945 (The SynAttackProtect protection in Microsoft Windows 2003 before SP1 ...)
+CVE-2005-3945
 	NOT-FOR-US: Microsoft
-CVE-2005-3944 (SQL injection vulnerability in survey.php in ilyav Survey System 1.1 ...)
+CVE-2005-3944
 	NOT-FOR-US: ilyav Survey System
-CVE-2005-3943 (Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and ...)
+CVE-2005-3943
 	NOT-FOR-US: ilyav Survey System
-CVE-2005-3942 (SQL injection vulnerability in knowledgebase-control.php in Orca ...)
+CVE-2005-3942
 	NOT-FOR-US: Orca Knowledgebase
-CVE-2005-3941 (SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier ...)
+CVE-2005-3941
 	NOT-FOR-US: Orca Blog
-CVE-2005-3940 (SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c ...)
+CVE-2005-3940
 	NOT-FOR-US: Orca Ringmaker
-CVE-2005-3939 (Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and ...)
+CVE-2005-3939
 	NOT-FOR-US: WSN Knowledge Base
-CVE-2005-3938 (SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler ...)
+CVE-2005-3938
 	NOT-FOR-US: Softbiz FAQ
-CVE-2005-3937 (SQL injection vulnerability in Softbiz B2B Trading Marketplace Script ...)
+CVE-2005-3937
 	NOT-FOR-US: Softbiz B2B
-CVE-2005-3936 (PHP file include vulnerability in SocketKB 1.1.0 and earlier allows ...)
+CVE-2005-3936
 	NOT-FOR-US: SocketKB
-CVE-2005-3935 (SQL injection vulnerability in SocketKB 1.1.0 and earlier allows ...)
+CVE-2005-3935
 	NOT-FOR-US: SocketKB
-CVE-2005-3934 (Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other ...)
+CVE-2005-3934
 	NOT-FOR-US: pcAnywhere
-CVE-2005-3933 (SQL injection vulnerability in index.php in 88Script's Event Calendar ...)
+CVE-2005-3933
 	NOT-FOR-US: 88Script's Event Calendar
-CVE-2005-3932 (SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and ...)
+CVE-2005-3932
 	NOT-FOR-US: O-Kiraku Nikki
-CVE-2005-3931 (SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows ...)
+CVE-2005-3931
 	NOT-FOR-US: ASP-Rider
-CVE-2005-3930 (SQL injection vulnerability in index.php in N-13 News 1.2 allows ...)
+CVE-2005-3930
 	NOT-FOR-US: N-13 News
-CVE-2005-3929 (Directory traversal vulnerability in the create function in ...)
+CVE-2005-3929
 	NOT-FOR-US: Xaraya
 	NOTE: xarMLSXML2PHPBackend.php, 'nuff said
-CVE-2005-3928 (Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users ...)
+CVE-2005-3928
 	NOT-FOR-US: QNX
-CVE-2005-3927 (Multiple directory traversal vulnerabilities in GuppY 4.5.9 and ...)
+CVE-2005-3927
 	NOT-FOR-US: GuppY
-CVE-2005-3926 (Direct static code injection vulnerability in error.php in GuppY 4.5.9 ...)
+CVE-2005-3926
 	NOT-FOR-US: GuppY
-CVE-2005-3925 (Multiple SQL injection vulnerabilities in Central Manchester CLC ...)
+CVE-2005-3925
 	NOT-FOR-US: Central Manchester CLC Helpdesk Issue Manager
-CVE-2005-3924 (SQL injection vulnerability in themes/kategorie/index.php in Randshop ...)
+CVE-2005-3924
 	NOT-FOR-US: Randshop
-CVE-2005-3923 (NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive ...)
+CVE-2005-3923
 	NOT-FOR-US: NetObjects Fusion
-CVE-2005-3922 (Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus ...)
+CVE-2005-3922
 	NOT-FOR-US: Panda Antivirus
-CVE-2005-3921 (Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for ...)
+CVE-2005-3921
 	NOT-FOR-US: IOS
-CVE-2005-3920 (SQL injection vulnerability in Babe Logger 2 allows remote attackers ...)
+CVE-2005-3920
 	NOT-FOR-US: Babe Logger
-CVE-2005-3919 (Cross-site scripting (XSS) vulnerability in PBLang 4.65 allows remote ...)
+CVE-2005-3919
 	NOT-FOR-US: PBLang
-CVE-2005-3918 (** DISPUTED ** ...)
+CVE-2005-3918
 	NOT-FOR-US: OvBB
-CVE-2005-3917 (SQL injection vulnerability in usersession in CommodityRentals 2.0 ...)
+CVE-2005-3917
 	NOT-FOR-US: CommidityRentals
-CVE-2005-3916 (SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows ...)
+CVE-2005-3916
 	NOT-FOR-US: WSN Forum
-CVE-2005-3915 (The Internet Key Exchange version 1 (IKEv1) implementation in ...)
+CVE-2005-3915
 	NOT-FOR-US: Clavister Web Client
-CVE-2005-3914 (Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow ...)
+CVE-2005-3914
 	NOT-FOR-US: AFFcommerce
-CVE-2005-3913 (Unspecified vulnerability in the domain alias management in Virtual ...)
+CVE-2005-3913
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2005-3912 (Format string vulnerability in miniserv.pl Perl web server in Webmin ...)
+CVE-2005-3912
 	{DSA-1199-1}
 	- webmin <not-affected> (Fixed through corrected Perl)
 	NOTE: No longer exploitable with Perl 5.8.7-9, thus no dedicated Webmin updated
-CVE-2005-3911 (Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 ...)
+CVE-2005-3911
 	NOT-FOR-US: BosDates
-CVE-2005-3910 (merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with ...)
+CVE-2005-3910
 	NOT-FOR-US: Post Affiliate Pro
-CVE-2005-3909 (SQL injection vulnerability in merchants/index.php in Post Affiliate ...)
+CVE-2005-3909
 	NOT-FOR-US: Post Affiliate Pro
-CVE-2005-3908 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+CVE-2005-3908
 	NOT-FOR-US: GhostScripter Amazon Shop
-CVE-2005-3907 (Unspecified vulnerability in Java Runtime Environment in Java JDK and ...)
+CVE-2005-3907
 	NOT-FOR-US: Sun Java
-CVE-2005-3906 (Multiple unspecified vulnerabilities in reflection APIs in Java SDK ...)
+CVE-2005-3906
 	NOT-FOR-US: Sun Java
-CVE-2005-3905 (Unspecified vulnerability in reflection APIs in Java SDK and JRE ...)
+CVE-2005-3905
 	NOT-FOR-US: Sun Java
-CVE-2005-3904 (Unspecified vulnerability in Java Management Extensions (JMX) in Java ...)
+CVE-2005-3904
 	NOT-FOR-US: Sun Java
-CVE-2005-3903 (Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows ...)
+CVE-2005-3903
 	NOT-FOR-US: SCO Unixware
-CVE-2005-3902 (Cross-site scripting (XSS) vulnerability in gui/errordocs/index.php in ...)
+CVE-2005-3902
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2005-3901 (Macromedia Flash Communication Server MX 1.0 and 1.5 does not ...)
+CVE-2005-3901
 	NOT-FOR-US: Flash MX
-CVE-2005-3900 (Macromedia Breeze Communication Server and Breeze Live Server does 5.1 ...)
+CVE-2005-3900
 	NOT-FOR-US: Macromedia Breeze
-CVE-2005-3899 (The automatic update feature in Google Talk allows remote attackers to ...)
+CVE-2005-3899
 	NOT-FOR-US: Google Talk
 CVE-2005-3898
 	REJECTED
-CVE-2005-3897 (Apple Safari 2.0.2 allows remote attackers to cause a denial of ...)
+CVE-2005-3897
 	NOT-FOR-US: Safari
 	NOTE: Not reproducible with konqueror 4:3.4.2-4.
-CVE-2005-3896 (Mozilla allows remote attackers to cause a denial of service (CPU ...)
+CVE-2005-3896
 	NOTE: maintainers don't believe it is a security bug and can't reproduce after 1.5.dfsg-1
 	- firefox 1.5.dfsg-1 (bug #340283; bug #345469; unimportant)
 	- mozilla-firefox 1.4.99+1.5rc3.dfsg-2 (bug #340283; bug #345469; unimportant)
 	- mozilla <removed> (bug #340282; unimportant)
-CVE-2005-3895 (Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 ...)
+CVE-2005-3895
 	{DSA-973-1}
 	- otrs 2.0.4p01-1 (bug #340352; medium)
-CVE-2005-3894 (Multiple cross-site scripting (XSS) vulnerabilities in index.pl in ...)
+CVE-2005-3894
 	{DSA-973-1}
 	- otrs 2.0.4p01-1 (bug #340352; medium)
-CVE-2005-3893 (Multiple SQL injection vulnerabilities in index.pl in Open Ticket ...)
+CVE-2005-3893
 	{DSA-973-1}
 	- otrs 2.0.4p01-1 (bug #340352; medium)
-CVE-2005-3892 (Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a ...)
+CVE-2005-3892
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3891 (Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers ...)
+CVE-2005-3891
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3890 (Gadu-Gadu 7.20 allows remote attackers to cause a denial of service ...)
+CVE-2005-3890
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3889 (Gadu-Gadu 7.20 allows remote attackers to cause a denial of service ...)
+CVE-2005-3889
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3888 (Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a ...)
+CVE-2005-3888
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3887 (Gadu-Gadu 7.20 does not properly handle MS-DOS device names in ...)
+CVE-2005-3887
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3886 (Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and ...)
+CVE-2005-3886
 	NOT-FOR-US: Cisco
-CVE-2005-3885 (The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before ...)
+CVE-2005-3885
 	{DSA-916-1}
 	- inkscape 0.42-1 (bug #321501; low)
-CVE-2005-3884 (Multiple SQL injection vulnerabilities in the search action in Zainu ...)
+CVE-2005-3884
 	NOT-FOR-US: Zaimu
-CVE-2005-3883 (CRLF injection vulnerability in the mb_send_mail function in PHP ...)
+CVE-2005-3883
 	- php4 4:4.4.2-1 (bug #341726; medium)
 	- php5 5.1.1-1 (bug #341368; medium)
 	[sarge] - php4 <no-dsa> (application's job to sanitize input)
-CVE-2005-3882 (SQL injection vulnerability in answer.php in FAQSystems FAQRing ...)
+CVE-2005-3882
 	NOT-FOR-US: FAQRing Knowledge Base
-CVE-2005-3881 (SQL injection vulnerability in search.php in AtlantisFAQ Knowledge ...)
+CVE-2005-3881
 	NOT-FOR-US: AtlantisFAQ Knowledge Base
-CVE-2005-3880 (Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and ...)
+CVE-2005-3880
 	NOT-FOR-US: Omnistar KBase
-CVE-2005-3879 (Multiple SQL injection vulnerabilities in Softbiz Resource Repository ...)
+CVE-2005-3879
 	NOT-FOR-US: Softbiz Resource Repository Script
-CVE-2005-3878 (Directory traversal vulnerability in index.php in PHP Doc System 1.5.1 ...)
+CVE-2005-3878
 	NOT-FOR-US: PHP Doc System
-CVE-2005-3877 (Multiple SQL injection vulnerabilities in Simple Document Management ...)
+CVE-2005-3877
 	NOT-FOR-US: Simple Document Management System
-CVE-2005-3876 (Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center ...)
+CVE-2005-3876
 	NOT-FOR-US: AD Center ADC2000 NG Pro
-CVE-2005-3875 (Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 ...)
+CVE-2005-3875
 	NOT-FOR-US: Enterprise Connector
-CVE-2005-3874 (SQL injection vulnerability in netzbr.php in Netzbrett 1.5.1 and ...)
+CVE-2005-3874
 	NOT-FOR-US: Netzbrett
-CVE-2005-3873 (SQL injection vulnerability in topic.php in ShockBoard 3.0 and 4.0 ...)
+CVE-2005-3873
 	NOT-FOR-US: ShockBoard
-CVE-2005-3872 (Multiple SQL injection vulnerabilities in Ugroup 2.6.2 and earlier ...)
+CVE-2005-3872
 	NOT-FOR-US: Ugroup
-CVE-2005-3871 (Multiple SQL injection vulnerabilities in Joels Bulletin board (JBB) ...)
+CVE-2005-3871
 	NOT-FOR-US: JBB
-CVE-2005-3870 (Multiple SQL injection vulnerabilities in edmobbs9r.php in edmoBBS 0.9 ...)
+CVE-2005-3870
 	NOT-FOR-US: edmoBBS
-CVE-2005-3869 (Cross-site scripting (XSS) vulnerability in index.php in Google API ...)
+CVE-2005-3869
 	NOT-FOR-US: Google API
-CVE-2005-3868 (Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier ...)
+CVE-2005-3868
 	NOT-FOR-US: K-Search
-CVE-2005-3867 (Cross-site scripting (XSS) vulnerability in RevenuePilot Search Engine ...)
+CVE-2005-3867
 	NOT-FOR-US: RevenuePilot Search Engine
-CVE-2005-3866 (Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine ...)
+CVE-2005-3866
 	NOT-FOR-US: SearchFeed Search Engine
-CVE-2005-3865 (SQL injection vulnerability in index.php in AllWeb search 3.0 and ...)
+CVE-2005-3865
 	NOT-FOR-US: AllWeb search
-CVE-2005-3864 (SQL injection vulnerability in index.php in SourceWell 1.1.2 and ...)
+CVE-2005-3864
 	NOT-FOR-US: SourceWell
-CVE-2005-3863 (Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and ...)
+CVE-2005-3863
 	{DSA-1088-1 DSA-1083-1 DTSA-23-1}
 	- centericq 4.21.0-6 (bug #340959; medium)
 	- orpheus 1.5-5 (bug #368402; medium)
@@ -2298,514 +2298,514 @@ CVE-2005-3863 (Stack-based buffer overflow in kkstrtext.h in ktools library 0.3
 	NOTE: DTSA is for centericq only
 	NOTE: This affects Sarge and Woody centericq
 	NOTE: This affects Sarge and Woody motor
-CVE-2005-3862 (Buffer overflow in unalz before 0.53 allows remote attackers to ...)
+CVE-2005-3862
 	{DSA-959-1}
 	- unalz 0.55-1 (bug #340842; medium)
-CVE-2005-3861 (PHP remote file inclusion vulnerability in content.php in phpGreetz ...)
+CVE-2005-3861
 	NOT-FOR-US: phpGreetz
-CVE-2005-3860 (PHP remote file inclusion vulnerability in athena.php in Oliver May ...)
+CVE-2005-3860
 	NOT-FOR-US: Oliver May Athena PHP Website Administration
-CVE-2005-3859 (PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 ...)
+CVE-2005-3859
 	NOT-FOR-US: Q-News
-CVE-2005-3858 (Memory leak in the ip6_input_finish function in ip6_input.c in Linux ...)
+CVE-2005-3858
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.12-6
-CVE-2005-3856 (The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and ...)
+CVE-2005-3856
 	- krusader 1.70.0-1 (bug #336169; low)
 	[sarge] - krusader <not-affected>
 	NOTE: This seems to be a dupe of CVE-2006-3816, pinged MITRE
-CVE-2005-3855 (SQL injection vulnerability in process.php in 1-2-3 music store allows ...)
+CVE-2005-3855
 	NOT-FOR-US: 1-2-3 music store
-CVE-2005-3854 (Cross-site scripting (XSS) vulnerability in index.php in EasyPageCMS ...)
+CVE-2005-3854
 	NOT-FOR-US: EasyPageCMS
-CVE-2005-3853 (SQL injection vulnerability in snews.php in sNews 1.3 and earlier ...)
+CVE-2005-3853
 	NOT-FOR-US: sNews
-CVE-2005-3852 (SQL injection vulnerability in search.asp in Online Work Order Suite ...)
+CVE-2005-3852
 	NOT-FOR-US: Online Work Order Suite
-CVE-2005-3851 (Cross-site scripting (XSS) vulnerability in search.asp in Online ...)
+CVE-2005-3851
 	NOT-FOR-US: Online Attendance System
-CVE-2005-3850 (Cross-site scripting (XSS) vulnerability in search.asp in Online ...)
+CVE-2005-3850
 	NOT-FOR-US: Online Knowledge Base System
-CVE-2005-3846 (SQL injection vulnerability in news.php in Fantastic News 2.1.1 and ...)
+CVE-2005-3846
 	NOT-FOR-US: Fantastic News
-CVE-2005-3845 (SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 ...)
+CVE-2005-3845
 	NOT-FOR-US: EZ Invoice Inc
-CVE-2005-3844 (SQL injection vulnerability in phpWordPress PHP News and Article ...)
+CVE-2005-3844
 	NOT-FOR-US: phpWordpress, this is not the same as Wordpress
-CVE-2005-3843 (SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows ...)
+CVE-2005-3843
 	NOT-FOR-US: Nicecode iDesk
-CVE-2005-3842 (SQL injection vulnerability in index.php in pdjk-support suite 1.1a ...)
+CVE-2005-3842
 	NOT-FOR-US: pdjk-support suite
-CVE-2005-3841 (Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), ...)
+CVE-2005-3841
 	NOT-FOR-US: kPlaylist
-CVE-2005-3840 (SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier ...)
+CVE-2005-3840
 	NOT-FOR-US: Omnistar Live
-CVE-2005-3839 (Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk ...)
+CVE-2005-3839
 	NOT-FOR-US: SupportPRO Supportdesk
-CVE-2005-3838 (Multiple SQL injection vulnerabilities in search.php in IsolSoft ...)
+CVE-2005-3838
 	NOT-FOR-US: IsolSoft Support Center
-CVE-2005-3837 (Cross-site scripting (XSS) vulnerability in the search module in ...)
+CVE-2005-3837
 	NOT-FOR-US: sCssBoard
-CVE-2005-3836 (SQL injection vulnerability in DeskLance 2.3 and earlier allows remote ...)
+CVE-2005-3836
 	NOT-FOR-US: DeskLance
-CVE-2005-3835 (PHP remote file inclusion vulnerability in support/index.php in ...)
+CVE-2005-3835
 	NOT-FOR-US: DeskLance
-CVE-2005-3834 (Cross-site scripting (XSS) vulnerability in search.php in Tunez 1.21 ...)
+CVE-2005-3834
 	NOT-FOR-US: Tunez
-CVE-2005-3833 (SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier ...)
+CVE-2005-3833
 	NOT-FOR-US: Tunez
-CVE-2005-3832 (Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, ...)
+CVE-2005-3832
 	NOT-FOR-US: SpeedProject products
-CVE-2005-3831 (Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, ...)
+CVE-2005-3831
 	NOT-FOR-US: SpeedProject products
-CVE-2005-3830 (index.php in ActiveCampaign SupportTrio 1.4 and earlier allows remote ...)
+CVE-2005-3830
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2005-3829 (index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows ...)
+CVE-2005-3829
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2005-3828 (SQL injection vulnerability in index.php in ActiveCampaign ...)
+CVE-2005-3828
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2005-3827 (SQL injection vulnerability in product_cat in AgileBill 1.4.92 and ...)
+CVE-2005-3827
 	NOT-FOR-US: AgileBill
-CVE-2005-3826 (Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote ...)
+CVE-2005-3826
 	NOT-FOR-US: Ezyhelpdesk
-CVE-2005-3825 (SQL injection vulnerability in index.php in Comdev Vote Caster 3.1 and ...)
+CVE-2005-3825
 	NOT-FOR-US: Comdev Vote Caster
-CVE-2005-3824 (The uploads module in vTiger CRM 4.2 and earlier allows remote ...)
+CVE-2005-3824
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3823 (The Users module in vTiger CRM 4.2 and earlier allows remote attackers ...)
+CVE-2005-3823
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3822 (Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier ...)
+CVE-2005-3822
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3821 (Cross-site scripting (XSS) vulnerability in vTiger CRM 4.2 and earlier ...)
+CVE-2005-3821
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3820 (Multiple directory traversal vulnerabilities in index.php in vTiger ...)
+CVE-2005-3820
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3819 (Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier ...)
+CVE-2005-3819
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3818 (Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 4.2 ...)
+CVE-2005-3818
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3817 (Multiple SQL injection vulnerabilities in Softbiz Web Host Directory ...)
+CVE-2005-3817
 	NOT-FOR-US: Softbiz Web Host Directory
-CVE-2005-3816 (Multiple SQL injection vulnerabilities in forum.php in freeForum 1.1 ...)
+CVE-2005-3816
 	NOT-FOR-US: freeForum
-CVE-2005-3815 (SQL injection vulnerability in forum.php in Orca Forum 4.3b and ...)
+CVE-2005-3815
 	NOT-FOR-US: Orca Forum
-CVE-2005-3814 (Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro ...)
+CVE-2005-3814
 	NOT-FOR-US: SmartPPC Pro
-CVE-2005-3813 (IMAP service (meimaps.exe) of MailEnable Professional 1.7 and ...)
+CVE-2005-3813
 	NOT-FOR-US: MailEnable
-CVE-2005-3812 (freeFTPd 1.0.10 allows remote authenticated users to cause a denial of ...)
+CVE-2005-3812
 	NOT-FOR-US: freeFTPd
-CVE-2005-3811 (Directory traversal vulnerability in admin/main.php in AMAX Magic ...)
+CVE-2005-3811
 	NOT-FOR-US: AMAX Magic Winmail Server
-CVE-2005-3806 (The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels ...)
+CVE-2005-3806
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-1 (medium)
-CVE-2005-3805 (A locking problem in POSIX timer cleanup handling on exit in Linux ...)
+CVE-2005-3805
 	- linux-2.6 2.6.14-1 (medium)
-CVE-2005-3804 (Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support ...)
+CVE-2005-3804
 	NOT-FOR-US: Cisco
-CVE-2005-3803 (Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ...)
+CVE-2005-3803
 	NOT-FOR-US: Cisco
-CVE-2005-3802 (Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 ...)
+CVE-2005-3802
 	NOT-FOR-US: Belkin hardware
-CVE-2005-3801 (CounterPane PasswordSafe 1.x and 2.x allows local users to test ...)
+CVE-2005-3801
 	NOT-FOR-US: PasswordSafe
-CVE-2005-3800 (Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak ...)
+CVE-2005-3800
 	NOT-FOR-US: Macromedia Contribute Publishing Server
-CVE-2005-3799 (phpBB 2.0.18 allows remote attackers to obtain sensitive information ...)
+CVE-2005-3799
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: Not a real security problem, error messages might disclose the installation
 	NOTE: which is known for the Debian package anyway
-CVE-2005-3798 (SQL injection vulnerability in admin/index.php in AlstraSoft Template ...)
+CVE-2005-3798
 	NOT-FOR-US: AlstraSoft Template Seller
-CVE-2005-3797 (PHP remote file inclusion vulnerability in payment_paypal.php in ...)
+CVE-2005-3797
 	NOT-FOR-US: AlstraSoft Template Seller
-CVE-2005-3796 (Direct static code injection vulnerability in admin_options_manage.php ...)
+CVE-2005-3796
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3795 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft ...)
+CVE-2005-3795
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3794 (AlstraSoft Affiliate Network Pro 7.2 allows remote attackers to obtain ...)
+CVE-2005-3794
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3793 (Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network ...)
+CVE-2005-3793
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3792 (Multiple SQL injection vulnerabilities in the Search module in ...)
+CVE-2005-3792
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3791 (HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 ...)
+CVE-2005-3791
 	NOT-FOR-US: phpAdsNew and phpPgAds
-CVE-2005-3790 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-3790
 	NOT-FOR-US: phpwcms
-CVE-2005-3789 (Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow ...)
+CVE-2005-3789
 	NOT-FOR-US: phpwcms
-CVE-2005-3788 (Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), ...)
+CVE-2005-3788
 	NOT-FOR-US: Cisco
-CVE-2005-3787 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2005-3787
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl4-1 (bug #360726)
-CVE-2005-3786 (Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ...)
+CVE-2005-3786
 	NOT-FOR-US: Novell ZENworks
-CVE-2005-3785 (Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX ...)
+CVE-2005-3785
 	NOT-FOR-US: Ebuild IndeX
-CVE-2005-3784 (The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 ...)
+CVE-2005-3784
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-1 (medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3783 (The ptrace functionality (ptrace.c) in Linux kernel 2.6 before ...)
+CVE-2005-3783
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-3 (medium)
-CVE-2005-3782 (Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the &quot;Name and ...)
+CVE-2005-3782
 	NOT-FOR-US: Apple
-CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before ...)
+CVE-2005-3848
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.13-1
-CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up ...)
+CVE-2005-3847
 	{DSA-1017-1}
 	- linux-2.6 2.6.13-1
-CVE-2005-3849 (Cross-site scripting (XSS) vulnerability in the Search module in ...)
+CVE-2005-3849
 	NOT-FOR-US: PmWiki
-CVE-2005-3781 (Unspecified vulnerability in in.named in Solaris 9 allows attackers to ...)
+CVE-2005-3781
 	NOT-FOR-US: Solaris
-CVE-2005-3780 (Multiple buffer overflows in IPUpdate 1.1 might allow attackers to ...)
+CVE-2005-3780
 	NOT-FOR-US: IPUpdate
-CVE-2005-3779 (Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 ...)
+CVE-2005-3779
 	NOT-FOR-US: HP-UX
-CVE-2005-3778 (Unspecified vulnerability in MyBulletinBoard (MyBB) before 1.0 PR2 Rev ...)
+CVE-2005-3778
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3777 (MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to ...)
+CVE-2005-3777
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3776 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
+CVE-2005-3776
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3775 (PHP remote file inclusion vulnerability in pollvote.php in PollVote ...)
+CVE-2005-3775
 	NOT-FOR-US: PollVote
-CVE-2005-3774 (Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of ...)
+CVE-2005-3774
 	NOT-FOR-US: Cisco
-CVE-2005-3773 (Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact ...)
+CVE-2005-3773
 	NOT-FOR-US: Joomla!
-CVE-2005-3772 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow ...)
+CVE-2005-3772
 	NOT-FOR-US: Joomla!
-CVE-2005-3771 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2005-3771
 	NOT-FOR-US: Joomla!
-CVE-2005-3770 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) ...)
+CVE-2005-3770
 	NOT-FOR-US: PHP-Post
-CVE-2005-3769 (SQL injection vulnerability in files.php in PHP Download Manager 1.1.3 ...)
+CVE-2005-3769
 	NOT-FOR-US: PHP Download Manager
-CVE-2005-3768 (Buffer overflow in the Internet Key Exchange version 1 (IKEv1) ...)
+CVE-2005-3768
 	NOT-FOR-US: Symantec appliances
-CVE-2005-3767 (Exponent CMS 0.96.3 and later versions does not properly restrict the ...)
+CVE-2005-3767
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3766 (Exponent CMS 0.96.3 and later versions stores sensitive user pages ...)
+CVE-2005-3766
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3765 (Exponent CMS 0.96.3 and later versions performs a chmod on uploaded ...)
+CVE-2005-3765
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3764 (The image gallery (imagegallery) component in Exponent CMS 0.96.3 and ...)
+CVE-2005-3764
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3763 (Exponent CMS 0.96.3 and later versions includes the full installation ...)
+CVE-2005-3763
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3762 (SQL injection vulnerability in the navigation module ...)
+CVE-2005-3762
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3761 (Cross-site scripting (XSS) vulnerability in Exponent CMS 0.96.3 and ...)
+CVE-2005-3761
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3760 (Double free vulnerability in the BBOORB module in IBM WebSphere ...)
+CVE-2005-3760
 	NOT-FOR-US: WebSphere
-CVE-2005-3758 (Cross-site scripting (XSS) vulnerability in Google Mini Search ...)
+CVE-2005-3758
 	NOT-FOR-US: Google search appliance
-CVE-2005-3757 (The Saxon XSLT parser in Google Mini Search Appliance, and possibly ...)
+CVE-2005-3757
 	NOTE: XSLTs can call arbitrary java methods in libsaxon-java. This behaviour
 	NOTE: is well documented and can be switched off. Let's hope that all users
 	NOTE: of saxon are aware of this. A warning has been added to the readme.
 	NOTE: Current rdependencies:
 	- ooo2dbk <not-affected> (uses it's own xslt unless overridden by command line arg)
-CVE-2005-3756 (Google Mini Search Appliance, and possibly Google Search Appliance, ...)
+CVE-2005-3756
 	NOT-FOR-US: Google search appliance
-CVE-2005-3755 (Directory traversal vulnerability in Google Mini Search Appliance, and ...)
+CVE-2005-3755
 	NOT-FOR-US: Google search appliance
-CVE-2005-3754 (Cross-site scripting (XSS) vulnerability in Google Mini Search ...)
+CVE-2005-3754
 	NOT-FOR-US: Google search appliance
-CVE-2005-3750 (Opera before 8.51 on Linux and Unix systems allows remote attackers to ...)
+CVE-2005-3750
 	NOT-FOR-US: Opera
-CVE-2005-3749 (Unspecified &quot;absolute path vulnerabilities&quot; in the diagela command ...)
+CVE-2005-3749
 	NOT-FOR-US: AIX
-CVE-2005-3748 (SQL injection vulnerability in the Search module in Tru-Zone Nuke ET ...)
+CVE-2005-3748
 	NOT-FOR-US: Tru-Zone Nuke ET
-CVE-2005-3747 (Unspecified vulnerability in Jetty before 5.1.6 allows remote ...)
+CVE-2005-3747
 	- jetty 5.1.8-1 (bug #340582; medium)
-CVE-2005-3746 (SQL injection vulnerability in thread.php in APBoard allows remote ...)
+CVE-2005-3746
 	NOT-FOR-US: APBoard
-CVE-2005-3745 (Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and ...)
+CVE-2005-3745
 	- libstruts1.2-java 1.2.8-1 (bug #340583; medium)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2005-3744 (SQL injection vulnerability in index.php in phpComasy 0.7.5 and ...)
+CVE-2005-3744
 	NOT-FOR-US: phpComasy
-CVE-2005-3743 (SQL injection vulnerability in results.php in SimplePoll allows remote ...)
+CVE-2005-3743
 	NOT-FOR-US: SimplePoll
-CVE-2005-3742 (Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll ...)
+CVE-2005-3742
 	NOT-FOR-US: Advanced Poll
-CVE-2005-3741 (Almond Classifieds does not properly verify the password, which allows ...)
+CVE-2005-3741
 	NOT-FOR-US: Almond Classifieds
-CVE-2005-3740 (Multiple SQL injection vulnerabilities in PHP-Fusion 6.00.206 and ...)
+CVE-2005-3740
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3739 (Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and ...)
+CVE-2005-3739
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3738 (globals.php in Mambo Site Server 4.0.14 and earlier, when ...)
+CVE-2005-3738
 	NOT-FOR-US: Mambo
-CVE-2005-3737 (Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 ...)
+CVE-2005-3737
 	{DSA-916-1 DTSA-24-1}
 	- inkscape 0.43-1 (bug #330894; medium)
-CVE-2005-3736 (Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart ...)
+CVE-2005-3736
 	NOT-FOR-US: e-Quick Cart
-CVE-2005-3735 (Multiple SQL injection vulnerabilities in e-Quick Cart allow remote ...)
+CVE-2005-3735
 	NOT-FOR-US: e-Quick Cart
-CVE-2005-3734 (Cross-site scripting (XSS) vulnerability in the &quot;add content&quot; page in ...)
+CVE-2005-3734
 	NOT-FOR-US: phpMyFAQ
-CVE-2005-3733 (The Internet Key Exchange version 1 (IKEv1) implementation in Juniper ...)
+CVE-2005-3733
 	NOT-FOR-US: Juniper products using IKE
-CVE-2005-3732 (The Internet Key Exchange version 1 (IKEv1) implementation ...)
+CVE-2005-3732
 	{DSA-965-1}
 	- ipsec-tools 1:0.6.3-1 (bug #340584; low)
-CVE-2005-3808 (Integer overflow in the invalidate_inode_pages2_range function in ...)
+CVE-2005-3808
 	- linux-2.6 2.6.14-4 (medium)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
-CVE-2005-3809 (The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in ...)
+CVE-2005-3809
 	- linux-2.6 2.6.14-4 (medium)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
-CVE-2005-3810 (ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to ...)
+CVE-2005-3810
 	- linux-2.6 2.6.14-4 (medium)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
-CVE-2005-3759 (Multiple cross-site scripting (XSS) vulnerabilities in Horde before ...)
+CVE-2005-3759
 	{DSA-909-1}
 	- horde3 3.0.7-1 (bug #340323; medium)
-CVE-2005-3731 (Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and ...)
+CVE-2005-3731
 	- cyassl <not-affected> (Fixed before initial upload to archive)
-CVE-2005-3730 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-3730
 	NOT-FOR-US: Revize CMS
-CVE-2005-3729 (Idetix Software Systems Revize CMS allows remote attackers to obtain ...)
+CVE-2005-3729
 	NOT-FOR-US: Revize CMS
-CVE-2005-3728 (Idetix Software Systems Revize CMS stores conf/revize.xml under the ...)
+CVE-2005-3728
 	NOT-FOR-US: Revize CMS
-CVE-2005-3727 (SQL injection vulnerability in debug/query_results.jsp in Idetix ...)
+CVE-2005-3727
 	NOT-FOR-US: Revize CMS
-CVE-2005-3726 (SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows ...)
+CVE-2005-3726
 	NOT-FOR-US: ArticleLive NX
-CVE-2005-3725 (Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP ...)
+CVE-2005-3725
 	NOT-FOR-US: Zyxel WIFI Phone
-CVE-2005-3724 (Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote ...)
+CVE-2005-3724
 	NOT-FOR-US: Zyxel WIFI Phone
-CVE-2005-3723 (Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to ...)
+CVE-2005-3723
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3722 (The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows ...)
+CVE-2005-3722
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3721 (The default configuration of the HTTP server in Hitachi IP5000 VOIP ...)
+CVE-2005-3721
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3720 (The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI ...)
+CVE-2005-3720
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3719 (Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator ...)
+CVE-2005-3719
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3718 (UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel ...)
+CVE-2005-3718
 	NOT-FOR-US: UTStarcom WIFI Phone
-CVE-2005-3717 (The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running ...)
+CVE-2005-3717
 	NOT-FOR-US: UTStarcom WIFI Phone
-CVE-2005-3716 (The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running ...)
+CVE-2005-3716
 	NOT-FOR-US: UTStarcom WIFI Phone
-CVE-2005-3715 (Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the ...)
+CVE-2005-3715
 	NOT-FOR-US: Senao Wireless VoIP Phone
-CVE-2005-3699 (Opera Web Browser 8.50 and 8.0 through 8.0.2 allows remote attackers ...)
+CVE-2005-3699
 	NOT-FOR-US: Opera
-CVE-2005-3698 (PHP Easy Download allows remote attackers to bypass authentication via ...)
+CVE-2005-3698
 	NOT-FOR-US: PHP Easy Download
-CVE-2005-3697 (Unspecified vulnerability in the administration interface in Uresk ...)
+CVE-2005-3697
 	NOT-FOR-US: Uresk Links Lite
-CVE-2005-3696 (SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote ...)
+CVE-2005-3696
 	NOT-FOR-US: Arki-DB
-CVE-2005-3695 (Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php ...)
+CVE-2005-3695
 	NOT-FOR-US: LiteSpeed Webserver
-CVE-2005-3694 (centericq 4.20.0-r3 with &quot;Enable peer-to-peer communications&quot; set ...)
+CVE-2005-3694
 	{DSA-912-1}
 	- centericq 4.21.0-4 (bug #334089; low)
-CVE-2005-3693 (The AxWebRemoveCtrl ActiveX control for uninstalling the SunnComm ...)
+CVE-2005-3693
 	NOT-FOR-US: SunnComm MediaMax DRM
-CVE-2005-3692 (Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server ...)
+CVE-2005-3692
 	NOT-FOR-US: AMAX Magic Winmail Server
-CVE-2005-3691 (Directory traversal vulnerability in the IMAP service (meimaps.exe) of ...)
+CVE-2005-3691
 	NOT-FOR-US: MailEnable Professional
-CVE-2005-3690 (Stack-based buffer overflow in the IMAP service (meimaps.exe) of ...)
+CVE-2005-3690
 	NOT-FOR-US: MailEnable Professional
-CVE-2005-3689 (post.php in XMB 1.9.2 allows remote attackers to obtain the ...)
+CVE-2005-3689
 	NOT-FOR-US: XMB
-CVE-2005-3688 (Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 ...)
+CVE-2005-3688
 	NOT-FOR-US: XMB
-CVE-2005-3687 (cancel_account.php in WHM AutoPilot 2.5.30 and earlier allows remote ...)
+CVE-2005-3687
 	NOT-FOR-US: WHM AutoPilot
-CVE-2005-3686 (SQL injection vulnerability in search.inc.php in Unclassified ...)
+CVE-2005-3686
 	NOT-FOR-US: Unclassified Newsboard
-CVE-2005-3685 (Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP ...)
+CVE-2005-3685
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2005-3684 (Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, ...)
+CVE-2005-3684
 	NOT-FOR-US: freeFTPd
-CVE-2005-3683 (Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging ...)
+CVE-2005-3683
 	NOT-FOR-US: freeFTPd
-CVE-2005-3682 (Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote ...)
+CVE-2005-3682
 	NOT-FOR-US: Wizz Forum
-CVE-2005-3681 (SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads ...)
+CVE-2005-3681
 	NOT-FOR-US: Xoops
-CVE-2005-3680 (Directory traversal vulnerability in editor_registry.php in XOOPS ...)
+CVE-2005-3680
 	NOT-FOR-US: Xoops
-CVE-2005-3679 (SQL injection vulnerability in admin/index.php in ActiveCampaign ...)
+CVE-2005-3679
 	NOT-FOR-US: ActiveCampaign 1-2-All Broadcast Email
-CVE-2005-3678 (Google Talk before 1.0.0.76, with email notification enabled, allows ...)
+CVE-2005-3678
 	NOT-FOR-US: Google Talk
-CVE-2005-3677 (Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote ...)
+CVE-2005-3677
 	- helix-player <not-affected>
-CVE-2005-3676 (SQL injection vulnerability in download.php in PhpWebThings 1.4.4 ...)
+CVE-2005-3676
 	NOT-FOR-US: PhpWebThings
-CVE-2005-3675 (The Transmission Control Protocol (TCP) allows remote attackers to ...)
+CVE-2005-3675
 	NOTE: Generic protocol weakness, likely hard to fix at the kernel
 	NOTE: level without performance impact.
-CVE-2005-3674 (The Internet Key Exchange version 1 (IKEv1) implementation in the ...)
+CVE-2005-3674
 	NOT-FOR-US: libike from Solaris
-CVE-2005-3673 (The Internet Key Exchange version 1 (IKEv1) implementation in Check ...)
+CVE-2005-3673
 	NOT-FOR-US: Check Point's IKE implementation
-CVE-2005-3672 (The Internet Key Exchange version 1 (IKEv1) implementation in ...)
+CVE-2005-3672
 	NOT-FOR-US: StoneGate's IKE implementation
-CVE-2005-3671 (The Internet Key Exchange version 1 (IKEv1) implementation in Openswan ...)
+CVE-2005-3671
 	- openswan 1:2.4.4-1 (bug #339082; low)
 	[sarge] - openswan <no-dsa> (Only exploitable in inherently insecure mode of operation)
 	NOTE: Initial 2.4.3 didn't fix all the issues from the NISCC report
-CVE-2005-3670 (Multiple unspecified vulnerabilities in the Internet Key Exchange ...)
+CVE-2005-3670
 	NOT-FOR-US: HP-UX's IKE implementation
-CVE-2005-3669 (Multiple unspecified vulnerabilities in the Internet Key Exchange ...)
+CVE-2005-3669
 	NOT-FOR-US: Cisco
-CVE-2005-3668 (Multiple buffer overflows in multiple unspecified implementations of ...)
+CVE-2005-3668
 	NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
-CVE-2005-3667 (Multiple unspecified vulnerabilities in multiple unspecified ...)
+CVE-2005-3667
 	NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
-CVE-2005-3666 (Multiple unspecified format string vulnerabilities in multiple ...)
+CVE-2005-3666
 	NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
-CVE-2005-3665 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2005-3665
 	{DSA-1207-1}
 	- phpmyadmin 4:2.6.4-pl4-2 (bug #340438; medium)
 CVE-2005-XXXX [unsafe file permissions in vpnc]
 	- vpnc 0.3.3+SVN20051028-3 (bug #340105; unimportant)
 	NOTE: Only an example file
-CVE-2005-3714 (The network interface for Apple AirPort Express 6.x before Firmware ...)
+CVE-2005-3714
 	NOT-FOR-US: Apple AirPort
-CVE-2005-3713 (Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows ...)
+CVE-2005-3713
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3712 (Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 ...)
+CVE-2005-3712
 	NOT-FOR-US: Apple
-CVE-2005-3711 (Integer overflow in Apple Quicktime before 7.0.4 allows remote ...)
+CVE-2005-3711
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3710 (Integer overflow in Apple Quicktime before 7.0.4 allows remote ...)
+CVE-2005-3710
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3709 (Integer underflow in Apple Quicktime before 7.0.4 allows remote ...)
+CVE-2005-3709
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3708 (Integer overflow in Apple Quicktime before 7.0.4 allows remote ...)
+CVE-2005-3708
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3707 (Buffer overflow in Apple Quicktime before 7.0.4 allows remote ...)
+CVE-2005-3707
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3706 (Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through ...)
+CVE-2005-3706
 	NOT-FOR-US: Mac OS X
-CVE-2005-3705 (Heap-based buffer overflow in WebKit in Mac OS X and OS X Server ...)
+CVE-2005-3705
 	NOT-FOR-US: Mac OS X
-CVE-2005-3704 (System log server in Mac OS X and OS X Server 10.4 through 10.4.3 ...)
+CVE-2005-3704
 	NOT-FOR-US: Mac OS X
 CVE-2005-3703
 	REJECTED
-CVE-2005-3702 (Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote ...)
+CVE-2005-3702
 	NOT-FOR-US: Safari
-CVE-2005-3701 (Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 ...)
+CVE-2005-3701
 	NOT-FOR-US: Mac OS X
-CVE-2005-3700 (Unknown vulnerability in iodbcadmintool in the ODBC Administrator ...)
+CVE-2005-3700
 	NOT-FOR-US: Mac OS X
-CVE-2005-3664 (Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in ...)
+CVE-2005-3664
 	NOT-FOR-US: Kaspersky AV
-CVE-2005-3663 (Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 ...)
+CVE-2005-3663
 	NOT-FOR-US: Kaspersky AV
-CVE-2005-3662 (Off-by-one buffer overflow in pnmtopng before 2.39, when using the ...)
+CVE-2005-3662
 	{DSA-904-1}
 	- netpbm-free 2:10.0-10.1 (medium; bug #351639)
-CVE-2005-3661 (Dell TrueMobile 2300 Wireless Broadband Router running firmware ...)
+CVE-2005-3661
 	NOT-FOR-US: Dell hardware issue
-CVE-2005-3660 (Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ...)
+CVE-2005-3660
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Design limitation, for rare corner cases, where this poses a problem advanced
 	NOTE: resource management systems can be deployed
-CVE-2005-3659 (nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before ...)
+CVE-2005-3659
 	NOT-FOR-US: EMC Legato NetWorker
-CVE-2005-3658 (Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x ...)
+CVE-2005-3658
 	NOT-FOR-US: EMC Legato NetWorker
-CVE-2005-3657 (The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security ...)
+CVE-2005-3657
 	NOT-FOR-US: McAfee
-CVE-2005-3656 (Multiple format string vulnerabilities in logging functions in ...)
+CVE-2005-3656
 	{DSA-935-1}
 	[sarge] - libapache2-mod-auth-pgsql 2.0.2b1-5sarge0
 	- libapache2-mod-auth-pgsql 2.0.2b1-7
 	- libapache-mod-auth-pgsql <not-affected> (Does not contain the vulnerable ap_log_rerror() function)
-CVE-2005-3655 (Heap-based buffer overflow in Novell Open Enterprise Server Remote ...)
+CVE-2005-3655
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2005-3654 (Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to ...)
+CVE-2005-3654
 	NOT-FOR-US: Blue Coat WinProxy
-CVE-2005-3653 (Heap-based buffer overflow in the iGateway service for various ...)
+CVE-2005-3653
 	NOT-FOR-US: IGateway
-CVE-2005-3652 (Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 ...)
+CVE-2005-3652
 	NOT-FOR-US: Citrix
-CVE-2005-3651 (Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ...)
+CVE-2005-3651
 	{DSA-920-1}
 	- ethereal 0.10.13-1.1 (bug #342911; medium)
-CVE-2005-3650 (The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the ...)
+CVE-2005-3650
 	NOT-FOR-US: Sony Root Kit Uninstaller
-CVE-2005-3649 (jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users ...)
+CVE-2005-3649
 	NOTE: only exploitable in certian configurations (non-default)
 	NOTE: warning added..
 	- moodle 1.5.3+20060108-1 (bug #338592; low)
 	[sarge] - moodle <not-affected> (Isn't explotable in sarge)
-CVE-2005-3648 (Multiple SQL injection vulnerabilities in the get_record function in ...)
+CVE-2005-3648
 	- moodle 1.5.3+20060108-1 (bug #338592; low)
 	[sarge] - moodle <no-dsa> (Only exploitable in strange PHP setups)
-CVE-2005-3647 (Folder Guard allows local users to bypass protections by running from ...)
+CVE-2005-3647
 	NOT-FOR-US: Folder Guard
-CVE-2005-3646 (Multiple SQL injection vulnerabilities in lib-sessions.inc.php in ...)
+CVE-2005-3646
 	NOT-FOR-US: phpAdsNews
-CVE-2005-3645 (phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows ...)
+CVE-2005-3645
 	NOT-FOR-US: phpAdsNews
-CVE-2005-3644 (PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows ...)
+CVE-2005-3644
 	NOT-FOR-US: Windows
-CVE-2005-3643 (IBM DB2 Database server running on Windows XP with Simple File Sharing ...)
+CVE-2005-3643
 	NOT-FOR-US: DB2
-CVE-2005-3642 (IBM Informix Dynamic Database server running on Windows XP with Simple ...)
+CVE-2005-3642
 	NOT-FOR-US: Informix
-CVE-2005-3641 (Oracle Databases running on Windows XP with Simple File Sharing ...)
+CVE-2005-3641
 	NOT-FOR-US: Oracle
-CVE-2005-3640 (Multiple buffer overflows in the IMAP Groupware Mail server of ...)
+CVE-2005-3640
 	NOT-FOR-US: FTGate
-CVE-2005-3639 (PHP file inclusion vulnerability in the osTicket module in Help Center ...)
+CVE-2005-3639
 	NOT-FOR-US: Help Center Live
-CVE-2005-3638 (Cross-site scripting (XSS) vulnerabilities in Ekinboard 1.0.3 allow ...)
+CVE-2005-3638
 	NOT-FOR-US: Ekinboard
 CVE-2005-3637
 	REJECTED
-CVE-2005-3636 (Cross-site scripting (XSS) vulnerability in SAP Web Application Server ...)
+CVE-2005-3636
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3635 (Multiple cross-site scripting (XSS) vulnerabilities in SAP Web ...)
+CVE-2005-3635
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3634 (frameset.htm in the BSP runtime in SAP Web Application Server (WAS) ...)
+CVE-2005-3634
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3633 (HTTP response splitting vulnerability in frameset.htm in SAP Web ...)
+CVE-2005-3633
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3632 (Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow ...)
+CVE-2005-3632
 	{DSA-904-1}
 	- netpbm-free 2:10.0-10.1 (medium; bug #351639)
-CVE-2005-3631 (udev does not properly set permissions on certain files in /dev/input, ...)
+CVE-2005-3631
 	- udev <not-affected> (Red Hat specific)
-CVE-2005-3630 (Fedora Directory Server before 10 allows remote attackers to obtain ...)
+CVE-2005-3630
 	NOT-FOR-US: Fedora Directory Server
-CVE-2005-3629 (initscripts in Red Hat Enterprise Linux 4 does not properly handle ...)
+CVE-2005-3629
 	NOTE: current sudo cleans the environment, so we are not affected
 	- sysvconfig <not-affected> (sudo cleans env anyway)
-CVE-2005-3628 (Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in ...)
+CVE-2005-3628
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- kdegraphics 4:3.5.0-3
 	- gpdf 2.10.0-2 (bug #342286)
@@ -2819,7 +2819,7 @@ CVE-2005-3628 (Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in ...)
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ...)
+CVE-2005-3627
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- kdegraphics 4:3.5.0-3
@@ -2834,7 +2834,7 @@ CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftoh
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
+CVE-2005-3626
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.3-2
 	- kdegraphics 4:3.5.0-3
@@ -2849,7 +2849,7 @@ CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler,
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...)
+CVE-2005-3625
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- tetex-bin 3.0-12
@@ -2864,7 +2864,7 @@ CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler,
 	- cupsys 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, ...)
+CVE-2005-3624
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- tetex-bin 3.0-12
@@ -2879,16 +2879,16 @@ CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf
 	- cupsys 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3623 (nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR ...)
+CVE-2005-3623
 	[sarge] - kernel-source-2.6.8 <not-affected> (Does not contain NFS ACLs)
 	- linux-2.6 2.6.14-7
-CVE-2005-3622 (phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain ...)
+CVE-2005-3622
 	- phpmyadmin <unfixed> (unimportant)
-CVE-2005-3620 (The management interface for VMware ESX Server 2.0.x before 2.0.2 ...)
+CVE-2005-3620
 	NOT-FOR-US: VMware ESX
-CVE-2005-3619 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2005-3619
 	NOT-FOR-US: VMware ESX
-CVE-2005-3618 (Cross-site request forgery (CSRF) vulnerability in the management ...)
+CVE-2005-3618
 	NOT-FOR-US: VMWare ESX
 CVE-2005-3617
 	RESERVED
@@ -2932,72 +2932,72 @@ CVE-2005-3598
 	RESERVED
 CVE-2005-3597
 	REJECTED
-CVE-2005-3596 (SQL injection vulnerability in ASPKnowledgebase allows remote ...)
+CVE-2005-3596
 	NOT-FOR-US: ASPKnowledgebase
-CVE-2005-3595 (By default Microsoft Windows XP Home Edition installs with a blank ...)
+CVE-2005-3595
 	NOT-FOR-US: Windows XP
-CVE-2005-3594 (game_score.php in e107 allows remote attackers to insert high scores ...)
+CVE-2005-3594
 	NOT-FOR-US: e107
-CVE-2005-3592 (index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain ...)
+CVE-2005-3592
 	NOT-FOR-US: CuteNews
-CVE-2005-3591 (Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier ...)
+CVE-2005-3591
 	- flashplugin-nonfree 7.0.61-1 (bug #339290; high)
 	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
-CVE-2005-3589 (Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote ...)
+CVE-2005-3589
 	NOT-FOR-US: FileZilla Server
-CVE-2005-3588 (SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 ...)
+CVE-2005-3588
 	NOT-FOR-US: Advanced Guestbook
-CVE-2005-3587 (Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before ...)
+CVE-2005-3587
 	{DSA-947-1}
 	- clamav 0.87.1-1 (medium)
 	NOTE: sarge is affected (not in oldstable)
-CVE-2005-3586 (content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to ...)
+CVE-2005-3586
 	NOT-FOR-US: Mambo
-CVE-2005-3585 (SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows ...)
+CVE-2005-3585
 	NOT-FOR-US: PhpWebThings
-CVE-2005-3584 (Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings ...)
+CVE-2005-3584
 	NOT-FOR-US: PhpWebThings
-CVE-2005-3583 ((1) Java Runtime Environment (JRE) and (2) Software Development Kit ...)
+CVE-2005-3583
 	NOT-FOR-US: Sun Java
-CVE-2005-3582 (ImageMagick before 6.2.4.2-r1 allows local users in the portage group ...)
+CVE-2005-3582
 	- imagemagick <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3581 (GDAL before 1.3.0-r1 allows local users in the portage group to ...)
+CVE-2005-3581
 	- gdal <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3580 (QDBM before 1.8.33-r2 allows local users in the portage group to ...)
+CVE-2005-3580
 	- qdbm <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3579 (ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote ...)
+CVE-2005-3579
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3578 (SQL injection vulnerability in ts.exe (aka ts.cgi) in Walla TeleSite ...)
+CVE-2005-3578
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3577 (Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in ...)
+CVE-2005-3577
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3576 (ts.exe in Walla TeleSite 3.0 and earlier allows remote attackers to ...)
+CVE-2005-3576
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3575 (SQL injection vulnerability in show.php in Cyphor 0.19 and earlier ...)
+CVE-2005-3575
 	NOT-FOR-US: Cyphor
-CVE-2005-3574 (PHP file inclusion vulnerability in index.php of iCMS allows remote ...)
+CVE-2005-3574
 	NOT-FOR-US: iCMS
-CVE-2005-3573 (Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character ...)
+CVE-2005-3573
 	{DSA-955-1}
 	- mailman 2.1.5-10 (bug #327732; bug #339095; medium)
-CVE-2005-3572 (SQL injection vulnerability in index.php in Peel 2.6 through 2.7 ...)
+CVE-2005-3572
 	NOT-FOR-US: Peel
-CVE-2005-3571 (PHP file inclusion vulnerability in protection.php in CodeGrrl (a) ...)
+CVE-2005-3571
 	NOT-FOR-US: protection.php from several crappy web apps not in Debian
-CVE-2005-3570 (Unspecified cross-site scripting (XSS) vulnerability in Horde before ...)
+CVE-2005-3570
 	{DSA-914-1}
 	- horde2 2.2.9-1 (bug #338983)
-CVE-2005-3569 (INSO service in IBM DB2 Content Manager before 8.2 Fix Pack 10 on AIX ...)
+CVE-2005-3569
 	NOT-FOR-US: DB2
-CVE-2005-3568 (db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 ...)
+CVE-2005-3568
 	NOT-FOR-US: DB2
-CVE-2005-3567 (slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 ...)
+CVE-2005-3567
 	NOT-FOR-US: Tivoli
-CVE-2005-3566 (Buffer overflow in various ha commands of VERITAS Cluster Server for ...)
+CVE-2005-3566
 	NOT-FOR-US: VERITAS Cluster Server
-CVE-2005-3565 (Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and ...)
+CVE-2005-3565
 	NOT-FOR-US: HP-UX
-CVE-2005-3564 (envd daemon in HP-UX B.11.00 through B.11.11 allows local users to ...)
+CVE-2005-3564
 	NOT-FOR-US: HP-UX
 CVE-2005-3563
 	REJECTED
@@ -3005,180 +3005,180 @@ CVE-2005-3562
 	REJECTED
 CVE-2005-3561
 	REJECTED
-CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...)
+CVE-2005-3560
 	NOT-FOR-US: Zone Labs
-CVE-2005-3559 (Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 ...)
+CVE-2005-3559
 	{DSA-1048-1}
 	- asterisk 1:1.2.7.1.dfsg-2 (bug #338116; medium)
-CVE-2005-3558 (PHP file inclusion vulnerability in index.php in OSTE 1.0 allows ...)
+CVE-2005-3558
 	NOT-FOR-US: OSTE
-CVE-2005-3557 (Directory traversal vulnerability in admin/defaults.php in PHPlist ...)
+CVE-2005-3557
 	NOT-FOR-US: PHPList
-CVE-2005-3556 (Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 ...)
+CVE-2005-3556
 	NOT-FOR-US: PHPList
-CVE-2005-3555 (Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier ...)
+CVE-2005-3555
 	NOT-FOR-US: PHPList
-CVE-2005-3554 (Multiple eval injection vulnerabilities in the help function in PHPKIT ...)
+CVE-2005-3554
 	NOT-FOR-US: PHPKIT
-CVE-2005-3553 (Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1 ...)
+CVE-2005-3553
 	NOT-FOR-US: PHPKIT
-CVE-2005-3552 (Multiple cross-site scripting (XSS) vulnerabilities in PHPKIT 1.6.1 R2 ...)
+CVE-2005-3552
 	NOT-FOR-US: PHPKIT
-CVE-2005-3551 (toendaCMS before 0.6.2 stores user account and session data in the web ...)
+CVE-2005-3551
 	NOT-FOR-US: toendaCMS
-CVE-2005-3550 (Directory traversal vulnerability in admin.php in toendaCMS before ...)
+CVE-2005-3550
 	NOT-FOR-US: toendaCMS
-CVE-2005-3549 (Direct code injection vulnerability in Task Manager in Invision Power ...)
+CVE-2005-3549
 	NOT-FOR-US: Invision Power Board
-CVE-2005-3548 (Directory traversal vulnerability in Task Manager in Invision Power ...)
+CVE-2005-3548
 	NOT-FOR-US: Invision Power Board
-CVE-2005-3547 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 ...)
+CVE-2005-3547
 	NOT-FOR-US: Invision Power Board
-CVE-2005-3546 (suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before ...)
+CVE-2005-3546
 	NOT-FOR-US: F-Secure Internet Gatekeeper and Antivirus Gateway
-CVE-2005-3545 (SQL injection vulnerability in index.php of the report module in ...)
+CVE-2005-3545
 	NOT-FOR-US: ibProArcade
-CVE-2005-3544 (Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 ...)
+CVE-2005-3544
 	NOT-FOR-US: XMB
-CVE-2005-3543 (SQL injection vulnerability in search.php in Phorum 5.0.0alpha through ...)
+CVE-2005-3543
 	NOT-FOR-US: Phorum
 CVE-2005-3542
 	REJECTED
 CVE-2005-3541
 	RESERVED
-CVE-2005-3540 (Buffer overflow in petris before 1.0.1 allows remote attackers to ...)
+CVE-2005-3540
 	{DSA-929-1}
 	- petris 1.0.1-5
-CVE-2005-3539 (Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier ...)
+CVE-2005-3539
 	{DSA-933-1}
 	- hylafax 2:4.2.4-2 (bug #347298)
 	NOTE: First patch had regressions
-CVE-2005-3538 (hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts ...)
+CVE-2005-3538
 	- hylafax 2:4.2.4-1
 	[sarge] - hylafax <not-affected> (Affected only 4.2.3)
 	[woody] - hylafax <not-affected> (Affected only 4.2.3)
-CVE-2005-3537 (A &quot;missing request validation&quot; error in phpBB 2 before 2.0.18 allows ...)
+CVE-2005-3537
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; medium)
-CVE-2005-3536 (SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote ...)
+CVE-2005-3536
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; medium)
-CVE-2005-3535 (Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary ...)
+CVE-2005-3535
 	{DSA-926-1}
 	- ketm 0.0.6-17sarge1 (low)
-CVE-2005-3534 (Buffer overflow in the Network Block Device (nbd) server 2.7.5 and ...)
+CVE-2005-3534
 	{DSA-924-1}
 	- nbd 1:2.8.3-1
-CVE-2005-3533 (Buffer overflow in OSH before 1.7-15 allows local users to execute ...)
+CVE-2005-3533
 	{DSA-918-1}
 	- osh 1.7-15
-CVE-2005-3532 (authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through ...)
+CVE-2005-3532
 	{DSA-917-1}
 	- courier 0.47-12 (bug #211920; medium)
-CVE-2005-3531 (fusermount in FUSE before 2.4.1, if installed setuid root, allows ...)
+CVE-2005-3531
 	{DTSA-27-1}
 	- fuse 2.4.1-0.1 (bug #340398; low)
 	[sarge] - fuse <no-dsa> (Minor local DoS)
-CVE-2005-3530 (Cross-site scripting (XSS) vulnerability in Antville 1.1 allows remote ...)
+CVE-2005-3530
 	NOT-FOR-US: Antville
-CVE-2005-3529 (tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows ...)
+CVE-2005-3529
 	NOT-FOR-US: TikiWiki
-CVE-2005-3528 (Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php ...)
+CVE-2005-3528
 	NOT-FOR-US: TikiWiki
-CVE-2005-3527 (Race condition in do_coredump in signal.c in Linux kernel 2.6 allows ...)
+CVE-2005-3527
 	- linux-2.6 2.6.14-1 (low)
 	- kernel-source-2.4.27 <not-affected> (Vulnerable code was introduced later)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was introduced later)
 	NOTE: http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0
-CVE-2005-3526 (Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite ...)
+CVE-2005-3526
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-3525 (Stack-based buffer overflow in an ActiveX control for the installer ...)
+CVE-2005-3525
 	NOT-FOR-US: Adobe
-CVE-2005-3522 (Cross-site scripting (XSS) vulnerability in index.jsp in ManageEngine ...)
+CVE-2005-3522
 	NOT-FOR-US: ManageEngine NetflowAnalyzer
-CVE-2005-3521 (SQL injection vulnerability in resetcore.php in e107 0.617 through ...)
+CVE-2005-3521
 	NOT-FOR-US: e107
-CVE-2005-3520 (Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 ...)
+CVE-2005-3520
 	NOT-FOR-US: MySource
-CVE-2005-3519 (Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow ...)
+CVE-2005-3519
 	NOT-FOR-US: MySource
-CVE-2005-3518 (SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 ...)
+CVE-2005-3518
 	NOT-FOR-US: PunBB
-CVE-2005-3517 (Chipmunk Scripts Guestbook allows remote attackers to obtain the ...)
+CVE-2005-3517
 	NOT-FOR-US: Chipmunk Scripts Guestbook
-CVE-2005-3516 (Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk ...)
+CVE-2005-3516
 	NOT-FOR-US: Chipmunk Directory
-CVE-2005-3515 (Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk ...)
+CVE-2005-3515
 	NOT-FOR-US: Chipmunk Topsites
-CVE-2005-3514 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Forum ...)
+CVE-2005-3514
 	NOT-FOR-US: Chipmunk Forum
-CVE-2005-3513 (index.php in VUBB alpha rc1 allows remote attackers to obtain the ...)
+CVE-2005-3513
 	NOT-FOR-US: VUBB
-CVE-2005-3512 (Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha ...)
+CVE-2005-3512
 	NOT-FOR-US: VUBB
-CVE-2005-3511 (Multiple cross-site scripting (XSS) vulnerabilities in Spymac Web OS ...)
+CVE-2005-3511
 	NOT-FOR-US: Spymac Web OS
-CVE-2005-3510 (Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a ...)
+CVE-2005-3510
 	- tomcat5 <not-affected> (Debian's 5.0 version is not vulnerable)
-CVE-2005-3509 (Multiple SQL injection vulnerabilities in JPortal allow remote ...)
+CVE-2005-3509
 	NOT-FOR-US: JPortal
-CVE-2005-3508 (SQL injection vulnerability in showGallery.php in Gallery (Galerie) ...)
+CVE-2005-3508
 	NOT-FOR-US: Tonio gallery (not the one in the gallery debian package)
-CVE-2005-3507 (Directory traversal vulnerability in CuteNews 1.4.1 allows remote ...)
+CVE-2005-3507
 	NOT-FOR-US: CuteNews
-CVE-2005-3506 (Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server ...)
+CVE-2005-3506
 	NOT-FOR-US: Sambar
-CVE-2005-3505 (Cross-site scripting (XSS) vulnerability in the Entropy Chat script in ...)
+CVE-2005-3505
 	NOT-FOR-US: Entropy Chat Script
-CVE-2005-3504 (Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is ...)
+CVE-2005-3504
 	NOT-FOR-US: AIX
-CVE-2005-3503 (chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other ...)
+CVE-2005-3503
 	NOT-FOR-US: SuSE fork of passwd
-CVE-2005-3502 (attachment_send.php in Cerberus Helpdesk allows remote attackers to ...)
+CVE-2005-3502
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-3499 (Frisk F-Prot Antivirus allows remote attackers to bypass protection ...)
+CVE-2005-3499
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2005-3498 (IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before ...)
+CVE-2005-3498
 	NOT-FOR-US: WebSphere
-CVE-2005-3497 (** DISPUTED ** ...)
+CVE-2005-3497
 	NOT-FOR-US: PHP Handicapper
-CVE-2005-3496 (Cross-site scripting (XSS) vulnerability in PHP Handicapper allows ...)
+CVE-2005-3496
 	NOT-FOR-US: PHP Handicapper
-CVE-2005-3495 (Ar-blog 5.2 and earlier allows remote attackers to bypass ...)
+CVE-2005-3495
 	NOT-FOR-US: Ar-blog
-CVE-2005-3494 (Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier ...)
+CVE-2005-3494
 	NOT-FOR-US: Ar-blog
-CVE-2005-3493 (Battle Carry .005 and earlier allows remote attackers to cause a ...)
+CVE-2005-3493
 	NOT-FOR-US: Battle Carry
-CVE-2005-3492 (FlatFrag 0.3 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-3492
 	NOT-FOR-US: FlatFrag
-CVE-2005-3491 (Multiple buffer overflows in the receiver function in loop.c in ...)
+CVE-2005-3491
 	NOT-FOR-US: FlatFrag
-CVE-2005-3490 (Directory traversal vulnerability in the web server in Asus Video ...)
+CVE-2005-3490
 	NOT-FOR-US: Asus Video Security
-CVE-2005-3489 (Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using ...)
+CVE-2005-3489
 	NOT-FOR-US: Asus Video Security
-CVE-2005-3488 (Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a ...)
+CVE-2005-3488
 	- scorched3d 39.1+cvs20050929-2 (bug #337403; medium)
-CVE-2005-3487 (Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow ...)
+CVE-2005-3487
 	- scorched3d 39.1+cvs20050929-2 (bug #337403; medium)
-CVE-2005-3486 (Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and ...)
+CVE-2005-3486
 	- scorched3d 39.1+cvs20050929-2 (bug #337403; medium)
-CVE-2005-3485 (Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote ...)
+CVE-2005-3485
 	NOT-FOR-US: Glider Collect'n kill
-CVE-2005-3484 (Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier ...)
+CVE-2005-3484
 	NOT-FOR-US: NeroNET
-CVE-2005-3483 (Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows ...)
+CVE-2005-3483
 	NOT-FOR-US: GO-Global
-CVE-2005-3621 (CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows ...)
+CVE-2005-3621
 	{DSA-1207-1}
 	- phpmyadmin 4:2.6.4-pl4-1 (bug #339437; medium)
-CVE-2005-3524 (Buffer overflow in the SSL-ready version of linux-ftpd ...)
+CVE-2005-3524
 	{DSA-896-1}
 	- linux-ftpd-ssl 0.17.18+0.3-5 (bug #339074; high)
-CVE-2005-3807 (Memory leak in the VFS file lease handling in locks.c in Linux kernels ...)
+CVE-2005-3807
 	- linux-2.6 2.6.14-4
-CVE-2005-3857 (The time_out_leases function in locks.c for Linux kernel before ...)
+CVE-2005-3857
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-4 (low)
 CVE-2005-XXXX [user logout in drupal has no effect]
@@ -3186,474 +3186,474 @@ CVE-2005-XXXX [user logout in drupal has no effect]
 	- drupal 4.5.5-3 (bug #336719; medium)
 CVE-2005-XXXX [double free() in libungif]
 	- libungif4 4.1.4-1 (bug #338542; medium)
-CVE-2005-3523 (Format string vulnerability in friendsd2 in GpsDrive allows remote ...)
+CVE-2005-3523
 	{DSA-891-1}
 	- gpsdrive 2.09-2sarge1 (bug #337495; medium)
 CVE-2005-XXXX [Insecure temp files in note]
 	- note 1.3.1-3 (bug #337492; unimportant)
 	NOTE: Second issue not shipped in binary, only example, first issue not sufficiently
 	NOTE: predictable for a real world attack
-CVE-2005-3500 (The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) ...)
+CVE-2005-3500
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (medium)
-CVE-2005-3501 (The cabd_find function in cabd.c of the libmspack library (mspack) for ...)
+CVE-2005-3501
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (medium)
-CVE-2005-3482 (Cisco 1200, 1131, and 1240 series Access Points, when operating in ...)
+CVE-2005-3482
 	NOT-FOR-US: Cisco
-CVE-2005-3481 (Cisco IOS 12.0 to 12.4 might allow remote attackers to execute ...)
+CVE-2005-3481
 	NOT-FOR-US: IOS
-CVE-2005-3480 (login.asp in Ringtail CaseBook 6.1.0 displays different error messages ...)
+CVE-2005-3480
 	NOT-FOR-US: Ringtail CaseBook
-CVE-2005-3479 (Cross-site scripting (XSS) vulnerability in login.asp in Ringtail ...)
+CVE-2005-3479
 	NOT-FOR-US: Ringtail CaseBook
-CVE-2005-3478 (SQL injection vulnerability in index.php in PHPCafe.net Tutorials ...)
+CVE-2005-3478
 	NOT-FOR-US: PHPCafe Tutorial Manager
-CVE-2005-3477 (Multiple interpretation error in the image upload handling code in ...)
+CVE-2005-3477
 	NOT-FOR-US: Invision Gallery
-CVE-2005-3476 (Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and ...)
+CVE-2005-3476
 	NOT-FOR-US: OpenVMS
-CVE-2005-3475 (Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a ...)
+CVE-2005-3475
 	NOT-FOR-US: Hasbani Web Server
-CVE-2005-3474 (The aries.sys driver in Sony First4Internet XCP DRM software hides any ...)
+CVE-2005-3474
 	NOT-FOR-US: XCP DRM
-CVE-2005-3473 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
+CVE-2005-3473
 	NOT-FOR-US: Simple PHP Blog
-CVE-2005-3472 (Unspecified vulnerability in Sun Java System Communications Express ...)
+CVE-2005-3472
 	NOT-FOR-US: Sun Java System Communications Express
-CVE-2005-3471 (Directory traversal vulnerability in the ruleset view for MailWatch ...)
+CVE-2005-3471
 	NOT-FOR-US: MailWatch for MailScanner
-CVE-2005-3470 (SQL injection vulnerability in in the authenticate function in ...)
+CVE-2005-3470
 	NOT-FOR-US: MailWatch for MailScanner
-CVE-2005-3469 (SQL injection vulnerability in index.php in News2Net 3.0.0.0 allows ...)
+CVE-2005-3469
 	NOT-FOR-US: News2Net
-CVE-2005-3468 (Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft ...)
+CVE-2005-3468
 	NOT-FOR-US: F-Secure
-CVE-2005-3467 (Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of ...)
+CVE-2005-3467
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2005-3466 (Unspecified vulnerability in Enterprise CRM Sales in Oracle 8.81 up to ...)
+CVE-2005-3466
 	NOT-FOR-US: Oracle
-CVE-2005-3465 (Unspecified vulnerability in JDEdwards HTML Server in Oracle ...)
+CVE-2005-3465
 	NOT-FOR-US: Oracle
-CVE-2005-3464 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft ...)
+CVE-2005-3464
 	NOT-FOR-US: Oracle
-CVE-2005-3463 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft ...)
+CVE-2005-3463
 	NOT-FOR-US: Oracle
-CVE-2005-3462 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft ...)
+CVE-2005-3462
 	NOT-FOR-US: Oracle
-CVE-2005-3461 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft ...)
+CVE-2005-3461
 	NOT-FOR-US: Oracle
-CVE-2005-3460 (Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager ...)
+CVE-2005-3460
 	NOT-FOR-US: Oracle
-CVE-2005-3459 (Unspecified vulnerability in Oracle E-Business Suite and Applications ...)
+CVE-2005-3459
 	NOT-FOR-US: Oracle
-CVE-2005-3458 (Unspecified vulnerability in Oracle E-Business Suite and Applications ...)
+CVE-2005-3458
 	NOT-FOR-US: Oracle
-CVE-2005-3457 (Unspecified vulnerability in Oracle E-Business Suite and Applications ...)
+CVE-2005-3457
 	NOT-FOR-US: Oracle
-CVE-2005-3456 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2005-3456
 	NOT-FOR-US: Oracle
-CVE-2005-3455 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2005-3455
 	NOT-FOR-US: Oracle
-CVE-2005-3454 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g ...)
+CVE-2005-3454
 	NOT-FOR-US: Oracle
-CVE-2005-3453 (Multiple unspecified vulnerabilities in Web Cache in Oracle ...)
+CVE-2005-3453
 	NOT-FOR-US: Oracle
-CVE-2005-3452 (Unspecified vulnerability in Web Cache in Oracle Application Server ...)
+CVE-2005-3452
 	NOT-FOR-US: Oracle
-CVE-2005-3451 (Unspecified vulnerability in SQL*ReportWriter in Oracle Application ...)
+CVE-2005-3451
 	NOT-FOR-US: Oracle
-CVE-2005-3450 (Unspecified vulnerability in the HTTP Server in Oracle Application ...)
+CVE-2005-3450
 	NOT-FOR-US: Oracle
-CVE-2005-3449 (Multiple unspecified vulnerabilities in Oracle Application Server 9.0 ...)
+CVE-2005-3449
 	NOT-FOR-US: Oracle
-CVE-2005-3448 (Unspecified vulnerability in the OC4J Module in Oracle Application ...)
+CVE-2005-3448
 	NOT-FOR-US: Oracle
-CVE-2005-3447 (Unspecified vulnerability in Single Sign-On in Oracle Database Server ...)
+CVE-2005-3447
 	NOT-FOR-US: Oracle
-CVE-2005-3446 (Unspecified vulnerability in Internet Directory in Oracle Database ...)
+CVE-2005-3446
 	NOT-FOR-US: Oracle
-CVE-2005-3445 (Multiple unspecified vulnerabilities in HTTP Server in Oracle Database ...)
+CVE-2005-3445
 	NOT-FOR-US: Oracle
-CVE-2005-3444 (Multiple unspecified vulnerabilities in the Programmatic Interface in ...)
+CVE-2005-3444
 	NOT-FOR-US: Oracle
-CVE-2005-3443 (Unspecified vulnerability in the Spatial component in Oracle Database ...)
+CVE-2005-3443
 	NOT-FOR-US: Oracle
-CVE-2005-3442 (Multiple unspecified vulnerabilities in Oracle Database Server 8i up ...)
+CVE-2005-3442
 	NOT-FOR-US: Oracle
-CVE-2005-3441 (Unspecified vulnerability in Intelligent Agent in Oracle Database ...)
+CVE-2005-3441
 	NOT-FOR-US: Oracle
-CVE-2005-3440 (Unspecified vulnerability in Database Scheduler in Oracle Database ...)
+CVE-2005-3440
 	NOT-FOR-US: Oracle
-CVE-2005-3439 (Multiple unspecified vulnerabilities in Oracle Database Server 10g up ...)
+CVE-2005-3439
 	NOT-FOR-US: Oracle
-CVE-2005-3438 (Multiple unspecified vulnerabilities in Oracle Database Server 9i up ...)
+CVE-2005-3438
 	NOT-FOR-US: Oracle
-CVE-2005-3437 (Unspecified vulnerability in the PL/SQL component in Oracle Database ...)
+CVE-2005-3437
 	NOT-FOR-US: Oracle
-CVE-2005-3436 (Cross-site scripting (XSS) vulnerability in Nuked-Klan 1.7 allows ...)
+CVE-2005-3436
 	NOT-FOR-US: Nuked-Klan
-CVE-2005-3435 (admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to ...)
+CVE-2005-3435
 	NOT-FOR-US: Archilles Newsworld
-CVE-2005-3434 (Archilles Newsworld before 1.5.0-rc1 stores (1) account.nwd and (2) ...)
+CVE-2005-3434
 	NOT-FOR-US: Archilles Newsworld
-CVE-2005-3433 (Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers ...)
+CVE-2005-3433
 	NOT-FOR-US: Mirabilis ICQ
-CVE-2005-3432 (MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password ...)
+CVE-2005-3432
 	NOT-FOR-US: MiniGal2
-CVE-2005-3431 (Absolute path traversal vulnerability in Rockliffe MailSite Express ...)
+CVE-2005-3431
 	NOT-FOR-US: MailSite Express
-CVE-2005-3430 (Incomplete blacklist vulnerability in Rockliffe MailSite Express ...)
+CVE-2005-3430
 	NOT-FOR-US: MailSite Express
-CVE-2005-3429 (Rockliffe MailSite Express before 6.1.22, with the option to save ...)
+CVE-2005-3429
 	NOT-FOR-US: MailSite Express
-CVE-2005-3428 (Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express ...)
+CVE-2005-3428
 	NOT-FOR-US: MailSite Express
-CVE-2005-3427 (The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit ...)
+CVE-2005-3427
 	NOT-FOR-US: IPS Sensors
-CVE-2005-3426 (Cisco CSS 11500 Content Services Switch (CSS) with SSL termination ...)
+CVE-2005-3426
 	NOT-FOR-US: Cisco
-CVE-2005-3425 (Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 ...)
+CVE-2005-3425
 	{DSA-877-1}
 	- gnump3d 2.9.6-1
-CVE-2005-3424 (Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 ...)
+CVE-2005-3424
 	{DSA-877-1}
 	- gnump3d 2.9.5-1 (low)
-CVE-2005-3423 (Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow ...)
+CVE-2005-3423
 	NOT-FOR-US: Subdreamer
-CVE-2005-3422 (Cross-site scripting (XSS) vulnerability in error.asp in ASP Fast ...)
+CVE-2005-3422
 	NOT-FOR-US: ASP Fast Forum
-CVE-2005-3421 (estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote ...)
+CVE-2005-3421
 	NOT-FOR-US: Hyper Estraier
-CVE-2005-3420 (usercp_register.php in phpBB 2.0.17 allows remote attackers to modify ...)
+CVE-2005-3420
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 	NOTE: http://www.hardened-php.net/advisory_172005.75.html
 	NOTE: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=336756
 	NOTE: Remote code execution may be possible, especially in conjunction
 	NOTE: with PHP bugs.
-CVE-2005-3419 (SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 ...)
+CVE-2005-3419
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3418 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 ...)
+CVE-2005-3418
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3417 (phpBB 2.0.17 and earlier, when the register_long_arrays directive is ...)
+CVE-2005-3417
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3416 (phpBB 2.0.17 and earlier, when register_globals is enabled and the ...)
+CVE-2005-3416
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3415 (phpBB 2.0.17 and earlier allows remote attackers to bypass protection ...)
+CVE-2005-3415
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3414 (eyeOS 0.8.4 stores usrinfo.xml under the web document root with ...)
+CVE-2005-3414
 	NOT-FOR-US: eyeOS
-CVE-2005-3413 (Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 ...)
+CVE-2005-3413
 	NOT-FOR-US: eyeOS
-CVE-2005-3412 (Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows ...)
+CVE-2005-3412
 	NOT-FOR-US: Elite Forum
-CVE-2005-3411 (Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums ...)
+CVE-2005-3411
 	NOT-FOR-US: Snitz Forums
 CVE-2005-3410
 	RESERVED
-CVE-2005-3409 (OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote ...)
+CVE-2005-3409
 	{DSA-885-1}
 	- openvpn 2.0.5-1 (bug #337334; low)
-CVE-2005-3408 (SQL injection vulnerability in news.php in gCards version 1.43 allows ...)
+CVE-2005-3408
 	NOT-FOR-US: gCards
-CVE-2005-3407 (SQL injection vulnerability in phpESP 1.7.5 and earlier allows remote ...)
+CVE-2005-3407
 	NOT-FOR-US: phpESP
-CVE-2005-3406 (Cross-site scripting (XSS) vulnerability in phpESP 1.7.5 and earlier ...)
+CVE-2005-3406
 	NOT-FOR-US: phpESP
-CVE-2005-3405 (ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute ...)
+CVE-2005-3405
 	NOT-FOR-US: ATutor
-CVE-2005-3404 (Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through ...)
+CVE-2005-3404
 	NOT-FOR-US: ATutor
-CVE-2005-3403 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 ...)
+CVE-2005-3403
 	NOT-FOR-US: ATutor
-CVE-2005-3402 (The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly ...)
+CVE-2005-3402
 	NOTE: That's a non-issue; only a feature request for an improvement in a corner case.
 	NOTE: If someone wants to use security-sensitive communication a TLS-secured server
 	NOTE: should be used.
-CVE-2005-3401 (Multiple interpretation error in TheHacker 5.8.4.128 allows remote ...)
+CVE-2005-3401
 	NOT-FOR-US: TheHacker
-CVE-2005-3400 (Multiple interpretation error in Fortinet 2.48.0.0 allows remote ...)
+CVE-2005-3400
 	NOT-FOR-US: Fortinet
-CVE-2005-3399 (Multiple interpretation error in CAT-QuickHeal 8.0 allows remote ...)
+CVE-2005-3399
 	NOT-FOR-US: CAT-QuickHeal
-CVE-2005-3398 (The default configuration of the web server for the Solaris Management ...)
+CVE-2005-3398
 	NOT-FOR-US: Solaris Management Console
-CVE-2005-3397 (Cross-site scripting (XSS) vulnerability in Comersus BackOffice allows ...)
+CVE-2005-3397
 	NOT-FOR-US: Comersus BackOffice
-CVE-2005-3396 (Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, ...)
+CVE-2005-3396
 	NOT-FOR-US: AIX
-CVE-2005-3395 (SQL injection vulnerability in Invision Gallery 2.0.3 allows remote ...)
+CVE-2005-3395
 	NOT-FOR-US: Invision Gallery
-CVE-2005-3394 (Multiple SQL injection vulnerabilities in forum.php in oaboard forum ...)
+CVE-2005-3394
 	NOT-FOR-US: oaboard
-CVE-2005-3393 (Format string vulnerability in the foreign_option function in ...)
+CVE-2005-3393
 	{DSA-885-1}
 	- openvpn 2.0.5-1 (bug #336751; medium)
-CVE-2005-3392 (Unspecified vulnerability in PHP before 4.4.1, when using the virtual ...)
+CVE-2005-3392
 	- php4 4:4.4.2-1 (bug #336645; bug #354681; low)
 	[sarge] - php4 <no-dsa> (Safe mode violations not supported)
 	- php5 5.1.1-1 (bug #336654; low)
 	NOTE: According to CVE, this is a safe mode violation,
 	NOTE: therefore low impact. (According to SuSE, it's an
 	NOTE: information leak.)
-CVE-2005-3391 (Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to ...)
+CVE-2005-3391
 	- php4 4:4.4.2-1 (bug #336645; bug #354678; low)
 	[sarge] - php4 <no-dsa> (Safe mode violations not supported)
 	- php5 5.1.1-1 (bug #336654; low)
 	NOTE: This is a safe mode violation, therefore low impact.
-CVE-2005-3390 (The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to ...)
+CVE-2005-3390
 	- php4 4:4.4.2-1 (bug #336645; bug #354680; low)
 	- php5 5.1.1-1 (bug #336654; low)
 	[sarge] - php4 <no-dsa> (Operation with register_globals not supported)
 	NOTE: http://www.hardened-php.net/advisory_202005.79.html
 	NOTE: http://www.hardened-php.net/globals-problem
-CVE-2005-3389 (The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, ...)
+CVE-2005-3389
 	- php4 4:4.4.2-1 (bug #336645; bug #354690; low)
 	- php5 5.1.1-1 (bug #336654; low)
 	[sarge] - php4 <no-dsa> (application's job to sanitize input)
 	NOTE: http://www.hardened-php.net/advisory_192005.78.html
-CVE-2005-3388 (Cross-site scripting (XSS) vulnerability in the phpinfo function in ...)
+CVE-2005-3388
 	{CVE-2002-1954}
 	- php4 4:4.4.2-1 (bug #336645; low)
 	- php5 5.1.1-1 (bug #336654; low)
 	[sarge] - php4 <no-dsa> (not worth an update)
 	NOTE: http://www.hardened-php.net/advisory_182005.77.html
 	NOTE: fixed in CVS, estimated release of PHP5.1 to fix this issue
-CVE-2005-3387 (The startup script in packages/RedHat/ntop.init in ntop before 3.2, ...)
+CVE-2005-3387
 	- ntop <not-affected> (Red Hat specific packaging flaw)
-CVE-2005-3386 (SQL injection vulnerability in Techno Dreams Web Directory script ...)
+CVE-2005-3386
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3385 (SQL injection vulnerability in Techno Dreams Mailing List script ...)
+CVE-2005-3385
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3384 (SQL injection vulnerability in Techno Dreams Guest Book script allows ...)
+CVE-2005-3384
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3383 (SQL injection vulnerability in Techno Dreams Announcement script ...)
+CVE-2005-3383
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3382 (Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine ...)
+CVE-2005-3382
 	NOT-FOR-US: Sophos
-CVE-2005-3381 (Multiple interpretation error in Ukrainian National Antivirus (UNA) ...)
+CVE-2005-3381
 	NOT-FOR-US: Ukranian National Antivirus
-CVE-2005-3380 (Multiple interpretation error in Panda Titanium 2005 4.02.01 allows ...)
+CVE-2005-3380
 	NOT-FOR-US: Panda Titanium
-CVE-2005-3379 (Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 ...)
+CVE-2005-3379
 	NOT-FOR-US: Trend Micro
-CVE-2005-3378 (Multiple interpretation error in Norman 5.81 with the 5.83.02 engine ...)
+CVE-2005-3378
 	NOT-FOR-US: Norman
-CVE-2005-3377 (Multiple interpretation error in (1) McAfee Internet Security Suite ...)
+CVE-2005-3377
 	NOT-FOR-US: McAfee
-CVE-2005-3376 (Multiple interpretation error in Kaspersky 5.0.372 allows remote ...)
+CVE-2005-3376
 	NOT-FOR-US: Kaspersky
-CVE-2005-3375 (Multiple interpretation error in Ikarus demo version allows remote ...)
+CVE-2005-3375
 	NOT-FOR-US: Ikarus
-CVE-2005-3374 (Multiple interpretation error in F-Prot 3.16c allows remote attackers ...)
+CVE-2005-3374
 	NOT-FOR-US: F-Prot
-CVE-2005-3373 (Multiple interpretation error in Dr.Web 4.32b allows remote attackers ...)
+CVE-2005-3373
 	NOT-FOR-US: Dr. Web
-CVE-2005-3372 (Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 ...)
+CVE-2005-3372
 	NOT-FOR-US: eTrust
-CVE-2005-3371 (Multiple interpretation error in AVG 7 7.0.323 allows remote attackers ...)
+CVE-2005-3371
 	NOT-FOR-US: AVG
-CVE-2005-3370 (Multiple interpretation error in ArcaVir 2005 package 2005-06-21 ...)
+CVE-2005-3370
 	NOT-FOR-US: ArcaVir
-CVE-2005-3369 (Multiple SQL injection vulnerabilities in the Info-DB module ...)
+CVE-2005-3369
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-3368 (Cross-site scripting (XSS) vulnerability in the Search_Enhanced module ...)
+CVE-2005-3368
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3367 (Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog ...)
+CVE-2005-3367
 	NOT-FOR-US: SparkleBlog
-CVE-2005-3366 (PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 ...)
+CVE-2005-3366
 	NOT-FOR-US: PHP iCalendar
-CVE-2005-3365 (Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier ...)
+CVE-2005-3365
 	NOT-FOR-US: DCP-Portal
-CVE-2005-3364 (Multiple SQL injection vulnerabilities in DboardGear allow remote ...)
+CVE-2005-3364
 	NOT-FOR-US: DboardGear
-CVE-2005-3363 (SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 ...)
+CVE-2005-3363
 	NOT-FOR-US: saphp Lesson
 CVE-2005-3362
 	REJECTED
-CVE-2005-3361 (Cross-site scripting (XSS) vulnerability in forum/index.php in ...)
+CVE-2005-3361
 	NOT-FOR-US: FlatNuke
-CVE-2005-3360 (The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 ...)
+CVE-2005-3360
 	NOT-FOR-US: Trend Micro PC-Cillin Internet Security 2005
-CVE-2005-3359 (The atm module in Linux kernel 2.6 before 2.6.14 allows local users to ...)
+CVE-2005-3359
 	{DSA-1103}
 	- linux-2.6 2.6.14
-CVE-2005-3358 (Linux kernel before 2.6.15 allows local users to cause a denial of ...)
+CVE-2005-3358
 	{DSA-1017-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
-CVE-2005-3357 (mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost ...)
+CVE-2005-3357
 	- apache2 2.0.55-4 (bug #351246; low)
 	[sarge] - apache2 2.0.54-5sarge2
-CVE-2005-3356 (The mq_open system call in Linux kernel 2.6.9, in certain situations, ...)
+CVE-2005-3356
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-4
-CVE-2005-3355 (Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has ...)
+CVE-2005-3355
 	{DSA-901-1}
 	- gnump3d 2.9.8-1
-CVE-2005-3354 (Stack-based buffer overflow in the ldif_get_line function in ldif.c of ...)
+CVE-2005-3354
 	{DSA-908-1 DSA-906-1}
 	- sylpheed 2.0.4-1 (bug #338434; medium)
 	- sylpheed-gtk1 1.0.6-1 (medium)
 	- sylpheed-claws 1.0.5-2 (bug #338436; medium)
 	- sylpheed-claws-gtk2 1.9.100-1 (bug #339529; medium)
-CVE-2005-3353 (The exif_read_data function in the Exif module in PHP before 4.4.1 ...)
+CVE-2005-3353
 	{DSA-1206-1}
 	- php4 4:4.4.2-1 (bug #339577; medium)
 	- php5 5.1.1-1 (bug #336654; medium)
-CVE-2005-3352 (Cross-site scripting (XSS) vulnerability in the mod_imap module of ...)
+CVE-2005-3352
 	{DSA-1167-1}
 	- apache 1.3.34-2 (bug #343466; low)
 	- apache2 2.0.55-4 (bug #343467; bug #349793; low)
 	[sarge] - apache2 2.0.54-5sarge2
 	NOTE: Version(s): prior to 1.3.35-dev, 2.0.56-dev are affected
 	NOTE: Means oldstable and stable are affected
-CVE-2005-3351 (SpamAssassin 3.0.4 allows attackers to bypass spam detection via an ...)
+CVE-2005-3351
 	- spamassassin 3.1.0a-1 (bug #339526; low)
 	[sarge] - spamassassin <no-dsa> (DoS affects only a single message)
 	[woody] - spamassassin <no-dsa> (DoS affects only a single message)
-CVE-2005-3350 (libungif library before 4.1.0 allows attackers to corrupt memory and ...)
+CVE-2005-3350
 	{DSA-890-1}
 	- libungif4 4.1.3-4 (bug #337972; high)
 	- giflib 4.1.4-1 (bug #395382)
-CVE-2005-3349 (GNU Gnump3d before 2.9.8 allows local users to modify or delete ...)
+CVE-2005-3349
 	{DSA-901-1}
 	- gnump3d 2.9.8-1
-CVE-2005-3348 (HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 ...)
+CVE-2005-3348
 	{DSA-899-1 DSA-898-1 DSA-897-1}
 	- phpsysinfo 2.3-7 (bug #339079)
 	- egroupware 1.0.0.009.dfsg-3-3
 	- phpgroupware 0.9.16.008-2
-CVE-2005-3347 (Multiple directory traversal vulnerabilities in index.php in ...)
+CVE-2005-3347
 	{DSA-899-1 DSA-898-1 DSA-897-1}
 	- phpsysinfo 2.3-7 (bug #339079)
 	- egroupware 1.0.0.009.dfsg-3-3
 	- phpgroupware 0.9.16.008-2
-CVE-2005-3346 (Buffer overflow in the environment variable substitution code in ...)
+CVE-2005-3346
 	{DSA-918-1}
 	- osh 1.7-15 (bug #338312; bug #323424; bug #323482; bug #311369; medium)
-CVE-2005-3345 (rssh 2.0.0 through 2.2.3 allows local users to bypass access ...)
+CVE-2005-3345
 	- rssh 2.3.0-1 (bug #344395; bug #344424)
 	[sarge] - rssh 2.2.3-1.sarge.1
 	NOTE: Update was introduced through s-p-u, not a DSA
-CVE-2005-3344 (The default installation of Horde 3.0.4 contains an administrative ...)
+CVE-2005-3344
 	{DSA-884-1}
 	- horde3 3.0.5-2 (bug #332290; bug #332289; medium)
-CVE-2005-3343 (tkdiff before 4.1.1 allows local users to overwrite arbitrary files ...)
+CVE-2005-3343
 	{DSA-927-1}
 	- tkdiff 1:4.0.2-2 (low)
-CVE-2005-3342 (noweb 2.10c and earlier allows local users to overwrite arbitrary ...)
+CVE-2005-3342
 	{DSA-968-1}
 	- noweb 2.10c-3.2 (low)
-CVE-2005-3340 (The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and ...)
+CVE-2005-3340
 	{DSA-941-1}
 	- tuxpaint 1:0.9.15b-1 (low)
 CVE-2005-XXXX [ntop format string vulnerability]
 	- ntop 3:4.0.3+dfsg1-1 (bug #335996; unimportant)
 	NOTE: Not exploitable
-CVE-2005-3341 (DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users ...)
+CVE-2005-3341
 	{DSA-928-1}
 	- dhis-tools-dns 5.0-5
-CVE-2005-3339 (Mantis before 0.19.3 caches the User ID longer than necessary, which ...)
+CVE-2005-3339
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682)
-CVE-2005-3338 (Unspecified vulnerability in Mantis before 0.19.3, when using ...)
+CVE-2005-3338
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682; low)
-CVE-2005-3337 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis before ...)
+CVE-2005-3337
 	NOTE: This is a duplicate of CVE-2005-3091 (first issue) and CVE-2005-2557 (second
 	NOTE: issue). This will be rejected.
-CVE-2005-3336 (SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows ...)
+CVE-2005-3336
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (high)
-CVE-2005-3335 (PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php ...)
+CVE-2005-3335
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #335938; medium)
-CVE-2005-3334 (Cross-site scripting (XSS) vulnerability in index.php in Flyspray ...)
+CVE-2005-3334
 	{DSA-953-1}
 	- flyspray 0.9.8-4 (bug #335997; low)
 	NOTE: Sarge is confirmed vulnerable
-CVE-2005-3333 (SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to ...)
+CVE-2005-3333
 	NOT-FOR-US: eBASEweb
-CVE-2005-3332 (PHP remote file include vulnerability in admin/define.inc.php in ...)
+CVE-2005-3332
 	NOT-FOR-US: Belchior Foundry vCard
-CVE-2005-3331 (viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary ...)
+CVE-2005-3331
 	- mgdiff 1.0-28 (bug #335188; unimportant)
-CVE-2005-3330 (The _httpsrequest function in Snoopy 1.2, as used in products such as ...)
+CVE-2005-3330
 	- wordpress <not-affected> (bug #335817; unimportant)
 	NOTE: Upstream claims the modified Snoopy class is secure
-CVE-2005-3329 (Cross-site scripting (XSS) vulnerability in RSA Authentication Agent ...)
+CVE-2005-3329
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2005-3328 (PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 ...)
+CVE-2005-3328
 	NOT-FOR-US: PunBB
-CVE-2005-3327 (Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators ...)
+CVE-2005-3327
 	NOT-FOR-US: Data ONTAP
-CVE-2005-3326 (SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) ...)
+CVE-2005-3326
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3325 (Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in ...)
+CVE-2005-3325
 	{DSA-893-1}
 	- acidbase 1.2.1-1 (bug #335998; bug #336788; medium)
 	NOTE: the fix from 1.2-2 did not address the problem fully
 	- acidlab 0.9.6b20-13
-CVE-2005-3324 (SQL injection vulnerability in chat.php in MWChat 6.8 allows remote ...)
+CVE-2005-3324
 	NOT-FOR-US: MWChat
-CVE-2005-3323 (docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows ...)
+CVE-2005-3323
 	{DSA-910-1}
 	- zope2.8 2.8.1-7 (bug #334055; bug #334054; high)
 	- zope2.7 2.7.8-1 (bug #334055; bug #334054; high)
-CVE-2005-3322 (Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote ...)
+CVE-2005-3322
 	- squid <not-affected>
 	NOTE: see bug #334882 for details
-CVE-2005-3321 (chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify ...)
+CVE-2005-3321
 	NOT-FOR-US: SuSE-specific tool
-CVE-2005-3320 (Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager ...)
+CVE-2005-3320
 	NOT-FOR-US: SiteTurn Domain Manager
-CVE-2005-3319 (The apache2handler SAPI (sapi_apache2.c) in the Apache module ...)
+CVE-2005-3319
 	- php4 4:4.4.2-1 (bug #336004; bug #354684; low)
 	- php5 5.1.1-1 (bug #336005; low)
 	[sarge] - php4 <not-affected>
 	NOTE: can't reproduce, error may not be present in 4.3.
 	NOTE: tentatively marking as not-affected in sarge.
-CVE-2005-3318 (Buffer overflow in the _chm_decompress_block function in CHM lib ...)
+CVE-2005-3318
 	{DSA-886-1}
 	- chmlib 0.37-1 (bug #335931; medium)
-CVE-2005-3317 (Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and ...)
+CVE-2005-3317
 	NOT-FOR-US: ZipGenius
-CVE-2005-3316 (The installation of ON Symantec Discovery 4.5.x and Symantec Discovery ...)
+CVE-2005-3316
 	NOT-FOR-US: Symantec Discovery
-CVE-2005-3315 (Multiple SQL injection vulnerabilities in Novell ZENworks Patch ...)
+CVE-2005-3315
 	NOT-FOR-US: Novell ZENworks
-CVE-2005-3314 (Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 ...)
+CVE-2005-3314
 	NOT-FOR-US: Novell Netmail
-CVE-2005-3313 (The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ...)
+CVE-2005-3313
 	[woody] - ethereal <not-affected> (Only affects version 0.10.13)
 	[sarge] - ethereal <not-affected> (Only affects version 0.10.13)
 	- ethereal 0.10.14-1 (medium)
-CVE-2005-3312 (The HTML rendering engine in Microsoft Internet Explorer 6.0 allows ...)
+CVE-2005-3312
 	NOT-FOR-US: Microsoft
-CVE-2005-3311 (BMC Software Control-M 6.1.03 for Solaris, and possibly other ...)
+CVE-2005-3311
 	NOT-FOR-US: BMC Software Control-M
-CVE-2005-3310 (Interpretation conflict in phpBB 2.0.17, with remote avatars and ...)
+CVE-2005-3310
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #335662; low)
-CVE-2005-3309 (Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote ...)
+CVE-2005-3309
 	NOT-FOR-US: Zomplog
-CVE-2005-3308 (Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 ...)
+CVE-2005-3308
 	NOT-FOR-US: Zomplog
-CVE-2005-3307 (Directory traversal vulnerability in index.php for FlatNuke 2.5.6 ...)
+CVE-2005-3307
 	NOT-FOR-US: FlatNuke
-CVE-2005-3306 (Cross-site scripting (XSS) vulnerability in index.php for FlatNuke ...)
+CVE-2005-3306
 	NOT-FOR-US: FlatNuke
-CVE-2005-3305 (Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote ...)
+CVE-2005-3305
 	NOT-FOR-US: Nuked Klan
-CVE-2005-3304 (Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote ...)
+CVE-2005-3304
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3303 (The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 ...)
+CVE-2005-3303
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (high)
 CVE-2005-XXXX [kernel: Signedness problems in net/core/filter]
@@ -3664,61 +3664,61 @@ CVE-2005-XXXX [kernel: Signedness problems in net/core/filter]
 CVE-2005-XXXX [Insecure temp file usage in thttpd's syslogtocern]
 	- thttpd 2.23beta1-4 (low)
 	[sarge] - thttpd <no-dsa> (Minor issue in addon package)
-CVE-2005-3301 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2005-3301
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl3-1 (bug #335513; medium)
-CVE-2005-3300 (The register_globals emulation layer in grab_globals.php for ...)
+CVE-2005-3300
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl3-1 (bug #335306; high)
-CVE-2005-3299 (PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin ...)
+CVE-2005-3299
 	[sarge] - phpmyadmin <not-affected> (Not affected according to maintainer; #333433)
 	- phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high)
-CVE-2005-3298 (Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote ...)
+CVE-2005-3298
 	NOT-FOR-US: OpenWBEM
-CVE-2005-3297 (Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote ...)
+CVE-2005-3297
 	NOT-FOR-US: OpenWBEM
-CVE-2005-3296 (The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote ...)
+CVE-2005-3296
 	NOT-FOR-US: HP-UX
-CVE-2005-3295 (Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows ...)
+CVE-2005-3295
 	NOT-FOR-US: HP-UX
-CVE-2005-3294 (Typsoft FTP Server 1.11, with &quot;Sub Directory Include&quot; enabled, allows ...)
+CVE-2005-3294
 	NOT-FOR-US: Typsoft FTP Server
-CVE-2005-3293 (Xerver 4.17 allows remote attackers to (1) obtain source code of ...)
+CVE-2005-3293
 	NOT-FOR-US: Xerver
-CVE-2005-3292 (Multiple cross-site scripting (XSS) vulnerabilities in Xeobook 0.93 ...)
+CVE-2005-3292
 	NOT-FOR-US: Xeobook
-CVE-2005-3291 (Stani's Python Editor (SPE) 0.7.5 is installed with world-writable ...)
+CVE-2005-3291
 	- spe <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3290 (SQL injection vulnerability in Accelerated Mortgage Manager allows ...)
+CVE-2005-3290
 	NOT-FOR-US: Accelerated Mortgage manager
-CVE-2005-3289 (LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, ...)
+CVE-2005-3289
 	NOT-FOR-US: AIX
-CVE-2005-3288 (Mailsite Express allows remote attackers to upload and execute files ...)
+CVE-2005-3288
 	NOT-FOR-US: Mailsite Express
-CVE-2005-3287 (Incomplete blacklist vulnerability in Mailsite Express allows remote ...)
+CVE-2005-3287
 	NOT-FOR-US: Mailsite Express
-CVE-2005-3286 (The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall ...)
+CVE-2005-3286
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2005-3285 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2005-3285
 	NOT-FOR-US: Comersus Backoffice Plus
-CVE-2005-3284 (Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before ...)
+CVE-2005-3284
 	NOT-FOR-US: AhnLab
-CVE-2005-3283 (Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 ...)
+CVE-2005-3283
 	NOT-FOR-US: TikiWiki
-CVE-2005-3282 (Splatt Forum 3.0 to 3.2 allows remote attackers to bypass ...)
+CVE-2005-3282
 	NOT-FOR-US: Splatt Forum
-CVE-2005-3281 (Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 ...)
+CVE-2005-3281
 	NOT-FOR-US: PHP-Nuke addon
-CVE-2005-3280 (Paros 3.2.5 uses a default password for the &quot;sa&quot; account in the ...)
+CVE-2005-3280
 	NOT-FOR-US: Paros
-CVE-2005-3279 (Stack-based buffer overflow in the vgasco_printf function in Jan Kybic ...)
+CVE-2005-3279
 	- bmv 1.2-18 (bug #335497; unimportant)
 	NOTE: Vulnerable code not activated in binary package
-CVE-2005-3278 (Integer overflow in the openpsfile function in gsinterf.c for Jan ...)
+CVE-2005-3278
 	{DSA-981-1}
 	- bmv 1.2-18 (bug #335497; medium)
 	NOTE: Sarge and Woody are affected (and the patch applied to fix this in unstable works on both of them, an easy DSA)
-CVE-2005-3277 (The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote ...)
+CVE-2005-3277
 	NOT-FOR-US: HP-UX
 CVE-2005-XXXX [adduser's deluser creates backup files with world readable permissions]
 	- adduser 3.77 (bug #331720; low)
@@ -3726,209 +3726,209 @@ CVE-2005-XXXX [adduser's deluser creates backup files with world readable permis
 CVE-2005-XXXX [Pavuk Digest Authentication Buffer Overflow]
 	- pavuk 0.9.33-1 (bug #264684; high)
 	NOTE: second hole mentioned in bug report
-CVE-2005-3751 (HTTP request smuggling vulnerability in Pound before 1.9.4 allows ...)
+CVE-2005-3751
 	{DSA-934-1}
 	- pound 1.9.4-1 (low)
 	NOTE: see http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000
-CVE-2005-3276 (The sys_get_thread_area function in process.c in Linux 2.6 before ...)
+CVE-2005-3276
 	{DSA-922-1}
 	- linux-2.6 2.6.12-2
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3275 (The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in ...)
+CVE-2005-3275
 	{DSA-922-1 DSA-921-1}
 	- linux-2.6 2.6.13-1 (low)
 	- kernel-source-2.4.27 2.4.27-11 (low)
-CVE-2005-3274 (Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 ...)
+CVE-2005-3274
 	{DSA-922-1}
 	- linux-2.6 2.6.13-1 (low)
-CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for Radionet Open Source ...)
+CVE-2005-3273
 	{DSA-922-1}
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3272 (Linux kernel before 2.6.12 allows remote attackers to poison the ...)
+CVE-2005-3272
 	{DSA-922-1}
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3271 (Exec in Linux kernel 2.6 does not properly clear posix-timers in ...)
+CVE-2005-3271
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3270 (Untrusted search path vulnerability in DiskMountNotify for Symantec ...)
+CVE-2005-3270
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-3269 (Stack-based buffer overflow in help.cgi in the HTTP administrative ...)
+CVE-2005-3269
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2005-3268 (yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and ...)
+CVE-2005-3268
 	- yiff 2.14.2-8 (bug #334616; low)
 	[sarge] - yiff <no-dsa> (Only a minor privacy leak)
-CVE-2005-3267 (Integer overflow in Skype client before 1.4.x.84 on Windows, before ...)
+CVE-2005-3267
 	NOT-FOR-US: Skype
 CVE-2005-3266
 	REJECTED
-CVE-2005-3265 (Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows ...)
+CVE-2005-3265
 	NOT-FOR-US: Skype
-CVE-2005-3264 (Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog ...)
+CVE-2005-3264
 	NOT-FOR-US: Zeroblog
-CVE-2005-3263 (Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 ...)
+CVE-2005-3263
 	NOT-FOR-US: WinRAR
-CVE-2005-3262 (Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows ...)
+CVE-2005-3262
 	NOT-FOR-US: WinRAR
-CVE-2005-3261 (getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the ...)
+CVE-2005-3261
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2005-3260 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-3260
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2005-3259 (Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) ...)
+CVE-2005-3259
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2005-3258 (The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and ...)
+CVE-2005-3258
 	- squid <not-affected> (bug #334882; medium)
 	NOTE: Bug was introduced in a patch to squid-2.5.STABLE10,
 	NOTE: this patch was never applied to the Debian package.
-CVE-2005-3256 (The key selection dialogue in Enigmail before 0.92.1 can incorrectly ...)
+CVE-2005-3256
 	{DSA-889-1}
 	- enigmail 2:0.93-1 (bug #335731; medium)
-CVE-2005-3253 (Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to ...)
+CVE-2005-3253
 	NOT-FOR-US: Avaya Wireless Access Points
-CVE-2005-3252 (Stack-based buffer overflow in the Back Orifice (BO) preprocessor for ...)
+CVE-2005-3252
 	- snort <not-affected> (Vulnerable code was introduced later, see bug #334606)
-CVE-2005-3251 (Directory traversal vulnerability in the gallery script in Gallery 2.0 ...)
+CVE-2005-3251
 	- gallery2 2.0.1-1 (medium)
-CVE-2005-3250 (Unknown vulnerability in Solaris 10 allows local users to cause a ...)
+CVE-2005-3250
 	NOT-FOR-US: Solaris
-CVE-2005-3249 (Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ...)
+CVE-2005-3249
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.1 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3248 (Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ...)
+CVE-2005-3248
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.1 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3247 (The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ...)
+CVE-2005-3247
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.12)
 	[sarge] - ethereal <not-affected> (This only affects Ethereal 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
-CVE-2005-3246 (Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ...)
+CVE-2005-3246
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.9.14 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3245 (Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ...)
+CVE-2005-3245
 	- ethereal 0.10.13-1 (bug #334880; medium)
-CVE-2005-3244 (The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ...)
+CVE-2005-3244
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.3 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3243 (Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ...)
+CVE-2005-3243
 	{DSA-1171}
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: The SLIMP3 issue affects Woody/Sarge, the AgentX issue only Sarge
-CVE-2005-3242 (Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ...)
+CVE-2005-3242
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.9.7 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3241 (Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ...)
+CVE-2005-3241
 	{DSA-1171}
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: The ISAKMP issue only affects sid, the other three Woody and Sarge
-CVE-2005-3240 (Race condition in Microsoft Internet Explorer allows user-assisted ...)
+CVE-2005-3240
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option ...)
+CVE-2005-3238
 	NOT-FOR-US: Solaris
-CVE-2005-3257 (The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and ...)
+CVE-2005-3257
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-4 (bug #334113; medium)
-CVE-2005-3237 (Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows remote ...)
+CVE-2005-3237
 	NOT-FOR-US: Cyphor
-CVE-2005-3236 (Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote ...)
+CVE-2005-3236
 	NOT-FOR-US: Cyphor
-CVE-2005-3235 (Multiple interpretation error in unspecified versions of Proland ...)
+CVE-2005-3235
 	NOT-FOR-US: Proland Protector Plus
-CVE-2005-3234 (Multiple interpretation error in unspecified versions of Grisoft AVG ...)
+CVE-2005-3234
 	NOT-FOR-US: Grisoft AVG Antivirus
-CVE-2005-3233 (Multiple interpretation error in unspecified versions of Trustix ...)
+CVE-2005-3233
 	NOT-FOR-US: Trustix Antivirus
-CVE-2005-3232 (Multiple interpretation error in unspecified versions of TheHacker ...)
+CVE-2005-3232
 	NOT-FOR-US: TheHacker
-CVE-2005-3231 (Multiple interpretation error in unspecified versions of CAT Quick ...)
+CVE-2005-3231
 	NOT-FOR-US: CAT Quick Heal
-CVE-2005-3230 (Multiple interpretation error in unspecified versions of Panda ...)
+CVE-2005-3230
 	NOT-FOR-US: Panda Antivirus
-CVE-2005-3229 (Multiple interpretation error in unspecified versions of ClamAV ...)
+CVE-2005-3229
 	- clamav <not-affected> (predates any supported Debian release)
 	NOTE: Should rather be fixed in the buggy (fringe, proprietary) RAR unpackers
-CVE-2005-3228 (Multiple interpretation error in unspecified versions of Ikarus ...)
+CVE-2005-3228
 	NOT-FOR-US: Ikarus Antivirus
-CVE-2005-3227 (Multiple interpretation error in unspecified versions of UNA Antivirus ...)
+CVE-2005-3227
 	NOT-FOR-US: UNA Antivirus
-CVE-2005-3226 (Multiple interpretation error in unspecified versions of ArcaVir ...)
+CVE-2005-3226
 	NOT-FOR-US: ArcaVir
-CVE-2005-3225 (Multiple interpretation error in unspecified versions of (1) ...)
+CVE-2005-3225
 	NOT-FOR-US: eTrust Antivirus
-CVE-2005-3224 (Multiple interpretation error in unspecified versions of AntiVir ...)
+CVE-2005-3224
 	NOT-FOR-US: AntiVir
-CVE-2005-3223 (Multiple interpretation error in unspecified versions of Rising ...)
+CVE-2005-3223
 	NOT-FOR-US: Rising Antivirus
-CVE-2005-3222 (Multiple interpretation error in unspecified versions of VBA32 ...)
+CVE-2005-3222
 	NOT-FOR-US: VBA32 Antivirus
-CVE-2005-3221 (Multiple interpretation error in unspecified versions of Fortinet ...)
+CVE-2005-3221
 	NOT-FOR-US: Fortinet Antivirus
-CVE-2005-3220 (Multiple interpretation error in unspecified versions of Norman Virus ...)
+CVE-2005-3220
 	NOT-FOR-US: Norman Antivirus
-CVE-2005-3219 (Multiple interpretation error in unspecified versions of Avira ...)
+CVE-2005-3219
 	NOT-FOR-US: Avira Antivirus
-CVE-2005-3218 (Multiple interpretation error in unspecified versions of Dr.Web ...)
+CVE-2005-3218
 	NOT-FOR-US: Dr. Web Antivirus
-CVE-2005-3217 (Multiple interpretation error in unspecified versions of Symantec ...)
+CVE-2005-3217
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-3216 (Multiple interpretation error in unspecified versions of Sophos ...)
+CVE-2005-3216
 	NOT-FOR-US: Sophos Antivirus
-CVE-2005-3215 (Multiple interpretation error in unspecified versions of McAfee ...)
+CVE-2005-3215
 	NOT-FOR-US: McAfee Antivirus
-CVE-2005-3214 (Multiple interpretation error in unspecified versions of Avast ...)
+CVE-2005-3214
 	NOT-FOR-US: Avast Antovirus
-CVE-2005-3213 (Multiple interpretation error in unspecified versions of F-Prot ...)
+CVE-2005-3213
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2005-3212 (Multiple interpretation error in unspecified versions of NOD32 ...)
+CVE-2005-3212
 	NOT-FOR-US: NOD32 Antivirus
-CVE-2005-3211 (Multiple interpretation error in unspecified versions of BitDefender ...)
+CVE-2005-3211
 	NOT-FOR-US: BitDefender Antivirus
-CVE-2005-3210 (Multiple interpretation error in unspecified versions of Kaspersky ...)
+CVE-2005-3210
 	NOT-FOR-US: Kaspersky Antivirus
-CVE-2005-3209 (Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store ...)
+CVE-2005-3209
 	NOT-FOR-US: aeNovo apps
-CVE-2005-3208 (Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop ...)
+CVE-2005-3208
 	NOT-FOR-US: aeNovo apps
-CVE-2005-3207 (The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote ...)
+CVE-2005-3207
 	NOT-FOR-US: Oracle
-CVE-2005-3206 (iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 ...)
+CVE-2005-3206
 	NOT-FOR-US: Oracle
-CVE-2005-3205 (Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in ...)
+CVE-2005-3205
 	NOT-FOR-US: Oracle
-CVE-2005-3204 (Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows ...)
+CVE-2005-3204
 	NOT-FOR-US: Oracle
-CVE-2005-3203 (The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 ...)
+CVE-2005-3203
 	NOT-FOR-US: Oracle
-CVE-2005-3202 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB ...)
+CVE-2005-3202
 	NOT-FOR-US: Oracle
-CVE-2005-3201 (SQL injection vulnerability in news.php for Utopia News Pro (UNP) ...)
+CVE-2005-3201
 	NOT-FOR-US: Utopia News Pro
-CVE-2005-3200 (Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro ...)
+CVE-2005-3200
 	NOT-FOR-US: Utopia News Pro
-CVE-2005-3199 (Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ ...)
+CVE-2005-3199
 	NOT-FOR-US: aspReady
-CVE-2005-3198 (Webroot Desktop Firewall before 1.3.0build52 allows local users to ...)
+CVE-2005-3198
 	NOT-FOR-US: Webroot Desktop Firewall
-CVE-2005-3197 (Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop ...)
+CVE-2005-3197
 	NOT-FOR-US: Webroot Desktop Firewall
-CVE-2005-3196 (Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a ...)
+CVE-2005-3196
 	NOT-FOR-US: Planet Technology switch
 CVE-2005-3195
 	REJECTED
-CVE-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...)
+CVE-2005-3194
 	NOT-FOR-US: ALZip
-CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream function ...)
+CVE-2005-3193
 	{DSA-984-1 DSA-982-1 DSA-979-1 DSA-961-1 DSA-950-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3942,7 +3942,7 @@ CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream funct
 	- cupsys 1.1.23-13 (unimportant)
 	- cups 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
-CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpdf ...)
+CVE-2005-3192
 	{DSA-1019-1 DSA-983-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3957,7 +3957,7 @@ CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpd
 	- cupsys 1.1.23-13 (unimportant)
 	- cups 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
-CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
+CVE-2005-3191
 	{DSA-984-1 DSA-983-1 DSA-982-1 DSA-979-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3971,40 +3971,40 @@ CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
 	- libextractor 0.5.8-1 (medium)
 	- cups 1.1.23-13 (unimportant)
 	- cupsys 1.1.23-13 (unimportant)
-CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...)
+CVE-2005-3190
 	NOT-FOR-US: iGateway
-CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP Server ...)
+CVE-2005-3189
 	NOT-FOR-US: Qualcomm WorldMail IMAP Server
-CVE-2005-3188 (Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to ...)
+CVE-2005-3188
 	NOT-FOR-US: Winamp
-CVE-2005-3187 (The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a ...)
+CVE-2005-3187
 	NOT-FOR-US: WinProxy
-CVE-2005-3186 (Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in ...)
+CVE-2005-3186
 	{DSA-913-1 DSA-911-1}
 	- gtk+2.0 2.6.10-2 (bug #339431; medium)
 	- gdk-pixbuf 0.22.0-11 (bug #339431; bug #339458; medium)
-CVE-2005-3184 (Buffer overflow vulnerability in the unicode_to_bytes in the Service ...)
+CVE-2005-3184
 	[woody] - ethereal <not-affected> (Affects only Ethereal 0.10.10 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww ...)
+CVE-2005-3183
 	- w3c-libwww 5.4.0-11 (bug #334443; low)
 	[sarge] - w3c-libwww <no-dsa> (Minor DoS)
-CVE-2005-3182 (Buffer overflow in the HTTP management interface for GFI MailSecurity ...)
+CVE-2005-3182
 	NOT-FOR-US: GFI MailSecurity
 CVE-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]
 	- xscreensaver 4.23-2 (bug #334193; low)
 	[sarge] - xscreensaver <no-dsa> (Unproblematic for users running stable)
-CVE-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...)
+CVE-2005-3185
 	{DSA-919-2}
 	- wget 1.10.2-1 (medium)
 	[sarge] - wget <not-affected> (Does not contain NTML authentication code)
 	[woody] - wget <not-affected> (Does not contain NTML authentication code)
 	- curl 7.15.0-1 (bug #333734; medium)
-CVE-2005-3239 (The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows ...)
+CVE-2005-3239
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (bug #333566; medium)
-CVE-2005-3181 (The audit system in Linux kernel 2.6.6, and other versions before ...)
+CVE-2005-3181
 	{DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental1 (low)
 	- kernel-source-2.4.27 <not-affected> (2.4 kernels don't have CONFIG_AUDITSYSCALL)
@@ -4012,192 +4012,192 @@ CVE-2005-XXXX [Missing safemode checks in PHP's _php_image_output functions]
 	- php5 5.0.5-2 (unimportant)
 	- php4 4:4.4.0-3 (unimportant)
 	NOTE: Safe mode violations not supported
-CVE-2005-3180 (The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does ...)
+CVE-2005-3180
 	{DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
-CVE-2005-3119 (Memory leak in the request_key_auth_destroy function in ...)
+CVE-2005-3119
 	- linux-2.6 2.6.13-2 (low)
 	- kernel-source-2.4.27 <not-affected>
 	NOTE: 2.6.12 itself not affected, fixed in SVN
-CVE-2005-3179 (drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs ...)
+CVE-2005-3179
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3178 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow ...)
+CVE-2005-3178
 	{DSA-859-1 DSA-858-1}
 	- xloadimage 4.1-15 (bug #332524; medium)
 	- xli 1.17.0-20 (medium)
 	NOTE: xli couldn't load the provided test images when I checked?
-CVE-2005-3302 (Eval injection vulnerability in bvh_import.py in Blender 2.36 allows ...)
+CVE-2005-3302
 	{DSA-1039-1}
 	- blender 2.37a-1 (bug #330895; medium)
 	[woody] - blender <not-affected> (Woody's blender does not contain the bvh_import.py script)
-CVE-2005-3177 (CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, ...)
+CVE-2005-3177
 	NOT-FOR-US: Microsoft
-CVE-2005-3176 (Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record ...)
+CVE-2005-3176
 	NOT-FOR-US: Microsoft
-CVE-2005-3175 (Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a local ...)
+CVE-2005-3175
 	NOT-FOR-US: Microsoft
-CVE-2005-3174 (Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to ...)
+CVE-2005-3174
 	NOT-FOR-US: Microsoft
-CVE-2005-3173 (Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply ...)
+CVE-2005-3173
 	NOT-FOR-US: Microsoft
-CVE-2005-3172 (The WideCharToMultiByte function in Microsoft Windows 2000 before ...)
+CVE-2005-3172
 	NOT-FOR-US: Microsoft
-CVE-2005-3171 (Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID ...)
+CVE-2005-3171
 	NOT-FOR-US: Microsoft
-CVE-2005-3170 (The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for ...)
+CVE-2005-3170
 	NOT-FOR-US: Microsoft
-CVE-2005-3169 (Microsoft Windows 2000 before Update Rollup 1 for SP4, when the &quot;audit ...)
+CVE-2005-3169
 	NOT-FOR-US: Microsoft
-CVE-2005-3168 (The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 ...)
+CVE-2005-3168
 	NOT-FOR-US: Microsoft
-CVE-2005-3167 (Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not ...)
+CVE-2005-3167
 	- mediawiki 1.4.11-1 (bug #332408; medium)
-CVE-2005-3166 (Unspecified vulnerability in &quot;edit submission handling&quot; for MediaWiki ...)
+CVE-2005-3166
 	- mediawiki 1.4.11-1 (bug #332408)
-CVE-2005-3165 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki ...)
+CVE-2005-3165
 	- mediawiki 1.4.9
-CVE-2005-3164 (The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 ...)
+CVE-2005-3164
 	NOT-FOR-US: Hitachi Cosminexus Application Server
-CVE-2005-3163 (Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers ...)
+CVE-2005-3163
 	- polipo 0.9.9-1 (bug #332411; low)
 	[sarge] - polipo <no-dsa> (Minor issue)
 CVE-2005-3162
 	REJECTED
-CVE-2005-3161 (Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 ...)
+CVE-2005-3161
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3160 (Multiple SQL injection vulnerabilities in photogallery.php in ...)
+CVE-2005-3160
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3159 (SQL injection vulnerability in messages.php in PHP-Fusion allows ...)
+CVE-2005-3159
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3158 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and ...)
+CVE-2005-3158
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3157 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 ...)
+CVE-2005-3157
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3156 (Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy ...)
+CVE-2005-3156
 	NOT-FOR-US: EasyGuppy
-CVE-2005-3155 (Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and ...)
+CVE-2005-3155
 	NOT-FOR-US: MailEnable Enterprise
-CVE-2005-3154 (Format string vulnerability in the logging functionality in ...)
+CVE-2005-3154
 	NOT-FOR-US: Bitdefender Antivirus
-CVE-2005-3153 (login.php in myBloggie 2.1.3 beta and earlier allows remote attackers ...)
+CVE-2005-3153
 	NOT-FOR-US: MyBloggie
-CVE-2005-3152 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 ...)
+CVE-2005-3152
 	NOT-FOR-US: CubeCart
-CVE-2005-3151 (Buffer overflow in blenderplay in Blender Player 2.37a allows ...)
+CVE-2005-3151
 	- blender <unfixed> (bug #332413; unimportant)
 	NOTE: To exploit this an attacker would need to trick a user into opening a file
 	NOTE: with a very suspicious file, no automatic processing of Blender files
 	NOTE: This might even be fixed in 2.42
-CVE-2005-3150 (Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, ...)
+CVE-2005-3150
 	{DSA-855-1}
 	- weex 2.6.1-6sarge1 (bug #332424; medium)
-CVE-2005-3149 (Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly ...)
+CVE-2005-3149
 	{DSA-895-1 DTSA-22-1}
 	- uim 1:0.4.7-2 (bug #331620; medium)
-CVE-2005-3148 (StoreBackup before 1.19 does not properly set the uid and guid for ...)
+CVE-2005-3148
 	{DSA-1022-1}
 	- storebackup 1.19-1 (bug #332434)
-CVE-2005-3147 (StoreBackup before 1.19 creates the backup root with world-readable ...)
+CVE-2005-3147
 	{DSA-1022-1}
 	- storebackup 1.19-1 (bug #332434; medium)
-CVE-2005-3146 (StoreBackup before 1.19 allows local users to perform unauthorized ...)
+CVE-2005-3146
 	{DSA-1022-1}
 	- storebackup 1.19-2 (bug #332434; medium)
 	NOTE: The upstream fix only mitigated the issue, but didn't fix it
-CVE-2005-3145 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ...)
+CVE-2005-3145
 	NOT-FOR-US: Standard Based Linux Instrumentation
-CVE-2005-3144 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ...)
+CVE-2005-3144
 	NOT-FOR-US: Standard Based Linux Instrumentation
-CVE-2005-3143 (Unspecified vulnerability in the Mailbox Server for 4D WebStar before ...)
+CVE-2005-3143
 	NOT-FOR-US: Mailbox Server for 4D WebStar
-CVE-2005-3142 (Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and ...)
+CVE-2005-3142
 	NOT-FOR-US: Kaspersky Antivirus
-CVE-2005-3141 (Cerulean Studios Trillian 3.0 allows remote attackers to cause a ...)
+CVE-2005-3141
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-3140 (Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions ...)
+CVE-2005-3140
 	NOT-FOR-US: Procom NetFORCE
-CVE-2005-3137 (The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow ...)
+CVE-2005-3137
 	{DSA-836-1 DSA-835-1}
 	- cfengine <removed> (bug #332433; low)
 	- cfengine2 2.1.17-1 (bug #332432; low)
 	NOTE: maintainer does not think it's a hole, script is unused/broken
-CVE-2005-3136 (Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and ...)
+CVE-2005-3136
 	NOT-FOR-US: Virtools Web Player
-CVE-2005-3135 (Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows ...)
+CVE-2005-3135
 	NOT-FOR-US: Virtools Web Player
-CVE-2005-3134 (Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote ...)
+CVE-2005-3134
 	NOT-FOR-US: Citrix
-CVE-2005-3133 (Multiple directory traversal vulnerabilities in MERAK Mail Server ...)
+CVE-2005-3133
 	NOT-FOR-US: MERAK Mail Server
-CVE-2005-3132 (MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly ...)
+CVE-2005-3132
 	NOT-FOR-US: MERAK Mail Server
-CVE-2005-3131 (Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail ...)
+CVE-2005-3131
 	NOT-FOR-US: MERAK Mail Server
-CVE-2005-3130 (SQL injection vulnerability in lucidCMS 1.0.11 allows remote attackers ...)
+CVE-2005-3130
 	NOT-FOR-US: lucidCMS
-CVE-2005-3129 (Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 ...)
+CVE-2005-3129
 	- serendipity 1.0-1
-CVE-2005-3128 (Cross-site scripting (XSS) vulnerability in add.php in Address Add ...)
+CVE-2005-3128
 	NOT-FOR-US: Address Add Plugin for Squirrelmail
-CVE-2005-3127 (Cross-site scripting (XSS) vulnerability in index.php in lucidCMS ...)
+CVE-2005-3127
 	NOT-FOR-US: lucidCMS
-CVE-2005-3126 (The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) ...)
+CVE-2005-3126
 	{DSA-945-1}
 	- antiword 0.35-2 (low)
 CVE-2005-3125
 	REJECTED
-CVE-2005-3124 (syslogtocern in Acme thttpd before 2.23 allows local users to write ...)
+CVE-2005-3124
 	{DSA-883-1}
 	- thttpd 2.23beta1-4
-CVE-2005-3123 (Directory traversal vulnerability in GNUMP3D before 2.9.6 allows ...)
+CVE-2005-3123
 	{DSA-877-1}
 	- gnump3d 2.9.6-1 (medium)
 CVE-2005-3122
 	REJECTED
-CVE-2005-3121 (A rule file in module-assistant before 0.9.10 causes a temporary file ...)
+CVE-2005-3121
 	{DSA-867-1}
 	- module-assistant 0.9.10
-CVE-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and ...)
+CVE-2005-3120
 	{DSA-1085-1 DSA-876-1 DSA-874-1}
 	- lynx 2.8.5-2sarge1 (bug #335033; high)
 	- lynx-cur 2.8.6-16 (bug #334423; high)
 	- lynx-ssl <removed>
-CVE-2005-3118 (Mason before 1.0.0 does not install the init script after the user ...)
+CVE-2005-3118
 	{DSA-845-1}
 	- mason 1.0.0-3
 CVE-2005-3117
 	REJECTED
-CVE-2005-3116 (Stack-based buffer overflow in a shared library as used by the Volume ...)
+CVE-2005-3116
 	NOT-FOR-US: VERITAS Backup
-CVE-2005-3115 (mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, ...)
+CVE-2005-3115
 	NOT-FOR-US: mpeg-tools
-CVE-2005-3114 (Buffer overflow in the ActiveX control for NateOn Messenger ...)
+CVE-2005-3114
 	NOT-FOR-US: NateOn Messenger
-CVE-2005-3113 (The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) ...)
+CVE-2005-3113
 	NOT-FOR-US: NateOn Messenger
-CVE-2005-3112 (The &quot;reset password&quot; feature in Macromedia Breeze 5.0 stores passwords ...)
+CVE-2005-3112
 	NOT-FOR-US: Macromedia Breeze
-CVE-2005-3110 (Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, ...)
+CVE-2005-3110
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.11)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3109 (The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to ...)
+CVE-2005-3109
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.12)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3108 (mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to ...)
+CVE-2005-3108
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.12)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3107 (fs/exec.c in Linux 2.6, when one thread is tracing another thread that ...)
+CVE-2005-3107
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; in 2.6.11)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3106 (Race condition in Linux 2.6, when threads are sharing memory mapping ...)
+CVE-2005-3106
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
-CVE-2005-3105 (The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito ...)
+CVE-2005-3105
 	{DSA-922-1}
 	- kernel-source-2.4.27 <unfixed> (bug #332569; unimportant)
 	NOTE: Montecito CPUs are not available on the market yet
@@ -4216,7 +4216,7 @@ CVE-2005-XXXX [coreutils ignores umask when using -m in mkdir, mkfifo and mknod]
 CVE-2005-XXXX [tar's rmt command may have undesired side effects]
 	- tar <unfixed> (bug #290435; unimportant)
 	[sarge] - tar <no-dsa> (Hardly exploitable)
-CVE-2005-3752 (Unspecified vulnerability in ldapdiff before 1.1.1 has unknown impact ...)
+CVE-2005-3752
 	- ldapdiff <not-affected> (The version in Debian doesn't contain the vulnerable code, see #306878)
 CVE-2005-XXXX [hdup inproperly preserves permissions on directories]
 	- hdup 2.0.14-2 (bug #302790; low)
@@ -4226,15 +4226,15 @@ CVE-2005-XXXX [DoS triggering endless loops in findutils -follow option]
 	- findutils 4.2.22-1 (bug #313081)
 	[woody] - findutils <not-affected> (Only code between 4.2.18 and 4.2.22 affected)
 	[sarge] - findutils <not-affected> (Only code between 4.2.18 and 4.2.22 affected)
-CVE-2005-3138 (Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows ...)
+CVE-2005-3138
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.18 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.18 is affected)
 	- bugzilla 2.18.4-1 (bug #331206; medium)
-CVE-2005-3139 (Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on ...)
+CVE-2005-3139
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.19 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.19 is affected)
 	- bugzilla 2.18.4-1 (bug #331206; medium)
-CVE-2005-2966 (The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and ...)
+CVE-2005-2966
 	{DSA-847-1}
 	- dia 0.94.0-15 (bug #330890; medium)
 CVE-2005-XXXX [Insecure temp files in linux-wlan-ng]
@@ -4243,147 +4243,147 @@ CVE-2005-XXXX [Heap overflow in libosip URI parsing]
 	- libosip2 2.0.9-1 (bug #308737)
 CVE-2005-XXXX [rkhunter: Insecure temporary file]
 	- rkhunter 1.2.7-14 (bug #330627; medium)
-CVE-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to ...)
+CVE-2005-3104
 	NOT-FOR-US: Movable Type
-CVE-2005-3103 (Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 ...)
+CVE-2005-3103
 	NOT-FOR-US: Movable Type
-CVE-2005-3102 (The administrative interface in Movable Type allows attackers to ...)
+CVE-2005-3102
 	NOT-FOR-US: Movable Type
-CVE-2005-3101 (The password reset feature in Movable Type before 3.2 generates ...)
+CVE-2005-3101
 	NOT-FOR-US: Movable Type
-CVE-2005-3100 (Unspecified &quot;PPTP Remote DoS Vulnerability&quot; in Astaro Security Linux ...)
+CVE-2005-3100
 	NOT-FOR-US: Astato Security Linux
-CVE-2005-3099 (Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in ...)
+CVE-2005-3099
 	NOT-FOR-US: Solaris
-CVE-2005-3098 (poppassd in Qualcomm qpopper 4.0.8 allows local users to modify ...)
+CVE-2005-3098
 	- qpopper <not-affected> (bug #330123; Vulnerable code not shipped in binary)
-CVE-2005-3097 (Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka ...)
+CVE-2005-3097
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3096 (Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote ...)
+CVE-2005-3096
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3095 (Avi Alkalay notify program, dated 19 Aug 2001, allows remote attackers ...)
+CVE-2005-3095
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3094 (Avi Alkalay man-cgi script allows remote attackers to execute ...)
+CVE-2005-3094
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3093 (Nokia 7610 and 3210 phones allows attackers to cause a denial of ...)
+CVE-2005-3093
 	NOT-FOR-US: Nokia cell phones
-CVE-2005-3092 (Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 ...)
+CVE-2005-3092
 	NOT-FOR-US: Image-Line Software FL Studio
-CVE-2005-3091 (Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 ...)
+CVE-2005-3091
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682; low)
-CVE-2005-3090 (Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php ...)
+CVE-2005-3090
 	- mantis 0.19.2-4 (bug #330682; medium)
-CVE-2005-3089 (Firefox 1.0.6 allows attackers to cause a denial of service (crash) ...)
+CVE-2005-3089
 	- mozilla-firefox 1.0.7-1 (unimportant)
 	NOTE: Browser crashes not treated as security problems
-CVE-2005-3088 (fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 ...)
+CVE-2005-3088
 	{DSA-900-3}
 	- fetchmail 6.2.5.4-1 (bug #336096; low)
-CVE-2005-3111 (The handler code for backupninja 0.8 and earlier creates temporary ...)
+CVE-2005-3111
 	{DSA-827-1}
 	- backupninja 0.8-2 (medium)
 CVE-2005-XXXX [microcode.ctl downloads microcode w/o user confirmation]
 	- microcode.ctl 0.20080131-1 (bug #282583; unimportant)
 	NOTE: The validity of the microcode is ensure inside the CPU
-CVE-2005-3087 (The SecureW2 3.0 TLS implementation uses weak random number generators ...)
+CVE-2005-3087
 	NOT-FOR-US: SecureW2 TLS
-CVE-2005-3086 (Directory traversal vulnerability in admin/about.php in contentServ ...)
+CVE-2005-3086
 	NOT-FOR-US: contentSrv
-CVE-2005-3085 (Multiple cross-site scripting (XSS) vulnerabilities in rss.php in ...)
+CVE-2005-3085
 	NOT-FOR-US: Riverdark Studios RSS Syndicator
-CVE-2005-3084 (Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP ...)
+CVE-2005-3084
 	NOT-FOR-US: Sony PSP
-CVE-2005-3083 (Cross-site scripting (XSS) vulnerability in index.php in CMS Made ...)
+CVE-2005-3083
 	NOT-FOR-US: CMS Made Simple
-CVE-2005-3082 (SQL injection vulnerability in admin.php in SEO-Board 1.0.2 allows ...)
+CVE-2005-3082
 	NOT-FOR-US: SEO-Board
-CVE-2005-3081 (wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary ...)
+CVE-2005-3081
 	{DSA-1006-1}
 	- wzdftpd 0.5.5-1 (high)
-CVE-2005-3080 (contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to ...)
+CVE-2005-3080
 	NOT-FOR-US: GeSHi
-CVE-2005-3079 (PunBB before 1.2.8 allows remote attackers to perform &quot;code inclusion&quot; ...)
+CVE-2005-3079
 	NOT-FOR-US: PunBB
-CVE-2005-3078 (Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows ...)
+CVE-2005-3078
 	NOT-FOR-US: PunBB
-CVE-2005-3077 (Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers ...)
+CVE-2005-3077
 	NOT-FOR-US: Microsoft
-CVE-2005-3076 (Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL ...)
+CVE-2005-3076
 	NOT-FOR-US: Simplog
-CVE-2005-3075 (SQL injection vulnerability in Zengaia before 0.2 allows remote ...)
+CVE-2005-3075
 	NOT-FOR-US: Zengaia
-CVE-2005-3074 (SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and ...)
+CVE-2005-3074
 	NOT-FOR-US: RSyslog
-CVE-2005-3073 (Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, ...)
+CVE-2005-3073
 	- interchange 5.2.1-1 (bug #329705)
-CVE-2005-3072 (SQL injection vulnerability in pages/forum/submit.html in Interchange ...)
+CVE-2005-3072
 	- interchange 5.2.1-1 (bug #329705; medium)
-CVE-2005-3071 (Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and ...)
+CVE-2005-3071
 	NOT-FOR-US: Solaris
-CVE-2005-3070 (HylaFax 4.2.1 and earlier does not create or verify ownership of the ...)
+CVE-2005-3070
 	- hylafax 1:4.2.2+rc1 (bug #329384; unimportant)
 	NOTE: This was judged non-exploitable
-CVE-2005-3069 (xferfaxstats in HylaFax 4.2.1 and earlier allows local users to ...)
+CVE-2005-3069
 	{DSA-865-1}
 	- hylafax 1:4.2.2+rc1 (bug #329384; low)
-CVE-2005-3068 (Unspecified vulnerability in Eric Integrated Development Environment ...)
+CVE-2005-3068
 	{DSA-869-1}
 	- eric 3.7.2-1 (bug #330608; medium)
-CVE-2005-3067 (Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver ...)
+CVE-2005-3067
 	NOT-FOR-US: PerlDiver
-CVE-2005-3066 (Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver ...)
+CVE-2005-3066
 	NOT-FOR-US: PerlDiver
-CVE-2005-3065 (MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to ...)
+CVE-2005-3065
 	NOT-FOR-US: MultiTheftAuto
-CVE-2005-3064 (MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client ...)
+CVE-2005-3064
 	NOT-FOR-US: MultiTheftAuto
-CVE-2005-3063 (SQL injection vulnerability in MailGust 1.9 allows remote attackers to ...)
+CVE-2005-3063
 	NOT-FOR-US: MailGust
-CVE-2005-3062 (PHP remote file inclusion vulnerability in index.php in AlstraSoft ...)
+CVE-2005-3062
 	NOT-FOR-US: AlstraSoft E-Friends
-CVE-2005-3061 (Multiple stack-based buffer overflows in PowerArchiver 8.10 through ...)
+CVE-2005-3061
 	NOT-FOR-US: PowerArchiver
 CVE-2005-XXXX [Multiple security issues when using distcc without ssh auth]
 	- distcc 2.18.3-3 (bug #298929; low)
 	[sarge] - distcc <no-dsa> (Only affects distcc in a very non-standard way not recommended for unstrusted environments)
-CVE-2005-3060 (Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to ...)
+CVE-2005-3060
 	NOT-FOR-US: AIX
-CVE-2005-3059 (Multiple unspecified vulnerabilities in Opera 8.50 on Linux and ...)
+CVE-2005-3059
 	NOT-FOR-US: Opera
-CVE-2005-3058 (Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS ...)
+CVE-2005-3058
 	NOT-FOR-US: FortiGate
-CVE-2005-3057 (The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, ...)
+CVE-2005-3057
 	NOT-FOR-US: FortiGate
 CVE-2005-3056 [TWiki INCLUDE function allows arbitrary shell command execution ]
 	RESERVED
 	- twiki 20040902-2 (bug #330733; high)
-CVE-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial ...)
+CVE-2005-3055
 	{DSA-1017-1}
 	- linux-2.6 2.6.14-1 (bug #330287; bug #332587; medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3054 (fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not ...)
+CVE-2005-3054
 	- php4 4:4.4.0-3 (bug #353585; bug #354685; medium)
 	- php5 5.0.5-2 (bug #353585; medium)
 	[sarge] - php4 <no-dsa> (open_basedir violations not supported)
-CVE-2005-3053 (The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x ...)
+CVE-2005-3053
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-3 (bug #330343; bug #330353; medium)
-CVE-2005-3052 (SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 ...)
+CVE-2005-3052
 	NOT-FOR-US: jportal
-CVE-2005-3051 (Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for ...)
+CVE-2005-3051
 	NOT-FOR-US: 7-Zip
-CVE-2005-3050 (PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information ...)
+CVE-2005-3050
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3049 (PhpMyFaq 1.5.1 stores data files under the web document root with ...)
+CVE-2005-3049
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3048 (Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 ...)
+CVE-2005-3048
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3047 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 ...)
+CVE-2005-3047
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3046 (SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows ...)
+CVE-2005-3046
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3045 (SQL injection vulnerability in search.php in My Little Forum 1.5 and ...)
+CVE-2005-3045
 	NOT-FOR-US: My Little Forum
 CVE-2005-XXXX [egroupware unsafe use of /tmp for storing a log file]
 	- egroupware 1.0.0.009.dfsg-3-1 (bug #329597; low)
@@ -4398,306 +4398,306 @@ CVE-2005-XXXX [kdebase uses urandom as an entropy source]
 	- kdebase <unfixed> (bug #325369; unimportant)
 	NOTE: Only affects the unofficial BSD/Hurd ports or 2.2 kernels
 	NOTE: on Linux urandom should provide sufficient entropy
-CVE-2005-3753 (Linux kernel before after 2.6.12 and before 2.6.13.1 might allow ...)
+CVE-2005-3753
 	- linux-2.6 2.6.12-7 (low)
-CVE-2005-3043 (SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows ...)
+CVE-2005-3043
 	NOT-FOR-US: Mall23 eCommerce
-CVE-2005-3042 (miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when ...)
+CVE-2005-3042
 	- webmin 1.230-1 (high; bug #329741)
 	[sarge] - webmin <not-affected> (Vulnerable code not present, see #329741)
 	- usermin 1.160-1 (high; bug #329742)
 	NOTE: SNS Advisory 83, http://marc.info:80/?m=112733083203821
-CVE-2005-3041 (Unspecified &quot;drag-and-drop vulnerability&quot; in Opera Web Browser before ...)
+CVE-2005-3041
 	NOT-FOR-US: Opera
-CVE-2005-3040 (Directory traversal vulnerability in the web interface (ISALogin.dll) ...)
+CVE-2005-3040
 	NOT-FOR-US: TAC Vista
-CVE-2005-3039 (SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows ...)
+CVE-2005-3039
 	NOT-FOR-US: Mall23 eCommerce
-CVE-2005-3038 (Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 ...)
+CVE-2005-3038
 	NOT-FOR-US: Hosting Controller
-CVE-2005-3037 (Cross-site scripting (XSS) vulnerability in Handy Address Book Server ...)
+CVE-2005-3037
 	NOT-FOR-US: Handy Address Book Server
-CVE-2005-3036 (File Transfer Anywhere 3.01 stores sensitive password information in ...)
+CVE-2005-3036
 	NOT-FOR-US: File Transfer Anywhere
-CVE-2005-3035 (Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 ...)
+CVE-2005-3035
 	NOT-FOR-US: Compuware DriverStudio
-CVE-2005-3034 (Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 ...)
+CVE-2005-3034
 	NOT-FOR-US: Compuware DriverStudio
-CVE-2005-3033 (Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to ...)
+CVE-2005-3033
 	NOT-FOR-US: vxWeb - WinCE software
-CVE-2005-3032 (Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a ...)
+CVE-2005-3032
 	NOT-FOR-US: vxTfpSrv - WinCE software
-CVE-2005-3031 (Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute ...)
+CVE-2005-3031
 	NOT-FOR-US: vxTfpSrv - WinCE software
-CVE-2005-3030 (Directory traversal vulnerability in the archive decompression library ...)
+CVE-2005-3030
 	NOT-FOR-US: Ahnlab Anti virus
-CVE-2005-3029 (Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 ...)
+CVE-2005-3029
 	NOT-FOR-US: Ahnlab Anti virus
 CVE-2005-3028
 	REJECTED
-CVE-2005-3027 (Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which ...)
+CVE-2005-3027
 	NOT-FOR-US: Sybari Antigen anti spam solution
-CVE-2005-3026 (Directory traversal vulnerability in index.php in Alstrasoft Epay Pro ...)
+CVE-2005-3026
 	NOT-FOR-US: Epay Pro
-CVE-2005-3025 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 ...)
+CVE-2005-3025
 	NOT-FOR-US: vBulletin
-CVE-2005-3024 (Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier ...)
+CVE-2005-3024
 	NOT-FOR-US: vBulletin
-CVE-2005-3023 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 ...)
+CVE-2005-3023
 	NOT-FOR-US: vBulletin
-CVE-2005-3022 (Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier ...)
+CVE-2005-3022
 	NOT-FOR-US: vBulletin
-CVE-2005-3021 (image.php in vBulletin 3.0.9 and earlier allows remote attackers with ...)
+CVE-2005-3021
 	NOT-FOR-US: vBulletin
-CVE-2005-3020 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin ...)
+CVE-2005-3020
 	NOT-FOR-US: vBulletin
-CVE-2005-3019 (Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow ...)
+CVE-2005-3019
 	NOT-FOR-US: vBulletin
-CVE-2005-3018 (Apple Safari allows remote attackers to cause a denial of service ...)
+CVE-2005-3018
 	NOT-FOR-US: Safari
-CVE-2005-3017 (PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 ...)
+CVE-2005-3017
 	NOT-FOR-US: Content2Web
-CVE-2005-3016 (Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke ...)
+CVE-2005-3016
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3015 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 ...)
+CVE-2005-3015
 	NOT-FOR-US: Lotus Domino
-CVE-2005-3014 (Cross-site scripting (XSS) vulnerability in Ensim webplliance allows ...)
+CVE-2005-3014
 	NOT-FOR-US: Ensim webppliance
-CVE-2005-3013 (Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE ...)
+CVE-2005-3013
 	NOT-FOR-US: YaST
-CVE-2005-3012 (The MasterDataCD::createImage function in masterdatacd.cpp for ...)
+CVE-2005-3012
 	NOT-FOR-US: SimpleCDR-X
-CVE-2005-3011 (The sort_offline function for texindex in texinfo 4.8 and earlier ...)
+CVE-2005-3011
 	{DSA-1219}
 	- texinfo 4.8-1 (bug #328365; low)
 	[sarge] - texinfo <no-dsa> (Minor issue, hardly exploitable)
-CVE-2005-3010 (Direct static code injection vulnerability in the flood protection ...)
+CVE-2005-3010
 	NOT-FOR-US: CuteNews
-CVE-2005-3009 (Cross-site scripting (XSS) vulnerability in CuteNews allows remote ...)
+CVE-2005-3009
 	NOT-FOR-US: CuteNews
-CVE-2005-3008 (Tofu 0.2 allows remote attackers to execute arbitrary Python code via ...)
+CVE-2005-3008
 	NOT-FOR-US: Tofu
-CVE-2005-3007 (Opera before 8.50 allows remote attackers to spoof the content type of ...)
+CVE-2005-3007
 	NOT-FOR-US: Opera
-CVE-2005-3006 (The mail client in Opera before 8.50 opens attached files from the ...)
+CVE-2005-3006
 	NOT-FOR-US: Opera
-CVE-2005-3005 (Helpdesk Software Hesk allows remote attackers to bypass ...)
+CVE-2005-3005
 	NOT-FOR-US: Helpdesk Software Hesk
-CVE-2005-3004 (SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote ...)
+CVE-2005-3004
 	NOT-FOR-US: Interakt MX Shop
-CVE-2005-3003 (SQL injection vulnerability in index.php in NooTopList 1.0.0 release ...)
+CVE-2005-3003
 	NOT-FOR-US: NooTopList
-CVE-2005-3002 (Multi-Computer Control System (MCCS) 1.0 allows remote attackers to ...)
+CVE-2005-3002
 	NOT-FOR-US: Multi-Computer Control System
-CVE-2005-3001 (Unspecified vulnerability in the &quot;tl&quot; driver in Solaris 10 allows ...)
+CVE-2005-3001
 	NOT-FOR-US: Solaris
-CVE-2005-3000 (Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php ...)
+CVE-2005-3000
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2999 (PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain ...)
+CVE-2005-2999
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2998 (PHP Advanced Transfer Manager 1.30 has a default password for the ...)
+CVE-2005-2998
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2997 (Multiple directory traversal vulnerabilities in PHP Advanced Transfer ...)
+CVE-2005-2997
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2996 (Multiple heap-based and stack-based buffer overflows in certain DCOM ...)
+CVE-2005-2996
 	NOT-FOR-US: VERITAS storage solutions
-CVE-2005-2995 (bacula 1.36.3 and earlier allows local users to modify or read ...)
+CVE-2005-2995
 	- bacula 1.38.9-1 (bug #329271; low)
 	NOTE: Sarge affected, didn't exist in Woody
-CVE-2005-2994 (Unspecified vulnerability in the web client for IBM Rational ...)
+CVE-2005-2994
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2005-2993 (Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX ...)
+CVE-2005-2993
 	NOT-FOR-US: HP Tru64
-CVE-2005-2991 (ncompress 4.2.4 and earlier allows local users to overwrite arbitrary ...)
+CVE-2005-2991
 	- ncompress <not-affected> (bug #329052; unimportant)
 	NOTE: see bug close message,  Debian's ncompress doesn't expose affected scripts
-CVE-2005-2992 (arc 5.21j and earlier allows local users to overwrite arbitrary files ...)
+CVE-2005-2992
 	{DSA-843-1}
 	- arc 5.21m-1 (low)
-CVE-2005-2990 (AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores ...)
+CVE-2005-2990
 	NOT-FOR-US: LineControl Java Client
-CVE-2005-2989 (Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow ...)
+CVE-2005-2989
 	NOT-FOR-US: DeluxeBB
-CVE-2005-2988 (HP LaserJet 2430, and possibly other printers that use Jetdirect ...)
+CVE-2005-2988
 	NOT-FOR-US: HP printers
-CVE-2005-2987 (SQL injection vulnerability in login.php in Digital Scribe 1.4 allows ...)
+CVE-2005-2987
 	NOT-FOR-US: Digital Scribe
-CVE-2005-2986 (The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 ...)
+CVE-2005-2986
 	NOT-FOR-US: AhnLab antivirus and related products
-CVE-2005-2985 (SQL injection vulnerability in search_result.php in AEwebworks ...)
+CVE-2005-2985
 	NOT-FOR-US: aeDating script
-CVE-2005-2984 (Avocent CCM console server running firmware 2.1 CCM4850 allows remote ...)
+CVE-2005-2984
 	NOT-FOR-US: Avocent hardware issue
-CVE-2005-2983 (SQL injection vulnerability in Oracle Reports that use Lexical ...)
+CVE-2005-2983
 	NOT-FOR-US: Oracle
-CVE-2005-2982 (Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 ...)
+CVE-2005-2982
 	NOT-FOR-US: CompaqHTTPServer
-CVE-2005-2981 (Cross-site scripting (XSS) vulnerability in Orion 1.3.8 and 1.4.5 ...)
+CVE-2005-2981
 	NOT-FOR-US: Orion
-CVE-2005-2980 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2005-2980
 	NOT-FOR-US: phpoutsourcing Noah's classifieds
-CVE-2005-2979 (SQL injection vulnerability in index.php in phpoutsourcing Noah's ...)
+CVE-2005-2979
 	NOT-FOR-US: phpoutsourcing Noah's classifieds
-CVE-2005-2978 (pnmtopng in netpbm before 10.25, when using the -trans option, uses ...)
+CVE-2005-2978
 	{DSA-878-1}
 	- netpbm-free 2:10.0-10
-CVE-2005-2977 (The SELinux version of PAM before 0.78 r3 allows local users to ...)
+CVE-2005-2977
 	- pam 0.99.7.1-2 (bug #336344; low)
 	[etch] - pam 0.79-5
 	[sarge] - pam <not-affected> (Does not contain SELinux support)
 	[woody] - pam <not-affected> (Does not contain SELinux support)
-CVE-2005-2976 (Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 ...)
+CVE-2005-2976
 	{DSA-913-1 DSA-911-1}
 	- gdk-pixbuf 0.22.0-11 (bug #339431; medium)
 	- gtk+2.0 2.6.10-2
-CVE-2005-2975 (io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before ...)
+CVE-2005-2975
 	{DSA-913-1 DSA-911-1}
 	- gdk-pixbuf 0.22.0-11 (bug #339431; low)
 	- gtk+2.0 2.6.10-2 (bug #339431; low)
-CVE-2005-2974 (libungif library before 4.1.0 allows attackers to cause a denial of ...)
+CVE-2005-2974
 	{DSA-890-1}
 	- libungif4 4.1.3-4 (bug #337972; unimportant)
 	- giflib 4.1.4-1 (bug #395382; unimportant)
 	NOTE: Just a bug, hardly security implications
-CVE-2005-2973 (The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, ...)
+CVE-2005-2973
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (low)
-CVE-2005-2972 (Multiple stack-based buffer overflows in the RTF import feature in ...)
+CVE-2005-2972
 	{DSA-894-1}
 	- abiword 2.4.1-1 (bug #333740; medium)
-CVE-2005-2971 (Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 ...)
+CVE-2005-2971
 	{DSA-872-1}
 	- koffice 1:1.3.5-5 (bug #333497; medium)
-CVE-2005-2970 (Memory leak in the worker MPM (worker.c) for Apache 2, in certain ...)
+CVE-2005-2970
 	- apache2 2.0.55-1 (bug #340337; low)
 	[sarge] - apache2 2.0.54-5sarge2
 	NOTE: this occurs in the binary package apache2-mpm-worker
-CVE-2005-2969 (The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and ...)
+CVE-2005-2969
 	{DSA-888-1 DSA-882-1 DSA-881-1 DSA-875-1}
 	- openssl 0.9.8-3 (bug #333500; low)
 	- openssl097 0.9.7g-5 (bug #333500; low)
 	- openssl094 <removed>
 	- openssl095 <removed>
 	- openssl096 <removed>
-CVE-2005-2968 (Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary ...)
+CVE-2005-2968
 	{DSA-868-1}
 	- mozilla-firefox <not-affected> (Debian ships a non-vulnerable wrapper script)
 	- mozilla <not-affected> (Debian ships a non-vulnerable wrapper script)
 	- mozilla-thunderbird 1.0.6-4 (bug #329667; bug #329664; high)
-CVE-2005-2967 (Format string vulnerability in input_cdda.c in xine-lib 1-beta through ...)
+CVE-2005-2967
 	{DSA-863-1}
 	- xine-lib 1.0.1-1.4 (bug #332919; bug #333682; medium)
 CVE-2005-2965
 	REJECTED
-CVE-2005-2964 (Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers ...)
+CVE-2005-2964
 	{DSA-894-1}
 	- abiword 2.2.10-1 (bug #329839; medium)
-CVE-2005-2963 (The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with ...)
+CVE-2005-2963
 	{DSA-844-1}
 	- mod-auth-shadow 1.4-2 (bug #323789; medium)
-CVE-2005-2962 (The post-installation script for ntlmaps before 0.9.9 sets ...)
+CVE-2005-2962
 	{DSA-830-1}
 	- ntlmaps 0.9.9-4
-CVE-2005-2961 (Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 ...)
+CVE-2005-2961
 	{DSA-834-1}
 	NOTE: prozilla is not in sarge or etch
-CVE-2005-2960 (cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary ...)
+CVE-2005-2960
 	{DSA-836-1 DSA-835-1}
 	- cfengine <removed> (bug #332433; low)
 	- cfengine2 2.1.17-1 (bug #332432; low)
 	NOTE: maintainer does not think it's a hole, script is unused/broken
-CVE-2005-2959 (Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows ...)
+CVE-2005-2959
 	{DSA-870-1}
 	- sudo 1.6.8p9-3 (medium)
-CVE-2005-2958 (Multiple format string vulnerabilities in the GNOME Data Access ...)
+CVE-2005-2958
 	{DSA-871-1}
 	- libgda2 1.2.2-1 (medium)
-CVE-2005-2957 (Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 ...)
+CVE-2005-2957
 	NOT-FOR-US: AVIRA Desktop
-CVE-2005-2956 (ATutor 1.5.1, and possibly earlier versions, stores temporary chat ...)
+CVE-2005-2956
 	NOT-FOR-US: ATutor
-CVE-2005-2955 (config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an ...)
+CVE-2005-2955
 	NOT-FOR-US: ATutor
-CVE-2005-2954 (SQL injection vulnerability in password_reminder.php in ATutor before ...)
+CVE-2005-2954
 	NOT-FOR-US: ATutor
-CVE-2005-2953 (Cross-site scripting (XSS) vulnerability in merchant.mvc in MIVA ...)
+CVE-2005-2953
 	NOT-FOR-US: MIVA Merchant
-CVE-2005-2952 (Directory traversal vulnerability in s.pl in Subscribe Me Pro ...)
+CVE-2005-2952
 	NOT-FOR-US: Subscribe Me Pro
-CVE-2005-2951 (Directory traversal vulnerability in security.inc.php in ...)
+CVE-2005-2951
 	NOT-FOR-US: AzDGDating lite
-CVE-2005-2950 (Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through ...)
+CVE-2005-2950
 	NOT-FOR-US: Sawmill
-CVE-2005-2949 (pam_per_user before 0.4 does not verify if the user name changes ...)
+CVE-2005-2949
 	NOT-FOR-US: pam_per_user (not in Debian)
-CVE-2005-2948 (KillProcess 2.20 and earlier allows local users to bypass kill list ...)
+CVE-2005-2948
 	NOT-FOR-US: KillProcess
-CVE-2005-2947 (Buffer overflow in KillProcess 2.20 and earlier allows user-assisted ...)
+CVE-2005-2947
 	NOT-FOR-US: KillProcess
-CVE-2005-2946 (The default configuration on OpenSSL before 0.9.8 uses MD5 for ...)
+CVE-2005-2946
 	- openssl 0.9.8-1 (bug #314465; unimportant)
 	NOTE: MD5 is still good enough for most applications, second preimage attacks
 	NOTE: haven't been presented yet
-CVE-2005-2944 (The perform_file_save function in GNOME Workstation Command Center ...)
+CVE-2005-2944
 	NOT-FOR-US: GNOME Workstation Command Center
-CVE-2005-2943 (Stack-based buffer overflow in sendmail in XMail before 1.22 allows ...)
+CVE-2005-2943
 	{DSA-902-1}
 	- xmail 1.22-1 (bug #333863; medium)
 CVE-2005-2942
 	REJECTED
 CVE-2005-2941
 	RESERVED
-CVE-2005-2940 (Unquoted Windows search path vulnerability in Microsoft Antispyware ...)
+CVE-2005-2940
 	NOT-FOR-US: Microsoft Antispyware
-CVE-2005-2939 (Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 ...)
+CVE-2005-2939
 	NOT-FOR-US: VMWare
-CVE-2005-2938 (Unquoted Windows search path vulnerability in iTunesHelper.exe in ...)
+CVE-2005-2938
 	NOT-FOR-US: iTunes
 CVE-2005-2937
 	REJECTED
-CVE-2005-2936 (Unquoted Windows search path vulnerability in RealNetworks RealPlayer ...)
+CVE-2005-2936
 	NOT-FOR-US: Real Player
-CVE-2005-2935 (Unquoted Windows search path vulnerability in Microsoft AntiSpyware ...)
+CVE-2005-2935
 	NOT-FOR-US: Microsoft AntiSpyware
-CVE-2005-2934 (Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 ...)
+CVE-2005-2934
 	NOT-FOR-US: SCO
-CVE-2005-2933 (Buffer overflow in the mail_valid_net_parse_work function in mail.c ...)
+CVE-2005-2933
 	{DSA-861-1}
 	- uw-imap 7:2002edebian1-12 (medium; bug #332215)
 	- pine 4.64-1 (medium; bug #348407)
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
 	[sarge] - pine <no-dsa> (pine is non-free; doesn't permit distribution of modified binaries)
-CVE-2005-2932 (Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, ...)
+CVE-2005-2932
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm
-CVE-2005-2931 (Format string vulnerability in the SMTP service in IMail Server 8.20 ...)
+CVE-2005-2931
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-2929 (Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote ...)
+CVE-2005-2929
 	- lynx <not-affected> (Debian's default config is not vulnerable)
 CVE-2005-2928
 	RESERVED
-CVE-2005-2927 (Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, ...)
+CVE-2005-2927
 	NOT-FOR-US: SCO Unixware
-CVE-2005-2926 (Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO ...)
+CVE-2005-2926
 	NOT-FOR-US: SCO Unixware
-CVE-2005-2925 (runpriv in SGI IRIX allows local users to bypass intended restrictions ...)
+CVE-2005-2925
 	NOT-FOR-US: IRIX
 CVE-2005-2924
 	RESERVED
-CVE-2005-2923 (The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite ...)
+CVE-2005-2923
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-2922 (Heap-based buffer overflow in the embedded player in multiple ...)
+CVE-2005-2922
 	- helix-player 1.0.7-1 (bug #358754; medium)
 CVE-2005-2921
 	RESERVED
-CVE-2005-2916 (Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions ...)
+CVE-2005-2916
 	NOT-FOR-US: Linksys routers
-CVE-2005-2915 (ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default ...)
+CVE-2005-2915
 	NOT-FOR-US: Linksys routers
-CVE-2005-2914 (ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default ...)
+CVE-2005-2914
 	NOT-FOR-US: Linksys routers
 CVE-2005-2913
 	REJECTED
-CVE-2005-2912 (Linksys WRT54G router allows remote attackers to cause a denial of ...)
+CVE-2005-2912
 	NOT-FOR-US: Linksys routers
 CVE-2005-2911
 	RESERVED
@@ -4713,62 +4713,62 @@ CVE-2005-2906
 	RESERVED
 CVE-2005-2905
 	RESERVED
-CVE-2005-2904 (Zebedee 2.4.1, when &quot;allowed redirection port&quot; is not set, allows ...)
+CVE-2005-2904
 	NOT-FOR-US: Zebedee
-CVE-2005-2903 (Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build ...)
+CVE-2005-2903
 	NOT-FOR-US: NOD32 Anti virus
-CVE-2005-2902 (SQL injection vulnerability in class-1 Forum Software 0.24.4 allows ...)
+CVE-2005-2902
 	NOT-FOR-US: class-1 Forum
-CVE-2005-2901 (Multiple Cross-site scripting (XSS) vulnerabilities in CjWeb2Mail 3.0 ...)
+CVE-2005-2901
 	NOT-FOR-US: CjWeb2Mail
-CVE-2005-2900 (Cross-site scripting (XSS) vulnerability in top.php in CjLinkOut 1.0 ...)
+CVE-2005-2900
 	NOT-FOR-US: CjLinkOut
-CVE-2005-2899 (Multiple cross-site scripting (XSS) vulnerabilities in details.php in ...)
+CVE-2005-2899
 	NOT-FOR-US: CjTagBoard
-CVE-2005-2898 (** DISPUTED ** NOTE: this issue has been disputed by the vendor. ...)
+CVE-2005-2898
 	NOT-FOR-US: Filezilla
-CVE-2005-2897 (WEB//NEWS 1.4 allows remote attackers to obtain sensitive information ...)
+CVE-2005-2897
 	NOT-FOR-US: WEB//NEWS
-CVE-2005-2896 (SQL injection vulnerability in WEB//NEWS 1.4 allows remote attackers ...)
+CVE-2005-2896
 	NOT-FOR-US: WEB//NEWS
-CVE-2005-2895 (setcookie.php in PBLang 4.65, and possibly earlier versions, allows ...)
+CVE-2005-2895
 	NOT-FOR-US: PBLang
-CVE-2005-2894 (Cross-site scripting (XSS) vulnerability in the user registration in ...)
+CVE-2005-2894
 	NOT-FOR-US: PBLang
-CVE-2005-2893 (Direct static code injection vulnerability in setcookie.php in PBLang ...)
+CVE-2005-2893
 	NOT-FOR-US: PBLang
-CVE-2005-2892 (Directory traversal vulnerability in setcookie.php in PBLang 4.65, and ...)
+CVE-2005-2892
 	NOT-FOR-US: PBLang
-CVE-2005-2891 (WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is ...)
+CVE-2005-2891
 	NOT-FOR-US: WebArchiveX
-CVE-2005-2890 (SecureOL VE2 1.05.1008 does not properly restrict public access to ...)
+CVE-2005-2890
 	NOT-FOR-US: SecureOL
-CVE-2005-2889 (Check Point NGX R60 does not properly verify packets against the ...)
+CVE-2005-2889
 	NOT-FOR-US: Check Point
-CVE-2005-2888 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) ...)
+CVE-2005-2888
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2887 (MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote ...)
+CVE-2005-2887
 	NOT-FOR-US: MAXDev MD-Pro
-CVE-2005-2886 (Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro ...)
+CVE-2005-2886
 	NOT-FOR-US: MAXDev MD-Pro
-CVE-2005-2885 (The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier ...)
+CVE-2005-2885
 	NOT-FOR-US: MAXDev MD-Pro
-CVE-2005-2884 (Cross-site scripting (XSS) vulnerability in events.php in Land Down ...)
+CVE-2005-2884
 	NOT-FOR-US: Land Down Under
 CVE-2005-2883
 	REJECTED
-CVE-2005-2882 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-2882
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2005-2881 (phpCommunityCalendar 4.0.3 allows remote attackers to bypass ...)
+CVE-2005-2881
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2005-2880 (Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3, ...)
+CVE-2005-2880
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2005-2879 (Advansysperu Software USB Lock Auto-Protect (AP) 1.5 uses a weak ...)
+CVE-2005-2879
 	NOT-FOR-US: Advansysperu Software USB Lock Auto-Protect
-CVE-2005-2945 (arc 5.21j and earlier create temporary files with world-readable ...)
+CVE-2005-2945
 	{DSA-843-1}
 	- arc 5.21m-1 (bug #329053; low)
-CVE-2005-2917 (Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, ...)
+CVE-2005-2917
 	{DSA-828-1}
 	- squid 2.5.10-7
 	NOTE: Patch was added to -6, but not listed in dpatch's list of patches
@@ -4780,119 +4780,119 @@ CVE-2005-XXXX [mkzopeinstance.py creates world-readable inituser file]
 CVE-2005-XXXX [wine-safe does not prompt the user/is registered in mailcap]
 	- wine 0.0.20050830-1 (bug #327261; bug #327262; low)
 	[sarge] - wine <no-dsa> (Minor issue)
-CVE-2005-2920 (Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before ...)
+CVE-2005-2920
 	{DSA-824-1 DTSA-19-1}
 	- clamav 0.87-1 (bug #328660; bug #329280; medium)
-CVE-2005-2919 (libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote ...)
+CVE-2005-2919
 	{DSA-824-1 DTSA-19-1}
 	- clamav 0.87-1 (bug #328660; medium)
-CVE-2005-2918 (The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and ...)
+CVE-2005-2918
 	{DSA-822-1}
 	- gtkdiskfree 1.9.3-4sarge1 (bug #328566; low)
-CVE-2005-3044 (Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local ...)
+CVE-2005-3044
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-7 (medium)
 	- kernel-source-2.4.27 <not-affected> (code is vulnerable but there is no amd64 for 2.4 in Sarge)
-CVE-2005-2877 (The history (revision control) function in TWiki 02-Sep-2004 and ...)
+CVE-2005-2877
 	NOTE: proactively fixed by the robustness patch
 	- twiki 20040902-2
-CVE-2005-2876 (umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other ...)
+CVE-2005-2876
 	{DSA-825-1 DSA-823-1}
 	- util-linux 2.12p-8 (bug #328141; bug #329063; medium)
 	- loop-aes-utils 2.12p-9 (bug #328626; medium)
-CVE-2005-2875 (Py2Play allows remote attackers to execute arbitrary Python code via ...)
+CVE-2005-2875
 	{DSA-856-1}
 	- py2play 0.1.8-1 (bug #326976; medium)
-CVE-2005-2874 (The is_path_absolute function in scheduler/client.c for the daemon in ...)
+CVE-2005-2874
 	- cups 1.1.23-1
 	- cupsys 1.1.23-1
-CVE-2005-2871 (Buffer overflow in the International Domain Name (IDN) support in ...)
+CVE-2005-2871
 	{DSA-868-1 DSA-866-1 DSA-837-1}
 	- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; bug #327366; medium)
 	- mozilla 2:1.7.12-1 (bug #327455; medium)
 	- mozilla-thunderbird 1.0.7-1
 	NOTE: epiphany-browser is apparently fixed fix the mozilla
 	NOTE: upload; see bug #327366
-CVE-2005-2930 (Stack-based buffer overflow in the _chm_find_in_PMGL function in ...)
+CVE-2005-2930
 	{DSA-886-1}
 	- chmlib 0.36-1 (bug #327431; medium)
 CVE-2005-2802
 	REJECTED
-CVE-2005-2878 (Format string vulnerability in search.c in the imap4d server in GNU ...)
+CVE-2005-2878
 	{DSA-841-1 DTSA-20-1}
 	- mailutils 1:0.6.90-3 (bug #327424; high)
-CVE-2005-2870 (Unknown vulnerability in the net-svc script on Solaris 10 allows ...)
+CVE-2005-2870
 	NOT-FOR-US: Solaris
-CVE-2005-2869 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2005-2869
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl1-1 (bug #327345; bug #328501; medium)
-CVE-2005-2868 (ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the ...)
+CVE-2005-2868
 	NOT-FOR-US: ZipTorrent
-CVE-2005-2867 (SQL injection vulnerability in BlueWhaleCRM allows remote attackers to ...)
+CVE-2005-2867
 	NOT-FOR-US: BlueWhaleCRM
-CVE-2005-2866 (Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in ...)
+CVE-2005-2866
 	NOT-FOR-US: Mercora IMRadio
-CVE-2005-2865 (Multiple PHP remote file inclusion vulnerabilities in aMember Pro ...)
+CVE-2005-2865
 	NOT-FOR-US: aMember Pro
-CVE-2005-2864 (URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a ...)
+CVE-2005-2864
 	NOT-FOR-US: URBAN
-CVE-2005-2863 (Cross-site scripting (XSS) vulnerability in openwebmail-main.pl in ...)
+CVE-2005-2863
 	NOT-FOR-US: OpenWebmail
-CVE-2005-2862 (ADSL Road Runner modem in the Annex A family has a service running on ...)
+CVE-2005-2862
 	NOT-FOR-US: ADSL hardware
-CVE-2005-2861 (Cross-site scripting (XSS) vulnerability in N-Stealth Commercial ...)
+CVE-2005-2861
 	NOT-FOR-US: N-Stealth
-CVE-2005-2860 (Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier ...)
+CVE-2005-2860
 	- nikto 1.35-1.1 (bug #327339; medium)
-CVE-2005-2859 (Savant Web Server stores user credentials in plaintext in the ...)
+CVE-2005-2859
 	NOT-FOR-US: Savant Web Server
-CVE-2005-2858 (The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol ...)
+CVE-2005-2858
 	NOT-FOR-US: Rediff BOL)
-CVE-2005-2857 (Free SMTP Server 2.2 allows remote attackers to use the server as an ...)
+CVE-2005-2857
 	NOT-FOR-US: Free SMTP Server
-CVE-2005-2856 (Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party ...)
+CVE-2005-2856
 	NOT-FOR-US: ALZip
-CVE-2005-2855 (Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard ...)
+CVE-2005-2855
 	NOT-FOR-US: Unclassified Newsboard
-CVE-2005-2854 (CRLF injection vulnerability in thesitewizard.com chfeedback.pl ...)
+CVE-2005-2854
 	NOT-FOR-US: thesitewizard.com chfeedback.pl
-CVE-2005-2853 (Multiple cross-site scripting (XSS) vulnerabilities in GuppY 4.5.3a ...)
+CVE-2005-2853
 	NOT-FOR-US: GuppY
-CVE-2005-2852 (Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, ...)
+CVE-2005-2852
 	NOT-FOR-US: Novell Netware
-CVE-2005-2851 (smb4k 0.4 and other versions before 0.6.3 allows local users to read ...)
+CVE-2005-2851
 	{DTSA-25-1}
 	- smb4k 0.6.4-1 (bug #337471; medium)
 	NOTE: fix in 0.6.3-1 was incomplete according to maintainer
-CVE-2005-2850 (SlimFTPd 3.17 allows remote attackers to cause a denial of service ...)
+CVE-2005-2850
 	NOT-FOR-US: SlimFTPD
-CVE-2005-2849 (Argument injection vulnerability in Barracuda Spam Firewall running ...)
+CVE-2005-2849
 	NOT-FOR-US: Barracuda antispam solution
-CVE-2005-2848 (Directory traversal vulnerability in img.pl in Barracuda Spam Firewall ...)
+CVE-2005-2848
 	NOT-FOR-US: Barracuda antispam solution
-CVE-2005-2847 (img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 ...)
+CVE-2005-2847
 	NOT-FOR-US: Barracuda antispam solution
-CVE-2005-2846 (PHP remote file inclusion vulnerability in lang.php in CMS Made Simple ...)
+CVE-2005-2846
 	NOT-FOR-US: CMS Made Simple
-CVE-2005-2845 (Ariba Spend Management System sends the username and password to the ...)
+CVE-2005-2845
 	NOT-FOR-US: Ariba Spend Management System
-CVE-2005-2844 (Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows ...)
+CVE-2005-2844
 	NOT-FOR-US: Indiatimes Messenger
-CVE-2005-2843 (Helpdesk software Hesk 0.92 does not properly verify usernames and ...)
+CVE-2005-2843
 	NOT-FOR-US: Hesk
-CVE-2005-2842 (Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before ...)
+CVE-2005-2842
 	NOT-FOR-US: DameWare Mini
-CVE-2005-2841 (Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet ...)
+CVE-2005-2841
 	NOT-FOR-US: IOS
-CVE-2005-2840 (Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier ...)
+CVE-2005-2840
 	NOT-FOR-US: MAXdev
-CVE-2005-2839 (Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro ...)
+CVE-2005-2839
 	NOT-FOR-US: MAXdev
-CVE-2005-2838 (SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and ...)
+CVE-2005-2838
 	NOT-FOR-US: myBloggie
-CVE-2005-2837 (Multiple eval injection vulnerabilities in PlainBlack Software WebGUI ...)
+CVE-2005-2837
 	NOT-FOR-US: WebGUI
-CVE-2005-2836 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 5.0.17a ...)
+CVE-2005-2836
 	NOT-FOR-US: Phorum
 CVE-2005-2835
 	RESERVED
@@ -4902,15 +4902,15 @@ CVE-2005-2833
 	RESERVED
 CVE-2005-2832
 	RESERVED
-CVE-2005-2831 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers ...)
+CVE-2005-2831
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-2830 (Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS ...)
+CVE-2005-2830
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-2829 (Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 ...)
+CVE-2005-2829
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2005-2828
 	RESERVED
-CVE-2005-2827 (The thread termination routine in the kernel for Windows NT 4.0 and ...)
+CVE-2005-2827
 	NOT-FOR-US: Windows NT
 CVE-2005-2826
 	RESERVED
@@ -4924,423 +4924,423 @@ CVE-2005-2822
 	RESERVED
 CVE-2005-2821
 	RESERVED
-CVE-2005-2820 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows ...)
+CVE-2005-2820
 	{DSA-820-1}
 	- courier 0.47-9 (bug #327181; medium)
-CVE-2005-2819 (DownFile 1.3 allows remote attackers to gain administrator privileges ...)
+CVE-2005-2819
 	NOT-FOR-US: DownFile
-CVE-2005-2818 (Cross-site scripting (XSS) vulnerability in DownFile 1.3 allows remote ...)
+CVE-2005-2818
 	NOT-FOR-US: DownFile
-CVE-2005-2817 (Simple Machines Forum (SMF) 1-0-5 and earlier supports the use of URLs ...)
+CVE-2005-2817
 	NOT-FOR-US: Simple Machines Forum
-CVE-2005-2816 (Cross-site scripting (XSS) vulnerability in Greymatter allows remote ...)
+CVE-2005-2816
 	NOT-FOR-US: Greymatter
-CVE-2005-2815 (print.php in FlatNuke 2.5.6 allows remote attackers to obtain ...)
+CVE-2005-2815
 	NOT-FOR-US: FlatNuke
-CVE-2005-2814 (Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows ...)
+CVE-2005-2814
 	NOT-FOR-US: FlatNuke
-CVE-2005-2813 (Directory traversal vulnerability in FlatNuke 2.5.6 and possibly ...)
+CVE-2005-2813
 	NOT-FOR-US: FlatNuke
-CVE-2005-2812 (man2web allows remote attackers to execute arbitrary commands via -P ...)
+CVE-2005-2812
 	NOT-FOR-US: man2web
-CVE-2005-2811 (Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, ...)
+CVE-2005-2811
 	- net-snmp <not-affected> (Gentoo Portage specific configuration flaw)
-CVE-2005-2810 (Multiple stack-based buffer overflows in urban before 1.5.3 allow ...)
+CVE-2005-2810
 	NOT-FOR-US: urban game
-CVE-2005-2809 (silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 ...)
+CVE-2005-2809
 	NOT-FOR-US: silc daemon
-CVE-2005-2808 (frox 0.7.16 and 0.7.17 does not properly parse certain Deny ACLs, ...)
+CVE-2005-2808
 	- frox 0.7.18-1 (medium)
-CVE-2005-2807 (frox 0.7.18, when running setuid root, does not properly drop ...)
+CVE-2005-2807
 	- frox <not-affected> (does not run setuid root in the Debian package)
-CVE-2005-2806 (client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows ...)
+CVE-2005-2806
 	NOT-FOR-US: BNBT EasyTracker
-CVE-2005-2805 (forum_post.php in e107 0.6 allows remote attackers to post to ...)
+CVE-2005-2805
 	NOT-FOR-US: e107
-CVE-2005-2804 (Integer overflow in the registry parsing code in GroupWise 6.5.3, and ...)
+CVE-2005-2804
 	NOT-FOR-US: GroupWise
-CVE-2005-2803 (Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows ...)
+CVE-2005-2803
 	[sarge] - hiki <not-affected> (code not present in sarge)
 	- hiki 0.8.3-1
-CVE-2005-2800 (Memory leak in the seq_file implementation in the SCSI procfs ...)
+CVE-2005-2800
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-6 (low)
 	- kernel-source-2.4.27 <not-affected> (seq_file introduced in 2.6)
-CVE-2005-2799 (Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and ...)
+CVE-2005-2799
 	NOT-FOR-US: Linksys routers
-CVE-2005-2798 (sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, ...)
+CVE-2005-2798
 	- openssh 1:4.2p1-1 (bug #326065; unimportant)
 	NOTE: Not enabled in the binary build, see #326065
 	- openssh-krb5 <removed> (bug #327233; medium)
 	[sarge] - openssh-krb5 <no-dsa> (Intended bahaviour, see #327233)
-CVE-2005-2797 (OpenSSH 4.0, and other versions before 4.2, does not properly handle ...)
+CVE-2005-2797
 	- openssh 1:4.2p1-1 (bug #326065; unimportant)
 	NOTE: GSSAPI features not activated in binary builds
-CVE-2005-2796 (The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and ...)
+CVE-2005-2796
 	{DSA-809-1}
 	- squid 2.5.10-5 (medium)
 CVE-2005-2795
 	RESERVED
-CVE-2005-2794 (store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to ...)
+CVE-2005-2794
 	{DSA-809-3 DSA-809-1}
 	- squid 2.5.10-5 (medium)
-CVE-2005-2793 (PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin ...)
+CVE-2005-2793
 	[sarge] - phpldapadmin <not-affected> (code not present in sarge)
 	- phpldapadmin 0.9.6c-7 (bug #325785; medium)
 	- egroupware <not-affected> (copy included is older and not vulnerable; bug #339583)
-CVE-2005-2792 (Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 ...)
+CVE-2005-2792
 	[sarge] - phpldapadmin <not-affected> (code not present in sarge)
 	- phpldapadmin 0.9.6c-7 (bug #325785; medium)
 	- egroupware <not-affected> (copy included is older and not vulnerable; bug #339583)
-CVE-2005-2791 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, and BFVCC ...)
+CVE-2005-2791
 	NOT-FOR-US: BFCC
-CVE-2005-2790 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, and BFVCC ...)
+CVE-2005-2790
 	NOT-FOR-US: BFCC
-CVE-2005-2789 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, and BFVCC ...)
+CVE-2005-2789
 	NOT-FOR-US: BFCC
-CVE-2005-2788 (Multiple SQL injection vulnerabilities in Land Down Under (LDU) 801 ...)
+CVE-2005-2788
 	NOT-FOR-US: Land Down Under
-CVE-2005-2787 (comment_delete_cgi.php in Simple PHP Blog allows remote attackers to ...)
+CVE-2005-2787
 	NOT-FOR-US: Simple PHP Blog
-CVE-2005-2786 (Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop ...)
+CVE-2005-2786
 	NOT-FOR-US: cosmoshop
-CVE-2005-2785 (cosmoshop 8.10.78 and earlier stores passwords in plaintext in the ...)
+CVE-2005-2785
 	NOT-FOR-US: cosmoshop
-CVE-2005-2784 (SQL injection vulnerability in the login function for the ...)
+CVE-2005-2784
 	NOT-FOR-US: cosmoshop
-CVE-2005-2783 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and ...)
+CVE-2005-2783
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2782 (PHP remote file inclusion vulnerability in al_initialize.php for ...)
+CVE-2005-2782
 	NOT-FOR-US: AutoLinks Pro
-CVE-2005-2781 (The Avatar upload feature in FUD Forum before 2.7.0 does not properly ...)
+CVE-2005-2781
 	{DSA-1063-1}
 	- phpgroupware 0.9.16.009-1 (bug #340094; medium)
 	- egroupware 1.0.0.009.dfsg-3-4 (bug #340495; medium)
 	[woody] - phpgroupware <not-affected> (fudforum not included until 0.9.16)
 	NOTE: Sarge affected, woody isn't
-CVE-2005-2780 (Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) ...)
+CVE-2005-2780
 	NOT-FOR-US: Land Down Under
-CVE-2005-2779 (The iTAN Online-Banking Security System allows remote attackers to ...)
+CVE-2005-2779
 	NOT-FOR-US: iTAN
-CVE-2005-2778 (SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) ...)
+CVE-2005-2778
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2777 (Looking Glass 20040427 allows remote attackers to execute arbitrary ...)
+CVE-2005-2777
 	NOT-FOR-US: Looking Glass
-CVE-2005-2776 (Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass ...)
+CVE-2005-2776
 	NOT-FOR-US: Looking Glass
-CVE-2005-2775 (php_api.php in phpWebNotes 2.0.0 uses the extract function to modify ...)
+CVE-2005-2775
 	NOT-FOR-US: Looking Glass
-CVE-2005-2774 (Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows ...)
+CVE-2005-2774
 	NOT-FOR-US: Litium Quake mod
-CVE-2005-2773 (HP OpenView Network Node Manager 6.2 through 7.50 allows remote ...)
+CVE-2005-2773
 	NOT-FOR-US: HP OpenView
-CVE-2005-2772 (Multiple stack-based buffer overflows in University of Minnesota ...)
+CVE-2005-2772
 	{DSA-832-1}
 	- gopher 3.0.11 (bug #327722; high)
-CVE-2005-2771 (WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as ...)
+CVE-2005-2771
 	NOT-FOR-US: Reflection for Secure IT
-CVE-2005-2770 (WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as ...)
+CVE-2005-2770
 	NOT-FOR-US: Reflection for Secure IT
-CVE-2005-2769 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and ...)
+CVE-2005-2769
 	{DSA-820-1}
 	- courier 0.47-9 (bug #327727; medium)
-CVE-2005-2768 (Heap-based buffer overflow in the Sophos Antivirus Library, as used by ...)
+CVE-2005-2768
 	NOT-FOR-US: Sophos AntiVirus
-CVE-2005-2767 (Buffer overflow in LeapFTP allows remote attackers to execute ...)
+CVE-2005-2767
 	NOT-FOR-US: LeapFTP
 CVE-2005-XXXX [Four potentially DoS exploitable deadlocks and leaks in kernel 2.6]
 	- linux-2.6 2.6.12-6 (low)
-CVE-2005-2766 (Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly ...)
+CVE-2005-2766
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2005-2765 (The user interface in the Windows Firewall does not properly display ...)
+CVE-2005-2765
 	NOT-FOR-US: Microsoft Windows
-CVE-2005-2764 (Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to ...)
+CVE-2005-2764
 	NOT-FOR-US: OpenTTD
-CVE-2005-2763 (Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow ...)
+CVE-2005-2763
 	NOT-FOR-US: OpenTTD
-CVE-2005-2762 (Avaya VPNRemote before 4.2.33 stores credentials in cleartext in ...)
+CVE-2005-2762
 	NOT-FOR-US: VPNRemote
 CVE-2005-2760
 	RESERVED
-CVE-2005-2759 (** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton ...)
+CVE-2005-2759
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-2758 (Integer signedness error in the administrative interface for Symantec ...)
+CVE-2005-2758
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-2757 (Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X ...)
+CVE-2005-2757
 	NOT-FOR-US: Mac OS X
-CVE-2005-2756 (Apple QuickTime before 7.0.3 allows user-assisted attackers to ...)
+CVE-2005-2756
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2755 (Apple QuickTime Player before 7.0.3 allows user-assisted attackers to ...)
+CVE-2005-2755
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2754 (Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted ...)
+CVE-2005-2754
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2753 (Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted ...)
+CVE-2005-2753
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2752 (An unspecified kernel interface in Mac OS X 10.4.2 and earlier does ...)
+CVE-2005-2752
 	NOT-FOR-US: Mac OS X
-CVE-2005-2751 (memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not ...)
+CVE-2005-2751
 	NOT-FOR-US: Mac OS X
-CVE-2005-2750 (Software Update in Mac OS X 10.4.2, when the user marks all updates to ...)
+CVE-2005-2750
 	NOT-FOR-US: Mac OS X
-CVE-2005-2749 (Unspecified vulnerability in the Finder Get Info window for Mac OS X ...)
+CVE-2005-2749
 	NOT-FOR-US: Mac OS X
-CVE-2005-2748 (The malloc function in the libSystem library in Apple Mac OS X 10.3.9 ...)
+CVE-2005-2748
 	NOT-FOR-US: Mac OS X
-CVE-2005-2747 (Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by ...)
+CVE-2005-2747
 	NOT-FOR-US: Mac OS X
-CVE-2005-2746 (Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message ...)
+CVE-2005-2746
 	NOT-FOR-US: Mac OS X
-CVE-2005-2745 (Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for ...)
+CVE-2005-2745
 	NOT-FOR-US: Mac OS X
-CVE-2005-2744 (Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, ...)
+CVE-2005-2744
 	NOT-FOR-US: Mac OS X
-CVE-2005-2743 (The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X ...)
+CVE-2005-2743
 	NOT-FOR-US: Mac OS X
-CVE-2005-2742 (SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, ...)
+CVE-2005-2742
 	NOT-FOR-US: Mac OS X
-CVE-2005-2741 (Authorization Services in securityd for Apple Mac OS X 10.3.9 allows ...)
+CVE-2005-2741
 	NOT-FOR-US: Mac OS X
 CVE-2005-2740
 	REJECTED
-CVE-2005-2739 (Keychain Access in Mac OS X 10.4.2 and earlier keeps a password ...)
+CVE-2005-2739
 	NOT-FOR-US: Mac OS X
-CVE-2005-2738 (Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple ...)
+CVE-2005-2738
 	NOT-FOR-US: Java / Apple
-CVE-2005-2737 (Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 ...)
+CVE-2005-2737
 	NOT-FOR-US: PhotoPost
-CVE-2005-2736 (Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier ...)
+CVE-2005-2736
 	NOT-FOR-US: YaPig
-CVE-2005-2735 (Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and ...)
+CVE-2005-2735
 	NOT-FOR-US: phpGraphy
-CVE-2005-2734 (Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and ...)
+CVE-2005-2734
 	{DSA-1148-1}
 	- gallery 1.5-2 (bug #325285; medium)
-CVE-2005-2733 (upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly ...)
+CVE-2005-2733
 	NOT-FOR-US: Simple PHP Blog
-CVE-2005-2732 (AWStats 6.4, and possibly earlier versions, allows remote attackers to ...)
+CVE-2005-2732
 	NOTE: path disclosure, so not very important on debian systems
 	NOTE: unreproducible according to bug #327729
-CVE-2005-2731 (Directory traversal vulnerability in Astaro Security Linux 6.0, when ...)
+CVE-2005-2731
 	NOT-FOR-US: Astato specific
-CVE-2005-2730 (The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to ...)
+CVE-2005-2730
 	NOT-FOR-US: Astato specific
-CVE-2005-2729 (The HTTP proxy in Astaro Security Linux 6.0 does not properly filter ...)
+CVE-2005-2729
 	NOT-FOR-US: Astato specific
-CVE-2005-2728 (The byte-range filter in Apache 2.0 before 2.0.54 allows remote ...)
+CVE-2005-2728
 	{DSA-805-1}
 	NOTE: The CVE description is wrong, this has been merged for 2.0.55
 	- apache2 2.0.54-5 (bug #326435; medium)
-CVE-2005-2727 (Home Ftp Server 1.0.7 stores sensitive user information and server ...)
+CVE-2005-2727
 	NOT-FOR-US: Home Ftp Server
-CVE-2005-2726 (Directory traversal vulnerability in Home Ftp Server 1.0.7 allows ...)
+CVE-2005-2726
 	NOT-FOR-US: Home Ftp Server
-CVE-2005-2725 (The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier ...)
+CVE-2005-2725
 	NOT-FOR-US: QNX
-CVE-2005-2723 (SQL injection vulnerability in auth.php in PaFileDB 3.1, when ...)
+CVE-2005-2723
 	NOT-FOR-US: PaFileDB
-CVE-2005-2722 (Foojan PHP Weblog allows remote attackers to obtain sensitive ...)
+CVE-2005-2722
 	NOT-FOR-US: Foojan PHP Weblog
-CVE-2005-2721 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php ...)
+CVE-2005-2721
 	NOT-FOR-US: Foojan PHP Weblog
-CVE-2005-2720 (Stack-based buffer overflow in the ACE archive decompression library ...)
+CVE-2005-2720
 	NOT-FOR-US: HAURI Antivirus
-CVE-2005-2719 (Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial ...)
+CVE-2005-2719
 	NOT-FOR-US: Ventrilo
-CVE-2005-2718 (Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows ...)
+CVE-2005-2718
 	NOT-FOR-US: MPlayer
-CVE-2005-2717 (PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 ...)
+CVE-2005-2717
 	{DSA-799-1}
 	- webcalendar 0.9.45-7 (bug #326223; medium)
-CVE-2005-2715 (Format string vulnerability in the Java user interface service ...)
+CVE-2005-2715
 	NOT-FOR-US: VERITAS NetBackup Data and Business Center
-CVE-2005-2714 (passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and ...)
+CVE-2005-2714
 	NOT-FOR-US: Apple
-CVE-2005-2713 (passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and ...)
+CVE-2005-2713
 	NOT-FOR-US: Apple
-CVE-2005-2712 (The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, ...)
+CVE-2005-2712
 	NOT-FOR-US: IBM
-CVE-2005-2711 (ISS BlackIce 3.6, as used in multiple products including BlackICE PC ...)
+CVE-2005-2711
 	NOT-FOR-US: ISS
-CVE-2005-2710 (Format string vulnerability in Real HelixPlayer and RealPlayer 10 ...)
+CVE-2005-2710
 	{DSA-826-1}
 	NOTE: see  http://www.open-security.org/advisories/13
 	- helix-player 1.0.6-1 (bug #330364; high)
-CVE-2005-2709 (The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 ...)
+CVE-2005-2709
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-3
-CVE-2005-2708 (The search_binary_handler function in exec.c in Linux 2.4 kernel on ...)
+CVE-2005-2708
 	- kernel-source-2.4.27 <not-affected> (amd64/2.4 not supported)
-CVE-2005-2707 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
+CVE-2005-2707
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2706 (Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote ...)
+CVE-2005-2706
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2705 (Integer overflow in the JavaScript engine in Firefox before 1.0.7 and ...)
+CVE-2005-2705
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2704 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
+CVE-2005-2704
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2703 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
+CVE-2005-2703
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2702 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
+CVE-2005-2702
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2701 (Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite ...)
+CVE-2005-2701
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (bug #329778; medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using ...)
+CVE-2005-2700
 	{DSA-807-1 DSA-805-1}
 	- libapache-mod-ssl 2.8.24-1 (medium)
 	- apache2 2.0.54-5 (bug #327210; medium)
-CVE-2005-2699 (Unrestricted file upload vulnerability in admin/admin.php in PHPKit ...)
+CVE-2005-2699
 	NOT-FOR-US: PHPKit
-CVE-2005-2698 (Cross-site scripting (XSS) vulnerability in browse.php in Nephp ...)
+CVE-2005-2698
 	NOT-FOR-US: Nephp Publisher Enterprise
-CVE-2005-2697 (SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) ...)
+CVE-2005-2697
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2696 (IBM Lotus Notes does not properly restrict access to password hashes ...)
+CVE-2005-2696
 	NOT-FOR-US: Notes
-CVE-2005-2695 (Unspecified vulnerability in the SSL certificate checking ...)
+CVE-2005-2695
 	NOT-FOR-US: Cisco
-CVE-2005-2694 (Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, ...)
+CVE-2005-2694
 	NOT-FOR-US: WinAce
-CVE-2005-2724 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows ...)
+CVE-2005-2724
 	{DSA-793-1}
 	- courier 0.47-8 (medium; bug #325631)
-CVE-2005-2801 (xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 ...)
+CVE-2005-2801
 	{DSA-922-1 DSA-921-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
-CVE-2005-2873 (The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and ...)
+CVE-2005-2873
 	[sarge] - kernel-source-2.4.27 <no-dsa> (Unfixable design issues)
 	[sarge] - kernel-source-2.6.8 <no-dsa> (Unfixable design issues)
 	- kernel-source-2.6.8 <unfixed> (bug #332231; low)
 	- linux-2.6 2.6.18-1 (bug #332381; low)
 	NOTE: Dave Miller didn't like the proposed fix and considers a complete rewrite
 	NOTE: of ipt_recent the best solution, which seems to occur soon
-CVE-2005-2872 (The ipt_recent kernel module (ipt_recent.c) in Linux kernel before ...)
+CVE-2005-2872
 	{DSA-922-1 DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (bug #322237; medium)
 	- linux-2.6 2.6.12-1
-CVE-2005-2761 (Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 ...)
+CVE-2005-2761
 	{DSA-798-1}
 	- phpgroupware 0.9.16.008-1
-CVE-2005-2716 (The event_pin_code_request function in the btsrv daemon (btsrv.c) in ...)
+CVE-2005-2716
 	{DSA-796-1}
 	- affix 2.1.2-3 (bug #325444; medium)
 CVE-2005-XXXX [Insecure tempfile usage in tleds]
 	- tleds 1.05beta10-9 (bug #276789; low)
-CVE-2005-2693 (cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, ...)
+CVE-2005-2693
 	{DSA-806-1 DSA-802-1}
 	NOTE: cvsbug was removed from the cvs binary package in 1:1.11.5-4.
 	NOTE: The copy in the cvs source package was fixed in 1:1.12.9-15.
 	- cvs 1:1.11.5-4 (bug #325106; low)
 	- gcvs 1.0final-8 (bug #324969; low)
-CVE-2005-2692 (Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow ...)
+CVE-2005-2692
 	NOT-FOR-US: RunCMS
-CVE-2005-2691 (includes/common.php in RunCMS 1.2 and earlier calls the extract ...)
+CVE-2005-2691
 	NOT-FOR-US: RunCMS
-CVE-2005-2690 (SQL injection vulnerability in the Downloads module in PostNuke ...)
+CVE-2005-2690
 	NOT-FOR-US: PostNuke
-CVE-2005-2689 (Multiple cross-site scripting (XSS) vulnerabilities in PostNuke ...)
+CVE-2005-2689
 	NOT-FOR-US: PostNuke
-CVE-2005-2688 (Multiple cross-site scripting (XSS) vulnerabilities in SaveWebPortal ...)
+CVE-2005-2688
 	NOT-FOR-US: SaveWebPortal
-CVE-2005-2687 (PHP remote file inclusion vulnerability in SaveWebPortal 3.4 allows ...)
+CVE-2005-2687
 	NOT-FOR-US: SaveWebPortal
-CVE-2005-2686 (Directory traversal vulnerability in SaveWebPortal 3.4 allows remote ...)
+CVE-2005-2686
 	NOT-FOR-US: SaveWebPortal
-CVE-2005-2685 (SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP ...)
+CVE-2005-2685
 	NOT-FOR-US: SaveWebPortal
 CVE-2005-XXXX [Insecure temp files in firehol]
 	- firehol 1.231-4 (unimportant)
 	NOTE: Only exploitable inside modified binary installation
-CVE-2005-2684 (nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to ...)
+CVE-2005-2684
 	NOT-FOR-US: Virtual Edge Netquery
-CVE-2005-2683 (Multiple SQL injection vulnerabilities in PHPKit 1.6.1 allow remote ...)
+CVE-2005-2683
 	NOT-FOR-US: PHPKit
-CVE-2005-2682 (aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before ...)
+CVE-2005-2682
 	NOT-FOR-US: DTLink AreaEdit
-CVE-2005-2681 (Unspecified vulnerability in the command line processing (CLI) logic ...)
+CVE-2005-2681
 	NOT-FOR-US: Cisco
-CVE-2005-2680 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP4, when ...)
+CVE-2005-2680
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2005-2679 (Buffer overflow in Sysinternals Process Explorer 9.23, and other ...)
+CVE-2005-2679
 	NOT-FOR-US: Sysinternals Process Explorer
-CVE-2005-2678 (Microsoft IIS 5.1 and 6 allows remote attackers to spoof the ...)
+CVE-2005-2678
 	NOT-FOR-US: MSIE
-CVE-2005-2677 (ACNews stores the database in a file under the web document root with ...)
+CVE-2005-2677
 	NOT-FOR-US: ACNews
-CVE-2005-2676 (Cross-site scripting (XSS) vulnerability in displayimage.php in ...)
+CVE-2005-2676
 	NOT-FOR-US: Coppermine
-CVE-2005-2675 (** DISPUTED ** Note: the vendor has disputed this issue. ...)
+CVE-2005-2675
 	NOT-FOR-US: Land Down Under
-CVE-2005-2674 (** DISPUTED ** Note: the vendor has disputed this issue. ...)
+CVE-2005-2674
 	NOT-FOR-US: Land Down Under
-CVE-2005-2673 (SQL injection vulnerability in modcp.php in WoltLab Burning Board ...)
+CVE-2005-2673
 	NOT-FOR-US: Burning Board
 CVE-2005-2671
 	REJECTED
-CVE-2005-2670 (Directory traversal vulnerability in HAURI Anti-Virus products ...)
+CVE-2005-2670
 	NOT-FOR-US: HAURI
-CVE-2005-2669 (Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 ...)
+CVE-2005-2669
 	NOT-FOR-US: Computer Associates
-CVE-2005-2668 (Multiple buffer overflows in Computer Associates (CA) Message Queuing ...)
+CVE-2005-2668
 	NOT-FOR-US: Computer Associates
-CVE-2005-2667 (Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM ...)
+CVE-2005-2667
 	NOT-FOR-US: Computer Associates
-CVE-2005-2666 (SSH, as implemented in OpenSSH before 4.0 and possibly other ...)
+CVE-2005-2666
 	- openssh 1:4.0p1-1 (unimportant)
 	NOTE: Lack of a security feature, not a vulnerability
-CVE-2005-2665 (Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, ...)
+CVE-2005-2665
 	NOT-FOR-US: elm-me+ is no longer in unstable or testing
-CVE-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords in ...)
+CVE-2005-2664
 	NOT-FOR-US: Whisper
-CVE-2005-2663 (masqmail before 0.2.18 allows local users to overwrite arbitrary files ...)
+CVE-2005-2663
 	{DSA-848-1}
 	- masqmail 0.2.21-1 (low; bug #329307)
-CVE-2005-2662 (masqmail before 0.2.18 allows remote attackers to execute arbitrary ...)
+CVE-2005-2662
 	{DSA-848-1}
 	- masqmail 0.2.21-1 (high; bug #329307)
-CVE-2005-2661 (Format string vulnerability in the ParseBannerAndCapability function ...)
+CVE-2005-2661
 	{DSA-852-1}
 	- up-imapproxy 1.2.4-2 (high)
-CVE-2005-2660 (apachetop 0.12.5 and earlier, when running in debug mode, allows local ...)
+CVE-2005-2660
 	{DSA-839-1}
 	- apachetop 0.12.5-3
-CVE-2005-2659 (Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as ...)
+CVE-2005-2659
 	{DSA-886-1}
 	- chmlib 0.37-2 (medium)
-CVE-2005-2658 (Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 ...)
+CVE-2005-2658
 	{DSA-812-1}
 	- turqstat 2.2.4-1 (medium)
-CVE-2005-2657 (Unknown vulnerability in common-lisp-controller 4.18 and earlier ...)
+CVE-2005-2657
 	{DSA-811-2}
 	- common-lisp-controller 4.18 (bug #328633; medium)
-CVE-2005-2656 (Polygen before 1.0.6 generates precompiled grammar objects with ...)
+CVE-2005-2656
 	{DSA-794-1}
 	NOTE: Fix in -8 had problems
 	- polygen 1.0.6-9 (bug #325468; low)
-CVE-2005-2655 (lockmail in maildrop before 1.5.3 does not drop privileges before ...)
+CVE-2005-2655
 	{DSA-791-1 DTSA-11-1}
 	- maildrop 2.0.2-7 (bug #325135; medium)
-CVE-2005-2654 (phpldapadmin before 0.9.6c allows remote attackers to gain anonymous ...)
+CVE-2005-2654
 	{DSA-790-1}
 	- phpldapadmin 0.9.6c-5 (bug #322423; medium)
 	- egroupware <not-affected> (copy included is older and not vulnerable; bug #339583)
@@ -5348,348 +5348,348 @@ CVE-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to symlin
 	- cplay 1.49-8 (bug #324913; low)
 	[woody] - cplay <not-affected> (CPLAY_TMP doesn't exist in this version)
 	[sarge] - cplay <no-dsa> (Hardly exploitable)
-CVE-2005-2672 (pwmconfig in LM_sensors before 2.9.1 creates temporary files ...)
+CVE-2005-2672
 	{DSA-814-1 DTSA-17-1}
 	- lm-sensors 1:2.9.1-7 (bug #324193; medium)
-CVE-2005-2653 (Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote ...)
+CVE-2005-2653
 	NOT-FOR-US: BBCaffe
-CVE-2005-2652 (Zorum 3.5 allows remote attackers to obtain the full installation path ...)
+CVE-2005-2652
 	NOT-FOR-US: Zorum
-CVE-2005-2651 (gorum/prod.php in Zorum 3.5 allows remote attackers to execute ...)
+CVE-2005-2651
 	NOT-FOR-US: Zorum
-CVE-2005-2650 (Cross-site scripting (XSS) vulnerability in sign.asp in Emefa ...)
+CVE-2005-2650
 	NOT-FOR-US: Emefa Guestbook
-CVE-2005-2649 (Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote ...)
+CVE-2005-2649
 	NOT-FOR-US: ATutor
-CVE-2005-2648 (Directory traversal vulnerability in index.php in W-Agora 4.2.0 and ...)
+CVE-2005-2648
 	NOT-FOR-US: W-Agora
-CVE-2005-2647 (Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web ...)
+CVE-2005-2647
 	NOT-FOR-US: Xerox MicroServer Web Server in Document Centre
-CVE-2005-2646 (Unknown vulnerability in Xerox MicroServer Web Server in Document ...)
+CVE-2005-2646
 	NOT-FOR-US: Xerox MicroServer Web Server in Document Centre
-CVE-2005-2645 (Unknown vulnerability in Xerox MicroServer Web Server in Document ...)
+CVE-2005-2645
 	NOT-FOR-US: Xerox MicroServer Web Server in Document Centre
-CVE-2005-2644 (Buffer overflow in JaguarEditControl.dll in Isemarket JaguarControl ...)
+CVE-2005-2644
 	NOT-FOR-US: JaguarControl
-CVE-2005-2643 (Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and ...)
+CVE-2005-2643
 	- tor 0.1.0.14-1 (bug #323786; medium)
-CVE-2005-2642 (Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt ...)
+CVE-2005-2642
 	- mutt <not-affected> (bug #323956; high)
 	NOTE: Status is not clear; upstream is unresponsive.
 	NOTE: this bug was closed as it was unreproducable in Debian
-CVE-2005-2641 (Unknown vulnerability in pam_ldap before 180 does not properly handle ...)
+CVE-2005-2641
 	{DSA-785-1}
 	- libpam-ldap 178-1sarge1 (bug #324899)
-CVE-2005-2640 (Behavioral discrepancy information leak in Juniper Netscreen VPN ...)
+CVE-2005-2640
 	NOT-FOR-US: Juniper
-CVE-2005-2639 (Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 ...)
+CVE-2005-2639
 	NOT-FOR-US: World Poker Championship
-CVE-2005-2638 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews ...)
+CVE-2005-2638
 	NOT-FOR-US: PHPFreeNews
-CVE-2005-2637 (Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier ...)
+CVE-2005-2637
 	NOT-FOR-US: PHPFreeNews
-CVE-2005-2636 (SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew ...)
+CVE-2005-2636
 	NOT-FOR-US: phpAdsNew
-CVE-2005-2635 (Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds ...)
+CVE-2005-2635
 	NOT-FOR-US: phpAdsNew
-CVE-2005-2634 (Buffer overflow in the Log-SCR function in the &quot;Log to Screen&quot; feature ...)
+CVE-2005-2634
 	NOT-FOR-US: WinFTP Server
-CVE-2005-2633 (Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) ...)
+CVE-2005-2633
 	NOT-FOR-US: PHPTB Topic Board
-CVE-2005-2632 (SQL injection vulnerability in login_admin_mediabox404.php in ...)
+CVE-2005-2632
 	NOT-FOR-US: Mediabox 404
-CVE-2005-2631 (Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to ...)
+CVE-2005-2631
 	NOT-FOR-US: Cisco
-CVE-2005-2630 (Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and ...)
+CVE-2005-2630
 	- helix-player <not-affected> (Only Windows version of Real are affected)
-CVE-2005-2629 (Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne ...)
+CVE-2005-2629
 	{DSA-915-1}
 	- helix-player 1.0.6-1 (bug #340270; medium)
-CVE-2005-2628 (Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to ...)
+CVE-2005-2628
 	- flashplugin-nonfree 7.0.61-1.1 (bug #339290; high)
 	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
-CVE-2005-2627 (Multiple integer underflows in Kismet before 2005-08-R1 allow remote ...)
+CVE-2005-2627
 	{DSA-788-1 DTSA-1-1}
 	- kismet 2005.08.R1-1 (bug #323386; high)
-CVE-2005-2626 (Unspecified vulnerability in Kismet before 2005-08-R1 allows remote ...)
+CVE-2005-2626
 	{DSA-788-1 DTSA-1-1}
 	- kismet 2005.08.R1-1 (bug #323386; high)
-CVE-2005-2625 (Incomplete blacklist vulnerability in the checkBlacklist function in ...)
+CVE-2005-2625
 	NOT-FOR-US: CPAINT ajax toolkit
-CVE-2005-2624 (Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers ...)
+CVE-2005-2624
 	NOT-FOR-US: CPAINT ajax toolkit
-CVE-2005-2623 (ECW-Shop 6.0.2 allows remote attackers to reduce the total cost of ...)
+CVE-2005-2623
 	NOT-FOR-US: ECW Shop
-CVE-2005-2622 (Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop ...)
+CVE-2005-2622
 	NOT-FOR-US: ECW Shop
-CVE-2005-2621 (index.php in ECW-Shop 6.0.2 allows remote attackers to obtain ...)
+CVE-2005-2621
 	NOT-FOR-US: ECW Shop
-CVE-2005-2620 (grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the ...)
+CVE-2005-2620
 	NOT-FOR-US: Novell GroupWise
-CVE-2005-2619 (Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly ...)
+CVE-2005-2619
 	NOT-FOR-US: Autonomy
-CVE-2005-2618 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) ...)
+CVE-2005-2618
 	NOT-FOR-US: Autonomy
-CVE-2005-2617 (The syscall32_setup_pages function in syscall32.c for Linux kernel ...)
+CVE-2005-2617
 	{DTSA-16-1}
 	NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00991.html - amd64 specific DOS
 	- linux-2.6 2.6.12-6
-CVE-2005-2616 (Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote ...)
+CVE-2005-2616
 	NOT-FOR-US: ezUpload
-CVE-2005-2615 (Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown ...)
+CVE-2005-2615
 	NOT-FOR-US: EQdkp
-CVE-2005-2614 (Discuz! 4.0 rc4 does not properly restrict types of files that are ...)
+CVE-2005-2614
 	NOT-FOR-US: Discuz
-CVE-2005-2613 (Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows ...)
+CVE-2005-2613
 	NOT-FOR-US: CPAINT Ajax
-CVE-2005-2612 (Direct code injection vulnerability in WordPress 1.5.1.3 and earlier ...)
+CVE-2005-2612
 	- wordpress 1.5.2-1 (bug #323040; high)
-CVE-2005-2611 (VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec ...)
+CVE-2005-2611
 	NOT-FOR-US: VERITAS Backup Exec for Windows Servers
-CVE-2005-2610 (Cross-site scripting (XSS) vulnerability in index.php in VegaDNS ...)
+CVE-2005-2610
 	NOT-FOR-US: VegaDNS
-CVE-2005-2609 (index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows ...)
+CVE-2005-2609
 	NOT-FOR-US: VegaDNS
-CVE-2005-2608 (SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS ...)
+CVE-2005-2608
 	NOT-FOR-US: SafeHTML
-CVE-2005-2607 (PHP file include vulnerability in download.php in PHPSimplicity ...)
+CVE-2005-2607
 	NOT-FOR-US: PHPSimplicity
-CVE-2005-2606 (Unknown vulnerability in the &quot;frontend authentication&quot; in PHlyMail ...)
+CVE-2005-2606
 	NOT-FOR-US: PHlyMail
-CVE-2005-2605 (Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 ...)
+CVE-2005-2605
 	NOT-FOR-US: Lasso Professional Server
-CVE-2005-2604 (index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to ...)
+CVE-2005-2604
 	NOT-FOR-US: My Image Gallery (Mig)
-CVE-2005-2603 (Cross-site scripting (XSS) vulnerability in index.php for My Image ...)
+CVE-2005-2603
 	NOT-FOR-US: My Image Gallery (Mig)
-CVE-2005-2602 (Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to ...)
+CVE-2005-2602
 	- mozilla-firefox <not-affected> (According to Bugzilla Windows/Mac only)
-CVE-2005-2601 (SQL injection vulnerability in MidiCart allows remote attackers to ...)
+CVE-2005-2601
 	NOT-FOR-US: MidiCart
-CVE-2005-2600 (FUDForum 2.6.15 with &quot;Tree View&quot; enabled, as used in other products ...)
+CVE-2005-2600
 	{DSA-899-1 DSA-798-1}
 	- egroupware 1.0.0.009.dfsg-3-2 (bug #323928; medium)
 	- phpgroupware 0.9.16.008-1 (bug #323929; medium)
-CVE-2005-2599 (Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial ...)
+CVE-2005-2599
 	NOT-FOR-US: Hummingbird FTP for Connectivity
-CVE-2005-2598 (Multiple directory traversal vulnerabilities in Dokeos 1.6 and ...)
+CVE-2005-2598
 	NOT-FOR-US: Dokeos
-CVE-2005-2597 (AOL Client Software 9.0 uses insecure permissions for its installation ...)
+CVE-2005-2597
 	NOT-FOR-US: AOL Client
-CVE-2005-2596 (User.php in Gallery, as used in Postnuke, allows users with any Admin ...)
+CVE-2005-2596
 	{DSA-879-1}
 	- gallery 1.5-2 (medium)
-CVE-2005-2595 (Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 ...)
+CVE-2005-2595
 	NOT-FOR-US: Dada Mail
-CVE-2005-2594 (Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to ...)
+CVE-2005-2594
 	NOT-FOR-US: Apple Safari
-CVE-2005-2593 (Parlano MindAlign 5.0 and later versions uses weak encryption, with ...)
+CVE-2005-2593
 	NOT-FOR-US: MindAlign
-CVE-2005-2592 (Unknown vulnerability in Parlano MindAlign 5.0 and later versions ...)
+CVE-2005-2592
 	NOT-FOR-US: MindAlign
-CVE-2005-2591 (Parlano MindAlign 5.0 and later versions allows remote attackers to ...)
+CVE-2005-2591
 	NOT-FOR-US: MindAlign
-CVE-2005-2590 (Cross-site scripting (XSS) vulnerability in Parlano MindAlign 5.0 and ...)
+CVE-2005-2590
 	NOT-FOR-US: MindAlign
-CVE-2005-2589 (Unknown vulnerability in Linksys WRT54GS wireless router with firmware ...)
+CVE-2005-2589
 	NOT-FOR-US: WRT54GS wireless router
-CVE-2005-2588 (Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 ...)
+CVE-2005-2588
 	NOT-FOR-US: DVBBS
-CVE-2005-2587 (SQL injection vulnerability in emailvalidate.php in PHPTB Topic Boards ...)
+CVE-2005-2587
 	NOT-FOR-US: PHPTB Topic Boards
-CVE-2005-2586 (Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web ...)
+CVE-2005-2586
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2585 (Mentor ADSL-FR4II router running firmware 2.00.0111 allows remote ...)
+CVE-2005-2585
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2584 (The web administration interface in Mentor ADSL-FR4II router running ...)
+CVE-2005-2584
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2583 (Mentor ADSL-FR4II router running firmware 2.00.0111 has an undocumented ...)
+CVE-2005-2583
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2582 (Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses ...)
+CVE-2005-2582
 	NOT-FOR-US: Kaspersky
-CVE-2005-2581 (Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and ...)
+CVE-2005-2581
 	NOT-FOR-US: Grandstream BudgeTone
-CVE-2005-2580 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 ...)
+CVE-2005-2580
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2579 (Nortel Contivity VPN Client V05_01.030, when configuring a certificate ...)
+CVE-2005-2579
 	NOT-FOR-US: Contivity
 CVE-2005-2578
 	REJECTED
-CVE-2005-2577 (Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote ...)
+CVE-2005-2577
 	NOT-FOR-US: Wyse Winterm
-CVE-2005-2576 (CaLogic 1.22, and possibly earlier versions, allows remote attackers ...)
+CVE-2005-2576
 	NOT-FOR-US: CaLogic
-CVE-2005-2575 (SQL injection vulnerability in u2u.inc.php in XMB Forum 1.9.1 allows ...)
+CVE-2005-2575
 	NOT-FOR-US: XMB Forum
-CVE-2005-2574 (xmb.php in XMB Forum 1.9.1 extracts and defines all provided ...)
+CVE-2005-2574
 	NOT-FOR-US: XMB Forum
-CVE-2005-2573 (The mysql_create_function function in sql_udf.cc for MySQL 4.0 before ...)
+CVE-2005-2573
 	- mysql <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-4.1 <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-5.0 <not-affected> (Windows specific mysql holes)
-CVE-2005-2572 (MySQL, when running on Windows, allows remote authenticated users with ...)
+CVE-2005-2572
 	- mysql <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-4.1 <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-5.0 <not-affected> (Windows specific mysql holes)
-CVE-2005-2571 (FunkBoard 0.66CF, and possibly earlier versions, does not properly ...)
+CVE-2005-2571
 	NOT-FOR-US: FunkBoard
-CVE-2005-2570 (FunkBoard 0.66CF, and possibly earlier versions, allows remote ...)
+CVE-2005-2570
 	NOT-FOR-US: FunkBoard
-CVE-2005-2569 (Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard ...)
+CVE-2005-2569
 	NOT-FOR-US: FunkBoard
-CVE-2005-2568 (Eval injection vulnerability in the template engine for SysCP 1.2.10 ...)
+CVE-2005-2568
 	NOT-FOR-US: SysCP
-CVE-2005-2567 (PHP remote file inclusion vulnerability in SysCP 1.2.10 and earlier ...)
+CVE-2005-2567
 	NOT-FOR-US: SysCP
-CVE-2005-2566 (Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) ...)
+CVE-2005-2566
 	NOT-FOR-US: OpenBB
-CVE-2005-2565 (Gravity Board X (GBX) 1.1 allows remote attackers to obtain sensitive ...)
+CVE-2005-2565
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2564 (Direct static code injection vulnerability in editcss.php in Gravity ...)
+CVE-2005-2564
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2563 (Multiple cross-site scripting (XSS) vulnerabilities in Gravity Board X ...)
+CVE-2005-2563
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2562 (SQL injection vulnerability in Gravity Board X (GBX) 1.1 allows remote ...)
+CVE-2005-2562
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2561 (Multiple SQL injection vulnerabilities in MYFAQ 1.0 allow remote ...)
+CVE-2005-2561
 	NOT-FOR-US: MYFAQ
-CVE-2005-2560 (Cross-site scripting (XSS) vulnerability in index.cfm in CFBB 1.1.0 ...)
+CVE-2005-2560
 	NOT-FOR-US: CFBB
-CVE-2005-2559 (doping.php in ePing plugin 1.02 and earlier for e107 portal allows ...)
+CVE-2005-2559
 	NOT-FOR-US: e107 portal
-CVE-2005-2558 (Stack-based buffer overflow in the init_syms function in MySQL 4.0 ...)
+CVE-2005-2558
 	{DSA-833-2 DSA-831-1 DSA-829-1}
 	- mysql-dfsg-4.1 4.1.13 (medium)
 	- mysql-dfsg-5.0 5.0.7beta-1 (medium)
 	- mysql-dfsg 4.0.24-10sarge1 (bug #322133; medium)
-CVE-2005-2557 (Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis ...)
+CVE-2005-2557
 	{DSA-778-1}
 	- mantis 0.19.2-4 (low)
-CVE-2005-2556 (core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with ...)
+CVE-2005-2556
 	{DSA-778-1}
 	- mantis 0.19.2-4 (medium)
-CVE-2005-2555 (Linux kernel 2.6.x does not properly restrict socket policy access to ...)
+CVE-2005-2555
 	{DSA-1018-1 DSA-1017-1 DTSA-16-1}
 	- linux-2.6 2.6.12-6 (medium)
 CVE-2005-XXXX [DoS against clamav through infinite loop in cli_rmdirs]
 	- clamav 0.86.2-1 (low)
 	[sarge] - clamav 0.84-2.sarge.2
-CVE-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 ...)
+CVE-2005-2554
 	NOT-FOR-US: Network Associated ePolicy Orchestrator Agent
-CVE-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 2.4.x ...)
+CVE-2005-2553
 	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-12 (bug #323363; medium)
-CVE-2005-2552 (Unknown vulnerability in HP ProLiant DL585 servers running Integrated ...)
+CVE-2005-2552
 	NOT-FOR-US: Integrated Light Out in HP servers
-CVE-2005-2551 (Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 ...)
+CVE-2005-2551
 	NOT-FOR-US: Novell eDirectory
-CVE-2005-2547 (security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote ...)
+CVE-2005-2547
 	{DSA-782-1 DTSA-9-1}
 	- bluez-utils 2.19-1 (bug #323365; medium)
-CVE-2005-2546 (Arab Portal 2.0 allows remote attackers to obtain sensitive ...)
+CVE-2005-2546
 	NOT-FOR-US: Arab Portal
-CVE-2005-2545 (Multiple cross-site scripting (XSS) vulnerabilities in PHPOpenChat ...)
+CVE-2005-2545
 	NOT-FOR-US: PHPOpenChat
-CVE-2005-2544 (PHP remote file inclusion vulnerability in config.php in Comdev ...)
+CVE-2005-2544
 	NOT-FOR-US: Comdev eCommerce
-CVE-2005-2543 (Directory traversal vulnerability in wce.download.php in Comdev ...)
+CVE-2005-2543
 	NOT-FOR-US: Comdev eCommerce
-CVE-2005-2542 (Invision Power Board (IPB) 1.0.3 allows remote attackers to inject ...)
+CVE-2005-2542
 	NOT-FOR-US: Invision Power Board
-CVE-2005-2541 (Tar 1.15.1 does not properly warn the user when extracting setuid or ...)
+CVE-2005-2541
 	NOTE: This is intended behaviour, after all tar is an archiving tool and you
 	NOTE: need to give -p as a command line flag
 	- tar <unfixed> (bug #328228; unimportant)
-CVE-2005-2540 (CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier ...)
+CVE-2005-2540
 	NOT-FOR-US: FlatNuke
-CVE-2005-2539 (Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 ...)
+CVE-2005-2539
 	NOT-FOR-US: FlatNuke
-CVE-2005-2538 (FlatNuke 2.5.5 and possibly earlier versions allows remote attackers ...)
+CVE-2005-2538
 	NOT-FOR-US: FlatNuke
-CVE-2005-2537 (FlatNuke 2.5.5 and possibly earlier versions allows remote attackers ...)
+CVE-2005-2537
 	NOT-FOR-US: FlatNuke
-CVE-2005-2536 (pstotext before 1.8g does not properly use the &quot;-dSAFER&quot; option when ...)
+CVE-2005-2536
 	{DSA-792-1}
 	- pstotext 1.9-2 (bug #319758; medium)
-CVE-2005-2535 (Buffer overflow in the Discovery Service in BrightStor ARCserve Backup ...)
+CVE-2005-2535
 	NOT-FOR-US: ARCserve Backup
-CVE-2005-2534 (Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not ...)
+CVE-2005-2534
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2533 (OpenVPN before 2.0.1, when running in &quot;dev tap&quot; Ethernet bridging ...)
+CVE-2005-2533
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2532 (OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue ...)
+CVE-2005-2532
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2531 (OpenVPN before 2.0.1, when running with &quot;verb 0&quot; and without TLS ...)
+CVE-2005-2531
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2530 (Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac OS X ...)
+CVE-2005-2530
 	NOT-FOR-US: Java / Apple
-CVE-2005-2529 (Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac ...)
+CVE-2005-2529
 	NOT-FOR-US: Java / Apple
 CVE-2005-2528
 	REJECTED
-CVE-2005-2527 (Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X ...)
+CVE-2005-2527
 	NOT-FOR-US: Java / Apple
-CVE-2005-2526 (CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a ...)
+CVE-2005-2526
 	NOT-FOR-US: MacOS X
-CVE-2005-2525 (CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file ...)
+CVE-2005-2525
 	NOT-FOR-US: MacOS X
-CVE-2005-2524 (Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to ...)
+CVE-2005-2524
 	NOT-FOR-US: MacOS X
-CVE-2005-2523 (Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server ...)
+CVE-2005-2523
 	NOT-FOR-US: Weblog Server in Mac OS X
-CVE-2005-2522 (Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs ...)
+CVE-2005-2522
 	NOT-FOR-US: Mac OS X
-CVE-2005-2521 (Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to ...)
+CVE-2005-2521
 	NOT-FOR-US: Mac OS X
-CVE-2005-2520 (The password assistant in Mac OS X 10.4 to 10.4.2, when used to create ...)
+CVE-2005-2520
 	NOT-FOR-US: Mac OS X
-CVE-2005-2519 (slpd in Directory Services in Mac OS X 10.3.9 creates insecure ...)
+CVE-2005-2519
 	NOT-FOR-US: Mac OS X
-CVE-2005-2518 (Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows ...)
+CVE-2005-2518
 	NOT-FOR-US: Mac OS X
-CVE-2005-2517 (Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL ...)
+CVE-2005-2517
 	NOT-FOR-US: Mac OS X
-CVE-2005-2516 (Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format ...)
+CVE-2005-2516
 	NOT-FOR-US: Mac OS X
-CVE-2005-2515 (Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to ...)
+CVE-2005-2515
 	NOT-FOR-US: Mac OS X
-CVE-2005-2514 (Buffer overflow in ping in Mac OS X 10.3.9 allows local users to ...)
+CVE-2005-2514
 	NOT-FOR-US: Mac OS X
-CVE-2005-2513 (Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows ...)
+CVE-2005-2513
 	NOT-FOR-US: Mac OS X
-CVE-2005-2512 (Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an ...)
+CVE-2005-2512
 	NOT-FOR-US: Mac OS X
-CVE-2005-2511 (Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using ...)
+CVE-2005-2511
 	NOT-FOR-US: Mac OS X
-CVE-2005-2510 (The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to ...)
+CVE-2005-2510
 	NOT-FOR-US: Mac OS X
-CVE-2005-2509 (Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, ...)
+CVE-2005-2509
 	NOT-FOR-US: Mac OS X
-CVE-2005-2508 (dsidentity in Directory Services in Mac OS X 10.4.2 allows local users ...)
+CVE-2005-2508
 	NOT-FOR-US: Mac OS X
-CVE-2005-2507 (Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 ...)
+CVE-2005-2507
 	NOT-FOR-US: Mac OS X
-CVE-2005-2506 (Algorithmic complexity vulnerability in CoreFoundation in Mac OS X ...)
+CVE-2005-2506
 	NOT-FOR-US: Mac OS X
-CVE-2005-2505 (Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers ...)
+CVE-2005-2505
 	NOT-FOR-US: Mac OS X
-CVE-2005-2504 (The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with ...)
+CVE-2005-2504
 	NOT-FOR-US: Mac OS X
-CVE-2005-2503 (AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical ...)
+CVE-2005-2503
 	NOT-FOR-US: Mac OS X
-CVE-2005-2502 (Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in ...)
+CVE-2005-2502
 	NOT-FOR-US: Mac OS X
-CVE-2005-2501 (Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows ...)
+CVE-2005-2501
 	NOT-FOR-US: Mac OS X
-CVE-2005-2500 (Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux ...)
+CVE-2005-2500
 	- linux-2.6 2.6.12-1 (medium)
-CVE-2005-2499 (slocate before 2.7 does not properly process very long paths, which ...)
+CVE-2005-2499
 	- slocate <not-affected> (Uses secure glibc code, see #324951)
-CVE-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR ...)
+CVE-2005-2498
 	{DSA-842-1 DSA-840-1 DSA-798-1 DSA-789-1 DTSA-15-1}
 	- drupal 4.5.5-1 (bug #323347; high)
 	- phpgroupware 0.9.16.008-1 (bug #323349; high)
@@ -5700,22 +5700,22 @@ CVE-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR
 	- php5 5.0.5-1 (high)
 CVE-2005-2497
 	REJECTED
-CVE-2005-2496 (The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option ...)
+CVE-2005-2496
 	{DSA-801-1}
 	NOTE: I suspect DSA-801 is fixed by the non-root patches from Ubuntu??
 	- ntp 1:4.2.0a+stable-2sarge1 (medium)
 	[etch] - ntp 1:4.2.0a+stable-2sarge1 (medium)
-CVE-2005-2495 (Multiple integer overflows in XFree86 before 4.3.0 allow ...)
+CVE-2005-2495
 	{DSA-816-1}
 	- xorg-x11 6.8.2.dfsg.1-7 (medium)
-CVE-2005-2494 (kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root ...)
+CVE-2005-2494
 	{DSA-815-1}
 	- kdebase 4:3.4.2-3 (bug #327039; medium)
 CVE-2005-2493
 	RESERVED
-CVE-2005-2492 (The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 ...)
+CVE-2005-2492
 	- linux-2.6 2.6.12-7 (bug #327416; medium)
-CVE-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular ...)
+CVE-2005-2491
 	{DSA-821-1 DSA-819-1 DSA-817-1 DSA-800-1 DTSA-10-1}
 	- pcre3 6.3-1 (bug #324531; medium)
 	- gnumeric 1.5.1-1 (bug #326628; bug #326898; unimportant)
@@ -5725,7 +5725,7 @@ CVE-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular ...
 	- python2.1 2.1.3dfsg-3 (medium)
 	- python2.2 2.2.3dfsg-4 (medium)
 	- python2.3 2.3.5-8 (medium)
-CVE-2005-2490 (Stack-based buffer overflow in the sendmsg function call in the Linux ...)
+CVE-2005-2490
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-7 (bug #327416; medium)
 CVE-2005-XXXX [Buffer overflow in Description parsing]
@@ -5740,61 +5740,61 @@ CVE-2005-XXXX [Should include "UNRESTRICTED access to your computer" warning som
 	[etch] - classpath <not-affected> (Doesn't build the gcjwebplugin binary package)
 CVE-2005-XXXX [Inconsistent escaping of user supplied data in dbauthpgsql.c]
 	- dbmail 2.2.1-1 (bug #290833; medium)
-CVE-2005-2548 (vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote ...)
+CVE-2005-2548
 	{DSA-922-1 DTSA-16-1}
 	NOTE: Will appear in next kernel DSA, fixed in 2.6 since 2.6.9-rc2
 	- kernel-source-2.6.8 2.6.8-16sarge1 (bug #309308; low)
 	NOTE: 2.6.12-1 contained a partially broken fix
 	- linux-2.6 2.6.12-6 (bug #309308; low)
-CVE-2005-2489 (Web Content Management News System allows remote attackers to create ...)
+CVE-2005-2489
 	NOT-FOR-US: Web Content Management News System
-CVE-2005-2488 (Cross-site scripting (XSS) vulnerability in Web Content Management ...)
+CVE-2005-2488
 	NOT-FOR-US: Web Content Management News System
-CVE-2005-2487 (Unknown vulnerability in Sun McData switches and directors 4300, 4500, ...)
+CVE-2005-2487
 	NOT-FOR-US: Sun switches
-CVE-2005-2486 (SQL injection vulnerability in mod_forum/read_message.php in ...)
+CVE-2005-2486
 	NOT-FOR-US: PortailPHP
-CVE-2005-2485 (Cross-site scripting (XSS) vulnerability in the Helpdesk in Logicampus ...)
+CVE-2005-2485
 	NOT-FOR-US: Logicampus
-CVE-2005-2484 (Buffer overflow in the rdb_query function for Denora IRC Stats 1.0 ...)
+CVE-2005-2484
 	NOT-FOR-US: Denora IRC stats
-CVE-2005-2483 (Eval injection vulnerability in Karrigell before 2.1.8 allows remote ...)
+CVE-2005-2483
 	NOT-FOR-US: Karrigell
-CVE-2005-2482 (The StateToOptions function in msfweb in Metasploit Framework 2.4 and ...)
+CVE-2005-2482
 	NOT-FOR-US: Metasploit Framework
-CVE-2005-2481 (ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive ...)
+CVE-2005-2481
 	NOT-FOR-US: Fusebox
-CVE-2005-2480 (Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 ...)
+CVE-2005-2480
 	NOT-FOR-US: Fusebox
-CVE-2005-2479 (Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial ...)
+CVE-2005-2479
 	NOT-FOR-US: Quick 'n Easy FTP Server
-CVE-2005-2478 (SQL injection vulnerability in SilverNews 2.0.3 allows remote ...)
+CVE-2005-2478
 	NOT-FOR-US: Silvernews
-CVE-2005-2477 (shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote ...)
+CVE-2005-2477
 	NOT-FOR-US: Naxtor Shopping Cart
-CVE-2005-2476 (Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor ...)
+CVE-2005-2476
 	NOT-FOR-US: Naxtor Shopping Cart
-CVE-2005-2475 (Race condition in Unzip 5.52 allows local users to modify permissions ...)
+CVE-2005-2475
 	{DSA-903-1}
 	- unzip 5.52-4 (bug #321927; low)
-CVE-2005-2474 (ChurchInfo allows remote attackers to execute obtain sensitive ...)
+CVE-2005-2474
 	NOT-FOR-US: ChurchInfo
-CVE-2005-2473 (Multiple SQL injection vulnerabilities in ChurchInfo allow remote ...)
+CVE-2005-2473
 	NOT-FOR-US: ChurchInfo
-CVE-2005-2472 (Multiple buffer overflows in BusinessMail 4.60.00 allow remote ...)
+CVE-2005-2472
 	NOT-FOR-US: BusinessMail
-CVE-2005-2471 (pstopnm in netpbm does not properly use the &quot;-dSAFER&quot; option when ...)
+CVE-2005-2471
 	{DSA-1021-1}
 	- netpbm-free 2:10.0-9 (bug #319757; low)
-CVE-2005-2470 (Buffer overflow in a &quot;core application plug-in&quot; for Adobe Reader 5.1 ...)
+CVE-2005-2470
 	NOT-FOR-US: Adobe
-CVE-2005-2469 (Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C ...)
+CVE-2005-2469
 	NOT-FOR-US: Novell NetMail
-CVE-2005-2459 (The huft_build function in inflate.c in the zlib routines in the Linux ...)
+CVE-2005-2459
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (bug #323173)
 	- kernel-source-2.4.27 2.4.27-12 (medium)
-CVE-2005-2458 (inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 ...)
+CVE-2005-2458
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (bug #323173; medium)
 	- kernel-source-2.4.27 2.4.27-12 (medium)
@@ -5822,18 +5822,18 @@ CVE-2005-XXXX [fftw3-dev: Insecure tempfile usage in fftw-wisdom-to-conf script]
 CVE-2005-XXXX [clamav-getfile: Insecure use of temporary files]
 	- clamav-getfiles 0.5-1 (bug #321446; medium)
 	[sarge] - clamav-getfiles <not-affected> (Sarge version uses mktemp)
-CVE-2005-3254 (The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect ...)
+CVE-2005-3254
 	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316881; low)
 	[sarge] - cgiwrap <no-dsa> (Minor impact)
-CVE-2005-3255 (The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian ...)
+CVE-2005-3255
 	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316901; low)
 	[sarge] - cgiwrap <no-dsa> (Minor information disclosure, only debugging libs)
-CVE-2005-2550 (Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows ...)
+CVE-2005-2550
 	{DSA-1016-1 DTSA-13-1}
 	- evolution 2.2.3-3 (high; bug #322535)
-CVE-2005-2549 (Multiple format string vulnerabilities in Evolution 1.5 through ...)
+CVE-2005-2549
 	{DSA-1016-1 DTSA-13-1}
 	- evolution 2.2.3-3 (high; bug #322535)
 CVE-2005-XXXX [libnet-ssleay-perl: /tmp/entropy insecure]
@@ -5846,31 +5846,31 @@ CVE-2005-XXXX [bugzilla: Maintainer's postinst script use temporary files in an
 	- bugzilla 2.18.3-2 (bug #321567; low)
 CVE-2005-XXXX [Crypto weakness in Tor's handshaking process]
 	- tor 0.1.0.14-1 (medium)
-CVE-2005-2457 (The driver for compressed ISO file systems (zisofs) in the Linux ...)
+CVE-2005-2457
 	{DSA-1018-1 DSA-1017-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (medium)
-CVE-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in ...)
+CVE-2005-2456
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-2 (bug #321401; medium)
 	- kernel-source-2.4.27 2.4.27-11 (medium)
-CVE-2005-2455 (Greasemonkey before 0.3.5 allows remote web servers to (1) read ...)
+CVE-2005-2455
 	NOT-FOR-US: Greasemonkey
-CVE-2005-2454 (IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure ...)
+CVE-2005-2454
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2005-2453 (Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server ...)
+CVE-2005-2453
 	NOT-FOR-US: NetworkActiv Web Server
-CVE-2005-2452 (libtiff up to 3.7.0 allows remote attackers to cause a denial of ...)
+CVE-2005-2452
 	NOTE: CVE description is broken, this only affects 3.6, it's been fixed in 3.7
 	- tiff 3.7.0-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2005-2451 (Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, ...)
+CVE-2005-2451
 	NOT-FOR-US: IOS
-CVE-2005-2450 (Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file ...)
+CVE-2005-2450
 	{DSA-776-1 DTSA-3-1}
 	- clamav 0.86.2-1 (medium)
-CVE-2005-2449 (Race condition in sandbox before 1.2.11 allows local users to create ...)
+CVE-2005-2449
 	NOT-FOR-US: sandbox
-CVE-2005-2448 (Multiple &quot;endianness errors&quot; in libgadu in ekg before 1.6rc2 allow ...)
+CVE-2005-2448
 	{DSA-1318-1 DSA-813-1 DTSA-2-1 DTSA-4-1}
 	- ekg 1:1.5+20050718+1.6rc3-1 (low)
 	- centericq 4.20.0-9 (bug #323185; medium)
@@ -5878,113 +5878,113 @@ CVE-2005-2447
 	REJECTED
 CVE-2005-2446
 	REJECTED
-CVE-2005-2445 (SQL injection vulnerability in viewPrd.asp in Product Cart 2.6 allows ...)
+CVE-2005-2445
 	NOT-FOR-US: Product Cart
-CVE-2005-2444 (Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the ...)
+CVE-2005-2444
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-2443 (Kshout 2.x and 3.x stores settings.dat under the web document root ...)
+CVE-2005-2443
 	NOT-FOR-US: KShout
-CVE-2005-2442 (Cross-Application Scripting (XAS) vulnerability in SPI Dynamics ...)
+CVE-2005-2442
 	NOT-FOR-US: SPI Dynamics Web Inspect
-CVE-2005-2441 (Multiple cross-site scripting (XSS) vulnerabilities in VBzoom allow ...)
+CVE-2005-2441
 	NOT-FOR-US: VBzoom
-CVE-2005-2440 (SQL injection vulnerability in login.asp in Thomson Web Skill Vantage ...)
+CVE-2005-2440
 	NOT-FOR-US: Thomson Web Skill Vantage Manager
-CVE-2005-2439 (SQL injection vulnerability in UseBB 0.5.1 and earlier, when ...)
+CVE-2005-2439
 	NOT-FOR-US: UseBB
-CVE-2005-2438 (Cross-site scripting (XSS) vulnerability in UseBB 0.5.1 and earlier ...)
+CVE-2005-2438
 	NOT-FOR-US: UseBB
-CVE-2005-2436 (browse.php in Website Baker Project allows remote attackers to obtain ...)
+CVE-2005-2436
 	NOT-FOR-US: Website Baker
-CVE-2005-2435 (Cross-site scripting (XSS) vulnerability in browse.php in Website ...)
+CVE-2005-2435
 	NOT-FOR-US: Website Baker
-CVE-2005-2434 (Linksys WRT54G router uses the same private key and certificate for ...)
+CVE-2005-2434
 	NOT-FOR-US: Linksys hardware
-CVE-2005-2433 (PhpList allows remote attackers to obtain sensitive information via a ...)
+CVE-2005-2433
 	NOT-FOR-US: PhpList
-CVE-2005-2432 (SQL injection vulnerability in PhpList allows remote attackers to ...)
+CVE-2005-2432
 	NOT-FOR-US: PhpList
-CVE-2005-2431 (The (1) lost password and (2) account pending features in GForge 4.5 ...)
+CVE-2005-2431
 	- gforge 4.5.14-2 (bug #328224; unimportant)
 	NOTE: Direct flooding is possible as well in most circumstances.
 	NOTE: (Upstream fix was in gforge 4.5.0.1.)
-CVE-2005-2430 (Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5 ...)
+CVE-2005-2430
 	{DSA-1094-1}
 	- gforge 4.5.14-9 (bug #328224; medium)
-CVE-2005-2429 (Firefox, when opening Microsoft Word documents, does not properly set ...)
+CVE-2005-2429
 	- mozilla-firefox <not-affected> (Only affects Firefox on Windows platforms)
-CVE-2005-2428 (Lotus Domino R5 and R6 WebMail, with &quot;Generate HTML for all fields&quot; ...)
+CVE-2005-2428
 	NOT-FOR-US: Lotus Domino
-CVE-2005-2427 (Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ ...)
+CVE-2005-2427
 	NOT-FOR-US: CartWIZ
-CVE-2005-2426 (FTPshell Server 3.38 allows remote authenticated users to cause a ...)
+CVE-2005-2426
 	NOT-FOR-US: FTPshell Server
-CVE-2005-2425 (Stack-based buffer overflow in Ares FileShare 1.1 allows remote ...)
+CVE-2005-2425
 	NOT-FOR-US: Ares FileShare
-CVE-2005-2424 (The management interface for Siemens SANTIS 50 running firmware ...)
+CVE-2005-2424
 	NOT-FOR-US: Siemens hardware
-CVE-2005-2423 (Beehive Forum allows remote attackers to obtain sensitive information ...)
+CVE-2005-2423
 	NOT-FOR-US: Beehive
-CVE-2005-2422 (Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum ...)
+CVE-2005-2422
 	NOT-FOR-US: Beehive
-CVE-2005-2421 (Multiple SQL injection vulnerabilities in index.php and other pages in ...)
+CVE-2005-2421
 	NOT-FOR-US: Beehive
-CVE-2005-2420 (flsearch.pl in FtpLocate 2.02 allows remote attackers to execute ...)
+CVE-2005-2420
 	NOT-FOR-US: FtpLocate
-CVE-2005-2419 (B-FOCuS Router 312+ allows remote attackers to bypass authentication ...)
+CVE-2005-2419
 	NOT-FOR-US: hardware issue
 CVE-2005-2418
 	REJECTED
-CVE-2005-2417 (Contrexx before 1.0.5 allows remote attackers to obtain sensitive ...)
+CVE-2005-2417
 	NOT-FOR-US: Contrexx
-CVE-2005-2416 (Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before ...)
+CVE-2005-2416
 	NOT-FOR-US: Contrexx
-CVE-2005-2415 (Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow ...)
+CVE-2005-2415
 	NOT-FOR-US: Contrexx
-CVE-2005-2414 (Race condition in the xpcom library, as used by web browsers such as ...)
+CVE-2005-2414
 	- firefox 1.5.dfsg-1 (unimportant)
 	- mozilla-firefox 1.5.dfsg-1 (bug #327549; unimportant)
 	- mozilla 1.5.dfsg-1 (bug #327550; unimportant)
 	- iceweasel <not-affected>
 	NOTE: The turned out to be non-exploitable
-CVE-2005-2413 (PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in ...)
+CVE-2005-2413
 	NOT-FOR-US: Atomic Photo Album
-CVE-2005-2412 (PHP remote file inclusion vulnerability in block.php in PHP FirstPost ...)
+CVE-2005-2412
 	NOT-FOR-US: First Post
-CVE-2005-2411 (Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and ...)
+CVE-2005-2411
 	{DSA-808-1}
 	- tdiary 2.0.2-1 (bug #319315; medium)
-CVE-2005-2410 (Format string vulnerability in the nm_info_handler function in Network ...)
+CVE-2005-2410
 	NOT-FOR-US: Network Manager
-CVE-2005-2409 (Format string vulnerability in util.c in nbsmtp 0.99 and earlier, ...)
+CVE-2005-2409
 	NOT-FOR-US: nbsmtp
 CVE-2005-2408
 	REJECTED
-CVE-2005-2407 (A design error in Opera 8.01 and earlier allows user-assisted ...)
+CVE-2005-2407
 	NOT-FOR-US: Opera
-CVE-2005-2406 (Opera 8.01 allows remote attackers to conduct cross-site scripting ...)
+CVE-2005-2406
 	NOT-FOR-US: Opera
-CVE-2005-2405 (Opera 8.01, when the &quot;Arial Unicode MS&quot; font (ARIALUNI.TTF) is ...)
+CVE-2005-2405
 	NOT-FOR-US: Opera
-CVE-2005-2404 (SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows ...)
+CVE-2005-2404
 	NOT-FOR-US: Sendcard
-CVE-2005-2403 (The login protocol in RealChat 3.5.1b does not use authentication, ...)
+CVE-2005-2403
 	NOT-FOR-US: RealChat
-CVE-2005-2402 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+CVE-2005-2402
 	NOT-FOR-US: PHPSiteSearch
-CVE-2005-2401 (PHP-Fusion allows remote attackers to inject arbitrary Cascading Style ...)
+CVE-2005-2401
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2400 (The inc.login.php scripts in PHPFinance 0.3 allows remote attackers to ...)
+CVE-2005-2400
 	NOT-FOR-US: PHPFinance
-CVE-2005-2399 (PHP Surveyor 0.98 allows remote attackers to trigger SQL errors via ...)
+CVE-2005-2399
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2398 (Multiple SQL injection vulnerabilities in PHP Surveyor 0.98 allows ...)
+CVE-2005-2398
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2397 (Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook ...)
+CVE-2005-2397
 	NOT-FOR-US: phpBook
-CVE-2005-2396 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and ...)
+CVE-2005-2396
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-2395 (Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ...)
+CVE-2005-2395
 	- firefox <removed> (bug #320539; unimportant)
 	- iceweasel <removed> (bug #320539; unimportant)
 	- mozilla-firefox 1.4.99+1.5rc3.dfsg-2 (bug #320539; unimportant)
@@ -5992,62 +5992,62 @@ CVE-2005-2395 (Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge wit
 	NOTE: Firefox and Mozilla follow RFC behaviour. This is more a lack of security
 	NOTE: feature (client-side preference for stronger methods) and not a vulnerabilit
 	NOTE: This also seems like a rare setup.
-CVE-2005-2394 (show_news.php in CuteNews 1.3.6 allows remote attackers to obtain the ...)
+CVE-2005-2394
 	NOT-FOR-US: CuteNews
-CVE-2005-2393 (Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows ...)
+CVE-2005-2393
 	NOT-FOR-US: CuteNews
-CVE-2005-2392 (Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 ...)
+CVE-2005-2392
 	NOT-FOR-US: CMSimple
-CVE-2005-2391 (Unknown vulnerability in 3Com OfficeConnect Wireless 11g Access Point ...)
+CVE-2005-2391
 	NOT-FOR-US: 3Com OfficeConnect Wireless 11g AP
-CVE-2005-2390 (Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 ...)
+CVE-2005-2390
 	{DSA-795-2}
 	- proftpd 1.2.10-20 (low)
 	NOTE: ftpshut fixed in -19, SQLShowInfo in -20
-CVE-2005-2389 (NDMP server in Veritas NetBackup 5.1 allows attackers to cause a ...)
+CVE-2005-2389
 	NOT-FOR-US: Veritas NetBackup
-CVE-2005-2388 (Buffer overflow in a certain USB driver, as used on Microsoft Windows, ...)
+CVE-2005-2388
 	NOT-FOR-US: some windows USB driver
-CVE-2005-2387 (Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 ...)
+CVE-2005-2387
 	NOT-FOR-US: GoodTech SMTP server
-CVE-2005-2386 (Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ ...)
+CVE-2005-2386
 	NOT-FOR-US: CartWIZ
-CVE-2005-2385 (Buffer overflow in a third-party compression library (UNACEV2.DLL), as ...)
+CVE-2005-2385
 	NOT-FOR-US: UNACEV2.DLL
-CVE-2005-2384 (Directory traversal vulnerability in a third-party compression library ...)
+CVE-2005-2384
 	NOT-FOR-US: UNACEV2.DLL
-CVE-2005-2383 (SQL injection vulnerability in auth.php in PHPNews 1.2.5 allows remote ...)
+CVE-2005-2383
 	NOT-FOR-US: PHPNews
-CVE-2005-2382 (Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM ...)
+CVE-2005-2382
 	NOT-FOR-US: Oray PeanutHull
-CVE-2005-2381 (PHP Surveyor 0.98 allows remote attackers to obtain sensitive ...)
+CVE-2005-2381
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2380 (Multiple cross-site scripting vulnerabilities in PHP Surveyor 0.98 ...)
+CVE-2005-2380
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2379 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Reports ...)
+CVE-2005-2379
 	NOT-FOR-US: Oracle Reports
-CVE-2005-2378 (Directory traversal vulnerability in Oracle Reports allows remote ...)
+CVE-2005-2378
 	NOT-FOR-US: Oracle Reports
-CVE-2005-2377 (nss_ldap 181 to versions before 213, as used in Mandrake Corporate ...)
+CVE-2005-2377
 	- libnss-ldap <not-affected> (Mandrake specfic vulnerability)
-CVE-2005-2376 (Buffer overflow in Race Driver 1.20 and earlier allows remote ...)
+CVE-2005-2376
 	NOT-FOR-US: Race Driver
-CVE-2005-2375 (Format string vulnerability in Race Driver 1.20 and earlier allows ...)
+CVE-2005-2375
 	NOT-FOR-US: Race Driver
-CVE-2005-2374 (Belkin 54g wireless routers do not properly set an administrative ...)
+CVE-2005-2374
 	NOT-FOR-US: Belkin 54g wireless routers
-CVE-2005-2373 (Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated ...)
+CVE-2005-2373
 	NOT-FOR-US: SlimFTPd
-CVE-2005-2372 (Oracle Forms 4.5 through 10g starts form executables from arbitrary ...)
+CVE-2005-2372
 	NOT-FOR-US: Oracle Forms
-CVE-2005-2371 (Directory traversal vulnerability in Oracle Reports 6.0, 6i, 9i, and ...)
+CVE-2005-2371
 	NOT-FOR-US: Oracle Reports
-CVE-2005-2370 (Multiple &quot;memory alignment errors&quot; in libgadu, as used in ekg before ...)
+CVE-2005-2370
 	{DSA-1318-1 DSA-813-1 DSA-769-1 DTSA-2-1 DTSA-5-1}
 	- gaim 1:1.4.0-5 (low)
 	- centericq 4.20.0-9 (bug #323185; low)
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
-CVE-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg before ...)
+CVE-2005-2369
 	{DSA-813-1 DTSA-2-1}
 	- centericq 4.20.0-9 (bug #323185; medium)
 	- gaim 1:1.5.0-1 (bug #350071; medium)
@@ -6056,193 +6056,193 @@ CVE-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg bef
 	- ekg 1:1.5+20050712+1.6rc2-1 (medium)
 	[sarge] - ekg <not-affected>
 	NOTE: The fixes from centericq for integer overflows are all present in ekg from stable
-CVE-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows external ...)
+CVE-2005-2368
 	{DTSA-12-1}
 	- vim 1:6.3-085+1 (bug #320017; medium)
 	[sarge] - vim 1:6.3-071+1sarge1
 	NOTE: For some reason this was fixed through an upload to s-p-u, not stable-security
-CVE-2005-2367 (Format string vulnerability in the proto_item_set_text function in ...)
+CVE-2005-2367
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; bug #320192; medium)
-CVE-2005-2366 (Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows ...)
+CVE-2005-2366
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2365 (Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through ...)
+CVE-2005-2365
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2364 (Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) ...)
+CVE-2005-2364
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2363 (Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector, ...)
+CVE-2005-2363
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2362 (Unknown vulnerability several dissectors in Ethereal 0.9.0 through ...)
+CVE-2005-2362
 	- ethereal 0.10.12-1 (bug #320183; low)
 	NOTE: This affects partially Woody and Sarge
-CVE-2005-2361 (Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, ...)
+CVE-2005-2361
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2360 (Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through ...)
+CVE-2005-2360
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2359 (The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used ...)
+CVE-2005-2359
 	- kfreebsd-5 5.3-1 (medium)
-CVE-2005-2358 (EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list ...)
+CVE-2005-2358
 	NOT-FOR-US: EMC Navisphere Manager
-CVE-2005-2357 (Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 ...)
+CVE-2005-2357
 	NOT-FOR-US: EMC Navisphere Manager
 CVE-2005-2355
 	REJECTED
 CVE-2005-2347
 	RESERVED
-CVE-2005-2346 (Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers ...)
+CVE-2005-2346
 	NOT-FOR-US: Novell
 CVE-2005-2345
 	REJECTED
-CVE-2005-2344 (The BlackBerry Attachment Service in Research in Motion (RIM) ...)
+CVE-2005-2344
 	NOT-FOR-US: Research in Motion
-CVE-2005-2343 (Research in Motion (RIM) BlackBerry Handheld web browser for ...)
+CVE-2005-2343
 	NOT-FOR-US: Research in Motion
-CVE-2005-2342 (Research in Motion (RIM) BlackBerry Router allows remote attackers to ...)
+CVE-2005-2342
 	NOT-FOR-US: Research in Motion
-CVE-2005-2341 (Heap-based buffer overflow in Research in Motion (RIM) BlackBerry ...)
+CVE-2005-2341
 	NOT-FOR-US: Research in Motion
-CVE-2005-2340 (Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows ...)
+CVE-2005-2340
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-2339 (Cross-site scripting (XSS) vulnerability in the Unicode version of ...)
+CVE-2005-2339
 	NOT-FOR-US: unicode msearch
-CVE-2005-2338 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.12 JP ...)
+CVE-2005-2338
 	NOT-FOR-US: Xoops
-CVE-2005-2337 (Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to ...)
+CVE-2005-2337
 	{DSA-864-1 DSA-862-1 DSA-860-1}
 	- ruby <removed>
 	- ruby1.6 1.6.8-13 (medium)
 	- ruby1.8 1.8.3-1 (bug #332742; medium)
 	- ruby1.9 1.9.0+20050921-1 (medium)
-CVE-2005-2336 (Cross-site scripting (XSS) vulnerability in Hiki 0.8.0 to 0.8.2 allows ...)
+CVE-2005-2336
 	[sarge] - hiki <not-affected> (code not present in sarge)
 	- hiki 0.8.2-1
-CVE-2005-2334 (Y.SAK allows remote attackers to execute arbitrary commands via shell ...)
+CVE-2005-2334
 	NOT-FOR-US: Y.SAK
-CVE-2005-2333 (Cross-site scripting (XSS) vulnerability in smilies_popup.php in ...)
+CVE-2005-2333
 	NOT-FOR-US: smilies_popup.php
-CVE-2005-2332 (Cross-site scripting (XSS) vulnerability in PHPPageProtect 1.0.0a ...)
+CVE-2005-2332
 	NOT-FOR-US: PHPPageProtect
-CVE-2005-2331 (PHP remote file inclusion vulnerability in display.php in MooseGallery ...)
+CVE-2005-2331
 	NOT-FOR-US: MooseGallery
-CVE-2005-2330 (Directory traversal vulnerability in extras/update.php in osCommerce 2.2 ...)
+CVE-2005-2330
 	NOT-FOR-US: osCommerce
-CVE-2005-2329 (MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, ...)
+CVE-2005-2329
 	NOT-FOR-US: MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S
-CVE-2005-2328 (PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 ...)
+CVE-2005-2328
 	NOT-FOR-US: Laffer
-CVE-2005-2327 (Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier ...)
+CVE-2005-2327
 	NOT-FOR-US: e107
-CVE-2005-2326 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a ...)
+CVE-2005-2326
 	NOT-FOR-US: Clever Copy
-CVE-2005-2325 (Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full ...)
+CVE-2005-2325
 	NOT-FOR-US: Clever Copy
-CVE-2005-2324 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a ...)
+CVE-2005-2324
 	NOT-FOR-US: Clever Copy
-CVE-2005-2323 (Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and ...)
+CVE-2005-2323
 	NOT-FOR-US: Class-1 Forum
-CVE-2005-2322 (Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and ...)
+CVE-2005-2322
 	NOT-FOR-US: Class-1 Forum
-CVE-2005-2321 (PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote ...)
+CVE-2005-2321
 	NOT-FOR-US: CaLogic
-CVE-2005-2319 (PHP remote file include vulnerability in Yawp library 1.0.6 and ...)
+CVE-2005-2319
 	NOT-FOR-US: Yawp
-CVE-2005-2318 (Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 ...)
+CVE-2005-2318
 	NOT-FOR-US: DVBBS
-CVE-2005-2317 (Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before ...)
+CVE-2005-2317
 	{DSA-849-1}
 	- shorewall 2.4.1-2 (bug #318946; medium)
-CVE-2005-2316 (Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers ...)
+CVE-2005-2316
 	NOT-FOR-US: dnrd
-CVE-2005-2315 (Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 ...)
+CVE-2005-2315
 	NOT-FOR-US: dnrd
-CVE-2005-2314 (inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to ...)
+CVE-2005-2314
 	NOT-FOR-US: PHPsFTPd
-CVE-2005-2313 (Check Point SecuRemote NG with Application Intelligence R54 allows ...)
+CVE-2005-2313
 	NOT-FOR-US: Check Point SecuRemote NG with Application Intelligence
-CVE-2005-2312 (management.php in Realnode Emilda 1.2.2 and earlier allows remote ...)
+CVE-2005-2312
 	NOT-FOR-US: Realnode Emilda
-CVE-2005-2311 (SMS 1.9.2m and earlier allows local users to overwrite arbitrary files ...)
+CVE-2005-2311
 	- sms-pl 2.1.0-1 (bug #320540; unimportant)
 	NOTE: vulnerable contrib file only in source package
-CVE-2005-2310 (Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions ...)
+CVE-2005-2310
 	NOT-FOR-US: Winamp
-CVE-2005-2309 (Opera 8.01 allows remote attackers to cause a denial of service (CPU ...)
+CVE-2005-2309
 	NOT-FOR-US: Opera
-CVE-2005-2308 (The JPEG decoder in Microsoft Internet Explorer allows remote ...)
+CVE-2005-2308
 	NOT-FOR-US: MSIE
-CVE-2005-2307 (netman.dll in Microsoft Windows Connections Manager Library allows ...)
+CVE-2005-2307
 	NOT-FOR-US: Microsoft
-CVE-2005-2306 (Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when ...)
+CVE-2005-2306
 	NOT-FOR-US: Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0
-CVE-2005-2305 (DG Remote Control Server 1.6.2 allows remote attackers to cause a ...)
+CVE-2005-2305
 	NOT-FOR-US: DG Remote Control Server
-CVE-2005-2304 (Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote ...)
+CVE-2005-2304
 	NOT-FOR-US: Microsoft
 CVE-2005-2303
 	REJECTED
-CVE-2005-2302 (PowerDNS before 2.9.18, when allowing recursion to a restricted range ...)
+CVE-2005-2302
 	{DSA-771-1}
 	- pdns 2.9.18-1 (medium; bug #318798)
-CVE-2005-2301 (PowerDNS before 2.9.18, when running with an LDAP backend, does not ...)
+CVE-2005-2301
 	{DSA-771-1}
 	- pdns 2.9.18-1 (medium; bug #318798)
-CVE-2005-2300 (Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary ...)
+CVE-2005-2300
 	NOT-FOR-US: Skype
-CVE-2005-2299 (Multiple cross-site scripting (XSS) vulnerabilities in Simple Message ...)
+CVE-2005-2299
 	NOT-FOR-US: Simple Message Board
-CVE-2005-2298 (BitDefender Engine 1.6.1 and earlier does not properly scan all ...)
+CVE-2005-2298
 	NOT-FOR-US: BitDefender can be used by AMaViS but is not shipped in Debian
-CVE-2005-2297 (Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 ...)
+CVE-2005-2297
 	NOT-FOR-US: Sybase EAServer
-CVE-2005-2296 (YabbSE 1.5.5c allows remote attackers to obtain sensitive information ...)
+CVE-2005-2296
 	NOT-FOR-US: YabbSE
-CVE-2005-2295 (NetPanzer 0.8 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-2295
 	- netpanzer 0.8+svn20060319-1 (bug #318329; low)
 	[sarge] - netpanzer <no-dsa> (Minor DoS against a game)
-CVE-2005-2294 (Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of ...)
+CVE-2005-2294
 	NOT-FOR-US: Oracle
-CVE-2005-2293 (Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a ...)
+CVE-2005-2293
 	NOT-FOR-US: Oracle
-CVE-2005-2292 (Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords ...)
+CVE-2005-2292
 	NOT-FOR-US: Oracle
-CVE-2005-2291 (Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext ...)
+CVE-2005-2291
 	NOT-FOR-US: Oracle
-CVE-2005-2290 (wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to ...)
+CVE-2005-2290
 	NOT-FOR-US: WPS
-CVE-2005-2289 (PHPCounter 7.2 allows remote attackers to obtain sensitive information ...)
+CVE-2005-2289
 	NOT-FOR-US: PHPCounter
-CVE-2005-2288 (Cross-site scripting (XSS) vulnerability in PHPCounter 7.2 allows ...)
+CVE-2005-2288
 	NOT-FOR-US: PHPCounter
-CVE-2005-2287 (SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a ...)
+CVE-2005-2287
 	NOT-FOR-US: SoftiaCom wMailServer
-CVE-2005-2286 (WebEOC before 6.0.2 does not properly check user authorization, which ...)
+CVE-2005-2286
 	NOT-FOR-US: WebEOC
-CVE-2005-2285 (WebEOC before 6.0.2 stores sensitive information in locations such as ...)
+CVE-2005-2285
 	NOT-FOR-US: WebEOC
-CVE-2005-2284 (Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow ...)
+CVE-2005-2284
 	NOT-FOR-US: WebEOC
-CVE-2005-2283 (WebEOC before 6.0.2 does not properly restrict the size of an uploaded ...)
+CVE-2005-2283
 	NOT-FOR-US: WebEOC
-CVE-2005-2282 (Multiple cross-site scripting (XSS) vulnerabilities in WebEOC before ...)
+CVE-2005-2282
 	NOT-FOR-US: WebEOC
-CVE-2005-2281 (WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which ...)
+CVE-2005-2281
 	NOT-FOR-US: WebEOC
-CVE-2005-2280 (Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a ...)
+CVE-2005-2280
 	NOT-FOR-US: Cisco
-CVE-2005-2279 (Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware ...)
+CVE-2005-2279
 	NOT-FOR-US: Cisco
-CVE-2005-2278 (Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable ...)
+CVE-2005-2278
 	NOT-FOR-US: MailEnable
-CVE-2005-2277 (Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows ...)
+CVE-2005-2277
 	{DSA-762-1}
 	- affix 2.1.2-2 (bug #318328; medium)
-CVE-2005-2276 (Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess ...)
+CVE-2005-2276
 	NOT-FOR-US: Novell Groupwise WebAccess
 CVE-2005-XXXX [SQL injecton vulnerabilities in vpopmail prior to 5.4.6]
 	NOTE: see http://archives.neohapsis.com/archives/bugtraq/2004-08/0286.html
@@ -6256,264 +6256,264 @@ CVE-2005-XXXX [xgalaga score file segfault]
 CVE-2005-XXXX [xemeraldia games file overwrite]
 	- xemeraldia 0.4-1 (bug #319661; low)
 	[sarge] - xemeraldia <no-dsa> (Very minor issue)
-CVE-2005-2335 (Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows ...)
+CVE-2005-2335
 	{DSA-774-1}
 	NOTE: previous fix in -15 was broken
 	- fetchmail 6.2.5-16 (bug #320357; bug #212762; medium)
-CVE-2005-2320 (WebCalendar before 1.0.0 does not properly restrict access to ...)
+CVE-2005-2320
 	{DSA-766-1}
 	- webcalendar 0.9.45-7 (bug #315671; medium)
-CVE-2005-2437 (Website Baker Project does not properly verify the file extensions of ...)
+CVE-2005-2437
 	NOT-FOR-US: Website Baker
 CVE-2005-2275
 	RESERVED
-CVE-2005-2274 (Microsoft Internet Explorer 6.0 does not clearly associate a ...)
+CVE-2005-2274
 	NOT-FOR-US: MSIE
-CVE-2005-2273 (Opera 7.x and 8 before 8.01 does not clearly associate a Javascript ...)
+CVE-2005-2273
 	NOT-FOR-US: Opera
-CVE-2005-2272 (Safari version 2.0 (412) does not clearly associate a Javascript ...)
+CVE-2005-2272
 	NOT-FOR-US: Sfari
-CVE-2005-2271 (iCab 2.9.8 does not clearly associate a Javascript dialog box with the ...)
+CVE-2005-2271
 	NOT-FOR-US: iCab
-CVE-2005-2270 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone ...)
+CVE-2005-2270
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (high)
 	- mozilla 2:1.7.9-1 (bug #318062; bug #325851; high)
 	- mozilla-thunderbird 1.0.6-1 (high)
-CVE-2005-2269 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does ...)
+CVE-2005-2269
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (high)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (medium; bug #318728)
-CVE-2005-2268 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly ...)
+CVE-2005-2268
 	{DSA-810-1 DSA-779-2 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
-CVE-2005-2267 (Firefox before 1.0.5 allows remote attackers to steal information and ...)
+CVE-2005-2267
 	{DSA-779-2 DSA-779-1 DTSA-8-2}
 	- mozilla-firefox 1.0.4-2sarge3 (medium)
-CVE-2005-2266 (Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to ...)
+CVE-2005-2266
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (low; bug #318728)
-CVE-2005-2265 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 ...)
+CVE-2005-2265
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (high)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (medium; bug #318728)
-CVE-2005-2264 (Firefox before 1.0.5 allows remote attackers to steal sensitive ...)
+CVE-2005-2264
 	{DSA-779-2 DSA-779-1 DTSA-8-2}
 	- mozilla-firefox 1.0.4-2sarge3 (medium)
-CVE-2005-2263 (The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla ...)
+CVE-2005-2263
 	{DSA-810-1 DSA-779-2 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
-CVE-2005-2262 (Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers ...)
+CVE-2005-2262
 	{DSA-779-2 DSA-779-1 DTSA-8-2}
 	- mozilla-firefox 1.0.4-2sarge3 (medium)
-CVE-2005-2261 (Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, ...)
+CVE-2005-2261
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (medium; bug #318728)
-CVE-2005-2260 (The browser user interface in Firefox before 1.0.5, Mozilla before ...)
+CVE-2005-2260
 	{DSA-810-1 DSA-779-2 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
-CVE-2005-2259 (The dispallclosed2 function in dispallclosed.pl for multiple USANet ...)
+CVE-2005-2259
 	NOT-FOR-US: USANet
-CVE-2005-2258 (PHP remote file inclusion vulnerability in photolist.inc.php in Squito ...)
+CVE-2005-2258
 	NOT-FOR-US: Squito Gallery
-CVE-2005-2257 (The saveProfile function in PhpSlash 0.8.0 allows remote attackers to ...)
+CVE-2005-2257
 	NOT-FOR-US: PhpSlash
-CVE-2005-2256 (Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 ...)
+CVE-2005-2256
 	{DSA-759-1}
 	- phppgadmin 3.5.4-1 (bug #318284; medium)
-CVE-2005-2255 (Directory traversal vulnerability in PhpAuction 2.5 allows remote ...)
+CVE-2005-2255
 	NOT-FOR-US: PhpAuction
-CVE-2005-2254 (Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5 ...)
+CVE-2005-2254
 	NOT-FOR-US: PhpAuction
-CVE-2005-2253 (SQL injection vulnerability in PhpAuction 2.5 allow remote attackers ...)
+CVE-2005-2253
 	NOT-FOR-US: PhpAuction
-CVE-2005-2252 (PhpAuction 2.5 allows remote attackers to bypass authentication and ...)
+CVE-2005-2252
 	NOT-FOR-US: PhpAuction
-CVE-2005-2251 (PHP remote file inclusion vulnerability in secure.php in ...)
+CVE-2005-2251
 	NOT-FOR-US: PHPSecurePages (phpSP)
-CVE-2005-2250 (Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 ...)
+CVE-2005-2250
 	{DSA-762-1}
 	- affix 2.1.2-2 (bug #318327; medium)
-CVE-2005-2249 (Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact ...)
+CVE-2005-2249
 	NOT-FOR-US: Jinzora
-CVE-2005-2248 (Directory traversal vulnerability in DownloadProtect before 1.0.3 ...)
+CVE-2005-2248
 	NOT-FOR-US: DownloadProtect
-CVE-2005-2247 (Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown ...)
+CVE-2005-2247
 	NOTE: no details available
 	- moodle 1.5.1-1
-CVE-2005-2246 (Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 ...)
+CVE-2005-2246
 	NOT-FOR-US: iPhotoAlbum
-CVE-2005-2245 (Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers ...)
+CVE-2005-2245
 	NOT-FOR-US: BIG-IP
-CVE-2005-2244 (The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and ...)
+CVE-2005-2244
 	NOT-FOR-US: Cisco
-CVE-2005-2243 (Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and ...)
+CVE-2005-2243
 	NOT-FOR-US: Cisco
-CVE-2005-2242 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before ...)
+CVE-2005-2242
 	NOT-FOR-US: Cisco
-CVE-2005-2241 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before ...)
+CVE-2005-2241
 	NOT-FOR-US: Cisco
-CVE-2005-2240 (xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary files ...)
+CVE-2005-2240
 	{DSA-1003-1}
 	- xpvm 1.2.5-8 (bug #318285; medium)
-CVE-2005-2239 (oftpd 0.3.7 allows remote attackers to cause a denial of service via a ...)
+CVE-2005-2239
 	- oftpd 20040304-1 (bug #318286; medium)
 	NOTE: This was fixed in the patch set maintained by Werner Koch, it's included
-CVE-2005-2238 (ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to ...)
+CVE-2005-2238
 	NOT-FOR-US: AIX
-CVE-2005-2237 (Format string vulnerability in the swcons command in IBM AIX 5.3, and ...)
+CVE-2005-2237
 	NOT-FOR-US: AIX
-CVE-2005-2236 (Format string vulnerability in the paginit command in IBM AIX 5.3, and ...)
+CVE-2005-2236
 	NOT-FOR-US: AIX
-CVE-2005-2235 (Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and ...)
+CVE-2005-2235
 	NOT-FOR-US: AIX
-CVE-2005-2234 (Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, ...)
+CVE-2005-2234
 	NOT-FOR-US: AIX
-CVE-2005-2233 (Buffer overflow in multiple &quot;p&quot; commands in IBM AIX 5.1, 5.2 and 5.3 ...)
+CVE-2005-2233
 	NOT-FOR-US: AIX
-CVE-2005-2232 (Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow ...)
+CVE-2005-2232
 	NOT-FOR-US: AIX
-CVE-2005-2231 (High Availability Linux Project Heartbeat 1.2.3 allows local users to ...)
+CVE-2005-2231
 	{DSA-761-2}
 	- heartbeat 1.2.3-12 (bug #318287; medium)
-CVE-2005-2230 (Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the ...)
+CVE-2005-2230
 	- elmo 1.3.0-1.1 (bug #318291; low)
 	[sarge] - elmo <no-dsa> (Minor issue)
-CVE-2005-2229 (Blog Torrent 0.92 and earlier stores sensitive files under the web ...)
+CVE-2005-2229
 	NOT-FOR-US: Blog Torrent
-CVE-2005-2228 (Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message ...)
+CVE-2005-2228
 	NOT-FOR-US: Web Wiz Forums
-CVE-2005-2227 (Softiacom wMailserver 1.0 stores passwords in plaintext in the ...)
+CVE-2005-2227
 	NOT-FOR-US: Softiacom wMailserver
-CVE-2005-2226 (Microsoft Outlook Express 6.0 leaks the default news server account ...)
+CVE-2005-2226
 	NOT-FOR-US: Outlook
-CVE-2005-2225 (Microsoft MSN Messenger allows remote attackers to cause a denial of ...)
+CVE-2005-2225
 	NOT-FOR-US: Microsoft
-CVE-2005-2224 (aspnet_wp.exe in Microsoft ASP.NET web services allows remote ...)
+CVE-2005-2224
 	NOT-FOR-US: Microsoft
-CVE-2005-2223 (Unknown vulnerability in the SMTP service in MailEnable Standard ...)
+CVE-2005-2223
 	NOT-FOR-US: MailEnable
-CVE-2005-2222 (Unknown vulnerability in the HTTPMail service in MailEnable Professional ...)
+CVE-2005-2222
 	NOT-FOR-US: MailEnable
-CVE-2005-2221 (** DISPUTED ** ...)
+CVE-2005-2221
 	NOT-FOR-US: Dragonfly
-CVE-2005-2220 (** DISPUTED ** ...)
+CVE-2005-2220
 	NOT-FOR-US: Dragonfly
-CVE-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to ...)
+CVE-2005-2219
 	NOT-FOR-US: Hosting Controller
-CVE-2005-2218 (The device file system (devfs) in FreeBSD 5.x does not properly check ...)
+CVE-2005-2218
 	- kfreebsd5-source 5.3-17 (medium)
-CVE-2005-2217 (Dansie Shopping Cart stores the vars.dat file under the web root with ...)
+CVE-2005-2217
 	NOT-FOR-US: Dansie Shopping Cart
-CVE-2005-2216 (PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo ...)
+CVE-2005-2216
 	NOT-FOR-US: PhotoGal
-CVE-2005-2215 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x ...)
+CVE-2005-2215
 	- mediawiki 1.4.9
-CVE-2005-2214 (apt-setup in Debian GNU/Linux installs the apt.conf file with insecure ...)
+CVE-2005-2214
 	- apt-setup <unfixed> (bug #305142; unimportant)
 	NOTE: That's by design. We want to provide non-root users access to the source code,
 	NOTE: thus it needs to be world-readable. Also, the password can't be too sensitive
 	NOTE: as it'll be sent non-encrypted over the wire.
-CVE-2005-2213 (Buffer overflow in the mms_interp_header function in mms.c in MMS ...)
+CVE-2005-2213
 	NOT-FOR-US: MMS Ripper
-CVE-2005-2212 (Backup Manager 0.5.8a creates an archive repository with world ...)
+CVE-2005-2212
 	NOTE: duplicate of CVE-2005-1856
 	NOTE: Mitre contacted - micah April 20, 2006
 	NOTE: Mitre re-contacted - micah June 5, 2006
-CVE-2005-2211 (Backup Manager 0.5.8a creates temporary files insecurely, which allows ...)
+CVE-2005-2211
 	NOTE: duplicate of CVE-2005-1855
 	NOTE: Mitre contacted - micah April 20, 2006
 	NOTE: Mitre re-contacted - micah June 5, 2006
-CVE-2005-2210 (Stack-based buffer overflow in Internet Download Manager 4.05 allows ...)
+CVE-2005-2210
 	NOT-FOR-US: Internet Download Manager
-CVE-2005-2209 (Capturix ScanShare 1.06 build 50 stores sensitive information such as ...)
+CVE-2005-2209
 	NOT-FOR-US: ScanShare
-CVE-2005-2208 (PrivaShare 1.1b allows remote attackers to cause a denial of service ...)
+CVE-2005-2208
 	NOT-FOR-US: PrivaShare
-CVE-2005-2207 (Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ ...)
+CVE-2005-2207
 	NOT-FOR-US: CartWIZ
-CVE-2005-2206 (Multiple SQL injection vulnerabilities in CartWIZ allow remote ...)
+CVE-2005-2206
 	NOT-FOR-US: CartWIZ
-CVE-2005-2205 (The ReadLog function in kaiseki.cgi in pngren allows remote attackers ...)
+CVE-2005-2205
 	NOT-FOR-US: kaiseki.cgi
-CVE-2005-2204 (Cross-site scripting (XSS) vulnerability in Computer Associates (CA) ...)
+CVE-2005-2204
 	NOT-FOR-US: SiteMinder
-CVE-2005-2203 (login.php in phpWishlist before 0.1.15 allows remote attackers to ...)
+CVE-2005-2203
 	NOT-FOR-US: phpWishlist
-CVE-2005-2202 (Cross-site scripting (XSS) vulnerability in the MicroServer Web Server ...)
+CVE-2005-2202
 	NOT-FOR-US: Xerox Hardware issue
-CVE-2005-2201 (Unknown vulnerability in the MicroServer Web Server for Xerox ...)
+CVE-2005-2201
 	NOT-FOR-US: Xerox hardware
-CVE-2005-2200 (Multiple unknown vulnerabilities in the MicroServer Web Server for ...)
+CVE-2005-2200
 	NOT-FOR-US: Xerox hardware
-CVE-2005-2199 (PHP remote file inclusion vulnerability in inc/functions.inc.php in ...)
+CVE-2005-2199
 	NOT-FOR-US: PPA web photo gallery
-CVE-2005-2198 (PHP remote file inclusion vulnerability in lang.php in SPiD before ...)
+CVE-2005-2198
 	NOT-FOR-US: SPiD
-CVE-2005-2197 (SQL injection vulnerability in sql.cls.php in Id Board 1.1.3 allows ...)
+CVE-2005-2197
 	NOT-FOR-US: Id Board
-CVE-2005-2196 (The Apple AirPort card uses a default WEP key when not connected to a ...)
+CVE-2005-2196
 	NOT-FOR-US: Apple Airport
-CVE-2005-2195 (Apple Darwin Streaming Server 5.5 and earlier allows remote attackers ...)
+CVE-2005-2195
 	NOT-FOR-US: Apple Darwin Streaming Server
-CVE-2005-2194 (Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 ...)
+CVE-2005-2194
 	NOT-FOR-US: Apple
-CVE-2005-2193 (SQL injection vulnerability in the user profile edit module in ...)
+CVE-2005-2193
 	NOT-FOR-US: PunBB
-CVE-2005-2192 (SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with ...)
+CVE-2005-2192
 	NOT-FOR-US: SimplePHPBlog
-CVE-2005-2191 (Multiple cross-site scripting (XSS) vulnerabilities in Comersus ...)
+CVE-2005-2191
 	NOT-FOR-US: Comersus
-CVE-2005-2190 (Multiple SQL injection vulnerabilities in Comersus shopping cart allow ...)
+CVE-2005-2190
 	NOT-FOR-US: Comersus
-CVE-2005-2189 (Lantronix SecureLinx console server running firmware 2.0 and 3.0 ...)
+CVE-2005-2189
 	NOT-FOR-US: Lantronix SecureLinx
-CVE-2005-2188 (McAfee IntruShield Security Management System obtains the user ID from ...)
+CVE-2005-2188
 	NOT-FOR-US: McAfee IntruShield
-CVE-2005-2187 (McAfee IntruShield Security Management System allows remote ...)
+CVE-2005-2187
 	NOT-FOR-US: McAfee IntruShield
-CVE-2005-2186 (Multiple cross-site scripting (XSS) vulnerabilities in McAfee ...)
+CVE-2005-2186
 	NOT-FOR-US: McAfee IntruShield
-CVE-2005-2185 (eRoom does not set an expiration for Cookies, which allows remote ...)
+CVE-2005-2185
 	NOT-FOR-US: eRoom
-CVE-2005-2184 (eRoom 6.x does not properly restrict files that can be attached, which ...)
+CVE-2005-2184
 	NOT-FOR-US: eRoom
-CVE-2005-2183 (class.xmail.php in PhpXmail 0.7 through 1.1 does not properly handle ...)
+CVE-2005-2183
 	NOT-FOR-US: PhpXmail
-CVE-2005-2182 (Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not ...)
+CVE-2005-2182
 	NOT-FOR-US: PhpXmail
-CVE-2005-2181 (Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the ...)
+CVE-2005-2181
 	NOT-FOR-US: SIP phone hardware issue
-CVE-2005-2180 (gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when ...)
+CVE-2005-2180
 	- gnats 4.0 (bug #318481; high)
-CVE-2005-2179 (PHP remote file inclusion vulnerability in BlogModel.php in Jaws 0.5.2 ...)
+CVE-2005-2179
 	NOT-FOR-US: Jaws
-CVE-2005-2178 (probe.cgi allows remote attackers to execute arbitrary commands via ...)
+CVE-2005-2178
 	NOTE: How bizarre, they assign a CVE Id without knowing which product contains
 	NOTE: the affected probe.cgi
-CVE-2005-2177 (Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when ...)
+CVE-2005-2177
 	{DSA-873-1}
 	- net-snmp 5.2.1.2-1 (bug #318420; low)
 	- ucd-snmp 4.2.5-5.1 (bug #337394; low)
 	[sarge] - ucd-snmp <no-dsa> (Minor issue)
-CVE-2005-2176 (Novell NetMail automatically processes HTML in an attachment without ...)
+CVE-2005-2176
 	NOT-FOR-US: Novell NetMail
-CVE-2005-2175 (The web interface for Lotus Notes mail automatically processes HTML in ...)
+CVE-2005-2175
 	NOT-FOR-US: Notes
-CVE-2005-2174 (Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 ...)
+CVE-2005-2174
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	- bugzilla 2.18.3-1 (low)
-CVE-2005-2173 (The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to ...)
+CVE-2005-2173
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	- bugzilla 2.18.3-1 (low)
@@ -6521,91 +6521,91 @@ CVE-2005-2172
 	RESERVED
 CVE-2005-2171
 	RESERVED
-CVE-2005-2170 (The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint ...)
+CVE-2005-2170
 	NOT-FOR-US: Tivoli
 CVE-2005-2348
 	REJECTED
-CVE-2005-2169 (Directory traversal vulnerability in source.php in Quick &amp; Dirty ...)
+CVE-2005-2169
 	NOT-FOR-US: PHPSource Printer
-CVE-2005-2168 (delete.php in Plague News System 0.6 and earlier allows remote ...)
+CVE-2005-2168
 	NOT-FOR-US: Plague
-CVE-2005-2167 (Cross-site scripting (XSS) vulnerability in index.php in Plague News ...)
+CVE-2005-2167
 	NOT-FOR-US: Plague
-CVE-2005-2166 (SQL injection vulnerability in index.php in Plague News System 0.6 and ...)
+CVE-2005-2166
 	NOT-FOR-US: Plague
-CVE-2005-2165 (read.cgi in GlobalNoteScript allows remote attackers to execute ...)
+CVE-2005-2165
 	NOT-FOR-US: GlobalNoteScript
-CVE-2005-2164 (SQL injection vulnerability in Covide Groupware-CRM allows remote ...)
+CVE-2005-2164
 	NOT-FOR-US: Covide
-CVE-2005-2163 (Cross-site scripting (XSS) vulnerability in index.php in AutoIndex PHP ...)
+CVE-2005-2163
 	NOT-FOR-US: AutoIndex PHP Script
-CVE-2005-2162 (PHP remote file inclusion vulnerability in form.inc.php3 in ...)
+CVE-2005-2162
 	NOT-FOR-US: MyGuestbook
-CVE-2005-2161 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote ...)
+CVE-2005-2161
 	{DSA-768-1}
 	- phpbb2 2.0.13+1-6sarge1 (bug #317739; high)
-CVE-2005-2160 (IMail stores usernames and passwords in cleartext in a cookie, which ...)
+CVE-2005-2160
 	NOT-FOR-US: IMail
-CVE-2005-2159 (mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote ...)
+CVE-2005-2159
 	NOT-FOR-US: PlanetDNS
-CVE-2005-2158 (A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows ...)
+CVE-2005-2158
 	NOT-FOR-US: JBoss
-CVE-2005-2157 (PHP remote file inclusion vulnerability in survey.inc.php for nabopoll ...)
+CVE-2005-2157
 	NOT-FOR-US: nabopoll
-CVE-2005-2156 (SQL injection vulnerability in news.php in PHPNews 1.2.5 allows remote ...)
+CVE-2005-2156
 	NOT-FOR-US: PHPNews
-CVE-2005-2155 (PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and ...)
+CVE-2005-2155
 	NOT-FOR-US: EasyPHPCalender
-CVE-2005-2154 (PHP local file inclusion vulnerability in (1) view.php and (2) ...)
+CVE-2005-2154
 	NOT-FOR-US: osTicket
-CVE-2005-2153 (SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta ...)
+CVE-2005-2153
 	NOT-FOR-US: osTicket
-CVE-2005-2152 (SQL injection vulnerability in Geeklog before 1.3.11 allows remote ...)
+CVE-2005-2152
 	NOT-FOR-US: Geeklog
-CVE-2005-2151 (spf.c in Courier Mail Server does not properly handle DNS failures ...)
+CVE-2005-2151
 	{DSA-784-1}
 	- courier 0.47-6 (bug #320290; low)
-CVE-2005-2150 (Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does ...)
+CVE-2005-2150
 	NOT-FOR-US: Microsoft
-CVE-2005-2149 (config.php in Cacti 0.8.6e and earlier allows remote attackers to set ...)
+CVE-2005-2149
 	{DSA-764-1}
 	- cacti 0.8.6f-1 (bug #316590; high)
-CVE-2005-2148 (Cacti 0.8.6e and earlier does not perform proper input validation to ...)
+CVE-2005-2148
 	{DSA-764-1}
 	- cacti 0.8.6f-1 (bug #316590; high)
-CVE-2005-2147 (Trac before 0.8.4 allows remote attackers to read or upload arbitrary ...)
+CVE-2005-2147
 	{DSA-739-1}
 	- trac 0.8.4-1
 	[sarge] - trac 0.8.1-3sarge1
-CVE-2005-2146 (SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows ...)
+CVE-2005-2146
 	NOT-FOR-US: SSH Tectia Server
-CVE-2005-2145 (The kernel driver in Prevx Pro 2005 1.0 does not verify the source of ...)
+CVE-2005-2145
 	NOT-FOR-US: Prevx Pro
-CVE-2005-2144 (Prevx Pro 2005 1.0 allows local users to bypass file protection and ...)
+CVE-2005-2144
 	NOT-FOR-US: Prevx Pro
-CVE-2005-2143 (Microsoft Front Page allows attackers to cause a denial of service ...)
+CVE-2005-2143
 	NOT-FOR-US: Microsoft
-CVE-2005-2142 (Directory traversal vulnerability in Golden FTP Server 2.60 allows ...)
+CVE-2005-2142
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-2141 (TCP Chat 1.0 allows remote attackers to cause a denial of service ...)
+CVE-2005-2141
 	NOT-FOR-US: TCP Chat
-CVE-2005-2140 (Directory traversal vulnerability in default.asp for FSboard 2.0 ...)
+CVE-2005-2140
 	NOT-FOR-US: FSboard
-CVE-2005-2139 (PHP remote file inclusion vulnerability in user_check.php for Pavsta ...)
+CVE-2005-2139
 	NOT-FOR-US: Pavsta
-CVE-2005-2138 (Cross-site scripting (XSS) vulnerability in index.php in Comdev ...)
+CVE-2005-2138
 	NOT-FOR-US: Comdev eCommerce
-CVE-2005-2137 (Unknown vulnerability in NateOn Messenger 3.0 allows remote attackers ...)
+CVE-2005-2137
 	NOT-FOR-US: NateOn Messenger
-CVE-2005-2136 (Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, ...)
+CVE-2005-2136
 	NOT-FOR-US: Raritan Dominion SX
-CVE-2005-2135 (SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz ...)
+CVE-2005-2135
 	NOT-FOR-US: EtoShop
-CVE-2005-2134 (The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow ...)
+CVE-2005-2134
 	NOT-FOR-US: NetBSD
 CVE-2005-2133
 	REJECTED
-CVE-2005-2132 (RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and ...)
+CVE-2005-2132
 	NOT-FOR-US: SCO UnixWare
 CVE-2005-2131
 	RESERVED
@@ -6613,80 +6613,80 @@ CVE-2005-2130
 	RESERVED
 CVE-2005-2129
 	RESERVED
-CVE-2005-2128 (QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers ...)
+CVE-2005-2128
 	NOT-FOR-US: Windows
-CVE-2005-2127 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers ...)
+CVE-2005-2127
 	NOT-FOR-US: Windows
-CVE-2005-2126 (The FTP client in Windows XP SP1 and Server 2003, and Internet ...)
+CVE-2005-2126
 	NOT-FOR-US: Windows
 CVE-2005-2125
 	RESERVED
-CVE-2005-2124 (Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) ...)
+CVE-2005-2124
 	NOT-FOR-US: Windows
-CVE-2005-2123 (Multiple integer overflows in the Graphics Rendering Engine ...)
+CVE-2005-2123
 	NOT-FOR-US: Windows
-CVE-2005-2122 (Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and ...)
+CVE-2005-2122
 	NOT-FOR-US: Windows
 CVE-2005-2121
 	RESERVED
-CVE-2005-2120 (Stack-based buffer overflow in the Plug and Play (PnP) service ...)
+CVE-2005-2120
 	NOT-FOR-US: Windows
-CVE-2005-2119 (The MIDL_user_allocate function in the Microsoft Distributed ...)
+CVE-2005-2119
 	NOT-FOR-US: Microsoft
-CVE-2005-2118 (Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and ...)
+CVE-2005-2118
 	NOT-FOR-US: Windows
-CVE-2005-2117 (Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and ...)
+CVE-2005-2117
 	NOT-FOR-US: Windows
 CVE-2005-2116
 	REJECTED
-CVE-2005-2115 (Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause ...)
+CVE-2005-2115
 	NOT-FOR-US: Soldier of Fortune
-CVE-2005-2114 (Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and ...)
+CVE-2005-2114
 	NOTE: cannot reproduce with firefox 1.0.5-1 and Sarge's Mozilla using POC exploits
 	[sarge] - mozilla <not-affected> (Unreproducible)
 	- mozilla 2:1.7.10-1 (bug #318723; medium)
-CVE-2005-2113 (SQL injection vulnerability in the loginUser function in the XMLRPC ...)
+CVE-2005-2113
 	NOT-FOR-US: Xoops
-CVE-2005-2112 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 ...)
+CVE-2005-2112
 	NOT-FOR-US: Xoops
-CVE-2005-2111 (login.cgi in Community Link Pro Web Editor allows remote attackers to ...)
+CVE-2005-2111
 	NOT-FOR-US: Community Link Pro Web Editor
-CVE-2005-2110 (WordPress 1.5.1.2 and earlier allows remote attackers to obtain ...)
+CVE-2005-2110
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2109 (wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers ...)
+CVE-2005-2109
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2108 (SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and ...)
+CVE-2005-2108
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2107 (Multiple cross-site scripting (XSS) vulnerabilities in post.php in ...)
+CVE-2005-2107
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2106 (Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 ...)
+CVE-2005-2106
 	{DSA-745-1}
 	- drupal 4.5.4-1 (bug #316362)
-CVE-2005-2105 (Cisco IOS 12.2T through 12.4 allows remote attackers to bypass ...)
+CVE-2005-2105
 	NOT-FOR-US: IOS
-CVE-2005-2104 (sysreport before 1.3.7 allows local users to obtain sensitive ...)
+CVE-2005-2104
 	NOT-FOR-US: sysreport
-CVE-2005-2103 (Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows ...)
+CVE-2005-2103
 	{DTSA-5-1}
 	- gaim 1:1.4.0-5 (high; bug #323706)
-CVE-2005-2102 (The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to ...)
+CVE-2005-2102
 	{DTSA-5-1}
 	- gaim 1:1.4.0-5 (medium; bug #323706)
-CVE-2005-2101 (langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in ...)
+CVE-2005-2101
 	{DSA-818-1}
 	- kdeedu 4:3.4.2-1 (low)
-CVE-2005-2100 (The rw_vm function in usercopy.c in the 4GB split patch for the Linux ...)
+CVE-2005-2100
 	- linux-2.6 <not-affected> (Red Hat specific according to Horms)
 	- kernel-source-2.4.27 <not-affected> (Red Hat specific according to Horms)
-CVE-2005-2099 (The Linux kernel before 2.6.12.5 does not properly destroy a keyring ...)
+CVE-2005-2099
 	{DTSA-16-1}
 	NOTE: 2.6.8 and 2.4.27 not affected
 	- linux-2.6 2.6.12-3 (bug #323039; medium)
-CVE-2005-2098 (The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before ...)
+CVE-2005-2098
 	{DTSA-16-1}
 	NOTE: 2.6.8 and 2.4.27 not affected
 	- linux-2.6 2.6.12-3 (bug #323039; medium)
-CVE-2005-2097 (xpdf and kpdf do not properly validate the &quot;loca&quot; table in PDF files, ...)
+CVE-2005-2097
 	{DSA-1136-1 DSA-984-1 DSA-982-1 DSA-936-1 DSA-780-1 DTSA-28-1}
 	- kdegraphics 4:3.4.2-1 (bug #322458; low)
 	- xpdf 3.00-15 (bug #322462; low)
@@ -6701,7 +6701,7 @@ CVE-2005-2097 (xpdf and kpdf do not properly validate the &quot;loca&quot; table
 	[woody] - cupsys <not-affected> (Vulnerable code not present)
 	- poppler 0.4.0-1 (low)
 	- libextractor 0.5.8-1 (medium)
-CVE-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a denial ...)
+CVE-2005-2096
 	{DSA-1026-1 DSA-797-2 DSA-797-1 DSA-740-1}
 	NOTE: Several packages ship embedded copies of zlib, there are a lot probably more
 	NOTE: Florian Weimer is doing a comprehensive audit using clamav
@@ -6748,384 +6748,384 @@ CVE-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a de
 	- rsync <not-affected> (Uses zlib 1.1, which is not affected)
 	NOTE: rsync upstream updated the internal zlib copy in 2.6.6 without real need,
 	NOTE: as the included version was never affected, despite claiming them so.
-CVE-2005-2095 (options_identities.php in SquirrelMail 1.4.4 and earlier uses the ...)
+CVE-2005-2095
 	{DSA-756-1}
 	- squirrelmail 2:1.4.4-6sarge1 (bug #317094)
-CVE-2005-2094 (Sun SunONE web server 6.1 SP1 allows remote attackers to poison the ...)
+CVE-2005-2094
 	NOT-FOR-US: Sun
-CVE-2005-2093 (Oracle 9i Application Server (Oracle9iAS) 9.0.2 allows remote ...)
+CVE-2005-2093
 	NOT-FOR-US: Oracle
-CVE-2005-2092 (BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web ...)
+CVE-2005-2092
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-2091 (IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison ...)
+CVE-2005-2091
 	NOT-FOR-US: Websphere
-CVE-2005-2090 (Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) ...)
+CVE-2005-2090
 	- tomcat4 4.1.28-1
 	NOTE: tomcat5 in experimental has this fix as well
-CVE-2005-2089 (Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web ...)
+CVE-2005-2089
 	NOT-FOR-US: Microsoft
-CVE-2005-2088 (The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when ...)
+CVE-2005-2088
 	{DSA-805-1 DSA-803-1}
 	- apache 1.3.33-8 (bug #322607; medium)
 	- apache2 2.0.54-5 (bug #316173; medium)
-CVE-2005-2087 (Internet Explorer 5.01 SP4 up to 6 on various Windows operating ...)
+CVE-2005-2087
 	NOT-FOR-US: Microsoft
-CVE-2005-2086 (PHP remote file inclusion vulnerability in viewtopic.php in phpBB ...)
+CVE-2005-2086
 	- phpbb2 <not-affected> (phpbb versions in Debian not affected)
-CVE-2005-2085 (Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 ...)
+CVE-2005-2085
 	NOT-FOR-US: Inframail
-CVE-2005-2084 (Cross-site scripting (XSS) vulnerability in SearchResults.aspx in ...)
+CVE-2005-2084
 	NOT-FOR-US: Community Forum
-CVE-2005-2083 (Format string vulnerability in IMAP4 in IA eMailServer Corporate ...)
+CVE-2005-2083
 	NOT-FOR-US: IA eMailServer
-CVE-2005-2082 (im_trbbs.cgi in imTRSET 1.02 and earlier allows remote attackers to ...)
+CVE-2005-2082
 	NOT-FOR-US: imTRSET
-CVE-2005-2081 (Stack-based buffer overflow in the function that parses commands in ...)
+CVE-2005-2081
 	- asterisk 1:1.0.9.dfsg-1 (bug #315532; unimportant)
 	NOTE: Can only be exploited by users who already have the privilege to execute arbitrary commands
-CVE-2005-2080 (Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in ...)
+CVE-2005-2080
 	NOT-FOR-US: Veritas Backup
-CVE-2005-2079 (Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS ...)
+CVE-2005-2079
 	NOT-FOR-US: Veritas Backup
-CVE-2005-1932 (Lpanel 1.59 and earlier, and other versions before 1.597, allows ...)
+CVE-2005-1932
 	NOT-FOR-US: Lpanel
-CVE-2005-1931 (GoodTech SMTP Server 5.14 allows remote attackers to cause a denial of ...)
+CVE-2005-1931
 	NOT-FOR-US: GoodTech SMTP Server
-CVE-2005-2078 (BisonFTP Server V4R1 allows remote authenticated users to cause a ...)
+CVE-2005-2078
 	NOT-FOR-US: BisonFTP Server
-CVE-2005-2077 (Cross-site scripting (XSS) vulnerability in error.asp for Hosting ...)
+CVE-2005-2077
 	NOT-FOR-US: Hosting Controller
-CVE-2005-2076 (HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not ...)
+CVE-2005-2076
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2005-2075 (PHP-Fusion 5.0 and 6.0 stores the database file with a predictable ...)
+CVE-2005-2075
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2074 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.0.105 allows ...)
+CVE-2005-2074
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2073 (Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through ...)
+CVE-2005-2073
 	NOT-FOR-US: DB2
-CVE-2005-2072 (The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT ...)
+CVE-2005-2072
 	NOT-FOR-US: Solaris
-CVE-2005-2071 (traceroute in Sun Solaris 10 on x86 systems allows local users to ...)
+CVE-2005-2071
 	NOT-FOR-US: Solaris
-CVE-2005-2070 (The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used ...)
+CVE-2005-2070
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1 (bug #318755; medium)
-CVE-2005-2069 (pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a ...)
+CVE-2005-2069
 	{DSA-785-1}
 	- openldap2.2 2.2.26-3 (bug #316674; medium)
 	- openldap2 2.1.30-11 (medium)
 	- libpam-ldap 178-1sarge1 (bug #316972; medium)
 	- libnss-ldap 238-1.1 (bug #316973; medium)
-CVE-2005-2068 (FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers ...)
+CVE-2005-2068
 	- kfreebsd-source <unfixed>
-CVE-2005-2067 (SQL injection vulnerability in article.asp in unknown versions of ...)
+CVE-2005-2067
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2066 (SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 ...)
+CVE-2005-2066
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2065 (HTTP response splitting vulnerability in language_select.asp in ASP ...)
+CVE-2005-2065
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2064 (Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow ...)
+CVE-2005-2064
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2063 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-2063
 	NOT-FOR-US: ActiveBuyAndSell
-CVE-2005-2062 (Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow ...)
+CVE-2005-2062
 	NOT-FOR-US: ActiveBuyAndSell
-CVE-2005-2061 (Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include ...)
+CVE-2005-2061
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2060 (Multiple HTTP Response Splitting vulnerabilities in (1) ...)
+CVE-2005-2060
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2059 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) ...)
+CVE-2005-2059
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2058 (Multiple SQL injection vulnerabilities in Infopop UBB.Threads before ...)
+CVE-2005-2058
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2057 (Multiple cross-site scripting (XSS) vulnerabilities in Infopop ...)
+CVE-2005-2057
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2056 (The Quantum archive decompressor in Clam AntiVirus (ClamAV) before ...)
+CVE-2005-2056
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (bug #318756; medium)
-CVE-2005-2055 (RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne ...)
+CVE-2005-2055
 	NOT-FOR-US: Affected only Real Player, not Helix Player
 	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
-CVE-2005-2054 (Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and ...)
+CVE-2005-2054
 	NOT-FOR-US: Real Player
 	NOTE: This didn't affected Helix, although the changelog claimed so, see
 	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
-CVE-2005-2053 (Just another flat file (JAF) CMS before 3.0 Final allows remote ...)
+CVE-2005-2053
 	NOT-FOR-US: JAF CMS
-CVE-2005-2052 (Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 ...)
+CVE-2005-2052
 	NOT-FOR-US: Real Player
 	NOTE: This didn't affected Helix, although the changelog claimed so, see
 	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
-CVE-2005-2051 (Buffer overflow in the VERITAS Backup Exec Web Administration Console ...)
+CVE-2005-2051
 	NOT-FOR-US: BEWAC
-CVE-2005-2050 (Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers ...)
+CVE-2005-2050
 	- tor 0.0.9.10-1 (medium)
-CVE-2005-2049 (Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow ...)
+CVE-2005-2049
 	NOT-FOR-US: Duware
-CVE-2005-2048 (Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and ...)
+CVE-2005-2048
 	NOT-FOR-US: Duware
-CVE-2005-2047 (Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 ...)
+CVE-2005-2047
 	NOT-FOR-US: Duware
-CVE-2005-2046 (Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and ...)
+CVE-2005-2046
 	NOT-FOR-US: Duware
-CVE-2005-2045 (Multiple SQL injection vulnerabilities in DUware DUportal PRO 3.4.3 ...)
+CVE-2005-2045
 	NOT-FOR-US: Duware
-CVE-2005-2044 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 ...)
+CVE-2005-2044
 	NOT-FOR-US: ATutor
-CVE-2005-2043 (Directory traversal vulnerability in XAMPP before 1.4.14 allows remote ...)
+CVE-2005-2043
 	NOT-FOR-US: XAMPP
-CVE-2005-2042 (Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 ...)
+CVE-2005-2042
 	NOT-FOR-US: ajax-spell
-CVE-2005-2041 (Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other ...)
+CVE-2005-2041
 	NOT-FOR-US: ViRobot
-CVE-2005-2040 (Multiple buffer overflows in the getterminaltype function in telnetd ...)
+CVE-2005-2040
 	{DSA-758-1}
 	- heimdal 0.6.3-11 (bug #315065; bug #315086; high)
-CVE-2005-2039 (Unknown vulnerability in &quot;various plugins&quot; for NanoBlogger 3.2.1 and ...)
+CVE-2005-2039
 	- nanoblogger <not-affected> (3.1 version in Debian was not affected by this vulnerability, see #315492)
-CVE-2005-2038 (Fortibus CMS 4.0.0 allows remote attackers to modify information of ...)
+CVE-2005-2038
 	NOT-FOR-US: Fortibus CMS
-CVE-2005-2037 (Multiple SQL injection vulnerabilities in Fortibus CMS 4.0.0 allow ...)
+CVE-2005-2037
 	NOT-FOR-US: Fortibus CMS
-CVE-2005-2036 (modifyUser.asp in Cool Cafe (Cool Caf&#233;) Chat 1.2.1 allows remote ...)
+CVE-2005-2036
 	NOT-FOR-US: Cool Cafe Chat
-CVE-2005-2035 (SQL injection vulnerability in login.asp for Cool Cafe (Cool Caf&#233;) ...)
+CVE-2005-2035
 	NOT-FOR-US: Cool Cafe Chat
-CVE-2005-2034 (Cross-site scripting (XSS) vulnerability in folderview.asp for ...)
+CVE-2005-2034
 	NOT-FOR-US: iGallery
-CVE-2005-2033 (Directory traversal vulnerability in folderview.asp for Blue-Collar ...)
+CVE-2005-2033
 	NOT-FOR-US: iGallery
-CVE-2005-2032 (Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows ...)
+CVE-2005-2032
 	NOT-FOR-US: Solaris
-CVE-2005-2031 (Multiple SQL injection vulnerabilities in socialMPN allow remote ...)
+CVE-2005-2031
 	NOT-FOR-US: socialMPN
-CVE-2005-2030 (Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords ...)
+CVE-2005-2030
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2029 (amaroK Web Frontend 1.3 stores the globals.inc file under the web root ...)
+CVE-2005-2029
 	NOT-FOR-US: external script that allow interaction between amarok and a browser
-CVE-2005-2028 (SQL injection vulnerability in index.php for MercuryBoard 1.1.4 and ...)
+CVE-2005-2028
 	NOT-FOR-US: MercuryBoard
-CVE-2005-2027 (Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does ...)
+CVE-2005-2027
 	NOT-FOR-US: Enterasys hardware issue
-CVE-2005-2026 (Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a ...)
+CVE-2005-2026
 	NOT-FOR-US: Enterasys hardware issue
-CVE-2005-2025 (Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to ...)
+CVE-2005-2025
 	NOT-FOR-US: Cisco
-CVE-2005-2024 (Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers ...)
+CVE-2005-2024
 	{DSA-738-1}
 	NOTE: varying and apparently innacurate info about what versions fix it
 	- razor 2.720-1 (low)
-CVE-2005-2023 (The send_pinentry_environment function in asshelp.c in gpg2 on SUSE ...)
+CVE-2005-2023
 	- gnupg2 1.9.15-1
-CVE-2005-2022 (Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch ...)
+CVE-2005-2022
 	NOT-FOR-US: iPlanet
-CVE-2005-2021 (Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier ...)
+CVE-2005-2021
 	NOT-FOR-US: cPanel
-CVE-2005-2020 (Directory traversal vulnerability in the web server for 3Com Network ...)
+CVE-2005-2020
 	NOT-FOR-US: 3com Network Supervisor
-CVE-2005-2019 (ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) ...)
+CVE-2005-2019
 	NOT-FOR-US: FreeBSD ipfw
 CVE-2005-2018
 	RESERVED
-CVE-2005-2017 (Symantec AntiVirus 9 Corporate Edition allows local users to gain ...)
+CVE-2005-2017
 	NOT-FOR-US: Symantec AntiVirus
 CVE-2005-2016
 	RESERVED
 CVE-2005-2015
 	RESERVED
-CVE-2005-2014 (The &quot;upload a language pack&quot; feature in paFAQ 1.0 Beta 4 allows remote ...)
+CVE-2005-2014
 	NOT-FOR-US: paFAQ
-CVE-2005-2013 (paFAQ 1.0 Beta 4 allows remote attackers to obtain sensitive ...)
+CVE-2005-2013
 	NOT-FOR-US: paFAQ
-CVE-2005-2012 (Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 ...)
+CVE-2005-2012
 	NOT-FOR-US: paFAQ
-CVE-2005-2011 (Multiple cross-site scripting (XSS) vulnerabilities in paFAQ 1.0 Beta ...)
+CVE-2005-2011
 	NOT-FOR-US: paFAQ
-CVE-2005-2010 (Cross-site scripting (XSS) vulnerability in trackback.asp in Ublog ...)
+CVE-2005-2010
 	NOT-FOR-US: Ublog Reload
-CVE-2005-2009 (Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow ...)
+CVE-2005-2009
 	NOT-FOR-US: Ublog Reload
-CVE-2005-2008 (Yaws Webserver 1.55 and earlier allows remote attackers to obtain the ...)
+CVE-2005-2008
 	- yaws 1.56-1 (low)
-CVE-2005-2007 (Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier ...)
+CVE-2005-2007
 	- trac 0.8.4-1 (bug #315145)
 	[sarge] - trac 0.8.1-3sarge1
-CVE-2005-2006 (JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain ...)
+CVE-2005-2006
 	NOT-FOR-US: JBOSS
-CVE-2005-2005 (Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat ...)
+CVE-2005-2005
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2004 (Multiple cross-site scripting vulnerabilities in Ultimate PHP Board ...)
+CVE-2005-2004
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2003 (Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain ...)
+CVE-2005-2003
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2002 (SQL injection vulnerability in content.php in Mambo 4.5.2.2 and ...)
+CVE-2005-2002
 	NOT-FOR-US: Mambo
-CVE-2005-2001 (Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and ...)
+CVE-2005-2001
 	NOT-FOR-US: paFileDB
-CVE-2005-2000 (Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier ...)
+CVE-2005-2000
 	NOT-FOR-US: paFileDB
-CVE-2005-1999 (Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in ...)
+CVE-2005-1999
 	NOT-FOR-US: paFileDB
-CVE-2005-1998 (Directory traversal vulnerability in admin.php in McGallery 1.1 allows ...)
+CVE-2005-1998
 	NOT-FOR-US: McGallery
-CVE-2005-1997 (show.php in McGallery 1.1 allows remote attackers to connect to ...)
+CVE-2005-1997
 	NOT-FOR-US: McGallery
-CVE-2005-1996 (PHP remote file inclusion vulnerability in start.php in Bitrix Site ...)
+CVE-2005-1996
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2005-1995 (Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive ...)
+CVE-2005-1995
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2005-1994 (Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download ...)
+CVE-2005-1994
 	NOT-FOR-US: Finjan SurfinGate
-CVE-2005-1993 (Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL ...)
+CVE-2005-1993
 	{DSA-735-2 DSA-735-1}
 	- sudo 1.6.8p9-1 (bug #315718; bug #315115; medium)
-CVE-2005-1992 (The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets ...)
+CVE-2005-1992
 	{DSA-748-1}
 	- ruby1.8 1.8.2-8 (bug #315064; medium)
 	- ruby1.9 1.9.0+20050623-1 (bug #315064; medium)
 CVE-2005-1991
 	RESERVED
-CVE-2005-1990 (Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a ...)
+CVE-2005-1990
 	NOT-FOR-US: MSIE
-CVE-2005-1989 (Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows ...)
+CVE-2005-1989
 	NOT-FOR-US: MSIE
-CVE-2005-1988 (Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows ...)
+CVE-2005-1988
 	NOT-FOR-US: MSIE
-CVE-2005-1987 (Buffer overflow in Collaboration Data Objects (CDO), as used in ...)
+CVE-2005-1987
 	NOT-FOR-US: Microsoft
 CVE-2005-1986
 	RESERVED
-CVE-2005-1985 (The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, ...)
+CVE-2005-1985
 	NOT-FOR-US: Microsoft
-CVE-2005-1984 (Buffer overflow in the Print Spooler service (Spoolsv.exe) for ...)
+CVE-2005-1984
 	NOT-FOR-US: Spoolsv.exe
-CVE-2005-1983 (Stack-based buffer overflow in the Plug and Play (PnP) service for ...)
+CVE-2005-1983
 	NOT-FOR-US: Microsoft
-CVE-2005-1982 (Unknown vulnerability in the PKINIT Protocol for Microsoft Windows ...)
+CVE-2005-1982
 	NOT-FOR-US: Microsoft
-CVE-2005-1981 (Unknown vulnerability in Microsoft Windows 2000 Server and Windows ...)
+CVE-2005-1981
 	NOT-FOR-US: Microsoft
-CVE-2005-1980 (Distributed Transaction Controller in Microsoft Windows allows remote ...)
+CVE-2005-1980
 	NOT-FOR-US: Microsoft
-CVE-2005-1979 (Distributed Transaction Controller in Microsoft Windows allows remote ...)
+CVE-2005-1979
 	NOT-FOR-US: Microsoft
-CVE-2005-1978 (COM+ in Microsoft Windows does not properly &quot;create and use memory ...)
+CVE-2005-1978
 	NOT-FOR-US: Microsoft
 CVE-2005-1977
 	RESERVED
-CVE-2005-1976 (Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets ...)
+CVE-2005-1976
 	NOT-FOR-US: Novell NetMail
-CVE-2005-1975 (Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two ...)
+CVE-2005-1975
 	NOT-FOR-US: Annuaire
-CVE-2005-1974 (Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) ...)
+CVE-2005-1974
 	NOT-FOR-US: Sun Java
-CVE-2005-1973 (Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 ...)
+CVE-2005-1973
 	NOT-FOR-US: Sun Java
-CVE-2005-1972 (Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 ...)
+CVE-2005-1972
 	NOT-FOR-US: InteractivePHP FusionBB
-CVE-2005-1971 (Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta ...)
+CVE-2005-1971
 	NOT-FOR-US: InteractivePHP FusionBB
-CVE-2005-1970 (Symantec pcAnywhere 10.5x and 11.x before 11.5, with &quot;Launch with ...)
+CVE-2005-1970
 	NOT-FOR-US: pcAnywhere
-CVE-2005-1969 (Cross-site scripting (XSS) vulnerability in Pragma Systems ...)
+CVE-2005-1969
 	NOT-FOR-US: Pragma Telnetserver
-CVE-2005-1968 (Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce ...)
+CVE-2005-1968
 	NOT-FOR-US: ProductCart Ecommerce
-CVE-2005-1967 (Multiple SQL injection vulnerabilities in ProductCart Ecommerce before ...)
+CVE-2005-1967
 	NOT-FOR-US: ProductCart Ecommerce
-CVE-2005-1966 (The eTrace_validaddr function in eTrace plugin for e107 portal allows ...)
+CVE-2005-1966
 	NOT-FOR-US: e107
-CVE-2005-1965 (PHP remote file inclusion vulnerability in siteframe.php for Broadpool ...)
+CVE-2005-1965
 	NOT-FOR-US: Broadpool Siteframe
-CVE-2005-1964 (PHP remote file inclusion vulnerability in utilit.php for Ovidentia ...)
+CVE-2005-1964
 	NOT-FOR-US: Ovidentia Portal
-CVE-2005-1963 (Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive ...)
+CVE-2005-1963
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-1962 (Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 ...)
+CVE-2005-1962
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-1961 (Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 ...)
+CVE-2005-1961
 	NOT-FOR-US: C-JDBC
-CVE-2005-1960 (The getemails function in C.J. Steele Tattle allows remote attackers ...)
+CVE-2005-1960
 	NOT-FOR-US: C.J. Steele Tattle
-CVE-2005-1959 (jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute ...)
+CVE-2005-1959
 	NOT-FOR-US: JamMail
 CVE-2005-1958
 	REJECTED
-CVE-2005-1957 (mtnpeak.net File Upload Manager does not properly check user ...)
+CVE-2005-1957
 	NOT-FOR-US: File Upload Manager
-CVE-2005-1956 (File Upload Manager allows remote attackers to upload arbitrary files ...)
+CVE-2005-1956
 	NOT-FOR-US: File Upload Manager
-CVE-2005-1955 (Cross-site scripting (XSS) vulnerability in index.php in singapore ...)
+CVE-2005-1955
 	NOT-FOR-US: singapore
-CVE-2005-1954 (singapore 0.9.11 allows remote attackers to obtain sensitive ...)
+CVE-2005-1954
 	NOT-FOR-US: singapore
-CVE-2005-1953 (Heap-based buffer overflow in the CGI extension for Pico Server ...)
+CVE-2005-1953
 	NOT-FOR-US: Pico Server
-CVE-2005-1952 (Directory traversal vulnerability in Pico Server (pServ) 3.3 allows ...)
+CVE-2005-1952
 	NOT-FOR-US: Pico Server
-CVE-2005-1951 (Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 ...)
+CVE-2005-1951
 	NOT-FOR-US: osCommerce
-CVE-2005-1950 (hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary ...)
+CVE-2005-1950
 	NOT-FOR-US: Webhints
-CVE-2005-1949 (The eping_validaddr function in functions.php for the ePing plugin for ...)
+CVE-2005-1949
 	NOT-FOR-US: e107
-CVE-2005-1948 (Multiple SQL injection vulnerabilities in Invision Gallery before ...)
+CVE-2005-1948
 	NOT-FOR-US: Invision Gallery
-CVE-2005-1947 (Cross-site request forgery (CSRF) vulnerability in Invision Gallery ...)
+CVE-2005-1947
 	NOT-FOR-US: Invision Gallery
-CVE-2005-1946 (Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 ...)
+CVE-2005-1946
 	NOT-FOR-US: Invision Blog
-CVE-2005-1945 (Cross-site scripting (XSS) vulnerability in the convert_highlite_words ...)
+CVE-2005-1945
 	NOT-FOR-US: Invision Blog
-CVE-2005-1944 (xmysqladmin 1.0 and earlier allows local users to delete arbitrary ...)
+CVE-2005-1944
 	NOT-FOR-US: xmysqladmin
-CVE-2005-1943 (Multiple SQL injection vulnerabilities in Loki download manager 2.0 ...)
+CVE-2005-1943
 	NOT-FOR-US: Loki download manager
-CVE-2005-1942 (Cisco switches that support 802.1x security allow remote attackers to ...)
+CVE-2005-1942
 	NOT-FOR-US: Cisco
-CVE-2005-1941 (SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) ...)
+CVE-2005-1941
 	NOT-FOR-US: SilverCity
 CVE-2005-1940
 	RESERVED
-CVE-2005-1939 (Directory traversal vulnerability in Ipswitch WhatsUp Small Business ...)
+CVE-2005-1939
 	NOT-FOR-US: Ipswitch WhatsUp
 CVE-2005-1938
 	REJECTED
-CVE-2005-1937 (A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote ...)
+CVE-2005-1937
 	{DSA-810-1 DSA-777-1 DSA-775-1 DTSA-7-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.6-1 (medium)
 	- mozilla 2:1.7.10-1 (medium)
 	[woody] - mozilla <not-affected> (regression of a previous security fix)
-CVE-2005-1936 (Unknown vulnerability in the web server for the ESS/ Network ...)
+CVE-2005-1936
 	NOT-FOR-US: Xerox hardware issue
-CVE-2005-1935 (Heap-based buffer overflow in the BERDecBitString function in ...)
+CVE-2005-1935
 	NOT-FOR-US: Microsoft
-CVE-2005-1933 (Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute ...)
+CVE-2005-1933
 	NOT-FOR-US: Apple
-CVE-2005-1934 (Gaim before 1.3.1 allows remote attackers to cause a denial of service ...)
+CVE-2005-1934
 	{DSA-734-1}
 	- gaim 1:1.3.1-1 (bug #315356; low)
-CVE-2005-1930 (Directory traversal vulnerability in the Crystal Report component ...)
+CVE-2005-1930
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2005-1929 (Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) ...)
+CVE-2005-1929
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2005-1928 (Trend Micro ServerProtect EarthAgent for Windows Management Console ...)
+CVE-2005-1928
 	NOT-FOR-US: Trend Micro ServerProtect
 CVE-2005-1927
 	RESERVED
 CVE-2005-1926
 	RESERVED
-CVE-2005-1925 (Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 ...)
+CVE-2005-1925
 	NOT-FOR-US: Tikiwiki
-CVE-2005-1924 (The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote ...)
+CVE-2005-1924
 	NOT-FOR-US: External Squirrelmail plugin not packaged in Debian
-CVE-2005-1923 (The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, ...)
+CVE-2005-1923
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1 (bug #316401; bug #316462; medium)
-CVE-2005-1922 (The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 ...)
+CVE-2005-1922
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (low)
-CVE-2005-1921 (Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka ...)
+CVE-2005-1921
 	{DSA-789-1 DSA-746-1 DSA-747-1 DSA-745-1 DTSA-15-1}
 	- serendipity 1.0-1
 	- drupal 4.5.4-1 (high; bug #316362)
@@ -7134,126 +7134,126 @@ CVE-2005-1921 (Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (a
 	- phpwiki 1.3.7-4 (bug #316714; high)
 	- php4 4:4.3.10-16 (high; bug #316447)
 	- horde3 <not-affected> (horde3 ships different XMLRPC code)
-CVE-2005-1920 (The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through ...)
+CVE-2005-1920
 	{DSA-804-2}
 	- kdelibs 4:3.4.2-1 (bug #319016; medium)
 CVE-2005-1919
 	REJECTED
-CVE-2005-1918 (The original patch for a GNU tar directory traversal vulnerability ...)
+CVE-2005-1918
 	- tar 1.14-2.2
 	NOTE: 1.14-2.2 is ok, maybe Debian was not-affected anyway
-CVE-2005-1917 (kpopper 1.0 and earlier allows local users to create and overwrite ...)
+CVE-2005-1917
 	NOT-FOR-US: kpopper, there is a kpopper in kerberos4kth-servers, but this is not the same one
-CVE-2005-1916 (linki.py in ekg 2005-06-05 and earlier allows local users to overwrite ...)
+CVE-2005-1916
 	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (bug #318059; bug #317027; low)
-CVE-2005-1915 (The log4sh_readProperties function in log4sh 1.2.5 and earlier allows ...)
+CVE-2005-1915
 	NOT-FOR-US: log4sh
-CVE-2005-1914 (CenterICQ 4.20.0 and earlier creates temporary files with predictable ...)
+CVE-2005-1914
 	{DSA-754-1 DTSA-2-1}
 	- centericq 4.20.0-7 (medium)
-CVE-2005-1913 (The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a ...)
+CVE-2005-1913
 	{DTSA-16-1}
 	- linux-2.6 2.6.12-1 (medium)
 	- kernel-source-2.6.11 2.6.11-6 (medium)
 CVE-2005-1912
 	REJECTED
-CVE-2005-1911 (The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang ...)
+CVE-2005-1911
 	- leafnode 1.11.3.rel-1 (bug #338886; low)
 	[sarge] - leafnode 1.11.2.rel-1.0sarge0
-CVE-2005-1910 (SQL injection vulnerability in login.asp for WWWeb Concepts Events ...)
+CVE-2005-1910
 	NOT-FOR-US: WWWeb Concepts Events System
-CVE-2005-1909 (The web server control panel in 602LAN SUITE 2004 allows remote ...)
+CVE-2005-1909
 	NOT-FOR-US: 602LAN SUITE
-CVE-2005-1908 (Perception LiteWeb allows remote attackers to bypass access controls ...)
+CVE-2005-1908
 	NOT-FOR-US: Perception LiteWeb
-CVE-2005-1907 (The ISA Firewall service in Microsoft Internet Security and ...)
+CVE-2005-1907
 	NOT-FOR-US: Microsoft
-CVE-2005-1906 (SQL injection vulnerability in login.asp in livingmailing 1.3 allows ...)
+CVE-2005-1906
 	NOT-FOR-US: livingmailing
-CVE-2005-1905 (The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and ...)
+CVE-2005-1905
 	NOT-FOR-US: Kaspersky
-CVE-2005-1904 (SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) ...)
+CVE-2005-1904
 	NOT-FOR-US: JiRo's Upload Systems
-CVE-2005-1903 (Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 ...)
+CVE-2005-1903
 	NOT-FOR-US: SPA-PRO Mail
-CVE-2005-1902 (Directory traversal vulnerability in the IMAP service for SPA-PRO Mail ...)
+CVE-2005-1902
 	NOT-FOR-US: SPA-PRO Mail
-CVE-2005-1901 (Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before ...)
+CVE-2005-1901
 	NOT-FOR-US: Sawmill
-CVE-2005-1900 (Sawmill before 7.1.6 allows remote attackers to bypass authentication ...)
+CVE-2005-1900
 	NOT-FOR-US: Sawmill
-CVE-2005-1899 (Rakkarsoft RakNet network library 2.33 and earlier, when released ...)
+CVE-2005-1899
 	NOT-FOR-US: RakNet
-CVE-2005-1898 (The passthrough functionality in phpThumb.php in phpThumb() before ...)
+CVE-2005-1898
 	NOT-FOR-US: phpThumb
-CVE-2005-1897 (Unknown vulnerability in FlexCast Audio Video Streaming Server before ...)
+CVE-2005-1897
 	NOT-FOR-US: FlexCast
-CVE-2005-1896 (Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 ...)
+CVE-2005-1896
 	NOT-FOR-US: FlatNuke
-CVE-2005-1895 (Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows ...)
+CVE-2005-1895
 	NOT-FOR-US: FlatNuke
-CVE-2005-1894 (Direct code injection vulnerability in FlatNuke 2.5.3 allows remote ...)
+CVE-2005-1894
 	NOT-FOR-US: FlatNuke
-CVE-2005-1893 (FlatNuke 2.5.3 allows remote attackers to obtain sensitive information ...)
+CVE-2005-1893
 	NOT-FOR-US: FlatNuke
-CVE-2005-1892 (FlatNuke 2.5.3 allows remote attackers to cause a denial of service or ...)
+CVE-2005-1892
 	NOT-FOR-US: FlatNuke
-CVE-2005-1891 (The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 ...)
+CVE-2005-1891
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2005-1890 (Unknown vulnerability in Mortiforo before 0.9.1 allows users to access ...)
+CVE-2005-1890
 	NOT-FOR-US: Mortiforo
-CVE-2005-1889 (Unknown vulnerability in Sun ONE Application Server 6.5 SP1 ...)
+CVE-2005-1889
 	NOT-FOR-US: Sun ONE
-CVE-2005-1888 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 ...)
+CVE-2005-1888
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-1887 (Unknown vulnerability in the Sun Solaris C library (libc and ...)
+CVE-2005-1887
 	NOT-FOR-US: Solaris
-CVE-2005-1886 (Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, ...)
+CVE-2005-1886
 	NOT-FOR-US: YaPiG
-CVE-2005-1885 (view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to ...)
+CVE-2005-1885
 	NOT-FOR-US: YaPiG
-CVE-2005-1884 (Directory traversal vulnerability in the (1) rmdir or (2) mkdir ...)
+CVE-2005-1884
 	NOT-FOR-US: YaPiG
-CVE-2005-1883 (global.php in YaPiG 0.92b allows remote attackers to include arbitrary ...)
+CVE-2005-1883
 	NOT-FOR-US: YaPiG
-CVE-2005-1882 (PHP remote file inclusion vulnerability in last_gallery.php in YaPiG ...)
+CVE-2005-1882
 	NOT-FOR-US: YaPiG
-CVE-2005-1881 (upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict ...)
+CVE-2005-1881
 	NOT-FOR-US: YaPiG
-CVE-2005-1880 (everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary ...)
+CVE-2005-1880
 	NOT-FOR-US: everybuddy
-CVE-2005-1879 (LutelWall 0.97 and earlier allows local users to overwrite arbitrary ...)
+CVE-2005-1879
 	NOT-FOR-US: LutelWall
-CVE-2005-1878 (GIPTables Firewall 1.1 and earlier allows local users to overwrite ...)
+CVE-2005-1878
 	NOT-FOR-US: GIPTables
-CVE-2005-1877 (Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel ...)
+CVE-2005-1877
 	NOT-FOR-US: Lpanel
-CVE-2005-1876 (Direct code injection vulnerability in CuteNews 1.3.6 and earlier ...)
+CVE-2005-1876
 	NOT-FOR-US: CuteNews
-CVE-2005-1875 (Multiple SQL injection vulnerabilities in list.php in Exhibit Engine ...)
+CVE-2005-1875
 	NOT-FOR-US: Exhibit Engine
-CVE-2005-1874 (Directory traversal vulnerability in Dzip before 2.9 allows remote ...)
+CVE-2005-1874
 	NOT-FOR-US: Dzip
-CVE-2005-1873 (Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier ...)
+CVE-2005-1873
 	NOT-FOR-US: Crob
-CVE-2005-1872 (Buffer overflow in the administrative console in IBM WebSphere ...)
+CVE-2005-1872
 	NOT-FOR-US: WebSphere
-CVE-2005-1871 (Unknown vulnerability in the privilege system in Drupal 4.4.0 through ...)
+CVE-2005-1871
 	- drupal 4.5.3-1
-CVE-2005-1870 (PHP remote file inclusion vulnerability in childwindow.inc.php in ...)
+CVE-2005-1870
 	NOT-FOR-US: Popper
-CVE-2005-1869 (PHP remote file inclusion vulnerability in start_lobby.php in MWChat ...)
+CVE-2005-1869
 	NOT-FOR-US: MWChat
-CVE-2005-1868 (I-Man 0.9, and possibly earlier versions, allows remote attackers to ...)
+CVE-2005-1868
 	NOT-FOR-US: I-Man
-CVE-2005-1867 (Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database ...)
+CVE-2005-1867
 	NOT-FOR-US: Symantec
-CVE-2005-1866 (Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix ...)
+CVE-2005-1866
 	NOT-FOR-US: Calendarix
-CVE-2005-1865 (Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 ...)
+CVE-2005-1865
 	NOT-FOR-US: Calendarix
-CVE-2005-1864 (PHP remote file inclusion vulnerability in cal_admintop.php in ...)
+CVE-2005-1864
 	NOT-FOR-US: Calendarix
 CVE-2005-1863
 	REJECTED
@@ -7263,63 +7263,63 @@ CVE-2005-1861
 	REJECTED
 CVE-2005-1860
 	REJECTED
-CVE-2005-1859 (Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ...)
+CVE-2005-1859
 	NOT-FOR-US: arshell
-CVE-2005-1857 (Format string vulnerability in simpleproxy before 3.4 allows remote ...)
+CVE-2005-1857
 	{DSA-786-1}
 	- simpleproxy 3.2-4 (medium)
-CVE-2005-1856 (The CD-burning feature in backup-manager 0.5.8 and earlier uses a ...)
+CVE-2005-1856
 	{DSA-787-1}
 	- backup-manager 0.5.8-2 (bug #315582; low)
 	NOTE: maybe a duplicate of CVE-2005-2212, author contacted
-CVE-2005-1855 (Backup Manager (backup-manager) before 0.5.8 creates backup files with ...)
+CVE-2005-1855
 	{DSA-787-1}
 	- backup-manager 0.5.8-2 (medium)
 	NOTE: maybe a duplicate of CVE-2005-2211, author contacted
-CVE-2005-1854 (Unknown vulnerability in apt-cacher in Debian 3.1, related to &quot;missing ...)
+CVE-2005-1854
 	{DSA-772-1}
 	- apt-cacher 0.9.10 (high)
-CVE-2005-1853 (gopher.c in the Gopher client 3.0.5 does not properly create temporary ...)
+CVE-2005-1853
 	{DSA-770-1}
 	- gopher 3.0.8 (low)
-CVE-2005-1852 (Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 ...)
+CVE-2005-1852
 	{DSA-767-1 DTSA-4-1}
 	- kdenetwork 4:3.3.2-5 (bug #319443; unimportant)
 	NOTE: Kopete embeds the vulnerable code, but it's only used as a fallback when
 	NOTE: no shared lib version is found. As the Debian package has a dependency on
 	NOTE: it the maintainer does not intent to fix it, see # 319443
 	- ekg 1:1.5+20050712+1.6rc3-1 (bug #318970; medium)
-CVE-2005-1851 (A certain contributed script for ekg Gadu Gadu client 1.5 and earlier ...)
+CVE-2005-1851
 	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
-CVE-2005-1850 (Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier ...)
+CVE-2005-1850
 	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
-CVE-2005-1849 (inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of ...)
+CVE-2005-1849
 	{DSA-1026-1 DSA-797-2 DSA-797-1 DSA-763-1}
 	NOTE: This is only contrib code not built in the binary packages AFAIK
 	- zlib 1:1.2.3-1 (low)
 	- zsync 0.4.1-1 (low)
 	- sash 3.7-5sarge1 (low)
 	NOTE: zsync 0.4.0-2 (mentioned in DSA-797-1) was never uploaded.
-CVE-2005-1848 (The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause ...)
+CVE-2005-1848
 	{DSA-750-1}
 	- dhcpcd 1:1.3.22pl4-22 (medium)
-CVE-2005-1847 (Multiple buffer overflows in YaMT before 0.5_2 allow attackers to ...)
+CVE-2005-1847
 	NOT-FOR-US: YaMT
-CVE-2005-1846 (Multiple directory traversal vulnerabilities in YaMT before 0.5_2 ...)
+CVE-2005-1846
 	NOT-FOR-US: YaMT
 CVE-2005-1845
 	REJECTED
 CVE-2005-1844
 	REJECTED
-CVE-2005-1843 (VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative ...)
+CVE-2005-1843
 	NOT-FOR-US: Windows
-CVE-2005-1842 (VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative ...)
+CVE-2005-1842
 	NOT-FOR-US: Windows
-CVE-2005-1841 (The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, ...)
+CVE-2005-1841
 	NOT-FOR-US: acroread
-CVE-2005-1858 (FUSE 2.x before 2.3.0 does not properly clear previously used memory ...)
+CVE-2005-1858
 	{DSA-744-1}
 	- fuse 2.3.0-1
 CVE-2005-2349 [Directory traversal in zoo]
@@ -7328,198 +7328,198 @@ CVE-2005-2349 [Directory traversal in zoo]
 CVE-2005-2350 [Cross Site Scripting in websieve]
 	RESERVED
 	- websieve <removed> (bug #311838; low)
-CVE-2005-1840 (Directory traversal vulnerability in class.layout_phpcms.php in phpCMS ...)
+CVE-2005-1840
 	NOT-FOR-US: phpCMS
-CVE-2005-1839 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk ...)
+CVE-2005-1839
 	NOT-FOR-US: Liberum
-CVE-2005-1838 (Multiple cross-site scripting vulnerabilities in castnewPost.asp in ...)
+CVE-2005-1838
 	NOT-FOR-US: Liberum
-CVE-2005-1837 (Fortinet firewall running FortiOS 2.x contains a hardcoded username ...)
+CVE-2005-1837
 	NOT-FOR-US: Fortinet firewall
-CVE-2005-1836 (NEXTWEB (i)Site allows remote attackers to cause a denial of service ...)
+CVE-2005-1836
 	NOT-FOR-US: NEXTWEB
-CVE-2005-1835 (NEXTWEB (i)Site stores databases under the web document root with ...)
+CVE-2005-1835
 	NOT-FOR-US: NEXTWEB
-CVE-2005-1834 (SQL injection vulnerability in login.asp in NEXTWEB (i)Site allows ...)
+CVE-2005-1834
 	NOT-FOR-US: NEXTWEB
-CVE-2005-1833 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 ...)
+CVE-2005-1833
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-1832 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
+CVE-2005-1832
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-1831 (** DISPUTED ** ...)
+CVE-2005-1831
 	- sudo <not-affected> (Unreproducable, seems like a broken PAM setup on the submitter's side)
-CVE-2005-1830 (The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 ...)
+CVE-2005-1830
 	NOT-FOR-US: SoftICE
-CVE-2005-1829 (Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a ...)
+CVE-2005-1829
 	NOT-FOR-US: Microsoft
-CVE-2005-1828 (D-Link DSL-504T stores usernames and passwords in cleartext in the ...)
+CVE-2005-1828
 	NOT-FOR-US: D-Link hardware issue
-CVE-2005-1827 (D-Link DSL-504T allows remote attackers to bypass authentication and ...)
+CVE-2005-1827
 	NOT-FOR-US: D-Link hardware issue
-CVE-2005-1826 (Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by ...)
+CVE-2005-1826
 	NOT-FOR-US: HP Radia
-CVE-2005-1825 (Multiple stack-based buffer overflows in the nvd_exec function in HP ...)
+CVE-2005-1825
 	NOT-FOR-US: HP Radia
-CVE-2005-1824 (The sql_escape_string function in auth/sql.c for the mailutils SQL ...)
+CVE-2005-1824
 	- mailutils 1:0.6.1-2
-CVE-2005-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam ...)
+CVE-2005-1823
 	NOT-FOR-US: Qualiteam X-Cart
-CVE-2005-1822 (Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow ...)
+CVE-2005-1822
 	NOT-FOR-US: Qualiteam X-Cart
-CVE-2005-1821 (PHP remote file inclusion vulnerability in pdl_header.inc.php in ...)
+CVE-2005-1821
 	NOT-FOR-US: PowerDownload
-CVE-2005-1820 (zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote ...)
+CVE-2005-1820
 	NOT-FOR-US: Zeroboard
-CVE-2005-1819 (Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before ...)
+CVE-2005-1819
 	NOT-FOR-US: NikoSoft WebMail
-CVE-2005-1818 (Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 ...)
+CVE-2005-1818
 	NOT-FOR-US: NewLife Blogger
-CVE-2005-1817 (Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to ...)
+CVE-2005-1817
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1816 (Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to ...)
+CVE-2005-1816
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1815 (Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 ...)
+CVE-2005-1815
 	NOT-FOR-US: Hummingbird Connectivity
-CVE-2005-1814 (Stack-based buffer overflow in PicoWebServer 1.0 allows remote ...)
+CVE-2005-1814
 	NOT-FOR-US: PicoWebServer
-CVE-2005-1813 (Directory traversal vulnerability in FutureSoft TFTP Server Evaluation ...)
+CVE-2005-1813
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2005-1812 (Multiple stack-based buffer overflows in FutureSoft TFTP Server ...)
+CVE-2005-1812
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2005-1811 (Cross-site scripting (XSS) vulnerability in usercp.php for ...)
+CVE-2005-1811
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-1810 (SQL injection vulnerability in template-functions-category.php in ...)
+CVE-2005-1810
 	- wordpress 1.5.1.2-1
-CVE-2005-1809 (Sony Ericsson P900 Beamer allows remote attackers to cause a denial of ...)
+CVE-2005-1809
 	NOT-FOR-US: Sony hardware issue
-CVE-2005-1808 (Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers ...)
+CVE-2005-1808
 	NOT-FOR-US: Stronghold game
-CVE-2005-1807 (The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier ...)
+CVE-2005-1807
 	- libphp-phpmailer 1.73
-CVE-2005-1806 (Format string vulnerability in PeerCast 0.1211 and earlier allows ...)
+CVE-2005-1806
 	NOT-FOR-US: PeerCast
-CVE-2005-1805 (SQL injection vulnerability in login.asp in an unknown product by ...)
+CVE-2005-1805
 	NOT-FOR-US: Online Solutions for Educators
-CVE-2005-1804 (Multiple SQL injection vulnerabilities in Net Portal Dynamic System ...)
+CVE-2005-1804
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2005-1803 (Multiple cross-site scripting (XSS) vulnerabilities in Net Portal ...)
+CVE-2005-1803
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2005-1802 (Nortel VPN Router (aka Contivity) allows remote attackers to cause a ...)
+CVE-2005-1802
 	NOT-FOR-US: Nortel hardware
-CVE-2005-1801 (The vCard viewer in Nokia 9500 allows attackers to cause a denial of ...)
+CVE-2005-1801
 	NOT-FOR-US: Nokia hardware
-CVE-2005-1800 (Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 ...)
+CVE-2005-1800
 	NOT-FOR-US: Jaws glossary gadget
-CVE-2005-1799 (Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and ...)
+CVE-2005-1799
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2005-1798 (Directory traversal vulnerability in ServersCheck Monitoring Software ...)
+CVE-2005-1798
 	NOT-FOR-US: ServersCheck
-CVE-2005-1797 (The design of Advanced Encryption Standard (AES), aka Rijndael, allows ...)
+CVE-2005-1797
 	NOTE: Cryptographic attack on AES, cannot be fixed
-CVE-2005-1796 (Format string vulnerability in the curses_msg function in the Ncurses ...)
+CVE-2005-1796
 	{DSA-749-1}
 	- ettercap 1:0.7.1-1.1 (bug #311615)
-CVE-2005-1795 (The filecopy function in misc.c in Clam AntiVirus (ClamAV) before ...)
+CVE-2005-1795
 	NOT-FOR-US: ClamAV on Mac OS X
-CVE-2005-1794 (Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 ...)
+CVE-2005-1794
 	NOT-FOR-US: Microsoft
-CVE-2005-1793 (User32.DLL in Microsoft Windows 98SE, and possibly other operating ...)
+CVE-2005-1793
 	NOT-FOR-US: Microsoft
-CVE-2005-1792 (Memory leak in Windows Management Instrumentation (WMI) service allows ...)
+CVE-2005-1792
 	NOT-FOR-US: Microsoft
-CVE-2005-1791 (Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the ...)
+CVE-2005-1791
 	NOT-FOR-US: Microsoft
-CVE-2005-1790 (Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and ...)
+CVE-2005-1790
 	{CVE-2005-3896}
 	NOT-FOR-US: Microsoft
 	NOTE: The exploit causes Mozilla to crash, see CVE-2005-3896.
-CVE-2005-1789 (SQL injection vulnerability in SignIn.asp in India Software Solution ...)
+CVE-2005-1789
 	NOT-FOR-US: India Software Solution shopping cart
-CVE-2005-1788 (SQL injection vulnerability in resellerresources.asp in Hosting ...)
+CVE-2005-1788
 	NOT-FOR-US: Hosting Controller
-CVE-2005-1787 (setup.php in phpStat 1.5 allows remote attackers to bypass ...)
+CVE-2005-1787
 	NOT-FOR-US: phpStat
-CVE-2005-1786 (SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 ...)
+CVE-2005-1786
 	NOT-FOR-US: FunkyASP
-CVE-2005-1785 (SQL injection vulnerability in ad/login.asp in ZonGG 1.2 allows remote ...)
+CVE-2005-1785
 	NOT-FOR-US: ZonGG
-CVE-2005-1784 (Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers ...)
+CVE-2005-1784
 	NOT-FOR-US: Hosting Controller
-CVE-2005-1783 (BookReview beta 1.0 allows remote attackers to obtain the path of the ...)
+CVE-2005-1783
 	NOT-FOR-US: BookReview
-CVE-2005-1782 (Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta ...)
+CVE-2005-1782
 	NOT-FOR-US: BookReview
-CVE-2005-1781 (Unknown vulnerability in SMTP authentication for MailEnable allows ...)
+CVE-2005-1781
 	NOT-FOR-US: MailEnable
-CVE-2005-1780 (SQL injection vulnerability in admin/login.asp in Active News Manager ...)
+CVE-2005-1780
 	NOT-FOR-US: Active News Manager
-CVE-2005-1779 (SQL injection vulnerability in password.asp in MaxWebPortal 1.35, ...)
+CVE-2005-1779
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1778 (Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke ...)
+CVE-2005-1778
 	NOT-FOR-US: PostNuke
-CVE-2005-1777 (SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows ...)
+CVE-2005-1777
 	NOT-FOR-US: PostNuke
-CVE-2005-1776 (Buffer overflow in the READ_TCP_STRING function in ...)
+CVE-2005-1776
 	NOT-FOR-US: C'Nedra
-CVE-2005-1775 (Terminator 3: War of the Machines 1.16 and earlier allows remote ...)
+CVE-2005-1775
 	NOT-FOR-US: Terminator game
-CVE-2005-1774 (WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce ...)
+CVE-2005-1774
 	- davfs2 0.2.4-1 (bug #310757; medium)
-CVE-2005-1773 (Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and ...)
+CVE-2005-1773
 	NOT-FOR-US: Listserv
-CVE-2005-1772 (Buffer overflow in the client cd-key hash in Terminator 3: War of the ...)
+CVE-2005-1772
 	NOT-FOR-US: Terminator game
-CVE-2005-1771 (Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 ...)
+CVE-2005-1771
 	NOT-FOR-US: HPUX
-CVE-2005-1770 (Buffer overflow in the Aavmker4 device driver in Avast! Antivirus 4.6 ...)
+CVE-2005-1770
 	NOT-FOR-US: Avast
-CVE-2005-1769 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail ...)
+CVE-2005-1769
 	{DSA-756-1}
 	- squirrelmail 2:1.4.4-6sarge1 (bug #314374; medium)
-CVE-2005-1768 (Race condition in the ia32 compatibility code for the execve system ...)
+CVE-2005-1768
 	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (medium; bug #319629)
-CVE-2005-1767 (traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment ...)
+CVE-2005-1767
 	{DSA-922-1 DSA-921-1}
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.4.27 2.4.27-11
 	NOTE: amd64 is not supported for 2.4 (the issue is amd64 speficic)
-CVE-2005-1766 (Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 ...)
+CVE-2005-1766
 	{DSA-826-1}
 	- helix-player 1.0.5-1 (bug #316276; high)
 	NOTE: Helix Player is affected according to:
 	NOTE: <http://service.real.com/help/faq/security/050623_player/EN/>
-CVE-2005-1765 (syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, ...)
+CVE-2005-1765
 	{DSA-922-1 DTSA-16-1}
 	- linux-2.6 2.6.12-1 (medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-1764 (Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard ...)
+CVE-2005-1764
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-1763 (Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures ...)
+CVE-2005-1763
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
-CVE-2005-1762 (The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 ...)
+CVE-2005-1762
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
 	- kernel-source-2.4.27 2.4.27-11
-CVE-2005-1761 (Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users ...)
+CVE-2005-1761
 	{DSA-1018-1 DSA-922-1 DTSA-16-1}
 	- linux-2.6 2.6.12-1 (medium)
-CVE-2005-1760 (sysreport 1.3.15 and earlier includes contents of the up2date file in ...)
+CVE-2005-1760
 	NOT-FOR-US: sysreport
-CVE-2005-1759 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
+CVE-2005-1759
 	- shtool 2.0.1-2 (low)
 	[sarge] - shtool <no-dsa> (Minor issue)
 	- mysql-ocaml 1.0.3-6 (unimportant)
 	- php4 4:4.4.0-1 (unimportant)
-CVE-2005-1758 (Buffer overflow in the IMAP command continuation function in Novell ...)
+CVE-2005-1758
 	NOT-FOR-US: Novell
-CVE-2005-1757 (Buffer overflow in the Modweb agent for Novell NetMail 3.52 before ...)
+CVE-2005-1757
 	NOT-FOR-US: Novell
-CVE-2005-1756 (Cross-site scripting (XSS) vulnerability in the ModWeb agent for ...)
+CVE-2005-1756
 	NOT-FOR-US: Novell
-CVE-2005-1751 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
+CVE-2005-1751
 	{DSA-789-1 DTSA-15-1}
 	- shtool 2.0.1-2 (bug #311206; low)
 	[sarge] - shtool <no-dsa> (Minor issue)
@@ -7540,203 +7540,203 @@ CVE-2005-XXXX [osh buffer overflow]
 	- osh 1.7-13 (bug #311369)
 CVE-2005-XXXX [xile buffer overrun in terminal code]
 	- zile 2.0.4-2
-CVE-2005-1750 (SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 ...)
+CVE-2005-1750
 	NOT-FOR-US: ezwdc NewsletterEz
-CVE-2005-1749 (Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 ...)
+CVE-2005-1749
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1748 (The embedded LDAP server in BEA WebLogic Server and Express 8.1 ...)
+CVE-2005-1748
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1747 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
+CVE-2005-1747
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1746 (The cluster cookie parsing code in BEA WebLogic Server 7.0 through ...)
+CVE-2005-1746
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1745 (The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack ...)
+CVE-2005-1745
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1744 (BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 ...)
+CVE-2005-1744
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1743 (BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 ...)
+CVE-2005-1743
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1742 (BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users ...)
+CVE-2005-1742
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1741 (Gearbox Software Halo: Combat Evolved 1.6 allows remote attackers to ...)
+CVE-2005-1741
 	NOT-FOR-US: Halo
-CVE-2005-1740 (fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files ...)
+CVE-2005-1740
 	- net-snmp <not-affected> (fixproc not installed in Debian package)
-CVE-2005-1739 (The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick ...)
+CVE-2005-1739
 	- imagemagick 6:6.0.6.2-2.4 (bug #310690; bug #310812)
-CVE-2005-1738 (Format string vulnerability in the logPrintBadfile function in ...)
+CVE-2005-1738
 	NOT-FOR-US: Iron Bars Shell
-CVE-2005-1737 (Multiple unknown vulnerabilities in PROMS 0.11 allow &quot;non-authorized ...)
+CVE-2005-1737
 	NOT-FOR-US: PROMS
-CVE-2005-1736 (PROMS 0.11 does not properly handle &quot;certain combinations of rights,&quot; ...)
+CVE-2005-1736
 	NOT-FOR-US: PROMS
-CVE-2005-1735 (Multiple cross-site scripting (XSS) vulnerabilities in PROMS before ...)
+CVE-2005-1735
 	NOT-FOR-US: PROMS
-CVE-2005-1734 (Multiple SQL injection vulnerabilities in PROMS before 0.11 allow ...)
+CVE-2005-1734
 	NOT-FOR-US: PROMS
-CVE-2005-1733 (Cookie Cart stores the password file under the web document root with ...)
+CVE-2005-1733
 	NOT-FOR-US: Cookie Cart
-CVE-2005-1732 (Cookie Cart allows remote attackers to read the Order Notification ...)
+CVE-2005-1732
 	NOT-FOR-US: Cookie Cart
 CVE-2005-1731
 	REJECTED
-CVE-2005-1730 (Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in ...)
+CVE-2005-1730
 	NOT-FOR-US: Novell iManager
-CVE-2005-1729 (Novell eDirectory 8.7.3 allows remote attackers to cause a denial of ...)
+CVE-2005-1729
 	NOT-FOR-US: Novell
-CVE-2005-1728 (MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs ...)
+CVE-2005-1728
 	NOT-FOR-US: Apple
-CVE-2005-1727 (Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and ...)
+CVE-2005-1727
 	NOT-FOR-US: Apple
-CVE-2005-1726 (The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users ...)
+CVE-2005-1726
 	NOT-FOR-US: Apple
-CVE-2005-1725 (launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users ...)
+CVE-2005-1725
 	NOT-FOR-US: Apple
-CVE-2005-1724 (NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the ...)
+CVE-2005-1724
 	NOT-FOR-US: Apple
-CVE-2005-1723 (LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly ...)
+CVE-2005-1723
 	NOT-FOR-US: Apple
-CVE-2005-1722 (Unknown vulnerability in the CoreGraphics Window Server for Mac OS X ...)
+CVE-2005-1722
 	NOT-FOR-US: Apple
-CVE-2005-1721 (Buffer overflow in the legacy client support for AFP Server for Mac OS ...)
+CVE-2005-1721
 	NOT-FOR-US: Apple
-CVE-2005-1720 (AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does ...)
+CVE-2005-1720
 	NOT-FOR-US: Apple
-CVE-2005-1719 (Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and ...)
+CVE-2005-1719
 	NOT-FOR-US: avast! antivirus
-CVE-2005-1718 (Buffer overflow in LS Games War Times 1.03 and earlier allows remote ...)
+CVE-2005-1718
 	NOT-FOR-US: War Times
-CVE-2005-1717 (ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows ...)
+CVE-2005-1717
 	NOT-FOR-US: Zyxel hardware
-CVE-2005-1716 (TOPo 2.2 (2.2.178) stores data files in the data directory under the ...)
+CVE-2005-1716
 	NOT-FOR-US: TOPo
-CVE-2005-1715 (Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 ...)
+CVE-2005-1715
 	NOT-FOR-US: TOPo
-CVE-2005-1714 (Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 ...)
+CVE-2005-1714
 	NOT-FOR-US: SurgeMail
-CVE-2005-1713 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 ...)
+CVE-2005-1713
 	NOT-FOR-US: Serendipity
-CVE-2005-1712 (Unknown vulnerability in Serendipity 0.8, when used with multiple ...)
+CVE-2005-1712
 	NOT-FOR-US: Serendipity
-CVE-2005-1711 (Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to ...)
+CVE-2005-1711
 	NOT-FOR-US: Gibraltar Firewall
-CVE-2005-1710 (Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat ...)
+CVE-2005-1710
 	NOT-FOR-US: Blue Coat
-CVE-2005-1709 (Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote ...)
+CVE-2005-1709
 	NOT-FOR-US: Blue Coat
-CVE-2005-1708 (templates.admin.users.user_form_processing in Blue Coat Reporter ...)
+CVE-2005-1708
 	NOT-FOR-US: Blue Coat
-CVE-2005-1707 (The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 ...)
+CVE-2005-1707
 	NOT-FOR-US: Gentoo
-CVE-2005-1706 (Unknown vulnerability in MailScanner 4.41.3 and earlier, related to ...)
+CVE-2005-1706
 	- mailscanner 4.42.9 (bug #310774; low)
 	[sarge] - mailscanner <no-dsa> (Minor issue)
-CVE-2005-1705 (gdb before 6.3 searches the current working directory to load the ...)
+CVE-2005-1705
 	- gdb 6.3-6
-CVE-2005-1704 (Integer overflow in the Binary File Descriptor (BFD) library for gdb ...)
+CVE-2005-1704
 	- gdb 6.3-6
-CVE-2005-1703 (Warrior Kings: Battles 1.23 and earlier allows remote attackers to ...)
+CVE-2005-1703
 	NOT-FOR-US: Warrior Kings: Battles
-CVE-2005-1702 (Format string vulnerability in Warrior Kings: Battles 1.23 and earlier ...)
+CVE-2005-1702
 	NOT-FOR-US: Warrior Kings: Battles
-CVE-2005-1701 (SQL injection vulnerability in PortailPHP 1.3 allows remote attackers ...)
+CVE-2005-1701
 	NOT-FOR-US: PortailPHP
-CVE-2005-1700 (SQL injection vulnerability in pnadmin.php in the Xanthia module in ...)
+CVE-2005-1700
 	NOT-FOR-US: PostNuke
-CVE-2005-1699 (Directory traversal vulnerability in pnadminapi.php in the Xanthia ...)
+CVE-2005-1699
 	NOT-FOR-US: PostNuke
-CVE-2005-1698 (PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain ...)
+CVE-2005-1698
 	NOT-FOR-US: PostNuke
-CVE-2005-1697 (The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote ...)
+CVE-2005-1697
 	NOT-FOR-US: PostNuke
-CVE-2005-1696 (Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.750 ...)
+CVE-2005-1696
 	NOT-FOR-US: PostNuke
-CVE-2005-1695 (Multiple cross-site scripting (XSS) vulnerabilities in the RSS module ...)
+CVE-2005-1695
 	NOT-FOR-US: PostNuke
-CVE-2005-1694 (Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia ...)
+CVE-2005-1694
 	NOT-FOR-US: PostNuke
-CVE-2005-1693 (Integer overflow in Computer Associates Vet Antivirus library, as used ...)
+CVE-2005-1693
 	NOT-FOR-US: CA Antivirus
-CVE-2005-1692 (Format string vulnerability in gxine 0.4.1 through 0.4.4, and other ...)
+CVE-2005-1692
 	- gxine 0.4.7-0.1 (bug #310712; medium)
-CVE-2005-1691 (Directory traversal vulnerability in Internet Graphics Server in SAP ...)
+CVE-2005-1691
 	NOT-FOR-US: SAP
 CVE-2005-1690
 	REJECTED
-CVE-2005-1689 (Double free vulnerability in the krb5_recvauth function in MIT ...)
+CVE-2005-1689
 	{DSA-757-1}
 	- krb5 1.3.6-4 (medium)
-CVE-2005-1688 (Wordpress 1.5 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2005-1688
 	- wordpress 1.5.1-1
-CVE-2005-1687 (SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and ...)
+CVE-2005-1687
 	- wordpress 1.5.1-1
-CVE-2005-1686 (Format string vulnerability in gedit 2.10.2 may allow attackers to ...)
+CVE-2005-1686
 	{DSA-753-1}
 	NOTE: Only exploitable under rare circumstances
 	- gedit 2.10.3-1 (low)
-CVE-2005-1685 (episodex guestbook allows remote attackers to bypass authentication ...)
+CVE-2005-1685
 	NOT-FOR-US: episodex
-CVE-2005-1684 (Cross-site scripting (XSS) vulnerability in default.asp for episodex ...)
+CVE-2005-1684
 	NOT-FOR-US: episodex
-CVE-2005-1683 (Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft ...)
+CVE-2005-1683
 	NOT-FOR-US: Microsoft
-CVE-2005-1682 (** DISPUTED ** ...)
+CVE-2005-1682
 	NOT-FOR-US: Solstice Internet Mail Server
-CVE-2005-1681 (PHP remote file inclusion vulnerability in common.php in phpATM 1.21, ...)
+CVE-2005-1681
 	NOT-FOR-US: phpATM
-CVE-2005-1680 (D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when ...)
+CVE-2005-1680
 	NOT-FOR-US: D-Link hardware
-CVE-2005-1679 (Stack-based buffer overflow in the error directive in picasm 1.12b and ...)
+CVE-2005-1679
 	- picasm 1.12c-1
-CVE-2005-1678 (Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, ...)
+CVE-2005-1678
 	NOT-FOR-US: Groove
-CVE-2005-1677 (Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, ...)
+CVE-2005-1677
 	NOT-FOR-US: Groove
-CVE-2005-1676 (Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile ...)
+CVE-2005-1676
 	NOT-FOR-US: Groove
-CVE-2005-1675 (Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, ...)
+CVE-2005-1675
 	NOT-FOR-US: Groove
-CVE-2005-1674 (Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live ...)
+CVE-2005-1674
 	NOT-FOR-US: Help Center Live
-CVE-2005-1673 (Multiple SQL injection vulnerabilities in Help Center Live allow ...)
+CVE-2005-1673
 	NOT-FOR-US: Help Center Live
-CVE-2005-1672 (Multiple cross-site scripting (XSS) vulnerabilities in Help Center ...)
+CVE-2005-1672
 	NOT-FOR-US: Help Center Live
-CVE-2005-1671 (The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be ...)
+CVE-2005-1671
 	NOT-FOR-US: Yahoo Messenger
-CVE-2005-1670 (Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches ...)
+CVE-2005-1670
 	NOT-FOR-US: Extreme BlackDiamond hardware
-CVE-2005-1669 (Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 ...)
+CVE-2005-1669
 	NOT-FOR-US: Opera
-CVE-2005-1668 (YusASP Web Asset Manager 1.0 allows remote attackers to gain ...)
+CVE-2005-1668
 	NOT-FOR-US: YusASP Web Asset Manager
-CVE-2005-1667 (DataTrac Activity Console 1.1 allows remote attackers to cause a ...)
+CVE-2005-1667
 	NOT-FOR-US: DataTrac Activity Console
-CVE-2005-1666 (Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow ...)
+CVE-2005-1666
 	NOT-FOR-US: Orenosv
-CVE-2005-1665 (The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not ...)
+CVE-2005-1665
 	NOT-FOR-US: Microsoft
-CVE-2005-1664 (The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote ...)
+CVE-2005-1664
 	NOT-FOR-US: Microsoft
-CVE-2005-1663 (Jeuce Personal Web Server 2.13 allows remote attackers to cause a ...)
+CVE-2005-1663
 	NOT-FOR-US: Jeuce Personal Web Server
-CVE-2005-1662 (Directory traversal vulnerability in Jeuce Personal Web Server 2.13 ...)
+CVE-2005-1662
 	NOT-FOR-US: Jeuce Personal Web Server
-CVE-2005-1661 (Jeuce Personal Webserver 2.13 allows remote attackers to cause a ...)
+CVE-2005-1661
 	NOT-FOR-US: Jeuce Personal Web Server
-CVE-2005-1660 (HTMLJunction EZGuestbook stores the guestbook.mdb file under the web ...)
+CVE-2005-1660
 	NOT-FOR-US: EZGuestbook
-CVE-2005-1659 (Cross-site scripting (XSS) vulnerability in filemanager.cpp in ...)
+CVE-2005-1659
 	NOT-FOR-US: MyServer
-CVE-2005-1658 (Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 ...)
+CVE-2005-1658
 	NOT-FOR-US: MyServer
-CVE-2005-1657 (Multiple directory traversal vulnerabilities in Mercur Messaging 2005 ...)
+CVE-2005-1657
 	NOT-FOR-US: Mercur Messaging
-CVE-2005-1656 (Mercur Messaging 2005 SP2 allows remote attackers to read the source ...)
+CVE-2005-1656
 	NOT-FOR-US: Mercur Messaging
-CVE-2005-1655 (AOL Instant Messenger 5.5.x and earlier allows remote attackers to ...)
+CVE-2005-1655
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2005-1654 (Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers ...)
+CVE-2005-1654
 	NOT-FOR-US: Hosting Controller
 CVE-2005-XXXX [Two DoS condition in ekg]
 	- ekg 1:1.5+20050411-3
@@ -7744,137 +7744,137 @@ CVE-2005-XXXX [lcrash affected by libbfd integer overflows]
 	- lcrash 7.0.0.pre.cvs.20050322-3
 CVE-2005-XXXX [Multiple security problems in lbreakout2]
 	- lbreakout2 2.5.2-2
-CVE-2005-1653 (Cross-site scripting (XSS) vulnerability in message.htm for Woppoware ...)
+CVE-2005-1653
 	NOT-FOR-US: Woppoware
-CVE-2005-1652 (message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote ...)
+CVE-2005-1652
 	NOT-FOR-US: Woppoware
-CVE-2005-1651 (Directory traversal vulnerability in message.htm for Woppoware ...)
+CVE-2005-1651
 	NOT-FOR-US: Woppoware
-CVE-2005-1650 (The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) ...)
+CVE-2005-1650
 	NOT-FOR-US: Woppoware
-CVE-2005-1649 (The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, ...)
+CVE-2005-1649
 	NOT-FOR-US: Windows
-CVE-2005-1648 (Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database ...)
+CVE-2005-1648
 	NOT-FOR-US: GASoft
-CVE-2005-1647 (Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file ...)
+CVE-2005-1647
 	NOT-FOR-US: GASoft
-CVE-2005-1646 (The default installation of Fastream NETFile FTP/Web Server 7.4.6, ...)
+CVE-2005-1646
 	NOT-FOR-US: Fastream NETFile
-CVE-2005-1645 (Keyvan1 ImageGallery stores the image.mdb database under the web ...)
+CVE-2005-1645
 	NOT-FOR-US: Keyvan1 Gallery
-CVE-2005-1644 (Cross-site scripting (XSS) vulnerability in guestbook.php for 1Two ...)
+CVE-2005-1644
 	NOT-FOR-US: Livre d'Or
-CVE-2005-1643 (The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and ...)
+CVE-2005-1643
 	NOT-FOR-US: Zoidcom
-CVE-2005-1642 (SQL injection vulnerability in the verify_email function in Woltlab ...)
+CVE-2005-1642
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-1641 (mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and ...)
+CVE-2005-1641
 	NOT-FOR-US: Ignition Project
-CVE-2005-1640 (mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, ...)
+CVE-2005-1640
 	NOT-FOR-US: Ignition Project
-CVE-2005-1639 (SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 ...)
+CVE-2005-1639
 	NOT-FOR-US: Sigma
-CVE-2005-1638 (The _writeAttrs function in SafeHTML before 1.3.2 does not properly ...)
+CVE-2005-1638
 	NOT-FOR-US: SafeHTML
-CVE-2005-1637 (Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow ...)
+CVE-2005-1637
 	NOT-FOR-US: NPDS
-CVE-2005-1636 (mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 ...)
+CVE-2005-1636
 	{DSA-783-1}
 	- mysql-dfsg 4.0.12-2 (bug #319526; low)
 	- mysql-dfsg-4.1 4.1.12 (medium; bug #319526)
 	- mysql-dfsg-5.0 5.0.11beta-3 (medium)
-CVE-2005-1635 (JGS-XA JGS-Portal 3.0.2 and earlier allows remote attackers to obtain ...)
+CVE-2005-1635
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1634 (Multiple cross-site scripting (XSS) vulnerabilities in JGS-XA ...)
+CVE-2005-1634
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1633 (Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and ...)
+CVE-2005-1633
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1632 (Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules ...)
+CVE-2005-1632
 	- cheetah 0.9.16-1
-CVE-2005-1631 (booby.php in Booby 1.0.0 and earlier allows remote attackers to view ...)
+CVE-2005-1631
 	NOT-FOR-US: Booby
-CVE-2005-1630 (Unknown vulnerability in Attachment Mod before 2.3.13, related to a ...)
+CVE-2005-1630
 	NOT-FOR-US: phpbb attachment mod
-CVE-2005-1629 (SQL injection vulnerability in member.php for Photopost PHP Pro allows ...)
+CVE-2005-1629
 	NOT-FOR-US: Photopost
-CVE-2005-1628 (apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows ...)
+CVE-2005-1628
 	NOT-FOR-US: WebAPP
-CVE-2005-1627 (Unknown vulnerability in Viewglob before 2.0.1, related to &quot;a ...)
+CVE-2005-1627
 	- viewglob 2.0.1-1
 	[sarge] - viewglob <not-affected> (1.x version in Sarge is not vulnerable)
-CVE-2005-1626 (Multiple buffer overflows in handlers.c for Pico Server (pServ) before ...)
+CVE-2005-1626
 	NOT-FOR-US: Pico Server
-CVE-2005-1625 (Stack-based buffer overflow in the UnixAppOpenFilePerform function in ...)
+CVE-2005-1625
 	NOT-FOR-US: Acrobat Reader
 CVE-2005-1624
 	RESERVED
 CVE-2005-1623
 	RESERVED
-CVE-2005-1622 (Cross-site scripting (XSS) vulnerability in productsByCategory.asp in ...)
+CVE-2005-1622
 	NOT-FOR-US: MetaCart
-CVE-2005-1621 (Directory traversal vulnerability in the pnModFunc function in ...)
+CVE-2005-1621
 	NOT-FOR-US: Postnuke mod
-CVE-2005-1620 (Cross-site scripting (XSS) vulnerability in Skull-Splitter Guestbook ...)
+CVE-2005-1620
 	NOT-FOR-US: Skull-Splitter Guestbook
-CVE-2005-1619 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2005-1619
 	NOT-FOR-US: PHPMyChat
-CVE-2005-1618 (The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows ...)
+CVE-2005-1618
 	NOT-FOR-US: Yahoo Messenger
-CVE-2005-1617 (Willings WebCam and WebCam Lite 2.8 and earlier stores the password in ...)
+CVE-2005-1617
 	NOT-FOR-US: Willings WebCAM
-CVE-2005-1616 (viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows ...)
+CVE-2005-1616
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-1615 (viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow ...)
+CVE-2005-1615
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-1614 (Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate ...)
+CVE-2005-1614
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-1613 (Cross-site scripting (XSS) vulnerability in member.php in Open ...)
+CVE-2005-1613
 	NOT-FOR-US: OpenBB
-CVE-2005-1612 (SQL injection vulnerability in read.php in Open Bulletin Board ...)
+CVE-2005-1612
 	NOT-FOR-US: OpenBB
-CVE-2005-1611 (Cross-site scripting (XSS) vulnerability in WebX in Web Crossing 5.x ...)
+CVE-2005-1611
 	NOT-FOR-US: Web Crossing
-CVE-2005-1610 (Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone ...)
+CVE-2005-1610
 	NOT-FOR-US: Tru-Zone NukeET
-CVE-2005-1609 (Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial ...)
+CVE-2005-1609
 	NOT-FOR-US: Sun StorEdge 6130 Arrays
-CVE-2005-1608 (Multiple unknown vulnerabilities in the Blocks module in Spidean ...)
+CVE-2005-1608
 	NOT-FOR-US: Spidean AutoTheme 1.7 and AT-Lite for PostNuke
-CVE-2005-1607 (Cross-site scripting (XSS) vulnerability in shop.cgi in Remote Cart ...)
+CVE-2005-1607
 	NOT-FOR-US: Remote Cart
-CVE-2005-1606 (H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such ...)
+CVE-2005-1606
 	NOT-FOR-US: H-Sphere Winbox
-CVE-2005-1605 (Cross-site scripting (XSS) vulnerability in the guestbook for ...)
+CVE-2005-1605
 	NOT-FOR-US: guestbook for SiteStudio
-CVE-2005-1604 (PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to ...)
+CVE-2005-1604
 	NOT-FOR-US: phpATM
-CVE-2005-1603 (NiteEnterprises Remote File Manager 1.0 allows remote attackers to ...)
+CVE-2005-1603
 	NOT-FOR-US: NiteEnterprises Remote File Manager
-CVE-2005-1602 (SQL injection vulnerability in login.asp for Net56 Browser Based File ...)
+CVE-2005-1602
 	NOT-FOR-US: Net56 Browser Based File Manager
-CVE-2005-1601 (MRO Maximo Self Service 4 and 5 stores certain information under the ...)
+CVE-2005-1601
 	NOT-FOR-US: MRO Maximo Self Service
-CVE-2005-1600 (A &quot;mathematical flaw&quot; in the implementation of the El Gamal signature ...)
+CVE-2005-1600
 	NOT-FOR-US: LibTomCrypt
-CVE-2005-1599 (Cross-site scripting (XSS) vulnerability in Kryloff Technologies ...)
+CVE-2005-1599
 	NOT-FOR-US: Kryloff Technologies Subject Search Server
-CVE-2005-1598 (SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and ...)
+CVE-2005-1598
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1597 (Cross-site scripting (XSS) vulnerability in (1) search.php and (2) ...)
+CVE-2005-1597
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1596 (index.php in Fusion SBX 1.2 and earlier does not properly use the ...)
+CVE-2005-1596
 	NOT-FOR-US: Fusion SBX
-CVE-2005-1595 (CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, ...)
+CVE-2005-1595
 	NOT-FOR-US: CodeThat ShoppingCart
-CVE-2005-1594 (SQL injection vulnerability in catalog.php for CodeThat ShoppingCart ...)
+CVE-2005-1594
 	NOT-FOR-US: CodeThat ShoppingCart
-CVE-2005-1593 (Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ...)
+CVE-2005-1593
 	NOT-FOR-US: CodeThat ShoppingCart
-CVE-2005-1592 (Multiple &quot;javascript vulerabilities in BB code&quot; in BirdBlog before ...)
+CVE-2005-1592
 	NOT-FOR-US: BirdBlog
-CVE-2005-1591 (Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote ...)
+CVE-2005-1591
 	NOT-FOR-US: Solaris
-CVE-2005-1590 (The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows ...)
+CVE-2005-1590
 	NOT-FOR-US: Altiris Client Service for Windows
 CVE-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lines]
 	- clamav 0.85.1-1 (low)
@@ -7882,107 +7882,107 @@ CVE-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lin
 CVE-2005-XXXX [libxpm4: new s_popen() function is insecure garbage]
 	- xfree86 4.3.0.dfsg.1-14 (bug #308783)
 	- xorg-x11 <not-affected> (Xfree-specific, inspected the Subversion tree)
-CVE-2005-1589 (The pkt_ioctl function in the pktcdvd block device ioctl handler ...)
+CVE-2005-1589
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
 	[sarge] - kernel-source-2.6.8 <not-affected>
-CVE-2005-1588 (** DISPUTED ** ...)
+CVE-2005-1588
 	NOT-FOR-US: Quick.cart
-CVE-2005-1587 (Cross-site scripting (XSS) vulnerability in index.php for Quick.cart ...)
+CVE-2005-1587
 	NOT-FOR-US: Quick.cart
-CVE-2005-1586 (Quick.Forum 2.1.6 stores potentially sensitive information such as ...)
+CVE-2005-1586
 	NOT-FOR-US: Quick.Forum
-CVE-2005-1585 (Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow ...)
+CVE-2005-1585
 	NOT-FOR-US: Quick.Forum
-CVE-2005-1584 (Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum ...)
+CVE-2005-1584
 	NOT-FOR-US: Quick.Forum
-CVE-2005-1583 (1Two News 1.0 allows remote attackers to (1) delete images for new ...)
+CVE-2005-1583
 	NOT-FOR-US: 1Two News
-CVE-2005-1582 (Cross-site scripting (XSS) vulnerability in index.php for 1Two News ...)
+CVE-2005-1582
 	NOT-FOR-US: 1Two News
-CVE-2005-1581 (Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows ...)
+CVE-2005-1581
 	NOT-FOR-US: bug_list.php
-CVE-2005-1580 (users.ini.php in BoastMachine 3.0 does not properly restrict the types ...)
+CVE-2005-1580
 	NOT-FOR-US: BoastMachine
-CVE-2005-1579 (Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to ...)
+CVE-2005-1579
 	NOT-FOR-US: Apple
-CVE-2005-1578 (EnCase Forensic Edition 4.18a does not support Device Configuration ...)
+CVE-2005-1578
 	NOT-FOR-US: EnCase
-CVE-2005-1577 (APG Technology ClassMaster does not properly restrict access to ...)
+CVE-2005-1577
 	NOT-FOR-US: APG Classmaster
-CVE-2005-1576 (The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...)
+CVE-2005-1576
 	NOTE: appears windows specific
-CVE-2005-1575 (The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...)
+CVE-2005-1575
 	NOTE: appears windows specific
-CVE-2005-1574 (Windows Media Player 9 and 10, in certain cases, allows content ...)
+CVE-2005-1574
 	NOT-FOR-US: Windows
-CVE-2005-1573 (SQL injection vulnerability in admin_login.asp for ASP Virtual News ...)
+CVE-2005-1573
 	NOT-FOR-US: ASP Virtual News Manager
-CVE-2005-1572 (ShowOff! 1.5.4 allows remote attackers to cause a denial of service ...)
+CVE-2005-1572
 	NOT-FOR-US: ShowOff
-CVE-2005-1571 (Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow ...)
+CVE-2005-1571
 	NOT-FOR-US: ShowOff
-CVE-2005-1570 (forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full ...)
+CVE-2005-1570
 	NOTE: for-for-us (bttlxeForum)
-CVE-2005-1569 (Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 ...)
+CVE-2005-1569
 	NOT-FOR-US: DirectTopics
-CVE-2005-1568 (topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to ...)
+CVE-2005-1568
 	NOT-FOR-US: DirectTopics
-CVE-2005-1567 (SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 ...)
+CVE-2005-1567
 	NOT-FOR-US: DirectTopics
-CVE-2005-1566 (Acrowave AAP-3100AR wireless router allows remote attackers to bypass ...)
+CVE-2005-1566
 	NOT-FOR-US: Acrowave AAP-3100AR wireless router
-CVE-2005-1565 (Bugzilla 2.17.1 through 2.18, 2.19.1, and 2.19.2, when a user is ...)
+CVE-2005-1565
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	- bugzilla 2.18-7 (bug #308789; medium)
-CVE-2005-1564 (post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows ...)
+CVE-2005-1564
 	- bugzilla 2.16.7-7sarge1
-CVE-2005-1563 (Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different ...)
+CVE-2005-1563
 	- bugzilla 2.16.7-7sarge1
-CVE-2005-1562 (Multiple SQL injection vulnerabilities in MaxWebPortal 1.3.5 and ...)
+CVE-2005-1562
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1561 (Multiple cross-site scripting (XSS) vulnerabilities in post.asp in ...)
+CVE-2005-1561
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1560 (The SSH module in Neteyes Nexusway allows remote attackers to execute ...)
+CVE-2005-1560
 	NOT-FOR-US: Nexusway
-CVE-2005-1559 (The web module in Neteyes Nexusway allows remote attackers to execute ...)
+CVE-2005-1559
 	NOT-FOR-US: Nexusway
-CVE-2005-1558 (The web module in Neteyes Nexusway allows remote attackers to bypass ...)
+CVE-2005-1558
 	NOT-FOR-US: Nexusway
-CVE-2005-1557 (Multiple cross-site scripting (XSS) vulnerabilities in WebApp ...)
+CVE-2005-1557
 	NOT-FOR-US: WebApp Guestbook PRO
-CVE-2005-1556 (Gamespy cd-key validation system allows remote attackers to cause a ...)
+CVE-2005-1556
 	NOT-FOR-US: Gamespy cd-key validation system
-CVE-2005-1555 (Cross-site scripting (XSS) vulnerability in the JRun Web Server in ...)
+CVE-2005-1555
 	NOT-FOR-US: JRun
-CVE-2005-1554 (SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and ...)
+CVE-2005-1554
 	NOT-FOR-US: WowBB
-CVE-2005-1553 (GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a ...)
+CVE-2005-1553
 	NOT-FOR-US: GeoVision Digital Video Surveillance System
-CVE-2005-1552 (GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when ...)
+CVE-2005-1552
 	NOT-FOR-US: GeoVision Digital Video Surveillance System
-CVE-2005-1551 (Sophos Anti-Virus 3.93 does not check downloaded files for viruses ...)
+CVE-2005-1551
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2005-1550 (easymsgb.pl in Easy Message Board allows remote attackers to execute ...)
+CVE-2005-1550
 	NOT-FOR-US: easy message board
-CVE-2005-1549 (Directory traversal vulnerability in easymsgb.pl in Easy Message Board ...)
+CVE-2005-1549
 	NOT-FOR-US: easy message board
-CVE-2005-1548 (SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 ...)
+CVE-2005-1548
 	NOT-FOR-US: Advanced Guestbook
-CVE-2005-1547 (Heap-based buffer overflow in the demo version of Bakbone Netvault, ...)
+CVE-2005-1547
 	NOT-FOR-US: Bakbone Netvault
-CVE-2005-1546 (Buffer overflow in the PE parser in HT Editor before 0.8.0 allows ...)
+CVE-2005-1546
 	{DSA-743-1}
 	- ht 0.8.0-3 (bug #308587)
-CVE-2005-1545 (Integer overflow in the ELF parser in HT Editor before 0.8.0 allows ...)
+CVE-2005-1545
 	{DSA-743-1}
 	- ht 0.8.0-3 (bug #308587)
-CVE-2005-1544 (Stack-based buffer overflow in libTIFF before 3.7.2 allows remote ...)
+CVE-2005-1544
 	{DSA-755-1}
 	NOTE: CVE info about vulnerable version number is bogus
 	- tiff 3.7.2-3 (bug #309739)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2005-1543 (Multiple stack-based and heap-based buffer overflows in Remote ...)
+CVE-2005-1543
 	NOT-FOR-US: Novell Zenworks
 CVE-2005-1542
 	RESERVED
@@ -8004,50 +8004,50 @@ CVE-2005-1534
 	RESERVED
 CVE-2005-1533
 	RESERVED
-CVE-2005-1532 (Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly ...)
+CVE-2005-1532
 	{DSA-781-1}
 	- mozilla-firefox 1.0.4
 	- mozilla 2:1.7.8
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; high)
-CVE-2005-1531 (Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly ...)
+CVE-2005-1531
 	- mozilla-firefox 1.0.4
 	- mozilla 2:1.7.8
-CVE-2005-1530 (Sophos Anti-Virus 5.0.1, with &quot;Scan inside archive files&quot; enabled, ...)
+CVE-2005-1530
 	NOT-FOR-US: Sophos
 CVE-2005-1529
 	RESERVED
-CVE-2005-1528 (Untrusted search path vulnerability in the crttrap command in QNX ...)
+CVE-2005-1528
 	NOT-FOR-US: QNX
-CVE-2005-1527 (Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, ...)
+CVE-2005-1527
 	{DSA-892-1}
 	- awstats 6.4-1.1 (bug #322591; bug #334833; bug #336137; medium)
-CVE-2005-1526 (PHP remote file inclusion vulnerability in config_settings.php in ...)
+CVE-2005-1526
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
-CVE-2005-1525 (SQL injection vulnerability in config_settings.php for Cacti before ...)
+CVE-2005-1525
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
-CVE-2005-1524 (PHP file inclusion vulnerability in top_graph_header.php in Cacti ...)
+CVE-2005-1524
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
-CVE-2005-1523 (Format string vulnerability in imap4d server in GNU Mailutils 0.5 and ...)
+CVE-2005-1523
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1522 (The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions ...)
+CVE-2005-1522
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1521 (Integer overflow in the fetch_io function of the imap4d server in GNU ...)
+CVE-2005-1521
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1520 (Buffer overflow in the header_get_field_name function in header.c for ...)
+CVE-2005-1520
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1519 (Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered ...)
+CVE-2005-1519
 	{DSA-751-1}
 	- squid 2.5.9-9 (bug #309504)
-CVE-2005-1518 (Unknown vulnerability in Solaris 7 through 9, when using Federated ...)
+CVE-2005-1518
 	NOT-FOR-US: Solaris
-CVE-2005-1517 (Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 ...)
+CVE-2005-1517
 	NOT-FOR-US: Cisco
 CVE-2005-XXXX [Buffer overflow in libotr]
 	- libotr 2.0.2-1
@@ -8064,97 +8064,97 @@ CVE-2005-XXXX [kmd affected by binutils's ELF parser vulnerability]
 CVE-2005-XXXX [unrar: opens /tmp/debug_unrar.txt]
 	NOTE: Source package has been renamed from unrar to unrar-free
 	- unrar-free 1:0.0.1-2
-CVE-2005-1512 (The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded ...)
+CVE-2005-1512
 	NOT-FOR-US: PwsPHP
-CVE-2005-1511 (PwsPHP 1.2.2 allows remote attackers to bypass authentication and post ...)
+CVE-2005-1511
 	NOT-FOR-US: PwsPHP
-CVE-2005-1510 (PwsPHP 1.2.2 allows remote attackers to obtain sensitive information ...)
+CVE-2005-1510
 	NOT-FOR-US: PwsPHP
-CVE-2005-1509 (SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows ...)
+CVE-2005-1509
 	NOT-FOR-US: PwsPHP
-CVE-2005-1508 (Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 ...)
+CVE-2005-1508
 	NOT-FOR-US: PwsPHP
-CVE-2005-1507 (Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows ...)
+CVE-2005-1507
 	NOT-FOR-US: WebSTAR
-CVE-2005-1506 (SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus ...)
+CVE-2005-1506
 	NOT-FOR-US: CJ Ultra Plus
-CVE-2005-1505 (The new account wizard in Mail.app 2.0 in Mac OS 10.4, when ...)
+CVE-2005-1505
 	NOT-FOR-US: MacOS
-CVE-2005-1504 (GameSpy SDK CD-Key Validation Toolkit, as used by many online games, ...)
+CVE-2005-1504
 	NOT-FOR-US: GameSpy SDK CD-Key Validation Toolkit
-CVE-2005-1503 (Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart ...)
+CVE-2005-1503
 	NOT-FOR-US: MidiCart
-CVE-2005-1502 (Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart ...)
+CVE-2005-1502
 	NOT-FOR-US: MidiCart
-CVE-2005-1501 (MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive ...)
+CVE-2005-1501
 	NOT-FOR-US: MidiCart
-CVE-2005-1500 (Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote ...)
+CVE-2005-1500
 	NOT-FOR-US: myBloggie
-CVE-2005-1499 (delcomment.php in myBloggie 2.1.1 allows remote attackers to delete ...)
+CVE-2005-1499
 	NOT-FOR-US: myBloggie
-CVE-2005-1498 (Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 ...)
+CVE-2005-1498
 	NOT-FOR-US: myBloggie
-CVE-2005-1497 (index.php in myBloggie 2.1.1 allows remote attackers to obtain ...)
+CVE-2005-1497
 	NOT-FOR-US: myBloggie
-CVE-2005-1496 (The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE ...)
+CVE-2005-1496
 	NOT-FOR-US: Oracle
-CVE-2005-1495 (Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the ...)
+CVE-2005-1495
 	NOT-FOR-US: Oracle
-CVE-2005-1494 (Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in ...)
+CVE-2005-1494
 	NOT-FOR-US: MegaBook
-CVE-2005-1493 (Directory traversal vulnerability in SimpleCam 1.2 allows remote ...)
+CVE-2005-1493
 	NOT-FOR-US: SimpleCam
-CVE-2005-1492 (Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer ...)
+CVE-2005-1492
 	NOT-FOR-US: Gossamer Threads Links
-CVE-2005-1491 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote ...)
+CVE-2005-1491
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
-CVE-2005-1490 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the ...)
+CVE-2005-1490
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
-CVE-2005-1489 (Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail ...)
+CVE-2005-1489
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
-CVE-2005-1488 (Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail ...)
+CVE-2005-1488
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
-CVE-2005-1487 (** DISPUTED ** ...)
+CVE-2005-1487
 	NOT-FOR-US: FishCart
-CVE-2005-1486 (Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow ...)
+CVE-2005-1486
 	NOT-FOR-US: FishCart
-CVE-2005-1485 (Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive ...)
+CVE-2005-1485
 	NOT-FOR-US: Golden FTP Server Pro
-CVE-2005-1484 (Directory traversal vulnerability in Golden FTP server pro 2.52 allows ...)
+CVE-2005-1484
 	NOT-FOR-US: Golden FTP Server Pro
-CVE-2005-1483 (Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive ...)
+CVE-2005-1483
 	NOT-FOR-US: ArticleLive
-CVE-2005-1482 (ArticleLive 2005 allows remote attackers to gain privileges by ...)
+CVE-2005-1482
 	NOT-FOR-US: ArticleLive
-CVE-2005-1481 (Multiple SQL injection vulnerabilities in Aaron Outpost ASP Inline ...)
+CVE-2005-1481
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2005-1480 (Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows ...)
+CVE-2005-1480
 	NOT-FOR-US: RaidenFTPD
-CVE-2005-1479 (SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and ...)
+CVE-2005-1479
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1478 (Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows ...)
+CVE-2005-1478
 	NOT-FOR-US: DMail
-CVE-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass ...)
+CVE-2005-1516
 	NOT-FOR-US: DMail
-CVE-2005-1515 (Integer signedness error in the qmail_put and substdio_put functions ...)
+CVE-2005-1515
 	- qmail 1.03-38
-CVE-2005-1514 (commands.c in qmail, when running on 64 bit platforms with a large ...)
+CVE-2005-1514
 	- qmail 1.03-38
-CVE-2005-1513 (Integer overflow in the stralloc_readyplus function in qmail, when ...)
+CVE-2005-1513
 	- qmail 1.03-38
-CVE-2005-1477 (The install function in Firefox 1.0.3 allows remote web sites on the ...)
+CVE-2005-1477
 	- mozilla-firefox 1.0.4-1
-CVE-2005-1476 (Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript ...)
+CVE-2005-1476
 	- mozilla-firefox 1.0.4-1
-CVE-2005-1475 (The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote ...)
+CVE-2005-1475
 	NOT-FOR-US: Opera
-CVE-2005-1474 (Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install ...)
+CVE-2005-1474
 	NOT-FOR-US: Apple
-CVE-2005-1473 (SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical ...)
+CVE-2005-1473
 	NOT-FOR-US: Apple
-CVE-2005-1472 (Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce ...)
+CVE-2005-1472
 	NOT-FOR-US: Apple
-CVE-2005-1471 (Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 ...)
+CVE-2005-1471
 	NOT-FOR-US: RSA SecurID Web Agent
 CVE-2005-XXXX [mailutils: sql injection vulnerability in sql authentication module]
 	- mailutils 1:0.6.1-2
@@ -8165,7 +8165,7 @@ CVE-2005-2352 [Temp file races in gs-gpl addons scripts]
 	- gs-gpl 8.56.dfsg.1-1 (bug #291373; unimportant)
 CVE-2005-XXXX [Possible SQL injection in freeradius]
 	- freeradius 1.0.2-4
-CVE-2005-2353 (run-mozilla.sh in Thunderbird, with debugging enabled, allows local ...)
+CVE-2005-2353
 	{DSA-1051-1 DSA-1046-1}
 	- mozilla-thunderbird 1.0.6-1 (bug #306893; low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
@@ -8182,41 +8182,41 @@ CVE-2005-XXXX [trackballs: Follows symlinks as gid games]
 	NOTE: CVE request sent to mitre (who sent this? any response?)
 	NOTE: Trackballs doesn't run as gid games anymore, high-score files are
 	NOTE: stored in user's home directories instead.
-CVE-2005-1470 (Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, ...)
+CVE-2005-1470
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1469 (Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 ...)
+CVE-2005-1469
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1468 (Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, ...)
+CVE-2005-1468
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1467 (Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 ...)
+CVE-2005-1467
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1466 (Unknown vulnerability in the DICOM dissector in Ethereal before ...)
+CVE-2005-1466
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1465 (Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 ...)
+CVE-2005-1465
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1464 (Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, ...)
+CVE-2005-1464
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1463 (Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A ...)
+CVE-2005-1463
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1462 (Double free vulnerability in the ICEP dissector in Ethereal before ...)
+CVE-2005-1462
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1461 (Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, ...)
+CVE-2005-1461
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1460 (Multiple unknown dissectors in Ethereal before 0.10.11 allow remote ...)
+CVE-2005-1460
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1459 (Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) ...)
+CVE-2005-1459
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1458 (Multiple unknown &quot;other problems&quot; in the KINK dissector in Ethereal ...)
+CVE-2005-1458
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1457 (Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) ...)
+CVE-2005-1457
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1456 (Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet ...)
+CVE-2005-1456
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1455 (Buffer overflow in the sql_escape_func function in the SQL module for ...)
+CVE-2005-1455
 	- freeradius 1.0.2-4
-CVE-2005-1454 (SQL injection vulnerability in the radius_xlat function in the SQL ...)
+CVE-2005-1454
 	- freeradius 1.0.2-4
-CVE-2005-1453 (fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to ...)
+CVE-2005-1453
 	- leafnode 1.11.2.rel-1
 CVE-2005-XXXX [Missing input validation in xtradius]
 	- xtradius 1.2.1-beta2-2 (bug #307796; unimportant)
@@ -8233,129 +8233,129 @@ CVE-2005-XXXX [Buffer overflow in elog's header buffer]
 	- elog 2.5.7+r1558-3 (bug #349528; high)
 CVE-2005-XXXX [Unspeficied security issue in ipsec-tool's single DES support]
 	- ipsec-tools 1:0.5.2-1
-CVE-2005-1452 (Serendipity before 0.8 allows Chief users to &quot;hide plugins installed ...)
+CVE-2005-1452
 	- serendipity 1.0-1
-CVE-2005-1451 (The media manager in Serendipity before 0.8 allows remote attackers to ...)
+CVE-2005-1451
 	- serendipity 1.0-1
-CVE-2005-1450 (Unknown vulnerability in &quot;the function used to validate path-names for ...)
+CVE-2005-1450
 	- serendipity 1.0-1
-CVE-2005-1449 (Unknown vulnerability in serendipity_config_local.inc.php for ...)
+CVE-2005-1449
 	- serendipity 1.0-1
-CVE-2005-1448 (Cross-site scripting (XSS) vulnerability in the BBCode plugin for ...)
+CVE-2005-1448
 	- serendipity 1.0-1
-CVE-2005-1447 (PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 ...)
+CVE-2005-1447
 	NOT-FOR-US: SitePanel
-CVE-2005-1446 (SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to ...)
+CVE-2005-1446
 	NOT-FOR-US: SitePanel
-CVE-2005-1445 (Multiple directory traversal vulnerabilities in SitePanel 2.6.1 and ...)
+CVE-2005-1445
 	NOT-FOR-US: SitePanel
-CVE-2005-1444 (Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 ...)
+CVE-2005-1444
 	NOT-FOR-US: SitePanel
-CVE-2005-1443 (Multiple cross-site scripting (XSS) vulnerabilities in index.php for ...)
+CVE-2005-1443
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1442 (Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 ...)
+CVE-2005-1442
 	NOT-FOR-US: Lotus Domino
-CVE-2005-1441 (Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and ...)
+CVE-2005-1441
 	NOT-FOR-US: Lotus Domino
-CVE-2005-1440 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop ...)
+CVE-2005-1440
 	NOT-FOR-US: ViArt Shop
-CVE-2005-1439 (Directory traversal vulnerability in attachments.php in osTicket ...)
+CVE-2005-1439
 	NOT-FOR-US: osTicket
-CVE-2005-1438 (PHP remote file inclusion vulnerability in main.php in osTicket allows ...)
+CVE-2005-1438
 	NOT-FOR-US: osTicket
-CVE-2005-1437 (Multiple SQL injection vulnerabilities in osTicket allow remote ...)
+CVE-2005-1437
 	NOT-FOR-US: osTicket
-CVE-2005-1436 (Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow ...)
+CVE-2005-1436
 	NOT-FOR-US: osTicket
-CVE-2005-1435 (Open WebMail (OWM) before 2.51 20050430 allows remote authenticated ...)
+CVE-2005-1435
 	- openwebmail <removed>
-CVE-2005-1434 (Multiple unknown vulnerabilities in OpenView Network Node Manager (OV ...)
+CVE-2005-1434
 	NOT-FOR-US: HP OpenView
-CVE-2005-1433 (Multiple unknown vulnjerabilities HP OpenView Event Correlation ...)
+CVE-2005-1433
 	NOT-FOR-US: HP OpenView
 CVE-2005-1432
 	RESERVED
-CVE-2005-1431 (The &quot;record packet parsing&quot; in GnuTLS 1.2 before 1.2.3 and 1.0 before ...)
+CVE-2005-1431
 	- gnutls11 1.0.16-13.1 (bug #309111; bug #307641)
-CVE-2005-1430 (Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo ...)
+CVE-2005-1430
 	NOT-FOR-US: Mac OS X
-CVE-2005-1429 (SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows ...)
+CVE-2005-1429
 	NOT-FOR-US: WWWguestbook
-CVE-2005-1428 (edit_image.asp in Uapplication Uphotogallery allows remote attackers ...)
+CVE-2005-1428
 	NOT-FOR-US: Uapplication Uphotogallery
-CVE-2005-1427 (Uapplication Uphotogallery stores the database under the web document ...)
+CVE-2005-1427
 	NOT-FOR-US: Uapplication Uphotogallery
-CVE-2005-1426 (Uapplication Ublog Reload stores sensitive information under the web ...)
+CVE-2005-1426
 	NOT-FOR-US: Uapplication Ublog
-CVE-2005-1425 (Uapplication Uguestbook 1.0 stores sensitive information under the web ...)
+CVE-2005-1425
 	NOT-FOR-US: Uapplication Uguestbook
-CVE-2005-1424 (StumbleInside GoText 1.01 stores sensitive username, mail address,and ...)
+CVE-2005-1424
 	NOT-FOR-US: GoText
-CVE-2005-1423 (Directory traversal vulnerability in the mail program in 602LAN SUITE ...)
+CVE-2005-1423
 	NOT-FOR-US: 602 LAN SUITE
-CVE-2005-1422 (Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to ...)
+CVE-2005-1422
 	NOT-FOR-US: Raysoft Video Cam Server
-CVE-2005-1421 (Directory traversal vulnerability in Raysoft/Raybase Video Cam Server ...)
+CVE-2005-1421
 	NOT-FOR-US: Raysoft Video Cam Server
-CVE-2005-1420 (Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to ...)
+CVE-2005-1420
 	NOT-FOR-US: Raysoft Video Cam Server
-CVE-2005-1419 (SQL injection vulnerability in the admin login panel for Ocean12 ...)
+CVE-2005-1419
 	NOT-FOR-US: Ocean12 Mailing list manager
-CVE-2005-1418 (NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in ...)
+CVE-2005-1418
 	NOT-FOR-US: Netleaf
-CVE-2005-1417 (Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and ...)
+CVE-2005-1417
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1416 (Directory traversal vulnerability in 04WebServer 1.81 allows remote ...)
+CVE-2005-1416
 	NOT-FOR-US: 04WebServer
-CVE-2005-1415 (Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote ...)
+CVE-2005-1415
 	NOT-FOR-US: GlobalSCAPE Secure FTP Server
-CVE-2005-1414 (ExoticSoft FilePocket 1.2 stores sensitive proxy information, ...)
+CVE-2005-1414
 	NOT-FOR-US: FilePocket
-CVE-2005-1413 (Multiple SQL injection vulnerabilities in enVivo!CMS allow remote ...)
+CVE-2005-1413
 	NOT-FOR-US: enVivo
-CVE-2005-1412 (SQL injection vulnerability in verify.asp for Ecomm Professional ...)
+CVE-2005-1412
 	NOT-FOR-US: ECommPro
-CVE-2005-1411 (Cybration ICUII 7.0 stores passwords in plaintext in the ...)
+CVE-2005-1411
 	NOT-FOR-US: ICUII
-CVE-2005-1410 (The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) ...)
+CVE-2005-1410
 	- postgresql 7.4.7-6
-CVE-2005-1409 (PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain ...)
+CVE-2005-1409
 	- postgresql 7.4.7-6
-CVE-2005-1408 (Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary ...)
+CVE-2005-1408
 	NOT-FOR-US: Apple
-CVE-2005-1407 (Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the ...)
+CVE-2005-1407
 	NOT-FOR-US: Skype
-CVE-2005-1406 (The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly ...)
+CVE-2005-1406
 	- kfreebsd5-source 5.3-10
-CVE-2005-1405 (HTTP response splitting vulnerability in the @SetHTTPHeader function ...)
+CVE-2005-1405
 	NOT-FOR-US: Lotus Domino
-CVE-2005-1404 (MyPHP Forum 1.0 allows remote attackers to spoof the username by ...)
+CVE-2005-1404
 	NOT-FOR-US: MyPHP Forum
-CVE-2005-1403 (Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's ...)
+CVE-2005-1403
 	NOT-FOR-US: JW Amazon Web Store
-CVE-2005-1402 (Integer signedness error in certain older versions of the NeL library, ...)
+CVE-2005-1402
 	NOT-FOR-US: NeL libarary
-CVE-2005-1401 (Format string vulnerability in the client for Mtp-Target 1.2.2 and ...)
+CVE-2005-1401
 	NOT-FOR-US: Mtp-Target
-CVE-2005-1400 (The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 ...)
+CVE-2005-1400
 	- kfreebsd5-source 5.3-10
-CVE-2005-1399 (FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions ...)
+CVE-2005-1399
 	- kfreebsd5-source 5.3-10
-CVE-2005-1398 (phpcart.php in PHPCart 3.2 allows remote attackers to change product ...)
+CVE-2005-1398
 	NOT-FOR-US: PHPCart
-CVE-2005-1397 (SQL injection vulnerability in search.php for PHP-Calendar before ...)
+CVE-2005-1397
 	NOT-FOR-US: PHPCalender
-CVE-2005-1396 (Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows ...)
+CVE-2005-1396
 	NOT-FOR-US: ARPUS Ceterm
-CVE-2005-1395 (Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may ...)
+CVE-2005-1395
 	NOT-FOR-US: ARPUS Ceterm
-CVE-2005-1394 (Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 ...)
+CVE-2005-1394
 	NOT-FOR-US: ArcGIS
-CVE-2005-1393 (Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 ...)
+CVE-2005-1393
 	NOT-FOR-US: ArcGIS
-CVE-2005-1392 (The SQL install script in phpMyAdmin 2.6.2 is created with ...)
+CVE-2005-1392
 	- phpmyadmin <not-affected> (Only part of examples that an admin would need to modify anyway)
-CVE-2005-1391 (Buffer overflow in the add_port function in APSIS Pound 1.8.2 and ...)
+CVE-2005-1391
 	{DSA-934-1}
 	[sarge] - pound 1.8.2-1sarge1
 	- pound 1.8.2-1.1 (bug #307852; bug #311548; medium)
@@ -8363,289 +8363,289 @@ CVE-2005-1390
 	REJECTED
 CVE-2005-1389
 	REJECTED
-CVE-2005-1388 (Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 ...)
+CVE-2005-1388
 	NOT-FOR-US: SURVIVOR
-CVE-2005-1387 (Cocktail 3.5.4 and possibly earlier in Mac OS X passes the ...)
+CVE-2005-1387
 	NOT-FOR-US: Mac OS X
-CVE-2005-1386 (PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2005-1386
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1385 (Safari 1.3 allows remote attackers to cause a denial of service ...)
+CVE-2005-1385
 	NOT-FOR-US: Safari
-CVE-2005-1384 (Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote ...)
+CVE-2005-1384
 	NOT-FOR-US: phpCoin
-CVE-2005-1383 (The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, ...)
+CVE-2005-1383
 	NOT-FOR-US: Oracle
-CVE-2005-1382 (The webcacheadmin module in Oracle Webcache 9i allows remote attackers ...)
+CVE-2005-1382
 	NOT-FOR-US: Oracle
-CVE-2005-1381 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache ...)
+CVE-2005-1381
 	NOT-FOR-US: Oracle
-CVE-2005-1380 (Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 ...)
+CVE-2005-1380
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1379 (The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on ...)
+CVE-2005-1379
 	- lam <not-affected> (Mandrake specific packaging flaw)
-CVE-2005-1378 (SQL injection vulnerability in posting_notes.php in the notes module ...)
+CVE-2005-1378
 	NOT-FOR-US: phpbb mod
-CVE-2005-1377 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 ...)
+CVE-2005-1377
 	NOT-FOR-US: Claroline
-CVE-2005-1376 (Multiple directory traversal vulnerabilities in (1) document.php or ...)
+CVE-2005-1376
 	NOT-FOR-US: Claroline
-CVE-2005-1375 (Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 ...)
+CVE-2005-1375
 	NOT-FOR-US: Claroline
-CVE-2005-1374 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 ...)
+CVE-2005-1374
 	NOT-FOR-US: Claroline
-CVE-2005-1373 (Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi ...)
+CVE-2005-1373
 	NOT-FOR-US: Koobi CMS
-CVE-2005-1372 (nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop ...)
+CVE-2005-1372
 	NOT-FOR-US: NetVault
-CVE-2005-1371 (BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not ...)
+CVE-2005-1371
 	NOT-FOR-US: NetVault
-CVE-2005-1370 (Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView ...)
+CVE-2005-1370
 	NOT-FOR-US: HP OpenView
-CVE-2005-1369 (The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before ...)
+CVE-2005-1369
 	- kernel-source-2.4.27 <not-affected>
 	- kernel-source-2.6.8 2.6.8-16
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.8)
-CVE-2005-1368 (The key_user_lookup function in security/keys/key.c in Linux kernel ...)
+CVE-2005-1368
 	[sarge] - kernel-source-2.6.8 <not-affected>
 	- kernel-source-2.4.27 <not-affected>
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.8)
-CVE-2005-1367 (Pico Server (pServ) 3.2 and earlier allows local users to read ...)
+CVE-2005-1367
 	NOT-FOR-US: pServ
-CVE-2005-1366 (Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain ...)
+CVE-2005-1366
 	NOT-FOR-US: pServ
-CVE-2005-1365 (Pico Server (pServ) 3.2 and earlier allows remote attackers to execute ...)
+CVE-2005-1365
 	NOT-FOR-US: pServ
 CVE-2005-XXXX [Insecure mailbox generation in passwd's useradd]
 	- shadow 4.0.8
 	[sarge] - shadow <not-affected> (was introduced after version 4.0.3)
 	[woody] - shadow <not-affected> (was introduced after version 4.0.3)
-CVE-2005-1364 (Multiple SQL injection vulnerabilities in MetaBid Auctions allow ...)
+CVE-2005-1364
 	NOT-FOR-US: MetaBid Auctions
-CVE-2005-1363 (Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow ...)
+CVE-2005-1363
 	NOT-FOR-US: MetaCart
-CVE-2005-1362 (Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal ...)
+CVE-2005-1362
 	NOT-FOR-US: MetaCart
-CVE-2005-1361 (Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow ...)
+CVE-2005-1361
 	NOT-FOR-US: MetaCart
-CVE-2005-1360 (PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 ...)
+CVE-2005-1360
 	NOT-FOR-US: GrayCMS
-CVE-2005-1359 (Cross-site scripting (XSS) vulnerability in text.cgi script allows ...)
+CVE-2005-1359
 	NOT-FOR-US: text.cgi
-CVE-2005-1358 (text.cgi script allows remote attackers to execute arbitrary commands ...)
+CVE-2005-1358
 	NOT-FOR-US: text.cgi
-CVE-2005-1357 (text.cgi script allows remote attackers to read arbitrary files via a ...)
+CVE-2005-1357
 	NOT-FOR-US: text.cgi
-CVE-2005-1356 (Cross-site scripting (XSS) vulnerability in includer.cgi script in The ...)
+CVE-2005-1356
 	NOT-FOR-US: includer.cgi
-CVE-2005-1355 (includer.cgi in The Includer allows remote attackers to read arbitrary ...)
+CVE-2005-1355
 	NOT-FOR-US: includer.cgi
-CVE-2005-1354 (The forum.pl script allows remote attackers to execute arbitrary ...)
+CVE-2005-1354
 	NOT-FOR-US: forum.pl
-CVE-2005-1353 (The forum.pl script allows remote attackers to read arbitrary files ...)
+CVE-2005-1353
 	NOT-FOR-US: forum.pl
-CVE-2005-1352 (Cross-site scripting (XSS) vulnerability in the ad.cgi script allows ...)
+CVE-2005-1352
 	NOT-FOR-US: ad.cgi
-CVE-2005-1351 (The ad.cgi script allows remote attackers to execute arbitrary ...)
+CVE-2005-1351
 	NOT-FOR-US: ad.cgi
-CVE-2005-1350 (The ad.cgi script allows remote attackers to read arbitrary files via ...)
+CVE-2005-1350
 	NOT-FOR-US: ad.cgi
-CVE-2005-1349 (Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows ...)
+CVE-2005-1349
 	{DSA-727-1}
 	- libconvert-uulib-perl 1.0.5.1
-CVE-2005-1348 (Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier ...)
+CVE-2005-1348
 	NOT-FOR-US: MailEnable
-CVE-2005-1347 (** UNVERIFIABLE ** ...)
+CVE-2005-1347
 	NOT-FOR-US: acrobat
-CVE-2005-1346 (Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 ...)
+CVE-2005-1346
 	NOT-FOR-US: Symantec
-CVE-2005-1345 (Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it ...)
+CVE-2005-1345
 	{DSA-721-1}
 	- squid 2.5.9-7
-CVE-2005-1344 (Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to ...)
+CVE-2005-1344
 	- apache2 2.0.54-3 (bug #322604)
-CVE-2005-1343 (Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X ...)
+CVE-2005-1343
 	NOT-FOR-US: vpnd for Mac OS X
-CVE-2005-1342 (The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X ...)
+CVE-2005-1342
 	NOT-FOR-US: Apple Terminal
-CVE-2005-1341 (Apple Terminal 1.4.4 allows attackers to execute arbitrary commands ...)
+CVE-2005-1341
 	NOT-FOR-US: Apple Terminal
-CVE-2005-1340 (The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not ...)
+CVE-2005-1340
 	NOT-FOR-US: Mac OS X
-CVE-2005-1339 (lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to ...)
+CVE-2005-1339
 	- lukemftpd <not-affected> (our lukemftpd uses pw->pw_name when checking /etc/ftpchroot)
-CVE-2005-1338 (Mac OS X 10.3.9, when using an LDAP server that does not use ...)
+CVE-2005-1338
 	NOT-FOR-US: Mac OS X
-CVE-2005-1337 (Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote ...)
+CVE-2005-1337
 	NOT-FOR-US: Mac OS X
-CVE-2005-1336 (Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows ...)
+CVE-2005-1336
 	NOT-FOR-US: Mac OS X
-CVE-2005-1335 (Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain ...)
+CVE-2005-1335
 	NOT-FOR-US: Mac OS X
 CVE-2005-1334
 	REJECTED
-CVE-2005-1333 (Directory traversal vulnerability in the Bluetooth file and object ...)
+CVE-2005-1333
 	NOT-FOR-US: Mac OS X
-CVE-2005-1332 (Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth ...)
+CVE-2005-1332
 	NOT-FOR-US: Mac OS X
-CVE-2005-1331 (The AppleScript Editor in Mac OS X 10.3.9 does not properly display ...)
+CVE-2005-1331
 	NOT-FOR-US: Mac OS X
-CVE-2005-1330 (AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of ...)
+CVE-2005-1330
 	NOT-FOR-US: Mac OS X
-CVE-2005-1329 (owOfflineCC.asp in OneWorldStore allows remote attackers to obtain ...)
+CVE-2005-1329
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1328 (OneWorldStore allows remote attackers to cause a denial of service ...)
+CVE-2005-1328
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1327 (Cross-site scripting (XSS) vulnerability in pms.php for Woltlab ...)
+CVE-2005-1327
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-1326 (Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote ...)
+CVE-2005-1326
 	NOT-FOR-US: VooDoo cIRCle BOTNET
-CVE-2005-1325 (set_lang.php in phpMyVisites 1.3 allows remote attackers to read and ...)
+CVE-2005-1325
 	NOT-FOR-US: phpMyVisites
-CVE-2005-1324 (Multiple cross-site scripting (XSS) vulnerabilities in index.php for ...)
+CVE-2005-1324
 	NOT-FOR-US: phpMyVisites
-CVE-2005-1323 (Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote ...)
+CVE-2005-1323
 	NOT-FOR-US: NetTerm
-CVE-2005-1322 (Cross-site scripting (XSS) vulnerability in Horde Nag Task List ...)
+CVE-2005-1322
 	- nag 1.1-3.1 (bug #307173)
-CVE-2005-1321 (Cross-site scripting (XSS) vulnerability in Horde Vacation module ...)
+CVE-2005-1321
 	- sork-vacation 2.2.2-1
-CVE-2005-1320 (Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager ...)
+CVE-2005-1320
 	- mnemo 1.1-2.1 (bug #307180)
 	- mnemo2 <not-affected> (fixed before 2.1.1)
-CVE-2005-1319 (Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client ...)
+CVE-2005-1319
 	- imp4 <not-affected>
 	- imp3 3.2.8-1 (bug #328218; low)
-CVE-2005-1318 (Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail ...)
+CVE-2005-1318
 	- sork-forwards 2.2.2-1
-CVE-2005-1317 (Cross-site scripting (XSS) vulnerability in Horde Chora module before ...)
+CVE-2005-1317
 	NOT-FOR-US: Hord Chora module
-CVE-2005-1316 (Cross-site scripting (XSS) vulnerability in Horde Accounts module ...)
+CVE-2005-1316
 	- sork-accounts 2.1.2-1
-CVE-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module before ...)
+CVE-2005-1315
 	- turba 1.2.5-1
-CVE-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith module ...)
+CVE-2005-1314
 	- kronolith 1.1.4-1
-CVE-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module before ...)
+CVE-2005-1313
 	- sork-passwd 2.2.2-1
-CVE-2005-1312 (PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 ...)
+CVE-2005-1312
 	NOT-FOR-US: Yappa-NG
-CVE-2005-1311 (Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 ...)
+CVE-2005-1311
 	NOT-FOR-US: Yappa-NG
-CVE-2005-1310 (SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to ...)
+CVE-2005-1310
 	NOT-FOR-US: bBlog
-CVE-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...)
+CVE-2005-1309
 	NOT-FOR-US: bBlog
-CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script or ...)
+CVE-2005-1308
 	- courier <unfixed> (bug #307575; unimportant)
-CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version ...)
+CVE-2005-1307
 	NOT-FOR-US: Adobe Version Cue
-CVE-2005-1306 (The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 ...)
+CVE-2005-1306
 	NOT-FOR-US: Adobe Reader 7
-CVE-2005-1305 (The hyper.cgi script allows remote attackers to read arbitrary files ...)
+CVE-2005-1305
 	NOT-FOR-US: hyper.cgi
-CVE-2005-1304 (The citat.pl script allows remote attackers to execute arbitrary files ...)
+CVE-2005-1304
 	NOT-FOR-US: citat.pl
-CVE-2005-1303 (The citat.pl script allows remote attackers to read arbitrary files ...)
+CVE-2005-1303
 	NOT-FOR-US: citat.pl
-CVE-2005-1302 (SQL injection vulnerability in Confixx 3.08 and earlier allows remote ...)
+CVE-2005-1302
 	NOT-FOR-US: Confixx
-CVE-2005-1301 (nProtect:Netizen 2005.3.17.1 does not properly verify that the update ...)
+CVE-2005-1301
 	NOT-FOR-US: nProtect:Netizen
-CVE-2005-1300 (Cross-site scripting (XSS) vulnerability in the inserter.cgi script ...)
+CVE-2005-1300
 	NOT-FOR-US: inserter.cgi
-CVE-2005-1299 (The inserter.cgi script allows remote attackers to execute arbitrary ...)
+CVE-2005-1299
 	NOT-FOR-US: inserter.cgi
-CVE-2005-1298 (The inserter.cgi script allows remote attackers to read arbitrary ...)
+CVE-2005-1298
 	NOT-FOR-US: inserter.cgi
-CVE-2005-1297 (Cross-site scripting (XSS) vulnerability in the include.cgi script ...)
+CVE-2005-1297
 	NOT-FOR-US: include.cgi
-CVE-2005-1296 (include.cgi script allows remote attackers to execute arbitrary ...)
+CVE-2005-1296
 	NOT-FOR-US: include.cgi
-CVE-2005-1295 (include.cgi script allows remote attackers to read arbitrary files via ...)
+CVE-2005-1295
 	NOT-FOR-US: include.cgi
-CVE-2005-1294 (The affix_sock_register in the Affix Bluetooth Protocol Stack for ...)
+CVE-2005-1294
 	- affix-kernel 2.1.1-1.1
-CVE-2005-1293 (Multiple SQL injection vulnerabilities in default.asp in StorePortal ...)
+CVE-2005-1293
 	NOT-FOR-US: StorePortal
-CVE-2005-1292 (Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP ...)
+CVE-2005-1292
 	NOT-FOR-US: CartWIZ ASP Cart
-CVE-2005-1291 (Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow ...)
+CVE-2005-1291
 	NOT-FOR-US: CartWIZ ASP Cart
-CVE-2005-1290 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 ...)
+CVE-2005-1290
 	- phpbb2 2.0.13-6sarge1 (low)
-CVE-2005-1289 (index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to ...)
+CVE-2005-1289
 	NOT-FOR-US: E-Cart
-CVE-2005-1288 (inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers ...)
+CVE-2005-1288
 	NOT-FOR-US: ACS Blog
-CVE-2005-1287 (Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote ...)
+CVE-2005-1287
 	NOT-FOR-US: BK Forum
-CVE-2005-1286 (Unquoted Windows search path vulnerability in BitDefender 8 allows ...)
+CVE-2005-1286
 	NOT-FOR-US: Bitdefender
-CVE-2005-1285 (Cross-site scripting (XSS) vulnerability in thread.php in WoltLab ...)
+CVE-2005-1285
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-1284 (The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote ...)
+CVE-2005-1284
 	NOT-FOR-US: Argosoft Mail Server Pro
-CVE-2005-1283 (Multiple directory traversal vulnerabilities in Argosoft Mail Server ...)
+CVE-2005-1283
 	NOT-FOR-US: Argosoft Mail Server Pro
-CVE-2005-1282 (Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail ...)
+CVE-2005-1282
 	NOT-FOR-US: Argosoft Mail Server Pro
-CVE-2005-1281 (Ethereal 0.10.10 and earlier allows remote attackers to cause a denial ...)
+CVE-2005-1281
 	- ethereal 0.10.10-2
-CVE-2005-1280 (The rsvp_print function in tcpdump 3.9.1 and earlier allows remote ...)
+CVE-2005-1280
 	- ethereal 0.10.10-2
 	- tcpdump 3.8.3-4
-CVE-2005-1279 (tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-1279
 	{DSA-850-1}
 	- tcpdump 3.8.3-4
-CVE-2005-1278 (The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 ...)
+CVE-2005-1278
 	- tcpdump 3.8.3-4 (bug #307920)
 CVE-2005-1277
 	REJECTED
 CVE-2005-1276
 	RESERVED
-CVE-2005-1275 (Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ...)
+CVE-2005-1275
 	- imagemagick 6:6.0.6.2-2.3 (bug #306424)
-CVE-2005-1274 (Stack-based buffer overflow in the getIfHeader function in the WebDAV ...)
+CVE-2005-1274
 	- maxdb-7.5.00 7.5.00.24-3
 CVE-2005-1273
 	RESERVED
-CVE-2005-1272 (Stack-based buffer overflow in the Backup Agent for Microsoft SQL ...)
+CVE-2005-1272
 	NOT-FOR-US: Backup Agent for Microsoft SQL
 CVE-2005-1271
 	REJECTED
-CVE-2005-1270 (The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter ...)
+CVE-2005-1270
 	- rkhunter 1.2.7-14 (medium)
 CVE-2005-XXXX [Unspecified buffer overflow in Convert::UUlib perl module]
 	- libconvert-uulib-perl 1.0.5.1-1
-CVE-2005-1269 (Gaim before 1.3.1 allows remote attackers to cause a denial of service ...)
+CVE-2005-1269
 	{DSA-734-1}
 	- gaim 1:1.3.1-1 (bug #315356; low)
-CVE-2005-1268 (Off-by-one error in the mod_ssl Certificate Revocation List (CRL) ...)
+CVE-2005-1268
 	{DSA-805-1}
 	- apache2 2.0.54-5 (bug #320048; bug #320063; bug #322613; low)
 	- apache <not-affected> (Not affected, see #322613)
-CVE-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly handle ...)
+CVE-2005-1267
 	{DSA-854-1}
 	- tcpdump 3.9.0.cvs.20050614-1 (medium)
-CVE-2005-1266 (Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to ...)
+CVE-2005-1266
 	{DSA-736-2 DSA-736-1}
 	- spamassassin 3.0.4-1 (bug #314447; medium)
-CVE-2005-1265 (The mmap function in the Linux Kernel 2.6.10 can be used to create ...)
+CVE-2005-1265
 	{DSA-922-1}
 	- linux-2.6 2.6.12-1
-CVE-2005-1264 (Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong ...)
+CVE-2005-1264
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
-CVE-2005-1263 (The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to ...)
+CVE-2005-1263
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc4)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	[sarge] - kernel-source-2.4.27 2.4.27-10
 	NOTE: believed not to be exploitable in 2.6 after all, re Greg K-H
-CVE-2005-1262 (Gaim 1.2.1 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-1262
 	- gaim 1:1.2.1-1.1
-CVE-2005-1261 (Stack-based buffer overflow in the URL parsing function in Gaim before ...)
+CVE-2005-1261
 	- gaim 1:1.2.1-1.1
-CVE-2005-1260 (bzip2 allows remote attackers to cause a denial of service (hard drive ...)
+CVE-2005-1260
 	{DSA-741-1}
 	- bzip2 1.0.2-7
 CVE-2005-1259
@@ -8654,290 +8654,290 @@ CVE-2005-1258
 	RESERVED
 CVE-2005-1257
 	RESERVED
-CVE-2005-1256 (Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail ...)
+CVE-2005-1256
 	NOT-FOR-US: IMail
-CVE-2005-1255 (Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 ...)
+CVE-2005-1255
 	NOT-FOR-US: IMail
-CVE-2005-1254 (Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 ...)
+CVE-2005-1254
 	NOT-FOR-US: IMail
 CVE-2005-1253
 	RESERVED
-CVE-2005-1252 (Directory traversal vulnerability in the Web Calendaring server in ...)
+CVE-2005-1252
 	NOT-FOR-US: IMail
 CVE-2005-1251
 	RESERVED
-CVE-2005-1250 (SQL injection vulnerability in the logon screen of the web front end ...)
+CVE-2005-1250
 	NOT-FOR-US: IpSwitch
-CVE-2005-1249 (The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) ...)
+CVE-2005-1249
 	NOT-FOR-US: IMail
-CVE-2005-1248 (Buffer overflow in Apple iTunes before 4.8 allows remote attackers to ...)
+CVE-2005-1248
 	NOT-FOR-US: Apple iTunes
-CVE-2005-1247 (webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to ...)
+CVE-2005-1247
 	NOT-FOR-US: Novell Nsure Audit
-CVE-2005-1246 (Format string vulnerability in the snmppd_log function in ...)
+CVE-2005-1246
 	NOT-FOR-US: snmppd
 CVE-2005-XXXX [Multiple security problems in Quake 2]
 	NOTE: this release added lots of warnings about the security problems
 	- quake2 1:0.3-1.1
-CVE-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, ...)
+CVE-2005-1245
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-1244 (** DISPUTED ** ...)
+CVE-2005-1244
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1243 (Directory traversal vulnerability in the third party tool from ...)
+CVE-2005-1243
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1242 (Directory traversal vulnerability in the third party tool from Bsafe, ...)
+CVE-2005-1242
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1241 (Directory traversal vulnerability in the third party tool from ...)
+CVE-2005-1241
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1240 (Directory traversal vulnerability in the third party tool from ...)
+CVE-2005-1240
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1239 (Directory traversal vulnerability in the third party tool from ...)
+CVE-2005-1239
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1238 (By design, the built-in FTP server for iSeries AS/400 systems does not ...)
+CVE-2005-1238
 	NOT-FOR-US: AS/400 FTP server
-CVE-2005-1237 (SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows ...)
+CVE-2005-1237
 	NOT-FOR-US: FlexPHPNews
-CVE-2005-1236 (Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and ...)
+CVE-2005-1236
 	NOT-FOR-US: DUPortal
-CVE-2005-1235 (auction_my_auctions.php in phpbb-Auction 1.2m and earlier allows ...)
+CVE-2005-1235
 	NOT-FOR-US: phpbb-Auction
-CVE-2005-1234 (Multiple SQL injection vulnerabilities in phpbb-Auction allow remote ...)
+CVE-2005-1234
 	NOT-FOR-US: phpbb-Auction
-CVE-2005-1233 (Cross-site scripting (XSS) vulnerability in index.php in PHP Labs ...)
+CVE-2005-1233
 	NOT-FOR-US: PHP Labs proFile
-CVE-2005-1232 (Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy ...)
+CVE-2005-1232
 	NOT-FOR-US: Sun ONE Proxy Server
-CVE-2005-1231 (Cross-site scripting (XSS) vulnerability in the NewTerm function in ...)
+CVE-2005-1231
 	NOT-FOR-US: JAWS
-CVE-2005-1230 (Directory traversal vulnerability in Yawcam 0.2.5 allows remote ...)
+CVE-2005-1230
 	NOT-FOR-US: Yawcan
-CVE-2005-1229 (Directory traversal vulnerability in cpio 2.6 and earlier allows ...)
+CVE-2005-1229
 	{DSA-846-1}
 	- cpio 2.6-6 (bug #306693; medium)
-CVE-2005-1228 (Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through ...)
+CVE-2005-1228
 	{DSA-752-1}
 	- gzip 1.3.5-10
-CVE-2005-1227 (Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier ...)
+CVE-2005-1227
 	NOT-FOR-US: PHPProjekt
-CVE-2005-1226 (Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which ...)
+CVE-2005-1226
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-1225 (SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows ...)
+CVE-2005-1225
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-1224 (Multiple SQL injection vulnerabilities in DUware DUportal Pro 3.4 ...)
+CVE-2005-1224
 	NOT-FOR-US: DUPortal
-CVE-2005-1223 (Multiple SQL injection vulnerabilities in Ocean12 Calendar manager ...)
+CVE-2005-1223
 	NOT-FOR-US: Ocean12 Calender manager
-CVE-2005-1222 (cat_for_gen.php in Annuaire Netref 4.2 allows remote attackers to ...)
+CVE-2005-1222
 	NOT-FOR-US: Annuaire Netref
-CVE-2005-1221 (SQL injection vulnerability in login.asp for Ecommerce-Carts EcommPro ...)
+CVE-2005-1221
 	NOT-FOR-US: ECommPro
-CVE-2005-1220 (Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain ...)
+CVE-2005-1220
 	NOT-FOR-US: Shoutbox
-CVE-2005-1219 (Buffer overflow in the Microsoft Color Management Module for Windows ...)
+CVE-2005-1219
 	NOT-FOR-US: Microsoft Color Management Module
-CVE-2005-1218 (The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows ...)
+CVE-2005-1218
 	NOT-FOR-US: Microsoft Color Management Module
 CVE-2005-1217
 	RESERVED
-CVE-2005-1216 (Microsoft ISA Server 2000 allows remote attackers to connect to ...)
+CVE-2005-1216
 	NOT-FOR-US: Microsoft
-CVE-2005-1215 (Microsoft ISA Server 2000 allows remote attackers to poison the ISA ...)
+CVE-2005-1215
 	NOT-FOR-US: Microsoft
-CVE-2005-1214 (Microsoft Agent allows remote attackers to spoof trusted Internet ...)
+CVE-2005-1214
 	NOT-FOR-US: Microsoft
-CVE-2005-1213 (Stack-based buffer overflow in the news reader for Microsoft Outlook ...)
+CVE-2005-1213
 	NOT-FOR-US: Microsoft
-CVE-2005-1212 (Buffer overflow in Microsoft Step-by-Step Interactive Training ...)
+CVE-2005-1212
 	NOT-FOR-US: Microsoft
-CVE-2005-1211 (Buffer overflow in the PNG image rendering component of Microsoft ...)
+CVE-2005-1211
 	NOT-FOR-US: Microsoft
 CVE-2005-1210
 	RESERVED
 CVE-2005-1209
 	RESERVED
-CVE-2005-1208 (Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, ...)
+CVE-2005-1208
 	NOT-FOR-US: Microsoft
-CVE-2005-1207 (Buffer overflow in the Web Client service in Microsoft Windows XP and ...)
+CVE-2005-1207
 	NOT-FOR-US: Microsoft
-CVE-2005-1206 (Buffer overflow in the Server Message Block (SMB) functionality for ...)
+CVE-2005-1206
 	NOT-FOR-US: Microsoft
-CVE-2005-1205 (The Telnet client for Microsoft Windows XP, Windows Server 2003, and ...)
+CVE-2005-1205
 	NOT-FOR-US: Microsoft
 CVE-2005-XXXX [libpam-ssh: Inproper caching of pwd data with potential security implications]
 	- libpam-ssh 1.91.0-9
-CVE-2005-1204 (Desktop Rover 3.0, and possibly earlier versions, allows remote ...)
+CVE-2005-1204
 	NOT-FOR-US: Desktop Rover
-CVE-2005-1203 (Multiple SQL injection vulnerabilities in index.php in eGroupware ...)
+CVE-2005-1203
 	- egroupware 1.0.0.007-2.dfsg-1
-CVE-2005-1202 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupware ...)
+CVE-2005-1202
 	- egroupware 1.0.0.007-2.dfsg-1
-CVE-2005-1201 (Multiple directory traversal vulnerabilities in AZ Bulletin board ...)
+CVE-2005-1201
 	NOT-FOR-US: AZbb
-CVE-2005-1200 (PHP remote file inclusion vulnerability in main_index.php in AZ ...)
+CVE-2005-1200
 	NOT-FOR-US: AZbb
-CVE-2005-1199 (SQL injection vulnerability in printthread.php in UBB.Threads allows ...)
+CVE-2005-1199
 	NOT-FOR-US: UBB.threads
-CVE-2005-1198 (Directory traversal vulnerability in apexec.pl for Anaconda Foundation ...)
+CVE-2005-1198
 	NOT-FOR-US: Anaconda Foundation Directory
-CVE-2005-1197 (SQL injection vulnerability in the ...)
+CVE-2005-1197
 	NOT-FOR-US: Oracle
-CVE-2005-1196 (SQL injection vulnerability in kb.php in the Knowledge Base module for ...)
+CVE-2005-1196
 	NOT-FOR-US: PHPBB Knowledgebase Mod
-CVE-2005-1195 (Multiple heap-based buffer overflows in the code used to handle (1) ...)
+CVE-2005-1195
 	- xine-lib 1.0.1-1
 	- mplayer <not-affected> (fixed in 1.0-pre7, which was released before etch)
-CVE-2005-1194 (Stack-based buffer overflow in the ieee_putascii function for nasm ...)
+CVE-2005-1194
 	- nasm 0.98.38-1.2 (bug #309049)
-CVE-2005-1193 (The bbencode_second_pass and make_clickable functions in bbcode.php ...)
+CVE-2005-1193
 	- phpbb2 2.0.13-6sarge1 (medium)
-CVE-2005-1192 (Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and ...)
+CVE-2005-1192
 	NOT-FOR-US: HP-UX
-CVE-2005-1191 (The Web View DLL (webvw.dll), as used in Windows Explorer on Windows ...)
+CVE-2005-1191
 	NOT-FOR-US: Windows
-CVE-2005-1190 (WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a ...)
+CVE-2005-1190
 	NOT-FOR-US: WebcamXP
-CVE-2005-1189 (Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and ...)
+CVE-2005-1189
 	NOT-FOR-US: WebcamXP
-CVE-2005-1188 (Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in ...)
+CVE-2005-1188
 	NOT-FOR-US: ComersusCart
-CVE-2005-1187 (Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other ...)
+CVE-2005-1187
 	NOT-FOR-US: WinHex
-CVE-2005-1186 (Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com ...)
+CVE-2005-1186
 	NOT-FOR-US: Musicmatch
-CVE-2005-1185 (Unquoted Windows search path vulnerability in Musicmatch Jukebox ...)
+CVE-2005-1185
 	NOT-FOR-US: Musicmatch
-CVE-2005-1184 (The TCP/IP stack in multiple operating systems allows remote attackers ...)
+CVE-2005-1184
 	NOT-FOR-US: Apparently bogus report. at least on Linux it couldn't be reproduced
-CVE-2005-1183 (Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows ...)
+CVE-2005-1183
 	NOT-FOR-US: mvnForum
-CVE-2005-1182 (Unknown vulnerability in Incoming Remote Command (iSeries Access for ...)
+CVE-2005-1182
 	NOT-FOR-US: iSeries OS
-CVE-2005-1181 (** DISPUTED ** ...)
+CVE-2005-1181
 	NOT-FOR-US: Ariadne CMS
-CVE-2005-1180 (HTTP Response Splitting vulnerability in the Surveys module in ...)
+CVE-2005-1180
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1179 (Unknown vulnerability in Xerox MicroServer Web Server for various ...)
+CVE-2005-1179
 	NOT-FOR-US: Xerox
-CVE-2005-1178 (SQL injection vulnerability in Oracle Forms 10g allows remote ...)
+CVE-2005-1178
 	NOT-FOR-US: Oracle
-CVE-2005-1177 (Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 ...)
+CVE-2005-1177
 	- webmin <not-affected>
 	NOTE: I haven't found further information on this, but this appears to only
 	NOTE: affect non-Debian setups
-CVE-2005-1176 (Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while ...)
+CVE-2005-1176
 	NOT-FOR-US: AIX
-CVE-2005-1175 (Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT ...)
+CVE-2005-1175
 	{DSA-757-1}
 	- krb5 1.3.6-4 (bug #318437; medium)
-CVE-2005-1174 (MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) ...)
+CVE-2005-1174
 	{DSA-757-1}
 	- krb5 1.3.6-4 (bug #318437; medium)
-CVE-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote ...)
+CVE-2005-1173
 	NOT-FOR-US: PMSoftware Simple Web Server
-CVE-2005-1172 (Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine ...)
+CVE-2005-1172
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-1171 (Cross-site scripting (XSS) vulnerability in mod.php in the datenbank ...)
+CVE-2005-1171
 	NOT-FOR-US: moddb phpbb2 add-on
-CVE-2005-1170 (SQL injection vulnerability in mod.php in the datenbank module for ...)
+CVE-2005-1170
 	NOT-FOR-US: moddb phpbb2 add-on
-CVE-2005-1169 (Mafia Blog .4 BETA does not properly protect the admin directory, ...)
+CVE-2005-1169
 	NOT-FOR-US: Mafia Blog
-CVE-2005-1168 (DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows ...)
+CVE-2005-1168
 	NOT-FOR-US: Musicmatch
-CVE-2005-1167 (Musicmatch 10.00.2047 and earlier store log files in the Program Files ...)
+CVE-2005-1167
 	NOT-FOR-US: Musicmatch
-CVE-2005-1166 (The DNTUS26 process in Dameware NT Utilities and the DWRCS process in ...)
+CVE-2005-1166
 	NOT-FOR-US: Dameware
-CVE-2005-1165 (Yager 5.24 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-1165
 	NOT-FOR-US: Yager game
-CVE-2005-1164 (Yager 5.24 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-1164
 	NOT-FOR-US: Yager game
-CVE-2005-1163 (Multiple buffer overflows in Yager 5.24 and earlier allow remote ...)
+CVE-2005-1163
 	NOT-FOR-US: Yager game
-CVE-2005-1162 (Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore ...)
+CVE-2005-1162
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1161 (Multiple SQL injection vulnerabilities in OneWorldStore allow remote ...)
+CVE-2005-1161
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1160 (The privileged &quot;chrome&quot; UI code in Firefox before 1.0.3 and Mozilla ...)
+CVE-2005-1160
 	{DSA-781-1}
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; high)
-CVE-2005-1159 (The native implementations of InstallTrigger and other functions in ...)
+CVE-2005-1159
 	{DSA-781-1}
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; medium)
-CVE-2005-1158 (Multiple &quot;missing security checks&quot; in Firefox before 1.0.3 allow ...)
+CVE-2005-1158
 	- mozilla-firefox 1.0.3-1
-CVE-2005-1157 (Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 ...)
+CVE-2005-1157
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1156 (Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 ...)
+CVE-2005-1156
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1155 (The favicon functionality in Firefox before 1.0.3 and Mozilla Suite ...)
+CVE-2005-1155
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1154 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote ...)
+CVE-2005-1154
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1153 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a ...)
+CVE-2005-1153
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1152 (popauth.c in qpopper 4.0.5 and earlier does not properly set the ...)
+CVE-2005-1152
 	{DSA-728-1}
 	- qpopper 4.0.5-4sarge1
-CVE-2005-1151 (qpopper 4.0.5 and earlier does not properly drop privileges before ...)
+CVE-2005-1151
 	{DSA-728-1}
 	- qpopper 4.0.5-4sarge1
-CVE-2005-1150 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and ...)
+CVE-2005-1150
 	NOT-FOR-US: Sun Java
-CVE-2005-1149 (SQL injection vulnerability in admin/login.asp in aspclick.it ACNews ...)
+CVE-2005-1149
 	NOT-FOR-US: ACNews
-CVE-2005-1148 (calendar.pl in CalendarScript 3.21 allows remote attackers to obtain ...)
+CVE-2005-1148
 	NOT-FOR-US: CalenderScript
-CVE-2005-1147 (calendar.pl in CalendarScript 3.20 allows remote attackers to obtain ...)
+CVE-2005-1147
 	NOT-FOR-US: CalenderScript
-CVE-2005-1146 (** DISPUTED ** ...)
+CVE-2005-1146
 	NOT-FOR-US: CalenderScript
-CVE-2005-1145 (** DISPUTED ** ...)
+CVE-2005-1145
 	NOT-FOR-US: CalenderScript
-CVE-2005-1144 (popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to ...)
+CVE-2005-1144
 	NOT-FOR-US: EasyPHPCalender
-CVE-2005-1143 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2005-1143
 	NOT-FOR-US: EasyPHPCalender
-CVE-2005-1142 (Heap-based buffer overflow in the readpgm function in pnm.c for GOCR ...)
+CVE-2005-1142
 	- gocr 0.39-5
-CVE-2005-1141 (Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when ...)
+CVE-2005-1141
 	- gocr 0.39-5
-CVE-2005-1140 (Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows ...)
+CVE-2005-1140
 	NOT-FOR-US: MyBloggie
-CVE-2005-1139 (Opera 8 Beta 3, when using first-generation vetted digital ...)
+CVE-2005-1139
 	NOT-FOR-US: Opera
-CVE-2005-1138 (Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 ...)
+CVE-2005-1138
 	NOT-FOR-US: Kerio
-CVE-2005-1137 (Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to obtain ...)
+CVE-2005-1137
 	NOT-FOR-US: sphpBlog
-CVE-2005-1136 (Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) ...)
+CVE-2005-1136
 	NOT-FOR-US: sphpBlog
-CVE-2005-1135 (Cross-site scripting (XSS) vulnerability in search.php for Simple PHP ...)
+CVE-2005-1135
 	NOT-FOR-US: sphpBlog
-CVE-2005-1134 (SQL injection vulnerability in exit.php for Serendipity 0.8 and ...)
+CVE-2005-1134
 	NOT-FOR-US: Serendipity
-CVE-2005-1133 (The POP3 server in IBM iSeries AS/400 returns different error messages ...)
+CVE-2005-1133
 	NOT-FOR-US: AS/400 system software
-CVE-2005-1132 (LG U8120 mobile phone allows remote attackers to cause a denial of ...)
+CVE-2005-1132
 	NOT-FOR-US: LG mobile phone
-CVE-2005-1131 (Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier ...)
+CVE-2005-1131
 	NOT-FOR-US: Veritas Focalpoint Server
-CVE-2005-1130 (Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart ...)
+CVE-2005-1130
 	NOT-FOR-US: PinnacleCart
-CVE-2005-1129 (eGroupWare 1.0.6 and earlier, when an e-mail is composed with an ...)
+CVE-2005-1129
 	- egroupware 1.0.0.007-2.dfsg-1
-CVE-2005-1128 (Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow ...)
+CVE-2005-1128
 	NOT-FOR-US: VHCS
-CVE-2005-1127 (Format string vulnerability in the log function in Net::Server 0.87 ...)
+CVE-2005-1127
 	{DSA-1122 DSA-1121}
 	- libnet-server-perl 0.89-1 (bug #378640)
 	NOTE: Net::Server was already fixed in 0.87-1, although the changelog doesn't mention
@@ -8946,242 +8946,242 @@ CVE-2005-1127 (Format string vulnerability in the log function in Net::Server 0.
 	NOTE: but DSA-1122 thinks it was fixed in 0.89-1, so mark that version to make
 	NOTE: scripts happy (at time of writing, 0.90-1 is in testing)
 	- postgrey 1.22-1
-CVE-2005-1126 (The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 ...)
+CVE-2005-1126
 	NOT-FOR-US: Free BSD
-CVE-2005-1125 (Race condition in libsafe 2.0.16 and earlier, when running in ...)
+CVE-2005-1125
 	- libsafe <removed>
-CVE-2005-1124 (Unknown vulnerability in the libgss Generic Security Services Library ...)
+CVE-2005-1124
 	NOT-FOR-US: Solaris
-CVE-2005-1123 (Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause ...)
+CVE-2005-1123
 	NOT-FOR-US: monkeyd
-CVE-2005-1122 (Format string vulnerability in cgi.c for Monkey daemon (monkeyd) ...)
+CVE-2005-1122
 	NOT-FOR-US: monkeyd
-CVE-2005-1121 (Format string vulnerability in the my_xlog function in lib.c for Oops! ...)
+CVE-2005-1121
 	{DSA-726-1}
 	- oops 1.5.23.cvs-2.2 (bug #307360; high)
-CVE-2005-1120 (Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail ...)
+CVE-2005-1120
 	{DSA-1010-1}
 	- ilohamail 0.8.14-0rc3sarge1 (bug #304525; medium)
-CVE-2005-1119 (Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary ...)
+CVE-2005-1119
 	- sudo <unfixed> (bug #283161; unimportant)
 	NOTE: That's a policy violation, but not a security problem
-CVE-2005-1118 (Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the ...)
+CVE-2005-1118
 	NOT-FOR-US: RSA authentication agent
-CVE-2005-1117 (PHP remote file inclusion vulnerability in index.php in ...)
+CVE-2005-1117
 	NOT-FOR-US: All4WWW Homepage creator
-CVE-2005-1116 (Cross-site scripting (XSS) vulnerability in the Calendar module for ...)
+CVE-2005-1116
 	NOT-FOR-US: phpbb2 calendar addon
-CVE-2005-1115 (Multiple cross-site scripting (XSS) vulnerabilities in Photo Album ...)
+CVE-2005-1115
 	NOT-FOR-US: Photo Album
-CVE-2005-1114 (Multiple SQL injection vulnerabilities in album_search.php in Photo ...)
+CVE-2005-1114
 	NOT-FOR-US: Photo Album
-CVE-2005-1113 (Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 ...)
+CVE-2005-1113
 	NOT-FOR-US: PhpBB Plus
-CVE-2005-1112 (IBM WebSphere Application Server 6.0 and earlier, when sharing the ...)
+CVE-2005-1112
 	NOT-FOR-US: IBM Websphere
-CVE-2005-1111 (Race condition in cpio 2.6 and earlier allows local users to modify ...)
+CVE-2005-1111
 	{DSA-846-1}
 	- cpio 2.6-6 (bug #305372; low)
-CVE-2005-1110 (Stack-based buffer overflow in the RespondeHTTPPendiente function in ...)
+CVE-2005-1110
 	NOT-FOR-US: Sumus web server
-CVE-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote ...)
+CVE-2005-1109
 	{DSA-713-1}
 	- junkbuster <removed> (bug #304793)
 	- privoxy <not-affected>
-CVE-2005-1108 (The ij_untrusted_url function in JunkBuster 2.0.2-r2, with ...)
+CVE-2005-1108
 	{DSA-713-1}
 	- junkbuster <removed>
 	- privoxy <not-affected>
-CVE-2005-1107 (McAfee Internet Security Suite 2005 uses insecure default ACLs for ...)
+CVE-2005-1107
 	NOT-FOR-US: McAfee
 CVE-2005-XXXX [Remote DoS vulnerabilities in postgrey]
 	- postgrey 1.21-1
-CVE-2005-1106 (PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers ...)
+CVE-2005-1106
 	NOT-FOR-US: Windows
-CVE-2005-1105 (Directory traversal vulnerability in the MimeBodyPart.getFileName ...)
+CVE-2005-1105
 	- libgnumail-java <unfixed> (bug #304712; unimportant)
 	NOTE: This just provides an Java API function to receive a file name, sanitising
 	NOTE: this file name for further use must be done inside the application calling
 	NOTE: the function
-CVE-2005-1104 (Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 ...)
+CVE-2005-1104
 	NOT-FOR-US: Centra
-CVE-2005-1103 (Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through ...)
+CVE-2005-1103
 	NOT-FOR-US: Sygate Secure Enterprise
-CVE-2005-1102 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-1102
 	NOTE: Upstream developers don't consider this an issue, see bug #304468
-CVE-2005-1101 (Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow ...)
+CVE-2005-1101
 	NOT-FOR-US: Lotus Domino Server
-CVE-2005-1100 (Format string vulnerability in the ErrorLog function in cnf.c in ...)
+CVE-2005-1100
 	- postfix-gld 1.5-1
-CVE-2005-1099 (Multiple buffer overflows in the HandleChild function in server.c in ...)
+CVE-2005-1099
 	- postfix-gld 1.5-1
-CVE-2005-1098 (GetDataBack for NTFS 2.31 stores the username and license key in ...)
+CVE-2005-1098
 	NOT-FOR-US: GetDataBack for NTFS (Windows)
-CVE-2005-1097 (Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the ...)
+CVE-2005-1097
 	NOT-FOR-US: Rebrand P2P Share Spy
-CVE-2005-1096 (SQL injection vulnerability in main.asp for Ocean12 Membership Manager ...)
+CVE-2005-1096
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2005-1095 (Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 ...)
+CVE-2005-1095
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2005-1094 (FTP Now 2.6.14 stores usernames and passwords in plaintext in ...)
+CVE-2005-1094
 	NOT-FOR-US: FTP Now
-CVE-2005-1093 (Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with ...)
+CVE-2005-1093
 	NOT-FOR-US: Miranda IM
-CVE-2005-1092 (Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext ...)
+CVE-2005-1092
 	NOT-FOR-US: DeluxeFTP
-CVE-2005-1091 (Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ...)
+CVE-2005-1091
 	NOT-FOR-US: Maxthon
-CVE-2005-1090 (Directory traversal vulnerability in the readFile and writeFile API ...)
+CVE-2005-1090
 	NOT-FOR-US: Maxthon
-CVE-2005-1089 (Unknown vulnerability in DC++ before 0.674 allows attackers to append ...)
+CVE-2005-1089
 	NOT-FOR-US: DC++
-CVE-2005-1088 (Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and ...)
+CVE-2005-1088
 	NOT-FOR-US: DameWare NT Utilities and Mini Remote Control
-CVE-2005-1087 (CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD ...)
+CVE-2005-1087
 	NOT-FOR-US: AN HTTPD
-CVE-2005-1086 (Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n ...)
+CVE-2005-1086
 	NOT-FOR-US: AN HTTPD
-CVE-2005-1085 (Cross-site scripting (XSS) vulnerability in the control panel in ...)
+CVE-2005-1085
 	NOT-FOR-US: aeDating
-CVE-2005-1084 (SQL injection vulnerability in sdating.php in aeDating 3.2 allows ...)
+CVE-2005-1084
 	NOT-FOR-US: aeDating
-CVE-2005-1083 (index.php in aeDating 3.2 allows remote attackers to include arbitrary ...)
+CVE-2005-1083
 	NOT-FOR-US: aeDating
-CVE-2005-1082 (Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 ...)
+CVE-2005-1082
 	NOT-FOR-US: AtDGDatingPlatinum
-CVE-2005-1081 (Cross-site scripting (XSS) vulnerability in view.php in ...)
+CVE-2005-1081
 	NOT-FOR-US: AtDGDatingPlatinum
-CVE-2005-1080 (Directory traversal vulnerability in the Java Archive Tool (Jar) ...)
+CVE-2005-1080
 	NOT-FOR-US: JAR in J2SE SDK
-CVE-2005-1079 (SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2 ...)
+CVE-2005-1079
 	NOT-FOR-US: zOOm Media Gallery
-CVE-2005-1078 (XAMPP 1.4.x has multiple default or null passwords, which allows ...)
+CVE-2005-1078
 	NOT-FOR-US: XAMPP Apache distribution specific issue
-CVE-2005-1077 (Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x ...)
+CVE-2005-1077
 	NOT-FOR-US: XAMPP Apache distribution specific issue
-CVE-2005-1076 (Cross-site scripting (XSS) vulnerability in the discussion board ...)
+CVE-2005-1076
 	NOT-FOR-US: WebCT
-CVE-2005-1075 (Multiple cross-site scripting (XSS) vulnerabilities in RadScripts ...)
+CVE-2005-1075
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2005-1074 (SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 ...)
+CVE-2005-1074
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2005-1073 (Directory traversal vulnerability in index.php for RadScripts RadBids ...)
+CVE-2005-1073
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2005-1072 (Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows ...)
+CVE-2005-1072
 	NOT-FOR-US: PunBB
-CVE-2005-1071 (SQL injection vulnerability in banner.inc.php in JPortal Web Portal ...)
+CVE-2005-1071
 	NOT-FOR-US: JPortal
-CVE-2005-1070 (SQL injection vulnerability in index.php in Invision Power Board 1.3.1 ...)
+CVE-2005-1070
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1069 (Unknown vulnerability in sCssBoard 1.11 and earlier has unknown ...)
+CVE-2005-1069
 	NOT-FOR-US: sCssBoard
-CVE-2005-1068 (Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier ...)
+CVE-2005-1068
 	NOT-FOR-US: sCssBoard
-CVE-2005-1067 (Vulnerability in Access_user Class before 1.75 allows local users to ...)
+CVE-2005-1067
 	NOT-FOR-US: Access_user class
-CVE-2005-1066 (Race condition in rpdump in Pine 4.62 and earlier allows local users ...)
+CVE-2005-1066
 	- pine 4.63-1 (unimportant)
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
 	NOTE: Not shipped in the binary package
-CVE-2005-1065 (tetex in Novell Linux Desktop 9 allows local users to determine the ...)
+CVE-2005-1065
 	- tetex-base <not-affected> (/var/cache/fonts is not writable by normal users in Debian)
-CVE-2005-1064 (The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 ...)
+CVE-2005-1064
 	- rsnapshot 1.2.1-1
-CVE-2005-1063 (The administration protocol for Kerio WinRoute Firewall 6.x up to ...)
+CVE-2005-1063
 	NOT-FOR-US: Kerio
-CVE-2005-1062 (The administration protocol for Kerio WinRoute Firewall 6.x up to ...)
+CVE-2005-1062
 	NOT-FOR-US: Kerio
-CVE-2005-1061 (The secure script in LogWatch before 2.6-2 allows attackers to prevent ...)
+CVE-2005-1061
 	- logwatch 5.0-1
-CVE-2005-1060 (Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in ...)
+CVE-2005-1060
 	NOT-FOR-US: Novell Netware
-CVE-2005-1059 (Linksys WET11 1.5.4 allows remote attackers to change the password ...)
+CVE-2005-1059
 	NOT-FOR-US: Linksys WET11
-CVE-2005-1058 (Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile ...)
+CVE-2005-1058
 	NOT-FOR-US: Cisco
-CVE-2005-1057 (Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH ...)
+CVE-2005-1057
 	NOT-FOR-US: Cisco
-CVE-2005-1056 (Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6.2 ...)
+CVE-2005-1056
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2005-1055 (TowerBlog 0.6 and earlier stores the login data file under the web ...)
+CVE-2005-1055
 	NOT-FOR-US: TowerBlog
-CVE-2005-1054 (PHP remote file inclusion vulnerability in news.php in ModernBill ...)
+CVE-2005-1054
 	NOT-FOR-US: ModernBill
-CVE-2005-1053 (Multiple cross-site scripting (XSS) vulnerabilities in orderwiz.php in ...)
+CVE-2005-1053
 	NOT-FOR-US: ModernBill
-CVE-2005-1052 (Microsoft Outlook 2003 and Outlook Web Access (OWA) 2003 do not ...)
+CVE-2005-1052
 	NOT-FOR-US: Microsoft
-CVE-2005-1051 (SQL injection vulnerability in profile.php in PunBB 1.2.4 allows ...)
+CVE-2005-1051
 	NOT-FOR-US: PunBB
-CVE-2005-1050 (The modload op in the Reviews module for PostNuke 0.760-RC3 allows ...)
+CVE-2005-1050
 	NOT-FOR-US: PostNuke
-CVE-2005-1049 (Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 ...)
+CVE-2005-1049
 	NOT-FOR-US: PostNuke
-CVE-2005-1048 (SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 ...)
+CVE-2005-1048
 	NOT-FOR-US: PostNuke
-CVE-2005-1047 (Meilad File upload script (up.php) mod for phpBB 2.0.x does not ...)
+CVE-2005-1047
 	NOT-FOR-US: PunBB
-CVE-2005-1046 (Buffer overflow in the kimgio library for KDE 3.4.0 allows remote ...)
+CVE-2005-1046
 	{DSA-714-1}
 	- kdelibs 4:3.3.2-6
-CVE-2005-1045 (OpenText FirstClass 8.0 client does not properly sanitize strings ...)
+CVE-2005-1045
 	NOT-FOR-US: OpenText
 CVE-2005-1044
 	REJECTED
-CVE-2005-1043 (exif.c in PHP before 4.3.11 allows remote attackers to cause a denial ...)
+CVE-2005-1043
 	- php4 4:4.3.10-10 (bug #306003)
-CVE-2005-1042 (Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP ...)
+CVE-2005-1042
 	- php4 4:4.3.10-10 (bug #306003)
-CVE-2005-1041 (The fib_seq_start function in fib_hash.c in Linux kernel allows local ...)
+CVE-2005-1041
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.5)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-1040 (Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop ...)
+CVE-2005-1040
 	- netapplet <not-affected> (Not vulnerable, see bug #310833)
-CVE-2005-1039 (Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, ...)
+CVE-2005-1039
 	- coreutils 6.10-1 (bug #304556; unimportant)
 	NOTE: Minor issue, generic UNIX design issue, see discussion in #304556)
-CVE-2005-1038 (crontab in Vixie cron 4.1, when running with the -e option, allows ...)
+CVE-2005-1038
 	NOTE: long fixed in Debian's cron
-CVE-2005-1037 (Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, ...)
+CVE-2005-1037
 	NOT-FOR-US: AIX
-CVE-2005-1036 (FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO ...)
+CVE-2005-1036
 	NOT-FOR-US: FreeBSD
-CVE-2005-1035 (Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack ...)
+CVE-2005-1035
 	- pavuk 0.9.32-1
-CVE-2005-1034 (SurgeFTP 2.2m1 allows remote attackers to cause a denial of service ...)
+CVE-2005-1034
 	NOT-FOR-US: SurgeFTP
-CVE-2005-1033 (CubeCart 2.0.6 allows remote attackers to obtain sensitive information ...)
+CVE-2005-1033
 	NOT-FOR-US: CubeCart
 CVE-2005-1032
 	REJECTED
-CVE-2005-1031 (RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), ...)
+CVE-2005-1031
 	NOT-FOR-US: exoops
-CVE-2005-1030 (Multiple cross-site scripting (XSS) vulnerabilities in Active Auction ...)
+CVE-2005-1030
 	NOT-FOR-US: Active Auction House
-CVE-2005-1029 (Multiple SQL injection vulnerabilities in Active Auction House allow ...)
+CVE-2005-1029
 	NOT-FOR-US: Active Auction House
-CVE-2005-1028 (PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive ...)
+CVE-2005-1028
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1027 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x ...)
+CVE-2005-1027
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1026 (Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods ...)
+CVE-2005-1026
 	NOT-FOR-US: SnailSource phpBB mod
-CVE-2005-1025 (The FTP server in AS/400 4.3, when running in IFS mode, allows remote ...)
+CVE-2005-1025
 	NOT-FOR-US: IBM
-CVE-2005-1024 (modules.php in PHP-Nuke 6.x to 7.6 allows remote attackers to obtain ...)
+CVE-2005-1024
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1023 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x to ...)
+CVE-2005-1023
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1022 (ColdFusion 6.1 Updater 1 places Java .class files under the web root ...)
+CVE-2005-1022
 	NOT-FOR-US: ColdFusion
-CVE-2005-1021 (Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when ...)
+CVE-2005-1021
 	NOT-FOR-US: IOS
-CVE-2005-1020 (Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote ...)
+CVE-2005-1020
 	NOT-FOR-US: IOS
-CVE-2005-1019 (Buffer overflow in the getConfig function in Aeon 0.2a and earlier ...)
+CVE-2005-1019
 	NOT-FOR-US: Aeon
-CVE-2005-1018 (Buffer overflow in the UniversalAgent for Computer Associates (CA) ...)
+CVE-2005-1018
 	NOT-FOR-US: CA ArcServe Backup
 CVE-2005-XXXX [Some security issues in mod_security]
 	NOTE: I don't understand mod_security fully, so I'm not entirely sure which of
@@ -9195,143 +9195,143 @@ CVE-2005-XXXX [Variable function calls in Smarty allow bypassing security settin
 	- smarty 2.6.9-1
 CVE-2005-XXXX [Possible problem with insecure usage of sscanf in obexftp client]
 	- obexftp 0.10.7-3
-CVE-2005-1017 (SQL injection vulnerability in the Update_Events function in ...)
+CVE-2005-1017
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1016 (Cross-site scripting (XSS) vulnerability in links_add_form.asp for ...)
+CVE-2005-1016
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1015 (Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote ...)
+CVE-2005-1015
 	NOT-FOR-US: MailEnable
-CVE-2005-1014 (Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and ...)
+CVE-2005-1014
 	NOT-FOR-US: MailEnable
-CVE-2005-1013 (The SMTP service in MailEnable Enterprise 1.04 and earlier and ...)
+CVE-2005-1013
 	NOT-FOR-US: MailEnable
-CVE-2005-1012 (Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows ...)
+CVE-2005-1012
 	NOT-FOR-US: SiteEnable
-CVE-2005-1011 (SQL injection vulnerability in content.asp in SiteEnable allows remote ...)
+CVE-2005-1011
 	NOT-FOR-US: SiteEnable
-CVE-2005-1010 (Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows ...)
+CVE-2005-1010
 	NOT-FOR-US: ComersusCart
-CVE-2005-1009 (Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) ...)
+CVE-2005-1009
 	NOT-FOR-US: NetVault
-CVE-2005-1008 (Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM ...)
+CVE-2005-1008
 	NOT-FOR-US: XM Forum
-CVE-2005-1007 (Unknown vulnerability in the LIST functionality in CommuniGate Pro ...)
+CVE-2005-1007
 	NOT-FOR-US: CommuniGate Pro
-CVE-2005-1006 (Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO ...)
+CVE-2005-1006
 	NOT-FOR-US: SonicWALL
-CVE-2005-1005 (ProfitCode PayProCart 3.0 allows remote attackers to bypass ...)
+CVE-2005-1005
 	NOT-FOR-US: PayProCart
-CVE-2005-1004 (Cross-site scripting (XSS) vulnerability in usrdetails.php in ...)
+CVE-2005-1004
 	NOT-FOR-US: PayProCart
-CVE-2005-1003 (Directory traversal vulnerability in index.php for ProfitCode ...)
+CVE-2005-1003
 	NOT-FOR-US: PayProCart
-CVE-2005-1002 (logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows ...)
+CVE-2005-1002
 	NOT-FOR-US: LOG-FT File Transfer
-CVE-2005-1001 (PHP-Nuke 7.6 allows remote attackers to obtain sensitive information ...)
+CVE-2005-1001
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1000 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 ...)
+CVE-2005-1000
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0999 (SQL injection vulnerability in the Top module for PHP-Nuke 6.x through ...)
+CVE-2005-0999
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0998 (The Web_Links module for PHP-Nuke 7.6 allows remote attackers to ...)
+CVE-2005-0998
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0997 (Multiple SQL injection vulnerabilities in the Web_Links module for ...)
+CVE-2005-0997
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0996 (Multiple SQL injection vulnerabilities in the Downloads module for ...)
+CVE-2005-0996
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0995 (Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 ...)
+CVE-2005-0995
 	NOT-FOR-US: ProductCart
-CVE-2005-0994 (Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote ...)
+CVE-2005-0994
 	NOT-FOR-US: ProductCart
-CVE-2005-0993 (Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users ...)
+CVE-2005-0993
 	NOT-FOR-US: SCO
-CVE-2005-0992 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin ...)
+CVE-2005-0992
 	- phpmyadmin 3:2.6.2-rc1-1
-CVE-2005-0991 (RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not &quot;use a secure location ...)
+CVE-2005-0991
 	NOT-FOR-US: AIX
-CVE-2005-0990 (unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite ...)
+CVE-2005-0990
 	- sharutils 1:4.2.1-13
-CVE-2005-0989 (The find_replen function in jsstr.c in the Javascript engine for ...)
+CVE-2005-0989
 	{DSA-781-1}
 	- mozilla 2:1.7.7-1 (bug #306001)
 	- mozilla-firefox 1.0.2-3
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; medium)
-CVE-2005-0988 (Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a ...)
+CVE-2005-0988
 	{DSA-752-1}
 	- gzip 1.3.5-10
-CVE-2005-0987 (Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 ...)
+CVE-2005-0987
 	NOT-FOR-US: IRC Services NickServ
-CVE-2005-0986 (NLSCCSTR.DLL in the web service in IBM Lotus Domino Server 6.5.1, ...)
+CVE-2005-0986
 	NOT-FOR-US: Lotus Domino
-CVE-2005-0985 (Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows ...)
+CVE-2005-0985
 	NOT-FOR-US: Apple
-CVE-2005-0984 (Buffer overflow in the G_Printf function in Star Wars Jedi Knight: ...)
+CVE-2005-0984
 	NOT-FOR-US: Star Wars game
-CVE-2005-0983 (Quake 3 engine, as used in multiple games, allows remote attackers to ...)
+CVE-2005-0983
 	NOT-FOR-US: Quake 3 based games
-CVE-2005-0982 (Multiple cross-site scripting (XSS) vulnerabilities in Yet Another ...)
+CVE-2005-0982
 	NOT-FOR-US: Yet Another Forum.net
-CVE-2005-0981 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay ...)
+CVE-2005-0981
 	NOT-FOR-US: Alstrasoft EPay
-CVE-2005-0980 (PHP remote file inclusion vulnerability in index.php in AlstraSoft ...)
+CVE-2005-0980
 	NOT-FOR-US: Alstrasoft EPay
-CVE-2005-0979 (Multiple buffer overflows in RUMBA 7.3 and earlier allow remote ...)
+CVE-2005-0979
 	NOT-FOR-US: Rumba
-CVE-2005-0978 (Directory traversal vulnerability in the Object Push service in IVT ...)
+CVE-2005-0978
 	NOT-FOR-US: IVT BlueSoleil
-CVE-2005-0977 (The shmem_nopage function in shmem.c for the tmpfs driver in Linux ...)
+CVE-2005-0977
 	[sarge] - kernel-source-2.6.8 2.6.8-16 (bug #303177)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2005-0976 (AppleWebKit (WebCore and WebKit), as used in multiple products such as ...)
+CVE-2005-0976
 	NOT-FOR-US: Apple
-CVE-2005-0975 (Integer signedness error in the parse_machfile function in the mach-o ...)
+CVE-2005-0975
 	NOT-FOR-US: Apple
-CVE-2005-0974 (Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and ...)
+CVE-2005-0974
 	NOT-FOR-US: Apple
-CVE-2005-0973 (Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 ...)
+CVE-2005-0973
 	NOT-FOR-US: Apple
-CVE-2005-0972 (Integer overflow in the searchfs system call in Mac OS X 10.3.9 and ...)
+CVE-2005-0972
 	NOT-FOR-US: Apple
-CVE-2005-0971 (Stack-based buffer overflow in the semop system call in Mac OS X ...)
+CVE-2005-0971
 	NOT-FOR-US: Apple
-CVE-2005-0970 (Mac OS X 10.3.9 and earlier allows users to install, create, and ...)
+CVE-2005-0970
 	NOT-FOR-US: Apple
-CVE-2005-0969 (Heap-based buffer overflow in the syscall emulation functionality in ...)
+CVE-2005-0969
 	NOT-FOR-US: Apple
-CVE-2005-0968 (Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote ...)
+CVE-2005-0968
 	NOT-FOR-US: CA eTrust IDS
-CVE-2005-0967 (Gaim 1.2.0 allows remote attackers to cause a denial of service ...)
+CVE-2005-0967
 	- gaim 1:1.2.1-1
 CVE-2005-XXXX [Insecure tempfile handling in openwebmail CGI scripts]
 	- openwebmail <removed>
-CVE-2005-0966 (The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, ...)
+CVE-2005-0966
 	- gaim 1:1.2.1-1 (bug #303581)
-CVE-2005-0965 (The gaim_markup_strip_html function in Gaim 1.2.0, and possibly ...)
+CVE-2005-0965
 	- gaim 1:1.2.1-1 (bug #303581)
-CVE-2005-0964 (Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier ...)
+CVE-2005-0964
 	NOT-FOR-US: Kerio firewall
-CVE-2005-0963 (An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine ...)
+CVE-2005-0963
 	NOT-FOR-US: ACPI BIOS hardware issue
-CVE-2005-0962 (SQL injection vulnerability in index.php for Lighthouse Squirrelcart ...)
+CVE-2005-0962
 	NOT-FOR-US: SquirrelCart
-CVE-2005-0961 (Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before ...)
+CVE-2005-0961
 	- horde3 3.0.4-1
 	- horde2 2.2.8-1
-CVE-2005-0960 (Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c ...)
+CVE-2005-0960
 	NOT-FOR-US: OpenBSD
-CVE-2005-0959 (Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may ...)
+CVE-2005-0959
 	NOT-FOR-US: YepYep mtftpd
-CVE-2005-0958 (Format string vulnerability in the log_do function in log.c for YepYep ...)
+CVE-2005-0958
 	NOT-FOR-US: YepYep mtftpd
-CVE-2005-0957 (Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote ...)
+CVE-2005-0957
 	NOT-FOR-US: BayTech RPC
-CVE-2005-0956 (Multiple SQL injection vulnerabilities in index.php in InterAKT MX ...)
+CVE-2005-0956
 	NOT-FOR-US: InterAKT MX Kart
-CVE-2005-0955 (SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote ...)
+CVE-2005-0955
 	NOT-FOR-US: InterAKT MX Shop
-CVE-2005-0954 (Windows Explorer and Internet Explorer in Windows 2000 SP1 allows ...)
+CVE-2005-0954
 	NOT-FOR-US: Windows
-CVE-2005-0953 (Race condition in bzip2 1.0.2 and earlier allows local users to modify ...)
+CVE-2005-0953
 	{DSA-730-1}
 	- bzip2 1.0.2-6
 	NOTE: This "vulnerability" is only exploitable under rarest circumstances: A (local)
@@ -9339,35 +9339,35 @@ CVE-2005-0953 (Race condition in bzip2 1.0.2 and earlier allows local users to m
 	NOTE: the file and chmodding it to delete the file and place a hardlink to another
 	NOTE: file of the "attacked" user. Additionally the attacker needs write permissions
 	NOTE: to the directory where the file is being uncompressed, ruling out /~ etc.
-CVE-2005-0952 (Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 ...)
+CVE-2005-0952
 	NOT-FOR-US: PafileDB
 CVE-2005-0951
 	REJECTED
-CVE-2005-0950 (Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows ...)
+CVE-2005-0950
 	NOT-FOR-US: FastStone 4in1 Browser
-CVE-2005-0949 (Multiple cross-site scripting (XSS) vulnerabilities in content.asp in ...)
+CVE-2005-0949
 	NOT-FOR-US: PortalApp
-CVE-2005-0948 (SQL injection vulnerability in ad_click.asp for PortalApp allows ...)
+CVE-2005-0948
 	NOT-FOR-US: PortalApp
-CVE-2005-0947 (Directory traversal vulnerability in auxpage.php in phpCoin 1.2.1b and ...)
+CVE-2005-0947
 	NOT-FOR-US: phpCoin
-CVE-2005-0946 (SQL injection vulnerability in phpCoin 1.2.1b and earlier allows ...)
+CVE-2005-0946
 	NOT-FOR-US: phpCoin
-CVE-2005-0945 (Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows ...)
+CVE-2005-0945
 	NOT-FOR-US: ACS Blog
-CVE-2005-0944 (Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) ...)
+CVE-2005-0944
 	NOT-FOR-US: Microsoft
-CVE-2005-0943 (Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and ...)
+CVE-2005-0943
 	NOT-FOR-US: Cisco
-CVE-2005-0942 (The XP Server process (xp_server) in Sybase Adaptive Server Enterprise ...)
+CVE-2005-0942
 	NOT-FOR-US: Sybase ASE
-CVE-2005-0941 (The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 ...)
+CVE-2005-0941
 	- openoffice.org 1.1.3-9
 CVE-2005-0939
 	RESERVED
-CVE-2005-0938 (Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web ...)
+CVE-2005-0938
 	NOT-FOR-US: UBlog
-CVE-2005-0937 (Some futex functions in futex.c for Linux kernel 2.6.x perform ...)
+CVE-2005-0937
 	- kernel-source-2.6.8 2.6.8-16
 CVE-2005-XXXX [Several DoS possibilities of clients against the server in Freeciv]
 	- freeciv 2.0.1-1
@@ -9375,742 +9375,742 @@ CVE-2005-XXXX [mailscanner: lock/pid file location symlink attack]
 	- mailscanner 4.40.11-1
 CVE-2005-XXXX [KDE Kopete ICQ remote DoS]
 	- kdenetwork 4:3.3.2-2
-CVE-2005-0936 (Cross-site scripting vulnerability in products1h.php in ESMI PayPal ...)
+CVE-2005-0936
 	NOT-FOR-US: ESMI PayPal Storefront
-CVE-2005-0935 (Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow ...)
+CVE-2005-0935
 	NOT-FOR-US: ESMI PayPal Storefront
-CVE-2005-0934 (Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 ...)
+CVE-2005-0934
 	NOT-FOR-US: WackoWiki
-CVE-2005-0933 (Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b ...)
+CVE-2005-0933
 	NOT-FOR-US: phpCOIN
-CVE-2005-0932 (Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier ...)
+CVE-2005-0932
 	NOT-FOR-US: phpCOIN
-CVE-2005-0931 (PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 ...)
+CVE-2005-0931
 	NOT-FOR-US: The Includer
-CVE-2005-0930 (Cross-site scripting (XSS) vulnerability in message.php in Chatness ...)
+CVE-2005-0930
 	NOT-FOR-US: Chatness
-CVE-2005-0929 (SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote ...)
+CVE-2005-0929
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2005-0928 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP ...)
+CVE-2005-0928
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2005-0927 (Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has ...)
+CVE-2005-0927
 	NOT-FOR-US: WebAPP
-CVE-2005-0926 (Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to ...)
+CVE-2005-0926
 	- sylpheed 1.0.4-1
 	- sylpheed-claws 1.0.4-1
-CVE-2005-0925 (Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload ...)
+CVE-2005-0925
 	NOT-FOR-US: Uapplication Ublog
-CVE-2005-0924 (Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows ...)
+CVE-2005-0924
 	NOT-FOR-US: Adventia E-Data
-CVE-2005-0923 (The SmartScan feature in the Auto-Protect module for Symantec Norton ...)
+CVE-2005-0923
 	NOT-FOR-US: Norton AntiVirus
-CVE-2005-0922 (Unknown vulnerability in the Auto-Protect module in Symantec Norton ...)
+CVE-2005-0922
 	NOT-FOR-US: Norton AntiVirus
-CVE-2005-0921 (Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local ...)
+CVE-2005-0921
 	NOT-FOR-US: Lotus
-CVE-2005-0920 (Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow ...)
+CVE-2005-0920
 	NOT-FOR-US: Bugtracker.NET
-CVE-2005-0919 (Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject ...)
+CVE-2005-0919
 	NOT-FOR-US: Adventia E-Data
-CVE-2005-0918 (The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, ...)
+CVE-2005-0918
 	NOT-FOR-US: Adobe SVG Viewer
-CVE-2005-0917 (PHP remote file inclusion vulnerability in index_header.php for ...)
+CVE-2005-0917
 	NOT-FOR-US: EncapsBB
-CVE-2005-0916 (AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with ...)
+CVE-2005-0916
 	- kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 <not-affected>
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2005-0915 (Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to ...)
+CVE-2005-0915
 	NOT-FOR-US: Webmasters-Debutants WD Guestbook
-CVE-2005-0914 (Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly ...)
+CVE-2005-0914
 	NOT-FOR-US: CPG Dragonfly
-CVE-2005-0913 (Unknown vulnerability in the regex_replace modifier ...)
+CVE-2005-0913
 	- smarty 2.6.8-1
-CVE-2005-0912 (Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, ...)
+CVE-2005-0912
 	NOT-FOR-US: deplate
-CVE-2005-0911 (Multiple SQL injection vulnerabilities in exoops may allow remote ...)
+CVE-2005-0911
 	NOT-FOR-US: exoops
-CVE-2005-0910 (Multiple cross-site scripting (XSS) vulnerabilities in exoops allow ...)
+CVE-2005-0910
 	NOT-FOR-US: exoops
-CVE-2005-0909 (PHP remote file inclusion vulnerability in shoutact.php for TKai's ...)
+CVE-2005-0909
 	NOT-FOR-US: THai's Shoutbox
-CVE-2005-0908 (Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft ...)
+CVE-2005-0908
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2005-0907 (Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 ...)
+CVE-2005-0907
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2005-0906 (Buffer overflow in a player logging function in the Tincat network ...)
+CVE-2005-0906
 	NOT-FOR-US: Tincat network library
-CVE-2005-0905 (Maxthon 1.2.0 allows remote malicious web sites to obtain potentially ...)
+CVE-2005-0905
 	NOT-FOR-US: Maxthon
-CVE-2005-0904 (Remote Desktop in Windows XP SP1 does not verify the &quot;Force shutdown ...)
+CVE-2005-0904
 	NOT-FOR-US: Microsoft
-CVE-2005-0903 (Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote ...)
+CVE-2005-0903
 	NOT-FOR-US: QuickTime PictureViewer
-CVE-2005-0902 (SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for ...)
+CVE-2005-0902
 	NOT-FOR-US: NukeBookmarks for php-nuke
-CVE-2005-0901 (Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks ...)
+CVE-2005-0901
 	NOT-FOR-US: NukeBookmarks for php-nuke
-CVE-2005-0900 (marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to ...)
+CVE-2005-0900
 	NOT-FOR-US: NukeBookmarks for php-nuke
-CVE-2005-0899 (AS/400 running OS400 5.2 installs and enables LDAP by default, which ...)
+CVE-2005-0899
 	NOT-FOR-US: AS/400 running OS400
-CVE-2005-0898 (Cross-site scripting (XSS) vulnerability in downloadform.php in ...)
+CVE-2005-0898
 	NOT-FOR-US: E-Store Kit-2 PayPal Edition
-CVE-2005-0897 (PHP remote file inclusion vulnerability in catalog.php in E-Store ...)
+CVE-2005-0897
 	NOT-FOR-US: E-Store Kit-2 PayPal Edition
-CVE-2005-0896 (Multiple cross-site scripting (XSS) vulnerabilities in review.php in ...)
+CVE-2005-0896
 	NOT-FOR-US: phpMyDirectory
-CVE-2005-0895 (Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of ...)
+CVE-2005-0895
 	NOT-FOR-US: Netcomm 1300NB DSL Modem
-CVE-2005-0894 (OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local ...)
+CVE-2005-0894
 	- openmosixview 1.5-7
-CVE-2005-0893 (modes.c in smail 3.2.0.120 implements signal handlers with certain ...)
+CVE-2005-0893
 	- smail <removed> (bug #335042; unimportant)
 	NOTE: cording to upstream impossible to exploit
-CVE-2005-0892 (Buffer overflow in smail 3.2.0.120 allows remote attackers or local ...)
+CVE-2005-0892
 	{DSA-722-1}
 	- smail 3.2.0.115-7 (bug #301428; high)
-CVE-2005-0891 (Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote ...)
+CVE-2005-0891
 	NOTE: The description is wrong; 2.6 is affected as well
 	- gtk+2.0 2.6.4-1
 	- gdk-pixbuf 0.22.0-7.1
-CVE-2005-0890 (SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote ...)
+CVE-2005-0890
 	NOT-FOR-US: Dream4 Koobi CMS
-CVE-2005-0889 (Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi ...)
+CVE-2005-0889
 	NOT-FOR-US: Dream4 Koobi CMS
-CVE-2005-0888 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2005-0888
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.4.4-1
-CVE-2005-0887 (Eval injection vulnerability in Double Choco Latte before 0.9.4.3 ...)
+CVE-2005-0887
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.4.4-1
-CVE-2005-0886 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 ...)
+CVE-2005-0886
 	NOT-FOR-US: Invision Power Board
-CVE-2005-0885 (Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 ...)
+CVE-2005-0885
 	NOT-FOR-US: XMB Forum
-CVE-2005-0884 (DigitalHive 2.0 allows remote attackers to re-install the product by ...)
+CVE-2005-0884
 	NOT-FOR-US: DigitalHive
-CVE-2005-0883 (Multiple cross-site scripting (XSS) vulnerabilities in base.php for ...)
+CVE-2005-0883
 	NOT-FOR-US: DigitalHive
-CVE-2005-0882 (SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 ...)
+CVE-2005-0882
 	NOT-FOR-US: BirdBlog
-CVE-2005-0881 (Cross-site scripting (XSS) vulnerability in articles.newcomment for ...)
+CVE-2005-0881
 	NOT-FOR-US: Interspire ArticleLive
-CVE-2005-0880 (content.php in Vortex Portal allows remote attackers to obtain ...)
+CVE-2005-0880
 	NOT-FOR-US: Vortex Portal
-CVE-2005-0879 (PHP remote file include vulnerability in (1) content.php and (2) ...)
+CVE-2005-0879
 	NOT-FOR-US: Vortex Portal
-CVE-2005-0878 (Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 ...)
+CVE-2005-0878
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0877 (Dnsmasq before 2.21 allows remote attackers to poison the DNS cache ...)
+CVE-2005-0877
 	- dnsmasq 2.21
-CVE-2005-0876 (Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers ...)
+CVE-2005-0876
 	- dnsmasq 2.21
-CVE-2005-0875 (Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, ...)
+CVE-2005-0875
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-0874 (Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other ...)
+CVE-2005-0874
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-0873 (Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in ...)
+CVE-2005-0873
 	NOT-FOR-US: Oracle
-CVE-2005-0872 (Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in ...)
+CVE-2005-0872
 	NOT-FOR-US: Topic Calendar phpbb2 plugin
-CVE-2005-0871 (calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when ...)
+CVE-2005-0871
 	NOT-FOR-US: Topic Calendar phpbb2 plugin
-CVE-2005-0870 (Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, ...)
+CVE-2005-0870
 	{DSA-899-1 DSA-898-1 DSA-897-1 DSA-724-1}
 	NOTE: Fix in phpsysinfo 2.3-3 was apparently incomplete.
 	- phpsysinfo 2.3-7
 	- egroupware 1.0.0.009.dfsg-3-3
 	- phpgroupware 0.9.16.008-2
-CVE-2005-0869 (phpSysInfo 2.3 allows remote attackers to obtain sensitive information ...)
+CVE-2005-0869
 	- phpsysinfo 2.3-3 (bug #301118; unimportant)
-CVE-2005-0868 (AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) ...)
+CVE-2005-0868
 	- tn5250 <not-affected> (cannot find STRPCO or STRPCCMD in tn5250)
-CVE-2005-0867 (Integer overflow in Linux kernel 2.6 allows local users to overwrite ...)
+CVE-2005-0867
 	- kernel-source-2.4.27 <not-affected> (kernel 2.4 doesn't have sysfs)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Not vulnerable, see #306137)
-CVE-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users to ...)
+CVE-2005-0866
 	- cdrtools 4:2.01+01a01-4 (bug #291376; low)
 	[sarge] - cdrtools <no-dsa> (Only exploitable in rare debugging mode)
 	[woody] - cdrtools <no-dsa> (Only exploitable in rare debugging mode)
-CVE-2005-0865 (Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) ...)
+CVE-2005-0865
 	NOT-FOR-US: Samsung ADSL modems
-CVE-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and ...)
+CVE-2005-0864
 	NOT-FOR-US: Samsung ASDL modems, Debian's boa has been fixed years ago
-CVE-2005-0863 (Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows ...)
+CVE-2005-0863
 	NOT-FOR-US: PHPOpenChat
-CVE-2005-0862 (Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat ...)
+CVE-2005-0862
 	NOT-FOR-US: PHPOpenChat
-CVE-2005-0861 (Multiple buffer overflows in DeleGate before 8.11.1 may allow ...)
+CVE-2005-0861
 	NOT-FOR-US: Delegate
-CVE-2005-0860 (PHP remote file inclusion vulnerability in TRG News Script 3.0 allows ...)
+CVE-2005-0860
 	NOT-FOR-US: TRG News Script
-CVE-2005-0859 (PHP remote file inclusion vulnerability in CzarNews 1.13b allows ...)
+CVE-2005-0859
 	NOT-FOR-US: CzarNews
-CVE-2005-0858 (Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier ...)
+CVE-2005-0858
 	NOT-FOR-US: CoolForum
-CVE-2005-0857 (Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum ...)
+CVE-2005-0857
 	NOT-FOR-US: CoolForum
-CVE-2005-0856 (CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate ...)
+CVE-2005-0856
 	NOT-FOR-US: CoolForum
-CVE-2005-0855 (CoolForum 0.8.1 beta and earlier allows remote attackers to obtain ...)
+CVE-2005-0855
 	NOT-FOR-US: CoolForum
-CVE-2005-0854 (betaparticle blog (bp blog), posisbly before version 4, allows remote ...)
+CVE-2005-0854
 	NOT-FOR-US: betaparticle blog
-CVE-2005-0853 (betaparticle blog (bp blog) stores the database under the web root, ...)
+CVE-2005-0853
 	NOT-FOR-US: betaparticle blog
-CVE-2005-0852 (Microsoft Windows XP SP1 allows local users to cause a denial of ...)
+CVE-2005-0852
 	NOT-FOR-US: Microsoft Windows
-CVE-2005-0851 (FileZilla FTP server before 0.9.6, when using MODE Z (zlib ...)
+CVE-2005-0851
 	NOT-FOR-US: FileZilla FTP server
-CVE-2005-0850 (FileZilla FTP server before 0.9.6 allows remote attackers to cause a ...)
+CVE-2005-0850
 	NOT-FOR-US: FileZilla FTP server
-CVE-2005-0849 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...)
+CVE-2005-0849
 	NOT-FOR-US: Multiple commercial games by FUN Labs
-CVE-2005-0848 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...)
+CVE-2005-0848
 	NOT-FOR-US: Multiple commercial games by FUN Labs
-CVE-2005-0847 (Code Ocean FTP server 1.0 allows remote attackers to cause a denial of ...)
+CVE-2005-0847
 	NOT-FOR-US: Code Ocean FTP Server
-CVE-2005-0846 (Multiple cross-site scripting (XSS) vulnerabilities in the email ...)
+CVE-2005-0846
 	NOT-FOR-US: SurgeMail
-CVE-2005-0845 (Directory traversal vulnerability in the Webmail interface in ...)
+CVE-2005-0845
 	NOT-FOR-US: SurgeMail
-CVE-2005-0844 (Nortel VPN client 5.01 stores the cleartext password in the memory of ...)
+CVE-2005-0844
 	NOT-FOR-US: Nortel Contivity
-CVE-2005-0843 (CRLF injection vulnerability in search.php in Phorum 5.0.14a allows ...)
+CVE-2005-0843
 	NOT-FOR-US: Phorum
-CVE-2005-0842 (Cross-site scripting (XSS) vulnerability in index.php in Kayako ...)
+CVE-2005-0842
 	NOT-FOR-US: Kayako eSupport
-CVE-2005-0841 (SQL injection vulnerability in (1) people.php, (2) track.php, (3) ...)
+CVE-2005-0841
 	NOT-FOR-US: phpmyfamily
 CVE-2005-0840
 	REJECTED
-CVE-2005-0839 (Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE ...)
+CVE-2005-0839
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
-CVE-2005-0838 (Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow ...)
+CVE-2005-0838
 	- icecast2 <unfixed> (bug #301368; unimportant)
 	NOTE: According to upstream a non-issue
-CVE-2005-0837 (IceCast 2.20 allows remote attackers to bypass the XSL parser and ...)
+CVE-2005-0837
 	- icecast2 <unfixed> (bug #301368; unimportant)
 	NOTE: According to upstream a non-issue
-CVE-2005-0836 (Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up ...)
+CVE-2005-0836
 	NOT-FOR-US: Java Web Start for proprietary Sun Java
-CVE-2005-0835 (The SNMP service in the Belkin 54G (F5D7130) wireless router allows ...)
+CVE-2005-0835
 	NOT-FOR-US: Belkin 54G router
-CVE-2005-0834 (Belkin 54G (F5D7130) wireless router enables SNMP by default in a ...)
+CVE-2005-0834
 	NOT-FOR-US: Belkin 54G router
-CVE-2005-0833 (Belkin 54G (F5D7130) wireless router allows remote attackers to access ...)
+CVE-2005-0833
 	NOT-FOR-US: Belkin 54G router
-CVE-2005-0832 (Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 ...)
+CVE-2005-0832
 	NOT-FOR-US: PHP-Post
-CVE-2005-0831 (PHP-Post allows remote attackers to spoof the names of other users by ...)
+CVE-2005-0831
 	NOT-FOR-US: PHP-Post
-CVE-2005-0830 (Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, ...)
+CVE-2005-0830
 	NOT-FOR-US: Xzabite DynDNS Updater
-CVE-2005-0829 (Cross-site scripting (XSS) vulnerability in setuser.php of the ...)
+CVE-2005-0829
 	NOT-FOR-US: PHP-Fusion Addon
-CVE-2005-0828 (highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops ...)
+CVE-2005-0828
 	NOT-FOR-US: e-Xoops based products
-CVE-2005-0827 (Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 ...)
+CVE-2005-0827
 	NOT-FOR-US: e-Xoops based products
-CVE-2005-0826 (OllyDbg 1.10 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-0826
 	NOT-FOR-US: OllyDbg MS Windows debugger
-CVE-2005-0825 (Buffer overflow in LTris before 1.0.10 allows local users to execute ...)
+CVE-2005-0825
 	- ltris 1.0.6-1.1 (bug #291620)
-CVE-2005-0824 (The internal_dump function in Mathopd before 1.5p5, and 1.6x before ...)
+CVE-2005-0824
 	- mathopd 1.5p5-1
 CVE-2005-XXXX [Various /tmp related security issues in cernlib]
 	- cernlib 2004.11.04-3
-CVE-2005-0823 (ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores ...)
+CVE-2005-0823
 	NOT-FOR-US: iSnooker
-CVE-2005-0822 (Citrix Metaframe Password Manager 2.5 and earlier stores a password in ...)
+CVE-2005-0822
 	NOT-FOR-US: Citrix
-CVE-2005-0821 (Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 ...)
+CVE-2005-0821
 	NOT-FOR-US: Citrix
-CVE-2005-0820 (Microsoft Office InfoPath 2003 SP1 includes sensitive information in ...)
+CVE-2005-0820
 	NOT-FOR-US: MS Office
-CVE-2005-0819 (The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote ...)
+CVE-2005-0819
 	NOT-FOR-US: Novell Netware
-CVE-2005-0818 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote ...)
+CVE-2005-0818
 	NOT-FOR-US: Pun BB
-CVE-2005-0817 (Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway ...)
+CVE-2005-0817
 	NOT-FOR-US: Symantec Gateway
-CVE-2005-0816 (Buffer overflow in newgrp in Solaris 7 through 9 allows local users to ...)
+CVE-2005-0816
 	NOT-FOR-US: Solaris
-CVE-2005-0815 (Multiple &quot;range checking flaws&quot; in the ISO9660 filesystem handler in ...)
+CVE-2005-0815
 	- kernel-source-2.4.27 2.4.27-10 (bug #300783; medium)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc1)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
-CVE-2005-0814 (Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 ...)
+CVE-2005-0814
 	{DSA-717-1}
 	- lsh-utils 2.0.1-1
-CVE-2005-0813 (Buffer overflow in Initial Redirect (ir) Squid Proxy Plug-In 0.1 and ...)
+CVE-2005-0813
 	NOT-FOR-US: ir
-CVE-2005-0812 (The web interface in NotifyLink 3.0 displays passwords in cleartext on ...)
+CVE-2005-0812
 	NOT-FOR-US: NotifyLink
-CVE-2005-0811 (The web interface in NotifyLink 3.0 does not properly restrict access ...)
+CVE-2005-0811
 	NOT-FOR-US: NotifyLink
-CVE-2005-0810 (SQL injection vulnerability in NotifyLink before 3.0 allows remote ...)
+CVE-2005-0810
 	NOT-FOR-US: NotifyLink
-CVE-2005-0809 (NotifyLink, when configured for client key retrieval, allows remote ...)
+CVE-2005-0809
 	NOT-FOR-US: NotifyLink
-CVE-2005-0808 (Apache Tomcat before 5.x allows remote attackers to cause a denial of ...)
+CVE-2005-0808
 	NOT-FOR-US: Does not affect Tomcat 4.x according to http://www.securityfocus.com/bid/12795/info/
-CVE-2005-0807 (Multiple buffer overflows in Cain &amp; Abel before 2.67 allow remote ...)
+CVE-2005-0807
 	NOT-FOR-US: Cain &amp; Abel
-CVE-2005-0806 (Evolution 2.0.3 allows remote attackers to cause a denial of service ...)
+CVE-2005-0806
 	- evolution 2.0.4-2
-CVE-2005-0805 (SQL injection vulnerability in index.php in Subdreamer Light, when ...)
+CVE-2005-0805
 	NOT-FOR-US: Subdreamer
-CVE-2005-0804 (Format string vulnerability in MailEnable 1.8 allows remote attackers ...)
+CVE-2005-0804
 	NOT-FOR-US: MailEnable
-CVE-2005-0803 (The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 ...)
+CVE-2005-0803
 	NOT-FOR-US: Windows
-CVE-2005-0802 (Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 ...)
+CVE-2005-0802
 	NOT-FOR-US: ACS Blog
-CVE-2005-0801 (Directory traversal vulnerability in includer.cgi in The Includer ...)
+CVE-2005-0801
 	NOT-FOR-US: The Includer
-CVE-2005-0800 (PHP remote file inclusion vulnerability in install.php in mcNews 1.3 ...)
+CVE-2005-0800
 	NOT-FOR-US: mcNews
-CVE-2005-0799 (MySQL 4.1.9, and possibly earlier versions, allows remote attackers ...)
+CVE-2005-0799
 	NOT-FOR-US: MySQL on Windows
-CVE-2005-0798 (Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does ...)
+CVE-2005-0798
 	NOT-FOR-US: Novell iChain
-CVE-2005-0797 (Novell iChain Mini FTP Server 2.3 displays different error messages ...)
+CVE-2005-0797
 	NOT-FOR-US: Novell iChain
-CVE-2005-0796 (Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote ...)
+CVE-2005-0796
 	NOT-FOR-US: Hola CMS
-CVE-2005-0795 (HolaCMS 1.4.9 does not restrict file access to the holaDB/votes ...)
+CVE-2005-0795
 	NOT-FOR-US: Hola CMS
-CVE-2005-0794 (ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation ...)
+CVE-2005-0794
 	NOT-FOR-US: ZPanel
-CVE-2005-0793 (PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows ...)
+CVE-2005-0793
 	NOT-FOR-US: ZPanel
-CVE-2005-0792 (SQL injection vulnerability in ZPanel 2.0 allows remote attackers to ...)
+CVE-2005-0792
 	NOT-FOR-US: ZPanel
-CVE-2005-0791 (Cross-site scripting (XSS) vulnerability in adframe.php in phpAdsNew ...)
+CVE-2005-0791
 	NOT-FOR-US: phpAdsNew
-CVE-2005-0790 (phpAdsNew 2.0.4 allows remote attackers to obtain sensitive ...)
+CVE-2005-0790
 	NOT-FOR-US: phpAdsNew
-CVE-2005-0786 (SQL injection vulnerability in gb_new.inc in SimpGB allows remote ...)
+CVE-2005-0786
 	NOT-FOR-US: SimpGB
-CVE-2005-0785 (Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB ...)
+CVE-2005-0785
 	NOT-FOR-US: YaBB
-CVE-2005-0784 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum before ...)
+CVE-2005-0784
 	NOT-FOR-US: Phorum
-CVE-2005-0783 (Cross-site scripting (XSS) vulnerability in Phorum before 5.0.14a ...)
+CVE-2005-0783
 	NOT-FOR-US: Phorum
-CVE-2005-0782 (Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) ...)
+CVE-2005-0782
 	NOT-FOR-US: paFileDB
-CVE-2005-0781 (SQL injection vulnerability in (1) viewall.php and (2) category.php in ...)
+CVE-2005-0781
 	NOT-FOR-US: paFileDB
-CVE-2005-0780 (paFileDB 3.1 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2005-0780
 	NOT-FOR-US: paFileDB
-CVE-2005-0779 (PlatinumFTP 1.0.18, and possibly earlier versions, allows remote ...)
+CVE-2005-0779
 	NOT-FOR-US: PlatinumFTP
-CVE-2005-0778 (PhotoPost PHP 5.0 RC3 does not fully verify that an uploaded file is ...)
+CVE-2005-0778
 	NOT-FOR-US: PhotoPost
-CVE-2005-0777 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP ...)
+CVE-2005-0777
 	NOT-FOR-US: PhotoPost
-CVE-2005-0776 (adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify ...)
+CVE-2005-0776
 	NOT-FOR-US: PhotoPost
-CVE-2005-0775 (The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not ...)
+CVE-2005-0775
 	NOT-FOR-US: PhotoPost
-CVE-2005-0774 (SQL injection vulnerability in member.php and possibly other scripts ...)
+CVE-2005-0774
 	NOT-FOR-US: PhotoPost
-CVE-2005-0773 (Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 ...)
+CVE-2005-0773
 	NOT-FOR-US: VERITAS Backup Exec
-CVE-2005-0772 (VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 ...)
+CVE-2005-0772
 	NOT-FOR-US: VERITAS Backup Exec
-CVE-2005-0771 (VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows ...)
+CVE-2005-0771
 	NOT-FOR-US: VERITAS Backup Exec
-CVE-2005-0770 (Format string vulnerability in DataRescue Interactive Disassembler and ...)
+CVE-2005-0770
 	NOT-FOR-US: IDA Pro
-CVE-2005-0768 (Buffer overflow in the administration web server for GoodTech Telnet ...)
+CVE-2005-0768
 	NOT-FOR-US: GoodTech Telnet Server
-CVE-2005-0767 (Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 ...)
+CVE-2005-0767
 	- kernel-source-2.6.8 2.6.8-15
-CVE-2005-0766 (Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 ...)
+CVE-2005-0766
 	- ethereal 0.10.10-1
-CVE-2005-0765 (Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows ...)
+CVE-2005-0765
 	- ethereal 0.10.10-1
-CVE-2005-0764 (Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote ...)
+CVE-2005-0764
 	- rxvt-unicode 5.3-1
-CVE-2005-0763 (Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may ...)
+CVE-2005-0763
 	{DSA-698-1}
 	- mc 1:4.6.0-4.6.1-pre3-1
 	NOTE: Sarge-specific regression correcting a previous DSA.
-CVE-2005-0762 (Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 ...)
+CVE-2005-0762
 	{DSA-702-1}
 	- imagemagick 5:6.0.0-1
 	NOTE: Does only affect imagemagick releases prior to 6
-CVE-2005-0761 (Unknown vulnerability in ImageMagick before 6.1.8 allows remote ...)
+CVE-2005-0761
 	- imagemagick 5:6.0.2.5 (bug #301110)
-CVE-2005-0760 (The TIFF decoder in ImageMagick before 6.0 allows remote attackers to ...)
+CVE-2005-0760
 	{DSA-702-1}
 	- imagemagick 5:6.0.0-1
 	NOTE: Does only affect imagemagick releases prior to 6
-CVE-2005-0759 (ImageMagick before 6.0 allows remote attackers to cause a denial of ...)
+CVE-2005-0759
 	{DSA-702-1}
 	- imagemagick 5:6.0.0-1
 	NOTE: Does only affect imagemagick releases prior to 6
-CVE-2005-0758 (zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...)
+CVE-2005-0758
 	NOTE: see http://bugs.gentoo.org/show_bug.cgi?id=90626
 	- gzip 1.3.5-10 (low)
 	- bzip2 1.0.2-8.1 (bug #321286; low)
 	[sarge] - bzip2 <no-dsa> (Minor issue)
-CVE-2005-0757 (The xattr file system code, as backported in Red Hat Enterprise Linux ...)
+CVE-2005-0757
 	{DSA-922-1 DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (bug #311164)
 	- linux-2.6 <not-affected> (Fixed before upload in archive)
-CVE-2005-0756 (ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on ...)
+CVE-2005-0756
 	{DSA-922-1 DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (medium)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
-CVE-2005-0755 (Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player ...)
+CVE-2005-0755
 	- helix-player 1.0.4-1
-CVE-2005-0754 (Kommander in KDE 3.2 through KDE 3.4.0 executes data files without ...)
+CVE-2005-0754
 	- kdewebdev 1:3.3.2-6
-CVE-2005-0753 (Buffer overflow in CVS before 1.11.20 allows remote attackers to ...)
+CVE-2005-0753
 	{DSA-742-1}
 	- cvs 1:1.12.9-13
-CVE-2005-0752 (The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote ...)
+CVE-2005-0752
 	- mozilla-firefox 1.0.3-1
 CVE-2005-0751
 	REJECTED
-CVE-2005-0750 (The bluez_sock_create function in the Bluetooth stack for Linux kernel ...)
+CVE-2005-0750
 	- kernel-source-2.4.27 2.4.27-10
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.5)
-CVE-2005-0749 (The load_elf_library in the Linux kernel before 2.6.11.6 allows local ...)
+CVE-2005-0749
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 2.4.27-10
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.6)
 CVE-2005-XXXX [Connection related DoS possibility in OmniORB 4]
 	- omniorb4 4.0.5-2
-CVE-2005-0789 (Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 ...)
+CVE-2005-0789
 	NOT-FOR-US: not part of Woody, has been removed from sarge/sid
-CVE-2005-0788 (LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary ...)
+CVE-2005-0788
 	NOT-FOR-US: Limewire has been removed from Sarge and sid, was never part of stable
-CVE-2005-0787 (Wine 20050211 and earlier creates temp files with world readable ...)
+CVE-2005-0787
 	- wine 0.0.20050310-1.1
-CVE-2005-0769 (Multiple buffer overflows in OpenSLP before 1.1.5 allow remote ...)
+CVE-2005-0769
 	- openslp 1.0.11a-2
-CVE-2005-0748 (PHP remote file inclusion vulnerability in initdb.php for WEBInsta ...)
+CVE-2005-0748
 	NOT-FOR-US: WEBInsta
-CVE-2005-0747 (ApplyYourself i-Class allows remote attackers to obtain sensitive ...)
+CVE-2005-0747
 	NOT-FOR-US: ApplyYourself
-CVE-2005-0746 (The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier ...)
+CVE-2005-0746
 	NOT-FOR-US: Novell iChain
-CVE-2005-0745 (UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local ...)
+CVE-2005-0745
 	NOT-FOR-US: UTStarcom iAN-02EX VoIP Analog Terminal Adaptor
-CVE-2005-0744 (The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers ...)
+CVE-2005-0744
 	NOT-FOR-US: Novell iChain
-CVE-2005-0743 (The custom avatar uploading feature (uploader.php) for XOOPS 2.0.9.2 ...)
+CVE-2005-0743
 	NOT-FOR-US: Xoops
-CVE-2005-0742 (Cross-site scripting (XSS) vulnerability in Sun Java System ...)
+CVE-2005-0742
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-0741 (Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 ...)
+CVE-2005-0741
 	NOT-FOR-US: YaBB
-CVE-2005-0740 (The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote ...)
+CVE-2005-0740
 	NOT-FOR-US: OpenBSD
-CVE-2005-0739 (The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does ...)
+CVE-2005-0739
 	{DSA-718-1}
 	- ethereal 0.10.10-1
-CVE-2005-0738 (Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 ...)
+CVE-2005-0738
 	NOT-FOR-US: Microsoft
-CVE-2005-0737 (Buffer overflow in Yahoo! Messenger allows remote attackers to execute ...)
+CVE-2005-0737
 	NOT-FOR-US: Yahoo Messenger
-CVE-2005-0736 (Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 ...)
+CVE-2005-0736
 	- kernel-source-2.4.27 <not-affected> (There is no epoll in kernel 2.4)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.1)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0735 (newsscript.pl for NewsScript allows remote attackers to gain ...)
+CVE-2005-0735
 	NOT-FOR-US: newsscript
-CVE-2005-0734 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
+CVE-2005-0734
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0733 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
+CVE-2005-0733
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0732 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
+CVE-2005-0732
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0731 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
+CVE-2005-0731
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0730 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
+CVE-2005-0730
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0729 (Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows ...)
+CVE-2005-0729
 	NOT-FOR-US: Xpand Rally
 CVE-2005-0728
 	REJECTED
 CVE-2005-0727
 	REJECTED
-CVE-2005-0726 (SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows ...)
+CVE-2005-0726
 	NOT-FOR-US: UBB.threads
-CVE-2005-0725 (SQL injection vulnerability in the getAllbyArticle function in ...)
+CVE-2005-0725
 	NOT-FOR-US: wfsections
-CVE-2005-0724 (paFileDB 3.1 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2005-0724
 	NOT-FOR-US: paFileDB
-CVE-2005-0723 (Cross-site scripting (XSS) vulnerability in the jumpmenu function in ...)
+CVE-2005-0723
 	NOT-FOR-US: paFileDB
-CVE-2005-0722 (eXPerience2 allows remote attackers to obtain the full path for the ...)
+CVE-2005-0722
 	NOT-FOR-US: eXPerience2
-CVE-2005-0721 (PHP remote file inclusion vulnerability in modules.php in eXPerience2 ...)
+CVE-2005-0721
 	NOT-FOR-US: eXPerience2
-CVE-2005-0720 (PHP remote file inclusion vulnerability in admin/header.php in PHP ...)
+CVE-2005-0720
 	NOT-FOR-US: mcNews
-CVE-2005-0719 (Unknown vulnerability in the systems message queue in HP Tru64 Unix ...)
+CVE-2005-0719
 	NOT-FOR-US: Tru64
-CVE-2005-0718 (Squid 2.5.STABLE7 and earlier allows remote attackers to cause a ...)
+CVE-2005-0718
 	- squid 2.5.8 (bug #305605)
 CVE-2005-0717
 	RESERVED
-CVE-2005-0716 (Stack-based buffer overflow in the Core Foundation Library in Mac OS X ...)
+CVE-2005-0716
 	NOT-FOR-US: Mac OS
-CVE-2005-0715 (AFP Server in Mac OS X before 10.3.8 uses insecure permissions for ...)
+CVE-2005-0715
 	NOT-FOR-US: Mac OS
 CVE-2005-0714
 	REJECTED
-CVE-2005-0713 (The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be ...)
+CVE-2005-0713
 	NOT-FOR-US: Mac OS
-CVE-2005-0712 (Mac OS X before 10.3.8 users world-writable permissions for certain ...)
+CVE-2005-0712
 	NOT-FOR-US: Mac OS
-CVE-2005-0711 (MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable ...)
+CVE-2005-0711
 	{DSA-707-1}
 	- mysql-dfsg 4.0.24
 	- mysql-dfsg-4.1 4.1.10a
-CVE-2005-0710 (MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote ...)
+CVE-2005-0710
 	{DSA-707-1}
 	- mysql-dfsg 4.0.24
 	- mysql-dfsg-4.1 4.1.10a
-CVE-2005-0709 (MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote ...)
+CVE-2005-0709
 	{DSA-707-1}
 	- mysql-dfsg 4.0.24
 	- mysql-dfsg-4.1 4.1.10a
-CVE-2005-0708 (The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 ...)
+CVE-2005-0708
 	- kfreebsd-8 <not-affected> (Fixed before initial release; bug #613311)
 	- kfreebsd-7 <not-affected> (Fixed before initial release; bug #613311)
-CVE-2005-0707 (Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch ...)
+CVE-2005-0707
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-0706 (Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a ...)
+CVE-2005-0706
 	[sarge] - gnome-vfs2 <not-affected> (does not install the module with the vulnerable code)
 	- grip 3.2.0-4 (low)
 	- libcdaudio 0.99.9-2.1 (bug #304799; low)
 	- gnome-vfs 1.0.5-5.1 (bug #305163; low)
 	- gnome-vfs2 2.10.1-3
-CVE-2005-0705 (The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the ...)
+CVE-2005-0705
 	- ethereal 0.10.10-1
-CVE-2005-0704 (Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through ...)
+CVE-2005-0704
 	- ethereal 0.10.10-1
-CVE-2005-0703 (Xerox MicroServer Web Server for various WorkCentre products including ...)
+CVE-2005-0703
 	NOT-FOR-US: Xerox MicroServer Web Server
-CVE-2005-0702 (SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote ...)
+CVE-2005-0702
 	NOT-FOR-US: phpMyFAQ
-CVE-2005-0701 (Directory traversal vulnerability in Oracle Database Server 8i and 9i ...)
+CVE-2005-0701
 	NOT-FOR-US: Oracle
-CVE-2005-0700 (The export_index action in myadmin.php for Aztek Forum 4.0 allows ...)
+CVE-2005-0700
 	NOT-FOR-US: Aztek
-CVE-2005-0699 (Multiple buffer overflows in the dissect_a11_radius function in the ...)
+CVE-2005-0699
 	- ethereal 0.10.9-2
-CVE-2005-0698 (PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier ...)
+CVE-2005-0698
 	NOT-FOR-US: PHPWebLog
-CVE-2005-0697 (SQL injection vulnerability in the process_picture function ...)
+CVE-2005-0697
 	NOT-FOR-US: CopperExport
-CVE-2005-0696 (Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote ...)
+CVE-2005-0696
 	NOT-FOR-US: ArGoSoft
-CVE-2005-0695 (The password recovery feature (forgotpassword.asp) in Hosting ...)
+CVE-2005-0695
 	NOT-FOR-US: Hosting Controller
-CVE-2005-0694 (Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under ...)
+CVE-2005-0694
 	NOT-FOR-US: Hosting Controller
-CVE-2005-0693 (Buffer overflow in JoWood Chaser 1.50 and earlier allows remote ...)
+CVE-2005-0693
 	NOT-FOR-US: JoWood Chaser (for Windows)
-CVE-2005-0692 (Cross-site scripting (XSS) vulnerability in fusion_core.php for ...)
+CVE-2005-0692
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-0691 (PHP remote file inclusion vulnerability in article mode for ...)
+CVE-2005-0691
 	NOT-FOR-US: SocialMPN
-CVE-2005-0690 (Gene6 FTP Server does not properly restrict access to the control ...)
+CVE-2005-0690
 	NOT-FOR-US: Gene6 FTP Server for Win
-CVE-2005-0689 (includer.cgi in The Includer allows remote attackers to execute ...)
+CVE-2005-0689
 	NOT-FOR-US: The Includer
-CVE-2005-0688 (Windows Server 2003 and XP SP2, with Windows Firewall turned off, ...)
+CVE-2005-0688
 	NOT-FOR-US: Windows
-CVE-2005-0687 (Format string vulnerability in Hashcash 1.16 allows remote attackers ...)
+CVE-2005-0687
 	- hashcash 1.17-1
-CVE-2005-0686 (Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf ...)
+CVE-2005-0686
 	- mlterm 2.9.2 (bug #298621)
-CVE-2005-0685 (Multiple access validation errors in OutStart Participate Enterprise ...)
+CVE-2005-0685
 	NOT-FOR-US: OutStart Participate Enterprise
-CVE-2005-0684 (Multiple buffer overflows in the web tool for MySQL MaxDB before ...)
+CVE-2005-0684
 	- maxdb-7.5.00 7.5.00.24-3
 CVE-2005-0683
 	REJECTED
-CVE-2005-0682 (Cross-site scripting (XSS) vulnerability in common.inc in Drupal ...)
+CVE-2005-0682
 	- drupal 4.5.2
-CVE-2005-0681 (Nokia Symbian 60 allows remote attackers to cause a denial of service ...)
+CVE-2005-0681
 	NOT-FOR-US: Nokia
-CVE-2005-0680 (PHP remote file inclusion vulnerability in ...)
+CVE-2005-0680
 	NOT-FOR-US: Download Center Lite
-CVE-2005-0679 (PHP remote file inclusion vulnerability in tell_a_friend.inc.php for ...)
+CVE-2005-0679
 	NOT-FOR-US: Tell A Friend Script
-CVE-2005-0678 (PHP remote file inclusion vulnerability in formmail.inc.php for Form ...)
+CVE-2005-0678
 	NOT-FOR-US: Form Mail Script
-CVE-2005-0677 (index.php for Zorum 3.5 allows remote attackers to perform certain ...)
+CVE-2005-0677
 	NOT-FOR-US: Zorum
-CVE-2005-0676 (index.php in Zorum 3.5 allows remote attackers to trigger an SQL ...)
+CVE-2005-0676
 	NOT-FOR-US: Zorum
-CVE-2005-0675 (Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 ...)
+CVE-2005-0675
 	NOT-FOR-US: Zorum
-CVE-2005-0674 (Cross-site scripting (XSS) vulnerability in the News module for paBox ...)
+CVE-2005-0674
 	NOT-FOR-US: Pabox for PHPNuke
-CVE-2005-0673 (Cross-site scripting (XSS) vulnerability in usercp_register.php for ...)
+CVE-2005-0673
 	- phpbb2 2.0.13-2
-CVE-2005-0672 (Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows ...)
+CVE-2005-0672
 	NOT-FOR-US: Ca3DE
-CVE-2005-0671 (Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 ...)
+CVE-2005-0671
 	NOT-FOR-US: Ca3DE
-CVE-2005-0670 (Cross-site scripting (XSS) vulnerability in phpCOIN 1.2.0 through ...)
+CVE-2005-0670
 	NOT-FOR-US: phpCOIN
-CVE-2005-0669 (Multiple SQL injection vulnerabilities in mod.php for phpCOIN 1.2.0 ...)
+CVE-2005-0669
 	NOT-FOR-US: phpCOIN
-CVE-2005-0668 (Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 ...)
+CVE-2005-0668
 	NOT-FOR-US: HAVP
-CVE-2005-0667 (Buffer overflow in Sylpheed before 1.0.3 and other versions before ...)
+CVE-2005-0667
 	- sylpheed 1.0.3-1
 	- sylpheed-claws 1.0.3-1
-CVE-2005-0666 (Unknown vulnerability in PaX from the September 2003 release to 2.2 ...)
+CVE-2005-0666
 	- kernel-patch-adamantix 1.7
-CVE-2005-0665 (Format string vulnerability in xv before 3.10a allows remote attackers ...)
+CVE-2005-0665
 	NOT-FOR-US: XV
-CVE-2005-0664 (Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly ...)
+CVE-2005-0664
 	{DSA-709-1}
 	- libexif 0.6.9-5
-CVE-2005-0663 (SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows ...)
+CVE-2005-0663
 	NOT-FOR-US: Mercury Board
-CVE-2005-0662 (Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard ...)
+CVE-2005-0662
 	NOT-FOR-US: Mercury Board
-CVE-2005-0661 (SQL injection vulnerability in the getwbbuserdata function in ...)
+CVE-2005-0661
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-0660 (Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 ...)
+CVE-2005-0660
 	NOT-FOR-US: D-Forum
-CVE-2005-0659 (phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2005-0659
 	- phpbb2 <unfixed> (unimportant)
-CVE-2005-0658 (SQL injection vulnerability in a third party extension to TYPO3 allows ...)
+CVE-2005-0658
 	NOT-FOR-US: Typo3 extension
-CVE-2005-0657 (Directory traversal vulnerability in Computalynx CProxy 3.3.x and ...)
+CVE-2005-0657
 	NOT-FOR-US: Computalynx CProxy
-CVE-2005-0656 (Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 ...)
+CVE-2005-0656
 	NOT-FOR-US: auraCMS
-CVE-2005-0655 (auraCMS 1.5 allows remote attackers to obtain sensitive information ...)
+CVE-2005-0655
 	NOT-FOR-US: auraCMS
-CVE-2005-0654 (gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote ...)
+CVE-2005-0654
 	NOTE: this is not a security issue according to maintainer
-CVE-2005-0653 (phpMyAdmin 2.6.1 does not properly grant permissions on tables with an ...)
+CVE-2005-0653
 	- phpmyadmin 3:2.6.1-pl3-1
-CVE-2005-0652 (Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha ...)
+CVE-2005-0652
 	NOT-FOR-US: OpenVMS
-CVE-2005-0651 (Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow ...)
+CVE-2005-0651
 	NOT-FOR-US: ProjectBB
-CVE-2005-0650 (Multiple cross-site scripting (XSS) vulnerabilities in ProjectBB ...)
+CVE-2005-0650
 	NOT-FOR-US: ProjectBB
-CVE-2005-0649 (Pixel-Apes SafeHTML before 1.2.1 allows remote attackers to bypass ...)
+CVE-2005-0649
 	NOT-FOR-US: Pixel-Apes SafeHTML
-CVE-2005-0648 (Multiple vulnerabilities in Pixel-Apes SafeHTML before 1.3.0 allow ...)
+CVE-2005-0648
 	NOT-FOR-US: Pixel-Apes SafeHTML
-CVE-2005-0647 (admin_setup.php in paNews 2.0.4b allows remote attackers to inject ...)
+CVE-2005-0647
 	NOT-FOR-US: paNews
-CVE-2005-0646 (SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote ...)
+CVE-2005-0646
 	NOT-FOR-US: paNews
-CVE-2005-0645 (Cross-site scripting (XSS) vulnerability in show.inc.php in cuteNews ...)
+CVE-2005-0645
 	NOT-FOR-US: CuteNews
-CVE-2005-0644 (Buffer overflow in McAfee Scan Engine 4320 with DAT version before ...)
+CVE-2005-0644
 	NOT-FOR-US: McAfee Virus Scanners
-CVE-2005-0643 (Buffer overflow in McAfee Scan Engine 4320 with DAT version before ...)
+CVE-2005-0643
 	NOT-FOR-US: McAfee Virus Scanners
-CVE-2005-0642 (SQL injection vulnerability in the Query Designer for Computer ...)
+CVE-2005-0642
 	NOT-FOR-US: Computer Associates UAM
-CVE-2005-0641 (Cross-site scripting (XSS) vulnerability in the Reporter for Computer ...)
+CVE-2005-0641
 	NOT-FOR-US: Computer Associates UAM
-CVE-2005-0640 (Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not ...)
+CVE-2005-0640
 	NOT-FOR-US: Computer Associates UAM
-CVE-2005-0639 (Multiple vulnerabilities in xli before 1.17 may allow remote attackers ...)
+CVE-2005-0639
 	{DSA-695-1 DSA-694-1}
 	- xloadimage 4.1-14.2
 	- xli 1.17.0-17
-CVE-2005-0638 (xloadimage before 4.1-r2, and xli before 1.17, allows attackers to ...)
+CVE-2005-0638
 	{DSA-695-1 DSA-694-1}
 	- xli 1.17.0-18
 	- xloadimage 4.1-14.1 (bug #298926)
-CVE-2005-0637 (The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, ...)
+CVE-2005-0637
 	NOT-FOR-US: OpenBSD
-CVE-2005-0636 (Format string vulnerability in Foxmail Server 2.0 allows remote ...)
+CVE-2005-0636
 	NOT-FOR-US: Foxmail
-CVE-2005-0635 (Buffer overflow in Foxmail Server 2.0 allows remote attackers to ...)
+CVE-2005-0635
 	NOT-FOR-US: Foxmail
-CVE-2005-0634 (Buffer overflow in Golden FTP Server 1.92 allows ...)
+CVE-2005-0634
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-0633 (Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to ...)
+CVE-2005-0633
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-0632 (PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 ...)
+CVE-2005-0632
 	NOT-FOR-US: PHPNews
-CVE-2005-0631 (delpm.php in PBLang 4.63 allows remote authenticated users to delete ...)
+CVE-2005-0631
 	NOT-FOR-US: PBLang
-CVE-2005-0630 (sendpm.php in PBLang 4.63 allows remote authenticated users to read ...)
+CVE-2005-0630
 	NOT-FOR-US: PBLang
-CVE-2005-0629 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in ...)
+CVE-2005-0629
 	NOT-FOR-US: 427BB
-CVE-2005-0628 (Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 ...)
+CVE-2005-0628
 	NOT-FOR-US: Forumwa
-CVE-2005-0627 (Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be ...)
+CVE-2005-0627
 	- qt-x11-free <not-affected> (RPATH disabled in Debian's build)
-CVE-2005-0626 (Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the ...)
+CVE-2005-0626
 	- squid 2.5.9-2
 CVE-2005-0940
 	REJECTED
-CVE-2005-0625 (reportbug 3.2 includes settings from .reportbugrc in bug reports, ...)
+CVE-2005-0625
 	- reportbug 3.8 (bug #295407)
-CVE-2005-0624 (reportbug before 2.62 creates the .reportbugrc configuration file with ...)
+CVE-2005-0624
 	- reportbug 3.8 (bug #295407)
-CVE-2005-0623 (Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions ...)
+CVE-2005-0623
 	NOT-FOR-US: RaidenHTTPD
-CVE-2005-0622 (RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows ...)
+CVE-2005-0622
 	NOT-FOR-US: RaidenHTTPD
-CVE-2005-0621 (Scrapland 1.0 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-0621
 	NOT-FOR-US: Scrapland
-CVE-2005-0620 (Einstein 1.0 stores credit card information in plaintext in the ...)
+CVE-2005-0620
 	NOT-FOR-US: Einstein
-CVE-2005-0619 (Einstein 1.0.1 stores sensitive information such as usernames and ...)
+CVE-2005-0619
 	NOT-FOR-US: Einstein
-CVE-2005-0618 (The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R ...)
+CVE-2005-0618
 	NOT-FOR-US: Symantec Firewall/VPN Appliance 200/200R firmware
-CVE-2005-0617 (SQL injection vulnerability in dl-search.php in PostNuke 0.750 and ...)
+CVE-2005-0617
 	NOT-FOR-US: PostNuke
-CVE-2005-0616 (Multiple cross-site scripting (XSS) vulnerabilities in the Download ...)
+CVE-2005-0616
 	NOT-FOR-US: PostNuke
-CVE-2005-0615 (Multiple SQL injection vulnerabilities in (1) index.php, (2) ...)
+CVE-2005-0615
 	NOT-FOR-US: PostNuke
-CVE-2005-0614 (sessions.php in phpBB 2.0.12 and earlier allows remote attackers to ...)
+CVE-2005-0614
 	- phpbb2 2.0.13-1
-CVE-2005-0613 (Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, ...)
+CVE-2005-0613
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2005-0612 (Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain ...)
+CVE-2005-0612
 	NOT-FOR-US: Cisco
-CVE-2005-0611 (Heap-based buffer overflow in RealNetworks RealPlayer 10.5 ...)
+CVE-2005-0611
 	NOT-FOR-US: Real
-CVE-2005-0610 (Multiple symlink vulnerabilities in portupgrade before 20041226_2 in ...)
+CVE-2005-0610
 	NOT-FOR-US: FreeBSD portupgrade
 CVE-2005-0609
 	REJECTED
-CVE-2005-0608 (Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote ...)
+CVE-2005-0608
 	NOT-FOR-US: Half Life WebMod
-CVE-2005-0607 (CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the ...)
+CVE-2005-0607
 	NOT-FOR-US: CubeCert
-CVE-2005-0606 (Cross-site scripting (XSS) vulnerability in settings.inc.php for ...)
+CVE-2005-0606
 	NOT-FOR-US: CubeCert
-CVE-2005-0605 (scan.c for LibXPM may allow attackers to execute arbitrary code via a ...)
+CVE-2005-0605
 	{DSA-723-1}
 	- lesstif2 1:0.93.94-11.1 (bug #298183; bug #299236)
 	NOTE: libxmp4 is the real culprit
@@ -10118,266 +10118,266 @@ CVE-2005-0605 (scan.c for LibXPM may allow attackers to execute arbitrary code v
 	- xorg-x11 <not-affected> (Fixed before upload into archive)
 	- openmotif 2.2.3-1.1 (bug #308819; medium)
 	[sarge] - openmotif <no-dsa> (Non-free)
-CVE-2005-0604 (lnss.exe in GFI Languard Network Security Scanner 5.0 stores the ...)
+CVE-2005-0604
 	NOT-FOR-US: GFI Languard Network Security Scanner
-CVE-2005-0603 (viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to ...)
+CVE-2005-0603
 	- phpbb2 2.0.13-1
-CVE-2005-0602 (Unzip 5.51 and earlier does not properly warn the user when extracting ...)
+CVE-2005-0602
 	- unzip 5.52-1
 	NOTE: um, tar does this too, not really considered a security hole
-CVE-2005-0601 (Cisco devices running Application and Content Networking System (ACNS) ...)
+CVE-2005-0601
 	NOT-FOR-US: Cisco
-CVE-2005-0600 (Cisco devices running Application and Content Networking System (ACNS) ...)
+CVE-2005-0600
 	NOT-FOR-US: Cisco
-CVE-2005-0599 (Cisco devices running Application and Content Networking System (ACNS) ...)
+CVE-2005-0599
 	NOT-FOR-US: Cisco
-CVE-2005-0598 (The RealServer RealSubscriber on Cisco devices running Application and ...)
+CVE-2005-0598
 	NOT-FOR-US: Real
-CVE-2005-0597 (Cisco devices running Application and Content Networking System (ACNS) ...)
+CVE-2005-0597
 	NOT-FOR-US: Cisco
-CVE-2005-0596 (PHP 4 (PHP4) allows attackers to cause a denial of service (daemon ...)
+CVE-2005-0596
 	NOTE: Fixed in CVS after 4.3.4 release; see http://bugs.php.net/bug.php?id=27037
 	- php4 4:4.3.8-1
-CVE-2005-0595 (Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers ...)
+CVE-2005-0595
 	NOT-FOR-US: BadBlue
-CVE-2005-0594 (Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to ...)
+CVE-2005-0594
 	NOT-FOR-US: Apple
-CVE-2005-0593 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers ...)
+CVE-2005-0593
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0592 (Heap-based buffer overflow in the UTF8ToNewUnicode function for ...)
+CVE-2005-0592
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0591 (Firefox before 1.0.1 allows remote attackers to spoof the (1) security ...)
+CVE-2005-0591
 	- mozilla-firefox 1.0.1
-CVE-2005-0590 (The installation confirmation dialog in Firefox before 1.0.1, ...)
+CVE-2005-0590
 	- mozilla-firefox 1.0.1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0589 (The Form Fill feature in Firefox before 1.0.1 allows remote attackers ...)
+CVE-2005-0589
 	- mozilla-firefox 1.0.1
-CVE-2005-0588 (Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict ...)
+CVE-2005-0588
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0587 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious ...)
+CVE-2005-0587
 	NOTE: windows only
-CVE-2005-0586 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious ...)
+CVE-2005-0586
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0585 (Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long ...)
+CVE-2005-0585
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0584 (Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the ...)
+CVE-2005-0584
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0583 (Directory traversal vulnerability in Computer Associates (CA) License ...)
+CVE-2005-0583
 	NOT-FOR-US: Computer Associates (CA) License Client
-CVE-2005-0582 (Buffer overflow in Computer Associates (CA) License Client 0.1.0.15 ...)
+CVE-2005-0582
 	NOT-FOR-US: Computer Associates (CA) License Client
-CVE-2005-0581 (Multiple buffer overflows in Computer Associates (CA) License Client ...)
+CVE-2005-0581
 	NOT-FOR-US: Computer Associates (CA) License Client
-CVE-2005-0580 (cmd5checkpw, when running setuid, does not properly drop privileges ...)
+CVE-2005-0580
 	NOT-FOR-US: cmd5checkpw
-CVE-2005-0579 (nxagent in FreeNX before 0.2.8 does not properly handle when the ...)
+CVE-2005-0579
 	NOT-FOR-US: FreeNX
-CVE-2005-0578 (Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable ...)
+CVE-2005-0578
 	- mozilla-firefox 1.0.1-1
-CVE-2005-0577 (Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier ...)
+CVE-2005-0577
 	NOT-FOR-US: MKBold-MKItalic
-CVE-2005-0576 (Unknown vulnerability in Standard Type Services Framework (STSF) Font ...)
+CVE-2005-0576
 	NOT-FOR-US: STSF in Solaris
-CVE-2005-0575 (Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote ...)
+CVE-2005-0575
 	NOT-FOR-US: Stormy Studios Knet
-CVE-2005-0574 (Directory traversal vulnerability in CIS WebServer 3.5.13 allows ...)
+CVE-2005-0574
 	NOT-FOR-US: CIS Webserver
-CVE-2005-0573 (Gaim 1.1.3 on Windows systems allows remote attackers to cause a ...)
+CVE-2005-0573
 	NOTE: Historic Gaim on Windows
-CVE-2005-0572 (index.php in phpWebSite 0.10.0 and earlier allows remote attackers to ...)
+CVE-2005-0572
 	NOT-FOR-US: phpWebSite
-CVE-2005-0571 (admin_loader.php in PunBB 1.2.1 allows remote attackers to read ...)
+CVE-2005-0571
 	NOT-FOR-US: PunBB
-CVE-2005-0570 (profile.php in PunBB 1.2.1 allows remote attackers to cause a denial ...)
+CVE-2005-0570
 	NOT-FOR-US: PunBB
-CVE-2005-0569 (Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote ...)
+CVE-2005-0569
 	NOT-FOR-US: PunBB
-CVE-2005-0568 (Soldier of Fortune II 1.03 gold allows remote attackers to cause a ...)
+CVE-2005-0568
 	NOT-FOR-US: Soldier of Fortune II
-CVE-2005-0567 (Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 ...)
+CVE-2005-0567
 	- phpmyadmin 3:2.6.1-pl2-1
-CVE-2005-0566 (Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows ...)
+CVE-2005-0566
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-0565 (The Announce module in phpWebSite 0.10.0 and earlier allows remote ...)
+CVE-2005-0565
 	NOT-FOR-US: phpWebSite
-CVE-2005-0564 (Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and ...)
+CVE-2005-0564
 	NOT-FOR-US: Microsoft Word
-CVE-2005-0563 (Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web ...)
+CVE-2005-0563
 	NOT-FOR-US: Microsoft
-CVE-2005-0562 (GIF file validation error in MSN Messenger 6.2 allows remote attackers ...)
+CVE-2005-0562
 	NOT-FOR-US: MSN Messenger
 CVE-2005-0561
 	RESERVED
-CVE-2005-0560 (Heap-based buffer overflow in the SvrAppendReceivedChunk function in ...)
+CVE-2005-0560
 	NOT-FOR-US: Exchange server
 CVE-2005-0559
 	RESERVED
-CVE-2005-0558 (Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 ...)
+CVE-2005-0558
 	NOT-FOR-US: Microsoft Word
 CVE-2005-0557
 	RESERVED
 CVE-2005-0556
 	RESERVED
-CVE-2005-0555 (Buffer overflow in the Content Advisor in Microsoft Internet Explorer ...)
+CVE-2005-0555
 	NOT-FOR-US: MSIE
-CVE-2005-0554 (Buffer overflow in the URL processor of Microsoft Internet Explorer ...)
+CVE-2005-0554
 	NOT-FOR-US: MSIE
-CVE-2005-0553 (Race condition in the memory management routines in the DHTML object ...)
+CVE-2005-0553
 	NOT-FOR-US: MSIE
 CVE-2005-0552
 	RESERVED
-CVE-2005-0551 (Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime ...)
+CVE-2005-0551
 	NOT-FOR-US: Microsoft
-CVE-2005-0550 (Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and ...)
+CVE-2005-0550
 	NOT-FOR-US: Microsoft
-CVE-2005-0549 (Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 ...)
+CVE-2005-0549
 	NOT-FOR-US: Solaris
-CVE-2005-0548 (Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 ...)
+CVE-2005-0548
 	NOT-FOR-US: Solaris
-CVE-2005-0547 (Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, ...)
+CVE-2005-0547
 	NOT-FOR-US: ftpd on HP-UX
-CVE-2005-0546 (Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow ...)
+CVE-2005-0546
 	- cyrus21-imapd 2.1.18-1
-CVE-2005-0545 (Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running ...)
+CVE-2005-0545
 	NOT-FOR-US: MS Office
-CVE-2005-0544 (phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of ...)
+CVE-2005-0544
 	- phpmyadmin 3:2.6.1-pl2-1
-CVE-2005-0543 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows ...)
+CVE-2005-0543
 	- phpmyadmin 3:2.6.1-pl2-1
-CVE-2005-0542 (saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 ...)
+CVE-2005-0542
 	NOT-FOR-US: Cyclades AlterPath Manager
-CVE-2005-0541 (consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server ...)
+CVE-2005-0541
 	NOT-FOR-US: Cyclades AlterPath Manager
-CVE-2005-0540 (Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote ...)
+CVE-2005-0540
 	NOT-FOR-US: Cyclades AlterPath Manager
-CVE-2005-0539 (Unknown vulnerability in IBM Hardware Management Console (HMC) before ...)
+CVE-2005-0539
 	NOT-FOR-US: IBM
-CVE-2005-0538 (Directory traversal vulnerability in (1) GinpPictureServlet.java and ...)
+CVE-2005-0538
 	NOT-FOR-US: ginp
-CVE-2005-0537 (Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) ...)
+CVE-2005-0537
 	NOT-FOR-US: iGeneric (iG) Shop
-CVE-2005-0536 (Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and ...)
+CVE-2005-0536
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-0535 (Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x ...)
+CVE-2005-0535
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-0534 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x ...)
+CVE-2005-0534
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-0533 (Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI ...)
+CVE-2005-0533
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2005-0532 (The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c ...)
+CVE-2005-0532
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11-rc4)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0531 (The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 ...)
+CVE-2005-0531
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11-rc4)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2005-0530 (Signedness error in the copy_from_read_buf function in n_tty.c for ...)
+CVE-2005-0530
 	- kernel-source-2.6.8 2.6.8-14
 	NOTE: affects only 2.6 (see #296906)
-CVE-2005-0529 (Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for ...)
+CVE-2005-0529
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
 CVE-2005-0528
 	REJECTED
-CVE-2005-0527 (Firefox 1.0 allows remote attackers to execute arbitrary code via ...)
+CVE-2005-0527
 	- mozilla-firefox 1.0.1
 	NOTE: didn't other with YA mozilla-browser bug, it has enough for 1.7.6 already..
 	- mozilla 2:1.7.6
-CVE-2005-0526 (Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 ...)
+CVE-2005-0526
 	NOT-FOR-US: PBLang
-CVE-2005-0525 (The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 ...)
+CVE-2005-0525
 	{DSA-729-1 DSA-708-1}
 	- php4 4:4.3.10-10
 	- php3 3:3.0.18-31
-CVE-2005-0524 (The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 ...)
+CVE-2005-0524
 	- php3 <not-affected>
 	- php4 4:4.3.10-10
-CVE-2005-0523 (Format string vulnerability in ProZilla 1.3.7.3 and earlier allows ...)
+CVE-2005-0523
 	{DSA-719-1}
 	- prozilla 1:1.3.7.4-1
-CVE-2005-0522 (Chat Anywhere 2.72a stores sensitive information such as passwords in ...)
+CVE-2005-0522
 	NOT-FOR-US: Chat Anywhere
-CVE-2005-0521 (SendLink 1.5 stores sensitive information, possibly including ...)
+CVE-2005-0521
 	NOT-FOR-US: SendLink
-CVE-2005-0520 (ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read ...)
+CVE-2005-0520
 	NOT-FOR-US: ArGoSoft
-CVE-2005-0519 (ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read ...)
+CVE-2005-0519
 	NOT-FOR-US: ArGoSoft
-CVE-2005-0518 (eXeem 0.21 stores sensitive information such as passwords in plaintext ...)
+CVE-2005-0518
 	NOT-FOR-US: eXeem
-CVE-2005-0517 (PeerFTP_5 stores sensitive information such as passwords in plaintext ...)
+CVE-2005-0517
 	NOT-FOR-US: PeerFTP
-CVE-2005-0516 (The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote ...)
+CVE-2005-0516
 	NOT-FOR-US: ImageGalleryPlugin for Twiki
-CVE-2005-0515 (Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other ...)
+CVE-2005-0515
 	NOT-FOR-US: My Firewall Plus
-CVE-2005-0514 (Cross-site scripting (XSS) vulnerability in Verity Ultraseek before ...)
+CVE-2005-0514
 	NOT-FOR-US: Verity Ultraseek
-CVE-2005-0513 (PHP remote file inclusion vulnerability in mail_autocheck.php in the ...)
+CVE-2005-0513
 	NOT-FOR-US: pMachine
-CVE-2005-0512 (PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 ...)
+CVE-2005-0512
 	NOT-FOR-US: Mambo
-CVE-2005-0511 (misc.php for vBulletin 3.0.6 and earlier, when &quot;Add Template Name in ...)
+CVE-2005-0511
 	NOT-FOR-US: vBulletin
-CVE-2005-0510 (The daemon for fallback-reboot before 0.995 allows attackers to cause ...)
+CVE-2005-0510
 	NOT-FOR-US: fallback-reboot
-CVE-2005-0509 (Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 ...)
+CVE-2005-0509
 	NOTE: default config of Mono not vulnerable
 	- mono 1.1.6-4 (medium)
-CVE-2005-0508 (Unknown vulnerability in Squiggle for Batik before 1.5.1 allows ...)
+CVE-2005-0508
 	- batik 1.5.1-1
-CVE-2005-0507 (Directory traversal vulnerability in SD Server 4.0.70 and earlier ...)
+CVE-2005-0507
 	NOT-FOR-US: SD Server
-CVE-2005-0506 (The Avaya IP Office Phone Manager, and other products such as the IP ...)
+CVE-2005-0506
 	NOT-FOR-US: Avaya IP Office Phone Manager
-CVE-2005-0505 (Unknown vulnerability in Information Resource Manager (IRM) before ...)
+CVE-2005-0505
 	- irm 1.5.3.1-1
-CVE-2005-0504 (Buffer overflow in the MoxaDriverIoctl function for the moxa serial ...)
+CVE-2005-0504
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.6.8 2.6.8-12
 	- kernel-source-2.6.9 2.6.9-5
 	- kernel-source-2.6.10 2.6.10-2
 	- kernel-source-2.4.27 2.4.27-8
-CVE-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...)
+CVE-2005-0503
 	- uim 1:0.4.6beta2-1
-CVE-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows ...)
+CVE-2005-0502
 	NOT-FOR-US: Xinkaa
-CVE-2005-0501 (Buffer overflow in Bontago 1.1 and earlier allows remote attackers to ...)
+CVE-2005-0501
 	NOT-FOR-US: Bontago
-CVE-2005-0500 (Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to ...)
+CVE-2005-0500
 	NOT-FOR-US: MSIE6
-CVE-2005-0499 (Gigafast router (aka CompUSA router) with the DNS proxy option enabled ...)
+CVE-2005-0499
 	NOT-FOR-US: Gigafast router
-CVE-2005-0498 (Gigafast router (aka CompUSA router) allows remote attackers to gain ...)
+CVE-2005-0498
 	NOT-FOR-US: Gigafast router
-CVE-2005-0497 (ADP Elite System Max 9000 allows remote authenticated users to gain ...)
+CVE-2005-0497
 	NOT-FOR-US: ADP Elite System
-CVE-2005-0496 (Arkeia Network Backup Client 5.x contains hard-coded credentials that ...)
+CVE-2005-0496
 	NOT-FOR-US: Arkeia Network Backup
-CVE-2005-0495 (Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote ...)
+CVE-2005-0495
 	NOT-FOR-US: ZeroBoard
-CVE-2005-0494 (The RgSecurity form in the HTTP server for the Thomson TCW690 cable ...)
+CVE-2005-0494
 	NOT-FOR-US: Thomson TCW690 cable modem
-CVE-2005-0493 (CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before ...)
+CVE-2005-0493
 	NOT-FOR-US: Biz Mail From
-CVE-2005-0492 (Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause ...)
+CVE-2005-0492
 	NOT-FOR-US: Acrobat Reader
-CVE-2005-0491 (Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows ...)
+CVE-2005-0491
 	NOT-FOR-US: Arkeia Server Backup
-CVE-2005-0490 (Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and ...)
+CVE-2005-0490
 	- curl 7.13.0-2
-CVE-2005-0489 (The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows ...)
+CVE-2005-0489
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before initial release)
-CVE-2005-0488 (Certain BSD-based Telnet clients, including those used on Solaris and ...)
+CVE-2005-0488
 	- krb4 <unfixed> (unimportant)
 	[woody] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
 	[sarge] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
@@ -10386,312 +10386,312 @@ CVE-2005-0488 (Certain BSD-based Telnet clients, including those used on Solaris
 	[sarge] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
 	- netkit-telnet <not-affected> (netkit-telnet is not affected)
 	NOTE: telnet code was removed earlier than 1.8.3, but that's the version that was available to check
-CVE-2005-0487 (Cross-site scripting (XSS) vulnerability in index.php for Kayako ...)
+CVE-2005-0487
 	NOT-FOR-US: Kyako ESupport
-CVE-2005-0486 (Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and ...)
+CVE-2005-0486
 	NOT-FOR-US: Tarantella Secure Global Desktop
-CVE-2005-0485 (Cross-site scripting (XSS) vulnerability in comment.php for paNews ...)
+CVE-2005-0485
 	NOT-FOR-US: paNews
-CVE-2005-0484 (Format string vulnerability in gprostats for GProFTPD before 8.1.9 may ...)
+CVE-2005-0484
 	NOT-FOR-US: GProFTPD
-CVE-2005-0483 (Multiple directory traversal vulnerabilities in sitenfo.sh, ...)
+CVE-2005-0483
 	NOT-FOR-US: Glftpd
-CVE-2005-0482 (TrackerCam 5.12 and earlier allows remote attackers to cause a denial ...)
+CVE-2005-0482
 	NOT-FOR-US: TrackerCam
-CVE-2005-0481 (TrackerCam 5.12 and earlier allows remote attackers to read log files ...)
+CVE-2005-0481
 	NOT-FOR-US: TrackerCam
-CVE-2005-0480 (Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and ...)
+CVE-2005-0480
 	NOT-FOR-US: TrackerCam
-CVE-2005-0479 (Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam ...)
+CVE-2005-0479
 	NOT-FOR-US: TrackerCam
-CVE-2005-0478 (Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote ...)
+CVE-2005-0478
 	NOT-FOR-US: TrackerCam
-CVE-2005-0477 (Cross-site scripting (XSS) vulnerability in the SML code for Invision ...)
+CVE-2005-0477
 	NOT-FOR-US: Invision Power Board
-CVE-2005-0476 (Cross-site scripting (XSS) vulnerability in hpm_guestbook.cgi allows ...)
+CVE-2005-0476
 	NOT-FOR-US: hpm_guestbook.cgi
-CVE-2005-0475 (SQL injection vulnerability in paFAQ Beta4, and possibly other ...)
+CVE-2005-0475
 	NOT-FOR-US: paFAQ
-CVE-2005-0474 (SQL injection vulnerability in the user_valid_crypt function in ...)
+CVE-2005-0474
 	- webcalendar 0.9.45-3
-CVE-2005-0473 (The HTML parsing functions in Gaim before 1.1.3 allow remote attackers ...)
+CVE-2005-0473
 	- gaim 1:1.1.3-1
-CVE-2005-0472 (Gaim before 1.1.3 allows remote attackers to cause a denial of service ...)
+CVE-2005-0472
 	{DSA-716-1}
 	- gaim 1:1.1.3-1
-CVE-2005-0471 (Sun Java JRE 1.1.x through 1.4.x writes temporary files with long ...)
+CVE-2005-0471
 	NOT-FOR-US: SUN JRE
-CVE-2005-0470 (Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers ...)
+CVE-2005-0470
 	- wpasupplicant 0.3.8-1
-CVE-2005-0469 (Buffer overflow in the slc_add_reply function in various BSD-based ...)
+CVE-2005-0469
 	{DSA-765-1 DSA-731-1 DSA-703-1 DSA-699-1 DSA-697-1}
 	- krb4 1.2.2-11.2 (bug #306141)
 	- krb5 1.3.6-2
 	- netkit-telnet-ssl 0.17.24+0.1-7.1 (bug #302036)
 	- netkit-telnet 0.17-28
 	- heimdal 0.6.3-10
-CVE-2005-0468 (Heap-based buffer overflow in the env_opt_add function in telnet.c for ...)
+CVE-2005-0468
 	{DSA-731-1 DSA-703-1}
 	- krb5 1.3.6-2
 	- krb4 1.2.2-11.2 (bug #306141)
-CVE-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2) ...)
+CVE-2005-0467
 	- putty 0.57-1
 CVE-2005-0466
 	RESERVED
-CVE-2005-0465 (gr_osview in SGI IRIX does not drop privileges before opening files, ...)
+CVE-2005-0465
 	NOT-FOR-US: SGI IRIX
-CVE-2005-0464 (gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does ...)
+CVE-2005-0464
 	NOT-FOR-US: SGI IRIX
-CVE-2005-0463 (Unknown &quot;major security flaws&quot; in Ulog-php before 1.0, related to ...)
+CVE-2005-0463
 	NOT-FOR-US: ulog-php
-CVE-2005-0462 (Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and ...)
+CVE-2005-0462
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0461 (Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote ...)
+CVE-2005-0461
 	NOT-FOR-US: NewsBruiser
-CVE-2005-0460 (index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to ...)
+CVE-2005-0460
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0459 (phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote ...)
+CVE-2005-0459
 	- phpmyadmin 4:2.6.2 (unimportant)
 	NOTE: From maintainer Piotr Roszatycki <Piotr_Roszatycki@netia.net.pl> :
 	NOTE: I think it is not a problem on Debian as far as everybody knows the full
 	NOTE: path of phpMyAdmin is /usr/share/phpmyadmin.
-CVE-2005-0458 (Cross-site scripting (XSS) vulnerability in contact_us.php in ...)
+CVE-2005-0458
 	- oscommerce <itp> (bug #532489)
-CVE-2005-0457 (Opera 7.54 and earlier on Gentoo Linux uses an insecure path for ...)
+CVE-2005-0457
 	NOT-FOR-US: Opera
-CVE-2005-0456 (Opera 7.54 and earlier does not properly validate base64 encoded ...)
+CVE-2005-0456
 	NOT-FOR-US: Opera
-CVE-2005-0455 (Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed ...)
+CVE-2005-0455
 	NOT-FOR-US: Real
-CVE-2005-0454 (Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier ...)
+CVE-2005-0454
 	NOT-FOR-US: DCP-Portal
-CVE-2005-0453 (The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not ...)
+CVE-2005-0453
 	NOT-FOR-US: Lighttpd
-CVE-2005-0452 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ...)
+CVE-2005-0452
 	NOT-FOR-US: Microsoft
-CVE-2005-0451 (Sami HTTP Server 1.0.5 allows remote attackers to cause a denial of ...)
+CVE-2005-0451
 	NOT-FOR-US: Sami HTTP Server
-CVE-2005-0450 (Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows ...)
+CVE-2005-0450
 	NOT-FOR-US: Sami HTTP Server
-CVE-2005-0449 (The netfilter/iptables module in Linux before 2.6.8.1 allows remote ...)
+CVE-2005-0449
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 <not-affected> (Vulnerable code was removed betwen 2.6.11 and 2.6.12)
-CVE-2005-0448 (Race condition in the rmtree function in File::Path.pm in Perl before ...)
+CVE-2005-0448
 	{DSA-1678-1 DSA-696-1}
 	- perl 5.8.4-7
-CVE-2005-0430 (The Quake 3 engine, as used in multiple game packages, allows remote ...)
+CVE-2005-0430
 	NOT-FOR-US: Quake 3
-CVE-2005-0447 (Solaris 7, 8, and 9 allows remote attackers to cause a denial of ...)
+CVE-2005-0447
 	NOT-FOR-US: Solaris
-CVE-2005-0446 (Squid 2.5.STABLE8 and earlier allows remote attackers to cause a ...)
+CVE-2005-0446
 	{DSA-688-1}
 	- squid 2.5.8-3
-CVE-2005-0445 (Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows ...)
+CVE-2005-0445
 	- openwebmail <removed>
-CVE-2005-0444 (VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries ...)
+CVE-2005-0444
 	NOT-FOR-US: VMware
-CVE-2005-0443 (index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the ...)
+CVE-2005-0443
 	NOT-FOR-US: CubeCart
-CVE-2005-0442 (Directory traversal vulnerability in index.php for CubeCart 2.0.4 ...)
+CVE-2005-0442
 	NOT-FOR-US: CubeCart
-CVE-2005-0441 (Multiple stack-based buffer overflows in Sybase Adaptive Server ...)
+CVE-2005-0441
 	NOT-FOR-US: Sybase
-CVE-2005-0440 (ELOG before 2.5.7 allows remote attackers to bypass authentication and ...)
+CVE-2005-0440
 	- elog 2.5.7+r1558-1
-CVE-2005-0439 (Buffer overflow in the decode_post function in ELOG before 2.5.7 ...)
+CVE-2005-0439
 	- elog 2.5.7+r1558-1
-CVE-2005-0438 (awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain ...)
+CVE-2005-0438
 	- awstats 6.3-1
-CVE-2005-0437 (Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 ...)
+CVE-2005-0437
 	- awstats 6.3-1
-CVE-2005-0436 (Direct code injection vulnerability in awstats.pl in AWStats 6.3 and ...)
+CVE-2005-0436
 	- awstats 6.3-1
-CVE-2005-0435 (awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read ...)
+CVE-2005-0435
 	- awstats 6.3-1
-CVE-2005-0434 (Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 ...)
+CVE-2005-0434
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0433 (Php-Nuke 7.5 allows remote attackers to determine the full path of the ...)
+CVE-2005-0433
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0432 (BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service ...)
+CVE-2005-0432
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2005-0431 (Barracuda Spam Firewall 3.1.10 and earlier does not restrict the ...)
+CVE-2005-0431
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2005-0429 (Direct code injection vulnerability in forumdisplay.php in vBulletin ...)
+CVE-2005-0429
 	NOT-FOR-US: vBulletin
-CVE-2005-0428 (The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 ...)
+CVE-2005-0428
 	- pdns 2.9.16-6
-CVE-2005-0427 (The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the ...)
+CVE-2005-0427
 	- webmin <not-affected> (Gentoo specific)
-CVE-2005-0426 (Unknown vulnerability in Solaris 8 and 9 allows remote attackers to ...)
+CVE-2005-0426
 	NOT-FOR-US: Solaris
-CVE-2005-0425 (Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, ...)
+CVE-2005-0425
 	NOT-FOR-US: Websphere
-CVE-2005-0424 (Unknown vulnerability in the delete.asp program in certain versions of ...)
+CVE-2005-0424
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2005-0423 (SQL injection vulnerability in login.asp in ASPjar Guestbook allows ...)
+CVE-2005-0423
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2005-0422 (DelphiTurk CodeBank (aka KodBank) 3.1 and earlier stores usernames and ...)
+CVE-2005-0422
 	NOT-FOR-US: DelphiTurk
-CVE-2005-0421 (DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat ...)
+CVE-2005-0421
 	NOT-FOR-US: DelphiTurk
-CVE-2005-0420 (Microsoft Outlook Web Access (OWA), when used with Exchange, allows ...)
+CVE-2005-0420
 	NOT-FOR-US: Microsoft
-CVE-2005-0419 (Multiple heap-based buffer overflows in 3Com 3CServer allow remote ...)
+CVE-2005-0419
 	NOT-FOR-US: 3com
-CVE-2005-0418 (Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up ...)
+CVE-2005-0418
 	NOT-FOR-US: Sun Java
-CVE-2005-0417 (Unknown &quot;high risk&quot; vulnerability in DB2 Universal Database 8.1 and ...)
+CVE-2005-0417
 	NOT-FOR-US: IBM DB2
-CVE-2005-0416 (The Windows Animated Cursor (ANI) capability in Windows NT, Windows ...)
+CVE-2005-0416
 	NOT-FOR-US: Windows
-CVE-2005-0415 (Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow ...)
+CVE-2005-0415
 	NOT-FOR-US: Emdros
-CVE-2005-0414 (SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows ...)
+CVE-2005-0414
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0413 (Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote ...)
+CVE-2005-0413
 	NOT-FOR-US: MyPHP Forum
-CVE-2005-0412 (Cross-site scripting (XSS) vulnerability in Spidean PostWrap allows ...)
+CVE-2005-0412
 	NOT-FOR-US: Spidean PostWrap
-CVE-2005-0411 (Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and ...)
+CVE-2005-0411
 	NOT-FOR-US: CitrusDB
-CVE-2005-0410 (SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and ...)
+CVE-2005-0410
 	NOT-FOR-US: CitrusDB
-CVE-2005-0409 (CitrusDB 0.3.6 and earlier does not verify authorization for the (1) ...)
+CVE-2005-0409
 	NOT-FOR-US: CitrusDB
-CVE-2005-0408 (CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of ...)
+CVE-2005-0408
 	NOT-FOR-US: CitrusDB
-CVE-2005-0407 (Cross-site scripting (XSS) vulnerability in Openconf 1.04, and ...)
+CVE-2005-0407
 	NOT-FOR-US: Openconf
-CVE-2005-0406 (A design flaw in image processing software that modifies JPEG images ...)
+CVE-2005-0406
 	- imagemagick <unfixed> (bug #298051; unimportant)
 	NOTE: <Maulkin> The EXIF spec says "if your app can't handle $foo, don't touch $foo"
 	NOTE: <Piet> 'convert -strip' will remove exif data according to http://web.archive.org/web/20130922031724/http://www.imagemagick.org:80/pipermail/magick-users/2006-May/017538.html
 CVE-2005-0405
 	RESERVED
-CVE-2005-0404 (KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email ...)
+CVE-2005-0404
 	NOTE: see http://bugs.kde.org/show_bug.cgi?id=96020
 	- kdepim 3.4-1 (bug #305601; low)
 	[sarge] - kdepim <no-dsa> (Hardly exploitable)
 	NOTE: According to the KDE bug the URL bar in 3.4 cannot be manipulated. Kmail also
 	NOTE: warns that HTML mails introduce the risk of phishing. This could as well
 	NOTE: be unimportant
-CVE-2005-0403 (init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat ...)
+CVE-2005-0403
 	- glibc <not-affected> (Specific to the NPTL backport for RHEL 3)
-CVE-2005-0402 (Firefox before 1.0.2 allows remote attackers to execute arbitrary code ...)
+CVE-2005-0402
 	- mozilla-firefox 1.0.2-1
-CVE-2005-0401 (FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all ...)
+CVE-2005-0401
 	- mozilla-firefox 1.0.2-1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0400 (The ext2_make_empty function call in the Linux kernel before 2.6.11.6 ...)
+CVE-2005-0400
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.6)
 	- kernel-source-2.4.27 2.4.27-10 (bug #303294)
-CVE-2005-0399 (Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, ...)
+CVE-2005-0399
 	- mozilla-firefox 1.0.2-1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0398 (The KAME racoon daemon in ipsec-tools before 0.5 allows remote ...)
+CVE-2005-0398
 	- ipsec-tools 1:0.5-5
-CVE-2005-0397 (Format string vulnerability in the SetImageInfo function in image.c ...)
+CVE-2005-0397
 	{DSA-702-1}
 	- imagemagick 6:6.0.6.2-2.2 (bug #297990)
 	- graphicsmagick 1.1.7-1
-CVE-2005-0396 (Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE ...)
+CVE-2005-0396
 	NOTE: fix in -4 was broken
 	- kdelibs 4:3.3.2-6
 CVE-2005-0395
 	REJECTED
 CVE-2005-0394
 	RESERVED
-CVE-2005-0393 (The helper scripts for crip 3.5 do not properly use temporary files, ...)
+CVE-2005-0393
 	{DSA-733-1}
 	- crip 3.5-1sarge2 (low)
-CVE-2005-0392 (ppxp does not drop root privileges before opening log files, which ...)
+CVE-2005-0392
 	{DSA-725-2 DSA-725-1}
 	- ppxp 0.2001080415-11
-CVE-2005-0391 (geneweb 4.10 and earlier does not properly check file permissions and ...)
+CVE-2005-0391
 	{DSA-712-1}
 	- geneweb 4.10-7 (bug #304405)
-CVE-2005-0390 (Buffer overflow in the HTTP redirection capability in conn.c for Axel ...)
+CVE-2005-0390
 	{DSA-706-1}
 	- axel 1.0b-1
 CVE-2005-0389
 	REJECTED
-CVE-2005-0388 (Unknown vulnerability in the remoteping service in remstats 1.0.13 and ...)
+CVE-2005-0388
 	{DSA-704-1}
 	- remstats 1.0.13a-5
-CVE-2005-0387 (remstats 1.0.13 and earlier, when processing uptime data, allows local ...)
+CVE-2005-0387
 	{DSA-704-1}
 	- remstats 1.0.13a-5
-CVE-2005-0386 (Cross-site scripting (XSS) vulnerability in network.cgi in mailreader ...)
+CVE-2005-0386
 	{DSA-700-1}
 	- mailreader 2.3.29-11
-CVE-2005-0385 (Buffer overflow in luxman before 0.41, if used with certain insecure ...)
+CVE-2005-0385
 	{DSA-693-1}
 	- luxman 0.41-20 (bug #299857)
-CVE-2005-0384 (Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 ...)
+CVE-2005-0384
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2005-0383 (Trend Micro Control Manager 3.0 Enterprise Edition allows remote ...)
+CVE-2005-0383
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2005-0382 (Breed patch 1 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-0382
 	NOT-FOR-US: Breed game
-CVE-2005-0381 (Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 ...)
+CVE-2005-0381
 	NOT-FOR-US: forumKIT
-CVE-2005-0380 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
+CVE-2005-0380
 	NOT-FOR-US: ZeroBoard
-CVE-2005-0379 (Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and ...)
+CVE-2005-0379
 	NOT-FOR-US: ZeroBoard
-CVE-2005-0378 (Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow ...)
+CVE-2005-0378
 	- horde2 <not-affected>
 	- horde3 3.0.1-1
-CVE-2005-0377 (SQL injection vulnerability in imageview.php for SGallery 1.01 allows ...)
+CVE-2005-0377
 	NOT-FOR-US: sgallery
-CVE-2005-0376 (PHP remote file inclusion vulnerability in SGallery 1.01 allows local ...)
+CVE-2005-0376
 	NOT-FOR-US: sgallery
-CVE-2005-0375 (imageview.php in SGallery 1.01 allows remote attackers to obtain ...)
+CVE-2005-0375
 	NOT-FOR-US: sgallery
-CVE-2005-0374 (Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier ...)
+CVE-2005-0374
 	NOT-FOR-US: bitboard
-CVE-2005-0373 (Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as ...)
+CVE-2005-0373
 	NOTE: had to extract gentoo ebuild from rsync.gentoo.org to get details
 	NOTE: see cyrus-sasl-2.1.18-cvs-1.172.patch in there
 	NOTE: cyrus-sasl2 already has patch applied
 	NOTE: oldstable version not affected, thus marking it as done with the oldstable version
 	- cyrus-sasl <not-affected> (cyrus-sasl code seems too old for any of the problems to apply)
 	- cyrus-sasl2 2.1.19.dfsg1-0sarge2
-CVE-2005-0372 (Directory traversal vulnerability in gftp before 2.0.18 for GTK+ ...)
+CVE-2005-0372
 	{DSA-686-1}
 	- gftp 2.0.18-1
 	NOTE: CVE entry claims that 2.0.18 is vulnerable, but this is wrong.
-CVE-2005-0371 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ...)
+CVE-2005-0371
 	- armagetron 0.2.8.2.1-1 (bug #296840; low)
 	[sarge] - armagetron <no-dsa> (Remaining vulnerabilities are minor)
 	[etch] - armagetron <no-dsa> (Remaining vulnerabilities are minor)
-CVE-2005-0370 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ...)
+CVE-2005-0370
 	- armagetron 0.2.7.0-1
 	NOTE: Sarge has this version number, but oldstable is affected
-CVE-2005-0369 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier ...)
+CVE-2005-0369
 	- armagetron 0.2.7.0-1
 	NOTE: Sarge has this version number, but olstable is affected
-CVE-2005-0368 (Multiple SQL injection vulnerabilities in CMScore allow remote ...)
+CVE-2005-0368
 	NOT-FOR-US: CMScore
-CVE-2005-0367 (Multiple directory traversal vulnerabilities in ArGoSoft Mail Server ...)
+CVE-2005-0367
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2005-0366 (The integrity check feature in OpenPGP, when handling a message that ...)
+CVE-2005-0366
 	- gnupg 1.4.1-1
-CVE-2005-0364 (Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and ...)
+CVE-2005-0364
 	- bind9 <not-affected> (Bind on hp-ux)
 CVE-2005-0361
 	RESERVED
-CVE-2005-0360 (The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked ...)
+CVE-2005-0360
 	NOT-FOR-US: Microsoft
-CVE-2005-0359 (The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 ...)
+CVE-2005-0359
 	NOT-FOR-US: EMC Legato
-CVE-2005-0358 (EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge ...)
+CVE-2005-0358
 	NOT-FOR-US: EMC Legato
-CVE-2005-0357 (EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge ...)
+CVE-2005-0357
 	NOT-FOR-US: EMC Legato
-CVE-2005-0356 (Multiple TCP implementations with Protection Against Wrapped Sequence ...)
+CVE-2005-0356
 	- linux-2.6 <not-affected> (Linux is not vulnerable, see #310804)
 	- kernel-source-2.4.27 <not-affected> (Linux is not vulnerable, see #310804)
 	- kfreebsd5-source 5.3-15 (medium)
@@ -10699,328 +10699,328 @@ CVE-2005-0355
 	RESERVED
 CVE-2005-0354
 	RESERVED
-CVE-2005-0353 (Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel ...)
+CVE-2005-0353
 	NOT-FOR-US: Sentinel License Manager
-CVE-2005-0352 (Servers Alive 4.1 and 5.0, when running as a service, does not drop ...)
+CVE-2005-0352
 	NOT-FOR-US: Servers Alive
-CVE-2005-0351 (Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO ...)
+CVE-2005-0351
 	NOT-FOR-US: SCO OpenServer
-CVE-2005-0350 (Heap-based buffer overflow in multiple F-Secure Anti-Virus and ...)
+CVE-2005-0350
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2005-0349 (The production release of the UniversalAgent for UNIX in BrightStor ...)
+CVE-2005-0349
 	NOT-FOR-US: BrightStor ARCserve Backup
-CVE-2005-0365 (The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files ...)
+CVE-2005-0365
 	- kdelibs 4:3.3.2-2
-CVE-2005-0363 (awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute ...)
+CVE-2005-0363
 	{DSA-682-1}
 	- awstats 6.2-1.2
-CVE-2005-0362 (awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary ...)
+CVE-2005-0362
 	- awstats 6.2-1.2
 	NOTE: http://patches.ubuntu.com/patches/awstats.more-CVE-2005-0016.diff
 	NOTE: http://packetstormsecurity.nl/0501-exploits/AWStatsVulnAnalysis.pdf
-CVE-2005-0284 (SQL injection vulnerability in addentry.php in Woltlab Burning Book ...)
+CVE-2005-0284
 	NOT-FOR-US: Woltlab Burning Book
-CVE-2005-0348 (Directory traversal vulnerability in RealArcade 1.2.0.994 allows ...)
+CVE-2005-0348
 	NOT-FOR-US: RealArcade
-CVE-2005-0347 (Integer overflow in RealArcade 1.2.0.994 and earlier allows remote ...)
+CVE-2005-0347
 	NOT-FOR-US: RealArcade
-CVE-2005-0346 (SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) ...)
+CVE-2005-0346
 	NOT-FOR-US: SafeNet
-CVE-2005-0345 (viewthread.php in php-fusion 4.x does not check the (1) forum_id or ...)
+CVE-2005-0345
 	NOT-FOR-US: php-fusion
-CVE-2005-0344 (Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 ...)
+CVE-2005-0344
 	NOT-FOR-US: 602LAN SUITE
-CVE-2005-0343 (SQL injection vulnerability in PerlDesk 1.x allows remote attackers to ...)
+CVE-2005-0343
 	NOT-FOR-US: PerlDesk
-CVE-2005-0342 (The Finder in Mac OS X and earlier allows local users to overwrite ...)
+CVE-2005-0342
 	NOT-FOR-US: Apple
-CVE-2005-0341 (Apple Safari 1.2.4 does not obey the Content-type field in the HTTP ...)
+CVE-2005-0341
 	NOT-FOR-US: Apple
-CVE-2005-0340 (Integer signedness error in Apple File Service (AFP Server) allows ...)
+CVE-2005-0340
 	NOT-FOR-US: Apple
-CVE-2005-0339 (Buffer overflow in Foxmail 2.0 allows remote attackers to cause a ...)
+CVE-2005-0339
 	NOT-FOR-US: Foxmail
-CVE-2005-0338 (Buffer overflow in Savant Web Server 3.1 allows remote attackers to ...)
+CVE-2005-0338
 	NOT-FOR-US: Savant Web Server
-CVE-2005-0337 (Postfix 2.1.3, when /proc/net/if_inet6 is not available and ...)
+CVE-2005-0337
 	- postfix 2.1.4-5
-CVE-2005-0336 (Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web ...)
+CVE-2005-0336
 	NOT-FOR-US: eMotion MediaPartner
-CVE-2005-0335 (Directory traversal vulnerability in EMotion MediaPartner Web Server ...)
+CVE-2005-0335
 	NOT-FOR-US: eMotion MediaPartner
-CVE-2005-0334 (Linksys PSUS4 running firmware 6032 allows remote attackers to cause a ...)
+CVE-2005-0334
 	NOT-FOR-US: Linksys
-CVE-2005-0333 (LANChat Pro Revival 1.666c allows remote attackers to cause a denial ...)
+CVE-2005-0333
 	NOT-FOR-US: LanChat
-CVE-2005-0332 (Directory traversal vulnerability in DeskNow Mail and Collaboration ...)
+CVE-2005-0332
 	NOT-FOR-US: DeskNow Mail server
-CVE-2005-0331 (Directory traversal vulnerability in WinRAR 3.42 and earlier, when the ...)
+CVE-2005-0331
 	NOT-FOR-US: Winrar
-CVE-2005-0330 (Buffer overflow in Painkiller 1.35 and earlier, and possibly other ...)
+CVE-2005-0330
 	NOT-FOR-US: Painkiller
-CVE-2005-0329 (Directory traversal vulnerability in ZipGenius 5.5 and earlier allows ...)
+CVE-2005-0329
 	NOT-FOR-US: ZipGenius
-CVE-2005-0328 (Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest ...)
+CVE-2005-0328
 	NOT-FOR-US: Netgear
-CVE-2005-0327 (pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute ...)
+CVE-2005-0327
 	NOT-FOR-US: PafileDB
-CVE-2005-0326 (pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive ...)
+CVE-2005-0326
 	NOT-FOR-US: PafileDB
-CVE-2005-0325 (Xpand Rally 1.0.0.0 allows remote attackers or remote malicious game ...)
+CVE-2005-0325
 	NOT-FOR-US: Xpand Rally
-CVE-2005-0324 (Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain ...)
+CVE-2005-0324
 	NOT-FOR-US: Infinite Mobile Delivery Webmail
-CVE-2005-0323 (Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery ...)
+CVE-2005-0323
 	NOT-FOR-US: Infinite Mobile Delivery Webmail
-CVE-2005-0322 (MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server ...)
+CVE-2005-0322
 	NOT-FOR-US: Merak Mail server
-CVE-2005-0321 (MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote ...)
+CVE-2005-0321
 	NOT-FOR-US: Merak Mail server
-CVE-2005-0320 (Multiple cross-site scripting vulnerabilities in MERAK Mail Server ...)
+CVE-2005-0320
 	NOT-FOR-US: Merak Mail server
-CVE-2005-0319 (Direct remote injection vulnerability in modalfram.wdm in Alt-N ...)
+CVE-2005-0319
 	NOT-FOR-US: Webadmin
-CVE-2005-0318 (useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly ...)
+CVE-2005-0318
 	NOT-FOR-US: Webadmin
-CVE-2005-0317 (Cross-site scripting (XSS) vulnerability in useredit_account.wdm in ...)
+CVE-2005-0317
 	NOT-FOR-US: Webadmin
-CVE-2005-0316 (WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not ...)
+CVE-2005-0316
 	NOT-FOR-US: WebWasher
-CVE-2005-0315 (The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify ...)
+CVE-2005-0315
 	NOT-FOR-US: Magic Winmail
-CVE-2005-0314 (Cross-site scripting (XSS) vulnerability in user.php in Magic Winmail ...)
+CVE-2005-0314
 	NOT-FOR-US: Magic Winmail
-CVE-2005-0313 (Multiple directory traversal vulnerabilities in Magic Winmail Server ...)
+CVE-2005-0313
 	NOT-FOR-US: Magic Winmail
-CVE-2005-0312 (WarFTPD 1.82 RC9, when running as an NT service, allows remote ...)
+CVE-2005-0312
 	NOT-FOR-US: WarFTPD under NT
-CVE-2005-0311 (Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session ...)
+CVE-2005-0311
 	NOT-FOR-US: Ingate
-CVE-2005-0310 (Exponent 0.95 allows remote attackers to obtain sensitive information ...)
+CVE-2005-0310
 	NOT-FOR-US: Exponent
-CVE-2005-0309 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php ...)
+CVE-2005-0309
 	NOT-FOR-US: Exponent
-CVE-2005-0308 (Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier ...)
+CVE-2005-0308
 	NOT-FOR-US: W32Dasm
-CVE-2005-0307 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2005-0307
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0306 (MercuryBoard 1.1.1 allows remote attackers to gain sensitive ...)
+CVE-2005-0306
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0305 (CRLF injection vulnerability in users.php in Siteman 1.1.10 and ...)
+CVE-2005-0305
 	NOT-FOR-US: Siteman
-CVE-2005-0304 (Directory traversal vulnerability in DivX Player 2.6 and earlier ...)
+CVE-2005-0304
 	NOT-FOR-US: DivX Player
-CVE-2005-0303 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2005-0303
 	NOT-FOR-US: BackOffice Lite
-CVE-2005-0302 (SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and ...)
+CVE-2005-0302
 	NOT-FOR-US: BackOffice Lite
-CVE-2005-0301 (comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 ...)
+CVE-2005-0301
 	NOT-FOR-US: BackOffice Lite
-CVE-2005-0300 (Directory traversal vulnerability in session.php in JSBoard 2.0.9 and ...)
+CVE-2005-0300
 	- jsboard 2.0.10-1
-CVE-2005-0299 (Directory traversal vulnerability in GForge 3.3 and earlier allows ...)
+CVE-2005-0299
 	- gforge 3.1-26
-CVE-2005-0298 (The DIRECTORY objects in Oracle 8i through Oracle 10g contain the ...)
+CVE-2005-0298
 	NOT-FOR-US: Oracle
-CVE-2005-0297 (SQL injection vulnerability in Oracle Database 9i and 10g allows ...)
+CVE-2005-0297
 	NOT-FOR-US: Oracle
-CVE-2005-0296 (** DISPUTED ** ...)
+CVE-2005-0296
 	NOT-FOR-US: Novell
-CVE-2005-0295 (npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any ...)
+CVE-2005-0295
 	NOT-FOR-US: nProtect
-CVE-2005-0294 (minis.php in Minis 0.2.1 allows remote attackers to cause a denial of ...)
+CVE-2005-0294
 	NOT-FOR-US: Minis
-CVE-2005-0293 (Directory traversal vulnerability in minis.php in Minis 0.2.1 allows ...)
+CVE-2005-0293
 	NOT-FOR-US: Minis
-CVE-2005-0292 (Multiple SQL injection vulnerabilities in index.php in PHP Gift ...)
+CVE-2005-0292
 	NOT-FOR-US: phpGiftReg
-CVE-2005-0291 (Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR ...)
+CVE-2005-0291
 	NOT-FOR-US: NetGear
-CVE-2005-0290 (NETGEAR FVS318 running firmware 2.4, and possibly other versions, ...)
+CVE-2005-0290
 	NOT-FOR-US: NetGear
-CVE-2005-0289 (Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, ...)
+CVE-2005-0289
 	NOT-FOR-US: Apple
-CVE-2005-0288 (The change password functionality in Bottomline Webseries Payment ...)
+CVE-2005-0288
 	NOT-FOR-US: BottomLine WebSeries
-CVE-2005-0287 (Bottomline Webseries Payment Application allows remote attackers to ...)
+CVE-2005-0287
 	NOT-FOR-US: BottomLine WebSeries
-CVE-2005-0286 (eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to ...)
+CVE-2005-0286
 	NOT-FOR-US: eMotion MediaPartner
-CVE-2005-0285 (Webseries Payment Application does not properly restrict privileged ...)
+CVE-2005-0285
 	NOT-FOR-US: BottomLine WebSeries
-CVE-2005-0283 (Directory traversal vulnerability in index.php in QwikiWiki allows ...)
+CVE-2005-0283
 	NOT-FOR-US: QwikiWiki
-CVE-2005-0282 (SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) ...)
+CVE-2005-0282
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-0281 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+CVE-2005-0281
 	NOT-FOR-US: Soldner Secret
-CVE-2005-0280 (Format string vulnerability in Soldner Secret Wars 30830 and earlier ...)
+CVE-2005-0280
 	NOT-FOR-US: Soldner Secret
-CVE-2005-0279 (Soldner Secret Wars 30830 and earlier does not properly handle the ...)
+CVE-2005-0279
 	NOT-FOR-US: Soldner Secret
-CVE-2005-0278 (The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote ...)
+CVE-2005-0278
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0277 (Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 ...)
+CVE-2005-0277
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0276 (Multiple format string vulnerabilities in the FTP service in 3Com ...)
+CVE-2005-0276
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0275 (TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause ...)
+CVE-2005-0275
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0274 (Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php ...)
+CVE-2005-0274
 	NOT-FOR-US: PhotoPost
-CVE-2005-0273 (Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost ...)
+CVE-2005-0273
 	NOT-FOR-US: PhotoPost
-CVE-2005-0272 (ReviewPost PHP Pro before 2.84 allows remote attackers to upload and ...)
+CVE-2005-0272
 	NOT-FOR-US: ReviewPost
-CVE-2005-0271 (Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before ...)
+CVE-2005-0271
 	NOT-FOR-US: ReviewPost
-CVE-2005-0270 (Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP ...)
+CVE-2005-0270
 	NOT-FOR-US: ReviewPost
-CVE-2005-0269 (The file extension check in GNUBoard 3.40 and earlier only verifies ...)
+CVE-2005-0269
 	NOT-FOR-US: GNUBoard
-CVE-2005-0268 (Direct code injection vulnerability in FlatNuke 2.5.1 allows remote ...)
+CVE-2005-0268
 	NOT-FOR-US: FlatNuke
-CVE-2005-0267 (index.php in FlatNuke 2.5.1 allows remote attackers to create an ...)
+CVE-2005-0267
 	NOT-FOR-US: FlatNuke
-CVE-2005-0266 (Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X ...)
+CVE-2005-0266
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2005-0265 (Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and ...)
+CVE-2005-0265
 	NOT-FOR-US: OWL intranet
-CVE-2005-0264 (Multiple cross-site scripting (XSS) vulnerabilities in browse.php in ...)
+CVE-2005-0264
 	NOT-FOR-US: OWL intranet
-CVE-2005-0263 (Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users ...)
+CVE-2005-0263
 	NOT-FOR-US: AIX
-CVE-2005-0262 (Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local ...)
+CVE-2005-0262
 	NOT-FOR-US: AIX
-CVE-2005-0261 (lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop ...)
+CVE-2005-0261
 	NOT-FOR-US: AIX
-CVE-2005-0260 (Stack-based buffer overflow in the Discovery Service for BrightStor ...)
+CVE-2005-0260
 	NOT-FOR-US: ARCserve Backup
-CVE-2005-0259 (phpBB 2.0.11, and possibly other versions, with remote avatars and ...)
+CVE-2005-0259
 	- phpbb2 2.0.12-1
-CVE-2005-0258 (Directory traversal vulnerability in (1) usercp_register.php and (2) ...)
+CVE-2005-0258
 	- phpbb2 2.0.12-1
 CVE-2005-0257
 	RESERVED
-CVE-2005-0256 (The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 ...)
+CVE-2005-0256
 	{DSA-705-1}
 	- wu-ftpd 2.6.2-19
-CVE-2005-0255 (String handling functions in Mozilla 1.7.3, Firefox 1.0, and ...)
+CVE-2005-0255
 	- mozilla-firefox 1.0.1
 	NOTE: didn't other with YA mozilla-browser bug, it has enough for 1.7.6 already..
 	- mozilla 2:1.7.6
-CVE-2005-0254 (BibORB 1.3.2, and possibly earlier versions, does not properly enforce ...)
+CVE-2005-0254
 	NOT-FOR-US: BibORB
-CVE-2005-0253 (Directory traversal vulnerability in index.php for BibORB 1.3.2, and ...)
+CVE-2005-0253
 	NOT-FOR-US: BibORB
-CVE-2005-0252 (SQL injection vulnerability in BibORB 1.3.2, and possibly earlier ...)
+CVE-2005-0252
 	NOT-FOR-US: BibORB
-CVE-2005-0251 (Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB ...)
+CVE-2005-0251
 	NOT-FOR-US: BibORB
-CVE-2005-0250 (Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and ...)
+CVE-2005-0250
 	NOT-FOR-US: AIX
-CVE-2005-0249 (Heap-based buffer overflow in the DEC2EXE module for Symantec ...)
+CVE-2005-0249
 	NOT-FOR-US: Symantec AntiVirus Library
-CVE-2005-0248 (The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when ...)
+CVE-2005-0248
 	NOT-FOR-US: Solaris
-CVE-2005-0247 (Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier ...)
+CVE-2005-0247
 	{DSA-683-1}
 	- postgresql 7.4.7-2
-CVE-2005-0246 (The intagg contrib module for PostgreSQL 8.0.0 and earlier allows ...)
+CVE-2005-0246
 	- postgresql 7.4.7-1
-CVE-2005-0245 (Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow ...)
+CVE-2005-0245
 	{DSA-683-1}
 	- postgresql 7.4.7-1
-CVE-2005-0244 (PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE ...)
+CVE-2005-0244
 	- postgresql 7.4.7-1
-CVE-2005-0243 (Yahoo! Messenger 6.0.0.1750, and possibly other versions before ...)
+CVE-2005-0243
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2005-0242 (The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and ...)
+CVE-2005-0242
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2005-0241 (The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 ...)
+CVE-2005-0241
 	- squid 2.5.7-7
-CVE-2005-0240 (Format string vulnerability in chdev on IBM AIX 5.2 allows local users ...)
+CVE-2005-0240
 	NOT-FOR-US: AIX
-CVE-2005-0239 (viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows ...)
+CVE-2005-0239
 	NOT-FOR-US: S/MIME plugin
-CVE-2005-0238 (The International Domain Name (IDN) support in Epiphany allows remote ...)
+CVE-2005-0238
 	NOTE: upstream bug https://bugzilla.mozilla.org/show_bug.cgi?id=281381
 	- epiphany-browser 1.4.8-2
-CVE-2005-0237 (The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE ...)
+CVE-2005-0237
 	- kdelibs 4:3.3.2-3
-CVE-2005-0236 (The International Domain Name (IDN) support in Omniweb 5 allows remote ...)
+CVE-2005-0236
 	NOT-FOR-US: Omniweb
-CVE-2005-0235 (The International Domain Name (IDN) support in Opera 7.54 allows ...)
+CVE-2005-0235
 	NOT-FOR-US: Opera
-CVE-2005-0234 (The International Domain Name (IDN) support in Safari 1.2.5 allows ...)
+CVE-2005-0234
 	NOT-FOR-US: Safari
-CVE-2005-0233 (The International Domain Name (IDN) support in Firefox 1.0, Camino ...)
+CVE-2005-0233
 	NOTE: IDN is now disabled by default in firefox, but there may be a more elegant
 	NOTE: solution in the future
 	- mozilla-firefox 1.0.1-1
 	- mozilla 2:1.7.6-1
-CVE-2005-0232 (Firefox 1.0 allows remote attackers to modify Boolean configuration ...)
+CVE-2005-0232
 	- mozilla-firefox 1.0+dfsg.1-6
-CVE-2005-0231 (Firefox 1.0 does not invoke the Javascript Security Manager when a ...)
+CVE-2005-0231
 	- mozilla-firefox 1.0+dfsg.1-6
-CVE-2005-0230 (Firefox 1.0 does not prevent the user from dragging an executable file ...)
+CVE-2005-0230
 	NOTE: I don't know if this could work under Linux, anything I drag on the Desktop from firefox is convert to a Link
 	NOTE: "when it has an image/gif content type but has a dangerous extension such as .bat or .exe, allows remote attackers
 	NOTE: to ... execute arbitrary commands via malformed GIF files ... parsed by the Windows batch file parser
 	NOTE: any interpretor would require the file to be +x to execute it and then would spit if handed a GIF
 	NOTE: < vorlon> hacim: it's specific to Windows, home to the dumbest interpreter on the planet.
 	- mozilla-firefox <not-affected> (Affects only Firefox on Windows)
-CVE-2005-0229 (CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file ...)
+CVE-2005-0229
 	NOT-FOR-US: CitrusDB
 CVE-2005-0228
 	REJECTED
-CVE-2005-0227 (PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users ...)
+CVE-2005-0227
 	{DSA-668-1}
 	- postgresql 7.4.7-1
-CVE-2005-0226 (Format string vulnerability in the Log_Resolver function in log.c for ...)
+CVE-2005-0226
 	NOT-FOR-US: ngIRCd
-CVE-2005-0225 (firehol.sh in FireHOL before 1.224 creates temporary files with ...)
+CVE-2005-0225
 	- firehol 1.214-4
-CVE-2005-0224 (Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 ...)
+CVE-2005-0224
 	NOT-FOR-US: HP-UX
-CVE-2005-0223 (The Software Development Kit (SDK) and Run Time Environment (RTE) ...)
+CVE-2005-0223
 	NOT-FOR-US: Java SDK and RTE for Tru64 UNIX
-CVE-2005-0222 (main.php in Gallery 2.0 Alpha allows remote attackers to gain ...)
+CVE-2005-0222
 	- gallery 1.4.4-pl5-1
-CVE-2005-0221 (Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 ...)
+CVE-2005-0221
 	- gallery 1.4.4-pl5-1
-CVE-2005-0220 (Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 ...)
+CVE-2005-0220
 	- gallery 1.4.4-pl5-1
-CVE-2005-0219 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery ...)
+CVE-2005-0219
 	- gallery 1.4.4-pl5-1
-CVE-2005-0217 (SQL injection vulnerability in index.php in Invision Community Blog ...)
+CVE-2005-0217
 	NOT-FOR-US: Invision Community Blog
-CVE-2005-0216 (Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab ...)
+CVE-2005-0216
 	NOT-FOR-US: Woltlab Burning Board Lite
-CVE-2005-0215 (Mozilla 1.6 and possibly other versions allows remote attackers to ...)
+CVE-2005-0215
 	- mozilla <not-affected> (Mozilla 1.6 for Windows)
-CVE-2005-0214 (Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c ...)
+CVE-2005-0214
 	NOT-FOR-US: SPHPBlog
-CVE-2005-0213 (Directory traversal vulnerability in WinHKI 1.4d allows remote ...)
+CVE-2005-0213
 	NOT-FOR-US: WinHKI
-CVE-2005-0212 (The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier ...)
+CVE-2005-0212
 	NOT-FOR-US: The Amp II engine as used by Gore: Ultimate Soldier
-CVE-2005-0211 (Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows ...)
+CVE-2005-0211
 	{DSA-667-1}
 	- squid 2.5.7-6
-CVE-2005-0210 (Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a ...)
+CVE-2005-0210
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 2.6.8-15
 	- kernel-source-2.4.27 2.4.27-9 (bug #300838)
-CVE-2005-0209 (Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a ...)
+CVE-2005-0209
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2005-0208 (The HTML parsing functions in Gaim before 1.1.4 allow remote attackers ...)
+CVE-2005-0208
 	- gaim 1:1.1.4
-CVE-2005-0207 (Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows ...)
+CVE-2005-0207
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 ...)
+CVE-2005-0206
 	- xpdf <not-affected> (Initial Debian fix was already correct)
 	- gpdf <not-affected> (Initial Debian fix was already correct)
 	- kdegraphics <not-affected> (Initial Debian fix was already correct)
@@ -11030,85 +11030,85 @@ CVE-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.
 	- cupsys 1.1.22-7
 	NOTE: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393
 	NOTE: cupsys uses an external xpdf now.
-CVE-2005-0205 (KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain ...)
+CVE-2005-0205
 	{DSA-692-1}
 	- kdenetwork 4:3.1.6
-CVE-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T ...)
+CVE-2005-0204
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-9 (bug #296700; high)
 CVE-2005-0203
 	REJECTED
-CVE-2005-0202 (Directory traversal vulnerability in the true_path function in ...)
+CVE-2005-0202
 	{DSA-674-1}
 	- mailman 2.1.5-6
-CVE-2005-0201 (D-BUS (dbus) before 0.22 does not properly restrict access to a ...)
+CVE-2005-0201
 	- dbus 0.22
-CVE-2005-0200 (TikiWiki before 1.8.5 does not properly validate files that have been ...)
+CVE-2005-0200
 	NOT-FOR-US: TikiWiki
-CVE-2005-0199 (Integer underflow in the Lists_MakeMask() function in lists.c in ...)
+CVE-2005-0199
 	NOT-FOR-US: ngIRCd
-CVE-2005-0197 (Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol ...)
+CVE-2005-0197
 	NOT-FOR-US: Cisco
-CVE-2005-0196 (Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp ...)
+CVE-2005-0196
 	NOT-FOR-US: Cisco
-CVE-2005-0195 (Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a ...)
+CVE-2005-0195
 	NOT-FOR-US: Cisco
-CVE-2005-0194 (Squid 2.5, when processing the configuration file, parses empty Access ...)
+CVE-2005-0194
 	{DSA-667-1}
 	- squid 2.5.7-7
-CVE-2005-0193 (Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync ...)
+CVE-2005-0193
 	NOT-FOR-US: mRouter in iSync in OS X
-CVE-2005-0192 (Directory traversal vulnerability in the parsing of Skin file names in ...)
+CVE-2005-0192
 	NOT-FOR-US: RealPlayer
-CVE-2005-0191 (Off-by-one buffer overflow in the processing of tags in Real Metadata ...)
+CVE-2005-0191
 	NOT-FOR-US: RealPlayer
-CVE-2005-0190 (Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and ...)
+CVE-2005-0190
 	NOT-FOR-US: RealPlayer
-CVE-2005-0189 (Stack-based buffer overflow in the HandleAction function in RealPlayer ...)
+CVE-2005-0189
 	NOT-FOR-US: RealPlayer
-CVE-2005-0188 (Format string vulnerability in the SetBaseURL function in AtHoc ...)
+CVE-2005-0188
 	NOT-FOR-US: AtHoc toolbar
-CVE-2005-0187 (Stack-based buffer overflow in the SetSkin function in AtHoc toolbar ...)
+CVE-2005-0187
 	NOT-FOR-US: AtHoc toolbar
-CVE-2005-0186 (Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS ...)
+CVE-2005-0186
 	NOT-FOR-US: Cisco
-CVE-2005-0185 (Stack-based buffer overflow in NodeManager Professional 2.00 allows ...)
+CVE-2005-0185
 	NOT-FOR-US: NodeManager Professional
-CVE-2005-0184 (Directory traversal vulnerability in ftpfile in the Vacation plugin ...)
+CVE-2005-0184
 	NOT-FOR-US: vacation plugin
-CVE-2005-0183 (ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail ...)
+CVE-2005-0183
 	NOT-FOR-US: vacation plugin
-CVE-2005-0182 (The mod_dosevasive module 1.9 and earlier for Apache creates temporary ...)
+CVE-2005-0182
 	NOT-FOR-US: mod_dosevasive module for apache
 CVE-2005-0181
 	RESERVED
-CVE-2005-0180 (Multiple integer signedness errors in the sg_scsi_ioctl function in ...)
+CVE-2005-0180
 	[sarge] - kernel-source-2.6.8 2.6.8-12
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 <not-affected> (intlen and outlen are unsigned in 2.4)
-CVE-2005-0179 (Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of ...)
+CVE-2005-0179
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was only introduced in 2.6.9)
 	- linux-2.6 <not-affected> (Fixed before initial release)
-CVE-2005-0178 (Race condition in the setsid function in Linux before 2.6.8.1 allows ...)
+CVE-2005-0178
 	- kernel-source-2.4.27 <not-affected> (v2.4 is safe because back there current->signal was not shared.)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8.1)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0177 (nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, ...)
+CVE-2005-0177
 	- kernel-source-2.4.27 <not-affected> (According to joshk, doesn't apply to 2.4.27)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8.1)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0176 (The shmctl function in Linux 2.6.9 and earlier allows local users to ...)
+CVE-2005-0176
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2005-0218 (ClamAV 0.80 and earlier allows remote attackers to bypass virus ...)
+CVE-2005-0218
 	- clamav 0.81
-CVE-2005-0198 (A logic error in the CRAM-MD5 code for the University of Washington ...)
+CVE-2005-0198
 	- uw-imap 7:2002edebian1-6
-CVE-2005-0175 (Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the ...)
+CVE-2005-0175
 	{DSA-667-1}
 	- squid 2.5.7-6
-CVE-2005-0174 (Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the ...)
+CVE-2005-0174
 	- squid 2.5.7-6
-CVE-2005-0173 (squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated ...)
+CVE-2005-0173
 	{DSA-667-1}
 	- squid 2.5.7-4
 CVE-2005-0172
@@ -11131,255 +11131,255 @@ CVE-2005-0164
 	RESERVED
 CVE-2005-0163
 	RESERVED
-CVE-2005-0162 (Stack-based buffer overflow in the get_internal_addresses function in ...)
+CVE-2005-0162
 	- openswan 2.3.0-2
 	- freeswan <not-affected>
-CVE-2005-0161 (Multiple directory traversal vulnerabilities in unace 1.2b allow ...)
+CVE-2005-0161
 	- unace 1.2b-3
-CVE-2005-0160 (Multiple buffer overflows in unace 1.2b allow attackers to execute ...)
+CVE-2005-0160
 	- unace 1.2b-3
-CVE-2005-0159 (The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian ...)
+CVE-2005-0159
 	{DSA-679-1}
 	- toolchain-source 3.4-5
-CVE-2005-0158 (Format string vulnerability in bidwatcher before 1.3.17 allows remote ...)
+CVE-2005-0158
 	{DSA-687-1}
 	- bidwatcher 1.3.17-1
-CVE-2005-0157 (The confirm add-on in SmartList 3.15 and earlier allows attackers to ...)
+CVE-2005-0157
 	{DSA-720-1}
 	- smartlist 3.15-18
-CVE-2005-0156 (Buffer overflow in the PerlIO implementation in Perl 5.8.0, when ...)
+CVE-2005-0156
 	- perl 5.8.4-6
-CVE-2005-0155 (The PerlIO implementation in Perl 5.8.0, when installed with setuid ...)
+CVE-2005-0155
 	- perl 5.8.4-6
 	- mooix 1.0rc5.pre4
 CVE-2005-0154
 	RESERVED
 CVE-2005-0153
 	RESERVED
-CVE-2005-0152 (PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows ...)
+CVE-2005-0152
 	{DSA-662-1}
 	- squirrelmail 1:1.2.7-1
 	NOTE: This bug exists only in version 1.2.6.
-CVE-2005-0151 (Unknown vulnerability in the installation of Adobe License Management ...)
+CVE-2005-0151
 	NOT-FOR-US: Adobe License Management Software
-CVE-2005-0150 (Firefox before 1.0 allows the user to store a (1) javascript: or (2) ...)
+CVE-2005-0150
 	- mozilla-firefox 1.0
-CVE-2005-0149 (Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not ...)
+CVE-2005-0149
 	- mozilla-thunderbird 0.7
 	- mozilla 2:1.7.4
-CVE-2005-0148 (Thunderbird before 0.9, when running on Windows systems, uses the ...)
+CVE-2005-0148
 	- mozilla-thunderbird <not-affected> (Affects only Thunderbird on Windows)
-CVE-2005-0147 (Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a ...)
+CVE-2005-0147
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0146 (Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to ...)
+CVE-2005-0146
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0145 (Firefox before 1.0 does not properly distinguish between ...)
+CVE-2005-0145
 	- mozilla-firefox 1.0
-CVE-2005-0144 (Firefox before 1.0 and Mozilla before 1.7.5 display the secure site ...)
+CVE-2005-0144
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0143 (Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon ...)
+CVE-2005-0143
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0142 (Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and ...)
+CVE-2005-0142
 	- mozilla-firefox 1.0
 	- mozilla-thunderbird 0.7
 	- mozilla 2:1.7.5
-CVE-2005-0141 (Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to ...)
+CVE-2005-0141
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0140 (Buffer overflow in PeID allows attackers to execute arbitrary code via ...)
+CVE-2005-0140
 	NOT-FOR-US: PeID
-CVE-2005-0139 (Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and ...)
+CVE-2005-0139
 	NOT-FOR-US: Irix
-CVE-2005-0138 (rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly ...)
+CVE-2005-0138
 	NOT-FOR-US: Irix
-CVE-2005-0137 (Linux kernel 2.6 on Itanium (ia64) architectures allows local users to ...)
+CVE-2005-0137
 	- linux-2.6 <not-affected>
 	- kernel-source-2.4.27 2.4.27-10 (bug #308584)
-CVE-2005-0136 (The Linux kernel before 2.6.11 on the Itanium IA64 platform has ...)
+CVE-2005-0136
 	[sarge] - kernel-source-2.6.8 2.6.8-14
 	- linux-2.6 2.6.11
-CVE-2005-0135 (The unw_unwind_to_user function in unwind.c on Itanium (ia64) ...)
+CVE-2005-0135
 	{DSA-1082-1 DSA-1070-1 DSA-1067-1}
 	- linux-2.6 <not-affected>
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0134 (The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly ...)
+CVE-2005-0134
 	NOT-FOR-US: SCO UnixWare
-CVE-2005-0133 (ClamAV 0.80 and earlier allows remote attackers to cause a denial of ...)
+CVE-2005-0133
 	- clamav 0.80-0.81rc1-1
 CVE-2005-0132
 	RESERVED
-CVE-2005-0131 (The Quick Connection dialog in Konversation 0.15 inadvertently uses ...)
+CVE-2005-0131
 	- konversation 0.15-3
-CVE-2005-0130 (Certain Perl scripts in Konversation 0.15 allow remote attackers to ...)
+CVE-2005-0130
 	- konversation 0.15-3
-CVE-2005-0129 (The Quick Buttons feature in Konversation 0.15 allows remote attackers ...)
+CVE-2005-0129
 	- konversation 0.15-3
 CVE-2005-0128
 	REJECTED
-CVE-2005-0127 (Mail in Mac OS X 10.3.7, when generating a Message-ID header, ...)
+CVE-2005-0127
 	NOT-FOR-US: MacOS
-CVE-2005-0126 (ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute ...)
+CVE-2005-0126
 	NOT-FOR-US: MacOS
-CVE-2005-0125 (The &quot;at&quot; commands on Mac OS X 10.3.7 and earlier do not properly drop ...)
+CVE-2005-0125
 	NOT-FOR-US: MacOS
-CVE-2005-0124 (The coda_pioctl function in the coda functionality (pioctl.c) for ...)
+CVE-2005-0124
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1 DSA-1017-1}
 	- linux-2.6 2.6.12-1
 CVE-2005-0123
 	REJECTED
 CVE-2005-0122
 	REJECTED
-CVE-2005-0121 (Multiple buffer overflows in golddig 2.0 and earlier allow local users ...)
+CVE-2005-0121
 	NOT-FOR-US: golddig
-CVE-2005-0120 (helvis 1.8h2_1 and earlier allows local users to delete arbitrary ...)
+CVE-2005-0120
 	NOT-FOR-US: helvis
-CVE-2005-0119 (helvis 1.8h2_1 and earlier allows local users to recover and read the ...)
+CVE-2005-0119
 	NOT-FOR-US: helvis
-CVE-2005-0118 (helvis 1.8h2_1 and earlier stores recovery files in world readable ...)
+CVE-2005-0118
 	NOT-FOR-US: helvis
-CVE-2005-0117 (Buffer overflow in XShisen before 1.36 allows local users to execute ...)
+CVE-2005-0117
 	- xshisen 1.51-1-1.1 (bug #289784)
-CVE-2005-0116 (AWStats 6.1, and other versions before 6.3, allows remote attackers to ...)
+CVE-2005-0116
 	- awstats 6.2-1.1
-CVE-2005-0115 (Stack-based buffer overflow in DataRescue Interactive Disassembler ...)
+CVE-2005-0115
 	NOT-FOR-US: DataRescue Interactive Disassembler
-CVE-2005-0114 (vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm ...)
+CVE-2005-0114
 	NOT-FOR-US: ZoneAlarm
-CVE-2005-0113 (inpview in SGI IRIX allows local users to execute arbitrary commands ...)
+CVE-2005-0113
 	NOT-FOR-US: IRIX
-CVE-2005-0112 (The web-based administrative interface for 3Com OfficeConnect Wireless ...)
+CVE-2005-0112
 	NOT-FOR-US: 3Com OfficeConnect Wireless 11g Access Point
-CVE-2005-0111 (Stack-based buffer overflow in the websql CGI program in MySQL MaxDB ...)
+CVE-2005-0111
 	- maxdb-7.5.00 7.5.00.18
-CVE-2005-0110 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to ...)
+CVE-2005-0110
 	NOT-FOR-US: MSIE
-CVE-2005-0109 (Hyper-Threading technology, as used in FreeBSD and other operating ...)
+CVE-2005-0109
 	NOTE: According to Linus Torvalds and others on linux-kernel this is a theoretical
 	NOTE: attack, paranoid people should disable hyper threading
 	- kfreebsd5-source 5.3-11
-CVE-2005-0108 (Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote ...)
+CVE-2005-0108
 	{DSA-659-1}
 	- libapache-mod-auth-radius 1.5.7-6
 	- libpam-radius-auth 1.3.16-3
-CVE-2005-0107 (bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, ...)
+CVE-2005-0107
 	{DSA-690-1}
 	- bsmtpd 2.3pl8b-16
-CVE-2005-0106 (SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file ...)
+CVE-2005-0106
 	- libnet-ssleay-perl 1.25-1.1
-CVE-2005-0105 (Unknown vulnerability in typespeed 0.4.1 and earlier allows local ...)
+CVE-2005-0105
 	{DSA-684-1}
 	- typespeed 0.4.4-8
-CVE-2005-0104 (Cross-site scripting (XSS) vulnerability in webmail.php in ...)
+CVE-2005-0104
 	{DSA-662-1}
 	- squirrelmail 2:1.4.4
-CVE-2005-0103 (PHP remote file inclusion vulnerability in webmail.php in SquirrelMail ...)
+CVE-2005-0103
 	- squirrelmail 2:1.4.4-1
-CVE-2005-0102 (Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier ...)
+CVE-2005-0102
 	{DSA-673-1}
 	- evolution 2.0.3-1.2 (bug #295548)
-CVE-2005-0101 (Buffer overflow in the socket_getline function in Newspost 2.1.1 and ...)
+CVE-2005-0101
 	- newspost 2.1.1-2
-CVE-2005-0100 (Format string vulnerability in the movemail utility in (1) Emacs 20.x, ...)
+CVE-2005-0100
 	{DSA-685-1 DSA-671-1 DSA-670-1}
 	- emacs21 21.3+1-9
 	- xemacs21 21.4.16-2
-CVE-2005-0099 (The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop ...)
+CVE-2005-0099
 	{DSA-691-1}
 	- abuse <removed>
-CVE-2005-0098 (Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before ...)
+CVE-2005-0098
 	{DSA-691-1}
 	- abuse <removed>
-CVE-2005-0097 (The NTLM component in Squid 2.5.STABLE7 and earlier allows remote ...)
+CVE-2005-0097
 	- squid 2.5.7-4
-CVE-2005-0096 (Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and ...)
+CVE-2005-0096
 	- squid 2.5.7-4
-CVE-2005-0095 (The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows ...)
+CVE-2005-0095
 	{DSA-651-1}
 	- squid 2.5.7-4
-CVE-2005-0094 (Buffer overflow in the gopherToHTML function in the Gopher reply ...)
+CVE-2005-0094
 	{DSA-651-1}
 	- squid 2.5.7-4
 CVE-2005-0093
 	REJECTED
-CVE-2005-0092 (Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB ...)
+CVE-2005-0092
 	- linux-2.6 <not-affected> (Apparently specific to Red hat hugemem kernel)
-CVE-2005-0091 (Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB ...)
+CVE-2005-0091
 	- linux-2.6 <not-affected> (Apparently specific to Red hat hugemem kernel)
-CVE-2005-0090 (A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB ...)
+CVE-2005-0090
 	- linux-2.6 <not-affected> (Apparently specific to Red hat hugemem kernel)
-CVE-2005-0089 (The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, ...)
+CVE-2005-0089
 	{DSA-666-1}
 	- python2.2 2.2.3-14
 	- python2.3 2.3.4+2.3.5c1-2
 	- python2.4 2.4-5
-CVE-2005-0088 (The publisher handler for mod_python 2.7.8 and earlier allows remote ...)
+CVE-2005-0088
 	{DSA-689-1}
 	- libapache2-mod-python 3.1.3-3
 	- libapache-mod-python 2:2.7.10-4
-CVE-2005-0087 (The alsa-lib package in Red Hat Linux 4 disables stack protection for ...)
+CVE-2005-0087
 	NOTE: debian does not have stack protection, but it's fixed anyway since 1.0.9
 	- alsa-lib 1.0.9-1 (unimportant)
-CVE-2005-0086 (Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 ...)
+CVE-2005-0086
 	- less <not-affected> (Red Hat specific less bug)
-CVE-2005-0085 (Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before ...)
+CVE-2005-0085
 	{DSA-680-1}
 	- htdig 1:3.1.6-11 (bug #305996)
-CVE-2005-0084 (Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 ...)
+CVE-2005-0084
 	{DSA-653-1}
 	- ethereal 0.10.9-1
-CVE-2005-0083 (MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and ...)
+CVE-2005-0083
 	- maxdb-7.5.00 7.5.00.24-1
-CVE-2005-0082 (The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other ...)
+CVE-2005-0082
 	- maxdb-7.5.00 7.5.00.21-1
-CVE-2005-0081 (MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote ...)
+CVE-2005-0081
 	- maxdb-7.5.00 7.5.00.21-1
-CVE-2005-0080 (The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 ...)
+CVE-2005-0080
 	- mailman 2.1.5-5
-CVE-2005-0079 (Buffer overflow in xtrlock 2.0 allows local users to cause a denial of ...)
+CVE-2005-0079
 	{DSA-649-1}
 	- xtrlock 2.0-9
-CVE-2005-0078 (The KDE screen saver in KDE before 3.0.5 does not properly check the ...)
+CVE-2005-0078
 	{DSA-660-1}
 	- kdebase 4:3.0.5
-CVE-2005-0077 (The DBI library (libdbi-perl) for Perl allows local users to overwrite ...)
+CVE-2005-0077
 	{DSA-658-1}
 	- libdbi-perl 1.46-6
-CVE-2005-0076 (Multiple buffer overflows in the XView library 3.2 may allow local ...)
+CVE-2005-0076
 	{DSA-672-1}
 	- xview 3.2p1.4-19
-CVE-2005-0075 (prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, ...)
+CVE-2005-0075
 	- squirrelmail 2:1.4.4-1
-CVE-2005-0074 (Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to ...)
+CVE-2005-0074
 	{DSA-676-1}
 	- xpcd 2.08-11.1 (bug #294793)
-CVE-2005-0073 (Buffer overflow in queue.c in a support script for sympa 3.3.3, when ...)
+CVE-2005-0073
 	{DSA-677-1}
 	- sympa 4.1.2-2.1
-CVE-2005-0072 (zhcon before 0.2 does not drop privileges before reading a user ...)
+CVE-2005-0072
 	{DSA-655-1}
 	- zhcon 1:0.2.3-8.1 (bug #292210)
-CVE-2005-0071 (vdr before 1.2.6 does not securely create files, which allows ...)
+CVE-2005-0071
 	{DSA-656-1}
 	- vdr 1.2.6-6
-CVE-2005-0070 (Synaesthesia 2.1 and earlier, and possibly other versions, when ...)
+CVE-2005-0070
 	{DSA-681-1}
 	- synaesthesia 2.1-3
 	NOTE: does not apply for sarge, program is not setuid anymore
-CVE-2005-0069 (The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local ...)
+CVE-2005-0069
 	- vim 1:6.3-058+1
-CVE-2005-0068 (The original design of ICMP does not require authentication for ...)
+CVE-2005-0068
 	NOTE: general icmp design error
-CVE-2005-0067 (The original design of TCP does not require that port numbers be ...)
+CVE-2005-0067
 	NOTE: general tcp design error, no indication it affects linux
-CVE-2005-0066 (The original design of TCP does not check that the TCP Acknowledgement ...)
+CVE-2005-0066
 	NOTE: general tcp design error
-CVE-2005-0065 (The original design of TCP does not check that the TCP sequence number ...)
+CVE-2005-0065
 	NOTE: general tcp design error
-CVE-2005-0064 (Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc ...)
+CVE-2005-0064
 	{DSA-648-1 DSA-645-1}
 	- xpdf 3.00-13
 	- gpdf 2.8.2-1.2
@@ -11391,72 +11391,72 @@ CVE-2005-0064 (Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.
 	NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
 	NOTE: In version 1.1.23-13, the dormant code in the source
 	NOTE: package was fixed.
-CVE-2005-0063 (The document processing application used by the Windows Shell in ...)
+CVE-2005-0063
 	NOT-FOR-US: Microsoft
 CVE-2005-0062
 	RESERVED
-CVE-2005-0061 (The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and ...)
+CVE-2005-0061
 	NOT-FOR-US: Microsoft
-CVE-2005-0060 (Buffer overflow in the font processing component of Microsoft Windows ...)
+CVE-2005-0060
 	NOT-FOR-US: Microsoft
-CVE-2005-0059 (Buffer overflow in the Message Queuing component of Microsoft Windows ...)
+CVE-2005-0059
 	NOT-FOR-US: Microsoft
-CVE-2005-0058 (Buffer overflow in the Telephony Application Programming Interface ...)
+CVE-2005-0058
 	NOT-FOR-US: TAPI for Windows
-CVE-2005-0057 (The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 ...)
+CVE-2005-0057
 	NOT-FOR-US: Microsoft
-CVE-2005-0056 (Internet Explorer 5.01, 5.5, and 6 does not properly validate certain ...)
+CVE-2005-0056
 	NOT-FOR-US: Microsoft
-CVE-2005-0055 (Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers ...)
+CVE-2005-0055
 	NOT-FOR-US: Microsoft
-CVE-2005-0054 (Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a ...)
+CVE-2005-0054
 	NOT-FOR-US: Microsoft
-CVE-2005-0053 (Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute ...)
+CVE-2005-0053
 	NOT-FOR-US: Microsoft
 CVE-2005-0052
 	RESERVED
-CVE-2005-0051 (The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows ...)
+CVE-2005-0051
 	NOT-FOR-US: Microsoft
-CVE-2005-0050 (The License Logging service for Windows NT Server, Windows 2000 ...)
+CVE-2005-0050
 	NOT-FOR-US: Microsoft
-CVE-2005-0049 (Windows SharePoint Services and SharePoint Team Services for Windows ...)
+CVE-2005-0049
 	NOT-FOR-US: Microsoft
-CVE-2005-0048 (Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, ...)
+CVE-2005-0048
 	NOT-FOR-US: Microsoft
-CVE-2005-0047 (Windows 2000, XP, and Server 2003 does not properly &quot;validate the use ...)
+CVE-2005-0047
 	NOT-FOR-US: Microsoft
 CVE-2005-0046
 	RESERVED
-CVE-2005-0045 (The Server Message Block (SMB) implementation for Windows NT 4.0, ...)
+CVE-2005-0045
 	NOT-FOR-US: Microsoft
-CVE-2005-0044 (The OLE component in Windows 98, 2000, XP, and Server 2003, and ...)
+CVE-2005-0044
 	NOT-FOR-US: Microsoft
-CVE-2005-0043 (Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute ...)
+CVE-2005-0043
 	NOT-FOR-US: iTunes
 CVE-2005-0042
 	RESERVED
 CVE-2005-0041
 	RESERVED
-CVE-2005-0040 (Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke ...)
+CVE-2005-0040
 	NOT-FOR-US: DotNetNuke
-CVE-2005-0039 (Certain configurations of IPsec, when using Encapsulating Security ...)
+CVE-2005-0039
 	NOTE: These are known issues of IPSEC and basically every VPN system using
 	NOTE: encryption without authentication.
 	NOTE: openswan even prevents such configurations
-CVE-2005-0038 (The DNS implementation of PowerDNS 2.9.16 and earlier allows remote ...)
+CVE-2005-0038
 	- pdns 2.9.17-1
-CVE-2005-0037 (The DNS implementation of DNRD before 2.10 allows remote attackers to ...)
+CVE-2005-0037
 	NOT-FOR-US: dnrd
-CVE-2005-0036 (The DNS implementation in DeleGate 8.10.2 and earlier allows remote ...)
+CVE-2005-0036
 	NOT-FOR-US: DeleGate
-CVE-2005-0035 (The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and ...)
+CVE-2005-0035
 	NOT-FOR-US: Adobe
-CVE-2005-0034 (An &quot;incorrect assumption&quot; in the authvalidated validator function in ...)
+CVE-2005-0034
 	- bind9 1:9.3.1
 	[woody] - bind9 <not-affected>
 	[sarge] - bind9 <not-affected>
 	NOTE: only affects bind9 9.3.0, sarge and woody have an earlier versions
-CVE-2005-0033 (Buffer overflow in the code for recursion and glue fetching in BIND ...)
+CVE-2005-0033
 	- bind 1:8.4.6-1
 CVE-2005-0032
 	RESERVED
@@ -11476,69 +11476,69 @@ CVE-2005-0025
 	RESERVED
 CVE-2005-0024
 	RESERVED
-CVE-2005-0023 (gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to ...)
+CVE-2005-0023
 	- gnome-libs <unfixed> (bug #329156; unimportant)
 	- vte <unfixed> (bug #330907; unimportant)
 	NOTE: Not considered a security problem, see #329156
-CVE-2005-0022 (Buffer overflow in the spa_base64_to_bits function in Exim before ...)
+CVE-2005-0022
 	- exim4 4.34-10
-CVE-2005-0021 (Multiple buffer overflows in Exim before 4.43 may allow attackers to ...)
+CVE-2005-0021
 	{DSA-637-1 DSA-635-1}
 	- exim4 4.34-10
 	- exim 3.36-13 (bug #290036)
 	- exim-tls <removed>
-CVE-2005-0020 (Buffer overflow in playmidi before 2.4 allows local users to execute ...)
+CVE-2005-0020
 	{DSA-641-1}
 	- playmidi 2.4debian-3
-CVE-2005-0019 (Unknown vulnerability in hztty 2.0 and earlier allows local users to ...)
+CVE-2005-0019
 	{DSA-675-1}
 	- hztty 2.0-6.1
-CVE-2005-0018 (The f2 shell script in the f2c package 3.1 allows local users to read ...)
+CVE-2005-0018
 	{DSA-661-2}
 	- f2c 20020621-3.4 (bug #292792)
-CVE-2005-0017 (The f2c translator in the f2c package 3.1 allows local users to read ...)
+CVE-2005-0017
 	{DSA-661-2}
 	- f2c 20020621-3.4 (bug #292792)
-CVE-2005-0016 (Buffer overflow in the exported_display function in xatitv in gatos ...)
+CVE-2005-0016
 	{DSA-640-1}
 	- gatos 0.0.5-15
-CVE-2005-0015 (diatheke.pl in Sword 1.5.7a allows remote attackers to execute ...)
+CVE-2005-0015
 	{DSA-650-1}
 	- sword 1.5.7-7 (bug #291433)
-CVE-2005-0014 (Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote ...)
+CVE-2005-0014
 	- ncpfs 2.2.6-1
-CVE-2005-0013 (nwclient.c in ncpfs before 2.2.6 does not drop root privileges before ...)
+CVE-2005-0013
 	{DSA-665-1}
 	- ncpfs 2.2.6-1
-CVE-2005-0012 (Format string vulnerability in the a_Interface_msg function in Dillo ...)
+CVE-2005-0012
 	- dillo 0.8.3-1
-CVE-2005-0011 (Multiple vulnerabilities in fliccd, when installed setuid root as part ...)
+CVE-2005-0011
 	- kdeedu 4:3.3.2-2
-CVE-2005-0010 (Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through ...)
+CVE-2005-0010
 	- ethereal 0.10.9-1
-CVE-2005-0009 (Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 ...)
+CVE-2005-0009
 	- ethereal 0.10.9-1
-CVE-2005-0008 (Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through ...)
+CVE-2005-0008
 	- ethereal 0.10.9-1
-CVE-2005-0007 (Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through ...)
+CVE-2005-0007
 	- ethereal 0.10.9-1
-CVE-2005-0006 (The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote ...)
+CVE-2005-0006
 	- ethereal 0.10.9-1
-CVE-2005-0005 (Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and ...)
+CVE-2005-0005
 	{DSA-646-1}
 	- imagemagick 6:6.0.6.2-2.1 (bug #291118; bug #291033)
-CVE-2005-0004 (The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before ...)
+CVE-2005-0004
 	{DSA-647-1}
 	- mysql-dfsg-4.1 4.1.8a-6
 	- mysql-dfsg 4.0.23-3
-CVE-2005-0003 (The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit ...)
+CVE-2005-0003
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	- kernel-source-2.4.27 2.4.27-9
 	[sarge] - kernel-source-2.6.8 2.6.8-9
-CVE-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password, does not ...)
+CVE-2005-0002
 	NOT-FOR-US: poppassd_pam
-CVE-2005-0001 (Race condition in the page fault handler (fault.c) for Linux kernel ...)
+CVE-2005-0001
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	NOTE: i386 and smp specific
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index 2a182743e3..b4d22a4abd 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -1,10 +1,10 @@
-CVE-2006-7253 (GE Healthcare Infinia II has a default password of (1) infinia for the ...)
+CVE-2006-7253
 	NOT-FOR-US: GE Healthcare Infinia II
-CVE-2006-7252 (Integer overflow in the calloc function in libc/stdlib/malloc.c in ...)
+CVE-2006-7252
 	NOT-FOR-US: NetBSD/FreeBSD libc
 CVE-2006-7251
 	RESERVED
-CVE-2006-7250 (The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t ...)
+CVE-2006-7250
 	{DSA-2454-1}
 	- openssl 1.0.0h-1
 	NOTE: DSA addressed it in patch for CVE-2012-1165
@@ -12,7 +12,7 @@ CVE-2006-7249
 	REJECTED
 CVE-2006-7248
 	REJECTED
-CVE-2006-7247 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...)
+CVE-2006-7247
 	NOT-FOR-US: Joomla!
 CVE-2006-7246
 	RESERVED
@@ -21,72 +21,72 @@ CVE-2006-7246
 	- network-manager 0.9.4.0-1
 	[squeeze] - network-manager <no-dsa> (Minor issue)
 	NOTE: might be fixed earlier; I checked the source versions in Wheezy
-CVE-2006-7245 (Monkey's Audio before 4.01b2 allows remote attackers to cause a denial ...)
+CVE-2006-7245
 	NOT-FOR-US: Monkey's Audio
-CVE-2006-7244 (Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions ...)
+CVE-2006-7244
 	- libpng 1.2.39-1 (unimportant)
-CVE-2006-7243 (PHP before 5.3.4 accepts the \0 character in a pathname, which might ...)
+CVE-2006-7243
 	- php5 5.3.3-6 (low)
 	NOTE: old, known, issue -- partial protection by the suhosin extension
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=305507
-CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
+CVE-2006-7242
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2006-7241 (The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) ...)
+CVE-2006-7241
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2006-7240 (gnome-power-manager 2.14.0 does not properly implement the ...)
+CVE-2006-7240
 	- gnome-power-manager 2.28.0-1 (unimportant)
-CVE-2006-7239 (The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c ...)
+CVE-2006-7239
 	- gnutls26 <not-affected> (fix is present in lenny/sid; fixed originally in upstream 1.4.2, which precedes 26)
-CVE-2006-7238 (Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 ...)
+CVE-2006-7238
 	NOT-FOR-US: MyShoutPro
-CVE-2006-7237 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-7237
 	NOT-FOR-US: Ixprim
-CVE-2006-7236 (The default configuration of xterm on Debian GNU/Linux sid and ...)
+CVE-2006-7236
 	{DTSA-182-1}
 	- xterm 238-1 (medium; bug #510030)
 	[etch] - xterm <not-affected> (allowWindowOps disabled in configuration)
 	NOTE: Somewhat mitigated by a filter for control characters in
 	NOTE: post-etch versions.
-CVE-2006-7235 (Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a ...)
+CVE-2006-7235
 	NOT-FOR-US: Teamtek Universal FTP Server
-CVE-2006-7234 (Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows ...)
+CVE-2006-7234
 	- lynx-cur 2.8.7dev4-1 (low)
 	- lynx <not-affected> (Doesn't include the current directory in the search path)
-CVE-2006-7233 (Cross-site scripting (XSS) vulnerability in the login form (login.jsp) ...)
+CVE-2006-7233
 	NOT-FOR-US: Openfire
-CVE-2006-7232 (sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 ...)
+CVE-2006-7232
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.32-1
-CVE-2006-7231 (SQL injection vulnerability in display.asp in Civica Software Civica ...)
+CVE-2006-7231
 	NOT-FOR-US: Civica Software Civica
-CVE-2006-7230 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not ...)
+CVE-2006-7230
 	{DSA-1570-1}
 	- pcre3 7.0-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	[etch] - pcre3 6.7+7.4-2
-CVE-2006-7229 (The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly ...)
+CVE-2006-7229
 	- linux-2.6 2.6.20-1
 	[etch] - linux-2.6 <not-affected> (Ubuntu-specific regression)
-CVE-2006-7228 (Integer overflow in Perl-Compatible Regular Expression (PCRE) library ...)
+CVE-2006-7228
 	{DSA-1570-1}
 	- pcre3 6.2-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
-CVE-2006-7227 (Integer overflow in Perl-Compatible Regular Expression (PCRE) library ...)
+CVE-2006-7227
 	{DSA-1570-1}
 	- pcre3 6.2-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
-CVE-2006-7226 (Perl-Compatible Regular Expression (PCRE) library before 6.7 does not ...)
+CVE-2006-7226
 	- pcre3 6.7-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 	[sarge] - pcre3 4.5+7.4-1
 	[etch] - pcre3 6.7+7.4-2
-CVE-2006-7225 (Perl-Compatible Regular Expression (PCRE) library before 6.7 allows ...)
+CVE-2006-7225
 	- pcre3 6.7-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
@@ -94,1397 +94,1397 @@ CVE-2006-7225 (Perl-Compatible Regular Expression (PCRE) library before 6.7 allo
 	[etch] - pcre3 6.7+7.4-2
 CVE-2006-7224
 	REJECTED
-CVE-2006-7223 (PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the ...)
+CVE-2006-7223
 	NOT-FOR-US: Xwiki
-CVE-2006-7222 (Buffer overflow in the CFLICStream::_deltachunk function in ...)
+CVE-2006-7222
 	NOT-FOR-US: Media Player Classic
-CVE-2006-7221 (Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow ...)
+CVE-2006-7221
 	- gftp 2.0.18-17 (unimportant; bug #437710)
-CVE-2006-7220 (Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows remote ...)
+CVE-2006-7220
 	NOT-FOR-US: SAP SAPLPD
-CVE-2006-7219 (eZ publish before 3.8.5 does not properly enforce permissions for ...)
+CVE-2006-7219
 	- ezpublish <not-affected> (Debian's version is too old)
-CVE-2006-7218 (eZ publish before 3.8.1 does not properly enforce permissions for ...)
+CVE-2006-7218
 	- ezpublish <not-affected> (Debian's version is too old)
-CVE-2006-7217 (Apache Derby before 10.2.1.6 does not determine schema privilege ...)
+CVE-2006-7217
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: http://issues.apache.org/jira/browse/DERBY-1858
-CVE-2006-7216 (Apache Derby before 10.2.1.6 does not determine privilege requirements ...)
+CVE-2006-7216
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: http://issues.apache.org/jira/browse/DERBY-1708
-CVE-2006-7215 (The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop ...)
+CVE-2006-7215
 	NOT-FOR-US: Intel processor
-CVE-2006-7214 (Multiple unspecified vulnerabilities in Firebird 1.5 allow remote ...)
+CVE-2006-7214
 	{DSA-1529-1}
 	- firebird1.5 <removed> (bug #432753)
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
-CVE-2006-7213 (Firebird 1.5 allows remote authenticated users without SYSDBA and ...)
+CVE-2006-7213
 	{DSA-1529-1}
 	- firebird1.5 <removed> (bug #432753)
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
-CVE-2006-7212 (Multiple buffer overflows in Firebird 1.5, one of which affects WNET, ...)
+CVE-2006-7212
 	{DSA-1529-1}
 	- firebird1.5 <removed> (bug #432753)
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
-CVE-2006-7211 (fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the ...)
+CVE-2006-7211
 	{DSA-1529-1}
 	- firebird1.5 <not-affected> (fixed before rename to firebird1.5)
 	- firebird2 1.5.3.4870-4 (low; bug #362001)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
 	[sarge] - firebird2 <no-dsa> (Minor issue)
-CVE-2006-7210 (Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to ...)
+CVE-2006-7210
 	NOT-FOR-US: Windows
-CVE-2006-7209 (Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA ...)
+CVE-2006-7209
 	NOT-FOR-US: phpTrafficA
-CVE-2006-7208 (PHP remote file inclusion vulnerability in download.php in the Adam ...)
+CVE-2006-7208
 	NOT-FOR-US: phpBB component com_forum
-CVE-2006-7207 (Buffer overflow in ageet AGEphone before 1.4.0 might allow remote ...)
+CVE-2006-7207
 	NOT-FOR-US: AGEphone
-CVE-2006-7206 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
+CVE-2006-7206
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-XXXX [Owl Intranet Engine multiple cross-site scripting, SQL-injection]
 	- owl-dms 0.94-1 (medium; bug #416296)
-CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 ...)
+CVE-2006-7205
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: local DoS when Apache memory limit is set high
-CVE-2006-7204 (The imap_body function in PHP before 4.4.4 does not implement safemode ...)
+CVE-2006-7204
 	- php4 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2006-7203 (The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 ...)
+CVE-2006-7203
 	{DSA-1504-1}
 	- linux-2.6 2.6.18.dfsg.1-9 (low)
-CVE-2006-7202 (The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not ...)
+CVE-2006-7202
 	NOT-FOR-US: Mambo
-CVE-2006-7201 (EMC RSA Security SiteKey does not set the secure qualifier on the ...)
+CVE-2006-7201
 	NOT-FOR-US: EMC RSA Security SiteKey
-CVE-2006-7200 (EMC RSA Security SiteKey issues challenge-bypass tokens that persist ...)
+CVE-2006-7200
 	NOT-FOR-US: EMC RSA Security SiteKey
-CVE-2006-7199 (EMC RSA Security SiteKey allows remote attackers to display the ...)
+CVE-2006-7199
 	NOT-FOR-US: EMC RSA Security SiteKey
-CVE-2006-7198 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2006-7198
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7197 (The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for ...)
+CVE-2006-7197
 	- tomcat5.5 5.5.17-1 (low)
-CVE-2006-7196 (Cross-site scripting (XSS) vulnerability in the calendar application ...)
+CVE-2006-7196
 	- tomcat5.5 5.5.16-1 (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat4 <removed> (unimportant)
 	NOTE: Only present in an example, not in production code
-CVE-2006-7195 (Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in ...)
+CVE-2006-7195
 	- tomcat5.5 5.5.20-1 (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat4 <removed> (unimportant)
 	NOTE: Only present in an example, not in production code
-CVE-2006-7194 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-7194
 	NOT-FOR-US: Agora
-CVE-2006-7193 (** DISPUTED ** ...)
+CVE-2006-7193
 	NOT-FOR-US: disputed (SMARTY_DIR is a constant)
-CVE-2006-7192 (Microsoft ASP .NET Framework 2.0.50727.42 does not properly handle ...)
+CVE-2006-7192
 	NOT-FOR-US: Microsoft ASP .NET Framework
-CVE-2006-7191 (Untrusted search path vulnerability in lamdaemon.pl in LDAP Account ...)
+CVE-2006-7191
 	{DSA-1287-1}
 	- ldap-account-manager 1.0.0-1 (medium)
-CVE-2006-7190 (Cross-site scripting (XSS) vulnerability in cgi-bin/user-lib/topics.pl ...)
+CVE-2006-7190
 	NOT-FOR-US: WebAPP
-CVE-2006-7189 (Cross-site scripting (XSS) vulnerability in cgi-bin/admin/logs.cgi in ...)
+CVE-2006-7189
 	NOT-FOR-US: WebAPP
-CVE-2006-7188 (The search function in cgi-lib/user-lib/search.pl in web-app.net ...)
+CVE-2006-7188
 	NOT-FOR-US: WebAPP
-CVE-2006-7187 (Cross-site scripting (XSS) vulnerability in the show_recent_searches ...)
+CVE-2006-7187
 	NOT-FOR-US: WebAPP
-CVE-2006-7186 (cgi-lib/subs.pl in web-app.net WebAPP before 0.9.9.3.5 allows ...)
+CVE-2006-7186
 	NOT-FOR-US: WebAPP
-CVE-2006-7185 (PHP remote file inclusion vulnerability in includes/user_standard.php ...)
+CVE-2006-7185
 	NOT-FOR-US: CMSmelborp
-CVE-2006-7184 (Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine ...)
+CVE-2006-7184
 	NOT-FOR-US: Exhibit Engine
-CVE-2006-7183 (PHP remote file inclusion vulnerability in styles.php in Exhibit ...)
+CVE-2006-7183
 	NOT-FOR-US: Exhibit Engine
-CVE-2006-7182 (PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 ...)
+CVE-2006-7182
 	NOT-FOR-US: MNews
-CVE-2006-7181 (** DISPUTED ** ...)
+CVE-2006-7181
 	NOT-FOR-US: Morcego CMS
-CVE-2006-7180 (ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets ...)
+CVE-2006-7180
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7179 (ieee80211_input.c in MadWifi before 0.9.3 does not properly process ...)
+CVE-2006-7179
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7178 (MadWifi before 0.9.3 does not properly handle reception of an AUTH ...)
+CVE-2006-7178
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7177 (MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a ...)
+CVE-2006-7177
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7176 (The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update ...)
+CVE-2006-7176
 	- sendmail <not-affected> (Not a program flaw, a DNS error)
-CVE-2006-7175 (The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update ...)
+CVE-2006-7175
 	- sendmail <not-affected> (Debian compiles with FFR_TLS correctly)
-CVE-2006-7174 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2006-7174
 	NOT-FOR-US: Dimension module of phpBB
-CVE-2006-7173 (Direct static code injection vulnerability in admin.php in PHP-Stats ...)
+CVE-2006-7173
 	NOT-FOR-US: PHP-Stats
-CVE-2006-7172 (Multiple SQL injection vulnerabilities in php-stats.recphp.php in ...)
+CVE-2006-7172
 	NOT-FOR-US: PHP-Stats
-CVE-2006-7171 (product_review.php in Koan Software Mega Mall allows remote attackers ...)
+CVE-2006-7171
 	NOT-FOR-US: Mega Mall
-CVE-2006-7170 (Multiple SQL injection vulnerabilities in Koan Software Mega Mall ...)
+CVE-2006-7170
 	NOT-FOR-US: Mega Mall
-CVE-2006-7169 (PHP remote file inclusion vulnerability in includes/header_simple.php ...)
+CVE-2006-7169
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-7168 (PHP remote file inclusion vulnerability in includes/not_mem.php in the ...)
+CVE-2006-7168
 	NOT-FOR-US: phpBB module Add Name
-CVE-2006-7167 (Unspecified vulnerability in ProRat Server 1.9 Fix2 allows remote ...)
+CVE-2006-7167
 	NOT-FOR-US: ProRat Server
-CVE-2006-7166 (IBM WebSphere Application Server (WAS) 5.1.1.9 and earlier allows ...)
+CVE-2006-7166
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7165 (IBM WebSphere Application Server (WAS) 5.0 through 5.1.1.0 allows ...)
+CVE-2006-7165
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7164 (SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through ...)
+CVE-2006-7164
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7163 (DreameeSoft Password Master 1.0 stores the database in an unencrypted ...)
+CVE-2006-7163
 	NOT-FOR-US: DreameeSoft Password Master
-CVE-2006-7162 (PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files ...)
+CVE-2006-7162
 	- putty 0.59-1 (bug #400804; unimportant)
 	NOTE: Unsafe default, but not a vulnerability
 	NOTE: Sensitive operations like key generation should only be done in private home
-CVE-2006-7161 (SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows ...)
+CVE-2006-7161
 	NOT-FOR-US: Hazir Site
-CVE-2006-7160 (The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly ...)
+CVE-2006-7160
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2006-7159 (Directory traversal vulnerability in include/prune_torrents.php in ...)
+CVE-2006-7159
 	NOT-FOR-US: BTI-Tracker
-CVE-2006-7158 (Cross-site scripting (XSS) vulnerability in Oracle Application Express ...)
+CVE-2006-7158
 	NOT-FOR-US: Oracle Application Express
-CVE-2006-7157 (Buffer overflow in Google Earth v4.0.2091 (beta) allows remote ...)
+CVE-2006-7157
 	NOT-FOR-US: Google Earth
-CVE-2006-7156 (PHP remote file inclusion vulnerability in addon_keywords.php in ...)
+CVE-2006-7156
 	NOT-FOR-US: miniBB module Keyword Replacer
-CVE-2006-7155 (Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the ...)
+CVE-2006-7155
 	NOT-FOR-US: Novell BorderManager
-CVE-2006-7154 (Iono allows remote attackers to obtain the full server path via ...)
+CVE-2006-7154
 	NOT-FOR-US: Iono
-CVE-2006-7153 (PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 ...)
+CVE-2006-7153
 	NOT-FOR-US: MiniBB Forum
-CVE-2006-7152 (default.asp in ASP-Nuke Community 1.5 and earlier allows remote ...)
+CVE-2006-7152
 	NOT-FOR-US: ASP-Nuke Community
-CVE-2006-7151 (Untrusted search path vulnerability in the libtool-ltdl library ...)
+CVE-2006-7151
 	- libtool <not-affected> (Specific to Fedora build)
-CVE-2006-7150 (Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote ...)
+CVE-2006-7150
 	NOT-FOR-US: Mambo
-CVE-2006-7149 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x ...)
+CVE-2006-7149
 	NOT-FOR-US: Mambo
-CVE-2006-7148 (PHP remote file inclusion vulnerability in includes/bb_usage_stats.php ...)
+CVE-2006-7148
 	NOT-FOR-US: phpBB module maluinfo
-CVE-2006-7147 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-7147
 	NOT-FOR-US: phpBB module Import Tools
-CVE-2006-7146 (** DISPUTED ** ...)
+CVE-2006-7146
 	NOT-FOR-US: communityPortals
-CVE-2006-7145 (edit_user.php in Call Center Software 0.93 and earlier allows remote ...)
+CVE-2006-7145
 	NOT-FOR-US: Call Center Software
-CVE-2006-7144 (SQL injection vulnerability in Call Center Software 0.93 and earlier ...)
+CVE-2006-7144
 	NOT-FOR-US: Call Center Software
-CVE-2006-7143 (Cross-site scripting (XSS) vulnerability in Call Center Software 0.93 ...)
+CVE-2006-7143
 	NOT-FOR-US: Call Center Software
-CVE-2006-7142 (The centralized management feature for Utimaco Safeguard stores ...)
+CVE-2006-7142
 	NOT-FOR-US: Utimaco Safeguard
-CVE-2006-7141 (** DISPUTED ** ...)
+CVE-2006-7141
 	NOT-FOR-US: Oracle Database
-CVE-2006-7140 (The libike library, as used by in.iked, elfsign, and kcfd in Sun ...)
+CVE-2006-7140
 	NOT-FOR-US: Sun Solaris
-CVE-2006-7139 (Kmail 1.9.1 on KDE 3.5.2, with &quot;Prefer HTML to Plain Text&quot; enabled, ...)
+CVE-2006-7139
 	- kdepim <unfixed> (unimportant)
 	NOTE: Annoying bug, but neglectable "security implications"
-CVE-2006-7138 (SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in ...)
+CVE-2006-7138
 	NOT-FOR-US: Oracle APEX
-CVE-2006-7137 (Cross-site scripting (XSS) vulnerability in TinyPortal before 0.8.6 ...)
+CVE-2006-7137
 	NOT-FOR-US: TinyPortal
-CVE-2006-7136 (Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator ...)
+CVE-2006-7136
 	NOT-FOR-US: PHP Poll Creator
-CVE-2006-7135 (PHP remote file inclusion vulnerability in lib/functions.inc.php in ...)
+CVE-2006-7135
 	NOT-FOR-US: PHP Poll Creator
-CVE-2006-7134 (Unrestricted file upload vulnerability in main_user.php in Upload Tool ...)
+CVE-2006-7134
 	NOT-FOR-US: Upload Tool for PHP
-CVE-2006-7133 (Directory traversal vulnerability in upload/bin/download.php in Upload ...)
+CVE-2006-7133
 	NOT-FOR-US: Upload Tool for PHP
-CVE-2006-7132 (Directory traversal vulnerability in pmd-config.php in PHPMyDesk ...)
+CVE-2006-7132
 	NOT-FOR-US: PHPMyDesk
-CVE-2006-7131 (PHP remote file inclusion vulnerability in extras/mt.php in Jinzora ...)
+CVE-2006-7131
 	NOT-FOR-US: Jinzora
-CVE-2006-7130 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-7130
 	NOT-FOR-US: Jinzora
-CVE-2006-7129 (ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier ...)
+CVE-2006-7129
 	NOT-FOR-US: ISS BlackICE
-CVE-2006-7128 (PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 ...)
+CVE-2006-7128
 	NOT-FOR-US: JAF CMS
-CVE-2006-7127 (Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and ...)
+CVE-2006-7127
 	NOT-FOR-US: JAF CMS
-CVE-2006-7126 (SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 ...)
+CVE-2006-7126
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7125 (Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 ...)
+CVE-2006-7125
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7124 (PHP remote file inclusion vulnerability in external/rssfeeds.php in ...)
+CVE-2006-7124
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7123 (Multiple SQL injection vulnerabilities in BSQ Sitestats (component for ...)
+CVE-2006-7123
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7122 (Cross-site scripting (XSS) vulnerability in the IP Address Lookup ...)
+CVE-2006-7122
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7121 (The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote ...)
+CVE-2006-7121
 	NOT-FOR-US: Linksys SPA-921
-CVE-2006-7120 (** DISPUTED ** ...)
+CVE-2006-7120
 	NOT-FOR-US: OSL maintain
-CVE-2006-7119 (PHP remote file inclusion vulnerability in kernel/system/startup.php ...)
+CVE-2006-7119
 	NOT-FOR-US: PHPGiggle
-CVE-2006-7118 (SQL injection vulnerability in index.asp in DMXReady Site Engine ...)
+CVE-2006-7118
 	NOT-FOR-US: DMXReady Site Engine Manager
-CVE-2006-7117 (Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier ...)
+CVE-2006-7117
 	NOT-FOR-US: Kubix
-CVE-2006-7116 (SQL injection vulnerability in includes/functions.php in Kubix 0.7 and ...)
+CVE-2006-7116
 	NOT-FOR-US: Kubix
-CVE-2006-7115 (SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote ...)
+CVE-2006-7115
 	NOT-FOR-US: PHPKit
-CVE-2006-7114 (P-News 2.0 stores db/user.txt under the web document root with ...)
+CVE-2006-7114
 	NOT-FOR-US: P-News
-CVE-2006-7113 (Unrestricted file upload vulnerability in P-News 2.0 allows remote ...)
+CVE-2006-7113
 	NOT-FOR-US: P-News
-CVE-2006-7112 (Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and ...)
+CVE-2006-7112
 	NOT-FOR-US: MD-Pro
-CVE-2006-7111 (Unspecified vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and ...)
+CVE-2006-7111
 	NOT-FOR-US: KMail CGI
-CVE-2006-7110 (Directory traversal vulnerability in the delete function in IMCE ...)
+CVE-2006-7110
 	NOT-FOR-US: Drupal module IMCE
-CVE-2006-7109 (Unrestricted file upload vulnerability in IMCE before 1.6, a Drupal ...)
+CVE-2006-7109
 	NOT-FOR-US: Drupal module IMCE
-CVE-2006-7108 (login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when ...)
+CVE-2006-7108
 	- util-linux 2.17.2-9 (unimportant)
 	NOTE: likely fixed far before this, which is the version in squeeze that was checked
-CVE-2006-7107 (PHP remote file inclusion vulnerability in upgrade.php in Coalescent ...)
+CVE-2006-7107
 	NOT-FOR-US: freePBX
-CVE-2006-7106 (PHP remote file inclusion vulnerability in config.inc.php3 in Power ...)
+CVE-2006-7106
 	NOT-FOR-US: Power Phlogger
-CVE-2006-7105 (** DISPUTED ** ...)
+CVE-2006-7105
 	- smarty <not-affected> (described vulnerability never existed)
-CVE-2006-7104 (PHP remote file inclusion vulnerability in htmltemplate.php in the ...)
+CVE-2006-7104
 	NOT-FOR-US: MOStlyContent Editor
-CVE-2006-7103 (Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 ...)
+CVE-2006-7103
 	NOT-FOR-US: EZOnlineGallery
-CVE-2006-7102 (Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal ...)
+CVE-2006-7102
 	NOT-FOR-US: phpBurningPortal quiz-modul
-CVE-2006-7101 (SQL injection vulnerability in admin.php in PHPWind 5.0.1 and earlier ...)
+CVE-2006-7101
 	NOT-FOR-US: PHPWind
-CVE-2006-7100 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-7100
 	NOT-FOR-US: phpBB Insert User
-CVE-2006-7099 (Directory traversal vulnerability in index.php in SolarPay allows ...)
+CVE-2006-7099
 	NOT-FOR-US: SolarPay
-CVE-2006-7098 (The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server ...)
+CVE-2006-7098
 	- apache 1.3.34-4.1 (low; bug #357561)
-CVE-2006-7097 (Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have ...)
+CVE-2006-7097
 	NOT-FOR-US: TaskFreak!
-CVE-2006-7096 (Buffer overflow in the network_host_handle_join function in host.c in ...)
+CVE-2006-7096
 	NOT-FOR-US: dimension 3 engine
-CVE-2006-7095 (Integer signedness error in the network_receive_packet function in ...)
+CVE-2006-7095
 	NOT-FOR-US: dimension 3 engine
-CVE-2006-7094 (ftpd, as used by Gentoo and Debian Linux, sets the gid to the ...)
+CVE-2006-7094
 	- linux-ftpd 0.17-23 (bug #384454; low)
-CVE-2006-7093 (Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 ...)
+CVE-2006-7093
 	NOT-FOR-US: Mambo LaiThai
-CVE-2006-7092 (SQL injection vulnerability in includes/mambo.php in Mambo LaiThai ...)
+CVE-2006-7092
 	NOT-FOR-US: Mambo LaiThai
-CVE-2006-7091 (PHP remote file inclusion vulnerability in config.php in phpht ...)
+CVE-2006-7091
 	NOT-FOR-US: Topsites FREE
-CVE-2006-7090 (PHP remote file inclusion vulnerability in phpbb_security.php in phpBB ...)
+CVE-2006-7090
 	NOT-FOR-US: phpBB Security
-CVE-2006-7089 (SQL injection vulnerability in connexion.php in Ban 0.1 allows remote ...)
+CVE-2006-7089
 	NOT-FOR-US: Ban
-CVE-2006-7088 (Multiple SQL injection vulnerabilities in Simple PHP Forum before 0.4 ...)
+CVE-2006-7088
 	NOT-FOR-US: Simple PHP Forum
-CVE-2006-7087 (CRLF injection vulnerability in the mail function in Dotdeb PHP before ...)
+CVE-2006-7087
 	NOT-FOR-US: Dotdeb PHP
-CVE-2006-7086 (The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow ...)
+CVE-2006-7086
 	NOT-FOR-US: Hot Links
-CVE-2006-7085 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers ...)
+CVE-2006-7085
 	NOT-FOR-US: Rigter Portal System
 CVE-2006-7084
 	REJECTED
-CVE-2006-7083 (Directory traversal vulnerability in index.php in Rigter Portal System ...)
+CVE-2006-7083
 	NOT-FOR-US: Rigter Portal System
-CVE-2006-7082 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers ...)
+CVE-2006-7082
 	NOT-FOR-US: Rigter Portal System
-CVE-2006-7081 (Multiple PHP remote file inclusion vulnerabilities in PhpNews 1.0 ...)
+CVE-2006-7081
 	NOT-FOR-US: PhpNews
-CVE-2006-7080 (Directory traversal vulnerability in the avatar upload feature in exV2 ...)
+CVE-2006-7080
 	NOT-FOR-US: exV2
-CVE-2006-7079 (Variable extraction vulnerability in include/common.php in exV2 ...)
+CVE-2006-7079
 	NOT-FOR-US: exV2
-CVE-2006-7078 (Multiple cross-site scripting (XSS) vulnerabilities in Professional ...)
+CVE-2006-7078
 	NOT-FOR-US: Professional Home Page Tools Login Script
-CVE-2006-7077 (SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 ...)
+CVE-2006-7077
 	NOT-FOR-US: Advanced Guestbook
-CVE-2006-7076 (Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced ...)
+CVE-2006-7076
 	NOT-FOR-US: Advanced Guestbook
-CVE-2006-7075 (Buffer overflow in the meta_read_flac function in meta_decoder.c for ...)
+CVE-2006-7075
 	- aqualung 0.9~beta6-1 (medium)
-CVE-2006-7074 (admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass ...)
+CVE-2006-7074
 	NOT-FOR-US: SmartSiteCMS
-CVE-2006-7073 (Cross-site scripting (XSS) vulnerability in Opentools Attachment Mod ...)
+CVE-2006-7073
 	NOT-FOR-US: Opentools Attachment Mod
-CVE-2006-7072 (Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise ...)
+CVE-2006-7072
 	NOT-FOR-US: GeoClassifieds Enterprise
-CVE-2006-7071 (SQL injection vulnerability in classes/class_session.php in Invision ...)
+CVE-2006-7071
 	NOT-FOR-US: Invision Power Board
-CVE-2006-7070 (Unrestricted file upload vulnerability in ...)
+CVE-2006-7070
 	NOT-FOR-US: Etomite CMS
-CVE-2006-7069 (PHP remote file inclusion vulnerability in smarty_config.php in ...)
+CVE-2006-7069
 	NOT-FOR-US: Socketwiz Bookmarks
-CVE-2006-7068 (PHP remote file inclusion vulnerability in CliServ Web Community 0.65 ...)
+CVE-2006-7068
 	NOT-FOR-US: CliServ Web Community
-CVE-2006-7067 (Oracle 10g R2 and possibly other versions allows remote attackers to ...)
+CVE-2006-7067
 	NOT-FOR-US: Oracle
-CVE-2006-7066 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
+CVE-2006-7066
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7065 (Microsoft Internet Explorer allows remote attackers to cause a denial ...)
+CVE-2006-7065
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7064 (Cross-site scripting (XSS) vulnerability in forum/admin.php for ...)
+CVE-2006-7064
 	NOT-FOR-US: Invision Power Board
-CVE-2006-7063 (Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 ...)
+CVE-2006-7063
 	NOT-FOR-US: TinyPHPforum
-CVE-2006-7062 (calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows ...)
+CVE-2006-7062
 	NOT-FOR-US: Kamgaing Email System
-CVE-2006-7061 (Scriptsez.net E-Dating System stores data files with predictable names ...)
+CVE-2006-7061
 	NOT-FOR-US: E-Dating System
-CVE-2006-7060 (cindex.php in Scriptsez.net E-Dating System allows remote attackers to ...)
+CVE-2006-7060
 	NOT-FOR-US: E-Dating System
-CVE-2006-7059 (Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net ...)
+CVE-2006-7059
 	NOT-FOR-US: E-Dating System
-CVE-2006-7058 (Multiple cross-site scripting (XSS) vulnerabilities in Sphider before ...)
+CVE-2006-7058
 	NOT-FOR-US: Sphider
-CVE-2006-7057 (SQL injection vulnerability in search.php in Sphider before 1.3.1c ...)
+CVE-2006-7057
 	NOT-FOR-US: Sphider
-CVE-2006-7056 (Multiple PHP remote file inclusion vulnerabilities in DreamCost ...)
+CVE-2006-7056
 	NOT-FOR-US: HostAdmin
-CVE-2006-7055 (PHP remote file inclusion vulnerability in index.php in TotalCalendar ...)
+CVE-2006-7055
 	NOT-FOR-US: TotalCalendar
-CVE-2006-7054 (The DNS module in Arkoon FAST360 UTM appliances 3.0 up to 3.0/29, 3.1 ...)
+CVE-2006-7054
 	NOT-FOR-US: FAST360 UTM
-CVE-2006-7053 (Unspecified vulnerability in Arkoon FAST360 UTM appliances 3.0 through ...)
+CVE-2006-7053
 	NOT-FOR-US: FAST360 UTM
-CVE-2006-7052 (Multiple PHP remote file inclusion vulnerabilities in DotWidget For ...)
+CVE-2006-7052
 	NOT-FOR-US: DotWidget
-CVE-2006-7051 (The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x ...)
+CVE-2006-7051
 	- linux-2.6 2.6.23-1 (low)
 	[etch] - linux-2.6 <no-dsa> (Design limitation, use resource limits if it poses a problem)
-CVE-2006-7050 (Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) ...)
+CVE-2006-7050
 	NOT-FOR-US: WikkaWiki
-CVE-2006-7049 (The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the ...)
+CVE-2006-7049
 	NOT-FOR-US: WikkaWiki
-CVE-2006-7048 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 ...)
+CVE-2006-7048
 	NOT-FOR-US: Claroline
-CVE-2006-7047 (include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ...)
+CVE-2006-7047
 	NOT-FOR-US: Shoutpro
-CVE-2006-7046 (PHP remote file inclusion vulnerability in cmpro.intern/login.inc.php ...)
+CVE-2006-7046
 	NOT-FOR-US: Clan Manager Pro
-CVE-2006-7045 (PHP remote file inclusion vulnerability in Clan Manager Pro (CMPRO) ...)
+CVE-2006-7045
 	NOT-FOR-US: Clan Manager Pro
-CVE-2006-7044 (PHP remote file inclusion vulnerability in comment.core.inc.php in ...)
+CVE-2006-7044
 	NOT-FOR-US: Clan Manager Pro
-CVE-2006-7043 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk ...)
+CVE-2006-7043
 	NOT-FOR-US: Chipmunk
-CVE-2006-7042 (Cross-site scripting (XSS) vulnerability in directory/index.php in ...)
+CVE-2006-7042
 	NOT-FOR-US: Chipmunk
-CVE-2006-7041 (The SMTP service in MERCUR Messaging 2005 before Service Pack 4 allows ...)
+CVE-2006-7041
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7040 (Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack ...)
+CVE-2006-7040
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7039 (The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 ...)
+CVE-2006-7039
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7038 (Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack ...)
+CVE-2006-7038
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7037 (Mathcad 12 through 13.1 allows local users to bypass the security ...)
+CVE-2006-7037
 	NOT-FOR-US: MathCAD
-CVE-2006-7036 (PHP remote file inclusion vulnerability in register.php for Andys Chat ...)
+CVE-2006-7036
 	NOT-FOR-US: Andy's Chat
-CVE-2006-7035 (Directory traversal vulnerability in make_thumbnail.php in Super Link ...)
+CVE-2006-7035
 	NOT-FOR-US: Super Link Exchange Script
-CVE-2006-7034 (SQL injection vulnerability in directory.php in Super Link Exchange ...)
+CVE-2006-7034
 	NOT-FOR-US: Super Link Exchange Script
-CVE-2006-7033 (Cross-site scripting (XSS) vulnerability in Super Link Exchange Script ...)
+CVE-2006-7033
 	NOT-FOR-US: Super Link Exchange Script
-CVE-2006-7032 (PHP remote file inclusion vulnerability in phpbb/getmsg.php in FlashBB ...)
+CVE-2006-7032
 	NOT-FOR-US: FlashBB
-CVE-2006-7031 (Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote ...)
+CVE-2006-7031
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7030 (Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers ...)
+CVE-2006-7030
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7029 (Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers ...)
+CVE-2006-7029
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7028 (Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, ...)
+CVE-2006-7028
 	NOT-FOR-US: Sun Solaris
-CVE-2006-7027 (Microsoft Internet Security and Acceleration (ISA) Server 2004 logs ...)
+CVE-2006-7027
 	NOT-FOR-US: Microsoft ISA
-CVE-2006-7026 (PHP remote file inclusion vulnerability in sources/join.php in ...)
+CVE-2006-7026
 	NOT-FOR-US: Topsites PHP
-CVE-2006-7025 (SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and ...)
+CVE-2006-7025
 	NOT-FOR-US: Bookmark4U
 CVE-2006-XXXX [pure-ftpd-mysql: any problems with a home dir will allow rw to the entire filesystem]
 	- pure-ftpd 1.0.21-1 (low)
 	NOTE: oldstable is affected
-CVE-2006-7024 (Multiple PHP remote file inclusion vulnerabilities in Harpia CMS 1.0.5 ...)
+CVE-2006-7024
 	NOT-FOR-US: Harpia CMS
-CVE-2006-7023 (Multiple cross-site scripting (XSS) vulnerabilities in fx-APP 0.0.8.1 ...)
+CVE-2006-7023
 	NOT-FOR-US: fx-APP
-CVE-2006-7022 (The Tools module in fx-APP 0.0.8.1 allows remote attackers to ...)
+CVE-2006-7022
 	NOT-FOR-US: fx-APP
-CVE-2006-7021 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-7021
 	NOT-FOR-US: Plume CMS
-CVE-2006-7020 (CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php ...)
+CVE-2006-7020
 	NOT-FOR-US: phpwcms
-CVE-2006-7019 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote ...)
+CVE-2006-7019
 	NOT-FOR-US: phpwcms
-CVE-2006-7018 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote ...)
+CVE-2006-7018
 	NOT-FOR-US: phpwcms
-CVE-2006-7017 (Multiple PHP remote file inclusion vulnerabilities in Indexu 5.0.1 ...)
+CVE-2006-7017
 	NOT-FOR-US: Indexu
-CVE-2006-7016 (phpjobboard allows remote attackers to bypass authentication and gain ...)
+CVE-2006-7016
 	NOT-FOR-US: Jobline
-CVE-2006-7015 (** DISPUTED ** ...)
+CVE-2006-7015
 	NOT-FOR-US: Jobline
-CVE-2006-7014 (admin.php in BloggIT 1.01 and earlier does not properly establish a ...)
+CVE-2006-7014
 	NOT-FOR-US: BloggIT
-CVE-2006-7013 (** DISPUTED ** ...)
+CVE-2006-7013
 	NOT-FOR-US: Simple Machine Forum
-CVE-2006-7012 (scart.cgi in SCart 2.0 allows remote attackers to execute arbitrary ...)
+CVE-2006-7012
 	NOT-FOR-US: SCart
-CVE-2006-7011 (** DISPUTED ** ...)
+CVE-2006-7011
 	NOT-FOR-US: FlashChat
-CVE-2006-7010 (The mosgetparam implementation in Joomla! before 1.0.10, does not set ...)
+CVE-2006-7010
 	NOT-FOR-US: Joomla!
-CVE-2006-7009 (Joomla! before 1.0.10 allows remote attackers to spoof the frontend ...)
+CVE-2006-7009
 	NOT-FOR-US: Joomla!
-CVE-2006-7008 (Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact ...)
+CVE-2006-7008
 	NOT-FOR-US: Joomla!
-CVE-2006-7007 (Buffer overflow in Tiny FTPd 1.4 and earlier allows remote attackers ...)
+CVE-2006-7007
 	NOT-FOR-US: Tiny FTPd
-CVE-2006-7006 (** DISPUTED ** ...)
+CVE-2006-7006
 	NOT-FOR-US: Somery
-CVE-2006-7005 (SQL injection vulnerability in item.php in PSY Auction allows remote ...)
+CVE-2006-7005
 	NOT-FOR-US: PSY Auction
-CVE-2006-7004 (Cross-site scripting (XSS) vulnerability in email_request.php in PSY ...)
+CVE-2006-7004
 	NOT-FOR-US: PSY Auction
-CVE-2006-7003 (PHP remote file inclusion vulnerability in admin/index.php in Fusion ...)
+CVE-2006-7003
 	NOT-FOR-US: Fusion Polls
-CVE-2006-7002 (Cross-site scripting (XSS) vulnerability in add_comment.php in ...)
+CVE-2006-7002
 	NOT-FOR-US: Wheatblog
-CVE-2006-7001 (Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 ...)
+CVE-2006-7001
 	NOT-FOR-US: PhpMyChat Plus
-CVE-2006-7000 (Headstart Solutions DeskPRO allows remote attackers to obtain the full ...)
+CVE-2006-7000
 	NOT-FOR-US: DeskPRO
-CVE-2006-6999 (attachment.php in Headstart Solutions DeskPRO allows remote attackers ...)
+CVE-2006-6999
 	NOT-FOR-US: DeskPRO
-CVE-2006-6998 (install/loader_help.php in Headstart Solutions DeskPRO allows remote ...)
+CVE-2006-6998
 	NOT-FOR-US: DeskPRO
-CVE-2006-6997 (Unspecified vulnerability in a cryptographic feature in MailEnable ...)
+CVE-2006-6997
 	NOT-FOR-US: MailEnable
-CVE-2006-6996 (Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS ...)
+CVE-2006-6996
 	NOT-FOR-US: warforge.NEWS
-CVE-2006-6995 (mycontacts.php in V3 Chat allows remote authenticated users to gain ...)
+CVE-2006-6995
 	NOT-FOR-US: V3 Chat
-CVE-2006-6994 (Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, ...)
+CVE-2006-6994
 	NOT-FOR-US: OzzyWork Gallery
-CVE-2006-6993 (Multiple SQL injection vulnerabilities in pages/addcomment2.php in ...)
+CVE-2006-6993
 	NOT-FOR-US: Neuron Blog
-CVE-2006-6992 (Cross-domain vulnerability in GoSuRF Browser 2.62 allows remote ...)
+CVE-2006-6992
 	NOT-FOR-US: GoSuRF Browser
-CVE-2006-6991 (Cross-domain vulnerability in Fast Browser Pro 8.1 allows remote ...)
+CVE-2006-6991
 	NOT-FOR-US: Fast Browser Pro
-CVE-2006-6990 (Cross-domain vulnerability in Enigma Browser 3.8.8 allows remote ...)
+CVE-2006-6990
 	NOT-FOR-US: Enigma Browser
-CVE-2006-6989 (Cross-domain vulnerability in NetCaptor 4.5.7 Personal Edition allows ...)
+CVE-2006-6989
 	NOT-FOR-US: NetCaptor
-CVE-2006-6988 (Cross-domain vulnerability in Slim Browser 4.07 build 100 allows ...)
+CVE-2006-6988
 	NOT-FOR-US: Slim Browser
-CVE-2006-6987 (Cross-domain vulnerability in FineBrowser Freeware 3.2.2 allows remote ...)
+CVE-2006-6987
 	NOT-FOR-US: FineBrowser Freeware
-CVE-2006-6986 (Cross-domain vulnerability in PhaseOut 5.4.4 allows remote attackers ...)
+CVE-2006-6986
 	NOT-FOR-US: PhaseOut
-CVE-2006-6985 (Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote ...)
+CVE-2006-6985
 	NOT-FOR-US: Maxthon
-CVE-2006-6984 (Cross-domain vulnerability in GreenBrowser 3.4.0622 allows remote ...)
+CVE-2006-6984
 	NOT-FOR-US: GreenBrowser
-CVE-2006-6983 (Cross-domain vulnerability in MYweb4net Browser 3.8.8.0 allows remote ...)
+CVE-2006-6983
 	NOT-FOR-US: MYweb4net Browser
-CVE-2006-6982 (3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic ...)
+CVE-2006-6982
 	NOT-FOR-US: 3proxy
-CVE-2006-6981 (3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows ...)
+CVE-2006-6981
 	NOT-FOR-US: 3proxy
-CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a ...)
+CVE-2006-6980
 	- amarok 1.4.4-4 (bug #410850; unimportant)
 	NOTE: This could only be exploited through the Magnatune shop
-CVE-2006-6979 (The ruby handlers in the Magnatune component in Amarok do not properly ...)
+CVE-2006-6979
 	- amarok 1.4.4-1 (bug #410850; low)
 	[sarge] - amarok <not-affected> (Vulnerable code not present)
-CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the &quot;Basic Toolbar ...)
+CVE-2006-6978
 	NOT-FOR-US: FCKEditor
-CVE-2006-6977 (Cross-site scripting (XSS) vulnerability in the &quot;Basic Toolbar ...)
+CVE-2006-6977
 	NOT-FOR-US: FreeTextBox
-CVE-2006-6976 (PHP remote file inclusion vulnerability in centipaid_class.php in ...)
+CVE-2006-6976
 	NOT-FOR-US: CentiPaid
-CVE-2006-6975 (** DISPUTED ** ...)
+CVE-2006-6975
 	NOT-FOR-US: CentiPaid
-CVE-2006-6974 (Headstart Solutions DeskPRO stores sensitive information under the web ...)
+CVE-2006-6974
 	NOT-FOR-US: DeskPRO
-CVE-2006-6973 (Headstart Solutions DeskPRO does not require authentication for ...)
+CVE-2006-6973
 	NOT-FOR-US: DeskPRO
-CVE-2006-6972 (SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows ...)
+CVE-2006-6972
 	NOT-FOR-US: BtitTracker
-CVE-2006-6971 (Mozilla Firefox 2.0, possibly only when running on Windows, allows ...)
+CVE-2006-6971
 	- iceweasel <not-affected> (Windows only)
-CVE-2006-6970 (Opera 9.10 Final allows remote attackers to bypass the Fraud ...)
+CVE-2006-6970
 	NOT-FOR-US: Opera
-CVE-2006-6969 (Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 ...)
+CVE-2006-6969
 	- jetty 5.1.10-4 (medium; bug #445283)
 	NOTE: http://jetty.cvs.sourceforge.net/jetty/Jetty/src/org/mortbay/jetty/servlet/AbstractSessionManager.java?r1=1.52&r2=1.53&view=patch
-CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group moderation ...)
+CVE-2006-6968
 	NOT-FOR-US: Phorum
 CVE-2006-6967
 	REJECTED
-CVE-2006-6966 (phpGraphy before 0.9.13a does not properly unset variables when the ...)
+CVE-2006-6966
 	NOT-FOR-US: phpGraphy
-CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki ...)
+CVE-2006-6965
 	- dokuwiki 0.0.20061106-1 (low)
-CVE-2006-6964 (MailEnable Professional before 1.78 provides a cleartext user password ...)
+CVE-2006-6964
 	NOT-FOR-US: MailEnable
-CVE-2006-6963 (Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 ...)
+CVE-2006-6963
 	NOT-FOR-US: Docebo
-CVE-2006-6962 (PHP remote file inclusion vulnerability in rsgallery2.html.php in the ...)
+CVE-2006-6962
 	NOT-FOR-US: RS Gallery2
-CVE-2006-6961 (WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on ...)
+CVE-2006-6961
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2006-6960 (The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier ...)
+CVE-2006-6960
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2006-6959 (WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the ...)
+CVE-2006-6959
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2006-6958 (Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon ...)
+CVE-2006-6958
 	NOT-FOR-US: phpBlueDragon CMS
-CVE-2006-6957 (PHP remote file inclusion vulnerability in addons/mod_media/body.php ...)
+CVE-2006-6957
 	NOT-FOR-US: Docebo
-CVE-2006-6956 (Microsoft Internet Explorer allows remote attackers to cause a denial ...)
+CVE-2006-6956
 	NOT-FOR-US: Microsoft
-CVE-2006-6955 (Opera allows remote attackers to cause a denial of service ...)
+CVE-2006-6955
 	NOT-FOR-US: Opera
-CVE-2006-6954 (Flock beta 1 0.7 allows remote attackers to cause a denial of service ...)
+CVE-2006-6954
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
 	NOTE: Tested the proof of concept in iceweasel 2.0.0.1 and it crash.
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=239840
-CVE-2006-6953 (The virtual keyboard implementation in GlobeTrotter Mobility Manager ...)
+CVE-2006-6953
 	NOT-FOR-US: GlobeTrotter Mobility Manager
-CVE-2006-6952 (Computer Associates Host Intrusion Prevention System (HIPS) drivers ...)
+CVE-2006-6952
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2006-6951 (Cross-site scripting (XSS) vulnerability in blog.php in OdysseusBlog ...)
+CVE-2006-6951
 	NOT-FOR-US: Odysseus Blog
-CVE-2006-6950 (Directory traversal vulnerability in Conti FTPServer 1.0 Build 2.8 ...)
+CVE-2006-6950
 	NOT-FOR-US: Conti FtpServer
-CVE-2006-6949 (Conti FTPServer 1.0 Build 2.8 stores user passwords in cleartext in ...)
+CVE-2006-6949
 	NOT-FOR-US: Conti FtpServer
-CVE-2006-6948 (MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 ...)
+CVE-2006-6948
 	NOT-FOR-US: JVN
-CVE-2006-6947 (The FTP server in the NEC MultiWriter 1700C allows remote attackers to ...)
+CVE-2006-6947
 	NOT-FOR-US: NEC
-CVE-2006-6946 (The web server in the NEC MultiWriter 1700C allows remote attackers to ...)
+CVE-2006-6946
 	NOT-FOR-US: NEC
-CVE-2006-6945 (SQL injection vulnerability in Virtuemart 1.0.7 allows remote ...)
+CVE-2006-6945
 	NOT-FOR-US: VirtueMart
-CVE-2006-6944 (phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...)
+CVE-2006-6944
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.9.1.1-2 (medium)
-CVE-2006-6943 (PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...)
+CVE-2006-6943
 	- phpmyadmin 4:2.9.1.1-2 (unimportant)
 	NOTE: Only path disclosure
-CVE-2006-6942 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin ...)
+CVE-2006-6942
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.9.1.1-2 (medium)
 	NOTE: All versions 2.9.1 is vulnerable, solution is 2.9.1.1 or newer.
-CVE-2006-6941 (index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to ...)
+CVE-2006-6941
 	NOT-FOR-US: FreeWebshop
-CVE-2006-6940 (Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP ...)
+CVE-2006-6940
 	NOT-FOR-US: OWA
-CVE-2006-6939 (GNU ed before 0.3 allows local users to overwrite arbitrary files via ...)
+CVE-2006-6939
 	- ed 0.2-19
-CVE-2006-6938 (Directory traversal vulnerability in includes/common.php in NitroTech ...)
+CVE-2006-6938
 	NOT-FOR-US: NitroTech CMS
-CVE-2006-6937 (SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo ...)
+CVE-2006-6937
 	NOT-FOR-US: ASP Photo Gallery
-CVE-2006-6936 (Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery ...)
+CVE-2006-6936
 	NOT-FOR-US: ASP Photo Gallery
-CVE-2006-6935 (SQL injection vulnerability in the login component in Portix-PHP 0.4.2 ...)
+CVE-2006-6935
 	NOT-FOR-US: Portix
-CVE-2006-6934 (Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP ...)
+CVE-2006-6934
 	NOT-FOR-US: Portix
-CVE-2006-6933 (Easy Chat Server 2.1 stores sensitive information under the web root ...)
+CVE-2006-6933
 	NOT-FOR-US: Easy Chat Server
-CVE-2006-6932 (Multiple SQL injection vulnerabilities in Image Gallery with Access ...)
+CVE-2006-6932
 	NOT-FOR-US: Image Gallery
-CVE-2006-6931 (Algorithmic complexity vulnerability in Snort before 2.6.1, during ...)
+CVE-2006-6931
 	- snort 2.7.0-1 (low; bug #407421)
 	[sarge] - snort <no-dsa> (Minor issue)
 	[etch] - snort <no-dsa> (Minor issue)
-CVE-2006-6930 (SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 ...)
+CVE-2006-6930
 	NOT-FOR-US: Rapid Classified
-CVE-2006-6929 (Multiple cross-site scripting (XSS) vulnerabilities in Rapid ...)
+CVE-2006-6929
 	NOT-FOR-US: Rapid Classified
-CVE-2006-6928 (Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 ...)
+CVE-2006-6928
 	NOT-FOR-US: Rialto
-CVE-2006-6927 (Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote ...)
+CVE-2006-6927
 	NOT-FOR-US: Rialto
-CVE-2006-6926 (Buffer overflow in eXtremail 2.1 has unknown impact and attack ...)
+CVE-2006-6926
 	NOT-FOR-US: eXtremail
-CVE-2006-6925 (Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 ...)
+CVE-2006-6925
 	NOT-FOR-US: bitweaver
-CVE-2006-6924 (bitweaver 1.3.1 and earlier allows remote attackers to obtain ...)
+CVE-2006-6924
 	NOT-FOR-US: bitweaver
-CVE-2006-6923 (SQL injection vulnerability in newsletters/edition.php in bitweaver ...)
+CVE-2006-6923
 	NOT-FOR-US: bitweaver
-CVE-2006-6922 (SQL injection vulnerability in Deadlock User Management System ...)
+CVE-2006-6922
 	NOT-FOR-US: Deadlock
-CVE-2006-6921 (Unspecified versions of the Linux kernel allow local users to cause a ...)
+CVE-2006-6921
 	- linux-2.6 2.6.18-1 (low)
-CVE-2006-6920 (Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows ...)
+CVE-2006-6920
 	NOT-FOR-US: Nucleus
-CVE-2006-6919 (Firefox Sage extension 1.3.8 and earlier allows remote attackers to ...)
+CVE-2006-6919
 	- firefox-sage 1.3.6-3
 	NOTE: 1.3.6-3 disabled HTML mode entirely
-CVE-2006-6918 (Unspecified vulnerability in the Admin login for Georgian discussion ...)
+CVE-2006-6918
 	NOT-FOR-US: GeoBB
-CVE-2006-6917 (Multiple buffer overflows in Computer Associates (CA) BrightStor ...)
+CVE-2006-6917
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2006-6916 (Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to ...)
+CVE-2006-6916
 	NOT-FOR-US: Getahead
-CVE-2006-6915 (ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to ...)
+CVE-2006-6915
 	NOT-FOR-US: IBM
-CVE-2006-6914 (Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows ...)
+CVE-2006-6914
 	NOT-FOR-US: IBM
-CVE-2006-6913 (Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote ...)
+CVE-2006-6913
 	NOT-FOR-US: phpMyFAQ
-CVE-2006-6912 (SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows ...)
+CVE-2006-6912
 	NOT-FOR-US: phpMyFAQ
-CVE-2006-6911 (SQL injection vulnerability in search.asp in Digitizing Quote And ...)
+CVE-2006-6911
 	NOT-FOR-US: DIGITIZING QUOTE AND ORDERING SYSTEM
-CVE-2006-6910 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO ...)
+CVE-2006-6910
 	NOT-FOR-US: Fersch Formbankserver
-CVE-2006-6909 (Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka ...)
+CVE-2006-6909
 	NOT-FOR-US: Karl Dahlke Edbrowse
-CVE-2006-6908 (Buffer overflow in the Bluetooth Stack COM Server in the Widcomm ...)
+CVE-2006-6908
 	NOT-FOR-US: Bluetooth Stack COM Server (Windows)
-CVE-2006-6907 (Unspecified vulnerability in the Bluesoil Bluetooth stack has unknown ...)
+CVE-2006-6907
 	NOT-FOR-US: Bluesoil Bluetooth
-CVE-2006-6906 (Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and ...)
+CVE-2006-6906
 	NOT-FOR-US: Bluetooth stack on Mac OS
-CVE-2006-6905 (Unspecified vulnerability in the Widcomm Bluetooth stack allows remote ...)
+CVE-2006-6905
 	NOT-FOR-US: Widcomm Bluetooth
-CVE-2006-6904 (Unspecified vulnerability in the Broadcom Bluetooth stack allows ...)
+CVE-2006-6904
 	NOT-FOR-US: Broadcom
-CVE-2006-6903 (Unspecified vulnerability in the Toshiba Bluetooth stack allows remote ...)
+CVE-2006-6903
 	NOT-FOR-US: Toshiba Bluetooth stack
-CVE-2006-6902 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows ...)
+CVE-2006-6902
 	NOT-FOR-US: Windows Mobile
-CVE-2006-6901 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows ...)
+CVE-2006-6901
 	NOT-FOR-US: Microsoft Windows
-CVE-2006-6900 (Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 ...)
+CVE-2006-6900
 	NOT-FOR-US: Mac OS
-CVE-2006-6899 (hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to ...)
+CVE-2006-6899
 	- bluez-utils 3.7-1 (bug #408889; medium)
-CVE-2006-6898 (Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote ...)
+CVE-2006-6898
 	NOT-FOR-US: Widcomm Bluetooth
-CVE-2006-6897 (Directory traversal vulnerability in Widcomm Bluetooth for Windows ...)
+CVE-2006-6897
 	NOT-FOR-US: Widcomm Bluetooth
-CVE-2006-6896 (The Bluetooth stack in the Plantronic Headset does not properly ...)
+CVE-2006-6896
 	NOT-FOR-US: Plantronic Headset
-CVE-2006-6895 (The Bluetooth stack in the Sony Ericsson T60 does not properly ...)
+CVE-2006-6895
 	NOT-FOR-US: Sony Ericsson T60
-CVE-2006-6894 (Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown ...)
+CVE-2006-6894
 	NOT-FOR-US: SPINE
-CVE-2006-6893 (Tor allows remote attackers to discover the IP address of a hidden ...)
+CVE-2006-6893
 	- tor <unfixed> (unimportant)
 	NOTE: It could be argued that this is a laws-of-physics vulnerability
 	NOTE: that is a fundamental design limitation of certain hardware
 	NOTE: implementations.
-CVE-2006-6892 (Cross-site scripting (XSS) vulnerability in the GetLocation function ...)
+CVE-2006-6892
 	NOT-FOR-US: Jonathon J. Freeman OvBB
-CVE-2006-6891 (Vz (Adp) Forum 2.0.3 stores sensitive information under the web root ...)
+CVE-2006-6891
 	NOT-FOR-US: Vz Scripts ADP Forum
-CVE-2006-6890 (Voodoo chat 1.0RC1b stores sensitive information under the web root ...)
+CVE-2006-6890
 	NOT-FOR-US: Voodoo chat
-CVE-2006-6889 (FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information ...)
+CVE-2006-6889
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2006-6888 (P-News 1.16 and 1.17 store sensitive information under the web root ...)
+CVE-2006-6888
 	NOT-FOR-US: P-News
-CVE-2006-6887 (Unrestricted file upload vulnerability in logahead UNU 1.0 allows ...)
+CVE-2006-6887
 	NOT-FOR-US: logahead UNU
-CVE-2006-6886 (phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive ...)
+CVE-2006-6886
 	NOT-FOR-US: phpwcms
-CVE-2006-6885 (An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows ...)
+CVE-2006-6885
 	- flashplugin-nonfree <not-affected> (Windows-specific)
-CVE-2006-6884 (Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka ...)
+CVE-2006-6884
 	NOT-FOR-US: Sky Software
-CVE-2006-6883 (** DISPUTED ** ...)
+CVE-2006-6883
 	NOT-FOR-US: PHPIrc_bot
-CVE-2006-6882 (Cross-site scripting (XSS) vulnerability in golden book allows remote ...)
+CVE-2006-6882
 	NOT-FOR-US: Golden Book
-CVE-2006-6881 (Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux ...)
+CVE-2006-6881
 	NOT-FOR-US: ATMEL WLAN drivers
-CVE-2006-6880 (Multiple SQL injection vulnerabilities in code/guestadd.php in ...)
+CVE-2006-6880
 	NOT-FOR-US: PHP-Update
-CVE-2006-6879 (Unrestricted file upload vulnerability in admin/uploads.php in ...)
+CVE-2006-6879
 	NOT-FOR-US: PHP-Update
-CVE-2006-6878 (admin/uploads.php in PHP-Update 2.7 and earlier allows remote ...)
+CVE-2006-6878
 	NOT-FOR-US: PHP-Update
-CVE-2006-6877 (Directory traversal vulnerability in index.php in Matteo Lucarelli ...)
+CVE-2006-6877
 	NOT-FOR-US: Matteo Lucarelli 3editor
-CVE-2006-6876 (Buffer overflow in the fetchsms function in the SMS handling module ...)
+CVE-2006-6876
 	- openser 1.1.1-1 (medium)
 	[etch] - openser 1.1.0-9etch1
 	NOTE: http://web.archive.org/web/20151126200215/http://www.openser.org/pub/openser/1.1.1/ChangeLog
-CVE-2006-6875 (Buffer overflow in the validateospheader function in the Open ...)
+CVE-2006-6875
 	- openser 1.1.1-1 (medium)
 	[etch] - openser 1.1.0-9etch1
 	NOTE: http://web.archive.org/web/20151126200215/http://www.openser.org/pub/openser/1.1.1/ChangeLog
-CVE-2006-6874 (Multiple cross-site scripting (XSS) vulnerabilities in friend.php in ...)
+CVE-2006-6874
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6873 (Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 ...)
+CVE-2006-6873
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6872 (Directory traversal vulnerability in mod.php in eNdonesia 8.4 allows ...)
+CVE-2006-6872
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6871 (Multiple cross-site scripting (XSS) vulnerabilities in eNdonesia 8.4 ...)
+CVE-2006-6871
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6869 (Directory traversal vulnerability in ...)
+CVE-2006-6869
 	NOT-FOR-US: MAXdev
-CVE-2006-6868 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web ...)
+CVE-2006-6868
 	NOT-FOR-US: Zen Cart
-CVE-2006-6867 (Multiple PHP remote file inclusion vulnerabilities in Vladimir ...)
+CVE-2006-6867
 	NOT-FOR-US: buratinable templator (aka bubla)
-CVE-2006-6866 (STphp EasyNews PRO 4.0 stores sensitive information under the web root ...)
+CVE-2006-6866
 	NOT-FOR-US: Ahead4
-CVE-2006-6865 (Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp ...)
+CVE-2006-6865
 	NOT-FOR-US: Softartisans
-CVE-2006-6864 (PHP remote file inclusion vulnerability in E2_header.inc.php in ...)
+CVE-2006-6864
 	NOT-FOR-US: Enigma2
-CVE-2006-6863 (** DISPUTED ** ...)
+CVE-2006-6863
 	NOT-FOR-US: Enigma2
-CVE-2006-6862 (Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky ...)
+CVE-2006-6862
 	NOT-FOR-US: Outfront Spooky Login
-CVE-2006-6861 (Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 ...)
+CVE-2006-6861
 	NOT-FOR-US: Outfront Spooky Login
-CVE-2006-6860 (Buffer overflow in the sendToMythTV function in MythControlServer.c in ...)
+CVE-2006-6860
 	NOT-FOR-US: MythControl
-CVE-2006-6859 (SQL injection vulnerability in coupon_detail.asp in Website Designs ...)
+CVE-2006-6859
 	NOT-FOR-US: Website Designs for Less
 CVE-2006-XXXX [ssmtp password leak]
 	- ssmtp 2.61-10.1 (bug #369542; low)
-CVE-2006-6870 (The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 ...)
+CVE-2006-6870
 	- avahi 0.6.16-1 (low)
-CVE-2006-6858 (Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo ...)
+CVE-2006-6858
 	- miredo 1.0.4-2 (bug #405412; bug #405111; medium)
-CVE-2006-6857 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-6857
 	NOT-FOR-US: Docebo LMS
-CVE-2006-6856 (Direct static code injection vulnerability in WebText CMS 0.4.5.2 and ...)
+CVE-2006-6856
 	NOT-FOR-US: WebText CMS
-CVE-2006-6855 (AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to ...)
+CVE-2006-6855
 	NOT-FOR-US: AIDeX Mini-WebServer
-CVE-2006-6854 (The qcamvc_video_init function in qcamvc.c in De Marchi Daniele ...)
+CVE-2006-6854
 	NOT-FOR-US: QuickCam VC (linux-uvc and qc-usb in Debian are not related)
-CVE-2006-6853 (Buffer overflow in Durian Web Application Server 3.02 freeware on ...)
+CVE-2006-6853
 	NOT-FOR-US: Durian Web Application Server
-CVE-2006-6852 (Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 ...)
+CVE-2006-6852
 	- tdiary 2.0.2+20060303-5 (bug #403345; bug #404940; medium)
-CVE-2006-6851 (Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php ...)
+CVE-2006-6851
 	NOT-FOR-US: ac4p Mobilelib gold
-CVE-2006-6850 (PHP remote file inclusion vulnerability in include.php in the Roster ...)
+CVE-2006-6850
 	NOT-FOR-US: Shadowed Portal / Roster Module
-CVE-2006-6849 (administration/index.php in Cahier de texte (CDT) 2.2 does not ...)
+CVE-2006-6849
 	NOT-FOR-US: Cahier de texte (CDT)
-CVE-2006-6848 (SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows ...)
+CVE-2006-6848
 	NOT-FOR-US: ASPTicker
-CVE-2006-6847 (An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 ...)
+CVE-2006-6847
 	NOT-FOR-US: RealPlayer for Windows
-CVE-2006-6846 (Multiple SQL injection vulnerabilities in While You Were Out (WYWO) ...)
+CVE-2006-6846
 	NOT-FOR-US: WYWO - InOut Board
-CVE-2006-6845 (Cross-site scripting (XSS) vulnerability in index.php in CMS Made ...)
+CVE-2006-6845
 	NOT-FOR-US: CMS Made Simple
-CVE-2006-6844 (Cross-site scripting (XSS) vulnerability in the optional user comment ...)
+CVE-2006-6844
 	NOT-FOR-US: CMS Made Simple
-CVE-2006-6843 (PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 ...)
+CVE-2006-6843
 	NOT-FOR-US: EasyPartner component for Joomla!
-CVE-2006-6842 (SQL injection vulnerability in admin/admin_acronyms.php in the Acronym ...)
+CVE-2006-6842
 	NOT-FOR-US: Acronym Mod for phpBB2
-CVE-2006-6841 (Certain forms in phpBB before 2.0.22 lack session checks, which has ...)
+CVE-2006-6841
 	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
-CVE-2006-6840 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
+CVE-2006-6840
 	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
-CVE-2006-6839 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
+CVE-2006-6839
 	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
-CVE-2006-6838 (Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to ...)
+CVE-2006-6838
 	NOT-FOR-US: Rediff Bol Downloader ActiveX (OCX) control
-CVE-2006-6837 (Multiple stack-based buffer overflows in the (1) LoadTree, (2) ...)
+CVE-2006-6837
 	NOT-FOR-US: Total Commander
-CVE-2006-6836 (Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 ...)
+CVE-2006-6836
 	NOT-FOR-US: IBM
-CVE-2006-6835 (SQL injection vulnerability in Journal.inc.php in Neocrome Land Down ...)
+CVE-2006-6835
 	NOT-FOR-US: Land Down Under
-CVE-2006-6834 (Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have ...)
+CVE-2006-6834
 	NOT-FOR-US: Joomla!
-CVE-2006-6833 (com_categories in Joomla! before 1.0.12 does not validate input, which ...)
+CVE-2006-6833
 	NOT-FOR-US: Joomla!
-CVE-2006-6832 (Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 ...)
+CVE-2006-6832
 	NOT-FOR-US: Joomla!
-CVE-2006-6831 (SQL injection vulnerability in faqDsp.asp in aFAQ 1.0 allows remote ...)
+CVE-2006-6831
 	NOT-FOR-US: aFAQ
-CVE-2006-6830 (PHP remote file inclusion vulnerability in b2verifauth.php in b2 Blog ...)
+CVE-2006-6830
 	NOT-FOR-US: b2 Blog
-CVE-2006-6829 (Efkan Forum 1.0 and earlier store sensitive information under the web ...)
+CVE-2006-6829
 	NOT-FOR-US: Efkan Forum
-CVE-2006-6828 (Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and earlier ...)
+CVE-2006-6828
 	NOT-FOR-US: Efkan Forum
-CVE-2006-6827 (Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a ...)
+CVE-2006-6827
 	- flashplugin-nonfree <not-affected> (Windows-specific)
-CVE-2006-6826 (Unspecified vulnerability in the tab editor for Personal .NET Portal ...)
+CVE-2006-6826
 	NOT-FOR-US: Personal .NET Portal
-CVE-2006-6825 (Calendar MX BASIC 1.0.2 and earlier store sensitive information under ...)
+CVE-2006-6825
 	NOT-FOR-US: Calendar MX
-CVE-2006-6824 (Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad ...)
+CVE-2006-6824
 	NOT-FOR-US: iCalendar
-CVE-2006-6823 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6823
 	NOT-FOR-US: Yrch!
-CVE-2006-6822 (myprofile.asp in Enthrallweb eClassifieds does not properly validate ...)
+CVE-2006-6822
 	NOT-FOR-US: Enthrallweb eClassifieds
-CVE-2006-6821 (myprofile.asp in Enthrallweb eNews does not properly validate the ...)
+CVE-2006-6821
 	NOT-FOR-US: Enthrallweb eNews
-CVE-2006-6820 (myprofile.asp in Enthrallweb eCoupons does not properly validate the ...)
+CVE-2006-6820
 	NOT-FOR-US: Enthrallweb eCoupons
-CVE-2006-6819 (AlstraSoft Web Host Directory stores sensitive information under the ...)
+CVE-2006-6819
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-6818 (AlstraSoft Web Host Directory allows remote attackers to bypass ...)
+CVE-2006-6818
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-6817 (AlstraSoft Web Host Directory allows remote attackers to obtain ...)
+CVE-2006-6817
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-6816 (Multiple SQL injection vulnerabilities in DMXReady Secure Login ...)
+CVE-2006-6816
 	NOT-FOR-US: DMXReady Secure Login Manager
-CVE-2006-6815 (Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure ...)
+CVE-2006-6815
 	NOT-FOR-US: DMXReady Secure Login Manager
-CVE-2006-6814 (Directory traversal vulnerability in FolderManager/FolderManager.aspx ...)
+CVE-2006-6814
 	NOT-FOR-US: Hosting Controller
-CVE-2006-6813 (SQL injection vulnerability in detail.asp in Mxmania File Upload ...)
+CVE-2006-6813
 	NOT-FOR-US: Mxmania File Upload Manager
-CVE-2006-6812 (Multiple PHP remote file inclusion vulnerabilities in myPHPCalendar ...)
+CVE-2006-6812
 	NOT-FOR-US: myPHPCalendar
-CVE-2006-6811 (KsIRC 1.3.12 allows remote attackers to cause a denial of service ...)
+CVE-2006-6811
 	- kdenetwork 4:3.5.5-4 (low; bug #405828)
 	[sarge] - kdenetwork <no-dsa> (Minor issue)
-CVE-2006-6810 (Unspecified vulnerability in the clear_user_list function in ...)
+CVE-2006-6810
 	NOT-FOR-US: DB Hub
-CVE-2006-6809 (Multiple PHP remote file inclusion vulnerabilities in process.php in ...)
+CVE-2006-6809
 	NOT-FOR-US: buratinable templator (aka bubla)
-CVE-2006-6808 (Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in ...)
+CVE-2006-6808
 	- wordpress 2.0.6-1 (bug #405299)
-CVE-2006-6807 (SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda ...)
+CVE-2006-6807
 	NOT-FOR-US: Ananda Real Estate
-CVE-2006-6806 (SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates ...)
+CVE-2006-6806
 	NOT-FOR-US: Enthrallweb eMates
-CVE-2006-6805 (SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs ...)
+CVE-2006-6805
 	NOT-FOR-US: Enthrallweb eJobs
-CVE-2006-6804 (SQL injection vulnerability in bus_details.asp in Dragon Business ...)
+CVE-2006-6804
 	NOT-FOR-US: Dragon Business Directory - Pro
-CVE-2006-6803 (SQL injection vulnerability in Types.asp in Enthrallweb eCars 1.0 ...)
+CVE-2006-6803
 	NOT-FOR-US: Enthrallweb eCars
-CVE-2006-6802 (SQL injection vulnerability in actualpic.asp in Enthrallweb ePages ...)
+CVE-2006-6802
 	NOT-FOR-US: Enthrallweb ePages
-CVE-2006-6801 (PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, ...)
+CVE-2006-6801
 	NOT-FOR-US: SH-News
-CVE-2006-6800 (PHP remote file inclusion in eventcal/mod_eventcal.php in the event ...)
+CVE-2006-6800
 	NOT-FOR-US: Limbo CMS
-CVE-2006-6799 (SQL injection vulnerability in Cacti 0.8.6i and earlier, when ...)
+CVE-2006-6799
 	{DSA-1250-1}
 	- cacti 0.8.6i-3 (bug #404818; high)
 CVE-2006-6798
 	RESERVED
-CVE-2006-6797 (The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows ...)
+CVE-2006-6797
 	NOT-FOR-US: Microsoft
-CVE-2006-6796 (PHP remote file inclusion vulnerability in admin/admin_settings.php in ...)
+CVE-2006-6796
 	NOT-FOR-US: MTCMS
-CVE-2006-6795 (PHP remote file inclusion vulnerability in gallery/displayCategory.php ...)
+CVE-2006-6795
 	NOT-FOR-US: myPHPNuke
-CVE-2006-6794 (SQL injection vulnerability in default.asp in Efkan Forum 1.0 allows ...)
+CVE-2006-6794
 	NOT-FOR-US: Efkan Forum
-CVE-2006-6793 (PHP remote file inclusion vulnerability in ataturk.php in Okul Merkezi ...)
+CVE-2006-6793
 	NOT-FOR-US: Okul Merkezi Portal
-CVE-2006-6792 (SQL injection vulnerability in calendar_detail.asp in Calendar MX ...)
+CVE-2006-6792
 	NOT-FOR-US: Calendar MX
-CVE-2006-6791 (SQL injection vulnerability in SelGruFra.asp in chatwm 1.0 allows ...)
+CVE-2006-6791
 	NOT-FOR-US: chatwm
-CVE-2006-6790 (Direct static code injection vulnerability in chat/login.php in ...)
+CVE-2006-6790
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-6789 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6789
 	NOT-FOR-US: Phpbbxtra
-CVE-2006-6788 (Multiple PHP remote file inclusion vulnerabilities in LuckyBot 3 allow ...)
+CVE-2006-6788
 	NOT-FOR-US: LuckyBot
-CVE-2006-6787 (SQL injection vulnerability in admin/admin_mail_adressee.asp in ...)
+CVE-2006-6787
 	NOT-FOR-US: Newsletter MX
-CVE-2006-6786 (Open Newsletter 2.5 and earlier allows remote authenticated ...)
+CVE-2006-6786
 	NOT-FOR-US: Open Newsletter
-CVE-2006-6785 (The (1) settings.php and (2) subscribers.php scripts in Open ...)
+CVE-2006-6785
 	NOT-FOR-US: Open Newsletter
-CVE-2006-6784 (SQL injection vulnerability in Netbula Anyboard allows remote ...)
+CVE-2006-6784
 	NOT-FOR-US: Netbula Anyboard
-CVE-2006-6783 (logahead UNU 1.0 before 20061226 allows remote attackers to upload ...)
+CVE-2006-6783
 	NOT-FOR-US: logahead UNU
-CVE-2006-6782 (Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28 and ...)
+CVE-2006-6782
 	NOT-FOR-US: pnamazu
-CVE-2006-6781 (HLstats 1.20 through 1.34 allows remote attackers to obtain sensitive ...)
+CVE-2006-6781
 	NOT-FOR-US: HLstats
-CVE-2006-6780 (SQL injection vulnerability in the login form in HLstats 1.20 through ...)
+CVE-2006-6780
 	NOT-FOR-US: HLstats
-CVE-2006-6779 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows ...)
+CVE-2006-6779
 	NOT-FOR-US: vBulletin
-CVE-2006-6778 (Cross-site scripting (XSS) vulnerability in shownews.php in TimberWolf ...)
+CVE-2006-6778
 	NOT-FOR-US: TimberWolf
-CVE-2006-6777 (Cross-site scripting (XSS) vulnerability in index.cfm in Future ...)
+CVE-2006-6777
 	NOT-FOR-US: Future Internet
-CVE-2006-6776 (Multiple SQL injection vulnerabilities in Future Internet allow remote ...)
+CVE-2006-6776
 	NOT-FOR-US: Future Internet
-CVE-2006-6775 (acFTP 1.5 allows remote authenticated users to cause a denial of ...)
+CVE-2006-6775
 	NOT-FOR-US: acFTP
-CVE-2006-6774 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6774
 	NOT-FOR-US: Content Federator
-CVE-2006-6773 (pages/register/register.php in Fishyshoop 0.930 beta allows remote ...)
+CVE-2006-6773
 	NOT-FOR-US: Fishyshoop
-CVE-2006-6772 (Format string vulnerability in the inputAnswer function in file.c in ...)
+CVE-2006-6772
 	- w3m 0.5.1-5.1 (bug #404564; low)
 	- w3mmee <not-affected> (Does not include this format string vuln in the code)
 	[sarge] - w3m <no-dsa> (Minor issue, only exploitable in dump mode)
-CVE-2006-6771 (Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 ...)
+CVE-2006-6771
 	NOT-FOR-US: Irokez CMS
-CVE-2006-6770 (Multiple PHP remote file inclusion vulnerabilities in Jinzora Media ...)
+CVE-2006-6770
 	NOT-FOR-US: Jinzora Media Jukebox
-CVE-2006-6769 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 ...)
+CVE-2006-6769
 	NOT-FOR-US: PHP Live!
-CVE-2006-6768 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+CVE-2006-6768
 	NOT-FOR-US: PWP Technologies The Classified Ad System
-CVE-2006-6767 (oftpd before 0.3.7 allows remote attackers to cause a denial of ...)
+CVE-2006-6767
 	- oftpd <removed>
-CVE-2006-6766 (Multiple SQL injection vulnerabilities in cwmExplorer 1.1.0 and ...)
+CVE-2006-6766
 	NOT-FOR-US: cwmExplorer
-CVE-2006-6765 (Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php ...)
+CVE-2006-6765
 	NOT-FOR-US: Pagetool
-CVE-2006-6764 (PHP remote file inclusion vulnerability in authenticate.php in Keep It ...)
+CVE-2006-6764
 	NOT-FOR-US: Keep It Simple Guest Book (KISGB)
-CVE-2006-6763 (Multiple PHP remote file inclusion vulnerabilities in the Keep It ...)
+CVE-2006-6763
 	NOT-FOR-US: Keep It Simple Guest Book (KISGB)
-CVE-2006-6762 (The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows ...)
+CVE-2006-6762
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6761 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell ...)
+CVE-2006-6761
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6760 (Multiple PHP remote file inclusion vulnerabilities in template.php in ...)
+CVE-2006-6760
 	NOT-FOR-US: phpMyAnime (aka phpmymanga)
-CVE-2006-6759 (A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer ...)
+CVE-2006-6759
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2006-6758 (Directory traversal vulnerability in Http explorer 1.02 allows remote ...)
+CVE-2006-6758
 	NOT-FOR-US: Http explorer
-CVE-2006-6757 (Directory traversal vulnerability in index.php in cwmExplorer 1.0 ...)
+CVE-2006-6757
 	NOT-FOR-US: cwmExplorer
-CVE-2006-6756 (The code function in install.fct.php in Ixprim 1.2 produces a ...)
+CVE-2006-6756
 	NOT-FOR-US: Ixprim
-CVE-2006-6755 (Ixprim 1.2 allows remote attackers to obtain sensitive information via ...)
+CVE-2006-6755
 	NOT-FOR-US: Ixprim
-CVE-2006-6754 (Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote ...)
+CVE-2006-6754
 	NOT-FOR-US: Ixprim
-CVE-2006-6753 (Event Viewer (eventvwr.exe) in Microsoft Windows does not properly ...)
+CVE-2006-6753
 	NOT-FOR-US: Microsoft
-CVE-2006-6752 (Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain ...)
+CVE-2006-6752
 	NOT-FOR-US: FTPRush
-CVE-2006-6751 (Format string vulnerability in XM Easy Personal FTP Server 5.2.1 ...)
+CVE-2006-6751
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2006-6750 (Format string vulnerability in XM Easy Personal FTP Server 5.0.1 ...)
+CVE-2006-6750
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2006-6748 (PHP remote file inclusion vulnerability in i-accueil.php in Newxooper ...)
+CVE-2006-6748
 	NOT-FOR-US: Newxooper
-CVE-2006-6747 (SQL injection vulnerability in show_news.php in Xt-News 0.1 allows ...)
+CVE-2006-6747
 	NOT-FOR-US: Xt-News
-CVE-2006-6746 (Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 ...)
+CVE-2006-6746
 	NOT-FOR-US: Xt-News
-CVE-2006-6745 (Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) ...)
+CVE-2006-6745
 	- sun-java5 1.5.0-08-1
-CVE-2006-6744 (phpProfiles before 2.1.1 does not have an index.php or other index ...)
+CVE-2006-6744
 	NOT-FOR-US: phpProfiles
-CVE-2006-6743 (phpProfiles before 2.1.1 uses world writable permissions for certain ...)
+CVE-2006-6743
 	NOT-FOR-US: phpProfiles
-CVE-2006-6742 (Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP ...)
+CVE-2006-6742
 	NOT-FOR-US: HP
-CVE-2006-6741 (Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal ...)
+CVE-2006-6741
 	NOT-FOR-US: MKPortal
-CVE-2006-6740 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles ...)
+CVE-2006-6740
 	NOT-FOR-US: phpProfiles
-CVE-2006-6739 (PHP remote file inclusion vulnerability in buycd.php in Paristemi ...)
+CVE-2006-6739
 	NOT-FOR-US: Paristemi
-CVE-2006-6738 (PHP remote file inclusion vulnerability in statistic.php in cwmCounter ...)
+CVE-2006-6738
 	NOT-FOR-US: cwmCounter
-CVE-2006-6737 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java ...)
+CVE-2006-6737
 	- sun-java5 1.5.0-07-1
-CVE-2006-6736 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java ...)
+CVE-2006-6736
 	- sun-java5 1.5.0-07-1
-CVE-2006-6735 (modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web ...)
+CVE-2006-6735
 	NOT-FOR-US: Website Mini Web Shop
-CVE-2006-6734 (Cross-site scripting (XSS) vulnerability in modules/viewcategory.php ...)
+CVE-2006-6734
 	NOT-FOR-US: Website Mini Web Shop
-CVE-2006-6733 (Cross-site scripting (XSS) vulnerability in support/view.php in ...)
+CVE-2006-6733
 	NOT-FOR-US: Support Cards 1 (osTicket)
-CVE-2006-6732 (PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 ...)
+CVE-2006-6732
 	NOT-FOR-US: cwmVote
-CVE-2006-6731 (Multiple buffer overflows in Sun Java Development Kit (JDK) and Java ...)
+CVE-2006-6731
 	- sun-java5 1.5.0-08-1
-CVE-2006-6730 (OpenBSD and NetBSD permit usermode code to kill the display server and ...)
+CVE-2006-6730
 	NOTE: Access to DMA-capable hardware such as graphics cards can,
 	NOTE: by design, bypass security restrictions. Not a real issue.
-CVE-2006-6729 (Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier ...)
+CVE-2006-6729
 	NOT-FOR-US: a-blog
-CVE-2006-6728 (Unspecified vulnerability in the info request mechanism in LAN ...)
+CVE-2006-6728
 	NOT-FOR-US: LAN Messenger
-CVE-2006-6727 (PHP remote file inclusion vulnerability in inertianews_class.php in ...)
+CVE-2006-6727
 	NOT-FOR-US: inertianews
-CVE-2006-6726 (PHP remote file inclusion vulnerability in inertianews_main.php in ...)
+CVE-2006-6726
 	NOT-FOR-US: inertianews
-CVE-2006-6725 (Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and ...)
+CVE-2006-6725
 	NOT-FOR-US: PHPBuilder
-CVE-2006-6724 (BolinTech Dream FTP Server 1.02 allows remote authenticated users, ...)
+CVE-2006-6724
 	NOT-FOR-US: BolinTech Dream FTP Server
-CVE-2006-6723 (The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows ...)
+CVE-2006-6723
 	NOT-FOR-US: Microsoft
-CVE-2006-6722 (Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers ...)
+CVE-2006-6722
 	NOT-FOR-US: Bandwebsite (aka Bandsite portal system)
-CVE-2006-6721 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php in ...)
+CVE-2006-6721
 	NOT-FOR-US: Knusperleicht ShoutBox
-CVE-2006-6720 (PHP remote file inclusion vulnerability in admin/index_sitios.php in ...)
+CVE-2006-6720
 	NOT-FOR-US: Azucar CMS
-CVE-2006-6719 (The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) ...)
+CVE-2006-6719
 	- wget 1.13-1 (unimportant)
 	NOTE: An FTP server crashing a download utility is a bug, but not a DoS security issue
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=bd7f4ef701ce5db64659db496d3f47aeedfadac2 (v1.13)
-CVE-2006-6718 (The Allied Telesis AT-9000/24 Ethernet switch has a default password ...)
+CVE-2006-6718
 	NOT-FOR-US: Allied Telesis
-CVE-2006-6717 (The Allied Telesis AT-9000/24 Ethernet switch accepts management ...)
+CVE-2006-6717
 	NOT-FOR-US: Allied Telesis
-CVE-2006-6716 (SQL injection vulnerability in administration/administre2.php in Eric ...)
+CVE-2006-6716
 	NOT-FOR-US: uploader&downloader
-CVE-2006-6715 (PHP remote file inclusion vulnerability in footer.inc.php in PowerClan ...)
+CVE-2006-6715
 	NOT-FOR-US: PowerClan
-CVE-2006-6714 (Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before ...)
+CVE-2006-6714
 	NOT-FOR-US: Hitachi Directory Server
-CVE-2006-6713 (Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before ...)
+CVE-2006-6713
 	NOT-FOR-US: Hitachi Directory Server
-CVE-2006-6712 (Cross-site scripting (XSS) vulnerability in SugarCRM Open Source ...)
+CVE-2006-6712
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2006-6711 (PHP remote file inclusion vulnerability in compteur/mapage.php in ...)
+CVE-2006-6711
 	NOT-FOR-US: Newxooper
-CVE-2006-6710 (Multiple PHP remote file inclusion vulnerabilities in PgmReloaded ...)
+CVE-2006-6710
 	NOT-FOR-US: PgmReloaded
-CVE-2006-6709 (Multiple SQL injection vulnerabilities in MGinternet Property Site ...)
+CVE-2006-6709
 	NOT-FOR-US: MGinternet Property Site Manager
-CVE-2006-6708 (Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet ...)
+CVE-2006-6708
 	NOT-FOR-US: MGinternet Property Site Manager
-CVE-2006-6707 (Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ...)
+CVE-2006-6707
 	NOT-FOR-US: NeoTraceExplorer.NeoTraceLoader ActiveX control
-CVE-2006-6706 (SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 ...)
+CVE-2006-6706
 	NOT-FOR-US: Soumu Workflow
-CVE-2006-6705 (Multiple unspecified vulnerabilities in the template files in Soumu ...)
+CVE-2006-6705
 	NOT-FOR-US: Soumu Workflow
-CVE-2006-6704 (Cross-site scripting (XSS) vulnerability in the Webadmin in @Mail ...)
+CVE-2006-6704
 	NOT-FOR-US: @Mail
-CVE-2006-6703 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal ...)
+CVE-2006-6703
 	NOT-FOR-US: Oracle Portal
-CVE-2006-6702 (Cross-site scripting (XSS) vulnerability in Global.pm in @Mail before ...)
+CVE-2006-6702
 	NOT-FOR-US: @Mail
-CVE-2006-6701 (Cross-site request forgery (CSRF) vulnerability in util.pl in @Mail ...)
+CVE-2006-6701
 	NOT-FOR-US: @Mail
-CVE-2006-6700 (Cross-site scripting (XSS) vulnerability in @Mail WebMail allows ...)
+CVE-2006-6700
 	NOT-FOR-US: @Mail
-CVE-2006-6699 (Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and ...)
+CVE-2006-6699
 	NOT-FOR-US: Oracle Portal
-CVE-2006-6698 (The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files ...)
+CVE-2006-6698
 	- gconf2 2.24.0-1 (unimportant; bug #404743)
 	NOTE: Minor nuisance, not much of a security problem
-CVE-2006-6749 (Buffer overflow in the parse_expression function in parse_config in ...)
+CVE-2006-6749
 	- openser 1.1.0-8 (medium; bug #404591)
 CVE-2006-XXXX [insecure rpath in libflash-mozplugin]
 	- libflash 0.4.13-9 (low; bug #399508)
 	[etch] - libflash <no-dsa> (Not exploitable through directory writable by an unprivileged user)
-CVE-2006-6697 (CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle ...)
+CVE-2006-6697
 	NOT-FOR-US: Oracle
-CVE-2006-6696 (Double free vulnerability in Microsoft Windows 2000, XP, 2003, and ...)
+CVE-2006-6696
 	NOT-FOR-US: Microsoft
-CVE-2006-6695 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-6695
 	NOT-FOR-US: Carsen Klock TextSend
-CVE-2006-6694 (Directory traversal vulnerability in include/config.php in E-Uploader ...)
+CVE-2006-6694
 	NOT-FOR-US: E-Uploader
-CVE-2006-6693 (Multiple buffer overflows in zabbix before 20061006 allow attackers to ...)
+CVE-2006-6693
 	- zabbix 1:1.1.2-4 (medium; bug #391388)
-CVE-2006-6692 (Multiple format string vulnerabilities in zabbix before 20061006 allow ...)
+CVE-2006-6692
 	- zabbix 1:1.1.2-4 (medium; bug #391388)
-CVE-2006-6691 (Multiple PHP remote file inclusion vulnerabilities in Valdersoft ...)
+CVE-2006-6691
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2006-6690 (rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through ...)
+CVE-2006-6690
 	- typo3-src 4.0.2+debian-2 (high; bug #403906)
 	NOTE: http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9
-CVE-2006-6689 (Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 ...)
+CVE-2006-6689
 	NOT-FOR-US: Paristemi
-CVE-2006-6688 (Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network ...)
+CVE-2006-6688
 	NOT-FOR-US: Web Automated Perl Portal (WebAPP)
-CVE-2006-6687 (Cross-site scripting (XSS) vulnerability in Web Automated Perl Portal ...)
+CVE-2006-6687
 	NOT-FOR-US: Web Automated Perl Portal (WebAPP)
-CVE-2006-6686 (PHP remote file inclusion vulnerability in sender.php in Carsen Klock ...)
+CVE-2006-6686
 	NOT-FOR-US: Carsen Klock TextSend
-CVE-2006-6685 (Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 ...)
+CVE-2006-6685
 	- chetcpasswd <removed> (medium)
-CVE-2006-6684 (Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 ...)
+CVE-2006-6684
 	- chetcpasswd <removed> (medium)
-CVE-2006-6683 (Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates ...)
+CVE-2006-6683
 	- chetcpasswd <removed> (medium)
-CVE-2006-6682 (Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message ...)
+CVE-2006-6682
 	- chetcpasswd <removed> (medium)
-CVE-2006-6681 (Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for ...)
+CVE-2006-6681
 	- chetcpasswd <removed> (medium)
-CVE-2006-6680 (Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need ...)
+CVE-2006-6680
 	- chetcpasswd <removed> (low)
-CVE-2006-6679 (Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For ...)
+CVE-2006-6679
 	- chetcpasswd <removed> (medium)
-CVE-2006-6678 (The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier ...)
+CVE-2006-6678
 	{DSA-1251-1}
 	- netrik 1.15.3-1.1 (medium; bug #404233)
-CVE-2006-6677 (ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a ...)
+CVE-2006-6677
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2006-6676 (Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 ...)
+CVE-2006-6676
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2006-6675 (Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support ...)
+CVE-2006-6675
 	NOT-FOR-US: Novell
-CVE-2006-6674 (Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and ...)
+CVE-2006-6674
 	NOT-FOR-US: Ozeki HTTP-SMS Gateway
-CVE-2006-6673 (WinFtp Server 2.0.2 allows remote attackers to cause a denial of ...)
+CVE-2006-6673
 	NOT-FOR-US: WinFtp Server
-CVE-2006-6672 (Multiple SQL injection vulnerabilities in Burak Yylmaz Download Portal ...)
+CVE-2006-6672
 	NOT-FOR-US: Download Portal
-CVE-2006-6671 (SQL injection vulnerability in down.asp in Burak Yylmaz Download ...)
+CVE-2006-6671
 	NOT-FOR-US: Download Portal
-CVE-2006-6670 (Unspecified vulnerability in Nortel CallPilot 4.x Server has unknown ...)
+CVE-2006-6670
 	NOT-FOR-US: Nortel CallPilot
-CVE-2006-6669 (Cross-site scripting (XSS) vulnerability in export_handler.php in ...)
+CVE-2006-6669
 	{DSA-1279-1}
 	- webcalendar 1.0.5-2 (low; bug #404234)
-CVE-2006-6668 (Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier ...)
+CVE-2006-6668
 	NOT-FOR-US: VerliAdmin
-CVE-2006-6667 (Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier ...)
+CVE-2006-6667
 	NOT-FOR-US: VerliAdmin
-CVE-2006-6666 (PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 ...)
+CVE-2006-6666
 	NOT-FOR-US: VerliAdmin
-CVE-2006-6665 (Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier ...)
+CVE-2006-6665
 	NOT-FOR-US: DeepBurner
-CVE-2006-6664 (Format string vulnerability in Marathon Aleph One before 0.17.1 and ...)
+CVE-2006-6664
 	NOT-FOR-US: Aleph One
-CVE-2006-6663 (The server component in Marathon Aleph One before 0.17.1 and ...)
+CVE-2006-6663
 	NOT-FOR-US: Aleph One
-CVE-2006-6662 (Unspecified vulnerability in Linux User Management (novell-lum) on ...)
+CVE-2006-6662
 	NOT-FOR-US: Linux User Management (novell-lum)
-CVE-2006-6661 (Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and ...)
+CVE-2006-6661
 	NOT-FOR-US: PHP-Update
-CVE-2006-6660 (The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by ...)
+CVE-2006-6660
 	- kdelibs <not-affected> (at least it is fixed in 4:3.5.5a.dfsg.1-5)
 	NOTE: is DoS only, anyway
-CVE-2006-6659 (The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in ...)
+CVE-2006-6659
 	NOT-FOR-US: Microsoft
-CVE-2006-6658 (Inktomi Search 4.1.4 allows remote attackers to obtain sensitive ...)
+CVE-2006-6658
 	NOT-FOR-US: Inktomi
-CVE-2006-6657 (The if_clone_list function in NetBSD-current before 20061027, NetBSD ...)
+CVE-2006-6657
 	NOT-FOR-US: NetBSD
-CVE-2006-6656 (Unspecified vulnerability in ptrace in NetBSD-current before 20061027, ...)
+CVE-2006-6656
 	NOT-FOR-US: NetBSD
-CVE-2006-6655 (The procfs implementation in NetBSD-current before 20061023, NetBSD ...)
+CVE-2006-6655
 	NOT-FOR-US: NetBSD
-CVE-2006-6654 (The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and ...)
+CVE-2006-6654
 	NOT-FOR-US: NetBSD
-CVE-2006-6653 (The accept function in NetBSD-current before 20061023, NetBSD 3.0 and ...)
+CVE-2006-6653
 	NOT-FOR-US: NetBSD
-CVE-2006-6652 (Buffer overflow in the glob implementation (glob.c) in libc in ...)
+CVE-2006-6652
 	NOT-FOR-US: NetBSD
-CVE-2006-6651 (Race condition in W29N51.SYS in the Intel 2200BG wireless driver ...)
+CVE-2006-6651
 	NOT-FOR-US: Intel
-CVE-2006-6650 (PHP remote file inclusion vulnerability in charts_constants.php in the ...)
+CVE-2006-6650
 	NOT-FOR-US: mxBB
-CVE-2006-6649 (Cross-site scripting (XSS) vulnerability in display.php in HyperVM 1.2 ...)
+CVE-2006-6649
 	NOT-FOR-US: HyperVM
-CVE-2006-6648 (PHP remote file inclusion vulnerability in main.inc.php in ...)
+CVE-2006-6648
 	NOT-FOR-US: RateMe
-CVE-2006-6647 (Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before ...)
+CVE-2006-6647
 	NOT-FOR-US: MySite for Drupal
-CVE-2006-6646 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal (1) ...)
+CVE-2006-6646
 	NOT-FOR-US: Drupal Project Issue Tracking
-CVE-2006-6645 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6645
 	NOT-FOR-US: Web Links module for mxBB
-CVE-2006-6644 (PHP remote file inclusion vulnerability in pages/meeting_constants.php ...)
+CVE-2006-6644
 	NOT-FOR-US: Meeting module for mxBB
-CVE-2006-6643 (Fightersoft Multimedia Star FTP server 1.10 allows remote attackers to ...)
+CVE-2006-6643
 	NOT-FOR-US: Fightersoft Multimedia Star FTP server
-CVE-2006-6642 (SQL injection vulnerability in haber.asp in Contra Haber Sistemi 1.0 ...)
+CVE-2006-6642
 	NOT-FOR-US: Sistemi
-CVE-2006-6641 (Unspecified vulnerability in CA CleverPath Portal before maintenance ...)
+CVE-2006-6641
 	NOT-FOR-US: CA CleverPath Portal
-CVE-2006-6640 (Multiple cross-site scripting (XSS) vulnerabilities in Omniture ...)
+CVE-2006-6640
 	NOT-FOR-US: SiteCatalyst
-CVE-2006-6639 (Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local ...)
+CVE-2006-6639
 	- chetcpasswd <removed> (medium)
-CVE-2006-6638 (IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial ...)
+CVE-2006-6638
 	NOT-FOR-US: IBM
-CVE-2006-6637 (The Servlet Engine and Web Container in IBM WebSphere Application ...)
+CVE-2006-6637
 	NOT-FOR-US: IBM
-CVE-2006-6636 (Unspecified vulnerability in the Utility Classes for IBM WebSphere ...)
+CVE-2006-6636
 	NOT-FOR-US: IBM
-CVE-2006-6635 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2006-6635
 	NOT-FOR-US: JumbaCMS
-CVE-2006-6634 (Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai ...)
+CVE-2006-6634
 	NOT-FOR-US: ExtCalThai for Mambo
-CVE-2006-6633 (PHP remote file inclusion vulnerability in include/yapbb_session.php ...)
+CVE-2006-6633
 	NOT-FOR-US: YapBB
-CVE-2006-6632 (PHP remote file inclusion vulnerability in genepi.php in Genepi 1.6 ...)
+CVE-2006-6632
 	NOT-FOR-US: Genepi
-CVE-2006-6631 (PHP remote file inclusion vulnerability in lib/xml/oai/GetRecord.php ...)
+CVE-2006-6631
 	NOT-FOR-US: osprey
-CVE-2006-6630 (PHP remote file inclusion vulnerability in ListRecords.php in osprey ...)
+CVE-2006-6630
 	NOT-FOR-US: osprey
-CVE-2006-6629 (lib/WeBWorK/PG/Translator.pm in WeBWorK Program Generation (PG) ...)
+CVE-2006-6629
 	NOT-FOR-US: WeBWorK
-CVE-2006-6628 (Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted ...)
+CVE-2006-6628
 	- openoffice.org 2.0.4.dfsg.2-3 (unimportant; bug #404105)
 	NOTE: No code injection possible, just a crash
-CVE-2006-6627 (Integer overflow in the packed PE file parsing implementation in ...)
+CVE-2006-6627
 	NOT-FOR-US: BitDefender
-CVE-2006-6626 (Cross-site scripting (XSS) vulnerability in an unspecified component ...)
+CVE-2006-6626
 	- moodle 1.6-1
 	NOTE: Does not affect moodle 1.6 according to SecurityFocus.
-CVE-2006-6625 (Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in ...)
+CVE-2006-6625
 	- moodle 1.6.3-2 (low)
 	NOTE: "SC#341 fixed initilaization of navtail variable"
 	NOTE: http://moodle.cvs.sourceforge.net/moodle/moodle/mod/forum/discuss.php?view=log
-CVE-2006-6624 (The FTP Server in Sambar Server 6.4 allows remote authenticated users ...)
+CVE-2006-6624
 	NOT-FOR-US: Sambar
-CVE-2006-6623 (Sygate Personal Firewall 5.6.2808 relies on the Process Environment ...)
+CVE-2006-6623
 	NOT-FOR-US: Sygate
-CVE-2006-6622 (Soft4Ever Look 'n' Stop (LnS) 2.05p2 before 20061215 relies on the ...)
+CVE-2006-6622
 	NOT-FOR-US: Soft4Ever Look 'n' Stop
-CVE-2006-6621 (Filseclab Personal Firewall 3.0.0.8686 relies on the Process ...)
+CVE-2006-6621
 	NOT-FOR-US: Filseclab Personal Firewall
-CVE-2006-6620 (Comodo Personal Firewall 2.3.6.81 relies on the Process Environment ...)
+CVE-2006-6620
 	NOT-FOR-US: Comodo Personal Firewall
-CVE-2006-6619 (AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment ...)
+CVE-2006-6619
 	NOT-FOR-US: AVG Anti-Virus plus Firewall
-CVE-2006-6618 (AntiHook 3.0.0.23 - Desktop relies on the Process Environment Block ...)
+CVE-2006-6618
 	NOT-FOR-US: AntiHook 3.0.0.23 - Desktop
-CVE-2006-6617 (projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 ...)
+CVE-2006-6617
 	NOT-FOR-US: Microsoft
-CVE-2006-6616 (index.php in w00t Gallery 1.4.0 allows remote authenticated users with ...)
+CVE-2006-6616
 	NOT-FOR-US: w00t Gallery
-CVE-2006-6615 (PHP remote file inclusion vulnerability in includes/act_constants.php ...)
+CVE-2006-6615
 	NOT-FOR-US: Activity Games module for mxBB
-CVE-2006-6614 (The save_log_local function in Fully Automatic Installation (FAI) ...)
+CVE-2006-6614
 	- fai 3.1.3 (low; bug #402644)
 	[sarge] - fai <no-dsa> (Minor issue, only in rare configs and use cases)
-CVE-2006-6613 (Directory traversal vulnerability in language.php in phpAlbum 0.4.1 ...)
+CVE-2006-6613
 	NOT-FOR-US: phpAlbum
-CVE-2006-6612 (PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms ...)
+CVE-2006-6612
 	NOT-FOR-US: PhpMyCms
-CVE-2006-6611 (PHP remote file inclusion vulnerability in interface.php in Barman ...)
+CVE-2006-6611
 	NOT-FOR-US: Barman
-CVE-2006-6610 (clientcommands in Nexuiz before 2.2.1 has unknown impact and remote ...)
+CVE-2006-6610
 	- nexuiz 2.2.1-1 (low)
 	NOTE: Only game console command execution possible, not shell commands
-CVE-2006-6609 (Nexuiz before 2.2.1 allows remote attackers to cause a denial of ...)
+CVE-2006-6609
 	- nexuiz 2.2.1-1
-CVE-2006-6608 (Unspecified vulnerability in SSH key based authentication in HP ...)
+CVE-2006-6608
 	NOT-FOR-US: HP
-CVE-2006-6607 (The Java Key Store (JKS) for WebSphere Application Server (WAS) for ...)
+CVE-2006-6607
 	NOT-FOR-US: IBM
-CVE-2006-6606 (Multiple SQL injection vulnerabilities in Clarens jclarens before ...)
+CVE-2006-6606
 	NOT-FOR-US: jclarens
-CVE-2006-6605 (Stack-based buffer overflow in the POP service in MailEnable Standard ...)
+CVE-2006-6605
 	NOT-FOR-US: MailEnable
-CVE-2006-6604 (Directory traversal vulnerability in downloaddetails.php in ...)
+CVE-2006-6604
 	- torrentflux 2.1-7 (medium; bug #400582)
-CVE-2006-6603 (Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) ...)
+CVE-2006-6603
 	NOT-FOR-US: YMMAPI.YMailAttach
-CVE-2006-6602 (explorer.exe in Windows Explorer 6.00.2900.2180 in Microsoft Windows ...)
+CVE-2006-6602
 	NOT-FOR-US: Windows
-CVE-2006-6601 (Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows ...)
+CVE-2006-6601
 	NOT-FOR-US: Microsoft
-CVE-2006-6600 (Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux ...)
+CVE-2006-6600
 	- torrentflux 2.1-7 (medium; bug #400582)
-CVE-2006-6599 (maketorrent.php in TorrentFlux 2.2 allows remote authenticated users ...)
+CVE-2006-6599
 	- torrentflux 2.1-7 (medium; bug #400582)
-CVE-2006-6598 (Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux ...)
+CVE-2006-6598
 	- torrentflux 2.1-6
-CVE-2006-6597 (Argument injection vulnerability in HyperAccess 8.4 allows ...)
+CVE-2006-6597
 	NOT-FOR-US: HyperAccess
-CVE-2006-6596 (HyperAccess 8.4 allows user-assisted remote attackers to execute ...)
+CVE-2006-6596
 	NOT-FOR-US: HyperAccess
-CVE-2006-6595 (Multiple SQL injection vulnerabilities in ScriptMate User Manager 2.1 ...)
+CVE-2006-6595
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6594 (SQL injection vulnerability in utilities/usermessages.asp in ...)
+CVE-2006-6594
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6593 (PHP remote file inclusion vulnerability in zufallscodepart.php in ...)
+CVE-2006-6593
 	NOT-FOR-US: AMAZONIA MOD for phpBB
-CVE-2006-6592 (Multiple PHP remote file inclusion vulnerabilities in Bloq 0.5.4 allow ...)
+CVE-2006-6592
 	NOT-FOR-US: Bloq
-CVE-2006-6591 (PHP remote file inclusion vulnerability in fonctions/template.php in ...)
+CVE-2006-6591
 	NOT-FOR-US: EXlor
-CVE-2006-6590 (PHP remote file inclusion vulnerability in usercp_menu.php in AR ...)
+CVE-2006-6590
 	NOT-FOR-US: AR Memberscript
-CVE-2006-6589 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-6589
 	NOT-FOR-US: Apache Open For BusinessProject (OFBiz)
-CVE-2006-6588 (The forum implementation in the ecommerce component in the Apache Open ...)
+CVE-2006-6588
 	NOT-FOR-US: Apache Open For BusinessProject (OFBiz)
-CVE-2006-6587 (Cross-site scripting (XSS) vulnerability in the forum implementation ...)
+CVE-2006-6587
 	NOT-FOR-US: Apache Open For BusinessProject (OFBiz)
-CVE-2006-6586 (Multiple PHP remote file inclusion vulnerabilities in Vortex Blog ...)
+CVE-2006-6586
 	NOT-FOR-US: Vortex Blog
-CVE-2006-6585 (The Extensions manager in Mozilla Firefox 2.0 does not properly ...)
+CVE-2006-6585
 	- iceweasel 2.0.0.1+dfsg-1
 	- firefox 45.0-1
 	- firefox-esr 45.0esr-1
-CVE-2006-6584 (Multiple buffer overflows in italkplus (Italk+) before 0.92.1 allow ...)
+CVE-2006-6584
 	NOT-FOR-US: italkplus (Italk+)
-CVE-2006-6583 (ScriptMate User Manager 2.1 and earlier allow remote attackers to ...)
+CVE-2006-6583
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6582 (Multiple cross-site scripting (XSS) vulnerabilities in ScriptMate User ...)
+CVE-2006-6582
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6581 (PHP remote file inclusion vulnerability in tests/debug_test.php in ...)
+CVE-2006-6581
 	NOT-FOR-US: PHP_Debug
-CVE-2006-6580 (admin/change.php in ProNews 1.5 does not check whether a user is ...)
+CVE-2006-6580
 	NOT-FOR-US: ProNews
-CVE-2006-6579 (Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and ...)
+CVE-2006-6579
 	NOT-FOR-US: Microsoft
-CVE-2006-6578 (Microsoft Internet Information Services (IIS) 5.1 permits the ...)
+CVE-2006-6578
 	NOT-FOR-US: Microsoft
-CVE-2006-6577 (SQL injection vulnerability in polls.php in Neocrome Land Down Under ...)
+CVE-2006-6577
 	NOT-FOR-US: Neocrome Land Down Under
-CVE-2006-6576 (Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 ...)
+CVE-2006-6576
 	NOT-FOR-US: Golden FTP Server
-CVE-2006-6575 (PHP remote file inclusion vulnerability in ldap.php in Brian Drawert ...)
+CVE-2006-6575
 	NOT-FOR-US: Yet Another PHP LDAP Admin Project (yaplap)
-CVE-2006-6574 (Mantis before 1.1.0a2 does not implement per-item access control for ...)
+CVE-2006-6574
 	{DSA-1467-1}
 	- mantis 1.0.6+dfsg-3 (bug #402802)
 	[sarge] - mantis 0.19.2-5sarge5
@@ -1505,161 +1505,161 @@ CVE-2006-XXXX [moodle unspecified security bug in the forum module (discuss.php)
 	- moodle 1.6.3-2
 CVE-2006-XXXX [znc file access security hole]
 	- znc 0.045-3 (bug #403141; medium)
-CVE-2006-6573 (Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced ...)
+CVE-2006-6573
 	NOT-FOR-US: Citrix
-CVE-2006-6572 (Unspecified vulnerability in Citrix Advanced Access Control (AAC) ...)
+CVE-2006-6572
 	NOT-FOR-US: Citrix
-CVE-2006-6571 (Multiple cross-site scripting (XSS) vulnerabilities in form.php in ...)
+CVE-2006-6571
 	NOT-FOR-US: GenesisTrader
-CVE-2006-6570 (Unrestricted file upload vulnerability in upload.php in GenesisTrader ...)
+CVE-2006-6570
 	NOT-FOR-US: GenesisTrader
-CVE-2006-6569 (form.php in GenesisTrader 1.0 allows remote attackers to read source ...)
+CVE-2006-6569
 	NOT-FOR-US: GenesisTrader
-CVE-2006-6568 (Directory traversal vulnerability in includes/kb_constants.php in the ...)
+CVE-2006-6568
 	NOT-FOR-US: Knowledge Base (mx_kb) 2.0.2 module for mxBB
-CVE-2006-6567 (PHP remote file inclusion vulnerability in includes/kb_constants.php ...)
+CVE-2006-6567
 	NOT-FOR-US: Knowledge Base (mx_kb) 2.0.2 module for mxBB
-CVE-2006-6566 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6566
 	NOT-FOR-US: Profile Control Panel (CPanel) module for mxBB
-CVE-2006-6565 (FileZilla Server before 0.9.22 allows remote attackers to cause a ...)
+CVE-2006-6565
 	NOT-FOR-US: FileZilla Server
-CVE-2006-6564 (FileZilla Server before 0.9.22 allows remote attackers to cause a ...)
+CVE-2006-6564
 	NOT-FOR-US: FileZilla Server
-CVE-2006-6563 (Stack-based buffer overflow in the pr_ctrls_recv_request function in ...)
+CVE-2006-6563
 	- proftpd-dfsg 1.3.0-17 (medium)
 	[sarge] - proftpd <not-affected> (Vulnerable code not activated in binary build)
 CVE-2006-6562
 	RESERVED
-CVE-2006-6561 (Unspecified vulnerability in Microsoft Word 2000, 2002, and Word ...)
+CVE-2006-6561
 	NOT-FOR-US: Microsoft
-CVE-2006-6560 (PHP remote file inclusion vulnerability in includes/common.php in the ...)
+CVE-2006-6560
 	NOT-FOR-US: mx_modsdb 1.0.0 module for MxBBmx_modsdb 1.0.0 module for MxBB
-CVE-2006-6559 (SQL injection vulnerability in ProductDetails.asp in Lotfian Request ...)
+CVE-2006-6559
 	NOT-FOR-US: Lotfian Request For Travel
-CVE-2006-6558 (Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial ...)
+CVE-2006-6558
 	NOT-FOR-US: Crob FTP Server
-CVE-2006-6557 (Multiple unspecified vulnerabilities in Skulls! before 0.2.6 have ...)
+CVE-2006-6557
 	NOT-FOR-US: Skulls!
-CVE-2006-6556 (The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before ...)
+CVE-2006-6556
 	NOT-FOR-US: EyeOS
-CVE-2006-6555 (Multiple SQL injection vulnerabilities in EasyFill before 0.5.1 allow ...)
+CVE-2006-6555
 	NOT-FOR-US: EasyFill
-CVE-2006-6554 (Unspecified vulnerability in Kerio MailServer before 6.3.1 allows ...)
+CVE-2006-6554
 	NOT-FOR-US: Kerio MailServer
-CVE-2006-6553 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6553
 	NOT-FOR-US: NewsSuite 1.03 module for mxBB
-CVE-2006-6552 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6552
 	NOT-FOR-US: BLOG:CMS
-CVE-2006-6551 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6551
 	NOT-FOR-US: Tucows Client Code Suite (CCS)
-CVE-2006-6550 (** DISPUTED ** ...)
+CVE-2006-6550
 	NOT-FOR-US: Phorum
-CVE-2006-6549 (** DISPUTED ** ...)
+CVE-2006-6549
 	NOT-FOR-US: Rad Upload
-CVE-2006-6548 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost ...)
+CVE-2006-6548
 	NOT-FOR-US: cPanel WebHost Manager
-CVE-2006-6547 (Buffer overflow in the readAA function in read_aa.cpp in Winamp iPod ...)
+CVE-2006-6547
 	NOT-FOR-US: Winamp
-CVE-2006-6546 (PHP remote file inclusion vulnerability in inc/shows.inc.php in ...)
+CVE-2006-6546
 	NOT-FOR-US: cutenews
-CVE-2006-6545 (PHP remote file inclusion vulnerability in includes/common.php in the ...)
+CVE-2006-6545
 	NOT-FOR-US: ErrorDocs 1.0.0 and earlier module for mxBB
-CVE-2006-6544 (Cross-site scripting (XSS) vulnerability in CM68 News allows remote ...)
+CVE-2006-6544
 	NOT-FOR-US: CM68 News
-CVE-2006-6543 (Multiple SQL injection vulnerabilities in login.asp in AppIntellect ...)
+CVE-2006-6543
 	NOT-FOR-US: AppIntellect SpotLight CRM
-CVE-2006-6542 (SQL injection vulnerability in news.php in Fantastic News 2.1.4 and ...)
+CVE-2006-6542
 	NOT-FOR-US: Fantastic News
-CVE-2006-6541 (** DISPUTED ** ...)
+CVE-2006-6541
 	NOT-FOR-US: Animated Smiley Generator
-CVE-2006-6540 (SQL injection vulnerability in bt-trackback.php in Bluetrait before ...)
+CVE-2006-6540
 	NOT-FOR-US: Bluetrait
-CVE-2006-6539 (Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and ...)
+CVE-2006-6539
 	NOT-FOR-US: Winamp Web Interface
-CVE-2006-6538 (D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) ...)
+CVE-2006-6538
 	NOT-FOR-US: D-LINK
-CVE-2006-6537 (IBM WebSphere Host On-Demand 6.0, 7.0, 8.0, 9.0, and possibly 10, ...)
+CVE-2006-6537
 	NOT-FOR-US: IBM
-CVE-2006-6536 (Cross-site scripting (XSS) vulnerability in hata.asp in Cilem Haber ...)
+CVE-2006-6536
 	NOT-FOR-US: Cilem Haber Free Edition
-CVE-2006-6535 (The dev_queue_xmit function in Linux kernel 2.6 can fail before ...)
+CVE-2006-6535
 	{DSA-1304}
 	- linux-2.6 <not-affected> (Fixed before upload into the archive; 2.6.10)
-CVE-2006-6534 (Multiple cross-site scripting (XSS) vulnerabilities in osCommerce ...)
+CVE-2006-6534
 	NOT-FOR-US: osCommerce
-CVE-2006-6533 (Directory traversal vulnerability in admin/templates_boxes_layout.php ...)
+CVE-2006-6533
 	NOT-FOR-US: osCommerce
-CVE-2006-6532 (Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite ...)
+CVE-2006-6532
 	NOT-FOR-US: Vt-Forum Lite
-CVE-2006-6531 (Cross-site scripting (XSS) vulnerability in the Help Tip module before ...)
+CVE-2006-6531
 	NOT-FOR-US: Help Tip module for Drupal
-CVE-2006-6530 (SQL injection vulnerability in the Help Tip module before 4.7.x-1.0 ...)
+CVE-2006-6530
 	NOT-FOR-US: Help Tip module for Drupal
-CVE-2006-6529 (The Chatroom Module before 4.7.x.-1.0 for Drupal displays private ...)
+CVE-2006-6529
 	NOT-FOR-US: Chatroom Module for Drupal
-CVE-2006-6528 (The Chatroom Module before 4.7.x.-1.0 for Drupal broadcasts Chatroom ...)
+CVE-2006-6528
 	NOT-FOR-US: Chatroom Module for Drupal
-CVE-2006-6527 (PHP remote file inclusion vulnerability in guest.php in Gizzar ...)
+CVE-2006-6527
 	NOT-FOR-US: Gizzar
-CVE-2006-6526 (PHP remote file inclusion vulnerability in index.php in Gizzar ...)
+CVE-2006-6526
 	NOT-FOR-US: Gizzar
-CVE-2006-6525 (SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 ...)
+CVE-2006-6525
 	NOT-FOR-US: EzHRS HR Assist
-CVE-2006-6524 (SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 ...)
+CVE-2006-6524
 	NOT-FOR-US: EzHRS HR Assist
-CVE-2006-6523 (Cross-site scripting (XSS) vulnerability in mail/manage.html in ...)
+CVE-2006-6523
 	NOT-FOR-US: BoxTrapper in cPanel
-CVE-2006-6522 (Multiple cross-site scripting (XSS) vulnerabilities in WikiTimeScale ...)
+CVE-2006-6522
 	NOT-FOR-US: WikiTimeScale TwoZero
-CVE-2006-6521 (SQL injection vulnerability in lire-avis.php in Messageriescripthp 2.0 ...)
+CVE-2006-6521
 	NOT-FOR-US: Messageriescripthp
-CVE-2006-6520 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-6520
 	NOT-FOR-US: Messageriescripthp
-CVE-2006-6519 (SQL injection vulnerability in lire-avis.php in ProNews 1.5 allows ...)
+CVE-2006-6519
 	NOT-FOR-US: ProNews
-CVE-2006-6518 (Multiple cross-site scripting (XSS) vulnerabilities in ProNews 1.5 ...)
+CVE-2006-6518
 	NOT-FOR-US: ProNews
-CVE-2006-6517 (Multiple cross-site scripting (XSS) vulnerabilities in KDPics 1.16 and ...)
+CVE-2006-6517
 	NOT-FOR-US: KDPics
-CVE-2006-6516 (Multiple PHP remote file inclusion vulnerabilities in KDPics 1.16 and ...)
+CVE-2006-6516
 	NOT-FOR-US: KDPics
-CVE-2006-6515 (Mantis before 1.1.0a2 sets the default value of ...)
+CVE-2006-6515
 	- mantis 1.0.6+dfsg-1 (unimportant)
 	NOTE: http://www.mantisbt.org/bugs/print_bug_page.php?bug_id=5163
 	NOTE: Not a security bug, only a very annoying feature.
-CVE-2006-6514 (Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient ...)
+CVE-2006-6514
 	NOT-FOR-US: Winamp Web Interface (Wawi)
-CVE-2006-6513 (The CControl::Download function (/dl URI) in Winamp Web Interface ...)
+CVE-2006-6513
 	NOT-FOR-US: Winamp Web Interface (Wawi)
-CVE-2006-6512 (Directory traversal vulnerability in the Browse function (/browse URI) ...)
+CVE-2006-6512
 	NOT-FOR-US: Winamp Web Interface (Wawi)
-CVE-2006-6511 (dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive ...)
+CVE-2006-6511
 	NOT-FOR-US: dadaIMC
-CVE-2006-6510 (An unspecified ActiveX control in SiteKiosk before 6.5.150 is ...)
+CVE-2006-6510
 	NOT-FOR-US: SiteKiosk
-CVE-2006-6509 (Cross-site scripting (XSS) vulnerability in the skinning feature in ...)
+CVE-2006-6509
 	NOT-FOR-US: SiteKiosk
-CVE-2006-6508 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows ...)
+CVE-2006-6508
 	{DSA-1488-1}
 	NOTE: This is covered/duped by CVE-2006-6841
 	- phpbb2 2.0.21-6
-CVE-2006-6507 (Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass ...)
+CVE-2006-6507
 	NOTE: MFSA-2006-76
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner <not-affected> (maintainer reported)
 	- iceape <not-affected> (maintainer reported)
-CVE-2006-6506 (The &quot;Feed Preview&quot; feature in Mozilla Firefox 2.0 before 2.0.0.1 sends ...)
+CVE-2006-6506
 	NOTE: MFSA-2006-75
 	- iceweasel 2.0.0.1+dfsg-1 (low)
 	- iceape <not-affected> (maintainer reported)
-CVE-2006-6505 (Multiple heap-based buffer overflows in Mozilla Thunderbird before ...)
+CVE-2006-6505
 	{DSA-1265-1}
 	NOTE: MFSA-2006-74
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	- icedove 1.5.0.9.dfsg1-1 (high)
 	- iceape 1.0.7-1 (high)
 	- mozilla <removed>
-CVE-2006-6504 (Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and ...)
+CVE-2006-6504
 	NOTE: MFSA-2006-73
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner 1.8.0.9-1 (high)
@@ -1668,7 +1668,7 @@ CVE-2006-6504 (Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and ...
 	- firefox-esr 45.0esr-1 (high)
 	NOTE: Flaw was introduced in Firefox 1.5.0.4
 	- icedove 1.5.0.9.dfsg1-1 (high)
-CVE-2006-6503 (Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird ...)
+CVE-2006-6503
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-72
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1680,7 +1680,7 @@ CVE-2006-6503 (Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunder
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (high)
 	- icedove 1.5.0.9.dfsg1-1 (high)
-CVE-2006-6502 (Use-after-free vulnerability in the LiveConnect bridge code for ...)
+CVE-2006-6502
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-71
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1693,7 +1693,7 @@ CVE-2006-6502 (Use-after-free vulnerability in the LiveConnect bridge code for .
 	- mozilla-thunderbird <removed> (unimportant)
 	- icedove 1.5.0.9.dfsg1-1 (unimportant)
 	NOTE: Not exploitable in standard Icedove configuration
-CVE-2006-6501 (Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...)
+CVE-2006-6501
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-70
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1705,7 +1705,7 @@ CVE-2006-6501 (Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1,
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (low)
 	- icedove 1.5.0.9.dfsg1-1 (low)
-CVE-2006-6500 (Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, ...)
+CVE-2006-6500
 	NOTE: MFSA-2006-69
 	- iceweasel <not-affected> (windows only)
 	- xulrunner <not-affected> (Windows only)
@@ -1715,7 +1715,7 @@ CVE-2006-6500 (Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1,
 	- mozilla-firefox <not-affected> (windows only)
 	- mozilla-thunderbird <not-affected> (windows only)
 	- icedove <not-affected> (windows only)
-CVE-2006-6499 (The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...)
+CVE-2006-6499
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1729,7 +1729,7 @@ CVE-2006-6499 (The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x
 	- icedove 1.5.0.9.dfsg1-1 (low)
 	NOTE: Is it possible to reduce the floating point precision in Linux as a non-priv
 	NOTE: user? I don't think so
-CVE-2006-6498 (Multiple unspecified vulnerabilities in the JavaScript engine for ...)
+CVE-2006-6498
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1741,7 +1741,7 @@ CVE-2006-6498 (Multiple unspecified vulnerabilities in the JavaScript engine for
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (low)
 	- icedove 1.5.0.9.dfsg1-1 (low)
-CVE-2006-6497 (Multiple unspecified vulnerabilities in the layout engine for Mozilla ...)
+CVE-2006-6497
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (medium)
@@ -1753,356 +1753,356 @@ CVE-2006-6497 (Multiple unspecified vulnerabilities in the layout engine for Moz
 	- mozilla-firefox <removed> (medium)
 	- mozilla-thunderbird <removed> (low)
 	- icedove 1.5.0.9.dfsg1-1 (low)
-CVE-2006-6496 (The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus ...)
+CVE-2006-6496
 	NOT-FOR-US: CA Anti-Virus
-CVE-2006-6495 (Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 ...)
+CVE-2006-6495
 	NOT-FOR-US: Solaris
-CVE-2006-6494 (Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and ...)
+CVE-2006-6494
 	NOT-FOR-US: Solaris
-CVE-2006-6493 (Buffer overflow in the krbv4_ldap_auth function in ...)
+CVE-2006-6493
 	- openldap2.3 <not-affected> (kerberos support not enabled)
 	- openldap2 <not-affected> (kerberos support not enabled)
 CVE-2006-6492
 	REJECTED
 CVE-2006-6491
 	REJECTED
-CVE-2006-6490 (Multiple buffer overflows in the SupportSoft (1) SmartIssue ...)
+CVE-2006-6490
 	NOT-FOR-US: SupportSoft ActiveX
-CVE-2006-6489 (The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for ...)
+CVE-2006-6489
 	NOT-FOR-US: SISCO OSI stack
-CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the Dialog Wrapper ...)
+CVE-2006-6488
 	NOT-FOR-US: ICONICS
-CVE-2006-6487 (Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook ...)
+CVE-2006-6487
 	NOT-FOR-US: DT Guestbook
-CVE-2006-6486 (SQL injection vulnerability in EasyPage allows remote attackers to ...)
+CVE-2006-6486
 	NOT-FOR-US: EasyPage
-CVE-2006-6485 (Multiple cross-site scripting (XSS) vulnerabilities in ShopSite 8.1 ...)
+CVE-2006-6485
 	NOT-FOR-US: ShopSite
-CVE-2006-6484 (The IMAP service for MailEnable Professional and Enterprise Edition ...)
+CVE-2006-6484
 	NOT-FOR-US: MailEnable
-CVE-2006-6483 (Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML ...)
+CVE-2006-6483
 	NOT-FOR-US: ColdFusion
-CVE-2006-6482 (Adobe ColdFusion MX7 allows remote attackers to obtain sensitive ...)
+CVE-2006-6482
 	NOT-FOR-US: ColdFusion
-CVE-2006-6481 (Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a ...)
+CVE-2006-6481
 	{DSA-1238-1}
 	- clamav 0.88.7-1 (low; bug #401874)
-CVE-2006-6480 (admin/admin_membre/fiche_membre.php in AnnonceScriptHP 2.0 allows ...)
+CVE-2006-6480
 	NOT-FOR-US: AnnonceScriptHP
-CVE-2006-6479 (Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP ...)
+CVE-2006-6479
 	NOT-FOR-US: AnnonceScriptHP
-CVE-2006-6478 (Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow ...)
+CVE-2006-6478
 	NOT-FOR-US: AnnonceScriptHP
-CVE-2006-6477 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in ...)
+CVE-2006-6477
 	NOT-FOR-US: Mandiant First Response (MFR)
-CVE-2006-6476 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in ...)
+CVE-2006-6476
 	NOT-FOR-US: Mandiant First Response (MFR)
-CVE-2006-6475 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in ...)
+CVE-2006-6475
 	NOT-FOR-US: Mandiant First Response (MFR)
-CVE-2006-6474 (Untrusted search path vulnerability in McAfee VirusScan for Linux ...)
+CVE-2006-6474
 	NOT-FOR-US: McAfee
-CVE-2006-6473 (Multiple unspecified vulnerabilities in Xerox WorkCentre and ...)
+CVE-2006-6473
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6472 (The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before ...)
+CVE-2006-6472
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6471 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...)
+CVE-2006-6471
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6470 (The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before ...)
+CVE-2006-6470
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6469 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...)
+CVE-2006-6469
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6468 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...)
+CVE-2006-6468
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6467 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...)
+CVE-2006-6467
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6466 (Multiple cross-site scripting (XSS) vulnerabilities in WBmap.php in ...)
+CVE-2006-6466
 	NOT-FOR-US: WikyBlog
-CVE-2006-6465 (** DISPUTED ** ...)
+CVE-2006-6465
 	NOT-FOR-US: WikyBlog
-CVE-2006-6464 (viewcart in Midicart accepts negative numbers in the Qty (quantity) ...)
+CVE-2006-6464
 	NOT-FOR-US: Midicart
-CVE-2006-6463 (Unrestricted file upload vulnerability in admin/add.php in Midicart ...)
+CVE-2006-6463
 	NOT-FOR-US: Midicart
-CVE-2006-6462 (PHP remote file inclusion vulnerability in engine/oldnews.inc.php in ...)
+CVE-2006-6462
 	NOT-FOR-US: CM68 News
-CVE-2006-6461 (tr1.php in Yourfreeworld Stylish Text Ads Script allows remote ...)
+CVE-2006-6461
 	NOT-FOR-US: Yourfreeworld Stylish Text Ads Script
-CVE-2006-6460 (Yourfreeworld.com Short Url &amp; Url Tracker Script allows remote ...)
+CVE-2006-6460
 	NOT-FOR-US: Yourfreeworld.com Short Url Script
-CVE-2006-6459 (Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB ...)
+CVE-2006-6459
 	NOT-FOR-US: Toplist for phpBB
-CVE-2006-6458 (The Trend Micro scan engine before 8.320 for Windows and before 8.150 ...)
+CVE-2006-6458
 	NOT-FOR-US: Trend Micro (Windows)
-CVE-2006-6457 (tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other ...)
+CVE-2006-6457
 	- tikiwiki <removed> (bug #404472)
 	NOTE: Might be a mis-report, check with upstream
-CVE-2006-6456 (Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and ...)
+CVE-2006-6456
 	NOT-FOR-US: Microsoft Word
-CVE-2006-6455 (Multiple SQL injection vulnerabilities in admin/default.asp in DUware ...)
+CVE-2006-6455
 	NOT-FOR-US: DUware
-CVE-2006-6454 (execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows ...)
+CVE-2006-6454
 	NOT-FOR-US: J-OWAMP Web Interface
-CVE-2006-6453 (PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in ...)
+CVE-2006-6453
 	NOT-FOR-US: J-OWAMP Web Interface
-CVE-2006-6452 (Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles ...)
+CVE-2006-6452
 	NOT-FOR-US: RunCMS
-CVE-2006-6451 (Multiple cross-site scripting (XSS) vulnerabilities in SWsoft Plesk ...)
+CVE-2006-6451
 	NOT-FOR-US: Plesk
-CVE-2006-6450 (Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in ...)
+CVE-2006-6450
 	NOT-FOR-US: Novell ZENworks Patch Management
-CVE-2006-6449 (Vt-Forum Lite 1.3 and earlier store sensitive information under the ...)
+CVE-2006-6449
 	NOT-FOR-US: Vt-Forum Lite
-CVE-2006-6448 (Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and ...)
+CVE-2006-6448
 	NOT-FOR-US: Vt-Forum
-CVE-2006-6447 (Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite ...)
+CVE-2006-6447
 	NOT-FOR-US: Vt-Forum Lite
-CVE-2006-6446 (SQL injection vulnerability in index.php in iWare Professional 5.0.4, ...)
+CVE-2006-6446
 	NOT-FOR-US: iWare Professional
-CVE-2006-6445 (Directory traversal vulnerability in error.php in Envolution 1.1.0 and ...)
+CVE-2006-6445
 	NOT-FOR-US: Envolution
-CVE-2006-6444 (Stack-based buffer overflow in Nostra DivX Player 2.1, 2.2.00.0, and ...)
+CVE-2006-6444
 	NOT-FOR-US: Nostra DivX Player
-CVE-2006-6443 (Buffer overflow in the Novell Distributed Print Services (NDPS) Print ...)
+CVE-2006-6443
 	NOT-FOR-US: Novell Distributed Print Services
-CVE-2006-6442 (Stack-based buffer overflow in the SetClientInfo function in the ...)
+CVE-2006-6442
 	NOT-FOR-US: America Online
-CVE-2006-6441 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...)
+CVE-2006-6441
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6440 (Multiple unspecified vulnerabilities in Xerox WorkCentre and ...)
+CVE-2006-6440
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6439 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...)
+CVE-2006-6439
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6438 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...)
+CVE-2006-6438
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6437 (ops3-dmn in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, ...)
+CVE-2006-6437
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6436 (Cross-site scripting (XSS) vulnerability in the Network controller in ...)
+CVE-2006-6436
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6435 (The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before ...)
+CVE-2006-6435
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6434 (Unspecified vulnerability in the Web User Interface in Xerox ...)
+CVE-2006-6434
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6433 (Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before ...)
+CVE-2006-6433
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6432 (Unspecified vulnerability in the Scan-to-mailbox feature in Xerox ...)
+CVE-2006-6432
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6431 (Unspecified vulnerability in Xerox WorkCentre and WorkCentre Pro ...)
+CVE-2006-6431
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6430 (Web services in Xerox WorkCentre and WorkCentre Pro before ...)
+CVE-2006-6430
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6429 (Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before ...)
+CVE-2006-6429
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6428 (Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before ...)
+CVE-2006-6428
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6427 (The Web User Interface in Xerox WorkCentre and WorkCentre Pro before ...)
+CVE-2006-6427
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6426 (PHP remote file inclusion vulnerability in design/thinkedit/render.php ...)
+CVE-2006-6426
 	NOT-FOR-US: ThinkEdit
-CVE-2006-6425 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell ...)
+CVE-2006-6425
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6424 (Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow ...)
+CVE-2006-6424
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6423 (Stack-based buffer overflow in the IMAP service for MailEnable ...)
+CVE-2006-6423
 	NOT-FOR-US: MailEnable
-CVE-2006-6422 (Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle ...)
+CVE-2006-6422
 	NOT-FOR-US: AgileBill AgileVoice
-CVE-2006-6421 (Cross-site scripting (XSS) vulnerability in the private message box ...)
+CVE-2006-6421
 	- phpbb2 2.0.21-6 (medium)
 	[sarge] - phpbb2 <not-affected>
-CVE-2006-6420 (Multiple cross-site scripting (XSS) vulnerabilities in jce.php in the ...)
+CVE-2006-6420
 	NOT-FOR-US: Joomla Content Editor (JCE)
-CVE-2006-6419 (jce.php in the JCE Admin Component in Ryan Demmer Joomla Content ...)
+CVE-2006-6419
 	NOT-FOR-US: Joomla Content Editor (JCE)
-CVE-2006-6418 (Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 ...)
+CVE-2006-6418
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2006-6417 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6417
 	- b2evolution <not-affected> (vulnerable code added later)
-CVE-2006-6416 (Multiple PHP remote file inclusion vulnerabilities in PhpLeague - ...)
+CVE-2006-6416
 	NOT-FOR-US: PhpLeague
-CVE-2006-6415 (** DISPUTED ** ...)
+CVE-2006-6415
 	NOT-FOR-US: phpAdsNew
-CVE-2006-6414 (Multiple SQL injection vulnerabilities in dettaglio.asp in dol storye ...)
+CVE-2006-6414
 	NOT-FOR-US: dol storye
-CVE-2006-6413 (Cross-site scripting (XSS) vulnerability in Amateras sns 3.11 and ...)
+CVE-2006-6413
 	NOT-FOR-US: Amateras sns
 CVE-2006-6412
 	RESERVED
-CVE-2006-6411 (PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows ...)
+CVE-2006-6411
 	NOT-FOR-US: Linksys
-CVE-2006-6410 (Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local ...)
+CVE-2006-6410
 	NOT-FOR-US: VMWare
-CVE-2006-6409 (F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to ...)
+CVE-2006-6409
 	NOT-FOR-US: F-Secure
-CVE-2006-6408 (Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote ...)
+CVE-2006-6408
 	NOT-FOR-US: Kaspersky
-CVE-2006-6407 (F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote ...)
+CVE-2006-6407
 	NOT-FOR-US: F-Prot
-CVE-2006-6406 (Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus ...)
+CVE-2006-6406
 	{DSA-1238-1}
 	- clamav 0.88.7-1 (medium; bug #401873)
-CVE-2006-6405 (BitDefender Mail Protection for SMB 2.0 allows remote attackers to ...)
+CVE-2006-6405
 	NOT-FOR-US: BitDefender
-CVE-2006-6404 (INNOVATION Data Processing FDR/UPSTREAM 3.3.0 (GA Oct 2003) allows ...)
+CVE-2006-6404
 	NOT-FOR-US: Innovation Data Processing's FDR Backup
-CVE-2006-6403 (mystats.php in MyStats 1.0.8 and earlier allows remote attackers to ...)
+CVE-2006-6403
 	NOT-FOR-US: MyStats
-CVE-2006-6402 (SQL injection vulnerability in mystats.php in MyStats 1.0.8 and ...)
+CVE-2006-6402
 	NOT-FOR-US: MyStats
-CVE-2006-6401 (Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in ...)
+CVE-2006-6401
 	NOT-FOR-US: MyStats
-CVE-2006-6400 (Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer ...)
+CVE-2006-6400
 	NOT-FOR-US: JustSystems
-CVE-2006-6399 (SQL injection vulnerability in Superfreaker Studios UPublisher 1.0 ...)
+CVE-2006-6399
 	NOT-FOR-US: Superfreaker Studios UPublisher
-CVE-2006-6398 (Multiple SQL injection vulnerabilities in Superfreaker Studios ...)
+CVE-2006-6398
 	NOT-FOR-US: Superfreaker Studios UPublisher
-CVE-2006-6397 (** DISPUTED ** ...)
+CVE-2006-6397
 	NOTE: not a vuln
-CVE-2006-6396 (Stack-based buffer overflow in BlazeVideo HDTV Player 2.1, and ...)
+CVE-2006-6396
 	NOT-FOR-US: BlazeVideo HDTV Player
-CVE-2006-6395 (Multiple memory leaks in Ulrik Petersen Emdros Database Engine before ...)
+CVE-2006-6395
 	NOT-FOR-US: Ulrik Petersen Emdros Database Engine
-CVE-2006-6394 (SQL injection vulnerability in certain database classes in Jonas ...)
+CVE-2006-6394
 	NOT-FOR-US: Jonas Gauffin Publicera
-CVE-2006-6393 (Cross-site scripting (XSS) vulnerability in Jonas Gauffin Publicera ...)
+CVE-2006-6393
 	NOT-FOR-US: Jonas Gauffin Publicera
-CVE-2006-6392 (Directory traversal vulnerability in index.php in plx Web Studio (aka ...)
+CVE-2006-6392
 	NOT-FOR-US: plxWebDev
-CVE-2006-6391 (Multiple directory traversal vulnerabilities in Open Solution ...)
+CVE-2006-6391
 	NOT-FOR-US: Open Solution Quick.Cart
-CVE-2006-6390 (Multiple directory traversal vulnerabilities in Open Solution ...)
+CVE-2006-6390
 	NOT-FOR-US: Open Solution Quick.Cart
-CVE-2006-6389 (Multiple cross-site scripting (XSS) vulnerabilities in ac4p Mobile ...)
+CVE-2006-6389
 	NOT-FOR-US: ac4p Mobile
-CVE-2006-6388 (Cross-site scripting (XSS) vulnerability in naprednaPretraga.php in ...)
+CVE-2006-6388
 	NOT-FOR-US: LINK Content Management Server
-CVE-2006-6387 (Multiple SQL injection vulnerabilities in LINK Content Management ...)
+CVE-2006-6387
 	NOT-FOR-US: LINK Content Management Server
-CVE-2006-6386 (Cross-site scripting (XSS) vulnerability in the CVS management/tracker ...)
+CVE-2006-6386
 	NOT-FOR-US: CVS management/tracker (drupal plugin)
-CVE-2006-6384 (Absolute path traversal vulnerability in abitwhizzy.php before ...)
+CVE-2006-6384
 	NOT-FOR-US: abitwhizzy.php
-CVE-2006-6383 (PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and ...)
+CVE-2006-6383
 	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: safe-mode and basedir violations not treated as security issues
-CVE-2006-6382 (The control panel for Positive Software H-Sphere before 2.5.0 RC3 ...)
+CVE-2006-6382
 	NOT-FOR-US: Positive Software H-Sphere
-CVE-2006-6381 (Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk ...)
+CVE-2006-6381
 	NOT-FOR-US: Ultimate HelpDesk
-CVE-2006-6380 (Cross-site scripting (XSS) vulnerability in index.asp in Ultimate ...)
+CVE-2006-6380
 	NOT-FOR-US: Ultimate HelpDesk
-CVE-2006-6379 (Buffer overflow in the BrightStor Backup Discovery Service in multiple ...)
+CVE-2006-6379
 	NOT-FOR-US: BrightStor Backup Discovery Service
-CVE-2006-6378 (BTSaveMySql 1.2 stores sensitive data under the web root with ...)
+CVE-2006-6378
 	NOT-FOR-US: BTSaveMySql
-CVE-2006-6377 (Uploadscript 1.2 and earlier stores sensitive data under the web root ...)
+CVE-2006-6377
 	NOT-FOR-US: Uploadscript
-CVE-2006-6376 (Multiple directory traversal vulnerabilities in fm.php in Simple File ...)
+CVE-2006-6376
 	NOT-FOR-US: Simple File Manager
-CVE-2006-6375 (Cross-site scripting (XSS) vulnerability in display.php in Simple ...)
+CVE-2006-6375
 	NOT-FOR-US: Simple machines Forum
-CVE-2006-6374 (Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow ...)
+CVE-2006-6374
 	- phpmyadmin <not-affected> (low; bug #404744)
 	[sarge] - phpmyadmin <not-affected> (doesn't use sessions at all)
 	[etch] - phpmyadmin <not-affected> (not exploitable with Etch's php versions)
 	NOTE: not exploitable with PHP 5.1.2+ and 4.4.2+
-CVE-2006-6373 (PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive ...)
+CVE-2006-6373
 	- phpmyadmin <unfixed> (unimportant)
 	NOTE: path is known in Debian anyway
-CVE-2006-6372 (Multiple cross-site scripting (XSS) vulnerabilities in pbguestbook.php ...)
+CVE-2006-6372
 	NOT-FOR-US: JAB Guest Book
-CVE-2006-6371 (Cross-site scripting (XSS) vulnerability in pbguestbook.php in JAB ...)
+CVE-2006-6371
 	NOT-FOR-US: JAB Guest Book
-CVE-2006-6370 (SQL injection vulnerability in forum/modules/gallery/post.php in ...)
+CVE-2006-6370
 	NOT-FOR-US: Invision Gallery
-CVE-2006-6369 (SQL injection vulnerability in lib/entry_reply_entry.php in Invision ...)
+CVE-2006-6369
 	NOT-FOR-US: Invision Community Blog Mod
-CVE-2006-6385 (Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and ...)
+CVE-2006-6385
 	NOT-FOR-US: Affects only Windows despite other claims
-CVE-2006-6368 (PHP remote file inclusion vulnerability in login.php.inc in awrate 1.0 ...)
+CVE-2006-6368
 	NOT-FOR-US: awrate
-CVE-2006-6367 (Multiple SQL injection vulnerabilities in detail.asp in DUware ...)
+CVE-2006-6367
 	NOT-FOR-US: Duware
-CVE-2006-6366 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-6366
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-6365 (SQL injection vulnerability in detail.asp in DUware DUpaypal 3.1, and ...)
+CVE-2006-6365
 	NOT-FOR-US: Duware
-CVE-2006-6364 (Cross-site scripting (XSS) vulnerability in error.php in Inside ...)
+CVE-2006-6364
 	NOT-FOR-US: Inside Systems Mail (ISMail)
-CVE-2006-6363 (Cross-site scripting (XSS) vulnerability in admin.pl in BlueSocket ...)
+CVE-2006-6363
 	NOT-FOR-US: BlueSocket Secure Controller
 CVE-2006-6362
 	REJECTED
-CVE-2006-6361 (Heap-based buffer overflow in the uploadprogress_php_rfc1867_file ...)
+CVE-2006-6361
 	NOT-FOR-US: Bitflux Upload Progress Mete
-CVE-2006-6360 (PHP remote file inclusion vulnerability in activate.php in PHP Upload ...)
+CVE-2006-6360
 	NOT-FOR-US: PHP Upload Center
-CVE-2006-6359 (Cross-site scripting (XSS) vulnerability in Stefan Frech ...)
+CVE-2006-6359
 	NOT-FOR-US: Stefan Frech online-bookmarks
-CVE-2006-6358 (SQL injection vulnerability in the login function in auth.inc in ...)
+CVE-2006-6358
 	NOT-FOR-US: Stefan Frech online-bookmarks
-CVE-2006-6357 (Cross-site scripting (XSS) vulnerability in templates/cat_temp.php in ...)
+CVE-2006-6357
 	NOT-FOR-US: PHPNews
-CVE-2006-6356 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-6356
 	NOT-FOR-US: PHPNews
-CVE-2006-6355 (SQL injection vulnerability in default.asp in DuWare DuClassmate ...)
+CVE-2006-6355
 	NOT-FOR-US: DuWare
-CVE-2006-6354 (Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews ...)
+CVE-2006-6354
 	NOT-FOR-US: DuWare
-CVE-2006-6353 (Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X ...)
+CVE-2006-6353
 	NOT-FOR-US: Mac OS X
-CVE-2006-6352 (FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted ...)
+CVE-2006-6352
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2006-6351 (KhaledMuratList stores sensitive data under the web root with ...)
+CVE-2006-6351
 	NOT-FOR-US: KhaledMuratList
-CVE-2006-6350 (listpics 5 stores sensitive data under the web root with insufficient ...)
+CVE-2006-6350
 	NOT-FOR-US: listpics 5
-CVE-2006-6349 (Multiple SQL injection vulnerabilities in PWP Technologies The ...)
+CVE-2006-6349
 	NOT-FOR-US: PWP Technologies The Classified Ad System
-CVE-2006-6348 (Cross-site scripting (XSS) vulnerability in board.php in mowdBB RC-6 ...)
+CVE-2006-6348
 	NOT-FOR-US: mowdBB
-CVE-2006-6347 (Unrestricted file upload vulnerability in TFT-Gallery allows remote ...)
+CVE-2006-6347
 	NOT-FOR-US: TFT-Gallery
-CVE-2006-6346 (Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 ...)
+CVE-2006-6346
 	NOT-FOR-US: SAP
-CVE-2006-6345 (Directory traversal vulnerability in SAP Internet Graphics Service ...)
+CVE-2006-6345
 	NOT-FOR-US: SAP
-CVE-2006-6344 (Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and ...)
+CVE-2006-6344
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-6343 (SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and ...)
+CVE-2006-6343
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-6342 (Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. ...)
+CVE-2006-6342
 	NOT-FOR-US: KLF-DESIGN
-CVE-2006-6341 (Multiple PHP remote file inclusion vulnerabilities in mg.applanix ...)
+CVE-2006-6341
 	NOT-FOR-US: mg.applanix
-CVE-2006-6340 (keystone.exe in nVIDIA nView allows attackers to cause a denial of ...)
+CVE-2006-6340
 	NOT-FOR-US: nVIDIA nView
-CVE-2006-6339 (SQL injection vulnerability in sites/index.php in deV!L`z Clanportal ...)
+CVE-2006-6339
 	NOT-FOR-US: deV!L`z Clanportal
-CVE-2006-6338 (Unrestricted file upload vulnerability in upload/index.php in deV!L`z ...)
+CVE-2006-6338
 	NOT-FOR-US: deV!L`z Clanportal
-CVE-2006-6337 (Multiple SQL injection vulnerabilities in giris.asp in Aspee and ...)
+CVE-2006-6337
 	NOT-FOR-US: Aspee Ziyaretci Defteri
-CVE-2006-6336 (Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) ...)
+CVE-2006-6336
 	NOT-FOR-US: Eudora WorldMail
-CVE-2006-6335 (Multiple buffer overflows in Sophos Anti-Virus scanning engine before ...)
+CVE-2006-6335
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2006-6334 (Heap-based buffer overflow in the SendChannelData function in wfica.ocx in ...)
+CVE-2006-6334
 	NOT-FOR-US: Citrix Presentation Server Client
-CVE-2006-6333 (The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the ...)
+CVE-2006-6333
 	- linux-2.6 2.6.20-1
 	[etch] - linux-2.6 <not-affected> (Only affects 2.6.19, introduced after 2.6.18)
-CVE-2006-6332 (Stack-based buffer overflow in net80211/ieee80211_wireless.c in ...)
+CVE-2006-6332
 	- madwifi 1:0.9.2+r1842.20061207-2 (high; bug #402836; bug #402111)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-6331 (metaInfo.php in TorrentFlux 2.2, when $cfg[&quot;enable_file_priority&quot;] is ...)
+CVE-2006-6331
 	- torrentflux 2.1-7 (bug #400582; medium)
-CVE-2006-6330 (index.php for TorrentFlux 2.2 allows remote registered users to ...)
+CVE-2006-6330
 	- torrentflux 2.1-6 (bug #399169; medium)
-CVE-2006-6329 (index.php for TorrentFlux 2.2 allows remote attackers to delete files ...)
+CVE-2006-6329
 	- torrentflux 2.1-6 (bug #399169)
-CVE-2006-6328 (Directory traversal vulnerability in index.php for TorrentFlux 2.2 ...)
+CVE-2006-6328
 	- torrentflux 2.1-5 (bug #395930; medium)
 	NOTE: duplicate of CVE-2006-5609
 CVE-2006-6327
@@ -2123,7 +2123,7 @@ CVE-2006-6320
 	RESERVED
 CVE-2006-6319
 	RESERVED
-CVE-2006-6318 (The show_elog_list function in elogd.c in elog 2.6.2 and earlier ...)
+CVE-2006-6318
 	{DSA-1242-1}
 	- elog 2.6.2+r1754-1
 CVE-2006-6317
@@ -2138,459 +2138,459 @@ CVE-2006-6313
 	RESERVED
 CVE-2006-6312
 	RESERVED
-CVE-2006-6311 (Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to ...)
+CVE-2006-6311
 	NOT-FOR-US: Microsoft
-CVE-2006-6310 (Microsoft Internet Explorer 6.0 SP1 and earlier allows remote ...)
+CVE-2006-6310
 	NOT-FOR-US: Microsoft
-CVE-2006-6309 (Multiple array index errors in IBM Tivoli Storage Manager (TSM) before ...)
+CVE-2006-6309
 	NOT-FOR-US: Tivoli
-CVE-2006-6308 (** DISPUTED ** ...)
+CVE-2006-6308
 	NOT-FOR-US: Symantec LiveState
-CVE-2006-6307 (srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote ...)
+CVE-2006-6307
 	NOT-FOR-US: Novell Netware
-CVE-2006-6306 (Format string vulnerability in Novell Modular Authentication Services ...)
+CVE-2006-6306
 	NOT-FOR-US: Novell Netware
-CVE-2006-6305 (Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when ...)
+CVE-2006-6305
 	- net-snmp <not-affected> (Only affects version 5.3.0)
-CVE-2006-6304 (The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets ...)
+CVE-2006-6304
 	- linux-2.6 <not-affected> (Only affects plain 2.6.19)
-CVE-2006-6303 (The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not ...)
+CVE-2006-6303
 	NOTE: http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/
 	- ruby1.8 1.8.5-4 (low)
-CVE-2006-6300 (Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows ...)
+CVE-2006-6300
 	NOT-FOR-US: CuteNews
-CVE-2006-6299 (Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management ...)
+CVE-2006-6299
 	NOT-FOR-US: Novell ZENworks
-CVE-2006-6298 (SQL injection vulnerability in uye_giris_islem.asp in Metyus Okul ...)
+CVE-2006-6298
 	NOT-FOR-US: Metyus Okul Yonetim Sistemi
-CVE-2006-6297 (Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin ...)
+CVE-2006-6297
 	- kdegraphics <unfixed> (unimportant)
 	NOTE: Generic bug, treating it as a security problem is quite a stretch
-CVE-2006-6296 (The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) ...)
+CVE-2006-6296
 	NOT-FOR-US: Microsoft
-CVE-2006-6295 (PHP remote file inclusion vulnerability in includes/mx_common.php in ...)
+CVE-2006-6295
 	NOT-FOR-US: MxBB Portal
-CVE-2006-6294 (Multiple unspecified vulnerabilities in FRISK Software F-Prot ...)
+CVE-2006-6294
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2006-6293 (Heap-based buffer overflow in FRISK Software F-Prot Antivirus before ...)
+CVE-2006-6293
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2006-6292 (Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, ...)
+CVE-2006-6292
 	NOT-FOR-US: Apple Airport
-CVE-2006-6291 (Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable ...)
+CVE-2006-6291
 	NOT-FOR-US: MailEnable Professional
-CVE-2006-6290 (Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) ...)
+CVE-2006-6290
 	NOT-FOR-US: MailEnable
-CVE-2006-6289 (Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset ...)
+CVE-2006-6289
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-6288 (Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier ...)
+CVE-2006-6288
 	NOT-FOR-US: Niek Albers CoolPlayer
-CVE-2006-6287 (Stack-based buffer overflow in AtomixMP3 2.3 and earlier allows remote ...)
+CVE-2006-6287
 	NOT-FOR-US: AtomixMP3
-CVE-2006-6286 (Palm Desktop 4.1.4 and earlier stores user data with weak permissions ...)
+CVE-2006-6286
 	NOT-FOR-US: Palm Desktop
-CVE-2006-6285 (** DISPUTED ** ...)
+CVE-2006-6285
 	NOT-FOR-US: Kai Blankenhorn Bitfolge
-CVE-2006-6284 (Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 ...)
+CVE-2006-6284
 	NOT-FOR-US: Vikingboard
-CVE-2006-6283 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard ...)
+CVE-2006-6283
 	NOT-FOR-US: Vikingboard
-CVE-2006-6282 (members.php in Vikingboard 0.1.2 allows remote attackers to trigger a ...)
+CVE-2006-6282
 	NOT-FOR-US: Vikingboard
-CVE-2006-6281 (PHP remote file inclusion vulnerability in check_status.php in ...)
+CVE-2006-6281
 	NOT-FOR-US: dicshunary
-CVE-2006-6280 (SQL injection vulnerability in viewthread.php in Oxygen (O2PHP ...)
+CVE-2006-6280
 	NOT-FOR-US: Oxygen (O2PHP Bulletin Board)
-CVE-2006-6279 (index.php in @lex Guestbook 4.0.1 allows remote attackers to obtain ...)
+CVE-2006-6279
 	NOT-FOR-US: @lex Guestbook
-CVE-2006-6278 (Cross-site scripting (XSS) vulnerability in index.php in @lex ...)
+CVE-2006-6278
 	NOT-FOR-US: @lex Guestbook
-CVE-2006-6277 (Directory traversal vulnerability in admin/FileServer.php in ...)
+CVE-2006-6277
 	NOT-FOR-US: ContentServ
-CVE-2006-6276 (HTTP request smuggling vulnerability in Sun Java System Proxy Server ...)
+CVE-2006-6276
 	NOT-FOR-US: Sun Java System Proxy Server
-CVE-2006-6275 (Race condition in the kernel in Sun Solaris 8 through 10 allows local ...)
+CVE-2006-6275
 	NOT-FOR-US: Solaris
-CVE-2006-6274 (SQL injection vulnerability in articles.asp in Expinion.net iNews (1) ...)
+CVE-2006-6274
 	NOT-FOR-US: Expinion.net iNews
-CVE-2006-6302 (fail2ban 0.7.4 and earlier does not properly parse sshd log files, ...)
+CVE-2006-6302
 	- fail2ban <not-affected> (looks fixed in 0.6, see #401793)
-CVE-2006-6301 (DenyHosts 2.5 does not properly parse sshd log files, which allows ...)
+CVE-2006-6301
 	- denyhosts 2.6-1 (medium; bug #401795)
-CVE-2006-6273 (sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to ...)
+CVE-2006-6273
 	NOT-FOR-US: Simple PHP Gallery
-CVE-2006-6272 (Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP ...)
+CVE-2006-6272
 	NOT-FOR-US: Simple PHP Gallery
-CVE-2006-6271 (Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL 0.96 ...)
+CVE-2006-6271
 	NOT-FOR-US: PHPOLL
-CVE-2006-6270 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...)
+CVE-2006-6270
 	NOT-FOR-US: ASPMForum
-CVE-2006-6269 (Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM ...)
+CVE-2006-6269
 	NOT-FOR-US: Infinitytechs Restaurants CM
-CVE-2006-6268 (SQL injection vulnerability in system/core/profile/profile.inc.php in ...)
+CVE-2006-6268
 	NOT-FOR-US: Neocrome Land Down Under
-CVE-2006-6267 (PostNuke 0.7.5.0, and certain minor versions, allows remote attackers ...)
+CVE-2006-6267
 	NOT-FOR-US: PostNuke
-CVE-2006-6266 (Teredo clients, when following item 6 of RFC4380 section 5.2.3, start ...)
+CVE-2006-6266
 	NOTE: It seems that no significant packet amplification takes place.
 	NOTE: Probably harmless.
-CVE-2006-6265 (Teredo clients, when located behind a restricted NAT, allow remote ...)
+CVE-2006-6265
 	NOTE: Potential firewall bypass is inherent to tunneling software.
 	NOTE: Not a bug.
-CVE-2006-6264 (Teredo creates trusted peer entries for arbitrary incoming source ...)
+CVE-2006-6264
 	NOTE: Potential firewall bypass is inherent to tunneling software.
 	NOTE: Not a bug.
-CVE-2006-6263 (Teredo clients, when source routing is enabled, recognize a Routing ...)
+CVE-2006-6263
 	NOTE: Potential firewall bypass is inherent to tunneling software.
 	NOTE: Not a bug.
-CVE-2006-6262 (Directory traversal vulnerability in mboard.php in PHPJunkYard (aka ...)
+CVE-2006-6262
 	NOT-FOR-US: PHPJunkYard MBoard
-CVE-2006-6261 (Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows ...)
+CVE-2006-6261
 	NOT-FOR-US: Quintessential Player
-CVE-2006-6260 (SQL injection vulnerability in login.asp in Redbinaria Sistema ...)
+CVE-2006-6260
 	NOT-FOR-US: Redbinaria Sistema Integrado de Administracion de Portales (SIAP)
-CVE-2006-6259 (Multiple directory traversal vulnerabilities in (a) ...)
+CVE-2006-6259
 	NOT-FOR-US: AlternC
-CVE-2006-6258 (The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the ...)
+CVE-2006-6258
 	NOT-FOR-US: AlternC
-CVE-2006-6257 (The file manager in AlternC 0.9.5 and earlier, when warnings are ...)
+CVE-2006-6257
 	NOT-FOR-US: AlternC
-CVE-2006-6256 (Cross-site scripting (XSS) vulnerability in the file manager in ...)
+CVE-2006-6256
 	NOT-FOR-US: AlternC
-CVE-2006-6255 (Direct static code injection vulnerability in util.php in the NukeAI ...)
+CVE-2006-6255
 	NOT-FOR-US: NukeAI
-CVE-2006-6254 (administration/telecharger.php in Cahier de texte 2.0 allows remote ...)
+CVE-2006-6254
 	NOT-FOR-US: Cahier de texte
-CVE-2006-6253 (Cahier de texte 2.0 stores sensitive information under the web root, ...)
+CVE-2006-6253
 	NOT-FOR-US: Cahier de texte
-CVE-2006-6252 (Microsoft Windows Live Messenger 8.0 and earlier, when gestual ...)
+CVE-2006-6252
 	NOT-FOR-US: Microsoft Windows Live Messenger
-CVE-2006-6251 (Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote ...)
+CVE-2006-6251
 	NOT-FOR-US: VUPlayer
-CVE-2006-6250 (Format string vulnerability in Songbird Media Player 0.2 and earlier ...)
+CVE-2006-6250
 	NOT-FOR-US: Songbird Media Player
-CVE-2006-6249 (Cross-site scripting (XSS) vulnerability in Chama Cargo 4.36 and ...)
+CVE-2006-6249
 	NOT-FOR-US: Chama Cargo
-CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain sensitive ...)
+CVE-2006-6248
 	NOT-FOR-US: GPhotos
-CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery ...)
+CVE-2006-6247
 	NOT-FOR-US: UPhotoGallery
-CVE-2006-6246 (Photo Organizer 2.32b and earlier does not properly check the ...)
+CVE-2006-6246
 	NOT-FOR-US: Photo Organizer
-CVE-2006-6245 (Multiple SQL injection vulnerabilities in Photo Organizer (PO) 2.32b ...)
+CVE-2006-6245
 	NOT-FOR-US: Photo Organizer
-CVE-2006-6244 (Coalescent Systems freePBX (formerly Asterisk Management Portal) ...)
+CVE-2006-6244
 	NOT-FOR-US: Coalescent Systems freePBX
-CVE-2006-6243 (Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow ...)
+CVE-2006-6243
 	NOT-FOR-US: FipsSHOP
-CVE-2006-6242 (Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and ...)
+CVE-2006-6242
 	- serendipity 1.0.4-1 (unimportant; bug #401614)
 	NOTE: Only exploitable with register_globals
-CVE-2006-6241 (Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to ...)
+CVE-2006-6241
 	NOT-FOR-US: Sorin Chitu Telnet-FTP Server
-CVE-2006-6240 (Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 ...)
+CVE-2006-6240
 	NOT-FOR-US: Sorin Chitu Telnet-FTP Server
-CVE-2006-6239 (webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise ...)
+CVE-2006-6239
 	NOT-FOR-US: MailEnable NetWebAdmin
-CVE-2006-6238 (The AutoFill feature in Apple Safari 2.0.4 does not properly verify ...)
+CVE-2006-6238
 	NOT-FOR-US: Apple Safari
-CVE-2006-6237 (SQL injection vulnerability in the decode_cookie function in ...)
+CVE-2006-6237
 	NOT-FOR-US: Woltlab Burning Board Lite
-CVE-2006-6236 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote ...)
+CVE-2006-6236
 	NOT-FOR-US: Acrobat Reader
-CVE-2006-6235 (A &quot;stack overwrite&quot; vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x ...)
+CVE-2006-6235
 	{DSA-1231-1}
 	- gnupg 1.4.6-1 (high; bug #401894; bug #401898; bug #401914)
 	- gnupg2 2.0.0-5.2 (high; bug #401895; bug #401913)
-CVE-2006-6234 (Multiple SQL injection vulnerabilities in the Content module in ...)
+CVE-2006-6234
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-6233 (SQL injection vulnerability in the Downloads module for unknown ...)
+CVE-2006-6233
 	NOT-FOR-US: PostNuke
-CVE-2006-6232 (PHP remote file inclusion vulnerability in admin/index.php in ...)
+CVE-2006-6232
 	NOT-FOR-US: DreamAccount
-CVE-2006-6231 (vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2006-6231
 	NOT-FOR-US: VuBB
-CVE-2006-6230 (SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote ...)
+CVE-2006-6230
 	NOT-FOR-US: VuBB
-CVE-2006-6229 (Codewalkers ltwCalendar (aka PHP Event Calendar) before 4.2.1 logs ...)
+CVE-2006-6229
 	NOT-FOR-US: Codewalkers ltwCalendar
-CVE-2006-6228 (Cross-site scripting (XSS) vulnerability in Codewalkers ltwCalendar ...)
+CVE-2006-6228
 	NOT-FOR-US: Codewalkers ltwCalendar
-CVE-2006-6227 (The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and ...)
+CVE-2006-6227
 	NOT-FOR-US: NeoEngine
-CVE-2006-6226 (Multiple format string vulnerabilities in NeoEngine 0.8.2 and earlier, ...)
+CVE-2006-6226
 	NOT-FOR-US: NeoEngine
-CVE-2006-6225 (Multiple PHP remote file inclusion vulnerabilities in GeekLog 1.4 ...)
+CVE-2006-6225
 	NOT-FOR-US: GeekLog
-CVE-2006-6224 (PHP remote file inclusion vulnerability in the installation scripts in ...)
+CVE-2006-6224
 	NOT-FOR-US: Puntal
-CVE-2006-6223 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
+CVE-2006-6223
 	NOT-FOR-US: Google Search Appliance
-CVE-2006-6222 (Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in ...)
+CVE-2006-6222
 	NOT-FOR-US: Symantec Veritas NetBackup
-CVE-2006-6221 (2X ThinClientServer Enterprise Edition before 4.0.2248 allows remote ...)
+CVE-2006-6221
 	NOT-FOR-US: 2X ThinClientServer Enterprise Edition
-CVE-2006-6220 (Multiple SQL injection vulnerabilities in Recipes Website (Recipes ...)
+CVE-2006-6220
 	NOT-FOR-US: Recipes Complete Website
-CVE-2006-6219 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-6219
 	NOT-FOR-US: dev4u CMS
-CVE-2006-6218 (Multiple SQL injection vulnerabilities in index.php in dev4u CMS allow ...)
+CVE-2006-6218
 	NOT-FOR-US: dev4u CMS
-CVE-2006-6217 (PHP remote file inclusion vulnerability in formdisp.php in the Mermaid ...)
+CVE-2006-6217
 	NOT-FOR-US: Mermaid module for PHP-NUKE
-CVE-2006-6216 (SQL injection vulnerability in admin_hacks_list.php in the Nivisec ...)
+CVE-2006-6216
 	NOT-FOR-US: Nivisec Hacks List
-CVE-2006-6215 (Multiple SQL injection vulnerabilities in Wallpaper Website (Wallpaper ...)
+CVE-2006-6215
 	NOT-FOR-US: Wallpaper Complete Website
-CVE-2006-6214 (SQL injection vulnerability in wallpaper.php in Wallpaper Website ...)
+CVE-2006-6214
 	NOT-FOR-US: Wallpaper Complete Website
-CVE-2006-6213 (index.php in PEGames uses the extract function to overwrite critical ...)
+CVE-2006-6213
 	NOT-FOR-US: PEGames
-CVE-2006-6212 (PHP remote file inclusion vulnerability in centre.php in Site News ...)
+CVE-2006-6212
 	NOT-FOR-US: Site News
-CVE-2006-6211 (Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4.0 ...)
+CVE-2006-6211
 	NOT-FOR-US: BirdBlog
-CVE-2006-6210 (SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows ...)
+CVE-2006-6210
 	NOT-FOR-US: ASP ListPics
-CVE-2006-6209 (Multiple SQL injection vulnerabilities in MidiCart ASP Shopping Cart ...)
+CVE-2006-6209
 	NOT-FOR-US: MidiCart ASP Shopping Cart
-CVE-2006-6208 (Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds ...)
+CVE-2006-6208
 	NOT-FOR-US: Enthreallweb eClassifieds
-CVE-2006-6207 (** DISPUTED ** ...)
+CVE-2006-6207
 	NOT-FOR-US: Evolve Merchant
-CVE-2006-6206 (SQL injection vulnerability in item.asp in WarHound General Shopping ...)
+CVE-2006-6206
 	NOT-FOR-US: WarHound General Shopping Cart
-CVE-2006-6205 (Multiple cross-site scripting (XSS) vulnerabilities in result.asp in ...)
+CVE-2006-6205
 	NOT-FOR-US: Enthrallweb eHomes
-CVE-2006-6204 (Multiple SQL injection vulnerabilities in Enthrallweb eHomes allow ...)
+CVE-2006-6204
 	NOT-FOR-US: Enthrallweb eHomes
-CVE-2006-6203 (Directory traversal vulnerability in startdown.php in the Flyspray ME ...)
+CVE-2006-6203
 	NOT-FOR-US: Flyspray componenten for Mamba, this appears to be different from the Flyspray bug tracker
-CVE-2006-6202 (PHP remote file inclusion vulnerability in modules/NukeAI/util.php in ...)
+CVE-2006-6202
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-6201 (Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by ...)
+CVE-2006-6201
 	NOT-FOR-US: Borland idsql32.dll
-CVE-2006-6200 (Multiple SQL injection vulnerabilities in the (1) rate_article and (2) ...)
+CVE-2006-6200
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-6199 (Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and ...)
+CVE-2006-6199
 	NOT-FOR-US: BlazeVideo BlazeDVD
-CVE-2006-6198 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost ...)
+CVE-2006-6198
 	NOT-FOR-US: cPanel
-CVE-2006-6197 (Multiple cross-site scripting (XSS) vulnerabilities in b2evolution ...)
+CVE-2006-6197
 	- b2evolution <not-affected> (0.9 releases not vulnerable)
-CVE-2006-6196 (Cross-site scripting (XSS) vulnerability in the search functionality ...)
+CVE-2006-6196
 	NOT-FOR-US: Fixit iDMS Pro Image Gallery
-CVE-2006-6195 (Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery ...)
+CVE-2006-6195
 	NOT-FOR-US: Fixit iDMS Pro Image Gallery
-CVE-2006-6194 (Multiple SQL injection vulnerabilities in index.asp in Ultimate Survey ...)
+CVE-2006-6194
 	NOT-FOR-US: Ultimate Survey Pro
-CVE-2006-6193 (SQL injection vulnerability in edit.asp in BasicForum 1.1 and earlier ...)
+CVE-2006-6193
 	NOT-FOR-US: BasicForum
-CVE-2006-6192 (Unspecified scripts in the admin directory in 8pixel.net SimpleBlog ...)
+CVE-2006-6192
 	NOT-FOR-US: 8pixel.net SimpleBlog
-CVE-2006-6191 (SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog ...)
+CVE-2006-6191
 	NOT-FOR-US: 8pixel.net SimpleBlog
-CVE-2006-6190 (SQL injection vulnerability in anna.pl in Anna^ IRC Bot before 0.30 ...)
+CVE-2006-6190
 	NOT-FOR-US: Anna^ IRC Bot
-CVE-2006-6189 (SQL injection vulnerability in displayCalendar.asp in ClickTech Click ...)
+CVE-2006-6189
 	NOT-FOR-US: ClickTech Click Blog
-CVE-2006-6188 (Cross-site scripting (XSS) vulnerability in view_search.asp in ...)
+CVE-2006-6188
 	NOT-FOR-US: ClickTech Click Gallery
-CVE-2006-6187 (Multiple SQL injection vulnerabilities in ClickTech Click Gallery ...)
+CVE-2006-6187
 	NOT-FOR-US: ClickTech Click Gallery
-CVE-2006-6186 (Multiple directory traversal vulnerabilities in enomphp 4.0 allow ...)
+CVE-2006-6186
 	NOT-FOR-US: enomphp
-CVE-2006-6185 (Directory traversal vulnerability in script.php in Wabbit PHP Gallery ...)
+CVE-2006-6185
 	NOT-FOR-US: Wabbit PHP Gallery
-CVE-2006-6184 (Multiple stack-based buffer overflows in Allied Telesyn TFTP Server ...)
+CVE-2006-6184
 	NOT-FOR-US: Allied Telesyn TFTP Server
-CVE-2006-6183 (Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and ...)
+CVE-2006-6183
 	NOT-FOR-US: 3Com 3CTftpSvc
-CVE-2006-6182 (The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop ...)
+CVE-2006-6182
 	NOT-FOR-US: Gabriele Teotino GNotebook
-CVE-2006-6181 (Multiple SQL injection vulnerabilities in default.asp in ClickTech ...)
+CVE-2006-6181
 	NOT-FOR-US: ClickTech ClickContact
-CVE-2006-6180 (Cross-site scripting (XSS) vulnerability in articles.asp in ...)
+CVE-2006-6180
 	NOT-FOR-US: iNews Publisher
-CVE-2006-6179 (Buffer overflow in ...)
+CVE-2006-6179
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2006-6178 (Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for ...)
+CVE-2006-6178
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2006-XXXX [libxslt segfault / DoS]
 	- libxslt 1.1.19-1 (low)
 	[sarge] - libxslt <not-affected> (vulnerability added later)
-CVE-2006-6177 (SQL injection vulnerability in system/core/users/users.profile.inc.php ...)
+CVE-2006-6177
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-6176 (Cross-site scripting (XSS) vulnerability in admin.php in Blogn before ...)
+CVE-2006-6176
 	NOT-FOR-US: Blogn
-CVE-2006-6175 (Directory traversal vulnerability in lib/FBView.php in Horde Kronolith ...)
+CVE-2006-6175
 	- kronolith2 2.1.4-1 (bug #400899; bug #401061)
 	- kronolith <not-affected> (Vulnerable code not present)
-CVE-2006-6174 (Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and ...)
+CVE-2006-6174
 	- tdiary 2.0.2+20060303-4.1 (bug #400447; bug #400650)
-CVE-2006-6173 (Buffer overflow in the shared_region_make_private_np function in ...)
+CVE-2006-6173
 	NOT-FOR-US: Mac OS X
-CVE-2006-6172 (Buffer overflow in the asmrp_eval function in the RealMedia RTSP ...)
+CVE-2006-6172
 	{DSA-1244-1}
 	- xine-lib 1.1.2+dfsg-2 (medium; bug #401740)
 	- mplayer 1.0~rc1-11 (medium)
-CVE-2006-6171 (** DISPUTED ** ...)
+CVE-2006-6171
 	{DSA-1218}
 	- proftpd-dfsg 1.3.0-13 (low; bug #399070)
-CVE-2006-6170 (Buffer overflow in the tls_x509_name_oneline function in the mod_tls ...)
+CVE-2006-6170
 	{DSA-1222-1}
 	- proftpd-dfsg 1.3.0-16 (medium; bug #400793)
-CVE-2006-6168 (tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to ...)
+CVE-2006-6168
 	- tikiwiki 1.9.7+dfsg-1 (low)
-CVE-2006-6167 (** DISPUTED ** ...)
+CVE-2006-6167
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2006-6166 (Cross-site scripting (XSS) vulnerability in jce.php in the JCE Admin ...)
+CVE-2006-6166
 	NOT-FOR-US: Joomla Content Editor (JCE) for Joomla!
-CVE-2006-6165 (** DISPUTED ** ...)
+CVE-2006-6165
 	NOTE: non-issue
-CVE-2006-6164 (The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 ...)
+CVE-2006-6164
 	NOT-FOR-US: OpenBSD
-CVE-2006-6163 (Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in ...)
+CVE-2006-6163
 	- tikiwiki 1.9.7+dfsg-1 (low)
-CVE-2006-6162 (Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php ...)
+CVE-2006-6162
 	- tikiwiki 1.9.7+dfsg-1 (low)
-CVE-2006-6161 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk ...)
+CVE-2006-6161
 	NOT-FOR-US: Doug Luxem Liberum Help Desk
-CVE-2006-6160 (SQL injection vulnerability in details.asp in Doug Luxem Liberum Help ...)
+CVE-2006-6160
 	NOT-FOR-US: Doug Luxem Liberum Help Desk
-CVE-2006-6159 (Multiple cross-site scripting (XSS) vulnerabilities in newticket.php ...)
+CVE-2006-6159
 	NOT-FOR-US: DeskPRO
-CVE-2006-6158 (Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help ...)
+CVE-2006-6158
 	NOT-FOR-US: PMOS Help Desk
-CVE-2006-6157 (SQL injection vulnerability in index.php in ContentNow 1.39 and ...)
+CVE-2006-6157
 	NOT-FOR-US: ContentNow
-CVE-2006-6156 (Cross-site scripting (XSS) vulnerability in auth/message.php in HIOX ...)
+CVE-2006-6156
 	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
-CVE-2006-6155 (Multiple SQL injection vulnerabilities in addrating.php in HIOX Star ...)
+CVE-2006-6155
 	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
-CVE-2006-6154 (PHP remote file inclusion vulnerability in addcode.php in HIOX Star ...)
+CVE-2006-6154
 	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
-CVE-2006-6153 (Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net ...)
+CVE-2006-6153
 	NOT-FOR-US: vSpin.net
-CVE-2006-6152 (Multiple SQL injection vulnerabilities in vSpin.net Classified System ...)
+CVE-2006-6152
 	NOT-FOR-US: vSpin.net
-CVE-2006-6151 (PHP remote file inclusion vulnerability in centre.php in Messagerie ...)
+CVE-2006-6151
 	NOT-FOR-US: Messagerie Locale
-CVE-2006-6150 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-6150
 	NOT-FOR-US: OWLLib
-CVE-2006-6149 (SQL injection vulnerability in index.asp in JiRos FAQ Manager 1.0 ...)
+CVE-2006-6149
 	NOT-FOR-US: JiRos FAQ Manager
-CVE-2006-6148 (Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp ...)
+CVE-2006-6148
 	NOT-FOR-US: JiRos FAQ Manager
-CVE-2006-6147 (Multiple SQL injection vulnerabilities in JiRos Links Manager allow ...)
+CVE-2006-6147
 	NOT-FOR-US: JiRos Links Manager
-CVE-2006-6146 (Buffer overflow in the HPDF_Page_Circle function in ...)
+CVE-2006-6146
 	NOT-FOR-US: libharu
-CVE-2006-6145 (CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in ...)
+CVE-2006-6145
 	NOT-FOR-US: CRYPTOCard
-CVE-2006-6144 (The &quot;mechglue&quot; abstraction interface of the GSS-API library for ...)
+CVE-2006-6144
 	- krb5 <not-affected> (Only 1.5 onwards are vulnerable)
-CVE-2006-6143 (The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through ...)
+CVE-2006-6143
 	- krb5 1.4.4-6 (high)
 	[sarge] - krb5 <not-affected>
-CVE-2006-6142 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail ...)
+CVE-2006-6142
 	{DSA-1241-1}
 	- squirrelmail 2:1.4.9a-1
-CVE-2006-6141 (Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a ...)
+CVE-2006-6141
 	NOT-FOR-US: Tftpd32
-CVE-2006-6140 (PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang ...)
+CVE-2006-6140
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6139 (Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus ...)
+CVE-2006-6139
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6138 (Directory traversal vulnerability in download.php in Sisfo Kampus 0.8 ...)
+CVE-2006-6138
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6137 (Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 ...)
+CVE-2006-6137
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6136 (IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) ...)
+CVE-2006-6136
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-6135 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
+CVE-2006-6135
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-6134 (Heap-based buffer overflow in the WMCheckURLScheme function in ...)
+CVE-2006-6134
 	NOT-FOR-US: Windows Media
-CVE-2006-6133 (Stack-based buffer overflow in Visual Studio Crystal Reports for ...)
+CVE-2006-6133
 	NOT-FOR-US: Business Objects Crystal Reports
-CVE-2006-6132 (Multiple SQL injection vulnerabilities in Link Exchange Lite allow ...)
+CVE-2006-6132
 	NOT-FOR-US: Link Exchange Lite
-CVE-2006-6131 (Untrusted search path vulnerability in (1) WSAdminServer and (2) ...)
+CVE-2006-6131
 	NOT-FOR-US: Kerio WebSTAR
-CVE-2006-6130 (Apple Mac OS X AppleTalk allows local users to cause a denial of ...)
+CVE-2006-6130
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6169 (Heap-based buffer overflow in the ask_outfile_name function in ...)
+CVE-2006-6169
 	{DSA-1231-1}
 	- gnupg 1.4.5-3 (medium; bug #401765)
 	- gnupg2 2.0.0-5.1 (medium; bug #400777)
 CVE-2006-XXXX [smb4k security issue]
 	- smb4k 0.7.5-1
 	[sarge] - smb4k <not-affected> (Vulnerable code not present)
-CVE-2006-6129 (Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows ...)
+CVE-2006-6129
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other ...)
+CVE-2006-6128
 	- linux <not-affected> (Kernel rejects the malformed filesystem)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Kernel rejects the malformed filesystem)
 	NOTE: It's not obvious when or how this was fixed
-CVE-2006-6127 (Apple Mac OS X kernel allows local users to cause a denial of service ...)
+CVE-2006-6127
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6126 (Apple Mac OS X allows local users to cause a denial of service (memory ...)
+CVE-2006-6126
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6125 (Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) ...)
+CVE-2006-6125
 	NOT-FOR-US: NetGear
-CVE-2006-6124 (Cross-site scripting (XSS) vulnerability in SeleniumServer Web Server ...)
+CVE-2006-6124
 	NOT-FOR-US: SeleniumServer Web Server
-CVE-2006-6123 (Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals ...)
+CVE-2006-6123
 	NOT-FOR-US: Coppermine Photo Gallery (CPG)
-CVE-2006-6122 (Multiple buffer overflows in TIN before 1.8.2 have unspecified impact ...)
+CVE-2006-6122
 	- tin 1:1.8.2-1
-CVE-2006-6121 (Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers ...)
+CVE-2006-6121
 	NOT-FOR-US: Acer
-CVE-2006-6120 (Integer overflow in the KPresenter import filter for Microsoft ...)
+CVE-2006-6120
 	- koffice 1:1.6.1-1 (bug #401230; medium)
-CVE-2006-6119 (mmgallery 1.55 allows remote attackers to obtain sensitive information ...)
+CVE-2006-6119
 	NOT-FOR-US: mmgallery
-CVE-2006-6118 (Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery ...)
+CVE-2006-6118
 	NOT-FOR-US: mmgallery
-CVE-2006-6117 (SQL injection vulnerability in index1.asp in fipsGallery 1.5 and ...)
+CVE-2006-6117
 	NOT-FOR-US: fipsGallery
-CVE-2006-6116 (SQL injection vulnerability in default2.asp in fipsForum 2.6 and ...)
+CVE-2006-6116
 	NOT-FOR-US: fipsForum
-CVE-2006-6115 (SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier ...)
+CVE-2006-6115
 	NOT-FOR-US: fipsCMS
 CVE-2006-6114
 	REJECTED
-CVE-2006-6113 (Monkey Boards 0.3.5 allows remote attackers to obtain sensitive ...)
+CVE-2006-6113
 	NOT-FOR-US: Monkey Boards
-CVE-2006-6112 (LifeType 1.0.x and 1.1.x have insufficient access control for all of the PHP ...)
+CVE-2006-6112
 	NOT-FOR-US: LifeType
-CVE-2006-6111 (Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 ...)
+CVE-2006-6111
 	NOT-FOR-US: Alan Ward A-Cart Pro
-CVE-2006-6110 (Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech ...)
+CVE-2006-6110
 	NOT-FOR-US: BPG-InfoTech Content Management System
-CVE-2006-6109 (Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 ...)
+CVE-2006-6109
 	NOT-FOR-US: CandyPress Store
-CVE-2006-6108 (Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta ...)
+CVE-2006-6108
 	NOT-FOR-US: EC-CUBE
-CVE-2006-6107 (Unspecified vulnerability in the match_rule_equal function in ...)
+CVE-2006-6107
 	- dbus 1.0.2-1 (low)
 	[sarge] - dbus <no-dsa> (Minor issue)
-CVE-2006-6106 (Multiple buffer overflows in the cmtp_recv_interopmsg function in the ...)
+CVE-2006-6106
 	{DSA-1503-2 DSA-1503-1 DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-9
-CVE-2006-6105 (Format string vulnerability in the host chooser window (gdmchooser) in ...)
+CVE-2006-6105
 	- gdm 2.16.4-1 (medium; bug #403219)
 	[sarge] - gdm <not-affected> (Vulnerable code not present)
-CVE-2006-6104 (The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in ...)
+CVE-2006-6104
 	- mono 1.2.2.1-1 (low)
-CVE-2006-6103 (Integer overflow in the ProcDbeSwapBuffers function in the DBE ...)
+CVE-2006-6103
 	{DSA-1249-1}
 	- xorg-server 2:1.1.1-15
-CVE-2006-6102 (Integer overflow in the ProcDbeGetVisualInfo function in the DBE ...)
+CVE-2006-6102
 	{DSA-1249-1}
 	- xorg-server 2:1.1.1-15
-CVE-2006-6101 (Integer overflow in the ProcRenderAddGlyphs function in the Render ...)
+CVE-2006-6101
 	{DSA-1249-1}
 	- xorg-server 2:1.1.1-15
 CVE-2006-6100
@@ -2599,49 +2599,49 @@ CVE-2006-6099
 	REJECTED
 CVE-2006-6098
 	REJECTED
-CVE-2006-6097 (GNU tar 1.16 and 1.15.1, and possibly other versions, allows ...)
+CVE-2006-6097
 	{DSA-1223-1}
 	- tar 1.16-2 (high; bug #399845)
-CVE-2006-6096 (Cross-site scripting (XSS) vulnerability in activenews_search.asp in ...)
+CVE-2006-6096
 	NOT-FOR-US: ActiveNews Manage
-CVE-2006-6095 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow ...)
+CVE-2006-6095
 	NOT-FOR-US: ActiveNews Manage
-CVE-2006-6094 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow ...)
+CVE-2006-6094
 	NOT-FOR-US: ActiveNews Manage
-CVE-2006-6093 (Multiple PHP remote file inclusion vulnerabilities in adminprint.php ...)
+CVE-2006-6093
 	NOT-FOR-US: PicturesPro Photo Cart
-CVE-2006-6092 (Multiple SQL injection vulnerabilities in vehiclelistings.asp in 20/20 ...)
+CVE-2006-6092
 	NOT-FOR-US: Auto Gallery
-CVE-2006-6091 (Cross-site scripting (XSS) vulnerability in Grim Pirate GrimBB before ...)
+CVE-2006-6091
 	NOT-FOR-US: GrimBB
-CVE-2006-6090 (Multiple SQL injection vulnerabilities in BaalAsp forum allow remote ...)
+CVE-2006-6090
 	NOT-FOR-US: BaalAsp
-CVE-2006-6089 (Multiple cross-site scripting (XSS) vulnerabilities in addpost1.asp in ...)
+CVE-2006-6089
 	NOT-FOR-US: BaalAsp forum
-CVE-2006-6088 (Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar ...)
+CVE-2006-6088
 	NOT-FOR-US: i-Gallery
-CVE-2006-6087 (Cross-site scripting (XSS) vulnerability in weblog.php in my little ...)
+CVE-2006-6087
 	NOT-FOR-US: my little weblog
-CVE-2006-6086 (PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark ...)
+CVE-2006-6086
 	NOT-FOR-US: e-Ark
-CVE-2006-6085 (Kile before 1.9.3 does not assign a backup file the same permissions ...)
+CVE-2006-6085
 	- kile 1:1.9.3-1 (low)
 	[sarge] - kile <no-dsa> (Minor issue)
-CVE-2006-6084 (Directory traversal vulnerability in abitwhizzy.php in aBitWhizzy ...)
+CVE-2006-6084
 	NOT-FOR-US: aBitWhizzy
-CVE-2006-6083 (SQL injection vulnerability in search.asp in CreaScripts Creadirectory ...)
+CVE-2006-6083
 	NOT-FOR-US: CreaScripts Creadirectory
-CVE-2006-6082 (Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts ...)
+CVE-2006-6082
 	NOT-FOR-US: CreaScripts Creadirectory
-CVE-2006-6081 (PHP remote file inclusion vulnerability in Smarty_Compiler.class.php ...)
+CVE-2006-6081
 	NOT-FOR-US: Telaen
-CVE-2006-6080 (Multiple SQL injection vulnerabilities in categories.asp in gNews ...)
+CVE-2006-6080
 	NOT-FOR-US: gNews
-CVE-2006-6079 (Multiple PHP remote file inclusion vulnerabilities in LoudMouth 2.4 ...)
+CVE-2006-6079
 	NOT-FOR-US: LoudMouth (PHP thingy, not libloudmouth)
-CVE-2006-6078 (PHP remote file inclusion vulnerability in common.inc.php in a-ConMan ...)
+CVE-2006-6078
 	NOT-FOR-US: a-ConMan
-CVE-2006-6077 (The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and ...)
+CVE-2006-6077
 	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (high; bug #409220)
@@ -2650,158 +2650,158 @@ CVE-2006-6077 (The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	- xulrunner 1.8.0.10-1 (medium)
 	NOTE: Epiphany affected by xulrunner
-CVE-2006-6076 (Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly ...)
+CVE-2006-6076
 	NOT-FOR-US: BrightStor
-CVE-2006-6075 (Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp ...)
+CVE-2006-6075
 	NOT-FOR-US: BaalAsp forum
-CVE-2006-6074 (Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart ...)
+CVE-2006-6074
 	NOT-FOR-US: Enthrallweb eShopping Cart
-CVE-2006-6073 (Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart ...)
+CVE-2006-6073
 	NOT-FOR-US: Enthrallweb eShopping Cart
-CVE-2006-6072 (SQL injection vulnerability in bpg/publications_list.asp in ...)
+CVE-2006-6072
 	NOT-FOR-US: BPG-InfoTech Easy Publisher
-CVE-2006-6071 (TWiki 4.0.5 and earlier, when running under Apache 1.3 using ...)
+CVE-2006-6071
 	- twiki 1:4.0.5-2 (bug #401303; low)
-CVE-2006-6070 (SQL injection vulnerability in module/account/register/register.asp in ...)
+CVE-2006-6070
 	NOT-FOR-US: ASP Nuke
-CVE-2006-6069 (index.php in mAlbum 0.3 and earlier allows remote attackers to obtain ...)
+CVE-2006-6069
 	NOT-FOR-US: mAlbum
-CVE-2006-6068 (Directory traversal vulnerability in the cached_album function in ...)
+CVE-2006-6068
 	NOT-FOR-US: mAlbum
-CVE-2006-6067 (Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real ...)
+CVE-2006-6067
 	NOT-FOR-US: DataShed
-CVE-2006-6066 (Multiple SQL injection vulnerabilities in Dragon Calendar / Events ...)
+CVE-2006-6066
 	NOT-FOR-US: Dragon Calendar
-CVE-2006-6065 (PHP remote file inclusion vulnerability in includes/mx_common.php in ...)
+CVE-2006-6065
 	NOT-FOR-US: CalSnails Module for MxBB Portal
-CVE-2006-6064 (Multiple buffer overflows in the Message Parsing Interpreter (MPI) in ...)
+CVE-2006-6064
 	NOT-FOR-US: Fuzzball MUCK
-CVE-2006-6063 (Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier ...)
+CVE-2006-6063
 	NOT-FOR-US: XMPlay
-CVE-2006-6062 (Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other ...)
+CVE-2006-6062
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6061 (com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and ...)
+CVE-2006-6061
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6060 (The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and ...)
+CVE-2006-6060
 	{DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6059 (Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear ...)
+CVE-2006-6059
 	NOT-FOR-US: NetGear
-CVE-2006-6058 (The minix filesystem code in Linux kernel 2.6.x before 2.6.24, ...)
+CVE-2006-6058
 	{DSA-1504-1 DSA-1436-1}
 	- linux-2.6 2.6.22-6
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6057 (The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on ...)
+CVE-2006-6057
 	- linux-2.6 <not-affected> (Debian kernels up to 2.6.18 didn't include GFS)
-CVE-2006-6056 (Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when ...)
+CVE-2006-6056
 	{DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6055 (Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link ...)
+CVE-2006-6055
 	NOT-FOR-US: D-Link
-CVE-2006-6054 (The ext2 file system code in Linux kernel 2.6.x allows local users to ...)
+CVE-2006-6054
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6053 (The ext3fs_dirhash function in Linux kernel 2.6.x allows local users ...)
+CVE-2006-6053
 	{DSA-1503-2 DSA-1503-1 DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6052 (NetEpi Case Manager before 0.98 generates different error messages ...)
+CVE-2006-6052
 	NOT-FOR-US: NetEpi Case Manager
-CVE-2006-6051 (PHP remote file inclusion vulnerability in reporter.logic.php in the ...)
+CVE-2006-6051
 	NOT-FOR-US: MosReporter (com_reporter) component for Joomla!
-CVE-2006-6050 (Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em ...)
+CVE-2006-6050
 	NOT-FOR-US: Rank'em
-CVE-2006-6049 (PHP remote file inclusion vulnerability in shambo2.php in the Shambo2 ...)
+CVE-2006-6049
 	NOT-FOR-US: Shambo2 (com_shambo2) component for Mambo
-CVE-2006-6048 (SQL injection vulnerability in index.php in Etomite CMS 0.6.1.2, when ...)
+CVE-2006-6048
 	NOT-FOR-US: Etomite CMS
-CVE-2006-6047 (Directory traversal vulnerability in manager/index.php in Etomite ...)
+CVE-2006-6047
 	NOT-FOR-US: Etomite CMSEtomite CMS
-CVE-2006-6046 (Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 ...)
+CVE-2006-6046
 	NOT-FOR-US: eggblog
-CVE-2006-6045 (Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin ...)
+CVE-2006-6045
 	NOT-FOR-US: omdev One Admin
-CVE-2006-6044 (PHP remote file inclusion vulnerability in gallery_top.inc.php in ...)
+CVE-2006-6044
 	NOT-FOR-US: PHPQuickGallery
-CVE-2006-6043 (PHP file inclusion vulnerability in loginform-inc.php in Oliver ...)
+CVE-2006-6043
 	NOT-FOR-US: Oliver (formerly Webshare)
-CVE-2006-6042 (PHP remote file inclusion vulnerability in core/editor.php in ...)
+CVE-2006-6042
 	NOT-FOR-US: phpWebThings
-CVE-2006-6041 (Multiple PHP remote file inclusion vulnerabilities in Laurent Van den ...)
+CVE-2006-6041
 	NOT-FOR-US: WORK system e-commerce
-CVE-2006-6040 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-6040
 	NOT-FOR-US: vBulletin
-CVE-2006-6039 (SQL injection vulnerability in matchdetail.php in Powie's PHP ...)
+CVE-2006-6039
 	NOT-FOR-US: MatchMaker
-CVE-2006-6038 (SQL injection vulnerability in editpoll.php in Powie's PHP Forum ...)
+CVE-2006-6038
 	NOT-FOR-US: Powie's PHP Forum
-CVE-2006-6037 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-6037
 	NOT-FOR-US: Travelsized CMS
-CVE-2006-6036 (SQL injection vulnerability in OpenHuman before 1.0 allows remote ...)
+CVE-2006-6036
 	NOT-FOR-US: OpenHuman
-CVE-2006-6035 (Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 ...)
+CVE-2006-6035
 	NOT-FOR-US: BLOG:CMS
-CVE-2006-6034 (Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 ...)
+CVE-2006-6034
 	NOT-FOR-US: SitesOutlet E-commerce Kit-1
-CVE-2006-6033 (Multiple directory traversal vulnerabilities in Simple PHP Blog ...)
+CVE-2006-6033
 	NOT-FOR-US: Simple PHP Blog
-CVE-2006-6032 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
+CVE-2006-6032
 	NOT-FOR-US: Simple PHP Blog
-CVE-2006-6031 (Multiple SQL injection vulnerabilities in Greater Cincinnati Internet ...)
+CVE-2006-6031
 	NOT-FOR-US: ASPCart
-CVE-2006-6030 (Multiple SQL injection vulnerabilities in E-Calendar Pro 3.0 allow ...)
+CVE-2006-6030
 	NOT-FOR-US: E-Calendar ProE-Calendar Pro
-CVE-2006-6029 (SQL injection vulnerability in vir_Login.asp in Property Pro 1.0 ...)
+CVE-2006-6029
 	NOT-FOR-US: Property Pro
-CVE-2006-6028 (Directory traversal vulnerability in textview.php in Anton Vlasov ...)
+CVE-2006-6028
 	NOT-FOR-US: DoSePa
-CVE-2006-6027 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote ...)
+CVE-2006-6027
 	NOT-FOR-US: Adobe Reader
-CVE-2006-6026 (Heap-based buffer overflow in Real Networks Helix Server and Helix ...)
+CVE-2006-6026
 	NOT-FOR-US: Helix DNA Server
-CVE-2006-6025 (QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a ...)
+CVE-2006-6025
 	NOT-FOR-US: QUALCOMM Eudora WorldMail
-CVE-2006-6024 (Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 ...)
+CVE-2006-6024
 	NOT-FOR-US: Eudora Worldmail
-CVE-2006-6023 (** DISPUTED ** ...)
+CVE-2006-6023
 	NOT-FOR-US: Bloo
-CVE-2006-6022 (Cross-site scripting (XSS) vulnerability in login_form.asp in ...)
+CVE-2006-6022
 	NOT-FOR-US: BestWebApp Dating Site
-CVE-2006-6021 (SQL injection vulnerability in the login component in BestWebApp ...)
+CVE-2006-6021
 	NOT-FOR-US: BestWebApp Dating Site
-CVE-2006-6020 (Cross-site scripting (XSS) vulnerability in announce.php in Blog ...)
+CVE-2006-6020
 	NOT-FOR-US: Blog Torrent Preview
-CVE-2006-6019 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-6019
 	NOT-FOR-US: Bloo
-CVE-2006-6018 (** DISPUTED ** ...)
+CVE-2006-6018
 	NOT-FOR-US: My-BIC
-CVE-2006-6017 (WordPress before 2.0.5 does not properly store a profile containing a ...)
+CVE-2006-6017
 	- wordpress 2.0.5-0.1
-CVE-2006-6016 (wp-admin/user-edit.php in WordPress before 2.0.5 allows remote ...)
+CVE-2006-6016
 	- wordpress 2.0.5-0.1
-CVE-2006-6015 (Buffer overflow in the JavaScript implementation in Safari on Apple ...)
+CVE-2006-6015
 	- kdebase <unfixed> (unimportant; bug #400121)
 	NOTE: Browser crashes are not treated as security problems
-CVE-2006-6014 (The NetBSD-current kernel before 20061028 does not properly perform ...)
+CVE-2006-6014
 	NOT-FOR-US: NetBSD
-CVE-2006-6013 (Integer signedness error in the fw_ioctl (FW_IOCTL) function in the ...)
+CVE-2006-6013
 	- kfreebsd-5 5.4-21
 	[etch] - kfreebsd-5 <no-dsa> (no security support)
-CVE-2006-6012 (Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in ...)
+CVE-2006-6012
 	NOT-FOR-US: Car Site Manager
-CVE-2006-6011 (Unspecified vulnerability in SAP Web Application Server before 6.40 ...)
+CVE-2006-6011
 	NOT-FOR-US: SAP
-CVE-2006-6010 (SAP allows remote attackers to obtain potentially sensitive ...)
+CVE-2006-6010
 	NOT-FOR-US: SAP
-CVE-2006-6009 (Unspecified vulnerability in the Java Runtime Environment (JRE) Swing ...)
+CVE-2006-6009
 	- sun-java5 1.5.0-08-1
-CVE-2006-6008 (ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, ...)
+CVE-2006-6008
 	{DSA-1217}
 	- linux-ftpd 0.17-23
-CVE-2006-6007 (save_profile.asp in WebEvents (Online Event Registration Template) 2.0 ...)
+CVE-2006-6007
 	NOT-FOR-US: WebEvents (Online Event Registration Template)
 CVE-2006-6006
 	REJECTED
@@ -2827,437 +2827,437 @@ CVE-2006-5996
 	REJECTED
 CVE-2006-5995
 	REJECTED
-CVE-2006-5994 (Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word ...)
+CVE-2006-5994
 	NOT-FOR-US: Microsoft Word
 CVE-2006-5993
 	REJECTED
 CVE-2006-5992
 	REJECTED
-CVE-2006-5991 (Multiple SQL injection vulnerabilities in wwweb concepts CactuShop ...)
+CVE-2006-5991
 	NOT-FOR-US: CactuShop
-CVE-2006-5990 (VMWare VirtualCenter client 2.x before 2.0.1 Patch 1 (Build 33643) and ...)
+CVE-2006-5990
 	NOT-FOR-US: VMWare
-CVE-2006-5989 (Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 ...)
+CVE-2006-5989
 	{DSA-1247-1}
 	- libapache-mod-auth-kerb 5.3-1 (low; bug #400589)
-CVE-2006-5988 (Unspecified vulnerability in Windows 2000 Advanced Server SP4 running ...)
+CVE-2006-5988
 	NOT-FOR-US: Windows
-CVE-2006-5987 (SQL injection vulnerability in default.asp in ASPintranet, possibly ...)
+CVE-2006-5987
 	NOT-FOR-US: ASPintranet
-CVE-2006-5986 (admin/options.php in Extreme CMS 0.9, and possibly earlier, does not ...)
+CVE-2006-5986
 	NOT-FOR-US: Extreme CMS
-CVE-2006-5985 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-5985
 	NOT-FOR-US: Extreme CMS
-CVE-2006-5984 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web ...)
+CVE-2006-5984
 	NOT-FOR-US: Helm Hosting Control Panel
-CVE-2006-5983 (Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software ...)
+CVE-2006-5983
 	NOT-FOR-US: DirectAdmin
-CVE-2006-5982 (SeleniumServer FTP Server 1.0, and possibly earlier, stores user ...)
+CVE-2006-5982
 	NOT-FOR-US: Selenium Server
-CVE-2006-5981 (Multiple directory traversal vulnerabilities in SeleniumServer FTP ...)
+CVE-2006-5981
 	NOT-FOR-US: Selenium Server
-CVE-2006-5980 (adm_lgn_admin.asp in Renasoft NetJetServer 2.5.3.939, and possibly ...)
+CVE-2006-5980
 	NOT-FOR-US: NetJetServer
-CVE-2006-5979 (Renasoft NetJetServer 2.5.3.939, and possibly earlier, uses insecure ...)
+CVE-2006-5979
 	NOT-FOR-US: NetJetServer
-CVE-2006-5978 (Unspecified vulnerability in E-Xoopport before 2.2.0 has unknown ...)
+CVE-2006-5978
 	NOT-FOR-US: E-Xoopport
-CVE-2006-5977 (Multiple SQL injection vulnerabilities in MultiCalendars allow remote ...)
+CVE-2006-5977
 	NOT-FOR-US: MultiCalendars
-CVE-2006-5976 (Multiple SQL injection vulnerabilities in admin_login.asp in BlogMe ...)
+CVE-2006-5976
 	NOT-FOR-US: BlogMe
-CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in comments.asp in ...)
+CVE-2006-5975
 	NOT-FOR-US: BlogMe
-CVE-2006-5974 (fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message ...)
+CVE-2006-5974
 	- fetchmail 6.3.6-1 (low)
 	[sarge] - fetchmail <not-affected> (Vulnerable code not present)
-CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and ...)
+CVE-2006-5973
 	- dovecot 1.0.rc15-1
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
 CVE-2006-XXXX [Firefox Sage Extension Feed Script Insertion Vulnerability]
 	- firefox-sage <not-affected> (medium; bug #399170)
 	NOTE: Debian's version has HTML disabled
-CVE-2006-5972 (Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless ...)
+CVE-2006-5972
 	NOT-FOR-US: NetGear
-CVE-2006-5971 (Absolute path traversal vulnerability in admin/logfile.txt in Verity ...)
+CVE-2006-5971
 	NOT-FOR-US: Verity Ultraseek
-CVE-2006-5970 (Verity Ultraseek before 5.7 allows remote attackers to obtain ...)
+CVE-2006-5970
 	NOT-FOR-US: Verity Ultraseek
-CVE-2006-5969 (CRLF injection vulnerability in the evalFolderLine function in fvwm ...)
+CVE-2006-5969
 	- fvwm 1:2.5.18-2 (low; bug #400303)
 	[sarge] - fvwm <no-dsa> (Minor issue)
-CVE-2006-5968 (MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, ...)
+CVE-2006-5968
 	NOT-FOR-US: MDaemon
-CVE-2006-5967 (Race condition in Panda ActiveScan 5.53.00, and other versions before ...)
+CVE-2006-5967
 	NOT-FOR-US: Panda ActiveScan
-CVE-2006-5966 (Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows ...)
+CVE-2006-5966
 	NOT-FOR-US: Panda ActiveScan
-CVE-2006-5965 (PassGo SSO Plus 2.1.0.32, and probably earlier versions, uses insecure ...)
+CVE-2006-5965
 	NOT-FOR-US: PassGo SSO Plus
-CVE-2006-5964 (choShilA.bpl in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221 allows local ...)
+CVE-2006-5964
 	NOT-FOR-US: PentaZip
-CVE-2006-5963 (Directory traversal vulnerability in PentaZip 8.5.1.190 and PentaSuite-PRO ...)
+CVE-2006-5963
 	NOT-FOR-US: PentaZip
-CVE-2006-5962 (Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow ...)
+CVE-2006-5962
 	NOT-FOR-US: Hpecs Shopping Cart
-CVE-2006-5961 (Buffer overflow in Mercury Mail Transport System 4.01b for Windows has ...)
+CVE-2006-5961
 	NOT-FOR-US: Mercury Mail Transport
-CVE-2006-5960 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-5960
 	NOT-FOR-US: A+ Store E-Commerce
-CVE-2006-5959 (SQL injection vulnerability in browse.asp in A+ Store E-Commerce ...)
+CVE-2006-5959
 	NOT-FOR-US: A+ Store E-Commerce
-CVE-2006-5958 (Multiple cross-site scripting (XSS) vulnerabilities in INFINICART ...)
+CVE-2006-5958
 	NOT-FOR-US: INFINICART
-CVE-2006-5957 (** DISPUTED ** ...)
+CVE-2006-5957
 	NOT-FOR-US: INFINICART
-CVE-2006-5956 (XLineSoft PHPRunner 3.1 stores the (1) database server name, (2) ...)
+CVE-2006-5956
 	NOT-FOR-US: PHPRunner
-CVE-2006-5955 (SQL injection vulnerability in listings.asp in 20/20 DataShed (aka ...)
+CVE-2006-5955
 	NOT-FOR-US: DataShed
-CVE-2006-5954 (SQL injection vulnerability in page.asp in NetVIOS 2.0 and earlier ...)
+CVE-2006-5954
 	NOT-FOR-US: NetVIOS
-CVE-2006-5953 (SQL injection vulnerability in viewcart.asp in Evolve shopping cart ...)
+CVE-2006-5953
 	NOT-FOR-US: Evolve shopping cart
-CVE-2006-5952 (SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 ...)
+CVE-2006-5952
 	NOT-FOR-US: ASP Smiley
-CVE-2006-5951 (PHP remote file inclusion vulnerability in pipe.php in Exophpdesk 1.2 ...)
+CVE-2006-5951
 	NOT-FOR-US: Exophpdesk
-CVE-2006-5950 (Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and ...)
+CVE-2006-5950
 	NOT-FOR-US: ALTools ALFTP FTP Server
-CVE-2006-5949 (Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta ...)
+CVE-2006-5949
 	NOT-FOR-US: ALTools ALFTP FTP Server
-CVE-2006-5948 (PHP remote file inclusion vulnerability in pntUnit/Inspect.php in ...)
+CVE-2006-5948
 	NOT-FOR-US: phpPeanuts
-CVE-2006-5947 (Multiple directory traversal vulnerabilities in Conxint FTP Server ...)
+CVE-2006-5947
 	NOT-FOR-US: Conxint FTP Server
-CVE-2006-5946 (SQL injection vulnerability in demo/glossary/glossary.asp in FunkyASP ...)
+CVE-2006-5946
 	NOT-FOR-US: FunkyASP Glossary
-CVE-2006-5945 (Multiple SQL injection vulnerabilities in MGinternet Car Site Manager ...)
+CVE-2006-5945
 	NOT-FOR-US: MGinternet Car Site Manager
-CVE-2006-5944 (Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in ...)
+CVE-2006-5944
 	NOT-FOR-US: MGinternet Car Site Manager
-CVE-2006-5943 (Multiple SQL injection vulnerabilities in inventory/display/imager.asp ...)
+CVE-2006-5943
 	NOT-FOR-US: Less Inventory Manager
-CVE-2006-5942 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-5942
 	NOT-FOR-US: Less Inventory Manager
 CVE-2006-5941
 	REJECTED
-CVE-2006-5940 (Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has ...)
+CVE-2006-5940
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5939 (Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause ...)
+CVE-2006-5939
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5938 (Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote ...)
+CVE-2006-5938
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5937 (Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 ...)
+CVE-2006-5937
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5936 (SQL injection vulnerability in dept.asp in SiteXpress E-Commerce ...)
+CVE-2006-5936
 	NOT-FOR-US: SiteXpress E-Commerce
-CVE-2006-5935 (SQL injection vulnerability in index.php in ShopSystems 4.0 and ...)
+CVE-2006-5935
 	NOT-FOR-US: ShopSystems
-CVE-2006-5934 (SQL injection vulnerability in admin/default.asp in Estate Agent ...)
+CVE-2006-5934
 	NOT-FOR-US: Estate Agent Manager
-CVE-2006-5933 (SQL injection vulnerability in update.asp in UltraSite 1.0 allows ...)
+CVE-2006-5933
 	NOT-FOR-US: UltraSite
-CVE-2006-5932 (Kahua before 0.7, when running multiple applications under a single ...)
+CVE-2006-5932
 	NOT-FOR-US: Kahua
-CVE-2006-5931 (Multiple PHP remote file inclusion vulnerabilities in Aigaion Web ...)
+CVE-2006-5931
 	NOT-FOR-US: Aigaion
-CVE-2006-5930 (Multiple PHP remote file inclusion vulnerabilities in Aigaion Web ...)
+CVE-2006-5930
 	NOT-FOR-US: Aigaion
-CVE-2006-5929 (PHP remote file inclusion vulnerability in firepjs.php in ...)
+CVE-2006-5929
 	NOT-FOR-US: Phpjobscheduler
-CVE-2006-5928 (Multiple PHP remote file inclusion vulnerabilities in Phpjobscheduler ...)
+CVE-2006-5928
 	NOT-FOR-US: Phpjobscheduler
-CVE-2006-5927 (SQL injection vulnerability in cpLogin.asp in ASP Scripter Easy Portal ...)
+CVE-2006-5927
 	NOT-FOR-US: ASP Scripter Easy Portal
-CVE-2006-5926 (Multiple SQL injection vulnerabilities in mail.php in Vallheru before ...)
+CVE-2006-5926
 	NOT-FOR-US: Vallheru
-CVE-2006-5925 (Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed ...)
+CVE-2006-5925
 	{DSA-1240-1 DSA-1228-1 DSA-1226-1}
 	- links 0.99+1.00pre12-1.1 (medium; bug #399188)
 	- elinks 0.11.1-1.2 (medium; bug #399187)
 	- links2 2.1pre25-2 (medium; bug #400718)
-CVE-2006-5924 (Cross-site scripting (XSS) vulnerability in index.php in Efficient IP ...)
+CVE-2006-5924
 	NOT-FOR-US: Efficient IP iPmanager (IPm)
-CVE-2006-5923 (PHP remote file inclusion vulnerability in index.php in Chris Mac ...)
+CVE-2006-5923
 	NOT-FOR-US: gtcatalog
-CVE-2006-5922 (index.php in Wheatblog (wB) allows remote attackers to obtain ...)
+CVE-2006-5922
 	NOT-FOR-US: Wheatblog
-CVE-2006-5921 (Multiple cross-site scripting (XSS) vulnerabilities in add_comment.php ...)
+CVE-2006-5921
 	NOT-FOR-US: Wheatblog
-CVE-2006-5920 (** DISPUTED ** ...)
+CVE-2006-5920
 	NOT-FOR-US: Exporia
-CVE-2006-5919 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5919
 	NOT-FOR-US: KnowledgeBuilder
-CVE-2006-5918 (Unrestricted file upload vulnerability in RapidKill (aka PHP Rapid ...)
+CVE-2006-5918
 	NOT-FOR-US: RapidKill
-CVE-2006-5917 (Multiple SQL injection vulnerabilities in OmniStar Article Manager ...)
+CVE-2006-5917
 	NOT-FOR-US: OmniStar Article Manager
-CVE-2006-5916 (Intego VirusBarrier X4 allows context-dependent attackers to bypass ...)
+CVE-2006-5916
 	NOT-FOR-US: Intego VirusBarrier
-CVE-2006-5915 (Multiple cross-site scripting (XSS) vulnerabilities in ls.php in ...)
+CVE-2006-5915
 	NOT-FOR-US: LandShop
-CVE-2006-5914 (SQL injection vulnerability in ls.php in SAMEDIA LandShop allows ...)
+CVE-2006-5914
 	NOT-FOR-US: LandShop
-CVE-2006-5913 (Microsoft Internet Explorer 7 allows remote attackers to (1) cause a ...)
+CVE-2006-5913
 	NOT-FOR-US: Microsoft
-CVE-2006-5912 (Unspecified vulnerability in Campware Campsite before 2.6.2 has ...)
+CVE-2006-5912
 	NOT-FOR-US: Campware Campsite
-CVE-2006-5911 (Multiple PHP remote file inclusion vulnerabilities in Campware ...)
+CVE-2006-5911
 	NOT-FOR-US: Campware Campsite
-CVE-2006-5910 (Multiple PHP remote file inclusion vulnerabilities in Campware ...)
+CVE-2006-5910
 	NOT-FOR-US: Campware Campsite
-CVE-2006-5909 (generaloptions.php in Paul Tarjan Stanford Conference And Research ...)
+CVE-2006-5909
 	NOT-FOR-US: Stanford Conference And Research Forum (SCARF)
-CVE-2006-5908 (Multiple SQL injection vulnerabilities in the login_user function in ...)
+CVE-2006-5908
 	NOT-FOR-US: Yet Another News System
-CVE-2006-5907 (SQL injection vulnerability in modules/bannieres/bannieres.php in ...)
+CVE-2006-5907
 	NOT-FOR-US: SCRIPT BANNIERES
-CVE-2006-5906 (** DISPUTED ** ...)
+CVE-2006-5906
 	NOT-FOR-US: SCRIPT BANNIERES
-CVE-2006-5905 (Web Directory Pro allows remote attackers to (1) backup the database ...)
+CVE-2006-5905
 	NOT-FOR-US: Web Directory Pro
-CVE-2006-5904 (Multiple PHP remote file inclusion vulnerabilities in MWChat Pro 7.0 ...)
+CVE-2006-5904
 	NOT-FOR-US: MWChat Pro
-CVE-2006-5903 (Rahul Jonna Gmail File Space (GSpace) allows remote attackers to ...)
+CVE-2006-5903
 	NOT-FOR-US: GSpace
-CVE-2006-5902 (viksoe GMail Drive shell extension allows remote attackers to perform ...)
+CVE-2006-5902
 	NOT-FOR-US: viksoe GMail Drive
-CVE-2006-5901 (Hawking Technology wireless router WR254-CA uses a hardcoded IP ...)
+CVE-2006-5901
 	NOT-FOR-US: Hawking Technology wireless router WR254-CA
-CVE-2006-5900 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2006-5900
 	NOT-FOR-US: Zend Framework Preview
-CVE-2006-5899 (** DISPUTED ** ...)
+CVE-2006-5899
 	NOT-FOR-US: @cid stat
-CVE-2006-5898 (Directory traversal vulnerability in localization/languages.lib.php3 ...)
+CVE-2006-5898
 	NOT-FOR-US: PhpMyChat
-CVE-2006-5897 (Multiple directory traversal vulnerabilities in PhpMyChat Plus 1.9 and ...)
+CVE-2006-5897
 	NOT-FOR-US: PhpMyChat Plus
-CVE-2006-5896 (REMLAB Web Mech Designer 2.0.5 allows remote attackers to obtain the ...)
+CVE-2006-5896
 	NOT-FOR-US: Web Mech Designer
-CVE-2006-5895 (PHP remote file inclusion vulnerability in core/core.php in EncapsCMS ...)
+CVE-2006-5895
 	NOT-FOR-US: EncapsCMS
-CVE-2006-5894 (Directory traversal vulnerability in lang.php in Rama CMS 0.68 and ...)
+CVE-2006-5894
 	NOT-FOR-US: Rama CMS
-CVE-2006-5893 (Multiple PHP remote file inclusion vulnerabilities in iWonder Designs ...)
+CVE-2006-5893
 	NOT-FOR-US: iWonder Designs Storystream
-CVE-2006-5892 (SQL injection vulnerability in MoreInfo.asp in The Net Guys ...)
+CVE-2006-5892
 	NOT-FOR-US: The Net Guys ASPired2Poll
-CVE-2006-5891 (SQL injection vulnerability in detail.asp in Superfreaker Studios ...)
+CVE-2006-5891
 	NOT-FOR-US: Superfreaker Studios UStore
-CVE-2006-5890 (SQL injection vulnerability in detail.asp in Superfreaker Studios ...)
+CVE-2006-5890
 	NOT-FOR-US: Superfreaker Studios UStore
-CVE-2006-5889 (SQL injection vulnerability in printLog.php in BrewBlogger (BB) 1.3.1 ...)
+CVE-2006-5889
 	NOT-FOR-US: BrewBlogger
-CVE-2006-5888 (SQL injection vulnerability in viewarticle.asp in Superfreaker Studios ...)
+CVE-2006-5888
 	NOT-FOR-US: Superfreaker Studios UPublisher
-CVE-2006-5887 (SQL injection vulnerability in CampusNewsDetails.asp in Dynamic ...)
+CVE-2006-5887
 	NOT-FOR-US: Dynamic Dataworx NuSchool
-CVE-2006-5886 (SQL injection vulnerability in propertysdetails.asp in Dynamic ...)
+CVE-2006-5886
 	NOT-FOR-US: Dynamic Dataworx NuRealestate (NuRems)
-CVE-2006-5885 (SQL injection vulnerability in Products.asp in NuStore 1.0 allows ...)
+CVE-2006-5885
 	NOT-FOR-US: NuStore
-CVE-2006-5884 (Multiple unspecified vulnerabilities in DirectAnimation ActiveX ...)
+CVE-2006-5884
 	NOT-FOR-US: DirectAnimation ActiveX controls for Microsoft Internet Explorer
-CVE-2006-5883 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...)
+CVE-2006-5883
 	NOT-FOR-US: cPanel 10
-CVE-2006-5882 (Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device ...)
+CVE-2006-5882
 	NOT-FOR-US: Broadcom BCMWL5.SYS
-CVE-2006-5881 (SQL injection vulnerability in cl_CatListing.asp in Dynamic Dataworx ...)
+CVE-2006-5881
 	NOT-FOR-US: Dynamic Dataworx NuCommunity
-CVE-2006-5880 (SQL injection vulnerability on the subMenu page in switch.asp in Munch ...)
+CVE-2006-5880
 	NOT-FOR-US: Munch Pro
-CVE-2006-5879 (SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta ...)
+CVE-2006-5879
 	NOT-FOR-US: ASPPortal
-CVE-2006-5878 (Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 ...)
+CVE-2006-5878
 	{DSA-1209}
 	- trac 0.10.1-1 (bug #397683)
-CVE-2006-5877 (The enigmail extension before 0.94.2 does not properly handle large, ...)
+CVE-2006-5877
 	- enigmail 2:0.94.2-1 (bug #406604)
-CVE-2006-5876 (The soup_headers_parse function in soup-headers.c for libsoup HTTP ...)
+CVE-2006-5876
 	{DSA-1248-1}
 	- libsoup 2.2.98-2 (bug #405197; medium)
-CVE-2006-5875 (eoc.py in Enemies of Carlotta (EoC) before 1.2.4 allows remote ...)
+CVE-2006-5875
 	{DSA-1236-1}
 	- enemies-of-carlotta 1.2.4-1 (medium)
-CVE-2006-5874 (Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to ...)
+CVE-2006-5874
 	{DSA-1232-1}
 	- clamav 0.86-1
-CVE-2006-5873 (Buffer overflow in the cluster_process_heartbeat function in cluster.c ...)
+CVE-2006-5873
 	{DSA-1230-1}
 	- l2tpns 2.1.21-1 (medium; bug #401742)
 	NOTE: http://secunia.com/advisories/23230/
-CVE-2006-5872 (login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows ...)
+CVE-2006-5872
 	{DSA-1239-1}
 	- sql-ledger 2.6.21-1
-CVE-2006-5871 (smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before ...)
+CVE-2006-5871
 	{DSA-1237 DSA-1233}
 	- linux-2.6 <not-affected> (Current Linux versions already implement intended behaviour)
-CVE-2006-5870 (Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, ...)
+CVE-2006-5870
 	{DSA-1246-1}
 	- openoffice.org 2.0.4-1 (medium; bug #405986; bug #405679)
-CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute ...)
+CVE-2006-5869
 	{DSA-1220}
 	- pstotext 1.9-4 (bug #356988; medium)
-CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 ...)
+CVE-2006-5868
 	{DSA-1213}
 	- imagemagick 7:6.2.4.5.dfsg1-0.11
-CVE-2006-5867 (fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit ...)
+CVE-2006-5867
 	{DSA-1259-1}
 	- fetchmail 6.3.6-1 (low)
-CVE-2006-5866 (Directory traversal vulnerability in Mdoc/view-sourcecode.php for ...)
+CVE-2006-5866
 	NOT-FOR-US: phpManta
-CVE-2006-5865 (PHP remote file inclusion vulnerability in language.inc.php in MyAlbum ...)
+CVE-2006-5865
 	NOT-FOR-US: Script Dowload
-CVE-2006-5863 (PHP remote file inclusion vulnerability in inc/session.php for ...)
+CVE-2006-5863
 	NOT-FOR-US: LetterIt
-CVE-2006-5862 (Directory traversal vulnerability in the session mechanism of the web ...)
+CVE-2006-5862
 	NOT-FOR-US: Network Administration Visualized
-CVE-2006-5861 (The Independent Management Architecture (IMA) service (ImaSrv.exe) in ...)
+CVE-2006-5861
 	NOT-FOR-US: Citrix
-CVE-2006-5860 (Cross-site scripting (XSS) vulnerability in the administrator console ...)
+CVE-2006-5860
 	NOT-FOR-US: Adobe JRun
-CVE-2006-5859 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 ...)
+CVE-2006-5859
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2006-5858 (Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft ...)
+CVE-2006-5858
 	NOT-FOR-US: Adobe
-CVE-2006-5857 (Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote ...)
+CVE-2006-5857
 	NOT-FOR-US: Adobe
-CVE-2006-5856 (Stack-based buffer overflow in the Adobe Download Manager before 2.2 ...)
+CVE-2006-5856
 	NOT-FOR-US: Adobe Download Manager
-CVE-2006-5855 (Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 ...)
+CVE-2006-5855
 	NOT-FOR-US: Tivoli
-CVE-2006-5854 (Multiple buffer overflows in the Spooler service (nwspool.dll) in ...)
+CVE-2006-5854
 	NOT-FOR-US: Novell Netware
-CVE-2006-5853 (Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy ...)
+CVE-2006-5853
 	NOT-FOR-US: Immediacy CMS
-CVE-2006-5852 (Untrusted search path vulnerability in openexec in OpenBase SQL before ...)
+CVE-2006-5852
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5851 (openexec in OpenBase SQL before 10.0.1 allows local users to create ...)
+CVE-2006-5851
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5850 (Stack-based buffer overflow in Essentia Web Server 2.15 for Windows ...)
+CVE-2006-5850
 	NOT-FOR-US: Essentia Web Server
-CVE-2006-5849 (PHP remote file inclusion vulnerability in inc/irayofuncs.php in ...)
+CVE-2006-5849
 	NOT-FOR-US: IrayoBlog
 CVE-2006-5848
 	REJECTED
-CVE-2006-5847 (Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop ...)
+CVE-2006-5847
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5846 (Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 ...)
+CVE-2006-5846
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5845 (Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 ...)
+CVE-2006-5845
 	NOT-FOR-US: Speedywiki
-CVE-2006-5844 (Speedywiki 2.0 allows remote attackers to obtain the full path of the ...)
+CVE-2006-5844
 	NOT-FOR-US: Speedywiki
-CVE-2006-5843 (Cross-site scripting (XSS) vulnerability in index.php in Speedywiki ...)
+CVE-2006-5843
 	NOT-FOR-US: Speedywiki
-CVE-2006-5842 (The keystore file in Unicore Client before 5.6 build 5, when running ...)
+CVE-2006-5842
 	NOT-FOR-US: Unicore
-CVE-2006-5841 (Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in ...)
+CVE-2006-5841
 	NOT-FOR-US: DodosMail
-CVE-2006-5840 (** DISPUTED ** ...)
+CVE-2006-5840
 	NOT-FOR-US: Abarcar Realty Portal
-CVE-2006-5839 (PHP remote file inclusion vulnerability in ad_main.php in PHPAdventure ...)
+CVE-2006-5839
 	NOT-FOR-US: PHPAdventure
-CVE-2006-5838 (PHP remote file inclusion vulnerability in lib/class.Database.php in ...)
+CVE-2006-5838
 	NOT-FOR-US: NewP News Publication System
-CVE-2006-5837 (Static code injection vulnerability in chat_panel.php in the ...)
+CVE-2006-5837
 	NOT-FOR-US: SimpleChat 1.0.0 module for iWare Professional CMS
-CVE-2006-5836 (The fpathconf syscall function in bsd/kern/kern_descrip.c in the ...)
+CVE-2006-5836
 	NOT-FOR-US: Darwin kernel (XNU) 8.8.1 in Apple Mac OS X
-CVE-2006-5835 (The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes ...)
+CVE-2006-5835
 	NOT-FOR-US: IBM Lotus Notes Domino
-CVE-2006-5834 (Directory traversal vulnerability in general.php in OpenSolution ...)
+CVE-2006-5834
 	NOT-FOR-US: OpenSolution Quick.Cms.Lite
-CVE-2006-5833 (gbcms_php_files/up_loader.php GreenBeast CMS 1.3 does not require ...)
+CVE-2006-5833
 	NOT-FOR-US: GreenBeast CMS
-CVE-2006-5832 (All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote ...)
+CVE-2006-5832
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5831 (PHP remote file inclusion vulnerability in admin/code/index.php in All ...)
+CVE-2006-5831
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5830 (Multiple cross-site scripting (XSS) vulnerabilities in All In One ...)
+CVE-2006-5830
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5829 (Multiple SQL injection vulnerabilities in All In One Control Panel ...)
+CVE-2006-5829
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5828 (SQL injection vulnerability in detail.php in DeltaScripts PHP ...)
+CVE-2006-5828
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-5827 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-5827
 	NOT-FOR-US: phpComasy CMS
-CVE-2006-5826 (Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 ...)
+CVE-2006-5826
 	NOT-FOR-US: Texas Imperial Software WFTPD Pro Server
-CVE-2006-5825 (Cross-site scripting (XSS) vulnerability in index.php in Kayako ...)
+CVE-2006-5825
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2006-5824 (Integer overflow in the ffs_rdextattr function in FreeBSD 6.1 allows ...)
+CVE-2006-5824
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5823 (The zlib_inflate function in Linux kernel 2.6.x allows local users to ...)
+CVE-2006-5823
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6 2.6.18.dfsg.1-10 (low)
-CVE-2006-5822 (Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in ...)
+CVE-2006-5822
 	NOT-FOR-US: Symantec Veritas NetBackup
-CVE-2006-5821 (Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ...)
+CVE-2006-5821
 	NOT-FOR-US: Citrix
-CVE-2006-5820 (The LinkSBIcons method in the SuperBuddy ActiveX control ...)
+CVE-2006-5820
 	NOT-FOR-US: SuperBuddy ActiveX control
-CVE-2006-5819 (Verity Ultraseek before 5.7 allows remote attackers to use the server ...)
+CVE-2006-5819
 	NOT-FOR-US: Verity Ultraseek
-CVE-2006-5864 (Stack-based buffer overflow in the ps_gettext function in ps.c for GNU ...)
+CVE-2006-5864
 	{DSA-1243-1 DSA-1214}
 	- gv 1:3.6.2-3 (medium; bug #398292)
 	- evince 0.4.0-3 (medium; bug #400904; bug #400906; bug #402063)
-CVE-2006-5818 (Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before ...)
+CVE-2006-5818
 	NOT-FOR-US: Lotus Domino
-CVE-2006-5817 (prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure ...)
+CVE-2006-5817
 	NOT-FOR-US: Parallels
-CVE-2006-5816 (Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko ...)
+CVE-2006-5816
 	NOT-FOR-US: Business Card Web Builder
-CVE-2006-5815 (Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 ...)
+CVE-2006-5815
 	{DSA-1222-1}
 	- proftpd-dfsg 1.3.0-15 (bug #399070; high)
-CVE-2006-5814 (Unspecified vulnerability in Novell eDirectory allows remote attackers ...)
+CVE-2006-5814
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5813 (Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to ...)
+CVE-2006-5813
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5812 (Unspecified vulnerability in Kerio MailServer allows attackers to ...)
+CVE-2006-5812
 	NOT-FOR-US: Kerio
-CVE-2006-5811 (PHP remote file inclusion vulnerability in library/translation.inc.php ...)
+CVE-2006-5811
 	NOT-FOR-US: OpenEMR
-CVE-2006-5810 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-5810
 	NOT-FOR-US: XOOPS
-CVE-2006-5809 (Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB ...)
+CVE-2006-5809
 	NOT-FOR-US: OvBB
-CVE-2006-5808 (The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses ...)
+CVE-2006-5808
 	NOT-FOR-US: Cisco
-CVE-2006-5807 (Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to ...)
+CVE-2006-5807
 	NOT-FOR-US: Cisco
-CVE-2006-5806 (SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when ...)
+CVE-2006-5806
 	NOT-FOR-US: Cisco
-CVE-2006-5805 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...)
+CVE-2006-5805
 	NOT-FOR-US: Microsoft
-CVE-2006-5804 (PHP remote file inclusion vulnerability in admin.php in Advanced ...)
+CVE-2006-5804
 	NOT-FOR-US: Advanced Guestbook
-CVE-2006-5803 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5803
 	NOT-FOR-US: mxBB Smartor Album
-CVE-2006-5802 (SQL injection vulnerability in message_details.php in The Web Drivers ...)
+CVE-2006-5802
 	NOT-FOR-US: The Web Drivers Simple Forum
-CVE-2006-5801 (The owserver module in owfs and owhttpd 2.5p5 and earlier does not ...)
+CVE-2006-5801
 	NOT-FOR-US: owfs
-CVE-2006-5800 (Cross-site scripting (XSS) vulnerability in default.asp in ...)
+CVE-2006-5800
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5799 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+CVE-2006-5799
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5798 (SQL injection vulnerability in default.asp in Xenis.creator CMS allows ...)
+CVE-2006-5798
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5797 (Multiple SQL injection vulnerabilities in default.asp in Xenis.creator ...)
+CVE-2006-5797
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5796 (Multiple PHP remote file inclusion vulnerabilities in Soholaunch Pro ...)
+CVE-2006-5796
 	NOT-FOR-US: Soholaunch Pro
-CVE-2006-5795 (Multiple PHP remote file inclusion vulnerabilities in OpenEMR 2.8.1 ...)
+CVE-2006-5795
 	NOT-FOR-US: OpenEMR
-CVE-2006-5794 (Unspecified vulnerability in the sshd Privilege Separation Monitor in ...)
+CVE-2006-5794
 	- openssh 1:4.3p2-6 (unimportant)
 	NOTE: Not a direct vulnerability
-CVE-2006-5793 (The sPLT chunk handling code (png_set_sPLT function in pngset.c) in ...)
+CVE-2006-5793
 	- libpng 1.2.13-0 (low; bug #398706)
 	[sarge] - libpng <no-dsa> (Minor issue)
 CVE-2006-XXXX [obexpushd arbitrary command execution]
@@ -3265,105 +3265,105 @@ CVE-2006-XXXX [obexpushd arbitrary command execution]
 CVE-2006-XXXX [motion insecure tempfile creation]
 	- motion 3.2.3-2 (bug #393846; low)
 	[sarge] - motion <no-dsa> (Minor issue)
-CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote ...)
+CVE-2006-5792
 	NOT-FOR-US: XLink Omni-NFS Enterprise
-CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG ...)
+CVE-2006-5791
 	{DSA-1242-1}
 	- elog 2.6.2+r1754-1 (medium; bug #392016)
-CVE-2006-5790 (Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and ...)
+CVE-2006-5790
 	{DSA-1242-1}
 	- elog 2.6.2+r1754-1 (medium; bug #392016)
-CVE-2006-5789 (War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated ...)
+CVE-2006-5789
 	NOT-FOR-US: WarFTPd
-CVE-2006-5788 (PHP remote file inclusion vulnerability in (1) index.php and (2) ...)
+CVE-2006-5788
 	NOT-FOR-US: IPrimal Forums
-CVE-2006-5787 (admin/index.php in IPrimal Forums as of 20061105 allows remote ...)
+CVE-2006-5787
 	NOT-FOR-US: IPrimal Forums
-CVE-2006-5786 (Directory traversal vulnerability in class2.php in e107 0.7.5 and ...)
+CVE-2006-5786
 	NOT-FOR-US: e107
-CVE-2006-5785 (Unspecified vulnerability in SAP Web Application Server 6.40 before ...)
+CVE-2006-5785
 	NOT-FOR-US: SAP Web Application Server
-CVE-2006-5784 (Unspecified vulnerability in enserver.exe in SAP Web Application ...)
+CVE-2006-5784
 	NOT-FOR-US: SAP Web Application Server
-CVE-2006-5783 (** DISPUTED ** ...)
+CVE-2006-5783
 	NOTE: irreproducible firefox issue
-CVE-2006-5782 (radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not ...)
+CVE-2006-5782
 	NOT-FOR-US: HP OpenView
-CVE-2006-5781 (Stack-based buffer overflow in the handshake function in iodine 0.3.2 ...)
+CVE-2006-5781
 	NOT-FOR-US: iodine
-CVE-2006-5780 (Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 ...)
+CVE-2006-5780
 	NOT-FOR-US: XLink Omni-NFS
-CVE-2006-5779 (OpenLDAP before 2.3.29 allows remote attackers to cause a denial of ...)
+CVE-2006-5779
 	- openldap2.2 <removed> (bug #397673)
 	- openldap2.3 2.3.29-1
-CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to ...)
+CVE-2006-5777
 	NOT-FOR-US: Creasito E-Commerce Content Manager
-CVE-2006-5776 (** DISPUTED ** ...)
+CVE-2006-5776
 	NOT-FOR-US: Ariadne
-CVE-2006-5775 (Cross-site scripting (XSS) vulnerability in profile.php in FunkBoard ...)
+CVE-2006-5775
 	NOT-FOR-US: FunkBoard
-CVE-2006-5774 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System before ...)
+CVE-2006-5774
 	NOT-FOR-US: Hyper NIKKI System
-CVE-2006-5773 (Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 ...)
+CVE-2006-5773
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5772 (Multiple SQL injection vulnerabilities in index.php in FreeWebshop ...)
+CVE-2006-5772
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5771 (Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 and 2.0 ...)
+CVE-2006-5771
 	NOT-FOR-US: Arkoon SSL360
-CVE-2006-5770 (Multiple cross-site scripting (XSS) vulnerabilities in ac4p Mobile ...)
+CVE-2006-5770
 	NOT-FOR-US: Mobile
-CVE-2006-5769 (Multiple cross-site scripting (XSS) vulnerabilities in admin.tool CMS ...)
+CVE-2006-5769
 	NOT-FOR-US: admin.tool CMS
-CVE-2006-5768 (Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 ...)
+CVE-2006-5768
 	NOT-FOR-US: Cyberfolio
-CVE-2006-5767 (PHP remote file inclusion vulnerability in includes/xhtml.php in Drake ...)
+CVE-2006-5767
 	NOT-FOR-US: Drake CMS
-CVE-2006-5766 (PHP remote file inclusion vulnerability in volume.php in Article ...)
+CVE-2006-5766
 	NOT-FOR-US: Article System
-CVE-2006-5765 (SQL injection vulnerability in rss.php in Article Script 1.6.3 and ...)
+CVE-2006-5765
 	NOT-FOR-US: Article Script
-CVE-2006-5764 (PHP remote file inclusion vulnerability in contact.php in Free File ...)
+CVE-2006-5764
 	NOT-FOR-US: Free File Hosting
-CVE-2006-5763 (Multiple PHP remote file inclusion vulnerabilities in Free File ...)
+CVE-2006-5763
 	NOT-FOR-US: Free File Hosting
-CVE-2006-5762 (PHP remote file inclusion vulnerability in forgot_pass.php in Free ...)
+CVE-2006-5762
 	NOT-FOR-US: Free File Hosting
-CVE-2006-5761 (Cross-site scripting (XSS) vulnerability in index.php in Rhadrix ...)
+CVE-2006-5761
 	NOT-FOR-US: Rhadrix If-CMS
-CVE-2006-5760 (Multiple PHP remote file inclusion vulnerabilities in phpDynaSite ...)
+CVE-2006-5760
 	NOT-FOR-US: phpDynaSite
-CVE-2006-5759 (index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote ...)
+CVE-2006-5759
 	NOT-FOR-US: Rhadrix If-CMS
-CVE-2006-5758 (The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 ...)
+CVE-2006-5758
 	NOT-FOR-US: Microsoft
-CVE-2006-5757 (Race condition in the __find_get_block_slow function in the ISO9660 ...)
+CVE-2006-5757
 	{DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (low)
 CVE-2006-5756
 	REJECTED
-CVE-2006-5755 (Linux kernel before 2.6.18, when running on x86_64 systems, does not ...)
+CVE-2006-5755
 	{DSA-1381-2}
 	- linux-2.6 2.6.18.dfsg.1-10
-CVE-2006-5754 (The aio_setup_ring function in Linux kernel does not properly ...)
+CVE-2006-5754
 	{DSA-1304}
 	- linux-2.6 <not-affected> (Fixed before initial upload; 2.6.10)
-CVE-2006-5753 (Unspecified vulnerability in the listxattr system call in Linux ...)
+CVE-2006-5753
 	{DSA-1503-2 DSA-1503-1 DSA-1356-1 DSA-1304}
 	- linux-2.6 2.6.20-1
-CVE-2006-5752 (Cross-site scripting (XSS) vulnerability in mod_status.c in the ...)
+CVE-2006-5752
 	- apache2 2.2.4-2 (low)
 	[sarge] - apache2 2.0.54-5sarge2
 	[etch] - apache2 2.2.3-4+etch2
 	- apache <removed> (low)
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2006-5751 (Integer overflow in the get_fdb_entries function in ...)
+CVE-2006-5751
 	{DSA-1233}
 	- linux-2.6 2.6.18-8 (medium)
-CVE-2006-5750 (Directory traversal vulnerability in the DeploymentFileRepository ...)
+CVE-2006-5750
 	NOT-FOR-US: JBoss
-CVE-2006-5749 (The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c ...)
+CVE-2006-5749
 	- linux-2.6 2.6.18.dfsg.1-10
-CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
+CVE-2006-5748
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-65
 	- firefox 45.0-1 (high)
@@ -3372,7 +3372,7 @@ CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine in
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <removed> (high)
 	- xulrunner 1.8.0.8-1 (high)
-CVE-2006-5747 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, ...)
+CVE-2006-5747
 	NOTE: MFSA-2006-65
 	- firefox 45.0-1 (high)
 	- firefox-esr 45.0esr-1 (high)
@@ -3385,98 +3385,98 @@ CVE-2006-5747 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, ...)
 	[sarge] - mozilla <not-affected> (Vulnerable code not present)
 	[sarge] - mozilla-firefox <not-affected> (Vulnerable code not present)
 	[sarge] - mozilla-thunderbird <not-affected> (Vulnerable code not present)
-CVE-2006-5746 (The console in AirMagnet Enterprise before 7.5 build 6307 does not ...)
+CVE-2006-5746
 	NOT-FOR-US: AirMagnet
-CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the ...)
+CVE-2006-5745
 	NOT-FOR-US: Microsoft
-CVE-2006-5744 (Multiple SQL injection vulnerabilities in Highwall Enterprise and ...)
+CVE-2006-5744
 	NOT-FOR-US: Highwall Enterprise
-CVE-2006-5743 (Multiple cross-site scripting (XSS) vulnerabilities in Highwall ...)
+CVE-2006-5743
 	NOT-FOR-US: Highwall Enterprise
-CVE-2006-5742 (The AirMagnet Enterprise console and Remote Sensor console (Laptop) in ...)
+CVE-2006-5742
 	NOT-FOR-US: AirMagnet Enterprise
-CVE-2006-5741 (Multiple cross-site scripting (XSS) vulnerabilities in AirMagnet ...)
+CVE-2006-5741
 	NOT-FOR-US: AirMagnet Enterprise
-CVE-2006-5739 (PHP remote file inclusion vulnerability in cpadmin/cpa_index.php in ...)
+CVE-2006-5739
 	NOT-FOR-US: communityPortals
-CVE-2006-5738 (Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow ...)
+CVE-2006-5738
 	NOT-FOR-US: PunBB
-CVE-2006-5737 (PunBB uses a predictable cookie_seed value that can be derived from ...)
+CVE-2006-5737
 	NOT-FOR-US: PunBB
-CVE-2006-5736 (SQL injection vulnerability in search.php in PunBB before 1.2.14, when ...)
+CVE-2006-5736
 	NOT-FOR-US: PunBB
-CVE-2006-5735 (Directory traversal vulnerability in include/common.php in PunBB ...)
+CVE-2006-5735
 	NOT-FOR-US: PunBB
-CVE-2006-5734 (Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 ...)
+CVE-2006-5734
 	NOT-FOR-US: ATutor
-CVE-2006-5733 (Directory traversal vulnerability in error.php in PostNuke 0.763 and ...)
+CVE-2006-5733
 	NOT-FOR-US: PostNuke
-CVE-2006-5732 (SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and ...)
+CVE-2006-5732
 	NOT-FOR-US: T.G.S. CMS
-CVE-2006-5731 (Directory traversal vulnerability in classes/index.php in Lithium CMS ...)
+CVE-2006-5731
 	NOT-FOR-US: Lithium CMS
-CVE-2006-5730 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5730
 	NOT-FOR-US: Modx CMS
-CVE-2006-5729 (Yazd Discussion Forum before 3.0 beta does not properly manage forum ...)
+CVE-2006-5729
 	NOT-FOR-US: Yazd Discussion Forum
-CVE-2006-5728 (XM Easy Personal FTP Server 5.2.1 and earlier allows remote ...)
+CVE-2006-5728
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2006-5727 (PHP remote file inclusion vulnerability in admin/controls/cart.php in ...)
+CVE-2006-5727
 	NOT-FOR-US: sazcart
-CVE-2006-5726 (alloccgblk in the UFS filesystem in Solaris 10 allows local users to ...)
+CVE-2006-5726
 	NOT-FOR-US: Solaris
-CVE-2006-5725 (The SSL server in AEP Smartgate 4.3b allows remote attackers to ...)
+CVE-2006-5725
 	NOT-FOR-US: AEP Smartgate
-CVE-2006-5724 (Heap-based buffer overflow the &quot;Answering Service&quot; function in ICQ ...)
+CVE-2006-5724
 	NOT-FOR-US: ICQ
-CVE-2006-5723 (SQL injection vulnerability in DataparkSearch Engine 4.42 and earlier ...)
+CVE-2006-5723
 	NOT-FOR-US: DataparkSearch Engine
-CVE-2006-5722 (Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 ...)
+CVE-2006-5722
 	NOT-FOR-US: Segue CMS
-CVE-2006-5721 (The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) ...)
+CVE-2006-5721
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2006-5720 (SQL injection vulnerability in modules/journal/search.php in the ...)
+CVE-2006-5720
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-5719 (SQL injection vulnerability in libs/sessions.lib.php in BytesFall ...)
+CVE-2006-5719
 	NOT-FOR-US: BytesFall Explorer (bfExplorer)
-CVE-2006-5718 (Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin ...)
+CVE-2006-5718
 	- phpmyadmin 4:2.9.0.3-1 (low; bug #396638)
 	[sarge]	- phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-5717 (Multiple cross-site scripting (XSS) vulnerabilities in Zend Google ...)
+CVE-2006-5717
 	NOT-FOR-US: Zend Google Data Client Library (ZendGData)
-CVE-2006-5716 (Directory traversal vulnerability in aff_news.php in FreeNews 2.1 ...)
+CVE-2006-5716
 	NOT-FOR-US: FreeNews
-CVE-2006-5715 (Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS ...)
+CVE-2006-5715
 	NOT-FOR-US: Easy File Sharing (EFS) Easy Address Book
-CVE-2006-5714 (Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file ...)
+CVE-2006-5714
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-5713 (Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) ...)
+CVE-2006-5713
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-5712 (Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows ...)
+CVE-2006-5712
 	NOT-FOR-US: Mirapoint WebMail
-CVE-2006-5711 (ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router allows remote ...)
+CVE-2006-5711
 	NOT-FOR-US: ECI Telecom
-CVE-2006-5710 (The Airport driver for certain Orinoco based Airport cards in Darwin ...)
+CVE-2006-5710
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-5709 (Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon ...)
+CVE-2006-5709
 	NOT-FOR-US: Alt-N Technologies MDaemon
-CVE-2006-5708 (Multiple unspecified vulnerabilities in MDaemon and WorldClient in ...)
+CVE-2006-5708
 	NOT-FOR-US: Alt-N Technologies MDaemon
-CVE-2006-5707 (SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and ...)
+CVE-2006-5707
 	NOT-FOR-US: PHPEasyData
-CVE-2006-5706 (Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local ...)
+CVE-2006-5706
 	- php5 5.2.0-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: lack of basedir restrictions are not security-relevant by Debian PHP security policy
-CVE-2006-5705 (Multiple directory traversal vulnerabilities in ...)
+CVE-2006-5705
 	- wordpress 2.0.5-0.1
-CVE-2006-5704 (HP NonStop Server G06.29, when running Standard Security T6533G06 ...)
+CVE-2006-5704
 	NOT-FOR-US: HP
-CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in tiki-featured_link.php in ...)
+CVE-2006-5703
 	- tikiwiki 1.9.6+dfsg-1 (low)
-CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information ...)
+CVE-2006-5702
 	- tikiwiki 1.9.6+dfsg-1 (medium)
-CVE-2006-5701 (Double free vulnerability in squashfs module in the Linux kernel ...)
+CVE-2006-5701
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- squashfs 1:3.1r2-6.1
 	NOTE: Mounting filesystem partitions should be limited to root
@@ -3518,105 +3518,105 @@ CVE-2006-5683
 	REJECTED
 CVE-2006-5682
 	REJECTED
-CVE-2006-5681 (QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with ...)
+CVE-2006-5681
 	NOT-FOR-US: QuickTime on Mac OS X
-CVE-2006-5680 (The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before ...)
+CVE-2006-5680
 	- libarchive 1.3.1-1 (unimportant)
-CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows ...)
+CVE-2006-5679
 	- kfreebsd-5 <removed> (medium)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5678 (** DISPUTED ** ...)
+CVE-2006-5678
 	NOT-FOR-US: Les Visiteurs
-CVE-2006-5677 (resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and ...)
+CVE-2006-5677
 	- torque 2.1.6-1
-CVE-2006-5676 (SQL injection vulnerability in consult/classement.php in Uni-Vert ...)
+CVE-2006-5676
 	NOT-FOR-US: PhpLeague
-CVE-2006-5675 (Multiple unspecified vulnerabilities in Pentaho Business Intelligence ...)
+CVE-2006-5675
 	NOT-FOR-US: Pentaho Business Intelligence (BI) Suite
-CVE-2006-5674 (Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and ...)
+CVE-2006-5674
 	NOT-FOR-US: miniBB
-CVE-2006-5673 (PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB ...)
+CVE-2006-5673
 	NOT-FOR-US: miniBB
-CVE-2006-5672 (PHP remote file inclusion vulnerability in web/init_mysource.php in ...)
+CVE-2006-5672
 	NOT-FOR-US: MySource CMS
-CVE-2006-5671 (PHP remote file inclusion vulnerability in contact.php in Free Image ...)
+CVE-2006-5671
 	NOT-FOR-US: Free Image Hosting
-CVE-2006-5670 (PHP remote file inclusion vulnerability in forgot_pass.php in Free ...)
+CVE-2006-5670
 	NOT-FOR-US: Free Image Hosting
-CVE-2006-5669 (PHP remote file inclusion vulnerability in gestion/savebackup.php in ...)
+CVE-2006-5669
 	NOT-FOR-US: Gepi
-CVE-2006-5668 (Unspecified vulnerability in Ampache 3.3.2 and earlier, when ...)
+CVE-2006-5668
 	NOT-FOR-US: Ampache
-CVE-2006-5667 (Multiple PHP remote file inclusion vulnerabilities in P-Book 1.17 and ...)
+CVE-2006-5667
 	NOT-FOR-US: P-Book
-CVE-2006-5666 (SQL injection vulnerability in includes/menu.inc.php in E-Annu 1.0 ...)
+CVE-2006-5666
 	NOT-FOR-US: E-Annu
-CVE-2006-5665 (PHP remote file inclusion vulnerability in admin/modules_data.php in ...)
+CVE-2006-5665
 	NOT-FOR-US: phpBB module Spider Friendly
-CVE-2006-5664 (The installation script in IBM Informix Dynamic Server 10.00, Informix ...)
+CVE-2006-5664
 	NOT-FOR-US: IBM Informix
-CVE-2006-5663 (IBM Informix Dynamic Server 10.00, Informix Client Software ...)
+CVE-2006-5663
 	NOT-FOR-US: IBM Informix
-CVE-2006-5662 (SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows ...)
+CVE-2006-5662
 	NOT-FOR-US: easy notesManager (eNM)
-CVE-2006-5661 (Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech ...)
+CVE-2006-5661
 	NOT-FOR-US: Netquery
-CVE-2006-5660 (Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 ...)
+CVE-2006-5660
 	NOT-FOR-US: Cisco
-CVE-2006-5659 (PAM_extern before 0.2 sends a password as a command line argument, ...)
+CVE-2006-5659
 	NOT-FOR-US: PAM_extern
-CVE-2006-5658 (BlooMooWeb ActiveX control (AidemATL.dll) allows remote attackers to ...)
+CVE-2006-5658
 	NOT-FOR-US: BlooMooWeb ActiveX control
-CVE-2006-5657 (Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 ...)
+CVE-2006-5657
 	NOT-FOR-US: Vilistextum
-CVE-2006-5656 (Memory leak in the push_align function in src/util.c in Vilistextum ...)
+CVE-2006-5656
 	NOT-FOR-US: Vilistextum
-CVE-2006-5655 (SQL injection vulnerability in index.php in OpenDocMan 1.2p3 allows ...)
+CVE-2006-5655
 	NOT-FOR-US: OpenDocMan
-CVE-2006-5654 (Unspecified vulnerability in the Network Security Services (NSS) in ...)
+CVE-2006-5654
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2006-5653 (Cross-site scripting (XSS) vulnerability in the errorHTML function in ...)
+CVE-2006-5653
 	NOT-FOR-US: Sun Java System Messenger Express
-CVE-2006-5652 (Cross-site scripting (XSS) vulnerability in Sun iPlanet Messaging ...)
+CVE-2006-5652
 	NOT-FOR-US: Sun
-CVE-2006-5651 (list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to ...)
+CVE-2006-5651
 	NOT-FOR-US: DigiOz Guestbook
-CVE-2006-5650 (The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ ...)
+CVE-2006-5650
 	NOT-FOR-US: ICQPhone.SipxPhoneManager
-CVE-2006-5649 (Unspecified vulnerability in the &quot;alignment check exception handling&quot; ...)
+CVE-2006-5649
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.18-4
-CVE-2006-5648 (Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a ...)
+CVE-2006-5648
 	- linux-2.6 2.6.18-1 (low)
-CVE-2006-5647 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for ...)
+CVE-2006-5647
 	NOT-FOR-US: Sophos
-CVE-2006-5646 (Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security ...)
+CVE-2006-5646
 	NOT-FOR-US: Sophos
-CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for ...)
+CVE-2006-5645
 	NOT-FOR-US: Sophos
 CVE-2006-5644
 	RESERVED
-CVE-2006-5643 (Cross-site scripting (XSS) vulnerability in search_de.html in foresite ...)
+CVE-2006-5643
 	NOT-FOR-US: foresite CMS
-CVE-2006-5642 (Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown ...)
+CVE-2006-5642
 	NOT-FOR-US: NmnLogger
-CVE-2006-5641 (SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams ...)
+CVE-2006-5641
 	NOT-FOR-US: Techno Dreams
-CVE-2006-5640 (SQL injection vulnerability in guestbookview.asp in Techno Dreams ...)
+CVE-2006-5640
 	NOT-FOR-US: Techno Dreams
-CVE-2006-5639 (Unspecified vulnerability in the random number generator in OpenWBEM ...)
+CVE-2006-5639
 	NOT-FOR-US: OpenWBEM
-CVE-2006-5638 (Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing ...)
+CVE-2006-5638
 	NOT-FOR-US: PHPMyRing
-CVE-2006-5637 (PHP remote file inclusion vulnerability in faq_reply.php in Faq ...)
+CVE-2006-5637
 	NOT-FOR-US: Faq Administrator
-CVE-2006-5636 (PHP remote file inclusion vulnerability in common.php in Simple ...)
+CVE-2006-5636
 	NOT-FOR-US: Simple Website Software
-CVE-2006-5635 (SQL injection vulnerability in forum/search.asp in Web Wiz Forums ...)
+CVE-2006-5635
 	NOT-FOR-US: Web Wiz Forums
-CVE-2006-5634 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...)
+CVE-2006-5634
 	NOT-FOR-US: phpProfiles
-CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers ...)
+CVE-2006-5633
 	- firefox 45.0-1 (unimportant)
 	- firefox-esr 45.0esr-1 (unimportant)
 	- iceweasel <removed> (unimportant)
@@ -3625,366 +3625,366 @@ CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attack
 	- xulrunner <unfixed> (unimportant)
 	- mozilla-firefox <removed> (unimportant)
 	- mozilla-thunderbird <removed> (unimportant)
-CVE-2006-5632 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
+CVE-2006-5632
 	NOT-FOR-US: iG Shop
-CVE-2006-5631 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
+CVE-2006-5631
 	NOT-FOR-US: iG Shop
-CVE-2006-5630 (Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to ...)
+CVE-2006-5630
 	NOT-FOR-US: Hosting Controller
-CVE-2006-5629 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 ...)
+CVE-2006-5629
 	NOT-FOR-US: Hosting Controller
-CVE-2006-5628 (SQL injection vulnerability in login.asp in UNISOR Content Management ...)
+CVE-2006-5628
 	NOT-FOR-US: UNISOR Content Management System (CMS)
-CVE-2006-5627 (Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and ...)
+CVE-2006-5627
 	NOT-FOR-US: QnECMS
-CVE-2006-5626 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-5626
 	NOT-FOR-US: phpFaber
-CVE-2006-5625 (PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in ...)
+CVE-2006-5625
 	NOT-FOR-US: N/X 2002 Professional Edition Web Content Management System (WCMS)
-CVE-2006-5624 (Multiple PHP remote file inclusion vulnerabilities in Multi-Page ...)
+CVE-2006-5624
 	NOT-FOR-US: Multi-Page Comment System (MPCS)
-CVE-2006-5623 (PHP remote file inclusion vulnerability in ip.inc.php in Electronic ...)
+CVE-2006-5623
 	NOT-FOR-US: Electronic Engineering Tool (EE Tool)
-CVE-2006-5622 (SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery ...)
+CVE-2006-5622
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-5621 (PHP remote file inclusion vulnerability in end.php in ask_rave 0.9 PR, ...)
+CVE-2006-5621
 	NOT-FOR-US: ask_rave
-CVE-2006-5620 (PHP remote file inclusion vulnerability in include/menu_builder.php in ...)
+CVE-2006-5620
 	NOT-FOR-US: MiniBILL
-CVE-2006-5619 (The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in ...)
+CVE-2006-5619
 	{DSA-1233}
 	- linux-2.6 2.6.18-4 (low)
-CVE-2006-5618 (Directory traversal vulnerability in script/cat_for_aff.php in Netref ...)
+CVE-2006-5618
 	NOT-FOR-US: Netref
-CVE-2006-5617 (Directory traversal vulnerability in index.php in Thepeak File Upload ...)
+CVE-2006-5617
 	NOT-FOR-US: Thepeak File Upload Manager
-CVE-2006-5616 (Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux ...)
+CVE-2006-5616
 	NOT-FOR-US: OpenPBS
-CVE-2006-5615 (PHP remote file inclusion vulnerability in publish.php in Textpattern ...)
+CVE-2006-5615
 	NOT-FOR-US: Textpattern
-CVE-2006-5614 (Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP ...)
+CVE-2006-5614
 	NOT-FOR-US: Microsoft
-CVE-2006-5613 (PHP remote file inclusion in Core/core.inc.php in MP3 Streaming ...)
+CVE-2006-5613
 	NOT-FOR-US: MP3 Streaming DownSampler (mp3SDS)
-CVE-2006-5612 (PHP remote file inclusion vulnerability in aide.php3 (aka aide.php) in ...)
+CVE-2006-5612
 	NOT-FOR-US: GestArt
-CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 ...)
+CVE-2006-5611
 	NOT-FOR-US: Toshiba
-CVE-2006-5610 (PHP remote file inclusion vulnerability in player/includes/common.php ...)
+CVE-2006-5610
 	NOT-FOR-US: Teake Nutma Foing
-CVE-2006-5609 (Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows ...)
+CVE-2006-5609
 	- torrentflux 2.1-5 (bug #395930; medium)
-CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before ...)
+CVE-2006-5608
 	NOT-FOR-US: Extended Tracker (xtracker) for Drupal
-CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 ...)
+CVE-2006-5607
 	NOT-FOR-US: INCA IM-204
-CVE-2006-5606 (Multiple SQL injection vulnerabilities in BytesFall Explorer ...)
+CVE-2006-5606
 	NOT-FOR-US: BytesFall Explorer (bfExplorer)
-CVE-2006-5605 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-5605
 	NOT-FOR-US: phpCards
-CVE-2006-5604 (Directory traversal vulnerability in phpcards.header.php in phpCards ...)
+CVE-2006-5604
 	NOT-FOR-US: phpCards
-CVE-2006-5603 (SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 ...)
+CVE-2006-5603
 	NOT-FOR-US: Snitz Forums
-CVE-2006-5600 (Axalto Protiva 1.1, possibly only non-commercial versions, stores ...)
+CVE-2006-5600
 	NOT-FOR-US: Axalto Protiva
-CVE-2006-5599 (Cross-site scripting (XSS) vulnerability in Oracle Application Express ...)
+CVE-2006-5599
 	NOT-FOR-US: Oracle
-CVE-2006-5598 (Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery ...)
+CVE-2006-5598
 	NOT-FOR-US: GOOP Gallery
-CVE-2006-5597 (join.asp in MiniHTTP Web Forum &amp; File Server PowerPack 4.0 allows ...)
+CVE-2006-5597
 	NOT-FOR-US: MiniHTTP Web Forum
-CVE-2006-5596 (Directory traversal vulnerability in the SSL server in AEP Smartgate ...)
+CVE-2006-5596
 	NOT-FOR-US: AEP Smartgate
-CVE-2006-5595 (Unspecified vulnerability in the AirPcap support in Wireshark ...)
+CVE-2006-5595
 	- wireshark 0.99.4-1 (bug #396258)
-CVE-2006-5594 (PHP remote file inclusion vulnerability in University of British ...)
+CVE-2006-5594
 	NOT-FOR-US: iPeer
-CVE-2006-5593 (Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow ...)
+CVE-2006-5593
 	NOT-FOR-US: Desknet's (niokeru)
-CVE-2006-5592 (Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote attackers to ...)
+CVE-2006-5592
 	NOT-FOR-US: PacPoll
-CVE-2006-5591 (Multiple SQL injection vulnerabilities in Admin/check.asp in PacPoll ...)
+CVE-2006-5591
 	NOT-FOR-US: PacPoll
-CVE-2006-5590 (PHP remote file inclusion vulnerability in index.php in ArticleBeach ...)
+CVE-2006-5590
 	NOT-FOR-US: ArticleBeach Script
-CVE-2006-5589 (Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and ...)
+CVE-2006-5589
 	NOT-FOR-US: LedgerSMB (LSMB)
-CVE-2006-5588 (Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 ...)
+CVE-2006-5588
 	NOT-FOR-US: CMS Faethon
-CVE-2006-5587 (Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and ...)
+CVE-2006-5587
 	NOT-FOR-US: MDweb
-CVE-2006-5586 (The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 ...)
+CVE-2006-5586
 	NOT-FOR-US: Microsoft GDI
-CVE-2006-5585 (The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and ...)
+CVE-2006-5585
 	NOT-FOR-US: Microsoft
-CVE-2006-5584 (The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 ...)
+CVE-2006-5584
 	NOT-FOR-US: Microsoft
-CVE-2006-5583 (Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, ...)
+CVE-2006-5583
 	NOT-FOR-US: Microsoft
 CVE-2006-5582
 	REJECTED
-CVE-2006-5581 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows ...)
+CVE-2006-5581
 	NOT-FOR-US: Microsoft
 CVE-2006-5580
 	RESERVED
-CVE-2006-5579 (Microsoft Internet Explorer 6 allows remote attackers to execute ...)
+CVE-2006-5579
 	NOT-FOR-US: Microsoft
-CVE-2006-5578 (Microsoft Internet Explorer 6 and earlier allows remote attackers to read ...)
+CVE-2006-5578
 	NOT-FOR-US: Microsoft
-CVE-2006-5577 (Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain ...)
+CVE-2006-5577
 	NOT-FOR-US: Microsoft
 CVE-2006-5576
 	REJECTED
 CVE-2006-5575
 	REJECTED
-CVE-2006-5574 (Unspecified vulnerability in the Brazilian Portuguese Grammar Checker ...)
+CVE-2006-5574
 	NOT-FOR-US: Microsoft
 CVE-2006-5573
 	REJECTED
 CVE-2006-5572
 	REJECTED
-CVE-2006-5571 (Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks ...)
+CVE-2006-5571
 	NOT-FOR-US: CruiseWorks
-CVE-2006-5570 (Directory traversal vulnerability in /scripts/cruise/cws.exe in ...)
+CVE-2006-5570
 	NOT-FOR-US: CruiseWorks
-CVE-2006-5569 (FtpXQ Server 3.0.1 installs with two default testing accounts, which ...)
+CVE-2006-5569
 	NOT-FOR-US: FtpXQ
-CVE-2006-5568 (FtpXQ Server 3.0.1 allows remote attackers to cause a denial of ...)
+CVE-2006-5568
 	NOT-FOR-US: FtpXQ
-CVE-2006-5567 (Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before ...)
+CVE-2006-5567
 	NOT-FOR-US: WinAmp
-CVE-2006-5566 (CRLF injection vulnerability in premium/index.php in Shop-Script ...)
+CVE-2006-5566
 	NOT-FOR-US: Shop-Script
-CVE-2006-5565 (CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote ...)
+CVE-2006-5565
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-5564 (Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro ...)
+CVE-2006-5564
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-5563 (Unspecified vulnerability in Yahoo! Messenger (Service 18) before ...)
+CVE-2006-5563
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2006-5562 (PHP remote file inclusion vulnerability in include/database.php in ...)
+CVE-2006-5562
 	NOT-FOR-US: SourceForge (gforge is not affected)
-CVE-2006-5561 (SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows ...)
+CVE-2006-5561
 	NOT-FOR-US: Discuz! GBK
-CVE-2006-5560 (Cross-site scripting (XSS) vulnerability in heading.php in Boesch ...)
+CVE-2006-5560
 	NOT-FOR-US: ProgSys
-CVE-2006-5559 (The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control ...)
+CVE-2006-5559
 	NOT-FOR-US: ADODB.Connection 2.7 ActiveX control
-CVE-2006-5558 (Format string vulnerability in the swask command in HP-UX B.11.11 and ...)
+CVE-2006-5558
 	NOT-FOR-US: HP-UX
-CVE-2006-5557 (Stack-based buffer overflow in the (1) swpackage and (2) swmodify ...)
+CVE-2006-5557
 	NOT-FOR-US: HP-UX
-CVE-2006-5556 (Buffer overflow in the localtime_r function, and certain other ...)
+CVE-2006-5556
 	NOT-FOR-US: swask
-CVE-2006-5555 (PHP remote file inclusion vulnerability in constantes.inc.php in ...)
+CVE-2006-5555
 	NOT-FOR-US: EPNadmin
-CVE-2006-5554 (Directory traversal vulnerability in index.php in Imageview 5 allows ...)
+CVE-2006-5554
 	NOT-FOR-US: Imageview
-CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 ...)
+CVE-2006-5553
 	NOT-FOR-US: Cisco
-CVE-2006-5552 (Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and ...)
+CVE-2006-5552
 	NOT-FOR-US: RevilloC MailServer
-CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow ...)
+CVE-2006-5551
 	NOT-FOR-US: QK SMTP
-CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause ...)
+CVE-2006-5550
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5549 (** DISPUTED ** ...)
+CVE-2006-5549
 	NOT-FOR-US: Adobe PHP SDK
-CVE-2006-5548 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...)
+CVE-2006-5548
 	NOT-FOR-US: Open Tibia Server Content Management System
-CVE-2006-5547 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...)
+CVE-2006-5547
 	NOT-FOR-US: Open Tibia Server Content Management System
-CVE-2006-5546 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...)
+CVE-2006-5546
 	NOT-FOR-US: Open Tibia Server Content Management System
-CVE-2006-5545 (Premium Antispam in Symantec Mail Security for Domino Server 5.1.x ...)
+CVE-2006-5545
 	NOT-FOR-US: Symantec
-CVE-2006-5544 (Visual truncation vulnerability in Microsoft Internet Explorer 7 ...)
+CVE-2006-5544
 	NOT-FOR-US: Microsoft
-CVE-2006-5543 (PHP remote file inclusion vulnerability in misc/function.php3 in PHP ...)
+CVE-2006-5543
 	NOT-FOR-US: PHP Generator of Object SQL Database
-CVE-2006-5542 (backend/tcop/postgres.c in PostgreSQL 8.1.x before 8.1.5 allows remote ...)
+CVE-2006-5542
 	- postgresql-8.1 8.1.5-1 (unimportant)
 	NOTE: All crashes can only be triggered by authenticated users, these are not
 	NOTE: treated as vulnerabilities.
-CVE-2006-5541 (backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, ...)
+CVE-2006-5541
 	- postgresql-7.4 1:7.4.14-1 (unimportant)
 	- postgresql-8.1 8.1.5-1 (unimportant)
 	[sarge] - postgresql <unfixed> (unimportant)
 	NOTE: All crashes can only be triggered by authenticated users, these are not
 	NOTE: treated as vulnerabilities.
-CVE-2006-5540 (backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows ...)
+CVE-2006-5540
 	- postgresql-8.1 8.1.5-1 (unimportant)
 	NOTE: All crashes can only be triggered by authenticated users, these are not
 	NOTE: treated as vulnerabilities.
-CVE-2006-5539 (PHP remote file inclusion vulnerability in login/secure.php in ...)
+CVE-2006-5539
 	NOT-FOR-US: UeberProject Management System
-CVE-2006-5538 (D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote ...)
+CVE-2006-5538
 	NOT-FOR-US: D-Link
-CVE-2006-5537 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm ...)
+CVE-2006-5537
 	NOT-FOR-US: D-Link
-CVE-2006-5536 (Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T ...)
+CVE-2006-5536
 	NOT-FOR-US: D-Link
-CVE-2006-5535 (Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager ...)
+CVE-2006-5535
 	NOT-FOR-US: WebHostManager cPanel
-CVE-2006-5534 (Multiple cross-site scripting (XSS) vulnerabilities in index.htm in ...)
+CVE-2006-5534
 	NOT-FOR-US: Zwahlen Online Shop Freeware
-CVE-2006-5533 (Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9, ...)
+CVE-2006-5533
 	NOT-FOR-US: AROUNDMe
-CVE-2006-5532 (Cross-site scripting (XSS) vulnerability in rmgs/images.php in RMSOFT ...)
+CVE-2006-5532
 	NOT-FOR-US: RMSOFT Gallery System
-CVE-2006-5531 (PHP remote file inclusion vulnerability in embedded.php in Ascended ...)
+CVE-2006-5531
 	NOT-FOR-US: Ascended Guestbook
-CVE-2006-5530 (Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews ...)
+CVE-2006-5530
 	NOT-FOR-US: SimpNews
-CVE-2006-5529 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-5529
 	NOT-FOR-US: SchoolAlumni Portal
-CVE-2006-5528 (Directory traversal vulnerability in mod.php in SchoolAlumni Portal ...)
+CVE-2006-5528
 	NOT-FOR-US: SchoolAlumni Portal
-CVE-2006-5527 (PHP remote file inclusion vulnerability in lib.editor.inc.php in ...)
+CVE-2006-5527
 	NOT-FOR-US: InteliEditor
-CVE-2006-5526 (Multiple PHP remote file inclusion vulnerabilities in Teake Nutma ...)
+CVE-2006-5526
 	NOT-FOR-US: Fully Modded phpBB (phpbbfm) / Teake Nutma Foing
-CVE-2006-5525 (Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and ...)
+CVE-2006-5525
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-5524 (Cross-site scripting (XSS) vulnerability in index.php in phplist ...)
+CVE-2006-5524
 	NOT-FOR-US: phplist
-CVE-2006-5523 (PHP remote file inclusion vulnerability in common.php in EZ-Ticket ...)
+CVE-2006-5523
 	NOT-FOR-US: EZ-Ticket
-CVE-2006-5522 (Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt ...)
+CVE-2006-5522
 	NOT-FOR-US: Kawf
-CVE-2006-5521 (PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 ...)
+CVE-2006-5521
 	NOT-FOR-US: Net_DNS
-CVE-2006-5520 (PHP remote file inclusion vulnerability in functions.php in ...)
+CVE-2006-5520
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-5519 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5519
 	- egroupware <not-affected> (there is no path variable used to include plugin.php)
-CVE-2006-5518 (Multiple PHP remote file inclusion vulnerabilities in Christopher ...)
+CVE-2006-5518
 	NOT-FOR-US: RSSonate
-CVE-2006-5517 (Multiple PHP remote file inclusion vulnerabilities in Rhode Island ...)
+CVE-2006-5517
 	NOT-FOR-US: Open Meetings Filing Application
-CVE-2006-5516 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-5516
 	NOT-FOR-US: WikiNi
-CVE-2006-5515 (Cross-site scripting (XSS) vulnerability in lib-history.inc.php in ...)
+CVE-2006-5515
 	NOT-FOR-US: phpPgAds / phpAdsNew
-CVE-2006-5514 (SQL injection vulnerability in quiz.php in Web Group Communication ...)
+CVE-2006-5514
 	NOT-FOR-US: Web Group Communication
-CVE-2006-5513 (SQL injection vulnerability in GeoNetwork opensource before 2.0.3 ...)
+CVE-2006-5513
 	NOT-FOR-US: GeoNetwork opensource
-CVE-2006-5740 (Unspecified vulnerability in the LDAP dissector in Wireshark (formerly ...)
+CVE-2006-5740
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-5602 (Multiple memory leaks in xsupplicant before 1.2.6, and possibly other ...)
+CVE-2006-5602
 	- xsupplicant 1.2.4.dfsg.1-3 (bug #396204; medium)
-CVE-2006-5601 (Stack-based buffer overflow in the eap_do_notify function in eap.c in ...)
+CVE-2006-5601
 	- xsupplicant 1.2.4.dfsg.1-3 (bug #396204; medium)
 CVE-2006-XXXX [several possible mysql 5.0 local DoS vulnerabilities]
 	- mysql-dfsg-5.0 5.0.26-1 (low)
-CVE-2006-5512 (Cross-site scripting (XSS) vulnerability in article.htm in Zwahlen ...)
+CVE-2006-5512
 	NOT-FOR-US: Zwahlen Online Shop
-CVE-2006-5511 (Direct static code injection vulnerability in delete.php in JaxUltraBB ...)
+CVE-2006-5511
 	NOT-FOR-US: JaxUltraBB
-CVE-2006-5510 (Directory traversal vulnerability in explorer_load_lang.php in PH ...)
+CVE-2006-5510
 	NOT-FOR-US: Pexplorer
-CVE-2006-5509 (Eval injection vulnerability in addentry.php in WoltLab Burning Book ...)
+CVE-2006-5509
 	NOT-FOR-US: Burning Book
-CVE-2006-5508 (Multiple SQL injection vulnerabilities in addentry.php in WoltLab ...)
+CVE-2006-5508
 	NOT-FOR-US: Burning Book
-CVE-2006-5507 (Multiple PHP remote file inclusion vulnerabilities in Der Dirigent ...)
+CVE-2006-5507
 	NOT-FOR-US: Der Dirigent
-CVE-2006-5506 (Multiple PHP remote file inclusion vulnerabilities in WiClear 0.10 ...)
+CVE-2006-5506
 	NOT-FOR-US: WiClear
-CVE-2006-5505 (Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote ...)
+CVE-2006-5505
 	NOT-FOR-US: 2BGal
-CVE-2006-5504 (Cross-site scripting (XSS) vulnerability in index.php in Simple ...)
+CVE-2006-5504
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-5503 (Cross-site scripting (XSS) vulnerability in index.php in Simple ...)
+CVE-2006-5503
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-5502 (Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX ...)
+CVE-2006-5502
 	NOT-FOR-US: AOL Security Edition
-CVE-2006-5501 (Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control ...)
+CVE-2006-5501
 	NOT-FOR-US: AOL Security Edition
-CVE-2006-5500 (Multiple SQL injection vulnerabilities in the checkUser function in ...)
+CVE-2006-5500
 	NOT-FOR-US: XchangeBoard
-CVE-2006-5499 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity ...)
+CVE-2006-5499
 	- serendipity 1.0.2-1
-CVE-2006-5498 (Directory traversal vulnerability in ...)
+CVE-2006-5498
 	NOT-FOR-US: Segue CMS
-CVE-2006-5497 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5497
 	NOT-FOR-US: Segue CMS
-CVE-2006-5496 (Multiple cross-site scripting (XSS) vulnerabilities in Timothy Claason ...)
+CVE-2006-5496
 	NOT-FOR-US: Timothy Claason KnowledgeBank
-CVE-2006-5495 (Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS ...)
+CVE-2006-5495
 	NOT-FOR-US: Trawler Web CMS
-CVE-2006-5494 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2006-5494
 	NOT-FOR-US: pandaBB for PHP-Nuke
-CVE-2006-5493 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5493
 	NOT-FOR-US: DigitalHive
-CVE-2006-5492 (Unspecified vulnerability in Maerys Archive (Maarch) before 2.0.1 ...)
+CVE-2006-5492
 	NOT-FOR-US: Maarch
-CVE-2006-5491 (Multiple SQL injection vulnerabilities in include/index.php in ...)
+CVE-2006-5491
 	NOT-FOR-US: UltraCMS
-CVE-2006-5490 (Multiple SQL injection vulnerabilities in Segue Content Management ...)
+CVE-2006-5490
 	NOT-FOR-US: Segue CMS
-CVE-2006-5489 (Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before ...)
+CVE-2006-5489
 	NOT-FOR-US: RIM BlackBerry Enterprise Server
-CVE-2006-5488 (SQL injection vulnerability in XchangeBoard 1.70, and possibly ...)
+CVE-2006-5488
 	NOT-FOR-US: XchangeBoard
-CVE-2006-5487 (Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, ...)
+CVE-2006-5487
 	NOT-FOR-US: Marshal MailMarshal SMTP
-CVE-2006-5486 (Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System ...)
+CVE-2006-5486
 	NOT-FOR-US: Sun Java System Messaging Server
-CVE-2006-5485 (Multiple PHP remote file inclusion vulnerabilities in SpeedBerg ...)
+CVE-2006-5485
 	NOT-FOR-US: SpeedBerg
-CVE-2006-5484 (SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 ...)
+CVE-2006-5484
 	NOT-FOR-US: SSH Tectia
-CVE-2006-5483 (p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified ...)
+CVE-2006-5483
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5482 (ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified ...)
+CVE-2006-5482
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in 2le.net Castor ...)
+CVE-2006-5481
 	NOT-FOR-US: Castor
-CVE-2006-5480 (PHP remote file inclusion vulnerability in lib/rs.php in 2le.net ...)
+CVE-2006-5480
 	NOT-FOR-US: Castor
-CVE-2006-5479 (The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote ...)
+CVE-2006-5479
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5478 (Multiple stack-based buffer overflows in Novell eDirectory 8.8.x ...)
+CVE-2006-5478
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5477 (Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form ...)
+CVE-2006-5477
 	- drupal <not-affected> (Our version of drupal is too old)
-CVE-2006-5476 (Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before ...)
+CVE-2006-5476
 	- drupal <not-affected> (Our version of drupal is too old)
-CVE-2006-5475 (Multiple cross-site scripting (XSS) vulnerabilities in the XML parser ...)
+CVE-2006-5475
 	- drupal <not-affected> (Our version of drupal is too old)
-CVE-2006-5474 (The &quot;forgot password&quot; function in OneOrZero Helpdesk before 1.6.5.4 ...)
+CVE-2006-5474
 	NOT-FOR-US: OneOrZero Helpdesk
-CVE-2006-5473 (** DISPUTED ** ...)
+CVE-2006-5473
 	NOT-FOR-US: Softerra PHP Developer Library
-CVE-2006-5472 (PHP remote file inclusion vulnerability in Softerra PHP Developer ...)
+CVE-2006-5472
 	NOT-FOR-US: Softerra PHP Developer Library
-CVE-2006-5471 (PHP remote file inclusion vulnerability in example/lib/grid3.lib.php ...)
+CVE-2006-5471
 	NOT-FOR-US: Softerra PHP Developer Library
 CVE-2006-5470
 	REJECTED
-CVE-2006-5469 (Unspecified vulnerability in the WBXML dissector in Wireshark ...)
+CVE-2006-5469
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-5468 (Unspecified vulnerability in the HTTP dissector in Wireshark (formerly ...)
+CVE-2006-5468
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-5467 (The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a ...)
+CVE-2006-5467
 	{DSA-1235-1 DSA-1234-1}
 	- ruby1.8 1.8.5-3 (low; bug #398457)
 	- ruby1.9 1.9.0+20070606-1 (low)
 	[etch] - ruby1.9 <no-dsa> (Minor issue)
-CVE-2006-5466 (Heap-based buffer overflow in the showQueryPackage function in librpm ...)
+CVE-2006-5466
 	- rpm 4.4.1-11 (low; bug #397076)
 	[sarge] - rpm <no-dsa> (You need to trust the RPMs you're installing)
 	NOTE: Only hypothetical, far-fetched attacks feasible
-CVE-2006-5465 (Buffer overflow in PHP before 5.2.0 allows remote attackers to execute ...)
+CVE-2006-5465
 	{DSA-1206-1}
 	- php4 4:4.4.4-4 (high; bug #396764)
 	- php5 5.1.6-6 (high; bug #396766)
-CVE-2006-5464 (Multiple unspecified vulnerabilities in the layout engine in Mozilla ...)
+CVE-2006-5464
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-65
 	- firefox 45.0-1 (low)
@@ -3993,7 +3993,7 @@ CVE-2006-5464 (Multiple unspecified vulnerabilities in the layout engine in Mozi
 	- icedove 1.5.0.8-1 (low)
 	- mozilla <removed> (low)
 	- xulrunner 1.8.0.8-1 (low)
-CVE-2006-5463 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, ...)
+CVE-2006-5463
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-67
 	- firefox 45.0-1 (high)
@@ -4002,7 +4002,7 @@ CVE-2006-5463 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, ...)
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <removed> (high)
 	- xulrunner 1.8.0.8-1 (high)
-CVE-2006-5462 (Mozilla Network Security Service (NSS) library before 3.11.3, as used ...)
+CVE-2006-5462
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-66
 	NOTE: this is the similar to CVE-2006-4339, see also CVE-2006-4340
@@ -4013,284 +4013,284 @@ CVE-2006-5462 (Mozilla Network Security Service (NSS) library before 3.11.3, as
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <removed> (high)
 	- xulrunner 1.8.0.8-1 (high)
-CVE-2006-5461 (Avahi before 0.6.15 does not verify the sender identity of netlink ...)
+CVE-2006-5461
 	- avahi 0.6.15-1 (low)
 CVE-2006-XXXX [diffmon information leakage]
 	- diffmon 20020222-2.2 (bug #382132)
-CVE-2006-5460 (** DISPUTED ** ...)
+CVE-2006-5460
 	NOT-FOR-US: phpht Topsites
-CVE-2006-5459 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine ...)
+CVE-2006-5459
 	NOT-FOR-US: Download-Engine
-CVE-2006-5458 (PHP remote file inclusion vulnerability in common.php in Hinton Design ...)
+CVE-2006-5458
 	NOT-FOR-US: phpht Topsites
-CVE-2006-5457 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2006-5457
 	NOT-FOR-US: Casino Script (Masvet)
-CVE-2006-5456 (Multiple buffer overflows in GraphicsMagick before 1.1.7 and ...)
+CVE-2006-5456
 	{DSA-1213}
 	- graphicsmagick 1.1.7-9 (medium)
 	- imagemagick 7:6.2.4.5.dfsg1-0.11 (bug #393025)
-CVE-2006-5455 (Cross-site request forgery (CSRF) vulnerability in editversions.cgi in ...)
+CVE-2006-5455
 	- bugzilla 2.22.1-1 (bug #395094; low)
 	[sarge] - bugzilla <no-dsa> (CSRF infrastructure not present, too intrusive to backport)
-CVE-2006-5454 (Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before ...)
+CVE-2006-5454
 	- bugzilla 2.22.1-1 (bug #395094; low)
 	[sarge] - bugzilla <not-affected> (Vulnerable code not present)
-CVE-2006-5453 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x ...)
+CVE-2006-5453
 	{DSA-1208-1}
 	- bugzilla 2.22.1-1 (bug #395094; low)
-CVE-2006-5452 (Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX ...)
+CVE-2006-5452
 	NOT-FOR-US: HP Tru64
-CVE-2006-5451 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 ...)
+CVE-2006-5451
 	- torrentflux 2.1-5 (bug #395099; low)
-CVE-2006-5450 (SQL injection vulnerability in index.asp in Kinesis Interactive Cinema ...)
+CVE-2006-5450
 	NOT-FOR-US: Kinesis Interactive Cinema System (KICS) CMS
-CVE-2006-5449 (procmail in Ingo H3 before 1.1.2 Horde module allows remote ...)
+CVE-2006-5449
 	{DSA-1204-1}
 	- ingo1 1.1.2-1 (bug #396099)
-CVE-2006-5448 (The drmstor.dll ActiveX object in Microsoft Windows Digital Rights ...)
+CVE-2006-5448
 	NOT-FOR-US: Microsoft
-CVE-2006-5447 (Cross-site scripting (XSS) vulnerability in index.php in DEV Web ...)
+CVE-2006-5447
 	NOT-FOR-US: DEV Web Management System (WMS)
-CVE-2006-5446 (SQL injection vulnerability in lobby/config.php in Casinosoft Casino ...)
+CVE-2006-5446
 	NOT-FOR-US: Casinosoft Casino Script (aka Masvet)
-CVE-2006-5445 (Unspecified vulnerability in the SIP channel driver ...)
+CVE-2006-5445
 	- asterisk 1:1.2.13~dfsg-1 (medium; bug #395080)
-CVE-2006-5444 (Integer overflow in the get_input function in the Skinny channel ...)
+CVE-2006-5444
 	{DSA-1229-1}
 	- asterisk 1:1.2.13~dfsg-1 (medium; bug #395080; bug #394025)
-CVE-2006-5443 (Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics ...)
+CVE-2006-5443
 	- wims 3.60-1 (bug #395102)
-CVE-2006-5442 (ViewVC 1.0.2 and earlier does not specify a charset in its HTTP ...)
+CVE-2006-5442
 	- viewvc 1.0.3-1 (medium; bug #397669)
-CVE-2006-5441 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web ...)
+CVE-2006-5441
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2006-5440 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev ...)
+CVE-2006-5440
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2006-5439 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev ...)
+CVE-2006-5439
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2006-5438 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev ...)
+CVE-2006-5438
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2006-5437 (** DISPUTED ** ...)
+CVE-2006-5437
 	NOT-FOR-US: phpAdsNew
-CVE-2006-5436 (PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e ...)
+CVE-2006-5436
 	NOT-FOR-US: FreeFAQ
-CVE-2006-5435 (** DISPUTED ** ...)
+CVE-2006-5435
 	- phpbb2 <not-affected> (not vulnerable)
-CVE-2006-5434 (PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 ...)
+CVE-2006-5434
 	NOT-FOR-US: P-News
-CVE-2006-5433 (PHP remote file inclusion vulnerability in modules/guestbook/index.php ...)
+CVE-2006-5433
 	NOT-FOR-US: ALiCE-CMS
-CVE-2006-5432 (Multiple direct static code injection vulnerabilities in ...)
+CVE-2006-5432
 	NOT-FOR-US: phpPowerCards
-CVE-2006-5431 (PHP remote file inclusion vulnerability in gorum/dbproperty.php in ...)
+CVE-2006-5431
 	NOT-FOR-US: PHPOutsourcing Zorum
-CVE-2006-5430 (Cross-site scripting (XSS) vulnerability in the search functionality ...)
+CVE-2006-5430
 	NOT-FOR-US: db-central (dbc) Enterprise CMS
-CVE-2006-5429 (Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM ...)
+CVE-2006-5429
 	NOT-FOR-US: BRIM
-CVE-2006-5428 (rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's ...)
+CVE-2006-5428
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-5427 (PHP remote file inclusion vulnerability in plugins/main.php in Php AMX ...)
+CVE-2006-5427
 	NOT-FOR-US: Php AMX
-CVE-2006-5426 (PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal ...)
+CVE-2006-5426
 	NOT-FOR-US: LoCal Calendar System
-CVE-2006-5425 (XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote ...)
+CVE-2006-5425
 	NOT-FOR-US: XORP (eXtensible Open Router Platform)
-CVE-2006-5424 (Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial ...)
+CVE-2006-5424
 	NOT-FOR-US: Justsystem Ichitaro
-CVE-2006-5423 (PHP remote file inclusion vulnerability in admin/admin_module.php in ...)
+CVE-2006-5423
 	NOT-FOR-US: Lou Portail
-CVE-2006-5422 (PHP remote file inclusion vulnerability in calcul-page.php in Lodel ...)
+CVE-2006-5422
 	NOT-FOR-US: Lodel
-CVE-2006-5421 (WSN Forum 1.3.4 and earlier allows remote attackers to execute ...)
+CVE-2006-5421
 	NOT-FOR-US: WSN Forum
-CVE-2006-5420 (Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to ...)
+CVE-2006-5420
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2006-5419 (PHP remote file inclusion vulnerability in client.php in University of ...)
+CVE-2006-5419
 	NOT-FOR-US: Specimen Image Database (SID)
-CVE-2006-5418 (PHP remote file inclusion vulnerability in archive/archive_topic.php ...)
+CVE-2006-5418
 	NOT-FOR-US: pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB
-CVE-2006-5417 (McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple ...)
+CVE-2006-5417
 	NOT-FOR-US: McAfee
-CVE-2006-5416 (Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 ...)
+CVE-2006-5416
 	NOT-FOR-US: F5
-CVE-2006-5415 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5415
 	NOT-FOR-US: News Defilante Horizontale
-CVE-2006-5414 (Barry Nauta BRIM before 1.2.1 allows remote authenticated users to ...)
+CVE-2006-5414
 	NOT-FOR-US: Barry Nauta BRIM
-CVE-2006-5413 (Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 ...)
+CVE-2006-5413
 	NOT-FOR-US: SuperMod for YABB (YaBBSM)
-CVE-2006-5412 (admin.php in PHP Outburst Easynews 4.4.1 and earlier, when ...)
+CVE-2006-5412
 	NOT-FOR-US: PHP Outburst Easynews
-CVE-2006-5411 (Unrestricted file upload vulnerability in upload.php for Free Web ...)
+CVE-2006-5411
 	NOT-FOR-US: Free Web Publishing System (FreeWPS)
-CVE-2006-5410 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5410
 	NOT-FOR-US: BoonEx Dolphin
-CVE-2006-5409 (Multiple SQL injection vulnerabilities in the wireless IDS management ...)
+CVE-2006-5409
 	NOT-FOR-US: Highwall Enterprise and Highwall Endpoint
-CVE-2006-5408 (Multiple cross-site scripting (XSS) vulnerabilities in the wireless ...)
+CVE-2006-5408
 	NOT-FOR-US: Highwall Enterprise and Highwall Endpoint
-CVE-2006-5407 (PHP remote file inclusion vulnerability in open_form.php in osTicket ...)
+CVE-2006-5407
 	NOT-FOR-US: osTicket
-CVE-2006-5406 (Passgo Defender 5.2 creates the application directory with insecure ...)
+CVE-2006-5406
 	NOT-FOR-US: Passgo Defender
-CVE-2006-5405 (Unspecified vulnerability in Toshiba Bluetooth wireless device driver ...)
+CVE-2006-5405
 	NOT-FOR-US: Toshiba Bluetooth wireless device driver
-CVE-2006-5404 (Unspecified vulnerability in an ActiveX control used in Symantec ...)
+CVE-2006-5404
 	NOT-FOR-US: Symantec
-CVE-2006-5403 (Stack-based buffer overflow in an ActiveX control used in Symantec ...)
+CVE-2006-5403
 	NOT-FOR-US: Symantec
-CVE-2006-5402 (Multiple PHP remote file inclusion vulnerabilities in PHPmybibli 3.0.1 ...)
+CVE-2006-5402
 	NOT-FOR-US: PHPMyBibli
-CVE-2006-5401 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5401
 	NOT-FOR-US: AROUNDMe
-CVE-2006-5400 (PHP remote file inclusion vulnerability in forum/track.php in ...)
+CVE-2006-5400
 	NOT-FOR-US: CyberBrau
-CVE-2006-5399 (PHP remote file inclusion vulnerability in classes/Import_MM.class.php ...)
+CVE-2006-5399
 	NOT-FOR-US: PHPRecipeBook
-CVE-2006-5398 (SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows ...)
+CVE-2006-5398
 	NOT-FOR-US: Simplog
-CVE-2006-5397 (The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 ...)
+CVE-2006-5397
 	- libx11 2:1.0.3-3 (low; bug #398460)
-CVE-2006-5396 (The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before ...)
+CVE-2006-5396
 	NOT-FOR-US: Sun Solaris
-CVE-2006-5395 (Buffer overflow in Microsoft Class Package Export Tool (aka ...)
+CVE-2006-5395
 	NOT-FOR-US: Microsoft
-CVE-2006-5394 (The default configuration of Cisco Secure Desktop (CSD) has an ...)
+CVE-2006-5394
 	NOT-FOR-US: Cisco
-CVE-2006-5393 (Cisco Secure Desktop (CSD) does not require that the ...)
+CVE-2006-5393
 	NOT-FOR-US: Cisco
-CVE-2006-5392 (Multiple PHP remote file inclusion vulnerabilities in OpenDock ...)
+CVE-2006-5392
 	NOT-FOR-US: OpenDock FullCore
-CVE-2006-5391 (Xfire 1.64 and earlier allows remote attackers to cause a denial of ...)
+CVE-2006-5391
 	NOT-FOR-US: Xfire
-CVE-2006-5390 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5390
 	NOT-FOR-US: ACP User Registration (MMW) module for phpBB
-CVE-2006-5389 (tools/tellhim.php in PHP-Wyana allows remote attackers to obtain ...)
+CVE-2006-5389
 	NOT-FOR-US: PHP-Wyana
-CVE-2006-5388 (SQL injection vulnerability in index.php in WebSPELL 4.01.01 and ...)
+CVE-2006-5388
 	NOT-FOR-US: WebSPELL
-CVE-2006-5387 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5387
 	NOT-FOR-US: PlusXL phpBB module
-CVE-2006-5386 (PHP remote file inclusion vulnerability in process.php in NuralStorm ...)
+CVE-2006-5386
 	NOT-FOR-US: NuralStorm Webmail
-CVE-2006-5385 (PHP remote file inclusion vulnerability in admin/admin_spam.php in the ...)
+CVE-2006-5385
 	NOT-FOR-US: SpamOborona phpBB module
-CVE-2006-5384 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5384
 	NOT-FOR-US: CDS Agenda
-CVE-2006-5383 (SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and ...)
+CVE-2006-5383
 	NOT-FOR-US: Def-Blog
-CVE-2006-5382 (3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and ...)
+CVE-2006-5382
 	NOT-FOR-US: 3Com
 CVE-2006-XXXX [unspecified steam cache vulnerability]
 	- steam <not-affected> (affects the old steam environment for corporate knowledge management package shipped in lenny and before, not the new Valve steam package)
-CVE-2006-5381 (Contenido CMS stores sensitive data under the web root with ...)
+CVE-2006-5381
 	NOT-FOR-US: Contenido CMS
-CVE-2006-5380 (** DISPUTED ** ...)
+CVE-2006-5380
 	NOT-FOR-US: Contenido CMS
-CVE-2006-5379 (The accelerated rendering functionality of NVIDIA Binary Graphics ...)
+CVE-2006-5379
 	- nvidia-graphics-drivers 1.0.8776-1 (bug #393573)
 	[sarge] - nvidia-graphics-drivers <not-affected> (1.0.7174 not affected)
 	NOTE: see http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
-CVE-2006-5378 (Unspecified vulnerability in JD Edwards HTML Server in JD Edwards ...)
+CVE-2006-5378
 	NOT-FOR-US: EnterpriseOne
-CVE-2006-5377 (Unspecified vulnerability in PeopleSoft component in Oracle PeopleSoft ...)
+CVE-2006-5377
 	NOT-FOR-US: PeopleSoft
-CVE-2006-5376 (Multiple unspecified vulnerabilities in PeopleTools component in ...)
+CVE-2006-5376
 	NOT-FOR-US: PeopleSoft
-CVE-2006-5375 (Multiple unspecified vulnerabilities in PeopleTools component in ...)
+CVE-2006-5375
 	NOT-FOR-US: PeopleSoft
-CVE-2006-5374 (Unspecified vulnerability in Oracle Pharmaceutical Applications 4.5.1 ...)
+CVE-2006-5374
 	NOT-FOR-US: Oracle
-CVE-2006-5373 (Unspecified vulnerability in Oracle Install Base component in Oracle ...)
+CVE-2006-5373
 	NOT-FOR-US: Oracle
-CVE-2006-5372 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2006-5372
 	NOT-FOR-US: Oracle
-CVE-2006-5371 (Unspecified vulnerability in Oracle Email Center component in Oracle ...)
+CVE-2006-5371
 	NOT-FOR-US: Oracle
-CVE-2006-5370 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2006-5370
 	NOT-FOR-US: Oracle
-CVE-2006-5369 (Unspecified vulnerability in Oracle Application Object Library in ...)
+CVE-2006-5369
 	NOT-FOR-US: Oracle
-CVE-2006-5368 (Unspecified vulnerability in Oracle Exchange component in Oracle ...)
+CVE-2006-5368
 	NOT-FOR-US: Oracle
-CVE-2006-5367 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 ...)
+CVE-2006-5367
 	NOT-FOR-US: Oracle
-CVE-2006-5366 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite ...)
+CVE-2006-5366
 	NOT-FOR-US: Oracle
-CVE-2006-5365 (Unspecified vulnerability in Oracle Forms in Oracle Application Server ...)
+CVE-2006-5365
 	NOT-FOR-US: Oracle
-CVE-2006-5364 (Unspecified vulnerability in Oracle Containers for J2EE component in ...)
+CVE-2006-5364
 	NOT-FOR-US: Oracle
-CVE-2006-5363 (Unspecified vulnerability in Oracle Single Sign-On component in Oracle ...)
+CVE-2006-5363
 	NOT-FOR-US: Oracle
-CVE-2006-5362 (Unspecified vulnerability in Oracle Containers for J2EE component in ...)
+CVE-2006-5362
 	NOT-FOR-US: Oracle
-CVE-2006-5361 (Unspecified vulnerability in Oracle Containers for J2EE in Oracle ...)
+CVE-2006-5361
 	NOT-FOR-US: Oracle
-CVE-2006-5360 (Unspecified vulnerability in Oracle Forms component in Oracle ...)
+CVE-2006-5360
 	NOT-FOR-US: Oracle
-CVE-2006-5359 (Multiple unspecified vulnerabilities in Oracle Reports Developer ...)
+CVE-2006-5359
 	NOT-FOR-US: Oracle
-CVE-2006-5358 (Unspecified vulnerability in Oracle Forms component in Oracle ...)
+CVE-2006-5358
 	NOT-FOR-US: Oracle
-CVE-2006-5357 (Unspecified vulnerability in Oracle HTTP Server component in Oracle ...)
+CVE-2006-5357
 	NOT-FOR-US: Oracle
-CVE-2006-5356 (Unspecified vulnerability in Oracle Containers for J2EE component in ...)
+CVE-2006-5356
 	NOT-FOR-US: Oracle
-CVE-2006-5355 (Unspecified vulnerability in Oracle Single Sign-On component in Oracle ...)
+CVE-2006-5355
 	NOT-FOR-US: Oracle
-CVE-2006-5354 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5, ...)
+CVE-2006-5354
 	NOT-FOR-US: Oracle
-CVE-2006-5353 (Unspecified vulnerability in Oracle HTTP Server component in Oracle ...)
+CVE-2006-5353
 	NOT-FOR-US: Oracle
-CVE-2006-5352 (Multiple unspecified vulnerabilities in Oracle Application Express 1.5 ...)
+CVE-2006-5352
 	NOT-FOR-US: Oracle
-CVE-2006-5351 (Multiple unspecified vulnerabilities in Oracle Application Express ...)
+CVE-2006-5351
 	NOT-FOR-US: Oracle
-CVE-2006-5350 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle ...)
+CVE-2006-5350
 	NOT-FOR-US: Oracle
-CVE-2006-5349 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running ...)
+CVE-2006-5349
 	NOT-FOR-US: Oracle
-CVE-2006-5348 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle ...)
+CVE-2006-5348
 	NOT-FOR-US: Oracle
-CVE-2006-5347 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle ...)
+CVE-2006-5347
 	NOT-FOR-US: Oracle
-CVE-2006-5346 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in ...)
+CVE-2006-5346
 	NOT-FOR-US: Oracle
-CVE-2006-5345 (Unspecified vulnerability in Oracle Spatial component in Oracle ...)
+CVE-2006-5345
 	NOT-FOR-US: Oracle
-CVE-2006-5344 (Multiple unspecified vulnerabilities in Oracle Spatial component in ...)
+CVE-2006-5344
 	NOT-FOR-US: Oracle
-CVE-2006-5343 (Unspecified vulnerability in Database Scheduler component in Oracle ...)
+CVE-2006-5343
 	NOT-FOR-US: Oracle
-CVE-2006-5342 (Unspecified vulnerability in Oracle Spatial component in Oracle ...)
+CVE-2006-5342
 	NOT-FOR-US: Oracle
-CVE-2006-5341 (Multiple unspecified vulnerabilities in XMLDB component in Oracle ...)
+CVE-2006-5341
 	NOT-FOR-US: Oracle
-CVE-2006-5340 (Multiple unspecified vulnerabilities in Oracle Spatial component in ...)
+CVE-2006-5340
 	NOT-FOR-US: Oracle
-CVE-2006-5339 (Unspecified vulnerability in Oracle Spatial component in Oracle ...)
+CVE-2006-5339
 	NOT-FOR-US: Oracle
-CVE-2006-5338 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2006-5338
 	NOT-FOR-US: Oracle
-CVE-2006-5337 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2006-5337
 	NOT-FOR-US: Oracle
-CVE-2006-5336 (Multiple unspecified vulnerabilities in the Change Data Capture (CDC) ...)
+CVE-2006-5336
 	NOT-FOR-US: Oracle
-CVE-2006-5335 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and ...)
+CVE-2006-5335
 	NOT-FOR-US: Oracle
-CVE-2006-5334 (Unspecified vulnerability in Oracle Spatial component in Oracle ...)
+CVE-2006-5334
 	NOT-FOR-US: Oracle
-CVE-2006-5333 (Unspecified vulnerability in Oracle Spatial component in Oracle ...)
+CVE-2006-5333
 	NOT-FOR-US: Oracle
-CVE-2006-5332 (Unspecified vulnerability in xdb.dbms_xdbz in the XMLDB component for ...)
+CVE-2006-5332
 	NOT-FOR-US: Oracle
-CVE-2006-5331 (The altivec_unavailable_exception function in ...)
+CVE-2006-5331
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: Fixed by: https://git.kernel.org/linus/6c4841c2b6c32a134f9f36e5e08857138cc12b10 (2.6.19-rc3)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=213229
-CVE-2006-5330 (CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and ...)
+CVE-2006-5330
 	- flashplugin-nonfree 9.0.31.0.1 (bug #402822; medium)
 	NOTE: It is not clear if this is already fix in 9.0.21.78.X (previous version)
 	NOTE: or not but it's fix in 9.0.31.0.1 for sure.
@@ -4298,748 +4298,748 @@ CVE-2006-5330 (CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported, only installer package)
 CVE-2006-5329
 	REJECTED
-CVE-2006-5328 (OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and ...)
+CVE-2006-5328
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5327 (Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, ...)
+CVE-2006-5327
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5326 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5326
 	NOT-FOR-US: Prillian French module for phpBB
-CVE-2006-5325 (Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz ...)
+CVE-2006-5325
 	NOT-FOR-US: dwingmods for phpBB
-CVE-2006-5324 (The Web Services Notification (WSN) security component of IBM ...)
+CVE-2006-5324
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-5323 (Unspecified vulnerability in IBM WebSphere Application Server before ...)
+CVE-2006-5323
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-5322 (Multiple SQL injection vulnerabilities in phplist before 2.10.3 allow ...)
+CVE-2006-5322
 	NOT-FOR-US: phplist
-CVE-2006-5321 (Multiple cross-site scripting (XSS) vulnerabilities in phplist before ...)
+CVE-2006-5321
 	NOT-FOR-US: phplist
-CVE-2006-5320 (Directory traversal vulnerability in getimg.php in Album Photo Sans ...)
+CVE-2006-5320
 	NOT-FOR-US: Album Photo Sans Nom
-CVE-2006-5319 (Directory traversal vulnerability in redir.php in Foafgen 0.3 allows ...)
+CVE-2006-5319
 	NOT-FOR-US: Foafgen
-CVE-2006-5318 (PHP remote file inclusion vulnerability in index.php in Nayco JASmine ...)
+CVE-2006-5318
 	NOT-FOR-US: Nayco JASmine
-CVE-2006-5317 (PHP remote file inclusion vulnerability in index.php in eboli allows ...)
+CVE-2006-5317
 	NOT-FOR-US: eboli
-CVE-2006-5316 (registroTL stores sensitive information under the web root with ...)
+CVE-2006-5316
 	NOT-FOR-US: registroTL
-CVE-2006-5315 (PHP remote file inclusion vulnerability in main.php in registroTL ...)
+CVE-2006-5315
 	NOT-FOR-US: registroTL
-CVE-2006-5314 (PHP remote file inclusion vulnerability in ftag.php in TribunaLibre ...)
+CVE-2006-5314
 	NOT-FOR-US: TribunaLibre
-CVE-2006-5313 (Hastymail 1.5 and earlier before 20061008 allows remote authenticated ...)
+CVE-2006-5313
 	- hastymail <removed>
-CVE-2006-5312 (PHP remote file inclusion vulnerability in shoutbox.php in the Ajax ...)
+CVE-2006-5312
 	NOT-FOR-US: Ajax Shoutbox
-CVE-2006-5311 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5311
 	NOT-FOR-US: Buzlas
-CVE-2006-5310 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5310
 	NOT-FOR-US: phpMyConferences
-CVE-2006-5309 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5309
 	NOT-FOR-US: Prillian French module for phpBB
-CVE-2006-5308 (Multiple PHP remote file inclusion vulnerabilities in Open Conference ...)
+CVE-2006-5308
 	NOT-FOR-US: Open Conference Systems
-CVE-2006-5307 (Multiple PHP remote file inclusion vulnerabilities in AFGB GUESTBOOK ...)
+CVE-2006-5307
 	NOT-FOR-US: AFGB GUESTBOOK
-CVE-2006-5306 (Multiple PHP remote file inclusion vulnerabilities in the Journals ...)
+CVE-2006-5306
 	NOT-FOR-US: Journals System module for phpBB
-CVE-2006-5305 (PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr ...)
+CVE-2006-5305
 	NOT-FOR-US: lat2cyr
-CVE-2006-5304 (PHP remote file inclusion vulnerability in inc/settings.php in IncCMS ...)
+CVE-2006-5304
 	NOT-FOR-US: IncCMS Core
-CVE-2006-5303 (Secure Computing SafeWord RemoteAccess 2.1 allows local users to ...)
+CVE-2006-5303
 	NOT-FOR-US: Secure Computing SafeWord RemoteAccess
-CVE-2006-5302 (Multiple PHP remote file inclusion vulnerabilities in Redaction System ...)
+CVE-2006-5302
 	NOT-FOR-US: Redaction System
-CVE-2006-5301 (PHP remote file inclusion vulnerability in includes/antispam.php in ...)
+CVE-2006-5301
 	NOT-FOR-US: SpamBlockerMODv module for phpBB
-CVE-2006-5300 (Unspecified vulnerability in HP Version Control Agent before 2.1.5 ...)
+CVE-2006-5300
 	NOT-FOR-US: HP
-CVE-2006-5299 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-5299
 	NOT-FOR-US: Gcontact
-CVE-2006-5298 (The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and ...)
+CVE-2006-5298
 	- mutt 1.5.13-1.1 (bug #396104; low)
 	[sarge] - mutt <no-dsa> (Minor issue, tmp dirs on NFS cause problems in many scenarios)
-CVE-2006-5297 (Race condition in the safe_open function in the Mutt mail client ...)
+CVE-2006-5297
 	- mutt 1.5.13-1.1 (bug #396104; low)
 	[sarge] - mutt <no-dsa> (Minor issue, tmp dirs on NFS cause problems in many scenarios)
-CVE-2006-5296 (PowerPoint in Microsoft Office 2003 does not properly handle a ...)
+CVE-2006-5296
 	NOT-FOR-US: Microsoft
-CVE-2006-5294 (Cross-site scripting (XSS) vulnerability in index.php in phplist ...)
+CVE-2006-5294
 	NOT-FOR-US: phplist
-CVE-2006-5293 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2006-5293
 	NOT-FOR-US: PhpOutsourcing Noah's Classifieds
-CVE-2006-5292 (PHP remote file inclusion vulnerability in photo_comment.php in ...)
+CVE-2006-5292
 	NOT-FOR-US: Exhibit Engine
-CVE-2006-5291 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5291
 	NOT-FOR-US: Download-Engine
-CVE-2006-5290 (The ESS/ Network Controller and MicroServer Web Server components of ...)
+CVE-2006-5290
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-5289 (Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 ...)
+CVE-2006-5289
 	NOT-FOR-US: Vtiger CRM
-CVE-2006-5288 (Cisco 2700 Series Wireless Location Appliances before 2.1.34.0 have a ...)
+CVE-2006-5288
 	NOT-FOR-US: Cisco
-CVE-2006-5287 (Multiple SQL injection vulnerabilities in sign.php in Xeobook 0.93 ...)
+CVE-2006-5287
 	NOT-FOR-US: Xeobook
-CVE-2006-5286 (Unspecified vulnerability in IKE.NLM in Novell BorderManager 3.8 ...)
+CVE-2006-5286
 	NOT-FOR-US: Novell BorderManager
-CVE-2006-5285 (SQL injection vulnerability in index.php in XeoPort 0.81, and possibly ...)
+CVE-2006-5285
 	NOT-FOR-US: XeoPort
-CVE-2006-5284 (PHP remote file inclusion vulnerability in auth/phpbb.inc.php in Shen ...)
+CVE-2006-5284
 	NOT-FOR-US: PHP News Reader (aka pnews)
-CVE-2006-5283 (PHP remote file inclusion vulnerability in ftag.php in Minichat 6.0 ...)
+CVE-2006-5283
 	NOT-FOR-US: Minichat
-CVE-2006-5282 (Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and ...)
+CVE-2006-5282
 	NOT-FOR-US: SH-News
-CVE-2006-5281 (PHP remote file inclusion vulnerability in naboard_pnr.php in n@board ...)
+CVE-2006-5281
 	NOT-FOR-US: n@board
-CVE-2006-5280 (PHP remote file inclusion vulnerability in includes/import-archive.php ...)
+CVE-2006-5280
 	NOT-FOR-US: communityPortals
 CVE-2006-5279
 	RESERVED
-CVE-2006-5278 (Integer overflow in the Real-Time Information Server (RIS) Data ...)
+CVE-2006-5278
 	NOT-FOR-US: Cisco
-CVE-2006-5277 (Off-by-one error in the Certificate Trust List (CTL) Provider service ...)
+CVE-2006-5277
 	NOT-FOR-US: Cisco
-CVE-2006-5276 (Stack-based buffer overflow in the DCE/RPC preprocessor in Snort ...)
+CVE-2006-5276
 	- snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC preprocessor)
 CVE-2006-5275
 	RESERVED
-CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...)
+CVE-2006-5274
 	NOT-FOR-US: McAfee
-CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...)
+CVE-2006-5273
 	NOT-FOR-US: McAfee
-CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...)
+CVE-2006-5272
 	NOT-FOR-US: McAfee
-CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...)
+CVE-2006-5271
 	NOT-FOR-US: McAfee
-CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine ...)
+CVE-2006-5270
 	NOT-FOR-US: Microsoft
-CVE-2006-5269 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
+CVE-2006-5269
 	NOT-FOR-US: Trend Micro
-CVE-2006-5268 (Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 ...)
+CVE-2006-5268
 	NOT-FOR-US: Trend Micro
 CVE-2006-5267
 	RESERVED
-CVE-2006-5266 (Multiple buffer overflows in Microsoft Dynamics GP (formerly Great ...)
+CVE-2006-5266
 	NOT-FOR-US: Microsoft issue
-CVE-2006-5265 (Unspecified vulnerability in Microsoft Dynamics GP (formerly Great ...)
+CVE-2006-5265
 	NOT-FOR-US: Microsoft issue
-CVE-2006-5264 (Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper ...)
+CVE-2006-5264
 	NOT-FOR-US: MysqlDumper
-CVE-2006-5263 (Directory traversal vulnerability in templates/header.php3 in ...)
+CVE-2006-5263
 	NOT-FOR-US: phpMyAgenda
-CVE-2006-5262 (CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and ...)
+CVE-2006-5262
 	- hastymail <removed>
-CVE-2006-5261 (Multiple PHP remote file inclusion vulnerabilities in PHPMyNews 1.4 ...)
+CVE-2006-5261
 	NOT-FOR-US: PHPMyNews
-CVE-2006-5260 (PHP remote file inclusion vulnerability in compteur.php in Compteur 2 ...)
+CVE-2006-5260
 	NOT-FOR-US: Compteur 2
-CVE-2006-5259 (PHP remote file inclusion vulnerability in param_editor.php in ...)
+CVE-2006-5259
 	NOT-FOR-US: Compteur 2
-CVE-2006-5258 (The spell checking component of (1) Asbru Web Content Management ...)
+CVE-2006-5258
 	NOT-FOR-US: Asbru Web Content Management
-CVE-2006-5257 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5257
 	NOT-FOR-US: Ciamos Content Management System
-CVE-2006-5256 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5256
 	NOT-FOR-US: Claroline
-CVE-2006-5255 (** DISPUTED ** ...)
+CVE-2006-5255
 	NOT-FOR-US: gCards
-CVE-2006-5254 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5254
 	NOT-FOR-US: Detailed User Registration (com_registration_detailed), aka regdetailed
-CVE-2006-5253 (PHP remote file inclusion vulnerability in strload.php in Dayana ...)
+CVE-2006-5253
 	NOT-FOR-US: phpOnline (aka PHP-Online)
-CVE-2006-5252 (PHP remote file inclusion vulnerability in includes/core.lib.php in ...)
+CVE-2006-5252
 	NOT-FOR-US: Webmedia Explorer
-CVE-2006-5251 (PHP remote file inclusion vulnerability in index.php in Deep CMS 2.0a ...)
+CVE-2006-5251
 	NOT-FOR-US: Deep CMS
-CVE-2006-5250 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5250
 	NOT-FOR-US: BlueShoes
-CVE-2006-5249 (PHP remote file inclusion vulnerability in tagmin/delTagUser.php in ...)
+CVE-2006-5249
 	NOT-FOR-US: TagIt! Tagboard
-CVE-2006-5248 (Eazy Cart stores sensitive information under the web root with ...)
+CVE-2006-5248
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5247 (Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow ...)
+CVE-2006-5247
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5246 (Eazy Cart allows remote attackers to change prices and other critical ...)
+CVE-2006-5246
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5245 (Eazy Cart allows remote attackers to bypass authentication and gain ...)
+CVE-2006-5245
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5244 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy ...)
+CVE-2006-5244
 	NOT-FOR-US: Easy Blog
-CVE-2006-5243 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy ...)
+CVE-2006-5243
 	NOT-FOR-US: Easy Blog
-CVE-2006-5242 (SQL injection vulnerability in Etomite Content Management System (CMS) ...)
+CVE-2006-5242
 	NOT-FOR-US: Etomite Content Management System
-CVE-2006-5241 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy ...)
+CVE-2006-5241
 	NOT-FOR-US: Easy Gallery
-CVE-2006-5240 (PHP remote file inclusion vulnerability in engine/require.php in ...)
+CVE-2006-5240
 	NOT-FOR-US: Docmint
-CVE-2006-5239 (Multiple cross-site scripting (XSS) vulnerabilities in eXpBlog 0.3.5 ...)
+CVE-2006-5239
 	NOT-FOR-US: eXpBlog
-CVE-2006-5238 (Unspecified vulnerability in the file upload module in Blue Smiley ...)
+CVE-2006-5238
 	NOT-FOR-US: Blue Smiley Organizer
-CVE-2006-5237 (SQL injection vulnerability in Blue Smiley Organizer before 4.46 ...)
+CVE-2006-5237
 	NOT-FOR-US: Blue Smiley Organizer
-CVE-2006-5236 (SQL injection vulnerability in search.php in 4images 1.7.x allows ...)
+CVE-2006-5236
 	NOT-FOR-US: 4images
-CVE-2006-5235 (PHP remote file inclusion vulnerability in includes/functions_kb.php ...)
+CVE-2006-5235
 	NOT-FOR-US: Dimension of phpBB
-CVE-2006-5234 (** DISPUTED ** ...)
+CVE-2006-5234
 	NOT-FOR-US: phpWebSite
-CVE-2006-5233 (Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version ...)
+CVE-2006-5233
 	NOT-FOR-US: Polycom SoundPoint IP 301 VoIP Desktop Phone
-CVE-2006-5232 (** DISPUTED ** ...)
+CVE-2006-5232
 	NOT-FOR-US: iSearch
-CVE-2006-5231 (Grandstream GXP-2000 VoIP Desktop Phone, firmware version 1.1.0.5, ...)
+CVE-2006-5231
 	NOT-FOR-US: Grandstream GXP-2000 VoIP Desktop Phone
-CVE-2006-5230 (PHP remote file inclusion vulnerability in forum.php in FreeForum ...)
+CVE-2006-5230
 	NOT-FOR-US: FreeForum
-CVE-2006-5295 (Unspecified vulnerability in ClamAV before 0.88.5 allows remote ...)
+CVE-2006-5295
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)
-CVE-2006-5229 (OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and ...)
+CVE-2006-5229
 	NOTE: This issues depends on the stack of selected authentication modules, while
 	NOTE: some are resilient against such timing attacks, some aren't
 	NOTE: This is inside responsibility of an admin
-CVE-2006-5228 (Multiple SQL injection vulnerabilities in the Google Gadget login.php ...)
+CVE-2006-5228
 	NOT-FOR-US: ackerTodo
-CVE-2006-5227 (Cross-site scripting (XSS) vulnerability in admin.php in TorrentFlux ...)
+CVE-2006-5227
 	- torrentflux 2.1-4 (bug #392501; low)
-CVE-2006-5226 (PHP remote file inclusion vulnerability in moteur/moteur.php in ...)
+CVE-2006-5226
 	NOT-FOR-US: Freenews
-CVE-2006-5225 (Multiple SQL injection vulnerabilities in AAIportal before 1.4.0 allow ...)
+CVE-2006-5225
 	NOT-FOR-US: AAIportal
-CVE-2006-5224 (PHP remote file inclusion vulnerability in includes/logger_engine.php ...)
+CVE-2006-5224
 	NOT-FOR-US: Security Suite IP Logger in dwingmods for phpBB
-CVE-2006-5223 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5223
 	NOT-FOR-US: User Viewed Posts Tracker module for phpBB
-CVE-2006-5222 (Multiple PHP remote file inclusion vulnerabilities in Dimension of ...)
+CVE-2006-5222
 	NOT-FOR-US: Dimension of phpBB
-CVE-2006-5221 (Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow ...)
+CVE-2006-5221
 	NOT-FOR-US: Cahier de textes
-CVE-2006-5220 (Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9, ...)
+CVE-2006-5220
 	NOT-FOR-US: WebYep
-CVE-2006-5219 (SQL injection vulnerability in blog/index.php in the blog module in ...)
+CVE-2006-5219
 	- moodle 1.6.2+20060930-1 (medium; bug #390294)
 	[sarge] - moodle <not-affected> (Vulnerable code not present)
-CVE-2006-5218 (Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in ...)
+CVE-2006-5218
 	NOT-FOR-US: systrace in OpenBSD and NetBSD
-CVE-2006-5217 (SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1 allows ...)
+CVE-2006-5217
 	NOT-FOR-US: Emek Portal
-CVE-2006-5216 (Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) ...)
+CVE-2006-5216
 	NOT-FOR-US: Simple HTTPD
-CVE-2006-5215 (The Xsession script, as used by X Display Manager (xdm) in NetBSD ...)
+CVE-2006-5215
 	- xdm 1:1.0.5-1 (low)
 	[sarge] - xfree86 <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier than 1:1.0.5
-CVE-2006-5214 (Race condition in the Xsession script, as used by X Display Manager ...)
+CVE-2006-5214
 	- xdm 1:1.0.5-1 (low)
 	- xorg 1:7.1.0-13 (low)
 	[sarge] - xfree86 <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier than 1:1.0.5
-CVE-2006-5213 (Sun Solaris 10 before 20061006 uses &quot;incorrect and insufficient ...)
+CVE-2006-5213
 	NOT-FOR-US: Solaris
-CVE-2006-5212 (Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for ...)
+CVE-2006-5212
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2006-5211 (Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for ...)
+CVE-2006-5211
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2006-5210 (Directory traversal vulnerability in IronWebMail before 6.1.1 ...)
+CVE-2006-5210
 	NOT-FOR-US: IronWebMail
-CVE-2006-5209 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5209
 	NOT-FOR-US: Admin Topic Action Logging Mod for phpBB
-CVE-2006-5208 (Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow ...)
+CVE-2006-5208
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-5207 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5207
 	NOT-FOR-US: phpMyTeam
-CVE-2006-5206 (SQL injection vulnerability in Invision Gallery 2.0.7 allows remote ...)
+CVE-2006-5206
 	NOT-FOR-US: Invision Gallery
-CVE-2006-5205 (Directory traversal vulnerability in Invision Gallery 2.0.7 allows ...)
+CVE-2006-5205
 	NOT-FOR-US: Invision Gallery
-CVE-2006-5204 (Cross-site scripting (XSS) vulnerability in action_admin/member.php in ...)
+CVE-2006-5204
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2006-5203 (Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted ...)
+CVE-2006-5203
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2006-5202 (Linksys WRT54g firmware 1.00.9 does not require credentials when ...)
+CVE-2006-5202
 	NOT-FOR-US: Linksys
-CVE-2006-5201 (Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and ...)
+CVE-2006-5201
 	- sun-java5 1.5.0-10-1 (bug #393042)
 	NOTE: this is similar to CVE-2006-4339
-CVE-2006-5200 (Unspecified vulnerability in Adobe Breeze 5 Licensed Server and Breeze ...)
+CVE-2006-5200
 	NOT-FOR-US: Adobe
-CVE-2006-5199 (Adobe Contribute Publishing Server leaks the administrator password in ...)
+CVE-2006-5199
 	NOT-FOR-US: Adobe
-CVE-2006-5198 (The WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software ...)
+CVE-2006-5198
 	NOT-FOR-US: WinZip
-CVE-2006-5197 (PDshopPro stores sensitive information under the web root with ...)
+CVE-2006-5197
 	NOT-FOR-US: PDshopPro
-CVE-2006-5196 (The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows ...)
+CVE-2006-5196
 	NOT-FOR-US: Motorola SURFboard
-CVE-2006-5195 (Multiple cross-site scripting (XSS) vulnerabilities in Wheatblog 1.0 ...)
+CVE-2006-5195
 	NOT-FOR-US: Wheatblog
-CVE-2006-5194 (Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 ...)
+CVE-2006-5194
 	NOT-FOR-US: net2ftp
-CVE-2006-5193 (PHP remote file inclusion vulnerability in index.php in Josh Schmidt ...)
+CVE-2006-5193
 	NOT-FOR-US: WikyBlog
-CVE-2006-5192 (PHP remote file inclusion vulnerability in includes/footer.php in ...)
+CVE-2006-5192
 	NOT-FOR-US: phpGreetz
-CVE-2006-5191 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5191
 	NOT-FOR-US: Nivisec Static Topics module for phpBB
-CVE-2006-5190 (Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 ...)
+CVE-2006-5190
 	NOT-FOR-US: osCommerce
-CVE-2006-5189 (PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php ...)
+CVE-2006-5189
 	NOT-FOR-US: klinza professional cms
-CVE-2006-5188 (Directory traversal vulnerability in download.php in webGENEius GOOP ...)
+CVE-2006-5188
 	NOT-FOR-US: webGENEius GOOP Gallery
-CVE-2006-5187 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2006-5187
 	NOT-FOR-US: Bulletin Board Ace (BBaCE)
-CVE-2006-5186 (PHP remote file inclusion vulnerability in functions.php in ...)
+CVE-2006-5186
 	NOT-FOR-US: phpMyProfiler
-CVE-2006-5185 (Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and ...)
+CVE-2006-5185
 	NOT-FOR-US: HAMweather
-CVE-2006-5184 (SQL injection vulnerability in PKR Internet Taskjitsu before 2.0.6 ...)
+CVE-2006-5184
 	NOT-FOR-US: PKR Internet Taskjitsu
-CVE-2006-5183 (Multiple PHP remote file inclusion vulnerabilities in Dayfox Designs ...)
+CVE-2006-5183
 	NOT-FOR-US: Dayfox Blog
-CVE-2006-5182 (PHP remote file inclusion vulnerability in frontpage.php in Dan Jensen ...)
+CVE-2006-5182
 	NOT-FOR-US: Travelsized CMS
-CVE-2006-5181 (Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim ...)
+CVE-2006-5181
 	NOT-FOR-US: phpMyWebmin
-CVE-2006-5180 (PHP remote file inclusion vulnerability in include/main.inc.php in ...)
+CVE-2006-5180
 	NOT-FOR-US: Newswriter SW
-CVE-2006-5179 (Intoto iGateway VPN and iGateway SSL-VPN allow context-dependent ...)
+CVE-2006-5179
 	NOT-FOR-US: Intoto iGateway
-CVE-2006-5178 (Race condition in the symlink function in PHP 5.1.6 and earlier allows ...)
+CVE-2006-5178
 	- php5 5.2.0-1 (bug #391281; unimportant)
 	- php4 4:4.4.4-1 (bug #391282; unimportant)
 	NOTE: open_basedir is not supported
-CVE-2006-5177 (The NTLM authentication in MailEnable Professional 2.0 and Enterprise ...)
+CVE-2006-5177
 	NOT-FOR-US: MailEnable Professional
-CVE-2006-5176 (Buffer overflow in NTLM authentication in MailEnable Professional 2.0 ...)
+CVE-2006-5176
 	NOT-FOR-US: MailEnable Professional
-CVE-2006-5175 (Cross-site request forgery (CSRF) vulnerability in the administrative ...)
+CVE-2006-5175
 	NOT-FOR-US: TeraStation HD-HTGL
-CVE-2006-5174 (The copy_from_user function in the uaccess code in Linux kernel 2.6 ...)
+CVE-2006-5174
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.18-5
 	NOTE: s390 only, fix in 2.6.18-3 was reverted in 2.6.18-4
-CVE-2006-5173 (Linux kernel does not properly save or restore EFLAGS during a context ...)
+CVE-2006-5173
 	- linux-2.6 2.6.18-1
-CVE-2006-5172 (Stack-based buffer overflow in the RPC interface in Mediasvr.exe in ...)
+CVE-2006-5172
 	NOT-FOR-US: Computer Associates (CA) Brightstor
-CVE-2006-5171 (Stack-based buffer overflow in the RPC interface in Mediasvr.exe in ...)
+CVE-2006-5171
 	NOT-FOR-US: Computer Associates (CA) Brightstor
-CVE-2006-5170 (pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and ...)
+CVE-2006-5170
 	{DSA-1203-1}
 	- libpam-ldap 180-1.2 (bug #392984; medium)
-CVE-2006-5169 (Cross-site scripting (XSS) vulnerability in John Himmelman (aka ...)
+CVE-2006-5169
 	NOT-FOR-US: PowerPortal
-CVE-2006-5168 (Cross-site scripting (XSS) vulnerability in the search functionality ...)
+CVE-2006-5168
 	NOT-FOR-US: Pebble
 CVE-2006-XXXX [zabbix format string vulnerabilities]
 	- zabbix 1:1.1.2-4 (bug #391388)
 CVE-2006-XXXX [zabbix buffer overflows]
 	- zabbix 1:1.1.2-4 (bug #391388)
-CVE-2006-5167 (Multiple PHP remote file inclusion vulnerabilities in BasiliX 1.1.1 ...)
+CVE-2006-5167
 	NOT-FOR-US: BasiliX
-CVE-2006-5166 (PHP remote file inclusion vulnerability in functions.php in PHP Web ...)
+CVE-2006-5166
 	NOT-FOR-US: PHP Web Scripts Easy Banner Free
-CVE-2006-5165 (PHP remote file inclusion vulnerability in inc/functions.inc.php in ...)
+CVE-2006-5165
 	NOT-FOR-US: Skrypty PPA Gallery
-CVE-2006-5164 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum ...)
+CVE-2006-5164
 	NOT-FOR-US: digiSHOP
-CVE-2006-5163 (IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly ...)
+CVE-2006-5163
 	NOT-FOR-US: IBM
-CVE-2006-5162 (wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows ...)
+CVE-2006-5162
 	NOT-FOR-US: Microsoft
-CVE-2006-5161 (IBM Client Security Password Manager stores and distributes saved ...)
+CVE-2006-5161
 	NOT-FOR-US: IBM
-CVE-2006-5160 (** DISPUTED ** ...)
+CVE-2006-5160
 	- firefox <not-affected> (no real issues)
-CVE-2006-5159 (** DISPUTED ** ...)
+CVE-2006-5159
 	NOT-FOR-US: Bogus Firefox issue
-CVE-2006-5158 (The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel ...)
+CVE-2006-5158
 	- linux-2.6 2.6.15
-CVE-2006-5157 (Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in ...)
+CVE-2006-5157
 	NOT-FOR-US: TrendMicro OfficeScan
-CVE-2006-5156 (Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ...)
+CVE-2006-5156
 	NOT-FOR-US: McAfee
-CVE-2006-5155 (PHP remote file inclusion vulnerability in core/pdf.php in VideoDB ...)
+CVE-2006-5155
 	NOT-FOR-US: VideoDB
-CVE-2006-5154 (PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 ...)
+CVE-2006-5154
 	NOT-FOR-US: DeluxeBB
-CVE-2006-5153 (The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal ...)
+CVE-2006-5153
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2006-5152 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2006-5152
 	NOT-FOR-US: Microsoft
-CVE-2006-5151 (Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for ...)
+CVE-2006-5151
 	NOT-FOR-US: HP
-CVE-2006-5150 (SQL injection vulnerability in the reports system in OpenBiblio before ...)
+CVE-2006-5150
 	NOT-FOR-US: OpenBiblio
-CVE-2006-5149 (Multiple directory traversal vulnerabilities in OpenBiblio before ...)
+CVE-2006-5149
 	NOT-FOR-US: OpenBiblio
-CVE-2006-5148 (Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b ...)
+CVE-2006-5148
 	NOT-FOR-US: Forum82
-CVE-2006-5147 (PHP remote file inclusion vulnerability in wamp_dir/setup/yesno.phtml ...)
+CVE-2006-5147
 	NOT-FOR-US: VAMP Webmail
-CVE-2006-5146 (Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow ...)
+CVE-2006-5146
 	NOT-FOR-US: Yblog
-CVE-2006-5145 (Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow ...)
+CVE-2006-5145
 	NOT-FOR-US: OlateDownload
-CVE-2006-5144 (Cross-site scripting (XSS) vulnerability in userupload.php in ...)
+CVE-2006-5144
 	NOT-FOR-US: OlateDownload
-CVE-2006-5143 (Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 ...)
+CVE-2006-5143
 	NOT-FOR-US: Backup Agent RPC Server
-CVE-2006-5142 (Stack-based buffer overflow in CA BrightStor ARCserve Backup R11.5 ...)
+CVE-2006-5142
 	NOT-FOR-US: CA BrightStor ARCserver Backup
-CVE-2006-5141 (PHP remote file inclusion vulnerability in script.php in Kevin A. ...)
+CVE-2006-5141
 	NOT-FOR-US: Open Geo Targeting (aka geotarget)
-CVE-2006-5140 (SQL injection vulnerability in display.php in Lappy512 PHP Krazy Image ...)
+CVE-2006-5140
 	NOT-FOR-US: Image Host Script (phpkimagehost)
-CVE-2006-5139 (Unspecified vulnerability in MkPortal allows remote attackers to ...)
+CVE-2006-5139
 	NOT-FOR-US: MkPortal
-CVE-2006-5138 (Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain ...)
+CVE-2006-5138
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2006-5137 (Multiple direct static code injection vulnerabilities in Groupee ...)
+CVE-2006-5137
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2006-5136 (Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in ...)
+CVE-2006-5136
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2006-5135 (Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow ...)
+CVE-2006-5135
 	NOT-FOR-US: A-Blog
-CVE-2006-5134 (Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated users to ...)
+CVE-2006-5134
 	NOT-FOR-US: Mercury SiteScope
-CVE-2006-5133 (Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have ...)
+CVE-2006-5133
 	NOT-FOR-US: GuildFTPd
-CVE-2006-5132 (Multiple PHP remote file inclusion vulnerabilities in phpMyAgenda 3.0 ...)
+CVE-2006-5132
 	NOT-FOR-US: phpMyAgenda
-CVE-2006-5131 (module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another ...)
+CVE-2006-5131
 	NOT-FOR-US: just another flat file (JAF) CMS
-CVE-2006-5130 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
+CVE-2006-5130
 	NOT-FOR-US: ust another flat file (JAF) CMS
-CVE-2006-5129 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
+CVE-2006-5129
 	NOT-FOR-US: ust another flat file (JAF) CMS
-CVE-2006-5128 (SQL injection vulnerability in index.php in Bartels Schoene ConPresso ...)
+CVE-2006-5128
 	NOT-FOR-US: ConPresso
-CVE-2006-5127 (Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ...)
+CVE-2006-5127
 	NOT-FOR-US: ConPresso
-CVE-2006-5126 (PHP remote file inclusion vulnerability in index.php in John Himmelman ...)
+CVE-2006-5126
 	NOT-FOR-US: PowerPortal
-CVE-2006-5125 (Directory traversal vulnerability in window.php, possibly used by ...)
+CVE-2006-5125
 	NOT-FOR-US: phpMyWebmin
-CVE-2006-5124 (Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim ...)
+CVE-2006-5124
 	NOT-FOR-US: phpMyWebmin
-CVE-2006-5123 (Multiple PHP remote file inclusion vulnerabilities in Albrecht ...)
+CVE-2006-5123
 	NOT-FOR-US: PHProjekt
-CVE-2006-5122 (Multiple cross-site scripting (XSS) vulnerabilities in Mercury ...)
+CVE-2006-5122
 	NOT-FOR-US: SiteScope
-CVE-2006-5121 (SQL injection vulnerability in modules/Downloads/admin.php in the ...)
+CVE-2006-5121
 	NOT-FOR-US: PostNuke
-CVE-2006-5120 (Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer ...)
+CVE-2006-5120
 	NOT-FOR-US: Red Mombin
-CVE-2006-5119 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 ...)
+CVE-2006-5119
 	NOT-FOR-US: Zen Cart
-CVE-2006-5118 (PHP remote file inclusion vulnerability in index.php3 in the PDD ...)
+CVE-2006-5118
 	NOT-FOR-US: PHPSelect Web Development Division
-CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web ...)
+CVE-2006-5117
 	- phpmyadmin 4:2.9.0.2-0.1 (bug #391090; unimportant)
 	NOTE: Only path disclosure
-CVE-2006-5116 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2006-5116
 	{DSA-1207-1}
 	- phpmyadmin 4:2.9.0.2-0.1 (bug #391090; bug #400553; low)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87 allows ...)
+CVE-2006-5115
 	NOT-FOR-US: KGB
-CVE-2006-5114 (Multiple cross-site scripting (XSS) vulnerabilities in wgate in SAP ...)
+CVE-2006-5114
 	NOT-FOR-US: SAP
-CVE-2006-5113 (Directory traversal vulnerability in common.php in Yuuki Yoshizawa ...)
+CVE-2006-5113
 	NOT-FOR-US: Exporia
-CVE-2006-5112 (Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote ...)
+CVE-2006-5112
 	NOT-FOR-US: NaviCOPA Web Server
-CVE-2006-5111 (The libksba library 0.9.12 and possibly other versions, as used by ...)
+CVE-2006-5111
 	- libksba 0.9.14-1 (low; bug #391278)
 	[sarge] - libksba <no-dsa> (Minor issue)
-CVE-2006-5110 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice ...)
+CVE-2006-5110
 	NOT-FOR-US: PHP Invoice
-CVE-2006-5109 (Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive ...)
+CVE-2006-5109
 	NOT-FOR-US: CubeCart
-CVE-2006-5108 (Multiple cross-site scripting (XSS) vulnerabilities in Devellion ...)
+CVE-2006-5108
 	NOT-FOR-US: CubeCart
-CVE-2006-5107 (Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x ...)
+CVE-2006-5107
 	NOT-FOR-US: CubeCart
-CVE-2006-5106 (Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 ...)
+CVE-2006-5106
 	NOT-FOR-US: FacileForms for Mambo and Joomla!
-CVE-2006-5105 (Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 ...)
+CVE-2006-5105
 	NOT-FOR-US: SyntaxCMS
-CVE-2006-5104 (SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x ...)
+CVE-2006-5104
 	NOT-FOR-US: vBulletin
-CVE-2006-5103 (PHP remote file inclusion vulnerability in admin/index2.php in bbsNew ...)
+CVE-2006-5103
 	NOT-FOR-US: bbsNew
-CVE-2006-5102 (PHP remote file inclusion vulnerability in include/editfunc.inc.php in ...)
+CVE-2006-5102
 	NOT-FOR-US: Newswriter SW
-CVE-2006-5101 (PHP remote file inclusion vulnerability in include.php in Comdev CSV ...)
+CVE-2006-5101
 	NOT-FOR-US: Comdev CSV Importer
-CVE-2006-5100 (PHP remote file inclusion vulnerability in parse/parser.php in ...)
+CVE-2006-5100
 	NOT-FOR-US: WEB//NEWS (aka webnews)
-CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when ...)
+CVE-2006-5099
 	- dokuwiki 0.0.20060309-5.2 (bug #391291; medium)
-CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote ...)
+CVE-2006-5098
 	- dokuwiki 0.0.20060309-5.2 (bug #391291; medium)
-CVE-2006-5097 (** DISPUTED ** ...)
+CVE-2006-5097
 	NOT-FOR-US: net2ftp
-CVE-2006-5096 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-5096
 	NOT-FOR-US: VirtueMart
-CVE-2006-5095 (** DISPUTED ** ...)
+CVE-2006-5095
 	NOT-FOR-US: MyPhotos
-CVE-2006-5094 (PHP remote file inclusion vulnerability in includes/functions_kb.php ...)
+CVE-2006-5094
 	NOT-FOR-US: phpBB XS
-CVE-2006-5093 (PHP remote file inclusion vulnerability in index.php in Tagmin Control ...)
+CVE-2006-5093
 	NOT-FOR-US: TagIt! Tagboard
-CVE-2006-5092 (PHP remote file inclusion vulnerability in navigation/menu.php in ...)
+CVE-2006-5092
 	NOT-FOR-US: A-Blog
-CVE-2006-5091 (Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server ...)
+CVE-2006-5091
 	NOT-FOR-US: HP-UX Samba
-CVE-2006-5090 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix ...)
+CVE-2006-5090
 	NOT-FOR-US: Phoenix Evolution CMS (PECMS)
-CVE-2006-5089 (** DISPUTED ** ...)
+CVE-2006-5089
 	NOT-FOR-US: My-BIC
-CVE-2006-5088 (PHP remote file inclusion vulnerability in connected_users.lib.php3 in ...)
+CVE-2006-5088
 	NOT-FOR-US: phpMyChat
-CVE-2006-5087 (Multiple PHP remote file inclusion vulnerabilities in evoBB 0.3 and ...)
+CVE-2006-5087
 	NOT-FOR-US: evoBB
-CVE-2006-5086 (Blog Pixel Motion 2.1.1 allows remote attackers to change the username ...)
+CVE-2006-5086
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2006-5085 (Static code injection vulnerability in config.php in Blog Pixel Motion ...)
+CVE-2006-5085
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2006-5084 (Format string vulnerability in the NSRunAlertPanel function in eBay ...)
+CVE-2006-5084
 	NOT-FOR-US: Skype
-CVE-2006-5083 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5083
 	NOT-FOR-US: Integrated MODs (IM) Portal
-CVE-2006-5082 (Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before ...)
+CVE-2006-5082
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2006-5081 (PHP remote file inclusion vulnerability in acc.php in QuickBlogger ...)
+CVE-2006-5081
 	NOT-FOR-US: QuickBlogger
-CVE-2006-5080 (Cross-site scripting (XSS) vulnerability in the search function in Six ...)
+CVE-2006-5080
 	NOT-FOR-US: Movable Type
-CVE-2006-5079 (PHP remote file inclusion vulnerability in class.mysql.php in Matt ...)
+CVE-2006-5079
 	NOT-FOR-US: paBugs
-CVE-2006-5078 (PHP remote file inclusion vulnerability in view/general.php in ...)
+CVE-2006-5078
 	NOT-FOR-US: Polaring
-CVE-2006-5077 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5077
 	NOT-FOR-US: Minerva
-CVE-2006-5076 (Multiple PHP remote file inclusion vulnerabilities in OpenConcept ...)
+CVE-2006-5076
 	NOT-FOR-US: OpenConcept Back-End
-CVE-2006-5075 (The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris ...)
+CVE-2006-5075
 	NOT-FOR-US: Solaris
-CVE-2006-5074 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice ...)
+CVE-2006-5074
 	NOT-FOR-US: PHP Invoice
-CVE-2006-5073 (Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote ...)
+CVE-2006-5073
 	NOT-FOR-US: Solaris
-CVE-2006-5072 (The System.CodeDom.Compiler classes in Novell Mono create temporary ...)
+CVE-2006-5072
 	- mono 1.1.17.1-5
-CVE-2006-5071 (Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before ...)
+CVE-2006-5071
 	NOT-FOR-US: eyeOS
-CVE-2006-5070 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5070
 	NOT-FOR-US: faceStones Personal
-CVE-2006-5069 (Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php ...)
+CVE-2006-5069
 	- typo3-src <not-affected> (only versions 4.0.0+4.0.1 affected)
-CVE-2006-5068 (PHP remote file inclusion vulnerability in admin/index.php in ...)
+CVE-2006-5068
 	NOT-FOR-US: BrudaNews
-CVE-2006-5067 (** DISPUTED ** ...)
+CVE-2006-5067
 	NOT-FOR-US: PHP System Administration Toolkit (PHPSaTK)
-CVE-2006-5066 (Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport ...)
+CVE-2006-5066
 	NOT-FOR-US: DanPHPSupport
-CVE-2006-5065 (PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ...)
+CVE-2006-5065
 	NOT-FOR-US: ZoomStats
-CVE-2006-5064 (Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4 ...)
+CVE-2006-5064
 	NOT-FOR-US: BirdBlog
-CVE-2006-5063 (Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote ...)
+CVE-2006-5063
 	{DSA-1242-1}
 	- elog 2.6.2+r1719-1 (bug #389361)
-CVE-2006-5062 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5062
 	NOT-FOR-US: PBLang (PBL)
-CVE-2006-5061 (PHP remote file inclusion vulnerability in mcf.php in ...)
+CVE-2006-5061
 	NOT-FOR-US: Advanced-Clan-Script (AVCX)
-CVE-2006-5060 (Cross-site scripting (XSS) vulnerability in login.php in Jamroom ...)
+CVE-2006-5060
 	NOT-FOR-US: Jamroom
-CVE-2006-5059 (Multiple cross-site scripting (XSS) vulnerabilities in WWWthreads ...)
+CVE-2006-5059
 	NOT-FOR-US: WWWthreads
-CVE-2006-5058 (Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty ...)
+CVE-2006-5058
 	NOT-FOR-US: Call of Duty
-CVE-2006-5057 (Multiple cross-site scripting (XSS) vulnerabilities in Ktools.net ...)
+CVE-2006-5057
 	NOT-FOR-US: PhotoStore
-CVE-2006-5056 (Cross-site scripting (XSS) vulnerability in index.php in Opial ...)
+CVE-2006-5056
 	NOT-FOR-US: Opial Audio/Video Download Management
-CVE-2006-5055 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-5055
 	NOT-FOR-US: syntaxCMS
-CVE-2006-5054 (SQL injection vulnerability in uye/uye_ayrinti.asp in iyzi Forum 1 ...)
+CVE-2006-5054
 	NOT-FOR-US: iyzi Forum
-CVE-2006-5053 (PHP remote file inclusion vulnerability in webnews/template.php in ...)
+CVE-2006-5053
 	NOT-FOR-US: Web-News
-CVE-2006-5052 (Unspecified vulnerability in portable OpenSSH before 4.4, when running ...)
+CVE-2006-5052
 	[etch] - openssh <no-dsa> (Minor issue)
 	- openssh 1:4.6p1-1 (low)
-CVE-2006-5051 (Signal handler race condition in OpenSSH before 4.4 allows remote ...)
+CVE-2006-5051
 	{DSA-1638-1 DSA-1212 DSA-1189-1}
 	- openssh 1:4.6p1-1 (low)
 	- openssh-krb5 <removed> (high)
 	NOTE: From my analysis only openssh with Kerberos support should be vulnerable
 	NOTE: However, we'll fix openssh as well just to make sure
-CVE-2006-5050 (Directory traversal vulnerability in httpd in Rob Landley BusyBox ...)
+CVE-2006-5050
 	- busybox <not-affected> (bug #390555; irreproducible)
 	[sarge] - busybox <not-affected> (Vulnerable code not present)
-CVE-2006-5049 (Unspecified vulnerability in Classifieds (com_classifieds) component ...)
+CVE-2006-5049
 	NOT-FOR-US: Classifieds (com_classifieds) component for Joomla!
-CVE-2006-5048 (Multiple PHP remote file inclusion vulnerabilities in Security Images ...)
+CVE-2006-5048
 	NOT-FOR-US: Security Images (com_securityimages) component for Joomla!
-CVE-2006-5047 (Unspecified vulnerability in rsgallery2.html.php in RS Gallery2 ...)
+CVE-2006-5047
 	NOT-FOR-US: RS Gallery2 component for Joomla! (com_rsgallery2)
-CVE-2006-5046 (Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and ...)
+CVE-2006-5046
 	NOT-FOR-US: RS Gallery2 component for Joomla! (com_rsgallery2)
-CVE-2006-5045 (Unspecified vulnerability in PollXT component (com_pollxt) 1.22.07 and ...)
+CVE-2006-5045
 	NOT-FOR-US: PollXT component (com_pollxt) for Joomla!
-CVE-2006-5044 (Unspecified vulnerability in Prince Clan (Princeclan) Chess component ...)
+CVE-2006-5044
 	NOT-FOR-US: Prince Clan (Princeclan) Chess componen (com_pcchess) for Mambo and Joomla!
-CVE-2006-5043 (Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard ...)
+CVE-2006-5043
 	NOT-FOR-US: JoomlaBoard (com_joomlaboard) for Joomla!
-CVE-2006-5042 (Unspecified vulnerability in mosMedia (com_mosmedia) 1.0.8 and earlier ...)
+CVE-2006-5042
 	NOT-FOR-US: mosMedia (com_mosmedia) for Joomla!
-CVE-2006-5041 (Unspecified vulnerability in Hot Properties (possibly ...)
+CVE-2006-5041
 	NOT-FOR-US: Hot Properties (possibly com_hotproperties) for Joomla!
-CVE-2006-5040 (Unspecified vulnerability in SEF404x (com_sef) for Joomla! has ...)
+CVE-2006-5040
 	NOT-FOR-US: SEF404x (com_sef) for Joomla!
-CVE-2006-5039 (Unspecified vulnerability in Events 1.3 beta module (com_events) for ...)
+CVE-2006-5039
 	NOT-FOR-US: Events 1.3 beta module (com_events) for Joomla!
-CVE-2006-5038 (The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 01_02_07, ...)
+CVE-2006-5038
 	NOT-FOR-US: FiWin
-CVE-2006-5037 (** DISPUTED ** ...)
+CVE-2006-5037
 	NOT-FOR-US: MySource Matrix
-CVE-2006-5036 (** DISPUTED ** ...)
+CVE-2006-5036
 	NOT-FOR-US: MySource Matrix
-CVE-2006-5035 (Multiple cross-site scripting (XSS) vulnerabilities in Paul Smith ...)
+CVE-2006-5035
 	NOT-FOR-US: vCAP
-CVE-2006-5034 (Directory traversal vulnerability in Paul Smith Computer Services vCAP ...)
+CVE-2006-5034
 	NOT-FOR-US: vCAP
-CVE-2006-5033 (Unspecified vulnerability in StoresAndCalendarsList.cgi in Paul Smith ...)
+CVE-2006-5033
 	NOT-FOR-US: vCAP
-CVE-2006-5032 (PHP remote file inclusion vulnerability in dix.php3 in PHPartenaire ...)
+CVE-2006-5032
 	NOT-FOR-US: PHPartenaire
-CVE-2006-5031 (Directory traversal vulnerability in app/webroot/js/vendors.php in ...)
+CVE-2006-5031
 	- cakephp 1.1.13.4450-1
-CVE-2006-5030 (SQL injection vulnerability in modules/messages/index.php in exV2 ...)
+CVE-2006-5030
 	NOT-FOR-US: exV2
-CVE-2006-5029 (SQL injection vulnerability in thread.php in WoltLab Burning Board ...)
+CVE-2006-5029
 	NOT-FOR-US: WoltLab Burning Board (wBB)
-CVE-2006-5028 (Directory traversal vulnerability in filemanager/filemanager.php in ...)
+CVE-2006-5028
 	NOT-FOR-US: Plesk
-CVE-2006-5027 (Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers ...)
+CVE-2006-5027
 	NOT-FOR-US: JevonCMS
-CVE-2006-5026 (Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner ...)
+CVE-2006-5026
 	NOT-FOR-US: Paisterist Simple HTTP Scanner (sHTTPScanner)
-CVE-2006-5025 (Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner ...)
+CVE-2006-5025
 	NOT-FOR-US: Paisterist Simple HTTP Scanner (sHTTPScanner)
-CVE-2006-5024 (Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner ...)
+CVE-2006-5024
 	NOT-FOR-US: Paisterist Simple HTTP Scanner (sHTTPScanner)
-CVE-2006-5023 (SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier ...)
+CVE-2006-5023
 	NOT-FOR-US: xweblog
-CVE-2006-5022 (PHP remote file inclusion vulnerability in includes/global.php in ...)
+CVE-2006-5022
 	NOT-FOR-US: pNews System 1.1.0 (aka PowerNews)
-CVE-2006-5021 (Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG ...)
+CVE-2006-5021
 	NOT-FOR-US: RedBLoG
-CVE-2006-5020 (Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 ...)
+CVE-2006-5020
 	NOT-FOR-US: SolidState
-CVE-2006-5019 (Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain ...)
+CVE-2006-5019
 	NOT-FOR-US: Google Mini
-CVE-2006-5018 (ContentKeeper 123.25 and earlier places passwords in cleartext in an ...)
+CVE-2006-5018
 	NOT-FOR-US: ContentKeeper
-CVE-2006-5017 (SQL injection vulnerability in admin/all_users.php in Szava Gyula and ...)
+CVE-2006-5017
 	NOT-FOR-US: e-Vision CMS
-CVE-2006-5016 (Unrestricted file upload vulnerability in admin/x_image.php in Szava ...)
+CVE-2006-5016
 	NOT-FOR-US: e-Vision CMS
-CVE-2006-5015 (PHP remote file inclusion vulnerability in hit.php in Kietu 3.2 allows ...)
+CVE-2006-5015
 	NOT-FOR-US: Kietu
-CVE-2006-5014 (Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows ...)
+CVE-2006-5014
 	NOT-FOR-US: cPanel
-CVE-2006-5013 (Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 ...)
+CVE-2006-5013
 	NOT-FOR-US: Solaris
-CVE-2006-5012 (Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 ...)
+CVE-2006-5012
 	NOT-FOR-US: Solaris
-CVE-2006-5011 (Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and ...)
+CVE-2006-5011
 	NOT-FOR-US: AIX
-CVE-2006-5010 (Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows ...)
+CVE-2006-5010
 	NOT-FOR-US: AIX
-CVE-2006-5009 (Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows ...)
+CVE-2006-5009
 	NOT-FOR-US: AIX
-CVE-2006-5008 (Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows ...)
+CVE-2006-5008
 	NOT-FOR-US: AIX
-CVE-2006-5007 (Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 ...)
+CVE-2006-5007
 	NOT-FOR-US: AIX
-CVE-2006-5006 (Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local ...)
+CVE-2006-5006
 	NOT-FOR-US: AIX
-CVE-2006-5005 (Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and ...)
+CVE-2006-5005
 	NOT-FOR-US: AIX
-CVE-2006-5004 (Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and ...)
+CVE-2006-5004
 	NOT-FOR-US: AIX
-CVE-2006-5003 (Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and ...)
+CVE-2006-5003
 	NOT-FOR-US: AIX
-CVE-2006-5002 (Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 ...)
+CVE-2006-5002
 	NOT-FOR-US: AIX
-CVE-2006-5001 (Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 ...)
+CVE-2006-5001
 	NOT-FOR-US: WS_FTP
-CVE-2006-5000 (Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and ...)
+CVE-2006-5000
 	NOT-FOR-US: WS_FTP
 CVE-2006-4999
 	RESERVED
 CVE-2006-4998
 	RESERVED
-CVE-2006-4997 (The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux ...)
+CVE-2006-4997
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.18-1
-CVE-2006-4996 (Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 ...)
+CVE-2006-4996
 	NOT-FOR-US: JoomlaLib (com_joomlalib) for Joomla!
-CVE-2006-4995 (PHP remote file inclusion vulnerability in BSQ Sitestats ...)
+CVE-2006-4995
 	NOT-FOR-US: BSQ Sitestats for Joomla!
-CVE-2006-4994 (Multiple unquoted Windows search path vulnerabilities in Apache ...)
+CVE-2006-4994
 	NOT-FOR-US: XAMPP
-CVE-2006-4993 (Multiple PHP remote file inclusion vulnerabilities in AllMyGuests ...)
+CVE-2006-4993
 	NOT-FOR-US: AllMyGuests
-CVE-2006-4992 (Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for ...)
+CVE-2006-4992
 	NOT-FOR-US: JD-WordPress for Joomla!
-CVE-2006-4991 (RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows ...)
+CVE-2006-4991
 	NOT-FOR-US: RSA Keon Certificate Authority (KeonCA) Manager
-CVE-2006-4990 (Multiple PHP remote file inclusion vulnerabilities in PhotoPost allow ...)
+CVE-2006-4990
 	NOT-FOR-US: PhotoPost
-CVE-2006-4989 (Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive ...)
+CVE-2006-4989
 	NOT-FOR-US: Wili-CMS
-CVE-2006-4988 (Multiple cross-site scripting (XSS) vulnerabilities in Patrick ...)
+CVE-2006-4988
 	NOT-FOR-US: Wili-CMS
-CVE-2006-4987 (Multiple PHP remote file inclusion vulnerabilities in Patrick ...)
+CVE-2006-4987
 	NOT-FOR-US: Wili-CMS
-CVE-2006-4986 (Grayscale BandSite CMS allows remote attackers to obtain sensitive ...)
+CVE-2006-4986
 	NOT-FOR-US: BandSite CMS
-CVE-2006-4985 (Multiple cross-site scripting (XSS) vulnerabilities in Grayscale ...)
+CVE-2006-4985
 	NOT-FOR-US: BandSite CMS
-CVE-2006-4984 (Multiple PHP remote file inclusion vulnerabilities in Grayscale ...)
+CVE-2006-4984
 	NOT-FOR-US: BandSite CMS
-CVE-2006-4983 (Cisco NAC allows quarantined devices to communicate over the network ...)
+CVE-2006-4983
 	NOT-FOR-US: Cisco
-CVE-2006-4982 (Cisco NAC maintains an exception list that does not record device ...)
+CVE-2006-4982
 	NOT-FOR-US: Cisco
-CVE-2006-4981 (Symantec Sygate NAC allows physically proximate attackers to bypass ...)
+CVE-2006-4981
 	NOT-FOR-US: Symantec
-CVE-2006-4980 (Buffer overflow in the repr function in Python 2.3 through 2.6 before ...)
+CVE-2006-4980
 	{DSA-1198-1 DSA-1197-1}
 	- python2.5 2.5-1 (bug #391589)
 	- python2.4 2.4.3-9 (bug #391589)
 	- python2.3 2.3.5-16 (bug #393053)
 	- python2.2 <not-affected> (Compiled without UCS-4 support)
-CVE-2006-4979 (Direct static code injection vulnerability in cfgphpquiz/install.php ...)
+CVE-2006-4979
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4978 (Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 ...)
+CVE-2006-4978
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4977 (Multiple unrestricted file upload vulnerabilities in (1) ...)
+CVE-2006-4977
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4976 (The Date Library in John Lim ADOdb Library for PHP allows remote ...)
+CVE-2006-4976
 	- libphp-adodb <unfixed> (unimportant)
 	- gallery2 <removed> (unimportant)
 	- phppgadmin <unfixed> (unimportant)
@@ -5047,93 +5047,93 @@ CVE-2006-4976 (The Date Library in John Lim ADOdb Library for PHP allows remote
 	- phpwiki <unfixed> (unimportant)
 	- moodle <removed> (unimportant)
 	NOTE: full path is known in Debian anyway
-CVE-2006-4975 (Yahoo! Messenger for WAP permits saving messages that contain ...)
+CVE-2006-4975
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2006-4974 (Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows ...)
+CVE-2006-4974
 	NOT-FOR-US: WS_FTP
-CVE-2006-4973 (Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual ...)
+CVE-2006-4973
 	NOT-FOR-US: DotNetNuke
-CVE-2006-4972 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-4972
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4971 (MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive ...)
+CVE-2006-4971
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4970 (PHP remote file inclusion vulnerability in enc/content.php in WAHM ...)
+CVE-2006-4970
 	NOT-FOR-US: Pie Cart Pro
-CVE-2006-4969 (Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce ...)
+CVE-2006-4969
 	NOT-FOR-US: Pie Cart Pro
-CVE-2006-4968 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4968
 	NOT-FOR-US: PNphpBB
 	NOTE: code in phpBB is different and not affected
-CVE-2006-4967 (Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart ...)
+CVE-2006-4967
 	NOT-FOR-US: NextAge Cart
-CVE-2006-4966 (PHP remote file inclusion vulnerability in inc/ifunctions.php in ...)
+CVE-2006-4966
 	NOT-FOR-US: phpQuestionnaire
-CVE-2006-4965 (Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to ...)
+CVE-2006-4965
 	NOT-FOR-US: Apple
 	NOTE: also used for related MFSA-2007-28, but still a QuickTime/Windows only issue
-CVE-2006-4964 (Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before ...)
+CVE-2006-4964
 	NOT-FOR-US: MAXdev MDPro
-CVE-2006-4963 (Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 ...)
+CVE-2006-4963
 	NOT-FOR-US: Exponent CMS
-CVE-2006-4962 (Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon ...)
+CVE-2006-4962
 	NOT-FOR-US: Php Blue Dragon
-CVE-2006-4961 (SQL injection vulnerability in the GetModuleConfig function in ...)
+CVE-2006-4961
 	NOT-FOR-US: Php Blue Dragon
-CVE-2006-4960 (Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon ...)
+CVE-2006-4960
 	NOT-FOR-US: Php Blue Dragon
-CVE-2006-4959 (Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows ...)
+CVE-2006-4959
 	NOT-FOR-US: Sun Secure Global Desktop
-CVE-2006-4958 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure ...)
+CVE-2006-4958
 	NOT-FOR-US: Sun Secure Global Desktop
-CVE-2006-4957 (SQL injection vulnerability in the GetMember function in functions.php ...)
+CVE-2006-4957
 	NOT-FOR-US: MyReview
-CVE-2006-4956 (Cross-site scripting (XSS) vulnerability in the updateuser servlet in ...)
+CVE-2006-4956
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4955 (Directory traversal vulnerability in the downloadfile servlet in Neon ...)
+CVE-2006-4955
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4954 (The updateuser servlet in Neon WebMail for Java before 5.08 does not ...)
+CVE-2006-4954
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4953 (Multiple SQL injection vulnerabilities in Neon WebMail for Java before ...)
+CVE-2006-4953
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4952 (The updatemail servlet in Neon WebMail for Java before 5.08 allows ...)
+CVE-2006-4952
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4951 (Neon WebMail for Java before 5.08 allows remote attackers to execute ...)
+CVE-2006-4951
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4950 (Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, ...)
+CVE-2006-4950
 	NOT-FOR-US: Cisco
-CVE-2006-4949 (Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site ...)
+CVE-2006-4949
 	NOT-FOR-US: Profile Directory (profile_pages.module) for Drupal
-CVE-2006-4948 (Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server ...)
+CVE-2006-4948
 	NOT-FOR-US: TFTPDWIN
-CVE-2006-4947 (Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search ...)
+CVE-2006-4947
 	NOT-FOR-US: Search Keywords module for Drupal
-CVE-2006-4946 (PHP remote file inclusion vulnerability in include/startup.inc.php in ...)
+CVE-2006-4946
 	NOT-FOR-US: CMSDevelopment Business Card Web Builder (BCWB)
-CVE-2006-4945 (Multiple PHP remote file inclusion vulnerabilities in Cardway (aka ...)
+CVE-2006-4945
 	NOT-FOR-US: DigitalWebShop
-CVE-2006-4944 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4944
 	NOT-FOR-US: ProgSys
-CVE-2006-4943 (course/jumpto.php in Moodle before 1.6.2 does not validate the session ...)
+CVE-2006-4943
 	- moodle 1.6.2-1
 	[sarge] - moodle <not-affected> (File not present)
-CVE-2006-4942 (Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) ...)
+CVE-2006-4942
 	- moodle 1.6.2-1
-CVE-2006-4941 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle before ...)
+CVE-2006-4941
 	- moodle 1.6.2-1
-CVE-2006-4940 (login/forgot_password.php in Moodle before 1.6.2 allows remote ...)
+CVE-2006-4940
 	- moodle 1.6.2-1
 	[sarge] - moodle <not-affected> (Function not present)
-CVE-2006-4939 (backup/backup_scheduled.php in Moodle before 1.6.2 generates trace ...)
+CVE-2006-4939
 	- moodle 1.6.2-1 (unimportant)
 	NOTE: Path disclosure
-CVE-2006-4938 (help.php in Moodle before 1.6.2 does not check the existence of ...)
+CVE-2006-4938
 	- moodle 1.6.2-1 (unimportant)
 	NOTE: Path disclosure
-CVE-2006-4937 (lib/setup.php in Moodle before 1.6.2 sets the error reporting level to ...)
+CVE-2006-4937
 	- moodle 1.6.2-1
-CVE-2006-4936 (Moodle before 1.6.2 does not properly validate the module instance id ...)
+CVE-2006-4936
 	- moodle 1.6.2-1
-CVE-2006-4935 (The Database module in Moodle before 1.6.2 does not properly handle ...)
+CVE-2006-4935
 	- moodle 1.6.2-1
 CVE-2006-4934
 	RESERVED
@@ -5149,180 +5149,180 @@ CVE-2006-4929
 	RESERVED
 CVE-2006-4928
 	RESERVED
-CVE-2006-4927 (The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device ...)
+CVE-2006-4927
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2006-4926 (The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and ...)
+CVE-2006-4926
 	NOT-FOR-US: Kaspersky Labs
-CVE-2006-4925 (packet.c in ssh in OpenSSH allows remote attackers to cause a denial ...)
+CVE-2006-4925
 	- openssh 1:5.1p1-5 (unimportant)
 	NOTE: That's a non-issue
-CVE-2006-4924 (sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, ...)
+CVE-2006-4924
 	{DSA-1212 DSA-1189-1}
 	- openssh 1:4.3p2-4 (low; bug #389995)
 	- openssh-krb5 <unfixed> (low)
-CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat ...)
+CVE-2006-4923
 	NOT-FOR-US: eSyndiCat Portal System
-CVE-2006-4922 (Unrestricted file upload vulnerability in ...)
+CVE-2006-4922
 	NOT-FOR-US: Site@School
-CVE-2006-4921 (PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 ...)
+CVE-2006-4921
 	NOT-FOR-US: Site@School
-CVE-2006-4920 (Multiple PHP remote file inclusion vulnerabilities in Site@School ...)
+CVE-2006-4920
 	NOT-FOR-US: Site@School
-CVE-2006-4919 (Directory traversal vulnerability in ...)
+CVE-2006-4919
 	NOT-FOR-US: Site@School
-CVE-2006-4918 (Multiple PHP remote file inclusion vulnerabilities in Simple ...)
+CVE-2006-4918
 	NOT-FOR-US: Simple Discussion Board
-CVE-2006-4917 (Cross-site scripting (XSS) vulnerability in search.php in PT News ...)
+CVE-2006-4917
 	NOT-FOR-US: PT News
-CVE-2006-4916 (SQL injection vulnerability in uye_profil.asp in Tekman Portal (TR) ...)
+CVE-2006-4916
 	NOT-FOR-US: Tekman Portal
-CVE-2006-4915 (Cross-site scripting (XSS) vulnerability in index.php in Innovate ...)
+CVE-2006-4915
 	NOT-FOR-US: Innovate Portal
-CVE-2006-4914 (Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote ...)
+CVE-2006-4914
 	NOT-FOR-US: A.l-Pifou
-CVE-2006-4913 (Directory traversal vulnerability in chat/getStartOptions.php in ...)
+CVE-2006-4913
 	NOT-FOR-US: AlstraSoft E-friends
-CVE-2006-4912 (PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and ...)
+CVE-2006-4912
 	NOT-FOR-US: PHP DocWriter
-CVE-2006-4911 (Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 ...)
+CVE-2006-4911
 	NOT-FOR-US: Cisco
-CVE-2006-4910 (The web administration interface (mainApp) to Cisco IDS before ...)
+CVE-2006-4910
 	NOT-FOR-US: Cisco
-CVE-2006-4909 (Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS ...)
+CVE-2006-4909
 	NOT-FOR-US: Cisco
-CVE-2006-4908 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive ...)
+CVE-2006-4908
 	NOT-FOR-US: OSU
-CVE-2006-4907 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive ...)
+CVE-2006-4907
 	NOT-FOR-US: OSU
-CVE-2006-4906 (SQL injection vulnerability in modules/calendar/week.php in ...)
+CVE-2006-4906
 	NOT-FOR-US: More.groupware
-CVE-2006-4905 (PHP remote file inclusion vulnerability in index.php in Artmedic Links ...)
+CVE-2006-4905
 	NOT-FOR-US: Artmedic Links
-CVE-2006-4904 (Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam ...)
+CVE-2006-4904
 	NOT-FOR-US: X-Cart
 CVE-2006-4903
 	RESERVED
-CVE-2006-4902 (The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 ...)
+CVE-2006-4902
 	NOT-FOR-US: Symantec Veritas NetBackup
-CVE-2006-4901 (Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up ...)
+CVE-2006-4901
 	NOT-FOR-US: CA eTrust
-CVE-2006-4900 (Directory traversal vulnerability in Computer Associates (CA) eTrust ...)
+CVE-2006-4900
 	NOT-FOR-US: CA eTrust
-CVE-2006-4899 (The ePPIServlet script in Computer Associates (CA) eTrust Security ...)
+CVE-2006-4899
 	NOT-FOR-US: CA eTrust
-CVE-2006-4898 (PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in ...)
+CVE-2006-4898
 	NOT-FOR-US: guanxiCRM
-CVE-2006-4897 (CMtextS 1.0 and earlier stores users_logins/admin.txt under the web ...)
+CVE-2006-4897
 	NOT-FOR-US: CMtextS
 CVE-2006-4896
 	REJECTED
-CVE-2006-4895 (IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to ...)
+CVE-2006-4895
 	NOT-FOR-US: IDevSpot NexieAffiliate
-CVE-2006-4894 (Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in ...)
+CVE-2006-4894
 	NOT-FOR-US: IDevSpot NexieAffiliate
-CVE-2006-4893 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4893
 	NOT-FOR-US: phpBB XS
-CVE-2006-4892 (SQL injection vulnerability in faqview.asp in Techno Dreams FAQ ...)
+CVE-2006-4892
 	NOT-FOR-US: Techno Dreams FAQ
-CVE-2006-4891 (SQL injection vulnerability in ArticlesTableview.asp in Techno Dreams ...)
+CVE-2006-4891
 	NOT-FOR-US: Techno Dreams
-CVE-2006-4890 (Multiple PHP remote file inclusion vulnerabilities in UNAK-CMS 1.5 and ...)
+CVE-2006-4890
 	NOT-FOR-US: UNAK-CMS
-CVE-2006-4889 (Multiple PHP remote file inclusion vulnerabilities in Telekorn ...)
+CVE-2006-4889
 	NOT-FOR-US: Telekorn SignKorn Guestbook
-CVE-2006-4888 (Microsoft Internet Explorer 6 and earlier allows remote attackers to ...)
+CVE-2006-4888
 	NOT-FOR-US: Microsoft
-CVE-2006-4887 (Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop ...)
+CVE-2006-4887
 	NOT-FOR-US: Apple
-CVE-2006-4886 (The VirusScan On-Access Scan component in McAfee VirusScan Enterprise ...)
+CVE-2006-4886
 	NOT-FOR-US: McAfee
-CVE-2006-4885 (PHP remote file inclusion vulnerability in Shadowed Portal 5.599 and ...)
+CVE-2006-4885
 	NOT-FOR-US: Shadowed Portal
-CVE-2006-4884 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot ...)
+CVE-2006-4884
 	NOT-FOR-US: IDevSpot iSupport
-CVE-2006-4883 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot ...)
+CVE-2006-4883
 	NOT-FOR-US: IDevSpot BizDirectory
-CVE-2006-4882 (SQL injection vulnerability in Review.asp in Julian Roberts Charon ...)
+CVE-2006-4882
 	NOT-FOR-US: Cart 3
-CVE-2006-4881 (Multiple cross-site scripting (XSS) vulnerabilities in David Bennett ...)
+CVE-2006-4881
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4880 (David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers ...)
+CVE-2006-4880
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4879 (SQL injection vulnerability in profile.php in David Bennett PHP-Post ...)
+CVE-2006-4879
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4878 (Directory traversal vulnerability in footer.php in David Bennett ...)
+CVE-2006-4878
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4877 (Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 ...)
+CVE-2006-4877
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4876 (Multiple SQL injection vulnerabilities in Jupiter CMS allow remote ...)
+CVE-2006-4876
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4875 (Unrestricted file upload vulnerability in ...)
+CVE-2006-4875
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4874 (Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS ...)
+CVE-2006-4874
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4873 (Jupiter CMS allows remote attackers to obtain sensitive information ...)
+CVE-2006-4873
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4872 (SQL injection vulnerability in search.asp in Keyvan1 (aka Keyvan ...)
+CVE-2006-4872
 	NOT-FOR-US: ECardPro
-CVE-2006-4871 (SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan ...)
+CVE-2006-4871
 	NOT-FOR-US: EShoppingPro
-CVE-2006-4870 (Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, ...)
+CVE-2006-4870
 	NOT-FOR-US: AEDating
-CVE-2006-4869 (PHP remote file inclusion vulnerability in phpunity-postcard.php in ...)
+CVE-2006-4869
 	NOT-FOR-US: phpunity.postcard
-CVE-2006-4868 (Stack-based buffer overflow in the Vector Graphics Rendering engine ...)
+CVE-2006-4868
 	NOT-FOR-US: Microsoft
-CVE-2006-4867 (SQL injection vulnerability in mods.php in GNUTurk 2G and earlier ...)
+CVE-2006-4867
 	NOT-FOR-US: GNUTurk
-CVE-2006-4866 (Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in ...)
+CVE-2006-4866
 	NOT-FOR-US: Apple
-CVE-2006-4865 (Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive ...)
+CVE-2006-4865
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4864 (PHP remote file inclusion vulnerability in index.php in All Enthusiast ...)
+CVE-2006-4864
 	NOT-FOR-US: ReviewPost
-CVE-2006-4863 (** DISPUTED ** ...)
+CVE-2006-4863
 	NOT-FOR-US: mcLinksCounter
-CVE-2006-4862 (SQL injection vulnerability in default.aspx in easypage allows remote ...)
+CVE-2006-4862
 	NOT-FOR-US: easypage
-CVE-2006-4861 (SQL injection vulnerability in loginprocess.asp in Mohammed Mehdi ...)
+CVE-2006-4861
 	NOT-FOR-US: Complain Center
-CVE-2006-4860 (Multiple unspecified vulnerabilities in (1) index.php, (2) ...)
+CVE-2006-4860
 	NOT-FOR-US: Limbo
-CVE-2006-4859 (Unrestricted file upload vulnerability in contact.html.php in the ...)
+CVE-2006-4859
 	NOT-FOR-US: Limbo
-CVE-2006-4858 (PHP remote file inclusion vulnerability in install.serverstat.php in ...)
+CVE-2006-4858
 	NOT-FOR-US: Serverstat (com_serverstat) component for Mambo
-CVE-2006-4857 (SQL injection vulnerability in default.asp (aka the login page) in ...)
+CVE-2006-4857
 	NOT-FOR-US: ClickBlog
-CVE-2006-4856 (Multiple cross-site scripting (XSS) vulnerabilities in Roller ...)
+CVE-2006-4856
 	NOT-FOR-US: WebLogger
-CVE-2006-4855 (The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 ...)
+CVE-2006-4855
 	NOT-FOR-US: Symantec
 CVE-2006-4854
 	REJECTED
-CVE-2006-4853 (SQL injection vulnerability in kategorix.asp in Haberx 1.02 through ...)
+CVE-2006-4853
 	NOT-FOR-US: Haberx
-CVE-2006-4852 (SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 ...)
+CVE-2006-4852
 	NOT-FOR-US: QuadComm Q-Shop
-CVE-2006-4851 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4851
 	NOT-FOR-US: BolinOS
-CVE-2006-4850 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4850
 	NOT-FOR-US: BolinOS
-CVE-2006-4849 (PHP remote file inclusion vulnerability in header.php in ...)
+CVE-2006-4849
 	NOT-FOR-US: MobilePublisherPHP
-CVE-2006-4848 (** DISPUTED ** ...)
+CVE-2006-4848
 	NOT-FOR-US: Hitweb
-CVE-2006-4847 (Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix ...)
+CVE-2006-4847
 	NOT-FOR-US: WS_FTP
-CVE-2006-4846 (Unspecified vulnerability in Citrix Access Gateway with Advanced ...)
+CVE-2006-4846
 	NOT-FOR-US: Citrix
-CVE-2006-4845 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4845
 	NOT-FOR-US: TeamCal
-CVE-2006-4844 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4844
 	NOT-FOR-US: Claroline
-CVE-2006-4843 (Cross-site scripting (XSS) vulnerability in the Active Content Filter ...)
+CVE-2006-4843
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2006-4842 (The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in ...)
+CVE-2006-4842
 	- xulrunner 1.8.0.9-1 (low; bug #405062)
 	[sarge] - mozilla <no-dsa> (Minor issue)
 	NOTE: could not find setuid binary in sid, but evolution-data-server has a setgid mail binary
@@ -5331,47 +5331,47 @@ CVE-2006-4841
 	RESERVED
 CVE-2006-4840
 	REJECTED
-CVE-2006-4839 (Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of ...)
+CVE-2006-4839
 	NOT-FOR-US: Sophos
-CVE-2006-4838 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal SE ...)
+CVE-2006-4838
 	NOT-FOR-US: DCP-Portal
-CVE-2006-4837 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE ...)
+CVE-2006-4837
 	NOT-FOR-US: DCP-Portal
-CVE-2006-4836 (SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows ...)
+CVE-2006-4836
 	NOT-FOR-US: DCP-Portal
-CVE-2006-4835 (Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote ...)
+CVE-2006-4835
 	NOT-FOR-US: Blue Magic Board (BMB) (aka BMForum)
-CVE-2006-4834 (PHP remote file inclusion vulnerability in index.php in Jule Slootbeek ...)
+CVE-2006-4834
 	NOT-FOR-US: phpQuiz
-CVE-2006-4833 (Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx ...)
+CVE-2006-4833
 	NOT-FOR-US: NetPerformer
-CVE-2006-4832 (Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT ...)
+CVE-2006-4832
 	NOT-FOR-US: NetPerformer
-CVE-2006-4831 (Unspecified vulnerability in IP over DNS is now easy (iodine) before ...)
+CVE-2006-4831
 	NOT-FOR-US: IP over DNS is now easy (iodine)
-CVE-2006-4830 (Directory traversal vulnerability in EditBlogTemplatesPlugin.java in ...)
+CVE-2006-4830
 	NOT-FOR-US: Blojsom
-CVE-2006-4829 (Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki ...)
+CVE-2006-4829
 	NOT-FOR-US: Blojsom
-CVE-2006-4828 (PHP remote file inclusion vulnerability in zipndownload.php in ...)
+CVE-2006-4828
 	NOT-FOR-US: PhotoPost
-CVE-2006-4827 (Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat ...)
+CVE-2006-4827
 	NOT-FOR-US: Vmist Downstat
-CVE-2006-4826 (PHP remote file inclusion vulnerability in bottom.php in Shadowed ...)
+CVE-2006-4826
 	NOT-FOR-US: Shadowed Portal
-CVE-2006-4825 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-4825
 	NOT-FOR-US: PHP Event Calendar
-CVE-2006-4824 (PHP remote file inclusion vulnerability in lib/activeutil.php in ...)
+CVE-2006-4824
 	NOT-FOR-US: Quicksilver Forums (QSF)
-CVE-2006-4823 (PHP remote file inclusion vulnerability in scripts/news_page.php in ...)
+CVE-2006-4823
 	NOT-FOR-US: Magic News
-CVE-2006-4822 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-4822
 	NOT-FOR-US: emuCMS
-CVE-2006-4821 (Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Userreview ...)
+CVE-2006-4821
 	NOT-FOR-US: Drupal Userreview module
-CVE-2006-4820 (Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and ...)
+CVE-2006-4820
 	NOT-FOR-US: HP-UX
-CVE-2006-4819 (Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote ...)
+CVE-2006-4819
 	NOT-FOR-US: Opera
 CVE-2006-4818
 	RESERVED
@@ -5381,43 +5381,43 @@ CVE-2006-4816
 	RESERVED
 CVE-2006-4815
 	RESERVED
-CVE-2006-4814 (The mincore function in the Linux kernel before 2.4.33.6 does not ...)
+CVE-2006-4814
 	{DSA-1503-2 DSA-1503-1 DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-9 (low)
 	- kernel-patch-openvz 028.18.1
-CVE-2006-4813 (The __block_prepare_write function in fs/buffer.c for Linux kernel ...)
+CVE-2006-4813
 	{DSA-1233}
 	- linux-2.6 2.6.13-1
-CVE-2006-4812 (Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote ...)
+CVE-2006-4812
 	- php4 <not-affected>
 	- php5 5.1.6-5 (bug #391586)
-CVE-2006-4811 (Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 ...)
+CVE-2006-4811
 	{DSA-1200-1}
 	- qt-x11-free 3:3.3.7-1 (bug #394192; bug #394313)
 	- qt4-x11 4.2.1-1 (bug #394192)
-CVE-2006-4810 (Buffer overflow in the readline function in util/texindex.c, as used ...)
+CVE-2006-4810
 	{DSA-1219}
 	- texinfo 4.8.dfsg.1-4
-CVE-2006-4809 (Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, ...)
+CVE-2006-4809
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4808 (Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and ...)
+CVE-2006-4808
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4807 (loader_tga.c in imlib2 before 1.2.1, and possibly other versions, ...)
+CVE-2006-4807
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4806 (Multiple integer overflows in imlib2 allow user-assisted remote ...)
+CVE-2006-4806
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4805 (epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in ...)
+CVE-2006-4805
 	{DSA-1201-1}
 	- wireshark 0.99.4-1 (bug #396258; medium)
 CVE-2006-4804
 	RESERVED
-CVE-2006-4803 (The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager ...)
+CVE-2006-4803
 	NOT-FOR-US: Novell Identity Manager
-CVE-2006-4802 (Format string vulnerability in the Real Time Virus Scan service in ...)
+CVE-2006-4802
 	NOT-FOR-US: Symantec
-CVE-2006-4801 (Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and ...)
+CVE-2006-4801
 	NOT-FOR-US: Roxio Toast
-CVE-2006-4800 (Multiple buffer overflows in libavcodec in ffmpeg before ...)
+CVE-2006-4800
 	{DSA-1215}
 	- ffmpeg 0.cvs20060329-1
 	- xmovie <removed>
@@ -5426,23 +5426,23 @@ CVE-2006-4800 (Multiple buffer overflows in libavcodec in ffmpeg before ...)
 	- gstreamer0.10-ffmpeg 0.10.1-3 (medium; bug #401311)
 	- mplayer 1.0~rc1-1
 	NOTE: according to the changelog, libxine (starting from 1.1.2-4) links dynamically against ffmpeg
-CVE-2006-4799 (Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow ...)
+CVE-2006-4799
 	{DSA-1215}
 	- xine-lib 1.1.2-1 (bug #369876; medium)
 	NOTE: according to the changelog, libxine (starting from 1.1.2-4) links dynamically against ffmpeg
-CVE-2006-4798 (SQL-Ledger before 2.4.4 stores a password in a query string, which ...)
+CVE-2006-4798
 	- sql-ledger 2.4.5-1
-CVE-2006-4797 (Cross-site scripting (XSS) vulnerability in tag.php in CloudNine ...)
+CVE-2006-4797
 	NOT-FOR-US: CJ Tag Board
-CVE-2006-4796 (Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums ...)
+CVE-2006-4796
 	NOT-FOR-US: Snitz Forums
-CVE-2006-4795 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
+CVE-2006-4795
 	NOT-FOR-US: HP-UX
-CVE-2006-4794 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 ...)
+CVE-2006-4794
 	NOT-FOR-US: e107
-CVE-2006-4793 (Multiple SQL injection vulnerabilities in icerik.asp in TualBLOG 1.0 ...)
+CVE-2006-4793
 	NOT-FOR-US: TualBLOG
-CVE-2006-5778 (ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir ...)
+CVE-2006-5778
 	{DSA-1217}
 	- linux-ftpd 0.17-23 (low; bug #384454)
 CVE-2006-XXXX [ejabberd HTML code injection]
@@ -5451,127 +5451,127 @@ CVE-2006-4792
 	RESERVED
 CVE-2006-4791
 	RESERVED
-CVE-2006-4789 (Buffer overflow in Open Movie Editor 0.0.20060901 allows local users ...)
+CVE-2006-4789
 	NOT-FOR-US: Open Movie Editor
-CVE-2006-4788 (PHP remote file inclusion vulnerability in includes/log.inc.php in ...)
+CVE-2006-4788
 	NOT-FOR-US: SignKorn Guestbook
-CVE-2006-4787 (AlphaMail before 1.0.16 allows local users to obtain sensitive ...)
+CVE-2006-4787
 	NOT-FOR-US: AlphaMail
-CVE-2006-4786 (Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2006-4786
 	- moodle 1.6.2-1 (low)
-CVE-2006-4785 (SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and ...)
+CVE-2006-4785
 	- moodle 1.6.2-1 (medium; bug #387177)
-CVE-2006-4784 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 ...)
+CVE-2006-4784
 	- moodle 1.6.2-1 (low)
-CVE-2006-4783 (SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and ...)
+CVE-2006-4783
 	NOT-FOR-US: WebSPELL
-CVE-2006-4782 (src/index.php in WebSPELL 4.01.01 and earlier, when register_globals ...)
+CVE-2006-4782
 	NOT-FOR-US: WebSPELL
-CVE-2006-4781 (Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded ...)
+CVE-2006-4781
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2006-4780 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2006-4780
 	NOT-FOR-US: phpBB XS
-CVE-2006-4779 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4779
 	NOT-FOR-US: Vitrax Premodded phpBB
-CVE-2006-4778 (SQL injection vulnerability in Creative Commons Tools ccHost before ...)
+CVE-2006-4778
 	NOT-FOR-US: Creative Commons Tools ccHost
-CVE-2006-4777 (Heap-based buffer overflow in the DirectAnimation Path Control ...)
+CVE-2006-4777
 	NOT-FOR-US: DirectAnimation.PathControl
-CVE-2006-4776 (Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature ...)
+CVE-2006-4776
 	NOT-FOR-US: Cisco
-CVE-2006-4775 (The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and ...)
+CVE-2006-4775
 	NOT-FOR-US: Cisco
-CVE-2006-4774 (The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows ...)
+CVE-2006-4774
 	NOT-FOR-US: Cisco
-CVE-2006-4773 (Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and ...)
+CVE-2006-4773
 	NOT-FOR-US: Sun StorEdge
-CVE-2006-4772 (HotPlug CMS stores sensitive information under the web root with ...)
+CVE-2006-4772
 	NOT-FOR-US: HotPlug CMS
-CVE-2006-4771 (Cross-site scripting (XSS) vulnerability in haut.php in ForumJBC 4 ...)
+CVE-2006-4771
 	NOT-FOR-US: ForumJBC
-CVE-2006-4770 (PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0 ...)
+CVE-2006-4770
 	NOT-FOR-US: MiniPort@l
-CVE-2006-4769 (PHP remote file inclusion vulnerability in abf_js.php in p4CMS 1.05 ...)
+CVE-2006-4769
 	NOT-FOR-US: p4CMS
-CVE-2006-4768 (Multiple direct static code injection vulnerabilities in add_go.php in ...)
+CVE-2006-4768
 	NOT-FOR-US: Stefan Ernst Newsscript (aka WM-News)
-CVE-2006-4767 (Multiple directory traversal vulnerabilities in Stefan Ernst ...)
+CVE-2006-4767
 	NOT-FOR-US: Stefan Ernst Newsscript (aka WM-News)
-CVE-2006-4766 (Directory traversal vulnerability in print.php in Stefan Ernst ...)
+CVE-2006-4766
 	NOT-FOR-US: Stefan Ernst Newsscript (aka WM-News)
-CVE-2006-4765 (NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows ...)
+CVE-2006-4765
 	NOT-FOR-US: NETGEAR
-CVE-2006-4764 (PHP remote file inclusion vulnerability in common.php in Thomas LETE ...)
+CVE-2006-4764
 	NOT-FOR-US: WTools
-CVE-2006-4763 (IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's ...)
+CVE-2006-4763
 	NOT-FOR-US: IBM Lotus Domino Web Access
-CVE-2006-4762 (Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader ...)
+CVE-2006-4762
 	NOT-FOR-US: Ykoon RssReader
-CVE-2006-4761 (Multiple cross-site scripting (XSS) vulnerabilities in Luke Hutteman ...)
+CVE-2006-4761
 	NOT-FOR-US: SharpReader
-CVE-2006-4760 (Multiple cross-site scripting (XSS) vulnerabilities in Benjamin Pasero ...)
+CVE-2006-4760
 	NOT-FOR-US: RSSOwl
-CVE-2006-4759 (PunBB 1.2.12 does not properly handle an avatar directory pathname ...)
+CVE-2006-4759
 	NOT-FOR-US: PunBB
-CVE-2006-4758 (phpBB 2.0.21 does not properly handle pathnames ending in %00, which ...)
+CVE-2006-4758
 	{DSA-1488-1}
 	- phpbb2 2.0.21-4 (bug #388120; unimportant)
 	NOTE: Only exploitable by admins, which you'd need to trust
-CVE-2006-4757 (Multiple SQL injection vulnerabilities in the admin section in e107 ...)
+CVE-2006-4757
 	NOT-FOR-US: e107
-CVE-2006-4756 (SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and ...)
+CVE-2006-4756
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-4755 (Cross-site scripting (XSS) vulnerability in alpha.php in ...)
+CVE-2006-4755
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-4754 (Cross-site scripting (XSS) vulnerability in index.php in PHProg before ...)
+CVE-2006-4754
 	NOT-FOR-US: PHProg
-CVE-2006-4753 (Directory traversal vulnerability in index.php in PHProg before 1.1 ...)
+CVE-2006-4753
 	NOT-FOR-US: PHProg
-CVE-2006-4752 (Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote ...)
+CVE-2006-4752
 	NOT-FOR-US: Laurentiu Matei eXpandable Home Page (XHP) CMS
-CVE-2006-4751 (Cross-site scripting (XSS) vulnerability in index.php in Laurentiu ...)
+CVE-2006-4751
 	NOT-FOR-US: Laurentiu Matei eXpandable Home Page (XHP) CMS
-CVE-2006-4750 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4750
 	NOT-FOR-US: OPENi-CMS
-CVE-2006-4749 (Multiple PHP remote file inclusion vulnerabilities in PHP Advanced ...)
+CVE-2006-4749
 	NOT-FOR-US: PHP Advanced Transfer Manager (phpATM)
-CVE-2006-4748 (Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow ...)
+CVE-2006-4748
 	NOT-FOR-US: F-ART BLOG:CMS
-CVE-2006-4747 (Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot ...)
+CVE-2006-4747
 	NOT-FOR-US: IdevSpot TextAds
-CVE-2006-4746 (PHP remote file inclusion vulnerability in news/include/customize.php ...)
+CVE-2006-4746
 	NOT-FOR-US: Web Server Creator
-CVE-2006-4745 (ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to ...)
+CVE-2006-4745
 	NOT-FOR-US: ScaryBear PocketExpense Pro
-CVE-2006-4744 (Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication ...)
+CVE-2006-4744
 	NOT-FOR-US: Abidia (1) O-Anywhere and (2) Abidia Wireless
-CVE-2006-4743 (WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain ...)
+CVE-2006-4743
 	- wordpress 2.0.5-0.1 (unimportant)
 	NOTE: path disclosure only
-CVE-2006-4742 (Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot ...)
+CVE-2006-4742
 	NOT-FOR-US: PhpLinkExchange
-CVE-2006-4741 (PHP remote file inclusion vulnerability in bits_listings.php in ...)
+CVE-2006-4741
 	NOT-FOR-US: PhpLinkExchange
-CVE-2006-4740 (Jetbox CMS allows remote attackers to obtain sensitive information via ...)
+CVE-2006-4740
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4739 (Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS ...)
+CVE-2006-4739
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4738 (PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS ...)
+CVE-2006-4738
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4737 (SQL injection vulnerability in index.php in Jetbox CMS allows remote ...)
+CVE-2006-4737
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4736 (Multiple SQL injection vulnerabilities in index.php in CMS.R. 5.5 ...)
+CVE-2006-4736
 	NOT-FOR-US: CMS.R
-CVE-2006-4735 (Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain ...)
+CVE-2006-4735
 	- magpierss <unfixed> (unimportant)
 	NOTE: path disclosure only
-CVE-2006-4734 (Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php ...)
+CVE-2006-4734
 	- tikiwiki 1.9.5+dfsg1-2 (medium; bug #388122)
-CVE-2006-4733 (PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in ...)
+CVE-2006-4733
 	NOT-FOR-US: simple, integrated publishing system (SIPS)
-CVE-2006-4732 (Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an ...)
+CVE-2006-4732
 	NOT-FOR-US: Microsoft
-CVE-2006-4731 (Multiple directory traversal vulnerabilities in (1) login.pl and (2) ...)
+CVE-2006-4731
 	{DSA-1239-1}
 	- sql-ledger 2.6.19-1
 CVE-2006-4730
@@ -5580,57 +5580,57 @@ CVE-2006-4729
 	RESERVED
 CVE-2006-4728
 	RESERVED
-CVE-2006-4727 (Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in ...)
+CVE-2006-4727
 	NOT-FOR-US: Tumbleweed EMF Administration Module
-CVE-2006-4726 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 ...)
+CVE-2006-4726
 	NOT-FOR-US: Adobe
-CVE-2006-4725 (Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security ...)
+CVE-2006-4725
 	NOT-FOR-US: Adobe
-CVE-2006-4724 (Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ...)
+CVE-2006-4724
 	NOT-FOR-US: Adobe
-CVE-2006-4723 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4723
 	NOT-FOR-US: RaidenHTTPD
-CVE-2006-4722 (PHP remote file inclusion vulnerability in Open Bulletin Board ...)
+CVE-2006-4722
 	NOT-FOR-US: Open Bulletin Board (OpenBB)
-CVE-2006-4721 (Directory traversal vulnerability in admin.php in CCleague Pro Sports ...)
+CVE-2006-4721
 	NOT-FOR-US: CCleague Pro Sports CMS
-CVE-2006-4720 (PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO ...)
+CVE-2006-4720
 	NOT-FOR-US: mcGalleryPRO
-CVE-2006-4719 (Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb ...)
+CVE-2006-4719
 	NOT-FOR-US: MyABraCaDaWeb
-CVE-2006-4718 (Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in ...)
+CVE-2006-4718
 	NOT-FOR-US: KorviBlog
-CVE-2006-4717 (The login redirection mechanism in the Drupal 4.7 Pubcookie module ...)
+CVE-2006-4717
 	NOT-FOR-US: Pubcookie module for Drupal
-CVE-2006-4716 (PHP remote file inclusion vulnerability in demarrage.php in Fire Soft ...)
+CVE-2006-4716
 	NOT-FOR-US: Fire Soft Board (FSB)
-CVE-2006-4715 (SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo ...)
+CVE-2006-4715
 	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
-CVE-2006-4714 (PHP remote file inclusion vulnerability in index.php in SpoonLabs ...)
+CVE-2006-4714
 	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
-CVE-2006-4713 (PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA ...)
+CVE-2006-4713
 	NOT-FOR-US: PSYWERKS PUMA
-CVE-2006-4712 (Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 ...)
+CVE-2006-4712
 	- firefox-sage 1.3.6-3 (bug #388149; medium)
-CVE-2006-4711 (Multiple cross-site scripting (XSS) vulnerabilities in Sage allow ...)
+CVE-2006-4711
 	- firefox-sage 1.3.6-3 (bug #388149; medium)
-CVE-2006-4710 (Multiple cross-site scripting (XSS) vulnerabilities in NewsGator ...)
+CVE-2006-4710
 	NOT-FOR-US: NewsGator FeedDemon
-CVE-2006-4709 (SQL injection vulnerability in topic.php in Vikingboard 0.1b allows ...)
+CVE-2006-4709
 	NOT-FOR-US: Vikingboard
-CVE-2006-4708 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard ...)
+CVE-2006-4708
 	NOT-FOR-US: Vikingboard
-CVE-2006-4707 (Cross-site scripting (XSS) vulnerability in admin/global.php (aka the ...)
+CVE-2006-4707
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4706 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
+CVE-2006-4706
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4705 (SQL injection vulnerability in login.php in dwayner79 and Dominic ...)
+CVE-2006-4705
 	NOT-FOR-US: Timesheet (aka Timesheet.php)
-CVE-2006-4704 (Cross-zone scripting vulnerability in the WMI Object Broker ...)
+CVE-2006-4704
 	NOT-FOR-US: Microsoft
 CVE-2006-4703
 	REJECTED
-CVE-2006-4702 (Buffer overflow in the Windows Media Format Runtime in Microsoft ...)
+CVE-2006-4702
 	NOT-FOR-US: Microsoft
 CVE-2006-4701
 	REJECTED
@@ -5640,164 +5640,164 @@ CVE-2006-4699
 	REJECTED
 CVE-2006-4698
 	REJECTED
-CVE-2006-4697 (Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects ...)
+CVE-2006-4697
 	NOT-FOR-US: Microsoft
-CVE-2006-4696 (Unspecified vulnerability in the Server service in Microsoft Windows ...)
+CVE-2006-4696
 	NOT-FOR-US: Microsoft
-CVE-2006-4695 (Unspecified vulnerability in certain COM objects in Microsoft Office ...)
+CVE-2006-4695
 	NOT-FOR-US: Microsoft Office
-CVE-2006-4694 (Unspecified vulnerability in PowerPoint in Microsoft Office 2000, ...)
+CVE-2006-4694
 	NOT-FOR-US: Microsoft
-CVE-2006-4693 (Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for ...)
+CVE-2006-4693
 	NOT-FOR-US: Microsoft Word
-CVE-2006-4692 (Argument injection vulnerability in the Windows Object Packager ...)
+CVE-2006-4692
 	NOT-FOR-US: Microsoft Word
-CVE-2006-4691 (Stack-based buffer overflow in the NetpManageIPCConnect function in ...)
+CVE-2006-4691
 	NOT-FOR-US: Microsoft
 CVE-2006-4690
 	REJECTED
-CVE-2006-4689 (Unspecified vulnerability in the driver for the Client Service for ...)
+CVE-2006-4689
 	NOT-FOR-US: Microsoft
-CVE-2006-4688 (Buffer overflow in Client Service for NetWare (CSNW) in Microsoft ...)
+CVE-2006-4688
 	NOT-FOR-US: Microsoft
-CVE-2006-4687 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
+CVE-2006-4687
 	NOT-FOR-US: Microsoft
-CVE-2006-4686 (Buffer overflow in the Extensible Stylesheet Language Transformations ...)
+CVE-2006-4686
 	NOT-FOR-US: Microsoft
-CVE-2006-4685 (The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core ...)
+CVE-2006-4685
 	NOT-FOR-US: Microsoft
-CVE-2006-4684 (The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 ...)
+CVE-2006-4684
 	{DSA-1176-1}
 	- zope2.7 <removed>
 	- zope2.8 2.8.8-2
-CVE-2006-4683 (IBM Director before 5.10 allows remote attackers to obtain sensitive ...)
+CVE-2006-4683
 	NOT-FOR-US: IBM Director
-CVE-2006-4682 (Multiple unspecified vulnerabilities in IBM Director before 5.10 allow ...)
+CVE-2006-4682
 	NOT-FOR-US: IBM Director
-CVE-2006-4681 (Directory traversal vulnerability in Redirect.bat in IBM Director ...)
+CVE-2006-4681
 	NOT-FOR-US: IBM Director
-CVE-2006-4680 (The Remote UI in Canon imageRUNNER includes usernames and passwords ...)
+CVE-2006-4680
 	NOT-FOR-US: Canon imageRUNNER
-CVE-2006-4679 (DokuWiki before 2006-03-09c enables the debug feature by default, ...)
+CVE-2006-4679
 	- dokuwiki 0.0.20060309-5.1 (low; bug #388082)
-CVE-2006-4678 (PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows ...)
+CVE-2006-4678
 	NOT-FOR-US: News Evolution
-CVE-2006-4677 (** DISPUTED ** ...)
+CVE-2006-4677
 	NOT-FOR-US: phpopenchat
-CVE-2006-4676 (TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and ...)
+CVE-2006-4676
 	NOT-FOR-US: TIBCO RendezVous
-CVE-2006-4675 (Unrestricted file upload vulnerability in lib/exe/media.php in ...)
+CVE-2006-4675
 	- dokuwiki 0.0.20060309-5.1 (medium; bug #388082)
-CVE-2006-4674 (Direct static code injection vulnerability in doku.php in DokuWiki ...)
+CVE-2006-4674
 	- dokuwiki 0.0.20060309-5.1 (medium; bug #388082)
-CVE-2006-4673 (Global variable overwrite vulnerability in maincore.php in PHP-Fusion ...)
+CVE-2006-4673
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-4672 (PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, ...)
+CVE-2006-4672
 	NOT-FOR-US: ppalCart
-CVE-2006-4671 (PHP remote file inclusion vulnerability in headlines.php in Fantastic ...)
+CVE-2006-4671
 	NOT-FOR-US: Fantastic News
-CVE-2006-4670 (Multiple PHP remote file inclusion vulnerabilities in PhotoKorn ...)
+CVE-2006-4670
 	NOT-FOR-US: PhotoKorn Gallery
-CVE-2006-4669 (PHP remote file inclusion vulnerability in admin/system/include.php in ...)
+CVE-2006-4669
 	NOT-FOR-US: Somery
-CVE-2006-4668 (Cross-site scripting (XSS) vulnerability in index.php in Rob Hensley ...)
+CVE-2006-4668
 	NOT-FOR-US: AckerTodo
-CVE-2006-4667 (Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote ...)
+CVE-2006-4667
 	NOT-FOR-US: RunCMS
-CVE-2006-4666 (Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst ...)
+CVE-2006-4666
 	NOT-FOR-US: Newsscript (aka WM-News)
-CVE-2006-4665 (Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 ...)
+CVE-2006-4665
 	NOT-FOR-US: MKPortal
-CVE-2006-4664 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4664
 	NOT-FOR-US: Premod Shadow
-CVE-2006-4663 (** DISPUTED ** ...)
+CVE-2006-4663
 	NOT-FOR-US: User problem
-CVE-2006-4662 (Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ ...)
+CVE-2006-4662
 	NOT-FOR-US: AOL ICQ
-CVE-2006-4661 (AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) does not ...)
+CVE-2006-4661
 	NOT-FOR-US: AOL ICQ Toolbar
-CVE-2006-4660 (Multiple cross-site scripting (XSS) vulnerabilities in the RSS Feed ...)
+CVE-2006-4660
 	NOT-FOR-US: AOL ICQ Toolbar
-CVE-2006-4659 (The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 ...)
+CVE-2006-4659
 	NOT-FOR-US: Panda Platinum Internet Security
-CVE-2006-4658 (Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses ...)
+CVE-2006-4658
 	NOT-FOR-US: Panda Platinum Internet Security
-CVE-2006-4657 (Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 ...)
+CVE-2006-4657
 	NOT-FOR-US: Panda Platinum Internet Security
-CVE-2006-4656 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4656
 	NOT-FOR-US: Web Provence SL_Site
-CVE-2006-4655 (Buffer overflow in the Strcmp function in the XKEYBOARD extension in X ...)
+CVE-2006-4655
 	NOT-FOR-US: X11R6.4
-CVE-2006-4654 (Format string vulnerability in Easy Address Book Web Server 1.2 allows ...)
+CVE-2006-4654
 	NOT-FOR-US: Address Book Web Server
-CVE-2006-4653 ((1) Amazing Little Poll and (2) Amazing Little Picture Poll store ...)
+CVE-2006-4653
 	NOT-FOR-US: Amazing Little Poll
-CVE-2006-4652 ((1) Amazing Little Poll and (2) Amazing Little Picture Poll have a ...)
+CVE-2006-4652
 	NOT-FOR-US: Amazing Little Poll
-CVE-2006-4651 (Directory traversal vulnerability in download/index.php, and possibly ...)
+CVE-2006-4651
 	NOT-FOR-US: Php download
-CVE-2006-4650 (Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the ...)
+CVE-2006-4650
 	NOT-FOR-US: Cisco
-CVE-2006-4649 (PHP remote file inclusion vulnerability in bp_news.php in BinGo News ...)
+CVE-2006-4649
 	NOT-FOR-US: BinGo News
-CVE-2006-4648 (PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News ...)
+CVE-2006-4648
 	NOT-FOR-US: BinGo News
-CVE-2006-4647 (PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 ...)
+CVE-2006-4647
 	NOT-FOR-US: Sponge News
-CVE-2006-4646 (Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto ...)
+CVE-2006-4646
 	NOT-FOR-US: Drupal Pathauto module
-CVE-2006-4645 (PHP remote file inclusion vulnerability in akarru.gui/main_content.php ...)
+CVE-2006-4645
 	NOT-FOR-US: Social BookMarking Engine
-CVE-2006-4644 (PHP remote file inclusion vulnerability in modules/home.module.php in ...)
+CVE-2006-4644
 	NOT-FOR-US: phpFullAnnu
-CVE-2006-4643 (SQL injection vulnerability in consult/joueurs.php in Uni-Vert ...)
+CVE-2006-4643
 	NOT-FOR-US: PhpLeague
-CVE-2006-4642 (AuditWizard 6.3.2, when using &quot;Remote Audit,&quot; logs the administrator ...)
+CVE-2006-4642
 	NOT-FOR-US: AuditWizard
-CVE-2006-4641 (SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal ...)
+CVE-2006-4641
 	NOT-FOR-US: Muratsoft Haber Portal
-CVE-2006-4640 (Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows ...)
+CVE-2006-4640
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2006-4639 (Multiple PHP remote file inclusion vulnerabilities in C-News.fr C-News ...)
+CVE-2006-4639
 	NOT-FOR-US: C-News.fr C-News
-CVE-2006-4638 (PHP remote file inclusion vulnerability in article.php in ACGV News ...)
+CVE-2006-4638
 	NOT-FOR-US: ACGV News
-CVE-2006-4637 (Multiple PHP remote file inclusion vulnerabilities in ACGV News 0.9.1 ...)
+CVE-2006-4637
 	NOT-FOR-US: ACGV News
-CVE-2006-4636 (Directory traversal vulnerability in SZEWO PhpCommander 3.0 and ...)
+CVE-2006-4636
 	NOT-FOR-US: PhpCommander
-CVE-2006-4635 (Unspecified vulnerability in MySource Classic 2.14.6, and possibly ...)
+CVE-2006-4635
 	NOT-FOR-US: MySource Classic
-CVE-2006-4634 (Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows ...)
+CVE-2006-4634
 	NOT-FOR-US: VBZooM
-CVE-2006-4633 (index.php in SoftBB 0.1, and possibly earlier, allows remote attackers ...)
+CVE-2006-4633
 	NOT-FOR-US: SoftBB
-CVE-2006-4632 (Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly ...)
+CVE-2006-4632
 	NOT-FOR-US: SoftBB
-CVE-2006-4631 (Direct static code injection vulnerability in admin/save_opt.php in ...)
+CVE-2006-4631
 	NOT-FOR-US: SoftBB
-CVE-2006-4630 (PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING ...)
+CVE-2006-4630
 	NOT-FOR-US: MySpeach
-CVE-2006-4629 (PHP remote file inclusion vulnerability in affichage/commentaires.php ...)
+CVE-2006-4629
 	NOT-FOR-US: C-News.fr C-News
-CVE-2006-4628 (Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows ...)
+CVE-2006-4628
 	NOT-FOR-US: VCD-db
-CVE-2006-4627 (System Information ActiveX control (msinfo.dll), when accessed via ...)
+CVE-2006-4627
 	NOT-FOR-US: System Information ActiveX control
-CVE-2006-4626 (Heap-based buffer overflow in alwil avast! Anti-virus Engine before ...)
+CVE-2006-4626
 	NOT-FOR-US: avast! Anti-virus Engine
-CVE-2006-4625 (PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass ...)
+CVE-2006-4625
 	- php4 4:4.4.4-1 (bug #391282; unimportant)
 	- php5 5.2.0-1 (bug #391281; unimportant)
 	NOTE: open_basedir violations not supported in Debian's PHP
-CVE-2006-4624 (CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 ...)
+CVE-2006-4624
 	{DSA-1188-1}
 	- mailman 1:2.1.8-3
-CVE-2006-4623 (The Unidirectional Lightweight Encapsulation (ULE) decapsulation ...)
+CVE-2006-4623
 	{DSA-1304}
 	- linux-2.6 2.6.18-1
-CVE-2006-4790 (verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent ...)
+CVE-2006-4790
 	{DSA-1182-1}
 	NOTE: GNUTLS-SA-2006-4
 	- gnutls13 1.4.4-1 (high)
@@ -5808,426 +5808,426 @@ CVE-2006-XXXX [gnutls Adaptive Chosen Ciphertext Attack]
 	- gnutls13 1.4.3-1 (unimportant)
 	- gnutls12 <removed> (unimportant)
 	- gnutls11 <removed> (unimportant)
-CVE-2006-4622 (PHP remote file inclusion vulnerability in annonce.php in AnnonceV ...)
+CVE-2006-4622
 	NOT-FOR-US: AnnonceV
-CVE-2006-4621 (PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, ...)
+CVE-2006-4621
 	NOT-FOR-US: Pheap
-CVE-2006-4620 (The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with ...)
+CVE-2006-4620
 	NOT-FOR-US: Alt-N WebAdmin
-CVE-2006-4619 (The start update window in update.exe in Avira AntiVir PersonalEdition ...)
+CVE-2006-4619
 	NOT-FOR-US: Avira
-CVE-2006-4618 (PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in ...)
+CVE-2006-4618
 	- libphp-adodb <not-affected> (vulnerable code seems to be In-link specific)
 	- egroupware <not-affected> (vulnerable code seems to be In-link specific)
 	- moodle <not-affected> (vulnerable code seems to be In-link specific)
 	- phppgadmin <not-affected> (vulnerable code seems to be In-link specific)
 	- gallery2 <not-affected> (vulnerable code seems to be In-link specific)
 	- phpwiki <not-affected> (vulnerable code seems to be In-link specific)
-CVE-2006-4617 (Unrestricted file upload vulnerability in fileupload.html in vtiger ...)
+CVE-2006-4617
 	NOT-FOR-US: vtiger CRM
-CVE-2006-4616 (SMTP service in MailEnable Standard, Professional, and Enterprise ...)
+CVE-2006-4616
 	NOT-FOR-US: MailEnable
-CVE-2006-4615 (Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores ...)
+CVE-2006-4615
 	NOT-FOR-US: Shape Services
-CVE-2006-4614 (PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords ...)
+CVE-2006-4614
 	NOT-FOR-US: PDAapps Verichat
-CVE-2006-4613 (Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow ...)
+CVE-2006-4613
 	NOT-FOR-US: SnapGear
-CVE-2006-4612 (SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows ...)
+CVE-2006-4612
 	NOT-FOR-US: ZIXForum
-CVE-2006-4611 (Buffer overflow in the _tor_resolve function in dsocks.c in dsocks ...)
+CVE-2006-4611
 	NOT-FOR-US: dsocks
-CVE-2006-4610 (PHP remote file inclusion vulnerability in index.php in GrapAgenda ...)
+CVE-2006-4610
 	NOT-FOR-US: GrapAgenda
-CVE-2006-4609 (** DISPUTED ** ...)
+CVE-2006-4609
 	NOT-FOR-US: PHProjekt
-CVE-2006-4608 (Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome ...)
+CVE-2006-4608
 	NOT-FOR-US: php-Revista
-CVE-2006-4607 (admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote ...)
+CVE-2006-4607
 	NOT-FOR-US: php-Revista
-CVE-2006-4606 (Multiple SQL injection vulnerabilities in Longino Jacome php-Revista ...)
+CVE-2006-4606
 	NOT-FOR-US: php-Revista
-CVE-2006-4605 (PHP remote file inclusion vulnerability in index.php in Longino Jacome ...)
+CVE-2006-4605
 	NOT-FOR-US: php-Revista
-CVE-2006-4604 (PHP remote file inclusion vulnerability in LFXlib/access_manager.php ...)
+CVE-2006-4604
 	NOT-FOR-US: Lanifex Database of Managed Objects (DMO)
-CVE-2006-4603 (NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass ...)
+CVE-2006-4603
 	NOT-FOR-US: Swift Sound Web Dictate
-CVE-2006-4601 (SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows ...)
+CVE-2006-4601
 	NOT-FOR-US: 1Two
-CVE-2006-4600 (slapd in OpenLDAP before 2.3.25 allows remote authenticated users with ...)
+CVE-2006-4600
 	- openldap2.3 2.3.25-1
 	- openldap2.2 <removed> (low)
 	- openldap2 <not-affected> (low) (slapd not built from this version)
-CVE-2006-4599 (SQL injection vulnerability in aut_verifica.inc.php in Autentificator ...)
+CVE-2006-4599
 	NOT-FOR-US: Autentificator
-CVE-2006-4598 (Multiple SQL injection vulnerabilities in links.php in ssLinks 1.22 ...)
+CVE-2006-4598
 	NOT-FOR-US: ssLinks
-CVE-2006-4597 (SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier ...)
+CVE-2006-4597
 	NOT-FOR-US: ICBlogger
-CVE-2006-4596 (PHP remote file inclusion in MyBace Light Skrip, when register_globals ...)
+CVE-2006-4596
 	NOT-FOR-US: MyBace Light Skrip
-CVE-2006-4595 (muforum (&#181;forum) 0.4c stores membres/members.dat under the web ...)
+CVE-2006-4595
 	NOT-FOR-US: muforum
-CVE-2006-4594 (Multiple PHP remote file inclusion vulnerabilities in PHP Advanced ...)
+CVE-2006-4594
 	NOT-FOR-US: phpAtm
-CVE-2006-4593 (Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 ...)
+CVE-2006-4593
 	NOT-FOR-US: SoftBB
-CVE-2006-4592 (Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple ...)
+CVE-2006-4592
 	NOT-FOR-US: Simple Blog
-CVE-2006-4591 (Multiple PHP remote file inclusion vulnerabilities in AlstraSoft ...)
+CVE-2006-4591
 	NOT-FOR-US: AltraSoft Template Seller
-CVE-2006-4590 (SQL injection vulnerability in admin/default.asp in Jetstat.com JS ASP ...)
+CVE-2006-4590
 	NOT-FOR-US: Jetstat.com JS ASP Faq Manager
-CVE-2006-4589 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4589
 	NOT-FOR-US: DynCMS
-CVE-2006-4588 (vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to ...)
+CVE-2006-4588
 	NOT-FOR-US: vtiger CRM
-CVE-2006-4587 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
+CVE-2006-4587
 	NOT-FOR-US: vtiger CRM
-CVE-2006-4586 (The admin panel in Tr Forum 2.0 accepts a username and password hash ...)
+CVE-2006-4586
 	NOT-FOR-US: Tr Forum
-CVE-2006-4585 (SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows ...)
+CVE-2006-4585
 	NOT-FOR-US: Tr Forum
-CVE-2006-4584 (Tr Forum 2.0 allows remote attackers to bypass authentication and add ...)
+CVE-2006-4584
 	NOT-FOR-US: Tr Forum
-CVE-2006-4583 (Multiple PHP remote file inclusion vulnerabilities in FlashChat before ...)
+CVE-2006-4583
 	NOT-FOR-US: FlashChat
-CVE-2006-4582 (Cross-site request forgery (CSRF) vulnerability in The Address Book 1.04e ...)
+CVE-2006-4582
 	NOT-FOR-US: The Address Book
-CVE-2006-4581 (Unrestricted file upload vulnerability in The Address Book 1.04e validates ...)
+CVE-2006-4581
 	NOT-FOR-US: The Address Book
-CVE-2006-4580 (register.php in The Address Book 1.04e allows remote attackers to ...)
+CVE-2006-4580
 	NOT-FOR-US: The Address Book
-CVE-2006-4579 (Directory traversal vulnerability in users.php in The Address Book ...)
+CVE-2006-4579
 	NOT-FOR-US: The Address Book
-CVE-2006-4578 (export.php in The Address Book 1.04e writes username and password hash ...)
+CVE-2006-4578
 	NOT-FOR-US: The Address Book
-CVE-2006-4577 (Multiple cross-site scripting (XSS) vulnerabilities in The Address Book 1.04e ...)
+CVE-2006-4577
 	NOT-FOR-US: The Address Book
-CVE-2006-4576 (Cross-site scripting (XSS) vulnerability in The Address Book 1.04e allows ...)
+CVE-2006-4576
 	NOT-FOR-US: The Address Book
-CVE-2006-4575 (Multiple SQL injection vulnerabilities in The Address Book 1.04e allow remote ...)
+CVE-2006-4575
 	NOT-FOR-US: The Address Book
-CVE-2006-4574 (Off-by-one error in the MIME Multipart dissector in Wireshark ...)
+CVE-2006-4574
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-4573 (Multiple unspecified vulnerabilities in the &quot;utf8 combining characters ...)
+CVE-2006-4573
 	{DSA-1202-1}
 	- screen 4.0.3-0.1 (bug #395225; bug #395999; medium)
-CVE-2006-4572 (ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows ...)
+CVE-2006-4572
 	- linux-2.6 2.6.18.dfsg.1-9 (medium)
-CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, ...)
+CVE-2006-4571
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-64
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (high)
 	- xulrunner 1.8.0.7-1 (high)
-CVE-2006-4570 (Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with ...)
+CVE-2006-4570
 	{DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-63
 	- thunderbird 1.5.0.7-1
 	- mozilla <removed>
-CVE-2006-4569 (The popup blocker in Mozilla Firefox before 1.5.0.7 opens the &quot;blocked ...)
+CVE-2006-4569
 	NOTE: MFSA-2006-62
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
 	- xulrunner 1.8.0.7-1 (low)
 	- thunderbird 1.5.0.7-1
 	[sarge] - mozilla-firefox <not-affected> (Regression only affecting 1.5)
-CVE-2006-4568 (Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows ...)
+CVE-2006-4568
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-61
 	- mozilla <removed> (low)
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
 	- xulrunner 1.8.0.7-1 (low)
 	- thunderbird 1.5.0.7-1
-CVE-2006-4567 (Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it ...)
+CVE-2006-4567
 	NOTE: MFSA-2006-58
 	- firefox 1.5.dfsg+1.5.0.7-1 (unimportant)
 	- thunderbird 1.5.0.7-1 (unimportant)
 	[sarge] - mozilla-firefox <unfixed> (unimportant)
 	[sarge] - mozilla-thunderbird <unfixed> (unimportant)
 	NOTE: The internal update mechanism is disabled in Debian
-CVE-2006-4566 (Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and ...)
+CVE-2006-4566
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (low)
 	- xulrunner 1.8.0.7-1 (high)
-CVE-2006-4565 (Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, ...)
+CVE-2006-4565
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- xulrunner 1.8.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (low)
-CVE-2006-4564 (SQL injection vulnerability in Sources/ManageBoards.php in Simple ...)
+CVE-2006-4564
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in the MyHeadlines before ...)
+CVE-2006-4563
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-4562 (** DISPUTED ** ...)
+CVE-2006-4562
 	NOT-FOR-US: Symantec
-CVE-2006-4561 (Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary ...)
+CVE-2006-4561
 	- xulrunner 1.8.0.7-1 (low)
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2006-4560 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to ...)
+CVE-2006-4560
 	NOT-FOR-US: Internet Explorer
-CVE-2006-4559 (Multiple PHP remote file inclusion vulnerabilities in Yet Another ...)
+CVE-2006-4559
 	NOT-FOR-US: Yet Another Community System (YACS) CMS
-CVE-2006-4558 (DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the ...)
+CVE-2006-4558
 	NOT-FOR-US: DeluxeBB
-CVE-2006-4557 (** DISPUTED ** ...)
+CVE-2006-4557
 	NOT-FOR-US: Discloser
-CVE-2006-4556 (** DISPUTED ** ...)
+CVE-2006-4556
 	NOT-FOR-US: JIM component for Mambo and Joomla!
-CVE-2006-4555 (Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control ...)
+CVE-2006-4555
 	NOT-FOR-US: Miniclip CR64Loader ActiveX control
-CVE-2006-4554 (Stack-based buffer overflow in the ReadFile function in the ...)
+CVE-2006-4554
 	NOT-FOR-US: BeCubed Compression Plus
-CVE-2006-4553 (PHP remote file inclusion vulnerability in plugin.class.php in the ...)
+CVE-2006-4553
 	NOT-FOR-US: com_comprofiler Components for Mambo and Joomla!
-CVE-2006-4552 (Cross-site scripting (XSS) vulnerability in CHXO Feedsplitter ...)
+CVE-2006-4552
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4551 (Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows ...)
+CVE-2006-4551
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4550 (Directory traversal vulnerability in CHXO Feedsplitter 2006-01-21 ...)
+CVE-2006-4550
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4549 (CHXO Feedsplitter 2006-01-21 allows remote attackers to read the ...)
+CVE-2006-4549
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4548 (e107 0.75 and earlier does not properly unset variables when the input ...)
+CVE-2006-4548
 	NOTE: this should be fixed in PHP (CVE-2006-3017)
-CVE-2006-4547 (Lyris ListManager 8.95 allows remote authenticated users to obtain ...)
+CVE-2006-4547
 	NOT-FOR-US: Lyris ListManager
-CVE-2006-4546 (Lyris ListManager 8.95 allows remote authenticated users, who have ...)
+CVE-2006-4546
 	NOT-FOR-US: Lyris ListManager
-CVE-2006-4545 (** DISPUTED ** ...)
+CVE-2006-4545
 	NOT-FOR-US: ModuleBased CMS Pre-Alpha
-CVE-2006-4544 (Multiple PHP remote file inclusion vulnerabilities in ExBB 1.9.1, when ...)
+CVE-2006-4544
 	NOT-FOR-US: ExBB
-CVE-2006-4543 (Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 ...)
+CVE-2006-4543
 	NOT-FOR-US: HLStats
-CVE-2006-4542 (Webmin before 1.296 and Usermin before 1.226 do not properly handle a ...)
+CVE-2006-4542
 	{DSA-1199-1}
 	- webmin <removed> (bug #391284)
 	- usermin <removed>
-CVE-2006-4541 (RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly ...)
+CVE-2006-4541
 	NOT-FOR-US: BlackICE PC Protection
-CVE-2006-4540 (Cross-site scripting (XSS) vulnerability in learncenter.asp in ...)
+CVE-2006-4540
 	NOT-FOR-US: Learn.com LearnCenter
-CVE-2006-4539 ((1) includes/widgets/module_company_tickets.php and (2) ...)
+CVE-2006-4539
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-4538 (Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC ...)
+CVE-2006-4538
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.17-9
-CVE-2006-4537 (NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and ...)
+CVE-2006-4537
 	NOT-FOR-US: OpenVMS
-CVE-2006-4536 (SQL injection vulnerability in module/rejestracja.php in CMS Frogss ...)
+CVE-2006-4536
 	NOT-FOR-US: CMS Frogss
-CVE-2006-4535 (The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local ...)
+CVE-2006-4535
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.18-1
-CVE-2006-4534 (Unspecified vulnerability in Microsoft Word 2000, 2002, and Office ...)
+CVE-2006-4534
 	NOT-FOR-US: Microsoft
-CVE-2006-4533 (Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6 ...)
+CVE-2006-4533
 	NOT-FOR-US: Plume CMS
-CVE-2006-4532 (PHP remote file inclusion vulnerability in articles/article.php in Yet ...)
+CVE-2006-4532
 	NOT-FOR-US: Yet Another Community System (YACS) CMS
-CVE-2006-4531 (PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS ...)
+CVE-2006-4531
 	NOT-FOR-US: Pheap CMS
-CVE-2006-4530 (Direct static code injection vulnerability in include/change.php in ...)
+CVE-2006-4530
 	NOT-FOR-US: membrepass
-CVE-2006-4529 (SQL injection vulnerability in recherchemembre.php in membrepass 1.5. ...)
+CVE-2006-4529
 	NOT-FOR-US: membrepass
-CVE-2006-4528 (Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5 ...)
+CVE-2006-4528
 	NOT-FOR-US: membrepass
-CVE-2006-4527 (includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when ...)
+CVE-2006-4527
 	NOT-FOR-US: CubeCart
-CVE-2006-4526 (SQL injection vulnerability in includes/content/viewCat.inc.php in ...)
+CVE-2006-4526
 	NOT-FOR-US: CubeCart
-CVE-2006-4525 (Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and ...)
+CVE-2006-4525
 	NOT-FOR-US: CubeCart
-CVE-2006-4524 (Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz ...)
+CVE-2006-4524
 	NOT-FOR-US: Digiappz Freekot
-CVE-2006-4523 (The web-based management interface in 2Wire, Inc. HomePortal and ...)
+CVE-2006-4523
 	NOT-FOR-US: 2Wire
-CVE-2006-4522 (Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows ...)
+CVE-2006-4522
 	NOT-FOR-US: IBM AIX
 CVE-2006-XXXX [hostapd dos]
 	- hostapd 1:0.5.4-1
 	[sarge] - hostapd <not-affected> (Vulnerable code not present)
-CVE-2006-4521 (The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS ...)
+CVE-2006-4521
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4520 (ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 ...)
+CVE-2006-4520
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4519 (Multiple integer overflows in the image loader plug-ins in GIMP before ...)
+CVE-2006-4519
 	{DSA-1335-1}
 	- gimp 2.2.16-1 (medium)
 	NOTE: Security problems were fixed in 2.2.16, but only 2.2.17 fixes a PSD regression
-CVE-2006-4518 (Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a ...)
+CVE-2006-4518
 	NOT-FOR-US: Qbik WinGate
-CVE-2006-4517 (Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a ...)
+CVE-2006-4517
 	NOT-FOR-US: Novell iManager
-CVE-2006-4516 (Integer signedness error in FreeBSD 6.0-RELEASE allows local users to ...)
+CVE-2006-4516
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-4515
 	RESERVED
-CVE-2006-4514 (Heap-based buffer overflow in the ole_info_read_metabat function in ...)
+CVE-2006-4514
 	{DSA-1221-1}
 	- libgsf 1.14.2-1
-CVE-2006-4513 (Multiple integer overflows in the WV library in wvWare (formerly ...)
+CVE-2006-4513
 	- wv 1.2.4-1 (bug #396256; medium)
 	- abiword 2.4.6-1
 	[sarge] - abiword 2.4.6-1.1 (bug #396360)
 	NOTE: exact abiword fixed version not known, but <= 2.4.6-1
 CVE-2006-4512
 	RESERVED
-CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows ...)
+CVE-2006-4511
 	NOT-FOR-US: Novell GroupWise
-CVE-2006-4510 (The evtFilteredMonitorEventsRequest function in the LDAP service in ...)
+CVE-2006-4510
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4509 (Integer overflow in the evtFilteredMonitorEventsRequest function in ...)
+CVE-2006-4509
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4508 (Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and ...)
+CVE-2006-4508
 	- tor 0.1.1.23-1
-CVE-2006-4507 (Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the ...)
+CVE-2006-4507
 	NOT-FOR-US: Sony
 	NOTE: According to the original advisory, this is just CVE-2006-3459
-CVE-2006-4506 (idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local ...)
+CVE-2006-4506
 	NOT-FOR-US: Novell Identity Manager
-CVE-2006-4505 (CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote ...)
+CVE-2006-4505
 	NOT-FOR-US: NX5Linx
-CVE-2006-4504 (SQL injection vulnerability in NX5Linx 1.0 allows remote attackers to ...)
+CVE-2006-4504
 	NOT-FOR-US: NX5Linx
-CVE-2006-4503 (Directory traversal vulnerability in link.php in NX5Linx 1.0 allows ...)
+CVE-2006-4503
 	NOT-FOR-US: NX5Linx
-CVE-2006-4502 (ezPortal/ztml CMS 1.0 allows remote attackers to bypass authentication ...)
+CVE-2006-4502
 	NOT-FOR-US: ezPortal/ztml CMS
-CVE-2006-4501 (SQL injection vulnerability in index.php in ezPortal/ztml CMS 1.0 ...)
+CVE-2006-4501
 	NOT-FOR-US: ezPortal/ztml CMS
-CVE-2006-4500 (Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml ...)
+CVE-2006-4500
 	NOT-FOR-US: ezPortal/ztml CMS
-CVE-2006-4499 (ModernBill 5.0.4 and earlier uses cURL with insecure settings for ...)
+CVE-2006-4499
 	NOT-FOR-US: ModernBill
-CVE-2006-4498 (PHP remote file inclusion vulnerability in sommaire_admin.php in ...)
+CVE-2006-4498
 	NOT-FOR-US: PortailPHP
-CVE-2006-4497 (SQL injection vulnerability in comments.php in IwebNegar 1.1 allows ...)
+CVE-2006-4497
 	NOT-FOR-US: IwebNegar
-CVE-2006-4496 (Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar ...)
+CVE-2006-4496
 	NOT-FOR-US: IwebNegar
-CVE-2006-4495 (Microsoft Internet Explorer allows remote attackers to cause a denial ...)
+CVE-2006-4495
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-4494 (Microsoft Visual Studio 6.0 allows remote attackers to cause a denial ...)
+CVE-2006-4494
 	NOT-FOR-US: Microsoft
-CVE-2006-4493 (xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with ...)
+CVE-2006-4493
 	NOT-FOR-US: xbiff2
 	NOTE: xbase-clients contains xbiff, but it is not affected as it doesn't use a .xbiffrc
-CVE-2006-4492 (Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows ...)
+CVE-2006-4492
 	NOT-FOR-US: Cybozu Office
-CVE-2006-4491 (Directory traversal vulnerability in Cybozu Collaborex, AG before ...)
+CVE-2006-4491
 	NOT-FOR-US: Cybozu Collaborex
-CVE-2006-4490 (Multiple directory traversal vulnerabilities in Cybozu Office before ...)
+CVE-2006-4490
 	NOT-FOR-US: Cybozu Office
-CVE-2006-4489 (Multiple PHP remote file inclusion vulnerabilities in MiniBill ...)
+CVE-2006-4489
 	NOT-FOR-US: MiniBill
-CVE-2006-4488 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4488
 	NOT-FOR-US: ExBB Italia
-CVE-2006-4487 (DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web ...)
+CVE-2006-4487
 	NOT-FOR-US: DUpoll
-CVE-2006-4486 (Integer overflow in memory allocation routines in PHP before 5.1.6, ...)
+CVE-2006-4486
 	{DSA-1331-1}
 	- php5 5.1.6-1
 	- php4 4:4.4.4-1
-CVE-2006-4485 (The stripos function in PHP before 5.1.5 has unknown impact and attack ...)
+CVE-2006-4485
 	- php5 5.1.6-1
 	- php4 <not-affected> (Vulnerable function doesn't exist)
-CVE-2006-4484 (Buffer overflow in the LWZReadByte_ function in ...)
+CVE-2006-4484
 	- libgd2 2.0.33-5.1 (medium; bug #384838)
 	- xloadimage <unfixed> (unimportant; bug #384841)
 	NOTE: xloadimage is a crasher only, not a security problem
-CVE-2006-4483 (The cURL extension files (1) ext/curl/interface.c and (2) ...)
+CVE-2006-4483
 	- php5 5.1.6-1 (unimportant)
 	- php4 4:4.4.4-1 (unimportant)
 	NOTE: Safe mode violations not supported, insufficient measure
-CVE-2006-4482 (Multiple heap-based buffer overflows in the (1) str_repeat and (2) ...)
+CVE-2006-4482
 	{DSA-1206-1}
 	- php5 5.1.6-1 (medium)
 	- php4 4:4.4.4-1 (medium)
-CVE-2006-4481 (The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 ...)
+CVE-2006-4481
 	- php5 5.1.6-1 (unimportant)
 	- php4 4:4.4.4-1 (unimportant)
 	NOTE: Basedir violations not supported
-CVE-2006-4480 (Incomplete blacklist vulnerability in the nk_CSS function in nuked.php ...)
+CVE-2006-4480
 	NOT-FOR-US: Nuked-Klan
-CVE-2006-4479 (Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual ...)
+CVE-2006-4479
 	NOT-FOR-US: ezContents
-CVE-2006-4478 (SQL injection vulnerability in headeruserdata.php in Visual Shapers ...)
+CVE-2006-4478
 	NOT-FOR-US: ezContents
-CVE-2006-4477 (Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ...)
+CVE-2006-4477
 	NOT-FOR-US: ezContents
-CVE-2006-4476 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...)
+CVE-2006-4476
 	NOT-FOR-US: Joomla!
-CVE-2006-4475 (Joomla! before 1.0.11 does not limit access to the Admin Popups ...)
+CVE-2006-4475
 	NOT-FOR-US: Joomla!
-CVE-2006-4474 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2006-4474
 	NOT-FOR-US: Joomla!
-CVE-2006-4473 (Unspecified vulnerability in com_content in Joomla! before 1.0.11, ...)
+CVE-2006-4473
 	NOT-FOR-US: Joomla!
-CVE-2006-4472 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow ...)
+CVE-2006-4472
 	NOT-FOR-US: Joomla!
-CVE-2006-4471 (The Admin Upload Image functionality in Joomla! before 1.0.11 allows ...)
+CVE-2006-4471
 	NOT-FOR-US: Joomla!
-CVE-2006-4470 (Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is ...)
+CVE-2006-4470
 	NOT-FOR-US: Joomla!
-CVE-2006-4469 (Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows ...)
+CVE-2006-4469
 	NOT-FOR-US: Joomla!
-CVE-2006-4468 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...)
+CVE-2006-4468
 	NOT-FOR-US: Joomla!
-CVE-2006-4467 (Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before ...)
+CVE-2006-4467
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-4466 (Joomla! before 1.0.11 does not properly unset variables when the input ...)
+CVE-2006-4466
 	NOT-FOR-US: Joomla!
-CVE-2006-4465 (** DISPUTED ** ...)
+CVE-2006-4465
 	NOT-FOR-US: Microsoft
-CVE-2006-4464 (The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, ...)
+CVE-2006-4464
 	NOT-FOR-US: Nokia
-CVE-2006-4463 (SQL injection vulnerability in the administrator control panel in ...)
+CVE-2006-4463
 	NOT-FOR-US: JS ASP Faq Manager
-CVE-2006-4462 (Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to ...)
+CVE-2006-4462
 	NOT-FOR-US: LinksCaffe
-CVE-2006-4461 (Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly ...)
+CVE-2006-4461
 	NOT-FOR-US: Paessler IPCheck Server Monitor (not related to ipcheck in Debian)
-CVE-2006-4460 (Cross-site scripting (XSS) vulnerability in PHP iAddressBook before ...)
+CVE-2006-4460
 	NOT-FOR-US: iAddressBook
-CVE-2006-4459 (Integer overflow in AnywhereUSB/5 1.80.00 allows local users to cause ...)
+CVE-2006-4459
 	NOT-FOR-US: AnywhereUSB/5
-CVE-2006-4458 (Directory traversal vulnerability in ...)
+CVE-2006-4458
 	- phpgroupware 0.9.16.011-1 (bug #386061; medium)
-CVE-2006-4457 (PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 ...)
+CVE-2006-4457
 	NOT-FOR-US: phpECard
-CVE-2006-4456 (PHP remote file inclusion vulnerability in functions.php in phpECard ...)
+CVE-2006-4456
 	NOT-FOR-US: phpECard
-CVE-2006-4455 (** DISPUTED ** ...)
+CVE-2006-4455
 	- xchat <not-affected> (not reproducible)
-CVE-2006-4454 (Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats ...)
+CVE-2006-4454
 	NOT-FOR-US: HLstats
-CVE-2006-4453 (Cross-site scripting (XSS) vulnerability in PmWiki before 2.1.18 ...)
+CVE-2006-4453
 	NOT-FOR-US: PmWiki
-CVE-2006-4452 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4452
 	NOT-FOR-US: Web3news
-CVE-2006-4451 (Direct static code injection vulnerability in CJ Tag Board 3.0 allows ...)
+CVE-2006-4451
 	NOT-FOR-US: Tag Board
-CVE-2006-4450 (usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, ...)
+CVE-2006-4450
 	- phpbb2 2.0.21-1 (unimportant)
 	NOTE: That's by design and even disabled by default
-CVE-2006-4449 (Cross-site scripting (XSS) vulnerability in attachment.php in ...)
+CVE-2006-4449
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4448 (Multiple PHP remote file inclusion vulnerabilities in interact 2.2, ...)
+CVE-2006-4448
 	NOT-FOR-US: interact
-CVE-2006-4447 (X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, ...)
+CVE-2006-4447
 	{DSA-1193-1}
 	- xbase-clients 1:7.1.ds-2 (unimportant)
 	- xtrans 1.0.0-6 (unimportant)
@@ -6235,318 +6235,318 @@ CVE-2006-4447 (X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload,
 	- libx11 2:1.0.0-7 (unimportant)
 	- xdm 1:1.0.5-1 (unimportant)
 	- xterm <unfixed> (unimportant)
-CVE-2006-4446 (Heap-based buffer overflow in DirectAnimation.PathControl COM object ...)
+CVE-2006-4446
 	NOT-FOR-US: Microsoft
-CVE-2006-4445 (** DISPUTED ** ...)
+CVE-2006-4445
 	NOT-FOR-US: CuteNews
-CVE-2006-4444 (Multiple SQL injection vulnerabilities in Cybozu Garoon 2.1.0 for ...)
+CVE-2006-4444
 	NOT-FOR-US: Cybozu Garoon
-CVE-2006-4443 (PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft ...)
+CVE-2006-4443
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2006-4442 (Cross-site scripting (XSS) vulnerability in PHP iAddressBook before ...)
+CVE-2006-4442
 	NOT-FOR-US: iAddressBook
-CVE-2006-4441 (Multiple PHP remote file inclusion vulnerabilities in Ay System ...)
+CVE-2006-4441
 	NOT-FOR-US: Ay System Solutions CMS
-CVE-2006-4440 (PHP remote file inclusion vulnerability in main.php in Ay System ...)
+CVE-2006-4440
 	NOT-FOR-US: Ay System Solutions CMS
-CVE-2006-4439 (pkgadd in Sun Solaris 10 before 20060825 installs files with insecure ...)
+CVE-2006-4439
 	NOT-FOR-US: Solaris
-CVE-2006-4438 (Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux ...)
+CVE-2006-4438
 	NOT-FOR-US: SpIDer for Dr.Web Scanner
-CVE-2006-4437 (Eval injection vulnerability in Tagger LE allows remote attackers to ...)
+CVE-2006-4437
 	NOT-FOR-US: Tagger LE
-CVE-2006-4602 (Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 ...)
+CVE-2006-4602
 	- tikiwiki 1.9.4+dfsg2-3
-CVE-2006-4436 (isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates ...)
+CVE-2006-4436
 	{DSA-1175-1}
 	- isakmpd 20041012-4 (bug #385894; medium)
-CVE-2006-4435 (OpenBSD 3.8, 3.9, and possibly earlier versions allows ...)
+CVE-2006-4435
 	NOT-FOR-US: OpenBSD
-CVE-2006-4434 (Use-after-free vulnerability in Sendmail before 8.13.8 allows remote ...)
+CVE-2006-4434
 	{DSA-1164}
 	- sendmail 8.13.8-1 (bug #385054; medium)
-CVE-2006-4433 (PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set ...)
+CVE-2006-4433
 	- php4 4:4.4.4-1 (unimportant)
 	- php5 5.1.4-0.1 (unimportant)
 	NOTE: Sanitising this is an application's job
-CVE-2006-4432 (Directory traversal vulnerability in Zend Platform 2.2.1 and earlier ...)
+CVE-2006-4432
 	NOT-FOR-US: Zend Platform
-CVE-2006-4431 (Multiple buffer overflows in the (a) Session Clustering Daemon and the ...)
+CVE-2006-4431
 	NOT-FOR-US: Zend Platform
-CVE-2006-4430 (The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows ...)
+CVE-2006-4430
 	NOT-FOR-US: Cisco
-CVE-2006-4429 (** DISPUTED ** ...)
+CVE-2006-4429
 	NOT-FOR-US: PHlyMail Lite
-CVE-2006-4428 (** DISPUTED ** ...)
+CVE-2006-4428
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4427 (index.php in eFiction before 2.0.7 allows remote attackers to bypass ...)
+CVE-2006-4427
 	NOT-FOR-US: eFiction
-CVE-2006-4426 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4426
 	NOT-FOR-US: AlberT-EasySite
-CVE-2006-4425 (Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 ...)
+CVE-2006-4425
 	NOT-FOR-US: phpCOIN
-CVE-2006-4424 (PHP remote file inclusion vulnerability in coin_includes/constants.php ...)
+CVE-2006-4424
 	NOT-FOR-US: phpCOIN
-CVE-2006-4423 (Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 ...)
+CVE-2006-4423
 	NOT-FOR-US: Bigace
-CVE-2006-4422 (** DISPUTED ** ...)
+CVE-2006-4422
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4421 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-4421
 	NOT-FOR-US: Yet Another PHP Image Gallery
-CVE-2006-4420 (Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 ...)
+CVE-2006-4420
 	NOT-FOR-US: Phaos
-CVE-2006-4419 (SQL injection vulnerability in note.php in ProManager 0.73 allows ...)
+CVE-2006-4419
 	NOT-FOR-US: ProManager
-CVE-2006-4418 (Directory traversal vulnerability in index.php for Wikepage 2006.2a ...)
+CVE-2006-4418
 	NOT-FOR-US: Wikepage
-CVE-2006-4417 (SQL injection vulnerability in edituser.php in Xoops before 2.0.15 ...)
+CVE-2006-4417
 	NOT-FOR-US: Xoops
-CVE-2006-4416 (Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 ...)
+CVE-2006-4416
 	NOT-FOR-US: IBM AIX
 CVE-2006-4415
 	RESERVED
 CVE-2006-4414
 	RESERVED
-CVE-2006-4413 (Apple Remote Desktop before 3.1 uses insecure permissions for certain ...)
+CVE-2006-4413
 	NOT-FOR-US: Apple Remote Desktop
-CVE-2006-4412 (WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 ...)
+CVE-2006-4412
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4411 (The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x ...)
+CVE-2006-4411
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4410 (The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before ...)
+CVE-2006-4410
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4409 (The Online Certificate Status Protocol (OCSP) service in the Security ...)
+CVE-2006-4409
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4408 (The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows ...)
+CVE-2006-4408
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4407 (The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not ...)
+CVE-2006-4407
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4406 (Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and ...)
+CVE-2006-4406
 	NOT-FOR-US: Apple Mac OS X
 CVE-2006-4405
 	RESERVED
-CVE-2006-4404 (The Installer application in Apple Mac OS X 10.4.8 and earlier, when ...)
+CVE-2006-4404
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4403 (The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access ...)
+CVE-2006-4403
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4402 (Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and ...)
+CVE-2006-4402
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4401 (Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier ...)
+CVE-2006-4401
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4400 (Stack-based buffer overflow in the Apple Type Services (ATS) server in ...)
+CVE-2006-4400
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4399 (User interface inconsistency in Workgroup Manager in Apple Mac OS X ...)
+CVE-2006-4399
 	NOT-FOR-US: Mac OS
-CVE-2006-4398 (Multiple buffer overflows in the Apple Type Services (ATS) server in ...)
+CVE-2006-4398
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4397 (Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 ...)
+CVE-2006-4397
 	NOT-FOR-US: Mac OS
-CVE-2006-4396 (The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier ...)
+CVE-2006-4396
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4395 (Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X ...)
+CVE-2006-4395
 	NOT-FOR-US: Mac OS
-CVE-2006-4394 (A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, ...)
+CVE-2006-4394
 	NOT-FOR-US: Mac OS
-CVE-2006-4393 (Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 ...)
+CVE-2006-4393
 	NOT-FOR-US: Mac OS
-CVE-2006-4392 (The Mach kernel, as used in operating systems including (1) Mac OS X ...)
+CVE-2006-4392
 	NOT-FOR-US: Mac OS
-CVE-2006-4391 (Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 ...)
+CVE-2006-4391
 	NOT-FOR-US: Mac OS
-CVE-2006-4390 (CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows ...)
+CVE-2006-4390
 	NOT-FOR-US: Mac OS
-CVE-2006-4389 (Apple QuickTime before 7.1.3 allows user-assisted remote attackers to ...)
+CVE-2006-4389
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4388 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+CVE-2006-4388
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4387 (Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the ...)
+CVE-2006-4387
 	NOT-FOR-US: Mac OS
-CVE-2006-4386 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+CVE-2006-4386
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4385 (Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+CVE-2006-4385
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4384 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows ...)
+CVE-2006-4384
 	NOT-FOR-US: Apple QuickTime
 CVE-2006-4383
 	RESERVED
-CVE-2006-4382 (Multiple buffer overflows in Apple QuickTime before 7.1.3 allow ...)
+CVE-2006-4382
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4381 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+CVE-2006-4381
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4380 (MySQL before 4.1.13 allows local users to cause a denial of service ...)
+CVE-2006-4380
 	{DSA-1169}
 	- mysql-dfsg-5.0 <not-affected> (only 4.1 affected)
 	- mysql-dfsg <not-affected> (only 4.1 affected)
 	- mysql-dfsg-4.1 <removed>
-CVE-2006-4379 (Stack-based buffer overflow in the SMTP Daemon in Ipswitch ...)
+CVE-2006-4379
 	NOT-FOR-US: Ipswitch Collaboration 2006 Suite
-CVE-2006-4378 (** DISPUTED ** ...)
+CVE-2006-4378
 	NOT-FOR-US: Rssxt component for Joomla! (com_rssxt)
-CVE-2006-4377 (Multiple SQL injection vulnerabilities in Guder und Koch ...)
+CVE-2006-4377
 	NOT-FOR-US: Eichhorn Portal
-CVE-2006-4376 (Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch ...)
+CVE-2006-4376
 	NOT-FOR-US: Eichhorn Portal
-CVE-2006-4375 (** DISPUTED ** ...)
+CVE-2006-4375
 	NOT-FOR-US: Contacts XTD (ContXTD) component for Mambo (com_contxtd)
-CVE-2006-4374 (IrfanView 3.98 (with plugins) allows user-assisted attackers to cause ...)
+CVE-2006-4374
 	NOT-FOR-US: IrfanView
-CVE-2006-4373 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4373
 	NOT-FOR-US: pSlash
-CVE-2006-4372 (PHP remote file inclusion vulnerability in admin.lurm_constructor.php ...)
+CVE-2006-4372
 	NOT-FOR-US: Lurm Constructor component (com_lurm_constructor) for Mambo
-CVE-2006-4371 (Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 ...)
+CVE-2006-4371
 	NOT-FOR-US: Alt-N WebAdmin
-CVE-2006-4370 (Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and ...)
+CVE-2006-4370
 	NOT-FOR-US: Alt-N WebAdmin
-CVE-2006-4369 (Absolute path traversal vulnerability in includes/functions_portal.php ...)
+CVE-2006-4369
 	NOT-FOR-US: IntegraMOD Portal
-CVE-2006-4368 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4368
 	NOT-FOR-US: IntegraMOD Portal
-CVE-2006-4367 (SQL injection vulnerability in alltopics.php in the All Topics Hack ...)
+CVE-2006-4367
 	NOT-FOR-US: All Topics Hack for phpBB
-CVE-2006-4366 (PHP remote file inclusion vulnerability in index.php in RedBLoG 0.5 ...)
+CVE-2006-4366
 	NOT-FOR-US: RedBLoG
-CVE-2006-4365 (Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 ...)
+CVE-2006-4365
 	NOT-FOR-US: VistaBB
-CVE-2006-4364 (Multiple heap-based buffer overflows in the POP3 server in Alt-N ...)
+CVE-2006-4364
 	NOT-FOR-US: Alt-N Technologies MDaemon
-CVE-2006-4363 (PHP remote file inclusion vulnerability in admin.cropcanvas.php in the ...)
+CVE-2006-4363
 	NOT-FOR-US: CropImage component (com_cropimage) for Mambo
-CVE-2006-4362 (Cross-site scripting (XSS) vulnerability in getad.php in Diesel Paid ...)
+CVE-2006-4362
 	NOT-FOR-US: Diesel Paid Mail
-CVE-2006-4361 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-4361
 	NOT-FOR-US: Diesel Job Site
-CVE-2006-4360 (Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal ...)
+CVE-2006-4360
 	NOT-FOR-US: E-commerce for Drupal
-CVE-2006-4359 (Stack-based buffer overflow in Trident Software PowerZip 7.06 Build ...)
+CVE-2006-4359
 	NOT-FOR-US: PowerZip
-CVE-2006-4358 (Cross-site scripting (XSS) vulnerability in index.php in Diesel Pay ...)
+CVE-2006-4358
 	NOT-FOR-US: Diesel Pay
-CVE-2006-4357 (PHP remote file inclusion vulnerability in clients/index.php in Diesel ...)
+CVE-2006-4357
 	NOT-FOR-US: Diesel Smart Traffic
-CVE-2006-4356 (SQL injection vulnerability in Drupal Easylinks Module ...)
+CVE-2006-4356
 	NOT-FOR-US: Easylinks Module for Drupal
-CVE-2006-4355 (Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module ...)
+CVE-2006-4355
 	NOT-FOR-US: Easylinks Module for Drupal
-CVE-2006-4354 (PHP remote file inclusion vulnerability in e/class/CheckLevel.php in ...)
+CVE-2006-4354
 	NOT-FOR-US: Phome Empire CMS
-CVE-2006-4353 (Unspecified vulnerability in Sun Java System Content Delivery Server ...)
+CVE-2006-4353
 	NOT-FOR-US: Sun Java System Content Delivery Server
-CVE-2006-4352 (The ArrowPoint cookie functionality for Cisco 11000 series Content ...)
+CVE-2006-4352
 	NOT-FOR-US: Cisco
-CVE-2006-4351 (Cross-site scripting (XSS) vulnerability in index.php in OneOrZero ...)
+CVE-2006-4351
 	NOT-FOR-US: OneOrZero
-CVE-2006-4350 (SQL injection vulnerability in index.php in OneOrZero 1.6.4.1 allows ...)
+CVE-2006-4350
 	NOT-FOR-US: OneOrZero
-CVE-2006-4349 (** DISPUTED ** ...)
+CVE-2006-4349
 	NOT-FOR-US: ToendaCMS
-CVE-2006-4348 (PHP remote file inclusion vulnerability in config.kochsuite.php in the ...)
+CVE-2006-4348
 	NOT-FOR-US: Kochsuite (com_kochsuite) component for Mambo and Joomla!
-CVE-2006-4347 (SQL injection vulnerability in user logon authentication request ...)
+CVE-2006-4347
 	NOT-FOR-US: Cool Manager
-CVE-2006-4346 (Asterisk 1.2.10 supports the use of client-controlled variables to ...)
+CVE-2006-4346
 	- asterisk 1:1.2.11.dfsg-1 (medium; bug #385060)
-CVE-2006-4345 (Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in ...)
+CVE-2006-4345
 	- asterisk 1:1.2.11.dfsg-1 (medium; bug #385060)
-CVE-2006-4344 (CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) ...)
+CVE-2006-4344
 	NOT-FOR-US: CGI-Rescue Mail F/W System
-CVE-2006-4343 (The get_server_hello function in the SSLv2 client code in OpenSSL ...)
+CVE-2006-4343
 	{DSA-1195-1 DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
 	- openssl096 <removed>
-CVE-2006-4342 (The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, ...)
+CVE-2006-4342
 	- linux-2.6 <not-affected> (Flaw specific to Red Hat backport)
 CVE-2006-4341
 	REJECTED
-CVE-2006-4340 (Mozilla Network Security Service (NSS) library before 3.11.3, as used ...)
+CVE-2006-4340
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-60, this is the similar to CVE-2006-4339
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (high)
 	- xulrunner 1.8.0.7-1 (high)
-CVE-2006-4339 (OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, ...)
+CVE-2006-4339
 	{DSA-1174-1 DSA-1173-1}
 	- openssl 0.9.8b-3 (medium)
 	- openssl097 0.9.7i-2 (medium)
 	- openssl096 <removed>
-CVE-2006-4338 (unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent ...)
+CVE-2006-4338
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (medium)
 	- lha 1.14i-10.1 (medium; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2006-4337 (Buffer overflow in the make_table function in the LHZ component in ...)
+CVE-2006-4337
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
 	- lha 1.14i-10.1 (high; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2006-4336 (Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows ...)
+CVE-2006-4336
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
-CVE-2006-4335 (Array index error in the make_table function in unlzh.c in the LZH ...)
+CVE-2006-4335
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
 	- lha 1.14i-10.1 (high; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2006-4334 (Unspecified vulnerability in gzip 1.3.5 allows context-dependent ...)
+CVE-2006-4334
 	{DSA-1974-1 DSA-1181-1}
 	- gzip 1.3.5-15 (high)
-CVE-2006-4333 (The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows ...)
+CVE-2006-4333
 	{DSA-1171}
 	- wireshark 0.99.2-5.1 (low; bug #384529)
 	- ethereal <removed> (low; bug #384528)
-CVE-2006-4332 (Unspecified vulnerability in the DHCP dissector in Wireshark (formerly ...)
+CVE-2006-4332
 	- wireshark <not-affected> (windows only)
 	- ethereal <not-affected> (windows only)
-CVE-2006-4331 (Multiple off-by-one errors in the IPSec ESP preference parser in ...)
+CVE-2006-4331
 	- wireshark 0.99.2-5.1 (medium; bug #384529)
 	- ethereal <not-affected> (only wireshark 0.99.2 affected)
-CVE-2006-4330 (Unspecified vulnerability in the SCSI dissector in Wireshark (formerly ...)
+CVE-2006-4330
 	- wireshark 0.99.2-5 (medium; bug #384529)
 	- ethereal <not-affected> (only wireshark 0.99.2 affected)
-CVE-2006-4329 (Multiple PHP remote file inclusion vulnerabilities in Shadows Rising ...)
+CVE-2006-4329
 	NOT-FOR-US: Shadows Rising
-CVE-2006-4328 (SQL injection vulnerability in admin.php in CloudNine Interactive ...)
+CVE-2006-4328
 	NOT-FOR-US: CloudNine
-CVE-2006-4327 (Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in ...)
+CVE-2006-4327
 	NOT-FOR-US: CloudNine
-CVE-2006-4326 (Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, ...)
+CVE-2006-4326
 	NOT-FOR-US: Ichitaro
-CVE-2006-4325 (Cross-site scripting (XSS) vulnerability in gbook.php in Doika ...)
+CVE-2006-4325
 	NOT-FOR-US: Doika
-CVE-2006-4324 (Cross-site scripting (XSS) vulnerability in add_url2.php in ...)
+CVE-2006-4324
 	NOT-FOR-US: CityForFree
-CVE-2006-4323 (SQL injection vulnerability in list.php in CityForFree indexcity 1.0, ...)
+CVE-2006-4323
 	NOT-FOR-US: CityForFree
-CVE-2006-4322 (PHP remote file inclusion vulnerability in estateagent.php in the ...)
+CVE-2006-4322
 	NOT-FOR-US: Mambo
-CVE-2006-4321 (PHP remote file inclusion vulnerability in cpg.php in the Coppermine ...)
+CVE-2006-4321
 	NOT-FOR-US: Mambo
-CVE-2006-4320 (PHP remote file inclusion vulnerability in sef.php in the OpenSEF ...)
+CVE-2006-4320
 	NOT-FOR-US: OpenSEF for Joomla
-CVE-2006-4319 (Buffer overflow in the format command in Solaris 8, 9, and 10 allows ...)
+CVE-2006-4319
 	NOT-FOR-US: Solaris
-CVE-2006-4318 (Buffer overflow in WFTPD Server 3.23 allows remote attackers to ...)
+CVE-2006-4318
 	NOT-FOR-US: WFTPD
-CVE-2006-4317 (Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab ...)
+CVE-2006-4317
 	NOT-FOR-US: WoltLab
-CVE-2006-4316 (SSH Tectia Management Agent 2.1.2 allows local users to gain root ...)
+CVE-2006-4316
 	NOT-FOR-US: SSH Tectia Management Agent
-CVE-2006-4315 (Unquoted Windows search path vulnerability in multiple SSH Tectia ...)
+CVE-2006-4315
 	NOT-FOR-US: SSH Tectia Management Agent
-CVE-2006-4314 (The manager server in Symantec Enterprise Security Manager (ESM) 6 and ...)
+CVE-2006-4314
 	NOT-FOR-US: Symantec
-CVE-2006-4313 (Multiple unspecified vulnerabilities in Cisco VPN 3000 series ...)
+CVE-2006-4313
 	NOT-FOR-US: Cisco
-CVE-2006-4312 (Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive ...)
+CVE-2006-4312
 	NOT-FOR-US: Cisco
-CVE-2006-4311 (PHP remote file inclusion vulnerability in Sonium Enterprise ...)
+CVE-2006-4311
 	NOT-FOR-US: Sonium Enterprise Adressbook
-CVE-2006-4310 (Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of ...)
+CVE-2006-4310
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	- firefox 45.0-1
 	- firefox-esr 45.0esr-1
@@ -6554,124 +6554,124 @@ CVE-2006-4310 (Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial
 	- mozilla <removed>
 	- mozilla-firefox <removed>
 	- xulrunner 1.8.0.8-1
-CVE-2006-4309 (VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not ...)
+CVE-2006-4309
 	NOT-FOR-US: AK-Systems Windows Terminal
-CVE-2006-4308 (Multiple cross-site scripting (XSS) vulnerabilities in Blackboard ...)
+CVE-2006-4308
 	NOT-FOR-US: Blackboard Learning System
-CVE-2006-4307 (Unspecified vulnerability in the format command in Sun Solaris 8 and 9 ...)
+CVE-2006-4307
 	NOT-FOR-US: Solaris
-CVE-2006-4306 (Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 ...)
+CVE-2006-4306
 	NOT-FOR-US: Solaris
-CVE-2006-4305 (Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote ...)
+CVE-2006-4305
 	{DSA-1190-1}
 	- maxdb-7.5.00 7.5.00.34-5 (high; bug #386182)
-CVE-2006-4304 (Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD ...)
+CVE-2006-4304
 	- kfreebsd-5 5.4-18 (bug #391289)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
-CVE-2006-4303 (Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun ...)
+CVE-2006-4303
 	NOT-FOR-US: Solaris
-CVE-2006-4302 (The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web ...)
+CVE-2006-4302
 	- sun-java5 1.5.0-07-1
-CVE-2006-4301 (Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a ...)
+CVE-2006-4301
 	NOT-FOR-US: Microsoft
-CVE-2006-4300 (SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and ...)
+CVE-2006-4300
 	NOT-FOR-US: SimpleBlog
-CVE-2006-4299 (Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in ...)
+CVE-2006-4299
 	- tikiwiki 1.9.4+dfsg2-2 (low; bug #384796)
-CVE-2006-4298 (Multiple directory traversal vulnerabilities in cache.php in ...)
+CVE-2006-4298
 	NOT-FOR-US: osCommerce
-CVE-2006-4297 (SQL injection vulnerability in shopping_cart.php in osCommerce before ...)
+CVE-2006-4297
 	NOT-FOR-US: osCommerce
-CVE-2006-4296 (PHP remote file inclusion vulnerability in classes/Tar.php in ...)
+CVE-2006-4296
 	NOT-FOR-US: bigAPE-Backup component (com_babackup) for Mambo
-CVE-2006-4295 (Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ...)
+CVE-2006-4295
 	NOT-FOR-US: Panda ActiveScan
-CVE-2006-4294 (Directory traversal vulnerability in viewfile in TWiki 4.0.0 through 4.0.4 ...)
+CVE-2006-4294
 	- twiki 1:4.0.4-3 (bug #389267; low)
-CVE-2006-4293 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...)
+CVE-2006-4293
 	NOT-FOR-US: cPanel
-CVE-2006-4292 (Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows ...)
+CVE-2006-4292
 	- honeyd 1.5b-1 (low; bug #384806)
 	[sarge] - honeyd <no-dsa> (Minor issue)
-CVE-2006-4291 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4291
 	NOT-FOR-US: PHlyMail Lite
-CVE-2006-4290 (Directory traversal vulnerability in Sony VAIO Media Server 2.x, 3.x, ...)
+CVE-2006-4290
 	NOT-FOR-US: Sony
-CVE-2006-4289 (Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x ...)
+CVE-2006-4289
 	NOT-FOR-US: Sony
-CVE-2006-4288 (PHP remote file inclusion vulnerability in admin.a6mambocredits.php in ...)
+CVE-2006-4288
 	NOT-FOR-US: a6mambocredits component (com_a6mambocredits) for Mambo
-CVE-2006-4287 (Multiple PHP remote file inclusion vulnerabilities in NES Game and NES ...)
+CVE-2006-4287
 	NOT-FOR-US: NES Game and NES System
-CVE-2006-4286 (** DISPUTED ** ...)
+CVE-2006-4286
 	NOT-FOR-US: contentpublisher component (com_contentpublisher) for Mambo
-CVE-2006-4285 (PHP remote file inclusion vulnerability in news.php in Fantastic News ...)
+CVE-2006-4285
 	NOT-FOR-US: Fantastic News
-CVE-2006-4284 (SQL injection vulnerability in comments.asp in LBlog 1.05 and earlier ...)
+CVE-2006-4284
 	NOT-FOR-US: LBlog
-CVE-2006-4283 (Multiple PHP remote file inclusion vulnerabilities in SOLMETRA SPAW ...)
+CVE-2006-4283
 	NOT-FOR-US: SOLMETRA SPAW Editor
-CVE-2006-4282 (PHP remote file inclusion vulnerability in MamboLogin.php in the ...)
+CVE-2006-4282
 	NOT-FOR-US: MamboWiki component (com_mambowiki) for Mambo and Joomla!
-CVE-2006-4281 (PHP remote file inclusion vulnerability in akocomments.php in ...)
+CVE-2006-4281
 	NOT-FOR-US: AkoComment 1.1 module (com_akocomment) for Mambo
-CVE-2006-4280 (** DISPUTED ** ...)
+CVE-2006-4280
 	NOT-FOR-US: ANJEL (formerly MaMML) Component (com_anjel) for Mambo
-CVE-2006-4279 (SQL injection vulnerability in topic_post.php in XennoBB 2.2.1 and ...)
+CVE-2006-4279
 	NOT-FOR-US: XennoBB
-CVE-2006-4278 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4278
 	NOT-FOR-US: SportsPHool
-CVE-2006-4277 (Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 ...)
+CVE-2006-4277
 	NOT-FOR-US: Tutti Nova
-CVE-2006-4276 (PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier ...)
+CVE-2006-4276
 	NOT-FOR-US: Tutti Nova
-CVE-2006-4275 (PHP remote file inclusion vulnerability in catalogshop.php in the ...)
+CVE-2006-4275
 	NOT-FOR-US: CatalogShop component for Mambo (com_catalogshop)
 CVE-2006-4274
 	REJECTED
-CVE-2006-4273 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 ...)
+CVE-2006-4273
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2006-4272 (** DISPUTED ** ...)
+CVE-2006-4272
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2006-4271 (** DISPUTED ** ...)
+CVE-2006-4271
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2006-4270 (PHP remote file inclusion vulnerability in mambelfish.class.php in the ...)
+CVE-2006-4270
 	NOT-FOR-US: mambelfish component (com_mambelfish) for Mambo
-CVE-2006-4269 (** DISPUTED ** ...)
+CVE-2006-4269
 	NOT-FOR-US: x-shop component (com_x-shop) for Mambo and Joomla!
-CVE-2006-4268 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.11 ...)
+CVE-2006-4268
 	NOT-FOR-US: CubeCart
-CVE-2006-4267 (Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier ...)
+CVE-2006-4267
 	NOT-FOR-US: CubeCart
-CVE-2006-4266 (Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, ...)
+CVE-2006-4266
 	NOT-FOR-US: Symantec
-CVE-2006-4265 (Kaspersky Anti-Hacker 1.8.180, when Stealth Mode is enabled, allows ...)
+CVE-2006-4265
 	NOT-FOR-US: Kaspersky
-CVE-2006-4264 (** DISPUTED ** ...)
+CVE-2006-4264
 	NOT-FOR-US: lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo
-CVE-2006-4263 (Multiple PHP remote file inclusion vulnerabilities in the Product ...)
+CVE-2006-4263
 	NOT-FOR-US: mambo-phpshop (com_phpshop) for Mambo and Joomla!
-CVE-2006-4262 (Multiple buffer overflows in cscope 15.5 and earlier allow ...)
+CVE-2006-4262
 	{DSA-1186-1}
 	- cscope 15.5+cvs20060902-1 (low; bug #385893)
 CVE-2006-4261
 	REJECTED
-CVE-2006-4260 (Directory traversal vulnerability in index.php in Fotopholder 1.8 ...)
+CVE-2006-4260
 	NOT-FOR-US: Fotopholder
-CVE-2006-4259 (Cross-site scripting (XSS) vulnerability in index.php in Fotopholder ...)
+CVE-2006-4259
 	NOT-FOR-US: Fotopholder
-CVE-2006-4258 (Absolute path traversal vulnerability in the get functionality in ...)
+CVE-2006-4258
 	NOT-FOR-US: Anti-Spam SMTP Proxy
-CVE-2006-4257 (IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote ...)
+CVE-2006-4257
 	NOT-FOR-US: IBM DB2
-CVE-2006-4256 (index.php in Horde Application Framework before 3.1.2 allows remote ...)
+CVE-2006-4256
 	{DSA-1406-1}
 	- horde3 3.1.3-1 (low; bug #383416)
-CVE-2006-4255 (Cross-site scripting (XSS) vulnerability in horde/imp/search.php in ...)
+CVE-2006-4255
 	- imp4 4.1.3-1 (low; bug #383416)
-CVE-2006-4254 (Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 ...)
+CVE-2006-4254
 	NOT-FOR-US: IBM AIX
-CVE-2006-4253 (Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier ...)
+CVE-2006-4253
 	NOTE: MFSA-2006-59
 	- xulrunner 1.8.0.7-1 (medium)
 	- firefox 1.5.dfsg+1.5.0.7-1 (medium)
@@ -6681,231 +6681,231 @@ CVE-2006-4253 (Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier
 	[sarge] - mozilla <unfixed> (unimportant)
 	[sarge] - mozilla-thunderbird <unfixed> (unimportant)
 	NOTE: On Sarge this is only a crasher, code injection is only possible for Firefox 1.5 et al.
-CVE-2006-4252 (PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a ...)
+CVE-2006-4252
 	- pdns-recursor 3.1.4-1 (bug #398559)
 	- pdns <not-affected> (Recursor module has been moved to pdns-recursor)
-CVE-2006-4251 (Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow ...)
+CVE-2006-4251
 	{DSA-1211}
 	- pdns-recursor 3.1.4-1 (bug #398557; high)
 	- pdns 2.9.20-4
 	NOTE: Recursor module has been moved to pdns-recursor
-CVE-2006-4250 (Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows ...)
+CVE-2006-4250
 	{DSA-1278-1}
 	- man-db 2.4.3-5
-CVE-2006-4249 (Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when ...)
+CVE-2006-4249
 	- zope-cmfplone 2.5.1-3 (bug #401796)
 	[sarge] - zope-cmfplone <not-affected> (Vulnerable code not present)
-CVE-2006-4248 (thttpd on Debian GNU/Linux, and possibly other distributions, allows ...)
+CVE-2006-4248
 	{DSA-1205-1}
 	- thttpd 2.23beta1-5 (bug #396277)
-CVE-2006-4247 (Unspecified vulnerability in the Password Reset Tool before 0.4.1 on ...)
+CVE-2006-4247
 	[sarge] - zope-cmfplone <not-affected> (Vulnerable code not present)
 	- zope-cmfplone 2.5.1-1
-CVE-2006-4246 (Usermin before 1.220 (20060629) allows remote attackers to read ...)
+CVE-2006-4246
 	{DSA-1177-1}
 	- usermin <removed> (bug #374609)
 CVE-2006-4245
 	RESERVED
 	- archivemail 0.6.2-2 (bug #385253)
-CVE-2006-4244 (SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that ...)
+CVE-2006-4244
 	{DSA-1239-1}
 	- sql-ledger 2.6.18-1 (medium; bug #386519)
 CVE-2006-4243 [linux vserver priviledge escalation in remount code]
 	RESERVED
 	- linux-2.6 2.6.17-9
-CVE-2006-4242 (PHP remote file inclusion vulnerability in install.jim.php in the JIM ...)
+CVE-2006-4242
 	NOT-FOR-US: JIM component for Joomla or Mambo
-CVE-2006-4241 (PHP remote file inclusion vulnerability in processor/reporter.sql.php ...)
+CVE-2006-4241
 	NOT-FOR-US: Reporter Mambo component (com_reporter)
-CVE-2006-4240 (PHP remote file inclusion vulnerability in index.php in Fusion News ...)
+CVE-2006-4240
 	NOT-FOR-US: Fusion News
-CVE-2006-4239 (PHP remote file inclusion vulnerability in include/urights.php in ...)
+CVE-2006-4239
 	NOT-FOR-US: Outreach Project Tool
-CVE-2006-4238 (SQL injection vulnerability in torrents.php in WebTorrent (WTcom) ...)
+CVE-2006-4238
 	NOT-FOR-US: WebTorrent (WTcom)
-CVE-2006-4237 (PHP remote file inclusion vulnerability in pageheaderdefault.inc.php ...)
+CVE-2006-4237
 	NOT-FOR-US: Invisionix Roaming System Remote (IRSR)
-CVE-2006-4236 (Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow ...)
+CVE-2006-4236
 	NOT-FOR-US: POWERGAP
-CVE-2006-4235 (Buffer overflow in the import project functionality in Sony SonicStage ...)
+CVE-2006-4235
 	NOT-FOR-US: Sony
-CVE-2006-4234 (PHP remote file inclusion vulnerability in classes/query.class.php in ...)
+CVE-2006-4234
 	NOT-FOR-US: dotProject
-CVE-2006-4233 (Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local ...)
+CVE-2006-4233
 	NOT-FOR-US: Globus Toolkit
-CVE-2006-4232 (Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, ...)
+CVE-2006-4232
 	NOT-FOR-US: Globus Toolkit
-CVE-2006-4231 (IrfanView 3.98 (with plugins) allows remote attackers to cause a ...)
+CVE-2006-4231
 	NOT-FOR-US: IrfanView
-CVE-2006-4230 (Multiple PHP remote file inclusion vulnerabilities in index.php in ...)
+CVE-2006-4230
 	NOT-FOR-US: Lizge Web Portal
-CVE-2006-4229 (PHP remote file inclusion vulnerability in archive.php in the ...)
+CVE-2006-4229
 	NOT-FOR-US: mosListMessenger Component (com_lm) for Mambo and Joomla!
-CVE-2006-4228 (Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before ...)
+CVE-2006-4228
 	NOT-FOR-US: Symantec
-CVE-2006-4227 (MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid ...)
+CVE-2006-4227
 	- mysql-dfsg-5.0 5.0.24-3 (low; bug #384798)
-CVE-2006-4226 (MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when ...)
+CVE-2006-4226
 	{DSA-1169}
 	- mysql-dfsg-5.0 5.0.24-3 (low; bug #384798)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable code not present)
 CVE-2006-4225
 	REJECTED
-CVE-2006-4224 (Cross-site scripting (XSS) vulnerability in calendar.php in Virtual ...)
+CVE-2006-4224
 	NOT-FOR-US: Virtual War
-CVE-2006-4223 (IBM WebSphere Application Server (WAS) before 6.0.2.13 allows ...)
+CVE-2006-4223
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2006-4222 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
+CVE-2006-4222
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2006-4221 (Stack-based buffer overflow in the IBM Access Support eGatherer ...)
+CVE-2006-4221
 	NOT-FOR-US: IBM
-CVE-2006-4220 (Multiple cross-site scripting (XSS) vulnerabilities in webacc in ...)
+CVE-2006-4220
 	NOT-FOR-US: Novell GroupWise WebAccess
-CVE-2006-4219 (The Terminal Services COM object (tsuserex.dll) allows remote ...)
+CVE-2006-4219
 	NOT-FOR-US: Terminal Services COM object
-CVE-2006-4218 (Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier ...)
+CVE-2006-4218
 	NOT-FOR-US: Zen Cart
-CVE-2006-4217 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4217
 	NOT-FOR-US: WEBInsta CMS
 CVE-2006-4216
 	REJECTED
-CVE-2006-4215 (PHP remote file inclusion vulnerability in index.php in Zen Cart ...)
+CVE-2006-4215
 	NOT-FOR-US: Zen Cart
-CVE-2006-4214 (Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and earlier ...)
+CVE-2006-4214
 	NOT-FOR-US: Zen Cart
-CVE-2006-4213 (PHP remote file inclusion vulnerability in config.php in David Kent ...)
+CVE-2006-4213
 	NOT-FOR-US: Thatware
-CVE-2006-4212 (SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet ...)
+CVE-2006-4212
 	NOT-FOR-US: Owl Intranet Engine
-CVE-2006-4211 (Cross-site scripting (XSS) vulnerability in b0zz and Chris Vincent Owl ...)
+CVE-2006-4211
 	NOT-FOR-US: Owl Intranet Engine
-CVE-2006-4210 (nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when ...)
+CVE-2006-4210
 	NOT-FOR-US: phPay
-CVE-2006-4209 (PHP remote file inclusion vulnerability in install3.php in WEBInsta ...)
+CVE-2006-4209
 	NOT-FOR-US: WEBInsta Mailing List Manager
-CVE-2006-4208 (Directory traversal vulnerability in wp-db-backup.php in Skippy ...)
+CVE-2006-4208
 	- wordpress 2.0.5-0.1 (unimportant; bug #384800)
 	NOTE: Only exploitable by admin users, someone with the privilege to backup
 	NOTE: your data must be trustworthy
-CVE-2006-4207 (Multiple PHP remote file inclusion vulnerabilities in Bob Jewell ...)
+CVE-2006-4207
 	NOT-FOR-US: Discloser
-CVE-2006-4206 (Cross-site scripting (XSS) vulnerability in calendar.asp in ...)
+CVE-2006-4206
 	NOT-FOR-US: ASPPlayground.NET Forum Advanced Edition
-CVE-2006-4205 (Multiple PHP remote file inclusion vulnerabilities in WebDynamite ...)
+CVE-2006-4205
 	NOT-FOR-US: WebDynamite ProjectButler
-CVE-2006-4204 (Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 ...)
+CVE-2006-4204
 	NOT-FOR-US: PHProjekt
-CVE-2006-4203 (PHP remote file inclusion vulnerability in help.mmp.php in the MMP ...)
+CVE-2006-4203
 	NOT-FOR-US: MMP Component (com_mmp) for Mambo
-CVE-2006-4202 (SQL injection vulnerability in proje_goster.php in Spidey Blog Script ...)
+CVE-2006-4202
 	NOT-FOR-US: Spidey Blog Script
-CVE-2006-4201 (Unspecified vulnerability in the backup agent and Cell Manager in HP ...)
+CVE-2006-4201
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2006-4200 (Unspecified vulnerability in 04WebServer 1.83 and earlier allows ...)
+CVE-2006-4200
 	NOT-FOR-US: 04WebServer
-CVE-2006-4199 (Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83 ...)
+CVE-2006-4199
 	NOT-FOR-US: 04WebServer
-CVE-2006-4198 (PHP remote file inclusion vulnerability in includes/session.php in ...)
+CVE-2006-4198
 	NOT-FOR-US: Wheatblog
-CVE-2006-4197 (Multiple buffer overflows in libmusicbrainz (aka mb_client or ...)
+CVE-2006-4197
 	{DSA-1162}
 	- libmusicbrainz-2.1 2.1.4-1 (medium; bug #383030)
 	- libmusicbrainz-2.0 <removed> (medium; bug #383031)
-CVE-2006-4196 (PHP remote file inclusion vulnerability in index.php in WEBInsta CMS ...)
+CVE-2006-4196
 	NOT-FOR-US: WEBInsta CMS
-CVE-2006-4195 (PHP remote file inclusion vulnerability in param.peoplebook.php in the ...)
+CVE-2006-4195
 	NOT-FOR-US: Peoplebook Component for Mambo (com_peoplebook)
 CVE-2006-XXXX [gallery2 session ID disclosure]
 	- gallery2 2.1.2-1
 CVE-2006-XXXX [insecure filehandling in mysql_upgrade]
 	- mysql-dfsg-5.0 5.0.24-1
 	NOTE: mysql_upgrade not in 4.x
-CVE-2006-4194 (** DISPUTED ** ...)
+CVE-2006-4194
 	NOT-FOR-US: Cisco
-CVE-2006-4193 (Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows ...)
+CVE-2006-4193
 	NOT-FOR-US: MS IE
-CVE-2006-4192 (Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and ...)
+CVE-2006-4192
 	- libmodplug 1:0.7-5.2 (medium; bug #383574)
 	- gst-plugins-bad0.10 0.10.3-3.1 (medium; bug #407956)
-CVE-2006-4191 (Directory traversal vulnerability in memcp.php in XMB (Extreme Message ...)
+CVE-2006-4191
 	NOT-FOR-US: XMB
-CVE-2006-4190 (Directory traversal vulnerability in autohtml.php in the AutoHTML ...)
+CVE-2006-4190
 	NOT-FOR-US: PHP-Nuke module AutoHTML
-CVE-2006-4189 (Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 ...)
+CVE-2006-4189
 	NOT-FOR-US: Dolphin
-CVE-2006-4188 (Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, ...)
+CVE-2006-4188
 	NOT-FOR-US: HP-UX
-CVE-2006-4187 (Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when ...)
+CVE-2006-4187
 	NOT-FOR-US: HP-UX
-CVE-2006-4186 (The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes ...)
+CVE-2006-4186
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4185 (Unspecified vulnerability in the NCPENGINE in Novell eDirectory ...)
+CVE-2006-4185
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4184 (SmartLine DeviceLock before 5.73 Build 305 does not properly enforce ...)
+CVE-2006-4184
 	NOT-FOR-US: SmartLine DeviceLock
-CVE-2006-4183 (Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) ...)
+CVE-2006-4183
 	NOT-FOR-US: Microsoft
-CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions ...)
+CVE-2006-4182
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)
-CVE-2006-4181 (Format string vulnerability in the sqllog function in the SQL ...)
+CVE-2006-4181
 	NOT-FOR-US: GNU Radius
 CVE-2006-4180
 	REJECTED
 CVE-2006-4179
 	RESERVED
-CVE-2006-4178 (Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and ...)
+CVE-2006-4178
 	- kfreebsd-5 <removed> (bug #391289; low)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
-CVE-2006-4177 (Heap-based buffer overflow in the NCP engine in Novell eDirectory ...)
+CVE-2006-4177
 	NOT-FOR-US: Novell eDirectory
 CVE-2006-4176
 	RESERVED
-CVE-2006-4175 (The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 ...)
+CVE-2006-4175
 	NOT-FOR-US: Sun Java System Directory Server
 CVE-2006-4174
 	RESERVED
 CVE-2006-4173
 	RESERVED
-CVE-2006-4172 (Integer overflow vulnerability in the i386_set_ldt call in FreeBSD ...)
+CVE-2006-4172
 	- kfreebsd-5 <removed> (bug #391289; low)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
 CVE-2006-4171
 	RESERVED
 CVE-2006-4170
 	REJECTED
-CVE-2006-4169 (Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin ...)
+CVE-2006-4169
 	NOT-FOR-US: G/PGP (GPG) plugin for Squirrelmail
-CVE-2006-4168 (Integer overflow in the exif_data_load_data_entry function in ...)
+CVE-2006-4168
 	{DSA-1310-1}
 	- libexif 0.6.16-1 (bug #430012)
 CVE-2006-4167
 	RESERVED
-CVE-2006-4166 (PHP remote file inclusion vulnerability in TinyWebGallery 1.5 and ...)
+CVE-2006-4166
 	NOT-FOR-US: TinyWebGallery
-CVE-2006-4165 (Cross-site scripting (XSS) vulnerability in NetCommons 1.0.8 and ...)
+CVE-2006-4165
 	NOT-FOR-US: NetCommons
-CVE-2006-4164 (PHP remote file inclusion vulnerability in inc/header.inc.php in ...)
+CVE-2006-4164
 	NOT-FOR-US: phpPrintAnalyzer
-CVE-2006-4163 (** DISPUTED ** ...)
+CVE-2006-4163
 	NOT-FOR-US: miniBloggie
-CVE-2006-4162 (Cross-site scripting (XSS) vulnerability in Dragonfly CMS 9.0.6.1 and ...)
+CVE-2006-4162
 	NOT-FOR-US: Dragonfly CMS
-CVE-2006-4161 (Directory traversal vulnerability in the avatar_gallery action in ...)
+CVE-2006-4161
 	NOT-FOR-US: XennoBB
-CVE-2006-4160 (Multiple PHP remote file inclusion vulnerabilities in Tony Bibbs and ...)
+CVE-2006-4160
 	NOT-FOR-US: MVCnPHP
-CVE-2006-4159 (Multiple PHP remote file inclusion vulnerabilities in Chaussette ...)
+CVE-2006-4159
 	NOT-FOR-US: Chaussette
-CVE-2006-4158 (PHP remote file inclusion vulnerability in Login.php in Spaminator 1.7 ...)
+CVE-2006-4158
 	NOT-FOR-US: Spaminator
-CVE-2006-4157 (Cross-site scripting (XSS) vulnerability in index.php in Yet another ...)
+CVE-2006-4157
 	NOT-FOR-US: Yet another Bulletin Board (YaBB)
-CVE-2006-4156 (** DISPUTED ** ...)
+CVE-2006-4156
 	NOT-FOR-US: pearlabs mafia moblog
-CVE-2006-4155 (Unspecified vulnerability in func_topic_threaded.php (aka threaded ...)
+CVE-2006-4155
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2006-4154 (Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x ...)
+CVE-2006-4154
 	NOT-FOR-US: mod_tcl
 CVE-2006-4153
 	RESERVED
@@ -6921,166 +6921,166 @@ CVE-2006-4148
 	RESERVED
 CVE-2006-4147
 	RESERVED
-CVE-2006-4146 (Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 ...)
+CVE-2006-4146
 	- gdb 7.3-1 (unimportant)
 	NOTE: Every sensible use of gdb involves executing the debugged binary
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=d53d4ac5aaf62c631e8d915e049eaf3f52fe24c8
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=204841
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/gdb/+bug/62695
-CVE-2006-4145 (The Universal Disk Format (UDF) filesystem driver in Linux kernel ...)
+CVE-2006-4145
 	{DSA-1184-2}
 	- linux-2.6 2.6.17-7
-CVE-2006-4143 (Netgear FVG318 running firmware 1.0.40 allows remote attackers to ...)
+CVE-2006-4143
 	NOT-FOR-US: Netgear
-CVE-2006-4142 (SQL injection vulnerability in extra/online.php in Virtual War (VWar) ...)
+CVE-2006-4142
 	NOT-FOR-US: Virtual War (VWar)
-CVE-2006-4141 (SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 ...)
+CVE-2006-4141
 	NOT-FOR-US: Virtual War (VWar)
-CVE-2006-4140 (Directory traversal vulnerability in IPCheck Server Monitor before ...)
+CVE-2006-4140
 	NOT-FOR-US: IPCheck Server Monitor
-CVE-2006-4139 (Race condition in Sun Solaris 10 allows attackers to cause a denial of ...)
+CVE-2006-4139
 	NOT-FOR-US: Solaris
-CVE-2006-4138 (Multiple unspecified vulnerabilities in Microsoft Windows Help File ...)
+CVE-2006-4138
 	NOT-FOR-US: Microsoft
-CVE-2006-4137 (IBM WebSphere Application Server before 6.1.0.1 allows attackers to ...)
+CVE-2006-4137
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-4136 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
+CVE-2006-4136
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-4135 (** DISPUTED ** ...)
+CVE-2006-4135
 	NOT-FOR-US: Calendarix
-CVE-2006-4134 (Unspecified vulnerability related to a &quot;design flaw&quot; in SAP Internet ...)
+CVE-2006-4134
 	NOT-FOR-US: SAP
-CVE-2006-4133 (Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 ...)
+CVE-2006-4133
 	NOT-FOR-US: SAP
-CVE-2006-4132 (ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and ...)
+CVE-2006-4132
 	NOT-FOR-US: ArcSoft MMS Composer
-CVE-2006-4131 (Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and ...)
+CVE-2006-4131
 	NOT-FOR-US: ArcSoft MMS Composer
-CVE-2006-4130 (PHP remote file inclusion vulnerability in admin.remository.php in the ...)
+CVE-2006-4130
 	NOT-FOR-US: Remository Component (com_remository) for Mambo and Joomla!
-CVE-2006-4129 (PHP remote file inclusion vulnerability in admin.webring.docs.php in ...)
+CVE-2006-4129
 	NOT-FOR-US: Webring Component (com_webring) for Joomla!
-CVE-2006-4128 (Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec ...)
+CVE-2006-4128
 	NOT-FOR-US: Symantec VERITAS
-CVE-2006-4127 (Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and ...)
+CVE-2006-4127
 	NOT-FOR-US: DConnect Daemon (dcd)
-CVE-2006-4126 (The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier ...)
+CVE-2006-4126
 	NOT-FOR-US: DConnect Daemon (dcd)
-CVE-2006-4125 (Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and ...)
+CVE-2006-4125
 	NOT-FOR-US: DConnect Daemon (dcd)
-CVE-2006-4124 (The libXm library in LessTif 0.95.0 and earlier allows local users to ...)
+CVE-2006-4124
 	- lesstif2 1:0.94.4-1 (bug #382411; medium)
-CVE-2006-4123 (PHP remote file inclusion vulnerability in boitenews4/index.php in ...)
+CVE-2006-4123
 	NOT-FOR-US: Boite de News
-CVE-2006-4122 (Simple one-file guestbook 1.0 and earlier allows remote attackers to ...)
+CVE-2006-4122
 	NOT-FOR-US: Simple one-file guestbook
-CVE-2006-4121 (PHP remote file inclusion vulnerability in owimg.php3 in See-Commerce ...)
+CVE-2006-4121
 	NOT-FOR-US: See-Commerce
-CVE-2006-4120 (Cross-site scripting (XSS) vulnerability in the Recipe module ...)
+CVE-2006-4120
 	NOT-FOR-US: Recipe module (recipe.module) for Drupal
-CVE-2006-4119 (SQL injection vulnerability in gc.php in GeheimChaos 0.5 and earlier ...)
+CVE-2006-4119
 	NOT-FOR-US: GeheimChaos
-CVE-2006-4118 (Multiple SQL injection vulnerabilities in GeheimChaos 0.5 and earlier ...)
+CVE-2006-4118
 	NOT-FOR-US: GeheimChaos
-CVE-2006-4117 (The squeue_drain function in Sun Solaris 10, possibly only when run on ...)
+CVE-2006-4117
 	NOT-FOR-US: Solaris
-CVE-2006-4116 (Multiple stack-based buffer overflows in Lhaz before 1.32 allow ...)
+CVE-2006-4116
 	NOT-FOR-US: Lhaz
-CVE-2006-4115 (PHP remote file inclusion vulnerability in common.inc.php in PgMarket ...)
+CVE-2006-4115
 	NOT-FOR-US: PgMarket
-CVE-2006-4114 (SQL injection vulnerability in view_com.php in Nicolas Grandjean ...)
+CVE-2006-4114
 	NOT-FOR-US: PHPMyRing
-CVE-2006-4113 (PHP remote file inclusion vulnerability in genpage-cgi.php in Brian ...)
+CVE-2006-4113
 	NOT-FOR-US: hitweb
-CVE-2006-4112 (Unspecified vulnerability in the &quot;dependency resolution mechanism&quot; in ...)
+CVE-2006-4112
 	- rails 1.1.6-1 (bug #382255; medium)
-CVE-2006-4111 (Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby ...)
+CVE-2006-4111
 	- rails 1.1.5-1 (bug #382255; medium)
-CVE-2006-4110 (Apache 2.2.2, when running on Windows, allows remote attackers to read ...)
+CVE-2006-4110
 	- apache2 <not-affected> (Affects Apache on Windows only)
-CVE-2006-4109 (Cross-site scripting (XSS) vulnerability in Bibliography ...)
+CVE-2006-4109
 	NOT-FOR-US: Bibliography (biblio.module) for Drupal
-CVE-2006-4108 (SQL injection vulnerability in Bibliography (biblio.module) 4.6 before ...)
+CVE-2006-4108
 	NOT-FOR-US: Bibliography (biblio.module) for Drupal
-CVE-2006-4107 (SQL injection vulnerability in the Job Search module (job.module) 4.6 ...)
+CVE-2006-4107
 	NOT-FOR-US: Job Search module (job.module) for Drupal
-CVE-2006-4106 (Cross-site scripting (XSS) vulnerability in blursoft blur6ex 0.3 ...)
+CVE-2006-4106
 	NOT-FOR-US: blur6ex
-CVE-2006-4105 (Cross-site scripting (XSS) vulnerability in Fill Threads Database ...)
+CVE-2006-4105
 	NOT-FOR-US: Fill Threads Database
-CVE-2006-4104 (Cross-site scripting (XSS) vulnerability in admin.cgi in ...)
+CVE-2006-4104
 	NOT-FOR-US: mojoGallery
-CVE-2006-4103 (PHP remote file inclusion vulnerability in article-raw.php in Jason ...)
+CVE-2006-4103
 	NOT-FOR-US: phNNTP
-CVE-2006-4102 (PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme ...)
+CVE-2006-4102
 	NOT-FOR-US: SQLiteWebAdmin
 CVE-2006-4101
 	RESERVED
 CVE-2006-4100
 	RESERVED
-CVE-2006-4099 (Business Objects Crystal Enterprise 9 and 10 generates predictable ...)
+CVE-2006-4099
 	NOT-FOR-US: Business Objects
-CVE-2006-4098 (Stack-based buffer overflow in the CSRadius service in Cisco Secure Access ...)
+CVE-2006-4098
 	NOT-FOR-US: Cisco
-CVE-2006-4097 (Multiple unspecified vulnerabilities in the CSRadius service in Cisco ...)
+CVE-2006-4097
 	NOT-FOR-US: Cisco
-CVE-2006-4096 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to ...)
+CVE-2006-4096
 	{DSA-1172-1}
 	- bind <not-affected> (Not vulnerable according to CERT advisory)
 	- bind9 1:9.3.2-P1-1 (medium; bug #386245; bug #386237)
-CVE-2006-4095 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers ...)
+CVE-2006-4095
 	{DSA-1172-1}
 	- bind <not-affected> (Not vulnerable according to CERT advisory)
 	- bind9 1:9.3.2-P1-1 (medium; bug #386245; bug #386237)
 CVE-2006-4094
 	RESERVED
-CVE-2006-4093 (Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on ...)
+CVE-2006-4093
 	{DSA-1184-2 DSA-1237}
 	- linux-2.6 2.6.17-7
-CVE-2006-4092 (Simpliciti Locked Browser does not properly limit a user's actions to ...)
+CVE-2006-4092
 	NOT-FOR-US: Simpliciti Locked Browser
-CVE-2006-4091 (Multiple cross-site scripting (XSS) vulnerabilities in Archangel ...)
+CVE-2006-4091
 	NOT-FOR-US: Archangel Weblog
-CVE-2006-4090 (Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 ...)
+CVE-2006-4090
 	NOT-FOR-US: Webligo BlogHoster
-CVE-2006-4089 (Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and ...)
+CVE-2006-4089
 	{DSA-1179-1}
 	- alsaplayer 0.99.76-9 (medium; bug #382842)
-CVE-2006-4088 (Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace ...)
+CVE-2006-4088
 	NOT-FOR-US: CivicSpace
-CVE-2006-4087 (Cross-site scripting (XSS) vulnerability in admin.cgi in ...)
+CVE-2006-4087
 	NOT-FOR-US: mojoGallery
-CVE-2006-4086 (Cross-site scripting (XSS) vulnerability in index.php in Elaine Aquino ...)
+CVE-2006-4086
 	NOT-FOR-US: Online Zone Journals (OZJournals)
-CVE-2006-4085 (PHP remote file inclusion vulnerability in Olaf Noehring The Search ...)
+CVE-2006-4085
 	NOT-FOR-US: The Search Engine Project (TSEP)
-CVE-2006-4084 (Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 ...)
+CVE-2006-4084
 	NOT-FOR-US: phpAutoMembersArea (phpAMA)
-CVE-2006-4083 (PHP remote file inclusion vulnerability in viewevent.php in myWebland ...)
+CVE-2006-4083
 	NOT-FOR-US: myEvent
-CVE-2006-4082 (Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a ...)
+CVE-2006-4082
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-4081 (preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through ...)
+CVE-2006-4081
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-4080 (DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 ...)
+CVE-2006-4080
 	NOT-FOR-US: DeluxeBB
-CVE-2006-4079 (Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB ...)
+CVE-2006-4079
 	NOT-FOR-US: DeluxeBB
-CVE-2006-4078 (pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, ...)
+CVE-2006-4078
 	NOT-FOR-US: DeluxeBB
-CVE-2006-4077 (PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo ...)
+CVE-2006-4077
 	NOT-FOR-US: Comet WebFileManager
-CVE-2006-4076 (Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer ...)
+CVE-2006-4076
 	NOT-FOR-US: docpile: wim's edition
-CVE-2006-4075 (Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer ...)
+CVE-2006-4075
 	NOT-FOR-US: docpile: wim's edition
-CVE-2006-4074 (PHP remote file inclusion vulnerability in lib/tpl/default/main.php in ...)
+CVE-2006-4074
 	NOT-FOR-US: JD-Wiki Component (com_jd-wiki) for Joomla!
-CVE-2006-4073 (Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz ...)
+CVE-2006-4073
 	NOT-FOR-US: phpCC
-CVE-2006-4072 (Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 ...)
+CVE-2006-4072
 	NOT-FOR-US: Club-Nuke [XP]
-CVE-2006-4144 (Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick ...)
+CVE-2006-4144
 	{DSA-1213}
 	- imagemagick 7:6.2.4.5.dfsg1-0.10 (medium; bug #383314)
 	- graphicsmagick 1.1.7-7 (medium; bug #383333)
@@ -7090,100 +7090,100 @@ CVE-2006-XXXX [crash in the certificate verification logic]
 	- gnutls12 1.2.11-3 (unimportant)
 	- gnutls13 1.4.2-1 (unimportant)
 	NOTE: Normal bug, no reliable denial of service potential
-CVE-2006-4071 (Sign extension vulnerability in the createBrushIndirect function in ...)
+CVE-2006-4071
 	NOT-FOR-US: Microsoft
-CVE-2006-4070 (Format string vulnerability in Imendio Planner 0.13 allows ...)
+CVE-2006-4070
 	NOT-FOR-US: Imendio Planner
-CVE-2006-4069 (Multiple cross-site scripting (XSS) vulnerabilities in Elaine Aquino ...)
+CVE-2006-4069
 	NOT-FOR-US: Online Zone Journals (OZJournals)
-CVE-2006-4068 (The pswd.js script relies on the client to calculate whether a ...)
+CVE-2006-4068
 	NOT-FOR-US: pswd.js
-CVE-2006-4067 (Cross-site scripting (XSS) vulnerability in cake/libs/error.php in ...)
+CVE-2006-4067
 	- cakephp 1.1.13.4450-1
-CVE-2006-4066 (The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft ...)
+CVE-2006-4066
 	NOT-FOR-US: Microsoft
-CVE-2006-4065 (Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko ...)
+CVE-2006-4065
 	NOT-FOR-US: SAPID Gallery
-CVE-2006-4064 (SQL injection vulnerability in default.asp in YenerTurk Haber Script ...)
+CVE-2006-4064
 	NOT-FOR-US: YenerTurk Haber Script
-CVE-2006-4063 (Multiple PHP remote file inclusion vulnerabilities in Csaba Godor ...)
+CVE-2006-4063
 	NOT-FOR-US: SAPID Blog
-CVE-2006-4062 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4062
 	NOT-FOR-US: SAPID Shop
-CVE-2006-4061 (** DISPUTED ** ...)
+CVE-2006-4061
 	NOT-FOR-US: phpPrintAnalyzer
-CVE-2006-4060 (PHP remote file inclusion vulnerability in calendar.php in Visual ...)
+CVE-2006-4060
 	NOT-FOR-US: Visual Events Calendar
-CVE-2006-4059 (Multiple PHP remote file inclusion vulnerabilities in USOLVED ...)
+CVE-2006-4059
 	NOT-FOR-US: USOLVED NEWSolved Lite
-CVE-2006-4058 (Cross-site scripting (XSS) vulnerability in archive.php in Simplog ...)
+CVE-2006-4058
 	NOT-FOR-US: Simplog
-CVE-2006-4057 (Buffer overflow in the preview_create function in gui.cpp in Mitch ...)
+CVE-2006-4057
 	NOT-FOR-US: Eremove
-CVE-2006-4056 (Multiple SQL injection vulnerabilities in the authentication process ...)
+CVE-2006-4056
 	NOT-FOR-US: katzlbt The Address Book
-CVE-2006-4055 (Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring ...)
+CVE-2006-4055
 	NOT-FOR-US: The Search Engine Project (TSEP)
-CVE-2006-4054 (Multiple PHP remote file inclusion vulnerabilities in ME Download ...)
+CVE-2006-4054
 	NOT-FOR-US: ME Download System
-CVE-2006-4053 (PHP remote file inclusion vulnerability in templates/header.php in ME ...)
+CVE-2006-4053
 	NOT-FOR-US: ME Download System
-CVE-2006-4052 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web ...)
+CVE-2006-4052
 	NOT-FOR-US: Turnkey Web Tools PHP Simple Shop
-CVE-2006-4051 (PHP remote file inclusion vulnerability in global.php in Turnkey Web ...)
+CVE-2006-4051
 	NOT-FOR-US: Turnkey Web Tools PHP Live Helper
-CVE-2006-4050 (PHP remote file inclusion vulnerability in auto_check_renewals.php in ...)
+CVE-2006-4050
 	NOT-FOR-US: phpAutoMembersArea (phpAMA)
-CVE-2006-4049 (Unspecified vulnerability in the utxconfig utility in Sun Ray Server ...)
+CVE-2006-4049
 	NOT-FOR-US: Sun
-CVE-2006-4048 (Netious CMS 0.4 initializes session IDs based on the client IP ...)
+CVE-2006-4048
 	NOT-FOR-US: Netious CMS
-CVE-2006-4047 (SQL injection vulnerability in index.php in Netious CMS 0.4 and ...)
+CVE-2006-4047
 	NOT-FOR-US: Netious CMS
-CVE-2006-4045 (PHP remote file inclusion vulnerability in news.php in Torbstoff News ...)
+CVE-2006-4045
 	NOT-FOR-US: Torbstoff News
-CVE-2006-4044 (PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad ...)
+CVE-2006-4044
 	NOT-FOR-US: phpCodeCabinet
-CVE-2006-4043 (index.php in myWebland myBloggie 2.1.4 and earlier allows remote ...)
+CVE-2006-4043
 	NOT-FOR-US: myWebland myBloggie
-CVE-2006-4042 (Multiple SQL injection vulnerabilities in trackback.php in myWebland ...)
+CVE-2006-4042
 	NOT-FOR-US: myWebland myBloggie
-CVE-2006-4041 (SQL injection vulnerability in Pike before 7.6.86, when using a ...)
+CVE-2006-4041
 	- pike7.6 7.6.86-1
 	[sarge] - pike7.6 <unfixed> (unimportant; bug #382607; bug #383766)
 	[sarge] - pike7.2 <unfixed> (unimportant; bug #382607; bug #383766)
 	NOTE: No applications using pike+postgres in Sarge, fix provides
 	NOTE: new functions for proper quoting
-CVE-2006-4040 (PHP remote file inclusion vulnerability in myevent.php in myWebland ...)
+CVE-2006-4040
 	NOT-FOR-US: myWebland myEvent
-CVE-2006-4039 (Multiple SQL injection vulnerabilities in eintragen.php in GaesteChaos ...)
+CVE-2006-4039
 	NOT-FOR-US: GaesteChaos
-CVE-2006-4038 (Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php ...)
+CVE-2006-4038
 	NOT-FOR-US: GaesteChaos
-CVE-2006-4037 (Unspecified vulnerability in Fenestrae Faxination Server allows remote ...)
+CVE-2006-4037
 	NOT-FOR-US: Fenestrae Faxination Server
-CVE-2006-4036 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4036
 	NOT-FOR-US: ZoneX Publishers
-CVE-2006-4035 (SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c ...)
+CVE-2006-4035
 	NOT-FOR-US: CounterChaos
-CVE-2006-4034 (PHP remote file inclusion vulnerability in include/html/config.php in ...)
+CVE-2006-4034
 	NOT-FOR-US: ModernGigabyte ModernBill
-CVE-2006-4033 (Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and ...)
+CVE-2006-4033
 	NOT-FOR-US: Lhaplus
-CVE-2006-4032 (Unspecified vulnerability in Cisco IOS CallManager Express (CME) ...)
+CVE-2006-4032
 	NOT-FOR-US: Cisco
-CVE-2006-4031 (MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to ...)
+CVE-2006-4031
 	- mysql-dfsg-5.0 5.0.24-1 (bug #382415; low)
 	- mysql-dfsg <removed> (bug #380271; low)
 	[sarge] - mysql-dfsg-4.1 <no-dsa> (Now documented design error, no real fix feasible)
 	[sarge] - mysql-dfsg <no-dsa> (Now documented design error, no real fix feasible)
-CVE-2006-4030 (Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and ...)
+CVE-2006-4030
 	{DSA-1148-1}
 	- gallery 1.5.3-1
 	- gallery2 <not-affected> (vulnerable code not present)
-CVE-2006-4029 (Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and 1.38.1 ...)
+CVE-2006-4029
 	NOT-FOR-US: AGEphone
-CVE-2006-4028 (Multiple unspecified vulnerabilities in WordPress before 2.0.4 have ...)
+CVE-2006-4028
 	- wordpress 2.0.4-1
 CVE-2006-4027
 	RESERVED
@@ -7191,13 +7191,13 @@ CVE-2006-XXXX [realtime-lsm-source: wrong permissions might lead to local root]
 	- realtime-lsm 0.8.7-2 (bug #382161; low)
 	[sarge] - realtime-lsm <not-affected>
 	NOTE: only to user 1017 or group 1001 and only while root is building the module
-CVE-2006-4026 (PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows ...)
+CVE-2006-4026
 	NOT-FOR-US: SAPID CMS
-CVE-2006-4025 (SQL injection vulnerability in profile.php in XennoBB 2.1.0 and ...)
+CVE-2006-4025
 	NOT-FOR-US: XennoBB
-CVE-2006-4024 (The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 through ...)
+CVE-2006-4024
 	- festalon <not-affected> (vuln. code introduced in 0.5.0)
-CVE-2006-4023 (The ip2long function in PHP 5.1.4 and earlier may incorrectly validate ...)
+CVE-2006-4023
 	- php5 <removed> (unimportant; bug #382257)
 	- php4 <removed> (unimportant; bug #382270)
 	NOTE: Not every lack of protection of programmer's flaws is a vulnerability
@@ -7207,325 +7207,325 @@ CVE-2006-4023 (The ip2long function in PHP 5.1.4 and earlier may incorrectly val
 	NOTE: > and i tend to agree based on the php.net documentation, which
 	NOTE: > states: "ip2long() should not be used as the sole form of IP
 	NOTE: > validation. Combine it with long2ip()".
-CVE-2006-4022 (Intel 2100 PRO/Wireless Network Connection driver PROSet before ...)
+CVE-2006-4022
 	NOT-FOR-US: Intel Windows driver
-CVE-2006-4021 (The cryptographic module in ScatterChat 1.0.x allows attackers to ...)
+CVE-2006-4021
 	NOT-FOR-US: ScatterChat
-CVE-2006-4020 (scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows ...)
+CVE-2006-4020
 	- php5 5.1.6-1 (unimportant; bug #382256; bug #382262)
 	- php4 4:4.4.4-1 (unimportant; bug #382261)
 	NOTE: Only exploitable by malicious, local user
-CVE-2006-4019 (Dynamic variable evaluation vulnerability in compose.php in ...)
+CVE-2006-4019
 	{DSA-1154}
 	- squirrelmail 2:1.4.8-1 (bug #382621)
-CVE-2006-4018 (Heap-based buffer overflow in the pefromupx function in ...)
+CVE-2006-4018
 	{DSA-1153}
 	- clamav 0.88.4-1 (high; bug #382004; bug #382007)
-CVE-2006-4017 (Cross-site scripting (XSS) vulnerability in the search module in Inter ...)
+CVE-2006-4017
 	NOT-FOR-US: Inter Network Marketing (INM) CMS G3
-CVE-2006-4016 (Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS ...)
+CVE-2006-4016
 	NOT-FOR-US: toendaCMS
-CVE-2006-4015 (Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with ...)
+CVE-2006-4015
 	NOT-FOR-US: Hewlett-Packard
-CVE-2006-4014 (Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control ...)
+CVE-2006-4014
 	NOT-FOR-US: Symantec
-CVE-2006-4013 (Multiple directory traversal vulnerabilities in Symantec Brightmail ...)
+CVE-2006-4013
 	NOT-FOR-US: Symantec
-CVE-2006-4012 (Multiple PHP remote file inclusion vulnerabilities in circeOS SaveWeb ...)
+CVE-2006-4012
 	NOT-FOR-US: circeOS SaveWeb
-CVE-2006-4011 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4011
 	NOT-FOR-US: Kayako eSupport
-CVE-2006-4010 (SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and ...)
+CVE-2006-4010
 	NOT-FOR-US: Virtual War
-CVE-2006-4009 (Cross-site scripting (XSS) vulnerability in war.php in Virtual War ...)
+CVE-2006-4009
 	NOT-FOR-US: Virtual War
-CVE-2006-4008 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
+CVE-2006-4008
 	NOT-FOR-US: Knusperleicht Guestbook
-CVE-2006-4007 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
+CVE-2006-4007
 	NOT-FOR-US: Knusperleicht Faq
-CVE-2006-4006 (The do_gameinfo function in BomberClone 0.11.6 and earlier, and ...)
+CVE-2006-4006
 	{DSA-1180-1}
 	- bomberclone 0.11.7-1 (bug #382082; medium)
-CVE-2006-4005 (BomberClone 0.11.6 and earlier allows remote attackers to cause a ...)
+CVE-2006-4005
 	{DSA-1180-1}
 	- bomberclone 0.11.7-1 (bug #382082; medium)
-CVE-2006-4004 (Directory traversal vulnerability in index.php in vbPortal 3.0.2 ...)
+CVE-2006-4004
 	NOT-FOR-US: vbPortal
-CVE-2006-4003 (The config method in Henrik Storner Hobbit monitor before 4.1.2p2 ...)
+CVE-2006-4003
 	NOT-FOR-US: Henrik Storner Hobbit monitor
-CVE-2006-4002 (Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 ...)
+CVE-2006-4002
 	{DSA-1147-1}
 	- drupal 4.5.8-2 (bug #382087; medium)
-CVE-2006-4001 (Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through ...)
+CVE-2006-4001
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-4000 (Directory traversal vulnerability in cgi-bin/preview_email.cgi in ...)
+CVE-2006-4000
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-3999 (ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier ...)
+CVE-2006-3999
 	NOT-FOR-US: ISS BlackICE
-CVE-2006-3998 (PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka ...)
+CVE-2006-3998
 	NOT-FOR-US: WoWRoster
-CVE-2006-3997 (PHP remote file inclusion vulnerability in hsList.php in WoWRoster ...)
+CVE-2006-3997
 	NOT-FOR-US: WoWRoster
-CVE-2006-3996 (SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and ...)
+CVE-2006-3996
 	NOT-FOR-US: ATutor
-CVE-2006-3995 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
+CVE-2006-3995
 	NOT-FOR-US: UHP (User Home Pages) 0.5 component (aka com_uhp) for Mambo
-CVE-2006-3994 (SQL injection vulnerability in the u2u_send_recp function in ...)
+CVE-2006-3994
 	NOT-FOR-US: XMB (aka extreme message board)
-CVE-2006-3993 (PHP remote file inclusion vulnerability in copyright.php in Olaf ...)
+CVE-2006-3993
 	NOT-FOR-US: The Search Engine Project
-CVE-2006-3992 (Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) ...)
+CVE-2006-3992
 	NOT-FOR-US: Intel
-CVE-2006-3991 (PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh ...)
+CVE-2006-3991
 	NOT-FOR-US: Voodoo chat
-CVE-2006-3990 (Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones ...)
+CVE-2006-3990
 	- egroupware <not-affected>
 	NOTE: According to upstream egroupware is not affected, see #382207
-CVE-2006-3989 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
+CVE-2006-3989
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3988 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
+CVE-2006-3988
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3987 (Multiple PHP remote file inclusion vulnerabilities in index.php in ...)
+CVE-2006-3987
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3986 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
+CVE-2006-3986
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3985 (Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware ...)
+CVE-2006-3985
 	NOT-FOR-US: ConeXware
-CVE-2006-3984 (PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in ...)
+CVE-2006-3984
 	NOT-FOR-US: Phpauction
-CVE-2006-3983 (PHP remote file inclusion vulnerability in editprofile.php in ...)
+CVE-2006-3983
 	NOT-FOR-US: php(Reactor)
-CVE-2006-3982 (PHP remote file inclusion vulnerability in quickie.php in ...)
+CVE-2006-3982
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3981 (PHP remote file inclusion vulnerability in about.mgm.php in Mambo ...)
+CVE-2006-3981
 	NOT-FOR-US: Mambo Gallery Manager for Mambo
-CVE-2006-3980 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3980
 	NOT-FOR-US: Mambo Gallery Manager for Mambo
-CVE-2006-3979 (The AdminAPI of ColdFusion MX 7 allows attackers to bypass ...)
+CVE-2006-3979
 	NOT-FOR-US: ColdFusion MX
-CVE-2006-3978 (Unspecified vulnerability in a Verity third party library, as used on ...)
+CVE-2006-3978
 	NOT-FOR-US: Adobe ColdFusion MX
-CVE-2006-3977 (Unspecified vulnerability in CA eTrust Antivirus WebScan before ...)
+CVE-2006-3977
 	NOT-FOR-US: CA eTrust Antivirus WebScan
-CVE-2006-3976 (Unspecified vulnerability in CA eTrust Antivirus WebScan before ...)
+CVE-2006-3976
 	NOT-FOR-US: CA eTrust Antivirus WebScan
-CVE-2006-3975 (Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote ...)
+CVE-2006-3975
 	NOT-FOR-US: CA eTrust Antivirus WebScan
-CVE-2006-3974 (Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com ...)
+CVE-2006-3974
 	NOT-FOR-US: 3Com
-CVE-2006-3973 (My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is ...)
+CVE-2006-3973
 	NOT-FOR-US: My Firewall Plus
-CVE-2006-3972 (Directory traversal vulnerability in ...)
+CVE-2006-3972
 	NOT-FOR-US: Ajax Chat
-CVE-2006-3971 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-3971
 	NOT-FOR-US: Ajax Chat
 CVE-2006-XXXX [Buffer overflow in XML::Parser::Expat triggered by utf8]
 	- libxml-parser-perl 2.34-4.2 (bug #378411; medium)
 CVE-2006-XXXX [Buffer overflow in XML::Parser::Expat triggered by deep nesting]
 	- libxml-parser-perl 2.34-4.1 (bug #378412; medium)
-CVE-2006-3970 (PHP remote file inclusion vulnerability in lmo.php in the LMO ...)
+CVE-2006-3970
 	NOT-FOR-US: LMO for joomla
-CVE-2006-3969 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3969
 	NOT-FOR-US: Colophon for joomla
-CVE-2006-3968 (The crypto provider in Sun Solaris 10 3/05 HW2 without patch ...)
+CVE-2006-3968
 	NOT-FOR-US: Solaris
-CVE-2006-3967 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3967
 	NOT-FOR-US: moskool
-CVE-2006-3966 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3966
 	NOT-FOR-US: MyNewsGroups
-CVE-2006-3965 (Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web ...)
+CVE-2006-3965
 	NOT-FOR-US: Banex PHP MySQL Banner Exchange
-CVE-2006-3964 (PHP remote file inclusion vulnerability in members.php in Banex PHP ...)
+CVE-2006-3964
 	NOT-FOR-US: Banex PHP MySQL Banner Exchange
-CVE-2006-3963 (Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner ...)
+CVE-2006-3963
 	NOT-FOR-US: Banex PHP MySQL Banner Exchange
-CVE-2006-3962 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3962
 	NOT-FOR-US: com_bayesiannaivefilter for mambo
-CVE-2006-3961 (Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee ...)
+CVE-2006-3961
 	NOT-FOR-US: McAfee
-CVE-2006-3960 (SQL injection vulnerability in top.php in X-Scripts X-Poll, probably ...)
+CVE-2006-3960
 	NOT-FOR-US: X-Scripts X-Poll
-CVE-2006-3959 (SQL injection vulnerability in protect.php in X-Scripts X-Protection ...)
+CVE-2006-3959
 	NOT-FOR-US: X-Scripts X-Protection
-CVE-2006-3958 (Multiple unspecified cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-3958
 	NOT-FOR-US: Taskjitsu
-CVE-2006-3957 (PHP remote file inclusion vulnerability in payment.php in BosDev ...)
+CVE-2006-3957
 	NOT-FOR-US: BosDates
-CVE-2006-3956 (Multiple cross-site scripting (XSS) vulnerabilities in contact.php in ...)
+CVE-2006-3956
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2006-3955 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...)
+CVE-2006-3955
 	NOT-FOR-US: MiniBB Forum
-CVE-2006-3954 (Directory traversal vulnerability in usercp.php in MyBB (aka ...)
+CVE-2006-3954
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3953 (Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka ...)
+CVE-2006-3953
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3952 (Stack-based buffer overflow in EFS Software Easy File Sharing FTP ...)
+CVE-2006-3952
 	NOT-FOR-US: EFS Software Easy File Sharing FTP
-CVE-2006-3951 (PHP remote file inclusion vulnerability in moodle.php in Mam-moodle ...)
+CVE-2006-3951
 	NOT-FOR-US: Mam-moodle alpha component (com_moodle) for Mambo
-CVE-2006-3950 (SQL injection vulnerability in x-statistics.php in X-Scripts ...)
+CVE-2006-3950
 	NOT-FOR-US: X-Statistics
-CVE-2006-3949 (PHP remote file inclusion vulnerability in artlinks.dispnew.php in the ...)
+CVE-2006-3949
 	NOT-FOR-US: com_artlinks for Mambo
-CVE-2006-3948 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...)
+CVE-2006-3948
 	NOT-FOR-US: php-nuke
-CVE-2006-3947 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3947
 	NOT-FOR-US: Mambatstaff
-CVE-2006-3946 (WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote ...)
+CVE-2006-3946
 	NOT-FOR-US: Apple Safari 2.0.4
 	NOTE: konqueror 3.5.x is not affected
 	NOTE: PoC http://web.archive.org/web/20130701013045/http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html
-CVE-2006-3945 (The CSS functionality in Opera 9 on Windows XP SP2 allows remote ...)
+CVE-2006-3945
 	NOT-FOR-US: Opera
-CVE-2006-3944 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
+CVE-2006-3944
 	NOT-FOR-US: Microsoft
-CVE-2006-3943 (Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet ...)
+CVE-2006-3943
 	NOT-FOR-US: Microsoft
-CVE-2006-3942 (The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and ...)
+CVE-2006-3942
 	NOT-FOR-US: Microsoft
-CVE-2006-3941 (Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 ...)
+CVE-2006-3941
 	NOT-FOR-US: N1 Grid Engine
-CVE-2006-3940 (Multiple SQL injection vulnerabilities in phpbb-Auction allow remote ...)
+CVE-2006-3940
 	NOT-FOR-US: phpbb-Auction
-CVE-2006-3939 (ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform ...)
+CVE-2006-3939
 	NOT-FOR-US: ScriptsCenter ezUpload Pro
-CVE-2006-3938 (DotClear allows remote attackers to obtain sensitive information via a ...)
+CVE-2006-3938
 	NOT-FOR-US: DotClear
-CVE-2006-3937 (post.php in x_atrix xGuestBook 1.02 allows remote attackers to obtain ...)
+CVE-2006-3937
 	NOT-FOR-US: x_atrix xGuestBook
-CVE-2006-3936 (system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 ...)
+CVE-2006-3936
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-3935 (system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before ...)
+CVE-2006-3935
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-3934 (Absolute path traversal vulnerability in downloadTrigger.jsp in ...)
+CVE-2006-3934
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-3933 (Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before ...)
+CVE-2006-3933
 	NOT-FOR-US: OpenCms
-CVE-2006-3932 (SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 ...)
+CVE-2006-3932
 	NOT-FOR-US: LinksCaffe
-CVE-2006-3931 (Buffer overflow in the daemon function in midirecord.cc in Tuomas ...)
+CVE-2006-3931
 	NOT-FOR-US: Midirecord
-CVE-2006-3930 (PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php ...)
+CVE-2006-3930
 	NOT-FOR-US: a6mambohelpdesk Mambo Component 18RC1
-CVE-2006-3929 (Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin ...)
+CVE-2006-3929
 	NOT-FOR-US: Zyxel
-CVE-2006-3928 (PHP remote file inclusion vulnerability in index.php in WMNews 0.2a ...)
+CVE-2006-3928
 	NOT-FOR-US: WMNews
-CVE-2006-3927 (Cross-site scripting (XSS) vulnerability in auctionsearch.php in ...)
+CVE-2006-3927
 	NOT-FOR-US: PhpProBid
-CVE-2006-3926 (Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote ...)
+CVE-2006-3926
 	NOT-FOR-US: PhpProBid
-CVE-2006-3925 (Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control ...)
+CVE-2006-3925
 	NOT-FOR-US: ITIRecorder.MicRecorder ActiveX control
-CVE-2006-3924 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before ...)
+CVE-2006-3924
 	NOT-FOR-US: Dokeos
-CVE-2006-3923 (Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse ...)
+CVE-2006-3923
 	NOT-FOR-US: Fire-Mouse Toplist
-CVE-2006-3922 (PHP remote file inclusion vulnerability in mod_membre/inscription.php ...)
+CVE-2006-3922
 	NOT-FOR-US: PortailPHP
-CVE-2006-3921 (Sun Java System Application Server (SJSAS) 7 through 8.1 and Web ...)
+CVE-2006-3921
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2006-3920 (The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 ...)
+CVE-2006-3920
 	NOT-FOR-US: Sun Solaris
-CVE-2006-3919 (SQL injection vulnerability in index.php in SD Studio CMS allows ...)
+CVE-2006-3919
 	NOT-FOR-US: SD Studio CMS
-CVE-2006-3918 (http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 ...)
+CVE-2006-3918
 	{DSA-1167-1}
 	- apache2 2.0.55-4.1 (bug #381376; low)
 	[sarge] - apache2 2.0.54-5sarge2
 	- apache 1.3.34-3 (bug #381381; medium)
-CVE-2006-3917 (PHP remote file inclusion vulnerability in inc/gabarits.php in R. ...)
+CVE-2006-3917
 	NOT-FOR-US: PHP Forge
-CVE-2006-3916 (Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka ...)
+CVE-2006-3916
 	NOT-FOR-US: Solucija News
-CVE-2006-3915 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
+CVE-2006-3915
 	NOT-FOR-US: Microsoft
-CVE-2006-3914 (Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite ...)
+CVE-2006-3914
 	NOT-FOR-US: Academic Suite
-CVE-2006-3913 (Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul ...)
+CVE-2006-3913
 	{DSA-1142-1}
 	- freeciv 2.0.8-3 (bug #381378; medium)
-CVE-2006-3912 (Stack-based buffer overflow in the SFX module in WinRAR before 3.60 ...)
+CVE-2006-3912
 	NOT-FOR-US: WinRAR
-CVE-2006-3911 (PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 ...)
+CVE-2006-3911
 	NOT-FOR-US: PHP Live
-CVE-2006-3910 (Internet Explorer 6 on Windows XP SP2, when Outlook is installed, ...)
+CVE-2006-3910
 	NOT-FOR-US: Microsoft
-CVE-2006-3909 (Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads ...)
+CVE-2006-3909
 	NOT-FOR-US: WWWthreads
-CVE-2006-3908 (Format string vulnerability in the flush_output function in ...)
+CVE-2006-3908
 	- gnelib 0.75+svn20091130-1
 	NOTE: issue was fixed back in 2006 but there hasn't been any
 	NOTE: release since 0.70 which is affected
-CVE-2006-3907 (Siemens SpeedStream 2624 allows remote attackers to cause a denial of ...)
+CVE-2006-3907
 	NOT-FOR-US: Siemens
-CVE-2006-3906 (Internet Key Exchange (IKE) version 1 protocol, as implemented on ...)
+CVE-2006-3906
 	NOT-FOR-US: Cisco
-CVE-2006-3905 (SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote ...)
+CVE-2006-3905
 	NOT-FOR-US: Webland MyBloggie
-CVE-2006-3904 (SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 ...)
+CVE-2006-3904
 	NOT-FOR-US: Etomite CMS
-CVE-2006-3903 (CRLF injection vulnerability in (1) index.php and (2) admin.php in ...)
+CVE-2006-3903
 	NOT-FOR-US: Webland MyBloggie
-CVE-2006-3902 (Cross-site scripting (XSS) vulnerability in index.php in phpFaber ...)
+CVE-2006-3902
 	NOT-FOR-US: phpFaber TopSites
-CVE-2006-3901 (Multiple stack-based buffer overflows in Tumbleweed Email Firewall ...)
+CVE-2006-3901
 	NOT-FOR-US: Tumbleweed Email Firewall
-CVE-2006-3900 (Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book ...)
+CVE-2006-3900
 	NOT-FOR-US: TP-Book
-CVE-2006-3899 (Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote ...)
+CVE-2006-3899
 	NOT-FOR-US: Microsoft
-CVE-2006-3898 (Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote ...)
+CVE-2006-3898
 	NOT-FOR-US: Microsoft
-CVE-2006-3897 (Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows ...)
+CVE-2006-3897
 	NOT-FOR-US: Microsoft
-CVE-2006-3896 (The NeoScale Systems CryptoStor 700 series appliance before 2.6 relies ...)
+CVE-2006-3896
 	NOT-FOR-US: NeoScale Systems CryptoStor
 CVE-2006-3895
 	RESERVED
-CVE-2006-3894 (The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used ...)
+CVE-2006-3894
 	NOT-FOR-US: RSA BSAFE
-CVE-2006-3893 (Multiple buffer overflows in the ActiveX controls in Newtone ImageKit ...)
+CVE-2006-3893
 	NOT-FOR-US: Newtone ImageKit
-CVE-2006-3892 (The Management Console server in EMC NetWorker (formerly Legato ...)
+CVE-2006-3892
 	NOT-FOR-US: EMC NetWorker
 CVE-2006-3891
 	RESERVED
-CVE-2006-3890 (Stack-based buffer overflow in the Sky Software FileView ActiveX ...)
+CVE-2006-3890
 	NOT-FOR-US: Sky Software FileView ActiveX
 CVE-2006-3889
 	RESERVED
-CVE-2006-3888 (Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader ...)
+CVE-2006-3888
 	NOT-FOR-US: AOL
-CVE-2006-3887 (Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX ...)
+CVE-2006-3887
 	NOT-FOR-US: AOL
-CVE-2006-3886 (SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier ...)
+CVE-2006-3886
 	NOT-FOR-US: Shalwan MusicBox
-CVE-2006-3885 (Directory traversal vulnerability in Check Point Firewall-1 R55W ...)
+CVE-2006-3885
 	NOT-FOR-US: Check Point Firewall-1
-CVE-2006-3884 (Multiple SQL injection vulnerabilities in links.php in Gonafish ...)
+CVE-2006-3884
 	NOT-FOR-US: Gonafish LinksCaffe
-CVE-2006-3883 (Multiple cross-site scripting (XSS) vulnerabilities in Gonafish ...)
+CVE-2006-3883
 	NOT-FOR-US: Gonafish LinksCaffe
-CVE-2006-3882 (Shalwan MusicBox 2.3.4 and earlier allows remote attackers to obtain ...)
+CVE-2006-3882
 	NOT-FOR-US: Shalwan MusicBox
-CVE-2006-3881 (Cross-site scripting (XSS) vulnerability in Shalwan MusicBox 2.3.4 and ...)
+CVE-2006-3881
 	NOT-FOR-US: Shalwan MusicBox
-CVE-2006-3880 (** DISPUTED ** ...)
+CVE-2006-3880
 	NOT-FOR-US: Zen Cart
-CVE-2006-3879 (Integer overflow in the loadChunk function in loaders/load_gt2.c in ...)
+CVE-2006-3879
 	- libmikmod <not-affected> (Debian's 3.1.1 version doesn't have GT2 support)
-CVE-2006-3878 (Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql ...)
+CVE-2006-3878
 	NOT-FOR-US: Opsware Network Automation System
-CVE-2006-3877 (Unspecified vulnerability in PowerPoint in Microsoft Office 2000, ...)
+CVE-2006-3877
 	NOT-FOR-US: Microsoft
-CVE-2006-3876 (Unspecified vulnerability in PowerPoint in Microsoft Office 2000, ...)
+CVE-2006-3876
 	NOT-FOR-US: Microsoft
-CVE-2006-3875 (Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 ...)
+CVE-2006-3875
 	NOT-FOR-US: Microsoft
 CVE-2006-3874
 	REJECTED
-CVE-2006-3873 (Heap-based buffer overflow in URLMON.DLL in Microsoft Internet ...)
+CVE-2006-3873
 	NOT-FOR-US: Microsoft
 CVE-2006-3872
 	REJECTED
@@ -7533,70 +7533,70 @@ CVE-2006-3871
 	REJECTED
 CVE-2006-3870
 	REJECTED
-CVE-2006-3869 (Heap-based buffer overflow in URLMON.DLL in Microsoft Internet ...)
+CVE-2006-3869
 	NOT-FOR-US: Microsoft
-CVE-2006-3868 (Unspecified vulnerability in Microsoft Office XP and 2003 allows ...)
+CVE-2006-3868
 	NOT-FOR-US: Microsoft
-CVE-2006-3867 (Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 ...)
+CVE-2006-3867
 	NOT-FOR-US: Microsoft
 CVE-2006-3866
 	REJECTED
 CVE-2006-3865
 	REJECTED
-CVE-2006-3864 (Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and ...)
+CVE-2006-3864
 	NOT-FOR-US: Microsoft
 CVE-2006-3863
 	REJECTED
-CVE-2006-3862 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through ...)
+CVE-2006-3862
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3861 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
+CVE-2006-3861
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3860 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
+CVE-2006-3860
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3859 (IBM Informix Dynamic Server (IDS) allows remote authenticated users to ...)
+CVE-2006-3859
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3858 (IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before ...)
+CVE-2006-3858
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3857 (Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before ...)
+CVE-2006-3857
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3856 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
+CVE-2006-3856
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3855 (The ifx_load_internal function in IBM Informix Dynamic Server (IDS) ...)
+CVE-2006-3855
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3854 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, ...)
+CVE-2006-3854
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3853 (Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 ...)
+CVE-2006-3853
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3852 (Cross-site scripting (XSS) vulnerability in index.php in Micro ...)
+CVE-2006-3852
 	NOT-FOR-US: Micro GuestBook
-CVE-2006-3851 (SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and ...)
+CVE-2006-3851
 	NOT-FOR-US: X7 Chat
-CVE-2006-3850 (** DISPUTED ** ...)
+CVE-2006-3850
 	NOT-FOR-US: Vanilla CMS
-CVE-2006-3849 (Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection ...)
+CVE-2006-3849
 	NOT-FOR-US: Warzone
-CVE-2006-3848 (Cross-site scripting (XSS) vulnerability in CGI wrapper for IP ...)
+CVE-2006-3848
 	- ipcalc 0.41-1 (bug #381469; low)
 	[sarge] - ipcalc <no-dsa> (No exploit potential)
-CVE-2006-3847 (PHP remote file inclusion vulnerability in (1) admin.php, and possibly ...)
+CVE-2006-3847
 	NOT-FOR-US: MoSpray
-CVE-2006-3846 (PHP remote file inclusion vulnerability in extadminmenus.class.php in ...)
+CVE-2006-3846
 	NOT-FOR-US: MultiBanners
-CVE-2006-3845 (Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 ...)
+CVE-2006-3845
 	NOT-FOR-US: WinRAR
-CVE-2006-3844 (Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote ...)
+CVE-2006-3844
 	NOT-FOR-US: Quick 'n Easy FTP Server
-CVE-2006-3843 (PHP remote file inclusion vulnerability in com_calendar.php in ...)
+CVE-2006-3843
 	NOT-FOR-US: Calendar Mambo Module
-CVE-2006-3842 (Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 ...)
+CVE-2006-3842
 	NOT-FOR-US: Zoho Virtual Office
-CVE-2006-3841 (Cross-site scripting (XSS) vulnerability in WebScarab before ...)
+CVE-2006-3841
 	NOT-FOR-US: WebScarab
-CVE-2006-3840 (The SMB Mailslot parsing functionality in PAM in multiple ISS products ...)
+CVE-2006-3840
 	NOT-FOR-US: various ISS products
 CVE-2006-3839
 	RESERVED
-CVE-2006-3838 (Multiple stack-based buffer overflows in eIQnetworks Enterprise ...)
+CVE-2006-3838
 	NOT-FOR-US: eIQnetworks Enterprise
 CVE-2006-XXXX [syslog-ng dos]
 	- syslog-ng 2.0rc1-2 (low)
@@ -7604,65 +7604,65 @@ CVE-2006-XXXX [syslog-ng dos]
 CVE-2006-XXXX [courier-authdaemon: wrong socket permissions may lead to password disclosure]
 	- courier-authlib 0.58-3.1 (bug #378571; medium)
 	[sarge] - courier-authlib <not-affected> (bug #378571; medium)
-CVE-2006-4046 (Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 ...)
+CVE-2006-4046
 	- ocp 0.1.10rc6-1 (medium; bug #381098)
 CVE-2006-XXXX [uqwk buffer overflow]
 	- uqwk 2.21-13 (bug #376577; low)
 	[sarge] - uqwk <no-dsa> (Minor issue)
-CVE-2006-3837 (delcookie.php in Professional Home Page Tools Guestbook changes the ...)
+CVE-2006-3837
 	NOT-FOR-US: Professional Home Page Tools Guestbook
-CVE-2006-3836 (Directory traversal vulnerability in index.php in UNIDOmedia Chameleon ...)
+CVE-2006-3836
 	NOT-FOR-US: UNIDOmedia Chameleon
-CVE-2006-3835 (Apache Tomcat 5 before 5.5.17 allows remote attackers to list ...)
+CVE-2006-3835
 	- tomcat5 <not-affected> (bug #380361; maintainter can't reproduce)
 	- tomcat5.5 <not-affected> (bug #380376; maintainer can't reproduce)
-CVE-2006-3834 (EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to ...)
+CVE-2006-3834
 	NOT-FOR-US: EJ3 TOPo
-CVE-2006-3833 (index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite ...)
+CVE-2006-3833
 	NOT-FOR-US: EJ3 TOPo
-CVE-2006-3832 (SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog ...)
+CVE-2006-3832
 	NOT-FOR-US: Gerrit van Aaken Loudblog
-CVE-2006-3831 (The Backup selection in Kailash Nadh boastMachine (formerly bMachine) ...)
+CVE-2006-3831
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3830 (The Languages selection in the admin interface in Kailash Nadh ...)
+CVE-2006-3830
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3829 (Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in ...)
+CVE-2006-3829
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3828 (Incomplete blacklist vulnerability in Kailash Nadh boastMachine ...)
+CVE-2006-3828
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3827 (SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in ...)
+CVE-2006-3827
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3826 (Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh ...)
+CVE-2006-3826
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3825 (The IPv4 implementation in Sun Solaris 10 before 20060721 allows local ...)
+CVE-2006-3825
 	NOT-FOR-US: Solaris
-CVE-2006-3824 (systeminfo.c for Sun Solaris allows local users to read kernel memory ...)
+CVE-2006-3824
 	NOT-FOR-US: Solaris
-CVE-2006-3823 (SQL injection vulnerability in index.php in GeodesicSolutions (1) ...)
+CVE-2006-3823
 	NOT-FOR-US: GeodesicSolutions GeoAuctions Premier and GeoClassifieds Basic
-CVE-2006-3822 (SQL injection vulnerability in index.php in GeodesicSolutions ...)
+CVE-2006-3822
 	NOT-FOR-US: GeodesicSolutions GeoAuctions
-CVE-2006-3821 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 ...)
+CVE-2006-3821
 	NOT-FOR-US: ATutor
-CVE-2006-3820 (Cross-site scripting (XSS) vulnerability in loudblog/index.php in ...)
+CVE-2006-3820
 	NOT-FOR-US: Loudblog
-CVE-2006-3819 (Eval injection vulnerability in the configure script in TWiki 4.0.0 ...)
+CVE-2006-3819
 	- twiki <not-affected> (only 4.0.x is affected)
-CVE-2006-3818 (Cross-site scripting (XSS) vulnerability in the login page in Novell ...)
+CVE-2006-3818
 	NOT-FOR-US: Novell GroupWise WebAccess
-CVE-2006-3817 (Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess ...)
+CVE-2006-3817
 	NOT-FOR-US: Novell GroupWise WebAccess
-CVE-2006-3816 (Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote ...)
+CVE-2006-3816
 	- krusader <not-affected> (bug #380063; file in directory with 0700 permissions)
-CVE-2006-3815 (heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a ...)
+CVE-2006-3815
 	{DSA-1128}
 	- heartbeat 1.2.4-13 (bug #379904; bug #380289)
-CVE-2006-3814 (Buffer overflow in the Loader_XM::load_instrument_internal function in ...)
+CVE-2006-3814
 	{DSA-1166}
 	- cheesetracker 0.9.9-6 (bug #380364; low)
-CVE-2006-3813 (A regression error in the Perl package for Red Hat Enterprise Linux 4 ...)
+CVE-2006-3813
 	NOT-FOR-US: Perl in Red Hat Enterprise Linux 4
-CVE-2006-3812 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and ...)
+CVE-2006-3812
 	NOTE: MFSA-2006-56
 	[sarge] - mozilla <not-affected>
 	- mozilla <removed> (medium)
@@ -7671,7 +7671,7 @@ CVE-2006-3812 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and .
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1 (unimportant)
 	[sarge] - mozilla-thunderbird <not-affected> (unimportant)
-CVE-2006-3811 (Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, ...)
+CVE-2006-3811
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-55
 	- mozilla <removed> (high)
@@ -7680,7 +7680,7 @@ CVE-2006-3811 (Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, ...)
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3810 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before ...)
+CVE-2006-3810
 	{DSA-1159}
 	NOTE: MFSA-2006-54
 	- mozilla <not-affected> (mozilla 1.7 not affected)
@@ -7688,7 +7688,7 @@ CVE-2006-3810 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 b
 	- mozilla-firefox <not-affected> (only firefox >= 1.5)
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
-CVE-2006-3809 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and ...)
+CVE-2006-3809
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-53
 	- mozilla <removed> (medium)
@@ -7697,7 +7697,7 @@ CVE-2006-3809 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and .
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3808 (Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows ...)
+CVE-2006-3808
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-52
 	- mozilla <removed> (medium)
@@ -7705,7 +7705,7 @@ CVE-2006-3808 (Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows
 	- mozilla-firefox <removed> (medium)
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1
-CVE-2006-3807 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and ...)
+CVE-2006-3807
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-51
 	- mozilla <removed> (high)
@@ -7714,7 +7714,7 @@ CVE-2006-3807 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and .
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3806 (Multiple integer overflows in the Javascript engine in Mozilla Firefox ...)
+CVE-2006-3806
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-50
 	- mozilla <removed> (high)
@@ -7723,7 +7723,7 @@ CVE-2006-3806 (Multiple integer overflows in the Javascript engine in Mozilla Fi
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3805 (The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird ...)
+CVE-2006-3805
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-50
 	- mozilla <removed> (high)
@@ -7732,14 +7732,14 @@ CVE-2006-3805 (The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderb
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3804 (Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and ...)
+CVE-2006-3804
 	NOTE: MFSA-2006-49
 	- mozilla-firefox <not-affected> (only firefox >= 1.5)
 	[sarge] - mozilla <not-affected> (mozilla 1.7 not affected)
 	- mozilla <removed> (high)
 	- thunderbird 1.5.0.5-1 (high)
 	- mozilla-thunderbird <not-affected> (high)
-CVE-2006-3803 (Race condition in the JavaScript garbage collection in Mozilla Firefox ...)
+CVE-2006-3803
 	NOTE: MFSA-2006-48
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (high)
@@ -7747,7 +7747,7 @@ CVE-2006-3803 (Race condition in the JavaScript garbage collection in Mozilla Fi
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3802 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and ...)
+CVE-2006-3802
 	NOTE: MFSA-2006-47
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (medium)
@@ -7755,7 +7755,7 @@ CVE-2006-3802 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and .
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3801 (Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not ...)
+CVE-2006-3801
 	NOTE: MFSA-2006-44
 	- mozilla-firefox <not-affected> (only firefox >= 1.5)
 	- mozilla-thunderbird <not-affected> (only firefox >= 1.5)
@@ -7763,144 +7763,144 @@ CVE-2006-3801 (Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 doe
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- xulrunner 1.8.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
-CVE-2006-3800 (Cross-site scripting (XSS) vulnerability in Amazing Flash AFCommerce ...)
+CVE-2006-3800
 	NOT-FOR-US: AFCommerce
-CVE-2006-3799 (DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL ...)
+CVE-2006-3799
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3798 (DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) ...)
+CVE-2006-3798
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3797 (SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote ...)
+CVE-2006-3797
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3796 (DeluxeBB 1.07 and earlier does not properly handle a username composed ...)
+CVE-2006-3796
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3795 (Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before ...)
+CVE-2006-3795
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3794 (** DISPUTED ** ...)
+CVE-2006-3794
 	NOT-FOR-US: AFCommerce
-CVE-2006-3793 (PHP remote file inclusion vulnerability in constants.php in SiteDepth ...)
+CVE-2006-3793
 	NOT-FOR-US: SiteDepth
-CVE-2006-3792 (SQL injection vulnerability in ServerClientUfo::recv_packet in ...)
+CVE-2006-3792
 	NOT-FOR-US: UFO2000
-CVE-2006-3791 (The decode_stringmap function in server_transport.cpp for UFO2000 svn ...)
+CVE-2006-3791
 	NOT-FOR-US: UFO2000
-CVE-2006-3790 (The decode_stringmap function in server_transport.cpp for UFO2000 svn ...)
+CVE-2006-3790
 	NOT-FOR-US: UFO2000
-CVE-2006-3789 (Multiple array index errors in the (1) recv_rules, (2) ...)
+CVE-2006-3789
 	NOT-FOR-US: UFO2000
-CVE-2006-3788 (Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow ...)
+CVE-2006-3788
 	NOT-FOR-US: UFO2000
-CVE-2006-3787 (kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 ...)
+CVE-2006-3787
 	NOT-FOR-US: Sunbelt Kerio Personal Firewall
-CVE-2006-3786 (Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka ...)
+CVE-2006-3786
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2006-3785 (Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox ...)
+CVE-2006-3785
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2006-3784 (Symantec pcAnywhere 12.5 uses weak default permissions for the ...)
+CVE-2006-3784
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2006-3783 (Sun Solaris 10 allows local users to cause a denial of service (panic) ...)
+CVE-2006-3783
 	NOT-FOR-US: Solaris
-CVE-2006-3782 (Unspecified vulnerability in the kernel debugger (kmdb) in Sun Solaris ...)
+CVE-2006-3782
 	NOT-FOR-US: Solaris
-CVE-2006-3781 (Unspecified vulnerability in Sun Solaris 10 allows context-dependent ...)
+CVE-2006-3781
 	NOT-FOR-US: Solaris
-CVE-2006-3780 (Keyifweb Keyif Portal 2.0 stores sensitive information under the web ...)
+CVE-2006-3780
 	NOT-FOR-US: Keyifweb Keyif Portal
-CVE-2006-3779 (Citrix MetaFrame up to XP 1.0 Feature 1, except when running on ...)
+CVE-2006-3779
 	NOT-FOR-US: Citrix
-CVE-2006-3778 (IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to ...)
+CVE-2006-3778
 	NOT-FOR-US: IBM
-CVE-2006-3777 (PHP remote file inclusion vulnerability in index.php in IDevSpot ...)
+CVE-2006-3777
 	NOT-FOR-US: IDevSpot PhpLinkExchange
-CVE-2006-3776 (PHP remote file inclusion vulnerability in order/index.php in IDevSpot ...)
+CVE-2006-3776
 	NOT-FOR-US: IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0
-CVE-2006-3775 (SQL injection vulnerability in the init function in class_session.php ...)
+CVE-2006-3775
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3774 (PHP remote file inclusion vulnerability in performs.php in the ...)
+CVE-2006-3774
 	NOT-FOR-US: perForms component (com_performs) for Joomla!
-CVE-2006-3773 (PHP remote file inclusion vulnerability in smf.php in the SMF-Forum ...)
+CVE-2006-3773
 	NOT-FOR-US: MF-Forum Bridge Component (com_smf) For Joomla! and Mambo
-CVE-2006-3772 (PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login ...)
+CVE-2006-3772
 	NOT-FOR-US: PHP-Post
-CVE-2006-3771 (Multiple PHP remote file inclusion vulnerabilities in component.php in ...)
+CVE-2006-3771
 	NOT-FOR-US: iManage CMS
-CVE-2006-3770 (Multiple SQL injection vulnerabilities in index.php in phpFaber ...)
+CVE-2006-3770
 	NOT-FOR-US: phpFaber TopSites
-CVE-2006-3769 (Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and ...)
+CVE-2006-3769
 	NOT-FOR-US: Top XL
-CVE-2006-3768 (Integer underflow in filecpnt.exe in FileCOPA FTP Server 1.01 before ...)
+CVE-2006-3768
 	NOT-FOR-US: FileCOPA FTP Server
-CVE-2006-3767 (Cross-site scripting (XSS) vulnerability in showprofile.php in ...)
+CVE-2006-3767
 	NOT-FOR-US: Darren's $5 Script Archive osDate
-CVE-2006-3766 (Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to ...)
+CVE-2006-3766
 	NOT-FOR-US: Darren's $5 Script Archive osDate
-CVE-2006-3765 (Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher ...)
+CVE-2006-3765
 	NOT-FOR-US: uttenlocher Webdesign hwdeGUEST
-CVE-2006-3764 (Till Gerken phpPolls 1.0.3 allows remote attackers to create a new ...)
+CVE-2006-3764
 	NOT-FOR-US: phpPolls
-CVE-2006-3763 (SQL injection vulnerability in category.php in Diesel Joke Site allows ...)
+CVE-2006-3763
 	NOT-FOR-US: Diesel Joke Site
-CVE-2006-3762 (The Touch Control ActiveX control 2.0.0.55 allows remote attackers to ...)
+CVE-2006-3762
 	NOT-FOR-US: Touch Control ActiveX control
-CVE-2006-3761 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
+CVE-2006-3761
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3760 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
+CVE-2006-3760
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3759 (Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related ...)
+CVE-2006-3759
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3758 (inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) ...)
+CVE-2006-3758
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3757 (index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain ...)
+CVE-2006-3757
 	NOT-FOR-US: Zen Cart
-CVE-2006-3756 (Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and ...)
+CVE-2006-3756
 	NOT-FOR-US: Geeklog
-CVE-2006-3755 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3755
 	NOT-FOR-US: FlushCMS
-CVE-2006-3754 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3754
 	NOT-FOR-US: FlushCMS
-CVE-2006-3753 (setcookie.php for the administration login in Professional Home Page ...)
+CVE-2006-3753
 	NOT-FOR-US: Professional Home Page Tools Guestbook
-CVE-2006-3752 (Multiple SQL injection vulnerabilities in class.php in Professional ...)
+CVE-2006-3752
 	NOT-FOR-US: Professional Home Page Tools Guestbook
-CVE-2006-3751 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3751
 	NOT-FOR-US: HTMLArea3
-CVE-2006-3750 (PHP remote file inclusion vulnerability in server.php in the Hashcash ...)
+CVE-2006-3750
 	NOT-FOR-US: Hashcash Component (com_hashcash) for Joomla
-CVE-2006-3749 (PHP remote file inclusion vulnerability in sitemap.xml.php in Sitemap ...)
+CVE-2006-3749
 	NOT-FOR-US: Sitemap component (com_sitemap) for Mambo
-CVE-2006-3748 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3748
 	NOT-FOR-US: LoudMouth Component for Mambo
-CVE-2006-3747 (Off-by-one error in the ldap scheme handling in the Rewrite module ...)
+CVE-2006-3747
 	{DSA-1132-1 DSA-1131-1}
 	- apache 1.3.34-3 (medium; bug #380231)
 	- apache2 2.0.55-4.1 (medium; bug #380182)
-CVE-2006-3746 (Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote ...)
+CVE-2006-3746
 	{DSA-1141-1 DSA-1140-1}
 	- gnupg 1.4.5-1 (medium; bug #381204)
 	- gnupg2 1.9.20-2 (medium)
-CVE-2006-3745 (Unspecified vulnerability in the sctp_make_abort_user function in the ...)
+CVE-2006-3745
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.17-7
-CVE-2006-3744 (Multiple integer overflows in ImageMagick before 6.2.9 allows ...)
+CVE-2006-3744
 	{DSA-1168-1}
 	- imagemagick 7:6.2.4.5.dfsg1-0.10 (bug #385062)
 	- graphicsmagick 1.1.7-7
-CVE-2006-3743 (Multiple buffer overflows in ImageMagick before 6.2.9 allow ...)
+CVE-2006-3743
 	{DSA-1168-1}
 	- imagemagick 7:6.2.4.5.dfsg1-0.10 (bug #385062)
 	- graphicsmagick 1.1.7-8
-CVE-2006-3742 (The KDE PAM configuration shipped with Fedora Core 5 causes KDM ...)
+CVE-2006-3742
 	- kdebase <not-affected>
 	NOTE: only in Fedora
-CVE-2006-3741 (The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and ...)
+CVE-2006-3741
 	{DSA-1233}
 	- linux-2.6 2.6.18-1
-CVE-2006-3740 (Integer overflow in the scan_cidfont function in X.Org 6.8.2 and ...)
+CVE-2006-3740
 	{DSA-1193-1}
 	- libxfont 1:1.2.2-1
-CVE-2006-3739 (Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X ...)
+CVE-2006-3739
 	{DSA-1193-1}
 	- libxfont 1:1.2.2-1
-CVE-2006-3738 (Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL ...)
+CVE-2006-3738
 	{DSA-1195-1 DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
@@ -7913,131 +7913,131 @@ CVE-2006-XXXX [ldap account manager sets trivial password instead of disabling i
 CVE-2006-XXXX [ldap account manager wrongly unlocks some passwords]
 	- ldap-account-manager 1.0.3-1 (bug #375453; medium)
 	[sarge] - ldap-account-manager <not-affected>
-CVE-2006-3737 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-3737
 	NOT-FOR-US: Plesk
-CVE-2006-3736 (PHP remote file inclusion vulnerability in core/videodb.class.xml.php ...)
+CVE-2006-3736
 	NOT-FOR-US: VideoDB for Mambo
-CVE-2006-3735 (Multiple PHP remote file inclusion vulnerabilities in Mail2Forum ...)
+CVE-2006-3735
 	NOT-FOR-US: Mail2Forum
-CVE-2006-3734 (Multiple unspecified vulnerabilities in the Command Line Interface ...)
+CVE-2006-3734
 	NOT-FOR-US: Cisco
-CVE-2006-3733 (jmx-console/HtmlAdaptor in the jmx-console in the JBoss web ...)
+CVE-2006-3733
 	NOT-FOR-US: Cisco
-CVE-2006-3732 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
+CVE-2006-3732
 	NOT-FOR-US: Cisco
-CVE-2006-3731 (Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted ...)
+CVE-2006-3731
 	- firefox 1.5.dfsg+1.5.0.6-1 (bug #379050; low)
 	[sarge] - mozilla-firefox <not-affected> (Unreproducible on Sarge)
-CVE-2006-3730 (Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 ...)
+CVE-2006-3730
 	NOT-FOR-US: MSIE
-CVE-2006-3729 (DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office ...)
+CVE-2006-3729
 	NOT-FOR-US: MSIE
-CVE-2006-3728 (Unspecified vulnerability in the kernel in Solaris 10 with patch ...)
+CVE-2006-3728
 	NOT-FOR-US: Solaris
-CVE-2006-3727 (Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow ...)
+CVE-2006-3727
 	NOT-FOR-US: Eskolar CMS
-CVE-2006-3726 (Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th ...)
+CVE-2006-3726
 	NOT-FOR-US: FileCOPA FTP Server
-CVE-2006-3725 (Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a ...)
+CVE-2006-3725
 	NOT-FOR-US: Norton Personal Firewall
-CVE-2006-3724 (Unspecified vulnerability in JD Edwards HTML Server for Oracle ...)
+CVE-2006-3724
 	NOT-FOR-US: Oracle
-CVE-2006-3723 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...)
+CVE-2006-3723
 	NOT-FOR-US: Oracle
-CVE-2006-3722 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...)
+CVE-2006-3722
 	NOT-FOR-US: Oracle
-CVE-2006-3721 (Multiple unspecified vulnerabilities in Oracle Management Service for ...)
+CVE-2006-3721
 	NOT-FOR-US: Oracle
-CVE-2006-3720 (Unspecified vulnerability in Enterprise Config Management for Oracle ...)
+CVE-2006-3720
 	NOT-FOR-US: Oracle
-CVE-2006-3719 (Unspecified vulnerability in CORE: Repository for Oracle Enterprise ...)
+CVE-2006-3719
 	NOT-FOR-US: Oracle
-CVE-2006-3718 (Multiple unspecified vulnerabilities in Oracle Exchange for Oracle ...)
+CVE-2006-3718
 	NOT-FOR-US: Oracle
-CVE-2006-3717 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2006-3717
 	NOT-FOR-US: Oracle
-CVE-2006-3716 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2006-3716
 	NOT-FOR-US: Oracle
-CVE-2006-3715 (Unspecified vulnerability in Calendar for Oracle Collaboration Suite ...)
+CVE-2006-3715
 	NOT-FOR-US: Oracle
-CVE-2006-3714 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3714
 	NOT-FOR-US: Oracle
-CVE-2006-3713 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3713
 	NOT-FOR-US: Oracle
-CVE-2006-3712 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3712
 	NOT-FOR-US: Oracle
-CVE-2006-3711 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3711
 	NOT-FOR-US: Oracle
-CVE-2006-3710 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3710
 	NOT-FOR-US: Oracle
-CVE-2006-3709 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3709
 	NOT-FOR-US: Oracle
-CVE-2006-3708 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3708
 	NOT-FOR-US: Oracle
-CVE-2006-3707 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3707
 	NOT-FOR-US: Oracle
-CVE-2006-3706 (Unspecified vulnerability in OC4J for Oracle Application Server ...)
+CVE-2006-3706
 	NOT-FOR-US: Oracle
-CVE-2006-3705 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have ...)
+CVE-2006-3705
 	NOT-FOR-US: Oracle
-CVE-2006-3704 (Unspecified vulnerability in the Oracle ODBC Driver for Oracle ...)
+CVE-2006-3704
 	NOT-FOR-US: Oracle
-CVE-2006-3703 (Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, ...)
+CVE-2006-3703
 	NOT-FOR-US: Oracle
-CVE-2006-3702 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, ...)
+CVE-2006-3702
 	NOT-FOR-US: Oracle
-CVE-2006-3701 (Unspecified vulnerability in the Dictionary component in Oracle ...)
+CVE-2006-3701
 	NOT-FOR-US: Oracle
-CVE-2006-3700 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and ...)
+CVE-2006-3700
 	NOT-FOR-US: Oracle
-CVE-2006-3699 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2006-3699
 	NOT-FOR-US: Oracle
-CVE-2006-3698 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have ...)
+CVE-2006-3698
 	NOT-FOR-US: Oracle
-CVE-2006-3697 (Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) ...)
+CVE-2006-3697
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2006-3696 (filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows ...)
+CVE-2006-3696
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2006-3694 (Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote ...)
+CVE-2006-3694
 	{DSA-1157 DSA-1139-1}
 	- ruby1.8 1.8.4-3 (bug #378029; medium)
 	- ruby1.9 1.9.0+20060609-1 (medium)
-CVE-2006-3693 (Rocks Clusters 4.1 and earlier allows local users to gain privileges ...)
+CVE-2006-3693
 	NOT-FOR-US: Rocks Clusters
-CVE-2006-3692 (** DISPUTED ** ...)
+CVE-2006-3692
 	NOT-FOR-US: ListMessenger
-CVE-2006-3691 (Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier ...)
+CVE-2006-3691
 	NOT-FOR-US: VBZooM
-CVE-2006-3690 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...)
+CVE-2006-3690
 	NOT-FOR-US: MiniBB
-CVE-2006-3689 (** DISPUTED ** ...)
+CVE-2006-3689
 	NOT-FOR-US: Codeworks Gnomedia SubberZ[Lite]
-CVE-2006-3688 (SQL injection vulnerability in Room.php in Francisco Charrua ...)
+CVE-2006-3688
 	NOT-FOR-US: Francisco Charrua Photo-Gallery
-CVE-2006-3687 (Stack-based buffer overflow in the Universal Plug and Play (UPnP) ...)
+CVE-2006-3687
 	NOT-FOR-US: D-Link
-CVE-2006-3686 (Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 ...)
+CVE-2006-3686
 	NOT-FOR-US: HP OpenVMS
-CVE-2006-3685 (PHP remote file inclusion vulnerability in CzarNews 1.12 through 1.14 ...)
+CVE-2006-3685
 	NOT-FOR-US: CzarNews
-CVE-2006-3684 (PHP remote file inclusion vulnerability in calendar.php in SoftComplex ...)
+CVE-2006-3684
 	NOT-FOR-US: SoftComplex PHP Event Calendar
-CVE-2006-3683 (PHP remote file inclusion vulnerability in poll.php in Flipper Poll ...)
+CVE-2006-3683
 	NOT-FOR-US: Flipper Poll
-CVE-2006-3682 (awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote ...)
+CVE-2006-3682
 	- awstats 6.5-2 (bug #378960; low)
 	[sarge] - awstats 6.4-1sarge3
 	NOTE: A previous DSA introduced a fix that renders this vulnerability in ineffective
-CVE-2006-3681 (Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in ...)
+CVE-2006-3681
 	- awstats 6.5-2 (bug #378960; unimportant)
 	NOTE: Path disclosure is not an issue for Debian
-CVE-2006-3680 (Cross-site scripting (XSS) vulnerability in photocycle in Photocycle ...)
+CVE-2006-3680
 	NOT-FOR-US: Photocycle
-CVE-2006-3679 (FatWire Content Server 5.5.0 allows remote attackers to bypass access ...)
+CVE-2006-3679
 	NOT-FOR-US: FatWire Content Server
-CVE-2006-3678 (TippingPoint IPS running the TippingPoint Operating System (TOS) ...)
+CVE-2006-3678
 	NOT-FOR-US: TippingPoint
-CVE-2006-3677 (Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows ...)
+CVE-2006-3677
 	NOTE: MFSA-2006-45
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (high)
@@ -8045,74 +8045,74 @@ CVE-2006-3677 (Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 all
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird <not-affected>
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3676 (admin/gallery_admin.php in planetGallery before 14.07.2006 allows remote ...)
+CVE-2006-3676
 	NOT-FOR-US: planetGallery
-CVE-2006-3675 (Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the ...)
+CVE-2006-3675
 	NOT-FOR-US: Password Safe
 	NOTE: mypasswordsafe and pwsafe might use code from Password Safe,
 	NOTE: but the problematic functionality is not present
-CVE-2006-3674 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote ...)
+CVE-2006-3674
 	- armagetron 0.2.8.2.1-1 (bug #379062; low)
 	[sarge] - armagetron <no-dsa> (Minor game DoS)
 	[etch] - armagetron <no-dsa> (Minor game DoS)
-CVE-2006-3673 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote ...)
+CVE-2006-3673
 	- armagetron 0.2.8.2.1-1 (bug #379062; low)
 	[sarge] - armagetron <no-dsa> (Minor game DoS)
 	[etch] - armagetron <no-dsa> (Minor game DoS)
-CVE-2006-3672 (KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a ...)
+CVE-2006-3672
 	- kdelibs 4:3.5.4-1 (bug #378962; unimportant)
-CVE-2006-3671 (Cross-site request forgery (CSRF) vulnerability in the communicate ...)
+CVE-2006-3671
 	{DTSA-31-1}
 	- hyperestraier 1.3.3-1 (bug #379060; low)
-CVE-2006-3670 (Stack-based buffer overflow in Winlpd 1.26 allows remote attackers to ...)
+CVE-2006-3670
 	NOT-FOR-US: Winlpd
-CVE-2006-3669 (Mercury Messenger, possibly 1.7.1.1 and other versions, when running ...)
+CVE-2006-3669
 	NOT-FOR-US: Mercury Messenger
-CVE-2006-3668 (Heap-based buffer overflow in the it_read_envelope function in Dynamic ...)
+CVE-2006-3668
 	{DSA-1123}
 	- libdumb 1:0.9.3-5 (bug #379064; medium)
-CVE-2006-3667 (Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking ...)
+CVE-2006-3667
 	NOT-FOR-US: Sybase/Financial Fusion Consumer Banking Suite
-CVE-2006-3666 (SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc ...)
+CVE-2006-3666
 	NOT-FOR-US: AjaxPortal
-CVE-2006-3665 (SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows ...)
+CVE-2006-3665
 	- squirrelmail 2:1.4.7-1 (unimportant)
 	NOTE: Operation with registers_globals not supported
-CVE-2006-3664 (Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 ...)
+CVE-2006-3664
 	NOT-FOR-US: Sun Solaris
-CVE-2006-3663 (Finjan Vital Security Appliance 5100/8100 NG 8.3.5 stores passwords in ...)
+CVE-2006-3663
 	NOT-FOR-US: Finjan Appliance
-CVE-2006-3662 (** DISPUTED ** ...)
+CVE-2006-3662
 	NOT-FOR-US: ATutor
-CVE-2006-3661 (Cross-site scripting (XSS) vulnerability in Index.PHP in CuteNews ...)
+CVE-2006-3661
 	NOT-FOR-US: CuteNews
-CVE-2006-3660 (Unspecified vulnerability in Microsoft PowerPoint 2003 has unknown ...)
+CVE-2006-3660
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3659 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2006-3659
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3658 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2006-3658
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3657 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2006-3657
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3656 (Unspecified vulnerability in Microsoft PowerPoint 2003 allows ...)
+CVE-2006-3656
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3655 (Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 ...)
+CVE-2006-3655
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3654 (Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet ...)
+CVE-2006-3654
 	NOT-FOR-US: Microsoft Works Spreadsheet
-CVE-2006-3653 (wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote ...)
+CVE-2006-3653
 	NOT-FOR-US: Microsoft Works Spreadsheet
-CVE-2006-3652 (Microsoft Internet Security and Acceleration (ISA) Server 2004 allows ...)
+CVE-2006-3652
 	NOT-FOR-US: Microsoft Internet Security and Acceleration Server
-CVE-2006-3651 (Unspecified vulnerability in Microsoft Word 2000, 2002, and Office ...)
+CVE-2006-3651
 	NOT-FOR-US: Microsoft
-CVE-2006-3650 (Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not ...)
+CVE-2006-3650
 	NOT-FOR-US: Microsoft
-CVE-2006-3649 (Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK ...)
+CVE-2006-3649
 	NOT-FOR-US: Microsoft
-CVE-2006-3648 (Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and ...)
+CVE-2006-3648
 	NOT-FOR-US: Microsoft
-CVE-2006-3647 (Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and ...)
+CVE-2006-3647
 	NOT-FOR-US: Microsoft
 CVE-2006-3646
 	REJECTED
@@ -8120,1161 +8120,1161 @@ CVE-2006-3645
 	REJECTED
 CVE-2006-3644
 	REJECTED
-CVE-2006-3643 (Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and ...)
+CVE-2006-3643
 	NOT-FOR-US: Microsoft
 CVE-2006-3642
 	REJECTED
 CVE-2006-3641
 	REJECTED
-CVE-2006-3640 (Microsoft Internet Explorer 5.01 and 6 allows certain script to ...)
+CVE-2006-3640
 	NOT-FOR-US: Microsoft
-CVE-2006-3639 (Microsoft Internet Explorer 5.01 and 6 does not properly identify the ...)
+CVE-2006-3639
 	NOT-FOR-US: Microsoft
-CVE-2006-3638 (Microsoft Internet Explorer 5.01 and 6 does not properly handle ...)
+CVE-2006-3638
 	NOT-FOR-US: Microsoft
-CVE-2006-3637 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle ...)
+CVE-2006-3637
 	NOT-FOR-US: Microsoft
-CVE-2006-3636 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...)
+CVE-2006-3636
 	{DSA-1188-1}
 	- mailman 1:2.1.8-3
-CVE-2006-3635 (The ia64 subsystem in the Linux kernel before 2.6.26 allows local users ...)
+CVE-2006-3635
 	- linux <not-affected> (Fixed before initial rename to src:linux)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=199440
 	NOTE: Fixed by: https://git.kernel.org/linus/4dcc29e1574d88f4465ba865ed82800032f76418 (2.6.26-rc5)
-CVE-2006-3634 (The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic ...)
+CVE-2006-3634
 	- linux-2.6 2.6.17-1 (medium)
-CVE-2006-3633 (OSSP shiela 1.1.5 and earlier allows remote authenticated users to ...)
+CVE-2006-3633
 	NOT-FOR-US: shiela
-CVE-2006-3632 (Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 ...)
+CVE-2006-3632
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3631 (Unspecified vulnerability in the SSH dissector in Wireshark (aka ...)
+CVE-2006-3631
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3630 (Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to ...)
+CVE-2006-3630
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3629 (Unspecified vulnerability in the MOUNT dissector in Wireshark ...)
+CVE-2006-3629
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3628 (Multiple format string vulnerabilities in Wireshark (aka Ethereal) ...)
+CVE-2006-3628
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3627 (Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark ...)
+CVE-2006-3627
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
 	[sarge] - ethereal <no-dsa> (Vulnerable code not present)
-CVE-2006-3625 (FLV Players 8 allows remote attackers to obtain sensitive information ...)
+CVE-2006-3625
 	NOT-FOR-US: FLV Players
-CVE-2006-3624 (Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 ...)
+CVE-2006-3624
 	NOT-FOR-US: FLV Players
-CVE-2006-3623 (Directory traversal vulnerability in Framework Service component in ...)
+CVE-2006-3623
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2006-3622 (The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to ...)
+CVE-2006-3622
 	NOT-FOR-US: Koobi Pro CMS
-CVE-2006-3621 (SQL injection vulnerability in the showtopic module in Koobi Pro CMS ...)
+CVE-2006-3621
 	NOT-FOR-US: Koobi Pro CMS
-CVE-2006-3620 (Cross-site scripting (XSS) vulnerability in the showtopic module in ...)
+CVE-2006-3620
 	NOT-FOR-US: Koobi Pro CMS
-CVE-2006-3619 (Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC ...)
+CVE-2006-3619
 	{DSA-1170}
 	- gcc-4.1 4.1.1-11 (bug #368397; low)
 	- gcc-3.4 3.4.4-0
 	NOTE: gcc-3.4 no longer builds the fastjar package
-CVE-2006-3618 (SQL injection vulnerability in pblguestbook.php in Pixelated By Lev ...)
+CVE-2006-3618
 	NOT-FOR-US: Pixelated By Lev (PBL) Guestbook
-CVE-2006-3617 (Cross-site scripting (XSS) vulnerability in pblguestbook.php in ...)
+CVE-2006-3617
 	NOT-FOR-US: Pixelated By Lev (PBL) Guestbook
-CVE-2006-3616 (Multiple cross-site scripting (XSS) vulnerabilities in Carbonize ...)
+CVE-2006-3616
 	NOT-FOR-US: Carbonize Lazarus Guestbook
-CVE-2006-3615 (Multiple PHP remote file inclusion vulnerabilities in Phorum 5.1.14, ...)
+CVE-2006-3615
 	NOT-FOR-US: Phorum
-CVE-2006-3614 (index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to ...)
+CVE-2006-3614
 	NOT-FOR-US: Orbitcoders OrbitMATRIX
-CVE-2006-3613 (Multiple cross-site scripting (XSS) vulnerabilities in Chamberland ...)
+CVE-2006-3613
 	NOT-FOR-US: Chamberland Technology ezWaiter
-CVE-2006-3612 (Cross-site scripting (XSS) vulnerability in Phorum 5.1.14 allows ...)
+CVE-2006-3612
 	NOT-FOR-US: Phorum
-CVE-2006-3611 (Directory traversal vulnerability in pm.php in Phorum 5 allows remote ...)
+CVE-2006-3611
 	NOT-FOR-US: Phorum
-CVE-2006-3610 (index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to ...)
+CVE-2006-3610
 	NOT-FOR-US: Orbitcoders OrbitMATRIX
-CVE-2006-3609 (Cross-site scripting (XSS) vulnerability in index.php in Orbitcoders ...)
+CVE-2006-3609
 	NOT-FOR-US: Orbitcoders OrbitMATRIX
-CVE-2006-3608 (The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when ...)
+CVE-2006-3608
 	NOT-FOR-US: Simone Vellei Flatnuke
-CVE-2006-3607 (Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner ...)
+CVE-2006-3607
 	NOT-FOR-US: Softbiz Banner Exchange Script (aka Banner Exchange Network Script)
-CVE-2006-3606 (Unspecified vulnerability in Sun Solaris X Inter Client Exchange ...)
+CVE-2006-3606
 	NOTE: Sun Solaris
-CVE-2006-3605 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2006-3605
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3604 (Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and ...)
+CVE-2006-3604
 	NOT-FOR-US: FlexWATCH Network Camera
-CVE-2006-3603 (Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH ...)
+CVE-2006-3603
 	NOT-FOR-US: FlexWATCH Network Camera
-CVE-2006-3602 (Directory traversal vulnerability in ...)
+CVE-2006-3602
 	NOTE: this is CVE-2005-4600
 	NOT-FOR-US: Farsinews
-CVE-2006-3601 (** UNVERIFIABLE ** ...)
+CVE-2006-3601
 	NOT-FOR-US: DotNetNuke
-CVE-2006-3600 (Multiple stack-based buffer overflows in the LookupTRM::lookup ...)
+CVE-2006-3600
 	{DSA-1135-1}
 	- libtunepimp 0.4.2-4 (bug #378091; medium)
-CVE-2006-3599 (SQL injection vulnerability in the Nuke Advanced Classifieds module ...)
+CVE-2006-3599
 	NOT-FOR-US: Nuke Advanced Classifieds module for PHP-Nuke
-CVE-2006-3598 (SQL injection vulnerability in the Sections module for PHP-Nuke allows ...)
+CVE-2006-3598
 	NOT-FOR-US: Sections module for PHP-Nuke
-CVE-2006-3597 (passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password ...)
+CVE-2006-3597
 	- shadow <not-affected> (fix for a mistake in the Ubuntu installer)
-CVE-2006-3596 (The device driver for Intel-based gigabit network adapters in Cisco ...)
+CVE-2006-3596
 	NOT-FOR-US: Cisco
-CVE-2006-3595 (The default configuration of IOS HTTP server in Cisco Router Web Setup ...)
+CVE-2006-3595
 	NOT-FOR-US: Cisco
-CVE-2006-3594 (Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through ...)
+CVE-2006-3594
 	NOT-FOR-US: Cisco
-CVE-2006-3593 (The command line interface (CLI) in Cisco Unified CallManager (CUCM) ...)
+CVE-2006-3593
 	NOT-FOR-US: Cisco
-CVE-2006-3592 (Unspecified vulnerability in the command line interface (CLI) in Cisco ...)
+CVE-2006-3592
 	NOT-FOR-US: Cisco
-CVE-2006-3591 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2006-3591
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3626 (Race condition in Linux kernel 2.6.17.4 and earlier allows local users ...)
+CVE-2006-3626
 	{DSA-1111}
 	- linux-2.6 2.6.17-4 (bug #378324; high)
 CVE-2006-XXXX [insufficient form variable escaping]
 	- webauth 3.5.2-1
-CVE-2006-3590 (mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows ...)
+CVE-2006-3590
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3589 (vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure ...)
+CVE-2006-3589
 	NOT-FOR-US: VMware
-CVE-2006-3588 (Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 ...)
+CVE-2006-3588
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2006-3587 (Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 ...)
+CVE-2006-3587
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2006-3586 (SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote ...)
+CVE-2006-3586
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3585 (Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 ...)
+CVE-2006-3585
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3584 (Dynamic variable evaluation vulnerability in index.php in Jetbox CMS ...)
+CVE-2006-3584
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3583 (Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote ...)
+CVE-2006-3583
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3582 (Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and ...)
+CVE-2006-3582
 	- adplug 2.0.1-1 (bug #378279; medium)
-CVE-2006-3581 (Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and ...)
+CVE-2006-3581
 	- adplug 2.0.1-1 (bug #378279; medium)
-CVE-2006-3580 (SQL injection vulnerability in pages.asp in ASP Stats Generator before ...)
+CVE-2006-3580
 	NOT-FOR-US: ASP Stats Generator
-CVE-2006-3579 (Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up ...)
+CVE-2006-3579
 	NOT-FOR-US: Fujitsu ServerView
-CVE-2006-3578 (Directory traversal vulnerability in Fujitsu ServerView 2.50 up to ...)
+CVE-2006-3578
 	NOT-FOR-US: Fujitsu ServerView
-CVE-2006-3577 (SQL injection vulnerability in index.php in LifeType 1.0.5 allows ...)
+CVE-2006-3577
 	NOT-FOR-US: LifeType
-CVE-2006-3576 (SQL injection vulnerability in search.php in SenseSites CommonSense ...)
+CVE-2006-3576
 	NOT-FOR-US: SenseSites CommonSense
-CVE-2006-3575 (Unknown vulnerability in the Buffer Overflow Protection in McAfee ...)
+CVE-2006-3575
 	NOT-FOR-US: McAfee VirusScan Enterprise
-CVE-2006-3574 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi ...)
+CVE-2006-3574
 	NOT-FOR-US: Hitachi Groupmax Collaboration Portal and Web Client and uCosminexus Collaboration Portal and Forum/File Sharing
-CVE-2006-3573 (Format string vulnerability in the WriteText function in agl_text.cpp ...)
+CVE-2006-3573
 	NOT-FOR-US: Milan Mimica Sparklet
-CVE-2006-3572 (SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and ...)
+CVE-2006-3572
 	NOT-FOR-US: Papoo
-CVE-2006-3571 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-3571
 	NOT-FOR-US: Papoo
-CVE-2006-3570 (Cross-site scripting (XSS) vulnerability in the webform module in ...)
+CVE-2006-3570
 	- drupal <not-affected> (webform module is not in Debian Drupal 4.5 package)
-CVE-2006-3569 (Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, ...)
+CVE-2006-3569
 	NOT-FOR-US: IBM Data ONTAP
-CVE-2006-3568 (Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php ...)
+CVE-2006-3568
 	NOT-FOR-US: Fantastic Guestbook
-CVE-2006-3567 (Cross-site scripting (XSS) vulnerability in the web administration ...)
+CVE-2006-3567
 	NOT-FOR-US: Juniper
-CVE-2006-3566 (search.results.php in HiveMail 3.1 and earlier allows remote attackers ...)
+CVE-2006-3566
 	NOT-FOR-US: HiveMail
-CVE-2006-3565 (SQL injection vulnerability in search.results.php in HiveMail 1.3 and ...)
+CVE-2006-3565
 	NOT-FOR-US: HiveMail
-CVE-2006-3564 (Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 ...)
+CVE-2006-3564
 	NOT-FOR-US: HiveMail
-CVE-2006-3563 (Cross-site scripting (XSS) vulnerability in gallery/thumb.php in ...)
+CVE-2006-3563
 	NOT-FOR-US: Winged Gallery
-CVE-2006-3562 (PHP remote file inclusion vulnerabilities in plume cms 1.0.4 allow ...)
+CVE-2006-3562
 	NOT-FOR-US: Plume CMS
-CVE-2006-3561 (BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and ...)
+CVE-2006-3561
 	NOT-FOR-US: BT Voyager
-CVE-2006-3560 (SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums ...)
+CVE-2006-3560
 	NOT-FOR-US: Blue Dojo Graffiti Forums
-CVE-2006-3559 (Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 ...)
+CVE-2006-3559
 	NOT-FOR-US: auraCMS
-CVE-2006-3558 (Multiple cross-site scripting (XSS) vulnerabilities in Arif Supriyanto ...)
+CVE-2006-3558
 	NOT-FOR-US: auraCMS
-CVE-2006-3557 (MT Orumcek Toplist 2.2 stores DB/orumcektoplist.mdb under the web root ...)
+CVE-2006-3557
 	NOT-FOR-US: MT Orumcek Toplist
-CVE-2006-3556 (PHP remote file inclusion vulnerability in extcalendar.php in Mohamed ...)
+CVE-2006-3556
 	NOT-FOR-US: Mohamed Moujami ExtCalendar
-CVE-2006-3555 (Multiple cross-site scripting (XSS) vulnerabilities in submit.php in ...)
+CVE-2006-3555
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-3554 (Directory traversal vulnerability in index.php in MKPortal 1.0.1 Final ...)
+CVE-2006-3554
 	NOT-FOR-US: MKPortal
-CVE-2006-3553 (PlaNet Concept planetNews allows remote attackers to bypass ...)
+CVE-2006-3553
 	NOT-FOR-US: planetNews
-CVE-2006-3552 (Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and ...)
+CVE-2006-3552
 	NOT-FOR-US: Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium
-CVE-2006-3551 (NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and ...)
+CVE-2006-3551
 	NOT-FOR-US: NCP VPN/PKI Client (apparently nothing to do with Novell)
-CVE-2006-3550 (Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks ...)
+CVE-2006-3550
 	NOT-FOR-US: F5 Netowrks FirePass
-CVE-2006-3549 (services/go.php in Horde Application Framework 3.0.0 through 3.0.10 ...)
+CVE-2006-3549
 	{DSA-1406-1}
 	- horde3 3.1.2-1 (bug #378281; low)
-CVE-2006-3548 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
+CVE-2006-3548
 	{DSA-1406-1}
 	- horde3 3.1.2-1 (bug #378281; low)
-CVE-2006-3547 (** DISPUTED ** ...)
+CVE-2006-3547
 	NOT-FOR-US: EMC VMware Player
-CVE-2006-3546 (Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote ...)
+CVE-2006-3546
 	NOT-FOR-US: Patrice Freydiere ImgSvr
-CVE-2006-3545 (** DISPUTED ** Microsoft Internet Explorer 7.0 Beta allows remote ...)
+CVE-2006-3545
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3544 (** DISPUTED ** ...)
+CVE-2006-3544
 	NOT-FOR-US: Invision Power Board
-CVE-2006-3543 (** DISPUTED ** ...)
+CVE-2006-3543
 	NOT-FOR-US: Invision Power Board
-CVE-2006-3542 (Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown ...)
+CVE-2006-3542
 	NOT-FOR-US: Garry Glendown Shopping Cart
-CVE-2006-3541 (SQL injection vulnerability in Meine Links (aka My Links) in Kyberna ...)
+CVE-2006-3541
 	NOT-FOR-US: Meine Links (aka My Links) in Kyberna ky2help
-CVE-2006-3540 (Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, ...)
+CVE-2006-3540
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2006-3539 (Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com ...)
+CVE-2006-3539
 	NOT-FOR-US: DKScript.com Dragon's Kingdom Script
-CVE-2006-3538 (Multiple cross-site scripting (XSS) vulnerabilities in demo.php in ...)
+CVE-2006-3538
 	NOT-FOR-US: BeatificFaith Eprayer
-CVE-2006-3537 (PHP remote file inclusion vulnerability in index.php in Randshop ...)
+CVE-2006-3537
 	NOT-FOR-US: Randshop
-CVE-2006-3536 (Direct static code injection vulnerability in code/class_db_text.php ...)
+CVE-2006-3536
 	NOT-FOR-US: EJ3 TOPo
-CVE-2006-3535 (Directory traversal vulnerability in Nullsoft SHOUTcast DSP before ...)
+CVE-2006-3535
 	NOT-FOR-US: Nullsoft SHOUTcast DSP
-CVE-2006-3534 (Directory traversal vulnerability in Nullsoft SHOUTcast DSP before ...)
+CVE-2006-3534
 	NOT-FOR-US: Nullsoft SHOUTcast DSP
-CVE-2006-3533 (Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2 ...)
+CVE-2006-3533
 	- pivot <itp> (bug #305786)
-CVE-2006-3532 (PHP file inclusion vulnerability in includes/edit_new.php in Pivot ...)
+CVE-2006-3532
 	- pivot <itp> (bug #305786)
-CVE-2006-3531 (includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates ...)
+CVE-2006-3531
 	- pivot <itp> (bug #305786)
-CVE-2006-3530 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3530
 	NOT-FOR-US: PccookBook Component for Mambo and Joomla
-CVE-2006-3529 (Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, ...)
+CVE-2006-3529
 	NOT-FOR-US: Juniper JUNOS
-CVE-2006-3528 (Multiple PHP remote file inclusion vulnerabilities in Simpleboard ...)
+CVE-2006-3528
 	NOT-FOR-US: Simpleboard Mambo module
-CVE-2006-3527 (Multiple PHP remote file inclusion vulnerabilities in BosClassifieds ...)
+CVE-2006-3527
 	NOT-FOR-US: BosClassifieds Classified Ads
-CVE-2006-3526 (Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php ...)
+CVE-2006-3526
 	NOT-FOR-US: Sport-slo Advanced Guestbook
-CVE-2006-3525 (SQL injection vulnerability in category.php in PHCDownload 1.0.0 Final ...)
+CVE-2006-3525
 	NOT-FOR-US: PHCDownload
-CVE-2006-3524 (Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows ...)
+CVE-2006-3524
 	NOT-FOR-US: SIPfoundry sipXtapi
-CVE-2006-3523 (Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote ...)
+CVE-2006-3523
 	NOT-FOR-US: Clearswift MIMEsweeper
-CVE-2006-3522 (Cross-site scripting (XSS) vulnerability in Clearswift MIMEsweeper for ...)
+CVE-2006-3522
 	NOT-FOR-US: Clearswift MIMEsweeper
-CVE-2006-3521 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-3521
 	NOT-FOR-US: SiteForge Collaborative Development Platform
-CVE-2006-3520 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3520
 	NOT-FOR-US: Sabdrimer Pro
-CVE-2006-3519 (Multiple cross-site scripting (XSS) vulnerabilities in The Banner ...)
+CVE-2006-3519
 	NOT-FOR-US: The Banner Engine
-CVE-2006-3518 (SQL injection vulnerability in SayfalaAltList.asp in Webvizyon Portal ...)
+CVE-2006-3518
 	NOT-FOR-US: Webvizyon Portal
-CVE-2006-3517 (PHP remote file inclusion vulnerability in stats.php in RW::Download, ...)
+CVE-2006-3517
 	NOT-FOR-US: RW::Download
-CVE-2006-3516 (Multiple SQL injection vulnerabilities in FreeHost allow remote ...)
+CVE-2006-3516
 	NOT-FOR-US: FreeHost
-CVE-2006-3515 (SQL injection vulnerability in the loginADP function in ajaxp.php in ...)
+CVE-2006-3515
 	NOT-FOR-US: AjaxPortal
-CVE-2006-3514 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-3514
 	NOT-FOR-US: PHP-Blogger
-CVE-2006-3513 (danim.dll in Microsoft Internet Explorer 6 allows remote attackers to ...)
+CVE-2006-3513
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3512 (Internet Explorer 6 on Windows XP allows remote attackers to cause a ...)
+CVE-2006-3512
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3511 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause ...)
+CVE-2006-3511
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3510 (The Remote Data Service Object (RDS.DataControl) in Microsoft Internet ...)
+CVE-2006-3510
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3509 (Integer overflow in the API for the AirPort wireless driver on Apple ...)
+CVE-2006-3509
 	NOT-FOR-US: Apple
-CVE-2006-3508 (Heap-based buffer overflow in the AirPort wireless driver on Apple Mac ...)
+CVE-2006-3508
 	NOT-FOR-US: Apple
-CVE-2006-3507 (Multiple stack-based buffer overflows in the AirPort wireless driver ...)
+CVE-2006-3507
 	NOT-FOR-US: Apple
-CVE-2006-3506 (Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and ...)
+CVE-2006-3506
 	NOT-FOR-US: Mac OS X
-CVE-2006-3505 (WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to ...)
+CVE-2006-3505
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3504 (The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 ...)
+CVE-2006-3504
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3503 (Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows ...)
+CVE-2006-3503
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3502 (Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows ...)
+CVE-2006-3502
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3501 (Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows ...)
+CVE-2006-3501
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3500 (The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users ...)
+CVE-2006-3500
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3499 (The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users ...)
+CVE-2006-3499
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3498 (Stack-based buffer overflow in bootpd in the DHCP component for Apple ...)
+CVE-2006-3498
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3497 (Unspecified vulnerability in the &quot;compression state handling&quot; in Bom ...)
+CVE-2006-3497
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3496 (AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers ...)
+CVE-2006-3496
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3495 (AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys ...)
+CVE-2006-3495
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3494 (Multiple cross-site scripting (XSS) vulnerabilities in Buddy Zone ...)
+CVE-2006-3494
 	NOT-FOR-US: Buddy Zone
-CVE-2006-3493 (Buffer overflow in LsCreateLine function (mso_203) in mso.dll and ...)
+CVE-2006-3493
 	NOT-FOR-US: Microsoft Office
-CVE-2006-3492 (The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO ...)
+CVE-2006-3492
 	NOT-FOR-US: MICO
-CVE-2006-3491 (Stack-based buffer overflow in Kaillera Server 0.86 and earlier allows ...)
+CVE-2006-3491
 	NOT-FOR-US: Kaillera Server
-CVE-2006-3490 (F-Secure Anti-Virus 2003 through 2006 and other versions, Internet ...)
+CVE-2006-3490
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2006-3489 (F-Secure Anti-Virus 2003 through 2006 and other versions, Internet ...)
+CVE-2006-3489
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2006-3488 (Absolute path traversal vulnerability in administrador.asp in ...)
+CVE-2006-3488
 	NOT-FOR-US: VirtuaStore
-CVE-2006-3487 (VirtuaStore 2.0 stores sensitive files under the web root with ...)
+CVE-2006-3487
 	NOT-FOR-US: VirtuaStore
-CVE-2006-3485 (Multiple SQL injection vulnerabilities in AstroDog Press Some Chess ...)
+CVE-2006-3485
 	NOT-FOR-US: AstroDog Press Some Chess
-CVE-2006-3484 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor before ...)
+CVE-2006-3484
 	NOT-FOR-US: ATutor
-CVE-2006-3483 (PHPMailList 1.8.0 stores sensitive information under the web document ...)
+CVE-2006-3483
 	NOT-FOR-US: PHPMailList
-CVE-2006-3482 (Cross-site scripting (XSS) vulnerability in maillist.php in ...)
+CVE-2006-3482
 	NOT-FOR-US: PHPMailList
-CVE-2006-3481 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow ...)
+CVE-2006-3481
 	NOT-FOR-US: Joomla!
-CVE-2006-3480 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2006-3480
 	NOT-FOR-US: Joomla!
-CVE-2006-3479 (Cross-site request forgery (CSRF) vulnerability in the del_block ...)
+CVE-2006-3479
 	NOT-FOR-US: Nuked-Klan
-CVE-2006-3478 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3478
 	NOT-FOR-US: MyPHP CMS
-CVE-2006-3477 (Unspecified vulnerability in the POP service in Stalker CommuniGate ...)
+CVE-2006-3477
 	NOT-FOR-US: Stalker CommuniGate Pro
-CVE-2006-3476 (Cross-site scripting (XSS) vulnerability in comments.php in ...)
+CVE-2006-3476
 	NOT-FOR-US: PhpWebGallery
-CVE-2006-3475 (Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 ...)
+CVE-2006-3475
 	NOT-FOR-US: QBoard
-CVE-2006-3474 (Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO ...)
+CVE-2006-3474
 	NOT-FOR-US: Belchior Foundry vCard PRO
-CVE-2006-3473 (CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 ...)
+CVE-2006-3473
 	- drupal <not-affected> (form_mail Module not in debian)
-CVE-2006-3472 (Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to ...)
+CVE-2006-3472
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3471 (Microsoft Internet Explorer 6 on Windows XP allows remote attackers to ...)
+CVE-2006-3471
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3470 (The Dell Openmanage CD launches X11 and SSH daemons that do not ...)
+CVE-2006-3470
 	NOT-FOR-US: Dell Openmanage CD
-CVE-2006-3469 (Format string vulnerability in time.cc in MySQL Server 4.1 before ...)
+CVE-2006-3469
 	{DSA-1112}
 	- mysql-dfsg-5.0 5.0.22-1 (bug #375694)
-CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote ...)
+CVE-2006-3468
 	{DSA-1184-2}
 	- linux-2.6 2.6.17-6
-CVE-2006-3467 (Integer overflow in FreeType before 2.2 allows remote attackers to ...)
+CVE-2006-3467
 	{DSA-1193-1 DSA-1178-1}
 	- freetype 2.2.1-5 (bug #379920; medium)
 	- libxfont 1:1.2.0-2 (medium; bug #383353)
 CVE-2006-3466
 	REJECTED
-CVE-2006-3465 (Unspecified vulnerability in the custom tag support for the TIFF ...)
+CVE-2006-3465
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3464 (TIFF library (libtiff) before 3.8.2 allows context-dependent attackers ...)
+CVE-2006-3464
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3463 (The EstimateStripByteCounts function in TIFF library (libtiff) before ...)
+CVE-2006-3463
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3462 (Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library ...)
+CVE-2006-3462
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3461 (Heap-based buffer overflow in the PixarLog decoder in the TIFF library ...)
+CVE-2006-3461
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3460 (Heap-based buffer overflow in the JPEG decoder in the TIFF library ...)
+CVE-2006-3460
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3459 (Multiple stack-based buffer overflows in the TIFF library (libtiff) ...)
+CVE-2006-3459
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3486 (** DISPUTED ** ...)
+CVE-2006-3486
 	- mysql-dfsg-5.0 5.0.22-4 (unimportant; bug #378102)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable code not present)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable code not present)
 	NOTE: Only DoS possible, only root can trigger this -> non-issue
-CVE-2006-3457 (Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the ...)
+CVE-2006-3457
 	NOT-FOR-US: Symantec
-CVE-2006-3456 (The Symantec NAVOPTS.DLL ActiveX control (aka ...)
+CVE-2006-3456
 	NOT-FOR-US: Symantec
-CVE-2006-3455 (The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate ...)
+CVE-2006-3455
 	NOT-FOR-US: Symantec
-CVE-2006-3454 (Multiple format string vulnerabilities in Symantec AntiVirus Corporate ...)
+CVE-2006-3454
 	NOT-FOR-US: Symantec
-CVE-2006-3453 (Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers ...)
+CVE-2006-3453
 	NOT-FOR-US: Adobe acrobat
-CVE-2006-3452 (Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure ...)
+CVE-2006-3452
 	NOT-FOR-US: Adobe acrobat
-CVE-2006-3451 (Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage ...)
+CVE-2006-3451
 	NOT-FOR-US: Microsoft
-CVE-2006-3450 (Microsoft Internet Explorer 6 allows remote attackers to execute ...)
+CVE-2006-3450
 	NOT-FOR-US: Microsoft
-CVE-2006-3449 (Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, ...)
+CVE-2006-3449
 	NOT-FOR-US: Microsoft
-CVE-2006-3448 (Buffer overflow in the Step-by-Step Interactive Training in Microsoft ...)
+CVE-2006-3448
 	NOT-FOR-US: Microsoft
 CVE-2006-3447
 	REJECTED
 CVE-2006-3446
 	REJECTED
-CVE-2006-3445 (Integer overflow in the ReadWideString function in agentdpv.dll in ...)
+CVE-2006-3445
 	NOT-FOR-US: Microsoft
-CVE-2006-3444 (Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
+CVE-2006-3444
 	NOT-FOR-US: Microsoft
-CVE-2006-3443 (Untrusted search path vulnerability in Winlogon in Microsoft Windows ...)
+CVE-2006-3443
 	NOT-FOR-US: Microsoft
-CVE-2006-3442 (Unspecified vulnerability in Pragmatic General Multicast (PGM) in ...)
+CVE-2006-3442
 	NOT-FOR-US: Microsoft
-CVE-2006-3441 (Buffer overflow in the DNS Client service in Microsoft Windows 2000 ...)
+CVE-2006-3441
 	NOT-FOR-US: Microsoft
-CVE-2006-3440 (Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP ...)
+CVE-2006-3440
 	NOT-FOR-US: Microsoft
-CVE-2006-3439 (Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, ...)
+CVE-2006-3439
 	NOT-FOR-US: Microsoft
-CVE-2006-3438 (Unspecified vulnerability in Microsoft Hyperlink Object Library ...)
+CVE-2006-3438
 	NOT-FOR-US: Microsoft
 CVE-2006-3437
 	REJECTED
-CVE-2006-3436 (Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework ...)
+CVE-2006-3436
 	NOT-FOR-US: Microsoft
-CVE-2006-3435 (PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X ...)
+CVE-2006-3435
 	NOT-FOR-US: Microsoft
-CVE-2006-3434 (Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for ...)
+CVE-2006-3434
 	NOT-FOR-US: Microsoft
 CVE-2006-3433
 	REJECTED
 CVE-2006-3432
 	REJECTED
-CVE-2006-3431 (Buffer overflow in certain Asian language versions of Microsoft Excel ...)
+CVE-2006-3431
 	NOT-FOR-US: Microsoft Excel
-CVE-2006-3430 (SQL injection vulnerability in checkprofile.asp in (1) PatchLink ...)
+CVE-2006-3430
 	NOT-FOR-US: Novell PatchLink Update Server
-CVE-2006-3429 (Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows ...)
+CVE-2006-3429
 	NOT-FOR-US: TTCalc
-CVE-2006-3428 (Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows ...)
+CVE-2006-3428
 	NOT-FOR-US: TTCalc
-CVE-2006-3427 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2006-3427
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3426 (Directory traversal vulnerability in (a) PatchLink Update Server ...)
+CVE-2006-3426
 	NOT-FOR-US: Novell PatchLink Update Server
-CVE-2006-3425 (FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and ...)
+CVE-2006-3425
 	NOT-FOR-US: Novell PatchLink Update Server
-CVE-2006-3424 (Multiple buffer overflows in WebEx Downloader ActiveX Control, ...)
+CVE-2006-3424
 	NOT-FOR-US: WebEx Downloader ActiveX Control
-CVE-2006-3423 (WebEx Downloader ActiveX Control and WebEx Downloader Java before ...)
+CVE-2006-3423
 	NOT-FOR-US: WebEx Downloader ActiveX Control
-CVE-2006-3422 (PHP remote file inclusion vulnerability in WonderEdit Pro CMS allows ...)
+CVE-2006-3422
 	NOT-FOR-US: WonderEdit Pro CMS
-CVE-2006-3421 (PHP remote file inclusion vulnerability in SmartSiteCMS 1.0 and ...)
+CVE-2006-3421
 	NOT-FOR-US: SmartSiteCMS
-CVE-2006-3420 (Cross-site request forgery (CSRF) vulnerability in editpost.php in ...)
+CVE-2006-3420
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3419 (Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes ...)
+CVE-2006-3419
 	- tor 0.1.1.20-1
-CVE-2006-3418 (Tor before 0.1.1.20 does not validate that a server descriptor's ...)
+CVE-2006-3418
 	- tor 0.1.1.20-1
-CVE-2006-3417 (Tor client before 0.1.1.20 prefers entry points based on is_fast or ...)
+CVE-2006-3417
 	- tor 0.1.1.20-1
-CVE-2006-3416 (** DISPUTED ** ...)
+CVE-2006-3416
 	- tor 0.1.1.20-1
-CVE-2006-3415 (Tor before 0.1.1.20 uses improper logic to validate the &quot;OR&quot; ...)
+CVE-2006-3415
 	- tor 0.1.1.20-1
-CVE-2006-3414 (Tor before 0.1.1.20 supports server descriptors that contain hostnames ...)
+CVE-2006-3414
 	- tor 0.1.1.20-1
-CVE-2006-3413 (The privoxy configuration file in Tor before 0.1.1.20, when run on ...)
+CVE-2006-3413
 	- tor 0.1.1.20-1
-CVE-2006-3412 (Tor before 0.1.1.20 does not sufficiently obey certain firewall ...)
+CVE-2006-3412
 	- tor 0.1.1.20-1
-CVE-2006-3411 (TLS handshakes in Tor before 0.1.1.20 generate public-private keys ...)
+CVE-2006-3411
 	- tor 0.1.1.20-1
-CVE-2006-3410 (Tor before 0.1.1.20 creates &quot;internal circuits&quot; primarily consisting ...)
+CVE-2006-3410
 	- tor 0.1.1.20-1
-CVE-2006-3409 (Integer overflow in Tor before 0.1.1.20 allows remote attackers to ...)
+CVE-2006-3409
 	- tor 0.1.1.20-1
-CVE-2006-3408 (Unspecified vulnerability in the directory server (dirserver) in Tor ...)
+CVE-2006-3408
 	- tor 0.1.1.20-1
-CVE-2006-3407 (Tor before 0.1.1.20 allows remote attackers to spoof log entries or ...)
+CVE-2006-3407
 	- tor 0.1.1.20-1
-CVE-2006-3406 (Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 ...)
+CVE-2006-3406
 	NOT-FOR-US: QTOFileManager
-CVE-2006-3405 (Cross-site scripting (XSS) vulnerability in qtofm.php in ...)
+CVE-2006-3405
 	NOT-FOR-US: QTOFileManager
-CVE-2006-3403 (The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote ...)
+CVE-2006-3403
 	{DSA-1110}
 	- samba 3.0.23a-1 (bug #378070)
-CVE-2006-3402 (SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers ...)
+CVE-2006-3402
 	NOT-FOR-US: VirtuaStore
-CVE-2006-3401 (Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: ...)
+CVE-2006-3401
 	NOT-FOR-US: Quake 3
-CVE-2006-3400 (Stack-based buffer overflow in the CG_ServerCommand function in Quake ...)
+CVE-2006-3400
 	NOT-FOR-US: Soldier of Fortune 2
-CVE-2006-3399 (Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki ...)
+CVE-2006-3399
 	NOT-FOR-US: MoniWiki
-CVE-2006-3398 (The &quot;change password forms&quot; in Taskjitsu before 2.0.1 includes ...)
+CVE-2006-3398
 	NOT-FOR-US: Taskjitsu
-CVE-2006-3397 (Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu ...)
+CVE-2006-3397
 	NOT-FOR-US: Taskjitsu
-CVE-2006-3396 (PHP remote file inclusion vulnerability in galleria.html.php in ...)
+CVE-2006-3396
 	NOT-FOR-US: Galleria Mambo Module
-CVE-2006-3395 (PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX ...)
+CVE-2006-3395
 	NOT-FOR-US: SiteBuilder-FX
-CVE-2006-3394 (SQL injection vulnerability in the files mod in index.php in BXCP ...)
+CVE-2006-3394
 	NOT-FOR-US: BXCP
-CVE-2006-3393 (Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and ...)
+CVE-2006-3393
 	NOT-FOR-US: Papyrus NASCAR Racing
-CVE-2006-3392 (Webmin before 1.290 and Usermin before 1.220 calls the simplify_path ...)
+CVE-2006-3392
 	{DSA-1199-1}
 	- webmin <removed> (medium; bug #381537)
-CVE-2006-3391 (The Execute function in iMBCContents ActiveX Control before 2.0.0.59 ...)
+CVE-2006-3391
 	NOT-FOR-US: iMBCContents
-CVE-2006-3390 (WordPress 2.0.3 allows remote attackers to obtain the installation ...)
+CVE-2006-3390
 	- wordpress 2.0.4-1 (unimportant)
 	NOTE: http://wordpress.org/news/2006/07/wordpress-204/
-CVE-2006-3389 (index.php in WordPress 2.0.3 allows remote attackers to obtain ...)
+CVE-2006-3389
 	- wordpress 2.0.4-1 (unimportant)
 	NOTE: http://wordpress.org/news/2006/07/wordpress-204/
-CVE-2006-3388 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 ...)
+CVE-2006-3388
 	- phpmyadmin 4:2.8.2-0.1 (bug #377748; low)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-3387 (Directory traversal vulnerability in sources/post.php in Fusion News ...)
+CVE-2006-3387
 	NOT-FOR-US: Fusion News
-CVE-2006-3386 (index.php in Vincent Leclercq News 5.2 allows remote attackers to ...)
+CVE-2006-3386
 	NOT-FOR-US: Vincent Leclercq News
-CVE-2006-3385 (Cross-site scripting (XSS) vulnerability in divers.php in Vincent ...)
+CVE-2006-3385
 	NOT-FOR-US: Vincent Leclercq News
-CVE-2006-3384 (SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 ...)
+CVE-2006-3384
 	NOT-FOR-US: Vincent Leclercq News
-CVE-2006-3383 (Cross-site scripting (XSS) vulnerability in index.php in mAds 1.0 ...)
+CVE-2006-3383
 	NOT-FOR-US: mAds
-CVE-2006-3382 (Cross-site scripting (XSS) vulnerability in search.php in mAds 1.0 ...)
+CVE-2006-3382
 	NOT-FOR-US: mAds
-CVE-2006-3381 (SturGeoN Upload allows remote attackers to execute arbitrary PHP code ...)
+CVE-2006-3381
 	NOT-FOR-US: SturGeoN
-CVE-2006-3380 (Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 ...)
+CVE-2006-3380
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2006-3379 (Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through 0.6.5 ...)
+CVE-2006-3379
 	{DSA-1119}
 	- hiki 0.8.6-1 (bug #378059; low)
-CVE-2006-3378 (passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called ...)
+CVE-2006-3378
 	{DSA-1150-1}
 	- shadow 1:4.0.14-1 (bug #379174)
-CVE-2006-3377 (Cross-site scripting (XSS) vulnerability in JMB Software AutoRank PHP ...)
+CVE-2006-3377
 	NOT-FOR-US: JMB Software AutoRank PHP
-CVE-2006-3376 (Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple ...)
+CVE-2006-3376
 	{DSA-1194-1}
 	- libwmf 0.2.8.4-2 (bug #381538; medium)
-CVE-2006-3375 (PHP remote file inclusion vulnerability in includes/header.inc.php in ...)
+CVE-2006-3375
 	NOT-FOR-US: Randshop
-CVE-2006-3374 (PHP remote file inclusion vulnerability in index.php in Randshop 1.2 ...)
+CVE-2006-3374
 	NOT-FOR-US: Randshop
-CVE-2006-3373 (Unspecified vulnerability in the client/bin/logfetch script in Hobbit ...)
+CVE-2006-3373
 	NOT-FOR-US: Hobbit
-CVE-2006-3372 (Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of ...)
+CVE-2006-3372
 	NOT-FOR-US: Apple Safari
-CVE-2006-3371 (Eupla Foros 1.0 stores the inc/config.inc file under the web document ...)
+CVE-2006-3371
 	NOT-FOR-US: Eupla Foros
-CVE-2006-3370 (Blueboy 1.0.3 stores bb_news_config.inc under the web document root ...)
+CVE-2006-3370
 	NOT-FOR-US: Blueboy
-CVE-2006-3369 (Kamikaze-QSCM 0.1 stores config.inc under the web document root with ...)
+CVE-2006-3369
 	NOT-FOR-US: Kamikaze-QSCM
-CVE-2006-3368 (Efone 20000723 stores config.inc under the web document root with ...)
+CVE-2006-3368
 	NOT-FOR-US: Efone
-CVE-2006-3367 (Mp3 JudeBox Server (Mp3NetBox) Beta 1 stores config.inc under the web ...)
+CVE-2006-3367
 	NOT-FOR-US: Mp3NetBox
-CVE-2006-3366 (Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow ...)
+CVE-2006-3366
 	NOT-FOR-US: V3 Chat
-CVE-2006-3365 (V3 Chat allows remote attackers to obtain the installation path via ...)
+CVE-2006-3365
 	NOT-FOR-US: V3 Chat
-CVE-2006-3364 (SQL injection vulnerability in index.php in the NP_SEO plugin in ...)
+CVE-2006-3364
 	NOT-FOR-US: BLOG:CMS
-CVE-2006-3363 (PHP remote file inclusion vulnerability in index.php in the Glossaire ...)
+CVE-2006-3363
 	NOT-FOR-US: Glossaire for Xoops
-CVE-2006-3362 (Unrestricted file upload vulnerability in connectors/php/connector.php ...)
+CVE-2006-3362
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2006-3361 (PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and ...)
+CVE-2006-3361
 	NOT-FOR-US: Stud.IP
-CVE-2006-3360 (Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 ...)
+CVE-2006-3360
 	- phpsysinfo <unfixed> (unimportant)
 	- egroupware <unfixed> (unimportant)
 	- phpgroupware <unfixed> (unimportant)
 	NOTE: Only the existence of files inside the WWW root is leaked. If this is
 	NOTE: a threat to your setup you most probably shouldn't install a script which
 	NOTE: exposes all your system data, either.
-CVE-2006-3359 (Multiple SQL injection vulnerabilities in index.php in NewsPHP 2006 ...)
+CVE-2006-3359
 	NOT-FOR-US: NewsPHP
-CVE-2006-3358 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-3358
 	NOT-FOR-US: NewsPHP
-CVE-2006-3357 (Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) ...)
+CVE-2006-3357
 	NOT-FOR-US: HTML Help ActiveX control
-CVE-2006-3356 (The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and ...)
+CVE-2006-3356
 	NOT-FOR-US: Apple
-CVE-2006-3355 (Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll ...)
+CVE-2006-3355
 	- mpg123 0.60-1 (bug #377264; medium)
 	[sarge] - mpg123 <no-dsa> (Non-free not supported)
-CVE-2006-3354 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+CVE-2006-3354
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3353 (Opera 9 allows remote attackers to cause a denial of service (crash) ...)
+CVE-2006-3353
 	NOT-FOR-US: Opera
-CVE-2006-3352 (** DISPUTED ** ...)
+CVE-2006-3352
 	NOTE: firefox, but invalid
-CVE-2006-3351 (Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and ...)
+CVE-2006-3351
 	NOT-FOR-US: Windows Explorer
-CVE-2006-3695 (Trac before 0.9.6 does not disable the &quot;raw&quot; or &quot;include&quot; commands ...)
+CVE-2006-3695
 	{DSA-1152}
 	- trac 0.9.6-1 (medium)
 	[sarge] - trac 0.8.1-3sarge5
-CVE-2006-3458 (Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does ...)
+CVE-2006-3458
 	{DSA-1113}
 	- zope2.7 <removed> (bug #377285; medium)
 	- zope2.8 2.8.7-2 (bug #377277; medium)
 	- zope2.9 2.9.3-3 (bug #377286; medium)
-CVE-2006-3404 (Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c ...)
+CVE-2006-3404
 	{DSA-1116}
 	- gimp 2.2.11-3.1 (bug #377049; medium)
-CVE-2006-3350 (Stack-based buffer overflow in AutoVue SolidModel Professional Desktop ...)
+CVE-2006-3350
 	NOT-FOR-US: AutoVue SolidModel Professional Desktop
-CVE-2006-3349 (Multiple SQL injection vulnerabilities in SmS Script allow remote ...)
+CVE-2006-3349
 	NOT-FOR-US: SmS Script
-CVE-2006-3348 (Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 ...)
+CVE-2006-3348
 	NOT-FOR-US: HSPcomplete
-CVE-2006-3347 (SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP ...)
+CVE-2006-3347
 	NOT-FOR-US: deV!Lz Clanportal DZCP
-CVE-2006-3346 (SQL injection vulnerability in tree.php in MyNewsGroups 0.6 allows ...)
+CVE-2006-3346
 	NOT-FOR-US: MyNewsGroups
-CVE-2006-3345 (Cross-site scripting (XSS) vulnerability in AliPAGER, possibly 1.5 and ...)
+CVE-2006-3345
 	NOT-FOR-US: AliPAGER
-CVE-2006-3344 (Siemens Speedstream Wireless Router 2624 allows local users to bypass ...)
+CVE-2006-3344
 	NOT-FOR-US: Siemens Speedstream Wireless Router
-CVE-2006-3343 (PHP remote file inclusion vulnerability in recipe/cookbook.php in ...)
+CVE-2006-3343
 	NOT-FOR-US: CrisoftRicette
-CVE-2006-3342 (Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2 ...)
+CVE-2006-3342
 	NOT-FOR-US: Arctic
-CVE-2006-3341 (SQL injection vulnerability in annonces-p-f.php in MyAds module 2.04jp ...)
+CVE-2006-3341
 	NOT-FOR-US: MyAds module for Xoops
-CVE-2006-3340 (Multiple PHP remote file inclusion vulnerabilities in Pearl For Mambo ...)
+CVE-2006-3340
 	NOT-FOR-US: Pearl For Mambo
-CVE-2006-3339 (secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows ...)
+CVE-2006-3339
 	NOT-FOR-US: Atlassian
-CVE-2006-3338 (Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 ...)
+CVE-2006-3338
 	NOT-FOR-US: Atlassian
-CVE-2006-3337 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-3337
 	NOT-FOR-US: cPanel (not the Chinese language tool in Debian)
-CVE-2006-3336 (TWiki 01-Dec-2000 up to 4.0.3 allows remote attackers to bypass the ...)
+CVE-2006-3336
 	- twiki 1:4.0.4-3 (low; bug #381907)
 	NOTE: only in some server configurations
-CVE-2006-3335 (Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, ...)
+CVE-2006-3335
 	NOT-FOR-US: HP-UX
-CVE-2006-3334 (Buffer overflow in the png_decompress_chunk function in pngrutil.c in ...)
+CVE-2006-3334
 	- libpng 1.2.8rel-5.2 (bug #377298; bug #397892; unimportant)
 	NOTE: A static 50 char array consumes 13 machine words on 32bit archs, so the overflow
 	NOTE: cannot overwrite other memory sections
-CVE-2006-3333 (Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum ...)
+CVE-2006-3333
 	NOT-FOR-US: Zorum Forum
-CVE-2006-3332 (SQL injection vulnerability in index.php in Zorum Forum 3.5 allows ...)
+CVE-2006-3332
 	NOT-FOR-US: Zorum Forum
-CVE-2006-3331 (Opera before 9.0 does not reset the SSL security bar after displaying ...)
+CVE-2006-3331
 	NOT-FOR-US: Opera
-CVE-2006-3330 (Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL ...)
+CVE-2006-3330
 	NOT-FOR-US: PHP/MySQL Classifieds
-CVE-2006-3329 (SQL injection vulnerability in search.php in PHP/MySQL Classifieds ...)
+CVE-2006-3329
 	NOT-FOR-US: PHP/MySQL Classifieds
-CVE-2006-3328 (new_ticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal ...)
+CVE-2006-3328
 	NOT-FOR-US: Hostflow
-CVE-2006-3327 (Cross-site scripting (XSS) vulnerability in Custom dating biz dating ...)
+CVE-2006-3327
 	NOT-FOR-US: Custom dating biz dating script
-CVE-2006-3326 (Directory traversal vulnerability in QuickZip 3.06.3 allows remote ...)
+CVE-2006-3326
 	NOT-FOR-US: QuickZip
-CVE-2006-3325 (client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus ...)
+CVE-2006-3325
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660834)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-3324 (The Automatic Downloading option in the id3 Quake 3 Engine and the ...)
+CVE-2006-3324
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660832)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-3323 (PHP remote file inclusion vulnerability in admin/admin.php in MF ...)
+CVE-2006-3323
 	NOT-FOR-US: MF Piadas
-CVE-2006-3322 (SQL injection vulnerability in includes/functions_logging.php in ...)
+CVE-2006-3322
 	NOT-FOR-US: phpRaid
-CVE-2006-3321 (Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp ...)
+CVE-2006-3321
 	NOT-FOR-US: OpenForum
-CVE-2006-3320 (Cross-site scripting (XSS) vulnerability in command.php in SiteBar ...)
+CVE-2006-3320
 	{DSA-1130-1}
 	- sitebar 3.3.8-1.1 (bug #377299; low)
-CVE-2006-3319 (Cross-site scripting (XSS) vulnerability in rss/index.php in PHP ...)
+CVE-2006-3319
 	NOT-FOR-US: PHP iCalendar
-CVE-2006-3318 (SQL injection vulnerability in register.php for phpRaid 3.0.6 and ...)
+CVE-2006-3318
 	NOT-FOR-US: phpRaid
-CVE-2006-3317 (PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote ...)
+CVE-2006-3317
 	NOT-FOR-US: phpRaid
-CVE-2006-3316 (Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 ...)
+CVE-2006-3316
 	NOT-FOR-US: phpRaid
-CVE-2006-3315 (PHP remote file inclusion vulnerability in page.php in an unspecified ...)
+CVE-2006-3315
 	NOT-FOR-US: "unspecified RahnemaCo.com product, possibly eShop"
-CVE-2006-3314 (PHP remote file inclusion vulnerability in page.php in an unspecified ...)
+CVE-2006-3314
 	NOT-FOR-US: "unspecified RahnemaCo.com product, possibly eShop"
-CVE-2006-3313 (Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft ...)
+CVE-2006-3313
 	NOT-FOR-US: Netsoft smartNet
-CVE-2006-3312 (Multiple cross-site scripting (XSS) vulnerabilities in ashmans and ...)
+CVE-2006-3312
 	NOT-FOR-US: QaTraq
-CVE-2006-3311 (Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash ...)
+CVE-2006-3311
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 CVE-2006-3310
 	RESERVED
-CVE-2006-3309 (SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal ...)
+CVE-2006-3309
 	NOT-FOR-US: Scout Portal
-CVE-2006-3308 (Unspecified vulnerability in the wpprop code for Project EROS ...)
+CVE-2006-3308
 	NOT-FOR-US: bbsengine
-CVE-2006-3307 (Multiple SQL injection vulnerabilities in Project EROS bbsengine ...)
+CVE-2006-3307
 	NOT-FOR-US: bbsengine
-CVE-2006-3306 (Cross-site scripting (XSS) vulnerability in the preparestring function ...)
+CVE-2006-3306
 	NOT-FOR-US: bbsengine
-CVE-2006-3305 (Multiple cross-site scripting (XSS) vulnerabilities in UebiMiau ...)
+CVE-2006-3305
 	NOT-FOR-US: UebiMiau
-CVE-2006-3304 (SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier ...)
+CVE-2006-3304
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3303 (Multiple cross-site scripting (XSS) vulnerabilities in pm.php in ...)
+CVE-2006-3303
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3302 (PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS ...)
+CVE-2006-3302
 	NOT-FOR-US: CBSMS Mambo module
-CVE-2006-3301 (Multiple cross-site scripting (XSS) vulnerabilities in phpQLAdmin ...)
+CVE-2006-3301
 	- phpqladmin <removed> (bug #376442; low)
-CVE-2006-3300 (PHP remote file inclusion vulnerability in sms_config/gateway.php in ...)
+CVE-2006-3300
 	NOT-FOR-US: phpmysms
-CVE-2006-3299 (Cross-site scripting (XSS) vulnerability in index.php in Usenet Script ...)
+CVE-2006-3299
 	NOT-FOR-US: Usenet Script
-CVE-2006-3298 (Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to ...)
+CVE-2006-3298
 	NOT-FOR-US: Offical Yahoo! Messenger client
-CVE-2006-3297 (Cross-site scripting (XSS) vulnerability in error.php in UebiMiau ...)
+CVE-2006-3297
 	NOT-FOR-US: UebiMiau
-CVE-2006-3296 (SQL injection vulnerability in view.php in Open Guestbook 0.5 allows ...)
+CVE-2006-3296
 	NOT-FOR-US: Open Guestbook
-CVE-2006-3295 (Cross-site scripting (XSS) vulnerability in header.php in Open ...)
+CVE-2006-3295
 	NOT-FOR-US: Open Guestbook
-CVE-2006-3294 (PHP remote file inclusion vulnerability in mod_cbsms_messages.php in ...)
+CVE-2006-3294
 	NOT-FOR-US: CBSMS Mambo module
-CVE-2006-3293 (parse_notice (TiCPU) in EnergyMech (emech) before 3.0.2 allows remote ...)
+CVE-2006-3293
 	NOT-FOR-US: EnergyMech
-CVE-2006-3292 (SQL injection vulnerability in the Search gadget in Jaws 0.6.2 allows ...)
+CVE-2006-3292
 	NOT-FOR-US: Jaws
-CVE-2006-3291 (The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on ...)
+CVE-2006-3291
 	NOT-FOR-US: Cisco
-CVE-2006-3290 (HTTP server in Cisco Wireless Control System (WCS) for Linux and ...)
+CVE-2006-3290
 	NOT-FOR-US: Cisco
-CVE-2006-3289 (Cross-site scripting (XSS) vulnerability in the login page of the HTTP ...)
+CVE-2006-3289
 	NOT-FOR-US: Cisco
-CVE-2006-3288 (Unspecified vulnerability in the TFTP server in Cisco Wireless Control ...)
+CVE-2006-3288
 	NOT-FOR-US: Cisco
-CVE-2006-3287 (Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and ...)
+CVE-2006-3287
 	NOT-FOR-US: Cisco
-CVE-2006-3286 (The internal database in Cisco Wireless Control System (WCS) for Linux ...)
+CVE-2006-3286
 	NOT-FOR-US: Cisco
-CVE-2006-3285 (The internal database in Cisco Wireless Control System (WCS) for Linux ...)
+CVE-2006-3285
 	NOT-FOR-US: Cisco
-CVE-2006-3284 (Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 ...)
+CVE-2006-3284
 	NOT-FOR-US: Dating Agent PRO
-CVE-2006-3283 (SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote ...)
+CVE-2006-3283
 	NOT-FOR-US: Dating Agent PRO
-CVE-2006-3282 (requirements.php in Dating Agent PRO 4.7.1 allows remote attackers to ...)
+CVE-2006-3282
 	NOT-FOR-US: Dating Agent PRO
-CVE-2006-3281 (Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop ...)
+CVE-2006-3281
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3280 (Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows ...)
+CVE-2006-3280
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3279 (Cross-site scripting (XSS) vulnerability in aeDating 4.1 allows remote ...)
+CVE-2006-3279
 	NOT-FOR-US: aeDating
-CVE-2006-3278 (Cross-site scripting (XSS) vulnerability in H-Sphere 2.5.1 Beta 1 and ...)
+CVE-2006-3278
 	NOT-FOR-US: H-Sphere
-CVE-2006-3277 (The SMTP service of MailEnable Standard 1.92 and earlier, Professional ...)
+CVE-2006-3277
 	NOT-FOR-US: MailEnable
-CVE-2006-3276 (Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and ...)
+CVE-2006-3276
 	NOT-FOR-US: Helix DNA Server
-CVE-2006-3275 (SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and ...)
+CVE-2006-3275
 	NOT-FOR-US: YaBB
-CVE-2006-3274 (Directory traversal vulnerability in Webmin before 1.280, when run on ...)
+CVE-2006-3274
 	- webmin <not-affected> (only windows)
-CVE-2006-3273 (Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 ...)
+CVE-2006-3273
 	NOT-FOR-US: Some Chess
-CVE-2006-3272 (Cross-site request forgery (CSRF) vulnerability in menu.php in Some ...)
+CVE-2006-3272
 	NOT-FOR-US: Some Chess
-CVE-2006-3271 (Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow ...)
+CVE-2006-3271
 	NOT-FOR-US: Softbiz Dating
-CVE-2006-3270 (SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows ...)
+CVE-2006-3270
 	NOT-FOR-US: THoRCMS
-CVE-2006-3269 (PHP remote file inclusion vulnerability in includes/functions_cms.php ...)
+CVE-2006-3269
 	NOT-FOR-US: THoRCMS
-CVE-2006-3268 (Unspecified vulnerability in the Windows Client API in Novell ...)
+CVE-2006-3268
 	NOT-FOR-US: Novell GroupWise
-CVE-2006-3267 (SQL injection vulnerability in index.php in Infinite Core Technologies ...)
+CVE-2006-3267
 	NOT-FOR-US: Infinite Core Technologies
-CVE-2006-3266 (Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite ...)
+CVE-2006-3266
 	NOT-FOR-US: Bee-hive
-CVE-2006-3265 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-3265
 	NOT-FOR-US: Qdig
-CVE-2006-3264 (Cross-site scripting (XSS) vulnerability in mclient.cgi in Namo ...)
+CVE-2006-3264
 	NOT-FOR-US: Namo DeepSearch
-CVE-2006-3263 (SQL injection vulnerability in the Weblinks module (weblinks.php) in ...)
+CVE-2006-3263
 	- mambo 4.5.3h-2 (medium)
-CVE-2006-3262 (SQL injection vulnerability in the Weblinks module (weblinks.php) in ...)
+CVE-2006-3262
 	- mambo 4.5.3h-2 (medium)
-CVE-2006-3261 (Cross-site scripting (XSS) vulnerability in Trend Micro Control ...)
+CVE-2006-3261
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2006-3260 (Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 ...)
+CVE-2006-3260
 	NOT-FOR-US: vlbook
-CVE-2006-3259 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 ...)
+CVE-2006-3259
 	NOT-FOR-US: e107
-CVE-2006-3258 (Multiple cross-site scripting (XSS) vulnerabilities in index.html in ...)
+CVE-2006-3258
 	NOT-FOR-US: BNBT TrinEdit and EasyTracker
-CVE-2006-3257 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 ...)
+CVE-2006-3257
 	NOT-FOR-US: Claroline
-CVE-2006-3256 (SQL injection vulnerability in report.php in Woltlab Burning Board ...)
+CVE-2006-3256
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3255 (SQL injection vulnerability in showmods.php in Woltlab Burning Board ...)
+CVE-2006-3255
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3254 (SQL injection vulnerability in newthread.php in Woltlab Burning Board ...)
+CVE-2006-3254
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3253 (** DISPUTED ** ...)
+CVE-2006-3253
 	NOT-FOR-US: vBulletin
-CVE-2006-3252 (Buffer overflow in the Online Registration Facility for Algorithmic ...)
+CVE-2006-3252
 	NOT-FOR-US: Algorithmic Research PrivateWire VPN
-CVE-2006-3251 (Heap-based buffer overflow in the array_push function in hashcash.c ...)
+CVE-2006-3251
 	{DSA-1114}
 	- hashcash 1.21 (bug #376444)
-CVE-2006-3250 (Heap-based buffer overflow in Windows Live Messenger 8.0 allows ...)
+CVE-2006-3250
 	NOT-FOR-US: Windows Live Messenger
-CVE-2006-3249 (** DISPUTED ** ...)
+CVE-2006-3249
 	NOT-FOR-US: Phorum
 CVE-2006-3248
 	REJECTED
-CVE-2006-3247 (Multiple cross-site scripting (XSS) vulnerabilities in show.php in ...)
+CVE-2006-3247
 	NOT-FOR-US: GL-SH Deaf Forum
-CVE-2006-3246 (Cross-site scripting (XSS) vulnerability in show.php in GL-SH Deaf ...)
+CVE-2006-3246
 	NOT-FOR-US: GL-SH Deaf Forum
-CVE-2006-3245 (Multiple cross-site scripting (XSS) vulnerabilities in activatemember ...)
+CVE-2006-3245
 	NOT-FOR-US: mvnForum
-CVE-2006-3244 (Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier ...)
+CVE-2006-3244
 	NOT-FOR-US: Anthill
-CVE-2006-3243 (SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) ...)
+CVE-2006-3243
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3242 (Stack-based buffer overflow in the browse_get_namespace function in ...)
+CVE-2006-3242
 	{DSA-1108}
 	- mutt 1.5.11+cvs20060403-2 (low; bug #375828)
-CVE-2006-3241 (Cross-site scripting (XSS) vulnerability in messages.php in XennoBB ...)
+CVE-2006-3241
 	NOT-FOR-US: XennoBB
-CVE-2006-3240 (Cross-site scripting (XSS) vulnerability in classes/ui.class.php in ...)
+CVE-2006-3240
 	NOT-FOR-US: dotProject
-CVE-2006-3239 (SQL injection vulnerability in message.php in VBZooM 1.11 and earlier ...)
+CVE-2006-3239
 	NOT-FOR-US: VBZooM
-CVE-2006-3238 (Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier ...)
+CVE-2006-3238
 	NOT-FOR-US: VBZooM
-CVE-2006-3237 (Cross-site scripting (XSS) vulnerability in index.php in Enterprise ...)
+CVE-2006-3237
 	NOT-FOR-US: Enterprise Groupware System
-CVE-2006-3236 (Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier ...)
+CVE-2006-3236
 	NOT-FOR-US: thinkWMS
-CVE-2006-3235 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-3235
 	NOT-FOR-US: FineShop
-CVE-2006-3234 (Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 ...)
+CVE-2006-3234
 	NOT-FOR-US: FineShop
-CVE-2006-3233 (Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in ...)
+CVE-2006-3233
 	NOT-FOR-US: OpenWebMail
-CVE-2006-3232 (Unspecified vulnerability in IBM WebSphere Application Server before ...)
+CVE-2006-3232
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-3231 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2006-3231
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-3230 (Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus ...)
+CVE-2006-3230
 	NOT-FOR-US: Azureus plugin that isn't distributed by default
-CVE-2006-3229 (Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, ...)
+CVE-2006-3229
 	NOT-FOR-US: OpenWebMail
-CVE-2006-3228 (Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including ...)
+CVE-2006-3228
 	NOT-FOR-US: WinAmp
-CVE-2006-3227 (Interpretation conflict between Internet Explorer and other web ...)
+CVE-2006-3227
 	NOT-FOR-US: Internet Explorer
-CVE-2006-3226 (Cisco Secure Access Control Server (ACS) 4.x for Windows uses the ...)
+CVE-2006-3226
 	NOT-FOR-US: Cisco
-CVE-2006-3225 (Cross-site scripting (XSS) vulnerability in Sun ONE Application Server ...)
+CVE-2006-3225
 	NOT-FOR-US: Sun ONE Application Server
-CVE-2006-3224 (Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote ...)
+CVE-2006-3224
 	NOT-FOR-US: Apple Safari
-CVE-2006-3223 (Format string vulnerability in CA Integrated Threat Management (ITM), ...)
+CVE-2006-3223
 	NOT-FOR-US: CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP)
-CVE-2006-3222 (The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 ...)
+CVE-2006-3222
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2006-3221 (SQL injection vulnerability in index.php in DataLife Engine 4.1 and ...)
+CVE-2006-3221
 	NOT-FOR-US: DataLife
-CVE-2006-3220 (SQL injection vulnerability in studienplatztausch.php in Woltlab ...)
+CVE-2006-3220
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3219 (SQL injection vulnerability in thread.php in Woltlab Burning Board ...)
+CVE-2006-3219
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3218 (SQL injection vulnerability in profile.php in Woltlab Burning Board ...)
+CVE-2006-3218
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3217 (JaguarEditControl (JEdit) ActiveX Control 1.1.0.20 and earlier allows ...)
+CVE-2006-3217
 	NOT-FOR-US: JaguarEditControl
-CVE-2006-3216 (Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for ...)
+CVE-2006-3216
 	NOT-FOR-US: MAILsweeper
-CVE-2006-3215 (Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for ...)
+CVE-2006-3215
 	NOT-FOR-US: MAILsweeper
-CVE-2006-3214 (Unspecified vulnerability in Hitachi Groupmax Address Server 7 and ...)
+CVE-2006-3214
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2006-3213 (SQL injection vulnerability in WeBBoA Hosting 1.1 allows remote ...)
+CVE-2006-3213
 	NOT-FOR-US: WeBBoA Hosting
-CVE-2006-3212 (Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook ...)
+CVE-2006-3212
 	NOT-FOR-US: cjGuestbook
-CVE-2006-3211 (Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook ...)
+CVE-2006-3211
 	NOT-FOR-US: cjGuestbook
-CVE-2006-3210 (Ralf Image Gallery (RIG) 0.7.4 and other versions before 1.0, when ...)
+CVE-2006-3210
 	NOT-FOR-US: Ralf Image Gallery
-CVE-2006-3209 (** DISPUTED ** The Task scheduler (at.exe) on Microsoft Windows XP ...)
+CVE-2006-3209
 	NOT-FOR-US: Microsoft Windows
-CVE-2006-3208 (Direct static code injection vulnerability in Ultimate PHP Board (UPB) ...)
+CVE-2006-3208
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3207 (Directory traversal vulnerability in newpost.php in Ultimate PHP Board ...)
+CVE-2006-3207
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3206 (register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows ...)
+CVE-2006-3206
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3205 (Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to ...)
+CVE-2006-3205
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3204 (Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically ...)
+CVE-2006-3204
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3203 (The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier ...)
+CVE-2006-3203
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3202 (The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain ...)
+CVE-2006-3202
 	NOT-FOR-US: NetBSD's KAME stack
-CVE-2006-3201 (Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and ...)
+CVE-2006-3201
 	NOT-FOR-US: HP-UX
-CVE-2006-3200 (Unspecified versions of Internet Explorer allow remote attackers to ...)
+CVE-2006-3200
 	NOT-FOR-US: Internet Explorer
-CVE-2006-3199 (Opera 9 allows remote attackers to cause a denial of service (crash) ...)
+CVE-2006-3199
 	NOT-FOR-US: Opera
-CVE-2006-3198 (Integer overflow in Opera 8.54 and earlier allows remote attackers to ...)
+CVE-2006-3198
 	NOT-FOR-US: Opera
-CVE-2006-3197 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) ...)
+CVE-2006-3197
 	NOT-FOR-US: Invision Power Board
-CVE-2006-3196 (index.php in singapore 0.10.0 and earlier allows remote attackers to ...)
+CVE-2006-3196
 	NOT-FOR-US: singapore
-CVE-2006-3195 (Cross-site scripting (XSS) vulnerability in index.php in singapore ...)
+CVE-2006-3195
 	NOT-FOR-US: singapore
-CVE-2006-3194 (Directory traversal vulnerability in index.php in singapore 0.10.0 and ...)
+CVE-2006-3194
 	NOT-FOR-US: singapore
-CVE-2006-3193 (Multiple PHP remote file inclusion vulnerabilities in Grayscale ...)
+CVE-2006-3193
 	NOT-FOR-US: BandSite
-CVE-2006-3192 (PHP remote file inclusion vulnerability in Ad Manager Pro 2.6 allows ...)
+CVE-2006-3192
 	NOT-FOR-US: Ad Manager
-CVE-2006-3191 (Cross-site scripting (XSS) vulnerability in comment.php in MPCS 0.2 ...)
+CVE-2006-3191
 	NOT-FOR-US: MPCS
-CVE-2006-3190 (SQL injection vulnerability in administration/includes/login/auth.php ...)
+CVE-2006-3190
 	NOT-FOR-US: HotPlug CMS
-CVE-2006-3189 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-3189
 	NOT-FOR-US: HotPlug CMS
-CVE-2006-3188 (Multiple SQL injection vulnerabilities in Sharky e-shop 3.05 and ...)
+CVE-2006-3188
 	NOT-FOR-US: Sharky e-shop
-CVE-2006-3187 (Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop ...)
+CVE-2006-3187
 	NOT-FOR-US: Sharky e-shop
-CVE-2006-3186 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon ...)
+CVE-2006-3186
 	NOT-FOR-US: CMS Faethon
-CVE-2006-3185 (PHP remote file inclusion vulnerability in data/header.php in CMS ...)
+CVE-2006-3185
 	NOT-FOR-US: CMS Faethon
-CVE-2006-3184 (Direct static code injection vulnerability in ASP Stats Generator ...)
+CVE-2006-3184
 	NOT-FOR-US: ASP Stats Generator
-CVE-2006-3183 (Cross-site scripting (XSS) vulnerability in index.php in MobeScripts ...)
+CVE-2006-3183
 	NOT-FOR-US: Mobile Space Community
-CVE-2006-3182 (Directory traversal vulnerability in index.php in MobeScripts Mobile ...)
+CVE-2006-3182
 	NOT-FOR-US: Mobile Space Community
-CVE-2006-3181 (SQL injection vulnerability in index.php in MobeScripts Mobile Space ...)
+CVE-2006-3181
 	NOT-FOR-US: Mobile Space Community
-CVE-2006-3180 (Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx ...)
+CVE-2006-3180
 	NOT-FOR-US: Confixx Pro
-CVE-2006-3179 (Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in ...)
+CVE-2006-3179
 	NOT-FOR-US: Confixx Pro
-CVE-2006-3178 (Directory traversal vulnerability in extract_chmLib example program in ...)
+CVE-2006-3178
 	{DSA-1144-1}
 	- chmlib 0.38-1 (bug #374085; low)
-CVE-2006-3177 (PHP remote file inclusion vulnerability in Admin/rtf_parser.php in The ...)
+CVE-2006-3177
 	NOT-FOR-US: The Bible Portal Project
-CVE-2006-3176 (SQL injection vulnerability in xarancms_haupt.php in xarancms 2.0 ...)
+CVE-2006-3176
 	NOT-FOR-US: xarancms
-CVE-2006-3175 (Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 ...)
+CVE-2006-3175
 	NOT-FOR-US: mcGuestbook
-CVE-2006-3174 (Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail ...)
+CVE-2006-3174
 	- squirrelmail 2:1.4.7-1 (bug #375782; unimportant)
 	NOTE: Operation with registers_globals not supported
-CVE-2006-3173 (Multiple PHP remote file inclusion vulnerabilities in Content*Builder ...)
+CVE-2006-3173
 	NOT-FOR-US: Content*Builder
-CVE-2006-3172 (Multiple PHP remote file inclusion vulnerabilities in Content*Builder ...)
+CVE-2006-3172
 	NOT-FOR-US: Content*Builder
-CVE-2006-3171 (CRLF injection vulnerability in CS-Forum before 0.82 allows remote ...)
+CVE-2006-3171
 	NOT-FOR-US: CS-Forum
-CVE-2006-3170 (CS-Forum before 0.82 allows remote attackers to obtain sensitive ...)
+CVE-2006-3170
 	NOT-FOR-US: CS-Forum
-CVE-2006-3169 (Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 ...)
+CVE-2006-3169
 	NOT-FOR-US: CS-Forum
-CVE-2006-3168 (SQL injection vulnerability in CS-Forum before 0.82 allows remote ...)
+CVE-2006-3168
 	NOT-FOR-US: CS-Forum
-CVE-2006-3167 (Free Realty before 2.9 allows remote attackers to obtain the full path ...)
+CVE-2006-3167
 	NOT-FOR-US: Free Realty
-CVE-2006-3166 (Cross-site scripting (XSS) vulnerability in propview.php in Free ...)
+CVE-2006-3166
 	NOT-FOR-US: Free Realty
-CVE-2006-3165 (SQL injection vulnerability in propview.php in Free Realty 2.9-0.7 and ...)
+CVE-2006-3165
 	NOT-FOR-US: Free Realty
-CVE-2006-3164 (SQL injection vulnerability in category.php in TPL Design tplShop 2.0 ...)
+CVE-2006-3164
 	NOT-FOR-US: tplShop
-CVE-2006-3163 (Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 ...)
+CVE-2006-3163
 	NOT-FOR-US: IMGallery
-CVE-2006-3162 (PHP remote file inclusion vulnerability in include/inc_foot.php in ...)
+CVE-2006-3162
 	NOT-FOR-US: SmartSiteCMS
-CVE-2006-3161 (SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier ...)
+CVE-2006-3161
 	NOT-FOR-US: SaphpLesson
-CVE-2006-3160 (Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple ...)
+CVE-2006-3160
 	NOT-FOR-US: Simple File Manager
-CVE-2006-3159 (pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built ...)
+CVE-2006-3159
 	NOT-FOR-US: Sun ONE/iPlanet Messaging Server
-CVE-2006-3158 (index.php in Eduha Meeting does not properly restrict file extensions ...)
+CVE-2006-3158
 	NOT-FOR-US: Eduha Meeting
-CVE-2006-3157 (Cross-site scripting (XSS) vulnerability in index.php in Thinkfactory ...)
+CVE-2006-3157
 	NOT-FOR-US: UltimateGoogle
-CVE-2006-3156 (Cross-site scripting (XSS) vulnerability in index.cgi in Ultimate ...)
+CVE-2006-3156
 	NOT-FOR-US: Ultimate eShop
-CVE-2006-3155 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate ...)
+CVE-2006-3155
 	NOT-FOR-US: Ultimate Auction
-CVE-2006-3154 (SQL injection vulnerability in index.pl in Ultimate Estate 1.0 and ...)
+CVE-2006-3154
 	NOT-FOR-US: Ultimate Estate
-CVE-2006-3153 (Cross-site scripting (XSS) vulnerability in index.pl in Ultimate ...)
+CVE-2006-3153
 	NOT-FOR-US: Ultimate Estate
-CVE-2006-3152 (Multiple SQL injection vulnerabilities in phpTRADER 4.9 SP5 and ...)
+CVE-2006-3152
 	NOT-FOR-US: phpTRADER
-CVE-2006-3151 (Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD ...)
+CVE-2006-3151
 	NOT-FOR-US: AssoCIateD
-CVE-2006-3150 (SQL injection vulnerability in index.php in CavoxCms 1.0.16 and ...)
+CVE-2006-3150
 	NOT-FOR-US: CavoxCms
-CVE-2006-3149 (Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum ...)
+CVE-2006-3149
 	NOT-FOR-US: phpMyForum
-CVE-2006-3148 (SQL injection vulnerability, possibly in search.inc.php, in ...)
+CVE-2006-3148
 	NOT-FOR-US: Open-Realty
-CVE-2006-3147 (Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix ...)
+CVE-2006-3147
 	NOT-FOR-US: Hosting Controller
-CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier ...)
+CVE-2006-3146
 	NOT-FOR-US: Toshiba drivers for Windows
-CVE-2006-3145 (Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows ...)
+CVE-2006-3145
 	- netpbm-free <not-affected> (Debian's version is too old; affects 10.30 to 10.33 only)
-CVE-2006-3144 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3144
 	NOT-FOR-US: IBD Micro CMS
-CVE-2006-3143 (Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus ...)
+CVE-2006-3143
 	NOT-FOR-US: Maximus SchoolMAX
-CVE-2006-3142 (SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote ...)
+CVE-2006-3142
 	NOT-FOR-US: VBZooM
-CVE-2006-3141 (Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye ...)
+CVE-2006-3141
 	NOT-FOR-US: Tradingeye Shop
-CVE-2006-3140 (SQL injection vulnerability in index.php in openCI 1.0 BETA 0.20.1 and ...)
+CVE-2006-3140
 	NOT-FOR-US: openCI
-CVE-2006-3139 (Multiple SQL injection vulnerabilities in war.php in Virtual War ...)
+CVE-2006-3139
 	NOT-FOR-US: Virtual War
-CVE-2006-3138 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyDirectory ...)
+CVE-2006-3138
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-3137 (Cross-site scripting (XSS) vulnerability in productDetail.asp in Edge ...)
+CVE-2006-3137
 	NOT-FOR-US: Edge eCommerce Shop
-CVE-2006-3136 (** DISPUTED ** ...)
+CVE-2006-3136
 	NOT-FOR-US: Nucleus
-CVE-2006-3135 (Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and ...)
+CVE-2006-3135
 	NOT-FOR-US: CMS Mundo
-CVE-2006-3134 (Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by ...)
+CVE-2006-3134
 	NOT-FOR-US: GraceNote ActiveX Control
 CVE-2006-3133
 	RESERVED
-CVE-2006-3132 (Cross-site scripting (XSS) vulnerability in qtofm.php4 in ...)
+CVE-2006-3132
 	NOT-FOR-US: QTOFileManager
-CVE-2006-3131 (Multiple cross-site scripting (XSS) vulnerabilities in Clubpage allow ...)
+CVE-2006-3131
 	NOT-FOR-US: Clubpage
-CVE-2006-3130 (SQL injection vulnerability in index.php in Clubpage allows remote ...)
+CVE-2006-3130
 	NOT-FOR-US: Clubpage
-CVE-2006-3129 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC ...)
+CVE-2006-3129
 	NOT-FOR-US: LinkList
-CVE-2006-3128 (choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does ...)
+CVE-2006-3128
 	NOT-FOR-US: easy-CMS
-CVE-2006-3127 (Memory leak in Network Security Services (NSS) 3.11, as used in Sun ...)
+CVE-2006-3127
 	- mozilla <not-affected> (SunSolve claims it is only in 3.11; latest released is 3.10)
-CVE-2006-3126 (c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute ...)
+CVE-2006-3126
 	{DSA-1165}
 	- capi4hylafax 1:01.03.00.99.svn.300-3
-CVE-2006-3125 (Array index error in tetrinet.c in gtetrinet 0.7.8 and earlier allows ...)
+CVE-2006-3125
 	{DSA-1163}
 	- gtetrinet 0.7.10-1
-CVE-2006-3124 (Buffer overflow in the HTTP header parsing in Streamripper before ...)
+CVE-2006-3124
 	{DSA-1158}
 	- streamripper 1.61.25-2
-CVE-2006-3123 (Multiple integer overflows in the (1) dodecrypt and (2) doencrypt ...)
+CVE-2006-3123
 	{DSA-1138-1}
 	- cfs 1.4.1-17
-CVE-2006-3122 (The supersede_lease function in memory.c in ISC DHCP (dhcpd) server ...)
+CVE-2006-3122
 	{DSA-1143-1}
 	- dhcp 2.0pl5-19.5 (bug #380273)
-CVE-2006-3121 (The peel_netstring function in cl_netstring.c in the heartbeat ...)
+CVE-2006-3121
 	{DSA-1151-1}
 	- heartbeat-2 2.0.6-2
 	- heartbeat 1.2.4-14
-CVE-2006-3120 (Format string vulnerability in Brian Wotring Osiris before 4.2.1 ...)
+CVE-2006-3120
 	{DSA-1129}
 	- osiris 4.2.0-2 (medium)
-CVE-2006-3119 (The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a ...)
+CVE-2006-3119
 	{DSA-1124}
 	- fbi 2.05-1
-CVE-2006-3118 (spread uses a temporary file with a static filename based on the port ...)
+CVE-2006-3118
 	- spread 3.17.3-4 (bug #375617; low)
 	[sarge] - spread <no-dsa> (Minimal security implications)
-CVE-2006-3117 (Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up ...)
+CVE-2006-3117
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-3116 (Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 ...)
+CVE-2006-3116
 	NOT-FOR-US: phpRaid
-CVE-2006-3115 (SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly ...)
+CVE-2006-3115
 	NOT-FOR-US: phpRaid
-CVE-2006-3114 (PC Tools AntiVirus 2.1.0.51 uses insecure default permissions on the ...)
+CVE-2006-3114
 	NOT-FOR-US: PC Tools AntiVirus
-CVE-2006-3113 (Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and ...)
+CVE-2006-3113
 	NOTE: MFSA-2006-46
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (high)
@@ -9282,372 +9282,372 @@ CVE-2006-3113 (Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, a
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3112 (Chipmailer 1.09 allows remote attackers to obtain sensitive ...)
+CVE-2006-3112
 	NOT-FOR-US: Chipmailer
-CVE-2006-3111 (Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 ...)
+CVE-2006-3111
 	NOT-FOR-US: Chipmailer
-CVE-2006-3110 (Cross-site scripting (XSS) vulnerability in main.php in Chipmailer ...)
+CVE-2006-3110
 	NOT-FOR-US: Chipmailer
-CVE-2006-3109 (Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 ...)
+CVE-2006-3109
 	NOT-FOR-US: Cisco
-CVE-2006-3108 (Cross-site scripting (XSS) vulnerability in EmailArchitect Email ...)
+CVE-2006-3108
 	NOT-FOR-US: EmailArchitect
-CVE-2006-3107 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
+CVE-2006-3107
 	NOT-FOR-US: Docebo
-CVE-2006-3106 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2006-3106
 	NOT-FOR-US: phpMyDesktop
-CVE-2006-3105 (CRLF injection vulnerability in Bitweaver 1.3 allows remote attackers ...)
+CVE-2006-3105
 	NOT-FOR-US: Bitweaver
-CVE-2006-3104 (users/index.php in Bitweaver 1.3 allows remote attackers to obtain ...)
+CVE-2006-3104
 	NOT-FOR-US: Bitweaver
-CVE-2006-3103 (Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows ...)
+CVE-2006-3103
 	NOT-FOR-US: Bitweaver
-CVE-2006-3102 (Race condition in articles/BitArticle.php in Bitweaver 1.3, when run ...)
+CVE-2006-3102
 	NOT-FOR-US: Bitweaver
-CVE-2006-3101 (Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco ...)
+CVE-2006-3101
 	NOT-FOR-US: Cisco
 CVE-2006-3099
 	RESERVED
 CVE-2006-3098
 	RESERVED
-CVE-2006-3097 (Unspecified vulnerability in Support Tools Manager (xstm, cstm, and ...)
+CVE-2006-3097
 	NOT-FOR-US: HP-UX Support Tools Manager
-CVE-2006-3096 (Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier ...)
+CVE-2006-3096
 	NOT-FOR-US: iPostMX
-CVE-2006-3095 (Multiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 ...)
+CVE-2006-3095
 	NOT-FOR-US: iPostMX
-CVE-2006-3094 (Multiple SQL injection vulnerabilities in Calendarix Basic ...)
+CVE-2006-3094
 	NOT-FOR-US: Calendarix Basic
-CVE-2006-3093 (Multiple unspecified vulnerabilities in Adobe Acrobat Reader ...)
+CVE-2006-3093
 	NOT-FOR-US: Adobe Reader
-CVE-2006-3092 (PhpMyFactures 1.2 and earlier allows remote attackers to bypass ...)
+CVE-2006-3092
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3091 (PhpMyFactures 1.0, and possibly 1.2 and earlier, allows remote ...)
+CVE-2006-3091
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3090 (Multiple SQL injection vulnerabilities in PhpMyFactures 1.0, and ...)
+CVE-2006-3090
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3089 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures ...)
+CVE-2006-3089
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3088 (Cross-site scripting (XSS) vulnerability in index.php in Car ...)
+CVE-2006-3088
 	NOT-FOR-US: Car Classifieds
-CVE-2006-3087 (Multiple cross-site scripting (XSS) vulnerabilities in EZGallery 1.5 ...)
+CVE-2006-3087
 	NOT-FOR-US: EZGallery
-CVE-2006-3086 (Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName ...)
+CVE-2006-3086
 	NOT-FOR-US: Microsoft
-CVE-2006-3084 (The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to ...)
+CVE-2006-3084
 	{DSA-1146-1}
 	- krb5 1.4.3-9 (medium)
-CVE-2006-3083 (The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) ...)
+CVE-2006-3083
 	{DSA-1146-1}
 	- krb5 1.4.3-9 (medium)
-CVE-2006-3082 (parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, ...)
+CVE-2006-3082
 	{DSA-1115 DSA-1107}
 	- gnupg 1.4.3-2 (bug #375052; bug #375473; low)
 	- gnupg2 1.9.20-1.1 (bug #375053; low)
-CVE-2006-3081 (mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x ...)
+CVE-2006-3081
 	{DSA-1112}
 	- mysql-dfsg-5.0 5.0.19-1 (bug #373913; high)
 CVE-2006-3100 [termnetd buffer overflow]
 	RESERVED
 	- termpkg 3.3-7 (bug #358028; medium)
-CVE-2006-3085 (xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers ...)
+CVE-2006-3085
 	- linux-2.6 2.6.16-15
 CVE-2006-XXXX [webalizer-stonesteps XSS]
 	- webalizer-stonesteps 2.4.1.2-1
-CVE-2006-3080 (Cross-site scripting (XSS) vulnerability in viewposts.cfm in ...)
+CVE-2006-3080
 	NOT-FOR-US: aXentForum
-CVE-2006-3079 (Cross-site scripting (XSS) vulnerability in index.cfm in SSPwiz Plus ...)
+CVE-2006-3079
 	NOT-FOR-US: SSPwiz Plus
-CVE-2006-3078 (Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier ...)
+CVE-2006-3078
 	NOT-FOR-US: APBoard
-CVE-2006-3077 (Cross-site scripting (XSS) vulnerability in guestbook.cfm in ...)
+CVE-2006-3077
 	NOT-FOR-US: aXentGuestbook
-CVE-2006-3076 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3076
 	NOT-FOR-US: PhpBlueDragon
-CVE-2006-3075 (Multiple PHP remote file inclusion vulnerabilities in PictureDis ...)
+CVE-2006-3075
 	NOT-FOR-US: PictureDis Professional
-CVE-2006-3074 (klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky ...)
+CVE-2006-3074
 	NOT-FOR-US: Several Kaspersky products
-CVE-2006-3073 (Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN ...)
+CVE-2006-3073
 	NOT-FOR-US: Cisco
-CVE-2006-3072 (M4 Macro Library in Symantec Security Information Manager before ...)
+CVE-2006-3072
 	NOT-FOR-US: Symantec Security Information Manager
-CVE-2006-3071 (Cross-site scripting (XSS) vulnerability in index.php in MP3 ...)
+CVE-2006-3071
 	NOT-FOR-US: MP3 Search/Archive
-CVE-2006-3070 (write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with ...)
+CVE-2006-3070
 	NOT-FOR-US: Zeroboard
-CVE-2006-3069 (** DISPUTED ** ...)
+CVE-2006-3069
 	NOT-FOR-US: DoubleSpeak
-CVE-2006-3068 (IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote ...)
+CVE-2006-3068
 	NOT-FOR-US: IBM DB2
-CVE-2006-3067 (Multiple unspecified vulnerabilities in IBM DB2 Universal Database ...)
+CVE-2006-3067
 	NOT-FOR-US: IBM DB2
-CVE-2006-3066 (Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database ...)
+CVE-2006-3066
 	NOT-FOR-US: IBM DB2
-CVE-2006-3065 (SQL injection vulnerability in engine/shards/blog.php in blur6ex ...)
+CVE-2006-3065
 	NOT-FOR-US: blur6ex
-CVE-2006-3064 (SQL injection vulnerability in the add_hit function in ...)
+CVE-2006-3064
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-3063 (Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook ...)
+CVE-2006-3063
 	NOT-FOR-US: myPHP Guestbook
-CVE-2006-3062 (Cross-site scripting (XSS) vulnerability in index.php in myPHP ...)
+CVE-2006-3062
 	NOT-FOR-US: myPHP Guestbook
-CVE-2006-3061 (Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review ...)
+CVE-2006-3061
 	NOT-FOR-US: 5 Star Review
-CVE-2006-3060 (Cross-site scripting (XSS) vulnerability in P.A.I.D 2.2 allows remote ...)
+CVE-2006-3060
 	NOT-FOR-US: P.A.I.D
-CVE-2006-3059 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows ...)
+CVE-2006-3059
 	NOT-FOR-US: Microsoft Excel
 CVE-2006-3058
 	RESERVED
-CVE-2006-3057 (Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) ...)
+CVE-2006-3057
 	- dhcdbd 1.14-1
-CVE-2006-3056 (SQL injection vulnerability in language.php in VBZooM 1.01 allows ...)
+CVE-2006-3056
 	NOT-FOR-US: VBZooM
-CVE-2006-3055 (Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote ...)
+CVE-2006-3055
 	NOT-FOR-US: VBZooM
-CVE-2006-3054 (Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote ...)
+CVE-2006-3054
 	NOT-FOR-US: VBZooM
-CVE-2006-3053 (** DISPUTED ** ...)
+CVE-2006-3053
 	NOT-FOR-US: PHORUM
-CVE-2006-3052 (Cross-site scripting (XSS) vulnerability in Event Registration allows ...)
+CVE-2006-3052
 	NOT-FOR-US: Event Registration
-CVE-2006-3051 (Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, ...)
+CVE-2006-3051
 	NOT-FOR-US: SixCMS
-CVE-2006-3050 (Directory traversal vulnerability in detail.php in SixCMS 6.0, and ...)
+CVE-2006-3050
 	NOT-FOR-US: SixCMS
-CVE-2006-3049 (Multiple cross-site scripting (XSS) vulnerabilities in booking3.php in ...)
+CVE-2006-3049
 	NOT-FOR-US: Mole Group Ticket Booking Script
-CVE-2006-3048 (SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier ...)
+CVE-2006-3048
 	- tikiwiki 1.9.4-1 (medium)
-CVE-2006-3047 (Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.3.2 and ...)
+CVE-2006-3047
 	- tikiwiki 1.9.4-1 (medium)
-CVE-2006-3046 (Unspecified vulnerability in the admin login feature in Subtext 1.5, ...)
+CVE-2006-3046
 	NOT-FOR-US: Subtext
-CVE-2006-3045 (PHP remote file inclusion vulnerability in manage_songs.php in Foing ...)
+CVE-2006-3045
 	NOT-FOR-US: Foing
-CVE-2006-3044 (Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows ...)
+CVE-2006-3044
 	NOT-FOR-US: LogiSphere
-CVE-2006-3043 (Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe ...)
+CVE-2006-3043
 	NOT-FOR-US: CFXe-CMS
-CVE-2006-3042 (** DISPUTED ** ...)
+CVE-2006-3042
 	NOT-FOR-US: ISPConfig
-CVE-2006-3041 (** DISPUTED ** ...)
+CVE-2006-3041
 	NOT-FOR-US: Codewalkers Ltwcalendar
-CVE-2006-3040 (** DISPUTED ** ...)
+CVE-2006-3040
 	NOT-FOR-US: Amr Talkbox
-CVE-2006-3039 (Cross-site scripting (XSS) vulnerability in index.php in Cescripts ...)
+CVE-2006-3039
 	NOT-FOR-US: Cescripts Realty Home Rent
-CVE-2006-3038 (Cross-site scripting (XSS) vulnerability in index.php in Cescripts ...)
+CVE-2006-3038
 	NOT-FOR-US: Cescripts Realty Home Rent
-CVE-2006-3037 (Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ...)
+CVE-2006-3037
 	NOT-FOR-US: ST AdManager Lite
-CVE-2006-3036 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-3036
 	NOT-FOR-US: 35mmslidegallery
-CVE-2006-3035 (Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in ...)
+CVE-2006-3035
 	NOT-FOR-US: MyScrapbook
-CVE-2006-3034 (MyScrapbook 3.1 allows remote attackers to obtain sensitive ...)
+CVE-2006-3034
 	NOT-FOR-US: MyScrapbook
-CVE-2006-3033 (Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows ...)
+CVE-2006-3033
 	NOT-FOR-US: MyScrapbook
-CVE-2006-3032 (Multiple cross-site scripting (XSS) vulnerabilities in Xtreme ASP ...)
+CVE-2006-3032
 	NOT-FOR-US: Xtreme ASP Photo Gallery
-CVE-2006-3031 (Multiple cross-site scripting (XSS) vulnerabilities in index.asp in ...)
+CVE-2006-3031
 	NOT-FOR-US: fipsCMS
-CVE-2006-3030 (Multiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping ...)
+CVE-2006-3030
 	NOT-FOR-US: DwZone Shopping Cart
-CVE-2006-3029 (Cross-site scripting (XSS) vulnerability in default.asp in ClickTech ...)
+CVE-2006-3029
 	NOT-FOR-US: ClickTech Clickcart
-CVE-2006-3028 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-3028
 	NOT-FOR-US: Minerva
-CVE-2006-3027 (Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and ...)
+CVE-2006-3027
 	NOT-FOR-US: Enthrallwebe ePhotos
-CVE-2006-3026 (Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery ...)
+CVE-2006-3026
 	NOT-FOR-US: ClickGallery
-CVE-2006-3025 (Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea ...)
+CVE-2006-3025
 	NOT-FOR-US: Chris Lea Lucid Calendar
-CVE-2006-3024 (Multiple cross-site scripting (XSS) vulnerabilities in EvGenius ...)
+CVE-2006-3024
 	NOT-FOR-US: EvGenius Counter
-CVE-2006-3023 (Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp ...)
+CVE-2006-3023
 	NOT-FOR-US: Uapplication Uphotogallery
-CVE-2006-3022 (Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery ...)
+CVE-2006-3022
 	NOT-FOR-US: fipsGallery
-CVE-2006-3021 (Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar ...)
+CVE-2006-3021
 	NOT-FOR-US: BlueCollar i-Gallery
-CVE-2006-3020 (Multiple cross-site scripting (XSS) vulnerabilities in FullPhoto.asp ...)
+CVE-2006-3020
 	NOT-FOR-US: WS-Album
-CVE-2006-3019 (Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 ...)
+CVE-2006-3019
 	NOT-FOR-US: phpCMS
-CVE-2006-3018 (Unspecified vulnerability in the session extension functionality in ...)
+CVE-2006-3018
 	- php5 5.1.4-0.1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Sanitising is the application's responsibilitys
-CVE-2006-3017 (zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x ...)
+CVE-2006-3017
 	{DSA-1206-1}
 	- php5 5.1.4-0.1 (medium)
 	- php4 4:4.4.4-1 (medium; bug #381998)
-CVE-2006-3016 (Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown ...)
+CVE-2006-3016
 	- php5 5.1.4-0.1 (unimportant)
 	- php4 4:4.4.4-1 (unimportant; bug #382259)
 	NOTE: Sanitising is the application's responsibilitys
-CVE-2006-3015 (Argument injection vulnerability in WinSCP 3.8.1 build 328 allows ...)
+CVE-2006-3015
 	NOT-FOR-US: WinSCP
-CVE-2006-3014 (Microsoft Excel allows user-assisted attackers to execute arbitrary ...)
+CVE-2006-3014
 	NOT-FOR-US: Microsoft Excel / Flashplayer for Windows
-CVE-2006-3013 (Interpretation conflict in resetpw.php in phpBannerExchange before 2.0 ...)
+CVE-2006-3013
 	NOT-FOR-US: phpBannerExchange
-CVE-2006-3012 (SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 ...)
+CVE-2006-3012
 	NOT-FOR-US: phpBannerExchange
-CVE-2006-3011 (The error_log function in basic_functions.c in PHP before 4.4.4 and ...)
+CVE-2006-3011
 	- php4 4:4.4.4-1 (unimportant)
 	- php5 5.1.6-1 (unimportant)
 	NOTE: Safe mode violations are not supported
-CVE-2006-3010 (Multiple SQL injection vulnerabilities in Open Business Management ...)
+CVE-2006-3010
 	NOT-FOR-US: Open Business Management
-CVE-2006-3009 (Multiple cross-site scripting (XSS) vulnerabilities in Open Business ...)
+CVE-2006-3009
 	NOT-FOR-US: Open Business Management
 CVE-2006-3008
 	REJECTED
-CVE-2006-3007 (Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 ...)
+CVE-2006-3007
 	NOT-FOR-US: SHOUTcast
-CVE-2006-3006 (Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly ...)
+CVE-2006-3006
 	NOT-FOR-US: iFoto
-CVE-2006-3005 (The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is ...)
+CVE-2006-3005
 	- libjpeg6b <not-affected> (--maxmem is set during configure)
 	- libjpeg-mmx <removed> (bug #373672; low)
 	[sarge] - libjpeg-mmx <no-dsa> (If this poses a threat, the admin can apply resource limits)
-CVE-2006-3004 (Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone ...)
+CVE-2006-3004
 	NOT-FOR-US: Ez Ringtone
-CVE-2006-3003 (details.php in Easy Ad-Manager allows remote attackers to obtain the ...)
+CVE-2006-3003
 	NOT-FOR-US: Easy Ad-Manager
-CVE-2006-3002 (Cross-site scripting (XSS) vulnerability in details.php in Easy ...)
+CVE-2006-3002
 	NOT-FOR-US: OkScripts product
-CVE-2006-3001 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts ...)
+CVE-2006-3001
 	NOT-FOR-US: OkScripts product
-CVE-2006-3000 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts ...)
+CVE-2006-3000
 	NOT-FOR-US: OkScripts product
-CVE-2006-2999 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts ...)
+CVE-2006-2999
 	NOT-FOR-US: OkScripts product
-CVE-2006-2998 (PHP remote file inclusion vulnerability in board/post.php in free ...)
+CVE-2006-2998
 	NOT-FOR-US: QBoard
-CVE-2006-2997 (Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when ...)
+CVE-2006-2997
 	- zope-zms <unfixed> (bug #373667; unimportant)
 	[sarge] - zope-zms <no-dsa> (Only exploitable with register_globals)
 	NOTE: register_globals is an unsupported mode of operation in Debian
-CVE-2006-2996 (PHP remote file inclusion vulnerability in inc/design.inc.php in ...)
+CVE-2006-2996
 	NOT-FOR-US: aePartner
-CVE-2006-2995 (Multiple PHP remote file inclusion vulnerabilities in WebprojectDB ...)
+CVE-2006-2995
 	NOT-FOR-US: WebprojectDB
-CVE-2006-2994 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-2994
 	NOT-FOR-US: phazizGuestbook
-CVE-2006-2993 (Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and ...)
+CVE-2006-2993
 	NOT-FOR-US: My Photo Scrapbook
-CVE-2006-2992 (Cross-site scripting (XSS) vulnerability in display.asp in My Photo ...)
+CVE-2006-2992
 	NOT-FOR-US: My Photo Scrapbook
-CVE-2006-2991 (Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 ...)
+CVE-2006-2991
 	NOT-FOR-US: Ringlink
-CVE-2006-2990 (Cross-site scripting (XSS) vulnerability in default.asp in VanillaSoft ...)
+CVE-2006-2990
 	NOT-FOR-US: VanillaSoft
-CVE-2006-2989 (Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ...)
+CVE-2006-2989
 	NOT-FOR-US: ASP ListPics
-CVE-2006-2988 (Cross-site scripting (XSS) vulnerability in dictionary.php in Chemical ...)
+CVE-2006-2988
 	NOT-FOR-US: Chemical Dictionary
-CVE-2006-2987 (Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka ...)
+CVE-2006-2987
 	NOT-FOR-US: PICRATE
-CVE-2006-2986 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie ...)
+CVE-2006-2986
 	NOT-FOR-US: vSCAL and vsREAL
-CVE-2006-2985 (SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and ...)
+CVE-2006-2985
 	NOT-FOR-US: IntegraMOD
-CVE-2006-2984 (Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD ...)
+CVE-2006-2984
 	NOT-FOR-US: IntegraMOD
-CVE-2006-2983 (PHP remote file inclusion vulnerability in Enterprise Timesheet and ...)
+CVE-2006-2983
 	NOT-FOR-US: Enterprise Timesheet and Payroll Systems (EPS)
-CVE-2006-2982 (Multiple PHP remote file inclusion vulnerabilities in Enterprise ...)
+CVE-2006-2982
 	NOT-FOR-US: Enterprise Timesheet and Payroll Systems (EPS)
-CVE-2006-2981 (SQL injection vulnerability in vs_search.php in Arantius Vice Stats ...)
+CVE-2006-2981
 	NOT-FOR-US: Arantius Vice Stats
-CVE-2006-2980 (SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop ...)
+CVE-2006-2980
 	NOT-FOR-US: ViArt
-CVE-2006-2979 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free ...)
+CVE-2006-2979
 	NOT-FOR-US: ViArt
-CVE-2006-2978 (Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the ...)
+CVE-2006-2978
 	NOT-FOR-US: Moblog
-CVE-2006-2977 (SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and ...)
+CVE-2006-2977
 	NOT-FOR-US: Moblog
-CVE-2006-2976 (Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery ...)
+CVE-2006-2976
 	NOT-FOR-US: Coppermine
-CVE-2006-2975 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-2975
 	NOT-FOR-US: PBL Guestbook
-CVE-2006-2974 (Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect ...)
+CVE-2006-2974
 	NOT-FOR-US: EmailArchitect
-CVE-2006-2973 (Multiple SQL injection vulnerabilities in month.php in PHP Lite ...)
+CVE-2006-2973
 	NOT-FOR-US: PHP Lite Calendar
-CVE-2006-2972 (SQL injection vulnerability in vs_resource.php in Arantius Vice Stats ...)
+CVE-2006-2972
 	NOT-FOR-US: Arantius Vice Stats
-CVE-2006-2971 (Integer overflow in the recv_packet function in 0verkill 0.16 allows ...)
+CVE-2006-2971
 	- overkill 0.16-9 (bug #373687; low)
 	[sarge] - overkill <no-dsa> (Only DoS against an obscure game, no code injection possible)
-CVE-2006-2970 (videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain ...)
+CVE-2006-2970
 	NOT-FOR-US: tinyMuw
-CVE-2006-2969 (Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow ...)
+CVE-2006-2969
 	NOT-FOR-US: tinyMuw
-CVE-2006-2968 (Cross-site scripting (XSS) vulnerability in search.php in PHP Labware ...)
+CVE-2006-2968
 	NOT-FOR-US: LabWiki
-CVE-2006-2967 (Syworks SafeNET allows local users to bypass restrictions on network ...)
+CVE-2006-2967
 	NOT-FOR-US: SafeNET
-CVE-2006-2966 (Cross-site scripting (XSS) vulnerability in Particle Soft Particle ...)
+CVE-2006-2966
 	NOT-FOR-US: Particle Wiki
-CVE-2006-2965 (Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft ...)
+CVE-2006-2965
 	NOT-FOR-US: Particle Whois
-CVE-2006-2964 (Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts ...)
+CVE-2006-2964
 	NOT-FOR-US: Xtreme Downloads
-CVE-2006-2963 (Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in ...)
+CVE-2006-2963
 	NOT-FOR-US: Cabacos Web CMS
-CVE-2006-2962 (PHP remote file inclusion vulnerability in sql_fcnsOLD.php in ...)
+CVE-2006-2962
 	NOT-FOR-US: Empris
-CVE-2006-2961 (Stack-based buffer overflow in CesarFTP 0.99g and earlier allows ...)
+CVE-2006-2961
 	NOT-FOR-US: CesarFTP
-CVE-2006-2960 (PHP remote file inclusion vulnerability in includes/joomla.php in ...)
+CVE-2006-2960
 	NOT-FOR-US: Joomla!
-CVE-2006-2959 (SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 ...)
+CVE-2006-2959
 	NOT-FOR-US: Snitz Forum
-CVE-2006-2958 (Directory traversal vulnerability in FilZip 3.05 allows remote ...)
+CVE-2006-2958
 	NOT-FOR-US: FilZip
-CVE-2006-2957 (Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and ...)
+CVE-2006-2957
 	NOT-FOR-US: i.List
-CVE-2006-2956 (Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta ...)
+CVE-2006-2956
 	NOT-FOR-US: i.List
-CVE-2006-2955 (Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice ...)
+CVE-2006-2955
 	NOT-FOR-US: KAPhotoservice
-CVE-2006-2954 (SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier ...)
+CVE-2006-2954
 	NOT-FOR-US: OfficeFlow
-CVE-2006-2953 (Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow ...)
+CVE-2006-2953
 	NOT-FOR-US: OfficeFlow
-CVE-2006-2952 (Directory traversal vulnerability in Net Portal Dynamic System (NPDS) ...)
+CVE-2006-2952
 	NOT-FOR-US: NPDS
-CVE-2006-2951 (Multiple cross-site scripting (XSS) vulnerabilities in Net Portal ...)
+CVE-2006-2951
 	NOT-FOR-US: NPDS
-CVE-2006-2950 (Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote ...)
+CVE-2006-2950
 	NOT-FOR-US: NPDS
-CVE-2006-2949 (Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 ...)
+CVE-2006-2949
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2948 (A-CART 2.0 stores the acart2_0.mdb file under the web document root ...)
+CVE-2006-2948
 	NOT-FOR-US: A-CART
-CVE-2006-2947 (Dmx Forum 2.1a allows remote attackers to obtain username and password ...)
+CVE-2006-2947
 	NOT-FOR-US: Dmx Forum
-CVE-2006-2946 (Dmx Forum 2.1a stores _includes/bd.inc under the web root with ...)
+CVE-2006-2946
 	NOT-FOR-US: Dmx Forum
-CVE-2006-2945 (Unspecified vulnerability in the user profile change functionality in ...)
+CVE-2006-2945
 	- dokuwiki 0.0.20060309-4 (bug #373689; low)
-CVE-2006-2944 (Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier ...)
+CVE-2006-2944
 	NOT-FOR-US: FORM2MAIL
-CVE-2006-2943 (Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows ...)
+CVE-2006-2943
 	NOT-FOR-US: WebFORM
-CVE-2006-2942 (TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki ...)
+CVE-2006-2942
 	- twiki <not-affected> (Debian's version is old and does not include affected file)
-CVE-2006-2941 (Mailman before 2.1.9rc1 allows remote attackers to cause a denial of ...)
+CVE-2006-2941
 	- mailman <not-affected> (Mailman uses the system version of the affected Python lib)
-CVE-2006-2940 (OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions ...)
+CVE-2006-2940
 	{DSA-1195-1 DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
@@ -9656,376 +9656,376 @@ CVE-2006-2939
 	REJECTED
 CVE-2006-2938
 	REJECTED
-CVE-2006-2937 (OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote ...)
+CVE-2006-2937
 	{DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
 	- openssl096 <not-affected>
-CVE-2006-2936 (The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up ...)
+CVE-2006-2936
 	{DSA-1184-2}
 	- linux-2.6 2.6.17-5 (low)
-CVE-2006-2935 (The dvd_read_bca function in the DVD handling code in ...)
+CVE-2006-2935
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.17-5 (low)
-CVE-2006-2934 (SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux ...)
+CVE-2006-2934
 	- linux-2.6 2.6.17-3
-CVE-2006-2933 (kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat ...)
+CVE-2006-2933
 	[sarge] - kdebase <not-affected> (Only KDE < 3.2 vulnerable)
 	- kdebase 3.5.2-1 (medium)
 	NOTE: exact fixed version not known, however bug only affects < 3.2
-CVE-2006-2932 (A regression error in the restore_all code path of the 4/4GB split ...)
+CVE-2006-2932
 	- linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2006-2931 (CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, ...)
+CVE-2006-2931
 	NOT-FOR-US: CMS Mundo
-CVE-2006-2930 (Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid ...)
+CVE-2006-2930
 	NOT-FOR-US: Sun
-CVE-2006-2929 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2929
 	NOT-FOR-US: OpenEMR
-CVE-2006-2928 (Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 ...)
+CVE-2006-2928
 	NOT-FOR-US: CMS-Bandits
-CVE-2006-2927 (Multiple cross-site scripting (XSS) vulnerabilities in post.asp in ...)
+CVE-2006-2927
 	NOT-FOR-US: CAForum
-CVE-2006-2926 (Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate ...)
+CVE-2006-2926
 	NOT-FOR-US: Qbik
-CVE-2006-2925 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+CVE-2006-2925
 	NOT-FOR-US: Ingate
-CVE-2006-2924 (Ingate Firewall in the SIP module before 4.4.1 and SIParator before ...)
+CVE-2006-2924
 	NOT-FOR-US: Ingate
-CVE-2006-2923 (The iax_net_read function in the iaxclient open source library, as ...)
+CVE-2006-2923
 	- iaxclient 0.0+svn20060520-2
-CVE-2006-2922 (Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie ...)
+CVE-2006-2922
 	NOT-FOR-US: MiraksGalerie
-CVE-2006-2921 (PHP remote file inclusion vulnerability in cmpro_header.inc.php in ...)
+CVE-2006-2921
 	NOT-FOR-US: CMPro
-CVE-2006-2920 (Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote ...)
+CVE-2006-2920
 	- sylpheed 2.2.6-1 (low)
 	[sarge] - sylpheed <no-dsa> (Minor evasion of phishing protection feature)
 	- sylpheed-gtk1 1.0.6-3 (bug #373187; low)
 	- sylpheed-claws 1.0.5-3 (bug #372891; low)
 	[sarge] - sylpheed-claws <no-dsa> (Minor evasion of phishing protection feature)
 	- sylpheed-claws-gtk2 2.3.0-1 (bug #372889; low)
-CVE-2006-2919 (Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote ...)
+CVE-2006-2919
 	NOT-FOR-US: Microsoft
-CVE-2006-2918 (The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores ...)
+CVE-2006-2918
 	NOT-FOR-US: Lanap BotDetect APS.NET CAPTCHA component
-CVE-2006-2917 (Directory traversal vulnerability in the IMAP server in WinGate ...)
+CVE-2006-2917
 	NOT-FOR-US: WinGate
-CVE-2006-2916 (artswrapper in aRts, when running setuid root on Linux 2.6.0 or later ...)
+CVE-2006-2916
 	- arts 1.5.3-2 (bug #374003; low)
 	[sarge] - arts <not-affected> (Not setuid root in Debian)
 	NOTE: artswrapper is not suid root by default, but README.Debian describes it
-CVE-2006-2915 (Multiple SQL injection vulnerabilities in DeluxeBB 1.06 allow remote ...)
+CVE-2006-2915
 	NOT-FOR-US: DeluxeBB
-CVE-2006-2914 (PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote ...)
+CVE-2006-2914
 	NOT-FOR-US: DeluxeBB
-CVE-2006-2913 (Cross-site scripting (XSS) vulnerability in SelectaPix 1.31 allows ...)
+CVE-2006-2913
 	NOT-FOR-US: SelectaPix
-CVE-2006-2912 (Multiple SQL injection vulnerabilities in SelectaPix 1.31 allow remote ...)
+CVE-2006-2912
 	NOT-FOR-US: SelectaPix
-CVE-2006-2911 (SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 ...)
+CVE-2006-2911
 	NOT-FOR-US: CMS Mundo
-CVE-2006-2910 (Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other ...)
+CVE-2006-2910
 	NOT-FOR-US: jetAudio
-CVE-2006-2909 (Stack-based buffer overflow in the info tip shell extension ...)
+CVE-2006-2909
 	NOT-FOR-US: PicoZip
-CVE-2006-2908 (The domecode function in inc/functions_post.php in MyBulletinBoard ...)
+CVE-2006-2908
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2006-2907
 	RESERVED
-CVE-2006-2906 (The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas ...)
+CVE-2006-2906
 	{DSA-1117}
 	- libgd2 2.0.33-5 (bug #372912; low)
 	- tetex-bin <not-affected> (Links dynamically, see #382506)
-CVE-2006-2905 (Partial Links 1.2.2 allows remote attackers to obtain sensitive ...)
+CVE-2006-2905
 	NOT-FOR-US: Partial Links
-CVE-2006-2904 (SQL injection vulnerability in index.php in Partial Links 1.2.2 allows ...)
+CVE-2006-2904
 	NOT-FOR-US: Partial Links
-CVE-2006-2903 (Cross-site scripting (XSS) vulnerability in admin.php in Particle ...)
+CVE-2006-2903
 	NOT-FOR-US: Partial Links
-CVE-2006-2902 (Directory traversal vulnerability in Particle Links 1.2.2 might allow ...)
+CVE-2006-2902
 	NOT-FOR-US: Partial Links
-CVE-2006-2901 (The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware ...)
+CVE-2006-2901
 	NOT-FOR-US: D-Link
-CVE-2006-2900 (Internet Explorer 6 allows user-assisted remote attackers to read ...)
+CVE-2006-2900
 	NOT-FOR-US: Microsoft
-CVE-2006-2899 (Unspecified vulnerability in ESTsoft InternetDISK versions before ...)
+CVE-2006-2899
 	NOT-FOR-US: ESTsoft InternetDISK
-CVE-2006-2898 (The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 ...)
+CVE-2006-2898
 	{DSA-1126}
 	- asterisk 1:1.2.10.dfsg-2 (bug #380054)
 	- iax 0.2.2-5
 	[sarge] - iax <not-affected> (Vulnerable code not present)
 	- iaxmodem 0.1.8.dfsg-2
-CVE-2006-2897 (Cross-site scripting (XSS) vulnerability in FunkBoard 0.71 allows ...)
+CVE-2006-2897
 	NOT-FOR-US: Funkboard
-CVE-2006-2896 (profile.php in FunkBoard CF0.71 allows remote attackers to change ...)
+CVE-2006-2896
 	NOT-FOR-US: Funkboard
-CVE-2006-2895 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to ...)
+CVE-2006-2895
 	- mediawiki <not-affected> (Affects only 1.6.0-1.6.6)
-CVE-2006-2894 (Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, ...)
+CVE-2006-2894
 	{DSA-1401-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
-CVE-2006-2893 (index.php in GANTTy 1.0.3 allows remote attackers to obtain the full ...)
+CVE-2006-2893
 	NOT-FOR-US: GANTTy
-CVE-2006-2892 (Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3 ...)
+CVE-2006-2892
 	NOT-FOR-US: GANTTy
-CVE-2006-2891 (Cross-site scripting (XSS) vulnerability in admin/index.php for ...)
+CVE-2006-2891
 	NOT-FOR-US: Pixelpost
-CVE-2006-2890 (Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, ...)
+CVE-2006-2890
 	NOT-FOR-US: Pixelpost
-CVE-2006-2889 (Multiple SQL injection vulnerabilities in index.php in Pixelpost ...)
+CVE-2006-2889
 	NOT-FOR-US: Pixelpost
-CVE-2006-2888 (PHP remote file inclusion vulnerability in _wk/wk_lang.php in Wikiwig ...)
+CVE-2006-2888
 	NOT-FOR-US: Wikiwig
-CVE-2006-2887 (Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and ...)
+CVE-2006-2887
 	NOT-FOR-US: myNewsletter
-CVE-2006-2886 (view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote ...)
+CVE-2006-2886
 	- knowledgetree <removed> (bug #373137; low)
-CVE-2006-2885 (Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree ...)
+CVE-2006-2885
 	- knowledgetree <removed> (bug #373137; low)
-CVE-2006-2884 (SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows ...)
+CVE-2006-2884
 	NOT-FOR-US: Kmita
-CVE-2006-2883 (Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ ...)
+CVE-2006-2883
 	NOT-FOR-US: Kmita
-CVE-2006-2882 (Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ...)
+CVE-2006-2882
 	NOT-FOR-US: ASPScriptz
-CVE-2006-2881 (Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 ...)
+CVE-2006-2881
 	NOT-FOR-US: DreamAccount
-CVE-2006-2880 (Cross-site scripting (XSS) vulnerability in the Contributed Packages ...)
+CVE-2006-2880
 	NOT-FOR-US: pyblosxom package doesn't ship plugins
-CVE-2006-2879 (SQL injection vulnerability in newscomments.php in Alex News-Engine ...)
+CVE-2006-2879
 	NOT-FOR-US: Alex News-Engine
-CVE-2006-2878 (The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier ...)
+CVE-2006-2878
 	- dokuwiki 0.0.20060309-4 (bug #370369; bug #370785; high)
-CVE-2006-2877 (PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and ...)
+CVE-2006-2877
 	NOT-FOR-US: Bookmark4U
-CVE-2006-2876 (Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish ...)
+CVE-2006-2876
 	NOT-FOR-US: PHP Pro Publish
-CVE-2006-2875 (Stack-based buffer overflow in the CL_ParseDownload function of Quake ...)
+CVE-2006-2875
 	- tremulous 1.1.0-6 (bug #660827)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
-CVE-2006-2874 (Unspecified vulnerability in OSADS Alliance Database before 1.4 has ...)
+CVE-2006-2874
 	NOT-FOR-US: OSADS
-CVE-2006-2873 (Cross-site scripting (XSS) vulnerability in hava.asp in Enigma Haber ...)
+CVE-2006-2873
 	NOT-FOR-US: Enigma Haber
-CVE-2006-2872 (PHP remote file inclusion vulnerability in config.php in Rumble 1.02 ...)
+CVE-2006-2872
 	NOT-FOR-US: Rumble
-CVE-2006-2871 (** DISPUTED ** ...)
+CVE-2006-2871
 	NOT-FOR-US: CyBoards
-CVE-2006-2870 (Cross-site scripting (XSS) vulnerability in forum_search.asp in ...)
+CVE-2006-2870
 	NOT-FOR-US: Intelligent Solutions Inc.
-CVE-2006-2869 (Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 ...)
+CVE-2006-2869
 	NOT-FOR-US: Avast
-CVE-2006-2868 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 ...)
+CVE-2006-2868
 	NOT-FOR-US: Claroline
-CVE-2006-2867 (SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta ...)
+CVE-2006-2867
 	NOT-FOR-US: CoolForum
-CVE-2006-2866 (PHP remote file inclusion vulnerability in layout/prepend.php in ...)
+CVE-2006-2866
 	NOT-FOR-US: DotClear
-CVE-2006-2865 (** DISPUTED ** ...)
+CVE-2006-2865
 	NOTE: phpbb2, but invalid
-CVE-2006-2864 (Multiple PHP remote file inclusion vulnerabilities in BlueShoes ...)
+CVE-2006-2864
 	NOT-FOR-US: BlueShoes
-CVE-2006-2863 (PHP remote file inclusion vulnerability in class.cs_phpmailer.php in ...)
+CVE-2006-2863
 	NOT-FOR-US: CS-Cart
-CVE-2006-2862 (SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 ...)
+CVE-2006-2862
 	NOT-FOR-US: Particle Gallery
-CVE-2006-2861 (SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and ...)
+CVE-2006-2861
 	NOT-FOR-US: Particle Wiki
-CVE-2006-2860 (PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 ...)
+CVE-2006-2860
 	NOT-FOR-US: Webspotblogging
-CVE-2006-2859 (** DISPUTED ** ...)
+CVE-2006-2859
 	NOT-FOR-US: MyBloggie
-CVE-2006-2858 (SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds ...)
+CVE-2006-2858
 	NOT-FOR-US: LocazoList
-CVE-2006-2857 (SQL injection vulnerability in index.php in LifeType 1.0.4 allows ...)
+CVE-2006-2857
 	NOT-FOR-US: LifeType
-CVE-2006-2856 (ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib ...)
+CVE-2006-2856
 	NOT-FOR-US: ActiveState
-CVE-2006-2855 (SQL injection vulnerability in index.php in xueBook 1.0 allows remote ...)
+CVE-2006-2855
 	NOT-FOR-US: xueBook
-CVE-2006-2854 (SQL injection vulnerability in index.php in iBWd Guestbook 1.0 allows ...)
+CVE-2006-2854
 	NOT-FOR-US: iBWd
-CVE-2006-2853 (SQL injection vulnerability in content.php in abarcar Realty Portal ...)
+CVE-2006-2853
 	NOT-FOR-US: abarcar
-CVE-2006-2852 (PHP remote file inclusion vulnerability in dotWidget CMS 1.0.6 and ...)
+CVE-2006-2852
 	NOT-FOR-US: dotWidget
-CVE-2006-2851 (Cross-site scripting (XSS) vulnerability in index.php in dotProject ...)
+CVE-2006-2851
 	NOT-FOR-US: dotProject
-CVE-2006-2850 (Cross-site scripting (XSS) vulnerability in recentchanges.php in PHP ...)
+CVE-2006-2850
 	NOT-FOR-US: LabWiki
-CVE-2006-2849 (PHP remote file inclusion vulnerability in includes/webdav/server.php ...)
+CVE-2006-2849
 	NOT-FOR-US: Bytehoard
-CVE-2006-2848 (links.asp in aspWebLinks 2.0 allows remote attackers to change the ...)
+CVE-2006-2848
 	NOT-FOR-US: aspWebLinks
-CVE-2006-2847 (SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows ...)
+CVE-2006-2847
 	NOT-FOR-US: aspWebLinks
-CVE-2006-2846 (Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate ...)
+CVE-2006-2846
 	NOT-FOR-US: VisionGate
-CVE-2006-2845 (PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows ...)
+CVE-2006-2845
 	NOT-FOR-US: Redaxo
-CVE-2006-2844 (Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow ...)
+CVE-2006-2844
 	NOT-FOR-US: Redaxo
-CVE-2006-2843 (PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote ...)
+CVE-2006-2843
 	NOT-FOR-US: Redaxo
-CVE-2006-2841 (Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ...)
+CVE-2006-2841
 	NOT-FOR-US: AssoCIateD
-CVE-2006-2840 (Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) ...)
+CVE-2006-2840
 	NOT-FOR-US: PmWiki
-CVE-2006-2839 (Directory traversal vulnerability in PG Problem Editor module ...)
+CVE-2006-2839
 	NOT-FOR-US: WeBWorK
-CVE-2006-2838 (Buffer overflow in the web console in F-Secure Anti-Virus for ...)
+CVE-2006-2838
 	NOT-FOR-US: F-Secure
-CVE-2006-2837 (Cross-site scripting (XSS) vulnerability in Techno Dreams Guest Book ...)
+CVE-2006-2837
 	NOT-FOR-US: Techno Dreams
-CVE-2006-2836 (SQL injection vulnerability in comment.php in Pineapple Technologies ...)
+CVE-2006-2836
 	NOT-FOR-US: Pineapple Technologies Lore
-CVE-2006-2835 (SQL injection vulnerability in saphplesson 2.0 allows remote attackers ...)
+CVE-2006-2835
 	NOT-FOR-US: saphplesson
-CVE-2006-2834 (PHP remote file inclusion vulnerability in includes/common.php in ...)
+CVE-2006-2834
 	NOT-FOR-US: gnopaste
-CVE-2006-2833 (Cross-site scripting (XSS) vulnerability in the taxonomy module in ...)
+CVE-2006-2833
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2832 (Cross-site scripting (XSS) vulnerability in the upload module ...)
+CVE-2006-2832
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2831 (Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under ...)
+CVE-2006-2831
 	{DSA-1125}
 	NOTE: Although not in the changelog, sesse@ (responsible for 4.5.8-1.1)
 	NOTE: says he pulled in the entire patch for DRUPAL-SA-2006-007, which
 	NOTE: fixes CVE-2006-2831.
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2830 (Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent ...)
+CVE-2006-2830
 	NOT-FOR-US: TIBCO
-CVE-2006-2829 (Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before ...)
+CVE-2006-2829
 	NOT-FOR-US: TIBCO
-CVE-2006-2828 (Global variable overwrite vulnerability in PHP-Nuke allows remote ...)
+CVE-2006-2828
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-2827 (** DISPUTED ** ...)
+CVE-2006-2827
 	NOT-FOR-US: X-Cart
-CVE-2006-2826 (SQL injection vulnerability in sessions.inc in PHP Base Library ...)
+CVE-2006-2826
 	NOT-FOR-US: PHPLIB
-CVE-2006-2825 (cPanel does not automatically synchronize the PHP open_basedir ...)
+CVE-2006-2825
 	NOT-FOR-US: cPanel the vhost manager, not cpanel the Chinese desktop configuration tool
-CVE-2006-2824 (Logicalware MailManager before 2.0.10 does not remove 0xc8 0x27 (0xc8 ...)
+CVE-2006-2824
 	NOT-FOR-US: Logicalware
-CVE-2006-2823 (Katrien De Graeve a.shopKart 2.0 (aka ashopKart20) stores sensitive ...)
+CVE-2006-2823
 	NOT-FOR-US: ashopKart
-CVE-2006-2822 (SQL injection vulnerability in admin/default.asp in Dusan Drobac ...)
+CVE-2006-2822
 	NOT-FOR-US: cforum
-CVE-2006-2821 (Multiple cross-site scripting (XSS) vulnerabilities in DeltaScripts ...)
+CVE-2006-2821
 	NOT-FOR-US: DeltaScripts
-CVE-2006-2820 (Cross-site scripting (XSS) vulnerability in HotWebScripts.com Weblog ...)
+CVE-2006-2820
 	NOT-FOR-US: HotWebScripts
-CVE-2006-2819 (PHP remote file inclusion vulnerability in Wiki.php in Barnraiser ...)
+CVE-2006-2819
 	NOT-FOR-US: Barnraiser Igloo
-CVE-2006-2818 (PHP remote file inclusion vulnerability in common-menu.php in Cameron ...)
+CVE-2006-2818
 	NOT-FOR-US: Cameron McKay Informium
-CVE-2006-2817 (SQL injection vulnerability in bolum.php in tekno.Portal allows remote ...)
+CVE-2006-2817
 	NOT-FOR-US: tekno.Portal
-CVE-2006-2816 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-2816
 	NOT-FOR-US: CoolPHP
-CVE-2006-2815 (Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes ...)
+CVE-2006-2815
 	NOT-FOR-US: SimpleBoard
-CVE-2006-2814 (Multiple buffer overflows in the (1) vGetPost and (2) main functions ...)
+CVE-2006-2814
 	NOT-FOR-US: iShopCart
-CVE-2006-2813 (Directory traversal vulnerability in easy-scart.cgi in iShopCart ...)
+CVE-2006-2813
 	NOT-FOR-US: iShopCart
-CVE-2006-2812 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-2812
 	NOT-FOR-US: PICRATE
-CVE-2006-2811 (Multiple PHP remote file inclusion vulnerabilities in Cantico ...)
+CVE-2006-2811
 	NOT-FOR-US: Ovidentia
-CVE-2006-2810 (Multiple cross-site scripting (XSS) vulnerabilities in Belchior ...)
+CVE-2006-2810
 	NOT-FOR-US: Belchior vCard
-CVE-2006-2809 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-2809
 	NOT-FOR-US: ar-blog
-CVE-2006-2808 (Cross-site scripting (XSS) vulnerability in Lycos Tripod htmlGEAR ...)
+CVE-2006-2808
 	NOT-FOR-US: Lycos
-CVE-2006-2807 (ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to ...)
+CVE-2006-2807
 	NOT-FOR-US: ASPwebSoft
-CVE-2006-2806 (The SMTP server in Apache Java Mail Enterprise Server (aka Apache ...)
+CVE-2006-2806
 	NOT-FOR-US: Apache James
-CVE-2006-2842 (** DISPUTED ** ...)
+CVE-2006-2842
 	- squirrelmail 2:1.4.7-1 (unimportant; bug #373731)
 	NOTE: Only exploitable with register_globals enabled
 CVE-2006-XXXX [webalizer: symlink vulnerability]
 	- webalizer 2.01.10-29 (low; bug #359745)
 	[sarge] - webalizer <no-dsa> (Minor issue)
 	NOTE: Only exploitable in far-fetched scenarios, running it as root is insecure anyway
-CVE-2006-2805 (SQL injection vulnerability in VBulletin 3.0.10 allows remote ...)
+CVE-2006-2805
 	NOT-FOR-US: vBulletin
-CVE-2006-2804 (Cross-site scripting (XSS) vulnerability in index.cfm in Goss ...)
+CVE-2006-2804
 	NOT-FOR-US: Goss iCM
-CVE-2006-2803 (Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker ...)
+CVE-2006-2803
 	NOT-FOR-US: PHP ManualMaker
-CVE-2006-2802 (Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib ...)
+CVE-2006-2802
 	{DSA-1105}
 	- xine-lib 1.1.1-2 (bug #369876; medium)
-CVE-2006-2801 (Multiple SQL injection vulnerabilities in Unak CMS 1.5 RC2 and earlier ...)
+CVE-2006-2801
 	NOT-FOR-US: Unak CMS
-CVE-2006-2800 (Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS 1.5 ...)
+CVE-2006-2800
 	NOT-FOR-US: Unak CMS
-CVE-2006-2799 (Cross-site scripting (XSS) vulnerability in content_footer.php in ...)
+CVE-2006-2799
 	NOT-FOR-US: toendaCMS
-CVE-2006-2798 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-2798
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2006-2797 (Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 ...)
+CVE-2006-2797
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2006-2796 (Cross-site scripting (XSS) vulnerability in gallery.php in Captivate ...)
+CVE-2006-2796
 	NOT-FOR-US: Captivate gallery.php
-CVE-2006-2795 (Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking ...)
+CVE-2006-2795
 	NOT-FOR-US: XiTi Tracking Script
-CVE-2006-2794 (Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to ...)
+CVE-2006-2794
 	NOT-FOR-US: ASPSitem
-CVE-2006-2793 (SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier ...)
+CVE-2006-2793
 	NOT-FOR-US: ASPSitem
-CVE-2006-2792 (SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) ...)
+CVE-2006-2792
 	NOT-FOR-US: wbboard
-CVE-2006-2791 (Directory traversal vulnerability in index.php in iBoutique.MALL and ...)
+CVE-2006-2791
 	NOT-FOR-US: iBoutique.MALL
-CVE-2006-2790 (A package component in Sun Storage Automated Diagnostic Environment ...)
+CVE-2006-2790
 	NOT-FOR-US: Sun StorADE
-CVE-2006-2789 (Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when &quot;load images if ...)
+CVE-2006-2789
 	- evolution 2.4.0-1 (low)
 	[sarge] - evolution <not-affected> (Not reproducible on Sarge's evolution)
 	NOTE: Verified that the patch has been applied in 2.4.0-1,
 	NOTE: may have been fixed earlier.
-CVE-2006-2788 (Double free vulnerability in the getRawDER function for nsIX509Cert in ...)
+CVE-2006-2788
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.4 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2787 (EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows ...)
+CVE-2006-2787
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-31
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- thunderbird 1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2786 (HTTP response smuggling vulnerability in Mozilla Firefox and ...)
+CVE-2006-2786
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-33
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- thunderbird 1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2785 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2006-2785
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-34
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2784 (The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows ...)
+CVE-2006-2784
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-36
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- mozilla <removed> (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2783 (Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode ...)
+CVE-2006-2783
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-42
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
@@ -10038,164 +10038,164 @@ CVE-2006-2783 (Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against, Lenny is affected
 	- kdelibs <not-affected> (bug #561765)
-CVE-2006-2782 (Firefox 1.5.0.2 does not fix all test cases associated with ...)
+CVE-2006-2782
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-41
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2781 (Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before ...)
+CVE-2006-2781
 	{DSA-1134-1 DSA-1118}
 	NOTE: MFSA-2006-40
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
-CVE-2006-2780 (Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 ...)
+CVE-2006-2780
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-32
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2779 (Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers ...)
+CVE-2006-2779
 	{DSA-1160 DSA-1159 DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-32
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2778 (The crypto.signText function in Mozilla Firefox and Thunderbird before ...)
+CVE-2006-2778
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-38
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2777 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and ...)
+CVE-2006-2777
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-43
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2776 (Certain privileged UI code in Mozilla Firefox and Thunderbird before ...)
+CVE-2006-2776
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-37
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2775 (Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL ...)
+CVE-2006-2775
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-35
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2774 (Cross-site scripting (XSS) vulnerability in search.php in QontentOne ...)
+CVE-2006-2774
 	NOT-FOR-US: QontentOne
-CVE-2006-2773 (admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does ...)
+CVE-2006-2773
 	NOT-FOR-US: Hogstorps
-CVE-2006-2772 (Cross-site scripting (XSS) vulnerability in add.asp in Hogstorps ...)
+CVE-2006-2772
 	NOT-FOR-US: Hogstorps
-CVE-2006-2771 (admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not ...)
+CVE-2006-2771
 	NOT-FOR-US: Hogstorps
-CVE-2006-2770 (Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 ...)
+CVE-2006-2770
 	NOT-FOR-US: pppBLOG
-CVE-2006-2769 (The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through ...)
+CVE-2006-2769
 	- snort 2.3.3-8 (low; bug #381726)
 	[sarge] - snort <no-dsa> (Minor impact)
-CVE-2006-2768 (PHP remote file inclusion vulnerability in METAjour 2.1, when ...)
+CVE-2006-2768
 	NOT-FOR-US: METAjour
-CVE-2006-2767 (PHP remote file inclusion vulnerability in Ottoman 1.1.2, when ...)
+CVE-2006-2767
 	NOT-FOR-US: Ottoman
-CVE-2006-2766 (Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet ...)
+CVE-2006-2766
 	NOT-FOR-US: Microsoft
-CVE-2006-2765 (Cross-site scripting (XSS) vulnerability in news_information.php in ...)
+CVE-2006-2765
 	NOT-FOR-US: Interlink
-CVE-2006-2764 (Cross-site scripting (XSS) vulnerability in GuestbookXL 1.3 allows ...)
+CVE-2006-2764
 	NOT-FOR-US: GuestbookXL
-CVE-2006-2763 (SQL injection vulnerability in Pre News Manager 1.0 allows remote ...)
+CVE-2006-2763
 	NOT-FOR-US: Pre News Manager
-CVE-2006-2762 (PHP remote file inclusion vulnerability in includes/config.php in ...)
+CVE-2006-2762
 	{DSA-1096-1}
 	- webcalendar 1.0.4-1 (medium)
-CVE-2006-2761 (SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, ...)
+CVE-2006-2761
 	NOT-FOR-US: Hitachi
-CVE-2006-2760 (SQL injection vulnerability in modules.php in 4nNukeWare 4nForum 0.91 ...)
+CVE-2006-2760
 	NOT-FOR-US: 4nForum
-CVE-2006-2759 (jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary ...)
+CVE-2006-2759
 	- jetty <not-affected> (vulnerable code not in Debian version)
-CVE-2006-2758 (Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 ...)
+CVE-2006-2758
 	- jetty <not-affected> (vulnerable code not in Debian version)
-CVE-2006-2757 (Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows ...)
+CVE-2006-2757
 	NOT-FOR-US: Chipmunk guestbook
-CVE-2006-2756 (Eitsop My Web Server 1.0 allows remote attackers to cause a denial of ...)
+CVE-2006-2756
 	NOT-FOR-US: Eitsop
-CVE-2006-2755 (Cross-site scripting (XSS) vulnerability in index.php in UBBThreads ...)
+CVE-2006-2755
 	NOT-FOR-US: UBBThreads
-CVE-2006-2754 (Stack-based buffer overflow in st.c in slurpd for OpenLDAP before ...)
+CVE-2006-2754
 	- openldap2.3 2.3.24-1 (bug #375494; bug #377047; unimportant)
 	NOTE: File is only written and read by slurpd, only editable by root
-CVE-2006-2752 (The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux ...)
+CVE-2006-2752
 	NOT-FOR-US: RedCarpet
-CVE-2006-2751 (Cross-site scripting (XSS) vulnerability in Open Searchable Image ...)
+CVE-2006-2751
 	NOT-FOR-US: OSIC
-CVE-2006-2750 (Cross-site scripting (XSS) vulnerability in the do_mysql_query ...)
+CVE-2006-2750
 	NOT-FOR-US: OSIC
-CVE-2006-2749 (SQL injection vulnerability in search.php in Open Searchable Image ...)
+CVE-2006-2749
 	NOT-FOR-US: OSIC
-CVE-2006-2748 (SQL injection vulnerability in the do_mysql_query function in core.php ...)
+CVE-2006-2748
 	NOT-FOR-US: OSIC
-CVE-2006-2747 (Directory traversal vulnerability in index.php in PhpMyDesktop|arcade ...)
+CVE-2006-2747
 	NOT-FOR-US: PhpMyDesktop
-CVE-2006-2746 (Multiple cross-site scripting (XSS) vulnerabilities in F@cile ...)
+CVE-2006-2746
 	NOT-FOR-US: F@cile
-CVE-2006-2745 (Multiple PHP remote file inclusion vulnerabilities in F@cile ...)
+CVE-2006-2745
 	NOT-FOR-US: F@cile
-CVE-2006-2744 (PHP remote file inclusion vulnerability in p-popupgallery.php in ...)
+CVE-2006-2744
 	NOT-FOR-US: F@cile
-CVE-2006-2743 (Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with ...)
+CVE-2006-2743
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (bug #368835; medium)
-CVE-2006-2742 (SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 ...)
+CVE-2006-2742
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2741 (Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 ...)
+CVE-2006-2741
 	NOT-FOR-US: tinyBB
-CVE-2006-2740 (Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow ...)
+CVE-2006-2740
 	NOT-FOR-US: tinyBB
-CVE-2006-2739 (PHP remote file inclusion vulnerability in footers.php in Epicdesigns ...)
+CVE-2006-2739
 	NOT-FOR-US: tinyBB
-CVE-2006-2738 (The open source version of Open-Xchange 0.8.2 and earlier uses a ...)
+CVE-2006-2738
 	NOT-FOR-US: Open-Xchange
-CVE-2006-2737 (utilities/register.asp in Nukedit 4.9.6 and earlier allows remote ...)
+CVE-2006-2737
 	NOT-FOR-US: Nukedit
-CVE-2006-2736 (PHP remote file inclusion vulnerability in blend_data/blend_common.php ...)
+CVE-2006-2736
 	NOT-FOR-US: Blend Portal
-CVE-2006-2735 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2735
 	NOT-FOR-US: Amod
-CVE-2006-2734 (enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote ...)
+CVE-2006-2734
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-2733 (membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security ...)
+CVE-2006-2733
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-2732 (SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and ...)
+CVE-2006-2732
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-2731 (Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier ...)
+CVE-2006-2731
 	NOT-FOR-US: Enigma Haber
-CVE-2006-2730 (PHP remote file inclusion vulnerability in admin/lib_action_step.php ...)
+CVE-2006-2730
 	NOT-FOR-US: Hot Open Tickets
-CVE-2006-2729 (Cross-site scripting (XSS) vulnerability in superalbum/index.php in ...)
+CVE-2006-2729
 	NOT-FOR-US: Photoalbum
-CVE-2006-2728 (Cross-site scripting (XSS) vulnerability in superalbum/index.php in ...)
+CVE-2006-2728
 	NOT-FOR-US: Photoalbum
-CVE-2006-2727 (home/register.php in Eggblog before 3.0 allows remote attackers to ...)
+CVE-2006-2727
 	NOT-FOR-US: Eggblog
-CVE-2006-2726 (PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d ...)
+CVE-2006-2726
 	NOT-FOR-US: Fastpublish
-CVE-2006-2725 (SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 ...)
+CVE-2006-2725
 	NOT-FOR-US: Eggblog
-CVE-2006-2724 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote ...)
+CVE-2006-2724
 	NOT-FOR-US: PunBB
-CVE-2006-2723 (Unspecified versions of Mozilla Firefox allow remote attackers to ...)
+CVE-2006-2723
 	- firefox 45.0-1 (unimportant)
 	- firefox-esr 45.0esr-1 (unimportant)
 	- iceweasel <removed> (unimportant)
@@ -10203,132 +10203,132 @@ CVE-2006-2723 (Unspecified versions of Mozilla Firefox allow remote attackers to
 	- mozilla-firefox <removed> (unimportant)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Non-issue
-CVE-2006-2722 (SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows ...)
+CVE-2006-2722
 	NOT-FOR-US: SelectaPix
-CVE-2006-2721 (Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT ...)
+CVE-2006-2721
 	NOT-FOR-US: VARIOMAT
-CVE-2006-2720 (SQL injection vulnerability in news.php in VARIOMAT allows remote ...)
+CVE-2006-2720
 	NOT-FOR-US: VARIOMAT
-CVE-2006-2719 (JIWA Financials 6.4.14 stores usernames and passwords for all accounts ...)
+CVE-2006-2719
 	NOT-FOR-US: JIWA
-CVE-2006-2718 (JIWA Financials 6.4.14 passes a Microsoft SQL Server account's ...)
+CVE-2006-2718
 	NOT-FOR-US: JIWA
-CVE-2006-2717 (Unspecified vulnerability in Secure Elements Class 5 AVR client and ...)
+CVE-2006-2717
 	NOT-FOR-US: C5 EVM
-CVE-2006-2716 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a ...)
+CVE-2006-2716
 	NOT-FOR-US: C5 EVM
-CVE-2006-2715 (The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) ...)
+CVE-2006-2715
 	NOT-FOR-US: C5 EVM
-CVE-2006-2714 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not ...)
+CVE-2006-2714
 	NOT-FOR-US: C5 EVM
-CVE-2006-2713 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates ...)
+CVE-2006-2713
 	NOT-FOR-US: C5 EVM
-CVE-2006-2712 (Secure Elements Class 5 AVR (aka C5 EVM) client and server before ...)
+CVE-2006-2712
 	NOT-FOR-US: C5 EVM
-CVE-2006-2711 (Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and ...)
+CVE-2006-2711
 	NOT-FOR-US: C5 EVM
-CVE-2006-2710 (Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same ...)
+CVE-2006-2710
 	NOT-FOR-US: C5 EVM
-CVE-2006-2709 (Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate ...)
+CVE-2006-2709
 	NOT-FOR-US: C5 EVM
-CVE-2006-2708 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows ...)
+CVE-2006-2708
 	NOT-FOR-US: C5 EVM
-CVE-2006-2707 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not ...)
+CVE-2006-2707
 	NOT-FOR-US: C5 EVM
-CVE-2006-2706 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows ...)
+CVE-2006-2706
 	NOT-FOR-US: C5 EVM
-CVE-2006-2705 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows ...)
+CVE-2006-2705
 	NOT-FOR-US: C5 EVM
-CVE-2006-2704 (Secure Elements Class 5 AVR server and client (aka C5 EVM) before ...)
+CVE-2006-2704
 	NOT-FOR-US: C5 EVM
-CVE-2006-2703 (The RedCarpet command-line client (rug) does not verify SSL ...)
+CVE-2006-2703
 	NOT-FOR-US: RedCarpet
-CVE-2006-2702 (vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows ...)
+CVE-2006-2702
 	- wordpress 2.0.3-1 (bug #369014; medium)
-CVE-2006-2701 (SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows ...)
+CVE-2006-2701
 	NOT-FOR-US: Geeklog
-CVE-2006-2700 (SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 ...)
+CVE-2006-2700
 	NOT-FOR-US: Geeklog
-CVE-2006-2699 (Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog ...)
+CVE-2006-2699
 	NOT-FOR-US: Geeklog
-CVE-2006-2698 (Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the ...)
+CVE-2006-2698
 	NOT-FOR-US: Geeklog
-CVE-2006-2697 (Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 ...)
+CVE-2006-2697
 	NOT-FOR-US: Easy-Content
-CVE-2006-2696 (Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 ...)
+CVE-2006-2696
 	NOT-FOR-US: Easy-Content
-CVE-2006-2695 (admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers ...)
+CVE-2006-2695
 	NOT-FOR-US: DGNews
-CVE-2006-2694 (Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro ...)
+CVE-2006-2694
 	NOT-FOR-US: EzUpload
-CVE-2006-2693 (Directory traversal vulnerability in admin/admin_hacks_list.php in ...)
+CVE-2006-2693
 	NOT-FOR-US: Nivisec
-CVE-2006-2692 (Multiple unspecified vulnerabilities in aMuleWeb for AMule before ...)
+CVE-2006-2692
 	- amule 2.1.2-1 (medium)
-CVE-2006-2691 (Unspecified &quot;information leakage&quot; vulnerabilities in aMuleWeb for ...)
+CVE-2006-2691
 	- amule 2.1.2-1 (medium)
-CVE-2006-2690 (An unspecified script in EVA-Web 2.1.2 and earlier, probably ...)
+CVE-2006-2690
 	NOT-FOR-US: EVA-Web
-CVE-2006-2689 (Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 ...)
+CVE-2006-2689
 	NOT-FOR-US: EVA-Web
-CVE-2006-2688 (SQL injection vulnerability in the employees node (class.employee.inc) ...)
+CVE-2006-2688
 	NOT-FOR-US: Achievo
-CVE-2006-2687 (Cross-site scripting (XSS) vulnerability in adduser.php in PHP-AGTC ...)
+CVE-2006-2687
 	NOT-FOR-US: AGTC
-CVE-2006-2686 (PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow ...)
+CVE-2006-2686
 	NOT-FOR-US: ActionApps
-CVE-2006-2685 (PHP remote file inclusion vulnerability in Basic Analysis and Security ...)
+CVE-2006-2685
 	- acidbase 1.2.5-1 (bug #370576; low)
-CVE-2006-2684 (Cross-site scripting (XSS) vulnerability in the search module in CMS ...)
+CVE-2006-2684
 	NOT-FOR-US: Mundo
-CVE-2006-2683 (PHP remote file inclusion vulnerability in 404.php in open-medium.CMS ...)
+CVE-2006-2683
 	NOT-FOR-US: open-medium
-CVE-2006-2682 (PHP remote file inclusion vulnerability in BE_config.php in Back-End ...)
+CVE-2006-2682
 	NOT-FOR-US: Back-End
-CVE-2006-2681 (PHP remote file inclusion vulnerability in SocketMail Lite and Pro ...)
+CVE-2006-2681
 	NOT-FOR-US: SocketMail
-CVE-2006-2680 (Cross-site scripting (XSS) vulnerability in index.php in AZ Photo ...)
+CVE-2006-2680
 	NOT-FOR-US: AZ Photo Album
-CVE-2006-2679 (Unspecified vulnerability in the VPN Client for Windows Graphical User ...)
+CVE-2006-2679
 	NOT-FOR-US: Cisco
-CVE-2006-2678 (Multiple cross-site scripting (XSS) vulnerabilities in Pre News ...)
+CVE-2006-2678
 	NOT-FOR-US: Pre News Manager
-CVE-2006-2677 (SiteScape Forum 7.2 and possibly earlier stores the avf.rc ...)
+CVE-2006-2677
 	NOT-FOR-US: SiteScape Forum
-CVE-2006-2676 (Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly ...)
+CVE-2006-2676
 	NOT-FOR-US: SiteScape Forum
-CVE-2006-2675 (PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads ...)
+CVE-2006-2675
 	NOT-FOR-US: UBBThreads
-CVE-2006-2674 (Multiple SQL injection vulnerabilities in Tamber Forum 1.9.13 and ...)
+CVE-2006-2674
 	NOT-FOR-US: Tamber Forum
-CVE-2006-2673 (Cross-site scripting (XSS) vulnerability in search.html in Bulletin ...)
+CVE-2006-2673
 	NOT-FOR-US: Elite-Board
-CVE-2006-2672 (Multiple cross-site scripting (XSS) vulnerabilities in Realty Pro One ...)
+CVE-2006-2672
 	NOT-FOR-US: Realty Pro One
-CVE-2006-2671 (SQL injection vulnerability in ChatPat 1.0 allows remote attackers to ...)
+CVE-2006-2671
 	NOT-FOR-US: ChatPat
-CVE-2006-2670 (Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 ...)
+CVE-2006-2670
 	NOT-FOR-US: ChatPat
-CVE-2006-2669 (Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping ...)
+CVE-2006-2669
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2006-2668 (Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 ...)
+CVE-2006-2668
 	NOT-FOR-US: Docebo LMS
-CVE-2006-2667 (Direct static code injection vulnerability in WordPress 2.0.2 and ...)
+CVE-2006-2667
 	- wordpress 2.0.3-1 (bug #369014; medium)
-CVE-2006-2666 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2666
 	NOT-FOR-US: V-Webmail
-CVE-2006-2665 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2665
 	NOT-FOR-US: V-Webmail
-CVE-2006-2664 (Cross-site scripting (XSS) vulnerability in iFdate 1.2 allows remote ...)
+CVE-2006-2664
 	NOT-FOR-US: iFdate
-CVE-2006-2663 (Multiple cross-site scripting (XSS) vulnerabilities in iFlance 1.1 ...)
+CVE-2006-2663
 	NOT-FOR-US: iFlance
-CVE-2006-2662 (VMware Server before RC1 does not clear user credentials from memory ...)
+CVE-2006-2662
 	NOT-FOR-US: VMware Server
-CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause a ...)
+CVE-2006-2661
 	{DSA-1095-1}
 	- freetype 2.2.1-1 (medium)
-CVE-2006-2660 (Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 ...)
+CVE-2006-2660
 	- php4 4:4.4.4-1 (unimportant)
 	- php5 5.1.6-1 (unimportant)
 	NOTE: using a long enough path (>MAXPATHLEN) allows you to have
@@ -10337,81 +10337,81 @@ CVE-2006-2660 (Buffer consumption vulnerability in the tempnam function in PHP 5
 	NOTE: could just as easily create the file manually, and if the
 	NOTE: tempnam function is taking unsanitized input, it's an
 	NOTE: application error
-CVE-2006-2658 (Directory traversal vulnerability in the xsp component in mod_mono in ...)
+CVE-2006-2658
 	- xsp 1.1.15-1
 CVE-2006-2657
 	REJECTED
-CVE-2006-2655 (The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally ...)
+CVE-2006-2655
 	NOT-FOR-US: build process for ypserv in FreeBSD
-CVE-2006-2654 (Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to ...)
+CVE-2006-2654
 	NOT-FOR-US: FreeBSD-specific (see CVE-2006-1864 for Linux-specific CVE)
-CVE-2006-2653 (Cross-site scripting (XSS) vulnerability in login_error.shtml for ...)
+CVE-2006-2653
 	NOT-FOR-US: D-Link
-CVE-2006-2652 (Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier ...)
+CVE-2006-2652
 	NOT-FOR-US: WikiNi
-CVE-2006-2651 (Cross-site scripting (XSS) vulnerability in index.php in Vacation ...)
+CVE-2006-2651
 	NOT-FOR-US: Vacation Rental Script
-CVE-2006-2650 (SQL injection vulnerability in cosmicshop/search.php in ...)
+CVE-2006-2650
 	NOT-FOR-US: CosmicShoppingCart
-CVE-2006-2649 (Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, ...)
+CVE-2006-2649
 	NOT-FOR-US: CosmicShoppingCart
-CVE-2006-2648 (Cross-site scripting (XSS) vulnerability in perform_search.asp for ...)
+CVE-2006-2648
 	NOT-FOR-US: ASPBB
-CVE-2006-2647 (Untrusted search path vulnerability in update_flash for IBM AIX 5.1, ...)
+CVE-2006-2647
 	NOT-FOR-US: IBM AIX
-CVE-2006-2646 (Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows ...)
+CVE-2006-2646
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2006-2645 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2645
 	NOT-FOR-US: Plume
-CVE-2006-2644 (AWStats 6.5, and possibly other versions, allows remote authenticated ...)
+CVE-2006-2644
 	{DSA-1075-1}
 	- awstats 6.5-2 (bug #365910)
 CVE-2006-XXXX [specialy crafted WAV turns mkvmerge into a malloc bomb]
 	- mkvtoolnix 1.7.0-2 (bug #370144; low)
 CVE-2006-XXXX ['Cache' shell injection vulnerability]
 	- wordpress 2.0.3-1 (high; bug #369014)
-CVE-2006-2753 (SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x ...)
+CVE-2006-2753
 	{DSA-1092-1}
 	- mysql-dfsg <not-affected> (Vulnerable code was introduced in 4.1, see #369741)
 	- mysql <not-affected> (Vulnerable code was introduced in 4.1, see #369754)
 	- mysql-dfsg-5.0 5.0.22-1 (bug #369735; medium)
 	- mysql-dfsg-4.1 <removed> (bug #369754; medium)
-CVE-2006-2659 (libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause ...)
+CVE-2006-2659
 	{DSA-1101}
 	- courier 0.53.2-1 (bug #368834)
-CVE-2006-2656 (Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 ...)
+CVE-2006-2656
 	{DSA-1091-1}
 	- tiff 3.8.2-3 (bug #369819; low)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2643 (Cross-site scripting (XSS) vulnerability in index.php in Monster Top ...)
+CVE-2006-2643
 	NOT-FOR-US: Monster Top List
-CVE-2006-2642 (** UNVERIFIABLE ** ...)
+CVE-2006-2642
 	NOT-FOR-US: Php-residence
-CVE-2006-2641 (** UNVERIFIABLE ** ...)
+CVE-2006-2641
 	NOT-FOR-US: John Frank Asset Manager
-CVE-2006-2640 (Cross-site scripting (XSS) vulnerability in OmegaMw7a.ASP in OMEGA ...)
+CVE-2006-2640
 	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
-CVE-2006-2639 (Cross-site scripting (XSS) vulnerability in the input forms in ...)
+CVE-2006-2639
 	NOT-FOR-US: PHPSimpleChoose
-CVE-2006-2638 (SQL injection vulnerability in member.asp in qjForum allows remote ...)
+CVE-2006-2638
 	NOT-FOR-US: qjForum
-CVE-2006-2637 (Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) ...)
+CVE-2006-2637
 	NOT-FOR-US: TuttoPhp
-CVE-2006-2636 (newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to ...)
+CVE-2006-2636
 	NOT-FOR-US: Katy Whitton NewsCMSLite
-CVE-2006-2635 (Multiple cross-site scripting (XSS) vulnerabilities in Tikiwiki (aka ...)
+CVE-2006-2635
 	- tikiwiki 1.9.4-1 (medium)
-CVE-2006-2634 (Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under ...)
+CVE-2006-2634
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-2633 (Absolute path traversal vulnerability in the copy action in index.php ...)
+CVE-2006-2633
 	NOT-FOR-US: Andrew Godwin ByteHoard
-CVE-2006-2632 (Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard ...)
+CVE-2006-2632
 	NOT-FOR-US: Andrew Godwin ByteHoard
-CVE-2006-2631 (phpFoX allows remote authenticated users to modify arbitrary accounts ...)
+CVE-2006-2631
 	NOT-FOR-US: phpFoX
-CVE-2006-2630 (Stack-based buffer overflow in Symantec Antivirus 10.1 and Client ...)
+CVE-2006-2630
 	NOT-FOR-US: Symantec
-CVE-2006-2629 (Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP ...)
+CVE-2006-2629
 	- linux-2.6 2.6.18-1 (low)
 CVE-2006-2628
 	RESERVED
@@ -10433,39 +10433,39 @@ CVE-2006-2620
 	RESERVED
 CVE-2006-2619
 	RESERVED
-CVE-2006-2618 (Cross-site scripting (XSS) vulnerability in (1) AlstraSoft Web Host ...)
+CVE-2006-2618
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-2617 ((1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost ...)
+CVE-2006-2617
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-2616 (SQL injection vulnerability in the search script in (1) AlstraSoft Web ...)
+CVE-2006-2616
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-2615 (ping.php in Russcom.Ping allows remote attackers to execute arbitrary ...)
+CVE-2006-2615
 	NOT-FOR-US: Russcom.Ping
-CVE-2006-2614 (Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 ...)
+CVE-2006-2614
 	NOT-FOR-US: Sun Solaris
-CVE-2006-2613 (Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other ...)
+CVE-2006-2613
 	NOTE: Installation path disclosure is uninteresting on Debian systems.
 	NOTE: The profile path might be more sensitive, but exploit that
 	NOTE: requires another, real security bug.
-CVE-2006-2612 (Novell Client for Windows 4.8 and 4.9 does not restrict access to the ...)
+CVE-2006-2612
 	NOT-FOR-US: Novell Client for Windows
 	NOTE: The Windows clipboard is a public resource anyway.
-CVE-2006-2611 (Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in ...)
+CVE-2006-2611
 	- mediawiki1.7 <not-affected> (Fixed in 1.7 prior to release)
 	- mediawiki1.5 <removed>
-CVE-2006-2610 (Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 ...)
+CVE-2006-2610
 	NOT-FOR-US: phpRaid
-CVE-2006-2609 (artmedic newsletter 4.1.2 and possibly other versions, when ...)
+CVE-2006-2609
 	NOT-FOR-US: artmedic newsletter
-CVE-2006-2608 (artmedic newsletter 4.1 and possibly other versions, when ...)
+CVE-2006-2608
 	NOT-FOR-US: artmedic newsletter
 CVE-2006-XXXX [mono xsp file disclosure]
 	- xsp 1.1.15-1 (medium)
-CVE-2006-2607 (do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return ...)
+CVE-2006-2607
 	- cron 3.0pl1-64 (bug #85609; bug #86775; medium)
-CVE-2006-2606 (Cross-site scripting (XSS) vulnerability in Chatty, possibly 1.0.2 and ...)
+CVE-2006-2606
 	NOT-FOR-US: Chatty
-CVE-2006-2605 (Cross-site scripting (XSS) vulnerability in DSChat 1.0 and earlier ...)
+CVE-2006-2605
 	NOT-FOR-US: DSChat
 CVE-2006-2604
 	REJECTED
@@ -10491,284 +10491,284 @@ CVE-2006-2594
 	REJECTED
 CVE-2006-2593
 	REJECTED
-CVE-2006-2592 (Unspecified vulnerability in DSChat 1.0 allows remote attackers to ...)
+CVE-2006-2592
 	NOT-FOR-US: DSChat
-CVE-2006-2591 (Unspecified vulnerability in e107 before 0.7.5 has unknown impact and ...)
+CVE-2006-2591
 	NOT-FOR-US: e107
-CVE-2006-2590 (SQL injection vulnerability in e107 before 0.7.5 allows remote ...)
+CVE-2006-2590
 	NOT-FOR-US: e107
-CVE-2006-2589 (SQL injection vulnerability in rss.php in MyBB (aka MyBulletinBoard) ...)
+CVE-2006-2589
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2588 (Russcom PHPImages allows remote attackers to upload files of arbitrary ...)
+CVE-2006-2588
 	NOT-FOR-US: Russcom PHPImages
-CVE-2006-2587 (Buffer overflow in the WebTool HTTP server component in (1) PunkBuster ...)
+CVE-2006-2587
 	NOT-FOR-US: WebTool HTTP server
-CVE-2006-2586 (Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier ...)
+CVE-2006-2586
 	NOT-FOR-US: IpLogger
-CVE-2006-2585 (SQL injection vulnerability in Destiney Links Script 2.1.2 allows ...)
+CVE-2006-2585
 	NOT-FOR-US: Destiney Links Script
-CVE-2006-2584 (Multiple cross-site scripting (XSS) vulnerabilities in post.php in ...)
+CVE-2006-2584
 	NOT-FOR-US: SkyeBox
-CVE-2006-2583 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2583
 	NOT-FOR-US: Nucleus
-CVE-2006-2582 (The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote ...)
+CVE-2006-2582
 	NOT-FOR-US: RWiki
-CVE-2006-2581 (Cross-site scripting (XSS) vulnerability in Wiki content in RWiki ...)
+CVE-2006-2581
 	NOT-FOR-US: RWiki
-CVE-2006-2580 (Multiple unspecified vulnerabilities in HP OpenView Network Node ...)
+CVE-2006-2580
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2006-2579 (Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 ...)
+CVE-2006-2579
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2006-2578 (admin/cron.php in eSyndicat Directory 1.2, when register_globals is ...)
+CVE-2006-2578
 	NOT-FOR-US: eSyndicat Directory
-CVE-2006-2577 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
+CVE-2006-2577
 	NOT-FOR-US: Docebo
-CVE-2006-2576 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
+CVE-2006-2576
 	NOT-FOR-US: Docebo
-CVE-2006-2575 (The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and ...)
+CVE-2006-2575
 	- netpanzer 0.8+svn20060319-2 (bug #370146; low)
 	[sarge] - netpanzer <no-dsa> (Minor DoS against a game)
-CVE-2006-2574 (Multiple unspecified vulnerabilities in Software Distributor in HP-UX ...)
+CVE-2006-2574
 	NOT-FOR-US: Software Distributor in HP-UX
-CVE-2006-2573 (SQL injection vulnerability in index.php in DGBook 1.0, with ...)
+CVE-2006-2573
 	NOT-FOR-US: DGBook
-CVE-2006-2572 (Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 ...)
+CVE-2006-2572
 	NOT-FOR-US: DGBook
-CVE-2006-2571 (Cross-site scripting (XSS) vulnerability in search.html in Alkacon ...)
+CVE-2006-2571
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-2570 (PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 ...)
+CVE-2006-2570
 	NOT-FOR-US: CaLogic Calendars
-CVE-2006-2569 (SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and ...)
+CVE-2006-2569
 	NOT-FOR-US: Linklist
-CVE-2006-2568 (PHP remote file inclusion vulnerability in addpost_newpoll.php in ...)
+CVE-2006-2568
 	NOT-FOR-US: UBB.threads
-CVE-2006-2567 (Cross-site scripting (XSS) vulnerability in submit_article.php in ...)
+CVE-2006-2567
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2566 (Alstrasoft Article Manager Pro 1.6 allows remote attackers to obtain ...)
+CVE-2006-2566
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2565 (SQL injection vulnerability in Alstrasoft Article Manager Pro 1.6 ...)
+CVE-2006-2565
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2564 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-2564
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2563 (The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to ...)
+CVE-2006-2563
 	- php4 4:4.4.4-1 (bug #370166; unimportant)
 	- php5 5.1.6-1 (bug #370165; unimportant)
 	NOTE: Safe mode violations are not supported
-CVE-2006-2562 (ZyXEL P-335WT router allows remote attackers to bypass access ...)
+CVE-2006-2562
 	NOT-FOR-US: ZyXEL P-335WT router
-CVE-2006-2561 (Edimax BR-6104K router allows remote attackers to bypass access ...)
+CVE-2006-2561
 	NOT-FOR-US: Edimax BR-6104K router
-CVE-2006-2560 (Sitecom WL-153 router firmware before 1.38 allows remote attackers to ...)
+CVE-2006-2560
 	NOT-FOR-US: Sitecom WL-153 router
-CVE-2006-2559 (Linksys WRT54G Wireless-G Broadband Router allows remote attackers to ...)
+CVE-2006-2559
 	NOT-FOR-US: Linksys WRT54G router
-CVE-2006-2558 (Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier ...)
+CVE-2006-2558
 	NOT-FOR-US: IpLogger
-CVE-2006-2557 (PHP remote file inclusion vulnerability in extras/poll/poll.php in ...)
+CVE-2006-2557
 	NOT-FOR-US: Newsportal
-CVE-2006-2556 (Cross-site scripting (XSS) vulnerability in Florian Amrhein NewsPortal ...)
+CVE-2006-2556
 	- newsportal <itp> (bug #149069)
 	NOTE: RFP #149069 closed after no activity since too long time
-CVE-2006-2555 (The parse_command function in Genecys 0.2 and earlier allows remote ...)
+CVE-2006-2555
 	NOT-FOR-US: Genecys
-CVE-2006-2554 (Buffer overflow in the tell_player_surr_changes function in Genecys ...)
+CVE-2006-2554
 	NOT-FOR-US: Genecys
-CVE-2006-2553 (Cross-site scripting (XSS) vulnerability in Jemscripts DownloadControl ...)
+CVE-2006-2553
 	NOT-FOR-US: DownloadControl
-CVE-2006-2552 (Jemscripts DownloadControl 1.0 allows remote attackers to obtain ...)
+CVE-2006-2552
 	NOT-FOR-US: DownloadControl
-CVE-2006-2551 (Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local ...)
+CVE-2006-2551
 	NOT-FOR-US: HP-UX
-CVE-2006-2550 (perlpodder before 0.5 allows remote attackers to execute arbitrary ...)
+CVE-2006-2550
 	NOT-FOR-US: perlpodder
-CVE-2006-2549 (Stack-based buffer overflow in PDF Form Filling and Flattening Tool ...)
+CVE-2006-2549
 	NOT-FOR-US: PDF Form Filling and Flattening Tool
-CVE-2006-2548 (Prodder before 0.5, and perlpodder before 0.5, allows remote attackers ...)
+CVE-2006-2548
 	NOT-FOR-US: prodder/perlpodder
-CVE-2006-2547 (Unspecified vulnerability in the sapdba command in SAP with Informix ...)
+CVE-2006-2547
 	NOT-FOR-US: Sap
-CVE-2006-2546 (A recommended admin password reset mechanism for BEA WebLogic Server ...)
+CVE-2006-2546
 	NOT-FOR-US: BEA
-CVE-2006-2545 (Multiple cross-site scripting (XSS) vulnerabilities in Xtreme Topsites ...)
+CVE-2006-2545
 	NOT-FOR-US: Xtreme Topsites
-CVE-2006-2544 (Multiple SQL injection vulnerabilities in Xtreme Topsites 1.1, with ...)
+CVE-2006-2544
 	NOT-FOR-US: Xtreme Topsites
-CVE-2006-2543 (Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors ...)
+CVE-2006-2543
 	NOT-FOR-US: Xtreme Topsites
-CVE-2006-2542 (xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb ...)
+CVE-2006-2542
 	{DSA-1086-1}
 	- xmcd 2.6-17.2 (bug #366816; medium)
-CVE-2006-2541 (SQL injection vulnerability in settings.asp in Zixforum 1.12 allows ...)
+CVE-2006-2541
 	NOT-FOR-US: Zixforum
-CVE-2006-2540 (Privacy leak in install.php for Diesel PHP Job Site sends sensitive ...)
+CVE-2006-2540
 	NOT-FOR-US: Diesel
-CVE-2006-2539 (Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, ...)
+CVE-2006-2539
 	NOT-FOR-US: Sybase
-CVE-2006-2538 (IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote ...)
+CVE-2006-2538
 	NOT-FOR-US: Windows-only Firefox plugin
-CVE-2006-2537 (Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and ...)
+CVE-2006-2537
 	NOT-FOR-US: *BOR
-CVE-2006-2536 (Cross-site scripting (XSS) vulnerability in Destiney Links Script ...)
+CVE-2006-2536
 	NOT-FOR-US: Destiney
-CVE-2006-2535 (index.php in Destiney Links Script 2.1.2 allows remote attackers to ...)
+CVE-2006-2535
 	NOT-FOR-US: Destiney
-CVE-2006-2534 (Destiney Links Script 2.1.2 does not protect library and other support ...)
+CVE-2006-2534
 	NOT-FOR-US: Destiney
-CVE-2006-2533 (Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) ...)
+CVE-2006-2533
 	NOT-FOR-US: Destiney
-CVE-2006-2532 (stats.php in Destiney Rated Images Script 0.5.0 allows remote ...)
+CVE-2006-2532
 	NOT-FOR-US: Destiney
-CVE-2006-2531 (Ipswitch WhatsUp Professional 2006 only verifies the user's identity ...)
+CVE-2006-2531
 	NOT-FOR-US: Ipswitch
-CVE-2006-2530 (avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly ...)
+CVE-2006-2530
 	NOT-FOR-US: Snitz mod
-CVE-2006-2529 (editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, ...)
+CVE-2006-2529
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2006-2528 (PHP remote file inclusion vulnerability in classified_right.php in ...)
+CVE-2006-2528
 	NOT-FOR-US: phpBazar
-CVE-2006-2527 (Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers ...)
+CVE-2006-2527
 	NOT-FOR-US: phpBazar
-CVE-2006-2526 (PHP remote file inclusion vulnerability in index.php in PHP Easy ...)
+CVE-2006-2526
 	NOT-FOR-US: PHP Easy Galerie
-CVE-2006-2525 (SQL injection vulnerability in UseBB 1.0 RC1 and earlier allows remote ...)
+CVE-2006-2525
 	NOT-FOR-US: UseBB
-CVE-2006-2524 (Cross-site scripting (XSS) vulnerability in UseBB 1.0 RC1 and earlier ...)
+CVE-2006-2524
 	NOT-FOR-US: UseBB
-CVE-2006-2523 (PHP remote file inclusion vulnerability in config.php in phpListPro ...)
+CVE-2006-2523
 	NOT-FOR-US: phpListPro
-CVE-2006-2522 (Dayfox Blog 2.0 and earlier stores user credentials in ...)
+CVE-2006-2522
 	NOT-FOR-US: Dayfox
-CVE-2006-2521 (PHP remote file inclusion vulnerability in cron.php in phpMyDirectory ...)
+CVE-2006-2521
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-2520 (Directory traversal vulnerability in BitZipper 4.1.2 SR-1 and earlier ...)
+CVE-2006-2520
 	NOT-FOR-US: BitZipper
-CVE-2006-2519 (Directory traversal vulnerability in ...)
+CVE-2006-2519
 	NOT-FOR-US: phpwcms
-CVE-2006-2518 (Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows ...)
+CVE-2006-2518
 	NOT-FOR-US: phpwcms
-CVE-2006-2517 (SQL injection vulnerability in MyWeb Portal Office, Standard Edition, ...)
+CVE-2006-2517
 	NOT-FOR-US: MyWeb
-CVE-2006-2516 (mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is ...)
+CVE-2006-2516
 	NOT-FOR-US: XOOPS
-CVE-2006-2515 (Cross-site scripting (XSS) vulnerability in index.php in Hiox ...)
+CVE-2006-2515
 	NOT-FOR-US: Hiox
-CVE-2006-2514 (Coppermine galleries before 1.4.6, when running on Apache with ...)
+CVE-2006-2514
 	NOT-FOR-US: Coppermine
-CVE-2006-2513 (Unspecified vulnerability in the installation process in Sun Java ...)
+CVE-2006-2513
 	NOT-FOR-US: Sun
-CVE-2006-2512 (SQL injection vulnerability in Hitachi EUR Professional Edition, EUR ...)
+CVE-2006-2512
 	NOT-FOR-US: Hitachi
-CVE-2006-2511 (The ActiveX version of FrontRange iHEAT allows remote authenticated ...)
+CVE-2006-2511
 	NOT-FOR-US: FrontRange
-CVE-2006-2510 (Cross-site scripting (XSS) vulnerability in the URL submission form in ...)
+CVE-2006-2510
 	NOT-FOR-US: YourFreeWorld.com
-CVE-2006-2509 (SQL injection vulnerability in login.php in YourFreeWorld.com Short ...)
+CVE-2006-2509
 	NOT-FOR-US: YourFreeWorld.com
-CVE-2006-2508 (SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish ...)
+CVE-2006-2508
 	NOT-FOR-US: YourFreeWorld.com
-CVE-2006-2507 (Multiple PHP remote file inclusion vulnerabilities in Teake Nutma ...)
+CVE-2006-2507
 	NOT-FOR-US: phpbb2 mod
-CVE-2006-2506 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
+CVE-2006-2506
 	NOT-FOR-US: Sphider
-CVE-2006-2505 (Oracle Database Server 10g Release 2 allows local users to execute ...)
+CVE-2006-2505
 	NOT-FOR-US: Oracle
-CVE-2006-2504 (Multiple SQL injection vulnerabilities in mono AZBOARD 1.0 and earlier ...)
+CVE-2006-2504
 	NOT-FOR-US: AZBOARD
-CVE-2006-2503 (SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote ...)
+CVE-2006-2503
 	NOT-FOR-US: DeluxeBB
-CVE-2006-2502 (Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) ...)
+CVE-2006-2502
 	- cyrus-imapd-2.2 <not-affected> (Vulnerable code not present)
-CVE-2006-2501 (Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 ...)
+CVE-2006-2501
 	NOT-FOR-US: Sun
-CVE-2006-2500 (Cross-site scripting (XSS) vulnerability in add_news.asp in ...)
+CVE-2006-2500
 	NOT-FOR-US: CodeAvalanche News
-CVE-2006-2499 (SQL injection vulnerability in default.asp in CodeAvalanche News ...)
+CVE-2006-2499
 	NOT-FOR-US: CodeAvalanche News
-CVE-2006-2498 (Invision Power Board (IPB) before 2.1.6 allows remote attackers to ...)
+CVE-2006-2498
 	NOT-FOR-US: Invision
-CVE-2006-2497 (Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 ...)
+CVE-2006-2497
 	NOT-FOR-US: AspBB
-CVE-2006-2496 (Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote ...)
+CVE-2006-2496
 	NOT-FOR-US: Novell
-CVE-2006-2495 (Cross-site request forgery (CSRF) vulnerability in the Entry Manager ...)
+CVE-2006-2495
 	- serendipity 1.0-1
-CVE-2006-2494 (Stack-based buffer overflow in IntelliTamper 2.07 allows remote ...)
+CVE-2006-2494
 	NOT-FOR-US: IntelliTampe
 CVE-2006-2493
 	REJECTED
-CVE-2006-2492 (Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, ...)
+CVE-2006-2492
 	NOT-FOR-US: Microsoft
-CVE-2006-2491 (Cross-site scripting (XSS) vulnerability in (1) index.php and (2) ...)
+CVE-2006-2491
 	NOT-FOR-US: BoastMachine
-CVE-2006-2490 (Multiple cross-site scripting (XSS) vulnerabilities in Mobotix IP ...)
+CVE-2006-2490
 	NOT-FOR-US: Mobotix
-CVE-2006-2489 (Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x ...)
+CVE-2006-2489
 	{DSA-1072-1}
 	- nagios 2:1.4-1 (bug #366682; bug #366803; bug #368193; high)
 	- nagios2 2.3-1 (bug #366683; bug #368199; high)
-CVE-2006-2488 (Multiple cross-site scripting (XSS) vulnerabilities in Spymac WebOS ...)
+CVE-2006-2488
 	NOT-FOR-US: Spymac
-CVE-2006-2487 (Multiple PHP remote file inclusion vulnerabilities in ScozNews 1.2.1 ...)
+CVE-2006-2487
 	NOT-FOR-US: ScozNews
-CVE-2006-2486 (SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier ...)
+CVE-2006-2486
 	NOT-FOR-US: YapBB
-CVE-2006-2485 (PHP remote file inclusion vulnerability in includes/class_template.php ...)
+CVE-2006-2485
 	NOT-FOR-US: Quezza
-CVE-2006-2484 (Cross-site scripting (XSS) vulnerability in index.html in IceWarp ...)
+CVE-2006-2484
 	NOT-FOR-US: IceWarp
-CVE-2006-2483 (PHP remote file inclusion vulnerability in cart_content.php in ...)
+CVE-2006-2483
 	NOT-FOR-US: Squirrelcart
-CVE-2006-2482 (Heap-based buffer overflow in the TZipTV component in (1) ZipTV for ...)
+CVE-2006-2482
 	NOT-FOR-US: ZipTV
-CVE-2006-2481 (VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 ...)
+CVE-2006-2481
 	NOT-FOR-US: VMware ESX
-CVE-2006-2480 (Format string vulnerability in Dia 0.94 allows user-assisted ...)
+CVE-2006-2480
 	- dia 0.95.0-4 (bug #368202; low)
 	[sarge] - dia <no-dsa> (Hardly exploitable, would require obviously malformed file names)
-CVE-2006-2479 (The Update functionality in Bitrix Site Manager 4.1.x does not verify ...)
+CVE-2006-2479
 	NOT-FOR-US: Bitrix
-CVE-2006-2478 (Bitrix Site Manager 4.1.x allows remote attackers to redirect users to ...)
+CVE-2006-2478
 	NOT-FOR-US: Bitrix
-CVE-2006-2477 (Cross-site scripting (XSS) vulnerability in the administrative ...)
+CVE-2006-2477
 	NOT-FOR-US: Bitrix
-CVE-2006-2476 (Bitrix Site Manager 4.1.x stores updater.log under the web document ...)
+CVE-2006-2476
 	NOT-FOR-US: Bitrix
-CVE-2006-2475 (Directory traversal vulnerability in (1) edit_mailtexte.cgi and (2) ...)
+CVE-2006-2475
 	NOT-FOR-US: Cosmoshop
-CVE-2006-2474 (SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and ...)
+CVE-2006-2474
 	NOT-FOR-US: Cosmoshop
-CVE-2006-2473 (** DISPUTED ** ...)
+CVE-2006-2473
 	NOT-FOR-US: OpenWiki
-CVE-2006-2472 (Unspecified vulnerability in BEA WebLogic Server 9.1 and 9.0, 8.1 ...)
+CVE-2006-2472
 	NOT-FOR-US: BEA
-CVE-2006-2471 (Multiple vulnerabilities in BEA WebLogic Server 8.1 through SP4, 7.0 ...)
+CVE-2006-2471
 	NOT-FOR-US: BEA
-CVE-2006-2470 (Unspecified vulnerability in the WebLogic Server Administration ...)
+CVE-2006-2470
 	NOT-FOR-US: BEA
-CVE-2006-2469 (The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to ...)
+CVE-2006-2469
 	NOT-FOR-US: BEA
-CVE-2006-2468 (The WebLogic Server Administration Console in BEA WebLogic Server 8.1 ...)
+CVE-2006-2468
 	NOT-FOR-US: BEA
-CVE-2006-2467 (BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 ...)
+CVE-2006-2467
 	NOT-FOR-US: BEA
-CVE-2006-2466 (BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote ...)
+CVE-2006-2466
 	NOT-FOR-US: BEA
-CVE-2006-2465 (Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary ...)
+CVE-2006-2465
 	- mp3info 0.8.4-9.1 (bug #368207; low)
 	[sarge] - mp3info <no-dsa> (Hardly exploitable)
-CVE-2006-2464 (stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and ...)
+CVE-2006-2464
 	NOT-FOR-US: BEA
-CVE-2006-2463 (view_album.php in SelectaPix 1.31 and earlier allows remote attackers ...)
+CVE-2006-2463
 	NOT-FOR-US: SelectaPix
-CVE-2006-2462 (BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service ...)
+CVE-2006-2462
 	NOT-FOR-US: BEA
-CVE-2006-2461 (BEA WebLogic Server before 8.1 Service Pack 4 does not properly set ...)
+CVE-2006-2461
 	NOT-FOR-US: BEA
-CVE-2006-2460 (Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when ...)
+CVE-2006-2460
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2006-2459 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and ...)
+CVE-2006-2459
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-2458 (Multiple heap-based buffer overflows in Libextractor 0.5.13 and ...)
+CVE-2006-2458
 	{DSA-1081-1}
 	- libextractor 0.5.14-1
 CVE-2006-2457
@@ -10779,305 +10779,305 @@ CVE-2006-2455
 	RESERVED
 CVE-2006-2454
 	RESERVED
-CVE-2006-2453 (Multiple unspecified format string vulnerabilities in Dia have ...)
+CVE-2006-2453
 	- dia 0.95.0-4 (bug #368202; medium)
 	[sarge] - dia <no-dsa> (Hardly exploitable, would require obviously malformed file names)
-CVE-2006-2452 (GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the &quot;face browser&quot; feature ...)
+CVE-2006-2452
 	- gdm 2.16.1-1 (bug #375281; medium)
 	[sarge] - gdm <not-affected> (Vulnerable code has only been introduced with 2.8)
-CVE-2006-2451 (The suid_dumpable support in Linux kernel 2.6.13 up to versions before ...)
+CVE-2006-2451
 	- linux-2.6 2.6.17-3 (high)
-CVE-2006-2450 (auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass ...)
+CVE-2006-2450
 	- libvncserver 0.8.2-1 (high; bug #376824)
-CVE-2006-2449 (KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users ...)
+CVE-2006-2449
 	{DSA-1156}
 	- kdebase 4:3.5.2-2 (bug #374002; medium)
-CVE-2006-2448 (Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, ...)
+CVE-2006-2448
 	- linux-2.6 2.6.16-15
-CVE-2006-2447 (SpamAssassin before 3.1.3, when running with vpopmail and the paranoid ...)
+CVE-2006-2447
 	{DSA-1090-1}
 	- spamassassin 3.1.3-1 (medium)
-CVE-2006-2446 (Race condition between the kfree_skb and __skb_unlink functions in the ...)
+CVE-2006-2446
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.16-1
 	NOTE: I'm not sure at which point this was merged, but I checked 2.6.16 and the
 	NOTE: patch is included there
-CVE-2006-2445 (Race condition in run_posix_cpu_timers in Linux kernel before ...)
+CVE-2006-2445
 	- linux-2.6 2.6.16-15
-CVE-2006-2444 (The snmp_trap_decode function in the SNMP NAT helper for Linux kernel ...)
+CVE-2006-2444
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.16-15
-CVE-2006-2442 (kphone 4.2 creates .qt/kphonerc with world-readable permissions, which ...)
+CVE-2006-2442
 	{DSA-1062-1}
 	- kphone 1:4.2-3 (bug #337830; medium)
-CVE-2006-2439 (Stack-based buffer overflow in ZipCentral 4.01 allows remote ...)
+CVE-2006-2439
 	NOT-FOR-US: ZipCentral
-CVE-2006-2438 (Directory traversal vulnerability in the viewfile servlet in the ...)
+CVE-2006-2438
 	NOT-FOR-US: Caucho
-CVE-2006-2437 (The viewfile servlet in the documentation package (resin-doc) for ...)
+CVE-2006-2437
 	NOT-FOR-US: Caucho
-CVE-2006-2436 (WebSphere Application Server 5.0.2 (or any earlier cumulative fix) ...)
+CVE-2006-2436
 	NOT-FOR-US: IBM
-CVE-2006-2435 (Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 ...)
+CVE-2006-2435
 	NOT-FOR-US: IBM
-CVE-2006-2434 (Unspecified vulnerability in WebSphere 5.1.1 (or any earlier ...)
+CVE-2006-2434
 	NOT-FOR-US: IBM
-CVE-2006-2433 (Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, ...)
+CVE-2006-2433
 	NOT-FOR-US: IBM
-CVE-2006-2432 (IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) ...)
+CVE-2006-2432
 	NOT-FOR-US: IBM
-CVE-2006-2431 (Cross-site scripting (XSS) vulnerability in the 500 Internal Server ...)
+CVE-2006-2431
 	NOT-FOR-US: IBM
-CVE-2006-2430 (IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, ...)
+CVE-2006-2430
 	NOT-FOR-US: IBM
-CVE-2006-2429 (Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, ...)
+CVE-2006-2429
 	NOT-FOR-US: IBM
-CVE-2006-2428 (add.asp in DUware DUbanner 3.1 allows remote attackers to execute ...)
+CVE-2006-2428
 	NOT-FOR-US: Duware
-CVE-2006-2427 (freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h ...)
+CVE-2006-2427
 	- clamav <not-affected> (clamav-freshclam doesn't ship freshclam setuid or setgid)
-CVE-2006-2426 (Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 ...)
+CVE-2006-2426
 	{DSA-1769-1}
 	- sun-java5 1.5.0-10-1 (bug #384734)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b14-1.5~pre1-3 (bug #566766)
-CVE-2006-2425 (Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in ...)
+CVE-2006-2425
 	NOT-FOR-US: phpRemoteView
-CVE-2006-2424 (PHP remote file inclusion vulnerability in ezUserManager 1.6 and ...)
+CVE-2006-2424
 	NOT-FOR-US: ezUserManager
-CVE-2006-2423 (Cross-site scripting (XSS) vulnerability in ftplogin/index.php in ...)
+CVE-2006-2423
 	NOT-FOR-US: Confixx
-CVE-2006-2422 (phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, ...)
+CVE-2006-2422
 	NOT-FOR-US: phpCOIN
-CVE-2006-2421 (Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows ...)
+CVE-2006-2421
 	NOT-FOR-US: Pragma
-CVE-2006-2420 (Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows ...)
+CVE-2006-2420
 	NOTE: "this issue normally would not be included in CVE, it is being identified since the Bugzilla developers have addressed it."
 	- bugzilla <unfixed> (unimportant)
-CVE-2006-2419 (Cross-site scripting (XSS) vulnerability in index.php in Directory ...)
+CVE-2006-2419
 	NOT-FOR-US: Directory Listing Script
-CVE-2006-2418 (Cross-site scripting (XSS) vulnerabilities in certain versions of ...)
+CVE-2006-2418
 	{DSA-1207-1}
 	- phpmyadmin 4:2.8.1-1 (bug #368082; medium)
-CVE-2006-2417 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before ...)
+CVE-2006-2417
 	- phpmyadmin 4:2.8.1-1 (bug #368082; medium)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-2416 (SQL injection vulnerability in class2.php in e107 0.7.2 and earlier ...)
+CVE-2006-2416
 	NOT-FOR-US: e107
-CVE-2006-2415 (Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 ...)
+CVE-2006-2415
 	NOT-FOR-US: FlexChat
-CVE-2006-2414 (Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows ...)
+CVE-2006-2414
 	{DSA-1080-1}
 	- dovecot 1.0.beta8-1 (low)
 	[sarge] - dovecot <not-affected> (vulnerability introduced in 1.0)
-CVE-2006-2413 (GNUnet before SVN revision 2781 allows remote attackers to cause a ...)
+CVE-2006-2413
 	- gnunet 0.7.0e-1 (bug #368159; medium)
 	[sarge] - gnunet <not-affected> (according to maintainer)
-CVE-2006-2412 (The raydium_network_read function in network.c in Raydium SVN revision ...)
+CVE-2006-2412
 	NOT-FOR-US: Raydium
-CVE-2006-2411 (Buffer overflow in raydium_network_read function in network.c in ...)
+CVE-2006-2411
 	NOT-FOR-US: Raydium
-CVE-2006-2410 (raydium_network_netcall_exec function in network.c in Raydium SVN ...)
+CVE-2006-2410
 	NOT-FOR-US: Raydium
-CVE-2006-2409 (Format string vulnerability in the raydium_log function in console.c ...)
+CVE-2006-2409
 	NOT-FOR-US: Raydium
-CVE-2006-2408 (Multiple buffer overflows in Raydium before SVN revision 310 allow ...)
+CVE-2006-2408
 	NOT-FOR-US: Raydium
-CVE-2006-2407 (Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX ...)
+CVE-2006-2407
 	NOT-FOR-US: ActiveX component
-CVE-2006-2406 (Directory traversal vulnerability in bb_lib/abbc.css.php in ...)
+CVE-2006-2406
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2006-2405 (Directory traversal vulnerability in unb_lib/abbc.conf.php in ...)
+CVE-2006-2405
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2006-2404 (Directory traversal vulnerability in popup.php in RadScripts RadLance ...)
+CVE-2006-2404
 	NOT-FOR-US: RadScripts
-CVE-2006-2403 (Buffer overflow in FileZilla before 2.2.23 allows remote attackers to ...)
+CVE-2006-2403
 	- filezilla <not-affected> (fixed before the first Debian upload)
-CVE-2006-2402 (Buffer overflow in the changeRegistration function in servernet.cpp ...)
+CVE-2006-2402
 	NOT-FOR-US: Outgun
-CVE-2006-2401 (The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and ...)
+CVE-2006-2401
 	NOT-FOR-US: Outgun
-CVE-2006-2400 (The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and ...)
+CVE-2006-2400
 	NOT-FOR-US: Outgun
-CVE-2006-2399 (Stack-based buffer overflow in the ...)
+CVE-2006-2399
 	NOT-FOR-US: Outgun
-CVE-2006-2398 (Directory traversal vulnerability in index.php in GPhotos 1.5 and ...)
+CVE-2006-2398
 	NOT-FOR-US: GPhotos web gallery
-CVE-2006-2397 (Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and ...)
+CVE-2006-2397
 	NOT-FOR-US: GPhotos web gallery
-CVE-2006-2396 (Cross-site scripting (XSS) vulnerability in phpODP 1.5h allows remote ...)
+CVE-2006-2396
 	NOT-FOR-US: phpODP
-CVE-2006-2395 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2395
 	NOT-FOR-US: PopPhoto
-CVE-2006-2394 (Cross-site scripting (XSS) vulnerability in chat.php in PHP Live ...)
+CVE-2006-2394
 	NOT-FOR-US: PHP Live Support
-CVE-2006-2393 (The client_cmd function in Empire 4.3.2 and earlier allows remote ...)
+CVE-2006-2393
 	NOT-FOR-US: Debian's 'empire' is a different game
-CVE-2006-2392 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-2392
 	NOT-FOR-US: PHP Blue Dragon Platinum
-CVE-2006-2391 (Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote ...)
+CVE-2006-2391
 	NOT-FOR-US: EMC Retrospect
-CVE-2006-2390 (Cross-site scripting (XSS) vulnerability in OZJournals 1.2 allows ...)
+CVE-2006-2390
 	NOT-FOR-US: OZJournals
-CVE-2006-2389 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
+CVE-2006-2389
 	NOT-FOR-US: Microsoft
-CVE-2006-2388 (Microsoft Office Excel 2000 through 2004 allows user-assisted ...)
+CVE-2006-2388
 	NOT-FOR-US: Microsoft
-CVE-2006-2387 (Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 ...)
+CVE-2006-2387
 	NOT-FOR-US: Microsoft
-CVE-2006-2386 (Unspecified vulnerability in Microsoft Outlook Express 6 and earlier ...)
+CVE-2006-2386
 	NOT-FOR-US: Microsoft
-CVE-2006-2385 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and ...)
+CVE-2006-2385
 	NOT-FOR-US: Microsoft
-CVE-2006-2384 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows ...)
+CVE-2006-2384
 	NOT-FOR-US: Microsoft
-CVE-2006-2383 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and ...)
+CVE-2006-2383
 	NOT-FOR-US: Microsoft
-CVE-2006-2382 (Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and ...)
+CVE-2006-2382
 	NOT-FOR-US: Microsoft
 CVE-2006-2381
 	REJECTED
-CVE-2006-2380 (Microsoft Windows 2000 SP4 does not properly validate an RPC server ...)
+CVE-2006-2380
 	NOT-FOR-US: Microsoft
-CVE-2006-2379 (Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows ...)
+CVE-2006-2379
 	NOT-FOR-US: Microsoft
-CVE-2006-2378 (Buffer overflow in the ART Image Rendering component (jgdw400.dll) in ...)
+CVE-2006-2378
 	NOT-FOR-US: Microsoft
 CVE-2006-2377
 	REJECTED
-CVE-2006-2376 (Integer overflow in the PolyPolygon function in Graphics Rendering ...)
+CVE-2006-2376
 	NOT-FOR-US: Microsoft
 CVE-2006-2375
 	REJECTED
-CVE-2006-2374 (The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft ...)
+CVE-2006-2374
 	NOT-FOR-US: Microsoft
-CVE-2006-2373 (The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft ...)
+CVE-2006-2373
 	NOT-FOR-US: Microsoft
-CVE-2006-2372 (Buffer overflow in the DHCP Client service for Microsoft Windows 2000 ...)
+CVE-2006-2372
 	NOT-FOR-US: Microsoft
-CVE-2006-2371 (Buffer overflow in the Remote Access Connection Manager service ...)
+CVE-2006-2371
 	NOT-FOR-US: Microsoft
-CVE-2006-2370 (Buffer overflow in the Routing and Remote Access service (RRAS) in ...)
+CVE-2006-2370
 	NOT-FOR-US: Microsoft
-CVE-2006-2369 (RealVNC 4.1.1, and other products that use RealVNC such as AdderLink ...)
+CVE-2006-2369
 	- vnc4 4.1.1+X4.3.0-10 (high)
 	[sarge] - vnc4 <not-affected> (vuln not in 4.0)
-CVE-2006-2368 (Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka ...)
+CVE-2006-2368
 	NOT-FOR-US: Clansys
-CVE-2006-2367 (Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka ...)
+CVE-2006-2367
 	NOT-FOR-US: Clansys
-CVE-2006-2366 (ircp_io.c in libopenobex for ircp 1.2, when ircp is run with the -r ...)
+CVE-2006-2366
 	- libopenobex 1.2-3 (bug #366484)
-CVE-2006-2365 (Cross-site scripting (XSS) vulnerability in a_login.php in Vizra ...)
+CVE-2006-2365
 	NOT-FOR-US: Vizra
-CVE-2006-2364 (Cross-site scripting (XSS) vulnerability in the validation feature in ...)
+CVE-2006-2364
 	NOT-FOR-US: Macromedia
-CVE-2006-2363 (SQL injection vulnerability in the weblinks option (weblinks.html.php) ...)
+CVE-2006-2363
 	NOT-FOR-US: Limbo
-CVE-2006-2362 (Buffer overflow in getsym in tekhex.c in libbfd in Free Software ...)
+CVE-2006-2362
 	- binutils 2.17-1 (low; bug #368237)
 	[sarge] - binutils <no-dsa> (Very minor issue)
-CVE-2006-2361 (PHP remote file inclusion vulnerability in pafiledb_constants.php in ...)
+CVE-2006-2361
 	NOT-FOR-US: phpbb mod
-CVE-2006-2360 (SQL injection vulnerability in charts.php in the Chart mod for phpBB ...)
+CVE-2006-2360
 	NOT-FOR-US: phpbb mod
-CVE-2006-2359 (Cross-site scripting (XSS) vulnerability in charts.php in the Chart ...)
+CVE-2006-2359
 	NOT-FOR-US: phpbb mod
 CVE-2006-2192
 	RESERVED
-CVE-2006-2358 (Multiple cross-site scripting (XSS) vulnerabilities in various scripts ...)
+CVE-2006-2358
 	NOT-FOR-US: Web Labs CMS
-CVE-2006-2357 (Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 ...)
+CVE-2006-2357
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2356 (NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 ...)
+CVE-2006-2356
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2355 (Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional ...)
+CVE-2006-2355
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2354 (NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch ...)
+CVE-2006-2354
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2353 (NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 ...)
+CVE-2006-2353
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2352 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...)
+CVE-2006-2352
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2351 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...)
+CVE-2006-2351
 	NOT-FOR-US: Ipswitch WhatsUp
 CVE-2006-2350
 	REJECTED
-CVE-2006-2349 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
+CVE-2006-2349
 	NOT-FOR-US: E-Business Designer
-CVE-2006-2348 (Cross-site scripting (XSS) vulnerability in form_grupo.html in ...)
+CVE-2006-2348
 	NOT-FOR-US: E-Business Designer
-CVE-2006-2347 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
+CVE-2006-2347
 	NOT-FOR-US: E-Business Designer
-CVE-2006-2346 (vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows ...)
+CVE-2006-2346
 	- vpopmail <not-affected> (vulnerability introduced in 5.4.14)
 	NOTE: Unable to reach CVS to determine if prior versions are affected
 	NOTE: Micah will return to this one
-CVE-2006-2345 (Cross-site scripting (XSS) vulnerability in inc/elementz.php in ...)
+CVE-2006-2345
 	NOT-FOR-US: AliPAGER
-CVE-2006-2344 (SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with ...)
+CVE-2006-2344
 	NOT-FOR-US: AliPAGER
-CVE-2006-2343 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine ...)
+CVE-2006-2343
 	NOT-FOR-US: ManageEngine OpManager
-CVE-2006-2342 (IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote ...)
+CVE-2006-2342
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-2341 (The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, ...)
+CVE-2006-2341
 	NOT-FOR-US: Symantec Gateway Security
-CVE-2006-2340 (Cross-site scripting (XSS) vulnerability in PassMasterFlex and ...)
+CVE-2006-2340
 	NOT-FOR-US: PassMasterFlex
-CVE-2006-2339 (SQL injection vulnerability in index.php in evoTopsites 2.x and ...)
+CVE-2006-2339
 	NOT-FOR-US: evoTopsites
-CVE-2006-2338 (PlaNet Concept plaNetStat 20050127 allows remote attackers to gain ...)
+CVE-2006-2338
 	NOT-FOR-US: PlaNet
-CVE-2006-2337 (Directory traversal vulnerability in webcm in the D-Link DSL-G604T ...)
+CVE-2006-2337
 	NOT-FOR-US: D-Link
-CVE-2006-2336 (SQL injection vulnerability in showthread.php in MyBB (aka ...)
+CVE-2006-2336
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2335 (Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and ...)
+CVE-2006-2335
 	NOT-FOR-US: vBulletin
-CVE-2006-2334 (The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in ...)
+CVE-2006-2334
 	NOT-FOR-US: Windows
-CVE-2006-2333 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
+CVE-2006-2333
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2332 (Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of ...)
+CVE-2006-2332
 	NOTE: 1.5.dfsg+1.5.0.3-2 didn't crash or do anything but stutter on the sample pages, marking it fixed in there
 	- firefox 1.5.dfsg+1.5.0.3-2
-CVE-2006-2331 (Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 ...)
+CVE-2006-2331
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-2330 (PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server ...)
+CVE-2006-2330
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-2329 (AngelineCMS 0.6.5 and earlier allow remote attackers to obtain ...)
+CVE-2006-2329
 	NOT-FOR-US: AngelineCMS
-CVE-2006-2328 (SQL injection vulnerability in lib/adodb/server.php in AngelineCMS ...)
+CVE-2006-2328
 	NOT-FOR-US: AngelineCMS
-CVE-2006-2327 (Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) ...)
+CVE-2006-2327
 	NOT-FOR-US: Novell
-CVE-2006-2326 (Directory traversal vulnerability in index.php in OnlyScript.info ...)
+CVE-2006-2326
 	NOT-FOR-US: OnlyScript.info
-CVE-2006-2325 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2006-2325
 	NOT-FOR-US: OnlyScript.info
-CVE-2006-2324 (180solutions Zango downloads &quot;required Adware components&quot; without ...)
+CVE-2006-2324
 	NOT-FOR-US: 180solutions
-CVE-2006-2323 (Multiple PHP remote file inclusion vulnerabilities in SmartISoft ...)
+CVE-2006-2323
 	NOT-FOR-US: SmartISoft
-CVE-2006-2322 (The transparent proxy feature of the Cisco Application Velocity System ...)
+CVE-2006-2322
 	NOT-FOR-US: Cisco
-CVE-2006-2321 (Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science ...)
+CVE-2006-2321
 	NOT-FOR-US: Ideal Science
-CVE-2006-2320 (Multiple SQL injection vulnerabilities in Ideal Science Ideal BB ...)
+CVE-2006-2320
 	NOT-FOR-US: Ideal Science
-CVE-2006-2319 (Ideal Science Ideal BB 1.5.4a and earlier does not properly check file ...)
+CVE-2006-2319
 	NOT-FOR-US: Ideal Science
-CVE-2006-2318 (Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a ...)
+CVE-2006-2318
 	NOT-FOR-US: Ideal Science
-CVE-2006-2317 (Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier ...)
+CVE-2006-2317
 	NOT-FOR-US: Ideal Science
-CVE-2006-2316 (S24EvMon.exe in the Intel PROset/Wireless software, possibly ...)
+CVE-2006-2316
 	NOT-FOR-US: Intel Windows software
-CVE-2006-2315 (** DISPUTED ** ...)
+CVE-2006-2315
 	NOT-FOR-US: ISPConfig
-CVE-2006-2314 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before ...)
+CVE-2006-2314
 	{DSA-1087-1}
 	- postgresql 7.5.4 (medium; bug #368645)
 	- postgresql-7.4 1:7.4.13-1 (medium)
@@ -11093,7 +11093,7 @@ CVE-2006-2314 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before .
 	NOTE: pygresql 1:3.8-1.1 (bug #369239)
 	NOTE: dovecot 1.0.beta8-3 (bug #369359)
 	NOTE: postfix 2.2.10-2 (bug #369349)
-CVE-2006-2313 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before ...)
+CVE-2006-2313
 	{DSA-1087-1}
 	- postgresql 7.5.4 (high; bug #368645)
 	- postgresql-7.4 1:7.4.13-1 (high)
@@ -11101,459 +11101,459 @@ CVE-2006-2313 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before .
 	NOTE: Beginning with version 7.5.4, postgresql is a transition
 	NOTE: package which does not contain actual code. That's why
 	NOTE: it's marked as fixed here. (Previous versions are vulnerable.)
-CVE-2006-2312 (Argument injection vulnerability in the URI handler in Skype 2.0.*.104 ...)
+CVE-2006-2312
 	NOT-FOR-US: Skype
-CVE-2006-2311 (Cross-site scripting (XSS) vulnerability in BlueDragon Server and ...)
+CVE-2006-2311
 	NOT-FOR-US: BlueDragon Server and Server JX
-CVE-2006-2310 (BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote ...)
+CVE-2006-2310
 	NOT-FOR-US: BlueDragon Server and Server JX
-CVE-2006-2309 (The HTTP service in EServ/3 3.25 allows remote attackers to obtain ...)
+CVE-2006-2309
 	NOT-FOR-US: EServ
-CVE-2006-2308 (Directory traversal vulnerability in the IMAP service in EServ/3 3.25 ...)
+CVE-2006-2308
 	NOT-FOR-US: EServ
-CVE-2006-2307 (Cross-site scripting (XSS) vulnerability in Website Baker CMS before ...)
+CVE-2006-2307
 	NOT-FOR-US: Website Baker
-CVE-2006-2306 (Cross-site scripting (XSS) vulnerability in moreinfo.asp in ...)
+CVE-2006-2306
 	NOT-FOR-US: EPublisherPro
-CVE-2006-2305 (Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow ...)
+CVE-2006-2305
 	NOT-FOR-US: Jadu
-CVE-2006-2304 (Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in ...)
+CVE-2006-2304
 	NOT-FOR-US: Novell software for Windows
-CVE-2006-2303 (Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 ...)
+CVE-2006-2303
 	NOT-FOR-US: Windows ICQ client
-CVE-2006-2302 (SQL injection vulnerability in admin_default.asp in DUGallery 2.x ...)
+CVE-2006-2302
 	NOT-FOR-US: DUGallery
-CVE-2006-2301 (SQL injection vulnerability in admin_default.asp in OzzyWork Galeri ...)
+CVE-2006-2301
 	NOT-FOR-US: OzzyWork
-CVE-2006-2300 (Multiple SQL injection vulnerabilities in EImagePro allow remote ...)
+CVE-2006-2300
 	NOT-FOR-US: EImagePro
 CVE-2006-2299
 	RESERVED
-CVE-2006-2298 (The Internet Key Exchange version 1 (IKEv1) implementation in the ...)
+CVE-2006-2298
 	NOT-FOR-US: Solaris
-CVE-2006-2297 (Heap-based buffer overflow in Microsoft Infotech Storage System ...)
+CVE-2006-2297
 	NOT-FOR-US: Microsoft Infotech Storage System
-CVE-2006-2296 (SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 ...)
+CVE-2006-2296
 	NOT-FOR-US: EDirectoryPro
-CVE-2006-2295 (Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote ...)
+CVE-2006-2295
 	NOT-FOR-US: Dynamic Galerie
-CVE-2006-2294 (Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows ...)
+CVE-2006-2294
 	NOT-FOR-US: Dynamic Galerie
-CVE-2006-2293 (SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 ...)
+CVE-2006-2293
 	NOT-FOR-US: MultiCalendars
-CVE-2006-2292 (Multiple SQL injection vulnerabilities in IA-Calendar allow remote ...)
+CVE-2006-2292
 	NOT-FOR-US: IA-Calendar
-CVE-2006-2291 (Cross-site scripting (XSS) vulnerability in calendar_new.asp in ...)
+CVE-2006-2291
 	NOT-FOR-US: IA-Calendar
-CVE-2006-2290 (Multiple cross-site scripting (XSS) vulnerabilities in kommentar.php ...)
+CVE-2006-2290
 	NOT-FOR-US: 2005-Comments-Script
-CVE-2006-2289 (Buffer overflow in avahi-core in Avahi before 0.6.10 allows local ...)
+CVE-2006-2289
 	- avahi 0.6.10-1 (medium)
-CVE-2006-2288 (Avahi before 0.6.10 allows local users to cause a denial of service ...)
+CVE-2006-2288
 	- avahi 0.6.10-1 (low)
-CVE-2006-2287 (Multiple cross-site scripting (XSS) vulnerabilities in Vision Source ...)
+CVE-2006-2287
 	NOT-FOR-US: Vision Source
-CVE-2006-2286 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2006-2286
 	NOT-FOR-US: Dokeos
-CVE-2006-2285 (PHP remote file inclusion vulnerability in authldap.php in Dokeos ...)
+CVE-2006-2285
 	NOT-FOR-US: Dokeos
-CVE-2006-2284 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 ...)
+CVE-2006-2284
 	NOT-FOR-US: Claroline
-CVE-2006-2283 (Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid ...)
+CVE-2006-2283
 	NOT-FOR-US: phpRaid
-CVE-2006-2282 (Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier ...)
+CVE-2006-2282
 	NOT-FOR-US: X7 Chat
-CVE-2006-2281 (X-Scripts X-Poll (xpoll) 2.30 allows remote attackers to execute ...)
+CVE-2006-2281
 	NOT-FOR-US: X-Scripts X-Poll
-CVE-2006-2280 (Directory traversal vulnerability in website.php in openEngine 1.8 ...)
+CVE-2006-2280
 	NOT-FOR-US: openEngine
-CVE-2006-2279 (Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote ...)
+CVE-2006-2279
 	NOT-FOR-US: SaphpLesson
-CVE-2006-2278 (SaphpLesson 3.0 does not initialize array variables, which allows ...)
+CVE-2006-2278
 	NOT-FOR-US: SaphpLesson
-CVE-2006-2277 (Multiple Apple Mac OS X 10.4 applications might allow ...)
+CVE-2006-2277
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-2276 (bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to ...)
+CVE-2006-2276
 	{DSA-1059-1}
 	- quagga 0.99.4-1 (bug #366980; low)
-CVE-2006-2275 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
+CVE-2006-2275
 	- linux-2.6 2.6.16-13
-CVE-2006-2274 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
+CVE-2006-2274
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-2273 (The InstallProduct routine in the Verisign VUpdater.Install (aka ...)
+CVE-2006-2273
 	NOT-FOR-US: Verisign
-CVE-2006-2272 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
+CVE-2006-2272
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-2271 (The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows ...)
+CVE-2006-2271
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-2270 (PHP remote file inclusion vulnerability in includes/config.php in ...)
+CVE-2006-2270
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-2269 (Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3 ...)
+CVE-2006-2269
 	NOT-FOR-US: myWebland MyBloggie
-CVE-2006-2268 (SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows ...)
+CVE-2006-2268
 	NOT-FOR-US: FlexCustomer
-CVE-2006-2267 (Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause ...)
+CVE-2006-2267
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2006-2266 (SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to ...)
+CVE-2006-2266
 	NOT-FOR-US: Chirpy!
-CVE-2006-2265 (Cross-site scripting vulnerability in admin/main.asp in Ocean12 ...)
+CVE-2006-2265
 	NOT-FOR-US: Ocean12 Calendar Manager Pro
-CVE-2006-2264 (Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro ...)
+CVE-2006-2264
 	NOT-FOR-US: Ocean12 Calendar Manager Pro
-CVE-2006-2263 (SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows ...)
+CVE-2006-2263
 	NOT-FOR-US: VP-ASP
-CVE-2006-2262 (Cross-site scripting (XSS) vulnerability in index.php in singapore ...)
+CVE-2006-2262
 	NOT-FOR-US: singapore
-CVE-2006-2261 (PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 ...)
+CVE-2006-2261
 	NOT-FOR-US: ACal
-CVE-2006-2260 (Cross-site scripting (XSS) vulnerability in the project module ...)
+CVE-2006-2260
 	- drupal <not-affected> (bug #366947)
-CVE-2006-2259 (SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows ...)
+CVE-2006-2259
 	NOT-FOR-US: MaxxSchedule
-CVE-2006-2258 (Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule ...)
+CVE-2006-2258
 	NOT-FOR-US: MaxxSchedule
-CVE-2006-2257 (Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 ...)
+CVE-2006-2257
 	NOT-FOR-US: easyEvent
-CVE-2006-2256 (PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp ...)
+CVE-2006-2256
 	NOT-FOR-US: EQdkp
-CVE-2006-2255 (Multiple SQL injection vulnerabilities in Creative Community Portal ...)
+CVE-2006-2255
 	NOT-FOR-US: Creative Community Portal
-CVE-2006-2254 (Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote ...)
+CVE-2006-2254
 	NOT-FOR-US: FileCOPA
-CVE-2006-2253 (PHP remote file inclusion vulnerability in visible_count_inc.php in ...)
+CVE-2006-2253
 	NOT-FOR-US: Statit
-CVE-2006-2252 (Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 ...)
+CVE-2006-2252
 	NOT-FOR-US: OpenFAQ
-CVE-2006-2251 (SQL injection vulnerability in the do_mmod function in mod.php in ...)
+CVE-2006-2251
 	NOT-FOR-US: Invision Community Blog
-CVE-2006-2250 (CuteNews 1.4.1 allows remote attackers to obtain sensitive information ...)
+CVE-2006-2250
 	NOT-FOR-US: CuteNews
-CVE-2006-2249 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
+CVE-2006-2249
 	NOT-FOR-US: CuteNews
-CVE-2006-2248 (Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source ...)
+CVE-2006-2248
 	NOT-FOR-US: Xeneo Web Server
-CVE-2006-2247 (WebCalendar 1.0.1 to 1.0.3 generates different error messages ...)
+CVE-2006-2247
 	{DSA-1056-1}
 	- webcalendar 1.0.2-2.2 (medium; bug #366927)
-CVE-2006-2246 (Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition ...)
+CVE-2006-2246
 	NOT-FOR-US: UBlog
-CVE-2006-2245 (PHP remote file inclusion vulnerability in auction\auction_common.php ...)
+CVE-2006-2245
 	NOT-FOR-US: Auction mod 1.3m for phpBB
-CVE-2006-2244 (Multiple SQL injection vulnerabilities in Web4Future News Portal allow ...)
+CVE-2006-2244
 	NOT-FOR-US: Web4Future News Portal
-CVE-2006-2243 (Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News ...)
+CVE-2006-2243
 	NOT-FOR-US: Web4Future News Portal
-CVE-2006-2242 (acFTP 1.4 allows remote attackers to cause a denial of service ...)
+CVE-2006-2242
 	NOT-FOR-US: acFTP
-CVE-2006-2241 (PHP remote file inclusion vulnerability in show.php in Fast Click SQL ...)
+CVE-2006-2241
 	NOT-FOR-US: Fast Click SQL Lite
-CVE-2006-2240 (Unspecified vulnerability in the (1) web cache or (2) web proxy in ...)
+CVE-2006-2240
 	NOT-FOR-US: Fujitsu NetShelter/FW
-CVE-2006-2239 (SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows ...)
+CVE-2006-2239
 	NOT-FOR-US: Newsadmin
-CVE-2006-2238 (Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote ...)
+CVE-2006-2238
 	NOT-FOR-US: Apple
-CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics updates are ...)
+CVE-2006-2237
 	{DSA-1058-1}
 	- awstats 6.5-2 (bug #365909; bug #365910; medium)
-CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...)
+CVE-2006-2236
 	- tremulous 1.1.0-6 (bug #660827)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
-CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is ...)
+CVE-2006-2235
 	NOT-FOR-US: Simple Poll
-CVE-2006-2234 (Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta ...)
+CVE-2006-2234
 	NOT-FOR-US: TyroCMS
-CVE-2006-2233 (Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) ...)
+CVE-2006-2233
 	NOT-FOR-US: BankTown Client Control
-CVE-2006-2232 (Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook ...)
+CVE-2006-2232
 	NOT-FOR-US: Scriptsez Cute Guestbook
-CVE-2006-2231 (Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in ...)
+CVE-2006-2231
 	NOT-FOR-US: Big Webmaster Guestbook Script
-CVE-2006-2230 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...)
+CVE-2006-2230
 	{DSA-1093-1}
 	- xine-ui 0.99.4-2 (medium; bug #363370; bug #372172)
-CVE-2006-2229 (OpenVPN 2.0.7 and earlier, when configured to use the --management ...)
+CVE-2006-2229
 	- openvpn <unfixed> (unimportant)
 	NOTE: One needs to explicitly set the IP to something else than 127.0.0.1
 	NOTE: in order to be vulnerable. The man page recommends not to do it.
-CVE-2006-2228 (Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) ...)
+CVE-2006-2228
 	NOT-FOR-US: Web-Agora
-CVE-2006-2227 (Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 ...)
+CVE-2006-2227
 	NOT-FOR-US: PunBB
-CVE-2006-2226 (Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows ...)
+CVE-2006-2226
 	NOT-FOR-US: Easy Personal FTP Server
-CVE-2006-2225 (Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows ...)
+CVE-2006-2225
 	NOT-FOR-US: Easy Personal FTP Server
-CVE-2006-2224 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce ...)
+CVE-2006-2224
 	{DSA-1059-1}
 	- quagga 0.99.3-2 (bug #365940; medium)
-CVE-2006-2223 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly ...)
+CVE-2006-2223
 	{DSA-1059-1}
 	- quagga 0.99.3-2 (bug #365940; medium)
-CVE-2006-2222 (Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, ...)
+CVE-2006-2222
 	NOT-FOR-US: zawhttpd
-CVE-2006-2221 (A third-party installer generation tool, possibly BitRock ...)
+CVE-2006-2221
 	- ejabberd <not-affected> (only binary distribution is affected)
-CVE-2006-2220 (phpBB 2.0.20 does not properly verify user-specified input variables ...)
+CVE-2006-2220
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: SQL query disclosure
-CVE-2006-2219 (phpBB 2.0.20 does not verify user-specified input variable types ...)
+CVE-2006-2219
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: path disclosure
-CVE-2006-2218 (Unspecified vulnerability in Internet Explorer 6.0 on Microsoft ...)
+CVE-2006-2218
 	NOT-FOR-US: MS IE
-CVE-2006-2217 (SQL injection vulnerability in index.php in Invision Power Board ...)
+CVE-2006-2217
 	NOT-FOR-US: Invision Power Board
-CVE-2006-2216 (Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to obtain ...)
+CVE-2006-2216
 	NOT-FOR-US: OpenBB
 CVE-2006-2215
 	REJECTED
 CVE-2006-XXXX [cyrus-imapd allows user probes]
 	- cyrus-imapd-2.2 2.2.13-3
 	- kolab-cyrus-imapd 2.2.13-1
-CVE-2006-2214 (Multiple SQL injection vulnerabilities in 4images 1.7.1 and earlier ...)
+CVE-2006-2214
 	NOT-FOR-US: 4images
-CVE-2006-2213 (Hostapd 0.3.7-2 allows remote attackers to cause a denial of service ...)
+CVE-2006-2213
 	{DSA-1065-1}
 	- hostapd 1:0.5.0-1 (bug #365897; high)
-CVE-2006-2212 (Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows ...)
+CVE-2006-2212
 	NOT-FOR-US: KarjaSoft Sami FTP Server
-CVE-2006-2211 (Absolute path traversal vulnerability in index.php in 321soft ...)
+CVE-2006-2211
 	NOT-FOR-US: 321soft PhP-Gallery
-CVE-2006-2210 (Cross-site scripting (XSS) vulnerability in index.php in 321soft ...)
+CVE-2006-2210
 	NOT-FOR-US: 321soft PhP-Gallery
-CVE-2006-2209 (Multiple SQL injection vulnerabilities in index.php in PHP Arena ...)
+CVE-2006-2209
 	NOT-FOR-US: paCheckBook
-CVE-2006-2208 (Multiple cross-site scripting (XSS) vulnerabilities in mynews.inc.php ...)
+CVE-2006-2208
 	NOT-FOR-US: paCheckBook
 CVE-2006-2207
 	RESERVED
-CVE-2006-2206 (The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 ...)
+CVE-2006-2206
 	NOT-FOR-US: UltraVNC
-CVE-2006-2205 (The audio_write function in NetBSD 3.0 allows local users to cause a ...)
+CVE-2006-2205
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-2204 (SQL injection vulnerability in the topic deletion functionality ...)
+CVE-2006-2204
 	NOT-FOR-US: Invision Power Board
-CVE-2006-2203 (Unspecified vulnerability in Kerio MailServer before 6.1.4 has unknown ...)
+CVE-2006-2203
 	NOT-FOR-US: Kerio MailServer
-CVE-2006-2202 (SQL injection vulnerability in post.php in Invision Gallery 2.0.6 ...)
+CVE-2006-2202
 	NOT-FOR-US: Invision Gallery
-CVE-2006-2201 (Unspecified vulnerability in CA Resource Initialization Manager ...)
+CVE-2006-2201
 	NOT-FOR-US: CA Resource Initialization Manager
-CVE-2006-2200 (Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and ...)
+CVE-2006-2200
 	- libmms 0.2-7 (bug #374577; medium)
 	- mimms 2.0.0-1 (bug #374577; medium)
 	- xine-lib 1.1.2-2 (bug #374577; unimportant)
 	NOTE: Not exploitable within xine, as alloced buffer are large enough
-CVE-2006-2199 (Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka ...)
+CVE-2006-2199
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-2198 (OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before ...)
+CVE-2006-2198
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-2197 (Integer overflow in wv2 before 0.2.3 might allow context-dependent ...)
+CVE-2006-2197
 	{DSA-1100}
 	- wv2 0.2.2-6 (medium)
-CVE-2006-2196 (Unspecified vulnerability in pinball 0.3.1 allows local users to gain ...)
+CVE-2006-2196
 	{DSA-1102}
 	- pinball 0.3.1-6
-CVE-2006-2195 (Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before ...)
+CVE-2006-2195
 	{DSA-1099-1 DSA-1098-1}
 	- horde3 3.1.1-3
-CVE-2006-2194 (The winbind plugin in pppd for ppp 2.4.4 and earlier does not check ...)
+CVE-2006-2194
 	{DSA-1106}
 	- ppp 2.4.4rel-1 (medium)
-CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff ...)
+CVE-2006-2193
 	{DSA-1091-1}
 	- tiff 3.8.2-4 (bug #371064; bug #370355; medium)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2191 (** DISPUTED ** ...)
+CVE-2006-2191
 	- mailman 1:2.1.9-1 (unimportant)
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2006-September/000087.html
 	NOTE: not exploitable
-CVE-2006-2190 (Cross-site scripting (XSS) vulnerability in ow-shared.pl in ...)
+CVE-2006-2190
 	NOT-FOR-US: OpenWebMail
-CVE-2006-2189 (SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 ...)
+CVE-2006-2189
 	NOT-FOR-US: Servous sBLOG
-CVE-2006-2188 (Multiple cross-site scripting (XSS) vulnerabilities in CMScout 1.10 ...)
+CVE-2006-2188
 	NOT-FOR-US: CMScout
-CVE-2006-2187 (Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 ...)
+CVE-2006-2187
 	NOT-FOR-US: zenphoto
-CVE-2006-2186 (zenphoto 1.0.1 beta and earlier allow remote attackers to obtain ...)
+CVE-2006-2186
 	NOT-FOR-US: zenphoto
-CVE-2006-2185 (PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password ...)
+CVE-2006-2185
 	NOT-FOR-US: Novell
-CVE-2006-2184 (Cross-site scripting (XSS) vulnerability in search.php in PHPKB ...)
+CVE-2006-2184
 	NOT-FOR-US: PHPKB Knowledge Base
-CVE-2006-2183 (Untrusted search path vulnerability in Truecrypt 4.1, when running ...)
+CVE-2006-2183
 	NOT-FOR-US: Truecrypt
-CVE-2006-2182 (Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, ...)
+CVE-2006-2182
 	NOT-FOR-US: albinator
-CVE-2006-2181 (Multiple cross-site scripting (XSS) vulnerabilities in Albinator 2.0.8 ...)
+CVE-2006-2181
 	NOT-FOR-US: albinator
-CVE-2006-2180 (Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers ...)
+CVE-2006-2180
 	NOT-FOR-US: Golden FTP Server Pro
-CVE-2006-2179 (Multiple SQL injection vulnerabilities in CyberBuild allow remote ...)
+CVE-2006-2179
 	NOT-FOR-US: CyberBuild
-CVE-2006-2178 (Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild ...)
+CVE-2006-2178
 	NOT-FOR-US: CyberBuild
-CVE-2006-2177 (Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 ...)
+CVE-2006-2177
 	NOT-FOR-US: geoBlog
-CVE-2006-2176 (Multiple cross-site scripting (XSS) vulnerabilities in links.php in ...)
+CVE-2006-2176
 	NOT-FOR-US: PHP Linkliste
-CVE-2006-2175 (PHP remote file inclusion vulnerability in FtrainSoft Fast Click 2.3.8 ...)
+CVE-2006-2175
 	NOT-FOR-US: Fast Click
-CVE-2006-2174 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-2174
 	NOT-FOR-US: Virtual Hosting Control System (VHCS)
-CVE-2006-2173 (Buffer overflow in FileZilla FTP Server 2.2.22 allows remote ...)
+CVE-2006-2173
 	NOT-FOR-US: FileZilla FTP Server
-CVE-2006-2172 (Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated ...)
+CVE-2006-2172
 	NOT-FOR-US: Gene6 FTP Server
-CVE-2006-2171 (Buffer overflow in WDM.exe in WarFTPD allows remote attackers to ...)
+CVE-2006-2171
 	NOT-FOR-US: WarFTPD
-CVE-2006-2170 (Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers ...)
+CVE-2006-2170
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2006-2169 (RT: Request Tracker 3.5.HEAD allows remote attackers to obtain ...)
+CVE-2006-2169
 	- request-tracker3.4 <not-affected> (file not included in 3.4)
-CVE-2006-2168 (FileProtection Express 1.0.1 and earlier allows remote attackers to ...)
+CVE-2006-2168
 	NOT-FOR-US: FileProtection Express
-CVE-2006-2167 (Cross-site scripting (XSS) vulnerability in SloughFlash SF-Users 1.0, ...)
+CVE-2006-2167
 	NOT-FOR-US: SloughFlash
-CVE-2006-2166 (Unspecified vulnerability in the HTTP management interface in Cisco ...)
+CVE-2006-2166
 	NOT-FOR-US: Cisco
-CVE-2006-2165 (Multiple cross-site scripting (XSS) vulnerabilities in Avactis ...)
+CVE-2006-2165
 	NOT-FOR-US: Avactis
-CVE-2006-2164 (Multiple SQL injection vulnerabilities in Avactis Shopping Cart 0.1.2 ...)
+CVE-2006-2164
 	NOT-FOR-US: Avactis
-CVE-2006-2163 (Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart ...)
+CVE-2006-2163
 	NOT-FOR-US: Pinnacle
-CVE-2006-2162 (Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before ...)
+CVE-2006-2162
 	{DSA-1072-1}
 	- nagios 2:1.4-1 (bug #366682; bug #366803; medium)
 	- nagios2 2.3-1 (bug #366683; medium)
-CVE-2006-2161 (Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and ...)
+CVE-2006-2161
 	NOT-FOR-US: TZipBuilder/Abakt
-CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ...)
+CVE-2006-2160
 	NOT-FOR-US: Russcom
-CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp ...)
+CVE-2006-2159
 	NOT-FOR-US: Russcom
-CVE-2006-2158 (Dynamic variable evaluation vulnerability in index.php in Stadtaus ...)
+CVE-2006-2158
 	NOT-FOR-US: Stadtaus
-CVE-2006-2157 (SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and ...)
+CVE-2006-2157
 	NOT-FOR-US: Plogger
-CVE-2006-2156 (Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and ...)
+CVE-2006-2156
 	NOT-FOR-US: X7 Chat
-CVE-2006-2155 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
+CVE-2006-2155
 	NOT-FOR-US: EMC Retrospect
-CVE-2006-2154 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
+CVE-2006-2154
 	NOT-FOR-US: EMC Retrospect
-CVE-2006-2153 (Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin ...)
+CVE-2006-2153
 	NOT-FOR-US: DirectAdmin
-CVE-2006-2152 (PHP remote file inclusion vulnerability in admin/addentry.php in phpBB ...)
+CVE-2006-2152
 	NOT-FOR-US: phpBB Advanced Guestbook
-CVE-2006-2151 (PHP remote file inclusion vulnerability in toplist.php in phpBB ...)
+CVE-2006-2151
 	NOT-FOR-US: phpBB TopList
-CVE-2006-2150 (PHP remote file inclusion vulnerability in top/list.php in phpBB ...)
+CVE-2006-2150
 	NOT-FOR-US: phpBB TopList
-CVE-2006-2149 (PHP remote file inclusion vulnerability in sources/lostpw.php in ...)
+CVE-2006-2149
 	NOT-FOR-US: Aardvark Topsites
-CVE-2006-2147 (resmgrd in resmgr for SUSE Linux and other distributions does not ...)
+CVE-2006-2147
 	{DSA-1047-1}
 	- resmgr 1.0-4 (low)
-CVE-2006-2146 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-2146
 	NOT-FOR-US: HB-NS
-CVE-2006-2145 (Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 ...)
+CVE-2006-2145
 	NOT-FOR-US: HB-NS
-CVE-2006-2144 (PHP remote file inclusion vulnerability in kopf.php in DMCounter ...)
+CVE-2006-2144
 	NOT-FOR-US: DMCounter
-CVE-2006-2143 (Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB ...)
+CVE-2006-2143
 	NOT-FOR-US: TextFileBB
-CVE-2006-2142 (PHP remote file inclusion vulnerability in classes/adodbt/sql.php in ...)
+CVE-2006-2142
 	NOT-FOR-US: Limbo
-CVE-2006-2141 (Cross-site scripting (XSS) vulnerability in popup_image in ...)
+CVE-2006-2141
 	NOT-FOR-US: Collaborative Portal Server
-CVE-2006-2140 (Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 ...)
+CVE-2006-2140
 	NOT-FOR-US: OrbitHYIP
-CVE-2006-2139 (Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow ...)
+CVE-2006-2139
 	NOT-FOR-US: PHP Newsfeed
-CVE-2006-2138 (Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 ...)
+CVE-2006-2138
 	NOT-FOR-US: NeoMail
-CVE-2006-2137 (PHP remote file inclusion vulnerability in master.php in OpenPHPNuke ...)
+CVE-2006-2137
 	NOT-FOR-US: OpenPHPNuke
-CVE-2006-2136 (SQL injection vulnerability in news.php in AZNEWS allows remote ...)
+CVE-2006-2136
 	NOT-FOR-US: AZNEWS
-CVE-2006-2135 (SQL injection vulnerability in login.php in Ruperts News allows remote ...)
+CVE-2006-2135
 	NOT-FOR-US: Ruperts News
-CVE-2006-2134 (PHP remote file inclusion vulnerability in /includes/kb_constants.php ...)
+CVE-2006-2134
 	NOT-FOR-US: phpbb2 mod
-CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 ...)
+CVE-2006-2148
 	{DSA-1052-1}
 	- cgiirc 0.5.9-1 (bug #365680; medium)
 	[sarge] - cgiirc 0.5.4-6sarge1 (bug #365680; medium)
-CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...)
+CVE-2006-2133
 	NOT-FOR-US: BoonEx Barracuda
-CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified allows ...)
+CVE-2006-2132
 	NOT-FOR-US: DUclassified
-CVE-2006-2131 (include/class_poll.php in Advanced Poll 2.0.4 uses the ...)
+CVE-2006-2131
 	NOT-FOR-US: Advanced Poll
-CVE-2006-2130 (SQL injection vulnerability in include/class_poll.php in Advanced Poll ...)
+CVE-2006-2130
 	NOT-FOR-US: Advanced Poll
-CVE-2006-2129 (Direct static code injection vulnerability in Pro Publish 2.0 allows ...)
+CVE-2006-2129
 	NOT-FOR-US: Pro Publish
-CVE-2006-2128 (Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote ...)
+CVE-2006-2128
 	NOT-FOR-US: Pro Publish
-CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x ...)
+CVE-2006-2127
 	NOT-FOR-US: Blog Mod
-CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and ...)
+CVE-2006-2126
 	NOT-FOR-US: MaxTrade
 CVE-2006-2125
 	REJECTED
-CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and ...)
+CVE-2006-2124
 	NOT-FOR-US: SunShop
-CVE-2006-2123 (Multiple SQL injection vulnerabilities in the report interface in ...)
+CVE-2006-2123
 	NOT-FOR-US: Network Administration Visualiazed
-CVE-2006-2122 (PHP remote file inclusion vulnerability in index.php in CoolMenus allows ...)
+CVE-2006-2122
 	NOT-FOR-US: CoolMenus
-CVE-2006-2121 (PHP remote file include vulnerability in admin/config_settings.tpl.php ...)
+CVE-2006-2121
 	NOT-FOR-US: I-RATER Platinum
-CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...)
+CVE-2006-2120
 	{DSA-1078-1}
 	- tiff 3.8.1 (bug #366588; medium)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in Artmedic ...)
+CVE-2006-2119
 	NOT-FOR-US: Artmedic
-CVE-2006-2118 (JMK's Picture Gallery allows remote attackers to bypass authentication ...)
+CVE-2006-2118
 	NOT-FOR-US: JMK
-CVE-2006-2117 (Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote ...)
+CVE-2006-2117
 	NOT-FOR-US: Thyme
-CVE-2006-2116 (planetGallery allows remote attackers to gain administrator privileges ...)
+CVE-2006-2116
 	NOT-FOR-US: planetGallery
-CVE-2006-2115 (Format string vulnerability in SWS web Server 0.1.7 allows remote ...)
+CVE-2006-2115
 	NOT-FOR-US: SWS
-CVE-2006-2114 (Buffer overflow in SWS web Server 0.1.7 allows remote attackers to ...)
+CVE-2006-2114
 	NOT-FOR-US: SWS
-CVE-2006-2113 (The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print ...)
+CVE-2006-2113
 	NOT-FOR-US: Fuji Xerox Printing Systems
-CVE-2006-2112 (Fuji Xerox Printing Systems (FXPS) print engine, as used in products ...)
+CVE-2006-2112
 	NOT-FOR-US: Fuji Xerox Printing Systems
-CVE-2006-2111 (A component in Microsoft Outlook Express 6 allows remote attackers to ...)
+CVE-2006-2111
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...)
+CVE-2006-2110
 	{DSA-1060-1}
 	- kernel-patch-vserver 2:2.0.1-4 (low)
 	- linux-2.6 2.6.16-11 (low)
-CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str ...)
+CVE-2006-2109
 	NOTE: #357204: request for removal
 	- jsboard 2.0.10-2 (bug #368305; low)
-CVE-2006-2108 (parser.exe in Oc&#233; (OCE) 3121/3122 Printer allows remote attackers to ...)
+CVE-2006-2108
 	NOT-FOR-US: OCE
-CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote ...)
+CVE-2006-2107
 	NOT-FOR-US: BL4
-CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Trac ...)
+CVE-2006-2106
 	- trac 0.9.5-1 (medium)
 	[sarge] - trac <unfixed> (medium)
 	NOTE: http://trac.edgewall.org/changeset/3201
@@ -11561,299 +11561,299 @@ CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Tra
 	NOTE: the second reference fixes a regression in the first. i *believe*
 	NOTE: that these correctly solve the problem, though we really ought
 	NOTE: to run this by upstream or the reporter.
-CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 ...)
+CVE-2006-2105
 	NOT-FOR-US: Jupiter
-CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email ...)
+CVE-2006-2104
 	NOT-FOR-US: Kamgaing
-CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows ...)
+CVE-2006-2103
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote ...)
+CVE-2006-2102
 	NOT-FOR-US: PowerISO
-CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote ...)
+CVE-2006-2101
 	NOT-FOR-US: WinISO
-CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows ...)
+CVE-2006-2100
 	NOT-FOR-US: Magic ISO
-CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote ...)
+CVE-2006-2099
 	NOT-FOR-US: UltraISO
-CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex before ...)
+CVE-2006-2098
 	NOT-FOR-US: Thumbnail AutoIndex
-CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power Board ...)
+CVE-2006-2097
 	NOT-FOR-US: Invision
-CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote ...)
+CVE-2006-2096
 	NOT-FOR-US: LDU
-CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of service ...)
+CVE-2006-2095
 	NOT-FOR-US: Phex
-CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and ...)
+CVE-2006-2094
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted ...)
+CVE-2006-2093
 	- libnasl 2.2.8-1 (bug #365898; low)
 	[sarge] - libnasl <no-dsa> (Hardly exploitable, see #365898)
-CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for Windows ...)
+CVE-2006-2092
 	NOT-FOR-US: HP
-CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows ...)
+CVE-2006-2091
 	NOT-FOR-US: Virtual War
-CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x ...)
+CVE-2006-2090
 	NOT-FOR-US: MySmartBB
-CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in ...)
+CVE-2006-2089
 	NOT-FOR-US: OpenBB
-CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open ...)
+CVE-2006-2088
 	NOT-FOR-US: OpenBB
-CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...)
+CVE-2006-2087
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx ...)
+CVE-2006-2086
 	NOT-FOR-US: juniper SSL-VPN
-CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in ...)
+CVE-2006-2085
 	NOT-FOR-US: SpeedProject Squeez
-CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 ...)
+CVE-2006-2084
 	NOT-FOR-US: FarsiNews
-CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended ...)
+CVE-2006-2083
 	- rsync 2.6.8-1 (bug #365614; high)
 	[sarge] - rsync <not-affected> (xattr patch appeared in 2.6.7)
 	[woody] - rsync <not-affected> (xattr patch appeared in 2.6.7)
-CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in ...)
+CVE-2006-2082
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660831)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute ...)
+CVE-2006-2081
 	NOT-FOR-US: Oracle
-CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky ...)
+CVE-2006-2080
 	NOT-FOR-US: Verosky
-CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky ...)
+CVE-2006-2079
 	NOT-FOR-US: Verosky
-CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet products, ...)
+CVE-2006-2078
 	NOT-FOR-US: FITELnet
-CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact ...)
+CVE-2006-2077
 	- pdnsd 1.2.4par-0.1 (bug #368268; medium)
-CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote ...)
+CVE-2006-2076
 	- pdnsd 1.2.4par-0.1 (bug #368268; medium)
-CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to ...)
+CVE-2006-2075
 	[sarge] - mydns 1.0.0-4sarge1
 	- mydns 1.1.0+pre-3 (medium; bug #348826)
-CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series routers ...)
+CVE-2006-2074
 	NOT-FOR-US: Juniper Networks JUNOSe
-CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to cause ...)
+CVE-2006-2073
 	- bind9 1:9.3.3-1 (low)
 	NOTE: Only exploitable by trusted users after TSIG transaction
 	NOTE: https://lists.isc.org/pipermail/bind-users/2011-October/085298.html
-CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and ...)
+CVE-2006-2072
 	NOT-FOR-US: DeleGate
-CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...)
+CVE-2006-2071
 	- linux-2.6 2.6.16-8
-CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 ...)
+CVE-2006-2070
 	NOT-FOR-US: DevBB
-CVE-2006-2069 (The recursor in PowerDNS before 3.0.1 allows remote attackers to cause ...)
+CVE-2006-2069
 	- pdns-recursor 3.0.1-1 (medium)
-CVE-2006-2068 (Unspecified vulnerability in Hitachi JP1 products allow remote ...)
+CVE-2006-2068
 	NOT-FOR-US: Hitachi JP1
-CVE-2006-2067 (SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, ...)
+CVE-2006-2067
 	NOT-FOR-US: MKPortal
-CVE-2006-2066 (Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in ...)
+CVE-2006-2066
 	NOT-FOR-US: MKPortal
-CVE-2006-2065 (SQL injection vulnerability in save.php in PHPSurveyor 0.995 and ...)
+CVE-2006-2065
 	NOT-FOR-US: PHPSurveyor
-CVE-2006-2064 (Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 ...)
+CVE-2006-2064
 	NOT-FOR-US: Sun
-CVE-2006-2063 (Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full ...)
+CVE-2006-2063
 	NOT-FOR-US: Leadhound
-CVE-2006-2062 (Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, ...)
+CVE-2006-2062
 	NOT-FOR-US: Leadhound
-CVE-2006-2061 (SQL injection vulnerability in lib/func_taskmanager.php in Invision ...)
+CVE-2006-2061
 	NOT-FOR-US: Invision
-CVE-2006-2060 (Directory traversal vulnerability in action_admin/paysubscriptions.php ...)
+CVE-2006-2060
 	NOT-FOR-US: Invision
-CVE-2006-2059 (action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x ...)
+CVE-2006-2059
 	NOT-FOR-US: Invision
-CVE-2006-2058 (Argument injection vulnerability in Avant Browser 10.1 Build 17 allows ...)
+CVE-2006-2058
 	NOT-FOR-US: Avant
-CVE-2006-2057 (Argument injection vulnerability in Mozilla Firefox 1.0.6 allows ...)
+CVE-2006-2057
 	NOT-FOR-US: Only on Windows
-CVE-2006-2056 (Argument injection vulnerability in Internet Explorer 6 for Windows XP ...)
+CVE-2006-2056
 	NOT-FOR-US: Microsoft
-CVE-2006-2055 (Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows ...)
+CVE-2006-2055
 	NOT-FOR-US: Micrsoft Outlook
-CVE-2006-2054 (3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before ...)
+CVE-2006-2054
 	NOT-FOR-US: 3Com
-CVE-2006-2053 (Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier ...)
+CVE-2006-2053
 	NOT-FOR-US: QuickEStore
-CVE-2006-2052 (Cross-site scripting (XSS) vulnerability in Verosky Media Instant ...)
+CVE-2006-2052
 	NOT-FOR-US: Verosky
-CVE-2006-2051 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-2051
 	NOT-FOR-US: NextAge
-CVE-2006-2050 (SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite ...)
+CVE-2006-2050
 	NOT-FOR-US: DCScripts
-CVE-2006-2049 (Cross-site scripting (XSS) vulnerability in dcboard.cgi in DCScripts ...)
+CVE-2006-2049
 	NOT-FOR-US: DCScripts
-CVE-2006-2048 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-2048
 	NOT-FOR-US: phpWebFTP
-CVE-2006-2047 (Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allows ...)
+CVE-2006-2047
 	NOT-FOR-US: ColdFusion
-CVE-2006-2046 (Multiple SQL injection vulnerabilities in Application Dynamics ...)
+CVE-2006-2046
 	NOT-FOR-US: ColdFusion
-CVE-2006-2045 (The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks ...)
+CVE-2006-2045
 	NOT-FOR-US: IP3
-CVE-2006-2044 (na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default ...)
+CVE-2006-2044
 	NOT-FOR-US: IP3
-CVE-2006-2043 (na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local ...)
+CVE-2006-2043
 	NOT-FOR-US: IP3
-CVE-2006-2042 (Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that ...)
+CVE-2006-2042
 	NOT-FOR-US: Adobe
-CVE-2006-2041 (PhpWebGallery before 1.6.0RC1 allows remote attackers to obtain ...)
+CVE-2006-2041
 	NOT-FOR-US: PhpWebGallery
-CVE-2006-2040 (Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 ...)
+CVE-2006-2040
 	NOT-FOR-US: photokorn
-CVE-2006-2039 (Multiple SQL injection vulnerabilities in the osTicket module in Help ...)
+CVE-2006-2039
 	NOT-FOR-US: Help Center Live
-CVE-2006-2038 (Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier ...)
+CVE-2006-2038
 	NOT-FOR-US: ampleShop
-CVE-2006-2037 (Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 ...)
+CVE-2006-2037
 	NOT-FOR-US: Thwboard
-CVE-2006-2036 (iOpus Secure Email Attachments (SEA), probably 1.0, does not properly ...)
+CVE-2006-2036
 	NOT-FOR-US: iOpus
-CVE-2006-2035 (Websense, when configured to permit access to the dynamic content ...)
+CVE-2006-2035
 	NOT-FOR-US: Websense
-CVE-2006-2034 (SQL injection vulnerability in function/showprofile.php in FlexBB ...)
+CVE-2006-2034
 	NOT-FOR-US: FlexBB
-CVE-2006-2033 (PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and ...)
+CVE-2006-2033
 	NOT-FOR-US: Core
-CVE-2006-2032 (Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and ...)
+CVE-2006-2032
 	NOT-FOR-US: Core
-CVE-2006-2031 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin ...)
+CVE-2006-2031
 	- phpmyadmin 4:2.8.1-1 (bug #363519; low)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-2030 (The Allied Telesyn AT-9724TS switch allows remote attackers to cause a ...)
+CVE-2006-2030
 	NOT-FOR-US: Allied Telesyn
-CVE-2006-2029 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog ...)
+CVE-2006-2029
 	NOT-FOR-US: Simplog
-CVE-2006-2028 (Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy ...)
+CVE-2006-2028
 	NOT-FOR-US: Simplog
-CVE-2006-2027 (Buffer overflow in Unicode processing in the logging functionality in ...)
+CVE-2006-2027
 	NOT-FOR-US: Pablo Software
-CVE-2006-2026 (Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows ...)
+CVE-2006-2026
 	{DSA-1054-1}
 	[sarge] - tiff 3.7.2-3sarge1
 	[woody] - tiff 3.5.5-7woody1
 	- tiff 3.8.1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2025 (Integer overflow in the TIFFFetchData function in tif_dirread.c for ...)
+CVE-2006-2025
 	{DSA-1054-1}
 	[sarge] - tiff 3.7.2-3sarge1
 	[woody] - tiff 3.5.5-7woody1
 	- tiff 3.8.1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2024 (Multiple vulnerabilities in libtiff before 3.8.1 allow ...)
+CVE-2006-2024
 	{DSA-1054-1}
 	[sarge] - tiff 3.7.2-3sarge1
 	[woody] - tiff 3.5.5-7woody1
 	- tiff 3.8.1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2023 (Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c ...)
+CVE-2006-2023
 	NOT-FOR-US: Fenice
-CVE-2006-2022 (Buffer overflow in the parse_url function in the RTSP module ...)
+CVE-2006-2022
 	NOT-FOR-US: Fenice
-CVE-2006-2021 (Absolute path traversal vulnerability in recordings/misc/audio.php in ...)
+CVE-2006-2021
 	NOT-FOR-US: Asterisk@Home
-CVE-2006-2020 (Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores ...)
+CVE-2006-2020
 	NOT-FOR-US: Asterisk@Home
-CVE-2006-2019 (Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows ...)
+CVE-2006-2019
 	NOT-FOR-US: Apple
 CVE-2006-XXXX [librsvg2 crash on certain svg files]
 	- librsvg 2.14.3-2 (bug #361653; bug #361540; medium)
-CVE-2006-2018 (SQL injection vulnerability in calendar.php in vBulletin 3.0.x allows ...)
+CVE-2006-2018
 	NOT-FOR-US: vBulletin
-CVE-2006-2017 (Dnsmasq 2.29 allows remote attackers to cause a denial of service ...)
+CVE-2006-2017
 	- dnsmasq 2.30-1 (medium)
 	[sarge] - dnsmasq <not-affected> (Vulnerability was introduced in 2.28)
-CVE-2006-2016 (Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin ...)
+CVE-2006-2016
 	{DSA-1057-1}
 	- phpldapadmin 0.9.8.3-1 (bug #365313; low)
 	- egroupware 1.2-104.dfsg-1 (bug #365314; low)
 	NOTE: egroupware 1.2-1.dfsg-1 dropped phpldapadmin
-CVE-2006-2015 (Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote ...)
+CVE-2006-2015
 	NOT-FOR-US: SL_site
-CVE-2006-2014 (Directory traversal vulnerability in gallerie.php in SL_site 1.0 ...)
+CVE-2006-2014
 	NOT-FOR-US: SL_site
-CVE-2006-2013 (SQL injection vulnerability in page.php in SL_site 1.0 allows remote ...)
+CVE-2006-2013
 	NOT-FOR-US: SL_site
-CVE-2006-2012 (Format string vulnerability in Skulltag 0.96f and earlier allows ...)
+CVE-2006-2012
 	NOT-FOR-US: Skulltag
-CVE-2006-2011 (Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 ...)
+CVE-2006-2011
 	NOT-FOR-US: 4images
-CVE-2006-2010 (Multiple SQL injection vulnerabilities in check_login.asp in Bloggage ...)
+CVE-2006-2010
 	NOT-FOR-US: Bloggage
-CVE-2006-2009 (PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda ...)
+CVE-2006-2009
 	NOT-FOR-US: phpMyAgenda
-CVE-2006-2008 (PHP remote file inclusion vulnerability in movie_cls.php in Built2Go ...)
+CVE-2006-2008
 	NOT-FOR-US: Built2Go
-CVE-2006-2007 (Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote ...)
+CVE-2006-2007
 	NOT-FOR-US: Winny
-CVE-2006-2006 (Multiple directory traversal vulnerabilities in IZArc Archiver 3.5 ...)
+CVE-2006-2006
 	NOT-FOR-US: IZArc Archiver
-CVE-2006-2005 (Eval injection vulnerability in index.php in ClanSys 1.1 allows remote ...)
+CVE-2006-2005
 	NOT-FOR-US: ClanSys
-CVE-2006-2004 (Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote ...)
+CVE-2006-2004
 	NOT-FOR-US: RI Blog
-CVE-2006-2003 (Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community ...)
+CVE-2006-2003
 	NOT-FOR-US: Community Architect Guestbook
-CVE-2006-2002 (PHP remote file inclusion vulnerability in stats.php in MyGamingLadder ...)
+CVE-2006-2002
 	NOT-FOR-US: MyGamingLadder
-CVE-2006-2001 (Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery ...)
+CVE-2006-2001
 	NOT-FOR-US: Scry Gallery
-CVE-2006-2000 (Cross-site scripting (XSS) vulnerability in /lms/a2z.jsp in logMethods ...)
+CVE-2006-2000
 	NOT-FOR-US: logMethods
-CVE-2006-1999 (The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause ...)
+CVE-2006-1999
 	NOT-FOR-US: OpenTTD
-CVE-2006-1998 (OpenTTD 0.4.7 and earlier allows local users to cause a denial of ...)
+CVE-2006-1998
 	NOT-FOR-US: OpenTTD
-CVE-2006-1997 (Unspecified vulnerability in Sybase Pylon Anywhere groupware ...)
+CVE-2006-1997
 	NOT-FOR-US: Sybase Pylon Anywhere
-CVE-2006-1996 (Scry Gallery 1.1 allows remote attackers to obtain sensitive ...)
+CVE-2006-1996
 	NOT-FOR-US: Scry Gallery
-CVE-2006-1995 (Directory traversal vulnerability in index.php in Scry Gallery 1.1 ...)
+CVE-2006-1995
 	NOT-FOR-US: Scry Gallery
-CVE-2006-1994 (PHP remote file inclusion vulnerability in dForum 1.5 and earlier ...)
+CVE-2006-1994
 	NOT-FOR-US: dForum
-CVE-2006-1992 (mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, ...)
+CVE-2006-1992
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-1991 (The substr_compare function in string.c in PHP 5.1.2 allows ...)
+CVE-2006-1991
 	- php4 <not-affected> (substr_compare does not exist in PHP 4.4.2)
 	- php5 5.1.4-0.1 (bug #365312; medium)
-CVE-2006-1990 (Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ...)
+CVE-2006-1990
 	- php4 4:4.4.2-1.1 (bug #365311; unimportant)
 	- php5 5.1.4-0.1 (bug #365312; unimportant)
 	NOTE: This could only be exploited by a malicious, local user, which is an
 	NOTE: unsupported use case
-CVE-2006-1989 (Buffer overflow in the get_database function in the HTTP client in ...)
+CVE-2006-1989
 	{DSA-1050-1}
 	- clamav 0.88.2
 	[sarge] - clamav 0.84-2.sarge.9
-CVE-2006-1988 (The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function ...)
+CVE-2006-1988
 	NOT-FOR-US: Apple Safari
 	NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1987 (Apple Safari 2.0.3 allows remote attackers to cause a denial of ...)
+CVE-2006-1987
 	NOT-FOR-US: Apple Safari
 	NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1986 (Apple Safari 2.0.3 allows remote attackers to cause a denial of ...)
+CVE-2006-1986
 	NOT-FOR-US: Apple Safari
 	NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1985 (Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build ...)
+CVE-2006-1985
 	NOT-FOR-US: BOMArchiveHelper
-CVE-2006-1984 (Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X ...)
+CVE-2006-1984
 	NOT-FOR-US: Mac OS X
-CVE-2006-1983 (Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier ...)
+CVE-2006-1983
 	NOT-FOR-US: Mac OS X
-CVE-2006-1982 (Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X ...)
+CVE-2006-1982
 	NOT-FOR-US: Mac OS X
-CVE-2006-1981 (Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may ...)
+CVE-2006-1981
 	NOT-FOR-US: Mac OS X
-CVE-2006-1980 (Cross-site scripting (XSS) vulnerability in W2B Online Banking allows ...)
+CVE-2006-1980
 	NOT-FOR-US: W2B Online Banking
-CVE-2006-1979 (Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web ...)
+CVE-2006-1979
 	NOT-FOR-US: Manic Web MWGuest
-CVE-2006-1978 (SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and ...)
+CVE-2006-1978
 	NOT-FOR-US: FlexBB
-CVE-2006-1977 (Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and ...)
+CVE-2006-1977
 	NOT-FOR-US: FlexBB
-CVE-2006-1993 (Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote ...)
+CVE-2006-1993
 	{DSA-1055-1 DSA-1053-1}
 	- firefox 1.5.dfsg+1.5.0.3-1 (bug #364810; high)
 	- mozilla <removed> (high)
@@ -11862,319 +11862,319 @@ CVE-2006-XXXX [typo3 mailforms can be abused to send spam]
 	- typo3-src 4.0.2-1 (bug #364350)
 CVE-2006-XXXX [moinmoin XSS]
 	- moin 1.5.3-1
-CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer ...)
+CVE-2006-1976
 	NOT-FOR-US: Prayer Request Board
-CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in ...)
+CVE-2006-1975
 	NOT-FOR-US: PHP-Gastebuch
-CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) ...)
+CVE-2006-1974
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router ...)
+CVE-2006-1973
 	NOT-FOR-US: Linksys router
-CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut ...)
+CVE-2006-1972
 	NOT-FOR-US: EasyGallery
-CVE-2006-1971 (Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ...)
+CVE-2006-1971
 	NOT-FOR-US: KRANKIKOM ContentBoxX
-CVE-2006-1970 (Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in ...)
+CVE-2006-1970
 	NOT-FOR-US: KCScripts Classifieds
-CVE-2006-1969 (Cross-site scripting (XSS) vulnerability in search/search.cgi in an ...)
+CVE-2006-1969
 	NOT-FOR-US: KCScripts
-CVE-2006-1968 (Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in ...)
+CVE-2006-1968
 	NOT-FOR-US: KCScripts
-CVE-2006-1967 (Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in ...)
+CVE-2006-1967
 	NOT-FOR-US: KCScripts
-CVE-2006-1966 (An unspecified Fortinet product, possibly Fortinet28, allows remote ...)
+CVE-2006-1966
 	NOT-FOR-US: Fortinet
-CVE-2006-1965 (Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net ...)
+CVE-2006-1965
 	NOT-FOR-US: Net Clubs Pro
-CVE-2006-1964 (SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and ...)
+CVE-2006-1964
 	NOT-FOR-US: ASPSitem
-CVE-2006-1963 (Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and ...)
+CVE-2006-1963
 	NOT-FOR-US: PCPIN Chat
-CVE-2006-1962 (SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows ...)
+CVE-2006-1962
 	NOT-FOR-US: PCPIN Chat
-CVE-2006-1961 (Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express ...)
+CVE-2006-1961
 	NOT-FOR-US: Cisco
-CVE-2006-1960 (Cross-site scripting (XSS) vulnerability in the appliance web user ...)
+CVE-2006-1960
 	NOT-FOR-US: Cisco
-CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in ActualScripts ...)
+CVE-2006-1959
 	NOT-FOR-US: ActualScripts ActualAnalyzer Lite
-CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...)
+CVE-2006-1958
 	NOT-FOR-US: WWWThreads
-CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...)
+CVE-2006-1957
 	- mambo 4.6.1-4 (bug #364769; medium)
-CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...)
+CVE-2006-1956
 	- mambo 4.6.1-4 (bug #364769; medium)
-CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...)
+CVE-2006-1955
 	NOT-FOR-US: RechnungsZentrale
-CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...)
+CVE-2006-1954
 	NOT-FOR-US: RechnungsZentrale
-CVE-2006-1953 (Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 ...)
+CVE-2006-1953
 	NOT-FOR-US: Caucho
-CVE-2006-1952 (Directory traversal vulnerability in WinAgents TFTP Server for Windows ...)
+CVE-2006-1952
 	NOT-FOR-US: WinAgents TFTP Server for Windows
-CVE-2006-1951 (Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and ...)
+CVE-2006-1951
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in ...)
+CVE-2006-1950
 	NOT-FOR-US: PerlCoders BannerFarm
-CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and ...)
+CVE-2006-1949
 	NOT-FOR-US: NicPlex PlexCart
-CVE-2006-1948 (The &quot;Add Sender to Address Book&quot; operation ...)
+CVE-2006-1948
 	NOT-FOR-US: Lotus Notes
-CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum ...)
+CVE-2006-1947
 	NOT-FOR-US: NicPlex PlexCart
-CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and ...)
+CVE-2006-1946
 	NOT-FOR-US: Visale
-CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 ...)
+CVE-2006-1945
 	{DSA-1075-1}
 	- awstats 6.5-2 (bug #364443; medium)
 	NOTE: this might be the same core issue as CVE-2005-2732
-CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft ...)
+CVE-2006-1944
 	NOT-FOR-US: SibSoft CommuniMail
-CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts ...)
+CVE-2006-1943
 	NOT-FOR-US: Smarter Scripts IntelliLink Pro
-CVE-2006-1942 (Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, ...)
+CVE-2006-1942
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-39
 	- firefox 1.5.dfsg+1.5.0.4-1 (low)
 	- thunderbird <not-affected> (Windows-specific)
 	- mozilla 2:1.7.13-0.3 (low)
 	- xulrunner <not-affected> (Windows-specific)
-CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a ...)
+CVE-2006-1941
 	NOT-FOR-US: Neon Responder
-CVE-2006-1940 (Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows ...)
+CVE-2006-1940
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1939 (Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 ...)
+CVE-2006-1939
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1938 (Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 ...)
+CVE-2006-1938
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1937 (Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 ...)
+CVE-2006-1937
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1936 (Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote ...)
+CVE-2006-1936
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1935 (Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote ...)
+CVE-2006-1935
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1934 (Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow ...)
+CVE-2006-1934
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1933 (Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 ...)
+CVE-2006-1933
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1932 (Off-by-one error in the OID printing routine in Ethereal 0.10.x up to ...)
+CVE-2006-1932
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1931 (The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, ...)
+CVE-2006-1931
 	{DSA-1157}
 	NOTE: the redhat bugzilla entry says this is fixed in 1.8.3
 	- ruby1.8 1.8.3 (bug #365520)
-CVE-2006-1930 (** DISPUTED ** ...)
+CVE-2006-1930
 	NOT-FOR-US: Green Minute
-CVE-2006-1929 (PHP remote file inclusion vulnerability in include/common.php in ...)
+CVE-2006-1929
 	NOT-FOR-US: I-Rater Platinum
-CVE-2006-1928 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...)
+CVE-2006-1928
 	NOT-FOR-US: Cisco
-CVE-2006-1927 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...)
+CVE-2006-1927
 	NOT-FOR-US: Cisco
-CVE-2006-1926 (SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 ...)
+CVE-2006-1926
 	NOT-FOR-US: ThWboard
-CVE-2006-1925 (Directory traversal vulnerability in the editnews module ...)
+CVE-2006-1925
 	NOT-FOR-US: CuteNews
-CVE-2006-1924 (SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 ...)
+CVE-2006-1924
 	NOT-FOR-US: LinPHA
-CVE-2006-1923 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...)
+CVE-2006-1923
 	NOT-FOR-US: LinPHA
-CVE-2006-1922 (PHP remote file inclusion vulnerability in (1) about.php or (2) ...)
+CVE-2006-1922
 	NOT-FOR-US: TotalCalendar
-CVE-2006-1921 (nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute ...)
+CVE-2006-1921
 	NOT-FOR-US: PHP Net Tools
-CVE-2006-1920 (SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote ...)
+CVE-2006-1920
 	NOT-FOR-US: PMTool
-CVE-2006-1919 (PHP remote file inclusion vulnerability in index.php in Internet ...)
+CVE-2006-1919
 	NOT-FOR-US: Internet Photoshow
-CVE-2006-1918 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 ...)
+CVE-2006-1918
 	NOT-FOR-US: Papoo
-CVE-2006-1917 (SQL injection vulnerability in member.php in Blackorpheus ...)
+CVE-2006-1917
 	NOT-FOR-US: Blackorpheus ClanMemberSkript
-CVE-2006-1916 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in ...)
+CVE-2006-1916
 	NOT-FOR-US: DbbS
-CVE-2006-1915 (SQL injection vulnerability in topics.php in DbbS 2.0-alpha and ...)
+CVE-2006-1915
 	NOT-FOR-US: DbbS
-CVE-2006-1914 (DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive ...)
+CVE-2006-1914
 	NOT-FOR-US: DbbS
-CVE-2006-1913 (Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax ...)
+CVE-2006-1913
 	NOT-FOR-US: Jax Guestbook
-CVE-2006-1912 (MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL ...)
+CVE-2006-1912
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1911 (Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 ...)
+CVE-2006-1911
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1910 (config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to ...)
+CVE-2006-1910
 	- serendipity 1.0-1
-CVE-2006-1909 (Directory traversal vulnerability in index.php in Coppermine 1.4.4 ...)
+CVE-2006-1909
 	NOT-FOR-US: Coppermine
-CVE-2006-1908 (Cross-site scripting vulnerability in addevent.php in myEvent 1.x ...)
+CVE-2006-1908
 	NOT-FOR-US: myEvent
-CVE-2006-1907 (Multiple SQL injection vulnerabilities in myEvent 1.x allow remote ...)
+CVE-2006-1907
 	NOT-FOR-US: myEvent
-CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in jjgan852 ...)
+CVE-2006-1906
 	NOT-FOR-US: phpLister
-CVE-2006-1905 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...)
+CVE-2006-1905
 	- xine-ui 0.99.4-1 (bug #363370; unimportant)
 	NOTE: This is a non-issue: An attacker would need to trick the user into opening
 	NOTE: an MP3 file with a very obviously manipulated filename containing the shellcode
-CVE-2006-1904 (Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis ...)
+CVE-2006-1904
 	NOT-FOR-US: AnimeGenesis Gallery
-CVE-2006-1903 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila ...)
+CVE-2006-1903
 	NOT-FOR-US: UserLand Manila
-CVE-2006-1902 (fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 ...)
+CVE-2006-1902
 	- gcc-4.1 4.1.0-2 (bug #356896; unimportant)
 	NOTE: Turned out to be a non-issue
-CVE-2006-1901 (Mozilla Camino 1.0 and earlier allow remote attackers to cause a ...)
+CVE-2006-1901
 	NOT-FOR-US: Mozilla Camino
-CVE-2006-1900 (Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya ...)
+CVE-2006-1900
 	- amaya 9.51-1 (bug #362575; medium)
-CVE-2006-1899 (Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog ...)
+CVE-2006-1899
 	NOT-FOR-US: Neuron Blog
-CVE-2006-1898 (Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper ...)
+CVE-2006-1898
 	NOT-FOR-US: Tiny PHP Forum
-CVE-2006-1897 (Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for &quot;Script ...)
+CVE-2006-1897
 	NOT-FOR-US: Webplus (aka talentsoft) Web+Shop
-CVE-2006-1896 (Unspecified vulnerability in phpBB allows remote authenticated users ...)
+CVE-2006-1896
 	{DSA-1066-1}
 	- phpbb2 2.0.18-3 (bug #365533; medium)
-CVE-2006-1895 (Direct static code injection vulnerability in includes/template.php in ...)
+CVE-2006-1895
 	- phpbb2 <not-affected> (bug #365535)
-CVE-2006-1894 (Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived ...)
+CVE-2006-1894
 	NOT-FOR-US: RevoBoard / PunBB
-CVE-2006-1893 (Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 ...)
+CVE-2006-1893
 	NOT-FOR-US: ar-blog
-CVE-2006-1892 (avast! 4 Linux Home Edition 1.0.5 allows local users to modify ...)
+CVE-2006-1892
 	NOT-FOR-US: avast! 4 Linux Home Edition
-CVE-2006-1891 (Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard ...)
+CVE-2006-1891
 	NOT-FOR-US: betaboard
-CVE-2006-1890 (Multiple PHP remote file inclusion vulnerabilities in myWebland ...)
+CVE-2006-1890
 	NOT-FOR-US: myWebland
-CVE-2006-1889 (Cross-site scripting (XSS) vulnerability in the search action handler ...)
+CVE-2006-1889
 	NOT-FOR-US: Boardsolution
-CVE-2006-1888 (phpGraphy 0.9.11 and earlier allows remote attackers to bypass ...)
+CVE-2006-1888
 	NOT-FOR-US: phpGraphy
-CVE-2006-1887 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security ...)
+CVE-2006-1887
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2006-1886 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2006-1886
 	NOT-FOR-US: Oracle
-CVE-2006-1885 (Multiple unspecified vulnerabilities in the Reporting Framework ...)
+CVE-2006-1885
 	NOT-FOR-US: Oracle
-CVE-2006-1884 (Unspecified vulnerability in the Oracle Thesaurus Management System ...)
+CVE-2006-1884
 	NOT-FOR-US: Oracle
-CVE-2006-1883 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2006-1883
 	NOT-FOR-US: Oracle
-CVE-2006-1882 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2006-1882
 	NOT-FOR-US: Oracle
-CVE-2006-1881 (Unspecified vulnerability in the Financials for Asia/Pacific component ...)
+CVE-2006-1881
 	NOT-FOR-US: Oracle
-CVE-2006-1880 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2006-1880
 	NOT-FOR-US: Oracle
-CVE-2006-1879 (Multiple unspecified vulnerabilities in the Email Server component in ...)
+CVE-2006-1879
 	NOT-FOR-US: Oracle
-CVE-2006-1878 (Cross-site scripting (XSS) vulnerability in index.php in phpFaber ...)
+CVE-2006-1878
 	NOT-FOR-US: phpFaber TopSites
-CVE-2006-1877 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, ...)
+CVE-2006-1877
 	NOT-FOR-US: Oracle
-CVE-2006-1876 (Unspecified vulnerability in Oracle Database Server 9.2.0.7 and ...)
+CVE-2006-1876
 	NOT-FOR-US: Oracle
-CVE-2006-1875 (Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, ...)
+CVE-2006-1875
 	NOT-FOR-US: Oracle
-CVE-2006-1874 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, ...)
+CVE-2006-1874
 	NOT-FOR-US: Oracle
-CVE-2006-1873 (Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, ...)
+CVE-2006-1873
 	NOT-FOR-US: Oracle
-CVE-2006-1872 (Unspecified vulnerability in Oracle Database Server 9.0.1.5 and ...)
+CVE-2006-1872
 	NOT-FOR-US: Oracle
-CVE-2006-1871 (SQL injection vulnerability in Oracle Database Server 9.2.0.7 and ...)
+CVE-2006-1871
 	NOT-FOR-US: Oracle
-CVE-2006-1870 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, ...)
+CVE-2006-1870
 	NOT-FOR-US: Oracle
-CVE-2006-1869 (Unspecified vulnerability in Oracle Database Server 8.1.7.4 and ...)
+CVE-2006-1869
 	NOT-FOR-US: Oracle
-CVE-2006-1868 (Buffer overflow in the Advanced Replication component in Oracle ...)
+CVE-2006-1868
 	NOT-FOR-US: Oracle
-CVE-2006-1867 (Unspecified vulnerability in Oracle Database Server 9.2.0.6 has ...)
+CVE-2006-1867
 	NOT-FOR-US: Oracle
-CVE-2006-1866 (Multiple unspecified vulnerabilities in Oracle Database Server ...)
+CVE-2006-1866
 	NOT-FOR-US: Oracle
-CVE-2006-1865 (Argument injection vulnerability in Beagle before 0.2.5 allows ...)
+CVE-2006-1865
 	- beagle 0.2.6-2 (bug #365371; medium)
-CVE-2006-1864 (Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier ...)
+CVE-2006-1864
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-1863 (Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier ...)
+CVE-2006-1863
 	{DSA-1103}
 	- linux-2.6 2.6.16-10
-CVE-2006-1862 (The virtual memory implementation in Linux kernel 2.6.x allows local ...)
+CVE-2006-1862
 	- linux-2.6 <not-affected> (seems to be RedHat-specific)
-CVE-2006-1861 (Multiple integer overflows in FreeType before 2.2 allow remote ...)
+CVE-2006-1861
 	{DSA-1095-1}
 	- freetype 2.2.1-1
-CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows ...)
+CVE-2006-1860
 	- linux-2.6 2.6.16-14
-CVE-2006-1859 (Memory leak in __setlease in fs/locks.c in Linux kernel before ...)
+CVE-2006-1859
 	- linux-2.6 2.6.16-14
-CVE-2006-1858 (SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause ...)
+CVE-2006-1858
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-14
-CVE-2006-1857 (Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote ...)
+CVE-2006-1857
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-14
-CVE-2006-1856 (Certain modifications to the Linux kernel 2.6.16 and earlier do not ...)
+CVE-2006-1856
 	{DSA-1184-2}
 	- linux-2.6 2.6.16-12
-CVE-2006-1855 (choose_new_parent in Linux kernel before 2.6.11.12 includes certain ...)
+CVE-2006-1855
 	{DSA-1184-2}
 	NOTE: probably fixed before, but this is the oldest linux-2.6 in the changelog
 	- linux-2.6 2.6.12-1
-CVE-2006-1854 (** DISPUTED ** ...)
+CVE-2006-1854
 	NOT-FOR-US: BluePay Manager
-CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier ...)
+CVE-2006-1853
 	NOT-FOR-US: ModernBill
-CVE-2006-1852 (SQL injection vulnerability in category.php in Article Publisher Pro ...)
+CVE-2006-1852
 	NOT-FOR-US: Article Publisher Pro
-CVE-2006-1851 (xFlow 5.46.11 and earlier allows remote attackers to determine the ...)
+CVE-2006-1851
 	NOT-FOR-US: xFlow
-CVE-2006-1850 (Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 ...)
+CVE-2006-1850
 	NOT-FOR-US: xFlow
-CVE-2006-1849 (Multiple SQL injection vulnerabilities in members_only/index.cgi in ...)
+CVE-2006-1849
 	NOT-FOR-US: xFlow
-CVE-2006-1848 (Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php ...)
+CVE-2006-1848
 	NOT-FOR-US: LinPHA
-CVE-2006-1847 (SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 ...)
+CVE-2006-1847
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-1846 (Cross-site scripting (XSS) vulnerability in the Your_Account module in ...)
+CVE-2006-1846
 	NOT-FOR-US: PHP-Nuke
 CVE-2006-1845
 	REJECTED
-CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2) base-config ...)
+CVE-2006-1844
 	[sarge] - shadow 1:4.0.3-31sarge8
 	[sarge] - base-config <not-affected>
 	NOTE: The installer is fixed separately, but the postinst of the shadow update
@@ -12182,222 +12182,222 @@ CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2) base-confi
 	NOTE: seems to be a duplicate of CVE-2006-1376
 	- shadow 1:4.0.14-9 (bug #358210; bug #356939)
 	- base-config 2.68 (bug #254068; low)
-CVE-2006-1843 (Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK ...)
+CVE-2006-1843
 	NOT-FOR-US: ShoutBOOK
-CVE-2006-1842 (Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK ...)
+CVE-2006-1842
 	NOT-FOR-US: ShoutBOOK
-CVE-2006-1841 (Cross-site scripting (XSS) vulnerability in search.php in boastMachine ...)
+CVE-2006-1841
 	NOT-FOR-US: boastMachine
-CVE-2006-1840 (Multiple format string vulnerabilities in Empire Server before 4.3.1 ...)
+CVE-2006-1840
 	NOT-FOR-US: Wolfpack Empire Server (vms-empire in Debian is a different game)
-CVE-2006-1839 (PHP remote file inclusion vulnerability in language.php in PHP Album ...)
+CVE-2006-1839
 	NOT-FOR-US: PHP Album
-CVE-2006-1838 (edit_kategorie.php in Fuju News 1.0 allows remote attackers to bypass ...)
+CVE-2006-1838
 	NOT-FOR-US: Fuju News
-CVE-2006-1837 (SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows ...)
+CVE-2006-1837
 	NOT-FOR-US: Fuju News
-CVE-2006-1836 (Untrusted search path vulnerability in unspecified components in ...)
+CVE-2006-1836
 	NOT-FOR-US: Symantec LiveUpdate
-CVE-2006-1835 (Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix ...)
+CVE-2006-1835
 	NOT-FOR-US: Calendarix
-CVE-2006-1834 (Integer signedness error in Opera before 8.54 allows remote attackers ...)
+CVE-2006-1834
 	NOT-FOR-US: Opera
-CVE-2006-1833 (Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the ...)
+CVE-2006-1833
 	NOT-FOR-US: NetBSD
-CVE-2006-1832 (sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the ...)
+CVE-2006-1832
 	NOT-FOR-US: sysinfo
-CVE-2006-1831 (Direct static code injection vulnerability in sysinfo.cgi in sysinfo ...)
+CVE-2006-1831
 	NOT-FOR-US: sysinfo
-CVE-2006-1830 (Sun Java Studio Enterprise 8, when installed as root, creates certain ...)
+CVE-2006-1830
 	NOT-FOR-US: Sun Java Studio Enterprise
-CVE-2006-1829 (EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote ...)
+CVE-2006-1829
 	NOT-FOR-US: EAServer Manager in Sybase EAServer
-CVE-2006-1828 (SQL injection vulnerability in php121language.php in PHP121 1.4 allows ...)
+CVE-2006-1828
 	NOT-FOR-US: PHP121
-CVE-2006-1827 (Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and ...)
+CVE-2006-1827
 	{DSA-1048-1}
 	- asterisk 1:1.2.7.1.dfsg-1 (bug #364195; medium)
 	[sarge] - asterisk 1:1.0.7.dfsg.1-2sarge2 (bug #364195; medium)
 	[woody] - asterisk 0.1.11-3woody1 (bug #364195; medium)
-CVE-2006-1826 (Multiple cross-site scripting (XSS) vulnerabilities in Snipe Gallery ...)
+CVE-2006-1826
 	NOT-FOR-US: Snipe Gallery
-CVE-2006-1825 (Cross-site scripting (XSS) vulnerability in index.php in phpLinks ...)
+CVE-2006-1825
 	NOT-FOR-US: phpLinks
-CVE-2006-1824 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-1824
 	NOT-FOR-US: PhpGuestbook
-CVE-2006-1823 (Directory traversal vulnerability in FarsiNews 2.5.3 Pro and earlier ...)
+CVE-2006-1823
 	NOT-FOR-US: FarsiNews
-CVE-2006-1822 (Cross-site scripting (XSS) vulnerability in search.php in FarsiNews ...)
+CVE-2006-1822
 	NOT-FOR-US: FarsiNews
-CVE-2006-1821 (Directory traversal vulnerability in index.php in ModX 0.9.1 allows ...)
+CVE-2006-1821
 	NOT-FOR-US: ModX CMS
-CVE-2006-1820 (Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 ...)
+CVE-2006-1820
 	NOT-FOR-US: ModX CMS
-CVE-2006-1819 (Directory traversal vulnerability in the loadConfig function in ...)
+CVE-2006-1819
 	NOT-FOR-US: phpWebSite
-CVE-2006-1818 (Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS ...)
+CVE-2006-1818
 	NOT-FOR-US: warforge.NEWS
-CVE-2006-1817 (SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, ...)
+CVE-2006-1817
 	NOT-FOR-US: warforge.NEWS
-CVE-2006-1816 (PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and ...)
+CVE-2006-1816
 	NOT-FOR-US: VBulletin
-CVE-2006-1815 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
+CVE-2006-1815
 	NOT-FOR-US: Tritanium Bulletin Board
-CVE-2006-1814 (NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of ...)
+CVE-2006-1814
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1813 (Directory traversal vulnerability in index.php in phpWebFTP 3.2 and ...)
+CVE-2006-1813
 	NOT-FOR-US: phpWebFTP
-CVE-2006-1812 (phpWebFTP 3.2 and earlier stores script.js under the web document root ...)
+CVE-2006-1812
 	NOT-FOR-US: phpWebFTP
-CVE-2006-1811 (Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow ...)
+CVE-2006-1811
 	NOT-FOR-US: FlexBB
-CVE-2006-1810 (Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 ...)
+CVE-2006-1810
 	NOT-FOR-US: FlexBB
-CVE-2006-1809 (index.php in Lifetype 1.0.3 allows remote attackers to obtain ...)
+CVE-2006-1809
 	NOT-FOR-US: Lifetype
-CVE-2006-1808 (Cross-site scripting (XSS) vulnerability in index.php in Lifetype ...)
+CVE-2006-1808
 	NOT-FOR-US: Lifetype
-CVE-2006-1807 (Multiple SQL injection vulnerabilities in index.php in Musicbox 2.3.3 ...)
+CVE-2006-1807
 	NOT-FOR-US: Musicbox
-CVE-2006-1806 (Cross-site scripting (XSS) vulnerability in index.php in Musicbox ...)
+CVE-2006-1806
 	NOT-FOR-US: Musicbox
-CVE-2006-1805 (SQL injection vulnerability in member.php in PowerClan 1.14 allows ...)
+CVE-2006-1805
 	NOT-FOR-US: PowerClan
-CVE-2006-1804 (SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows ...)
+CVE-2006-1804
 	- phpmyadmin 4:2.8.1-1 (bug #363519; low)
 	[sarge] - phpmyadmin <not-affected>
-CVE-2006-1803 (Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin ...)
+CVE-2006-1803
 	- phpmyadmin 4:2.8.1-1 (bug #363519; low)
 	[sarge] - phpmyadmin <not-affected> (CSRF code not present in Sarge, too intrusive to backport)
 	NOTE: maintainer considers this not-affected.
-CVE-2006-1802 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2006-1802
 	NOT-FOR-US: TinyWebGallery
-CVE-2006-1801 (Cross-site scripting (XSS) vulnerability in planetsearchplus.php in ...)
+CVE-2006-1801
 	NOT-FOR-US: planetSearch+
-CVE-2006-1800 (Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 ...)
+CVE-2006-1800
 	NOT-FOR-US: SimpleBBS
-CVE-2006-1799 (censtore.cgi in Censtore 7.3.002 and earlier allows remote attackers ...)
+CVE-2006-1799
 	NOT-FOR-US: Censtore
-CVE-2006-1798 (SQL injection vulnerability in rateit.php in RateIt 2.2 allows remote ...)
+CVE-2006-1798
 	NOT-FOR-US: RateIt
-CVE-2006-1797 (The kernel in NetBSD-current before September 28, 2005 allows local ...)
+CVE-2006-1797
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1796 (Cross-site scripting (XSS) vulnerability in the paging links ...)
+CVE-2006-1796
 	- wordpress 2.0.1 (bug #328909)
-CVE-2006-1795 (Cross-site scripting (XSS) vulnerability in tablepublisher.cgi in UPDI ...)
+CVE-2006-1795
 	NOT-FOR-US: UPDI Network Enterprise
-CVE-2006-1794 (SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly ...)
+CVE-2006-1794
 	NOTE: only in experimental
 	- mambo 4.5.3h-1 (bug #354468)
-CVE-2006-1793 (Directory traversal vulnerability in runCMS 1.2 and earlier allows ...)
+CVE-2006-1793
 	NOT-FOR-US: runCMS
-CVE-2006-1792 (Unspecified vulnerability in the POP service in MailEnable Standard ...)
+CVE-2006-1792
 	NOT-FOR-US: MailEnable
-CVE-2006-1791 (Directory traversal vulnerability in acc.php in QuickBlogger 1.4 ...)
+CVE-2006-1791
 	NOT-FOR-US: QuickBlogger
-CVE-2006-1790 (A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to ...)
+CVE-2006-1790
 	{DSA-1051-1 DSA-1046-1}
 	- firefox 1.5
 	- mozilla-firefox <not-affected> (problematic fix not backported into 1.0.4-2sarge5)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- thunderbird 1.5.0.2-1
 	- mozilla 2:1.7.13-0.1
-CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php in ...)
+CVE-2006-1789
 	NOT-FOR-US: pajax
-CVE-2006-1788 (Adobe Document Server for Reader Extensions 6.0, during log on, ...)
+CVE-2006-1788
 	NOT-FOR-US: Adobe
-CVE-2006-1787 (Adobe Document Server for Reader Extensions 6.0 includes a user's ...)
+CVE-2006-1787
 	NOT-FOR-US: Adobe
-CVE-2006-1786 (Cross-site scripting (XSS) vulnerability in Adobe Document Server for ...)
+CVE-2006-1786
 	NOT-FOR-US: Adobe
-CVE-2006-1785 (Adobe Document Server for Reader Extensions 6.0 allows remote ...)
+CVE-2006-1785
 	NOT-FOR-US: Adobe
-CVE-2006-1784 (PHP remote file inclusion vulnerability in admin/configset.php in ...)
+CVE-2006-1784
 	NOT-FOR-US: Sphider
-CVE-2006-1783 (Cross-site scripting (XSS) vulnerability in PatroNet CMS allows remote ...)
+CVE-2006-1783
 	NOT-FOR-US: PatroNet CMS
-CVE-2006-1782 (Unspecified vulnerability in Solaris 8 and 9 allows local users to ...)
+CVE-2006-1782
 	NOT-FOR-US: Sun Solaris
-CVE-2006-1781 (PHP remote file inclusion vulnerability in functions.php in Circle R ...)
+CVE-2006-1781
 	NOT-FOR-US: Circle R Monster Top List
-CVE-2006-1780 (The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to ...)
+CVE-2006-1780
 	NOT-FOR-US: Sun Solaris
-CVE-2006-1779 (Cross-site scripting (XSS) vulnerability in login.php in Jeremy ...)
+CVE-2006-1779
 	NOT-FOR-US: Simplog
-CVE-2006-1778 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog ...)
+CVE-2006-1778
 	NOT-FOR-US: Simplog
-CVE-2006-1777 (Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft ...)
+CVE-2006-1777
 	NOT-FOR-US: Simplog
-CVE-2006-1776 (PHP remote file inclusion vulnerability in doc/index.php in Jeremy ...)
+CVE-2006-1776
 	NOT-FOR-US: Simplog
-CVE-2006-1775 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 ...)
+CVE-2006-1775
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: Only exploitable by authenticated admin users
-CVE-2006-1774 (HP System Management Homepage (SMH) 2.1.3.132, when running on ...)
+CVE-2006-1774
 	NOT-FOR-US: HP System Management Homepage
-CVE-2006-1773 (SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 ...)
+CVE-2006-1773
 	NOT-FOR-US: PHPKIT
-CVE-2006-1772 (debconf in Debian GNU/Linux, when configuring mnogosearch in the ...)
+CVE-2006-1772
 	- mnogosearch 3.2.37-3.1 (bug #361775)
 	[sarge] - mnogosearch <no-dsa> (Minor issue)
-CVE-2006-1771 (Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH ...)
+CVE-2006-1771
 	NOT-FOR-US: SAXoPRESS
-CVE-2006-1770 (Multiple PHP remote file inclusion vulnerabilities in Azerbaijan ...)
+CVE-2006-1770
 	NOT-FOR-US: AzDGVote
-CVE-2006-1769 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila ...)
+CVE-2006-1769
 	NOT-FOR-US: UserLand Manila
-CVE-2006-1768 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
+CVE-2006-1768
 	NOT-FOR-US: Tritanium Bulletin Board
-CVE-2006-1767 (Multiple PHP remote file inclusion vulnerabilities in nicecoder.com ...)
+CVE-2006-1767
 	NOT-FOR-US: INDEXU
-CVE-2006-1766 (Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and ...)
+CVE-2006-1766
 	NOT-FOR-US: Papoo
-CVE-2006-1765 (Cross-site scripting (XSS) vulnerability in index.php in JBook 1.3 ...)
+CVE-2006-1765
 	NOT-FOR-US: JBook
-CVE-2006-1764 (Hosting Controller 6.1 stores forum/db/forum.mdb under the web ...)
+CVE-2006-1764
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1763 (Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 ...)
+CVE-2006-1763
 	NOT-FOR-US: blur6ex
-CVE-2006-1762 (Directory traversal vulnerability in index.php in blur6ex 0.3.452 ...)
+CVE-2006-1762
 	NOT-FOR-US: blur6ex
-CVE-2006-1761 (Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 ...)
+CVE-2006-1761
 	NOT-FOR-US: blur6ex
-CVE-2006-1760 (Multiple cross-site scripting (XSS) vulnerabilities in JetPhoto allow ...)
+CVE-2006-1760
 	NOT-FOR-US: JetPhoto
-CVE-2006-1759 (Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in ...)
+CVE-2006-1759
 	NOT-FOR-US: SWSoft Confixx
-CVE-2006-1758 (SQL injection vulnerability in index.php in Vegadns 0.99 allows remote ...)
+CVE-2006-1758
 	NOT-FOR-US: Vegadns
-CVE-2006-1757 (Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 ...)
+CVE-2006-1757
 	NOT-FOR-US: Vegadns
-CVE-2006-1756 (MD News 1 allows remote attackers to bypass authentication via a ...)
+CVE-2006-1756
 	NOT-FOR-US: MD News 1
-CVE-2006-1755 (SQL injection vulnerability in admin.php in MD News 1 allows remote ...)
+CVE-2006-1755
 	NOT-FOR-US: MD News 1
-CVE-2006-1754 (SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, ...)
+CVE-2006-1754
 	NOT-FOR-US: SWSoft Confixx
-CVE-2006-1753 (A cron job in fcheck before 2.7.59 allows local users to overwrite ...)
+CVE-2006-1753
 	{DSA-1035-1}
 	- fcheck 2.7.59-8
-CVE-2006-1752 (Multiple cross-site scripting (XSS) vulnerabilities in the backend in ...)
+CVE-2006-1752
 	NOT-FOR-US: MvBlog
-CVE-2006-1751 (Multiple SQL injection vulnerabilities in MvBlog before 1.6 allow ...)
+CVE-2006-1751
 	NOT-FOR-US: MvBlog
-CVE-2006-1750 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-1750
 	NOT-FOR-US: Autogallery
-CVE-2006-1749 (PHP remote file inclusion vulnerability in config.php in phpListPro ...)
+CVE-2006-1749
 	NOT-FOR-US: phpListPro
-CVE-2006-1748 (Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows ...)
+CVE-2006-1748
 	NOT-FOR-US: XMB Forum
-CVE-2006-1747 (PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 ...)
+CVE-2006-1747
 	NOT-FOR-US: Virtual War
-CVE-2006-1746 (Directory traversal vulnerability in PHPList 2.10.2 and earlier allows ...)
+CVE-2006-1746
 	NOT-FOR-US: PHPList
-CVE-2006-1745 (Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 ...)
+CVE-2006-1745
 	NOT-FOR-US: Bitweaver
-CVE-2006-1743 (Multiple SQL injection vulnerabilities in form.php in JBook 1.4 allow ...)
+CVE-2006-1743
 	NOT-FOR-US: JBook
-CVE-2006-1742 (The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before ...)
+CVE-2006-1742
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
@@ -12407,69 +12407,69 @@ CVE-2006-1742 (The JavaScript engine in Mozilla Firefox and Thunderbird 1.x befo
 	- xulrunner 1.8.0.1-9
 	NOTE: The Mozilla Foundation labels this as "critical", but it's not
 	NOTE: clear if this bug is exploitable.
-CVE-2006-1741 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite ...)
+CVE-2006-1741
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1740 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite ...)
+CVE-2006-1740
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla 2:1.7.13-0.1 (low)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1739 (The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x ...)
+CVE-2006-1739
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1738 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...)
+CVE-2006-1738
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1737 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and ...)
+CVE-2006-1737
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1736 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite ...)
+CVE-2006-1736
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla 2:1.7.13-0.1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
-CVE-2006-1735 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
+CVE-2006-1735
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla 2:1.7.13-0.1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
-CVE-2006-1734 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
+CVE-2006-1734
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla 2:1.7.13-0.1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
-CVE-2006-1733 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
+CVE-2006-1733
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla 2:1.7.13-0.1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
-CVE-2006-1732 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...)
+CVE-2006-1732
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
@@ -12477,14 +12477,14 @@ CVE-2006-1732 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
 	- xulrunner 1.8.0.1-9
-CVE-2006-1731 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
+CVE-2006-1731
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1730 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ...)
+CVE-2006-1730
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (high)
@@ -12494,7 +12494,7 @@ CVE-2006-1730 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.
 	NOTE: MFSA2006-22 says that it is not clear whether Thunderbird is
 	NOTE: exploitable in the default configuration.
 	- xulrunner 1.8.0.1-9
-CVE-2006-1729 (Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla ...)
+CVE-2006-1729
 	{DSA-1134-1 DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (medium)
@@ -12502,7 +12502,7 @@ CVE-2006-1729 (Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozill
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
 	- xulrunner 1.8.0.1-9
 	NOTE: Can likely be used to steal OpenSSH keys and the like.
-CVE-2006-1728 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...)
+CVE-2006-1728
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (high)
@@ -12510,7 +12510,7 @@ CVE-2006-1728 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
 	- xulrunner 1.8.0.1-9
-CVE-2006-1727 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...)
+CVE-2006-1727
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (medium)
@@ -12520,16 +12520,16 @@ CVE-2006-1727 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x
 	- xulrunner 1.8.0.1-9
 	NOTE: If print preview (and this bug) can be triggered from JavaScript,
 	NOTE: the urgency should probably be raised.
-CVE-2006-1726 (Unspecified vulnerability in Firefox and Thunderbird 1.5 before ...)
+CVE-2006-1726
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	- xulrunner 1.8.0.1-9
 	NOTE: New bug in Firefox 1.5.
-CVE-2006-1725 (Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes ...)
+CVE-2006-1725
 	- firefox 1.5.dfsg+1.5.0.2-1 (low)
 	- xulrunner 1.8.0.1-9
 	NOTE: New bug in Firefox 1.5.
-CVE-2006-1724 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...)
+CVE-2006-1724
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla <removed> (medium)
@@ -12539,7 +12539,7 @@ CVE-2006-1724 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1723 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...)
+CVE-2006-1723
 	{DSA-1051-1 DSA-1046-1}
 	- firefox 1.5.dfsg+1.5.0.2 (medium)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
@@ -12547,434 +12547,434 @@ CVE-2006-1723 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0
 	- thunderbird 1.5.0.2-1 (low)
 	- xulrunner 1.8.0.1-9
 	NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459
-CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 ...)
+CVE-2006-1722
 	NOT-FOR-US: ShopXS
-CVE-2006-1721 (digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer ...)
+CVE-2006-1721
 	{DSA-1042-1}
 	- cyrus-sasl2 2.1.19.dfsg1-0.2 (bug #361937; low)
 	- cyrus-sasl2-mit <not-affected> (does not install digest-md5)
-CVE-2006-1720 (Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson ...)
+CVE-2006-1720
 	NOT-FOR-US: SaphpLesson
-CVE-2006-1719 (Internet Explorer 6 allows remote attackers to cause a denial of ...)
+CVE-2006-1719
 	NOT-FOR-US: Internet Explorer
-CVE-2006-1718 (Magus Perde Clever Copy 3.0 and earlier stores sensitive information ...)
+CVE-2006-1718
 	NOT-FOR-US: Clever Copy
-CVE-2006-1717 (Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka ...)
+CVE-2006-1717
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1716 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
+CVE-2006-1716
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1715 (Multiple directory traversal vulnerabilities in Christian Kindahl ...)
+CVE-2006-1715
 	NOT-FOR-US: TUGZip
-CVE-2006-1714 (CRLF injection vulnerability in index.php in Christoph Roeder ...)
+CVE-2006-1714
 	NOT-FOR-US: phpMyForum
-CVE-2006-1713 (Cross-site scripting (XSS) vulnerability in index.php in Christoph ...)
+CVE-2006-1713
 	NOT-FOR-US: phpMyForum
-CVE-2006-1710 (SQL injection vulnerability in admin.php in Design Nation DNGuestbook ...)
+CVE-2006-1710
 	NOT-FOR-US: DNGuestbook
-CVE-2006-1744 (Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows ...)
+CVE-2006-1744
 	{DSA-1036-1}
 	- bsdgames 2.17-7 (bug #360989)
-CVE-2006-1712 (Cross-site scripting (XSS) vulnerability in the private archive script ...)
+CVE-2006-1712
 	- mailman 0:2.1.7-2.1.8rc1-1
 	[sarge] - mailman <not-affected> (Only affects Mailman 2.1.7)
-CVE-2006-1711 (Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) ...)
+CVE-2006-1711
 	{DSA-1032-1}
 	- zope-cmfplone 2.1.2-2
-CVE-2006-1709 (Cross-site scripting (XSS) vulnerability in shop_main.cgi in ...)
+CVE-2006-1709
 	NOT-FOR-US: interaktiv.shop
-CVE-2006-1708 (SQL injection vulnerability in member.php in Clansys 1.1 allows remote ...)
+CVE-2006-1708
 	NOT-FOR-US: Clansys
-CVE-2006-1707 (index.php in Shopweezle 2.0 allows remote attackers to include ...)
+CVE-2006-1707
 	NOT-FOR-US: Shopweezle
-CVE-2006-1706 (Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote ...)
+CVE-2006-1706
 	NOT-FOR-US: Shopweezle
-CVE-2006-1705 (Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with &quot;SELECT&quot; ...)
+CVE-2006-1705
 	NOT-FOR-US: Oracle
-CVE-2006-1704 (Sire 2.0 nws allows remote attackers to upload arbitrary image files ...)
+CVE-2006-1704
 	NOT-FOR-US: Sire 2.0 nws
-CVE-2006-1703 (PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws ...)
+CVE-2006-1703
 	NOT-FOR-US: Sire 2.0 nws
-CVE-2006-1702 (PHP remote file inclusion vulnerability in spip_login.php3 in SPIP ...)
+CVE-2006-1702
 	- spip 2.0.6-1
-CVE-2006-1701 (Cross-site scripting (XSS) vulnerability in the Pages module in ...)
+CVE-2006-1701
 	NOT-FOR-US: Shadowed Portal
-CVE-2006-1700 (Buy.php in Aweb Scripts Seller uses predictable cookies for ...)
+CVE-2006-1700
 	NOT-FOR-US: Aweb Scripts Seller
-CVE-2006-1699 (Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner ...)
+CVE-2006-1699
 	NOT-FOR-US: Aweb Banner
-CVE-2006-1698 (Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook ...)
+CVE-2006-1698
 	NOT-FOR-US: Matt Wright Guestbook
-CVE-2006-1697 (Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook ...)
+CVE-2006-1697
 	NOT-FOR-US: Matt Wright Guestbook
-CVE-2006-1696 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 ...)
+CVE-2006-1696
 	- gallery 1.5.3-1 (bug #361758)
-CVE-2006-1695 (The fbgs script in the fbi package 2.01-1.4, when the TMPDIR ...)
+CVE-2006-1695
 	{DSA-1068-1}
 	- fbi 2.05-1 (bug #361370)
-CVE-2006-1694 (SQL injection vulnerability in members.php in XBrite Members 1.1 and ...)
+CVE-2006-1694
 	NOT-FOR-US: XBrite Members
-CVE-2006-1693 (Unspecified vulnerability in GlobalSCAPE Secure FTP Server before ...)
+CVE-2006-1693
 	NOT-FOR-US: GlobalSCAPE Secure FTP Server
-CVE-2006-1692 (Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow ...)
+CVE-2006-1692
 	NOT-FOR-US: MWNewsletter
-CVE-2006-1691 (SQL injection vulnerability in MWNewsletter 1.0.0b allows remote ...)
+CVE-2006-1691
 	NOT-FOR-US: MWNewsletter
-CVE-2006-1690 (Cross-site scripting (XSS) vulnerability in subscribe.php in ...)
+CVE-2006-1690
 	NOT-FOR-US: MWNewsletter
-CVE-2006-1689 (Unspecified vulnerability in su in HP HP-UX B.11.11, when using the ...)
+CVE-2006-1689
 	NOT-FOR-US: HP-UX
-CVE-2006-1688 (Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and ...)
+CVE-2006-1688
 	NOT-FOR-US: SQuery / Autonomous LAN party
-CVE-2006-1687 (Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 ...)
+CVE-2006-1687
 	NOT-FOR-US: APT-webshop-system
-CVE-2006-1686 (Unspecified vulnerability in modules.php in APT-webshop-system 4.0 ...)
+CVE-2006-1686
 	NOT-FOR-US: APT-webshop-system
-CVE-2006-1685 (Multiple SQL injection vulnerabilities in modules.php in ...)
+CVE-2006-1685
 	NOT-FOR-US: APT-webshop-system
-CVE-2006-1684 (Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier ...)
+CVE-2006-1684
 	NOT-FOR-US: ecotwo Shopsystem
-CVE-2006-1683 (SQL injection vulnerability in admin/login.php in Chipmunk Guestbook ...)
+CVE-2006-1683
 	NOT-FOR-US: Chipmunk Guestbook
-CVE-2006-1682 (Cross-site scripting (XSS) vulnerability in webplus.exe in TalentSoft ...)
+CVE-2006-1682
 	NOT-FOR-US: TalentSoft Web+Shop
-CVE-2006-1681 (Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and ...)
+CVE-2006-1681
 	- cherokee 0.5.1-1
-CVE-2006-1680 (Jupiter CMS 1.1.5, when display_errors is enabled, allows remote ...)
+CVE-2006-1680
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-1679 (Cross-site scripting (XSS) vulnerability in modules/online.php in ...)
+CVE-2006-1679
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-1678 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2006-1678
 	{DSA-1207-1}
 	- phpmyadmin 4:2.8.0.3-1 (bug #362567)
-CVE-2006-1677 (MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before ...)
+CVE-2006-1677
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-1676 (SQL injection vulnerability in the display function in the Topics ...)
+CVE-2006-1676
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-1675 (Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery ...)
+CVE-2006-1675
 	NOT-FOR-US: PHPWebGallery
-CVE-2006-1674 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+CVE-2006-1674
 	NOT-FOR-US: PHPWebGallery
-CVE-2006-1673 (Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard ...)
+CVE-2006-1673
 	NOT-FOR-US: Dark_Wizard vBug Tracker
-CVE-2006-1672 (The installation of Cisco Transport Controller (CTC) for Cisco Optical ...)
+CVE-2006-1672
 	NOT-FOR-US: Cisco
-CVE-2006-1671 (Control cards for Cisco Optical Networking System (ONS) 15000 series ...)
+CVE-2006-1671
 	NOT-FOR-US: Cisco
-CVE-2006-1670 (Control cards for Cisco Optical Networking System (ONS) 15000 series ...)
+CVE-2006-1670
 	NOT-FOR-US: Cisco
-CVE-2006-1669 (SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team ...)
+CVE-2006-1669
 	NOT-FOR-US: PHPMyChat
-CVE-2006-1668 (newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka ...)
+CVE-2006-1668
 	NOT-FOR-US: Crafty Syntax Image Gallery
-CVE-2006-1667 (SQL injection vulnerability in slides.php in Eric Gerdes Crafty Syntax ...)
+CVE-2006-1667
 	NOT-FOR-US: Crafty Syntax Image Gallery
-CVE-2006-1666 (SQL injection vulnerability in forum.php in Arab Portal 2.0.1 stable ...)
+CVE-2006-1666
 	NOT-FOR-US: Arab Portal
-CVE-2006-1665 (Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal ...)
+CVE-2006-1665
 	NOT-FOR-US: Arab Portal
-CVE-2006-1664 (Buffer overflow in xine_list_delete_current in libxine 1.14 and ...)
+CVE-2006-1664
 	- xine-lib <not-affected> (Not reproducible with Debian version, see bug #363127)
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
 CVE-2006-1663
 	REJECTED
-CVE-2006-1662 (The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote ...)
+CVE-2006-1662
 	NOT-FOR-US: Limbo CMS
-CVE-2006-1661 (Multiple cross-site scripting (XSS) vulnerabilities in SKForum 1.5 and ...)
+CVE-2006-1661
 	NOT-FOR-US: SKForum
-CVE-2006-1660 (Cross-site scripting (XSS) vulnerability in image_desc.php in Softbiz ...)
+CVE-2006-1660
 	NOT-FOR-US: Softbiz Image Gallery
-CVE-2006-1659 (Multiple SQL injection vulnerabilities in Softbiz Image Gallery allow ...)
+CVE-2006-1659
 	NOT-FOR-US: Softbiz Image Gallery
-CVE-2006-1658 (Direct static code injection vulnerability in ticker.db.php in Chucky ...)
+CVE-2006-1658
 	NOT-FOR-US: Chucky A. Ivey N.T.
-CVE-2006-1657 (Cross-site scripting (XSS) vulnerability in index.php in Chucky ...)
+CVE-2006-1657
 	NOT-FOR-US: Chucky A. Ivey N.T.
 CVE-2006-XXXX [linphone insecure password leakage]
 	- linphone 1.3.5-1 (bug #361913)
-CVE-2006-1656 (vserver in util-vserver 0.30.209 executes a command as root when the ...)
+CVE-2006-1656
 	- util-vserver 0.30.210-1 (bug #360438; unimportant)
-CVE-2006-1655 (Multiple buffer overflows in mpg123 0.59r allow user-assisted ...)
+CVE-2006-1655
 	{DSA-1074-1}
 	- mpg123 0.59r-22 (bug #361863)
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2006-1654 (Directory traversal vulnerability in the HP Color LaserJet 2500 ...)
+CVE-2006-1654
 	NOT-FOR-US: HP Colour LaserJet 2500 and 4600 Toolbox
-CVE-2006-1653 (PHP remote file inclusion vulnerability in loadkernel.php in ...)
+CVE-2006-1653
 	NOT-FOR-US: AngelineCMS
-CVE-2006-1652 (Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and ...)
+CVE-2006-1652
 	NOT-FOR-US: UltraVNC
-CVE-2006-1651 (** DISPUTED ** ...)
+CVE-2006-1651
 	NOT-FOR-US: MS ISA
-CVE-2006-1650 (Firefox 1.5.0.1 allows remote attackers to spoof the address bar and ...)
+CVE-2006-1650
 	NOTE: other reports indicate that Firefox is not vulnerable
-CVE-2006-1649 (The &quot;restore to&quot; selection in the &quot;quarantine a file&quot; capability of ...)
+CVE-2006-1649
 	NOT-FOR-US: Eset Software NOD32 Antivirus 2.5
-CVE-2006-1648 (SMART SynchronEyes Student and Teacher 6.0, and possibly earlier ...)
+CVE-2006-1648
 	NOT-FOR-US: SMART SynchronEyes
-CVE-2006-1647 (An unspecified &quot;logical programming mistake&quot; in SMART SynchronEyes ...)
+CVE-2006-1647
 	NOT-FOR-US: SMART SynchronEyes
-CVE-2006-1646 (The Internet Key Exchange version 1 (IKEv1) implementation ...)
+CVE-2006-1646
 	NOT-FOR-US: This is a slightly different racoon version, the Linux fork in Debian was already addressed in CVE-2005-3732
-CVE-2006-1645 (Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav ...)
+CVE-2006-1645
 	NOT-FOR-US: ReloadCMS
-CVE-2006-1644 (login.php in Interact 2.1.1 generates different responses depending on ...)
+CVE-2006-1644
 	NOT-FOR-US: Interact
-CVE-2006-1643 (SQL injection vulnerability in login.php in Interact 2.1.1 allows ...)
+CVE-2006-1643
 	NOT-FOR-US: Interact
-CVE-2006-1642 (Cross-site scripting (XSS) vulnerability in Interact 2.1.1 allows ...)
+CVE-2006-1642
 	NOT-FOR-US: Interact
-CVE-2006-1641 (Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote ...)
+CVE-2006-1641
 	NOT-FOR-US: CzarNews
-CVE-2006-1640 (Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14 ...)
+CVE-2006-1640
 	NOT-FOR-US: CzarNews
-CVE-2006-1639 (SQL injection vulnerability in index.php in wpBlog 0.4 allows remote ...)
+CVE-2006-1639
 	NOT-FOR-US: wpBlog
-CVE-2006-1638 (Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote ...)
+CVE-2006-1638
 	NOT-FOR-US: aWebBB
-CVE-2006-1637 (Multiple cross-site scripting (XSS) vulnerabilities in aWebBB 1.2 ...)
+CVE-2006-1637
 	NOT-FOR-US: aWebBB
-CVE-2006-1636 (PHP remote file inclusion vulnerability in get_header.php in VWar ...)
+CVE-2006-1636
 	NOT-FOR-US: VWar
-CVE-2006-1635 (LucidCMS 2.0.0 RC4 allows remote attackers to obtain sensitive ...)
+CVE-2006-1635
 	NOT-FOR-US: LucidCMS
-CVE-2006-1634 (Cross-site scripting (XSS) vulnerability in index.php in LucidCMS ...)
+CVE-2006-1634
 	NOT-FOR-US: LucidCMS
 CVE-2006-1633
 	RESERVED
 CVE-2006-1632
 	RESERVED
-CVE-2006-1631 (Unspecified vulnerability in the HTTP compression functionality in ...)
+CVE-2006-1631
 	NOT-FOR-US: Cisco
-CVE-2006-1629 (OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute ...)
+CVE-2006-1629
 	{DSA-1045-1}
 	- openvpn 2.0.6-1 (bug #360559; medium)
-CVE-2006-1628 (Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows ...)
+CVE-2006-1628
 	NOT-FOR-US: Adobe LiveCycle
-CVE-2006-1627 (Adobe Document Server for Reader Extensions 6.0 does not provide ...)
+CVE-2006-1627
 	NOT-FOR-US: Adobe Document Server
-CVE-2006-1626 (Internet Explorer 6 for Windows XP SP2 and earlier allows remote ...)
+CVE-2006-1626
 	NOT-FOR-US: Internet Explorer
-CVE-2006-1625 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
+CVE-2006-1625
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1624 (The default configuration of syslogd in the Linux sysklogd package ...)
+CVE-2006-1624
 	- sysklogd <unfixed> (unimportant)
 	NOTE: No sane person will open a network socket for syslog without apropriate
 	NOTE: firewall rules. The default is not to listen to the network.
-CVE-2006-1623 (Unspecified vulnerability in main.php in an unspecified &quot;file created ...)
+CVE-2006-1623
 	NOT-FOR-US: FleXiBle Development
-CVE-2006-1622 (Cross-site scripting (XSS) vulnerability in PHPSelect linksubmit ...)
+CVE-2006-1622
 	NOT-FOR-US: PHPSelect
-CVE-2006-1621 (Directory traversal vulnerability in admin/folders/saveuploadfiles.asp ...)
+CVE-2006-1621
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1620 (admin/accounts/AccountActions.asp in Hosting Controller 2002 RC 1 ...)
+CVE-2006-1620
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1619 (IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote ...)
+CVE-2006-1619
 	NOT-FOR-US: WebSphere
-CVE-2006-1618 (Format string vulnerability in the (1) Con_message and (2) conPrintf ...)
+CVE-2006-1618
 	NOT-FOR-US: Doomsday/deng
-CVE-2006-1617 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced Poll ...)
+CVE-2006-1617
 	NOT-FOR-US: Advanced Poll
-CVE-2006-1616 (Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow ...)
+CVE-2006-1616
 	NOT-FOR-US: Advanced Poll
-CVE-2006-1613 (Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote ...)
+CVE-2006-1613
 	NOT-FOR-US: aWebNews
-CVE-2006-1612 (Multiple cross-site scripting (XSS) vulnerabilities in visview.php in ...)
+CVE-2006-1612
 	NOT-FOR-US: aWebNews
-CVE-2006-1611 (Directory traversal vulnerability in KGB Archiver before 1.1.5.22 ...)
+CVE-2006-1611
 	NOT-FOR-US: KGB Archiver
-CVE-2006-1610 (PHP remote file inclusion vulnerability in lib/armygame.php in SQuery ...)
+CVE-2006-1610
 	NOT-FOR-US: SQuery / Autonomous LAN party
-CVE-2006-1609 (Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, ...)
+CVE-2006-1609
 	NOT-FOR-US: Hitachi XFIT
-CVE-2006-1608 (The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users ...)
+CVE-2006-1608
 	- php4 4:4.4.4-1 (bug #361856; unimportant)
 	- php5 5.1.4-0.1 (bug #361915; unimportant)
 	NOTE: Safe mode violations not supported
-CVE-2006-1607 (Unspecified vulnerability in the banner module in Exponent CMS before ...)
+CVE-2006-1607
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1606 (Unspecified vulnerability in the image module in Exponent CMS before ...)
+CVE-2006-1606
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1605 (Unspecified vulnerability in the image module in Exponent CMS before ...)
+CVE-2006-1605
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1604 (Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has ...)
+CVE-2006-1604
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1603 (Cross-site scripting (XSS) vulnerability in profile.php in phpBB ...)
+CVE-2006-1603
 	- phpbb2 <not-affected> (According to Jeroen a non-issue, see notes)
 	NOTE: <jvw> jmm: unable to everify, the variable in question is only printed
 	NOTE: at one single page, and there it doesn't get taken from GET nor POST in my tests
 	NOTE: <jvw> and, shock, the password isn't saved unhashed in the DB, so having
 	NOTE: javascript in your password can't be exposed otherwise
 	NOTE: <jvw> I'd forget about it unless someone comes with a proof of concept
-CVE-2006-1602 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-1602
 	NOT-FOR-US: PHPNuke Clan
-CVE-2006-1601 (Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 ...)
+CVE-2006-1601
 	NOT-FOR-US: Sun Cluster
-CVE-2006-1600 (SQL injection vulnerability in category.php in PhpWebGallery 1.4.1 ...)
+CVE-2006-1600
 	NOT-FOR-US: PhpWebGallery
-CVE-2006-1599 (Unspecified vulnerability in VCEngine.php in v-creator before ...)
+CVE-2006-1599
 	NOT-FOR-US: v-creator
-CVE-2006-1598 (AN HTTPD 1.42n, and possibly other versions before 1.42p, allows ...)
+CVE-2006-1598
 	NOT-FOR-US: AN HTTPD
 CVE-2006-1597
 	RESERVED
-CVE-2006-1596 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-1596
 	NOT-FOR-US: Claroline
-CVE-2006-1595 (Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in ...)
+CVE-2006-1595
 	NOT-FOR-US: Claroline
-CVE-2006-1594 (Multiple directory traversal vulnerabilities in document/rqmkhtml.php ...)
+CVE-2006-1594
 	NOT-FOR-US: Claroline
-CVE-2006-1593 (The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ...)
+CVE-2006-1593
 	NOT-FOR-US: X-Doom, ZDaemon
 	NOTE: vulnerable functions don't exist in lxdoom, prboom
-CVE-2006-1592 (Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) ...)
+CVE-2006-1592
 	NOT-FOR-US: X-Doom, ZDaemon
 	NOTE: vulnerable functions don't exist in lxdoom, prboom
-CVE-2006-1591 (Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe ...)
+CVE-2006-1591
 	NOT-FOR-US: Microsoft Windows Help
-CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage ...)
+CVE-2006-1590
 	- acidbase 1.2.5-1 (bug #363548; unimportant)
 	[sarge] - acidbase <no-dsa> (Hardly exploitable)
 	- acidlab <removed> (bug #363549; unimportant)
 	[sarge] - acidlab <no-dsa> (Hardly exploitable)
 	NOTE: Not exploitable with the default configuration anyway.
-CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows local ...)
+CVE-2006-1589
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1588 (The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not ...)
+CVE-2006-1588
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1587 (NetBSD 1.6 up to 3.0, when a user has &quot;set record&quot; in .mailrc with the ...)
+CVE-2006-1587
 	NOT-FOR-US: NetBSD
-CVE-2006-1614 (Integer overflow in the cli_scanpe function in the PE header parser ...)
+CVE-2006-1614
 	{DSA-1024-1}
 	- clamav 0.88.1-1
-CVE-2006-1630 (The cli_bitset_set function in libclamav/others.c in Clam AntiVirus ...)
+CVE-2006-1630
 	{DSA-1024-1}
 	- clamav 0.88.1-1
-CVE-2006-1615 (Multiple format string vulnerabilities in the logging code in Clam ...)
+CVE-2006-1615
 	{DSA-1024-1}
 	- clamav 0.88.1-1
-CVE-2006-1586 (SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan ...)
+CVE-2006-1586
 	NOT-FOR-US: Egypt SiteMan
-CVE-2006-1585 (Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote ...)
+CVE-2006-1585
 	NOT-FOR-US: MonAlbum
-CVE-2006-1584 (Unspecified vulnerability in index.php in Warcraft III Replay Parser ...)
+CVE-2006-1584
 	NOT-FOR-US: Warcraft III Replay
-CVE-2006-1583 (Cross-site scripting (XSS) vulnerability in index.php in Warcraft III ...)
+CVE-2006-1583
 	NOT-FOR-US: Warcraft III Replay
-CVE-2006-1582 (Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg ...)
+CVE-2006-1582
 	NOT-FOR-US: Blank'N'Berg
-CVE-2006-1581 (Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 ...)
+CVE-2006-1581
 	NOT-FOR-US: Blank'N'Berg
-CVE-2006-1580 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 ...)
+CVE-2006-1580
 	NOT-FOR-US: Bugzero
-CVE-2006-1579 (SQL injection vulnerability in topics.php in Dynamic Bulletin Board ...)
+CVE-2006-1579
 	NOT-FOR-US: Dynamic Bulletin Board System
-CVE-2006-1578 (Multiple SQL injection vulnerabilities in Keystone Digital Library ...)
+CVE-2006-1578
 	NOT-FOR-US: Keystone Digital Library Suite
-CVE-2006-1577 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-1577
 	{DSA-1133-1}
 	[woody] - mantis <not-affected> (Vulnerable code not present)
 	- mantis 0.19.4-3.1 (bug #361138)
-CVE-2006-1576 (Direct static code injection vulnerability in QLnews 1.2 allows remote ...)
+CVE-2006-1576
 	NOT-FOR-US: QLnews
-CVE-2006-1575 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
+CVE-2006-1575
 	NOT-FOR-US: QLnews
-CVE-2006-1574 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, ...)
+CVE-2006-1574
 	NOT-FOR-US: Groupmax World Wide Web et. al.
-CVE-2006-1573 (PHP remote file inclusion vulnerability in index.php in MediaSlash ...)
+CVE-2006-1573
 	NOT-FOR-US: MediaSlash Gallery
-CVE-2006-1572 (SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote ...)
+CVE-2006-1572
 	NOT-FOR-US: Oxygen
-CVE-2006-1571 (Multiple SQL injection vulnerabilities in loginprocess.php in ...)
+CVE-2006-1571
 	NOT-FOR-US: qliteNews
-CVE-2006-1570 (Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 ...)
+CVE-2006-1570
 	NOT-FOR-US: Esqlanelapse
-CVE-2006-1569 (Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote ...)
+CVE-2006-1569
 	NOT-FOR-US: RedCMS
-CVE-2006-1568 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
+CVE-2006-1568
 	NOT-FOR-US: RedCMS
-CVE-2006-1567 (Cross-site scripting (XSS) vulnerability in searchresults.asp in ...)
+CVE-2006-1567
 	NOT-FOR-US: SiteSearch Indexer
-CVE-2006-1566 (Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in ...)
+CVE-2006-1566
 	- libtunepimp 0.4.2-3 (bug #359241; low)
 	[sarge] - libtunepimp <not-affected> (rpath not set to /tmp in Sarge)
-CVE-2006-1565 (Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian ...)
+CVE-2006-1565
 	- gpib 3.2.06-3 (bug #359239; low)
 	[sarge] - gpib <not-affected> (rpath not set to /tmp in Sarge)
-CVE-2006-1564 (Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for ...)
+CVE-2006-1564
 	- subversion 1.3.0-5 (bug #359234; low)
 	[sarge] - subversion <not-affected> (No rpaths set in Sarge)
-CVE-2006-1563 (Direct static code injection vulnerability in config.php in vscripts ...)
+CVE-2006-1563
 	NOT-FOR-US: VBook
-CVE-2006-1562 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-1562
 	NOT-FOR-US: VBook
-CVE-2006-1561 (SQL injection vulnerability in index.php in vscripts (aka Kuba ...)
+CVE-2006-1561
 	NOT-FOR-US: VBook
-CVE-2006-1560 (Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 ...)
+CVE-2006-1560
 	NOT-FOR-US: SkinTech phpNewsManager
-CVE-2006-1559 (SQL injection vulnerability in PHP Script Index allows remote ...)
+CVE-2006-1559
 	NOT-FOR-US: PHP Script Index
-CVE-2006-1558 (Cross-site scripting (XSS) vulnerability in search.php in PHP Script ...)
+CVE-2006-1558
 	NOT-FOR-US: PHP Script Index
-CVE-2006-1557 (Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote ...)
+CVE-2006-1557
 	NOT-FOR-US: X-Changer
-CVE-2006-1556 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-1556
 	NOT-FOR-US: AL-Caricatier
-CVE-2006-1555 (VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and ...)
+CVE-2006-1555
 	NOT-FOR-US: VSNS Lemon
-CVE-2006-1554 (Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows ...)
+CVE-2006-1554
 	NOT-FOR-US: VSNS Lemon
-CVE-2006-1553 (SQL injection vulnerability in functions/final_functions.php in VSNS ...)
+CVE-2006-1553
 	NOT-FOR-US: VSNS Lemon
-CVE-2006-1552 (Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows ...)
+CVE-2006-1552
 	NOT-FOR-US: Apple
-CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX ...)
+CVE-2006-1551
 	NOT-FOR-US: PAJAX
-CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation ...)
+CVE-2006-1549
 	- php4 <removed> (bug #361854; unimportant)
 	- php5 5.1.4-0.1 (bug #361917; unimportant)
 	[sarge] - php4 <no-dsa> (there are easier ways to segfault your own program)
-CVE-2006-1548 (Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction ...)
+CVE-2006-1548
 	- libstruts1.2-java 1.2.9-1 (bug #360551)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2006-1547 (ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 ...)
+CVE-2006-1547
 	- libstruts1.2-java 1.2.9-1 (bug #360551)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2006-1546 (Apache Software Foundation (ASF) Struts before 1.2.9 allows remote ...)
+CVE-2006-1546
 	- libstruts1.2-java 1.2.9-1 (bug #360551)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php in ...)
+CVE-2006-1545
 	NOT-FOR-US: VNews
-CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
+CVE-2006-1544
 	NOT-FOR-US: VNews
-CVE-2006-1543 (Multiple SQL injection vulnerabilities in vscripts (aka Kuba ...)
+CVE-2006-1543
 	NOT-FOR-US: VNews
-CVE-2006-1542 (Stack-based buffer overflow in Python 2.4.2 and earlier, running on ...)
+CVE-2006-1542
 	NOT-FOR-US: Bogus issue, this doesn't trigger any local overflow
 	NOTE: Should be rejected
-CVE-2006-1541 (SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and ...)
+CVE-2006-1541
 	NOT-FOR-US: EzASPSite
-CVE-2006-1540 (MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 ...)
+CVE-2006-1540
 	NOT-FOR-US: Microsoft
-CVE-2006-1539 (Multiple buffer overflows in the checkscores function in scores.c in ...)
+CVE-2006-1539
 	- bsdgames 2.17-6 (bug #361160)
 	[sarge] - bsdgames <no-dsa> (Minor impact)
-CVE-2006-1538 (The Enova X-Wall ASIC encrypts with a key obtained via Microwire from ...)
+CVE-2006-1538
 	NOT-FOR-US: Enova X-Wall ASIC
-CVE-2006-1537 (Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain ...)
+CVE-2006-1537
 	- webcalendar <unfixed> (unimportant)
-CVE-2006-1536 (Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts ...)
+CVE-2006-1536
 	NOT-FOR-US: Phoetux.net PhxContacts
-CVE-2006-1535 (Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net ...)
+CVE-2006-1535
 	NOT-FOR-US: Phoetux.net PhxContacts
-CVE-2006-1534 (Multiple SQL injection vulnerabilities in Null news allow remote ...)
+CVE-2006-1534
 	NOT-FOR-US: Null news
-CVE-2006-1533 (SQL injection vulnerability in newsletter.php in Sourceworkshop ...)
+CVE-2006-1533
 	NOT-FOR-US: Sourceworkshop newsletter
-CVE-2006-1532 (Cross-site scripting (XSS) vulnerability in search.php in PHP ...)
+CVE-2006-1532
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-1531 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...)
+CVE-2006-1531
 	{DSA-1046-1}
 	- firefox 1.5.0.2 (medium)
 	- mozilla-firefox <not-affected> (pre-1.5 version not vulnerable)
@@ -12984,7 +12984,7 @@ CVE-2006-1531 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1530 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...)
+CVE-2006-1530
 	{DSA-1046-1}
 	- firefox 1.5.0.2 (medium)
 	- mozilla-firefox <not-affected> (pre-1.5 version not vulnerable)
@@ -12994,7 +12994,7 @@ CVE-2006-1530 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1529 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...)
+CVE-2006-1529
 	{DSA-1046-1}
 	- firefox 1.5.0.2-1 (medium)
 	- mozilla-firefox <not-affected> (pre-1.5 version not vulnerable)
@@ -13004,103 +13004,103 @@ CVE-2006-1529 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1528 (Linux kernel before 2.6.13 allows local users to cause a denial of ...)
+CVE-2006-1528
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.13-1
-CVE-2006-1527 (The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote ...)
+CVE-2006-1527
 	- linux-2.6 2.6.16-12 (low)
-CVE-2006-1526 (Buffer overflow in the X render (Xrender) extension in X.org X server ...)
+CVE-2006-1526
 	- xorg-server 1:1.0.2-8 (bug #378464)
 	[sarge] - xfree86 <not-affected> (Vulnerable code not present)
-CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users ...)
+CVE-2006-1525
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-9
-CVE-2006-1524 (madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow ...)
+CVE-2006-1524
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-8
-CVE-2006-1523 (The __group_complete_signal function in the RCU signal handling ...)
+CVE-2006-1523
 	{DSA-1103}
 	- linux-2.6 2.6.16-7
-CVE-2006-1522 (The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 ...)
+CVE-2006-1522
 	- linux-2.6 2.6.16-7
 CVE-2006-1521
 	REJECTED
-CVE-2006-1520 (Format string vulnerability in ANSI C Sender Policy Framework library ...)
+CVE-2006-1520
 	NOTE: Debian ships debugging disabled (this isn't a problem with a debugging command-line flag)
 	- libspf <not-affected> (bug #368780; low)
 CVE-2006-1519
 	REJECTED
-CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in MySQL ...)
+CVE-2006-1518
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
 	- mysql-dfsg-4.1 <removed> (bug #365939; medium)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; medium)
 	- mysql <removed> (bug #365939; medium)
-CVE-2006-1517 (sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and ...)
+CVE-2006-1517
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
 	- mysql-dfsg-4.1 <removed> (bug #365939; low)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; low)
 	- mysql <removed> (bug #365939; low)
-CVE-2006-1516 (The check_connection function in sql_parse.cc in MySQL 4.0.x up to ...)
+CVE-2006-1516
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; bug #365938; bug #366044; low)
 	- mysql-dfsg-4.1 <removed> (bug #365939; bug #366043; low)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; low)
 	- mysql <removed> (bug #365939; low)
-CVE-2006-1515 (Buffer overflow in the addnewword function in typespeed 0.4.4 and ...)
+CVE-2006-1515
 	{DSA-1084-1}
 	- typespeed 0.4.4-10
-CVE-2006-1514 (Multiple buffer overflows in the abcmidi-yaps translator in abcmidi ...)
+CVE-2006-1514
 	{DSA-1043-1}
 	- abcmidi 20060422-1
-CVE-2006-1513 (Multiple buffer overflows in abc2ps before 1.3.3 allow user-assisted ...)
+CVE-2006-1513
 	{DSA-1041-1}
 	- abc2ps <removed> (bug #373685; low)
 CVE-2006-1512
 	REJECTED
-CVE-2006-1511 (Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and ...)
+CVE-2006-1511
 	NOT-FOR-US: Microsoft
-CVE-2006-1510 (Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll ...)
+CVE-2006-1510
 	NOT-FOR-US: Microsoft
-CVE-2006-1509 (/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 ...)
+CVE-2006-1509
 	NOT-FOR-US: HP-UX
-CVE-2006-1508 (Multiple cross-site scripting (XSS) vulnerabilities in MH Software ...)
+CVE-2006-1508
 	NOT-FOR-US: MH Software Connect Daily Web Calendar
-CVE-2006-1507 (Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows ...)
+CVE-2006-1507
 	NOT-FOR-US: PHPKIT
-CVE-2006-1506 (Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine ...)
+CVE-2006-1506
 	NOT-FOR-US: Sun Microsystems Sun Grid Engine 5.3
-CVE-2006-1505 (base_maintenance.php in Basic Analysis and Security Engine (BASE) ...)
+CVE-2006-1505
 	- acidbase 1.2.4-1 (bug #361139)
-CVE-2006-1504 (Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 ...)
+CVE-2006-1504
 	NOT-FOR-US: Arab Portal
-CVE-2006-1503 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-1503
 	NOT-FOR-US: Virtual Wa
-CVE-2006-1502 (Multiple integer overflows in MPlayer 1.0pre7try2 allow remote ...)
+CVE-2006-1502
 	NOT-FOR-US: MPlayer
 	NOTE: I can't find the vulnerable code in xine-lib
-CVE-2006-1501 (SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows ...)
+CVE-2006-1501
 	NOT-FOR-US: OneOrZero
-CVE-2006-1500 (SQL injection vulnerability in index.php in Tilde CMS 3.0 allows ...)
+CVE-2006-1500
 	NOT-FOR-US: Tilde CMS 3.0
-CVE-2006-1499 (SQL injection vulnerability in vCounter.php in vCounter 1.0 allows ...)
+CVE-2006-1499
 	NOT-FOR-US: vCounter
-CVE-2006-1497 (Directory traversal vulnerability in index.php in ViHor Design allows ...)
+CVE-2006-1497
 	NOT-FOR-US: ViHor Design
-CVE-2006-1496 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-1496
 	NOT-FOR-US: ViHor Design
-CVE-2006-1495 (SQL injection vulnerability in general/sendpassword.php in (1) ...)
+CVE-2006-1495
 	NOT-FOR-US: PHPCollab / NetOffice
-CVE-2006-1494 (Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 ...)
+CVE-2006-1494
 	- php4 4:4.4.4-1 (bug #361855; unimportant)
 	- php5 5.1.4-0.1 (bug #361916; unimportant)
 	NOTE: open_basedir violations are not supported
-CVE-2006-1493 (Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP ...)
+CVE-2006-1493
 	NOT-FOR-US: Explorer XP
-CVE-2006-1492 (Directory traversal vulnerability in dir.php in Explorer XP allows ...)
+CVE-2006-1492
 	NOT-FOR-US: Explorer XP
-CVE-2006-1489 (Multiple SQL injection vulnerabilities in FusionZONE CouponZONE ...)
+CVE-2006-1489
 	NOT-FOR-US: FusionZONE CouponZONE
 CVE-2006-XXXX [unixodbc rpath set to /home]
 	- unixodbc 2.2.11-11 (bug #358142; low)
@@ -13117,658 +13117,658 @@ CVE-2006-XXXX [tcpquota rpath set to user home]
 CVE-2006-XXXX [hamlib3-perl rpath set to user home]
 	- hamlib 1.2.5-3 (bug #358166; low)
 	[sarge] - hamlib <no-dsa> (Only exploitable with strange user name)
-CVE-2006-1550 (Multiple buffer overflows in the xfig import code (xfig-import.c) in ...)
+CVE-2006-1550
 	{DSA-1025-1}
 	- dia 0.94.0-18 (bug #360566)
-CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...)
+CVE-2006-1498
 	- mediawiki 1.4.15-1
 	- mediawiki1.5 1.5.8-1
-CVE-2006-1491 (Eval injection vulnerability in Horde Application Framework versions ...)
+CVE-2006-1491
 	{DSA-1034-1 DSA-1033-1}
 	- horde3 3.1.1-1 (bug #361967)
-CVE-2006-1490 (PHP before 5.1.3-RC1 might allow remote attackers to obtain portions ...)
+CVE-2006-1490
 	- php5 5.1.4-0.1 (bug #359907; low)
 	- php4 4:4.4.2-1.1 (bug #359904; low)
 	[sarge] - php4 <no-dsa> (Application's responsibility to sanitize input)
-CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the ...)
+CVE-2006-1488
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio ...)
+CVE-2006-1487
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2006-1486 (Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in ...)
+CVE-2006-1486
 	NOT-FOR-US: realestateZONE
-CVE-2006-1485 (gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users ...)
+CVE-2006-1485
 	NOT-FOR-US: Greymatter
-CVE-2006-1484 (Genius VideoCAM NB Driver does not drop privileges when saving files, ...)
+CVE-2006-1484
 	NOT-FOR-US: Genius VideoCAM NB Driver
-CVE-2006-1483 (Blazix Web Server before 1.2.6, when running on Windows, allows remote ...)
+CVE-2006-1483
 	NOT-FOR-US: Blazix Web Server
-CVE-2006-1482 (Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 ...)
+CVE-2006-1482
 	NOT-FOR-US: ConfTool
-CVE-2006-1481 (SQL injection vulnerability in search.php in PHP Ticket 0.71 allows ...)
+CVE-2006-1481
 	NOT-FOR-US: PHP Ticket
-CVE-2006-1480 (Directory traversal vulnerability in start.php in WebAlbum 2.02 allows ...)
+CVE-2006-1480
 	NOT-FOR-US: WebAlbum
-CVE-2006-1479 (Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey ...)
+CVE-2006-1479
 	NOT-FOR-US: Serge Rey gtd-php
-CVE-2006-1478 (Directory traversal vulnerability in (1) initiate.php and (2) possibly ...)
+CVE-2006-1478
 	NOT-FOR-US: Turnkey Web Tools PHP Live Helper
-CVE-2006-1477 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web ...)
+CVE-2006-1477
 	NOT-FOR-US: Turnkey Web Tools PHP Live Helper
-CVE-2006-1476 (Windows Firewall in Microsoft Windows XP SP2 produces incorrect ...)
+CVE-2006-1476
 	NOT-FOR-US: Windows Firewall
-CVE-2006-1475 (Windows Firewall in Microsoft Windows XP SP2 does not produce ...)
+CVE-2006-1475
 	NOT-FOR-US: Windows Firewall
-CVE-2006-1474 (Cross-site scripting (XSS) vulnerability in the &quot;failed&quot; functionality ...)
+CVE-2006-1474
 	NOT-FOR-US: Raindance Web Conferencing Pro
-CVE-2006-1473 (Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 ...)
+CVE-2006-1473
 	NOT-FOR-US: Apple
-CVE-2006-1472 (Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 ...)
+CVE-2006-1472
 	NOT-FOR-US: Apple
-CVE-2006-1471 (Format string vulnerability in the CF_syslog function launchd in Apple ...)
+CVE-2006-1471
 	NOT-FOR-US: Apple
-CVE-2006-1470 (OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers ...)
+CVE-2006-1470
 	- openldap2 <not-affected> (Vulnerable code not present)
 	- openldap2.2 <removed> (medium)
-CVE-2006-1469 (Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to ...)
+CVE-2006-1469
 	NOT-FOR-US: Apple
-CVE-2006-1468 (Unspecified vulnerability in Apple File Protocol (AFP) server in Apple ...)
+CVE-2006-1468
 	NOT-FOR-US: Apple
-CVE-2006-1467 (Integer overflow in the AAC file parsing code in Apple iTunes before ...)
+CVE-2006-1467
 	NOT-FOR-US: Apple iTunes
-CVE-2006-1466 (Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects ...)
+CVE-2006-1466
 	NOT-FOR-US: Apple
-CVE-2006-1465 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers ...)
+CVE-2006-1465
 	NOT-FOR-US: Apple
-CVE-2006-1464 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers ...)
+CVE-2006-1464
 	NOT-FOR-US: Apple
-CVE-2006-1463 (Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote ...)
+CVE-2006-1463
 	NOT-FOR-US: Apple
-CVE-2006-1462 (Multiple integer overflows in Apple QuickTime before 7.1 allow remote ...)
+CVE-2006-1462
 	NOT-FOR-US: Apple
-CVE-2006-1461 (Multiple buffer overflows in Apple QuickTime before 7.1 allow remote ...)
+CVE-2006-1461
 	NOT-FOR-US: Apple
-CVE-2006-1460 (Multiple buffer overflows in Apple QuickTime before 7.1 allow remote ...)
+CVE-2006-1460
 	NOT-FOR-US: Apple
-CVE-2006-1459 (Multiple integer overflows in Apple QuickTime before 7.1 allow remote ...)
+CVE-2006-1459
 	NOT-FOR-US: Apple
-CVE-2006-1458 (Integer overflow in Apple QuickTime Player before 7.1 allows remote ...)
+CVE-2006-1458
 	NOT-FOR-US: Apple
-CVE-2006-1457 (Safari on Apple Mac OS X 10.4.6, when &quot;Open `safe' files after ...)
+CVE-2006-1457
 	NOT-FOR-US: Apple
-CVE-2006-1456 (Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 ...)
+CVE-2006-1456
 	NOT-FOR-US: Apple
-CVE-2006-1455 (QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows ...)
+CVE-2006-1455
 	NOT-FOR-US: Apple
-CVE-2006-1454 (Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote ...)
+CVE-2006-1454
 	NOT-FOR-US: Apple
-CVE-2006-1453 (Stack-based buffer overflow in Apple QuickTime before 7.1 allows ...)
+CVE-2006-1453
 	NOT-FOR-US: Apple
-CVE-2006-1452 (Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to ...)
+CVE-2006-1452
 	NOT-FOR-US: Apple
-CVE-2006-1451 (MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a ...)
+CVE-2006-1451
 	NOT-FOR-US: MySQL Manager
-CVE-2006-1450 (Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to ...)
+CVE-2006-1450
 	NOT-FOR-US: Apple
-CVE-2006-1449 (Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows ...)
+CVE-2006-1449
 	NOT-FOR-US: Apple
-CVE-2006-1448 (Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted ...)
+CVE-2006-1448
 	NOT-FOR-US: Apple
-CVE-2006-1447 (LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to ...)
+CVE-2006-1447
 	NOT-FOR-US: Apple
-CVE-2006-1446 (Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an ...)
+CVE-2006-1446
 	NOT-FOR-US: Apple
-CVE-2006-1445 (Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 ...)
+CVE-2006-1445
 	NOT-FOR-US: Apple
-CVE-2006-1444 (CoreGraphics in Apple Mac OS X 10.4.6, when &quot;Enable access for ...)
+CVE-2006-1444
 	NOT-FOR-US: Apple
-CVE-2006-1443 (Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and ...)
+CVE-2006-1443
 	NOT-FOR-US: Apple
-CVE-2006-1442 (The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 ...)
+CVE-2006-1442
 	NOT-FOR-US: Apple
-CVE-2006-1441 (Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote ...)
+CVE-2006-1441
 	NOT-FOR-US: Apple
-CVE-2006-1440 (BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite ...)
+CVE-2006-1440
 	NOT-FOR-US: Apple
-CVE-2006-1439 (NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not ...)
+CVE-2006-1439
 	NOT-FOR-US: Apple
-CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP ...)
+CVE-2006-1438
 	NOT-FOR-US: aphpkb
-CVE-2006-1437 (UPOINT @1 Event Publisher stores sensitive information under the web ...)
+CVE-2006-1437
 	NOT-FOR-US: UPOINT
-CVE-2006-1436 (Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event ...)
+CVE-2006-1436
 	NOT-FOR-US: UPOINT
-CVE-2006-1435 (Cross-site scripting (XSS) vulnerability in genmessage.php in ...)
+CVE-2006-1435
 	NOT-FOR-US: Accounting Receiving and Inventory Administration (ARIA), different from debian aria
-CVE-2006-1434 (Cross-site scripting (XSS) vulnerability in inscription.php in ...)
+CVE-2006-1434
 	NOT-FOR-US: Annuaire (Directory)
-CVE-2006-1433 (Annuaire (Directory) 1.0 allows remote attackers to obtain sensitive ...)
+CVE-2006-1433
 	NOT-FOR-US: Annuaire (Directory)
-CVE-2006-1432 (fusionZONE couponZONE 4.2 allows remote attackers to obtain the full ...)
+CVE-2006-1432
 	NOT-FOR-US: fusionZONE couponZONE
-CVE-2006-1431 (Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE ...)
+CVE-2006-1431
 	NOT-FOR-US: fusionZONE couponZONE
-CVE-2006-1430 (Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS ...)
+CVE-2006-1430
 	NOT-FOR-US: CONTROLzx HMS
-CVE-2006-1429 (Cross-site scripting (XSS) vulnerability in accountlogon.cfm in ...)
+CVE-2006-1429
 	NOT-FOR-US: classifiedZONE
-CVE-2006-1428 (Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN 1.2.2 ...)
+CVE-2006-1428
 	NOT-FOR-US: phpCOIN
-CVE-2006-1427 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP ...)
+CVE-2006-1427
 	NOT-FOR-US: WebAPP
-CVE-2006-1426 (Multiple SQL injection vulnerabilities in Pixel Motion Blog allow ...)
+CVE-2006-1426
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2006-1425 (Cross-site scripting (XSS) vulnerability in track.php in phpmyfamily ...)
+CVE-2006-1425
 	NOT-FOR-US: phpmyfamily
 CVE-2006-1424
 	REJECTED
-CVE-2006-1423 (SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 ...)
+CVE-2006-1423
 	NOT-FOR-US: UBB.threads
-CVE-2006-1422 (SQL injection vulnerability in details_view.php in PHP Booking Calendar ...)
+CVE-2006-1422
 	NOT-FOR-US: PHP Booking Calendar
-CVE-2006-1421 (Multiple SQL injection vulnerabilities in akocomment.php in AkoComment ...)
+CVE-2006-1421
 	NOT-FOR-US: AkoComment
-CVE-2006-1420 (SQL injection vulnerability in print.php in SaphpLesson 2.0 allows ...)
+CVE-2006-1420
 	NOT-FOR-US: SaphpLesson
-CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 ...)
+CVE-2006-1419
 	NOT-FOR-US: nuked-klan
-CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in Caloris ...)
+CVE-2006-1418
 	NOT-FOR-US: Caloris Planitia E-School Management
-CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Caloris ...)
+CVE-2006-1417
 	NOT-FOR-US: Caloris Planitia Online Quiz System
-CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute ...)
+CVE-2006-1416
 	NOT-FOR-US: Absolute FAQ Manager .NET
-CVE-2006-1415 (Cross-site scripting (XSS) vulnerability in iforget.aspx in dotNetBB ...)
+CVE-2006-1415
 	NOT-FOR-US: dotNetBB
-CVE-2006-1414 (Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in ...)
+CVE-2006-1414
 	NOT-FOR-US: Toast Forums
-CVE-2006-1413 (Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro ...)
+CVE-2006-1413
 	NOT-FOR-US: EZHomepagePro
-CVE-2006-1412 (TFT Gallery 0.10 stores sensitive information under the web root with ...)
+CVE-2006-1412
 	NOT-FOR-US: TFT Gallery
-CVE-2006-1411 (Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE ...)
+CVE-2006-1411
 	NOT-FOR-US: Absolute Image Gallery
-CVE-2006-1410 (Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute ...)
+CVE-2006-1410
 	NOT-FOR-US: XIGLA Absolute Live Support
-CVE-2006-1409 (Buffer overflow in Vavoom 1.19.1 and earlier allows remote attackers ...)
+CVE-2006-1409
 	NOT-FOR-US: Vavoom
 	NOTE: code in prboom and lxdoom looks completely different
-CVE-2006-1408 (Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of ...)
+CVE-2006-1408
 	NOT-FOR-US: Vavoom
 	NOTE: code in prboom and lxdoom looks completely different
-CVE-2006-1407 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web ...)
+CVE-2006-1407
 	NOT-FOR-US: Helm Web Hosting Control Panel
-CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx ...)
+CVE-2006-1406
 	NOT-FOR-US: uniForum
-CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ...)
+CVE-2006-1405
 	NOT-FOR-US: SweetSuite.NET Content Management System
-CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in ...)
+CVE-2006-1404
 	NOT-FOR-US: BlankOL
-CVE-2006-1403 (Format string vulnerability in the PrintString function in ...)
+CVE-2006-1403
 	NOT-FOR-US: csDoom
 	NOTE: prboom, lxdoom not affected
-CVE-2006-1402 (Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows ...)
+CVE-2006-1402
 	NOT-FOR-US: csDoom
 	NOTE: prboom, lxdoom not affected
-CVE-2006-1401 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
+CVE-2006-1401
 	NOT-FOR-US: Calendar Express
-CVE-2006-1400 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-1400
 	NOT-FOR-US: Metisware Instructor
-CVE-2006-1399 (Cross-site scripting (XSS) vulnerability in searchresult.php in ...)
+CVE-2006-1399
 	NOT-FOR-US: Meeting Reserve
-CVE-2006-1398 (Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book ...)
+CVE-2006-1398
 	NOT-FOR-US: G-Book
-CVE-2006-1397 (Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew ...)
+CVE-2006-1397
 	NOT-FOR-US: phpAdsNew
-CVE-2006-1396 (Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL ...)
+CVE-2006-1396
 	NOT-FOR-US: Cholod
-CVE-2006-1395 (SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message ...)
+CVE-2006-1395
 	NOT-FOR-US: Cholod
-CVE-2006-1394 (Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft ...)
+CVE-2006-1394
 	NOT-FOR-US: Pubcookie
-CVE-2006-1393 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2006-1393
 	NOT-FOR-US: Pubcookie
-CVE-2006-1392 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in ...)
+CVE-2006-1392
 	NOT-FOR-US: Pubcookie
-CVE-2006-1391 (The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web ...)
+CVE-2006-1391
 	NOT-FOR-US: Quick 'n Easy/Baby Web Server
-CVE-2006-1390 (The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a ...)
+CVE-2006-1390
 	NOT-FOR-US: Shortcoming of Gentoo-specific games packaging
-CVE-2006-1389 (Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and ...)
+CVE-2006-1389
 	NOT-FOR-US: HP-UX
-CVE-2006-1388 (Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows ...)
+CVE-2006-1388
 	NOT-FOR-US: Internet Explorer
-CVE-2006-1387 (TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote ...)
+CVE-2006-1387
 	- twiki 1:4.0.4-3 (bug #367973)
-CVE-2006-1386 (The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore ...)
+CVE-2006-1386
 	- twiki <not-affected> (only affects 4.0.0 - 4.1.0, version in Debian too young)
-CVE-2006-1385 (Stack-based buffer overflow in the parseTaggedData function in ...)
+CVE-2006-1385
 	NOT-FOR-US: Cisco
-CVE-2006-1384 (Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the ...)
+CVE-2006-1384
 	NOT-FOR-US: IBM Tivoli Business Systems Manager
-CVE-2006-1383 (Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 ...)
+CVE-2006-1383
 	NOT-FOR-US: Baby FTP Server
-CVE-2006-1382 (PHP remote file inclusion vulnerability in impex/ImpExData.php in ...)
+CVE-2006-1382
 	NOT-FOR-US: vBulletin
-CVE-2006-1381 (Trend Micro OfficeScan 5.5, and probably other versions before 6.5, ...)
+CVE-2006-1381
 	NOT-FOR-US: Trend Micro
-CVE-2006-1380 (ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite ...)
+CVE-2006-1380
 	NOT-FOR-US: Trend Micro
-CVE-2006-1379 (Trend Micro PC-cillin Internet Security 2006 14.00.1485 and ...)
+CVE-2006-1379
 	NOT-FOR-US: Trend Micro
-CVE-2006-1378 (PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak ...)
+CVE-2006-1378
 	NOT-FOR-US: PasswordSafe
-CVE-2006-1377 (Cross-site scripting (XSS) vulnerability in img.php in (1) EasyMoblog ...)
+CVE-2006-1377
 	NOT-FOR-US: EasyMoblog
-CVE-2006-1376 (The installation of Debian GNU/Linux 3.1r1 from the network install CD ...)
+CVE-2006-1376
 	[sarge] - shadow 1:4.0.3-31sarge8
 	[sarge] - base-config <not-affected>
 	NOTE: The installer is fixed separately, but the postinst of the shadow update
 	NOTE: corrects permissions of a faulty install
 	- shadow 1:4.0.14-9 (bug #358210; bug #356939)
 	- base-config 2.68 (bug #254068; low)
-CVE-2006-1375 (AdMan 1.0.20051221 and earlier allows remote attackers to obtain the ...)
+CVE-2006-1375
 	NOT-FOR-US: AdMan
-CVE-2006-1374 (SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 ...)
+CVE-2006-1374
 	NOT-FOR-US: AdMan
-CVE-2006-1373 (Cross-site scripting (XSS) vulnerability in status_image.php in PHP ...)
+CVE-2006-1373
 	NOT-FOR-US: PHP Live!
-CVE-2006-1372 (Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier ...)
+CVE-2006-1372
 	NOT-FOR-US: 1WebCalendar
-CVE-2006-1371 (Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows ...)
+CVE-2006-1371
 	NOT-FOR-US: Laurentiu Matei eXpandable Home Page
-CVE-2006-1370 (Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through ...)
+CVE-2006-1370
 	NOT-FOR-US: Real Player, according to Real Helix not affected
-CVE-2006-1369 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) ...)
+CVE-2006-1369
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1368 (Buffer overflow in the USB Gadget RNDIS implementation in the Linux ...)
+CVE-2006-1368
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-1
-CVE-2006-1367 (The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the ...)
+CVE-2006-1367
 	NOT-FOR-US: Motorola hardware
-CVE-2006-1366 (Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other ...)
+CVE-2006-1366
 	NOT-FOR-US: Motorola hardware
-CVE-2006-1365 (The Motorola PEBL U6, the Motorola V600, and possibly the Motorola ...)
+CVE-2006-1365
 	NOT-FOR-US: Motorola hardware
-CVE-2006-1364 (Microsoft w3wp (aka w3wp.exe) does not properly handle when the ...)
+CVE-2006-1364
 	NOT-FOR-US: Microsoft
-CVE-2006-1363 (images.php in Justin White (aka YTZ) Free Web Publishing System ...)
+CVE-2006-1363
 	NOT-FOR-US: Justin White (aka YTZ) Free Web Publishing System
-CVE-2006-1362 (Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 ...)
+CVE-2006-1362
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-1361 (Cross-site scripting (XSS) vulnerability in OSWiki before 0.3.1 allows ...)
+CVE-2006-1361
 	NOT-FOR-US: OSWiki
-CVE-2006-1360 (Multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2 allow ...)
+CVE-2006-1360
 	NOT-FOR-US: MusicBox
-CVE-2006-1359 (Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to ...)
+CVE-2006-1359
 	NOT-FOR-US: Microsoft
-CVE-2006-1358 (Unspecified vulnerability in BEA WebLogic Portal 8.1 up to SP5 causes ...)
+CVE-2006-1358
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-1357 (Cross-site scripting (XSS) vulnerability in my.support.php3 in F5 ...)
+CVE-2006-1357
 	NOT-FOR-US: F5 Firepass 4100 SSL VPN
-CVE-2006-1356 (Stack-based buffer overflow in the count_vcards function in LibVC 3, ...)
+CVE-2006-1356
 	- libvc 003-4
-CVE-2006-1355 (avast! Antivirus 4.6.763 and earlier sets &quot;BUILTIN\Everyone&quot; ...)
+CVE-2006-1355
 	NOT-FOR-US: avast AV
-CVE-2006-1354 (Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows ...)
+CVE-2006-1354
 	{DSA-1089-1}
 	- freeradius 1.1.0-1.2 (bug #359042; high)
-CVE-2006-1353 (Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier ...)
+CVE-2006-1353
 	NOT-FOR-US: ASPPortal
-CVE-2006-1352 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 ...)
+CVE-2006-1352
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-1351 (BEA WebLogic Server 6.1 SP7 and earlier allows remote ...)
+CVE-2006-1351
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-1350 (PHP remote file include vulnerability in index.php in 99Articles.com ...)
+CVE-2006-1350
 	NOT-FOR-US: 99Articles.com
-CVE-2006-1349 (Multiple cross-site scripting (XSS) vulnerabilities in Musicbox 2.3 ...)
+CVE-2006-1349
 	NOT-FOR-US: MusicBox
-CVE-2006-1348 (Cross-site scripting (XSS) vulnerability in index.php in Greg ...)
+CVE-2006-1348
 	NOT-FOR-US: Greg Neustaetter gCards
-CVE-2006-1347 (SQL injection vulnerability in loginfunction.php in Greg Neustaetter ...)
+CVE-2006-1347
 	NOT-FOR-US: Greg Neustaetter gCards
-CVE-2006-1346 (Directory traversal vulnerability in inc/setLang.php in Greg ...)
+CVE-2006-1346
 	NOT-FOR-US: Greg Neustaetter gCards
-CVE-2006-1345 (polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers ...)
+CVE-2006-1345
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1344 (Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as ...)
+CVE-2006-1344
 	NOT-FOR-US: VeriSign haydn.exe
-CVE-2006-1343 (net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, ...)
+CVE-2006-1343
 	{DSA-1184-2 DSA-1097-1}
 	- linux-2.6 2.6.16-15
-CVE-2006-1342 (net/ipv4/af_inet.c in Linux kernel 2.4 does not clear ...)
+CVE-2006-1342
 	- linux-2.6 <not-affected> (Only affects 2.4 kernels)
-CVE-2006-1341 (SQL injection vulnerability in events.php in Maian Events 1.0 allows ...)
+CVE-2006-1341
 	NOT-FOR-US: Maian Events
-CVE-2006-1340 (CuteNews 1.4.1 and possibly other versions allows remote attackers to ...)
+CVE-2006-1340
 	NOT-FOR-US: CuteNews
-CVE-2006-1339 (Directory traversal vulnerability in inc/functions.inc.php in CuteNews ...)
+CVE-2006-1339
 	NOT-FOR-US: CuteNews
-CVE-2006-1338 (Webmail in MailEnable Professional Edition before 1.73 and Enterprise ...)
+CVE-2006-1338
 	NOT-FOR-US: MailEnable
-CVE-2006-1337 (Buffer overflow in the POP 3 (POP3) service in MailEnable Standard ...)
+CVE-2006-1337
 	NOT-FOR-US: MailEnable
-CVE-2006-1336 (Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0 ...)
+CVE-2006-1336
 	NOT-FOR-US: ExtCalendar
-CVE-2006-1335 (gnome screensaver before 2.14, when running on an X server with ...)
+CVE-2006-1335
 	- gnome-screensaver 2.14.1-1 (bug #357885)
-CVE-2006-1334 (Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow ...)
+CVE-2006-1334
 	NOT-FOR-US: Maian Weblog
-CVE-2006-1333 (Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and ...)
+CVE-2006-1333
 	NOT-FOR-US: BetaParticle Blog
-CVE-2006-1332 (Noah's Classifieds 1.3 and earlier allows remote attackers to obtain ...)
+CVE-2006-1332
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-1331 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-1331
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-1330 (Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier ...)
+CVE-2006-1330
 	NOT-FOR-US: phpWebsite
-CVE-2006-1329 (The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows ...)
+CVE-2006-1329
 	- jabberd2 2.0s11-1 (bug #357874)
-CVE-2006-1328 (SQL injection vulnerability in count.php in Skull-Splitter PHP ...)
+CVE-2006-1328
 	NOT-FOR-US: Skull-Splitter PHP
-CVE-2006-1327 (SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote ...)
+CVE-2006-1327
 	NOT-FOR-US: SoftBB
-CVE-2006-1326 (Multiple cross-site scripting (XSS) vulnerabilities in Invision Power ...)
+CVE-2006-1326
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1325 (Cross-site scripting (XSS) vulnerability in Streber 0.055 allows ...)
+CVE-2006-1325
 	NOT-FOR-US: Streber
-CVE-2006-1324 (Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php ...)
+CVE-2006-1324
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-1323 (Directory traversal vulnerability in WinHKI 1.6 and earlier allows ...)
+CVE-2006-1323
 	NOT-FOR-US: WinHKI
-CVE-2006-1322 (Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a ...)
+CVE-2006-1322
 	NOT-FOR-US: Netware
-CVE-2006-1318 (Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, ...)
+CVE-2006-1318
 	NOT-FOR-US: Microsoft Office
 CVE-2006-1317
 	REJECTED
-CVE-2006-1316 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
+CVE-2006-1316
 	NOT-FOR-US: Microsoft
-CVE-2006-1315 (The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP ...)
+CVE-2006-1315
 	NOT-FOR-US: Microsoft
-CVE-2006-1314 (Heap-based buffer overflow in the Server Service (SRV.SYS driver) in ...)
+CVE-2006-1314
 	NOT-FOR-US: Microsoft
-CVE-2006-1313 (Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on ...)
+CVE-2006-1313
 	NOT-FOR-US: Microsoft JScript
 CVE-2006-1312
 	REJECTED
-CVE-2006-1311 (The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; ...)
+CVE-2006-1311
 	NOT-FOR-US: Microsoft
 CVE-2006-1310
 	REJECTED
-CVE-2006-1309 (Microsoft Excel 2000 through 2004 allows user-assisted attackers to ...)
+CVE-2006-1309
 	NOT-FOR-US: Microsoft
-CVE-2006-1308 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows ...)
+CVE-2006-1308
 	NOT-FOR-US: Microsoft
 CVE-2006-1307
 	REJECTED
-CVE-2006-1306 (Microsoft Excel 2000 through 2004 allows user-assisted attackers to ...)
+CVE-2006-1306
 	NOT-FOR-US: Microsoft
-CVE-2006-1305 (Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote ...)
+CVE-2006-1305
 	NOT-FOR-US: Microsoft
-CVE-2006-1304 (Buffer overflow in Microsoft Excel 2000 through 2003 allows ...)
+CVE-2006-1304
 	NOT-FOR-US: Microsoft
-CVE-2006-1303 (Multiple unspecified vulnerabilities in Microsoft Internet Explorer ...)
+CVE-2006-1303
 	NOT-FOR-US: Microsoft
-CVE-2006-1302 (Buffer overflow in Microsoft Excel 2000 through 2003 allows ...)
+CVE-2006-1302
 	NOT-FOR-US: Microsoft
-CVE-2006-1301 (Microsoft Excel 2000 through 2004 allows user-assisted attackers to ...)
+CVE-2006-1301
 	NOT-FOR-US: Microsoft
-CVE-2006-1300 (Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, ...)
+CVE-2006-1300
 	NOT-FOR-US: Microsoft
 CVE-2006-1299
 	REJECTED
-CVE-2006-1298 (Format string vulnerability in the Job Engine service (bengine.exe) in ...)
+CVE-2006-1298
 	NOT-FOR-US: Veritas Backup
-CVE-2006-1297 (Unspecified vulnerability in Veritas Backup Exec for Windows Server ...)
+CVE-2006-1297
 	NOT-FOR-US: Veritas Backup
-CVE-2006-1296 (Untrusted search path vulnerability in Beagle 0.2.2.1 might allow ...)
+CVE-2006-1296
 	- beagle 0.2.3-1 (bug #357392; low)
-CVE-2006-1295 (Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP ...)
+CVE-2006-1295
 	- spip 2.0.6-1
-CVE-2006-1294 (PHP remote file include vulnerability in PageController.php in ...)
+CVE-2006-1294
 	NOT-FOR-US: KnowledgebasePublisher
-CVE-2006-1293 (Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS ...)
+CVE-2006-1293
 	NOT-FOR-US: Contrexx
-CVE-2006-1292 (Directory traversal vulnerability in Jim Hu and Chad Little PHP ...)
+CVE-2006-1292
 	NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
-CVE-2006-1291 (publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and ...)
+CVE-2006-1291
 	NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
-CVE-2006-1290 (Multiple cross-site scripting (XSS) vulnerabilities in Milkeyway ...)
+CVE-2006-1290
 	NOT-FOR-US: Milkeyway Captive Portal
-CVE-2006-1289 (Multiple SQL injection vulnerabilities in Milkeyway Captive Portal 0.1 ...)
+CVE-2006-1289
 	NOT-FOR-US: Milkeyway Captive Portal
-CVE-2006-1288 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB) ...)
+CVE-2006-1288
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1287 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) ...)
+CVE-2006-1287
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1286 (Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for ...)
+CVE-2006-1286
 	NOT-FOR-US: Symantec Ghost
-CVE-2006-1285 (SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost ...)
+CVE-2006-1285
 	NOT-FOR-US: Symantec Ghost
-CVE-2006-1284 (The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used ...)
+CVE-2006-1284
 	NOT-FOR-US: Symantec Ghost
-CVE-2006-1283 (opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD ...)
+CVE-2006-1283
 	- libpam-opie <not-affected> (FreeBSD specific vulnerability)
-CVE-2006-1282 (CRLF injection vulnerability in inc/function.php in MyBulletinBoard ...)
+CVE-2006-1282
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1281 (Cross-site scripting (XSS) vulnerability in member.php in ...)
+CVE-2006-1281
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1280 (CGI::Session 4.03-1 does not set proper permissions on temporary files ...)
+CVE-2006-1280
 	- libcgi-session-perl 4.07-1 (low; bug #356555)
 	[sarge] - libcgi-session-perl <no-dsa> (Minor issues)
-CVE-2006-1279 (CGI::Session 4.03-1 allows local users to overwrite arbitrary files ...)
+CVE-2006-1279
 	- libcgi-session-perl 4.11-1 (low; bug #356555)
 	[sarge] - libcgi-session-perl <no-dsa> (Minor issues)
-CVE-2006-1278 (SQL injection vulnerability in @1 File Store 2006.03.07 allows remote ...)
+CVE-2006-1278
 	NOT-FOR-US: @1 File Store
-CVE-2006-1277 (Cross-site scripting (XSS) vulnerability in signup.php in @1 File ...)
+CVE-2006-1277
 	NOT-FOR-US: @1 File Store
-CVE-2006-1276 (admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows ...)
+CVE-2006-1276
 	NOT-FOR-US: PHP SimpleNEWS
-CVE-2006-1275 (GGZ Gaming Zone 0.0.12 allows remote attackers to cause a denial of ...)
+CVE-2006-1275
 	NOT-FOR-US: GGZ Gaming Zone
-CVE-2006-1274 (Classic Planer in AntiVir PersonalEdition Classic 7 does not drop ...)
+CVE-2006-1274
 	NOT-FOR-US: Antivir
-CVE-2006-1273 (** DISPUTED ** ...)
+CVE-2006-1273
 	NOT-FOR-US: Reportedly problem with a firefox addon
-CVE-2006-1272 (Multiple cross-site scripting (XSS) vulnerabilities in member.php in ...)
+CVE-2006-1272
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1271 (SQL injection vulnerability in index.php in OxyNews allows remote ...)
+CVE-2006-1271
 	NOT-FOR-US: OxyNews
-CVE-2006-1270 (Multiple cross-site scripting (XSS) vulnerabilities in zones.php in ...)
+CVE-2006-1270
 	NOT-FOR-US: Inprotect
-CVE-2006-1269 (Buffer overflow in the parse function in parse.c in zoo 2.10 might ...)
+CVE-2006-1269
 	- zoo 2.10-18 (bug #367858; low)
 	[sarge] - zoo <no-dsa> (Attack vector very far-fetched, hardly exploitable)
-CVE-2006-1268 (The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 ...)
+CVE-2006-1268
 	NOT-FOR-US: Funkwerk X2300
-CVE-2006-1267 (Invision Power Board 2.1.4 allows remote attackers to hijack sessions ...)
+CVE-2006-1267
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1266 (Cross-site scripting (XSS) vulnerability in Service_Requests.asp in ...)
+CVE-2006-1266
 	NOT-FOR-US: VPMi Enterprise
-CVE-2006-1265 (SQL injection vulnerability in discussion.class.php in xhawk.net ...)
+CVE-2006-1265
 	NOT-FOR-US: xhawk.net discussion
-CVE-2006-1264 (Cross-site scripting (XSS) vulnerability in xhawk.net discussion 2.0 ...)
+CVE-2006-1264
 	NOT-FOR-US: xhawk.net discussion
-CVE-2006-1263 (Multiple &quot;unannounced&quot; cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2006-1263
 	- wordpress 2.0.2-1
-CVE-2006-1262 (Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown ...)
+CVE-2006-1262
 	NOT-FOR-US: ASPPortal
-CVE-2006-1261 (Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 ...)
+CVE-2006-1261
 	NOT-FOR-US: ASPPortal
-CVE-2006-1260 (Horde Application Framework 3.0.9 allows remote attackers to read ...)
+CVE-2006-1260
 	{DSA-1034-1 DSA-1033-1}
 	- horde3 3.1-1 (bug #358812)
-CVE-2006-1259 (Multiple SQL injection vulnerabilities in Maian Support 1.0 allow ...)
+CVE-2006-1259
 	NOT-FOR-US: Maian Support
-CVE-2006-1258 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows ...)
+CVE-2006-1258
 	- phpmyadmin 4:2.8.0.2-2 (bug #382228)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-1257 (The sample files in the authfiles directory in Microsoft Commerce ...)
+CVE-2006-1257
 	NOT-FOR-US: Microsoft
-CVE-2006-1256 (Cross-site scripting (XSS) vulnerability in guestbook.php in Soren ...)
+CVE-2006-1256
 	NOT-FOR-US: Soren Boysen (SkullSplitter) PHP Guestbook
-CVE-2006-1255 (Stack-based buffer overflow in the IMAP service in Mercur Messaging ...)
+CVE-2006-1255
 	NOT-FOR-US: Mercur Messaging
-CVE-2006-1254 (Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows ...)
+CVE-2006-1254
 	NOT-FOR-US: BorderWare MXtreme
-CVE-2006-1253 (Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote ...)
+CVE-2006-1253
 	NOT-FOR-US: glFTPd
-CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) ...)
+CVE-2006-1252
 	NOT-FOR-US: Light Weight Calendar
-CVE-2006-1251 (Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 ...)
+CVE-2006-1251
 	- sa-exim 4.2.1-1 (bug #345071; bug #356301)
-CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail before 4.3 ...)
+CVE-2006-1250
 	NOT-FOR-US: Winmail
-CVE-2006-1249 (Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes ...)
+CVE-2006-1249
 	NOT-FOR-US: Apple Quicktime
-CVE-2006-1248 (Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and ...)
+CVE-2006-1248
 	NOT-FOR-US: HP-UX
-CVE-2006-1247 (rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows ...)
+CVE-2006-1247
 	NOT-FOR-US: AIX
-CVE-2006-1246 (Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 ...)
+CVE-2006-1246
 	NOT-FOR-US: AIX
-CVE-2006-1245 (Buffer overflow in mshtml.dll in Microsoft Internet Explorer ...)
+CVE-2006-1245
 	NOT-FOR-US: Microsoft
-CVE-2006-1244 (Unspecified vulnerability in certain versions of xpdf after 3.00, as ...)
+CVE-2006-1244
 	{DSA-1019-1 DSA-982-1}
 	- xpdf <not-affected> (All issues previously fixed)
 	NOTE: Discussion has shown that the revamp patch doesn't fix new vulnerabilities
 	- gpdf 2.10.0-3
 	- koffice 2.3.3-1
 	NOTE: xpdf (and therewith the questionable code) is not part of koffice for some time now
-CVE-2006-1243 (Directory traversal vulnerability in install05.php in Simple PHP Blog ...)
+CVE-2006-1243
 	NOT-FOR-US: Simple PHP Blog
-CVE-2006-1242 (The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before ...)
+CVE-2006-1242
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-4
-CVE-2006-1241 (Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) ...)
+CVE-2006-1241
 	- firebird2 <not-affected> (Not setuid in Debian)
-CVE-2006-1240 (Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) ...)
+CVE-2006-1240
 	- firebird2 <not-affected> (Not setuid in Debian)
-CVE-2006-1239 (Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in ...)
+CVE-2006-1239
 	NOT-FOR-US: Gemini
-CVE-2006-1238 (SQL injection vulnerability in DSLogin 1.0, with magic_quotes_gpc ...)
+CVE-2006-1238
 	NOT-FOR-US: DSLogin
-CVE-2006-1237 (Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with ...)
+CVE-2006-1237
 	NOT-FOR-US: DSNewsletter
-CVE-2006-1236 (Buffer overflow in the SetUp function in socket/request.c in CrossFire ...)
+CVE-2006-1236
 	{DSA-1009-1}
 	- crossfire 1.9.0-2 (medium)
-CVE-2006-1235 (Directory traversal vulnerability in admin/deleteuser.php in HitHost ...)
+CVE-2006-1235
 	NOT-FOR-US: HitHost
-CVE-2006-1234 (SQL injection vulnerability in index.php in DSCounter 1.2, with ...)
+CVE-2006-1234
 	NOT-FOR-US: DSCounter
-CVE-2006-1233 (Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow ...)
+CVE-2006-1233
 	NOT-FOR-US: WMNews
-CVE-2006-1232 (Multiple SQL injection vulnerabilities in DSDownload 1.0, with ...)
+CVE-2006-1232
 	NOT-FOR-US: DSDownload
-CVE-2006-1231 (CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, ...)
+CVE-2006-1231
 	- capi4hylafax <not-affected> (Affected DEFINE not defined)
-CVE-2006-1230 (Multiple cross-site scripting (XSS) vulnerabilities in create.php in ...)
+CVE-2006-1230
 	NOT-FOR-US: vCard
-CVE-2006-1229 (SQL injection vulnerability in search.asp in Hosting Controller 6.1 ...)
+CVE-2006-1229
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1228 (Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x ...)
+CVE-2006-1228
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1227 (Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is ...)
+CVE-2006-1227
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1226 (Cross-site scripting (XSS) vulnerability in Drupal 4.5.x before 4.5.8 ...)
+CVE-2006-1226
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1225 (CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x ...)
+CVE-2006-1225
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1224 (Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows ...)
+CVE-2006-1224
 	NOT-FOR-US: GuppY
-CVE-2006-1223 (Cross-site scripting (XSS) vulnerability in Jupiter Content Manager ...)
+CVE-2006-1223
 	NOT-FOR-US: Jupiter Content Manager
-CVE-2006-1222 (Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 ...)
+CVE-2006-1222
 	NOT-FOR-US: zeroboard
-CVE-2006-1221 (Untrusted search path vulnerability in the TrueVector service ...)
+CVE-2006-1221
 	NOT-FOR-US: TrueVector
 CVE-2006-XXXX [Insufficient filename sanitising in darcsweb]
 	- darcsweb 0.15-1
-CVE-2006-1220 (Integer overflow in the mach_msg_send function in the kernel for Mac ...)
+CVE-2006-1220
 	NOT-FOR-US: MacOS X
-CVE-2006-1219 (Directory traversal vulnerability in Gallery 2.0.3 and earlier, and ...)
+CVE-2006-1219
 	- gallery2 2.0.4-1
-CVE-2006-1218 (Unspecified vulnerability in the HTTP proxy in Novell BorderManager ...)
+CVE-2006-1218
 	NOT-FOR-US: Novell BorderManager
-CVE-2006-1217 (SQL injection vulnerability in DSPoll 1.1 allows remote attackers to ...)
+CVE-2006-1217
 	NOT-FOR-US: DSPoll
-CVE-2006-1216 (Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x ...)
+CVE-2006-1216
 	NOT-FOR-US: Runcms
-CVE-2006-1215 (Cross-site scripting (XSS) vulnerability in misc.php in Woltlab ...)
+CVE-2006-1215
 	NOT-FOR-US: Woltlab BB
-CVE-2006-1214 (UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified ...)
+CVE-2006-1214
 	NOT-FOR-US: UnrealIRCd
-CVE-2006-1213 (JiRo's Banner System Experience and Professional 1.0 and earlier ...)
+CVE-2006-1213
 	NOT-FOR-US: JiRo's Banner System Experience and Professional
-CVE-2006-1212 (Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows ...)
+CVE-2006-1212
 	NOT-FOR-US: CoreNews
-CVE-2006-1211 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL ...)
+CVE-2006-1211
 	NOT-FOR-US: Tivoli
-CVE-2006-1210 (The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 ...)
+CVE-2006-1210
 	NOT-FOR-US: Tivoli
-CVE-2006-1209 (PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive ...)
+CVE-2006-1209
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2006-1208 (Sergey Korostel PHP Upload Center allows remote attackers to execute ...)
+CVE-2006-1208
 	NOT-FOR-US: Sergey Korostel PHP Upload Center
-CVE-2006-1207 (PHP Upload Center stores password hashes under the web root with ...)
+CVE-2006-1207
 	NOT-FOR-US: PHP Upload Center
-CVE-2006-1206 (Matt Johnston Dropbear SSH server 0.47 and earlier, as used in ...)
+CVE-2006-1206
 	- dropbear 0.48-1
-CVE-2006-1205 (Multiple cross-site scripting (XSS) vulnerabilities in myWebland ...)
+CVE-2006-1205
 	NOT-FOR-US: myBloggie
-CVE-2006-1204 (Multiple cross-site scripting (XSS) vulnerabilities in txtForum ...)
+CVE-2006-1204
 	NOT-FOR-US: txtForum
-CVE-2006-1203 (PHP remote file include vulnerability in common.php in txtForum ...)
+CVE-2006-1203
 	NOT-FOR-US: txtForum
-CVE-2006-1202 (Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 ...)
+CVE-2006-1202
 	NOT-FOR-US: textfileBB
-CVE-2006-1201 (Directory traversal vulnerability in resetpw.php in eschew.net ...)
+CVE-2006-1201
 	NOT-FOR-US: phpBannerExchange
-CVE-2006-1200 (Direct static code injection vulnerability in add_link.txt in daverave ...)
+CVE-2006-1200
 	NOT-FOR-US: daverave Link Bank
-CVE-2006-1199 (Cross-site scripting (XSS) vulnerability in iframe.php in daverave ...)
+CVE-2006-1199
 	NOT-FOR-US: daverave Link Bank
-CVE-2006-1198 (Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a ...)
+CVE-2006-1198
 	NOT-FOR-US: Comvigo IM Lock
-CVE-2006-1197 (SafeDisc installs the driver service for the secdrv.sys driver with ...)
+CVE-2006-1197
 	NOT-FOR-US: SafeDisc
-CVE-2006-1196 (Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 ...)
+CVE-2006-1196
 	NOT-FOR-US: QwikiWiki
-CVE-2006-1195 (The enet_protocol_handle_send_fragment function in protocol.c for ENet ...)
+CVE-2006-1195
 	NOT-FOR-US: Enet lib (Cube, Sauerbraten)
-CVE-2006-1194 (Integer signedness error in the enet_protocol_handle_incoming_commands ...)
+CVE-2006-1194
 	NOT-FOR-US: Enet lib (Cube, Sauerbraten)
-CVE-2006-1193 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server ...)
+CVE-2006-1193
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2006-1192 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
+CVE-2006-1192
 	NOT-FOR-US: Microsoft
-CVE-2006-1191 (Microsoft Internet Explorer 5.01 through 6 does not always correctly ...)
+CVE-2006-1191
 	NOT-FOR-US: Microsoft
-CVE-2006-1190 (Microsoft Internet Explorer 5.01 through 6 does not always return the ...)
+CVE-2006-1190
 	NOT-FOR-US: Microsoft
-CVE-2006-1189 (Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 ...)
+CVE-2006-1189
 	NOT-FOR-US: Microsoft
-CVE-2006-1188 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
+CVE-2006-1188
 	NOT-FOR-US: Microsoft
 CVE-2006-1187
 	REJECTED
-CVE-2006-1186 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
+CVE-2006-1186
 	NOT-FOR-US: Microsoft
-CVE-2006-1185 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 through ...)
+CVE-2006-1185
 	NOT-FOR-US: Microsoft
-CVE-2006-1184 (Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT ...)
+CVE-2006-1184
 	NOT-FOR-US: Microsoft
-CVE-2006-1183 (The Ubuntu 5.10 installer does not properly clear passwords from the ...)
+CVE-2006-1183
 	- base-config <not-affected> (UBuntu specific)
 	- shadow <not-affected> (UBuntu specific)
-CVE-2006-1182 (Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe ...)
+CVE-2006-1182
 	NOT-FOR-US: Adobe Graphics Server
 CVE-2006-1181
 	RESERVED
@@ -13776,21 +13776,21 @@ CVE-2006-1180
 	RESERVED
 CVE-2006-1179
 	RESERVED
-CVE-2006-1178 (Tamarack MMSd before 7.992 allows remote attackers to cause a denial ...)
+CVE-2006-1178
 	NOT-FOR-US: Tamarack MMSd
 CVE-2006-1177
 	RESERVED
-CVE-2006-1176 (Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl ...)
+CVE-2006-1176
 	NOT-FOR-US: eBay Enhanced Picture Services
-CVE-2006-1175 (The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for ...)
+CVE-2006-1175
 	NOT-FOR-US: WeOnlyDo! SFTP
-CVE-2006-1174 (useradd in shadow-utils before 4.0.3, and possibly other versions ...)
+CVE-2006-1174
 	- shadow 1:4.0.15-10 (low)
 	[sarge] - shadow <not-affected> (Vulnerable code was introduced later)
-CVE-2006-1173 (Sendmail before 8.13.7 allows remote attackers to cause a denial of ...)
+CVE-2006-1173
 	{DSA-1155}
 	- sendmail 8.13.7-1 (low; bug #373801)
-CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in ...)
+CVE-2006-1172
 	NOT-FOR-US: ActiveX control
 CVE-2006-1171
 	REJECTED
@@ -13798,476 +13798,476 @@ CVE-2006-1170
 	REJECTED
 CVE-2006-1169
 	REJECTED
-CVE-2006-1168 (The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) ...)
+CVE-2006-1168
 	{DSA-1149-1}
 	- ncompress 4.2.4-16
-CVE-2006-1167 (SGI ProPack 3 SP6 kernel displays the frame buffer contents of the ...)
+CVE-2006-1167
 	NOT-FOR-US: SGI
-CVE-2006-1165 (Cross-site scripting (XSS) vulnerability in the mediamanager module in ...)
+CVE-2006-1165
 	- dokuwiki 0.0.20060309-3 (bug #357436)
-CVE-2006-1164 (Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file ...)
+CVE-2006-1164
 	NOT-FOR-US: Nodez
-CVE-2006-1163 (Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows ...)
+CVE-2006-1163
 	NOT-FOR-US: Nodez
-CVE-2006-1162 (Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows ...)
+CVE-2006-1162
 	NOT-FOR-US: Nodez
-CVE-2006-1161 (Absolute path traversal vulnerability in Easy File Sharing (EFS) Web ...)
+CVE-2006-1161
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-1160 (Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) ...)
+CVE-2006-1160
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-1159 (Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 ...)
+CVE-2006-1159
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-1158 (Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause ...)
+CVE-2006-1158
 	NOT-FOR-US: Kerio MailServer
-CVE-2006-1157 (Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 ...)
+CVE-2006-1157
 	NOT-FOR-US: Vz Scripts ADP Forum
-CVE-2006-1156 (SQL injection vulnerability in manas tungare Site Membership Script ...)
+CVE-2006-1156
 	NOT-FOR-US: manas tungare Site Membership Script
-CVE-2006-1155 (Cross-site scripting (XSS) vulnerability in manas tungare Site ...)
+CVE-2006-1155
 	NOT-FOR-US: manas tungare Site Membership Script
-CVE-2006-1154 (PHP remote file inclusion vulnerability in archive.php in Fantastic ...)
+CVE-2006-1154
 	NOT-FOR-US: Fantastic News
-CVE-2006-1153 (SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers ...)
+CVE-2006-1153
 	NOT-FOR-US: D2-Shoutbox
-CVE-2006-1152 (PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 ...)
+CVE-2006-1152
 	NOT-FOR-US: M-Phorum
-CVE-2006-1151 (Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows ...)
+CVE-2006-1151
 	NOT-FOR-US: M-Phorum
-CVE-2006-1150 (Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, ...)
+CVE-2006-1150
 	- teg 0.11.1-3 (bug #357645; low)
 	[sarge] - teg <no-dsa> (Only DoS against exotic, mostly single player game)
-CVE-2006-1149 (PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL ...)
+CVE-2006-1149
 	NOT-FOR-US: OWL Intranet Engine
-CVE-2006-1148 (Multiple stack-based buffer overflows in the procConnectArgs function ...)
+CVE-2006-1148
 	- peercast 0.1217.toots.20060314-1
-CVE-2006-1147 (The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold ...)
+CVE-2006-1147
 	NOT-FOR-US: Alien Arena Gold
-CVE-2006-1146 (Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in ...)
+CVE-2006-1146
 	NOT-FOR-US: Alien Arena Gold
-CVE-2006-1145 (Format string vulnerability in the safe_cprintf function in ...)
+CVE-2006-1145
 	NOT-FOR-US: Alien Arena Gold
-CVE-2006-1144 (Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows ...)
+CVE-2006-1144
 	NOT-FOR-US: Hit Host
-CVE-2006-1143 (Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 ...)
+CVE-2006-1143
 	NOT-FOR-US: FTPoed Blog Engine
-CVE-2006-1142 (Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows ...)
+CVE-2006-1142
 	NOT-FOR-US: Ravenous Web Server
-CVE-2006-1141 (Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows ...)
+CVE-2006-1141
 	- qmailadmin <removed> (bug #357896; medium)
-CVE-2006-1140 (SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote ...)
+CVE-2006-1140
 	NOT-FOR-US: RedBLoG
-CVE-2006-1139 (Unspecified vulnerability in the ESS/ Network Controller in Xerox ...)
+CVE-2006-1139
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1138 (Unspecified vulnerability in the web server code in Xerox CopyCentre ...)
+CVE-2006-1138
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1137 (Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox ...)
+CVE-2006-1137
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1136 (Buffer overflow in the PostScript file interpreter code for Xerox ...)
+CVE-2006-1136
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1135 (Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 ...)
+CVE-2006-1135
 	NOT-FOR-US: sBlog
-CVE-2006-1134 (SQL injection vulnerability in CyBoards PHP Lite 1.25, when ...)
+CVE-2006-1134
 	NOT-FOR-US: CyBoards
-CVE-2006-1133 (Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 ...)
+CVE-2006-1133
 	NOT-FOR-US: vbzoom
-CVE-2006-1132 (SQL injection vulnerability in show.php in vbzoom 1.11 allow remote ...)
+CVE-2006-1132
 	NOT-FOR-US: vbzoom
-CVE-2006-1131 (Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS ...)
+CVE-2006-1131
 	NOT-FOR-US: bitweaver
-CVE-2006-1130 (Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows ...)
+CVE-2006-1130
 	NOT-FOR-US: EKINboard
-CVE-2006-1129 (SQL injection vulnerability in config.php in EKINboard 1.0.3 allows ...)
+CVE-2006-1129
 	NOT-FOR-US: EKINboard
-CVE-2006-1166 (Monotone 0.25 and earlier, when a user creates a file in a directory ...)
+CVE-2006-1166
 	- monotone 0.26pre1-0.1 (low)
 	[sarge] - monotone <no-dsa> (Only exploitable in very far-fetched situation)
 	NOTE: Needs a case-insensitive file system (e.g. VFAT or Samba) on the client
 	NOTE: and massive social engineering
-CVE-2006-1128 (Directory traversal vulnerability in the session handling class ...)
+CVE-2006-1128
 	- gallery2 2.0.3
-CVE-2006-1127 (Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 ...)
+CVE-2006-1127
 	- gallery2 2.0.3
-CVE-2006-1126 (Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP ...)
+CVE-2006-1126
 	- gallery2 2.0.3
-CVE-2006-1125 (Grisoft AVG Free 7.1, and other versions including 7.0.308, sets ...)
+CVE-2006-1125
 	NOT-FOR-US: Grisoft AVG
-CVE-2006-1124 (Buffer overflow in RevilloC MailServer and Proxy 1.21 allows remote ...)
+CVE-2006-1124
 	NOT-FOR-US: RevilloC MailServer and Proxy
-CVE-2006-1123 (SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote ...)
+CVE-2006-1123
 	NOT-FOR-US: D2KBlog
-CVE-2006-1122 (Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog ...)
+CVE-2006-1122
 	NOT-FOR-US: D2KBlog
-CVE-2006-1121 (Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows ...)
+CVE-2006-1121
 	NOT-FOR-US: CuteNews
-CVE-2006-1120 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal ...)
+CVE-2006-1120
 	NOT-FOR-US: DCP-Portal
-CVE-2006-1119 (fantastico in Cpanel does not properly handle when it has insufficient ...)
+CVE-2006-1119
 	NOT-FOR-US: Cpanel (PHP)
-CVE-2006-1118 (SQL injection vulnerability in bmail before Aardvark PR9.1 allows ...)
+CVE-2006-1118
 	NOT-FOR-US: Aardvark
-CVE-2006-1117 (nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) ...)
+CVE-2006-1117
 	NOT-FOR-US: nCipher
-CVE-2006-1116 (The CBC-MAC integrity functions in the nCipher nCore API before 2.18 ...)
+CVE-2006-1116
 	NOT-FOR-US: nCipher
-CVE-2006-1115 (nCipher HSM before 2.22.6, when generating a Diffie-Hellman ...)
+CVE-2006-1115
 	NOT-FOR-US: nCipher
-CVE-2006-1114 (Multiple directory traversal vulnerabilities in Loudblog before 0.42 ...)
+CVE-2006-1114
 	NOT-FOR-US: Loudblog
-CVE-2006-1113 (SQL injection vulnerability in podcast.php in Loudblog before 0.42 ...)
+CVE-2006-1113
 	NOT-FOR-US: Loudblog
-CVE-2006-1112 (Aztek Forum 4.0 allows remote attackers to obtain sensitive ...)
+CVE-2006-1112
 	NOT-FOR-US: Aztek Forum
-CVE-2006-1111 (Aztek Forum 4.0 allows remote attackers to obtain sensitive ...)
+CVE-2006-1111
 	NOT-FOR-US: Aztek Forum
-CVE-2006-1110 (Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows ...)
+CVE-2006-1110
 	NOT-FOR-US: Aztek Forum
-CVE-2006-1109 (SQL injection vulnerability in index.asp in Total Ecommerce 1.0 allows ...)
+CVE-2006-1109
 	NOT-FOR-US: Total Ecommerce
-CVE-2006-1108 (SQL injection vulnerability in news.php in NMDeluxe before 1.0.1 ...)
+CVE-2006-1108
 	NOT-FOR-US: NMDeluxe
-CVE-2006-1107 (Cross-site scripting (XSS) vulnerability in news.php in NMDeluxe ...)
+CVE-2006-1107
 	NOT-FOR-US: NMDeluxe
-CVE-2006-1106 (Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and ...)
+CVE-2006-1106
 	NOT-FOR-US: Pixelpost
-CVE-2006-1105 (Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain ...)
+CVE-2006-1105
 	NOT-FOR-US: Pixelpost
-CVE-2006-1104 (Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and ...)
+CVE-2006-1104
 	NOT-FOR-US: Pixelpost
-CVE-2006-1103 (engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube ...)
+CVE-2006-1103
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1102 (Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote ...)
+CVE-2006-1102
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1101 (The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as ...)
+CVE-2006-1101
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1100 (Buffer overflow in the sgetstr function in shared/cube.h in ...)
+CVE-2006-1100
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1099 (PHP remote file include vulnerability in logIT 1.3 and 1.4 allows ...)
+CVE-2006-1099
 	NOT-FOR-US: logIT
-CVE-2006-1098 (** DISPUTED ** Multiple SQL injection vulnerabilities in NZ Ecommerce ...)
+CVE-2006-1098
 	NOT-FOR-US: NZ Ecommerce
-CVE-2006-1097 (Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD ...)
+CVE-2006-1097
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-1096 (** DISPUTED ** ...)
+CVE-2006-1096
 	NOT-FOR-US: NZ Ecommerce
-CVE-2006-1095 (Directory traversal vulnerability in the FileSession object in ...)
+CVE-2006-1095
 	NOTE: only version 3.2.7 is vulnerable, 3.2.8 is out
 	NOTE: currently 3.1.3 is in Debian; very unlikely that 3.2.7 will be packaged
-CVE-2006-1094 (SQL injection vulnerability in Datenbank MOD 2.7 and earlier for ...)
+CVE-2006-1094
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-1093 (Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 ...)
+CVE-2006-1093
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-1092 (Unspecified vulnerability in the pagedata subsystem of the process ...)
+CVE-2006-1092
 	NOT-FOR-US: Solaris
-CVE-2006-1091 (Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a ...)
+CVE-2006-1091
 	NOT-FOR-US: Kaspersky Antivirus
-CVE-2006-1090 (register.php in PunBB 1.2.10 allows remote attackers to cause an ...)
+CVE-2006-1090
 	NOT-FOR-US: PunBB
-CVE-2006-1089 (Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 ...)
+CVE-2006-1089
 	NOT-FOR-US: PunBB
-CVE-2006-1088 (PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain ...)
+CVE-2006-1088
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1087 (Direct static code injection vulnerability in the modify_config action ...)
+CVE-2006-1087
 	NOT-FOR-US: PHP-Stats
 CVE-2006-1086
 	REJECTED
-CVE-2006-1085 (admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to ...)
+CVE-2006-1085
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1084 (Multiple SQL injection vulnerabilities in PHP-Stats 0.1.9.1 and ...)
+CVE-2006-1084
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1083 (Multiple directory traversal vulnerabilities in PHP-Stats 0.1.9.1 and ...)
+CVE-2006-1083
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1082 (Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript ...)
+CVE-2006-1082
 	NOT-FOR-US: phpArcadeScript
-CVE-2006-1081 (SQL injection vulnerability in forgotten_password.php in Jonathan ...)
+CVE-2006-1081
 	NOT-FOR-US: PluggedOut Nexus
-CVE-2006-1080 (Cross-site scripting (XSS) vulnerability in login.php in Game-Panel ...)
+CVE-2006-1080
 	NOT-FOR-US: Game-Panel
-CVE-2006-1079 (htpasswd, as used in Acme thttpd 2.25b and possibly other products ...)
+CVE-2006-1079
 	- thttpd 2.23beta1-2.4 (bug #253816; low)
 	NOTE: apache's htpasswd not vulnerable, but source contains note about
 	NOTE: not being safe for sudo
 	NOTE: filed whishlist bug to add this to manpage
-CVE-2006-1078 (Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, ...)
+CVE-2006-1078
 	- thttpd 2.23beta1-2.4 (bug #253816; low)
 	NOTE: apache's htpasswd not vulnerable
-CVE-2006-1077 (Multiple cross-site scripting (XSS) vulnerabilities in the commentary ...)
+CVE-2006-1077
 	NOT-FOR-US: Evo-Dev evoBlog
-CVE-2006-1076 (SQL injection vulnerability in index.php, possibly during a showtopic ...)
+CVE-2006-1076
 	NOT-FOR-US: checkInvision Power Board
-CVE-2006-1075 (Format string vulnerability in the visualization function in Jason ...)
+CVE-2006-1075
 	NOT-FOR-US: Liero Xtreme
-CVE-2006-1074 (Jason Boettcher Liero Xtreme 0.62b and earlier allow remote attackers ...)
+CVE-2006-1074
 	NOT-FOR-US: Liero Xtreme
-CVE-2006-1073 (Directory traversal vulnerability in index.php in Daverave Simplog ...)
+CVE-2006-1073
 	NOT-FOR-US: Daverave Simplog
-CVE-2006-1072 (Cross-site scripting (XSS) vulnerability in Daverave Simplog 1.0.2 and ...)
+CVE-2006-1072
 	NOT-FOR-US: Daverave Simplog
-CVE-2006-1071 (Cross-site scripting (XSS) vulnerability in index.php in DVguestbook ...)
+CVE-2006-1071
 	NOT-FOR-US: DVguestbook
-CVE-2006-1070 (Cross-site scripting (XSS) vulnerability in dv_gbook.php in ...)
+CVE-2006-1070
 	NOT-FOR-US: DVguestbook
-CVE-2006-1069 (Unspecified vulnerability in the session handling for Geeklog 1.4.x ...)
+CVE-2006-1069
 	NOT-FOR-US: Geeklog
-CVE-2006-1068 (Netgear 614 and 624 routers, possibly running VXWorks, allow remote ...)
+CVE-2006-1068
 	NOT-FOR-US: VXWorks
-CVE-2006-1067 (Linksys WRT54G routers version 5 (running VXWorks) allow remote ...)
+CVE-2006-1067
 	NOT-FOR-US: VXWorks
-CVE-2006-1066 (Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems ...)
+CVE-2006-1066
 	{DSA-1017-1}
 	- linux-2.6 2.6.16-1
-CVE-2006-1065 (SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) ...)
+CVE-2006-1065
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1064 (Multiple cross-site scripting (XSS) vulnerabilities in Lurker 2.0 and ...)
+CVE-2006-1064
 	{DSA-999-1}
 	- lurker 2.1-1
-CVE-2006-1063 (Unspecified vulnerability in Lurker 2.0 and earlier allows remote ...)
+CVE-2006-1063
 	{DSA-999-1}
 	- lurker 2.1-1
-CVE-2006-1062 (Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier ...)
+CVE-2006-1062
 	{DSA-999-1}
 	- lurker 2.1-1
-CVE-2006-1061 (Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 ...)
+CVE-2006-1061
 	- curl 7.15.3-1
 	[woody] - curl <not-affected> (Vulnerable code not present)
 	[sarge] - curl <not-affected> (Vulnerable code not present)
-CVE-2006-1060 (Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might ...)
+CVE-2006-1060
 	{DSA-1038-1 DSA-1037-1}
 	- xzgv 0.8-5.1 (bug #362288; medium)
 	- zgv 5.9-2
-CVE-2006-1059 (The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine ...)
+CVE-2006-1059
 	- samba 3.0.22-1
 	[woody] - samba <not-affected>
 	[sarge] - samba <not-affected>
-CVE-2006-1058 (BusyBox 1.1.1 does not use a salt when generating passwords, which ...)
+CVE-2006-1058
 	- busybox 1:1.1.3-1 (low; bug #360578)
 	[woody] - busybox <not-affected>
 	[sarge] - busybox <not-affected>
-CVE-2006-1057 (Race condition in daemon/slave.c in gdm before 2.14.1 allows local ...)
+CVE-2006-1057
 	{DSA-1040-1}
 	- gdm 2.14.4-1
-CVE-2006-1056 (The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running ...)
+CVE-2006-1056
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-9
 	- kfreebsd-5 5.4-17
 	- xen-3.0 3.0.2+hg9656-1
-CVE-2006-1055 (The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 ...)
+CVE-2006-1055
 	- linux-2.6 2.6.16-6
 CVE-2006-1054
 	REJECTED
 CVE-2006-1053
 	RESERVED
-CVE-2006-1052 (The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows ...)
+CVE-2006-1052
 	{DSA-1184-2}
 	- linux-2.6 2.6.15+2.6.16-rc5-0experimental.1 (low)
-CVE-2006-1051 (SQL injection vulnerability in Akarru Social BookMarking Engine before ...)
+CVE-2006-1051
 	NOT-FOR-US: Akurru Social BookMarking Engine
-CVE-2006-1050 (** DISPUTED ** ...)
+CVE-2006-1050
 	NOT-FOR-US: Kwik-Pay Payroll
-CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little ...)
+CVE-2006-1319
 	- runit 1.4.1-1 (bug #356016; medium)
 	[sarge] - runit <not-affected>
-CVE-2006-1049 (Multiple SQL injection vulnerabilities in the Admin functionality in ...)
+CVE-2006-1049
 	NOT-FOR-US: Joomla!
-CVE-2006-1048 (Joomla! 1.0.7 and earlier allows attackers to bypass intended access ...)
+CVE-2006-1048
 	NOT-FOR-US: Joomla!
-CVE-2006-1047 (Unspecified vulnerability in the &quot;Remember Me login functionality&quot; in ...)
+CVE-2006-1047
 	NOT-FOR-US: Joomla!
-CVE-2006-1046 (server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial ...)
+CVE-2006-1046
 	- monopd 0.9.3-2 (bug #355797; low)
 	[sarge] - monopd <no-dsa> (Very minor security ramifications)
-CVE-2006-1045 (The HTML rendering engine in Mozilla Thunderbird 1.5, when &quot;Block ...)
+CVE-2006-1045
 	{DSA-1051-1 DSA-1046-1}
 	- thunderbird 1.5.0.2-1
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- firefox 1.5.dfsg+1.5.0.2-1
 	- xulrunner 1.8.0.1-9
-CVE-2006-1044 (Multiple buffer overflows in LISTSERV 14.3 and 14.4, including ...)
+CVE-2006-1044
 	NOT-FOR-US: LISTSERV
-CVE-2006-1043 (Stack-based buffer overflow in Microsoft Visual Studio 6.0 and ...)
+CVE-2006-1043
 	NOT-FOR-US: Microsoft
-CVE-2006-1042 (Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote ...)
+CVE-2006-1042
 	NOT-FOR-US: Gregarius
-CVE-2006-1041 (Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 ...)
+CVE-2006-1041
 	NOT-FOR-US: Gregarius
-CVE-2006-1040 (Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 ...)
+CVE-2006-1040
 	NOT-FOR-US: vBulletin
-CVE-2006-1039 (SAP Web Application Server (WebAS) Kernel before 7.0 allows remote ...)
+CVE-2006-1039
 	NOT-FOR-US: SAP
-CVE-2006-1038 (Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and ...)
+CVE-2006-1038
 	NOT-FOR-US: SecureCRT
-CVE-2006-1037 (SQL injection vulnerability in the Oracle Diagnostics module 2.2 and ...)
+CVE-2006-1037
 	NOT-FOR-US: Oracle
-CVE-2006-1036 (Multiple unspecified vulnerabilities in the Oracle Diagnostics module ...)
+CVE-2006-1036
 	NOT-FOR-US: Oracle
-CVE-2006-1035 (Unspecified vulnerability in the Oracle Diagnostics module 2.2 and ...)
+CVE-2006-1035
 	NOT-FOR-US: Oracle
-CVE-2006-1034 (Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning ...)
+CVE-2006-1034
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-1033 (Multiple cross-site scripting (XSS) vulnerabilities in Dragonfly CMS ...)
+CVE-2006-1033
 	NOT-FOR-US: Dragonfly CMS
-CVE-2006-1032 (Eval injection vulnerability in the decode function in rpc_decoder.php ...)
+CVE-2006-1032
 	NOT-FOR-US: phpRPC
-CVE-2006-1031 (config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote ...)
+CVE-2006-1031
 	NOT-FOR-US: iGENUS Webmail
-CVE-2006-1030 (Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 ...)
+CVE-2006-1030
 	NOT-FOR-US: Joomla!
-CVE-2006-1029 (The cross-site scripting (XSS) countermeasures in ...)
+CVE-2006-1029
 	NOT-FOR-US: Joomla!
-CVE-2006-1028 (feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 ...)
+CVE-2006-1028
 	NOT-FOR-US: Joomla!
-CVE-2006-1027 (feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 ...)
+CVE-2006-1027
 	NOT-FOR-US: Joomla!
-CVE-2006-1026 (JFacets before 0.2 allows remote attackers to gain privileges as any ...)
+CVE-2006-1026
 	NOT-FOR-US: JFacets
-CVE-2006-1025 (Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft ...)
+CVE-2006-1025
 	NOT-FOR-US: Addsoft StoreBot
-CVE-2006-1024 (SQL injection vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 ...)
+CVE-2006-1024
 	NOT-FOR-US: Addsoft StoreBot
-CVE-2006-1023 (Directory traversal vulnerability in HP System Management Homepage ...)
+CVE-2006-1023
 	NOT-FOR-US: HP System Management
-CVE-2006-1022 (PHP remote file include vulnerability in sol_menu.php in PeHePe Uyelik ...)
+CVE-2006-1022
 	NOT-FOR-US: PeHePe Uyelik Sistemi
-CVE-2006-1021 (Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe ...)
+CVE-2006-1021
 	NOT-FOR-US: PeHePe Uyelik Sistemi
-CVE-2006-1020 (SQL injection vulnerability in forumlib.php in Johnny_Vegas Vegas ...)
+CVE-2006-1020
 	NOT-FOR-US: Johnny_Vegas Vegas Forum
-CVE-2006-1019 (Cross-site scripting (XSS) vulnerability in fce.php in UKiBoard 3.0.1 ...)
+CVE-2006-1019
 	NOT-FOR-US: UkiBoard
-CVE-2006-1018 (SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 ...)
+CVE-2006-1018
 	NOT-FOR-US: DCI-Design Dawaween
-CVE-2006-1017 (The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x ...)
+CVE-2006-1017
 	NOT-FOR-US: c-client
-CVE-2006-1016 (Buffer overflow in the IsComponentInstalled method in Internet ...)
+CVE-2006-1016
 	NOT-FOR-US: Windows
-CVE-2006-1015 (Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x ...)
+CVE-2006-1015
 	- php5 5.1.4-0.1 (bug #368595; unimportant)
 	- php4 <removed> (bug #368592; unimportant)
 	NOTE: It's the application's job to sanitize input passed to a function
-CVE-2006-1014 (Argument injection vulnerability in certain PHP 4.x and 5.x ...)
+CVE-2006-1014
 	- php5 5.1.4-0.1 (bug #368595; unimportant)
 	- php4 <removed> (bug #368592; unimportant)
 	NOTE: It's the application's job to sanitize input passed to a function
-CVE-2006-1013 (PHP remote file include vulnerability in index.php in SMartBlog (aka ...)
+CVE-2006-1013
 	NOT-FOR-US: SMartBlog
-CVE-2006-1012 (SQL injection vulnerability in WordPress 1.5.2, and possibly other ...)
+CVE-2006-1012
 	- wordpress 2.0.1-1
-CVE-2006-1011 (LetterMerger 1.2 stores user information in Access database files with ...)
+CVE-2006-1011
 	NOT-FOR-US: LetterMerger
-CVE-2006-1010 (Buffer overflow in socket/request.c in CrossFire before 1.9.0, when ...)
+CVE-2006-1010
 	{DSA-1001-1}
 	- crossfire 1.9.0-1
-CVE-2006-1009 (M4 Project enigma-suite before 0.73.3 (Windows) has a default password ...)
+CVE-2006-1009
 	NOT-FOR-US: M4 Project enigma-suite
-CVE-2006-1008 (Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and ...)
+CVE-2006-1008
 	NOT-FOR-US: N8cms
-CVE-2006-1007 (Multiple SQL injection vulnerabilities in N8cms 1.1 and 1.2 allow ...)
+CVE-2006-1007
 	NOT-FOR-US: N8cms
-CVE-2006-1006 (Multiple SQL injection vulnerabilities in sendcard.php in sendcard ...)
+CVE-2006-1006
 	NOT-FOR-US: sendcard
-CVE-2006-1005 (agencyprofile.asp in Parodia 6.2 and earlier might allow remote ...)
+CVE-2006-1005
 	NOT-FOR-US: Parodia
-CVE-2006-1004 (Cross-site scripting (XSS) vulnerability in agencyprofile.asp in ...)
+CVE-2006-1004
 	NOT-FOR-US: Parodia
-CVE-2006-1003 (The backup configuration option in NETGEAR WGT624 Wireless Firewall ...)
+CVE-2006-1003
 	NOT-FOR-US: NETGEAR hardware issue
-CVE-2006-1002 (NETGEAR WGT624 Wireless DSL router has a default account of ...)
+CVE-2006-1002
 	NOT-FOR-US: NETGEAR hardware issue
-CVE-2006-1001 (SQL injection vulnerability in the board module in LanSuite LanParty ...)
+CVE-2006-1001
 	NOT-FOR-US: LanSuite LanParty Intranet System
-CVE-2006-1000 (Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 ...)
+CVE-2006-1000
 	NOT-FOR-US: Pentacle In-Out Board
-CVE-2006-0999 (The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and ...)
+CVE-2006-0999
 	NOT-FOR-US: Novell
-CVE-2006-0998 (The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and ...)
+CVE-2006-0998
 	NOT-FOR-US: Novell
-CVE-2006-0997 (The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and ...)
+CVE-2006-0997
 	NOT-FOR-US: Novell
-CVE-2006-0996 (Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP ...)
+CVE-2006-0996
 	- php4 4:4.4.4-1 (bug #361853; unimportant)
 	- php5 5.1.4-0.1 (bug #361914; unimportant)
 	NOTE: Non-issue, explicit debug feature
-CVE-2006-0995 (EMC Dantz Retrospect 7 backup client 7.0.107, and other versions ...)
+CVE-2006-0995
 	NOT-FOR-US: EMC Dantz Retrospect
-CVE-2006-0994 (Multiple Sophos Anti-Virus products, including Anti-Virus for Windows ...)
+CVE-2006-0994
 	NOT-FOR-US: Sophos
-CVE-2006-0993 (The web management interface in 3Com TippingPoint SMS Server before ...)
+CVE-2006-0993
 	NOT-FOR-US: 3Com
-CVE-2006-0992 (Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 ...)
+CVE-2006-0992
 	NOT-FOR-US: Novell GroupWise
-CVE-2006-0991 (Buffer overflow in the NetBackup Sharepoint Services server daemon ...)
+CVE-2006-0991
 	NOT-FOR-US: Veritas NetBackup
-CVE-2006-0990 (Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in ...)
+CVE-2006-0990
 	NOT-FOR-US: Veritas NetBackup
-CVE-2006-0989 (Stack-based buffer overflow in the volume manager daemon (vmd) in ...)
+CVE-2006-0989
 	NOT-FOR-US: Veritas NetBackup
-CVE-2006-0988 (The default configuration of the DNS Server service on Windows Server ...)
+CVE-2006-0988
 	NOT-FOR-US: MS Windows issue
-CVE-2006-0987 (The default configuration of ISC BIND before 9.4.1-P1, when configured ...)
+CVE-2006-0987
 	- bind <unfixed> (bug #355787; unimportant)
 	- bind9 1:9.4.0-1 (bug #356266; unimportant)
 	NOTE: This is within the responsibilities of a local admin, especially when
 	NOTE: operating a DNS server, affected sites can configure AllowRecursion
-CVE-2006-0986 (WordPress 2.0.1 and earlier allows remote attackers to obtain ...)
+CVE-2006-0986
 	- wordpress 2.0.2-1 (bug #355055; unimportant)
-CVE-2006-0985 (Multiple cross-site scripting (XSS) vulnerabilities in the &quot;post ...)
+CVE-2006-0985
 	- wordpress 2.0.2-1 (bug #355055; medium)
-CVE-2006-0984 (Cross-site scripting (XSS) vulnerability in inc_header.php in EJ3 TOPo ...)
+CVE-2006-0984
 	NOT-FOR-US: EJ3 TOPo not in debian
-CVE-2006-0983 (Cross-site scripting (XSS) vulnerability in index.php in QwikiWiki 1.4 ...)
+CVE-2006-0983
 	NOT-FOR-US: QWikiWiki not in debian
-CVE-2006-0982 (The on-access scanner for McAfee Virex 7.7 for Macintosh, in some ...)
+CVE-2006-0982
 	NOT-FOR-US: McAfee Virex 7.7 for Macintosh
-CVE-2006-0981 (Directory traversal vulnerability in e-merge WinAce 2.6 and earlier ...)
+CVE-2006-0981
 	NOT-FOR-US: WinAce
-CVE-2006-0980 (Multiple cross-site scripting (XSS) vulnerabilities in Jay Eckles CGI ...)
+CVE-2006-0980
 	NOT-FOR-US: Jay Eckles CGI Calendar
-CVE-2006-0979 (Unspecified vulnerability in the local weblog publisher in Nidelven IT ...)
+CVE-2006-0979
 	NOT-FOR-US: Nidelven IT Issue Dealer
-CVE-2006-0978 (Multiple cross-site scripting (XSS) vulnerabilities in the View ...)
+CVE-2006-0978
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2006-0977 (Craig Morrison Mail Transport System Professional (aka MTS Pro) acts ...)
+CVE-2006-0977
 	NOT-FOR-US: MTS Pro
-CVE-2006-0976 (Directory traversal vulnerability in scan_lang_insert.php in Boris ...)
+CVE-2006-0976
 	NOT-FOR-US: SPiD
 CVE-2006-0975
 	REJECTED
-CVE-2006-0974 (Cross-site scripting (XSS) vulnerability in failure.asp in Battleaxe ...)
+CVE-2006-0974
 	NOT-FOR-US: bttlxeForum 2.0
-CVE-2006-0973 (SQL injection vulnerability in topics.php in Appalachian State ...)
+CVE-2006-0973
 	NOT-FOR-US: phpWebSite
-CVE-2006-0972 (SQL injection vulnerability in news.php in Tony Baird Fantastic News ...)
+CVE-2006-0972
 	NOT-FOR-US: Tony Baird Fantastic News
-CVE-2006-0971 (Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b ...)
+CVE-2006-0971
 	NOT-FOR-US: DirectContact
-CVE-2006-0970 (PHP remote file inclusion vulnerability in index.php in one or more ...)
+CVE-2006-0970
 	NOT-FOR-US: ActiveCampaign products
-CVE-2006-0969 (PHP remote file inclusion vulnerability in index.php in Top sites de ...)
+CVE-2006-0969
 	NOT-FOR-US: PixelArtKingdom TopSites
-CVE-2006-0968 (The ncprwsnt service in NCP Network Communication Secure Client 8.11 ...)
+CVE-2006-0968
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0967 (NCP Network Communication Secure Client 8.11 Build 146, and possibly ...)
+CVE-2006-0967
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0966 (NCP Network Communication Secure Client 8.11 Build 146, and possibly ...)
+CVE-2006-0966
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0965 (NCP Network Communication Secure Client 8.11 Build 146, and possibly ...)
+CVE-2006-0965
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0964 (Client Firewall in NCP Network Communication Secure Client 8.11 Build ...)
+CVE-2006-0964
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0963 (Multiple buffer overflows in STLport 5.0.2 might allow local users to ...)
+CVE-2006-0963
 	- stlport5 5.0.2-1 (bug #358471; medium)
-CVE-2006-0962 (SQL injection vulnerability in vuBB 0.2 allows remote attackers to ...)
+CVE-2006-0962
 	NOT-FOR-US: VuBB
-CVE-2006-0961 (SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows ...)
+CVE-2006-0961
 	NOT-FOR-US: Cilem Hiber
-CVE-2006-0960 (uConfig agent in Compex NetPassage WPE54G router allows remote ...)
+CVE-2006-0960
 	NOT-FOR-US: Compex NetPassage WPE54G router
-CVE-2006-0959 (SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) ...)
+CVE-2006-0959
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0958 (Cross-site scripting (XSS) vulnerability in func.inc.php in ZoneO-Soft ...)
+CVE-2006-0958
 	NOT-FOR-US: ZoneO-Soft freeForum
-CVE-2006-0957 (Direct static code injection vulnerability in func.inc.php in ...)
+CVE-2006-0957
 	NOT-FOR-US: ZoneO-Soft freeForum
-CVE-2006-0956 (nuauth in NuFW before 1.0.21 does not properly handle blocking TLS ...)
+CVE-2006-0956
 	- nufw 1.0.23-1 (bug #358475; low)
 CVE-2006-0955
 	RESERVED
@@ -14277,332 +14277,332 @@ CVE-2006-0953
 	RESERVED
 CVE-2006-0952
 	RESERVED
-CVE-2006-0951 (The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the ...)
+CVE-2006-0951
 	NOT-FOR-US: NOD32
-CVE-2006-0950 (unalz 0.53 allows user-assisted attackers to overwrite arbitrary ...)
+CVE-2006-0950
 	- unalz 0.55-1 (bug #356832; low)
 	[sarge] - unalz <no-dsa> (Minor issue)
-CVE-2006-0949 (RaidenHTTPD 1.1.47 allows remote attackers to obtain source code of ...)
+CVE-2006-0949
 	NOT-FOR-US: RaidenHTTPD
-CVE-2006-0948 (AOL 9.0 Security Edition revision 4184.2340, and probably other ...)
+CVE-2006-0948
 	NOT-FOR-US: AOL
-CVE-2006-0947 (Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote ...)
+CVE-2006-0947
 	NOT-FOR-US: Thomson modem firmware
-CVE-2006-0946 (Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems ...)
+CVE-2006-0946
 	NOT-FOR-US: Thomson modem firmware
-CVE-2006-0945 (PHP remote file include vulnerability in admin/index.php in Archangel ...)
+CVE-2006-0945
 	NOT-FOR-US: Archangel Weblog
-CVE-2006-0944 (Archangel Weblog 0.90.02 allows remote attackers to bypass ...)
+CVE-2006-0944
 	NOT-FOR-US: Archangel Weblog
-CVE-2006-0943 (SQL injection vulnerability in the sondages module in index.php in ...)
+CVE-2006-0943
 	NOT-FOR-US: PwsPHP
-CVE-2006-0942 (SQL injection vulnerability in profil.php in PwsPHP 1.2.3, and ...)
+CVE-2006-0942
 	NOT-FOR-US: PwsPHP
-CVE-2006-0941 (Multiple cross-site scripting (XSS) vulnerabilities in post.php in ...)
+CVE-2006-0941
 	NOT-FOR-US: ShoutLIVE
-CVE-2006-0940 (Multiple direct static code injection vulnerabilities in ...)
+CVE-2006-0940
 	NOT-FOR-US: ShoutLIVE
-CVE-2006-0939 (SQL injection vulnerability in DCI-Taskeen 1.03 allows remote ...)
+CVE-2006-0939
 	NOT-FOR-US: DCI-Taskeen
-CVE-2006-0938 (Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and ...)
+CVE-2006-0938
 	- ezpublish <removed>
-CVE-2006-1320 (util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a ...)
+CVE-2006-1320
 	{DSA-1109}
 	- rssh 2.3.0-1.1 (bug #346322; bug #363978; low)
-CVE-2006-1321 (Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 ...)
+CVE-2006-1321
 	- webcheck 1.9.6
-CVE-2006-0937 (U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive ...)
+CVE-2006-0937
 	NOT-FOR-US: U.N.U. Mailgust
-CVE-2006-0936 (Free Host Shop Website Generator 3.3 allows remote authenticated users ...)
+CVE-2006-0936
 	NOT-FOR-US: Free Host Shop Website Generator
-CVE-2006-0935 (Microsoft Word 2003 allows remote attackers to cause a denial of ...)
+CVE-2006-0935
 	NOT-FOR-US: Microsoft
-CVE-2006-0934 (Cross-site scripting (XSS) vulnerability in webinsta Limbo 1.0.4.2 ...)
+CVE-2006-0934
 	NOT-FOR-US: webinsta Limbo
-CVE-2006-0933 (Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote ...)
+CVE-2006-0933
 	NOT-FOR-US: PHPX
-CVE-2006-0932 (Directory traversal vulnerability in zip.lib.php 0.1.1 in ...)
+CVE-2006-0932
 	NOT-FOR-US: zip.lib.php
-CVE-2006-0931 (Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other ...)
+CVE-2006-0931
 	- php5 <removed> (bug #368545; unimportant)
 	- php4 <removed> (bug #368545; unimportant)
 	NOTE: is this really a vulnerability in pear?  it seems it should be a bug
 	NOTE: in any application not checking for such archives.
 	NOTE: Lack of a security feature is not a vulnerability
-CVE-2006-0930 (Directory traversal vulnerability in Webmail in ArGoSoft Mail Server ...)
+CVE-2006-0930
 	NOT-FOR-US: ArgoSoft Mail Server
-CVE-2006-0929 (Directory traversal vulnerability in the IMAP server in ArGoSoft Mail ...)
+CVE-2006-0929
 	NOT-FOR-US: ArgoSoft Mail Server
-CVE-2006-0928 (The POP3 Server in ArGoSoft Mail Server Pro 1.8 allows remote ...)
+CVE-2006-0928
 	NOT-FOR-US: ArgoSoft Mail Server
-CVE-2006-0927 (Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA ...)
+CVE-2006-0927
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-0926 (Multiple directory traversal vulnerabilities in Allume StuffIt ...)
+CVE-2006-0926
 	NOT-FOR-US: StuffIt
-CVE-2006-0925 (Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon ...)
+CVE-2006-0925
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2006-0924 (Cross-site scripting (XSS) vulnerability in Brown Bear iCal 3.10 ...)
+CVE-2006-0924
 	NOT-FOR-US: iCal
-CVE-2006-0923 (Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) ...)
+CVE-2006-0923
 	NOT-FOR-US: MyPHPNuke
-CVE-2006-0922 (CubeCart 3.0 through 3.6 does not properly check authorization for an ...)
+CVE-2006-0922
 	NOT-FOR-US: CubeCart
-CVE-2006-0921 (Multiple directory traversal vulnerabilities in connector.php in ...)
+CVE-2006-0921
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2006-0920 (Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP ...)
+CVE-2006-0920
 	NOT-FOR-US: Oi! Email Marketing System
-CVE-2006-0919 (SQL injection vulnerability in index.php (aka the login page) in Oi! ...)
+CVE-2006-0919
 	NOT-FOR-US: Oi! Email Marketing System
-CVE-2006-0918 (Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to ...)
+CVE-2006-0918
 	NOT-FOR-US: The Bat!
-CVE-2006-0917 (Melange Chat Server (aka M-Chat), when accessed via a web browser, ...)
+CVE-2006-0917
 	NOT-FOR-US: Melange Chat Server
-CVE-2006-0916 (Bugzilla 2.19.3 through 2.20 does not properly handle &quot;//&quot; sequences ...)
+CVE-2006-0916
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0915 (Bugzilla 2.16.10 does not properly handle certain characters in the ...)
+CVE-2006-0915
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0914 (Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly ...)
+CVE-2006-0914
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0913 (SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through ...)
+CVE-2006-0913
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0912 (Oreka before 0.5 allows remote attackers to cause a denial of service ...)
+CVE-2006-0912
 	NOT-FOR-US: Oreka
-CVE-2006-0911 (NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote ...)
+CVE-2006-0911
 	NOT-FOR-US: WhatsUp Professional
-CVE-2006-0910 (Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers ...)
+CVE-2006-0910
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0909 (Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers ...)
+CVE-2006-0909
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0908 (PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL ...)
+CVE-2006-0908
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0907 (SQL injection vulnerability in PHP-Nuke before 7.8 Patched 3.2 allows ...)
+CVE-2006-0907
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0906 (SQL injection vulnerability in D3Jeeb Pro 3 allows remote attackers to ...)
+CVE-2006-0906
 	NOT-FOR-US: D3Jeeb Pro
-CVE-2006-0905 (A &quot;programming error&quot; in fast_ipsec in FreeBSD 4.8-RELEASE through ...)
+CVE-2006-0905
 	- kfreebsd-5 5.4-16
 CVE-2006-0904
 	REJECTED
-CVE-2006-0903 (MySQL 5.0.18 and earlier allows local users to bypass logging ...)
+CVE-2006-0903
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.19-3 (bug #359701; bug #366162; bug #366163)
 CVE-2006-0902
 	RESERVED
-CVE-2006-0901 (Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and ...)
+CVE-2006-0901
 	NOT-FOR-US: Solaris
-CVE-2006-0900 (nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial ...)
+CVE-2006-0900
 	- kfreebsd-5 5.4-15
-CVE-2006-0899 (Directory traversal vulnerability in index.php in 4Images 1.7.1 and ...)
+CVE-2006-0899
 	NOT-FOR-US: 4Images
-CVE-2006-0898 (Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV ...)
+CVE-2006-0898
 	{DSA-996-1}
 	- libcrypt-cbc-perl 2.17-1
-CVE-2006-0897 (** DISPUTED ** ...)
+CVE-2006-0897
 	NOT-FOR-US: VCS Virtual Program Management Intranet
-CVE-2006-0896 (Cross-site scripting (XSS) vulnerability in Sources/Register.php in ...)
+CVE-2006-0896
 	NOT-FOR-US: Simple Machine Forum
-CVE-2006-0895 (NOCC Webmail 1.0 allows remote attackers to obtain the installation ...)
+CVE-2006-0895
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0894 (Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail ...)
+CVE-2006-0894
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0893 (NOCC Webmail 1.0 allows remote attackers to obtain sensitive ...)
+CVE-2006-0893
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0892 (NOCC Webmail 1.0 stores e-mail attachments in temporary files with ...)
+CVE-2006-0892
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0891 (Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow ...)
+CVE-2006-0891
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0890 (Directory traversal vulnerability in SpeedProject Squeez 5.1, as used ...)
+CVE-2006-0890
 	NOT-FOR-US: SpeedProject Squeez
-CVE-2006-0889 (Cross-site scripting (XSS) vulnerability in Calcium 3.10.1 allows ...)
+CVE-2006-0889
 	NOT-FOR-US: Calcium
-CVE-2006-0888 (index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation ...)
+CVE-2006-0888
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0887 (Eval injection vulnerability in sessions.inc in PHP Base Library ...)
+CVE-2006-0887
 	NOT-FOR-US: PHPLIB
-CVE-2006-0886 (Cross-site scripting (XSS) vulnerability in register.php in DEV web ...)
+CVE-2006-0886
 	NOT-FOR-US: DEV web management system
-CVE-2006-0885 (Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews ...)
+CVE-2006-0885
 	NOT-FOR-US: CuteNews
-CVE-2006-0884 (The WYSIWYG rendering engine (&quot;rich mail&quot; editor) in Mozilla ...)
+CVE-2006-0884
 	{DSA-1051-1 DSA-1046-1}
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- thunderbird 1.5.0.2-1
 	- firefox 1.5.dfsg+1.5.0.2-1
 	- xulrunner 1.8.0.1-9
 	- mozilla 2:1.7.13-0.1
-CVE-2006-0883 (OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not ...)
+CVE-2006-0883
 	- openssh 1:3.8.1p1-4
 	[woody] - openssh <not-affected>
-CVE-2006-0882 (Directory traversal vulnerability in include.php in Noah's Classifieds ...)
+CVE-2006-0882
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0881 (Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php ...)
+CVE-2006-0881
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0880 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2006-0880
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0879 (SQL injection vulnerability in the search tool in Noah's Classifieds ...)
+CVE-2006-0879
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0878 (Noah's Classifieds 1.3 allows remote attackers to obtain the ...)
+CVE-2006-0878
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0877 (Cross-site scripting vulnerability in Easy Forum 2.5 allows remote ...)
+CVE-2006-0877
 	NOT-FOR-US: Easy Forum
-CVE-2006-0876 (POPFile before 0.22.4 allows remote attackers to cause a denial of ...)
+CVE-2006-0876
 	{DSA-1061-1}
 	- popfile 0.22.4-1 (bug #354464; medium)
-CVE-2006-0875 (Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 ...)
+CVE-2006-0875
 	NOT-FOR-US: runCMS
-CVE-2006-0874 (Multiple unspecified vulnerabilities in Intensive Point iUser ...)
+CVE-2006-0874
 	NOT-FOR-US: Intensive Point iUser Ecommerce
-CVE-2006-0873 (Absolute path traversal vulnerability in docs/showdocs.php in ...)
+CVE-2006-0873
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-0872 (Directory traversal vulnerability in init.inc.php in Coppermine Photo ...)
+CVE-2006-0872
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-0871 (Directory traversal vulnerability in the _setTemplate function in ...)
+CVE-2006-0871
 	- mambo 4.5.3h-1 (bug #354468)
 	NOTE: only in experimental
-CVE-2006-0870 (SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 ...)
+CVE-2006-0870
 	NOT-FOR-US: Mini-Nuke CMS
-CVE-2006-0869 (Directory traversal vulnerability in the &quot;remember me&quot; feature in ...)
+CVE-2006-0869
 	NOT-FOR-US: PHP PEAR LiveUser
-CVE-2006-0868 (Multiple unspecified injection vulnerabilities in unspecified Auth ...)
+CVE-2006-0868
 	- php-auth 1.2.4-0.1 (bug #354474)
-CVE-2006-0867 (Buffer overflow in certain versions of South River (aka SRT) WebDrive, ...)
+CVE-2006-0867
 	NOT-FOR-US: WebDrive
-CVE-2006-0866 (PunBB 1.2.10 and earlier allows remote attackers to conduct brute ...)
+CVE-2006-0866
 	NOT-FOR-US: PunBB
-CVE-2006-0865 (PunBB 1.2.10 and earlier allows remote attackers to cause a denial of ...)
+CVE-2006-0865
 	NOT-FOR-US: PunBB
-CVE-2006-0864 (filescan in Global Hauri ViRobot 2.0 20050817 does not verify the ...)
+CVE-2006-0864
 	NOT-FOR-US: Global Hauri ViRobot
-CVE-2006-0863 (InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote ...)
+CVE-2006-0863
 	NOT-FOR-US: InfoVista PortalSE
-CVE-2006-0862 (Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on ...)
+CVE-2006-0862
 	NOT-FOR-US: InfoVista PortalSE
-CVE-2006-0861 (Michael Salzer Guestbox 0.6, and other versions before 0.8, allows ...)
+CVE-2006-0861
 	NOT-FOR-US: Michael Salzer Guestbox
-CVE-2006-0860 (Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer ...)
+CVE-2006-0860
 	NOT-FOR-US: Michael Salzer Guestbox
-CVE-2006-0859 (Michael Salzer Guestbox 0.6, and other versions before 0.8, allows ...)
+CVE-2006-0859
 	NOT-FOR-US: Michael Salzer Guestbox
-CVE-2006-0858 (Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the ...)
+CVE-2006-0858
 	NOT-FOR-US: StarForce Safe'n'Sec Personal
-CVE-2006-0857 (Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 ...)
+CVE-2006-0857
 	NOT-FOR-US: e107 CMS Chatbox plugin
-CVE-2006-0856 (SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21 ...)
+CVE-2006-0856
 	NOT-FOR-US: SmE GB Host
-CVE-2006-0855 (Stack-based buffer overflow in the fullpath function in misc.c for zoo ...)
+CVE-2006-0855
 	{DSA-991-1}
 	- zoo 2.10-17 (bug #354461)
-CVE-2006-0854 (PHP remote file inclusion vulnerability in common.php in Intensive ...)
+CVE-2006-0854
 	NOT-FOR-US: Intensive Point iUser Ecommerce
-CVE-2006-0853 (Buffer overflow in the IMAP service of TrueNorth Internet Anywhere ...)
+CVE-2006-0853
 	NOT-FOR-US: TrueNorth Internet Anywhere
-CVE-2006-0852 (Direct static code injection vulnerability in write.php in Admbook ...)
+CVE-2006-0852
 	NOT-FOR-US: Admbook
-CVE-2006-0851 (SQL injection vulnerability in the forum module of ilchClan 1.05g and ...)
+CVE-2006-0851
 	NOT-FOR-US: ilchClan
-CVE-2006-0850 (SQL injection vulnerability in include/includes/user/login.php in ...)
+CVE-2006-0850
 	NOT-FOR-US: ilchClan
 CVE-2006-0849
 	RESERVED
-CVE-2006-0848 (The &quot;Open 'safe' files after downloading&quot; option in Safari on Apple ...)
+CVE-2006-0848
 	NOT-FOR-US: Apple Safari
-CVE-2006-0847 (Directory traversal vulnerability in the staticfilter component in ...)
+CVE-2006-0847
 	- cherrypy2.1 2.1.1-1 (bug #353542)
 	- python-cherrypy 2.1.1-1 (bug #354479)
-CVE-2006-0846 (Multiple cross-site scripting (XSS) vulnerabilities in Leif M. ...)
+CVE-2006-0846
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0845 (Leif M. Wright's Blog 3.5 allows remote authenticated users with ...)
+CVE-2006-0845
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0844 (Leif M. Wright's Blog 3.5 does not make a password comparison when ...)
+CVE-2006-0844
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0843 (Leif M. Wright's Blog 3.5 stores the config file and other txt files ...)
+CVE-2006-0843
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows ...)
+CVE-2006-0842
 	NOT-FOR-US: Calacode @Mail
-CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 ...)
+CVE-2006-0841
 	{DSA-1133-1}
 	- mantis 0.19.4-3.1 (bug #378353)
-CVE-2006-0840 (manage_user_page.php in Mantis 1.00rc4 and earlier does not properly ...)
+CVE-2006-0840
 	{DSA-944-1}
 	- mantis 1.0
 	NOTE: This was actually fixed upstream in Mantis 1.0.0rc5,
 	NOTE: which was never uploaded.
-CVE-2006-0839 (The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly ...)
+CVE-2006-0839
 	- snort <not-affected> (frag3 is only in 2.4, currently there is 2.3.3 in sid)
-CVE-2006-0838 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext ...)
+CVE-2006-0838
 	NOT-FOR-US: Tivoli
-CVE-2006-0837 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable ...)
+CVE-2006-0837
 	NOT-FOR-US: Tivoli
-CVE-2006-0836 (Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an ...)
+CVE-2006-0836
 	NOTE: Denial of service by tricking someone into importing a manipulated LDIF file
 	NOTE: That's a bug, but calling it a security problem is very far-fetched
-CVE-2006-0835 (SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar ...)
+CVE-2006-0835
 	NOT-FOR-US: MitriDAT Web Calendar
-CVE-2006-0834 (Uniden UIP1868P VoIP Telephone and Router has a default password of ...)
+CVE-2006-0834
 	NOT-FOR-US: Uniden UIP1868P VoIP Telephone
-CVE-2006-0833 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda ...)
+CVE-2006-0833
 	NOT-FOR-US: Barracuda Directory
-CVE-2006-0832 (Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow ...)
+CVE-2006-0832
 	NOT-FOR-US: WPC.easy
-CVE-2006-0831 (PHP remote file include vulnerability in index.php in Tasarim Rehberi ...)
+CVE-2006-0831
 	NOT-FOR-US: Tasarim Rehberi
-CVE-2006-0830 (The scripting engine in Internet Explorer allows remote attackers to ...)
+CVE-2006-0830
 	NOT-FOR-US: Microsoft
-CVE-2006-0829 (Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows ...)
+CVE-2006-0829
 	NOT-FOR-US: E-Blah Platinum
-CVE-2006-0828 (Unspecified vulnerability in ESS/ Network Controller and MicroServer ...)
+CVE-2006-0828
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0827 (Cross-site scripting vulnerability in ESS/ Network Controller and ...)
+CVE-2006-0827
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0826 (Unspecified vulnerability in ESS/ Network Controller and MicroServer ...)
+CVE-2006-0826
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0825 (Multiple unspecified vulnerabilities in ESS/ Network Controller and ...)
+CVE-2006-0825
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0824 (Multiple unspecified vulnerabilities in lib-common.php in Geeklog ...)
+CVE-2006-0824
 	NOT-FOR-US: Geeklog
-CVE-2006-0823 (Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before ...)
+CVE-2006-0823
 	NOT-FOR-US: Geeklog
-CVE-2006-0822 (Unspecified vulnerability in EmuLinker Kaillera Server before 0.99.17 ...)
+CVE-2006-0822
 	NOT-FOR-US: EmuLinker Kaillera Server
-CVE-2006-0821 (SQL injection vulnerability in index.php in BXCP 0.299 allows remote ...)
+CVE-2006-0821
 	NOT-FOR-US: BXCP
-CVE-2006-0820 (Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 ...)
+CVE-2006-0820
 	NOT-FOR-US: Dwarf HTTP Server
-CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source ...)
+CVE-2006-0819
 	NOT-FOR-US: Dwarf HTTP Server
-CVE-2006-0818 (Absolute path directory traversal vulnerability in (1) MERAK Mail Server for ...)
+CVE-2006-0818
 	NOT-FOR-US: MERAK Mail Server and VisNetic MailServer
-CVE-2006-0817 (Absolute path directory traversal vulnerability in (a) MERAK Mail ...)
+CVE-2006-0817
 	NOT-FOR-US: MERAK Mail Server and VisNetic MailServer
-CVE-2006-0816 (Orion Application Server before 2.0.7, when running on Windows, allows ...)
+CVE-2006-0816
 	NOT-FOR-US: Orion Application Server
-CVE-2006-0815 (NetworkActiv Web Server 3.5.15 allows remote attackers to read script ...)
+CVE-2006-0815
 	NOT-FOR-US: NetworkActiv Web Server
-CVE-2006-0814 (response.c in Lighttpd 1.4.10 and possibly previous versions, when run ...)
+CVE-2006-0814
 	NOT-FOR-US: Lighttpd under windows
-CVE-2006-0813 (Heap-based buffer overflow in WinACE 2.60 allows user-assisted ...)
+CVE-2006-0813
 	NOT-FOR-US: WinACE
-CVE-2006-0812 (The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server ...)
+CVE-2006-0812
 	NOT-FOR-US: WinACE VisNetic AntiVirus
-CVE-2006-0811 (Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board ...)
+CVE-2006-0811
 	NOT-FOR-US: Skate Board
-CVE-2006-0810 (Unspecified vulnerability in config.php in Skate Board 0.9 allows ...)
+CVE-2006-0810
 	NOT-FOR-US: Skate Board
-CVE-2006-0809 (Multiple SQL injection vulnerabilities in Skate Board 0.9 allow remote ...)
+CVE-2006-0809
 	NOT-FOR-US: Skate Board
-CVE-2006-0808 (MUTE 0.4 allows remote attackers to cause a denial of service ...)
+CVE-2006-0808
 	NOT-FOR-US: MUTE
-CVE-2006-0807 (Stack-based buffer overflow in NJStar Chinese and Japanese Word ...)
+CVE-2006-0807
 	NOT-FOR-US: NJStar
-CVE-2006-0806 (Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as ...)
+CVE-2006-0806
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (bug #358872; medium)
 	- moodle 1.6.1+20060825-1 (bug #360396; medium)
@@ -14610,129 +14610,129 @@ CVE-2006-0806 (Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71
 	NOTE: according to maintainer, "Moodle neither uses nor plans to use
 	NOTE: ADODB_Pager, so it's not affected by #360396, but include patch for
 	NOTE: it anyway, just in case somebody decides to use it out of the blue
-CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed ...)
+CVE-2006-0805
 	NOT-FOR-US: php-Nuke
-CVE-2006-0804 (Off-by-one error in TIN 1.8.0 and earlier might allow attackers to ...)
+CVE-2006-0804
 	- tin 1:1.8.2-1
 	[sarge] - tin <not-affected> (Vulnerable code not present)
-CVE-2006-0803 (The signature verification functionality in the YaST Online Update ...)
+CVE-2006-0803
 	NOT-FOR-US: YaSt Online Update
-CVE-2006-0802 (Cross-site scripting (XSS) vulnerability in the NS-Languages module ...)
+CVE-2006-0802
 	NOT-FOR-US: PostNuke
-CVE-2006-0801 (SQL injection vulnerability in the NS-Languages module for PostNuke ...)
+CVE-2006-0801
 	NOT-FOR-US: PostNuke
-CVE-2006-0800 (Interpretation conflict in PostNuke 0.761 and earlier allows remote ...)
+CVE-2006-0800
 	NOT-FOR-US: PostNuke
-CVE-2006-0799 (Microsoft Internet Explorer allows remote attackers to spoof a ...)
+CVE-2006-0799
 	NOT-FOR-US: Microsoft
-CVE-2006-0798 (Multiple directory traversal vulnerabilities in the IMAP service in ...)
+CVE-2006-0798
 	NOT-FOR-US: Macallan Mail Solution
-CVE-2006-0797 (Nokia N70 cell phone allows remote attackers to cause a denial of ...)
+CVE-2006-0797
 	NOT-FOR-US: Nokia cell phone
-CVE-2006-0796 (Cross-site scripting (XSS) vulnerability in default.php in Clever Copy ...)
+CVE-2006-0796
 	NOT-FOR-US: Clever Copy
-CVE-2006-0795 (Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 ...)
+CVE-2006-0795
 	NOT-FOR-US: Quirex
-CVE-2006-0794 (help.php in V-webmail 1.6.2 allows remote attackers to obtain the ...)
+CVE-2006-0794
 	NOT-FOR-US: V-webmail
-CVE-2006-0793 (frameset.php in V-webmail 1.6.2 allows remote attackers to conduct ...)
+CVE-2006-0793
 	NOT-FOR-US: V-webmail
-CVE-2006-0792 (Cross-site scripting (XSS) vulnerability in preferences.personal.php ...)
+CVE-2006-0792
 	NOT-FOR-US: V-webmail
-CVE-2006-0791 (PHP remote file inclusion vulnerability in index.php in DreamCost ...)
+CVE-2006-0791
 	NOT-FOR-US: DreamCost HostAdmin
-CVE-2006-0790 (Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a ...)
+CVE-2006-0790
 	NOT-FOR-US: Rockliffe MailSite
-CVE-2006-0789 (Certain unspecified Kyocera printers have a default &quot;admin&quot; account ...)
+CVE-2006-0789
 	NOT-FOR-US: Kyocera printers
-CVE-2006-0788 (Kyocera 3830 (aka FS-3830N) printers have a back door that allows ...)
+CVE-2006-0788
 	NOT-FOR-US: Kyocera printers
-CVE-2006-0787 (wimpy_trackplays.php in Plaino Wimpy MP3 Player, possibly 5.2 and ...)
+CVE-2006-0787
 	NOT-FOR-US: Plaino Wimpy
-CVE-2006-0786 (Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 ...)
+CVE-2006-0786
 	NOT-FOR-US: PHPKIT
-CVE-2006-0785 (Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 ...)
+CVE-2006-0785
 	NOT-FOR-US: PHPKIT
-CVE-2006-0784 (D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers ...)
+CVE-2006-0784
 	NOT-FOR-US: D-Link hardware
-CVE-2006-0783 (Cross-site scripting (XSS) vulnerability in page.php in in Siteframe ...)
+CVE-2006-0783
 	NOT-FOR-US: Siteframe Beaumont
-CVE-2006-0782 (Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier ...)
+CVE-2006-0782
 	NOT-FOR-US: PerlBlog
-CVE-2006-0781 (Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and ...)
+CVE-2006-0781
 	NOT-FOR-US: PerlBlog
-CVE-2006-0780 (Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in ...)
+CVE-2006-0780
 	NOT-FOR-US: PerlBlog
-CVE-2006-0779 (Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums ...)
+CVE-2006-0779
 	NOT-FOR-US: XMB Forums
-CVE-2006-0778 (Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier ...)
+CVE-2006-0778
 	NOT-FOR-US: XMB Forums
-CVE-2006-0777 (Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 ...)
+CVE-2006-0777
 	NOT-FOR-US: Teca Scripts Guestex
-CVE-2006-0776 (Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts ...)
+CVE-2006-0776
 	NOT-FOR-US: Teca Scripts Guestex
-CVE-2006-0775 (Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 ...)
+CVE-2006-0775
 	NOT-FOR-US: BirthSys
-CVE-2006-0774 (SQL injection vulnerability in deleteSession() in DB_eSession library ...)
+CVE-2006-0774
 	NOT-FOR-US: DB_eSession
-CVE-2006-0773 (Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - ...)
+CVE-2006-0773
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2006-0772 (SQL injection vulnerability in Hitachi Business Logic - Container ...)
+CVE-2006-0772
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2006-0771 (Format string vulnerability in PunkBuster 1.180 and earlier, as used ...)
+CVE-2006-0771
 	NOT-FOR-US: PunkBuster
-CVE-2006-0770 (Cross-site scripting (XSS) vulnerability in calendar.php in ...)
+CVE-2006-0770
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0769 (Unspecified vulnerability in in.rexecd in Solaris 10 allows local ...)
+CVE-2006-0769
 	NOT-FOR-US: Solaris
-CVE-2006-0768 (Kadu 0.4.3 allows remote attackers to cause a denial of service ...)
+CVE-2006-0768
 	NOT-FOR-US: Kadu
-CVE-2006-0767 (CGIWrap before 3.10 allows remote attackers to obtain sensitive ...)
+CVE-2006-0767
 	- cgiwrap 3.9-3.1
 	[sarge] - cgiwrap <no-dsa> (Only leaks information about the existance of users on a system)
-CVE-2006-0766 (ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, ...)
+CVE-2006-0766
 	NOT-FOR-US: ICQ
-CVE-2006-0765 (GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ...)
+CVE-2006-0765
 	NOT-FOR-US: ICQ
-CVE-2006-0764 (The Authentication, Authorization, and Accounting (AAA) capability in ...)
+CVE-2006-0764
 	NOT-FOR-US: Cisco
-CVE-2006-0763 (Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in ...)
+CVE-2006-0763
 	NOT-FOR-US: cPanel (not the same as in the cpanel package)
-CVE-2006-0762 (WinAbility Folder Guard 4.11 allows local users to gain unauthorized ...)
+CVE-2006-0762
 	NOT-FOR-US: WinAbility Folder Guard
-CVE-2006-0761 (Buffer overflow in BlackBerry Attachment Service in Research in Motion ...)
+CVE-2006-0761
 	NOT-FOR-US: BlackBerry
-CVE-2006-0760 (LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive ...)
+CVE-2006-0760
 	NOT-FOR-US: LightTPD on windows
-CVE-2006-0759 (Multiple SQL injection vulnerabilities in HiveMail 1.3 and earlier ...)
+CVE-2006-0759
 	NOT-FOR-US: HiveMail
-CVE-2006-0758 (Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 ...)
+CVE-2006-0758
 	NOT-FOR-US: HiveMail
-CVE-2006-0757 (Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier ...)
+CVE-2006-0757
 	NOT-FOR-US: HiveMail
-CVE-2006-0756 (** DISPUTED ** ...)
+CVE-2006-0756
 	NOT-FOR-US: dotProject
-CVE-2006-0755 (** DISPUTED ** ...)
+CVE-2006-0755
 	NOT-FOR-US: dotProject
-CVE-2006-0754 (** DISPUTED ** ...)
+CVE-2006-0754
 	NOT-FOR-US: dotProject
-CVE-2006-0753 (Memory leak in Microsoft Internet Explorer 6 for Windows XP Service ...)
+CVE-2006-0753
 	NOT-FOR-US: Microsoft
-CVE-2006-0752 (Niels Provos Honeyd before 1.5 replies to certain illegal IP packet ...)
+CVE-2006-0752
 	- honeyd 1.5a-1 (bug #353064; low)
 	[sarge] - honeyd <no-dsa> (Too insignificant)
-CVE-2006-0751 (Multiple unspecified vulnerabilities in the (1) Filesystem in ...)
+CVE-2006-0751
 	NOT-FOR-US: Network Object Oriented File System (NOOFS)
-CVE-2006-0750 (SQL injection vulnerability in army.php in supersmashbrothers (SSB) ...)
+CVE-2006-0750
 	NOT-FOR-US: supersmashbrothers
-CVE-2006-0749 (nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before ...)
+CVE-2006-0749
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2 (low)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2 (low)
 	- mozilla 2:1.7.13-0.1 (low)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-0748 (Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before ...)
+CVE-2006-0748
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (high)
@@ -14740,238 +14740,238 @@ CVE-2006-0748 (Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x befo
 	- thunderbird 1.5.0.2-1 (high)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (high)
 	- xulrunner 1.8.0.1-9
-CVE-2006-0747 (Integer underflow in Freetype before 2.2 allows remote attackers to ...)
+CVE-2006-0747
 	{DSA-1095-1}
 	- freetype 2.2.1-1 (medium)
-CVE-2006-0746 (Certain patches for kpdf do not include all relevant patches from xpdf ...)
+CVE-2006-0746
 	{DSA-1008-1}
 	- kdegraphics 4:3.5.0-3
 	NOTE: Only affected the 3.3.2 KDE backport
-CVE-2006-0745 (X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 ...)
+CVE-2006-0745
 	- xorg-x11 6.9.0.dfsg.1-5 (bug #360388; medium)
 	- xorg-server 1:1.0.2-1 (bug #378465; medium)
 	- xfree86 <not-affected>
-CVE-2006-0744 (Linux kernel before 2.6.16.5 does not properly handle uncanonical ...)
+CVE-2006-0744
 	{DSA-1103}
 	- linux-2.6 2.6.16-7
-CVE-2006-0743 (Format string vulnerability in LocalSyslogAppender in Apache log4net ...)
+CVE-2006-0743
 	NOT-FOR-US: Log4Net
-CVE-2006-0742 (The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux ...)
+CVE-2006-0742
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.15-8
-CVE-2006-0741 (Linux kernel before 2.6.15.5, when running on Intel processors, allows ...)
+CVE-2006-0741
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.15-8
 CVE-2006-0740
 	RESERVED
-CVE-2006-0739 (eStara SIP softphone allows remote attackers to cause a denial of ...)
+CVE-2006-0739
 	NOT-FOR-US: eStara SIP softphone
-CVE-2006-0738 (Multiple format string vulnerabilities in eStara SIP softphone allow ...)
+CVE-2006-0738
 	NOT-FOR-US: eStara SIP softphone
-CVE-2006-0737 (eStara SIP softphone allows remote attackers to cause a denial of ...)
+CVE-2006-0737
 	NOT-FOR-US: eStara SIP softphone
-CVE-2006-0736 (Stack-based buffer overflow in the pam_micasa PAM authentication ...)
+CVE-2006-0736
 	NOT-FOR-US: pam_micasa / Novell
-CVE-2006-2440 (Heap-based buffer overflow in the libMagick component of ImageMagick ...)
+CVE-2006-2440
 	{DSA-1168-1}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345595)
-CVE-2006-0735 (Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom ...)
+CVE-2006-0735
 	NOT-FOR-US: My Blog
-CVE-2006-0734 (The SV_CheckForDuplicateNames function in Valve Software Half-Life ...)
+CVE-2006-0734
 	NOT-FOR-US: Half-Life
-CVE-2006-0733 (** DISPUTED ** Cross-site scripting (XSS) vulnerability in WordPress ...)
+CVE-2006-0733
 	- wordpress <unfixed> (unimportant)
-CVE-2006-0732 (Directory traversal vulnerability in SAP Business Connector (BC) 4.6 ...)
+CVE-2006-0732
 	NOT-FOR-US: SAP Business Connector
-CVE-2006-0731 (WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and ...)
+CVE-2006-0731
 	NOT-FOR-US: SAP Business Connector
-CVE-2006-0730 (Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow ...)
+CVE-2006-0730
 	- dovecot 1.0.beta3-1 (bug #353341; medium)
 	[sarge] - dovecot <not-affected> (Vulnerable code was introduced in 1.0beta1)
-CVE-2006-0729 (SQL injection vulnerability in functions.php in Teca Diary PE 1.0 ...)
+CVE-2006-0729
 	NOT-FOR-US: Teca Diary
-CVE-2006-0728 (SQL injection vulnerability in search.php in webSPELL 4.01.00 and ...)
+CVE-2006-0728
 	NOT-FOR-US: webSPELL
-CVE-2006-0727 (SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis ...)
+CVE-2006-0727
 	NOT-FOR-US: MusOX DF
-CVE-2006-0726 (Cross-site scripting (XSS) vulnerability in linking.php in CPG-Nuke ...)
+CVE-2006-0726
 	NOT-FOR-US: CPG-Nuke
-CVE-2006-0725 (PHP remote file inclusion vulnerability in prepend.php in Plume CMS ...)
+CVE-2006-0725
 	NOT-FOR-US: Plume CMS
-CVE-2006-0724 (profile.php in Reamday Enterprises Magic News Lite 1.2.3, when ...)
+CVE-2006-0724
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
-CVE-2006-0723 (PHP remote file inclusion vulnerability in preview.php in Reamday ...)
+CVE-2006-0723
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
-CVE-2006-0722 (settings.php in Reamday Enterprises Magic Downloads 1.1.3, when ...)
+CVE-2006-0722
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
-CVE-2006-0721 (SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a ...)
+CVE-2006-0721
 	NOT-FOR-US: RunCMS
-CVE-2006-0720 (Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows ...)
+CVE-2006-0720
 	NOT-FOR-US: Winamp
-CVE-2006-0719 (SQL injection vulnerability in member_login.php in PHP Classifieds ...)
+CVE-2006-0719
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-0718 (The Internet Key Exchange version 1 (IKEv1) implementation in Avaya ...)
+CVE-2006-0718
 	NOT-FOR-US: Avaya VSU
-CVE-2006-0717 (IBM Tivoli Directory Server 6.0 allows remote attackers to cause a ...)
+CVE-2006-0717
 	NOT-FOR-US: Tivoli
-CVE-2006-0716 (SQL injection vulnerability in index.php in sNews 1.3 allows remote ...)
+CVE-2006-0716
 	NOT-FOR-US: sNews
-CVE-2006-0715 (Cross-site scripting (XSS) vulnerability in sNews 1.3 allows remote ...)
+CVE-2006-0715
 	NOT-FOR-US: sNews
-CVE-2006-0714 (Directory traversal vulnerability in the installation file ...)
+CVE-2006-0714
 	- flyspray <not-affected> (Vulnerable code not included in Debian)
-CVE-2006-0713 (Directory traversal vulnerability in LinPHA 1.0 allows remote ...)
+CVE-2006-0713
 	NOT-FOR-US: LinPHA
-CVE-2006-0712 (mail_html template in Squishdot 1.5.0 and earlier does not properly ...)
+CVE-2006-0712
 	NOT-FOR-US: Squishdot
-CVE-2006-0711 (The (1) addfolder and (2) deletefolder functions in neomail-prefs.pl ...)
+CVE-2006-0711
 	NOT-FOR-US: NeoMail
-CVE-2006-0710 (Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 ...)
+CVE-2006-0710
 	NOT-FOR-US: Isode M-Vault
-CVE-2006-0709 (Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a ...)
+CVE-2006-0709
 	{DSA-995-1}
 	- metamail 2.7-51 (bug #352482; bug #353539)
-CVE-2006-0708 (Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow ...)
+CVE-2006-0708
 	NOT-FOR-US: Winamp
-CVE-2006-0707 (PyBlosxom before 1.3.2, when running on certain webservers, allows ...)
+CVE-2006-0707
 	- pyblosxom 1.3.2-1 (high)
 	[sarge] - pyblosxom <not-affected> (Vulnerable path handling code not present)
-CVE-2006-0706 (Cross-site scripting vulnerability in eintrag.php in G&#228;stebuch ...)
+CVE-2006-0706
 	NOT-FOR-US: Gaestebuch
-CVE-2006-0705 (Format string vulnerability in a logging function as used by various ...)
+CVE-2006-0705
 	NOT-FOR-US: Proprietary SFTP servers
-CVE-2006-0704 (iE Integrator 4.4.220114, when configured without a &quot;bespoke error ...)
+CVE-2006-0704
 	NOT-FOR-US: iE Integrator
-CVE-2006-0703 (Unspecified vulnerability in index.php in imageVue 16.1 has unknown ...)
+CVE-2006-0703
 	NOT-FOR-US: imageVue
-CVE-2006-0702 (admin/upload.php in imageVue 16.1 allows remote attackers to upload ...)
+CVE-2006-0702
 	NOT-FOR-US: imageVue
-CVE-2006-0701 (readfolder.php in imageVue 16.1 allows remote attackers to list ...)
+CVE-2006-0701
 	NOT-FOR-US: imageVue
-CVE-2006-0700 (imageVue 16.1 allows remote attackers to obtain folder permission ...)
+CVE-2006-0700
 	NOT-FOR-US: imageVue
-CVE-2006-0699 (Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki ...)
+CVE-2006-0699
 	NOT-FOR-US: QWikiWiki
-CVE-2006-0698 (Unspecified vulnerabilities in Zen Cart before 1.2.7 allow remote ...)
+CVE-2006-0698
 	NOT-FOR-US: Zen Cart
-CVE-2006-0697 (Zen Cart before 1.2.7 does not protect the admin/includes directory, ...)
+CVE-2006-0697
 	NOT-FOR-US: Zen Cart
-CVE-2006-0696 (SQL injection vulnerability in Zen Cart before 1.2.7 allows remote ...)
+CVE-2006-0696
 	NOT-FOR-US: Zen Cart
-CVE-2006-0695 (Ansilove before 1.03 does not filter uploaded file extensions, which ...)
+CVE-2006-0695
 	NOT-FOR-US: Ansilove
-CVE-2006-0694 (Unspecified vulnerability in the loaders (load_*.php) in Ansilove ...)
+CVE-2006-0694
 	NOT-FOR-US: Ansilove
-CVE-2006-0693 (Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti ...)
+CVE-2006-0693
 	NOT-FOR-US: Roberto Butti CALimba
-CVE-2006-0692 (Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL ...)
+CVE-2006-0692
 	NOT-FOR-US: Carey Briggs Timesheet
-CVE-2006-0691 (edituser.php in TTS Time Tracking Software 3.0 does not verify that ...)
+CVE-2006-0691
 	NOT-FOR-US: TTS Time Tracking Software
-CVE-2006-0690 (Multiple SQL injection vulnerabilities in TTS Time Tracking Software ...)
+CVE-2006-0690
 	NOT-FOR-US: TTS Time Tracking Software
-CVE-2006-0689 (Cross-site scripting (XSS) vulnerability in the Registration Form in ...)
+CVE-2006-0689
 	NOT-FOR-US: TTS Time Tracking Software
-CVE-2006-0688 (PHP remote file include vulnerability in application.php in ...)
+CVE-2006-0688
 	NOT-FOR-US: nicecoder.com indexu
-CVE-2006-0687 (process.php in DocMGR 0.54.2 does not initialize the $siteModInfo ...)
+CVE-2006-0687
 	NOT-FOR-US: DocMGR
-CVE-2006-0686 (add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and ...)
+CVE-2006-0686
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0685 (The check_login function in login.php in Virtual Hosting Control ...)
+CVE-2006-0685
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0684 (change_password.php in Virtual Hosting Control System (VHCS) 2.4.7.1 ...)
+CVE-2006-0684
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0683 (Cross-site scripting (XSS) vulnerability in Virtual Hosting Control ...)
+CVE-2006-0683
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0682 (Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system ...)
+CVE-2006-0682
 	NOT-FOR-US: e107
-CVE-2006-0681 (Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 ...)
+CVE-2006-0681
 	NOT-FOR-US: powerd
 	NOTE: powerd supposedly normally comes with sysvinit, but not in debian
-CVE-2006-0680 (Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote ...)
+CVE-2006-0680
 	NOT-FOR-US: WebGUI
-CVE-2006-0679 (SQL injection vulnerability in index.php in the Your_Account module in ...)
+CVE-2006-0679
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0678 (PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before ...)
+CVE-2006-0678
 	NOTE: Only vulnerable when compiled with asserts
 	- postgresql <unfixed> (unimportant)
 	- postgresql-8.0 8.0.7-1 (unimportant)
 	- postgresql-8.1 8.1.3-1 (unimportant)
-CVE-2006-0677 (telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows ...)
+CVE-2006-0677
 	{DSA-977-1}
 	- heimdal 0.7.2-1
-CVE-2006-0676 (Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 ...)
+CVE-2006-0676
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0675 (Cross-site scripting (XSS) vulnerability in search.php in Siteframe ...)
+CVE-2006-0675
 	NOT-FOR-US: SiteFrame
-CVE-2006-0674 (Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 ...)
+CVE-2006-0674
 	NOT-FOR-US: IBM AIX
-CVE-2006-0673 (Multiple SQL injection vulnerabilities in cms/index.php in Magic ...)
+CVE-2006-0673
 	NOT-FOR-US: Magic Calendar Lite
-CVE-2006-0672 (Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before ...)
+CVE-2006-0672
 	NOT-FOR-US: HP PSC 1210 All-in-One printer
-CVE-2006-0671 (Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell ...)
+CVE-2006-0671
 	NOT-FOR-US: Sony Ericsson
-CVE-2006-0670 (Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to ...)
+CVE-2006-0670
 	{DSA-990-1}
 	- bluez-hcidump 1.30-1 (bug #351881; medium)
-CVE-2006-0669 (** DISPUTED ** ...)
+CVE-2006-0669
 	NOT-FOR-US: Forum Light
-CVE-2006-0668 (SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote ...)
+CVE-2006-0668
 	NOT-FOR-US: PwsPHP
-CVE-2006-0667 (lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary ...)
+CVE-2006-0667
 	NOT-FOR-US: AIX
-CVE-2006-0666 (Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels ...)
+CVE-2006-0666
 	NOT-FOR-US: AIX
-CVE-2006-0665 (Unspecified vulnerability in (1) query_store.php and (2) ...)
+CVE-2006-0665
 	{DSA-1133-1}
 	- mantis 0.19.4-3
 	[woody] - mantis <not-affected> (Complete rewrite in 0.19)
-CVE-2006-0664 (Cross-site scripting (XSS) vulnerability in config_defaults_inc.php in ...)
+CVE-2006-0664
 	{DSA-1133-1}
 	- mantis 0.19.4-3
 	[woody] - mantis <not-affected> (Complete rewrite in 0.19)
-CVE-2006-0663 (Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino ...)
+CVE-2006-0663
 	NOT-FOR-US: Lotus Domino
-CVE-2006-0662 (Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client ...)
+CVE-2006-0662
 	NOT-FOR-US: Lotus Domino
-CVE-2006-0661 (Cross-site scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 ...)
+CVE-2006-0661
 	NOT-FOR-US: SmE GB Host
-CVE-2006-0660 (Multiple directory traversal vulnerabilities in FarsiNews 2.5 and ...)
+CVE-2006-0660
 	NOT-FOR-US: FarsiNews
-CVE-2006-0659 (Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and ...)
+CVE-2006-0659
 	NOT-FOR-US: Runcms
-CVE-2006-0658 (Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 ...)
+CVE-2006-0658
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
 	- moin 1.5.8-4.1
 	[etch] - moin <not-affected> (Vulnerable php code not present)
 	- karrigell <not-affected> (Vulnerable php code not present)
-CVE-2006-0657 (Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event ...)
+CVE-2006-0657
 	NOT-FOR-US: Softcomplex
-CVE-2006-0656 (Directory traversal vulnerability in HP Systems Insight Manager 4.2 ...)
+CVE-2006-0656
 	NOT-FOR-US: HP
-CVE-2006-0655 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2006-0655
 	NOT-FOR-US: Hinton Design phpht Topsites
-CVE-2006-0654 (check.php in Hinton Design phpht Topsites 1.3 does not validate ...)
+CVE-2006-0654
 	NOT-FOR-US: Hinton Design phpht Topsites
-CVE-2006-0653 (Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites ...)
+CVE-2006-0653
 	NOT-FOR-US: Hinton Design phpht Topsites
-CVE-2006-0652 (WHMCompleteSolution (WHMCS) before 2.3 assigns incorrect permissions ...)
+CVE-2006-0652
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2006-0651 (SQL injection vulnerability in index.php in vwdev allows remote ...)
+CVE-2006-0651
 	NOT-FOR-US: vwdev
-CVE-2006-0650 (Cross-site scripting (XSS) vulnerability in cpaint2.inc.php in the ...)
+CVE-2006-0650
 	NOT-FOR-US: CPAINT
-CVE-2006-0649 (Cross-site scripting (XSS) vulnerability in DataparkSearch before 4.37 ...)
+CVE-2006-0649
 	NOT-FOR-US: DataparkSearch
-CVE-2006-0648 (Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, ...)
+CVE-2006-0648
 	NOT-FOR-US: PHP iCalendar
-CVE-2006-0647 (LDAP service in Sun Java System Directory Server 5.2, running on Linux ...)
+CVE-2006-0647
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2006-0646 (ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain ...)
+CVE-2006-0646
 	- binutils <not-affected> (SuSE specific vulnerability)
-CVE-2006-0645 (Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS ...)
+CVE-2006-0645
 	{DSA-986-1 DSA-985-1}
 	- libtasn1-2 <removed> (bug #352182; bug #365234)
 	NOTE: upload of libtasn1-2 0.3.1-1 was reverted in 1:0.2.17-2 because of soname change
@@ -14982,36 +14982,36 @@ CVE-2006-0645 (Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTL
 CVE-2006-XXXX [dpkg-sig: insecure temp file bug]
 	- dpkg-sig 0.13 (bug #352723; low)
 	[sarge] - dpkg-sig <no-dsa> (Only affected in debug mode)
-CVE-2006-2441 (Pioneers meta-server before 0.9.55, when the server-console is not ...)
+CVE-2006-2441
 	- pioneers 0.9.55-1 (bug #351986; medium)
 	[sarge] - gnocatan <not-affected> (Not exploitable in Sarge per maintainer)
-CVE-2006-0644 (Multiple directory traversal vulnerabilities in install.php in ...)
+CVE-2006-0644
 	NOT-FOR-US: CPG-Nuke Dragonfly CMS
-CVE-2006-0643 (Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web ...)
+CVE-2006-0643
 	NOT-FOR-US: WiredRed e/pop Web Conferencing
-CVE-2006-0642 (Trend Micro ServerProtect 5.58, and possibly InterScan Messaging ...)
+CVE-2006-0642
 	NOT-FOR-US: Trend Micro
-CVE-2006-0641 (Orbicule Undercover uses a third-party web server to determine the IP ...)
+CVE-2006-0641
 	NOT-FOR-US: Orbicule Undercover
-CVE-2006-0640 (Orbicule Undercover allows attackers with physical or root access to ...)
+CVE-2006-0640
 	NOT-FOR-US: Orbicule Undercover
-CVE-2006-0639 (Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka ...)
+CVE-2006-0639
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0638 (SQL injection vulnerability in moderation.php in MyBB (aka ...)
+CVE-2006-0638
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0637 (Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows ...)
+CVE-2006-0637
 	NOT-FOR-US: QUALCOMM Eudora WorldMail
-CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the ...)
+CVE-2006-0636
 	NOT-FOR-US: eyeOS
-CVE-2006-0635 (Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the ...)
+CVE-2006-0635
 	- tcc 0.9.24~cvs20070502-1 (bug #352202; low)
 	[sarge] - tcc <no-dsa> (Only incorrect code gen, hardly any production use)
 	[etch] - tcc <no-dsa> (Documented as insecure; only incorrect code gen, hardly any production use)
-CVE-2006-0634 (Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition ...)
+CVE-2006-0634
 	NOT-FOR-US: Borland C++Builder
-CVE-2006-0633 (The make_password function in ipsclass.php in Invision Power Board ...)
+CVE-2006-0633
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0632 (The gen_rand_string function in phpBB 2.0.19 uses insufficiently ...)
+CVE-2006-0632
 	- phpbb2 2.0.20 (low)
 	[sarge] - phpbb2 <no-dsa> (Minor issue)
 	NOTE: According to maintainers phpbb2 doesn't have useful countermeasures against
@@ -15019,61 +15019,61 @@ CVE-2006-0632 (The gen_rand_string function in phpBB 2.0.19 uses insufficiently
 	NOTE: NTP-timed attacks may even be in the area of a couple thousands attempts
 	NOTE: instead of a million
 	NOTE: Fixed in 2.0.20
-CVE-2006-0631 (CRLF injection vulnerability in mailback.pl in Erik C. Thauvin ...)
+CVE-2006-0631
 	NOT-FOR-US: Erik C. Thauvin mailback
-CVE-2006-0630 (RITLabs The Bat! before 3.0.0.15 displays certain important headers ...)
+CVE-2006-0630
 	NOT-FOR-US: The Bat!
-CVE-2006-0629 (Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 ...)
+CVE-2006-0629
 	NOT-FOR-US: AIM
-CVE-2006-0628 (myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute ...)
+CVE-2006-0628
 	NOT-FOR-US: Dale Ray MyQuiz
-CVE-2006-0627 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and ...)
+CVE-2006-0627
 	NOT-FOR-US: Clever Copy
-CVE-2006-0624 (SQL injection vulnerability in check.asp in Whomp Real Estate Manager ...)
+CVE-2006-0624
 	NOT-FOR-US: Whomp Real Estate Manager
-CVE-2006-0623 (QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable ...)
+CVE-2006-0623
 	NOT-FOR-US: QNX
-CVE-2006-0622 (QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of ...)
+CVE-2006-0622
 	NOT-FOR-US: QNX
-CVE-2006-0621 (Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users ...)
+CVE-2006-0621
 	NOT-FOR-US: QNX
-CVE-2006-0620 (Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users ...)
+CVE-2006-0620
 	NOT-FOR-US: QNX
-CVE-2006-0619 (Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow ...)
+CVE-2006-0619
 	NOT-FOR-US: QNX
-CVE-2006-0618 (Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 ...)
+CVE-2006-0618
 	NOT-FOR-US: QNX
-CVE-2006-0617 (Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 ...)
+CVE-2006-0617
 	NOT-FOR-US: Sun Java
-CVE-2006-0616 (Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and ...)
+CVE-2006-0616
 	NOT-FOR-US: Sun Java
-CVE-2006-0615 (Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 ...)
+CVE-2006-0615
 	NOT-FOR-US: Sun Java
-CVE-2006-0614 (Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and ...)
+CVE-2006-0614
 	NOT-FOR-US: Sun Java
-CVE-2006-0613 (Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in ...)
+CVE-2006-0613
 	NOT-FOR-US: Sun Java
-CVE-2006-0612 (Powersave daemon before 0.10.15.2 allows local users to gain ...)
+CVE-2006-0612
 	- powersave 0.11.2-1
-CVE-2006-0611 (Directory traversal vulnerability in compose.pl in @Mail 4.3 and ...)
+CVE-2006-0611
 	NOT-FOR-US: @Mail
-CVE-2006-0610 (Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, ...)
+CVE-2006-0610
 	NOT-FOR-US: 2200net Calender system
-CVE-2006-0609 (Cross-site scripting (XSS) vulnerability in add.php in Hinton Design ...)
+CVE-2006-0609
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0608 (Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 ...)
+CVE-2006-0608
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0607 (check.php in Hinton Design phphd 1.0 does not check passwords when ...)
+CVE-2006-0607
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0606 (SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 ...)
+CVE-2006-0606
 	NOT-FOR-US: Unknown Domain Shoutbox
-CVE-2006-0605 (Multiple cross-site scripting (XSS) vulnerabilities in Unknown Domain ...)
+CVE-2006-0605
 	NOT-FOR-US: Unknown Domain Shoutbox
-CVE-2006-0604 (check.php in Hinton Design phphg Guestbook 1.2 does not check the user ...)
+CVE-2006-0604
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0603 (Multiple cross-site scripting vulnerabilities in signed.php in Hinton ...)
+CVE-2006-0603
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0602 (Multiple SQL injection vulnerabilities in Hinton Design phphg ...)
+CVE-2006-0602
 	NOT-FOR-US: Hinton Design phphd
 CVE-2006-0601
 	RESERVED
@@ -15083,238 +15083,238 @@ CVE-2006-0595
 	RESERVED
 CVE-2006-0594
 	RESERVED
-CVE-2006-0598 (Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows ...)
+CVE-2006-0598
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0597 (Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 ...)
+CVE-2006-0597
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0599 (The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 ...)
+CVE-2006-0599
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0600 (elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of ...)
+CVE-2006-0600
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0593 (Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 ...)
+CVE-2006-0593
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-0592 (Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server ...)
+CVE-2006-0592
 	NOT-FOR-US: Lexmark Printer
-CVE-2006-0591 (The crypt_gensalt functions for BSDI-style extended DES-based and ...)
+CVE-2006-0591
 	NOT-FOR-US: crypt_blowfish implementation from OWL, does not seem to be in Debian
-CVE-2006-0590 (MyTopix 1.2.3 allows remote attackers to obtain the installation path ...)
+CVE-2006-0590
 	NOT-FOR-US: MyTopix
-CVE-2006-0589 (MyTopix 1.2.3 allows remote attackers to obtain the installation path ...)
+CVE-2006-0589
 	NOT-FOR-US: MyTopix
-CVE-2006-0588 (SQL injection vulnerability in search.php in MyTopix 1.2.3 allows ...)
+CVE-2006-0588
 	NOT-FOR-US: MyTopix
-CVE-2006-0587 (Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 ...)
+CVE-2006-0587
 	- gallery 1.5.2-pl2-1
-CVE-2006-0586 (Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before ...)
+CVE-2006-0586
 	NOT-FOR-US: Oracle
-CVE-2006-0585 (jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows ...)
+CVE-2006-0585
 	NOT-FOR-US: Microsoft
-CVE-2006-0584 (The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 ...)
+CVE-2006-0584
 	NOT-FOR-US: PeopleSoft People Tools
-CVE-2006-0583 (SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and ...)
+CVE-2006-0583
 	NOT-FOR-US: Clever Copy
-CVE-2006-0582 (Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and ...)
+CVE-2006-0582
 	{DSA-977-1}
 	- heimdal 0.7.2-1
-CVE-2006-0581 (SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 ...)
+CVE-2006-0581
 	NOT-FOR-US: Hosting Controller
-CVE-2006-0580 (IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial ...)
+CVE-2006-0580
 	NOT-FOR-US: Lotus Domino
-CVE-2006-0579 (Multiple integer overflows in (1) the new_demux_packet function in ...)
+CVE-2006-0579
 	- mplayer <not-affected> (fixed before first upload; 1.0pre7try3)
 	NOTE: code not in ffmpeg and xine-lib
-CVE-2006-0578 (Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce ...)
+CVE-2006-0578
 	NOT-FOR-US: Blue Coat Proxy Security Gateway OS
-CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...)
+CVE-2006-0577
 	NOT-FOR-US: Lexmark printer
-CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...)
+CVE-2006-0576
 	- oprofile 0.9.1-9 (bug #352910; low)
 	[sarge] - oprofile <no-dsa> (requires sudo access to be vulnerable)
-CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...)
+CVE-2006-0575
 	- fcron <not-affected> (Not included in Debian package)
-CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...)
+CVE-2006-0574
 	NOT-FOR-US: cPanel
-CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and ...)
+CVE-2006-0573
 	NOT-FOR-US: cPanel
-CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to ...)
+CVE-2006-0572
 	NOT-FOR-US: phpstatus
-CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 ...)
+CVE-2006-0571
 	NOT-FOR-US: phpstatus
-CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when ...)
+CVE-2006-0570
 	NOT-FOR-US: phpstatus
-CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in Papoo ...)
+CVE-2006-0569
 	NOT-FOR-US: Papoo
-CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in Outblaze ...)
+CVE-2006-0568
 	NOT-FOR-US: Outblaze
-CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before 0.5.1, ...)
+CVE-2006-0567
 	NOT-FOR-US: Xaraya
-CVE-2006-0566 (The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote ...)
+CVE-2006-0566
 	NOT-FOR-US: Communigate Pro
-CVE-2006-0565 (PHP remote file include vulnerability in inc/backend_settings.php in ...)
+CVE-2006-0565
 	NOT-FOR-US: LoudBlog
-CVE-2006-0564 (Stack-based buffer overflow in Microsoft HTML Help Workshop ...)
+CVE-2006-0564
 	NOT-FOR-US: Microsoft
-CVE-2006-0563 (SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c ...)
+CVE-2006-0563
 	NOT-FOR-US: PluggedOut Blog
-CVE-2006-0562 (Cross-site scripting (XSS) vulnerability in problem.php in PluggedOut ...)
+CVE-2006-0562
 	NOT-FOR-US: PluggedOut Blog
-CVE-2006-0561 (Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS ...)
+CVE-2006-0561
 	NOT-FOR-US: Cisco
 CVE-2006-0560
 	REJECTED
-CVE-2006-0559 (Format string vulnerability in the SMTP server for McAfee WebShield ...)
+CVE-2006-0559
 	NOT-FOR-US: McAfee WebShield
-CVE-2006-0558 (perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local ...)
+CVE-2006-0558
 	{DSA-1103}
 	- linux-2.6 2.6.16-1 (bug #365375; low)
-CVE-2006-0557 (sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not ...)
+CVE-2006-0557
 	{DSA-1103}
 	- linux-2.6 2.6.15-8
 CVE-2006-0556
 	REJECTED
-CVE-2006-0555 (The Linux Kernel before 2.6.15.5 allows local users to cause a denial ...)
+CVE-2006-0555
 	{DSA-1103}
 	- linux-2.6 2.6.15-8
-CVE-2006-0554 (Linux kernel 2.6 before 2.6.15.5 allows local users to obtain ...)
+CVE-2006-0554
 	{DSA-1103}
 	- linux-2.6 2.6.15-8
-CVE-2006-0553 (PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to ...)
+CVE-2006-0553
 	- postgresql-8.1 8.1.3-1
-CVE-2006-0552 (Unspecified vulnerability in the Net Listener component of Oracle ...)
+CVE-2006-0552
 	NOT-FOR-US: Oracle
-CVE-2006-0551 (SQL injection vulnerability in the Data Pump Metadata API in Oracle ...)
+CVE-2006-0551
 	NOT-FOR-US: Oracle
-CVE-2006-0550 (Buffer overflow in an unspecified Oracle Client utility might allow ...)
+CVE-2006-0550
 	NOT-FOR-US: Oracle
-CVE-2006-0549 (SQL injection vulnerability in the SYS.DBMS_METADATA_UTIL package in ...)
+CVE-2006-0549
 	NOT-FOR-US: Oracle
-CVE-2006-0548 (SQL injection vulnerability in the Oracle Text component of Oracle ...)
+CVE-2006-0548
 	NOT-FOR-US: Oracle
-CVE-2006-0547 (Oracle Database 8i, 9i, and 10g allow remote authenticated users to ...)
+CVE-2006-0547
 	NOT-FOR-US: Oracle
-CVE-2006-0546 (Unspecified vulnerability in index.php in a certain application ...)
+CVE-2006-0546
 	NOT-FOR-US: Strange app at www.egeinternet.com
-CVE-2006-0545 (SQL injection vulnerability in showflat.php in Groupee (formerly known ...)
+CVE-2006-0545
 	NOT-FOR-US: UBB.threads
-CVE-2006-0544 (urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) ...)
+CVE-2006-0544
 	NOT-FOR-US: Microsoft
-CVE-2006-0543 (Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial ...)
+CVE-2006-0543
 	NOT-FOR-US: Cerulean Trillian
-CVE-2006-0542 (Multiple SQL injection vulnerabilities in config.php in NukedWeb ...)
+CVE-2006-0542
 	NOT-FOR-US: NukedWeb
-CVE-2006-0541 (Multiple cross-site scripting (XSS) vulnerabilities in Tachyon Vanilla ...)
+CVE-2006-0541
 	NOT-FOR-US: Tachyon Vanilla Guestbook
-CVE-2006-0540 (Multiple SQL injection vulnerabilities in Tachyon Vanilla Guestbook ...)
+CVE-2006-0540
 	NOT-FOR-US: Tachyon Vanilla Guestbook
-CVE-2006-0539 (The convert-fcrontab program in fcron 3.0.0 might allow local users to ...)
+CVE-2006-0539
 	- fcron <not-affected> (Vulnerable app in the Debian package, not setuid anyway)
-CVE-2006-0538 (CipherTrust IronMail 5.0.1, when &quot;Denial of Service Protection&quot; is ...)
+CVE-2006-0538
 	NOT-FOR-US: IronMail
-CVE-2006-0537 (Buffer overflow in the POP3 server in Kinesphere Corporation eXchange ...)
+CVE-2006-0537
 	NOT-FOR-US: eXchange POP3
-CVE-2006-0536 (Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.27 ...)
+CVE-2006-0536
 	NOT-FOR-US: NeoMail
-CVE-2006-0535 (Multiple cross-site scripting (XSS) vulnerabilities in Community ...)
+CVE-2006-0535
 	NOT-FOR-US: Community Server
-CVE-2006-0534 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+CVE-2006-0534
 	NOT-FOR-US: CyberShop Ultimate E-commerce
-CVE-2006-0533 (Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel ...)
+CVE-2006-0533
 	NOT-FOR-US: cPanel
 	NOTE: Not Debian's cpanel
-CVE-2006-0532 (Cross-site scripting (XSS) vulnerability in resultat.asp in SoftMaker ...)
+CVE-2006-0532
 	NOT-FOR-US: SoftMaker Shop
-CVE-2006-0531 (Unspecified vulnerability in Sun Java System Access Manager 7.0 allows ...)
+CVE-2006-0531
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...)
+CVE-2006-0530
 	NOT-FOR-US: CA Message Queuing
 	NOTE: CA Message Queuing is embeded in a lot of products, but they all seem
 	NOTE: to be commercial products (see list in referenced URL)
-CVE-2006-0529 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...)
+CVE-2006-0529
 	NOT-FOR-US: CA Message Queuing
 	NOTE: CA Message Queuing is embeded in a lot of products, but they all seem
 	NOTE: to be commercial products (see list in referenced URL)
-CVE-2006-0528 (The cairo library (libcairo), as used in GNOME Evolution and possibly ...)
+CVE-2006-0528
 	- evolution 2.2.3-4 (low)
 	[sarge] - evolution <not-affected> (Vulnerability was apparantly introduced in 2.3.1)
 	[woody] - evolution <not-affected> (Vulnerability was apparantly introduced in 2.3.1)
-CVE-2006-0527 (BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, ...)
+CVE-2006-0527
 	- bind 1:8.4.7-1 (low)
 	[sarge] - bind <no-dsa> (Architectual limitatiom, upgrade to BIND 9 as a a fix)
 	NOTE: BIND 8 is unsuitable for forwarder use because of its
 	NOTE: architecture. Upgrade to BIND 9 as a fix.
 	NOTE: This was fixed in sid by documenting it as an unfixable design limitation
-CVE-2006-0526 (The default configuration of the America Online (AOL) client software ...)
+CVE-2006-0526
 	NOT-FOR-US: AOL
-CVE-2006-0525 (Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator ...)
+CVE-2006-0525
 	NOT-FOR-US: Windows issue
-CVE-2006-0524 (Cross-site scripting (XSS) vulnerability in ashnews.php in Derek ...)
+CVE-2006-0524
 	NOT-FOR-US: Derek Ashauer ashnews
-CVE-2006-0523 (SQL injection vulnerability in global.php in MyBB before 1.03 allows ...)
+CVE-2006-0523
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0522 (SQL injection vulnerability in the Authentication Servlet in Symantec ...)
+CVE-2006-0522
 	NOT-FOR-US: Symantec Sygate Management Server
-CVE-2006-0521 (Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM ...)
+CVE-2006-0521
 	NOT-FOR-US: Browser CRM
-CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module 1.3 ...)
+CVE-2006-0520
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows ...)
+CVE-2006-0519
 	- spip 2.0.6-1 (medium; bug #351336)
-CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e ...)
+CVE-2006-0518
 	- spip 2.0.6-1 (medium; bug #351335)
-CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...)
+CVE-2006-0517
 	- spip 2.0.6-1 (medium; bug #351334)
-CVE-2006-0625 (Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and ...)
+CVE-2006-0625
 	- spip 2.0.6-1 (medium; bug #352076)
 	NOTE: http://www.securityfocus.com/bid/16556
-CVE-2006-0626 (SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and ...)
+CVE-2006-0626
 	- spip 2.0.6-1 (medium; bug #352077)
 	NOTE: http://www.securityfocus.com/bid/16551
-CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...)
+CVE-2006-0516
 	NOT-FOR-US: Solaris
-CVE-2006-0515 (Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x ...)
+CVE-2006-0515
 	NOT-FOR-US: Cisco
 CVE-2006-0514
 	RESERVED
-CVE-2006-0513 (Directory traversal vulnerability in pkmslogout in Tivoli Web Server ...)
+CVE-2006-0513
 	NOT-FOR-US: Tivoli
-CVE-2006-0512 (PADL MigrationTools 46 creates temporary files insecurely, which ...)
+CVE-2006-0512
 	{DSA-1187-1}
 	- migrationtools 46-2.1 (bug #338920; medium)
-CVE-2006-0511 (** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does not ...)
+CVE-2006-0511
 	NOT-FOR-US: Blackboard Academic Suite
-CVE-2006-0510 (SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 ...)
+CVE-2006-0510
 	NOT-FOR-US: Daffodil
-CVE-2006-0509 (Multiple cross-site scripting (XSS) vulnerabilities in clients.php in ...)
+CVE-2006-0509
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-0508 (Easy CMS stores the images directory under the web document root with ...)
+CVE-2006-0508
 	NOT-FOR-US: Easy CMS
-CVE-2006-0507 (Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow ...)
+CVE-2006-0507
 	NOT-FOR-US: Easy CMS
-CVE-2006-0506 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN ...)
+CVE-2006-0506
 	NOT-FOR-US: Nuked-klaN
-CVE-2006-0505 (zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to ...)
+CVE-2006-0505
 	NOT-FOR-US: Zbattle
-CVE-2006-0504 (Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 ...)
+CVE-2006-0504
 	NOT-FOR-US: MailEnable Enterprise Edition
-CVE-2006-0503 (IMAP service in MailEnable Professional Edition before 1.72 allows ...)
+CVE-2006-0503
 	NOT-FOR-US: MailEnable Professional Edition
-CVE-2006-0502 (PHP remote file inclusion vulnerability in loginout.php in FarsiNews ...)
+CVE-2006-0502
 	NOT-FOR-US: FarsiNews
-CVE-2006-0501 (Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows ...)
+CVE-2006-0501
 	NOT-FOR-US: MyCo Guestbook
-CVE-2006-0500 (MyCO Guestbook 1.0 stores the admin directory under the web document ...)
+CVE-2006-0500
 	NOT-FOR-US: MyCo Guestbook
-CVE-2006-0499 (Cross-site scripting (XSS) vulnerability in rlink.php in Rlink 1.0.0 ...)
+CVE-2006-0499
 	NOT-FOR-US: Rlink module add-on for phpbb (not included in Debian package)
-CVE-2006-0498 (Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before ...)
+CVE-2006-0498
 	NOT-FOR-US: PHP GEN
-CVE-2006-0497 (Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow ...)
+CVE-2006-0497
 	NOT-FOR-US: PHP GEN
-CVE-2006-0496 (Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and ...)
+CVE-2006-0496
 	- iceweasel 3.0-1 (unimportant; bug #349339)
 	- mozilla-firefox <removed> (unimportant; bug #349339)
 	- iceape <removed> (unimportant)
@@ -15322,437 +15322,437 @@ CVE-2006-0496 (Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and ..
 	NOTE: This is not a direct vulnerability, but rather the lack of protection
 	NOTE: for shooting into own's own foot, so we should treat it as a security
 	NOTE: enhancement bug and not as a vulnerability.
-CVE-2006-0495 (Cross-site scripting (XSS) vulnerability in the Add Thread to ...)
+CVE-2006-0495
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0494 (Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 ...)
+CVE-2006-0494
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0493 (Cross-site scripting (XSS) vulnerability in MG2 (formerly known as ...)
+CVE-2006-0493
 	NOT-FOR-US: MG2
-CVE-2006-0492 (Multiple SQL injection vulnerabilities in Calendarix allow remote ...)
+CVE-2006-0492
 	NOT-FOR-US: Calendarix
-CVE-2006-0491 (SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4 ...)
+CVE-2006-0491
 	NOT-FOR-US: SZUserMgnt
-CVE-2006-0490 (SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums ...)
+CVE-2006-0490
 	NOT-FOR-US: ASPThai Forums
-CVE-2006-0489 (** DISPUTED ** Buffer overflow in the font command of mIRC, probably ...)
+CVE-2006-0489
 	NOT-FOR-US: mIRC
-CVE-2006-0488 (The VDM (Virtual DOS Machine) emulation environment for MS-DOS ...)
+CVE-2006-0488
 	NOT-FOR-US: Microsoft
-CVE-2006-0487 (Multiple unspecified vulnerabilities in Tumbleweed MailGate Email ...)
+CVE-2006-0487
 	NOT-FOR-US: Tumbleweed MailGate Email Firewall
-CVE-2006-0486 (Certain Cisco IOS releases in 12.2S based trains with maintenance ...)
+CVE-2006-0486
 	NOT-FOR-US: IOS
-CVE-2006-0485 (The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S ...)
+CVE-2006-0485
 	NOT-FOR-US: IOS
-CVE-2006-0484 (Directory traversal vulnerability in Vis.pl, as part of the FACE ...)
+CVE-2006-0484
 	NOT-FOR-US: FACE CONTROL product
-CVE-2006-0483 (Cisco VPN 3000 series concentrators running software 4.7.0 through ...)
+CVE-2006-0483
 	NOT-FOR-US: Cisco
-CVE-2006-0482 (Linux kernel 2.6.15.1 and earlier, when running on SPARC ...)
+CVE-2006-0482
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-4
-CVE-2006-0481 (Heap-based buffer overflow in the alpha strip capability in libpng ...)
+CVE-2006-0481
 	- libpng 1.2.8rel-3 (bug #352902; bug #352918)
 	[sarge] - libpng <not-affected> (Only 1.2.7 affected)
 	[woody] - libpng <not-affected> (Only 1.2.7 affected)
 	[sarge] - libpng3 1.2.8rel-1
-CVE-2006-0480 (Cross-site scripting (XSS) vulnerability in the Articles module in ...)
+CVE-2006-0480
 	NOT-FOR-US: sPaiz-Nuke
-CVE-2006-0479 (pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, ...)
+CVE-2006-0479
 	NOT-FOR-US: PmWiki
-CVE-2006-0478 (CRE Loaded 6.15 allows remote attackers to perform privileged actions, ...)
+CVE-2006-0478
 	NOT-FOR-US: CRE Loaded
-CVE-2006-0477 (Buffer overflow in git-checkout-index in GIT before 1.1.5 allows ...)
+CVE-2006-0477
 	- git-core 1.1.5-1 (bug #350274)
-CVE-2006-0476 (Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to ...)
+CVE-2006-0476
 	NOT-FOR-US: Winamp
-CVE-2006-0475 (PHP-Ping 1.3 does not properly validate ping counts, which allows ...)
+CVE-2006-0475
 	NOT-FOR-US: PHP-Ping
-CVE-2006-0474 (Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers ...)
+CVE-2006-0474
 	NOT-FOR-US: Shareaza
-CVE-2006-0473 (Cross-site scripting (XSS) vulnerability in the bbcode function in ...)
+CVE-2006-0473
 	NOT-FOR-US: My little homepage
-CVE-2006-0472 (Cross-site scripting (XSS) vulnerability in guestbook.php in my little ...)
+CVE-2006-0472
 	NOT-FOR-US: My little homepage
-CVE-2006-0471 (Cross-site scripting (XSS) vulnerability in the bbcode function in ...)
+CVE-2006-0471
 	NOT-FOR-US: My little homepage
-CVE-2006-0470 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+CVE-2006-0470
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0469 (Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and ...)
+CVE-2006-0469
 	NOT-FOR-US: uebimiau
 	NOTE: this had an ITP back in 2002, but it never was done (bug #164116)
-CVE-2006-0468 (CommuniGate Pro Core Server before 5.0.7 allows remote attackers to ...)
+CVE-2006-0468
 	NOT-FOR-US: CommuniGate Pro
-CVE-2006-0467 (Unspecified vulnerability in Pioneers (formerly gnocatan) before ...)
+CVE-2006-0467
 	{DSA-964-1}
 	[woody] - gnocatan 0.6.1-5woody3
 	[sarge] - gnocatan 0.8.1.59-1sarge1
 	- pioneers 0.9.49-1 (bug #350237; medium)
-CVE-2006-0466 (Cross-site scripting (XSS) vulnerability in search.asp in Goldstag ...)
+CVE-2006-0466
 	NOT-FOR-US: Goldstag Content Management System
-CVE-2006-0465 (Cross-site scripting (XSS) vulnerability in risultati_ricerca.php in ...)
+CVE-2006-0465
 	NOT-FOR-US: active121 Site Manager
-CVE-2006-0464 (Multiple SQL injection vulnerabilities in index.php in IdeoContent ...)
+CVE-2006-0464
 	NOT-FOR-US: IdeoContent Manager
-CVE-2006-0463 (Cross-site scripting (XSS) vulnerability in IdeoContent Manager allows ...)
+CVE-2006-0463
 	NOT-FOR-US: IdeoContent Manager
-CVE-2006-0462 (SQL injection vulnerability in comentarios.php in AndoNET Blog ...)
+CVE-2006-0462
 	NOT-FOR-US: AndoNET Blog
-CVE-2006-0461 (Cross-site scripting (XSS) vulnerability in core.input.php in ...)
+CVE-2006-0461
 	NOT-FOR-US: ExpressionEngine
-CVE-2006-0460 (Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote ...)
+CVE-2006-0460
 	{DSA-997-1}
 	- bomberclone 0.11.6.2-1
-CVE-2006-0459 (flex.skl in Will Estes and John Millaway Fast Lexical Analyzer ...)
+CVE-2006-0459
 	{DSA-1020-1}
 	- flex 2.5.33-1
-CVE-2006-0458 (The DCC ACCEPT command handler in irssi before ...)
+CVE-2006-0458
 	- irssi-text <not-affected> (Only 0.8.10rc versions are affected)
-CVE-2006-0457 (Race condition in the (1) add_key, (2) request_key, and (3) keyctl ...)
+CVE-2006-0457
 	- linux-2.6 2.6.15-6
-CVE-2006-0456 (The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 ...)
+CVE-2006-0456
 	{DSA-1103}
 	- linux-2.6 2.6.16-1
-CVE-2006-0455 (gpgv in GnuPG before 1.4.2.1, when using unattended signature ...)
+CVE-2006-0455
 	{DSA-978-1}
 	- gnupg 1.4.2.2-1 (bug #353017; bug #353019; bug #354620; medium)
 	- gnupg2 <not-affected> (Vulnerable code not activated)
-CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ...)
+CVE-2006-0454
 	- linux-2.6 2.6.15-5
 	[sarge] - kernel-source-2.6.8 <not-affected>
 	[sarge] - kernel-source-2.4.27 <not-affected>
-CVE-2006-0453 (The LDAP component in Fedora Directory Server 1.0 allow remote ...)
+CVE-2006-0453
 	NOT-FOR-US: Fedora Directory Server
-CVE-2006-0452 (dn2ancestor in the LDAP component in Fedora Directory Server 1.0 ...)
+CVE-2006-0452
 	NOT-FOR-US: Fedora Directory Server
-CVE-2006-0451 (Multiple memory leaks in the LDAP component in Fedora Directory Server ...)
+CVE-2006-0451
 	NOT-FOR-US: Fedora Directory Server
-CVE-2006-0450 (phpBB 2.0.19 and earlier allows remote attackers to cause a denial of ...)
+CVE-2006-0450
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: As discussed with the phpbb maintainers; this is only a lack of feature
 	NOTE: (phpbb2 doesn't allow a kind of rate control for maximum login/searches for
 	NOTE: a certain time frame), but not a directly fixable security problem
-CVE-2006-0449 (Early termination vulnerability in the IMAP service in E-Post Mail ...)
+CVE-2006-0449
 	NOT-FOR-US: E-Post Mail / SPA-PRO Mail
-CVE-2006-0448 (Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and ...)
+CVE-2006-0448
 	NOT-FOR-US: E-Post Mail / SPA-PRO Mail
-CVE-2006-0447 (Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail ...)
+CVE-2006-0447
 	NOT-FOR-US: E-Post Mail / SPA-PRO Mail
-CVE-2006-0446 (Unspecified vulnerability in WeBWorK 2.1.3 and 2.2-pre1 allows remote ...)
+CVE-2006-0446
 	NOT-FOR-US: WeBWorK
-CVE-2006-0445 (index.php in Phpclanwebsite 1.23.1 allows remote authenticated users ...)
+CVE-2006-0445
 	NOT-FOR-US: Phpclanwebsite
-CVE-2006-0444 (SQL injection vulnerability in index.php in Phpclanwebsite (aka PCW) ...)
+CVE-2006-0444
 	NOT-FOR-US: Phpclanwebsite
-CVE-2006-0443 (Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog ...)
+CVE-2006-0443
 	NOT-FOR-US: CheesyBlog
-CVE-2006-0442 (Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in ...)
+CVE-2006-0442
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0441 (Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote ...)
+CVE-2006-0441
 	NOT-FOR-US: Sami FTP Server
-CVE-2006-0440 (Text Rider 2.4 allows attackers to bypass authentication and upload ...)
+CVE-2006-0440
 	NOT-FOR-US: Text Rider
-CVE-2006-0439 (Text Rider 2.4 stores sensitive data in the data directory under the ...)
+CVE-2006-0439
 	NOT-FOR-US: Text Rider
-CVE-2006-0438 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when ...)
+CVE-2006-0438
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: No real world risk according to maintainer
-CVE-2006-0437 (Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB ...)
+CVE-2006-0437
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: Intended behaviour according to maintainer
-CVE-2006-0436 (Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 ...)
+CVE-2006-0436
 	NOT-FOR-US: HP-UX
-CVE-2006-0435 (Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in ...)
+CVE-2006-0435
 	NOT-FOR-US: Oracle
-CVE-2006-0434 (Directory traversal vulnerability in action.php in phpXplorer allows ...)
+CVE-2006-0434
 	NOT-FOR-US: phpXplorer
-CVE-2006-0433 (Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not ...)
+CVE-2006-0433
 	- kfreebsd-5 5.4-13
-CVE-2006-0432 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
+CVE-2006-0432
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0431 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
+CVE-2006-0431
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0430 (Certain configurations of BEA WebLogic Server and WebLogic Express ...)
+CVE-2006-0430
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0429 (BEA WebLogic Server and WebLogic Express 9.0 causes new security ...)
+CVE-2006-0429
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0428 (Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, ...)
+CVE-2006-0428
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0427 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
+CVE-2006-0427
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0426 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, when ...)
+CVE-2006-0426
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0425 (BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain ...)
+CVE-2006-0425
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0424 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through ...)
+CVE-2006-0424
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0423 (BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS ...)
+CVE-2006-0423
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0422 (Multiple unspecified vulnerabilities in BEA WebLogic Server and ...)
+CVE-2006-0422
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0421 (By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when ...)
+CVE-2006-0421
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0420 (BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 ...)
+CVE-2006-0420
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0419 (BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 ...)
+CVE-2006-0419
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0418 (Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 ...)
+CVE-2006-0418
 	NOT-FOR-US: 123 Flash Chat Server
-CVE-2006-0417 (SQL injection vulnerability in login.php in miniBloggie 1.0 and ...)
+CVE-2006-0417
 	NOT-FOR-US: miniBloggie
-CVE-2006-0416 (SleeperChat 0.3f and earlier allows remote attackers to bypass ...)
+CVE-2006-0416
 	NOT-FOR-US: SleeperChat
-CVE-2006-0415 (Cross-site scripting (XSS) vulnerability in index.php in SleeperChat ...)
+CVE-2006-0415
 	NOT-FOR-US: SleeperChat
-CVE-2006-0414 (Tor before 0.1.1.20 allows remote attackers to identify hidden ...)
+CVE-2006-0414
 	- tor 0.1.1.11-alpha-1 (bug #349283)
-CVE-2006-0413 (Multiple SQL injection vulnerabilities in index.php in NewsPHP allow ...)
+CVE-2006-0413
 	NOT-FOR-US: NewsPHP
-CVE-2006-0412 (SQL injection vulnerability in CyberShop allows remote attackers to ...)
+CVE-2006-0412
 	NOT-FOR-US: CyberShop
-CVE-2006-0411 (claro_init_local.inc.php in Claroline 1.7.2 uses guessable session ...)
+CVE-2006-0411
 	NOT-FOR-US: Claroline
-CVE-2006-0410 (SQL injection vulnerability in ADOdb before 4.71, when using ...)
+CVE-2006-0410
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (bug #349985; medium)
 	- moodle 1.6-1 (bug #360395; medium)
 	- cacti 0.8.6d-1 (medium)
-CVE-2006-0409 (Cross-site scripting (XSS) vulnerability in index.php in Pixelpost ...)
+CVE-2006-0409
 	NOT-FOR-US: Pixelpost Photoblog
-CVE-2006-0408 (rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users ...)
+CVE-2006-0408
 	NOT-FOR-US: Sun Grid Engine
-CVE-2006-0407 (Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin ...)
+CVE-2006-0407
 	NOT-FOR-US: AZ Bulletin Board
-CVE-2006-0406 (search.php in MyBB 1.0.2 allows remote attackers to obtain sensitive ...)
+CVE-2006-0406
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0405 (The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 ...)
+CVE-2006-0405
 	- tiff 3.8.0-2 (bug #350715)
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[sarge] - tiff <not-affected> (Vulnerability was introduced later)
 	[woody] - tiff <not-affected> (Vulnerability was introduced later)
-CVE-2006-0404 (Note-A-Day Weblog 2.2 stores sensitive data under the web document ...)
+CVE-2006-0404
 	NOT-FOR-US: Note-A-Day Weblog
-CVE-2006-0403 (Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote ...)
+CVE-2006-0403
 	NOT-FOR-US: e-moBLOG
-CVE-2006-0402 (SQL injection vulnerability in Zoph before 0.5pre1 allows remote ...)
+CVE-2006-0402
 	{DSA-989-1}
 	- zoph 0.5-1 (bug #350717)
-CVE-2006-0401 (Unspecified vulnerability in Mac OS X before 10.4.6, when running on ...)
+CVE-2006-0401
 	NOT-FOR-US: Apple
-CVE-2006-0400 (CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers ...)
+CVE-2006-0400
 	NOT-FOR-US: Apple
-CVE-2006-0399 (Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes ...)
+CVE-2006-0399
 	NOT-FOR-US: Apple
-CVE-2006-0398 (Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes ...)
+CVE-2006-0398
 	NOT-FOR-US: Apple
-CVE-2006-0397 (Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes ...)
+CVE-2006-0397
 	NOT-FOR-US: Apple
-CVE-2006-0396 (Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when ...)
+CVE-2006-0396
 	NOT-FOR-US: Apple
-CVE-2006-0395 (The Download Validation in Mail in Mac OS X 10.4 does not properly ...)
+CVE-2006-0395
 	NOT-FOR-US: Apple
 CVE-2006-0394
 	REJECTED
-CVE-2006-0393 (OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a ...)
+CVE-2006-0393
 	NOT-FOR-US: Apple
-CVE-2006-0392 (Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted ...)
+CVE-2006-0392
 	NOT-FOR-US: Apple
-CVE-2006-0391 (Directory traversal vulnerability in the BOM framework in Mac OS X ...)
+CVE-2006-0391
 	NOT-FOR-US: Apple
 CVE-2006-0390
 	REJECTED
-CVE-2006-0389 (Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) ...)
+CVE-2006-0389
 	NOT-FOR-US: Apple
-CVE-2006-0388 (Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows ...)
+CVE-2006-0388
 	NOT-FOR-US: Apple
-CVE-2006-0387 (Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, ...)
+CVE-2006-0387
 	NOT-FOR-US: Apple
-CVE-2006-0386 (FileVault in Mac OS X 10.4.5 and earlier does not properly mount user ...)
+CVE-2006-0386
 	NOT-FOR-US: Apple
 CVE-2006-0385
 	RESERVED
-CVE-2006-0384 (automount in Mac OS X 10.4.5 and earlier allows remote file servers to ...)
+CVE-2006-0384
 	NOT-FOR-US: Apple
-CVE-2006-0383 (IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 ...)
+CVE-2006-0383
 	NOT-FOR-US: Apple
-CVE-2006-0382 (Apple Mac OS X 10.4.5 and allows local users to cause a denial of ...)
+CVE-2006-0382
 	NOT-FOR-US: Apple
-CVE-2006-0381 (A logic error in the IP fragment cache functionality in pf in FreeBSD ...)
+CVE-2006-0381
 	- kfreebsd-5 5.4-14
-CVE-2006-0380 (A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel ...)
+CVE-2006-0380
 	NOT-FOR-US: FreeBSD, possibly affects kfreebsd-5
-CVE-2006-0379 (FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a ...)
+CVE-2006-0379
 	NOT-FOR-US: FreeBSD, possibly affects kfreebsd-5
-CVE-2006-0378 (Cross-site scripting (XSS) vulnerability in Netrix X-Site Manager ...)
+CVE-2006-0378
 	NOT-FOR-US: Netrix X-Site Manager
-CVE-2006-0377 (CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows ...)
+CVE-2006-0377
 	{DSA-988-1}
 	- squirrelmail 2:1.4.6-1 (bug #354063; bug #355424)
-CVE-2006-0376 (The 802.11 wireless client in certain operating systems including ...)
+CVE-2006-0376
 	NOT-FOR-US: Windows
-CVE-2006-0375 (Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 ...)
+CVE-2006-0375
 	NOT-FOR-US: Advantage Century Telecommunication (ACT) P202S IP Phone
-CVE-2006-0374 (Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 ...)
+CVE-2006-0374
 	NOT-FOR-US: Advantage Century Telecommunication (ACT) P202S IP Phone
-CVE-2006-0373 (Cross-site scripting (XSS) vulnerability in register.aspx in Douran ...)
+CVE-2006-0373
 	NOT-FOR-US: Douran FollowWeb
-CVE-2006-0372 (Multiple SQL injection vulnerabilities in config.php in Insane Visions ...)
+CVE-2006-0372
 	NOT-FOR-US: Insane Visions BlogPHP
-CVE-2006-0371 (Directory traversal vulnerability in index.php in Noah Medling RCBlog ...)
+CVE-2006-0371
 	NOT-FOR-US: Noah Medling RCBlog
-CVE-2006-0370 (Noah Medling RCBlog 1.03 stores the data and config directories under ...)
+CVE-2006-0370
 	NOT-FOR-US: Noah Medling RCBlog
-CVE-2006-0369 (** DISPUTED ** ...)
+CVE-2006-0369
 	- mysql-dfsg-4.1 <unfixed> (unimportant)
 	NOTE: This isn't a security hole, it's expected behaviour
-CVE-2006-0368 (Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before ...)
+CVE-2006-0368
 	NOT-FOR-US: Cisco
-CVE-2006-0367 (Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 ...)
+CVE-2006-0367
 	NOT-FOR-US: Cisco
-CVE-2006-0366 (Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) ...)
+CVE-2006-0366
 	NOT-FOR-US: Phpclanwebsite
-CVE-2006-0365 (Cross-site scripting (XSS) vulnerability in XMB (aka extreme message ...)
+CVE-2006-0365
 	NOT-FOR-US: XMB
-CVE-2006-0364 (Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) ...)
+CVE-2006-0364
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0363 (The &quot;Remember my Password&quot; feature in MSN Messenger 7.5 stores ...)
+CVE-2006-0363
 	NOT-FOR-US: MSN Messenger
-CVE-2006-0362 (TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, ...)
+CVE-2006-0362
 	NOT-FOR-US: TippingPoint IPS
-CVE-2006-0361 (Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 ...)
+CVE-2006-0361
 	NOT-FOR-US: Bit 5 Blog
-CVE-2006-0360 (MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to ...)
+CVE-2006-0360
 	NOT-FOR-US: MPM SIP IP Phone
-CVE-2006-0359 (Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote ...)
+CVE-2006-0359
 	NOT-FOR-US: eyeBeam SIP Softphone
-CVE-2006-0358 (Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 ...)
+CVE-2006-0358
 	NOT-FOR-US: PowerPortal
-CVE-2006-0357 (Grant Averett Cerberus FTP Server 2.32, and possibly earlier versions, ...)
+CVE-2006-0357
 	NOT-FOR-US: Grant Averett Cerberus FTP Server
-CVE-2006-0356 (Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to cause ...)
+CVE-2006-0356
 	NOT-FOR-US: Ari Pikivirta Home Ftp Server
-CVE-2006-0355 (Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers ...)
+CVE-2006-0355
 	NOT-FOR-US: Helmsman Research (aka CoolUtils) HomeFtp
-CVE-2006-0354 (Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) ...)
+CVE-2006-0354
 	NOT-FOR-US: Cisco
-CVE-2006-0352 (The default configuration of Fluffington FLog 1.01 installs ...)
+CVE-2006-0352
 	NOT-FOR-US: Fluffington FLog
-CVE-2006-0351 (Unspecified &quot;critical denial-of-service vulnerability&quot; in MyDNS before ...)
+CVE-2006-0351
 	{DSA-963-1}
 	[sarge] - mydns 1.0.0-4sarge1
 	- mydns 1.1.0+pre-3 (medium; bug #348826)
-CVE-2006-0350 (Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote ...)
+CVE-2006-0350
 	NOT-FOR-US: eggblog
-CVE-2006-0349 (SQL injection vulnerability in eggblog 2.0 allows remote attackers to ...)
+CVE-2006-0349
 	NOT-FOR-US: eggblog
-CVE-2006-0348 (Format string vulnerability in the write_logfile function in ELOG ...)
+CVE-2006-0348
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1 (bug #349528; medium)
-CVE-2006-0347 (Directory traversal vulnerability in ELOG before 2.6.1 allows remote ...)
+CVE-2006-0347
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1 (bug #349528; medium)
-CVE-2006-0346 (Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows ...)
+CVE-2006-0346
 	NOT-FOR-US: SaralBlog
-CVE-2006-0345 (Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote ...)
+CVE-2006-0345
 	NOT-FOR-US: SaralBlog
-CVE-2006-0344 (Directory traversal vulnerability in Intervations FileCOPA FTP Server ...)
+CVE-2006-0344
 	NOT-FOR-US: FileCOPA FTP Server
-CVE-2006-0343 (Unspecified vulnerability in the Port Discovery Standard and Advanced ...)
+CVE-2006-0343
 	NOT-FOR-US: Hitachi JP1/NetInsight II
-CVE-2006-0342 (RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows ...)
+CVE-2006-0342
 	NOT-FOR-US: RockLiffe MailSite
-CVE-2006-0341 (Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe ...)
+CVE-2006-0341
 	NOT-FOR-US: RockLiffe MailSite
-CVE-2006-0340 (Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) ...)
+CVE-2006-0340
 	NOT-FOR-US: Cisco
-CVE-2006-0339 (Buffer overflow in BitComet Client 0.60 allows remote attackers to ...)
+CVE-2006-0339
 	NOT-FOR-US: BitComet
-CVE-2006-0338 (Multiple F-Secure Anti-Virus products and versions for Windows and ...)
+CVE-2006-0338
 	NOT-FOR-US: F-Secure
-CVE-2006-0337 (Buffer overflow in multiple F-Secure Anti-Virus products and versions ...)
+CVE-2006-0337
 	NOT-FOR-US: F-Secure
-CVE-2006-0336 (Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause ...)
+CVE-2006-0336
 	NOT-FOR-US: Kerio Firewall
-CVE-2006-0335 (Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before ...)
+CVE-2006-0335
 	NOT-FOR-US: Kerio Firewall
-CVE-2006-0334 (Cross-site scripting (XSS) vulnerability in search.php in My Amazon ...)
+CVE-2006-0334
 	NOT-FOR-US: My Amazon Store Manager
-CVE-2006-0333 (Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote ...)
+CVE-2006-0333
 	NOT-FOR-US: ar-blog
-CVE-2006-0332 (Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments ...)
+CVE-2006-0332
 	- ecartis 1.0.0+cvs.20030911-11 (low; bug #348824)
 	[sarge] - ecartis <no-dsa> (No real fix available, only rare setups affected, minor exploit potential)
-CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin ...)
+CVE-2006-0331
 	NOT-FOR-US: Squirrelmail plugin
-CVE-2006-0330 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 ...)
+CVE-2006-0330
 	{DSA-1148-1}
 	- gallery 1.5.2-1
-CVE-2006-0329 (SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, ...)
+CVE-2006-0329
 	NOT-FOR-US: HITSENSER Data Mart Server BS
-CVE-2006-0328 (Format string vulnerability in Tftpd32 2.81 allows remote attackers to ...)
+CVE-2006-0328
 	NOT-FOR-US: Tftpd32, different from the tftpd in Debian
-CVE-2006-0327 (TYPO3 3.7.1 allows remote attackers to obtain sensitive information ...)
+CVE-2006-0327
 	- typo3-src 4.0.2-1 (bug #364351; unimportant)
 	NOTE: Only path disclosure
 CVE-2006-0326
 	RESERVED
-CVE-2006-0325 (Etomite Content Management System 0.6, and possibly earlier versions, ...)
+CVE-2006-0325
 	NOT-FOR-US: Etomite CMS
-CVE-2006-0324 (SQL injection vulnerability in WebspotBlogging 3.0 allows remote ...)
+CVE-2006-0324
 	NOT-FOR-US: WebspotBlogging
-CVE-2006-0323 (Buffer overflow in swfformat.dll in multiple RealNetworks products and ...)
+CVE-2006-0323
 	NOT-FOR-US: Real Player (initial advisory claimed Helix affected, which is incorrect
-CVE-2006-0322 (Unspecified vulnerability the edit comment formatting functionality in ...)
+CVE-2006-0322
 	- mediawiki 1.4.15-1 (low)
-CVE-2006-0353 (unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to ...)
+CVE-2006-0353
 	{DSA-956-1}
 	- lsh-utils 2.0.1cdbs-4 (low; bug #349303)
 	NOTE: woody seems to be vulnerable as well (looking at the source code).
-CVE-2006-0283 (Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, ...)
+CVE-2006-0283
 	NOT-FOR-US: Oracle
-CVE-2006-0321 (fetchmail 6.3.0 and other versions before 6.3.2 allows remote ...)
+CVE-2006-0321
 	- fetchmail 6.3.2-1 (bug #348747; low)
 	[sarge] - fetchmail <not-affected> (regression in fetchmail 6.3.0 and 6.3.1)
 	[woody] - fetchmail <not-affected> (regression in fetchmail 6.3.0 and 6.3.1)
-CVE-2006-0320 (SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog ...)
+CVE-2006-0320
 	NOT-FOR-US: Bit 5 Blog
-CVE-2006-0319 (Directory traversal vulnerability in the FTP server (port 22003/tcp) ...)
+CVE-2006-0319
 	NOT-FOR-US: Farmers WIFE
-CVE-2006-0318 (SQL injection vulnerability in index.php in BlogPHP 1.0, when ...)
+CVE-2006-0318
 	NOT-FOR-US: BlogPHP
-CVE-2006-0317 (Cross-site scripting (XSS) vulnerability in rkrt_stats.php in ...)
+CVE-2006-0317
 	NOT-FOR-US: RedKernel Referrer Tracker
-CVE-2006-0316 (Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures (YGP) ...)
+CVE-2006-0316
 	NOT-FOR-US: AOL You've Got Pictures (YGP) Picture Finder Tool ActiveX Control
-CVE-2006-0315 (index.php in EZDatabase before 2.1.2 does not properly cleanse the p ...)
+CVE-2006-0315
 	NOT-FOR-US: EZDatabase
-CVE-2006-0314 (PDFdirectory before 1.0 stores sensitive data in plaintext, which ...)
+CVE-2006-0314
 	NOT-FOR-US: PDFdirectory
-CVE-2006-0313 (Multiple SQL injection vulnerabilities in PDFdirectory before 1.0 ...)
+CVE-2006-0313
 	NOT-FOR-US: PDFdirectory
-CVE-2006-0312 (create.php in aoblogger 2.3 allows remote attackers to bypass ...)
+CVE-2006-0312
 	NOT-FOR-US: aoblogger
-CVE-2006-0311 (SQL injection vulnerability in login.php in aoblogger 2.3 allows ...)
+CVE-2006-0311
 	NOT-FOR-US: aoblogger
-CVE-2006-0310 (Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows ...)
+CVE-2006-0310
 	NOT-FOR-US: aoblogger
-CVE-2006-0309 (Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote ...)
+CVE-2006-0309
 	NOT-FOR-US: Linksys hardware issue
-CVE-2006-0308 (PHP remote file inclusion vulnerability in htmltonuke.php in the ...)
+CVE-2006-0308
 	NOT-FOR-US: HTMLtoNuke
-CVE-2006-0307 (The DM Primer in the DM Deployment Common Component in Computer ...)
+CVE-2006-0307
 	NOT-FOR-US: CA BrightStor products
-CVE-2006-0306 (The DM Primer (dmprimer.exe) in the DM Deployment Common Component in ...)
+CVE-2006-0306
 	NOT-FOR-US: CA BrightStor products
-CVE-2006-0305 (Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware ...)
+CVE-2006-0305
 	NOT-FOR-US: Clipcomm hardware
-CVE-2006-0304 (Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to ...)
+CVE-2006-0304
 	NOT-FOR-US: dual dns server
-CVE-2006-0303 (Multiple unspecified vulnerabilities in the (1) publishing component, ...)
+CVE-2006-0303
 	NOT-FOR-US: Joomla!
-CVE-2006-0302 (ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 ...)
+CVE-2006-0302
 	NOT-FOR-US: ZyXel hardware
-CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other ...)
+CVE-2006-0301
 	{DSA-1019-1 DSA-998-1 DSA-984-1 DSA-983-1 DSA-982-1 DSA-979-1 DSA-974-1 DSA-972-1 DSA-971-1}
 	- poppler 0.4.5-1 (medium)
 	- tetex-bin 3.0-12 (medium)
@@ -15764,563 +15764,563 @@ CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other
 	- libextractor 0.5.10-1 (medium)
 	- pdfkit.framework 0.8-4 (medium)
 	- swftools <not-affected> (splash/ is not included, therefore no vulnerable code)
-CVE-2006-0300 (Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted ...)
+CVE-2006-0300
 	{DSA-987-1}
 	- tar 1.15.1-3 (bug #354091; high)
 	- dpkg <not-affected> (has completely different tar implementation)
 	[woody] - tar <not-affected>
-CVE-2006-0299 (The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...)
+CVE-2006-0299
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- mozilla <not-affected> (E4X not implemented in Mozilla 1.7)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
-CVE-2006-0298 (The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before ...)
+CVE-2006-0298
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
-CVE-2006-0297 (Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if ...)
+CVE-2006-0297
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
 	- xulrunner 1.8.0.1-9
-CVE-2006-0296 (The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, ...)
+CVE-2006-0296
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	- mozilla 2:1.7.13-0.1
 	- thunderbird 1.5.0.2-1
-CVE-2006-0295 (Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ...)
+CVE-2006-0295
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox <not-affected>
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
-CVE-2006-0294 (Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript ...)
+CVE-2006-0294
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- mozilla-thunderbird <removed>
 	- thunderbird 1.5.0.2-1
-CVE-2006-0293 (The function allocation code (js_NewFunction in jsfun.c) in Firefox ...)
+CVE-2006-0293
 	{DSA-1051-1 DSA-1046-1}
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- mozilla 2:1.7.13-0.1
-CVE-2006-0292 (The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before ...)
+CVE-2006-0292
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox 1.0.4-2sarge6
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- thunderbird 1.5.0.2-1
 	- mozilla 2:1.7.13-0.1
-CVE-2006-0291 (Multiple unspecified vulnerabilities in Oracle Database Server ...)
+CVE-2006-0291
 	NOT-FOR-US: Oracle
-CVE-2006-0290 (Unspecified vulnerability in Oracle Database Server 9.2.0.7, ...)
+CVE-2006-0290
 	NOT-FOR-US: Oracle
-CVE-2006-0289 (Multiple unspecified vulnerabilities in Oracle Application Server ...)
+CVE-2006-0289
 	NOT-FOR-US: Oracle
-CVE-2006-0288 (Multiple unspecified vulnerabilities in the Oracle Reports Developer ...)
+CVE-2006-0288
 	NOT-FOR-US: Oracle
-CVE-2006-0287 (Unspecified vulnerability in the Oracle HTTP Server component of ...)
+CVE-2006-0287
 	NOT-FOR-US: Oracle
-CVE-2006-0286 (Unspecified vulnerability in the Oracle HTTP Server component of ...)
+CVE-2006-0286
 	NOT-FOR-US: Oracle
-CVE-2006-0285 (Unspecified vulnerability in the Java Net component of Oracle Database ...)
+CVE-2006-0285
 	NOT-FOR-US: Oracle
-CVE-2006-0284 (Multiple unspecified vulnerabilities in Oracle Application Server ...)
+CVE-2006-0284
 	NOT-FOR-US: Oracle
-CVE-2006-0282 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, ...)
+CVE-2006-0282
 	NOT-FOR-US: Oracle
-CVE-2006-0281 (Unspecified vulnerability in Oracle JD Edwards HTML Server 8.95.F1 ...)
+CVE-2006-0281
 	NOT-FOR-US: Oracle
-CVE-2006-0280 (Unspecified vulnerability in Oracle PeopleSoft Enterprise Portal 8.4 ...)
+CVE-2006-0280
 	NOT-FOR-US: Oracle
-CVE-2006-0279 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2006-0279
 	NOT-FOR-US: Oracle
-CVE-2006-0278 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2006-0278
 	NOT-FOR-US: Oracle
-CVE-2006-0277 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2006-0277
 	NOT-FOR-US: Oracle
-CVE-2006-0276 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite ...)
+CVE-2006-0276
 	NOT-FOR-US: Oracle
-CVE-2006-0275 (Unspecified vulnerability in the Oracle Reports Developer component of ...)
+CVE-2006-0275
 	NOT-FOR-US: Oracle
-CVE-2006-0274 (Unspecified vulnerability in the Oracle Reports Developer component of ...)
+CVE-2006-0274
 	NOT-FOR-US: Oracle
-CVE-2006-0273 (Unspecified vulnerability in the Portal component of Oracle ...)
+CVE-2006-0273
 	NOT-FOR-US: Oracle
-CVE-2006-0272 (Unspecified vulnerability in the XML Database component of Oracle ...)
+CVE-2006-0272
 	NOT-FOR-US: Oracle
-CVE-2006-0271 (Unspecified vulnerability in the Upgrade &amp; Downgrade component of ...)
+CVE-2006-0271
 	NOT-FOR-US: Oracle
-CVE-2006-0270 (Unspecified vulnerability in the Transparent Data Encryption (TDE) ...)
+CVE-2006-0270
 	NOT-FOR-US: Oracle
-CVE-2006-0269 (Unspecified vulnerability in the Streams Capture component of Oracle ...)
+CVE-2006-0269
 	NOT-FOR-US: Oracle
-CVE-2006-0268 (Unspecified vulnerability in the Security component of Oracle Database ...)
+CVE-2006-0268
 	NOT-FOR-US: Oracle
-CVE-2006-0267 (Unspecified vulnerability in the Query Optimizer component of Oracle ...)
+CVE-2006-0267
 	NOT-FOR-US: Oracle
-CVE-2006-0266 (Unspecified vulnerability in the Query Optimizer component of Oracle ...)
+CVE-2006-0266
 	NOT-FOR-US: Oracle
-CVE-2006-0265 (Multiple unspecified vulnerabilities in Oracle Database server ...)
+CVE-2006-0265
 	NOT-FOR-US: Oracle
 CVE-2006-0264
 	REJECTED
-CVE-2006-0263 (Multiple unspecified vulnerabilities in Oracle Database server ...)
+CVE-2006-0263
 	NOT-FOR-US: Oracle
-CVE-2006-0262 (Unspecified vulnerability in the Net Foundation Layer component of ...)
+CVE-2006-0262
 	NOT-FOR-US: Oracle
-CVE-2006-0261 (Multiple unspecified vulnerabilities in Oracle Database server ...)
+CVE-2006-0261
 	NOT-FOR-US: Oracle
-CVE-2006-0260 (Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 ...)
+CVE-2006-0260
 	NOT-FOR-US: Oracle
-CVE-2006-0259 (Multiple unspecified vulnerabilities in Oracle Database server ...)
+CVE-2006-0259
 	NOT-FOR-US: Oracle
-CVE-2006-0258 (Unspecified vulnerability in the Connection Manager component of ...)
+CVE-2006-0258
 	NOT-FOR-US: Oracle
-CVE-2006-0257 (Unspecified vulnerability in the Change Data Capture component of ...)
+CVE-2006-0257
 	NOT-FOR-US: Oracle
-CVE-2006-0256 (Unspecified vulnerability in the Advanced Queuing component of Oracle ...)
+CVE-2006-0256
 	NOT-FOR-US: Oracle
-CVE-2006-0255 (Unquoted Windows search path vulnerability in Check Point VPN-1 ...)
+CVE-2006-0255
 	NOT-FOR-US: Check Point VPN
-CVE-2006-0254 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo ...)
+CVE-2006-0254
 	- geronimo <itp> (bug #481869)
-CVE-2006-0253 (Buffer overflow in the Bluetooth OBEX Object Push service in &quot;Blue ...)
+CVE-2006-0253
 	NOT-FOR-US: AmbiCom Blue Neighbors
-CVE-2006-0252 (SQL injection vulnerability in Benders Calendar 1.0 allows remote ...)
+CVE-2006-0252
 	NOT-FOR-US: Benders Calendar
-CVE-2006-0251 (Cross-site scripting (XSS) vulnerability in fom.cgi in Faq-O-Matic ...)
+CVE-2006-0251
 	- faqomatic 2.712-3
-CVE-2006-0250 (Format string vulnerability in the snmp_input function in snmptrapd in ...)
+CVE-2006-0250
 	NOT-FOR-US: cmu-snmp-linux fork from CMU SNMP
 	NOTE: This bug is present in a fork, not in the mainline
 	NOTE: CMU-SNMP/UCD-SNMP/NET-SNMP versions.
-CVE-2006-0249 (SQL injection vulnerability in viewcat.php in BitDamaged geoBlog ...)
+CVE-2006-0249
 	NOT-FOR-US: geoBlog
-CVE-2006-0248 (Virata-EmWeb web server 6_1_0, as used in (1) Intracom JetSpeed 500 ...)
+CVE-2006-0248
 	NOT-FOR-US: Virata-EmWeb web server
-CVE-2006-0247 (Cross-site scripting (XSS) vulnerability in anyboard.cgi in Netbula ...)
+CVE-2006-0247
 	NOT-FOR-US: Anyboard
-CVE-2006-0246 (Cross-site scripting (XSS) vulnerability in down.pl in Widexl Download ...)
+CVE-2006-0246
 	NOT-FOR-US: Widexl Download Tracker
-CVE-2006-0245 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart ...)
+CVE-2006-0245
 	NOT-FOR-US: CubeCart
-CVE-2006-0244 (** DISPUTED ** ...)
+CVE-2006-0244
 	NOT-FOR-US: phpXplorer
-CVE-2006-0243 (Cross-site scripting (XSS) vulnerability in SMBCMS 2.1 allows remote ...)
+CVE-2006-0243
 	NOT-FOR-US: SMBCMS
-CVE-2006-0242 (Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 ...)
+CVE-2006-0242
 	NOT-FOR-US: PHP Fusebox
-CVE-2006-0241 (Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows ...)
+CVE-2006-0241
 	NOT-FOR-US: WBNews
-CVE-2006-0240 (Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote ...)
+CVE-2006-0240
 	NOT-FOR-US: Simple Blog
-CVE-2006-0239 (Multiple cross-site scripting (XSS) vulnerabilities in Simple Blog 2.1 ...)
+CVE-2006-0239
 	NOT-FOR-US: Simple Blog
-CVE-2006-0238 (SQL injection vulnerability in wp-stats.php in GaMerZ WP-Stats 2.0 ...)
+CVE-2006-0238
 	NOT-FOR-US: GaMerZ WP-Stats
-CVE-2006-0237 (Cross-site scripting (XSS) vulnerability in index.php in GTP iCommerce ...)
+CVE-2006-0237
 	NOT-FOR-US: GTP iCommerce
-CVE-2006-0236 (GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, ...)
+CVE-2006-0236
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2006-0235 (SQL injection vulnerability in WhiteAlbum 2.5 allows remote attackers ...)
+CVE-2006-0235
 	NOT-FOR-US: WhiteAlbum
-CVE-2006-0234 (SQL injection vulnerability in index.php in microBlog 2.0 RC-10 allows ...)
+CVE-2006-0234
 	NOT-FOR-US: microBlog
-CVE-2006-0233 (Cross-site scripting (XSS) vulnerability in functions.php in microBlog ...)
+CVE-2006-0233
 	NOT-FOR-US: microBlog
-CVE-2006-0232 (Symantec Scan Engine 5.0.0.24, and possibly other versions before ...)
+CVE-2006-0232
 	NOT-FOR-US: Symantec Scan Engine
-CVE-2006-0231 (Symantec Scan Engine 5.0.0.24, and possibly other versions before ...)
+CVE-2006-0231
 	NOT-FOR-US: Symantec Scan Engine
-CVE-2006-0230 (Symantec Scan Engine 5.0.0.24, and possibly other versions before ...)
+CVE-2006-0230
 	NOT-FOR-US: Symantec Scan Engine
-CVE-2006-0229 (Unquoted Windows search path vulnerability in Wehntrust might allow ...)
+CVE-2006-0229
 	NOT-FOR-US: Wehntrust
-CVE-2006-0228 (The RBAC functionality in grsecurity before 2.1.8 does not properly ...)
+CVE-2006-0228
 	- kernel-patch-grsecurity2 2.1.8-1 (bug #349246; medium)
 	- kernel-patch-2.4-grsecurity <removed> (bug #349247; medium)
-CVE-2006-0227 (Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, ...)
+CVE-2006-0227
 	NOT-FOR-US: lpsched in Sun Solaris
-CVE-2006-0226 (Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) ...)
+CVE-2006-0226
 	NOT-FOR-US: freebsd kernel
-CVE-2006-0225 (scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands ...)
+CVE-2006-0225
 	- openssh 1:4.3p2-1 (low; bug #349645; bug #352254)
 	[sarge] - openssh <no-dsa> (Protocol flaws inherited from rcp)
 	- dropbear 0.48-1 (unimportant)
 	NOTE: dropbear doesn't include scp in binary package
-CVE-2006-0224 (Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 ...)
+CVE-2006-0224
 	{DSA-976-1}
 	- libast 0.7-1
-CVE-2006-0223 (Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat ...)
+CVE-2006-0223
 	NOT-FOR-US: TopCMM
-CVE-2006-0222 (Cross-site scripting (XSS) vulnerability in fullview.php in AlstraSoft ...)
+CVE-2006-0222
 	NOT-FOR-US: AlstraSoft Template Seller Pro
-CVE-2006-0221 (SQL injection vulnerability in index.asp in the Admin Panel in Dragon ...)
+CVE-2006-0221
 	NOT-FOR-US: Dragon Design Services Network (DDSN)
-CVE-2006-0220 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3 ...)
+CVE-2006-0220
 	NOT-FOR-US: DCP-Portal
-CVE-2006-0219 (The original distribution of MyBulletinBoard (MyBB) to update from ...)
+CVE-2006-0219
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0218 (Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before ...)
+CVE-2006-0218
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0217 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate ...)
+CVE-2006-0217
 	NOT-FOR-US: Ultimate Auction
-CVE-2006-0216 (admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows ...)
+CVE-2006-0216
 	NOT-FOR-US: QualityEBiz Quality PPC
-CVE-2006-0215 (Cross-site scripting (XSS) vulnerability in admin.php in QualityEBiz ...)
+CVE-2006-0215
 	NOT-FOR-US: QualityEBiz Quality PPC
-CVE-2006-0214 (Eval injection vulnerability in ezDatabase 2.0 and earlier allows ...)
+CVE-2006-0214
 	NOT-FOR-US: ezDatabase
-CVE-2006-0213 (Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 ...)
+CVE-2006-0213
 	NOT-FOR-US: Kolab Server
 	NOTE: libkolab-perl are extensions for this server, but server does not seem to be in debian
-CVE-2006-0212 (Directory traversal vulnerability in OBEX Push services in Toshiba ...)
+CVE-2006-0212
 	NOT-FOR-US: Toshiba Bluetooth Stack
-CVE-2006-0211 (Cross-site scripting (XSS) vulnerability in forgotPassword.asp in Helm ...)
+CVE-2006-0211
 	NOT-FOR-US: Helm Hosting Control Panel
-CVE-2006-0210 (Cross-site scripting (XSS) vulnerability in index.php in Interspire ...)
+CVE-2006-0210
 	NOT-FOR-US: Interspire TrackPoint NX
-CVE-2006-0209 (SQL injection vulnerability in general_functions.php in TankLogger 2.4 ...)
+CVE-2006-0209
 	NOT-FOR-US: TankLogger
-CVE-2006-0208 (Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and ...)
+CVE-2006-0208
 	- php5 5.1.2-1
 	- php4 4:4.4.2-1 (bug #354682; low)
 	[sarge] - php4 <no-dsa> (html_errors shouldn't be used)
-CVE-2006-0207 (Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow ...)
+CVE-2006-0207
 	{DSA-1331-1}
 	- php5 5.1.2-1 (bug #347894)
 	- php4 4:4.4.2-1 (bug #354683)
-CVE-2006-0206 (Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 ...)
+CVE-2006-0206
 	NOT-FOR-US: Light Weight Calendar
-CVE-2006-0205 (Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote ...)
+CVE-2006-0205
 	NOT-FOR-US: Wordcircle
-CVE-2006-0204 (Multiple cross-site scripting (XSS) vulnerabilities in Wordcircle 2.17 ...)
+CVE-2006-0204
 	NOT-FOR-US: Wordcircle
-CVE-2006-0203 (membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not ...)
+CVE-2006-0203
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-0202 (Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP ...)
+CVE-2006-0202
 	NOT-FOR-US: PayPal Web Services
-CVE-2006-0201 (Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP ...)
+CVE-2006-0201
 	NOT-FOR-US: PayPal Web Services
-CVE-2006-0200 (Format string vulnerability in the error-reporting feature in the ...)
+CVE-2006-0200
 	- php5 5.1.2-1 (bug #347894; unimportant)
 	- php4 <not-affected> (vulnerable code was introduced in PHP5)
 	NOTE: Not built into the binary packages
-CVE-2006-0199 (SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 ...)
+CVE-2006-0199
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-0198 (Cross-site scripting (XSS) vulnerability in a certain module, possibly ...)
+CVE-2006-0198
 	NOT-FOR-US: XOOPS
-CVE-2006-0197 (The XClientMessageEvent struct used in certain components of X.Org ...)
+CVE-2006-0197
 	NOTE: Historic X11 bug #349251
-CVE-2006-0196 (Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 ...)
+CVE-2006-0196
 	NOT-FOR-US: slsnif
-CVE-2006-0195 (Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 ...)
+CVE-2006-0195
 	{DSA-988-1}
 	- squirrelmail 2:1.4.6-1 (bug #354062)
-CVE-2006-0194 (Cross-site scripting (XSS) vulnerability in default.asp in FogBugz ...)
+CVE-2006-0194
 	NOT-FOR-US: FogBugz
-CVE-2006-0193 (Cross-site scripting (XSS) vulnerability in the Hosting Control Panel ...)
+CVE-2006-0193
 	NOT-FOR-US: Positive Software H-Sphere
-CVE-2006-0192 (SQL injection vulnerability in Login_Validate.asp in ASPSurvey 1.10 ...)
+CVE-2006-0192
 	NOT-FOR-US: ASPSurvey
-CVE-2006-0191 (Unspecified vulnerability in Sun Solaris 10 allows local users to ...)
+CVE-2006-0191
 	NOT-FOR-US: Sun Solaris
-CVE-2006-0190 (Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform ...)
+CVE-2006-0190
 	NOT-FOR-US: Sun Solaris
-CVE-2006-0189 (Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows ...)
+CVE-2006-0189
 	NOT-FOR-US: eStara Softphone
-CVE-2006-0188 (webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to ...)
+CVE-2006-0188
 	{DSA-988-1}
 	- squirrelmail 2:1.4.6-1 (bug #354064)
-CVE-2006-2443 (The Debian package of knowledgetree 2.0.7 creates environment.php with ...)
+CVE-2006-2443
 	- knowledgetree 2.0.7-2 (bug #348306; medium)
-CVE-2006-0187 (By design, Microsoft Visual Studio 2005 automatically executes code in ...)
+CVE-2006-0187
 	NOT-FOR-US: Microsoft
 CVE-2006-0186
 	REJECTED
-CVE-2006-0185 (Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) ...)
+CVE-2006-0185
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0184 (Multiple SQL injection vulnerabilities in AspTopSites allow remote ...)
+CVE-2006-0184
 	NOT-FOR-US: AspTopSites
-CVE-2006-0183 (Direct static code injection vulnerability in edit.php in ACal ...)
+CVE-2006-0183
 	NOT-FOR-US: ACal Calendar Project
-CVE-2006-0182 (login.php in ACal Calendar Project 2.2.5 allows remote attackers to ...)
+CVE-2006-0182
 	NOT-FOR-US: ACal Calendar Project
-CVE-2006-0181 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
+CVE-2006-0181
 	NOT-FOR-US: Cisco
-CVE-2006-0180 (Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 ...)
+CVE-2006-0180
 	NOT-FOR-US: CaLogic Calendars
-CVE-2006-0179 (The Cisco IP Phone 7940 allows remote attackers to cause a denial of ...)
+CVE-2006-0179
 	NOT-FOR-US: Cisco
-CVE-2006-0178 (Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local ...)
+CVE-2006-0178
 	NOT-FOR-US: Cray UNICOS
-CVE-2006-0177 (Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local ...)
+CVE-2006-0177
 	NOT-FOR-US: Cray UNICOS
-CVE-2006-0176 (Buffer overflow in certain functions in src/fileio.c and ...)
+CVE-2006-0176
 	- xmame 0.104-1 (medium; bug #349653)
 	NOTE: Only xmame-svgalib is vulnerable, the xmame-x package has a debconf
 	NOTE: question, that makes it very clear that setuid root is only for single-user
 	NOTE: systems and xmame-sdl and xmess aren't setuid at all
 	[sarge] - xmame <no-dsa> (XMame is non-free software)
-CVE-2006-0175 (Cross-site scripting (XSS) vulnerability in search_form.asp in Web Wiz ...)
+CVE-2006-0175
 	NOT-FOR-US: Web Wiz Forums
-CVE-2006-0174 (Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) ...)
+CVE-2006-0174
 	NOT-FOR-US: Hummingbird Collaboration
-CVE-2006-0173 (Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) ...)
+CVE-2006-0173
 	NOT-FOR-US: Hummingbird Collaboration
-CVE-2006-0172 (Cross-site scripting (XSS) vulnerability in the file manager utility ...)
+CVE-2006-0172
 	NOT-FOR-US: Hummingbird Collaboration
-CVE-2006-0171 (PHP remote file include vulnerability in index.php in OrjinWeb ...)
+CVE-2006-0171
 	NOT-FOR-US: OrjinWeb E-commerce
 CVE-2006-0170
 	REJECTED
-CVE-2006-0169 (addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, ...)
+CVE-2006-0169
 	NOT-FOR-US: MyPhPim
-CVE-2006-0168 (Cross-site scripting (XSS) vulnerability in MyPhPim 01.05 allows ...)
+CVE-2006-0168
 	NOT-FOR-US: MyPhPim
-CVE-2006-0167 (SQL injection vulnerability in MyPhPim 01.05 allows remote attackers ...)
+CVE-2006-0167
 	NOT-FOR-US: MyPhPim
-CVE-2006-0166 (Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 ...)
+CVE-2006-0166
 	NOT-FOR-US: Symantec SystemWorks
-CVE-2006-0165 (Cross-site scripting (XSS) vulnerability in the DataForm Entries ...)
+CVE-2006-0165
 	NOT-FOR-US: WebGUI
-CVE-2006-0164 (phgstats.inc.php in phgstats before 0.5.1, if register_globals is ...)
+CVE-2006-0164
 	NOT-FOR-US: phgstats
-CVE-2006-0163 (SQL injection vulnerability in the search module ...)
+CVE-2006-0163
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0161 (Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown ...)
+CVE-2006-0161
 	NOT-FOR-US: Solaris
-CVE-2006-0160 (SQL injection vulnerability in add_post.php3 in Venom Board 1.22 ...)
+CVE-2006-0160
 	NOT-FOR-US: Venom Board
-CVE-2006-0159 (SQL injection vulnerability in escribir.php in Foro Domus 2.10 allows ...)
+CVE-2006-0159
 	NOT-FOR-US: Foro Domus
-CVE-2006-0158 (SQL injection vulnerability in index.php in CyberDoc SiteSuite CMS ...)
+CVE-2006-0158
 	NOT-FOR-US: CyberDoc SiteSuite CMS
-CVE-2006-0157 (settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows ...)
+CVE-2006-0157
 	NOT-FOR-US: Reamday Enterprises Magic News Plus
-CVE-2006-0156 (Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows ...)
+CVE-2006-0156
 	NOT-FOR-US: Foxforum
-CVE-2006-0155 (Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and ...)
+CVE-2006-0155
 	NOT-FOR-US: 427BB
-CVE-2006-0154 (SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 ...)
+CVE-2006-0154
 	NOT-FOR-US: 427BB
-CVE-2006-0153 (427BB 2.2 and 2.2.1 verifies authentication credentials based on the ...)
+CVE-2006-0153
 	NOT-FOR-US: 427BB
-CVE-2006-0152 (Cross-site scripting (XSS) in search_result.php in phpChamber 1.2 and ...)
+CVE-2006-0152
 	NOT-FOR-US: phpChamber
-CVE-2006-0151 (sudo 1.6.8 and other versions does not clear the PYTHONINSPECT ...)
+CVE-2006-0151
 	{DSA-946-2}
 	- sudo 1.6.8p12-1 (medium)
 	NOTE: The whole black list approach is flawed, for the DSA we'll switch to
 	NOTE: a white list approach of known to be safe env vars.
-CVE-2006-0150 (Multiple format string vulnerabilities in the auth_ldap_log_reason ...)
+CVE-2006-0150
 	{DSA-952-1}
 	- libapache-auth-ldap <removed> (bug #347416)
-CVE-2006-0149 (Cross-site scripting (XSS) vulnerability in SimpBook 1.0, with ...)
+CVE-2006-0149
 	NOT-FOR-US: SimpBook
-CVE-2006-0148 (NetSarang Xlpd 2.1 allows remote attackers to cause a denial of ...)
+CVE-2006-0148
 	NOT-FOR-US: NetSarang Xlpd
-CVE-2006-0147 (Dynamic code evaluation vulnerability in tests/tmssql.php test script ...)
+CVE-2006-0147
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (medium; bug #349985)
 	- cacti 0.8.6d-1 (medium)
 	- moodle 1.6.3-2 (medium)
 	NOTE: exact moodle fixed version not known, but at least <= 1.6.3-2
-CVE-2006-0146 (The server.php test script in ADOdb for PHP before 4.70, as used in ...)
+CVE-2006-0146
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (medium; bug #349985)
 	- cacti 0.8.6d-1 (medium)
 	- moodle 1.6.3-2 (medium)
 	NOTE: exact moodle fixed version not known, but at least <= 1.6.3-2
-CVE-2006-0145 (The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and ...)
+CVE-2006-0145
 	NOT-FOR-US: NetBSD
-CVE-2006-0144 (The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in ...)
+CVE-2006-0144
 	NOT-FOR-US: Neither php-pear nor php4-pear ship this file
-CVE-2006-0143 (Microsoft Windows Graphics Rendering Engine (GRE) allows remote ...)
+CVE-2006-0143
 	NOT-FOR-US: Windows
-CVE-2006-0142 (Cross-site scripting (XSS) vulnerability in andromeda.php in Andromeda ...)
+CVE-2006-0142
 	NOT-FOR-US: Andromeda
-CVE-2006-0141 (Qualcomm Eudora Internet Mail Server (EIMS) before 3.2.8 allows remote ...)
+CVE-2006-0141
 	NOT-FOR-US: Eudora
-CVE-2006-0140 (Cross-site scripting (XSS) vulnerability in post.php in NavBoard V16 ...)
+CVE-2006-0140
 	NOT-FOR-US: Navboard
-CVE-2006-0139 (The send-private-message functionality (send-private-message.asp) in ...)
+CVE-2006-0139
 	NOT-FOR-US: PD9 Software MegaBBS
-CVE-2006-0162 (Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus ...)
+CVE-2006-0162
 	{DSA-947-1}
 	- clamav 0.88-1
-CVE-2006-0138 (aMSN (aka Alvaro's Messenger) allows remote attackers to cause a ...)
+CVE-2006-0138
 	- amsn 0.98.9-1 (low; bug #557754)
 	[squeeze] - amsn <no-dsa> (minor issue)
 	[etch] - amsn <no-dsa> (minor issue)
 	[lenny] - amsn <no-dsa> (minor issue)
-CVE-2006-0137 (SQL injection vulnerability in linkcategory.php in Phanatic Softwares ...)
+CVE-2006-0137
 	NOT-FOR-US: Phanatic Softwares Chimera Web Portal System
-CVE-2006-0136 (Multiple cross-site scripting (XSS) vulnerabilities in the guestbook ...)
+CVE-2006-0136
 	NOT-FOR-US: Phanatic Softwares Chimera Web Portal System
-CVE-2006-0135 (SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 ...)
+CVE-2006-0135
 	NOT-FOR-US: TheWebForum
-CVE-2006-0134 (Cross-site scripting (XSS) vulnerability in register.php in ...)
+CVE-2006-0134
 	NOT-FOR-US: TheWebForum
-CVE-2006-0133 (Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow ...)
+CVE-2006-0133
 	NOT-FOR-US: AIX
-CVE-2006-0132 (Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6 ...)
+CVE-2006-0132
 	NOT-FOR-US: SysCP WebFTP
-CVE-2006-0131 (boastMachine 3.1 allows remote attackers to obtain sensitive ...)
+CVE-2006-0131
 	NOT-FOR-US: boastMachine
-CVE-2006-0130 (Mail Management Agent (MAILMA) (aka Mail Management Server) in ...)
+CVE-2006-0130
 	NOT-FOR-US: Mail Management Agent
-CVE-2006-0129 (Mail Management Agent (MAILMA) (aka Mail Management Server) in ...)
+CVE-2006-0129
 	NOT-FOR-US: Mail Management Agent
-CVE-2006-0128 (Buffer overflow in the IMAP service of Rockliffe MailSite before ...)
+CVE-2006-0128
 	NOT-FOR-US: Rockliffe MailSite
-CVE-2006-0127 (Directory traversal vulnerability in the IMAP service of Rockliffe ...)
+CVE-2006-0127
 	NOT-FOR-US: Rockliffe MailSite
-CVE-2006-0126 (rxvt-unicode before 6.3, on certain platforms that use openpty and ...)
+CVE-2006-0126
 	- rxvt-unicode 6.3-1
 	[sarge] - rxvt-unicode <not-affected> (rxvt-unicode author disagrees with CVE, GNU/Linux not affected - see 6.3 entry in http://dist.schmorp.de/rxvt-unicode/Changes)
 	[woody] - rxvt-unicode <not-affected> (rxvt-unicode author disagrees with CVE, GNU/Linux not affected - see 6.3 entry in http://dist.schmorp.de/rxvt-unicode/Changes)
-CVE-2006-0125 (Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows ...)
+CVE-2006-0125
 	NOT-FOR-US: AppServ
-CVE-2006-0124 (Cross-site scripting (XSS) vulnerability in crear.php in ADN Forum ...)
+CVE-2006-0124
 	NOT-FOR-US: ADN Forum
-CVE-2006-0123 (Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote ...)
+CVE-2006-0123
 	NOT-FOR-US: ADN Forum
-CVE-2006-0122 (Cross-site scripting (XSS) vulnerability in Public/Index.asp in ...)
+CVE-2006-0122
 	NOT-FOR-US: Aquifer CMS
-CVE-2006-0121 (Multiple memory leaks in IBM Lotus Notes and Domino Server before ...)
+CVE-2006-0121
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0120 (Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino ...)
+CVE-2006-0120
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0119 (Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino ...)
+CVE-2006-0119
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0118 (Unspecified vulnerability in IBM Lotus Notes and Domino Server before ...)
+CVE-2006-0118
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0117 (Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 ...)
+CVE-2006-0117
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0116 (Cross-site scripting vulnerability search.inetstore in iNETstore ...)
+CVE-2006-0116
 	NOT-FOR-US: iNETstore Ebusiness Software
-CVE-2006-0115 (Multiple SQL injection vulnerabilities in OnePlug Solutions OnePlug ...)
+CVE-2006-0115
 	NOT-FOR-US: OnePlug Solutions OnePlug CMS
-CVE-2006-0114 (The vCard functions in Joomla! 1.0.5 use predictable sequential IDs ...)
+CVE-2006-0114
 	NOT-FOR-US: Joomla!
-CVE-2006-0113 (Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the ...)
+CVE-2006-0113
 	NOT-FOR-US: Enhanced Simple PHP Gallery
-CVE-2006-0112 (Cross-site scripting (XSS) vulnerability in index.php in Enhanced ...)
+CVE-2006-0112
 	NOT-FOR-US: Enhanced Simple PHP Gallery
-CVE-2006-0111 (Cross-site scripting vulnerability in index.php in Boxcar Media ...)
+CVE-2006-0111
 	NOT-FOR-US: Boxcar Media Shopping Cart
-CVE-2006-0110 (Cross-site scripting (XSS) vulnerability in escribir.php in Foro Domus ...)
+CVE-2006-0110
 	NOT-FOR-US: Foro Domus
-CVE-2006-0109 (Cross-site scripting vulnerability in category.php in Modular Merchant ...)
+CVE-2006-0109
 	NOT-FOR-US: Modular Merchant Shopping Cart
-CVE-2006-0108 (SQL injection vulnerability in mcl_login.asp in Timecan CMS allows ...)
+CVE-2006-0108
 	NOT-FOR-US: Timecan CMS
-CVE-2006-0107 (SQL injection vulnerability in Timecan CMS allows remote attackers to ...)
+CVE-2006-0107
 	NOT-FOR-US: Timecan CMS
-CVE-2006-0105 (PostgreSQL 8.0.x before 8.0.6 and 8.1.x before 8.1.2, when running on ...)
+CVE-2006-0105
 	NOT-FOR-US: PostgreSQL on Windows
-CVE-2006-0104 (Directory traversal vulnerability in TinyPHPForum 3.6 and earlier ...)
+CVE-2006-0104
 	NOT-FOR-US: TinyPHPForum
-CVE-2006-0103 (TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and ...)
+CVE-2006-0103
 	NOT-FOR-US: TinyPHPForum
-CVE-2006-0102 (Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF) 3.6 and ...)
+CVE-2006-0102
 	NOT-FOR-US: TinyPHPForum
-CVE-2006-0101 (Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 ...)
+CVE-2006-0101
 	NOT-FOR-US: sBLOG
-CVE-2006-0100 (Buffer overflow in NicoFTP 3.0.1.19 and earlier might allow local ...)
+CVE-2006-0100
 	NOT-FOR-US: NicoFTP
-CVE-2006-0099 (PHP remote file include vulnerability in (1) ...)
+CVE-2006-0099
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2006-0098 (The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and ...)
+CVE-2006-0098
 	NOT-FOR-US: OpenBSD
-CVE-2006-0097 (Stack-based buffer overflow in the create_named_pipe function in ...)
+CVE-2006-0097
 	- php4 <not-affected> (Windows specific)
 	- php5 <not-affected> (Windows specific)
-CVE-2006-0096 (wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 ...)
+CVE-2006-0096
 	{DSA-1017-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	- kernel-source-2.4.27 2.4.27-8
-CVE-2006-0095 (dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure ...)
+CVE-2006-0095
 	{DSA-1017-1}
 	- linux-2.6 2.6.16-1
 	- kernel-source-2.4.27 <not-affected> (2.4 doesn't have dm-crypt)
-CVE-2006-0094 (PHP remote file include vulnerability in forum.php in oaBoard 1.0 ...)
+CVE-2006-0094
 	NOT-FOR-US: oaBoard
-CVE-2006-0093 (Cross-site scripting (XSS) vulnerability in index.php in @Card ME PHP ...)
+CVE-2006-0093
 	NOT-FOR-US: @Card ME PHP
 CVE-2006-0092
 	REJECTED
-CVE-2006-0091 (Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange ...)
+CVE-2006-0091
 	NOT-FOR-US: Open-Xchange
-CVE-2006-0090 (Directory traversal vulnerability in index.php in IDV Directory Viewer ...)
+CVE-2006-0090
 	NOT-FOR-US: IDV Directory Viewer
-CVE-2006-0089 (Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to ...)
+CVE-2006-0089
 	NOT-FOR-US: ESRI ArcPad
-CVE-2006-0088 (SQL injection vulnerability in intouch.lib.php in inTouch 0.5.1 Alpha ...)
+CVE-2006-0088
 	NOT-FOR-US: inTouch
-CVE-2006-0087 (SQL injection vulnerability in (1) pages.php and (2) detail.php in ...)
+CVE-2006-0087
 	NOT-FOR-US: Lizard Cart
-CVE-2006-0086 (Cross-site scripting vulnerability in index.php in Next Generation ...)
+CVE-2006-0086
 	NOT-FOR-US: Next Generation Image Gallery
-CVE-2006-0085 (SQL injection vulnerability in Nkads 1.0 alfa 3 allows remote ...)
+CVE-2006-0085
 	NOT-FOR-US: Nkads
-CVE-2006-0084 (Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and ...)
+CVE-2006-0084
 	NOT-FOR-US: raSMP
-CVE-2006-0083 (Format string vulnerability in the logging code of SMS Server Tools ...)
+CVE-2006-0083
 	{DSA-930-2 DSA-930-1}
 	- smstools 1.16-1.1 (bug #347221; medium)
-CVE-2006-0106 (gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, ...)
+CVE-2006-0106
 	{DSA-954-1 CVE-2005-4560}
 	- wine 0.9.2-1 (bug #346197; medium)
-CVE-2006-0082 (Format string vulnerability in the SetImageInfo function in image.c ...)
+CVE-2006-0082
 	{DSA-1213}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345876)
-CVE-2006-0081 (ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics ...)
+CVE-2006-0081
 	NOT-FOR-US: Intel
-CVE-2006-0080 (Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and ...)
+CVE-2006-0080
 	NOT-FOR-US: vBulletin
-CVE-2006-0079 (SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 ...)
+CVE-2006-0079
 	NOT-FOR-US: ScozNet
-CVE-2006-0078 (Multiple cross-site scripting (XSS) vulnerabilities in B-net Software ...)
+CVE-2006-0078
 	NOT-FOR-US: B-Net Software
-CVE-2006-0077 (Off-by-one error in the getfattr function in File::ExtAttr before 0.03 ...)
+CVE-2006-0077
 	NOT-FOR-US: File::ExtAttr
-CVE-2006-0076 (PHP remote file include vulnerability in forum.php in oaBoard 1.0 ...)
+CVE-2006-0076
 	NOT-FOR-US: oaBoard
-CVE-2006-0075 (Direct static code injection vulnerability in phpBook 1.3.2 and ...)
+CVE-2006-0075
 	NOT-FOR-US: phpBook
-CVE-2006-0074 (SQL injection vulnerability in profile.php in PHPenpals allows remote ...)
+CVE-2006-0074
 	NOT-FOR-US: PHPenpals
-CVE-2006-0073 (Cross-site scripting (XSS) vulnerability in DiscusWare Discus Freeware ...)
+CVE-2006-0073
 	NOT-FOR-US: DiscusWare Discus
-CVE-2006-0072 (Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote ...)
+CVE-2006-0072
 	NOT-FOR-US: SCO Openserver
-CVE-2006-0071 (The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid ...)
+CVE-2006-0071
 	- pinentry <not-affected> (Gentoo-specific packaging flaw)
-CVE-2006-0070 (** DISPUTED ** ...)
+CVE-2006-0070
 	- drupal <not-affected> (According to upstream advisory is junk, behaviour intentional)
 	NOTE: This will probably be REJECTED anyway
-CVE-2006-0069 (Cross-site scripting (XSS) vulnerability in addentry.php in Chipmunk ...)
+CVE-2006-0069
 	NOT-FOR-US: Chipmunk Guestbook
-CVE-2006-0068 (SQL injection vulnerability in Primo Cart 1.0 and earlier allows ...)
+CVE-2006-0068
 	NOT-FOR-US: Primo Cart
-CVE-2006-0067 (SQL injection vulnerability in login.php in VEGO Links Builder 2.00 ...)
+CVE-2006-0067
 	NOT-FOR-US: VEGO Links Builder
-CVE-2006-0066 (SQL injection vulnerability in index.php in PHPjournaler 1.0 allows ...)
+CVE-2006-0066
 	NOT-FOR-US: PHPjournaler
-CVE-2006-0065 (SQL injection vulnerability in (1) functions.php, (2) ...)
+CVE-2006-0065
 	NOT-FOR-US: VEGO Web Forum
-CVE-2006-0064 (PHP remote file include vulnerability in includes/orderSuccess.inc.php ...)
+CVE-2006-0064
 	NOT-FOR-US: CubeCart
-CVE-2006-0063 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.19, when ...)
+CVE-2006-0063
 	- phpbb2 2.0.21-1 (unimportant)
 	[sarge] - phpbb2 <no-dsa> (Affects only an inherently unsafe option only suitable for trusted users)
 	NOTE: According to the maintainer only affects a config option that is strongly
@@ -16335,114 +16335,114 @@ CVE-2006-0061 [xlock segfaults when using libpam-opensc]
 	[sarge] - xlockmore <no-dsa> (Minor issue)
 CVE-2006-0060
 	RESERVED
-CVE-2006-0059 (Heap-based buffer overflow in the ISO Transport Service over TCP (RFC ...)
+CVE-2006-0059
 	NOT-FOR-US: LiveData
-CVE-2006-0058 (Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows ...)
+CVE-2006-0058
 	{DSA-1015-1}
 	- sendmail 8.13.6-1 (bug #358440; high)
-CVE-2006-0057 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers ...)
+CVE-2006-0057
 	NOT-FOR-US: Windows
-CVE-2006-0056 (Double free vulnerability in the authentication and authentication ...)
+CVE-2006-0056
 	- pam-mysql 0.6.2-1 (bug #353589; medium)
 	[sarge] - pam-mysql <not-affected> (Vulnerable code not present)
-CVE-2006-0055 (The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable ...)
+CVE-2006-0055
 	- ee 1:1.4.2-5 (bug #348322)
-CVE-2006-0054 (The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to ...)
+CVE-2006-0054
 	NOT-FOR-US: FreeBSD
-CVE-2006-0053 (Imager (libimager-perl) before 0.50 allows user-assisted attackers to ...)
+CVE-2006-0053
 	{DSA-1028-1}
 	- libimager-perl 0.50-1 (bug #359661)
-CVE-2006-0052 (The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, ...)
+CVE-2006-0052
 	{DSA-1027-1}
 	- mailman 2.1.6-1 (bug #358892)
-CVE-2006-0051 (Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through ...)
+CVE-2006-0051
 	{DSA-1023-1}
 	- kaffeine 0.8-1
-CVE-2006-0050 (snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary ...)
+CVE-2006-0050
 	{DSA-1013-1}
 	- snmptrapfmt 1.10
-CVE-2006-0049 (gpg in GnuPG before 1.4.2.2 does not properly verify non-detached ...)
+CVE-2006-0049
 	{DSA-993-2}
 	- gnupg 1.4.2.2-1 (bug #356125; medium)
 	- gnupg2 <not-affected> (Vulnerable code not activated)
-CVE-2006-0048 (Francesco Stablum tcpick 0.2.1 allows remote attackers to cause a ...)
+CVE-2006-0048
 	- tcpick 0.2.1-3 (bug #360571; low)
 	[sarge] - tcpick <no-dsa> (Minor issue)
-CVE-2006-0047 (packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause ...)
+CVE-2006-0047
 	{DSA-994-1}
 	- freeciv 2.0.8-1 (medium; bug #355211)
-CVE-2006-0046 (squid_redirect script in adzapper before 2006-01-29 allows remote ...)
+CVE-2006-0046
 	{DSA-966-1}
 	- adzapper 20060115-1
-CVE-2006-0045 (crawl before 4.0.0 does not securely call programs when saving and ...)
+CVE-2006-0045
 	{DSA-949-1}
 	- crawl 1:4.0.0beta26-7 (medium)
-CVE-2006-0044 (Unspecified vulnerability in context.py in Albatross web application ...)
+CVE-2006-0044
 	{DSA-942-1}
 	- albatross 1.33-1
-CVE-2006-0043 (Buffer overflow in the realpath function in nfs-server rpc.mountd, as ...)
+CVE-2006-0043
 	{DSA-975-1}
 	- nfs-user-server 2.2beta47-22 (high; bug #350020)
 	NOTE: nfs-utils (kernel NFS server) is not affected
 	NOTE: (it uses PATH_MAX for the buffer passed to realpath).
-CVE-2006-0042 (Unspecified vulnerability in (1) apreq_parse_headers and (2) ...)
+CVE-2006-0042
 	{DSA-1000-2}
 	- libapreq2 2.07-1
 CVE-2006-0041
 	REJECTED
-CVE-2006-0040 (GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a ...)
+CVE-2006-0040
 	- evolution 2.10.1 (bug #398064; low)
 	[etch] - evolution <no-dsa> (Minor issue)
 	[sarge] - evolution <not-affected> (Not reproducable on Sarge)
-CVE-2006-0039 (Race condition in the do_add_counters function in netfilter for Linux ...)
+CVE-2006-0039
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-14
-CVE-2006-0038 (Integer overflow in the do_replace function in netfilter for Linux ...)
+CVE-2006-0038
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-1
-CVE-2006-0037 (ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in ...)
+CVE-2006-0037
 	- linux-2.6 2.6.15-3
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
-CVE-2006-0036 (ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in ...)
+CVE-2006-0036
 	- linux-2.6 2.6.15-3
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
-CVE-2006-0035 (The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 ...)
+CVE-2006-0035
 	- linux-2.6 2.6.15-3
-CVE-2006-0019 (Heap-based buffer overflow in the encodeURI and decodeURI functions in ...)
+CVE-2006-0019
 	{DSA-948-1}
 	- kdelibs 4:3.5.1-1 (medium)
-CVE-2006-0034 (Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext ...)
+CVE-2006-0034
 	NOT-FOR-US: Microsoft
-CVE-2006-0033 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
+CVE-2006-0033
 	NOT-FOR-US: Microsoft
-CVE-2006-0032 (Cross-site scripting (XSS) vulnerability in the Indexing Service in ...)
+CVE-2006-0032
 	NOT-FOR-US: Microsoft
-CVE-2006-0031 (Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, ...)
+CVE-2006-0031
 	NOT-FOR-US: Microsoft
-CVE-2006-0030 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in ...)
+CVE-2006-0030
 	NOT-FOR-US: Microsoft
-CVE-2006-0029 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in ...)
+CVE-2006-0029
 	NOT-FOR-US: Microsoft
-CVE-2006-0028 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in ...)
+CVE-2006-0028
 	NOT-FOR-US: Microsoft
-CVE-2006-0027 (Unspecified vulnerability in Microsoft Exchange allows remote ...)
+CVE-2006-0027
 	NOT-FOR-US: Microsoft
-CVE-2006-0026 (Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, ...)
+CVE-2006-0026
 	NOT-FOR-US: Microsoft
-CVE-2006-0025 (Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 ...)
+CVE-2006-0025
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 ...)
+CVE-2006-0024
 	- flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
 	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
-CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and possibly ...)
+CVE-2006-0023
 	NOT-FOR-US: Microsoft
-CVE-2006-0022 (Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office ...)
+CVE-2006-0022
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-0021 (Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows ...)
+CVE-2006-0021
 	NOT-FOR-US: Microsoft
-CVE-2006-0020 (An unspecified Microsoft WMF parsing application, as used in Internet ...)
+CVE-2006-0020
 	NOT-FOR-US: Microsoft
 CVE-2006-0018
 	REJECTED
@@ -16450,33 +16450,33 @@ CVE-2006-0017
 	RESERVED
 CVE-2006-0016
 	RESERVED
-CVE-2006-0015 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2006-0015
 	NOT-FOR-US: Microsoft
-CVE-2006-0014 (Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote ...)
+CVE-2006-0014
 	NOT-FOR-US: Microsoft
-CVE-2006-0013 (Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft ...)
+CVE-2006-0013
 	NOT-FOR-US: Microsoft
-CVE-2006-0012 (Unspecified vulnerability in Windows Explorer in Microsoft Windows ...)
+CVE-2006-0012
 	NOT-FOR-US: Microsoft
 CVE-2006-0011
 	REJECTED
-CVE-2006-0010 (Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 ...)
+CVE-2006-0010
 	NOT-FOR-US: Microsoft
-CVE-2006-0009 (Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other ...)
+CVE-2006-0009
 	NOT-FOR-US: Microsoft
-CVE-2006-0008 (The ShellAbout API call in Korean Input Method Editor (IME) in Korean ...)
+CVE-2006-0008
 	NOT-FOR-US: Microsoft
-CVE-2006-0007 (Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 ...)
+CVE-2006-0007
 	NOT-FOR-US: Microsoft
-CVE-2006-0006 (Heap-based buffer overflow in the bitmap processing routine in ...)
+CVE-2006-0006
 	NOT-FOR-US: Microsoft
-CVE-2006-0005 (Buffer overflow in the plug-in for Microsoft Windows Media Player ...)
+CVE-2006-0005
 	NOT-FOR-US: Microsoft
-CVE-2006-0004 (Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with ...)
+CVE-2006-0004
 	NOT-FOR-US: Microsoft
-CVE-2006-0003 (Unspecified vulnerability in the RDS.Dataspace ActiveX control, which ...)
+CVE-2006-0003
 	NOT-FOR-US: RDS.Dataspace
-CVE-2006-0002 (Unspecified vulnerability in Microsoft Outlook 2000 through 2003, ...)
+CVE-2006-0002
 	NOT-FOR-US: Microsoft
-CVE-2006-0001 (Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 ...)
+CVE-2006-0001
 	NOT-FOR-US: Microsoft
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index a91a32a79d..de8b9cd0ea 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -1,28 +1,28 @@
-CVE-2007-6761 (drivers/media/video/videobuf-vmalloc.c in the Linux kernel before ...)
+CVE-2007-6761
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: Fixed by: https://git.kernel.org/linus/0b29669c065f60501e7289e1950fa2a618962358 (v2.6.24-rc6)
-CVE-2007-6760 (Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) ...)
+CVE-2007-6760
 	NOT-FOR-US: Dataprobe iBootBar
-CVE-2007-6759 (Dataprobe iBootBar (with 2007-09-20 and possibly later released ...)
+CVE-2007-6759
 	NOT-FOR-US: Dataprobe iBootBar
 CVE-2007-6758
 	RESERVED
-CVE-2007-6757 (GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of ...)
+CVE-2007-6757
 	NOT-FOR-US: GE Healthcare Centricity DMS
-CVE-2007-6756 (ZOLL Defibrillator / Monitor M Series, E Series, and R Series have a ...)
+CVE-2007-6756
 	NOT-FOR-US: ZOLL Defibrillator / Monitor M Series, E Series, and R Series
-CVE-2007-6755 (The NIST SP 800-90A default statement of the Dual Elliptic Curve ...)
+CVE-2007-6755
 	- openssl <unfixed> (unimportant)
 	NOTE: Unused/broken in OpenSSL, see http://marc.info/?l=openssl-announce&m=138747119822324&w=2
-CVE-2007-6754 (The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for ...)
+CVE-2007-6754
 	NOT-FOR-US: NetBSD/FreeBSD libc
-CVE-2007-6753 (Untrusted search path vulnerability in Shell32.dll in Microsoft ...)
+CVE-2007-6753
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-6752 (** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2007-6752
 	- drupal7 <removed> (unimportant)
-CVE-2007-6751 (Cross-site scripting (XSS) vulnerability in the MailForm plugin before ...)
+CVE-2007-6751
 	NOT-FOR-US: MailForm plugin for Movable Type
-CVE-2007-6750 (The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a ...)
+CVE-2007-6750
 	- apache2 2.2.15-3 (medium; bug #533661)
 	- apache <removed> (medium; bug #533662)
 	[lenny] - apache2 <no-dsa> (Minor issue)
@@ -32,7 +32,7 @@ CVE-2007-6748
 	RESERVED
 CVE-2007-6747
 	RESERVED
-CVE-2007-6746 (telepathy-idle before 0.1.15 does not verify (1) that the issuer is a ...)
+CVE-2007-6746
 	- telepathy-idle 0.1.15-1 (low; bug #706094)
 	[wheezy] - telepathy-idle <no-dsa> (Minor issue)
 	[squeeze] - telepathy-idle <no-dsa> (Minor issue)
@@ -41,61 +41,61 @@ CVE-2007-6745 [clamav floating point exception in OLE2 scanner DoS]
 	- clamav 0.91.2-1~volatile1
 	[etch] - clamav <not-affected> (Vulnerable code not present)
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6744 (Flexera Macrovision InstallShield before 2008 sends a ...)
+CVE-2007-6744
 	NOT-FOR-US: Flexera Macrovision InstallShield
-CVE-2007-6743 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 ...)
+CVE-2007-6743
 	NOT-FOR-US: Tivoli
-CVE-2007-6742 (The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 ...)
+CVE-2007-6742
 	NOT-FOR-US: Tivoli
-CVE-2007-6741 (The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does ...)
+CVE-2007-6741
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6740 (The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does ...)
+CVE-2007-6740
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6739 (FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to ...)
+CVE-2007-6739
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6738 (pyftpdlib before 0.1.1 does not choose a random value for the port ...)
+CVE-2007-6738
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6737 (FTPServer.py in pyftpdlib before 0.2.0 does not increment the ...)
+CVE-2007-6737
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6736 (Multiple directory traversal vulnerabilities in FTPServer.py in ...)
+CVE-2007-6736
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6735 (NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not ...)
+CVE-2007-6735
 	NOT-FOR-US: Novell NetWare
-CVE-2007-6734 (NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 ...)
+CVE-2007-6734
 	NOT-FOR-US: Novell NetWare
-CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does ...)
+CVE-2007-6733
 	- linux-2.6 2.6.10-1
-CVE-2007-6732 (Multiple buffer overflows in the dtt_load function in ...)
+CVE-2007-6732
 	- xmp 2.6.1-1 (low; bug #546730)
 	[etch] - xmp <no-dsa> (Minor issue, fringe app/formats)
 	[lenny] - xmp <no-dsa> (Minor issue, fringe app/formats)
-CVE-2007-6731 (Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers ...)
+CVE-2007-6731
 	- xmp 2.6.1-1 (low; bug #546730)
 	[etch] - xmp <no-dsa> (Minor issue, fringe app/formats)
 	[lenny] - xmp <no-dsa> (Minor issue, fringe app/formats)
-CVE-2007-6730 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2007-6730
 	NOT-FOR-US: ZyXEL P-330W
-CVE-2007-6729 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2007-6729
 	NOT-FOR-US: ZyXEL P-330W
-CVE-2007-6728 (Cross-site scripting (XSS) vulnerability in XMB 1.5 allows remote ...)
+CVE-2007-6728
 	NOT-FOR-US: XMB
-CVE-2007-6727 (SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows ...)
+CVE-2007-6727
 	NOT-FOR-US: KerviNet Forum
-CVE-2007-6726 (Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and ...)
+CVE-2007-6726
 	NOT-FOR-US: Dojo
-CVE-2007-6725 (The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly ...)
+CVE-2007-6725
 	{DSA-2080-1}
 	- ghostscript 8.63.dfsg.1-1 (medium; bug #524803)
 	- gs-gpl <removed> (medium; bug #561717)
-CVE-2007-6724 (Vidalia bundle before 0.1.2.18, when running on Windows, installs ...)
+CVE-2007-6724
 	NOT-FOR-US: Vidalia
-CVE-2007-6723 (TorK before 0.22, when running on Windows and Mac OS X, installs ...)
+CVE-2007-6723
 	- tork <not-affected> (Affects only Windows and MacOS)
-CVE-2007-6722 (Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, ...)
+CVE-2007-6722
 	NOT-FOR-US: Vidalia
-CVE-2007-6721 (The Legion of the Bouncy Castle Java Cryptography API before release ...)
+CVE-2007-6721
 	- bouncycastle 1.38-1
-CVE-2007-6720 (libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and ...)
+CVE-2007-6720
 	- libmikmod 3.1.11-6.1 (low; bug #461519)
 	[etch] - libmikmod <no-dsa> (Minor issue)
 	[lenny] - libmikmod <no-dsa> (Minor issue)
@@ -106,297 +106,297 @@ CVE-2007-XXXX [tdiary XSS]
 	[etch] - tdiary 2.0.2+20060303-5
 	NOTE: fixed in r6 point update
 	NOTE: http://www.tdiary.org/20071215.html
-CVE-2007-6719 (SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to ...)
+CVE-2007-6719
 	NOT-FOR-US: Wiz-Ad
-CVE-2007-6718 (MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of ...)
+CVE-2007-6718
 	- mplayer 1.0~rc3+svn20100502-1 (low; bug #407010)
 	[lenny] - mplayer <no-dsa> (Some have been fixed in Lenny/libavcodec, some crashers left)
 	NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
-CVE-2007-6717 (Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and ...)
+CVE-2007-6717
 	NOT-FOR-US: IBM AIX
-CVE-2007-6716 (fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 ...)
+CVE-2007-6716
 	{DSA-1653-1}
 	- linux-2.6 2.6.23-1
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
 	NOTE: 848c4dd5153c7a0de55470ce99a8e13a63b4703f
-CVE-2007-6715 (Mozilla Firefox allows remote attackers to cause a denial of service ...)
+CVE-2007-6715
 	- iceweasel <removed> (unimportant)
 	NOTE: browser dos not treated as security issues
 	NOTE: cant reproduce on 2.0.0.12-1 and 2.0.0.14-2, already fixed?
-CVE-2007-6713 (Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown ...)
+CVE-2007-6713
 	NOT-FOR-US: Flip4Mac
-CVE-2007-6714 (DBMail before 2.2.9, when using authldap with an LDAP server that ...)
+CVE-2007-6714
 	- dbmail 2.2.9
-CVE-2007-6712 (Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux ...)
+CVE-2007-6712
 	{DSA-1588-1}
 	- linux-2.6 2.6.26-1
 	- linux-2.6.24 <not-affected>
 	NOTE: upstream commit 13788ccc41ceea5893f9c747c59bc0b28f2416c2, not present in 2.6.25.x,
 	NOTE: but fixed in git, so marking as fixed in 2.6.26-1
-CVE-2007-6711 (Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, ...)
+CVE-2007-6711
 	NOT-FOR-US: FreeWebShop.org
 CVE-2007-6710
 	RESERVED
-CVE-2007-6709 (The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and ...)
+CVE-2007-6709
 	NOT-FOR-US: Cisco Linksys
-CVE-2007-6708 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2007-6708
 	NOT-FOR-US: Cisco Linksys
-CVE-2007-6707 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco ...)
+CVE-2007-6707
 	NOT-FOR-US: Cisco Linksys
-CVE-2007-6706 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus ...)
+CVE-2007-6706
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-6705 (The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client ...)
+CVE-2007-6705
 	NOT-FOR-US: WebSphere
-CVE-2007-6704 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass ...)
+CVE-2007-6704
 	NOT-FOR-US: F5 FirePass
-CVE-2007-6703 (Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) ...)
+CVE-2007-6703
 	- vdccm <removed>
-CVE-2007-6702 (goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka ...)
+CVE-2007-6702
 	NOT-FOR-US: FS4104-AW firmware
-CVE-2007-6701 (Multiple stack-based buffer overflows in the Spooler service ...)
+CVE-2007-6701
 	NOT-FOR-US: Novell Client
-CVE-2007-6700 (Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web ...)
+CVE-2007-6700
 	NOT-FOR-US: openbsd
-CVE-2007-6699 (Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control ...)
+CVE-2007-6699
 	NOT-FOR-US: AIM PicEditor
-CVE-2007-6698 (The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote ...)
+CVE-2007-6698
 	{DSA-1541-1}
 	- openldap2.3 2.3.38-1
 	- openldap2.2 <removed>
 	- openldap2 <not-affected> (slapd not built)
-CVE-2007-6696 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)
+CVE-2007-6696
 	- webcalendar 1.1.6-7 (bug #466935)
 	[lenny] - webcalendar <not-affected> (See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466935#37)
-CVE-2007-6695 (Cross-site scripting (XSS) vulnerability in index.php in Drake CMS ...)
+CVE-2007-6695
 	NOT-FOR-US: Drake CMS
-CVE-2007-6694 (The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 ...)
+CVE-2007-6694
 	{DSA-1565-1 DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
 	NOTE: Upstream commit 9ac71d00398674aaec664f30559f0a21d963862f, part of 2.6.24
-CVE-2007-6697 (Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image ...)
+CVE-2007-6697
 	{DSA-1493-2 DSA-1493-1}
 	- sdl-image1.2 1.2.6-2 (medium)
-CVE-2007-6693 (Unspecified vulnerability in the WebCam module in Menalto Gallery ...)
+CVE-2007-6693
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6692 (Open redirect vulnerability in Menalto Gallery before 2.2.4 allows ...)
+CVE-2007-6692
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6691 (Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 ...)
+CVE-2007-6691
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6690 (The Gallery Remote module in Menalto Gallery before 2.2.4 does not ...)
+CVE-2007-6690
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6689 (Menalto Gallery before 2.2.4 does not properly check for malicious ...)
+CVE-2007-6689
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6688 (Unspecified vulnerability in the Installation application in Menalto ...)
+CVE-2007-6688
 	- gallery <not-affected> (Vulnerable code not present)
 	- gallery2 2.2.4-1 (bug #457644)
-CVE-2007-6687 (Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery ...)
+CVE-2007-6687
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6686 (The URL rewrite module in Menalto Gallery before 2.2.4 allows ...)
+CVE-2007-6686
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6685 (Unspecified vulnerability in the Publish XP module Menalto Gallery ...)
+CVE-2007-6685
 	- gallery <not-affected> (Vulnerable code not present)
 	- gallery2 2.2.4-1 (bug #457644)
-CVE-2007-6680 (Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument ...)
+CVE-2007-6680
 	NOT-FOR-US: IBM AIX
-CVE-2007-6679 (Unspecified vulnerability in the Administrative Console in IBM ...)
+CVE-2007-6679
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2007-6678
 	REJECTED
-CVE-2007-6677 (Cross-site scripting (XSS) vulnerability in Peter's Random Anti-Spam ...)
+CVE-2007-6677
 	NOT-FOR-US: Peter's Random Anti-Spam Image
-CVE-2007-6676 (The default configuration of Uber Uploader (UU) 5.3.6 and earlier does ...)
+CVE-2007-6676
 	NOT-FOR-US: Uber Uploader
-CVE-2007-6675 (The b_system_comments_show function in ...)
+CVE-2007-6675
 	NOT-FOR-US: XOOPS
-CVE-2007-6674 (Cross-site scripting (XSS) vulnerability in Default.asp in RapidShare ...)
+CVE-2007-6674
 	NOT-FOR-US: RapidShare Database
-CVE-2007-6673 (Cross-site scripting (XSS) vulnerability in Makale Scripti allows ...)
+CVE-2007-6673
 	NOT-FOR-US: Makale Scripti
-CVE-2007-6672 (Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass ...)
+CVE-2007-6672
 	- jetty 6.1.18-1 (medium; bug #462793; bug #559765)
-CVE-2007-6671 (SQL injection vulnerability in login_form.asp in Instant Softwares ...)
+CVE-2007-6671
 	NOT-FOR-US: Instant Softwares Dating Site
-CVE-2007-6670 (SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows ...)
+CVE-2007-6670
 	NOT-FOR-US: PHCDownload
-CVE-2007-6669 (Cross-site scripting (XSS) vulnerability in search.php in PHCDownload ...)
+CVE-2007-6669
 	NOT-FOR-US: PHCDownload
-CVE-2007-6668 (admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x does not ...)
+CVE-2007-6668
 	NOT-FOR-US: MySpace Content Zone
-CVE-2007-6667 (SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier ...)
+CVE-2007-6667
 	NOT-FOR-US: MyPHP Forum
-CVE-2007-6666 (SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 ...)
+CVE-2007-6666
 	NOT-FOR-US: Zenphoto
-CVE-2007-6665 (SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL ...)
+CVE-2007-6665
 	NOT-FOR-US: Netchemia
-CVE-2007-6664 (SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and ...)
+CVE-2007-6664
 	NOT-FOR-US: WebPortal
-CVE-2007-6663 (SQL injection vulnerability in (1) Puarcade.php and (2) ...)
+CVE-2007-6663
 	NOT-FOR-US: Pragmatic Utopia PU Arcade
-CVE-2007-6662 (Directory traversal vulnerability in file.php in CuteNews 2.6 allows ...)
+CVE-2007-6662
 	NOT-FOR-US: CuteNews
-CVE-2007-6661 (2z project 0.9.6.1 allows attackers to change the password without ...)
+CVE-2007-6661
 	NOT-FOR-US: 2z project
-CVE-2007-6660 (2z project 0.9.6.1 allows remote attackers to obtain sensitive ...)
+CVE-2007-6660
 	NOT-FOR-US: 2z project
-CVE-2007-6659 (Multiple cross-site scripting (XSS) vulnerabilities in 2z project ...)
+CVE-2007-6659
 	NOT-FOR-US: 2z project
-CVE-2007-6658 (SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) ...)
+CVE-2007-6658
 	NOT-FOR-US: CCMS
-CVE-2007-6657 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-6657
 	NOT-FOR-US: Mihalism
-CVE-2007-6656 (SQL injection vulnerability in content_css.php in the TinyMCE module ...)
+CVE-2007-6656
 	NOT-FOR-US: CMS Made Simple
-CVE-2007-6655 (PHP remote file inclusion vulnerability in includes/function.php in ...)
+CVE-2007-6655
 	NOT-FOR-US: Kontakt Formular
-CVE-2007-6654 (Buffer overflow in a certain ActiveX control in Macrovision ...)
+CVE-2007-6654
 	NOT-FOR-US: Macrovision InstallShield Update Service Web Agent
-CVE-2007-6653 (Directory traversal vulnerability in download.php in Mihalism Multi ...)
+CVE-2007-6653
 	NOT-FOR-US: Mihalism
-CVE-2007-6652 (cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser ...)
+CVE-2007-6652
 	NOT-FOR-US: XCMS
-CVE-2007-6651 (Directory traversal vulnerability in wiki/edit.php in Bitweaver R2 CMS ...)
+CVE-2007-6651
 	NOT-FOR-US: Bitweaver
-CVE-2007-6650 (Unrestricted file upload vulnerability in fisheye/upload.php in ...)
+CVE-2007-6650
 	NOT-FOR-US: Bitweaver
-CVE-2007-6649 (PHP remote file inclusion vulnerability in includes/tumbnail.php in ...)
+CVE-2007-6649
 	NOT-FOR-US: MatPo Bilder Gallery
-CVE-2007-6648 (Directory traversal vulnerability in index.php in SanyBee Gallery ...)
+CVE-2007-6648
 	NOT-FOR-US: SanyBee Gallery
-CVE-2007-6647 (SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier ...)
+CVE-2007-6647
 	NOT-FOR-US: w-Agora
-CVE-2007-6646 (Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, ...)
+CVE-2007-6646
 	NOT-FOR-US: LiveCart
-CVE-2007-6645 (Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote ...)
+CVE-2007-6645
 	NOT-FOR-US: Joomla!
-CVE-2007-6644 (Joomla! before 1.5 RC4 allows remote authenticated administrators to ...)
+CVE-2007-6644
 	NOT-FOR-US: Joomla!
-CVE-2007-6643 (Cross-site scripting (XSS) vulnerability in the com_poll component in ...)
+CVE-2007-6643
 	NOT-FOR-US: Joomla!
-CVE-2007-6642 (Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! ...)
+CVE-2007-6642
 	NOT-FOR-US: Joomla!
-CVE-2007-6641 (Cross-site scripting (XSS) vulnerability in dir.php in milliscripts ...)
+CVE-2007-6641
 	NOT-FOR-US: milliscripts
-CVE-2007-6640 (Creammonkey 0.9 through 1.1 and GreaseKit 1.2 through 1.3 does not ...)
+CVE-2007-6640
 	NOT-FOR-US: Creammonkey and GreaseKit
-CVE-2007-6639 (SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier ...)
+CVE-2007-6639
 	NOT-FOR-US: IPTBB
-CVE-2007-6638 (March Networks DVR 3204 stores sensitive information under the web ...)
+CVE-2007-6638
 	NOT-FOR-US: March Networks
-CVE-2007-6637 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash ...)
+CVE-2007-6637
 	- flashplugin-nonfree 1:1.4 (bug #459071)
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	NOTE: http://www.adobe.com/support/security/advisories/apsa07-06.html
-CVE-2007-6636 (Unspecified vulnerability in the StorageFarabDb module in Bitflu ...)
+CVE-2007-6636
 	NOT-FOR-US: Bitflu
-CVE-2007-6635 (FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in ...)
+CVE-2007-6635
 	NOT-FOR-US: FAQMasterFlexPlus
-CVE-2007-6634 (Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly ...)
+CVE-2007-6634
 	NOT-FOR-US: FAQMasterFlexPlus
-CVE-2007-6633 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-6633
 	NOT-FOR-US: FAQMasterFlexPlus
-CVE-2007-6632 (showCode.php in xml2owl 0.1.1 allows remote attackers to execute ...)
+CVE-2007-6632
 	NOT-FOR-US: xml2owl
-CVE-2007-6631 (Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier ...)
+CVE-2007-6631
 	NOT-FOR-US: LScube libnemesi
-CVE-2007-6630 (The Url_init function in utils/url.c in Netembryo 0.0.4, when used by ...)
+CVE-2007-6630
 	NOT-FOR-US: Netembryo
-CVE-2007-6629 (Interpretation conflict in LScube Feng 0.1.15 and earlier allows ...)
+CVE-2007-6629
 	NOT-FOR-US: LScube Feng
-CVE-2007-6628 (LScube Feng 0.1.15 and earlier allows remote attackers to cause a ...)
+CVE-2007-6628
 	NOT-FOR-US: LScube Feng
-CVE-2007-6627 (Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in ...)
+CVE-2007-6627
 	NOT-FOR-US: LScube Feng
-CVE-2007-6626 (Multiple buffer overflows in the RTSP_valid_response_msg function in ...)
+CVE-2007-6626
 	NOT-FOR-US: LScube Feng
-CVE-2007-6625 (The Platform Service Process (asampsp) in Fan-Out Driver Platform ...)
+CVE-2007-6625
 	NOT-FOR-US: Platform Service Process (asampsp)
-CVE-2007-6624 (Directory traversal vulnerability in printview.php in PNphpBB2 1.2i ...)
+CVE-2007-6624
 	NOT-FOR-US: PNphpBB2
-CVE-2007-6623 (Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might ...)
+CVE-2007-6623
 	NOT-FOR-US: ZeusCMS
-CVE-2007-6622 (SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier ...)
+CVE-2007-6622
 	NOT-FOR-US: ZeusCMS
-CVE-2007-6621 (Directory traversal vulnerability in joovili.images.php in Joovili ...)
+CVE-2007-6621
 	NOT-FOR-US: Joovili
-CVE-2007-6620 (Directory traversal vulnerability in include/images.inc.php in Joovili ...)
+CVE-2007-6620
 	NOT-FOR-US: Joovili
-CVE-2007-6619 (The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 ...)
+CVE-2007-6619
 	NOT-FOR-US: Setup Wizard in Atlassian JIRA Enterprise Edition
-CVE-2007-6618 (JIRA Enterprise Edition before 3.12.1 allows remote attackers to ...)
+CVE-2007-6618
 	NOT-FOR-US: JIRA Enterprise Edition
-CVE-2007-6617 (Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA ...)
+CVE-2007-6617
 	NOT-FOR-US: JIRA Enterprise Edition
-CVE-2007-6616 (Cross-site scripting (XSS) vulnerability in simpleforum.cgi in ...)
+CVE-2007-6616
 	NOT-FOR-US: SimpleForum
-CVE-2007-6615 (Directory traversal vulnerability in includes/block.php in Agares ...)
+CVE-2007-6615
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2007-6614 (PHP remote file inclusion vulnerability in admin/frontpage_right.php ...)
+CVE-2007-6614
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2007-6613 (Stack-based buffer overflow in the print_iso9660_recurse function in ...)
+CVE-2007-6613
 	- libcdio 0.78.2+dfsg1-2 (low; bug #459129)
 	[sarge] - libcdio <not-affected> (Packages prior to 0.78.2 didn't build the tools into binary package)
 	[etch] - libcdio <not-affected> (Packages prior to 0.78.2 didn't build the tools into binary package)
 	NOTE: applications that use libcdio are not vulnerable, problem only lies in the info tool
-CVE-2007-6610 (unp 1.0.12, and other versions before 1.0.14, does not properly escape ...)
+CVE-2007-6610
 	- unp 1.0.13 (bug #448437; low)
 	[etch] - unp <no-dsa> (Only used as archiver in third-party software)
-CVE-2007-6609 (Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function ...)
+CVE-2007-6609
 	NOT-FOR-US: CoolPlayer
-CVE-2007-6608 (Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio ...)
+CVE-2007-6608
 	NOT-FOR-US: OpenBiblio
-CVE-2007-6607 (OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain ...)
+CVE-2007-6607
 	NOT-FOR-US: OpenBiblio
-CVE-2007-6606 (OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain ...)
+CVE-2007-6606
 	NOT-FOR-US: OpenBiblio
-CVE-2007-6605 (Buffer overflow in a certain ActiveX control in SkyFexClient.ocx ...)
+CVE-2007-6605
 	NOT-FOR-US: SkyFex Client
-CVE-2007-6604 (Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 ...)
+CVE-2007-6604
 	NOT-FOR-US: XCMS
-CVE-2007-6603 (Hot or Not Clone has insufficient access control for producing and ...)
+CVE-2007-6603
 	NOT-FOR-US: Hot or Not Clone
-CVE-2007-6602 (SQL injection vulnerability in app/models/identity.php in NoseRub ...)
+CVE-2007-6602
 	NOT-FOR-US: NoseRub
-CVE-2007-6601 (The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, ...)
+CVE-2007-6601
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
-CVE-2007-6600 (PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 ...)
+CVE-2007-6600
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	[sarge] - postgresql <unfixed>
-CVE-2007-6597 (Multiple cross-site scripting (XSS) vulnerabilities in IPortalX before ...)
+CVE-2007-6597
 	NOT-FOR-US: IPortalX
-CVE-2007-6599 (Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 ...)
+CVE-2007-6599
 	{DSA-1458-1}
 	- openafs 1.4.6.dfsg1-1 (medium)
 	NOTE: http://www.openafs.org/security/OPENAFS-SA-2007-003.txt
-CVE-2007-6595 (ClamAV 0.92 allows local users to overwrite arbitrary files via a ...)
+CVE-2007-6595
 	{DSA-1497-1}
 	- clamav 0.92.1~dfsg-1 (low; bug #458532)
 	[etch] - clamav <not-affected> (Minor issue, first issue doesn't apply)
 	[sarge] - clamav <no-dsa> (Security Support has stopped)
-CVE-2007-6596 (ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows ...)
+CVE-2007-6596
 	- clamav 0.92.1~dfsg-1 (unimportant; bug #458532)
 	[etch] - clamav <no-dsa> (Minor issue)
 	[sarge] - clamav <no-dsa> (Security Support has stopped)
 	NOTE: this is more a feature request than a bug
-CVE-2007-6594 (IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak ...)
+CVE-2007-6594
 	NOT-FOR-US: Lotus Notes
-CVE-2007-6593 (Multiple stack-based buffer overflows in l123sr.dll in Autonomy ...)
+CVE-2007-6593
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-6592 (Apple Safari 2, when a user accepts an SSL server certificate on the ...)
+CVE-2007-6592
 	NOT-FOR-US: Safari
-CVE-2007-6591 (KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server ...)
+CVE-2007-6591
 	- kdebase 4:4.0.3-1 (low; bug #458968)
 	[etch] - kdebase <no-dsa> (Minor issue)
 	[lenny] - kdebase <no-dsa> (Minor issue)
@@ -404,209 +404,209 @@ CVE-2007-6591 (KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL serve
 	NOTE: No longer occurs in KDE 4.0.3 according to upstream bug
 CVE-2007-6590
 	REJECTED
-CVE-2007-6589 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and ...)
+CVE-2007-6589
 	{DSA-1534-1}
 	- iceape 1.1.7-1 (medium)
 	- iceweasel 2.0.0.10-1 (medium)
-CVE-2007-6588 (Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows ...)
+CVE-2007-6588
 	NOT-FOR-US: PHCDownload
-CVE-2007-6587 (SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 ...)
+CVE-2007-6587
 	NOT-FOR-US: Plogger
-CVE-2007-6586 (SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows ...)
+CVE-2007-6586
 	NOT-FOR-US: nicLOR-CMS
-CVE-2007-6585 (PHP remote file inclusion vulnerability in confirmUnsubscription.php ...)
+CVE-2007-6585
 	NOT-FOR-US: NmnNewsletter
-CVE-2007-6584 (Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow ...)
+CVE-2007-6584
 	NOT-FOR-US: 1024 CMS
-CVE-2007-6583 (SQL injection vulnerability in admin/ops/findip/ajax/search.php in ...)
+CVE-2007-6583
 	NOT-FOR-US: 1024 CMS
-CVE-2007-6582 (Directory traversal vulnerability in index.php in mBlog 1.2 allows ...)
+CVE-2007-6582
 	NOT-FOR-US: mBlog
-CVE-2007-6581 (Multiple directory traversal vulnerabilities in Social Engine 2.0 ...)
+CVE-2007-6581
 	NOT-FOR-US: Social Engine
-CVE-2007-6580 (Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow ...)
+CVE-2007-6580
 	NOT-FOR-US: Wallpaper Site
-CVE-2007-6579 (Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote ...)
+CVE-2007-6579
 	NOT-FOR-US: Ip Reg
-CVE-2007-6578 (SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote ...)
+CVE-2007-6578
 	NOT-FOR-US: PHP ZLink
-CVE-2007-6577 (Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow ...)
+CVE-2007-6577
 	NOT-FOR-US: zBlog
-CVE-2007-6576 (Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and ...)
+CVE-2007-6576
 	NOT-FOR-US: Adult Script
-CVE-2007-6575 (SQL injection vulnerability in default.php in MMSLamp allows remote ...)
+CVE-2007-6575
 	NOT-FOR-US: MMSLamp
-CVE-2007-6574 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 ...)
+CVE-2007-6574
 	NOT-FOR-US: Dokeos
-CVE-2007-6573 (QK SMTP Server 3 allows remote attackers to cause a denial of service ...)
+CVE-2007-6573
 	NOT-FOR-US: QK SMTP
-CVE-2007-6572 (Cross-site scripting (XSS) vulnerability in Sun Java System Web Server ...)
+CVE-2007-6572
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2007-6571 (Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy ...)
+CVE-2007-6571
 	NOT-FOR-US: Sun Java System Web Proxy
-CVE-2007-6570 (Cross-site scripting (XSS) vulnerability in the View URL Database ...)
+CVE-2007-6570
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2007-6569 (Cross-site scripting (XSS) vulnerability in the View Error Log ...)
+CVE-2007-6569
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2007-6568 (PHP remote file inclusion vulnerability in config.inc.php in XZero ...)
+CVE-2007-6568
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2007-6567 (Directory traversal vulnerability in index.php in XZero Community ...)
+CVE-2007-6567
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2007-6566 (SQL injection vulnerability in post.php in XZero Community Classifieds ...)
+CVE-2007-6566
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2007-6565 (Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta ...)
+CVE-2007-6565
 	NOT-FOR-US: Blakord Portal
-CVE-2007-6611 (Cross-site scripting (XSS) vulnerability in view.php in Mantis before ...)
+CVE-2007-6611
 	{DSA-1467-1}
 	- mantis 1.0.8-4 (low; bug #458377)
-CVE-2007-6683 (The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to ...)
+CVE-2007-6683
 	{DSA-1543-1 DTSA-132-1}
 	- vlc 0.8.6.c-4.1 (medium; bug #458318)
 	- mozilla-browser-plugin 0.8.6.e-2.2 (bug #480370)
 	NOTE: the plugin is in the same srcpkg but has its own implementation for VLCOPT
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see https://trac.videolan.org/vlc/ticket/1371
-CVE-2007-6682 (Format string vulnerability in the httpd_FileCallBack function ...)
+CVE-2007-6682
 	{DSA-1543-1}
 	- vlc 0.8.6.c-4.1 (medium; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see http://www.securityfocus.com/archive/1/485488/30/0/threaded
-CVE-2007-6681 (Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN ...)
+CVE-2007-6681
 	{DSA-1543-1}
 	- vlc 0.8.6.c-4.1 (low; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see http://www.securityfocus.com/archive/1/485488/30/0/threaded
-CVE-2007-6684 (The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to ...)
+CVE-2007-6684
 	- vlc 0.8.6.c-4.1 (bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: That's hardly a security problem, just a bug
-CVE-2007-6598 (Dovecot before 1.0.10, with certain configuration options including ...)
+CVE-2007-6598
 	{DSA-1457-1}
 	- dovecot 1:1.0.10-1 (low; bug #458315)
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
 	[etch] - dovecot <no-dsa> (very minor issue)
 	NOTE: http://dovecot.org/list/dovecot-news/2007-December/000057.html
 	NOTE: low, because issue is only with quite rare configurations
-CVE-2007-6612 (Directory traversal vulnerability in DirHandler ...)
+CVE-2007-6612
 	- mongrel 1.1.3-1 (medium)
-CVE-2007-6564 (Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS ...)
+CVE-2007-6564
 	NOT-FOR-US: Limbo CMS
-CVE-2007-6563 (Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly ...)
+CVE-2007-6563
 	NOT-FOR-US: WinAce
-CVE-2007-6562 (Multiple stack-based buffer overflows in the use of FD_SET in TCPreen ...)
+CVE-2007-6562
 	{DSA-1443-1}
 	- tcpreen 1.4.3-0.3 (medium; bug #457781)
-CVE-2007-6561 (Multiple stack-based buffer overflows in PDFLib allow user-assisted ...)
+CVE-2007-6561
 	NOT-FOR-US: PDFLib
-CVE-2007-6560 (Multiple cross-site scripting (XSS) vulnerabilities in Logaholic ...)
+CVE-2007-6560
 	NOT-FOR-US: Logaholic
-CVE-2007-6559 (Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 ...)
+CVE-2007-6559
 	NOT-FOR-US: Logaholic
-CVE-2007-6558 (TotalPlayer 3.0 allows user-assisted remote attackers to cause a ...)
+CVE-2007-6558
 	NOT-FOR-US: TotalPlayer
-CVE-2007-6557 (Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote ...)
+CVE-2007-6557
 	NOT-FOR-US: MeGaCheatZ
-CVE-2007-6556 (Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow ...)
+CVE-2007-6556
 	NOT-FOR-US: websihirbazi
-CVE-2007-6555 (PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php ...)
+CVE-2007-6555
 	NOT-FOR-US: Joomla! extension
-CVE-2007-6554 (Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 ...)
+CVE-2007-6554
 	NOT-FOR-US: TeamCal
-CVE-2007-6553 (Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro ...)
+CVE-2007-6553
 	NOT-FOR-US: TeamCal
-CVE-2007-6552 (Directory traversal vulnerability in index.php in AuraCMS 2.2 allows ...)
+CVE-2007-6552
 	NOT-FOR-US: AuraCMS
-CVE-2007-6551 (SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, ...)
+CVE-2007-6551
 	NOT-FOR-US: MailMachine
-CVE-2007-6550 (form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web ...)
+CVE-2007-6550
 	NOT-FOR-US: PMOS Help Desk
-CVE-2007-6549 (Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact ...)
+CVE-2007-6549
 	NOT-FOR-US: RunCMS
-CVE-2007-6548 (Multiple direct static code injection vulnerabilities in RunCMS before ...)
+CVE-2007-6548
 	NOT-FOR-US: RunCMS
-CVE-2007-6547 (RunCMS before 1.6.1 does not require entry of the old password during ...)
+CVE-2007-6547
 	NOT-FOR-US: RunCMS
-CVE-2007-6546 (RunCMS before 1.6.1 uses a predictable session id, which makes it ...)
+CVE-2007-6546
 	NOT-FOR-US: RunCMS
-CVE-2007-6545 (Multiple cross-site scripting (XSS) vulnerabilities in RunCMS before ...)
+CVE-2007-6545
 	NOT-FOR-US: RunCMS
-CVE-2007-6544 (Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow ...)
+CVE-2007-6544
 	NOT-FOR-US: RunCMS
-CVE-2007-6543 (SQL injection vulnerability in suggest-link.php in eSyndiCat Link ...)
+CVE-2007-6543
 	NOT-FOR-US: eSyndiCat Link Exchange Script
-CVE-2007-6542 (PHP remote file inclusion vulnerability in admin/frontpage_right.php ...)
+CVE-2007-6542
 	NOT-FOR-US: Arcadem LEArcadem LE
-CVE-2007-6541 (Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 ...)
+CVE-2007-6541
 	NOT-FOR-US: neuron news
-CVE-2007-6540 (SQL injection vulnerability in neuron news 1.0 allows remote attackers ...)
+CVE-2007-6540
 	NOT-FOR-US: neuron news
-CVE-2007-6539 (PHP local file inclusion vulnerability in index.php in IDevspot ...)
+CVE-2007-6539
 	NOT-FOR-US: IDevspot iSupport
-CVE-2007-6538 (SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php ...)
+CVE-2007-6538
 	- moodle <not-affected> (Vulnerable code not present, third party module)
-CVE-2007-6537 (Stack-based buffer overflow in the zfile_gunzip function in zfile.c in ...)
+CVE-2007-6537
 	NOT-FOR-US: WinUAE
-CVE-2007-6536 (The Custom Button Installer dialog in Google Toolbar 4 and 5 beta ...)
+CVE-2007-6536
 	NOT-FOR-US: Google Toolbar
-CVE-2007-6535 (Buffer overflow in the YShortcut ActiveX control in YShortcut.dll ...)
+CVE-2007-6535
 	NOT-FOR-US: YShortcut ActiveX control
-CVE-2007-6534 (Multiple unspecified vulnerabilities in Microsoft Office Publisher ...)
+CVE-2007-6534
 	NOT-FOR-US: Microsoft Office Publisher
-CVE-2007-6533 (Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows ...)
+CVE-2007-6533
 	NOT-FOR-US: Zoom Player
-CVE-2007-6532 (Double free vulnerability in the Widget Library (libxfcegui4) in Xfce ...)
+CVE-2007-6532
 	- libxfcegui4 4.4.2 (low)
 	[sarge] - libxfcegui4 <no-dsa> (Minor issue)
 	[etch] - libxfcegui4 <no-dsa> (Minor issue)
-CVE-2007-6531 (Stack-based buffer overflow in the Panel (xfce4-panel) component in ...)
+CVE-2007-6531
 	- xfce4-panel 4.4.2 (low)
 	[sarge] - xfce4-panel <no-dsa> (Minor issue)
 	[etch] - xfce4-panel <no-dsa> (Minor issue)
-CVE-2007-6530 (Buffer overflow in the XUpload.ocx ActiveX control in Persits Software ...)
+CVE-2007-6530
 	NOT-FOR-US: XUpload
-CVE-2007-6529 (Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have ...)
+CVE-2007-6529
 	- tikiwiki <removed>
-CVE-2007-6528 (Directory traversal vulnerability in tiki-listmovies.php in TikiWiki ...)
+CVE-2007-6528
 	- tikiwiki <removed>
-CVE-2007-6527 (uploadimg.php in the Automatic Image Upload with Thumbnails ...)
+CVE-2007-6527
 	NOT-FOR-US: PunBB
-CVE-2007-6526 (Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in ...)
+CVE-2007-6526
 	- tikiwiki <removed>
-CVE-2007-6525 (Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) ...)
+CVE-2007-6525
 	NOT-FOR-US: IBM DB2 Content Manager
-CVE-2007-6524 (Opera before 9.25 allows remote attackers to obtain potentially ...)
+CVE-2007-6524
 	NOT-FOR-US: Opera
-CVE-2007-6523 (Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before ...)
+CVE-2007-6523
 	NOT-FOR-US: Opera
-CVE-2007-6522 (The rich text editing functionality in Opera before 9.25 allows remote ...)
+CVE-2007-6522
 	NOT-FOR-US: Opera
-CVE-2007-6521 (Unspecified vulnerability in Opera before 9.25 allows remote attackers ...)
+CVE-2007-6521
 	NOT-FOR-US: Opera
-CVE-2007-6520 (Opera before 9.25 allows remote attackers to conduct cross-domain ...)
+CVE-2007-6520
 	NOT-FOR-US: Opera
-CVE-2007-6519 (Unspecified vulnerability in the File-on-File Mounting File System ...)
+CVE-2007-6519
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2007-6518 (Multiple SQL injection vulnerabilities in search.php in WoltLab ...)
+CVE-2007-6518
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2007-6517 (SQL injection vulnerability in the forget password section ...)
+CVE-2007-6517
 	NOT-FOR-US: Eagle Software Aeries Browser Interface
-CVE-2007-6516 (Buffer overflow in RavWare Software MAS Flic ActiveX Control ...)
+CVE-2007-6516
 	NOT-FOR-US: RavWare Software MAS Flic ActiveX Control
-CVE-2007-6515 (support/dispatch.cgi in SiteScape Forum allows remote attackers to ...)
+CVE-2007-6515
 	NOT-FOR-US: SiteScape
-CVE-2007-6513 (HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports ...)
+CVE-2007-6513
 	NOT-FOR-US: HP eSupportDiagnostics ActiveX control
-CVE-2007-6512 (PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the ...)
+CVE-2007-6512
 	NOT-FOR-US: PHP MySQL Banner Exchange
-CVE-2007-6511 (Websense Enterprise 6.3.1 allows remote attackers to bypass content ...)
+CVE-2007-6511
 	NOT-FOR-US: Websense Enterprise
-CVE-2007-6510 (Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 ...)
+CVE-2007-6510
 	NOT-FOR-US: ProWizard
-CVE-2007-6509 (Unspecified vulnerability in Appian Enterprise Business Process ...)
+CVE-2007-6509
 	NOT-FOR-US: Appian Enterprise Business Process Management Suite
-CVE-2007-6508 (Directory traversal vulnerability in view.php in xeCMS 1.0 allows ...)
+CVE-2007-6508
 	NOT-FOR-US: xeCMS
-CVE-2007-6514 (Apache HTTP Server, when running on Linux with a document root on a ...)
+CVE-2007-6514
 	- linux-2.6 2.6.17-1 (low; bug #529318)
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, 2.6.17)
 	NOTE: While labeled as an Apache flaw, fix required in smbfs
@@ -618,127 +618,127 @@ CVE-2007-XXXX [venkman preinst symlink dos]
 CVE-2007-XXXX [unace unspecified security issue related to uninitialized variable]
 	- unace-nonfree 2.5-3
 	[etch] - unace-nonfree 2.5-1etch1
-CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, ...)
+CVE-2007-6507
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-6506 (The HPRulesEngine.ContentCollection.1 ActiveX Control in ...)
+CVE-2007-6506
 	NOT-FOR-US: HP Software Update
-CVE-2007-6505 (Solaris 9, with Solaris Auditing enabled and certain patches for sshd ...)
+CVE-2007-6505
 	NOT-FOR-US: Solaris
-CVE-2007-6504 (Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 ...)
+CVE-2007-6504
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6503 (Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix ...)
+CVE-2007-6503
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6502 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote ...)
+CVE-2007-6502
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6501 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ...)
+CVE-2007-6501
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6500 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ...)
+CVE-2007-6500
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6499 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ...)
+CVE-2007-6499
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6498 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot ...)
+CVE-2007-6498
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6497 (Hosting Controller 6.1 Hot fix 3.3 and earlier (1) allows remote ...)
+CVE-2007-6497
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6496 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers ...)
+CVE-2007-6496
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6495 (inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier ...)
+CVE-2007-6495
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6494 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers ...)
+CVE-2007-6494
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6493 (The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and ...)
+CVE-2007-6493
 	NOT-FOR-US: iMesh
-CVE-2007-6492 (The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and ...)
+CVE-2007-6492
 	NOT-FOR-US: iMesh
-CVE-2007-6491 (Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS ...)
+CVE-2007-6491
 	NOT-FOR-US: Kvaliitti WebDoc CMS
-CVE-2007-6490 (Cross-site request forgery (CSRF) vulnerability in Falcon Series One ...)
+CVE-2007-6490
 	NOT-FOR-US: Falcon Series One CMS
-CVE-2007-6489 (Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series ...)
+CVE-2007-6489
 	NOT-FOR-US: Falcon Series One CMS
-CVE-2007-6488 (Multiple PHP remote file inclusion vulnerabilities in Falcon Series ...)
+CVE-2007-6488
 	NOT-FOR-US: Falcon Series One CMS
-CVE-2007-6487 (Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 ...)
+CVE-2007-6487
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2007-6486 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php (aka ...)
+CVE-2007-6486
 	NOT-FOR-US: LineShout
-CVE-2007-6485 (Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 ...)
+CVE-2007-6485
 	NOT-FOR-US: Centreon
-CVE-2007-6484 (SQL injection vulnerability in index.php in phpRPG 0.8 allows remote ...)
+CVE-2007-6484
 	NOT-FOR-US: phpRPG
-CVE-2007-6483 (Directory traversal vulnerability in SafeNet Sentinel Protection ...)
+CVE-2007-6483
 	NOT-FOR-US: SafeNet Sentinel Protection and Keys Server
-CVE-2007-6482 (Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in ...)
+CVE-2007-6482
 	NOT-FOR-US: utdevmgrd in Sun Ray Server Software
-CVE-2007-6481 (Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in ...)
+CVE-2007-6481
 	NOT-FOR-US: utdevmgrd in Sun Ray Server Software
-CVE-2007-6480 (The Oracle database component in Sun Management Center (Sun MC) 3.6.1, ...)
+CVE-2007-6480
 	NOT-FOR-US: Oracle database component in Sun Management Center
-CVE-2007-6479 (Unrestricted file upload vulnerability in the &quot;My productions&quot; ...)
+CVE-2007-6479
 	NOT-FOR-US: Dokeos
-CVE-2007-6478 (Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and ...)
+CVE-2007-6478
 	NOT-FOR-US: Rosoft Media Player
-CVE-2007-6477 (Cross-site scripting (XSS) vulnerability in the on-line help feature ...)
+CVE-2007-6477
 	NOT-FOR-US: Citrix Web Interface and NFuse
-CVE-2007-6476 (GF-3XPLORER 2.4 allows remote attackers to obtain configuration ...)
+CVE-2007-6476
 	NOT-FOR-US: GF-3XPLORER
-CVE-2007-6475 (Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow ...)
+CVE-2007-6475
 	NOT-FOR-US: GF-3XPLORER
-CVE-2007-6474 (Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 ...)
+CVE-2007-6474
 	NOT-FOR-US: GF-3XPLORER
-CVE-2007-6473 (Heap-based buffer overflow in Texas Imperial Software WFTPD Pro ...)
+CVE-2007-6473
 	NOT-FOR-US: WFTPD Explorer Pro
-CVE-2007-6472 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 ...)
+CVE-2007-6472
 	NOT-FOR-US: phpMyRealty
-CVE-2007-6471 (Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on ...)
+CVE-2007-6471
 	NOT-FOR-US: phPay
-CVE-2007-6470 (phpRPG 0.8 stores sensitive information under the web root with ...)
+CVE-2007-6470
 	NOT-FOR-US: phpRPG
-CVE-2007-6469 (SQL injection vulnerability in index.php in phpRPG 0.8, when ...)
+CVE-2007-6469
 	NOT-FOR-US: phpRPG
-CVE-2007-6468 (Buffer overflow in the HuffDecode function in ...)
+CVE-2007-6468
 	NOT-FOR-US: Hammer of Thyrion
-CVE-2007-6467 (SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows ...)
+CVE-2007-6467
 	NOT-FOR-US: MKPortal
-CVE-2007-6466 (Multiple SQL injection vulnerabilities in index.php in FreeWebshop ...)
+CVE-2007-6466
 	NOT-FOR-US: FreeWebshop
-CVE-2007-6465 (Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in ...)
+CVE-2007-6465
 	- ganglia-monitor-core <not-affected> (ganglia web-frontend not included)
-CVE-2007-6464 (Multiple PHP remote file inclusion vulnerabilities in Form tools ...)
+CVE-2007-6464
 	NOT-FOR-US: Form tools
-CVE-2007-6463 (Multiple cross-site scripting (XSS) vulnerabilities in the admin panel ...)
+CVE-2007-6463
 	NOT-FOR-US: PHP Real Estate Classifieds
-CVE-2007-6462 (SQL injection vulnerability in fullnews.php in PHP Real Estate ...)
+CVE-2007-6462
 	NOT-FOR-US: PHP Real Estate Classifieds
-CVE-2007-6461 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-6461
 	- flyspray <removed>
-CVE-2007-6460 (Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy ...)
+CVE-2007-6460
 	NOT-FOR-US: Anon Proxy Server
-CVE-2007-6459 (Anon Proxy Server 0.100, and probably 0.101, allows remote attackers ...)
+CVE-2007-6459
 	NOT-FOR-US: Anon Proxy Server
-CVE-2007-6458 (SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 ...)
+CVE-2007-6458
 	NOT-FOR-US: 123tkShop
-CVE-2007-6457 (Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 ...)
+CVE-2007-6457
 	NOT-FOR-US: NetWin SurgeMail 38k4
-CVE-2007-6456 (Unspecified vulnerability in OpenOffice.org code in Planamesa ...)
+CVE-2007-6456
 	NOT-FOR-US: Planamesa NeoOffice
 	NOTE: referring to OpenOffice security team this is what is described in CVE-2007-4575 for OO
-CVE-2007-6455 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-6455
 	NOT-FOR-US: Mambo
 	NOTE: Mambo is in experimental
-CVE-2007-6454 (Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp ...)
+CVE-2007-6454
 	{DSA-1583-1 DSA-1441-1}
 	- peercast 0.1218+svn20071220+2 (medium; bug #457300)
 	- gnome-peercast 0.5.4-1.2 (medium; bug #466539)
-CVE-2007-6453 (Directory traversal vulnerability in raidenhttpd-admin/workspace.php ...)
+CVE-2007-6453
 	NOT-FOR-US: RaidenHTTPD
-CVE-2007-6452 (Unspecified vulnerability in the benchmark reporting system in Google ...)
+CVE-2007-6452
 	- gwt 1.6.4-1 (low; bug #563542)
-CVE-2007-6451 (Unspecified vulnerability in the CIP dissector in Wireshark (formerly ...)
+CVE-2007-6451
 	{DSA-1446-1 DTSA-104-1}
 	- wireshark 0.99.7-1
 	- ethereal <removed>
-CVE-2007-6450 (The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 ...)
+CVE-2007-6450
 	{DSA-1446-1 DTSA-104-1}
 	- wireshark 0.99.7-1
 	- ethereal <removed>
@@ -758,146 +758,146 @@ CVE-2007-6443
 	REJECTED
 CVE-2007-6442
 	REJECTED
-CVE-2007-6441 (The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows ...)
+CVE-2007-6441
 	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
 CVE-2007-6440
 	REJECTED
-CVE-2007-6439 (Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause ...)
+CVE-2007-6439
 	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
-CVE-2007-6438 (Unspecified vulnerability in the SMB dissector in Wireshark (formerly ...)
+CVE-2007-6438
 	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
-CVE-2007-6437 (Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows ...)
+CVE-2007-6437
 	{DSA-1464-1 DTSA-105-1}
 	- syslog-ng 2.0.6-1 (low; bug #457334)
 	[sarge] - syslog-ng <not-affected> (Vulnerable code not present)
-CVE-2007-6436 (Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, ...)
+CVE-2007-6436
 	NOT-FOR-US: JustSystems
-CVE-2007-6435 (Stack-based buffer overflow in Novell GroupWise before 6.5.7, when ...)
+CVE-2007-6435
 	NOT-FOR-US: Novell GroupWise
-CVE-2007-6434 (Linux kernel 2.6.23 allows local users to create low pages in virtual ...)
+CVE-2007-6434
 	- linux-2.6 2.6.23-2
 	[etch] - linux-2.6 <not-affected> (Only Linux 2.6.23 and above affected)
-CVE-2007-6433 (The getRenderedEjbql method in the org.jboss.seam.framework.Query ...)
+CVE-2007-6433
 	- jbosseam <itp> (bug #451956)
-CVE-2007-6432 (Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 ...)
+CVE-2007-6432
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-6431 (Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, ...)
+CVE-2007-6431
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2007-6430 (Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and ...)
+CVE-2007-6430
 	{DSA-1525-1}
 	- asterisk 1:1.4.16.2~dfsg-1 (low; bug #457063)
 	[etch] - asterisk <no-dsa> (Minor issue, eventually fix in a later DSA)
 	[sarge] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2007-6429 (Multiple integer overflows in X.Org Xserver before 1.4.1 allow ...)
+CVE-2007-6429
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6428 (The ProcGetReservedColormapEntries function in the TOG-CUP extension ...)
+CVE-2007-6428
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6427 (The XInput extension in X.Org Xserver before 1.4.1 allows ...)
+CVE-2007-6427
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6426 (Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and ...)
+CVE-2007-6426
 	NOT-FOR-US: EMC RepliStor
-CVE-2007-6425 (Unspecified vulnerability in HP-UX B.11.31, when running ARPA ...)
+CVE-2007-6425
 	NOT-FOR-US: HP-UX
-CVE-2007-6424 (registry.pl in Fonality Trixbox 2.0 PBX products, when running in ...)
+CVE-2007-6424
 	NOT-FOR-US: Fonality Trixbox
-CVE-2007-6423 (** DISPUTED ** ...)
+CVE-2007-6423
 	- apache2 <not-affected> (disputed / only for Windows)
-CVE-2007-6422 (The balancer_handler function in mod_proxy_balancer in the Apache HTTP ...)
+CVE-2007-6422
 	- apache2 2.2.8-1 (low)
 	[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
 	[etch] - apache2 2.2.3-4+etch4 (low)
-CVE-2007-6421 (Cross-site scripting (XSS) vulnerability in balancer-manager in ...)
+CVE-2007-6421
 	- apache2 2.2.8-1 (low)
 	[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
 	[etch] - apache2 2.2.3-4+etch4 (low)
-CVE-2007-6420 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2007-6420
 	- apache2 2.2.9-1 (low)
 	[etch] - apache2 <no-dsa> (minor issue)
 	[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
 	NOTE: Won't be fixed in etch.
-CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, ...)
+CVE-2007-6419
 	NOT-FOR-US: HP-UX
-CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...)
+CVE-2007-6417
 	{DSA-1436-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-6416 (The copy_to_user function in the PAL emulation functionality for Xen ...)
+CVE-2007-6416
 	- xen-unstable <not-affected> (We only have xen for i386 and amd64)
 	- xen-3 <not-affected> (We only have xen for i386 and amd64)
 	- xen-3.0 <not-affected> (We only have xen for i386 and amd64)
-CVE-2007-6415 (scponly 4.6 and earlier allows remote authenticated users to bypass ...)
+CVE-2007-6415
 	{DSA-1473-1}
 	- scponly 4.6-1.2 (high)
-CVE-2007-6414 (admin/administrator.php in Adult Script 1.6 and earlier sends a ...)
+CVE-2007-6414
 	NOT-FOR-US: Adult ScriptAdult Script
-CVE-2007-6413 (Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later ...)
+CVE-2007-6413
 	NOT-FOR-US: Sun Solaris
-CVE-2007-6412 (Direct static code injection vulnerability in wiki/index.php in ...)
+CVE-2007-6412
 	NOT-FOR-US: Bitweaver
-CVE-2007-6411 (Multiple buffer overflows in the HandleEmotsConfig function in the GG ...)
+CVE-2007-6411
 	NOT-FOR-US: Gadu-Gadu client
-CVE-2007-6410 (Gadu-Gadu does not properly perform protocol handling, which allows ...)
+CVE-2007-6410
 	NOT-FOR-US: Gadu-Gadu client
-CVE-2007-6409 (The gg protocol handler in Gadu-Gadu, when this product is installed ...)
+CVE-2007-6409
 	NOT-FOR-US: Gadu-Gadu client
-CVE-2007-6408 (IBM Tivoli Provisioning Manager Express provides unspecified ...)
+CVE-2007-6408
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
-CVE-2007-6407 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli ...)
+CVE-2007-6407
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
-CVE-2007-6406 (Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly ...)
+CVE-2007-6406
 	NOT-FOR-US: CA eTrust Threat Management Console
-CVE-2007-6405 (Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows ...)
+CVE-2007-6405
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-6404 (Directory traversal vulnerability in Sergey Lyubka Simple HTTPD ...)
+CVE-2007-6404
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-6403 (Stack-based buffer overflow in Nullsoft Winamp 5.32 allows ...)
+CVE-2007-6403
 	NOT-FOR-US: Winamp
-CVE-2007-6402 (Stack-based buffer overflow in mplayerc.exe in Media Player Classic ...)
+CVE-2007-6402
 	NOT-FOR-US: Media Player Classic
-CVE-2007-6401 (Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media ...)
+CVE-2007-6401
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2007-6400 (Directory traversal vulnerability in download_file.php in PolDoc CMS ...)
+CVE-2007-6400
 	NOT-FOR-US: PolDoc CMS
-CVE-2007-6399 (index.php in Flat PHP Board 1.2 and earlier allows remote ...)
+CVE-2007-6399
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6398 (Flat PHP Board 1.2 and earlier allows remote attackers to bypass ...)
+CVE-2007-6398
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6397 (Multiple directory traversal vulnerabilities in index.php in Flat PHP ...)
+CVE-2007-6397
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6396 (Direct static code injection vulnerability in index.php in Flat PHP ...)
+CVE-2007-6396
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6395 (Flat PHP Board 1.2 and earlier stores sensitive information under the ...)
+CVE-2007-6395
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6394 (SQL injection vulnerability in index.php in Content Injector 1.53 ...)
+CVE-2007-6394
 	NOT-FOR-US: Content Injector
-CVE-2007-6393 (SQL injection vulnerability in albums.php in Ace Image Hosting Script ...)
+CVE-2007-6393
 	NOT-FOR-US: Ace Image Hosting Script
-CVE-2007-6392 (SQL injection vulnerability in DWdirectory 2.1 and earlier allows ...)
+CVE-2007-6392
 	NOT-FOR-US: DWdirectory
-CVE-2007-6391 (SQL injection vulnerability in patch/comments.php in SH-News 3.0 ...)
+CVE-2007-6391
 	NOT-FOR-US: SH-News
-CVE-2007-6390 (Cross-site request forgery (CSRF) vulnerability in the mycalendar ...)
+CVE-2007-6390
 	- serendipity <not-affected> (This is an external plugin not included in our packages)
-CVE-2007-6389 (The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 ...)
+CVE-2007-6389
 	- gnome-screensaver 2.22.0-1 (low; bug #455484)
 	[etch] - gnome-screensaver <no-dsa> (Minor issue)
-CVE-2007-6388 (Cross-site scripting (XSS) vulnerability in mod_status in the Apache ...)
+CVE-2007-6388
 	- apache <removed> (low)
 	- apache2 2.2.8-1 (low)
 	[etch] - apache2 2.2.3-4+etch6
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local users ...)
+CVE-2007-6358
 	{DSA-1437-1}
 	- cups 1.3.5-1 (low; bug #456960)
 	- cupsys 1.3.5-1 (low; bug #456960)
@@ -905,535 +905,535 @@ CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local u
 	NOTE: the debian package is a bit confusing here as it also ships a pdftops
 	NOTE: wrapper script as an example but the original script is installed
 	NOTE: under /usr/lib/cups/filters
-CVE-2007-6356 (exiftags before 1.01 allows attackers to cause a denial of service ...)
+CVE-2007-6356
 	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (low; bug #457062)
-CVE-2007-6355 (Integer overflow in exiftags before 1.01 has unknown impact and attack ...)
+CVE-2007-6355
 	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (bug #457062)
-CVE-2007-6354 (Unspecified vulnerability in exiftags before 1.01 has unknown impact ...)
+CVE-2007-6354
 	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (bug #457062)
-CVE-2007-6352 (Integer overflow in libexif 0.6.16 and earlier allows ...)
+CVE-2007-6352
 	{DSA-1487-1}
 	- libexif 0.6.16-2.1 (medium; bug #457330)
-CVE-2007-6351 (libexif 0.6.16 and earlier allows context-dependent attackers to cause ...)
+CVE-2007-6351
 	{DSA-1487-1}
 	- libexif 0.6.16-2.1 (low; bug #457330)
-CVE-2007-6349 (P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on ...)
+CVE-2007-6349
 	NOT-FOR-US: P4Web
-CVE-2007-6418 (The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the ...)
+CVE-2007-6418
 	{DSA-1501-1}
 	- dspam 3.6.8-5.1 (low; bug #448519)
-CVE-2007-6387 (Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ...)
+CVE-2007-6387
 	NOT-FOR-US: Vantage Linguistics AnswerWorks ActiveX
-CVE-2007-6386 (Stack-based buffer overflow in PccScan.dll before build 1451 in Trend ...)
+CVE-2007-6386
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2007-6385 (The proxy server in Kerio WinRoute Firewall before 6.4.1 does not ...)
+CVE-2007-6385
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2007-6384 (Unspecified vulnerability in the Image Converter functionality in BEA ...)
+CVE-2007-6384
 	NOT-FOR-US: BEA WebLogic Mobility Server
-CVE-2007-6383 (The DAV component in Chandler Server (Cosmo) before 0.10.1 does not ...)
+CVE-2007-6383
 	NOT-FOR-US: Chandler
-CVE-2007-6382 (The Event Dispatch Thread in Robocode before 1.5.1 allows remote ...)
+CVE-2007-6382
 	NOT-FOR-US: Robocode
-CVE-2007-6381 (SQL injection vulnerability in the indexed_search system extension in ...)
+CVE-2007-6381
 	{DSA-1439-1}
 	- typo3-src 4.1.5-1 (low; bug #457446)
 	NOTE: you need to be a logged in backend user to exploit this
-CVE-2007-6380 (Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and ...)
+CVE-2007-6380
 	NOT-FOR-US: e-Xoops
-CVE-2007-6379 (BadBlue 2.72b and earlier allows remote attackers to obtain sensitive ...)
+CVE-2007-6379
 	NOT-FOR-US: BadBlue
-CVE-2007-6378 (Directory traversal vulnerability in upload.dll in BadBlue 2.72b and ...)
+CVE-2007-6378
 	NOT-FOR-US: BadBlue
-CVE-2007-6377 (Stack-based buffer overflow in the PassThru functionality in ext.dll ...)
+CVE-2007-6377
 	NOT-FOR-US: BadBlue
-CVE-2007-6376 (Directory traversal vulnerability in autohtml.php in Francisco Burzi ...)
+CVE-2007-6376
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-6375 (Multiple SQL injection vulnerabilities in Bitweaver 2.0.0 and earlier ...)
+CVE-2007-6375
 	NOT-FOR-US: Bitweaver
-CVE-2007-6374 (Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.0.0 ...)
+CVE-2007-6374
 	NOT-FOR-US: Bitweaver
-CVE-2007-6373 (Multiple SQL injection vulnerabilities in GestDown 1.00 Beta allow ...)
+CVE-2007-6373
 	NOT-FOR-US: GestDown
-CVE-2007-6372 (Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows ...)
+CVE-2007-6372
 	NOT-FOR-US: JUNOS
-CVE-2007-6371 (Nokia N95 cell phone with RM-159 12.0.013 firmware allows remote ...)
+CVE-2007-6371
 	NOT-FOR-US: Nokia N95
 CVE-2007-6370
 	REJECTED
-CVE-2007-6369 (Multiple directory traversal vulnerabilities in resize.php in the ...)
+CVE-2007-6369
 	NOT-FOR-US: PictPress
-CVE-2007-6368 (Directory traversal vulnerability in index.php in ezContents 1.4.5 ...)
+CVE-2007-6368
 	NOT-FOR-US: ezContents
-CVE-2007-6367 (Multiple cross-site scripting (XSS) vulnerabilities in the guestbook ...)
+CVE-2007-6367
 	NOT-FOR-US: SineCMS
-CVE-2007-6366 (Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and earlier ...)
+CVE-2007-6366
 	NOT-FOR-US: SineCMS
-CVE-2007-6365 (Cross-site scripting (XSS) vulnerability in modules/ecal/display.php ...)
+CVE-2007-6365
 	NOT-FOR-US: bcoos
-CVE-2007-6364 (Cross-site scripting (XSS) vulnerability in modificarPerfil.php in ...)
+CVE-2007-6364
 	NOT-FOR-US: JLMForo System
-CVE-2007-6363 (IBM Tivoli Netcool Security Manager 1.3.0 before Interim Fix 1, when ...)
+CVE-2007-6363
 	NOT-FOR-US: IBM Tivoli Netcool Security Manager
-CVE-2007-6362 (SQL injection vulnerability in index.php in the RSGallery ...)
+CVE-2007-6362
 	NOT-FOR-US: RSGallery
-CVE-2007-6361 (Gekko 0.8.2 and earlier stores sensitive information under the web ...)
+CVE-2007-6361
 	NOT-FOR-US: Gekko
-CVE-2007-6360 (Unspecified vulnerability in the Sun eXtended System Control Facility ...)
+CVE-2007-6360
 	NOT-FOR-US: Sun eXtended System Control Facility
-CVE-2007-6359 (The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel ...)
+CVE-2007-6359
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6357 (Stack-based buffer overflow in Microsoft Office Access allows remote, ...)
+CVE-2007-6357
 	NOT-FOR-US: Microsoft Office Access
-CVE-2007-6353 (Integer overflow in exif.cpp in exiv2 library allows context-dependent ...)
+CVE-2007-6353
 	{DSA-1474-1}
 	- exiv2 0.15-2 (medium; bug #456760)
-CVE-2007-6350 (scponly 4.6 and earlier allows remote authenticated users to bypass ...)
+CVE-2007-6350
 	{DSA-1473-1}
 	- scponly 4.6-1.1 (high; bug #437148)
-CVE-2007-6348 (SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net ...)
+CVE-2007-6348
 	- squirrelmail <not-affected> (Compromised packages were never in Debian)
-CVE-2007-6347 (PHP remote file inclusion vulnerability in blocks/block_site_map.php ...)
+CVE-2007-6347
 	NOT-FOR-US: ViArt, CMS, HelpDesk, Shop Evaluation, Shop Free
-CVE-2007-6346 (Cross-site scripting (XSS) vulnerability in Rainboard before 2.10 ...)
+CVE-2007-6346
 	NOT-FOR-US: Rainboard
-CVE-2007-6345 (SQL injection vulnerability in aurora framework before 20071208 allows ...)
+CVE-2007-6345
 	NOT-FOR-US: aurora
-CVE-2007-6344 (Directory traversal vulnerability in modules/cms/index.php in Mcms ...)
+CVE-2007-6344
 	NOT-FOR-US: Mcms Easy Web Make
-CVE-2007-6343 (Cross-site scripting (XSS) vulnerability in HP OpenView Network Node ...)
+CVE-2007-6343
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2007-6342 (SQL injection vulnerability in the David Castro AuthCAS module ...)
+CVE-2007-6342
 	NOT-FOR-US: Apache AuthCAS module
-CVE-2007-6341 (Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such ...)
+CVE-2007-6341
 	{DSA-1515-1}
 	- libnet-dns-perl 0.63-1 (low; bug #457445)
 	NOTE: maybe this should be unimportant as applications using net-dns should handle this croak
-CVE-2007-6340 (Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream ...)
+CVE-2007-6340
 	NOT-FOR-US: Geert Moernaut LSrunasE and Supercrypt
-CVE-2007-6339 (The Akamai Download Manager (aka DLM or dlmanager) ActiveX control ...)
+CVE-2007-6339
 	NOT-FOR-US: Akamai Download Manager
-CVE-2007-6338 (SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill ...)
+CVE-2007-6338
 	NOT-FOR-US: Trivantis CourseMill Enterprise Learning Management System
-CVE-2007-6337 (Unspecified vulnerability in the bzip2 decompression algorithm in ...)
+CVE-2007-6337
 	{DTSA-101-1}
 	- clamav 0.92~dfsg-1~volatile2
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
 	[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6336 (Off-by-one error in ClamAV before 0.92 allows remote attackers to ...)
+CVE-2007-6336
 	{DSA-1435-1 DTSA-101-1}
 	- clamav 0.92~dfsg-1~volatile2
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6335 (Integer overflow in libclamav in ClamAV before 0.92 allows remote ...)
+CVE-2007-6335
 	{DSA-1435-1 DTSA-101-1}
 	- clamav 0.92~dfsg-1~volatile2
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6334 (Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and ...)
+CVE-2007-6334
 	NOT-FOR-US: Ingres on Windows
-CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...)
+CVE-2007-6333
 	NOT-FOR-US: HP Info Center / HP Quick Launch Buttons
-CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...)
+CVE-2007-6332
 	NOT-FOR-US: HP Info Center HP Quick Launch Buttons
-CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ...)
+CVE-2007-6331
 	NOT-FOR-US: HP Info Center / HP Quick Launch Buttons
-CVE-2007-6330 (Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames ...)
+CVE-2007-6330
 	NOT-FOR-US: Meridian Prolog Manager
-CVE-2007-6329 (Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not ...)
+CVE-2007-6329
 	NOT-FOR-US: Microsoft Office
-CVE-2007-6328 (** DISPUTED ** ...)
+CVE-2007-6328
 	- dosbox 0.72-1 (unimportant; bug #458950)
 	NOTE: this is not a security issue, its a feature of dosbox and the first
 	NOTE: thing documented in the manpage
-CVE-2007-6327 (Buffer overflow in a certain ActiveX control in Online Media ...)
+CVE-2007-6327
 	NOT-FOR-US: Online Media Technologies
-CVE-2007-6326 (Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote ...)
+CVE-2007-6326
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-6325 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-6325
 	NOT-FOR-US: Fastpublish
-CVE-2007-6324 (PHP remote file inclusion vulnerability in head.php in CityWriter ...)
+CVE-2007-6324
 	NOT-FOR-US: CityWriter
-CVE-2007-6323 (Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 ...)
+CVE-2007-6323
 	NOT-FOR-US: MMS Gallery PHP
-CVE-2007-6322 (Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 ...)
+CVE-2007-6322
 	NOT-FOR-US: xml2owl
-CVE-2007-6320 (Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does ...)
+CVE-2007-6320
 	NOT-FOR-US: Feature (third party drupal module)
-CVE-2007-6319 (Multiple unspecified vulnerabilities in Lyris ListManager 8.x before ...)
+CVE-2007-6319
 	NOT-FOR-US: Lyris ListManager
-CVE-2007-6318 (SQL injection vulnerability in wp-includes/query.php in WordPress ...)
+CVE-2007-6318
 	- wordpress 2.3.2-1 (low; bug #459305)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: Patch: https://bugs.edge.launchpad.net/ubuntu/+source/wordpress/+bug/181416
-CVE-2007-6317 (Multiple directory traversal vulnerabilities in BarracudaDrive Web ...)
+CVE-2007-6317
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6316 (Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server ...)
+CVE-2007-6316
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6315 (Group Chat in BarracudaDrive Web Server before 3.8 allows remote ...)
+CVE-2007-6315
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6314 (BarracudaDrive Web Server before 3.8 allows remote attackers to read ...)
+CVE-2007-6314
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6313 (MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check ...)
+CVE-2007-6313
 	- mysql-dfsg-5.0 <not-affected> (this only affects >= 5.1.x, update for experimental is on its way)
 	- mysql-dfsg-4.1 <removed>
-CVE-2007-6312 (Cross-site scripting (XSS) vulnerability in the logon page in Web ...)
+CVE-2007-6312
 	NOT-FOR-US: Web Security Suite
-CVE-2007-6311 (SQL injection vulnerability in (1) index.php, and possibly (2) ...)
+CVE-2007-6311
 	NOT-FOR-US: Falt4Extreme
-CVE-2007-6310 (Multiple cross-site scripting (XSS) vulnerabilities in Falt4Extreme ...)
+CVE-2007-6310
 	NOT-FOR-US: Falt4Extreme
-CVE-2007-6309 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-6309
 	NOT-FOR-US: webSPELL
-CVE-2007-6308 (Cross-site scripting (XSS) vulnerability in HttpLogger 0.8.1 allows ...)
+CVE-2007-6308
 	NOT-FOR-US: HttpLogger
-CVE-2007-6307 (Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php ...)
+CVE-2007-6307
 	NOT-FOR-US: wwwstats
-CVE-2007-6306 (Multiple cross-site scripting (XSS) vulnerabilities in the image map ...)
+CVE-2007-6306
 	- libjfreechart-java 1.0.9-1 (low; bug #456148)
 	[sarge] - libjfreechart-java <no-dsa> (Contrib not supported)
-CVE-2007-6305 (Multiple unspecified vulnerabilities in IBM Hardware Management ...)
+CVE-2007-6305
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2007-6302 (Multiple heap-based buffer overflows in avirus.exe in Novell NetMail ...)
+CVE-2007-6302
 	NOT-FOR-US: Novell NetMail
-CVE-2007-6301 (Cross-site scripting (XSS) vulnerability in compose.php in ...)
+CVE-2007-6301
 	NOT-FOR-US: OpenNewsletter
-CVE-2007-6300 (Cross-site request forgery (CSRF) vulnerability in Fusion News 3.9.0 ...)
+CVE-2007-6300
 	NOT-FOR-US: Fusion News
-CVE-2007-6298 (Cross-site scripting (XSS) vulnerability in the Shoutbox module for ...)
+CVE-2007-6298
 	NOT-FOR-US: shoutbox (third party module for Drupal)
-CVE-2007-6297 (Multiple cross-site scripting (XSS) vulnerabilities in PHPMyChat ...)
+CVE-2007-6297
 	NOT-FOR-US: PHPMyChat
-CVE-2007-6296 (PHP remote file inclusion vulnerability in users_popupL.php3 in ...)
+CVE-2007-6296
 	NOT-FOR-US: PHPMyChat
-CVE-2007-6295 (Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page ...)
+CVE-2007-6295
 	NOT-FOR-US: IBM Lotus Sametime
-CVE-2007-6294 (Multiple unspecified vulnerabilities in IBM Hardware Management ...)
+CVE-2007-6294
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2007-6293 (Multiple unspecified vulnerabilities in IBM Hardware Management ...)
+CVE-2007-6293
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2007-6292 (SQL injection vulnerability in leggi_commenti.asp in MWOpen 1.4 and ...)
+CVE-2007-6292
 	NOT-FOR-US: MWOpen
-CVE-2007-6291 (SQL injection vulnerability in abm.aspx in Xigla Absolute Banner ...)
+CVE-2007-6291
 	NOT-FOR-US: Xigla Absolute Banner Manager .NET
-CVE-2007-6290 (Multiple directory traversal vulnerabilities in js/get_js.php in ...)
+CVE-2007-6290
 	NOT-FOR-US: SERWeb
-CVE-2007-6289 (Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 ...)
+CVE-2007-6289
 	NOT-FOR-US: SERWeb
-CVE-2007-6288 (Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow ...)
+CVE-2007-6288
 	NOT-FOR-US: TCExam
-CVE-2007-6287 (Cross-site scripting (XSS) vulnerability in the login page in Lxlabs ...)
+CVE-2007-6287
 	NOT-FOR-US: HyperVM
-CVE-2007-6286 (Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the ...)
+CVE-2007-6286
 	- tomcat5.5 <not-affected> (Does not use apr connector)
 	- tomcat5 <removed>
-CVE-2007-6285 (The default configuration for autofs 5 (autofs5) in some Linux ...)
+CVE-2007-6285
 	- autofs <not-affected> (-hosts feature not present, auto.net has nosuid,nodev)
 	- autofs5 5.0.3-1
 	NOTE: for autofs5 see 12disable_default_auto_master.dpatch
-CVE-2007-6284 (The xmlCurrentChar function in libxml2 before 2.6.31 allows ...)
+CVE-2007-6284
 	{DSA-1461-1}
 	- libxml2 2.6.30.dfsg-3.1 (medium; bug #460292)
 	- libxml 1.8.17-14.1 (medium)
-CVE-2007-6283 (Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key ...)
+CVE-2007-6283
 	- bind9 <not-affected> (On Debian this file is rw for user bind and just readable for group bind)
-CVE-2007-6282 (The IPsec implementation in Linux kernel before 2.6.25 allows remote ...)
+CVE-2007-6282
 	{DSA-1630-1}
 	- linux-2.6 2.6.25-1
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
 	NOTE: Upstream commit 920fc941a9617f95ccb283037fe6f8a38d95bb69
-CVE-2007-6281 (Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in ...)
+CVE-2007-6281
 	NOT-FOR-US: St. Bernard Open File Manager
-CVE-2007-6304 (The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before ...)
+CVE-2007-6304
 	{DSA-1451-1}
 	- mysql-dfsg-5.0 5.0.45-5 (low; bug #455737)
 	- mysql-dfsg-4.1 <removed>
-CVE-2007-6303 (MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 ...)
+CVE-2007-6303
 	- mysql-dfsg-5.0 5.0.45-5 (low; bug #455737)
 	- mysql-dfsg-4.1 <removed>
 	[etch] - mysql-dfsg-5.0 <not-affected> (Vulnerable code introduced after 5.0.32)
-CVE-2007-6299 (Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x ...)
+CVE-2007-6299
 	- drupal5 5.5-1
 	- drupal 4.7.10-1
-CVE-2007-6321 (Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, ...)
+CVE-2007-6321
 	- roundcube 0.1~rc2-6 (low; bug #455840)
 	NOTE: http://seclists.org/bugtraq/2007/Dec/0107.html
 CVE-2007-6280
 	RESERVED
-CVE-2007-6279 (Multiple double free vulnerabilities in Free Lossless Audio Codec ...)
+CVE-2007-6279
 	- flac 1.2.1-1 (unimportant)
 	NOTE: According to upstream this issue is not exploitable for code injection
 	NOTE: due to the layout of the seektable memory
-CVE-2007-6278 (Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows ...)
+CVE-2007-6278
 	- flac 1.2.1-1 (unimportant)
 	NOTE: Such validations are within the responsibility of the respective applications
-CVE-2007-6277 (Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC ...)
+CVE-2007-6277
 	{DSA-1469-1}
 	- flac 1.2.1-1
-CVE-2007-6276 (The accept_connections function in the virtual private network daemon ...)
+CVE-2007-6276
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6275 (SQL injection vulnerability in modules/adresses/ratefile.php in bcoos ...)
+CVE-2007-6275
 	NOT-FOR-US: bcoos
-CVE-2007-6274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-6274
 	NOT-FOR-US: bcoos
-CVE-2007-6273 (Multiple format string vulnerabilities in the configuration file in ...)
+CVE-2007-6273
 	NOT-FOR-US: SonicWALL GLobal VPN Client
-CVE-2007-6272 (Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 ...)
+CVE-2007-6272
 	NOT-FOR-US: Joomla!
-CVE-2007-6271 (Absolute News Manager.NET 5.1 allows remote attackers to obtain ...)
+CVE-2007-6271
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6270 (Multiple cross-site scripting (XSS) vulnerabilities in Absolute News ...)
+CVE-2007-6270
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6269 (Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in ...)
+CVE-2007-6269
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6268 (Directory traversal vulnerability in pages/default.aspx in Absolute ...)
+CVE-2007-6268
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6267 (Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 ...)
+CVE-2007-6267
 	NOT-FOR-US: Citrix EdgeSight
-CVE-2007-6266 (Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier ...)
+CVE-2007-6266
 	NOT-FOR-US: bcoos
-CVE-2007-6265 (Unspecified vulnerability in avast! 4 Home and Professional Editions ...)
+CVE-2007-6265
 	NOT-FOR-US: avast!
 CVE-2007-6264
 	RESERVED
-CVE-2007-6263 (The dataconn function in ftpd.c in netkit ftpd (netkit-ftpd) 0.17, ...)
+CVE-2007-6263
 	- linux-ftpd-ssl 0.17.18+0.3-9.1 (low; bug #454733)
 	[sarge] - linux-ftpd-ssl <no-dsa> (Minor issue)
 	[etch] - linux-ftpd-ssl <no-dsa> (Minor issue)
-CVE-2007-6262 (A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before ...)
+CVE-2007-6262
 	- vlc <not-affected> (Windows only issue)
-CVE-2007-6261 (Integer overflow in the load_threadstack function in the Mach-O loader ...)
+CVE-2007-6261
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6260 (The installation process for Oracle 10g and llg uses accounts with ...)
+CVE-2007-6260
 	NOT-FOR-US: Oracle
 CVE-2007-6259
 	RESERVED
-CVE-2007-6258 (Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV ...)
+CVE-2007-6258
 	- libapache2-mod-jk2 2.0.4-1
 CVE-2007-6257
 	RESERVED
 CVE-2007-6256
 	REJECTED
-CVE-2007-6255 (Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in ...)
+CVE-2007-6255
 	NOT-FOR-US: Microsoft HRTBEAT.OCX
-CVE-2007-6254 (Stack-based buffer overflow in the SAP Business Objects ...)
+CVE-2007-6254
 	NOT-FOR-US: SAP
-CVE-2007-6253 (Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client ...)
+CVE-2007-6253
 	NOT-FOR-US: Adobe Form Designer
-CVE-2007-6252 (Multiple stack-based buffer overflows in the Learn2 Corporation ...)
+CVE-2007-6252
 	NOT-FOR-US: Street Technologies
 CVE-2007-6251
 	RESERVED
-CVE-2007-6250 (Stack-based buffer overflow in AOL AOLMediaPlaybackControl ...)
+CVE-2007-6250
 	NOT-FOR-US: AmpX ActiveX control
-CVE-2007-6249 (etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the ...)
+CVE-2007-6249
 	NOT-FOR-US: Gentoo portage
 CVE-2007-6248
 	RESERVED
 CVE-2007-6247
 	REJECTED
-CVE-2007-6246 (Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up ...)
+CVE-2007-6246
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6245 (Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up ...)
+CVE-2007-6245
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6244 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash ...)
+CVE-2007-6244
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6243 (Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up ...)
+CVE-2007-6243
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6242 (Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier ...)
+CVE-2007-6242
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6241 (Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have ...)
+CVE-2007-6241
 	NOT-FOR-US: Beehive Forum
-CVE-2007-6240 (SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 ...)
+CVE-2007-6240
 	NOT-FOR-US: Snitz Forums
-CVE-2007-6239 (The &quot;cache update reply processing&quot; functionality in Squid 2.x before ...)
+CVE-2007-6239
 	{DSA-1646-2 DSA-1482-1}
 	- squid 2.6.17-1 (medium; bug #455910)
-CVE-2007-6238 (Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows ...)
+CVE-2007-6238
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-6237 (cp.php in DeluxeBB 1.09 does not verify that the membercookie ...)
+CVE-2007-6237
 	NOT-FOR-US: DeluxeBB
-CVE-2007-6236 (Microsoft Windows Media Player (WMP) allows remote attackers to cause ...)
+CVE-2007-6236
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2007-6235 (A certain ActiveX control in RealNetworks RealPlayer 11 allows remote ...)
+CVE-2007-6235
 	NOT-FOR-US: RealNetworks RealPlayer 11
-CVE-2007-6234 (index.php in FTP Admin 0.1.0 allows remote attackers to bypass ...)
+CVE-2007-6234
 	NOT-FOR-US: FTP Admin 0.1.0
-CVE-2007-6233 (Directory traversal vulnerability in index.php in FTP Admin 0.1.0 ...)
+CVE-2007-6233
 	NOT-FOR-US: FTP Admin 0.1.0
-CVE-2007-6232 (Cross-site scripting (XSS) vulnerability in index.php in FTP Admin ...)
+CVE-2007-6232
 	NOT-FOR-US: FTP Admin 0.1.0
-CVE-2007-6231 (Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 ...)
+CVE-2007-6231
 	NOT-FOR-US: tellmatic
-CVE-2007-6230 (Directory traversal vulnerability in ...)
+CVE-2007-6230
 	NOT-FOR-US: Rayzz
-CVE-2007-6229 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-6229
 	NOT-FOR-US: Rayzz
-CVE-2007-6228 (Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ...)
+CVE-2007-6228
 	NOT-FOR-US: Yahoo! Toolbar
-CVE-2007-6227 (QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating ...)
+CVE-2007-6227
 	- qemu <not-affected> (Windows issue)
-CVE-2007-6226 (The American Power Conversion (APC) AP7932 0u 30amp Switched Rack ...)
+CVE-2007-6226
 	NOT-FOR-US: American Power Conversion (APC)
-CVE-2007-6225 (Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used ...)
+CVE-2007-6225
 	NOT-FOR-US: Sun Solaris 10
-CVE-2007-6224 (The RealNetworks RealAudioObjects.RealAudio ActiveX control in ...)
+CVE-2007-6224
 	NOT-FOR-US: RealAudioObjects.RealAudio ActiveX
-CVE-2007-6223 (SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 ...)
+CVE-2007-6223
 	NOT-FOR-US: phpBB Garage
-CVE-2007-6222 (The CheckCustomerAccess function in functions.php in CRM-CTT ...)
+CVE-2007-6222
 	NOT-FOR-US: Interleave
-CVE-2007-6221 (TuMusika Evolution 1.7R5 allows remote attackers to obtain ...)
+CVE-2007-6221
 	NOT-FOR-US: TuMusika
-CVE-2007-6220 (typespeed before 0.6.4 allows remote attackers to cause a denial of ...)
+CVE-2007-6220
 	- typespeed 0.6.4-1 (unimportant; bug #454527)
-CVE-2007-6219 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool ...)
+CVE-2007-6219
 	NOT-FOR-US: IBM Tivoli Netcool Security Manager
-CVE-2007-6218 (Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 ...)
+CVE-2007-6218
 	NOT-FOR-US: Ossigeno CMS
-CVE-2007-6217 (Multiple SQL injection vulnerabilities in login.asp in Irola My-Time ...)
+CVE-2007-6217
 	NOT-FOR-US: Irola My-Time
-CVE-2007-6216 (Race condition in the Fibre Channel protocol (fcp) driver and Devices ...)
+CVE-2007-6216
 	NOT-FOR-US: Sun Solaris
-CVE-2007-6215 (Multiple directory traversal vulnerabilities in play.php in Web-MeetMe ...)
+CVE-2007-6215
 	NOT-FOR-US: Web-MeetMe
-CVE-2007-6214 (Directory traversal vulnerability in include/file_download.php in ...)
+CVE-2007-6214
 	NOT-FOR-US: LearnLoop
-CVE-2007-6213 (Multiple directory traversal vulnerabilities in mod/chat/index.php in ...)
+CVE-2007-6213
 	NOT-FOR-US: WebED
-CVE-2007-6212 (Directory traversal vulnerability in region.php in KML share 1.1 ...)
+CVE-2007-6212
 	NOT-FOR-US: KML share
-CVE-2007-6207 (Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not ...)
+CVE-2007-6207
 	- xen-3 3.1.2-1
-CVE-2007-6206 (The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x ...)
+CVE-2007-6206
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1436-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
-CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS sidebar ...)
+CVE-2007-6205
 	{DSA-1528-1}
 	- serendipity 1.2.1-1 (low)
-CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node ...)
+CVE-2007-6204
 	NOT-FOR-US: HP OpenView
-CVE-2007-6203 (Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method ...)
+CVE-2007-6203
 	- apache2 2.2.6-3 (low)
 	[sarge] - apache2 <no-dsa> (minor issue)
 	- apache <not-affected> (vulnerable code not present)
 	NOTE: Might be exploitable with older flash plugins via HTTP Request Splitting
 	[etch] - apache2 2.2.3-4+etch4
-CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local users ...)
+CVE-2007-6208
 	- claws-mail 3.1.0-2 (low; bug #454089)
-CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs &quot;UserParameter&quot; ...)
+CVE-2007-6210
 	{DSA-1420-1 DTSA-93-1}
 	- zabbix 1:1.4.2-4 (bug #452682)
-CVE-2007-6202 (SQL injection vulnerability in plugins/search/search.php in Neocrome ...)
+CVE-2007-6202
 	NOT-FOR-US: Neocrome Seditio CMS
-CVE-2007-6211 (Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users ...)
+CVE-2007-6211
 	- sing 1.1-16 (low; bug #454167)
 	[etch] - sing 1.1-13etch1
 	[sarge] - sing 1.1-9sarge1
-CVE-2007-6209 (Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...)
+CVE-2007-6209
 	- zsh 4.3.4-dev-3-2 (low; bug #454073)
 	[etch] - zsh <no-dsa> (Minor issue)
 	[sarge] - zsh <no-dsa> (Minor issue)
-CVE-2007-6201 (Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x ...)
+CVE-2007-6201
 	- wesnoth 1:1.2.8-1 (low)
 	[etch] - wesnoth 1.2-4
 	[sarge] - wesnoth 0.9.0-8
-CVE-2007-6200 (Unspecified vulnerability in rsync before 3.0.0pre6, when running a ...)
+CVE-2007-6200
 	- rsync 2.6.9-6 (low; bug #453652)
 	[etch] - rsync <no-dsa> (Minor issue)
-CVE-2007-6199 (rsync before 3.0.0pre6, when running a writable rsync daemon that is ...)
+CVE-2007-6199
 	- rsync 2.6.9-6 (unimportant; bug #453652)
 	NOTE: Security feature enhancement, not really a security problem
-CVE-2007-6198 (portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction ...)
+CVE-2007-6198
 	NOT-FOR-US: Plumtree
-CVE-2007-6197 (The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 ...)
+CVE-2007-6197
 	NOT-FOR-US: Plumtree
-CVE-2007-6196 (Cross-site scripting (XSS) vulnerability in util.php in Calacode @Mail ...)
+CVE-2007-6196
 	NOT-FOR-US: Calacode
-CVE-2007-6195 (Buffer overflow in the sw_rpc_agent_init function in swagentd in ...)
+CVE-2007-6195
 	NOT-FOR-US: HP-UX
-CVE-2007-6194 (Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 ...)
+CVE-2007-6194
 	NOT-FOR-US: HP Select Identity
-CVE-2007-6193 (The web management interface in Citrix NetScaler 8.0 build 47.8 stores ...)
+CVE-2007-6193
 	NOT-FOR-US: Citrix
-CVE-2007-6192 (The web management interface in Citrix NetScaler 8.0 build 47.8 uses ...)
+CVE-2007-6192
 	NOT-FOR-US: Citrix
-CVE-2007-6191 (Multiple PHP remote file inclusion vulnerabilities in Armin Burger ...)
+CVE-2007-6191
 	NOT-FOR-US: Armin Burger p.mapper
-CVE-2007-6190 (The HTTP daemon in the Cisco Unified IP Phone, when the Extension ...)
+CVE-2007-6190
 	NOT-FOR-US: Cisco Unified IP Phone
-CVE-2007-6189 (A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in ...)
+CVE-2007-6189
 	NOT-FOR-US: BitDefender Online Anti-Virus Scanner
-CVE-2007-6188 (Multiple directory traversal vulnerabilities in TuMusika Evolution ...)
+CVE-2007-6188
 	NOT-FOR-US: TuMusika Evolution
-CVE-2007-6187 (Multiple directory traversal vulnerabilities in PHP Content Architect ...)
+CVE-2007-6187
 	NOT-FOR-US: PHP Content Architect
-CVE-2007-6186 (Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown ...)
+CVE-2007-6186
 	NOT-FOR-US: PHPDevShell
-CVE-2007-6185 (Directory traversal vulnerability in users/files.php in Eurologon CMS ...)
+CVE-2007-6185
 	NOT-FOR-US: Eurologon CMS
-CVE-2007-6184 (Directory traversal vulnerability in index.php in Project Alumni 1.0.9 ...)
+CVE-2007-6184
 	NOT-FOR-US: Project Alumni
-CVE-2007-6182 (The responder program in ISPsystem ISPmanager (aka ISPmgr) 4.2.15.1 ...)
+CVE-2007-6182
 	NOT-FOR-US: ISPmanager
-CVE-2007-6181 (Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier ...)
+CVE-2007-6181
 	NOT-FOR-US: Cygwin
-CVE-2007-6180 (Race condition in the Remote Procedure Call kernel module (rpcmod) in ...)
+CVE-2007-6180
 	NOT-FOR-US: Solaris
-CVE-2007-6179 (Multiple PHP remote file inclusion vulnerabilities in Charray's CMS ...)
+CVE-2007-6179
 	NOT-FOR-US: Charray's CMS
-CVE-2007-6178 (Multiple PHP remote file inclusion vulnerabilities in Easy Hosting ...)
+CVE-2007-6178
 	NOT-FOR-US: Easy Hosting Control Panel for Ubuntu
-CVE-2007-6177 (PHP remote file inclusion vulnerability in Exchange/include.php in ...)
+CVE-2007-6177
 	NOT-FOR-US: PHP-CON
-CVE-2007-6176 (kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote ...)
+CVE-2007-6176
 	NOT-FOR-US: KB-Bestellsystem
-CVE-2007-6175 (Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to ...)
+CVE-2007-6175
 	NOT-FOR-US: Lhaplus
-CVE-2007-6174 (PHPDevShell before 0.7.0 allows remote authenticated users to gain ...)
+CVE-2007-6174
 	NOT-FOR-US: PHPDevShell
-CVE-2007-6173 (Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay ...)
+CVE-2007-6173
 	- liferay-portal <itp> (bug #569819)
-CVE-2007-6172 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
+CVE-2007-6172
 	NOT-FOR-US: wpQuiz
-CVE-2007-6169 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty ...)
+CVE-2007-6169
 	NOT-FOR-US: GOUAE DWD Realty
-CVE-2007-6168 (SQL injection vulnerability in default.asp in VU Case Manager allows ...)
+CVE-2007-6168
 	NOT-FOR-US: VU Case Manager
-CVE-2007-6167 (Untrusted search path vulnerability in yast2-core in SUSE Linux might ...)
+CVE-2007-6167
 	NOT-FOR-US: Yast2
-CVE-2007-6166 (Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used ...)
+CVE-2007-6166
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-6165 (Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote ...)
+CVE-2007-6165
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6164 (Multiple SQL injection vulnerabilities in Eurologon CMS allow remote ...)
+CVE-2007-6164
 	NOT-FOR-US: Eurologon CMS
-CVE-2007-6163 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty ...)
+CVE-2007-6163
 	NOT-FOR-US: GOUAE DWD Realty
-CVE-2007-6162 (Cross-site scripting (XSS) vulnerability in index.php in FMDeluxe ...)
+CVE-2007-6162
 	NOT-FOR-US: FMDeluxe
-CVE-2007-6161 (index.php in Tilde CMS 4.x and earlier allows remote attackers to ...)
+CVE-2007-6161
 	NOT-FOR-US: Tilde CMS
-CVE-2007-6160 (Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x ...)
+CVE-2007-6160
 	NOT-FOR-US: Tilde CMS
-CVE-2007-6159 (SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier ...)
+CVE-2007-6159
 	NOT-FOR-US: Tilde CMS
-CVE-2007-6158 (Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs ...)
+CVE-2007-6158
 	NOT-FOR-US: Proverbs Web Calendar
-CVE-2007-6157 (Cross-site scripting (XSS) vulnerability in index.php in SimpleGallery ...)
+CVE-2007-6157
 	NOT-FOR-US: SimpleGallery
-CVE-2007-6156 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-6156
 	- acidbase 1.3.9-1 (low; bug #453838)
 	[etch] - acidbase <not-affected> (vulnerable code not present, in etch acidbase exits in this case)
 CVE-2007-6155
@@ -1444,89 +1444,89 @@ CVE-2007-6153
 	RESERVED
 CVE-2007-6152
 	RESERVED
-CVE-2007-6151 (The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows ...)
+CVE-2007-6151
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1479-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-6149 (Multiple integer overflows in the Edge server in Adobe Flash Media ...)
+CVE-2007-6149
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2007-6148 (Use-after-free vulnerability in the Edge server in Adobe Flash Media ...)
+CVE-2007-6148
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2007-6147 (Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE ...)
+CVE-2007-6147
 	NOT-FOR-US: IAPR COMMENCE
-CVE-2007-6146 (Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02 on ...)
+CVE-2007-6146
 	NOT-FOR-US: JP1/File Transmission Server/FTP on windows
-CVE-2007-6145 (Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP ...)
+CVE-2007-6145
 	NOT-FOR-US: Hitachi JP1/File Transmission Server/FTP
-CVE-2007-6144 (Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control ...)
+CVE-2007-6144
 	NOT-FOR-US: Xunlei Thunder
-CVE-2007-6143 (SQL injection vulnerability in default.asp (aka the Login Page) in VU ...)
+CVE-2007-6143
 	NOT-FOR-US: VU Case Manager
-CVE-2007-6142 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
+CVE-2007-6142
 	NOT-FOR-US: JAF CMS
-CVE-2007-6141 (Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 ...)
+CVE-2007-6141
 	NOT-FOR-US: vBTube
-CVE-2007-6140 (Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote ...)
+CVE-2007-6140
 	NOT-FOR-US: Dora Emlak
-CVE-2007-6139 (PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox ...)
+CVE-2007-6139
 	NOT-FOR-US: Mp3 ToolBox
-CVE-2007-6138 (SQL injection vulnerability in redir.asp in VU Mass Mailer allows ...)
+CVE-2007-6138
 	NOT-FOR-US: VU Mass Mailer
-CVE-2007-6137 (SQL injection vulnerability in news.php in Content Injector 1.52 ...)
+CVE-2007-6137
 	NOT-FOR-US: Content Injector
-CVE-2007-6136 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-6136
 	NOT-FOR-US: M2Scripts MySpace Scripts
-CVE-2007-6135 (Cross-site scripting (XSS) vulnerability in phpslideshow.php in ...)
+CVE-2007-6135
 	NOT-FOR-US: PHPSlideShow
-CVE-2007-6134 (SQL injection vulnerability in pkinc/public/article.php in PHPKIT ...)
+CVE-2007-6134
 	NOT-FOR-US: PHPKIT
-CVE-2007-6133 (PHP remote file inclusion vulnerability in admin/kfm/initialise.php in ...)
+CVE-2007-6133
 	NOT-FOR-US: DevMass Shopping Cart
-CVE-2007-6183 (Format string vulnerability in the mdiag_initialize function in ...)
+CVE-2007-6183
 	{DSA-1431-1 DTSA-102-1}
 	- ruby-gnome2 0.16.0-10 (medium; bug #453689)
-CVE-2007-6171 (SQL injection vulnerability in the Postgres Realtime Engine ...)
+CVE-2007-6171
 	- asterisk 1:1.4.15~dfsg-1 (medium)
 	[sarge] - asterisk <not-affected> (Vulnerable code not present)
 	[etch] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2007-6170 (SQL injection vulnerability in the Call Detail Record Postgres logging ...)
+CVE-2007-6170
 	{DSA-1417-1}
 	- asterisk 1:1.4.15~dfsg-1 (medium)
-CVE-2007-6150 (The &quot;internal state tracking&quot; code for the random and urandom devices ...)
+CVE-2007-6150
 	- kfreebsd-7 7.0~cvs20080107-1
 	- kfreebsd-6 6.3~cvs20080107-1
 	- kfreebsd-5 <removed> (medium; bug #453944)
 	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
 CVE-2007-6132
 	REJECTED
-CVE-2007-6131 (buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite ...)
+CVE-2007-6131
 	- scanbuttond 0.2.3-6 (unimportant; bug #453239)
 	NOTE: this is just an example script, maintainer adds a note about it
 	NOTE: 0.2.3-6 adds a security note about this script
-CVE-2007-6130 (gnump3d 2.9final does not apply password protection to its plugins, ...)
+CVE-2007-6130
 	- gnump3d 3.0-1 (medium)
 	[sarge] - gnump3d <not-affected> (Vulnerable code not present)
 	[etch] - gnump3d <not-affected> (Vulnerable code not present)
-CVE-2007-6129 (Directory traversal vulnerability in scripts/include/show_content.php ...)
+CVE-2007-6129
 	NOT-FOR-US: Amber script
-CVE-2007-6128 (SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 ...)
+CVE-2007-6128
 	NOT-FOR-US: WorkingOnWeb
-CVE-2007-6127 (Multiple SQL injection vulnerabilities in project alumni 1.0.9 and ...)
+CVE-2007-6127
 	NOT-FOR-US: Alumni
-CVE-2007-6126 (Multiple cross-site scripting (XSS) vulnerabilities in project alumni ...)
+CVE-2007-6126
 	NOT-FOR-US: Alumni
-CVE-2007-6125 (SQL injection vulnerability in search_form.php in Softbiz Freelancers ...)
+CVE-2007-6125
 	NOT-FOR-US: Softbiz Freelancers Script
-CVE-2007-6124 (Cross-site scripting (XSS) vulnerability in signin.php in Softbiz ...)
+CVE-2007-6124
 	NOT-FOR-US: Softbiz Freelancers Script
-CVE-2007-6123 (Unspecified vulnerability in IRC Services 5.1.8 has unknown impact and ...)
+CVE-2007-6123
 	NOT-FOR-US: IRC Services
-CVE-2007-6122 (The default_encrypt function in encrypt.c in IRC Services before ...)
+CVE-2007-6122
 	NOT-FOR-US: IRC Services
-CVE-2007-6110 (Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 ...)
+CVE-2007-6110
 	{DSA-1429-1}
 	- htdig 1:3.2.0b6-4 (low; bug #453278)
 	[sarge] - htdig <not-affected> (Vulnerable code not present)
-CVE-2007-6109 (Stack-based buffer overflow in emacs allows user-assisted attackers to ...)
+CVE-2007-6109
 	{DTSA-98-1 DTSA-99-1}
 	- emacs22 22.1+1-2.2 (bug #455432)
 	- emacs21 21.4a+1-5.2 (bug #455433)
@@ -1537,66 +1537,66 @@ CVE-2007-6108
 	RESERVED
 CVE-2007-6107
 	RESERVED
-CVE-2007-6106 (SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 ...)
+CVE-2007-6106
 	NOT-FOR-US: AlstraSoft E-Friends
-CVE-2007-6105 (Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 ...)
+CVE-2007-6105
 	NOT-FOR-US: TalkBack
-CVE-2007-6104 (Cross-site scripting (XSS) vulnerability in the Instant Web Publishing ...)
+CVE-2007-6104
 	NOT-FOR-US: FileMaker Pro
-CVE-2007-6103 (I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) ...)
+CVE-2007-6103
 	- ihu 0.5.6-3.1 (unimportant; bug #453280)
 	NOTE: Would only terminate normal phone call by hanging up, not a real security bug
-CVE-2007-6102 (Cross-site scripting (XSS) vulnerability in Feed to JavaScript ...)
+CVE-2007-6102
 	NOT-FOR-US: feed2js
-CVE-2007-6101 (Ability Mail Server before 2.61 allows remote authenticated users to ...)
+CVE-2007-6101
 	NOT-FOR-US: Ability Mail Server
-CVE-2007-6100 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-6100
 	- phpmyadmin 4:2.11.2.2-1
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-6099 (Unspecified vulnerability in Ingate Firewall before 4.6.0 and ...)
+CVE-2007-6099
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6098 (Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log ...)
+CVE-2007-6098
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6097 (Unspecified vulnerability in the ICMP implementation in Ingate ...)
+CVE-2007-6097
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6096 (Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext ...)
+CVE-2007-6096
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6095 (The SIP component in Ingate Firewall before 4.6.0 and SIParator before ...)
+CVE-2007-6095
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6094 (The IPsec module in the VPN component in Ingate Firewall before 4.6.0 ...)
+CVE-2007-6094
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6093 (The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator ...)
+CVE-2007-6093
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6092 (Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and ...)
+CVE-2007-6092
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6091 (Multiple SQL injection vulnerabilities in files/login.asp in JiRo's ...)
+CVE-2007-6091
 	NOT-FOR-US: JiRo's Banner System (JBS)
-CVE-2007-6090 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan ...)
+CVE-2007-6090
 	NOT-FOR-US: Nuked-Klan
-CVE-2007-6089 (PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 ...)
+CVE-2007-6089
 	NOT-FOR-US: meBiblio
-CVE-2007-6088 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-6088
 	NOT-FOR-US: phpBBViet
-CVE-2007-6087 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+CVE-2007-6087
 	NOT-FOR-US: VigileCMS
-CVE-2007-6086 (Directory traversal vulnerability in index.php in VigileCMS 1.4 allows ...)
+CVE-2007-6086
 	NOT-FOR-US: VigileCMS
-CVE-2007-6085 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-6085
 	NOT-FOR-US: VigileCMS
-CVE-2007-6084 (SQL injection vulnerability in software-description.php in HotScripts ...)
+CVE-2007-6084
 	NOT-FOR-US: HotScripts Clone script
-CVE-2007-6083 (SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows ...)
+CVE-2007-6083
 	NOT-FOR-US: IceBB
-CVE-2007-6082 (Direct static code injection vulnerability in acp/savenews.php in ...)
+CVE-2007-6082
 	NOT-FOR-US: Sciurus Hosting Panel
-CVE-2007-6081 (AdventNet EventLog Analyzer build 4030 for Windows, and possibly other ...)
+CVE-2007-6081
 	NOT-FOR-US: Windows
-CVE-2007-6080 (SQL injection vulnerability in modules/banners/click.php in the ...)
+CVE-2007-6080
 	NOT-FOR-US: bcoos
-CVE-2007-6079 (Directory traversal vulnerability in include/common.php in bcoos ...)
+CVE-2007-6079
 	NOT-FOR-US: bcoos
-CVE-2007-6078 (Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote ...)
+CVE-2007-6078
 	NOT-FOR-US: SkyPortal
 CVE-2007-6076
 	RESERVED
@@ -1616,7 +1616,7 @@ CVE-2007-6069
 	RESERVED
 CVE-2007-6068
 	RESERVED
-CVE-2007-6067 (Algorithmic complexity vulnerability in the regular expression parser ...)
+CVE-2007-6067
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
@@ -1631,138 +1631,138 @@ CVE-2007-6065
 	RESERVED
 CVE-2007-6064
 	RESERVED
-CVE-2007-6063 (Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux ...)
+CVE-2007-6063
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1436-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-6062 (irc-channel.c in ngIRCd before 0.10.3 allows remote attackers to cause ...)
+CVE-2007-6062
 	- ngircd 0.10.3-1 (bug #451875)
 	[etch] - ngircd 0.10.0-2etch1
-CVE-2007-6061 (Audacity 1.3.2 creates a temporary directory with a predictable name ...)
+CVE-2007-6061
 	- audacity 1.3.4-1.1 (bug #453283; low)
 	[etch] - audacity <no-dsa> (Minor issue)
-CVE-2007-6060 (AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a ...)
+CVE-2007-6060
 	NOT-FOR-US: AhnLab Antivirus 3 Internet Security 2008 Platinum
-CVE-2007-6059 (** DISPUTED ** ...)
+CVE-2007-6059
 	NOT-FOR-US: Javamail
-CVE-2007-6058 (Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 ...)
+CVE-2007-6058
 	NOT-FOR-US: ProfileCMS
-CVE-2007-6057 (PHP remote file inclusion vulnerability in index.php in datecomm ...)
+CVE-2007-6057
 	NOT-FOR-US: datecomm Social Networking Script
-CVE-2007-6056 (frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a ...)
+CVE-2007-6056
 	NOT-FOR-US: Aida-Web
-CVE-2007-6055 (Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay ...)
+CVE-2007-6055
 	- liferay-portal <itp> (bug #569819)
-CVE-2007-6054 (Cross-site scripting (XSS) vulnerability in the login page in the ...)
+CVE-2007-6054
 	NOT-FOR-US: Aruba 800 Mobility Controller
-CVE-2007-6053 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large ...)
+CVE-2007-6053
 	NOT-FOR-US: IBM DB2
-CVE-2007-6052 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector ...)
+CVE-2007-6052
 	NOT-FOR-US: IBM DB2
-CVE-2007-6051 (IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the ...)
+CVE-2007-6051
 	NOT-FOR-US: IBM DB2
-CVE-2007-6050 (Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak ...)
+CVE-2007-6050
 	NOT-FOR-US: IBM DB2
-CVE-2007-6049 (Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB ...)
+CVE-2007-6049
 	NOT-FOR-US: IBM DB2
-CVE-2007-6048 (IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for ...)
+CVE-2007-6048
 	NOT-FOR-US: IBM DB2
-CVE-2007-6047 (Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 ...)
+CVE-2007-6047
 	NOT-FOR-US: IBM DB2
-CVE-2007-6046 (Unspecified vulnerability in unspecified setuid programs in IBM DB2 ...)
+CVE-2007-6046
 	NOT-FOR-US: IBM DB2
-CVE-2007-6045 (Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 ...)
+CVE-2007-6045
 	NOT-FOR-US: IBM DB2
-CVE-2007-6044 (Multiple unspecified vulnerabilities in IBM WebSphere MQ 6.0 have ...)
+CVE-2007-6044
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-6043 (The CryptGenRandom function in Microsoft Windows 2000 generates ...)
+CVE-2007-6043
 	NOT-FOR-US: Windows
-CVE-2007-6042 (PHP remote file inclusion vulnerability in fehler.inc.php in SWSoft ...)
+CVE-2007-6042
 	NOT-FOR-US: SWSoft Confixx Professional
-CVE-2007-6041 (Buffer overflow in the Sequencer::queueMessage function in ...)
+CVE-2007-6041
 	NOT-FOR-US: Rigs of Rods (RoR)
-CVE-2007-6040 (The Belkin F5D7230-4 Wireless G Router allows remote attackers to ...)
+CVE-2007-6040
 	NOT-FOR-US: Belkin F5D7230-4 Wireless G Router
-CVE-2007-6039 (PHP 5.2.5 and earlier allows context-dependent attackers to cause a ...)
+CVE-2007-6039
 	- php5 5.2.5-1 (unimportant; bug #453295)
 	NOTE: Not a vulnerability per Debian PHP security policy, requires malicious
 	NOTE: script to trigger this issue
-CVE-2007-6077 (The session fixation protection mechanism in cgi_process.rb in Rails ...)
+CVE-2007-6077
 	- rails 1.2.6-1 (low; bug #452748)
-CVE-2007-6111 (Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) ...)
+CVE-2007-6111
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6112 (Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) ...)
+CVE-2007-6112
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (medium; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6113 (Integer signedness error in the DNP3 dissector in Wireshark (formerly ...)
+CVE-2007-6113
 	{DTSA-92-1}
 	- wireshark 0.99.6pre1-1 (low)
 	[etch] - wireshark <no-dsa> (Minor issue, exotic dissector, very intrusive backport)
-CVE-2007-6114 (Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 ...)
+CVE-2007-6114
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (medium; bug #452381)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6115 (Buffer overflow in the ANSI MAP dissector for Wireshark (formerly ...)
+CVE-2007-6115
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (medium; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6116 (The Firebird/Interbase dissector in Wireshark (formerly Ethereal) ...)
+CVE-2007-6116
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6117 (Unspecified vulnerability in the HTTP dissector for Wireshark ...)
+CVE-2007-6117
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (bug #452381)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6118 (The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 ...)
+CVE-2007-6118
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
-CVE-2007-6119 (The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows ...)
+CVE-2007-6119
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6120 (The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to ...)
+CVE-2007-6120
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6121 (Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers ...)
+CVE-2007-6121
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
-CVE-2007-6038 (PHP remote file inclusion vulnerability in xajax_functions.php in the ...)
+CVE-2007-6038
 	NOT-FOR-US: Joomla! extension
-CVE-2007-6037 (Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in ...)
+CVE-2007-6037
 	NOT-FOR-US: Citrix NetScaler
-CVE-2007-6036 (The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 ...)
+CVE-2007-6036
 	NOT-FOR-US: LIVE555 Media Server
 CVE-2007-6034
 	REJECTED
-CVE-2007-6033 (Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure ...)
+CVE-2007-6033
 	NOT-FOR-US: Invensys Wonderware InTouch
-CVE-2007-6032 (SQL injection vulnerability in calendar/page.asp in Aleris Web ...)
+CVE-2007-6032
 	NOT-FOR-US: Aleris Web Publishing Server
-CVE-2007-6031 (Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote ...)
+CVE-2007-6031
 	NOT-FOR-US: VanDyke VShell
-CVE-2007-6030 (Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has ...)
+CVE-2007-6030
 	NOT-FOR-US: Weird Solutions BOOTPTurbo
-CVE-2007-6029 (Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote ...)
+CVE-2007-6029
 	NOTE: this information is based upon a vague advisory by a vulnerability
 	NOTE: information sales organization that does not coordinate with vendors or
 	NOTE: release actionable advisories. So maybe it is not fixed _but_ since it is
 	NOTE: not disclosed it would be hard to fix and track it.
-CVE-2007-6028 (Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ...)
+CVE-2007-6028
 	NOT-FOR-US: ComponentOne FlexGrid
-CVE-2007-6027 (PHP remote file inclusion vulnerability in admin.jjgallery.php in the ...)
+CVE-2007-6027
 	NOT-FOR-US: Joomla! extension
-CVE-2007-6026 (Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka ...)
+CVE-2007-6026
 	NOT-FOR-US: Microsoft Jet Engine
-CVE-2007-6025 (Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 ...)
+CVE-2007-6025
 	- wpasupplicant 0.6.0-4
 	[etch] - wpasupplicant <not-affected> (Vulnerable code not present)
 	[sarge] - wpasupplicant <not-affected> (Vulnerable code not present)
@@ -1772,137 +1772,137 @@ CVE-2007-6023
 	RESERVED
 CVE-2007-6022
 	RESERVED
-CVE-2007-6021 (Heap-based buffer overflow in Adobe PageMaker 7.0.1 and 7.0.2 allows ...)
+CVE-2007-6021
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-6020 (Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat ...)
+CVE-2007-6020
 	NOT-FOR-US: KeyView
-CVE-2007-6019 (Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, ...)
+CVE-2007-6019
 	- flashplugin-nonfree 1:1.4
-CVE-2007-6018 (IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde ...)
+CVE-2007-6018
 	{DSA-1470-1}
 	- horde3 3.1.6-1 (bug #461131; low)
 	- imp4 <not-affected> (xss.php is only present in horde3 package)
-CVE-2007-6017 (The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in ...)
+CVE-2007-6017
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2007-6016 (Multiple stack-based buffer overflows in the ...)
+CVE-2007-6016
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2007-6015 (Stack-based buffer overflow in the send_mailslot function in nmbd in ...)
+CVE-2007-6015
 	{DSA-1427-1 DTSA-100-1}
 	- samba 3.0.28-1 (high)
-CVE-2007-6014 (SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and ...)
+CVE-2007-6014
 	NOT-FOR-US: Beehive Forum
-CVE-2007-6013 (Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash ...)
+CVE-2007-6013
 	- wordpress 2.5.0-1 (low; bug #452251)
 	[etch] - wordpress <no-dsa> (Minor issue)
 	NOTE: if untrusted people are allowed to read the database they could still
 	NOTE: crack the hash with more work, so maybe this is unimportant?
-CVE-2007-6012 (SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 ...)
+CVE-2007-6012
 	NOT-FOR-US: DocuSafe
-CVE-2007-6035 (SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows ...)
+CVE-2007-6035
 	{DSA-1418-1}
 	- cacti 0.8.7a-1 (medium; bug #452085)
-CVE-2007-6011 (Unspecified vulnerability in main.php of BugHotel Reservation System ...)
+CVE-2007-6011
 	NOT-FOR-US: BugHotel
-CVE-2007-6010 (Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 ...)
+CVE-2007-6010
 	{DTSA-89-1}
 	- pioneers 0.11.3-2 (low; bug #449541)
 	[etch] - pioneers <no-dsa> (Minor issue)
-CVE-2007-6009 (Multiple buffer overflows in ACD products allow user-assisted remote ...)
+CVE-2007-6009
 	NOT-FOR-US: ACD products
-CVE-2007-6008 (Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy ...)
+CVE-2007-6008
 	NOT-FOR-US: Autonomy
-CVE-2007-6007 (Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo ...)
+CVE-2007-6007
 	NOT-FOR-US: Pro Photo Manager
-CVE-2007-6006 (TestLink before 1.7.1 does not enforce an unspecified authorization ...)
+CVE-2007-6006
 	NOT-FOR-US: TestLink
-CVE-2007-6005 (Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX ...)
+CVE-2007-6005
 	NOT-FOR-US: WebEx
-CVE-2007-6004 (Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 ...)
+CVE-2007-6004
 	NOT-FOR-US: Toko Instan
-CVE-2007-6003 (Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the ...)
+CVE-2007-6003
 	NOT-FOR-US: SpeedTouch
-CVE-2007-6002 (Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir ...)
+CVE-2007-6002
 	NOT-FOR-US: Fenriru
-CVE-2007-6001 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-6001
 	- bandersnatch <removed> (low; bug #435709)
-CVE-2007-6000 (KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a ...)
+CVE-2007-6000
 	- kdebase <unfixed> (unimportant; bug #451794)
 	NOTE: not reproducible with 4:3.5.8.dfsg.1-1, poked maintainer
 	NOTE: it seems konqueror only treats the cookie value until some special length
 	NOTE: as cookie, after this length it will open the rest as site content. This eats alot
 	NOTE: ram and cpu but depending on how much ram the system has, konqueror will die after
 	NOTE: no memory is left, not treated as security problem.
-CVE-2007-5999 (SQL injection vulnerability in product_desc.php in Softbiz Auctions ...)
+CVE-2007-5999
 	NOT-FOR-US: Softbiz
-CVE-2007-5998 (SQL injection vulnerability in ads.php in Softbiz Ad Management plus ...)
+CVE-2007-5998
 	NOT-FOR-US: Softbiz
-CVE-2007-5997 (SQL injection vulnerability in campaign_stats.php in Softbiz Banner ...)
+CVE-2007-5997
 	NOT-FOR-US: Softbiz Banner Exchange Network Script
-CVE-2007-5996 (SQL injection vulnerability in searchresult.php in Softbiz Link ...)
+CVE-2007-5996
 	NOT-FOR-US: Softbiz Link Directory Script
-CVE-2007-5995 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5995
 	NOT-FOR-US: patBBcode
-CVE-2007-5994 (PHP remote file inclusion vulnerability in check_noimage.php in Fritz ...)
+CVE-2007-5994
 	NOT-FOR-US: php photo album
-CVE-2007-5993 (Cross-site scripting (XSS) vulnerability in Visionary Technology in ...)
+CVE-2007-5993
 	NOT-FOR-US: vtls
-CVE-2007-5992 (SQL injection vulnerability in index.php in datecomm Social Networking ...)
+CVE-2007-5992
 	NOT-FOR-US: Social Networking Script
-CVE-2007-5991 (SQL injection vulnerability in index.php in ExoPHPdesk allows remote ...)
+CVE-2007-5991
 	NOT-FOR-US: ExoPHPdesk
-CVE-2007-5990 (Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote ...)
+CVE-2007-5990
 	NOT-FOR-US: ExoPHPdesk
-CVE-2007-5989 (Unspecified vulnerability in the skype4com URI handler in Skype before ...)
+CVE-2007-5989
 	NOT-FOR-US: Skype
-CVE-2007-5988 (blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user ...)
+CVE-2007-5988
 	NOT-FOR-US: BtiTracker
-CVE-2007-5987 (details.php in BtiTracker before 1.4.5, when torrent viewing is ...)
+CVE-2007-5987
 	NOT-FOR-US: BtiTracker
-CVE-2007-5986 (SQL injection vulnerability in include/functions.php in BtiTracker ...)
+CVE-2007-5986
 	NOT-FOR-US: BtiTracker
-CVE-2007-5985 (Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker ...)
+CVE-2007-5985
 	NOT-FOR-US: BtiTracker
-CVE-2007-5984 (classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 ...)
+CVE-2007-5984
 	NOT-FOR-US: AutoIndex
-CVE-2007-5983 (Cross-site scripting (XSS) vulnerability in index.php in Justin ...)
+CVE-2007-5983
 	NOT-FOR-US: AutoIndex
-CVE-2007-5982 (Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, ...)
+CVE-2007-5982
 	NOT-FOR-US: X7 Chat
-CVE-2007-5981 (Lantronix SCS3200 does not properly handle public-key requests, which ...)
+CVE-2007-5981
 	NOT-FOR-US: Lantronix
-CVE-2007-5980 (Cross-site scripting (XSS) vulnerability in home/rss.php in eggblog ...)
+CVE-2007-5980
 	NOT-FOR-US: eggblog
-CVE-2007-5979 (Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 ...)
+CVE-2007-5979
 	NOT-FOR-US: F5 Firepass
-CVE-2007-5978 (SQL injection vulnerability in brokenlink.php in the mylinks module ...)
+CVE-2007-5978
 	NOT-FOR-US: XOOPS
-CVE-2007-5977 (Cross-site scripting (XSS) vulnerability in db_create.php in ...)
+CVE-2007-5977
 	- phpmyadmin 4:2.11.2.1-1 (unimportant; bug #451465)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-5976 (SQL injection vulnerability in db_create.php in phpMyAdmin before ...)
+CVE-2007-5976
 	- phpmyadmin 4:2.11.2.1-1 (unimportant; bug #451465)
-CVE-2007-5975 (SQL injection vulnerability in index.php in TBSource, as used in (1) ...)
+CVE-2007-5975
 	NOT-FOR-US: TBSource
-CVE-2007-5974 (SQL injection vulnerability in mailer.php in JPortal 2 allows remote ...)
+CVE-2007-5974
 	NOT-FOR-US: JPortal
-CVE-2007-5973 (SQL injection vulnerability in articles.php in JPortal 2.3.1 and ...)
+CVE-2007-5973
 	NOT-FOR-US: JPortal
-CVE-2007-5972 (Double free vulnerability in the krb5_def_store_mkey function in ...)
+CVE-2007-5972
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: potential attackers must have privileges to store the krb5kdc master key
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5971 (Double free vulnerability in the gss_krb5int_make_seal_token_v3 ...)
+CVE-2007-5971
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5970 (MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote ...)
+CVE-2007-5970
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present referring to maintainer)
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg <removed>
 	NOTE: version in experimental is affected by this
 	NOTE: the debian maintainers do not yet have access to this issue: http://lists.mysql.com/packagers/377
-CVE-2007-5969 (MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x ...)
+CVE-2007-5969
 	{DSA-1451-1}
 	- mysql-dfsg-5.0 5.0.45-4 (low; bug #455010)
 	- mysql-dfsg-4.1 <removed>
@@ -1910,217 +1910,217 @@ CVE-2007-5968
 	REJECTED
 CVE-2007-5967
 	RESERVED
-CVE-2007-5966 (Integer overflow in the hrtimer_start function in kernel/hrtimer.c in ...)
+CVE-2007-5966
 	{DSA-1436-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-5965 (QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly ...)
+CVE-2007-5965
 	- qt4-x11 4.3.3-1
 	[etch] - qt4-x11 <not-affected> (Vulnerable code was introduced in 4.3)
 	- qt-x11-free <not-affected> (Vulnerable code was introduced in 4.3)
-CVE-2007-5964 (The default configuration of autofs 5 in some Linux distributions, ...)
+CVE-2007-5964
 	- autofs 3.1.4-8 (medium)
 	- autofs5 5.0.3-1
-CVE-2007-5963 (Unspecified vulnerability in kdebase allows local users to cause a ...)
+CVE-2007-5963
 	- kdebase <unfixed> (unimportant)
 	NOTE: This has only theoretical security impact
-CVE-2007-5962 (Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red ...)
+CVE-2007-5962
 	- vsftpd <not-affected> (Vulnerability in Red Hat-specific patch)
-CVE-2007-5961 (Cross-site scripting (XSS) vulnerability in the Red Hat Network ...)
+CVE-2007-5961
 	NOT-FOR-US: Red Hat Network channel search feature
-CVE-2007-5960 (Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the ...)
+CVE-2007-5960
 	{DSA-1506-1 DSA-1425-1 DSA-1424-1}
 	- iceweasel 2.0.0.10-1
 	- iceape 1.1.7-1
 	- xulrunner 1.8.1.11-1
 	NOTE: MFSA2007-39
-CVE-2007-5959 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
+CVE-2007-5959
 	{DSA-1506-1 DSA-1425-1 DSA-1424-1}
 	- iceweasel 2.0.0.10-1
 	- iceape 1.1.7-1
 	- xulrunner 1.8.1.11-1
 	NOTE: MFSA2007-38
-CVE-2007-5958 (X.Org Xserver before 1.4.1 allows local users to determine the ...)
+CVE-2007-5958
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-5957 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) ...)
+CVE-2007-5957
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2007-5956 (Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) ...)
+CVE-2007-5956
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2007-5955 (Cross-site scripting (XSS) vulnerability in updir.php in UPDIR.NET ...)
+CVE-2007-5955
 	NOT-FOR-US: UPDIR.NET
-CVE-2007-5954 (Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo ...)
+CVE-2007-5954
 	NOT-FOR-US: JLMForo System
-CVE-2007-5953 (Unspecified vulnerability in Really Simple CalDAV Store (RSCDS) before ...)
+CVE-2007-5953
 	NOT-FOR-US: Really Simple CalDAV Store
-CVE-2007-5952 (Cross-site scripting (XSS) vulnerability in admin/index.php in Helios ...)
+CVE-2007-5952
 	NOT-FOR-US: Helios Calendar
-CVE-2007-5951 (SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows ...)
+CVE-2007-5951
 	NOT-FOR-US: E-Vendejo
-CVE-2007-5950 (Cross-site scripting (XSS) vulnerability in NetCommons before 1.0.11, ...)
+CVE-2007-5950
 	NOT-FOR-US: NetCommons
-CVE-2007-5949 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk ...)
+CVE-2007-5949
 	NOT-FOR-US: IBM Tivoli Service Desk
-CVE-2007-5948 (Multiple cross-site scripting (XSS) vulnerabilities in main.php in ...)
+CVE-2007-5948
 	NOT-FOR-US: SF-Shoutbox
-CVE-2007-5947 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and ...)
+CVE-2007-5947
 	{DSA-1506-1 DSA-1425-1 DSA-1424-1}
 	- iceweasel 2.0.0.10-1 (low; bug #451624)
 	- iceape 1.1.7-1
 	- xulrunner 1.8.1.11-1
 	NOTE: MFSA2007-37
-CVE-2007-5946 (Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX ...)
+CVE-2007-5946
 	NOT-FOR-US: HP-UX
-CVE-2007-5945 (USVN before 0.6.5 allows remote attackers to obtain a list of ...)
+CVE-2007-5945
 	NOT-FOR-US: usvn
-CVE-2007-5944 (Cross-site scripting (XSS) vulnerability in Servlet Engine / Web ...)
+CVE-2007-5944
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-5943 (Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a ...)
+CVE-2007-5943
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-5942 (Bandersnatch 0.4 allows remote attackers to obtain sensitive ...)
+CVE-2007-5942
 	- bandersnatch <removed> (unimportant; bug #451365)
 	NOTE: Installation path disclosure not treated as a security issue
-CVE-2007-5941 (Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in ...)
+CVE-2007-5941
 	NOT-FOR-US: Adobe Shockwave
-CVE-2007-5940 (feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users ...)
+CVE-2007-5940
 	- texlive-bin 2005.dfsg.2-1
 	- feynmf 1.08-1
-CVE-2007-5939 (The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 ...)
+CVE-2007-5939
 	- heimdal <not-affected> (vulnerable code not present, ticketfile is just unlinked which is ok)
-CVE-2007-5938 (The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi ...)
+CVE-2007-5938
 	- linux-2.6 2.6.23-2
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: we ship the iwl code in /debian/patches/features/all/v7-iwlwifi-add-iwlwifi-wireless-drivers.patch
-CVE-2007-5937 (Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive ...)
+CVE-2007-5937
 	- texlive-bin 2007-13
 	[etch] - texlive-bin <no-dsa> (Minor issue)
-CVE-2007-5936 (dvips in teTeX and TeXlive 2007 and earlier allows local users to ...)
+CVE-2007-5936
 	- texlive-bin 2007-13
 	[etch] - texlive-bin <no-dsa> (Minor issue)
-CVE-2007-5935 (Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive ...)
+CVE-2007-5935
 	{DTSA-97-1}
 	- texlive-bin 2007.dfsg.1-1
 	[etch] - texlive-bin <no-dsa> (Minor issue)
-CVE-2007-5934 (The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request ...)
+CVE-2007-5934
 	- php-mdb2 2.5.0b2-1
-CVE-2007-5933 (Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to ...)
+CVE-2007-5933
 	{DTSA-89-1}
 	- pioneers 0.11.3-2 (low; bug #449541)
 	[etch] - pioneers <no-dsa> (Minor issue)
-CVE-2007-5932 (Multiple cross-site scripting (XSS) vulnerabilities in Fatwire Content ...)
+CVE-2007-5932
 	NOT-FOR-US: Fatwire Content Server
-CVE-2007-5931 (The reDirect function in lib/controllers/RepViewController.php in ...)
+CVE-2007-5931
 	NOT-FOR-US: OrangeHRM
-CVE-2007-5930 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+CVE-2007-5930
 	NOT-FOR-US: Cerberus Ftp Server
-CVE-2007-5929 (Buffer overflow in OpenBase 10.0.5 and earlier might allow remote ...)
+CVE-2007-5929
 	NOT-FOR-US: OpenBase
-CVE-2007-5928 (OpenBase 10.0.5 and earlier allows remote authenticated users to ...)
+CVE-2007-5928
 	NOT-FOR-US: OpenBase
-CVE-2007-5927 (Directory traversal vulnerability in OpenBase 10.0.5 and earlier ...)
+CVE-2007-5927
 	NOT-FOR-US: OpenBase
-CVE-2007-5926 (OpenBase 10.0.5 and earlier allows remote authenticated users to ...)
+CVE-2007-5926
 	NOT-FOR-US: OpenBase
-CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in the ...)
+CVE-2007-5925
 	{DSA-1413-1 DTSA-91-1}
 	- mysql-dfsg-5.0 5.0.45-3 (medium; bug #451235)
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg <removed>
-CVE-2007-5924 (Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task ...)
+CVE-2007-5924
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-5923 (Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in ...)
+CVE-2007-5923
 	NOT-FOR-US: eTrust SiteMinder Agent
-CVE-2007-5922 (The modules/mdop.m in the Cypress 1.0k script for BitchX, as ...)
+CVE-2007-5922
 	- ircii-pana <not-affected> (Does not ship this script)
-CVE-2007-5921 (Unspecified vulnerability in the ioctl interface in the Solaris Volume ...)
+CVE-2007-5921
 	NOT-FOR-US: Solaris
-CVE-2007-5920 (index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote ...)
+CVE-2007-5920
 	NOT-FOR-US: Domenico Mancini PicoFlat CMS
-CVE-2007-5919 (MyWebFTP, possibly 5.3.2, stores sensitive information under the web ...)
+CVE-2007-5919
 	NOT-FOR-US: MyWebFTP
-CVE-2007-5918 (Cross-site request forgery (CSRF) vulnerability in edit.php in the MS ...)
+CVE-2007-5918
 	NOT-FOR-US: MS TopSites
-CVE-2007-5917 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2007-5917
 	NOT-FOR-US: Skalinks
-CVE-2007-5916 (SQL injection vulnerability in the login page in phphelpdesk 0.6.16 ...)
+CVE-2007-5916
 	NOT-FOR-US: phphelpdesk
-CVE-2007-5915 (Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 ...)
+CVE-2007-5915
 	NOT-FOR-US: phphelpdesk
-CVE-2007-5914 (Direct static code injection vulnerability in ...)
+CVE-2007-5914
 	NOT-FOR-US: JBC Explorer
-CVE-2007-5913 (dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not ...)
+CVE-2007-5913
 	NOT-FOR-US: JBC Explorer
-CVE-2007-5912 (SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote ...)
+CVE-2007-5912
 	NOT-FOR-US: jPORTAL
-CVE-2007-5911 (Multiple stack-based buffer overflows in the AxMetaStream ActiveX ...)
+CVE-2007-5911
 	NOT-FOR-US: Viewpoint Media Player
-CVE-2007-5910 (Stack-based buffer overflow in Autonomy (formerly Verity) KeyView ...)
+CVE-2007-5910
 	NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others
-CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) ...)
+CVE-2007-5909
 	NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others
 CVE-2007-5908
 	REJECTED
-CVE-2007-5907 (Xen 3.1.1 does not prevent modification of the CR4 TSC from ...)
+CVE-2007-5907
 	- xen-3 3.1.2-1 (unimportant; bug #451626)
 	- xen-3.0 <removed> (unimportant)
 	NOTE: CONFIG_SECCOMP isn't activated in Debian kernels
-CVE-2007-5906 (Xen 3.1.1 allows virtual guest system users to cause a denial of ...)
+CVE-2007-5906
 	- xen-3 3.1.2-1 (medium; bug #451626)
 	- xen-3.0 <removed>
-CVE-2007-5905 (Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions ...)
+CVE-2007-5905
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2007-5904 (Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and ...)
+CVE-2007-5904
 	{DSA-1428-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
 	NOTE: Upstream commit 133672efbc1085f9af990bdc145e1822ea93bcf3
 CVE-2007-5903
 	RESERVED
-CVE-2007-5902 (Integer overflow in the svcauth_gss_get_principal function in ...)
+CVE-2007-5902
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5901 (Use-after-free vulnerability in the gss_indicate_mechs function in ...)
+CVE-2007-5901
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5900 (PHP before 5.2.5 allows local users to bypass protection mechanisms ...)
+CVE-2007-5900
 	NOTE: Apparently a dupe of CVE-2007-4659 due to temporary revoke of the patch
 	NOTE: from CVS and later re-introduction
 	NOTE: http://bugs.php.net/bug.php?id=41561
-CVE-2007-5899 (The output_add_rewrite_var function in PHP before 5.2.5 rewrites local ...)
+CVE-2007-5899
 	{DSA-1444-1}
 	- php5 5.2.5-1 (bug #453295)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/url_scanner_ex.re?r1=1.76.2.2.2.1&r2=1.76.2.2.2.2&view=patch
 	NOTE: fixed in php5/etch svn
-CVE-2007-5898 (The (1) htmlentities and (2) htmlspecialchars functions in PHP before ...)
+CVE-2007-5898
 	{DSA-1444-1}
 	- php5 5.2.5-1 (bug #453295)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/html.c?r1=1.111.2.2.2.14&r2=1.111.2.2.2.15&view=patch
 	NOTE: fixed in php5/etch svn
-CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, ...)
+CVE-2007-5897
 	NOT-FOR-US: Oracle
-CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of ...)
+CVE-2007-5896
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
 CVE-2007-5895
 	RESERVED
-CVE-2007-5894 (** DISPUTED ** ...)
+CVE-2007-5894
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5893 (HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote ...)
+CVE-2007-5893
 	NOT-FOR-US: Sockets Library
-CVE-2007-5892 (Stack-based buffer overflow in the pdg2.dll ActiveX control in ...)
+CVE-2007-5892
 	NOT-FOR-US: SSReader
-CVE-2007-5891 (Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ...)
+CVE-2007-5891
 	NOT-FOR-US: ManageEngine OpManager and OpManager
-CVE-2007-5890 (Directory traversal vulnerability in index.php in easyGB 2.1.1 allows ...)
+CVE-2007-5890
 	NOT-FOR-US: easyGB
-CVE-2007-5889 (Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha ...)
+CVE-2007-5889
 	NOT-FOR-US: IDMOS
-CVE-2007-5888 (Cross-site scripting (XSS) vulnerability in displayecard.php in ...)
+CVE-2007-5888
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-5887 (SQL injection vulnerability in boards/printer.asp in ASP Message Board ...)
+CVE-2007-5887
 	NOT-FOR-US: ASP Message Board
 CVE-2007-5886
 	RESERVED
@@ -2168,255 +2168,255 @@ CVE-2007-5865
 	RESERVED
 CVE-2007-5864
 	RESERVED
-CVE-2007-5863 (Software Update in Apple Mac OS X 10.5.1 allows remote attackers to ...)
+CVE-2007-5863
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-5862 (Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to ...)
+CVE-2007-5862
 	NOT-FOR-US: Cisco IP Phone 7940
-CVE-2007-5861 (Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 ...)
+CVE-2007-5861
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-5860 (Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 ...)
+CVE-2007-5860
 	NOT-FOR-US: Spin Tracer (Apple Mac OS X)
-CVE-2007-5859 (Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 ...)
+CVE-2007-5859
 	NOT-FOR-US: Safari RSS (Apple Mac OS X)
-CVE-2007-5858 (WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 ...)
+CVE-2007-5858
 	NOT-FOR-US: Safari (Apple Mac OS X)
-CVE-2007-5857 (Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from ...)
+CVE-2007-5857
 	NOT-FOR-US: Quick Look (Apple Mac OS X)
-CVE-2007-5856 (Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does ...)
+CVE-2007-5856
 	NOT-FOR-US: Quick Look (Apple Mac OS X)
-CVE-2007-5855 (Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has ...)
+CVE-2007-5855
 	NOT-FOR-US: Mail (Apple Mac OS X)
-CVE-2007-5854 (Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat ...)
+CVE-2007-5854
 	NOT-FOR-US: Launch Services (Apple Mac OS X)
-CVE-2007-5853 (Unspecified vulnerability in IO Storage Family in Apple Mac OS X ...)
+CVE-2007-5853
 	NOT-FOR-US: IO Storage Family (Apple Mac OS X)
 CVE-2007-5852
 	RESERVED
-CVE-2007-5851 (iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote ...)
+CVE-2007-5851
 	NOT-FOR-US: iChat (Apple Mac OS X)
-CVE-2007-5850 (Heap-based buffer overflow in Desktop Services in Apple Mac OS X ...)
+CVE-2007-5850
 	NOT-FOR-US: Desktop Services (Apple Mac OS X)
-CVE-2007-5849 (Integer underflow in the asn1_get_string function in the SNMP back end ...)
+CVE-2007-5849
 	{DSA-1437-1}
 	- cupsys 1.3.5-1 (medium; bug #457453)
 	- cups 1.3.5-1 (medium; bug #457453)
 	[sarge] - cupsys <not-affected> (Vulnerable code not present)
-CVE-2007-5848 (Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin ...)
+CVE-2007-5848
 	- cupsys 1.2.0
 	- cups 1.2.0
 	NOTE: This only affects the Cups 1.1 series
 	[sarge] - cupsys <no-dsa> (Minor issue, may only lead to an infinite loop)
-CVE-2007-5847 (Race condition in the CFURLWriteDataAndPropertiesToResource API in ...)
+CVE-2007-5847
 	NOT-FOR-US: Core Foundation (Apple Mac OS X)
-CVE-2007-5846 (The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote ...)
+CVE-2007-5846
 	{DSA-1483-1 DTSA-88-1}
 	- net-snmp 5.4.1~dfsg-1
 	NOTE: 5.4.1 already includes a fix by the upstream author
-CVE-2007-5845 (Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, ...)
+CVE-2007-5845
 	NOT-FOR-US: GuppY
-CVE-2007-5844 (Directory traversal vulnerability in inc/includes.inc in GuppY 4.6.3 ...)
+CVE-2007-5844
 	NOT-FOR-US: GuppY
-CVE-2007-5843 (PHP remote file inclusion vulnerability in includes/common.php in ...)
+CVE-2007-5843
 	NOT-FOR-US: scWiki
-CVE-2007-5842 (Multiple PHP remote file inclusion vulnerabilities in Vortex Portal ...)
+CVE-2007-5842
 	NOT-FOR-US: Vortex Portal
-CVE-2007-5841 (PHP remote file inclusion vulnerability in admin/index.php in nuBoard ...)
+CVE-2007-5841
 	NOT-FOR-US: nuBoard
-CVE-2007-5840 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5840
 	NOT-FOR-US: SyndeoCMS
-CVE-2007-5838 (Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 ...)
+CVE-2007-5838
 	NOT-FOR-US: Symantec
-CVE-2007-5837 (GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, ...)
+CVE-2007-5837
 	{DSA-1477-1}
 	- yarssr 0.2.2-3 (bug #448721)
-CVE-2007-5836 (SQL injection vulnerability in Amazing Flash AFCommerce allows remote ...)
+CVE-2007-5836
 	NOT-FOR-US: Amazing Flash AFCommerce
-CVE-2007-5835 (Install.php in BosDev BosNews 4 and 5 does not require authentication ...)
+CVE-2007-5835
 	NOT-FOR-US: BosDev BosNews
-CVE-2007-5834 (Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows ...)
+CVE-2007-5834
 	NOT-FOR-US: BosDev BosNews
-CVE-2007-5833 (Multiple cross-site scripting (XSS) vulnerabilities in BosDev ...)
+CVE-2007-5833
 	NOT-FOR-US: BosDev BosMarket Business Directory System
-CVE-2007-5832 (Unspecified vulnerability in selectLanguage.do in SSL-Explorer before ...)
+CVE-2007-5832
 	NOT-FOR-US: SSL-Explorer
-CVE-2007-5831 (Directory traversal vulnerability in fileSystem.do in SSL-Explorer ...)
+CVE-2007-5831
 	NOT-FOR-US: SSL-Explorer
-CVE-2007-5830 (Unspecified vulnerability in the administrative interface in Avaya ...)
+CVE-2007-5830
 	NOT-FOR-US: Avaya Messaging Storage Server
-CVE-2007-5829 (The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and ...)
+CVE-2007-5829
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2007-5828 (** DISPUTED ** ...)
+CVE-2007-5828
 	- python-django 1.2.1 (unimportant)
 	NOTE: this is documented in docs/csrf.txt included in the python-django package and
 	NOTE: there is a plugin enabling this feature. This is intended behaviour pre-1.2.
 	NOTE: https://docs.djangoproject.com/en/1.10/ref/csrf/#using-csrf
-CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...)
+CVE-2007-5827
 	{DTSA-106-1}
 	- iscsitarget 0.4.15-5 (bug #448873)
 	NOTE: init script has "dump" function, which marks conffile correctly
-CVE-2007-5826 (Absolute path traversal vulnerability in the EDraw Flowchart ActiveX ...)
+CVE-2007-5826
 	NOT-FOR-US: EDraw Flowchart
-CVE-2007-5825 (Format string vulnerability in the ws_addarg function in webserver.c ...)
+CVE-2007-5825
 	{DSA-1597-1}
 	- mt-daapd 0.9~r1696-1 (bug #459961)
-CVE-2007-5824 (webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier ...)
+CVE-2007-5824
 	{DSA-1597-1}
 	- mt-daapd 0.9~r1696-1.1 (bug #459961)
-CVE-2007-5823 (Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 ...)
+CVE-2007-5823
 	NOT-FOR-US: Ben Ng Scribe
-CVE-2007-5822 (Direct static code injection vulnerability in forum.php in Ben Ng ...)
+CVE-2007-5822
 	NOT-FOR-US: Ben Ng Scribe
-CVE-2007-5821 (Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and ...)
+CVE-2007-5821
 	NOT-FOR-US: DM Guestbook
-CVE-2007-5820 (Directory traversal vulnerability in index.php in Ax Developer CMS ...)
+CVE-2007-5820
 	NOT-FOR-US: Ax Developer CMS
-CVE-2007-5819 (IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak ...)
+CVE-2007-5819
 	NOT-FOR-US: IBM Tivoli
-CVE-2007-5818 (Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php ...)
+CVE-2007-5818
 	NOT-FOR-US: sBlog
-CVE-2007-5817 (dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote ...)
+CVE-2007-5817
 	NOT-FOR-US: CONTENTCustomizer
-CVE-2007-5816 (dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote ...)
+CVE-2007-5816
 	NOT-FOR-US: CONTENTCustomizer
-CVE-2007-5815 (Absolute path traversal vulnerability in the WebCacheCleaner ActiveX ...)
+CVE-2007-5815
 	NOT-FOR-US: WebCacheCleaner
-CVE-2007-5814 (Multiple buffer overflows in the SonicWall SSL-VPN NetExtender ...)
+CVE-2007-5814
 	NOT-FOR-US: SonicWall SSL-VPN NetExtender
-CVE-2007-5813 (Multiple directory traversal vulnerabilities in download.php in ...)
+CVE-2007-5813
 	NOT-FOR-US: ISPworker
-CVE-2007-5812 (Directory traversal vulnerability in ...)
+CVE-2007-5812
 	NOT-FOR-US: ModuleBuilder
-CVE-2007-5811 (** DISPUTED ** ...)
+CVE-2007-5811
 	NOT-FOR-US: phpMyConferences
-CVE-2007-5810 (Hitachi Web Server 01-00 through 03-00-01, as used by certain ...)
+CVE-2007-5810
 	NOT-FOR-US: Hitachi Web Server
-CVE-2007-5809 (Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 ...)
+CVE-2007-5809
 	NOT-FOR-US: Hitachi Web Server
-CVE-2007-5808 (Unspecified vulnerability in the Groupmax Collaboration - Schedule ...)
+CVE-2007-5808
 	NOT-FOR-US: Hitachi Groupmax Collaboration Portal
-CVE-2007-5807 (Buffer overflow in the register function in Ultra Star Reader ActiveX ...)
+CVE-2007-5807
 	NOT-FOR-US: SSReader
-CVE-2007-5806 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-5806
 	NOT-FOR-US: ILIAS
-CVE-2007-5805 (cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument ...)
+CVE-2007-5805
 	NOT-FOR-US: IBM AIX
-CVE-2007-5804 (cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument ...)
+CVE-2007-5804
 	NOT-FOR-US: IBM AIX
-CVE-2007-5803 (Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in ...)
+CVE-2007-5803
 	{DSA-1883-2 DSA-1883-1}
 	- nagios2 <removed> (low; bug #482445)
 	- nagios3 3.0.2-1 (low; bug #485439)
-CVE-2007-5802 (Directory traversal vulnerability in index.php in Firewolf ...)
+CVE-2007-5802
 	NOT-FOR-US: Firewolf Technologies Synergiser
-CVE-2007-5801 (Unspecified vulnerability in WORK system e-commerce before 4.0.2 has ...)
+CVE-2007-5801
 	NOT-FOR-US: WORK system e-commerce
-CVE-2007-5800 (Multiple PHP remote file inclusion vulnerabilities in the ...)
+CVE-2007-5800
 	NOT-FOR-US: BackUpWordPress
-CVE-2007-5799 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2007-5799
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-5798 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-5798
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-5797 (SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an ...)
+CVE-2007-5797
 	- geronimo <itp> (bug #481869)
-CVE-2007-5796 (Cross-site scripting (XSS) vulnerability in the management console in ...)
+CVE-2007-5796
 	NOT-FOR-US: Blue Coat ProxySG
-CVE-2007-5794 (Race condition in nss_ldap, when used in applications that are linked ...)
+CVE-2007-5794
 	{DSA-1430-1}
 	- libnss-ldap 256-1 (bug #453868)
-CVE-2007-5839 (The e_hostname function in commands.c in BitchX 1.1a allows local ...)
+CVE-2007-5839
 	- ircii-pana <removed> (low; bug #449149)
 	[etch] - ircii-pana <no-dsa> (Minor issue)
 	[sarge] - ircii-pana <no-dsa> (Minor issue)
-CVE-2007-5795 (The hack-local-variables function in Emacs before 22.2, when ...)
+CVE-2007-5795
 	{DTSA-79-1}
 	- emacs22 22.1+1-2.1 (medium; bug #449008)
 	NOTE: Emacs 21 is not affected
-CVE-2007-5793 (Stonesoft StoneGate IPS before 4.0 does not properly decode ...)
+CVE-2007-5793
 	NOT-FOR-US: Stonesoft StoneGate IPS
-CVE-2007-5792 (The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP ...)
+CVE-2007-5792
 	NOT-FOR-US: Vonage Motorola Phone Adapter
-CVE-2007-5791 (The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify ...)
+CVE-2007-5791
 	NOT-FOR-US: Vonage Motorola Phone Adapter
-CVE-2007-5790 (The Globe7 soft phone client 7.3 uses weak cryptography (reversed ...)
+CVE-2007-5790
 	NOT-FOR-US: Globe7 soft phone client
-CVE-2007-5789 (The Grandstream HT-488 0.1 allows remote attackers to cause a denial ...)
+CVE-2007-5789
 	NOT-FOR-US: Grandstream HT-488
-CVE-2007-5788 (Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows ...)
+CVE-2007-5788
 	NOT-FOR-US: Grandstream HT-488
-CVE-2007-5787 (Micro Login System 1.0 stores sensitive information under the web root ...)
+CVE-2007-5787
 	NOT-FOR-US: Micro Login System
-CVE-2007-5786 (Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 ...)
+CVE-2007-5786
 	NOT-FOR-US: GoSamba
-CVE-2007-5785 (SQL injection vulnerability in file.php in JobSite Professional 2.0 ...)
+CVE-2007-5785
 	NOT-FOR-US: JobSite
-CVE-2007-5784 (PHP remote file inclusion vulnerability in index.php in CaupoShop Pro ...)
+CVE-2007-5784
 	NOT-FOR-US: CaupoShop Pro
-CVE-2007-5783 (SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows ...)
+CVE-2007-5783
 	NOT-FOR-US: emagiC cms
-CVE-2007-5782 (Directory traversal vulnerability in dl.php in FireConfig 0.5 allows ...)
+CVE-2007-5782
 	NOT-FOR-US: FireConfig
-CVE-2007-5781 (PHP remote file inclusion vulnerability in inc/sige_init.php in Sige ...)
+CVE-2007-5781
 	NOT-FOR-US: Sige
-CVE-2007-5780 (PHP remote file inclusion vulnerability in pub/pub08_comments.php in ...)
+CVE-2007-5780
 	NOT-FOR-US: teatro
-CVE-2007-5779 (Buffer overflow in the GomManager (GomWeb Control) ActiveX control in ...)
+CVE-2007-5779
 	NOT-FOR-US: Gretech Online Movie Player
-CVE-2007-5778 (Mobile Spy (1) stores login credentials in cleartext under the ...)
+CVE-2007-5778
 	NOT-FOR-US: Mobile Spy
-CVE-2007-5777 (Blue-Collar Productions i-Gallery 3.4 stores sensitive information ...)
+CVE-2007-5777
 	NOT-FOR-US: Blue-Collar Productions i-Gallery
-CVE-2007-5776 (Directory traversal vulnerability in igallery.asp in Blue-Collar ...)
+CVE-2007-5776
 	NOT-FOR-US: Blue-Collar Productions i-Gallery
-CVE-2007-5775 (Unspecified vulnerability in BitDefender allows attackers to execute ...)
+CVE-2007-5775
 	NOT-FOR-US: BitDefender
-CVE-2007-5774 (index.php in the File Manager module in Flatnuke 3 allows remote ...)
+CVE-2007-5774
 	NOT-FOR-US: Flatnuke
-CVE-2007-5773 (Cross-site request forgery (CSRF) vulnerability in index.php in the ...)
+CVE-2007-5773
 	NOT-FOR-US: Flatnuke
-CVE-2007-5772 (Direct static code injection vulnerability in the download module in ...)
+CVE-2007-5772
 	NOT-FOR-US: Flatnuke
-CVE-2007-5771 (Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain ...)
+CVE-2007-5771
 	NOT-FOR-US: Flatnuke
-CVE-2007-5770 (The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, ...)
+CVE-2007-5770
 	{DSA-1412-1 DSA-1411-1 DSA-1410-1}
 	- ruby1.9 1.9.0+20071016-1
 	- ruby1.8 1.8.6.111-1 (low; bug #451374)
-CVE-2007-5769 (Double free vulnerability in the getreply function in ftp.c in netkit ...)
+CVE-2007-5769
 	- netkit-ftp <not-affected> (Vulnerable code not present)
-CVE-2007-5768 (The Globe7 soft phone client 7.3 sends username and password ...)
+CVE-2007-5768
 	NOT-FOR-US: Globe7 soft phone client
-CVE-2007-5767 (Heap-based buffer overflow in the Client Trust application ...)
+CVE-2007-5767
 	NOT-FOR-US: Geronimo Apache
-CVE-2007-5766 (SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite ...)
+CVE-2007-5766
 	NOT-FOR-US: Oracle
 CVE-2007-5765
 	RESERVED
-CVE-2007-5764 (Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, ...)
+CVE-2007-5764
 	NOT-FOR-US: IBM AIX
 CVE-2007-5763
 	REJECTED
-CVE-2007-5762 (NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, ...)
+CVE-2007-5762
 	NOT-FOR-US: Novell NetWare Client
-CVE-2007-5761 (The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 ...)
+CVE-2007-5761
 	NOT-FOR-US: Motorola netOctopus
-CVE-2007-5760 (Array index error in the XFree86-Misc extension in X.Org Xserver ...)
+CVE-2007-5760
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 CVE-2007-5759
 	REJECTED
-CVE-2007-5758 (Stack-based buffer overflow in db2dasrrm in the DB2 Administration ...)
+CVE-2007-5758
 	NOT-FOR-US: IBM DB2
-CVE-2007-5757 (Untrusted search path vulnerability in db2pd in IBM DB2 Universal ...)
+CVE-2007-5757
 	NOT-FOR-US: IBM DB2
-CVE-2007-5756 (Multiple array index errors in the bpf_filter_init function in NPF.SYS ...)
+CVE-2007-5756
 	NOT-FOR-US: WinPcap
-CVE-2007-5755 (Multiple stack-based buffer overflows in the AOL AmpX ActiveX control ...)
+CVE-2007-5755
 	NOT-FOR-US: AOL Radio
-CVE-2007-5754 (PHP remote file inclusion vulnerability in urlinn_includes/config.php ...)
+CVE-2007-5754
 	NOT-FOR-US: phpFaber
-CVE-2007-5753 (Unspecified vulnerability in Light FMan PHP (lfman or lightfman) ...)
+CVE-2007-5753
 	NOT-FOR-US: Light FMan PHP
-CVE-2007-5752 (adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does ...)
+CVE-2007-5752
 	NOT-FOR-US: PHP-AGTC Membership
 CVE-2007-5750
 	RESERVED
@@ -2424,13 +2424,13 @@ CVE-2007-5749
 	RESERVED
 CVE-2007-5748
 	RESERVED
-CVE-2007-5747 (Integer underflow in OpenOffice.org before 2.4 allows remote attackers ...)
+CVE-2007-5747
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
-CVE-2007-5746 (Integer overflow in OpenOffice.org before 2.4 allows remote attackers ...)
+CVE-2007-5746
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
-CVE-2007-5745 (Multiple heap-based buffer overflows in OpenOffice.org before 2.4 ...)
+CVE-2007-5745
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
 CVE-2007-5744
@@ -2438,197 +2438,197 @@ CVE-2007-5744
 CVE-2007-5743
 	RESERVED
 	- viewvc 1.0.3-2.1 (bug #416696)
-CVE-2007-5742 (Directory traversal vulnerability in the WML engine preprocessor for ...)
+CVE-2007-5742
 	{DSA-1421-1 DTSA-90-1}
 	- wesnoth 1:1.2.8-1 (medium; bug #453500)
-CVE-2007-5741 (Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers ...)
+CVE-2007-5741
 	{DSA-1405-2 DSA-1405-1}
 	- zope-cmfplone 2.5.2-2 (bug #449523)
 	[sarge] - zope-cmfplone <not-affected> (Upstream confirms that 2.0 branch is not vulnerable)
 	NOTE: Fix available:
 	NOTE: http://plone.org/about/security/advisories/cve-2007-5741
-CVE-2007-5740 (The format string protection mechanism in IMAPD for Perdition Mail ...)
+CVE-2007-5740
 	{DSA-1398-1 DTSA-84-1}
 	- perdition 1.17.1-1 (medium; bug #448853)
-CVE-2007-5751 (Liferea before 1.4.6 uses weak permissions (0644) for the ...)
+CVE-2007-5751
 	{DTSA-107-1}
 	- liferea 1.4.6-1 (low; bug #448850)
 	[etch] - liferea <not-affected> (backup feedlist introduced in 1.2.7)
 	[sarge] - liferea <not-affected> (backup feedlist introduced in 1.2.7)
 	NOTE: this file can contain credentials for rss feeds
-CVE-2007-5739 (Directory traversal vulnerability in ...)
+CVE-2007-5739
 	NOT-FOR-US: Korean GHBoard
-CVE-2007-5738 (The FlashUpload component in Korean GHBoard uses a client-side ...)
+CVE-2007-5738
 	NOT-FOR-US: Korean GHBoard
-CVE-2007-5737 (Unrestricted file upload vulnerability in component/upload.jsp in ...)
+CVE-2007-5737
 	NOT-FOR-US: Korean GHBoard
-CVE-2007-5736 (Unrestricted file upload vulnerability in upload.php in SeeBlick 1.0 ...)
+CVE-2007-5736
 	NOT-FOR-US: SeeBlick
-CVE-2007-5735 (eFileMan 7.1.0.87-88 stores sensitive information under the web root ...)
+CVE-2007-5735
 	NOT-FOR-US: eFileMan
-CVE-2007-5734 (Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows ...)
+CVE-2007-5734
 	NOT-FOR-US: eFileMan
-CVE-2007-5733 (Unrestricted file upload vulnerability in upload/upload.php in ...)
+CVE-2007-5733
 	NOT-FOR-US: Japanese PHP Gallery Hosting
-CVE-2007-5732 (Directory traversal vulnerability in downloadfile.php in eLouai's ...)
+CVE-2007-5732
 	NOT-FOR-US: eLouai's Force Download
-CVE-2007-5731 (Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and ...)
+CVE-2007-5731
 	- slide-webdavclient <not-affected> (Vulnerable code is only in the server part, but debian only has the client part)
-CVE-2007-5730 (Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly ...)
+CVE-2007-5730
 	{DSA-1284-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 72+dfsg-1
 	- linux-2.6 <not-affected> (vulnerability does not affected kernel module)
 	- linux-2.6.24 <not-affected> (vulnerability does not affected kernel module)
-CVE-2007-5729 (The NE2000 emulator in QEMU 0.8.2 allows local users to execute ...)
+CVE-2007-5729
 	{DSA-1284-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 72+dfsg-1
 	- linux-2.6 <not-affected> (vulnerability does not affected kernel module)
 	- linux-2.6.24 <not-affected> (vulnerability does not affected kernel module)
-CVE-2007-5728 (Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, ...)
+CVE-2007-5728
 	{DSA-1693-1}
 	- phppgadmin 4.1.3-0.1 (bug #449103; low)
-CVE-2007-5727 (Incomplete blacklist vulnerability in the stripScripts function in ...)
+CVE-2007-5727
 	NOT-FOR-US: OneOrZero Helpdesk
-CVE-2007-5726 (Unspecified vulnerability in the Stream Control Transmission Protocol ...)
+CVE-2007-5726
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5725 (Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop ...)
+CVE-2007-5725
 	NOT-FOR-US: Smart-Shop
-CVE-2007-5724 (Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live ...)
+CVE-2007-5724
 	NOT-FOR-US: Omnistar Live
-CVE-2007-5723 (Heap-based buffer overflow in the samp_send function in nuauth/sasl.c ...)
+CVE-2007-5723
 	{DTSA-82-1}
 	- nufw 2.2.7-1 (low)
 	[etch] - nufw <not-affected> (Vulnerable code not present)
-CVE-2007-5722 (Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx ...)
+CVE-2007-5722
 	NOT-FOR-US: GlobalLink
-CVE-2007-5721 (PHP remote file inclusion vulnerability in _theme/breadcrumb.php in ...)
+CVE-2007-5721
 	NOT-FOR-US: MySpacePros MySpace Resource Script
-CVE-2007-5720 (Unrestricted file upload vulnerability in the profiles script in ...)
+CVE-2007-5720
 	NOT-FOR-US: ProfileCMS
-CVE-2007-5719 (SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows ...)
+CVE-2007-5719
 	NOT-FOR-US: miniBB
-CVE-2007-5717 (Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded ...)
+CVE-2007-5717
 	NOT-FOR-US: Sun Fire
-CVE-2007-5716 (Unspecified vulnerability in the Internet Protocol (IP) functionality ...)
+CVE-2007-5716
 	NOT-FOR-US: Sun Solaris 10
-CVE-2007-5715 (DenyHosts 2.6 processes OpenSSH sshd &quot;not listed in AllowUsers&quot; log ...)
+CVE-2007-5715
 	- denyhosts 2.6-2 (low)
 	[etch] - denyhosts <no-dsa> (Minor issue)
 	NOTE: bug was fixed with 06_permit_rootlogin_no.dpatch
-CVE-2007-5714 (The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account ...)
+CVE-2007-5714
 	- mldonkey <not-affected> (Gentoo-specific packaging flaw)
-CVE-2007-5713 (Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for ...)
+CVE-2007-5713
 	NOT-FOR-US: Half-Life Server
-CVE-2007-5712 (The internationalization (i18n) framework in Django 0.91, 0.95, ...)
+CVE-2007-5712
 	{DSA-1640-1}
 	- python-django 0.96-1.1 (low; bug #448838)
-CVE-2007-5711 (Massive Entertainment World in Conflict 1.001 and earlier allows ...)
+CVE-2007-5711
 	NOT-FOR-US: Conflict
-CVE-2007-5710 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-5710
 	- wordpress 2.3.1-1 (unimportant)
 	NOTE: requires register_globals On, which we don't support
-CVE-2007-5709 (Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 ...)
+CVE-2007-5709
 	NOT-FOR-US: Sony SonicStage CONNECT Player
-CVE-2007-5718 (vobcopy 0.5.14 allows local users to append data to an arbitrary file, ...)
+CVE-2007-5718
 	- vobcopy 1.0.2-1 (low; bug #448319)
 	[etch] - vobcopy <no-dsa> (Minor issue)
 	[sarge] - vobcopy <no-dsa> (Minor issue)
-CVE-2007-5706 (Absolute path traversal vulnerability in download.php in Jeebles ...)
+CVE-2007-5706
 	NOT-FOR-US: Jeebles
-CVE-2007-5705 (Unspecified vulnerability in the Settings component in the ...)
+CVE-2007-5705
 	NOT-FOR-US: Jeebles
-CVE-2007-5704 (Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event ...)
+CVE-2007-5704
 	NOT-FOR-US: CodeWidgets
-CVE-2007-5703 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2007-5703
 	NOT-FOR-US: RSA KEON
-CVE-2007-5702 (Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions ...)
+CVE-2007-5702
 	NOT-FOR-US: SWAMP OpenSUSE
-CVE-2007-5701 (Incomplete blacklist vulnerability in the Certificate Authority (CA) ...)
+CVE-2007-5701
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-5700 (The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses ...)
+CVE-2007-5700
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-5699 (Stack-based buffer overflow in eIQNetworks Enterprise Security ...)
+CVE-2007-5699
 	NOT-FOR-US: eIQNetworks
-CVE-2007-5698 (Cross-site scripting (XSS) vulnerability in default.asp in CREApark ...)
+CVE-2007-5698
 	NOT-FOR-US: CREApark GOLD KOY PORTALI
-CVE-2007-5697 (Multiple PHP remote file inclusion vulnerabilities in PHP Image 1.2 ...)
+CVE-2007-5697
 	NOT-FOR-US: phpImage
-CVE-2007-5696 (PHP remote file inclusion vulnerability in includes.php in phpBasic ...)
+CVE-2007-5696
 	NOT-FOR-US: phpBasic
-CVE-2007-5695 (Open redirect vulnerability in command.php in SiteBar 3.3.8 allows ...)
+CVE-2007-5695
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #448690)
 	NOTE: there is no real exploit scenario
-CVE-2007-5694 (Absolute path traversal vulnerability in the translation module ...)
+CVE-2007-5694
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #447135)
-CVE-2007-5693 (Eval injection vulnerability in the translation module ...)
+CVE-2007-5693
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #447135)
-CVE-2007-5692 (Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 ...)
+CVE-2007-5692
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #448689)
-CVE-2007-5691 (ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers ...)
+CVE-2007-5691
 	- iceweasel 2.0.0.8-1 (unimportant)
 	NOTE: Browser crashes not treated as security problems
-CVE-2007-5690 (** DISPUTED ** ...)
+CVE-2007-5690
 	- zaptel 1:1.4.8~dfsg-1 (unimportant; bug #448763)
 	NOTE: zaptel does copy argv[1] into ifr_name but zaptel is not suid root or something
 	NOTE: similar so this is no security issue in Debian even if sethdl-new will segfault
-CVE-2007-5689 (The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) ...)
+CVE-2007-5689
 	- sun-java6 6-03-1 (medium)
 	- sun-java5 1.5.0-13-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the ...)
+CVE-2007-5688
 	NOT-FOR-US: Multi Host Forum Pro
-CVE-2007-5687 (Multiple buffer overflows in the rich text processing functionality in ...)
+CVE-2007-5687
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2007-5686 (initscripts in rPath Linux 1 sets insecure permissions for the ...)
+CVE-2007-5686
 	- shadow <unfixed> (unimportant)
 	NOTE: See #290803, on Debian LOG_UNKFAIL_ENAB in login.defs is set to no so
 	NOTE: unknown usernames are not recorded on login failures
-CVE-2007-5685 (The safe_path function in shttp before 0.0.5 allows remote attackers ...)
+CVE-2007-5685
 	NOT-FOR-US: shttp
-CVE-2007-5684 (Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and ...)
+CVE-2007-5684
 	- tikiwiki <removed>
-CVE-2007-5683 (Multiple cross-site scripting (XSS) vulnerabilities in TikiWiki ...)
+CVE-2007-5683
 	- tikiwiki <removed>
-CVE-2007-5682 (Incomplete blacklist vulnerability in tiki-graph_formula.php in ...)
+CVE-2007-5682
 	- tikiwiki <removed>
 CVE-2007-5681
 	RESERVED
 CVE-2007-5680
 	RESERVED
-CVE-2007-5707 (OpenLDAP before 2.3.39 allows remote attackers to cause a denial of ...)
+CVE-2007-5707
 	{DSA-1541-1}
 	- openldap2.3 2.3.38-1 (medium; bug #440632)
 	- openldap2.2 <removed>
 	- openldap2 <not-affected> (slapd not built)
-CVE-2007-5708 (slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, ...)
+CVE-2007-5708
 	{DSA-1541-1 DTSA-87-1}
 	- openldap2.3 2.3.39-1 (medium; bug #448644)
-CVE-2007-2983 (Multiple buffer overflows in the British Telecommunications Consumer ...)
+CVE-2007-2983
 	NOT-FOR-US: British Telecommunications Consumer webhelper
-CVE-2007-5679 (SQL injection vulnerability in index.php in DeeEmm.com DM CMS ...)
+CVE-2007-5679
 	NOT-FOR-US: DM CMS
-CVE-2007-5678 (SQL injection vulnerability in the Music module in phpBasic allows ...)
+CVE-2007-5678
 	NOT-FOR-US: phpBasic
-CVE-2007-5677 (Cross-site scripting (XSS) vulnerability in shoutbox/blocco.php in ...)
+CVE-2007-5677
 	NOT-FOR-US: Hackish
-CVE-2007-5676 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5676
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-5675 (Stack-based buffer overflow in the DebugPrint function in MultiXTpm ...)
+CVE-2007-5675
 	NOT-FOR-US: MultiXTpm Application Server
-CVE-2007-5674 (Directory traversal vulnerability in index.php in InstaGuide Weather ...)
+CVE-2007-5674
 	NOT-FOR-US: InstaGuide Weather
-CVE-2007-5673 (Cross-site scripting (XSS) vulnerability in cgi-bin/webif.exe in ifnet ...)
+CVE-2007-5673
 	NOT-FOR-US: ifnet WebIf
 CVE-2007-5672
 	RESERVED
-CVE-2007-5671 (HGFS.sys in the VMware Tools package in VMware Workstation 5.x before ...)
+CVE-2007-5671
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 CVE-2007-5670
 	REJECTED
@@ -2636,605 +2636,605 @@ CVE-2007-5669
 	RESERVED
 CVE-2007-5668
 	RESERVED
-CVE-2007-5667 (NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, ...)
+CVE-2007-5667
 	NOT-FOR-US: Novell Client
-CVE-2007-5666 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 ...)
+CVE-2007-5666
 	NOT-FOR-US: Adobe Reader
-CVE-2007-5665 (STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management ...)
+CVE-2007-5665
 	NOT-FOR-US: Novell ZENworks Endpoint Security Management
-CVE-2007-5664 (db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal ...)
+CVE-2007-5664
 	NOT-FOR-US: IBM DB2
-CVE-2007-5663 (Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to ...)
+CVE-2007-5663
 	NOT-FOR-US: Adobe Reader
 CVE-2007-5662
 	RESERVED
-CVE-2007-5661 (The Macrovision InstallShield InstallScript One-Click Install (OCI) ...)
+CVE-2007-5661
 	NOT-FOR-US: Macrovision InstallShield
-CVE-2007-5660 (Unspecified vulnerability in the Update Service ActiveX control in ...)
+CVE-2007-5660
 	NOT-FOR-US: MacroVision FLEXnet Connect and InstallShield 2008
-CVE-2007-5659 (Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and ...)
+CVE-2007-5659
 	NOT-FOR-US: Adobe Reader
-CVE-2007-5658 (Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and ...)
+CVE-2007-5658
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5657 (TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, ...)
+CVE-2007-5657
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5656 (TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, ...)
+CVE-2007-5656
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5655 (TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, ...)
+CVE-2007-5655
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5654 (LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger ...)
+CVE-2007-5654
 	NOT-FOR-US: LiteSpeed
-CVE-2007-5653 (The Component Object Model (COM) functions in PHP 5.x on Windows do ...)
+CVE-2007-5653
 	- php5 <not-affected> (windows only)
-CVE-2007-5652 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a ...)
+CVE-2007-5652
 	NOT-FOR-US: IBM DB2
-CVE-2007-5651 (Unspecified vulnerability in the Extensible Authentication Protocol ...)
+CVE-2007-5651
 	NOT-FOR-US: Cisco IOS
-CVE-2007-5650 (Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 ...)
+CVE-2007-5650
 	NOT-FOR-US: ReloadCMS
-CVE-2007-5649 (Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative ...)
+CVE-2007-5649
 	NOT-FOR-US: Creative Digital Resources SocketMail
-CVE-2007-5648 (Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in ...)
+CVE-2007-5648
 	NOT-FOR-US: rnote
-CVE-2007-5647 (Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 ...)
+CVE-2007-5647
 	NOT-FOR-US: SocketKB
-CVE-2007-5646 (SQL injection vulnerability in Sources/Search.php in Simple Machines ...)
+CVE-2007-5646
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-5644 (Lussumo Vanilla 1.1.3 and earlier does not require admin privileges ...)
+CVE-2007-5644
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2007-5643 (Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and ...)
+CVE-2007-5643
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2007-5642 (Multiple directory traversal vulnerabilities in PHP Project Management ...)
+CVE-2007-5642
 	NOT-FOR-US: PHP Project Management
-CVE-2007-5641 (Multiple PHP remote file inclusion vulnerabilities in PHP Project ...)
+CVE-2007-5641
 	NOT-FOR-US: PHP Project Management
-CVE-2007-5640 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional ...)
+CVE-2007-5640
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5639 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel ...)
+CVE-2007-5639
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5638 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional ...)
+CVE-2007-5638
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5637 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional ...)
+CVE-2007-5637
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5636 (Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote ...)
+CVE-2007-5636
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5635 (Multiple unspecified vulnerabilities in Salford Software Support ...)
+CVE-2007-5635
 	NOT-FOR-US: Salford Software Support Incident Tracke
-CVE-2007-5634 (Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on ...)
+CVE-2007-5634
 	NOT-FOR-US: SpeedFan
-CVE-2007-5633 (Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on ...)
+CVE-2007-5633
 	NOT-FOR-US: SpeedFan
-CVE-2007-5632 (Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 ...)
+CVE-2007-5632
 	NOT-FOR-US: Solaris
-CVE-2007-5631 (Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator ...)
+CVE-2007-5631
 	NOT-FOR-US: PeopleAggregator
-CVE-2007-5630 (SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS ...)
+CVE-2007-5630
 	NOT-FOR-US: BBsProcesS BBPortalS
-CVE-2007-5629 (Cross-site scripting (XSS) vulnerability in admin/logon.asp in ...)
+CVE-2007-5629
 	NOT-FOR-US: ShoppingTree CandyPress Store #
-CVE-2007-5628 (PHP remote file inclusion vulnerability in src/scripture.php in The ...)
+CVE-2007-5628
 	NOT-FOR-US: TOWeLS
-CVE-2007-5627 (PHP remote file inclusion vulnerability in content/fnc-readmail3.php ...)
+CVE-2007-5627
 	NOT-FOR-US: Socketmail
-CVE-2007-5626 (make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a ...)
+CVE-2007-5626
 	- bacula 5.0.0-1 (unimportant; bug #446809)
 	NOTE: this script needs the default database password and name needs to be set which
 	NOTE: would be a bigger problem in a non-trusted environment. Apart from
 	NOTE: this is documented in the bacula documentation
 	NOTE: Since bacula 5.0.0 "make_catalog_backup.pl" is used by default, which is not affected
-CVE-2007-5625 (Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site ...)
+CVE-2007-5625
 	NOT-FOR-US: Site Search SearchSimon Lite
-CVE-2007-5624 (Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 ...)
+CVE-2007-5624
 	{DSA-1883-2 DSA-1883-1}
 	- nagios2 2.9-1.1 (low; bug #448371)
-CVE-2007-5623 (Buffer overflow in the check_snmp function in Nagios Plugins ...)
+CVE-2007-5623
 	{DSA-1495-1}
 	- nagios-plugins 1.4.8-2.2 (medium; bug #448372)
 	[sarge] - nagios-plugins <not-affected> (Vulnerable code not present)
-CVE-2007-5622 (Double free vulnerability in the ftpprchild function in ftppr in ...)
+CVE-2007-5622
 	NOT-FOR-US: 3proxy
-CVE-2007-5621 (Multiple cross-site scripting (XSS) vulnerabilities in the Token ...)
+CVE-2007-5621
 	NOT-FOR-US: Token Drupal
 	NOTE: Token is not included in the drupal packages
-CVE-2007-5620 (Directory traversal vulnerability in admin/inc/help.php in ...)
+CVE-2007-5620
 	NOT-FOR-US: ZZ:FlashChat
-CVE-2007-5619 (Unspecified vulnerability in VMware Server before 1.0.4 causes user ...)
+CVE-2007-5619
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2007-5618 (Unquoted Windows search path vulnerability in the Authorization and ...)
+CVE-2007-5618
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
-CVE-2007-5617 (Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 ...)
+CVE-2007-5617
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2007-5616 (ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x ...)
+CVE-2007-5616
 	NOT-FOR-US: SSH Tectia Client and Server
-CVE-2007-5615 (CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows ...)
+CVE-2007-5615
 	- jetty 6.1.19-1 (low; bug #454529)
-CVE-2007-5614 (Mortbay Jetty before 6.1.6rc1 does not properly handle &quot;certain quote ...)
+CVE-2007-5614
 	- jetty 6.1.19-1 (low; bug #454529)
-CVE-2007-5613 (Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay ...)
+CVE-2007-5613
 	- jetty 6.1.19-1 (low; bug #454529)
-CVE-2007-5612 (CIM Server in IBM Director 5.20.1 and earlier allows remote attackers ...)
+CVE-2007-5612
 	NOT-FOR-US: IBM Director
 CVE-2007-5611
 	RESERVED
-CVE-2007-5610 (The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ...)
+CVE-2007-5610
 	NOT-FOR-US: ActiveX control
 CVE-2007-5609
 	RESERVED
-CVE-2007-5608 (The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX ...)
+CVE-2007-5608
 	NOT-FOR-US: ActiveX control
-CVE-2007-5607 (Buffer overflow in the RegistryString function in the ...)
+CVE-2007-5607
 	NOT-FOR-US: ActiveX control
-CVE-2007-5606 (Buffer overflow in the MoveFile function in the ...)
+CVE-2007-5606
 	NOT-FOR-US: ActiveX control
-CVE-2007-5605 (Buffer overflow in the GetFileTime function in the ...)
+CVE-2007-5605
 	NOT-FOR-US: ActiveX control
-CVE-2007-5604 (Buffer overflow in the ExtractCab function in the ...)
+CVE-2007-5604
 	NOT-FOR-US: ActiveX control
-CVE-2007-5603 (Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender ...)
+CVE-2007-5603
 	NOT-FOR-US: SonicWall SSL-VPN NetExtender
-CVE-2007-5602 (Multiple stack-based buffer overflows in SwiftView Viewer before ...)
+CVE-2007-5602
 	NOT-FOR-US: SwiftView Viewer
-CVE-2007-5601 (Stack-based buffer overflow in the Database Component in MPAMedia.dll ...)
+CVE-2007-5601
 	NOT-FOR-US: RealPlayer (windows only issue)
-CVE-2007-5600 (Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 ...)
+CVE-2007-5600
 	NOT-FOR-US: Artmedic CMS
-CVE-2007-5599 (Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow ...)
+CVE-2007-5599
 	NOT-FOR-US: awrate
-CVE-2007-5598 (Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x ...)
+CVE-2007-5598
 	- drupal5 <not-affected> (bug #447748)
 	- drupal <not-affected> (bug #447746)
 	NOTE: drupal weblinks is not included in the drupal package in debian
-CVE-2007-5597 (The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 ...)
+CVE-2007-5597
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5596 (The core Upload module in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 ...)
+CVE-2007-5596
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5595 (CRLF injection vulnerability in the drupal_goto function in ...)
+CVE-2007-5595
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5594 (Drupal 5.x before 5.3 does not apply its Drupal Forms API protection ...)
+CVE-2007-5594
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5593 (install.php in Drupal 5.x before 5.3, when the configured database ...)
+CVE-2007-5593
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5592 (Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 ...)
+CVE-2007-5592
 	NOT-FOR-US: awzMB
-CVE-2007-5591 (The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M ...)
+CVE-2007-5591
 	NOT-FOR-US: Nortel Enterprise VoIP-Core-CS
-CVE-2007-5590 (Multiple buffer overflows in Miranda before 0.7.1 allow remote ...)
+CVE-2007-5590
 	NOT-FOR-US: Miranda
-CVE-2007-5588 (Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 ...)
+CVE-2007-5588
 	{DTSA-103-1}
 	- mnogosearch 3.3.4-4.1 (low; bug #447753)
 	[sarge] - mnogosearch <no-dsa> (Minor issue)
 	[etch] - mnogosearch <no-dsa> (Minor issue)
-CVE-2007-5587 (Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as ...)
+CVE-2007-5587
 	NOT-FOR-US: Microsoft Windows
 CVE-2007-5586
 	REJECTED
-CVE-2007-5585 (xscreensaver 5.03 and earlier, when running without ...)
+CVE-2007-5585
 	{DTSA-83-1}
 	- xscreensaver 5.03-3.1 (medium; bug #448157)
 	[etch] - xscreensaver <not-affected> (Vulnerable code not present)
 	[sarge] - xscreensaver <not-affected> (Vulnerable code not present)
-CVE-2007-5584 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) ...)
+CVE-2007-5584
 	NOT-FOR-US: Cisco
-CVE-2007-5583 (Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers ...)
+CVE-2007-5583
 	NOT-FOR-US: Cisco IP Phone
-CVE-2007-5582 (Cross-site scripting (XSS) vulnerability in the login page in Cisco ...)
+CVE-2007-5582
 	NOT-FOR-US: Cisco
-CVE-2007-5581 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-5581
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2007-5580 (Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 ...)
+CVE-2007-5580
 	NOT-FOR-US: Cisco
-CVE-2007-5589 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2007-5589
 	{DSA-1403-1}
 	- phpmyadmin 4:2.11.1.2-1
-CVE-2007-5579 (login.php in Pligg CMS 9.5 uses a guessable confirmation code when ...)
+CVE-2007-5579
 	NOT-FOR-US: Pligg CMS
-CVE-2007-5578 (Basic Analysis and Security Engine (BASE) before 1.3.8 sends a ...)
+CVE-2007-5578
 	- acidbase 1.3.8 (low)
 	[etch] - acidbase <no-dsa> (Minor issue)
-CVE-2007-5577 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2007-5577
 	NOT-FOR-US: Joomla!
-CVE-2007-5576 (BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic ...)
+CVE-2007-5576
 	NOT-FOR-US: BEA Tuxedo
-CVE-2007-5575 (Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 ...)
+CVE-2007-5575
 	NOT-FOR-US: 1024 CMS
-CVE-2007-5574 (PHP remote file inclusion vulnerability in djpage.php in PHPDJ 0.5 ...)
+CVE-2007-5574
 	NOT-FOR-US: PHPDJPHPDJ
-CVE-2007-5573 (PHP remote file inclusion vulnerability in classes/core/language.php ...)
+CVE-2007-5573
 	- limesurvey <itp> (bug #472802)
-CVE-2007-5572 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simple ...)
+CVE-2007-5572
 	NOT-FOR-US: SPHPBlog
-CVE-2007-5571 (Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier, ...)
+CVE-2007-5571
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2007-5570 (Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, ...)
+CVE-2007-5570
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2007-5569 (Cisco PIX and ASA appliances with 7.1 and 7.2 software, when ...)
+CVE-2007-5569
 	NOT-FOR-US: Cisco
-CVE-2007-5568 (Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco ...)
+CVE-2007-5568
 	NOT-FOR-US: Cisco
-CVE-2007-5567 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5567
 	- moin <not-affected> (Does not contain the vulnerable code)
 	- karrigell <not-affected> (Does not contain the vulnerable code)
 	- knowledgeroot <not-affected> (Does not contain the vulnerable code)
-CVE-2007-5566 (** DISPUTED ** ...)
+CVE-2007-5566
 	NOT-FOR-US: PHPBlog
-CVE-2007-5565 (** DISPUTED ** ...)
+CVE-2007-5565
 	NOT-FOR-US: phpSCMS
-CVE-2007-5564 (Multiple cross-site scripting (XSS) vulnerabilities in NSSboard ...)
+CVE-2007-5564
 	NOT-FOR-US: NSSboard
-CVE-2007-5563 (Unspecified vulnerability in VirtueMart before 1.0.13 allows remote ...)
+CVE-2007-5563
 	NOT-FOR-US: VirtueMart
-CVE-2007-5562 (Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the ...)
+CVE-2007-5562
 	NOT-FOR-US: Netgear firmware
-CVE-2007-5561 (Format string vulnerability in the logging function in the Oracle OPMN ...)
+CVE-2007-5561
 	NOT-FOR-US: Oracle
-CVE-2007-5560 (Heap-based buffer overflow in the Juniper HTTP Service allows remote ...)
+CVE-2007-5560
 	NOT-FOR-US: Juniper HTTP Service
-CVE-2007-5559 (Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows ...)
+CVE-2007-5559
 	NOT-FOR-US: IBM ThinkVantage TPM Service
-CVE-2007-5558 (Integer overflow in the LG Mobile handset allows remote attackers to ...)
+CVE-2007-5558
 	NOT-FOR-US: LG Mobile handset
-CVE-2007-5557 (Unspecified vulnerability in the NEC mobile handset allows remote ...)
+CVE-2007-5557
 	NOT-FOR-US: NEC mobile handset
-CVE-2007-5556 (Unspecified vulnerability in the Avaya VoIP Handset allows remote ...)
+CVE-2007-5556
 	NOT-FOR-US: Avaya VoIP Handset
-CVE-2007-5555 (Unspecified vulnerability in Symantec Altiris Deployment Solution ...)
+CVE-2007-5555
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2007-5554 (Oracle allows remote attackers to obtain server memory contents via ...)
+CVE-2007-5554
 	NOT-FOR-US: Oracle
 CVE-2007-5553
 	REJECTED
-CVE-2007-5552 (Integer overflow in Cisco IOS allows remote attackers to execute ...)
+CVE-2007-5552
 	NOT-FOR-US: Cisco
-CVE-2007-5551 (Off-by-one error in Cisco IOS allows remote attackers to execute ...)
+CVE-2007-5551
 	NOT-FOR-US: Cisco
-CVE-2007-5550 (Unspecified vulnerability in Cisco IOS allows remote attackers to ...)
+CVE-2007-5550
 	NOT-FOR-US: Cisco
-CVE-2007-5549 (Unspecified vulnerability in Command EXEC in Cisco IOS allows local ...)
+CVE-2007-5549
 	NOT-FOR-US: Cisco
-CVE-2007-5548 (Multiple stack-based buffer overflows in Command EXEC in Cisco IOS ...)
+CVE-2007-5548
 	NOT-FOR-US: Cisco
-CVE-2007-5547 (Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote ...)
+CVE-2007-5547
 	NOT-FOR-US: Cisco
-CVE-2007-5546 (Multiple stack-based buffer overflows in TIBCO SmartPGM FX allow ...)
+CVE-2007-5546
 	NOT-FOR-US: TIBCO SmartPGM FX
-CVE-2007-5545 (Format string vulnerability in TIBCO SmartPGM FX allows remote ...)
+CVE-2007-5545
 	NOT-FOR-US: TIBCO SmartPGM FX
-CVE-2007-5544 (IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before ...)
+CVE-2007-5544
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-5543 (Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows ...)
+CVE-2007-5543
 	NOT-FOR-US: Miranda
-CVE-2007-5542 (Stack-based buffer overflow in Miranda IM 0.6.8 allows remote ...)
+CVE-2007-5542
 	NOT-FOR-US: Miranda
-CVE-2007-5541 (Unspecified vulnerability in Opera before 9.24, when using an ...)
+CVE-2007-5541
 	NOT-FOR-US: Opera
-CVE-2007-5540 (Unspecified vulnerability in Opera before 9.24 allows remote attackers ...)
+CVE-2007-5540
 	NOT-FOR-US: Opera
-CVE-2007-5539 (Unspecified vulnerability in Cisco Unified Intelligent Contact ...)
+CVE-2007-5539
 	NOT-FOR-US: Cisco
-CVE-2007-5538 (Buffer overflow in the Centralized TFTP File Locator Service in Cisco ...)
+CVE-2007-5538
 	NOT-FOR-US: Cisco
-CVE-2007-5537 (Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 ...)
+CVE-2007-5537
 	NOT-FOR-US: Cisco
-CVE-2007-5536 (Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX ...)
+CVE-2007-5536
 	NOT-FOR-US: HP-UX
-CVE-2007-5535 (Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown ...)
+CVE-2007-5535
 	NOT-FOR-US: RunCms
-CVE-2007-5534 (Unspecified vulnerability in the HCM component in Oracle PeopleSoft ...)
+CVE-2007-5534
 	NOT-FOR-US: Oracle
-CVE-2007-5533 (Unspecified vulnerability in the People Tools component in Oracle ...)
+CVE-2007-5533
 	NOT-FOR-US: Oracle
-CVE-2007-5532 (Unspecified vulnerability in the People Tools component in Oracle ...)
+CVE-2007-5532
 	NOT-FOR-US: Oracle
-CVE-2007-5531 (Unspecified vulnerability in Oracle Help for Web, as used in Oracle ...)
+CVE-2007-5531
 	NOT-FOR-US: Oracle
-CVE-2007-5530 (Unspecified vulnerability in the Database Control component in Oracle ...)
+CVE-2007-5530
 	NOT-FOR-US: Oracle
-CVE-2007-5529 (Unspecified vulnerability in the Oracle Self-Service Web Applications ...)
+CVE-2007-5529
 	NOT-FOR-US: Oracle
-CVE-2007-5528 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.2 ...)
+CVE-2007-5528
 	NOT-FOR-US: Oracle
-CVE-2007-5527 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2007-5527
 	NOT-FOR-US: Oracle
-CVE-2007-5526 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2007-5526
 	NOT-FOR-US: Oracle
-CVE-2007-5525 (Unspecified vulnerability in the Oracle Single Sign-On component in ...)
+CVE-2007-5525
 	NOT-FOR-US: Oracle
-CVE-2007-5524 (Unspecified vulnerability in the Oracle Single Sign-On component in ...)
+CVE-2007-5524
 	NOT-FOR-US: Oracle
-CVE-2007-5523 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2007-5523
 	NOT-FOR-US: Oracle
-CVE-2007-5522 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2007-5522
 	NOT-FOR-US: Oracle
-CVE-2007-5521 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2007-5521
 	NOT-FOR-US: Oracle
-CVE-2007-5520 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2007-5520
 	NOT-FOR-US: Oracle
-CVE-2007-5519 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2007-5519
 	NOT-FOR-US: Oracle
-CVE-2007-5518 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2007-5518
 	NOT-FOR-US: Oracle
-CVE-2007-5517 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2007-5517
 	NOT-FOR-US: Oracle
-CVE-2007-5516 (Unspecified vulnerability in the Oracle Process Mgmt &amp; Notification ...)
+CVE-2007-5516
 	NOT-FOR-US: Oracle
-CVE-2007-5515 (Unspecified vulnerability in the Spatial component in Oracle Database ...)
+CVE-2007-5515
 	NOT-FOR-US: Oracle
-CVE-2007-5514 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have ...)
+CVE-2007-5514
 	NOT-FOR-US: Oracle
-CVE-2007-5513 (The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, ...)
+CVE-2007-5513
 	NOT-FOR-US: Oracle
-CVE-2007-5512 (Unspecified vulnerability in the Oracle Database Vault component in ...)
+CVE-2007-5512
 	NOT-FOR-US: Oracle
-CVE-2007-5511 (SQL injection vulnerability in Workspace Manager for Oracle Database ...)
+CVE-2007-5511
 	NOT-FOR-US: Oracle
-CVE-2007-5510 (Multiple unspecified vulnerabilities in the Workspace Manager ...)
+CVE-2007-5510
 	NOT-FOR-US: Oracle
-CVE-2007-5509 (Unspecified vulnerability in the Spatial component in Oracle Database ...)
+CVE-2007-5509
 	NOT-FOR-US: Oracle
-CVE-2007-5508 (Multiple SQL injection vulnerabilities in the CTXSYS Intermedia ...)
+CVE-2007-5508
 	NOT-FOR-US: Oracle
-CVE-2007-5507 (The GIOP service in TNS Listener in the Oracle Net Services component ...)
+CVE-2007-5507
 	NOT-FOR-US: Oracle
-CVE-2007-5506 (The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, ...)
+CVE-2007-5506
 	NOT-FOR-US: Oracle
-CVE-2007-5505 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, ...)
+CVE-2007-5505
 	NOT-FOR-US: Oracle
-CVE-2007-5504 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and ...)
+CVE-2007-5504
 	NOT-FOR-US: Oracle
-CVE-2007-5503 (Multiple integer overflows in Cairo before 1.4.12 might allow remote ...)
+CVE-2007-5503
 	{DSA-1542-1 DTSA-96-1}
 	- libcairo 1.4.10-1.1 (medium; bug #453686)
-CVE-2007-5502 (The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does ...)
+CVE-2007-5502
 	NOT-FOR-US: OpenSSL Fips object module
-CVE-2007-5501 (The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux ...)
+CVE-2007-5501
 	- linux-2.6 2.6.23-1 (high)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.21)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=96a2d41a3e495734b63bff4e5dd0112741b93b38
-CVE-2007-5500 (The wait_task_stopped function in the Linux kernel before 2.6.23.8 ...)
+CVE-2007-5500
 	{DSA-1428-1}
 	- linux-2.6 2.6.23-2
 CVE-2007-5499
 	REJECTED
-CVE-2007-5498 (The Xen hypervisor block backend driver for Linux kernel 2.6.18, when ...)
+CVE-2007-5498
 	- xen-unstable <not-affected> (Vulnerable code not present)
 	- xen-3 <not-affected> (Vulnerable code not present)
-CVE-2007-5497 (Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 ...)
+CVE-2007-5497
 	{DSA-1422-1 DTSA-95-1}
 	- e2fsprogs 1.40.3-1 (bug #454760)
-CVE-2007-5496 (Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 ...)
+CVE-2007-5496
 	NOT-FOR-US: setroubleshoot
-CVE-2007-5495 (sealert in setroubleshoot 2.0.5 allows local users to overwrite ...)
+CVE-2007-5495
 	NOT-FOR-US: setroubleshoot
-CVE-2007-5494 (Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat ...)
+CVE-2007-5494
 	- linux-2.6 <not-affected> (RedHat specific patch)
-CVE-2007-5493 (The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows ...)
+CVE-2007-5493
 	NOT-FOR-US: Windows Mobile
-CVE-2007-5492 (Static code injection vulnerability in the translation module ...)
+CVE-2007-5492
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (bug #447135)
-CVE-2007-5491 (Directory traversal vulnerability in the translation module ...)
+CVE-2007-5491
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (bug #447135)
-CVE-2007-5490 (SQL injection vulnerability in default.asp in Okul Otomasyon Portal ...)
+CVE-2007-5490
 	NOT-FOR-US: Okul Otomasyon Portal
-CVE-2007-5489 (Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and ...)
+CVE-2007-5489
 	NOT-FOR-US: Artmedic CMS
-CVE-2007-5487 (Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 ...)
+CVE-2007-5487
 	NOT-FOR-US: COWON America jetAudioc
-CVE-2007-5486 (dotProject before 2.1 does not properly check privileges when invoking ...)
+CVE-2007-5486
 	NOT-FOR-US: dotProject
-CVE-2007-5485 (SQL injection vulnerability in index.php in the mg2 1.0 module for ...)
+CVE-2007-5485
 	NOT-FOR-US: KwsPHP
-CVE-2007-5484 (Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows ...)
+CVE-2007-5484
 	NOT-FOR-US: WWWISIS
-CVE-2007-5483 (Unspecified vulnerability in the Administrative Scripting Tools (such ...)
+CVE-2007-5483
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-5482 (Unspecified vulnerability in the FTP service in Sun ...)
+CVE-2007-5482
 	NOT-FOR-US: Sun firmware
-CVE-2007-5481 (Distributed Checksum Clearinghouse (DCC) 1.3.65 allows remote ...)
+CVE-2007-5481
 	- dcc <not-affected> (vulnerable code introduced in 1.3.65)
-CVE-2007-5480 (Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge ...)
+CVE-2007-5480
 	NOT-FOR-US: ZInnovaAge InnovaShop
-CVE-2007-5479 (Cross-site scripting (XSS) vulnerability in Search.asp in Xcomputer ...)
+CVE-2007-5479
 	NOT-FOR-US: Xcomputer
-CVE-2007-5478 (Cross-site scripting (XSS) vulnerability in projects in Nabh ...)
+CVE-2007-5478
 	NOT-FOR-US: Sbportal
-CVE-2007-5477 (Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod ...)
+CVE-2007-5477
 	NOT-FOR-US: djeyl.net WebMod
-CVE-2007-5476 (Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, ...)
+CVE-2007-5476
 	NOT-FOR-US: Opera specific flash vulnerability
-CVE-2007-5475 (Multiple buffer overflows in the Marvell wireless driver, as used in ...)
+CVE-2007-5475
 	NOT-FOR-US: Linksys WAP4400N Wi-Fi access point
-CVE-2007-5474 (The driver for the Linksys WRT350N Wi-Fi access point with firmware ...)
+CVE-2007-5474
 	NOT-FOR-US: Linksys WRT350N Wi-Fi access point
-CVE-2007-5473 (StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when ...)
+CVE-2007-5473
 	- mono <not-affected> (Windows-specific vulnerability)
-CVE-2007-5472 (Cross-site scripting (XSS) vulnerability in the Server component in CA ...)
+CVE-2007-5472
 	NOT-FOR-US: HIPS
-CVE-2007-5488 (Multiple SQL injection vulnerabilities in cdr_addon_mysql in ...)
+CVE-2007-5488
 	- asterisk-addons 1.4.4-1
-CVE-2007-5471 (libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in ...)
+CVE-2007-5471
 	- libgssapi 0.8-1
-CVE-2007-5470 (Microsoft Expression Media stores the catalog password in cleartext in ...)
+CVE-2007-5470
 	NOT-FOR-US: Microsoft Expression Media
-CVE-2007-5469 (** DISPUTED ** ...)
+CVE-2007-5469
 	- openser 1.3.0-1 (unimportant; bug #446956)
 	NOTE: should be only "exploitable" in local network with untrusted users
-CVE-2007-5468 (Cisco CallManager 5.1.1.3000-5 does not verify the Digest ...)
+CVE-2007-5468
 	NOT-FOR-US: Cisco
-CVE-2007-5467 (Integer overflow in eXtremail 2.1.1 and earlier allows remote ...)
+CVE-2007-5467
 	NOT-FOR-US: eXtremail
-CVE-2007-5466 (Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote ...)
+CVE-2007-5466
 	NOT-FOR-US: eXtremail
-CVE-2007-5465 (Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows ...)
+CVE-2007-5465
 	NOT-FOR-US: doop CMS
-CVE-2007-5464 (Stack-based buffer overflow in Live for Speed 0.5X10 and earlier ...)
+CVE-2007-5464
 	NOT-FOR-US: Live for Speed
-CVE-2007-5463 (ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta ...)
+CVE-2007-5463
 	NOT-FOR-US: ViArt Shop
-CVE-2007-5462 (Unspecified vulnerability in the Sun Solaris RPC services library ...)
+CVE-2007-5462
 	NOT-FOR-US: Solaris
-CVE-2007-5460 (Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak ...)
+CVE-2007-5460
 	NOT-FOR-US: Microsoft ActiveSync
-CVE-2007-5459 (Cross-site scripting (XSS) vulnerability in the sidebar HTML page in ...)
+CVE-2007-5459
 	NOT-FOR-US: MouseoverDictionary
-CVE-2007-5458 (SQL injection vulnerability in index.php in the newsletter module 1.0 ...)
+CVE-2007-5458
 	NOT-FOR-US: KwsPHP
-CVE-2007-5457 (Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle ...)
+CVE-2007-5457
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5456 (Microsoft Internet Explorer 7 and earlier allows remote attackers to ...)
+CVE-2007-5456
 	NOT-FOR-US: Internet Explorer
-CVE-2007-5455 (Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 ...)
+CVE-2007-5455
 	NOT-FOR-US: WWWISIS
-CVE-2007-5454 (Directory traversal vulnerability in index.php in PHP File Sharing ...)
+CVE-2007-5454
 	NOT-FOR-US: PHP File Sharing
-CVE-2007-5453 (Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow ...)
+CVE-2007-5453
 	NOT-FOR-US: Php-Stats
-CVE-2007-5452 (Multiple SQL injection vulnerabilities in php-stats.recjs.php in ...)
+CVE-2007-5452
 	NOT-FOR-US: Php-Stats
-CVE-2007-5451 (PHP remote file inclusion vulnerability in admin.color.php in the ...)
+CVE-2007-5451
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5450 (Unspecified vulnerability in Safari on the Apple iPod touch (aka ...)
+CVE-2007-5450
 	NOT-FOR-US: Apple firmware
-CVE-2007-5449 (SQL injection vulnerability in searchresult.php in Softbiz Recipes ...)
+CVE-2007-5449
 	NOT-FOR-US: Softbiz Recipes Portal Script
-CVE-2007-5448 (Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial ...)
+CVE-2007-5448
 	- madwifi 1:0.9.3.2-2 (medium; bug #446824)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch2
-CVE-2007-5447 (ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP ...)
+CVE-2007-5447
 	NOT-FOR-US: ionCube
-CVE-2007-5446 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-5446
 	NOT-FOR-US: PBEmail
-CVE-2007-5445 (Buffer overflow in the DB Software Laboratory VImpX (VImpAX1) ActiveX ...)
+CVE-2007-5445
 	NOT-FOR-US: VImpX
-CVE-2007-5444 (CMS Made Simple 1.1.3.1 allows remote attackers to obtain the full ...)
+CVE-2007-5444
 	NOT-FOR-US: CMS Made Simpe
-CVE-2007-5443 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
+CVE-2007-5443
 	NOT-FOR-US: CMS Made Simpe
-CVE-2007-5442 (CMS Made Simple 1.1.3.1 does not check the permissions assigned to ...)
+CVE-2007-5442
 	NOT-FOR-US: CMS Made Simpe
-CVE-2007-5441 (CMS Made Simple 1.1.3.1 does not check the permissions assigned to ...)
+CVE-2007-5441
 	NOT-FOR-US: CMS Made Simpe
-CVE-2007-5440 (** DISPUTED ** ...)
+CVE-2007-5440
 	NOT-FOR-US: Crs Manager
-CVE-2007-5439 (CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 ...)
+CVE-2007-5439
 	NOT-FOR-US: eTrust ITM
-CVE-2007-5438 (Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL ...)
+CVE-2007-5438
 	- vmware-package <not-affected> (Windows only)
-CVE-2007-5437 (The web console in CA (formerly Computer Associates) eTrust ITM ...)
+CVE-2007-5437
 	NOT-FOR-US: eTrust ITM
-CVE-2007-5436 (Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL ...)
+CVE-2007-5436
 	NOT-FOR-US: G DATA Antivirus
-CVE-2007-5435 (Unspecified vulnerability in CA ERwin Process Modeler (formerly ...)
+CVE-2007-5435
 	NOT-FOR-US: CA ERwin Process Modeler
-CVE-2007-5434 (Cross-site scripting (XSS) vulnerability in PRO-search 0.17.1 and ...)
+CVE-2007-5434
 	NOT-FOR-US: PRO-search
-CVE-2007-5433 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in ...)
+CVE-2007-5433
 	NOT-FOR-US: Site-Up
-CVE-2007-5432 (Stride 1.0 has a default administrator username of &quot;scott&quot; with the ...)
+CVE-2007-5432
 	NOT-FOR-US: Stride
-CVE-2007-5431 (include/imageupload.js in the MyFTPUploader module in Stride 1.0 ...)
+CVE-2007-5431
 	NOT-FOR-US: Stride module
-CVE-2007-5430 (Multiple SQL injection vulnerabilities in Stride 1.0 allow remote ...)
+CVE-2007-5430
 	NOT-FOR-US: Stride
-CVE-2007-5429 (Cross-site scripting (XSS) vulnerability in index.php in Nucleus 3.01 ...)
+CVE-2007-5429
 	NOT-FOR-US: Nucleus
-CVE-2007-5428 (Cross-site scripting (XSS) vulnerability in UMI CMS allows remote ...)
+CVE-2007-5428
 	NOT-FOR-US: UMI CMS
-CVE-2007-5427 (Cross-site scripting (XSS) vulnerability in the com_search component ...)
+CVE-2007-5427
 	NOT-FOR-US: Joomla!
-CVE-2007-5426 (Multiple cross-site scripting (XSS) vulnerabilities in ActiveKB NX ...)
+CVE-2007-5426
 	NOT-FOR-US: ActiveKB NX
-CVE-2007-5425 (SQL injection vulnerability in admin/index.php in Interspire ActiveKB ...)
+CVE-2007-5425
 	NOT-FOR-US: ActiveKB NX
-CVE-2007-5424 (The disable_functions feature in PHP 4 and 5 allows attackers to ...)
+CVE-2007-5424
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: if the function is blacklisted but not its alias it is a configuration
 	NOTE: issue of the site not a vulnerability in php
-CVE-2007-5423 (tiki-graph_formula.php in TikiWiki 1.9.8 allows remote attackers to ...)
+CVE-2007-5423
 	- tikiwiki <removed>
-CVE-2007-5422 (Unspecified vulnerability in &quot;Solaris Auditing&quot; in the Basic Security ...)
+CVE-2007-5422
 	NOT-FOR-US: Solaris Auditing
 CVE-2007-5421
 	REJECTED
-CVE-2007-5420 (The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote ...)
+CVE-2007-5420
 	NOT-FOR-US: 3Com 3CRWER100-75
-CVE-2007-5419 (The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an ...)
+CVE-2007-5419
 	NOT-FOR-US: 3Com 3CRWER100-75
-CVE-2007-5418 (Multiple PHP remote file inclusion vulnerabilities in CARE2X 2G 2.2 ...)
+CVE-2007-5418
 	NOT-FOR-US: CARE2X
-CVE-2007-5417 (Directory traversal vulnerability in index.php in boastMachine (aka ...)
+CVE-2007-5417
 	NOT-FOR-US: boastMachine
-CVE-2007-5416 (Drupal 5.2 and earlier does not properly unset variables when the ...)
+CVE-2007-5416
 	- drupal5 <unfixed> (unimportant; bug #446887)
 	- drupal <unfixed> (unimportant)
 	NOTE: The underlying PHP issue has been fixed in DSA 1206.
 	NOTE: Plus, register_globals is not supported in Debian
-CVE-2007-5415 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when ...)
+CVE-2007-5415
 	- iceweasel <removed> (unimportant)
 	NOTE: if you are on a site which allows UTF-7 sure you need to sanitize the
 	NOTE: equivalent strings in UTF-7
 	NOTE: referring to the mozilla security team this is a non-issue and a duplicate of
 	NOTE: CVE-2007-5414, mailed mitre
-CVE-2007-5414 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2007-5414
 	- iceweasel 2.0+dfsg-1
-CVE-2007-5413 (httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView ...)
+CVE-2007-5413
 	NOT-FOR-US: HP OpenView
-CVE-2007-5412 (Multiple PHP remote file inclusion vulnerabilities in the Quoc-Huy MP3 ...)
+CVE-2007-5412
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5411 (Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP ...)
+CVE-2007-5411
 	NOT-FOR-US: Linksys
-CVE-2007-5410 (PHP remote file inclusion vulnerability in admin.wmtrssreader.php in ...)
+CVE-2007-5410
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5409 (PHP remote file inclusion vulnerability in admin/nuseo_admin_d.php in ...)
+CVE-2007-5409
 	NOT-FOR-US: NuSEO
-CVE-2007-5408 (SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows ...)
+CVE-2007-5408
 	NOT-FOR-US: cpDynaLinks
-CVE-2007-5407 (Multiple PHP remote file inclusion vulnerabilities in the ...)
+CVE-2007-5407
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5406 (kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in ...)
+CVE-2007-5406
 	NOT-FOR-US: KeyView
-CVE-2007-5405 (Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the ...)
+CVE-2007-5405
 	NOT-FOR-US: KeyView
-CVE-2007-5404 (Layton HelpBox 3.7.1 generates different responses depending on ...)
+CVE-2007-5404
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5403 (Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox ...)
+CVE-2007-5403
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5402 (Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow ...)
+CVE-2007-5402
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5401 (Unrestricted file upload vulnerability in uploadrequest.asp in Layton ...)
+CVE-2007-5401
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5400 (Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling ...)
+CVE-2007-5400
 	NOT-FOR-US: RealPlayer
-CVE-2007-5399 (Multiple heap-based buffer overflows in emlsr.dll in the EML reader in ...)
+CVE-2007-5399
 	NOT-FOR-US: KeyView
-CVE-2007-5398 (Stack-based buffer overflow in the reply_netbios_packet function in ...)
+CVE-2007-5398
 	{DSA-1409-3 DSA-1409-2 DSA-1409-1}
 	- samba 3.0.27-1 (high)
-CVE-2007-5397 (Heap-based buffer overflow in the activePDF Server service (aka ...)
+CVE-2007-5397
 	NOT-FOR-US: activePDF Server
-CVE-2007-5396 (Format string vulnerability in the ext_yahoo_contact_added function in ...)
+CVE-2007-5396
 	NOT-FOR-US: Miranda
-CVE-2007-5395 (Stack-based buffer overflow in the separate_word function in ...)
+CVE-2007-5395
 	{DSA-1432-1}
 	- link-grammar 4.2.5-1 (medium; bug #450695)
-CVE-2007-5394 (Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 ...)
+CVE-2007-5394
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-5393 (Heap-based buffer overflow in the CCITTFaxStream::lookChar method in ...)
+CVE-2007-5393
 	{DSA-1537-1 DSA-1509-1 DSA-1480-1 DSA-1408-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
@@ -3251,7 +3251,7 @@ CVE-2007-5393 (Heap-based buffer overflow in the CCITTFaxStream::lookChar method
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- swftools 0.9.2+ds1-2
-CVE-2007-5392 (Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in ...)
+CVE-2007-5392
 	{DSA-1537-1 DSA-1509-1 DSA-1480-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
@@ -3269,94 +3269,94 @@ CVE-2007-5392 (Integer overflow in the DCTStream::reset method in xpdf/Stream.cc
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- swftools 0.9.2+ds1-2
-CVE-2007-5461 (Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through ...)
+CVE-2007-5461
 	{DSA-1453-1 DSA-1447-1}
 	- tomcat5.5 5.5.25-2 (low; bug #448664)
 	- tomcat5 <removed>
 	NOTE: patch: http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
-CVE-2007-5391 (Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 ...)
+CVE-2007-5391
 	NOT-FOR-US: HP Select Identity
-CVE-2007-5390 (PHP remote file inclusion vulnerability in index.php in PicoFlat CMS ...)
+CVE-2007-5390
 	NOT-FOR-US: PicoFlat
-CVE-2007-5389 (** DISPUTED ** ...)
+CVE-2007-5389
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5388 (Multiple PHP remote file inclusion vulnerabilities in WebDesktop 0.1 ...)
+CVE-2007-5388
 	NOT-FOR-US: WebDesktop
-CVE-2007-5387 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5387
 	NOT-FOR-US: Pindorama
-CVE-2007-5386 (Cross-site scripting (XSS) vulnerability in scripts/setup.php in ...)
+CVE-2007-5386
 	{DSA-1403-1}
 	- phpmyadmin 4:2.11.1.2-1 (bug #446451)
 	[sarge] - phpmyadmin <not-affected> (vulnerable script not present)
-CVE-2007-5385 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2007-5385
 	NOT-FOR-US: Thomson/Alcatel SpeedTouch 7G router
-CVE-2007-5384 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2007-5384
 	NOT-FOR-US: Thomson/Alcatel SpeedTouch 7G router
-CVE-2007-5383 (The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub ...)
+CVE-2007-5383
 	NOT-FOR-US: Thomson/Alcatel SpeedTouch 7G router
-CVE-2007-5382 (The conversion utility for converting CiscoWorks Wireless LAN Solution ...)
+CVE-2007-5382
 	NOT-FOR-US: CiscoWorks
-CVE-2007-5381 (Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco ...)
+CVE-2007-5381
 	NOT-FOR-US: Line Printer Daemon (LPD) Cisco
-CVE-2007-5380 (Session fixation vulnerability in Rails before 1.2.4, as used for Ruby ...)
+CVE-2007-5380
 	- rails 1.2.5-1
-CVE-2007-5379 (Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers ...)
+CVE-2007-5379
 	- rails 1.2.5-1
 	[etch] - rails <not-affected> (Vulnerable code not present)
-CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk ...)
+CVE-2007-5378
 	{DSA-1743-1 DSA-1416-1 DSA-1415-1}
 	- tk8.3 8.3.5-10 (medium; bug #446465)
 	- tk8.4 8.4.16-1 (medium)
 	- libtk-img 1.3-release-8 (medium)
-CVE-2007-5377 (The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file ...)
+CVE-2007-5377
 	- tramp <not-affected> (the version we ship still uses make-temp-file)
 	- emacs22 <not-affected> (the version we ship still uses make-temp-file)
 CVE-2007-5376
 	RESERVED
-CVE-2007-5375 (Interpretation conflict in the Sun Java Virtual Machine (JVM) allows ...)
+CVE-2007-5375
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5374 (cp_memberedit.php in LightBlog 8.4.1.1 does not check for ...)
+CVE-2007-5374
 	NOT-FOR-US: LightBlog
-CVE-2007-5373 (ldapscripts 1.4 and 1.7 sends a password as a command line argument ...)
+CVE-2007-5373
 	{DSA-1517-1 DTSA-68-1}
 	- ldapscripts 1.7.1-2 (bug #445582; medium)
-CVE-2007-5372 (Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through ...)
+CVE-2007-5372
 	- sql-ledger <unfixed> (unimportant; bug #446366)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-5371 (Multiple SQL injection vulnerabilities in mutate_content.dynamic.php ...)
+CVE-2007-5371
 	NOT-FOR-US: MODx
-CVE-2007-5370 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-5370
 	NOT-FOR-US: NetWin
-CVE-2007-5369 (The GetMagicNumberString function in Massive Entertainment World in ...)
+CVE-2007-5369
 	NOT-FOR-US: conflict
-CVE-2007-5368 (Multiple unspecified vulnerabilities in labeld in Trusted Extensions ...)
+CVE-2007-5368
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5367 (Unspecified vulnerability in the Virtual File System (VFS) in Sun ...)
+CVE-2007-5367
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5366 (The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application ...)
+CVE-2007-5366
 	NOT-FOR-US: Fujitsu Interstage Application Server
-CVE-2007-5365 (Stack-based buffer overflow in the cons_options function in options.c ...)
+CVE-2007-5365
 	{DSA-1388-3 DSA-1388-1}
 	- dhcp 2.0pl5dfsg1-20.2 (medium; bug #446354)
 	- dhcp3 <not-affected> (dhcp3 does enforce a fixed minimum paket size if it is lower, see line 513 in options.c)
 	NOTE: dhcp has a request for removal #446386
-CVE-2007-5364 (** DISPUTED ** ...)
+CVE-2007-5364
 	NOT-FOR-US: ViArt Shopping Cart
-CVE-2007-5363 (PHP remote file inclusion vulnerability in admin.panoramic.php in the ...)
+CVE-2007-5363
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5362 (Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde ...)
+CVE-2007-5362
 	NOT-FOR-US: Joomla! and mambo extension
-CVE-2007-5361 (The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and ...)
+CVE-2007-5361
 	NOT-FOR-US: Alcatel-Lucent OmniPCX Enterprise
-CVE-2007-5360 (Buffer overflow in OpenPegasus Management server, when compiled to use ...)
+CVE-2007-5360
 	NOT-FOR-US: OpenPegasus Management server
 CVE-2007-5359
 	RESERVED
-CVE-2007-5358 (Multiple buffer overflows in the voicemail functionality in Asterisk ...)
+CVE-2007-5358
 	- asterisk 1:1.4.13~dfsg-1 (medium)
 	[sarge] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
 	[etch] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
@@ -3364,59 +3364,59 @@ CVE-2007-5357
 	REJECTED
 CVE-2007-5356
 	REJECTED
-CVE-2007-5355 (The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet ...)
+CVE-2007-5355
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-5354
 	REJECTED
 CVE-2007-5353
 	REJECTED
-CVE-2007-5352 (Unspecified vulnerability in Local Security Authority Subsystem ...)
+CVE-2007-5352
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-5351 (Unspecified vulnerability in Server Message Block Version 2 (SMBv2) ...)
+CVE-2007-5351
 	NOT-FOR-US: Microsoft Vista
-CVE-2007-5350 (Unspecified vulnerability in the Windows Advanced Local Procedure Call ...)
+CVE-2007-5350
 	NOT-FOR-US: Microsoft Vista
 CVE-2007-5349
 	REJECTED
-CVE-2007-5348 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
+CVE-2007-5348
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-5347 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to ...)
+CVE-2007-5347
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-5346
 	REJECTED
 CVE-2007-5345
 	REJECTED
-CVE-2007-5344 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to ...)
+CVE-2007-5344
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-5343
 	REJECTED
-CVE-2007-5342 (The default catalina.policy in the JULI logging component in Apache ...)
+CVE-2007-5342
 	{DSA-1447-1}
 	- tomcat5.5 5.5.25-4 (low; bug #458237)
 	- tomcat5 <not-affected> (Vulnerable code not present)
-CVE-2007-5341 (Remote code execution in the Venkman script debugger in Mozilla ...)
+CVE-2007-5341
 	- iceweasel 2.0.0.8-1
-CVE-2007-5340 (Multiple vulnerabilities in the Javascript engine in Mozilla Firefox ...)
+CVE-2007-5340
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DSA-1391-1 DTSA-69-1 DTSA-71-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (high)
 	- xulrunner 1.8.1.9-1 (high)
 	- icedove 2.0.0.9-1 (low)
 	- iceape 1.1.5 (high)
 	NOTE: MFSA2007-29
-CVE-2007-5339 (Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, ...)
+CVE-2007-5339
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DSA-1391-1 DTSA-69-1 DTSA-71-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (high)
 	- xulrunner 1.8.1.9-1 (bug #447734; high)
 	- icedove 2.0.0.9-1 (low)
 	- iceape 1.1.5
 	NOTE: MFSA2007-29
-CVE-2007-5338 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ...)
+CVE-2007-5338
 	{DSA-1534-2 DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-35
-CVE-2007-5337 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when ...)
+CVE-2007-5337
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1
 	- xulrunner 1.8.1.9-1
@@ -3424,108 +3424,108 @@ CVE-2007-5337 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when .
 	NOTE: MFSA2007-34
 CVE-2007-5336
 	REJECTED
-CVE-2007-5335 (Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain ...)
+CVE-2007-5335
 	{DSA-1396-1}
 	- iceweasel 2.0.0.8-1 (low)
 	NOTE: Firefox 2.0-specific issue, doesn't affect xulrunner, iceape or icedove
 	NOTE: not mentioned in debian changelog, but mozilla #390983 confirms it went into 2.0.0.8
-CVE-2007-5334 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the ...)
+CVE-2007-5334
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-33
-CVE-2007-5333 (Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 ...)
+CVE-2007-5333
 	- tomcat5.5 5.5.26-1 (low; bug #465645)
 	- tomcat5 <removed>
-CVE-2007-5332 (Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd ...)
+CVE-2007-5332
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5331 (Queue.dll for the message queuing service (LQserver.exe) in CA ...)
+CVE-2007-5331
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5330 (The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through ...)
+CVE-2007-5330
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5329 (Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp ...)
+CVE-2007-5329
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5328 (The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 ...)
+CVE-2007-5328
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5327 (Stack-based buffer overflow in the RPC interface for the Message ...)
+CVE-2007-5327
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5326 (Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ...)
+CVE-2007-5326
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5325 (Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll ...)
+CVE-2007-5325
 	NOT-FOR-US: ARCServe BackUp
 CVE-2007-5324
 	REJECTED
-CVE-2007-5323 (The RepliStor Server Service in EMC Replistor 6.1.3 allows remote ...)
+CVE-2007-5323
 	NOT-FOR-US: RepliStor Server Service
-CVE-2007-5322 (Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX ...)
+CVE-2007-5322
 	NOT-FOR-US: Microsoft Visual FoxPro
-CVE-2007-5321 (Directory traversal vulnerability in index.php in Verlihub Control ...)
+CVE-2007-5321
 	NOT-FOR-US: Verlihub Control Panel
-CVE-2007-5320 (Multiple absolute path traversal vulnerabilities in Pegasus Imaging ...)
+CVE-2007-5320
 	NOT-FOR-US: Imaging ImagXpress
-CVE-2007-5319 (Unspecified vulnerability in the vuidmice STREAMS modules in Sun ...)
+CVE-2007-5319
 	NOT-FOR-US: Solaris
-CVE-2007-5318 (Unspecified vulnerability in preview.php in TYPOlight webCMS 2.4.6 ...)
+CVE-2007-5318
 	NOT-FOR-US: Typolight webCMS
 CVE-2007-5317
 	REJECTED
-CVE-2007-5316 (SQL injection vulnerability in browsecats.php in Softbiz Jobs and ...)
+CVE-2007-5316
 	NOT-FOR-US: Softbiz Jobs
-CVE-2007-5315 (PHP remote file inclusion vulnerability in common.php in LiveAlbum ...)
+CVE-2007-5315
 	NOT-FOR-US: LiveAlbum
-CVE-2007-5314 (PHP remote file inclusion vulnerability in system/funcs/xkurl.php in ...)
+CVE-2007-5314
 	NOT-FOR-US: xKiosk WEB
-CVE-2007-5313 (PHP remote file inclusion vulnerability in install/config.php in ...)
+CVE-2007-5313
 	NOT-FOR-US: Picturesolution
-CVE-2007-5312 (Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 ...)
+CVE-2007-5312
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2007-5311 (Directory traversal vulnerability in backend/admin-functions.php in ...)
+CVE-2007-5311
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2007-5310 (PHP remote file inclusion vulnerability in admin.wmtportfolio.php in ...)
+CVE-2007-5310
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2007-5309 (PHP remote file inclusion vulnerability in admin.wmtgallery.php in the ...)
+CVE-2007-5309
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5308 (SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) ...)
+CVE-2007-5308
 	NOT-FOR-US: phpHPm)
-CVE-2007-5307 (ELSEIF CMS Beta 0.6 does not properly unset variables when the input ...)
+CVE-2007-5307
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5306 (ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive ...)
+CVE-2007-5306
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5305 (Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta ...)
+CVE-2007-5305
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5304 (Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta ...)
+CVE-2007-5304
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5303 (Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS ...)
+CVE-2007-5303
 	NOT-FOR-US: SnewsCMS
-CVE-2007-5302 (Multiple cross-site scripting (XSS) vulnerabilities in HP System ...)
+CVE-2007-5302
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-5300 (Off-by-one error in the do_login_loop function in ...)
+CVE-2007-5300
 	{DSA-1452-1}
 	- wzdftpd 0.8.2-2.1 (medium; bug #446192)
-CVE-2007-5299 (Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, ...)
+CVE-2007-5299
 	NOT-FOR-US: SkaDate
-CVE-2007-5298 (Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion ...)
+CVE-2007-5298
 	NOT-FOR-US: CMS Creamotion
-CVE-2007-5297 (Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 ...)
+CVE-2007-5297
 	NOT-FOR-US: Minki
-CVE-2007-5296 (Multiple cross-site scripting (XSS) vulnerabilities in dblisttest.asp ...)
+CVE-2007-5296
 	NOT-FOR-US: dbList
-CVE-2007-5295 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-5295
 	NOT-FOR-US: Wikepage Opus
-CVE-2007-5294 (PHP remote file inclusion vulnerability in core/aural.php in IDMOS ...)
+CVE-2007-5294
 	NOT-FOR-US: IDMOS
-CVE-2007-5293 (Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta ...)
+CVE-2007-5293
 	NOT-FOR-US: IDMOS
-CVE-2007-5292 (Cross-site scripting (XSS) vulnerability in photos.cfm in Directory ...)
+CVE-2007-5292
 	NOT-FOR-US: Directory Image Gallery
-CVE-2007-5291 (Cross-site scripting (XSS) vulnerability in Edit.asp in DB Manager 2.0 ...)
+CVE-2007-5291
 	NOT-FOR-US: DB Manager
-CVE-2007-5290 (Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail ...)
+CVE-2007-5290
 	NOT-FOR-US: MailBee WebMail Pro
-CVE-2007-5289 (HP Mercury Quality Center (QC) 9.2 and earlier, and possibly ...)
+CVE-2007-5289
 	NOT-FOR-US: HP Mercury Quality Center
-CVE-2007-5301 (Buffer overflow in the vorbis_stream_info function in ...)
+CVE-2007-5301
 	{DSA-1538-1 DTSA-66-1}
 	- alsaplayer 0.99.80~rc4-1 (low; bug #446034)
 CVE-2007-5288
@@ -3538,195 +3538,195 @@ CVE-2007-5285
 	REJECTED
 CVE-2007-5284
 	REJECTED
-CVE-2007-5283 (The TSC Domain Manager in Hitachi TPBroker Object Transaction Monitor ...)
+CVE-2007-5283
 	NOT-FOR-US: Hitachi TPBroker
-CVE-2007-5282 (Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library ...)
+CVE-2007-5282
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-5281 (The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus ...)
+CVE-2007-5281
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-5280 (Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in ...)
+CVE-2007-5280
 	NOT-FOR-US: Appfuse
-CVE-2007-5279 (Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 ...)
+CVE-2007-5279
 	NOT-FOR-US: PowerArchiver
-CVE-2007-5278 (Zomplog 3.8.1 and earlier stores potentially sensitive information ...)
+CVE-2007-5278
 	NOT-FOR-US: Zomplog
-CVE-2007-5277 (Microsoft Internet Explorer 6 drops DNS pins based on failed ...)
+CVE-2007-5277
 	NOT-FOR-US: Internet Explorer
-CVE-2007-5276 (Opera 9 drops DNS pins based on failed connections to irrelevant TCP ...)
+CVE-2007-5276
 	NOT-FOR-US: Opera
-CVE-2007-5275 (The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause ...)
+CVE-2007-5275
 	- flashplugin-nonfree 9.0.115.0.1 (bug #449110)
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-5274 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and ...)
+CVE-2007-5274
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5273 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and ...)
+CVE-2007-5273
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5272 (SQL injection vulnerability in kategori.asp in Furkan Tastan Blog ...)
+CVE-2007-5272
 	NOT-FOR-US: Furkan Tastan Blog
-CVE-2007-5271 (Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS ...)
+CVE-2007-5271
 	NOT-FOR-US: Trionic Cite CMS
-CVE-2007-5270 (Unspecified vulnerability in the Boost module before 4.7.x-1.0, and ...)
+CVE-2007-5270
 	- drupal <not-affected> (does not ship this module)
-CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 ...)
+CVE-2007-5269
 	- libpng 1.2.15~beta5-3 (low; bug #446308)
 	[sarge] - libpng <no-dsa> (Minor issue)
 	[etch] - libpng 1.2.15~beta5-1+etch2
-CVE-2007-5268 (pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) ...)
+CVE-2007-5268
 	- libpng <not-affected> (Vulnerable code not present in Debian version, introduced in 1.2.19)
-CVE-2007-5267 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP ...)
+CVE-2007-5267
 	- libpng <not-affected> (vulnerable code not present)
 	NOTE: the version in Debian does not use strncpy to copy the buffer so this off-by-one
 	NOTE: is not present in this old version. Instead it allocates space for strlen(name)+1
 	NOTE: and uses strcpy(new_iccp_name, name) which is not nice but safe
-CVE-2007-5266 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP ...)
+CVE-2007-5266
 	- libpng <not-affected> (vulnerable code not present)
 	NOTE: the version in Debian does not use strncpy to copy the buffer so this off-by-one
 	NOTE: is not present in this old version. Instead it allocates space for strlen(name)+1
 	NOTE: and uses strcpy(new_iccp_name, name) which is not nice but safe
-CVE-2007-5265 (Multiple format string vulnerabilities in websrv.cpp in Dawn of Time ...)
+CVE-2007-5265
 	NOT-FOR-US: Dawn of Time
-CVE-2007-5264 (Battlefront Dropteam 1.3.3 and earlier sends the client's online ...)
+CVE-2007-5264
 	NOT-FOR-US: Battlefront
-CVE-2007-5263 (Multiple buffer overflows in Battlefront Dropteam 1.3.3 and earlier ...)
+CVE-2007-5263
 	NOT-FOR-US: Battlefront
-CVE-2007-5262 (Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 ...)
+CVE-2007-5262
 	NOT-FOR-US: Battlefront
-CVE-2007-5261 (Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote ...)
+CVE-2007-5261
 	NOT-FOR-US: MultiCart
-CVE-2007-5260 (ASP-CMS 1.0 stores sensitive information under the web root with ...)
+CVE-2007-5260
 	NOT-FOR-US: ASP-CMS
-CVE-2007-5259 (Cross-site request forgery (CSRF) vulnerability in Ilient SysAid ...)
+CVE-2007-5259
 	NOT-FOR-US: SysAid
-CVE-2007-5258 (PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha ...)
+CVE-2007-5258
 	NOT-FOR-US: FreeLog
-CVE-2007-5257 (Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control ...)
+CVE-2007-5257
 	NOT-FOR-US: EDraw Office Viewer
-CVE-2007-5256 (Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and ...)
+CVE-2007-5256
 	NOT-FOR-US: FSD
-CVE-2007-5255 (Cross-site scripting (XSS) vulnerability in Google Mini Search ...)
+CVE-2007-5255
 	NOT-FOR-US: Google Mini Search Appliance
-CVE-2007-5254 (VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions ...)
+CVE-2007-5254
 	NOT-FOR-US: VirusBlokAda Vba32 AntiVirus
-CVE-2007-5253 (c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote ...)
+CVE-2007-5253
 	NOT-FOR-US: Cart32
-CVE-2007-5252 (Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, ...)
+CVE-2007-5252
 	NOT-FOR-US: NetSupport Manager/School Student
-CVE-2007-5251 (Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 ...)
+CVE-2007-5251
 	NOT-FOR-US: Helm
-CVE-2007-5250 (The Windows dedicated server for the Unreal engine, as used by ...)
+CVE-2007-5250
 	NOT-FOR-US: Americas Army
-CVE-2007-5249 (Multiple buffer overflows in the logging function in the Unreal ...)
+CVE-2007-5249
 	NOT-FOR-US: Americas Army
-CVE-2007-5248 (Multiple format string vulnerabilities in the ID Software Doom 3 ...)
+CVE-2007-5248
 	NOT-FOR-US: Doom 3 engine
-CVE-2007-5247 (Multiple format string vulnerabilities in the Monolith Lithtech ...)
+CVE-2007-5247
 	NOT-FOR-US: Monolith engine
-CVE-2007-5246 (Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and ...)
+CVE-2007-5246
 	- firebird2.0 2.0.3.12981.ds1-1
 	- firebird1.5 <removed> (medium; bug #446472)
-CVE-2007-5245 (Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and ...)
+CVE-2007-5245
 	- firebird2.0 2.0.3.12981.ds1-1
 	- firebird1.5 <removed> (medium; bug #446475)
-CVE-2007-5244 (Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through ...)
+CVE-2007-5244
 	NOT-FOR-US: Borland InterBase
-CVE-2007-5243 (Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 ...)
+CVE-2007-5243
 	NOT-FOR-US: Borland InterBase
-CVE-2007-5242 (Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) ...)
+CVE-2007-5242
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-5241 (Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows ...)
+CVE-2007-5241
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-5240 (Visual truncation vulnerability in the Java Runtime Environment in Sun ...)
+CVE-2007-5240
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5239 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE ...)
+CVE-2007-5239
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5238 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE ...)
+CVE-2007-5238
 	- sun-java6 6-03-1 (unimportant)
 	- sun-java5 1.5.0-13-1 (unimportant)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
 	NOTE: Leaked information hardly sensitive
-CVE-2007-5237 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not ...)
+CVE-2007-5237
 	- sun-java6 6-03-1 (medium)
 	- sun-java5 1.5.0-13-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5236 (Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK ...)
+CVE-2007-5236
 	- sun-java6 <not-affected> (Windows only)
 	- sun-java5 <not-affected> (Windows only)
 	- openjdk-6 <not-affected> (Windows only)
-CVE-2007-5235 (Cross-site scripting (XSS) vulnerability in index.php in Uebimiau ...)
+CVE-2007-5235
 	NOT-FOR-US: Uebimiau
-CVE-2007-5234 (PHP remote file inclusion vulnerability in upload/common/footer.php in ...)
+CVE-2007-5234
 	NOT-FOR-US: Ossigeno CMS
-CVE-2007-5233 (SQL injection vulnerability in index.php in Web Template Management ...)
+CVE-2007-5233
 	NOT-FOR-US: Web Template Management System
-CVE-2007-5232 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and ...)
+CVE-2007-5232
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5231 (Unrestricted file upload vulnerability in admin/upload_files.php in ...)
+CVE-2007-5231
 	NOT-FOR-US: Zomplog
-CVE-2007-5230 (admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for ...)
+CVE-2007-5230
 	NOT-FOR-US: Zomplog
-CVE-2007-5229 (Cross-site request forgery (CSRF) vulnerability in the FeedBurner ...)
+CVE-2007-5229
 	NOT-FOR-US: FeedBurner FeedSmith wordpress plugin
-CVE-2007-5228 (Cross-site scripting (XSS) vulnerability in the subscription ...)
+CVE-2007-5228
 	- drupal <not-affected> (does not shipt this module)
-CVE-2007-5227 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-5227
 	NOT-FOR-US: BlackBoard Learning System
-CVE-2007-5226 (irc_server.c in dircproxy 1.2.0 and earlier allows remote attackers to ...)
+CVE-2007-5226
 	- dircproxy 1.0.5-5.1 (low; bug #445883)
 	[sarge] - dircproxy <no-dsa> (Minor issue)
 	[etch] - dircproxy 1.0.5-5etch1
-CVE-2007-5225 (Integer signedness error in FIFO filesystems (named pipes) on Sun ...)
+CVE-2007-5225
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5224 (inc/exif.inc.php in Original Photo Gallery 0.11.2 and earlier allows ...)
+CVE-2007-5224
 	NOT-FOR-US: Original Photo Gallery
-CVE-2007-5223 (Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network ...)
+CVE-2007-5223
 	NOT-FOR-US: AlstraSoft
-CVE-2007-5222 (SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) ...)
+CVE-2007-5222
 	NOT-FOR-US: MAXdev
-CVE-2007-5221 (PHP remote file inclusion vulnerability in mail/childwindow.inc.php in ...)
+CVE-2007-5221
 	NOT-FOR-US: Poppawid
-CVE-2007-5220 (SQL injection vulnerability in catalog.asp in ASP Product Catalog ...)
+CVE-2007-5220
 	NOT-FOR-US: ASP Product Catalog
-CVE-2007-5219 (Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ...)
+CVE-2007-5219
 	NOT-FOR-US: CyberLink Power DVD
-CVE-2007-5218 (Cross-site scripting (XSS) vulnerability in index.php in Don Barnes ...)
+CVE-2007-5218
 	NOT-FOR-US: Don Barnes DRBGuestbook
-CVE-2007-5217 (Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in ...)
+CVE-2007-5217
 	NOT-FOR-US: Altnet Download Manager
-CVE-2007-5216 (Multiple PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0 ...)
+CVE-2007-5216
 	NOT-FOR-US: eArk
-CVE-2007-5215 (Multiple PHP remote file inclusion vulnerabilities in Jacob Hinkle ...)
+CVE-2007-5215
 	NOT-FOR-US: GodSend
-CVE-2007-5214 (Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 ...)
+CVE-2007-5214
 	NOT-FOR-US: Axis Network Camera
-CVE-2007-5213 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS ...)
+CVE-2007-5213
 	NOT-FOR-US: Axis Network Camera
-CVE-2007-5212 (Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 ...)
+CVE-2007-5212
 	NOT-FOR-US: Axis Network Camera
-CVE-2007-5211 (Multiple cross-site scripting (XSS) vulnerabilities in Arbor Networks ...)
+CVE-2007-5211
 	NOT-FOR-US: Peakflow
-CVE-2007-5210 (Arbor Networks Peakflow SP before 3.5.1 patch 14, and 3.6.x before ...)
+CVE-2007-5210
 	NOT-FOR-US: Peakflow
-CVE-2007-5209 (Stack-based buffer overflow in DriveLock.exe in CenterTools DriveLock ...)
+CVE-2007-5209
 	NOT-FOR-US: CenterTools
-CVE-2007-5208 (hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) ...)
+CVE-2007-5208
 	{DSA-1462-1 DTSA-72-1}
 	- hplip 1.6.10-4.3 (medium; bug #447341)
 	[sarge] - hplip <not-affected> (This code was using smtp directly)
@@ -3740,118 +3740,118 @@ CVE-2007-5203
 	RESERVED
 CVE-2007-5202
 	RESERVED
-CVE-2007-5201 (The FTP backend for Duplicity before 0.4.9 sends the password as a ...)
+CVE-2007-5201
 	- duplicity 0.4.3-2 (low; bug #442840)
 	[etch] - duplicity <not-affected> (Vulnerable code introduced in 0.4.3)
 	[sarge] - duplicity <not-affected> (Vulnerable code introduced in 0.4.3)
 	NOTE: ftp is an inherently insecure protocol, any security-sensitive data would
 	NOTE: be transferred through the scp, sftp or rsync backends.
 	NOTE: http://lists.debian.org/debian-release/2008/01/msg00190.html
-CVE-2007-5200 (hugin, as used on various operating systems including SUSE openSUSE ...)
+CVE-2007-5200
 	{DTSA-74-1}
 	- hugin 0.6.1-1.1 (low; bug #447344)
 	[etch] - hugin <no-dsa> (Minor issue)
-CVE-2007-5199 (A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows ...)
+CVE-2007-5199
 	- libxfont 1:1.3.2-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=327854
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef
-CVE-2007-5198 (Buffer overflow in the redir function in check_http.c in Nagios ...)
+CVE-2007-5198
 	{DSA-1495-1 DTSA-67-1}
 	- nagios-plugins 1.4.8-2.2 (low; bug #445475)
 	NOTE: Requires the webserver, which has to be checked, to be compromised
-CVE-2007-5197 (Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and ...)
+CVE-2007-5197
 	{DSA-1397-1 DTSA-76-1}
 	- mono 1.2.5.1-2
-CVE-2007-5196 (Unspecified vulnerability in the SSL implementation in Groupwise ...)
+CVE-2007-5196
 	NOT-FOR-US: novell-groupwise-client
-CVE-2007-5195 (Unspecified vulnerability in the SSL implementation in Groupwise ...)
+CVE-2007-5195
 	NOT-FOR-US: novell-groupwise-client
-CVE-2007-5194 (The Chroot server in rMake 1.0.11 creates a /dev/zero device file with ...)
+CVE-2007-5194
 	NOT-FOR-US: rMake
 CVE-2007-5192
 	RESERVED
-CVE-2007-5191 (mount and umount in util-linux and loop-aes-utils call the setuid and ...)
+CVE-2007-5191
 	{DSA-1450-1 DSA-1449-1 DTSA-64-1 DTSA-70-1}
 	- util-linux 2.13-8 (low)
 	- loop-aes-utils 2.13-2 (low)
-CVE-2007-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Alcatel ...)
+CVE-2007-5190
 	NOT-FOR-US: Alcatel OmniVista
-CVE-2007-5189 (Multiple SQL injection vulnerabilities in mes_add.php in x-script ...)
+CVE-2007-5189
 	NOT-FOR-US: X-Script
-CVE-2007-5188 (Unspecified vulnerability in the XOOPS uploader class in Xoops ...)
+CVE-2007-5188
 	NOT-FOR-US: Xoops
-CVE-2007-5187 (SQL injection vulnerability in ...)
+CVE-2007-5187
 	NOT-FOR-US: Php-Fusion
-CVE-2007-5186 (PHP remote file inclusion vulnerability in index.php in Segue CMS ...)
+CVE-2007-5186
 	NOT-FOR-US: Segue CMS
-CVE-2007-5185 (Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 ...)
+CVE-2007-5185
 	NOT-FOR-US: phpWCMS XT
-CVE-2007-5184 (Format string vulnerability in the SMBDirList function in dirlist.c in ...)
+CVE-2007-5184
 	NOT-FOR-US: smbFtpd
-CVE-2007-5183 (Cross-site scripting (XSS) vulnerability in Mailbox.mws in ...)
+CVE-2007-5183
 	NOT-FOR-US: OdysseySuite
-CVE-2007-5182 (Cross-site scripting (XSS) vulnerability in mail.asp in Netkamp Emlak ...)
+CVE-2007-5182
 	NOT-FOR-US: Netkamp Emlak Scripti
-CVE-2007-5181 (SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti ...)
+CVE-2007-5181
 	NOT-FOR-US: Netkamp Emlak Scripti
-CVE-2007-5180 (Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow ...)
+CVE-2007-5180
 	NOT-FOR-US: Ohesa Emlak Portali
-CVE-2007-5179 (Multiple cross-site scripting (XSS) vulnerabilities in iletisim.asp in ...)
+CVE-2007-5179
 	NOT-FOR-US: Iletisim Formu
-CVE-2007-5178 (contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB ...)
+CVE-2007-5178
 	NOT-FOR-US: mxBB
-CVE-2007-5177 (SQL injection vulnerability in index.php in the MambAds (com_mambads) ...)
+CVE-2007-5177
 	NOT-FOR-US: Mambo extension
-CVE-2007-5176 (Multiple cross-site scripting (XSS) vulnerabilities in GroupLink ...)
+CVE-2007-5176
 	NOT-FOR-US: eHelpDesk
-CVE-2007-5175 (PHP remote file inclusion vulnerability lib/base.php in actSite 1.991 ...)
+CVE-2007-5175
 	NOT-FOR-US: actSite
-CVE-2007-5174 (Directory traversal vulnerability in phpinc/news.php in actSite 1.56 ...)
+CVE-2007-5174
 	NOT-FOR-US: actSite
-CVE-2007-5173 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5173
 	NOT-FOR-US: phpBB Openid
-CVE-2007-5207 (guilt 0.27 allows local users to overwrite arbitrary files via a ...)
+CVE-2007-5207
 	- guilt 0.27-1.2 (medium; bug #445308)
-CVE-2007-5193 (The default configuration for twiki 4.1.2 on Debian GNU/Linux, and ...)
+CVE-2007-5193
 	- twiki 1:4.1.2-3 (bug #444982; low)
 	[etch] - twiki <no-dsa> (Minor packaging flaw, doesn't warrant an update)
-CVE-2007-5172 (Quicksilver Forums before 1.4.1 allows remote attackers to obtain ...)
+CVE-2007-5172
 	NOT-FOR-US: Quicksilver Forums
-CVE-2007-5171 (Unspecified vulnerability in Quicksilver Forums before 1.4.1 allows ...)
+CVE-2007-5171
 	NOT-FOR-US: Quicksilver Forums
-CVE-2007-5170 (Unspecified vulnerability in the embedded service processor (SP) ...)
+CVE-2007-5170
 	NOT-FOR-US: Sun Fire
-CVE-2007-5169 (Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and ...)
+CVE-2007-5169
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-5168 (Multiple PHP remote file inclusion vulnerabilities in ClanLite ...)
+CVE-2007-5168
 	NOT-FOR-US: Clan lite
-CVE-2007-5167 (PHP remote file inclusion vulnerability in .systeme/fonctions.php in ...)
+CVE-2007-5167
 	NOT-FOR-US: phpLister
-CVE-2007-5166 (Multiple PHP remote file inclusion vulnerabilities in SiteSys 1.0a ...)
+CVE-2007-5166
 	NOT-FOR-US: SiteSys
-CVE-2007-5165 (** DISPUTED ** ...)
+CVE-2007-5165
 	NOT-FOR-US: myIpacNG-stats
-CVE-2007-5164 (** DISPUTED ** ...)
+CVE-2007-5164
 	NOT-FOR-US: UniversiBO
-CVE-2007-5163 (** DISPUTED ** ...)
+CVE-2007-5163
 	NOT-FOR-US: nexty
-CVE-2007-5162 (The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) ...)
+CVE-2007-5162
 	{DSA-1412-1 DSA-1411-1 DSA-1410-1}
 	- ruby1.9 1.9.0+20071016-1 (low)
 	- ruby1.8 1.8.6.111-1 (low; bug #444929)
 	NOTE: fix for 1.8 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504
-CVE-2007-5161 (Cross-zone scripting vulnerability in the internal browser in ...)
+CVE-2007-5161
 	NOT-FOR-US: Feedreader 3
 	NOTE: editor not included in native wordpress
-CVE-2007-5160 (Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche ...)
+CVE-2007-5160
 	NOT-FOR-US: Thierry Leriche Restaurant Management System
-CVE-2007-5159 (The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g ...)
+CVE-2007-5159
 	- ntfs-3g 1:1.913-2 (medium; bug #445315)
-CVE-2007-5158 (The focus handling for the onkeydown event in Microsoft Internet ...)
+CVE-2007-5158
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-5157 (PHP remote file inclusion vulnerability in phfito-post.php in Alex ...)
+CVE-2007-5157
 	NOT-FOR-US: PHP Fidonet Tosser
-CVE-2007-5156 (Incomplete blacklist vulnerability in ...)
+CVE-2007-5156
 	- knowledgeroot 0.9.8.4-1.1 (unimportant; bug #444928)
 	- moin 1.5.8-4.1 (unimportant)
 	NOTE: This problem should rather be addressed by proper httpd config
@@ -3860,174 +3860,174 @@ CVE-2007-5156 (Incomplete blacklist vulnerability in ...)
 	- gforge 4.6.99+svn6169-1 (low; bug #447590)
 	[etch] - gforge <not-affected> (fckeditor is not shipped in these versions)
 	[sarge] - gforge <not-affected> (fckeditor is not shipped in these versions)
-CVE-2007-5155 (IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect ...)
+CVE-2007-5155
 	NOT-FOR-US: ICEOWS
-CVE-2007-5154 (Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and ...)
+CVE-2007-5154
 	NOT-FOR-US: Aipo
-CVE-2007-5153 (Unspecified vulnerability in Sun Java System Access Manager 7.1, when ...)
+CVE-2007-5153
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-5152 (Sun Java System Access Manager 7.1, when installed in a Sun Java ...)
+CVE-2007-5152
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-5151 (SQL injection vulnerability in the abget_admin function in ...)
+CVE-2007-5151
 	NOT-FOR-US: NukeSentinel
-CVE-2007-5150 (SQL injection vulnerability in the is_god function in ...)
+CVE-2007-5150
 	NOT-FOR-US: NukeSentinel
-CVE-2007-5149 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5149
 	NOT-FOR-US: North Country Public Radio Public Media Manager
-CVE-2007-5148 (** DISPUTED ** ...)
+CVE-2007-5148
 	NOT-FOR-US: FrontAccounting
-CVE-2007-5147 (Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS ...)
+CVE-2007-5147
 	NOT-FOR-US: Puzzle Apps CMS
-CVE-2007-5146 (Multiple PHP remote file inclusion vulnerabilities in dedi-group Der ...)
+CVE-2007-5146
 	NOT-FOR-US: Der Dirigent
-CVE-2007-5145 (Multiple buffer overflows in system DLL files in Microsoft Windows XP, ...)
+CVE-2007-5145
 	NOT-FOR-US: Windows XP
-CVE-2007-5144 (Buffer overflow in the GDI engine in Windows Live Messenger, as used ...)
+CVE-2007-5144
 	NOT-FOR-US: Windows Live Messenger
-CVE-2007-5143 (F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows ...)
+CVE-2007-5143
 	NOT-FOR-US: Anti-Virus for Windows Servers
-CVE-2007-5142 (Cross-site scripting (XSS) vulnerability in buscar.asp in Solidweb ...)
+CVE-2007-5142
 	NOT-FOR-US: Solidweb Novus
-CVE-2007-5141 (SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta ...)
+CVE-2007-5141
 	NOT-FOR-US: SiteX
-CVE-2007-5140 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5140
 	NOT-FOR-US: IntegraMOD Nederland
-CVE-2007-5139 (PHP remote file inclusion vulnerability in admin/include/header.php in ...)
+CVE-2007-5139
 	NOT-FOR-US: Chupix
-CVE-2007-5138 (PHP remote file inclusion vulnerability in forum/forum.php in ...)
+CVE-2007-5138
 	NOT-FOR-US: lustig.cms
-CVE-2007-5137 (Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl ...)
+CVE-2007-5137
 	{DSA-1743-1}
 	- tk8.4 8.4.16-1
 	[etch] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
 	[sarge] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
 	- tk8.3 <not-affected> (Vulnerability was introduced in 8.4.13)
 	- libtk-img 1.3-release-8
-CVE-2007-5136 (Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and earlier ...)
+CVE-2007-5136
 	NOT-FOR-US: DFD Cart
-CVE-2007-5134 (Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP ...)
+CVE-2007-5134
 	NOT-FOR-US: Cisco firmware
-CVE-2007-5133 (Microsoft Windows Explorer (explorer.exe) allows user-assisted remote ...)
+CVE-2007-5133
 	NOT-FOR-US: Microsoft Windows Explorer
-CVE-2007-5132 (Race condition in the kernel in Sun Solaris 8 through 10 allows local ...)
+CVE-2007-5132
 	NOT-FOR-US: Solaris
-CVE-2007-5131 (SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x ...)
+CVE-2007-5131
 	NOT-FOR-US: ActiveKB
-CVE-2007-5130 (SimpGB 1.46.02 allows remote attackers to obtain sensitive information ...)
+CVE-2007-5130
 	NOT-FOR-US: SimpGB
-CVE-2007-5129 (SimpGB 1.46.02 stores sensitive information under the web root with ...)
+CVE-2007-5129
 	NOT-FOR-US: SimpGB
-CVE-2007-5128 (SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows ...)
+CVE-2007-5128
 	NOT-FOR-US: SimpNews
-CVE-2007-5127 (Multiple cross-site scripting (XSS) vulnerabilities in SimpGB 1.46.02 ...)
+CVE-2007-5127
 	NOT-FOR-US: SimpGB
-CVE-2007-5126 (Unspecified vulnerability in the client in Symantec Veritas Backup ...)
+CVE-2007-5126
 	NOT-FOR-US: Symantec Veritas Backup Exec
 CVE-2007-5125
 	REJECTED
-CVE-2007-5124 (The embedded Internet Explorer server control in AOL Instant Messenger ...)
+CVE-2007-5124
 	NOT-FOR-US: AOL Messenger
-CVE-2007-5123 (SQL injection vulnerability in notas.asp in Novus 1.0 allows remote ...)
+CVE-2007-5123
 	NOT-FOR-US: Solidweb Novus
-CVE-2007-5122 (SQL injection vulnerability in store_info.php in SoftBiz Classifieds ...)
+CVE-2007-5122
 	NOT-FOR-US: SoftBiz Classifieds PLUS
-CVE-2007-5121 (Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta ...)
+CVE-2007-5121
 	- jspwiki <not-affected> (The version we ship does not process a redirect parameter in Login.jsp and other source files)
 	[sarge] - jspwiki <no-dsa> (Contrib not supported)
-CVE-2007-5120 (Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 ...)
+CVE-2007-5120
 	- jspwiki 2.5.139-1 (medium; bug #445477)
 	[sarge] - jspwiki <no-dsa> (Contrib not supported)
-CVE-2007-5119 (JSPWiki 2.4.103 and 2.5.139-beta allows remote attackers to obtain ...)
+CVE-2007-5119
 	- jspwiki 2.5.139-1 (unimportant; bug #445477)
 	[sarge] - jspwiki <no-dsa> (Contrib not supported)
-CVE-2007-5118 (Unspecified vulnerability in the HID (Human Interface Device) class ...)
+CVE-2007-5118
 	NOT-FOR-US: Solaris
-CVE-2007-5117 (Multiple PHP remote file inclusion vulnerabilities in FrontAccounting ...)
+CVE-2007-5117
 	NOT-FOR-US: FrontAccounting
-CVE-2007-5116 (Buffer overflow in the polymorphic opcode support in the Regular ...)
+CVE-2007-5116
 	{DSA-1400-1 DTSA-78-1}
 	- perl 5.8.8-12 (medium; bug #450794)
 	NOTE: http://public.activestate.com/cgi-bin/perlbrowse/30647
-CVE-2007-5135 (Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL ...)
+CVE-2007-5135
 	{DSA-1379-1}
 	- openssl 0.9.8e-9 (low; bug #444435)
 	[sarge] - openssl 0.9.7e-3sarge5
-CVE-2007-5115 (Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre ...)
+CVE-2007-5115
 	NOT-FOR-US: Ekke Doerre Contenido
-CVE-2007-5114 (** DISPUTED ** ...)
+CVE-2007-5114
 	NOT-FOR-US: phpmyProfiler
-CVE-2007-5113 (report.cgi in Google Urchin allows remote attackers to bypass ...)
+CVE-2007-5113
 	NOT-FOR-US: Google Urchin
-CVE-2007-5112 (Cross-site scripting (XSS) vulnerability in session.cgi (aka the login ...)
+CVE-2007-5112
 	NOT-FOR-US: Google Urchin
-CVE-2007-5111 (A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt ...)
+CVE-2007-5111
 	NOT-FOR-US: ebCrypt
-CVE-2007-5110 (Absolute path traversal vulnerability in the ...)
+CVE-2007-5110
 	NOT-FOR-US: ebCrypt
-CVE-2007-5109 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+CVE-2007-5109
 	NOT-FOR-US: flatnuke
-CVE-2007-5108 (Unspecified vulnerability in IAC Search &amp; Media ask.com toolbar has ...)
+CVE-2007-5108
 	NOT-FOR-US: IAC Search & Media ask.com toolbar
-CVE-2007-5107 (Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ...)
+CVE-2007-5107
 	NOT-FOR-US: AskJeevesToolBar
-CVE-2007-5106 (Cross-site scripting (XSS) vulnerability in wp-register.php in ...)
+CVE-2007-5106
 	- wordpress 2.0.2-1 (low)
-CVE-2007-5105 (Cross-site scripting (XSS) vulnerability in wp-register.php in ...)
+CVE-2007-5105
 	- wordpress 2.0.4-1 (low)
-CVE-2007-5104 (SQL injection vulnerability in index.php in the Arcade module in bcoos ...)
+CVE-2007-5104
 	NOT-FOR-US: bcoos
-CVE-2007-5103 (Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 ...)
+CVE-2007-5103
 	NOT-FOR-US: Wordsmith
-CVE-2007-5102 (PHP remote file inclusion vulnerability in config.inc.php in Wordsmith ...)
+CVE-2007-5102
 	NOT-FOR-US: Wordsmith
-CVE-2007-5101 (ChironFS before 1.0 RC7 sets user/group ownership to the mounter ...)
+CVE-2007-5101
 	NOT-FOR-US: ChironFS
-CVE-2007-5100 (Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, ...)
+CVE-2007-5100
 	NOT-FOR-US: phpBB plus (phpbb2 does not include this module)
-CVE-2007-5099 (PHP remote file inclusion vulnerability in show.php in David Watters ...)
+CVE-2007-5099
 	NOT-FOR-US: helplink
-CVE-2007-5098 (Multiple PHP remote file inclusion vulnerabilities in DFD Cart 1.1.4 ...)
+CVE-2007-5098
 	NOT-FOR-US: DFD Cart
-CVE-2007-5097 (** DISPUTED ** ...)
+CVE-2007-5097
 	NOT-FOR-US: Online Fantasy Football League
-CVE-2007-5096 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5096
 	NOT-FOR-US: guanxiCRM Business Solution
-CVE-2007-5095 (Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes ...)
+CVE-2007-5095
 	NOT-FOR-US: Windows Media Player
-CVE-2007-5094 (Heap-based buffer overflow in iaspam.dll in the SMTP Server in ...)
+CVE-2007-5094
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-5093 (The disconnect method in the Philips USB Webcam (pwc) driver in Linux ...)
+CVE-2007-5093
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1381-2}
 	- linux-2.6 2.6.23-1
-CVE-2007-5092 (Directory traversal vulnerability in index.php in the Dance Music ...)
+CVE-2007-5092
 	NOT-FOR-US: phpNuke module
-CVE-2007-5091 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare ...)
+CVE-2007-5091
 	- egroupware 1.2.107-2.dfsg-2 (low; bug #444351)
-CVE-2007-5090 (Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a ...)
+CVE-2007-5090
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2007-5089 (PHP remote file inclusion vulnerability in php-inc/log.inc.php in ...)
+CVE-2007-5089
 	NOT-FOR-US: Sklog
-CVE-2007-5088 (Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi ...)
+CVE-2007-5088
 	NOT-FOR-US: freeside
-CVE-2007-5087 (The ATM module in the Linux kernel before 2.4.35.3, when CLIP support ...)
+CVE-2007-5087
 	- linux-2.6 <not-affected> (2.6 code base handles ARP entries differently)
-CVE-2007-5086 (Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not ...)
+CVE-2007-5086
 	NOT-FOR-US: Kaspersky Anti-Virus and Internet Security 7.0
-CVE-2007-5085 (Unspecified vulnerability in the management EJB (MEJB) in Apache ...)
+CVE-2007-5085
 	NOT-FOR-US: Geronimo Apache
-CVE-2007-5084 (Multiple SQL injection vulnerabilities in Computer Associates (CA) ...)
+CVE-2007-5084
 	NOT-FOR-US: CA BrightStor Hierarchical Storage Manager
-CVE-2007-5083 (Multiple integer overflows in Computer Associates (CA) BrightStor ...)
+CVE-2007-5083
 	NOT-FOR-US: CA BrightStor Hierarchical Storage Manager
-CVE-2007-5082 (Multiple stack-based buffer overflows in Computer Associates (CA) ...)
+CVE-2007-5082
 	NOT-FOR-US: CA BrightStor Hierarchical Storage Manager
-CVE-2007-5081 (Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and ...)
+CVE-2007-5081
 	NOT-FOR-US: RealPlayer
-CVE-2007-5080 (Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne ...)
+CVE-2007-5080
 	NOT-FOR-US: RealPlayer
-CVE-2007-5079 (Red Hat Enterprise Linux 4 does not properly compile and link gdm with ...)
+CVE-2007-5079
 	- gdm <not-affected> (Red Hat-specific packaging flaw)
-CVE-2007-5078 (Multiple cross-site scripting (XSS) vulnerabilities in eGov Manager ...)
+CVE-2007-5078
 	NOT-FOR-US: eGov Manager
 CVE-2007-5077
 	RESERVED
@@ -4039,243 +4039,243 @@ CVE-2007-5074
 	RESERVED
 CVE-2007-5073
 	RESERVED
-CVE-2007-5072 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
+CVE-2007-5072
 	NOT-FOR-US: Simple PHP Blog
-CVE-2007-5071 (Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP ...)
+CVE-2007-5071
 	NOT-FOR-US: Simple PHP Blog
-CVE-2007-5070 (Heap-based buffer overflow in the EasyMailMessagePrinter ActiveX ...)
+CVE-2007-5070
 	NOT-FOR-US: Easy Mail Message Printer
-CVE-2007-5069 (Directory traversal vulnerability in data/compatible.php in the Nuke ...)
+CVE-2007-5069
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-5068 (SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 ...)
+CVE-2007-5068
 	NOT-FOR-US: phpFullAnnu
-CVE-2007-5067 (Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow ...)
+CVE-2007-5067
 	NOT-FOR-US: iMatix Xitami Web Server
-CVE-2007-5066 (Unspecified vulnerability in Webmin before 1.370 on Windows allows ...)
+CVE-2007-5066
 	- webmin <removed>
-CVE-2007-5065 (PHP remote file inclusion vulnerability in admin.slideshow1.php in the ...)
+CVE-2007-5065
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5064 (Buffer overflow in a certain ActiveX control in Xunlei Web Thunder ...)
+CVE-2007-5064
 	NOT-FOR-US: Xunlei Web Thunder
-CVE-2007-5063 (Adam Scheinberg Flip 3.0 and earlier stores sensitive information ...)
+CVE-2007-5063
 	NOT-FOR-US: Adam Scheinberg Flip
-CVE-2007-5062 (account.php in Adam Scheinberg Flip 3.0 and earlier allows remote ...)
+CVE-2007-5062
 	NOT-FOR-US: Adam Scheinberg Flip
-CVE-2007-5061 (SQL injection vulnerability in mods/banners/navlist.php in Clansphere ...)
+CVE-2007-5061
 	NOT-FOR-US: Clansphere
-CVE-2007-5060 (Cross-site request forgery (CSRF) vulnerability in the cpass ...)
+CVE-2007-5060
 	NOT-FOR-US: XCMS
-CVE-2007-5059 (Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL allow ...)
+CVE-2007-5059
 	NOT-FOR-US: GreenSQL
-CVE-2007-5058 (Cross-site scripting (XSS) vulnerability in the Web administration ...)
+CVE-2007-5058
 	NOT-FOR-US: Barracuda
-CVE-2007-5057 (NetSupport Manager Client before 10.20.0004 allows remote attackers to ...)
+CVE-2007-5057
 	NOT-FOR-US: NetSupport Manager Client
-CVE-2007-5056 (Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb ...)
+CVE-2007-5056
 	NOT-FOR-US: ADOdb Lite
-CVE-2007-5055 (Multiple directory traversal vulnerabilities in iziContents 1 RC6 and ...)
+CVE-2007-5055
 	NOT-FOR-US: iziContents
-CVE-2007-5054 (Multiple PHP remote file inclusion vulnerabilities in iziContents 1 ...)
+CVE-2007-5054
 	NOT-FOR-US: iziContents
-CVE-2007-5053 (Multiple incomplete blacklist vulnerabilities in iziContents 1 RC6 and ...)
+CVE-2007-5053
 	NOT-FOR-US: iziContents
-CVE-2007-5052 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-5052
 	NOT-FOR-US: Vigile CMS
-CVE-2007-5051 (Multiple cross-site scripting (XSS) vulnerabilities in PhpGedView ...)
+CVE-2007-5051
 	{DSA-1559-1}
 	- phpgedview 4.1.e+4.1.1-2 (low; bug #443901)
-CVE-2007-5050 (Directory traversal vulnerability in index.php in Neuron News 1.0 ...)
+CVE-2007-5050
 	NOT-FOR-US: Neuron News
 CVE-2007-5049
 	REJECTED
-CVE-2007-5048 (Heap-based buffer overflow in Lhaplus before 1.55 allows remote ...)
+CVE-2007-5048
 	NOT-FOR-US: lhaplus
-CVE-2007-5047 (Norton Internet Security 2008 15.0.0.60 does not properly validate ...)
+CVE-2007-5047
 	NOT-FOR-US: Norton Internet Security
-CVE-2007-5046 (Cross-site scripting (XSS) vulnerability in the Webmail interface for ...)
+CVE-2007-5046
 	NOT-FOR-US: IceWarp Merak Mail Server
-CVE-2007-5045 (Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, ...)
+CVE-2007-5045
 	- iceweasel <not-affected> (Only affects Firefox/Thunderbird on Windows)
 	- icedove <not-affected> (Only affects Firefox/Thunderbird on Windows)
-CVE-2007-5044 (ZoneAlarm Pro 7.0.362.000 does not properly validate certain ...)
+CVE-2007-5044
 	NOT-FOR-US: ZoneAlam Pro
-CVE-2007-5043 (Kaspersky Internet Security 7.0.0.125 does not properly validate ...)
+CVE-2007-5043
 	NOT-FOR-US: Kaspersky Internet Security
-CVE-2007-5042 (Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain ...)
+CVE-2007-5042
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2007-5041 (G DATA InternetSecurity 2007 does not properly validate certain ...)
+CVE-2007-5041
 	NOT-FOR-US: G DATA InternetSecurity
-CVE-2007-5040 (Ghost Security Suite alpha 1.200 does not properly validate certain ...)
+CVE-2007-5040
 	NOT-FOR-US: Ghost Security Suite
-CVE-2007-5039 (Ghost Security Suite beta 1.110 does not properly validate certain ...)
+CVE-2007-5039
 	NOT-FOR-US: Ghost Security Suite
-CVE-2007-5038 (The offer_account_by_email function in User.pm in the WebService for ...)
+CVE-2007-5038
 	- bugzilla <not-affected> (Affected versions were never present in the archive)
-CVE-2007-5037 (Buffer overflow in the inotifytools_snprintf function in ...)
+CVE-2007-5037
 	{DSA-1440-1}
 	- inotify-tools 3.11-1 (medium; bug #443913)
-CVE-2007-5036 (Multiple buffer overflows in the AirDefense Airsensor M520 with ...)
+CVE-2007-5036
 	NOT-FOR-US: AirDefense firmware
-CVE-2007-5035 (** DISPUTED ** ...)
+CVE-2007-5035
 	NOT-FOR-US: openEngine
-CVE-2007-5034 (ELinks before 0.11.3, when sending a POST request for an https URL, ...)
+CVE-2007-5034
 	{DSA-1380-1}
 	- elinks 0.11.1-1.5 (low; bug #443914)
-CVE-2007-5033 (Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2 ...)
+CVE-2007-5033
 	NOT-FOR-US: phpBB XS
-CVE-2007-5032 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
+CVE-2007-5032
 	NOT-FOR-US: Php-Nuke
-CVE-2007-5031 (The TSrvOptIA_NA::rebind method in SrvOptions/SrvOptIA_NA.cpp in ...)
+CVE-2007-5031
 	- dibbler 0.6.1-1 (low; bug #444002)
-CVE-2007-5030 (Multiple integer overflows in Dibbler 0.6.0 allow remote attackers to ...)
+CVE-2007-5030
 	- dibbler 0.6.1-1 (low; bug #444002)
-CVE-2007-5029 (Dibbler 0.6.0 does not verify that certain length parameters are ...)
+CVE-2007-5029
 	- dibbler 0.6.1-1 (low; bug #444002)
-CVE-2007-5028 (Dibbler 0.6.0 on Linux uses weak world-writable permissions for ...)
+CVE-2007-5028
 	- dibbler 0.6.1-1 (medium; bug #444002)
-CVE-2007-5027 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/ddns in ...)
+CVE-2007-5027
 	NOT-FOR-US: WBR3404TX firmware
-CVE-2007-5026 (dBlog CMS, probably 2.0, stores sensitive information under the web ...)
+CVE-2007-5026
 	NOT-FOR-US: dBlog CMS
-CVE-2007-5025 (Unspecified vulnerability in EMC VMware ACE before 1.0.3 Build 54075 ...)
+CVE-2007-5025
 	NOT-FOR-US: VMware
-CVE-2007-5024 (EMC VMware Server before 1.0.4 Build 56528 writes passwords in ...)
+CVE-2007-5024
 	NOT-FOR-US: VMware
-CVE-2007-5023 (Unquoted Windows search path vulnerability in EMC VMware Workstation ...)
+CVE-2007-5023
 	NOT-FOR-US: VMware
-CVE-2007-5022 (Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM) ...)
+CVE-2007-5022
 	NOT-FOR-US: IBM Tivoli Storage Manager
 CVE-2007-5021
 	REJECTED
-CVE-2007-5020 (Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows ...)
+CVE-2007-5020
 	NOT-FOR-US: Acrobat Reader
 CVE-2007-XXXX [mimep insecure tempfile usage and insecure calls to LaTeX and dvips]
 	- mp 3.7.1-8 (low)
 	[sarge] - mp <no-dsa> (Minor issue)
 	[etch] - mp <no-dsa> (Minor issue)
 	NOTE: Can be fixed in a point update
-CVE-2007-5019 (Buffer overflow in the Sun Java Web Start ActiveX control in Java ...)
+CVE-2007-5019
 	- sun-java6 <removed> (unimportant)
 	- sun-java5 <removed> (unimportant)
 	- openjdk-6 <removed> (unimportant)
 	NOTE: exploiting this would not work under Linux
-CVE-2007-5018 (Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote ...)
+CVE-2007-5018
 	NOT-FOR-US: Pegasus Mail Mercury
-CVE-2007-5017 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-5017
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-5016 (SQL injection vulnerability in userreviews.php in OneCMS 2.4 allows ...)
+CVE-2007-5016
 	NOT-FOR-US: OneCMS
-CVE-2007-5015 (Multiple PHP remote file inclusion vulnerabilities in Streamline PHP ...)
+CVE-2007-5015
 	NOT-FOR-US: Streamline
-CVE-2007-5014 (Multiple PHP remote file inclusion vulnerabilities in pSlash 0.70 ...)
+CVE-2007-5014
 	NOT-FOR-US: pSlash
-CVE-2007-5013 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-5013
 	NOT-FOR-US: Phormer
-CVE-2007-5012 (Cross-site scripting (XSS) vulnerability in picture.php in ...)
+CVE-2007-5012
 	NOT-FOR-US: PhpWebGallery
-CVE-2007-5011 (webbatch.exe in WebBatch allows remote attackers to obtain sensitive ...)
+CVE-2007-5011
 	NOT-FOR-US: WebBatch
-CVE-2007-5010 (Cross-site scripting (XSS) vulnerability in WebBatch allows remote ...)
+CVE-2007-5010
 	NOT-FOR-US: WebBatch
-CVE-2007-5009 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-5009
 	NOT-FOR-US: Phpbb Plus
 	NOTE: vulnerable code not included in phpbb2
-CVE-2007-5008 (The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not ...)
+CVE-2007-5008
 	NOT-FOR-US: HP-UX
-CVE-2007-5007 (Stack-based buffer overflow in the ir_fetch_seq function in balsa ...)
+CVE-2007-5007
 	- balsa 2.3.20-1 (low)
 	[etch] - balsa 2.3.13-3
 	NOTE: Minor issue fixed in 4.0r4 point release
 	[sarge] - balsa <no-dsa> (Minor issue)
 	NOTE: attacker needs to get the victim a prepared server to use
-CVE-2007-5006 (Multiple command handlers in CA (Computer Associates) BrightStor ...)
+CVE-2007-5006
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2007-5005 (Directory traversal vulnerability in rxRPC.dll in CA (Computer ...)
+CVE-2007-5005
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2007-5004 (Integer overflow in CA (Computer Associates) BrightStor ARCserve ...)
+CVE-2007-5004
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2007-5003 (Multiple stack-based buffer overflows in CA (Computer Associates) ...)
+CVE-2007-5003
 	NOT-FOR-US: CA ARCserve Backup
 CVE-2007-5002
 	RESERVED
-CVE-2007-5001 (Linux kernel before 2.4.21 allows local users to cause a denial of ...)
+CVE-2007-5001
 	- linux-2.6 <not-affected> (RedHat/RHEL3 specific patch only)
-CVE-2007-5000 (Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in ...)
+CVE-2007-5000
 	[sarge] - apache2 <no-dsa> (minor issue)
 	[sarge] - apache <no-dsa> (minor issue)
 	- apache2 2.2.8-1 (low)
 	- apache <removed> (low)
 	[etch] - apache2 2.2.3-4+etch4
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2007-4999 (libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, ...)
+CVE-2007-4999
 	- pidgin 2.2.2-1 (medium)
-CVE-2007-4998 (cp, when running with an option to preserve symlinks on multiple OSes, ...)
+CVE-2007-4998
 	- coreutils 4.1.2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=356471
-CVE-2007-4997 (Integer underflow in the ieee80211_rx function in ...)
+CVE-2007-4997
 	{DSA-1428-1}
 	- linux-2.6 2.6.23-1
-CVE-2007-4996 (libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge ...)
+CVE-2007-4996
 	- pidgin 2.2.1-1 (medium)
 	NOTE: Gaim not affected, vulnerable code was introduced in 2.2.0
-CVE-2007-4995 (Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before ...)
+CVE-2007-4995
 	{DSA-1571-1}
 	- openssl 0.9.8f-1 (low)
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
 	- openssl096 <not-affected> (DTLS support was introduced in 0.9.8)
 	[sarge] - openssl <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2007-4994 (Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not ...)
+CVE-2007-4994
 	NOT-FOR-US: Redhat Certificate Server
-CVE-2007-4993 (pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a ...)
+CVE-2007-4993
 	{DSA-1384-1}
 	- xen-3 3.1.1-1 (medium; bug #444430)
 	- xen-3.0 <removed>
-CVE-2007-4992 (Stack-based buffer overflow in the process_packet function in ...)
+CVE-2007-4992
 	- firebird1.5 <removed> (medium; bug #446373)
 	- firebird2.0 2.0.3.12981.ds1-1 (medium)
-CVE-2007-4991 (The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) ...)
+CVE-2007-4991
 	NOT-FOR-US: Microsoft Internet Security and Acceleration
-CVE-2007-4990 (The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 ...)
+CVE-2007-4990
 	{DSA-1385-1}
 	- xfs 1:1.0.5-1
 CVE-2007-4989
 	REJECTED
-CVE-2007-4988 (Sign extension error in the ReadDIBImage function in ImageMagick ...)
+CVE-2007-4988
 	{DSA-1903-1 DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
 	- graphicsmagick 1.1.11-1 (medium; bug #444266)
-CVE-2007-4987 (Off-by-one error in the ReadBlobString function in blob.c in ...)
+CVE-2007-4987
 	{DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
-CVE-2007-4986 (Multiple integer overflows in ImageMagick before 6.3.5-9 allow ...)
+CVE-2007-4986
 	{DSA-1903-1 DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
 	- graphicsmagick 1.1.11-1 (medium; bug #444266)
-CVE-2007-4985 (ImageMagick before 6.3.5-9 allows context-dependent attackers to cause ...)
+CVE-2007-4985
 	{DSA-1903-1 DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
 	- graphicsmagick 1.1.11-1 (medium; bug #444266)
-CVE-2007-4984 (SQL injection vulnerability in index.php in the Ktauber.com StylesDemo ...)
+CVE-2007-4984
 	NOT-FOR-US: StylesDemo
-CVE-2007-4983 (Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX ...)
+CVE-2007-4983
 	NOT-FOR-US: jetAudio
-CVE-2007-4982 (Multiple absolute path traversal vulnerabilities in the ...)
+CVE-2007-4982
 	NOT-FOR-US: QRCode
-CVE-2007-4981 (Cross-site scripting (XSS) vulnerability in the save function in ...)
+CVE-2007-4981
 	NOT-FOR-US: Obedit
-CVE-2007-4980 (The readRequest method in org/gcaldaemon/core/http/HTTPListener.java ...)
+CVE-2007-4980
 	NOT-FOR-US: GCALDaemon
-CVE-2007-4979 (SQL injection vulnerability in index.php in the sondages module in ...)
+CVE-2007-4979
 	NOT-FOR-US: KwsPHP
-CVE-2007-4978 (Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 ...)
+CVE-2007-4978
 	NOT-FOR-US: phpSyncML
-CVE-2007-4977 (Cross-site scripting (XSS) vulnerability in mode.php in Coppermine ...)
+CVE-2007-4977
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-4976 (Directory traversal vulnerability in viewlog.php in Coppermine Photo ...)
+CVE-2007-4976
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-4975 (Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 ...)
+CVE-2007-4975
 	NOT-FOR-US: b1gMail
-CVE-2007-4974 (Heap-based buffer overflow in the flac_buffer_copy function in ...)
+CVE-2007-4974
 	{DSA-1442-1}
 	- libsndfile 1.0.17-4 (bug #443386; medium)
 	[sarge] - libsndfile <not-affected> (Vulnerable code not present)
@@ -4284,183 +4284,183 @@ CVE-2007-4974 (Heap-based buffer overflow in the flac_buffer_copy function in ..
 	[etch] - ardour <not-affected> (Vulnerable code not present)
 CVE-2007-4973
 	RESERVED
-CVE-2007-4972 (RegMon 7.04 does not properly validate certain parameters to System ...)
+CVE-2007-4972
 	NOT-FOR-US: NtRegmon
-CVE-2007-4971 (ProSecurity 1.40 Beta 2 does not properly validate certain parameters ...)
+CVE-2007-4971
 	NOT-FOR-US: ProSecurity
-CVE-2007-4970 (ProcessGuard 3.410 does not properly validate certain parameters to ...)
+CVE-2007-4970
 	NOT-FOR-US: ProcessGuard
-CVE-2007-4969 (Process Monitor 1.22 does not properly validate certain parameters to ...)
+CVE-2007-4969
 	NOT-FOR-US: Process Monitor
-CVE-2007-4968 (Privatefirewall 5.0.14.2 does not properly validate certain parameters ...)
+CVE-2007-4968
 	NOT-FOR-US: Privatefirewal
-CVE-2007-4967 (Online Armor Personal Firewall 2.0.1.215 does not properly validate ...)
+CVE-2007-4967
 	NOT-FOR-US: Online Armor Personal Firewall
-CVE-2007-4966 (SQL injection vulnerability in www/people/editprofile.php in GForge ...)
+CVE-2007-4966
 	NOTE: Duplicate of CVE-2007-3913
-CVE-2007-4965 (Multiple integer overflows in the imageop module in Python 2.5.1 and ...)
+CVE-2007-4965
 	{DSA-1620-1 DSA-1551-1}
 	- python2.5 2.5.1-6 (low; bug #443333)
 	[etch] - python2.5 <no-dsa> (Minor issue)
 	[sarge] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 2.4.4-7 (low; bug #443335)
 	[etch] - python2.4 <no-dsa> (Minor issue)
-CVE-2007-4964 (WinImage 8.10 and earlier allows remote attackers to cause a denial of ...)
+CVE-2007-4964
 	NOT-FOR-US: WinImage
-CVE-2007-4963 (Visual truncation vulnerability in WinImage 8.10 and earlier allows ...)
+CVE-2007-4963
 	NOT-FOR-US: WinImage
-CVE-2007-4962 (Directory traversal vulnerability in WinImage 8.10 and earlier allows ...)
+CVE-2007-4962
 	NOT-FOR-US: WinImage
-CVE-2007-4961 (The login_to_simulator method in Linden Lab Second Life, as used by ...)
+CVE-2007-4961
 	- secondlife-client <itp> (low; bug #406335)
-CVE-2007-4960 (Argument injection vulnerability in the Linden Lab Second Life ...)
+CVE-2007-4960
 	- secondlife-client <itp> (low; bug #406335)
-CVE-2007-4959 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-4959
 	NOT-FOR-US: osCMax
-CVE-2007-4958 (Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery ...)
+CVE-2007-4958
 	NOT-FOR-US: TinyWebGallery
-CVE-2007-4957 (Multiple directory traversal vulnerabilities in download.php in Chupix ...)
+CVE-2007-4957
 	NOT-FOR-US: ChupixCMS
-CVE-2007-4956 (Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote ...)
+CVE-2007-4956
 	NOT-FOR-US: KwsPhp
-CVE-2007-4955 (PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in ...)
+CVE-2007-4955
 	NOT-FOR-US: Joomla! extension
-CVE-2007-4954 (PHP remote file inclusion vulnerability in admin.joom12pic.php in the ...)
+CVE-2007-4954
 	NOT-FOR-US: Joomla! extension
-CVE-2007-4953 (SQL injection vulnerability in index.php in SimpCMS allows remote ...)
+CVE-2007-4953
 	NOT-FOR-US: SimpCMS
-CVE-2007-4952 (SQL injection vulnerability in article.php in OmniStar Article Manager ...)
+CVE-2007-4952
 	NOT-FOR-US: OmniStar Article Manager
-CVE-2007-4951 (** DISPUTED ** ...)
+CVE-2007-4951
 	NOT-FOR-US: YaPiG
-CVE-2007-4950 (** DISPUTED ** ...)
+CVE-2007-4950
 	NOT-FOR-US: Phportal
-CVE-2007-4949 (** DISPUTED ** ...)
+CVE-2007-4949
 	NOT-FOR-US: phpreactor
-CVE-2007-4948 (Multiple PHP remote file inclusion vulnerabilities in Webmedia ...)
+CVE-2007-4948
 	NOT-FOR-US: Webmedia Explorer
-CVE-2007-4947 (Multiple PHP remote file inclusion vulnerabilities in myphpPagetool ...)
+CVE-2007-4947
 	NOT-FOR-US: myphpPagetool
-CVE-2007-4946 (LetterGrade allows remote attackers to obtain sensitive information ...)
+CVE-2007-4946
 	NOT-FOR-US: LetterGrade
-CVE-2007-4945 (Multiple cross-site scripting (XSS) vulnerabilities in LetterGrade ...)
+CVE-2007-4945
 	NOT-FOR-US: LetterGrade
-CVE-2007-4944 (The canvas.createPattern function in Opera 9.x before 9.22 for Linux, ...)
+CVE-2007-4944
 	NOT-FOR-US: Opera
-CVE-2007-4943 (Multiple buffer overflows in a certain ActiveX control in sparser.dll ...)
+CVE-2007-4943
 	NOT-FOR-US: Baofeng Storm
-CVE-2007-4942 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4942
 	NOT-FOR-US: Focus/SIS
-CVE-2007-4941 (KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a ...)
+CVE-2007-4941
 	NOT-FOR-US: KMPlayer for windows
 	NOTE: its not kmplayer we ship its a windows only media player
-CVE-2007-4940 (Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and ...)
+CVE-2007-4940
 	NOT-FOR-US: Media Player Classic
-CVE-2007-4939 (Heap-based buffer overflow in mplayerc.exe in Media Player Classic ...)
+CVE-2007-4939
 	NOT-FOR-US: Media Player Classic
-CVE-2007-4938 (Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 ...)
+CVE-2007-4938
 	{DTSA-65-1}
 	- mplayer 1.0~rc1-16.1 (bug #443478)
-CVE-2007-4937 (CS Guestbook stores sensitive information under the web root with ...)
+CVE-2007-4937
 	NOT-FOR-US: CS Guestbook
-CVE-2007-4936 (Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has ...)
+CVE-2007-4936
 	NOT-FOR-US: SafeSquid
-CVE-2007-4935 (Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 ...)
+CVE-2007-4935
 	NOT-FOR-US: phpFFL
-CVE-2007-4934 (Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 ...)
+CVE-2007-4934
 	NOT-FOR-US: phpFFL
-CVE-2007-4933 (Direct static code injection vulnerability in ...)
+CVE-2007-4933
 	NOT-FOR-US: Shop-Script FREE
-CVE-2007-4932 (admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the ...)
+CVE-2007-4932
 	NOT-FOR-US: Shop-Script FREE
-CVE-2007-4931 (HP System Management Homepage (SMH) for Windows, when used in ...)
+CVE-2007-4931
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-4930 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS ...)
+CVE-2007-4930
 	NOT-FOR-US: Axis firmware
-CVE-2007-4929 (Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W ...)
+CVE-2007-4929
 	NOT-FOR-US: Axis firmware
-CVE-2007-4928 (The AXIS 207W camera stores a WEP or WPA key in cleartext in the ...)
+CVE-2007-4928
 	NOT-FOR-US: Axis firmware
-CVE-2007-4927 (axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote ...)
+CVE-2007-4927
 	NOT-FOR-US: Axis firmware
-CVE-2007-4926 (The AXIS 207W camera uses a base64-encoded cleartext username and ...)
+CVE-2007-4926
 	NOT-FOR-US: Axis firmware
-CVE-2007-4925 (The ewirePC_Decrypt function in ewirepcfunctions.php in eWire Payment ...)
+CVE-2007-4925
 	NOT-FOR-US: eWire Payment Client
-CVE-2007-4924 (The Open Phone Abstraction Library (opal), as used by (1) Ekiga before ...)
+CVE-2007-4924
 	- opal 2.2.11~dfsg1-1 (low)
 	[etch] - opal 2.2.3.dfsg-3+etch1 (bug #454141)
 	NOTE: will be fixed by regular stable update
-CVE-2007-4923 (PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in ...)
+CVE-2007-4923
 	NOT-FOR-US: Joomla extension
-CVE-2007-4922 (SQL injection vulnerability in play.php in the jeuxflash 1.0 module ...)
+CVE-2007-4922
 	NOT-FOR-US: KwsPhp
-CVE-2007-4921 (PHP remote file inclusion vulnerability in _includes/settings.inc.php ...)
+CVE-2007-4921
 	NOT-FOR-US: Ajax File Browser
-CVE-2007-4920 (SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest ...)
+CVE-2007-4920
 	NOT-FOR-US: Webquest
-CVE-2007-4919 (Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote ...)
+CVE-2007-4919
 	NOT-FOR-US: Jblog
-CVE-2007-4918 (SQL injection vulnerability in classes/gelato.class.php in Gelato ...)
+CVE-2007-4918
 	NOT-FOR-US: Gelato
-CVE-2007-4917 (Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats ...)
+CVE-2007-4917
 	NOT-FOR-US: Php-Stats
-CVE-2007-4916 (Heap-based buffer overflow in the FileFind::FindFile method in (1) ...)
+CVE-2007-4916
 	NOT-FOR-US: MFC Library
-CVE-2007-4915 (The Intersil isl3893 extensions for Boa 0.93.15, as used on the ...)
+CVE-2007-4915
 	- boa <not-affected> (We don't ship this extension)
-CVE-2007-4914 (Unspecified vulnerability in the subscriptions manager in Invision ...)
+CVE-2007-4914
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4913 (ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board) ...)
+CVE-2007-4913
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4912 (Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php ...)
+CVE-2007-4912
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4911 (JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to ...)
+CVE-2007-4911
 	NOT-FOR-US: JetCast Server
-CVE-2007-4910 (Unspecified vulnerability in netInvoicing before 2.7.3 has unknown ...)
+CVE-2007-4910
 	NOT-FOR-US: Netinvoicing
-CVE-2007-4909 (Interpretation conflict in WinSCP before 4.0.4 allows remote attackers ...)
+CVE-2007-4909
 	NOT-FOR-US: WinSCP
-CVE-2007-4908 (Directory traversal vulnerability in index.php in AuraCMS 2.1 and ...)
+CVE-2007-4908
 	NOT-FOR-US: AuraCMS
-CVE-2007-4907 (Multiple PHP remote file inclusion vulnerabilities in X-Cart allow ...)
+CVE-2007-4907
 	NOT-FOR-US: X-Cart
-CVE-2007-4906 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4906
 	NOT-FOR-US: NuclearBB
-CVE-2007-4905 (Unrestricted file upload vulnerability in mod/contak.php in AuraCMS ...)
+CVE-2007-4905
 	NOT-FOR-US: AuraCMS
-CVE-2007-4904 (RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player ...)
+CVE-2007-4904
 	- helix-player <unfixed> (unimportant; bug #443130)
 	NOTE: Just a floating point exception by via a crafted .au file)
-CVE-2007-4903 (Multiple buffer overflows in a certain ActiveX control in CryptoX.dll ...)
+CVE-2007-4903
 	NOT-FOR-US: Ultra Crypto Component
-CVE-2007-4902 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4902
 	NOT-FOR-US: Ultra Crypto Component
-CVE-2007-4901 (The embedded Internet Explorer server control in AOL Instant Messenger ...)
+CVE-2007-4901
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2007-4900 (Cross-site scripting (XSS) vulnerability in the logon page in RSA ...)
+CVE-2007-4900
 	NOT-FOR-US: RSA EnVision
-CVE-2007-4899 (Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum ...)
+CVE-2007-4899
 	NOT-FOR-US: Boinc Forum
-CVE-2007-4898 (Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 ...)
+CVE-2007-4898
 	NOT-FOR-US: Xwiki
-CVE-2007-4897 (pwlib, as used by Ekiga 2.0.5 and possibly other products, allows ...)
+CVE-2007-4897
 	{DTSA-94-1}
 	- pwlib 1.10.10-1.1 (low; bug #454133)
 	- pwlib-titan 1.11.2-1.1 (low; bug #454139)
 	[etch] - pwlib 1.10.2-2+etch1
 	[sarge] - pwlib 1.8.4-1+sarge1.1
-CVE-2007-4896 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-4896
 	NOT-FOR-US: Toms Gaestebuch
-CVE-2007-4895 (Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 ...)
+CVE-2007-4895
 	NOT-FOR-US: Sisfo Kampus
-CVE-2007-4894 (Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and ...)
+CVE-2007-4894
 	- wordpress 2.2.3-1 (medium)
 	[etch] - wordpress <not-affected> (Vulnerable code not yet introduced)
-CVE-2007-4893 (wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress ...)
+CVE-2007-4893
 	- wordpress 2.2.3-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not yet introduced)
-CVE-2007-4892 (Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, ...)
+CVE-2007-4892
 	NOT-FOR-US: Plesk (Windows)
 CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer]
 	- libwmf <unfixed>  (unimportant)
@@ -4468,33 +4468,33 @@ CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer]
 	NOTE: Only present in one of the sample pl-scheme packages (plot)
 	- libgd2 2.0.35.dfsg-3
 	[etch] - libgd2 2.0.33-5.2etch1
-CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in ...)
+CVE-2007-4891
 	NOT-FOR-US: PDWizard
-CVE-2007-4890 (Absolute directory traversal vulnerability in a certain ActiveX ...)
+CVE-2007-4890
 	NOT-FOR-US: Microsoft Visual Studio
-CVE-2007-4889 (The MySQL extension in PHP 5.2.4 and earlier allows remote attackers ...)
+CVE-2007-4889
 	- php5 <removed> (unimportant)
 	NOTE: basedir and safemode not supported
-CVE-2007-4888 (The &quot;You are not allowed...&quot; error handler in XWiki 1.0 B1 and 1.0 B2 ...)
+CVE-2007-4888
 	NOT-FOR-US: Xwiki
-CVE-2007-4887 (The dl function in PHP 5.2.4 and earlier allows context-dependent ...)
+CVE-2007-4887
 	- php5 5.2.5-1 (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4886 (Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and ...)
+CVE-2007-4886
 	NOT-FOR-US: Aura CMS
-CVE-2007-4885 (Avnex AV MP3 Player allows user-assisted remote attackers to cause a ...)
+CVE-2007-4885
 	NOT-FOR-US: Avnex AV MP3 Player
-CVE-2007-4884 (Media Player Classic (MPC) allows user-assisted remote attackers to ...)
+CVE-2007-4884
 	NOT-FOR-US: Windows
-CVE-2007-4883 (Cross-site scripting (XSS) vulnerability in the BotQuery extension in ...)
+CVE-2007-4883
 	- mediawiki-extensions <not-affected> (We don't ship this extension)
-CVE-2007-4882 (Multiple cross-site scripting (XSS) vulnerabilities in TechExcel ...)
+CVE-2007-4882
 	NOT-FOR-US: TechExcel CustomerWise
-CVE-2007-4881 (SQL injection vulnerability in profile/myprofile.php in psi-labs.com ...)
+CVE-2007-4881
 	NOT-FOR-US: Psilabs
-CVE-2007-4880 (Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in ...)
+CVE-2007-4880
 	NOT-FOR-US: IBM Tivoli Storage Manager (TSM)
-CVE-2007-4879 (Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, ...)
+CVE-2007-4879
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1 (low; bug #444803)
 	- iceape 1.1.9-1 (low; bug #444805)
@@ -4507,11 +4507,11 @@ CVE-2007-4876
 	RESERVED
 CVE-2007-4875
 	RESERVED
-CVE-2007-4874 (Multiple cross-site scripting (XSS) vulnerabilities in SimpNews ...)
+CVE-2007-4874
 	NOT-FOR-US: SimpNews
-CVE-2007-4873 (SimpNews 2.41.03 stores sensitive information under the web root with ...)
+CVE-2007-4873
 	NOT-FOR-US: SimpNews
-CVE-2007-4872 (SimpNews 2.41.03 allows remote attackers to obtain sensitive ...)
+CVE-2007-4872
 	NOT-FOR-US: SimpNews
 CVE-2007-4871
 	RESERVED
@@ -4529,11 +4529,11 @@ CVE-2007-4865
 	RESERVED
 CVE-2007-4864
 	RESERVED
-CVE-2007-4863 (SQL injection vulnerability in example.php in SAXON 5.4 allows remote ...)
+CVE-2007-4863
 	NOT-FOR-US: SAXON
-CVE-2007-4862 (Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON ...)
+CVE-2007-4862
 	NOT-FOR-US: SAXON
-CVE-2007-4861 (SAXON 5.4, with display_errors enabled, allows remote attackers to ...)
+CVE-2007-4861
 	NOT-FOR-US: SAXON
 CVE-2007-4860
 	RESERVED
@@ -4555,177 +4555,177 @@ CVE-2007-4852
 	RESERVED
 CVE-2007-4851
 	REJECTED
-CVE-2007-4850 (curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and ...)
+CVE-2007-4850
 	- php4 <removed> (unimportant)
 	- php5 5.2.6-1 (unimportant)
 	NOTE: Safe mode bypasses not treated as security problems
-CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly ...)
+CVE-2007-4849
 	{DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.23-1 (bug #442245; low)
-CVE-2007-4848 (Microsoft Internet Explorer 4.0 through 7 allows remote attackers to ...)
+CVE-2007-4848
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-4847 (Google Picasa allows remote attackers to read image files stored by ...)
+CVE-2007-4847
 	NOT-FOR-US: Google Picasa
-CVE-2007-4846 (SQL injection vulnerability in start.php in Webace-Linkscript (wls) ...)
+CVE-2007-4846
 	NOT-FOR-US: Webace-Linkscript
-CVE-2007-4845 (Multiple SQL injection vulnerabilities in UPLOAD/index.php in ...)
+CVE-2007-4845
 	NOT-FOR-US: RW::Download
-CVE-2007-4844 (X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly ...)
+CVE-2007-4844
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4843 (Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 ...)
+CVE-2007-4843
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4842 (Directory traversal vulnerability in Enriva Development Magellan ...)
+CVE-2007-4842
 	NOT-FOR-US: Magellan Explorer
-CVE-2007-4841 (Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and ...)
+CVE-2007-4841
 	- iceweasel <not-affected> (windows only issue)
 	- iceape <not-affected> (windows only issue)
 	- xulrunner <not-affected> (windows only issue)
 	- icedove <not-affected> (windows only issue)
 	NOTE: MFSA2007-36
 	NOTE: see https://bugzilla.mozilla.org/show_bug.cgi?id=394974
-CVE-2007-4840 (PHP 5.2.4 and earlier allows context-dependent attackers to cause a ...)
+CVE-2007-4840
 	- glibc 2.7-1 (unimportant)
 	NOTE: Original PHP issue only triggerable by malicious script
-CVE-2007-4839 (Unspecified vulnerability in the PD tools component in IBM WebSphere ...)
+CVE-2007-4839
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-4838 (Multiple buffer overflows in CellFactor Revolution 1.03 and earlier ...)
+CVE-2007-4838
 	NOT-FOR-US: CellFactor Revolution
-CVE-2007-4837 (SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows ...)
+CVE-2007-4837
 	NOT-FOR-US: Proxy Anket
-CVE-2007-4836 (Cross-site scripting (XSS) vulnerability in index.php in phpMyQuote ...)
+CVE-2007-4836
 	NOT-FOR-US: phpMyQuote
-CVE-2007-4835 (SQL injection vulnerability in index.php in phpMyQuote 0.20 allows ...)
+CVE-2007-4835
 	NOT-FOR-US: phpMyQuote
-CVE-2007-4834 (Multiple PHP remote file inclusion vulnerabilities in phpRealty 0.02 ...)
+CVE-2007-4834
 	NOT-FOR-US: phpRealty
-CVE-2007-4833 (Unspecified vulnerability in the Edge Component in IBM WebSphere ...)
+CVE-2007-4833
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-4832 (Format string vulnerability in CellFactor Revolution 1.03 and earlier ...)
+CVE-2007-4832
 	NOT-FOR-US: CellFactor Revolution
-CVE-2007-4831 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-4831
 	NOT-FOR-US: TorrentTrader
-CVE-2007-4830 (Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in ...)
+CVE-2007-4830
 	NOT-FOR-US: DirectAdmin
-CVE-2007-4829 (Directory traversal vulnerability in the Archive::Tar Perl module 1.36 ...)
+CVE-2007-4829
 	- perl 5.10.0-19
 	[etch] - perl <not-affected> (Was merged into Perl as of 5.10)
 	- libarchive-tar-perl 1.38-1 (low; bug #449544)
 	[sarge] - libarchive-tar-perl <no-dsa> (Minor issue)
 	[etch] - libarchive-tar-perl <no-dsa> (Minor issue)
-CVE-2007-4828 (Cross-site scripting (XSS) vulnerability in the API pretty-printing ...)
+CVE-2007-4828
 	- mediawiki 1.10.2-1 (low; bug #442255)
 	[etch] - mediawiki <not-affected> (Does not include the vulnerable code)
-CVE-2007-4827 (Unspecified vulnerability in the Modbus/TCP Diagnostic function in ...)
+CVE-2007-4827
 	NOT-FOR-US: Modbus Slave ActiveX Control
-CVE-2007-4826 (bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to ...)
+CVE-2007-4826
 	{DSA-1382-1}
 	- quagga 0.99.9-1 (low; bug #442133)
 	NOTE: Upstream says that this can only be exploited by configured peers.
-CVE-2007-4825 (Directory traversal vulnerability in PHP 5.2.4 and earlier allows ...)
+CVE-2007-4825
 	- php5 5.2.5-1 (unimportant)
 	- php4 <not-affected> (error message "Allowed memory size of 8388608 bytes exhausted...")
 	NOTE: php5 PoC can be reproduced, basedir violations not treated as security problems
-CVE-2007-4824 (Multiple cross-application scripting (XAS) vulnerabilities in Google ...)
+CVE-2007-4824
 	NOT-FOR-US: Google Picasa
-CVE-2007-4823 (Multiple buffer overflows in Google Picasa have unspecified attack ...)
+CVE-2007-4823
 	NOT-FOR-US: Google Picasa
-CVE-2007-4822 (Cross-site request forgery (CSRF) vulnerability in the device ...)
+CVE-2007-4822
 	NOT-FOR-US: Buffalo AirStation firmware
-CVE-2007-4821 (Buffer overflow in a certain ActiveX control in officeviewer.ocx ...)
+CVE-2007-4821
 	NOT-FOR-US: EDraw Office Viewer
-CVE-2007-4820 (Absolute path traversal vulnerability in blanko.preview.php in Sisfo ...)
+CVE-2007-4820
 	NOT-FOR-US: Sisfo Kampus
-CVE-2007-4819 (Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 ...)
+CVE-2007-4819
 	NOT-FOR-US: Txx CMS
-CVE-2007-4818 (Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 ...)
+CVE-2007-4818
 	NOT-FOR-US: Txx CMS
-CVE-2007-4817 (Unrestricted file upload vulnerability in the Restaurante ...)
+CVE-2007-4817
 	NOT-FOR-US: Joomla component
 	NOTE: not included in standard joomla installation, joomla has an itp though
-CVE-2007-4816 (Multiple buffer overflows in the BaoFeng2 storm ActiveX control in ...)
+CVE-2007-4816
 	NOT-FOR-US: BaoFeng2
-CVE-2007-4815 (Multiple PHP remote file inclusion vulnerabilities in WebED in Markus ...)
+CVE-2007-4815
 	NOT-FOR-US: WebED
-CVE-2007-4814 (Buffer overflow in the SQLServer ActiveX control in the Distributed ...)
+CVE-2007-4814
 	NOT-FOR-US: Microsoft SQL Server Enterprise Manager
-CVE-2007-4813 (Cross-site scripting (XSS) vulnerability in Domino Blogsphere 3.01 ...)
+CVE-2007-4813
 	NOT-FOR-US: Domino Blogsphere
-CVE-2007-4812 (Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions ...)
+CVE-2007-4812
 	NOT-FOR-US: Mac OS
-CVE-2007-4811 (Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 ...)
+CVE-2007-4811
 	NOT-FOR-US: Netjuke
-CVE-2007-4810 (Multiple SQL injection vulnerabilities in Netjuke 1.0-rc2 allow remote ...)
+CVE-2007-4810
 	NOT-FOR-US: Netjuke
-CVE-2007-4809 (Multiple PHP remote file inclusion vulnerabilities in Online Fantasy ...)
+CVE-2007-4809
 	NOT-FOR-US: Online Fantasy Football League
-CVE-2007-4808 (Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote ...)
+CVE-2007-4808
 	NOT-FOR-US: TLM CMS
-CVE-2007-4807 (Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 ...)
+CVE-2007-4807
 	NOT-FOR-US: Focus/SIS
-CVE-2007-4806 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4806
 	NOT-FOR-US: Focus/SIS
-CVE-2007-4805 (Directory traversal vulnerability in getgalldata.php in fuzzylime ...)
+CVE-2007-4805
 	NOT-FOR-US: Fuzzylime CMS
-CVE-2007-4804 (Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote ...)
+CVE-2007-4804
 	NOT-FOR-US: AuraCMS
-CVE-2007-4803 (Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers ...)
+CVE-2007-4803
 	NOT-FOR-US: AtomixMP3
-CVE-2007-4802 (Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow ...)
+CVE-2007-4802
 	NOT-FOR-US: GlobalLink
 CVE-2007-4801
 	RESERVED
 CVE-2007-4800
 	RESERVED
-CVE-2007-4799 (The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not ...)
+CVE-2007-4799
 	NOT-FOR-US: AIX perfstat kernel extension
-CVE-2007-4798 (Unspecified vulnerability in invscout in Inventory Scout in ...)
+CVE-2007-4798
 	NOT-FOR-US: invscout
-CVE-2007-4797 (Multiple buffer overflows in unspecified svprint (System V print) ...)
+CVE-2007-4797
 	NOT-FOR-US: System V print
-CVE-2007-4796 (Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows ...)
+CVE-2007-4796
 	NOT-FOR-US: uucp IBM AIX
-CVE-2007-4795 (Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 ...)
+CVE-2007-4795
 	NOT-FOR-US: mkpath IBM AIX
-CVE-2007-4794 (Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 ...)
+CVE-2007-4794
 	NOT-FOR-US: fcstat IBM AIX
-CVE-2007-4793 (Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 ...)
+CVE-2007-4793
 	NOT-FOR-US: xlplm IBM AIX
-CVE-2007-4792 (Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 ...)
+CVE-2007-4792
 	NOT-FOR-US: ibstat IBM AIX
-CVE-2007-4791 (Buffer overflow in the swcons command in bos.rte.console in IBM AIX ...)
+CVE-2007-4791
 	NOT-FOR-US: swcons IBM AIX
-CVE-2007-4790 (Stack-based buffer overflow in certain ActiveX controls in (1) ...)
+CVE-2007-4790
 	NOT-FOR-US: Microsoft Visual FoxPro
-CVE-2007-4789 (Cisco Content Switching Modules (CSM) 4.2 before 4.2.7, and Cisco ...)
+CVE-2007-4789
 	NOT-FOR-US: Cisco CSM
-CVE-2007-4788 (Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco ...)
+CVE-2007-4788
 	NOT-FOR-US: Cisco CSM
-CVE-2007-4787 (The virus detection engine in Sophos Anti-Virus before 2.49.0 does not ...)
+CVE-2007-4787
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2007-4786 (Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before ...)
+CVE-2007-4786
 	NOT-FOR-US: Cisco ASA
-CVE-2007-4785 (Sony Micro Vault Fingerprint Access Software, as distributed with Sony ...)
+CVE-2007-4785
 	NOT-FOR-US: Sony Micro Vault
-CVE-2007-4784 (The setlocale function in PHP before 5.2.4 allows context-dependent ...)
+CVE-2007-4784
 	- php5 5.2.5-1 (unimportant; bug #441972)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4783 (The iconv_substr function in PHP 5.2.4 and earlier allows ...)
+CVE-2007-4783
 	- php5 5.2.5-1 (unimportant; bug #441972)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4782 (PHP before 5.2.3 allows context-dependent attackers to cause a denial ...)
+CVE-2007-4782
 	- php5 5.2.3-1 (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4781 (administrator/index.php in the installer component (com_installer) in ...)
+CVE-2007-4781
 	NOT-FOR-US: Joomla!
-CVE-2007-4780 (Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain ...)
+CVE-2007-4780
 	NOT-FOR-US: Joomla!
-CVE-2007-4779 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 ...)
+CVE-2007-4779
 	NOT-FOR-US: Joomla!
-CVE-2007-4778 (Multiple SQL injection vulnerabilities in the content component ...)
+CVE-2007-4778
 	NOT-FOR-US: Joomla!
-CVE-2007-4777 (SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) ...)
+CVE-2007-4777
 	NOT-FOR-US: Joomla!
-CVE-2007-4776 (Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition ...)
+CVE-2007-4776
 	NOT-FOR-US: Microsoft Visual Basic
 CVE-2007-4775
 	RESERVED
@@ -4733,7 +4733,7 @@ CVE-2007-4774
 	RESERVED
 CVE-2007-4773
 	RESERVED
-CVE-2007-4772 (The regular expression parser in TCL before 8.4.17, as used in ...)
+CVE-2007-4772
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
@@ -4742,32 +4742,32 @@ CVE-2007-4772 (The regular expression parser in TCL before 8.4.17, as used in ..
 	- tcl8.4 8.4.17-1 (low)
 	[etch] - tcl8.4 <no-dsa> (Minor issue)
 	[sarge] - postgresql <unfixed>
-CVE-2007-4771 (Heap-based buffer overflow in the doInterval function in regexcmp.cpp ...)
+CVE-2007-4771
 	{DSA-1511-1}
 	- icu 3.8-6 (bug #463688)
-CVE-2007-4770 (libicu in International Components for Unicode (ICU) 3.8.1 and earlier ...)
+CVE-2007-4770
 	{DSA-1511-1}
 	- icu 3.8-6 (bug #463688)
-CVE-2007-4769 (The regular expression parser in TCL before 8.4.17, as used in ...)
+CVE-2007-4769
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	- tcl8.3 <not-affected> (only builds with UCS-4 internal char encoding affected, Debian builds use UCS-2 referring to maintainer)
 	- tcl8.4 <not-affected> (only builds with UCS-4 internal char encoding affected, Debian builds use UCS-2 referring to maintainer)
 	[sarge] - postgresql <unfixed>
-CVE-2007-4768 (Heap-based buffer overflow in Perl-Compatible Regular Expression ...)
+CVE-2007-4768
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-4767 (Perl-Compatible Regular Expression (PCRE) library before 7.3 does not ...)
+CVE-2007-4767
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-4766 (Multiple integer overflows in Perl-Compatible Regular Expression ...)
+CVE-2007-4766
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
@@ -4775,37 +4775,37 @@ CVE-2007-4766 (Multiple integer overflows in Perl-Compatible Regular Expression
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 CVE-2007-4765
 	RESERVED
-CVE-2007-4764 (Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 ...)
+CVE-2007-4764
 	NOT-FOR-US: Pawfaliki
-CVE-2007-4763 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4763
 	NOT-FOR-US: PHPOF
-CVE-2007-4762 (Multiple SQL injection vulnerabilities in embadmin/login.asp in ...)
+CVE-2007-4762
 	NOT-FOR-US: E-SMARTCART
-CVE-2007-4761 (Unrestricted file upload vulnerability in upload.php in Barbo91 1.1 ...)
+CVE-2007-4761
 	NOT-FOR-US: Barbo91
-CVE-2007-4760 (The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus ...)
+CVE-2007-4760
 	NOT-FOR-US: Cosminexus Developer's Kit
-CVE-2007-4759 (Multiple unspecified vulnerabilities in the image-processing APIs in ...)
+CVE-2007-4759
 	NOT-FOR-US: Cosminexus Developer's Kit
-CVE-2007-4758 (Multiple buffer overflows in the image-processing APIs in Cosminexus ...)
+CVE-2007-4758
 	NOT-FOR-US: Cosminexus Developer's Kit
-CVE-2007-4757 (PHP remote file inclusion vulnerability in menu.php in phpMytourney ...)
+CVE-2007-4757
 	NOT-FOR-US: phpMytourney
-CVE-2007-4756 (Directory traversal vulnerability in the FTP client in Total Commander ...)
+CVE-2007-4756
 	NOT-FOR-US: Total Commander
-CVE-2007-4755 (Alien Arena 2007 6.10 and earlier allows remote attackers to cause a ...)
+CVE-2007-4755
 	- alien-arena 6.05-4.1 (low; bug #442075)
-CVE-2007-4754 (Format string vulnerability in the safe_bprintf function in ...)
+CVE-2007-4754
 	- alien-arena 6.05-4.1 (medium; bug #442075)
-CVE-2007-4753 (The Thomson ST 2030 SIP phone with software 1.52.1 allows remote ...)
+CVE-2007-4753
 	NOT-FOR-US: Thomson ST 2030 SIP phone
-CVE-2007-4751 (RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in ...)
+CVE-2007-4751
 	NOT-FOR-US: RemoteDocs R-Viewer
-CVE-2007-4750 (Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 ...)
+CVE-2007-4750
 	NOT-FOR-US: RemoteDocs R-Viewer
-CVE-2007-4749 (The cmdjob utility in Autodesk Backburner 3.0.2 allows remote ...)
+CVE-2007-4749
 	NOT-FOR-US: Autodesk Backburner
-CVE-2007-4752 (ssh in OpenSSH before 4.7 does not properly handle when an untrusted ...)
+CVE-2007-4752
 	{DSA-1576-1}
 	- openssh 1:4.7p1-1 (low; bug #444738)
 	[etch] - openssh <no-dsa> (minor issue in weak security measure)
@@ -4814,51 +4814,51 @@ CVE-2007-4752 (ssh in OpenSSH before 4.7 does not properly handle when an untrus
 	NOTE: trusted X client, so this is only a slight privilege
 	NOTE: escalation. The X Security extension is merely an afterthought
 	NOTE: and is unlikely to provide strong security guarantees.
-CVE-2007-4748 (Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream ...)
+CVE-2007-4748
 	NOT-FOR-US: PowerPlayer
-CVE-2007-4747 (The telnet service in Cisco Video Surveillance IP Gateway ...)
+CVE-2007-4747
 	NOT-FOR-US: Cisco firmware
-CVE-2007-4746 (The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone ...)
+CVE-2007-4746
 	NOT-FOR-US: Cisco firmware
-CVE-2007-4745 (Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook ...)
+CVE-2007-4745
 	NOT-FOR-US: AkoBook
-CVE-2007-4744 (PHP remote file inclusion vulnerability in environment.php in ...)
+CVE-2007-4744
 	NOT-FOR-US: AnyInventory
-CVE-2007-4742 (Claroline before 1.8.6 allows remote authenticated administrators to ...)
+CVE-2007-4742
 	NOT-FOR-US: Claroline
-CVE-2007-4741 (Cross-site scripting (XSS) vulnerability in admin/adminusers.php in ...)
+CVE-2007-4741
 	NOT-FOR-US: Claroline
-CVE-2007-4740 (The HPRevolutionRegistryManager ActiveX control in ...)
+CVE-2007-4740
 	NOT-FOR-US: HPRevolutionRegistryManager
-CVE-2007-4739 (reprepro 1.3.0 through 2.2.3 does not properly verify signatures when ...)
+CVE-2007-4739
 	{DSA-1394-1}
 	- reprepro 2.2.4-1 (high; bug #440535)
 	NOTE: patch for etch in the BTS
 	[sarge] - reprepro <not-affected> (Vulnerable code introduced in 1.3.0)
-CVE-2007-4738 (Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP ...)
+CVE-2007-4738
 	NOT-FOR-US: SpeedTech PHP Library
-CVE-2007-4737 (Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP ...)
+CVE-2007-4737
 	NOT-FOR-US: SpeedTech PHP Library
-CVE-2007-4736 (SQL injection vulnerability in category.php in CartKeeper CKGold ...)
+CVE-2007-4736
 	NOT-FOR-US: CartKeeper CKGold Shopping Cart
-CVE-2007-4735 (Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 ...)
+CVE-2007-4735
 	NOT-FOR-US: Virtual DJ
-CVE-2007-4734 (Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted ...)
+CVE-2007-4734
 	NOT-FOR-US: OTSTurntables
-CVE-2007-4733 (The Aztech DSL600EU router, when WAN access to the web interface is ...)
+CVE-2007-4733
 	NOT-FOR-US: Aztech firmware
-CVE-2007-4732 (Unspecified vulnerability in the strfreectty function in the Special ...)
+CVE-2007-4732
 	NOT-FOR-US: Special File System
-CVE-2007-4743 (The original patch for CVE-2007-3999 in svc_auth_gss.c in the ...)
+CVE-2007-4743
 	{DSA-1387-1 DSA-1367-1}
 	- krb5 1.6.dfsg.1-7 (high; bug #441209)
 	[sarge] - krb5 <not-affected> (Vulnerable code not present)
 	- librpcsecgss 0.14-4 (high; bug #441393)
 	NOTE: http://article.gmane.org/gmane.comp.encryption.kerberos.announce/86
 	NOTE: 1.6.dfsg.1-7 somehow already includes the updated version
-CVE-2007-4731 (Stack-based buffer overflow in the TMregChange function in TMReg.dll ...)
+CVE-2007-4731
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-4730 (Buffer overflow in the compNewPixmap function in compalloc.c in the ...)
+CVE-2007-4730
 	{DSA-1372-1 DTSA-73-1}
 	- xorg-server 2:1.4-1
 	NOTE: XFree86 is not affected
@@ -4866,425 +4866,425 @@ CVE-2007-4729
 	RESERVED
 CVE-2007-4728
 	RESERVED
-CVE-2007-4727 (Buffer overflow in the fcgi_env_add function in ...)
+CVE-2007-4727
 	{DSA-1362-1}
 	- lighttpd 1.4.18-1 (medium; bug #441555)
 	NOTE: http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
 	NOTE: http://www.lighttpd.net/download/lighttpd-1.4.x_mod_fastcgi_overrun.patch
 	NOTE: http://www.milw0rm.com/exploits/4391
-CVE-2007-4726 (Directory traversal vulnerability in Web Oddity 0.09b allows remote ...)
+CVE-2007-4726
 	NOT-FOR-US: Web Oddity
-CVE-2007-4725 (Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before ...)
+CVE-2007-4725
 	NOT-FOR-US: AkkyWareHOUSE
-CVE-2007-4724 (Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the ...)
+CVE-2007-4724
 	- tomcat5.5 <not-affected> (Version already ships fixed files)
 	- tomcat5 <removed> (unimportant; bug #441205)
 	- libservlet2.4-java 5.0.30-6 (unimportant)
 	NOTE: DSA should not be required, minor issue, jsp just present as example
-CVE-2007-4723 (Directory traversal vulnerability in Ragnarok Online Control Panel ...)
+CVE-2007-4723
 	NOT-FOR-US: Ragnarok
-CVE-2007-4722 (Multiple stack-based buffer overflows in the Quantum Streaming ...)
+CVE-2007-4722
 	NOT-FOR-US: Quantum Streaming
 CVE-2007-4721
 	REJECTED
-CVE-2007-4720 (Unspecified vulnerability in the Shared Trace Service in Hitachi ...)
+CVE-2007-4720
 	NOT-FOR-US: Hitachi
-CVE-2007-4719 (SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta ...)
+CVE-2007-4719
 	NOT-FOR-US: 212cafeBoard
-CVE-2007-4718 (Directory traversal vulnerability in inc/lib/language.lib.php in ...)
+CVE-2007-4718
 	NOT-FOR-US: Claroline
-CVE-2007-4717 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...)
+CVE-2007-4717
 	NOT-FOR-US: Claroline
-CVE-2007-4716 (Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 ...)
+CVE-2007-4716
 	NOT-FOR-US: PHD Help Desk
-CVE-2007-4715 (Multiple PHP remote file inclusion vulnerabilities in Weblogicnet ...)
+CVE-2007-4715
 	NOT-FOR-US: Weblogicnet
-CVE-2007-4714 (SQL injection vulnerability in error_view.php in Yvora 1.0 allows ...)
+CVE-2007-4714
 	NOT-FOR-US: Yvora
-CVE-2007-4713 (Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in ...)
+CVE-2007-4713
 	NOT-FOR-US: Urchin
-CVE-2007-4712 (PHP remote file inclusion vulnerability in index.php in eNetman 1 ...)
+CVE-2007-4712
 	NOT-FOR-US: eNetman
-CVE-2007-4711 (Multiple cross-site scripting (XSS) vulnerabilities in Toms Gaestebuch ...)
+CVE-2007-4711
 	NOT-FOR-US: Toms Gaestebuch
-CVE-2007-4710 (Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 ...)
+CVE-2007-4710
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4709 (Directory traversal vulnerability in CFNetwork in Apple Mac OS X ...)
+CVE-2007-4709
 	NOT-FOR-US: CFNetwork (Apple Mac OS X)
-CVE-2007-4708 (Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 ...)
+CVE-2007-4708
 	NOT-FOR-US: Address Book (Apple Mac OS X)
-CVE-2007-4707 (Multiple unspecified vulnerabilities in the Flash media handler in ...)
+CVE-2007-4707
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4706 (Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows ...)
+CVE-2007-4706
 	NOT-FOR-US: Apple QuickTime
 CVE-2007-4705
 	RESERVED
-CVE-2007-4704 (The Application Firewall in Apple Mac OS X 10.5 does not apply changed ...)
+CVE-2007-4704
 	NOT-FOR-US: Mac OS X
-CVE-2007-4703 (The Application Firewall in Apple Mac OS X 10.5 does not prevent a ...)
+CVE-2007-4703
 	NOT-FOR-US: Mac OS X
-CVE-2007-4702 (The Application Firewall in Apple Mac OS X 10.5, when &quot;Block all ...)
+CVE-2007-4702
 	NOT-FOR-US: Mac OS X
-CVE-2007-4701 (WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create ...)
+CVE-2007-4701
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4700 (Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through ...)
+CVE-2007-4700
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4699 (The default configuration of Safari in Apple Mac OS X 10.4 through ...)
+CVE-2007-4699
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4698 (Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 ...)
+CVE-2007-4698
 	NOT-FOR-US: Apple Mac OS X, Windows
-CVE-2007-4697 (Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through ...)
+CVE-2007-4697
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4696 (Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 ...)
+CVE-2007-4696
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4695 (Unspecified &quot;input validation&quot; vulnerability in WebCore in Apple Mac ...)
+CVE-2007-4695
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4694 (Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers ...)
+CVE-2007-4694
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4693 (The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows ...)
+CVE-2007-4693
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4692 (The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 ...)
+CVE-2007-4692
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4691 (The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs ...)
+CVE-2007-4691
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4690 (Double free vulnerability in the NFS component in Apple Mac OS X 10.4 ...)
+CVE-2007-4690
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4689 (Double free vulnerability in the Networking component in Apple Mac OS ...)
+CVE-2007-4689
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4688 (The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows ...)
+CVE-2007-4688
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4687 (The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 ...)
+CVE-2007-4687
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4686 (Integer signedness error in the ttioctl function in bsd/kern/tty.c in ...)
+CVE-2007-4686
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4685 (The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users ...)
+CVE-2007-4685
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4684 (Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 ...)
+CVE-2007-4684
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4683 (Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 ...)
+CVE-2007-4683
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4682 (CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to ...)
+CVE-2007-4682
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4681 (Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 ...)
+CVE-2007-4681
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4680 (CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not ...)
+CVE-2007-4680
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4679 (CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows ...)
+CVE-2007-4679
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4678 (AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows ...)
+CVE-2007-4678
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4677 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
+CVE-2007-4677
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4676 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
+CVE-2007-4676
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4675 (Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in ...)
+CVE-2007-4675
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4674 (An &quot;integer arithmetic&quot; error in Apple QuickTime 7.2 allows remote ...)
+CVE-2007-4674
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4673 (Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP ...)
+CVE-2007-4673
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4672 (Stack-based buffer overflow in Apple QuickTime before 7.3 allows ...)
+CVE-2007-4672
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4671 (Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari ...)
+CVE-2007-4671
 	NOT-FOR-US: Safari
-CVE-2007-4670 (Unspecified vulnerability in PHP before 5.2.4 has unknown impact and ...)
+CVE-2007-4670
 	- php5 5.2.4-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: This refers to an improved fix for MOPB 03-2007, which is CVE-2007-1285 and a non-issue
-CVE-2007-4669 (The Services API in Firebird before 2.0.2 allows remote authenticated ...)
+CVE-2007-4669
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4668 (Unspecified vulnerability in the server in Firebird before 2.0.2 ...)
+CVE-2007-4668
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4667 (Unspecified vulnerability in the Services API in Firebird before 2.0.2 ...)
+CVE-2007-4667
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4666 (Unspecified vulnerability in the server in Firebird before 2.0.2, when ...)
+CVE-2007-4666
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4665 (Unspecified vulnerability in the server in Firebird before 2.0.2 ...)
+CVE-2007-4665
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4664 (Unspecified vulnerability in the (1) attach database and (2) create ...)
+CVE-2007-4664
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4663 (Directory traversal vulnerability in PHP before 5.2.4 allows attackers ...)
+CVE-2007-4663
 	- php5 5.2.4-1 (unimportant)
 	NOTE: open_basedir not supported
-CVE-2007-4662 (Buffer overflow in the php_openssl_make_REQ function in PHP before ...)
+CVE-2007-4662
 	{DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1
 	NOTE: fixed in php5/etch svn
 	NOTE: fix is at http://cvs.php.net/viewcvs.cgi/php-src/ext/openssl/openssl.c?r1=1.146&r2=1.147
-CVE-2007-4661 (The chunk_split function in string.c in PHP 5.2.3 does not properly ...)
+CVE-2007-4661
 	- php5 5.2.4-1 (unimportant)
 	NOTE: This CVE refers to an incomplete fix for CVE-2007-2872, an issue only
 	NOTE: triggerable by malicious script
-CVE-2007-4660 (Unspecified vulnerability in the chunk_split function in PHP before ...)
+CVE-2007-4660
 	{DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1
 	NOTE: fixed in php5/etch svn
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.60&r2=1.445.2.14.2.61&pathrev=PHP_5_2
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.61&r2=1.445.2.14.2.62&pathrev=PHP_5_2
-CVE-2007-4659 (The zend_alter_ini_entry function in PHP before 5.2.4 does not ...)
+CVE-2007-4659
 	{DTSA-61-1}
 	- php5 5.2.4-1 (low)
 	[etch] - php5 <no-dsa> (Backport prone to regressions, causes more problems that it does resolved, minor issue anyway)
-CVE-2007-4658 (The money_format function in PHP 5 before 5.2.4, and PHP 4 before ...)
+CVE-2007-4658
 	{DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1 (low)
 	NOTE: fixed in php5/etch svn
 	NOTE: http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.640&r2=1.641, starting "Line 7667"
 	NOTE: limited format string vulnerability, the will be put into strfmon and the format string chars are limited to i,n and %
-CVE-2007-4657 (Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before ...)
+CVE-2007-4657
 	{DSA-1578-1 DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1
 	- php4 <removed>
 	NOTE: http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.640&r2=1.641
 	NOTE: Only exploitable by malicious script
-CVE-2007-4656 (backup-manager-upload in Backup Manager before 0.6.3 provides the FTP ...)
+CVE-2007-4656
 	{DSA-1518-1}
 	- backup-manager 0.7.6-3 (bug #439392)
-CVE-2007-4655 (Multiple directory traversal vulnerabilities in CGI RESCUE Shopping ...)
+CVE-2007-4655
 	NOT-FOR-US: CGI RESCUE Shopping Basket
-CVE-2007-4654 (Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on ...)
+CVE-2007-4654
 	NOT-FOR-US: SSHield
-CVE-2007-4653 (SQL injection vulnerability in links.php in the Links MOD 1.2.2 and ...)
+CVE-2007-4653
 	NOT-FOR-US: Cisco Content Services Switch
-CVE-2007-4652 (The session extension in PHP before 5.2.4 might allow local users to ...)
+CVE-2007-4652
 	- php5 5.2.4-1 (unimportant)
 	NOTE: open_basedir() not supported
-CVE-2007-4651 (Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows ...)
+CVE-2007-4651
 	NOT-FOR-US: Adobe Connect Enterprise Server
-CVE-2007-4650 (Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow ...)
+CVE-2007-4650
 	{DSA-1404-1}
 	- gallery2 2.2.3-1
 	NOTE: does not affect gallery 1.x (package 'gallery')
-CVE-2007-4649 (MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and ...)
+CVE-2007-4649
 	NOT-FOR-US: MicroWorld eScan Virus Contro
-CVE-2007-4648 (The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak ...)
+CVE-2007-4648
 	NOT-FOR-US: Norman Virus Control
-CVE-2007-4647 (newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 2.0.9 ...)
+CVE-2007-4647
 	NOT-FOR-US: Ourspace
-CVE-2007-4646 (Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001 Lite ...)
+CVE-2007-4646
 	NOT-FOR-US: Hexamail
-CVE-2007-4645 (SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows ...)
+CVE-2007-4645
 	NOT-FOR-US: NMDeluxe
-CVE-2007-4644 (Format string vulnerability in the Cl_GetPackets function in cl_main.c ...)
+CVE-2007-4644
 	NOT-FOR-US: Doomsday/deng
-CVE-2007-4643 (Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier ...)
+CVE-2007-4643
 	NOT-FOR-US: Doomsday/deng
-CVE-2007-4642 (Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and ...)
+CVE-2007-4642
 	NOT-FOR-US: Doomsday/deng
-CVE-2007-4641 (Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and ...)
+CVE-2007-4641
 	NOT-FOR-US: Pakupaku
-CVE-2007-4640 (Unrestricted file upload vulnerability in index.php in Pakupaku CMS ...)
+CVE-2007-4640
 	NOT-FOR-US: Pakupaku
-CVE-2007-4639 (EnterpriseDB Advanced Server 8.2 does not properly handle certain ...)
+CVE-2007-4639
 	NOT-FOR-US: EnterpriseDB
-CVE-2007-4638 (Blizzard Entertainment StarCraft Brood War 1.15.1 and earlier allows ...)
+CVE-2007-4638
 	NOT-FOR-US: StarCraft
-CVE-2007-4637 (xGB.php in xGB 2.0 does not require authentication for an admin edit ...)
+CVE-2007-4637
 	NOT-FOR-US: xGB
-CVE-2007-4636 (Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 ...)
+CVE-2007-4636
 	NOT-FOR-US: phpBG
-CVE-2007-4635 (Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to ...)
+CVE-2007-4635
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-4634 (Multiple SQL injection vulnerabilities in Cisco CallManager and ...)
+CVE-2007-4634
 	NOT-FOR-US: Cisco
-CVE-2007-4633 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco ...)
+CVE-2007-4633
 	NOT-FOR-US: Cisco
-CVE-2007-4632 (Cisco IOS 12.2E, 12.2F, and 12.2S places a &quot;no login&quot; line into the ...)
+CVE-2007-4632
 	NOT-FOR-US: Cisco
-CVE-2007-4631 (The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and ...)
+CVE-2007-4631
 	- qgit 1.5.5-1.1 (bug #440950; low)
 	[etch] - qgit <no-dsa> (Minor issue)
-CVE-2007-4630 (Cross-site scripting (XSS) vulnerability in xlaapmview.asp in Absolute ...)
+CVE-2007-4630
 	NOT-FOR-US: Absolute Poll Manager
-CVE-2007-4629 (Buffer overflow in the processLine function in maptemplate.c in ...)
+CVE-2007-4629
 	{DSA-1539-1}
 	- mapserver 4.10.3-1
-CVE-2007-4628 (SQL injection vulnerability in shownews.php in phpns 1.1 allows remote ...)
+CVE-2007-4628
 	NOT-FOR-US: phpns
-CVE-2007-4627 (SQL injection vulnerability in index.php in ABC eStore 3.0 allows ...)
+CVE-2007-4627
 	NOT-FOR-US: ABC eStore
-CVE-2007-4626 (Unspecified vulnerability in Polipo before 1.0.2 allows remote ...)
+CVE-2007-4626
 	- polipo 1.0.2-1 (low)
 	[sarge] - polipo <no-dsa> (Minor issue)
 	[etch] - polipo <no-dsa> (Minor issue)
-CVE-2007-4625 (Polipo before 1.0.2 allows remote HTTP servers to cause a denial of ...)
+CVE-2007-4625
 	- polipo 1.0.2-1 (low)
 	[sarge] - polipo <no-dsa> (Minor issue)
 	[etch] - polipo <no-dsa> (Minor issue)
-CVE-2007-4624 (Cross-site scripting (XSS) vulnerability in pframe.php in AbleDesign ...)
+CVE-2007-4624
 	NOT-FOR-US: AbleDesign Dynamic Picture Frame
-CVE-2007-4623 (Stack-based buffer overflow in the sendrmt function in bellmail in IBM ...)
+CVE-2007-4623
 	NOT-FOR-US: IBM AIX
-CVE-2007-4622 (Integer underflow in the dns_name_fromtext function in (1) ...)
+CVE-2007-4622
 	NOT-FOR-US: IBM AIX
-CVE-2007-4621 (Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain ...)
+CVE-2007-4621
 	NOT-FOR-US: IBM AIX
-CVE-2007-4620 (Multiple stack-based buffer overflows in Computer Associates (CA) ...)
+CVE-2007-4620
 	NOT-FOR-US: CA products
-CVE-2007-4619 (Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC ...)
+CVE-2007-4619
 	{DSA-1469-1}
 	- flac 1.2.1-1 (medium)
-CVE-2007-4618 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 ...)
+CVE-2007-4618
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4617 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, ...)
+CVE-2007-4617
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4616 (The SSL server implementation in BEA WebLogic Server 7.0 Gold through ...)
+CVE-2007-4616
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4615 (The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 ...)
+CVE-2007-4615
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4614 (BEA WebLogic Server 9.1 does not properly handle propagation of an ...)
+CVE-2007-4614
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4613 (SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold ...)
+CVE-2007-4613
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4612 (CRLF injection vulnerability in contact.php in Moonware (aka Dale ...)
+CVE-2007-4612
 	NOT-FOR-US: Moonware
-CVE-2007-4611 (SQL injection vulnerability in viewevent.php in Moonware (aka Dale ...)
+CVE-2007-4611
 	NOT-FOR-US: Moonware
-CVE-2007-4610 (Unrestricted file upload vulnerability in config/upload.php in ...)
+CVE-2007-4610
 	NOT-FOR-US: Moonware
-CVE-2007-4609 (eyeOS uses predictable checksum values in the checknum parameter for ...)
+CVE-2007-4609
 	NOT-FOR-US: eyeOS
-CVE-2007-4608 (PHP remote file inclusion vulnerability in protection.php in ...)
+CVE-2007-4608
 	NOT-FOR-US: ePersonnel
-CVE-2007-4607 (Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll ...)
+CVE-2007-4607
 	NOT-FOR-US: EasyMailSMTPObj ActiveX control
-CVE-2007-4606 (PHP remote file inclusion vulnerability in convert/mvcw_conver.php in ...)
+CVE-2007-4606
 	NOT-FOR-US: Php-Nuke
-CVE-2007-4605 (PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual ...)
+CVE-2007-4605
 	NOT-FOR-US: Vwar
-CVE-2007-4604 (SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows ...)
+CVE-2007-4604
 	NOT-FOR-US: DL PayCart
-CVE-2007-4603 (Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 ...)
+CVE-2007-4603
 	NOT-FOR-US: ACG news
-CVE-2007-4602 (SQL injection vulnerability in cms/revert-content.php in Implied by ...)
+CVE-2007-4602
 	NOT-FOR-US: Micro-CMS
-CVE-2007-4600 (The &quot;Protect Worksheet&quot; functionality in Mathsoft Mathcad 12 through ...)
+CVE-2007-4600
 	NOT-FOR-US: Mathsoft Mathcad
-CVE-2007-4599 (Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly ...)
+CVE-2007-4599
 	NOT-FOR-US: RealPlayer
-CVE-2007-4598 (IBM SurePOS 500 has (1) a default password of &quot;12345&quot; for the manager ...)
+CVE-2007-4598
 	NOT-FOR-US: IBM
-CVE-2007-4597 (SQL injection vulnerability in index.php in TurnkeyWebTools SunShop ...)
+CVE-2007-4597
 	NOT-FOR-US: SunShop Shopping Cart
-CVE-2007-4596 (The perl extension in PHP does not follow safe_mode restrictions, ...)
+CVE-2007-4596
 	- php5 <removed> (unimportant)
 	NOTE: Safe mode violations not treated as vulnerabilities
-CVE-2007-4595 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows ...)
+CVE-2007-4595
 	NOT-FOR-US: Mayaa
-CVE-2007-4594 (Entrust Entelligence Security Provider (ESP) 8 does not properly ...)
+CVE-2007-4594
 	NOT-FOR-US: Entrust Entelligence Security Provider
-CVE-2007-4593 (Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 ...)
+CVE-2007-4593
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2007-4592 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2007-4592
 	NOT-FOR-US: Rational
-CVE-2007-4591 (vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a ...)
+CVE-2007-4591
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2007-4590 (The get_system_info command in Ignite-UX C.7.0 through C.7.3, and ...)
+CVE-2007-4590
 	NOT-FOR-US: Ignite-UX
-CVE-2007-4589 (Multiple cross-site scripting (XSS) vulnerabilities in InterWorx ...)
+CVE-2007-4589
 	NOT-FOR-US: InterWorx Hosting Control Panel
-CVE-2007-4588 (Multiple cross-site scripting (XSS) vulnerabilities in InterWorx ...)
+CVE-2007-4588
 	NOT-FOR-US: InterWorx Hosting Control Panel
-CVE-2007-4587 (Cross-site scripting (XSS) vulnerability in Easy Software Cafeteria ...)
+CVE-2007-4587
 	NOT-FOR-US: escafeWeb
-CVE-2007-4586 (Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension ...)
+CVE-2007-4586
 	NOT-FOR-US: iisfunc (windows only)
-CVE-2007-4585 (Directory traversal vulnerability in activateuser.php in 2532|Gigs ...)
+CVE-2007-4585
 	NOT-FOR-US: 2532|Gigs
-CVE-2007-4584 (Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC ...)
+CVE-2007-4584
 	- ircii-pana <removed> (medium; bug #443544)
-CVE-2007-4583 (Multiple absolute path traversal vulnerabilities in the ...)
+CVE-2007-4583
 	NOT-FOR-US: ACTi Network Video Recorder
-CVE-2007-4582 (Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX ...)
+CVE-2007-4582
 	NOT-FOR-US: ACTi Network Video Recorder
-CVE-2007-4581 (SQL injection vulnerability in acrotxt.php in WBB2-Addon: Acrotxt 1 ...)
+CVE-2007-4581
 	NOT-FOR-US: WBB2-Addon: Acrotxt 1
-CVE-2007-4601 (A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might ...)
+CVE-2007-4601
 	- tcp-wrappers 7.6.dbs-12 (bug #405342; medium)
 	[etch] - tcp-wrappers <not-affected> (Vulnerability was introduced in -10)
 	[sarge] - tcp-wrappers <not-affected> (Vulnerability was introduced in -10)
-CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows ...)
+CVE-2007-4580
 	NOT-FOR-US: BufferZone (Windows)
 CVE-2007-4579
 	REJECTED
-CVE-2007-4578 (Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows ...)
+CVE-2007-4578
 	NOT-FOR-US: Sophos
-CVE-2007-4577 (Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers ...)
+CVE-2007-4577
 	NOT-FOR-US: Sophos
 CVE-2007-4576
 	REJECTED
-CVE-2007-4575 (HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, ...)
+CVE-2007-4575
 	{DSA-1419-1}
 	- openoffice.org 2.3.1~rc1-1 (medium; bug #454463)
 	- hsqldb 1.8.0.9-1
-CVE-2007-4574 (Unspecified vulnerability in the &quot;stack unwinder fixes&quot; in kernel in ...)
+CVE-2007-4574
 	- linux-2.6 <not-affected> (Redhat specific vulnerability)
 	NOTE: I contacted the redhat security team about this, this was caused by an incomplete
 	NOTE: backport for stack unwinder fixes in the linux kernel made by them.
 	NOTE: redhat sent a reproducer to the vendor-sec list
-CVE-2007-4573 (The IA32 system call emulation functionality in Linux kernel 2.4.x and ...)
+CVE-2007-4573
 	{DSA-1504-1 DSA-1381-2 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.22-5 (medium)
-CVE-2007-4572 (Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, ...)
+CVE-2007-4572
 	{DSA-1409-3 DSA-1409-2 DSA-1409-1}
 	- samba 3.0.27-1 (high; bug #451385)
-CVE-2007-4571 (The snd_mem_proc_read function in sound/core/memalloc.c in the ...)
+CVE-2007-4571
 	{DSA-1505-1 DSA-1479-1}
 	- linux-2.6 2.6.22-5 (low; bug #444571)
 	- alsa-driver 1.0.15-1
 	NOTE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
 	NOTE: very easy to exploit locally
-CVE-2007-4570 (Algorithmic complexity vulnerability in the MCS translation daemon in ...)
+CVE-2007-4570
 	NOT-FOR-US: MCS translation daemon
-CVE-2007-4569 (backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is ...)
+CVE-2007-4569
 	{DSA-1376-1 DTSA-60-1}
 	- kdebase 4:3.5.7-4
 	[sarge] - kdebase <not-affected> (problem not present in code)
 	NOTE: http://www.kde.org/info/security/advisory-20070919-1.txt
-CVE-2007-4568 (Integer overflow in the build_range function in X.Org X Font Server ...)
+CVE-2007-4568
 	{DSA-1385-1}
 	- xfs 1:1.0.5-1
-CVE-2007-4567 (The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel ...)
+CVE-2007-4567
 	- linux-2.6 2.6.22-1
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.20)
-CVE-2007-4566 (Multiple buffer overflows in the login mechanism in sidvault in Alpha ...)
+CVE-2007-4566
 	NOT-FOR-US: SIDVault
-CVE-2007-4565 (sink.c in fetchmail before 6.3.9 allows context-dependent attackers to ...)
+CVE-2007-4565
 	{DSA-1377-2}
 	- fetchmail 6.3.8-8 (bug #440006; low)
 	[etch] - fetchmail <no-dsa> (Hardly a security problem)
 	[sarge] - fetchmail <not-affected> (problem not present in source)
-CVE-2007-4564 (Cosminexus Manager in Cosminexus Application Server 07-00 and later ...)
+CVE-2007-4564
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-4563 (Cosminexus Manager in Cosminexus Application Server 06-50 and later ...)
+CVE-2007-4563
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-4562 (Unspecified vulnerability in Hitachi DABroker before 03-02-/D and ...)
+CVE-2007-4562
 	NOT-FOR-US: Hitachi DABroker
-CVE-2007-4561 (Heap-based buffer overflow in the RTSP service in Helix DNA Server ...)
+CVE-2007-4561
 	NOT-FOR-US: Helix DNA Server
-CVE-2007-4560 (clamav-milter in ClamAV before 0.91.2, when run in black hole mode, ...)
+CVE-2007-4560
 	{DSA-1366-1}
 	- clamav 0.91.2-1~volatile1 (high)
-CVE-2007-4559 (Directory traversal vulnerability in the (1) extract and (2) ...)
+CVE-2007-4559
 	- python2.3 <removed> (unimportant)
 	- python2.4 <unfixed> (unimportant; bug #440097)
 	- python2.5 <unfixed> (unimportant; bug #440099)
@@ -5298,82 +5298,82 @@ CVE-2007-4559 (Directory traversal vulnerability in the (1) extract and (2) ...)
 	NOTE: provided by design.
 CVE-2007-4558
 	REJECTED
-CVE-2007-4557 (Cross-site scripting (XSS) vulnerability in the webacc servlet in ...)
+CVE-2007-4557
 	NOT-FOR-US: Novell
-CVE-2007-4556 (Struts support in OpenSymphony XWork before 1.2.3, and 2.x before ...)
+CVE-2007-4556
 	NOT-FOR-US: OpenSymphony XWork
-CVE-2007-4555 (Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows ...)
+CVE-2007-4555
 	NOT-FOR-US: Ipswitch WS_FTP
-CVE-2007-4554 (Cross-site scripting (XSS) vulnerability in tiki-remind_password.php ...)
+CVE-2007-4554
 	- tikiwiki <removed>
-CVE-2007-4553 (The Thomson ST 2030 SIP phone with software 1.52.1 allows remote ...)
+CVE-2007-4553
 	NOT-FOR-US: Thomson ST 2030 SIP phone
-CVE-2007-4552 (SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 ...)
+CVE-2007-4552
 	NOT-FOR-US: Agares Media Arcadem
-CVE-2007-4551 (PHP remote file inclusion vulnerability in index.php in Agares Media ...)
+CVE-2007-4551
 	NOT-FOR-US: Agares Media Arcadem
-CVE-2007-4550 (Format string vulnerability in ALPass 2.7 English and 3.02 Korean ...)
+CVE-2007-4550
 	NOT-FOR-US: ALPass
-CVE-2007-4549 (Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow ...)
+CVE-2007-4549
 	NOT-FOR-US: ALPass
-CVE-2007-4548 (The login method in LoginModule implementations in Apache Geronimo 2.0 ...)
+CVE-2007-4548
 	NOT-FOR-US: Apache Geronimo
-CVE-2007-4547 (Unreal Commander 0.92 build 565 and 573 writes portions of heap memory ...)
+CVE-2007-4547
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4546 (Unreal Commander 0.92 build 565 and 573 lists the filenames from the ...)
+CVE-2007-4546
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4545 (Multiple directory traversal vulnerabilities in Unreal Commander 0.92 ...)
+CVE-2007-4545
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4544 (Cross-site scripting (XSS) vulnerability in wp-newblog.php in ...)
+CVE-2007-4544
 	NOT-FOR-US: WordPress multi-user (MU)
-CVE-2007-4543 (Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla ...)
+CVE-2007-4543
 	- bugzilla 2.22.1-2.2 (low; bug #440106)
 	[etch] - bugzilla <no-dsa> (Affected code only shipped in example, minor issue anyway)
 	[sarge] - bugzilla <not-affected> (Vulnerable code not present)
-CVE-2007-4542 (Multiple cross-site scripting (XSS) vulnerabilities in MapServer ...)
+CVE-2007-4542
 	{DSA-1539-1}
 	- mapserver 4.10.3-1 (bug #439346)
-CVE-2007-4541 (Multiple cross-site scripting (XSS) vulnerabilities in Olate Download ...)
+CVE-2007-4541
 	NOT-FOR-US: Olate Download
-CVE-2007-4540 (Multiple SQL injection vulnerabilities in download.php in Olate ...)
+CVE-2007-4540
 	NOT-FOR-US: Olate Download
-CVE-2007-4539 (The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 ...)
+CVE-2007-4539
 	- bugzilla <not-affected> (Affected versions were never present in the archive)
-CVE-2007-4538 (email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers ...)
+CVE-2007-4538
 	- bugzilla <not-affected> (Affected versions were never present in the archive)
-CVE-2007-4537 (Heap-based buffer overflow in the Huffman decompression algorithm ...)
+CVE-2007-4537
 	NOT-FOR-US: Skulltag
-CVE-2007-4536 (TorrentTrader 1.07 and earlier sets insecure permissions for files in ...)
+CVE-2007-4536
 	NOT-FOR-US: TorrentTrader
-CVE-2007-4535 (The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows ...)
+CVE-2007-4535
 	NOT-FOR-US: Vavoom
-CVE-2007-4534 (Buffer overflow in the VThinker::BroadcastPrintf function in ...)
+CVE-2007-4534
 	NOT-FOR-US: Vavoom
-CVE-2007-4533 (Format string vulnerability in the Say command in sv_main.cpp in ...)
+CVE-2007-4533
 	NOT-FOR-US: Vavoom
-CVE-2007-4532 (Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and ...)
+CVE-2007-4532
 	NOT-FOR-US: Soldat game server
-CVE-2007-4531 (Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and ...)
+CVE-2007-4531
 	NOT-FOR-US: Soldat game server
-CVE-2007-4530 (Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak ...)
+CVE-2007-4530
 	- teamspeak-server 2.0.23.19-1
-CVE-2007-4529 (The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote ...)
+CVE-2007-4529
 	- teamspeak-server 2.0.23.19-1
-CVE-2007-4528 (The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not ...)
+CVE-2007-4528
 	NOT-FOR-US: ffi extension for php
-CVE-2007-4527 (Unrestricted file upload vulnerability in phUploader.php in phphq.Net ...)
+CVE-2007-4527
 	NOT-FOR-US: phUploader
-CVE-2007-4526 (The Client Login Extension (CLE) in Novell Identity Manager before ...)
+CVE-2007-4526
 	NOT-FOR-US: Novell Identity Manager
-CVE-2007-4525 (** DISPUTED ** ...)
+CVE-2007-4525
 	- spip 2.0.6-1
-CVE-2007-4524 (PHP remote file inclusion vulnerability in adisplay.php in PhPress ...)
+CVE-2007-4524
 	NOT-FOR-US: PhPress
-CVE-2007-4523 (Multiple cross-site scripting (XSS) vulnerabilities in Ripe Website ...)
+CVE-2007-4523
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-4522 (Multiple SQL injection vulnerabilities in Ripe Website Manager 0.8.9 ...)
+CVE-2007-4522
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-4521 (Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an ...)
+CVE-2007-4521
 	- asterisk <not-affected> (The voicemail backend is not enabled in Debian)
 	[sarge] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
 	[etch] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
@@ -5385,117 +5385,117 @@ CVE-2007-4519
 	RESERVED
 CVE-2007-4518
 	RESERVED
-CVE-2007-4517 (Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA ...)
+CVE-2007-4517
 	NOT-FOR-US: Oracle
-CVE-2007-4516 (The Volume Manager Scheduler Service (aka VxSchedService.exe) in ...)
+CVE-2007-4516
 	NOT-FOR-US: Volume Manager Scheduler Service
-CVE-2007-4515 (Buffer overflow in a certain ActiveX control in YVerInfo.dll before ...)
+CVE-2007-4515
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-4514 (Unspecified vulnerability in HP ProCurve Manager and HP ProCurve ...)
+CVE-2007-4514
 	NOT-FOR-US: HP ProCurve Manager
-CVE-2007-4513 (Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow ...)
+CVE-2007-4513
 	NOT-FOR-US: IBM AIX
-CVE-2007-4512 (Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for ...)
+CVE-2007-4512
 	NOT-FOR-US: Sophos Anti-Virus for Windows
-CVE-2007-4511 (The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply ...)
+CVE-2007-4511
 	NOT-FOR-US: Sun Application Server
-CVE-2007-4510 (ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and ...)
+CVE-2007-4510
 	{DSA-1366-1}
 	- clamav 0.91.2-1~volatile1
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
 	NOTE: Only exploitable if CL_EXPERIMENTAL is set
-CVE-2007-4509 (SQL injection vulnerability in index.php in the EventList component ...)
+CVE-2007-4509
 	NOT-FOR-US: EventList component for Joomla!
-CVE-2007-4508 (Stack-based buffer overflow in Rebellion Asura engine, as used for the ...)
+CVE-2007-4508
 	NOT-FOR-US: Rebellion Asura engine
-CVE-2007-4507 (Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 ...)
+CVE-2007-4507
 	NOT-FOR-US: External PHP component only relevant for Windows
-CVE-2007-4506 (SQL injection vulnerability in index.php in the NeoRecruit component ...)
+CVE-2007-4506
 	NOT-FOR-US: NeoRecruit component for Joomla!
-CVE-2007-4505 (SQL injection vulnerability in index.php in the RemoSitory component ...)
+CVE-2007-4505
 	NOT-FOR-US: RemoSitory component for Mambo
-CVE-2007-4504 (Directory traversal vulnerability in index.php in the RSfiles ...)
+CVE-2007-4504
 	NOT-FOR-US: RSfiles component for Joomla!
-CVE-2007-4503 (SQL injection vulnerability in index.php in the Nice Talk component ...)
+CVE-2007-4503
 	NOT-FOR-US: Nice Talk component for Joomla!
-CVE-2007-4502 (SQL injection vulnerability in index.php in the BibTeX component ...)
+CVE-2007-4502
 	NOT-FOR-US: BibTeX component for Joomla!
-CVE-2007-4501 (Unspecified vulnerability in PassphraseRequester in SSHKeychain before ...)
+CVE-2007-4501
 	NOT-FOR-US: SSHKeychain
-CVE-2007-4500 (Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 ...)
+CVE-2007-4500
 	NOT-FOR-US: SSHKeychain
-CVE-2007-4499 (Unrestricted file upload vulnerability in output.php in American ...)
+CVE-2007-4499
 	NOT-FOR-US: American Financing eMail Image Upload
-CVE-2007-4498 (The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader ...)
+CVE-2007-4498
 	NOT-FOR-US: Grandstream SIP Phone
-CVE-2007-4497 (Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build ...)
+CVE-2007-4497
 	- vmware-package 0.16
-CVE-2007-4496 (Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build ...)
+CVE-2007-4496
 	- vmware-package 0.16
-CVE-2007-4495 (Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on ...)
+CVE-2007-4495
 	NOT-FOR-US: Solaris
-CVE-2007-4494 (The tipafriend function in eZ publish before 3.8.9, and 3.9 before ...)
+CVE-2007-4494
 	- ezpublish <removed>
-CVE-2007-4493 (eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check ...)
+CVE-2007-4493
 	- ezpublish <removed>
-CVE-2007-4492 (Multiple unspecified vulnerabilities in the ata disk driver in Sun ...)
+CVE-2007-4492
 	NOT-FOR-US: Solaris
-CVE-2007-4491 (SQL injection vulnerability in uyeler2.php in Gurur haber 2.0 allows ...)
+CVE-2007-4491
 	NOT-FOR-US: Gurur haber
-CVE-2007-4490 (Multiple buffer overflows in EarthAgent.exe in Trend Micro ...)
+CVE-2007-4490
 	NOT-FOR-US: Trend Micro
-CVE-2007-4489 (Buffer overflow in the IUAComFormX ActiveX control in uacomx.ocx 2.0.1 ...)
+CVE-2007-4489
 	NOT-FOR-US: eCentrex VOIP
-CVE-2007-4488 (Multiple cross-site scripting (XSS) vulnerabilities in the Siemens ...)
+CVE-2007-4488
 	NOT-FOR-US: Siemens GigaSet firmware
-CVE-2007-4487 (Cross-site scripting (XSS) vulnerability in D22-Shoutbox for Invision ...)
+CVE-2007-4487
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4486 (Multiple PHP remote file inclusion vulnerabilities in index.php in ...)
+CVE-2007-4486
 	NOT-FOR-US: Linkliste
-CVE-2007-4485 (PHP remote file inclusion vulnerability in visitor.php in Butterfly ...)
+CVE-2007-4485
 	NOT-FOR-US: Butterfly online visitors counter
-CVE-2007-4484 (PHP remote file inclusion vulnerability in login.php in My_REFERER ...)
+CVE-2007-4484
 	NOT-FOR-US: My_REFERER
-CVE-2007-4483 (Cross-site scripting (XSS) vulnerability in index.php in the WordPress ...)
+CVE-2007-4483
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-4482 (Cross-site scripting (XSS) vulnerability in index.php in the Pool ...)
+CVE-2007-4482
 	NOT-FOR-US: Pool 1.0.7 theme for WordPress
-CVE-2007-4481 (Cross-site scripting (XSS) vulnerability in index.php in the (1) Blix ...)
+CVE-2007-4481
 	NOT-FOR-US: Rus themes for WordPress
-CVE-2007-4480 (Cross-site scripting (XSS) vulnerability in index.php in the Sirius ...)
+CVE-2007-4480
 	NOT-FOR-US: Sirius 1.0 theme for WordPress
-CVE-2007-4479 (Cross-site scripting (XSS) vulnerability in search.html in Search ...)
+CVE-2007-4479
 	NOT-FOR-US: Search Engine Builder
-CVE-2007-4478 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2007-4478
 	NOT-FOR-US: Internet Explorer
-CVE-2007-4477 (The administration interface in the Planet VC-200M VDSL2 router allows ...)
+CVE-2007-4477
 	NOT-FOR-US: Planet VC-200M VDSL2 router
-CVE-2007-4476 (Buffer overflow in the safer_name_suffix function in GNU tar has ...)
+CVE-2007-4476
 	{DSA-1566-1 DSA-1438-1}
 	- tar 1.18-1 (low; bug #441444)
 	- cpio 2.9-5 (low; bug #449222)
-CVE-2007-4475 (Stack-based buffer overflow in EAI WebViewer3D ActiveX control ...)
+CVE-2007-4475
 	NOT-FOR-US: EAI WebViewer3D ActiveX control
-CVE-2007-4474 (Multiple stack-based buffer overflows in the IBM Lotus Domino Web ...)
+CVE-2007-4474
 	NOT-FOR-US: IBM Lotus Domino Web Access
-CVE-2007-4473 (Gesytec Easylon OPC Server before 2.3.44 does not properly validate ...)
+CVE-2007-4473
 	NOT-FOR-US: Gesytec Easylon OPC Server
-CVE-2007-4472 (Multiple buffer overflows in the Broderbund Expressit 3DGreetings ...)
+CVE-2007-4472
 	NOT-FOR-US: Broderbund Expressit
-CVE-2007-4471 (Multiple unspecified vulnerabilities in the Intuit QuickBooks Online ...)
+CVE-2007-4471
 	NOT-FOR-US: QuickBooks
-CVE-2007-4470 (Multiple stack-based buffer overflows in the Earth Resource Mapping ...)
+CVE-2007-4470
 	NOT-FOR-US: Earth Resource Mapping NCSView
 CVE-2007-4469
 	RESERVED
 CVE-2007-4468
 	RESERVED
-CVE-2007-4467 (Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX ...)
+CVE-2007-4467
 	NOT-FOR-US: Oracle
-CVE-2007-4466 (Multiple stack-based buffer overflows in Electronic Arts (EA) ...)
+CVE-2007-4466
 	NOT-FOR-US: Electronic Arts (EA) SnoopyCtrl ActiveX
-CVE-2007-4465 (Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the ...)
+CVE-2007-4465
 	- apache <removed> (low)
 	- apache2 2.2.6-1 (bug #453783)
 	[sarge] - apache <no-dsa> (browser issue, low impact)
@@ -5504,258 +5504,258 @@ CVE-2007-4465 (Cross-site scripting (XSS) vulnerability in mod_autoindex.c in th
 	NOTE: Etch's default configuration not vulnerable due to AddDefaultCharset,
 	NOTE: but many users change this.
 	NOTE: The apache2 fix is actually a workaround. It will not be applied to apache 1.3.
-CVE-2007-4464 (CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total ...)
+CVE-2007-4464
 	NOT-FOR-US: Total Commander
-CVE-2007-4463 (The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted ...)
+CVE-2007-4463
 	NOT-FOR-US: Total Commander
-CVE-2007-4462 (lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to ...)
+CVE-2007-4462
 	- po4a 0.31-1 (bug #439226)
 	[etch] - po4a 0.29-1etch1
 	[sarge] - po4a 0.20-2sarge1
-CVE-2007-4461 (NuFW 2.2.3, and certain other versions after 2.0, allows remote ...)
+CVE-2007-4461
 	- nufw 2.2.4-1 (bug #439227)
 	[etch] - nufw <not-affected>
-CVE-2007-4460 (The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) ...)
+CVE-2007-4460
 	{DSA-1365-3 DSA-1365-2 DSA-1365-1}
 	- id3lib3.8.3 3.8.3-7 (low; bug #438540)
-CVE-2007-4459 (Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP ...)
+CVE-2007-4459
 	NOT-FOR-US: Cisco IP Phone
-CVE-2007-4458 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4458
 	NOT-FOR-US: Firesoft
-CVE-2007-4457 (Directory traversal vulnerability in forumreply.php in Dalai Forum 1.1 ...)
+CVE-2007-4457
 	NOT-FOR-US: Dalai Forum
-CVE-2007-4456 (SQL injection vulnerability in index.php in the SimpleFAQ ...)
+CVE-2007-4456
 	NOT-FOR-US: mambo
 	NOTE: mambo is in experimental though
-CVE-2007-4455 (The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before ...)
+CVE-2007-4455
 	- asterisk 1:1.4.11~dfsg-1
 	[sarge] - asterisk <not-affected> (not affected according to advisory)
 	[etch] - asterisk <not-affected> (not affected according to advisory)
-CVE-2007-4454 (Eval injection vulnerability in environment.php in Olate Download (od) ...)
+CVE-2007-4454
 	NOT-FOR-US: Olate Download
-CVE-2007-4453 (** DISPUTED ** ...)
+CVE-2007-4453
 	NOT-FOR-US: vBulletin
-CVE-2007-4452 (The client in Toribash 2.71 and earlier allows remote attackers to ...)
+CVE-2007-4452
 	NOT-FOR-US: Toribash
-CVE-2007-4451 (The server in Toribash 2.71 and earlier on Windows allows remote ...)
+CVE-2007-4451
 	NOT-FOR-US: Toribash
-CVE-2007-4450 (The server in Toribash 2.71 and earlier does not properly handle long ...)
+CVE-2007-4450
 	NOT-FOR-US: Toribash
-CVE-2007-4449 (The client in Toribash 2.71 and earlier allows remote attackers to ...)
+CVE-2007-4449
 	NOT-FOR-US: Toribash
-CVE-2007-4448 (The server in Toribash 2.71 and earlier does not properly handle ...)
+CVE-2007-4448
 	NOT-FOR-US: Toribash
-CVE-2007-4447 (Multiple buffer overflows in the client in Toribash 2.71 and earlier ...)
+CVE-2007-4447
 	NOT-FOR-US: Toribash
-CVE-2007-4446 (Format string vulnerability in the server in Toribash 2.71 and earlier ...)
+CVE-2007-4446
 	NOT-FOR-US: Toribash
-CVE-2007-4445 (Image Space rFactor 1.250 and earlier allows remote attackers to cause ...)
+CVE-2007-4445
 	NOT-FOR-US: Image space rfactor
-CVE-2007-4444 (Multiple buffer overflows in Image Space rFactor 1.250 and earlier ...)
+CVE-2007-4444
 	NOT-FOR-US: Image space rfactor
-CVE-2007-4443 (The UCC dedicated server for the Unreal engine, possibly 2003 and ...)
+CVE-2007-4443
 	NOT-FOR-US: Unreal on Windows
-CVE-2007-4442 (Stack-based buffer overflow in the logging function in the Unreal ...)
+CVE-2007-4442
 	NOT-FOR-US: Unreal on Windows
-CVE-2007-4441 (Buffer overflow in php_win32std.dll in the win32std extension for PHP ...)
+CVE-2007-4441
 	- php5 <not-affected> (Windows-specific)
-CVE-2007-4440 (Stack-based buffer overflow in the MercuryS SMTP server in Mercury ...)
+CVE-2007-4440
 	NOT-FOR-US: Mercury mail system
-CVE-2007-4439 (PHP remote file inclusion vulnerability in popup_window.php in ...)
+CVE-2007-4439
 	NOT-FOR-US: Squirrelcart
-CVE-2007-4438 (Session fixation vulnerability in Ampache before 3.3.3.5 allows remote ...)
+CVE-2007-4438
 	- ampache 3.3.3.5-dfsg-1 (bug #407337)
-CVE-2007-4437 (SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 ...)
+CVE-2007-4437
 	- ampache 3.3.3.5-dfsg-1 (bug #407337)
-CVE-2007-4436 (The Drupal Project module before 5.x-1.0, 4.7.x-2.3, and 4.7.x-1.3 and ...)
+CVE-2007-4436
 	- drupal <not-affected> (External addon, see bug #439379)
-CVE-2007-4435 (Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 ...)
+CVE-2007-4435
 	NOT-FOR-US: TorrentTrader
-CVE-2007-4434 (Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the ...)
+CVE-2007-4434
 	NOT-FOR-US: Text File Search ASP
-CVE-2007-4433 (Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the ...)
+CVE-2007-4433
 	NOT-FOR-US: Text File Search ASP
-CVE-2007-4432 (Untrusted search path vulnerability in the wrapper scripts for the (1) ...)
+CVE-2007-4432
 	NOT-FOR-US: SUSE
-CVE-2007-4431 (Cross-domain vulnerability in Apple Safari for Windows 3.0.3 and ...)
+CVE-2007-4431
 	NOT-FOR-US: Safari/windows
-CVE-2007-4430 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows ...)
+CVE-2007-4430
 	NOT-FOR-US: Cisco IOS
-CVE-2007-4429 (Unspecified vulnerability in Skype allows remote attackers to cause a ...)
+CVE-2007-4429
 	NOT-FOR-US: Skype
-CVE-2007-4428 (Lhaz 1.33 allows remote attackers to execute arbitrary code via ...)
+CVE-2007-4428
 	NOT-FOR-US: lhaz
-CVE-2007-4427 (Unspecified vulnerability in the login page redirection logic in the ...)
+CVE-2007-4427
 	NOT-FOR-US: InterSystems Cache
-CVE-2007-4426 (Live for Speed (LFS) S1 and S2 allows remote attackers to cause a ...)
+CVE-2007-4426
 	NOT-FOR-US: Live for Speed
-CVE-2007-4425 (Multiple buffer overflows in Live for Speed (LFS) demo, S1, and S2 ...)
+CVE-2007-4425
 	NOT-FOR-US: Live for Speed
-CVE-2007-4424 (Apple Safari for Windows 3.0.3 and earlier does not prompt the user ...)
+CVE-2007-4424
 	NOT-FOR-US: Safari
-CVE-2007-4423 (Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID ...)
+CVE-2007-4423
 	NOT-FOR-US: IBM DB2
-CVE-2007-4422 (The login interface in Symantec Enterprise Firewall 6.x, when a VPN ...)
+CVE-2007-4422
 	NOT-FOR-US: Symantec Enterprise Firewall
-CVE-2007-4421 (SQL injection vulnerability in Admin.php in Olate Download (od) 3.4.1 ...)
+CVE-2007-4421
 	NOT-FOR-US: Olate Download
-CVE-2007-4420 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4420
 	NOT-FOR-US: EDraw Office Viewer Component
-CVE-2007-4419 (Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin ...)
+CVE-2007-4419
 	NOT-FOR-US: Olate Download
-CVE-2007-4418 (IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, ...)
+CVE-2007-4418
 	NOT-FOR-US: IBM DB2
-CVE-2007-4417 (IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not ...)
+CVE-2007-4417
 	NOT-FOR-US: IBM DB2
-CVE-2007-4416 (** DISPUTED ** ...)
+CVE-2007-4416
 	NOT-FOR-US: BellaBook
-CVE-2007-4415 (Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 ...)
+CVE-2007-4415
 	NOT-FOR-US: Cisco VPN client/windows
-CVE-2007-4414 (Cisco VPN Client on Windows before 4.8.02.0010 allows local users to ...)
+CVE-2007-4414
 	NOT-FOR-US: Cisco VPN client/windows
-CVE-2007-4413 (Direct static code injection vulnerability in admincp/user_help.php in ...)
+CVE-2007-4413
 	NOT-FOR-US: Headstart Solutions DeskPRO 3.0.2
-CVE-2007-4412 (Multiple cross-site scripting (XSS) vulnerabilities in Headstart ...)
+CVE-2007-4412
 	NOT-FOR-US: Deskpro
-CVE-2007-4411 (ircu 2.10.12.05 and earlier allows remote attackers to discover the ...)
+CVE-2007-4411
 	- ircd-ircu 2.10.12.10.dfsg1-1 (low; bug #439314)
 	[etch] - ircd-ircu <no-dsa> (Minor issue)
-CVE-2007-4410 (ircu 2.10.12.05 and earlier does not properly synchronize a kick ...)
+CVE-2007-4410
 	- ircd-ircu 2.10.12.10.dfsg1-1 (low; bug #439314)
 	[etch] - ircd-ircu <no-dsa> (Minor issue)
-CVE-2007-4409 (Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote ...)
+CVE-2007-4409
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4408 (ircu 2.10.12.05 and earlier ignores timestamps in bounces, which ...)
+CVE-2007-4408
 	- ircd-ircu 2.10.12.10.dfsg1-1 (low; bug #439314)
 	[etch] - ircd-ircu <no-dsa> (Minor issue)
-CVE-2007-4407 (ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops ...)
+CVE-2007-4407
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4406 (ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after ...)
+CVE-2007-4406
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4405 (ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a ...)
+CVE-2007-4405
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4404 (ircu 2.10.12.01 allows remote attackers to (1) cause a denial of ...)
+CVE-2007-4404
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4403 (The mIRC Control Plug-in for Winamp allows user-assisted remote ...)
+CVE-2007-4403
 	NOT-FOR-US: mirc/winamp
-CVE-2007-4402 (Multiple unspecified scripts in mIRC allow user-assisted remote ...)
+CVE-2007-4402
 	NOT-FOR-US: mirc
-CVE-2007-4401 (Multiple CRLF injection vulnerabilities in the Advanced mIRC ...)
+CVE-2007-4401
 	NOT-FOR-US: mirc
-CVE-2007-4400 (CRLF injection vulnerability in the included media script in ...)
+CVE-2007-4400
 	- konversation 1.0.1-4 (low; bug #439837)
 	[etch] - konversation <no-dsa> (minor issue)
 	[sarge] - konversation <no-dsa> (minor issue)
-CVE-2007-4399 (CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX ...)
+CVE-2007-4399
 	NOT-FOR-US: xmms.bx 1.0 script for BitchX (not included in Debian package)
-CVE-2007-4398 (Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and ...)
+CVE-2007-4398
 	- irssi-scripts 20070925 (low; bug #439840)
 	- weechat-scripts 20070425-0.1 (low; bug #439839)
 	[etch] - irssi-scripts <no-dsa> (minor issue)
 	[etch] - weechat-scripts <no-dsa> (minor issue)
 	[sarge] - irssi-scripts <no-dsa> (minor issue)
-CVE-2007-4397 (Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) ...)
+CVE-2007-4397
 	NOT-FOR-US: various IRC now_playing scripts
-CVE-2007-4396 (Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) ...)
+CVE-2007-4396
 	- irssi-scripts 20070925 (low; bug #439840)
 	[etch] - irssi-scripts <no-dsa> (minor issue)
 	[sarge] - irssi-scripts <no-dsa> (minor issue)
 	NOTE: weechat-scripts does not include the mentioned scripts
-CVE-2007-4395 (Multiple unspecified vulnerabilities in the Role Based Access Control ...)
+CVE-2007-4395
 	NOT-FOR-US: Sun Solaris 8
-CVE-2007-4394 (Unspecified vulnerability in a &quot;core clean&quot; cron job created by the ...)
+CVE-2007-4394
 	NOT-FOR-US: findutils-locate on SUSE Linux
-CVE-2007-4393 (The installation script for orarun on SUSE Linux before 20070810 ...)
+CVE-2007-4393
 	NOT-FOR-US: oracle
-CVE-2007-4392 (Winamp 5.35 allows remote attackers to cause a denial of service ...)
+CVE-2007-4392
 	NOT-FOR-US: winamp
-CVE-2007-4391 (Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger ...)
+CVE-2007-4391
 	NOT-FOR-US: kakadu
-CVE-2007-4390 (The Command Line Interface (CLI), aka Adonis Administration Console, ...)
+CVE-2007-4390
 	NOT-FOR-US: BlueCat
-CVE-2007-4389 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire ...)
+CVE-2007-4389
 	NOT-FOR-US: 2wire
-CVE-2007-4388 (2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly ...)
+CVE-2007-4388
 	NOT-FOR-US: 2wire
-CVE-2007-4387 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire ...)
+CVE-2007-4387
 	NOT-FOR-US: 2wire
-CVE-2007-4386 (SQL injection vulnerability in search.php in GetMyOwnArcade allows ...)
+CVE-2007-4386
 	NOT-FOR-US: GetMyOwnArcade
-CVE-2007-4385 (OWASP Stinger before 2.5 allows remote attackers to bypass input ...)
+CVE-2007-4385
 	NOT-FOR-US: Stinger
-CVE-2007-4384 (Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in ...)
+CVE-2007-4384
 	NOT-FOR-US: Stephane Pineau VOTE
-CVE-2007-4383 (** DISPUTED ** ...)
+CVE-2007-4383
 	NOT-FOR-US: Trackeur
-CVE-2007-4382 (CounterPath X-Lite 3.0 34025, and possibly eyeBeam, allows remote ...)
+CVE-2007-4382
 	NOT-FOR-US: CounterPath X-Lite
-CVE-2007-4381 (Unspecified vulnerability in the font parsing implementation in Sun ...)
+CVE-2007-4381
 	- sun-java5 1.5.0-10-1
-CVE-2007-4380 (Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 ...)
+CVE-2007-4380
 	NOT-FOR-US: Altiris Deployment Solution
-CVE-2007-4379 (Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a ...)
+CVE-2007-4379
 	NOT-FOR-US: Babo Violent
-CVE-2007-4378 (Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and ...)
+CVE-2007-4378
 	NOT-FOR-US: Babo Violent
-CVE-2007-4377 (Stack-based buffer overflow in the IMAP service in SurgeMail 38k ...)
+CVE-2007-4377
 	NOT-FOR-US: SurgeMail
-CVE-2007-4376 (Unrestricted file upload vulnerability in banner-upload.php in Szymon ...)
+CVE-2007-4376
 	NOT-FOR-US: Szymon Kosok Best Top List
-CVE-2007-4375 (The administrative interface (aka DkService.exe) in Diskeeper 9 ...)
+CVE-2007-4375
 	NOT-FOR-US: Diskeeper
-CVE-2007-4374 (Babo Violent 2 2.08.00 does not validate the sender field of a chat ...)
+CVE-2007-4374
 	NOT-FOR-US: Babo Violent
-CVE-2007-4373 (The server in Babo Violent 2 2.08.00 and earlier does not properly ...)
+CVE-2007-4373
 	NOT-FOR-US: Babo Violent
-CVE-2007-4372 (Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server ...)
+CVE-2007-4372
 	NOT-FOR-US: SurgeMail
 CVE-2007-XXXX [pam usb wrongly allows authentication without password in ssh sessions]
 	- libpam-usb 0.4.1-1 (medium)
 	NOTE: see http://sourceforge.net/mailarchive/forum.php?thread_name=7D75703BC8E1C149BF78A1E79AAAB169B8A2E4%40svits28.main.ad.rit.edu&forum_name=pamusb-devel
 CVE-2007-XXXX [lwat sometimes logs passwords in access.log]
 	- lwat 0.15-2 (low)
-CVE-2007-4371 (Unrestricted file upload vulnerability in admin/pages/blog-add.php in ...)
+CVE-2007-4371
 	NOT-FOR-US: Neuron Blog
-CVE-2007-4370 (Multiple buffer overflows in the (1) client and (2) server in Racer ...)
+CVE-2007-4370
 	NOT-FOR-US: Racer
-CVE-2007-4369 (Directory traversal vulnerability in go/_files in SOTEeSKLEP before ...)
+CVE-2007-4369
 	NOT-FOR-US: SOTEeSKLEP
-CVE-2007-4368 (SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) ...)
+CVE-2007-4368
 	NOT-FOR-US: IBM Rational ClearQuest (CQ)
-CVE-2007-4367 (Opera before 9.23 allows remote attackers to execute arbitrary code ...)
+CVE-2007-4367
 	NOT-FOR-US: Opera
-CVE-2007-4366 (WengoPhone 2.1 allows remote attackers to cause a denial of service ...)
+CVE-2007-4366
 	- wengophone 2.1.1.dfsg0-3 (bug #438419)
-CVE-2007-4365 (Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier ...)
+CVE-2007-4365
 	NOT-FOR-US: eXV2 CMS
-CVE-2007-4364 (Fedora Commons before 2.2.1 does not properly handle certain ...)
+CVE-2007-4364
 	NOT-FOR-US: Fedora Commons
-CVE-2007-4363 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2007-4363
 	NOT-FOR-US: Drupal Content Construction Kit (CCK)
-CVE-2007-4362 (SQL injection vulnerability in category.php in Prozilla Webring allows ...)
+CVE-2007-4362
 	NOT-FOR-US: Prozilla Webring
-CVE-2007-4361 (NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta ...)
+CVE-2007-4361
 	NOT-FOR-US: ReadyNAS RAIDiator
-CVE-2007-4360 (Unspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with ...)
+CVE-2007-4360
 	NOT-FOR-US: Dell
-CVE-2007-4359 (Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems ...)
+CVE-2007-4359
 	NOT-FOR-US: JobLister3
-CVE-2007-4358 (Zoidcom 0.6.7 and earlier allows remote attackers to cause a denial of ...)
+CVE-2007-4358
 	NOT-FOR-US: Zoidcom
-CVE-2007-4357 (Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof ...)
+CVE-2007-4357
 	- mozilla-firefox <removed> (unimportant)
 	- mozilla <removed> (unimportant)
 	- iceweasel <removed> (unimportant)
 	- iceape <removed> (unimportant)
-CVE-2007-4356 (Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML ...)
+CVE-2007-4356
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-4355 (Buffer overflow in the at program on IBM AIX 5.3 allows local users to ...)
+CVE-2007-4355
 	NOT-FOR-US: AIX
-CVE-2007-4354 (Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 ...)
+CVE-2007-4354
 	NOT-FOR-US: AIX
-CVE-2007-4353 (Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in ...)
+CVE-2007-4353
 	NOT-FOR-US: AIX
-CVE-2007-4352 (Array index error in the DCTStream::readProgressiveDataUnit method in ...)
+CVE-2007-4352
 	{DSA-1537-1 DSA-1509-1 DSA-1480-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
@@ -5773,120 +5773,120 @@ CVE-2007-4352 (Array index error in the DCTStream::readProgressiveDataUnit metho
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- swftools 0.9.2+ds1-2
-CVE-2007-4351 (Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 ...)
+CVE-2007-4351
 	{DSA-1407-1 DTSA-81-1}
 	- cupsys 1.3.4-1 (medium; bug #448866)
 	- cups 1.3.4-1 (medium; bug #448866)
 	[sarge] - cupsys <not-affected> (Only vulnerable to code injection since 1.2.x, effects are harmless otherwise)
-CVE-2007-4350 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2007-4350
 	NOT-FOR-US: HP SiteScope
-CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 ...)
+CVE-2007-4349
 	NOT-FOR-US: HP OpenView Report
-CVE-2007-4348 (Cross-site scripting (XSS) vulnerability in the CAD service in IBM ...)
+CVE-2007-4348
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2007-4347 (Multiple integer overflows in the Job Engine (bengine.exe) service in ...)
+CVE-2007-4347
 	NOT-FOR-US: Job Engine
-CVE-2007-4346 (The Job Engine (bengine.exe) service in Symantec Backup Exec for ...)
+CVE-2007-4346
 	NOT-FOR-US: Job Engine
-CVE-2007-4345 (Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail ...)
+CVE-2007-4345
 	NOT-FOR-US: IMail Client
-CVE-2007-4344 (Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build ...)
+CVE-2007-4344
 	NOT-FOR-US: ACDSee
-CVE-2007-4343 (Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows ...)
+CVE-2007-4343
 	NOT-FOR-US: IrfanView
-CVE-2007-4342 (PHP remote file inclusion vulnerability in include.php in PHPCentral ...)
+CVE-2007-4342
 	NOT-FOR-US: PHPCentral
-CVE-2007-4341 (PHP remote file inclusion vulnerability in adm/my_statistics.php in ...)
+CVE-2007-4341
 	NOT-FOR-US: Omnistar Lib2 PHP
-CVE-2007-4340 (PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 ...)
+CVE-2007-4340
 	NOT-FOR-US: phpDVD
-CVE-2007-4339 (Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll ...)
+CVE-2007-4339
 	NOT-FOR-US: PHPCentral Poll Script
-CVE-2007-4338 (index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 ...)
+CVE-2007-4338
 	NOT-FOR-US: Family Connections
-CVE-2007-4337 (Multiple buffer overflows in the httplib_parse_sc_header function in ...)
+CVE-2007-4337
 	{DSA-1683-1}
 	- streamripper 1.62.2-1 (low)
-CVE-2007-4336 (Buffer overflow in the Live Picture Corporation ...)
+CVE-2007-4336
 	NOT-FOR-US: Microsoft
-CVE-2007-4335 (Format string vulnerability in the SMTP server component in Qbik ...)
+CVE-2007-4335
 	NOT-FOR-US: Qbik WinGate
-CVE-2007-4334 (Cross-site scripting (XSS) vulnerability in whois.php in Php-stats ...)
+CVE-2007-4334
 	NOT-FOR-US: Php-stats
-CVE-2007-4333 (Multiple cross-site scripting (XSS) vulnerabilities in signup.php in ...)
+CVE-2007-4333
 	NOT-FOR-US: Article Dashboard
-CVE-2007-4332 (SQL injection vulnerability in article.php in Article Dashboard, when ...)
+CVE-2007-4332
 	NOT-FOR-US: Article Dashboard
-CVE-2007-4331 (PHP remote file inclusion vulnerability in index.php in FindNix allows ...)
+CVE-2007-4331
 	NOT-FOR-US: FindNix
-CVE-2007-4330 (PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox ...)
+CVE-2007-4330
 	NOT-FOR-US: Shoutbox
-CVE-2007-4329 (Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 ...)
+CVE-2007-4329
 	NOT-FOR-US: Web News
-CVE-2007-4328 (Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder ...)
+CVE-2007-4328
 	NOT-FOR-US: Bilder Galerie
-CVE-2007-4327 (Multiple PHP remote file inclusion vulnerabilities in File Uploader ...)
+CVE-2007-4327
 	NOT-FOR-US: File Uploader
-CVE-2007-4326 (Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader ...)
+CVE-2007-4326
 	NOT-FOR-US: Bilder Uploader
-CVE-2007-4325 (PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 ...)
+CVE-2007-4325
 	NOT-FOR-US: Gaestebuch
-CVE-2007-4324 (ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other ...)
+CVE-2007-4324
 	- flashplugin-nonfree 9.0.115.0.1
 	[etch] - flashplugin-nonfree 9.0.115.0.1~etch1
 	[sarge] - flashplugin-nonfree <no-dsa> (Non-free not supported)
-CVE-2007-4323 (DenyHosts 2.6 does not properly parse sshd log files, which allows ...)
+CVE-2007-4323
 	- denyhosts 2.6-2.1 (bug #438162; medium)
 	[etch] - denyhosts 2.6-1etch1
-CVE-2007-4322 (BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) ...)
+CVE-2007-4322
 	NOT-FOR-US: BlockHosts
-CVE-2007-4321 (fail2ban 0.8 and earlier does not properly parse sshd log files, which ...)
+CVE-2007-4321
 	{DSA-1456-1}
 	- fail2ban 0.8.0-4 (bug #438187; medium)
-CVE-2007-4320 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4320
 	NOT-FOR-US: Ncaster
-CVE-2007-4319 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...)
+CVE-2007-4319
 	NOT-FOR-US: Zyxel
-CVE-2007-4318 (Cross-site scripting (XSS) vulnerability in Forms/General_1 in the ...)
+CVE-2007-4318
 	NOT-FOR-US: Zyxel
-CVE-2007-4317 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2007-4317
 	NOT-FOR-US: Zyxel
-CVE-2007-4316 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...)
+CVE-2007-4316
 	NOT-FOR-US: Zyxel
-CVE-2007-4315 (The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows ...)
+CVE-2007-4315
 	NOT-FOR-US: ATI
-CVE-2007-4314 (pixlie.php in Pixlie 1.7 allows remote attackers to trigger the ...)
+CVE-2007-4314
 	NOT-FOR-US: Pixlie
-CVE-2007-4313 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4313
 	NOT-FOR-US: Php Blue Dragon CMS
-CVE-2007-4312 (SQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 ...)
+CVE-2007-4312
 	NOT-FOR-US: Php Blue Dragon CMS
-CVE-2007-4311 (The xfer_secondary_pool function in drivers/char/random.c in the Linux ...)
+CVE-2007-4311
 	{DSA-1503-2 DSA-1503-1}
 	- linux-2.6 <not-affected> (buffer is local to the function that uses sizeof on it)
-CVE-2007-4310 (The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows ...)
+CVE-2007-4310
 	NOT-FOR-US: Solaris
-CVE-2007-4309 (IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote ...)
+CVE-2007-4309
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI ...)
+CVE-2007-4308
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1363-1}
 	- linux-2.6 2.6.22-4 (medium; bug #443694)
-CVE-2007-4307 (Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 ...)
+CVE-2007-4307
 	NOT-FOR-US: Storesprite
-CVE-2007-4306 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2007-4306
 	- phpmyadmin <unfixed> (unimportant)
 	[sarge] - phpmyadmin <not-affected>
 	NOTE: It seems that this requires knowledge of a unguessable session token.
 	NOTE: Confirmed by upstream. Sarge is not affected at all.
-CVE-2007-4305 (Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail ...)
+CVE-2007-4305
 	NOT-FOR-US: NetBSD and OpenBSD
-CVE-2007-4304 (CerbNG for FreeBSD 4.8 does not properly implement VM protection when ...)
+CVE-2007-4304
 	NOT-FOR-US: CerbNG for FreeBSD
-CVE-2007-4303 (Multiple race conditions in (1) certain rules and (2) argument copying ...)
+CVE-2007-4303
 	NOT-FOR-US: CerbNG for FreeBSD
-CVE-2007-4302 (Multiple race conditions in certain system call wrappers in Generic ...)
+CVE-2007-4302
 	NOT-FOR-US: Generic Software Wrappers Toolkit
-CVE-2007-4301 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2007-4301
 	NOT-FOR-US: WebCart
 CVE-2007-4300
 	RESERVED
@@ -5894,680 +5894,680 @@ CVE-2007-4299
 	RESERVED
 CVE-2007-4298
 	RESERVED
-CVE-2007-4297 (Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp ...)
+CVE-2007-4297
 	NOT-FOR-US: Modulu
-CVE-2007-4296 (Unspecified vulnerability in assp.pl in Anti-Spam SMTP Proxy Server ...)
+CVE-2007-4296
 	NOT-FOR-US: Anti-Spam SMTP Proxy Server
-CVE-2007-4295 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote ...)
+CVE-2007-4295
 	NOT-FOR-US: Cisco
-CVE-2007-4294 (Unspecified vulnerability in Cisco Unified Communications Manager ...)
+CVE-2007-4294
 	NOT-FOR-US: Cisco
-CVE-2007-4293 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial ...)
+CVE-2007-4293
 	NOT-FOR-US: Cisco
-CVE-2007-4292 (Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote ...)
+CVE-2007-4292
 	NOT-FOR-US: Cisco
-CVE-2007-4291 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial ...)
+CVE-2007-4291
 	NOT-FOR-US: Cisco
-CVE-2007-4290 (** DISPUTED ** ...)
+CVE-2007-4290
 	NOT-FOR-US: Guestbook Script
-CVE-2007-4289 (Sun Java System Portal Server 7.0 does not properly process XSLT ...)
+CVE-2007-4289
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2007-4288 (Microsoft Windows Media Player 11 (wmplayer.exe) allows user-assisted ...)
+CVE-2007-4288
 	NOT-FOR-US: Microsoft
-CVE-2007-4287 (PHP remote file inclusion vulnerability in fc_functions/fc_example.php ...)
+CVE-2007-4287
 	NOT-FOR-US: FishCart
-CVE-2007-4286 (Buffer overflow in the Next Hop Resolution Protocol (NHRP) ...)
+CVE-2007-4286
 	NOT-FOR-US: Cisco
-CVE-2007-4285 (Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to ...)
+CVE-2007-4285
 	NOT-FOR-US: Cisco
-CVE-2007-4284 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
+CVE-2007-4284
 	NOT-FOR-US: Cisco
-CVE-2007-4283 (PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in ...)
+CVE-2007-4283
 	NOT-FOR-US: Coppermine Photo Gallery (CPG)
-CVE-2007-4282 (The &quot;Extended properties for entries&quot; (entryproperties) plugin in ...)
+CVE-2007-4282
 	- serendipity 1.1.4-1
 	[etch] - serendipity <not-affected> (introduced in 1.1.x)
-CVE-2007-4281 (Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source ...)
+CVE-2007-4281
 	- knowledgetree <removed>
-CVE-2007-4279 (PHP remote file inclusion vulnerability in config.php in ...)
+CVE-2007-4279
 	NOT-FOR-US: FrontAccounting
-CVE-2007-4278 (Stack-based buffer overflow in the giomgr process in ESRI ArcSDE ...)
+CVE-2007-4278
 	NOT-FOR-US: ESRI ArcSDE
-CVE-2007-4277 (The Trend Micro AntiVirus scan engine before 8.550-1001, as used in ...)
+CVE-2007-4277
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2007-4276 (Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 ...)
+CVE-2007-4276
 	NOT-FOR-US: IBM DB2
-CVE-2007-4275 (Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before ...)
+CVE-2007-4275
 	NOT-FOR-US: IBM DB2
 CVE-2007-4274
 	REJECTED
-CVE-2007-4273 (IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local ...)
+CVE-2007-4273
 	NOT-FOR-US: IBM DB2
-CVE-2007-4272 (Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 ...)
+CVE-2007-4272
 	NOT-FOR-US: IBM DB2
-CVE-2007-4271 (Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 ...)
+CVE-2007-4271
 	NOT-FOR-US: IBM DB2
-CVE-2007-4270 (Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 ...)
+CVE-2007-4270
 	NOT-FOR-US: IBM DB2
-CVE-2007-4269 (Integer overflow in the Networking component in Apple Mac OS X 10.4 ...)
+CVE-2007-4269
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4268 (Integer signedness error in the Networking component in Apple Mac OS X ...)
+CVE-2007-4268
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4267 (Stack-based buffer overflow in the Networking component in Apple Mac ...)
+CVE-2007-4267
 	NOT-FOR-US: Apple Mac OS X
 CVE-2007-4266
 	RESERVED
-CVE-2007-4265 (Multiple cross-site scripting (XSS) vulnerabilities in VisionProject ...)
+CVE-2007-4265
 	NOT-FOR-US: VisionProject
-CVE-2007-4264 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-4264
 	NOT-FOR-US: snif
-CVE-2007-4280 (The Skinny channel driver (chan_skinny) in Asterisk Open Source before ...)
+CVE-2007-4280
 	- asterisk 1:1.4.10~dfsg-1
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-019.htm
 	[sarge] - asterisk <not-affected> (not affected according to advisory)
 	[etch] - asterisk <not-affected> (not affected according to advisory)
-CVE-2007-4263 (Unspecified vulnerability in the server side of the Secure Copy (SCP) ...)
+CVE-2007-4263
 	NOT-FOR-US: Cisco
-CVE-2007-4262 (Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and ...)
+CVE-2007-4262
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4261 (EZPhotoSales 1.9.3 and earlier stores sensitive information under the ...)
+CVE-2007-4261
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4260 (EZPhotoSales 1.9.3 and earlier has a default &quot;admin&quot; account for ...)
+CVE-2007-4260
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4259 (EZPhotoSales 1.9.3 and earlier allows remote attackers to download ...)
+CVE-2007-4259
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4258 (SQL injection vulnerability in directory.php in Prozilla Pub Site ...)
+CVE-2007-4258
 	NOT-FOR-US: Prozilla
-CVE-2007-4257 (Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow ...)
+CVE-2007-4257
 	NOT-FOR-US: Live for Speed
-CVE-2007-4256 (Directory traversal vulnerability in showpage.cgi in YNP Portal System ...)
+CVE-2007-4256
 	NOT-FOR-US: YNP Portal System
-CVE-2007-4255 (Buffer overflow in the mSQL extension in PHP 5.2.3 allows ...)
+CVE-2007-4255
 	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script
-CVE-2007-4254 (Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL ...)
+CVE-2007-4254
 	NOT-FOR-US: Microsoft
-CVE-2007-4253 (SQL injection vulnerability in the News module in modules.php in ...)
+CVE-2007-4253
 	NOT-FOR-US: Envolution
-CVE-2007-4252 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4252
 	NOT-FOR-US: CHILKAT ASP String
-CVE-2007-4251 (OpenOffice.org (OOo) 2.2 does not properly handle files with multiple ...)
+CVE-2007-4251
 	- openoffice.org <unfixed> (unimportant)
 	NOTE: Only a crasher with malformed documents
-CVE-2007-4250 (The isChecked function in Toolbar.DLL in Advanced Searchbar before ...)
+CVE-2007-4250
 	NOT-FOR-US: Advanced Searchbar
-CVE-2007-4249 (The isChecked function in Toolbar.DLL in the ExportNation toolbar for ...)
+CVE-2007-4249
 	NOT-FOR-US: ExportNation toolbar
-CVE-2007-4248 (The CallCmd function in toolbar_gaming.dll in the Toolbar Gaming ...)
+CVE-2007-4248
 	NOT-FOR-US: Toolbar Gaming toolbar
-CVE-2007-4247 (Windows Calendar on Microsoft Windows Vista allows remote attackers to ...)
+CVE-2007-4247
 	NOT-FOR-US: Microsoft
-CVE-2007-4246 (Unspecified vulnerability, possibly a buffer overflow, in Justsystem ...)
+CVE-2007-4246
 	NOT-FOR-US: Justsystem Ichitaro
-CVE-2007-4245 (Cross-site scripting (XSS) vulnerability in Search.php in DiMeMa ...)
+CVE-2007-4245
 	NOT-FOR-US: DiMeMa CONTENTdm
-CVE-2007-4244 (PHP remote file inclusion vulnerability in langset.php in J! ...)
+CVE-2007-4244
 	NOT-FOR-US: Joomla!
-CVE-2007-4243 (Unspecified vulnerability in pfilter-reporter.pl in Astaro Security ...)
+CVE-2007-4243
 	NOT-FOR-US: Astaro Security Gateway
-CVE-2007-4242 (The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform ...)
+CVE-2007-4242
 	NOT-FOR-US: Astaro Security Gateway
-CVE-2007-4241 (Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for ...)
+CVE-2007-4241
 	NOT-FOR-US: Hewlett-Packard
-CVE-2007-4240 (The check_logout function in class/auth.php in Help Center Live (hcl) ...)
+CVE-2007-4240
 	NOT-FOR-US: Help Center Live
-CVE-2007-4239 (Cross-site scripting (XSS) vulnerability in user/forgotPassStep2.jsp ...)
+CVE-2007-4239
 	NOT-FOR-US: C-SAM oneWallet
-CVE-2007-4238 (AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, ...)
+CVE-2007-4238
 	NOT-FOR-US: AIX
-CVE-2007-4237 (Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte ...)
+CVE-2007-4237
 	NOT-FOR-US: AIX
-CVE-2007-4236 (Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows ...)
+CVE-2007-4236
 	NOT-FOR-US: AIX
-CVE-2007-4235 (Multiple PHP remote file inclusion vulnerabilities in VietPHP allow ...)
+CVE-2007-4235
 	NOT-FOR-US: VietPHP
-CVE-2007-4234 (Unspecified vulnerability in Camera Life before 2.6 allows remote ...)
+CVE-2007-4234
 	NOT-FOR-US: Camera Life
-CVE-2007-4233 (Multiple unspecified vulnerabilities in Camera Life before 2.6 allow ...)
+CVE-2007-4233
 	NOT-FOR-US: Camera Life
-CVE-2007-4232 (PHP remote file inclusion vulnerability in admin/inc/change_action.php ...)
+CVE-2007-4232
 	NOT-FOR-US: PHPNews
-CVE-2007-4231 (PHP remote file inclusion vulnerability in order/login.php in IDevSpot ...)
+CVE-2007-4231
 	NOT-FOR-US: PhpHostBot
-CVE-2007-4230 (** DISPUTED ** ...)
+CVE-2007-4230
 	NOT-FOR-US: BellaBiblio
-CVE-2007-4229 (Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows ...)
+CVE-2007-4229
 	- kdebase <unfixed> (unimportant)
 	NOTE: Browser DoS not treated as vulnerabilities
-CVE-2007-4228 (rmpvc on IBM AIX 4.3 allows local users to cause a denial of service ...)
+CVE-2007-4228
 	NOT-FOR-US: AIX
-CVE-2007-4227 (Microsoft Windows Explorer (explorer.exe) allows user-assisted remote ...)
+CVE-2007-4227
 	NOT-FOR-US: Microsoft
-CVE-2007-4226 (Directory traversal vulnerability in the BlueCat Networks Proteus IPAM ...)
+CVE-2007-4226
 	NOT-FOR-US: BlueCat Networks Proteus IPAM appliance
-CVE-2007-4225 (Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote ...)
+CVE-2007-4225
 	- kdebase 4:3.5.7-3 (bug #433072; low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
-CVE-2007-4224 (KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address ...)
+CVE-2007-4224
 	- kdebase 4:3.5.7-3 (bug #433072; low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
-CVE-2007-4223 (Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an ...)
+CVE-2007-4223
 	NOT-FOR-US: Microsoft Sysinternals DebugView
-CVE-2007-4222 (Buffer overflow in the TagAttributeListCopy function in nnotes.dll in ...)
+CVE-2007-4222
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-4221 (Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for ...)
+CVE-2007-4221
 	NOT-FOR-US: Motorola Timbuktu
-CVE-2007-4220 (Directory traversal vulnerability in Motorola Timbuktu Pro before ...)
+CVE-2007-4220
 	NOT-FOR-US: Motorola Timbuktu
-CVE-2007-4219 (Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as ...)
+CVE-2007-4219
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-4218 (Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) ...)
+CVE-2007-4218
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-4217 (Stack-based buffer overflow in the domacro function in ftp in IBM AIX ...)
+CVE-2007-4217
 	NOT-FOR-US: IBM AIX
-CVE-2007-4216 (vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before ...)
+CVE-2007-4216
 	NOT-FOR-US: ZoneAlarm
 CVE-2007-4215
 	RESERVED
 CVE-2007-4214
 	RESERVED
-CVE-2007-4213 (Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote ...)
+CVE-2007-4213
 	NOT-FOR-US: Palm OS
-CVE-2007-4212 (Multiple cross-site scripting (XSS) vulnerabilities in the Search ...)
+CVE-2007-4212
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-4211 (The ACL plugin in Dovecot before 1.0.3 allows remote authenticated ...)
+CVE-2007-4211
 	- dovecot 1:1.0.3-2 (low)
 	[etch] - dovecot <no-dsa> (minor issue)
 	[sarge] - dovecot <no-dsa> (minor issue)
-CVE-2007-4210 (Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) ...)
+CVE-2007-4210
 	NOT-FOR-US: LANAI CMS
-CVE-2007-4209 (SQL injection vulnerability in Recherche.php in Aceboard forum allows ...)
+CVE-2007-4209
 	NOT-FOR-US: Aceboard forum
-CVE-2007-4208 (SQL injection vulnerability in default.asp in Next Gen Portfolio ...)
+CVE-2007-4208
 	NOT-FOR-US: Next Gen Portfolio Manager
-CVE-2007-4207 (SQL injection vulnerability in admin_console/index.asp in Gallery In A ...)
+CVE-2007-4207
 	NOT-FOR-US: Gallery In A Box
-CVE-2007-4206 (Kaspersky Anti-Spam 3.0 MP1 before Critical Fix 2 (3.0.278.4) sets ...)
+CVE-2007-4206
 	NOT-FOR-US: Kaspersky Anti-Spam
-CVE-2007-4205 (XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance ...)
+CVE-2007-4205
 	NOT-FOR-US: BlueCat Networks Adonis
-CVE-2007-4204 (Hitachi Groupmax Collaboration - Schedule, as used in Groupmax ...)
+CVE-2007-4204
 	NOT-FOR-US: Hitachi Groupmax Collaboration
-CVE-2007-4203 (Session fixation vulnerability in Mambo 4.6.2 CMS allows remote ...)
+CVE-2007-4203
 	NOT-FOR-US: Mambo
-CVE-2007-4202 (Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly ...)
+CVE-2007-4202
 	NOT-FOR-US: Guidance Software EnCase
-CVE-2007-4201 (Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume ...)
+CVE-2007-4201
 	NOT-FOR-US: Guidance Software EnCase
-CVE-2007-4200 (ntfs.c in fsstat in Brian Carrier The Sleuth Kit (TSK) before 2.09 ...)
+CVE-2007-4200
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4199 (Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted ...)
+CVE-2007-4199
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4198 (The fs_data_put_str function in ntfs.c in fls in Brian Carrier The ...)
+CVE-2007-4198
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4197 (icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 omits NULL ...)
+CVE-2007-4197
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4196 (icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 misinterprets a ...)
+CVE-2007-4196
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4195 (Use-after-free vulnerability in ext2fs.c in Brian Carrier The Sleuth ...)
+CVE-2007-4195
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4194 (Guidance Software EnCase 5.0 allows user-assisted remote attackers to ...)
+CVE-2007-4194
 	NOT-FOR-US: Guidance Software EnCase
-CVE-2007-4193 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2007-4193
 	NOT-FOR-US: DVD Rental System
-CVE-2007-4192 (Multiple cross-site scripting (XSS) vulnerabilities in IDE Group DVD ...)
+CVE-2007-4192
 	NOT-FOR-US: DVD Rental System
-CVE-2007-4191 (Panda Antivirus 2008 stores service executables under the product's ...)
+CVE-2007-4191
 	NOT-FOR-US: Panda Antivirus
-CVE-2007-4190 (CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) ...)
+CVE-2007-4190
 	NOT-FOR-US: Joomla!
-CVE-2007-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2007-4189
 	NOT-FOR-US: Joomla!
-CVE-2007-4188 (Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) ...)
+CVE-2007-4188
 	NOT-FOR-US: Joomla!
-CVE-2007-4187 (Multiple eval injection vulnerabilities in the com_search component in ...)
+CVE-2007-4187
 	NOT-FOR-US: Joomla!
-CVE-2007-4186 (PHP remote file inclusion vulnerability in admin.tour_toto.php in the ...)
+CVE-2007-4186
 	NOT-FOR-US: Joomla! addon
-CVE-2007-4185 (Joomla! 1.0.12 allows remote attackers to obtain sensitive information ...)
+CVE-2007-4185
 	NOT-FOR-US: Joomla!
-CVE-2007-4184 (SQL injection vulnerability in administrator/popups/pollwindow.php in ...)
+CVE-2007-4184
 	NOT-FOR-US: Joomla!
-CVE-2007-4183 (SQL injection vulnerability in main.php in paBugs 2.0 Beta 3 and ...)
+CVE-2007-4183
 	NOT-FOR-US: paBugs
-CVE-2007-4182 (Unrestricted file upload vulnerability in index.php in WikiWebWeaver ...)
+CVE-2007-4182
 	NOT-FOR-US: WikiWebWeaver
-CVE-2007-4181 (** DISPUTED ** ...)
+CVE-2007-4181
 	NOT-FOR-US: Pluck
-CVE-2007-4180 (** DISPUTED ** ...)
+CVE-2007-4180
 	NOT-FOR-US: Pluck
-CVE-2007-4179 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
+CVE-2007-4179
 	NOT-FOR-US: HPUX
-CVE-2007-4178 (Cross-site scripting (XSS) vulnerability in index.php in WebDirector ...)
+CVE-2007-4178
 	NOT-FOR-US: Webdirector
-CVE-2007-4177 (Multiple cross-site scripting (XSS) vulnerabilities in Interact before ...)
+CVE-2007-4177
 	NOT-FOR-US: Interact
-CVE-2007-4176 (Multiple unspecified vulnerabilities in EQDKP Plus before 0.4.4.5 have ...)
+CVE-2007-4176
 	NOT-FOR-US: EQDKP Plus
-CVE-2007-4175 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-4175
 	NOT-FOR-US: Openrat CMS
-CVE-2007-4174 (Tor before 0.1.2.16, when ControlPort is enabled, does not properly ...)
+CVE-2007-4174
 	- tor 0.1.2.16-1 (medium)
-CVE-2007-4173 (SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali ...)
+CVE-2007-4173
 	NOT-FOR-US: Hunkaray Okul Portali
-CVE-2007-4172 (Multiple cross-site scripting (XSS) vulnerabilities in Open Webmail ...)
+CVE-2007-4172
 	NOT-FOR-US: Openwebmail
-CVE-2007-4171 (SQL injection vulnerability in komentar.php in the Forum Module for ...)
+CVE-2007-4171
 	NOT-FOR-US: Aura CMS
-CVE-2007-4170 (Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 ...)
+CVE-2007-4170
 	NOT-FOR-US: AL-Athkar
-CVE-2007-4169 (** DISPUTED ** ...)
+CVE-2007-4169
 	NOT-FOR-US: vgallite
-CVE-2007-4167 (PHP remote file inclusion vulnerability in cat_viewed.php in ...)
+CVE-2007-4167
 	NOT-FOR-US: AL-Caricatier
-CVE-2007-4166 (Cross-site scripting (XSS) vulnerability in index.php in the Unnamed ...)
+CVE-2007-4166
 	NOT-FOR-US: Xu Yiyang
-CVE-2007-4165 (Cross-site scripting (XSS) vulnerability in index.php in the Blue ...)
+CVE-2007-4165
 	- wordpress <not-affected> (Wordpress doesn't ship this theme)
-CVE-2007-4164 (CRLF injection vulnerability in the redirect feature in Sun Java ...)
+CVE-2007-4164
 	NOT-FOR-US: IndexScript
-CVE-2007-4163 (Multiple SQL injection vulnerabilities in IndexScript 2.7 and 2.8 ...)
+CVE-2007-4163
 	NOT-FOR-US: IndexScript
-CVE-2007-4162 (TIBCO Rendezvous (RV) 7.5.2 does not protect confidentiality or ...)
+CVE-2007-4162
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4161 (rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might ...)
+CVE-2007-4161
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4160 (The default configuration of TIBCO Rendezvous (RV) 7.5.2 clients, when ...)
+CVE-2007-4160
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4159 (index.html in the HTTP administration interface in certain daemons in ...)
+CVE-2007-4159
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4158 (Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and ...)
+CVE-2007-4158
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4157 (PHPBlogger stores sensitive information under the web root with ...)
+CVE-2007-4157
 	NOT-FOR-US: PHPBlogger
-CVE-2007-4156 (Multiple SQL injection vulnerabilities in wolioCMS allow remote ...)
+CVE-2007-4156
 	NOT-FOR-US: wolioCMS
-CVE-2007-4155 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4155
 	- vmware-package 0.16
-CVE-2007-4154 (SQL injection vulnerability in options.php in WordPress 2.2.1 allows ...)
+CVE-2007-4154
 	{DSA-1564-1}
 	- wordpress 2.2.2-1
-CVE-2007-4153 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 ...)
+CVE-2007-4153
 	{DSA-1564-1}
 	- wordpress 2.2.2-1 (low)
 	NOTE: see issue 4690 and 4691 in wordpress trac
-CVE-2007-4152 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit ...)
+CVE-2007-4152
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4151 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit ...)
+CVE-2007-4151
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4150 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit ...)
+CVE-2007-4150
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4149 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit ...)
+CVE-2007-4149
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4148 (Heap-based buffer overflow in the Visionsoft Audit on Demand Service ...)
+CVE-2007-4148
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4147 (Multiple unspecified vulnerabilities in Interspire ArticleLive NX ...)
+CVE-2007-4147
 	NOT-FOR-US: Interspire ArticleLive NX
-CVE-2007-4146 (Cross-site scripting (XSS) vulnerability in webevent.cgi in WebEvent ...)
+CVE-2007-4146
 	NOT-FOR-US: WebEvent
-CVE-2007-4145 (Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX ...)
+CVE-2007-4145
 	NOT-FOR-US: BlueSkychat
-CVE-2007-4144 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-4144
 	NOT-FOR-US: MitriDAT eMail Form Processor Pro
-CVE-2007-4143 (user.php in the Billing Control Panel in phpCoupon allows remote ...)
+CVE-2007-4143
 	NOT-FOR-US: Billing Control Panel in phpCoupon
-CVE-2007-4142 (Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server ...)
+CVE-2007-4142
 	NOT-FOR-US: IBM Lotus Sametime Server
-CVE-2007-4141 (OpenRat CMS 0.8-beta1 and earlier allows remote attackers to obtain ...)
+CVE-2007-4141
 	NOT-FOR-US: OpenRat CMS
-CVE-2007-4140 (Buffer overflow in Live for Speed (LFS) S2 ALPHA PATCH 0.5x allows ...)
+CVE-2007-4140
 	NOT-FOR-US: Live for Speed
-CVE-2007-4139 (Cross-site scripting (XSS) vulnerability in the Temporary Uploads ...)
+CVE-2007-4139
 	NOT-FOR-US: Temporary Uploads
-CVE-2007-4138 (The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in ...)
+CVE-2007-4138
 	- samba 3.0.26-1
 	[etch] - samba <not-affected> (Vulnerable code was introduced in 3.0.25)
 	[sarge] - samba <not-affected> (Vulnerable code was introduced in 3.0.25)
-CVE-2007-4137 (Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech ...)
+CVE-2007-4137
 	{DSA-1426-1}
 	- qt-x11-free 3:3.3.7-8 (medium; bug #442780)
 	- qt4-x11 <not-affected> (Not exploitable according to upstream)
-CVE-2007-4136 (The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to ...)
+CVE-2007-4136
 	NOT-FOR-US: Conga
-CVE-2007-4135 (The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle ...)
+CVE-2007-4135
 	- libnfsidmap 0.18-0 (low; bug #442935)
 	NOTE: https://issues.rpath.com/browse/RPL-1731
-CVE-2007-4134 (Directory traversal vulnerability in extract.c in star before 1.5a84 ...)
+CVE-2007-4134
 	- star 1.5a67-1.1 (bug #440100; low)
 	[etch] - star <no-dsa> (Minor issue)
-CVE-2007-4133 (The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions ...)
+CVE-2007-4133
 	{DSA-1504-1 DSA-1381-2}
 	- linux-2.6 2.6.20-1
-CVE-2007-4132 (Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 ...)
+CVE-2007-4132
 	NOT-FOR-US: Red Hat Satellite Server
-CVE-2007-4131 (Directory traversal vulnerability in the contains_dot_dot function in ...)
+CVE-2007-4131
 	{DSA-1438-1}
 	- tar 1.18-2 (medium; bug #439335)
-CVE-2007-4130 (The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux ...)
+CVE-2007-4130
 	- linux-2.6 2.6.12-1 (low)
 	NOTE: a fix is included in 2.6, see line 854 mempolicy.c
 	NOTE: it was maybe fixed earlier, 2.6.12 is the first version in git
 	NOTE: which I can see and ships the fix
-CVE-2007-4129 (CoolKey 1.1.0 allows local users to overwrite arbitrary files via a ...)
+CVE-2007-4129
 	- coolkey 1.1.0-3
-CVE-2007-4128 (SQL injection vulnerability in index.php in the Firestorm Technologies ...)
+CVE-2007-4128
 	NOT-FOR-US: com_gmaps for Joomla!
-CVE-2007-4127 (** DISPUTED ** ...)
+CVE-2007-4127
 	NOT-FOR-US: Ralf Image Gallery
-CVE-2007-4126 (Unspecified vulnerability in the dynamic tracing framework (DTrace) on ...)
+CVE-2007-4126
 	NOT-FOR-US: Sun Solaris
-CVE-2007-4125 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
+CVE-2007-4125
 	NOT-FOR-US: HP-UX
-CVE-2007-4124 (The session failover function in Cosminexus Component Container in ...)
+CVE-2007-4124
 	NOT-FOR-US: Cosminexus
-CVE-2007-4123 (The Groupmax Scheduler_Facilities management tool in Hitachi Groupmax ...)
+CVE-2007-4123
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2007-4122 (Unspecified vulnerability in Hitachi JP1/Cm2/Hierarchical Viewer (HV) ...)
+CVE-2007-4122
 	NOT-FOR-US: Hitachi Hierarchical Viewer
-CVE-2007-4121 (Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce ...)
+CVE-2007-4121
 	NOT-FOR-US: E-Commerce Scripts Shopping Cart Script
-CVE-2007-4120 (** DISPUTED ** ...)
+CVE-2007-4120
 	NOT-FOR-US: vBulletin
-CVE-2007-4119 (Multiple SQL injection vulnerabilities in yonetici.asp in Berthanas ...)
+CVE-2007-4119
 	NOT-FOR-US: Defteri
-CVE-2007-4118 (PHP remote file inclusion vulnerability in includes/functions.inc.php ...)
+CVE-2007-4118
 	NOT-FOR-US: phpVoter
-CVE-2007-4117 (** DISPUTED ** ...)
+CVE-2007-4117
 	NOT-FOR-US: phpVoter
 CVE-2007-XXXX [teamspeak-server arbitrary file disclosure]
 	- teamspeak-server 2.0.23.19-1 (bug #435707; medium)
 CVE-2007-XXXX [tor insufficient authentication on control port]
 	- tor 0.1.2.16-1
-CVE-2007-4116 (SQL injection vulnerability in philboard_forum.asp in Metyus Forum ...)
+CVE-2007-4116
 	NOT-FOR-US: Metyus Forum Portal
-CVE-2007-4115 (Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) ...)
+CVE-2007-4115
 	NOT-FOR-US: IT!CMS (itcms)
-CVE-2007-4114 (Multiple SQL injection vulnerabilities in unuttum.asp in ...)
+CVE-2007-4114
 	NOT-FOR-US: SuskunDuygular Uyelik Sistemi
-CVE-2007-4113 (Unspecified vulnerability in Advanced Webhost Billing System (AWBS) ...)
+CVE-2007-4113
 	NOT-FOR-US: Advanced Webhost Billing System (AWBS)
-CVE-2007-4112 (Multiple SQL injection vulnerabilities in Advanced Webhost Billing ...)
+CVE-2007-4112
 	NOT-FOR-US: Advanced Webhost Billing System (AWBS)
-CVE-2007-4111 (SQL injection vulnerability in the login script in Real Estate listing ...)
+CVE-2007-4111
 	NOT-FOR-US: Real Estate listing website
-CVE-2007-4110 (SQL injection vulnerability in sign_in.aspx in Message Board / ...)
+CVE-2007-4110
 	NOT-FOR-US: Message Board / Threaded Discussion Forum Application Template
-CVE-2007-4109 (SQL injection vulnerability in sign_in.aspx in WebStore (Online Store ...)
+CVE-2007-4109
 	NOT-FOR-US: WebStore (Online StoreWebStore (Online Store Application Template)
-CVE-2007-4108 (SQL injection vulnerability in sign_in.aspx in WebEvents (Online Event ...)
+CVE-2007-4108
 	NOT-FOR-US: WebEvents (Online Event Registration Template)
-CVE-2007-4107 (SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 ...)
+CVE-2007-4107
 	NOT-FOR-US: phpMyForum
-CVE-2007-4106 (SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - ...)
+CVE-2007-4106
 	NOT-FOR-US: CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface
-CVE-2007-4105 (A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 ...)
+CVE-2007-4105
 	NOT-FOR-US: Baidu Soba Search Bar
-CVE-2007-4104 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2007-4104
 	NOT-FOR-US: WP-FeedStats plugin for WordPress
-CVE-2007-4103 (The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before ...)
+CVE-2007-4103
 	- asterisk 1:1.4.9~dfsg-1
 	[etch] - asterisk <not-affected> (Only 1.2.20, 1.2.21, 1.2.21.1 and 1.2.22 affected)
 	[sarge] - asterisk <not-affected> (1.0 not affected)
-CVE-2007-4102 (Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 ...)
+CVE-2007-4102
 	NOT-FOR-US: sBlog
-CVE-2007-4101 (Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 ...)
+CVE-2007-4101
 	NOT-FOR-US: Madoa Poll
-CVE-2007-4100 (MLDonkey before 2.9.0 does not load certain code from ...)
+CVE-2007-4100
 	- mldonkey 2.9.0-1 (bug #435439)
 	[etch] - mldonkey <no-dsa> (Minor issue)
-CVE-2007-4099 (Tor before 0.1.2.15 can select a guard node beyond the first listed ...)
+CVE-2007-4099
 	- tor 0.1.2.15-1
-CVE-2007-4098 (Tor before 0.1.2.15 does not properly distinguish &quot;streamids from ...)
+CVE-2007-4098
 	- tor 0.1.2.15-1
-CVE-2007-4097 (Tor before 0.1.2.15 sends &quot;destroy cells&quot; containing the reason for ...)
+CVE-2007-4097
 	- tor 0.1.2.15-1
-CVE-2007-4096 (Buffer overflow in Tor before 0.1.2.15, when using BSD natd support, ...)
+CVE-2007-4096
 	- tor 0.1.2.15-1
-CVE-2007-4095 (SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows ...)
+CVE-2007-4095
 	NOT-FOR-US: BSM Store Dependent Forums
-CVE-2007-4094 (PHP remote file inclusion vulnerability in library/authorize.php in ...)
+CVE-2007-4094
 	NOT-FOR-US: IDevSpot PhpHostBot
-CVE-2007-4093 (Minb Is Not a Blog (minb) stores sensitive information under the web ...)
+CVE-2007-4093
 	NOT-FOR-US: Minb Is Not a Blog (minb)
-CVE-2007-4092 (Directory traversal vulnerability in index.php in iFoto 1.0.1 and ...)
+CVE-2007-4092
 	NOT-FOR-US: iFoto
-CVE-2007-4091 (Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow ...)
+CVE-2007-4091
 	{DSA-1360-1}
 	- rsync 2.6.9-5 (bug #438125; medium)
-CVE-2007-4090 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard ...)
+CVE-2007-4090
 	NOT-FOR-US: Vikingboard
-CVE-2007-4089 (Vikingboard 0.1.2 allows remote attackers to obtain sensitive ...)
+CVE-2007-4089
 	NOT-FOR-US: Vikingboard
-CVE-2007-4088 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard ...)
+CVE-2007-4088
 	NOT-FOR-US: Vikingboard
-CVE-2007-4087 (AlstraSoft Video Share Enterprise allows remote attackers to obtain ...)
+CVE-2007-4087
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-4086 (Multiple SQL injection vulnerabilities in AlstraSoft Video Share ...)
+CVE-2007-4086
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-4085 (Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow ...)
+CVE-2007-4085
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2007-4084 (Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network ...)
+CVE-2007-4084
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2007-4083 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft ...)
+CVE-2007-4083
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2007-4082 (Cross-site scripting (XSS) vulnerability in contact_author.php ...)
+CVE-2007-4082
 	NOT-FOR-US: AlstraSoft Article Manager Pro
-CVE-2007-4081 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft ...)
+CVE-2007-4081
 	NOT-FOR-US: AlstraSoft Affiliate Network Pro
-CVE-2007-4080 (Cross-site scripting (XSS) vulnerability in index.php AlstraSoft ...)
+CVE-2007-4080
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4079 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft SMS ...)
+CVE-2007-4079
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4078 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Text ...)
+CVE-2007-4078
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4077 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft ...)
+CVE-2007-4077
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4076 (Multiple SQL injection vulnerabilities in index.asp in Alisveris ...)
+CVE-2007-4076
 	NOT-FOR-US: Alisveris Sitesi Scripti
-CVE-2007-4075 (Cross-site scripting (XSS) vulnerability in index.asp in Alisveris ...)
+CVE-2007-4075
 	NOT-FOR-US: Alisveris Sitesi Scripti
-CVE-2007-4074 (The default configuration of Centre for Speech Technology Research ...)
+CVE-2007-4074
 	- festival 1.96~beta-6 (bug #435445; low)
 	[etch] - festival <no-dsa> (Minor issue)
-CVE-2007-4073 (Webbler CMS before 3.1.6 does not properly restrict use of &quot;mail a ...)
+CVE-2007-4073
 	NOT-FOR-US: Webbler CMS
-CVE-2007-4072 (Webbler CMS before 3.1.6 provides the full installation path within ...)
+CVE-2007-4072
 	NOT-FOR-US: Webbler CMS
-CVE-2007-4071 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-4071
 	NOT-FOR-US: Webbler CMS
-CVE-2007-4070 (Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun ...)
+CVE-2007-4070
 	- lbxproxy <removed>
-CVE-2007-4069 (SQL injection vulnerability in show_cat.php in IndexScript 2.8 and ...)
+CVE-2007-4069
 	NOT-FOR-US: IndexScript
-CVE-2007-4068 (Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote ...)
+CVE-2007-4068
 	NOT-FOR-US: Webyapar
-CVE-2007-4067 (Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ...)
+CVE-2007-4067
 	NOT-FOR-US: Clever Internet ActiveX Suite
-CVE-2007-4066 (Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow ...)
+CVE-2007-4066
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1
 	NOTE: svn revisionsions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780
-CVE-2007-4065 (lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 ...)
+CVE-2007-4065
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1
 	NOTE: Just an infinite loop in an enduser multimedia libarary, not treated as a vulnerability
 	NOTE: svn revisionions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780
-CVE-2007-4064 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...)
+CVE-2007-4064
 	- drupal 4.7.7-1 (low)
 	- drupal5 5.2-1 (low)
 	[sarge] - drupal <not-affected> (Only Drupal 5.x is affected)
-CVE-2007-4063 (Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal ...)
+CVE-2007-4063
 	- drupal5 5.2-1 (low)
 	NOTE: DRUPAL-SA-2007-017
-CVE-2007-4062 (The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus ...)
+CVE-2007-4062
 	- nessus-core <not-affected> (Windows only)
-CVE-2007-4061 (Directory traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4061
 	- nessus-core <not-affected> (Windows only)
-CVE-2007-4060 (Multiple buffer overflows in the HttpSprockMake function in http.c in ...)
+CVE-2007-4060
 	NOT-FOR-US: corehttp
-CVE-2007-4059 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4059
 	- vmware-package 0.16
-CVE-2007-4058 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4058
 	- vmware-package 0.16
-CVE-2007-4057 (Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio ...)
+CVE-2007-4057
 	NOT-FOR-US: Neocrome Seditio
-CVE-2007-4056 (SQL injection vulnerability in directory.php in Prozilla Adult ...)
+CVE-2007-4056
 	NOT-FOR-US: Adult Directory
-CVE-2007-4055 (SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 ...)
+CVE-2007-4055
 	NOT-FOR-US: SimpleBlog
-CVE-2007-4054 (SQL injection vulnerability in category.php in PHP123 Top Sites allows ...)
+CVE-2007-4054
 	NOT-FOR-US: PHP123 Top Sites
-CVE-2007-4053 (SQL injection vulnerability in include/img_view.class.php in LinPHA ...)
+CVE-2007-4053
 	NOT-FOR-US: LinPHA
-CVE-2007-4052 (Cross-site scripting (XSS) vulnerability in utilities/login.asp in ...)
+CVE-2007-4052
 	NOT-FOR-US: nukedit
-CVE-2007-4051 (Heap-based buffer overflow in the FindFiles function in UltraDefrag ...)
+CVE-2007-4051
 	NOT-FOR-US: UltraDefrag
-CVE-2007-4050 (Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta ...)
+CVE-2007-4050
 	NOT-FOR-US: ADempiere Bazaar
 CVE-2007-4049
 	REJECTED
-CVE-2007-4048 (Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo ...)
+CVE-2007-4048
 	{DTSA-58-1}
 	- phpsysinfo 2.5.1-6.1 (unimportant; bug #435935)
 	- phpgroupware 0.9.16.012-1 (low; bug #435936; bug #472685)
 	[etch] - phpgroupware <not-affected> (Affected code is not used in phpgroupware)
 	- egroupware 1.2.107-2.dfsg-1.1 (low; bug #435937)
 	NOTE: phpsysinfo alone doesn't maintain any data, which makes this an issue
-CVE-2007-4047 (geoBlog (aka BitDamaged) 1 does not require authentication for (1) ...)
+CVE-2007-4047
 	NOT-FOR-US: geoBlog
-CVE-2007-4046 (SQL injection vulnerability in index.php in the Pony Gallery ...)
+CVE-2007-4046
 	NOT-FOR-US: Pony Gallery
-CVE-2007-4045 (The CUPS service, as used in SUSE Linux before 20070720 and other ...)
+CVE-2007-4045
 	- cupsys 1.2
 	- cups 1.2
 	NOTE: Since 1.2 allocation has changed and this issue is no longer exploitable
 CVE-2007-4044
 	REJECTED
-CVE-2007-4043 (file.cgi in Secure Computing SecurityReporter (aka Network Security ...)
+CVE-2007-4043
 	NOT-FOR-US: Secure Computing SecurityReporter
-CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape Navigator 9 ...)
+CVE-2007-4042
 	NOT-FOR-US: Netscape Navigator
-CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 ...)
+CVE-2007-4041
 	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5-1
-CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook and ...)
+CVE-2007-4040
 	NOT-FOR-US: Micrsoft Outlook
-CVE-2007-4039 (Argument injection vulnerability involving Mozilla, when certain URIs ...)
+CVE-2007-4039
 	- icedove <not-affected> (Windows-specific)
-CVE-2007-4038 (Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, ...)
+CVE-2007-4038
 	{DSA-1338-1}
 	- iceweasel 2.0.0.5-1
-CVE-2007-4037 (** DISPUTED ** ...)
+CVE-2007-4037
 	NOT-FOR-US: Guidance Software
-CVE-2007-4036 (** DISPUTED ** ...)
+CVE-2007-4036
 	NOT-FOR-US: Guidance Software
-CVE-2007-4035 (** DISPUTED ** ...)
+CVE-2007-4035
 	NOT-FOR-US: Guidance Software
-CVE-2007-4034 (Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! ...)
+CVE-2007-4034
 	NOT-FOR-US: Yahoo! Widgets
-CVE-2007-4033 (Buffer overflow in the intT1_EnvGetCompletePath function in ...)
+CVE-2007-4033
 	{DSA-1390-1}
 	- t1lib 5.1.0-3 (bug #439927)
 	NOTE: originally posted as a php vuln, actually in libt1
 	NOTE: http://www.securityfocus.com/bid/25079 (particularly the discussions)
-CVE-2007-4032 (Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote ...)
+CVE-2007-4032
 	NOT-FOR-US: CrystalPlayer
-CVE-2007-4031 (Directory traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-4031
 	NOT-FOR-US: Nessus ActiveX control
 CVE-2007-4030
 	RESERVED
-CVE-2007-4029 (libvorbis 1.1.2, and possibly other versions before 1.2.0, allows ...)
+CVE-2007-4029
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1 (medium; bug #437916)
 	NOTE: svn revisions fixing this https://bugzilla.redhat.com/show_bug.cgi?id=249780
-CVE-2007-4028 (Absolute path traversal vulnerability in index.php in Webspell 4.01.02 ...)
+CVE-2007-4028
 	NOT-FOR-US: WebSPELL
-CVE-2007-4027 (Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might allow ...)
+CVE-2007-4027
 	NOT-FOR-US: Areca
-CVE-2007-4026 (epesi framework before 0.8.6 does not properly verify file extensions, ...)
+CVE-2007-4026
 	NOT-FOR-US: epesi
-CVE-2007-4025 (Unspecified vulnerability in Sun Java System (SJS) Application Server ...)
+CVE-2007-4025
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2007-4024 (Cross-site scripting (XSS) vulnerability in W1L3D4_aramasonuc.asp in ...)
+CVE-2007-4024
 	NOT-FOR-US: W1L3D4
-CVE-2007-4023 (Cross-site scripting (XSS) vulnerability in the login CGI program in ...)
+CVE-2007-4023
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2007-4022 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-4022
 	NOT-FOR-US: cPanel
-CVE-2007-4021 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+CVE-2007-4021
 	NOT-FOR-US: Brain Book Software Secure
-CVE-2007-4020 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+CVE-2007-4020
 	NOT-FOR-US: AdMan
 CVE-2007-4019
 	REJECTED
 CVE-2007-5645
 	REJECTED
-CVE-2007-4018 (Citrix Access Gateway Advanced Edition before firmware 4.5.5 allows ...)
+CVE-2007-4018
 	NOT-FOR-US: Citrix
-CVE-2007-4017 (Cross-site request forgery (CSRF) vulnerability in the web-based ...)
+CVE-2007-4017
 	NOT-FOR-US: Citrix
-CVE-2007-4016 (Unspecified vulnerability in the client components in Citrix Access ...)
+CVE-2007-4016
 	NOT-FOR-US: Citrix
 CVE-2007-4015
 	REJECTED
-CVE-2007-4014 (Cross-site scripting (XSS) vulnerability in a certain index.php ...)
+CVE-2007-4014
 	NOT-FOR-US: Blix themes for WordPress
-CVE-2007-4013 (Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka ...)
+CVE-2007-4013
 	NOT-FOR-US: Citrix
-CVE-2007-4012 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 ...)
+CVE-2007-4012
 	NOT-FOR-US: Cisco
-CVE-2007-4011 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 ...)
+CVE-2007-4011
 	NOT-FOR-US: Cisco
-CVE-2007-4010 (The win32std extension in PHP 5.2.3 does not follow safe_mode and ...)
+CVE-2007-4010
 	- php5 <not-affected> (Windows-specific issue)
-CVE-2007-4009 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-4009
 	NOT-FOR-US: SWSoft Confixx
-CVE-2007-4008 (Directory traversal vulnerability in custom.php in Entertainment Media ...)
+CVE-2007-4008
 	NOT-FOR-US: Entertainment CMS
-CVE-2007-4007 (PHP remote file inclusion vulnerability in index.php in Article ...)
+CVE-2007-4007
 	NOT-FOR-US: Article Directory
-CVE-2007-4006 (Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has ...)
+CVE-2007-4006
 	NOT-FOR-US: Mike Dubman Windows RSH daemon
-CVE-2007-4005 (Stack-based buffer overflow in Mike Dubman Windows RSH daemon (rshd) ...)
+CVE-2007-4005
 	NOT-FOR-US: Mike Dubman Windows RSH daemon
-CVE-2007-4004 (Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows ...)
+CVE-2007-4004
 	NOT-FOR-US: IBM AIX
-CVE-2007-4003 (pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code ...)
+CVE-2007-4003
 	NOT-FOR-US: IBM AIX
 CVE-2007-4002
 	RESERVED
 CVE-2007-4001
 	RESERVED
-CVE-2007-4000 (The kadm5_modify_policy_internal function in ...)
+CVE-2007-4000
 	- krb5 1.6.dfsg.1-7 (high)
 	[etch] - krb5 <not-affected> (Vulnerable code not present)
 	[sarge] - krb5 <not-affected> (Vulnerable code not present)
-CVE-2007-3999 (Stack-based buffer overflow in the svcauth_gss_validate function in ...)
+CVE-2007-3999
 	{DSA-1368-1 DSA-1367-1}
 	- librpcsecgss 0.14-3
 	- krb5 1.6.dfsg.1-7 (high)
 	[sarge] - krb5 <not-affected> (Vulnerable code not present)
-CVE-2007-3998 (The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, ...)
+CVE-2007-3998
 	{DSA-1578-1 DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1 (low)
 	- php4 <removed> (low)
@@ -6577,11 +6577,11 @@ CVE-2007-3998 (The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2
 	NOTE: so maybe this is already fixed in 5.2.3, not sure
 	NOTE: fixed in php5/etch svn
 	NOTE: http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.63&r2=1.445.2.14.2.64
-CVE-2007-3997 (The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP ...)
+CVE-2007-3997
 	- php5 5.2.4-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: only exploitable by malicious script
-CVE-2007-3996 (Multiple integer overflows in libgd in PHP before 5.2.4 allow remote ...)
+CVE-2007-3996
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (bug #443456; medium)
 	- libwmf <unfixed> (unimportant)
@@ -6593,178 +6593,178 @@ CVE-2007-3995
 	RESERVED
 CVE-2007-3994
 	RESERVED
-CVE-2007-3993 (Unspecified vulnerability in the attachment filter in Kerio MailServer ...)
+CVE-2007-3993
 	NOT-FOR-US: Kerio MailServer
-CVE-2007-3992 (SQL injection vulnerability in vir_login.asp in iExpress Property Pro ...)
+CVE-2007-3992
 	NOT-FOR-US: iExpress Property Pro
-CVE-2007-3991 (Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp ...)
+CVE-2007-3991
 	NOT-FOR-US: Asp cvmatik
-CVE-2007-3990 (SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the ...)
+CVE-2007-3990
 	NOT-FOR-US: Dora Emlak
-CVE-2007-3989 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+CVE-2007-3989
 	NOT-FOR-US: Dora Emlak
-CVE-2007-3988 (Session fixation vulnerability in Virtual Hosting Control System ...)
+CVE-2007-3988
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2007-3987 (SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, ...)
+CVE-2007-3987
 	NOT-FOR-US: ImageRacer
-CVE-2007-3986 (file.cgi in Secure Computing SecurityReporter (aka Network Security ...)
+CVE-2007-3986
 	NOT-FOR-US: Secure Computing SecurityReporter
-CVE-2007-3985 (Directory traversal vulnerability in file.cgi in Secure Computing ...)
+CVE-2007-3985
 	NOT-FOR-US: Secure Computing SecurityReporter
-CVE-2007-3984 (Buffer overflow in a certain ActiveX control in the NixonMyPrograms ...)
+CVE-2007-3984
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-3983 (Absolute path traversal vulnerability in the Data Dynamics ...)
+CVE-2007-3983
 	NOT-FOR-US: ActiveReports
-CVE-2007-3982 (Absolute path traversal vulnerability in the Data Dynamics ...)
+CVE-2007-3982
 	NOT-FOR-US: ActiveReports
-CVE-2007-3981 (SQL injection vulnerability in index.php in WSN Links Basic Edition ...)
+CVE-2007-3981
 	NOT-FOR-US: WSN Links
-CVE-2007-3980 (PHP remote file inclusion vulnerability in page.php in RCMS Pro ...)
+CVE-2007-3980
 	NOT-FOR-US: RCMS Pro RGameScript Pro
-CVE-2007-3979 (SQL injection vulnerability in index.php in BlogSite Professional (aka ...)
+CVE-2007-3979
 	NOT-FOR-US: BlogSite Professional
-CVE-2007-3978 (Session fixation vulnerability in bwired allows remote attackers to ...)
+CVE-2007-3978
 	NOT-FOR-US: bwired
-CVE-2007-3977 (Cross-site scripting (XSS) vulnerability in bwired allows remote ...)
+CVE-2007-3977
 	NOT-FOR-US: bwired
-CVE-2007-3976 (SQL injection vulnerability in index.php in bwired allows remote ...)
+CVE-2007-3976
 	NOT-FOR-US: bwired
-CVE-2007-3975 (Cross-site scripting (XSS) vulnerability in index.php in Elite Forum ...)
+CVE-2007-3975
 	NOT-FOR-US: Elite Forum
-CVE-2007-3974 (admin/ajoutaut.php in JBlog 1.0 does not require authentication, which ...)
+CVE-2007-3974
 	NOT-FOR-US: JBlog
-CVE-2007-3973 (Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow ...)
+CVE-2007-3973
 	NOT-FOR-US: JBlog
-CVE-2007-3972 (ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a ...)
+CVE-2007-3972
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-3971 (Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote ...)
+CVE-2007-3971
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-3970 (Race condition in ESET NOD32 Antivirus before 2.2289 allows remote ...)
+CVE-2007-3970
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-3969 (Buffer overflow in Panda Antivirus before 20070720 allows remote ...)
+CVE-2007-3969
 	NOT-FOR-US: Panda Antivirus
-CVE-2007-3968 (index.php in dirLIST before 0.1.1 allows remote attackers to list the ...)
+CVE-2007-3968
 	NOT-FOR-US: dirLIST
-CVE-2007-3967 (Directory traversal vulnerability in index.php in PHP Directory Lister ...)
+CVE-2007-3967
 	NOT-FOR-US: dirLIST
-CVE-2007-3966 (SQL injection vulnerability in Munch Pro allows remote attackers to ...)
+CVE-2007-3966
 	NOT-FOR-US: Munch Pro
-CVE-2007-3965 (Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and ...)
+CVE-2007-3965
 	NOT-FOR-US: uFMOD
-CVE-2007-3964 (Itaka before 0.2.1, when using Authentication mode, allows remote ...)
+CVE-2007-3964
 	NOT-FOR-US: Itaka
-CVE-2007-3963 (Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, ...)
+CVE-2007-3963
 	NOT-FOR-US: UseBB
-CVE-2007-3962 (Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 ...)
+CVE-2007-3962
 	NOT-FOR-US: fsplib, vulnerable code not present in lib.c from fsp source package
-CVE-2007-3961 (Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib ...)
+CVE-2007-3961
 	NOT-FOR-US: fsplib, vulnerable code not present in lib.c from fsp source package
-CVE-2007-3960 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
+CVE-2007-3960
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-3959 (The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier ...)
+CVE-2007-3959
 	NOT-FOR-US: Ipswitch Collaboration Suite (ICS)
-CVE-2007-3958 (Microsoft Windows Explorer (explorer.exe) allows user-assisted remote ...)
+CVE-2007-3958
 	NOT-FOR-US: Microsoft
-CVE-2007-3957 (Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote ...)
+CVE-2007-3957
 	NOT-FOR-US: Nipun Jain xserver
-CVE-2007-3956 (TeamSpeak WebServer 2.0 for Windows does not validate parameter value ...)
+CVE-2007-3956
 	- teamspeak-server 2.0.23.19-1 (bug #435707)
-CVE-2007-3955 (Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in ...)
+CVE-2007-3955
 	NOT-FOR-US: LinkedIn Toolbar
-CVE-2007-3954 (Argument injection vulnerability in Microsoft Internet Explorer, when ...)
+CVE-2007-3954
 	NOT-FOR-US: Microsoft
-CVE-2007-3953 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote ...)
+CVE-2007-3953
 	NOT-FOR-US: Norman Antivirus
-CVE-2007-3952 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote ...)
+CVE-2007-3952
 	NOT-FOR-US: Norman Antivirus
-CVE-2007-3951 (Multiple buffer overflows in Norman Antivirus 5.90 allow remote ...)
+CVE-2007-3951
 	NOT-FOR-US: Norman Antivirus
-CVE-2007-3950 (lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers ...)
+CVE-2007-3950
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #434888)
-CVE-2007-3949 (mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters ...)
+CVE-2007-3949
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #434888)
-CVE-2007-3948 (connections.c in lighttpd before 1.4.16 might accept more connections ...)
+CVE-2007-3948
 	- lighttpd 1.4.16-1 (low; bug #434888)
-CVE-2007-3947 (request.c in lighttpd 1.4.15 allows remote attackers to cause a denial ...)
+CVE-2007-3947
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #428368)
 	[etch] - libghttpd <no-dsa> (Accidentally omitted in DSA, but doesn't warrant another update itself)
-CVE-2007-3946 (mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote ...)
+CVE-2007-3946
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #434888)
-CVE-2007-3945 (Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly ...)
+CVE-2007-3945
 	NOT-FOR-US: Rule Set Based Access Control (RSBAC)
-CVE-2007-3944 (Multiple heap-based buffer overflows in the Perl Compatible Regular ...)
+CVE-2007-3944
 	NOT-FOR-US: MobileSafari
-CVE-2007-3943 (SQL injection vulnerability in Infinite Responder before 1.48 allows ...)
+CVE-2007-3943
 	NOT-FOR-US: Infinite Responder
-CVE-2007-3942 (** DISPUTED ** ...)
+CVE-2007-3942
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-3941 (Cross-site scripting (XSS) vulnerability in profile.php in Jasmine CMS ...)
+CVE-2007-3941
 	NOT-FOR-US: Jasmine CMS
-CVE-2007-3940 (Cross-site scripting (XSS) vulnerability in default.asp in QuickerSite ...)
+CVE-2007-3940
 	NOT-FOR-US: QuickerSite
-CVE-2007-3939 (SQL injection vulnerability in index.php in SpoonLabs Vivvo Article ...)
+CVE-2007-3939
 	NOT-FOR-US: Vivvo Article Management CMS
-CVE-2007-3938 (SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) ...)
+CVE-2007-3938
 	NOT-FOR-US: MAXdev MDPro (MD-Pro)
-CVE-2007-3937 (Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier ...)
+CVE-2007-3937
 	NOT-FOR-US: A-shop
-CVE-2007-3936 (Directory traversal vulnerability in admin/filebrowser.asp in A-shop ...)
+CVE-2007-3936
 	NOT-FOR-US: A-shopA-shop
-CVE-2007-3935 (PHP remote file inclusion vulnerability in link_main.php in the ...)
+CVE-2007-3935
 	NOT-FOR-US: SupaNav
-CVE-2007-3934 (PHP remote file inclusion vulnerability in postscript/postscript.php ...)
+CVE-2007-3934
 	NOT-FOR-US: BBS E-Market
-CVE-2007-3933 (SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and ...)
+CVE-2007-3933
 	NOT-FOR-US: QuickEStore
-CVE-2007-3932 (uploadimg.php in the Expose RC35 and earlier (com_expose) component ...)
+CVE-2007-3932
 	NOT-FOR-US: Expose RC35 for Joomla
-CVE-2007-3931 (The wrap_setuid_third_party_application function in the installation ...)
+CVE-2007-3931
 	NOT-FOR-US: Samsung SCX-4200 Driver installation script
-CVE-2007-3930 (Interpretation conflict between Microsoft Internet Explorer and ...)
+CVE-2007-3930
 	NOT-FOR-US: Microsoft
-CVE-2007-3929 (Use-after-free vulnerability in the BitTorrent support in Opera before ...)
+CVE-2007-3929
 	NOT-FOR-US: Opera
-CVE-2007-3928 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote ...)
+CVE-2007-3928
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-3927 (Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 ...)
+CVE-2007-3927
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-3926 (Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to ...)
+CVE-2007-3926
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-3925 (Multiple buffer overflows in the IMAP service (imapd32.exe) in ...)
+CVE-2007-3925
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-3924 (Argument injection vulnerability in Microsoft Internet Explorer, when ...)
+CVE-2007-3924
 	NOT-FOR-US: Microsoft
-CVE-2007-3923 (The Common Internet File System (CIFS) optimization in Cisco Wide Area ...)
+CVE-2007-3923
 	NOT-FOR-US: Cisco
-CVE-2007-3922 (Unspecified vulnerability in the Java Runtime Environment (JRE) Applet ...)
+CVE-2007-3922
 	- sun-java5 1.5.0-12-2
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-02-1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3921 (gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files ...)
+CVE-2007-3921
 	{DSA-1402-1}
 	- gforge 4.6.99+svn6169-1
-CVE-2007-3920 (GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not ...)
+CVE-2007-3920
 	{DTSA-75-1}
 	[etch] - gnome-screensaver <not-affected> (Affected Compiz not present in Etch version)
 	[etch] - xorg-server <not-affected> (Affected Compiz not present in Etch version)
 	- gnome-screensaver 2.20.0-1.1
 	- xorg-server 2:1.4.1~git20080118-1 (bug #449108; medium)
-CVE-2007-3919 ((1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local ...)
+CVE-2007-3919
 	{DSA-1395-1}
 	- xen-unstable 3.0-unstable+hg11561-1 (low; bug #464044)
 	- xen-3 3.1.2-1 (low)
-CVE-2007-3918 (Cross-site scripting (XSS) vulnerability in account/verify.php in ...)
+CVE-2007-3918
 	{DSA-1383-1}
 	- gforge 4.6.99+svn6094-1
-CVE-2007-3917 (The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before ...)
+CVE-2007-3917
 	{DSA-1386-1}
 	- wesnoth 1.2.7-1
-CVE-2007-3916 (The main function in skkdic-expr.c in SKK Tools 1.2 allows local users ...)
+CVE-2007-3916
 	- skktools 1.2+0.20061004-3 (low)
 	[sarge] - skktools <no-dsa> (Minor issue)
 	[etch] - skktools <no-dsa> (Minor issue)
@@ -6773,76 +6773,76 @@ CVE-2007-3915 [mondo insecure handling of temporary files]
 	- mondo 2.24-2 (low)
 CVE-2007-3914
 	RESERVED
-CVE-2007-3913 (SQL injection vulnerability in Gforge before 3.1 allows remote ...)
+CVE-2007-3913
 	{DSA-1369-1 DTSA-57-1}
 	- gforge 4.6.99+svn6086-1
-CVE-2007-3912 (checkrestart in debian-goodies before 0.34 allows local users to gain ...)
+CVE-2007-3912
 	{DSA-1527-1}
 	- debian-goodies 0.34 (bug #440411; medium)
-CVE-2007-3911 (Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka ...)
+CVE-2007-3911
 	NOT-FOR-US: BakBone NetVault Reporter
-CVE-2007-3910 (Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows ...)
+CVE-2007-3910
 	- bandersnatch <removed> (low; bug #435709)
-CVE-2007-3909 (Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow ...)
+CVE-2007-3909
 	- bandersnatch <removed> (low; bug #435709)
-CVE-2007-3908 (Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat ...)
+CVE-2007-3908
 	NOT-FOR-US: HP ServiceGuard
-CVE-2007-3907 (Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 ...)
+CVE-2007-3907
 	NOT-FOR-US: LedgerSMB
-CVE-2007-3906 (Unspecified vulnerability in Kaspersky Anti-Virus for Check Point ...)
+CVE-2007-3906
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-3905 (SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote ...)
+CVE-2007-3905
 	{DSA-1389-2 DSA-1389-1}
 	- zoph 0.7.0.2-1 (bug #435711)
 CVE-2007-3904
 	REJECTED
-CVE-2007-3903 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2007-3903
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3902 (Use-after-free vulnerability in the CRecalcProperty function in ...)
+CVE-2007-3902
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3901 (Stack-based buffer overflow in the DirectShow Synchronized Accessible ...)
+CVE-2007-3901
 	NOT-FOR-US: Microsoft DirectX
 CVE-2007-3900
 	REJECTED
-CVE-2007-3899 (Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, ...)
+CVE-2007-3899
 	NOT-FOR-US: Microsoft Word
-CVE-2007-3898 (The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 ...)
+CVE-2007-3898
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-3897 (Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, ...)
+CVE-2007-3897
 	NOT-FOR-US: Outlook Express
-CVE-2007-3896 (The URL handling in Shell32.dll in the Windows shell in Microsoft ...)
+CVE-2007-3896
 	NOT-FOR-US: Windows
-CVE-2007-3895 (Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 ...)
+CVE-2007-3895
 	NOT-FOR-US: Microsoft DirectX
 CVE-2007-3894
 	REJECTED
-CVE-2007-3893 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 through ...)
+CVE-2007-3893
 	NOT-FOR-US: Internet Explorer
-CVE-2007-3892 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to ...)
+CVE-2007-3892
 	NOT-FOR-US: Internet Explorer
-CVE-2007-3891 (Unspecified vulnerability in Windows Vista Weather Gadgets in Windows ...)
+CVE-2007-3891
 	NOT-FOR-US: Windows Vista
-CVE-2007-3890 (Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, ...)
+CVE-2007-3890
 	NOT-FOR-US: Microsoft
-CVE-2007-3889 (Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and ...)
+CVE-2007-3889
 	NOT-FOR-US: Insanely Simple Blog
-CVE-2007-3888 (Multiple cross-site scripting (XSS) vulnerabilities in Insanely Simple ...)
+CVE-2007-3888
 	NOT-FOR-US: Insanely Simple Blog
-CVE-2007-3887 (Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp ...)
+CVE-2007-3887
 	NOT-FOR-US: ASP Ziyaretci Defteri
-CVE-2007-3886 (Cross-site scripting (XSS) vulnerability in default.asp in Element CMS ...)
+CVE-2007-3886
 	NOT-FOR-US: Element CMS
-CVE-2007-3885 (Cross-site scripting (XSS) vulnerability in philboard_search.asp in ...)
+CVE-2007-3885
 	NOT-FOR-US: husrevforum
-CVE-2007-3884 (SQL injection vulnerability in philboard_forum.asp in husrevforum ...)
+CVE-2007-3884
 	NOT-FOR-US: husrevforum
-CVE-2007-3883 (The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and ...)
+CVE-2007-3883
 	NOT-FOR-US: Data Dynamics ActiveBar ActiveX control
-CVE-2007-3882 (SQL injection vulnerability in index.php in Expert Advisor allows ...)
+CVE-2007-3882
 	NOT-FOR-US: Expert Advisor
-CVE-2007-3881 (SQL injection vulnerability in index.php in Pictures Rating (Picture ...)
+CVE-2007-3881
 	NOT-FOR-US: Pictures Rating
-CVE-2007-3880 (Format string vulnerability in srsexec in Sun Remote Services (SRS) ...)
+CVE-2007-3880
 	NOT-FOR-US: Net Connect
 CVE-2007-3879
 	RESERVED
@@ -6850,187 +6850,187 @@ CVE-2007-3878
 	RESERVED
 CVE-2007-3877
 	RESERVED
-CVE-2007-3876 (Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows ...)
+CVE-2007-3876
 	NOT-FOR-US: SMB (Apple Mac OS X)
-CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) ...)
+CVE-2007-3875
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-3874 (Directory traversal vulnerability in the tftp/mftp daemon in the PXE ...)
+CVE-2007-3874
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2007-3873 (Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI ...)
+CVE-2007-3873
 	NOT-FOR-US: SSAPI Engine
-CVE-2007-3872 (Multiple stack-based buffer overflows in the Shared Trace Service ...)
+CVE-2007-3872
 	NOT-FOR-US: HP OpenView
-CVE-2007-3871 (Stampit Web uses guessable id values for online stamp purchases, which ...)
+CVE-2007-3871
 	NOT-FOR-US: Stampit
 CVE-2007-XXXX [dokuwiki XSS in spellchecker]
 	- dokuwiki 0.0.20070626b-1 (unimportant; bug #434134)
 	NOTE: IE browser bug are not treated as security issues in packages applications
-CVE-2007-3870 (Multiple unspecified vulnerabilities in the Human Capital Management ...)
+CVE-2007-3870
 	NOT-FOR-US: Oracle
-CVE-2007-3869 (Multiple unspecified vulnerabilities in the Customer Relationship ...)
+CVE-2007-3869
 	NOT-FOR-US: Oracle
-CVE-2007-3868 (Multiple unspecified vulnerabilities in PeopleTools in Oracle ...)
+CVE-2007-3868
 	NOT-FOR-US: Oracle
-CVE-2007-3867 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2007-3867
 	NOT-FOR-US: Oracle
-CVE-2007-3866 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2007-3866
 	NOT-FOR-US: Oracle
-CVE-2007-3865 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
+CVE-2007-3865
 	NOT-FOR-US: Oracle
-CVE-2007-3864 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite ...)
+CVE-2007-3864
 	NOT-FOR-US: Oracle
-CVE-2007-3863 (Unspecified vulnerability in Oracle JDeveloper for Application Server ...)
+CVE-2007-3863
 	NOT-FOR-US: Oracle
-CVE-2007-3862 (Unspecified vulnerability in Oracle Application Server 9.0.4.3 and ...)
+CVE-2007-3862
 	NOT-FOR-US: Oracle
-CVE-2007-3861 (Unspecified vulnerability in Oracle Jdeveloper in Oracle Application ...)
+CVE-2007-3861
 	NOT-FOR-US: Oracle
-CVE-2007-3860 (Unspecified vulnerability in Oracle Application Express (formerly ...)
+CVE-2007-3860
 	NOT-FOR-US: Oracle
-CVE-2007-3859 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2007-3859
 	NOT-FOR-US: Oracle
-CVE-2007-3858 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow ...)
+CVE-2007-3858
 	NOT-FOR-US: Oracle
-CVE-2007-3857 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow ...)
+CVE-2007-3857
 	NOT-FOR-US: Oracle
-CVE-2007-3856 (Unspecified vulnerability in the Oracle Data Mining component for ...)
+CVE-2007-3856
 	NOT-FOR-US: Oracle
-CVE-2007-3855 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, ...)
+CVE-2007-3855
 	NOT-FOR-US: Oracle
-CVE-2007-3854 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, ...)
+CVE-2007-3854
 	NOT-FOR-US: Oracle
-CVE-2007-3853 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and ...)
+CVE-2007-3853
 	NOT-FOR-US: Oracle
-CVE-2007-3852 (The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates ...)
+CVE-2007-3852
 	- sysstat <not-affected> (We have our own init script not prone to this vulnerability)
-CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, when used ...)
+CVE-2007-3851
 	{DSA-1356-1}
 	- linux-2.6 2.6.22-4
-CVE-2007-3850 (The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on ...)
+CVE-2007-3850
 	- linux-2.6 <not-affected> (Debian's kernel doesn't enable CONFIG_PPC_64K_PAGES)
-CVE-2007-3849 (Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced ...)
+CVE-2007-3849
 	NOT-FOR-US: RedHat Advanced Intrusion Detection Environment
-CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to send ...)
+CVE-2007-3848
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1356-1}
 	- linux-2.6 2.6.22-4
-CVE-2007-3847 (The date handling code in modules/proxy/proxy_util.c (mod_proxy) in ...)
+CVE-2007-3847
 	- apache2 2.2.6-1 (bug #441845; low)
 	[etch] - apache2 2.2.3-4+etch3 (bug #441845; low)
 	- apache <removed> (unimportant)
 	NOTE: Apache 1.3 is non-threaded, therefore unimportant
-CVE-2007-3846 (Directory traversal vulnerability in Subversion before 1.4.5, as used ...)
+CVE-2007-3846
 	NOT-FOR-US: TortoiseSVN on Windows
-CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x ...)
+CVE-2007-3845
 	{DSA-1391-1 DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1 DTSA-71-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
 	- icedove 2.0.0.6-1 (medium)
 	NOTE: MFSA2007-27
-CVE-2007-3844 (Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and ...)
+CVE-2007-3844
 	{DSA-1391-1 DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1 DTSA-71-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
 	- icedove 2.0.0.6-1 (medium)
 	NOTE: MFSA2007-26
-CVE-2007-3843 (The Linux kernel before 2.6.23-rc1 checks the wrong global variable ...)
+CVE-2007-3843
 	{DSA-1363-1}
 	- linux-2.6 2.6.23-1 (bug #446073)
-CVE-2007-3842 (Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise ...)
+CVE-2007-3842
 	NOT-FOR-US: 8e6 R3000 Enterprise Filter
-CVE-2007-3841 (Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux ...)
+CVE-2007-3841
 	NOTE: this information is based upon a vague advisory by a vulnerability
 	NOTE: information sales organization that does not coordinate with vendors or
 	NOTE: release actionable advisories. So maybe it is not fixed _but_ since it is
 	NOTE: not disclosed it would be hard to fix and track it.
-CVE-2007-3840 (SQL injection vulnerability in referralUrl.php in Traffic Stats allows ...)
+CVE-2007-3840
 	NOT-FOR-US: Traffic Stats
-CVE-2007-3839 (Cross-site scripting (XSS) vulnerability in takeprofedit.php in ...)
+CVE-2007-3839
 	NOT-FOR-US: TBDev.NET
-CVE-2007-3838 (Cross-site scripting (XSS) vulnerability in takeprofedit.php in ...)
+CVE-2007-3838
 	NOT-FOR-US: TBDev.NET
-CVE-2007-3837 (Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC ...)
+CVE-2007-3837
 	NOT-FOR-US: HydraIRC
-CVE-2007-3836 (Format string vulnerability in HydraIRC 0.3.151 allows remote ...)
+CVE-2007-3836
 	NOT-FOR-US: HydraIRC
-CVE-2007-3835 (Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib 3.13 and ...)
+CVE-2007-3835
 	NOT-FOR-US: Ex Libris MetaLib
-CVE-2007-3834 (Multiple cross-site scripting (XSS) vulnerabilities in Ex Libris ALEPH ...)
+CVE-2007-3834
 	NOT-FOR-US: Ex Libris ALEPH
-CVE-2007-3833 (The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios ...)
+CVE-2007-3833
 	NOT-FOR-US: Trillian
-CVE-2007-3832 (Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in ...)
+CVE-2007-3832
 	NOT-FOR-US: Trillian
-CVE-2007-3831 (PHP remote file inclusion in main.php in ISS Proventia Network IPS ...)
+CVE-2007-3831
 	NOT-FOR-US: ISS Proventia Network IPS
-CVE-2007-3830 (Cross-site scripting (XSS) vulnerability in alert.php in ISS Proventia ...)
+CVE-2007-3830
 	NOT-FOR-US: ISS Proventia Network IPS
-CVE-2007-3829 (Multiple stack-based buffer overflows in (a) InterActual Player ...)
+CVE-2007-3829
 	NOT-FOR-US: InterActual Player
-CVE-2007-3828 (Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows ...)
+CVE-2007-3828
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3827 (Mozilla Firefox allows for cookies to be set with a null domain (aka ...)
+CVE-2007-3827
 	NOTE: Unreproducible for upstream
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=388097
-CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote ...)
+CVE-2007-3826
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation in ...)
+CVE-2007-3825
 	NOT-FOR-US: CA Alert Notification Server
-CVE-2007-3824 (SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows ...)
+CVE-2007-3824
 	NOT-FOR-US: MzK Blog
-CVE-2007-3823 (The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows ...)
+CVE-2007-3823
 	NOT-FOR-US: IPSwitch WS_FTP
-CVE-2007-3822 (Multiple cross-site scripting (XSS) vulnerabilities in Webcit before ...)
+CVE-2007-3822
 	NOT-FOR-US: Webcit
-CVE-2007-3821 (Cross-site request forgery (CSRF) vulnerability in Webcit before 7.11 ...)
+CVE-2007-3821
 	NOT-FOR-US: Webcit
-CVE-2007-3819 (Opera 9.21 allows remote attackers to spoof the data: URI scheme in ...)
+CVE-2007-3819
 	NOT-FOR-US: Opera
-CVE-2007-3818 (Cross-site scripting (XSS) vulnerability in the LoginToboggan module ...)
+CVE-2007-3818
 	NOT-FOR-US: LoginToboggan
-CVE-2007-3817 (Cross-site scripting (XSS) vulnerability in the LoginToboggan module ...)
+CVE-2007-3817
 	NOT-FOR-US: LoginToboggan
-CVE-2007-3816 (** DISPUTED ** ...)
+CVE-2007-3816
 	NOT-FOR-US: JWIG
-CVE-2007-3815 (Buffer overflow in pirs32.exe in Poslovni informator Republike ...)
+CVE-2007-3815
 	NOT-FOR-US: Poslovni informator Republike Slovenije
-CVE-2007-3814 (Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote ...)
+CVE-2007-3814
 	NOT-FOR-US: MKPortal
-CVE-2007-3813 (PHP remote file inclusion vulnerability in include/user.php in the ...)
+CVE-2007-3813
 	NOT-FOR-US: NoBoard BETA module for MKPortal
-CVE-2007-3812 (SQL injection vulnerability in forums.php in CMScout 1.23 and earlier ...)
+CVE-2007-3812
 	NOT-FOR-US: CMScout
-CVE-2007-3811 (Multiple SQL injection vulnerabilities in eSyndiCat allow remote ...)
+CVE-2007-3811
 	NOT-FOR-US: eSyndiCat
-CVE-2007-3810 (SQL injection vulnerability in index.php in Realtor 747 allows remote ...)
+CVE-2007-3810
 	NOT-FOR-US: Realtor 747
-CVE-2007-3809 (Multiple SQL injection vulnerabilities in Prozilla Directory Script ...)
+CVE-2007-3809
 	NOT-FOR-US: Prozilla Directory Script
-CVE-2007-3808 (SQL injection vulnerability in includes/search.php in paFileDB 3.6 ...)
+CVE-2007-3808
 	NOT-FOR-US: paFileDB
-CVE-2007-3807 (Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum ...)
+CVE-2007-3807
 	NOT-FOR-US: SiteScape Forum
-CVE-2007-3806 (The glob function in PHP 5.2.3 allows context-dependent attackers to ...)
+CVE-2007-3806
 	{DSA-1578-1 DSA-1572-1 DTSA-61-1}
 	- php5 5.2.4-1 (medium; bug #441433)
 	- php4 <removed>
 	[etch] - php5 <no-dsa> (requires malicious script)
 	[etch] - php4 <no-dsa> (requires malicious script)
 	[sarge] - php4 <no-dsa> (requires malicious script)
-CVE-2007-3805 (The IKE implementation in Clavister CorePlus before 8.80.03, and ...)
+CVE-2007-3805
 	NOT-FOR-US: Clavister CorePlus
-CVE-2007-3804 (The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before ...)
+CVE-2007-3804
 	NOT-FOR-US: Clavister CorePlus
-CVE-2007-3803 (The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does ...)
+CVE-2007-3803
 	NOT-FOR-US: Clavister CorePlus
 CVE-2007-3802
 	REJECTED
 CVE-2007-3801
 	REJECTED
-CVE-2007-3800 (Unspecified vulnerability in the Real-time scanner (RTVScan) component ...)
+CVE-2007-3800
 	NOT-FOR-US: Symantec
-CVE-2007-3799 (The session_start function in ext/session in PHP 4.x up to 4.4.7 and ...)
+CVE-2007-3799
 	{DSA-1578-1 DSA-1444-1 DTSA-61-1}
 	NOTE: this does not affect default installs, only those who have written
 	NOTE: custom session handlers (which isn't *that* uncommon though), and
@@ -7040,178 +7040,178 @@ CVE-2007-3799 (The session_start function in ext/session in PHP 4.x up to 4.4.7
 	NOTE: fixed in php4/etch, php5/etch, php4/sarge svn
 	- php4 <removed> (low)
 	- php5 5.2.4-1 (low; bug #441433)
-CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 ...)
+CVE-2007-3798
 	{DSA-1353-1}
 	- tcpdump 3.9.5-3 (bug #434030)
 CVE-2007-3797
 	RESERVED
-CVE-2007-3796 (The password reset feature in the Spam Quarantine HTTP interface for ...)
+CVE-2007-3796
 	NOT-FOR-US: Spam Quarantine HTTP interface for MailMarshal SMTP
-CVE-2007-3795 (Unspecified vulnerability in Hitachi TP1/Server Base before 03-05-/P, ...)
+CVE-2007-3795
 	NOT-FOR-US: Hitachi
-CVE-2007-3794 (Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit ...)
+CVE-2007-3794
 	NOT-FOR-US: Hitachi
-CVE-2007-3793 (SQL injection vulnerability in Job Management Partner 1/NETM/DM ...)
+CVE-2007-3793
 	NOT-FOR-US: Job Management Partner
-CVE-2007-3792 (Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold ...)
+CVE-2007-3792
 	NOT-FOR-US: AzDG Dating Gold
-CVE-2007-3791 (Buffer overflow in the w_read function in sockets.c in Cami Sardinha ...)
+CVE-2007-3791
 	{DSA-1361-1}
 	- postfix-policyd 1.80-2.2 (bug #435735)
-CVE-2007-3790 (The com_print_typeinfo function in the bz2 extension in PHP 5.2.3 ...)
+CVE-2007-3790
 	- php5 <not-affected> (com_print_typeinfo is a windows only func)
 	- php4 <not-affected> (com_print_typeinfo is a windows only func)
-CVE-2007-3789 (SQL injection vulnerability in admin/index.php in Inmostore 4.0 allows ...)
+CVE-2007-3789
 	NOT-FOR-US: Inmostore
-CVE-2007-3788 (The eSoft InstaGate EX2 UTM device stores the admin password within ...)
+CVE-2007-3788
 	NOT-FOR-US: eSoft InstaGate
-CVE-2007-3787 (The eSoft InstaGate EX2 UTM device does not require entry of the old ...)
+CVE-2007-3787
 	NOT-FOR-US: eSoft InstaGate
-CVE-2007-3786 (** DISPUTED ** ...)
+CVE-2007-3786
 	NOT-FOR-US: eSoft InstaGate
-CVE-2007-3785 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-3785
 	NOT-FOR-US: EldoS SecureBlackbox
-CVE-2007-3784 (Cross-site scripting (XSS) vulnerability in the Belkin G Plus Router ...)
+CVE-2007-3784
 	NOT-FOR-US: Belkin
-CVE-2007-3783 (SQL injection vulnerability in default.asp in enVivo!CMS allows remote ...)
+CVE-2007-3783
 	NOT-FOR-US: enVivo!CMS
-CVE-2007-3782 (MySQL Community Server before 5.0.45 allows remote authenticated users ...)
+CVE-2007-3782
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.42
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality was introduced in 5.0)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable functionality was introduced in 5.0)
-CVE-2007-3781 (MySQL Community Server before 5.0.45 does not require privileges such ...)
+CVE-2007-3781
 	{DSA-1451-1}
 	- mysql-dfsg-5.0 5.0.45-1
 	[etch] - mysql-dfsg-5.0 <no-dsa> (Minor issue, too intrusive to backport)
 	[sarge] - mysql-dfsg <no-dsa> (Minor issue, too intrusive to backport)
 	[sarge] - mysql-dfsg-4.1 <no-dsa> (Minor issue, too intrusive to backport)
-CVE-2007-3780 (MySQL Community Server before 5.0.45 allows remote attackers to cause ...)
+CVE-2007-3780
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.44
 	[sarge] - mysql-dfsg <not-affected> (Introduced with SSL support in 4.1)
-CVE-2007-3779 (PHP local file inclusion vulnerability in gpg_pop_init.php in the ...)
+CVE-2007-3779
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3778 (The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for ...)
+CVE-2007-3778
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3777 (avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free ...)
+CVE-2007-3777
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2007-3776 (Cisco Unified Communications Manager (CUCM, formerly CallManager) and ...)
+CVE-2007-3776
 	NOT-FOR-US: Cisco
-CVE-2007-3775 (Unspecified vulnerability in Cisco Unified Communications Manager ...)
+CVE-2007-3775
 	NOT-FOR-US: Cisco
-CVE-2007-3774 (Dvbbs 7.1.0 SP1 stores sensitive information under the web root with ...)
+CVE-2007-3774
 	NOT-FOR-US: Dvbbs
-CVE-2007-3773 (Cross-site request forgery (CSRF) vulnerability in the Email-Template ...)
+CVE-2007-3773
 	NOT-FOR-US: Generic YouTube Clone Script
-CVE-2007-3772 (Directory traversal vulnerability in news/show.php in PsNews 1.1 ...)
+CVE-2007-3772
 	NOT-FOR-US: PsNews
-CVE-2007-3771 (Stack-based buffer overflow in the Internet E-mail Auto-Protect ...)
+CVE-2007-3771
 	NOT-FOR-US: Symantec Antivirus
-CVE-2007-3770 (The terminal_helper_execute function in terminal/terminal.c in Xfce ...)
+CVE-2007-3770
 	{DSA-1393-1}
 	- xfce4-terminal 0.2.6-3 (bug #437454)
-CVE-2007-3769 (Cross-site scripting (XSS) vulnerability in the mirrored server ...)
+CVE-2007-3769
 	NOT-FOR-US: SurgeFTP
-CVE-2007-3768 (The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote ...)
+CVE-2007-3768
 	NOT-FOR-US: SurgeFTP
 CVE-2007-3767
 	RESERVED
 CVE-2007-3766
 	RESERVED
-CVE-2007-3765 (The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW ...)
+CVE-2007-3765
 	- asterisk 1:1.4.8~dfsg-1 (bug #433681)
 	[sarge] - asterisk <not-affected> (1.0.x not affected)
 	[etch] - asterisk <not-affected> (1.2.x not affected)
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-017.htm
-CVE-2007-3764 (The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and ...)
+CVE-2007-3764
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-016.htm
-CVE-2007-3763 (The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and ...)
+CVE-2007-3763
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-015.htm
-CVE-2007-3762 (Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in ...)
+CVE-2007-3762
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1 (high)
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-014.htm
-CVE-2007-3820 (konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to ...)
+CVE-2007-3820
 	- kdebase 4:3.5.7-3 (bug #433072; low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
 	NOTE: http://marc.info/?l=full-disclosure&m=118437069815691&w=2
-CVE-2007-3761 (Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone ...)
+CVE-2007-3761
 	NOT-FOR-US: Safari
-CVE-2007-3760 (Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone ...)
+CVE-2007-3760
 	NOT-FOR-US: Safari
-CVE-2007-3759 (Safari in Apple iPhone 1.1.1, when requested to disable Javascript, ...)
+CVE-2007-3759
 	NOT-FOR-US: Safari
-CVE-2007-3758 (Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on ...)
+CVE-2007-3758
 	NOT-FOR-US: Safari
-CVE-2007-3757 (Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to ...)
+CVE-2007-3757
 	NOT-FOR-US: Safari
-CVE-2007-3756 (Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on ...)
+CVE-2007-3756
 	NOT-FOR-US: Safari
-CVE-2007-3755 (Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to ...)
+CVE-2007-3755
 	NOT-FOR-US: Aplle iPhone
-CVE-2007-3754 (Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user ...)
+CVE-2007-3754
 	NOT-FOR-US: Aplle iPhone
-CVE-2007-3753 (Apple iPhone 1.1.1, with Bluetooth enabled, allows physically ...)
+CVE-2007-3753
 	NOT-FOR-US: Aplle iPhone
-CVE-2007-3752 (Heap-based buffer overflow in Apple iTunes before 7.4 allows remote ...)
+CVE-2007-3752
 	NOT-FOR-US: iTunes
-CVE-2007-3751 (Unspecified vulnerability in QuickTime for Java in Apple QuickTime ...)
+CVE-2007-3751
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-3750 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
+CVE-2007-3750
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-3749 (The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the ...)
+CVE-2007-3749
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3748 (Buffer overflow in the UPnP IGD (Internet Gateway Device Standardized ...)
+CVE-2007-3748
 	NOT-FOR-US: iChat on Apple Mac OS X
-CVE-2007-3747 (The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 ...)
+CVE-2007-3747
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3746 (The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 ...)
+CVE-2007-3746
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3745 (The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 ...)
+CVE-2007-3745
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3744 (Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device ...)
+CVE-2007-3744
 	NOT-FOR-US: Apple Mac OSX
-CVE-2007-3743 (Stack-based buffer overflow in bookmark handling in Apple Safari 3 ...)
+CVE-2007-3743
 	NOT-FOR-US: Apple Safari
-CVE-2007-3742 (WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before ...)
+CVE-2007-3742
 	NOT-FOR-US: Apple Safari
-CVE-2007-3741 (The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp ...)
+CVE-2007-3741
 	- gimp 2.2.17-1 (unimportant)
 	NOTE: Only DoS by memleaks or double-frees, not treated as security problems
-CVE-2007-3740 (The CIFS filesystem in the Linux kernel before 2.6.22, when Unix ...)
+CVE-2007-3740
 	{DSA-1504-1 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.22
-CVE-2007-3739 (mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not ...)
+CVE-2007-3739
 	{DSA-1504-1 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.20-1
-CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 ...)
+CVE-2007-3738
 	{DSA-1534-2 DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceape 1.1.3-1 (medium)
 	- xulrunner 1.8.1.5-1 (medium)
 	- iceweasel 2.0.0.5-1 (medium)
 	NOTE: MFSA2007-25
-CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to execute ...)
+CVE-2007-3737
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	- iceweasel 2.0.0.5-1 (high)
 	NOTE: MFSA2007-21
-CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2007-3736
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	NOTE: MFSA2007-19
-CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
+CVE-2007-3735
 	{DSA-1391-1 DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1 DTSA-71-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- icedove 2.0.0.6-1 (low)
@@ -7219,7 +7219,7 @@ CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine in
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	NOTE: MFSA2007-18
-CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2007-3734
 	{DSA-1391-1 DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1 DTSA-71-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- icedove 2.0.0.6-1 (high; bug #444010)
@@ -7232,774 +7232,774 @@ CVE-2007-3732
 	RESERVED
 	- linux-2.6 2.6.23-1
 	NOTE: Upstream fix: https://git.kernel.org/linus/a10d9a71bafd3a283da240d2868e71346d2aef6f (v2.6.23-rc1)
-CVE-2007-3731 (The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid ...)
+CVE-2007-3731
 	{DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.23-1
-CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services 5.6 for ...)
+CVE-2007-3730
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-3729 (The default configuration of the POP server in TCP/IP Services 5.6 for ...)
+CVE-2007-3729
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-3728 (Buffer overflow in lib/silcclient/client_notify.c of SILC Client and ...)
+CVE-2007-3728
 	- silc-toolkit 1.1.2-1
 	[etch] - silc-toolkit <not-affected> (Only the 1.1.x branch is affected)
 	NOTE: http://silcnet.org/docs/changelog/SILC Toolkit 1.1.2
-CVE-2007-3727 (Multiple unspecified vulnerabilities in Webmatic before 2.7 have ...)
+CVE-2007-3727
 	NOT-FOR-US: WebMatic
-CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp in ...)
+CVE-2007-3726
 	- unrar-nonfree 3.7.3-1.1 (low; bug #437703)
 	[etch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[sarge] - unrar-nonfree <no-dsa> (Non-free not supported)
 	- rar 1:3.7b1-1 (low; bug #437704)
 	[etch] - rar <not-affected> (Vulnerable code was fixed already)
 	[sarge] - rar <no-dsa> (Non-free not supported)
-CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows ...)
+CVE-2007-3725
 	{DSA-1340-1 DTSA-43-1}
 	- clamav 0.91-1
 	[sarge] - clamav <not-affected> (Vulnerable code was introduced in 0.9x)
-CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does not make ...)
+CVE-2007-3724
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2007-3723 (The process scheduler in the Sun Solaris kernel does not make use of ...)
+CVE-2007-3723
 	NOT-FOR-US: Solaris
-CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs scheduling ...)
+CVE-2007-3722
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
-CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference to ...)
+CVE-2007-3721
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
-CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling ...)
+CVE-2007-3720
 	- linux-2.6 <not-affected> (There's a separate ID for 2.6, see CVE-2007-3719)
-CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...)
+CVE-2007-3719
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: This is the existing default behaviour of the scheduler, can be tuned
 	NOTE: to suit individual needs
-CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in ...)
+CVE-2007-3718
 	NOT-FOR-US: Apple Safari
-CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...)
+CVE-2007-3717
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and JRE 6 ...)
+CVE-2007-3716
 	- sun-java6 6-02-1 (medium)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through 9.0 ...)
+CVE-2007-3715
 	NOT-FOR-US: Sun Java System Application Server and Web Server
-CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 ...)
+CVE-2007-3714
 	NOT-FOR-US: Ada Image Server
-CVE-2007-3713 (Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow ...)
+CVE-2007-3713
 	{DSA-1433-1 DTSA-55-1}
 	- centericq 4.22.1-2.1 (bug #438511; medium)
 	- centerim 4.22.1-2.1 (medium)
-CVE-2007-3712 (Multiple cross-site scripting (XSS) vulnerabilities in HiddenChest &quot;is ...)
+CVE-2007-3712
 	NOT-FOR-US: HiddenChest
-CVE-2007-3711 (Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x ...)
+CVE-2007-3711
 	NOT-FOR-US: TippingPoint IPS
-CVE-2007-3710 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3710
 	NOT-FOR-US: PHP Comet-Server
-CVE-2007-3709 (CRLF injection vulnerability in the redirect function in ...)
+CVE-2007-3709
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3708 (Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before ...)
+CVE-2007-3708
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3707 (Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 ...)
+CVE-2007-3707
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3706 (The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 ...)
+CVE-2007-3706
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3705 (SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to ...)
+CVE-2007-3705
 	NOT-FOR-US: FuseTalk
-CVE-2007-3704 (Entertainment CMS allows remote attackers to bypass authentication and ...)
+CVE-2007-3704
 	NOT-FOR-US: Entertainment CMS
-CVE-2007-3703 (Stack-based buffer overflow in a certain ActiveX control in sasatl.dll ...)
+CVE-2007-3703
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-3702 (Directory traversal vulnerability in the load function in ...)
+CVE-2007-3702
 	NOT-FOR-US: Mail Machine
-CVE-2007-3701 (TippingPoint IPS before 20070710 does not properly handle a ...)
+CVE-2007-3701
 	NOT-FOR-US: TippingPoint IPS
-CVE-2007-3700 (Sun Java System Access Manager (formerly Java System Identity Server) ...)
+CVE-2007-3700
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-3699 (The Decomposer component in multiple Symantec products allows remote ...)
+CVE-2007-3699
 	NOT-FOR-US: Symantec
-CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 ...)
+CVE-2007-3698
 	- sun-java5 1.5.0-12-1
 	- sun-java6 6-02-1
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...)
+CVE-2007-3697
 	NOT-FOR-US: FlashBB
-CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model ...)
+CVE-2007-3696
 	NOT-FOR-US: CA ERwin Data Model Validator
-CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly ...)
+CVE-2007-3695
 	NOT-FOR-US: CA ERwin
-CVE-2007-3694 (Cross-site scripting (XSS) vulnerability in login.php in Miro Project ...)
+CVE-2007-3694
 	NOT-FOR-US: Broadcast Machine
-CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built ...)
+CVE-2007-3693
 	NOT-FOR-US: gobi
-CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory KDDI ...)
+CVE-2007-3692
 	NOT-FOR-US: EZFactory KDDI Download CGI
-CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial ...)
+CVE-2007-3691
 	NOT-FOR-US: AV Tutorial
-CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal ...)
+CVE-2007-3690
 	NOT-FOR-US: Forward module for Drupal
-CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal ...)
+CVE-2007-3689
 	NOT-FOR-US: Print module for Drupal
-CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...)
+CVE-2007-3688
 	NOT-FOR-US: DotClear
-CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...)
+CVE-2007-3687
 	NOT-FOR-US: Inferno Technologies
-CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...)
+CVE-2007-3686
 	NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
-CVE-2007-3685 (Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive ...)
+CVE-2007-3685
 	NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
-CVE-2007-3684 (Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating ...)
+CVE-2007-3684
 	NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
-CVE-2007-3683 (SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and ...)
+CVE-2007-3683
 	NOT-FOR-US: Aigaion
-CVE-2007-3682 (SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier ...)
+CVE-2007-3682
 	NOT-FOR-US: OpenLD
-CVE-2007-3681 (The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in ...)
+CVE-2007-3681
 	NOT-FOR-US: WinPcap
-CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in libodm ...)
+CVE-2007-3680
 	NOT-FOR-US: IBM AIX
-CVE-2007-3679 (The Citrix EPA ActiveX control (aka the &quot;endpoint checking control&quot; or ...)
+CVE-2007-3679
 	NOT-FOR-US: Citrix
-CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension (Word ...)
+CVE-2007-3678
 	NOT-FOR-US: QuarkXPress
-CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow ...)
+CVE-2007-3677
 	NOT-FOR-US: Maxsi eVisit Analyst
-CVE-2007-3676 (IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before ...)
+CVE-2007-3676
 	NOT-FOR-US: IBM DB2
-CVE-2007-3675 (Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ...)
+CVE-2007-3675
 	NOT-FOR-US: Kaspersky Online Scanner
 CVE-2007-3674
 	RESERVED
-CVE-2007-3673 (Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus ...)
+CVE-2007-3673
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2007-3672 (Cross-site scripting (XSS) vulnerability in ecrire/tools.php in ...)
+CVE-2007-3672
 	NOT-FOR-US: DotClear
-CVE-2007-3671 (Unspecified vulnerability in the kernel in Microsoft Windows Vista has ...)
+CVE-2007-3671
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-3670 (Argument injection vulnerability in Microsoft Internet Explorer, when ...)
+CVE-2007-3670
 	- iceweasel <not-affected> (Only affects Firefox/Thunderbird on Windows)
 	- icedove <not-affected> (Only affects Firefox/Thunderbird on Windows)
 	NOTE: MFSA2007-23
-CVE-2007-3669 (Multiple unspecified vulnerabilities in the Innovasys DockStudioXP ...)
+CVE-2007-3669
 	NOT-FOR-US: InnovaDSXP2.OCX ActiveX Control
-CVE-2007-3668 (Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia ...)
+CVE-2007-3668
 	NOT-FOR-US: NMSDVDXLib
-CVE-2007-3667 (Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport ...)
+CVE-2007-3667
 	NOT-FOR-US: ActiveReportsExcelReport
-CVE-2007-3666 (Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 ...)
+CVE-2007-3666
 	NOT-FOR-US: Symantec Ghost
-CVE-2007-3665 (Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec ...)
+CVE-2007-3665
 	NOT-FOR-US: Symantec Ghost
-CVE-2007-3664 (Multiple unspecified vulnerabilities in Eltima Software RunService ...)
+CVE-2007-3664
 	NOT-FOR-US: Eltima Software
-CVE-2007-3663 (Divide-by-zero error in Media Player Classic (MPC) 6.4.9.0 allows ...)
+CVE-2007-3663
 	NOT-FOR-US: guliverkli Media Player Classic
-CVE-2007-3662 (Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote ...)
+CVE-2007-3662
 	NOT-FOR-US: guliverkli Media Player Classic
-CVE-2007-3661 (Eltima Software Virtual Serial Port (VSPAX) ActiveX control ...)
+CVE-2007-3661
 	NOT-FOR-US: Eltima Software
-CVE-2007-3660 (The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows ...)
+CVE-2007-3660
 	NOT-FOR-US: Nonnoi
-CVE-2007-3659 (Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 ...)
+CVE-2007-3659
 	NOT-FOR-US: FreeWRL
-CVE-2007-3658 (Unspecified vulnerability in Microsoft Register Server (REGSVR) allows ...)
+CVE-2007-3658
 	NOT-FOR-US: Microsoft
-CVE-2007-3657 (** DISPUTED ** ...)
+CVE-2007-3657
 	NOTE: Disputed Firefox issue, browser crashes not treated as security problems anyway
-CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not ...)
+CVE-2007-3656
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	NOTE: MFSA2007-24
-CVE-2007-3655 (Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE ...)
+CVE-2007-3655
 	- sun-java5 1.5.0-12-1
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-02-1
-CVE-2007-3654 (The display driver allocattr functions in NetBSD 3.0 through ...)
+CVE-2007-3654
 	NOT-FOR-US: NetBSD
-CVE-2007-3653 (Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script ...)
+CVE-2007-3653
 	NOT-FOR-US: Farsi Script
-CVE-2007-3652 (SQL injection vulnerability in class/page.php in Farsi Script (aka ...)
+CVE-2007-3652
 	NOT-FOR-US: Farsi Script
-CVE-2007-3651 (class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote ...)
+CVE-2007-3651
 	NOT-FOR-US: Farsi Script
-CVE-2007-3650 (myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive ...)
+CVE-2007-3650
 	NOT-FOR-US: myWebland myBloggie
-CVE-2007-3649 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2007-3649
 	NOT-FOR-US: Hewlett-Packard (HP) Photo Digital Imaging ActiveX control
-CVE-2007-3648 (SQL injection vulnerability in Webmatic before 2.6.2, and possibly ...)
+CVE-2007-3648
 	NOT-FOR-US: WebMatic
-CVE-2007-3647 (The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and ...)
+CVE-2007-3647
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3646 (SQL injection vulnerability in index.php in FlashGameScript 1.7 and ...)
+CVE-2007-3646
 	NOT-FOR-US: FlashGameScript
-CVE-2007-3645 (archive_read_support_format_tar.c in libarchive before 2.2.4 allows ...)
+CVE-2007-3645
 	{DSA-1455-1}
 	- libarchive 2.2.4-1 (bug #432924; low)
-CVE-2007-3644 (archive_read_support_format_tar.c in libarchive before 2.2.4 allows ...)
+CVE-2007-3644
 	{DSA-1455-1}
 	- libarchive 2.2.4-1 (bug #432924; low)
-CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative privileges ...)
+CVE-2007-3643
 	NOT-FOR-US: AV Arcade
-CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c ...)
+CVE-2007-3642
 	{DSA-1356-1}
 	- linux-2.6 2.6.22-2
-CVE-2007-3641 (archive_read_support_format_tar.c in libarchive before 2.2.4 does not ...)
+CVE-2007-3641
 	{DSA-1455-1}
 	- libarchive 2.2.4-1 (bug #432924; low)
-CVE-2007-3640 (Adobe Integrated Runtime (AIR, aka Apollo) allows context-dependent ...)
+CVE-2007-3640
 	NOT-FOR-US: Adobe Apollo
-CVE-2007-3639 (WordPress before 2.2.2 allows remote attackers to redirect visitors to ...)
+CVE-2007-3639
 	{DSA-1564-1}
 	- wordpress 2.2.2-1
-CVE-2007-3638 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote ...)
+CVE-2007-3638
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-3637 (SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers ...)
+CVE-2007-3637
 	NOT-FOR-US: MKPortal
-CVE-2007-3636 (Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for ...)
+CVE-2007-3636
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3635 (Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before ...)
+CVE-2007-3635
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3634 (Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for ...)
+CVE-2007-3634
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3633 (Absolute path traversal vulnerability in the Chilkat Software Chilkat ...)
+CVE-2007-3633
 	NOT-FOR-US: Chilkat Software
-CVE-2007-3632 (Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka ...)
+CVE-2007-3632
 	NOTE: Moodle contains a copy of the files, but not the string
 	NOTE: "homedir", so it is not affected.
-CVE-2007-3631 (SQL injection vulnerability in index.php in GameSiteScript (gss) 3.1 ...)
+CVE-2007-3631
 	NOT-FOR-US: GameSiteScript
-CVE-2007-3630 (changePW.php in AV Tutorial Script (avtutorial) 1.0 does not require ...)
+CVE-2007-3630
 	NOT-FOR-US: AV Tutorial
-CVE-2007-3629 (SQL injection vulnerability in oku.asp in Levent Veysi Portal 1.0 ...)
+CVE-2007-3629
 	NOT-FOR-US: Levent Veysi Portal
-CVE-2007-3628 (Unspecified vulnerability in the fetch function in MDB2.php in PEAR ...)
+CVE-2007-3628
 	NOT-FOR-US: Structures-DataGrid-DataSource-MDB2
-CVE-2007-3627 (Multiple SQL injection vulnerabilities in PHP Lite Calendar Express ...)
+CVE-2007-3627
 	NOT-FOR-US: PHP Lite Calender Express
-CVE-2007-3626 (Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before ...)
+CVE-2007-3626
 	NOT-FOR-US: Hitachi
-CVE-2007-3625 (The Program Neighborhood Agent in Citrix Presentation Server Clients ...)
+CVE-2007-3625
 	NOT-FOR-US: Citrix
-CVE-2007-3624 (Heap-based buffer overflow in the Message HTTP Server in SAP Message ...)
+CVE-2007-3624
 	NOT-FOR-US: SAP
-CVE-2007-3623 (Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand ...)
+CVE-2007-3623
 	NOT-FOR-US: Hitachi
-CVE-2007-3622 (Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon ...)
+CVE-2007-3622
 	NOT-FOR-US: MDaemon
-CVE-2007-3621 (Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex ...)
+CVE-2007-3621
 	NOT-FOR-US: AsteriDex
-CVE-2007-3620 (Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 ...)
+CVE-2007-3620
 	NOT-FOR-US: Maia Mailguard
-CVE-2007-3619 (Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 ...)
+CVE-2007-3619
 	NOT-FOR-US: Maia Mailguard
-CVE-2007-3618 (Stack-based buffer overflow in the NetWorker Remote Exec Service ...)
+CVE-2007-3618
 	NOT-FOR-US: EMC Software NetWorker
-CVE-2007-3617 (The report module in vtiger CRM before 5.0.3 does not properly apply ...)
+CVE-2007-3617
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3616 (index.php in vtiger CRM before 5.0.3 allows remote authenticated users ...)
+CVE-2007-3616
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3615 (Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver ...)
+CVE-2007-3615
 	NOT-FOR-US: SAP
-CVE-2007-3614 (Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB ...)
+CVE-2007-3614
 	NOT-FOR-US: SAP DB Web Server
-CVE-2007-3613 (Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP ...)
+CVE-2007-3613
 	NOT-FOR-US: SAP
-CVE-2007-3612 (Stack-based buffer overflow in Visual IRC (ViRC) 2.0 allows remote IRC ...)
+CVE-2007-3612
 	NOT-FOR-US: Visual IRC
-CVE-2007-3611 (admin.php in VRNews 1.1.1, and possibly other 1.x versions, does not ...)
+CVE-2007-3611
 	NOT-FOR-US: VRNews
-CVE-2007-3610 (SQL injection vulnerability in categories_type.php in phpVID 0.9.9 ...)
+CVE-2007-3610
 	NOT-FOR-US: phpVID
-CVE-2007-3609 (Multiple SQL injection vulnerabilities in eMeeting Online Dating ...)
+CVE-2007-3609
 	NOT-FOR-US: eMeeting
-CVE-2007-3608 (Multiple unspecified vulnerabilities in ActiveX controls in the ...)
+CVE-2007-3608
 	NOT-FOR-US: SAP
-CVE-2007-3607 (Multiple unspecified vulnerabilities in ActiveX controls in the ...)
+CVE-2007-3607
 	NOT-FOR-US: SAP
-CVE-2007-3606 (Heap-based buffer overflow in the rfcguisink.rfcguisink.1 ActiveX ...)
+CVE-2007-3606
 	NOT-FOR-US: SAP
-CVE-2007-3605 (Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX ...)
+CVE-2007-3605
 	NOT-FOR-US: SAP
-CVE-2007-3604 (vtiger CRM before 5.0.3 allows remote authenticated users with access ...)
+CVE-2007-3604
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3603 (SQL injection vulnerability in the dashboard ...)
+CVE-2007-3603
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3602 (The SOAP webservice in vtiger CRM before 5.0.3 does not ensure that ...)
+CVE-2007-3602
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3601 (vtiger CRM before 5.0.3, when a migrated build is used, allows remote ...)
+CVE-2007-3601
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3600 (WordPlugin in the wordintegration component in vtiger CRM before 5.0.3 ...)
+CVE-2007-3600
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3599 (vtiger CRM before 5.0.3 allows remote authenticated users to import ...)
+CVE-2007-3599
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3598 (index.php in vtiger CRM before 5.0.3 allows remote authenticated users ...)
+CVE-2007-3598
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3597 (Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows ...)
+CVE-2007-3597
 	NOT-FOR-US: Zen Cart
-CVE-2007-3596 (inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric ...)
+CVE-2007-3596
 	NOT-FOR-US: phpVideoPro
 CVE-2007-3595
 	REJECTED
-CVE-2007-3594 (Multiple cross-site scripting (XSS) vulnerabilities in AdventNet ...)
+CVE-2007-3594
 	NOT-FOR-US: ManageEngine OpManager
-CVE-2007-3593 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2007-3593
 	NOT-FOR-US: ManageEngine NetflowAnalyzer
-CVE-2007-3592 (PM.php in Elite Bulletin Board before 1.0.10 allows remote ...)
+CVE-2007-3592
 	NOT-FOR-US: Elite Bulletin Board
-CVE-2007-3591 (Unspecified vulnerability in Profile.php in Elite Bulletin Board ...)
+CVE-2007-3591
 	NOT-FOR-US: Elite Bulletin Board
-CVE-2007-3590 (Cross-site scripting (XSS) vulnerability in visitenkarte.php in b1gBB ...)
+CVE-2007-3590
 	NOT-FOR-US: b1gBB
-CVE-2007-3589 (Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote ...)
+CVE-2007-3589
 	NOT-FOR-US: b1gbb
-CVE-2007-3588 (SQL injection vulnerability in reply.php in VBZooM 1.12 allows remote ...)
+CVE-2007-3588
 	NOT-FOR-US: VBZooM
-CVE-2007-3587 (MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via ...)
+CVE-2007-3587
 	NOT-FOR-US: MyCMS
-CVE-2007-3586 (Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 ...)
+CVE-2007-3586
 	NOT-FOR-US: MyCMS
-CVE-2007-3585 (PHP remote file inclusion vulnerability in games.php in MyCMS 0.9.8 ...)
+CVE-2007-3585
 	NOT-FOR-US: MyCMS
-CVE-2007-3584 (SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and ...)
+CVE-2007-3584
 	NOT-FOR-US: PNphpBB2
-CVE-2007-3583 (SQL injection vulnerability in details_news.php in Girlserv ads 1.5 ...)
+CVE-2007-3583
 	NOT-FOR-US: Girlserv ads
-CVE-2007-3582 (SQL injection vulnerability in index.php in SuperCali PHP Event ...)
+CVE-2007-3582
 	NOT-FOR-US: SuperCali PHP Event Calendar
-CVE-2007-3581 (The Jedox Palo 1.5 client transmits the password in cleartext, which ...)
+CVE-2007-3581
 	NOT-FOR-US: Jedox
-CVE-2007-3580 (PHPIDS does not properly handle certain code containing newlines, as ...)
+CVE-2007-3580
 	NOT-FOR-US: PHPIDS
-CVE-2007-3579 (PHPIDS before 20070703 does not properly handle setting the .text ...)
+CVE-2007-3579
 	NOT-FOR-US: PHPIDS
-CVE-2007-3578 (PHPIDS before 20070703 does not properly handle (1) arithmetic ...)
+CVE-2007-3578
 	NOT-FOR-US: PHPIDS
-CVE-2007-3577 (PHPIDS before 20070703 does not properly handle use of the substr ...)
+CVE-2007-3577
 	NOT-FOR-US: PHPIDS
-CVE-2007-3576 (** DISPUTED ** ...)
+CVE-2007-3576
 	NOT-FOR-US: Microsoft
-CVE-2007-3575 (SQL injection vulnerability in includes/functions in FreeDomain.co.nr ...)
+CVE-2007-3575
 	NOT-FOR-US: FreeDomain.co.nr Clone
-CVE-2007-3574 (Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on ...)
+CVE-2007-3574
 	NOT-FOR-US: Linksys
-CVE-2007-3573 (Multiple SQL injection vulnerabilities in akocomment allow remote ...)
+CVE-2007-3573
 	NOT-FOR-US: AkoComment
-CVE-2007-3572 (Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi in ...)
+CVE-2007-3572
 	NOT-FOR-US: Yoggie
-CVE-2007-3571 (The Apache Web Server as used in Novell NetWare 6.5 and GroupWise ...)
+CVE-2007-3571
 	NOT-FOR-US: Novell
-CVE-2007-3570 (The Linux Access Gateway in Novell Access Manager before 3.0 SP1 ...)
+CVE-2007-3570
 	NOT-FOR-US: Novell
-CVE-2007-3569 (Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library ...)
+CVE-2007-3569
 	NOT-FOR-US: Oliver Library Management System
-CVE-2007-3568 (The _LoadBMP function in imlib 1.9.15 and earlier allows ...)
+CVE-2007-3568
 	- imlib 1.9.15-3 (bug #437708; low)
 	[sarge] - imlib <no-dsa> (Minor issue, just a crash)
 	[etch] - imlib <no-dsa> (Minor issue, just a crash)
-CVE-2007-3567 (MySQLDumper 1.21b through 1.23 REV227 uses a &quot;Limit GET&quot; statement in ...)
+CVE-2007-3567
 	NOT-FOR-US: MysqlDumper
-CVE-2007-3566 (Stack-based buffer overflow in the database service (ibserver.exe) in ...)
+CVE-2007-3566
 	NOT-FOR-US: Borland InterBase
 CVE-2007-3565
 	RESERVED
-CVE-2007-3564 (libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does ...)
+CVE-2007-3564
 	{DSA-1333-1}
 	- curl 7.16.4-1 (low)
-CVE-2007-3563 (SQL injection vulnerability in includes/view_page.php in AV Arcade ...)
+CVE-2007-3563
 	NOT-FOR-US: AV Arcade
-CVE-2007-3562 (SQL injection vulnerability in videos.php in PHP Director 0.21 and ...)
+CVE-2007-3562
 	NOT-FOR-US: PHP Director
-CVE-2007-3561 (Cross-site scripting (XSS) vulnerability in ara.asp in Efendy Blog 1.0 ...)
+CVE-2007-3561
 	NOT-FOR-US: Efendy Blog
-CVE-2007-3560 (Multiple unspecified vulnerabilities in Esqlanelapse before 2.6 have ...)
+CVE-2007-3560
 	NOT-FOR-US: Esqlanelapse
-CVE-2007-3559 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-3559
 	NOT-FOR-US: PHP-Fusion
-CVE-2007-3558 (SQL injection vulnerability in Coppermine Photo Gallery (CPG) before ...)
+CVE-2007-3558
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-3557 (SQL injection vulnerability in admin/login.php in Wheatblog (wB) 1.1, ...)
+CVE-2007-3557
 	NOT-FOR-US: Wheatblog
-CVE-2007-3556 (Liesbeth base CMS stores sensitive information under the web root with ...)
+CVE-2007-3556
 	NOT-FOR-US: Liesbeth
-CVE-2007-3555 (Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 ...)
+CVE-2007-3555
 	{DSA-1691-1}
 	- moodle 1.8.2-1 (low; bug #432264)
-CVE-2007-3554 (Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control ...)
+CVE-2007-3554
 	NOT-FOR-US: HP
-CVE-2007-3553 (Cross-site scripting (XSS) vulnerability in Rapid Install Web Server ...)
+CVE-2007-3553
 	NOT-FOR-US: Oracle
-CVE-2007-3552 (Multiple unspecified vulnerabilities in bbs100 before 3.2 allow remote ...)
+CVE-2007-3552
 	NOT-FOR-US: bbs100
-CVE-2007-3551 (Buffer overflow in bbs100 before 3.2 allows remote attackers to cause ...)
+CVE-2007-3551
 	NOT-FOR-US: bbs100
-CVE-2007-3550 (** DISPUTED ** ...)
+CVE-2007-3550
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3549 (SQL injection vulnerability in view_sub_cat.php in Buddy Zone 1.5 ...)
+CVE-2007-3549
 	NOT-FOR-US: Buddy Zone
-CVE-2007-3548 (Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers ...)
+CVE-2007-3548
 	NOT-FOR-US: W3Filer
-CVE-2007-3547 (Directory traversal vulnerability in qti_checkname.php in QuickTicket ...)
+CVE-2007-3547
 	NOT-FOR-US: QuickTicket
-CVE-2007-3546 (Cross-site scripting (XSS) vulnerability in the Windows GUI in Nessus ...)
+CVE-2007-3546
 	NOT-FOR-US: Nessus Windows GUI
-CVE-2007-3545 (Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows ...)
+CVE-2007-3545
 	NOT-FOR-US: Warzone
-CVE-2007-3544 (Unrestricted file upload vulnerability in (1) wp-app.php and (2) ...)
+CVE-2007-3544
 	- wordpress 2.2.2-1
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2007-3543 (Unrestricted file upload vulnerability in WordPress before 2.2.1 and ...)
+CVE-2007-3543
 	- wordpress 2.2.1-1
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2007-3542 (Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml ...)
+CVE-2007-3542
 	NOT-FOR-US: Pluxml
-CVE-2007-3541 (Cross-site scripting (XSS) vulnerability in Kurinton sHTTPd 20070408 ...)
+CVE-2007-3541
 	NOT-FOR-US: Kurinton sHTTPd
-CVE-2007-3540 (Multiple cross-site scripting (XSS) vulnerabilities in search.asp in ...)
+CVE-2007-3540
 	NOT-FOR-US: rwAuction
-CVE-2007-3539 (Multiple SQL injection vulnerabilities in QuickTicket 1.2 ...)
+CVE-2007-3539
 	NOT-FOR-US: QuickTicket
-CVE-2007-3538 (SQL injection vulnerability in qtg_msg_view.php in QuickTalk guestbook ...)
+CVE-2007-3538
 	NOT-FOR-US: QuickTalk
-CVE-2007-3537 (IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends ...)
+CVE-2007-3537
 	NOT-FOR-US: IBM OS/400
-CVE-2007-3536 (Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX ...)
+CVE-2007-3536
 	NOT-FOR-US: AMX NetLinx VNC
-CVE-2007-3535 (Multiple directory traversal vulnerabilities in GL-SH Deaf Forum 6.4.4 ...)
+CVE-2007-3535
 	NOT-FOR-US: GL-SH Deaf Forum
-CVE-2007-3534 (SQL injection vulnerability in login.php in WebChat 0.78 allows remote ...)
+CVE-2007-3534
 	NOT-FOR-US: WebChat
-CVE-2007-3533 (The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote ...)
+CVE-2007-3533
 	NOT-FOR-US: 3Com
-CVE-2007-3532 (NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and ...)
+CVE-2007-3532
 	- nvidia-kernel-common 20051028+1-0.1 (bug #434398; low)
 	[sarge] - nvidia-kernel-common <no-dsa> (Contrib and non-free not supported)
 	[etch] - nvidia-kernel-common <no-dsa> (Contrib and non-free not supported)
-CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia NVClock ...)
+CVE-2007-3531
 	- nvclock 0.8b-1 (low)
-CVE-2007-3530 (PHPDirector 0.21 and earlier stores the admin account name and ...)
+CVE-2007-3530
 	NOT-FOR-US: PHPDirector
-CVE-2007-3529 (videos.php in PHPDirector 0.21 and earlier allows remote attackers to ...)
+CVE-2007-3529
 	NOT-FOR-US: PHPDirector
-CVE-2007-3528 (The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC ...)
+CVE-2007-3528
 	- dar 2.3.3-1 (low; bug #425335)
 	[etch] - dar <no-dsa> (Minor issue)
 	[sarge] - dar <no-dsa> (Minor issue)
-CVE-2007-3527 (Integer overflow in Firebird 2.0.0 allows remote authenticated users ...)
+CVE-2007-3527
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-3526 (Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and earlier ...)
+CVE-2007-3526
 	NOT-FOR-US: Buddy Zone
-CVE-2007-3525 (Ripe Website Manager 0.8.9 and earlier allows remote attackers to ...)
+CVE-2007-3525
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-3524 (Multiple PHP remote file inclusion vulnerabilities in Ripe Website ...)
+CVE-2007-3524
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-3523 (Multiple directory traversal vulnerabilities in Module/Galerie.php in ...)
+CVE-2007-3523
 	NOT-FOR-US: XCMS
-CVE-2007-3522 (Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 ...)
+CVE-2007-3522
 	NOT-FOR-US: sPHPell
-CVE-2007-3521 (SQL injection vulnerability in ArcadeBuilder Game Portal Manager 1.7 ...)
+CVE-2007-3521
 	NOT-FOR-US: ArcadeBuilder Game Portal Manager
-CVE-2007-3520 (SQL injection vulnerability in process.php in Easybe 1-2-3 Music Store ...)
+CVE-2007-3520
 	NOT-FOR-US: Easybe
-CVE-2007-3519 (SQL injection vulnerability in eventdisplay.php in phpEventCalendar ...)
+CVE-2007-3519
 	NOT-FOR-US: phpEventCalendar
-CVE-2007-3518 (SQL injection vulnerability in msg.php in HispaH YouTube Clone Script ...)
+CVE-2007-3518
 	NOT-FOR-US: HispaH YouTube Clone Script
-CVE-2007-3517 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3 ...)
+CVE-2007-3517
 	NOT-FOR-US: Claroline
-CVE-2007-3516 (Multiple cross-site scripting (XSS) vulnerabilities in kayit.asp in ...)
+CVE-2007-3516
 	NOT-FOR-US: Gorki Online Santrac Sitesi
-CVE-2007-3515 (SQL injection vulnerability in view_event.php in TotalCalendar 2.402 ...)
+CVE-2007-3515
 	NOT-FOR-US: TotalCalendar
-CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows ...)
+CVE-2007-3514
 	NOT-FOR-US: Apple Safari
-CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux ...)
+CVE-2007-3513
 	{DSA-1356-1}
 	- linux-2.6 2.6.22-1
 	NOTE: Fixed in commit 5afeb104e7901168b21aad0437fb51dc620dfdd3
 	NOTE: in Linus' tree.
-CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows ...)
+CVE-2007-3512
 	NOT-FOR-US: Lhaca
-CVE-2007-3511 (The focus handling for the onkeydown event in Mozilla Firefox ...)
+CVE-2007-3511
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (bug #438873; low)
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-32
-CVE-2007-3510 (Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 ...)
+CVE-2007-3510
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec Backup ...)
+CVE-2007-3509
 	NOT-FOR-US: Symantec
-CVE-2007-3508 (** DISPUTED ** ...)
+CVE-2007-3508
 	- glibc 2.6-2 (unimportant; bug #431858)
 	NOTE: Not security-relevant
-CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value function ...)
+CVE-2007-3507
 	- flac123 0.0.11-1 (low; bug #432008)
 	[etch] - flac123 <no-dsa> (Minor issue)
-CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType ...)
+CVE-2007-3506
 	- freetype 2.3.4 (bug #432013)
 	[sarge] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
 	[etch] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
 	[lenny] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
-CVE-2007-3505 (Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 ...)
+CVE-2007-3505
 	NOT-FOR-US: QuickTalk forum
-CVE-2007-3504 (Directory traversal vulnerability in the PersistenceService in Sun ...)
+CVE-2007-3504
 	- sun-java5 <not-affected>
 	NOTE: Sun Alert ID 102957 says issue is Windows only
-CVE-2007-3503 (The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML ...)
+CVE-2007-3503
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java5 1.5.0-12-1
 	[etch] - sun-java6 <no-dsa> (non-free)
 	- sun-java6 6-01-1 (bug #432006)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3502 (Unspecified vulnerability in the web-based product configuration ...)
+CVE-2007-3502
 	NOT-FOR-US: Kaspersky Anti-Spam
-CVE-2007-3501 (Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in ...)
+CVE-2007-3501
 	NOT-FOR-US: DirectAdmin
-CVE-2007-3500 (Xeweb XEForum allows remote attackers to gain privileges via a ...)
+CVE-2007-3500
 	NOT-FOR-US: Xeweb XEForum
-CVE-2007-3499 (SlackRoll before 8 accepts gpg exit codes other than 0 and 1 as ...)
+CVE-2007-3499
 	NOT-FOR-US: SlackRoll
-CVE-2007-3498 (Cross-site scripting (XSS) vulnerability in smoketests/configForm.php ...)
+CVE-2007-3498
 	NOT-FOR-US: HTML Purifier
-CVE-2007-3497 (Microsoft Internet Explorer 7 allows remote attackers to determine the ...)
+CVE-2007-3497
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3496 (Cross-site scripting (XSS) vulnerability in SAP Web Dynpro Java ...)
+CVE-2007-3496
 	NOT-FOR-US: SAP Web Dynpro Java
-CVE-2007-3495 (Multiple cross-site scripting (XSS) vulnerabilities in the SAP ...)
+CVE-2007-3495
 	NOT-FOR-US: SAP Internet Communication Framework
-CVE-2007-3494 (Papoo CMS 3.6, and possibly earlier, does not verify user privileges ...)
+CVE-2007-3494
 	NOT-FOR-US: Papoo CMS
-CVE-2007-3493 (A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in ...)
+CVE-2007-3493
 	NOT-FOR-US: NCTAudioStudio
-CVE-2007-3492 (Conti FtpServer 1.0 allows remote authenticated users to cause a ...)
+CVE-2007-3492
 	NOT-FOR-US: Conti FtpServer
-CVE-2007-3491 (Buffer overflow in _mprosrv in Progress Software OpenEdge before ...)
+CVE-2007-3491
 	NOT-FOR-US: Progress Software OpenEdge
-CVE-2007-3490 (Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote ...)
+CVE-2007-3490
 	NOT-FOR-US: Microsoft Excel 2003 SP2
-CVE-2007-3489 (Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in ...)
+CVE-2007-3489
 	NOT-FOR-US: Check Point VPN-1 Edge X
-CVE-2007-3488 (Heap-based buffer overflow in the viewer ActiveX control in Sony ...)
+CVE-2007-3488
 	NOT-FOR-US: Sony Network Camera SNC-P5 1.0
-CVE-2007-3487 (Absolute path traversal in a certain ActiveX control in hpqxml.dll ...)
+CVE-2007-3487
 	NOT-FOR-US: Hewlett-Packard (HP) Photo Digital Imaging ActiveX control
-CVE-2007-3486 (Cross-site scripting (XSS) vulnerability in AltaVista search engine ...)
+CVE-2007-3486
 	NOT-FOR-US: AltaVista
-CVE-2007-3485 (Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server ...)
+CVE-2007-3485
 	NOT-FOR-US: Yandex.Server
-CVE-2007-3484 (** DISPUTED ** ...)
+CVE-2007-3484
 	NOT-FOR-US: Google Custom Search Engine
-CVE-2007-3483 (Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a ...)
+CVE-2007-3483
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2007-3482 (Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows ...)
+CVE-2007-3482
 	NOT-FOR-US: Apple Safari
-CVE-2007-3481 (** DISPUTED ** ...)
+CVE-2007-3481
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3480 (PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to ...)
+CVE-2007-3480
 	NOT-FOR-US: PCSoft WinDEV
-CVE-2007-3479 (Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p) allows ...)
+CVE-2007-3479
 	NOT-FOR-US: PCSoft WinDEV
-CVE-2007-3478 (Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in ...)
+CVE-2007-3478
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: this is a crash, and does not seem to be attacker controlled.
-CVE-2007-3477 (The (a) imagearc and (b) imagefilledarc functions in GD Graphics ...)
+CVE-2007-3477
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
 	- libwmf <unfixed>  (unimportant)
 	- racket 5.0.2-1 (unimportant; bug #601525)
 	NOTE: Only present in one of the sample pl-scheme packages (plot)
 	NOTE: CPU consumption DoS
-CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library (libgd) ...)
+CVE-2007-3476
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
 	- libwmf <unfixed> (unimportant)
 	- racket 5.0.2-1 (unimportant; bug #601525)
 	NOTE: Only present in one of the sample pl-scheme packages (plot)
 	NOTE: can write a 0 to a 4k window in heap, very unlikely to be controllable.
-CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows user-assisted ...)
+CVE-2007-3475
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: out-of-band memory read, does not appear attacker controlled.
-CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the GD ...)
+CVE-2007-3474
 	NOTE: appears to be prophylactic dup of CVE-2007-3476.
-CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library (libgd) ...)
+CVE-2007-3473
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: this is only a NULL deref crash (same as CVE-2007-3472)
-CVE-2007-3472 (Integer overflow in gdImageCreateTrueColor function in the GD Graphics ...)
+CVE-2007-3472
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: this is only a NULL deref crash.
-CVE-2007-3471 (Buffer overflow in the dtsession Common Desktop Environment (CDE) ...)
+CVE-2007-3471
 	NOT-FOR-US: Sun Solaris dtsession
-CVE-2007-3470 (Multiple unspecified vulnerabilities in the KSSL kernel module in Sun ...)
+CVE-2007-3470
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3469 (Unspecified vulnerability in the TCP Loopback/Fusion implementation in ...)
+CVE-2007-3469
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3468 (input.c in VideoLAN VLC Media Player before 0.8.6c allows remote ...)
+CVE-2007-3468
 	{DSA-1332-1}
 	- vlc 0.8.6.c.debian-1 (bug #429726)
-CVE-2007-3467 (Integer overflow in the __status_Update function in stats.c VideoLAN ...)
+CVE-2007-3467
 	{DSA-1332-1}
 	- vlc 0.8.6.c-1 (bug #429726)
 CVE-2007-3466
 	RESERVED
-CVE-2007-3465 (Check Point SofaWare Safe@Office, with firmware before Embedded NGX ...)
+CVE-2007-3465
 	NOT-FOR-US: Check Point SofaWare Safe
-CVE-2007-3464 (Check Point SofaWare Safe@Office, with firmware before Embedded NGX ...)
+CVE-2007-3464
 	NOT-FOR-US: Check Point SofaWare Safe
-CVE-2007-3463 (** DISPUTED ** ...)
+CVE-2007-3463
 	NOT-FOR-US: Microsoft Windows XP SP2
-CVE-2007-3462 (Cross-site request forgery (CSRF) vulnerability in Check Point ...)
+CVE-2007-3462
 	NOT-FOR-US: Check Point SofaWare Safe
-CVE-2007-3461 (SQL injection vulnerability in property.php in elkagroup Image Gallery ...)
+CVE-2007-3461
 	NOT-FOR-US: elkagroup Image Gallery
-CVE-2007-3460 (Multiple PHP remote file inclusion vulnerabilities in index.php3 in ...)
+CVE-2007-3460
 	NOT-FOR-US: EVA-Web
-CVE-2007-3459 (A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax ...)
+CVE-2007-3459
 	NOT-FOR-US: Civitech Avax Vector
-CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local users to ...)
+CVE-2007-3458
 	NOT-FOR-US: Sun Solaris libsldap
-CVE-2007-3457 (Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP ...)
+CVE-2007-3457
 	- flashplugin-nonfree 9.0.48.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (non-free not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (non-free not supported)
-CVE-2007-3456 (Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might ...)
+CVE-2007-3456
 	- flashplugin-nonfree 9.0.48.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (non-free not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (non-free not supported)
-CVE-2007-3455 (cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan ...)
+CVE-2007-3455
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2007-3454 (Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in ...)
+CVE-2007-3454
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2007-3453 (SQL injection vulnerability in Papoo 3.6, and possibly earlier, allows ...)
+CVE-2007-3453
 	NOT-FOR-US: Papoo
-CVE-2007-3452 (SQL injection vulnerability in essentials/minutes/doc.php in eDocStore ...)
+CVE-2007-3452
 	NOT-FOR-US: eDocStore
-CVE-2007-3451 (PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog ...)
+CVE-2007-3451
 	NOT-FOR-US: 6ALBlog
-CVE-2007-3450 (SQL injection vulnerability in member.php in 6ALBlog allows remote ...)
+CVE-2007-3450
 	NOT-FOR-US: 6ALBlog
-CVE-2007-3449 (SQL injection vulnerability in member.php in 6ALBlog allows remote ...)
+CVE-2007-3449
 	NOT-FOR-US: 6ALBlog
-CVE-2007-3448 (Cross-site scripting (XSS) vulnerability in index.php in BugMall ...)
+CVE-2007-3448
 	NOT-FOR-US: BugMall Shopping Cart
-CVE-2007-3447 (SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier ...)
+CVE-2007-3447
 	NOT-FOR-US: BugMall Shopping Cart
-CVE-2007-3446 (BugMall Shopping Cart 2.5 and earlier has a default username &quot;demo&quot; ...)
+CVE-2007-3446
 	NOT-FOR-US: BugMall Shopping Cart
-CVE-2007-3445 (Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows ...)
+CVE-2007-3445
 	NOT-FOR-US: SJphone
-CVE-2007-3444 (The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows ...)
+CVE-2007-3444
 	NOT-FOR-US: BlackBerry 7270
-CVE-2007-3443 (The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does ...)
+CVE-2007-3443
 	NOT-FOR-US: BlackBerry 7270
-CVE-2007-3442 (Format string vulnerability on the Research in Motion BlackBerry 7270 ...)
+CVE-2007-3442
 	NOT-FOR-US: BlackBerry 7270
-CVE-2007-3441 (Format string vulnerability in the Aastra 9112i SIP Phone with ...)
+CVE-2007-3441
 	NOT-FOR-US: Aastra 9112i SIP Phone
-CVE-2007-3440 (The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, ...)
+CVE-2007-3440
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2007-3439 (The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, ...)
+CVE-2007-3439
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2007-3438 (Buffer overflow in the SIP header parsing module in the Nortel PC ...)
+CVE-2007-3438
 	NOT-FOR-US: Nortel PC Client SIP Soft Phone
-CVE-2007-3437 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote ...)
+CVE-2007-3437
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2007-3436 (Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to ...)
+CVE-2007-3436
 	NOT-FOR-US: Microsoft
-CVE-2007-3435 (Stack-based buffer overflow in the BeginPrint method in a certain ...)
+CVE-2007-3435
 	NOT-FOR-US: BarCodeAx.dll
-CVE-2007-3434 (index.php in Pharmacy System 2 and earlier allows remote attackers to ...)
+CVE-2007-3434
 	NOT-FOR-US: Pharmacy System
-CVE-2007-3433 (SQL injection vulnerability in index.php in Pharmacy System 2 and ...)
+CVE-2007-3433
 	NOT-FOR-US: Pharmacy System
-CVE-2007-3432 (Unrestricted file upload vulnerability in admin/images.php in Pluxml ...)
+CVE-2007-3432
 	NOT-FOR-US: Pluxml
-CVE-2007-3431 (PHP remote file inclusion vulnerability in cal.func.php in Valerio ...)
+CVE-2007-3431
 	NOT-FOR-US: Dagger
-CVE-2007-3430 (SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 ...)
+CVE-2007-3430
 	NOT-FOR-US: Simple Invoices
-CVE-2007-3429 (Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and ...)
+CVE-2007-3429
 	NOT-FOR-US: e107
-CVE-2007-3428 (Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow ...)
+CVE-2007-3428
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3427 (SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and ...)
+CVE-2007-3427
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3426 (Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA ...)
+CVE-2007-3426
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3425 (Directory traversal vulnerability in index.php in phpTrafficA 1.4.2 ...)
+CVE-2007-3425
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3424 (The moveim function in cgi-bin/cgi-lib/instantmessage.pl in ...)
+CVE-2007-3424
 	NOT-FOR-US: WebAPP
-CVE-2007-3423 (cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 ...)
+CVE-2007-3423
 	NOT-FOR-US: WebAPP
-CVE-2007-3422 (The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP ...)
+CVE-2007-3422
 	NOT-FOR-US: WebAPP
-CVE-2007-3421 (The (1) login, (2) admin profile edit, (3) reminder, (4) edit profile, ...)
+CVE-2007-3421
 	NOT-FOR-US: WebAPP
-CVE-2007-3420 (The Random Cookie Password functionality in the loaduser function in ...)
+CVE-2007-3420
 	NOT-FOR-US: WebAPP
-CVE-2007-3419 (The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org ...)
+CVE-2007-3419
 	NOT-FOR-US: WebAPP
-CVE-2007-3418 (The displaypost function in cgi-bin/cgi-lib/forum_display.pl in ...)
+CVE-2007-3418
 	NOT-FOR-US: WebAPP
-CVE-2007-3417 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-3417
 	NOT-FOR-US: WebAPP
-CVE-2007-3416 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2007-3416
 	NOT-FOR-US: WebAPP
-CVE-2007-3415 (Multiple SQL injection vulnerabilities in index.php in phpRaider 1.0.0 ...)
+CVE-2007-3415
 	NOT-FOR-US: phpRaider
-CVE-2007-3414 (Multiple cross-site scripting (XSS) vulnerabilities in access2asp 4.5 ...)
+CVE-2007-3414
 	NOT-FOR-US: access2asp
-CVE-2007-3413 (Multiple cross-site scripting (XSS) vulnerabilities in bosDataGrid ...)
+CVE-2007-3413
 	NOT-FOR-US: bosDataGrid
-CVE-2007-3412 (Cross-site scripting (XSS) vulnerability in edit_image.asp in ...)
+CVE-2007-3412
 	NOT-FOR-US: ClickGallery Server
-CVE-2007-3411 (SQL injection vulnerability in edit_image.asp in ClickGallery Server ...)
+CVE-2007-3411
 	NOT-FOR-US: ClickGallery Server
-CVE-2007-3410 (Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue ...)
+CVE-2007-3410
 	- helix-player <not-affected> (Debian versions of Helix player not affected according to maintainer)
-CVE-2007-3409 (Net::DNS before 0.60, a Perl module, allows remote attackers to cause ...)
+CVE-2007-3409
 	{DSA-1515-1}
 	- libnet-dns-perl 0.60-1 (low)
-CVE-2007-3408 (Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have ...)
+CVE-2007-3408
 	- dia <not-affected> (Windows packaging with bundled FreeType libs)
-CVE-2007-3407 (Sergey Lyubka Simple HTTPD (shttpd) 1.38 allows remote attackers to ...)
+CVE-2007-3407
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-3406 (Multiple absolute path traversal vulnerabilities in Microsoft Internet ...)
+CVE-2007-3406
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3405 (Multiple cross-site scripting (XSS) vulnerabilities in defter_yaz.asp ...)
+CVE-2007-3405
 	NOT-FOR-US: Lebisoft zdefter
-CVE-2007-3404 (Directory traversal vulnerability in ShowImage.php in SiteDepth CMS ...)
+CVE-2007-3404
 	NOT-FOR-US: SiteDepth CMS
-CVE-2007-3403 (Unrestricted file upload vulnerability in upload.php in dreamLog (aka ...)
+CVE-2007-3403
 	NOT-FOR-US: dreamLog
-CVE-2007-3402 (SQL injection vulnerability in index.php in pagetool 1.07 allows ...)
+CVE-2007-3402
 	NOT-FOR-US: pagetool
-CVE-2007-3401 (PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB ...)
+CVE-2007-3401
 	NOT-FOR-US: B1GBB
-CVE-2007-3400 (The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as ...)
+CVE-2007-3400
 	NOT-FOR-US: NCTAudioEditor2 ActiveX control
-CVE-2007-3399 (SQL injection vulnerability in include/get_userdata.php in Power ...)
+CVE-2007-3399
 	NOT-FOR-US: Power Phlogger
-CVE-2007-3398 (LiteWEB 2.7 allows remote attackers to cause a denial of service ...)
+CVE-2007-3398
 	NOT-FOR-US: LiveWEB
-CVE-2007-3397 (The web container in IBM WebSphere Application Server (WAS) before ...)
+CVE-2007-3397
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3396 (Cross-site scripting (XSS) vulnerability in index.wkf in KeyFocus (KF) ...)
+CVE-2007-3396
 	NOT-FOR-US: KeyFocus
 CVE-2007-3395
 	REJECTED
-CVE-2007-3394 (Multiple SQL injection vulnerabilities in eNdonesia 8.4 allow remote ...)
+CVE-2007-3394
 	NOT-FOR-US: eNdonesia
-CVE-2007-3388 (Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) ...)
+CVE-2007-3388
 	{DSA-1426-1}
 	- qt-x11-free 3:3.3.7-6
 	- qt4-x11 <not-affected> (This problem is not present in any version of Qt 4)
 	NOTE: http://web.archive.org/web/20080206133848/http://trolltech.com:80/company/newsroom/announcements/press.2007-07-27.7503755960
-CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor function in ...)
+CVE-2007-3387
 	{DSA-1357-1 DSA-1355-1 DSA-1354-1 DSA-1352-1 DSA-1350-1 DSA-1349-1 DSA-1348-1 DSA-1347-1 DTSA-49-1 DTSA-50-1 DTSA-54-1 DTSA-62-1}
 	- poppler 0.5.4-6.1 (bug #435460)
 	- gpdf <removed>
@@ -8019,406 +8019,406 @@ CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor function
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- ipe <not-affected> (Does not include the vulnerable code)
 	- swftools 0.9.2+ds1-2
-CVE-2007-3386 (Cross-site scripting (XSS) vulnerability in the Host Manager Servlet ...)
+CVE-2007-3386
 	{DSA-1447-1}
 	- tomcat5.5 5.5.25-1
-CVE-2007-3385 (Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 ...)
+CVE-2007-3385
 	{DSA-1453-1 DSA-1447-1}
 	- tomcat5.5 5.5.25-1
 	- tomcat5 <removed>
-CVE-2007-3384 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-3384
 	NOT-FOR-US: tomcat 3.3
-CVE-2007-3383 (Cross-site scripting (XSS) vulnerability in SendMailServlet in the ...)
+CVE-2007-3383
 	- tomcat4 <removed> (low)
 	[sarge] - tomcat4 <no-dsa> (Contrib not supported)
 	NOTE: affects example app in tomcat4-webapps
-CVE-2007-3382 (Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 ...)
+CVE-2007-3382
 	{DSA-1453-1 DSA-1447-1}
 	- tomcat5.5 5.5.25-1
 	- tomcat5 <removed>
-CVE-2007-3381 (The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x ...)
+CVE-2007-3381
 	- gdm 2.18.4-1 (low)
 	[sarge] - gdm <no-dsa> (Minor issue)
 	[etch] - gdm <no-dsa> (Minor issue)
-CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for Linux ...)
+CVE-2007-3380
 	- linux-2.6 2.6.23-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2007-3379 (Unspecified vulnerability in the kernel in Red Hat Enterprise Linux ...)
+CVE-2007-3379
 	- linux-2.6 <not-affected> (Red Hat-specific vulnerability)
-CVE-2007-3378 (The (1) session_save_path, (2) ini_set, and (3) error_log functions in ...)
+CVE-2007-3378
 	- php4 <removed> (unimportant)
 	- php5 5.2.4-1 (unimportant)
-CVE-2007-3377 (Header.pm in Net::DNS before 0.60, a Perl module, (1) generates ...)
+CVE-2007-3377
 	{DSA-1515-1}
 	- libnet-dns-perl 0.60-1 (low)
-CVE-2007-3376 (Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows ...)
+CVE-2007-3376
 	NOT-FOR-US: Apple Safari
-CVE-2007-3375 (Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows ...)
+CVE-2007-3375
 	NOT-FOR-US: Lhaca
-CVE-2007-3374 (Buffer overflow in cluster/cman/daemon/daemon.c in cman ...)
+CVE-2007-3374
 	- redhat-cluster <not-affected> (Just relevant in newer versions, we don't ship this file)
-CVE-2007-3373 (daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear ...)
+CVE-2007-3373
 	- redhat-cluster <not-affected> (Just relevant in newer versions, we don't ship this file)
-CVE-2007-3389 (Wireshark before 0.99.6 allows remote attackers to cause a denial of ...)
+CVE-2007-3389
 	- wireshark 0.99.6pre1-1
 	[etch] - wireshark <not-affected> (Only affected 0.99.5)
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3390 (Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain ...)
+CVE-2007-3390
 	{DSA-1322-1}
 	- wireshark 0.99.6pre1-1
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3391 (Wireshark 0.99.5 allows remote attackers to cause a denial of service ...)
+CVE-2007-3391
 	- wireshark 0.99.6pre1-1
 	[etch] - wireshark <not-affected> (Only affected 0.99.5)
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3392 (Wireshark before 0.99.6 allows remote attackers to cause a denial of ...)
+CVE-2007-3392
 	{DSA-1322-1}
 	- wireshark 0.99.6pre1-1
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3393 (Off-by-one error in the DHCP/BOOTP dissector in Wireshark before ...)
+CVE-2007-3393
 	{DSA-1322-1}
 	- wireshark 0.99.6pre1-1
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3372 (The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a ...)
+CVE-2007-3372
 	{DSA-1690-1}
 	- avahi 0.6.20-2 (low)
 	[etch] - avahi <no-dsa> (Minor issue, only affects local users)
-CVE-2007-3371 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3371
 	NOT-FOR-US: Powl
-CVE-2007-3370 (Multiple PHP remote file inclusion vulnerabilities in Sun Board ...)
+CVE-2007-3370
 	NOT-FOR-US: Sun Board
-CVE-2007-3369 (Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with ...)
+CVE-2007-3369
 	NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
-CVE-2007-3368 (Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 ...)
+CVE-2007-3368
 	NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
-CVE-2007-3367 (Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before ...)
+CVE-2007-3367
 	NOT-FOR-US: cPanel
-CVE-2007-3366 (Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper ...)
+CVE-2007-3366
 	NOT-FOR-US: cPanel
-CVE-2007-3365 (MyServer 0.8.9 and earlier does not properly handle uppercase ...)
+CVE-2007-3365
 	NOT-FOR-US: MyServer
-CVE-2007-3364 (Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi ...)
+CVE-2007-3364
 	NOT-FOR-US: MyServer
-CVE-2007-3363 (Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 ...)
+CVE-2007-3363
 	NOT-FOR-US: AGEphone
-CVE-2007-3362 (ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC ...)
+CVE-2007-3362
 	NOT-FOR-US: AGEphone
-CVE-2007-3361 (The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows ...)
+CVE-2007-3361
 	NOT-FOR-US: Nortel PC Client SIP Soft Phone
-CVE-2007-3360 (hook.c in BitchX 1.1-final allows remote IRC servers to execute ...)
+CVE-2007-3360
 	- ircii-pana <removed> (medium; bug #432120)
 	NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=bitchx_CVE-2007-3360.patch;att=1;bug=432120
-CVE-2007-3359 (Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and ...)
+CVE-2007-3359
 	NOT-FOR-US: SerWeb
-CVE-2007-3358 (PHP remote file inclusion vulnerability in html/load_lang.php in ...)
+CVE-2007-3358
 	NOT-FOR-US: SerWeb
-CVE-2007-3357 (NetClassifieds Premium Edition does not use encryption for (1) stored ...)
+CVE-2007-3357
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2007-3356 (NetClassifieds Premium Edition allows remote attackers to obtain ...)
+CVE-2007-3356
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2007-3355 (Multiple cross-site scripting (XSS) vulnerabilities in NetClassifieds ...)
+CVE-2007-3355
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2007-3354 (Multiple SQL injection vulnerabilities in NetClassifieds Premium ...)
+CVE-2007-3354
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2007-3353 (** DISPUTED ** ...)
+CVE-2007-3353
 	NOT-FOR-US: MyEvent
-CVE-2007-3352 (Cross-site scripting (XSS) vulnerability in the preview form in ...)
+CVE-2007-3352
 	NOT-FOR-US: Stephen Ostermiller Contact Form
-CVE-2007-3351 (The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim ...)
+CVE-2007-3351
 	NOT-FOR-US: SJPhone SIP
-CVE-2007-3350 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote ...)
+CVE-2007-3350
 	NOT-FOR-US: AIM
-CVE-2007-3349 (The Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version ...)
+CVE-2007-3349
 	NOT-FOR-US: Aastra 9112i SIP Phone
-CVE-2007-3348 (The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a ...)
+CVE-2007-3348
 	NOT-FOR-US: D-Link DPH-540/DPH-541 phone
-CVE-2007-3347 (The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are ...)
+CVE-2007-3347
 	NOT-FOR-US: D-Link DPH-540/DPH-541 phone
-CVE-2007-3346 (Directory traversal vulnerability in index.php in PHPAccounts 0.5 ...)
+CVE-2007-3346
 	NOT-FOR-US: PHPAccounts
-CVE-2007-3345 (Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 ...)
+CVE-2007-3345
 	NOT-FOR-US: PHPAccounts
-CVE-2007-3344 (Multiple cross-site scripting (XSS) vulnerabilities in netjukebox ...)
+CVE-2007-3344
 	NOT-FOR-US: netjukebox
-CVE-2007-3343 (Cross-site scripting (XSS) vulnerability in RaidenHTTPD before 2.0.14 ...)
+CVE-2007-3343
 	NOT-FOR-US: RaidenHTTPD
-CVE-2007-3342 (Multiple cross-site scripting (XSS) vulnerabilities in Movable Type ...)
+CVE-2007-3342
 	NOT-FOR-US: Movable Type
-CVE-2007-3341 (Unspecified vulnerability in the FTP implementation in Microsoft ...)
+CVE-2007-3341
 	NOT-FOR-US: Microsoft
-CVE-2007-3340 (BugHunter HTTP SERVER (httpsv.exe) 1.6.2 allows remote attackers to ...)
+CVE-2007-3340
 	NOT-FOR-US: HTTP Server 1.6.2
-CVE-2007-3339 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-3339
 	NOT-FOR-US: ColdFusion
-CVE-2007-3338 (Multiple stack-based buffer overflows in Ingres database server 2006 ...)
+CVE-2007-3338
 	NOT-FOR-US: Ingres
-CVE-2007-3337 (wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used ...)
+CVE-2007-3337
 	NOT-FOR-US: Ingres
-CVE-2007-3336 (Multiple &quot;pointer overwrite&quot; vulnerabilities in Ingres database server ...)
+CVE-2007-3336
 	NOT-FOR-US: Ingres
-CVE-2007-3335 (Multiple SQL injection vulnerabilities in the admin panel in PHPEcho ...)
+CVE-2007-3335
 	NOT-FOR-US: PHPEcho CMS
-CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications Server ...)
+CVE-2007-3334
 	NOT-FOR-US: Ingres
-CVE-2007-3333 (Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 ...)
+CVE-2007-3333
 	NOT-FOR-US: IBM AIX
-CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel Lite for ...)
+CVE-2007-3332
 	NOT-FOR-US: Satel Lite for PhpNuke
-CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO ...)
+CVE-2007-3331
 	NOT-FOR-US: STphp EasyNews PRO
-CVE-2007-3330 (Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 ...)
+CVE-2007-3330
 	NOT-FOR-US: STphp EasyNews PRO
-CVE-2007-3329 (Multiple array index errors in the (1) get_intra_block, (2) ...)
+CVE-2007-3329
 	NOT-FOR-US: Xvid
-CVE-2007-3328 (Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 ...)
+CVE-2007-3328
 	NOT-FOR-US: Interact
-CVE-2007-3327 (httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain ...)
+CVE-2007-3327
 	NOT-FOR-US: HTTP Server 1.6.2
-CVE-2007-3326 (Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow ...)
+CVE-2007-3326
 	NOT-FOR-US: vBulletin
-CVE-2007-3325 (PHP remote file inclusion vulnerability in lib/language.php in LAN ...)
+CVE-2007-3325
 	NOT-FOR-US: LAN Management System
-CVE-2007-3324 (Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart ...)
+CVE-2007-3324
 	NOT-FOR-US: Comersus Cart
-CVE-2007-3323 (SQL injection vulnerability in comersus_optReviewReadExec.asp in ...)
+CVE-2007-3323
 	NOT-FOR-US: Comersus Shop Cart
 CVE-2007-4168
 	REJECTED
-CVE-2007-3322 (The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP ...)
+CVE-2007-3322
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3321 (The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP ...)
+CVE-2007-3321
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3320 (The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP ...)
+CVE-2007-3320
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3319 (The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP ...)
+CVE-2007-3319
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3318 (Buffer overflow in the Session Initiation Protocol (SIP) User Access ...)
+CVE-2007-3318
 	NOT-FOR-US: Avaya one-X Desktop Edition
-CVE-2007-3317 (The Session Initiation Protocol (SIP) User Access Client (UAC) message ...)
+CVE-2007-3317
 	NOT-FOR-US: Avaya one-X Desktop Edition
-CVE-2007-3316 (Multiple format string vulnerabilities in plugins in VideoLAN VLC ...)
+CVE-2007-3316
 	{DSA-1332-1}
 	- vlc 0.8.6.c-1 (medium; bug #429726)
-CVE-2007-3315 (Multiple PHP remote file inclusion vulnerabilities in YourFreeScreamer ...)
+CVE-2007-3315
 	NOT-FOR-US: YourFreeScreamer
-CVE-2007-3314 (Stack-based buffer overflow in peviewer.spl in Altap Servant ...)
+CVE-2007-3314
 	NOT-FOR-US: Altap Servant Salamander
-CVE-2007-3313 (Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote ...)
+CVE-2007-3313
 	NOT-FOR-US: Jasmine CMS
-CVE-2007-3312 (Directory traversal vulnerability in admin/plugin_manager.php in ...)
+CVE-2007-3312
 	NOT-FOR-US: Jasmine CMS
-CVE-2007-3311 (SQL injection vulnerability in print.php in the Articles 1.02 and ...)
+CVE-2007-3311
 	NOT-FOR-US: Articles
-CVE-2007-3310 (Cross-site scripting (XSS) vulnerability in arama.asp in TDizin allows ...)
+CVE-2007-3310
 	NOT-FOR-US: TDizin
-CVE-2007-3309 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows ...)
+CVE-2007-3309
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-3308 (Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with ...)
+CVE-2007-3308
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-3307 (SQL injection vulnerability in game_listing.php in Solar Empire ...)
+CVE-2007-3307
 	NOT-FOR-US: Solar Empire
-CVE-2007-3306 (PHP remote file inclusion vulnerability in crontab/run_billing.php in ...)
+CVE-2007-3306
 	NOT-FOR-US: MiniBill
-CVE-2007-3305 (Heap-based buffer overflow in Cerulean Studios Trillian 3.x before ...)
+CVE-2007-3305
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2007-3304 (Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, ...)
+CVE-2007-3304
 	- apache <removed> (low)
 	- apache2 2.2.4-2 (low)
 	[etch] - apache2 2.2.3-4+etch2
 	[sarge] - apache2 2.0.54-5sarge2 (low)
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows ...)
+CVE-2007-3303
 	- apache2 <unfixed> (unimportant)
 	NOTE: If you can execute arbitrary code, a DoS is not a problem.
-CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713, and ...)
+CVE-2007-3302
 	NOT-FOR-US: CA
-CVE-2007-3301 (SQL injection vulnerability in forum/include/error/autherror.cfm in ...)
+CVE-2007-3301
 	NOT-FOR-US: FuseTalk
-CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux ...)
+CVE-2007-3300
 	NOT-FOR-US: F-Secure
-CVE-2007-3299 (Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when ...)
+CVE-2007-3299
 	- awffull 3.7.4final-1 (unimportant)
 	NOTE: awffull (a webalizer fork) does not have any cookie based authentication
 	NOTE: or other sensitive data that could be leaked through this
-CVE-2007-3298 (SQL injection vulnerability in Spey before 0.4.1 allows remote ...)
+CVE-2007-3298
 	NOT-FOR-US: Spey
-CVE-2007-3297 (Multiple PHP remote file inclusion vulnerabilities in Musoo 0.21 allow ...)
+CVE-2007-3297
 	NOT-FOR-US: Musoo
-CVE-2007-3296 (The ThunderServer.webThunder.1 ActiveX control in xunlei Web ...)
+CVE-2007-3296
 	NOT-FOR-US: Web Thunderbolt
-CVE-2007-3295 (Directory traversal vulnerability in Yet another Bulletin Board (YaBB) ...)
+CVE-2007-3295
 	NOT-FOR-US: YaBB
-CVE-2007-3294 (Multiple buffer overflows in libtidy, as used in the Tidy extension ...)
+CVE-2007-3294
 	- php5 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script
-CVE-2007-3293 (SQL injection vulnerability in categoria.php in LiveCMS 3.4 and ...)
+CVE-2007-3293
 	NOT-FOR-US: LiveCMS
-CVE-2007-3292 (Unrestricted file upload vulnerability in LiveCMS 3.4 and earlier ...)
+CVE-2007-3292
 	NOT-FOR-US: LiveCMS
-CVE-2007-3291 (Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier ...)
+CVE-2007-3291
 	NOT-FOR-US: LiveCMS
-CVE-2007-3290 (categoria.php in LiveCMS 3.4 and earlier allows remote attackers to ...)
+CVE-2007-3290
 	NOT-FOR-US: LiveCMS
-CVE-2007-3289 (PHP remote file inclusion vulnerability in spaw/spaw_control.class.php ...)
+CVE-2007-3289
 	NOT-FOR-US: WiwiMod for XOOPS
-CVE-2007-3288 (Cross-site scripting (XSS) vulnerability in the skeltoac stats ...)
+CVE-2007-3288
 	NOT-FOR-US: skeltoac stats plugin for WordPress
 CVE-2007-3287
 	RESERVED
-CVE-2007-3286 (Multiple buffer overflows in unspecified ActiveX controls in COM ...)
+CVE-2007-3286
 	NOT-FOR-US: Avaya IP Softphone
-CVE-2007-3285 (Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote ...)
+CVE-2007-3285
 	- iceweasel <not-affected> (Affects only Firefox in Windows)
 	NOTE: MFSA2007-22
-CVE-2007-3284 (corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows ...)
+CVE-2007-3284
 	NOT-FOR-US: Apple Safari
-CVE-2007-3283 (GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root ...)
+CVE-2007-3283
 	- xscreensaver <not-affected> (Not a security issue: works as documented)
-CVE-2007-3282 (Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX ...)
+CVE-2007-3282
 	NOT-FOR-US: Microsoft Office
-CVE-2007-3281 (Cross-site scripting (XSS) vulnerability in index.php in Php Hosting ...)
+CVE-2007-3281
 	NOT-FOR-US: Php Hosting Biller
-CVE-2007-3280 (The Database Link library (dblink) in PostgreSQL 8.1 implements ...)
+CVE-2007-3280
 	- postgresql-8.1 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
 	- postgresql-8.2 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
-CVE-2007-3279 (PostgreSQL 8.1 and probably later versions, when the PL/pgSQL ...)
+CVE-2007-3279
 	- postgresql-8.1 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
 	- postgresql-8.2 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
-CVE-2007-3278 (PostgreSQL 8.1 and probably later versions, when local trust ...)
+CVE-2007-3278
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.1 <not-affected> (local trust authentication is not enabled in Debian)
 	- postgresql-8.2 <not-affected> (local trust authentication is not enabled in Debian)
-CVE-2007-3277 (Unspecified vulnerability in the localization before 1.2 module for ...)
+CVE-2007-3277
 	NOT-FOR-US: localization module for WIKINDX
-CVE-2007-3276 (Cross-site scripting (XSS) vulnerability in index.php in Site@School ...)
+CVE-2007-3276
 	NOT-FOR-US: Site
-CVE-2007-3275 (MailWasher Server before 2.2.1, when used with LDAP or Active ...)
+CVE-2007-3275
 	NOT-FOR-US: MailWasher Server
-CVE-2007-3274 (Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause ...)
+CVE-2007-3274
 	NOT-FOR-US: Apple Safari
-CVE-2007-3273 (SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote ...)
+CVE-2007-3273
 	NOT-FOR-US: FuseTalk
-CVE-2007-3272 (Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows ...)
+CVE-2007-3272
 	NOT-FOR-US: MiniBB
-CVE-2007-3271 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3271
 	NOT-FOR-US: YourFreeScreamer
-CVE-2007-3270 (PHP remote file inclusion vulnerability in Includes/global.inc.php in ...)
+CVE-2007-3270
 	NOT-FOR-US: phpMyInventory
-CVE-2007-3269 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3.6 ...)
+CVE-2007-3269
 	NOT-FOR-US: Papoo Light
-CVE-2007-3268 (The TFTP implementation in IBM Tivoli Provisioning Manager for OS ...)
+CVE-2007-3268
 	NOT-FOR-US: IBM Tivoli Provisioning Manager
-CVE-2007-3267 (Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum ...)
+CVE-2007-3267
 	NOT-FOR-US: Fuzzylime Forum
-CVE-2007-3266 (Directory traversal vulnerability in webif.cgi in ifnet WEBIF allows ...)
+CVE-2007-3266
 	NOT-FOR-US: WEBIF
-CVE-2007-3265 (Cross-site scripting (XSS) vulnerability in the Samples component in ...)
+CVE-2007-3265
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3264 (Unspecified vulnerability in the PD tools component in IBM WebSphere ...)
+CVE-2007-3264
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3263 (Unspecified vulnerability in the Default Messaging Component in IBM ...)
+CVE-2007-3263
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3262 (Unspecified vulnerability in the Default Messaging Component in IBM ...)
+CVE-2007-3262
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3261 (Cross-site scripting (XSS) vulnerability in widgets/widget_search.php ...)
+CVE-2007-3261
 	NOT-FOR-US: dKret
-CVE-2007-3260 (HP System Management Homepage (SMH) before 2.1.9 for Linux, when used ...)
+CVE-2007-3260
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-3259 (Calendarix 0.7.20070307 allows remote attackers to obtain sensitive ...)
+CVE-2007-3259
 	NOT-FOR-US: Calendarix
-CVE-2007-3258 (calendar.php in Calendarix 0.7.20070307 allows remote attackers to ...)
+CVE-2007-3258
 	NOT-FOR-US: Calendarix
-CVE-2007-3257 (Camel (camel-imap-folder.c) in the mailer component for Evolution Data ...)
+CVE-2007-3257
 	{DSA-1325-1 DSA-1321-1}
 	- evolution 2.12.0-1
 	- evolution-data-server 1.10.2-2 (bug #429876)
 	[sarge] - evolution-data-server <not-affected> (Vulnerable code present in a different source package)
-CVE-2007-3256 (Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and ...)
+CVE-2007-3256
 	NOT-FOR-US: Xythos Enterprise Document Manager
-CVE-2007-3255 (Multiple cross-site request forgery (CSRF) vulnerabilities in Xythos ...)
+CVE-2007-3255
 	NOT-FOR-US: Xythos Enterprise Document Manager
-CVE-2007-3254 (Multiple cross-site scripting (XSS) vulnerabilities in Xythos ...)
+CVE-2007-3254
 	NOT-FOR-US: Xythos Enterprise Document Manager
-CVE-2007-3253 (Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) ...)
+CVE-2007-3253
 	NOT-FOR-US: Astaro Security Gateway
-CVE-2007-3252 (PortalApp stores sensitive information under the web root with ...)
+CVE-2007-3252
 	NOT-FOR-US: PortalApp
-CVE-2007-3251 (Multiple directory traversal vulnerabilities in e-Vision CMS 2.02 and ...)
+CVE-2007-3251
 	NOT-FOR-US: e-Vision CMS
-CVE-2007-3250 (SQL injection vulnerability in mod_banners.php in Elxis CMS before ...)
+CVE-2007-3250
 	NOT-FOR-US: Elxis CMS
-CVE-2007-3249 (Cross-site scripting (XSS) vulnerability in mod_lettermansubscribe.php ...)
+CVE-2007-3249
 	NOT-FOR-US: Letterman Subscriber
-CVE-2007-3248 (Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 ...)
+CVE-2007-3248
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3247 (SQL injection vulnerability in VirtueMart before 1.0.11 allows remote ...)
+CVE-2007-3247
 	NOT-FOR-US: VirtueMart
-CVE-2007-3246 (The do_set_password function in modules/chanserv/set.c in IRC Services ...)
+CVE-2007-3246
 	NOT-FOR-US: IRC Services
-CVE-2007-3245 (IRC Services before 5.0.62, and 5.1 before 5.1pre3, allows remote ...)
+CVE-2007-3245
 	NOT-FOR-US: IRC Services
-CVE-2007-3244 (SQL injection vulnerability in bb-includes/formatting-functions.php in ...)
+CVE-2007-3244
 	NOT-FOR-US: bbPress
-CVE-2007-3243 (Cross-site scripting (XSS) vulnerability in bb-login.php in bbPress ...)
+CVE-2007-3243
 	NOT-FOR-US: bbPress
-CVE-2007-3242 (The Menu Manager Mod for (1) web-app.net WebAPP (aka WebAPP NE) ...)
+CVE-2007-3242
 	NOT-FOR-US: WebAPP
-CVE-2007-3241 (Cross-site scripting (XSS) vulnerability in blogroll.php in the ...)
+CVE-2007-3241
 	NOT-FOR-US: cordobo-green-park theme for WordPress
-CVE-2007-3240 (Cross-site scripting (XSS) vulnerability in 404.php in the ...)
+CVE-2007-3240
 	NOT-FOR-US: Vistered-Little theme for WordPress
-CVE-2007-3239 (Cross-site scripting (XSS) vulnerability in searchform.php in the ...)
+CVE-2007-3239
 	NOT-FOR-US: AndyBlue theme for WordPress
-CVE-2007-3238 (Cross-site scripting (XSS) vulnerability in functions.php in the ...)
+CVE-2007-3238
 	{DSA-1502-1}
 	- wordpress 2.2.2-1 (low)
-CVE-2007-3237 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3237
 	NOT-FOR-US: XOOPS
-CVE-2007-3236 (PHP remote file inclusion vulnerability in footer.php in the Horoscope ...)
+CVE-2007-3236
 	NOT-FOR-US: XOOPS
-CVE-2007-3235 (Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum ...)
+CVE-2007-3235
 	NOT-FOR-US: Fuzzylime Forum
-CVE-2007-3234 (SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows ...)
+CVE-2007-3234
 	NOT-FOR-US: Fuzzylime Forum
-CVE-2007-3233 (The TEC-IT TBarCode OCX ActiveX control (TBarCode7.ocx) 7.0.2.3524 ...)
+CVE-2007-3233
 	NOT-FOR-US: TEC-IT
-CVE-2007-3232 (The IBM TotalStorage DS400 with firmware 4.15 uses a blank password ...)
+CVE-2007-3232
 	NOT-FOR-US: IBM
-CVE-2007-3231 (Buffer overflow in MeCab before 0.96 has unknown impact and attack ...)
+CVE-2007-3231
 	- mecab 0.95-1.1 (bug #429174; low)
 	[etch] - mecab <no-dsa> (Minor issue)
 	[sarge] - mecab <no-dsa> (Minor issue)
-CVE-2007-3230 (PHP remote file inclusion vulnerability in phphtml.php in Idan Sofer ...)
+CVE-2007-3230
 	NOT-FOR-US: PHP::HTML
-CVE-2007-3229 (index.php in Singapore Gallery allows remote attackers to obtain ...)
+CVE-2007-3229
 	NOT-FOR-US: Singapore Gallery
-CVE-2007-3228 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3228
 	NOT-FOR-US: Sitellite CMS
-CVE-2007-3227 (Cross-site scripting (XSS) vulnerability in the to_json ...)
+CVE-2007-3227
 	- rails 1.2.5-1 (bug #429177)
-CVE-2007-3226 (Cross-site scripting (XSS) vulnerability in dotProject before 2.1 RC2 ...)
+CVE-2007-3226
 	NOT-FOR-US: dotProject
-CVE-2007-3225 (Unspecified vulnerability in Sun Java System Directory Server (slapd) ...)
+CVE-2007-3225
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2007-3224 (Unspecified vulnerability in Sun ONE/Java System Directory Server ...)
+CVE-2007-3224
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2007-3223 (Unspecified vulnerability in the NFS server in Sun Solaris 10 before ...)
+CVE-2007-3223
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3222 (PHP remote file inclusion vulnerability in modify.php in the XFsection ...)
+CVE-2007-3222
 	NOT-FOR-US: XOOPS
-CVE-2007-3221 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3221
 	NOT-FOR-US: XOOPS
-CVE-2007-3220 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3220
 	NOT-FOR-US: XOOPS
-CVE-2007-3219 (Unspecified vulnerability in sources/action_public/xmlout.php in ...)
+CVE-2007-3219
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2007-3218 (Cross-site scripting (XSS) vulnerability in request.php in PHP Live! ...)
+CVE-2007-3218
 	NOT-FOR-US: PHP Live!
-CVE-2007-3217 (Multiple PHP remote file inclusion vulnerabilities in Prototype of an ...)
+CVE-2007-3217
 	NOT-FOR-US: Prototype of an PHP application
-CVE-2007-3216 (Multiple buffer overflows in the LGServer component of CA (Computer ...)
+CVE-2007-3216
 	NOT-FOR-US: CA BrightStor products
-CVE-2007-3215 (PHPMailer 1.7, when configured to use sendmail, allows remote ...)
+CVE-2007-3215
 	{DSA-1315-1}
 	- libphp-phpmailer 1.73-4 (high; bug #429179)
 	- flyspray 0.9.8-12 (bug #429191; bug #429195)
@@ -8439,126 +8439,126 @@ CVE-2007-3215 (PHPMailer 1.7, when configured to use sendmail, allows remote ...
 	[etch] - phpgroupware <not-affected> (bug #504255; Vulnerable code not used)
 	- phpgroupware 0.9.16.012+dfsg-9 (medium; bug #504255)
 	- egroupware <not-affected> (bug #504283; Vulnerable code not used)
-CVE-2007-3214 (SQL injection vulnerability in style.php in e-Vision CMS 2.02 and ...)
+CVE-2007-3214
 	NOT-FOR-US: e-Vision CMS
-CVE-2007-3213 (Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in ...)
+CVE-2007-3213
 	NOT-FOR-US: Sporum Forum
-CVE-2007-3212 (Multiple cross-site scripting (XSS) vulnerabilities in links.php in ...)
+CVE-2007-3212
 	NOT-FOR-US: Beehive Forum
-CVE-2007-3211 (Cross-site scripting (XSS) vulnerability in 404.php in Domain ...)
+CVE-2007-3211
 	NOT-FOR-US: Domain Technologie Control (DTC)
-CVE-2007-3210 (Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens ...)
+CVE-2007-3210
 	NOT-FOR-US: Cellosoft Tokens Object
-CVE-2007-3209 (Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses ...)
+CVE-2007-3209
 	- mail-notification 4.0.dfsg.1-2 (low; bug #428157)
 	[sarge] - mail-notification <not-affected> (Only affects 3.x and 4.x)
 	[etch] - mail-notification <no-dsa> (Minor issue, needs proper documentation in errata)
-CVE-2007-3208 (CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 ...)
+CVE-2007-3208
 	NOT-FOR-US: YaBB
-CVE-2007-3207 (Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare ...)
+CVE-2007-3207
 	NOT-FOR-US: Novell NetWare
 CVE-2007-3206
 	RESERVED
-CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, ...)
+CVE-2007-3205
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: That's by design
-CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...)
+CVE-2007-3204
 	NOTE: This is an jffnms ID, which has been wrongly reported by an external party,
 	NOTE: The data is sufficiently sanitised with the Debian fix for CVE-2007-3192
-CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service in ...)
+CVE-2007-3203
 	NOT-FOR-US: 602Pro LAN SUITE
-CVE-2007-3202 (Cross-site scripting (XSS) vulnerability in the rich text editor in ...)
+CVE-2007-3202
 	NOT-FOR-US: Webwiz
-CVE-2007-3201 (Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 ...)
+CVE-2007-3201
 	NOT-FOR-US: Windows Privacy Tray (WinPT)
-CVE-2007-3200 (NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and ...)
+CVE-2007-3200
 	NOT-FOR-US: Novell
-CVE-2007-3199 (Unrestricted file upload vulnerability in Link Request Contact Form ...)
+CVE-2007-3199
 	NOT-FOR-US: Link Request Contact Form
-CVE-2007-3198 (Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP ...)
+CVE-2007-3198
 	NOT-FOR-US: Maran PHP Blog
-CVE-2007-3197 (SQL injection vulnerability in vBSupport.php in vBSupport 1.1 before ...)
+CVE-2007-3197
 	NOT-FOR-US: vBulletin
-CVE-2007-3196 (SQL injection vulnerability in vBSupport.php in vSupport Integrated ...)
+CVE-2007-3196
 	NOT-FOR-US: VBulletin
-CVE-2007-3195 (Cross-site scripting (XSS) vulnerability in index.php in ERFAN WIKI ...)
+CVE-2007-3195
 	NOT-FOR-US: ERFAN WIKI
-CVE-2007-3194 (** DISPUTED ** ...)
+CVE-2007-3194
 	NOT-FOR-US: myBloggie
-CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...)
+CVE-2007-3193
 	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (low; bug #429201)
-CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) ...)
+CVE-2007-3192
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4 (medium)
 	NOTE: 20_security.dpatch is addressing this bug however the maintainer didn't include
 	NOTE: a note about the CVE id.
-CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote ...)
+CVE-2007-3191
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
-CVE-2007-3190 (Multiple SQL injection vulnerabilities in auth.php in Just For Fun ...)
+CVE-2007-3190
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
-CVE-2007-3189 (Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun ...)
+CVE-2007-3189
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
-CVE-2007-3188 (SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX ...)
+CVE-2007-3188
 	NOT-FOR-US: Fullaspsite GeometriX Download Portal
-CVE-2007-3187 (Multiple unspecified vulnerabilities in Apple Safari for Windows allow ...)
+CVE-2007-3187
 	NOT-FOR-US: Apple
-CVE-2007-3186 (Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute ...)
+CVE-2007-3186
 	NOT-FOR-US: Apple
-CVE-2007-3185 (Apple Safari Beta 3.0.1 for Windows public beta allows remote ...)
+CVE-2007-3185
 	NOT-FOR-US: Apple
-CVE-2007-3184 (Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, ...)
+CVE-2007-3184
 	NOT-FOR-US: Cisco
-CVE-2007-3183 (Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, ...)
+CVE-2007-3183
 	NOT-FOR-US: Calendarix
-CVE-2007-3182 (Multiple cross-site scripting (XSS) vulnerabilities in Calendarix ...)
+CVE-2007-3182
 	NOT-FOR-US: Calendarix
-CVE-2007-3181 (Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows ...)
+CVE-2007-3181
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (medium)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed> (medium)
 	NOTE: maybe fixed prior to 2.0.3.12981.ds1-1 (2.0.1) but couldn't find any earlier source code
 	NOTE: in the pool to check and since this version is in testing and unstable...
-CVE-2007-3180 (Buffer overflow in Help and Support Center before 4.4 C on HP Windows ...)
+CVE-2007-3180
 	NOT-FOR-US: HP
-CVE-2007-3179 (Multiple SQL injection vulnerabilities in archives.php in Particle ...)
+CVE-2007-3179
 	NOT-FOR-US: Particle Blogger
-CVE-2007-3178 (Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi ...)
+CVE-2007-3178
 	NOT-FOR-US: Sistemi
-CVE-2007-3177 (Ingate Firewall and SIParator before 4.5.2 allow remote attackers to ...)
+CVE-2007-3177
 	NOT-FOR-US: Ingate Firewall / SIParator
-CVE-2007-3176 (Unspecified vulnerability in Ingate Firewall and SIParator before ...)
+CVE-2007-3176
 	NOT-FOR-US: Ingate Firewall / SIParator
-CVE-2007-3175 (Multiple SQL injection vulnerabilities in W2B Online Banking allow ...)
+CVE-2007-3175
 	NOT-FOR-US: W2B Online Banking
-CVE-2007-3174 (Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online ...)
+CVE-2007-3174
 	NOT-FOR-US: W2B Online Banking
-CVE-2007-3173 (Almnzm allows remote attackers to obtain sensitive information via an ...)
+CVE-2007-3173
 	NOT-FOR-US: Almnzm
-CVE-2007-3172 (Directory traversal vulnerability in demo/pop3/error.php in Uebimiau ...)
+CVE-2007-3172
 	NOT-FOR-US: UebiMiau
-CVE-2007-3171 (Uebimiau Webmail allows remote attackers to obtain sensitive ...)
+CVE-2007-3171
 	NOT-FOR-US: UebiMiau
-CVE-2007-3170 (Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau ...)
+CVE-2007-3170
 	NOT-FOR-US: Uebimiau
-CVE-2007-3169 (Buffer overflow in a certain ActiveX control in the EDraw Office ...)
+CVE-2007-3169
 	NOT-FOR-US: EDraw Office Viewer Component
-CVE-2007-3168 (A certain ActiveX control in the EDraw Office Viewer Component ...)
+CVE-2007-3168
 	NOT-FOR-US: EDraw Office Viewer Component
-CVE-2007-3167 (Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control ...)
+CVE-2007-3167
 	NOT-FOR-US: Vivotek
-CVE-2007-3166 (Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, ...)
+CVE-2007-3166
 	NOT-FOR-US: Qualcomm Eudora
-CVE-2007-3165 (Tor before 0.1.2.14 can construct circuits in which an entry guard is ...)
+CVE-2007-3165
 	- tor 0.1.2.14-1 (medium)
-CVE-2007-3164 (Microsoft Internet Explorer 7, when prompting for HTTP Basic ...)
+CVE-2007-3164
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederico ...)
+CVE-2007-3163
 	- moin 1.5.8-4.1 (unimportant; bug #429205)
 	- knowledgeroot 0.9.8.2-2 (unimportant; bug #429204)
 	- karrigell <removed> (unimportant; bug #429207)
@@ -8566,473 +8566,473 @@ CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederic
 	NOTE: Given the state of Linux' NTFS support it seems highly unlikely
 	NOTE: and given the state of ext3/XFS highly stupid to run a Debian-based
 	NOTE: web server with NTFS
-CVE-2007-3162 (Buffer overflow in the NotSafe function in the idaiehlp ActiveX ...)
+CVE-2007-3162
 	NOT-FOR-US: Internet Download Accelerator
-CVE-2007-3161 (Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote ...)
+CVE-2007-3161
 	NOT-FOR-US: Ace-FTP Client
-CVE-2007-3160 (PHP remote file inclusion vulnerability in admin/header.php in PHP ...)
+CVE-2007-3160
 	NOT-FOR-US: PHP Real Estate Classifieds Premium Plus
-CVE-2007-3159 (http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a ...)
+CVE-2007-3159
 	NOT-FOR-US: MiniWeb
-CVE-2007-3158 (download_script.asp in ASP Folder Gallery allows remote attackers to ...)
+CVE-2007-3158
 	NOT-FOR-US: ASP Folder Gallery
-CVE-2007-3157 (IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build ...)
+CVE-2007-3157
 	NOT-FOR-US: SafeNET
-CVE-2007-3156 (Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi ...)
+CVE-2007-3156
 	- webmin <removed>
-CVE-2007-3155 (Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown ...)
+CVE-2007-3155
 	- egroupware 1.2.107-2.dfsg-1 (bug #429208)
-CVE-2007-3154 (Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka ...)
+CVE-2007-3154
 	NOTE: Apparently a bogus issue; upstream developer of wz_tooltip.js isn't aware
 	NOTE: of any security problem, see #429215, #429209, #429214, #429213
-CVE-2007-3153 (The ares_init:randomize_key function in c-ares, on platforms other ...)
+CVE-2007-3153
 	NOT-FOR-US: c-ares
-CVE-2007-3152 (c-ares before 1.4.0 uses a predictable seed for the random number ...)
+CVE-2007-3152
 	NOT-FOR-US: c-ares
-CVE-2007-3151 (rpttop.htm in the web management interface in Packeteer PacketShaper ...)
+CVE-2007-3151
 	NOT-FOR-US: Packeteer PacketShaper
-CVE-2007-3150 (Google Desktop allows user-assisted remote attackers to execute ...)
+CVE-2007-3150
 	NOT-FOR-US: Google Desktop
-CVE-2007-3149 (sudo, when linked with MIT Kerberos 5 (krb5), does not properly check ...)
+CVE-2007-3149
 	- sudo <not-affected> (Not linked with krb5)
-CVE-2007-3148 (Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ...)
+CVE-2007-3148
 	NOT-FOR-US: Yahoo! Webcam Viewer
-CVE-2007-3147 (Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ...)
+CVE-2007-3147
 	NOT-FOR-US: Yahoo! Webcam Upload
-CVE-2007-3146 (Zen Help Desk 2.1 stores sensitive information under the web root with ...)
+CVE-2007-3146
 	NOT-FOR-US: Zen Help Desk
-CVE-2007-3145 (Visual truncation vulnerability in Galeon 2.0.1 allows remote ...)
+CVE-2007-3145
 	- galeon <removed> (unimportant; bug #429216)
 	NOTE: Hardly a problem, Galeon's rotting any way and doesn't offer up-to-date
 	NOTE: phishing protections anyway
-CVE-2007-3144 (Visual truncation vulnerability in Mozilla 1.7.12 allows remote ...)
+CVE-2007-3144
 	NOTE: Minor issue, exact details unknown to upstream
-CVE-2007-3143 (Visual truncation vulnerability in Konqueror 3.5.5 allows remote ...)
+CVE-2007-3143
 	- kdebase 4:3.5.7-3 (low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
 	NOTE: referring to maintainer this is definetly fixed in 4:3.5.7-3
-CVE-2007-3142 (Visual truncation vulnerability in Opera 9.21 allows remote attackers ...)
+CVE-2007-3142
 	NOT-FOR-US: Opera
-CVE-2007-3141 (PHP remote file inclusion vulnerability in core/editor.php in ...)
+CVE-2007-3141
 	NOT-FOR-US: phpWebThings
-CVE-2007-3140 (SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows ...)
+CVE-2007-3140
 	- wordpress 2.2.1-1 (bug #428073)
 	[etch] - wordpress <not-affected> (Doesn't affect 2.0.x branch)
-CVE-2007-3139 (config/general.php in Quick.Cart 2.2 and earlier uses a default ...)
+CVE-2007-3139
 	NOT-FOR-US: Quick.Cart
-CVE-2007-3138 (Directory traversal vulnerability in index.php in Open Solution ...)
+CVE-2007-3138
 	NOT-FOR-US: Quick.Cart
-CVE-2007-3137 (Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in ...)
+CVE-2007-3137
 	NOT-FOR-US: WmsCMS
-CVE-2007-3136 (PHP remote file inclusion vulnerability in inc/nuke_include.php in ...)
+CVE-2007-3136
 	NOT-FOR-US: newsSync
-CVE-2007-3135 (Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom ...)
+CVE-2007-3135
 	NOT-FOR-US: Atom Photoblog
-CVE-2007-3134 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-3134
 	NOT-FOR-US: Atom PhotoBlog
-CVE-2007-3133 (SQL injection vulnerability in urunbak.asp in W1L3D4 WEBmarket 0.1 ...)
+CVE-2007-3133
 	NOT-FOR-US: W1L3D4
-CVE-2007-3132 (Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and ...)
+CVE-2007-3132
 	NOT-FOR-US: Symantec Ghost
-CVE-2007-3131 (Cross-site scripting (XSS) vulnerability in add_comment.php in Light ...)
+CVE-2007-3131
 	NOT-FOR-US: Light Blog
-CVE-2007-3130 (Multiple PHP remote file inclusion vulnerabilities in the OpenWiki ...)
+CVE-2007-3130
 	NOT-FOR-US: OpenWiki
-CVE-2007-3129 (Cross-site scripting (XSS) vulnerability in login.php in Utopia News ...)
+CVE-2007-3129
 	NOT-FOR-US: Utopia News Pro
-CVE-2007-3128 (SQL injection vulnerability in content.php in WSPortal 1.0, when ...)
+CVE-2007-3128
 	NOT-FOR-US: WSPortal
-CVE-2007-3127 (content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows ...)
+CVE-2007-3127
 	NOT-FOR-US: WSPortal
-CVE-2007-3126 (Gimp before 2.8.22 allows context-dependent attackers to cause a ...)
+CVE-2007-3126
 	- gimp 2.8.22-1 (unimportant; bug #885382)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=773233
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=46bcd82800e37b0f5aead76184430ef2fe802748 (master)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7 (gimp-2-8)
 CVE-2007-3125
 	REJECTED
-CVE-2007-3124 (Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in ...)
+CVE-2007-3124
 	NOT-FOR-US: FreeVMS
-CVE-2007-3123 (unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
+CVE-2007-3123
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3122 (The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
+CVE-2007-3122
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3121 (Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the ...)
+CVE-2007-3121
 	- zvbi 0.2.25-1 (bug #429221; unimportant)
 	NOTE: Only exploitable through malformed closed captions
 	NOTE: Malicious TV networks have more subtle methods to control people...
-CVE-2007-3120 (Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php ...)
+CVE-2007-3120
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-3119 (SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi ...)
+CVE-2007-3119
 	NOT-FOR-US: Kartli Alisveris Sistemi
-CVE-2007-3118 (Multiple PHP remote file inclusion vulnerabilities in Kravchuk letter ...)
+CVE-2007-3118
 	NOT-FOR-US: Kravchuk letter
-CVE-2007-3117 (Cross-site scripting (XSS) vulnerability in the SEO module in ADPLAN 3 ...)
+CVE-2007-3117
 	NOT-FOR-US: ADPLAN
-CVE-2007-3116 (Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows ...)
+CVE-2007-3116
 	{DSA-1319-1}
 	- maradns 1.2.12.06-1
 	[sarge] - maradns <not-affected> (1.0.x branch not affected)
-CVE-2007-3115 (Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, ...)
+CVE-2007-3115
 	{DSA-1319-1}
 	- maradns 1.2.12.06-1
 	[sarge] - maradns <not-affected> (1.0.x branch not affected)
-CVE-2007-3114 (Memory leak in server/MaraDNS.c in MaraDNS before 1.2.12.05, and 1.3.x ...)
+CVE-2007-3114
 	{DSA-1319-1}
 	- maradns 1.2.12.05-1
 	[sarge] - maradns <not-affected> (1.0.x branch not affected)
-CVE-2007-3113 (Cacti 0.8.6i, and possibly other versions, allows remote authenticated ...)
+CVE-2007-3113
 	{DSA-1954-1}
 	- cacti 0.8.6j-1.1 (low; bug #429224)
 	[sarge] - cacti <no-dsa> (Minor issue, would only be run within authentication)
 	[etch] - cacti <no-dsa> (Minor issue, would only be run within authentication)
-CVE-2007-3112 (graph_image.php in Cacti 0.8.6i, and possibly other versions, allows ...)
+CVE-2007-3112
 	{DSA-1954-1}
 	- cacti 0.8.6j-1.1 (low; bug #429224)
 	[sarge] - cacti <no-dsa> (Minor issue, would only be run within authentication)
 	[etch] - cacti <no-dsa> (Minor issue, would only be run within authentication)
-CVE-2007-3111 (Buffer overflow in the Provideo Camimage ActiveX control in ...)
+CVE-2007-3111
 	NOT-FOR-US: Provideo Camimage
-CVE-2007-3110 (Cross-site scripting (XSS) vulnerability in the Andy Frank Beatnik 1.0 ...)
+CVE-2007-3110
 	NOT-FOR-US: Andy Frank Beatnik
-CVE-2007-3109 (The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage ...)
+CVE-2007-3109
 	NOT-FOR-US: Microsoft FrontPage
-CVE-2007-3108 (The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL ...)
+CVE-2007-3108
 	{DSA-1571-1}
 	- openssl 0.9.8e-6 (bug #438142; low)
 	- openssl097 <removed> (bug #438180)
 	[sarge] - openssl <no-dsa> (Not exploitable in a real-world scenario)
 	[etch] - openssl097 <no-dsa> (Not exploitable in a real-world scenario)
-CVE-2007-3107 (The signal handling in the Linux kernel before 2.6.22, including ...)
+CVE-2007-3107
 	- linux-2.6 2.6.22-1 (unimportant)
 	NOTE: Not reproducibly reliably by an attacker, mostly a bug
 	NOTE: This is fixed by 9a08e732533b940d2d31f4e9999dfee5e1ca3914
 	NOTE: in Linus' tree.
-CVE-2007-3106 (lib/info.c in libvorbis 1.1.2, and possibly other versions before ...)
+CVE-2007-3106
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1 (medium)
-CVE-2007-3105 (Stack-based buffer overflow in the random number generator (RNG) ...)
+CVE-2007-3105
 	{DSA-1504-1 DSA-1363-1}
 	- linux-2.6 2.6.22-4
-CVE-2007-3104 (The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat ...)
+CVE-2007-3104
 	{DSA-1428-1}
 	- linux-2.6 2.6.22-4 (low)
-CVE-2007-3103 (The init.d script for the X.Org X11 xfs font server on various Linux ...)
+CVE-2007-3103
 	{DSA-1342-1}
 	- xfs 1:1.0.8-2.1 (low)
 	NOTE: i've checked 1.0.8, and this problem is no longer present
-CVE-2007-3102 (Unspecified vulnerability in the linux_audit_record_event function in ...)
+CVE-2007-3102
 	- openssh <not-affected> (This is a redhat/fedora specific issue)
 	NOTE: this issue was introduced by a patch of redhat (openssh-4.3p1-audit.patch)
 	NOTE: The patch fixing this (openssh-4.3p2-cve-2007-3102.patch) can be found on:
 	NOTE: http://mirror.linux.duke.edu/pub/fedora/linux/core/updates/6/SRPMS/openssh-4.3p2-25.fc6.src.rpm
-CVE-2007-3101 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSF ...)
+CVE-2007-3101
 	NOT-FOR-US: Apache MyFaces Tomahawk
-CVE-2007-3100 (usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before ...)
+CVE-2007-3100
 	{DSA-1314-1}
 	- open-iscsi 2.0.865-1 (low; bug #429225)
-CVE-2007-3099 (usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before ...)
+CVE-2007-3099
 	{DSA-1314-1}
 	- open-iscsi 2.0.865-1 (medium; bug #429225)
-CVE-2007-3098 (The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc ...)
+CVE-2007-3098
 	NOT-FOR-US: Castle Rock Computing SNMPc
-CVE-2007-3097 (my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers ...)
+CVE-2007-3097
 	NOT-FOR-US: F5 Firepass 4100 SSL VPN
-CVE-2007-3096 (Directory traversal vulnerability in login.php in PBLang (PBL) ...)
+CVE-2007-3096
 	NOT-FOR-US: PBLang (PBL)
-CVE-2007-3095 (Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and ...)
+CVE-2007-3095
 	NOT-FOR-US: Symantec Reporting Server
-CVE-2007-3094 (Unspecified vulnerability in the authentication mechanism in Solaris ...)
+CVE-2007-3094
 	NOT-FOR-US: Solaris Management Console
-CVE-2007-3093 (Unspecified vulnerability in the logging mechanism in Solaris ...)
+CVE-2007-3093
 	NOT-FOR-US: Solaris Management Console
-CVE-2007-3092 (Microsoft Internet Explorer 6 allows remote attackers to spoof the URL ...)
+CVE-2007-3092
 	NOT-FOR-US: MSIE6
-CVE-2007-3091 (Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for ...)
+CVE-2007-3091
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-3090
 	REJECTED
-CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of document.write ...)
+CVE-2007-3089
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.5-1 (low; bug #427691)
 	- iceape 1.1.3-1 (low)
 	- xulrunner 1.8.1.5-1 (low)
 	NOTE: MFSA2007-20
-CVE-2007-3088 (SQL injection vulnerability in index.php in Comicsense allows remote ...)
+CVE-2007-3088
 	NOT-FOR-US: Comicsense
-CVE-2007-3087 (Peercast places a cleartext password in a query string, which might ...)
+CVE-2007-3087
 	NOT-FOR-US: PeerCast
-CVE-2007-3086 (Unrestricted critical resource lock in Agnitum Outpost Firewall PRO ...)
+CVE-2007-3086
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2007-3085 (Multiple PHP remote file inclusion vulnerabilities in PBSite allow ...)
+CVE-2007-3085
 	NOT-FOR-US: PBSite
-CVE-2007-3084 (PHP remote file inclusion vulnerability in sampleblogger.php in Comdev ...)
+CVE-2007-3084
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2007-3083 (Z-Blog 1.7 stores sensitive information under the web root with ...)
+CVE-2007-3083
 	NOT-FOR-US: Z-Blog
-CVE-2007-3082 (Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 ...)
+CVE-2007-3082
 	NOT-FOR-US: Sendcard
-CVE-2007-3081 (PHP remote file inclusion vulnerability in sampleecommerce.php in ...)
+CVE-2007-3081
 	NOT-FOR-US: Comdev eCommerce
-CVE-2007-3080 (SQL injection vulnerability in haberoku.asp in Hunkaray Okul Portaly ...)
+CVE-2007-3080
 	NOT-FOR-US: Hunkaray Okul Portaly
-CVE-2007-3079 (listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to ...)
+CVE-2007-3079
 	NOT-FOR-US: EQdkp
-CVE-2007-3078 (Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before ...)
+CVE-2007-3078
 	NOT-FOR-US: Aigaion
-CVE-2007-3077 (SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and ...)
+CVE-2007-3077
 	NOT-FOR-US: EQdkp
-CVE-2007-3076 (A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker ...)
+CVE-2007-3076
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-3075 (Directory traversal vulnerability in Microsoft Internet Explorer ...)
+CVE-2007-3075
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3074 (Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read ...)
+CVE-2007-3074
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1}
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.0.9-1 (low)
 	- xulrunner 1.8.1.4-1 (low)
-CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and ...)
+CVE-2007-3073
 	NOTE: Duplicate of CVE-2008-4067
-CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on ...)
+CVE-2007-3072
 	- iceweasel <not-affected> (Only affects Windows versions of Firefox)
-CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain ActiveX ...)
+CVE-2007-3071
 	NOT-FOR-US: eSellerate
-CVE-2007-3070 (Cross-site scripting (XSS) vulnerability in index.php in BDigital Web ...)
+CVE-2007-3070
 	NOT-FOR-US: BDigital Web Solutions WebStudio
-CVE-2007-3069 (xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session ...)
+CVE-2007-3069
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3068 (Stack-based buffer overflow in DVD X Player 4.1 Professional allows ...)
+CVE-2007-3068
 	NOT-FOR-US: DVD X Player
-CVE-2007-3067 (Cross-site scripting (XSS) vulnerability in the Attunement and Key ...)
+CVE-2007-3067
 	NOT-FOR-US: EQdkp
-CVE-2007-3066 (Multiple PHP remote file inclusion vulnerabilities in php(Reactor) ...)
+CVE-2007-3066
 	NOT-FOR-US: IBM DB2
-CVE-2007-3065 (SQL injection vulnerability in viewimage.php in Particle Soft Particle ...)
+CVE-2007-3065
 	NOT-FOR-US: Particle Gallery
-CVE-2007-3064 (Cross-site scripting (XSS) vulnerability in diary.php in My Databook ...)
+CVE-2007-3064
 	NOT-FOR-US: My Datebook
-CVE-2007-3063 (SQL injection vulnerability in diary.php in My Databook allows remote ...)
+CVE-2007-3063
 	NOT-FOR-US: My Datebook
-CVE-2007-3062 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2007-3062
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-3061 (Cactushop 6 and earlier stores sensitive information under the web ...)
+CVE-2007-3061
 	NOT-FOR-US: Cactushop
-CVE-2007-3060 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 ...)
+CVE-2007-3060
 	NOT-FOR-US: PHP Live!
-CVE-2007-3059 (SendCard 3.3.0 allows remote attackers to obtain sensitive information ...)
+CVE-2007-3059
 	NOT-FOR-US: SendCard
-CVE-2007-3058 (Multiple PHP remote file inclusion vulnerabilities in Madirish Webmail ...)
+CVE-2007-3058
 	NOT-FOR-US: Madirish Webmail
-CVE-2007-3057 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-3057
 	NOT-FOR-US: XOOPS
-CVE-2007-3056 (Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN ...)
+CVE-2007-3056
 	- websvn 1.61-22.3 (unimportant; bug #439337)
 	NOTE: Websvn does not have cookie based authentication by itself.
 	NOTE: I therefore don't think this is serious enough for a stable update.
-CVE-2007-3055 (Cross-site scripting (XSS) vulnerability in index.php in Codelib ...)
+CVE-2007-3055
 	NOT-FOR-US: Codelib Linker
-CVE-2007-3054 (Cross-site scripting (XSS) vulnerability in search.php in Codelib ...)
+CVE-2007-3054
 	NOT-FOR-US: Codelib Linker
-CVE-2007-3053 (Session fixation vulnerability in Calimero.CMS 3.3.1232 and earlier ...)
+CVE-2007-3053
 	NOT-FOR-US: Calimero
-CVE-2007-3052 (SQL injection vulnerability in index.php in the PNphpBB2 1.2i and ...)
+CVE-2007-3052
 	NOT-FOR-US: PostNuke
-CVE-2007-3051 (SQL injection vulnerability in inc/class_users.php in RevokeSoft ...)
+CVE-2007-3051
 	NOT-FOR-US: RevokeSoft RevokeBB
-CVE-2007-3050 (Session fixation vulnerability in chameleon cms 3.0 and earlier allows ...)
+CVE-2007-3050
 	NOT-FOR-US: chameleon cms
-CVE-2007-3049 (Cross-site scripting (XSS) vulnerability in index.php in Buttercup web ...)
+CVE-2007-3049
 	NOT-FOR-US: Buttercup BWFM
-CVE-2007-3048 (** DISPUTED ** ...)
+CVE-2007-3048
 	- screen <not-affected> (not reproducible)
-CVE-2007-3047 (The Vonage VoIP Telephone Adapter has a default administrator username ...)
+CVE-2007-3047
 	NOT-FOR-US: Vonage
-CVE-2007-3046 (Buffer overflow in Advanced Software Production Line Vortex Library ...)
+CVE-2007-3046
 	NOT-FOR-US: Advanced Software Production Line Vortex Library
-CVE-2007-3045 (Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on ...)
+CVE-2007-3045
 	NOT-FOR-US: Hitachi TP1
-CVE-2007-3044 (Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi ...)
+CVE-2007-3044
 	NOT-FOR-US: Hitachi
-CVE-2007-3043 (Cross-site scripting (XSS) vulnerability in Collaboration - File ...)
+CVE-2007-3043
 	NOT-FOR-US: Hitachi Collaboration
-CVE-2007-3042 (Cross-site scripting (XSS) vulnerability in Meneame before 2 allows ...)
+CVE-2007-3042
 	NOT-FOR-US: Meneame
-CVE-2007-3041 (Unspecified vulnerability in the pdwizard.ocx ActiveX object for ...)
+CVE-2007-3041
 	NOT-FOR-US: Microsoft
-CVE-2007-3040 (Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft ...)
+CVE-2007-3040
 	NOT-FOR-US: Windows
-CVE-2007-3039 (Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) ...)
+CVE-2007-3039
 	NOT-FOR-US: Windows
-CVE-2007-3038 (The Teredo interface in Microsoft Windows Vista and Vista x64 Edition ...)
+CVE-2007-3038
 	NOT-FOR-US: Microsoft
-CVE-2007-3037 (Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote ...)
+CVE-2007-3037
 	NOT-FOR-US: Microsoft
-CVE-2007-3036 (Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and ...)
+CVE-2007-3036
 	NOT-FOR-US: Windows Services for UNIX
-CVE-2007-3035 (Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, ...)
+CVE-2007-3035
 	NOT-FOR-US: Microsoft
-CVE-2007-3034 (Integer overflow in the AttemptWrite function in Graphics Rendering ...)
+CVE-2007-3034
 	NOT-FOR-US: Microsoft
-CVE-2007-3033 (Cross-site scripting (XSS) vulnerability in Windows Vista Feed ...)
+CVE-2007-3033
 	NOT-FOR-US: Microsoft
-CVE-2007-3032 (Unspecified vulnerability in Windows Vista Contacts Gadget in Windows ...)
+CVE-2007-3032
 	NOT-FOR-US: Microsoft
 CVE-2007-3031
 	REJECTED
-CVE-2007-3030 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows ...)
+CVE-2007-3030
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-3029 (Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 ...)
+CVE-2007-3029
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-3028 (The LDAP service in Windows Active Directory in Microsoft Windows 2000 ...)
+CVE-2007-3028
 	NOT-FOR-US: Microsoft
-CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows ...)
+CVE-2007-3027
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3026 (Integer overflow in Panda Software AdminSecure allows remote attackers ...)
+CVE-2007-3026
 	NOT-FOR-US: Panda
-CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before ...)
+CVE-2007-3025
 	- clamav <not-affected> (Solaris-specific bug)
-CVE-2007-3024 (libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
+CVE-2007-3024
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3023 (unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not ...)
+CVE-2007-3023
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3022 (Symantec Reporting Server 1.0.197.0, and other versions before ...)
+CVE-2007-3022
 	NOT-FOR-US: Symantec
-CVE-2007-3021 (Symantec Reporting Server 1.0.197.0, and other versions before ...)
+CVE-2007-3021
 	NOT-FOR-US: Symantec
 CVE-2007-3020
 	RESERVED
 CVE-2007-3019
 	RESERVED
-CVE-2007-3018 (activeWeb contentserver CMS before 5.6.2964 does not limit the ...)
+CVE-2007-3018
 	NOT-FOR-US: activeWeb contentserver CMS
-CVE-2007-3017 (The WYSIWYG editor applet in activeWeb contentserver CMS before ...)
+CVE-2007-3017
 	NOT-FOR-US: activeWeb contentserver CMS
 CVE-2007-3016
 	RESERVED
 CVE-2007-3015
 	RESERVED
-CVE-2007-3014 (Multiple cross-site scripting (XSS) vulnerabilities in activeWeb ...)
+CVE-2007-3014
 	NOT-FOR-US: activeWeb contentserver CMS
-CVE-2007-3013 (SQL injection vulnerability in activeWeb contentserver before 5.6.2964 ...)
+CVE-2007-3013
 	NOT-FOR-US: activeWeb contentserver CMS
-CVE-2007-3012 (The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch ...)
+CVE-2007-3012
 	NOT-FOR-US: Fujitsu-Siemens
-CVE-2007-3011 (The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens ...)
+CVE-2007-3011
 	NOT-FOR-US: Fujitsu-Siemens
-CVE-2007-3010 (masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX ...)
+CVE-2007-3010
 	NOT-FOR-US: Alcatel OmniPCX Enterprise Communication Server
-CVE-2007-3009 (Format string vulnerability in the MprLogToFile::logEvent function in ...)
+CVE-2007-3009
 	NOT-FOR-US: Mbedthis AppWeb
-CVE-2007-3008 (Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has ...)
+CVE-2007-3008
 	NOT-FOR-US: Mbedthis AppWeb
-CVE-2007-3007 (PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode ...)
+CVE-2007-3007
 	- php5 5.2.3-1 (unimportant)
-CVE-2007-3006 (Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted ...)
+CVE-2007-3006
 	NOT-FOR-US: Acoustica MP3 CD Burner
 CVE-2007-3005
 	REJECTED
 CVE-2007-3004
 	REJECTED
-CVE-2007-3003 (Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier ...)
+CVE-2007-3003
 	NOT-FOR-US: myBloggie
-CVE-2007-3002 (PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive ...)
+CVE-2007-3002
 	NOT-FOR-US: PHP JackKnife
-CVE-2007-3001 (Multiple cross-site scripting (XSS) vulnerabilities in PHP JackKnife ...)
+CVE-2007-3001
 	NOT-FOR-US: PHP JackKnife
-CVE-2007-3000 (Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow ...)
+CVE-2007-3000
 	NOT-FOR-US: PHP JackKnife
-CVE-2007-2999 (Microsoft Windows Server 2003, when time restrictions are in effect ...)
+CVE-2007-2999
 	NOT-FOR-US: Microsoft
-CVE-2007-2998 (The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS ...)
+CVE-2007-2998
 	NOT-FOR-US: OpenVMS
-CVE-2007-2997 (** DISPUTED ** ...)
+CVE-2007-2997
 	NOT-FOR-US: SalesCart Shopping Cart
-CVE-2007-2996 (Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM ...)
+CVE-2007-2996
 	NOT-FOR-US: IBM AIX
-CVE-2007-2995 (Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and ...)
+CVE-2007-2995
 	NOT-FOR-US: IBM AIX
-CVE-2007-2994 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote ...)
+CVE-2007-2994
 	NOT-FOR-US: DGNews
-CVE-2007-2993 (Multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp in ...)
+CVE-2007-2993
 	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
-CVE-2007-2992 (Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA (aka ...)
+CVE-2007-2992
 	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
-CVE-2007-2991 (Cross-site scripting (XSS) vulnerability in includes/send.inc.php in ...)
+CVE-2007-2991
 	NOT-FOR-US: Evenzia CMS
-CVE-2007-2990 (Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 ...)
+CVE-2007-2990
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2989 (The libike library in Sun Solaris 9 before 20070529 contains a logic ...)
+CVE-2007-2989
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2988 (A certain admin script in Inout Meta Search Engine sends a redirect to ...)
+CVE-2007-2988
 	NOT-FOR-US: Inout Meta Search Engine
-CVE-2007-2987 (Multiple buffer overflows in certain ActiveX controls in sasatl.dll in ...)
+CVE-2007-2987
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-2986 (PHP remote file inclusion vulnerability in lib/live_status.lib.php in ...)
+CVE-2007-2986
 	NOT-FOR-US: AdminBot
-CVE-2007-2985 (Pheap 2.0 allows remote attackers to bypass authentication by setting ...)
+CVE-2007-2985
 	NOT-FOR-US: Pheap
-CVE-2007-2984 (Multiple stack-based buffer overflows in the Media Technology Group ...)
+CVE-2007-2984
 	NOT-FOR-US: Media Technology Group CDPass
-CVE-2007-2982 (Multiple buffer overflows in the British Telecommunications Business ...)
+CVE-2007-2982
 	NOT-FOR-US: British Telecommunications Business Connect
-CVE-2007-2981 (Buffer overflow in a certain ActiveX control in LEAD Technologies ...)
+CVE-2007-2981
 	NOT-FOR-US: LeadTools
-CVE-2007-2980 (Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS ...)
+CVE-2007-2980
 	NOT-FOR-US: LeadTools
-CVE-2007-2979 (Techno Dreams Web Directory / Search Engine 2.0 stores sensitive ...)
+CVE-2007-2979
 	NOT-FOR-US: Techno Dreams Web Directory / Search Engine
-CVE-2007-2978 (Session fixation vulnerability in eggblog 3.1.0 and earlier allows ...)
+CVE-2007-2978
 	NOT-FOR-US: eggblog
-CVE-2007-2977 (Buffer overflow in the receive function in submit/submitcommon.c in ...)
+CVE-2007-2977
 	NOT-FOR-US: DOMjudge
-CVE-2007-2976 (Centrinity FirstClass 8.3 and earlier, and Server and Internet ...)
+CVE-2007-2976
 	NOT-FOR-US: Centrinity
-CVE-2007-2975 (The admin console in Ignite Realtime Openfire 3.3.0 and earlier ...)
+CVE-2007-2975
 	NOT-FOR-US: Ignite Realtime
-CVE-2007-2974 (Buffer overflow in the file parsing engine in Avira Antivir Antivirus ...)
+CVE-2007-2974
 	NOT-FOR-US: Avira Antivirus
-CVE-2007-2973 (Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to ...)
+CVE-2007-2973
 	NOT-FOR-US: Avira Antivirus
-CVE-2007-2972 (The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 ...)
+CVE-2007-2972
 	NOT-FOR-US: Avira Antivirus
-CVE-2007-2971 (SQL injection vulnerability in getnewsitem.php in gCards 1.46 and ...)
+CVE-2007-2971
 	NOT-FOR-US: gCards
-CVE-2007-2970 (Multiple cross-site scripting (XSS) vulnerabilities in cgi/block.cgi ...)
+CVE-2007-2970
 	NOT-FOR-US: 8e6 R3000 Internet Filter
-CVE-2007-2969 (PHP remote file inclusion vulnerability in newsletter.php in ...)
+CVE-2007-2969
 	NOT-FOR-US: WAnewsletter
-CVE-2007-2968 (Cross-site scripting (XSS) vulnerability in register.php in cpCommerce ...)
+CVE-2007-2968
 	NOT-FOR-US: cpCommerce
 CVE-2007-XXXX [webpy HTTP response splitting vulnerability]
 	- webpy 0.210-1 (bug #427715; unimportant)
 	NOTE: This is not a vulnerability, but an additional precaution function for
 	NOTE: a development framework. If someone wants to have this updated in Etch, this
 	NOTE: needs to go through a point update
-CVE-2007-2967 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux ...)
+CVE-2007-2967
 	NOT-FOR-US: F-Secure
-CVE-2007-2966 (Buffer overflow in the LHA decompression component in F-Secure ...)
+CVE-2007-2966
 	NOT-FOR-US: F-Secure
-CVE-2007-2965 (Unspecified vulnerability in the Real-time Scanning component in ...)
+CVE-2007-2965
 	NOT-FOR-US: F-Secure
-CVE-2007-2964 (The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and ...)
+CVE-2007-2964
 	NOT-FOR-US: F-Secure
-CVE-2007-2963 (Multiple cross-site scripting (XSS) vulnerabilities in Invision Power ...)
+CVE-2007-2963
 	NOT-FOR-US: Invision Power Board
-CVE-2007-2962 (Cross-site scripting (XSS) vulnerability in search.php in Particle ...)
+CVE-2007-2962
 	NOT-FOR-US: Particle Gallery
-CVE-2007-2961 (Unrestricted file upload vulnerability in FileCloset before 1.1.5 ...)
+CVE-2007-2961
 	NOT-FOR-US: FileCloset
-CVE-2007-2960 (Multiple directory traversal vulnerabilities in Scallywag 2005-04-25 ...)
+CVE-2007-2960
 	NOT-FOR-US: Scallywag
-CVE-2007-2959 (SQL injection vulnerability in manufacturer.php in cpCommerce before ...)
+CVE-2007-2959
 	NOT-FOR-US: cpCommerce
-CVE-2007-2958 (Format string vulnerability in the inc_put_error function in src/inc.c ...)
+CVE-2007-2958
 	- sylpheed-claws 1.0.5-5.2 (low; bug #441854)
 	[etch] - sylpheed-claws <no-dsa> (Minor issue)
 	[sarge] - sylpheed-claws <no-dsa> (Minor issue)
@@ -9041,221 +9041,221 @@ CVE-2007-2958 (Format string vulnerability in the inc_put_error function in src/
 	[sarge] - sylpheed <no-dsa> (Minor issue)
 	NOTE: the cvs referenced in redhat bugzilla is not available anymore however
 	NOTE: http://www.colino.net/claws-mail/getpatchset.php3?ver=2.10.0cvs153 fixes the bug
-CVE-2007-2957 (Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, ...)
+CVE-2007-2957
 	NOT-FOR-US: McAfee on Solaris
-CVE-2007-2956 (Stack-based buffer overflow in the readRadianceHeader function in (1) ...)
+CVE-2007-2956
 	NOT-FOR-US: Qtpfsgui and pfstools
-CVE-2007-2955 (Multiple unspecified &quot;input validation error&quot; vulnerabilities in ...)
+CVE-2007-2955
 	NOT-FOR-US: Norton Antivirus/Internet Security/System Works
-CVE-2007-2954 (Multiple stack-based buffer overflows in the Spooler service ...)
+CVE-2007-2954
 	NOT-FOR-US: Novell Client
-CVE-2007-2953 (Format string vulnerability in the helptags_one function in ...)
+CVE-2007-2953
 	{DSA-1364-2 DSA-1364-1}
 	- vim 1:7.1-056+1 (low)
-CVE-2007-2952 (Multiple stack-based buffer overflows in the filter service (aka ...)
+CVE-2007-2952
 	NOT-FOR-US: Blue Coat K9 Web Protection
-CVE-2007-2951 (The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc ...)
+CVE-2007-2951
 	- kvirc 2:3.2.4-5 (bug #434419; medium)
-CVE-2007-2950 (Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara ...)
+CVE-2007-2950
 	NOT-FOR-US: Centennial
-CVE-2007-2949 (Integer overflow in the seek_to_and_unpack_pixeldata function in the ...)
+CVE-2007-2949
 	{DSA-1335-1}
 	- gimp 2.2.16-1 (medium)
 	- ingimp 2.2.16.20070710-1
 	NOTE: http://secunia.com/secunia_research/2007-63/advisory
-CVE-2007-2948 (Multiple stack-based buffer overflows in stream/stream_cddb.c in ...)
+CVE-2007-2948
 	{DSA-1313-1}
 	- mplayer 1.0~rc1-14
-CVE-2007-2947 (Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha ...)
+CVE-2007-2947
 	NOT-FOR-US: OpenBASE Alpha
-CVE-2007-2946 (Buffer overflow in a certain ActiveX control in LeadTools Raster ...)
+CVE-2007-2946
 	NOT-FOR-US: LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL)
-CVE-2007-2945 (RMForum stores sensitive information under the web root with ...)
+CVE-2007-2945
 	NOT-FOR-US: RMForum
-CVE-2007-2944 (WabCMS 1.0 stores sensitive information under the web root with ...)
+CVE-2007-2944
 	NOT-FOR-US: WabCMS
-CVE-2007-2943 (PHP remote file inclusion vulnerability in class/class.php in Webavis ...)
+CVE-2007-2943
 	NOT-FOR-US: Webavis
-CVE-2007-2942 (SQL injection vulnerability in user.php in My Little Forum 1.7 and ...)
+CVE-2007-2942
 	NOT-FOR-US: My Little Forum
-CVE-2007-2941 (Multiple PHP remote file inclusion vulnerabilities in the creator in ...)
+CVE-2007-2941
 	NOT-FOR-US: vBulletin Google Yahoo Site Map
-CVE-2007-2940 (Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 ...)
+CVE-2007-2940
 	NOT-FOR-US: FlaP
-CVE-2007-2939 (Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat ...)
+CVE-2007-2939
 	NOT-FOR-US: Mazen's PHP Chat
-CVE-2007-2938 (Buffer overflow in the BaseRunner ActiveX control in the Ademco ...)
+CVE-2007-2938
 	NOT-FOR-US: BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module
-CVE-2007-2937 (PHP remote file inclusion vulnerability in admin/admin.php in TROforum ...)
+CVE-2007-2937
 	NOT-FOR-US: TROforum
-CVE-2007-2936 (Multiple PHP remote file inclusion vulnerabilities in Frequency Clock ...)
+CVE-2007-2936
 	NOT-FOR-US: Frequency Clock
-CVE-2007-2935 (core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows ...)
+CVE-2007-2935
 	NOT-FOR-US: Fundanemt
-CVE-2007-2934 (Directory traversal vulnerability in skins/common.css.php in Vistered ...)
+CVE-2007-2934
 	NOT-FOR-US: Vistered Little
-CVE-2007-2933 (SQL injection vulnerability in index.php in the Phil-a-Form ...)
+CVE-2007-2933
 	NOT-FOR-US: Phil-a-Form
-CVE-2007-2932 (Cross-site scripting (XSS) vulnerability in index.php in BoastMachine ...)
+CVE-2007-2932
 	NOT-FOR-US: BoastMachine
-CVE-2007-2931 (Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and ...)
+CVE-2007-2931
 	NOT-FOR-US: MSN Messenger
-CVE-2007-2930 (The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC ...)
+CVE-2007-2930
 	- bind <removed> (bug #442910)
 	[etch] - bind <no-dsa> (It's documented in README.Debian that Bind 8 has architectual limitations and should not be used unless you know what you're doing)
 	[sarge] - bind <no-dsa> (It's documented in README.Debian that Bind 8 has architectual limitations and should not be used unless you know what you're doing)
-CVE-2007-2929 (The IBM Lenovo Access Support acpRunner ActiveX control, as ...)
+CVE-2007-2929
 	NOT-FOR-US: IBM Lenovo Access Support
-CVE-2007-2928 (Format string vulnerability in the IBM Lenovo Access Support acpRunner ...)
+CVE-2007-2928
 	NOT-FOR-US: IBM Lenovo Access Support
-CVE-2007-2927 (Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter ...)
+CVE-2007-2927
 	NOT-FOR-US: Windows Atheros drivers
-CVE-2007-2926 (ISC BIND 9 through 9.5.0a5 uses a weak random number generator during ...)
+CVE-2007-2926
 	{DSA-1341-2}
 	- bind9 1:9.4.1-P1-1
-CVE-2007-2925 (The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and ...)
+CVE-2007-2925
 	- bind9 1:9.4.1-P1-1 (medium)
 	[etch] - bind9 <not-affected> (Only 9.4.x and 9.5.x are affected)
 	[sarge] - bind9 <not-affected> (Only 9.4.x and 9.5.x are affected)
-CVE-2007-2924 (Multiple buffer overflows in RealNetworks GameHouse dldisplay ActiveX ...)
+CVE-2007-2924
 	NOT-FOR-US: RealNetworks GameHouse
-CVE-2007-2923 (The launch method in the LocalExec ActiveX control (LocalExec.ocx) in ...)
+CVE-2007-2923
 	NOT-FOR-US: LocalExec ActiveX control
 CVE-2007-2922
 	RESERVED
-CVE-2007-2921 (Multiple buffer overflows in acgm.dll in the Corel / Micrografx ...)
+CVE-2007-2921
 	NOT-FOR-US: Corel
-CVE-2007-2920 (Multiple stack-based buffer overflows in the Zoomify Viewer ActiveX ...)
+CVE-2007-2920
 	NOT-FOR-US: Zoomify Viewer
-CVE-2007-2919 (Multiple stack-based buffer overflows in the FViewerLoading ActiveX ...)
+CVE-2007-2919
 	NOT-FOR-US: FViewerLoading
-CVE-2007-2918 (Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in ...)
+CVE-2007-2918
 	NOT-FOR-US: Logitech
-CVE-2007-2917 (Multiple buffer overflows in a certain ActiveX control in odapi.dll in ...)
+CVE-2007-2917
 	NOT-FOR-US: Authentium
-CVE-2007-2916 (Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music ...)
+CVE-2007-2916
 	NOT-FOR-US: GMTT Music Distro
-CVE-2007-2915 (Cross-site scripting (XSS) vulnerability in RM EasyMail Plus allows ...)
+CVE-2007-2915
 	NOT-FOR-US: RM EasyMail Plus
-CVE-2007-2914 (Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats ...)
+CVE-2007-2914
 	NOT-FOR-US: PsychoStats
-CVE-2007-2913 (Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 ...)
+CVE-2007-2913
 	NOT-FOR-US: ClonusWiki
-CVE-2007-2912 (Unspecified vulnerability in Jelsoft vBulletin before 3.6.6, when ...)
+CVE-2007-2912
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2911 (SQL injection vulnerability in admincp/attachment.php in Jelsoft ...)
+CVE-2007-2911
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2910 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before ...)
+CVE-2007-2910
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2909 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft ...)
+CVE-2007-2909
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2908 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft ...)
+CVE-2007-2908
 	NOT-FOR-US: vBulletin
-CVE-2007-2907 (Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote ...)
+CVE-2007-2907
 	NOT-FOR-US: SSL-Explorer
-CVE-2007-2906 (Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a ...)
+CVE-2007-2906
 	NOT-FOR-US: Java Embedding Plugin for Mac OS X
-CVE-2007-2905 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
+CVE-2007-2905
 	NOT-FOR-US: 2z Project
-CVE-2007-2904 (Cross-site scripting (XSS) vulnerability in Sun Java System Messaging ...)
+CVE-2007-2904
 	NOT-FOR-US: Sun Java System Messaging Server
-CVE-2007-2903 (Buffer overflow in the HelpPopup method in the Microsoft Office 2000 ...)
+CVE-2007-2903
 	NOT-FOR-US: Microsoft Office ActiveX control
-CVE-2007-2902 (SQL injection vulnerability in main/auth/my_progress.php in Dokeos ...)
+CVE-2007-2902
 	NOT-FOR-US: Dokeos
-CVE-2007-2901 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 ...)
+CVE-2007-2901
 	NOT-FOR-US: Dokeos
-CVE-2007-2900 (Multiple PHP remote file inclusion vulnerabilities in Scallywag ...)
+CVE-2007-2900
 	NOT-FOR-US: Scallywag
-CVE-2007-2899 (Direct static code injection vulnerability in admin_config.php in ...)
+CVE-2007-2899
 	NOT-FOR-US: Navboard
-CVE-2007-2898 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
+CVE-2007-2898
 	NOT-FOR-US: 2z Project
-CVE-2007-2897 (Microsoft Internet Information Services (IIS) 6.0 allows remote ...)
+CVE-2007-2897
 	NOT-FOR-US: Microsoft IIS
-CVE-2007-2896 (Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 ...)
+CVE-2007-2896
 	NOT-FOR-US: Symantec
-CVE-2007-2895 (Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 ...)
+CVE-2007-2895
 	NOT-FOR-US: LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL)
-CVE-2007-2894 (The emulated floppy disk controller in Bochs 2.3 allows local users of ...)
+CVE-2007-2894
 	- bochs <unfixed> (unimportant)
-CVE-2007-2893 (Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in ...)
+CVE-2007-2893
 	{DSA-1351-1}
 	- bochs 2.3+20070705-1 (low; bug #427144)
 	NOTE: kvm/qemu are tracked as CVE-2007-5729 and CVE-2007-5730
-CVE-2007-2892 (Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 ...)
+CVE-2007-2892
 	NOT-FOR-US: ASP-Nuke
-CVE-2007-2891 (Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 ...)
+CVE-2007-2891
 	NOT-FOR-US: FirmWorX
-CVE-2007-2890 (SQL injection vulnerability in category.php in cpCommerce 1.1.0 and ...)
+CVE-2007-2890
 	NOT-FOR-US: cpCommerce
-CVE-2007-2889 (SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 ...)
+CVE-2007-2889
 	NOT-FOR-US: Dokeos
-CVE-2007-2888 (Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows ...)
+CVE-2007-2888
 	NOT-FOR-US: UltraISO
-CVE-2007-2887 (Cross-site scripting (XSS) vulnerability in index.php in Web Icerik ...)
+CVE-2007-2887
 	NOT-FOR-US: WIYS
-CVE-2007-2886 (Unspecified vulnerability in the Nortel CS 1000 M media card in ...)
+CVE-2007-2886
 	NOT-FOR-US: Nortel
-CVE-2007-2885 (The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in ...)
+CVE-2007-2885
 	NOT-FOR-US: Microsoft Visual Database Tools
-CVE-2007-2884 (Multiple stack-based buffer overflows in Microsoft Visual Basic 6 ...)
+CVE-2007-2884
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2007-2883 (Credant Mobile Guardian Shield for Windows 5.2.1.105 and earlier ...)
+CVE-2007-2883
 	NOT-FOR-US: Credant
-CVE-2007-2882 (Unspecified vulnerability in the NFS client module in Sun Solaris 8 ...)
+CVE-2007-2882
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2881 (Multiple stack-based buffer overflows in the SOCKS proxy support ...)
+CVE-2007-2881
 	NOT-FOR-US: Sun Java Web Proxy Server
-CVE-2007-2880 (Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 ...)
+CVE-2007-2880
 	NOT-FOR-US: Digirez
-CVE-2007-2879 (Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk ...)
+CVE-2007-2879
 	NOT-FOR-US: GNUTurk
-CVE-2007-2878 (The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run ...)
+CVE-2007-2878
 	{DSA-1479-1}
 	- linux-2.6 2.6.21-3
-CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 ...)
+CVE-2007-2877
 	NOTE: Not a security issue; Windows-only anyway.
-CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) ...)
+CVE-2007-2876
 	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (medium)
-CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the Linux ...)
+CVE-2007-2875
 	{DSA-1363-1}
 	- linux-2.6 2.6.21-5 (medium)
-CVE-2007-2874 (Buffer overflow in the wpa_printf function in the debugging code in ...)
+CVE-2007-2874
 	- wpasupplicant <not-affected> (Fedora-only issue)
-CVE-2007-2873 (SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as ...)
+CVE-2007-2873
 	- spamassassin 3.2.1-1 (low)
 	[sarge] - spamassassin <no-dsa> (Only obscure setups affected, only locally exploitable)
 	[etch] - spamassassin 3.1.7-2etch1
 	NOTE: Minor issue fixed in etch r6 point update
 	NOTE: Only obscure setups affected, only locally exploitable
-CVE-2007-2872 (Multiple integer overflows in the chunk_split function in PHP 5 before ...)
+CVE-2007-2872
 	- php5 5.2.3-1 (unimportant)
 	NOTE: Only triggerable by malicious script
 	NOTE: Fix from 5.2.3 was ineffective
-CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+CVE-2007-2871
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-17
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.1.2-1 (low)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	- xulrunner 1.8.1.4-1 (low)
-CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+CVE-2007-2870
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-16
 	- iceweasel 2.0.0.4-1 (medium)
 	- iceape 1.1.2-1 (medium)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	- xulrunner 1.8.1.4-1 (medium)
-CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before ...)
+CVE-2007-2869
 	{DSA-1308-1 DSA-1306-1 DTSA-45-1 DTSA-51-1}
 	NOTE: MFSA2007-13
 	- iceweasel 2.0.0.4-1
 	- iceape 1.1.2-1
 	- mozilla <removed>
 	- xulrunner 1.8.1.4-1
-CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox ...)
+CVE-2007-2868
 	{DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-12
 	- iceweasel 2.0.0.4-1 (high)
@@ -9264,7 +9264,7 @@ CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Fir
 	- icedove 2.0.0.4-1 (low)
 	- xulrunner 1.8.1.4-1 (high)
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox ...)
+CVE-2007-2867
 	{DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-12
 	- iceweasel 2.0.0.4-1 (high)
@@ -9273,57 +9273,57 @@ CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox
 	- icedove 2.0.0.4-1 (low)
 	- xulrunner 1.8.1.4-1 (high)
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...)
+CVE-2007-2866
 	NOT-FOR-US: PHPEcho CMS
-CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin ...)
+CVE-2007-2865
 	{DSA-1693-1}
 	- phppgadmin 4.1.2-1 (low; bug #427151)
 	[sarge] - phppgadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://phppgadmin.cvs.sourceforge.net/phppgadmin/webdb/classes/Misc.php?r1=1.156&r2=1.157&pathrev=MAIN
-CVE-2007-2864 (Stack-based buffer overflow in the Anti-Virus engine before content ...)
+CVE-2007-2864
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2863 (Stack-based buffer overflow in the Anti-Virus engine before content ...)
+CVE-2007-2863
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2862 (Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow ...)
+CVE-2007-2862
 	NOT-FOR-US: CubeCart
-CVE-2007-2861 (Multiple PHP remote file inclusion vulnerabilities in Simple ...)
+CVE-2007-2861
 	NOT-FOR-US: SAXON
-CVE-2007-2860 (user.php in BoastMachine 3.0 platinum allows remote authenticated ...)
+CVE-2007-2860
 	NOT-FOR-US: BoastMachine
-CVE-2007-2859 (Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 ...)
+CVE-2007-2859
 	NOT-FOR-US: SimpGB
-CVE-2007-2858 (SQL injection vulnerability in the IP-Search functionality in the ...)
+CVE-2007-2858
 	NOT-FOR-US: IP-Tracking Mod for phpBB
-CVE-2007-2857 (PHP remote file inclusion vulnerability in sample/xls2mysql in ABC ...)
+CVE-2007-2857
 	NOT-FOR-US: ABC Excel Parser Pro
-CVE-2007-2856 (Buffer overflow in the Dart Communications PowerTCP ZIP Compression ...)
+CVE-2007-2856
 	NOT-FOR-US: Dart Communications PowerTCP
-CVE-2007-2855 (Buffer overflow in a certain ActiveX control in DartZipLite.dll ...)
+CVE-2007-2855
 	NOT-FOR-US: Dart ZipLite
-CVE-2007-2854 (Multiple SQL injection vulnerabilities in account_change.php in ...)
+CVE-2007-2854
 	NOT-FOR-US: BtiTracker
-CVE-2007-2853 (The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD ...)
+CVE-2007-2853
 	NOT-FOR-US: Virtual CD
-CVE-2007-2852 (Multiple stack-based buffer overflows in ESET NOD32 Antivirus before ...)
+CVE-2007-2852
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-2851 (A certain ActiveX control in LeadTools Raster Variant Object Library ...)
+CVE-2007-2851
 	NOT-FOR-US: LeadTools
-CVE-2007-2850 (The Session Reliability Service (XTE) in Citrix MetaFrame Presentation ...)
+CVE-2007-2850
 	NOT-FOR-US: Citrix
-CVE-2007-2849 (KnowledgeTree Document Management (aka KnowledgeTree Open Source) ...)
+CVE-2007-2849
 	- knowledgetree <removed> (bug #432123)
-CVE-2007-2848 (Stack-based buffer overflow in the SetPath function in the shComboBox ...)
+CVE-2007-2848
 	NOT-FOR-US: Sky Software
-CVE-2007-2847 (Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in ...)
+CVE-2007-2847
 	NOT-FOR-US: HLstats
-CVE-2007-2846 (Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus ...)
+CVE-2007-2846
 	NOT-FOR-US: Avast
-CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus ...)
+CVE-2007-2845
 	NOT-FOR-US: Avast
-CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, ...)
+CVE-2007-2844
 	- php5 <not-affected> (Multi-threaded operation not supported in Debian)
 	- php4 <not-affected> (Multi-threaded operation not supported in Debian)
-CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote ...)
+CVE-2007-2843
 	NOT-FOR-US: Apple Safari
 	NOTE: Does not seem to work with Konqueror.
 CVE-2007-2842
@@ -9335,110 +9335,110 @@ CVE-2007-2841 [lighttpd DoS]
 	NOTE: assignment
 CVE-2007-2840
 	RESERVED
-CVE-2007-2839 (gfax 0.4.2 and probably other versions creates temporary files ...)
+CVE-2007-2839
 	{DSA-1329-1}
 	- gfax 0.6 (bug #431893; low)
 	NOTE: Vulnerable code no longer present since 0.6, so marking this as fixed version
-CVE-2007-2838 (The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 ...)
+CVE-2007-2838
 	{DSA-1327-1}
 	- gsambad 0.1.6-2 (bug #431331)
-CVE-2007-2837 (The (1) getRule and (2) getChains functions in server/rules.cpp in ...)
+CVE-2007-2837
 	{DSA-1326-1}
 	- fireflier 1.1.7
-CVE-2007-2836 (Directory traversal vulnerability in session.rb in Hiki 0.8.0 through ...)
+CVE-2007-2836
 	{DSA-1324-1}
 	- hiki 0.8.7-1 (bug #430691; medium)
 	[sarge] - hiki <not-affected> (Vulnerable code not present)
-CVE-2007-2835 (Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) ...)
+CVE-2007-2835
 	{DSA-1328-1}
 	- unicon 3.0.4-12 (bug #431336)
-CVE-2007-2834 (Integer overflow in the TIFF parser in OpenOffice.org (OOo) before ...)
+CVE-2007-2834
 	{DSA-1375-1}
 	- openoffice.org 2.2.1-9 (medium)
 	[sarge] - openoffice.org 1.1.3-9sarge8
-CVE-2007-2833 (Emacs 21 allows user-assisted attackers to cause a denial of service ...)
+CVE-2007-2833
 	{DSA-1316-1}
 	- emacs21 21.4a+1-5.1 (bug #408929; low)
 	- emacs-snapshot <removed>
 	NOTE: The bug is not present in emacs22 22.2+1-1. It was probably
 	NOTE: fixed before the first emacs22 upload.
-CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application ...)
+CVE-2007-2832
 	NOT-FOR-US: Cisco
-CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ...)
+CVE-2007-2831
 	- madwifi 1:0.9.3-2 (high; bug #425738)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
-CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 ...)
+CVE-2007-2830
 	- madwifi 1:0.9.3-2 (medium; bug #425738)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
-CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi ...)
+CVE-2007-2829
 	- madwifi 1:0.9.3-2 (medium; bug #425738)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
-CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php ...)
+CVE-2007-2828
 	NOT-FOR-US: AdSense-Deluxe
-CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...)
+CVE-2007-2827
 	NOT-FOR-US: LeadTools
-CVE-2007-2826 (PHP remote file inclusion vulnerability in lib/addressbook.php in ...)
+CVE-2007-2826
 	NOT-FOR-US: Madirish Webmail
-CVE-2007-2825 (Multiple cross-site scripting (XSS) vulnerabilities in ReadMsg.php in ...)
+CVE-2007-2825
 	NOT-FOR-US: @Mail
-CVE-2007-2824 (SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 ...)
+CVE-2007-2824
 	NOT-FOR-US: AlstraSoft E-Friends
-CVE-2007-2823 (Multiple buffer overflows in HT Editor before 2.0.6 might allow remote ...)
+CVE-2007-2823
 	NOT-FOR-US: HT Editor
-CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, allows ...)
+CVE-2007-2822
 	NOT-FOR-US: TutorialCMS
-CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress ...)
+CVE-2007-2821
 	{DSA-1502-1}
 	- wordpress 2.2-1 (high)
 	NOTE: seems present in etch even though admin-ajax.php was not shipped yet
-CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX ...)
+CVE-2007-2820
 	NOT-FOR-US: KSign
-CVE-2007-2819 (Cross-site scripting (XSS) vulnerability in reportItem.do in Track+ ...)
+CVE-2007-2819
 	NOT-FOR-US: Track+
-CVE-2007-2818 (Cross-site scripting (XSS) vulnerability in cand_login.asp in ...)
+CVE-2007-2818
 	NOT-FOR-US: Parodia
-CVE-2007-2817 (SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 ...)
+CVE-2007-2817
 	NOT-FOR-US: ol'bookmarks
-CVE-2007-2816 (Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks ...)
+CVE-2007-2816
 	NOT-FOR-US: ol'bookmarks
-CVE-2007-2815 (The &quot;hit-highlighting&quot; functionality in webhits.dll in Microsoft ...)
+CVE-2007-2815
 	NOT-FOR-US: Microsoft IIS
-CVE-2007-2814 (Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX ...)
+CVE-2007-2814
 	NOT-FOR-US: Pegasus ImagN'
-CVE-2007-2813 (Cisco IOS 12.4 and earlier, when using the crypto packages and SSL ...)
+CVE-2007-2813
 	NOT-FOR-US: Cisco
-CVE-2007-2812 (Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats ...)
+CVE-2007-2812
 	NOT-FOR-US: HLstats
-CVE-2007-2811 (Cross-site scripting (XSS) vulnerability in OSK Advance-Flow 4.41 and ...)
+CVE-2007-2811
 	NOT-FOR-US: OSK Advance-Flow
-CVE-2007-2810 (SQL injection vulnerability in down_indir.asp in Gazi Download Portal ...)
+CVE-2007-2810
 	NOT-FOR-US: Gazi Download Portal
-CVE-2007-2809 (Buffer overflow in the transfer manager in Opera before 9.21 for ...)
+CVE-2007-2809
 	NOT-FOR-US: Opera
-CVE-2007-2808 (Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb ...)
+CVE-2007-2808
 	{DSA-1486-1}
 	- gnatsweb 4.00-1.1 (low; bug #427156)
-CVE-2007-2807 (Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop ...)
+CVE-2007-2807
 	{DSA-1826-1 DSA-1448-1}
 	- eggdrop 1.6.18-1.1 (medium; bug #427157)
-CVE-2007-2806 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-2806
 	NOT-FOR-US: GaliX
-CVE-2007-2805 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-2805
 	NOT-FOR-US: ClientExec
-CVE-2007-2804 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-2804
 	NOT-FOR-US: CandyPress Store
-CVE-2007-2803 (SQL injection vulnerability in default.asp in Vizayn Urun Tanitim ...)
+CVE-2007-2803
 	NOT-FOR-US: Vizayn Urun Tanitim Sitesi
-CVE-2007-2802 (Cross-site scripting (XSS) vulnerability in cp/ps/Main/login/Login in ...)
+CVE-2007-2802
 	NOT-FOR-US: RM EasyMail Plus
-CVE-2007-2801 (Multiple cross-site scripting (XSS) vulnerabilities in open.php in ...)
+CVE-2007-2801
 	NOT-FOR-US: eTicket
-CVE-2007-2800 (index.php in eTicket 1.5.5.1 and earlier allows remote attackers to ...)
+CVE-2007-2800
 	NOT-FOR-US: eTicket
-CVE-2007-2799 (Integer overflow in the &quot;file&quot; program 4.20, when running on 32-bit ...)
+CVE-2007-2799
 	{DSA-1343-2 DSA-1343-1}
 	- file 4.21-1 (medium; bug #428293)
-CVE-2007-2798 (Stack-based buffer overflow in the rename_principal_2_svc function in ...)
+CVE-2007-2798
 	{DSA-1323-1}
 	- krb5 1.6.dfsg.1-5 (high; bug #430785)
 CVE-2007-XXXX [mantis multiple issues fixed in 1.0.7]
@@ -9448,101 +9448,101 @@ CVE-2007-XXXX [mantis multiple issues fixed in 1.0.7]
 CVE-2007-XXXX [NTFS driver for FUSE unspecified issue]
 	- ntfs-3g 1:1.516-1
 	NOTE: local root exploit
-CVE-2007-2797 (xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in ...)
+CVE-2007-2797
 	- xterm <not-affected> (Debian uses safe compile-time settings)
-CVE-2007-2796 (Arris Cadant C3 CMTS allows remote attackers to cause a denial of ...)
+CVE-2007-2796
 	NOT-FOR-US: Arris Cadant
-CVE-2007-2795 (Multiple buffer overflows in Ipswitch IMail before 2006.21 allow ...)
+CVE-2007-2795
 	NOT-FOR-US: Ipswitch IMail
 CVE-2007-2794
 	RESERVED
-CVE-2007-2793 (PHP remote file inclusion vulnerability in ImageImageMagick.php in ...)
+CVE-2007-2793
 	NOT-FOR-US: Geeklog
-CVE-2007-2792 (SQL injection vulnerability in the Yet another Newsletter Component ...)
+CVE-2007-2792
 	NOT-FOR-US: com_yanc for Mambo
 	NOTE: com_yanc component not in Mambo Debian package
-CVE-2007-2791 (Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX ...)
+CVE-2007-2791
 	NOT-FOR-US: HP Tru64
-CVE-2007-2790 (Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP ...)
+CVE-2007-2790
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before ...)
+CVE-2007-2789
 	- sun-java5 1.5.0-11-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-01-1 (bug #422403)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java ...)
+CVE-2007-2788
 	- sun-java5 1.5.0-11-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-01-1 (bug #422403)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1) ...)
+CVE-2007-2787
 	NOT-FOR-US: LeadTools Raster Thumbnail Object Library
-CVE-2007-2786 (Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote ...)
+CVE-2007-2786
 	NOT-FOR-US: ircd-ratbox
-CVE-2007-2785 (manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to ...)
+CVE-2007-2785
 	NOT-FOR-US: eSyndiCat Pro
-CVE-2007-2784 (Unspecified vulnerability in globus-job-manager in Globus Toolkit ...)
+CVE-2007-2784
 	NOT-FOR-US: Globus Toolkit
-CVE-2007-2783 (Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 ...)
+CVE-2007-2783
 	NOT-FOR-US: Rational Soft Hidden Administrator
-CVE-2007-2782 (Packeteer PacketShaper uses fixed increments in TCP initial sequence ...)
+CVE-2007-2782
 	NOT-FOR-US: Packeteer PacketShaper
-CVE-2007-2781 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-2781
 	NOT-FOR-US: WikyBlog
-CVE-2007-2780 (PsychoStats 3.0.6b and earlier allows remote attackers to obtain ...)
+CVE-2007-2780
 	NOT-FOR-US: PsychoStats
-CVE-2007-2779 (PHP remote file inclusion vulnerability in template_csv.php in ...)
+CVE-2007-2779
 	NOT-FOR-US: Libstats
-CVE-2007-2778 (Multiple directory traversal vulnerabilities in MolyX BOARD 2.5.0 ...)
+CVE-2007-2778
 	NOT-FOR-US: MolyX BOARD
-CVE-2007-2777 (Unrestricted file upload vulnerability in admin/addsptemplate.php in ...)
+CVE-2007-2777
 	NOT-FOR-US: AlstraSoft Template Seller Pro
-CVE-2007-2776 (AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to ...)
+CVE-2007-2776
 	NOT-FOR-US: AlstraSoft Template Seller Pro
-CVE-2007-2775 (AlstraSoft Live Support 1.21 sends a redirect to the web browser but ...)
+CVE-2007-2775
 	NOT-FOR-US: AlstraSoft Live Support
-CVE-2007-2774 (Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 ...)
+CVE-2007-2774
 	NOT-FOR-US: SunLight CMS
-CVE-2007-2773 (SQL injection vulnerability in plugins/mp3playlist/mp3playlist.php in ...)
+CVE-2007-2773
 	NOT-FOR-US: Zomplog
-CVE-2007-2772 ((1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and ...)
+CVE-2007-2772
 	NOT-FOR-US: CA BrightStor Backup
-CVE-2007-2771 (Stack-based buffer overflow in the LEAD Technologies LeadTools JPEG ...)
+CVE-2007-2771
 	NOT-FOR-US: LeadTools JPEG 2000
-CVE-2007-2770 (Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote ...)
+CVE-2007-2770
 	NOT-FOR-US: Eudora
-CVE-2007-2769 (BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not properly ...)
+CVE-2007-2769
 	NOT-FOR-US: OPeNDAP
-CVE-2007-2768 (OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, ...)
+CVE-2007-2768
 	- openssh <unfixed> (bug #436571; unimportant)
 	[etch] - openssh <no-dsa> (Minor issue)
 	[sarge] - openssh <no-dsa> (Minor issue)
 	NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=112279
-CVE-2007-2767 (Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) ...)
+CVE-2007-2767
 	NOT-FOR-US: OPeNDAP
-CVE-2007-2766 (lib/backup-methods.sh in Backup Manager before 0.7.6 provides the ...)
+CVE-2007-2766
 	- backup-manager 0.7.6-1 (low)
 	[sarge] - backup-manager <no-dsa> (Minor issue)
 	[etch] - backup-manager 0.7.5-5
-CVE-2007-2765 (blockhosts.py in BlockHosts before 2.0.3 does not properly parse ...)
+CVE-2007-2765
 	NOT-FOR-US: BlockHosts
-CVE-2007-2764 (The embedded Linux kernel in certain Sun-Brocade SilkWorm switches ...)
+CVE-2007-2764
 	NOT-FOR-US: Sun-Brocade SilkWorm
-CVE-2007-2763 (Buffer overflow in the UnlockSupport function in the LockModules ...)
+CVE-2007-2763
 	NOT-FOR-US: Sienzo Digital Music Mentor ActiveX control
-CVE-2007-2762 (Multiple PHP remote file inclusion vulnerabilities in Build it Fast ...)
+CVE-2007-2762
 	NOT-FOR-US: Build it Fast
-CVE-2007-2761 (Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier ...)
+CVE-2007-2761
 	NOT-FOR-US: MagicISO
-CVE-2007-2760 (The canUpdate function in model/MRole.java in Adempiere before 3.1.6 ...)
+CVE-2007-2760
 	NOT-FOR-US: Adempiere
-CVE-2007-2759 (Multiple SQL injection vulnerabilities in the insert function in the ...)
+CVE-2007-2759
 	NOT-FOR-US: Adempiere
-CVE-2007-2758 (Multiple buffer overflows in WinImage 8.0.8000 allow user-assisted ...)
+CVE-2007-2758
 	NOT-FOR-US: WinImage
-CVE-2007-2757 (Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 ...)
+CVE-2007-2757
 	NOT-FOR-US: Redoable
-CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted ...)
+CVE-2007-2756
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (bug #426100; bug #426099; bug #425584; low)
 	[etch] - libgd <no-dsa> (Minor issue)
@@ -9550,529 +9550,529 @@ CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted .
 	[etch] - libgd2 <no-dsa> (Minor issue)
 	[sarge] - libgd2 <no-dsa> (Minor issue)
 	NOTE: https://web.archive.org/web/20090212193455/http://bugs.libgd.org/?do=details&task_id=86
-CVE-2007-2755 (The PrecisionID Barcode 1.9 ActiveX control in ...)
+CVE-2007-2755
 	NOT-FOR-US: PrecisionID
-CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and ...)
+CVE-2007-2754
 	{DSA-1334-1 DSA-1302-1}
 	- freetype 2.2.1-6 (bug #425625)
 	[sarge] - freetype 2.1.7-8
-CVE-2007-2753 (RunawaySoft Haber portal 1.0 stores sensitive information under the ...)
+CVE-2007-2753
 	NOT-FOR-US: RunawaySoft
-CVE-2007-2752 (SQL injection vulnerability in devami.asp in RunawaySoft Haber portal ...)
+CVE-2007-2752
 	NOT-FOR-US: RunawaySoft
-CVE-2007-2751 (Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 ...)
+CVE-2007-2751
 	NOT-FOR-US: PHPGlossar
-CVE-2007-2750 (SQL injection vulnerability in print.php in SimpNews 2.40.01 and ...)
+CVE-2007-2750
 	NOT-FOR-US: SimpNews
-CVE-2007-2749 (SQL injection vulnerability in question.php in FAQEngine 4.16.03 and ...)
+CVE-2007-2749
 	NOT-FOR-US: FAQEngine
-CVE-2007-2748 (The substr_count function in PHP 5.2.1 and earlier allows ...)
+CVE-2007-2748
 	- php4 <not-affected> (Debian shipped the correct fix from the beginning)
 	- php5 <not-affected> (Debian shipped the correct fix from the beginning)
-CVE-2007-2747 (Directory traversal vulnerability in rdw_helpers.py in rdiffWeb before ...)
+CVE-2007-2747
 	NOT-FOR-US: rdiffWeb
-CVE-2007-2746 (The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain ...)
+CVE-2007-2746
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2007-2745 (Cross-site scripting (XSS) vulnerability in printcal.pl in vDesk ...)
+CVE-2007-2745
 	NOT-FOR-US: vDesk Webmail
-CVE-2007-2744 (Stack-based buffer overflow in the PrecisionID Barcode 1.9 ActiveX ...)
+CVE-2007-2744
 	NOT-FOR-US: PrecisionID
-CVE-2007-2743 (PHP remote file inclusion vulnerability in custom_vars.php in ...)
+CVE-2007-2743
 	NOT-FOR-US: GlossWord
-CVE-2007-2742 (Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 ...)
+CVE-2007-2742
 	NOT-FOR-US: w2box
-CVE-2007-2741 (Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows ...)
+CVE-2007-2741
 	- lcms 1.15-1 (medium)
-CVE-2007-2740 (Unspecified vulnerability in xajax before 0.2.5 has unknown impact and ...)
+CVE-2007-2740
 	- php-xajax 0.2.5-1 (bug #426103; unimportant)
 	NOTE: This issue was created because of an upstream changelog entry, which however
 	NOTE: was meant for the XSS, which is the general issue.
-CVE-2007-2739 (Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows ...)
+CVE-2007-2739
 	{DSA-1692-1}
 	- php-xajax 0.2.5-1 (bug #426103; low)
-CVE-2007-2738 (SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 ...)
+CVE-2007-2738
 	NOT-FOR-US: Glossaire for Xoops
-CVE-2007-2737 (SQL injection vulnerability in index.php in the MyConference 1.0 ...)
+CVE-2007-2737
 	NOT-FOR-US: MyConference for Xoops
-CVE-2007-2736 (PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 ...)
+CVE-2007-2736
 	NOT-FOR-US: Achievo
-CVE-2007-2735 (SQL injection vulnerability in edit_day.php in the ResManager 1.2.1 ...)
+CVE-2007-2735
 	NOT-FOR-US: ResManager for Xoops
-CVE-2007-2734 (The 3Com TippingPoint IPS do not properly handle certain full-width ...)
+CVE-2007-2734
 	NOT-FOR-US: 3Com TippingPoint IPS
-CVE-2007-2733 (Unrestricted file upload vulnerability in Jetbox CMS allows remote ...)
+CVE-2007-2733
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2732 (Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS ...)
+CVE-2007-2732
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2731 (CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might ...)
+CVE-2007-2731
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2730 (Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test ...)
+CVE-2007-2730
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2007-2729 (Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, ...)
+CVE-2007-2729
 	NOT-FOR-US: Comodo Personal Firewall
-CVE-2007-2728 (The soap extension in PHP calls php_rand_r with an uninitialized seed ...)
+CVE-2007-2728
 	- php5 5.2.3-1 (low)
 	[etch] - php5 <not-affected> (Version from 5.2.0 correctly uses rand())
 	- php4 <not-affected> (no soap functions in php4)
-CVE-2007-2727 (The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before ...)
+CVE-2007-2727
 	[etch] - php5 <not-affected> (Version from 5.2.0 correctly uses rand())
 	- php5 5.2.2-1 (low)
 	NOTE: Code not present in PHP 4.
-CVE-2007-2726 (BitsCast 0.13.0 allows remote attackers to cause a denial of service ...)
+CVE-2007-2726
 	NOT-FOR-US: BitsCast
-CVE-2007-2725 (The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control ...)
+CVE-2007-2725
 	NOT-FOR-US: DeWizardX
-CVE-2007-2724 (Cross-site scripting (XSS) vulnerability in all_photos.html in fotolog ...)
+CVE-2007-2724
 	NOT-FOR-US: fotolog
-CVE-2007-2723 (Media Player Classic 6.4.9.0 allows user-assisted remote attackers to ...)
+CVE-2007-2723
 	NOT-FOR-US: guliverkli Media Player Classic
-CVE-2007-2722 (Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers ...)
+CVE-2007-2722
 	NOT-FOR-US: NewzCrawler
-CVE-2007-2721 (The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer ...)
+CVE-2007-2721
 	{DSA-2036-1}
 	- jasper 1.900.1-6 (medium; bug #413033; bug #528543)
 	NOTE: Jasper was initially fixed in 1.900.1-3, but the fix got dropped later, see #528543
 	- ghostscript 8.61.dfsg.1~svn8187-1.1 (medium; bug #447188)
 	- gs-gpl <removed> (medium; bug #561717)
 	NOTE: see http://ghostscript.com/pipermail/gs-cvs/2007-October/007877.html
-CVE-2007-2720 (Group-Office before 2.16-13 does not properly validate user IDs, which ...)
+CVE-2007-2720
 	NOT-FOR-US: Group-Office
-CVE-2007-2719 (Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 ...)
+CVE-2007-2719
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2007-2718 (Cross-site scripting (XSS) vulnerability in the WebMail system in ...)
+CVE-2007-2718
 	NOT-FOR-US: Stalker CommuniGate Pro
-CVE-2007-2717 (SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 ...)
+CVE-2007-2717
 	NOT-FOR-US: iGeneric (iG) Shop
-CVE-2007-2716 (Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c ...)
+CVE-2007-2716
 	NOT-FOR-US: EQdkp
-CVE-2007-2715 (Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to ...)
+CVE-2007-2715
 	NOT-FOR-US: Snaps! Gallery
-CVE-2007-2714 (Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet ...)
+CVE-2007-2714
 	- wordpress 2.2-1
 	NOTE: See http://plugins.trac.wordpress.org/changeset/12812/akismet/trunk/akismet.php
-CVE-2007-2713 (ifdate 2.x sends a redirect to the web browser but does not exit when ...)
+CVE-2007-2713
 	NOT-FOR-US: iFdate
-CVE-2007-2712 (Unspecified vulnerability in MH Software Connect Daily before 3.3.3 ...)
+CVE-2007-2712
 	NOT-FOR-US: MH Software Connect Daily Web Calendar
-CVE-2007-2711 (Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows ...)
+CVE-2007-2711
 	NOT-FOR-US: TinyIdentD
-CVE-2007-2710 (PHP remote file inclusion vulnerability in functions/prepend_adm.php ...)
+CVE-2007-2710
 	NOT-FOR-US: NagiosQL
-CVE-2007-2709 (PHP remote file inclusion vulnerability in functions/prepend_adm.php ...)
+CVE-2007-2709
 	NOT-FOR-US: NagiosQL
-CVE-2007-2708 (PHP remote file inclusion vulnerability in newsadmin.php in Feindt ...)
+CVE-2007-2708
 	NOT-FOR-US: News-Script
-CVE-2007-2707 (PHP remote file inclusion vulnerability in linksnet_linkslog_rss.php ...)
+CVE-2007-2707
 	NOT-FOR-US: Linksnet Newsfeed
-CVE-2007-2706 (PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media ...)
+CVE-2007-2706
 	NOT-FOR-US: Geeklog
-CVE-2007-2705 (Directory traversal vulnerability in the Test View Console in BEA ...)
+CVE-2007-2705
 	NOT-FOR-US: BEA WebLogic Integration
-CVE-2007-2704 (BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a ...)
+CVE-2007-2704
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2007-2703 (BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if ...)
+CVE-2007-2703
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2007-2702 (Cross-site scripting (XSS) vulnerability in the GroupSpace application ...)
+CVE-2007-2702
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2007-2701 (The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7 and 8.1 ...)
+CVE-2007-2701
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2700 (The WLST script generated by the configToScript command in BEA ...)
+CVE-2007-2700
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2699 (The Administration Console in BEA WebLogic Express and WebLogic Server ...)
+CVE-2007-2699
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2698 (The Administration Console in BEA WebLogic Server 9.0 may show ...)
+CVE-2007-2698
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2697 (The embedded LDAP server in BEA WebLogic Express and WebLogic Server ...)
+CVE-2007-2697
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2696 (The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through ...)
+CVE-2007-2696
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2695 (The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express ...)
+CVE-2007-2695
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2694 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
+CVE-2007-2694
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2693 (MySQL before 5.1.18 allows remote authenticated users without SELECT ...)
+CVE-2007-2693
 	- mysql-dfsg-5.0 <not-affected> (Only MySQL 5.1 affected)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Only MySQL 5.1 affected)
 	[sarge] - mysql-dfsg <not-affected> (Only MySQL 5.1 affected)
-CVE-2007-2692 (The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x ...)
+CVE-2007-2692
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.42 (bug #424778)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable functionality not implemented)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality not implemented)
 	NOTE: http://bugs.mysql.com/bug.php?id=28499
-CVE-2007-2691 (MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does ...)
+CVE-2007-2691
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.41a-1 (bug #424778; bug #424830)
-CVE-2007-2690 (Multiple IBM ISS Proventia Series products, including the A, G, and M ...)
+CVE-2007-2690
 	NOT-FOR-US: ISS
-CVE-2007-2689 (Check Point Web Intelligence does not properly handle certain ...)
+CVE-2007-2689
 	NOT-FOR-US: Check Point
-CVE-2007-2688 (The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS ...)
+CVE-2007-2688
 	NOT-FOR-US: Cisco
-CVE-2007-2687 (Stack-based buffer overflow in the MicroWorld Agent service ...)
+CVE-2007-2687
 	NOT-FOR-US: MicroWorld
-CVE-2007-2686 (Cross-site scripting (XSS) vulnerability in index.php in Jetbox CMS ...)
+CVE-2007-2686
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2685 (Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 ...)
+CVE-2007-2685
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2684 (Jetbox CMS 2.1 allows remote attackers to obtain sensitive information ...)
+CVE-2007-2684
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to execute ...)
+CVE-2007-2683
 	- mutt 1.5.15+20070608-1 (low; bug #426116)
 	[etch] - mutt <no-dsa> (Minor issue, hardly exploitable)
 	[sarge] - mutt <no-dsa> (Minor issue, hardly exploitable)
-CVE-2007-2682 (The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as ...)
+CVE-2007-2682
 	NOT-FOR-US: Adobe
-CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...)
+CVE-2007-2681
 	- b2evolution <unfixed> (unimportant)
 	NOTE: This is a register_globals=on issue.
 	NOTE: More than just blogs/index.php is affected (that file isn't
 	NOTE: installed by the Debian package).
-CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2007-2680
 	NOT-FOR-US: Canon
-CVE-2007-2679 (PHP file inclusion vulnerability in index.php in Ivan Peevski gallery ...)
+CVE-2007-2679
 	NOT-FOR-US: Simple PHP Scripts
-CVE-2007-2678 (Buffer overflow in the isChecked function in toolbar.dll in Netsprint ...)
+CVE-2007-2678
 	NOT-FOR-US: Netsprint
-CVE-2007-2677 (Multiple PHP remote file inclusion vulnerabilities in phpChess ...)
+CVE-2007-2677
 	NOT-FOR-US: phpChess
-CVE-2007-2676 (PHP remote file inclusion vulnerability in skins/header.php in Open ...)
+CVE-2007-2676
 	NOT-FOR-US: Open Translation Engine
-CVE-2007-2675 (SQL injection vulnerability in search.php in Pre Classifieds Listings ...)
+CVE-2007-2675
 	NOT-FOR-US: Pre Classifieds Listings
-CVE-2007-2674 (SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 ...)
+CVE-2007-2674
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2007-2673 (SQL injection vulnerability in includes/funcs_vendors.php in Censura ...)
+CVE-2007-2673
 	NOT-FOR-US: Censura
-CVE-2007-2672 (SQL injection vulnerability in index.php in PHP Coupon Script 3.0 ...)
+CVE-2007-2672
 	NOT-FOR-US: PHP Coupon Script
-CVE-2007-2671 (Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of ...)
+CVE-2007-2671
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
-CVE-2007-2670 (PHPChain 1.0 and earlier allows remote attackers to obtain the ...)
+CVE-2007-2670
 	NOT-FOR-US: PHPChain
-CVE-2007-2669 (Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 ...)
+CVE-2007-2669
 	NOT-FOR-US: PHPChain
-CVE-2007-2668 (Buffer overflow in webdesproxy 0.0.1 allows remote attackers to ...)
+CVE-2007-2668
 	NOT-FOR-US: webdesproxy
-CVE-2007-2667 (Buffer overflow in the DB Software Laboratory VImpX ActiveX control in ...)
+CVE-2007-2667
 	NOT-FOR-US: VImpX
-CVE-2007-2666 (Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla ...)
+CVE-2007-2666
 	NOT-FOR-US: notepad++
-CVE-2007-2665 (PHP remote file inclusion vulnerability in block.php in PhpFirstPost ...)
+CVE-2007-2665
 	NOT-FOR-US: PhpFirstPost
-CVE-2007-2664 (PHP remote file inclusion vulnerability in includes/common.php in Yaap ...)
+CVE-2007-2664
 	NOT-FOR-US: Yaap
-CVE-2007-2663 (PHP remote file inclusion vulnerability in language/1/splash.lang.php ...)
+CVE-2007-2663
 	NOT-FOR-US: Beacon
-CVE-2007-2662 (SQL injection vulnerability in EfesTECH Haber 5.0 allows remote ...)
+CVE-2007-2662
 	NOT-FOR-US: EfesTECH
-CVE-2007-2661 (SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows ...)
+CVE-2007-2661
 	NOT-FOR-US: BlogMe
-CVE-2007-2660 (** DISPUTED ** ...)
+CVE-2007-2660
 	NOT-FOR-US: PhpConcept
-CVE-2007-2659 (Directory traversal vulnerability in index.php in PHP Advanced ...)
+CVE-2007-2659
 	NOT-FOR-US: PHP Advanced Transfer Manager (phpATM)
-CVE-2007-2658 (Unspecified vulnerability in the ID Automation Linear Barcode 1.6.0.5 ...)
+CVE-2007-2658
 	NOT-FOR-US: ID Automation
-CVE-2007-2657 (Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX ...)
+CVE-2007-2657
 	NOT-FOR-US: PrecisionID
-CVE-2007-2656 (Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ...)
+CVE-2007-2656
 	NOT-FOR-US: HP
-CVE-2007-2655 (Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before ...)
+CVE-2007-2655
 	NOT-FOR-US: NetWin
-CVE-2007-2654 (xfs_fsr in xfsdump creates a .fsr temporary directory with insecure ...)
+CVE-2007-2654
 	- xfsdump 2.2.45-1 (bug #417894; low)
 	[etch] - xfsdump <no-dsa> (Minor issue)
 CVE-2007-2653
 	REJECTED
-CVE-2007-2652 (Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow ...)
+CVE-2007-2652
 	NOT-FOR-US: Free-SA
-CVE-2007-2651 (Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow ...)
+CVE-2007-2651
 	NOT-FOR-US: VooDoo cIRCle
-CVE-2007-2650 (The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to ...)
+CVE-2007-2650
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.2-1
-CVE-2007-2649 (Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for ...)
+CVE-2007-2649
 	NOT-FOR-US: Speedport W 700v
-CVE-2007-2648 (Stack-based buffer overflow in the Clever Database Comparer 2.2 ...)
+CVE-2007-2648
 	NOT-FOR-US: Clever Database Comparer
-CVE-2007-2647 (Static code injection vulnerability in admin/admin_configuration.php ...)
+CVE-2007-2647
 	NOT-FOR-US: MonAlbum
-CVE-2007-2646 (Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted ...)
+CVE-2007-2646
 	NOT-FOR-US: yEnc32
-CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in ...)
+CVE-2007-2645
 	{DSA-1487-1}
 	- libexif 0.6.15-1 (bug #424775)
-CVE-2007-2644 (A certain ActiveX control in Morovia Barcode ActiveX Professional ...)
+CVE-2007-2644
 	NOT-FOR-US: Morovia
-CVE-2007-2643 (Directory traversal vulnerability in phpThumb.php in PinkCrow Designs ...)
+CVE-2007-2643
 	NOT-FOR-US: maGAZIn
-CVE-2007-2642 (Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 ...)
+CVE-2007-2642
 	NOT-FOR-US: R2K Gallery
-CVE-2007-2641 (SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard ...)
+CVE-2007-2641
 	NOT-FOR-US: W1L3D4
-CVE-2007-2640 (LibTMCG before 1.1.1 does not perform a range check to avoid &quot;trivial ...)
+CVE-2007-2640
 	NOT-FOR-US: LibTMCG
-CVE-2007-2639 (Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote ...)
+CVE-2007-2639
 	NOT-FOR-US: TFTPDWIN
-CVE-2007-2638 (eFileCabinet 3.3 allows remote attackers to bypass authentication and ...)
+CVE-2007-2638
 	NOT-FOR-US: eFileCabinet
-CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for calendars ...)
+CVE-2007-2637
 	{DSA-1514-1}
 	- moin 1.5.7-2 (low)
-CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote ...)
+CVE-2007-2636
 	NOT-FOR-US: phpTodo
-CVE-2007-2635 (Unspecified vulnerability in Interchange before 5.4.2 allows remote ...)
+CVE-2007-2635
 	- interchange 5.4.2-1 (low)
-CVE-2007-2634 (PHP remote file inclusion vulnerability in common/errormsg.php in ...)
+CVE-2007-2634
 	NOT-FOR-US: aForum
-CVE-2007-2633 (Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows ...)
+CVE-2007-2633
 	NOT-FOR-US: H-Sphere
-CVE-2007-2632 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi User ...)
+CVE-2007-2632
 	NOT-FOR-US: phpMUR
-CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail ...)
+CVE-2007-2631
 	NOTE: Duplicate of CVE-2007-2589
-CVE-2007-2630 (Incomplete blacklist vulnerability in ...)
+CVE-2007-2630
 	- moin 1.5.8-4.1 (unimportant)
 	- karrigell <not-affected> (Vulnerable php code not present)
 	- knowledgeroot 0.9.8.2-2 (unimportant)
-CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6) ...)
+CVE-2007-2629
 	NOT-FOR-US: Bradford
-CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in ...)
+CVE-2007-2628
 	NOT-FOR-US: PHPSecurityAdmin
-CVE-2007-2627 (Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, ...)
+CVE-2007-2627
 	- wordpress 2.2.2-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2007-2626 (** DISPUTED ** ...)
+CVE-2007-2626
 	NOT-FOR-US: SchoolBoard
-CVE-2007-2625 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-2625
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-2624 (Dynamic variable evaluation vulnerability in ...)
+CVE-2007-2624
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-2623 (Multiple buffer overflows in RControl.dll in Remote Display Dev kit ...)
+CVE-2007-2623
 	NOT-FOR-US: Remote Display Dev kit
-CVE-2007-2622 (Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier ...)
+CVE-2007-2622
 	NOT-FOR-US: TaskDriver
-CVE-2007-2621 (SQL injection vulnerability in event_view.php in Thyme Calendar 1.3 ...)
+CVE-2007-2621
 	NOT-FOR-US: Thyme Calendar
-CVE-2007-2620 (PHP remote file inclusion vulnerability in inc/config.inc.php in Jakub ...)
+CVE-2007-2620
 	NOT-FOR-US: Jakub Steiner (aka jimmac) original
-CVE-2007-2619 (Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login ...)
+CVE-2007-2619
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2007-2618 (CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows ...)
+CVE-2007-2618
 	NOT-FOR-US: Drake CMS
-CVE-2007-2617 (srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core ...)
+CVE-2007-2617
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2616 (Stack-based buffer overflow in the SSL version of the NMDMC.EXE ...)
+CVE-2007-2616
 	NOT-FOR-US: Novell NetMail
-CVE-2007-2615 (Multiple PHP remote file inclusion vulnerabilities in Crie seu ...)
+CVE-2007-2615
 	NOT-FOR-US: PHPLojaFacil
-CVE-2007-2614 (PHP remote file inclusion vulnerability in examples/widget8.php in ...)
+CVE-2007-2614
 	NOT-FOR-US: phpHtmlLib
-CVE-2007-2613 (WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared ...)
+CVE-2007-2613
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2612 (SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki ...)
+CVE-2007-2612
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2611 (Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 ...)
+CVE-2007-2611
 	NOT-FOR-US: CGX
-CVE-2007-2610 (Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and ...)
+CVE-2007-2610
 	NOT-FOR-US: OpenLD
-CVE-2007-2609 (Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 ...)
+CVE-2007-2609
 	NOT-FOR-US: gnuedu
-CVE-2007-2608 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2608
 	NOT-FOR-US: Miplex2
-CVE-2007-2607 (PHP remote file inclusion vulnerability in views/print/printbar.php in ...)
+CVE-2007-2607
 	NOT-FOR-US: LaVague
-CVE-2007-2606 (Multiple buffer overflows in Firebird 2.1 allow attackers to trigger ...)
+CVE-2007-2606
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (low; bug #444976)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed> (low)
 	NOTE: Minor issue, because conffile is restricted
-CVE-2007-2605 (Unspecified vulnerability in the GetPropertyById function in ...)
+CVE-2007-2605
 	NOT-FOR-US: Brujula Toolbar
-CVE-2007-2604 (Unspecified vulnerability in the FlexLabel ActiveX control allows ...)
+CVE-2007-2604
 	NOT-FOR-US: FlexLabel
-CVE-2007-2603 (Unspecified vulnerability in the Init function in the Audio CD Ripper ...)
+CVE-2007-2603
 	NOT-FOR-US: Audio CD Ripper
-CVE-2007-2602 (Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows ...)
+CVE-2007-2602
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2007-2601 (Buffer overflow in a certain ActiveX control in the GDivX Zenith ...)
+CVE-2007-2601
 	NOT-FOR-US: GDivX Zenith Player
-CVE-2007-2600 (Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS ...)
+CVE-2007-2600
 	NOT-FOR-US: TutorialCMS
-CVE-2007-2599 (Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop ...)
+CVE-2007-2599
 	NOT-FOR-US: TutorialCMS
-CVE-2007-2598 (SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL ...)
+CVE-2007-2598
 	NOT-FOR-US: PHP SimpleNEWS
-CVE-2007-2597 (Multiple PHP remote file inclusion vulnerabilities in telltarget CMS ...)
+CVE-2007-2597
 	NOT-FOR-US: telltarget CMS
-CVE-2007-2596 (PHP remote file inclusion vulnerability in common/func.php in aForum ...)
+CVE-2007-2596
 	NOT-FOR-US: aForum
-CVE-2007-2595 (RSAuction 2.73.1.3 allows remote authenticated users to move their own ...)
+CVE-2007-2595
 	NOT-FOR-US: RSAuction
-CVE-2007-2594 (PHP remote file inclusion vulnerability in inc/articles.inc.php in ...)
+CVE-2007-2594
 	NOT-FOR-US: phpMyPortal
-CVE-2007-2593 (The Terminal Server in Microsoft Windows 2003 Server, when using TLS, ...)
+CVE-2007-2593
 	NOT-FOR-US: Microsoft
-CVE-2007-2592 (Multiple cross-site scripting (XSS) vulnerabilities in Nokia ...)
+CVE-2007-2592
 	NOT-FOR-US: Nokia
-CVE-2007-2591 (usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, ...)
+CVE-2007-2591
 	NOT-FOR-US: Nokia
-CVE-2007-2590 (Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, ...)
+CVE-2007-2590
 	NOT-FOR-US: Nokia
-CVE-2007-2589 (Cross-site request forgery (CSRF) vulnerability in compose.php in ...)
+CVE-2007-2589
 	{DSA-1290-1}
 	- squirrelmail 2:1.4.10a-1 (low)
 	NOTE: CVE id has later been assigned to a part of this issue
-CVE-2007-2588 (Multiple buffer overflows in the Office Viewer OCX ActiveX control ...)
+CVE-2007-2588
 	NOT-FOR-US: Office Viewer OCX ActiveX
-CVE-2007-2587 (The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote ...)
+CVE-2007-2587
 	NOT-FOR-US: Cisco
-CVE-2007-2586 (The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check ...)
+CVE-2007-2586
 	NOT-FOR-US: Cisco
-CVE-2007-2585 (Stack-based buffer overflow in the Verify function in the BarCodeWiz ...)
+CVE-2007-2585
 	NOT-FOR-US: BarCodeWiz ActiveX control
-CVE-2007-2584 (Buffer overflow in the IsOldAppInstalled function in the ...)
+CVE-2007-2584
 	NOT-FOR-US: Subscription Manager ActiveX control
-CVE-2007-2583 (The in_decimal::set function in item_cmpfunc.cc in MySQL before ...)
+CVE-2007-2583
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.41-1 (low; bug #426353)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality not implemented)
 	NOTE: [sarge] Not affected, test case doesn't crash the daemon
-CVE-2007-2582 (Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) ...)
+CVE-2007-2582
 	NOT-FOR-US: IBM DB2
-CVE-2007-2581 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ...)
+CVE-2007-2581
 	NOT-FOR-US: Microsoft
-CVE-2007-2580 (Unspecified vulnerability in Apple Safari allows local users to obtain ...)
+CVE-2007-2580
 	NOT-FOR-US: Safari
-CVE-2007-2579 (Multiple cross-site scripting (XSS) vulnerabilities in ACP3 4.0 beta 3 ...)
+CVE-2007-2579
 	NOT-FOR-US: ACP3
-CVE-2007-2578 (Unspecified vulnerability in search/list/action_search/index.php in ...)
+CVE-2007-2578
 	NOT-FOR-US: ACP3
-CVE-2007-2577 (Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote ...)
+CVE-2007-2577
 	NOT-FOR-US: ACP3
-CVE-2007-2576 (Buffer overflow in the East Wind Software advdaudio.ocx 1.5.1.1 ...)
+CVE-2007-2576
 	NOT-FOR-US: advdaudio.ocx ActiveX control
-CVE-2007-2575 (PHP remote file inclusion vulnerability in watermark.php in the vm ...)
+CVE-2007-2575
 	NOT-FOR-US: vm watermark 0.4.1 mod for Gallery
-CVE-2007-2574 (Directory traversal vulnerability in index.php in Archangel Weblog ...)
+CVE-2007-2574
 	NOT-FOR-US: Archangel Weblog
-CVE-2007-2573 (PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in ...)
+CVE-2007-2573
 	NOT-FOR-US: PHPtree
-CVE-2007-2572 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2572
 	NOT-FOR-US: NoAh (aka PHP Content Architect, phparch)
-CVE-2007-2571 (SQL injection vulnerability in index.php in the wfquotes 1.0 0 module ...)
+CVE-2007-2571
 	NOT-FOR-US: wfquotes module for XOOPS
-CVE-2007-2570 (PHP remote file inclusion vulnerability in handlers/page/show.php in ...)
+CVE-2007-2570
 	NOT-FOR-US: Wikivi5
-CVE-2007-2569 (Multiple PHP remote file inclusion vulnerabilities in Friendly 1.0d1 ...)
+CVE-2007-2569
 	NOT-FOR-US: Friendly
-CVE-2007-2568 (Multiple stack-based buffer overflows in VCDGear 3.55 allow ...)
+CVE-2007-2568
 	NOT-FOR-US: VCDGear
-CVE-2007-2567 (Buffer overflow in the SaveBarCode function in the Taltech Tal Bar ...)
+CVE-2007-2567
 	NOT-FOR-US: Taltech Tal Bar Code ActiveX control
-CVE-2007-2566 (The SaveBarCode function in the Taltech Tal Bar Code ActiveX control ...)
+CVE-2007-2566
 	NOT-FOR-US: Taltech Tal Bar Code ActiveX control
-CVE-2007-2565 (Cdelia Software ImageProcessing allows user-assisted remote attackers ...)
+CVE-2007-2565
 	NOT-FOR-US: Cdelia Software ImageProcessing
-CVE-2007-2564 (Multiple stack-based buffer overflows in the Sienzo Digital Music ...)
+CVE-2007-2564
 	NOT-FOR-US: Sienzo Digital Music Mentor ActiveX control
-CVE-2007-2563 (Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ...)
+CVE-2007-2563
 	NOT-FOR-US: VersalSoft HTTP File Upload ActiveX control
-CVE-2007-2562 (Cross-site scripting (XSS) vulnerability in index.php in Kayako ...)
+CVE-2007-2562
 	NOT-FOR-US: Kayako eSupport
-CVE-2007-2561 (SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote ...)
+CVE-2007-2561
 	NOT-FOR-US: fipsCMS
-CVE-2007-2560 (Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 ...)
+CVE-2007-2560
 	NOT-FOR-US: ACGVannu
-CVE-2007-2559 (Multiple PHP remote file inclusion vulnerabilities in american cart ...)
+CVE-2007-2559
 	NOT-FOR-US: american cart
-CVE-2007-2558 (** DISPUTED ** ...)
+CVE-2007-2558
 	NOT-FOR-US: pfa CMS
-CVE-2007-2557 (MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, ...)
+CVE-2007-2557
 	NOT-FOR-US: Mambo
-CVE-2007-2556 (SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote ...)
+CVE-2007-2556
 	NOT-FOR-US: Nuked-klaN
-CVE-2007-2555 (Unspecified vulnerability in Default.aspx in Podium CMS allows remote ...)
+CVE-2007-2555
 	NOT-FOR-US: Podium CMS
-CVE-2007-2554 (Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank ...)
+CVE-2007-2554
 	NOT-FOR-US: Newspower
-CVE-2007-2553 (Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and ...)
+CVE-2007-2553
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2007-2552 (The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 ...)
+CVE-2007-2552
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2551 (Cross-site scripting (XSS) vulnerability in usersettings.php in ...)
+CVE-2007-2551
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2550 (Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 ...)
+CVE-2007-2550
 	NOT-FOR-US: CubeCart
-CVE-2007-2549 (SQL injection vulnerability in index.php in TurnkeyWebTools SunShop ...)
+CVE-2007-2549
 	NOT-FOR-US: TurnkeyWebTools
-CVE-2007-2548 (Unspecified vulnerability in index.php in TurnkeyWebTools SunShop ...)
+CVE-2007-2548
 	NOT-FOR-US: TurnkeyWebTools
-CVE-2007-2547 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2007-2547
 	NOT-FOR-US: TurnkeyWebTools
-CVE-2007-2546 (Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 ...)
+CVE-2007-2546
 	NOT-FOR-US: SMF
-CVE-2007-2545 (Multiple PHP remote file inclusion vulnerabilities in Persism CMS ...)
+CVE-2007-2545
 	NOT-FOR-US: Persism
-CVE-2007-2544 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2544
 	NOT-FOR-US: TopTree BBS
-CVE-2007-2543 (SQL injection vulnerability in game.php in the Flashgames 1.0.1 module ...)
+CVE-2007-2543
 	NOT-FOR-US: XOOPS
-CVE-2007-2542 (PHP remote file inclusion vulnerability in header.php in workbench ...)
+CVE-2007-2542
 	NOT-FOR-US: workbench survival guide
-CVE-2007-2541 (PHP remote file inclusion vulnerability in includes/ajax_listado.php ...)
+CVE-2007-2541
 	NOT-FOR-US: Versado
-CVE-2007-2540 (Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and ...)
+CVE-2007-2540
 	NOT-FOR-US: PMECMS
-CVE-2007-2539 (The show_files function in RunCms 1.5.2 and earlier allows remote ...)
+CVE-2007-2539
 	NOT-FOR-US: RunCms
-CVE-2007-2538 (SQL injection vulnerability in class/debug/debug_show.php in RunCms ...)
+CVE-2007-2538
 	NOT-FOR-US: RunCms
-CVE-2007-2537 (Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 ...)
+CVE-2007-2537
 	NOT-FOR-US: NPDS
-CVE-2007-2536 (PicoZip allows remote attackers to cause a denial of service (infinite ...)
+CVE-2007-2536
 	NOT-FOR-US: Picozip
-CVE-2007-2535 (WinAce allows remote attackers to cause a denial of service (infinite ...)
+CVE-2007-2535
 	NOT-FOR-US: WinAce
-CVE-2007-2534 (** DISPUTED ** ...)
+CVE-2007-2534
 	NOT-FOR-US: phpHoo3
-CVE-2007-2533 (Multiple buffer overflows in Trend Micro ServerProtect 5.58 before ...)
+CVE-2007-2533
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-2532 (Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen ...)
+CVE-2007-2532
 	NOT-FOR-US: Minh Nguyen Duong Obie Website Mini Web Shop
-CVE-2007-2531 (PHP remote file inclusion vulnerability in berylium-classes.php in ...)
+CVE-2007-2531
 	NOT-FOR-US: Berylium2
-CVE-2007-2530 (Multiple PHP remote file inclusion vulnerabilities in Tropicalm ...)
+CVE-2007-2530
 	NOT-FOR-US: Tropicalm
-CVE-2007-2529 (Integer signedness error in the acl (facl) system call in Solaris 10 ...)
+CVE-2007-2529
 	NOT-FOR-US: Solaris 10
-CVE-2007-2528 (Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for ...)
+CVE-2007-2528
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-2527 (Multiple PHP remote file inclusion vulnerabilities in DynamicPAD ...)
+CVE-2007-2527
 	NOT-FOR-US: DynamicPAD
-CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in VNC ...)
+CVE-2007-2526
 	NOT-FOR-US: VNC Viewer ActiveX control
-CVE-2007-2525 (Memory leak in the PPP over Ethernet (PPPoE) socket implementation in ...)
+CVE-2007-2525
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1356-1}
 	- linux-2.6 2.6.22-1
 	NOTE: Fixed in commit 202a03acf9994076055df40ae093a5c5474ad0bd in
 	NOTE: Linus' tree.
-CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket ...)
+CVE-2007-2524
 	{DSA-1298-1}
 	- otrs2 2.1.1-1 (bug #423524)
 	NOTE: 2.1 and 2.2 are not affected, so recording earliest 2.1 version as fix
-CVE-2007-2523 (CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before ...)
+CVE-2007-2523
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2522 (Stack-based buffer overflow in the inoweb Console Server in CA ...)
+CVE-2007-2522
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2521 (PHP remote file inclusion vulnerability in common.php in E-GADS! ...)
+CVE-2007-2521
 	NOT-FOR-US: E-GADS!
-CVE-2007-2520 (SQL injection vulnerability in admin.php in MyNews 0.10, when ...)
+CVE-2007-2520
 	NOT-FOR-US: MyNews
-CVE-2007-2519 (Directory traversal vulnerability in the installer in PEAR 1.0 through ...)
+CVE-2007-2519
 	- php5 5.2.3-1 (unimportant; bug #441433)
 	- php4 <removed> (unimportant)
 	NOTE: The installation of the PEAR needs to be trusted anyway, this doesn't
@@ -10085,174 +10085,174 @@ CVE-2007-2516
 	RESERVED
 CVE-2007-2515
 	RESERVED
-CVE-2007-2514 (Stack-based buffer overflow in XferWan.exe as used in multiple ...)
+CVE-2007-2514
 	NOT-FOR-US: Symantec
-CVE-2007-2513 (Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 ...)
+CVE-2007-2513
 	NOT-FOR-US: Novell GroupWise
-CVE-2007-2512 (Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and ...)
+CVE-2007-2512
 	NOT-FOR-US: Alcatel-Lucent
-CVE-2007-2511 (Buffer overflow in the user_filter_factory_create function in PHP ...)
+CVE-2007-2511
 	{DTSA-39-1}
 	- php5 5.2.2-1
 	NOTE: Only triggerable by malicious script
-CVE-2007-2510 (Buffer overflow in the make_http_soap_request function in PHP before ...)
+CVE-2007-2510
 	{DSA-1295-1 DTSA-39-1}
 	- php5 5.2.2-1 (low)
-CVE-2007-2509 (CRLF injection vulnerability in the ftp_putcmd function in PHP before ...)
+CVE-2007-2509
 	{DSA-1296-1 DSA-1295-1 DTSA-39-1 DTSA-40-1}
 	- php5 5.2.2-1 (low)
 	- php4 4.4.7-1 (low)
-CVE-2007-2508 (Multiple stack-based buffer overflows in Trend Micro ServerProtect ...)
+CVE-2007-2508
 	NOT-FOR-US: Trend Micro
-CVE-2007-2507 (Directory traversal vulnerability in includes/download.php in Treble ...)
+CVE-2007-2507
 	NOT-FOR-US: Treble Designs 1024 CMS
-CVE-2007-2506 (WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and ...)
+CVE-2007-2506
 	NOT-FOR-US: OpenEdge WebSpeed
-CVE-2007-2505 (Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 ...)
+CVE-2007-2505
 	NOT-FOR-US: MailCOPA
-CVE-2007-2504 (** DISPUTED ** ...)
+CVE-2007-2504
 	NOT-FOR-US: PHP Turbulence
-CVE-2007-2503 (** DISPUTED ** ...)
+CVE-2007-2503
 	NOT-FOR-US: PHP Turbulence
-CVE-2007-2502 (Unspecified vulnerability in HP ProCurve 9300m Series switches with ...)
+CVE-2007-2502
 	NOT-FOR-US: HP ProCurve 9300m Series switches
-CVE-2007-2501 (Eval injection vulnerability in codepress.html in CodePress before ...)
+CVE-2007-2501
 	NOT-FOR-US: CodePress
-CVE-2007-2500 (server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash ...)
+CVE-2007-2500
 	{DTSA-48-1}
 	- gnash 0.7.2+cvs20070518.1557-1 (bug #423433)
-CVE-2007-2499 (Multiple cross-site scripting (XSS) vulnerabilities in DVDdb 0.6 and ...)
+CVE-2007-2499
 	NOT-FOR-US: DVDdb
-CVE-2007-2498 (libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote ...)
+CVE-2007-2498
 	NOT-FOR-US: Winamp
-CVE-2007-2497 (RealNetworks RealPlayer 10 Gold allows remote attackers to cause a ...)
+CVE-2007-2497
 	NOT-FOR-US: RealPlayer
 	NOTE: helix-player not affected
-CVE-2007-2496 (The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote ...)
+CVE-2007-2496
 	NOT-FOR-US: WordViewer.ocx
-CVE-2007-2495 (Multiple stack-based buffer overflows in the ExcelOCX ActiveX control ...)
+CVE-2007-2495
 	NOT-FOR-US: ExcelViewer .ocx
-CVE-2007-2494 (Multiple stack-based buffer overflows in the PowerPointOCX ActiveX ...)
+CVE-2007-2494
 	NOT-FOR-US: PowerPointViewer .ocx
-CVE-2007-2493 (PHP remote file inclusion vulnerability in faq.php in the FAQ &amp; RULES ...)
+CVE-2007-2493
 	NOT-FOR-US: FAQ & RULES module for mxBB
-CVE-2007-2492 (SQL injection vulnerability in index.php in the v4bJournal module for ...)
+CVE-2007-2492
 	NOT-FOR-US: v4bJournal module for PostNuke
-CVE-2007-2491 (The PIIX4 power management subsystem in EMC VMware Workstation ...)
+CVE-2007-2491
 	NOT-FOR-US: EMC VMware
-CVE-2007-2490 (Unspecified vulnerability in LiveData Server before 5.00.62 allows ...)
+CVE-2007-2490
 	NOT-FOR-US: LiveData Server
-CVE-2007-2489 (Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and ...)
+CVE-2007-2489
 	NOT-FOR-US: LiveData Protocol Server
-CVE-2007-2487 (Stack-based buffer overflow in AtomixMP3 allows remote attackers to ...)
+CVE-2007-2487
 	NOT-FOR-US: AtomixMP3
-CVE-2007-2486 (Directory traversal vulnerability in download.asp in Motobit 1.3 and ...)
+CVE-2007-2486
 	NOT-FOR-US: Motobit
-CVE-2007-2485 (PHP remote file inclusion vulnerability in myflash-button.php in the ...)
+CVE-2007-2485
 	NOT-FOR-US: myflash plugin for WordPress
-CVE-2007-2484 (PHP remote file inclusion vulnerability in js/wptable-button.php in ...)
+CVE-2007-2484
 	NOT-FOR-US: wp-Table plugin for WordPress
-CVE-2007-2483 (Directory traversal vulnerability in js/wptable-button.php in the ...)
+CVE-2007-2483
 	NOT-FOR-US: wp-Table plugin for WordPress
-CVE-2007-2482 (Directory traversal vulnerability in wordtube-button.php in the ...)
+CVE-2007-2482
 	NOT-FOR-US: wordTube plugin for WordPress
-CVE-2007-2481 (PHP remote file inclusion vulnerability in wordtube-button.php in the ...)
+CVE-2007-2481
 	NOT-FOR-US: wordTube plugin for WordPress
 CVE-2007-XXXX [schroot may use outdated configuration information]
 	- schroot <not-affected> (Upstream: "This bug was never present in a Debian release.")
-CVE-2007-2488 (The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does ...)
+CVE-2007-2488
 	{DSA-1358-1}
 	- asterisk 1:1.4.5~dfsg-1 (low)
 	NOTE: no-dsa / unimportant candidate, the opposite side of the telephone line
 	NOTE: could just as well hang-up
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-013.htm
-CVE-2007-2480 (The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel ...)
+CVE-2007-2480
 	- linux-2.6 2.6.22-1 (medium)
-CVE-2007-2479 (Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers ...)
+CVE-2007-2479
 	NOT-FOR-US: Cerulean Trillian
-CVE-2007-2478 (Multiple heap-based buffer overflows in the IRC component in Cerulean ...)
+CVE-2007-2478
 	NOT-FOR-US: Cerulean Trillian
-CVE-2007-2477 (** DISPUTED ** ...)
+CVE-2007-2477
 	NOT-FOR-US: phpMyChat
-CVE-2007-2476 (Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before ...)
+CVE-2007-2476
 	NOT-FOR-US: Novell
-CVE-2007-2475 (Unspecified vulnerability in the ADSCHEMA utility in Novell ...)
+CVE-2007-2475
 	NOT-FOR-US: Novell
-CVE-2007-2474 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web ...)
+CVE-2007-2474
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2007-2473 (SQL injection vulnerability in stylesheet.php in CMS Made Simple 1.0.5 ...)
+CVE-2007-2473
 	NOT-FOR-US: CMS Made Simple
-CVE-2007-2472 (Cross-site scripting (XSS) vulnerability in sendcard.php in Sendcard ...)
+CVE-2007-2472
 	NOT-FOR-US: Sendcard
-CVE-2007-2471 (Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 ...)
+CVE-2007-2471
 	NOT-FOR-US: Sendcard
-CVE-2007-2470 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-2470
 	NOT-FOR-US: FileRun
-CVE-2007-2469 (SQL injection vulnerability in index.php in FileRun 1.0 and earlier ...)
+CVE-2007-2469
 	NOT-FOR-US: FileRun
-CVE-2007-2468 (Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 ...)
+CVE-2007-2468
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-2467 (ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions ...)
+CVE-2007-2467
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2007-2466 (Unspecified vulnerability in the LDAP Software Development Kit (SDK) ...)
+CVE-2007-2466
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2007-2465 (Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing ...)
+CVE-2007-2465
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2464 (Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 ...)
+CVE-2007-2464
 	NOT-FOR-US: Cisco
-CVE-2007-2463 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2007-2463
 	NOT-FOR-US: Cisco
-CVE-2007-2462 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2007-2462
 	NOT-FOR-US: Cisco
-CVE-2007-2461 (The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and ...)
+CVE-2007-2461
 	NOT-FOR-US: Cisco
-CVE-2007-2460 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2460
 	NOT-FOR-US: FireFly
-CVE-2007-2459 (Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl ...)
+CVE-2007-2459
 	{DSA-1498-1}
 	- libimager-perl 0.58-1 (bug #421582)
-CVE-2007-2458 (Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery ...)
+CVE-2007-2458
 	NOT-FOR-US: Pixaria Gallery
-CVE-2007-2457 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2457
 	NOT-FOR-US: Pixaria Gallery
-CVE-2007-2456 (Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 ...)
+CVE-2007-2456
 	NOT-FOR-US: FireFly
-CVE-2007-2455 (Parallels allows local users to cause a denial of service (virtual ...)
+CVE-2007-2455
 	NOT-FOR-US: Parallels
-CVE-2007-2454 (Heap-based buffer overflow in the VGA device in Parallels allows local ...)
+CVE-2007-2454
 	NOT-FOR-US: Parallels
-CVE-2007-2453 (The random number feature in Linux kernel 2.6 before 2.6.20.13, and ...)
+CVE-2007-2453
 	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (low)
-CVE-2007-2452 (Heap-based buffer overflow in the visit_old_format function in ...)
+CVE-2007-2452
 	- findutils 4.2.31-1 (low; bug #426862)
 	[sarge] - findutils <no-dsa> (Not vulnerable in default configuration, minor issue)
 	[etch] - findutils 4.2.28-1etch1 (low)
-CVE-2007-2451 (Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES ...)
+CVE-2007-2451
 	- linux-2.6 2.6.21-3
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.20)
-CVE-2007-2450 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager ...)
+CVE-2007-2450
 	{DSA-1468-1}
 	- tomcat4 <removed> (low)
 	- tomcat5 <removed> (low)
 	- tomcat5.5 5.5.25-1 (low)
 	[sarge] - tomcat4 <no-dsa> (Contrib not supported)
-CVE-2007-2449 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSP ...)
+CVE-2007-2449
 	- tomcat4 <removed> (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.25-1 (unimportant)
 	NOTE: Only present in the examples, not in production code
-CVE-2007-2448 (Subversion 1.4.3 and earlier does not properly implement the &quot;partial ...)
+CVE-2007-2448
 	- subversion 1.4.4dfsg1-1 (bug #428194; low)
 	[etch] - subversion <no-dsa> (Minor issue)
 	[sarge] - subversion <no-dsa> (Minor issue)
-CVE-2007-2447 (The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 ...)
+CVE-2007-2447
 	{DSA-1291-2 DTSA-41-1}
 	- samba 3.0.25-1 (high)
-CVE-2007-2446 (Multiple heap-based buffer overflows in the NDR parsing in smbd in ...)
+CVE-2007-2446
 	{DSA-1291-2 DTSA-41-1}
 	- samba 3.0.25-1 (high)
-CVE-2007-2445 (The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and ...)
+CVE-2007-2445
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
 	[etch] - libgd2 2.0.33-5.2etch1 (low)
@@ -10260,27 +10260,27 @@ CVE-2007-2445 (The png_handle_tRNS function in pngrutil.c in libpng before 1.0.2
 	- libpng3 <not-affected>
 	[etch] - libpng 1.2.15~beta5-1+etch2
 	NOTE: Only a crash, no code injection. Calling this DoS stretches things rather far
-CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in Samba ...)
+CVE-2007-2444
 	{DSA-1291-2 DTSA-41-1}
 	- samba 3.0.25-1
-CVE-2007-2443 (Integer signedness error in the gssrpc__svcauth_unix function in ...)
+CVE-2007-2443
 	{DSA-1323-1}
 	- krb5 1.6.dfsg.1-5 (bug #430787; medium)
-CVE-2007-2442 (The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos ...)
+CVE-2007-2442
 	{DSA-1323-1}
 	- krb5 1.6.dfsg.1-5 (bug #430787; high)
-CVE-2007-2441 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for ...)
+CVE-2007-2441
 	NOT-FOR-US: Caucho Resin Professional
-CVE-2007-2440 (Directory traversal vulnerability in Caucho Resin Professional 3.1.0 ...)
+CVE-2007-2440
 	NOT-FOR-US: Caucho Resin Professional
-CVE-2007-2439 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for ...)
+CVE-2007-2439
 	NOT-FOR-US: Caucho Resin Professional
-CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1) writefile, ...)
+CVE-2007-2438
 	{DSA-1364-2 DSA-1364-1}
 	- vim 1:7.1-022+1 (bug #435401; low)
 	[sarge] - vim <not-affected> (Vulnerable code not present)
 	NOTE: Exploitable through modelines, needs to be used with care in any case
-CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, ...)
+CVE-2007-2437
 	- xorg-server 2:1.3.0.0.dfsg-4 (unimportant; bug #422936)
 	NOTE: etch vulnerable (patch below applies)
 	NOTE: git url to fix the issue
@@ -10290,109 +10290,109 @@ CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.
 	NOTE: just as well provide a binary which does more harm
 CVE-2007-2436
 	REJECTED
-CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...)
+CVE-2007-2435
 	- sun-java5 1.5.0-11-1 (medium; bug #423062)
 	[etch] - sun-java5 1.5.0-14-1etch1
-CVE-2007-2434 (Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows ...)
+CVE-2007-2434
 	NOT-FOR-US: Aventail Connect
-CVE-2007-2433 (Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 ...)
+CVE-2007-2433
 	NOT-FOR-US: Ariadne
-CVE-2007-2432 (Cross-site scripting (XSS) vulnerability in utilities/search.asp in ...)
+CVE-2007-2432
 	NOT-FOR-US: Nukedit
-CVE-2007-2431 (Dynamic variable evaluation vulnerability in ...)
+CVE-2007-2431
 	NOT-FOR-US: TCExam
-CVE-2007-2430 (shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote ...)
+CVE-2007-2430
 	NOT-FOR-US: TCExam
-CVE-2007-2429 (ManageEngine PasswordManager Pro (PMP) allows remote attackers to ...)
+CVE-2007-2429
 	NOT-FOR-US: ManageEngine PasswordManager Pro (PMP)
-CVE-2007-2428 (Multiple PHP remote file inclusion vulnerabilities in page.php in ...)
+CVE-2007-2428
 	NOT-FOR-US: Ahhp-Portal
-CVE-2007-2427 (SQL injection vulnerability in index.php in the pnFlashGames 1.5 ...)
+CVE-2007-2427
 	NOT-FOR-US: pnFlashGames
-CVE-2007-2426 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2426
 	NOT-FOR-US: myGallery
-CVE-2007-2425 (Directory traversal vulnerability in fileview.php in Imageview 5.3 ...)
+CVE-2007-2425
 	NOT-FOR-US: Imageview
-CVE-2007-2424 (PHP remote file inclusion vulnerability in help/index.php in The ...)
+CVE-2007-2424
 	NOT-FOR-US: The Merchant
-CVE-2007-2423 (Cross-site scripting (XSS) vulnerability in index.php in MoinMoin ...)
+CVE-2007-2423
 	{DSA-1514-1}
 	- moin 1.5.7-3 (medium; bug #422408)
-CVE-2007-2422 (** DISPUTED ** ...)
+CVE-2007-2422
 	NOT-FOR-US: Comdev One Admin
-CVE-2007-2421 (Buffer overflow in Hitachi Groupmax Mobile Option for Mobile-Phone ...)
+CVE-2007-2421
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2007-2420 (SQL injection vulnerability in bry.asp in Burak Yilmaz Blog 1.0 allows ...)
+CVE-2007-2420
 	NOT-FOR-US: Burak Yilmaz Blog
-CVE-2007-2419 (Multiple buffer overflows in an ActiveX control (boisweb.dll) in ...)
+CVE-2007-2419
 	NOT-FOR-US: Macrovision
-CVE-2007-2418 (Heap-based buffer overflow in the Rendezvous / Extensible Messaging ...)
+CVE-2007-2418
 	NOT-FOR-US: Cerulean Trillian
-CVE-2007-2417 (Heap-based buffer overflow in _mprosrv.exe in Progress Software ...)
+CVE-2007-2417
 	NOT-FOR-US: Progress Software Progress and OpenEdge
-CVE-2007-2416 (SQL injection vulnerability in home.php in E-Annu allows remote ...)
+CVE-2007-2416
 	NOT-FOR-US: E-Annu
-CVE-2007-2415 (Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial ...)
+CVE-2007-2415
 	NOT-FOR-US: Pi3Web Web Server
-CVE-2007-2414 (MyServer before 0.8.8 allows remote attackers to cause a denial of ...)
+CVE-2007-2414
 	NOT-FOR-US: MyServer
 CVE-2007-2413
 	REJECTED
-CVE-2007-2412 (** DISPUTED ** ...)
+CVE-2007-2412
 	NOT-FOR-US: Seir Anphin
-CVE-2007-2411 (** DISPUTED ** ...)
+CVE-2007-2411
 	NOT-FOR-US: Sphider
-CVE-2007-2410 (WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of ...)
+CVE-2007-2410
 	NOT-FOR-US: Mac OS X
-CVE-2007-2409 (Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and ...)
+CVE-2007-2409
 	NOT-FOR-US: Mac OS X
-CVE-2007-2408 (WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly ...)
+CVE-2007-2408
 	NOT-FOR-US: Apple Safari
-CVE-2007-2407 (The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows ...)
+CVE-2007-2407
 	- samba <not-affected> (MacOS/Apple-specific vulnerability)
-CVE-2007-2406 (Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a ...)
+CVE-2007-2406
 	NOT-FOR-US: Mac OS X
-CVE-2007-2405 (Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 ...)
+CVE-2007-2405
 	NOT-FOR-US: Mac OS X
-CVE-2007-2404 (CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and ...)
+CVE-2007-2404
 	NOT-FOR-US: Mac OS X
-CVE-2007-2403 (CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly ...)
+CVE-2007-2403
 	NOT-FOR-US: Mac OS X
-CVE-2007-2402 (QuickTime for Java in Apple Quicktime before 7.2 does not perform ...)
+CVE-2007-2402
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2401 (CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, ...)
+CVE-2007-2401
 	NOT-FOR-US: Apple
-CVE-2007-2400 (Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, ...)
+CVE-2007-2400
 	NOT-FOR-US: Apple
-CVE-2007-2399 (WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before ...)
+CVE-2007-2399
 	NOT-FOR-US: Apple
-CVE-2007-2398 (Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers ...)
+CVE-2007-2398
 	NOT-FOR-US: Apple Safari
-CVE-2007-2397 (QuickTime for Java in Apple Quicktime before 7.2 does not properly ...)
+CVE-2007-2397
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2396 (The JDirect support in QuickTime for Java in Apple Quicktime before ...)
+CVE-2007-2396
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2395 (Unspecified vulnerability in Apple QuickTime before 7.3 allows remote ...)
+CVE-2007-2395
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2394 (Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and ...)
+CVE-2007-2394
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2393 (The design of QuickTime for Java in Apple Quicktime before 7.2 allows ...)
+CVE-2007-2393
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2392 (Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows ...)
+CVE-2007-2392
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2391 (Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 ...)
+CVE-2007-2391
 	NOT-FOR-US: Apple
-CVE-2007-2390 (Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows ...)
+CVE-2007-2390
 	NOT-FOR-US: Apple
-CVE-2007-2389 (Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear ...)
+CVE-2007-2389
 	NOT-FOR-US: Apple
-CVE-2007-2388 (Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not ...)
+CVE-2007-2388
 	NOT-FOR-US: Apple
-CVE-2007-2387 (Apple Xserve Lights-Out Management before Firmware Update 1.0 on Intel ...)
+CVE-2007-2387
 	NOT-FOR-US: Apple
-CVE-2007-2386 (Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 ...)
+CVE-2007-2386
 	NOT-FOR-US: Apple mDNSResponder
-CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object ...)
+CVE-2007-2385
 	- yui <removed> (unimportant; bug #557745)
 	- bcfg2 <not-affected> (present in source but not included in any binary files)
 	- serendipity 1.5.3-1 (low; bug #557746)
@@ -10404,12 +10404,12 @@ CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object ..
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2384 (The Script.aculo.us framework exchanges data using JavaScript Object ...)
+CVE-2007-2384
 	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2383 (The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data ...)
+CVE-2007-2383
 	{DSA-1952-1}
 	- prototypejs <not-affected> (fixed before initial upload)
 	- auth2db 0.2.5-2+dfsg-1 (low; bug #555217)
@@ -10467,135 +10467,135 @@ CVE-2007-2383 (The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2382 (The Moo.fx framework exchanges data using JavaScript Object Notation ...)
+CVE-2007-2382
 	NOT-FOR-US: Moo.fx framework
 	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2381 (The MochiKit framework exchanges data using JavaScript Object Notation ...)
+CVE-2007-2381
 	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2380 (The Microsoft Atlas framework exchanges data using JavaScript Object ...)
+CVE-2007-2380
 	NOT-FOR-US: Microsoft Atlas
-CVE-2007-2379 (The jQuery framework exchanges data using JavaScript Object Notation ...)
+CVE-2007-2379
 	- jquery <unfixed> (unimportant)
 	NOTE: the paper in this reference is a guideline on how to avoid writing unsafe jquery applications. there really isn't anything to fix in the library itself.
 	NOTE: https://www.fortify.com/vulncat/en/vulncat/javascript/javascript_hijacking_ad_hoc_ajax.html
-CVE-2007-2378 (The Google Web Toolkit (GWT) framework exchanges data using JavaScript ...)
+CVE-2007-2378
 	- gwt <removed> (unimportant; bug #563542)
 	NOTE: javascript security guidelines provided to developers to avoid these issues
 	NOTE: https://developers.google.com/web-toolkit/articles/security_for_gwt_applications
-CVE-2007-2377 (The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data ...)
+CVE-2007-2377
 	NOT-FOR-US: Getahead Direct Web Remoting
-CVE-2007-2376 (The Dojo framework exchanges data using JavaScript Object Notation ...)
+CVE-2007-2376
 	NOT-FOR-US: Dojo
-CVE-2007-2375 (The agent remote upgrade interface in Symantec Enterprise Security ...)
+CVE-2007-2375
 	NOT-FOR-US: Symantec
-CVE-2007-2374 (Unspecified vulnerability in Microsoft Windows 2000, XP, and Server ...)
+CVE-2007-2374
 	NOT-FOR-US: Microsoft
-CVE-2007-2373 (SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) ...)
+CVE-2007-2373
 	NOT-FOR-US: WF-Links (wflinks) module for XOOPS
-CVE-2007-2372 (admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and ...)
+CVE-2007-2372
 	NOT-FOR-US: phpMyNewsletter
-CVE-2007-2371 (admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and ...)
+CVE-2007-2371
 	NOT-FOR-US: phpMyNewsletter
-CVE-2007-2370 (SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 ...)
+CVE-2007-2370
 	NOT-FOR-US: Jobs module for XOOPS
-CVE-2007-2369 (Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 ...)
+CVE-2007-2369
 	NOT-FOR-US: WebSPELL
-CVE-2007-2368 (picture.php in WebSPELL 4.01.02 and earlier allows remote attackers to ...)
+CVE-2007-2368
 	NOT-FOR-US: WebSPELL
-CVE-2007-2367 (Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) ...)
+CVE-2007-2367
 	NOT-FOR-US: Wserve HTTP Server (whttp)
-CVE-2007-2366 (Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted ...)
+CVE-2007-2366
 	NOT-FOR-US: Corel
-CVE-2007-2365 (Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements ...)
+CVE-2007-2365
 	NOT-FOR-US: Adobe
-CVE-2007-2364 (Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and ...)
+CVE-2007-2364
 	NOT-FOR-US: burnCMS
-CVE-2007-2363 (Buffer overflow in IrfanView 4.00 and earlier allows user-assisted ...)
+CVE-2007-2363
 	NOT-FOR-US: IrfanView
-CVE-2007-2362 (Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) ...)
+CVE-2007-2362
 	{DSA-1434-1 DTSA-36-1}
 	- mydns 1:1.1.0-8
 	[sarge] - mydns <not-affected> (Vulnerable code not present)
-CVE-2007-2361 (Symantec Norton Ghost, Norton Save &amp; Recovery, LiveState Recovery, and ...)
+CVE-2007-2361
 	NOT-FOR-US: Symantec
-CVE-2007-2360 (Symantec Norton Ghost, Norton Save &amp; Recovery, LiveState Recovery, and ...)
+CVE-2007-2360
 	NOT-FOR-US: Symantec
-CVE-2007-2359 (Buffer overflow in Ghost Service Manager, as used in Symantec Norton ...)
+CVE-2007-2359
 	NOT-FOR-US: Symantec
-CVE-2007-2358 (** DISPUTED ** ...)
+CVE-2007-2358
 	- b2evolution <not-affected> (Debian's version does not contain the affected variables)
-CVE-2007-2357 (Cross-site scripting (XSS) vulnerability in mods/Core/result.php in ...)
+CVE-2007-2357
 	NOT-FOR-US: SineCms
-CVE-2007-2356 (Stack-based buffer overflow in the set_color_table function in ...)
+CVE-2007-2356
 	{DSA-1301-1}
 	- gimp 2.2.14-2
-CVE-2007-2355 (The get_url function in DODS_Dispatch.pm for the CGI_server in OPeNDAP ...)
+CVE-2007-2355
 	NOT-FOR-US: OPeNDAP
-CVE-2007-2354 (Progress Webspeed Messenger allows remote attackers to obtain ...)
+CVE-2007-2354
 	NOT-FOR-US: Progress Webspeed Messenger
-CVE-2007-2353 (Apache Axis 1.0 allows remote attackers to obtain sensitive ...)
+CVE-2007-2353
 	- axis <unfixed> (unimportant)
 	NOTE: only path disclosure
-CVE-2007-2352 (Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote ...)
+CVE-2007-2352
 	NOT-FOR-US: AFFLIB
-CVE-2007-2351 (Unspecified vulnerability in the HP Power Manager Remote Agent (RA) ...)
+CVE-2007-2351
 	NOT-FOR-US: HP Power Manager Remote Agent
-CVE-2007-2350 (admin/config.php in the music-on-hold module in freePBX 2.2.x allows ...)
+CVE-2007-2350
 	NOT-FOR-US: freePBX
-CVE-2007-2349 (Cross-site scripting (XSS) vulnerability in Invision Power Board ...)
+CVE-2007-2349
 	NOT-FOR-US: Invision Power Board
-CVE-2007-2348 (mirror --script in lftp before 3.5.9 does not properly quote shell ...)
+CVE-2007-2348
 	- lftp 3.5.9-1 (unimportant)
 	NOTE: Non-issue, also already documented as potentially risky
-CVE-2007-2347 (PHP remote file inclusion vulnerability in main/forum/komentar.php in ...)
+CVE-2007-2347
 	NOT-FOR-US: OneClick CMS
-CVE-2007-2346 (Multiple PHP remote file inclusion vulnerabilities in PHP-Generics 1.0 ...)
+CVE-2007-2346
 	NOT-FOR-US: PHP-Generics
-CVE-2007-2345 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2345
 	NOT-FOR-US: phpBrowse
-CVE-2007-2344 (The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight ...)
+CVE-2007-2344
 	NOT-FOR-US: Enterasys
-CVE-2007-2343 (Stack-based buffer overflow in the TFTPD component in Enterasys ...)
+CVE-2007-2343
 	NOT-FOR-US: Enterasys
-CVE-2007-2342 (SQL injection vulnerability in error.asp in CreaScripts CreaDirectory ...)
+CVE-2007-2342
 	NOT-FOR-US: CreaScripts Creadirectory
-CVE-2007-2341 (PHP remote file inclusion vulnerability in suite/index.php in ...)
+CVE-2007-2341
 	NOT-FOR-US: phpBandManager
-CVE-2007-2340 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2007-2340
 	NOT-FOR-US: phporacleview
-CVE-2007-2339 (Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow ...)
+CVE-2007-2339
 	NOT-FOR-US: Phorum
-CVE-2007-2338 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2007-2338
 	NOT-FOR-US: Phorum
-CVE-2007-2337 (Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS ...)
+CVE-2007-2337
 	NOT-FOR-US: Exponent CMS
-CVE-2007-2336 (Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 ...)
+CVE-2007-2336
 	NOT-FOR-US: NaviCOPA HTTP Server
-CVE-2007-2335 (Cross-site scripting (XSS) vulnerability in the RSS feed reader ...)
+CVE-2007-2335
 	NOT-FOR-US: Lunascape
-CVE-2007-2334 (Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before ...)
+CVE-2007-2334
 	NOT-FOR-US: Nortel
-CVE-2007-2333 (Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before ...)
+CVE-2007-2333
 	NOT-FOR-US: Nortel
-CVE-2007-2332 (Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before ...)
+CVE-2007-2332
 	NOT-FOR-US: Nortel
-CVE-2007-2331 (PHP remote file inclusion vulnerability in cart.php in Shop-Script 2.0 ...)
+CVE-2007-2331
 	NOT-FOR-US: Shop-Script
-CVE-2007-2330 (PHP remote file inclusion vulnerability in includes_handler.php in ...)
+CVE-2007-2330
 	NOT-FOR-US: DynaTracker
-CVE-2007-2329 (PHP remote file inclusion vulnerability in searchbot.php in ...)
+CVE-2007-2329
 	NOT-FOR-US: Searchactivity
-CVE-2007-2328 (PHP remote file inclusion vulnerability in addvip.php in phpMYTGP 1.4b ...)
+CVE-2007-2328
 	NOT-FOR-US: phpMYTGP
-CVE-2007-2327 (PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox ...)
+CVE-2007-2327
 	NOT-FOR-US: HTMLeditbox
-CVE-2007-2326 (Multiple PHP remote file inclusion vulnerabilities in HYIP Manager Pro ...)
+CVE-2007-2326
 	- smarty <removed> (unimportant; bug #488523)
 	- moodle 1.8.2-2 (unimportant; bug #488525)
 	- gallery2 2.2.5-2 (unimportant; bug #488527)
@@ -10603,474 +10603,474 @@ CVE-2007-2326 (Multiple PHP remote file inclusion vulnerabilities in HYIP Manage
 	NOTE: to exploit this, the smarty files need to be installed in a http daemon accessible directory
 	NOTE: (should be the case for embedded copies), however
 	NOTE: additionally this relies on register_globals being switched on.
-CVE-2007-2325 (PHP remote file inclusion vulnerability in include.php in MyNewsGroups :) ...)
+CVE-2007-2325
 	NOT-FOR-US: MyNewsGroups
-CVE-2007-2324 (Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows ...)
+CVE-2007-2324
 	NOT-FOR-US: JulmaCMS
-CVE-2007-2323 (Multiple buffer overflows in the WinDVDX ActiveX control in InterVideo ...)
+CVE-2007-2323
 	NOT-FOR-US: InterVideo
-CVE-2007-2322 (NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows ...)
+CVE-2007-2322
 	NOT-FOR-US: Nero
-CVE-2007-2321 (Unspecified vulnerability in the search functionality in SilverStripe ...)
+CVE-2007-2321
 	NOT-FOR-US: SilverStripe
-CVE-2007-2320 (SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier ...)
+CVE-2007-2320
 	NOT-FOR-US: Papoo
-CVE-2007-2319 (PHP remote file inclusion vulnerability in the AutoStand 1.1 and ...)
+CVE-2007-2319
 	NOT-FOR-US: AutoStand
-CVE-2007-2318 (Multiple format string vulnerabilities in FileZilla before 2.2.32 ...)
+CVE-2007-2318
 	- filezilla 3.0.0~beta2-3 (bug #421776)
 	NOTE: http://sourceforge.net/project/shownotes.php?release_id=501534&group_id=21558
-CVE-2007-2317 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...)
+CVE-2007-2317
 	NOT-FOR-US: MiniBB
-CVE-2007-2316 (Unspecified vulnerability in the admin script in Open Business ...)
+CVE-2007-2316
 	NOT-FOR-US: Open Business Management
-CVE-2007-2315 (MiniShare 1.5.4, and possibly earlier, allows remote attackers to ...)
+CVE-2007-2315
 	NOT-FOR-US: MiniShare
-CVE-2007-2314 (Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly ...)
+CVE-2007-2314
 	NOT-FOR-US: Crea-Book
-CVE-2007-2313 (PHP remote file inclusion vulnerability in getinfo1.php in the ...)
+CVE-2007-2313
 	NOT-FOR-US: Shotcast module for mxBB
-CVE-2007-2312 (Multiple SQL injection vulnerabilities in the Virtual War (VWar) 1.5.0 ...)
+CVE-2007-2312
 	NOT-FOR-US: Virtual War (VWar)
-CVE-2007-2311 (** DISPUTED ** ...)
+CVE-2007-2311
 	NOT-FOR-US: BlooFoxCMS
-CVE-2007-2310 (Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php ...)
+CVE-2007-2310
 	NOT-FOR-US: BloofoxCMS
-CVE-2007-2309 (Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 ...)
+CVE-2007-2309
 	NOT-FOR-US: FloweRS
-CVE-2007-2308 (Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 ...)
+CVE-2007-2308
 	NOT-FOR-US: FloweRS
-CVE-2007-2307 (PHP remote file inclusion vulnerability in engine/engine.inc.php in ...)
+CVE-2007-2307
 	NOT-FOR-US: WebKalk2
-CVE-2007-2306 (Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War ...)
+CVE-2007-2306
 	NOT-FOR-US: Virtual War (VWar)
-CVE-2007-2305 (Multiple SQL injection vulnerabilities in authenticate.php in Quick ...)
+CVE-2007-2305
 	NOT-FOR-US: QDBlog
-CVE-2007-2304 (Multiple directory traversal vulnerabilities in Quick and Dirty Blog ...)
+CVE-2007-2304
 	NOT-FOR-US: QDBlog
-CVE-2007-2303 (Directory traversal vulnerability in includes/footer.php in News ...)
+CVE-2007-2303
 	NOT-FOR-US: NMDeluxe
-CVE-2007-2302 (PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8 ...)
+CVE-2007-2302
 	NOT-FOR-US: Expow
-CVE-2007-2301 (Multiple PHP remote file inclusion vulnerabilities in audioCMS arash ...)
+CVE-2007-2301
 	NOT-FOR-US: audioCMS
-CVE-2007-2300 (Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto ...)
+CVE-2007-2300
 	NOT-FOR-US: phpwebnews
-CVE-2007-2299 (Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier ...)
+CVE-2007-2299
 	NOT-FOR-US: CMS Frogss
-CVE-2007-2298 (Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 ...)
+CVE-2007-2298
 	NOT-FOR-US: Garennes
-CVE-2007-2297 (The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x ...)
+CVE-2007-2297
 	{DSA-1358-1}
 	- asterisk 1:1.4.2~dfsg-1 (medium; bug #419820)
 	[sarge] - asterisk <not-affected> (correctly logs a warning)
-CVE-2007-2296 (Integer overflow in the FlipFileTypeAtom_BtoN function in Apple ...)
+CVE-2007-2296
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2295 (Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple ...)
+CVE-2007-2295
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2294 (The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 ...)
+CVE-2007-2294
 	{DSA-1358-1}
 	- asterisk 1:1.4.3~dfsg-1 (low)
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-012.htm
-CVE-2007-2293 (Multiple stack-based buffer overflows in the process_sdp function in ...)
+CVE-2007-2293
 	- asterisk 1:1.4.3~dfsg-1 (high)
 	[sarge] - asterisk <not-affected> (1.0.x not affected)
 	[etch] - asterisk <not-affected> (1.2.x not affected)
 	[lenny] - asterisk <not-affected> (vulnerable code not present)
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-010.htm
-CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication support for ...)
+CVE-2007-2292
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (low)
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
-CVE-2007-2291 (CRLF injection vulnerability in the Digest Authentication support for ...)
+CVE-2007-2291
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-2290 (Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and ...)
+CVE-2007-2290
 	NOT-FOR-US: B2 Weblog
 	NOTE: Debian's b2evolution does not contain the string "b2inc",
 	NOTE: and does not seem to suffer from this vulnerability.
-CVE-2007-2289 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2289
 	NOT-FOR-US: Download-Engine
-CVE-2007-2288 (PHP remote file inclusion vulnerability in info.php in Doruk100.net ...)
+CVE-2007-2288
 	NOT-FOR-US: doruk100net
-CVE-2007-2287 (PHP remote file inclusion vulnerability in accept.php in comus 2.0 ...)
+CVE-2007-2287
 	NOT-FOR-US: comus
-CVE-2007-2286 (PHP remote file inclusion vulnerability in config.php in Built2Go PHP ...)
+CVE-2007-2286
 	NOT-FOR-US: Built2Go
-CVE-2007-2285 (Directory traversal vulnerability in examples/layout/feed-proxy.php in ...)
+CVE-2007-2285
 	NOT-FOR-US: Jack Slocum Ext
-CVE-2007-2284 (Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote ...)
+CVE-2007-2284
 	NOT-FOR-US: ABC-View Manager
-CVE-2007-2283 (Buffer overflow in Fresh View 7.15 allows user-assisted remote ...)
+CVE-2007-2283
 	NOT-FOR-US: Fresh View
-CVE-2007-2282 (Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before ...)
+CVE-2007-2282
 	NOT-FOR-US: Cisco
-CVE-2007-2281 (Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe ...)
+CVE-2007-2281
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2007-2280 (Stack-based buffer overflow in OmniInet.exe (aka the backup client ...)
+CVE-2007-2280
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2007-2279 (The Scheduler Service (VxSchedService.exe) in Symantec Storage ...)
+CVE-2007-2279
 	NOT-FOR-US: Symantec
-CVE-2007-2278 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 ...)
+CVE-2007-2278
 	NOT-FOR-US: DCP-Portal
-CVE-2007-2277 (Session fixation vulnerability in Plogger allows remote attackers to ...)
+CVE-2007-2277
 	NOT-FOR-US: Plogger
-CVE-2007-2276 (** DISPUTED ** ...)
+CVE-2007-2276
 	NOT-FOR-US: TippingPoint IPS
-CVE-2007-2275 (Unspecified vulnerability in HP StorageWorks Command View Advanced ...)
+CVE-2007-2275
 	NOT-FOR-US: HP StorageWorks
-CVE-2007-2274 (The BitTorrent implementation in Opera 9.2 allows remote attackers to ...)
+CVE-2007-2274
 	NOT-FOR-US: Opera
-CVE-2007-2273 (PHP remote file inclusion vulnerability in include/loading.php in ...)
+CVE-2007-2273
 	NOT-FOR-US: wavewoo
-CVE-2007-2272 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2272
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2007-2271 (Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS ...)
+CVE-2007-2271
 	NOT-FOR-US: TotaRam
-CVE-2007-2270 (The Linksys SPA941 VoIP Phone allows remote attackers to cause a ...)
+CVE-2007-2270
 	NOT-FOR-US: Linksys
-CVE-2007-2269 (Directory traversal vulnerability in top.php3 in SWsoft Plesk for ...)
+CVE-2007-2269
 	NOT-FOR-US: Plesk
-CVE-2007-2268 (Multiple directory traversal vulnerabilities in SWsoft Plesk for ...)
+CVE-2007-2268
 	NOT-FOR-US: Plesk
-CVE-2007-2267 (Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 ...)
+CVE-2007-2267
 	NOT-FOR-US: Sun Cluster
-CVE-2007-2266 (Progress Webspeed Messenger allows remote attackers to read, create, ...)
+CVE-2007-2266
 	NOT-FOR-US: Progress Webspeed Messenger
-CVE-2007-2265 (Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows ...)
+CVE-2007-2265
 	NOT-FOR-US: YA Book
-CVE-2007-2264 (Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and ...)
+CVE-2007-2264
 	NOT-FOR-US: RealPlayer
-CVE-2007-2263 (Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and ...)
+CVE-2007-2263
 	NOT-FOR-US: RealPlayer
-CVE-2007-2262 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2007-2262
 	NOT-FOR-US: jmuffin
-CVE-2007-2261 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2261
 	NOT-FOR-US: C-Arbre
-CVE-2007-2260 (Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta ...)
+CVE-2007-2260
 	NOT-FOR-US: bibtex mase
-CVE-2007-2259 (SQL injection vulnerability in forum.php in EsForum 3.0 allows remote ...)
+CVE-2007-2259
 	NOT-FOR-US: EsForum
-CVE-2007-2258 (PHP remote file inclusion vulnerability in includes/init.inc.php in ...)
+CVE-2007-2258
 	NOT-FOR-US: PHPMyBibli
-CVE-2007-2257 (PHP remote file inclusion vulnerability in subscp.php in Fully Modded ...)
+CVE-2007-2257
 	NOT-FOR-US: Fully Modded phpBB2
-CVE-2007-2256 (Cross-site scripting (XSS) vulnerability in you.php in TJSChat 0.95 ...)
+CVE-2007-2256
 	NOT-FOR-US: TJSChat
-CVE-2007-2255 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine ...)
+CVE-2007-2255
 	NOT-FOR-US: Download-Engine
-CVE-2007-2254 (PHP remote file inclusion vulnerability in admin/setup/level2.php in ...)
+CVE-2007-2254
 	NOT-FOR-US: PHP Classifieds
-CVE-2007-2253 (Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to ...)
+CVE-2007-2253
 	NOT-FOR-US: Exponent CMS
-CVE-2007-2252 (Directory traversal vulnerability in iconspopup.php in Exponent CMS ...)
+CVE-2007-2252
 	NOT-FOR-US: Exponent CMS
-CVE-2007-2251 (Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and ...)
+CVE-2007-2251
 	NOT-FOR-US: Xaraya
-CVE-2007-2250 (admin.php in Phorum before 5.1.22 allows remote attackers to obtain ...)
+CVE-2007-2250
 	NOT-FOR-US: Phorum
-CVE-2007-2249 (include/controlcenter/users.php in Phorum before 5.1.22 allows remote ...)
+CVE-2007-2249
 	NOT-FOR-US: Phorum
-CVE-2007-2248 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...)
+CVE-2007-2248
 	NOT-FOR-US: Phorum
-CVE-2007-2247 (SQL injection vulnerability in modules/news/article.php in phpMySpace ...)
+CVE-2007-2247
 	NOT-FOR-US: phpMySpace
-CVE-2007-2246 (Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running ...)
+CVE-2007-2246
 	NOT-FOR-US: HP-UX
-CVE-2007-2245 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2007-2245
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.1-1 (low)
 	NOTE: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4
-CVE-2007-2244 (Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator ...)
+CVE-2007-2244
 	NOT-FOR-US: Adobe Photoshop
-CVE-2007-2243 (OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is ...)
+CVE-2007-2243
 	- openssh <unfixed> (bug #436571; unimportant)
 	[etch] - openssh <no-dsa> (Minor issue)
 	[sarge] - openssh <no-dsa> (Minor issue)
-CVE-2007-2242 (The IPv6 protocol allows remote attackers to cause a denial of service ...)
+CVE-2007-2242
 	{DSA-1356-1}
 	- linux-2.6 2.6.21-1 (low; bug #421595)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (No security support for KFreeBSD)
 	NOTE: This should be off by default, tweakable by a simple knob.
 	NOTE: (FreeBSD has it turned on for hosts, too.)
-CVE-2007-2241 (Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 ...)
+CVE-2007-2241
 	- bind9 1:9.4.1-1 (medium)
 	[etch] - bind9 <not-affected> (Only 9.4/9.5 branches affected)
 	[sarge] - bind9 <not-affected> (Only 9.4/9.5 branches affected)
-CVE-2007-2240 (The IBM Lenovo Access Support acpRunner ActiveX control, as ...)
+CVE-2007-2240
 	NOT-FOR-US: IBM Lenovo Access Support acpRunner ActiveX control
-CVE-2007-2239 (Stack-based buffer overflow in the SaveBMP method in the AXIS Camera ...)
+CVE-2007-2239
 	NOT-FOR-US: AXIS Camera Control
-CVE-2007-2238 (Multiple stack-based buffer overflows in the Whale Client Components ...)
+CVE-2007-2238
 	NOT-FOR-US: Whale Client Components ActiveX control
-CVE-2007-2237 (Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows ...)
+CVE-2007-2237
 	NOT-FOR-US: Microsoft
-CVE-2007-2236 (footer.php in PunBB 1.2.14 and earlier allows remote attackers to ...)
+CVE-2007-2236
 	NOT-FOR-US: PunBB
-CVE-2007-2235 (Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 ...)
+CVE-2007-2235
 	NOT-FOR-US: PunBB
-CVE-2007-2234 (include/common.php in PunBB 1.2.14 and earlier does not properly ...)
+CVE-2007-2234
 	NOT-FOR-US: PunBB
-CVE-2007-2233 (cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote ...)
+CVE-2007-2233
 	NOT-FOR-US: CoSign
-CVE-2007-2232 (The CHECK command in Cosign 2.0.1 and earlier allows remote attackers ...)
+CVE-2007-2232
 	NOT-FOR-US: CoSign
-CVE-2007-2231 (Directory traversal vulnerability in index/mbox/mbox-storage.c in ...)
+CVE-2007-2231
 	{DSA-1359-1}
 	- dovecot 1.0.rc29-1
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
-CVE-2007-2230 (SQL injection vulnerability in CA Clever Path Portal allows remote ...)
+CVE-2007-2230
 	NOT-FOR-US: CA Clever Path
-CVE-2007-2229 (Microsoft Windows Vista uses insecure default permissions for ...)
+CVE-2007-2229
 	NOT-FOR-US: Microsoft
-CVE-2007-2228 (rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, ...)
+CVE-2007-2228
 	NOT-FOR-US: Windows
-CVE-2007-2227 (The MHTML protocol handler in Microsoft Outlook Express 6 and Windows ...)
+CVE-2007-2227
 	NOT-FOR-US: Microsoft
 CVE-2007-2226
 	REJECTED
-CVE-2007-2225 (A component in Microsoft Outlook Express 6 and Windows Mail in Windows ...)
+CVE-2007-2225
 	NOT-FOR-US: Microsoft
-CVE-2007-2224 (Object linking and embedding (OLE) Automation, as used in Microsoft ...)
+CVE-2007-2224
 	NOT-FOR-US: Microsoft
-CVE-2007-2223 (Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote ...)
+CVE-2007-2223
 	NOT-FOR-US: Microsoft XML
-CVE-2007-2222 (Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and ...)
+CVE-2007-2222
 	NOT-FOR-US: Microsoft
-CVE-2007-2221 (Unspecified vulnerability in the mdsauth.dll COM object in Microsoft ...)
+CVE-2007-2221
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-2220
 	REJECTED
-CVE-2007-2219 (Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, ...)
+CVE-2007-2219
 	NOT-FOR-US: Microsoft
-CVE-2007-2218 (Unspecified vulnerability in the Windows Schannel Security Package for ...)
+CVE-2007-2218
 	NOT-FOR-US: Microsoft
-CVE-2007-2217 (Kodak Image Viewer in Microsoft Windows 2000 SP4, and in some cases XP ...)
+CVE-2007-2217
 	NOT-FOR-US: Kodak Image Viewer
-CVE-2007-2216 (The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet ...)
+CVE-2007-2216
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-2215
 	REJECTED
-CVE-2007-2214 (Unrestricted file upload vulnerability in includes/upload_file.php in ...)
+CVE-2007-2214
 	NOT-FOR-US: DmCMS
-CVE-2007-2213 (Unspecified vulnerability in the Initialize function in ...)
+CVE-2007-2213
 	NOT-FOR-US: WS_FTP
-CVE-2007-2212 (Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka ...)
+CVE-2007-2212
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-2211 (SQL injection vulnerability in calendar.php in MyBB (aka ...)
+CVE-2007-2211
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-2210 (A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar ...)
+CVE-2007-2210
 	NOT-FOR-US: Netsprint
-CVE-2007-2209 (Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ...)
+CVE-2007-2209
 	NOT-FOR-US: AccuSoft
-CVE-2007-2208 (Multiple PHP remote file inclusion vulnerabilities in Extreme PHPBB2 ...)
+CVE-2007-2208
 	NOT-FOR-US: Extreme PHPBB2
-CVE-2007-2207 (SQL injection vulnerability in contact/index.php in Ripe Website ...)
+CVE-2007-2207
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-2206 (Cross-site scripting (XSS) vulnerability in contact/index.php in Ripe ...)
+CVE-2007-2206
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-2205 (PHP remote file inclusion vulnerability in modules/rtmessageadd.php in ...)
+CVE-2007-2205
 	NOT-FOR-US: LAN Management System
-CVE-2007-2204 (Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board ...)
+CVE-2007-2204
 	NOT-FOR-US: GPL PHP Board
-CVE-2007-2203 (Cross-site scripting (XSS) vulnerability in Big Blue Guestbook allows ...)
+CVE-2007-2203
 	NOT-FOR-US: Big Blue Guestbook
-CVE-2007-2202 (PHP remote file inclusion vulnerability in inc_ACVS/SOAP/Transport.php ...)
+CVE-2007-2202
 	NOT-FOR-US: Accueil et Conseil en Visites et Sejours Web Services
-CVE-2007-2201 (Multiple PHP remote file inclusion vulnerabilities in Post Revolution ...)
+CVE-2007-2201
 	NOT-FOR-US: Post Revolution
-CVE-2007-2200 (Directory traversal vulnerability in navigator/navigator_ok.php in ...)
+CVE-2007-2200
 	NOT-FOR-US: Pagode
-CVE-2007-2199 (PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka ...)
+CVE-2007-2199
 	NOT-FOR-US: Joomla!
-CVE-2007-2198 (Cross-site scripting (XSS) vulnerability in LAN Management System ...)
+CVE-2007-2198
 	NOT-FOR-US: LAN Management System
-CVE-2007-2197 (Race condition in the NeatUpload ASP.NET component 1.2.11 through ...)
+CVE-2007-2197
 	NOT-FOR-US: NeatUpload
-CVE-2007-2196 (** DISPUTED ** ...)
+CVE-2007-2196
 	NOT-FOR-US: Jambook module for Mambo and Joomla
-CVE-2007-2195 (aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers ...)
+CVE-2007-2195
 	- amsn <not-affected> (Appears bogus, no such port is opened; bug #557754)
-CVE-2007-2194 (Stack-based buffer overflow in XnView 1.90.3 allows user-assisted ...)
+CVE-2007-2194
 	NOT-FOR-US: XnView
-CVE-2007-2193 (Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build ...)
+CVE-2007-2193
 	NOT-FOR-US: ACDSee
-CVE-2007-2192 (Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted ...)
+CVE-2007-2192
 	NOT-FOR-US: Photofiltre
-CVE-2007-2191 (Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x ...)
+CVE-2007-2191
 	NOT-FOR-US: freePBX
-CVE-2007-2190 (PHP remote file inclusion vulnerability in admin/public/webpages.php ...)
+CVE-2007-2190
 	NOT-FOR-US: Eba News
-CVE-2007-2189 (PHP remote file inclusion vulnerability in admin/admin_album_otf.php ...)
+CVE-2007-2189
 	NOT-FOR-US: mxBB Smartor Album
-CVE-2007-2188 (eXtremail 2.1.1 and earlier does not verify the ID field (aka ...)
+CVE-2007-2188
 	NOT-FOR-US: eXtremail
-CVE-2007-2187 (Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows ...)
+CVE-2007-2187
 	NOT-FOR-US: eXtremail
-CVE-2007-2186 (Foxit Reader 2.0 allows remote attackers to cause a denial of service ...)
+CVE-2007-2186
 	NOT-FOR-US: Foxit Reader
-CVE-2007-2185 (Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b ...)
+CVE-2007-2185
 	NOT-FOR-US: Supasite
-CVE-2007-2184 (Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 ...)
+CVE-2007-2184
 	NOT-FOR-US: jchit
-CVE-2007-2183 (SQL injection vulnerability in index.php in PHP-Ring Webring System ...)
+CVE-2007-2183
 	NOT-FOR-US: PHP-Ring Webring System
-CVE-2007-2182 (Unrestricted file upload vulnerability in forum_write.php in Maran PHP ...)
+CVE-2007-2182
 	NOT-FOR-US: Maran PHP Forum
-CVE-2007-2181 (PHP remote file inclusion vulnerability in admin/login.php in Webinsta ...)
+CVE-2007-2181
 	NOT-FOR-US: WEBInsta
-CVE-2007-2180 (Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote ...)
+CVE-2007-2180
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2007-2179 (Multiple unspecified vulnerabilities in IXceedCompression in ...)
+CVE-2007-2179
 	NOT-FOR-US: RaidenFTPD
-CVE-2007-2178 (Multiple unspecified vulnerabilities in Objective Development Sharity ...)
+CVE-2007-2178
 	NOT-FOR-US: Sharity
-CVE-2007-2177 (Stack-based buffer overflow in the Microgaming Download Helper ActiveX ...)
+CVE-2007-2177
 	NOT-FOR-US: Microgaming Download Helper
-CVE-2007-2176 (Unspecified vulnerability in Mozilla Firefox allows remote attackers ...)
+CVE-2007-2176
 	NOT-FOR-US: Related to Apple QuickTime as well, no information about Mozilla being affected is available
-CVE-2007-2175 (Apple QuickTime Java extensions (QTJava.dll), as used in Safari and ...)
+CVE-2007-2175
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2174 (The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal ...)
+CVE-2007-2174
 	NOT-FOR-US: ZoneAlarm
-CVE-2007-2173 (Eval injection vulnerability in (1) courier-imapd.indirect and (2) ...)
+CVE-2007-2173
 	NOT-FOR-US: Gentoo's packaging of courier
-CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 ...)
+CVE-2007-2172
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1363-1 DSA-1356-1}
 	- linux-2.6 2.6.21-1 (medium)
-CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in ...)
+CVE-2007-2171
 	NOT-FOR-US: Novell GroupWise
-CVE-2007-2170 (The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not ...)
+CVE-2007-2170
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2007-2169 (Static code injection vulnerability in add.php in Mozzers SubSystem ...)
+CVE-2007-2169
 	NOT-FOR-US: Mozzers SubSystem
-CVE-2007-2168 (Static code injection vulnerability in process.php in AimStats 3.2 and ...)
+CVE-2007-2168
 	NOT-FOR-US: AimStats
-CVE-2007-2167 (Static code injection vulnerability in process.php in AimStats 3.2 ...)
+CVE-2007-2167
 	NOT-FOR-US: AimStats
-CVE-2007-2166 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2166
 	NOT-FOR-US: OpenSurveyPilot
-CVE-2007-2165 (The Auth API in ProFTPD before 20070417, when multiple simultaneous ...)
+CVE-2007-2165
 	- proftpd 1.3.0-24 (low)
 	[sarge] - proftpd <no-dsa> (Minor issue)
 	- proftpd-dfsg 1.3.0-24 (low)
 	[etch] - proftpd-dfsg 1.3.0-19etch1
 	NOTE: Minor issue Fixed in 4.0r4 point release
-CVE-2007-2164 (Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial ...)
+CVE-2007-2164
 	- kdelibs <unfixed> (unimportant)
 	NOTE: Browser crashes are not treated as security problems
-CVE-2007-2163 (Apple Safari allows remote attackers to cause a denial of service ...)
+CVE-2007-2163
 	NOT-FOR-US: Apple Safari
-CVE-2007-2162 ((1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote ...)
+CVE-2007-2162
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes are not treated as security problems
-CVE-2007-2161 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...)
+CVE-2007-2161
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-2160 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2007-2160
 	NOT-FOR-US: dba module for Drupal
-CVE-2007-2159 (Multiple cross-site scripting (XSS) vulnerabilities in the Database ...)
+CVE-2007-2159
 	NOT-FOR-US: dba module for Drupal
-CVE-2007-2158 (PHP remote file inclusion vulnerability in index.php in jGallery 1.3 ...)
+CVE-2007-2158
 	NOT-FOR-US: jGallery
-CVE-2007-2157 (Directory traversal vulnerability in upload/force_download.php in ...)
+CVE-2007-2157
 	NOT-FOR-US: Zomplog
-CVE-2007-2156 (Multiple PHP remote file inclusion vulnerabilities in Rezervi Generic ...)
+CVE-2007-2156
 	NOT-FOR-US: Rezervi Generic
-CVE-2007-2155 (Directory traversal vulnerability in template.php in in phpFaber ...)
+CVE-2007-2155
 	NOT-FOR-US: phpFaber TopSites
-CVE-2007-2154 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2154
 	NOT-FOR-US: Cabron Connector
-CVE-2007-2153 (Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 ...)
+CVE-2007-2153
 	NOT-FOR-US: @Mail
-CVE-2007-2152 (Buffer overflow in the On-Access Scanner in McAfee VirusScan ...)
+CVE-2007-2152
 	NOT-FOR-US: McAfee VirusScan Enterprise
-CVE-2007-2151 (The administration server in McAfee e-Business Server before 8.1.1 and ...)
+CVE-2007-2151
 	NOT-FOR-US: McAfee
-CVE-2007-2150 (BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware 4.2.944b ...)
+CVE-2007-2150
 	NOT-FOR-US: BlueArc
-CVE-2007-2149 (Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores ...)
+CVE-2007-2149
 	NOT-FOR-US: Chatness
-CVE-2007-2148 (Direct static code injection vulnerability in admin/save.php in ...)
+CVE-2007-2148
 	NOT-FOR-US: Chatness
-CVE-2007-2147 (admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and ...)
+CVE-2007-2147
 	NOT-FOR-US: Chatness
-CVE-2007-2146 (The imagecomments function in classes.php in MiniGal b13 allow remote ...)
+CVE-2007-2146
 	NOT-FOR-US: MiniGal
-CVE-2007-2145 (The imagecomments function in classes.php in MiniGal b13 allows remote ...)
+CVE-2007-2145
 	NOT-FOR-US: MiniGal
-CVE-2007-2144 (PHP remote file inclusion vulnerability in includes/CAltInstaller.php ...)
+CVE-2007-2144
 	NOT-FOR-US: JoomlaPack
-CVE-2007-2143 (PHP remote file inclusion vulnerability in index.php in the Be2004-2 ...)
+CVE-2007-2143
 	NOT-FOR-US: Be2004-2 template for Joomla
-CVE-2007-2142 (Multiple PHP remote file inclusion vulnerabilities in AjPortal2Php ...)
+CVE-2007-2142
 	NOT-FOR-US: AjPortal2Php
-CVE-2007-2141 (Direct static code injection vulnerability in shoutbox.php in ShoutPro ...)
+CVE-2007-2141
 	NOT-FOR-US: ShoutPro
-CVE-2007-2140 (PHP remote file inclusion vulnerability in everything.php in Franklin ...)
+CVE-2007-2140
 	NOT-FOR-US: Flip-search-add-on
-CVE-2007-2139 (Multiple stack-based buffer overflows in the SUN RPC service in CA ...)
+CVE-2007-2139
 	NOT-FOR-US: CA BrightStor
-CVE-2007-2137 (Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express ...)
+CVE-2007-2137
 	NOT-FOR-US: Tivoli
-CVE-2007-2136 (Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol ...)
+CVE-2007-2136
 	NOT-FOR-US: BMC Patrol PerformAgent
-CVE-2007-2135 (The ADI_BINARY component in the Oracle E-Business Suite allows remote ...)
+CVE-2007-2135
 	NOT-FOR-US: Oracle
-CVE-2007-2134 (Unspecified vulnerability in the HTML Server in Oracle JD Edwards ...)
+CVE-2007-2134
 	NOT-FOR-US: Oracle
-CVE-2007-2133 (Unspecified vulnerability in the PeopleSoft Enterprise Human Capital ...)
+CVE-2007-2133
 	NOT-FOR-US: Oracle
-CVE-2007-2132 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2007-2132
 	NOT-FOR-US: Oracle
-CVE-2007-2131 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft ...)
+CVE-2007-2131
 	NOT-FOR-US: Oracle
-CVE-2007-2130 (Unspecified vulnerability in Workflow Cartridge, as used in Oracle ...)
+CVE-2007-2130
 	NOT-FOR-US: Oracle
-CVE-2007-2129 (Unspecified vulnerability in the Agent component in Oracle Enterprise ...)
+CVE-2007-2129
 	NOT-FOR-US: Oracle
-CVE-2007-2128 (Unspecified vulnerability in the Sales Online component for Oracle ...)
+CVE-2007-2128
 	NOT-FOR-US: Oracle
-CVE-2007-2127 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 ...)
+CVE-2007-2127
 	NOT-FOR-US: Oracle
-CVE-2007-2126 (Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has ...)
+CVE-2007-2126
 	NOT-FOR-US: Oracle
-CVE-2007-2125 (Unspecified vulnerability in Collaborative Workspace in Oracle ...)
+CVE-2007-2125
 	NOT-FOR-US: Oracle
-CVE-2007-2124 (Unspecified vulnerability in the Portal component in Oracle ...)
+CVE-2007-2124
 	NOT-FOR-US: Oracle
-CVE-2007-2123 (Unspecified vulnerability in the Portal component in Oracle ...)
+CVE-2007-2123
 	NOT-FOR-US: Oracle
-CVE-2007-2122 (Unspecified vulnerability in the Wireless component in Oracle ...)
+CVE-2007-2122
 	NOT-FOR-US: Oracle
-CVE-2007-2121 (Unspecified vulnerability in the COREid Access component in Oracle ...)
+CVE-2007-2121
 	NOT-FOR-US: Oracle
-CVE-2007-2120 (The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, ...)
+CVE-2007-2120
 	NOT-FOR-US: Oracle
-CVE-2007-2119 (Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the ...)
+CVE-2007-2119
 	NOT-FOR-US: Oracle
-CVE-2007-2118 (Unspecified vulnerability in the Upgrade/Downgrade component of Oracle ...)
+CVE-2007-2118
 	NOT-FOR-US: Oracle
-CVE-2007-2117 (Unspecified vulnerability in the Oracle Text component in Oracle ...)
+CVE-2007-2117
 	NOT-FOR-US: Oracle
-CVE-2007-2116 (Unspecified vulnerability in the Advanced Replication component in ...)
+CVE-2007-2116
 	NOT-FOR-US: Oracle
-CVE-2007-2115 (Unspecified vulnerability in the Change Data Capture (CDC) component ...)
+CVE-2007-2115
 	NOT-FOR-US: Oracle
-CVE-2007-2114 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and ...)
+CVE-2007-2114
 	NOT-FOR-US: Oracle
-CVE-2007-2113 (SQL injection vulnerability in the Upgrade/Downgrade component ...)
+CVE-2007-2113
 	NOT-FOR-US: Oracle
-CVE-2007-2112 (Unspecified vulnerability in the Authentication component for Oracle ...)
+CVE-2007-2112
 	NOT-FOR-US: Oracle
-CVE-2007-2111 (SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in ...)
+CVE-2007-2111
 	NOT-FOR-US: Oracle
-CVE-2007-2110 (Unspecified vulnerability in the Core RDBMS component for Oracle ...)
+CVE-2007-2110
 	NOT-FOR-US: Oracle
-CVE-2007-2109 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have ...)
+CVE-2007-2109
 	NOT-FOR-US: Oracle
-CVE-2007-2108 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2007-2108
 	NOT-FOR-US: Oracle
 CVE-2007-XXXX [buffer overflow in mixmaster importing type 2 messages]
 	- mixmaster 3.0b2-5 (low; bug #418662)
@@ -11082,571 +11082,571 @@ CVE-2007-XXXX [heap-based buffer overflow in git-blame with long file names]
 	NOTE: http://git.kernel.org/?p=git/git.git;a=commit;h=1bb88be99e4fdedcd5cc5292c11b566a00028deb
 	NOTE: http://git.kernel.org/?p=git/git.git;a=commitdiff;h=1cfe77333f274c9ba9879c2eb61057a790eb050f
 	NOTE: http://git.kernel.org/?p=git/git.git;a=tag;h=ae9ced19800491a5d80de5ee36bc07d68868a4dd
-CVE-2007-2138 (Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x ...)
+CVE-2007-2138
 	{DSA-1311-1 DSA-1309-1}
 	- postgresql-8.2 8.2.4-1
 	- postgresql-8.1 8.1.9-1
 	- postgresql-7.4 1:7.4.17-1
-CVE-2007-2107 (SQL injection vulnerability in visit.php in the Rha7 Downloads ...)
+CVE-2007-2107
 	NOT-FOR-US: Rha7 Downloads
-CVE-2007-2106 (Directory traversal vulnerability in index.php in Kai Content ...)
+CVE-2007-2106
 	NOT-FOR-US: Kai Content Management System
-CVE-2007-2105 (Directory traversal vulnerability in admin/index.php in Monkey CMS ...)
+CVE-2007-2105
 	NOT-FOR-US: Monkey CMS
-CVE-2007-2104 (Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow ...)
+CVE-2007-2104
 	NOT-FOR-US: iXon CMS
-CVE-2007-2103 (Multiple PHP remote file inclusion vulnerabilities in my little forum ...)
+CVE-2007-2103
 	NOT-FOR-US: my little forum
-CVE-2007-2102 (Cross-site scripting (XSS) vulnerability in weblog.php in my little ...)
+CVE-2007-2102
 	NOT-FOR-US: my little weblog
-CVE-2007-2101 (FAC Guestbook 3.01 stores sensitive information under the web root ...)
+CVE-2007-2101
 	NOT-FOR-US: FAC Guestbook
-CVE-2007-2100 (FAC Guestbook 2.0 stores sensitive information under the web root with ...)
+CVE-2007-2100
 	NOT-FOR-US: FAC Guestbook
-CVE-2007-2099 (Cross-site scripting (XSS) vulnerability in htdocs/php.php in ...)
+CVE-2007-2099
 	NOT-FOR-US: OpenConcept Back-End CMS
-CVE-2007-2098 (Multiple cross-site scripting (XSS) vulnerabilities in showpic.php in ...)
+CVE-2007-2098
 	NOT-FOR-US: Wabbit PHP Gallery
-CVE-2007-2097 (** DISPUTED ** ...)
+CVE-2007-2097
 	NOT-FOR-US: OpenConcept Back-End CMS
-CVE-2007-2096 (PHP remote file inclusion vulnerability in common.php in Hinton Design ...)
+CVE-2007-2096
 	NOT-FOR-US: PHPHD Download System
-CVE-2007-2095 (PHP remote file inclusion vulnerability in chat.php in MySpeach 1.9 ...)
+CVE-2007-2095
 	NOT-FOR-US: MySpeach
-CVE-2007-2094 (PHP remote file inclusion vulnerability in index.php in Anthologia ...)
+CVE-2007-2094
 	NOT-FOR-US: Anthologia
-CVE-2007-2093 (Direct static code injection vulnerability in index.php in Limesoft ...)
+CVE-2007-2093
 	NOT-FOR-US: Limesoft Guestbook
-CVE-2007-2092 (Direct static code injection vulnerability in index.php in Limesoft ...)
+CVE-2007-2092
 	NOT-FOR-US: Limesoft Guestbook
-CVE-2007-2091 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2091
 	NOT-FOR-US: tsdisplay4xoops
-CVE-2007-2090 (Cross-site scripting (XSS) vulnerability in index.php in TuMusika ...)
+CVE-2007-2090
 	NOT-FOR-US: TuMusika Evolution
-CVE-2007-2089 (Multiple PHP remote file inclusion vulnerabilities in the Jx ...)
+CVE-2007-2089
 	NOT-FOR-US: Jx Development Article component for Mambo and Joomla
-CVE-2007-2088 (Multiple PHP remote file inclusion vulnerabilities in Sitebar 3.3.5 ...)
+CVE-2007-2088
 	- sitebar 3.3.8-7 (low)
 	NOTE: this was register globals only and is fixed in Debian anyway
-CVE-2007-2087 (Multiple PHP remote file inclusion vulnerabilities in CNStats 2.12, ...)
+CVE-2007-2087
 	NOT-FOR-US: CNStats
-CVE-2007-2086 (Multiple PHP remote file inclusion vulnerabilities in CNStats 2.9 ...)
+CVE-2007-2086
 	NOT-FOR-US: CNStats
-CVE-2007-2085 (Cross-site scripting (XSS) vulnerability in oe2edit.cgi in oe2edit CMS ...)
+CVE-2007-2085
 	NOT-FOR-US: oe2edit CMS
-CVE-2007-2084 (** DISPUTED ** ...)
+CVE-2007-2084
 	NOT-FOR-US: MobilePublisherphp
-CVE-2007-2083 (vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 ...)
+CVE-2007-2083
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2007-2082 (Direct static code injection vulnerability in admin/settings.php in ...)
+CVE-2007-2082
 	NOT-FOR-US: MyBlog
-CVE-2007-2081 (MyBlog 0.9.8 and earlier allows remote attackers to bypass ...)
+CVE-2007-2081
 	NOT-FOR-US: MyBlog
-CVE-2007-2080 (Multiple SQL injection vulnerabilities in XAMPP 1.6.0a for Windows ...)
+CVE-2007-2080
 	NOT-FOR-US: XAMPP
-CVE-2007-2079 (The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and ...)
+CVE-2007-2079
 	NOT-FOR-US: XAMPP
-CVE-2007-2078 (** DISPUTED ** ...)
+CVE-2007-2078
 	NOT-FOR-US: Maian Weblog
-CVE-2007-2077 (PHP remote file inclusion vulnerability in search.php in Maian Search ...)
+CVE-2007-2077
 	NOT-FOR-US: Maian Search
-CVE-2007-2076 (PHP remote file inclusion vulnerability in index.php in Maian Gallery ...)
+CVE-2007-2076
 	NOT-FOR-US: Maian Gallery
-CVE-2007-2075 (ScramDisk 4 Linux before 1.0-1 does not perform permission checks on ...)
+CVE-2007-2075
 	NOT-FOR-US: ScramDisk
-CVE-2007-2074 (Certain programs in containers in ScramDisk 4 Linux before 1.0-1 ...)
+CVE-2007-2074
 	NOT-FOR-US: ScramDisk
-CVE-2007-2073 (PHP remote file inclusion vulnerability in index.php in Ivan Gallery ...)
+CVE-2007-2073
 	NOT-FOR-US: Ivan Gallery Script
-CVE-2007-2072 (** DISPUTED ** ...)
+CVE-2007-2072
 	NOT-FOR-US: Ivan Gallery Script
-CVE-2007-2071 (Multiple cross-site scripting (XSS) vulnerabilities in Open-gorotto ...)
+CVE-2007-2071
 	NOT-FOR-US: Open-gorotto
-CVE-2007-2070 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web ...)
+CVE-2007-2070
 	NOT-FOR-US: SunShop Shopping Cart
-CVE-2007-2069 (Directory traversal vulnerability in scr/soustab.php in openMairie ...)
+CVE-2007-2069
 	NOT-FOR-US: openMairie
-CVE-2007-2068 (Multiple PHP remote file inclusion vulnerabilities in the StoreFront ...)
+CVE-2007-2068
 	NOT-FOR-US: StoreFront extension for Gallery
-CVE-2007-2067 (Multiple PHP remote file inclusion vulnerabilities in Marco Antonio ...)
+CVE-2007-2067
 	NOT-FOR-US: WebSlider
-CVE-2007-2066 (UseBB before 1.0.6 allows remote attackers to obtain sensitive ...)
+CVE-2007-2066
 	NOT-FOR-US: UseBB
-CVE-2007-2065 (PHP remote file inclusion vulnerability in db/PollDB.php in Robert ...)
+CVE-2007-2065
 	NOT-FOR-US: ActionPoll
-CVE-2007-2064 (Multiple PHP remote file inclusion vulnerabilities in Robert ...)
+CVE-2007-2064
 	NOT-FOR-US: ActionPoll
-CVE-2007-2063 (SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure ...)
+CVE-2007-2063
 	NOT-FOR-US: IBM zOS
-CVE-2007-2062 (Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows ...)
+CVE-2007-2062
 	NOT-FOR-US: VCDGear
-CVE-2007-2061 (Cross-site scripting (XSS) vulnerability in check_login.asp in ...)
+CVE-2007-2061
 	NOT-FOR-US: MailBee WebMail Pro
-CVE-2007-2060 (Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 ...)
+CVE-2007-2060
 	NOT-FOR-US: Wizz RSS Reader
-CVE-2007-2059 (Multiple buffer overflows in the ESA protocol implementation in ...)
+CVE-2007-2059
 	NOT-FOR-US: eIQnetworks Enterprise Security Analyzer
-CVE-2007-2058 (Directory traversal vulnerability in Acubix PicoZip 4.02 allows ...)
+CVE-2007-2058
 	NOT-FOR-US: Acubix PicoZip
-CVE-2007-2057 (Stack-based buffer overflow in aircrack-ng airodump-ng 0.7 allows ...)
+CVE-2007-2057
 	{DSA-1280-1 DTSA-35-1}
 	- aircrack-ng 1:0.7-3 (medium)
 	NOTE: http://trac.aircrack-ng.org/changeset/288
 CVE-2007-2056
 	REJECTED
-CVE-2007-2055 (AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary ...)
+CVE-2007-2055
 	NOT-FOR-US: AFFLIB
-CVE-2007-2054 (Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow ...)
+CVE-2007-2054
 	NOT-FOR-US: AFFLIB
-CVE-2007-2053 (Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow ...)
+CVE-2007-2053
 	NOT-FOR-US: AFFLIB
-CVE-2007-2052 (Off-by-one error in the PyLocale_strxfrm function in ...)
+CVE-2007-2052
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.4-3 (bug #416931; low)
 	- python2.5 2.5.1-1 (bug #416934; low)
 	- python2.3 <removed> (low)
-CVE-2007-2051 (Buffer overflow in the parsecmd function in bftpd before 1.8 has ...)
+CVE-2007-2051
 	NOT-FOR-US: bftpd
-CVE-2007-2050 (Multiple directory traversal vulnerabilities in header.php in ...)
+CVE-2007-2050
 	NOT-FOR-US: RicarGBooK
-CVE-2007-2049 (Multiple PHP remote file inclusion vulnerabilities in the Calendar ...)
+CVE-2007-2049
 	NOT-FOR-US: Calendar Module for Mambo
-CVE-2007-2048 (Directory traversal vulnerability in /console in the Management ...)
+CVE-2007-2048
 	NOT-FOR-US: webMethods Glue
-CVE-2007-2047 (CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 ...)
+CVE-2007-2047
 	NOT-FOR-US: Openads
-CVE-2007-2046 (Multiple CRLF injection vulnerabilities in adclick.php in (a) Openads ...)
+CVE-2007-2046
 	NOT-FOR-US: Openads
-CVE-2007-2045 (Unspecified vulnerability in the IP implementation in Sun Solaris 8 ...)
+CVE-2007-2045
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2044 (PHP remote file inclusion vulnerability in mod_weather.php in the ...)
+CVE-2007-2044
 	NOT-FOR-US: Weather module for Mambo and Joomla
-CVE-2007-2043 (Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde ...)
+CVE-2007-2043
 	NOT-FOR-US: MOSMedia Lite
-CVE-2007-2042 (Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde ...)
+CVE-2007-2042
 	NOT-FOR-US: MOSMedia Lite
-CVE-2007-2041 (Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ...)
+CVE-2007-2041
 	NOT-FOR-US: Cisco
-CVE-2007-2040 (Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points ...)
+CVE-2007-2040
 	NOT-FOR-US: Cisco
-CVE-2007-2039 (The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller ...)
+CVE-2007-2039
 	NOT-FOR-US: Cisco
-CVE-2007-2038 (The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller ...)
+CVE-2007-2038
 	NOT-FOR-US: Cisco
-CVE-2007-2037 (Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x ...)
+CVE-2007-2037
 	NOT-FOR-US: Cisco
-CVE-2007-2036 (The SNMP implementation in the Cisco Wireless LAN Controller (WLC) ...)
+CVE-2007-2036
 	NOT-FOR-US: Cisco
-CVE-2007-2035 (Cisco Wireless Control System (WCS) before 4.0.66.0 stores sensitive ...)
+CVE-2007-2035
 	NOT-FOR-US: Cisco
-CVE-2007-2034 (Unspecified vulnerability in Cisco Wireless Control System (WCS) ...)
+CVE-2007-2034
 	NOT-FOR-US: Cisco
-CVE-2007-2033 (Unspecified vulnerability in Cisco Wireless Control System (WCS) ...)
+CVE-2007-2033
 	NOT-FOR-US: Cisco
-CVE-2007-2032 (Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded ...)
+CVE-2007-2032
 	NOT-FOR-US: Cisco
-CVE-2007-2031 (Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, ...)
+CVE-2007-2031
 	NOT-FOR-US: 3proxy
-CVE-2007-2030 (lharc.c in lha does not securely create temporary files, which might ...)
+CVE-2007-2030
 	- lha 1.14i-10.2 (bug #437621; low)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2007-2029 (File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) ...)
+CVE-2007-2029
 	{DSA-1281-1 DTSA-37-1}
 	- clamav 0.90.2-1 (low; bug #418849)
 	NOTE: closed report: https://bugzilla.clamav.net/show_bug.cgi?id=459
 	NOTE: Commit r3021 looks as if it's just a null pointer dereference.
-CVE-2007-2028 (Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to ...)
+CVE-2007-2028
 	- freeradius 1.1.6-1 (low)
 	[sarge] - freeradius <no-dsa> (Minor issue)
 	[etch] - freeradius <no-dsa> (Minor issue)
-CVE-2007-2027 (Untrusted search path vulnerability in the add_filename_to_string ...)
+CVE-2007-2027
 	- elinks 0.11.1-1.4 (bug #417789; low)
 	[sarge] - elinks <no-dsa> (Hardly exploitable)
 	[etch] - elinks <no-dsa> (Hardly exploitable)
 	NOTE: Unrealistic attack vector, no evidence code injection is possible
-CVE-2007-2026 (The gnu regular expression code in file 4.20 allows context-dependent ...)
+CVE-2007-2026
 	- file 4.20-6 (low)
 	[etch] - file 4.17-5etch3
 	[sarge] - file <not-affected> (version too old)
-CVE-2007-2025 (Unrestricted file upload vulnerability in the UpLoad feature ...)
+CVE-2007-2025
 	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (bug #441390)
-CVE-2007-2024 (Unrestricted file upload vulnerability in the UpLoad feature ...)
+CVE-2007-2024
 	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (bug #441390)
-CVE-2007-2023 (USB20.dll in Secustick USB flash drive decouples the authorization and ...)
+CVE-2007-2023
 	NOT-FOR-US: Secustick USB flash drive
-CVE-2007-2022 (Adobe Macromedia Flash Player 7 and 9, when used with Opera before ...)
+CVE-2007-2022
 	- flashplugin-nonfree 9.0.48.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Non-free not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Non-free not supported)
 	NOTE: Flash Plugin has a vulnerablity, which will only be disclosed in a few months
 	NOTE: Some browser vendors produce updates, which fix this issue on the browser side,
 	NOTE: but that it not of concern for Debian
-CVE-2007-2021 (Multiple PHP remote file inclusion vulnerabilities in Pineapple ...)
+CVE-2007-2021
 	NOT-FOR-US: Pineapple Technologies Lore
-CVE-2007-2020 (** DISPUTED ** ...)
+CVE-2007-2020
 	NOT-FOR-US: xodagallery
-CVE-2007-2019 (PHP remote file inclusion vulnerability in init.gallery.php in ...)
+CVE-2007-2019
 	NOT-FOR-US: phpGalleryScript
-CVE-2007-2018 (SQL injection vulnerability in msg.php in AlstraSoft Video Share ...)
+CVE-2007-2018
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-2017 (siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not ...)
+CVE-2007-2017
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-2016 (Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in ...)
+CVE-2007-2016
 	- phpmyadmin 4:2.6.2-3 (unimportant)
-CVE-2007-2015 (PHP remote file inclusion vulnerability in index.php in Request It ...)
+CVE-2007-2015
 	NOT-FOR-US: Request It
-CVE-2007-2014 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-2014
 	NOT-FOR-US: MyNews
-CVE-2007-2013 (Cross-site scripting (XSS) vulnerability in index.php in JEx-Treme ...)
+CVE-2007-2013
 	NOT-FOR-US: Passworschutz
-CVE-2007-2012 (Multiple directory traversal vulnerabilities in MimarSinan CompreXX ...)
+CVE-2007-2012
 	NOT-FOR-US: CompreXX
-CVE-2007-2011 (Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 ...)
+CVE-2007-2011
 	NOT-FOR-US: DeskPro
-CVE-2007-2010 (Double free vulnerability in bftpd before 1.8 allows remote ...)
+CVE-2007-2010
 	NOT-FOR-US: bftpd
-CVE-2007-2009 (PHP remote file inclusion vulnerability in index.php in SimpCMS Light ...)
+CVE-2007-2009
 	NOT-FOR-US: SimpCMS Light
-CVE-2007-2008 (Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 ...)
+CVE-2007-2008
 	NOT-FOR-US: pL-PHP
-CVE-2007-2007 (admin.php in pL-PHP beta 0.9 allows remote attackers to bypass ...)
+CVE-2007-2007
 	NOT-FOR-US: pL-PHP
-CVE-2007-2006 (Multiple SQL injection vulnerabilities in login.php in pL-PHP beta 0.9 ...)
+CVE-2007-2006
 	NOT-FOR-US: pL-PHP
-CVE-2007-2005 (Multiple PHP remote file inclusion vulnerabilities in the Taskhopper ...)
+CVE-2007-2005
 	NOT-FOR-US: Taskhopper component for Mambo and Joomla
-CVE-2007-2004 (Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 ...)
+CVE-2007-2004
 	NOT-FOR-US: InoutMailingListManager
-CVE-2007-2003 (InoutMailingListManager 3.1 and earlier sends a Location redirect ...)
+CVE-2007-2003
 	NOT-FOR-US: InoutMailingListManager
-CVE-2007-2002 (InoutMailingListManager 3.1 and earlier allows remote attackers to ...)
+CVE-2007-2002
 	NOT-FOR-US: InoutMailingListManager
-CVE-2007-2001 (Multiple direct static code injection vulnerabilities in ...)
+CVE-2007-2001
 	NOT-FOR-US: Crea-Book
-CVE-2007-2000 (Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book ...)
+CVE-2007-2000
 	NOT-FOR-US: Crea-Book
-CVE-2007-1999 (PHP remote file inclusion vulnerability in index.php in Weatimages ...)
+CVE-2007-1999
 	NOT-FOR-US: Weatimages
-CVE-2007-1998 (Direct static code injection vulnerability in HIOX Guest Book (HGB) ...)
+CVE-2007-1998
 	NOT-FOR-US: HIOX Guest Book
-CVE-2007-1997 (Integer signedness error in the (1) cab_unstore and (2) cab_extract ...)
+CVE-2007-1997
 	{DSA-1281-1 DTSA-37-1}
 	- clamav 0.90.2-1 (high)
-CVE-2007-1996 (PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, ...)
+CVE-2007-1996
 	NOT-FOR-US: CodeBreak
-CVE-2007-1995 (bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier ...)
+CVE-2007-1995
 	{DSA-1293-1}
 	- quagga 0.99.6-5 (low; bug #418323)
 	NOTE: The attributes are non-transitive, which means that they
 	NOTE: are not propagated via BGP and therefore must originate
 	NOTE: from a peer (which is explicitly configured).
-CVE-2007-1994 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
+CVE-2007-1994
 	NOT-FOR-US: HP-UX ARPA transport
-CVE-2007-1993 (Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File ...)
+CVE-2007-1993
 	NOT-FOR-US: HP-UX Portable File System
-CVE-2007-1992 (Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 ...)
+CVE-2007-1992
 	NOT-FOR-US: com_zoom
-CVE-2007-1991 (Cross-site scripting (XSS) vulnerability in mail/signup.asp in ...)
+CVE-2007-1991
 	NOT-FOR-US: CmailServer WebMail
-CVE-2007-1990 (PHP remote file inclusion vulnerability in games.php in Sam Crew ...)
+CVE-2007-1990
 	NOT-FOR-US: MyBlog
-CVE-2007-1989 (Multiple cross-site scripting (XSS) vulnerabilities in DotClear before ...)
+CVE-2007-1989
 	NOT-FOR-US: DotClear
-CVE-2007-1988 (Cross-site scripting (XSS) vulnerability in kernel/filters.inc.php in ...)
+CVE-2007-1988
 	NOT-FOR-US: PHPEcho CMS
-CVE-2007-1987 (** DISPUTED ** ...)
+CVE-2007-1987
 	NOT-FOR-US: PHPEcho CMS
-CVE-2007-1986 (Multiple PHP remote file inclusion vulnerabilities in barnraiser ...)
+CVE-2007-1986
 	NOT-FOR-US: AROUNDMe
-CVE-2007-1985 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2007-1985
 	NOT-FOR-US: phpexplorator
-CVE-2007-1984 (PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 ...)
+CVE-2007-1984
 	NOT-FOR-US: lite-cms
-CVE-2007-1983 (PHP remote file inclusion vulnerability in include/default_header.php ...)
+CVE-2007-1983
 	NOT-FOR-US: Cyboards PHP Lite
-CVE-2007-1982 (Multiple PHP remote file inclusion vulnerabilities in Really Simple ...)
+CVE-2007-1982
 	NOT-FOR-US: Really Simple PHP and Ajax
-CVE-2007-1981 (The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on ...)
+CVE-2007-1981
 	NOT-FOR-US: Metamod-P
-CVE-2007-1980 (SQL injection vulnerability in index.php in the Topliste 1.0 module ...)
+CVE-2007-1980
 	NOT-FOR-US: Topliste module for PHP-Fusion
-CVE-2007-1979 (SQL injection vulnerability in index.php in the PopnupBlog 2.52 and ...)
+CVE-2007-1979
 	NOT-FOR-US: PopnupBlog module for Xoops
-CVE-2007-1978 (SQL injection vulnerability in index.php in the Arcade 1.00 module for ...)
+CVE-2007-1978
 	NOT-FOR-US: Arcade module for PHP-Fusion
-CVE-2007-1977 (Cross-site scripting (XSS) vulnerability in index_cms.php in holaCMS ...)
+CVE-2007-1977
 	NOT-FOR-US: holaCMS
-CVE-2007-1976 (** DISPUTED ** ...)
+CVE-2007-1976
 	NOT-FOR-US: Virii Info module for Xoops
-CVE-2007-1975 (Multiple PHP remote file inclusion vulnerabilities in SLAED CMS 2 ...)
+CVE-2007-1975
 	NOT-FOR-US: SLAED CMS
-CVE-2007-1974 (SQL injection vulnerability in the getArticle function in ...)
+CVE-2007-1974
 	NOT-FOR-US: Xoops modules
-CVE-2007-1973 (Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel ...)
+CVE-2007-1973
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1972 (** DISPUTED ** ...)
+CVE-2007-1972
 	NOT-FOR-US: BMC Patrol PerformAgent
 CVE-2007-XXXX [mydms SQL injection]
 	- mydms 1.4.4+1-5
-CVE-2007-1971 (SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi ...)
+CVE-2007-1971
 	NOT-FOR-US: fotokategori.asp
-CVE-2007-1970 (Mozilla Firefox does not warn the user about HTTP elements on an HTTPS ...)
+CVE-2007-1970
 	- iceweasel <removed> (unimportant; bug #556267)
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - iceweasel <no-dsa> (Minor issue)
-CVE-2007-1969 (Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam ...)
+CVE-2007-1969
 	NOT-FOR-US: MyBlog
-CVE-2007-1968 (PHP remote file inclusion vulnerability in games.php in Sam Crew ...)
+CVE-2007-1968
 	NOT-FOR-US: MyBlog
-CVE-2007-1967 (** DISPUTED ** ...)
+CVE-2007-1967
 	NOT-FOR-US: stat12
-CVE-2007-1966 (Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows ...)
+CVE-2007-1966
 	NOT-FOR-US: eXV2 CMS
-CVE-2007-1965 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS ...)
+CVE-2007-1965
 	NOT-FOR-US: eXV2 CMS
-CVE-2007-1964 (member.php in MyBB (aka MyBulletinBoard), when debug mode is ...)
+CVE-2007-1964
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-1963 (SQL injection vulnerability in the create_session function in ...)
+CVE-2007-1963
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-1962 (SQL injection vulnerability in index.php in the WF-Snippets 1.02 and ...)
+CVE-2007-1962
 	NOT-FOR-US: WF-Snippets module for Xoops
-CVE-2007-1961 (PHP remote file inclusion vulnerability in mutant_functions.php in the ...)
+CVE-2007-1961
 	NOT-FOR-US: Mutant portal for phpBB
-CVE-2007-1960 (SQL injection vulnerability in visit.php in the Rha7 Downloads ...)
+CVE-2007-1960
 	NOT-FOR-US: Rha7 Downloads
-CVE-2007-1959 (Unspecified vulnerability in the process_cmdent function in ...)
+CVE-2007-1959
 	- tinymux <unfixed> (unimportant)
-CVE-2007-1958 (Buffer overflow in TinyMUX before 2.4 allows attackers to cause a ...)
+CVE-2007-1958
 	- tinymux 2.4.3.31-1
-CVE-2007-1957 (Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain ...)
+CVE-2007-1957
 	NOT-FOR-US: Portail Web Php
-CVE-2007-1956 (SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads ...)
+CVE-2007-1956
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2007-1955 (Multiple stack-based buffer overflows in the SignKorea SKCrypAX ...)
+CVE-2007-1955
 	NOT-FOR-US: SKCrypAX ActiveX control
-CVE-2007-1954 (Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 ...)
+CVE-2007-1954
 	NOT-FOR-US: ArchiveXpert
-CVE-2007-1953 (Session fixation vulnerability in onelook courts on-line allows remote ...)
+CVE-2007-1953
 	NOT-FOR-US: onelook courts on-line
-CVE-2007-1952 (Session fixation vulnerability in onelook onebyone CMS allows remote ...)
+CVE-2007-1952
 	NOT-FOR-US: onelook onebyone CMS
-CVE-2007-1951 (Session fixation vulnerability in onelook obo Shop allows remote ...)
+CVE-2007-1951
 	NOT-FOR-US: onelook obo Shop
-CVE-2007-1950 (Cross-site scripting (XSS) vulnerability in index_cms.php in ...)
+CVE-2007-1950
 	NOT-FOR-US: WebBlizzard CMS
-CVE-2007-1949 (Session fixation vulnerability in WebBlizzard CMS allows remote ...)
+CVE-2007-1949
 	NOT-FOR-US: WebBlizzard CMS
-CVE-2007-1948 (Buffer overflow in IrfanView 3.99 allows context-dependent attackers ...)
+CVE-2007-1948
 	NOT-FOR-US: IrfanView
-CVE-2007-1947 (Cross-zone scripting vulnerability in the DOM templates (domplates) ...)
+CVE-2007-1947
 	NOT-FOR-US: Firebug extension for Firefox
-CVE-2007-1946 (Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might ...)
+CVE-2007-1946
 	NOT-FOR-US: WIndows Explorer
-CVE-2007-1945 (Unspecified vulnerability in the Servlet Engine/Web Container in IBM ...)
+CVE-2007-1945
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-1944 (The Java Message Service (JMS) in IBM WebSphere Application Server ...)
+CVE-2007-1944
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-1943 (Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent ...)
+CVE-2007-1943
 	NOT-FOR-US: ACDSee Photo Manager
-CVE-2007-1942 (Integer overflow in FastStone Image Viewer 2.9 allows ...)
+CVE-2007-1942
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2007-1941 (Cross-site scripting (XSS) vulnerability in the Active Content Filter ...)
+CVE-2007-1941
 	NOT-FOR-US: Domino Web Access
-CVE-2007-1940 (IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 ...)
+CVE-2007-1940
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2007-1939 (Cross-site scripting (XSS) vulnerability in the embedded webserver in ...)
+CVE-2007-1939
 	NOT-FOR-US: LanguageTool
-CVE-2007-1938 (Ichitaro 2005 through 2007, and possibly related products, allows ...)
+CVE-2007-1938
 	NOT-FOR-US: Ichitaro
-CVE-2007-1937 (PHP remote file inclusion vulnerability in smilies.php in Scorp Book ...)
+CVE-2007-1937
 	NOT-FOR-US: Scorp Book
-CVE-2007-1936 (PHP remote file inclusion vulnerability in scaradcontrol.php in ...)
+CVE-2007-1936
 	NOT-FOR-US: ScarAdControl
-CVE-2007-1935 (PHP file inclusion vulnerability in admin/index.php in ScarAdControl ...)
+CVE-2007-1935
 	NOT-FOR-US: ScarAdControl
-CVE-2007-1934 (Directory traversal vulnerability in member.php in the eBoard 1.0.7 ...)
+CVE-2007-1934
 	NOT-FOR-US: eBoard module for PHP-Nuke
-CVE-2007-1933 (Multiple directory traversal vulnerabilities in PcP-Guestbook ...)
+CVE-2007-1933
 	NOT-FOR-US: PcP-Guestbook
-CVE-2007-1932 (Directory traversal vulnerability in scarnews.inc.php in ScarNews ...)
+CVE-2007-1932
 	NOT-FOR-US: ScarNews
-CVE-2007-1931 (SQL injection vulnerability in index.php in the slownik module in ...)
+CVE-2007-1931
 	NOT-FOR-US: SmodCMS
-CVE-2007-1930 (Directory traversal vulnerability in download2.php in cattaDoc 2.21, ...)
+CVE-2007-1930
 	NOT-FOR-US: cattaDoc
-CVE-2007-1929 (Directory traversal vulnerability in downloadpic.php in Beryo 2.0, and ...)
+CVE-2007-1929
 	NOT-FOR-US: Beryo
-CVE-2007-1928 (Directory traversal vulnerability in index.php in witshare 0.9 allows ...)
+CVE-2007-1928
 	NOT-FOR-US: witshare
-CVE-2007-1927 (Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer ...)
+CVE-2007-1927
 	NOT-FOR-US: CmailServer WebMail
-CVE-2007-1926 (Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin ...)
+CVE-2007-1926
 	NOT-FOR-US: JBMC Software DirectAdmin
-CVE-2007-1925 (The borrado function in modules/Your_Account/index.php in Tru-Zone ...)
+CVE-2007-1925
 	NOT-FOR-US: Tru-Zone Nuke ET
-CVE-2007-1924 (** DISPUTED ** ...)
+CVE-2007-1924
 	NOT-FOR-US: phpContact
-CVE-2007-1923 ((1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control ...)
+CVE-2007-1923
 	- sql-ledger <unfixed> (unimportant; bug #409703)
-CVE-2007-1922 (The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in ...)
+CVE-2007-1922
 	NOT-FOR-US: Winamp
-CVE-2007-1921 (LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other ...)
+CVE-2007-1921
 	NOT-FOR-US: Winamp
-CVE-2007-1920 (SQL injection vulnerability in index.php in the aktualnosci module in ...)
+CVE-2007-1920
 	NOT-FOR-US: aktualnosci module in SmodBIP
-CVE-2007-1919 (Cross-site scripting (XSS) vulnerability in index.php in Arizona Dream ...)
+CVE-2007-1919
 	NOT-FOR-US: Arizona Dream Livre d'or
-CVE-2007-1918 (The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 ...)
+CVE-2007-1918
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1917 (Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC ...)
+CVE-2007-1917
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1916 (Buffer overflow in the RFC_START_GUI function in the SAP RFC Library ...)
+CVE-2007-1916
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1915 (Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC ...)
+CVE-2007-1915
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1914 (The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 ...)
+CVE-2007-1914
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1913 (The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and ...)
+CVE-2007-1913
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1912 (Heap-based buffer overflow in Microsoft Windows allows user-assisted ...)
+CVE-2007-1912
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1911 (Multiple unspecified vulnerabilities in Microsoft Word 2007 allow ...)
+CVE-2007-1911
 	NOT-FOR-US: Microsoft Word
-CVE-2007-1910 (Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote ...)
+CVE-2007-1910
 	NOT-FOR-US: Microsoft Word
-CVE-2007-1909 (SQL injection vulnerability in login.php in Ryan Haudenschilt ...)
+CVE-2007-1909
 	NOT-FOR-US: Battle.net Clan Script
-CVE-2007-1908 (PHP file inclusion vulnerability in php121db.php in PHP121 Instant ...)
+CVE-2007-1908
 	NOT-FOR-US: PHP121 Instant Messenger
-CVE-2007-1907 (PHP remote file inclusion vulnerability in warn.php in Pathos Content ...)
+CVE-2007-1907
 	NOT-FOR-US: Pathos CMS
-CVE-2007-1906 (Directory traversal vulnerability in richedit/keyboard.php in eCardMAX ...)
+CVE-2007-1906
 	NOT-FOR-US: eCardMAX HotEditor
-CVE-2007-1905 (Cross-site scripting (XSS) vulnerability in auth.php in Pineapple ...)
+CVE-2007-1905
 	NOT-FOR-US: QuizShock
-CVE-2007-1904 (Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 ...)
+CVE-2007-1904
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2007-1903 (Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0 ...)
+CVE-2007-1903
 	NOT-FOR-US: SonicBB
-CVE-2007-1902 (Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote ...)
+CVE-2007-1902
 	NOT-FOR-US: SonicBB
-CVE-2007-1901 (SonicBB 1.0 allows remote attackers to obtain sensitive information ...)
+CVE-2007-1901
 	NOT-FOR-US: SonicBB
-CVE-2007-1900 (CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ...)
+CVE-2007-1900
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (low)
-CVE-2007-1899 (Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 ...)
+CVE-2007-1899
 	NOT-FOR-US: myWebland myBloggie
-CVE-2007-1898 (formmail.php in Jetbox CMS 2.1 allows remote attackers to send ...)
+CVE-2007-1898
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-1897 (SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, ...)
+CVE-2007-1897
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1896 (Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach ...)
+CVE-2007-1896
 	NOT-FOR-US: Sky GUNNING MySpeach
-CVE-2007-1895 (PHP remote file inclusion vulnerability in chat.php in Sky GUNNING ...)
+CVE-2007-1895
 	NOT-FOR-US: Sky GUNNING MySpeach
-CVE-2007-1894 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-1894
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1893 (xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows ...)
+CVE-2007-1893
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1892 (Stack-based buffer overflow in Akamai Technologies Download Manager ...)
+CVE-2007-1892
 	NOT-FOR-US: Akamai
-CVE-2007-1891 (Stack-based buffer overflow in the GetPrivateProfileSectionW function ...)
+CVE-2007-1891
 	NOT-FOR-US: Akamai
-CVE-2007-1890 (Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ...)
+CVE-2007-1890
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: local code execution only, possibly only on FreeBSD
-CVE-2007-1889 (Integer signedness error in the _zend_mm_alloc_int function in the ...)
+CVE-2007-1889
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1888 (Buffer overflow in the sqlite_decode_binary function in src/encode.c ...)
+CVE-2007-1888
 	- sqlite 2.8.17-2.1 (unimportant; bug #441233; bug #526328)
 	NOTE: this is really just an "unsafe" API, not really a security issue against sqlite itself.
 	NOTE: SQLite 3 no longer contains the affected function.
-CVE-2007-1887 (Buffer overflow in the sqlite_decode_binary function in the bundled ...)
+CVE-2007-1887
 	{DSA-1283-1 DTSA-39-1}
 	- php4 <not-affected> (SQLite not enabled in PHP 4 packages)
 	- php5 5.2.0-11 (medium)
 	- php4-sqlite <removed> (medium; bug #420456)
 	NOTE: php5 is vulnerable due to improper use of the system sqlite libs
-CVE-2007-1886 (Integer overflow in the str_replace function in PHP 4.4.5 and PHP ...)
+CVE-2007-1886
 	NOTE: Duplicate of CVE-2007-1885
-CVE-2007-1885 (Integer overflow in the str_replace function in PHP 4 before 4.4.5 and ...)
+CVE-2007-1885
 	NOTE: Dupe of CVE-2007-0906; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1884 (Multiple integer signedness errors in the printf function family in ...)
+CVE-2007-1884
 	NOTE: Dupe of CVE-2007-0909; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1883 (PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows ...)
+CVE-2007-1883
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1882 (qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury ...)
+CVE-2007-1882
 	NOT-FOR-US: HP Mercury Quality Center
-CVE-2007-1881 (Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, ...)
+CVE-2007-1881
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-1880 (Integer overflow in the _NtSetValueKey function in klif.sys in ...)
+CVE-2007-1880
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-1879 (The StartUploading function in KL.SysInfo ActiveX control ...)
+CVE-2007-1879
 	NOT-FOR-US: KL.SysInfo ActiveX control
-CVE-2007-1878 (Cross-zone scripting vulnerability in the DOM templates (domplates) ...)
+CVE-2007-1878
 	NOT-FOR-US: Firebug extension for Firefox
-CVE-2007-1877 (VMware Workstation before 5.5.4 allows attackers to cause a denial of ...)
+CVE-2007-1877
 	NOT-FOR-US: VMware
-CVE-2007-1876 (VMware Workstation before 5.5.4, when running a 64-bit Windows guest ...)
+CVE-2007-1876
 	NOT-FOR-US: VMware
 CVE-2007-1875
 	RESERVED
-CVE-2007-1874 (Adobe ColdFusion MX 7 for Linux and Solaris uses insecure permissions ...)
+CVE-2007-1874
 	NOT-FOR-US: Adobe ColdFusion MX
-CVE-2007-1873 (Cross-site scripting (XSS) vulnerability in Mephisto 0.7.3 allows ...)
+CVE-2007-1873
 	NOT-FOR-US: mephisto
-CVE-2007-1872 (Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows ...)
+CVE-2007-1872
 	NOT-FOR-US: toendaCMS
-CVE-2007-1871 (Cross-site scripting (XSS) vulnerability in chcounter 3.1.3 allows ...)
+CVE-2007-1871
 	NOT-FOR-US: chcounter
-CVE-2007-1870 (lighttpd before 1.4.14 allows attackers to cause a denial of service ...)
+CVE-2007-1870
 	{DSA-1303-1}
 	- lighttpd 1.4.15-1 (low; bug #422254)
-CVE-2007-1869 (lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial ...)
+CVE-2007-1869
 	{DSA-1303-1}
 	- lighttpd 1.4.15-1 (medium; bug #422254)
-CVE-2007-1868 (The management service in IBM Tivoli Provisioning Manager for OS ...)
+CVE-2007-1868
 	NOT-FOR-US: IBM Tivoli Provisioning Manager
-CVE-2007-1867 (Buffer overflow in IrfanView 3.99 allows remote attackers to execute ...)
+CVE-2007-1867
 	NOT-FOR-US: IrfanView
-CVE-2007-1866 (Stack-based buffer overflow in the dns_decode_reverse_name function in ...)
+CVE-2007-1866
 	NOT-FOR-US: dproxy-nexgen
-CVE-2007-1865 (** DISPUTED ** ...)
+CVE-2007-1865
 	NOT-FOR-US: not a bug
-CVE-2007-1864 (Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, ...)
+CVE-2007-1864
 	{DSA-1331-1 DSA-1330-1}
 	- php4 <removed>
 	- php5 5.2.2-1
-CVE-2007-1863 (cache_util.c in the mod_cache module in Apache HTTP Server (httpd), ...)
+CVE-2007-1863
 	- apache2 2.2.4-1 (low)
 	- apache <removed> (unimportant)
 	[sarge] - apache2 2.0.54-5sarge2
 	[etch] - apache2 2.2.3-4+etch2
 	NOTE: Apache 1.3 is non-threaded, therefore unimportant
-CVE-2007-1862 (The recall_headers function in mod_mem_cache in Apache 2.2.4 does not ...)
+CVE-2007-1862
 	- apache2 <not-affected> (Only Apache 2.2.4 was affected, and all versions of 2.2.4 in Debian are fixed)
-CVE-2007-1861 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...)
+CVE-2007-1861
 	{DSA-1289-1}
 	- linux-2.6 2.6.21-1
-CVE-2007-1860 (mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 ...)
+CVE-2007-1860
 	{DSA-1312-1}
 	- libapache-mod-jk 1:1.2.23-1 (bug #425836)
-CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for ...)
+CVE-2007-1859
 	- xscreensaver 5.03-1 (low; bug #433964)
 	[etch] - xscreensaver <no-dsa> (Minor issue, requires attacker with high level of control, see #433964)
 	[sarge] - xscreensaver <no-dsa> (Minor issue, requires attacker with high level of control, see #433964)
-CVE-2007-1858 (The default SSL cipher configuration in Apache Tomcat 4.1.28 through ...)
+CVE-2007-1858
 	NOTE: insecure ciphers should not be (and usually are not) enabled in browsers
 	[sarge] - tomcat4 <no-dsa> (low)
 	[etch] - tomcat5 <no-dsa> (low; bug #423435)
@@ -11655,165 +11655,165 @@ CVE-2007-1858 (The default SSL cipher configuration in Apache Tomcat 4.1.28 thro
 	- tomcat4 <removed> (low)
 CVE-2007-1857
 	RESERVED
-CVE-2007-1856 (Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure ...)
+CVE-2007-1856
 	- cron <not-affected> (Debian uses proper permission scheme)
-CVE-2007-1855 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2007-1855
 	NOT-FOR-US: Shop-Script
-CVE-2007-1854 (Unspecified vulnerability in Hitachi Cosminexus Component Container ...)
+CVE-2007-1854
 	NOT-FOR-US: Hitachi Cosminexus Component Container
-CVE-2007-1853 (Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, ...)
+CVE-2007-1853
 	NOT-FOR-US: Hitachi DeviceManager
-CVE-2007-1852 (** DISPUTED ** ...)
+CVE-2007-1852
 	NOT-FOR-US: 2BGal
-CVE-2007-1851 (Multiple directory traversal vulnerabilities in Really Simple PHP and ...)
+CVE-2007-1851
 	NOT-FOR-US: Really Simple PHP and Ajax
-CVE-2007-1850 (Directory traversal vulnerability in classes/captcha/captcha.jpg.php ...)
+CVE-2007-1850
 	NOT-FOR-US: Drake CMS
-CVE-2007-1849 (Directory traversal vulnerability in 404.php in Drake CMS allows ...)
+CVE-2007-1849
 	NOT-FOR-US: Drake CMS
-CVE-2007-1848 (Cross-site scripting (XSS) vulnerability in admin/classes/ui.dta.php ...)
+CVE-2007-1848
 	NOT-FOR-US: Drake CMS
-CVE-2007-1847 (SQL injection vulnerability in viewcat.php in the Repository module ...)
+CVE-2007-1847
 	NOT-FOR-US: Repository module for Xoops
-CVE-2007-1846 (SQL injection vulnerability in index.php in the MyAds 2.04jp and ...)
+CVE-2007-1846
 	NOT-FOR-US: MyAds
-CVE-2007-1845 (SQL injection vulnerability in show_event.php in the Expanded Calendar ...)
+CVE-2007-1845
 	NOT-FOR-US: Expanded Calendar module for PHP-Fusion
-CVE-2007-1844 (Multiple PHP remote file inclusion vulnerabilities in Aardvark ...)
+CVE-2007-1844
 	NOT-FOR-US: Aardvark Topsites
-CVE-2007-1843 (PHP remote file inclusion vulnerability in gmapfactory/params.php in ...)
+CVE-2007-1843
 	NOT-FOR-US: MapLab
-CVE-2007-1842 (Directory traversal vulnerability in login.php in JSBoard before ...)
+CVE-2007-1842
 	NOT-FOR-US: JSBoard
-CVE-2007-1841 (The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in ...)
+CVE-2007-1841
 	{DSA-1299-1 DTSA-42-1}
 	- ipsec-tools 1:0.6.6-3.2 (medium; bug #423252)
 	[sarge] - ipsec-tools <not-affected> (the older stream of development used in the sarge package is not vulnerable - a code change that went into that branch coincidentally fixed it and this change was already there in sarge)
 CVE-2007-XXXX [initramfs-tools creates /dev/root world-readable]
 	- initramfs-tools 0.85g (low; bug #417995)
-CVE-2007-1840 (lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not ...)
+CVE-2007-1840
 	{DSA-1287-1}
 	- ldap-account-manager 1.1.1-2 (medium; bug #415379)
-CVE-2007-1839 (Multiple PHP remote file inclusion vulnerabilities in CodeBB 1.1b3 and ...)
+CVE-2007-1839
 	NOT-FOR-US: CodeBB
-CVE-2007-1838 (SQL injection vulnerability in view.php in the Friendfinder 3.3 and ...)
+CVE-2007-1838
 	NOT-FOR-US: Friendfinder module for Xoops
-CVE-2007-1837 (Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS ...)
+CVE-2007-1837
 	NOT-FOR-US: MangoBery CMS
-CVE-2007-1836 (The command line administration interface in Data Domain OS before ...)
+CVE-2007-1836
 	NOT-FOR-US: Data Domain OS
-CVE-2007-1835 (PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session ...)
+CVE-2007-1835
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2007-1834 (Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco ...)
+CVE-2007-1834
 	NOT-FOR-US: Cisco
-CVE-2007-1833 (The Skinny Call Control Protocol (SCCP) implementation in Cisco ...)
+CVE-2007-1833
 	NOT-FOR-US: Cisco
-CVE-2007-1832 (web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to ...)
+CVE-2007-1832
 	NOT-FOR-US: WebAPP
-CVE-2007-1831 (web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to ...)
+CVE-2007-1831
 	NOT-FOR-US: WebAPP
-CVE-2007-1830 (Unspecified vulnerability in the Username Hijacking Patch 20070312 for ...)
+CVE-2007-1830
 	NOT-FOR-US: WebAPP
-CVE-2007-1829 (Multiple unspecified vulnerabilities in web-app.net WebAPP have ...)
+CVE-2007-1829
 	NOT-FOR-US: WebAPP
-CVE-2007-1828 (Multiple cross-site scripting (XSS) vulnerabilities in web-app.org ...)
+CVE-2007-1828
 	NOT-FOR-US: WebAPP
-CVE-2007-1827 (Multiple unspecified vulnerabilities in form input validation in ...)
+CVE-2007-1827
 	NOT-FOR-US: WebAPP
-CVE-2007-1826 (Unspecified vulnerability in the IPSec Manager Service for Cisco ...)
+CVE-2007-1826
 	NOT-FOR-US: Cisco
-CVE-2007-1825 (Buffer overflow in the imap_mail_compose function in PHP 5 before ...)
+CVE-2007-1825
 	NOTE: Dupe of CVE-2007-0906; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1824 (Buffer overflow in the php_stream_filter_create function in PHP 5 ...)
+CVE-2007-1824
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1823 (T-Mobile voice mail systems allow remote attackers to retrieve or ...)
+CVE-2007-1823
 	NOT-FOR-US: T-Mobile
-CVE-2007-1822 (Alcatel-Lucent Lucent Technologies voice mail systems allow remote ...)
+CVE-2007-1822
 	NOT-FOR-US: Alcatel-Lucent
-CVE-2007-1821 (Sprint Nextel Sprint voice mail systems allow remote attackers to ...)
+CVE-2007-1821
 	NOT-FOR-US: Sprint Nextel
-CVE-2007-1820 (Nortel Networks CallPilot and Meridian Mail voicemail systems, when a ...)
+CVE-2007-1820
 	NOT-FOR-US: Nortel Networks
-CVE-2007-1819 (Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control ...)
+CVE-2007-1819
 	NOT-FOR-US: ActiveX control in TestDirector
-CVE-2007-1818 (PHP remote file inclusion vulnerability in MOD_forum_fields_parse.php ...)
+CVE-2007-1818
 	NOT-FOR-US: Forum picture and META tags module for phpBB
-CVE-2007-1817 (SQL injection vulnerability in index.php in the Lykos Reviews ...)
+CVE-2007-1817
 	NOT-FOR-US: Lykos Reviews module for Xoops
-CVE-2007-1816 (SQL injection vulnerability in viewcat.php in the Tutoriais module for ...)
+CVE-2007-1816
 	NOT-FOR-US: Tutorials module for Xoops
-CVE-2007-1815 (SQL injection vulnerability in viewcat.php in the Library module for ...)
+CVE-2007-1815
 	NOT-FOR-US: Library module for Xoops
-CVE-2007-1814 (SQL injection vulnerability in viewcat.php in the Core module for ...)
+CVE-2007-1814
 	NOT-FOR-US: Core module for Xoops
-CVE-2007-1813 (SQL injection vulnerability in display.php in the eCal 2.24 and ...)
+CVE-2007-1813
 	NOT-FOR-US: eCal module for Xoops
-CVE-2007-1812 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-1812
 	NOT-FOR-US: BT-Sondage
-CVE-2007-1811 (SQL injection vulnerability in index.php in the Tiny Event (tinyevent) ...)
+CVE-2007-1811
 	NOT-FOR-US: Tiny Event module for Xoops
-CVE-2007-1810 (SQL injection vulnerability in product_details.php in the Kshop 1.17 ...)
+CVE-2007-1810
 	NOT-FOR-US: Kshop module for Xoops
-CVE-2007-1809 (Multiple PHP remote file inclusion vulnerabilities in GraFX Company ...)
+CVE-2007-1809
 	NOT-FOR-US: WebSite Builder
-CVE-2007-1808 (SQL injection vulnerability in show.php in the Camportail 1.1 and ...)
+CVE-2007-1808
 	NOT-FOR-US: Camportail module for Xoops
-CVE-2007-1807 (SQL injection vulnerability in modules/myalbum/viewcat.php in the ...)
+CVE-2007-1807
 	NOT-FOR-US: myAlbum-P module for Xoops
-CVE-2007-1806 (SQL injection vulnerability in categos.php in the RM+Soft Gallery ...)
+CVE-2007-1806
 	NOT-FOR-US: RM+Soft Gallery module for Xoops
-CVE-2007-1805 (SQL injection vulnerability in genre.php in the debaser 0.92 and ...)
+CVE-2007-1805
 	NOT-FOR-US: debaser module for Xoops
-CVE-2007-1804 (PulseAudio 0.9.5 allows remote attackers to cause a denial of service ...)
+CVE-2007-1804
 	{DTSA-44-1}
 	- pulseaudio 0.9.6-1 (low)
 	[etch] - pulseaudio <no-dsa> (Minor issue)
-CVE-2007-1803 (Unspecified vulnerability in MailDwarf 3.01 and earlier allows remote ...)
+CVE-2007-1803
 	NOT-FOR-US: MailDwarf
-CVE-2007-1802 (Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier ...)
+CVE-2007-1802
 	NOT-FOR-US: MailDwarf
-CVE-2007-1801 (Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta ...)
+CVE-2007-1801
 	NOT-FOR-US: sBLOG
-CVE-2007-1800 (Cisco Secure ACS does not require authentication when Cisco Trust ...)
+CVE-2007-1800
 	NOT-FOR-US: Cisco
-CVE-2007-1799 (Directory traversal vulnerability in torrent.cpp in KTorrent before ...)
+CVE-2007-1799
 	{DSA-1373-2 DSA-1373-1}
 	- ktorrent 2.1.4.dfsg.1-1 (medium; bug #432007)
-CVE-2007-1798 (Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows ...)
+CVE-2007-1798
 	NOT-FOR-US: IBM AIX
-CVE-2007-1797 (Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote ...)
+CVE-2007-1797
 	{DSA-1903-1 DSA-1858-1}
 	- imagemagick 7:6.2.4.5.dfsg1-1 (medium)
 	- graphicsmagick 1.1.7-15 (medium)
-CVE-2007-1796 (Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 ...)
+CVE-2007-1796
 	NOT-FOR-US: URLshrink
-CVE-2007-1795 (JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary ...)
+CVE-2007-1795
 	NOT-FOR-US: URLshrink
-CVE-2007-1794 (The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, ...)
+CVE-2007-1794
 	NOTE: Duplicate of CVE-2006-3805
-CVE-2007-1793 (SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and ...)
+CVE-2007-1793
 	NOT-FOR-US: Symantec Norton Personal Firewall
-CVE-2007-1792 (libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec ...)
+CVE-2007-1792
 	NOT-FOR-US: Symantec Mail Security
-CVE-2007-1791 (SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and ...)
+CVE-2007-1791
 	NOT-FOR-US: Picture-Engine
-CVE-2007-1790 (Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction ...)
+CVE-2007-1790
 	NOT-FOR-US: Kaqoo Auction Software
-CVE-2007-1789 (Flyspray 0.9.9 allows remote attackers to obtain sensitive information ...)
+CVE-2007-1789
 	- flyspray <not-affected> (Code was introduced in 0.9.9, not sensitive anyway)
-CVE-2007-1788 (Flyspray 0.9.9, when output_buffering is disabled or &quot;set to a low ...)
+CVE-2007-1788
 	- flyspray 0.9.8-10 (medium)
 	[sarge] - flyspray <not-affected> (Vulnerable code not present)
-CVE-2007-1787 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2007-1787
 	NOT-FOR-US: Time-Assistant
-CVE-2007-1786 (SQL injection vulnerability in Hitachi Collaboration - Online ...)
+CVE-2007-1786
 	NOT-FOR-US: Hitachi Collaboration
-CVE-2007-1785 (The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 ...)
+CVE-2007-1785
 	NOT-FOR-US: CA BrightStor ARCserve Backup
-CVE-2007-1784 (The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus ...)
+CVE-2007-1784
 	NOT-FOR-US: JNILoader ActiveX control
 CVE-2007-1783
 	REJECTED
@@ -11829,49 +11829,49 @@ CVE-2007-XXXX [double-free vulnerability in the Real Media demuxer]
 CVE-2007-XXXX [various crashes and infinite loops in ffmpeg]
 	- ffmpeg 0.cvs20060823-8 (low; bug #407003)
 	- xmovie <removed>
-CVE-2007-1782 (CruiseWorks 1.09e and earlier does not properly restrict user access ...)
+CVE-2007-1782
 	NOT-FOR-US: CruiseWorks
-CVE-2007-1781 (Minna De Office 1.x and 2.x does not properly restrict user access to ...)
+CVE-2007-1781
 	NOT-FOR-US: Minna De Office
-CVE-2007-1780 (Cross-site scripting (XSS) vulnerability in the DHT shell (owdhtshell) ...)
+CVE-2007-1780
 	NOT-FOR-US: Overlay Weaver
-CVE-2007-1779 (Multiple SQL injection vulnerabilities in the MySQL back-end in ...)
+CVE-2007-1779
 	NOT-FOR-US: Advanced Website Creator
-CVE-2007-1778 (PHP remote file inclusion vulnerability in db/mysql.php in the ...)
+CVE-2007-1778
 	NOT-FOR-US: Eve-Nuke
-CVE-2007-1777 (Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 ...)
+CVE-2007-1777
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php4 6:4.4.6-1 (medium)
 	- php5 5.2.0-11 (medium)
-CVE-2007-1776 (SQL injection vulnerability in index.php in the DesignForJoomla.com ...)
+CVE-2007-1776
 	NOT-FOR-US: D4J eZine
-CVE-2007-1775 (Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 ...)
+CVE-2007-1775
 	NOT-FOR-US: JBrowser
-CVE-2007-1774 (Multiple cross-site scripting (XSS) vulnerabilities in aBitWhizzy ...)
+CVE-2007-1774
 	NOT-FOR-US: aBitWhizzy
-CVE-2007-1773 (Multiple directory traversal vulnerabilities in aBitWhizzy allow ...)
+CVE-2007-1773
 	NOT-FOR-US: aBitWhizzy
-CVE-2007-1772 (The FTP service in HP JetDirect print servers allows remote attackers ...)
+CVE-2007-1772
 	NOT-FOR-US: HP JetDirect
-CVE-2007-1771 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-1771
 	NOT-FOR-US: Ay System Solutions Web Content System
-CVE-2007-1770 (Buffer overflow in the ArcSDE service (giomgr) in Environmental ...)
+CVE-2007-1770
 	NOT-FOR-US: ArcSDE
 CVE-2007-1769
 	REJECTED
-CVE-2007-1768 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-1768
 	NOT-FOR-US: Mephisto
-CVE-2007-1767 (Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in ...)
+CVE-2007-1767
 	NOT-FOR-US: AOL
-CVE-2007-1766 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-1766
 	NOT-FOR-US: Advanced Login
-CVE-2007-1765 (Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista ...)
+CVE-2007-1765
 	NOT-FOR-US: Microsoft
-CVE-2007-1764 (Stack-based buffer overflow in FastStone Image Viewer 2.8 allows ...)
+CVE-2007-1764
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2007-1763 (The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows ...)
+CVE-2007-1763
 	NOT-FOR-US: Microsoft
-CVE-2007-1762 (Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs ...)
+CVE-2007-1762
 	- iceweasel 3.0.1-1 (unimportant; bug #445515)
 	NOTE: I don't believe this has relevant security impact, such a black list
 	NOTE: will register URLs found in the wild and the used adresses will be
@@ -11886,139 +11886,139 @@ CVE-2007-1758
 	REJECTED
 CVE-2007-1757
 	REJECTED
-CVE-2007-1756 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office ...)
+CVE-2007-1756
 	NOT-FOR-US: Microsoft Excel
 CVE-2007-1755
 	REJECTED
-CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear ...)
+CVE-2007-1754
 	NOT-FOR-US: Microsoft Office
 CVE-2007-1753
 	REJECTED
 CVE-2007-1752
 	REJECTED
-CVE-2007-1751 (Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to ...)
+CVE-2007-1751
 	NOT-FOR-US: Microsoft
-CVE-2007-1750 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows ...)
+CVE-2007-1750
 	NOT-FOR-US: Microsoft
-CVE-2007-1749 (Integer underflow in the CDownloadSink class code in the Vector Markup ...)
+CVE-2007-1749
 	NOT-FOR-US: Vector Markup Language
-CVE-2007-1748 (Stack-based buffer overflow in the RPC interface in the Domain Name ...)
+CVE-2007-1748
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1747 (Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, ...)
+CVE-2007-1747
 	NOT-FOR-US: Microsoft Office
 CVE-2007-1746
 	RESERVED
-CVE-2007-1745 (The chm_decompress_stream function in libclamav/chmunpack.c in Clam ...)
+CVE-2007-1745
 	{DSA-1281-1 DTSA-37-1}
 	- clamav 0.90.2-1 (high)
-CVE-2007-1744 (Directory traversal vulnerability in the Shared Folders feature for ...)
+CVE-2007-1744
 	NOT-FOR-US: VMware
-CVE-2007-1743 (suexec in Apache HTTP Server (httpd) 2.2.3 does not verify ...)
+CVE-2007-1743
 	- apache2 <unfixed> (unimportant)
-CVE-2007-1742 (suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison ...)
+CVE-2007-1742
 	- apache2 2.2.8-5 (unimportant)
-CVE-2007-1741 (Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 ...)
+CVE-2007-1741
 	- apache2 2.2.8-5 (unimportant)
 CVE-2007-1740
 	REJECTED
-CVE-2007-1739 (Heap-based buffer overflow in the LDAP server in IBM Lotus Domino ...)
+CVE-2007-1739
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-1738 (TrueCrypt 4.3, when installed setuid root, allows local users to cause ...)
+CVE-2007-1738
 	NOT-FOR-US: TrueCrypt
-CVE-2007-1737 (Opera 9.10 does not check URLs embedded in (1) object or (2) iframe ...)
+CVE-2007-1737
 	NOT-FOR-US: Opera
-CVE-2007-1736 (Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or ...)
+CVE-2007-1736
 	- iceweasel <removed> (unimportant)
 	NOTE: I don't believe this has relevant security impact, such a black list
 	NOTE: will register URLs found in the wild and the used adresses will be
 	NOTE: volatile anyway
-CVE-2007-1735 (Stack-based buffer overflow in Corel WordPerfect Office X3 ...)
+CVE-2007-1735
 	NOT-FOR-US: Corel WordPerfect
-CVE-2007-1734 (The DCCP support in the do_dccp_getsockopt function in ...)
+CVE-2007-1734
 	- linux-2.6 2.6.20-1 (medium; bug #420875)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2007-1733 (Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows ...)
+CVE-2007-1733
 	NOT-FOR-US: NaviCOPA HTTP Server
-CVE-2007-1732 (** DISPUTED ** ...)
+CVE-2007-1732
 	- wordpress 2.1.3-1 (unimportant)
 	NOTE: Administrators can post full HTML, that is a feature. Rightly disputed.
-CVE-2007-1731 (Multiple stack-based buffer overflows in High Performance Anonymous ...)
+CVE-2007-1731
 	NOT-FOR-US: hpaftpd
-CVE-2007-1730 (Integer signedness error in the DCCP support in the do_dccp_getsockopt ...)
+CVE-2007-1730
 	- linux-2.6 2.6.21-1 (medium)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2007-1729 (SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 ...)
+CVE-2007-1729
 	NOT-FOR-US: Flexbb
-CVE-2007-1728 (The Remote Play feature in Sony Playstation 3 (PS3) 1.60 and ...)
+CVE-2007-1728
 	NOT-FOR-US: Sony Playstation 3
-CVE-2007-1727 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2007-1727
 	NOT-FOR-US: HP OpenView
-CVE-2007-1726 (Unrestricted file upload vulnerability in index.php in IceBB 1.0-rc5 ...)
+CVE-2007-1726
 	NOT-FOR-US: IceBB
-CVE-2007-1725 (SQL injection vulnerability in index.php in IceBB 1.0-rc5 allows ...)
+CVE-2007-1725
 	NOT-FOR-US: IceBB
-CVE-2007-1724 (Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and ...)
+CVE-2007-1724
 	NOT-FOR-US: ReactOS
-CVE-2007-1723 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2007-1723
 	NOT-FOR-US: IronMail
-CVE-2007-1722 (Buffer overflow in the DownloadCertificateExt function in SignKorea ...)
+CVE-2007-1722
 	NOT-FOR-US: SKCommAX ActiveX control
-CVE-2007-1721 (Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 ...)
+CVE-2007-1721
 	NOT-FOR-US: C-Arbre
-CVE-2007-1720 (Directory traversal vulnerability in addressbook.php in the ...)
+CVE-2007-1720
 	NOT-FOR-US: Addressbook 1.2 module for PHP-Nuke
-CVE-2007-1719 (Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, ...)
+CVE-2007-1719
 	NOT-FOR-US: mcweject
-CVE-2007-1718 (CRLF injection vulnerability in the mail function in PHP 4.0.0 through ...)
+CVE-2007-1718
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php4 <removed> (medium)
 	[sarge] - php4 <not-affected> (Vulnerable code not present)
 	- php5 5.2.0-11 (medium)
-CVE-2007-1717 (The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 ...)
+CVE-2007-1717
 	- php4 6:4.4.6-2 (unimportant)
 	- php5 5.2.2-1 (unimportant)
 	NOTE: This is a regular bug, not a security problem
-CVE-2007-1716 (pam_console does not properly restore ownership for certain console ...)
+CVE-2007-1716
 	NOT-FOR-US: pam_console
-CVE-2007-1715 (PHP remote file inclusion vulnerability in frontpage.php in Free Image ...)
+CVE-2007-1715
 	NOT-FOR-US: Free Image Hosting
-CVE-2007-1714 (Cross-site scripting (XSS) vulnerability in index.php in CcCounter 2.0 ...)
+CVE-2007-1714
 	NOT-FOR-US: CcCounter
-CVE-2007-1713 (CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, ...)
+CVE-2007-1713
 	NOT-FOR-US: BASP21
-CVE-2007-1712 (SQL injection vulnerability in default.asp in ActiveWebSoftwares ...)
+CVE-2007-1712
 	NOT-FOR-US: Active Auction Pro
-CVE-2007-1711 (Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 ...)
+CVE-2007-1711
 	{DSA-1283-1 DSA-1282-1}
 	- php4 6:4.4.6-2
 	- php5 5.2.0-9
 	NOTE: register_globals not supported
-CVE-2007-1710 (The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows ...)
+CVE-2007-1710
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Safe mode violations not supported, insufficient measure
-CVE-2007-1709 (Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC ...)
+CVE-2007-1709
 	NOT-FOR-US: PECL phpDOC
-CVE-2007-1708 (PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS ...)
+CVE-2007-1708
 	NOT-FOR-US: ttCMS
-CVE-2007-1707 (PHP remote file inclusion vulnerability in index.php in Net Side ...)
+CVE-2007-1707
 	NOT-FOR-US: Net-Side.net CMS
-CVE-2007-1706 (SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows ...)
+CVE-2007-1706
 	NOT-FOR-US: eWebQuiz
-CVE-2007-1705 (SQL injection vulnerability in default.asp in Active Trade 2 allows ...)
+CVE-2007-1705
 	NOT-FOR-US: Active Trade
-CVE-2007-1704 (SQL injection vulnerability in index.php in the Car Manager ...)
+CVE-2007-1704
 	NOT-FOR-US: Joomla module Car Manager
-CVE-2007-1703 (SQL injection vulnerability in index.php in the RWCards (com_rwcards) ...)
+CVE-2007-1703
 	NOT-FOR-US: Joomla module RWCards
-CVE-2007-1702 (PHP remote file inclusion vulnerability in mod_flatmenu.php in the ...)
+CVE-2007-1702
 	NOT-FOR-US: Flatmenu
-CVE-2007-1701 (PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is ...)
+CVE-2007-1701
 	- php5 5.2.0-9 (unimportant)
 	- php4 6:4.4.4-9 (unimportant)
 	NOTE: register_globals not supported
 	NOTE: Dupe of CVE-2007-0910
-CVE-2007-1700 (The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, ...)
+CVE-2007-1700
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-9
 	- php4 6:4.4.4-9
@@ -12028,331 +12028,331 @@ CVE-2007-1700 (The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2
 	NOTE: This was fixed as a side-effect of previous security fixes, noting the
 	NOTE: status as of DSA-1286 as fixed version. likewise the oldstable
 	NOTE: version was fixed.
-CVE-2007-1699 (Multiple PHP remote file inclusion vulnerabilities in the SWmenu ...)
+CVE-2007-1699
 	NOT-FOR-US: Mambo module SWmenu
-CVE-2007-1698 (download.php in Philex 0.2.3 and earlier allows remote attackers to ...)
+CVE-2007-1698
 	NOT-FOR-US: Philex
-CVE-2007-1697 (PHP remote file inclusion vulnerability in header.inc.php in Philex ...)
+CVE-2007-1697
 	NOT-FOR-US: Philex
-CVE-2007-1696 (SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter ...)
+CVE-2007-1696
 	NOT-FOR-US: Active Newsletter
-CVE-2007-1695 (** DISPUTED ** ...)
+CVE-2007-1695
 	- phpbb2 <not-affected> (requires register_globals to exploit)
 	NOTE: Vulnerability is disputed, but is a non-issue anyway.
 CVE-2007-1694
 	RESERVED
-CVE-2007-1693 (The SIP channel module in Yet Another Telephony Engine (Yate) before ...)
+CVE-2007-1693
 	- yate 1.2.0-1.dfsg-1 (low; bug #421994)
 	[etch] - yate <no-dsa> (Minor issue, fringe application)
-CVE-2007-1692 (The default configuration of Microsoft Windows uses the Web Proxy ...)
+CVE-2007-1692
 	NOT-FOR-US: Microsoft
-CVE-2007-1691 (Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX ...)
+CVE-2007-1691
 	NOT-FOR-US: Second Sight Software
-CVE-2007-1690 (Multiple stack-based buffer overflows in Second Sight Software ...)
+CVE-2007-1690
 	NOT-FOR-US: Second Sight Software
-CVE-2007-1689 (Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL ...)
+CVE-2007-1689
 	NOT-FOR-US: Norton
-CVE-2007-1688 (Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in ...)
+CVE-2007-1688
 	NOT-FOR-US: PhPInfo ActiveX control
-CVE-2007-1687 (Multiple buffer overflows in the Internet Pictures Corporation iPIX ...)
+CVE-2007-1687
 	NOT-FOR-US: iPIX Image Well ActiveX control
 CVE-2007-1686
 	RESERVED
-CVE-2007-1685 (Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, ...)
+CVE-2007-1685
 	NOT-FOR-US: BlueCoat
-CVE-2007-1684 (The Run function in SolidWorks sldimdownload ActiveX control in ...)
+CVE-2007-1684
 	NOT-FOR-US: sldimdownload ActiveX control
-CVE-2007-1683 (Stack-based buffer overflow in the DoWebMenuAction function in the ...)
+CVE-2007-1683
 	NOT-FOR-US: IncrediMail
-CVE-2007-1682 (Multiple stack-based buffer overflows in the FileManager ActiveX ...)
+CVE-2007-1682
 	NOT-FOR-US: FileManager ActiveX
-CVE-2007-1681 (Format string vulnerability in libwebconsole_services.so in Sun Java ...)
+CVE-2007-1681
 	NOT-FOR-US: Sun Solaris
-CVE-2007-1680 (Stack-based buffer overflow in the createAndJoinConference function in ...)
+CVE-2007-1680
 	NOT-FOR-US: AudioConf ActiveX control
-CVE-2007-1679 (** DISPUTED ** ...)
+CVE-2007-1679
 	NOTE: Allegedly a duplicate of CVE-2006-4255.
 	NOTE: The other issue needs a CSRF attack to exploit.
-CVE-2007-1678 (Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension ...)
+CVE-2007-1678
 	NOT-FOR-US: Fizzle 0.5 extension for Firefox
-CVE-2007-1677 (Multiple buffer overflows in the ISO network protocol support in the ...)
+CVE-2007-1677
 	NOT-FOR-US: NetBSD
 CVE-2007-1676
 	RESERVED
-CVE-2007-1675 (Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP ...)
+CVE-2007-1675
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-1674 (Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in ...)
+CVE-2007-1674
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2007-1673 (unzoo.c, as used in multiple products including AMaViS 2.4.1 and ...)
+CVE-2007-1673
 	[sarge] - zoo <no-dsa> (Minor issue)
 	[etch] - zoo <no-dsa> (Minor issue)
 	- zoo 2.10-19 (bug #424686)
 	- unzoo 4.4-7 (bug #424690)
 	[sarge] - unzoo <no-dsa> (Minor issue)
 	[etch] - unzoo <no-dsa> (Minor issue)
-CVE-2007-1672 (avast! antivirus before 4.7.981 allows remote attackers to cause a ...)
+CVE-2007-1672
 	NOT-FOR-US: avast
-CVE-2007-1671 (avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers ...)
+CVE-2007-1671
 	NOT-FOR-US: Avira
-CVE-2007-1670 (Panda Software Antivirus before 20070402 allows remote attackers to ...)
+CVE-2007-1670
 	NOT-FOR-US: Panda
-CVE-2007-1669 (zoo decoder 2.10 (zoo-2.10), as used in multiple products including ...)
+CVE-2007-1669
 	NOT-FOR-US: Barracuda
 CVE-2007-1668
 	RESERVED
-CVE-2007-1666 (The processor_request function in the debugger server for DataRescue ...)
+CVE-2007-1666
 	NOT-FOR-US: IDA Pro
-CVE-2007-1665 (Memory leak in the token OCR functionality in ekg before ...)
+CVE-2007-1665
 	{DSA-1318-1}
 	- ekg 1:1.7~rc2-2 (low)
 	[sarge] - ekg <not-affected> (Vulnerable code not present)
-CVE-2007-1664 (ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote ...)
+CVE-2007-1664
 	{DSA-1318-1}
 	- ekg 1:1.7~rc2-2 (low)
 	[sarge] - ekg <not-affected> (Vulnerable code not present)
-CVE-2007-1663 (Memory leak in the image message functionality in ekg before ...)
+CVE-2007-1663
 	{DSA-1318-1}
 	- ekg 1:1.7~rc2-2 (low)
 	[sarge] - ekg <not-affected> (Vulnerable code not present)
-CVE-2007-1662 (Perl-Compatible Regular Expression (PCRE) library before 7.3 reads ...)
+CVE-2007-1662
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1661 (Perl-Compatible Regular Expression (PCRE) library before 7.3 ...)
+CVE-2007-1661
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1660 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not ...)
+CVE-2007-1660
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1659 (Perl-Compatible Regular Expression (PCRE) library before 7.3 allows ...)
+CVE-2007-1659
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- kazehakase 0.5.2-1
 	- pcre3 7.3-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1658 (Windows Mail in Microsoft Windows Vista might allow user-assisted ...)
+CVE-2007-1658
 	NOT-FOR-US: Microsoft
-CVE-2007-1657 (Stack-based buffer overflow in the file_compress function in minigzip ...)
+CVE-2007-1657
 	- python2.5 <not-affected> (does not build minigzip.c)
-CVE-2007-1656 (Multiple SQL injection vulnerabilities in index.php in Katalog Plyt ...)
+CVE-2007-1656
 	NOT-FOR-US: Plyt Audio
-CVE-2007-1655 (Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX ...)
+CVE-2007-1655
 	{DSA-1317-1}
 	- tinymux 2.4.3.31-1.1 (bug #417539)
-CVE-2007-1654 (Buffer overflow in the Ne7sshSftp::addOpenHandle function in ...)
+CVE-2007-1654
 	NOT-FOR-US: ne7ssh
-CVE-2007-1653 (GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial ...)
+CVE-2007-1653
 	NOT-FOR-US: GlowWorm FW
-CVE-2007-1652 (OpenID allows remote attackers to forcibly log a user into an OpenID ...)
+CVE-2007-1652
 	NOT-FOR-US: MyOpenID.com
-CVE-2007-1651 (Cross-site request forgery (CSRF) vulnerability in OpenID allows ...)
+CVE-2007-1651
 	NOT-FOR-US: MyOpenID.com
-CVE-2007-1650 (pcapsipdump.cpp in pcapsipdump before 0.1.3 allows remote attackers to ...)
+CVE-2007-1650
 	NOT-FOR-US: pcapsipdump
-CVE-2007-1649 (PHP 5.2.1 allows context-dependent attackers to read portions of heap ...)
+CVE-2007-1649
 	- php5 5.2.2-1
 	[etch] - php5 <not-affected> (Only affects PHP 5.2.1)
-CVE-2007-1648 (0irc 1345 build 20060823 allows remote attackers to cause a denial of ...)
+CVE-2007-1648
 	NOT-FOR-US: 0irc
-CVE-2007-1647 (Moodle 1.5.2 and earlier stores sensitive information under the web ...)
+CVE-2007-1647
 	- moodle 1.5.3-1 (low)
-CVE-2007-1646 (Multiple cross-site scripting (XSS) vulnerabilities in SubHub 2.3.0 ...)
+CVE-2007-1646
 	NOT-FOR-US: SubHub
-CVE-2007-1645 (Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows ...)
+CVE-2007-1645
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2007-1644 (The dynamic DNS update mechanism in the DNS Server service on ...)
+CVE-2007-1644
 	NOT-FOR-US: Microsoft DNS Server
-CVE-2007-1643 (Multiple PHP remote file inclusion vulnerabilities in LAN Management ...)
+CVE-2007-1643
 	NOT-FOR-US: LAN Management System
-CVE-2007-1642 (Unspecified vulnerability in ManageEngine Firewall Analyzer allows ...)
+CVE-2007-1642
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2007-1641 (SQL injection vulnerability in index.php in PortailPHP 2.0 allows ...)
+CVE-2007-1641
 	NOT-FOR-US: PortailPHP
-CVE-2007-1640 (Multiple PHP remote file inclusion vulnerabilities in ClassWeb 2.03 ...)
+CVE-2007-1640
 	NOT-FOR-US: ClassWeb
-CVE-2007-1639 (Unrestricted file upload vulnerability in PHProjekt 5.2.0, when ...)
+CVE-2007-1639
 	NOT-FOR-US: PHProjekt
-CVE-2007-1638 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2007-1638
 	NOT-FOR-US: PHProjekt
-CVE-2007-1637 (Multiple buffer overflows in the IMAILAPILib ActiveX control ...)
+CVE-2007-1637
 	NOT-FOR-US: IMAILAPILib ActiveX control
-CVE-2007-1636 (Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 ...)
+CVE-2007-1636
 	NOT-FOR-US: RoseOnlineCMS
-CVE-2007-1635 (Static code injection vulnerability in admin/settings.php in Net ...)
+CVE-2007-1635
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2007-1634 (Variable extraction vulnerability in grab_globals.php in Net Portal ...)
+CVE-2007-1634
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2007-1633 (Directory traversal vulnerability in bbcode_ref.php in the Giorgio ...)
+CVE-2007-1633
 	NOT-FOR-US: Splatt Forum
-CVE-2007-1632 (Unspecified vulnerability in TYPOlight webCMS before 2.2 Build 5 has ...)
+CVE-2007-1632
 	NOT-FOR-US: webCMS
-CVE-2007-1631 (** DISPUTED ** ...)
+CVE-2007-1631
 	NOT-FOR-US: CLBOX
-CVE-2007-1630 (SQL injection vulnerability in default.asp in ActiveWebSoftwares ...)
+CVE-2007-1630
 	NOT-FOR-US: Active Link Engine
-CVE-2007-1629 (SQL injection vulnerability in default.asp in ActiveWebSoftwares ...)
+CVE-2007-1629
 	NOT-FOR-US: Active Photo Gallery
-CVE-2007-1628 (Multiple PHP remote file inclusion vulnerabilities in Study planner ...)
+CVE-2007-1628
 	NOT-FOR-US: Study planner
 CVE-2007-1627
 	REJECTED
-CVE-2007-1626 (PHP remote file inclusion vulnerability in iframe.php in the iFrame ...)
+CVE-2007-1626
 	NOT-FOR-US: iFrame Module for PHP-NUKE
-CVE-2007-1625 (Cross-site scripting (XSS) vulnerability in save_entry.php in ...)
+CVE-2007-1625
 	NOT-FOR-US: realGuestbook
-CVE-2007-1624 (Multiple SQL injection vulnerabilities in realGuestbook 5.01 allow ...)
+CVE-2007-1624
 	NOT-FOR-US: realGuestbook
-CVE-2007-1623 (Multiple cross-site scripting (XSS) vulnerabilities in realGuestbook ...)
+CVE-2007-1623
 	NOT-FOR-US: realGuestbook
-CVE-2007-1622 (Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in ...)
+CVE-2007-1622
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1621 (PHP remote file inclusion vulnerability in templates/head.php in ...)
+CVE-2007-1621
 	NOT-FOR-US: Active PHP Bookmark Notes
-CVE-2007-1620 (Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer ...)
+CVE-2007-1620
 	NOT-FOR-US: PHP DB Designer
-CVE-2007-1619 (SQL injection vulnerability in viewcomments.php in ScriptMagix Photo ...)
+CVE-2007-1619
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1618 (SQL injection vulnerability in index.php in ScriptMagix FAQ Builder ...)
+CVE-2007-1618
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1617 (SQL injection vulnerability in index.php in ScriptMagix Recipes 2.0 ...)
+CVE-2007-1617
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1616 (SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and ...)
+CVE-2007-1616
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1615 (SQL injection vulnerability in index.php in ScriptMagix Jokes 2.0 and ...)
+CVE-2007-1615
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1614 (Stack-based buffer overflow in the zzip_open_shared_io function in ...)
+CVE-2007-1614
 	{DTSA-56-1}
 	- zziplib 0.13.49-0 (bug #436701; low)
 	[etch] - zziplib <no-dsa> (Minor issue)
 	NOTE: http://www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187#message326187
 	NOTE: If an attacker can supply arbitrary file names, we likely suffer from
 	NOTE: an information disclosure issue anyway.
-CVE-2007-1613 (Directory traversal vulnerability in view.php in MPM Chat 2.5 allows ...)
+CVE-2007-1613
 	NOT-FOR-US: MPM Chat
-CVE-2007-1612 (SQL injection vulnerability in index.php in Katalog Plyt Audio 1.0 and ...)
+CVE-2007-1612
 	NOT-FOR-US: Plyt Audio
-CVE-2007-1611 (Cross-site scripting (XSS) vulnerability in the RSS reader in a ...)
+CVE-2007-1611
 	NOT-FOR-US: IKANARI JIJYOU
-CVE-2007-1610 (Cross-site scripting (XSS) vulnerability in the RSS reader in Glue ...)
+CVE-2007-1610
 	NOT-FOR-US: NewsGlue
-CVE-2007-1609 (Cross-site scripting (XSS) vulnerability in servlet/Spy in Dynamic ...)
+CVE-2007-1609
 	NOT-FOR-US: Oracle Application Server
-CVE-2007-1608 (CRLF injection vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2007-1608
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-1607 (search.php in w-Agora (Web-Agora) allows remote attackers to obtain ...)
+CVE-2007-1607
 	NOT-FOR-US: Web-Agora
-CVE-2007-1606 (Multiple cross-site scripting (XSS) vulnerabilities in w-Agora ...)
+CVE-2007-1606
 	NOT-FOR-US: Web-Agora
-CVE-2007-1605 (w-Agora (Web-Agora) allows remote attackers to obtain sensitive ...)
+CVE-2007-1605
 	NOT-FOR-US: Web-Agora
-CVE-2007-1604 (Multiple unrestricted file upload vulnerabilities in w-Agora ...)
+CVE-2007-1604
 	NOT-FOR-US: Web-Agora
-CVE-2007-1603 (admin/contest.php in Weekly Drawing Contest 0.0.1 allows remote ...)
+CVE-2007-1603
 	NOT-FOR-US: Weekly Drawing Contest
-CVE-2007-1602 (SQL injection vulnerability in check_vote.php in Weekly Drawing ...)
+CVE-2007-1602
 	NOT-FOR-US: Weekly Drawing Contest
-CVE-2007-1601 (** DISPUTED ** ...)
+CVE-2007-1601
 	NOT-FOR-US: Weekly Drawing Contest
-CVE-2007-1600 (PHP remote file inclusion vulnerability in module.php in Digital Eye ...)
+CVE-2007-1600
 	NOT-FOR-US: Digital Eye Gallery
-CVE-2007-1599 (wp-login.php in WordPress allows remote attackers to redirect ...)
+CVE-2007-1599
 	{DSA-1601-1}
 	- wordpress 2.2.2-1 (bug #437085; low)
-CVE-2007-1598 (Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 ...)
+CVE-2007-1598
 	NOT-FOR-US: FileCOPA FTP
-CVE-2007-1597 (Unclassified NewsBoard 1.6.3 stores sensitive information under the ...)
+CVE-2007-1597
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2007-1596 (Multiple PHP remote file inclusion vulnerabilities in the NFN Address ...)
+CVE-2007-1596
 	NOT-FOR-US: NFN Address Book
-CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk ...)
+CVE-2007-1595
 	- asterisk 1:1.4.0~dfsg-1 (low)
 	[etch] - asterisk <not-affected> (Only affects 1.4.x)
 	[sarge] - asterisk <not-affected> (Only affects 1.4.x)
-CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator (VVR) ...)
+CVE-2007-1593
 	NOT-FOR-US: Symantec
-CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 ...)
+CVE-2007-1592
 	{DSA-1503-2 DSA-1503-1 DSA-1304 DSA-1286-1}
 	- linux-2.6 2.6.20-1 (medium)
-CVE-2007-1591 (VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus ...)
+CVE-2007-1591
 	NOT-FOR-US: Trend Micro
-CVE-2007-1590 (The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and ...)
+CVE-2007-1590
 	NOT-FOR-US: Grandstream
-CVE-2007-1589 (TrueCrypt before 4.3, when set-euid mode is used on Linux, allows ...)
+CVE-2007-1589
 	NOT-FOR-US: Truecrypt
-CVE-2007-1588 (server.cpp in MyServer 0.8.5 calls Process::setuid before calling ...)
+CVE-2007-1588
 	NOT-FOR-US: MyServer
-CVE-2007-1587 (templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows ...)
+CVE-2007-1587
 	NOT-FOR-US: StatsDawg
-CVE-2007-1586 (ZynOS 3.40 allows remote attackers to cause a denial of service (link ...)
+CVE-2007-1586
 	NOT-FOR-US: Zyxel
-CVE-2007-1585 (The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware ...)
+CVE-2007-1585
 	NOT-FOR-US: Cisco
-CVE-2007-1584 (Buffer underflow in the header function in PHP 5.2.0 allows ...)
+CVE-2007-1584
 	NOTE: Dupe of CVE-2007-0907; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1583 (The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through ...)
+CVE-2007-1583
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php5 5.2.0-11 (medium)
 	- php4 <removed> (medium)
-CVE-2007-1582 (The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 ...)
+CVE-2007-1582
 	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1581 (The resource system in PHP 5.0.0 through 5.2.1 allows ...)
+CVE-2007-1581
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1580 (FTPDMIN 0.96 allows remote attackers to cause a denial of service ...)
+CVE-2007-1580
 	NOT-FOR-US: FTPDMIN
-CVE-2007-1579 (Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote ...)
+CVE-2007-1579
 	NOT-FOR-US: MERCUR IMAPD
-CVE-2007-1578 (Multiple integer signedness errors in the NTLM implementation in ...)
+CVE-2007-1578
 	NOT-FOR-US: MERCUR IMAPD
-CVE-2007-1577 (Directory traversal vulnerability in index.php in GeBlog 0.1 allows ...)
+CVE-2007-1577
 	NOT-FOR-US: GeBlog
-CVE-2007-1576 (Multiple cross-site scripting (XSS) vulnerabilities in PHProjekt ...)
+CVE-2007-1576
 	NOT-FOR-US: PHProjekt
-CVE-2007-1575 (Multiple SQL injection vulnerabilities in PHProjekt 5.2.0, when ...)
+CVE-2007-1575
 	NOT-FOR-US: PHProjekt
-CVE-2007-1574 (CARE2X 2.2, and possibly earlier, allows remote attackers to obtain ...)
+CVE-2007-1574
 	NOT-FOR-US: CARE2X
-CVE-2007-1573 (SQL injection vulnerability in admincp/attachment.php in Jelsoft ...)
+CVE-2007-1573
 	NOT-FOR-US: vBulletin
-CVE-2007-1572 (SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 and ...)
+CVE-2007-1572
 	NOT-FOR-US: JGBBS
-CVE-2007-1571 (PHP remote file inclusion vulnerability in includes/base.php in ...)
+CVE-2007-1571
 	NOT-FOR-US: Activist Mobilization Platform
 CVE-2007-1570
 	REJECTED
-CVE-2007-1569 (Stack-based buffer overflow in NewsBin Pro 4.32 allows remote ...)
+CVE-2007-1569
 	NOT-FOR-US: NewsBin Pro
-CVE-2007-1568 (Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 ...)
+CVE-2007-1568
 	NOT-FOR-US: NewsReactor
-CVE-2007-1567 (Stack-based buffer overflow in War FTP Daemon 1.65, and possibly ...)
+CVE-2007-1567
 	NOT-FOR-US: WarFTPd
-CVE-2007-1566 (SQL injection vulnerability in News/page.asp in NetVIOS Portal allows ...)
+CVE-2007-1566
 	NOT-FOR-US: NetVIOS Portal
-CVE-2007-1565 (Konqueror 3.5.5 allows remote attackers to cause a denial of service ...)
+CVE-2007-1565
 	- kdelibs <unfixed> (unimportant)
-CVE-2007-1564 (The FTP protocol implementation in Konqueror 3.5.5 allows remote ...)
+CVE-2007-1564
 	- kdelibs 4:3.5.5a.dfsg.1-7
-CVE-2007-1563 (The FTP protocol implementation in Opera 9.10 allows remote attackers ...)
+CVE-2007-1563
 	NOT-FOR-US: Opera
-CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and ...)
+CVE-2007-1562
 	- iceweasel 2.0.0.3-1 (low)
-CVE-2007-1560 (The clientProcessRequest() function in src/client_side.c in Squid 2.6 ...)
+CVE-2007-1560
 	- squid 2.6.5-6 (low)
 	[sarge] - squid <not-affected> (Vulnerable code not present)
-CVE-2007-1559 (Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in ...)
+CVE-2007-1559
 	NOT-FOR-US: Roxio
-CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3 ...)
+CVE-2007-1558
 	{DSA-1305-1 DSA-1300-1 DTSA-46-1 DTSA-47-1}
 	NOTE: Affects various clients, but no practical security implications
 	NOTE: MFSA2007-15
@@ -12366,412 +12366,412 @@ CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3 ..
 	NOTE: patch and etch's version does not (http://dev.mutt.org/trac/ticket/2846)
 	- balsa 2.3.17-1 (unimportant)
 	- claws-mail 2.9.1-1 (unimportant)
-CVE-2007-1557 (Format string vulnerability in F-Secure Anti-Virus Client Security ...)
+CVE-2007-1557
 	NOT-FOR-US: F-Secure
-CVE-2007-1556 (SQL injection vulnerability in kommentare.php in Creative Files 1.2 ...)
+CVE-2007-1556
 	NOT-FOR-US: Creative Files
-CVE-2007-1555 (SQL injection vulnerability in forum.php in the Minerva mod 2.0.21 ...)
+CVE-2007-1555
 	NOT-FOR-US: Minerva module of phpBB
-CVE-2007-1554 (Direct static code injection vulnerability in admin/configuration.php ...)
+CVE-2007-1554
 	NOT-FOR-US: Guestbara
-CVE-2007-1553 (admin/configuration.php in Guestbara 1.2 and earlier allows remote ...)
+CVE-2007-1553
 	NOT-FOR-US: Guestbara
-CVE-2007-1552 (Unrestricted file upload vulnerability in usercp.php in MetaForum ...)
+CVE-2007-1552
 	NOT-FOR-US: MetaForum
-CVE-2007-1551 (Multiple cross-site scripting (XSS) vulnerabilities in phpx 3.5.15 ...)
+CVE-2007-1551
 	NOT-FOR-US: phpx
-CVE-2007-1550 (Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote ...)
+CVE-2007-1550
 	NOT-FOR-US: phpx
-CVE-2007-1549 (Unrestricted file upload vulnerability in gallery.php in phpx 3.5.15 ...)
+CVE-2007-1549
 	NOT-FOR-US: phpx
-CVE-2007-1548 (SQL injection vulnerability in functions/functions_filters.asp in Web ...)
+CVE-2007-1548
 	NOT-FOR-US: Web Wiz Forums
-CVE-2007-1547 (The ReadRequestFromClient function in server/os/io.c in Network Audio ...)
+CVE-2007-1547
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1546 (Array index error in Network Audio System (NAS) before 1.8a SVN 237 ...)
+CVE-2007-1546
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1545 (The AddResource function in server/dia/resource.c in Network Audio ...)
+CVE-2007-1545
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1544 (Integer overflow in the ProcAuWriteElement function in ...)
+CVE-2007-1544
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1543 (Stack-based buffer overflow in the accept_att_local function in ...)
+CVE-2007-1543
 	{DSA-1273-1}
 	- nas 1.8-4 (medium; bug #416038)
-CVE-2007-1542 (Unspecified vulnerability in the Cisco IP Phone 7940 and 7960 running ...)
+CVE-2007-1542
 	NOT-FOR-US: Cisco
-CVE-2007-1541 (Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only ...)
+CVE-2007-1541
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1540 (Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 ...)
+CVE-2007-1540
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1539 (Directory traversal vulnerability in inc/map.func.php in pragmaMX ...)
+CVE-2007-1539
 	NOT-FOR-US: pragmaMX Landkarten
-CVE-2007-1538 (** DISPUTED ** ...)
+CVE-2007-1538
 	NOT-FOR-US: McAfee
-CVE-2007-1537 (\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 ...)
+CVE-2007-1537
 	NOT-FOR-US: Microsoft
-CVE-2007-1536 (Integer underflow in the file_printf function in the &quot;file&quot; program ...)
+CVE-2007-1536
 	{DSA-1274-1}
 	- file 4.20-1 (bug #415362; high)
 	NOTE: Has got lots of reverse dependencies.
 	NOTE: Some of them process remotely supplied untrusted input.
-CVE-2007-1535 (Microsoft Windows Vista establishes a Teredo address without user ...)
+CVE-2007-1535
 	NOT-FOR-US: Microsoft
-CVE-2007-1534 (DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains ...)
+CVE-2007-1534
 	NOT-FOR-US: Microsoft
-CVE-2007-1533 (The Teredo implementation in Microsoft Windows Vista uses the same ...)
+CVE-2007-1533
 	NOT-FOR-US: Microsoft
-CVE-2007-1532 (The neighbor discovery implementation in Microsoft Windows Vista ...)
+CVE-2007-1532
 	NOT-FOR-US: Microsoft
-CVE-2007-1531 (Microsoft Windows XP and Vista overwrites ARP table entries included ...)
+CVE-2007-1531
 	NOT-FOR-US: Microsoft
-CVE-2007-1530 (The LLTD Mapper in Microsoft Windows Vista does not properly gather ...)
+CVE-2007-1530
 	NOT-FOR-US: Microsoft
-CVE-2007-1529 (The LLTD Responder in Microsoft Windows Vista does not send the Mapper ...)
+CVE-2007-1529
 	NOT-FOR-US: Microsoft
-CVE-2007-1528 (The LLTD Mapper in Microsoft Windows Vista allows remote attackers to ...)
+CVE-2007-1528
 	NOT-FOR-US: Microsoft
-CVE-2007-1527 (The LLTD Mapper in Microsoft Windows Vista does not verify that an IP ...)
+CVE-2007-1527
 	NOT-FOR-US: Microsoft
-CVE-2007-1526 (Sun Java System Web Server 6.1 before 20070314 allows remote ...)
+CVE-2007-1526
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2007-1525 (Direct static code injection vulnerability in postpost.php in Dayfox ...)
+CVE-2007-1525
 	NOT-FOR-US: Dayfox Blog
-CVE-2007-1524 (Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 ...)
+CVE-2007-1524
 	NOT-FOR-US: ZomPlog
-CVE-2007-1523 (Heap-based buffer overflow in the kernel in NetBSD 3.0, certain ...)
+CVE-2007-1523
 	NOT-FOR-US: NetBSD
-CVE-2007-1522 (Double free vulnerability in the session extension in PHP 5.2.0 and ...)
+CVE-2007-1522
 	{DSA-1283-1}
 	- php5 5.2.2-1 (medium)
-CVE-2007-1521 (Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, ...)
+CVE-2007-1521
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php5 5.2.0-11 (medium)
 	- php4 6:4.4.6-2 (medium)
-CVE-2007-1520 (The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and ...)
+CVE-2007-1520
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1519 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...)
+CVE-2007-1519
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1518 (SQL injection vulnerability in usergroups.php in Woltlab Burning Board ...)
+CVE-2007-1518
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-1517 (SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 ...)
+CVE-2007-1517
 	NOT-FOR-US: WSN Guest
-CVE-2007-1561 (The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 ...)
+CVE-2007-1561
 	{DSA-1358-1}
 	- asterisk 1:1.4.2~dfsg-5 (bug #415466; medium)
 	NOTE: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html
-CVE-2007-1594 (The handle_response function in chan_sip.c in Asterisk before 1.2.17 ...)
+CVE-2007-1594
 	NOTE: Duplicate of CVE-2007-2297
-CVE-2007-1516 (PHP remote file inclusion vulnerability in functions/update.php in ...)
+CVE-2007-1516
 	NOT-FOR-US: CcMail
-CVE-2007-1515 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP H3 ...)
+CVE-2007-1515
 	- imp4 4.1.3-4 (medium; bug #415117)
-CVE-2007-1514 (PHP remote file inclusion vulnerability in index.php in ViperWeb ...)
+CVE-2007-1514
 	NOT-FOR-US: ViperWeb Portal
-CVE-2007-1513 (PHP remote file inclusion vulnerability in comanda.php in GraFX ...)
+CVE-2007-1513
 	NOT-FOR-US: WebSite Builder
-CVE-2007-1512 (Stack-based buffer overflow in the AfxOleSetEditMenu function in the ...)
+CVE-2007-1512
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1511 (Buffer overflow in FrontBase Relational Database Server 4.2.7 and ...)
+CVE-2007-1511
 	NOT-FOR-US: FrontBase Relational Database Server
-CVE-2007-1510 (SQL injection vulnerability in post.php in Particle Blogger 1.0.0 ...)
+CVE-2007-1510
 	NOT-FOR-US: Particle Blogger
-CVE-2007-1509 (Directory traversal vulnerability in enkrypt.php in Sascha Schroeder ...)
+CVE-2007-1509
 	NOT-FOR-US: krypt
-CVE-2007-1508 (Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in ...)
+CVE-2007-1508
 	NOT-FOR-US: DirectAdmin
-CVE-2007-1507 (The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x ...)
+CVE-2007-1507
 	{DSA-1271-1}
 	- openafs 1.4.2-6 (medium)
-CVE-2007-1506 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-1506
 	NOT-FOR-US: Oracle Portal
-CVE-2007-1505 (Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption ...)
+CVE-2007-1505
 	NOT-FOR-US: Fujistu FENCE-Pro
-CVE-2007-1504 (Cross-site scripting (XSS) vulnerability in the Servlet Service in ...)
+CVE-2007-1504
 	NOT-FOR-US: Fujitsu Interstage Application Server
-CVE-2007-1503 (Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b ...)
+CVE-2007-1503
 	- rhapsody <removed> (medium)
-CVE-2007-1502 (Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers ...)
+CVE-2007-1502
 	- rhapsody <removed> (medium)
-CVE-2007-1501 (Stack-based buffer overflow in Avant Browser 11.0 build 26 allows ...)
+CVE-2007-1501
 	NOT-FOR-US: Avant Browse
-CVE-2007-1500 (The Linux Security Auditing Tool (LSAT) allows local users to ...)
+CVE-2007-1500
 	NOT-FOR-US: Linux Security Auditing Tool
-CVE-2007-1499 (Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote ...)
+CVE-2007-1499
 	NOT-FOR-US: Internet Explorer
-CVE-2007-1498 (Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ...)
+CVE-2007-1498
 	NOT-FOR-US: SiteManager.SiteMgr.1 ActiveX control
-CVE-2007-1497 (nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not ...)
+CVE-2007-1497
 	{DSA-1289-1}
 	- linux-2.6 2.6.20-1 (medium)
-CVE-2007-1496 (nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows ...)
+CVE-2007-1496
 	{DSA-1289-1}
 	- linux-2.6 2.6.21-1 (medium)
-CVE-2007-1495 (The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 ...)
+CVE-2007-1495
 	NOT-FOR-US: Symantec Norton Personal Firewall
-CVE-2007-1494 (Cross-site scripting (XSS) vulnerability in NukeSentinel before 2.5.06 ...)
+CVE-2007-1494
 	NOT-FOR-US: NukeSentinel
-CVE-2007-1493 (nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive ...)
+CVE-2007-1493
 	NOT-FOR-US: NukeSentinel
-CVE-2007-1492 (winmm.dll in Microsoft Windows XP allows user-assisted remote ...)
+CVE-2007-1492
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2007-1491 (Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and ...)
+CVE-2007-1491
 	NOT-FOR-US: Avaya S87XX
-CVE-2007-1490 (Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 ...)
+CVE-2007-1490
 	NOT-FOR-US: Avaya S87XX
-CVE-2007-1489 (Unspecified vulnerability in web-app.org Web Automated Perl Portal ...)
+CVE-2007-1489
 	NOT-FOR-US: WebAPP
-CVE-2007-1488 (Unspecified vulnerability in Sun Java System Web Server 6.0 and 6.1 ...)
+CVE-2007-1488
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2007-1487 (Directory traversal vulnerability in index.php in Sascha Schroeder ...)
+CVE-2007-1487
 	NOT-FOR-US: CyberTeddy WebLog
-CVE-2007-1486 (PHP remote file inclusion vulnerability in template.class.php in ...)
+CVE-2007-1486
 	NOT-FOR-US: Carbonize Lazarus Guestbook
-CVE-2007-1485 (** DISPUTED ** ...)
+CVE-2007-1485
 	NOT-FOR-US: LIBFtp
-CVE-2007-1484 (The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x ...)
+CVE-2007-1484
 	- php4 <removed> (unimportant)
 	- php5 5.2.2-1 (unimportant)
 	NOTE: local malicious scripts only
-CVE-2007-1483 (Multiple PHP remote file inclusion vulnerabilities in WebCalendar ...)
+CVE-2007-1483
 	- webcalendar 1.0.5-1 (high)
 	[sarge] - webcalendar 0.9.45-4sarge7
 	NOTE: This was fixed in Sarge as a side-effect of an earlier fix, marking current
 	NOTE: Sarge version as fixed version
-CVE-2007-1482 (Cross-site scripting (XSS) vulnerability in index.php in WBBlog allows ...)
+CVE-2007-1482
 	NOT-FOR-US: WBBlog
-CVE-2007-1481 (SQL injection vulnerability in index.php in WBBlog allows remote ...)
+CVE-2007-1481
 	NOT-FOR-US: WBBlog
-CVE-2007-1480 (Creative Guestbook 1.0 allows remote attackers to add an ...)
+CVE-2007-1480
 	NOT-FOR-US: Creative Guestbook
-CVE-2007-1479 (Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative ...)
+CVE-2007-1479
 	NOT-FOR-US: Creative Guestbook
-CVE-2007-1478 (download.php in McGallery 0.5b allows remote attackers to read ...)
+CVE-2007-1478
 	NOT-FOR-US: McGallery
-CVE-2007-1477 (** DISPUTED ** ...)
+CVE-2007-1477
 	NOT-FOR-US: Point Of Sale for osCommerce
-CVE-2007-1476 (The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal ...)
+CVE-2007-1476
 	NOT-FOR-US: Symantec Norton Personal Firewall
-CVE-2007-1475 (Multiple buffer overflows in the (1) ibase_connect and (2) ...)
+CVE-2007-1475
 	- php4 <removed> (unimportant)
 	NOTE: Can only be triggered by malicious script
-CVE-2007-1474 (Argument injection vulnerability in the cleanup cron script in Horde ...)
+CVE-2007-1474
 	{DSA-1406-1}
 	- horde3 3.1.3-4 (medium)
-CVE-2007-1473 (Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in ...)
+CVE-2007-1473
 	{DSA-1406-1}
 	- horde3 3.1.4-1 (low; bug #434045)
-CVE-2007-1472 (Variable overwrite vulnerability in groupit/base/groupit.start.inc in ...)
+CVE-2007-1472
 	NOT-FOR-US: Groupit
-CVE-2007-1471 (admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass ...)
+CVE-2007-1471
 	NOT-FOR-US: Orion-Blog
-CVE-2007-1470 (Multiple buffer overflows in LIBFtp 5.0 allow user-assisted remote ...)
+CVE-2007-1470
 	NOT-FOR-US: LIBFtp
-CVE-2007-1469 (SQL injection vulnerability in gallery.asp in Absolute Image Gallery ...)
+CVE-2007-1469
 	NOT-FOR-US: Absolute Image Gallery
-CVE-2007-1468 (Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest ...)
+CVE-2007-1468
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2007-1467 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2007-1467
 	NOT-FOR-US: Cisco
-CVE-2007-1466 (Integer overflow in the WP6GeneralTextPacket::_readContents function ...)
+CVE-2007-1466
 	- libwpd 0.8.9-1 (medium)
 	[etch] - libwpd 0.8.7-6
-CVE-2007-1465 (Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 ...)
+CVE-2007-1465
 	NOT-FOR-US: dproxy
-CVE-2007-1464 (Format string vulnerability in the whiteboard Jabber protocol in ...)
+CVE-2007-1464
 	- inkscape 0.45.1-1 (medium)
 	[etch] - inkscape <not-affected> (Versions prior to 0.45 used loudmouth, which isn't affected)
-CVE-2007-1463 (Format string vulnerability in Inkscape before 0.45.1 allows ...)
+CVE-2007-1463
 	- inkscape 0.45.1-1 (low)
 	[etch] - inkscape <no-dsa> (Minor issue)
 	[sarge] - inkscape <no-dsa> (Minor issue)
 	NOTE: shell code would be prominently inside the file names
-CVE-2007-1462 (The luci server component in conga preserves the password between page ...)
+CVE-2007-1462
 	NOT-FOR-US: conga
-CVE-2007-1461 (The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP ...)
+CVE-2007-1461
 	- php5 5.2.2-1 (unimportant)
 	NOTE: Safemode and open_basedir bypasses not supported
-CVE-2007-1460 (The zip:// URL wrapper provided by the PECL zip extension in PHP ...)
+CVE-2007-1460
 	- php5 5.2.2-1 (unimportant)
 	NOTE: Safemode and open_basedir bypasses not supported
-CVE-2007-1459 (Multiple PHP remote file inclusion vulnerabilities in WebCreator ...)
+CVE-2007-1459
 	NOT-FOR-US: WebCreator
-CVE-2007-1458 (Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow ...)
+CVE-2007-1458
 	NOT-FOR-US: CARE2X
-CVE-2007-1457 (Buffer overflow in the urarlib_get function in Christian Scheurer ...)
+CVE-2007-1457
 	NOT-FOR-US: UniquE RAR File Library
-CVE-2007-1456 (** DISPUTED ** ...)
+CVE-2007-1456
 	NOT-FOR-US: PHP Photo Album
-CVE-2007-1455 (Multiple absolute path traversal vulnerabilities in Fantastico, as ...)
+CVE-2007-1455
 	NOT-FOR-US: Fantastico
-CVE-2007-1454 (ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the ...)
+CVE-2007-1454
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1453 (Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering ...)
+CVE-2007-1453
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1452 (The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement ...)
+CVE-2007-1452
 	- php5 <not-affected> (cpdf extension not enabled in binary build)
-CVE-2007-1451 (GuppY 4.0 allows remote attackers to delete arbitrary files via a ...)
+CVE-2007-1451
 	NOT-FOR-US: GuppY
-CVE-2007-1450 (SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and ...)
+CVE-2007-1450
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1449 (Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and ...)
+CVE-2007-1449
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1448 (The Tape Engine in CA (formerly Computer Associates) BrightStor ...)
+CVE-2007-1448
 	NOT-FOR-US: BrightStor ARCserve Backup
-CVE-2007-1447 (The Tape Engine in CA (formerly Computer Associates) BrightStor ...)
+CVE-2007-1447
 	NOT-FOR-US: BrightStor ARCserve Backup
-CVE-2007-1446 (Multiple PHP remote file inclusion vulnerabilities in Open Education ...)
+CVE-2007-1446
 	NOT-FOR-US: Open Education System
-CVE-2007-1445 (SQL injection vulnerability in the heme preview feature for ...)
+CVE-2007-1445
 	NOT-FOR-US: BP Blog
-CVE-2007-1444 (netserver in netperf 2.4.3 allows local users to overwrite arbitrary ...)
+CVE-2007-1444
 	- netperf 2.4.3-8 (bug #413658; medium)
 	[sarge] - netperf <no-dsa> (Non-free not supported)
 	[etch] - netperf <no-dsa> (Non-free not supported)
-CVE-2007-1443 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
+CVE-2007-1443
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-1442 (Oracle Database 10g uses a NULL pDacl parameter when calling the ...)
+CVE-2007-1442
 	NOT-FOR-US: Oracle Database
-CVE-2007-1441 (The 4thPass browser (BlackBerry Browser) on the RIM BlackBerry 8100 ...)
+CVE-2007-1441
 	NOT-FOR-US: BlackBerry 8100
-CVE-2007-1440 (SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 allows ...)
+CVE-2007-1440
 	NOT-FOR-US: JGBBS
-CVE-2007-1439 (PHP remote file inclusion vulnerability in ressourcen/dbopen.php in ...)
+CVE-2007-1439
 	NOT-FOR-US: MySQL Commander
-CVE-2007-1438 (SQL injection vulnerability in devami.asp in X-Ice News System 1.0 ...)
+CVE-2007-1438
 	NOT-FOR-US: X-Ice News System
-CVE-2007-1437 (Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger ...)
+CVE-2007-1437
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1436 (Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and ...)
+CVE-2007-1436
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1435 (Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to ...)
+CVE-2007-1435
 	NOT-FOR-US: D-Link TFTP Server
-CVE-2007-1434 (SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly ...)
+CVE-2007-1434
 	NOT-FOR-US: Grayscale Blog
-CVE-2007-1433 (Cross-site scripting (XSS) vulnerability in Grayscale Blog 0.8.0, and ...)
+CVE-2007-1433
 	NOT-FOR-US: Grayscale Blog
-CVE-2007-1432 (Grayscale Blog 0.8.0, and possibly earlier versions, allows remote ...)
+CVE-2007-1432
 	NOT-FOR-US: Grayscale Blog
-CVE-2007-1431 (Multiple unspecified vulnerabilities in PennMUSH 1.8.3 before 1.8.3p1 ...)
+CVE-2007-1431
 	- pennmush 1.8.2p7-1 (low; bug #436249)
 	[sarge] - pennmush <no-dsa> (Minor issue)
 	[etch] - pennmush <no-dsa> (Minor issue)
-CVE-2007-1430 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-1430
 	NOT-FOR-US: ClipShare
-CVE-2007-1429 (Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 ...)
+CVE-2007-1429
 	- moodle <not-affected>
 	NOTE: Security problem with the Windows version
 	NOTE: Debian Maintainer and Upstream state that debian is not affected
 	NOTE: and the problem is not reproducible there
-CVE-2007-1428 (SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 ...)
+CVE-2007-1428
 	NOT-FOR-US: JobSitePro
-CVE-2007-1427 (Directory traversal vulnerability in download_pdf.php in AssetMan 2.4a ...)
+CVE-2007-1427
 	NOT-FOR-US: AssetMan
-CVE-2007-1426 (The web interface in AstroCam 2.0.0 through 2.6.5 allows remote ...)
+CVE-2007-1426
 	NOT-FOR-US: AstroCam
-CVE-2007-1425 (SQL injection vulnerability in index.php in Triexa SonicMailer Pro ...)
+CVE-2007-1425
 	NOT-FOR-US: SonicMailer Pro
-CVE-2007-1424 (Multiple PHP remote file inclusion vulnerabilities in Softnews Media ...)
+CVE-2007-1424
 	NOT-FOR-US: DataLife Engine
-CVE-2007-1423 (Multiple PHP remote file inclusion vulnerabilities in WORK system ...)
+CVE-2007-1423
 	NOT-FOR-US: WORK system e-commerce
-CVE-2007-1422 (SQL injection vulnerability in goster.asp in fystyq Duyuru Scripti ...)
+CVE-2007-1422
 	NOT-FOR-US: Duyuru Scripti
-CVE-2007-1421 (Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2 ...)
+CVE-2007-1421
 	NOT-FOR-US: SubDog
-CVE-2007-1420 (MySQL 5.x before 5.0.36 allows local users to cause a denial of ...)
+CVE-2007-1420
 	- mysql-dfsg-5.0 5.0.32-8 (bug #414790)
 	[etch] - mysql-dfsg-5.0 5.0.32-7etch1
-CVE-2007-1419 (The Java Management Extensions Remote API Remote Method Invocation ...)
+CVE-2007-1419
 	NOT-FOR-US: JMX RMI-IIOP
-CVE-2007-1418 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-1418
 	NOT-FOR-US: DekiWiki
-CVE-2007-1417 (SQL injection vulnerability in index.php in HC NEWSSYSTEM 1.0-4 allows ...)
+CVE-2007-1417
 	NOT-FOR-US: NEWSSYSTEM
-CVE-2007-1416 (PHP remote file inclusion vulnerability in createurl.php in JCcorp ...)
+CVE-2007-1416
 	NOT-FOR-US: URLshrink
-CVE-2007-1415 (Multiple PHP remote file inclusion vulnerabilities in PMB Services ...)
+CVE-2007-1415
 	NOT-FOR-US: PMB Services
-CVE-2007-1414 (Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo ...)
+CVE-2007-1414
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-1413 (Buffer overflow in the snmpget function in the snmp extension in PHP ...)
+CVE-2007-1413
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1412 (The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 ...)
+CVE-2007-1412
 	- php4 <not-affected> (cpdf extension not enabled in binary build)
 	- php5 <not-affected> (cpdf extension not enabled in binary build)
-CVE-2007-1411 (Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 ...)
+CVE-2007-1411
 	- php4 <not-affected> (no mssql extension in Debian)
 	- php5 <not-affected> (no mssql extension in Debian)
-CVE-2007-1410 (SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal ...)
+CVE-2007-1410
 	NOT-FOR-US: GaziYapBoz Game Portal
-CVE-2007-1409 (WordPress allows remote attackers to obtain sensitive information via ...)
+CVE-2007-1409
 	- wordpress <not-affected> (Path disclosure)
-CVE-2007-1408 (Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) ...)
+CVE-2007-1408
 	NOT-FOR-US: Vallheru
-CVE-2007-1407 (Unspecified vulnerability in OpenSolution Quick.Cart before 2.1 has ...)
+CVE-2007-1407
 	NOT-FOR-US: Quick.Cart
-CVE-2007-1406 (Trac before 0.10.3.1 does not send a Content-Disposition HTTP header ...)
+CVE-2007-1406
 	[etch] - trac 0.10.3-1etch1
 	- trac 0.10.4-1 (bug #414134; bug #420219)
 	NOTE: Browser bug, only exploitable on IE, still fixed in a point release
-CVE-2007-1405 (Cross-site scripting (XSS) vulnerability in the &quot;download wiki page as ...)
+CVE-2007-1405
 	[etch] - trac 0.10.3-1etch1
 	- trac 0.10.4-1 (bug #414134; bug #420219)
 	NOTE: Browser bug, only exploitable on IE, still fixed in a point release
-CVE-2007-1404 (tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote ...)
+CVE-2007-1404
 	NOT-FOR-US: ProSysInfo TFTP Server
-CVE-2007-1403 (Multiple stack-based buffer overflows in an ActiveX control in ...)
+CVE-2007-1403
 	NOT-FOR-US: ActiveX control
-CVE-2007-1402 (The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows ...)
+CVE-2007-1402
 	NOT-FOR-US: Rediff Toolbar ActiveX control
-CVE-2007-1401 (Buffer overflow in the crack extension (CrackLib), as bundled with PHP ...)
+CVE-2007-1401
 	NOT-FOR-US: php doesn't ship with cracklib activated in debian.
-CVE-2007-1400 (Plash permits sandboxed processes to open /dev/tty, which allows local ...)
+CVE-2007-1400
 	NOT-FOR-US: Plash
-CVE-2007-1399 (Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP ...)
+CVE-2007-1399
 	{DSA-1330-1}
 	- php5 5.2.2-1 (medium)
-CVE-2007-1398 (The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when ...)
+CVE-2007-1398
 	- snort <not-affected> (Vulnerable code not present)
-CVE-2007-1397 (Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) ...)
+CVE-2007-1397
 	NOT-FOR-US: FiSH IRC Encryption
-CVE-2007-1396 (The import_request_variables function in PHP 4.0.7 through 4.4.6, and ...)
+CVE-2007-1396
 	- php5 5.2.2-1 (unimportant)
 	NOTE: Non-issue
-CVE-2007-1395 (Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 ...)
+CVE-2007-1395
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.0.2-1 (medium)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-1394 (Direct static code injection vulnerability in startsession.php in Flat ...)
+CVE-2007-1394
 	NOT-FOR-US: Flat Chat
-CVE-2007-1393 (PHP remote file inclusion vulnerability in mysave.php in Magic CMS ...)
+CVE-2007-1393
 	NOT-FOR-US: Magic CMS
-CVE-2007-1392 (Directory traversal vulnerability in down.php in netForo! 0.1g allows ...)
+CVE-2007-1392
 	NOT-FOR-US: netForo!
-CVE-2007-1391 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-1391
 	NOT-FOR-US: WEBO
-CVE-2007-1390 (Multiple cross-site scripting (XSS) vulnerabilities in dynaliens 2.0 ...)
+CVE-2007-1390
 	NOT-FOR-US: dynalias
-CVE-2007-1389 (dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication ...)
+CVE-2007-1389
 	NOT-FOR-US: dynalias
-CVE-2007-1388 (The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux ...)
+CVE-2007-1388
 	- linux-2.6 2.6.18.dfsg.1-12
-CVE-2007-1387 (The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer ...)
+CVE-2007-1387
 	{DSA-1536-1}
 	- mplayer 1.0~rc1-13 (bug #414075; low)
 	- xine-lib 1.1.2+dfsg-3 (bug #414072; low)
@@ -12779,133 +12779,133 @@ CVE-2007-1387 (The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer
 	[sarge] - xine-lib <no-dsa> (Only affects external, proprietary w32codecs addons)
 CVE-2007-1386
 	RESERVED
-CVE-2007-1385 (chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to ...)
+CVE-2007-1385
 	- ktorrent 2.0.3+dfsg1-2.1 (bug #414832; medium)
-CVE-2007-1384 (Directory traversal vulnerability in torrent.cpp in KTorrent before ...)
+CVE-2007-1384
 	- ktorrent 2.0.3+dfsg1-2.1 (bug #414832; medium)
-CVE-2007-1383 (Integer overflow in the 16 bit variable reference counter in PHP 4 ...)
+CVE-2007-1383
 	- php4 <removed> (unimportant)
 	NOTE: Only triggerable by malicious PHP scripts, PHP5 not "affected"
-CVE-2007-1382 (The PHP COM extensions for PHP on Windows systems allow ...)
+CVE-2007-1382
 	NOT-FOR-US: Windows PHP COM extensions
-CVE-2007-1381 (The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and ...)
+CVE-2007-1381
 	- php5 <not-affected> (Affected only a php5 CVS version, not a release)
-CVE-2007-1380 (The php_binary serialization handler in the session extension in PHP ...)
+CVE-2007-1380
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.6-1 (low)
 	- php5 5.2.0-11 (low)
-CVE-2007-1379 (The ovrimos_close function in the Ovrimos extension for PHP before ...)
+CVE-2007-1379
 	- php4 <not-affected> (Ovrimus support not included in Debian's PHP packages)
-CVE-2007-1378 (The ovrimos_longreadlen function in the Ovrimos extension for PHP ...)
+CVE-2007-1378
 	- php4 <not-affected> (Ovrimus support not included in Debian's PHP packages)
-CVE-2007-1377 (AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, ...)
+CVE-2007-1377
 	NOT-FOR-US: Adobe Reader
-CVE-2007-1376 (The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x ...)
+CVE-2007-1376
 	{DSA-1283-1 DTSA-39-1}
 	- php4 <removed>
 	- php5 5.2.0-11
 	NOTE: Only triggerable by malicious script
-CVE-2007-1375 (Integer overflow in the substr_compare function in PHP 5.2.1 and ...)
+CVE-2007-1375
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (low)
 	NOTE: Should be fixed, could be used as a stepstone for further attacks
-CVE-2007-1374 (Cross-site scripting (XSS) vulnerability in pop_profile.asp in Snitz ...)
+CVE-2007-1374
 	NOT-FOR-US: Snitz Forums
-CVE-2007-1373 (Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport ...)
+CVE-2007-1373
 	NOT-FOR-US: Mercury Mail Transport System
-CVE-2007-1372 (PHP remote file inclusion vulnerability in styles/internal/header.php ...)
+CVE-2007-1372
 	NOT-FOR-US: PostGuestbook
-CVE-2007-1371 (Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local ...)
+CVE-2007-1371
 	- conquest 8.2b-1 (low)
 	[sarge] - conquest <no-dsa> (Minor issue)
 	[etch] - conquest <no-dsa> (Minor issue)
-CVE-2007-1370 (Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and ...)
+CVE-2007-1370
 	NOT-FOR-US: Zend Platform
-CVE-2007-1369 (ini_modifier (sgid-zendtech) in Zend Platform 2.2.3 and earlier allows ...)
+CVE-2007-1369
 	NOT-FOR-US: Zend Platform
-CVE-2007-1368 (The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before ...)
+CVE-2007-1368
 	NOT-FOR-US: Drupal module Project
-CVE-2007-1367 (Cross-site scripting (XSS) vulnerability in the login page in Avaya ...)
+CVE-2007-1367
 	NOT-FOR-US: Avaya Communications Manager
-CVE-2007-1366 (QEMU 0.8.2 allows local users to crash a virtual machine via the ...)
+CVE-2007-1366
 	{DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
-CVE-2007-1365 (Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows ...)
+CVE-2007-1365
 	NOT-FOR-US: OpenBSD Kernel
-CVE-2007-1364 (DropAFew before 0.2.1 does not require authorization for certain ...)
+CVE-2007-1364
 	NOT-FOR-US: DropAFew
-CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow ...)
+CVE-2007-1363
 	NOT-FOR-US: DropAFew
-CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+CVE-2007-1362
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-14
 	- iceape 1.1.2-1 (low)
 	- iceweasel 2.0.0.4-1 (low)
 	- xulrunner 1.8.1.4-1 (low)
-CVE-2007-1361 (Cross-site scripting (XSS) vulnerability in virtuemart_parser.php in ...)
+CVE-2007-1361
 	NOT-FOR-US: VirtueMart
-CVE-2007-1360 (Unspecified vulnerability in the Nodefamily module for Drupal 5.x ...)
+CVE-2007-1360
 	NOT-FOR-US: Drupal module Nodefamily
-CVE-2007-1359 (Interpretation conflict in ModSecurity (mod_security) 2.1.0 and ...)
+CVE-2007-1359
 	- libapache-mod-security 2.1.2-1
-CVE-2007-1358 (Cross-site scripting (XSS) vulnerability in certain applications using ...)
+CVE-2007-1358
 	- tomcat4 <removed> (low)
 	[sarge] - tomcat4 <no-dsa> (Contrib not supported)
-CVE-2007-1357 (The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before ...)
+CVE-2007-1357
 	{DSA-1304 DSA-1286-1}
 	- linux-2.6 2.6.20-1
 CVE-2007-1356
 	REJECTED
-CVE-2007-1355 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2007-1355
 	- tomcat4 <removed> (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.25-1 (unimportant)
 	NOTE: Just an example application for documentation purposes
-CVE-2007-1354 (The Access Control functionality (JMXOpsAccessControlFilter) in JMX ...)
+CVE-2007-1354
 	NOT-FOR-US: JBoss Application Server
-CVE-2007-1353 (The setsockopt function in the L2CAP and HCI Bluetooth support in the ...)
+CVE-2007-1353
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1356-1}
 	- linux-2.6 2.6.22-1 (low)
-CVE-2007-1352 (Integer overflow in the FontFileInitTable function in X.Org libXfont ...)
+CVE-2007-1352
 	{DSA-1294-1}
 	- libxfont 1:1.2.2-2 (medium)
-CVE-2007-1351 (Integer overflow in the bdfReadCharacters function in bdfread.c in (1) ...)
+CVE-2007-1351
 	{DSA-1454-1 DSA-1294-1}
 	- libxfont 1:1.2.2-2 (medium)
 	- freetype 2.3.5-1 (medium; bug #426771)
-CVE-2007-1350 (Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 ...)
+CVE-2007-1350
 	NOT-FOR-US: Novell NetMail
-CVE-2007-1349 (PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in ...)
+CVE-2007-1349
 	- apache <removed> (low)
 	- libapache2-mod-perl2 2.0.2-5 (low; bug #433549)
 	[etch] - libapache2-mod-perl2 <no-dsa> (Minor issue)
 	[etch] - apache 1.3.34-4.1+etch1
 CVE-2007-1348
 	REJECTED
-CVE-2007-1347 (Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and ...)
+CVE-2007-1347
 	NOT-FOR-US: Microsoft Windows Explorer
-CVE-2007-1346 (Unspecified vulnerability in ipmitool for Sun Fire X2100M2 and X2200M2 ...)
+CVE-2007-1346
 	NOT-FOR-US: Sun Fire Server
-CVE-2007-1345 (Unspecified vulnerability in cube.exe in the GINA component for CA ...)
+CVE-2007-1345
 	NOT-FOR-US: CA eTrust Admin
-CVE-2007-1344 (Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 ...)
+CVE-2007-1344
 	NOT-FOR-US: Ezstream
-CVE-2007-1343 (includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does ...)
+CVE-2007-1343
 	{DSA-1267-1}
 	- webcalendar 1.0.5-1 (high)
-CVE-2007-1342 (Cross-site scripting (XSS) vulnerability in admincp/index.php in ...)
+CVE-2007-1342
 	NOT-FOR-US: vBulletin
-CVE-2007-1341 (include/auth/auth.php in Simple Invoices before 2007 03 05 does not ...)
+CVE-2007-1341
 	NOT-FOR-US: Simple Invoices
-CVE-2007-1340 (PHP remote file inclusion vulnerability in eintrag.php in Weltennetz ...)
+CVE-2007-1340
 	NOT-FOR-US: News-Letterman
-CVE-2007-1339 (SQL injection vulnerability in index.php in Links Management ...)
+CVE-2007-1339
 	NOT-FOR-US: Links Management Application
-CVE-2007-1338 (The default configuration of the AirPort utility in Apple AirPort ...)
+CVE-2007-1338
 	NOT-FOR-US: Apple AirPort Extreme
-CVE-2007-1337 (The virtual machine process (VMX) in VMware Workstation before 5.5.4 ...)
+CVE-2007-1337
 	NOT-FOR-US: VMware
 CVE-2007-1336
 	RESERVED
@@ -12915,46 +12915,46 @@ CVE-2007-1334
 	RESERVED
 CVE-2007-1333
 	RESERVED
-CVE-2007-1332 (Multiple cross-site request forgery (CSRF) vulnerabilities in TKS ...)
+CVE-2007-1332
 	NOT-FOR-US: TKS Banking Solutions ePortfolio
-CVE-2007-1331 (Multiple cross-site scripting (XSS) vulnerabilities in TKS Banking ...)
+CVE-2007-1331
 	NOT-FOR-US: TKS Banking Solutions ePortfolio
-CVE-2007-1330 (Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) ...)
+CVE-2007-1330
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-1329 (Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before ...)
+CVE-2007-1329
 	- sql-ledger <unfixed> (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1328 (Cross-site scripting (XSS) vulnerability in formulaire.php in Bernard ...)
+CVE-2007-1328
 	NOT-FOR-US: JOLY BJ Webring
-CVE-2007-1327 (The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in ...)
+CVE-2007-1327
 	NOT-FOR-US: silc daemon
-CVE-2007-1326 (SQL injection vulnerability in index.php in Serendipity 1.1.1 allows ...)
+CVE-2007-1326
 	- serendipity <removed> (unimportant)
 	NOTE: http://blog.s9y.org/archives/164-Serendipity-1.1.2-released.html
-CVE-2007-1325 (The PMA_ArrayWalkRecursive function in libraries/common.lib.php in ...)
+CVE-2007-1325
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.0.2-1
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-1324 (SnapGear 560, 585, 580, 640, 710, and 720 appliances before the ...)
+CVE-2007-1324
 	NOT-FOR-US: SnapGear
 CVE-2007-1323
 	REJECTED
-CVE-2007-1322 (QEMU 0.8.2 allows local users to halt a virtual machine by executing ...)
+CVE-2007-1322
 	{DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
-CVE-2007-1321 (Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used ...)
+CVE-2007-1321
 	{DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
-CVE-2007-1320 (Multiple heap-based buffer overflows in the cirrus_invalidate_region ...)
+CVE-2007-1320
 	{DSA-1384-1 DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
 	- xen-3 3.1.0-2 (bug #444007; medium)
 	- xen-3.0 <removed>
-CVE-2007-1319 (Unspecified vulnerability in the IOPCServer::RemoveGroup function in ...)
+CVE-2007-1319
 	NOT-FOR-US: DeviceXPlorer OLE
 CVE-2007-1318
 	RESERVED
@@ -12966,7 +12966,7 @@ CVE-2007-1315
 	RESERVED
 CVE-2007-1314
 	RESERVED
-CVE-2007-1313 (NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly ...)
+CVE-2007-1313
 	NOT-FOR-US: NETxAutomation NETxEIB OPC Server
 CVE-2007-1312
 	RESERVED
@@ -12974,64 +12974,64 @@ CVE-2007-1311
 	RESERVED
 CVE-2007-1310
 	RESERVED
-CVE-2007-1309 (Novell Access Management 3 SSLVPN Server allows remote authenticated ...)
+CVE-2007-1309
 	NOT-FOR-US: Novell Access Management
-CVE-2007-1308 (ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE ...)
+CVE-2007-1308
 	- kdelibs <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
-CVE-2007-1307 (Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter before ...)
+CVE-2007-1307
 	NOT-FOR-US: Microsoft Windows Driver for Intel PRO/1000 LAN
-CVE-2007-1306 (Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote ...)
+CVE-2007-1306
 	{DSA-1358-1}
 	- asterisk 1:1.2.16~dfsg-1 (medium)
-CVE-2007-1305 (Multiple cross-site scripting (XSS) vulnerabilities in add2.php in ...)
+CVE-2007-1305
 	NOT-FOR-US: Sava's Guestbook
-CVE-2007-1304 (Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook ...)
+CVE-2007-1304
 	NOT-FOR-US: Sava's Guestbook
-CVE-2007-1303 (Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and ...)
+CVE-2007-1303
 	NOT-FOR-US: RRDBrowse
-CVE-2007-1302 (SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when ...)
+CVE-2007-1302
 	NOT-FOR-US: LI-Guestbook
-CVE-2007-1301 (Stack-based buffer overflow in the IMAP service in MailEnable ...)
+CVE-2007-1301
 	NOT-FOR-US: MailEnable Enterprise
-CVE-2007-1300 (DOURAN Software Technologies ISPUtil 3.32.84.1, and possibly earlier ...)
+CVE-2007-1300
 	NOT-FOR-US: ISPUtil
-CVE-2007-1299 (PHP remote file inclusion vulnerability in index.php in Mani Stats ...)
+CVE-2007-1299
 	NOT-FOR-US: Mani Stats Reader
-CVE-2007-1298 (SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows ...)
+CVE-2007-1298
 	NOT-FOR-US: AJ Auction
-CVE-2007-1297 (SQL injection vulnerability in view_profile.php in AJDating 1.0 allows ...)
+CVE-2007-1297
 	NOT-FOR-US: AJ Dating
-CVE-2007-1296 (SQL injection vulnerability in postingdetails.php in AJ Classifieds ...)
+CVE-2007-1296
 	NOT-FOR-US: AJ Classifieds
-CVE-2007-1295 (SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows ...)
+CVE-2007-1295
 	NOT-FOR-US: AJ Forum
-CVE-2007-1294 (A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in ...)
+CVE-2007-1294
 	NOT-FOR-US: DivXBrowserPlugin ActiveX control
-CVE-2007-1293 (SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when ...)
+CVE-2007-1293
 	NOT-FOR-US: Rigter Portal System
-CVE-2007-1292 (SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin ...)
+CVE-2007-1292
 	NOT-FOR-US: vBulletin
-CVE-2007-1291 (Multiple cross-site scripting (XSS) vulnerabilities in Tyger Bug ...)
+CVE-2007-1291
 	NOT-FOR-US: TygerBT
-CVE-2007-1290 (SQL injection vulnerability in ViewReport.php in Tyger Bug Tracking ...)
+CVE-2007-1290
 	NOT-FOR-US: TygerBT
-CVE-2007-1289 (SQL injection vulnerability in ViewBugs.php in Tyger Bug Tracking ...)
+CVE-2007-1289
 	NOT-FOR-US: TygerBT
-CVE-2007-1288 (Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News ...)
+CVE-2007-1288
 	NOT-FOR-US: WB News
 CVE-2007-XXXX [unsafe temporary file in lintian's objdump-info]
 	- lintian 1.23.28 (low)
 	[sarge] - lintian <not-affected> (Vulnerable code not present)
-CVE-2007-1287 (A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and ...)
+CVE-2007-1287
 	- php4 <removed> (unimportant)
 	[sarge] - php4 <not-affected> (Regression introduced in 4.4.3)
 	NOTE: Non-issue, explicit debug feature
-CVE-2007-1286 (Integer overflow in PHP 4.4.4 and earlier allows remote ...)
+CVE-2007-1286
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php4 6:4.4.6-1 (low)
 	- php5 5.2.0-11 (low)
-CVE-2007-1285 (The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows ...)
+CVE-2007-1285
 	- php5 5.2.2-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Needs to be sanisited within apps, only crashes the current instance anyway
@@ -13039,20 +13039,20 @@ CVE-2007-1284
 	RESERVED
 CVE-2007-1283
 	RESERVED
-CVE-2007-1282 (Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey ...)
+CVE-2007-1282
 	{DSA-1336-1}
 	- icedove 1.5.0.10.dfsg1-1 (medium)
-CVE-2007-1281 (Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux ...)
+CVE-2007-1281
 	NOT-FOR-US: Kaspersky AntiVirus Engine
-CVE-2007-1280 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and ...)
+CVE-2007-1280
 	NOT-FOR-US: Adobe
-CVE-2007-1279 (Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 ...)
+CVE-2007-1279
 	NOT-FOR-US: Adobe
-CVE-2007-1278 (Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 ...)
+CVE-2007-1278
 	NOT-FOR-US: Adobe JRun and Coldfusion
-CVE-2007-1277 (WordPress 2.1.1, as downloaded from some official distribution sites ...)
+CVE-2007-1277
 	- wordpress <not-affected> (orig.tar.gz not compromised)
-CVE-2007-1276 (Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in ...)
+CVE-2007-1276
 	- webmin <removed>
 CVE-2007-1275
 	RESERVED
@@ -13061,427 +13061,427 @@ CVE-2007-1274
 CVE-2007-XXXX [buffer overruns in GIT's http-push.c, fixed in 1.5.0.3]
 	- git-core 1:1.5.0.3-1 (bug #413629; low)
 	[etch] - git-core 1:1.4.4.4-2 (bug #413629; low)
-CVE-2007-1273 (Integer overflow in the ktruser function in NetBSD-current before ...)
+CVE-2007-1273
 	NOT-FOR-US: NetBSD Kernel
 CVE-2007-1272
 	RESERVED
-CVE-2007-1271 (Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow ...)
+CVE-2007-1271
 	NOT-FOR-US: VMware ESX Server
-CVE-2007-1270 (Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows ...)
+CVE-2007-1270
 	NOT-FOR-US: VMware ESX Server
-CVE-2007-1269 (GNUMail 1.1.2 and earlier does not properly use the --status-fd ...)
+CVE-2007-1269
 	- gnumail <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1268 (Mutt 1.5.13 and earlier does not properly use the --status-fd argument ...)
+CVE-2007-1268
 	- mutt <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1267 (Sylpheed 2.2.7 and earlier does not properly use the --status-fd ...)
+CVE-2007-1267
 	- sylpheed <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1266 (Evolution 2.8.1 and earlier does not properly use the --status-fd ...)
+CVE-2007-1266
 	- evolution <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1265 (KMail 1.9.5 and earlier does not properly use the --status-fd argument ...)
+CVE-2007-1265
 	- kdepim <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1264 (Enigmail 0.94.2 and earlier does not properly use the --status-fd ...)
+CVE-2007-1264
 	- enigmail 2:0.95.0+1-1 (unimportant; bug #415225)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1263 (GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the ...)
+CVE-2007-1263
 	{DSA-1266-1}
 	- gnupg 1.4.6-2 (bug #413922; low)
 	- gpgme1.0 1.1.2-3 (bug #414170; low)
 	- gnupg2 2.0.3-1
 	[sarge] - gnupg2 <no-dsa> (Minor issue)
 	[etch] - gnupg2 <no-dsa> (Minor issue)
-CVE-2007-1262 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter ...)
+CVE-2007-1262
 	{DSA-1290-1}
 	- squirrelmail 2:1.4.10a-1
-CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before ...)
+CVE-2007-1261
 	NOT-FOR-US: OpenBiblio
-CVE-2007-1260 (Stack-based buffer overflow in the connectHandle function in ...)
+CVE-2007-1260
 	NOT-FOR-US: WebMod
-CVE-2007-1259 (Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have ...)
+CVE-2007-1259
 	NOT-FOR-US: WebAPP
-CVE-2007-1258 (Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and ...)
+CVE-2007-1258
 	NOT-FOR-US: Cisco
-CVE-2007-1257 (The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, ...)
+CVE-2007-1257
 	NOT-FOR-US: Cisco
-CVE-2007-1256 (Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address ...)
+CVE-2007-1256
 	- iceweasel <removed> (unimportant)
 	NOTE: Not exploitable
-CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in ...)
+CVE-2007-1255
 	NOT-FOR-US: Connectix Boards
-CVE-2007-1254 (SQL injection vulnerability in part.userprofile.php in Connectix ...)
+CVE-2007-1254
 	NOT-FOR-US: Connectix Boards
-CVE-2007-1253 (Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script ...)
+CVE-2007-1253
 	- blender 2.42a-6 (medium)
 	[sarge] - blender <not-affected> (bug was introduced in version 2.42)
 	NOTE: http://lists.alioth.debian.org/pipermail/secure-testing-team/2007-March/001095.html
-CVE-2007-1252 (Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch ...)
+CVE-2007-1252
 	NOT-FOR-US: Symantec Mail Security
-CVE-2007-1251 (Format string vulnerability in the new_warning function in ...)
+CVE-2007-1251
 	NOT-FOR-US: Netrek Vanilla Server
-CVE-2007-1250 (SQL injection vulnerability in section/default.asp in ANGEL Learning ...)
+CVE-2007-1250
 	NOT-FOR-US: Learning Management Suite
-CVE-2007-1249 (MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 ...)
+CVE-2007-1249
 	NOT-FOR-US: Contelligent
-CVE-2007-1248 (Multiple cross-site scripting (XSS) vulnerabilities in built2go News ...)
+CVE-2007-1248
 	NOT-FOR-US: News Manager Blog
-CVE-2007-1247 (Multiple PHP remote file inclusion vulnerabilities in aWeb Labs ...)
+CVE-2007-1247
 	NOT-FOR-US: aWebNews
-CVE-2007-1246 (The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in ...)
+CVE-2007-1246
 	{DSA-1536-1}
 	- mplayer 1.0~rc1-13 (bug #414075; medium)
 	- xine-lib 1.1.2+dfsg-3 (bug #414072; medium)
 	[etch] - mplayer 1.0~rc1-12etch
 	[sarge] - xine-lib <no-dsa> (Only affects external, proprietary w32codecs addons)
 	NOTE: vlc checked, and is not affected.
-CVE-2007-1245 (IrfanView 3.99 allows remote attackers to cause a denial of service ...)
+CVE-2007-1245
 	NOT-FOR-US: IrfanView
-CVE-2007-1244 (Cross-site request forgery (CSRF) vulnerability in the AdminPanel in ...)
+CVE-2007-1244
 	- wordpress 2.1.2-1 (medium)
 	[etch] - wordpress 2.0.10
-CVE-2007-1243 (Audins Audiens 3.3 allows remote attackers to bypass authentication ...)
+CVE-2007-1243
 	NOT-FOR-US: Audins Audiens
-CVE-2007-1242 (SQL injection vulnerability in system/index.php in Audins Audiens 3.3 ...)
+CVE-2007-1242
 	NOT-FOR-US: Audins Audiens
-CVE-2007-1241 (Cross-site scripting (XSS) vulnerability in setup.php in Audins ...)
+CVE-2007-1241
 	NOT-FOR-US: Audins Audiens
-CVE-2007-1240 (Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS ...)
+CVE-2007-1240
 	NOT-FOR-US: Docebo CMS
-CVE-2007-1239 (Microsoft Excel 2003 does not properly parse .XLS files, which allows ...)
+CVE-2007-1239
 	NOT-FOR-US: Microsoft Office
-CVE-2007-1238 (Microsoft Office 2003 allows user-assisted remote attackers to cause a ...)
+CVE-2007-1238
 	NOT-FOR-US: Microsoft Office
-CVE-2007-1237 (sitex allows remote attackers to obtain potentially sensitive ...)
+CVE-2007-1237
 	NOT-FOR-US: sitex
-CVE-2007-1236 (sitex allows remote attackers to obtain sensitive information via a ...)
+CVE-2007-1236
 	NOT-FOR-US: sitex
-CVE-2007-1235 (Unrestricted file upload vulnerability in sitex allows remote ...)
+CVE-2007-1235
 	NOT-FOR-US: sitex
-CVE-2007-1234 (Multiple cross-site scripting (XSS) vulnerabilities in sitex allow ...)
+CVE-2007-1234
 	NOT-FOR-US: sitex
-CVE-2007-1233 (PHP remote file inclusion vulnerability in downloadcounter.php in ...)
+CVE-2007-1233
 	NOT-FOR-US: STWC-Counter
-CVE-2007-1232 (Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote ...)
+CVE-2007-1232
 	NOT-FOR-US: SQLiteManager
-CVE-2007-1231 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager ...)
+CVE-2007-1231
 	NOT-FOR-US: SQLiteManager
-CVE-2007-1230 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2007-1230
 	- wordpress 2.1.2-1 (medium)
 	[etch] - wordpress 2.0.10
-CVE-2007-1229 (Cross-site scripting (XSS) vulnerability in the Nullsoft ...)
+CVE-2007-1229
 	NOT-FOR-US: Nullsoft ShoutcastServer
-CVE-2007-1228 (IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix ...)
+CVE-2007-1228
 	NOT-FOR-US: IBM DB2
-CVE-2007-1227 (VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 ...)
+CVE-2007-1227
 	NOT-FOR-US: McAfee VirusScan
-CVE-2007-1226 (McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak ...)
+CVE-2007-1226
 	NOT-FOR-US: McAfee VirusScan
-CVE-2007-1225 (The connection log file implementation in Grok Developments NetProxy ...)
+CVE-2007-1225
 	NOT-FOR-US: Grok Developments NetProxy
-CVE-2007-1224 (Grok Developments NetProxy 4.03 allows remote attackers to bypass URL ...)
+CVE-2007-1224
 	NOT-FOR-US: Grok Developments NetProxy
-CVE-2007-1223 (Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows ...)
+CVE-2007-1223
 	NOT-FOR-US: Hitachi OSAS/FT/W
-CVE-2007-1222 (Parallels Desktop for Mac before 20070216 implements Drag and Drop by ...)
+CVE-2007-1222
 	NOT-FOR-US: Parallels Desktop
-CVE-2007-1221 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows ...)
+CVE-2007-1221
 	NOT-FOR-US: Microsoft Xbox 360
-CVE-2007-1220 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not ...)
+CVE-2007-1220
 	NOT-FOR-US: Microsoft Xbox 360
-CVE-2007-1219 (PHP remote file inclusion vulnerability in actions/del.php in Admin ...)
+CVE-2007-1219
 	NOT-FOR-US: Phorum
-CVE-2007-1217 (Buffer overflow in the bufprint function in capiutil.c in libcapi, as ...)
+CVE-2007-1217
 	- isdnutils 1:3.9.20060704-3 (bug #408530; low)
 	[sarge] - isdnutils <no-dsa> (Not exploitable over ISDN network)
 	- asterisk-chan-capi 0.7.1-1.1 (bug #411293; unimportant)
 	- linux-2.6 2.6.21-1 (bug #411294; unimportant)
 	NOTE: Not exploitable over ISDN network, only theoretically through a dedicated CAPI server
-CVE-2007-1216 (Double free vulnerability in the GSS-API library ...)
+CVE-2007-1216
 	{DSA-1276-1}
 	- krb5 1.4.4-8 (high)
-CVE-2007-1215 (Buffer overflow in the Graphics Device Interface (GDI) in Microsoft ...)
+CVE-2007-1215
 	NOT-FOR-US: Microsoft GDI
-CVE-2007-1214 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 ...)
+CVE-2007-1214
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-1213 (The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows ...)
+CVE-2007-1213
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1212 (Buffer overflow in the Graphics Device Interface (GDI) in Microsoft ...)
+CVE-2007-1212
 	NOT-FOR-US: Microsoft GDI
-CVE-2007-1211 (Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP ...)
+CVE-2007-1211
 	NOT-FOR-US: Microsoft Windows
 CVE-2007-1210
 	REJECTED
-CVE-2007-1209 (Use-after-free vulnerability in the Client/Server Run-time Subsystem ...)
+CVE-2007-1209
 	NOT-FOR-US: Windows Vista
 CVE-2007-1208
 	REJECTED
 CVE-2007-1207
 	REJECTED
-CVE-2007-1206 (The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft ...)
+CVE-2007-1206
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1205 (Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in ...)
+CVE-2007-1205
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1204 (Stack-based buffer overflow in the Universal Plug and Play (UPnP) ...)
+CVE-2007-1204
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1203 (Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 ...)
+CVE-2007-1203
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-1202 (Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, ...)
+CVE-2007-1202
 	NOT-FOR-US: Microsoft Word
-CVE-2007-1201 (Unspecified vulnerability in certain COM objects in Microsoft Office ...)
+CVE-2007-1201
 	NOT-FOR-US: Microsoft Office
 CVE-2007-1200
 	RESERVED
-CVE-2007-1199 (Adobe Reader and Acrobat Trial allow remote attackers to read ...)
+CVE-2007-1199
 	NOT-FOR-US: Acrobat Reader
-CVE-2007-1198 (Cross-site scripting (XSS) vulnerability in TaskFreak! before 0.5.7 ...)
+CVE-2007-1198
 	NOT-FOR-US: TaskFreak!
-CVE-2007-1197 (Multiple unspecified vulnerabilities in Epiware before 4.7.5 have ...)
+CVE-2007-1197
 	NOT-FOR-US: Epiware
-CVE-2007-1196 (Unspecified vulnerability in Citrix Presentation Server Client for ...)
+CVE-2007-1196
 	NOT-FOR-US: Citrix
-CVE-2007-1195 (Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow ...)
+CVE-2007-1195
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2007-1194 (Norman SandBox Analyzer does not use the proper range for Interrupt ...)
+CVE-2007-1194
 	NOT-FOR-US: SandBox Analyzer
-CVE-2007-1193 (Multiple unspecified vulnerabilities in the Login page in OrangeHRM ...)
+CVE-2007-1193
 	NOT-FOR-US: OrangeHRM
-CVE-2007-1192 (Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive ...)
+CVE-2007-1192
 	NOT-FOR-US: HyperBook Guestbook
-CVE-2007-1191 (The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes ...)
+CVE-2007-1191
 	NOT-FOR-US: Quicksilver plugin Social Bookmarks
-CVE-2007-1190 (Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX ...)
+CVE-2007-1190
 	NOT-FOR-US: EmbeddedWB ActiveX control
-CVE-2007-1189 (Integer overflow in the envwrite function in the Alcatel-Lucent Bell ...)
+CVE-2007-1189
 	NOT-FOR-US: Alcatel-Lucent Bell Labs Plan 9
-CVE-2007-1188 (WebAPP before 0.9.9.5 allows remote attackers to submit Search form ...)
+CVE-2007-1188
 	NOT-FOR-US: WebAPP
-CVE-2007-1187 (WebAPP before 0.9.9.5 allows remote authenticated users, without admin ...)
+CVE-2007-1187
 	NOT-FOR-US: WebAPP
-CVE-2007-1186 (WebAPP before 0.9.9.5 does not &quot;censor&quot; the Latest Member real name, ...)
+CVE-2007-1186
 	NOT-FOR-US: WebAPP
-CVE-2007-1185 (The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval ...)
+CVE-2007-1185
 	NOT-FOR-US: WebAPP
-CVE-2007-1184 (The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA ...)
+CVE-2007-1184
 	NOT-FOR-US: WebAPP
-CVE-2007-1183 (WebAPP before 0.9.9.5 allows remote authenticated users to spoof ...)
+CVE-2007-1183
 	NOT-FOR-US: WebAPP
-CVE-2007-1182 (WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest ...)
+CVE-2007-1182
 	NOT-FOR-US: WebAPP
-CVE-2007-1181 (WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the ...)
+CVE-2007-1181
 	NOT-FOR-US: WebAPP
-CVE-2007-1180 (WebAPP before 0.9.9.5 does not check referrers in certain forms, which ...)
+CVE-2007-1180
 	NOT-FOR-US: WebAPP
-CVE-2007-1179 (WebAPP before 0.9.9.5 does not properly manage e-mail addresses in ...)
+CVE-2007-1179
 	NOT-FOR-US: WebAPP
-CVE-2007-1178 (WebAPP before 0.9.9.5 does not check access in certain contexts ...)
+CVE-2007-1178
 	NOT-FOR-US: WebAPP
-CVE-2007-1177 (WebAPP before 0.9.9.5 does not properly filter certain characters in ...)
+CVE-2007-1177
 	NOT-FOR-US: WebAPP
-CVE-2007-1176 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before ...)
+CVE-2007-1176
 	NOT-FOR-US: WebAPP
-CVE-2007-1175 (Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP ...)
+CVE-2007-1175
 	NOT-FOR-US: WebAPP
-CVE-2007-1174 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before ...)
+CVE-2007-1174
 	NOT-FOR-US: WebAPP
-CVE-2007-1173 (Multiple buffer overflows in the CentennialIPTransferServer service ...)
+CVE-2007-1173
 	NOT-FOR-US: CentennialIPTransferServer
-CVE-2007-1172 (SQL injection vulnerability in nukesentinel.php in NukeSentinel ...)
+CVE-2007-1172
 	NOT-FOR-US: WebAPP
-CVE-2007-1171 (SQL injection vulnerability in includes/nsbypass.php in NukeSentinel ...)
+CVE-2007-1171
 	NOT-FOR-US: NukeSentinel
-CVE-2007-1170 (SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends ...)
+CVE-2007-1170
 	NOT-FOR-US: SimBin Racing
-CVE-2007-1169 (The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, ...)
+CVE-2007-1169
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-1168 (Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before ...)
+CVE-2007-1168
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-1167 (inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and ...)
+CVE-2007-1167
 	NOT-FOR-US: Clanportal
-CVE-2007-1166 (SQL injection vulnerability in result.php in Nabopoll 1.2 allows ...)
+CVE-2007-1166
 	NOT-FOR-US: Nabopoll
-CVE-2007-1165 (Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1 ...)
+CVE-2007-1165
 	NOT-FOR-US: DBGuestbook
-CVE-2007-1164 (Multiple PHP remote file inclusion vulnerabilities in DBImageGallery ...)
+CVE-2007-1164
 	NOT-FOR-US: DBImageGallery
-CVE-2007-1163 (SQL injection vulnerability in printview.php in webSPELL 4.01.02 and ...)
+CVE-2007-1163
 	NOT-FOR-US: webSPELL
-CVE-2007-1162 (A certain ActiveX control in the Common Controls Replacement Project ...)
+CVE-2007-1162
 	NOT-FOR-US: Common Controls ActiveX control
-CVE-2007-1161 (Cross-site scripting (XSS) vulnerability in call_entry.php in Call ...)
+CVE-2007-1161
 	NOT-FOR-US: Call Center Software
-CVE-2007-1218 (Off-by-one buffer overflow in the parse_elements function in the ...)
+CVE-2007-1218
 	{DSA-1272-1}
 	- tcpdump 3.9.5-2 (bug #413430; low)
-CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote attackers to ...)
+CVE-2007-1160
 	NOT-FOR-US: webSPELL
-CVE-2007-1159 (Cross-site scripting (XSS) vulnerability in modules/out.php in ...)
+CVE-2007-1159
 	NOT-FOR-US: Pyrophobia
-CVE-2007-1158 (Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 ...)
+CVE-2007-1158
 	NOT-FOR-US: Pagesetter
-CVE-2007-1157 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2007-1157
 	NOT-FOR-US: JBoss
-CVE-2007-1156 (JBrowser allows remote attackers to bypass authentication and access ...)
+CVE-2007-1156
 	NOT-FOR-US: JBrowser
-CVE-2007-1155 (Unrestricted file upload vulnerability in webSPELL allows remote ...)
+CVE-2007-1155
 	NOT-FOR-US: webSPELL
-CVE-2007-1154 (SQL injection vulnerability in webSPELL allows remote attackers to ...)
+CVE-2007-1154
 	NOT-FOR-US: webSPELL
-CVE-2007-1153 (Multiple PHP remote file inclusion vulnerabilities in CutePHP CuteNews ...)
+CVE-2007-1153
 	NOT-FOR-US: CuteNews
-CVE-2007-1152 (Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 ...)
+CVE-2007-1152
 	NOT-FOR-US: Pyrophobia
-CVE-2007-1151 (Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote ...)
+CVE-2007-1151
 	NOT-FOR-US: LoveCMS
-CVE-2007-1150 (Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote ...)
+CVE-2007-1150
 	NOT-FOR-US: LoveCMS
-CVE-2007-1149 (Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow ...)
+CVE-2007-1149
 	NOT-FOR-US: LoveCMS
-CVE-2007-1148 (PHP remote file inclusion vulnerability in install/index.php in ...)
+CVE-2007-1148
 	NOT-FOR-US: LoveCMS
-CVE-2007-1147 (PHP remote file inclusion vulnerability in view.php in hbm allows ...)
+CVE-2007-1147
 	NOT-FOR-US: hbm
-CVE-2007-1146 (PHP remote file inclusion vulnerability in function.php in arabhost ...)
+CVE-2007-1146
 	NOT-FOR-US: arabhost
-CVE-2007-1145 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako ...)
+CVE-2007-1145
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2007-1144 (Directory traversal vulnerability in jwpn-photos.php in J-Web Pics ...)
+CVE-2007-1144
 	NOT-FOR-US: J-Web Pics Navigator
-CVE-2007-1143 (Directory traversal vulnerability in pn-menu.php in J-Web Pics ...)
+CVE-2007-1143
 	NOT-FOR-US: J-Web Pics Navigator
-CVE-2007-1142 (Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 ...)
+CVE-2007-1142
 	NOT-FOR-US: Magic News Plus
-CVE-2007-1141 (PHP remote file inclusion vulnerability in preview.php in Magic News ...)
+CVE-2007-1141
 	NOT-FOR-US: Magic News Plus
-CVE-2007-1140 (Directory traversal vulnerability in edit.php in pheap allows remote ...)
+CVE-2007-1140
 	NOT-FOR-US: pheap
-CVE-2007-1139 (Unrestricted file upload vulnerability in Cromosoft Simple Plantilla ...)
+CVE-2007-1139
 	NOT-FOR-US: Simple Plantilla PHP
-CVE-2007-1138 (Absolute path traversal vulnerability in list_main_pages.php in ...)
+CVE-2007-1138
 	NOT-FOR-US: Simple Plantilla PHP
-CVE-2007-1137 (putmail.py in Putmail before 1.4 does not detect when a user attempts ...)
+CVE-2007-1137
 	NOT-FOR-US: Putmail
-CVE-2007-1136 (index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to ...)
+CVE-2007-1136
 	NOT-FOR-US: WebMplayer
-CVE-2007-1135 (Multiple SQL injection vulnerabilities in WebMplayer before ...)
+CVE-2007-1135
 	NOT-FOR-US: WebMplayer
-CVE-2007-1134 (Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown ...)
+CVE-2007-1134
 	NOT-FOR-US: Watchtower
-CVE-2007-1133 (PHP remote file inclusion vulnerability in fcring.php in FCRing 1.3 ...)
+CVE-2007-1133
 	NOT-FOR-US: FCRing
-CVE-2007-1132 (Multiple cross-site scripting (XSS) vulnerabilities in the &quot;Contact ...)
+CVE-2007-1132
 	NOT-FOR-US: MTCMS
-CVE-2007-1131 (PHP remote file inclusion vulnerability in sinapis.php in Sinapis ...)
+CVE-2007-1131
 	NOT-FOR-US: Sinapis Forum
-CVE-2007-1130 (PHP remote file inclusion vulnerability in sinagb.php in Sinapis ...)
+CVE-2007-1130
 	NOT-FOR-US: Sinapis Gastebuch
-CVE-2007-1129 (Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow ...)
+CVE-2007-1129
 	NOT-FOR-US: MTCMS
-CVE-2007-1128 (shopkitplus allows remote attackers to obtain sensitive information ...)
+CVE-2007-1128
 	NOT-FOR-US: shopkitplus
-CVE-2007-1127 (Directory traversal vulnerability in enc/stylecss.php in shopkitplus ...)
+CVE-2007-1127
 	NOT-FOR-US: shopkitplus
-CVE-2007-1126 (Directory traversal vulnerability in index.php in xtcommerce allows ...)
+CVE-2007-1126
 	NOT-FOR-US: xtcommerce
-CVE-2007-1125 (Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer ...)
+CVE-2007-1125
 	NOT-FOR-US: XeroXer Simple
-CVE-2007-1124 (Directory traversal vulnerability in gallery.php in XeroXer Simple ...)
+CVE-2007-1124
 	NOT-FOR-US: XeroXer Simple
-CVE-2007-1123 (Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0 allow ...)
+CVE-2007-1123
 	NOT-FOR-US: ZPanel
-CVE-2007-1122 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ...)
+CVE-2007-1122
 	NOT-FOR-US: ZephyrSoft Toolbox Address Book Continued
-CVE-2007-1121 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ...)
+CVE-2007-1121
 	NOT-FOR-US: ZephyrSoft Toolbox Address Book Continued
-CVE-2007-1120 (The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions ...)
+CVE-2007-1120
 	NOT-FOR-US: TeeChart Pro ActiveX control
-CVE-2007-1119 (Unspecified vulnerability in Novell ZENworks 7 Desktop Management ...)
+CVE-2007-1119
 	NOT-FOR-US: Novell ZENworks
-CVE-2007-1118 (Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 ...)
+CVE-2007-1118
 	NOT-FOR-US: eFiction
-CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 ...)
+CVE-2007-1117
 	NOT-FOR-US: Microsoft Office
-CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI ...)
+CVE-2007-1116
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.1.2-1 (low)
 	- xulrunner 1.8.1.4-1 (bug #415919; bug #415944; bug #415945; low)
 	NOTE: according to a blog comment at http://www.gnucitizen.org/projects/hscan-redux/,
 	NOTE: older mozillas are not vulnerable
-CVE-2007-1115 (The child frames in Opera 9 before 9.20 inherit the default charset ...)
+CVE-2007-1115
 	NOT-FOR-US: Opera
-CVE-2007-1114 (The child frames in Microsoft Internet Explorer 7 inherit the default ...)
+CVE-2007-1114
 	NOT-FOR-US: Microsoft IE
 CVE-2007-1113
 	RESERVED
-CVE-2007-1112 (Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe ...)
+CVE-2007-1112
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-1111 (Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar ...)
+CVE-2007-1111
 	NOT-FOR-US: ActiveCalendar
-CVE-2007-1110 (Directory traversal vulnerability in data/showcode.php in ...)
+CVE-2007-1110
 	NOT-FOR-US: ActiveCalendar
-CVE-2007-1109 (Multiple cross-site scripting (XSS) vulnerabilities in Phpwebgallery ...)
+CVE-2007-1109
 	NOT-FOR-US: Phpwebgallery
-CVE-2007-1108 (PHP remote file inclusion vulnerability in index.php in Christian ...)
+CVE-2007-1108
 	NOT-FOR-US: CS-Gallery
-CVE-2007-1107 (SQL injection vulnerability in thumbnails.php in Coppermine Photo ...)
+CVE-2007-1107
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-1106 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-1106
 	NOT-FOR-US: NoMoKeTos Rules
-CVE-2007-1105 (PHP remote file inclusion vulnerability in functions.php in Extreme ...)
+CVE-2007-1105
 	NOT-FOR-US: phpBB Extreme
-CVE-2007-1104 (PHP remote file inclusion vulnerability in top.php in PHP Module ...)
+CVE-2007-1104
 	NOT-FOR-US: PHP Module Implementation
-CVE-2007-1103 (Tor does not verify a node's uptime and bandwidth advertisements, ...)
+CVE-2007-1103
 	- tor <unfixed> (unimportant)
 	NOTE: Minor issue, just puts more noise on the node
-CVE-2007-1102 (Photostand 1.2.0 allows remote attackers to obtain sensitive ...)
+CVE-2007-1102
 	NOT-FOR-US: Photostand
-CVE-2007-1101 (Multiple cross-site scripting (XSS) vulnerabilities in Photostand ...)
+CVE-2007-1101
 	NOT-FOR-US: Photostand
-CVE-2007-1100 (Directory traversal vulnerability in download.php in Ahmet Sacan ...)
+CVE-2007-1100
 	NOT-FOR-US: Pickle
-CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not sufficiently warn ...)
+CVE-2007-1099
 	- dropbear 0.49-1 (unimportant; bug #412899)
 	[etch] - dropbear 0.48.1-2 (unimportant)
 	NOTE: That's a lack of a security feature (strict hostkey checking in openssh
 	NOTE: termininoloy) and an awkward interface, but not a vulnerability per se
 	NOTE: Especially as dropbear is specifically labeled a stripped down SSH implementation
-CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have ...)
+CVE-2007-1098
 	NOT-FOR-US: ScryMUD
-CVE-2007-1097 (Unrestricted file upload vulnerability in the onAttachFiles function ...)
+CVE-2007-1097
 	NOT-FOR-US: Wiclear
-CVE-2007-1096 (Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart ...)
+CVE-2007-1096
 	NOT-FOR-US: VirtueMart
-CVE-2007-1095 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not ...)
+CVE-2007-1095
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (low; bug #445514)
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-30
-CVE-2007-1094 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...)
+CVE-2007-1094
 	NOT-FOR-US: Microsoft IE
-CVE-2007-1093 (Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager ...)
+CVE-2007-1093
 	NOT-FOR-US: Network Node Manager
-CVE-2007-1092 (Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow ...)
+CVE-2007-1092
 	- iceweasel 2.0.0.2+dfsg-1 (low)
-CVE-2007-1091 (Microsoft Internet Explorer 7 allows remote attackers to prevent users ...)
+CVE-2007-1091
 	NOT-FOR-US: Microsoft IE
-CVE-2007-1090 (Microsoft Windows Explorer on Windows XP and 2003 allows remote ...)
+CVE-2007-1090
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1089 (IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local ...)
+CVE-2007-1089
 	NOT-FOR-US: IBM DB2
-CVE-2007-1088 (Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and ...)
+CVE-2007-1088
 	NOT-FOR-US: IBM DB2
-CVE-2007-1087 (IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not ...)
+CVE-2007-1087
 	NOT-FOR-US: IBM DB2
-CVE-2007-1086 (Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 ...)
+CVE-2007-1086
 	NOT-FOR-US: IBM DB2
-CVE-2007-1085 (Cross-site scripting (XSS) vulnerability in Google Desktop allows ...)
+CVE-2007-1085
 	NOT-FOR-US: Google Desktop
-CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...)
+CVE-2007-1084
 	- iceweasel <removed> (unimportant; bug #556268)
 	- iceape <removed> (unimportant)
 	- epiphany-browser <unfixed> (unimportant; bug #556272)
@@ -13491,96 +13491,96 @@ CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before
 	[lenny] - kazehakase 0.5.4-2lenny1
 	- conkeror <not-affected> (doesn't support bookmarks)
 	- webkit <not-affected> (doesn't support javascript embedded in bookmarks)
-CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX ...)
+CVE-2007-1083
 	NOT-FOR-US: ConfigChk ActiveX control
-CVE-2007-1082 (FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, ...)
+CVE-2007-1082
 	NOT-FOR-US: FTP Explorer
-CVE-2007-1081 (The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, ...)
+CVE-2007-1081
 	- typo3-src 4.0.5+debian-1
 	[etch] - typo3-src 4.0.2+debian-3
-CVE-2007-1080 (Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow ...)
+CVE-2007-1080
 	NOT-FOR-US: TurboFTP
-CVE-2007-1079 (Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager ...)
+CVE-2007-1079
 	NOT-FOR-US: FTP Voyager
-CVE-2007-1078 (PHP remote file inclusion vulnerability in index.php in ...)
+CVE-2007-1078
 	NOT-FOR-US: FlashGameScript
-CVE-2007-1077 (SQL injection vulnerability in page.asp in Design4Online UserPages2 ...)
+CVE-2007-1077
 	NOT-FOR-US: UserPages2
-CVE-2007-1076 (Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and ...)
+CVE-2007-1076
 	NOT-FOR-US: phpTrafficA
-CVE-2007-1075 (TurboFTP 5.30 Build 572 allows remote servers to cause a denial of ...)
+CVE-2007-1075
 	NOT-FOR-US: TurboFTP
-CVE-2007-1074 (Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x ...)
+CVE-2007-1074
 	NOT-FOR-US: NewsBin Pro
-CVE-2007-1073 (Static code injection vulnerability in install.php in mcRefer allows ...)
+CVE-2007-1073
 	NOT-FOR-US: mcRefer
-CVE-2007-1072 (The command line interface (CLI) in Cisco Unified IP Phone 7906G, ...)
+CVE-2007-1072
 	NOT-FOR-US: Cisco
-CVE-2007-1071 (Integer overflow in the gifGetBandProc function in ImageIO in Apple ...)
+CVE-2007-1071
 	NOT-FOR-US: Apple ImageIO
-CVE-2007-1069 (The memory management in VMware Workstation before 5.5.4 allows ...)
+CVE-2007-1069
 	NOT-FOR-US: VMware
-CVE-2007-1068 (The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, ...)
+CVE-2007-1068
 	NOT-FOR-US: Cisco
-CVE-2007-1067 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
+CVE-2007-1067
 	NOT-FOR-US: Cisco
-CVE-2007-1066 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
+CVE-2007-1066
 	NOT-FOR-US: Cisco
-CVE-2007-1065 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
+CVE-2007-1065
 	NOT-FOR-US: Cisco
-CVE-2007-1064 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
+CVE-2007-1064
 	NOT-FOR-US: Cisco
-CVE-2007-1063 (The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, ...)
+CVE-2007-1063
 	NOT-FOR-US: Cisco
-CVE-2007-1062 (The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and ...)
+CVE-2007-1062
 	NOT-FOR-US: Cisco
-CVE-2007-1061 (SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke ...)
+CVE-2007-1061
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1060 (Multiple PHP remote file inclusion vulnerabilities in Interspire ...)
+CVE-2007-1060
 	NOT-FOR-US: SendStudio
-CVE-2007-1059 (PHP remote file inclusion vulnerability in function.php in Ultimate ...)
+CVE-2007-1059
 	NOT-FOR-US: Ultimate Fun Book
-CVE-2007-1058 (SQL injection vulnerability in user_pages/page.asp in Online Web ...)
+CVE-2007-1058
 	NOT-FOR-US: Online Web Building
-CVE-2007-1057 (The Net Direct client for Linux before 6.0.5 in Nortel Application ...)
+CVE-2007-1057
 	NOT-FOR-US: Nortel Application Switch
-CVE-2007-1056 (VMware Workstation 5.5.3 build 34685 does not provide per-user ...)
+CVE-2007-1056
 	NOT-FOR-US: VMware
-CVE-2007-1055 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...)
+CVE-2007-1055
 	- mediawiki 1.7.1-9 (bug #406238; medium)
-CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...)
+CVE-2007-1054
 	- mediawiki 1.7.1-9 (bug #406238; medium)
-CVE-2007-1053 (** DISPUTED ** ...)
+CVE-2007-1053
 	NOT-FOR-US: phpXmms
-CVE-2007-1052 (** DISPUTED ** ...)
+CVE-2007-1052
 	NOT-FOR-US: PBLang
-CVE-2007-1051 (Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and ...)
+CVE-2007-1051
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-1050 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-1050
 	NOT-FOR-US: MyCalendar
-CVE-2007-1048 (PHP remote file inclusion vulnerability in admin_rebuild_search.php in ...)
+CVE-2007-1048
 	NOT-FOR-US: phpbb_wordsearch
-CVE-2007-1047 (Unspecified vulnerability in Distributed Checksum Clearinghouse (DCC) ...)
+CVE-2007-1047
 	- dcc <removed> (medium; bug #439718)
-CVE-2007-1046 (Dem_trac allows remote attackers to read log file contents via a ...)
+CVE-2007-1046
 	NOT-FOR-US: Dem_trac
-CVE-2007-1045 (mAlbum 0.3 has default accounts (1) &quot;login&quot;/&quot;pass&quot; for its ...)
+CVE-2007-1045
 	NOT-FOR-US: mAlbum
-CVE-2007-1044 (Pearson Education PowerSchool 4.3.6 allows remote attackers to list ...)
+CVE-2007-1044
 	NOT-FOR-US: PowerSchool
-CVE-2007-1043 (Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass ...)
+CVE-2007-1043
 	NOT-FOR-US: Ezboo
-CVE-2007-1042 (Directory traversal vulnerability in news.php in Xpression News ...)
+CVE-2007-1042
 	NOT-FOR-US: Xpression News
-CVE-2007-1041 (Multiple stack-based buffer overflows in S&amp;H Computer Systems News ...)
+CVE-2007-1041
 	NOT-FOR-US: News Rover
-CVE-2007-1040 (Directory traversal vulnerability in archives.php in Xpression News ...)
+CVE-2007-1040
 	NOT-FOR-US: Xpression News
-CVE-2007-1039 (Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 ...)
+CVE-2007-1039
 	NOT-FOR-US: Peanut Knowledge Base
-CVE-2007-1038 (Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers ...)
+CVE-2007-1038
 	NOT-FOR-US: Grabit
-CVE-2007-1037 (Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier ...)
+CVE-2007-1037
 	NOT-FOR-US: News File Grabber
 CVE-2007-XXXX [vserver patch allows renice of processes in different context]
 	- linux-2.6 2.6.18.dfsg.1-12 (bug #412143)
@@ -13595,109 +13595,109 @@ CVE-2007-XXXX [amavids-new uses contrib/non-free packers without security suppor
 	- amavisd-new 1:2.5.2-1 (unimportant; bug #410588)
 	NOTE: Doesn't affect a standard Debian installation, only users, which install
 	NOTE: proprietary apps, it should be fixed for sanity, but not a direct vulnerability
-CVE-2007-1049 (Cross-site scripting (XSS) vulnerability in the wp_explain_nonce ...)
+CVE-2007-1049
 	{DTSA-34-1}
 	- wordpress 2.1.1-1 (low)
-CVE-2007-1070 (Multiple stack-based buffer overflows in Trend Micro ServerProtect for ...)
+CVE-2007-1070
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-1036 (The default configuration of JBoss does not restrict access to the (1) ...)
+CVE-2007-1036
 	NOT-FOR-US: JBoss
-CVE-2007-1035 (Unspecified vulnerability in certain demonstration scripts in getID3 ...)
+CVE-2007-1035
 	NOT-FOR-US: Mediafield and Audio modules for Drupal
 	NOTE: this is not a php-getid3 problem, but related to the way these modules embed getid3
-CVE-2007-1034 (SQL injection vulnerability in the category file in modules.php in the ...)
+CVE-2007-1034
 	NOT-FOR-US: Emporium for PHP-Nuke
-CVE-2007-1033 (Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and ...)
+CVE-2007-1033
 	NOT-FOR-US: Secure site for Drupal
-CVE-2007-1032 (Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when ...)
+CVE-2007-1032
 	NOT-FOR-US: phpMyFAQ
-CVE-2007-1031 (Directory traversal vulnerability in include/db_conn.php in SpoonLabs ...)
+CVE-2007-1031
 	NOT-FOR-US: Vivvo Article Management CMS
-CVE-2007-1030 (Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a ...)
+CVE-2007-1030
 	- libevent <not-affected> (vulnerable version 1.2 was never uploaded)
-CVE-2007-1029 (Stack-based buffer overflow in the Connect method in the IMAP4 ...)
+CVE-2007-1029
 	NOT-FOR-US: Quiksoft EasyMail Objects
-CVE-2007-1028 (Cross-site scripting (XSS) vulnerability in the Barry Jaspan Image ...)
+CVE-2007-1028
 	NOT-FOR-US: Image Pager
-CVE-2007-1027 (Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux ...)
+CVE-2007-1027
 	NOT-FOR-US: IBM DB2
-CVE-2007-1026 (SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier ...)
+CVE-2007-1026
 	NOT-FOR-US: XLAtunes
-CVE-2007-1025 (PHP remote file inclusion vulnerability in inc/functions_inc.php in ...)
+CVE-2007-1025
 	NOT-FOR-US: VS-Link-Partner
-CVE-2007-1024 (PHP remote file inclusion vulnerability in include.php in Meganoide's ...)
+CVE-2007-1024
 	NOT-FOR-US: Meganoide's news
-CVE-2007-1023 (SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 ...)
+CVE-2007-1023
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2007-1022 (SQL injection vulnerability in h_goster.asp in Turuncu Portal 1.0 ...)
+CVE-2007-1022
 	NOT-FOR-US: Turuncu Portal
-CVE-2007-1021 (SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News ...)
+CVE-2007-1021
 	NOT-FOR-US: CodeAvalanche News
-CVE-2007-1020 (Cross-site scripting (XSS) vulnerability in index.php in CedStat 1.31 ...)
+CVE-2007-1020
 	NOT-FOR-US: CedStat
-CVE-2007-1019 (SQL injection vulnerability in news.php in webSPELL 4.01.02, when ...)
+CVE-2007-1019
 	NOT-FOR-US: webSPELL
-CVE-2007-1018 (PHP remote file inclusion vulnerability in tpl/header.php in ...)
+CVE-2007-1018
 	NOT-FOR-US: VS-News-System
-CVE-2007-1017 (PHP remote file inclusion vulnerability in show_news_inc.php in ...)
+CVE-2007-1017
 	NOT-FOR-US: VS-News-System
-CVE-2007-1016 (SQL injection vulnerability in Aktueldownload Haber script allows ...)
+CVE-2007-1016
 	NOT-FOR-US: Aktueldownload Haber
-CVE-2007-1015 (SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber ...)
+CVE-2007-1015
 	NOT-FOR-US: Aktueldownload Haber
-CVE-2007-1014 (Stack-based buffer overflow in VicFTPS before 5.0 allows remote ...)
+CVE-2007-1014
 	NOT-FOR-US: VicFTPS
-CVE-2007-1013 (PHP remote file inclusion vulnerability in generate.php in ...)
+CVE-2007-1013
 	NOT-FOR-US: VirtualSystem Htaccess Password Generator
-CVE-2007-1012 (Cross-site scripting (XSS) vulnerability in faq.php in DeskPRO 1.1.0 ...)
+CVE-2007-1012
 	NOT-FOR-US: DeskPRO
-CVE-2007-1011 (PHP remote file inclusion vulnerability in functions_inc.php in ...)
+CVE-2007-1011
 	NOT-FOR-US: VS-Gastebuch
-CVE-2007-1010 (Multiple PHP remote file inclusion vulnerabilities in ZebraFeeds 1.0, ...)
+CVE-2007-1010
 	NOT-FOR-US: ZebraFeeds
-CVE-2007-1009 (Macrovision InstallAnywhere Enterprise before 8.0.1 uses the ...)
+CVE-2007-1009
 	NOT-FOR-US: InstallAnywhere
-CVE-2007-1008 (Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a ...)
+CVE-2007-1008
 	NOT-FOR-US: Apple iTunes
-CVE-2007-1007 (Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows ...)
+CVE-2007-1007
 	{DSA-1262-1}
 	- gnomemeeting <removed> (high)
-CVE-2007-1006 (Multiple format string vulnerabilities in the ...)
+CVE-2007-1006
 	- ekiga 2.0.3-2.1 (bug #411944; high)
-CVE-2007-1005 (Heap-based buffer overflow in SW3eng.exe in the eID Engine service in ...)
+CVE-2007-1005
 	NOT-FOR-US: eTrust Intrusion Detection
-CVE-2007-1004 (Mozilla Firefox might allow remote attackers to conduct spoofing and ...)
+CVE-2007-1004
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.0.9-1 (low)
 	- xulrunner 1.8.0.4-1 (low)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=370555
-CVE-2007-1003 (Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList ...)
+CVE-2007-1003
 	{DSA-1294-1}
 	- xorg-server 2:1.1.1-21 (medium)
-CVE-2007-1002 (Format string vulnerability in the write_html function in ...)
+CVE-2007-1002
 	{DSA-1325-1}
 	- evolution 2.10.2-1
 	[sarge] - evolution <not-affected> (Vulnerable code not present)
-CVE-2007-1001 (Multiple integer overflows in the (1) createwbmp and (2) readwbmp ...)
+CVE-2007-1001
 	- libgd2 2.0.33-1 (medium)
 	NOTE: This has been fixed in libgd2 for a while, and php is linked against libgd2.
-CVE-2007-1000 (The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the ...)
+CVE-2007-1000
 	- linux-2.6 2.6.18.dfsg.1-12 (medium)
-CVE-2007-0999 (Format string vulnerability in Ekiga 2.0.3, and probably other ...)
+CVE-2007-0999
 	- ekiga 2.0.3-5 (bug #414069; high)
-CVE-2007-0998 (The VNC server implementation in QEMU, as used by Xen and possibly ...)
+CVE-2007-0998
 	- xen-3.0 <removed> (bug #436250; medium)
 	[etch] - xen-3.0 <unfixed>
 	NOTE: Fedora disabled the VNC access to the Qemu monitor
 	NOTE: An adjusted patch has been sent to the debian bugreport
-CVE-2007-0997 (Race condition in the tee (sys_tee) system call in the Linux kernel ...)
+CVE-2007-0997
 	- linux-2.6 2.6.18-1
-CVE-2007-0996 (The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before ...)
+CVE-2007-0996
 	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- xulrunner 1.8.0.10-1 (low)
-CVE-2007-0995 (Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey ...)
+CVE-2007-0995
 	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -13706,7 +13706,7 @@ CVE-2007-0995 (Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMo
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0994 (A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x ...)
+CVE-2007-0994
 	{DSA-1336-1}
 	- iceweasel 2.0.0.2+dfsg-2 (medium)
 CVE-2007-0993
@@ -13719,25 +13719,25 @@ CVE-2007-0990
 	REJECTED
 CVE-2007-0989
 	REJECTED
-CVE-2007-0988 (The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before ...)
+CVE-2007-0988
 	{DSA-1264-1}
 	[etch] - php4 6:4.4.4-8+etch1
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	- php5 5.2.0-9
-CVE-2007-0987 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 ...)
+CVE-2007-0987
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0986 (PHP remote file inclusion vulnerability in index.php in Jupiter CMS ...)
+CVE-2007-0986
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0985 (SQL injection vulnerability in nickpage.php in phpCC 4.2 beta and ...)
+CVE-2007-0985
 	NOT-FOR-US: phpCC
-CVE-2007-0984 (SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows ...)
+CVE-2007-0984
 	NOT-FOR-US: PollMentor
-CVE-2007-0983 (PHP remote file inclusion vulnerability in _admin/nav.php in AT ...)
+CVE-2007-0983
 	NOT-FOR-US: AT Contenator
-CVE-2007-0982 (Cross-site scripting (XSS) vulnerability in error.php in TaskFreak! ...)
+CVE-2007-0982
 	NOT-FOR-US: TaskFreak!
-CVE-2007-0981 (Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x ...)
+CVE-2007-0981
 	{DSA-1336-1}
 	NOTE: MFSA-2007-07
 	- iceweasel 2.0.0.1+dfsg-3 (bug #411192; high)
@@ -13745,305 +13745,305 @@ CVE-2007-0981 (Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x
 	- iceape 1.0.8-1 (high)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0980 (Unspecified vulnerability in HP Serviceguard for Linux; packaged for ...)
+CVE-2007-0980
 	NOT-FOR-US: HP Serviceguard
-CVE-2007-0979 (Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before ...)
+CVE-2007-0979
 	NOT-FOR-US: LifeType
-CVE-2007-0978 (Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain ...)
+CVE-2007-0978
 	NOT-FOR-US: IBM AIX
-CVE-2007-0977 (IBM Lotus Domino R5 and R6 WebMail, with &quot;Generate HTML for all ...)
+CVE-2007-0977
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-0976 (Buffer overflow in the ActSoft DVD-Tools ActiveX control ...)
+CVE-2007-0976
 	NOT-FOR-US: ActSoft DVD-Tools ActiveX control
-CVE-2007-0975 (Variable extraction vulnerability in Ian Bezanson Apache Stats before ...)
+CVE-2007-0975
 	NOT-FOR-US: Apache Stats
-CVE-2007-0974 (Multiple unspecified vulnerabilities in Ian Bezanson DropBox before ...)
+CVE-2007-0974
 	NOT-FOR-US: DropBox
-CVE-2007-0973 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-0973
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0972 (Unrestricted file upload vulnerability in modules/emoticons.php in ...)
+CVE-2007-0972
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0971 (Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow ...)
+CVE-2007-0971
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0970 (Multiple SQL injection vulnerabilities in WebTester 5.0.20060927 and ...)
+CVE-2007-0970
 	NOT-FOR-US: WebTester
-CVE-2007-0969 (Multiple cross-site scripting (XSS) vulnerabilities in WebTester ...)
+CVE-2007-0969
 	NOT-FOR-US: WebTester
-CVE-2007-0968 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) ...)
+CVE-2007-0968
 	NOT-FOR-US: Cisco
-CVE-2007-0967 (Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows ...)
+CVE-2007-0967
 	NOT-FOR-US: Cisco
-CVE-2007-0966 (Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the ...)
+CVE-2007-0966
 	NOT-FOR-US: Cisco
-CVE-2007-0965 (Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to ...)
+CVE-2007-0965
 	NOT-FOR-US: Cisco
-CVE-2007-0964 (Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to ...)
+CVE-2007-0964
 	NOT-FOR-US: Cisco
-CVE-2007-0963 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x ...)
+CVE-2007-0963
 	NOT-FOR-US: Cisco
-CVE-2007-0962 (Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before ...)
+CVE-2007-0962
 	NOT-FOR-US: Cisco
-CVE-2007-0961 (Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before ...)
+CVE-2007-0961
 	NOT-FOR-US: Cisco
-CVE-2007-0960 (Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series ...)
+CVE-2007-0960
 	NOT-FOR-US: Cisco
-CVE-2007-0959 (Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when ...)
+CVE-2007-0959
 	NOT-FOR-US: Cisco
-CVE-2007-0958 (Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable ...)
+CVE-2007-0958
 	{DSA-1304 DSA-1286-1}
 	- linux-2.6 2.6.20-1
-CVE-2007-0957 (Stack-based buffer overflow in the krb5_klog_syslog function in the ...)
+CVE-2007-0957
 	{DSA-1276-1}
 	- krb5 1.4.4-8 (high)
-CVE-2007-0956 (The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote ...)
+CVE-2007-0956
 	{DSA-1276-1}
 	- krb5 1.4.4-8 (high)
-CVE-2007-0955 (The NTLM_UnPack_Type3 function in MENTLM.dll in MailEnable ...)
+CVE-2007-0955
 	NOT-FOR-US: Mail Enable Professional
-CVE-2007-0954 (MOHA Chat 0.1b7 and earlier does not require authentication for use of ...)
+CVE-2007-0954
 	NOT-FOR-US: MOHA Chat
-CVE-2007-0953 (Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 ...)
+CVE-2007-0953
 	NOT-FOR-US: @Mail
-CVE-2007-0952 (Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net ...)
+CVE-2007-0952
 	NOT-FOR-US: Virtual Calendar
-CVE-2007-0951 (SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting ...)
+CVE-2007-0951
 	NOT-FOR-US: Fullaspsite ASP Hosting Site
-CVE-2007-0950 (Cross-site scripting (XSS) vulnerability in listmain.asp in ...)
+CVE-2007-0950
 	NOT-FOR-US: Fullaspsite ASP Hosting Site
-CVE-2007-0949 (Stack-based buffer overflow in iTinySoft Studio Total Video Player ...)
+CVE-2007-0949
 	NOT-FOR-US: iTinySoft
-CVE-2007-0948 (Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac ...)
+CVE-2007-0948
 	NOT-FOR-US: Microsoft Virtual PC
-CVE-2007-0947 (Use-after-free vulnerability in Microsoft Internet Explorer 7 on ...)
+CVE-2007-0947
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0946 (Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows ...)
+CVE-2007-0946
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0945 (Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on ...)
+CVE-2007-0945
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0944 (Unspecified vulnerability in the CTableCol::OnPropertyChange method in ...)
+CVE-2007-0944
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0943 (Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows ...)
+CVE-2007-0943
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0942 (Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on ...)
+CVE-2007-0942
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-0941
 	REJECTED
-CVE-2007-0940 (Unspecified vulnerability in the Cryptographic API Component Object ...)
+CVE-2007-0940
 	NOT-FOR-US: Microsoft CAPICOM
-CVE-2007-0939 (Cross-site scripting (XSS) vulnerability in Microsoft Content ...)
+CVE-2007-0939
 	NOT-FOR-US: Microsoft Content Management Server
-CVE-2007-0938 (Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does ...)
+CVE-2007-0938
 	NOT-FOR-US: Microsoft Content Management Server
 CVE-2007-0937
 	REJECTED
-CVE-2007-0936 (Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow ...)
+CVE-2007-0936
 	NOT-FOR-US: Microsoft
 CVE-2007-0935
 	REJECTED
-CVE-2007-0934 (Unspecified vulnerability in Microsoft Visio 2002 allows remote ...)
+CVE-2007-0934
 	NOT-FOR-US: Microsoft
-CVE-2007-0933 (Buffer overflow in the wireless driver 6.0.0.18 for D-Link DWL-G650+ ...)
+CVE-2007-0933
 	NOT-FOR-US: D-Link
-CVE-2007-0932 (The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) ...)
+CVE-2007-0932
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2007-0931 (Heap-based buffer overflow in the management interfaces in (1) Aruba ...)
+CVE-2007-0931
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2007-0930 (Variable extract vulnerability in Apache Stats before 0.0.3beta allows ...)
+CVE-2007-0930
 	NOT-FOR-US: Apache Stats
-CVE-2007-0929 (Directory traversal vulnerability in php rrd browser before 0.2.1 ...)
+CVE-2007-0929
 	NOT-FOR-US: prb (php rrd browser)
-CVE-2007-0928 (Virtual Calendar stores sensitive information under the web root with ...)
+CVE-2007-0928
 	NOT-FOR-US: Virtual Calendar
-CVE-2007-0927 (Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to ...)
+CVE-2007-0927
 	NOT-FOR-US: uTorrent
-CVE-2007-0926 (The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows ...)
+CVE-2007-0926
 	NOT-FOR-US: KvGuestbook
-CVE-2007-0925 (Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx ...)
+CVE-2007-0925
 	NOT-FOR-US: Community Server
-CVE-2007-0924 (Till Gerken phpPolls 1.0.3 allows remote attackers to bypass ...)
+CVE-2007-0924
 	NOT-FOR-US: phpPolls
-CVE-2007-0923 (buscador/buscador.htm in Portal Search allows remote attackers to ...)
+CVE-2007-0923
 	NOT-FOR-US: Portal Search
-CVE-2007-0922 (Cross-site scripting (XSS) vulnerability in buscador/buscador.htm in ...)
+CVE-2007-0922
 	NOT-FOR-US: Portal Search
-CVE-2007-0921 (Portal Search allows remote attackers to redirect a URL to an ...)
+CVE-2007-0921
 	NOT-FOR-US: Portal Search
-CVE-2007-0920 (SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 ...)
+CVE-2007-0920
 	NOT-FOR-US: Philboard
-CVE-2007-0919 (Directory traversal vulnerability in Nickolas Grigoriadis Mini Web ...)
+CVE-2007-0919
 	NOT-FOR-US: MiniWebsvr
-CVE-2007-0918 (The ATOMIC.TCP signature engine in the Intrusion Prevention System ...)
+CVE-2007-0918
 	NOT-FOR-US: Cisco
-CVE-2007-0917 (The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to ...)
+CVE-2007-0917
 	NOT-FOR-US: Cisco
-CVE-2007-0916 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
+CVE-2007-0916
 	NOT-FOR-US: HP-UX
-CVE-2007-0915 (Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers ...)
+CVE-2007-0915
 	NOT-FOR-US: HP-UX
-CVE-2007-0914 (Race condition in the TCP subsystem for Solaris 10 allows remote ...)
+CVE-2007-0914
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0913 (Unspecified vulnerability in Microsoft Powerpoint allows remote ...)
+CVE-2007-0913
 	NOT-FOR-US: Microsoft
-CVE-2007-0912 (Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php ...)
+CVE-2007-0912
 	NOT-FOR-US: JPortal
-CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow ...)
+CVE-2007-0911
 	- php5 5.2.2-1 (bug #410561; bug #410995; medium)
 	[etch] - php5 <not-affected> (A regression only affecting 5.2.1)
-CVE-2007-0910 (Unspecified vulnerability in PHP before 5.2.1 allows attackers to ...)
+CVE-2007-0910
 	{DSA-1264-1}
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	[etch] - php4 6:4.4.4-8+etch1
-CVE-2007-0909 (Multiple format string vulnerabilities in PHP before 5.2.1 might allow ...)
+CVE-2007-0909
 	{DSA-1264-1}
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	[etch] - php4 6:4.4.4-8+etch1
-CVE-2007-0908 (The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and ...)
+CVE-2007-0908
 	{DSA-1264-1}
 	- php5 5.2.0-9
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	NOTE: this extension is not enabled by default in the php packages
-CVE-2007-0907 (Buffer underflow in PHP before 5.2.1 allows attackers to cause a ...)
+CVE-2007-0907
 	{DSA-1264-1}
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	[etch] - php5 5.2.0-8+etch1
-CVE-2007-0906 (Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause ...)
+CVE-2007-0906
 	{DSA-1264-1}
 	NOTE: (4) is a non-issue, as we don't use the bundled sqlite
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	- php4 6:4.4.4-9
 	[etch] - php4 6:4.4.4-8+etch1
 	[etch] - php5 5.2.0-8+etch1
-CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir ...)
+CVE-2007-0905
 	- php5 5.2.0-9 (bug #410561; bug #410995; unimportant)
 	NOTE: we normally don't spend much time on safe_mode and open_basedir
 	NOTE: issues, but the because the attack vectors are "unspecified", it
 	NOTE: might be harder for us to try and sort out the fixes for this
 	NOTE: from the session fixes in CVE-2007-0906 (see there for more info)
-CVE-2007-0904 (SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows ...)
+CVE-2007-0904
 	NOT-FOR-US: LightRO CMS
-CVE-2007-0903 (Unspecified vulnerability in the mod_roster_odbc module in ejabberd ...)
+CVE-2007-0903
 	- ejabberd 1.1.2-5
-CVE-2007-0902 (Unspecified vulnerability in the &quot;Show debugging information&quot; feature ...)
+CVE-2007-0902
 	- moin <unfixed> (unimportant)
 	NOTE: this is a version information disclosure.
-CVE-2007-0901 (Multiple cross-site scripting (XSS) vulnerabilities in Info pages in ...)
+CVE-2007-0901
 	- moin 1.5 (bug #411084; medium)
 	NOTE: Despite what the CVE says, this is not a problem in the 1.5.x code
-CVE-2007-0900 (Multiple PHP remote file inclusion vulnerabilities in TagIt! Tagboard ...)
+CVE-2007-0900
 	NOT-FOR-US: TagIt! Tagboard
 CVE-2007-0899 [Possible heap overflow in libclamav/fsg.c]
 	RESERVED
 	{DSA-1263-1}
 	- clamav 0.90-1
 	[etch] - clamav	0.88.7-2
-CVE-2007-0898 (Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before ...)
+CVE-2007-0898
 	{DSA-1263-1}
 	- clamav 0.90-1 (bug #411117)
 	[etch] - clamav	0.88.7-2
-CVE-2007-0897 (Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under ...)
+CVE-2007-0897
 	{DSA-1263-1}
 	- clamav 0.90-1 (bug #411118)
 	[etch] - clamav	0.88.7-2
-CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before ...)
+CVE-2007-0896
 	- firefox-sage 1.3.10-1
 	[etch] - firefox-sage <not-affected> (HTML mode not enabled in Etch)
 	NOTE: http://secunia.com/advisories/24086/
 	NOTE: might not affect Debian version because HTML mode is disabled. sf: pinged maintainer
-CVE-2007-0451 (Apache SpamAssassin before 3.1.8 allows remote attackers to cause a ...)
+CVE-2007-0451
 	- spamassassin 3.1.7-2 (bug #410843)
 	NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318
-CVE-2007-0895 (Race condition in recursive directory deletion with the (1) -r or (2) ...)
+CVE-2007-0895
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0894 (MediaWiki before 1.9.2 allows remote attackers to obtain sensitive ...)
+CVE-2007-0894
 	- mediawiki <removed> (unimportant)
 	NOTE: Only path disclosure
-CVE-2007-0893 (Directory traversal vulnerability in phpMyVisites before 2.2 allows ...)
+CVE-2007-0893
 	NOT-FOR-US: phpMyVisites
-CVE-2007-0892 (CRLF injection vulnerability in phpMyVisites before 2.2 allows remote ...)
+CVE-2007-0892
 	NOT-FOR-US: phpMyVisites
-CVE-2007-0891 (Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath ...)
+CVE-2007-0891
 	NOT-FOR-US: phpMyVisites
-CVE-2007-0890 (Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in ...)
+CVE-2007-0890
 	NOT-FOR-US: cPanel
-CVE-2007-0889 (Kiwi CatTools before 3.2.0 beta uses weak encryption (&quot;reversible ...)
+CVE-2007-0889
 	NOT-FOR-US: Kiwi CatTools
-CVE-2007-0888 (Directory traversal vulnerability in the TFTP server in Kiwi CatTools ...)
+CVE-2007-0888
 	NOT-FOR-US: Kiwi CatTools
-CVE-2007-0887 (axigen 1.2.6 through 2.0.0b1 does not properly parse login ...)
+CVE-2007-0887
 	NOT-FOR-US: Axigen
-CVE-2007-0886 (Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows ...)
+CVE-2007-0886
 	NOT-FOR-US: Axigen
-CVE-2007-0885 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-0885
 	NOT-FOR-US: Rainbow.Zen
-CVE-2007-0884 (Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows ...)
+CVE-2007-0884
 	- mimedefang <not-affected> (Only versions 2.59 and 2.60 vulnerable)
-CVE-2007-0883 (Directory traversal vulnerability in ...)
+CVE-2007-0883
 	NOT-FOR-US: IP3 NetAccess
-CVE-2007-0882 (Argument injection vulnerability in the telnet daemon (in.telnetd) in ...)
+CVE-2007-0882
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0881 (PHP remote file inclusion vulnerability in the Seitenschutz plugin for ...)
+CVE-2007-0881
 	NOT-FOR-US: OPENi-CMS
-CVE-2007-0880 (Capital Request Forms stores sensitive information under the web root ...)
+CVE-2007-0880
 	NOT-FOR-US: Capital Request Forms
-CVE-2007-0879 (Buffer overflow in SmidgeonSoft PEBrowse Professional 8.2.1.0 allows ...)
+CVE-2007-0879
 	NOT-FOR-US: PEBrowse
-CVE-2007-0878 (Unspecified vulnerability in Microsoft Internet Explorer on Windows ...)
+CVE-2007-0878
 	NOT-FOR-US: Microsoft
-CVE-2007-0877 (Unspecified vulnerability in March Networks DVR 3000 and 4000 Digital ...)
+CVE-2007-0877
 	NOT-FOR-US: March Networks DVR
-CVE-2007-0876 (Cross-site scripting (XSS) vulnerability in Quick Digital Image ...)
+CVE-2007-0876
 	NOT-FOR-US: Quick Digital Image Gallery
-CVE-2007-0875 (** DISPUTED ** ...)
+CVE-2007-0875
 	NOT-FOR-US: mcRefer
-CVE-2007-0874 (Allons_voter 1.0 allows remote attackers to bypass authentication and ...)
+CVE-2007-0874
 	NOT-FOR-US: Allons_voter
-CVE-2007-0873 (nabopoll 1.1.2 allows remote attackers to bypass authentication and ...)
+CVE-2007-0873
 	NOT-FOR-US: nabopoll
-CVE-2007-0872 (Directory traversal vulnerability in the Plain Old Webserver (POW) ...)
+CVE-2007-0872
 	NOT-FOR-US: Plain Old Webserver
-CVE-2007-0871 (Unrestricted file upload vulnerability in eXtremePow eXtreme File ...)
+CVE-2007-0871
 	NOT-FOR-US: eXtreme File Hosting
 CVE-2007-XXXX [dokuwiki conf directory accessible by web users]
 	- dokuwiki 0.0.20061106-3 (bug #410557)
-CVE-2007-0870 (Unspecified vulnerability in Microsoft Word 2000 allows remote ...)
+CVE-2007-0870
 	NOT-FOR-US: Microsoft
-CVE-2007-0869 (Cross-site scripting (XSS) vulnerability in the Attachment Manager ...)
+CVE-2007-0869
 	NOT-FOR-US: vBulletin
-CVE-2007-0868 (Unspecified vulnerability in the Chat Room functionality in Yahoo! ...)
+CVE-2007-0868
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-0867 (PHP remote file inclusion vulnerability in classes/menu.php in ...)
+CVE-2007-0867
 	NOT-FOR-US: Site-Assistant
-CVE-2007-0866 (Unspecified vulnerability in HP OpenView Storage Data Protector on ...)
+CVE-2007-0866
 	NOT-FOR-US: HP OpenView
-CVE-2007-0865 (SQL injection vulnerability in comments.php in LushiNews 1.01 and ...)
+CVE-2007-0865
 	NOT-FOR-US: LushiWarPlaner
-CVE-2007-0864 (SQL injection vulnerability in register.php in LushiWarPlaner 1.0 ...)
+CVE-2007-0864
 	NOT-FOR-US: LushiWarPlaner
-CVE-2007-0863 (** DISPUTED ** ...)
+CVE-2007-0863
 	NOT-FOR-US: Trevorchan
-CVE-2007-0862 (** DISPUTED ** ...)
+CVE-2007-0862
 	NOT-FOR-US: gnopaste
-CVE-2007-0861 (** DISPUTED ** ...)
+CVE-2007-0861
 	NOT-FOR-US: phpCOIN
-CVE-2007-0860 (** DISPUTED ** ...)
+CVE-2007-0860
 	NOT-FOR-US: local Calendar System
-CVE-2007-0859 (The Find feature in Palm OS Treo smart phones operates despite the ...)
+CVE-2007-0859
 	NOT-FOR-US: Palm OS Treo
 CVE-2007-XXXX [ikiwiki allows web user to edit images and other non-page format files in the wiki]
 	- ikiwiki 1.42 (low)
 	[etch] - ikiwiki 1.33.1
 CVE-2007-0858
 	RESERVED
-CVE-2007-0857 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before ...)
+CVE-2007-0857
 	- moin 1.5.3-1.2 (bug #410338; medium; bug #410552)
-CVE-2007-0856 (TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module ...)
+CVE-2007-0856
 	NOT-FOR-US: Trend Micro Anti-Rootkit Common Module
-CVE-2007-0855 (Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR ...)
+CVE-2007-0855
 	- rar 1:3.7b1-1 (high; bug #410582)
 	[sarge]	- rar <no-dsa> (Non-free)
 	[etch] - rar <no-dsa> (Non-free)
@@ -14054,160 +14054,160 @@ CVE-2007-0855 (Stack-based buffer overflow in RARLabs Unrar, as packaged in WinR
 	NOTE: which probably turns this into remote code execution
 	NOTE: clamav can also call unrar -p-, but AFAICS not in default configuration
 	NOTE: unrar-free and clamav (which embeds unrar-free code) not affected
-CVE-2007-0854 (Remote file inclusion vulnerability in scripts2/objcache in cPanel ...)
+CVE-2007-0854
 	NOT-FOR-US: cPanel WebHost Manager
-CVE-2007-0853 (SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers ...)
+CVE-2007-0853
 	NOT-FOR-US: DevTrack
-CVE-2007-0852 (Cross-site scripting (XSS) vulnerability in DevTrack 6.x allows remote ...)
+CVE-2007-0852
 	NOT-FOR-US: DevTrack
-CVE-2007-0851 (Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before ...)
+CVE-2007-0851
 	NOT-FOR-US: Trend Micro Scan Engine
-CVE-2007-0850 (scripts/cronscript.php in SysCP 1.2.15 and earlier includes and ...)
+CVE-2007-0850
 	NOT-FOR-US: SysCP
-CVE-2007-0849 (scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly ...)
+CVE-2007-0849
 	NOT-FOR-US: SysCP
-CVE-2007-0848 (PHP remote file inclusion vulnerability in classes/class_mail.inc.php ...)
+CVE-2007-0848
 	NOT-FOR-US: Maian Recipe
-CVE-2007-0847 (SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server ...)
+CVE-2007-0847
 	NOT-FOR-US: Open Tibia Server CMS
-CVE-2007-0846 (Cross-site scripting (XSS) vulnerability in forum.php in Open Tibia ...)
+CVE-2007-0846
 	NOT-FOR-US: Open Tibia Server CMS
-CVE-2007-0845 (admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote ...)
+CVE-2007-0845
 	NOT-FOR-US: Advanced Poll
-CVE-2007-0843 (The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, ...)
+CVE-2007-0843
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0842 (The 64-bit versions of Microsoft Visual C++ 8.0 standard library ...)
+CVE-2007-0842
 	NOT-FOR-US: Microsoft
-CVE-2007-0841 (Multiple unspecified vulnerabilities in vbDrupal before 4.7.6.0 have ...)
+CVE-2007-0841
 	NOT-FOR-US: vbDrupal
-CVE-2007-0840 (Cross-site scripting (XSS) vulnerability in HLstats before 1.35 allows ...)
+CVE-2007-0840
 	NOT-FOR-US: HLstats
-CVE-2007-0839 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2007-0839
 	NOT-FOR-US: WebMatic
-CVE-2007-0838 (FreeProxy before 3.92 Build 1626 allows malicious users to cause a ...)
+CVE-2007-0838
 	NOT-FOR-US: FreeProxy
-CVE-2007-0837 (PHP remote file inclusion vulnerability in examples/inc/top.inc.php in ...)
+CVE-2007-0837
 	NOT-FOR-US: AgerMenu
-CVE-2007-0836 (admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, ...)
+CVE-2007-0836
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0835 (admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, ...)
+CVE-2007-0835
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0834 (Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows ...)
+CVE-2007-0834
 	NOT-FOR-US: FlashChat
-CVE-2007-0833 (VMware Workstation 5.5.3 34685, when the &quot;Enable copy and paste to and ...)
+CVE-2007-0833
 	NOT-FOR-US: VMware
-CVE-2007-0832 (VMware Workstation 5.5.3 34685 does not immediately change the ...)
+CVE-2007-0832
 	NOT-FOR-US: VMware
-CVE-2007-0831 (** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2007-0831
 	NOT-FOR-US: Atsphp
-CVE-2007-0830 (** DISPUTED ** ...)
+CVE-2007-0830
 	NOT-FOR-US: vBulletin
-CVE-2007-0829 (avast! Server Edition before 4.7.726 does not demand a password in a ...)
+CVE-2007-0829
 	NOT-FOR-US: avast!
-CVE-2007-0828 (PHP remote file inclusion vulnerability in affichearticles.php3 in ...)
+CVE-2007-0828
 	NOT-FOR-US: MySQLNewsEngine
-CVE-2007-0827 (The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote ...)
+CVE-2007-0827
 	NOT-FOR-US: Alibaba Alipay PTA Module ActiveX control
-CVE-2007-0826 (SQL injection vulnerability in forum.asp in Kisisel Site 2007 allows ...)
+CVE-2007-0826
 	NOT-FOR-US: Kisisel Site
-CVE-2007-0825 (FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of ...)
+CVE-2007-0825
 	NOT-FOR-US: FlashFXP
-CVE-2007-0824 (PHP remote file inclusion vulnerability in inhalt.php in LightRO CMS ...)
+CVE-2007-0824
 	NOT-FOR-US: LightRO CMS
-CVE-2007-0823 (xterm on Slackware Linux 10.2 stores information that had been ...)
+CVE-2007-0823
 	- xterm <not-affected> (Not a security problem)
-CVE-2007-0822 (umount, when running with the Linux 2.6.15 kernel on Slackware Linux ...)
+CVE-2007-0822
 	- util-linux <not-affected> (Not a security problem)
-CVE-2007-0821 (Multiple directory traversal vulnerabilities in Cedric CLAIRE ...)
+CVE-2007-0821
 	NOT-FOR-US: PortailPhp
-CVE-2007-0820 (Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE ...)
+CVE-2007-0820
 	NOT-FOR-US: PortailPhp
-CVE-2007-0819 (HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 ...)
+CVE-2007-0819
 	NOT-FOR-US: HP Network Node Manager
 CVE-2007-0818
 	REJECTED
-CVE-2007-0817 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web ...)
+CVE-2007-0817
 	NOT-FOR-US: Adobe ColdFusion web server
-CVE-2007-0816 (The RPC Server service (catirpc.exe) in CA (formerly Computer ...)
+CVE-2007-0816
 	NOT-FOR-US: (CA) BrightStor
-CVE-2007-0815 (Cross-site scripting (XSS) vulnerability in images_archive.asp in ...)
+CVE-2007-0815
 	NOT-FOR-US: Uphotogallery
-CVE-2007-0814 (Multiple cross-site scripting (XSS) vulnerabilities in Adrenalin's ASP ...)
+CVE-2007-0814
 	NOT-FOR-US: ASP Chat
-CVE-2007-0813 (Cross-site scripting (XSS) vulnerability in Home production ...)
+CVE-2007-0813
 	NOT-FOR-US: MySearchEngine
-CVE-2007-0812 (SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) ...)
+CVE-2007-0812
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-0811 (Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on ...)
+CVE-2007-0811
 	NOT-FOR-US: Microsoft
-CVE-2007-0810 (PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in ...)
+CVE-2007-0810
 	NOT-FOR-US: GeekLog
-CVE-2007-0809 (PHP remote file inclusion vulnerability in includes/class_template.php ...)
+CVE-2007-0809
 	NOT-FOR-US: Categories Hierarchy
-CVE-2007-0808 (PHP remote file inclusion vulnerability in Mina Ajans Script allows ...)
+CVE-2007-0808
 	NOT-FOR-US: Mina Ajans Script
-CVE-2007-0807 (Cross-site scripting (XSS) vulnerability in info.php in flashChat ...)
+CVE-2007-0807
 	NOT-FOR-US: flashChat
-CVE-2007-0806 (Les News 2.2 allows remote attackers to bypass authentication and gain ...)
+CVE-2007-0806
 	NOT-FOR-US: Les News
-CVE-2007-0805 (The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local ...)
+CVE-2007-0805
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2007-0804 (Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 ...)
+CVE-2007-0804
 	NOT-FOR-US: GGCMS
-CVE-2007-0803 (Multiple buffer overflows in STLport before 5.0.3 allow remote ...)
+CVE-2007-0803
 	- stlport5 5.0.3-1 (bug #410864; low)
 	[etch] - stlport5 5.0.2-12
 	[sarge] - stlport5 <not-affected> (Vulnerable code not compiled in)
-CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...)
+CVE-2007-0802
 	- iceweasel 2.0.0.16-1 (low)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=367538
-CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox ...)
+CVE-2007-0801
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- firefox 45.0-1 (low)
 	- firefox-esr 45.0esr-1 (low)
 	- iceape 1.0.8-1 (low)
 	- xulrunner 1.8.0.10-1 (low)
-CVE-2007-0800 (Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked ...)
+CVE-2007-0800
 	NOTE: MFSA-2007-05
 	- iceweasel 2.0.0.2+dfsg-1 (medium)
 	- iceape 1.0.8-1 (medium)
 	- xulrunner 1.8.0.10-1 (medium)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0799 (SQL injection vulnerability in badword.asp in Ublog Reload 1.0.5 ...)
+CVE-2007-0799
 	NOT-FOR-US: Ublog Reload
-CVE-2007-0798 (Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload ...)
+CVE-2007-0798
 	NOT-FOR-US: Ublog Reload
-CVE-2007-0797 (PHP remote file inclusion vulnerability in theme/settings.php in ...)
+CVE-2007-0797
 	NOT-FOR-US: SMA-DB
-CVE-2007-0796 (Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, ...)
+CVE-2007-0796
 	NOT-FOR-US: WinProxy
-CVE-2007-0795 (Multiple PHP remote file inclusion vulnerabilities in Wap Portal ...)
+CVE-2007-0795
 	NOT-FOR-US: Wap Portal Server
-CVE-2007-0794 (** DISPUTED ** ...)
+CVE-2007-0794
 	NOT-FOR-US: GlobalMegaCorp dvddb
-CVE-2007-0793 (PHP remote file inclusion vulnerability in inc/common.php in ...)
+CVE-2007-0793
 	NOT-FOR-US: GlobalMegaCorp dvddb
-CVE-2007-0792 (The mod_perl initialization script in Bugzilla 2.23.3 does not set the ...)
+CVE-2007-0792
 	- bugzilla <not-affected> (Only development version 2.23.3 is affected)
-CVE-2007-0791 (Cross-site scripting (XSS) vulnerability in Atom feeds in Bugzilla ...)
+CVE-2007-0791
 	- bugzilla 2.22.1-2.1 (bug #409824; low)
 	[etch] - bugzilla <no-dsa> (Minor issue, far-fetched attack, minor impact)
 	[sarge] - bugzilla <not-affected> (Vulnerable code not present)
-CVE-2007-0790 (Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP ...)
+CVE-2007-0790
 	NOT-FOR-US: SmartFTP
-CVE-2007-0789 (SQL injection vulnerability in Mambo before 4.5.5 allows remote ...)
+CVE-2007-0789
 	- mambo 4.6.1-1 (medium)
 	NOTE: only the 4.5.x tree was vulnerable
-CVE-2007-0788 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before ...)
+CVE-2007-0788
 	- mediawiki <not-affected> (Only in 1.9 branch, fixed in 1.9.2)
-CVE-2007-0787 (PHP remote file inclusion vulnerability in controller.php in Simple ...)
+CVE-2007-0787
 	NOT-FOR-US: Simple Invoices
-CVE-2007-0786 (SQL injection vulnerability in view.php in Noname Media Photo Galerie ...)
+CVE-2007-0786
 	NOT-FOR-US: Noname Media Photo Galerie Standard
-CVE-2007-0785 (PHP remote file inclusion vulnerability in previewtheme.php in ...)
+CVE-2007-0785
 	NOT-FOR-US: Flipsource Flip
-CVE-2007-0784 (SQL injection vulnerability in login.asp for tPassword in the Raymond ...)
+CVE-2007-0784
 	NOT-FOR-US: RBL ASP tPassword
 CVE-2007-0783
 	RESERVED
@@ -14215,21 +14215,21 @@ CVE-2007-0782
 	RESERVED
 CVE-2007-0781
 	RESERVED
-CVE-2007-0780 (browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before ...)
+CVE-2007-0780
 	NOTE: MFSA-2007-05
 	- iceweasel 2.0.0.2+dfsg-1 (medium)
 	- iceape 1.0.8-1 (medium)
 	- xulrunner 1.8.0.10-1 (medium)
 	[sarge] - mozilla-firefox <not-affected> (Vulnerable code not present)
 	[sarge] - mozilla <not-affected> (Vulnerable code not present)
-CVE-2007-0779 (GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and ...)
+CVE-2007-0779
 	NOTE: MFSA-2007-04
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape 1.0.8-1 (low)
 	- xulrunner 1.8.0.10-1 (low)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <not-affected> (introduced in firefox 1.5)
-CVE-2007-0778 (The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x ...)
+CVE-2007-0778
 	{DSA-1336-1}
 	NOTE: MFSA-2007-03
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -14237,7 +14237,7 @@ CVE-2007-0778 (The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x
 	- xulrunner 1.8.0.10-1 (low)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0777 (The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x ...)
+CVE-2007-0777
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape 1.0.8-1 (high)
@@ -14246,7 +14246,7 @@ CVE-2007-0777 (The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0776 (Heap-based buffer overflow in the _cairo_pen_init function in Mozilla ...)
+CVE-2007-0776
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape 1.0.8-1 (high)
@@ -14255,7 +14255,7 @@ CVE-2007-0776 (Heap-based buffer overflow in the _cairo_pen_init function in Moz
 	[sarge] - mozilla-firefox <not-affected> (Only affected Firefox 2.0 et al)
 	[sarge] - mozilla-thunderbird <not-affected> (Only affected Firefox 2.0 et al)
 	[sarge] - mozilla <not-affected> (Only affected Firefox 2.0 et al)
-CVE-2007-0775 (Multiple unspecified vulnerabilities in the layout engine in Mozilla ...)
+CVE-2007-0775
 	{DSA-1336-1}
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
@@ -14266,22 +14266,22 @@ CVE-2007-0775 (Multiple unspecified vulnerabilities in the layout engine in Mozi
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	NOTE: Only one of the crashes can be triggered in Sarge, 326864
-CVE-2007-0774 (Stack-based buffer overflow in the map_uri_to_worker function ...)
+CVE-2007-0774
 	- libapache-mod-jk 1:1.2.21-1 (medium)
 	[sarge] - libapache-mod-jk <not-affected>
 	[etch] - libapache-mod-jk <not-affected>
 	NOTE: affects only 1.2.19 and 1.2.20
-CVE-2007-0773 (The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users ...)
+CVE-2007-0773
 	- linux-2.6 2.6.12-1
-CVE-2007-0772 (The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows ...)
+CVE-2007-0772
 	- linux-2.6 2.6.18.dfsg.1-11
-CVE-2007-0771 (The utrace support in Linux kernel 2.6.18, and other versions, allows ...)
+CVE-2007-0771
 	- linux-2.6 <not-affected> (RHEL-specific backport, only present in -mm tree)
-CVE-2007-0770 (Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted ...)
+CVE-2007-0770
 	{DSA-1260}
 	- graphicsmagick 1.1.7-12
 	- imagemagick 7:6.2.4.5.dfsg1-0.14 (bug #410435)
-CVE-2007-1667 (Multiple integer overflows in (1) the XGetPixel function in ImUtil.c ...)
+CVE-2007-1667
 	{DSA-1903-1 DSA-1858-1 DSA-1294-1}
 	- xfree86 <removed> (bug #414046; medium)
 	- libx11 2:1.0.3-7 (bug #414045; medium)
@@ -14290,651 +14290,651 @@ CVE-2007-1667 (Multiple integer overflows in (1) the XGetPixel function in ImUti
 	NOTE: Discovered through CVE-2007-0770.
 	NOTE: With certain mail user agents, this issue is likely exploitable
 	NOTE: without much user interaction.
-CVE-2007-0844 (The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when ...)
+CVE-2007-0844
 	- libpam-ssh 1.91.0-9.2 (bug #410236; low)
 	[etch] - libpam-ssh <no-dsa> (Minor issue)
 	[sarge] - libpam-ssh <no-dsa> (Minor issue)
-CVE-2007-0769 (** DISPUTED ** ...)
+CVE-2007-0769
 	NOT-FOR-US: Phorum
-CVE-2007-0768 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact ...)
+CVE-2007-0768
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-0767 (Cross-site scripting (XSS) vulnerability in the core in Phorum before ...)
+CVE-2007-0767
 	NOT-FOR-US: Phorum
-CVE-2007-0766 (Stack-based buffer overflow in Remotesoft .NET Explorer 2.0.1 allows ...)
+CVE-2007-0766
 	NOT-FOR-US: .NET Explorer
-CVE-2007-0765 (SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 ...)
+CVE-2007-0765
 	NOT-FOR-US: Curium CMS
-CVE-2007-0764 (Unrestricted file upload vulnerability in F3Site 2.1 and earlier ...)
+CVE-2007-0764
 	NOT-FOR-US: F3Site
-CVE-2007-0763 (Cross-site scripting (XSS) vulnerability in the news comment ...)
+CVE-2007-0763
 	NOT-FOR-US: F3Site
-CVE-2007-0762 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2007-0762
 	NOT-FOR-US: phpBB++
-CVE-2007-0761 (PHP remote file inclusion vulnerability in config.php in phpBB ezBoard ...)
+CVE-2007-0761
 	NOT-FOR-US: phpBB ezBoard converter
-CVE-2007-0760 (EQdkp 1.3.1 and earlier authenticates administrative requests by ...)
+CVE-2007-0760
 	NOT-FOR-US: EQdkp
-CVE-2007-0759 (Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow ...)
+CVE-2007-0759
 	NOT-FOR-US: EasyMoblog
-CVE-2007-0758 (PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24 ...)
+CVE-2007-0758
 	NOT-FOR-US: PHPProbid
-CVE-2007-0757 (PHP remote file inclusion vulnerability in index.php in Miguel Nunes ...)
+CVE-2007-0757
 	NOT-FOR-US: CoD2 DreamStats
-CVE-2007-0756 (Chicken of the VNC (cotv) 2.0 allows remote attackers to cause a ...)
+CVE-2007-0756
 	NOT-FOR-US: Chicken of the VNC
 CVE-2007-0755
 	RESERVED
-CVE-2007-0754 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows ...)
+CVE-2007-0754
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0753 (Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X ...)
+CVE-2007-0753
 	NOT-FOR-US: Apple
-CVE-2007-0752 (The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the ...)
+CVE-2007-0752
 	NOT-FOR-US: Apple
-CVE-2007-0751 (A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might ...)
+CVE-2007-0751
 	NOT-FOR-US: Apple
-CVE-2007-0750 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 ...)
+CVE-2007-0750
 	NOT-FOR-US: Apple
-CVE-2007-0749 (Multiple stack-based buffer overflows in the is_command function in ...)
+CVE-2007-0749
 	NOT-FOR-US: Apple Darwin Streaming Server
-CVE-2007-0748 (Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using ...)
+CVE-2007-0748
 	NOT-FOR-US: Apple Darwin Streaming Server
-CVE-2007-0747 (load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly ...)
+CVE-2007-0747
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0746 (Heap-based buffer overflow in the VideoConference framework in Apple ...)
+CVE-2007-0746
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0745 (The Apple Security Update 2007-004 uses an incorrect configuration ...)
+CVE-2007-0745
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0744 (SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean ...)
+CVE-2007-0744
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0743 (URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username ...)
+CVE-2007-0743
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0742 (The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier ...)
+CVE-2007-0742
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0741 (Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 ...)
+CVE-2007-0741
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0740 (Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display ...)
+CVE-2007-0740
 	NOT-FOR-US: Apple
-CVE-2007-0739 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the ...)
+CVE-2007-0739
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0738 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not ...)
+CVE-2007-0738
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0737 (The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not ...)
+CVE-2007-0737
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0736 (Integer overflow in the RPC library in Libinfo in Apple Mac OS X ...)
+CVE-2007-0736
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0735 (Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 ...)
+CVE-2007-0735
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0734 (fsck, as used by the AirPort Disk feature of the AirPort Extreme Base ...)
+CVE-2007-0734
 	NOT-FOR-US: AirPort Extreme Base Station
-CVE-2007-0733 (Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 ...)
+CVE-2007-0733
 	NOT-FOR-US: Apple Mac ImageIO
-CVE-2007-0732 (Unspecified vulnerability in the CoreServices daemon in CarbonCore in ...)
+CVE-2007-0732
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0731 (Stack-based buffer overflow in the Apple-specific Samba module (SMB ...)
+CVE-2007-0731
 	NOT-FOR-US: Apple Mac
-CVE-2007-0730 (Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through ...)
+CVE-2007-0730
 	NOT-FOR-US: Apple Mac Server Manager
-CVE-2007-0729 (Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through ...)
+CVE-2007-0729
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0728 (Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through ...)
+CVE-2007-0728
 	NOT-FOR-US: Apple Mac
 CVE-2007-0727
 	REJECTED
-CVE-2007-0726 (The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and ...)
+CVE-2007-0726
 	NOT-FOR-US: Apple OpenSSH
-CVE-2007-0725 (Buffer overflow in the AirPortDriver module for AirPort in Apple Mac ...)
+CVE-2007-0725
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0724 (The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through ...)
+CVE-2007-0724
 	NOT-FOR-US: Apple Mac
-CVE-2007-0723 (Unspecified vulnerability in the authentication feature for ...)
+CVE-2007-0723
 	NOT-FOR-US: Mac OS X
-CVE-2007-0722 (Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 ...)
+CVE-2007-0722
 	NOT-FOR-US: Apple Mac
-CVE-2007-0721 (Unspecified vulnerability in diskimages-helper in Apple Mac OS X ...)
+CVE-2007-0721
 	NOT-FOR-US: Apple Mac
-CVE-2007-0720 (The CUPS service on multiple platforms allows remote attackers to ...)
+CVE-2007-0720
 	- cups 1.2.7-1 (bug #434734; low)
 	- cupsys 1.2.7-1 (bug #434734; low)
 	[sarge] - cupsys <no-dsa> (Minor, conceptual design problem)
 	[etch] - cupsys <no-dsa> (Minor, conceptual design problem)
-CVE-2007-0719 (Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through ...)
+CVE-2007-0719
 	NOT-FOR-US: Apple Mac
-CVE-2007-0718 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...)
+CVE-2007-0718
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0717 (Integer overflow in Apple QuickTime before 7.1.5 allows remote ...)
+CVE-2007-0717
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0716 (Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows ...)
+CVE-2007-0716
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0715 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...)
+CVE-2007-0715
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0714 (Integer overflow in Apple QuickTime before 7.1.5 allows remote ...)
+CVE-2007-0714
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0713 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...)
+CVE-2007-0713
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0712 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...)
+CVE-2007-0712
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0711 (Integer overflow in Apple QuickTime before 7.1.5, when installed on ...)
+CVE-2007-0711
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0710 (The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote ...)
+CVE-2007-0710
 	NOT-FOR-US: Apple iChat
-CVE-2007-0709 (cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) ...)
+CVE-2007-0709
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-0708 (cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) ...)
+CVE-2007-0708
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-0707 (Stack-based buffer overflow in GOM Player 2.0.12.3375 allows ...)
+CVE-2007-0707
 	NOT-FOR-US: GOM Player
-CVE-2007-0706 (Cross-zone scripting vulnerability in Darksky RSS bar for Internet ...)
+CVE-2007-0706
 	NOT-FOR-US: Darksky RSS
-CVE-2007-0705 (Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and ...)
+CVE-2007-0705
 	NOT-FOR-US: Sleipnir
-CVE-2007-0704 (PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 ...)
+CVE-2007-0704
 	NOT-FOR-US: Somery
-CVE-2007-0703 (PHP remote file inclusion vulnerability in library/StageLoader.php in ...)
+CVE-2007-0703
 	NOT-FOR-US: WebBuilder
-CVE-2007-0702 (Multiple PHP remote file inclusion vulnerabilities in phpEventMan ...)
+CVE-2007-0702
 	NOT-FOR-US: phpEventMan
-CVE-2007-0701 (PHP remote file inclusion vulnerability in inc/common.inc.php in ...)
+CVE-2007-0701
 	NOT-FOR-US: Epistemon
-CVE-2007-0700 (Directory traversal vulnerability in index.php in Guernion Sylvain ...)
+CVE-2007-0700
 	NOT-FOR-US: Portail Web
-CVE-2007-0699 (PHP remote file inclusion vulnerability in includes/includes.php in ...)
+CVE-2007-0699
 	NOT-FOR-US: Portail Web
-CVE-2007-0698 (Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier ...)
+CVE-2007-0698
 	NOT-FOR-US: ACGVannu
-CVE-2007-0697 (index2.php in ACGVannu 1.3 and earlier allows remote attackers to ...)
+CVE-2007-0697
 	NOT-FOR-US: ACGVannu
-CVE-2007-0696 (Cross-site scripting (XSS) vulnerability in error messages in Free LAN ...)
+CVE-2007-0696
 	NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0695 (Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net ...)
+CVE-2007-0695
 	NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0694 (Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 ...)
+CVE-2007-0694
 	NOT-FOR-US: DGNews
-CVE-2007-0693 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote ...)
+CVE-2007-0693
 	NOT-FOR-US: DGNews
-CVE-2007-0692 (DGNews 2.1 allows remote attackers to obtain sensitive information via ...)
+CVE-2007-0692
 	NOT-FOR-US: DGNews
 CVE-2007-0691
 	REJECTED
-CVE-2007-0690 (myEvent 1.6 allows remote attackers to obtain sensitive information ...)
+CVE-2007-0690
 	NOT-FOR-US: myEvent
-CVE-2007-0689 (MyBB 1.2.4 allows remote attackers to obtain sensitive information via ...)
+CVE-2007-0689
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2007-XXXX [remctl ACL bypass vulnerability]
 	- remctl 2.2-2
 	[sarge] - remctl <not-affected> (Vulnerable code not present)
-CVE-2007-0688 (SQL injection vulnerability in oku.asp in Hunkaray Duyuru Scripti ...)
+CVE-2007-0688
 	NOT-FOR-US: Hunkaray Duyuru Scripti
-CVE-2007-0687 (SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc ...)
+CVE-2007-0687
 	NOT-FOR-US: L2J Dropcalc
-CVE-2007-0686 (The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) ...)
+CVE-2007-0686
 	NOT-FOR-US: Intel 2200BG Cards drive.
-CVE-2007-0685 (Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and ...)
+CVE-2007-0685
 	NOT-FOR-US: Internet Explorer
-CVE-2007-0684 (PHP remote file inclusion vulnerability in portal.php in Cerulean ...)
+CVE-2007-0684
 	NOT-FOR-US: Cerulean Portal System
-CVE-2007-0683 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2007-0683
 	NOT-FOR-US: Omegaboard
-CVE-2007-0682 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-0682
 	NOT-FOR-US: JV2 Folder Gallery
-CVE-2007-0681 (profile.php in ExtCalendar 2 and earlier allows remote attackers to ...)
+CVE-2007-0681
 	NOT-FOR-US: ExtCalendar
-CVE-2007-0680 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2007-0680
 	NOT-FOR-US: Phpbb Tweaked it is a module to phpbb
-CVE-2007-0679 (PHP remote file inclusion vulnerability in lang/leslangues.php in ...)
+CVE-2007-0679
 	NOT-FOR-US: PHPMyRing
-CVE-2007-0678 (SQL injection vulnerability in windows.asp in Fullaspsite Asp Hosting ...)
+CVE-2007-0678
 	NOT-FOR-US: Fullaspsite Asp Hosting Sites
-CVE-2007-0677 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-0677
 	NOT-FOR-US: Cadre PHP Framework
-CVE-2007-0676 (SQL injection vulnerability in faq.php in ExoPHPDesk 1.2.1 and earlier ...)
+CVE-2007-0676
 	NOT-FOR-US: ExoPHPDesk
-CVE-2007-0675 (A certain ActiveX control in sapi.dll (aka the Speech API) in Speech ...)
+CVE-2007-0675
 	NOT-FOR-US: Windows Vista
-CVE-2007-0674 (Pictures and Videos on Windows Mobile 5.0 and Windows Mobile 2003 and ...)
+CVE-2007-0674
 	NOT-FOR-US: Windows Mobile
-CVE-2007-0673 (LGSERVER.EXE in BrightStor ARCserve Backup for Laptops &amp; Desktops ...)
+CVE-2007-0673
 	NOT-FOR-US: (CA) BrightStor
-CVE-2007-0672 (LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers ...)
+CVE-2007-0672
 	NOT-FOR-US: (CA) BrightStor
-CVE-2007-0671 (Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 ...)
+CVE-2007-0671
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0670 (Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local ...)
+CVE-2007-0670
 	NOT-FOR-US: IBM AIX
-CVE-2007-0669 (Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local ...)
+CVE-2007-0669
 	- twiki 1:4.0.5-9 (bug #410256)
-CVE-2007-0668 (The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in ...)
+CVE-2007-0668
 	NOT-FOR-US: Sun Solaris.
-CVE-2007-0667 (The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and ...)
+CVE-2007-0667
 	- sql-ledger <unfixed> (bug #409703; unimportant)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
 	[etch] - sql-ledger <no-dsa> (Should only be used with trusted users)
 	NOTE: sql-ledger 2.6.22-2 adds a note to README.Debian that sql-ledger
 	NOTE: is not secure with untrusted users.
-CVE-2007-0666 (Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute ...)
+CVE-2007-0666
 	NOT-FOR-US: WS_FTP Server
-CVE-2007-0665 (Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 ...)
+CVE-2007-0665
 	NOT-FOR-US: WS_FTP Server
-CVE-2007-0664 (thttpd before 2.25b-r6 in Gentoo Linux is started from the system root ...)
+CVE-2007-0664
 	- thttpd <not-affected> (Gentoo-specific packaging flaw)
 	NOTE: In accordance with Debian Policy is not possible start Webserver
 	NOTE: in root directory (/).
-CVE-2007-0663 (SQL injection vulnerability in index.php in Eclectic Designs ...)
+CVE-2007-0663
 	NOT-FOR-US: Eclectic Designs CascadianFAQ
-CVE-2007-0662 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-0662
 	NOT-FOR-US: Hailboards
-CVE-2007-0661 (Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), ...)
+CVE-2007-0661
 	NOT-FOR-US: Intel BMC
-CVE-2007-0660 (Cross-site scripting (XSS) vulnerability in the IFrame module before ...)
+CVE-2007-0660
 	NOT-FOR-US: DotNetNuke
-CVE-2007-0659 (download.php in the MuddyDogPaws FileDownload snippet before 2.5 for ...)
+CVE-2007-0659
 	NOT-FOR-US: MODx MuddyDogPaws FileDownload
-CVE-2007-0658 (The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module ...)
+CVE-2007-0658
 	NOT-FOR-US: Drupal addon module "Textimage"
-CVE-2007-0657 (Unspecified vulnerability in Nexuiz 2.2.2 allows remote attackers to ...)
+CVE-2007-0657
 	- nexuiz 2.2.3-1 (medium)
 	[etch] - nexuiz <not-affected> (Vulnerable code not present, was introduced in 2.2.2)
-CVE-2007-0656 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2007-0656
 	NOT-FOR-US: phpBB2-MODificat it is a module to phpbb2
-CVE-2007-0655 (The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan ...)
+CVE-2007-0655
 	NOT-FOR-US: MicroWorld
-CVE-2007-0654 (Integer underflow in X MultiMedia System (xmms) 1.2.10 allows ...)
+CVE-2007-0654
 	{DSA-1277-1}
 	- xmms 1:1.2.10+20070301-2 (bug #416423; low)
-CVE-2007-0653 (Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly ...)
+CVE-2007-0653
 	{DSA-1277-1}
 	- xmms 1:1.2.10+20070301-2 (bug #416423; low)
-CVE-2007-0652 (Cross-site request forgery (CSRF) vulnerability in MailEnable Professional ...)
+CVE-2007-0652
 	NOT-FOR-US: MailEnable Professional
-CVE-2007-0651 (Multiple cross-site scripting (XSS) vulnerabilities in MailEnable ...)
+CVE-2007-0651
 	NOT-FOR-US: MailEnable Professional
-CVE-2007-0650 (Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 ...)
+CVE-2007-0650
 	- tetex-bin <not-affected> (Only vulnerable if compiled w/o kpathsea support, Debian does)
-CVE-2007-0649 (Variable overwrite vulnerability in interface/globals.php in OpenEMR ...)
+CVE-2007-0649
 	NOT-FOR-US: OpenEMR
-CVE-2007-0648 (Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice ...)
+CVE-2007-0648
 	NOT-FOR-US: Cisco
-CVE-2007-0647 (Format string vulnerability in Help Viewer 3.0.0 allows remote ...)
+CVE-2007-0647
 	NOT-FOR-US: AppleKit
-CVE-2007-0646 (Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple ...)
+CVE-2007-0646
 	NOT-FOR-US: iMovie
-CVE-2007-0645 (Format string vulnerability in iPhoto 6.0.5 allows remote ...)
+CVE-2007-0645
 	NOT-FOR-US: iPhoto
-CVE-2007-0644 (Format string vulnerability in Apple Safari 2.0.4 (419.3) allows ...)
+CVE-2007-0644
 	NOT-FOR-US: Apple Safari
-CVE-2007-0643 (Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows ...)
+CVE-2007-0643
 	NOT-FOR-US: Bloodshed Dev-C++
-CVE-2007-0642 (SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU ...)
+CVE-2007-0642
 	NOT-FOR-US: Raymond BERTHOU script collection
-CVE-2007-0641 (Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 ...)
+CVE-2007-0641
 	NOT-FOR-US: Shaffer Solutions (SSC)
-CVE-2007-0640 (Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack ...)
+CVE-2007-0640
 	- zabbix 1:1.1.4-8 (bug #409257)
-CVE-2007-0639 (Multiple static code injection vulnerabilities in error.php in GuppY ...)
+CVE-2007-0639
 	NOT-FOR-US: GuppY
-CVE-2007-0638 (show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers ...)
+CVE-2007-0638
 	NOT-FOR-US: PHPFootball
-CVE-2007-0637 (Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 ...)
+CVE-2007-0637
 	NOT-FOR-US: Galeria Zdjec
-CVE-2007-0636 (Unspecified vulnerability in inotify before 0.3.5 has unknown impact ...)
+CVE-2007-0636
 	NOT-FOR-US: incron
-CVE-2007-0635 (Multiple PHP remote file inclusion vulnerabilities in EncapsCMS 0.3.6 ...)
+CVE-2007-0635
 	NOT-FOR-US: EncapsCMS
-CVE-2007-0634 (Unspecified vulnerability in Sun Solaris 10 before 20070130 allows ...)
+CVE-2007-0634
 	NOT-FOR-US: Sun Solaris
 CVE-2007-XXXX [kaya buffer overflow, cross-site scripting and data leak]
 	- kaya 0.2.0-6 (bug #409062)
 CVE-2007-XXXX [file descriptor leak when a Compose file uses the "include" directive]
 	- libx11 2:1.0.3-5 (low)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=9279
-CVE-2007-0633 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-0633
 	NOT-FOR-US: MyNews
-CVE-2007-0632 (SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and ...)
+CVE-2007-0632
 	NOT-FOR-US: ASP EDGE
-CVE-2007-0631 (SQL injection vulnerability in index.php in Eclectic Designs ...)
+CVE-2007-0631
 	NOT-FOR-US: Eclectic Designs CascadianFAQ
-CVE-2007-0630 (Multiple SQL injection vulnerabilities in the generate_csv function in ...)
+CVE-2007-0630
 	NOT-FOR-US: xNews
-CVE-2007-0629 (The www_purgeList method in Plain Black WebGUI before 7.3.8 does not ...)
+CVE-2007-0629
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2007-0628 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2007-0628
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-0627 (Michael Still gtalkbot before 1.2 places username and password ...)
+CVE-2007-0627
 	NOT-FOR-US: gtalkbot
-CVE-2007-0626 (The comment_form_add_preview function in comment.module in Drupal ...)
+CVE-2007-0626
 	- drupal 4.7.6-1
-CVE-2007-0625 (nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not ...)
+CVE-2007-0625
 	NOT-FOR-US: NoMachine NX Server
-CVE-2007-0624 (user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the ...)
+CVE-2007-0624
 	NOT-FOR-US: MAXdev MDPro
-CVE-2007-0623 (SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows ...)
+CVE-2007-0623
 	NOT-FOR-US: MAXdev MDPro
-CVE-2007-0622 (Cross-site request forgery (CSRF) vulnerability in MyBB (aka ...)
+CVE-2007-0622
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2007-0621
 	REJECTED
-CVE-2007-0620 (download.php in FD Script 1.3.2 and earlier allows remote attackers to ...)
+CVE-2007-0620
 	NOT-FOR-US: FD Script
-CVE-2007-0619 (chmlib before 0.39 allows user-assisted remote attackers to execute ...)
+CVE-2007-0619
 	- chmlib 2:0.39-1 (bug #408603; medium)
-CVE-2007-0618 (Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) ...)
+CVE-2007-0618
 	NOT-FOR-US: IBM AIX
-CVE-2007-0617 (The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked ...)
+CVE-2007-0617
 	NOT-FOR-US: Earthlink TotalAccess
-CVE-2007-0616 (Directory traversal vulnerability in zen/template-functions.php in ...)
+CVE-2007-0616
 	NOT-FOR-US: zenphoto
-CVE-2007-0615 (Unspecified vulnerability in Hitachi JP1/HIBUN Advanced Edition ...)
+CVE-2007-0615
 	NOT-FOR-US: Hitachi
-CVE-2007-0614 (The Bonjour functionality in mDNSResponder, iChat 3.1.6, and ...)
+CVE-2007-0614
 	NOT-FOR-US: Apple
-CVE-2007-0613 (The Bonjour functionality in mDNSResponder, iChat 3.1.6, and ...)
+CVE-2007-0613
 	NOT-FOR-US: Apple
-CVE-2007-0612 (Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and ...)
+CVE-2007-0612
 	NOT-FOR-US: Microsoft ActiveX
-CVE-2007-0611 (Multiple cross-site scripting (XSS) vulnerabilities in Free LAN ...)
+CVE-2007-0611
 	NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0610 (Cross-site scripting (XSS) vulnerability in the mailform feature in ...)
+CVE-2007-0610
 	NOT-FOR-US: CMSimple
-CVE-2007-0609 (Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows ...)
+CVE-2007-0609
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0608 (Advanced Guestbook 2.4.2 allows remote attackers to obtain sensitive ...)
+CVE-2007-0608
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0607 (W-Agora (Web-Agora) 4.2.1, when register_globals is enabled, stores ...)
+CVE-2007-0607
 	NOT-FOR-US: Web-Agora
-CVE-2007-0606 (w-agora 4.2.1 allows remote attackers to obtain sensitive information ...)
+CVE-2007-0606
 	NOT-FOR-US: Web-Agora
-CVE-2007-0605 (Cross-site scripting (XSS) vulnerability in picture.php in Advanced ...)
+CVE-2007-0605
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0604 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) before ...)
+CVE-2007-0604
 	NOT-FOR-US: Movable Type
-CVE-2007-0603 (PGP Desktop before 9.5.1 does not validate data objects received over ...)
+CVE-2007-0603
 	NOT-FOR-US: PGP Desktop
-CVE-2007-0602 (Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro ...)
+CVE-2007-0602
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2007-0601 (common/safety.php in Aztek Forum 4.00 allows remote attackers to enter ...)
+CVE-2007-0601
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0600 (SQL injection vulnerability in news_page.asp in Martyn Kilbryde ...)
+CVE-2007-0600
 	NOT-FOR-US: makit news
-CVE-2007-0599 (Variable overwrite vulnerability in common/config.php in Aztek Forum ...)
+CVE-2007-0599
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0598 (SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 ...)
+CVE-2007-0598
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0597 (Aztek Forum 4.00 allows remote attackers to obtain sensitive ...)
+CVE-2007-0597
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0596 (PHP remote file inclusion vulnerability in index/main.php in Aztek ...)
+CVE-2007-0596
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0595 (Cross-site scripting (XSS) vulnerability in search in High 5 Review ...)
+CVE-2007-0595
 	NOT-FOR-US: high5 Review
-CVE-2007-0594 (Siteman 2.0.x2 stores sensitive information under the web root with ...)
+CVE-2007-0594
 	NOT-FOR-US: Siteman
-CVE-2007-0593 (Siteman 1.1.11 stores sensitive information under the web root with ...)
+CVE-2007-0593
 	NOT-FOR-US: Siteman
-CVE-2007-0592 (Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows ...)
+CVE-2007-0592
 	NOT-FOR-US: EzDatabase
-CVE-2007-0591 (PHP remote file inclusion vulnerability in configure.php in Vu Le An ...)
+CVE-2007-0591
 	NOT-FOR-US: VirtualPath
-CVE-2007-0590 (Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre ...)
+CVE-2007-0590
 	NOT-FOR-US: Forum Livre
-CVE-2007-0589 (SQL injection vulnerability in Forum Livre 1.0 allows remote attackers ...)
+CVE-2007-0589
 	NOT-FOR-US: Forum Livre
-CVE-2007-0588 (The InternalUnpackBits function in Apple QuickDraw, as used by ...)
+CVE-2007-0588
 	NOT-FOR-US: Apple
 CVE-2007-0587
 	RESERVED
 CVE-2007-0586
 	RESERVED
-CVE-2007-0585 (include/debug.php in Webfwlog 0.92 and earlier, when register_globals ...)
+CVE-2007-0585
 	NOT-FOR-US: Webfwlog
-CVE-2007-0584 (PHP remote file inclusion vulnerability in membres/membreManager.php ...)
+CVE-2007-0584
 	NOT-FOR-US: PhP Generic
-CVE-2007-0583 (Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander ...)
+CVE-2007-0583
 	NOT-FOR-US: HTTP Commander
-CVE-2007-0582 (SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows ...)
+CVE-2007-0582
 	NOT-FOR-US: ChernobiLe
-CVE-2007-0581 (PHP remote file inclusion vulnerability in functions.php in EclipseBB ...)
+CVE-2007-0581
 	NOT-FOR-US: EclipseBB
-CVE-2007-0580 (PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 ...)
+CVE-2007-0580
 	NOT-FOR-US: Foro Domus
-CVE-2007-0579 (Unspecified vulnerability in the calendar component in Horde Groupware ...)
+CVE-2007-0579
 	NOT-FOR-US: Horde Groupware
-CVE-2007-0578 (The http_open function in httpget.c in mpg123 before 0.64 allows ...)
+CVE-2007-0578
 	- mpg123 0.61-5 (bug #409296; unimportant)
 	NOTE: Not much of a security problem; user will abort mpg123 and never listen to
 	NOTE: the faulty stream again
-CVE-2007-0577 (PHP remote file inclusion vulnerability in function.inc.php in ...)
+CVE-2007-0577
 	NOT-FOR-US: ACGVclick
-CVE-2007-0576 (PHP remote file inclusion vulnerability in xt_counter.php in Xt-Stats ...)
+CVE-2007-0576
 	NOT-FOR-US: Xt-Stats
-CVE-2007-0575 (Multiple SQL injection vulnerabilities in the administrative login ...)
+CVE-2007-0575
 	NOT-FOR-US: ASPCode.net AdMentor
-CVE-2007-0574 (SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo ...)
+CVE-2007-0574
 	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
-CVE-2007-0573 (PHP remote file inclusion vulnerability in includes/config.inc.php in ...)
+CVE-2007-0573
 	NOT-FOR-US: nsGalPHP
-CVE-2007-0572 (PHP remote file inclusion vulnerability in include/irc/phpIRC.php in ...)
+CVE-2007-0572
 	NOT-FOR-US: Drunken:Golem Gaming Portal
-CVE-2007-0571 (PHP remote file inclusion vulnerability in include/lib/lib_head.php in ...)
+CVE-2007-0571
 	NOT-FOR-US: phpMyReports
-CVE-2007-0570 (PHP remote file inclusion vulnerability in ains_main.php in Johannes ...)
+CVE-2007-0570
 	NOT-FOR-US: Ad Fundum Integratable News Script
-CVE-2007-0569 (SQL injection vulnerability in xNews.php in xNews 1.3 allows remote ...)
+CVE-2007-0569
 	NOT-FOR-US: xNews
-CVE-2007-0568 (PHP remote file inclusion vulnerability in system/lib/package.php in ...)
+CVE-2007-0568
 	NOT-FOR-US: MyPHPCommander
-CVE-2007-0567 (Cross-site scripting (XSS) vulnerability in admin.php in ...)
+CVE-2007-0567
 	NOT-FOR-US: Interactive-Scripts.Com
-CVE-2007-0566 (SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and ...)
+CVE-2007-0566
 	NOT-FOR-US: ASP NEWS
-CVE-2007-0565 (CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote ...)
+CVE-2007-0565
 	NOT-FOR-US: CGI RESCUE
-CVE-2007-0564 (The license registering interface in Symantec Web Security (SWS) ...)
+CVE-2007-0564
 	NOT-FOR-US: Symantec
-CVE-2007-0563 (Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web ...)
+CVE-2007-0563
 	NOT-FOR-US: Symantec
-CVE-2007-0562 (Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP ...)
+CVE-2007-0562
 	NOT-FOR-US: Windows Explorer
-CVE-2007-0561 (Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 ...)
+CVE-2007-0561
 	NOT-FOR-US: Xero Portal
-CVE-2007-0560 (SQL injection vulnerability in user.asp in ASP EDGE 1.2b and earlier ...)
+CVE-2007-0560
 	NOT-FOR-US: ASP EDGE
-CVE-2007-0559 (PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 ...)
+CVE-2007-0559
 	NOT-FOR-US: RPW
-CVE-2007-0558 (PHP remote file inclusion vulnerability in modules/mail/main.php in ...)
+CVE-2007-0558
 	NOT-FOR-US: vHostAdmin
-CVE-2007-0557 (rMake before 1.0.4 drops root privileges in a way that retains the ...)
+CVE-2007-0557
 	NOT-FOR-US: rPath
-CVE-2007-0556 (The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and ...)
+CVE-2007-0556
 	- postgresql-8.2 8.2.2-1
 	- postgresql-8.1 8.1.7-1
 	- postgresql-7.4 <not-affected> (only PostgreSQL 8.x)
 	- postgresql <not-affected> (only PostgreSQL 8.x)
-CVE-2007-0555 (PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, ...)
+CVE-2007-0555
 	{DSA-1261-1}
 	- postgresql-8.2 8.2.2-1
 	- postgresql-8.1 8.1.7-1
 	- postgresql-7.4 1:7.4.16-1
 	- postgresql <not-affected> (only transitional package)
-CVE-2007-0554 (SQL injection vulnerability in print.asp in Guo Xu Guos Posting System ...)
+CVE-2007-0554
 	NOT-FOR-US: Guos Posting System
-CVE-2007-0553 (Multiple cross-site scripting (XSS) vulnerabilities in index.inc.php ...)
+CVE-2007-0553
 	NOT-FOR-US: PHProxy
-CVE-2007-0552 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2007-0552
 	NOT-FOR-US: Onnac
-CVE-2007-0551 (Multiple PHP remote file inclusion vulnerabilities in cmsimple/cms.php ...)
+CVE-2007-0551
 	NOT-FOR-US: CMSimple
-CVE-2007-0550 (Cross-site scripting (XSS) vulnerability in search.php in 212cafeBoard ...)
+CVE-2007-0550
 	NOT-FOR-US: 212cafe Guestbook
-CVE-2007-0549 (Cross-site scripting (XSS) vulnerability in list3.php in 212cafeBoard ...)
+CVE-2007-0549
 	NOT-FOR-US: 212cafe Guestbook
-CVE-2007-0548 (KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a ...)
+CVE-2007-0548
 	NOT-FOR-US: KarjaSoft
-CVE-2007-0547 (Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and ...)
+CVE-2007-0547
 	NOT-FOR-US: CGI RESCUE
-CVE-2007-0546 (Toxiclab Shoutbox 1 stores sensitive information under the web root ...)
+CVE-2007-0546
 	NOT-FOR-US: Toxiclab Shoutbox
-CVE-2007-0545 (Maxtricity Tagger 0.1 stores sensitive information under the web root ...)
+CVE-2007-0545
 	NOT-FOR-US: Maxtricity Tagger
-CVE-2007-0544 (Cross-site scripting (XSS) vulnerability in private.php in MyBB (aka ...)
+CVE-2007-0544
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-0543 (ZixForum 1.14 and earlier stores sensitive information under the web ...)
+CVE-2007-0543
 	NOT-FOR-US: ZixForum
-CVE-2007-0542 (Cross-site scripting (XSS) vulnerability in show.php in 212cafe ...)
+CVE-2007-0542
 	NOT-FOR-US: 212cafe Guestbook
-CVE-2007-0541 (WordPress allows remote attackers to determine the existence of ...)
+CVE-2007-0541
 	{DTSA-33-1}
 	- wordpress 2.1.0-1 (low)
-CVE-2007-0540 (WordPress allows remote attackers to cause a denial of service ...)
+CVE-2007-0540
 	{DSA-1564-1}
 	- wordpress 2.1.0-1 (low)
-CVE-2007-0539 (The wp_remote_fopen function in WordPress before 2.1 allows remote ...)
+CVE-2007-0539
 	{DTSA-33-1}
 	- wordpress 2.1.0-1 (low)
-CVE-2007-0538 (Telligent Community Server 2.1 and earlier allows remote attackers to ...)
+CVE-2007-0538
 	NOT-FOR-US: Telligent
-CVE-2007-0537 (The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not ...)
+CVE-2007-0537
 	- kdelibs 4:3.5.5a.dfsg.1-6 (bug #409868; medium)
-CVE-2007-0536 (The chroot helper in rMake for rPath Linux 1 does not drop ...)
+CVE-2007-0536
 	NOT-FOR-US: rPath
-CVE-2007-0535 (Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly ...)
+CVE-2007-0535
 	NOT-FOR-US: Vote! Pro
-CVE-2007-0534 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Project ...)
+CVE-2007-0534
 	NOT-FOR-US: Drupal module "Project"
-CVE-2007-0533 (The AToZed IntraWeb component 8.0 and earlier for Borland Delphi and ...)
+CVE-2007-0533
 	NOT-FOR-US: Borland Delphi
-CVE-2007-0532 (Tuan Do Uploader (aka php-uploader) 6 beta 1 stores sensitive ...)
+CVE-2007-0532
 	NOT-FOR-US: Uploader
-CVE-2007-0531 (PHP remote file inclusion vulnerability in includes/login.php in ...)
+CVE-2007-0531
 	NOT-FOR-US: FreeWebShop
-CVE-2007-0530 (** DISPUTED ** ...)
+CVE-2007-0530
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0529 (Cross-site scripting (XSS) vulnerability in index.html (aka the ...)
+CVE-2007-0529
 	NOT-FOR-US: PHP Link Directory
-CVE-2007-0528 (The admin web console implemented by the Centrality Communications ...)
+CVE-2007-0528
 	NOT-FOR-US: Centrality Communications
-CVE-2007-0527 (SQL injection vulnerability in the is_remembered function in ...)
+CVE-2007-0527
 	NOT-FOR-US: Website Baker
-CVE-2007-0526 (Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.3.1 ...)
+CVE-2007-0526
 	NOT-FOR-US: Bitweaver
-CVE-2007-0525 (Multiple buffer overflows in Nickolas Grigoriadis Mini Web server ...)
+CVE-2007-0525
 	NOT-FOR-US: Mini Web server
-CVE-2007-0524 (The LG Chocolate KG800 phone allows remote attackers to cause a denial ...)
+CVE-2007-0524
 	NOT-FOR-US: LG
-CVE-2007-0523 (The Nokia N70 phone allows remote attackers to cause a denial of ...)
+CVE-2007-0523
 	NOT-FOR-US: Nokia
-CVE-2007-0522 (The Motorola MOTORAZR V3 phone allows remote attackers to cause a ...)
+CVE-2007-0522
 	NOT-FOR-US: Motorola
-CVE-2007-0521 (The Sony Ericsson K700i and W810i phones allow remote attackers to ...)
+CVE-2007-0521
 	NOT-FOR-US: Sony Ericsson
-CVE-2007-0520 (SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x ...)
+CVE-2007-0520
 	NOT-FOR-US: Unique Ads
-CVE-2007-0519 (Cross-site scripting (XSS) vulnerability in memcp.php in XMB U2U ...)
+CVE-2007-0519
 	NOT-FOR-US: XMB Host
-CVE-2007-0518 (Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive ...)
+CVE-2007-0518
 	NOT-FOR-US: Scriptsez
-CVE-2007-0517 (Scriptsez Random PHP Quote 1.0 stores sensitive information under the ...)
+CVE-2007-0517
 	NOT-FOR-US: Scriptsez
-CVE-2007-0516 (Yana Framework before 2.8.5a allows remote authenticated users with ...)
+CVE-2007-0516
 	NOT-FOR-US: Yana
-CVE-2007-0515 (Unspecified vulnerability in Microsoft Word allows user-assisted ...)
+CVE-2007-0515
 	NOT-FOR-US: Microsoft
-CVE-2007-0514 (Multiple cross-site scripting (XSS) vulnerabilities in multiple ...)
+CVE-2007-0514
 	NOT-FOR-US: Hitachi
-CVE-2007-0513 (Hitachi HiRDB Datareplicator 7HiRDB, 7(64), 6, 6(64), 5.0, and ...)
+CVE-2007-0513
 	NOT-FOR-US: Hitachi
-CVE-2007-0512 (Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and ...)
+CVE-2007-0512
 	NOT-FOR-US: Hitachi
-CVE-2007-0511 (Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM ...)
+CVE-2007-0511
 	NOT-FOR-US: phpXD
-CVE-2007-0510 (Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) ...)
+CVE-2007-0510
 	- awffull <unfixed> (unimportant)
 	NOTE: This appears to be a bug without a vulnerability vector.
-CVE-2007-0509 (Multiple unspecified vulnerabilities in MaklerPlus before 1.2 have ...)
+CVE-2007-0509
 	NOT-FOR-US: MaklerPlus
-CVE-2007-0507 (SQL injection vulnerability in the Acidfree module for Drupal before ...)
+CVE-2007-0507
 	NOT-FOR-US: Drupal module "Acidfree"
-CVE-2007-0506 (The project_issue_access function in the Project issue tracking 4.7.0 ...)
+CVE-2007-0506
 	NOT-FOR-US: Drupal module "Project"
-CVE-2007-0505 (Unrestricted file upload vulnerability in the Project issue tracking ...)
+CVE-2007-0505
 	NOT-FOR-US: Drupal module "Project"
-CVE-2007-0504 (Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and ...)
+CVE-2007-0504
 	NOT-FOR-US: Vote! Pro
-CVE-2007-0503 (Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 ...)
+CVE-2007-0503
 	NOT-FOR-US: Sun
-CVE-2007-0502 (SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows ...)
+CVE-2007-0502
 	NOT-FOR-US: webSPELL
-CVE-2007-0501 (PHP remote file inclusion vulnerability in index.php in Mafia Scum ...)
+CVE-2007-0501
 	NOT-FOR-US: Advanced Random Generators
-CVE-2007-0500 (PHP remote file inclusion vulnerability in include/includes.php in ...)
+CVE-2007-0500
 	NOT-FOR-US: Bradabra
-CVE-2007-0499 (PHP remote file inclusion vulnerability in config.php in Sangwan Kim ...)
+CVE-2007-0499
 	NOT-FOR-US: phpIndexPage
-CVE-2007-0498 (PHP remote file inclusion vulnerability in up.php in MySpeach 2.1 beta ...)
+CVE-2007-0498
 	NOT-FOR-US: MySpeach
-CVE-2007-0497 (PHP remote file inclusion vulnerability in upload/top.php in ...)
+CVE-2007-0497
 	NOT-FOR-US: Upload-Service
-CVE-2007-0496 (PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs ...)
+CVE-2007-0496
 	NOT-FOR-US: Neon Lab
-CVE-2007-0495 (PHP remote file inclusion vulnerability in include/config.inc.php in ...)
+CVE-2007-0495
 	NOT-FOR-US: PhpSherpa
-CVE-2007-0492 (Multiple SQL injection vulnerabilities in gallery.php in webSPELL ...)
+CVE-2007-0492
 	NOT-FOR-US: webSPELL
-CVE-2007-0491 (PHP remote file inclusion vulnerability in up.php in Sky GUNNING ...)
+CVE-2007-0491
 	NOT-FOR-US: MySpeach
-CVE-2007-0490 (index.php in Open-Realty 2.3.4 allows remote attackers to obtain ...)
+CVE-2007-0490
 	NOT-FOR-US: Open-Realty
-CVE-2007-0489 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-0489
 	NOT-FOR-US: VisoHotlink
-CVE-2007-0488 (The Huawei Versatile Routing Platform 1.43 2500E-003 firmware on the ...)
+CVE-2007-0488
 	NOT-FOR-US: Huawei
-CVE-2007-0487 (** DISPUTED ** ...)
+CVE-2007-0487
 	NOT-FOR-US: FreeForum
-CVE-2007-0486 (** DISPUTED ** ...)
+CVE-2007-0486
 	NOT-FOR-US: Openads
-CVE-2007-0485 (PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 ...)
+CVE-2007-0485
 	NOT-FOR-US: Webdev
-CVE-2007-0484 (Multiple SQL injection vulnerabilities in Enthusiast 3.1 allow remote ...)
+CVE-2007-0484
 	NOT-FOR-US: ReviewPost
-CVE-2007-0483 (Multiple cross-site scripting (XSS) vulnerabilities in Enthusiast 3.1 ...)
+CVE-2007-0483
 	NOT-FOR-US: ReviewPost
-CVE-2007-0482 (cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 ...)
+CVE-2007-0482
 	NOT-FOR-US: Sun
-CVE-2007-0481 (Cisco IOS allows remote attackers to cause a denial of service (crash) ...)
+CVE-2007-0481
 	NOT-FOR-US: Cisco
-CVE-2007-0480 (Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x ...)
+CVE-2007-0480
 	NOT-FOR-US: Cisco
-CVE-2007-0479 (Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x ...)
+CVE-2007-0479
 	NOT-FOR-US: Cisco
-CVE-2007-0478 (WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does ...)
+CVE-2007-0478
 	NOT-FOR-US: Apple Safari
-CVE-2007-0477 (Cross-site scripting (XSS) vulnerability in Openads 2.0.x before ...)
+CVE-2007-0477
 	NOT-FOR-US: Openads
-CVE-2007-0476 (The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, ...)
+CVE-2007-0476
 	- openldap2 <not-affected> (Gentoo packaging bug)
-CVE-2007-0475 (Multiple stack-based buffer overflows in utilities/smb4k_*.cpp in ...)
+CVE-2007-0475
 	- smb4k 0.8.1-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
 	NOTE: not all problems fixed in 0.8.0
-CVE-2007-0474 (Smb4K before 0.8.0 allow local users, when present on the Smb4K ...)
+CVE-2007-0474
 	- smb4k 0.8.1-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
 	NOTE: not fixed in 0.8.0, see
 	NOTE: https://web.archive.org/web/20070712072042/http://developer.berlios.de/bugs/?func=detailbug&bug_id=9631&group_id=769
-CVE-2007-0473 (The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 ...)
+CVE-2007-0473
 	- smb4k 0.8.0-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
-CVE-2007-0472 (Multiple race conditions in Smb4K before 0.8.0 allow local users to ...)
+CVE-2007-0472
 	- smb4k 0.8.0-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
-CVE-2007-0508 (PHP remote file inclusion vulnerability in lib/selectlang.php in ...)
+CVE-2007-0508
 	- bbclone 0.4.6-8 (bug #408839; medium)
 CVE-2007-XXXX [hinfo code injection]
 	- hinfo 1.02-3.1 (bug #402316; low)
 	[sarge] - hinfo <no-dsa> (Package completely broken, hardly usable for an attack)
-CVE-2007-0494 (ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 ...)
+CVE-2007-0494
 	{DSA-1254-1}
 	- bind9 1:9.3.4-2 (medium; bug #408432)
 	- bind <not-affected>
-CVE-2007-0493 (Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up ...)
+CVE-2007-0493
 	- bind9 1:9.3.4-2 (medium; bug #408432)
 	[sarge] - bind9 <not-affected> (Vulnerable code not present)
 	- bind <not-affected>
@@ -14945,81 +14945,81 @@ CVE-2007-XXXX [gstreamer ffmpeg missing checks of packet sizes, chunk sizes, and
 	- ffmpeg 0.cvs20060823-6
 	- xmovie <not-affected> (this is not an issue in the avformat ffmpeg code copy)
 	- mplayer 1.0~rc1-12
-CVE-2007-0471 (sre/params.php in the Integrity Clientless Security (ICS) component in ...)
+CVE-2007-0471
 	NOT-FOR-US: Check Point
-CVE-2007-0470 (Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and ...)
+CVE-2007-0470
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0469 (The extract_files function in installer.rb in RubyGems before 0.9.1 ...)
+CVE-2007-0469
 	- libgems-ruby 0.9.3-1 (low; bug #408299)
 	[etch] - libgems-ruby <no-dsa> (Minor issue, needs implicit trust on installed data)
-CVE-2007-0468 (Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ ...)
+CVE-2007-0468
 	NOT-FOR-US: Visual C++
-CVE-2007-0467 (crashdump in Apple Mac OS X 10.4.8 allows local users in the admin ...)
+CVE-2007-0467
 	NOT-FOR-US: Apple
-CVE-2007-0466 (Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 ...)
+CVE-2007-0466
 	NOT-FOR-US: Telestream
-CVE-2007-0465 (Format string vulnerability in Apple Installer 2.1.5 on Mac OS X ...)
+CVE-2007-0465
 	NOT-FOR-US: Apple
-CVE-2007-0464 (The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 ...)
+CVE-2007-0464
 	NOT-FOR-US: CFNetwork on Apple Mac OS
-CVE-2007-0463 (Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X ...)
+CVE-2007-0463
 	NOT-FOR-US: Apple
-CVE-2007-0462 (The _GetSrcBits32ARGB function in Apple QuickDraw, as used by ...)
+CVE-2007-0462
 	NOT-FOR-US: Apple
-CVE-2007-0461 (Multiple memory leaks in the Dazuko anti-virus helper module before ...)
+CVE-2007-0461
 	- dazuko-source <removed> (bug #408300)
 	[sarge] - dazuko-source <not-affected> (Vulnerable code not present)
-CVE-2007-0460 (Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and ...)
+CVE-2007-0460
 	- ulogd 1.23-6 (medium)
-CVE-2007-0459 (packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) ...)
+CVE-2007-0459
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0458 (Unspecified vulnerability in the HTTP dissector in Wireshark (formerly ...)
+CVE-2007-0458
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0457 (Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark ...)
+CVE-2007-0457
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0456 (Unspecified vulnerability in the LLT dissector in Wireshark (formerly ...)
+CVE-2007-0456
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0455 (Buffer overflow in the gdImageStringFTEx function in gdft.c in GD ...)
+CVE-2007-0455
 	{DSA-1936-1}
 	- libgd2 2.0.35.dfsg-1 (bug #408982; low)
 	[sarge] - libgd2 <no-dsa> (Minor issue, hardly exploitable)
 	[etch] - libgd2 <no-dsa> (Minor issue, hardly exploitable)
-CVE-2007-0454 (Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 ...)
+CVE-2007-0454
 	{DSA-1257}
 	- samba 3.0.23d-5 (medium)
-CVE-2007-0453 (Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 ...)
+CVE-2007-0453
 	- samba <not-affected> (Solaris-specific vulnerability)
-CVE-2007-0452 (smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users ...)
+CVE-2007-0452
 	{DSA-1257}
 	- samba 3.0.23d-5 (low)
-CVE-2007-0450 (Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x ...)
+CVE-2007-0450
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.23-1 (unimportant)
 	NOTE: This only adds an additional control settings for path delimiters, the
 	NOTE: necessary proxies still need to be secured or fixed individually (e.g.
 	NOTE: as done for mod_jk in a DSA
-CVE-2007-0449 (Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve ...)
+CVE-2007-0449
 	NOT-FOR-US: CA BrightStor
-CVE-2007-0448 (The fopen function in PHP 5.2.0 does not properly handle invalid URI ...)
+CVE-2007-0448
 	- php5 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2007-0447 (Heap-based buffer overflow in the Decomposer component in multiple ...)
+CVE-2007-0447
 	NOT-FOR-US: Symantec
-CVE-2007-0446 (Stack-based buffer overflow in magentproc.exe for Hewlett-Packard ...)
+CVE-2007-0446
 	NOT-FOR-US: HP Mercury
-CVE-2007-0445 (Heap-based buffer overflow in the arj.ppl module in the OnDemand ...)
+CVE-2007-0445
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-0444 (Stack-based buffer overflow in the print provider library (cpprov.dll) ...)
+CVE-2007-0444
 	NOT-FOR-US: Citrix
-CVE-2007-0443 (Multiple buffer overflows in the CDDBControl ActiveX control in ...)
+CVE-2007-0443
 	NOT-FOR-US: GraceNote ActiveX Control
-CVE-2007-0442 (Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown ...)
+CVE-2007-0442
 	NOT-FOR-US: IBM OS/400
-CVE-2007-0441 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2007-0441
 	NOT-FOR-US: OpenView Network Node Manager
 CVE-2007-0440
 	RESERVED
@@ -15027,157 +15027,157 @@ CVE-2007-0439
 	RESERVED
 CVE-2007-0438
 	RESERVED
-CVE-2007-0437 (Multiple cross-site scripting (XSS) vulnerabilities in the sample ...)
+CVE-2007-0437
 	NOT-FOR-US: InterSystems Cache
-CVE-2007-0436 (Barron McCann X-Kryptor Driver BMS1446HRR (Xgntr BMS1351 Install ...)
+CVE-2007-0436
 	NOT-FOR-US: X-Kryptor
-CVE-2007-0435 (T-Com Speedport 500V routers with firmware 1.31 allow remote attackers ...)
+CVE-2007-0435
 	NOT-FOR-US: T-Com Speedport
-CVE-2007-0434 (BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 ...)
+CVE-2007-0434
 	NOT-FOR-US: BEA
-CVE-2007-0433 (Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 ...)
+CVE-2007-0433
 	NOT-FOR-US: BEA
-CVE-2007-0432 (BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject ...)
+CVE-2007-0432
 	NOT-FOR-US: BEA
-CVE-2007-0431 (AVM Fritz!Box 7050, and possibly other product models, allows remote ...)
+CVE-2007-0431
 	NOT-FOR-US: AVM
-CVE-2007-0430 (The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and ...)
+CVE-2007-0430
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0429 (DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed ...)
+CVE-2007-0429
 	NOT-FOR-US: DivX Web Player
-CVE-2007-0428 (Unspecified vulnerability in the chtbl_lookup function in hash.c for ...)
+CVE-2007-0428
 	- wzdftpd 0.8.1-1 (medium)
-CVE-2007-0427 (Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 ...)
+CVE-2007-0427
 	NOT-FOR-US: Microsoft
-CVE-2007-0426 (BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered ...)
+CVE-2007-0426
 	NOT-FOR-US: BEA
-CVE-2007-0425 (Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 ...)
+CVE-2007-0425
 	NOT-FOR-US: BEA
-CVE-2007-0424 (Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for ...)
+CVE-2007-0424
 	NOT-FOR-US: BEA
-CVE-2007-0423 (BEA WebLogic Portal 9.2 does not properly handle when an administrator ...)
+CVE-2007-0423
 	NOT-FOR-US: BEA
-CVE-2007-0422 (BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, ...)
+CVE-2007-0422
 	NOT-FOR-US: BEA
-CVE-2007-0421 (BEA WebLogic Server 6.1 through 6.1 SP7, and 7.0 through 7.0 SP7 ...)
+CVE-2007-0421
 	NOT-FOR-US: BEA
-CVE-2007-0420 (BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote attackers to ...)
+CVE-2007-0420
 	NOT-FOR-US: BEA
-CVE-2007-0419 (The BEA WebLogic Server proxy plug-in before June 2006 for the Apache ...)
+CVE-2007-0419
 	NOT-FOR-US: BEA
-CVE-2007-0418 (BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and ...)
+CVE-2007-0418
 	NOT-FOR-US: BEA
-CVE-2007-0417 (BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and ...)
+CVE-2007-0417
 	NOT-FOR-US: BEA
-CVE-2007-0416 (The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and ...)
+CVE-2007-0416
 	NOT-FOR-US: BEA
-CVE-2007-0415 (BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce ...)
+CVE-2007-0415
 	NOT-FOR-US: BEA
-CVE-2007-0414 (BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP6, 8.1 ...)
+CVE-2007-0414
 	NOT-FOR-US: BEA
-CVE-2007-0413 (BEA WebLogic Server 8.1 through 8.1 SP5 stores cleartext data in a ...)
+CVE-2007-0413
 	NOT-FOR-US: BEA
-CVE-2007-0412 (BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP7, and 8.1 ...)
+CVE-2007-0412
 	NOT-FOR-US: BEA
-CVE-2007-0411 (BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when ...)
+CVE-2007-0411
 	NOT-FOR-US: BEA
-CVE-2007-0410 (Unspecified vulnerability in the thread management in BEA WebLogic 7.0 ...)
+CVE-2007-0410
 	NOT-FOR-US: BEA
-CVE-2007-0409 (BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial ...)
+CVE-2007-0409
 	NOT-FOR-US: BEA
-CVE-2007-0408 (BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate ...)
+CVE-2007-0408
 	NOT-FOR-US: BEA
-CVE-2007-0407 (Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain ...)
+CVE-2007-0407
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2007-0406 (Multiple buffer overflows in the (1) main function in (a) client.c, ...)
+CVE-2007-0406
 	- gxine 0.5.8-2 (medium; bug #405876)
-CVE-2007-0405 (The LazyUser class in the AuthenticationMiddleware for Django 0.95 ...)
+CVE-2007-0405
 	- python-django 0.95.1-1 (bug #407786)
-CVE-2007-0404 (bin/compile-messages.py in Django 0.95 does not quote argument strings ...)
+CVE-2007-0404
 	- python-django 0.95.1-1 (bug #407786)
-CVE-2007-0403 (SQL injection vulnerability in admin/memberlist.php in Easebay ...)
+CVE-2007-0403
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0402 (Cross-site scripting (XSS) vulnerability in admin/edit_member.php in ...)
+CVE-2007-0402
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0401 (SQL injection vulnerability in admin/memberlist.php in Easebay ...)
+CVE-2007-0401
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0400 (Cross-site scripting (XSS) vulnerability in admin/memberlist.php in ...)
+CVE-2007-0400
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0399 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-0399
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-0398 (Multiple cross-site scripting (XSS) vulnerabilities in forum.php3 in ...)
+CVE-2007-0398
 	NOT-FOR-US: MisterSPa-forum
 CVE-2007-XXXX [wordpress unregister_globals workaround from 2.0.7]
 	- wordpress 2.0.7 (bug #407116; unimportant)
 	NOTE: Non-issue, hash issue fixed since months in Sarge and Etch,
 	NOTE: register_globals unsupported anyway
-CVE-2007-0397 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
+CVE-2007-0397
 	NOT-FOR-US: Cisco
-CVE-2007-0396 (Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in ...)
+CVE-2007-0396
 	NOT-FOR-US: HP-UX
-CVE-2007-0395 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-0395
 	NOT-FOR-US: ComVironment
-CVE-2007-0394 (HP HP-UX B11.11 does not properly verify the status of file ...)
+CVE-2007-0394
 	NOT-FOR-US: HP-UX
-CVE-2007-0393 (Sun Solaris 9 does not properly verify the status of file descriptors ...)
+CVE-2007-0393
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0392 (IBM AIX 5.3 does not properly verify the status of file descriptors ...)
+CVE-2007-0392
 	NOT-FOR-US: IBM AIX
-CVE-2007-0391 (Format string vulnerability in the log creation functionality of ...)
+CVE-2007-0391
 	NOT-FOR-US: BitDefender
-CVE-2007-0390 (Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 ...)
+CVE-2007-0390
 	NOT-FOR-US: sabros.us
-CVE-2007-0389 (Directory traversal vulnerability in ArsDigita Community System (ACS) ...)
+CVE-2007-0389
 	NOT-FOR-US: ArsDigita Community System
-CVE-2007-0388 (SQL injection vulnerability in search.php in Woltlab Burning Board ...)
+CVE-2007-0388
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-0387 (SQL injection vulnerability in models/category.php in the Weblinks ...)
+CVE-2007-0387
 	NOT-FOR-US: Joomla!
-CVE-2007-0386 (Unspecified vulnerability in the rating section in PostNuke 0.764 has ...)
+CVE-2007-0386
 	NOT-FOR-US: PostNuke
-CVE-2007-0385 (The faq section in PostNuke 0.764 allows remote attackers to obtain ...)
+CVE-2007-0385
 	NOT-FOR-US: PostNuke
-CVE-2007-0384 (Cross-site scripting (XSS) vulnerability in preview in the reviews ...)
+CVE-2007-0384
 	NOT-FOR-US: PostNuke
-CVE-2007-0383 (** DISPUTED ** ...)
+CVE-2007-0383
 	NOT-FOR-US: WDaemon
-CVE-2007-0382 (Multiple SQL injection vulnerabilities in letterman.class.php in the ...)
+CVE-2007-0382
 	NOT-FOR-US: Letterman 1.2.3 (com_letterman) component for Joomla!
-CVE-2007-0381 (Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote ...)
+CVE-2007-0381
 	NOT-FOR-US: ATutor
-CVE-2007-0380 (DocMan 1.3 RC2 allows remote attackers to obtain sensitive information ...)
+CVE-2007-0380
 	NOT-FOR-US: DocMan
-CVE-2007-0379 (Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows ...)
+CVE-2007-0379
 	NOT-FOR-US: DocMan
-CVE-2007-0378 (Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow ...)
+CVE-2007-0378
 	NOT-FOR-US: DocMan
-CVE-2007-0377 (Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote ...)
+CVE-2007-0377
 	NOT-FOR-US: Xoops
-CVE-2007-0376 (Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows ...)
+CVE-2007-0376
 	NOT-FOR-US: Virtuemart
-CVE-2007-0375 (Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive ...)
+CVE-2007-0375
 	NOT-FOR-US: Joomla!
-CVE-2007-0374 (SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and ...)
+CVE-2007-0374
 	- mambo 4.6.1-5 (bug #407995; low)
-CVE-2007-0373 (Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow ...)
+CVE-2007-0373
 	NOT-FOR-US: Joomla!
-CVE-2007-0372 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 ...)
+CVE-2007-0372
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-0371 (A certain ActiveX control in the Common Controls Replacement Project ...)
+CVE-2007-0371
 	NOT-FOR-US: Common Controls Replacement Project (CCRP)
-CVE-2007-0370 (Unrestricted file upload vulnerability in index.php in phpBP RC3 ...)
+CVE-2007-0370
 	NOT-FOR-US: phpBP
-CVE-2007-0369 (SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows ...)
+CVE-2007-0369
 	NOT-FOR-US: phpBP
-CVE-2007-0368 (Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local ...)
+CVE-2007-0368
 	NOT-FOR-US: mbse
-CVE-2007-0367 (Rumpus 5.1 and earlier has weak permissions for certain files and ...)
+CVE-2007-0367
 	NOT-FOR-US: Maxum Rumpus
-CVE-2007-0366 (Untrusted search path vulnerability in Rumpus 5.1 and earlier allows ...)
+CVE-2007-0366
 	NOT-FOR-US: Maxum Rumpus
-CVE-2007-0365 (Multiple cross-site scripting (XSS) vulnerabilities in All In One ...)
+CVE-2007-0365
 	NOT-FOR-US: All In One Control Panel
-CVE-2007-0364 (Multiple cross-site scripting (XSS) vulnerabilities in nicecoder.com ...)
+CVE-2007-0364
 	NOT-FOR-US: nicecoder.com INDEXU
 CVE-2007-XXXX [libjabber DoS]
 	- centericq 4.21.0-18 (unimportant; bug #406982)
@@ -15193,362 +15193,362 @@ CVE-2007-XXXX [gstreamer-ffmpeg unspecified issue related to sps and pps ids]
 	- xmovie <not-affected> (this is not an issue in the avformat ffmpeg code copy)
 CVE-2007-XXXX [netpbm heap corruption]
 	- netpbm-free 2:10.0-11 (bug #407605)
-CVE-2007-0363 (Cross-site scripting (XSS) vulnerability in admin-search.php in (1) ...)
+CVE-2007-0363
 	NOT-FOR-US: Openads
-CVE-2007-0362 (Cross-site scripting (XSS) vulnerability in the RSS feed component in ...)
+CVE-2007-0362
 	NOT-FOR-US: FreshReader
-CVE-2007-0361 (PHP remote file inclusion vulnerability in mep/frame.php in ...)
+CVE-2007-0361
 	NOT-FOR-US: PHPMyphorum
-CVE-2007-0360 (PHP remote file inclusion vulnerability in lang/index.php in Oreon ...)
+CVE-2007-0360
 	NOT-FOR-US: Oreon
-CVE-2007-0359 (PHP remote file inclusion vulnerability in frontpage.php in Uberghey ...)
+CVE-2007-0359
 	NOT-FOR-US: Travelsized CMS
-CVE-2007-0358 (Unspecified vulnerability in the FTP server implementation in HP ...)
+CVE-2007-0358
 	NOT-FOR-US: HP Jetdirect
-CVE-2007-0357 (Directory traversal vulnerability in the AVM IGD CTRL Service in ...)
+CVE-2007-0357
 	NOT-FOR-US: AVM
-CVE-2007-0356 (The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ...)
+CVE-2007-0356
 	NOT-FOR-US: Common Controls Replacement Project (CCRP)
-CVE-2007-0355 (Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in ...)
+CVE-2007-0355
 	NOT-FOR-US: Apple
-CVE-2007-0354 (SQL injection vulnerability in email.php in MGB OpenSource Guestbook ...)
+CVE-2007-0354
 	NOT-FOR-US: MGB OpenSource Guestbook
-CVE-2007-0353 (Cross-site scripting (XSS) vulnerability in (1) index.php and (2) ...)
+CVE-2007-0353
 	NOT-FOR-US: myBloggie
-CVE-2007-0352 (Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 ...)
+CVE-2007-0352
 	NOT-FOR-US: Microsoft
-CVE-2007-0351 (Microsoft Windows XP and Windows Server 2003 do not properly handle ...)
+CVE-2007-0351
 	NOT-FOR-US: Microsoft
-CVE-2007-0350 (Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php ...)
+CVE-2007-0350
 	NOT-FOR-US: FileMailer
-CVE-2007-0349 (Directory traversal vulnerability in upgrade.php in nicecoder.com ...)
+CVE-2007-0349
 	NOT-FOR-US: INDEXU
-CVE-2007-0348 (Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in ...)
+CVE-2007-0348
 	NOT-FOR-US: ActiveX control in InterActual Player
-CVE-2007-0347 (The is_eow function in format.c in CVSTrac before 2.0.1 does not ...)
+CVE-2007-0347
 	- cvstrac 2.0.1-1
 	[etch] - cvstrac <not-affected> (Vulnerable code not present)
 	[sarge] - cvstrac <not-affected> (Vulnerable code not present)
 	NOTE: the vulnerable code can't be found on other places in 1.1.5 and also similar things
 	NOTE: are done like using %q instead of %s for user supplied data
-CVE-2007-0346 (SQL injection vulnerability in index.php in SmE FileMailer 1.21 allows ...)
+CVE-2007-0346
 	NOT-FOR-US: FileMailer
-CVE-2007-0345 (The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain ...)
+CVE-2007-0345
 	NOT-FOR-US: Apple
-CVE-2007-0344 (Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) ...)
+CVE-2007-0344
 	- colloquy <removed>
-CVE-2007-0343 (OpenBSD before 20070116 allows remote attackers to cause a denial of ...)
+CVE-2007-0343
 	NOT-FOR-US: OpenBSD
-CVE-2007-0342 (WebCore in Apple WebKit build 18794 allows remote attackers to cause a ...)
+CVE-2007-0342
 	NOT-FOR-US: Apple WebKit
-CVE-2007-0341 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and ...)
+CVE-2007-0341
 	- phpmyadmin 4:2.9.1.1-2 (medium)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-0340 (SQL injection vulnerability in inc/header.inc.php in ThWboard ...)
+CVE-2007-0340
 	NOT-FOR-US: ThWboard
-CVE-2007-0339 (SQL injection vulnerability in index.php (aka the login form) in ...)
+CVE-2007-0339
 	NOT-FOR-US: FileMailer
-CVE-2007-0338 (Heap-based buffer overflow in Dream FTP Server allows remote attackers ...)
+CVE-2007-0338
 	NOT-FOR-US: BolinTech Dream FTP Server
-CVE-2007-0337 (Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and ...)
+CVE-2007-0337
 	NOT-FOR-US: KGB
-CVE-2007-0336 (Undercover.app/Contents/Resources/uc in Rixstep Undercover allows ...)
+CVE-2007-0336
 	NOT-FOR-US: Rixstep
-CVE-2007-0335 (Multiple directory traversal vulnerabilities in Jax Petition Book ...)
+CVE-2007-0335
 	NOT-FOR-US: Jax Petition Book
-CVE-2007-0334 (Unspecified vulnerability in the SIP module in InGate Firewall and ...)
+CVE-2007-0334
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2007-0333 (Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access ...)
+CVE-2007-0333
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2007-0332 ((1) admin/adminlien.php3 and (2) admin/modif.php3 in liens_dynamiques ...)
+CVE-2007-0332
 	NOT-FOR-US: liens_dynamiques
-CVE-2007-0331 (Cross-site scripting (XSS) vulnerability in liens.php3 in ...)
+CVE-2007-0331
 	NOT-FOR-US: liens_dynamiques
-CVE-2007-0330 (Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch ...)
+CVE-2007-0330
 	NOT-FOR-US: Ipswitch WS_FTP
-CVE-2007-0329 (download.php in Joonas Viljanen JV2 Folder Gallery allows remote ...)
+CVE-2007-0329
 	NOT-FOR-US: Joonas Viljanen JV2 Folder Gallery
-CVE-2007-0328 (The DWUpdateService ActiveX control in the agent (agent.exe) in ...)
+CVE-2007-0328
 	NOT-FOR-US: Macrovision
 CVE-2007-0327
 	RESERVED
-CVE-2007-0326 (Multiple stack-based buffer overflows in the PhotoChannel Networks PNI ...)
+CVE-2007-0326
 	NOT-FOR-US: PNI Digital Media Photo Upload
-CVE-2007-0325 (Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment ...)
+CVE-2007-0325
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2007-0324 (Multiple buffer overflows in the LizardTech DjVu Browser Plug-in ...)
+CVE-2007-0324
 	NOT-FOR-US: LizardTech DjVu Browser Plug-in
-CVE-2007-0323 (Buffer overflow in the SetLanguage function in Research In Motion ...)
+CVE-2007-0323
 	NOT-FOR-US: Research In Motion (RIM) TeamOn Import Object ActiveX control
-CVE-2007-0322 (Multiple stack-based buffer overflows in the Intuit QuickBooks Online ...)
+CVE-2007-0322
 	NOT-FOR-US: Intuit QuickBooks
-CVE-2007-0321 (Buffer overflow in the Update Service Agent ActiveX Control in ...)
+CVE-2007-0321
 	NOT-FOR-US: FLEXnet Connect
-CVE-2007-0320 (Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) ...)
+CVE-2007-0320
 	NOT-FOR-US: InstallFromTheWeb
-CVE-2007-0319 (Multiple stack-based buffer overflows in the Motive ...)
+CVE-2007-0319
 	NOT-FOR-US: Motive ActiveEmailTest
-CVE-2007-0318 (The do_hfs_truncate function in Mac OS X 10.4.8 allows ...)
+CVE-2007-0318
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0317 (Format string vulnerability in the LogMessage function in FileZilla ...)
+CVE-2007-0317
 	- filezilla 3.0.0~beta2-3 (medium; bug #407683)
-CVE-2007-0316 (Multiple SQL injection vulnerabilities in All In One Control Panel ...)
+CVE-2007-0316
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-0315 (Multiple buffer overflows in FileZilla before 2.2.30a allow remote ...)
+CVE-2007-0315
 	- filezilla <not-affected> (fixed before the first Debian upload)
-CVE-2007-0314 (Multiple PHP remote file inclusion vulnerabilities in Article System ...)
+CVE-2007-0314
 	NOT-FOR-US: Article System
-CVE-2007-0313 (Unspecified vulnerability in GONICUS System Administration (GOsa) ...)
+CVE-2007-0313
 	- gosa 2.5.8-1 (medium)
 	[etch] - gosa 2.5.6-2.1
-CVE-2007-0312 (wcSimple Poll stores sensitive information under the web root with ...)
+CVE-2007-0312
 	NOT-FOR-US: wcSimple
-CVE-2007-0311 (Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier ...)
+CVE-2007-0311
 	NOT-FOR-US: Texas Imperial Software WFTPD Pro Server
-CVE-2007-0310 (BMC Remedy Action Request System 5.01.02 Patch 1267 generates ...)
+CVE-2007-0310
 	NOT-FOR-US: BMC Software
-CVE-2007-0309 (SQL injection vulnerability in blocks/block-Old_Articles.php in ...)
+CVE-2007-0309
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-0308 (Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before ...)
+CVE-2007-0308
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2007-0307 (PHP remote file inclusion vulnerability in include/common.php in ...)
+CVE-2007-0307
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2007-0306 (SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate ...)
+CVE-2007-0306
 	NOT-FOR-US: Digiappz
-CVE-2007-0305 (SQL injection vulnerability in etkinlikbak.asp in Okul Web Otomasyon ...)
+CVE-2007-0305
 	NOT-FOR-US: Okul Merkezi Portal
-CVE-2007-0304 (SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 ...)
+CVE-2007-0304
 	NOT-FOR-US: MiNT Haber Sistemi
-CVE-2007-0303 (Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have ...)
+CVE-2007-0303
 	NOT-FOR-US: Zina
-CVE-2007-0302 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP ...)
+CVE-2007-0302
 	NOT-FOR-US: InstantASP
-CVE-2007-0301 (PHP remote file inclusion vulnerability in _admin/admin_menu.php in ...)
+CVE-2007-0301
 	NOT-FOR-US: FdWeB
-CVE-2007-0300 (PHP remote file inclusion vulnerability in i-accueil.php in TLM CMS ...)
+CVE-2007-0300
 	NOT-FOR-US: TLM CMS
-CVE-2007-0299 (Integer overflow in the byte_swap_sbin function in ...)
+CVE-2007-0299
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0298 (PHP remote file inclusion vulnerability in show.php in LunarPoll, when ...)
+CVE-2007-0298
 	NOT-FOR-US: LunarPoll
-CVE-2007-0297 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD ...)
+CVE-2007-0297
 	NOT-FOR-US: Oracle
-CVE-2007-0296 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD ...)
+CVE-2007-0296
 	NOT-FOR-US: Oracle
-CVE-2007-0295 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD ...)
+CVE-2007-0295
 	NOT-FOR-US: Oracle
-CVE-2007-0294 (Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.1 has ...)
+CVE-2007-0294
 	NOT-FOR-US: Oracle
-CVE-2007-0293 (Multiple unspecified vulnerabilities in Oracle Enterprise Manager ...)
+CVE-2007-0293
 	NOT-FOR-US: Oracle
-CVE-2007-0292 (Multiple unspecified vulnerabilities in Oracle Enterprise Manager ...)
+CVE-2007-0292
 	NOT-FOR-US: Oracle
-CVE-2007-0291 (Unspecified vulnerability in Oracle E-Business Suite and Applications ...)
+CVE-2007-0291
 	NOT-FOR-US: Oracle
-CVE-2007-0290 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...)
+CVE-2007-0290
 	NOT-FOR-US: Oracle
-CVE-2007-0289 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite ...)
+CVE-2007-0289
 	NOT-FOR-US: Oracle
-CVE-2007-0288 (Unspecified vulnerability in Oracle Application Server 10.1.4.0 has ...)
+CVE-2007-0288
 	NOT-FOR-US: Oracle
-CVE-2007-0287 (Unspecified vulnerability in Oracle Application Server 9.0.4.3, ...)
+CVE-2007-0287
 	NOT-FOR-US: Oracle
-CVE-2007-0286 (Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and ...)
+CVE-2007-0286
 	NOT-FOR-US: Oracle
-CVE-2007-0285 (Unspecified vulnerability in Oracle Application Server 9.0.4.3, ...)
+CVE-2007-0285
 	NOT-FOR-US: Oracle
-CVE-2007-0284 (Multiple unspecified vulnerabilities in Oracle Application Server ...)
+CVE-2007-0284
 	NOT-FOR-US: Oracle
-CVE-2007-0283 (Unspecified vulnerability in Oracle Application Server 9.0.4.3 and ...)
+CVE-2007-0283
 	NOT-FOR-US: Oracle
-CVE-2007-0282 (Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application ...)
+CVE-2007-0282
 	NOT-FOR-US: Oracle
-CVE-2007-0281 (Multiple unspecified vulnerabilities in Oracle HTTP Server 9.0.1.5, ...)
+CVE-2007-0281
 	NOT-FOR-US: Oracle
-CVE-2007-0280 (Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application ...)
+CVE-2007-0280
 	NOT-FOR-US: Oracle
-CVE-2007-0279 (Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and ...)
+CVE-2007-0279
 	NOT-FOR-US: Oracle
-CVE-2007-0278 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, ...)
+CVE-2007-0278
 	NOT-FOR-US: Oracle
-CVE-2007-0277 (Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has ...)
+CVE-2007-0277
 	NOT-FOR-US: Oracle
-CVE-2007-0276 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and ...)
+CVE-2007-0276
 	NOT-FOR-US: Oracle
-CVE-2007-0275 (Cross-site scripting (XSS) vulnerability in Oracle Reports Web ...)
+CVE-2007-0275
 	NOT-FOR-US: Oracle
-CVE-2007-0274 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and ...)
+CVE-2007-0274
 	NOT-FOR-US: Oracle
-CVE-2007-0273 (Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, ...)
+CVE-2007-0273
 	NOT-FOR-US: Oracle
-CVE-2007-0272 (Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, ...)
+CVE-2007-0272
 	NOT-FOR-US: Oracle
-CVE-2007-0271 (Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has ...)
+CVE-2007-0271
 	NOT-FOR-US: Oracle
-CVE-2007-0270 (Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and ...)
+CVE-2007-0270
 	NOT-FOR-US: Oracle
-CVE-2007-0269 (Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5, and ...)
+CVE-2007-0269
 	NOT-FOR-US: Oracle
-CVE-2007-0268 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, ...)
+CVE-2007-0268
 	NOT-FOR-US: Oracle
-CVE-2007-0267 (The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels ...)
+CVE-2007-0267
 	NOT-FOR-US: UFS filesystem on MacOS/FreeBSD
-CVE-2007-0266 (SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal ...)
+CVE-2007-0266
 	NOT-FOR-US: Ezboxx Portal
-CVE-2007-0265 (Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx Portal ...)
+CVE-2007-0265
 	NOT-FOR-US: Ezboxx Portal
-CVE-2007-0264 (Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to ...)
+CVE-2007-0264
 	NOT-FOR-US: Winzip
-CVE-2007-0263 (Unspecified vulnerability in Total Commander before 6.5.6 allows ...)
+CVE-2007-0263
 	NOT-FOR-US: Total Commander
-CVE-2007-0262 (WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly verify ...)
+CVE-2007-0262
 	{DTSA-33-1}
 	- wordpress 2.0.8-1 (bug #407289)
-CVE-2007-0261 (snews.php in sNews 1.5.30 and earlier does not properly exit when ...)
+CVE-2007-0261
 	NOT-FOR-US: sNews
-CVE-2007-0260 (** DISPUTED ** ...)
+CVE-2007-0260
 	NOT-FOR-US: Naig
-CVE-2007-0259 (Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to ...)
+CVE-2007-0259
 	NOT-FOR-US: Ezboxx Portal
-CVE-2007-0258 (Cross-site scripting (XSS) vulnerability in index.php in (1) Fastilo ...)
+CVE-2007-0258
 	NOT-FOR-US: Fastilo
-CVE-2007-0257 (** DISPUTED ** ...)
+CVE-2007-0257
 	- kernel-patch-grsecurity2 2.1.10-1 (bug #407350)
 	NOTE: exploitable as per http://grsecurity.net/pipermail/grsecurity/2007-January/000830.html
-CVE-2007-0256 (VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of ...)
+CVE-2007-0256
 	- vlc 0.8.6.c-1 (unimportant; bug #407290)
-CVE-2007-0255 (XINE 0.99.4 allows user-assisted remote attackers to cause a denial of ...)
+CVE-2007-0255
 	NOTE: I've been looking into this, but I can't find a copy of the VLC code anywhere
 	NOTE: This appears to be a generic crash
-CVE-2007-0254 (Format string vulnerability in the errors_create_window function in ...)
+CVE-2007-0254
 	- xine-ui 0.99.4+dfsg+cvs20061111-1 (low; bug #407369)
 	NOTE: If've verified the Etch version to contain the necessary format strings
-CVE-2007-0253 (** DISPUTED ** ...)
+CVE-2007-0253
 	- kernel-patch-grsecurity2 2.1.10-1 (unimportant; bug #407350)
 	NOTE: See CVE-2007-0257
-CVE-2007-0252 (Unspecified vulnerability in easy-content filemanager allows remote ...)
+CVE-2007-0252
 	NOT-FOR-US: easy-content
-CVE-2007-0251 (Integer underflow in the DecodeGRE function in src/decode.c in Snort ...)
+CVE-2007-0251
 	- snort <not-affected> (DecodeGRE function not in unstable version)
 	NOTE: unstable contains version 2.3.3-11, and the last upstream is 2.6.1.2
 	NOTE: This is fixed in upstream CVS so it's very likely to never affect Debian.
-CVE-2007-0250 (index.php in Nwom topsites 3.0 allows remote attackers to obtain ...)
+CVE-2007-0250
 	NOT-FOR-US: NWOM Topsites 3.0
-CVE-2007-0249 (Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites ...)
+CVE-2007-0249
 	NOT-FOR-US: NWOM Topsites 3.0
-CVE-2007-0247 (squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers ...)
+CVE-2007-0247
 	- squid 2.6.5-4 (low)
 	[sarge] - squid <not-affected> (Vulnerable code not present)
-CVE-2007-0246 (plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 ...)
+CVE-2007-0246
 	{DSA-1297-1}
 	- gforge-plugin-scmcvs 4.5.14-6
-CVE-2007-0245 (Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier ...)
+CVE-2007-0245
 	{DSA-1307-1}
 	- openoffice.org 2.2.1~rc1-1
 	[lenny] - openoffice.org 2.0.4.dfsg.2-7etch1
-CVE-2007-0244 (pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before ...)
+CVE-2007-0244
 	{DSA-1288-2 DSA-1288-1}
 	- pptpd 1.3.4-1
-CVE-2007-0243 (Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 ...)
+CVE-2007-0243
 	- sun-java5 1.5.0-10-1
-CVE-2007-0242 (The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does ...)
+CVE-2007-0242
 	{DSA-1292-1}
 	- qt4-x11 4.2.2-2
 	- qt-x11-free 3:3.3.7-4
 CVE-2007-0241
 	RESERVED
 	- linux-2.6 2.6.18.dfsg.1-12
-CVE-2007-0240 (Cross-site scripting (XSS) vulnerability in Zope 2.10.2 and earlier ...)
+CVE-2007-0240
 	{DSA-1275-1}
 	- zope2.9 2.9.7-1
 	[etch] - zope2.9 2.9.6-4etch1
-CVE-2007-0239 (OpenOffice.org (OOo) Office Suite allows user-assisted remote ...)
+CVE-2007-0239
 	{DSA-1270-1}
 	- openoffice.org 2.0.4.dfsg.2-6
 	[etch] - openoffice.org 2.0.4.dfsg.2-5etch1
-CVE-2007-0238 (Stack-based buffer overflow in filter\starcalc\scflt.cxx in the ...)
+CVE-2007-0238
 	{DSA-1270-1}
 	- openoffice.org 2.0.4.dfsg.2-6
 	[etch] - openoffice.org 2.0.4.dfsg.2-5etch1
-CVE-2007-0237 (The ndeb-binary feature in Lookup (lookup-el) allows local users to ...)
+CVE-2007-0237
 	{DSA-1269-1}
 	- lookup-el 1.4-5 (low)
-CVE-2007-0236 (Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X ...)
+CVE-2007-0236
 	NOT-FOR-US: Mac OS X
-CVE-2007-0235 (Stack-based buffer overflow in the glibtop_get_proc_map_s function in ...)
+CVE-2007-0235
 	{DSA-1255-1}
 	- libgtop2 2.14.4-3 (medium; bug #407020)
 	NOTE: libgtop does not contain the affected code.
 CVE-2007-0234
 	REJECTED
-CVE-2007-0233 (wp-trackback.php in WordPress 2.0.6 and earlier does not properly ...)
+CVE-2007-0233
 	- wordpress 2.1.0-1 (unimportant)
 	NOTE: This is argubly a php bug, CVE-2006-3017
-CVE-2007-0232 (PHP remote file inclusion vulnerability in ...)
+CVE-2007-0232
 	NOT-FOR-US: Jshop Server
-CVE-2007-0231 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) 3.33, ...)
+CVE-2007-0231
 	NOT-FOR-US: Movable Type
-CVE-2007-0230 (** DISPUTED ** PHP remote file inclusion vulnerability in install.php ...)
+CVE-2007-0230
 	NOT-FOR-US: CS-Cart
-CVE-2007-0229 (Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and ...)
+CVE-2007-0229
 	NOT-FOR-US: MacOS X
-CVE-2007-0228 (The DataCollector service in EIQ Networks Network Security Analyzer ...)
+CVE-2007-0228
 	NOT-FOR-US: EIQ Networks Network Security Analyzer
-CVE-2007-0227 (slocate 3.1 does not properly manage database entries that specify ...)
+CVE-2007-0227
 	- slocate 3.1-1.1 (bug #411937; low)
 	[sarge] - slocate <not-affected> (Performs correct access checks)
 	[etch] - slocate <no-dsa> (Minor issue)
 	NOTE: slocate will allow users to find files in directories with the
 	NOTE: executable bit set but without the readable bit set. This is
 	NOTE: an information leak.
-CVE-2007-0226 (SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier ...)
+CVE-2007-0226
 	NOT-FOR-US: uniForum
-CVE-2007-0225 (Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in ...)
+CVE-2007-0225
 	NOT-FOR-US: Shopping Cart
-CVE-2007-0224 (SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP ...)
+CVE-2007-0224
 	NOT-FOR-US: Shopping Cart
-CVE-2007-0223 (SQL injection vulnerability in shared/code/cp_functions_downloads.php ...)
+CVE-2007-0223
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-0222 (Directory traversal vulnerability in the EmChartBean server side ...)
+CVE-2007-0222
 	NOT-FOR-US: Oracle Application Server
-CVE-2007-0221 (Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange ...)
+CVE-2007-0221
 	NOT-FOR-US: Microsoft
-CVE-2007-0220 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2007-0220
 	NOT-FOR-US: Microsoft
-CVE-2007-0219 (Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects ...)
+CVE-2007-0219
 	NOT-FOR-US: Microsoft
-CVE-2007-0218 (Microsoft Internet Explorer 5.01 and 6 allows remote attackers to ...)
+CVE-2007-0218
 	NOT-FOR-US: Microsoft
-CVE-2007-0217 (The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 ...)
+CVE-2007-0217
 	NOT-FOR-US: Microsoft
-CVE-2007-0216 (wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office ...)
+CVE-2007-0216
 	NOT-FOR-US: Microsoft Office
-CVE-2007-0215 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, ...)
+CVE-2007-0215
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0214 (The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 ...)
+CVE-2007-0214
 	NOT-FOR-US: Microsoft
-CVE-2007-0213 (Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does ...)
+CVE-2007-0213
 	NOT-FOR-US: Microsoft
 CVE-2007-0212
 	REJECTED
-CVE-2007-0211 (The hardware detection functionality in the Windows Shell in Microsoft ...)
+CVE-2007-0211
 	NOT-FOR-US: Microsoft
-CVE-2007-0210 (The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 ...)
+CVE-2007-0210
 	NOT-FOR-US: Microsoft
-CVE-2007-0209 (Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works ...)
+CVE-2007-0209
 	NOT-FOR-US: Microsoft
-CVE-2007-0208 (Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works ...)
+CVE-2007-0208
 	NOT-FOR-US: Microsoft
 CVE-2007-0207
 	REJECTED
-CVE-2007-0206 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2007-0206
 	NOT-FOR-US: OpenView Network Node Manager
 CVE-2007-XXXX [udev wrong permissions on raid devices]
 	- udev 0.105-2 (bug #404927)
 	[sarge] - udev <not-affected> (Doesn't affect Sarge)
 CVE-2007-XXXX [yacas insecure rpath]
 	- yacas 1.0.57-3 (bug #399226; bug #399227; low)
-CVE-2007-0248 (The aclMatchExternal function in Squid before 2.6.STABLE7 allows ...)
+CVE-2007-0248
 	- squid 2.6.5-4 (low; bug #407202)
 	[sarge] - squid <not-affected> (Vulnerable code not present)
 	NOTE: reference - http://secunia.com/advisories/23767/
@@ -15557,104 +15557,104 @@ CVE-2007-XXXX [bcfg2 password disclosure]
 	[etch] - bcfg2 0.8.6.1-1.1etch1
 CVE-2007-XXXX [mysql 5.0 several DoS vulns]
 	- mysql-dfsg-5.0 5.0.32-1
-CVE-2007-0205 (Directory traversal vulnerability in admin/skins.php for @lex ...)
+CVE-2007-0205
 	NOT-FOR-US: @alex
-CVE-2007-0204 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2007-0204
 	- phpmyadmin 4:2.9.1.1-2 (bug #406486; low)
 	[sarge] - phpmyadmin <not-affected> (vulnerable code not present)
-CVE-2007-0203 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 ...)
+CVE-2007-0203
 	- phpmyadmin 4:2.9.1.1-2 (bug #406486; low)
 	[sarge] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: duplicate of CVE-2006-6374?
-CVE-2007-0202 (SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and ...)
+CVE-2007-0202
 	NOT-FOR-US: @lex
-CVE-2007-0201 (Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet ...)
+CVE-2007-0201
 	NOT-FOR-US: TIS
-CVE-2007-0200 (PHP remote file inclusion vulnerability in template.php in Geoffrey ...)
+CVE-2007-0200
 	NOT-FOR-US: Geoffrey Golliher Axiom Photo/News Gallery
-CVE-2007-0199 (The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 ...)
+CVE-2007-0199
 	NOT-FOR-US: Cisco
-CVE-2007-0198 (The JTapi Gateway process in Cisco Unified Contact Center Enterprise, ...)
+CVE-2007-0198
 	NOT-FOR-US: Cisco
-CVE-2007-0197 (Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote ...)
+CVE-2007-0197
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0196 (SQL injection vulnerability in admin_check_user.asp in Motionborg Web ...)
+CVE-2007-0196
 	NOT-FOR-US: Motionborg Web Real Estate
-CVE-2007-0195 (my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays ...)
+CVE-2007-0195
 	NOT-FOR-US: F5
-CVE-2007-0194 (admin.php in MKPortal M1.1 RC1 allows remote attackers to obtain ...)
+CVE-2007-0194
 	NOT-FOR-US: MKPortal
-CVE-2007-0193 (FON La Fonera routers do not properly limit DNS service access by ...)
+CVE-2007-0193
 	NOT-FOR-US: FON La Fonera
-CVE-2007-0192 (Cross-site request forgery (CSRF) vulnerability in the save_main ...)
+CVE-2007-0192
 	NOT-FOR-US: MKPortal
-CVE-2007-0191 (Cross-site scripting (XSS) vulnerability in admin.php in MKPortal ...)
+CVE-2007-0191
 	NOT-FOR-US: MKPortal
-CVE-2007-0190 (PHP remote file inclusion vulnerability in edit_address.php in edit-x ...)
+CVE-2007-0190
 	NOT-FOR-US: edit-x ecommerce
-CVE-2007-0189 (** DISPUTED ** ...)
+CVE-2007-0189
 	NOT-FOR-US: GeoBB
-CVE-2007-0188 (F5 FirePass 5.4 through 5.5.1 does not properly enforce host access ...)
+CVE-2007-0188
 	NOT-FOR-US: F5
-CVE-2007-0187 (F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to ...)
+CVE-2007-0187
 	NOT-FOR-US: F5
-CVE-2007-0186 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL ...)
+CVE-2007-0186
 	NOT-FOR-US: F5
-CVE-2007-0185 (Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to ...)
+CVE-2007-0185
 	NOT-FOR-US: Getahead
-CVE-2007-0184 (Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to ...)
+CVE-2007-0184
 	NOT-FOR-US: Getahead
-CVE-2007-0183 (Cross-site scripting (XSS) vulnerability in /search in iPlanet Web ...)
+CVE-2007-0183
 	NOT-FOR-US: iPlanet Web
-CVE-2007-0182 (Multiple PHP remote file inclusion vulnerabilities in magic photo ...)
+CVE-2007-0182
 	NOT-FOR-US: Magic photo storage website
-CVE-2007-0181 (PHP remote file inclusion vulnerability in include/common_function.php ...)
+CVE-2007-0181
 	NOT-FOR-US: Magic Photo Storage website
-CVE-2007-0180 (Stack-based buffer overflow in EF Commander 5.75 allows user-assisted ...)
+CVE-2007-0180
 	NOT-FOR-US: EF Commander
-CVE-2007-0179 (SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows ...)
+CVE-2007-0179
 	NOT-FOR-US: PHPKIT
-CVE-2007-0178 (PHP remote file inclusion vulnerability in info.php in Easy Banner Pro ...)
+CVE-2007-0178
 	NOT-FOR-US: Easy Banner Pro
-CVE-2007-0177 (Cross-site scripting (XSS) vulnerability in the AJAX module in ...)
+CVE-2007-0177
 	- mediawiki 1.7.1-6 (bug #406238; medium)
 	NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
-CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php ...)
+CVE-2007-0176
 	{DSA-1475-1}
 	- gforge 4.6.99+svn6347-1 (low; bug #406244)
 	[sarge] - gforge <not-affected> (Vulnerable code not present)
-CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...)
+CVE-2007-0175
 	{DSA-1568-1}
 	- b2evolution 0.9.2-4 (bug #410568; low)
-CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ...)
+CVE-2007-0174
 	NOT-FOR-US: Sina UC2006
-CVE-2007-0173 (Directory traversal vulnerability in index.php in L2J Statistik Script ...)
+CVE-2007-0173
 	NOT-FOR-US: L2J Statistik Script
-CVE-2007-0172 (Multiple PHP remote file inclusion vulnerabilities in AllMyGuests ...)
+CVE-2007-0172
 	NOT-FOR-US: AllMyGuest
-CVE-2007-0171 (PHP remote file inclusion vulnerability in index.php in AllMyLinks ...)
+CVE-2007-0171
 	NOT-FOR-US: AllMyLinks
-CVE-2007-0170 (PHP remote file inclusion vulnerability in index.php in AllMyVisitors ...)
+CVE-2007-0170
 	NOT-FOR-US: AllmyVisitors
-CVE-2007-0169 (Multiple buffer overflows in Computer Associates (CA) BrightStor ...)
+CVE-2007-0169
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2007-0168 (The Tape Engine service in Computer Associates (CA) BrightStor ...)
+CVE-2007-0168
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2007-0167 (Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search ...)
+CVE-2007-0167
 	NOT-FOR-US: PPC Search
-CVE-2007-0166 (The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify ...)
+CVE-2007-0166
 	- kfreebsd-5 <not-affected>
-CVE-2007-0165 (Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows ...)
+CVE-2007-0165
 	NOT-FOR-US: Solaris
-CVE-2007-0164 (Camouflage 1.2.1 embeds password information in the carrier file, ...)
+CVE-2007-0164
 	NOT-FOR-US: Camouflage
-CVE-2007-0163 (SecureKit Steganography 1.7.1 and 1.8 embeds password information in ...)
+CVE-2007-0163
 	NOT-FOR-US: Steganography
-CVE-2007-0162 (Unsanity Application Enhancer (APE) 2.0.2 installs with insecure ...)
+CVE-2007-0162
 	NOT-FOR-US: Mac OS X
-CVE-2007-0161 (The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as ...)
+CVE-2007-0161
 	NOT-FOR-US: HP all-in-one drivers
-CVE-2007-0160 (Stack-based buffer overflow in the LiveJournal support ...)
+CVE-2007-0160
 	- centericq 4.21.0-17 (low)
 	[sarge] - centericq <no-dsa> (Not exploitable with official LiveJournal server)
 	NOTE: The bug really exist but, is not exploitable because the LiveJournal server
@@ -15662,117 +15662,117 @@ CVE-2007-0160 (Stack-based buffer overflow in the LiveJournal support ...)
 	NOTE: (50 characters). In my opnion is only exploitable if the user try connect in
 	NOTE: fake LiveJournal server. All version of Debian centericq packages have a
 	NOTE: compromised code.
-CVE-2007-0159 (Directory traversal vulnerability in the GeoIP_update_database_general ...)
+CVE-2007-0159
 	- geoip 1.3.17-1.1 (bug #406628; low)
 	[sarge] - geoip <no-dsa> (Minor issue)
 CVE-2007-0158
 	RESERVED
-CVE-2007-0157 (Array index error in the uri_lookup function in the URI parser for ...)
+CVE-2007-0157
 	- neon26 0.26.2-3.1 (medium; bug #404723)
 	NOTE: neon25 doesn't have the uri_lookup macro
-CVE-2007-0156 (M-Core stores the database under the web document root, which allows ...)
+CVE-2007-0156
 	NOT-FOR-US: M-Core
-CVE-2007-0155 (HarikaOnline 2.0 stores sensitive information under the web root with ...)
+CVE-2007-0155
 	NOT-FOR-US: HarikaOnline
-CVE-2007-0154 (Webulas stores sensitive information under the web root with ...)
+CVE-2007-0154
 	NOT-FOR-US: Webulas
-CVE-2007-0153 (AJLogin 3.5 stores sensitive information under the web root with ...)
+CVE-2007-0153
 	NOT-FOR-US: AJLogin
-CVE-2007-0152 (OhhASP stores sensitive information under the web root with ...)
+CVE-2007-0152
 	NOT-FOR-US: OhhASP
-CVE-2007-0151 (MitiSoft stores sensitive information under the web root with ...)
+CVE-2007-0151
 	NOT-FOR-US: MitiSoft
-CVE-2007-0150 (Multiple PHP remote file inclusion vulnerabilities in index.php in ...)
+CVE-2007-0150
 	NOT-FOR-US: Dayfox
-CVE-2007-0149 (EMembersPro 1.0 stores sensitive information under the web root with ...)
+CVE-2007-0149
 	NOT-FOR-US: EMembersPro
-CVE-2007-0148 (Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote ...)
+CVE-2007-0148
 	NOT-FOR-US: OminiGroup
-CVE-2007-0147 (Cuyahoga before 1.0.1 installs the FCKEditor component with an ...)
+CVE-2007-0147
 	NOT-FOR-US: Cuyahoga
-CVE-2007-0146 (Multiple cross-site scripting (XSS) vulnerabilities in Fix and Chips ...)
+CVE-2007-0146
 	NOT-FOR-US: Fix and Chips
-CVE-2007-0145 (PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP ...)
+CVE-2007-0145
 	NOT-FOR-US: BinGoPHP
-CVE-2007-0144 (Cross-site scripting (XSS) vulnerability in search.asp in Digitizing ...)
+CVE-2007-0144
 	NOT-FOR-US: DIGITIZING QUOTE AND ORDERING SYSTEM
-CVE-2007-0143 (Multiple PHP remote file inclusion vulnerabilities in NUNE News Script ...)
+CVE-2007-0143
 	NOT-FOR-US: NUNE News
-CVE-2007-0142 (SQL injection vulnerability in orange.asp in ShopStoreNow E-commerce ...)
+CVE-2007-0142
 	NOT-FOR-US: ShopStoreNow
-CVE-2007-0141 (Cross-site scripting (XSS) vulnerability in yald.php in Yet Another ...)
+CVE-2007-0141
 	NOT-FOR-US: YALD
-CVE-2007-0140 (SQL injection vulnerability in down.asp in Kolayindir Download ...)
+CVE-2007-0140
 	NOT-FOR-US: Kolayindir
-CVE-2007-0139 (Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in ...)
+CVE-2007-0139
 	NOT-FOR-US: DECnet-Plus
-CVE-2007-0138 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO ...)
+CVE-2007-0138
 	NOT-FOR-US: Formbankserver
-CVE-2007-0137 (Cross-site scripting (XSS) vulnerability in SimpleBoxes/SerendipityNZ ...)
+CVE-2007-0137
 	NOT-FOR-US: Serene Bach
-CVE-2007-0136 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal before ...)
+CVE-2007-0136
 	- drupal 4.7.5-1
 	NOTE: vendor advisory: http://drupal.org/node/104233 - DRUPAL-SA-2007-001
-CVE-2007-0135 (PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix ...)
+CVE-2007-0135
 	NOT-FOR-US: Aratix
-CVE-2007-0134 (Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow ...)
+CVE-2007-0134
 	NOT-FOR-US: IG Shop
-CVE-2007-0133 (Multiple SQL injection vulnerabilities in display_review.php in ...)
+CVE-2007-0133
 	NOT-FOR-US: IG Shop
-CVE-2007-0132 (SQL injection vulnerability in compare_product.php in iGeneric iG Shop ...)
+CVE-2007-0132
 	NOT-FOR-US: IG Shop
-CVE-2007-0131 (JAMWiki before 0.5.0 does not properly check permissions during moves ...)
+CVE-2007-0131
 	NOT-FOR-US: JAMWiki
-CVE-2007-0130 (SQL injection vulnerability in user.php in iGeneric iG Calendar 1.0 ...)
+CVE-2007-0130
 	NOT-FOR-US: iG Calendar
-CVE-2007-0129 (SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and ...)
+CVE-2007-0129
 	NOT-FOR-US: LocazoList
-CVE-2007-0128 (SQL injection vulnerability in info_book.asp in Digirez 3.4 and ...)
+CVE-2007-0128
 	NOT-FOR-US: Digirez
-CVE-2007-0127 (The Javascript SVG support in Opera before 9.10 does not properly ...)
+CVE-2007-0127
 	NOT-FOR-US: Opera
-CVE-2007-0126 (Heap-based buffer overflow in Opera 9.02 allows remote attackers to ...)
+CVE-2007-0126
 	NOT-FOR-US: Opera
-CVE-2007-0125 (Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux ...)
+CVE-2007-0125
 	NOT-FOR-US: Kaspersky Labs
-CVE-2007-0124 (Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before ...)
+CVE-2007-0124
 	- drupal 4.7.5-1 (low)
-CVE-2007-0123 (Unrestricted file upload vulnerability in Uber Uploader 4.2 allows ...)
+CVE-2007-0123
 	NOT-FOR-US: Uber Uploader
-CVE-2007-0122 (Multiple SQL injection vulnerabilities in Coppermine Photo Gallery ...)
+CVE-2007-0122
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0121 (Cross-site scripting (XSS) vulnerability in search.asp in RI Blog 1.3 ...)
+CVE-2007-0121
 	NOT-FOR-US: RI Blog
-CVE-2007-0120 (Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and ...)
+CVE-2007-0120
 	NOT-FOR-US: Acunetix Web Vulnerability Scanner
-CVE-2007-0119 (Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 ...)
+CVE-2007-0119
 	NOT-FOR-US: EditTag
-CVE-2007-0118 (Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow ...)
+CVE-2007-0118
 	NOT-FOR-US: EditTag
-CVE-2007-0117 (DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X ...)
+CVE-2007-0117
 	NOT-FOR-US: Mac OS
-CVE-2007-0116 (Digger Solutions Intranet Open Source (IOS) stores sensitive ...)
+CVE-2007-0116
 	NOT-FOR-US: Digger Solutions Intranet Open Source (IOS)
-CVE-2007-0115 (Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 ...)
+CVE-2007-0115
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0114 (Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote ...)
+CVE-2007-0114
 	NOT-FOR-US: Sun Java System Content Delivery Server
-CVE-2007-0113 (Buffer overflow in Packeteer PacketShaper PacketWise 8.x allows remote ...)
+CVE-2007-0113
 	NOT-FOR-US: PacketWise
-CVE-2007-0112 (SQL injection vulnerability in cats.asp in createauction allows remote ...)
+CVE-2007-0112
 	NOT-FOR-US: createauction
-CVE-2007-0111 (Buffer overflow in Resco Photo Viewer for PocketPC 4.11 and 6.01, as ...)
+CVE-2007-0111
 	NOT-FOR-US: PocketPC
-CVE-2007-0110 (Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell ...)
+CVE-2007-0110
 	NOT-FOR-US: Novell Access Manager
-CVE-2007-0109 (wp-login.php in WordPress 2.0.5 and earlier displays different error ...)
+CVE-2007-0109
 	- wordpress 2.0.6-1 (low)
 	NOTE: http://trac.wordpress.org/changeset/4665
-CVE-2007-0108 (nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not ...)
+CVE-2007-0108
 	NOT-FOR-US: Novell Client
-CVE-2007-0105 (Stack-based buffer overflow in the CSAdmin service in Cisco Secure ...)
+CVE-2007-0105
 	NOT-FOR-US: Cisco
-CVE-2007-0104 (The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 ...)
+CVE-2007-0104
 	- kdegraphics 4:3.5.5-3 (unimportant)
 	- koffice <unfixed> (unimportant)
 	- poppler 0.4.5-5.1 (unimportant)
@@ -15784,215 +15784,215 @@ CVE-2007-0104 (The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1
 	NOTE: of imagination. I suppose KDE Security only issued an update for it
 	NOTE: because the shared underlying code was part of the Month of Apple Bugs
 	NOTE: and they wanted to debunk claims of code injection.
-CVE-2007-0103 (The Adobe PDF specification 1.3, as implemented by Adobe Acrobat ...)
+CVE-2007-0103
 	NOT-FOR-US: Acrobat Reader
-CVE-2007-0102 (The Adobe PDF specification 1.3, as implemented by Apple Mac OS X ...)
+CVE-2007-0102
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0101 (Cross-site request forgery (CSRF) vulnerability in SPINE allows remote ...)
+CVE-2007-0101
 	NOT-FOR-US: SPINE
-CVE-2007-0100 (The Perforce client does not restrict the set of files that it ...)
+CVE-2007-0100
 	NOT-FOR-US: Perforce
-CVE-2007-0099 (Race condition in the msxml3 module in Microsoft XML Core Services ...)
+CVE-2007-0099
 	NOT-FOR-US: Microsoft
-CVE-2007-0098 (Directory traversal vulnerability in language.php in VerliAdmin 0.3 ...)
+CVE-2007-0098
 	NOT-FOR-US: VerliAdmin
-CVE-2007-0097 (Multiple stack-based buffer overflows in the (1) LoadTree and (2) ...)
+CVE-2007-0097
 	NOT-FOR-US: ConeXware PowerArchive
-CVE-2007-0096 (CarbonCommunities stores sensitive information under the web root with ...)
+CVE-2007-0096
 	NOT-FOR-US: Carbon Communities
-CVE-2007-0095 (phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive ...)
+CVE-2007-0095
 	- phpmyadmin 4:2.9.1.1-1 (bug #399329; unimportant)
 	NOTE: Only path disclosure
-CVE-2007-0094 (Sven Moderow GuestBook 0.3a stores sensitive information under the web ...)
+CVE-2007-0094
 	NOT-FOR-US: Sven Moderow GuestBook
-CVE-2007-0093 (SQL injection vulnerability in page.php in Simple Web Content ...)
+CVE-2007-0093
 	NOT-FOR-US: Simple Web Content Management System
-CVE-2007-0092 (SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 ...)
+CVE-2007-0092
 	NOT-FOR-US: E-SMARTCART
-CVE-2007-0091 (newsCMSlite stores sensitive information under the web root with ...)
+CVE-2007-0091
 	NOT-FOR-US: newsCMSlite
-CVE-2007-0090 (WineGlass stores sensitive information under the web root with ...)
+CVE-2007-0090
 	NOT-FOR-US: WineGlass
-CVE-2007-0089 (jgbbs stores sensitive information under the web root with ...)
+CVE-2007-0089
 	NOT-FOR-US: jgbbs
-CVE-2007-0088 (Multiple directory traversal vulnerabilities in openmedia allow remote ...)
+CVE-2007-0088
 	NOT-FOR-US: openmedia
-CVE-2007-0087 (** DISPUTED ** ...)
+CVE-2007-0087
 	NOT-FOR-US: Microsoft IIS
-CVE-2007-0086 (** DISPUTED ** ...)
+CVE-2007-0086
 	- apache <unfixed> (unimportant)
 	- apache2 <unfixed> (unimportant)
-CVE-2007-0085 (Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics ...)
+CVE-2007-0085
 	NOT-FOR-US: OpenBSD VGA wscons driver
-CVE-2007-0084 (** DISPUTED ** ...)
+CVE-2007-0084
 	NOT-FOR-US: Windows NT
-CVE-2007-0083 (Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier ...)
+CVE-2007-0083
 	NOT-FOR-US: Nuked Klan
-CVE-2007-0082 (users_adm/start1.php in IMGallery 2.5 and earlier does not properly ...)
+CVE-2007-0082
 	NOT-FOR-US: IMGallery
-CVE-2007-0081 (Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and ...)
+CVE-2007-0081
 	NOT-FOR-US: Sunbelt Kerio Personal Firewall
-CVE-2007-0080 (** DISPUTED ** ...)
+CVE-2007-0080
 	- freeradius <unfixed> (unimportant)
 	NOTE: Data triggering the buffer overflow can only be controlled by root
-CVE-2007-0079 (rblog stores sensitive information under the web root with ...)
+CVE-2007-0079
 	NOT-FOR-US: rblog
-CVE-2007-0078 (BattleBlog stores sensitive information under the web root with ...)
+CVE-2007-0078
 	NOT-FOR-US: BattleBlog
-CVE-2007-0077 (lblog stores sensitive information under the web root with ...)
+CVE-2007-0077
 	NOT-FOR-US: lblog
-CVE-2007-0076 (Openforum stores sensitive information under the web root with ...)
+CVE-2007-0076
 	NOT-FOR-US: Openforum
-CVE-2007-0075 (AspBB stores sensitive information under the web root with ...)
+CVE-2007-0075
 	NOT-FOR-US: AspBB
-CVE-2007-0074 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
+CVE-2007-0074
 	NOT-FOR-US: Trend Micro
-CVE-2007-0073 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
+CVE-2007-0073
 	NOT-FOR-US: Trend Micro
-CVE-2007-0072 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
+CVE-2007-0072
 	NOT-FOR-US: Trend Micro
-CVE-2007-0071 (Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and ...)
+CVE-2007-0071
 	- flashplugin-nonfree 1:1.4
 	NOTE: Fix came from Adobe via new Adobe Flash Player, debian package didn't change
 CVE-2007-0070
 	RESERVED
-CVE-2007-0069 (Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, ...)
+CVE-2007-0069
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0068 (IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature ...)
+CVE-2007-0068
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-0067 (Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x ...)
+CVE-2007-0067
 	NOT-FOR-US: Lotus Domino Server
-CVE-2007-0066 (The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, ...)
+CVE-2007-0066
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0065 (Heap-based buffer overflow in Object Linking and Embedding (OLE) ...)
+CVE-2007-0065
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0064 (Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, ...)
+CVE-2007-0064
 	NOT-FOR-US: Windows
-CVE-2007-0063 (Integer underflow in the DHCP server in EMC VMware Workstation before ...)
+CVE-2007-0063
 	- vmware-package 0.16
-CVE-2007-0062 (Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before ...)
+CVE-2007-0062
 	- vmware-package 0.16
-CVE-2007-0061 (The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and ...)
+CVE-2007-0061
 	- vmware-package 0.16
-CVE-2007-0060 (Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in ...)
+CVE-2007-0060
 	NOT-FOR-US: CA
-CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 ...)
+CVE-2007-0059
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 ...)
+CVE-2007-0058
 	NOT-FOR-US: Cisco
-CVE-2007-0057 (Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through ...)
+CVE-2007-0057
 	NOT-FOR-US: Cisco
-CVE-2007-0056 (Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe ...)
+CVE-2007-0056
 	NOT-FOR-US: AShop Deluxe
-CVE-2007-0055 (Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in ...)
+CVE-2007-0055
 	NOT-FOR-US: Formbankserver
-CVE-2007-0054 (Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior ...)
+CVE-2007-0054
 	NOT-FOR-US: Belchior Foundry vCard PRO
-CVE-2007-0053 (SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer ...)
+CVE-2007-0053
 	NOT-FOR-US: ASP SiteWare autoDealer
-CVE-2007-0052 (SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows ...)
+CVE-2007-0052
 	NOT-FOR-US: Vizayn Haber
-CVE-2007-0051 (Format string vulnerability in Apple iPhoto 6.0.5 (316), and other ...)
+CVE-2007-0051
 	NOT-FOR-US: Apple iPhoto
-CVE-2007-0106 (Cross-site scripting (XSS) vulnerability in the CSRF protection scheme ...)
+CVE-2007-0106
 	- wordpress 2.0.6-1 (bug #405691; medium)
 	NOTE: http://www.hardened-php.net/advisory_022007.141.html
-CVE-2007-0107 (WordPress before 2.0.6, when mbstring is enabled for PHP, decodes ...)
+CVE-2007-0107
 	- wordpress 2.0.6-1 (bug #405691; medium)
 	NOTE: http://www.hardened-php.net/advisory_012007.140.html
-CVE-2007-0050 (** DISPUTED ** ...)
+CVE-2007-0050
 	NOT-FOR-US: OpenPinboard
-CVE-2007-0049 (Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to ...)
+CVE-2007-0049
 	NOT-FOR-US: TaskTracker
-CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin ...)
+CVE-2007-0048
 	NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer
-CVE-2007-0047 (CRLF injection vulnerability in Adobe Acrobat Reader Plugin before ...)
+CVE-2007-0047
 	NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer
-CVE-2007-0046 (Double free vulnerability in the Adobe Acrobat Reader Plugin before ...)
+CVE-2007-0046
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
-CVE-2007-0045 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat ...)
+CVE-2007-0045
 	{DSA-1336-1}
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
 	NOTE: a fix for this is also in iceweasle 2.0.0.2+dfsg-1 (MFSA-2007-02)
 	NOTE: and icape 1.0.8-1
-CVE-2007-0044 (Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet ...)
+CVE-2007-0044
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
-CVE-2007-0043 (The Just In Time (JIT) Compiler service in Microsoft .NET Framework ...)
+CVE-2007-0043
 	NOT-FOR-US: Microsoft .NET
-CVE-2007-0042 (Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, ...)
+CVE-2007-0042
 	NOT-FOR-US: Microsoft .NET
-CVE-2007-0041 (The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 ...)
+CVE-2007-0041
 	NOT-FOR-US: Microsoft .NET
-CVE-2007-0040 (The LDAP service in Windows Active Directory in Microsoft Windows 2000 ...)
+CVE-2007-0040
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0039 (The Exchange Collaboration Data Objects (EXCDO) functionality in ...)
+CVE-2007-0039
 	NOT-FOR-US: Microsoft
-CVE-2007-0038 (Stack-based buffer overflow in the animated cursor code in Microsoft ...)
+CVE-2007-0038
 	NOT-FOR-US: Microsoft
 CVE-2007-0037
 	REJECTED
 CVE-2007-0036
 	REJECTED
-CVE-2007-0035 (Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, ...)
+CVE-2007-0035
 	NOT-FOR-US: Microsoft Word
-CVE-2007-0034 (Buffer overflow in the Advanced Search (Finder.exe) feature of ...)
+CVE-2007-0034
 	NOT-FOR-US: Microsoft Outlook
-CVE-2007-0033 (Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to ...)
+CVE-2007-0033
 	NOT-FOR-US: Microsoft Outlook
 CVE-2007-0032
 	REJECTED
-CVE-2007-0031 (Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, ...)
+CVE-2007-0031
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0030 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X ...)
+CVE-2007-0030
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0029 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac ...)
+CVE-2007-0029
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0028 (Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, ...)
+CVE-2007-0028
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0027 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac ...)
+CVE-2007-0027
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0026 (The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 ...)
+CVE-2007-0026
 	NOT-FOR-US: Microsoft
-CVE-2007-0025 (The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 ...)
+CVE-2007-0025
 	NOT-FOR-US: Microsoft
-CVE-2007-0024 (Integer overflow in the Vector Markup Language (VML) implementation ...)
+CVE-2007-0024
 	NOT-FOR-US: Microsoft IE
-CVE-2007-0023 (The CFUserNotificationSendRequest function in ...)
+CVE-2007-0023
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0022 (Untrusted search path vulnerability in writeconfig in Apple Mac OS X ...)
+CVE-2007-0022
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0021 (Format string vulnerability in Apple iChat 3.1.6 allows remote ...)
+CVE-2007-0021
 	NOT-FOR-US: Apple iChat
-CVE-2007-0020 (Heap-based buffer overflow in the SFTP protocol handler for Panic ...)
+CVE-2007-0020
 	NOT-FOR-US: Panic Transmit
-CVE-2007-0019 (Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and ...)
+CVE-2007-0019
 	NOT-FOR-US: Maxum Rumpus
-CVE-2007-0018 (Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX ...)
+CVE-2007-0018
 	NOT-FOR-US: NCTAudioFile2 ActiveX control
-CVE-2007-0017 (Multiple format string vulnerabilities in (1) the cdio_log_handler ...)
+CVE-2007-0017
 	{DSA-1252-1}
 	- vlc 0.8.6-svn20061012.debian-1.2 (bug #405425; medium)
-CVE-2007-0016 (Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers ...)
+CVE-2007-0016
 	NOT-FOR-US: MoviePlay
 CVE-2007-XXXX [webcam-server unspecified vulnerability]
 	- webcam-server 0.50-2
-CVE-2007-0015 (Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to ...)
+CVE-2007-0015
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-0014 (ChainKey Java Code Protection allows attackers to decompile Java class ...)
+CVE-2007-0014
 	NOT-FOR-US: ChainKey Java Code Protection
 CVE-2007-0013
 	RESERVED
-CVE-2007-0012 (Sun JRE 5.0 before update 14 allows remote attackers to cause a denial ...)
+CVE-2007-0012
 	- sun-java5 <removed> (unimportant)
 	- sun-java6 <removed> (unimportant)
 	- openjdk-6 <removed> (unimportant)
 	NOTE: not a security issue, browser dos treated as regular bugs, also likely Windows-specific
-CVE-2007-0011 (The web portal interface in Citrix Access Gateway (aka Citrix Advanced ...)
+CVE-2007-0011
 	NOT-FOR-US: Citrix Access Gateway
-CVE-2007-0010 (The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) ...)
+CVE-2007-0010
 	{DSA-1256-1}
 	- gtk+2.0 2.8.20-5
-CVE-2007-0009 (Stack-based buffer overflow in the SSLv2 support in Mozilla Network ...)
+CVE-2007-0009
 	{DSA-1336-1}
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -16001,7 +16001,7 @@ CVE-2007-0009 (Stack-based buffer overflow in the SSLv2 support in Mozilla Netwo
 	- icedove 1.5.0.10.dfsg1-1
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0008 (Integer underflow in the SSLv2 support in Mozilla Network Security ...)
+CVE-2007-0008
 	{DSA-1336-1}
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -16010,24 +16010,24 @@ CVE-2007-0008 (Integer underflow in the SSLv2 support in Mozilla Network Securit
 	- icedove 1.5.0.10.dfsg1-1
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0007 (gnucash 2.0.4 and earlier allows local users to overwrite arbitrary ...)
+CVE-2007-0007
 	- gnucash 2.0.5-1 (bug #411942; medium)
-CVE-2007-0006 (The key serial number collision avoidance code in the key_alloc_serial ...)
+CVE-2007-0006
 	- linux-2.6 2.6.18.dfsg.1-12
-CVE-2007-0005 (Multiple buffer overflows in the (1) read and (2) write handlers in ...)
+CVE-2007-0005
 	{DSA-1286-1}
 	- linux-2.6 2.6.20-1
-CVE-2007-0004 (The NFS client implementation in the kernel in Red Hat Enterprise ...)
+CVE-2007-0004
 	NOTE: if security relevant at all, it's 2.4.* only
 	- linux-2.6 <not-affected> (2.4 only)
-CVE-2007-0003 (pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers ...)
+CVE-2007-0003
 	- pam <not-affected> (Only pam 0.99.7 affected)
-CVE-2007-0002 (Multiple heap-based buffer overflows in WordPerfect Document ...)
+CVE-2007-0002
 	{DSA-1270-1 DSA-1268-1}
 	- libwpd 0.8.9-1
 	NOTE: openoffice.org changelog indicates libwpd is included but not used
 	- openoffice.org 2.0.4.dfsg.2-6
 	[etch] - openoffice.org 2.0.4.dfsg.2-5etch1
 	[etch] - libwpd 0.8.7-6
-CVE-2007-0001 (The file watch implementation in the audit subsystem (auditctl -w) in ...)
+CVE-2007-0001
 	- linux-2.6 <not-affected> (Red Hat specific vulnerability)
diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index 4b12c83a56..8d44cf79bf 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -1,10 +1,10 @@
-CVE-2008-7320 (** DISPUTED ** GNOME Seahorse through 3.30 allows physically proximate ...)
+CVE-2008-7320
 	- seahorse <unfixed> (unimportant)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774/comments/13
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=551036
 	NOTE: Explicitly a design decision by upstream and not considered a security issue
-CVE-2008-7319 (The Net::Ping::External extension through 0.15 for Perl does not ...)
+CVE-2008-7319
 	- libnet-ping-external-perl <removed> (bug #881097)
 	[wheezy] - libnet-ping-external-perl <ignored> (Package may be removed from Wheezy, see #881102)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=33230
@@ -13,11 +13,11 @@ CVE-2008-7318
 	RESERVED
 CVE-2008-7317
 	RESERVED
-CVE-2008-7316 (mm/filemap.c in the Linux kernel before 2.6.25 allows local users to ...)
+CVE-2008-7316
 	- linux <not-affected> (Issue fixed before the src:linux-2.6 rename)
 	- linux-2.6 2.6.25-1
 	NOTE: https://git.kernel.org/linus/124d3b7041f9a0ca7c43a6293e1cae4576c32fd5 (v2.6.25-rc1)
-CVE-2008-7315 (UI-Dialog 1.09 and earlier allows remote attackers to execute ...)
+CVE-2008-7315
 	- libui-dialog-perl 1.21-0.1 (bug #496448)
 	[jessie] - libui-dialog-perl <no-dsa> (Minor issue)
 	[wheezy] - libui-dialog-perl <no-dsa> (Minor issue)
@@ -26,18 +26,18 @@ CVE-2008-7315 (UI-Dialog 1.09 and earlier allows remote attackers to execute ...
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/08/2
 CVE-2008-7314
 	RESERVED
-CVE-2008-7313 (The _httpsrequest function in Snoopy allows remote attackers to ...)
+CVE-2008-7313
 	{DSA-3248-1 DLA-357-1}
 	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: additional commit missing, so fix for CVE-2008-4796 was incomplete
 	NOTE: http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27
-CVE-2008-7312 (The Filtering Service in Websense Enterprise 5.2 through 6.3 does not ...)
+CVE-2008-7312
 	NOT-FOR-US: Websense
-CVE-2008-7311 (The session cookie store implementation in Spree 0.2.0 uses a ...)
+CVE-2008-7311
 	NOT-FOR-US: Spree
-CVE-2008-7310 (Spree 0.2.0 does not properly restrict the use of a hash to provide ...)
+CVE-2008-7310
 	NOT-FOR-US: Spree
-CVE-2008-7309 (Insoshi before 20080920 does not properly restrict the use of a hash ...)
+CVE-2008-7309
 	NOT-FOR-US: Insoshi
 CVE-2008-7308
 	RESERVED
@@ -49,92 +49,92 @@ CVE-2008-7305
 	RESERVED
 CVE-2008-7304
 	RESERVED
-CVE-2008-7303 (The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do ...)
+CVE-2008-7303
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-7302 (SQL injection vulnerability in netinvoice.php in the nBill ...)
+CVE-2008-7302
 	NOT-FOR-US: Joomla extension
-CVE-2008-7301 (SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows ...)
+CVE-2008-7301
 	NOT-FOR-US: jSite
-CVE-2008-7300 (The labeled networking implementation in Solaris Trusted Extensions in ...)
+CVE-2008-7300
 	NOT-FOR-US: Oracle Solaris
-CVE-2008-7299 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses ...)
+CVE-2008-7299
 	NOT-FOR-US: Tivoli
-CVE-2008-7298 (The Android browser in Android cannot properly restrict modifications ...)
+CVE-2008-7298
 	NOT-FOR-US: Android browser
-CVE-2008-7297 (Opera cannot properly restrict modifications to cookies established in ...)
+CVE-2008-7297
 	NOT-FOR-US: Opera
-CVE-2008-7296 (Apple Safari cannot properly restrict modifications to cookies ...)
+CVE-2008-7296
 	NOT-FOR-US: Safari, see CVE-2008-7294 for potential webkit ramifications
-CVE-2008-7295 (Microsoft Internet Explorer cannot properly restrict modifications to ...)
+CVE-2008-7295
 	NOT-FOR-US: Internet Explorer
-CVE-2008-7294 (Google Chrome before 4.0.211.0 cannot properly restrict modifications ...)
+CVE-2008-7294
 	- chromium-browser 4.0.211.0
 	- webkit <not-affected>
-CVE-2008-7293 (Mozilla Firefox before 4 cannot properly restrict modifications to ...)
+CVE-2008-7293
 	- iceweasel 4.0-1 (unimportant)
 	NOTE: This is about the lack of HTTP Strict Transport Security, which is ultimately
 	NOTE: a security feature enhancement
-CVE-2008-7292 (Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before ...)
+CVE-2008-7292
 	- bugzilla 3.0.4-1
-CVE-2008-7290 (Memory leak in the ldap_explode_rdn API function in IBM Tivoli ...)
+CVE-2008-7290
 	NOT-FOR-US: Tivoli
-CVE-2008-7289 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 ...)
+CVE-2008-7289
 	NOT-FOR-US: Tivoli
-CVE-2008-7288 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 ...)
+CVE-2008-7288
 	NOT-FOR-US: Tivoli
-CVE-2008-7287 (Multiple memory leaks in the (1) ldap_init and (2) ...)
+CVE-2008-7287
 	NOT-FOR-US: Tivoli
-CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
+CVE-2008-7286
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
+CVE-2008-7285
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows ...)
+CVE-2008-7284
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-7283 (Open Ticket Request System (OTRS) before 2.2.6, when customer group ...)
+CVE-2008-7283
 	- otrs2 2.2.6-1
-CVE-2008-7282 (Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open ...)
+CVE-2008-7282
 	- otrs2 2.2.6-1
-CVE-2008-7281 (Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing ...)
+CVE-2008-7281
 	- otrs2 2.2.7-1
-CVE-2008-7280 (Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket ...)
+CVE-2008-7280
 	- otrs2 2.2.7-1
-CVE-2008-7279 (The CustomerInterface component in Open Ticket Request System (OTRS) ...)
+CVE-2008-7279
 	- otrs2 2.3.2-1
-CVE-2008-7278 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, ...)
+CVE-2008-7278
 	- otrs2 2.3.2-1 (low)
-CVE-2008-7277 (Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw ...)
+CVE-2008-7277
 	- otrs2 2.3.2-1 (low)
-CVE-2008-7276 (Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) ...)
+CVE-2008-7276
 	- otrs2 2.3.2-1 (low)
-CVE-2008-7275 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
+CVE-2008-7275
 	- otrs2 2.3.3-1
-CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
+CVE-2008-7274
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-7271 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...)
+CVE-2008-7271
 	- eclipse <not-affected> (Fixed before the version now in Squeeze)
-CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
+CVE-2008-7270
 	- openssl 0.9.8k-1
 	[lenny] - openssl 0.9.8g-15+lenny11
 	NOTE: lenny was fixed as a side effect of the fix of CVE-2010-4180
 	NOTE: which disabled the bug compatibility code
-CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows ...)
+CVE-2008-7269
 	NOT-FOR-US: SiteEngine
-CVE-2008-7268 (The phpinfo function in SiteEngine 5.x allows remote attackers to ...)
+CVE-2008-7268
 	NOT-FOR-US: SiteEngine
-CVE-2008-7267 (SQL injection vulnerability in announcements.php in SiteEngine 5.x ...)
+CVE-2008-7267
 	NOT-FOR-US: SiteEngine
-CVE-2008-7266 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...)
+CVE-2008-7266
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote ...)
+CVE-2008-7265
 	{DSA-2191-1}
 	- proftpd-dfsg 1.3.2-1 (low)
-CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows ...)
+CVE-2008-7264
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2008-7263 (ftpserver.py in pyftpdlib before 0.5.0 does not delay its response ...)
+CVE-2008-7263
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2008-7262 (Multiple directory traversal vulnerabilities in FTPServer.py in ...)
+CVE-2008-7262
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2008-7261 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
+CVE-2008-7261
 	NOT-FOR-US: IBM FileNet P8 Application Engine
 CVE-2008-XXXX [greylistd bypass]
 	- greylistd 0.8.7+nmu2 (low; bug #464084)
@@ -143,95 +143,95 @@ CVE-2008-7260
 	RESERVED
 CVE-2008-7259
 	RESERVED
-CVE-2008-7258 (** DISPUTED ** ...)
+CVE-2008-7258
 	- ssmtp <unfixed> (unimportant; bug #591515)
-CVE-2008-7257 (CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco ...)
+CVE-2008-7257
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2008-7256 (mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict ...)
+CVE-2008-7256
 	- linux-2.6 2.6.28-1 (low)
 	[lenny] - linux-2.6 2.6.26-23
-CVE-2008-7255 (login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves ...)
+CVE-2008-7255
 	- amsn 0.97.1~debian-1 (low)
-CVE-2008-7254 (Directory traversal vulnerability in includes/template-loader.php in ...)
+CVE-2008-7254
 	NOT-FOR-US: Pepsi CMS
-CVE-2008-7253 (The default configuration of the web server in IBM Lotus Domino ...)
+CVE-2008-7253
 	NOT-FOR-US: IBM Lotus Domino Server
-CVE-2008-7252 (libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses ...)
+CVE-2008-7252
 	{DSA-2034-1}
 	- phpmyadmin 4:3.0.0-1
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
-CVE-2008-7251 (libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a ...)
+CVE-2008-7251
 	{DSA-2034-1}
 	- phpmyadmin 4:3.0.0-1
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
-CVE-2008-7250 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report ...)
+CVE-2008-7250
 	- sarg 2.2.5-1 (low)
-CVE-2008-7249 (Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and ...)
+CVE-2008-7249
 	- sarg 2.2.4-1 (medium)
-CVE-2008-7247 (sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, ...)
+CVE-2008-7247
 	- mysql-5.1 5.1.49-3 (low; bug #569484)
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
-CVE-2008-7248 (Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify ...)
+CVE-2008-7248
 	- rails 2.2.3-1 (medium; bug #558685)
 	[lenny] - rails <not-affected> (Vulnerable code not present)
 	NOTE: http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1
-CVE-2008-7246 (Google Chrome 0.2.149.29 and earlier allows remote attackers to cause ...)
+CVE-2008-7246
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: browser denial of services aren't considered security-relevant
-CVE-2008-7245 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)
+CVE-2008-7245
 	NOT-FOR-US: Opera
-CVE-2008-7244 (Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a ...)
+CVE-2008-7244
 	- xulrunner <unfixed> (unimportant)
 	NOTE: browser denial-of-services are unimportant
-CVE-2008-7243 (Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS ...)
+CVE-2008-7243
 	NOT-FOR-US: MODx CMS
-CVE-2008-7242 (Multiple cross-site scripting (XSS) vulnerabilities in MODx CMS ...)
+CVE-2008-7242
 	NOT-FOR-US: MODx CMS
-CVE-2008-7241 (Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 ...)
+CVE-2008-7241
 	NOT-FOR-US: PunBB
-CVE-2008-7240 (Directory traversal vulnerability in include/unverified.inc.php in ...)
+CVE-2008-7240
 	NOT-FOR-US: Linux Web Shop (LWS) php User Base
-CVE-2008-7228 (Multiple format string vulnerabilities in White_Dune before ...)
+CVE-2008-7228
 	- whitedune <not-affected> (bug #546903)
 	NOTE: The debian binary versions are not compiled with the --with-aflockdebug option
-CVE-2008-7224 (Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows ...)
+CVE-2008-7224
 	{DSA-1902-1}
 	- elinks 0.11.3-1 (low; bug #380347)
-CVE-2008-7239 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2008-7239
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7238 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 ...)
+CVE-2008-7238
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7237 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2008-7237
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7236 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2008-7236
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7235 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
+CVE-2008-7235
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7234 (Unspecified vulnerability in the Oracle BPEL Worklist Application ...)
+CVE-2008-7234
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7233 (Unspecified vulnerability in the E-Business Application client, as ...)
+CVE-2008-7233
 	NOT-FOR-US: E-Business Application client
-CVE-2008-7232 (Buffer overflow in the report function in xtacacsd 4.1.2 and earlier ...)
+CVE-2008-7232
 	NOT-FOR-US: xtacacsd
-CVE-2008-7231 (Cross-site scripting (XSS) vulnerability in Meridio Document and ...)
+CVE-2008-7231
 	NOT-FOR-US: Meridio Document and Records Management
-CVE-2008-7230 (Unspecified vulnerability in Small Footprint CIM Broker (SFCB) before ...)
+CVE-2008-7230
 	NOT-FOR-US: Small Footprint CIM Broker
-CVE-2008-7229 (GreenSQL Firewall (greensql-fw) before 0.9.2 allows remote attackers ...)
+CVE-2008-7229
 	NOT-FOR-US: GreenSQL Firewall
-CVE-2008-7227 (PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 ...)
+CVE-2008-7227
 	NOT-FOR-US: GeoServer
-CVE-2008-7226 (SQL injection vulnerability in index.php in the Recipes module 1.3, ...)
+CVE-2008-7226
 	NOT-FOR-US: Recipes module for PHP-Nuke
-CVE-2008-7225 (Heap-based buffer overflow in Foxit Remote Access Server (aka WAC ...)
+CVE-2008-7225
 	NOT-FOR-US: Foxit Remote Access Server
-CVE-2008-7223 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...)
+CVE-2008-7223
 	NOT-FOR-US: LinPHA
-CVE-2008-7222 (Cross-site scripting (XSS) vulnerability in system/admin.php in RunCMS ...)
+CVE-2008-7222
 	NOT-FOR-US: RunCMS
-CVE-2008-7221 (Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows ...)
+CVE-2008-7221
 	NOT-FOR-US: RunCMS
-CVE-2008-7220 (Unspecified vulnerability in Prototype JavaScript framework ...)
+CVE-2008-7220
 	{DSA-1952-1}
 	- prototypejs 1.6.0.2-1
 	- asterisk 1:1.6.2.0~rc3-1 (low; bug #555220)
@@ -301,2393 +301,2393 @@ CVE-2008-7220 (Unspecified vulnerability in Prototype JavaScript framework ...)
 	- jifty <not-affected> (fixed since initial inclusion)
 	- jquery <not-affected> (fixed since initial inclusion)
 	- passenger <not-affected> (fixed since initial inclusion)
-CVE-2008-7219 (Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 ...)
+CVE-2008-7219
 	- kronolith2 2.1.7-1
 	- nag2 2.1.4-1
 	- mnemo2 2.1.2-1
-CVE-2008-7218 (Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 ...)
+CVE-2008-7218
 	{DSA-1897-1}
 	- horde3 3.1.6-1
 	- turba2 2.1.7-1
 	- kronolith2 2.1.7-1
 	- nag2 2.1.4-1
 	- mnemo2 2.1.2-1
-CVE-2008-7217 (Microsoft Office 2008 for Mac, when running on Macintosh systems that ...)
+CVE-2008-7217
 	NOT-FOR-US: Microsoft Office
-CVE-2008-7216 (Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio ...)
+CVE-2008-7216
 	NOT-FOR-US: Math Anti-Spam Spinoff plugin for WordPress
-CVE-2008-7215 (The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and ...)
+CVE-2008-7215
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7214 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-7214
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7213 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-7213
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7212 (MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote ...)
+CVE-2008-7212
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7211 (CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in ...)
+CVE-2008-7211
 	NOT-FOR-US: CreativeLabs WDM audio driver
-CVE-2008-7210 (directory.php in AJchat 0.10 allows remote attackers to bypass input ...)
+CVE-2008-7210
 	NOT-FOR-US: AJchat
-CVE-2008-7209 (Unrestricted file upload vulnerability in the add2 action in ...)
+CVE-2008-7209
 	NOT-FOR-US: OneCMS
-CVE-2008-7208 (Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly ...)
+CVE-2008-7208
 	NOT-FOR-US: OneCMS
-CVE-2008-7207 (RivetTracker before 1.0 stores passwords in cleartext in config.php, ...)
+CVE-2008-7207
 	NOT-FOR-US: RivetTracker
-CVE-2008-7206 (Unspecified vulnerability in Electronic Logbook (ELOG) before 2.7.2 ...)
+CVE-2008-7206
 	NOT-FOR-US: Electronic Logbook
-CVE-2008-7205 (Unspecified vulnerability in the product view functionality in ...)
+CVE-2008-7205
 	NOT-FOR-US: VirtueMart
-CVE-2008-7204 (Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a ...)
+CVE-2008-7204
 	NOT-FOR-US: VirtueMart
-CVE-2008-7203 (Valve Software Half-Life Counter-Strike 1.6 allows remote attackers to ...)
+CVE-2008-7203
 	NOT-FOR-US: Valve Software Half-Life Counter-Strike
-CVE-2008-7202 (Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail ...)
+CVE-2008-7202
 	NOT-FOR-US: OpenWebMail
-CVE-2008-7201 (Lantronix MSS485-T allows remote attackers to cause a denial of ...)
+CVE-2008-7201
 	NOT-FOR-US: Lantronix MSS485-T
-CVE-2008-7200 (Double free vulnerability in Deliantra server engine before 2.4 has ...)
+CVE-2008-7200
 	NOT-FOR-US: Deliantra server engine
-CVE-2008-7199 (Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a ...)
+CVE-2008-7199
 	NOT-FOR-US: Phoenix Contact FL IL 24 BK-PAC
-CVE-2008-7198 (Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have ...)
+CVE-2008-7198
 	NOT-FOR-US: phpns
-CVE-2008-7197 (Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have ...)
+CVE-2008-7197
 	NOT-FOR-US: G15Daemon
-CVE-2008-7196 (Unspecified vulnerability in metashell before 0.03 has unknown impact ...)
+CVE-2008-7196
 	NOT-FOR-US: metashell
-CVE-2008-7195 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used ...)
+CVE-2008-7195
 	NOT-FOR-US: Fujitsu Interstage HTTP Server
-CVE-2008-7194 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used ...)
+CVE-2008-7194
 	NOT-FOR-US: Fujitsu Interstage HTTP Server
-CVE-2008-7193 (PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows ...)
+CVE-2008-7193
 	NOT-FOR-US: PHPKIT
-CVE-2008-7192 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+CVE-2008-7192
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-7191 (Unspecified vulnerability in Polipo before 1.0.4 allows remote ...)
+CVE-2008-7191
 	- polipo 1.0.4-1 (low)
-CVE-2008-7190 (Unspecified vulnerability in Adium before 1.2 has unknown impact and ...)
+CVE-2008-7190
 	NOT-FOR-US: Adium
-CVE-2008-7189 (Multiple unspecified vulnerabilities in Local Media Browser before 0.1 ...)
+CVE-2008-7189
 	NOT-FOR-US: Local Media Browser
-CVE-2008-7188 (ClipShare 2.6 does not properly restrict access to certain ...)
+CVE-2008-7188
 	NOT-FOR-US: ClipShare
-CVE-2008-7187 (Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to ...)
+CVE-2008-7187
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-7186 (Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to ...)
+CVE-2008-7186
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-7185 (GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of ...)
+CVE-2008-7185
 	- rhythmbox <unfixed> (unimportant)
 	NOTE: No practical security impact
-CVE-2008-7184 (Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet ...)
+CVE-2008-7184
 	NOT-FOR-US: Diigo Toolbar and Diigolet
-CVE-2008-7183 (PHP remote file inclusion vulnerability in eva/index.php in EVA CMS ...)
+CVE-2008-7183
 	NOT-FOR-US: EVA CMS
-CVE-2008-7182 (Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and ...)
+CVE-2008-7182
 	NOT-FOR-US: Surgemail
-CVE-2008-7181 (Butterfly Organizer 2.0.0 allows remote attackers to (1) delete ...)
+CVE-2008-7181
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-7180 (del_query1.php in Telephone Directory 2008 allows remote attackers to ...)
+CVE-2008-7180
 	NOT-FOR-US: Telephone Directory
-CVE-2008-7179 (OTManager CMS 2.4 allows remote attackers to bypass authentication and ...)
+CVE-2008-7179
 	NOT-FOR-US: OTManager
-CVE-2008-7178 (Directory traversal vulnerability in Uploader module 1.1 for XOOPS ...)
+CVE-2008-7178
 	NOT-FOR-US: XOOPS
-CVE-2008-7177 (Buffer overflow in the listing module in Netwide Assembler (NASM) ...)
+CVE-2008-7177
 	- nasm 2.03.01-1 (low)
-CVE-2008-7176 (Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow ...)
+CVE-2008-7176
 	NOT-FOR-US: Facil CMS
-CVE-2008-7175 (Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in ...)
+CVE-2008-7175
 	NOT-FOR-US: NextGEN Gallery third party plugin for wordpress
-CVE-2008-7174 (Multiple buffer overflows in the Jura Internet Connection Kit for the ...)
+CVE-2008-7174
 	NOT-FOR-US: Jura Impressa
-CVE-2008-7173 (The Jura Internet Connection Kit for the Jura Impressa F90 coffee ...)
+CVE-2008-7173
 	NOT-FOR-US: Jura Impressa
-CVE-2008-7172 (Lightweight news portal (LNP) 1.0b does not properly restrict access ...)
+CVE-2008-7172
 	NOT-FOR-US: Lightweight news portal
-CVE-2008-7171 (Multiple cross-site scripting (XSS) vulnerabilities in Lightweight ...)
+CVE-2008-7171
 	NOT-FOR-US: Lightweight news portal
-CVE-2008-7170 (GSC build 2067 and earlier relies on the client to enforce ...)
+CVE-2008-7170
 	NOT-FOR-US: GSC build
-CVE-2008-7169 (SQL injection vulnerability in Jabode horoscope extension (com_jabode) ...)
+CVE-2008-7169
 	NOT-FOR-US: Joomla!
-CVE-2008-7168 (Insecure method vulnerability in the UUSee UUUpgrade ActiveX control ...)
+CVE-2008-7168
 	NOT-FOR-US: ActiveX
-CVE-2008-7167 (Unrestricted file upload vulnerability in upload.php in Page Manager ...)
+CVE-2008-7167
 	NOT-FOR-US: Page Manager
-CVE-2008-7166 (Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) ...)
+CVE-2008-7166
 	NOT-FOR-US: web interface in BitTorrent 6.0.1 (build 7859)
-CVE-2008-7165 (Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the ...)
+CVE-2008-7165
 	NOT-FOR-US: TELECOM ITALIA Alice Gate2 Plus Wi-Fi
-CVE-2008-7164 (Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have ...)
+CVE-2008-7164
 	NOT-FOR-US: Shareaza
-CVE-2008-7163 (Directory traversal vulnerability in mods/Integrated/index.php in ...)
+CVE-2008-7163
 	NOT-FOR-US: SineCMS
-CVE-2008-7162 (Buffer overflow in Hero Super Player 3000 allows remote attackers to ...)
+CVE-2008-7162
 	NOT-FOR-US: Hero Super Player
-CVE-2008-7161 (Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 ...)
+CVE-2008-7161
 	NOT-FOR-US: Fortinet FortiGuard Fortinet
-CVE-2008-7159 (The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in ...)
+CVE-2008-7159
 	{DSA-1879-1}
 	[lenny] - silc-toolkit 1.1.7-2+lenny1
 	- silc-toolkit 1.1.10-1 (low)
 	- silc-client 1.1-2 (low)
 	- silc-server <not-affected> (Vulnerable code not present)
 	NOTE: silc-client uses libsilc from silc-toolkit since 1.1-2
-CVE-2008-7160 (The silc_http_server_parse function in lib/silchttp/silchttpserver.c ...)
+CVE-2008-7160
 	{DSA-1879-1}
 	- silc-toolkit 1.1.10-1 (low)
 	- silc-client 1.1-2 (low)
 	- silc-server 1.1.2-1 (low)
 	NOTE: silc-client/silc-server use libsilc from silc-toolkit since 1.1-2
-CVE-2008-7158 (Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows ...)
+CVE-2008-7158
 	NOT-FOR-US: Numara FootPrints
-CVE-2008-7157 (Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier ...)
+CVE-2008-7157
 	NOT-FOR-US: EkinBoard
-CVE-2008-7156 (EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows ...)
+CVE-2008-7156
 	NOT-FOR-US: EkinBoard
-CVE-2008-7155 (NetRisk 1.9.7 does not properly restrict access to ...)
+CVE-2008-7155
 	NOT-FOR-US: NetRisk
-CVE-2008-7154 (Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2008-7154
 	NOT-FOR-US: Docebo
-CVE-2008-7153 (SQL injection vulnerability in the autoDetectRegion function in ...)
+CVE-2008-7153
 	NOT-FOR-US: Docebo
-CVE-2008-7152 (Multiple PHP remote file inclusion vulnerabilities in Specimen Image ...)
+CVE-2008-7152
 	NOT-FOR-US: Specimen Image Database
-CVE-2008-7151 (Cross-site request forgery (CSRF) vulnerability in Live 5.x before ...)
+CVE-2008-7151
 	NOT-FOR-US: Live third-party Drupal module
-CVE-2008-7150 (Cross-site scripting (XSS) vulnerability in Refine by Taxonomy 5.x ...)
+CVE-2008-7150
 	NOT-FOR-US: Refine by Taxonomy
-CVE-2008-7149 (Unspecified vulnerability in AgileWiki before 0.10.1 has unknown ...)
+CVE-2008-7149
 	NOT-FOR-US: AgileWiki
-CVE-2008-7148 (Unspecified vulnerability in Synfig Animation Studio before 0.61.08 ...)
+CVE-2008-7148
 	- synfig 0.61.08-1
-CVE-2008-7147 (Multiple cross-site scripting (XSS) vulnerabilities in IntraLearn ...)
+CVE-2008-7147
 	NOT-FOR-US: IntraLearn Software IntraLearn
-CVE-2008-7146 (IntraLearn Software IntraLearn 2.1, and possibly other versions before ...)
+CVE-2008-7146
 	NOT-FOR-US: IntraLearn Software IntraLearn
-CVE-2008-7145 (Multiple SQL injection vulnerabilities in index.php in CoronaMatrix ...)
+CVE-2008-7145
 	NOT-FOR-US: CoronaMatrix phpAddressBook
-CVE-2008-7144 (Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have ...)
+CVE-2008-7144
 	NOT-FOR-US: RARLAB WinRAR
-CVE-2008-7143 (phpBB 2.0.23 includes the session ID in a request to modcp.php when ...)
+CVE-2008-7143
 	- phpbb2 <removed>
-CVE-2008-7142 (Absolute path traversal vulnerability in the Disk Usage module ...)
+CVE-2008-7142
 	NOT-FOR-US: cPanel
-CVE-2008-7141 (Cross-site scripting (XSS) vulnerability in setup.php in @lex Poll 2.1 ...)
+CVE-2008-7141
 	NOT-FOR-US: @lex Poll
-CVE-2008-7140 (Multiple cross-site scripting (XSS) vulnerabilities in @lex Guestbook ...)
+CVE-2008-7140
 	NOT-FOR-US: @lex Guestbook
-CVE-2008-7139 (Multiple cross-site request forgery (CSRF) vulnerabilities in WS-Proxy ...)
+CVE-2008-7139
 	NOT-FOR-US: Eye-Fi
-CVE-2008-7138 (The Manager in Eye-Fi 1.1.2 generates predictable snonce values based ...)
+CVE-2008-7138
 	NOT-FOR-US: Eye-Fi
-CVE-2008-7137 (WS-Proxy in Eye-Fi 1.1.2 allows remote attackers to cause a denial of ...)
+CVE-2008-7137
 	NOT-FOR-US: Eye-Fi
-CVE-2008-7136 (toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers ...)
+CVE-2008-7136
 	NOT-FOR-US: ICQ Toolbar
-CVE-2008-7135 (toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers ...)
+CVE-2008-7135
 	NOT-FOR-US: ICQ Toolbar
-CVE-2008-7134 (Multiple cross-site scripting (XSS) vulnerabilities in the default URI ...)
+CVE-2008-7134
 	NOT-FOR-US: Chris LaPointe RedGalaxy Download Center
-CVE-2008-7133 (Multiple cross-site scripting (XSS) vulnerabilities in onlinetools.org ...)
+CVE-2008-7133
 	NOT-FOR-US: onlinetools.org EasyImageCatalogue
-CVE-2008-7132 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan ...)
+CVE-2008-7132
 	NOT-FOR-US: Nuked-Klan
-CVE-2008-7131 (Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier ...)
+CVE-2008-7131
 	NOT-FOR-US: DB2 Monitoring Console
-CVE-2008-7130 (Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier ...)
+CVE-2008-7130
 	NOT-FOR-US: DB2 Monitoring Console
-CVE-2008-7129 (XySSL before 0.9 allows remote attackers to cause a denial of service ...)
+CVE-2008-7129
 	- xyssl 0.9-1
 	- polarssl <not-affected> (fixed in xyssl before polarssl was forked from it)
 	- pdkim <itp> (bug #543150)
 	NOTE: check pdkim if/when it enters unstable (contains polarssl code copy)
-CVE-2008-7128 (The ssl_parse_client_key_exchange function in XySSL before 0.9 does ...)
+CVE-2008-7128
 	- xyssl 0.9-1
 	- polarssl <not-affected> (fixed in xyssl before polarssl was forked from it)
 	- pdkim <itp> (bug #543150)
 	NOTE: check pdkim if/when it enters unstable (contains polarssl code copy)
-CVE-2008-7127 (osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and ...)
+CVE-2008-7127
 	NOT-FOR-US: Borland VisiBroker Smart Agent
-CVE-2008-7126 (Integer overflow in osagent.exe in Borland VisiBroker Smart Agent ...)
+CVE-2008-7126
 	NOT-FOR-US: Borland VisiBroker Smart Agent
-CVE-2008-7125 (pphoto in Ariadne before 2.6 allows remote authenticated users with ...)
+CVE-2008-7125
 	NOT-FOR-US: Ariadne
-CVE-2008-7124 (zKup CMS 2.0 through 2.3 does not require administrative ...)
+CVE-2008-7124
 	NOT-FOR-US: zKup CMS
-CVE-2008-7123 (Static code injection vulnerability in ...)
+CVE-2008-7123
 	NOT-FOR-US: zKup CMS
-CVE-2008-7122 (Multiple insecure method vulnerabilities in an ActiveX control in ...)
+CVE-2008-7122
 	NOT-FOR-US: ActiveX
-CVE-2008-7121 (Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links ...)
+CVE-2008-7121
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-7120 (SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and ...)
+CVE-2008-7120
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-7119 (SQL injection vulnerability in item.php in WeBid auction script 0.5.4 ...)
+CVE-2008-7119
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7118 (WeBid auction script 0.5.4 stores sensitive information under the web ...)
+CVE-2008-7118
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7117 (eledicss.php in WeBid auction script 0.5.4 allows remote attackers to ...)
+CVE-2008-7117
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7116 (SQL injection vulnerability in the admin panel (admin/) in WeBid ...)
+CVE-2008-7116
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7115 (The web interface to the Belkin Wireless G router and ADSL2 modem ...)
+CVE-2008-7115
 	NOT-FOR-US: Belkin Wireless G
-CVE-2008-7114 (SQL injection vulnerability in members_search.php in iFusion Services ...)
+CVE-2008-7114
 	NOT-FOR-US: iFusion Services
-CVE-2008-7113 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 ...)
+CVE-2008-7113
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7112 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 ...)
+CVE-2008-7112
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7111 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 ...)
+CVE-2008-7111
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7110 (Directory traversal vulnerability in the Scanner File Utility (aka ...)
+CVE-2008-7110
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7109 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 ...)
+CVE-2008-7109
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7108 (Multiple cross-site scripting (XSS) vulnerabilities in Carmosa phpCart ...)
+CVE-2008-7108
 	NOT-FOR-US: Carmosa phpCart
-CVE-2008-7107 (easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to ...)
+CVE-2008-7107
 	NOT-FOR-US: ESET Smart Security
-CVE-2008-7106 (The installation of Sophos PureMessage for Microsoft Exchange 3.0 ...)
+CVE-2008-7106
 	NOT-FOR-US: Microsoft Exchange
-CVE-2008-7105 (Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows ...)
+CVE-2008-7105
 	NOT-FOR-US: Sophos PureMessage for Microsoft Exchange
-CVE-2008-7104 (Sophos PureMessage Scanner service (PMScanner.exe) in PureMessage for ...)
+CVE-2008-7104
 	NOT-FOR-US: Sophos PureMessage Scanner service
-CVE-2008-7103 (Stack-based buffer overflow in an ActiveX control in ...)
+CVE-2008-7103
 	NOT-FOR-US: Toolbar 2.0.4.1
-CVE-2008-7102 (DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx ...)
+CVE-2008-7102
 	NOT-FOR-US: DotNetNuke
-CVE-2008-7101 (Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 5.0 ...)
+CVE-2008-7101
 	NOT-FOR-US: DotNetNuke
-CVE-2008-7100 (Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows ...)
+CVE-2008-7100
 	NOT-FOR-US: DotNetNuke
-CVE-2008-7099 (Unspecified vulnerability in the Manage Templates feature in Qsoft ...)
+CVE-2008-7099
 	NOT-FOR-US: Qsoft K-Rate Premium
-CVE-2008-7098 (Multiple cross-site scripting (XSS) vulnerabilities in Qsoft K-Rate ...)
+CVE-2008-7098
 	NOT-FOR-US: Qsoft K-Rate Premium
-CVE-2008-7097 (Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow ...)
+CVE-2008-7097
 	NOT-FOR-US: Qsoft K-Rate Premium
-CVE-2008-7096 (Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, ...)
+CVE-2008-7096
 	NOT-FOR-US: Intel Desktop and Intel Mobile Boards
-CVE-2008-7095 (The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does ...)
+CVE-2008-7095
 	NOT-FOR-US: ArubaOS
-CVE-2008-7094 (Campaign/CampaignListener in the listener server in Unica Affinium ...)
+CVE-2008-7094
 	NOT-FOR-US: Affinium Campaign
-CVE-2008-7093 (Multiple directory traversal vulnerabilities in Unica Affinium ...)
+CVE-2008-7093
 	NOT-FOR-US: Affinium Campaign
-CVE-2008-7092 (Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium ...)
+CVE-2008-7092
 	NOT-FOR-US: Affinium Campaign
-CVE-2008-7091 (Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow ...)
+CVE-2008-7091
 	NOT-FOR-US: Pligg
-CVE-2008-7090 (Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier ...)
+CVE-2008-7090
 	NOT-FOR-US: Pligg
-CVE-2008-7089 (Cross-site scripting (XSS) vulnerability in Pligg 9.9 and earlier ...)
+CVE-2008-7089
 	NOT-FOR-US: Pligg
-CVE-2008-7088 (Unrestricted file upload vulnerability in upload.php in PhotoPost ...)
+CVE-2008-7088
 	NOT-FOR-US: PhotoPost vBGallery
-CVE-2008-7087 (PHP remote file inclusion vulnerability in search_wA.php in OpenPro ...)
+CVE-2008-7087
 	NOT-FOR-US: OpenPro
-CVE-2008-7086 (Maian Greetings 2.1 allows remote attackers to bypass authentication ...)
+CVE-2008-7086
 	NOT-FOR-US: Maian Greetings
-CVE-2008-7085 (Multiple SQL injection vulnerabilities in TheHockeyStop HockeySTATS ...)
+CVE-2008-7085
 	NOT-FOR-US: TheHockeyStop HockeySTATS Online
-CVE-2008-7084 (Directory traversal vulnerability in the web server 1.0 in Velocity ...)
+CVE-2008-7084
 	NOT-FOR-US: Velocity Security Management System
-CVE-2008-7083 (Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter ...)
+CVE-2008-7083
 	NOT-FOR-US: ReVou Micro Blogging Twitter clone
-CVE-2008-7082 (MyBB (aka MyBulletinBoard) 1.4.3 includes the sensitive my_post_key ...)
+CVE-2008-7082
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2008-7081 (userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 ...)
+CVE-2008-7081
 	NOT-FOR-US: RaidSonic ICY BOX NAS firmware
-CVE-2008-7080 (Team PHP PHP Classifieds Script stores sensitive information under the ...)
+CVE-2008-7080
 	NOT-FOR-US: Team PHP PHP Classifieds Script
-CVE-2008-7079 (Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to ...)
+CVE-2008-7079
 	NOT-FOR-US: Nero ShowTime
-CVE-2008-7078 (Multiple buffer overflows in Rumpus before 6.0.1 allow remote ...)
+CVE-2008-7078
 	NOT-FOR-US: Rumpus
-CVE-2008-7077 (Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow ...)
+CVE-2008-7077
 	NOT-FOR-US: SailPlanner
-CVE-2008-7076 (Unrestricted file upload vulnerability in user.modify.profile.php in ...)
+CVE-2008-7076
 	NOT-FOR-US: Kalptaru Infotech Ltd. Star Articles
-CVE-2008-7075 (Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star ...)
+CVE-2008-7075
 	NOT-FOR-US: Kalptaru Infotech Ltd. Star Articles
-CVE-2008-7074 (Format string vulnerability in MemeCode Software i.Scribe 1.88 through ...)
+CVE-2008-7074
 	NOT-FOR-US: MemeCode Software i.Scribe
-CVE-2008-7073 (PHP remote file inclusion vulnerability in lib/action/rss.php in RSS ...)
+CVE-2008-7073
 	NOT-FOR-US: RSS module 0.1 for Pie Web M{a,e}sher
-CVE-2008-7072 (Cross-site scripting (XSS) vulnerability in index.php in Chipmunk ...)
+CVE-2008-7072
 	NOT-FOR-US: Chipmunk Topsites
-CVE-2008-7071 (SQL injection vulnerability in authenticate.php in Chipmunk Topsites ...)
+CVE-2008-7071
 	NOT-FOR-US: Chipmunk Topsites
-CVE-2008-7070 (Argument injection vulnerability in the URI handler in KVIrc 3.4.2 ...)
+CVE-2008-7070
 	- kvirc <not-affected> (Only affects Windows builds)
 	NOTE: https://svn.kvirc.de/kvirc/ticket/274#comment:8
-CVE-2008-7069 (All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information ...)
+CVE-2008-7069
 	NOT-FOR-US: All Club CMS (ACCMS)
-CVE-2008-7067 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-7067
 	NOT-FOR-US: PageTree CMS
-CVE-2008-7066 (OpenForum 0.66 Beta allows remote attackers to bypass authentication ...)
+CVE-2008-7066
 	NOT-FOR-US: OpenForum
-CVE-2008-7065 (Siemens C450 IP and C475 IP VoIP devices allow remote attackers to ...)
+CVE-2008-7065
 	NOT-FOR-US: Siemens C450 IP and C475 IP VoIP devices
-CVE-2008-7064 (Directory traversal vulnerability in the get_lang function in ...)
+CVE-2008-7064
 	NOT-FOR-US: Quicksilver Forums
-CVE-2008-7063 (Ocean12 FAQ Manager Pro stores sensitive data under the web root with ...)
+CVE-2008-7063
 	NOT-FOR-US: Ocean12 FAQ Manager Pro
-CVE-2008-7062 (Unrestricted file upload vulnerability in admin/index.php in Download ...)
+CVE-2008-7062
 	NOT-FOR-US: Download Manager module 1.0 for LoveCMS
-CVE-2008-7061 (The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome ...)
+CVE-2008-7061
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-7060 (Multiple cross-site scripting (XSS) vulnerabilities in One-News Beta 2 ...)
+CVE-2008-7060
 	NOT-FOR-US: One-News
-CVE-2008-7059 (SQL injection vulnerability in index.php in One-News Beta 2 allows ...)
+CVE-2008-7059
 	NOT-FOR-US: One-News
-CVE-2008-7058 (Cross-site request forgery (CSRF) vulnerability in BandSite CMS 1.1.4 ...)
+CVE-2008-7058
 	NOT-FOR-US: BandSite CMS
-CVE-2008-7057 (Cross-site scripting (XSS) vulnerability in merchandise.php in ...)
+CVE-2008-7057
 	NOT-FOR-US: BandSite CMS
-CVE-2008-7056 (BandSite CMS 1.1.4 does not perform access control for ...)
+CVE-2008-7056
 	NOT-FOR-US: BandSite CMS
-CVE-2008-7055 (module.php in ezContents 2.0.3 allows remote attackers to bypass the ...)
+CVE-2008-7055
 	NOT-FOR-US: ezContents
-CVE-2008-7054 (Multiple directory traversal vulnerabilities in ezContents 2.0.3 allow ...)
+CVE-2008-7054
 	NOT-FOR-US: ezContents
-CVE-2008-7053 (LogMeIn Remote Access Utility ActiveX control (RACtrl.dll) allows ...)
+CVE-2008-7053
 	NOT-FOR-US: LogMeIn
-CVE-2008-7052 (Unrestricted file upload vulnerability in profile.php in Pre Projects ...)
+CVE-2008-7052
 	NOT-FOR-US: Pre Projects Pre Real Estate Listings
-CVE-2008-7051 (AJ Square AJ Article allows remote attackers to bypass authentication ...)
+CVE-2008-7051
 	NOT-FOR-US: AJ Square AJ Article
-CVE-2008-7050 (The password_check function in auth/auth_phpbb3.php in WoW Raid ...)
+CVE-2008-7050
 	NOT-FOR-US: WoW Raid Manager
-CVE-2008-7049 (Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 ...)
+CVE-2008-7049
 	NOT-FOR-US: NatterChat
-CVE-2008-7048 (Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 ...)
+CVE-2008-7048
 	NOT-FOR-US: NatterChat
-CVE-2008-7047 (NatterChat 1.1 allows remote attackers to bypass authentication and ...)
+CVE-2008-7047
 	NOT-FOR-US: NatterChat
-CVE-2008-7046 (AJ Square Free Polling Script (AJPoll) allows remote attackers to ...)
+CVE-2008-7046
 	NOT-FOR-US: AJ Square Free Polling Script
-CVE-2008-7045 (AJ Square Free Polling Script (AJPoll) Database version allows remote ...)
+CVE-2008-7045
 	NOT-FOR-US: AJ Square Free Polling Script
-CVE-2008-7044 (SQL injection vulnerability in admin/include/newpoll.php in AJ Square ...)
+CVE-2008-7044
 	NOT-FOR-US: AJ Square Free Polling Script
-CVE-2008-7043 (Cross-site scripting (XSS) vulnerability in register.php in ...)
+CVE-2008-7043
 	NOT-FOR-US: FreshScripts Fresh Email Script
-CVE-2008-7042 (PHP remote file inclusion vulnerability in url.php in FreshScripts ...)
+CVE-2008-7042
 	NOT-FOR-US: FreshScripts Fresh Email Script
-CVE-2008-7041 (AJ Classifieds allows remote attackers to bypass authentication and ...)
+CVE-2008-7041
 	NOT-FOR-US: AJ Classifieds
-CVE-2008-7040 (SQL injection vulnerability in ahah/sf-profile.php in the Yellow ...)
+CVE-2008-7040
 	NOT-FOR-US: Yellow Swordfish Simple Forum module for Wordpress
-CVE-2008-7039 (Cross-site scripting (XSS) vulnerability in admin/comments.php in ...)
+CVE-2008-7039
 	NOT-FOR-US: Gelato CMS
-CVE-2008-7038 (SQL injection vulnerability in the My_eGallery module for PHP-Nuke ...)
+CVE-2008-7038
 	NOT-FOR-US: My_eGallery module for PHP-Nuke
-CVE-2008-7037 (The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for ...)
+CVE-2008-7037
 	NOT-FOR-US: ITN News Gadget
-CVE-2008-7036 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-7036
 	NOT-FOR-US: DevTracker module 3.0 for bcoos
-CVE-2008-7035 (Cross-site scripting (XSS) vulnerability in an unspecified component ...)
+CVE-2008-7035
 	NOT-FOR-US: Simple Machines phpRaider
-CVE-2008-7034 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-7034
 	NOT-FOR-US: PHPEcho CMS
-CVE-2008-7033 (SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) ...)
+CVE-2008-7033
 	NOT-FOR-US: component for Joomla!
-CVE-2008-7032 (Web Management Console Cross-site request forgery (CSRF) vulnerability ...)
+CVE-2008-7032
 	NOT-FOR-US: web management console in F5 BIG-IP
-CVE-2008-7031 (Heap-based buffer overflow in Foxit Remote Access Server (aka WAC ...)
+CVE-2008-7031
 	NOT-FOR-US: Foxit Remote Access Server (aka WAC Server)
-CVE-2008-7030 (Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web ...)
+CVE-2008-7030
 	NOT-FOR-US: Site2Nite Real Estate Web
-CVE-2008-7029 (Unrestricted file upload vulnerability in usercp.php in AlilG ...)
+CVE-2008-7029
 	NOT-FOR-US: AlilG Application AliBoard
-CVE-2008-7028 (RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass ...)
+CVE-2008-7028
 	NOT-FOR-US: RPG.Board
-CVE-2008-7027 (Libra File Manager 1.18 and earlier allows remote attackers to bypass ...)
+CVE-2008-7027
 	NOT-FOR-US: Libra File Manager
-CVE-2008-7026 (Unrestricted file upload vulnerability in filesystem3.class.php in ...)
+CVE-2008-7026
 	NOT-FOR-US: eFront
-CVE-2008-7025 (TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe ...)
+CVE-2008-7025
 	NOT-FOR-US: Check Point ZoneAlarm
-CVE-2008-7024 (admin.php in Arz Development The Gemini Portal 4.7 and earlier allows ...)
+CVE-2008-7024
 	NOT-FOR-US: Arz Development The Gemini Portal
-CVE-2008-7023 (Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other ...)
+CVE-2008-7023
 	NOT-FOR-US: ArubaOS
-CVE-2008-7022 (Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat ...)
+CVE-2008-7022
 	NOT-FOR-US: Chilkat Software IMAP ActiveX control
-CVE-2008-7021 (Unrestricted file upload vulnerability in editlogo.php in AvailScript ...)
+CVE-2008-7021
 	NOT-FOR-US: AvailScript Jobs Portal Script
-CVE-2008-7020 (McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores ...)
+CVE-2008-7020
 	NOT-FOR-US: McAfee SafeBoot Device Encryption
-CVE-2008-7019 (Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass ...)
+CVE-2008-7019
 	NOT-FOR-US: Esqlanelapse
-CVE-2008-7018 (Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar ...)
+CVE-2008-7018
 	NOT-FOR-US: NashTech Easy PHP Calendar
-CVE-2008-7017 (Cross-site scripting (XSS) vulnerability in analyse.php in CAcert ...)
+CVE-2008-7017
 	NOT-FOR-US: CAcert
-CVE-2008-7016 (tnftpd before 20080929 splits large command strings into multiple ...)
+CVE-2008-7016
 	NOT-FOR-US: tnftpd
-CVE-2008-7015 (Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel ...)
+CVE-2008-7015
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-7014 (fhttpd 0.4.2 allows remote attackers to cause a denial of service ...)
+CVE-2008-7014
 	NOT-FOR-US: fhttpd
-CVE-2008-7013 (NetService.dll in Baidu Hi IM allows remote servers to cause a denial ...)
+CVE-2008-7013
 	NOT-FOR-US: Baidu Hi IM
-CVE-2008-7012 (courier/1000@/api_error_email.html (aka &quot;error reporting page&quot;) in ...)
+CVE-2008-7012
 	NOT-FOR-US: Accellion File Transfer Appliance
-CVE-2008-7011 (The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal ...)
+CVE-2008-7011
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-7010 (Skalfa Software SkaLinks Exchange Script 1.5 allows remote attackers ...)
+CVE-2008-7010
 	NOT-FOR-US: Skalfa Software SkaLinks Exchange Script
-CVE-2008-7009 (Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security ...)
+CVE-2008-7009
 	NOT-FOR-US: Check Point ZoneAlarm Security Suite
-CVE-2008-7008 (HyperStop Web Host Directory 1.2 allows remote attackers to bypass ...)
+CVE-2008-7008
 	NOT-FOR-US: HyperStop Web Host Directory
-CVE-2008-7007 (Free PHP VX Guestbook 1.06 allows remote attackers to bypass ...)
+CVE-2008-7007
 	NOT-FOR-US: Free PHP VX Guestbook
-CVE-2008-7006 (Free PHP VX Guestbook 1.06 allows remote attackers to bypass ...)
+CVE-2008-7006
 	NOT-FOR-US: Free PHP VX Guestbook
-CVE-2008-7005 (include/modules/top/1-random_quote.php in Minb Is Not a Blog (minb) ...)
+CVE-2008-7005
 	NOT-FOR-US: Minb Is Not a Blog
-CVE-2008-7004 (Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown ...)
+CVE-2008-7004
 	NOT-FOR-US: Electronic Logbook
-CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat CMS ...)
+CVE-2008-7003
 	NOT-FOR-US: The Rat CMS
-CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir ...)
+CVE-2008-7002
 	- php5 (unimportant)
 	NOTE: safe-mode and basedir violations not treated as security issues
-CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in Creative ...)
+CVE-2008-7001
 	NOT-FOR-US: Creative Mind Creator CMS
-CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 ...)
+CVE-2008-7000
 	NOT-FOR-US: phpAuction
-CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote ...)
+CVE-2008-6999
 	NOT-FOR-US: phpAuction
-CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in ...)
+CVE-2008-6998
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers to ...)
+CVE-2008-6997
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6996 (Google Chrome BETA (0.2.149.27) does not prompt the user before saving ...)
+CVE-2008-6996
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6995 (Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome ...)
+CVE-2008-6995
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6994 (Stack-based buffer overflow in the SaveAs feature ...)
+CVE-2008-6994
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6993 (Siemens Gigaset WLAN Camera 1.27 has an insecure default password, ...)
+CVE-2008-6993
 	NOT-FOR-US: Siemens Gigaset WLAN Camera
-CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, ...)
+CVE-2008-6992
 	NOT-FOR-US: GreenSQL Firewall
-CVE-2008-6991 (SQL injection vulnerability in public/page.php in Websens CMSbright ...)
+CVE-2008-6991
 	NOT-FOR-US: CMSbright
-CVE-2008-6990 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...)
+CVE-2008-6990
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-6989 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...)
+CVE-2008-6989
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-6988 (Multiple cross-site scripting (XSS) vulnerabilities in Easy Photo ...)
+CVE-2008-6988
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-6987 (Unrestricted file upload vulnerability in eZoneScripts Dating Website ...)
+CVE-2008-6987
 	NOT-FOR-US: eZoneScripts Dating Website script
-CVE-2008-6986 (SQL injection vulnerability in the actionMultipleAddProduct function ...)
+CVE-2008-6986
 	NOT-FOR-US: Zen Cart
-CVE-2008-6985 (Multiple SQL injection vulnerabilities in ...)
+CVE-2008-6985
 	NOT-FOR-US: Zen Cart
-CVE-2008-6984 (Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, ...)
+CVE-2008-6984
 	NOT-FOR-US: Plesk
-CVE-2008-6983 (modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers ...)
+CVE-2008-6983
 	NOT-FOR-US: devalcms
-CVE-2008-6982 (Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a ...)
+CVE-2008-6982
 	NOT-FOR-US: devalcms
-CVE-2008-6981 (index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers ...)
+CVE-2008-6981
 	NOT-FOR-US: phpAdultSite CMS
-CVE-2008-6980 (SQL injection vulnerability in as_archives.php in phpAdultSite CMS, ...)
+CVE-2008-6980
 	NOT-FOR-US: phpAdultSite CMS
-CVE-2008-6979 (Cross-site scripting (XSS) vulnerability in as_archives.php in ...)
+CVE-2008-6979
 	NOT-FOR-US: phpAdultSite CMS
-CVE-2008-6978 (Unrestricted file upload vulnerability in Full Revolution aspWebAlbum ...)
+CVE-2008-6978
 	NOT-FOR-US: aspWebAlbum
-CVE-2008-6977 (Cross-site scripting (XSS) vulnerability in album.asp in Full ...)
+CVE-2008-6977
 	NOT-FOR-US: aspWebAlbum
-CVE-2008-6976 (MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows ...)
+CVE-2008-6976
 	NOT-FOR-US: MicroTik RouterOS
-CVE-2008-6975 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-6975
 	NOT-FOR-US: DD-WRT
-CVE-2008-6974 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-6974
 	NOT-FOR-US: DD-WRT
-CVE-2008-6973 (Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 ...)
+CVE-2008-6973
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-6961 (mailnews in Mozilla Thunderbird before 2.0.0.18 and SeaMonkey before ...)
+CVE-2008-6961
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-6972 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content ...)
+CVE-2008-6972
 	NOT-FOR-US: Drupal Content Construction Kit (third-party module)
-CVE-2008-6971 (The password reset functionality in Simple Machines Forum (SMF) 1.0.x ...)
+CVE-2008-6971
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6970 (SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 ...)
+CVE-2008-6970
 	NOT-FOR-US: UBB.threads
-CVE-2008-6969 (Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in ...)
+CVE-2008-6969
 	NOT-FOR-US: Avactis Shopping Cart
-CVE-2008-6968 (Multiple SQL injection vulnerabilities in submit.php in Pligg CMS ...)
+CVE-2008-6968
 	NOT-FOR-US: Pligg CMS
-CVE-2008-6967 (Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon ...)
+CVE-2008-6967
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2008-6966 (AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does ...)
+CVE-2008-6966
 	NOT-FOR-US: AJ Square AJ Auction Pro Platinum Skin #1
-CVE-2008-6965 (AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, ...)
+CVE-2008-6965
 	NOT-FOR-US: AJ Square AJ Auction OOPD
-CVE-2008-6964 (SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows ...)
+CVE-2008-6964
 	NOT-FOR-US: X7 Chat
-CVE-2008-6963 (admin.php in TurnkeyForms Text Link Sales allows remote attackers to ...)
+CVE-2008-6963
 	NOT-FOR-US: TurnkeyForms Text Link Sales
-CVE-2008-6962 (Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, ...)
+CVE-2008-6962
 	NOT-FOR-US: Avira AntiVir Premium
-CVE-2008-6960 (download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 ...)
+CVE-2008-6960
 	NOT-FOR-US: X10media
-CVE-2008-6959 (Insecure method vulnerability in the Chilkat Socket ActiveX control ...)
+CVE-2008-6959
 	NOT-FOR-US: ActiveX
-CVE-2008-6958 (wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote ...)
+CVE-2008-6958
 	NOT-FOR-US: Crossday Discuz! Board
-CVE-2008-6957 (member.php in Crossday Discuz! Board allows remote attackers to reset ...)
+CVE-2008-6957
 	NOT-FOR-US: Crossday Discuz! Board
-CVE-2008-6956 (Static code injection vulnerability in admin/admin.php in mxCamArchive ...)
+CVE-2008-6956
 	NOT-FOR-US: mxCamArchive
-CVE-2008-6955 (mxCamArchive 2.2 stores sensitive information under the web root with ...)
+CVE-2008-6955
 	NOT-FOR-US: mxCamArchive
-CVE-2008-6954 (The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote ...)
+CVE-2008-6954
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2008-6953 (Buffer overflow in oovoo.exe in ooVoo 1.7.1.35, and possibly other ...)
+CVE-2008-6953
 	NOT-FOR-US: ooVoo
-CVE-2008-6952 (SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier ...)
+CVE-2008-6952
 	NOT-FOR-US: MauryCMS
-CVE-2008-6951 (MauryCMS 0.53.2 and earlier does not require administrative ...)
+CVE-2008-6951
 	NOT-FOR-US: MauryCMS
-CVE-2008-6950 (Multiple SQL injection vulnerabilities in login.asp in Bankoi ...)
+CVE-2008-6950
 	NOT-FOR-US: Bankoi WebHosting Control Panel
-CVE-2008-6949 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-6949
 	NOT-FOR-US: Collabtive
-CVE-2008-6948 (Unrestricted file upload vulnerability in Collabtive 0.4.8 allows ...)
+CVE-2008-6948
 	NOT-FOR-US: Collabtive
-CVE-2008-6947 (Collabtive 0.4.8 allows remote attackers to bypass authentication and ...)
+CVE-2008-6947
 	NOT-FOR-US: Collabtive
-CVE-2008-6946 (Cross-site scripting (XSS) vulnerability in manageproject.php in ...)
+CVE-2008-6946
 	NOT-FOR-US: Collabtive
-CVE-2008-6945 (Multiple cross-site scripting (XSS) vulnerabilities in Interchange 5.7 ...)
+CVE-2008-6945
 	- interchange 5.6.1-1 (low; bug #505732)
-CVE-2008-6944 (Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds ...)
+CVE-2008-6944
 	NOT-FOR-US: ScriptsFeed Auto Classifieds
-CVE-2008-6943 (Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing ...)
+CVE-2008-6943
 	NOT-FOR-US: ScriptsFeed Recipes Listing Portal
-CVE-2008-6942 (Unrestricted file upload vulnerability in ScriptsFeed Realtor ...)
+CVE-2008-6942
 	NOT-FOR-US: ScriptsFeed Realtor Classifieds System
-CVE-2008-6941 (SQL injection vulnerability in the login functionality in TurnkeyForms ...)
+CVE-2008-6941
 	NOT-FOR-US: TurnkeyForms Web Hosting Directory
-CVE-2008-6940 (TurnkeyForms Web Hosting Directory stores sensitive information under ...)
+CVE-2008-6940
 	NOT-FOR-US: TurnkeyForms Web Hosting Directory
-CVE-2008-6939 (TurnkeyForms Web Hosting Directory allows remote attackers to bypass ...)
+CVE-2008-6939
 	NOT-FOR-US: TurnkeyForms Web Hosting Directory
-CVE-2008-6938 (Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop ...)
+CVE-2008-6938
 	NOT-FOR-US: Pi3Web
-CVE-2008-6937 (Argument injection vulnerability in Exodus 0.10 allows remote ...)
+CVE-2008-6937
 	NOT-FOR-US: Exodus
-CVE-2008-6936 (Argument injection vulnerability in Exodus 0.10 allows remote ...)
+CVE-2008-6936
 	NOT-FOR-US: Exodus
-CVE-2008-6935 (Argument injection vulnerability in Exodus 0.10 allows remote ...)
+CVE-2008-6935
 	NOT-FOR-US: Exodus
-CVE-2008-6934 (Static code injection vulnerability in Sanus|artificium (aka Sanusart) ...)
+CVE-2008-6934
 	NOT-FOR-US: Sanus|artificium (aka Sanusart)
-CVE-2008-6933 (Directory traversal vulnerability in index.php in MiniGal b13 (aka ...)
+CVE-2008-6933
 	NOT-FOR-US: MiniGal
-CVE-2008-6932 (Unrestricted file upload vulnerability in submit_file.php in ...)
+CVE-2008-6932
 	NOT-FOR-US: AlstraSoft SendIt Pro
-CVE-2008-6931 (Unrestricted file upload vulnerability in PHPStore Job Search (aka ...)
+CVE-2008-6931
 	NOT-FOR-US: PHPStore Job Search (aka PHPCareers)
-CVE-2008-6930 (Unrestricted file upload vulnerability in PHPStore Real Estate allows ...)
+CVE-2008-6930
 	NOT-FOR-US: PHPStore Real Estate
-CVE-2008-6929 (Unrestricted file upload vulnerability in PHPStore Auto Classifieds ...)
+CVE-2008-6929
 	NOT-FOR-US: PHPStore Auto Classifieds
-CVE-2008-6928 (Unrestricted file upload vulnerability in PHPStore Complete ...)
+CVE-2008-6928
 	NOT-FOR-US: PHPStore Complete Classifieds
-CVE-2008-6927 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-6927
 	NOT-FOR-US: cPanel
-CVE-2008-6926 (Directory traversal vulnerability in ...)
+CVE-2008-6926
 	NOT-FOR-US: cPanel
-CVE-2008-6925 (Cross-site scripting (XSS) vulnerability in function.php in Zenphoto ...)
+CVE-2008-6925
 	NOT-FOR-US: Zenphoto
-CVE-2008-6924 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
+CVE-2008-6924
 	NOT-FOR-US: eSyndiCat Directory
-CVE-2008-6923 (SQL injection vulnerability in the content component (com_content) ...)
+CVE-2008-6923
 	NOT-FOR-US: Joomla!
-CVE-2008-6922 (Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer ...)
+CVE-2008-6922
 	NOT-FOR-US: CMailServer
-CVE-2008-6921 (Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 ...)
+CVE-2008-6921
 	NOT-FOR-US: phpAdBoard
-CVE-2008-6920 (Unrestricted file upload vulnerability in auth.php in phpEmployment ...)
+CVE-2008-6920
 	NOT-FOR-US: phpEmployment
-CVE-2008-6919 (profileedit.php TaskDriver 1.3 and earlier allows remote attackers to ...)
+CVE-2008-6919
 	NOT-FOR-US: TaskDriver 1.3
-CVE-2008-6918 (Unrestricted file upload vulnerability in admin/galeria.php in ...)
+CVE-2008-6918
 	NOT-FOR-US: ThePortal2
 CVE-2008-7291 [gri: insecure temp file generation]
 	RESERVED
 	- gri 2.12.18-1 (low)
 	[etch] - gri <no-dsa> (Minor issue)
 	[lenny] - gri <no-dsa> (Minor issue)
-CVE-2008-6917 (SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 ...)
+CVE-2008-6917
 	NOT-FOR-US: ExoPHPDesk
-CVE-2008-6916 (Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote ...)
+CVE-2008-6916
 	NOT-FOR-US: Siemens SpeedStream 5200
-CVE-2008-6915 (Cross-site scripting (XSS) vulnerability in view_prop_details.php in ...)
+CVE-2008-6915
 	NOT-FOR-US: Zeeways ZEEPROPERTY
-CVE-2008-6914 (Unrestricted file upload vulnerability in viewprofile.php in Zeeways ...)
+CVE-2008-6914
 	NOT-FOR-US: Zeeways ZEEPROPERTY
-CVE-2008-6913 (Unrestricted file upload vulnerability in editresume_next.php in ...)
+CVE-2008-6913
 	NOT-FOR-US: Zeeways ZEEPROPERTY
-CVE-2008-6912 (Zeeways SHAADICLONE 2.0 allows remote attackers to bypass ...)
+CVE-2008-6912
 	NOT-FOR-US: Zeeways SHAADICLONE
-CVE-2008-6911 (SQL injection vulnerability in the authenticateUser function in ...)
+CVE-2008-6911
 	NOT-FOR-US: BrewBlogger
-CVE-2008-6910 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for ...)
+CVE-2008-6910
 	NOT-FOR-US: module for Drupal
-CVE-2008-6909 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for ...)
+CVE-2008-6909
 	NOT-FOR-US: module for Drupal
-CVE-2008-6908 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for ...)
+CVE-2008-6908
 	NOT-FOR-US: module for Drupal
-CVE-2008-6907 (Multiple SQL injection vulnerabilities in checkuser.php in 2532designs ...)
+CVE-2008-6907
 	NOT-FOR-US: 2532designs 2532|Gigs
-CVE-2008-6906 (Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard ...)
+CVE-2008-6906
 	NOT-FOR-US: BabbleBoard
-CVE-2008-6905 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+CVE-2008-6905
 	NOT-FOR-US: BabbleBoard
-CVE-2008-6904 (Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for ...)
+CVE-2008-6904
 	NOT-FOR-US: Sophos SAVScan
-CVE-2008-6903 (Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows ...)
+CVE-2008-6903
 	NOT-FOR-US: Sophos SAVScan
-CVE-2008-6902 (Unrestricted file upload vulnerability in upload_flyer.php in ...)
+CVE-2008-6902
 	NOT-FOR-US: 2532designs
-CVE-2008-6901 (Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs ...)
+CVE-2008-6901
 	NOT-FOR-US: 2532designs
-CVE-2008-6900 (Unrestricted file upload vulnerability in &quot;Add Pen/Author Name&quot; ...)
+CVE-2008-6900
 	NOT-FOR-US: AvailScript Article Script
-CVE-2008-6899 (Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated ...)
+CVE-2008-6899
 	NOT-FOR-US: freeSSHd
-CVE-2008-6898 (Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for ...)
+CVE-2008-6898
 	NOT-FOR-US: ActiveX control
-CVE-2008-6897 (Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 ...)
+CVE-2008-6897
 	NOT-FOR-US: Andres Garcia Getleft
-CVE-2008-6896 (login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is ...)
+CVE-2008-6896
 	NOT-FOR-US: 3CX Phone System
-CVE-2008-6895 (3CX Phone System 6.0.806.0 allows remote attackers to cause a denial ...)
+CVE-2008-6895
 	NOT-FOR-US: 3CX Phone System
-CVE-2008-6894 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+CVE-2008-6894
 	NOT-FOR-US: 3CX Phone System
-CVE-2008-6893 (Cross-site scripting (XSS) vulnerability in Alt-N MDaemon WorldClient ...)
+CVE-2008-6893
 	NOT-FOR-US: MDaemon WorldClient
-CVE-2008-6892 (SQL injection vulnerability in lire/index.php in Peel 3.1 allows ...)
+CVE-2008-6892
 	NOT-FOR-US: Peel
-CVE-2008-6891 (Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum ...)
+CVE-2008-6891
 	NOT-FOR-US: ASP Forum Script
-CVE-2008-6890 (SQL injection vulnerability in messages.asp in ASP Forum Script allows ...)
+CVE-2008-6890
 	NOT-FOR-US: ASP Forum Script
-CVE-2008-6889 (SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 ...)
+CVE-2008-6889
 	NOT-FOR-US: ASPReferral
-CVE-2008-6888 (Cross-site scripting (XSS) vulnerability in signup.asp in Pre ...)
+CVE-2008-6888
 	NOT-FOR-US: Pre Classified Listings
-CVE-2008-6887 (SQL injection vulnerability in detailad.asp in Pre Classified Listings ...)
+CVE-2008-6887
 	NOT-FOR-US: Pre Classified Listings
-CVE-2008-6886 (RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict ...)
+CVE-2008-6886
 	NOT-FOR-US: RSA EnVision
-CVE-2008-6885 (Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1 ...)
+CVE-2008-6885
 	NOT-FOR-US: XOOPS
-CVE-2008-6884 (Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when ...)
+CVE-2008-6884
 	NOT-FOR-US: XOOPS
-CVE-2008-6883 (SQL injection vulnerability in the Live Chat (com_livechat) component ...)
+CVE-2008-6883
 	NOT-FOR-US: Joomla!
-CVE-2008-6882 (Live Chat (com_livechat) component 1.0 for Joomla! allows remote ...)
+CVE-2008-6882
 	NOT-FOR-US: Joomla!
-CVE-2008-6881 (Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) ...)
+CVE-2008-6881
 	NOT-FOR-US: Joomla!
-CVE-2008-6880 (SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes ...)
+CVE-2008-6880
 	NOT-FOR-US: EasySiteNetwork Free Jokes Website
-CVE-2008-6879 (Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, ...)
+CVE-2008-6879
 	NOT-FOR-US: Apache Roller
-CVE-2008-6878 (** DISPUTED ** Directory traversal vulnerability in ...)
+CVE-2008-6878
 	NOT-FOR-US: Zen Cart
-CVE-2008-6877 (** DISPUTED ** ...)
+CVE-2008-6877
 	NOT-FOR-US: Zen Cart
-CVE-2008-6876 (Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires ...)
+CVE-2008-6876
 	NOT-FOR-US: EsPartenaires
-CVE-2008-6875 (SQL injection vulnerability in default.asp in ASP Product Catalog ...)
+CVE-2008-6875
 	NOT-FOR-US: ASP Product Catalog
-CVE-2008-6874 (Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 ...)
+CVE-2008-6874
 	NOT-FOR-US: ASP SiteWare autoDealer
-CVE-2008-6873 (SQL injection vulnerability in Active Web Mail 4.0 allows remote ...)
+CVE-2008-6873
 	NOT-FOR-US: Active Web Mail 4.0
-CVE-2008-6872 (ASPThai.NET ASPThai Forums 8.5 stores sensitive information under the ...)
+CVE-2008-6872
 	NOT-FOR-US: ASPThai.NET ASPThai Forums
-CVE-2008-6871 (Merlix Educate Server stores db.mdb under the web root with ...)
+CVE-2008-6871
 	NOT-FOR-US: Merlix Educate Server
-CVE-2008-6870 (Merlix Educate Server allows remote attackers to bypass intended ...)
+CVE-2008-6870
 	NOT-FOR-US: Merlix Educate Server
-CVE-2008-6869 (Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive ...)
+CVE-2008-6869
 	NOT-FOR-US: Oramon Oracle Database Monitoring Tool
-CVE-2008-6868 (Cross-site scripting (XSS) vulnerability in default/login.php in ...)
+CVE-2008-6868
 	NOT-FOR-US: EsBaseAdmin
-CVE-2008-6867 (SQL injection vulnerability in content.php in Scripts For Sites (SFS) ...)
+CVE-2008-6867
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6866 (SQL injection vulnerability in modules.php in the Current_Issue module ...)
+CVE-2008-6866
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6865 (SQL injection vulnerability in modules.php in the Sectionsnew module ...)
+CVE-2008-6865
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6864 (Xigla Software Absolute Live Support .NET 5.1 allows remote attackers ...)
+CVE-2008-6864
 	NOT-FOR-US: Xigla Software Absolute Live Support .NET
-CVE-2008-6863 (Xigla Software Absolute Form Processor .NET 4.0 allows remote ...)
+CVE-2008-6863
 	NOT-FOR-US: Xigla Software
-CVE-2008-6862 (Absolute Content Rotator 6.0 allows remote attackers to bypass ...)
+CVE-2008-6862
 	NOT-FOR-US: Absolute Content Rotator
-CVE-2008-6861 (Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers ...)
+CVE-2008-6861
 	NOT-FOR-US: Xigla Software Absolute Newsletter
-CVE-2008-6860 (Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to ...)
+CVE-2008-6860
 	NOT-FOR-US: Xigla Software Absolute Poll Manager
-CVE-2008-6859 (Xigla Software Absolute Control Panel XE 1.5 allows remote attackers ...)
+CVE-2008-6859
 	NOT-FOR-US: Xigla Software Absolute Control Panel
-CVE-2008-6858 (Absolute Banner Manager .NET 4.0 allows remote attackers to bypass ...)
+CVE-2008-6858
 	NOT-FOR-US: Absolute Banner Manager .NET
-CVE-2008-6857 (Absolute Podcast .NET 1.0 allows remote attackers to bypass ...)
+CVE-2008-6857
 	NOT-FOR-US: Absolute Podcast .NET
-CVE-2008-6856 (Xigla Software Absolute News Manager.NET 5.1 allows remote attackers ...)
+CVE-2008-6856
 	NOT-FOR-US: Xigla Software Absolute News Manager.NET
-CVE-2008-6855 (Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote ...)
+CVE-2008-6855
 	NOT-FOR-US: Xigla Software Absolute News Feed
-CVE-2008-6854 (Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to ...)
+CVE-2008-6854
 	NOT-FOR-US: Xigla Software Absolute FAQ Manager.NET
-CVE-2008-6853 (SQL injection vulnerability in modules/poll/index.php in AIST NetCat ...)
+CVE-2008-6853
 	NOT-FOR-US: AIST NetCat
-CVE-2008-6852 (SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 ...)
+CVE-2008-6852
 	NOT-FOR-US: Joomla! component
-CVE-2008-6851 (SQL injection vulnerability in page.php in PHP Link Directory (phpLD) ...)
+CVE-2008-6851
 	NOT-FOR-US: PHP Link Directory
-CVE-2008-6850 (Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion ...)
+CVE-2008-6850
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-6849 (Unrestricted file upload vulnerability in index.php in phpGreetCards ...)
+CVE-2008-6849
 	NOT-FOR-US: phpGreetCards
-CVE-2008-6848 (Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards ...)
+CVE-2008-6848
 	NOT-FOR-US: phpGreetCards
-CVE-2008-6847 (Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in ...)
+CVE-2008-6847
 	NOT-FOR-US: Pre ASP Job Board
-CVE-2008-6846 (Multiple stack-based buffer overflows in avast! Linux Home Edition ...)
+CVE-2008-6846
 	NOT-FOR-US: avast! Linux Home Edition
-CVE-2008-6845 (The unpack feature in ClamAV 0.93.3 and earlier allows remote ...)
+CVE-2008-6845
 	- clamav 0.94.dfsg-1
 	[etch] - clamav <no-dsa> (Support was discontinued)
-CVE-2008-6844 (The registration view (/user/register) in eZ Publish 3.5.6 and ...)
+CVE-2008-6844
 	NOT-FOR-US: eZ Publish
-CVE-2008-6843 (Directory traversal vulnerability in index.php in Fantastico, as used ...)
+CVE-2008-6843
 	NOT-FOR-US: Fantastico
-CVE-2008-6842 (Directory traversal vulnerability in ...)
+CVE-2008-6842
 	NOT-FOR-US: Pluck
-CVE-2008-6841 (PHP remote file inclusion vulnerability in the Green Mountain ...)
+CVE-2008-6841
 	NOT-FOR-US: component for Joomla!
-CVE-2008-6840 (Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 ...)
+CVE-2008-6840
 	NOT-FOR-US: V-webmail
-CVE-2008-6839 (Multiple cross-site scripting (XSS) vulnerabilities in TGS Content ...)
+CVE-2008-6839
 	NOT-FOR-US: TGS Content Management
-CVE-2008-6838 (Cross-site scripting (XSS) vulnerability in search.php in Zoph 0.7.2.1 ...)
+CVE-2008-6838
 	- zoph 0.8.0.1-1 (low; bug #535188)
 	[lenny] - zoph <no-dsa> (Minor issue, fringe package)
 	NOTE: it seems a duplicate of CVE-2008-3258
-CVE-2008-6837 (SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to ...)
+CVE-2008-6837
 	- zoph 0.8.0.1-1 (bug #535188)
 	[lenny] - zoph <no-dsa> (Minor issue, fringe package)
 	NOTE: the details are unknown
-CVE-2008-6836 (Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before ...)
+CVE-2008-6836
 	NOT-FOR-US: OpenID module for Drupal
-CVE-2008-6835 (Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, ...)
+CVE-2008-6835
 	NOT-FOR-US: OpenID module for Drupal
-CVE-2008-6834 (Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 ...)
+CVE-2008-6834
 	NOT-FOR-US: fuzzylime
-CVE-2008-6833 (Directory traversal vulnerability in commsrss.php in fuzzylime (cms) ...)
+CVE-2008-6833
 	NOT-FOR-US: fuzzylime
-CVE-2008-6832 (Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA ...)
+CVE-2008-6832
 	NOT-FOR-US: Atlassian JIRA Enterprise Edition
-CVE-2008-6831 (Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA ...)
+CVE-2008-6831
 	NOT-FOR-US: Atlassian JIRA Enterprise Edition
-CVE-2008-6830 (The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for ...)
+CVE-2008-6830
 	NOT-FOR-US: Java Application Servers
-CVE-2008-6829 (VicFTPS 5.0 allows remote attackers to cause a denial of service ...)
+CVE-2008-6829
 	NOT-FOR-US: VicFTPS
-CVE-2008-6828 (Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the ...)
+CVE-2008-6828
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-6827 (The ListView control in the Client GUI (AClient.exe) in Symantec ...)
+CVE-2008-6827
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-6826 (dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary ...)
+CVE-2008-6826
 	NOT-FOR-US: MHF Media Pro
-CVE-2008-6825 (Directory traversal vulnerability in user/index.php in Fonality ...)
+CVE-2008-6825
 	NOT-FOR-US: trixbox
-CVE-2008-6824 (The management interface on the A-LINK WL54AP3 and WL54AP2 access ...)
+CVE-2008-6824
 	NOT-FOR-US: A-LINK WL54AP3 and WL54AP2 access points
-CVE-2008-6823 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2008-6823
 	NOT-FOR-US: A-LINK WL54AP3 and WL54AP2 access points
-CVE-2008-6822 (Unrestricted file upload vulnerability in uploadp.php in New Earth ...)
+CVE-2008-6822
 	NOT-FOR-US: NEPT Image Uploader
-CVE-2008-6821 (Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before ...)
+CVE-2008-6821
 	NOT-FOR-US: IBM DB2
-CVE-2008-6820 (The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 ...)
+CVE-2008-6820
 	NOT-FOR-US: IBM DB2
-CVE-2008-6819 (win32k.sys in Microsoft Windows Server 2003 and Vista allows local ...)
+CVE-2008-6819
 	NOT-FOR-US: Microsoft Windows Server 2003 and Vista
-CVE-2008-6818 (Mole Group Real Estate Script 1.1 and earlier stores passwords in ...)
+CVE-2008-6818
 	NOT-FOR-US: Mole Group Real Estate Script
-CVE-2008-6817 (Mole Group Lastminute Script 4.0 and earlier stores passwords in ...)
+CVE-2008-6817
 	NOT-FOR-US: Mole Group Lastminute Script
-CVE-2008-6816 (Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows ...)
+CVE-2008-6816
 	NOT-FOR-US: Eaton
-CVE-2008-6815 (mykdownload.php in MyKtools 2.4 does not require administrative ...)
+CVE-2008-6815
 	NOT-FOR-US: MyKtools
-CVE-2008-6814 (Unrestricted file upload vulnerability in image_upload.php in the ...)
+CVE-2008-6814
 	NOT-FOR-US: SimpleBoard for Mambo
-CVE-2008-6813 (SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL ...)
+CVE-2008-6813
 	NOT-FOR-US: phpWebNews
-CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL ...)
+CVE-2008-6812
 	NOT-FOR-US: phpWebNews
-CVE-2008-6811 (Unrestricted file upload vulnerability in image_processing.php in the ...)
+CVE-2008-6811
 	NOT-FOR-US: e-Commerce Plugin for Wordpress
-CVE-2008-6810 (Multiple SQL injection vulnerabilities in admin/checklogin.php in ...)
+CVE-2008-6810
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6809 (SQL injection vulnerability in hotel_habitaciones.php in Venalsur ...)
+CVE-2008-6809
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6808 (SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ ...)
+CVE-2008-6808
 	NOT-FOR-US: SFS Link Directory
-CVE-2008-6807 (PHP remote file inclusion vulnerability in ListRecords.php in osprey ...)
+CVE-2008-6807
 	NOT-FOR-US: osprey
-CVE-2008-6806 (Unrestricted file upload vulnerability in includes/imageupload.php in ...)
+CVE-2008-6806
 	NOT-FOR-US: 7Shop
-CVE-2008-6805 (Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when ...)
+CVE-2008-6805
 	NOT-FOR-US: Mic_Blog
-CVE-2008-6804 (** DISPUTED ** Tribiq CMS 5.0.9a beta allows remote attackers to ...)
+CVE-2008-6804
 	NOT-FOR-US: Tribiq CMS Community
-CVE-2008-6803 (SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi ...)
+CVE-2008-6803
 	NOT-FOR-US: Yigit Aybuga Dizi Portali
-CVE-2008-6802 (Multiple SQL injection vulnerabilities in index.php in phPhotoGallery ...)
+CVE-2008-6802
 	NOT-FOR-US: phPhotoGallery
-CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before ...)
+CVE-2008-6801
 	NOT-FOR-US: Vivvo CMS
 CVE-2008-6800
 	REJECTED
-CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to bypass ...)
+CVE-2008-6799
 	NOT-FOR-US: FlashChat
-CVE-2008-6798 (Multiple SQL injection vulnerabilities in login.php in Pre Projects ...)
+CVE-2008-6798
 	NOT-FOR-US: Pre Real Estate Listings
-CVE-2008-6797 (The server in Mitel NuPoint Messenger R11 and R3 sends usernames and ...)
+CVE-2008-6797
 	NOT-FOR-US: Mitel NuPoint Messenger
-CVE-2008-6796 (SQL injection vulnerability in manager/login.php in Pre Projects Pre ...)
+CVE-2008-6796
 	NOT-FOR-US: Pre Real Estate Listings
-CVE-2008-6795 (SQL injection vulnerability in view_news.php in nicLOR ...)
+CVE-2008-6795
 	NOT-FOR-US: nicLOR Vibro-School-CMS
-CVE-2008-6794 (SQL injection vulnerability in directory.php in Scripts For Sites ...)
+CVE-2008-6794
 	NOT-FOR-US: Scripts For Sites (SFS)
-CVE-2008-6793 (The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, ...)
+CVE-2008-6793
 	NOT-FOR-US: DFLabs
-CVE-2008-6792 (system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used ...)
+CVE-2008-6792
 	- system-tools-backends 2.6.0-6.1 (low; bug #527952)
 	[lenny] - system-tools-backends 2.6.0-2lenny3
 	[etch] - system-tools-backends <not-affected> (SHA was added to crypt(3) post-etch)
-CVE-2008-6791 (PumpKIN TFTP Server 2.7.2.0 allows remote attackers to cause a denial ...)
+CVE-2008-6791
 	NOT-FOR-US: PumpKIN TFTP Server
-CVE-2008-6790 (The admin module in MindDezign Photo Gallery 2.2 allows remote ...)
+CVE-2008-6790
 	NOT-FOR-US: MindDezign Photo Gallery
-CVE-2008-6789 (SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows ...)
+CVE-2008-6789
 	NOT-FOR-US: MindDezign Photo Gallery
-CVE-2008-6788 (SQL injection vulnerability in MindDezign Photo Gallery 2.2, when ...)
+CVE-2008-6788
 	NOT-FOR-US: MindDezign Photo Gallery
-CVE-2008-6787 (SQL injection vulnerability in administrator/index.php in Lizardware ...)
+CVE-2008-6787
 	NOT-FOR-US: Lizardware CMS
-CVE-2008-6786 (Multiple directory traversal vulnerabilities in geekigeeki.py in ...)
+CVE-2008-6786
 	NOT-FOR-US: GeekiGeeki
-CVE-2008-6785 (Unrestricted file upload vulnerability in Mini File Host 1.5 allows ...)
+CVE-2008-6785
 	NOT-FOR-US: Mini File Host
-CVE-2008-6784 (SQL injection vulnerability in directory.php in Scripts For Sites ...)
+CVE-2008-6784
 	NOT-FOR-US: EZ Adult Directory
-CVE-2008-6783 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
+CVE-2008-6783
 	NOT-FOR-US: EZ Home Business Directory
-CVE-2008-6782 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
+CVE-2008-6782
 	NOT-FOR-US: EZ Hosting Directory
-CVE-2008-6781 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
+CVE-2008-6781
 	NOT-FOR-US: Gaming Directory
-CVE-2008-6780 (SQL injection vulnerability in directory.php in Scripts for Sites ...)
+CVE-2008-6780
 	NOT-FOR-US: EZ Affiliate
-CVE-2008-6779 (SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows ...)
+CVE-2008-6779
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6778 (SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) ...)
+CVE-2008-6778
 	NOT-FOR-US: EZ Auction
-CVE-2008-6777 (Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier ...)
+CVE-2008-6777
 	NOT-FOR-US: MyPHP Forum
-CVE-2008-6776 (SQL injection vulnerability in viewcomments.php in Scripts For Sites ...)
+CVE-2008-6776
 	NOT-FOR-US: EZ Hot or Not
-CVE-2008-6775 (HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to ...)
+CVE-2008-6775
 	NOT-FOR-US: HTC Touch
-CVE-2008-6774 (internettoolbar/edit.php in YourPlace 1.0.2 and earlier does not end ...)
+CVE-2008-6774
 	NOT-FOR-US: YourPlace
-CVE-2008-6773 (Static code injection vulnerability in user/internettoolbar/edit.php ...)
+CVE-2008-6773
 	NOT-FOR-US: YourPlace
-CVE-2008-6772 (login/register_form.php in YourPlace 1.0.2 and earlier does not check ...)
+CVE-2008-6772
 	NOT-FOR-US: YourPlace
-CVE-2008-6771 (YourPlace 1.0.2 and earlier allows remote attackers to obtain ...)
+CVE-2008-6771
 	NOT-FOR-US: YourPlace
-CVE-2008-6770 (YourPlace 1.0.2 and earlier stores sensitive information under the web ...)
+CVE-2008-6770
 	NOT-FOR-US: YourPlace
-CVE-2008-6769 (Unrestricted file upload vulnerability in upload.php in YourPlace ...)
+CVE-2008-6769
 	NOT-FOR-US: YourPlace
-CVE-2008-6768 (Unrestricted file upload vulnerability in admin/editor/images.php in ...)
+CVE-2008-6768
 	NOT-FOR-US: K&S Shopsoftware
-CVE-2008-6767 (wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote ...)
+CVE-2008-6767
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #531736)
 	NOTE: low impact, probably no-dsa
-CVE-2008-6766 (cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote ...)
+CVE-2008-6766
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6765 (ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access ...)
+CVE-2008-6765
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6764 (Cross-site scripting (XSS) vulnerability in login.php in Silentum ...)
+CVE-2008-6764
 	NOT-FOR-US: Silentum LoginSys
-CVE-2008-6763 (login2.php in Silentum LoginSys 1.0.0 allows remote attackers to ...)
+CVE-2008-6763
 	NOT-FOR-US: Silentum LoginSys
-CVE-2008-6762 (Open redirect vulnerability in wp-admin/upgrade.php in WordPress, ...)
+CVE-2008-6762
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #531736)
 	NOTE: low impact, probably no-dsa
-CVE-2008-6761 (Static code injection vulnerability in admin/install.php in ...)
+CVE-2008-6761
 	NOT-FOR-US: Flexcustomer
-CVE-2008-6760 (ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain ...)
+CVE-2008-6760
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6759 (ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain ...)
+CVE-2008-6759
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6758 (Cross-site request forgery (CSRF) vulnerability in cart_save.php in ...)
+CVE-2008-6758
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6757 (Cross-site scripting (XSS) vulnerability in manuals_search.php in ...)
+CVE-2008-6757
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6756 (ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for ...)
+CVE-2008-6756
 	- zoneminder 1.22.3-5
-CVE-2008-6755 (ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to ...)
+CVE-2008-6755
 	- zoneminder 1.24.1-1 (unimportant; bug #528252)
 	NOTE: we are also affected but this is not a security issue by itself even if it's ugly
-CVE-2008-6754 (The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote ...)
+CVE-2008-6754
 	NOT-FOR-US: vBullerin addon
-CVE-2008-6753 (SQL injection vulnerability in SilverStripe before 2.2.2 allows remote ...)
+CVE-2008-6753
 	NOT-FOR-US: SilverStripe
-CVE-2008-6752 (adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou ...)
+CVE-2008-6752
 	NOT-FOR-US: Twitter Clone (TClone) plugin for ReVou Micro Blogging
-CVE-2008-6751 (Unrestricted file upload vulnerability in index.php in the Twitter ...)
+CVE-2008-6751
 	NOT-FOR-US: Twitter Clone (TClone) plugin for ReVou Micro Blogging
-CVE-2008-6750 (Unrestricted file upload vulnerability in add.php in FlexPHPDirectory ...)
+CVE-2008-6750
 	NOT-FOR-US: FlexPHPDirectory
-CVE-2008-6749 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...)
+CVE-2008-6749
 	NOT-FOR-US: FlexPHPDirectory
-CVE-2008-6748 (Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers ...)
+CVE-2008-6748
 	NOT-FOR-US: Megacubo
-CVE-2008-6747 (dotProject before 2.1.2 does not properly restrict access to ...)
+CVE-2008-6747
 	NOT-FOR-US: dotProject
-CVE-2008-6746 (Cross-site scripting (XSS) vulnerability in the contact display view ...)
+CVE-2008-6746
 	NOT-FOR-US: Turba Contact Manager
-CVE-2008-6745 (index.php in BlogPHP 2.0 allows remote attackers to gain administrator ...)
+CVE-2008-6745
 	NOT-FOR-US: BlogPHP
-CVE-2008-6744 (Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, ...)
+CVE-2008-6744
 	NOT-FOR-US: Cybozu Office
-CVE-2008-6743 (RSMScript 1.21 allows remote attackers to bypass authentication and ...)
+CVE-2008-6743
 	NOT-FOR-US: RSMScript
-CVE-2008-6742 (Foxy P2P software allows remote attackers to cause a denial of service ...)
+CVE-2008-6742
 	NOT-FOR-US: Foxy P2P
-CVE-2008-6741 (SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) ...)
+CVE-2008-6741
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6740 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6740
 	NOT-FOR-US: HoMaP-CMS
-CVE-2008-6739 (Todd Woolums ASP Download management script 1.03 does not require ...)
+CVE-2008-6739
 	NOT-FOR-US: Todd Woolums ASP Download management script
-CVE-2008-6738 (MyShoutPro 1.2 allows remote attackers to bypass authentication and ...)
+CVE-2008-6738
 	NOT-FOR-US: MyShoutPro
-CVE-2008-6737 (Crysis 1.21 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2008-6737
 	NOT-FOR-US: Crysis
-CVE-2008-6736 (Flat Calendar 1.1 does not properly restrict access to administrative ...)
+CVE-2008-6736
 	NOT-FOR-US: Flat Calendar
-CVE-2008-6735 (Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 ...)
+CVE-2008-6735
 	NOT-FOR-US: ThaiQuickCart
-CVE-2008-6734 (Directory traversal vulnerability in Public/index.php in Keller Web ...)
+CVE-2008-6734
 	NOT-FOR-US: Keller Web Admin CMS
-CVE-2008-6733 (Cross-site scripting (XSS) vulnerability in the error handling page in ...)
+CVE-2008-6733
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6732 (Cross-site scripting (XSS) vulnerability in the Language skin object ...)
+CVE-2008-6732
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6731 (Unrestricted file upload vulnerability in submitlink.php in ...)
+CVE-2008-6731
 	NOT-FOR-US: FlexPHPLink Pro
-CVE-2008-6730 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...)
+CVE-2008-6730
 	NOT-FOR-US: FlexPHPLink Pro
-CVE-2008-6729 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-6729
 	NOT-FOR-US: PHPmotion
-CVE-2008-6728 (SQL injection vulnerability in the Sections module in PHP-Nuke, ...)
+CVE-2008-6728
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6727 (Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) ...)
+CVE-2008-6727
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2008-6726 (Multiple directory traversal vulnerabilities in CMScout 2.06, when ...)
+CVE-2008-6726
 	NOT-FOR-US: CMScout
-CVE-2008-6725 (Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote ...)
+CVE-2008-6725
 	NOT-FOR-US: CMScout
-CVE-2008-6724 (Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste ...)
+CVE-2008-6724
 	NOT-FOR-US: Perl Nopaste
-CVE-2008-6723 (TurnkeyForms Entertainment Portal 2.0 allows remote attackers to ...)
+CVE-2008-6723
 	NOT-FOR-US: TurnkeyForms
-CVE-2008-6722 (Novell Access Manager 3 SP4 does not properly expire X.509 certificate ...)
+CVE-2008-6722
 	NOT-FOR-US: Novell Access Manager
-CVE-2008-6721 (SQL injection vulnerability in index.php in AJ Square AJ Article ...)
+CVE-2008-6721
 	NOT-FOR-US: AJ Square AJ Article
-CVE-2008-6720 (SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP ...)
+CVE-2008-6720
 	NOT-FOR-US: DeltaScripts PHP Links
-CVE-2008-6719 (U&amp;M Software Event Lister (aka JustListIt) 1.0 does not require ...)
+CVE-2008-6719
 	NOT-FOR-US: Software Event Lister
-CVE-2008-6718 (U&amp;M Software JustBookIt 1.0 does not require administrative ...)
+CVE-2008-6718
 	NOT-FOR-US: JustBookIt
-CVE-2008-6717 (U&amp;M Software Signup 1.0 and 1.1 does not require administrative ...)
+CVE-2008-6717
 	NOT-FOR-US: Software Signup
-CVE-2008-6716 (homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not ...)
+CVE-2008-6716
 	NOT-FOR-US: Pre ADS Portal
-CVE-2008-6715 (Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal ...)
+CVE-2008-6715
 	NOT-FOR-US: Pre ADS Portal
-CVE-2008-6714 (admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to ...)
+CVE-2008-6714
 	NOT-FOR-US: xeCMS
-CVE-2008-6713 (World in Conflict (WIC) 1.008 and earlier allows remote attackers to ...)
+CVE-2008-6713
 	NOT-FOR-US: World in Conflict
-CVE-2008-6712 (The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and ...)
+CVE-2008-6712
 	NOT-FOR-US: Crysis
-CVE-2008-6711 (Unspecified vulnerability in the Web administration interface in Avaya ...)
+CVE-2008-6711
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6710 (Unspecified vulnerability in the Web administration interface in Avaya ...)
+CVE-2008-6710
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6709 (Unspecified vulnerability in the Web management interface in Avaya SIP ...)
+CVE-2008-6709
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6708 (Unspecified vulnerability in the Web management interface in Avaya SIP ...)
+CVE-2008-6708
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6707 (The Web management interface in Avaya SIP Enablement Services (SES) ...)
+CVE-2008-6707
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6706 (Multiple unspecified vulnerabilities in the Web management interface ...)
+CVE-2008-6706
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6705 (The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: ...)
+CVE-2008-6705
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6704 (Integer overflow in the NET_Compressor::Decompress function in ...)
+CVE-2008-6704
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6703 (Stack-based buffer overflow in the IPureServer::_Recieve function in ...)
+CVE-2008-6703
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6702 (S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote ...)
+CVE-2008-6702
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6701 (NetScout (formerly Network General) Visualizer V2100 and InfiniStream ...)
+CVE-2008-6701
 	NOT-FOR-US: NetScout Visualizer
-CVE-2008-6700 (Multiple cross-site scripting (XSS) vulnerabilities in Butterfly ...)
+CVE-2008-6700
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-6699 (Cross-site scripting (XSS) vulnerability in Resource Library ...)
+CVE-2008-6699
 	NOT-FOR-US: Resource Library extension for TYPO3
-CVE-2008-6698 (Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets ...)
+CVE-2008-6698
 	NOT-FOR-US: WorldCup Bets extension for TYPO3
-CVE-2008-6697 (SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 ...)
+CVE-2008-6697
 	NOT-FOR-US: WorldCup Bets extension for TYPO3
-CVE-2008-6696 (SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and ...)
+CVE-2008-6696
 	NOT-FOR-US: Fussballtippspiel extension for TYPO3
-CVE-2008-6695 (SQL injection vulnerability in TIMTAB social bookmark icons ...)
+CVE-2008-6695
 	NOT-FOR-US: TIMTAB social bookmark icons extension for TYPO3
-CVE-2008-6694 (SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for ...)
+CVE-2008-6694
 	NOT-FOR-US: Random Prayer extension for TYPO3
-CVE-2008-6693 (SQL injection vulnerability in Download system (sb_downloader) ...)
+CVE-2008-6693
 	NOT-FOR-US: Download system extension for TYPO3
-CVE-2008-6692 (SQL injection vulnerability in Diocese of Portsmouth Training Courses ...)
+CVE-2008-6692
 	NOT-FOR-US: Training Courses extension for TYPO3
-CVE-2008-6691 (SQL injection vulnerability in Diocese of Portsmouth Calendar Today ...)
+CVE-2008-6691
 	NOT-FOR-US: Calendar Today extension for TYPO3
-CVE-2008-6690 (Unspecified vulnerability in nepa-design.de Spam Protection ...)
+CVE-2008-6690
 	NOT-FOR-US: Spam Protection extension for TYPO3
-CVE-2008-6689 (SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and ...)
+CVE-2008-6689
 	NOT-FOR-US: JobControl extension for TYPO3
-CVE-2008-6688 (Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) ...)
+CVE-2008-6688
 	NOT-FOR-US: JobControl extension for TYPO3
-CVE-2008-6687 (Cross-site scripting (XSS) vulnerability in DCD GoogleMap ...)
+CVE-2008-6687
 	NOT-FOR-US: DCD GoogleMap extension for TYPO3
-CVE-2008-6686 (SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier ...)
+CVE-2008-6686
 	NOT-FOR-US: CoolURI extension for TYPO3
-CVE-2008-6685 (Unspecified vulnerability in Frontend Filemanager (air_filemanager) ...)
+CVE-2008-6685
 	NOT-FOR-US: Frontend Filemanager extension for TYPO3
-CVE-2008-6684 (Unrestricted file upload vulnerability in editimage.php in Apartment ...)
+CVE-2008-6684
 	NOT-FOR-US: Apartment Search Script
-CVE-2008-6683 (Cross-site scripting (XSS) vulnerability in listtest.php in Apartment ...)
+CVE-2008-6683
 	NOT-FOR-US: Apartment Search Script
-CVE-2008-6682 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts ...)
+CVE-2008-6682
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2008-6681 (Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo ...)
+CVE-2008-6681
 	NOT-FOR-US: Dojo
-CVE-2008-6679 (Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and ...)
+CVE-2008-6679
 	{DSA-2080-1}
 	- ghostscript 8.64~dfsg-1 (medium; bug #524803)
 	- gs-gpl <removed> (medium; bug #561717)
-CVE-2008-6678 (SQL injection vulnerability in asp/includes/contact.asp in QuickerSite ...)
+CVE-2008-6678
 	NOT-FOR-US: QuickerSite
-CVE-2008-6677 (Unrestricted file upload vulnerability in ...)
+CVE-2008-6677
 	NOT-FOR-US: QuickerSite
-CVE-2008-6676 (QuickerSite 1.8.5 allows remote attackers to obtain sensitive ...)
+CVE-2008-6676
 	NOT-FOR-US: QuickerSite
-CVE-2008-6675 (Multiple cross-site scripting (XSS) vulnerabilities in QuickerSite ...)
+CVE-2008-6675
 	NOT-FOR-US: QuickerSite
-CVE-2008-6674 (mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood ...)
+CVE-2008-6674
 	NOT-FOR-US: QuickerSite
-CVE-2008-6673 (asp/bs_login.asp in QuickerSite 1.8.5 does not properly restrict ...)
+CVE-2008-6673
 	NOT-FOR-US: QuickerSite
-CVE-2008-6672 (Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a ...)
+CVE-2008-6672
 	NOT-FOR-US: Vertex4 SunAge
-CVE-2008-6671 (Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a ...)
+CVE-2008-6671
 	NOT-FOR-US: Vertex4 SunAge
-CVE-2008-6670 (Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote ...)
+CVE-2008-6670
 	NOT-FOR-US: Vertex4 SunAge
-CVE-2008-6669 (viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to ...)
+CVE-2008-6669
 	NOT-FOR-US: nweb2fax
-CVE-2008-6668 (Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and ...)
+CVE-2008-6668
 	NOT-FOR-US: nweb2fax
-CVE-2008-6667 (A+ PHP Scripts News Management System (NMS) allows remote attackers to ...)
+CVE-2008-6667
 	NOT-FOR-US: A+ PHP Scripts News Management System (NMS)
-CVE-2008-6666 (Multiple cross-site scripting (XSS) vulnerabilities in Kronos webTA ...)
+CVE-2008-6666
 	NOT-FOR-US: Kronos webTA
-CVE-2008-6665 (change.php in Ananta CMS 1.0b5, with magic_quotes_gpc disabled, allows ...)
+CVE-2008-6665
 	NOT-FOR-US: Ananta CMS
-CVE-2008-6664 (action.php in SH-News 3.0 allows remote attackers to bypass ...)
+CVE-2008-6664
 	NOT-FOR-US: SH-News
-CVE-2008-6663 (SQL injection vulnerability in profile.php in PHPAuctions.info ...)
+CVE-2008-6663
 	NOT-FOR-US: PHPAuctions
-CVE-2008-6662 (AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote ...)
+CVE-2008-6662
 	NOT-FOR-US: AVG Anti-Virus
-CVE-2008-6661 (Multiple integer overflows in the scanning engine in Bitdefender for ...)
+CVE-2008-6661
 	NOT-FOR-US: Bitdefender
-CVE-2008-6660 (Unrestricted file upload vulnerability in bigdump.php in Alexey Ozerov ...)
+CVE-2008-6660
 	NOT-FOR-US: Alexey Ozerov BigDump
-CVE-2008-6659 (Directory traversal vulnerability in index.php in Simple Machines ...)
+CVE-2008-6659
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6658 (Directory traversal vulnerability in index.php in Simple Machines ...)
+CVE-2008-6658
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6657 (Cross-site request forgery (CSRF) vulnerability in index.php in Simple ...)
+CVE-2008-6657
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6680 (libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause ...)
+CVE-2008-6680
 	{DSA-1771-1}
 	- clamav 0.95.1+dfsg-1 (medium; bug #523016)
-CVE-2008-6656 (Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b ...)
+CVE-2008-6656
 	NOT-FOR-US: Open Auto Classifieds
-CVE-2008-6655 (Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL ...)
+CVE-2008-6655
 	NOT-FOR-US: GEDCOM_TO_MYSQL
-CVE-2008-6654 (Cross-site scripting (XSS) vulnerability in search_results.php in ...)
+CVE-2008-6654
 	NOT-FOR-US: InfoBiz Server
-CVE-2008-6653 (SQL injection vulnerability in webhosting.php in the Webhosting ...)
+CVE-2008-6653
 	NOT-FOR-US: Joomla!
-CVE-2008-6652 (SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote ...)
+CVE-2008-6652
 	NOT-FOR-US: OneCMS
-CVE-2008-6651 (Static code injection vulnerability in edithistory.php in OxYProject ...)
+CVE-2008-6651
 	NOT-FOR-US: OxYProject OxYBox
-CVE-2008-6650 (del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary ...)
+CVE-2008-6650
 	NOT-FOR-US: miniBloggie
-CVE-2008-6649 (SQL injection vulnerability in manager/image_details_editor.php in ...)
+CVE-2008-6649
 	NOT-FOR-US: Ktools PhotoStore
-CVE-2008-6648 (SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 ...)
+CVE-2008-6648
 	NOT-FOR-US: Ktools PhotoStore
-CVE-2008-6647 (SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 ...)
+CVE-2008-6647
 	NOT-FOR-US: Ktools PhotoStore
-CVE-2008-6646 (Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix ...)
+CVE-2008-6646
 	NOT-FOR-US: CoronaMatrix phpAddressBook
-CVE-2008-6645 (Cross-site scripting (XSS) vulnerability in Opencosmo VisualSentinel ...)
+CVE-2008-6645
 	NOT-FOR-US: Opencosmo VisualSentinel
-CVE-2008-6644 (Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke ...)
+CVE-2008-6644
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6643 (LokiCMS 0.3.4 and possibly earlier versions does not properly restrict ...)
+CVE-2008-6643
 	NOT-FOR-US: LokiCMS
-CVE-2008-6642 (SQL injection vulnerability in view.php in DotContent FluentCMS 4.x ...)
+CVE-2008-6642
 	NOT-FOR-US: DotContent FluentCMS
-CVE-2008-6641 (Multiple SQL injection vulnerabilities in Shader TV (Beta) allow ...)
+CVE-2008-6641
 	NOT-FOR-US: Shader TV
-CVE-2008-6640 (Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote ...)
+CVE-2008-6640
 	NOT-FOR-US: BatmanPorTaL
-CVE-2008-6639 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
+CVE-2008-6639
 	- ajaxplorer <itp> (bug #668381)
-CVE-2008-6638 (Insecure method vulnerability in the Versalsoft HTTP Image Uploader ...)
+CVE-2008-6638
 	NOT-FOR-US: Versalsoft HTTP Image Uploader ActiveX
-CVE-2008-6637 (Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in ...)
+CVE-2008-6637
 	NOT-FOR-US: Library Video Company SAFARI Montage
-CVE-2008-6636 (PHP remote file inclusion vulnerability in skins/default.php in Geody ...)
+CVE-2008-6636
 	NOT-FOR-US: Geody Labs Dagger
-CVE-2008-6635 (PHP remote file inclusion vulnerability in skins/default.php in Geody ...)
+CVE-2008-6635
 	NOT-FOR-US: Geody Labs Dagger
-CVE-2008-6634 (SQL injection vulnerability in RoomPHPlanning 1.5 allows remote ...)
+CVE-2008-6634
 	NOT-FOR-US: RoomPHPlanning
-CVE-2008-6633 (SQL injection vulnerability in RoomPHPlanning 1.5 allows remote ...)
+CVE-2008-6633
 	NOT-FOR-US: RoomPHPlanning
-CVE-2008-6632 (SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 ...)
+CVE-2008-6632
 	NOT-FOR-US: MercuryBoard
-CVE-2008-6631 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-6631
 	NOT-FOR-US: BlogPHP
-CVE-2008-6630 (Directory traversal vulnerability in the wt_gallery extension 2.5.0 ...)
+CVE-2008-6630
 	NOT-FOR-US: wt_gallery extension for TYPO3
-CVE-2008-6629 (Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN ...)
+CVE-2008-6629
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
 CVE-2008-6628
 	REJECTED
-CVE-2008-6627 (SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, ...)
+CVE-2008-6627
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6626 (SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and ...)
+CVE-2008-6626
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6625 (SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka ...)
+CVE-2008-6625
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6624 (SQL injection vulnerability in getin.php in WEBBDOMAIN Petition 1.02, ...)
+CVE-2008-6624
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6623 (SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka ...)
+CVE-2008-6623
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6622 (SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card ...)
+CVE-2008-6622
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6621 (Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote ...)
+CVE-2008-6621
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6620 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-6620
 	NOT-FOR-US: GraFX miniCWB
-CVE-2008-6619 (Unrestricted file upload vulnerability in class/ApplyDB.php in ...)
+CVE-2008-6619
 	NOT-FOR-US: ClassSystem
-CVE-2008-6618 (Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote ...)
+CVE-2008-6618
 	NOT-FOR-US: ClassSystem
-CVE-2008-6617 (Unrestricted file upload vulnerability in adm/visual/upload.php in ...)
+CVE-2008-6617
 	NOT-FOR-US: SiteXS CMS
-CVE-2008-6616 (Cross-site scripting (XSS) vulnerability in index.php in Zen Software ...)
+CVE-2008-6616
 	NOT-FOR-US: Zen Software Zen Cart
-CVE-2008-6615 (SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 ...)
+CVE-2008-6615
 	NOT-FOR-US: Zen Software Zen Cart
-CVE-2008-6614 (Multiple SQL injection vulnerabilities in microcms-admin-login.php in ...)
+CVE-2008-6614
 	NOT-FOR-US: Micro CMS
-CVE-2008-6613 (uploader.php in minimal-ablog 0.4 does not properly restrict access, ...)
+CVE-2008-6613
 	NOT-FOR-US: minimal-ablog
-CVE-2008-6612 (Unrestricted file upload vulnerability in admin/uploader.php in ...)
+CVE-2008-6612
 	NOT-FOR-US: minimal-ablog
-CVE-2008-6611 (SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows ...)
+CVE-2008-6611
 	NOT-FOR-US: minimal-ablog
-CVE-2008-6610 (Absolute path traversal vulnerability in phpcksec.php in Stefan Ott ...)
+CVE-2008-6610
 	NOT-FOR-US: phpcksec
-CVE-2008-6609 (Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott ...)
+CVE-2008-6609
 	NOT-FOR-US: phpcksec
-CVE-2008-6608 (Multiple SQL injection vulnerabilities in DevelopItEasy Events ...)
+CVE-2008-6608
 	NOT-FOR-US: DevelopItEasy Events Calendar
-CVE-2008-6607 (Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 ...)
+CVE-2008-6607
 	NOT-FOR-US: MatPo Link
-CVE-2008-6606 (SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows ...)
+CVE-2008-6606
 	NOT-FOR-US: MatPo Link
-CVE-2008-6605 (Cross-site request forgery (CSRF) vulnerability in the xslt script in ...)
+CVE-2008-6605
 	NOT-FOR-US: 2wire
-CVE-2008-6604 (Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 ...)
+CVE-2008-6604
 	NOT-FOR-US: PicoFlat CMS
-CVE-2008-6603 (MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when ...)
+CVE-2008-6603
 	- moin 1.7.1-1 (low)
 	[etch] - moin <not-affected> (Vulnerable code not present)
-CVE-2008-6602 (Unspecified vulnerability in Download Center Lite before 2.1 has ...)
+CVE-2008-6602
 	NOT-FOR-US: Download Center Lite
-CVE-2008-6601 (Unspecified vulnerability in Epona 1.5rc3 allows remote attackers to ...)
+CVE-2008-6601
 	NOT-FOR-US: Epona
-CVE-2008-6600 (Cross-site scripting (XSS) vulnerability in the search feature in ...)
+CVE-2008-6600
 	NOT-FOR-US: XMLPortal
-CVE-2008-6599 (cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the ...)
+CVE-2008-6599
 	NOT-FOR-US: CookieCheck
-CVE-2008-6598 (Multiple race conditions in WANPIPE before 3.3.6 have unknown impact ...)
+CVE-2008-6598
 	NOT-FOR-US: WANPIPE
-CVE-2008-6597 (Cross-site scripting (XSS) vulnerability in upload/install/index.php ...)
+CVE-2008-6597
 	NOT-FOR-US: PHCDownload
-CVE-2008-6596 (SQL injection vulnerability in admin/index.php in PHCDownload 1.1 ...)
+CVE-2008-6596
 	NOT-FOR-US: PHCDownload
-CVE-2008-6595 (SQL injection vulnerability in the pmk_rssnewsexport extension for ...)
+CVE-2008-6595
 	NOT-FOR-US: pmk_rssnewsexport extension for TYPO3
-CVE-2008-6594 (SQL injection vulnerability in the cm_rdfexport extension for TYPO3 ...)
+CVE-2008-6594
 	NOT-FOR-US: 3dparty typo3 extension
-CVE-2008-6593 (SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy ...)
+CVE-2008-6593
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6592 (thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy &quot;no database&quot; ...)
+CVE-2008-6592
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6591 (LightNEasy &quot;no database&quot; (aka flat) version 1.2.2, and possibly SQLite ...)
+CVE-2008-6591
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6590 (Multiple directory traversal vulnerabilities in LightNEasy &quot;no ...)
+CVE-2008-6590
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6589 (Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy &quot;no ...)
+CVE-2008-6589
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6588 (Aztech ADSL2/2+ 4-port router has a default &quot;isp&quot; account with a ...)
+CVE-2008-6588
 	NOT-FOR-US: Aztech port router
-CVE-2008-6587 (Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze ...)
+CVE-2008-6587
 	NOT-FOR-US: Azureus HTML WebUI
-CVE-2008-6586 (Cross-site request forgery (CSRF) vulnerability in gui/index.php in ...)
+CVE-2008-6586
 	NOT-FOR-US: ?Torrent (uTorrent) WebUI
-CVE-2008-6585 (Cross-site request forgery (CSRF) vulnerability in html/admin.php in ...)
+CVE-2008-6585
 	- torrentflux <not-affected> (Debian packaging uses a different directory layout, see bug #531614)
-CVE-2008-6584 (html/index.php in TorrentFlux 2.3 allows remote authenticated users to ...)
+CVE-2008-6584
 	- torrentflux <not-affected> (Debian packaging uses a different directory layout, see bug #531614)
-CVE-2008-6583 (Buffer overflow in BS.player 2.27 build 959 allows remote attackers to ...)
+CVE-2008-6583
 	NOT-FOR-US: BS.player
-CVE-2008-6582 (SQL injection vulnerability in index.php in Miniweb 2.0 allows remote ...)
+CVE-2008-6582
 	NOT-FOR-US: Miniweb
-CVE-2008-6581 (login.php in PhpAddEdit 1.3 allows remote attackers to bypass ...)
+CVE-2008-6581
 	NOT-FOR-US: PhpAddEdit
-CVE-2008-6580 (The Red_Reservations script for ColdFusion stores sensitive ...)
+CVE-2008-6580
 	NOT-FOR-US: ColdFusion
-CVE-2008-6579 (Nortel Communication Server 1000 4.50.x allows remote attackers to ...)
+CVE-2008-6579
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6578 (Multiple unspecified vulnerabilities in Nortel Communication Server ...)
+CVE-2008-6578
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6577 (Nortel MG1000S, Signaling Server, and Call Server on the ...)
+CVE-2008-6577
 	NOT-FOR-US: Nortel appliances
-CVE-2008-6576 (Unspecified vulnerability in the &quot;session limitation technique&quot; in the ...)
+CVE-2008-6576
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6575 (Unspecified vulnerability in the SIP server in SIP Enablement Services ...)
+CVE-2008-6575
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6574 (Unspecified vulnerability in SIP Enablement Services (SES) in Avaya ...)
+CVE-2008-6574
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6573 (Multiple SQL injection vulnerabilities in Avaya SIP Enablement ...)
+CVE-2008-6573
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6572 (SQL injection vulnerability in search_results.php in ABK-Soft ...)
+CVE-2008-6572
 	NOT-FOR-US: ABK-Soft AbleDating
-CVE-2008-6571 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...)
+CVE-2008-6571
 	NOT-FOR-US: LinPHA
-CVE-2008-6570 (Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu ...)
+CVE-2008-6570
 	NOT-FOR-US: Cybozu Garoon
-CVE-2008-6569 (Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 ...)
+CVE-2008-6569
 	NOT-FOR-US: Cybozu Garoon
-CVE-2008-6568 (Unrestricted file upload vulnerability in Yehe 2.0 allows remote ...)
+CVE-2008-6568
 	NOT-FOR-US: Yehe
-CVE-2008-6567 (Multiple cross-site scripting (XSS) vulnerabilities in Gallarific Free ...)
+CVE-2008-6567
 	NOT-FOR-US: Gallarific Free Edition
-CVE-2008-6566 (Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown ...)
+CVE-2008-6566
 	NOT-FOR-US: Octopussy
-CVE-2008-6565 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 ...)
+CVE-2008-6565
 	NOT-FOR-US: Invision Power Board
-CVE-2008-6564 (Nortel UNIStim protocol, as used in Communication Server 1000 and ...)
+CVE-2008-6564
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6563 (Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly ...)
+CVE-2008-6563
 	NOT-FOR-US: Trillian
-CVE-2008-6562 (Cross-site scripting (XSS) vulnerability in jax_linklists.php in Jack ...)
+CVE-2008-6562
 	NOT-FOR-US: Jack (tR) Jax LinkLists
-CVE-2008-6561 (Citrix Presentation Server Client for Windows before 10.200 does not ...)
+CVE-2008-6561
 	NOT-FOR-US: Citrix
-CVE-2008-6560 (Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on ...)
+CVE-2008-6560
 	- redhat-cluster 2.20081102-1
 	NOTE: This seems like a non-issue, since the config file should be under control
 	NOTE: of the admin?
 	NOTE: Fixed in 2.03.09 upstream version.
-CVE-2008-6559 (Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users ...)
+CVE-2008-6559
 	NOT-FOR-US: SCO UnixWare
-CVE-2008-6558 (Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ...)
+CVE-2008-6558
 	NOT-FOR-US: SCO UnixWare
-CVE-2008-6557 (cgi-bin/webutil.pl in The Puppet Master WebUtil 2.7 allows remote ...)
+CVE-2008-6557
 	NOT-FOR-US: Puppet Master WebUtit, different than puppetmaster from puppet
-CVE-2008-6556 (cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote ...)
+CVE-2008-6556
 	NOT-FOR-US: Puppet Master WebUtit, different than puppetmaster from puppet
-CVE-2008-6555 (cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote ...)
+CVE-2008-6555
 	NOT-FOR-US: Puppet Master WebUtit, different than puppetmaster from puppet
-CVE-2008-6554 (cgi-bin/script in Aztech ADSL2/2+ 4-port router 3.7.0 build 070426 ...)
+CVE-2008-6554
 	NOT-FOR-US: Aztech router
-CVE-2008-6553 (microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 ...)
+CVE-2008-6553
 	NOT-FOR-US: Micro CMS
-CVE-2008-6552 (Red Hat Cluster Project 2.x allows local users to modify or overwrite ...)
+CVE-2008-6552
 	- redhat-cluster 2.20081102-1
 	NOTE: Fixed in 2.03.09 upstream version.
 	NOTE: Similar to CVE-2008-4192 and CVE-2008-4579
-CVE-2008-6551 (Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and ...)
+CVE-2008-6551
 	NOT-FOR-US: e-vision CMS
-CVE-2008-6550 (Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire ...)
+CVE-2008-6550
 	NOT-FOR-US: Glossaire
-CVE-2008-6549 (The password_checker function in config/multiconfig.py in MoinMoin ...)
+CVE-2008-6549
 	- moin 1.6.2-1 (low)
-CVE-2008-6548 (The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check ...)
+CVE-2008-6548
 	- moin 1.6.2-1 (low)
-CVE-2008-6547 (schema.py in FormEncode for Python (python-formencode) 1.0 does not ...)
+CVE-2008-6547
 	- python-formencode 1.0.1-1
 	[etch] - python-formencode <not-affected> (Vulnerable code was introduced in 1.0)
-CVE-2008-6546 (Unspecified vulnerability in phpns before 2.1.3 has unknown impact and ...)
+CVE-2008-6546
 	NOT-FOR-US: phpns
-CVE-2008-6545 (PHP remote file inclusion vulnerability in news/include/createdb.php ...)
+CVE-2008-6545
 	NOT-FOR-US: Web Server Creator Web Portal
-CVE-2008-6544 (** DISPUTED ** ...)
+CVE-2008-6544
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6543 (Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM ...)
+CVE-2008-6543
 	NOT-FOR-US: ComScripts TEAM Quick Classifieds
-CVE-2008-6542 (Unspecified vulnerability in the Skin Manager in DotNetNuke before ...)
+CVE-2008-6542
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6541 (Unrestricted file upload vulnerability in the file manager module in ...)
+CVE-2008-6541
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6540 (DotNetNuke before 4.8.2, during installation or upgrade, does not warn ...)
+CVE-2008-6540
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6539 (Static code injection vulnerability in user/settings/ in DeStar ...)
+CVE-2008-6539
 	- destar <removed> (bug #522123)
-CVE-2008-6538 (DeStar 0.2.2-5 allows remote attackers to add arbitrary users via a ...)
+CVE-2008-6538
 	- destar <not-affected> (bug #522123)
 	NOTE: we include a default configuration user which can be changed with instructions in README.Debian
-CVE-2008-6537 (LightNEasy/lightneasy.php in LightNEasy No database version 1.2 allows ...)
+CVE-2008-6537
 	NOT-FOR-US: LightNEasy No database
-CVE-2008-6536 (Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and ...)
+CVE-2008-6536
 	- p7zip 4.57~dfsg.1-1
-CVE-2008-6535 (admin/settings.php in PayPal eStores allows remote attackers to bypass ...)
+CVE-2008-6535
 	NOT-FOR-US: PayPal eStores
-CVE-2008-6534 (Incomplete blacklist vulnerability in NULL FTP Server Free and Pro ...)
+CVE-2008-6534
 	NOT-FOR-US: NULL FTP Server
-CVE-2008-6533 (Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related ...)
+CVE-2008-6533
 	- drupal5 5.14-1 (low)
 	- drupal6 6.9-1 (low)
 	[lenny] - drupal6 6.6-1.1
-CVE-2008-6532 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2008-6532
 	- drupal5 5.14-1 (low)
 	- drupal6 6.9-1 (low)
 	[lenny] - drupal6 6.6-1.1
-CVE-2008-6531 (The WebWork 1 web application framework in Atlassian JIRA before ...)
+CVE-2008-6531
 	NOT-FOR-US: Atlassian JIRA
-CVE-2008-6530 (Unrestricted file upload vulnerability in editimage.php in ...)
+CVE-2008-6530
 	NOT-FOR-US: eZoneScripts Living Local
-CVE-2008-6529 (Cross-site scripting (XSS) vulnerability in listtest.php in ...)
+CVE-2008-6529
 	NOT-FOR-US: eZoneScripts Living Local
-CVE-2008-6528 (NTFS TmaxSoft JEUS 5 before Fix 26 allows remote attackers to read the ...)
+CVE-2008-6528
 	NOT-FOR-US: NTFS TmaxSoft JEUS 5
-CVE-2008-6527 (SQL injection vulnerability in forum.asp in GO4I.NET ASP Forum 1.0 ...)
+CVE-2008-6527
 	NOT-FOR-US: GO4I.NET ASP Forum
-CVE-2008-6526 (SQL injection vulnerability in index.php in BosDev BosClassifieds ...)
+CVE-2008-6526
 	NOT-FOR-US: BosClassifieds
-CVE-2008-6525 (SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script ...)
+CVE-2008-6525
 	NOT-FOR-US: Nice PHP FAQ Script
-CVE-2008-6524 (resetpass.php in openInvoice 0.90 beta and earlier allows remote ...)
+CVE-2008-6524
 	NOT-FOR-US: openInvoice
-CVE-2008-6523 (auth.php in openInvoice 0.90 beta and earlier allows remote attackers ...)
+CVE-2008-6523
 	NOT-FOR-US: openInvoice
-CVE-2008-6522 (Multiple directory traversal vulnerabilities in the RenderFile ...)
+CVE-2008-6522
 	NOT-FOR-US: OpenTerracotta
-CVE-2008-6521 (index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote ...)
+CVE-2008-6521
 	NOT-FOR-US: OpenTerracotta
-CVE-2008-6520 (Multiple format string vulnerabilities in the SSI filter in Xitami Web ...)
+CVE-2008-6520
 	NOT-FOR-US: Xitami Web Server
-CVE-2008-6519 (Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, ...)
+CVE-2008-6519
 	NOT-FOR-US: Xitami Web Server
-CVE-2008-6518 (Unrestricted file upload vulnerability in the profile feature in ...)
+CVE-2008-6518
 	NOT-FOR-US: VidiScript
-CVE-2008-6517 (SQL injection vulnerability in NewsHOWLER 1.03 Beta allows remote ...)
+CVE-2008-6517
 	NOT-FOR-US: NewsHOWLER
-CVE-2008-6516 (Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 ...)
+CVE-2008-6516
 	NOT-FOR-US: phpKF-Portal
-CVE-2008-6515 (Cross-site scripting (XSS) vulnerability in Fritz Berger yet another ...)
+CVE-2008-6515
 	NOT-FOR-US: yappa-ng
-CVE-2008-6514 (The Expo plugin in Compiz Fusion 0.7.8 allows local users with ...)
+CVE-2008-6514
 	- compiz-fusion-plugins-main 0.8.2-1 (low)
 	[lenny] - compiz-fusion-plugins-main <no-dsa> (Minor issue)
-CVE-2008-6513 (Unrestricted file upload vulnerability in saa.php in Andy's PHP ...)
+CVE-2008-6513
 	NOT-FOR-US: Andy's PHP Knowledgebase
-CVE-2008-6512 (Cross-domain vulnerability in the WorkerPool API in Google Gears ...)
+CVE-2008-6512
 	NOT-FOR-US: Google Gears
-CVE-2008-6511 (Open redirect vulnerability in login.jsp in Openfire 3.6.0a and ...)
+CVE-2008-6511
 	NOT-FOR-US: Openfire
-CVE-2008-6510 (Cross-site scripting (XSS) vulnerability in login.jsp in the Admin ...)
+CVE-2008-6510
 	NOT-FOR-US: Openfire
-CVE-2008-6509 (SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire ...)
+CVE-2008-6509
 	NOT-FOR-US: Openfire
-CVE-2008-6508 (Directory traversal vulnerability in the AuthCheck filter in the Admin ...)
+CVE-2008-6508
 	NOT-FOR-US: Openfire
-CVE-2008-6507 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers to ...)
+CVE-2008-6507
 	- phpbb3 3.0.2-4
-CVE-2008-6505 (Multiple directory traversal vulnerabilities in Apache Struts 2.0.x ...)
+CVE-2008-6505
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: looks like this was introduced in 2.x, see upstream trunk r688095
-CVE-2008-6504 (ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and ...)
+CVE-2008-6504
 	NOT-FOR-US: OpenSymphony XWork
-CVE-2008-6503 (Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop ...)
+CVE-2008-6503
 	NOT-FOR-US: PrestaShop
-CVE-2008-6502 (Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows ...)
+CVE-2008-6502
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2008-6501 (Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro ...)
+CVE-2008-6501
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2008-6500 (Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart ...)
+CVE-2008-6500
 	NOT-FOR-US: CodeToad ASP Shopping Cart Script
-CVE-2008-6499 (security/xamppsecurity.php in XAMPP 1.6.8 performs an extract ...)
+CVE-2008-6499
 	NOT-FOR-US: XAMPP
-CVE-2008-6498 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-6498
 	NOT-FOR-US: XAMPP
-CVE-2008-6497 (The Neostrada Livebox ADSL Router allows remote attackers to cause a ...)
+CVE-2008-6497
 	NOT-FOR-US: Neostrada Livebox ADSL Router
-CVE-2008-6496 (Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX ...)
+CVE-2008-6496
 	NOT-FOR-US: VSPDFEditorX.ocx
-CVE-2008-6495 (Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger ...)
+CVE-2008-6495
 	NOT-FOR-US: Fritz Berger yet another php photo album - next generation
-CVE-2008-6494 (ASP User Engine.NET stores sensitive information under the web root ...)
+CVE-2008-6494
 	NOT-FOR-US: ASP User Engine.NET
-CVE-2008-6493 (Easy Content Management Publishing stores sensitive information under ...)
+CVE-2008-6493
 	NOT-FOR-US: Easy Content Management Publishing
-CVE-2008-6492 (Unrestricted file upload vulnerability in process.php in Tizag ...)
+CVE-2008-6492
 	NOT-FOR-US: Tizag Countdown Creator
-CVE-2008-6491 (PHP remote file inclusion vulnerability in connexion.php in PHPGKit ...)
+CVE-2008-6491
 	NOT-FOR-US: PHPGKit
-CVE-2008-6490 (function/update_xml.php in FLABER 1.1 and earlier allows remote ...)
+CVE-2008-6490
 	NOT-FOR-US: FLABER
-CVE-2008-6489 (SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for ...)
+CVE-2008-6489
 	NOT-FOR-US: MyAlbum component (com_myalbum) for Joomla!
-CVE-2008-6488 (SQL injection vulnerability in index.php in SoftComplex PHP Image ...)
+CVE-2008-6488
 	NOT-FOR-US: SoftComplex PHP Image Gallery
-CVE-2008-6487 (Multiple SQL injection vulnerabilities in login.asp in Digiappz ...)
+CVE-2008-6487
 	NOT-FOR-US: Digiappz DigiAffiliate
-CVE-2008-6486 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6486
 	NOT-FOR-US: sharedlog CMS
-CVE-2008-6485 (SQL injection vulnerability in index.php in SoftComplex PHP Image ...)
+CVE-2008-6485
 	NOT-FOR-US: SoftComplex PHP Image Gallery
-CVE-2008-6484 (SQL injection vulnerability in login.php in Mole Group Taxi Map Script ...)
+CVE-2008-6484
 	NOT-FOR-US: Mole Group Taxi Map Script
-CVE-2008-6483 (PHP remote file inclusion vulnerability in admin.googlebase.php in the ...)
+CVE-2008-6483
 	NOT-FOR-US: Ecom Solutions VirtueMart Google Base (aka com_googlebase or Froogle) component for Joomla!
-CVE-2008-6482 (PHP remote file inclusion vulnerability in admin.treeg.php in the ...)
+CVE-2008-6482
 	NOT-FOR-US: Flash Tree Gallery (com_treeg) component for Joomla!
-CVE-2008-6481 (SQL injection vulnerability in the Versioning component ...)
+CVE-2008-6481
 	NOT-FOR-US: Versioning component (com_versioning) in Joomla! and Mambo
-CVE-2008-6480 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-6480
 	NOT-FOR-US: Datalife Engine
-CVE-2008-6479 (Cross-site request forgery (CSRF) vulnerability in the &quot;change ...)
+CVE-2008-6479
 	NOT-FOR-US: swsoft
-CVE-2008-6478 (Cross-site request forgery (CSRF) vulnerability in the file manager in ...)
+CVE-2008-6478
 	NOT-FOR-US: swsoft
-CVE-2008-6477 (SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote ...)
+CVE-2008-6477
 	NOT-FOR-US: Mumbo Jumbo Media
-CVE-2008-6476 (Cross-site scripting (XSS) vulnerability in blog/search.aspx in ...)
+CVE-2008-6476
 	NOT-FOR-US: BlogEngine.NET
-CVE-2008-6475 (SQL injection vulnerability in the guestbook component ...)
+CVE-2008-6475
 	NOT-FOR-US: Drake CMS
-CVE-2008-6474 (The management interface in F5 BIG-IP 9.4.3 allows remote ...)
+CVE-2008-6474
 	NOT-FOR-US: F5 BIG-IP
-CVE-2008-6473 (_blogadata/include/init_pass2.php in Blogator-script 0.95 allows ...)
+CVE-2008-6473
 	NOT-FOR-US: Blogator-script
-CVE-2008-6472 (The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote ...)
+CVE-2008-6472
 	[etch] - wireshark <not-affected> (vulnerable code not present)
 	[lenny] - wireshark 1.0.2-3+lenny3
 	- wireshark 1.0.5-1 (low; bug #506741)
-CVE-2008-6471 (SQL injection vulnerability in detail.php in MountainGrafix easyLink ...)
+CVE-2008-6471
 	NOT-FOR-US: MountainGrafix easyLink
-CVE-2008-6470 (Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 ...)
+CVE-2008-6470
 	NOT-FOR-US: ClanSphere
-CVE-2008-6469 (SQL injection vulnerability in index.php in PlainCart 1.1.2 allows ...)
+CVE-2008-6469
 	NOT-FOR-US: PlainCart
-CVE-2008-6468 (SQL injection vulnerability in index.php in Diesel Pay allows remote ...)
+CVE-2008-6468
 	NOT-FOR-US: Diesel Pay
-CVE-2008-6467 (SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel ...)
+CVE-2008-6467
 	NOT-FOR-US: Diesel Pay
-CVE-2008-6466 (SQL injection vulnerability in image_gallery.php in the Akira Powered ...)
+CVE-2008-6466
 	NOT-FOR-US: e107
-CVE-2008-6465 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+CVE-2008-6465
 	NOT-FOR-US: Parallels H-Sphere
-CVE-2008-6464 (SQL injection vulnerability in event.php in Mevin Productions Basic ...)
+CVE-2008-6464
 	NOT-FOR-US: Mevin Productions Basic PHP Events Lister
-CVE-2008-6463 (SQL injection vulnerability in the Diocese of Portsmouth Church Search ...)
+CVE-2008-6463
 	NOT-FOR-US: Diocese of Portsmouth Church Search extension for Typo3
-CVE-2008-6462 (SQL injection vulnerability in the My quiz and poll (myquizpoll) ...)
+CVE-2008-6462
 	NOT-FOR-US: My quiz and poll
-CVE-2008-6461 (SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) ...)
+CVE-2008-6461
 	NOT-FOR-US: Typo3 addon Random Prayer
-CVE-2008-6460 (SQL injection vulnerability in the Simple Random Objects ...)
+CVE-2008-6460
 	NOT-FOR-US: Typo3 addon Simple Random Objects
-CVE-2008-6459 (SQL injection vulnerability in the auto BE User Registration ...)
+CVE-2008-6459
 	NOT-FOR-US: Typo3 addon auto BE User Registration
-CVE-2008-6458 (SQL injection vulnerability in the FE address edit for tt_address &amp; ...)
+CVE-2008-6458
 	NOT-FOR-US: Typo3 addon
-CVE-2008-6457 (SQL injection vulnerability in the Swigmore institute (cgswigmore) ...)
+CVE-2008-6457
 	NOT-FOR-US: Typo3 addon
-CVE-2008-6456 (SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and ...)
+CVE-2008-6456
 	NOT-FOR-US: Typo3 addon
-CVE-2008-6455 (Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote ...)
+CVE-2008-6455
 	NOT-FOR-US: Edikon phpShop
-CVE-2008-6454 (SQL injection vulnerability in section.php in 6rbScript 3.3 allows ...)
+CVE-2008-6454
 	NOT-FOR-US: 6rbScript
-CVE-2008-6453 (Directory traversal vulnerability in section.php in 6rbScript 3.3, ...)
+CVE-2008-6453
 	NOT-FOR-US: 6rbScript
-CVE-2008-6452 (SQL injection vulnerability in show_vote.php in Oceandir 2.9 and ...)
+CVE-2008-6452
 	NOT-FOR-US: Oceandir
-CVE-2008-6451 (SQL injection vulnerability in humor.php in jPORTAL 2 allows remote ...)
+CVE-2008-6451
 	NOT-FOR-US: jPORTAL
-CVE-2008-6450 (Cross-site scripting (XSS) vulnerability in Under Construction, Baby ...)
+CVE-2008-6450
 	NOT-FOR-US: Under Construction, Baby
-CVE-2008-6449 (Cross-site request forgery (CSRF) vulnerability in multiple Century ...)
+CVE-2008-6449
 	NOT-FOR-US: Century Systems routers
-CVE-2008-6448 (Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC ...)
+CVE-2008-6448
 	NOT-FOR-US: SKYARC System MTCMS WYSIWYG Editor
-CVE-2008-6447 (Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail ...)
+CVE-2008-6447
 	NOT-FOR-US: QuikSoft EasyMail
-CVE-2008-6446 (Static code injection vulnerability in the Guestbook component in CMS ...)
+CVE-2008-6446
 	NOT-FOR-US: CMS MAXSITE
-CVE-2008-6445 (Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact ...)
+CVE-2008-6445
 	NOT-FOR-US: YourPlace
-CVE-2008-6444 (Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might ...)
+CVE-2008-6444
 	NOT-FOR-US: Baidu Hi IM
-CVE-2008-6443 (SQL injection vulnerability in forum_duzen.php in phpKF allows remote ...)
+CVE-2008-6443
 	NOT-FOR-US: phpKF
-CVE-2008-6442 (Insecure method vulnerability in Sina Inc. DLoader Class ActiveX ...)
+CVE-2008-6442
 	NOT-FOR-US: Sina Inc. DLoader Class ActiveX
-CVE-2008-6441 (Format string vulnerability in the Epic Games Unreal engine client, as ...)
+CVE-2008-6441
 	NOT-FOR-US: Epic Games Unreal engine client
-CVE-2008-6440 (Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to ...)
+CVE-2008-6440
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2008-6439 (Cross-site scripting (XSS) vulnerability in search_results.php in ...)
+CVE-2008-6439
 	NOT-FOR-US: ABK-Soft AbleDating
-CVE-2008-6438 (SQL injection vulnerability in macgurublog_menu/macgurublog.php in the ...)
+CVE-2008-6438
 	NOT-FOR-US: MacGuru BLOG Engine
-CVE-2008-6437 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum ...)
+CVE-2008-6437
 	NOT-FOR-US: PHPFreeForum
-CVE-2008-6436 (Cross-site scripting (XSS) vulnerability in the Web Server in Xerox ...)
+CVE-2008-6436
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2008-6435 (Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 ...)
+CVE-2008-6435
 	NOT-FOR-US: phpSQLiteCMS
-CVE-2008-6434 (SQL injection vulnerability in index.cfm in Blue River Interactive ...)
+CVE-2008-6434
 	NOT-FOR-US: Blue River Interactive Group Sava CMS
-CVE-2008-6433 (Cross-site scripting (XSS) vulnerability in index.cfm in Blue River ...)
+CVE-2008-6433
 	NOT-FOR-US: Blue River Interactive Group Sava CMS
-CVE-2008-6431 (Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 ...)
+CVE-2008-6431
 	NOT-FOR-US: BMForum
-CVE-2008-6430 (SQL injection vulnerability in the MyContent (com_mycontent) component ...)
+CVE-2008-6430
 	NOT-FOR-US: Joomla!
-CVE-2008-6429 (SQL injection vulnerability in the PrayerCenter (com_prayercenter) ...)
+CVE-2008-6429
 	NOT-FOR-US: Joomla!
-CVE-2008-6428 (The CGI framework in Kaya 0.4.0 allows remote attackers to inject ...)
+CVE-2008-6428
 	- kaya 0.4.2-1 (low)
 	[etch] - kaya <no-dsa> (Minor issue)
 	NOTE: the fix checks with a regex for malicious characters in the HTTP header, see CGI.k changes
-CVE-2008-6427 (SQL injection vulnerability in index.php in Hivemaker Professional ...)
+CVE-2008-6427
 	NOT-FOR-US: Hivemaker Professional
-CVE-2008-6425 (SQL injection vulnerability in news.php in ComicShout 2.8 allows ...)
+CVE-2008-6425
 	NOT-FOR-US: ComicShout
-CVE-2008-6424 (Directory traversal vulnerability in FFFTP 1.96b allows remote FTP ...)
+CVE-2008-6424
 	NOT-FOR-US: FFFTP
-CVE-2008-6423 (Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 ...)
+CVE-2008-6423
 	NOT-FOR-US: PassWiki
-CVE-2008-6422 (Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and ...)
+CVE-2008-6422
 	NOT-FOR-US: PsychoStats
-CVE-2008-6421 (PHP remote file inclusion vulnerability in social_game_play.php in ...)
+CVE-2008-6421
 	NOT-FOR-US: Social Site Generator
-CVE-2008-6420 (Social Site Generator (SSG) 2.0 allows remote attackers to read ...)
+CVE-2008-6420
 	NOT-FOR-US: Social Site Generator
-CVE-2008-6419 (Multiple SQL injection vulnerabilities in Social Site Generator (SSG) ...)
+CVE-2008-6419
 	NOT-FOR-US: Social Site Generator
-CVE-2008-6418 (SQL injection vulnerability in scrape.php in TorrentTrader before ...)
+CVE-2008-6418
 	NOT-FOR-US: TorrentTrader
-CVE-2008-6417 (Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows ...)
+CVE-2008-6417
 	NOT-FOR-US: GreenSQL-Console
-CVE-2008-6416 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-6416
 	NOT-FOR-US: GreenSQL-Console
-CVE-2008-6415 (Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers ...)
+CVE-2008-6415
 	NOT-FOR-US: CCProxy
-CVE-2008-6414 (SQL injection vulnerability in detail.php in AJ Auction Pro Platinum ...)
+CVE-2008-6414
 	NOT-FOR-US: AJ Auction Pro Platinum
-CVE-2008-6413 (Cross-site scripting (XSS) vulnerability in the Answers module ...)
+CVE-2008-6413
 	NOT-FOR-US: Answers module for Drupal
-CVE-2008-6412 (Unspecified vulnerability in Vignette Content Management 7.3.0.5, ...)
+CVE-2008-6412
 	NOT-FOR-US: Vignette Content Management
-CVE-2008-6411 (Explay CMS 2.1 and earlier allows remote attackers to bypass ...)
+CVE-2008-6411
 	NOT-FOR-US: Explay CMS
-CVE-2008-6410 (Directory traversal vulnerability in show.php in ol'bookmarks manager ...)
+CVE-2008-6410
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6409 (SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 ...)
+CVE-2008-6409
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6408 (PHP remote file inclusion vulnerability in frame.php in ol'bookmarks ...)
+CVE-2008-6408
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6407 (Directory traversal vulnerability in frame.php in ol'bookmarks manager ...)
+CVE-2008-6407
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6406 (Cross-site scripting (XSS) vulnerability in admin.php in DataLife ...)
+CVE-2008-6406
 	NOT-FOR-US: DataLife Engine
-CVE-2008-6405 (SQL injection vulnerability in showcategory.php in Hotscripts Clone ...)
+CVE-2008-6405
 	NOT-FOR-US: Hotscripts Clone
-CVE-2008-6404 (Cross-site scripting (XSS) vulnerability in add_calendars.php in ...)
+CVE-2008-6404
 	NOT-FOR-US: eXtrovert Software Thyme
-CVE-2008-6403 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6403
 	NOT-FOR-US: OpenRat
-CVE-2008-6402 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6402
 	NOT-FOR-US: Sofi WebGui
-CVE-2008-6401 (SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote ...)
+CVE-2008-6401
 	NOT-FOR-US: JETIK-WEB
-CVE-2008-6400 (Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 ...)
+CVE-2008-6400
 	NOT-FOR-US: refbase
-CVE-2008-6399 (Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows ...)
+CVE-2008-6399
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6398 (sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary ...)
+CVE-2008-6398
 	- sng 1.0.2-6 (bug #496407; unimportant)
-CVE-2008-6397 (rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite ...)
+CVE-2008-6397
 	- sgml2x 1.0.0-11.2 (bug #496368; low)
 	[etch] - sgml2x <no-dsa> (Minor issue)
-CVE-2008-6396 (Cross-site scripting (XSS) vulnerability in account.php in Celerondude ...)
+CVE-2008-6396
 	NOT-FOR-US: Celerondude Uploader
-CVE-2008-6395 (The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g ...)
+CVE-2008-6395
 	NOT-FOR-US: web management interface in 3Com Wireless
-CVE-2008-6394 (SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and ...)
+CVE-2008-6394
 	NOT-FOR-US: CS-Cart
-CVE-2008-6393 (PSI Jabber client before 0.12.1 allows remote attackers to cause a ...)
+CVE-2008-6393
 	{DSA-1741-1}
 	- psi 0.12.1-1 (low; bug #518468)
 	[etch] - psi <not-affected> (Vulnerable code not present)
-CVE-2008-6392 (SQL injection vulnerability in showads.php in Z1Exchange allows remote ...)
+CVE-2008-6392
 	NOT-FOR-US: Z1Exchange
-CVE-2008-6391 (SQL injection vulnerability in main.asp in Jbook allows remote ...)
+CVE-2008-6391
 	NOT-FOR-US: Jbook
-CVE-2008-6390 (SQL injection vulnerability in login.asp in Ocean12 Membership Manager ...)
+CVE-2008-6390
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2008-6389 (SQL injection vulnerability in asadmin/default.asp in Rae Media ...)
+CVE-2008-6389
 	NOT-FOR-US: Rae Media Contact Management Software
-CVE-2008-6388 (Rapid Classified 3.1 and 3.15 stores sensitive information under the ...)
+CVE-2008-6388
 	NOT-FOR-US: Rapid Classified
-CVE-2008-6387 (Quick Tree View .NET 3.1 stores sensitive information under the web ...)
+CVE-2008-6387
 	NOT-FOR-US: Quick Tree View .NET
-CVE-2008-6386 (Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange ...)
+CVE-2008-6386
 	NOT-FOR-US: Z1Exchange
-CVE-2008-6385 (Cross-site scripting (XSS) vulnerability in index.php in W3matter ...)
+CVE-2008-6385
 	NOT-FOR-US: W3matter RevSense
-CVE-2008-6384 (Multiple cross-site request forgery (CSRF) vulnerabilities in Comment ...)
+CVE-2008-6384
 	NOT-FOR-US: Comment Mail
-CVE-2008-6383 (SQL injection vulnerability in SpeedTech Organization and Resource ...)
+CVE-2008-6383
 	NOT-FOR-US: SpeedTech Organization and Resource Manager
-CVE-2008-6382 (ASP Portal 3.2.5 stores sensitive information under the web root with ...)
+CVE-2008-6382
 	NOT-FOR-US: ASP Portal
-CVE-2008-6381 (SQL injection vulnerability in modules/adresses/viewcat.php in bcoos ...)
+CVE-2008-6381
 	NOT-FOR-US: bcoos
-CVE-2008-6380 (SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 ...)
+CVE-2008-6380
 	NOT-FOR-US: Active Web Helpdesk
-CVE-2008-6379 (SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows ...)
+CVE-2008-6379
 	NOT-FOR-US: Gallery MX
-CVE-2008-6378 (SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx ...)
+CVE-2008-6378
 	NOT-FOR-US: Calendar Mx Professional
-CVE-2008-6377 (PHP remote file inclusion vulnerability in include/global.php in Multi ...)
+CVE-2008-6377
 	NOT-FOR-US: Multi SEO phpBB
-CVE-2008-6376 (SQL injection vulnerability in main.asp in Jbook allows remote ...)
+CVE-2008-6376
 	NOT-FOR-US: Jbook
-CVE-2008-6375 (JBook stores sensitive information under the web root with ...)
+CVE-2008-6375
 	NOT-FOR-US: JBook
-CVE-2008-6374 (CodefixerSoftware MailingListPro Free Edition stores sensitive ...)
+CVE-2008-6374
 	NOT-FOR-US: MailingListPro Free Edition
-CVE-2008-6373 (Unspecified vulnerability in Nagios before 3.0.6 has unspecified ...)
+CVE-2008-6373
 	- nagios3 3.0.6-3
 	[etch] - nagios2 <no-dsa> (Related to CVE-2008-5028, which has minimal attack vector)
-CVE-2008-6372 (SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro ...)
+CVE-2008-6372
 	NOT-FOR-US: Ocean12 FAQ Manager Pro
-CVE-2008-6371 (SQL injection vulnerability in login.asp in Ocean12 Membership Manager ...)
+CVE-2008-6371
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2008-6370 (Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 ...)
+CVE-2008-6370
 	NOT-FOR-US: Ocean12 Contact Manager Pro
-CVE-2008-6369 (SQL injection vulnerability in default.asp in Ocean12 Contact Manager ...)
+CVE-2008-6369
 	NOT-FOR-US: Ocean12 Contact Manager Pro
-CVE-2008-6368 (SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m ...)
+CVE-2008-6368
 	NOT-FOR-US: Chipmunk Guestbook
-CVE-2008-6367 (Unrestricted file upload vulnerability in Photos/create_album.php in ...)
+CVE-2008-6367
 	NOT-FOR-US: Social Groupie
-CVE-2008-6366 (SQL injection vulnerability in logon.jsp in Ad Server Solutions ...)
+CVE-2008-6366
 	NOT-FOR-US: Ad Server Solutions Affiliate Software Java
-CVE-2008-6365 (SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad ...)
+CVE-2008-6365
 	NOT-FOR-US: Ad Server Solutions Ad Management Software Java
-CVE-2008-6364 (SQL injection vulnerability in logon_process.jsp in Ad Server ...)
+CVE-2008-6364
 	NOT-FOR-US: Ad Server Solutions Banner Exchange Solution Java
-CVE-2008-6363 (Stack-based buffer overflow in DesignWorks Professional 4.3.1 and ...)
+CVE-2008-6363
 	NOT-FOR-US: DesignWorks Professional
-CVE-2008-6362 (SQL injection vulnerability in sitepage.php in Multiple Membership ...)
+CVE-2008-6362
 	NOT-FOR-US: Multiple Membership Script
-CVE-2008-6361 (Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 ...)
+CVE-2008-6361
 	NOT-FOR-US: InSun Feed CMS
-CVE-2008-6360 (Cross-site scripting (XSS) vulnerability in the userranks feature in ...)
+CVE-2008-6360
 	NOT-FOR-US: ImpressCMS
-CVE-2008-6359 (Cross-site scripting (XSS) vulnerability in index.php in Max's ...)
+CVE-2008-6359
 	NOT-FOR-US: Max's Guestbook
-CVE-2008-6358 (SQL injection vulnerability in group_index.php in Social Groupie ...)
+CVE-2008-6358
 	NOT-FOR-US: Social Groupie
-CVE-2008-6357 (MyCal Personal Events Calendar stores sensitive information under the ...)
+CVE-2008-6357
 	NOT-FOR-US: MyCal Personal Events Calendar
-CVE-2008-6356 (evCal Events Calendar stores sensitive information under the web root ...)
+CVE-2008-6356
 	NOT-FOR-US: evCal Events Calendar
-CVE-2008-6355 (The Net Guys ASPired2Protect stores sensitive information under the ...)
+CVE-2008-6355
 	NOT-FOR-US: ASPired2poll
-CVE-2008-6354 (The Net Guys ASPired2poll stores sensitive information under the web ...)
+CVE-2008-6354
 	NOT-FOR-US: ASPired2poll
-CVE-2008-6353 (SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote ...)
+CVE-2008-6353
 	NOT-FOR-US: ASP-CMS
-CVE-2008-6352 (SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows ...)
+CVE-2008-6352
 	NOT-FOR-US: Xpoze Pro
-CVE-2008-6351 (Cross-site scripting (XSS) vulnerability in listtest.php in ...)
+CVE-2008-6351
 	NOT-FOR-US: TurnkeyForms Local Classifieds
-CVE-2008-6350 (SQL injection vulnerability in listtest.php in TurnkeyForms Local ...)
+CVE-2008-6350
 	NOT-FOR-US: TurnkeyForms Local Classifieds
-CVE-2008-6349 (SQL injection vulnerability in survey_results_text.php in TurnkeyForms ...)
+CVE-2008-6349
 	NOT-FOR-US: TurnkeyForms Business Survey Pro
-CVE-2008-6348 (Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery ...)
+CVE-2008-6348
 	NOT-FOR-US: DevelopItEasy Photo Gallery
-CVE-2008-6347 (PHP remote file inclusion vulnerability in lib/onguma.class.php in the ...)
+CVE-2008-6347
 	NOT-FOR-US: Onguma Time Sheet component for Joomla!
-CVE-2008-6346 (Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) ...)
+CVE-2008-6346
 	NOT-FOR-US: DR Wiki extension for TYPO3
-CVE-2008-6345 (SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 ...)
+CVE-2008-6345
 	NOT-FOR-US: SolarCMS
-CVE-2008-6344 (SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) ...)
+CVE-2008-6344
 	NOT-FOR-US: TU-Clausthal Staff extension for TYPO3
-CVE-2008-6343 (Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN ...)
+CVE-2008-6343
 	NOT-FOR-US: TU-Clausthal ODIN extension for TYPO3
-CVE-2008-6342 (Unspecified vulnerability in the TYPO3 Simple File Browser ...)
+CVE-2008-6342
 	NOT-FOR-US: Simple File Browser extension for TYPO3
-CVE-2008-6341 (Cross-site scripting (XSS) vulnerability in the SB Universal Plugin ...)
+CVE-2008-6341
 	NOT-FOR-US: SB Universal Plugin extension for TYPO3
-CVE-2008-6340 (Cross-site scripting (XSS) vulnerability in the Vox populi ...)
+CVE-2008-6340
 	NOT-FOR-US: Vox populi extension for TYPO3
-CVE-2008-6338 (SQL injection vulnerability in the WEBERkommunal Facilities ...)
+CVE-2008-6338
 	NOT-FOR-US: WEBERkommunal Facilities extension for TYPO3
-CVE-2008-6337 (SQL injection vulnerability in the Volunteer Management System ...)
+CVE-2008-6337
 	NOT-FOR-US: Volunteer Management System module for Joomla!
-CVE-2008-6336 (Directory traversal vulnerability in download.php in Text Lines ...)
+CVE-2008-6336
 	NOT-FOR-US: Text Lines Rearrange Script
-CVE-2008-6335 (Directory traversal vulnerability in download.php in eMetrix Online ...)
+CVE-2008-6335
 	NOT-FOR-US: eMetrix Online Keyword Research Tool
-CVE-2008-6334 (Directory traversal vulnerability in download.php in eMetrix Extract ...)
+CVE-2008-6334
 	NOT-FOR-US: eMetrix Extract Website
-CVE-2008-6333 (SQL injection vulnerability in news.php in RSS Simple News (RSSSN), ...)
+CVE-2008-6333
 	NOT-FOR-US: RSS Simple News
-CVE-2008-6332 (SQL injection vulnerability in login.php in Simple Customer 1.2 allows ...)
+CVE-2008-6332
 	NOT-FOR-US: Simple Customer
-CVE-2008-6331 (Multiple cross-site request forgery (CSRF) vulnerabilities in Streber ...)
+CVE-2008-6331
 	NOT-FOR-US: Streber
-CVE-2008-6330 (SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier ...)
+CVE-2008-6330
 	NOT-FOR-US: MyTopix
-CVE-2008-6329 (SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board ...)
+CVE-2008-6329
 	NOT-FOR-US: Pre ASP Job Board
-CVE-2008-6328 (SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 ...)
+CVE-2008-6328
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-6327 (SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote ...)
+CVE-2008-6327
 	NOT-FOR-US: ProQuiz
-CVE-2008-6326 (SQL injection vulnerability in login.php in Simple Customer as ...)
+CVE-2008-6326
 	NOT-FOR-US: Simple Customer
-CVE-2008-6325 (Multiple cross-site scripting (XSS) vulnerabilities in Softbiz ...)
+CVE-2008-6325
 	NOT-FOR-US: Softbiz Classifieds Script
-CVE-2008-6324 (SQL injection vulnerability in forummessages.cfm in CF_Forum allows ...)
+CVE-2008-6324
 	NOT-FOR-US: CF_Forum
-CVE-2008-6323 (SQL injection vulnerability in forummessages.cfm in CFMSource ...)
+CVE-2008-6323
 	NOT-FOR-US: CFMSource CF_Auction
-CVE-2008-6322 (SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows ...)
+CVE-2008-6322
 	NOT-FOR-US: CFMSource CFMBlog
-CVE-2008-6321 (CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with ...)
+CVE-2008-6321
 	NOT-FOR-US: CF Shopkart
-CVE-2008-6320 (SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows ...)
+CVE-2008-6320
 	NOT-FOR-US: CF Shopkart
-CVE-2008-6319 (SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows ...)
+CVE-2008-6319
 	NOT-FOR-US: CF_Calendar
-CVE-2008-6318 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6318
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6317 (Directory traversal vulnerability in ...)
+CVE-2008-6317
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6316 (Directory traversal vulnerability in _conf/core/common-tpl-vars.php in ...)
+CVE-2008-6316
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6315 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6315
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6314 (SQL injection vulnerability in tag_board.php in the Tag Board module ...)
+CVE-2008-6314
 	NOT-FOR-US: Tag Board module
-CVE-2008-6313 (Directory traversal vulnerability in addedit-render.php in phpAddEdit ...)
+CVE-2008-6313
 	NOT-FOR-US: phpAddEdit
-CVE-2008-6312 (SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote ...)
+CVE-2008-6312
 	NOT-FOR-US: ProQuiz
-CVE-2008-6311 (SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 ...)
+CVE-2008-6311
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-6310 (SQL injection vulnerability in index.php in W3matter RevSense 1.0 ...)
+CVE-2008-6310
 	NOT-FOR-US: W3matter RevSense
-CVE-2008-6309 (SQL injection vulnerability in index.php in W3matter AskPert allows ...)
+CVE-2008-6309
 	NOT-FOR-US: W3matter AskPert
-CVE-2008-6308 (Multiple directory traversal vulnerabilities in Private Messaging ...)
+CVE-2008-6308
 	NOT-FOR-US: Private Messaging System
-CVE-2008-6307 (E-topbiz Link Back Checker 1 allows remote attackers to bypass ...)
+CVE-2008-6307
 	NOT-FOR-US: E-topbiz Link Back Checker
-CVE-2008-6306 (Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz ...)
+CVE-2008-6306
 	NOT-FOR-US: Softbiz Classifieds Script
-CVE-2008-6305 (PHP remote file inclusion vulnerability in init.php in Free Directory ...)
+CVE-2008-6305
 	NOT-FOR-US: Free Directory Script
-CVE-2008-6304 (SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when ...)
+CVE-2008-6304
 	NOT-FOR-US: xt:Commerce
-CVE-2008-6303 (SQL injection vulnerability in tourview.php in ToursManager allows ...)
+CVE-2008-6303
 	NOT-FOR-US: ToursManager
-CVE-2008-6302 (TurnkeyForms Local Classifieds allows remote attackers to bypass ...)
+CVE-2008-6302
 	NOT-FOR-US: TurnkeyForms Local Classifieds
-CVE-2008-6301 (SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox ...)
+CVE-2008-6301
 	NOT-FOR-US: Small ShoutBox module
-CVE-2008-6300 (Galatolo WebManager 1.3a allows remote attackers to bypass ...)
+CVE-2008-6300
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6299 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 ...)
+CVE-2008-6299
 	NOT-FOR-US: Joomla!
-CVE-2008-6298 (Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows ...)
+CVE-2008-6298
 	NOT-FOR-US: sISAPILocation
-CVE-2008-6297 (Cross-site scripting (XSS) vulnerability in order.php in DHCart allows ...)
+CVE-2008-6297
 	NOT-FOR-US: DHCart
-CVE-2008-6296 (admin.php in Maran PHP Shop allows remote attackers to bypass ...)
+CVE-2008-6296
 	NOT-FOR-US: Maran PHP Shop
-CVE-2008-6295 (Multiple cross-site scripting (XSS) vulnerabilities in Camera Life ...)
+CVE-2008-6295
 	NOT-FOR-US: Camera Life
-CVE-2008-6294 (admin/Index.php in Acc Statistics 1.1 allows remote attackers to ...)
+CVE-2008-6294
 	NOT-FOR-US: Acc Statistics
-CVE-2008-6293 (admin/Index.php in Acc Real Estate 4.0 allows remote attackers to ...)
+CVE-2008-6293
 	NOT-FOR-US: Acc Real Estate
-CVE-2008-6292 (Acc Autos 4.0 allows remote attackers to bypass authentication and ...)
+CVE-2008-6292
 	NOT-FOR-US: Acc Autos
-CVE-2008-6291 (Acc PHP eMail 1.1 allows remote attackers to bypass authentication and ...)
+CVE-2008-6291
 	NOT-FOR-US: Acc PHP eMail
-CVE-2008-6290 (Directory traversal vulnerability in includefile.php in nicLOR Sito, ...)
+CVE-2008-6290
 	NOT-FOR-US: nicLOR Sito
-CVE-2008-6289 (SQL injection vulnerability in cityview.php in Tours Manager 1.0 ...)
+CVE-2008-6289
 	NOT-FOR-US: Tours Manager
-CVE-2008-6288 (Directory traversal vulnerability in download.php in Interface Medien ...)
+CVE-2008-6288
 	NOT-FOR-US: Interface Medien ibase
-CVE-2008-6287 (Multiple PHP remote file inclusion vulnerabilities in Broadcast ...)
+CVE-2008-6287
 	NOT-FOR-US: Broadcast Machine
-CVE-2008-6286 (Multiple SQL injection vulnerabilities in SubscriberStart.asp in ...)
+CVE-2008-6286
 	NOT-FOR-US: Active Newsletter
-CVE-2008-6285 (SQL injection vulnerability in index.php in PHP TV Portal 2.0 and ...)
+CVE-2008-6285
 	NOT-FOR-US: PHP TV Portal
-CVE-2008-6284 (SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows ...)
+CVE-2008-6284
 	NOT-FOR-US: Z1Exchange
-CVE-2008-6283 (Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote ...)
+CVE-2008-6283
 	NOT-FOR-US: Subtext
-CVE-2008-6282 (SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS ...)
+CVE-2008-6282
 	NOT-FOR-US: CMS Ortus
-CVE-2008-6281 (SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote ...)
+CVE-2008-6281
 	NOT-FOR-US: Bluo CMS
-CVE-2008-6280 (Cross-site scripting (XSS) vulnerability in apply.cgi on the Linksys ...)
+CVE-2008-6280
 	NOT-FOR-US: Linksys WRT160N
-CVE-2008-6279 (RakhiSoftware Price Comparison Script (aka Shopping Cart) allows ...)
+CVE-2008-6279
 	NOT-FOR-US: RakhiSoftware Price Comparison Script
-CVE-2008-6278 (Multiple cross-site scripting (XSS) vulnerabilities in product.php in ...)
+CVE-2008-6278
 	NOT-FOR-US: RakhiSoftware Price Comparison Script
-CVE-2008-6277 (SQL injection vulnerability in product.php in RakhiSoftware Price ...)
+CVE-2008-6277
 	NOT-FOR-US: RakhiSoftware Price Comparison Script
-CVE-2008-6276 (Multiple SQL injection vulnerabilities in the User Karma module 5.x ...)
+CVE-2008-6276
 	NOT-FOR-US: User Karma module for Drupal
-CVE-2008-6275 (Cross-site scripting (XSS) vulnerability in the User Karma module 5.x ...)
+CVE-2008-6275
 	NOT-FOR-US: User Karma module for Drupal
-CVE-2008-6274 (Multiple SQL injection vulnerabilities in index.php in FamilyProject ...)
+CVE-2008-6274
 	NOT-FOR-US: FamilyProject
-CVE-2008-6273 (Directory traversal vulnerability in configuration_script.php in ...)
+CVE-2008-6273
 	NOT-FOR-US: MyKtools
-CVE-2008-6272 (SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll ...)
+CVE-2008-6272
 	NOT-FOR-US: Dragan Mitic Apoll
-CVE-2008-6271 (Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when ...)
+CVE-2008-6271
 	NOT-FOR-US: TBmnetCMS
-CVE-2008-6270 (SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll ...)
+CVE-2008-6270
 	NOT-FOR-US: Dragan Mitic Apoll
-CVE-2008-6269 (Joovili 3.1.4 allows remote attackers to bypass authentication and ...)
+CVE-2008-6269
 	NOT-FOR-US: Joovili
-CVE-2008-6268 (SQL injection vulnerability in detail.php in WEBBDOMAIN Multi ...)
+CVE-2008-6268
 	NOT-FOR-US: Multi Languages WebShop Online
-CVE-2008-6267 (Cross-site scripting (XSS) vulnerability in detail.php in Multi ...)
+CVE-2008-6267
 	NOT-FOR-US: Multi Languages WebShop Online
-CVE-2008-6266 (SQL injection vulnerability in links.php in Appalachian State ...)
+CVE-2008-6266
 	NOT-FOR-US: phpWebSite
-CVE-2008-6265 (Directory traversal vulnerability in portfolio/css.php in Cyberfolio ...)
+CVE-2008-6265
 	NOT-FOR-US: Cyberfolio
-CVE-2008-6264 (SQL injection vulnerability in admin/admin.php in E-topbiz Slide ...)
+CVE-2008-6264
 	NOT-FOR-US: E-topbiz Slide Popups
-CVE-2008-6263 (SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows ...)
+CVE-2008-6263
 	NOT-FOR-US: SaturnCMS
-CVE-2008-6262 (SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS ...)
+CVE-2008-6262
 	NOT-FOR-US: SaturnCMS
-CVE-2008-6261 (SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows ...)
+CVE-2008-6261
 	NOT-FOR-US: E-topbiz AdManager
-CVE-2008-6260 (SQL injection vulnerability in index.php in Ultrastats 0.2.144 and ...)
+CVE-2008-6260
 	NOT-FOR-US: Ultrastats
-CVE-2008-6259 (Cross-site scripting (XSS) vulnerability in search.asp in QuadComm ...)
+CVE-2008-6259
 	NOT-FOR-US: QuadComm Q-Shop
-CVE-2008-6258 (SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and ...)
+CVE-2008-6258
 	NOT-FOR-US: QuadComm Q-Shop
-CVE-2008-6257 (SQL injection vulnerability in default.asp in Openasp 3.0 and earlier ...)
+CVE-2008-6257
 	NOT-FOR-US: Openasp
-CVE-2008-6256 (SQL injection vulnerability in admincp/admincalendar.php in vBulletin ...)
+CVE-2008-6256
 	NOT-FOR-US: vBulletin
-CVE-2008-6255 (Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote ...)
+CVE-2008-6255
 	NOT-FOR-US: vBulletin
-CVE-2008-6254 (SQL injection vulnerability in scripts/documents.php in Jadu Galaxies ...)
+CVE-2008-6254
 	NOT-FOR-US: Jadu Galaxies
-CVE-2008-6253 (Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in ...)
+CVE-2008-6253
 	NOT-FOR-US: Pluck CMS
-CVE-2008-6252 (Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 ...)
+CVE-2008-6252
 	NOT-FOR-US: smcFanControl
-CVE-2008-6251 (PHP remote file inclusion vulnerability in includes/init.php in phpFan ...)
+CVE-2008-6251
 	NOT-FOR-US: phpFan
-CVE-2008-6250 (SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier ...)
+CVE-2008-6250
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2008-6249 (SQL injection vulnerability in plugins/users/index.php in Galatolo ...)
+CVE-2008-6249
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6248 (Cross-site scripting (XSS) vulnerability in all.php in Galatolo ...)
+CVE-2008-6248
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6247 (SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) ...)
+CVE-2008-6247
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6246 (SQL injection vulnerability in category.php in Scripts For Sites (SFS) ...)
+CVE-2008-6246
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6245 (SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ ...)
+CVE-2008-6245
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6244 (SQL injection vulnerability in view_reviews.php in Scripts for Sites ...)
+CVE-2008-6244
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6243 (SQL injection vulnerability in showcategory.php in Scripts For Sites ...)
+CVE-2008-6243
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6242 (SQL injection vulnerability in SearchResults.php in Scripts For Sites ...)
+CVE-2008-6242
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6241 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...)
+CVE-2008-6241
 	NOT-FOR-US: FlexPHPSite
-CVE-2008-6240 (Cross-site scripting (XSS) vulnerability in data/views/index.html in ...)
+CVE-2008-6240
 	NOT-FOR-US: OpenEdit Digital Asset Management
-CVE-2008-6239 (Cross-site request forgery (CSRF) vulnerability in OpenEdit Digital ...)
+CVE-2008-6239
 	NOT-FOR-US: OpenEdit Digital Asset Management
-CVE-2008-6238 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-6238
 	NOT-FOR-US: OpenEdit Digital Asset Management
-CVE-2008-6237 (SQL injection vulnerability in software-description.php in Scripts For ...)
+CVE-2008-6237
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6236 (SQL injection vulnerability in login.php in Simple Document Management ...)
+CVE-2008-6236
 	NOT-FOR-US: Simple Document Management System
-CVE-2008-6235 (The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted ...)
+CVE-2008-6235
 	- vim 2:7.2.148-1 (low)
 	[lenny] - vim <not-affected> (proof-of-concept does not work)
 	[etch] - vim <no-dsa> (Minor issue)
-CVE-2008-6234 (SQL injection vulnerability in the com_musica module in Joomla! and ...)
+CVE-2008-6234
 	NOT-FOR-US: Joomla!
-CVE-2008-6233 (SQL injection vulnerability in index.php in Five Dollar Scripts Drinks ...)
+CVE-2008-6233
 	NOT-FOR-US: Five Dollar Scripts Drinks script
-CVE-2008-6232 (Pre Shopping Mall allows remote attackers to bypass authentication and ...)
+CVE-2008-6232
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2008-6231 (Pre Classified Listing PHP allows remote attackers to bypass ...)
+CVE-2008-6231
 	NOT-FOR-US: Pre Classified Listing PHP
-CVE-2008-6230 (SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast ...)
+CVE-2008-6230
 	NOT-FOR-US: Pre Projects Pre Podcast Portal
-CVE-2008-6229 (Cross-site scripting (XSS) vulnerability in the administrative ...)
+CVE-2008-6229
 	NOT-FOR-US: CCK module for Drupal
-CVE-2008-6228 (Pre Multi-Vendor Shopping Malls allows remote attackers to bypass ...)
+CVE-2008-6228
 	NOT-FOR-US: Pre Multi-Vendor Shopping Malls
-CVE-2008-6227 (SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor ...)
+CVE-2008-6227
 	NOT-FOR-US: Pre Multi-Vendor Shopping Malls
-CVE-2008-6226 (SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto ...)
+CVE-2008-6226
 	NOT-FOR-US: Pre Projects PHP Auto Listings Script
-CVE-2008-6225 (** DISPUTED ** ...)
+CVE-2008-6225
 	NOT-FOR-US: Mole Group Airline Ticket Sale Script
-CVE-2008-6224 (Directory traversal vulnerability in visualizza.php in Way Of The ...)
+CVE-2008-6224
 	NOT-FOR-US: Way Of The Warrior
-CVE-2008-6223 (PHP remote file inclusion vulnerability in visualizza.php in Way Of ...)
+CVE-2008-6223
 	NOT-FOR-US: Way Of The Warrior
-CVE-2008-6222 (Directory traversal vulnerability in the Pro Desk Support Center ...)
+CVE-2008-6222
 	NOT-FOR-US: Joomla!
-CVE-2008-6221 (PHP remote file inclusion vulnerability in config.dadamail.php in the ...)
+CVE-2008-6221
 	NOT-FOR-US: Joomla!
-CVE-2008-6220 (SQL injection vulnerability in login.php in Simple Document Management ...)
+CVE-2008-6220
 	NOT-FOR-US: Simple Document Management System
-CVE-2008-6219 (nsrexecd.exe in multiple EMC Networker products including EMC ...)
+CVE-2008-6219
 	NOT-FOR-US: EMC Networker products
-CVE-2008-6218 (Memory leak in the png_handle_tEXt function in pngrutil.c in libpng ...)
+CVE-2008-6218
 	{DSA-1750-1}
 	- libpng 1.2.33-1
-CVE-2008-6217 (Cross-site scripting (XSS) vulnerability in index.php in Extrakt ...)
+CVE-2008-6217
 	NOT-FOR-US: Extrakt Framework
-CVE-2008-6216 (SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur ...)
+CVE-2008-6216
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6215 (Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in ...)
+CVE-2008-6215
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6214 (SQL injection vulnerability in poll_results.php in Harlandscripts Pro ...)
+CVE-2008-6214
 	NOT-FOR-US: Harlandscripts Pro Traffic One
-CVE-2008-6213 (SQL injection vulnerability in mypage.php in Harlandscripts Pro ...)
+CVE-2008-6213
 	NOT-FOR-US: Harlandscripts Pro Traffic One
-CVE-2008-6212 (Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats ...)
+CVE-2008-6212
 	NOT-FOR-US: Php-Stats
-CVE-2008-6211 (Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net ...)
+CVE-2008-6211
 	NOT-FOR-US: PhpForums.net mcGallery
-CVE-2008-6210 (SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 ...)
+CVE-2008-6210
 	NOT-FOR-US: dream4 Koobi
-CVE-2008-6209 (SQL injection vulnerability in view_product.php in Vastal I-Tech ...)
+CVE-2008-6209
 	NOT-FOR-US: Vastal I-Tech Software Zone
-CVE-2008-6208 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS ...)
+CVE-2008-6208
 	NOT-FOR-US: e107 CMS
-CVE-2008-6207 (Unrestricted file upload vulnerability in form_upload.php in PHPG ...)
+CVE-2008-6207
 	NOT-FOR-US: PHPG Upload
-CVE-2008-6206 (Multiple PHP remote file inclusion vulnerabilities in RobotStats 0.1 ...)
+CVE-2008-6206
 	NOT-FOR-US: RobotStats
-CVE-2008-6205 (Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier ...)
+CVE-2008-6205
 	NOT-FOR-US: Xavier Flahaut URLStreet
-CVE-2008-6204 (Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and ...)
+CVE-2008-6204
 	NOT-FOR-US: SuperNET Shop
-CVE-2008-6203 (SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows ...)
+CVE-2008-6203
 	NOT-FOR-US: CoBaLT
-CVE-2008-6202 (SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to ...)
+CVE-2008-6202
 	NOT-FOR-US: CoBaLT
-CVE-2008-6201 (Directory traversal vulnerability in help.php in the eskuel module in ...)
+CVE-2008-6201
 	NOT-FOR-US: KwsPHP
-CVE-2008-6200 (Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow ...)
+CVE-2008-6200
 	NOT-FOR-US: Swiki
-CVE-2008-6199 (2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to ...)
+CVE-2008-6199
 	NOT-FOR-US: 2532designs 2532|Gigs
-CVE-2008-6198 (SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin ...)
+CVE-2008-6198
 	NOT-FOR-US: Custom Pages 1.0 plugin for MyBulletinBoard
-CVE-2008-6197 (SQL injection vulnerability in index.php in the galerie module for ...)
+CVE-2008-6197
 	NOT-FOR-US: KwsPHP
-CVE-2008-6196 (Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT ...)
+CVE-2008-6196
 	NOT-FOR-US: Philippe CROCHAT EasySite
-CVE-2008-6195 (Directory traversal vulnerability in the PXE TFTP Service ...)
+CVE-2008-6195
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2008-6194 (Memory leak in the DNS server in Microsoft Windows allows remote ...)
+CVE-2008-6194
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-6193 (Sam Crew MyBlog stores passwords in cleartext in a MySQL database, ...)
+CVE-2008-6193
 	NOT-FOR-US: Sam Crew MyBlog
-CVE-2008-6192 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
+CVE-2008-6192
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2008-6191 (Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a ...)
+CVE-2008-6191
 	NOT-FOR-US: Intrinsic Swimage Encore
-CVE-2008-6190 (Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 ...)
+CVE-2008-6190
 	NOT-FOR-US: EEBCMS
-CVE-2008-6189 (SQL injection vulnerability in GForge 4.5.19 allows remote attackers ...)
+CVE-2008-6189
 	{DSA-1698-1}
 	- gforge 4.7~rc2-5
-CVE-2008-6188 (SQL injection vulnerability in people/editprofile.php in Gforge 4.6 ...)
+CVE-2008-6188
 	{DSA-1698-1}
 	- gforge 4.7~rc2-5
-CVE-2008-6187 (SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and ...)
+CVE-2008-6187
 	{DSA-1698-1}
 	- gforge 4.7~rc2-5
-CVE-2008-6186 (Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote ...)
+CVE-2008-6186
 	NOT-FOR-US: RaidenFTPD
-CVE-2008-6185 (NoticeWare Email Server NG 5.1.2.2 allows remote attackers to cause a ...)
+CVE-2008-6185
 	NOT-FOR-US: NoticeWare Email Server NG
-CVE-2008-6184 (SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component ...)
+CVE-2008-6184
 	NOT-FOR-US: Joomla!
-CVE-2008-6183 (Multiple directory traversal vulnerabilities in index.php in My PHP ...)
+CVE-2008-6183
 	NOT-FOR-US: My PHP Indexer
-CVE-2008-6182 (SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) ...)
+CVE-2008-6182
 	NOT-FOR-US: Joomla!
-CVE-2008-6181 (SQL injection vulnerability in the Mad4Joomla Mailforms ...)
+CVE-2008-6181
 	NOT-FOR-US: Joomla!
-CVE-2008-6180 (SQL injection vulnerability in system/nlb_user.class.php in NewLife ...)
+CVE-2008-6180
 	NOT-FOR-US: NewLife Blogger
-CVE-2008-6179 (SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows ...)
+CVE-2008-6179
 	NOT-FOR-US: IndexScript
-CVE-2008-6178 (Unrestricted file upload vulnerability in ...)
+CVE-2008-6178
 	NOTE: Alleged exploit does not work.
-CVE-2008-6177 (Multiple directory traversal vulnerabilities in LightBlog 9.8, when ...)
+CVE-2008-6177
 	NOT-FOR-US: LightBlog
 CVE-2008-6176
 	REJECTED
-CVE-2008-6175 (SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of ...)
+CVE-2008-6175
 	NOT-FOR-US: SilverSHielD
-CVE-2008-6174 (Cross-site scripting (XSS) vulnerability in admin/postlister/index.php ...)
+CVE-2008-6174
 	NOT-FOR-US: Jetbox CMS
-CVE-2008-6173 (Cross-site scripting (XSS) vulnerability in fullscreen.php in ...)
+CVE-2008-6173
 	NOT-FOR-US: ClipShare Pro
-CVE-2008-6172 (Directory traversal vulnerability in captcha/captcha_image.php in the ...)
+CVE-2008-6172
 	NOT-FOR-US: Joomla!
-CVE-2008-6171 (includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, ...)
+CVE-2008-6171
 	- drupal5 5.12-1 (low; bug #519114)
 	- drupal6 6.6-1 (low; bug #519115)
-CVE-2008-6170 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and ...)
+CVE-2008-6170
 	- drupal6 6.9-1 (low)
 	[lenny] - drupal6 6.6-1.1
-CVE-2008-6169 (Cross-site request forgery (CSRF) vulnerability in the Localization ...)
+CVE-2008-6169
 	NOT-FOR-US: Localization modules for Drupal
-CVE-2008-6168 (Cross-site scripting (XSS) vulnerability in search.php in miniPortail ...)
+CVE-2008-6168
 	NOT-FOR-US: miniPortail
-CVE-2008-6167 (Directory traversal vulnerability in search.php in miniPortail 2.2 and ...)
+CVE-2008-6167
 	NOT-FOR-US: miniPortail
-CVE-2008-6166 (SQL injection vulnerability in the KBase (com_kbase) 1.2 component for ...)
+CVE-2008-6166
 	NOT-FOR-US: Joomla!
-CVE-2008-6165 (SQL injection vulnerability in gestion.php in CSPartner 0.1, when ...)
+CVE-2008-6165
 	NOT-FOR-US: CSPartner
-CVE-2008-6164 (Cross-site scripting (XSS) vulnerability in index.php in DreamCost ...)
+CVE-2008-6164
 	NOT-FOR-US: DreamCost HostAdmin
-CVE-2008-6163 (SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 ...)
+CVE-2008-6163
 	- openx <itp> (bug #513771)
-CVE-2008-6162 (Bux.to Clone script allows remote attackers to bypass authentication ...)
+CVE-2008-6162
 	NOT-FOR-US: Bux.to Clone script
-CVE-2008-6161 (Cross-site scripting (XSS) vulnerability in WOW Raid Manager (WRM) ...)
+CVE-2008-6161
 	NOT-FOR-US: WOW Raid Manager
-CVE-2008-6160 (Semantically-Interconnected Online Communities (SIOC) 5.x before ...)
+CVE-2008-6160
 	NOT-FOR-US: Semantically-Interconnected Online Communities
-CVE-2008-6159 (Content Management Made Easy (CMME) 1.19 allows remote attackers to ...)
+CVE-2008-6159
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-6158 (Multiple unspecified vulnerabilities in the admin backend in w3b&gt;cms ...)
+CVE-2008-6158
 	NOT-FOR-US: w3blabor CMS
-CVE-2008-6157 (SepCity Classified Ads stores the admin password in cleartext in ...)
+CVE-2008-6157
 	NOT-FOR-US: SepCity Classified Ads
-CVE-2008-6156 (SQL injection vulnerability in editCampaign.php in AdMan 1.1.20070907 ...)
+CVE-2008-6156
 	NOT-FOR-US: AdMan
-CVE-2008-6155 (SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 ...)
+CVE-2008-6155
 	NOT-FOR-US: Hispah Text Links Ads
-CVE-2008-6154 (SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 ...)
+CVE-2008-6154
 	NOT-FOR-US: Hispah Text Links Ads
-CVE-2008-6153 (SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo ...)
+CVE-2008-6153
 	NOT-FOR-US: Jay Patel Pixel8 Web Photo
-CVE-2008-6152 (SQL injection vulnerability in deptdisplay.asp in SepCity Faculty ...)
+CVE-2008-6152
 	NOT-FOR-US: SepCity Faculty Portal
-CVE-2008-6151 (SQL injection vulnerability in shpdetails.asp in SepCity Shopping Mall ...)
+CVE-2008-6151
 	NOT-FOR-US: SepCity Faculty Portal
-CVE-2008-6150 (SQL injection vulnerability in classdis.asp in SepCity Classified Ads ...)
+CVE-2008-6150
 	NOT-FOR-US: SepCity Faculty Portal
-CVE-2008-6149 (SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 ...)
+CVE-2008-6149
 	NOT-FOR-US: Joomla!
-CVE-2008-6148 (SQL injection vulnerability in the Live Ticker (com_liveticker) module ...)
+CVE-2008-6148
 	NOT-FOR-US: Joomla!
-CVE-2008-6147 (ForumApp 3.3 stores sensitive information under the web root with ...)
+CVE-2008-6147
 	NOT-FOR-US: ForumApp
-CVE-2008-6146 (SQL injection vulnerability in pm.php in DeluxeBB 1.2 and earlier, ...)
+CVE-2008-6146
 	NOT-FOR-US: DeluxeBB
-CVE-2008-6145 (Multiple SQL injection vulnerabilities in the WEC Discussion Forum ...)
+CVE-2008-6145
 	NOT-FOR-US: WEC Discussion Forum (wec_discussion) extension TYPO3
-CVE-2008-6144 (Multiple cross-site scripting (XSS) vulnerabilities in the WEC ...)
+CVE-2008-6144
 	NOT-FOR-US: WEC Discussion Forum (wec_discussion) extension TYPO3
-CVE-2008-6143 (OwenPoll 1.0 allows remote attackers to bypass authentication and ...)
+CVE-2008-6143
 	NOT-FOR-US: OwenPoll
-CVE-2008-6142 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...)
+CVE-2008-6142
 	NOT-FOR-US: FlexPHPic
-CVE-2008-6141 (Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 ...)
+CVE-2008-6141
 	NOT-FOR-US: Avaya IP Softphone
-CVE-2008-6140 (Unspecified vulnerability in the Session Initiation Protocol (SIP) ...)
+CVE-2008-6140
 	NOT-FOR-US: Avaya one-X Desktop Edition
-CVE-2008-6139 (Directory traversal vulnerability in faqsupport/wce.download.php in ...)
+CVE-2008-6139
 	NOT-FOR-US: WebBiscuits Modules Controller
-CVE-2008-6138 (PHP remote file inclusion vulnerability in adminhead.php in ...)
+CVE-2008-6138
 	NOT-FOR-US: WebBiscuits Modules Controller
-CVE-2008-6137 (EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to ...)
+CVE-2008-6137
 	NOT-FOR-US: EveryBlog
-CVE-2008-6136 (Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for ...)
+CVE-2008-6136
 	NOT-FOR-US: EveryBlog
-CVE-2008-6135 (Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a ...)
+CVE-2008-6135
 	NOT-FOR-US: EveryBlog
-CVE-2008-6134 (SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for ...)
+CVE-2008-6134
 	NOT-FOR-US: EveryBlog
-CVE-2008-6133 (SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script ...)
+CVE-2008-6133
 	NOT-FOR-US: Full PHP Emlak Script
-CVE-2008-6132 (Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 ...)
+CVE-2008-6132
 	NOT-FOR-US: phpScheduleIt
-CVE-2008-6131 (Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows ...)
+CVE-2008-6131
 	NOT-FOR-US: moziloWiki
-CVE-2008-6130 (Cross-site scripting (XSS) vulnerability in index.php in moziloWiki ...)
+CVE-2008-6130
 	NOT-FOR-US: moziloWiki
-CVE-2008-6129 (Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and ...)
+CVE-2008-6129
 	NOT-FOR-US: moziloWiki
-CVE-2008-6128 (Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows ...)
+CVE-2008-6128
 	NOT-FOR-US: moziloCMS
-CVE-2008-6127 (Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS ...)
+CVE-2008-6127
 	NOT-FOR-US: moziloCMS
-CVE-2008-6126 (Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and ...)
+CVE-2008-6126
 	NOT-FOR-US: moziloCMS
-CVE-2008-6125 (Unspecified vulnerability in the user editing interface in Moodle ...)
+CVE-2008-6125
 	{DSA-1724-1}
 	- moodle 1.8.2.dfsg-2
-CVE-2008-6124 (SQL injection vulnerability in the hotpot_delete_selected_attempts ...)
+CVE-2008-6124
 	{DSA-1691-1}
 	- moodle 1.8.2.dfsg-2
-CVE-2008-6123 (The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp ...)
+CVE-2008-6123
 	- net-snmp 5.4.3~dfsg-1 (low; bug #516801)
 	[etch] - net-snmp <no-dsa> (Minor issue)
 	[lenny] - net-snmp <no-dsa> (Minor issue)
-CVE-2008-6122 (The web management interface in Netgear WGR614v9 allows remote ...)
+CVE-2008-6122
 	NOT-FOR-US: Netgear WGR614v9
-CVE-2008-6121 (CRLF injection vulnerability in SocialEngine (SE) 2.7 and earlier ...)
+CVE-2008-6121
 	NOT-FOR-US: SocialEngine
-CVE-2008-6120 (SQL injection vulnerability in profile_comments.php in SocialEngine ...)
+CVE-2008-6120
 	NOT-FOR-US: SocialEngine
-CVE-2008-6119 (Static code injection vulnerability in ...)
+CVE-2008-6119
 	NOT-FOR-US: Goople CMS
-CVE-2008-6118 (win/content/upload.php in Goople CMS 1.7 allows remote attackers to ...)
+CVE-2008-6118
 	NOT-FOR-US: Goople CMS
-CVE-2008-6117 (SQL injection vulnerability in homepage.php in PG Job Site Pro allows ...)
+CVE-2008-6117
 	NOT-FOR-US: PG Job Site Pro
-CVE-2008-6116 (SQL injection vulnerability in the EXtrovert Software Thyme ...)
+CVE-2008-6116
 	NOT-FOR-US: Joomla!
-CVE-2008-6115 (SQL injection vulnerability in directory.php in Prozilla Hosting Index ...)
+CVE-2008-6115
 	NOT-FOR-US: Prozilla Hosting Index
-CVE-2008-6114 (SQL injection vulnerability in product_details.php in the Mytipper ...)
+CVE-2008-6114
 	NOT-FOR-US: Mytipper Zogo-shop
-CVE-2008-6113 (Cross-site scripting (XSS) vulnerability in SemanticScuttle before ...)
+CVE-2008-6113
 	NOT-FOR-US: SemanticScuttle
-CVE-2008-6112 (Multiple directory traversal vulnerabilities in Ez Ringtone Manager ...)
+CVE-2008-6112
 	NOT-FOR-US: Ez Ringtone Manager
-CVE-2008-6111 (SQL injection vulnerability in blog.php in NetArt Media Vlog System ...)
+CVE-2008-6111
 	NOT-FOR-US: NetArt Media Vlog System
-CVE-2008-6110 (Unspecified vulnerability in SemanticScuttle before 0.90 has unknown ...)
+CVE-2008-6110
 	NOT-FOR-US: SemanticScuttle
-CVE-2008-6109 (Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not ...)
+CVE-2008-6109
 	NOT-FOR-US: Robin Rawson-Tetley Animal Shelter Manager
-CVE-2008-6108 (Cross-site scripting (XSS) vulnerability in result.php in Galatolo ...)
+CVE-2008-6108
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6107 (The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, ...)
+CVE-2008-6107
 	- linux-2.6 2.6.25-4 (low)
 	- linux-2.6.24 <removed>
-CVE-2008-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Workplace for ...)
+CVE-2008-6106
 	NOT-FOR-US: IBM Workplace for Business Controls
-CVE-2008-6105 (Cross-site scripting (XSS) vulnerability in IBM Workplace for Business ...)
+CVE-2008-6105
 	NOT-FOR-US: IBM Workplace for Business Controls
-CVE-2008-6104 (SQL injection vulnerability in A4Desk PHP Event Calendar allows remote ...)
+CVE-2008-6104
 	NOT-FOR-US: A4Desk PHP Event Calendar
-CVE-2008-6103 (PHP remote file inclusion vulnerability in index.php in A4Desk Event ...)
+CVE-2008-6103
 	NOT-FOR-US: A4Desk PHP Event Calendar
-CVE-2008-6102 (SQL injection vulnerability in ratelink.php in Link Trader Script ...)
+CVE-2008-6102
 	NOT-FOR-US: Link Trader Script
-CVE-2008-6101 (SQL injection vulnerability in click.php in Adult Banner Exchange ...)
+CVE-2008-6101
 	NOT-FOR-US: Adult Banner Exchange Website
-CVE-2008-6100 (Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, ...)
+CVE-2008-6100
 	NOT-FOR-US: Discussion Forums
-CVE-2008-6099 (PHP remote file inclusion vulnerability in index.php in RPortal 1.1 ...)
+CVE-2008-6099
 	NOT-FOR-US: RPortal
-CVE-2008-6098 (Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, ...)
+CVE-2008-6098
 	- bugzilla <unfixed> (unimportant)
-CVE-2008-6097 (Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before ...)
+CVE-2008-6097
 	NOT-FOR-US: WikyBlog
-CVE-2008-6096 (Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS ...)
+CVE-2008-6096
 	NOT-FOR-US: Juniper NetScreen ScreenOS
-CVE-2008-6095 (Cross-site scripting (XSS) vulnerability in surveillanceView.htm in ...)
+CVE-2008-6095
 	NOT-FOR-US: OpenNMS
-CVE-2008-6094 (Cross-site scripting (XSS) vulnerability in user.do in Celoxis ...)
+CVE-2008-6094
 	NOT-FOR-US: Celoxis Technologies Celoxis
-CVE-2008-6093 (SQL injection vulnerability in index.php in Noname CMS 1.0, when ...)
+CVE-2008-6093
 	NOT-FOR-US: Noname CMS
-CVE-2008-6092 (phpscripts Ranking Script allows remote attackers to bypass ...)
+CVE-2008-6092
 	NOT-FOR-US: phpscripts Ranking Script
-CVE-2008-6091 (SQL injection vulnerability in plugins.php in BMForum 5.6, when ...)
+CVE-2008-6091
 	NOT-FOR-US: BMForum
-CVE-2008-6090 (Directory traversal vulnerability in members.php in ScriptsEz Mini ...)
+CVE-2008-6090
 	NOT-FOR-US: ScriptsEz Mini Hosting Panel
-CVE-2008-6089 (Directory traversal vulnerability in main.php in ScriptsEz Easy Image ...)
+CVE-2008-6089
 	NOT-FOR-US: ScriptsEz
-CVE-2008-6088 (SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 ...)
+CVE-2008-6088
 	NOT-FOR-US: Joomla!
-CVE-2008-6087 (Cross-site scripting (XSS) vulnerability in topic.php in Camera Life ...)
+CVE-2008-6087
 	NOT-FOR-US: Camera Life
-CVE-2008-6086 (SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows ...)
+CVE-2008-6086
 	NOT-FOR-US: Camera Life
-CVE-2008-6085 (Integer overflow in multiple F-Secure anti-virus products, including ...)
+CVE-2008-6085
 	NOT-FOR-US: F-Secure
-CVE-2008-6084 (Unrestricted file upload vulnerability in pages/download.php in Iamma ...)
+CVE-2008-6084
 	NOT-FOR-US: Iamma Simple Gallery
-CVE-2008-6083 (Directory traversal vulnerability in header.php in TXTshop beta 1.0 ...)
+CVE-2008-6083
 	NOT-FOR-US: TXTshop
-CVE-2008-6082 (Titan FTP Server 6.26 build 630 allows remote attackers to cause a ...)
+CVE-2008-6082
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-6081 (SQL injection vulnerability in contact.php in Simple Customer 1.2 ...)
+CVE-2008-6081
 	NOT-FOR-US: Simple Customer
-CVE-2008-6080 (Directory traversal vulnerability in download.php in the ionFiles ...)
+CVE-2008-6080
 	NOT-FOR-US: Joomla!
-CVE-2008-6079 (imlib2 before 1.4.2 allows context-dependent attackers to have an ...)
+CVE-2008-6079
 	{DSA-2029-1}
 	- imlib2 1.4.2-1 (bug #576469)
 	NOTE: poked upstream for more details
-CVE-2008-6078 (SQL injection vulnerability in open.php in the Private Messaging ...)
+CVE-2008-6078
 	NOT-FOR-US: Limbo CMS
-CVE-2008-6077 (SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a ...)
+CVE-2008-6077
 	NOT-FOR-US: LoudBlog
-CVE-2008-6076 (SQL injection vulnerability in the Daily Message (com_dailymessage) ...)
+CVE-2008-6076
 	NOT-FOR-US: Joomla!
-CVE-2008-6075 (SQL injection vulnerability in aspkat.asp in Bahar Download Script 2.0 ...)
+CVE-2008-6075
 	NOT-FOR-US: Bahar Download Script
-CVE-2008-6074 (Directory traversal vulnerability in frame.php in phpcrs 2.06 and ...)
+CVE-2008-6074
 	NOT-FOR-US: phpcrs
-CVE-2008-6073 (StorageCrypt 2.0.1 does not properly encrypt disks, which allows local ...)
+CVE-2008-6073
 	NOT-FOR-US: StorageCrypt
-CVE-2008-6072 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, ...)
+CVE-2008-6072
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6071 (Heap-based buffer overflow in the DecodeImage function in ...)
+CVE-2008-6071
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6070 (Multiple heap-based buffer underflows in the ReadPALMImage function in ...)
+CVE-2008-6070
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6069 (SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 ...)
+CVE-2008-6069
 	NOT-FOR-US: eChat plugin
-CVE-2008-6068 (SQL injection vulnerability in the JoomlaDate (com_joomladate) ...)
+CVE-2008-6068
 	NOT-FOR-US: Joomla!
 CVE-2008-7272 [iceweasel-firegpg: Passphrase and Cleartext Recovery]
 	RESERVED
@@ -2697,180 +2697,180 @@ CVE-2008-7273 [iceweasel-firegpg: Passphrase and Cleartext Recovery]
 	- iceweasel-firegpg <removed> (bug #514386)
 CVE-2008-6067
 	REJECTED
-CVE-2008-6066 (Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 ...)
+CVE-2008-6066
 	NOT-FOR-US: Meet#Web
-CVE-2008-6065 (Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE ...)
+CVE-2008-6065
 	NOT-FOR-US: Oracle Database Server
-CVE-2008-6064 (Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote ...)
+CVE-2008-6064
 	NOT-FOR-US: DomPHP
-CVE-2008-6063 (Microsoft Word 2007, when the &quot;Save as PDF&quot; add-on is enabled, places ...)
+CVE-2008-6063
 	NOT-FOR-US: Microsoft
-CVE-2008-6062 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...)
+CVE-2008-6062
 	NOT-FOR-US: Adobe Dreamweaver
-CVE-2008-6061 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...)
+CVE-2008-6061
 	NOT-FOR-US: Techsmith Camtasia Studio
-CVE-2008-6060 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...)
+CVE-2008-6060
 	NOT-FOR-US: InfoSoft FusionCharts
-CVE-2008-6059 (xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not ...)
+CVE-2008-6059
 	- webkit <not-affected> (bug #516555; low)
 	NOTE: webkit in linux needs libsoup for cookie support
-CVE-2008-6058 (Syslserve 1.058 and earlier, and probably 1.059, allows remote ...)
+CVE-2008-6058
 	NOT-FOR-US: Syslserve
-CVE-2008-6057 (Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under ...)
+CVE-2008-6057
 	NOT-FOR-US: Doug Luxem Liberum Help Desk
-CVE-2008-6056 (Multiple cross-site scripting (XSS) vulnerabilities in World Recipe ...)
+CVE-2008-6056
 	NOT-FOR-US: World Recipe
-CVE-2008-6055 (PreProjects Pre Classified Listings stores pclasp.mdb under the web ...)
+CVE-2008-6055
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6054 (PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under ...)
+CVE-2008-6054
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6053 (PreProjects Pre Resume Submitter stores onlineresume.mdb under the web ...)
+CVE-2008-6053
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6052 (PreProjects Pre E-Learning Portal stores db_elearning.mdb under the ...)
+CVE-2008-6052
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6051 (MetaCart Free stores metacart.mdb under the web root with insufficient ...)
+CVE-2008-6051
 	NOT-FOR-US: MetaCart Free
-CVE-2008-6050 (SQL injection vulnerability in the Tech Articles (com_tech_article) ...)
+CVE-2008-6050
 	NOT-FOR-US: Tech Articles
 CVE-2008-6049
 	REJECTED
-CVE-2008-6048 (Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS ...)
+CVE-2008-6048
 	NOT-FOR-US: TangoCMS
-CVE-2008-6047 (Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 ...)
+CVE-2008-6047
 	NOT-FOR-US: ADbNewsSender
-CVE-2008-6046 (SQL injection vulnerability in ADbNewsSender before 1.5.2 allows ...)
+CVE-2008-6046
 	NOT-FOR-US: ADbNewsSender
-CVE-2008-6045 (Session fixation vulnerability in shopping_cart.php in xt:Commerce ...)
+CVE-2008-6045
 	NOT-FOR-US: xt:Commerce
-CVE-2008-6044 (Cross-site scripting (XSS) vulnerability in advanced_search_result.php ...)
+CVE-2008-6044
 	NOT-FOR-US: xt:Commerce
-CVE-2008-6043 (Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow ...)
+CVE-2008-6043
 	NOT-FOR-US: PHP Pro Bid
-CVE-2008-6042 (SQL injection vulnerability in the re_search module in NetArtMedia ...)
+CVE-2008-6042
 	NOT-FOR-US: NetArtMedia Real Estate Portal
-CVE-2008-6041 (Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in ...)
+CVE-2008-6041
 	NOT-FOR-US: Dataspade
-CVE-2008-6040 (SQL injection vulnerability in index.php in Arcadem Pro 2.700 through ...)
+CVE-2008-6040
 	NOT-FOR-US: Arcadem Pro
-CVE-2008-6039 (Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows ...)
+CVE-2008-6039
 	NOT-FOR-US: BLUEPAGE CMS
-CVE-2008-6038 (SQL injection vulnerability in index.php in MapCal 0.1 allows remote ...)
+CVE-2008-6038
 	NOT-FOR-US: MapCal
-CVE-2008-6037 (SQL injection vulnerability in view.php in AvailScript Article Script ...)
+CVE-2008-6037
 	NOT-FOR-US: AvailScript Article Script
-CVE-2008-6036 (PHP remote file inclusion vulnerability in main.inc.php in BaseBuilder ...)
+CVE-2008-6036
 	NOT-FOR-US: BaseBuilder
-CVE-2008-6035 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo ...)
+CVE-2008-6035
 	NOT-FOR-US: Achievo
-CVE-2008-6034 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo ...)
+CVE-2008-6034
 	NOT-FOR-US: Achievo
-CVE-2008-6033 (SQL injection vulnerability in comments.php in WSN Links 2.20 allows ...)
+CVE-2008-6033
 	NOT-FOR-US: WSN Links
-CVE-2008-6032 (SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P ...)
+CVE-2008-6032
 	NOT-FOR-US: WSN Links
-CVE-2008-6031 (SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 ...)
+CVE-2008-6031
 	NOT-FOR-US: WSN Links
-CVE-2008-6030 (Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 ...)
+CVE-2008-6030
 	NOT-FOR-US: NetArtMedia Jobs Portal
-CVE-2008-6029 (SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and ...)
+CVE-2008-6029
 	NOT-FOR-US: BuzzyWall
-CVE-2008-6028 (SQL injection vulnerability in list.php in University of Queensland ...)
+CVE-2008-6028
 	NOT-FOR-US: Library Fez
-CVE-2008-6027 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-6027
 	NOT-FOR-US: BLUEPAGE CMS
-CVE-2008-6026 (SQL injection vulnerability in tienda.php in BlueCUBE CMS allows ...)
+CVE-2008-6026
 	NOT-FOR-US: BlueCUBE CMS
-CVE-2008-6025 (Directory traversal vulnerability in scr/form.php in openElec 3.01 and ...)
+CVE-2008-6025
 	NOT-FOR-US: openElec
-CVE-2008-6024 (Unspecified vulnerability in the NFSv4 client module in the kernel on ...)
+CVE-2008-6024
 	NOT-FOR-US: Sun Solaris
-CVE-2008-6023 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6023
 	NOT-FOR-US: Xnova
-CVE-2008-6022 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-6022
 	NOT-FOR-US: Xnova
-CVE-2008-6021 (Multiple unspecified vulnerabilities in Attachmate Reflection for ...)
+CVE-2008-6021
 	NOT-FOR-US: Attachmate Reflection
-CVE-2008-6020 (SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for ...)
+CVE-2008-6020
 	NOT-FOR-US: View module (drupal module)
-CVE-2008-6019 (SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows ...)
+CVE-2008-6019
 	NOT-FOR-US: EACOMM DO-CMS
-CVE-2008-6018 (Directory traversal vulnerability in index.php in MyPHPSite, when ...)
+CVE-2008-6018
 	NOT-FOR-US: MyPHPSite
-CVE-2008-6017 (SQL injection vulnerability in messages.php in I-Rater Basic allows ...)
+CVE-2008-6017
 	NOT-FOR-US: I-Rater Basic
-CVE-2008-6016 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows ...)
+CVE-2008-6016
 	NOT-FOR-US: EsFaq
-CVE-2008-6015 (Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 ...)
+CVE-2008-6015
 	NOT-FOR-US: EsFaq
-CVE-2008-6014 (SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS ...)
+CVE-2008-6014
 	NOT-FOR-US: Rianxosencabos CMS
-CVE-2008-6013 (Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 ...)
+CVE-2008-6013
 	NOT-FOR-US: Freeway
-CVE-2008-6012 (Directory traversal vulnerability in index.php in Pritlog 0.4 and ...)
+CVE-2008-6012
 	NOT-FOR-US: Pritlog
-CVE-2008-6011 (SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 ...)
+CVE-2008-6011
 	NOT-FOR-US: SG Real Estate Portal
-CVE-2008-6010 (Multiple directory traversal vulnerabilities in SG Real Estate Portal ...)
+CVE-2008-6010
 	NOT-FOR-US: SG Real Estate Portal
-CVE-2008-6009 (SG Real Estate Portal 2.0 allows remote attackers to bypass ...)
+CVE-2008-6009
 	NOT-FOR-US: SG Real Estate Portal
-CVE-2008-6008 (hyBook Guestbook Script stores sensitive information under the web ...)
+CVE-2008-6008
 	NOT-FOR-US: hyBook Guestbook Script
-CVE-2008-6007 (SQL injection vulnerability in view_group.php in QuidaScript BookMarks ...)
+CVE-2008-6007
 	NOT-FOR-US: QuidaScript BookMarks Favourites Script
-CVE-2008-6006 (Multiple PHP remote file inclusion vulnerabilities in Micronation ...)
+CVE-2008-6006
 	NOT-FOR-US: Micronation Banking System
-CVE-2008-6004 (Cross-site scripting (XSS) vulnerability in search.php in AJ Auction ...)
+CVE-2008-6004
 	NOT-FOR-US: AJ Auction Pro Platinum
-CVE-2008-6003 (SQL injection vulnerability in sellers_othersitem.php in AJ Auction ...)
+CVE-2008-6003
 	NOT-FOR-US: AJ Auction Pro Platinum
-CVE-2008-6002 (Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, ...)
+CVE-2008-6002
 	NOT-FOR-US: web-cp
-CVE-2008-6001 (index.php in ADN Forum 1.0b and earlier allows remote attackers to ...)
+CVE-2008-6001
 	NOT-FOR-US: ADN Forum
-CVE-2008-6000 (The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity ...)
+CVE-2008-6000
 	NOT-FOR-US: G DATA AntiVirus
-CVE-2008-5999 (Cross-site scripting (XSS) vulnerability in the Ajax Checklist module ...)
+CVE-2008-5999
 	NOT-FOR-US: Ajax Checklist module for Drupal
-CVE-2008-5998 (Multiple SQL injection vulnerabilities in the ajax_checklist_save ...)
+CVE-2008-5998
 	NOT-FOR-US: Ajax Checklist module for Drupal
-CVE-2008-5997 (Absolute path traversal vulnerability in ...)
+CVE-2008-5997
 	NOT-FOR-US: Omnicom Content Platform
-CVE-2008-5996 (Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x ...)
+CVE-2008-5996
 	NOT-FOR-US: Simplenews module for Drupal
-CVE-2008-5995 (Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA ...)
+CVE-2008-5995
 	NOT-FOR-US: freeCap CAPTCHA extension for Typo3
-CVE-2008-5994 (Cross-site scripting (XSS) vulnerability in index.php in Check Point ...)
+CVE-2008-5994
 	NOT-FOR-US: Check Point Connectra
-CVE-2008-5993 (Directory traversal vulnerability in image.php in Barcode Generator 1D ...)
+CVE-2008-5993
 	NOT-FOR-US: Barcode Generator 1D
-CVE-2008-5992 (Multiple SQL injection vulnerabilities in Jetik Emlak Sistem A (ESA) ...)
+CVE-2008-5992
 	NOT-FOR-US: Jetik Emlak Sistem
-CVE-2008-5991 (Directory traversal vulnerability in docs.php in MailWatch for ...)
+CVE-2008-5991
 	NOT-FOR-US: MailWatch for MailScanner
-CVE-2008-5990 (Directory traversal vulnerability in connect/init.inc in emergecolab ...)
+CVE-2008-5990
 	NOT-FOR-US: emergecolab
-CVE-2008-5989 (Directory traversal vulnerability in defs.php in PHPcounter 1.3.2 and ...)
+CVE-2008-5989
 	NOT-FOR-US: PHPcounterJadu CMS
-CVE-2008-5988 (SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS ...)
+CVE-2008-5988
 	NOT-FOR-US: Jadu CMS
 CVE-2008-XXXX [minor cyrus sasl DoS]
 	- cyrus-sasl2 2.1.22.dfsg1-18 (bug #465561)
 	[etch] - cyrus-sasl2 <no-dsa> (Minor issue)
-CVE-2008-5987 (Untrusted search path vulnerability in the Python interface in Eye of ...)
+CVE-2008-5987
 	- eog 2.22.3-2 (bug #504352; low)
 	[etch] - eog <not-affected> (Vulnerable code not present)
-CVE-2008-5986 (Untrusted search path vulnerability in the (1) &quot;VST plugin with Python ...)
+CVE-2008-5986
 	- csound 5.08.2~dfsg-1.1 (bug #504359; low)
 	[lenny] - csound 1:5.08.0.dfsg2-8+lenny2 (bug #504359; low)
 	[etch] - csound <not-affected> (Vulnerable code not present)
-CVE-2008-5985 (Untrusted search path vulnerability in the Python interface in ...)
+CVE-2008-5985
 	- epiphany-browser 2.22.3-7 (bug #504363; low)
 	[etch] - epiphany-browser <no-dsa> (Minor issue, only vulnerable when called from certain dir)
-CVE-2008-5984 (Untrusted search path vulnerability in the Python plugin in Dia ...)
+CVE-2008-5984
 	- dia 0.96.1-7.1 (low; bug #504251)
 	[etch] - dia <no-dsa> (Minor issue, only vulnerable when called from certain dir)
-CVE-2008-5983 (Untrusted search path vulnerability in the PySys_SetArgv API function ...)
+CVE-2008-5983
 	- python3.1 3.1.2+20100703-1 (low; bug #575780)
 	- python2.6 2.6.5+20100529-1 (low; bug #572010)
 	- python2.5 <unfixed> (low)
@@ -2884,311 +2884,311 @@ CVE-2008-5983 (Untrusted search path vulnerability in the PySys_SetArgv API func
 	NOTE: a backport has a significant risk of breakage for little gain. If a
 	NOTE: proper upstream patch should be available, this can be re-evaluated
 	NOTE: http://bugs.python.org/issue5753
-CVE-2008-5982 (Format string vulnerability in BMC PATROL Agent before 3.7.30 allows ...)
+CVE-2008-5982
 	NOT-FOR-US: BMC PATROL Agent
-CVE-2008-5968 (Directory traversal vulnerability in print.php in PHP iCalendar 2.24 ...)
+CVE-2008-5968
 	- phpicalendar <removed> (bug #513517)
-CVE-2008-5967 (admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not ...)
+CVE-2008-5967
 	- phpicalendar <removed> (bug #513517)
-CVE-2008-5981 (PacPoll 4.0 stores sensitive information under the web root with ...)
+CVE-2008-5981
 	NOT-FOR-US: PacPoll
-CVE-2008-5980 (Ocean12 Mailing List Manager Gold stores sensitive data under the web ...)
+CVE-2008-5980
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5979 (Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 ...)
+CVE-2008-5979
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5978 (Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager ...)
+CVE-2008-5978
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5977 (SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE ...)
+CVE-2008-5977
 	NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5976 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-5976
 	NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5975 (SQL injection vulnerability in links.asp in Active Price Comparison ...)
+CVE-2008-5975
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5974 (Multiple SQL injection vulnerabilities in login.aspx in Active Price ...)
+CVE-2008-5974
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5973 (SQL injection vulnerability in login.aspx in Active Web Mail 4.0 ...)
+CVE-2008-5973
 	NOT-FOR-US: Active Web Mail
-CVE-2008-5972 (SQL injection vulnerability in default.asp in Active Business ...)
+CVE-2008-5972
 	NOT-FOR-US: Active Business Directory
-CVE-2008-5971 (Cross-site scripting (XSS) vulnerability in profile_social.php in ...)
+CVE-2008-5971
 	NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5970 (SQL injection vulnerability in profile_social.php in i-Net Solution ...)
+CVE-2008-5970
 	NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5969 (SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower ...)
+CVE-2008-5969
 	NOT-FOR-US: Sunbyte e-Flower
-CVE-2008-5966 (globsy_edit.php in Globsy 1.0 and earlier allows remote attackers to ...)
+CVE-2008-5966
 	NOT-FOR-US: Globsy
-CVE-2008-5965 (Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and ...)
+CVE-2008-5965
 	NOT-FOR-US: LokiCMS
-CVE-2008-5964 (Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 ...)
+CVE-2008-5964
 	NOT-FOR-US: Social ImpressCMS
-CVE-2008-5963 (Eval injection vulnerability in library/setup/rpc.php in Gravity ...)
+CVE-2008-5963
 	NOT-FOR-US: Gravity Getting Things Done
-CVE-2008-5962 (Directory traversal vulnerability in library/setup/rpc.php in Gravity ...)
+CVE-2008-5962
 	NOT-FOR-US: Gravity Getting Things Done
-CVE-2008-5961 (Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS ...)
+CVE-2008-5961
 	NOT-FOR-US: Tribiq CMS Community
-CVE-2008-5960 (SQL injection vulnerability in index.php in Tribiq CMS Community ...)
+CVE-2008-5960
 	NOT-FOR-US: Tribiq CMS Community
-CVE-2008-5959 (Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 ...)
+CVE-2008-5959
 	NOT-FOR-US: Active Test
-CVE-2008-5958 (Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote ...)
+CVE-2008-5958
 	NOT-FOR-US: Active Test
-CVE-2008-5957 (SQL injection vulnerability in the Mydyngallery (com_mydyngallery) ...)
+CVE-2008-5957
 	NOT-FOR-US: Joomla!
-CVE-2008-5956 (Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information ...)
+CVE-2008-5956
 	NOT-FOR-US: Wbstreet
-CVE-2008-5955 (SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET ...)
+CVE-2008-5955
 	NOT-FOR-US: Wbstreet
-CVE-2008-5954 (SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) ...)
+CVE-2008-5954
 	NOT-FOR-US: KTP Computer Customer Database (KTPCCD) CMS
-CVE-2008-5953 (Directory traversal vulnerability in KTP Computer Customer Database ...)
+CVE-2008-5953
 	NOT-FOR-US: KTP Computer Customer Database (KTPCCD) CMS
-CVE-2008-5952 (SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) ...)
+CVE-2008-5952
 	NOT-FOR-US: KTP Computer Customer Database (KTPCCD) CMS
-CVE-2008-5951 (ASP Template Creature stores sensitive information under the web root ...)
+CVE-2008-5951
 	NOT-FOR-US: ASP Template Creature
-CVE-2008-5950 (SQL injection vulnerability in media/media_level.asp in ASP Template ...)
+CVE-2008-5950
 	NOT-FOR-US: ASP Template Creature
-CVE-2008-5949 (Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 ...)
+CVE-2008-5949
 	NOT-FOR-US: ccTiddly
-CVE-2008-5948 (Directory traversal vulnerability in index.php in BNCwi 1.04 and ...)
+CVE-2008-5948
 	NOT-FOR-US: BNCwi
-CVE-2008-5947 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-5947
 	NOT-FOR-US: YapBB
-CVE-2008-5946 (SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows ...)
+CVE-2008-5946
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-5945 (Nukeviet 2.0 Beta allows remote attackers to bypass authentication and ...)
+CVE-2008-5945
 	NOT-FOR-US: Nukeviet
-CVE-2008-5944 (Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 ...)
+CVE-2008-5944
 	NOT-FOR-US: NavBoard
-CVE-2008-5943 (Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) ...)
+CVE-2008-5943
 	NOT-FOR-US: NavBoard
-CVE-2008-5942 (Multiple cross-site scripting (XSS) vulnerabilities in MODx before ...)
+CVE-2008-5942
 	NOT-FOR-US: MODx CMS
-CVE-2008-5941 (Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and ...)
+CVE-2008-5941
 	NOT-FOR-US: MODx CMS
-CVE-2008-5940 (SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, ...)
+CVE-2008-5940
 	NOT-FOR-US: MODx CMS
-CVE-2008-5939 (Cross-site scripting (XSS) vulnerability in index.php in MODx CMS ...)
+CVE-2008-5939
 	NOT-FOR-US: MODx CMS
-CVE-2008-5938 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-5938
 	NOT-FOR-US: MODx CMS
-CVE-2008-5937 (AyeView 2.20 allows user-assisted attackers to cause a denial of ...)
+CVE-2008-5937
 	NOT-FOR-US: AyeView
-CVE-2008-5936 (front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers ...)
+CVE-2008-5936
 	NOT-FOR-US: mini-pub
-CVE-2008-5935 (Facto stores sensitive information under the web root with ...)
+CVE-2008-5935
 	NOT-FOR-US: Facto
-CVE-2008-5934 (SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows ...)
+CVE-2008-5934
 	NOT-FOR-US: CMS ISWEB
-CVE-2008-5933 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-5933
 	NOT-FOR-US: CMS ISWEB
-CVE-2008-5932 (CodeAvalanche FreeForum stores sensitive information under the web ...)
+CVE-2008-5932
 	NOT-FOR-US: CodeAvalanche FreeForum
-CVE-2008-5931 (The Net Guys ASPired2Blog stores sensitive information under the web ...)
+CVE-2008-5931
 	NOT-FOR-US: ASPired2Blog
-CVE-2008-5930 (SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ...)
+CVE-2008-5930
 	NOT-FOR-US: ASPired2Blog
-CVE-2008-5929 (VP-ASP Shopping Cart 6.50 stores sensitive information under the web ...)
+CVE-2008-5929
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2008-5928 (SQL injection vulnerability in redir.php in Free Links Directory ...)
+CVE-2008-5928
 	NOT-FOR-US: Free Links Directory Script
-CVE-2008-5927 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...)
+CVE-2008-5927
 	NOT-FOR-US: FlexPHPNews
-CVE-2008-5926 (Multiple SQL injection vulnerabilities in login.asp in ASP-DEv ...)
+CVE-2008-5926
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5925 (ASP-DEv XM Events Diary stores sensitive information under the web ...)
+CVE-2008-5925
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5924 (SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events ...)
+CVE-2008-5924
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5923 (SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary ...)
+CVE-2008-5923
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5922 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2008-5922
 	NOT-FOR-US: Cant Find A Gaming CMS
-CVE-2008-5921 (SQL injection vulnerability in albums.php in Umer Inc Songs Portal ...)
+CVE-2008-5921
 	NOT-FOR-US: Umer Inc Songs Portal
-CVE-2008-5920 (The create_anchors function in utils.inc in WebSVN 1.x allows remote ...)
+CVE-2008-5920
 	- websvn 1.61-21 (bug #503330)
-CVE-2008-5917 (Cross-site scripting (XSS) vulnerability in the XSS filter ...)
+CVE-2008-5917
 	{DSA-1765-1}
 	- horde3 3.2.2+debian0-2 (bug #512592)
-CVE-2008-5916 (gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x ...)
+CVE-2008-5916
 	{DSA-1708-1}
 	- git-core 1:1.5.6.5-2 (low)
-CVE-2008-5915 (An unspecified function in the JavaScript implementation in Google ...)
+CVE-2008-5915
 	NOT-FOR-US: Google
-CVE-2008-5914 (An unspecified function in the JavaScript implementation in Apple ...)
+CVE-2008-5914
 	NOT-FOR-US: Apple
-CVE-2008-5913 (The Math.random function in the JavaScript implementation in Mozilla ...)
+CVE-2008-5913
 	- xulrunner 1.9.1.10-1 (unimportant; bug #559792; bug #532516)
 	- iceape 2.0.5-1 (unimportant)
 	[lenny] - iceape <not-affected> (Just a stub package)
 	NOTE: Limited to browser life time
-CVE-2008-5912 (An unspecified function in the JavaScript implementation in Microsoft ...)
+CVE-2008-5912
 	NOT-FOR-US: Microsoft
-CVE-2008-5911 (Multiple buffer overflows in RealNetworks Helix Server and Helix ...)
+CVE-2008-5911
 	NOT-FOR-US: RealNetworks Helix
-CVE-2008-5910 (Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown ...)
+CVE-2008-5910
 	NOT-FOR-US: txzonemgr in Sun OpenSolaris
-CVE-2008-5909 (Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown ...)
+CVE-2008-5909
 	NOT-FOR-US: conv_lpd in Sun OpenSolaris
-CVE-2008-5908 (Unspecified vulnerability in the root/boot archive tool in Sun ...)
+CVE-2008-5908
 	NOT-FOR-US: root/boot archive tool in Sun OpenSolaris
-CVE-2008-5907 (The png_check_keyword function in pngwutil.c in libpng before 1.0.42, ...)
+CVE-2008-5907
 	{DSA-1750-1}
 	- libpng 1.2.35-1 (bug #512665)
 	NOTE: Only an issues when using libpng to create out-of-spec images
-CVE-2008-5906 (Eval injection vulnerability in the web interface plugin in KTorrent ...)
+CVE-2008-5906
 	- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
 	- ktorrent 3.1.4+dfsg.1-1
 	[etch] - ktorrent <not-affected> (Doesn't include the web interface)
-CVE-2008-5905 (The web interface plugin in KTorrent before 3.1.4 allows remote ...)
+CVE-2008-5905
 	- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
 	- ktorrent 3.1.4+dfsg.1-1
 	[etch] - ktorrent <not-affected> (Doesn't include the web interface)
-CVE-2008-5901 (iyzi Forum 1.0 beta 3 stores sensitive information under the web root ...)
+CVE-2008-5901
 	NOT-FOR-US: iyzi Forum
-CVE-2008-5900 (CodeAvalanche Articles stores sensitive information under the web root ...)
+CVE-2008-5900
 	NOT-FOR-US: CodeAvalanche Articles
-CVE-2008-5899 (CodeAvalanche FreeForAll stores sensitive information under the web ...)
+CVE-2008-5899
 	NOT-FOR-US: CodeAvalanche FreeForAll
-CVE-2008-5898 (CodeAvalanche Directory stores sensitive information under the web ...)
+CVE-2008-5898
 	NOT-FOR-US: CodeAvalanche Directory
-CVE-2008-5897 (CodeAvalanche FreeWallpaper stores sensitive information under the web ...)
+CVE-2008-5897
 	NOT-FOR-US: CodeAvalanche FreeWallpaper
-CVE-2008-5896 (CodeAvalanche RateMySite stores sensitive information under the web ...)
+CVE-2008-5896
 	NOT-FOR-US: CodeAvalanche RateMySite
-CVE-2008-5895 (SQL injection vulnerability in connection.php in Mediatheka 4.2 and ...)
+CVE-2008-5895
 	NOT-FOR-US: Mediatheka
-CVE-2008-5894 (Directory traversal vulnerability in index.php in Mediatheka 4.2 ...)
+CVE-2008-5894
 	NOT-FOR-US: Mediatheka
-CVE-2008-5893 (Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ...)
+CVE-2008-5893
 	NOT-FOR-US: ClickAndEmail
-CVE-2008-5892 (Multiple SQL injection vulnerabilities in ClickAndEmail allow remote ...)
+CVE-2008-5892
 	NOT-FOR-US: ClickAndEmail
-CVE-2008-5891 (Cross-site scripting (XSS) vulnerability in the profile editing ...)
+CVE-2008-5891
 	NOT-FOR-US: Injader
-CVE-2008-5890 (SQL injection vulnerability in feeds.php in Injader before 2.1.2 ...)
+CVE-2008-5890
 	NOT-FOR-US: Injader
-CVE-2008-5889 (Cross-site scripting (XSS) vulnerability in user.asp in Click&amp;Rank ...)
+CVE-2008-5889
 	NOT-FOR-US: Click&Rank
-CVE-2008-5888 (Multiple SQL injection vulnerabilities in Click&amp;Rank allow remote ...)
+CVE-2008-5888
 	NOT-FOR-US: Click&Rank
-CVE-2008-5887 (phplist before 2.10.8 allows remote attackers to include files via ...)
+CVE-2008-5887
 	NOT-FOR-US: phplist
-CVE-2008-5886 (TAKempis Discussion Web 4.0 stores sensitive information under the web ...)
+CVE-2008-5886
 	NOT-FOR-US: TAKempis Discussion Web
-CVE-2008-5885 (The Net Guys ASPired2Quote stores sensitive information under the web ...)
+CVE-2008-5885
 	NOT-FOR-US: Net Guys ASPired2Quote
-CVE-2008-5884 (AyeView 2.20 allows user-assisted attackers to cause a denial of ...)
+CVE-2008-5884
 	NOT-FOR-US: AyeView
-CVE-2008-5883 (Absolute path traversal vulnerability in front-end/dir.php in mini-pub ...)
+CVE-2008-5883
 	NOT-FOR-US: mini-pub
-CVE-2008-5904 (The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in ...)
+CVE-2008-5904
 	- xrdp 0.4.0~dfsg-9 (bug #511641)
-CVE-2008-5903 (Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c ...)
+CVE-2008-5903
 	- xrdp 0.4.0~dfsg-9 (bug #511641)
-CVE-2008-5902 (Buffer overflow in the xrdp_bitmap_invalidate function in ...)
+CVE-2008-5902
 	- xrdp 0.4.0~dfsg-9 (bug #511641)
-CVE-2008-6005 (Multiple buffer overflows in the CheckUniqueName function in W3C Amaya ...)
+CVE-2008-6005
 	- amaya <removed> (medium; bug #507587)
 	NOTE: different vector than described in CVE-2008-5282, see 507587#15
-CVE-2008-5882 (SQL injection vulnerability in login.asp in Citrix Application Gateway ...)
+CVE-2008-5882
 	NOT-FOR-US: Citrix
-CVE-2008-5881 (Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow ...)
+CVE-2008-5881
 	NOT-FOR-US: playSMS
-CVE-2008-5880 (admin/auth.php in Gobbl CMS 1.0 allows remote attackers to bypass ...)
+CVE-2008-5880
 	NOT-FOR-US: Gobbl CMS
-CVE-2008-5879 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2008-5879
 	NOT-FOR-US: Phpclanwebsite
-CVE-2008-5878 (Multiple directory traversal vulnerabilities in Phpclanwebsite (aka ...)
+CVE-2008-5878
 	NOT-FOR-US: Phpclanwebsite
-CVE-2008-5877 (Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) ...)
+CVE-2008-5877
 	NOT-FOR-US: Phpclanwebsite
-CVE-2008-5876 (Buffer overflow in Irrlicht before 1.5 allows remote attackers to ...)
+CVE-2008-5876
 	- irrlicht <not-affected> (package was first introduced in version 1.5)
-CVE-2008-5875 (SQL injection vulnerability in the com_lowcosthotels component in the ...)
+CVE-2008-5875
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5874 (Multiple SQL injection vulnerabilities in the Hotel Booking ...)
+CVE-2008-5874
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5873 (Yerba SACphp 6.3 and earlier allows remote attackers to bypass ...)
+CVE-2008-5873
 	NOT-FOR-US: Yerba
-CVE-2008-5872 (Multiple unspecified vulnerabilities in the UNIStim File Transfer ...)
+CVE-2008-5872
 	NOT-FOR-US: Nortel Multimedia Communication Server
-CVE-2008-5871 (Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not ...)
+CVE-2008-5871
 	NOT-FOR-US: Nortel Multimedia Communication Server
-CVE-2008-5870 (FastStone Image Viewer 3.6 allows user-assisted attackers to cause a ...)
+CVE-2008-5870
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2008-5869 (Cross-site scripting (XSS) vulnerability in the Proxim Wireless ...)
+CVE-2008-5869
 	NOT-FOR-US: Proxim Wireless Tsunami
-CVE-2008-5868 (Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows ...)
+CVE-2008-5868
 	NOT-FOR-US: IntelliTamper
-CVE-2008-5867 (Directory traversal vulnerability in Yerba SACphp 6.3 allows remote ...)
+CVE-2008-5867
 	NOT-FOR-US: Yerba
-CVE-2008-5866 (The Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 has public ...)
+CVE-2008-5866
 	NOT-FOR-US: Proxim Wireless Tsunami
-CVE-2008-5865 (SQL injection vulnerability in the com_hbssearch component 1.0 in the ...)
+CVE-2008-5865
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5864 (SQL injection vulnerability in the Top Hotel (com_tophotelmodule) ...)
+CVE-2008-5864
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5863 (SQL injection vulnerability in locator.php in the Userlocator module ...)
+CVE-2008-5863
 	NOT-FOR-US: Module for Woltlab Burning Board
-CVE-2008-5862 (Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 ...)
+CVE-2008-5862
 	NOT-FOR-US: webcamXP
-CVE-2008-5861 (Directory traversal vulnerability in source.php in FreeLyrics 1.0 ...)
+CVE-2008-5861
 	NOT-FOR-US: FreeLyrics
-CVE-2008-5860 (Directory traversal vulnerability in backend/template.php in ...)
+CVE-2008-5860
 	NOT-FOR-US: Constructr CMS
-CVE-2008-5859 (SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and ...)
+CVE-2008-5859
 	NOT-FOR-US: Constructr CMS
-CVE-2008-5858 (Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree ...)
+CVE-2008-5858
 	NOT-FOR-US: KnowledgeTree
-CVE-2008-5857 (The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote ...)
+CVE-2008-5857
 	NOT-FOR-US: KnowledgeTree
-CVE-2008-5856 (Directory traversal vulnerability in scripts/export.php in ClaSS ...)
+CVE-2008-5856
 	NOT-FOR-US: ClaSS
-CVE-2008-5855 (myPHPscripts Login Session 2.0 stores sensitive information under the ...)
+CVE-2008-5855
 	NOT-FOR-US: myPHPscripts Login Session
-CVE-2008-5854 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+CVE-2008-5854
 	NOT-FOR-US: myPHPscripts Login Session
-CVE-2008-5853 (Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier ...)
+CVE-2008-5853
 	NOT-FOR-US: ChoCoMaS
-CVE-2008-5852 (Emefa Guestbook 3.0 stores sensitive information under the web root ...)
+CVE-2008-5852
 	NOT-FOR-US: Emefa Guestbook
-CVE-2008-5851 (SQL injection vulnerability in index.php in My PHP Baseball Stats ...)
+CVE-2008-5851
 	NOT-FOR-US: My PHP Baseball Stats
 CVE-2008-5850
 	REJECTED
-CVE-2008-5849 (Check Point VPN-1 R55, R65, and other versions, when Port Address ...)
+CVE-2008-5849
 	NOT-FOR-US: Check Point
-CVE-2008-5848 (The Advantech ADAM-6000 module has 00000000 as its default password, ...)
+CVE-2008-5848
 	NOT-FOR-US: Advantech ADAM-6000 module
-CVE-2008-5847 (Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a ...)
+CVE-2008-5847
 	NOT-FOR-US: Constructr CMS
-CVE-2008-5846 (Six Apart Movable Type (MT) before 4.23 allows remote authenticated ...)
+CVE-2008-5846
 	- movabletype-opensource 4.2.3-1 (low)
-CVE-2008-5845 (Multiple cross-site scripting (XSS) vulnerabilities in Six Apart ...)
+CVE-2008-5845
 	- movabletype-opensource 4.2.3-1 (low)
-CVE-2008-5844 (PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW ...)
+CVE-2008-5844
 	- php5 <not-affected> (vulnerable code introduced in 5.2.7, we have 5.2.6 and 5.2.8 was released in the meantime)
 	[etch] - php4 <not-affected> (vulnerable code introduced in php5 5.2.7)
-CVE-2008-5843 (Multiple untrusted search path vulnerabilities in pdfjam allow local ...)
+CVE-2008-5843
 	- pdfjam <not-affected> (the debian package sets pdflatex and thus dirname can't result in returning .)
 	NOTE: it is also not possible to include a crafted sed or pdflatex executable in the pdflatex call
 	NOTE: as our version uses random names, see #510584
-CVE-2008-5842 (Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens ...)
+CVE-2008-5842
 	NOT-FOR-US: Fujitsu-Siemens WebTransactions
 CVE-2008-XXXX [auctex insecure temp file]
 	- auctex 11.83-7.3 (low; bug #506961)
 	[etch] - auctex <no-dsa> (Minor issue)
-CVE-2008-5841 (Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier ...)
+CVE-2008-5841
 	NOT-FOR-US: iGaming
-CVE-2008-5840 (PHP iCalendar 2.24 and earlier allows remote attackers to bypass ...)
+CVE-2008-5840
 	- phpicalendar <removed> (bug #513517)
-CVE-2008-5839 (Buffer overflow in Foxmail 6.5 allows remote attackers to execute ...)
+CVE-2008-5839
 	NOT-FOR-US: Foxmail
-CVE-2008-5838 (SQL injection vulnerability in search_results.php in E-Php Scripts ...)
+CVE-2008-5838
 	NOT-FOR-US: E-Php Scripts E-Shop Shopping Cart
 CVE-2008-5837
 	RESERVED
@@ -3208,460 +3208,460 @@ CVE-2008-5830
 	RESERVED
 CVE-2008-5829
 	RESERVED
-CVE-2008-5828 (Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN ...)
+CVE-2008-5828
 	NOT-FOR-US: Microsoft
-CVE-2008-5827 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 ...)
+CVE-2008-5827
 	NOT-FOR-US: Nokia Firmware
-CVE-2008-5826 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 ...)
+CVE-2008-5826
 	NOT-FOR-US: Nokia Firmware
-CVE-2008-5825 (The SmartPoster implementation on the Nokia 6131 Near Field ...)
+CVE-2008-5825
 	NOT-FOR-US: Nokia Firmware
-CVE-2008-5823 (An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used ...)
+CVE-2008-5823
 	NOT-FOR-US: Microsoft Money
-CVE-2008-5822 (Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other ...)
+CVE-2008-5822
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Just a crash, no security impact
-CVE-2008-5821 (Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on ...)
+CVE-2008-5821
 	NOT-FOR-US: Webkit on Windows
-CVE-2008-5820 (SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 ...)
+CVE-2008-5820
 	NOT-FOR-US: eDreamers eDNews
-CVE-2008-5819 (Directory traversal vulnerability in eDNews_archive.php in eDreamers ...)
+CVE-2008-5819
 	NOT-FOR-US: eDreamers eDNews
-CVE-2008-5818 (Directory traversal vulnerability in index.php in eDreamers ...)
+CVE-2008-5818
 	NOT-FOR-US: eDreamers eDNews
-CVE-2008-5817 (Multiple SQL injection vulnerabilities in index.php in Web Scribble ...)
+CVE-2008-5817
 	NOT-FOR-US: Web Scribble Solutions webClassifieds
-CVE-2008-5816 (SQL injection vulnerability in repository.php in ILIAS 3.7.4 and ...)
+CVE-2008-5816
 	NOT-FOR-US: ILIAS
-CVE-2008-5815 (SQL injection vulnerability in Acomment.php in phpAlumni allows remote ...)
+CVE-2008-5815
 	NOT-FOR-US: phpAlumni
-CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and ...)
+CVE-2008-5814
 	{DSA-1789-1}
 	- php5 5.2.11.dfsg.1-1 (low; bug #523028)
 	NOTE: I don't know in which version this was fixed specifically, but
 	NOTE: I've checked that the patch is present in this version
 	- php4 <removed> (low; bug #523028)
-CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before ...)
+CVE-2008-5813
 	- spip 2.0.6-1
-CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 ...)
+CVE-2008-5812
 	- spip 2.0.6-1
-CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery) ...)
+CVE-2008-5811
 	NOT-FOR-US: joomla
-CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, ...)
+CVE-2008-5810
 	NOT-FOR-US: Fujitsu-Siemens WebTransactions
-CVE-2008-5809 (futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and ...)
+CVE-2008-5809
 	NOT-FOR-US: futomi CGI Cafe Access Analyzer CGI Standard
-CVE-2008-5808 (Cross-site scripting (XSS) vulnerability in Six Apart Movable Type ...)
+CVE-2008-5808
 	NOT-FOR-US: Six Apart Movable Type Enterprise
-CVE-2008-5807 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...)
+CVE-2008-5807
 	NOT-FOR-US: TestLink
-CVE-2008-5806 (SQL injection vulnerability in login.php in DeltaScripts PHP ...)
+CVE-2008-5806
 	NOT-FOR-US: DeltaScripts PHP Classifieds
-CVE-2008-5805 (SQL injection vulnerability in detail.php in DeltaScripts PHP ...)
+CVE-2008-5805
 	NOT-FOR-US: DeltaScripts PHP Classifieds
-CVE-2008-5804 (SQL injection vulnerability in admin/admin_catalog.php in e-topbiz ...)
+CVE-2008-5804
 	NOT-FOR-US: e-topbiz Number Links 1 Php Script
-CVE-2008-5803 (SQL injection vulnerability in admin/login.php in E-topbiz Online ...)
+CVE-2008-5803
 	NOT-FOR-US: E-topbiz
-CVE-2008-5802 (SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 ...)
+CVE-2008-5802
 	NOT-FOR-US: E-topbiz
-CVE-2008-5801 (Unspecified vulnerability in the Dictionary (rtgdictionary) extension ...)
+CVE-2008-5801
 	NOT-FOR-US: Dictionary (rtgdictionary) extension for TYPO3
-CVE-2008-5800 (SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) ...)
+CVE-2008-5800
 	NOT-FOR-US: fsmi_people extension for TYPO3
-CVE-2008-5799 (Cross-site scripting (XSS) vulnerability in the Wir ber uns ...)
+CVE-2008-5799
 	NOT-FOR-US: fsmi_people extension for TYPO3
-CVE-2008-5798 (SQL injection vulnerability in the CMS Poll system (cms_poll) ...)
+CVE-2008-5798
 	NOT-FOR-US: CMS Poll system for TYPO3
-CVE-2008-5797 (SQL injection vulnerability in the advCalendar extension 0.3.1 and ...)
+CVE-2008-5797
 	NOT-FOR-US: advCalendar extension for TYPO3
-CVE-2008-5796 (SQL injection vulnerability in the eluna Page Comments ...)
+CVE-2008-5796
 	NOT-FOR-US: Page Comments extension for TYPO3
-CVE-2008-5795 (Cross-site scripting (XSS) vulnerability in the eluna Page Comments ...)
+CVE-2008-5795
 	NOT-FOR-US: Page Comments extension for TYPO3
-CVE-2008-5794 (Directory traversal vulnerability in system/admin/images.php in ...)
+CVE-2008-5794
 	NOT-FOR-US: LoveCMS
-CVE-2008-5793 (Multiple PHP remote file inclusion vulnerabilities in the Clickheat - ...)
+CVE-2008-5793
 	NOT-FOR-US: Clickheat - Heatmap stats (com_clickheat) component 1.0.1 for Joomla!
-CVE-2008-5792 (PHP remote file inclusion vulnerability in show_joined.php in ...)
+CVE-2008-5792
 	NOT-FOR-US: Indiscripts Enthusiast
-CVE-2008-5791 (Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution ...)
+CVE-2008-5791
 	NOT-FOR-US: PrestaShop e-Commerce Solution
-CVE-2008-5790 (Multiple PHP remote file inclusion vulnerabilities in the ...)
+CVE-2008-5790
 	NOT-FOR-US: Recly!Competitions (com_competitions) component 1.0 for Joomla!
-CVE-2008-5789 (Multiple PHP remote file inclusion vulnerabilities in the Recly ...)
+CVE-2008-5789
 	NOT-FOR-US: Recly Interactive Feederator (com_feederator) component 1.0.5 for Joomla!
-CVE-2008-5788 (SQL injection vulnerability in index.php in Domain Seller Pro 1.5 ...)
+CVE-2008-5788
 	NOT-FOR-US: Domain Seller
-CVE-2008-5787 (Directory traversal vulnerability in mod.php in Arab Portal 2.1 on ...)
+CVE-2008-5787
 	NOT-FOR-US: Arab Portal
-CVE-2008-5786 (Cross-site scripting (XSS) vulnerability in the Silva Find extension ...)
+CVE-2008-5786
 	NOT-FOR-US: Silva Find
-CVE-2008-5785 (SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 ...)
+CVE-2008-5785
 	NOT-FOR-US: V3 Chat - Profiles/Dating Script
-CVE-2008-5784 (V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to ...)
+CVE-2008-5784
 	NOT-FOR-US: V3 Chat - Profiles/Dating Script
-CVE-2008-5783 (admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers ...)
+CVE-2008-5783
 	NOT-FOR-US: V3 Chat
-CVE-2008-5782 (SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows ...)
+CVE-2008-5782
 	NOT-FOR-US: ZeeMatri
-CVE-2008-5781 (SQL injection vulnerability in right.php in Cant Find A Gaming CMS ...)
+CVE-2008-5781
 	NOT-FOR-US: Cant Find A Gaming CMS (CFAGCMS)
-CVE-2008-5780 (Forest Blog 1.3.2 stores sensitive information under the web root with ...)
+CVE-2008-5780
 	NOT-FOR-US: Forest Blog
-CVE-2008-5779 (SQL injection vulnerability in lpro.php in Free Links Directory Script ...)
+CVE-2008-5779
 	NOT-FOR-US: Free Links Directory Script
-CVE-2008-5778 (SQL injection vulnerability in report.php in Free Links Directory ...)
+CVE-2008-5778
 	NOT-FOR-US: Free Links Directory Script
-CVE-2008-5777 (SQL injection vulnerability in index.php in CadeNix allows remote ...)
+CVE-2008-5777
 	NOT-FOR-US: CadeNix
-CVE-2008-5776 (Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 ...)
+CVE-2008-5776
 	NOT-FOR-US: Aperto Blog
-CVE-2008-5775 (SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 ...)
+CVE-2008-5775
 	NOT-FOR-US: Aperto Blog
-CVE-2008-5774 (Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 ...)
+CVE-2008-5774
 	NOT-FOR-US: ASPSiteWare HomeBuilder
-CVE-2008-5773 (Nukedit 4.9.8 stores sensitive information under the web root with ...)
+CVE-2008-5773
 	NOT-FOR-US: Nukedit
-CVE-2008-5772 (Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings ...)
+CVE-2008-5772
 	NOT-FOR-US: ASPSiteWare RealtyListings
-CVE-2008-5771 (Directory traversal vulnerability in test.php in PHP Weather 2.2.2 ...)
+CVE-2008-5771
 	NOT-FOR-US: PHP Weather
-CVE-2008-5770 (Cross-site scripting (XSS) vulnerability in config/make_config.php in ...)
+CVE-2008-5770
 	NOT-FOR-US: PHP Weather
-CVE-2008-5769 (Multiple cross-site scripting (XSS) vulnerabilities in Kerio ...)
+CVE-2008-5769
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-5768 (SQL injection vulnerability in print.php in the AM Events (aka ...)
+CVE-2008-5768
 	NOT-FOR-US: AM Events
-CVE-2008-5767 (SQL injection vulnerability in authors.asp in gNews Publisher allows ...)
+CVE-2008-5767
 	NOT-FOR-US: gNews Publisher
-CVE-2008-5766 (SQL injection vulnerability in download.php in Farsi Script Faupload ...)
+CVE-2008-5766
 	NOT-FOR-US: Farsi Script Faupload
-CVE-2008-5765 (WorkSimple 1.2.1 stores sensitive information under the web root with ...)
+CVE-2008-5765
 	NOT-FOR-US: WorkSimple
-CVE-2008-5764 (PHP remote file inclusion vulnerability in calendar.php in WorkSimple ...)
+CVE-2008-5764
 	NOT-FOR-US: WorkSimple
-CVE-2008-5763 (PHP remote file inclusion vulnerability in slogin_lib.inc.php in ...)
+CVE-2008-5763
 	NOT-FOR-US: Simple Text-File Login Script (SiTeFiLo)
-CVE-2008-5762 (Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive ...)
+CVE-2008-5762
 	NOT-FOR-US: Simple Text-File Login Script (SiTeFiLo)
-CVE-2008-5761 (Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS ...)
+CVE-2008-5761
 	NOT-FOR-US: FlatnuX CMS
-CVE-2008-5760 (Cross-site scripting (XSS) vulnerability in error413.php in Kerio ...)
+CVE-2008-5760
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-5759 (Cross-site scripting (XSS) vulnerability in FlatnuX CMS (aka ...)
+CVE-2008-5759
 	NOT-FOR-US: FlatnuX CMS
-CVE-2008-5758 (Cross-site request forgery (CSRF) vulnerability in PHParanoid before ...)
+CVE-2008-5758
 	NOT-FOR-US: PHParanoid
-CVE-2008-5757 (Cross-site scripting (XSS) vulnerability in textarea/index.php in ...)
+CVE-2008-5757
 	- textpattern 4.0.6-1
-CVE-2008-5756 (Buffer overflow in BreakPoint Software Hex Workshop 5.1.4 allows ...)
+CVE-2008-5756
 	NOT-FOR-US: BreakPoint Software Hex Workshop
-CVE-2008-5755 (Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows ...)
+CVE-2008-5755
 	NOT-FOR-US: IntelliTamper
-CVE-2008-5754 (Stack-based buffer overflow in BulletProof FTP Client allows ...)
+CVE-2008-5754
 	NOT-FOR-US: BulletProof FTP Client
-CVE-2008-5753 (Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 ...)
+CVE-2008-5753
 	NOT-FOR-US: BulletProof FTP Client
-CVE-2008-5752 (Directory traversal vulnerability in getConfig.php in the Page Flip ...)
+CVE-2008-5752
 	NOT-FOR-US: Page Flip Image Gallery plugin for WordPress
-CVE-2008-5751 (SQL injection vulnerability in index.php in AlstraSoft Web Email ...)
+CVE-2008-5751
 	NOT-FOR-US: AlstraSoft Web Email Script Enterprise
-CVE-2008-5750 (Argument injection vulnerability in Microsoft Internet Explorer 8 beta ...)
+CVE-2008-5750
 	NOT-FOR-US: Microsoft
-CVE-2008-5749 (** DISPUTED ** ...)
+CVE-2008-5749
 	NOT-FOR-US: Unclear, historic Chrome issue
-CVE-2008-5748 (Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php ...)
+CVE-2008-5748
 	NOT-FOR-US: BloofoxCMS
-CVE-2008-5747 (F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass ...)
+CVE-2008-5747
 	NOT-FOR-US: F-Prot
-CVE-2008-5746 (Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local ...)
+CVE-2008-5746
 	NOT-FOR-US: Sun SNMP Management Agent
-CVE-2008-5745 (Integer overflow in quartz.dll in the DirectShow framework in ...)
+CVE-2008-5745
 	NOT-FOR-US: Microsoft
-CVE-2008-5824 (Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile ...)
+CVE-2008-5824
 	{DSA-1972-1}
 	- audiofile 0.2.6-7.1 (medium; bug #510205)
-CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) ...)
+CVE-2008-5744
 	{DSA-1699-1}
 	- zaptel 1:1.4.11~dfsg-3 (bug #510583)
-CVE-2008-5743 (pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a ...)
+CVE-2008-5743
 	- pdfjam 1.10-1 (low; bug #510584)
-CVE-2008-5742 (Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier ...)
+CVE-2008-5742
 	NOT-FOR-US: AIST NetCat
 CVE-2008-5741
 	RESERVED
 CVE-2008-5740
 	RESERVED
-CVE-2008-5739 (SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 ...)
+CVE-2008-5739
 	NOT-FOR-US: Pligg CMS
-CVE-2008-5738 (Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass ...)
+CVE-2008-5738
 	NOT-FOR-US: Nodstrum MySQL Calendar
-CVE-2008-5737 (SQL injection vulnerability in index.php in Nodstrum MySQL Calendar ...)
+CVE-2008-5737
 	NOT-FOR-US: Nodstrum MySQL Calendar
-CVE-2008-5736 (Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, ...)
+CVE-2008-5736
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.1-1
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2008-5735 (Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 ...)
+CVE-2008-5735
 	NOT-FOR-US: CoolPlayer
-CVE-2008-5734 (Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp ...)
+CVE-2008-5734
 	NOT-FOR-US: IceWarp Software Merak Mail Server
-CVE-2008-5733 (SQL injection vulnerability in blog.php in the Team Impact TI Blog ...)
+CVE-2008-5733
 	NOT-FOR-US: Team Impact TI Blog System mod for PHP-Fusion
-CVE-2008-5732 (Unrestricted file upload vulnerability in lib/image_upload.php in ...)
+CVE-2008-5732
 	NOT-FOR-US: KafooeyBlog
-CVE-2008-5731 (The PGPwded device driver (aka PGPwded.sys) in PGP Corporation PGP ...)
+CVE-2008-5731
 	NOT-FOR-US: PGP Desktop
-CVE-2008-5730 (Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and ...)
+CVE-2008-5730
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5729 (Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat ...)
+CVE-2008-5729
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5728 (Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and ...)
+CVE-2008-5728
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5727 (SQL injection vulnerability in modules/auth/password_recovery.php in ...)
+CVE-2008-5727
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5726 (SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows ...)
+CVE-2008-5726
 	NOT-FOR-US: stormBoards
-CVE-2008-5725 (The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in ...)
+CVE-2008-5725
 	NOT-FOR-US: EnTech Taiwan PowerStrip
-CVE-2008-5724 (The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ...)
+CVE-2008-5724
 	NOT-FOR-US: ESET Smart Security
-CVE-2008-5723 (Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka ...)
+CVE-2008-5723
 	NOT-FOR-US: CGI RESCUE KanniBBS2000
-CVE-2008-5722 (Buffer overflow in SAWStudio 3.9i allows user-assisted remote ...)
+CVE-2008-5722
 	NOT-FOR-US: SAWStudio
-CVE-2008-5721 (SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers ...)
+CVE-2008-5721
 	NOT-FOR-US: BlackJumboDog
-CVE-2008-5720 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows ...)
+CVE-2008-5720
 	NOT-FOR-US: Mayaa
-CVE-2008-5719 (Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web ...)
+CVE-2008-5719
 	NOT-FOR-US: Hitachi
-CVE-2008-5718 (The papd daemon in Netatalk before 2.0.4-beta2, when using certain ...)
+CVE-2008-5718
 	{DSA-1705-1 DTSA-183-1}
 	- netatalk 2.0.4~beta2-1 (medium; bug #510585)
-CVE-2008-5717 (Cross-site scripting (XSS) vulnerability in Hitachi JP1/Integrated ...)
+CVE-2008-5717
 	NOT-FOR-US: Hitachi
-CVE-2008-5716 (xend in Xen 3.3.0 does not properly restrict a guest VM's write access ...)
+CVE-2008-5716
 	- xen-3 <not-affected> (Vulnerable code never entered Debian)
 	- xen-unstable <not-affected> (Vulnerable code never entered Debian)
 	NOTE: this issue was introduced as a fix to CVE-2008-4405, which has not
 	NOTE: yet been fixed in Debian
-CVE-2008-5715 (Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to ...)
+CVE-2008-5715
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2008-5714 (Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for ...)
+CVE-2008-5714
 	{DSA-1907-1 DTSA-203-1}
 	- qemu 0.9.1-10 (low; bug #509882)
 	[etch] - qemu <not-affected> (Vulnerable code not present)
 	- kvm 82-1 (low; bug #509997)
 	[lenny] - kvm <no-dsa> (Minor issue)
-CVE-2008-5713 (The __qdisc_run function in net/sched/sch_generic.c in the Linux ...)
+CVE-2008-5713
 	{DSA-1794-1}
 	- linux-2.6 2.6.25-1
 	- linux-2.6.24 <removed>
-CVE-2008-5712 (The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to ...)
+CVE-2008-5712
 	- kdebase <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2008-5711 (Heap-based buffer overflow in the Facebook PhotoUploader ActiveX ...)
+CVE-2008-5711
 	NOT-FOR-US: Facebook PhotoUploader ActiveX
-CVE-2008-5710 (Multiple unspecified vulnerabilities in the web management interface ...)
+CVE-2008-5710
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-5709 (Multiple unspecified vulnerabilities in the web management interface ...)
+CVE-2008-5709
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-5708 (redirect.php in SlimCMS 1.0.0 does not require authentication, which ...)
+CVE-2008-5708
 	NOT-FOR-US: SlimCMS
-CVE-2008-5707 (SQL injection vulnerability in urunler.asp in Iltaweb Alisveris ...)
+CVE-2008-5707
 	NOT-FOR-US: Iltaweb Alisveris Sistemi
-CVE-2008-5704 (src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might ...)
+CVE-2008-5704
 	- gpsdrive 2.10~pre4-6.dfsg-2 (low; bug #508597)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
 	[lenny] - gpsdrive 2.10~pre4-6.dfsg-1+lenny1
-CVE-2008-5703 (gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to ...)
+CVE-2008-5703
 	- gpsdrive 2.10~pre4-6.dfsg-2 (low; bug #508597)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
 	[lenny] - gpsdrive 2.10~pre4-6.dfsg-1+lenny1
-CVE-2008-5702 (Buffer underflow in the ibwdt_ioctl function in ...)
+CVE-2008-5702
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	- linux-2.6.24 <removed>
-CVE-2008-5701 (Array index error in arch/mips/kernel/scall64-o32.S in the Linux ...)
+CVE-2008-5701
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	- linux-2.6.24 <removed>
-CVE-2008-5700 (libata in the Linux kernel before 2.6.27.9 does not set minimum ...)
+CVE-2008-5700
 	{DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present, was introduced later)
 	- linux-2.6.24 <removed>
-CVE-2008-5699 (The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris ...)
+CVE-2008-5699
 	NOT-FOR-US: Solaris
-CVE-2008-5698 (HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 ...)
+CVE-2008-5698
 	- kdebase <unfixed> (unimportant)
 	NOTE: browser crashes not treated as security issues
-CVE-2008-5697 (The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 ...)
+CVE-2008-5697
 	NOT-FOR-US: Skype extension
-CVE-2008-5696 (Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is ...)
+CVE-2008-5696
 	NOT-FOR-US: Novell NetWare
-CVE-2008-5695 (wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 ...)
+CVE-2008-5695
 	- wordpress 2.3.2 (low; bug #510786; bug #513959)
 	[etch] - wordpress <no-dsa> (Minor issue)
 	NOTE: only the admin has manage_options capabilities by default and only editors
 	NOTE: have upload_files capabilities
 	NOTE: Only versions prior to 2.3.2 are affected according to the Debian maintainer
-CVE-2008-5694 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-5694
 	NOT-FOR-US: Sandbox
-CVE-2008-5693 (Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other ...)
+CVE-2008-5693
 	NOT-FOR-US: Ipswitch WS_FTP Server Manager
-CVE-2008-5692 (Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other ...)
+CVE-2008-5692
 	NOT-FOR-US: Ipswitch WS_FTP Server Manager
-CVE-2008-5691 (Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX ...)
+CVE-2008-5691
 	NOT-FOR-US: Phoenician Casino FlashAX ActiveX
-CVE-2008-5690 (The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, ...)
+CVE-2008-5690
 	NOT-FOR-US: Solaris
-CVE-2008-5689 (tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 ...)
+CVE-2008-5689
 	NOT-FOR-US: Solaris
-CVE-2008-5688 (MediaWiki 1.8.1, and other versions before 1.13.3, when the ...)
+CVE-2008-5688
 	- mediawiki 1:1.13.3-1 (unimportant)
 	- mediawiki1.7 <removed> (unimportant)
 	NOTE: Installation path disclosure not treated as a security issue
-CVE-2008-5687 (MediaWiki 1.11, and other versions before 1.13.3, does not properly ...)
+CVE-2008-5687
 	{DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (low)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki1.7 <not-affected> (The backup feature was introduced in 1.11)
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2008-5686 (IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its ...)
+CVE-2008-5686
 	NOT-FOR-US: IBM Tivoli Provisioning Manager
-CVE-2008-5685 (Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun ...)
+CVE-2008-5685
 	NOT-FOR-US: Sun ScApp firmware
-CVE-2008-5684 (Unspecified vulnerability in the X Inter Client Exchange library (aka ...)
+CVE-2008-5684
 	NOT-FOR-US: Solaris
-CVE-2008-5683 (Unspecified vulnerability in Opera before 9.63 allows remote attackers ...)
+CVE-2008-5683
 	NOT-FOR-US: Opera
-CVE-2008-5682 (Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows ...)
+CVE-2008-5682
 	NOT-FOR-US: Opera
-CVE-2008-5681 (Opera before 9.63 does not block unspecified &quot;scripted URLs&quot; during ...)
+CVE-2008-5681
 	NOT-FOR-US: Opera
-CVE-2008-5680 (Multiple buffer overflows in Opera before 9.63 might allow (1) remote ...)
+CVE-2008-5680
 	NOT-FOR-US: Opera
-CVE-2008-5679 (The HTML parsing engine in Opera before 9.63 allows remote attackers ...)
+CVE-2008-5679
 	NOT-FOR-US: Opera
-CVE-2008-5678 (Fretwell-Downing Informatics (FDI) OLIB7 WebView 2.5.1.1 allows remote ...)
+CVE-2008-5678
 	NOT-FOR-US: OLIB7 WebView
-CVE-2008-5677 (Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and ...)
+CVE-2008-5677
 	NOT-FOR-US: Kwalbum
-CVE-2008-5676 (Multiple unspecified vulnerabilities in the ModSecurity (aka ...)
+CVE-2008-5676
 	- libapache-mod-security 2.5.6-1
-CVE-2008-5675 (Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 ...)
+CVE-2008-5675
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2008-5674 (Multiple array index errors in the HTTP server in Darkwet Network ...)
+CVE-2008-5674
 	NOT-FOR-US: Darkwet Network webcamXP
-CVE-2008-5673 (PHParanoid before 0.4 does not properly restrict access to the members ...)
+CVE-2008-5673
 	NOT-FOR-US: PHParanoid
-CVE-2008-5672 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-5672
 	NOT-FOR-US: PHParanoid
-CVE-2008-5671 (PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 ...)
+CVE-2008-5671
 	NOT-FOR-US: Joomla!
-CVE-2008-5670 (Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password ...)
+CVE-2008-5670
 	- textpattern 4.0.6-1 (low)
-CVE-2008-5669 (index.php in the comments preview section in Textpattern (aka Txp CMS) ...)
+CVE-2008-5669
 	- textpattern 4.0.6-1 (low)
-CVE-2008-5668 (Multiple cross-site scripting (XSS) vulnerabilities in Textpattern ...)
+CVE-2008-5668
 	- textpattern 4.0.6-1 (low)
-CVE-2008-5667 (The scanning engine in VirusBlokAda VBA32 Personal Antivirus 3.12.8.x ...)
+CVE-2008-5667
 	NOT-FOR-US: VBA32 Personal Antivirus
-CVE-2008-5666 (WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows ...)
+CVE-2008-5666
 	NOT-FOR-US: WinFTP
-CVE-2008-5665 (SQL injection vulnerability in index.php in the xhresim module in ...)
+CVE-2008-5665
 	NOT-FOR-US: XOOPS
-CVE-2008-5664 (Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound ...)
+CVE-2008-5664
 	NOT-FOR-US: Realtek Media Player
-CVE-2008-5663 (Multiple unrestricted file upload vulnerabilities in Kusaba 1.0.4 and ...)
+CVE-2008-5663
 	NOT-FOR-US: Kusaba
-CVE-2008-5662 (Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC ...)
+CVE-2008-5662
 	NOT-FOR-US: Sun Java Wireless Toolkit
-CVE-2008-5661 (The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 ...)
+CVE-2008-5661
 	NOT-FOR-US: Sun Solaris
-CVE-2008-5659 (The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and ...)
+CVE-2008-5659
 	- classpath 2:0.98-1 (bug #512532; low)
 	[lenny] - classpath <no-dsa> (Minor issue)
 	- libgnucrypto-java <removed> (low; bug #559789)
 	[lenny] - libgnucrypto-java <no-dsa> (Minor issue)
-CVE-2008-5657 (CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows ...)
+CVE-2008-5657
 	- quassel 0.2~rc1-1.1 (bug #506550)
-CVE-2008-5656 (Cross-site scripting (XSS) vulnerability in the frontend plugin for ...)
+CVE-2008-5656
 	- typo3-src 4.2.3-1 (bug #505325)
 	[etch] - typo3-src <not-affected> (Typo3 versions below 4.2.x are not affected)
-CVE-2008-5655 (Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 ...)
+CVE-2008-5655
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5654 (SQL injection vulnerability in the loginADP function in ajaxp.php in ...)
+CVE-2008-5654
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5653 (SQL injection vulnerability in the loginADP function in ajaxp.php in ...)
+CVE-2008-5653
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5652 (SQL injection vulnerability in the loginADP function in ajaxp.php in ...)
+CVE-2008-5652
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5651 (SQL injection vulnerability in ...)
+CVE-2008-5651
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5650 (SQL injection vulnerability in the login directory in AlstraSoft Web ...)
+CVE-2008-5650
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2008-5649 (SQL injection vulnerability in admin/admin.php in AlstraSoft Article ...)
+CVE-2008-5649
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2008-5648 (SQL injection vulnerability in admin/login.php in DeltaScripts PHP ...)
+CVE-2008-5648
 	NOT-FOR-US: DeltaScripts PHP Shop
-CVE-2008-5647 (Unspecified vulnerability in the HTML sanitizer filter in Trac before ...)
+CVE-2008-5647
 	- trac 0.11.1-2.1 (low; bug #509342; bug #505197)
 	[etch] - trac <no-dsa> (Minor issue)
-CVE-2008-5646 (Unspecified vulnerability in Trac before 0.11.2 allows attackers to ...)
+CVE-2008-5646
 	- trac 0.11.1-2.1 (low; bug #509342; bug #505197)
 	[etch] - trac <no-dsa> (Minor issue)
-CVE-2008-5645 (Directory traversal vulnerability in the media server in Orb Networks ...)
+CVE-2008-5645
 	NOT-FOR-US: Orb Networks Orb
-CVE-2008-5644 (Cross-site scripting (XSS) vulnerability in the file backend module in ...)
+CVE-2008-5644
 	- typo3-src 4.2.3-1 (bug #505324)
 	[etch] - typo3-src <not-affected> (Only Typo3 4.2.2 is affected)
-CVE-2008-5643 (SQL injection vulnerability in the Books (com_books) component for ...)
+CVE-2008-5643
 	NOT-FOR-US: Joomla!
-CVE-2008-5642 (Directory traversal vulnerability in admin/login.php in CMS Made ...)
+CVE-2008-5642
 	NOT-FOR-US: CMS Made Simple
-CVE-2008-5641 (SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 ...)
+CVE-2008-5641
 	NOT-FOR-US: Active Photo Gallery
-CVE-2008-5640 (SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 ...)
+CVE-2008-5640
 	NOT-FOR-US: Active Bids
-CVE-2008-5639 (Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha ...)
+CVE-2008-5639
 	NOT-FOR-US: TxtBlog
-CVE-2008-5638 (Multiple SQL injection vulnerabilities in Active Price Comparison 4 ...)
+CVE-2008-5638
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5637 (SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows ...)
+CVE-2008-5637
 	NOT-FOR-US: ParsBlogger
-CVE-2008-5636 (SQL injection vulnerability in cate.php in Lito Lite CMS, when ...)
+CVE-2008-5636
 	NOT-FOR-US: Lito Lite CMS
-CVE-2008-5635 (SQL injection vulnerability in account.asp in Active Membership 2.0 ...)
+CVE-2008-5635
 	NOT-FOR-US: Active Membership
-CVE-2008-5634 (SQL injection vulnerability in account.asp in Active Force Matrix 2.0 ...)
+CVE-2008-5634
 	NOT-FOR-US: Active Force Matrix
-CVE-2008-5633 (SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows ...)
+CVE-2008-5633
 	NOT-FOR-US: ActiveVotes
-CVE-2008-5632 (SQL injection vulnerability in Account.asp in Active Time Billing 3.2 ...)
+CVE-2008-5632
 	NOT-FOR-US: Active Time Billing
-CVE-2008-5631 (SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows ...)
+CVE-2008-5631
 	NOT-FOR-US: Active eWebquiz
-CVE-2008-5630 (SQL injection vulnerability in merchants/index.php in Post Affiliate ...)
+CVE-2008-5630
 	NOT-FOR-US: Post Affiliate
-CVE-2008-5629 (SQL injection vulnerability in index.php in Turnkey Arcade Script ...)
+CVE-2008-5629
 	NOT-FOR-US: Turnkey Arcade Script
-CVE-2008-5628 (SQL injection vulnerability in index.php in CMS little 0.0.1 allows ...)
+CVE-2008-5628
 	NOT-FOR-US: CMS little
-CVE-2008-5627 (SQL injection vulnerability in account.asp in Active Trade 2 allows ...)
+CVE-2008-5627
 	NOT-FOR-US: Active Trade
-CVE-2008-5626 (XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to ...)
+CVE-2008-5626
 	NOT-FOR-US: XM Easy Personal FTP Server
 CVE-2008-5623
 	RESERVED
-CVE-2008-5620 (RoundCube Webmail (roundcubemail) before 0.2-beta allows remote ...)
+CVE-2008-5620
 	- roundcube 0.1.1-10 (low; bug #509596)
-CVE-2008-5618 (imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 ...)
+CVE-2008-5618
 	- rsyslog 3.18.6-1 (low; bug #510906)
 CVE-2008-5615
 	RESERVED
@@ -3675,244 +3675,244 @@ CVE-2008-5611
 	RESERVED
 CVE-2008-5610
 	RESERVED
-CVE-2008-5609 (SQL injection vulnerability in the Commerce extension 0.9.6 and ...)
+CVE-2008-5609
 	NOT-FOR-US: Commerce extension
-CVE-2008-5608 (ASP AutoDealer stores sensitive information under the web root with ...)
+CVE-2008-5608
 	NOT-FOR-US: AutoDealer
-CVE-2008-5607 (SQL injection vulnerability in the JMovies (aka JM or com_jmovies) ...)
+CVE-2008-5607
 	NOT-FOR-US: joomla
-CVE-2008-5606 (Gazatem QMail Mailing List Manager 1.2 stores sensitive information ...)
+CVE-2008-5606
 	NOT-FOR-US: Gazatem QMail Mailing List Manager
-CVE-2008-5605 (Multiple SQL injection vulnerabilities in ASP Portal allow remote ...)
+CVE-2008-5605
 	NOT-FOR-US: ASP Portal
-CVE-2008-5604 (Directory traversal vulnerability in index.php in My Simple Forum 3.0 ...)
+CVE-2008-5604
 	NOT-FOR-US: My Simple Forum
-CVE-2008-5603 (ASPTicker 1.0 stores sensitive information under the web root with ...)
+CVE-2008-5603
 	NOT-FOR-US: ASPTicker
-CVE-2008-5602 (Natterchat 1.12 stores sensitive information under the web root with ...)
+CVE-2008-5602
 	NOT-FOR-US: Natterchat
-CVE-2008-5601 (User Engine Lite ASP stores sensitive information under the web root ...)
+CVE-2008-5601
 	NOT-FOR-US: User Engine Lite ASP
-CVE-2008-5600 (Merlix Teamworx Server stores sensitive information under the web root ...)
+CVE-2008-5600
 	NOT-FOR-US: Merlix Teamworx Server
-CVE-2008-5599 (SQL injection vulnerability in default.asp in Merlix Teamworx Server ...)
+CVE-2008-5599
 	NOT-FOR-US: Merlix Teamworx Server
-CVE-2008-5598 (Directory traversal vulnerability in index.php in PHPmyGallery 1.51 ...)
+CVE-2008-5598
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-5597 (Cold BBS stores sensitive information under the web root with ...)
+CVE-2008-5597
 	NOT-FOR-US: Cold BBS
-CVE-2008-5596 (Ikon AdManager 2.1 and earlier stores sensitive information under the ...)
+CVE-2008-5596
 	NOT-FOR-US: Ikon AdManager
-CVE-2008-5595 (SQL injection vulnerability in detail.asp in ASP AutoDealer allows ...)
+CVE-2008-5595
 	NOT-FOR-US: ASP AutoDealer
-CVE-2008-5594 (Multiple directory traversal vulnerabilities in index.php in Mini Blog ...)
+CVE-2008-5594
 	NOT-FOR-US: Mini Blog
-CVE-2008-5593 (Multiple directory traversal vulnerabilities in index.php in Mini CMS ...)
+CVE-2008-5593
 	NOT-FOR-US: Mini CMS
-CVE-2008-5592 (Nightfall Personal Diary 1.0 stores sensitive information under the ...)
+CVE-2008-5592
 	NOT-FOR-US: Nightfall Personal Diary
-CVE-2008-5591 (Cross-site scripting (XSS) vulnerability in login.asp in Nightfall ...)
+CVE-2008-5591
 	NOT-FOR-US: Nightfall Personal Diary
-CVE-2008-5590 (SQL injection vulnerability in customer.forumtopic.php in Kalptaru ...)
+CVE-2008-5590
 	NOT-FOR-US: Kalptaru Infotech Product Sale Framework
-CVE-2008-5589 (SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm ...)
+CVE-2008-5589
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2008-5588 (SQL injection vulnerability in rankup.asp in Katy Whitton RankEm ...)
+CVE-2008-5588
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2008-5587 (Directory traversal vulnerability in libraries/lib.inc.php in ...)
+CVE-2008-5587
 	{DSA-1693-1}
 	- phppgadmin 4.2.1-1.1 (low; bug #508026)
 	NOTE: register_globals=on is required
 	NOTE: http://www.milw0rm.com/exploits/7363
-CVE-2008-5586 (SQL injection vulnerability in findoffice.php in Check Up New ...)
+CVE-2008-5586
 	NOT-FOR-US: Check Up New Generation
-CVE-2008-5585 (Multiple PHP remote file inclusion vulnerabilities in lcxBBportal 0.1 ...)
+CVE-2008-5585
 	NOT-FOR-US: lcxBBportal
 CVE-2008-5622
 	REJECTED
-CVE-2008-5621 (Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x ...)
+CVE-2008-5621
 	{DSA-1723-1}
 	- phpmyadmin 4:2.11.8.1-5
-CVE-2008-5584 (Multiple cross-site scripting (XSS) vulnerabilities in ProjectPier 0.8 ...)
+CVE-2008-5584
 	NOT-FOR-US: ProjectPier
-CVE-2008-5583 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+CVE-2008-5583
 	NOT-FOR-US: ProjectPier
-CVE-2008-5582 (SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, ...)
+CVE-2008-5582
 	NOT-FOR-US: Nukedit
-CVE-2008-5581 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-5581
 	NOT-FOR-US: mini-pub
-CVE-2008-5580 (mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers ...)
+CVE-2008-5580
 	NOT-FOR-US: mini-pub
-CVE-2008-5579 (Absolute path traversal vulnerability in ...)
+CVE-2008-5579
 	NOT-FOR-US: mini-pub
-CVE-2008-5578 (Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, ...)
+CVE-2008-5578
 	NOT-FOR-US: sCssBoard
-CVE-2008-5577 (PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, ...)
+CVE-2008-5577
 	NOT-FOR-US: sCssBoard
-CVE-2008-5576 (admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote ...)
+CVE-2008-5576
 	NOT-FOR-US: sCssBoard
-CVE-2008-5575 (Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier ...)
+CVE-2008-5575
 	NOT-FOR-US: Pro Clan Manager
-CVE-2008-5574 (SQL injection vulnerability in member.php in Webmaster Marketplace ...)
+CVE-2008-5574
 	NOT-FOR-US: Webmaster Marketplace
-CVE-2008-5573 (SQL injection vulnerability in the login feature in Poll Pro 2.0 ...)
+CVE-2008-5573
 	NOT-FOR-US: Poll Pro
-CVE-2008-5572 (Professional Download Assistant 0.1 stores sensitive information under ...)
+CVE-2008-5572
 	NOT-FOR-US: Professional Download Assistant
-CVE-2008-5571 (SQL injection vulnerability in admin/login.asp in Professional ...)
+CVE-2008-5571
 	NOT-FOR-US: Professional Download Assistant
-CVE-2008-5570 (Directory traversal vulnerability in index.php in PHP Multiple ...)
+CVE-2008-5570
 	NOT-FOR-US: Multiple Newsletters
-CVE-2008-5569 (Multiple cross-site scripting (XSS) vulnerabilities in PHPepperShop ...)
+CVE-2008-5569
 	NOT-FOR-US: PHPepperShop
-CVE-2008-5568 (Cross-site request forgery (CSRF) vulnerability in admin/settings.php ...)
+CVE-2008-5568
 	NOT-FOR-US: IPN Pro
-CVE-2008-5567 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-5567
 	NOT-FOR-US: Bonza Cart
-CVE-2008-5566 (Cross-site scripting (XSS) vulnerability in index.php in Triangle ...)
+CVE-2008-5566
 	NOT-FOR-US: Multiple Newsletters
-CVE-2008-5565 (Cross-site request forgery (CSRF) vulnerability in admin/settings.php ...)
+CVE-2008-5565
 	NOT-FOR-US: DL PayCart
-CVE-2008-5564 (Unspecified vulnerability in the media server in Orb Networks Orb ...)
+CVE-2008-5564
 	NOT-FOR-US: Orb Networks Orb
-CVE-2008-5563 (Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, ...)
+CVE-2008-5563
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2008-5562 (ASPPortal stores sensitive information under the web root with ...)
+CVE-2008-5562
 	NOT-FOR-US: ASPPortal
-CVE-2008-5561 (SQL injection vulnerability in Netref 4.0 allows remote attackers to ...)
+CVE-2008-5561
 	NOT-FOR-US: Netref
-CVE-2008-5560 (PostEcards stores sensitive information under the web root with ...)
+CVE-2008-5560
 	NOT-FOR-US: PostEcards
-CVE-2008-5559 (SQL injection vulnerability in sendcard.cfm in PostEcards allows ...)
+CVE-2008-5559
 	NOT-FOR-US: PostEcards
-CVE-2008-5558 (Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition ...)
+CVE-2008-5558
 	- asterisk 1:1.4.0~dfsg-1 (bug #509686)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-5557 (Heap-based buffer overflow in ...)
+CVE-2008-5557
 	{DSA-1789-1 DTSA-188-1}
 	- php5 5.2.6.dfsg.1-1 (bug #511493)
 	[lenny] - php5 5.2.6.dfsg.1-1+lenny1
 	NOTE: according to bug report, this was fixed in lenny prior to the release, but was not marked as such at the time
-CVE-2008-6506 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers to ...)
+CVE-2008-6506
 	- phpbb3 3.0.2-4 (low; bug #508872)
-CVE-2008-5556 (** DISPUTED ** ...)
+CVE-2008-5556
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5555 (Microsoft Internet Explorer 8.0 Beta 2 relies on the ...)
+CVE-2008-5555
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5554 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not ...)
+CVE-2008-5554
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5553 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 disables ...)
+CVE-2008-5553
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5552 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote ...)
+CVE-2008-5552
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5551 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote ...)
+CVE-2008-5551
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5550 (Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp ...)
+CVE-2008-5550
 	NOT-FOR-US: Sun Java Web Console
-CVE-2008-5549 (Unspecified vulnerability in the Sun Java Web Console components in ...)
+CVE-2008-5549
 	NOT-FOR-US: Sun Java Web Console
-CVE-2008-5548 (VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows ...)
+CVE-2008-5548
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5547 (HAURI ViRobot 2008.12.4.1499 and possibly 2008.9.12.1375, when ...)
+CVE-2008-5547
 	NOT-FOR-US: HAURI ViRobot
-CVE-2008-5546 (VirusBlokAda VBA32 3.12.8.5, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5546
 	NOT-FOR-US: VirusBlokAda VBA32
-CVE-2008-5545 (Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet ...)
+CVE-2008-5545
 	NOT-FOR-US: Trend Micro VSAPI
-CVE-2008-5544 (Hacksoft The Hacker 6.3.1.2.174 and possibly 6.3.0.9.081, when ...)
+CVE-2008-5544
 	NOT-FOR-US: Hacksoft The Hacker
-CVE-2008-5543 (Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5543
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2008-5542 (Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1, when Internet ...)
+CVE-2008-5542
 	NOT-FOR-US: Sunbelt VIPRE
-CVE-2008-5541 (Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5541
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2008-5540 (Secure Computing Secure Web Gateway (aka Webwasher), when Internet ...)
+CVE-2008-5540
 	NOT-FOR-US: Webwasher
-CVE-2008-5539 (RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet ...)
+CVE-2008-5539
 	NOT-FOR-US: RISING Antivirus
-CVE-2008-5538 (Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote ...)
+CVE-2008-5538
 	NOT-FOR-US: Prevx Prevx1 2
-CVE-2008-5537 (PC Tools AntiVirus 4.4.2.0, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5537
 	NOT-FOR-US: PC Tools AntiVirus
-CVE-2008-5536 (Panda Antivirus 9.0.0.4, when Internet Explorer 6 or 7 is used, allows ...)
+CVE-2008-5536
 	NOT-FOR-US: Panda Antivirus
-CVE-2008-5535 (Norman Antivirus 5.80.02, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5535
 	NOT-FOR-US: Norman Antivirus
-CVE-2008-5534 (ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6 ...)
+CVE-2008-5534
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2008-5533 (K7AntiVirus 7.10.541 and possibly 7.10.454, when Internet Explorer 6 ...)
+CVE-2008-5533
 	NOT-FOR-US: K7AntiVirus
-CVE-2008-5532 (Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when ...)
+CVE-2008-5532
 	NOT-FOR-US: Ikarus Virus Utilities
-CVE-2008-5531 (Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5531
 	NOT-FOR-US: Fortinet Antivirus
-CVE-2008-5530 (Ewido Security Suite 4.0, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5530
 	NOT-FOR-US: Ewido Security Suite
-CVE-2008-5529 (CA eTrust Antivirus 31.6.6086, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5529
 	NOT-FOR-US: CA eTrust Antivirus
-CVE-2008-5528 (Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows ...)
+CVE-2008-5528
 	NOT-FOR-US: Aladdin eSafe
-CVE-2008-5527 (ESET Smart Security, when Internet Explorer 6 or 7 is used, allows ...)
+CVE-2008-5527
 	NOT-FOR-US: ESET Smart Security
-CVE-2008-5526 (DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5526
 	NOT-FOR-US: DrWeb Anti-virus
-CVE-2008-5525 (ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is ...)
+CVE-2008-5525
 	- clamav <not-affected> (medium; bug #526041)
 	NOTE: this issue refers to a clamav antivirus bypass that occurs when the user
 	NOTE: is using IE6 or IE7 to open a malicious page with an MZ header
 	NOTE: - all other browsers are not vulnerable
 	NOTE: - see http://xforce.iss.net/xforce/xfdb/47435 and bug report for details
-CVE-2008-5524 (CAT-QuickHeal 10.00 and possibly 9.50, when Internet Explorer 6 or 7 ...)
+CVE-2008-5524
 	NOT-FOR-US: CAT-QuickHeal
-CVE-2008-5523 (avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5523
 	NOT-FOR-US: avast! antivirus
-CVE-2008-5522 (AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, ...)
+CVE-2008-5522
 	NOT-FOR-US: AVG Anti-Virus
-CVE-2008-5521 (Avira AntiVir 7.9.0.36 and possibly 7.8.1.28, when Internet Explorer 6 ...)
+CVE-2008-5521
 	NOT-FOR-US: Avira AntiVir
-CVE-2008-5520 (AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer ...)
+CVE-2008-5520
 	NOT-FOR-US: AhnLab V3
-CVE-2008-5519 (The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat ...)
+CVE-2008-5519
 	{DSA-1810-1}
 	- libapache-mod-jk 1:1.2.26-2.1 (bug #523054)
-CVE-2008-5518 (Multiple directory traversal vulnerabilities in the web administration ...)
+CVE-2008-5518
 	- geronimo <itp> (bug #481869)
-CVE-2008-5517 (The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote ...)
+CVE-2008-5517
 	{DSA-1708-1}
 	- git-core 1:1.5.6.5-2 (low; bug #512330)
-CVE-2008-5516 (The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote ...)
+CVE-2008-5516
 	{DSA-1708-1}
 	- git-core 1:1.5.6-1
-CVE-2008-5515 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 ...)
+CVE-2008-5515
 	{DSA-2207-1}
 	- tomcat5 <removed> (bug #532363)
 	- tomcat5.5 <removed> (bug #532366)
 	- tomcat6 6.0.20-1 (bug #532362)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2008-5514 (Off-by-one error in the rfc822_output_char function in the ...)
+CVE-2008-5514
 	{DTSA-174-2}
 	- uw-imap 2007b~dfsg-1.1 (medium; bug #510918)
 	[etch] - uw-imap <not-affected> (Vulnerable code not present)
 	- alpine 2.02-3.1 (low)
 	[lenny] - alpine <no-dsa> (Minor issue)
 	[squeeze] - alpine  2.00+dfsg-6+squeeze1
-CVE-2008-5513 (Unspecified vulnerability in the session-restore feature in Mozilla ...)
+CVE-2008-5513
 	{DSA-1707-1}
 	- iceweasel 3.0.5-1
-CVE-2008-5512 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before ...)
+CVE-2008-5512
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5511 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+CVE-2008-5511
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5510 (The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before ...)
+CVE-2008-5510
 	{DSA-1707-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
@@ -3923,90 +3923,90 @@ CVE-2008-5510 (The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before
 	NOTE: patch will be checked for icedove/iceape/xulrunner by Alexander for next round
 CVE-2008-5509
 	RESERVED
-CVE-2008-5508 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+CVE-2008-5508
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5507 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+CVE-2008-5507
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5506 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+CVE-2008-5506
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5505 (Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass ...)
+CVE-2008-5505
 	- iceweasel 3.0.5-1
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: patch now available and will be checked for next patch round
-CVE-2008-5504 (Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run ...)
+CVE-2008-5504
 	{DSA-1707-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	[etch] - xulrunner <not-affected> (The vulnerable feature is only included in 1.8.1 branch)
 	NOTE: Original fix for CVE-2008-3836 was incomplete
-CVE-2008-5503 (The loadBindingDocument function in Mozilla Firefox 2.x before ...)
+CVE-2008-5503
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceape 1.1.13-1
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.19-1 (low)
 	NOTE: JavaScript for mails is disabled by default and if users enable it ...
-CVE-2008-5502 (The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...)
+CVE-2008-5502
 	- iceweasel 3.0.5-1
 	[etch] - iceweasel <not-affected> (Firefox 2.x not affected)
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Xulrunner 1.8 not affected)
 	- icedove <not-affected> (This issue was FF3 only, CVE-2008-5500 affects icedove)
-CVE-2008-5501 (The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...)
+CVE-2008-5501
 	- iceweasel 3.0.5-1
 	[etch] - iceweasel <not-affected> (Firefox 2.x not affected)
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Xulrunner 1.8 not affected)
 	- icedove <not-affected> (This issue was FF3 only, CVE-2008-5500 affects icedove)
-CVE-2008-5500 (The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before ...)
+CVE-2008-5500
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5499 (Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, ...)
+CVE-2008-5499
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5498 (Array index error in the imageRotate function in PHP 5.2.8 and earlier ...)
+CVE-2008-5498
 	- php5 <not-affected> (php5 links to the shared lib)
 	- libgd2 <not-affected> (code is specific to php's libgd)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361
-CVE-2008-5497 (BandSite CMS 1.1.4 allows remote attackers to bypass authentication ...)
+CVE-2008-5497
 	NOT-FOR-US: BandSite CMS
-CVE-2008-5496 (SQL injection vulnerability in showcategory.php in PozScripts Business ...)
+CVE-2008-5496
 	NOT-FOR-US: PozScripts Business Directory Script
-CVE-2008-5495 (Unspecified vulnerability in the GungHo LoadPrgAx ActiveX control ...)
+CVE-2008-5495
 	NOT-FOR-US: GungHo LoadPrgAx
-CVE-2008-5494 (SQL injection vulnerability in the Contact Information Module ...)
+CVE-2008-5494
 	NOT-FOR-US: Contact Information Module (com_contactinfo) component for Joomla!
-CVE-2008-5493 (SQL injection vulnerability in track.php in PHPStore Wholesales (aka ...)
+CVE-2008-5493
 	NOT-FOR-US: PHPStore Wholesales
-CVE-2008-5492 (Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX ...)
+CVE-2008-5492
 	NOT-FOR-US: PDFVIEW.PdfviewCtrl.1
-CVE-2008-5491 (SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier ...)
+CVE-2008-5491
 	NOT-FOR-US: SlimCMS
-CVE-2008-5490 (SQL injection vulnerability in index.php in PHPStore Yahoo Answers ...)
+CVE-2008-5490
 	NOT-FOR-US: PHPStore Yahoo Answers
-CVE-2008-5489 (SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, ...)
+CVE-2008-5489
 	NOT-FOR-US: ClipShare
-CVE-2008-5488 (SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 ...)
+CVE-2008-5488
 	NOT-FOR-US: E-topbiz Domain Shop
-CVE-2008-5487 (Cross-site scripting (XSS) vulnerability in admin.php in TurnkeyForms ...)
+CVE-2008-5487
 	NOT-FOR-US: TurnkeyForms Text Link Sales
-CVE-2008-5486 (SQL injection vulnerability in admin.php in TurnkeyForms Text Link ...)
+CVE-2008-5486
 	NOT-FOR-US: TurnkeyForms Text Link Sales
-CVE-2008-5616 (Stack-based buffer overflow in the demux_open_vqf function in ...)
+CVE-2008-5616
 	{DSA-1782-1 DTSA-181-1}
 	- mplayer 1.0~rc2-19 (low; bug #508803)
 CVE-2008-XXXX [axel URL parser buffer overflow]
@@ -4014,7 +4014,7 @@ CVE-2008-XXXX [axel URL parser buffer overflow]
 	[etch] - axel <no-dsa> (Minor issue)
 	NOTE: http://alioth.debian.org/forum/forum.php?forum_id=2846
 	NOTE: this only work for non-interactive sessions which is a quite exotic usecase
-CVE-2008-5619 (html2text.php in Chuggnutt HTML to Text Converter, as used in ...)
+CVE-2008-5619
 	- roundcube 0.1.1-9 (high; bug #508628; bug #536498)
 	NOTE: According to the bug report, this is being exploited.
 	- moodle 1.8.2.dfsg-2 (bug #508909)
@@ -4067,150 +4067,150 @@ CVE-2008-5465
 	REJECTED
 CVE-2008-5464
 	REJECTED
-CVE-2008-5463 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
+CVE-2008-5463
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5462 (Unspecified vulnerability in the WebLogic Portal component in BEA ...)
+CVE-2008-5462
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5461 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2008-5461
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5460 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2008-5460
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5459 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2008-5459
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5458 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2008-5458
 	NOT-FOR-US: Oracle
-CVE-2008-5457 (Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins ...)
+CVE-2008-5457
 	NOT-FOR-US: Oracle
-CVE-2008-5456 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2008-5456
 	NOT-FOR-US: Oracle
-CVE-2008-5455 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ...)
+CVE-2008-5455
 	NOT-FOR-US: Oracle
-CVE-2008-5454 (Unspecified vulnerability in the iProcurement component in Oracle ...)
+CVE-2008-5454
 	NOT-FOR-US: Oracle
 CVE-2008-5453
 	REJECTED
-CVE-2008-5452 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2008-5452
 	NOT-FOR-US: Oracle
-CVE-2008-5451 (Unspecified vulnerability in the JD Edwards Tools component in Oracle ...)
+CVE-2008-5451
 	NOT-FOR-US: Oracle
-CVE-2008-5450 (Unspecified vulnerability in the Oracle Applications Platform ...)
+CVE-2008-5450
 	NOT-FOR-US: Oracle
-CVE-2008-5449 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-5449
 	NOT-FOR-US: Oracle
-CVE-2008-5448 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-5448
 	NOT-FOR-US: Oracle
-CVE-2008-5447 (Unspecified vulnerability in the Oracle Enterprise Manager component ...)
+CVE-2008-5447
 	NOT-FOR-US: Oracle
-CVE-2008-5446 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2008-5446
 	NOT-FOR-US: Oracle
-CVE-2008-5445 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-5445
 	NOT-FOR-US: Oracle
-CVE-2008-5444 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-5444
 	NOT-FOR-US: Oracle
-CVE-2008-5443 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-5443
 	NOT-FOR-US: Oracle
-CVE-2008-5442 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-5442
 	NOT-FOR-US: Oracle
-CVE-2008-5441 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-5441
 	NOT-FOR-US: Oracle
-CVE-2008-5440 (Unspecified vulnerability in the TimesTen Data Server component in ...)
+CVE-2008-5440
 	NOT-FOR-US: Oracle
-CVE-2008-5439 (Unspecified vulnerability in the SQL*Plus Windows GUI component in ...)
+CVE-2008-5439
 	NOT-FOR-US: Oracle
-CVE-2008-5438 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-5438
 	NOT-FOR-US: Oracle
-CVE-2008-5437 (Unspecified vulnerability in the Job Queue component in Oracle ...)
+CVE-2008-5437
 	NOT-FOR-US: Oracle
-CVE-2008-5436 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2008-5436
 	NOT-FOR-US: Oracle
-CVE-2008-5435 (Cross-site scripting (XSS) vulnerability in moderate.php in PunBB ...)
+CVE-2008-5435
 	NOT-FOR-US: PunBB
-CVE-2008-5434 (Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow ...)
+CVE-2008-5434
 	NOT-FOR-US: PunBB
-CVE-2008-5433 (Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and ...)
+CVE-2008-5433
 	NOT-FOR-US: PunBB
-CVE-2008-5432 (Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 ...)
+CVE-2008-5432
 	{DSA-1691-1}
 	- moodle 1.8.2.dfsg-1 (bug #508593)
-CVE-2008-5431 (Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a ...)
+CVE-2008-5431
 	NOT-FOR-US: Teamtek Universal FTP Server
-CVE-2008-5430 (Mozilla Thunderbird 2.0.14 does not properly handle (1) ...)
+CVE-2008-5430
 	- icedove <unfixed> (unimportant)
 	NOTE: crashes icedove, but no security impact
-CVE-2008-5429 (Incredimail build 5853710 does not properly handle (1) multipart/mixed ...)
+CVE-2008-5429
 	NOT-FOR-US: Incredimail
-CVE-2008-5428 (Opera 9.51 on Windows XP does not properly handle (1) multipart/mixed ...)
+CVE-2008-5428
 	NOT-FOR-US: Opera
-CVE-2008-5427 (Norton Antivirus in Norton Internet Security 15.5.0.23 does not ...)
+CVE-2008-5427
 	NOT-FOR-US: Norton Internet Security
-CVE-2008-5426 (Kaspersky Internet Security Suite 2009 does not properly handle (1) ...)
+CVE-2008-5426
 	NOT-FOR-US: Kaspersky Internet Security Suite
-CVE-2008-5425 (ESet NOD32 2.70.0039.0000 does not properly handle (1) multipart/mixed ...)
+CVE-2008-5425
 	NOT-FOR-US: NOD32
-CVE-2008-5424 (The MimeOleClearDirtyTree function in InetComm.dll in Microsoft ...)
+CVE-2008-5424
 	NOT-FOR-US: Microsoft Outlook Express
-CVE-2008-5423 (Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector ...)
+CVE-2008-5423
 	NOT-FOR-US: Sun Ray Software
-CVE-2008-5422 (Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict ...)
+CVE-2008-5422
 	NOT-FOR-US: Sun Sun Ray Server Software
-CVE-2008-5421 (The SSL web administration service in NetWin SmsGate 1.1n and earlier ...)
+CVE-2008-5421
 	NOT-FOR-US: NetWin SmsGate
-CVE-2008-5420 (The SAN Manager Master Agent service (aka msragent.exe) in EMC Control ...)
+CVE-2008-5420
 	NOT-FOR-US: SAN Manager Master Agent
-CVE-2008-5419 (Stack-based buffer overflow in SAN Manager Master Agent service (aka ...)
+CVE-2008-5419
 	NOT-FOR-US: SAN Manager Master Agent
-CVE-2008-5418 (Directory traversal vulnerability in login.php in the PunPortal module ...)
+CVE-2008-5418
 	NOT-FOR-US: PunBB
-CVE-2008-5417 (HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses ...)
+CVE-2008-5417
 	NOT-FOR-US: HP DECnet-Plus
-CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, ...)
+CVE-2008-5416
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-5415 (The LDBserver service in the server in CA ARCserve Backup 11.1 through ...)
+CVE-2008-5415
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-5414 (Unspecified vulnerability in the Feature Pack for Web Services in the ...)
+CVE-2008-5414
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5413 (PerfServlet in the PMI/Performance Tools component in IBM WebSphere ...)
+CVE-2008-5413
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5412 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 ...)
+CVE-2008-5412
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5411 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL ...)
+CVE-2008-5411
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5410 (The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 ...)
+CVE-2008-5410
 	NOT-FOR-US: Solaris
-CVE-2008-5409 (Unspecified vulnerability in the pdf.xmd module in (1) BitDefender ...)
+CVE-2008-5409
 	NOT-FOR-US: itDefender Free Edition and Antivirus Standard, BullGuard Internet Security and Software602 Groupware Server
-CVE-2008-5408 (Buffer overflow in the data management protocol in Symantec Backup ...)
+CVE-2008-5408
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2008-5407 (Multiple unspecified vulnerabilities in the Backup Exec remote-agent ...)
+CVE-2008-5407
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2008-5406 (Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes ...)
+CVE-2008-5406
 	NOT-FOR-US: Apple QuickTime Player and iTunes
-CVE-2008-5405 (Stack-based buffer overflow in the RDP protocol password decoder in ...)
+CVE-2008-5405
 	NOT-FOR-US: Cain & Abel
-CVE-2008-5404 (Insecure method vulnerability in the FlexCell.Grid ActiveX control in ...)
+CVE-2008-5404
 	NOT-FOR-US: FlexCell
-CVE-2008-5403 (Heap-based buffer overflow in the XML parser in the AIM plugin in ...)
+CVE-2008-5403
 	NOT-FOR-US: Trillian
-CVE-2008-5402 (Double free vulnerability in the XML parser in Trillian before ...)
+CVE-2008-5402
 	NOT-FOR-US: Trillian
-CVE-2008-5401 (Stack-based buffer overflow in the image tooltip implementation in ...)
+CVE-2008-5401
 	NOT-FOR-US: Trillian
-CVE-2008-5400 (Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum ...)
+CVE-2008-5400
 	NOT-FOR-US: mvnForum
-CVE-2008-5399 (Cross-site scripting (XSS) vulnerability in the listonlineusers (aka ...)
+CVE-2008-5399
 	NOT-FOR-US: mvnForum
-CVE-2008-5398 (Tor before 0.2.0.32 does not properly process the ...)
+CVE-2008-5398
 	- tor 0.2.0.32-1
-CVE-2008-5397 (Tor before 0.2.0.32 does not properly process the (1) User and (2) ...)
+CVE-2008-5397
 	- tor 0.2.0.32-1 (bug #505178)
-CVE-2008-5396 (Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in ...)
+CVE-2008-5396
 	{DSA-1699-1}
 	- zaptel 1:1.4.11~dfsg-3
-CVE-2008-5395 (The parisc_show_stack function in arch/parisc/kernel/traps.c in the ...)
+CVE-2008-5395
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	- linux-2.6.24 <removed>
-CVE-2008-5393 (UPR-Kernel in Ubuntu Privacy Remix (UPR) before 8.04_r1 includes ...)
+CVE-2008-5393
 	NOT-FOR-US: Ubuntu Privacy Remix
 CVE-2008-5392
 	REJECTED
@@ -4222,185 +4222,185 @@ CVE-2008-5389
 	REJECTED
 CVE-2008-5388
 	REJECTED
-CVE-2008-5387 (Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when ...)
+CVE-2008-5387
 	NOT-FOR-US: IBM AIX
-CVE-2008-5386 (Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd ...)
+CVE-2008-5386
 	NOT-FOR-US: IBM AIX
-CVE-2008-5385 (enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print ...)
+CVE-2008-5385
 	NOT-FOR-US: IBM AIX
-CVE-2008-5384 (crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local ...)
+CVE-2008-5384
 	NOT-FOR-US: IBM AIX
-CVE-2008-5383 (Stack-based buffer overflow in National Instruments Electronics ...)
+CVE-2008-5383
 	NOT-FOR-US: National Instruments Electronics Workbench
-CVE-2008-5382 (Cross-site request forgery (CSRF) vulnerability in I-O DATA DEVICE ...)
+CVE-2008-5382
 	NOT-FOR-US: I-O firmware
-CVE-2008-5381 (Buffer overflow in the URL processing in ffdshow (aka ffdshow-tryout) ...)
+CVE-2008-5381
 	NOT-FOR-US: ffdshow
-CVE-2008-5380 (gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite ...)
+CVE-2008-5380
 	- gpsdrive 2.10~pre4-6.dfsg-2 (low; bug #508595)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
 	[lenny] - gpsdrive 2.10~pre4-6.dfsg-1+lenny1
-CVE-2008-5379 (netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary ...)
+CVE-2008-5379
 	- netdisco-mibs-installer 1.4 (low; bug #508940)
 	[lenny] - netdisco-mibs-installer <no-dsa> (Contrib not supported)
-CVE-2008-5378 (arb-kill in arb 0.0.20071207.1 allows local users to overwrite ...)
+CVE-2008-5378
 	- arb 0.0.20071207.1-6 (low; bug #508942)
-CVE-2008-5377 (pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files ...)
+CVE-2008-5377
 	- cups 1.3.8-1lenny1 (low)
 	- cupsys <removed>
 	[etch] - cupsys <no-dsa> (Example script)
-CVE-2008-5376 (editcomment in crip 3.7 allows local users to overwrite arbitrary ...)
+CVE-2008-5376
 	- crip 3.7-5 (low; bug #509275)
 	[etch] - crip 3.7-3+etch1
-CVE-2008-5375 (cmus-status-display in cmus 2.2.0 allows local users to overwrite ...)
+CVE-2008-5375
 	- cmus 2.2.0-1.1 (unimportant; bug #509277)
 	NOTE: Just an example script
-CVE-2008-5374 (bash-doc 3.2 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-5374
 	- bash 4.0-2 (unimportant; bug #509279)
 	NOTE: scripts are examples
-CVE-2008-5373 (mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users ...)
+CVE-2008-5373
 	- bacula 2.4.0-1 (unimportant; bug #509301)
 	NOTE: script is an example
-CVE-2008-5372 (sdm-login in sdm-terminal 0.4.0b allows local users to overwrite ...)
+CVE-2008-5372
 	- sdm 0.4.1-1 (unimportant; bug #509331)
 	NOTE: Not really a bug since only "touch" is used on the temp file
-CVE-2008-5371 (screenie in screenie 1.30.0 allows local users to overwrite arbitrary ...)
+CVE-2008-5371
 	- screenie 1.30.0-5.1 (low; bug #509332)
-CVE-2008-5370 (pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite ...)
+CVE-2008-5370
 	- pvpgn 1.8.1-2 (low; bug #509336)
 	[etch] - pvpgn <no-dsa> (Contrib not supported)
-CVE-2008-5369 (noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files ...)
+CVE-2008-5369
 	- no-ip 2.1.9-1 (unimportant; bug #509348)
 	NOTE: original issue doesn't seem to be present, however there is a tmprace in the init
 	NOTE: script if it is used to debug with strace and a missing check for mkstemp failing
 	NOTE: but these situations are really corner cases
-CVE-2008-5368 (muttprint in muttprint 0.72d allows local users to overwrite arbitrary ...)
+CVE-2008-5368
 	- muttprint 0.72d-10 (low; bug #509487)
 	[etch] - muttprint 0.72d-8etch1
-CVE-2008-5367 (ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to ...)
+CVE-2008-5367
 	- ppp <unfixed> (unimportant)
 	NOTE: insecure temp file handling in udeb is not an issue, since it is during the installation
-CVE-2008-5366 (The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local ...)
+CVE-2008-5366
 	- ppp <unfixed> (unimportant; bug #509488)
 	NOTE: Package postinst isn't vulnerable, only .tmp files in /etc
-CVE-2008-5365 (SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ...)
+CVE-2008-5365
 	NOT-FOR-US: ActiveWebSoftwares
-CVE-2008-5364 (Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx ...)
+CVE-2008-5364
 	NOT-FOR-US: getPlus
-CVE-2008-5363 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before ...)
+CVE-2008-5363
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5362 (The DefineConstantPool action in the ActionScript 2 virtual machine in ...)
+CVE-2008-5362
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5361 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before ...)
+CVE-2008-5361
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5617 (The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does ...)
+CVE-2008-5617
 	- rsyslog 3.18.6-1 (bug #508027)
-CVE-2008-5624 (PHP 5 before 5.2.7 does not properly initialize the page_uid and ...)
+CVE-2008-5624
 	{DSA-1789-1 DTSA-188-1}
 	- php5 5.2.6.dfsg.1-1 (medium; bug #508021)
 	- php4 <removed> (medium; bug #559787)
-CVE-2008-5660 (Format string vulnerability in the vinagre_utils_show_error function ...)
+CVE-2008-5660
 	- vinagre 0.5.1-2
-CVE-2008-5360 (Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ...)
+CVE-2008-5360
 	- sun-java5 1.5.0-17-0.1 (low; bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (low; bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5359 (Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE ...)
+CVE-2008-5359
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5358 (Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ...)
+CVE-2008-5358
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5357 (Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE ...)
+CVE-2008-5357
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (uses system's freetype library)
-CVE-2008-5356 (Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun ...)
+CVE-2008-5356
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (uses system's freetype library)
-CVE-2008-5355 (The &quot;Java Update&quot; feature for Java Runtime Environment (JRE) for Sun ...)
+CVE-2008-5355
 	- sun-java5 <not-affected> (Java update not used in Debian)
 	- sun-java6 <not-affected> (Java update not used in Debian)
 	- openjdk-6 <not-affected> (Java update not used in Debian)
-CVE-2008-5354 (Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun ...)
+CVE-2008-5354
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5353 (The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ...)
+CVE-2008-5353
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5352 (Integer overflow in the JAR unpacking utility (unpack200) in the ...)
+CVE-2008-5352
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5351 (Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ...)
+CVE-2008-5351
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5350 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun ...)
+CVE-2008-5350
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5349 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun ...)
+CVE-2008-5349
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5348 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun ...)
+CVE-2008-5348
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5347 (Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) ...)
+CVE-2008-5347
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5346 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun ...)
+CVE-2008-5346
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2008-5345 (Unspecified vulnerability in Java Runtime Environment (JRE) with Sun ...)
+CVE-2008-5345
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
@@ -4408,102 +4408,102 @@ CVE-2008-5345 (Unspecified vulnerability in Java Runtime Environment (JRE) with
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (bug in plugin code)
 	NOTE: For OpenJDK, see: http://mail.openjdk.java.net/pipermail/core-libs-dev/2009-June/001784.html
-CVE-2008-5344 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in ...)
+CVE-2008-5344
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5343 (Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 ...)
+CVE-2008-5343
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5342 (Unspecified vulnerability in the BasicService for Java Web Start (JWS) ...)
+CVE-2008-5342
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5341 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in ...)
+CVE-2008-5341
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5340 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in ...)
+CVE-2008-5340
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5339 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in ...)
+CVE-2008-5339
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5338 (Cross-site scripting (XSS) vulnerability in info.php in Bandwebsite ...)
+CVE-2008-5338
 	NOT-FOR-US: Bandwebsite
-CVE-2008-5337 (SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite ...)
+CVE-2008-5337
 	NOT-FOR-US: Bandwebsite
-CVE-2008-5336 (SQL injection vulnerability in index.php in WebStudio CMS allows ...)
+CVE-2008-5336
 	NOT-FOR-US: WebStudio CMS
-CVE-2008-5335 (SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and ...)
+CVE-2008-5335
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-5334 (PHP remote file inclusion vulnerability in includes/common.php in ...)
+CVE-2008-5334
 	NOT-FOR-US: NitroTech
-CVE-2008-5333 (SQL injection vulnerability in members.php in NitroTech 0.0.3a allows ...)
+CVE-2008-5333
 	NOT-FOR-US: NitroTech
-CVE-2008-5332 (Multiple PHP remote file inclusion vulnerabilities in Pie 0.5.3 allow ...)
+CVE-2008-5332
 	NOT-FOR-US: Pie Web M{a,e}sher
-CVE-2008-5331 (Adobe Acrobat 9 uses more efficient encryption than previous versions, ...)
+CVE-2008-5331
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2008-5330 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2008-5330
 	NOT-FOR-US: ClearCase RWP IBM
-CVE-2008-5329 (ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows ...)
+CVE-2008-5329
 	NOT-FOR-US: IBM
-CVE-2008-5328 (The ClearQuest Maintenance Tool in IBM Rational ClearQuest before 7 ...)
+CVE-2008-5328
 	NOT-FOR-US: IBM
-CVE-2008-5327 (The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before ...)
+CVE-2008-5327
 	NOT-FOR-US: IBM
-CVE-2008-5326 (The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 ...)
+CVE-2008-5326
 	NOT-FOR-US: IBM
-CVE-2008-5325 (Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM ...)
+CVE-2008-5325
 	NOT-FOR-US: IBM
-CVE-2008-5324 (Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM ...)
+CVE-2008-5324
 	NOT-FOR-US: IBM
-CVE-2008-5658 (Directory traversal vulnerability in the ZipArchive::extractTo ...)
+CVE-2008-5658
 	{DSA-1789-1 DTSA-188-1}
 	- php5 5.2.6.dfsg.1-3 (bug #507857)
 	- php4 <removed>
-CVE-2008-5323 (Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg ...)
+CVE-2008-5323
 	NOT-FOR-US: Wysi Wiki Wyg
-CVE-2008-5322 (Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information ...)
+CVE-2008-5322
 	NOT-FOR-US: Wysi Wiki Wyg
-CVE-2008-5321 (SQL injection vulnerability in index.php in GesGaleri, a module for ...)
+CVE-2008-5321
 	NOT-FOR-US: XOOPS module
-CVE-2008-5320 (SQL injection vulnerability in usersettings.php in e107 0.7.13 and ...)
+CVE-2008-5320
 	NOT-FOR-US: e107
-CVE-2008-5319 (Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact ...)
+CVE-2008-5319
 	- tikiwiki <removed>
-CVE-2008-5318 (Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact ...)
+CVE-2008-5318
 	- tikiwiki <removed>
-CVE-2008-5317 (Integer signedness error in the cmsAllocGamma function in ...)
+CVE-2008-5317
 	{DSA-1684-1}
 	- lcms 1.17-1
 	- openjdk-6 6b16-1 (medium; bug #542210)
-CVE-2008-5316 (Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in ...)
+CVE-2008-5316
 	{DSA-1684-1}
 	- lcms 1.16-1
-CVE-2008-5315 (Directory traversal vulnerability in the web interface in Apple iPhone ...)
+CVE-2008-5315
 	NOT-FOR-US: Apple iPhone Configuration Web Utility
 CVE-2008-XXXX [Insecure tmpdir creation]
 	[lenny] - devscripts 2.10.35lenny1 (low)
@@ -4513,113 +4513,113 @@ CVE-2008-XXXX [Insecure tempfile creation]
 	- devscripts 2.10.42 (low; bug #508111)
 	[etch] - devscripts <not-affected> (vulnerable code not present)
 	[lenny] - devscripts 2.10.35lenny1 (low)
-CVE-2008-5314 (Stack consumption vulnerability in libclamav/special.c in ClamAV ...)
+CVE-2008-5314
 	{DSA-1680-1}
 	- clamav 0.94.dfsg.2-1 (medium; bug #507624)
-CVE-2008-5311 (SQL injection vulnerability in image.php in NetArt Media Blog System ...)
+CVE-2008-5311
 	NOT-FOR-US: NetArt Media Blog System
-CVE-2008-5310 (SQL injection vulnerability in image.php in NetArt Media Car Portal ...)
+CVE-2008-5310
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2008-5309 (SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 ...)
+CVE-2008-5309
 	NOT-FOR-US: NetArt Media Real Estate Portal
-CVE-2008-5308 (The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly ...)
+CVE-2008-5308
 	NOT-FOR-US: LoveCMS
-CVE-2008-5307 (SQL injection vulnerability in admin/index.php in PG Roommate Finder ...)
+CVE-2008-5307
 	NOT-FOR-US: PG Roommate Finder Solution
-CVE-2008-5306 (SQL injection vulnerability in admin/index.php in PG Real Estate ...)
+CVE-2008-5306
 	NOT-FOR-US: PG Real Estate Solution
-CVE-2008-5305 (Eval injection vulnerability in TWiki before 4.2.4 allows remote ...)
+CVE-2008-5305
 	- twiki <removed> (medium; bug #508257)
-CVE-2008-5304 (Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4 allows ...)
+CVE-2008-5304
 	- twiki <removed> (low; bug #508256)
-CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
+CVE-2008-5303
 	{DSA-1678-1}
 	- perl 5.10.0-18
-CVE-2008-5302 (Race condition in the rmtree function in File::Path 1.08 and 2.07 ...)
+CVE-2008-5302
 	{DSA-1678-1}
 	- perl 5.10.0-18
-CVE-2008-5301 (Directory traversal vulnerability in the ManageSieve implementation in ...)
+CVE-2008-5301
 	- dovecot 1:1.0.15-2.3 (bug #506031)
-CVE-2008-5300 (Linux kernel 2.6.28 allows local users to cause a denial of service ...)
+CVE-2008-5300
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-12
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5296 (Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when ...)
+CVE-2008-5296
 	- gallery 1.5.9-1.2 (low; bug #506824)
 	[etch] - gallery <not-affected> (vulnerable code introduced in 1.5.8-svn-b34)
-CVE-2008-5295 (SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 ...)
+CVE-2008-5295
 	NOT-FOR-US: Jamit Job Board
-CVE-2008-5294 (SQL injection vulnerability in index.php in WebStudio eCatalogue ...)
+CVE-2008-5294
 	NOT-FOR-US: WebStudio eCatalogue
-CVE-2008-5293 (SQL injection vulnerability in index.php in WebStudio eHotel allows ...)
+CVE-2008-5293
 	NOT-FOR-US: WebStudio eHotel
-CVE-2008-5292 (SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows ...)
+CVE-2008-5292
 	NOT-FOR-US: VideoGirls
-CVE-2008-5291 (Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 ...)
+CVE-2008-5291
 	NOT-FOR-US: FuzzyLime
-CVE-2008-5290 (Cross-site scripting (XSS) vulnerability in full_txt.php in Werner ...)
+CVE-2008-5290
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5289 (SQL injection vulnerability in full_txt.php in Werner Hilversum Clean ...)
+CVE-2008-5289
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5288 (PHP remote file inclusion vulnerability in include/header.php in ...)
+CVE-2008-5288
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5287 (SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ ...)
+CVE-2008-5287
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5284 (The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other ...)
+CVE-2008-5284
 	NOT-FOR-US: IEA Software RadiusNT and RadiusX
-CVE-2008-5283 (Google Hack Honeypot (GHH) File Upload Manager 1.3 allows remote ...)
+CVE-2008-5283
 	NOT-FOR-US: File Upload Manager
-CVE-2008-5282 (Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 ...)
+CVE-2008-5282
 	NOTE: neither in Etch nor Lenny, removal has been proposed
 	- amaya <removed> (bug #507587)
-CVE-2008-5281 (Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows ...)
+CVE-2008-5281
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-5280 (The Local ZIM Server in Zilab Chat and Instant Messaging (ZIM) Server ...)
+CVE-2008-5280
 	NOT-FOR-US: Zilab Chat and Instant Messaging
-CVE-2008-5279 (The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging ...)
+CVE-2008-5279
 	NOT-FOR-US: Zilab Chat and Instant Messaging
-CVE-2008-5277 (PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of ...)
+CVE-2008-5277
 	- pdns 2.9.21.2-1 (low)
 	[etch] - pdns <not-affected> (old version of HINFO parser)
-CVE-2008-5275 (Multiple directory traversal vulnerabilities in the (a) &quot;Unzip ...)
+CVE-2008-5275
 	NOT-FOR-US: net2ftp
-CVE-2008-5274 (Todd Woolums ASP News Management 2.2 allows remote attackers to obtain ...)
+CVE-2008-5274
 	NOT-FOR-US: Todd Woolums ASP News Management
-CVE-2008-5273 (SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News ...)
+CVE-2008-5273
 	NOT-FOR-US: Todd Woolums ASP News Management
-CVE-2008-5272 (Multiple directory traversal vulnerabilities in Fred Stuurman ...)
+CVE-2008-5272
 	NOT-FOR-US: SyndeoCMS
-CVE-2008-5271 (Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman ...)
+CVE-2008-5271
 	NOT-FOR-US: SyndeoCMS
-CVE-2008-5270 (SQL injection vulnerability in view.topics.php in Yuhhu Superstar 2008 ...)
+CVE-2008-5270
 	NOT-FOR-US: Yuhhu Superstar
-CVE-2008-5269 (SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows ...)
+CVE-2008-5269
 	NOT-FOR-US: pSys
-CVE-2008-5268 (SQL injection vulnerability in content/forums/reply.asp in ASPPortal ...)
+CVE-2008-5268
 	NOT-FOR-US: ASPPortal
-CVE-2008-5267 (SQL injection vulnerability in answer.php in Experts 1.0.0, when ...)
+CVE-2008-5267
 	NOT-FOR-US: Experts
-CVE-2008-5266 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-5266
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-5265 (Directory traversal vulnerability in index.php in TNT Forum 0.9.4, ...)
+CVE-2008-5265
 	NOT-FOR-US: TNT Forum
-CVE-2008-5264 (Cross-site scripting (XSS) vulnerability in searcher.exe in Tornado ...)
+CVE-2008-5264
 	NOT-FOR-US: Tornado Knowledge Retrieval System
-CVE-2008-5263 (Multiple stack-based buffer overflows in the mt_codec::getHdrHead ...)
+CVE-2008-5263
 	NOT-FOR-US: ksquirrel
-CVE-2008-5262 (Multiple stack-based buffer overflows in the iGetHdrHeader function in ...)
+CVE-2008-5262
 	{DSA-1717-1 DTSA-184-1}
 	- devil 1.7.5-4 (low; bug #511844; bug #512122)
 	NOTE: fix for 1.7.5-3 incomplete, see #512122
 CVE-2008-5261
 	RESERVED
-CVE-2008-5260 (Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control ...)
+CVE-2008-5260
 	NOT-FOR-US: ActiveX
-CVE-2008-5259 (Integer signedness error in DivX Web Player 1.4.2.7, and possibly ...)
+CVE-2008-5259
 	NOT-FOR-US: DivX Web Player
 CVE-2008-5258
 	RESERVED
-CVE-2008-5257 (webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for ...)
+CVE-2008-5257
 	NOT-FOR-US: WebSEAL
 CVE-2008-5255
 	RESERVED
@@ -4627,464 +4627,464 @@ CVE-2008-5254
 	RESERVED
 CVE-2008-5253
 	RESERVED
-CVE-2008-5252 (Cross-site request forgery (CSRF) vulnerability in the Special:Import ...)
+CVE-2008-5252
 	{DSA-1901-1 DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (bug #508870)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
 CVE-2008-5251
 	RESERVED
-CVE-2008-5250 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, ...)
+CVE-2008-5250
 	{DSA-1901-1 DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (bug #508869)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2008-5249 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through ...)
+CVE-2008-5249
 	{DSA-1901-1 DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (bug #508868)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2008-5276 (Integer overflow in the ReadRealIndex function in real.c in the Real ...)
+CVE-2008-5276
 	- vlc 0.9.8a-1 (low)
 	[etch] - vlc <not-affected> (vulnerable code not present)
 	[lenny] - vlc <not-affected> (vulnerable code not present)
-CVE-2008-7068 (The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent ...)
+CVE-2008-7068
 	{DTSA-188-1}
 	- php5 5.2.6.dfsg.1-3 (bug #507101)
 	[lenny] - php5 5.2.6.dfsg.1-1+lenny2
 	- php4 <removed>
 	NOTE: if a user has write access to a file he simply can use fopen()
-CVE-2008-5278 (Cross-site scripting (XSS) vulnerability in the self_link function in ...)
+CVE-2008-5278
 	- wordpress 2.5.1-11 (low; bug #507193)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: introduced in 2.5
-CVE-2008-5286 (Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 ...)
+CVE-2008-5286
 	{DSA-1677-1}
 	- cups 1.3.8-1lenny4 (bug #507183; medium)
 CVE-2008-XXXX [geda-gnetlist: sch2eaglepos.sh has insecure temp file handling ]
 	- geda-gnetlist 1:1.4.0-3 (bug #506625; unimportant)
 	NOTE: sch2eaglepos.sh only used as example script
-CVE-2008-5248 (xine-lib before 1.1.15 allows remote attackers to cause a denial of ...)
+CVE-2008-5248
 	- xine-lib 1.1.14-3
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5247 (The real_parse_audio_specific_data function in demux_real.c in ...)
+CVE-2008-5247
 	- xine-lib <unfixed> (unimportant; bug #508715)
 	NOTE: a devide by 0 because of a crafted media file is hardly a security issue,
 	NOTE: the integer overflows covered by the ocert advisory in the same code snippet
 	NOTE: got an own identifier
-CVE-2008-5246 (Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow ...)
+CVE-2008-5246
 	- xine-lib 1.1.14-3 (low; bug #507184; bug #498243)
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5245 (xine-lib before 1.1.15 performs V4L video frame preallocation before ...)
+CVE-2008-5245
 	- xine-lib 1.1.14-3 (low)
 	[etch] - xine-lib <not-affected> (The version from Etch doesn't yet perform pre-allocation)
-CVE-2008-5244 (Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact ...)
+CVE-2008-5244
 	- xine-lib 1.1.14-3 (unimportant)
 	- faad2 2.6.1-1 (unimportant)
 	- mplayer 1.0~rc2-20 (unimportant; bug #407010)
 	NOTE: overlaps with CVE-2008-4610, same aac issue
 	NOTE: just a crasher, no security implications known so far
-CVE-2008-5243 (The real_parse_headers function in demux_real.c in xine-lib 1.1.12, ...)
+CVE-2008-5243
 	- xine-lib 1.1.16-1 (bug #508716)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
 	NOTE: these are just invalid reads that result in segfaults, denial of service doesnt
 	NOTE: apply here as xine reading a file is no service -> application bug
-CVE-2008-5242 (demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, ...)
+CVE-2008-5242
 	- xine-lib 1.1.16-1 (medium; bug #507165; bug #498243)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5241 (Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 ...)
+CVE-2008-5241
 	- xine-lib 1.1.16-1 (low; bug #509008)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5240 (xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an ...)
+CVE-2008-5240
 	- xine-lib 1.1.16-2 (low; bug #509352)
 	[lenny] - xine-lib 1.1.14-5
 	[squeeze] - xine-lib 1.1.14-5
-CVE-2008-5239 (xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not ...)
+CVE-2008-5239
 	- xine-lib 1.1.16-2 (medium; bug #509353)
 	[lenny] - xine-lib 1.1.14-5
 	[squeeze] - xine-lib 1.1.14-5
-CVE-2008-5238 (Integer overflow in the real_parse_mdpr function in demux_real.c in ...)
+CVE-2008-5238
 	- xine-lib 1.1.14-3 (low)
 	NOTE: code execution shouldn't work here as if 0xff will be extended to 0xffffffff
 	NOTE: memcpy fails for copying from the complete addressable address space long before any code is executed
 	NOTE: the malloc check for type_specific_data is missing, minor issue filed as #508065
-CVE-2008-5237 (Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and ...)
+CVE-2008-5237
 	- xine-lib 1.1.16-1 (bug #509265; low)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5236 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ...)
+CVE-2008-5236
 	- xine-lib 1.1.16-1 (bug #509521)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5235 (Heap-based buffer overflow in the demux_real_send_chunk function in ...)
+CVE-2008-5235
 	- xine-lib 1.1.14-3
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5234 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ...)
+CVE-2008-5234
 	- xine-lib 1.1.16-1 (medium; bug #508313; bug #498243)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5233 (xine-lib 1.1.12, and other versions before 1.1.15, does not check for ...)
+CVE-2008-5233
 	- xine-lib 1.1.14-3 (low)
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5232 (Buffer overflow in the CallHTMLHelp method in the Microsoft Windows ...)
+CVE-2008-5232
 	NOT-FOR-US: Microsoft Windows Media Services
-CVE-2008-5231 (Stack-based buffer overflow in the ExecuteRequest method in the Novell ...)
+CVE-2008-5231
 	NOT-FOR-US: Novell iPrint
-CVE-2008-5230 (The Temporal Key Integrity Protocol (TKIP) implementation in ...)
+CVE-2008-5230
 	NOT-FOR-US: WPA weakness
-CVE-2008-5229 (Stack-based buffer overflow in Microsoft Device IO Control in ...)
+CVE-2008-5229
 	NOT-FOR-US: Microsoft Device IO Control
-CVE-2008-5228 (Cross-site scripting (XSS) vulnerability in IBM Workplace Content ...)
+CVE-2008-5228
 	NOT-FOR-US: IBM Workplace Content Management
-CVE-2008-5227 (Unspecified vulnerability in PHPCow allows remote attackers to execute ...)
+CVE-2008-5227
 	NOT-FOR-US: PHPCow
-CVE-2008-5226 (SQL injection vulnerability in the MambAds (com_mambads) component 1.0 ...)
+CVE-2008-5226
 	NOT-FOR-US: com_mambads component for Mambo
-CVE-2008-5225 (Multiple cross-site scripting (XSS) vulnerabilities in Xerox DocuShare ...)
+CVE-2008-5225
 	NOT-FOR-US: Xerox DocuShare
-CVE-2008-5224 (Cross-site scripting (XSS) vulnerability in Kent Web Mart 1.61 and ...)
+CVE-2008-5224
 	NOT-FOR-US: Kent Web Mart
-CVE-2008-5223 (SQL injection vulnerability in index.php in Airvae Commerce 3.0 allows ...)
+CVE-2008-5223
 	NOT-FOR-US: Airvae Commerce
-CVE-2008-5222 (SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote ...)
+CVE-2008-5222
 	NOT-FOR-US: Dvbbs
-CVE-2008-5221 (The account_save action in admin/userinfo.php in wPortfolio 0.3 and ...)
+CVE-2008-5221
 	NOT-FOR-US: wPortfolio
-CVE-2008-5220 (Unrestricted file upload vulnerability in admin/upload_form.php in ...)
+CVE-2008-5220
 	NOT-FOR-US: wPortfolio
-CVE-2008-5219 (The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and ...)
+CVE-2008-5219
 	NOT-FOR-US: VideoScript
-CVE-2008-5218 (ScriptsEz FREEze Greetings 1.0 stores pwd.txt under the web root with ...)
+CVE-2008-5218
 	NOT-FOR-US: ScriptsEz FREEze Greetings
-CVE-2008-5217 (Directory traversal vulnerability in index.php in txtCMS 0.3, when ...)
+CVE-2008-5217
 	NOT-FOR-US: textCMS
-CVE-2008-5216 (SQL injection vulnerability in category_list.php in AJ Square ZeusCart ...)
+CVE-2008-5216
 	NOT-FOR-US: AJ Square ZeusCart
-CVE-2008-5215 (SQL injection vulnerability in service/profil.php in ClanLite ...)
+CVE-2008-5215
 	NOT-FOR-US: ClanLite
-CVE-2008-5214 (Cross-site scripting (XSS) vulnerability in service/calendrier.php in ...)
+CVE-2008-5214
 	NOT-FOR-US: ClanLite
-CVE-2008-5213 (SQL injection vulnerability in featured_article.php in AJ Article 1.0 ...)
+CVE-2008-5213
 	NOT-FOR-US: AJ Article
-CVE-2008-5212 (SQL injection vulnerability in classifide_ad.php in AJ Auction 6.2.1 ...)
+CVE-2008-5212
 	NOT-FOR-US: AJ Auction
-CVE-2008-5211 (Cross-site scripting (XSS) vulnerability in search.php in Sphider ...)
+CVE-2008-5211
 	NOT-FOR-US: Sphider
-CVE-2008-5210 (Multiple PHP remote file inclusion vulnerabilities in PhpBlock A8.5 ...)
+CVE-2008-5210
 	NOT-FOR-US: PhpBlock
-CVE-2008-5209 (Directory traversal vulnerability in modules/download/get_file.php in ...)
+CVE-2008-5209
 	NOT-FOR-US: Admidio
-CVE-2008-5208 (SQL injection vulnerability in sub_votepic.php in the Datsogallery ...)
+CVE-2008-5208
 	NOT-FOR-US: Datsogallery joomla module
-CVE-2008-5207 (Multiple directory traversal vulnerabilities in Jonascms 1.2 allow ...)
+CVE-2008-5207
 	NOT-FOR-US: Jonascms
-CVE-2008-5206 (PHP remote file inclusion vulnerability in modules/mod_mainmenu.php in ...)
+CVE-2008-5206
 	NOT-FOR-US: MosXML
-CVE-2008-5205 (Cross-site scripting (XSS) vulnerability in edit.php in wellyblog ...)
+CVE-2008-5205
 	NOT-FOR-US: wellyblog
-CVE-2008-5204 (Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, ...)
+CVE-2008-5204
 	NOT-FOR-US: PowerAward
-CVE-2008-5203 (Cross-site scripting (XSS) vulnerability in external_vote.php in ...)
+CVE-2008-5203
 	NOT-FOR-US: PowerAward
-CVE-2008-5202 (Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS ...)
+CVE-2008-5202
 	NOT-FOR-US: OTManager CMS
-CVE-2008-5201 (Directory traversal vulnerability in index.php in OTManager CMS 24a ...)
+CVE-2008-5201
 	NOT-FOR-US: OTManager CMS
-CVE-2008-5200 (SQL injection vulnerability in the Xe webtv (com_xewebtv) component ...)
+CVE-2008-5200
 	NOT-FOR-US: Xe webtv
-CVE-2008-5199 (PHP remote file inclusion vulnerability in include.php in ...)
+CVE-2008-5199
 	NOT-FOR-US: PHPOutsourcing IdeaBox
-CVE-2008-5198 (SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2 ...)
+CVE-2008-5198
 	NOT-FOR-US: Acmlmboard
-CVE-2008-5197 (SQL injection vulnerability in classifieds.php in PHP-Fusion allows ...)
+CVE-2008-5197
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-5196 (SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 ...)
+CVE-2008-5196
 	NOT-FOR-US: Kroax
-CVE-2008-5195 (Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4 allow ...)
+CVE-2008-5195
 	NOT-FOR-US: SebracCMS
-CVE-2008-5194 (SQL injection vulnerability in checkavail.php in SoftVisions Software ...)
+CVE-2008-5194
 	NOT-FOR-US: SoftVisions Software Online Booking Manager
-CVE-2008-5193 (Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 ...)
+CVE-2008-5193
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-5192 (SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and ...)
+CVE-2008-5192
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-5191 (Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote ...)
+CVE-2008-5191
 	NOT-FOR-US: SePortal
-CVE-2008-5190 (SQL injection vulnerability in index.php in eSHOP100 allows remote ...)
+CVE-2008-5190
 	NOT-FOR-US: eSHOP100
-CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a denial ...)
+CVE-2008-5285
 	[lenny] - wireshark 1.0.2-3+lenny3
 	- wireshark 1.0.5-1 (low; bug #506741)
-CVE-2008-5394 (/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other ...)
+CVE-2008-5394
 	{DSA-1709-1}
 	- shadow 1:4.1.1-6 (bug #505271)
-CVE-2008-5706 (The cTrigger::DoIt function in src/ctrigger.cpp in the trigger ...)
+CVE-2008-5706
 	- verlihub <removed> (low; bug #506530)
-CVE-2008-5705 (The cTrigger::DoIt function in src/ctrigger.cpp in the trigger ...)
+CVE-2008-5705
 	- verlihub <removed> (low; bug #506530)
-CVE-2008-5189 (CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows ...)
+CVE-2008-5189
 	- rails 2.1.0-6 (low)
-CVE-2008-5188 (The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and ...)
+CVE-2008-5188
 	- ecryptfs-utils 66-1 (low)
 	[lenny] - ecryptfs-utils <no-dsa> (Minor issue)
-CVE-2008-5184 (The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the ...)
+CVE-2008-5184
 	- cups 1.3.8-1
 	[etch] - cupsys <not-affected> (cupsys doesn't crash, code base changed, guest username not submitted)
-CVE-2008-5182 (The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might ...)
+CVE-2008-5182
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-12
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5181 (Microsoft Communicator allows remote attackers to cause a denial of ...)
+CVE-2008-5181
 	NOT-FOR-US: Microsoft Communicator
-CVE-2008-5180 (Microsoft Communicator, and Communicator in Microsoft Office 2010 ...)
+CVE-2008-5180
 	NOT-FOR-US: Microsoft Communicator
-CVE-2008-5179 (Unspecified vulnerability in Microsoft Office Communications Server ...)
+CVE-2008-5179
 	NOT-FOR-US: Microsoft Office Communications Server
-CVE-2008-5178 (Heap-based buffer overflow in Opera 9.62 on Windows allows remote ...)
+CVE-2008-5178
 	NOT-FOR-US: Opera on Windows
-CVE-2008-5177 (Stack-based buffer overflow in the DtbClsLogin function in Yosemite ...)
+CVE-2008-5177
 	NOT-FOR-US: Yosemite Backup
-CVE-2008-5176 (Multiple buffer overflows in Client Software WinCom LPD Total ...)
+CVE-2008-5176
 	NOT-FOR-US: WinCom LPD
-CVE-2008-5187 (The load function in the XPM loader for imlib2 1.4.2, and possibly ...)
+CVE-2008-5187
 	{DSA-1672-1}
 	- imlib2 1.4.0-1.2 (bug #505714)
-CVE-2008-5625 (PHP 5 before 5.2.7 does not enforce the error_log safe_mode ...)
+CVE-2008-5625
 	- php5 <removed> (unimportant)
 	NOTE: http://securityreason.com/achievement_securityalert/57
-CVE-2008-5312 (mailscanner 4.55.10 and other versions before 4.74.16-1 might allow ...)
+CVE-2008-5312
 	- mailscanner 4.74.16-1 (bug #506353)
 	[etch] - mailscanner <no-dsa> (Minor issue)
 	NOTE: there is no difference apart from the versions to CVE-2008-5313
-CVE-2008-5313 (mailscanner 4.68.8 and other versions before 4.74.16-1 might allow ...)
+CVE-2008-5313
 	- mailscanner 4.74.16-1 (bug #506353)
 	[etch] - mailscanner <no-dsa> (Minor issue)
 	NOTE: there is no difference apart from the versions to CVE-2008-5312
-CVE-2008-5175 (Directory traversal vulnerability in the FTP client in AceFTP Freeware ...)
+CVE-2008-5175
 	NOT-FOR-US: AceFTP
-CVE-2008-5174 (SQL injection vulnerability in joke.php in Jokes Complete Website ...)
+CVE-2008-5174
 	NOT-FOR-US: Jokes Complete Website
-CVE-2008-5173 (Unspecified vulnerability in testMaker before 3.0p16 allows remote ...)
+CVE-2008-5173
 	NOT-FOR-US: testMaker
-CVE-2008-5172 (Multiple cross-site scripting (XSS) vulnerabilities in Yazd Forum ...)
+CVE-2008-5172
 	NOT-FOR-US: Yazd Forum Software
-CVE-2008-5171 (Multiple directory traversal vulnerabilities in admin/minibb/index.php ...)
+CVE-2008-5171
 	NOT-FOR-US: phpBLASTER CMS
-CVE-2008-5170 (SQL injection vulnerability in item.php in Cheats Complete Website ...)
+CVE-2008-5170
 	NOT-FOR-US: Cheats Complete Website
-CVE-2008-5169 (SQL injection vulnerability in drinks/drink.php in Drinks Complete ...)
+CVE-2008-5169
 	NOT-FOR-US: Drinks Complete Website
-CVE-2008-5168 (SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 ...)
+CVE-2008-5168
 	NOT-FOR-US: Tips Complete Website
-CVE-2008-5167 (PHP remote file inclusion vulnerability in layout/default/params.php ...)
+CVE-2008-5167
 	NOT-FOR-US: Orca Interactive Forum Script
-CVE-2008-5166 (SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 ...)
+CVE-2008-5166
 	NOT-FOR-US: Riddles Website
-CVE-2008-5165 (Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote ...)
+CVE-2008-5165
 	NOT-FOR-US: eTicket
-CVE-2008-5164 (Multiple cross-site scripting (XSS) vulnerabilities in The Rat CMS ...)
+CVE-2008-5164
 	NOT-FOR-US: The Rat CMS
-CVE-2008-5163 (Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 ...)
+CVE-2008-5163
 	NOT-FOR-US: The Rat CMS
-CVE-2008-5162 (The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does ...)
+CVE-2008-5162
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.1-1
 	[lenny] - kfreebsd-7 7.0-7lenny1
-CVE-2008-5161 (Error handling in the SSH protocol in (1) SSH Tectia Client and Server ...)
+CVE-2008-5161
 	- openssh 1:5.1p1-5 (low; bug #506115)
 	[etch] - openssh <no-dsa> (Minor issue, see http://www.openssh.org/txt/cbc.adv)
-CVE-2008-5185 (The highlighting functionality in geshi.php in GeSHi before 1.0.8 ...)
+CVE-2008-5185
 	{DTSA-179-1}
 	- geshi 1.0.8.1-1 (medium)
-CVE-2008-5160 (Unspecified vulnerability in MyServer 0.8.11 allows remote attackers ...)
+CVE-2008-5160
 	- msp-webserver <removed> (bug #506268)
-CVE-2008-5159 (Integer overflow in the remote administration protocol processing in ...)
+CVE-2008-5159
 	NOT-FOR-US: WinCom LPD
-CVE-2008-5158 (Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote ...)
+CVE-2008-5158
 	NOT-FOR-US: WinCom LPD
-CVE-2008-5157 (tau 2.16.4 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-5157
 	- tau 2.16.4-1.3 (bug #506348)
 	[etch] - tau <no-dsa> (Minor issue)
-CVE-2008-5156 (si_mkbootserver in systemimager-server 3.6.3 allows local users to ...)
+CVE-2008-5156
 	- systemimager <removed> (bug #506269)
 	[etch] - systemimager <no-dsa> (Minor issue)
-CVE-2008-5155 (mail2sms.sh in smsclient 2.0.8z allows local users to overwrite ...)
+CVE-2008-5155
 	- smsclient <unfixed> (unimportant; bug #498901)
-CVE-2008-5154 (bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary ...)
+CVE-2008-5154
 	- p3nfs 5.19-1.2 (low; bug #506270)
 	[etch] - p3nfs <no-dsa> (Minor issue)
-CVE-2008-5153 (spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite ...)
+CVE-2008-5153
 	{DSA-1724-1}
 	- moodle 1.8.2.2dfsg-4
 	[lenny] - moodle 1.8.2.dfsg-3+lenny1
 	NOTE: manual editing of file is required to run the unsafe code
-CVE-2008-5152 (inmail-show in mh-book 200605 allows local users to overwrite ...)
+CVE-2008-5152
 	- mh-book <unfixed> (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5151 (test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary ...)
+CVE-2008-5151
 	- mayavi <unfixed> (unimportant)
 	NOTE: just a comment, not code
-CVE-2008-5150 (sample.sh in maildirsync 1.1 allows local users to append data to ...)
+CVE-2008-5150
 	- maildirsync <unfixed> (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5149 (fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite ...)
+CVE-2008-5149
 	- ncbi-tools6 6.1.20080302-4 (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5148 (sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite ...)
+CVE-2008-5148
 	- geda-gnetlist <unfixed> (unimportant)
 	NOTE: unsafe code is an example script
-CVE-2008-5147 (test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to ...)
+CVE-2008-5147
 	- docvert 3.4-7 (unimportant)
 	NOTE: unsafe code is in test script with multiple hardcoded files
-CVE-2008-5146 (add-accession-numbers in ctn 3.0.6 allows local users to overwrite ...)
+CVE-2008-5146
 	- ctn <unfixed> (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5145 (ltpmenu in ltp 20060918 allows local users to overwrite arbitrary ...)
+CVE-2008-5145
 	- ltp 20060918-3 (low; bug #506272)
 	[etch] - ltp <no-dsa> (Minor issue)
 	NOTE: this is not the same as CVE-2008-4969
-CVE-2008-5144 (nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local ...)
+CVE-2008-5144
 	- nvidia-cg-toolkit <unfixed> (unimportant)
 	NOTE: -installer can be run from postinst but unsafe code is only executed when a special option is used when manually running the installer
-CVE-2008-5143 (mgt-helper in multi-gnome-terminal 1.6.2 allows local users to ...)
+CVE-2008-5143
 	[etch] - multi-gnome-terminal <no-dsa> (Symlink issue not run as root)
 	- multi-gnome-terminal <removed>
-CVE-2008-5142 (sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local ...)
+CVE-2008-5142
 	- freebsd-sendpr <unfixed> (unimportant)
 	NOTE: code is only executed when the script to send bug reports fails
-CVE-2008-5141 (flamethrower in flamethrower 0.1.8 allows local users to overwrite ...)
+CVE-2008-5141
 	{DSA-1676-1}
 	- flamethrower 0.1.8-2 (low; bug #506350)
-CVE-2008-5140 (trend-autoupdate.new in mailscanner 4.55.10 and other versions before ...)
+CVE-2008-5140
 	- mailscanner 4.57.6-1 (unimportant)
 	NOTE: script should only be used when the private Trend Micro antivirus is installed
-CVE-2008-5139 (updatejail in jailer 0.4 allows local users to overwrite arbitrary ...)
+CVE-2008-5139
 	{DSA-1674-1}
 	- jailer 0.4-10 (bug #410548; low)
-CVE-2008-5138 (passwdehd in libpam-mount 0.43 allows local users to overwrite ...)
+CVE-2008-5138
 	- libpam-mount 1.2+gitaa4791f-1 (low)
 	[lenny] - libpam-mount 0.44-1+lenny2
-CVE-2008-5137 (tkman in tkman 2.2 allows local users to overwrite arbitrary files via ...)
+CVE-2008-5137
 	- tkman 2.2-4 (low; bug #506496)
 	[etch] - tkman 2.2-2etch1
-CVE-2008-5136 (tkusr in tkusr 0.82 allows local users to overwrite arbitrary files ...)
+CVE-2008-5136
 	[etch] - tkusr <no-dsa> (Minor issue)
 	- tkusr <removed> (low)
-CVE-2008-5135 (** DISPUTED ** ...)
+CVE-2008-5135
 	- os-prober <unfixed> (unimportant)
-CVE-2008-5134 (Buffer overflow in the lbs_process_bss function in ...)
+CVE-2008-5134
 	{DSA-1681-1}
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5133 (ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, ...)
+CVE-2008-5133
 	NOT-FOR-US: ipnat
-CVE-2008-5183 (cupsd in CUPS 1.3.9 and earlier allows local users, and possibly ...)
+CVE-2008-5183
 	{DSA-2176-1}
 	- cups 1.3.9-13 (low; bug #506180)
 	[lenny] - cups <no-dsa> (Minor issue)
 	[etch] - cupsys <not-affected> (RSS subscription code not yet present)
-CVE-2008-5297 (Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP ...)
+CVE-2008-5297
 	{DSA-1686-1}
 	- no-ip 2.1.7-11 (bug #506179)
-CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT ...)
+CVE-2008-5132
 	NOT-FOR-US: MemHT Portal
-CVE-2008-5131 (Multiple SQL injection vulnerabilities in Develop It Easy News And ...)
+CVE-2008-5131
 	NOT-FOR-US: Develop It Easy News And Article System
-CVE-2008-5130 (Ocean12 Calendar Manager Gold 2.04 stores sensitive information under ...)
+CVE-2008-5130
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5129 (Ocean12 Poll Manager Pro 1.00 stores sensitive information under the ...)
+CVE-2008-5129
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5128 (Ocean12 Membership Manager Pro stores sensitive information under the ...)
+CVE-2008-5128
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5127 (Ocean12 Contact Manager Pro 1.02 stores sensitive information under ...)
+CVE-2008-5127
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5126 (Cross-site scripting (XSS) vulnerability in search.php in BoutikOne ...)
+CVE-2008-5126
 	NOT-FOR-US: BoutikOne
-CVE-2008-5125 (admin.php in CCleague Pro 1.2 allows remote attackers to bypass ...)
+CVE-2008-5125
 	NOT-FOR-US: CCleague Pro
-CVE-2008-5124 (JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to ...)
+CVE-2008-5124
 	NOT-FOR-US: JSCAPE Secure FTP Applet
-CVE-2008-5123 (SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows ...)
+CVE-2008-5123
 	NOT-FOR-US: CCleague Pro
-CVE-2008-5122 (SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in ...)
+CVE-2008-5122
 	NOT-FOR-US: Ektron CMS400.NET
-CVE-2008-5121 (dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 ...)
+CVE-2008-5121
 	NOT-FOR-US: Citrix Deterministic Network Enhancer
-CVE-2008-5120 (Stack-based buffer overflow in the Process Software MultiNet finger ...)
+CVE-2008-5120
 	NOT-FOR-US: MultiNet finger service
-CVE-2008-5119 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+CVE-2008-5119
 	NOT-FOR-US: Scripts4Profit DXShopCart
-CVE-2008-5118 (Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 ...)
+CVE-2008-5118
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5117 (Open redirect vulnerability in Sun Java System Identity Manager 6.0 ...)
+CVE-2008-5117
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5116 (Directory traversal vulnerability in idm/includes/helpServer.jsp in ...)
+CVE-2008-5116
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5115 (Cross-site request forgery (CSRF) vulnerability in Sun Java System ...)
+CVE-2008-5115
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5114 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2008-5114
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5112 (The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and ...)
+CVE-2008-5112
 	NOT-FOR-US: Microsoft
-CVE-2008-5111 (Unspecified vulnerability in the socket function in Sun Solaris 10 and ...)
+CVE-2008-5111
 	NOT-FOR-US: Solaris
-CVE-2008-5109 (The default configuration of Adobe Flash Media Server (FMS) 3.0 does ...)
+CVE-2008-5109
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2008-5108 (Unspecified vulnerability in Adobe AIR 1.1 and earlier allows ...)
+CVE-2008-5108
 	NOT-FOR-US: Adobe AIR
-CVE-2008-5107 (The installation process for Citrix Presentation Server 4.5 and ...)
+CVE-2008-5107
 	NOT-FOR-US: Citrix PS
-CVE-2008-5106 (Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote ...)
+CVE-2008-5106
 	NOT-FOR-US: KarjaSoft Sami FTP Server
-CVE-2008-5105 (KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a ...)
+CVE-2008-5105
 	NOT-FOR-US: KarjaSoft Sami FTP Server
-CVE-2008-5104 (Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual ...)
+CVE-2008-5104
 	NOT-FOR-US: VMBuilder
-CVE-2008-5103 (The (1) python-vm-builder and (2) ubuntu-vm-builder implementations in ...)
+CVE-2008-5103
 	NOT-FOR-US: VMBuilder
-CVE-2008-5102 (PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other ...)
+CVE-2008-5102
 	- zope2.10 <unfixed> (unimportant)
 	NOTE: this only affects installations in which users have unrestricted access to the management
 	NOTE: interface. On Debian there one admin user is added for this at installation time and
 	NOTE: non-trustworthy users shouldn't have access to the interface.
 	- zope3 <not-affected> (Vulnerable code not present)
-CVE-2008-5100 (The strong name (SN) implementation in Microsoft .NET Framework ...)
+CVE-2008-5100
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2008-5099 (Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through ...)
+CVE-2008-5099
 	NOT-FOR-US: Sun Logical Domain Manager
-CVE-2008-5098 (Cross-site scripting (XSS) vulnerability in Sun Java System Messaging ...)
+CVE-2008-5098
 	NOT-FOR-US: Sun Java System Messaging Serve
-CVE-2008-5110 (syslog-ng does not call chdir when it calls chroot, which might allow ...)
+CVE-2008-5110
 	- syslog-ng 2.0.9-4.1 (unimportant; bug #505791)
 	NOTE: no security flaw by itself, still it should be fixed
-CVE-2008-5097 (SQL injection vulnerability in index.php in MyFWB 1.0 allows remote ...)
+CVE-2008-5097
 	NOT-FOR-US: MyFWB
-CVE-2008-5096 (Unspecified vulnerability in the TYPO3 File List (file_list) extension ...)
+CVE-2008-5096
 	NOT-FOR-US: Typo3 third party extension "file_list"
-CVE-2008-5095 (Cross-site scripting (XSS) vulnerability in the Novell User ...)
+CVE-2008-5095
 	NOT-FOR-US: Novell User Application
-CVE-2008-5094 (Heap-based buffer overflow in the NDS Service in Novell eDirectory ...)
+CVE-2008-5094
 	NOT-FOR-US: eDirectory
-CVE-2008-5093 (Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack ...)
+CVE-2008-5093
 	NOT-FOR-US: eDirectory
-CVE-2008-5092 (Heap-based buffer overflows in Novell eDirectory HTTP protocol stack ...)
+CVE-2008-5092
 	NOT-FOR-US: eDirectory
-CVE-2008-5091 (Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before ...)
+CVE-2008-5091
 	NOT-FOR-US: eDirectory
-CVE-2008-5090 (Electron Inc. Advanced Electron Forum before 1.0.7 allows remote ...)
+CVE-2008-5090
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2008-5089 (Multiple insecure method vulnerabilities in the ...)
+CVE-2008-5089
 	NOT-FOR-US: Data Dynamics ActiveReports ActiveX control
-CVE-2008-5088 (Multiple SQL injection vulnerabilities in PHPKB Knowledge Base ...)
+CVE-2008-5088
 	NOT-FOR-US: PHPKB
-CVE-2008-5087 (SQL injection vulnerability in TYPO3 Another Backend Login ...)
+CVE-2008-5087
 	NOT-FOR-US: wrg_anotherbelogin extension for typo3
-CVE-2008-5086 (Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a ...)
+CVE-2008-5086
 	- libvirt 0.4.6-10
 CVE-2008-5085
 	RESERVED
@@ -5093,147 +5093,147 @@ CVE-2008-5084
 CVE-2008-5083
 	RESERVED
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2008-5082 (The verifyProof function in the Token Processing System (TPS) ...)
+CVE-2008-5082
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2008-5081 (The originates_from_local_legacy_unicast_socket function ...)
+CVE-2008-5081
 	{DSA-1690-1 DTSA-189-1}
 	- avahi 0.6.23-3 (bug #508700; low)
-CVE-2008-5080 (awstats.pl in AWStats 6.8 and earlier does not properly remove quote ...)
+CVE-2008-5080
 	{DSA-1679-1}
 	- awstats 6.7.dfsg-5.1 (bug #495432; low)
-CVE-2008-5079 (net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and ...)
+CVE-2008-5079
 	{DSA-1787-1 DSA-1687-1}
 	- linux-2.6 2.6.26-12
 	- linux-2.6.24 <removed>
 	NOTE: http://marc.info/?l=linux-netdev&m=122841256115780&w=2
-CVE-2008-5078 (Multiple buffer overflows in the (1) recognize_eps_file function ...)
+CVE-2008-5078
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-5077 (OpenSSL 0.9.8i and earlier does not properly check the return value ...)
+CVE-2008-5077
 	{DSA-1701-1}
 	- openssl 0.9.8g-15
-CVE-2008-5075 (Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka ...)
+CVE-2008-5075
 	NOT-FOR-US: E-Uploader Pro
-CVE-2008-5074 (SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 ...)
+CVE-2008-5074
 	NOT-FOR-US: Freshlinks module for PHP-Fusion
-CVE-2008-5073 (Heap-based buffer overflow in an ActiveX control in Novell ZENworks ...)
+CVE-2008-5073
 	NOT-FOR-US: Novell ZENworks ActiveX control
-CVE-2008-5072 (vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers ...)
+CVE-2008-5072
 	NOT-FOR-US: K-Lite Mega Codec Pack
-CVE-2008-5071 (Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel ...)
+CVE-2008-5071
 	NOT-FOR-US: Yoxel
-CVE-2008-5070 (SQL injection vulnerability in Pro Chat Rooms 3.0.3, when ...)
+CVE-2008-5070
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2008-5069 (SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, ...)
+CVE-2008-5069
 	NOT-FOR-US: Panuwat PromoteWeb MySQL
-CVE-2008-5068 (Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery ...)
+CVE-2008-5068
 	NOT-FOR-US: Kmita Gallery
-CVE-2008-5067 (Cross-site scripting (XSS) vulnerability in search.php in Kmita ...)
+CVE-2008-5067
 	NOT-FOR-US: Kmita Catalogue
-CVE-2008-5066 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-5066
 	NOT-FOR-US: Agares Media ThemeSiteScript
-CVE-2008-5065 (TlGuestBook 1.2 allows remote attackers to bypass authentication and ...)
+CVE-2008-5065
 	NOT-FOR-US: TlGuestBook
-CVE-2008-5064 (SQL injection vulnerability in liga.php in H&amp;H WebSoccer 2.80 allows ...)
+CVE-2008-5064
 	NOT-FOR-US: H&H WebSoccer
-CVE-2008-5063 (PHP remote file inclusion vulnerability in Admin/ADM_Pagina.php in ...)
+CVE-2008-5063
 	NOT-FOR-US: OTManager
-CVE-2008-5062 (Directory traversal vulnerability in php/cal_pdf.php in Mini Web ...)
+CVE-2008-5062
 	NOT-FOR-US: Mini Web Calendar
-CVE-2008-5061 (Cross-site scripting (XSS) vulnerability in php/cal_default.php in ...)
+CVE-2008-5061
 	NOT-FOR-US: Mini Web Calendar
-CVE-2008-5060 (Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 ...)
+CVE-2008-5060
 	NOT-FOR-US: ModernBill
-CVE-2008-5059 (Cross-site scripting (XSS) vulnerability in index.php in ModernBill ...)
+CVE-2008-5059
 	NOT-FOR-US: ModernBill
-CVE-2008-5058 (SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple ...)
+CVE-2008-5058
 	NOT-FOR-US: Pre Simple CMS
-CVE-2008-5057 (SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali ...)
+CVE-2008-5057
 	NOT-FOR-US: Yigit Aybuga Dizi Portali
-CVE-2008-5056 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-5056
 	NOT-FOR-US: ActiveCampaign TrioLive
-CVE-2008-5055 (SQL injection vulnerability in department_offline_context.php in ...)
+CVE-2008-5055
 	NOT-FOR-US: ActiveCampaign TrioLive
-CVE-2008-5054 (Multiple SQL injection vulnerabilities in Develop It Easy Membership ...)
+CVE-2008-5054
 	NOT-FOR-US: Develop It Easy Membership System
-CVE-2008-5053 (PHP remote file inclusion vulnerability in admin.rssreader.php in the ...)
+CVE-2008-5053
 	NOT-FOR-US: com_rssreader component for Joomla!
-CVE-2008-5052 (The AppendAttributeValue function in the JavaScript engine in Mozilla ...)
+CVE-2008-5052
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5051 (SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 ...)
+CVE-2008-5051
 	NOT-FOR-US: joomla
-CVE-2008-5049 (Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger ...)
+CVE-2008-5049
 	NOT-FOR-US: ISecSoft Anti-Keylogger
-CVE-2008-5048 (Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and ...)
+CVE-2008-5048
 	NOT-FOR-US: ISecSoft Anti-Trojan
-CVE-2008-5047 (SQL injection vulnerability in admin/index.php in Mole Group Rental ...)
+CVE-2008-5047
 	NOT-FOR-US: Mole Group Rental Script
-CVE-2008-5046 (SQL injection vulnerability in index.php in Mole Group Pizza Script ...)
+CVE-2008-5046
 	NOT-FOR-US: Mole Group Pizza Script
-CVE-2008-5045 (Heap-based buffer overflow in Network-Client FTP Now 2.6, and possibly ...)
+CVE-2008-5045
 	NOT-FOR-US: Network-Client FTP Now
-CVE-2008-5044 (Race condition in Microsoft Windows Server 2003 and Vista allows local ...)
+CVE-2008-5044
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-5043 (Multiple cross-site scripting (XSS) vulnerabilities in the web-based ...)
+CVE-2008-5043
 	NOT-FOR-US: IBM Metrica Service Assurance Framework
-CVE-2008-5042 (Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to ...)
+CVE-2008-5042
 	NOT-FOR-US: Zeeways PhotoVideoTube
-CVE-2008-5041 (Sweex RO002 Router with firmware Ts03-072 has &quot;rdc123&quot; as its default ...)
+CVE-2008-5041
 	NOT-FOR-US: Sweex RO002 Router
-CVE-2008-5040 (Graphiks MyForum 1.3 allows remote attackers to bypass authentication ...)
+CVE-2008-5040
 	NOT-FOR-US: Graphiks MyForum
-CVE-2008-5039 (Cross-site scripting (XSS) vulnerability in the League module for ...)
+CVE-2008-5039
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-5038 (Use-after-free vulnerability in the NetWare Core Protocol (NCP) ...)
+CVE-2008-5038
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-5037 (SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 ...)
+CVE-2008-5037
 	NOT-FOR-US: ElkaGroup Image Gallery
 CVE-2008-XXXX [typo3: passwords are not changeable bug in the backend]
 	- typo3-src 4.2.3-1 (bug #505326)
 	[etch] - typo3-src <not-affected> (Typo3 versions below 4.2.x are not affected)
-CVE-2008-5919 (Directory traversal vulnerability in rss.php in WebSVN 2.0 and ...)
+CVE-2008-5919
 	- websvn 2.0-4 (bug #503330)
 	[etch] - websvn <not-affected> (vulnerable code not present)
-CVE-2008-5918 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2008-5918
 	- websvn 2.0-4 (bug #503330)
 	[etch] - websvn <not-affected> (vulnerable code not present)
-CVE-2008-5033 (The chip_command function in drivers/media/video/tvaudio.c in the ...)
+CVE-2008-5033
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 <not-affected> (Vulnerable code not present; different ioctls3B)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present; different ioctls)
-CVE-2008-5031 (Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, ...)
+CVE-2008-5031
 	- python2.5 2.5.2-11.1
 	[etch] - python2.5 <no-dsa> (Minor issue)
 	[etch] - python2.4 <no-dsa> (Minor issue)
 	- python2.4 2.4.5-6 (low; bug #507317; bug #504620)
 	NOTE: definitely fixed in 2.5.2-11.1 for lenny/unstable (svn-updates.dpatch)
 	NOTE: maybe fixed earlier, doko is not able to tell the exact version atm
-CVE-2008-5030 (Heap-based buffer overflow in the cddb_read_disc_data function in ...)
+CVE-2008-5030
 	{DSA-1665-1}
 	- libcdaudio 0.99.12p2-7 (bug #505478)
-CVE-2008-5024 (Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, ...)
+CVE-2008-5024
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5023 (Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey ...)
+CVE-2008-5023
 	{DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- iceape 1.1.13-1
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-5022 (The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x ...)
+CVE-2008-5022
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel 3.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5021 (nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before ...)
+CVE-2008-5021
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
@@ -5241,25 +5241,25 @@ CVE-2008-5021 (nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before ..
 	- iceape 1.1.13-1
 CVE-2008-5020
 	REJECTED
-CVE-2008-5019 (The session restore feature in Mozilla Firefox 3.x before 3.0.4 and ...)
+CVE-2008-5019
 	{DSA-1671-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: patch for xulrunner currently not suitable, Alexander will check this further
-CVE-2008-5018 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x ...)
+CVE-2008-5018
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5017 (Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in ...)
+CVE-2008-5017
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5016 (The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x ...)
+CVE-2008-5016
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
@@ -5268,245 +5268,245 @@ CVE-2008-5016 (The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbir
 	[etch] - xulrunner <not-affected> (Doesn't affect Firefox 2.x et al)
 	[etch] - iceape <not-affected> (Doesn't affect Firefox 2.x et al)
 	[etch] - icedove <not-affected> (Doesn't affect Firefox 2.x et al)
-CVE-2008-5015 (Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: ...)
+CVE-2008-5015
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	[etch] - iceweasel <not-affected> (Doesn't affect Firefox 2.x)
 	[etch] - xulrunner <not-affected> (Doesn't affect Firefox 2.x)
-CVE-2008-5014 (jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before ...)
+CVE-2008-5014
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5013 (Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do ...)
+CVE-2008-5013
 	{DSA-1697-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-5012 (Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, ...)
+CVE-2008-5012
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.19-1
-CVE-2008-5010 (in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and ...)
+CVE-2008-5010
 	NOT-FOR-US: in.dhcpd
-CVE-2008-5101 (Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows ...)
+CVE-2008-5101
 	- optipng 0.6.1.1-1 (bug #505399)
 	[etch] - optipng <not-affected> (Vulnerable code not present referring to upstream)
-CVE-2008-5035 (The Resource Monitoring and Control (RMC) daemon in IBM Hardware ...)
+CVE-2008-5035
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2008-5026 (Microsoft SharePoint uses URLs with the same hostname and port number ...)
+CVE-2008-5026
 	NOT-FOR-US: Microsoft
-CVE-2008-5011 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
+CVE-2008-5011
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-5009 (Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, ...)
+CVE-2008-5009
 	NOT-FOR-US: Sun Solstice X.25
-CVE-2008-5025 (Stack-based buffer overflow in the hfs_cat_find_brec function in ...)
+CVE-2008-5025
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5029 (The __scm_destroy function in net/core/scm.c in the Linux kernel ...)
+CVE-2008-5029
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5008 (Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or ...)
+CVE-2008-5008
 	- libsamplerate 0.1.4-1 (low)
 	[etch] - libsamplerate <no-dsa> (Minor issue)
-CVE-2008-5006 (smtp.c in the c-client library in University of Washington IMAP ...)
+CVE-2008-5006
 	{DSA-1685-1 DTSA-174-1 DTSA-174-2}
 	- uw-imap 7:2007d~dfsg-1
-CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of Washington ...)
+CVE-2008-5005
 	{DSA-1685-1 DTSA-174-1 DTSA-174-2}
 	[lenny] - uw-imap 2007b~dfsg-4+lenny1
 	- uw-imap 7:2007d~dfsg-1
 	- alpine <not-affected> (vulnerable code present but tmail/dmail wont be installed)
-CVE-2008-5004 (SQL injection vulnerability in genscode.php in myWebland Bloggie Lite ...)
+CVE-2008-5004
 	NOT-FOR-US: myWebland Bloggie Lite
-CVE-2008-5003 (SQL injection vulnerability in ndetail.php in Shahrood allows remote ...)
+CVE-2008-5003
 	NOT-FOR-US: Shahrood
-CVE-2008-5002 (Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ...)
+CVE-2008-5002
 	NOT-FOR-US: ActiveX
-CVE-2008-5001 (Multiple stack-based buffer overflows in multiple functions in ...)
+CVE-2008-5001
 	NOT-FOR-US: UltraVNC
-CVE-2008-5000 (SQL injection vulnerability in admin/includes/news.inc.php in PHPX ...)
+CVE-2008-5000
 	NOT-FOR-US: PHPX
-CVE-2008-4999 (Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to ...)
+CVE-2008-4999
 	NOT-FOR-US: Nortel Networks UNIStim IP Phone
-CVE-2008-4997 (** DISPUTED ** ...)
+CVE-2008-4997
 	- pilot-qof <unfixed> (unimportant; bug #496429)
-CVE-2008-4996 (** DISPUTED ** ...)
+CVE-2008-4996
 	- initramfs-tools <unfixed> (unimportant; bug #496386)
-CVE-2008-4992 (The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and ...)
+CVE-2008-4992
 	NOT-FOR-US: Sun System Firmware
-CVE-2008-5050 (Off-by-one error in the get_unicode_name function ...)
+CVE-2008-5050
 	{DSA-1680-1}
 	- clamav 0.94.dfsg.1-1 (bug #505134)
-CVE-2008-4991 (SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and ...)
+CVE-2008-4991
 	NOT-FOR-US: LOCKON CO.,LTD. EC-CUBE
 CVE-2008-XXXX [yzis insecure temp file]
 	- yzis 1.0~alpha1-2 (bug #504680)
-CVE-2008-5113 (WordPress 2.6.3 relies on the REQUEST superglobal array in certain ...)
+CVE-2008-5113
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-10 (bug #504771)
-CVE-2008-4990 (Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before ...)
+CVE-2008-4990
 	NOT-FOR-US: Enomalism
-CVE-2008-4989 (The _gnutls_x509_verify_certificate function in lib/x509/verify.c in ...)
+CVE-2008-4989
 	{DSA-1719-1}
 	- gnutls26 2.4.2-3 (bug #505360)
 	- gnutls13 <removed>
-CVE-2008-4963 (Unspecified vulnerability in the VLAN Trunking Protocol (VTP) ...)
+CVE-2008-4963
 	NOT-FOR-US: Cisco IOS and CatOS
 CVE-2008-4962
 	RESERVED
 CVE-2008-4961
 	RESERVED
-CVE-2008-4953 (** DISPUTED ** ...)
+CVE-2008-4953
 	- firehol <unfixed> (unimportant; bug #496424)
 	NOTE: attack unfeasible because of $$-${RANDOM}-${RANDOM}
-CVE-2008-4950 (** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to ...)
+CVE-2008-4950
 	- dpkg-cross <unfixed> (unimportant; bug #496413)
 	NOTE: executed under a chroot when a package failed to cross-build
-CVE-2008-4938 (aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary ...)
+CVE-2008-4938
 	- aegis 4.24-3.1 (low; bug #496400)
 	[etch] - aegis <no-dsa> (Minor issue)
-CVE-2008-4934 (The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the ...)
+CVE-2008-4934
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4933 (Buffer overflow in the hfsplus_find_cat function in ...)
+CVE-2008-4933
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4932 (webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 ...)
+CVE-2008-4932
 	NOT-FOR-US: U-Mail Webmail server
 CVE-2008-XXXX [universalindentgui insecure usage of temp files]
 	- universalindentgui 0.8.1-1.2 (low; bug #504726)
-CVE-2008-5032 (Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through ...)
+CVE-2008-5032
 	{DSA-1819-1 DTSA-176-1}
 	- vlc 0.8.6.h-5 (medium; bug #504639)
-CVE-2008-5036 (Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before ...)
+CVE-2008-5036
 	- vlc 1.0.3-1 (low)
 	[etch] - vlc <not-affected> (Vulnerable code not present in 0.8.x)
 	[lenny] - vlc <not-affected> (Vulnerable code not present in 0.8.x)
-CVE-2008-4931 (Cross-site scripting (XSS) vulnerability in the account module in ...)
+CVE-2008-4931
 	NOT-FOR-US: firmCHANNEL Digital Signage
-CVE-2008-4930 (MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded ...)
+CVE-2008-4930
 	NOT-FOR-US: MyBB
-CVE-2008-4929 (MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to ...)
+CVE-2008-4929
 	NOT-FOR-US: MyBB
-CVE-2008-4928 (Cross-site scripting (XSS) vulnerability in the redirect function in ...)
+CVE-2008-4928
 	NOT-FOR-US: MyBB
-CVE-2008-4927 (Microsoft Windows Media Player (WMP) 9.0 through 11 allows ...)
+CVE-2008-4927
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-4926 (Multiple insecure method vulnerabilities in MW6 Technologies PDF417 ...)
+CVE-2008-4926
 	NOT-FOR-US: MW6 Technologies PDF417 ActiveX
-CVE-2008-4925 (Multiple insecure method vulnerabilities in MW6 Technologies ...)
+CVE-2008-4925
 	NOT-FOR-US: MW6 Technologies DataMatrix ActiveX
-CVE-2008-4924 (Multiple insecure method vulnerabilities in MW6 Technologies 1D ...)
+CVE-2008-4924
 	NOT-FOR-US: MW6 Technologies 1D Barcode ActiveX
-CVE-2008-4923 (Multiple insecure method vulnerabilities in MW6 Technologies Aztec ...)
+CVE-2008-4923
 	NOT-FOR-US: MW6 Technologies Aztec ActiveX
-CVE-2008-4922 (Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office ...)
+CVE-2008-4922
 	NOT-FOR-US: DjVu ActiveX
-CVE-2008-4921 (board/admin/reguser.php in Chipmunk CMS 1.3 allows remote attackers to ...)
+CVE-2008-4921
 	NOT-FOR-US: Chipmunk CMS
 CVE-2008-4920
 	REJECTED
-CVE-2008-4919 (Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X ...)
+CVE-2008-4919
 	NOT-FOR-US: eXPert PDF Viewer X ActiveX
-CVE-2008-4918 (Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced ...)
+CVE-2008-4918
 	NOT-FOR-US: SonicOS Enhanced
-CVE-2008-5027 (The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor ...)
+CVE-2008-5027
 	- nagios3 <removed> (unimportant)
 	NOTE: the nagios process shouldnt have rights to execute important commands and non-trusted
 	NOTE: users shouldn't have access to nagios anyway
-CVE-2008-5028 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) ...)
+CVE-2008-5028
 	- nagios3 3.0.6-1 (low; bug #504894)
 	[etch] - nagios2 <no-dsa> (CSRF can only cause DoS and needs admin's browser)
-CVE-2008-4917 (Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and ...)
+CVE-2008-4917
 	NOT-FOR-US: VMware Workstation
-CVE-2008-4916 (Unspecified vulnerability in a guest virtual device driver in VMware ...)
+CVE-2008-4916
 	NOT-FOR-US: VMWare
-CVE-2008-4915 (The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and ...)
+CVE-2008-4915
 	NOT-FOR-US: VMware Workstation
-CVE-2008-4914 (Unspecified vulnerability in VMware ESXi 3.5 before ...)
+CVE-2008-4914
 	NOT-FOR-US: VMware
-CVE-2008-4913 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and ...)
+CVE-2008-4913
 	NOT-FOR-US: LokiCMS
-CVE-2008-4912 (SQL injection vulnerability in popup_img.php in the fotogalerie module ...)
+CVE-2008-4912
 	NOT-FOR-US: RS MAXSOFT
-CVE-2008-4911 (PHP remote file inclusion vulnerability in read.php in Chattaitaliano ...)
+CVE-2008-4911
 	NOT-FOR-US: Chattaitaliano Istant-Replay
-CVE-2008-4910 (The BasicService in Sun Java Web Start allows remote attackers to ...)
+CVE-2008-4910
 	NOT-FOR-US: Sun Java Web Start
-CVE-2008-4909 (Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and ...)
+CVE-2008-4909
 	NOT-FOR-US: CompactCMS
-CVE-2008-4908 (maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local ...)
+CVE-2008-4908
 	- crossfire-maps 1.11.0-2 (low; bug #496358; bug #504561)
 	[etch] - crossfire-maps <no-dsa> (Minor issue)
-CVE-2008-4906 (SQL injection vulnerability in lyrics_song.php in the Lyrics ...)
+CVE-2008-4906
 	NOT-FOR-US: Lyrics (lyrics_menu) plugin for e107
-CVE-2008-4905 (Typo 5.1.3 and earlier uses a hard-coded salt for calculating password ...)
+CVE-2008-4905
 	- typo <itp> (bug #379399)
-CVE-2008-4904 (SQL injection vulnerability in the &quot;Manage pages&quot; feature ...)
+CVE-2008-4904
 	- typo <itp> (bug #379399)
-CVE-2008-4903 (Cross-site scripting (XSS) vulnerability in the leave comment ...)
+CVE-2008-4903
 	- typo <itp> (bug #379399)
-CVE-2008-4902 (SQL injection vulnerability in contact_author.php in Article Publisher ...)
+CVE-2008-4902
 	NOT-FOR-US: Article Publisher
-CVE-2008-4901 (SQL injection vulnerability in admin/admin.php in Article Publisher ...)
+CVE-2008-4901
 	NOT-FOR-US: Article Publisher
-CVE-2008-4900 (SQL injection vulnerability in tr.php in YourFreeWorld Classifieds ...)
+CVE-2008-4900
 	NOT-FOR-US: YourFreeWorld Classifieds
-CVE-2008-4899 (Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe ...)
+CVE-2008-4899
 	NOT-FOR-US: Planetluc RateMe
-CVE-2008-4898 (Cross-site scripting (XSS) vulnerability in planetluc RateMe 1.3.3 ...)
+CVE-2008-4898
 	NOT-FOR-US: Planetluc RateMe
-CVE-2008-4897 (SQL injection vulnerability in fichiers/add_url.php in Logz podcast ...)
+CVE-2008-4897
 	NOT-FOR-US: Logz podcast CMS
-CVE-2008-4896 (Cross-site scripting (XSS) vulnerability in fichiers/add_url.php in ...)
+CVE-2008-4896
 	NOT-FOR-US: Logz CMS
-CVE-2008-4895 (SQL injection vulnerability in tr.php in YourFreeWorld Downline ...)
+CVE-2008-4895
 	NOT-FOR-US: YourFreeWorld Downline
-CVE-2008-4894 (Directory traversal vulnerability in ...)
+CVE-2008-4894
 	NOT-FOR-US: Tribiq CMS
-CVE-2008-4893 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-4893
 	NOT-FOR-US: Tribiq CMS
-CVE-2008-4892 (Cross-site scripting (XSS) vulnerability in gallery.inc.php in ...)
+CVE-2008-4892
 	NOT-FOR-US: Planetluc MyGallery
-CVE-2008-4891 (Cross-site scripting (XSS) vulnerability in signme.inc.php in ...)
+CVE-2008-4891
 	NOT-FOR-US: SignMe
-CVE-2008-4890 (SQL injection vulnerability in products.php in 1st News 4 Professional ...)
+CVE-2008-4890
 	NOT-FOR-US: 1st News 4 Professional
-CVE-2008-4889 (SQL injection vulnerability in index.php in deV!L'z Clanportal (DZCP) ...)
+CVE-2008-4889
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2008-4888 (Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 ...)
+CVE-2008-4888
 	NOT-FOR-US: NetRisk 2.0
-CVE-2008-4887 (SQL injection vulnerability in index.php in NetRisk 2.0 and earlier ...)
+CVE-2008-4887
 	NOT-FOR-US: NetRisk 2.0
-CVE-2008-4886 (SQL injection vulnerability in index.php in YourFreeWorld Shopping ...)
+CVE-2008-4886
 	NOT-FOR-US: YourFreeWorld Shopping
-CVE-2008-4885 (SQL injection vulnerability in tr1.php in YourFreeWorld Scrolling Text ...)
+CVE-2008-4885
 	NOT-FOR-US: YourFreeWorld Scrolling Text
-CVE-2008-4884 (SQL injection vulnerability in tr.php in YourFreeWorld Classifieds ...)
+CVE-2008-4884
 	NOT-FOR-US: YourFreeWorld Classifieds
-CVE-2008-4883 (SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster ...)
+CVE-2008-4883
 	NOT-FOR-US: YourFreeWorld Blog Blaster
-CVE-2008-4882 (SQL injection vulnerability in tr.php in YourFreeWorld Autoresponder ...)
+CVE-2008-4882
 	NOT-FOR-US: YourFreeWorld Autoresponder
-CVE-2008-4881 (SQL injection vulnerability in tr.php in YourFreeWorld Reminder ...)
+CVE-2008-4881
 	NOT-FOR-US: YourFreeWorld Reminder
-CVE-2008-4880 (SQL injection vulnerability in prodshow.php in Maran PHP Shop allows ...)
+CVE-2008-4880
 	NOT-FOR-US: Maran PHP Shop
-CVE-2008-4879 (SQL injection vulnerability in prod.php in Maran PHP Shop allows ...)
+CVE-2008-4879
 	NOT-FOR-US: Maran PHP Shop
-CVE-2008-4907 (The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the ...)
+CVE-2008-4907
 	- dovecot 1:1.1.7-1 (low)
 	[etch] - dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
 	[lenny] - dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
-CVE-2008-5186 (** DISPUTED ** ...)
+CVE-2008-5186
 	{DTSA-179-1}
 	- geshi 1.0.8.1-1 (bug #504445)
 	NOTE: its rather an application bug if the input to set_language_path is unfiltered user input
@@ -5517,33 +5517,33 @@ CVE-2008-5186 (** DISPUTED ** ...)
 	NOTE: pgfouine too does not override default language files path
 CVE-2008-6432
 	REJECTED
-CVE-2008-4878 (Unrestricted file upload vulnerability in the &quot;Add Image Macro&quot; ...)
+CVE-2008-4878
 	NOT-FOR-US: WebCards
-CVE-2008-4877 (SQL injection vulnerability in admin.php in WebCards 1.3, when ...)
+CVE-2008-4877
 	NOT-FOR-US: WebCards
-CVE-2008-4876 (Cross-site scripting (XSS) vulnerability in the web server component ...)
+CVE-2008-4876
 	NOT-FOR-US: Philips Electronics VOIP841 DECT Phone
-CVE-2008-4875 (Directory traversal vulnerability in the web server in Philips ...)
+CVE-2008-4875
 	NOT-FOR-US: Philips Electronics VOIP841 DECT Phone
-CVE-2008-4874 (The web component in Philips Electronics VOIP841 DECT Phone with ...)
+CVE-2008-4874
 	NOT-FOR-US: Philips Electronics VOIP841 DECT Phone
-CVE-2008-4873 (board.cgi in Sepal SPBOARD 4.5 allows remote attackers to execute ...)
+CVE-2008-4873
 	NOT-FOR-US: Sepal SPBOARD
-CVE-2008-4872 (Cross-site scripting (XSS) vulnerability in bidhistory.php in ...)
+CVE-2008-4872
 	NOT-FOR-US: iTechBids Gold
-CVE-2008-4871 (Cross-site scripting (XSS) vulnerability in My Little Forum 1.75 and ...)
+CVE-2008-4871
 	NOT-FOR-US: My Little Forum
-CVE-2008-4870 (dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly ...)
+CVE-2008-4870
 	- dovecot <unfixed> (unimportant)
 	NOTE: by default this file doesnt containt sensitive information and administrator
 	NOTE: changing this should ensure on its own that the mode is secure
-CVE-2008-4869 (FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers ...)
+CVE-2008-4869
 	- ffmpeg-debian 0.svn20080206-15 (unimportant; bug #504977)
 	NOTE: A regular bug, but hardly a security issue
 	- kino 1.0.0-1
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
-CVE-2008-4868 (Unspecified vulnerability in the avcodec_close function in ...)
+CVE-2008-4868
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- ffmpeg-debian <not-affected> (Vulnerable code not present)
 	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -5553,7 +5553,7 @@ CVE-2008-4868 (Unspecified vulnerability in the avcodec_close function in ...)
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2008-4867 (Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as ...)
+CVE-2008-4867
 	- ffmpeg 0.svn20080206-14
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
 	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -5563,7 +5563,7 @@ CVE-2008-4867 (Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 ...)
+CVE-2008-4866
 	{DSA-1782-1}
 	- ffmpeg 0.svn20080206-14
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
@@ -5573,15 +5573,15 @@ CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2008-4865 (Untrusted search path vulnerability in valgrind before 3.4.0 allows ...)
+CVE-2008-4865
 	- valgrind 1:3.3.1-3 (unimportant; bug #507312)
 	NOTE: That's hardly an issue
-CVE-2008-4864 (Multiple integer overflows in imageop.c in the imageop module in ...)
+CVE-2008-4864
 	- python2.5 2.5.2-12 (low; bug #504619)
 	[etch] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 2.4.5-6 (low; bug #504620)
 	[etch] - python2.4 <no-dsa> (Minor issue)
-CVE-2008-4863 (Untrusted search path vulnerability in BPY_interface in Blender 2.46 ...)
+CVE-2008-4863
 	- blender 2.46+dfsg-5 (bug #503632; low)
 	[etch] - blender 2.42a-8
 	NOTE: minor issue fixed in etch r6 point update
@@ -5621,13 +5621,13 @@ CVE-2008-4846
 	REJECTED
 CVE-2008-4845
 	REJECTED
-CVE-2008-4844 (Use-after-free vulnerability in the ...)
+CVE-2008-4844
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-4843
 	REJECTED
 CVE-2008-4842
 	REJECTED
-CVE-2008-4841 (The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 ...)
+CVE-2008-4841
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4840
 	REJECTED
@@ -5635,60 +5635,60 @@ CVE-2008-4839
 	REJECTED
 CVE-2008-4838
 	REJECTED
-CVE-2008-4837 (Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 ...)
+CVE-2008-4837
 	NOT-FOR-US: Microsoft Office Word
 CVE-2008-4836
 	REJECTED
-CVE-2008-4835 (SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and ...)
+CVE-2008-4835
 	NOT-FOR-US: Windows
-CVE-2008-4834 (Buffer overflow in SMB in the Server service in Microsoft Windows 2000 ...)
+CVE-2008-4834
 	NOT-FOR-US: Windows
 CVE-2008-4833
 	REJECTED
-CVE-2008-4832 (rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows ...)
+CVE-2008-4832
 	NOT-FOR-US: rPath
-CVE-2008-4831 (Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ...)
+CVE-2008-4831
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-4830 (Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI ...)
+CVE-2008-4830
 	NOT-FOR-US: KWEdit ActiveX control
-CVE-2008-4829 (Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow ...)
+CVE-2008-4829
 	{DSA-1683-1}
 	- streamripper 1.63.5-2 (bug #506377)
-CVE-2008-4828 (Multiple stack-based buffer overflows in dsmagent.exe in the Remote ...)
+CVE-2008-4828
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2008-4827 (Multiple heap-based buffer overflows in the AddTab method in the (1) ...)
+CVE-2008-4827
 	NOT-FOR-US: ComponentOne SizerOne
 CVE-2008-4826
 	REJECTED
-CVE-2008-4825 (Multiple buffer overflows in UltraISO 9.3.1.2633, and possibly other ...)
+CVE-2008-4825
 	NOT-FOR-US: UltraISO
-CVE-2008-4824 (Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before ...)
+CVE-2008-4824
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4823 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...)
+CVE-2008-4823
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4822 (Adobe Flash Player 9.0.124.0 and earlier does not properly interpret ...)
+CVE-2008-4822
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4821 (Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is ...)
+CVE-2008-4821
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4820 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
+CVE-2008-4820
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4819 (Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier ...)
+CVE-2008-4819
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4818 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...)
+CVE-2008-4818
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4817 (The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 ...)
+CVE-2008-4817
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4816 (Unspecified vulnerability in the Download Manager in Adobe Reader ...)
+CVE-2008-4816
 	NOT-FOR-US: Adobe Reader on Windows
-CVE-2008-4815 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 ...)
+CVE-2008-4815
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4814 (Unspecified vulnerability in a JavaScript method in Adobe Reader and ...)
+CVE-2008-4814
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow ...)
+CVE-2008-4813
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4812 (Array index error in Adobe Reader and Acrobat, and the Explorer ...)
+CVE-2008-4812
 	NOT-FOR-US: Adobe Reader Explorer extension
-CVE-2008-4811 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...)
+CVE-2008-4811
 	{DSA-1691-1}
 	- smarty 2.6.26-0.1 (bug #504328)
 	[lenny] - smarty <no-dsa> (Minor issue, fix will change behaviour)
@@ -5696,46 +5696,46 @@ CVE-2008-4811 (The _expand_quoted_text function in libs/Smarty_Compiler.class.ph
 	- moodle 1.8.2-2 (bug #504345)
 	- gallery2 2.2.5-2
 	NOTE: This attack vector is *not* fixed in r2797
-CVE-2008-4810 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...)
+CVE-2008-4810
 	{DSA-1919-1 DSA-1691-1}
 	- smarty 2.6.26-0.1 (bug #504328)
 	- moodle 1.8.2-2 (bug #504345)
 	- gallery2 2.2.5-2
 	NOTE: This attack vector is fixed in r2797
-CVE-2008-4809 (Multiple unspecified vulnerabilities in the Profiles search pages in ...)
+CVE-2008-4809
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4808 (IBM Lotus Connections 2.x before 2.0.1 allows attackers to discover ...)
+CVE-2008-4808
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4807 (IBM Lotus Connections 2.x before 2.0.1 stores the password for the ...)
+CVE-2008-4807
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4806 (Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x ...)
+CVE-2008-4806
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4805 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
+CVE-2008-4805
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4804 (SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke ...)
+CVE-2008-4804
 	NOT-FOR-US: NFU Gallery module 1.3 for PHP-Nuke
-CVE-2008-4803 (Cross-site scripting (XSS) vulnerability in index.php in Simple PHP ...)
+CVE-2008-4803
 	NOT-FOR-US: Simple PHP Scripts gallery
-CVE-2008-4802 (Cross-site scripting (XSS) vulnerability in complete.php in Simple PHP ...)
+CVE-2008-4802
 	NOT-FOR-US: Simple PHP Scripts blog
-CVE-2008-5076 (htop 0.7 writes process names to a terminal without sanitizing ...)
+CVE-2008-5076
 	- htop 0.8.1-2 (unimportant; bug #504144)
 	NOTE: That scenario is too constructed to call it a security issue, especially
 	NOTE: given that the standard top will display the maliciously hidden processes
 	NOTE: just fine.
-CVE-2008-5256 (The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek ...)
+CVE-2008-5256
 	- virtualbox-ose 1.6.6-dfsg-3 (low; bug #504149)
-CVE-2008-4801 (Heap-based buffer overflow in the Data Protection for SQL CAD service ...)
+CVE-2008-4801
 	NOT-FOR-US: SQL CAD service
-CVE-2008-4800 (The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in ...)
+CVE-2008-4800
 	NOT-FOR-US: ActiveX control
-CVE-2008-4799 (pamperspective in Netpbm before 10.35.48 does not properly calculate a ...)
+CVE-2008-4799
 	- netpbm-free <not-affected> (Vulnerable code not present)
-CVE-2008-4798 (The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 ...)
+CVE-2008-4798
 	NOT-FOR-US: WebGUI
-CVE-2008-4797 (Directory traversal vulnerability in Arihiro Kurata Kantan WEB Server ...)
+CVE-2008-4797
 	NOT-FOR-US: Arihiro Kurata Kantan WEB Server
-CVE-2008-4796 (The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 ...)
+CVE-2008-4796
 	{DSA-1871-2 DSA-1871-1 DSA-1691-1}
 	- libphp-snoopy 1.2.4-1 (bug #504168; medium)
 	- ampache 3.4.1-2 (bug #504169)
@@ -5750,59 +5750,59 @@ CVE-2008-4796 (The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.
 	- gforge-plugin-scmcvs <removed>
 	[etch] - gforge-plugin-scmcvs <not-affected> (Snoopy function not used on URLs that come from user input)
 	- magpierss <not-affected> (Fixed in all supported distributions)
-CVE-2008-4795 (The links panel in Opera before 9.62 processes Javascript within the ...)
+CVE-2008-4795
 	NOT-FOR-US: Opera
-CVE-2008-4794 (Opera before 9.62 allows remote attackers to execute arbitrary ...)
+CVE-2008-4794
 	NOT-FOR-US: Opera
-CVE-2008-4793 (The node module API in Drupal 5.x before 5.11 allows remote attackers ...)
+CVE-2008-4793
 	- drupal5 5.10-3 (low)
 	- drupal6 <not-affected> (Vulnerable code not present)
-CVE-2008-4792 (The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 ...)
+CVE-2008-4792
 	- drupal5 5.10-3 (low)
 	- drupal6 6.4-2 (low)
-CVE-2008-4791 (The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might ...)
+CVE-2008-4791
 	- drupal5 5.10-3 (low)
 	- drupal6 6.4-2 (low)
-CVE-2008-4790 (The core upload module in Drupal 5.x before 5.11 allows remote ...)
+CVE-2008-4790
 	- drupal5 5.10-3 (low)
-CVE-2008-4789 (The validation functionality in the core upload module in Drupal 6.x ...)
+CVE-2008-4789
 	- drupal6 6.4-2 (low)
-CVE-2008-4788 (Microsoft Internet Explorer 6 omits high-bit URL-encoded characters ...)
+CVE-2008-4788
 	NOT-FOR-US: Microsoft Internet Explorer 6
-CVE-2008-4787 (Visual truncation vulnerability in Microsoft Internet Explorer 6 ...)
+CVE-2008-4787
 	NOT-FOR-US: Microsoft Internet Explorer 6
-CVE-2008-4786 (SQL injection vulnerability in easyshop.php in the EasyShop plugin for ...)
+CVE-2008-4786
 	NOT-FOR-US: EasyShop plugin for e107
-CVE-2008-4785 (SQL injection vulnerability in newuser.php in the alternate_profiles ...)
+CVE-2008-4785
 	NOT-FOR-US: e107
-CVE-2008-4784 (aflog 1.01 allows remote attackers to bypass authentication and gain ...)
+CVE-2008-4784
 	NOT-FOR-US: aflog
-CVE-2008-4783 (tlAds 1.0 allows remote attackers to bypass authentication and gain ...)
+CVE-2008-4783
 	NOT-FOR-US: tlAds
-CVE-2008-4782 (SQL injection vulnerability in public/code/cp_polls_results.php in All ...)
+CVE-2008-4782
 	NOT-FOR-US: AIOCP
-CVE-2008-4781 (Directory traversal vulnerability in update.php in MyKtools 2.4 allows ...)
+CVE-2008-4781
 	NOT-FOR-US: MyKtools
-CVE-2008-4780 (Directory traversal vulnerability in admin/centre.php in MyForum 1.3, ...)
+CVE-2008-4780
 	NOT-FOR-US: MyForum
-CVE-2008-4779 (Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers ...)
+CVE-2008-4779
 	NOT-FOR-US: TUGzip
-CVE-2008-4778 (SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 ...)
+CVE-2008-4778
 	NOT-FOR-US: Koobi CMS
-CVE-2008-4777 (SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) ...)
+CVE-2008-4777
 	NOT-FOR-US: Showroom Joomlearn LMS
-CVE-2008-4774 (Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS ...)
+CVE-2008-4774
 	NOT-FOR-US: QuestCMS
-CVE-2008-4773 (Directory traversal vulnerability in main/main.php in QuestCMS allows ...)
+CVE-2008-4773
 	NOT-FOR-US: QuestCMS
-CVE-2008-4772 (SQL injection vulnerability in main/main.php in QuestCMS allows remote ...)
+CVE-2008-4772
 	NOT-FOR-US: QuestCMS
-CVE-2008-4771 (Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in ...)
+CVE-2008-4771
 	NOT-FOR-US: ActiveX
-CVE-2008-4770 (The CMsgReader::readRect function in the VNC Viewer component in ...)
+CVE-2008-4770
 	{DSA-1716-1}
 	- vnc4 4.1.1+X4.3.0-31 (medium; bug #513531)
-CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of ...)
+CVE-2008-4776
 	{DSA-1664-1}
 	- libgadu 1:1.8.0+r592-3 (low; bug #503916)
 	- kadu 0.6.0.2-3 (low; bug #504429)
@@ -5811,210 +5811,210 @@ CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of .
 	[lenny] - centerim <no-dsa> (Minor issue)
 	NOTE: claimed to be fixed in point update but is not: [lenny] - centerim 4.22.5-1+lenny1
 	- qutecom <not-affected> (does not use libgadu embed; bug #559784)
-CVE-2008-4769 (Directory traversal vulnerability in the get_category_template ...)
+CVE-2008-4769
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-1
-CVE-2008-4768 (SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to ...)
+CVE-2008-4768
 	NOT-FOR-US: TLM CMS
-CVE-2008-4767 (Unrestricted file upload vulnerability in the DownloadsPlus module in ...)
+CVE-2008-4767
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-4766 (SQL injection vulnerability in member.php in Oxygen Bulletin Board ...)
+CVE-2008-4766
 	NOT-FOR-US: Oxygen Bulletin Board
-CVE-2008-4765 (SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth ...)
+CVE-2008-4765
 	NOT-FOR-US: osCommerce Poll Booth Add-On
-CVE-2008-4764 (Directory traversal vulnerability in the eXtplorer module ...)
+CVE-2008-4764
 	NOT-FOR-US: eXtplorer module in Joomla!
-CVE-2008-4763 (Multiple cross-site scripting (XSS) vulnerabilities in sample.php in ...)
+CVE-2008-4763
 	NOT-FOR-US: WiKID wClient-PHP
-CVE-2008-4762 (Stack-based buffer overflow in freeSSHd 1.2.1 allows remote ...)
+CVE-2008-4762
 	NOT-FOR-US: freeSSHd
-CVE-2008-4761 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-4761
 	NOT-FOR-US: Kayako eSupport
-CVE-2008-4760 (SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, ...)
+CVE-2008-4760
 	NOT-FOR-US: Graphiks MyForum
-CVE-2008-4759 (Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 ...)
+CVE-2008-4759
 	NOT-FOR-US: BuzzyWall
-CVE-2008-4758 (Directory traversal vulnerability in download_file.php in PHP-Daily ...)
+CVE-2008-4758
 	NOT-FOR-US: PHPdaily
-CVE-2008-4757 (Multiple SQL injection vulnerabilities in PHP-Daily allow remote ...)
+CVE-2008-4757
 	NOT-FOR-US: PHPdaily
-CVE-2008-4756 (Cross-site scripting (XSS) vulnerability in add_prest_date.php in ...)
+CVE-2008-4756
 	NOT-FOR-US: PHPdaily
-CVE-2008-4755 (SQL injection vulnerability in gotourl.php in PozScripts Classified ...)
+CVE-2008-4755
 	NOT-FOR-US: PozScripts Classified Auctions Script
-CVE-2008-4754 (SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez ...)
+CVE-2008-4754
 	NOT-FOR-US: Scripts for Sites Ez Forum
-CVE-2008-4753 (SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader ...)
+CVE-2008-4753
 	NOT-FOR-US: AJ Square RSS Reader
-CVE-2008-4752 (TlNews 2.2 allows remote attackers to bypass authentication and gain ...)
+CVE-2008-4752
 	NOT-FOR-US: TlNews
-CVE-2008-4751 (Cross-site scripting (XSS) vulnerability in index.php in iPei ...)
+CVE-2008-4751
 	NOT-FOR-US: iPei Guestbook
-CVE-2008-4750 (Stack-based buffer overflow in the VImpX.VImpAX ActiveX control ...)
+CVE-2008-4750
 	NOT-FOR-US: ActiveX
-CVE-2008-4749 (Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX ...)
+CVE-2008-4749
 	NOT-FOR-US: ActiveX
-CVE-2008-4747 (Unspecified vulnerability in the search feature in Sun Java System ...)
+CVE-2008-4747
 	NOT-FOR-US: Sun Java System LDAP JDK
-CVE-2008-4746 (Multiple SQL injection vulnerabilities in Uniwin eCart Professional ...)
+CVE-2008-4746
 	NOT-FOR-US: Uniwin eCart Professional
-CVE-2008-4745 (Cross-site scripting (XSS) vulnerability in emailFriend.asp in Uniwin ...)
+CVE-2008-4745
 	NOT-FOR-US: Uniwin eCart Professional
-CVE-2008-4744 (SQL injection vulnerability in product_detail.php in DXShopCart 4.30mc ...)
+CVE-2008-4744
 	NOT-FOR-US: DXShopCart
-CVE-2008-4743 (SQL injection vulnerability in index.php in QuidaScript FAQ Management ...)
+CVE-2008-4743
 	NOT-FOR-US: QuidaScript FAQ Management Script
-CVE-2008-4742 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-4742
 	NOT-FOR-US: TimeTrex
-CVE-2008-4741 (Directory traversal vulnerability in index.php in FAR-PHP 1.00, when ...)
+CVE-2008-4741
 	NOT-FOR-US: FAR-PHP
-CVE-2008-4740 (Directory traversal vulnerability in templater.php in the ZZ_Templater ...)
+CVE-2008-4740
 	NOT-FOR-US: ZZ_Templater module in TinyCMS
-CVE-2008-4748 (Format string vulnerability in the URI handler in KVirc 3.4.0, when ...)
+CVE-2008-4748
 	- kvirc <not-affected> (Windows-specific vulnerability)
 CVE-2008-XXXX [balazar3: insecure temp file handling]
 	- balazar3 0.1-2 (bug #503750)
-CVE-2008-4775 (Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin ...)
+CVE-2008-4775
 	- phpmyadmin 4:2.11.8.1-4 (low)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.securityfocus.com/archive/1/497815
-CVE-2008-4739 (Directory traversal vulnerability in index.php in PlugSpace 0.1, when ...)
+CVE-2008-4739
 	NOT-FOR-US: PlugSpace
-CVE-2008-4738 (SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows ...)
+CVE-2008-4738
 	NOT-FOR-US: MyCard
-CVE-2008-4737 (Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite ...)
+CVE-2008-4737
 	NOT-FOR-US: WhoDomLite
-CVE-2008-4736 (SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and ...)
+CVE-2008-4736
 	NOT-FOR-US: RPG.Board
-CVE-2008-4735 (PHP remote file inclusion vulnerability in header.php in Concord ...)
+CVE-2008-4735
 	NOT-FOR-US: Concord software
-CVE-2008-4734 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2008-4734
 	NOT-FOR-US: WP Comment Remix plugin
-CVE-2008-4733 (Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP ...)
+CVE-2008-4733
 	NOT-FOR-US: WP Comment Remix plugin
-CVE-2008-4732 (SQL injection vulnerability in ajax_comments.php in the WP Comment ...)
+CVE-2008-4732
 	NOT-FOR-US: WP Comment Remix plugin
-CVE-2008-4731 (Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown ...)
+CVE-2008-4731
 	- yacy <itp> (bug #452422)
-CVE-2008-4730 (Cross-site scripting (XSS) vulnerability in MyID.php in phpMyID 0.9 ...)
+CVE-2008-4730
 	- phpmyid <itp> (bug #492325)
-CVE-2008-4729 (Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX ...)
+CVE-2008-4729
 	NOT-FOR-US: Hummingbird Xweb
-CVE-2008-4728 (Multiple insecure method vulnerabilities in the ...)
+CVE-2008-4728
 	NOT-FOR-US: Hummingbird Deployment Wizard
-CVE-2008-4727 (Cross-site scripting (XSS) vulnerability in the contact update page ...)
+CVE-2008-4727
 	NOT-FOR-US: SunGard Banner Student
-CVE-2008-4726 (Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 ...)
+CVE-2008-4726
 	NOT-FOR-US: GoodTech SSH
-CVE-2008-4725 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 ...)
+CVE-2008-4725
 	NOT-FOR-US: Opera
-CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome ...)
+CVE-2008-4724
 	- webkit 1.1.7-1 (low; bug #520052)
 	[lenny] - webkit <no-dsa> (Minor issue)
 	- kdelibs <not-affected>
 	- kde4libs <not-affected>
-CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
+CVE-2008-4723
 	- iceweasel <not-affected>
 	NOTE: firefox not affected, see https://bugzilla.redhat.com/468397
-CVE-2008-4722 (Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) ...)
+CVE-2008-4722
 	NOT-FOR-US: Sun ILOM
-CVE-2008-4721 (PHP Jabbers Post Comment 3.0 allows remote attackers to bypass ...)
+CVE-2008-4721
 	NOT-FOR-US: PHP Jabbers
-CVE-2008-4720 (Multiple PHP remote file inclusion vulnerabilities in The Gemini ...)
+CVE-2008-4720
 	NOT-FOR-US: The Gemini Portal
-CVE-2008-4719 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-4719
 	NOT-FOR-US: openEngine
-CVE-2008-4718 (Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 ...)
+CVE-2008-4718
 	NOT-FOR-US: X7 Chat
-CVE-2008-4717 (SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows ...)
+CVE-2008-4717
 	NOT-FOR-US: ZEELYRICS
-CVE-2008-4716 (SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 ...)
+CVE-2008-4716
 	NOT-FOR-US: PHP-Lance
-CVE-2008-4715 (SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for ...)
+CVE-2008-4715
 	NOT-FOR-US: com_jpad for Joomla!
-CVE-2008-4714 (Atomic Photo Album 1.1.0 pre4 does not properly handle the ...)
+CVE-2008-4714
 	NOT-FOR-US: Atomic Photo Album
-CVE-2008-4713 (SQL injection vulnerability in view.php in 212cafe Board 0.07 allows ...)
+CVE-2008-4713
 	NOT-FOR-US: 212cafe Board
-CVE-2008-4712 (Directory traversal vulnerability in pages/showblog.php in LnBlog ...)
+CVE-2008-4712
 	NOT-FOR-US: LnBlog
-CVE-2008-4711 (SQL injection vulnerability in Joovili 3.0 and earlier, when ...)
+CVE-2008-4711
 	NOT-FOR-US: Joovili
-CVE-2008-4710 (Cross-site scripting (XSS) vulnerability in the stock quotes page in ...)
+CVE-2008-4710
 	NOT-FOR-US: Stock module for Drupal
-CVE-2008-4709 (SQL injection vulnerability in news_read.php in Pilot Group (PG) ...)
+CVE-2008-4709
 	NOT-FOR-US: PG eTraining
-CVE-2008-4708 (BbZL.PhP 0.92 allows remote attackers to bypass authentication and ...)
+CVE-2008-4708
 	NOT-FOR-US: BbZL.PhP
-CVE-2008-4707 (Directory traversal vulnerability in index.php in BbZL.PhP 0.92 allows ...)
+CVE-2008-4707
 	NOT-FOR-US: BbZL.PhP
-CVE-2008-4706 (SQL injection vulnerability in VBGooglemap Hotspot Edition 1.0.3, a ...)
+CVE-2008-4706
 	NOT-FOR-US: VBGooglemap Hotspot Edition
-CVE-2008-4705 (SQL injection vulnerability in success_story.php in php Online Dating ...)
+CVE-2008-4705
 	NOT-FOR-US: MyPHPDating
-CVE-2008-4704 (PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in ...)
+CVE-2008-4704
 	NOT-FOR-US: SezHoo
-CVE-2008-4703 (SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows ...)
+CVE-2008-4703
 	NOT-FOR-US: BosDev BosNews
-CVE-2008-4702 (Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 ...)
+CVE-2008-4702
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-4701 (SQL injection vulnerability in admin.php in Libera CMS 1.12, when ...)
+CVE-2008-4701
 	NOT-FOR-US: Libera CMS
-CVE-2008-4700 (SQL injection vulnerability in admin.php in Libera CMS 1.12 and ...)
+CVE-2008-4700
 	NOT-FOR-US: Libera CMS
-CVE-2008-4699 (Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in ...)
+CVE-2008-4699
 	NOT-FOR-US: Peachtree Accounting
-CVE-2008-4698 (Opera before 9.61 does not properly block scripts during preview of a ...)
+CVE-2008-4698
 	NOT-FOR-US: Opera
-CVE-2008-4697 (The Fast Forward feature in Opera before 9.61, when a page is located ...)
+CVE-2008-4697
 	NOT-FOR-US: Opera
-CVE-2008-4696 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before ...)
+CVE-2008-4696
 	NOT-FOR-US: Opera
-CVE-2008-4695 (Opera before 9.60 allows remote attackers to obtain sensitive ...)
+CVE-2008-4695
 	NOT-FOR-US: Opera
-CVE-2008-4694 (Unspecified vulnerability in Opera before 9.60 allows remote attackers ...)
+CVE-2008-4694
 	NOT-FOR-US: Opera
-CVE-2008-4693 (The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 ...)
+CVE-2008-4693
 	NOT-FOR-US: IBM DB2
-CVE-2008-4692 (The Native Managed Provider for .NET component in IBM DB2 8 before ...)
+CVE-2008-4692
 	NOT-FOR-US: IBM DB2
-CVE-2008-4691 (Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in ...)
+CVE-2008-4691
 	NOT-FOR-US: IBM DB2
-CVE-2008-4690 (lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx ...)
+CVE-2008-4690
 	- lynx <not-affected> (advanced mode is not switched on in Debian configurations and lynxcgi handlers are really unlikely)
-CVE-2008-4689 (Mantis before 1.1.3 does not unset the session cookie during logout, ...)
+CVE-2008-4689
 	- mantis 1.1.2+dfsg-9 (low; bug #503588)
-CVE-2008-4688 (core/string_api.php in Mantis before 1.1.3 does not check the ...)
+CVE-2008-4688
 	- mantis 1.1.2+dfsg-9 (low; bug #503588)
-CVE-2008-4685 (Use-after-free vulnerability in the dissect_q931_cause_ie function in ...)
+CVE-2008-4685
 	{DSA-1673-1}
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4684 (packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly ...)
+CVE-2008-4684
 	{DSA-1673-1}
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4683 (The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL ...)
+CVE-2008-4683
 	{DSA-1673-1}
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4682 (wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to ...)
+CVE-2008-4682
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4681 (Unspecified vulnerability in the Bluetooth RFCOMM dissector in ...)
+CVE-2008-4681
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4680 (packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 ...)
+CVE-2008-4680
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4679 (The Web Services Security component in IBM WebSphere Application ...)
+CVE-2008-4679
 	NOT-FOR-US: IBM Websphere
-CVE-2008-4678 (The HTTP_Request_Parser method in the HTTP Transport component in IBM ...)
+CVE-2008-4678
 	NOT-FOR-US: IBM Websphere
-CVE-2008-4677 (autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ...)
+CVE-2008-4677
 	- vim <unfixed> (unimportant)
 	NOTE: documented in netrw documentation
 CVE-2008-XXXX [local file inclusion in drupal]
@@ -6023,142 +6023,142 @@ CVE-2008-XXXX [local file inclusion in drupal]
 CVE-2008-XXXX [XSS in book module in drupal]
 	- drupal6 6.6-1 (low; bug #503222)
 	- drupal5 <not-affected> (vulnerable code not present)
-CVE-2008-4676 (Unspecified vulnerability in Citrix XenApp (formerly Presentation ...)
+CVE-2008-4676
 	NOT-FOR-US: Citrix XenApp
-CVE-2008-4675 (SQL injection vulnerability in index.php in PHPcounter 1.3.2 and ...)
+CVE-2008-4675
 	NOT-FOR-US: PHPcounter
-CVE-2008-4674 (SQL injection vulnerability in realestate-index.php in Conkurent Real ...)
+CVE-2008-4674
 	NOT-FOR-US: Conkurent Real Estate Manager
-CVE-2008-4673 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-4673
 	NOT-FOR-US: WebBiscuits Software Events Calendar
-CVE-2008-4672 (Cross-site scripting (XSS) vulnerability in search_results.php in ...)
+CVE-2008-4672
 	NOT-FOR-US: buymyscripts Lyrics Script
-CVE-2008-4671 (Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in ...)
+CVE-2008-4671
 	- wordpress <not-affected> (Vulnerable code only in mulitiuser wordpress)
-CVE-2008-4670 (Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol ...)
+CVE-2008-4670
 	NOT-FOR-US: Ed Pudol Clickbank Portal
-CVE-2008-4669 (Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher ...)
+CVE-2008-4669
 	NOT-FOR-US: Dan Fletcher Recipe Script
-CVE-2008-4668 (Directory traversal vulnerability in the Image Browser ...)
+CVE-2008-4668
 	NOT-FOR-US: com_imagebrowser for Joomla!
-CVE-2008-4667 (Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 ...)
+CVE-2008-4667
 	NOT-FOR-US: ArabCMS
-CVE-2008-4666 (SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 ...)
+CVE-2008-4666
 	NOT-FOR-US: Ultimate Webboard
-CVE-2008-4665 (SQL injection vulnerability in PG Matchmaking allows remote attackers ...)
+CVE-2008-4665
 	NOT-FOR-US: PG Matchmaking
-CVE-2008-4664 (Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control ...)
+CVE-2008-4664
 	NOT-FOR-US: QvodInsert
-CVE-2008-4663 (Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, as used ...)
+CVE-2008-4663
 	NOT-FOR-US: K's CGI Access Log Kaiseki
-CVE-2008-4662 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when ...)
+CVE-2008-4662
 	NOT-FOR-US: LokiCMS
-CVE-2008-4661 (Cross-site scripting (XSS) vulnerability in the Page Improvements ...)
+CVE-2008-4661
 	NOT-FOR-US: sm_pageimprovements for Typo3
-CVE-2008-4660 (SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 ...)
+CVE-2008-4660
 	NOT-FOR-US: m1_intern for Typo3
-CVE-2008-4659 (SQL injection vulnerability in the Mannschaftsliste ...)
+CVE-2008-4659
 	NOT-FOR-US: kiddog_playerlist for Typo3
-CVE-2008-4658 (SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 ...)
+CVE-2008-4658
 	NOT-FOR-US: dmmjobcontrol for Typo3
-CVE-2008-4657 (SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and ...)
+CVE-2008-4657
 	NOT-FOR-US: econda for Typo3
-CVE-2008-4656 (SQL injection vulnerability in the Frontend Users View (feusersview) ...)
+CVE-2008-4656
 	NOT-FOR-US: fersview for Typo3
-CVE-2008-4655 (SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 ...)
+CVE-2008-4655
 	NOT-FOR-US: simplesurvey for Typo3
-CVE-2008-4653 (SQL injection vulnerability in makale.php in Makale 0.26 and possibly ...)
+CVE-2008-4653
 	NOT-FOR-US: Makale module for XOOPS
-CVE-2008-4652 (Buffer overflow in the ActiveX control (DartFtp.dll) in Dart ...)
+CVE-2008-4652
 	NOT-FOR-US: Dart Communications PowerTCP FTP
-CVE-2008-4651 (Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote ...)
+CVE-2008-4651
 	NOT-FOR-US: Jetbox CMS
-CVE-2008-4650 (SQL injection vulnerability in viewevent.php in myEvent 1.6 allows ...)
+CVE-2008-4650
 	NOT-FOR-US: myEvent
-CVE-2008-4649 (Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 ...)
+CVE-2008-4649
 	NOT-FOR-US: Elxis
-CVE-2008-4648 (Cross-site scripting (XSS) vulnerability in index.php in Elxis CMS ...)
+CVE-2008-4648
 	NOT-FOR-US: Elxis
-CVE-2008-4647 (SQL injection vulnerability in index.php in sweetCMS 1.5.2 allows ...)
+CVE-2008-4647
 	NOT-FOR-US: sweetCMS
-CVE-2008-4646 (The Websense Reporter Module in Websense Enterprise 6.3.2 stores the ...)
+CVE-2008-4646
 	NOT-FOR-US: Websense Enterprise
-CVE-2008-4645 (plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier ...)
+CVE-2008-4645
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-4644 (hits.php in myWebland myStats allows remote attackers to bypass IP ...)
+CVE-2008-4644
 	NOT-FOR-US: myWebland myStats
-CVE-2008-4643 (SQL injection vulnerability in hits.php in myWebland myStats allows ...)
+CVE-2008-4643
 	NOT-FOR-US: myWebland myStats
-CVE-2008-4642 (SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows ...)
+CVE-2008-4642
 	NOT-FOR-US: AstroSPACES
-CVE-2008-4641 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and ...)
+CVE-2008-4641
 	- jhead 2.84-2 (low; bug #503645)
-CVE-2008-4640 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and ...)
+CVE-2008-4640
 	- jhead 2.85-1 (unimportant; bug #504194)
 	NOTE: no issue, jhead is just unlinking the output file if it already exists, this is not following symlinks
-CVE-2008-4639 (jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users ...)
+CVE-2008-4639
 	- jhead 2.84-1 (low)
-CVE-2008-4638 (qioadmin in the Quick I/O for Database feature in Symantec Veritas ...)
+CVE-2008-4638
 	NOT-FOR-US: Symantec VxFS
-CVE-2008-4637 (Cross-site scripting (XSS) vulnerability in cpCommerce before 1.2.4 ...)
+CVE-2008-4637
 	NOT-FOR-US: cpCommerce
-CVE-2008-4636 (yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux ...)
+CVE-2008-4636
 	NOT-FOR-US: SUSE Linux and Novell Linux (yast2-backup)
-CVE-2008-4635 (Unspecified vulnerability in Hisanaga Electric Co, Ltd. hisa_cart 1.29 ...)
+CVE-2008-4635
 	NOT-FOR-US: XOOPS module
-CVE-2008-4634 (Cross-site scripting (XSS) vulnerability in Movable Type 4 through ...)
+CVE-2008-4634
 	- movabletype-opensource 4.2.1-3 (low; bug #503114)
-CVE-2008-4633 (SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x ...)
+CVE-2008-4633
 	NOT-FOR-US: Node Vote
-CVE-2008-4632 (Multiple directory traversal vulnerabilities in index.php in Kure ...)
+CVE-2008-4632
 	NOT-FOR-US: Kure
-CVE-2008-4631 (Stack-based buffer overflow in the Message::AddToString function in ...)
+CVE-2008-4631
 	NOT-FOR-US: MUSCLE, NOTE this is not the multiple alignment program for protein sequences in Debian
-CVE-2008-4630 (Multiple unspecified vulnerabilities in Midgard Components (MidCOM) ...)
+CVE-2008-4630
 	NOT-FOR-US: Midgard Components Framework
-CVE-2008-4629 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0 ...)
+CVE-2008-4629
 	NOT-FOR-US: Usagi Project MyNETS
-CVE-2008-4628 (SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 ...)
+CVE-2008-4628
 	NOT-FOR-US: myWebland miniBloggie
-CVE-2008-4627 (SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab ...)
+CVE-2008-4627
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-4626 (Directory traversal vulnerability in index.php in Fritz Berger yet ...)
+CVE-2008-4626
 	NOT-FOR-US: yappa-ng
-CVE-2008-4625 (SQL injection vulnerability in stnl_iframe.php in the ShiftThis ...)
+CVE-2008-4625
 	NOT-FOR-US: st_newsletter plugin for WordPress
-CVE-2008-4624 (PHP remote file inclusion vulnerability in init.php in Fast Click SQL ...)
+CVE-2008-4624
 	NOT-FOR-US: Fast Click SQL Lite
-CVE-2008-4623 (SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) ...)
+CVE-2008-4623
 	NOT-FOR-US: DS-Syndicate
-CVE-2008-4622 (The isLoggedIn function in fastnews-code.php in phpFastNews 1.0.0 ...)
+CVE-2008-4622
 	NOT-FOR-US: phpFastNews
-CVE-2008-4621 (SQL injection vulnerability in bannerclick.php in ZeeScripts ...)
+CVE-2008-4621
 	NOT-FOR-US: ZeeScripts Zeeproperty
-CVE-2008-4620 (SQL injection vulnerability in Meeting Room Booking System (MRBS) ...)
+CVE-2008-4620
 	NOT-FOR-US: Meeting Room Booking System
-CVE-2008-4619 (The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a ...)
+CVE-2008-4619
 	NOT-FOR-US: Sun Solaris
-CVE-2008-4618 (The Stream Control Transmission Protocol (sctp) implementation in the ...)
+CVE-2008-4618
 	{DSA-1681-1}
 	- linux-2.6 2.6.26-10
 	[etch] - linux-2.6 <not-affected>
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 	NOTE: ba0166708ef4da7eeb61dd92bbba4d5a749d6561
-CVE-2008-4617 (SQL injection vulnerability in the actualite module 1.0 for Joomla! ...)
+CVE-2008-4617
 	NOT-FOR-US: actualite module for Joomla!
-CVE-2008-4616 (The SpamBam plugin for WordPress allows remote attackers to bypass ...)
+CVE-2008-4616
 	NOT-FOR-US: SpamBam plugin for WordPress
-CVE-2008-4615 (Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has ...)
+CVE-2008-4615
 	NOT-FOR-US: PortalApp
-CVE-2008-4614 (PortalApp 4.0 does not require authentication for (1) forums.asp and ...)
+CVE-2008-4614
 	NOT-FOR-US: PortalApp
-CVE-2008-4613 (SQL injection vulnerability in forums.asp in PortalApp 4.0 allows ...)
+CVE-2008-4613
 	NOT-FOR-US: PortalApp
-CVE-2008-4612 (Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows ...)
+CVE-2008-4612
 	NOT-FOR-US: PortalApp
-CVE-2008-4611 (SQL injection vulnerability in index.php in PHP Arsivimiz Php ...)
+CVE-2008-4611
 	NOT-FOR-US: PHP Arsivimiz Php Ziyaretci Defteri
-CVE-2008-4610 (MPlayer allows remote attackers to cause a denial of service ...)
+CVE-2008-4610
 	{DTSA-181-1}
 	- mplayer 1.0~rc2-20 (bug #407010)
 	NOTE: only the aac issue affected mplayer because it built against a copy of faad
@@ -6168,7 +6168,7 @@ CVE-2008-4610 (MPlayer allows remote attackers to cause a denial of service ...)
 	- xmovie <removed> (unimportant)
 	NOTE: just a crasher, no security implications known so far
 	NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
-CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...)
+CVE-2008-4609
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
@@ -6180,104 +6180,104 @@ CVE-2008-4608
 	REJECTED
 CVE-2008-4607
 	REJECTED
-CVE-2008-4606 (Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow ...)
+CVE-2008-4606
 	NOT-FOR-US: IP Reg
-CVE-2008-4605 (SQL injection vulnerability in CafeEngine allows remote attackers to ...)
+CVE-2008-4605
 	NOT-FOR-US: CafeEngine
-CVE-2008-4604 (SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows ...)
+CVE-2008-4604
 	NOT-FOR-US: CafeEngine
-CVE-2008-4603 (SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 ...)
+CVE-2008-4603
 	NOT-FOR-US: iGaming CM
-CVE-2008-4602 (Directory traversal vulnerability in index.php in Post Affiliate Pro ...)
+CVE-2008-4602
 	NOT-FOR-US: Post Affiliate Pro
-CVE-2008-4601 (Cross-site scripting (XSS) vulnerability in the login feature in ...)
+CVE-2008-4601
 	NOT-FOR-US: Habari CMS
-CVE-2008-4600 (configure.php in PokerMax Poker League Tournament Script 0.13 allows ...)
+CVE-2008-4600
 	NOT-FOR-US: PokerMax Poker League Tournament Script
-CVE-2008-4599 (SQL injection vulnerability in category.php in Mosaic Commerce allows ...)
+CVE-2008-4599
 	NOT-FOR-US: Mosaic Commerce
-CVE-2008-4598 (Unspecified vulnerability in Shindig-Integrator 5.x, a module for ...)
+CVE-2008-4598
 	NOT-FOR-US: Shindig-Integrator module for Drupal
-CVE-2008-4597 (Shindig-Integrator 5.x, a module for Drupal, does not properly ...)
+CVE-2008-4597
 	NOT-FOR-US: Shindig-Integrator module for Drupal
-CVE-2008-4596 (Cross-site scripting (XSS) vulnerability in Shindig-Integrator 5.x, a ...)
+CVE-2008-4596
 	NOT-FOR-US: Shindig-Integrator module for Drupal
-CVE-2008-4595 (Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus ...)
+CVE-2008-4595
 	NOT-FOR-US: Slaytanic Scripts Content Plus
-CVE-2008-4594 (Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N ...)
+CVE-2008-4594
 	NOT-FOR-US: Linksys WAP4400N firmware
-CVE-2008-4593 (Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled ...)
+CVE-2008-4593
 	NOT-FOR-US: Apple iPhone 2.1 with firmware 5F136
-CVE-2008-4654 (Stack-based buffer overflow in the parse_master function in the Ty ...)
+CVE-2008-4654
 	- vlc 1.0.3-1 (low; bug #502726)
 	[etch] - vlc <not-affected> (introduced in 0.9.0)
 	[lenny] - vlc <not-affected> (introduced in 0.9.0)
-CVE-2008-4686 (Multiple integer overflows in ty.c in the TY demux plugin (aka the ...)
+CVE-2008-4686
 	{DSA-1819-1 DTSA-175-1}
 	- vlc 0.8.6.h-4.1 (medium; bug #503118)
-CVE-2008-4687 (manage_proj_page.php in Mantis before 1.1.4 allows remote ...)
+CVE-2008-4687
 	- mantis 1.1.2+dfsg-7 (medium; bug #502728)
 	NOTE: only registered users can perform this
-CVE-2008-4592 (Directory traversal vulnerability in index.php in Sports Clubs Web ...)
+CVE-2008-4592
 	NOT-FOR-US: Sports Clubs Web Panel
-CVE-2008-4591 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-4591
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-4590 (Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote ...)
+CVE-2008-4590
 	NOT-FOR-US: Stash
-CVE-2008-4589 (Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo ...)
+CVE-2008-4589
 	NOT-FOR-US: Lenovo Rescue and Recovery
-CVE-2008-4588 (Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, ...)
+CVE-2008-4588
 	NOT-FOR-US: Etype Eserv
-CVE-2008-4587 (Insecure method vulnerability in the ...)
+CVE-2008-4587
 	NOT-FOR-US: Macrovision FLEXnet Connect
-CVE-2008-4586 (Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ...)
+CVE-2008-4586
 	NOT-FOR-US: Macrovision FLEXnet Connect
-CVE-2008-4585 (Belong Software Site Builder 0.1 beta allows remote attackers to ...)
+CVE-2008-4585
 	NOT-FOR-US: Software Site Builder
-CVE-2008-4584 (Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control ...)
+CVE-2008-4584
 	NOT-FOR-US: Chilkat Mail
-CVE-2008-4583 (Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component ...)
+CVE-2008-4583
 	NOT-FOR-US: Chilkat FTP
-CVE-2008-4582 (Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and ...)
+CVE-2008-4582
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel 3.0.4-1
 	- iceape 1.1.13-1
 	- icedove 2.0.0.19-1
-CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release ...)
+CVE-2008-4581
 	NOT-FOR-US: IBM ENOVIA SmarTeam
-CVE-2008-4580 (fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows ...)
+CVE-2008-4580
 	- redhat-cluster 2.20080801-1 (low; bug #496410)
 	[etch] - redhat-cluster <no-dsa> (Minor issue)
 	NOTE: already fixed in lenny
-CVE-2008-4579 (The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) ...)
+CVE-2008-4579
 	- redhat-cluster 2.20081102-1 (low; bug #496410)
 	[lenny] - redhat-cluster 2.20080801-4+lenny1
 	[etch] - redhat-cluster <no-dsa> (Minor issue)
-CVE-2008-4578 (The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass ...)
+CVE-2008-4578
 	- dovecot 1:1.1.9-1 (low; bug #502967)
 	[etch] - dovecot <no-dsa> (Minor issue)
 	[lenny] - dovecot <no-dsa> (Minor issue)
-CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access rights ...)
+CVE-2008-4577
 	- dovecot 1:1.0.15-2.2 (low; bug #502967)
 	[etch] - dovecot <no-dsa> (Minor issue)
-CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause ...)
+CVE-2008-4576
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-9
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4575 (Buffer overflow in the DoCommand function in jhead before 2.84 might ...)
+CVE-2008-4575
 	- jhead 2.84-1 (bug #502353; low)
-CVE-2008-4571 (Cross-site scripting (XSS) vulnerability in the LiveSearch module in ...)
+CVE-2008-4571
 	- plone3 3.0.4-1 (low)
-CVE-2008-4569 (SQL injection vulnerability in xlacomments.asp in XIGLA Software ...)
+CVE-2008-4569
 	NOT-FOR-US: XIGLA Software Absolute Poll Manager
-CVE-2008-4574 (SQL injection vulnerability in default.asp in Ayco Okul Portali allows ...)
+CVE-2008-4574
 	NOT-FOR-US: Ayco Okul Portali
-CVE-2008-4573 (SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal ...)
+CVE-2008-4573
 	NOT-FOR-US: MunzurSoft Wep Portal W3
-CVE-2008-4572 (GuildFTPd 0.999.14, and possibly other versions, allows remote ...)
+CVE-2008-4572
 	NOT-FOR-US: GuildFTPd
-CVE-2008-4570 (SQL injection vulnerability in index.php in Real Estate Classifieds ...)
+CVE-2008-4570
 	NOT-FOR-US: Real Estate Classifieds
 CVE-2008-4568
 	RESERVED
@@ -6287,668 +6287,668 @@ CVE-2008-4566
 	RESERVED
 CVE-2008-4565
 	RESERVED
-CVE-2008-4564 (Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK ...)
+CVE-2008-4564
 	NOT-FOR-US: Autonomy KeyView SDK
-CVE-2008-4563 (Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the ...)
+CVE-2008-4563
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2008-4562 (Buffer overflow in the ovlaunch CGI program in HP OpenView Network ...)
+CVE-2008-4562
 	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2008-4561
 	RESERVED
-CVE-2008-4560 (HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows ...)
+CVE-2008-4560
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-4559 (HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows ...)
+CVE-2008-4559
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-4557 (plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 ...)
+CVE-2008-4557
 	NOT-FOR-US: CuteNews.ru
-CVE-2008-4556 (Stack-based buffer overflow in the adm_build_path function in sadmind ...)
+CVE-2008-4556
 	NOT-FOR-US: Sun Solstice AdminSuite
-CVE-2008-4555 (Stack-based buffer overflow in the push_subg function in parser.y ...)
+CVE-2008-4555
 	- graphviz 2.20.2-3 (low)
 	[etch] - graphviz 2.8-3+etch1
 	NOTE: minor issue fixed in etch r6 point update
-CVE-2008-4554 (The do_splice_from function in fs/splice.c in the Linux kernel before ...)
+CVE-2008-4554
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-9
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4553 (qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...)
+CVE-2008-4553
 	{DSA-1657-1}
 	- qemu 0.9.1-6 (low; bug #496394)
-CVE-2008-4552 (The good_client function in nfs-utils 1.0.9, and possibly other ...)
+CVE-2008-4552
 	- nfs-utils 1:1.1.3-1
 	[lenny] - nfs-utils 1:1.1.2-6lenny1
 	[etch] - nfs-utils <no-dsa> (Minor issue)
-CVE-2008-4551 (strongSwan 4.2.6 and earlier allows remote attackers to cause a denial ...)
+CVE-2008-4551
 	- strongswan 4.2.4-5 (bug #502676)
 	[etch] - strongswan <not-affected> (Vulnerable code not present)
 CVE-2008-4550
 	RESERVED
-CVE-2008-4549 (The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ...)
+CVE-2008-4549
 	NOT-FOR-US: ImageShack Toolbar ActiveX control
-CVE-2008-4548 (Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control ...)
+CVE-2008-4548
 	NOT-FOR-US: PTZCamPanelCtrl ActiveX control
-CVE-2008-4547 (Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control ...)
+CVE-2008-4547
 	NOT-FOR-US: DVRHOST Web CMS
-CVE-2008-4546 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2008-4546
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4558 (Array index error in VLC media player 0.9.2 allows remote attackers to ...)
+CVE-2008-4558
 	- vlc 0.9.3-1 (medium; bug #502314)
 	[etch] - vlc <not-affected> (introduced in 0.9.0)
 	[lenny] - vlc <not-affected> (introduced in 0.9.0)
-CVE-2008-4545 (Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x ...)
+CVE-2008-4545
 	NOT-FOR-US: Cisco
-CVE-2008-4544 (Unspecified vulnerability in an unspecified Microsoft API, as used by ...)
+CVE-2008-4544
 	NOT-FOR-US: Microsoft
-CVE-2008-4543 (Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x ...)
+CVE-2008-4543
 	NOT-FOR-US: Cisco
-CVE-2008-4542 (Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before ...)
+CVE-2008-4542
 	NOT-FOR-US: Cisco
-CVE-2008-4541 (Heap-based buffer overflow in the FTP subsystem in Sun Java System Web ...)
+CVE-2008-4541
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2008-4540 (Windows Mobile 6 on the HTC Hermes device makes WLAN passwords ...)
+CVE-2008-4540
 	NOT-FOR-US: Windows Mobile
-CVE-2008-4539 (Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM ...)
+CVE-2008-4539
 	{DSA-1799-1}
 	- qemu 0.9.1+svn20081101-1 (low; bug #526040)
 	[etch] - qemu <not-affected> (Vulnerable code not present)
 CVE-2008-4538
 	RESERVED
-CVE-2008-4537 (Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and ...)
+CVE-2008-4537
 	NOT-FOR-US: EC-CUBE
-CVE-2008-4536 (Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and ...)
+CVE-2008-4536
 	NOT-FOR-US: EC-CUBE
-CVE-2008-4535 (Cross-site scripting (XSS) vulnerability in EC-CUBE Ver2 2.1.2a and ...)
+CVE-2008-4535
 	NOT-FOR-US: EC-CUBE
-CVE-2008-4534 (SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and ...)
+CVE-2008-4534
 	NOT-FOR-US: EC-CUBE
-CVE-2008-5299 (chm2pdf 0.9 allows user-assisted local users to delete arbitrary files ...)
+CVE-2008-5299
 	- chm2pdf 0.9.1-1.1 (low; bug #501959)
-CVE-2008-5298 (chm2pdf 0.9 uses temporary files in directories with fixed names, ...)
+CVE-2008-5298
 	- chm2pdf 0.9.1-1.1 (low; bug #501959)
-CVE-2008-4533 (Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and ...)
+CVE-2008-4533
 	NOT-FOR-US: Kantan WEB Server
-CVE-2008-4532 (Cross-site scripting (XSS) vulnerability in index.php in MaxiScript ...)
+CVE-2008-4532
 	NOT-FOR-US: MaxiScript Website Directory
-CVE-2008-4531 (SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a ...)
+CVE-2008-4531
 	NOT-FOR-US: Brilliant Gallery (drupal module)
-CVE-2008-4530 (Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x ...)
+CVE-2008-4530
 	NOT-FOR-US: Brilliant Gallery (drupal module)
-CVE-2008-4529 (Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha ...)
+CVE-2008-4529
 	NOT-FOR-US: asiCMS
-CVE-2008-4528 (Directory traversal vulnerability in notes.php in Phlatline's Personal ...)
+CVE-2008-4528
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4527 (SQL injection vulnerability in recept.php in the Recepies (Recept) ...)
+CVE-2008-4527
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-4526 (Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote ...)
+CVE-2008-4526
 	NOT-FOR-US: CCMS
-CVE-2008-4525 (SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows ...)
+CVE-2008-4525
 	NOT-FOR-US: AmpJuke
-CVE-2008-4524 (SQL injection vulnerability in the &quot;Check User&quot; feature ...)
+CVE-2008-4524
 	NOT-FOR-US: AdaptCMS
-CVE-2008-4523 (SQL injection vulnerability in login.php in IP Reg 0.4 and earlier ...)
+CVE-2008-4523
 	NOT-FOR-US: IP Reg
-CVE-2008-4522 (Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio ...)
+CVE-2008-4522
 	NOT-FOR-US: JMweb MP3 Music Audio Search and Download Script
-CVE-2008-4521 (SQL injection vulnerability in thisraidprogress.php in the World of ...)
+CVE-2008-4521
 	NOT-FOR-US: World of Warcraft tracker
-CVE-2008-4520 (Cross-site scripting (XSS) vulnerability in bulk_update.pl in ...)
+CVE-2008-4520
 	NOT-FOR-US: AutoNessus
-CVE-2008-4519 (Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 ...)
+CVE-2008-4519
 	NOT-FOR-US: Fastpublish CMS
-CVE-2008-4518 (Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d ...)
+CVE-2008-4518
 	NOT-FOR-US: Fastpublish CMS
-CVE-2008-4517 (SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows ...)
+CVE-2008-4517
 	NOT-FOR-US: geccBBlite
-CVE-2008-4516 (SQL injection vulnerability in galerie.php in Galerie 3.2 allows ...)
+CVE-2008-4516
 	NOT-FOR-US: Galerie
-CVE-2008-4515 (Blue Coat K9 Web Protection 4.0.230 Beta relies on client-side ...)
+CVE-2008-4515
 	NOT-FOR-US: Blue Coat K9 Web Protection
-CVE-2008-4514 (The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to ...)
+CVE-2008-4514
 	- kdebase <unfixed> (unimportant)
 	NOTE: browser crash is a non-issue
-CVE-2008-4513 (Cross-site scripting (XSS) vulnerability in BBcode API module in ...)
+CVE-2008-4513
 	NOT-FOR-US: Phorum
-CVE-2008-4512 (ASP/MS Access Shoutbox, probably 1.1 beta, stores db/shoutdb.mdb under ...)
+CVE-2008-4512
 	NOT-FOR-US: ASP/MS Access Shoutbox
-CVE-2008-4511 (Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb ...)
+CVE-2008-4511
 	NOT-FOR-US: Todd Woolums ASP News Management
-CVE-2008-4510 (Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier ...)
+CVE-2008-4510
 	NOT-FOR-US: Microsoft
-CVE-2008-4509 (Unrestricted file upload vulnerability in processFiles.php in FOSS ...)
+CVE-2008-4509
 	NOT-FOR-US: FOSS Gallery
-CVE-2008-4508 (Stack-based buffer overflow in the file parsing function in Tonec ...)
+CVE-2008-4508
 	NOT-FOR-US: Tonec Internet Download Manager
-CVE-2008-4507 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 ...)
+CVE-2008-4507
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-4506 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 ...)
+CVE-2008-4506
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-4505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 ...)
+CVE-2008-4505
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-4504 (Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD ...)
+CVE-2008-4504
 	NOT-FOR-US: Herosoft Inc. Hero DVD Player
-CVE-2008-4503 (The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier ...)
+CVE-2008-4503
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4482 (The XML parser in Xerces-C++ before 3.0.0 allows context-dependent ...)
+CVE-2008-4482
 	- xerces-c2 <unfixed> (unimportant; bug #502102)
 	NOTE: Hardly a security issue, anyone who's concerned about this should use Xerces 3
-CVE-2008-4480 (Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x ...)
+CVE-2008-4480
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-4479 (Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 ...)
+CVE-2008-4479
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-4478 (Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 ...)
+CVE-2008-4478
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-4473 (Multiple heap-based buffer overflows in Adobe Flash CS3 Professional ...)
+CVE-2008-4473
 	NOT-FOR-US: Flash CS3 Professional
-CVE-2008-4502 (Multiple PHP remote file inclusion vulnerabilities in DataFeedFile ...)
+CVE-2008-4502
 	NOT-FOR-US: DataFeedFile PHP Framework API
-CVE-2008-4501 (Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 ...)
+CVE-2008-4501
 	NOT-FOR-US: Serv-U
-CVE-2008-4500 (Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote ...)
+CVE-2008-4500
 	NOT-FOR-US: Serv-U
-CVE-2008-4499 (Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b ...)
+CVE-2008-4499
 	NOT-FOR-US: PHP Web Explorer
-CVE-2008-4498 (SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 ...)
+CVE-2008-4498
 	NOT-FOR-US: PHP Autos
-CVE-2008-4497 (SQL injection vulnerability in event_detail.php in Built2Go Real ...)
+CVE-2008-4497
 	NOT-FOR-US: Built2Go Real Estate Listings
-CVE-2008-4496 (SQL injection vulnerability in view_cat.php in PHP Realtor 1.5 allows ...)
+CVE-2008-4496
 	NOT-FOR-US: PHP Realtor
-CVE-2008-4495 (SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 ...)
+CVE-2008-4495
 	NOT-FOR-US: PHP Auto Dealer
-CVE-2008-4494 (SQL injection vulnerability in completed-advance.php in TorrentTrader ...)
+CVE-2008-4494
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2008-4493 (Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as ...)
+CVE-2008-4493
 	NOT-FOR-US: PicturePusher ActiveX
-CVE-2008-4492 (SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows ...)
+CVE-2008-4492
 	NOT-FOR-US: YourOwnBux
-CVE-2008-4491 (Apple Mail.app 3.5 on Mac OS X, when &quot;Store draft messages on the ...)
+CVE-2008-4491
 	NOT-FOR-US: Mac OS
-CVE-2008-4490 (Directory traversal vulnerability in config.inc.php in phpAbook 0.8.8b ...)
+CVE-2008-4490
 	NOT-FOR-US: phpAbook
-CVE-2008-4489 (Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 ...)
+CVE-2008-4489
 	NOT-FOR-US: Atarone CMS
-CVE-2008-4488 (Cross-site scripting (XSS) vulnerability in ap-pages.php in Atarone ...)
+CVE-2008-4488
 	NOT-FOR-US: Atarone CMS
-CVE-2008-4487 (SQL injection vulnerability in ap-save.php in Atarone CMS 1.2.0 allows ...)
+CVE-2008-4487
 	NOT-FOR-US: Atarone CMS
-CVE-2008-4486 (Directory traversal vulnerability in index.php in SAC.php (SACphp), as ...)
+CVE-2008-4486
 	NOT-FOR-US: SACphp
-CVE-2008-4485 (Cross-site scripting (XSS) vulnerability in the ICAP patience page in ...)
+CVE-2008-4485
 	NOT-FOR-US: Blue Coat Security Gateway OS
-CVE-2008-4484 (main.php in Crux Gallery 1.32 and earlier allows remote attackers to ...)
+CVE-2008-4484
 	NOT-FOR-US: Crux Gallery
-CVE-2008-4483 (Directory traversal vulnerability in index.php in Crux Gallery 1.32 ...)
+CVE-2008-4483
 	NOT-FOR-US: Crux Gallery
-CVE-2008-4481 (Cross-site scripting (XSS) vulnerability in Redmine 0.7.2 and earlier ...)
+CVE-2008-4481
 	NOT-FOR-US: Redmine
-CVE-2008-4472 (The UpdateEngine class in the LiveUpdate ActiveX control ...)
+CVE-2008-4472
 	NOT-FOR-US: LiveUpdate ActiveX
-CVE-2008-4471 (Directory traversal vulnerability in the CExpressViewerControl class ...)
+CVE-2008-4471
 	NOT-FOR-US: DWF Viewer ActiveX
-CVE-2008-4470 (Stack-based buffer overflow in Numark CUE 5.0 rev2 allows ...)
+CVE-2008-4470
 	NOT-FOR-US: Numark
-CVE-2008-4469 (SQL injection vulnerability in view_cresume.php in Vastal I-Tech ...)
+CVE-2008-4469
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4468 (SQL injection vulnerability in view_news.php in Vastal I-Tech Share ...)
+CVE-2008-4468
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4467 (SQL injection vulnerability in show_series_ink.php in Vastal I-Tech ...)
+CVE-2008-4467
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4466 (SQL injection vulnerability in view_products_cat.php in Vastal I-Tech ...)
+CVE-2008-4466
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4465 (SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone ...)
+CVE-2008-4465
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4464 (SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone ...)
+CVE-2008-4464
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4463 (SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs ...)
+CVE-2008-4463
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4462 (SQL injection vulnerability in view_news.php in Vastal I-Tech Visa ...)
+CVE-2008-4462
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4461 (SQL injection vulnerability in advanced_search_results.php in Vastal ...)
+CVE-2008-4461
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4460 (SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone ...)
+CVE-2008-4460
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4459 (SQL injection vulnerability in pick_users.php in the groups module in ...)
+CVE-2008-4459
 	NOT-FOR-US: eXtrovert Thyme
-CVE-2008-4458 (SQL injection vulnerability in listings.php in E-Php B2B Trading ...)
+CVE-2008-4458
 	NOT-FOR-US: E-Php B2B Trading Marketplace Script
-CVE-2008-4457 (SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal ...)
+CVE-2008-4457
 	NOT-FOR-US: MemHT Portal
-CVE-2008-4456 (Cross-site scripting (XSS) vulnerability in the command-line client in ...)
+CVE-2008-4456
 	{DSA-1783-1}
 	- mysql-dfsg-5.0 5.0.51-1 (low; bug #526254)
-CVE-2008-4455 (Directory traversal vulnerability in index.php in EKINdesigns MySQL ...)
+CVE-2008-4455
 	NOT-FOR-US: EKINdesigns MySQL Quick Admin
-CVE-2008-4454 (Directory traversal vulnerability in EKINdesigns MySQL Quick Admin ...)
+CVE-2008-4454
 	NOT-FOR-US: EKINdesigns MySQL Quick Admin
-CVE-2008-4453 (The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ...)
+CVE-2008-4453
 	NOT-FOR-US: ActiveX control
-CVE-2008-4452 (Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 ...)
+CVE-2008-4452
 	NOT-FOR-US: Cambridge Computer Corporation vxFtpSrv
-CVE-2008-4451 (The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET ...)
+CVE-2008-4451
 	NOT-FOR-US: ESET System Analyzer Tool
-CVE-2008-4450 (Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for ...)
+CVE-2008-4450
 	NOT-FOR-US: XAMPP
-CVE-2008-4449 (Stack-based buffer overflow in mIRC 6.34 allows remote attackers to ...)
+CVE-2008-4449
 	NOT-FOR-US: mIRC
-CVE-2008-4448 (Cross-site request forgery (CSRF) vulnerability in actions.php in ...)
+CVE-2008-4448
 	NOT-FOR-US: Positive Software H-Sphere WebShell
-CVE-2008-4447 (Cross-site scripting (XSS) vulnerability in actions.php in Positive ...)
+CVE-2008-4447
 	NOT-FOR-US: Positive Software H-Sphere WebShell
-CVE-2008-4446 (Cross-site scripting (XSS) vulnerability in Nucleus EUC-JP 3.31 SP1 ...)
+CVE-2008-4446
 	NOT-FOR-US: Nucleus EUC-JP
-CVE-2008-4445 (The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream ...)
+CVE-2008-4445
 	{DSA-1655-1}
 	- linux-2.6 2.6.26-5
 	- linux-2.6.24 2.6.24-6~etchnhalf.6
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-4444 (Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware ...)
+CVE-2008-4444
 	NOT-FOR-US: Cisco Unified IP Phone
 CVE-2008-4443
 	RESERVED
 CVE-2008-4442
 	RESERVED
-CVE-2008-4441 (The Marvell driver for the Linksys WAP4400N Wi-Fi access point with ...)
+CVE-2008-4441
 	NOT-FOR-US: Linksys
-CVE-2008-4439 (PHP remote file inclusion vulnerability in admin/bin/patch.php in ...)
+CVE-2008-4439
 	NOT-FOR-US: MartinWood Datafeed Studio
-CVE-2008-4438 (Cross-site scripting (XSS) vulnerability in search.php in Datafeed ...)
+CVE-2008-4438
 	NOT-FOR-US: Datafeed Studio
-CVE-2008-4437 (Directory traversal vulnerability in importxml.pl in Bugzilla before ...)
+CVE-2008-4437
 	{DTSA-170-1}
 	- bugzilla 3.0.5.0-1 (low; bug #502019)
 	[etch] - bugzilla <no-dsa> (Minor issue)
-CVE-2008-4436 (SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog ...)
+CVE-2008-4436
 	NOT-FOR-US: bBlog
-CVE-2008-4435 (Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT ...)
+CVE-2008-4435
 	NOT-FOR-US: RMSOFT Downloads Plus
-CVE-2008-4434 (Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and ...)
+CVE-2008-4434
 	NOT-FOR-US: uTorrent/Bittorrent
-CVE-2008-4433 (SQL injection vulnerability in search.php in the RMSOFT MiniShop ...)
+CVE-2008-4433
 	NOT-FOR-US: RMSOFT MiniShop (xoops)
-CVE-2008-4432 (Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT ...)
+CVE-2008-4432
 	NOT-FOR-US: RMSOFT MiniShop (xoops)
-CVE-2008-4431 (SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and ...)
+CVE-2008-4431
 	NOT-FOR-US: IceBB
 CVE-2008-4430
 	REJECTED
-CVE-2008-4429 (Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 ...)
+CVE-2008-4429
 	NOT-FOR-US: SOURCENEXT Virus Security ZERO
-CVE-2008-4428 (Unrestricted file upload vulnerability in upload.php in Phlatline's ...)
+CVE-2008-4428
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4427 (changepassword.php in Phlatline's Personal Information Manager (pPIM) ...)
+CVE-2008-4427
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4426 (Cross-site scripting (XSS) vulnerability in events.php in Phlatline's ...)
+CVE-2008-4426
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4425 (Directory traversal vulnerability in upload.php in Phlatline's ...)
+CVE-2008-4425
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4424 (Cross-site scripting (XSS) vulnerability in index.php in Domain Group ...)
+CVE-2008-4424
 	NOT-FOR-US: Domain Group Network GooCMS
-CVE-2008-4423 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows ...)
+CVE-2008-4423
 	NOT-FOR-US: Ovidentia
 CVE-2008-4422
 	REJECTED
-CVE-2008-4421 (Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably ...)
+CVE-2008-4421
 	NOT-FOR-US: MetaGauge
-CVE-2008-4420 (Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in ...)
+CVE-2008-4420
 	NOT-FOR-US: DynaZip Max
-CVE-2008-4419 (Directory traversal vulnerability in the HP JetDirect web ...)
+CVE-2008-4419
 	NOT-FOR-US: HP-ChaiSOE
-CVE-2008-4418 (Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and ...)
+CVE-2008-4418
 	NOT-FOR-US: HP-UX
 CVE-2008-4417
 	REJECTED
-CVE-2008-4416 (Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows ...)
+CVE-2008-4416
 	NOT-FOR-US: HP-UX
-CVE-2008-4415 (Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 ...)
+CVE-2008-4415
 	NOT-FOR-US: HP Service Manager (HPSM)
-CVE-2008-4414 (Unspecified vulnerability in the AdvFS showfile command in HP Tru64 ...)
+CVE-2008-4414
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2008-4413 (Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 ...)
+CVE-2008-4413
 	NOT-FOR-US: HP System Management Homepage
-CVE-2008-4412 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2008-4412
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2008-4411 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2008-4411
 	NOT-FOR-US: HP System Management Homepage
-CVE-2008-4410 (The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the ...)
+CVE-2008-4410
 	- linux-2.6 2.6.26-8
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2008-4409 (libxml2 2.7.0 and 2.7.1 does not properly handle &quot;predefined entities ...)
+CVE-2008-4409
 	- libxml2 <not-affected>
 	[lenny] - libxml2 <not-affected> (Vulnerable code not present)
 	[etch] - libxml2 <not-affected> (Vulnerable code not present)
 	NOTE: The bug affects only to 2.7.0 and 2.7.1
-CVE-2008-4406 (A certain Debian patch to the run scripts for sabre (aka xsabre) ...)
+CVE-2008-4406
 	- sabre 0.2.4b-25 (low; bug #433996)
 	[etch] - sabre <no-dsa> (Game not qualified as multi-user system, thus minor issue)
-CVE-2008-4405 (xend in Xen 3.0.3 does not properly limit the contents of the ...)
+CVE-2008-4405
 	- xen-3 3.4.0-1 (bug #503811)
 	- xen-unstable <removed>
 	NOTE: a proposed patch leads to new problems, see CVE-2008-5716
-CVE-2008-4404 (The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM ...)
+CVE-2008-4404
 	NOT-FOR-US: IPv6 NDP on IBM zSeries
-CVE-2008-4403 (The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before ...)
+CVE-2008-4403
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-4402 (Multiple buffer overflows in CGI modules in the server in Trend Micro ...)
+CVE-2008-4402
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-4408 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, ...)
+CVE-2008-4408
 	{DTSA-171-1}
 	- mediawiki 1:1.13.2-1 (low; bug #501115)
 	[etch] - mediawiki <not-affected> (Vulnerable code not present)
-CVE-2008-4475 (ibackup 2.27 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4475
 	- ibackup <removed> (low; bug #496432)
 	[etch] - ibackup <no-dsa> (Minor issues)
-CVE-2008-4401 (ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not ...)
+CVE-2008-4401
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4400 (Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup ...)
+CVE-2008-4400
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4399 (Unspecified vulnerability in the database engine service in ...)
+CVE-2008-4399
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4398 (Unspecified vulnerability in the tape engine service in asdbapi.dll in ...)
+CVE-2008-4398
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4397 (Directory traversal vulnerability in the RPC interface (asdbapi.dll) ...)
+CVE-2008-4397
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4396 (Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and ...)
+CVE-2008-4396
 	NOT-FOR-US: Safer Networking FileAlyzer
-CVE-2008-4969 (ltp-network-test 20060918 allows local users to overwrite arbitrary ...)
+CVE-2008-4969
 	- ltp 20060918-3 (low; bug #496411)
 	[etch] - ltp <no-dsa> (Documented to be only suitable for single user setups currently)
-CVE-2008-4954 (mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files ...)
+CVE-2008-4954
 	- fml <removed> (low; bug #496370)
 	[etch] - fml <no-dsa> (Minor issue)
-CVE-2008-4957 (find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to ...)
+CVE-2008-4957
 	- gccxml 0.9.0+cvs20100501-1 (unimportant; bug #496391)
 	NOTE: Only applies to a script used for an obscure SGI compiler
-CVE-2008-4943 (bulmages-servers 0.11.1 allows local users to overwrite arbitrary ...)
+CVE-2008-4943
 	- bulmages <removed> (unimportant; bug #496382)
 	NOTE: Only present in example scripts
-CVE-2008-5034 (** DISPUTED ** ...)
+CVE-2008-5034
 	- printfilters-ppd <unfixed> (unimportant; bug #496417)
 	NOTE: Only exploitable when modifying master-filter by hand
-CVE-2008-4955 (freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary ...)
+CVE-2008-4955
 	- freevo <unfixed> (unimportant; bug #496373)
 	NOTE: Only exploitable when modifying script by hand
-CVE-2008-4974 (rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files ...)
+CVE-2008-4974
 	- netmrg 0.20-2 (low; bug #496384)
 	[etch] - netmrg <no-dsa> (Minor issue)
-CVE-2008-4960 (impose in impose+ 0.2 allows local users to overwrite arbitrary files ...)
+CVE-2008-4960
 	- impose+ 0.2-11.1 (low; bug #496435)
 	[etch] - impose+ <no-dsa> (Minor issue)
-CVE-2008-4964 (filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary ...)
+CVE-2008-4964
 	- konwert 1.8-11.2 (low; bug #496379)
 	[etch] - konwert <no-dsa> (Minor issue)
-CVE-2008-4986 (wims 3.62 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4986
 	- wims 3.62-13.1 (low; bug #496387)
 	[etch] - wims <no-dsa> (Minor issue)
-CVE-2008-4474 (freeradius-dialupadmin in freeradius 2.0.4 allows local users to ...)
+CVE-2008-4474
 	- freeradius 2.0.4+dfsg-6 (low; bug #496389)
 	[etch] - freeradius <no-dsa> (Minor issue)
-CVE-2008-4995 (redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary ...)
+CVE-2008-4995
 	- bk2site <removed> (unimportant; bug #496430)
 	NOTE: Only debug code, script needs to be edited to exploit this
-CVE-2008-4983 (scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4983
 	- scilab 4.1.2-6 (low; bug #496414)
 	[etch] - scilab <no-dsa> (Non-free not supported)
-CVE-2008-4395 (Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux ...)
+CVE-2008-4395
 	{DSA-1731-1}
 	- ndiswrapper 1.53-2 (medium; bug #504696)
-CVE-2008-4394 (Multiple untrusted search path vulnerabilities in Portage before ...)
+CVE-2008-4394
 	NOT-FOR-US: Gentoo package manager Portage
-CVE-2008-4393 (Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery ...)
+CVE-2008-4393
 	NOT-FOR-US: VeriSign Kontiki
-CVE-2008-4392 (dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent ...)
+CVE-2008-4392
 	- djbdns <removed> (high; bug #516394)
-CVE-2008-4391 (Stack-based buffer overflow in the SetSource method in the ...)
+CVE-2008-4391
 	NOT-FOR-US: Cisco Linksys WVC54GC
-CVE-2008-4390 (The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 ...)
+CVE-2008-4390
 	NOT-FOR-US: Cisco Linksys WVC54GC
-CVE-2008-4389 (Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x ...)
+CVE-2008-4389
 	NOT-FOR-US: Symantec AppStream
-CVE-2008-4388 (The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in ...)
+CVE-2008-4388
 	NOT-FOR-US: LaunchObj ActiveX
-CVE-2008-4387 (Unspecified vulnerability in the Simba MDrmSap ActiveX control in ...)
+CVE-2008-4387
 	NOT-FOR-US: ActiveX
 CVE-2008-4386
 	RESERVED
-CVE-2008-4385 (Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert ...)
+CVE-2008-4385
 	NOT-FOR-US: LLC Systems Requirements Lab
-CVE-2008-4384 (Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX ...)
+CVE-2008-4384
 	NOT-FOR-US: LPViewer ActiveX
-CVE-2008-4383 (Stack-based buffer overflow in the Agranet-Emweb embedded management ...)
+CVE-2008-4383
 	NOT-FOR-US: Agranet-Emweb
-CVE-2008-4382 (Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of ...)
+CVE-2008-4382
 	- kdebase <unfixed> (unimportant)
 	NOTE: browser dos not treated as security issue. This is the same like CVE-2008-4381
 	NOTE: which will work in every JS browser as the PoC just creates a large string passing
 	NOTE: it to alert and thus eating memory, no security issue.
-CVE-2008-4381 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...)
+CVE-2008-4381
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4380 (The web interface in Samsung DVR SHR2040 allows remote attackers to ...)
+CVE-2008-4380
 	NOT-FOR-US: Samsung DVR SHR2040
-CVE-2008-4379 (Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy ...)
+CVE-2008-4379
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-4378 (SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links ...)
+CVE-2008-4378
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-4377 (SQL injection vulnerability in index.asp in Creative Mind Creator CMS ...)
+CVE-2008-4377
 	NOT-FOR-US: Creative Mind Creator CMS
-CVE-2008-4376 (SQL injection vulnerability in index.php in Live TV Script allows ...)
+CVE-2008-4376
 	NOT-FOR-US: Live TV Script
-CVE-2008-4375 (SQL injection vulnerability in viewprofile.php in Availscript ...)
+CVE-2008-4375
 	NOT-FOR-US: Availscript
-CVE-2008-4374 (SQL injection vulnerability in index.php in CMS Buzz allows remote ...)
+CVE-2008-4374
 	NOT-FOR-US: CMS Buzz
-CVE-2008-4373 (SQL injection vulnerability in job_seeker/applynow.php in AvailScript ...)
+CVE-2008-4373
 	NOT-FOR-US: Availscript
-CVE-2008-4372 (Cross-site scripting (XSS) vulnerability in articles.php in ...)
+CVE-2008-4372
 	NOT-FOR-US: Availscript
-CVE-2008-4371 (SQL injection vulnerability in articles.php in AvailScript Article ...)
+CVE-2008-4371
 	NOT-FOR-US: Availscript
-CVE-2008-4370 (Multiple cross-site scripting (XSS) vulnerabilities in Availscript ...)
+CVE-2008-4370
 	NOT-FOR-US: Availscript
-CVE-2008-4369 (SQL injection vulnerability in pics.php in Availscript Photo Album ...)
+CVE-2008-4369
 	NOT-FOR-US: Availscript
-CVE-2008-4368 (The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and ...)
+CVE-2008-4368
 	NOT-FOR-US: Java on OSX
 CVE-2008-4367
 	RESERVED
-CVE-2008-4965 (liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite ...)
+CVE-2008-4965
 	{DTSA-177-1 DTSA-178-1}
 	- liquidsoap 0.3.8.1+2-2 (low; bug #496360)
 	[lenny] - liquidsoap 0.3.6-4+lenny1
-CVE-2008-4966 (linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary ...)
+CVE-2008-4966
 	- openswan 1:2.6.21+dfsg-2 (unimportant; bug #496376)
 	NOTE: Only unused packaging bits
-CVE-2008-4941 (arb-common 0.0.20071207.1 allows local users to overwrite arbitrary ...)
+CVE-2008-4941
 	- arb 0.0.20071207.1-5 (low; bug #496396)
-CVE-2008-4940 (xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary ...)
+CVE-2008-4940
 	- aptoncd 0.1-1.2 (bug #496390; low)
-CVE-2008-4947 (dhis-dummy-log-engine in dhis-server 5.3 allows local users to ...)
+CVE-2008-4947
 	- dhis-server 5.3-1.2 (bug #496388; unimportant)
-CVE-2008-4967 (linuxtrade 3.65 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4967
 	- linuxtrade <removed> (unimportant; bug #496372)
 	NOTE: unimportant since the program is dysfunctional with the current
 	NOTE: trading website and thus not exploitable for practical purposes
-CVE-2008-4980 (delqueueask in rccp 0.9 allows local users to overwrite arbitrary ...)
+CVE-2008-4980
 	- rccp 0.9-2.1 (low; bug #496364)
 	[etch] - rccp <no-dsa> (Minor issue)
-CVE-2008-4948 (fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary ...)
+CVE-2008-4948
 	- digitaldj 0.7.5-6.1 (low; bug #496399)
 	[etch] - digitaldj <no-dsa> (Minor issue)
-CVE-2008-4945 (amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite ...)
+CVE-2008-4945
 	- cdrw-taper 0.4-2.1 (low; bug #496380)
 	[etch] - cdrw-taper <no-dsa> (Minor issue)
-CVE-2008-4958 (gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via ...)
+CVE-2008-4958
 	- gdrae 0.1-1.1 (low; bug #496378)
 	[etch] - gdrae <no-dsa> (Minor issue)
-CVE-2008-4407 (XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create ...)
+CVE-2008-4407
 	- sabre 0.2.4b-25 (low; bug #433996)
 	[etch] - sabre <no-dsa> (Game not qualified as multi-user system, thus minor issue)
-CVE-2008-4366 (Unrestricted file upload vulnerability in the image upload component ...)
+CVE-2008-4366
 	NOT-FOR-US: Camera Life
-CVE-2008-4365 (Cross-site scripting (XSS) vulnerability in search.php in Siteman ...)
+CVE-2008-4365
 	NOT-FOR-US: Siteman
-CVE-2008-4364 (SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb ...)
+CVE-2008-4364
 	NOT-FOR-US: ParsaGostar ParsaWeb CMS
-CVE-2008-4363 (DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a ...)
+CVE-2008-4363
 	NOT-FOR-US: DESlock
-CVE-2008-4362 (The Virtual Token driver (vdlptokn.sys) 1.0.2.43 in DESlock+ 3.2.7 ...)
+CVE-2008-4362
 	NOT-FOR-US: DESlock
-CVE-2008-4361 (Directory traversal vulnerability in PowerPortal 2.0.13 allows remote ...)
+CVE-2008-4361
 	NOT-FOR-US: PowerPortal
-CVE-2008-4360 (mod_userdir in lighttpd before 1.4.20, when a case-insensitive ...)
+CVE-2008-4360
 	{DSA-1645-1}
 	- lighttpd 1.4.19-5 (low)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt
-CVE-2008-4359 (lighttpd before 1.4.20 compares URIs to patterns in the (1) ...)
+CVE-2008-4359
 	{DSA-1645-1}
 	- lighttpd 1.4.19-5 (low)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
-CVE-2008-4358 (Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP ...)
+CVE-2008-4358
 	NOT-FOR-US: SPAW Editor PHP
-CVE-2008-4357 (SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows ...)
+CVE-2008-4357
 	NOT-FOR-US: Powie pLink
-CVE-2008-4356 (Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 ...)
+CVE-2008-4356
 	NOT-FOR-US: Kasseler CMS
-CVE-2008-4355 (SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum ...)
+CVE-2008-4355
 	NOT-FOR-US: Powie PSCRIPT Forum
-CVE-2008-4354 (SQL injection vulnerability in the products module in NetArt Media ...)
+CVE-2008-4354
 	NOT-FOR-US: NetArt Media iBoutique
-CVE-2008-4353 (SQL injection vulnerability in link.php in Linkarity allows remote ...)
+CVE-2008-4353
 	NOT-FOR-US: Linkarity
-CVE-2008-4352 (SQL injection vulnerability in inc/pages/viewprofile.php in ...)
+CVE-2008-4352
 	NOT-FOR-US: phpSmartCom
-CVE-2008-4351 (Directory traversal vulnerability in index.php in phpSmartCom 0.2 ...)
+CVE-2008-4351
 	NOT-FOR-US: phpSmartCom
-CVE-2008-4350 (SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 ...)
+CVE-2008-4350
 	NOT-FOR-US: vbLOGIX Tutorial Script
-CVE-2008-4349 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
+CVE-2008-4349
 	NOT-FOR-US: s0nic Paranews
-CVE-2008-4348 (SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, ...)
+CVE-2008-4348
 	NOT-FOR-US: PHPortfolio
-CVE-2008-4347 (SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows ...)
+CVE-2008-4347
 	NOT-FOR-US: Powie pNews
-CVE-2008-4346 (Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows ...)
+CVE-2008-4346
 	NOT-FOR-US: TalkBack
-CVE-2008-4345 (SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and ...)
+CVE-2008-4345
 	NOT-FOR-US: WebPortal CMS
-CVE-2008-4344 (SQL injection vulnerability in cat.php in 6rbScript allows remote ...)
+CVE-2008-4344
 	NOT-FOR-US: 6rbScript
-CVE-2008-4343 (The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) ...)
+CVE-2008-4343
 	NOT-FOR-US: Chilkat XML ChilkatUtil.CkData.1 ActiveX control
-CVE-2008-4342 (NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX ...)
+CVE-2008-4342
 	NOT-FOR-US: ActiveX
-CVE-2008-4341 (add.php in MyBlog 0.9.8 and earlier allows remote attackers to bypass ...)
+CVE-2008-4341
 	NOT-FOR-US: MyBlog
-CVE-2008-4340 (Google Chrome 0.2.149.29 and 0.2.149.30 allows remote attackers to ...)
+CVE-2008-4340
 	- chromium-browser <not-affected> (only 0.x is affected)
 	- webkit <not-affected> (poc not effective)
-CVE-2008-4339 (Unspecified vulnerability in the Java Administration GUI (jnbSA) in ...)
+CVE-2008-4339
 	NOT-FOR-US: Symantec Veritas NetBackup Server
-CVE-2008-4338 (SQL injection vulnerability in the brilliant_gallery_checklist_save ...)
+CVE-2008-4338
 	NOT-FOR-US: drupal brilliant gallery 3rd party module
-CVE-2008-4337 (Cross-site scripting (XSS) vulnerability in Bitweaver 2.0.2 allows ...)
+CVE-2008-4337
 	NOT-FOR-US: Bitweaver
-CVE-2008-4336 (Cross-site scripting (XSS) vulnerability in album.php in Atomic Photo ...)
+CVE-2008-4336
 	NOT-FOR-US: Atomic Photo Album
-CVE-2008-4335 (SQL injection vulnerability in album.php in Atomic Photo Album (APA) ...)
+CVE-2008-4335
 	NOT-FOR-US: Atomic Photo Album
-CVE-2008-4334 (PHP infoBoard V.7 Plus allows remote attackers to bypass ...)
+CVE-2008-4334
 	NOT-FOR-US: PHP infoBoard
-CVE-2008-4333 (Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus ...)
+CVE-2008-4333
 	NOT-FOR-US: PHP infoBoard
-CVE-2008-4332 (SQL injection vulnerability in the showjavatopic function in func.php ...)
+CVE-2008-4332
 	NOT-FOR-US: PHP infoBoard
-CVE-2008-4331 (Directory traversal vulnerability in library/pagefunctions.inc.php in ...)
+CVE-2008-4331
 	NOT-FOR-US: phpOCS
-CVE-2008-4330 (Directory traversal vulnerability in index.php in LanSuite 3.3.2 ...)
+CVE-2008-4330
 	NOT-FOR-US: LanSuite
-CVE-2008-4329 (PHP remote file inclusion vulnerability in cms/system/openengine.php ...)
+CVE-2008-4329
 	NOT-FOR-US: openEngine
-CVE-2008-4328 (SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 ...)
+CVE-2008-4328
 	NOT-FOR-US: EasyRealtorPRO
-CVE-2008-4327 (gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly ...)
+CVE-2008-4327
 	NOT-FOR-US: Microsoft
-CVE-2008-4326 (The PMA_escapeJsString function in libraries/js_escape.lib.php in ...)
+CVE-2008-4326
 	{DSA-1675-1}
 	- phpmyadmin 4:2.11.8.1-3
-CVE-2008-4325 (lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the ...)
+CVE-2008-4325
 	- viewvc 1.0.9-1 (bug #500779; unimportant)
-CVE-2008-4324 (The user interface event dispatcher in Mozilla Firefox 3.0.3 on ...)
+CVE-2008-4324
 	- iceweasel <removed> (unimportant)
 	NOTE: reproducible but browser DoS not treated as security issue
-CVE-2008-4323 (Windows Explorer in Microsoft Windows XP SP3 allows user-assisted ...)
+CVE-2008-4323
 	NOT-FOR-US: Windows Explorer
-CVE-2008-4322 (Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin ...)
+CVE-2008-4322
 	NOT-FOR-US: Microsoft
-CVE-2008-4321 (Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP ...)
+CVE-2008-4321
 	NOT-FOR-US: FlashGet FTP
-CVE-2008-4320 (Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before ...)
+CVE-2008-4320
 	NOT-FOR-US: OpenNMS
-CVE-2008-4319 (fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 ...)
+CVE-2008-4319
 	NOT-FOR-US: Libra File Manager
-CVE-2008-4318 (Observer 0.3.2.1 and earlier allows remote attackers to execute ...)
+CVE-2008-4318
 	NOT-FOR-US: Observer
 CVE-2008-4317
 	REJECTED
-CVE-2008-4316 (Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow ...)
+CVE-2008-4316
 	{DSA-1747-1}
 	- glib2.0 2.20.0-1 (medium; bug #520046)
-CVE-2008-4315 (tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux ...)
+CVE-2008-4315
 	NOT-FOR-US: OpenPegasus
-CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to ...)
+CVE-2008-4314
 	- samba 2:3.2.5-1
 	[etch] - samba <not-affected> (Vulnerable code not present)
-CVE-2008-4313 (A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 ...)
+CVE-2008-4313
 	NOT-FOR-US: OpenPegasus
 CVE-2008-4312
 	REJECTED
-CVE-2008-4311 (The default configuration of system.conf in D-Bus (aka DBus) before ...)
+CVE-2008-4311
 	- dbus 1.2.1-5 (low; bug #508032)
 	[etch] - dbus <no-dsa> (Backport for Etch too risky for regressions for too little gain)
-CVE-2008-4310 (httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat ...)
+CVE-2008-4310
 	- ruby <not-affected> (bug #508030)
 	NOTE: Red Hat-specific
-CVE-2008-4309 (Integer overflow in the netsnmp_create_subtree_cache function in ...)
+CVE-2008-4309
 	{DSA-1663-1}
 	- net-snmp 5.4.1~dfsg-11 (bug #504150)
-CVE-2008-4308 (The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 ...)
+CVE-2008-4308
 	- tomcat5.5 5.5.23-1 (low)
-CVE-2008-4307 (Race condition in the do_setlk function in fs/nfs/file.c in the Linux ...)
+CVE-2008-4307
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-1
 	- linux-2.6.24 <removed>
-CVE-2008-4306 (Buffer overflow in enscript before 1.6.4 has unknown impact and attack ...)
+CVE-2008-4306
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-4305 (Static code injection vulnerability in installation/setup.php in ...)
+CVE-2008-4305
 	NOT-FOR-US: phpCollab
-CVE-2008-4304 (general/login.php in phpCollab 2.5 rc3 and earlier allows remote ...)
+CVE-2008-4304
 	NOT-FOR-US: phpCollab
-CVE-2008-4303 (Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and ...)
+CVE-2008-4303
 	NOT-FOR-US: phpCollab
-CVE-2008-4302 (fs/splice.c in the splice subsystem in the Linux kernel before ...)
+CVE-2008-4302
 	{DSA-1653-1}
 	- linux-2.6 2.6.22-4 (low)
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
-CVE-2008-4301 (** DISPUTED ** ...)
+CVE-2008-4301
 	NOT-FOR-US: Microsoft
-CVE-2008-4300 (A certain ActiveX control in adsiis.dll in Microsoft Internet ...)
+CVE-2008-4300
 	NOT-FOR-US: Microsoft
-CVE-2008-4299 (A certain ActiveX control in the Microsoft Internet Authentication ...)
+CVE-2008-4299
 	NOT-FOR-US: Microsoft
-CVE-2008-4297 (Mercurial before 1.0.2 does not enforce the allowpull permission ...)
+CVE-2008-4297
 	- mercurial 1.0.1-5.1 (low; bug #500781)
 	NOTE: the package doesnt install this script by default but ships it with the examples
 	[etch] - mercurial <no-dsa> (Only shipped in examples)
-CVE-2008-4296 (The Cisco Linksys WRT350N with firmware 1.0.3.7 has &quot;admin&quot; as its ...)
+CVE-2008-4296
 	NOT-FOR-US: Cisco Linksys WRT350N
-CVE-2008-4295 (Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices ...)
+CVE-2008-4295
 	NOT-FOR-US: Microsoft
-CVE-2008-4294 (IBM Tivoli Netcool/Webtop 2.1 before 2.1.0.5 preserves cached user ...)
+CVE-2008-4294
 	NOT-FOR-US: IBM Tivoli Netcool/Webtop
-CVE-2008-4293 (Unspecified vulnerability in Opera before 9.52 on Windows, when ...)
+CVE-2008-4293
 	NOT-FOR-US: Opera
-CVE-2008-4292 (Opera before 9.52 does not check the CRL override upon encountering a ...)
+CVE-2008-4292
 	NOT-FOR-US: Opera
 CVE-2008-4291
 	RESERVED
@@ -6962,21 +6962,21 @@ CVE-2008-4287
 	RESERVED
 CVE-2008-4286
 	RESERVED
-CVE-2008-4285 (Unspecified vulnerability in the Performance Monitoring Infrastructure ...)
+CVE-2008-4285
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-4284 (Open redirect vulnerability in the ibm_security_logout servlet in IBM ...)
+CVE-2008-4284
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-4283 (CRLF injection vulnerability in the WebContainer component in IBM ...)
+CVE-2008-4283
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2008-4282
 	RESERVED
-CVE-2008-4281 (Directory traversal vulnerability in VMWare ESXi 3.5 before ...)
+CVE-2008-4281
 	NOT-FOR-US: VMWare ESXi
 CVE-2008-4280
 	RESERVED
-CVE-2008-4279 (The CPU hardware emulation for 64-bit guest operating systems in ...)
+CVE-2008-4279
 	NOT-FOR-US: VMware Workstation
-CVE-2008-4278 (VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows ...)
+CVE-2008-4278
 	NOT-FOR-US: VMWare VirtualCenter
 CVE-2008-4277
 	REJECTED
@@ -6994,62 +6994,62 @@ CVE-2008-4271
 	REJECTED
 CVE-2008-4270
 	REJECTED
-CVE-2008-4269 (The search-ms protocol handler in Windows Explorer in Microsoft ...)
+CVE-2008-4269
 	NOT-FOR-US: Microsoft Windows Explorer
-CVE-2008-4268 (The Windows Search component in Microsoft Windows Vista Gold and SP1 ...)
+CVE-2008-4268
 	NOT-FOR-US: Microsoft Office Excel
 CVE-2008-4267
 	REJECTED
-CVE-2008-4266 (Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 ...)
+CVE-2008-4266
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-4265 (Microsoft Office Excel 2000 SP3 allows remote attackers to execute ...)
+CVE-2008-4265
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-4264 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+CVE-2008-4264
 	NOT-FOR-US: Microsoft Office Excel
 CVE-2008-4263
 	REJECTED
 CVE-2008-4262
 	REJECTED
-CVE-2008-4261 (Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 ...)
+CVE-2008-4261
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4260 (Microsoft Internet Explorer 7 sometimes attempts to access a deleted ...)
+CVE-2008-4260
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4259 (Microsoft Internet Explorer 7 sometimes attempts to access ...)
+CVE-2008-4259
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4258 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly ...)
+CVE-2008-4258
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-4257
 	REJECTED
-CVE-2008-4256 (The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual ...)
+CVE-2008-4256
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4255 (Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX ...)
+CVE-2008-4255
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4254 (Multiple integer overflows in the Hierarchical FlexGrid ActiveX ...)
+CVE-2008-4254
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4253 (The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual ...)
+CVE-2008-4253
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4252 (The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual ...)
+CVE-2008-4252
 	NOT-FOR-US: Microsoft Visual Basic
 CVE-2008-4251
 	REJECTED
-CVE-2008-4250 (The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
+CVE-2008-4250
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4249
 	REJECTED
 CVE-2008-4248
 	REJECTED
-CVE-2008-4246 (Unspecified vulnerability in Denora IRC Stats Server before 1.4.1 ...)
+CVE-2008-4246
 	NOT-FOR-US: Denora IRC Stats Server
-CVE-2008-4245 (The Admin Control Panel in Rianxosencabos CMS 0.9 does not require ...)
+CVE-2008-4245
 	NOT-FOR-US: Rianxosencabos CMS
-CVE-2008-4244 (Rianxosencabos CMS 0.9 allows remote attackers to bypass ...)
+CVE-2008-4244
 	NOT-FOR-US: Rianxosencabos CMS
-CVE-2008-4243 (Directory traversal vulnerability in ImageServer (aka UTImageServer) ...)
+CVE-2008-4243
 	NOT-FOR-US: Epic Games Unreal Tournament
-CVE-2008-4242 (ProFTPD 1.3.1 interprets long commands from an FTP client as multiple ...)
+CVE-2008-4242
 	{DSA-1689-1}
 	- proftpd-dfsg 1.3.1-15 (low; bug #502674)
-CVE-2008-4241 (SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows ...)
+CVE-2008-4241
 	NOT-FOR-US: CJ Ultra Plus
 CVE-2008-4240
 	RESERVED
@@ -7057,65 +7057,65 @@ CVE-2008-4239
 	RESERVED
 CVE-2008-4238
 	RESERVED
-CVE-2008-4237 (Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies ...)
+CVE-2008-4237
 	NOT-FOR-US: Managed Client Mac OS X
-CVE-2008-4236 (Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows ...)
+CVE-2008-4236
 	NOT-FOR-US: Apple Type Services
 CVE-2008-4235
 	RESERVED
-CVE-2008-4234 (Incomplete blacklist vulnerability in the Quarantine feature in ...)
+CVE-2008-4234
 	NOT-FOR-US: CoreTypes Apple Mac OS X
-CVE-2008-4233 (Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch ...)
+CVE-2008-4233
 	NOT-FOR-US: Apple
-CVE-2008-4232 (Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch ...)
+CVE-2008-4232
 	NOT-FOR-US: Safari
-CVE-2008-4231 (Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch ...)
+CVE-2008-4231
 	NOT-FOR-US: Apple
-CVE-2008-4230 (The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and ...)
+CVE-2008-4230
 	NOT-FOR-US: Apple
-CVE-2008-4229 (Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 ...)
+CVE-2008-4229
 	NOT-FOR-US: Apple
-CVE-2008-4228 (The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and ...)
+CVE-2008-4228
 	NOT-FOR-US: Apple
-CVE-2008-4227 (Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 ...)
+CVE-2008-4227
 	NOT-FOR-US: Apple
-CVE-2008-4226 (Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 ...)
+CVE-2008-4226
 	{DSA-1666-1}
 	- libxml2 2.6.32.dfsg-5
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2008-4225 (Integer overflow in the xmlBufferResize function in libxml2 2.7.2 ...)
+CVE-2008-4225
 	{DSA-1666-1}
 	- libxml2 2.6.32.dfsg-5
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2008-4224 (UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to ...)
+CVE-2008-4224
 	NOT-FOR-US: UDF Mac OS X
-CVE-2008-4223 (Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote ...)
+CVE-2008-4223
 	NOT-FOR-US: Podcast Producer Mac OS X
-CVE-2008-4222 (natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet ...)
+CVE-2008-4222
 	NOT-FOR-US: natd Mac OS X
-CVE-2008-4221 (The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows ...)
+CVE-2008-4221
 	NOT-FOR-US: Libsystem Mac OS X
-CVE-2008-4220 (Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS ...)
+CVE-2008-4220
 	NOT-FOR-US: Libsystem Mac OS X
-CVE-2008-4219 (The kernel in Apple Mac OS X before 10.5.6 allows local users to cause ...)
+CVE-2008-4219
 	NOT-FOR-US: kernel Mac OS X
-CVE-2008-4218 (Multiple integer overflows in the kernel in Apple Mac OS X before ...)
+CVE-2008-4218
 	NOT-FOR-US: kernel Mac OS X
-CVE-2008-4217 (Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows ...)
+CVE-2008-4217
 	NOT-FOR-US: BOM Apple Mac OS X
-CVE-2008-4216 (The plug-in interface in WebKit in Apple Safari before 3.2 does not ...)
+CVE-2008-4216
 	NOT-FOR-US: Safari
-CVE-2008-4215 (Weblog in Mac OS X Server 10.4.11 does not properly check an error ...)
+CVE-2008-4215
 	NOT-FOR-US: Weblog Mac OS X
-CVE-2008-4214 (Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and ...)
+CVE-2008-4214
 	NOT-FOR-US: Script Editor in Mac OS X
 CVE-2008-4213
 	RESERVED
-CVE-2008-4212 (Unspecified vulnerability in rlogind in the rlogin component in Mac OS ...)
+CVE-2008-4212
 	NOT-FOR-US: MacOS-only issue
-CVE-2008-4211 (Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and ...)
+CVE-2008-4211
 	NOT-FOR-US: QuickLook Mac OS X
-CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly strip ...)
+CVE-2008-4210
 	{DSA-1653-1}
 	- linux-2.6 2.6.22-1
 	- linux-2.6.24 <not-affected> (Vulnerable code not prsent)
@@ -7123,59 +7123,59 @@ CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly str
 	NOTE: directory that is setgid to the group he wants to get privileges for
 CVE-2008-4209
 	RESERVED
-CVE-2008-4208 (Unspecified vulnerability in OSADS Alliance Database before 2.1 has ...)
+CVE-2008-4208
 	NOT-FOR-US: OSADS Alliance Database
-CVE-2008-4207 (Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php ...)
+CVE-2008-4207
 	NOT-FOR-US: Attachmax Dolphin
-CVE-2008-4206 (PHP remote file inclusion vulnerability in config.php in Attachmax ...)
+CVE-2008-4206
 	NOT-FOR-US: Attachmax Dolphin
-CVE-2008-4205 (SQL injection vulnerability in search.php Attachmax Dolphin 2.1.0 ...)
+CVE-2008-4205
 	NOT-FOR-US: Attachmax Dolphin
-CVE-2008-4204 (SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation ...)
+CVE-2008-4204
 	NOT-FOR-US: SoftAcid Hotel Reservation System
-CVE-2008-4203 (SQL injection vulnerability in cn_users.php in CzarNews 1.20 and ...)
+CVE-2008-4203
 	NOT-FOR-US: CzarNews
-CVE-2008-4202 (SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 ...)
+CVE-2008-4202
 	NOT-FOR-US: Gonafish LinksCaffePRO
-CVE-2008-4200 (Opera before 9.52 does not ensure that the address field of a news ...)
+CVE-2008-4200
 	NOT-FOR-US: Opera
-CVE-2008-4199 (Opera before 9.52 does not prevent use of links from web pages to feed ...)
+CVE-2008-4199
 	NOT-FOR-US: Opera
-CVE-2008-4198 (Opera before 9.52, when rendering an http page that has loaded an ...)
+CVE-2008-4198
 	NOT-FOR-US: Opera
-CVE-2008-4197 (Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when ...)
+CVE-2008-4197
 	NOT-FOR-US: Opera
-CVE-2008-4196 (Cross-site scripting (XSS) vulnerability in Opera before 9.52 allows ...)
+CVE-2008-4196
 	NOT-FOR-US: Opera
-CVE-2008-4195 (Opera before 9.52 does not properly restrict the ability of a framed ...)
+CVE-2008-4195
 	NOT-FOR-US: Opera
-CVE-2008-4194 (The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par ...)
+CVE-2008-4194
 	- pdnsd 1.2.6-par-10 (bug #500910)
-CVE-2008-4193 (Stack-based buffer overflow in SecurityGateway.dll in Alt-N ...)
+CVE-2008-4193
 	NOT-FOR-US: Alt-N Technologies SecurityGateway
-CVE-2008-4192 (The pserver_shutdown function in fence_egenera in cman 2.20080629 and ...)
+CVE-2008-4192
 	- redhat-cluster 2.20081102-1 (bug #496410; low)
 	[lenny] - redhat-cluster 2.20080801-4+lenny1
-CVE-2008-4191 (extract-table.pl in Emacspeak 26 and 28 allows local users to ...)
+CVE-2008-4191
 	- emacspeak 28.0-2 (bug #496431; low)
 	[lenny] - emacspeak 26.0-3+lenny1
 	[etch] - emacspeak <no-dsa> (Minor issue)
-CVE-2008-4190 (The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x ...)
+CVE-2008-4190
 	{DSA-1760-1}
 	- openswan 1:2.4.12+dfsg-1.3 (bug #496374; low)
 	[etch] - openswan <no-dsa> (Vulnerable code only in example script)
 CVE-2008-XXXX [jumpnbump: insecure temp file]
 	- jumpnbump 1.50+dfsg1-1 (low; bug #500611)
 	[etch] - jumpnbump 1.50-6+etch1
-CVE-2008-4959 (geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite ...)
+CVE-2008-4959
 	- gpsdrive 2.10~pre4-6.dfsg-1 (low; bug #496436)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
-CVE-2008-4949 (dist 3.5 allows local users to overwrite arbitrary files via a symlink ...)
+CVE-2008-4949
 	- dist 1:3.5-17-2 (low; bug #496412)
 	[etch] - dist 3.70-31etch1
-CVE-2008-4970 (runiozone in lustre 1.6.5 allows local users to overwrite arbitrary ...)
+CVE-2008-4970
 	- lustre 1.6.5.1-1 (low; bug #496371)
-CVE-2008-4247 (ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly ...)
+CVE-2008-4247
 	- linux-ftpd-ssl 0.17.27+0.3-3 (bug #500518)
 	[etch] - linux-ftpd-ssl 0.17.18+0.3-6etch1
 	- linux-ftpd 0.17-29 (bug #500278)
@@ -7183,7 +7183,7 @@ CVE-2008-4247 (ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possib
 CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php]
 	- wordpress 2.8.4-1 (bug #500295; unimportant)
 	NOTE: bigger problems, if attacker has access to /etc/wordpress/*
-CVE-2008-4298 (Memory leak in the http_request_parse function in request.c in ...)
+CVE-2008-4298
 	{DSA-1645-1}
 	- lighttpd 1.4.19-5 (medium)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt
@@ -7196,140 +7196,140 @@ CVE-2008-XXXX [unsafe usage of temp file]
 	NOTE: Only exploitable when upgrading from an ancient version, package also not in Etch
 CVE-2008-4189
 	REJECTED
-CVE-2008-4188 (Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) ...)
+CVE-2008-4188
 	NOT-FOR-US: kw_secdir extension for TYPO3
-CVE-2008-4187 (Directory traversal vulnerability in index.php in ProActive CMS allows ...)
+CVE-2008-4187
 	NOT-FOR-US: ProActive CMS
-CVE-2008-4186 (SQL injection vulnerability in index.php in webCMS Portal Edition ...)
+CVE-2008-4186
 	NOT-FOR-US: webCMS Portal Edition
-CVE-2008-4185 (SQL injection vulnerability in index.php in webCMS Portal Edition ...)
+CVE-2008-4185
 	NOT-FOR-US: webCMS Portal Edition
-CVE-2008-4184 (Cross-site scripting (XSS) vulnerability in index.php in webCMS Portal ...)
+CVE-2008-4184
 	NOT-FOR-US: webCMS Portal Edition
-CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root with ...)
+CVE-2008-4183
 	NOT-FOR-US: IntegraMOD
-CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in Horde ...)
+CVE-2008-4182
 	{DSA-1770-1}
 	- turba2 2.2.1-2 (bug #500114; low)
 	[etch] - turba2 <no-dsa> (Minor issue)
 	- imp4 4.2-3 (bug #500553; low)
-CVE-2008-4181 (Directory traversal vulnerability in includes/xml.php in the Netenberg ...)
+CVE-2008-4181
 	NOT-FOR-US: Netenberg Fantastico De Luxe module for cPanel
-CVE-2008-4180 (Unspecified vulnerability in db.php in NooMS 1.1 allows remote ...)
+CVE-2008-4180
 	NOT-FOR-US: NooMS
-CVE-2008-4179 (Multiple cross-site scripting (XSS) vulnerabilities in NooMS 1.1 allow ...)
+CVE-2008-4179
 	NOT-FOR-US: NooMS
-CVE-2008-4178 (SQL injection vulnerability in tr.php in DownlineGoldmine Special ...)
+CVE-2008-4178
 	NOT-FOR-US: DownlineGoldmine, etc.
-CVE-2008-4177 (SQL injection vulnerability in search.php in Pre Real Estate Listings ...)
+CVE-2008-4177
 	NOT-FOR-US: Pre Real Estate Listings
-CVE-2008-4176 (SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta ...)
+CVE-2008-4176
 	NOT-FOR-US: FoT Video scripti
-CVE-2008-4175 (Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow ...)
+CVE-2008-4175
 	NOT-FOR-US: Link Bid Script
-CVE-2008-4174 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-4174
 	NOT-FOR-US: Dynamic MP3 Lister
-CVE-2008-4173 (SQL injection vulnerability in ProArcadeScript 1.3 allows remote ...)
+CVE-2008-4173
 	NOT-FOR-US: ProArcadeScript
-CVE-2008-4172 (SQL injection vulnerability in page.php in Cars &amp; Vehicle (aka ...)
+CVE-2008-4172
 	NOT-FOR-US: Cars & Vehicle
-CVE-2008-4171 (SQL injection vulnerability in xmlout.php in Invision Power Board ...)
+CVE-2008-4171
 	NOT-FOR-US: Invision Power Board
-CVE-2008-4170 (create_account.php in osCommerce 2.2 RC 2a allows remote attackers to ...)
+CVE-2008-4170
 	NOT-FOR-US: osCommerce
-CVE-2008-4169 (SQL injection vulnerability in detaillist.php in iScripts EasyIndex, ...)
+CVE-2008-4169
 	NOT-FOR-US: iScripts EasyIndex
-CVE-2008-4168 (Cross-site scripting (XSS) vulnerability in verify_login.jsp in ...)
+CVE-2008-4168
 	NOT-FOR-US: Pro2col Stingray FTS
-CVE-2008-4167 (useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not ...)
+CVE-2008-4167
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-4166 (Integer overflow in the JavaScript engine in Avant Browser 11.7 Build ...)
+CVE-2008-4166
 	NOT-FOR-US: Avant Browser
-CVE-2008-4165 (admin/user/create_user.php in Kolab Groupware Server 1.0.0 places a ...)
+CVE-2008-4165
 	NOT-FOR-US: Kolab Groupware Server 1.0.0
 	NOTE: Debian has kolabd and kolab-webadmin, but neither has the file create_user.php.
 	NOTE: But we have only 0.4 (in etch) and 2.1 (in lenny+sid), maybe 1.0 is different.
-CVE-2008-4164 (cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to ...)
+CVE-2008-4164
 	NOT-FOR-US: MemHT Portal
-CVE-2008-4163 (Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and ...)
+CVE-2008-4163
 	- bind9 <not-affected> (windows specific issue)
-CVE-2008-4162 (Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows ...)
+CVE-2008-4162
 	NOT-FOR-US: NooMS
-CVE-2008-4161 (SQL injection vulnerability in search_inv.php in Assetman 2.5b allows ...)
+CVE-2008-4161
 	NOT-FOR-US: Assetman
-CVE-2008-4160 (Unspecified vulnerability in the UFS module in Sun Solaris 8 through ...)
+CVE-2008-4160
 	NOT-FOR-US: Sun Solaris
-CVE-2008-4159 (SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS ...)
+CVE-2008-4159
 	NOT-FOR-US: Jaw Portal and Zanfi CMS
-CVE-2008-4158 (Multiple directory traversal vulnerabilities in index.php in Zanfi CMS ...)
+CVE-2008-4158
 	NOT-FOR-US: Zanfi CMS
-CVE-2008-4157 (SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 ...)
+CVE-2008-4157
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2008-4156 (SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming ...)
+CVE-2008-4156
 	NOT-FOR-US: CustomCms (CCMS) Gaming Portal
-CVE-2008-4155 (Multiple directory traversal vulnerabilities in EasySite 2.3 allow ...)
+CVE-2008-4155
 	NOT-FOR-US: EasySite
-CVE-2008-4154 (SQL injection vulnerability in living-e webEdition CMS allows remote ...)
+CVE-2008-4154
 	NOT-FOR-US: living-e webEdition CMS
-CVE-2008-4153 (The Talk module 5.x before 5.x-1.3 and 6.x before 6.x-1.5, a module ...)
+CVE-2008-4153
 	NOT-FOR-US: Talk module for Drupal
-CVE-2008-4152 (Cross-site scripting (XSS) vulnerability in the Talk module 5.x before ...)
+CVE-2008-4152
 	NOT-FOR-US: Talk module for Drupal
-CVE-2008-4151 (Directory traversal vulnerability in collect.php in CYASK 3.x allows ...)
+CVE-2008-4151
 	NOT-FOR-US: CYASK
-CVE-2008-4150 (SQL injection vulnerability in picture_category.php in Diesel Joke ...)
+CVE-2008-4150
 	NOT-FOR-US: Diesel Joke Site
-CVE-2008-4149 (Cross-site scripting (XSS) vulnerability in the Greg Holsclaw Link to ...)
+CVE-2008-4149
 	NOT-FOR-US: Greg Holsclaw Link to Us module for Drupal
-CVE-2008-4148 (SQL injection vulnerability in the Mailhandler module 5.x before ...)
+CVE-2008-4148
 	NOT-FOR-US: Mailhandler module for Drupal
-CVE-2008-4147 (Cross-site scripting (XSS) vulnerability in the Mailsave module 5.x ...)
+CVE-2008-4147
 	NOT-FOR-US: Mailsave module for Drupal
-CVE-2008-4146 (Addalink 1.0 beta 4 and earlier allows remote attackers to (1) approve ...)
+CVE-2008-4146
 	NOT-FOR-US: Addalink
-CVE-2008-4145 (SQL injection vulnerability in user_read_links.php in Addalink 1.0 ...)
+CVE-2008-4145
 	NOT-FOR-US: Addalink
-CVE-2008-4144 (SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold ...)
+CVE-2008-4144
 	NOT-FOR-US: ACG-ScriptShop E-Gold Script Shop
-CVE-2008-4143 (SQL injection vulnerability in category_search.php in RazorCommerce ...)
+CVE-2008-4143
 	NOT-FOR-US: RazorCommerce Shopping Cart
-CVE-2008-4142 (SQL injection vulnerability in article.php in E-Php CMS allows remote ...)
+CVE-2008-4142
 	NOT-FOR-US: E-Php CMS
-CVE-2008-4141 (Multiple PHP remote file inclusion vulnerabilities in x10Media x10 ...)
+CVE-2008-4141
 	NOT-FOR-US: x10Media x10 Automatic MP3 Script
-CVE-2008-4140 (Cross-site scripting (XSS) vulnerability in admin.php in Quick.Cart ...)
+CVE-2008-4140
 	NOT-FOR-US: Quick.Cart
-CVE-2008-4139 (Cross-site scripting (XSS) vulnerability in admin.php in OpenSolution ...)
+CVE-2008-4139
 	NOT-FOR-US: OpenSolution Quick.Cms.Lite
-CVE-2008-4138 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-4138
 	NOT-FOR-US: Technote
-CVE-2008-4137 (PHP remote file inclusion vulnerability in footer.php in PHP-Crawler ...)
+CVE-2008-4137
 	NOT-FOR-US: PHP-Crawler
-CVE-2008-4136 (Michael Roth Software Personal FTP Server (PFT) 6.0f allows remote ...)
+CVE-2008-4136
 	NOT-FOR-US: Michael Roth Software Personal FTP Server (PFT)
-CVE-2008-4135 (Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 ...)
+CVE-2008-4135
 	NOT-FOR-US: Symbian
-CVE-2008-4134 (PHP remote file inclusion vulnerability in manager/static/view.php in ...)
+CVE-2008-4134
 	NOT-FOR-US: phpRealty
-CVE-2008-4133 (The web proxy service on the D-Link DIR-100 with firmware 1.12 and ...)
+CVE-2008-4133
 	NOT-FOR-US: D-Link
-CVE-2008-4132 (Stack-based buffer overflow in the VSFlexGrid.VSFlexGridL ActiveX ...)
+CVE-2008-4132
 	NOT-FOR-US: SFlexGrid.VSFlexGridL ActiveX
-CVE-2008-4131 (Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow ...)
+CVE-2008-4131
 	NOT-FOR-US: Sun Solaris
-CVE-2008-4130 (Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 ...)
+CVE-2008-4130
 	- gallery2 2.2.6-1
-CVE-2008-4129 (Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ...)
+CVE-2008-4129
 	- gallery 1.5.9-1 (medium)
 	- gallery2 2.2.6-1 (medium)
-CVE-2008-4128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP ...)
+CVE-2008-4128
 	NOT-FOR-US: Cisco
-CVE-2008-4127 (Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta ...)
+CVE-2008-4127
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4126 (PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use ...)
+CVE-2008-4126
 	{DSA-1619-1}
 	- python-dns 2.3.1-5 (bug #490217)
-CVE-2008-4125 (The search function in phpBB 2.x provides a search_id value that leaks ...)
+CVE-2008-4125
 	- phpbb2 2.0.23+repack-3 (low; bug #500086)
 	[etch] - phpbb2 <no-dsa> (Minor issue)
 	- phpbb3 <not-affected> (vulnerable code not present)
@@ -7339,1008 +7339,1008 @@ CVE-2008-4124
 	RESERVED
 CVE-2008-4123
 	RESERVED
-CVE-2008-4122 (Joomla! 1.5.8 does not set the secure flag for the session cookie in ...)
+CVE-2008-4122
 	NOT-FOR-US: Joomla!
-CVE-2008-4121 (Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce ...)
+CVE-2008-4121
 	NOT-FOR-US: cpCommerce
-CVE-2008-4120 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 ...)
+CVE-2008-4120
 	NOT-FOR-US: FlatPress
-CVE-2008-4119 (Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk ...)
+CVE-2008-4119
 	NOT-FOR-US: CA Service Desk
-CVE-2008-4118 (Cross-site scripting (XSS) vulnerability in High Norm Sound Master 2nd ...)
+CVE-2008-4118
 	NOT-FOR-US: High Norm Sound Master
-CVE-2008-4117 (Unspecified vulnerability in a web page in the PRM module in Sun ...)
+CVE-2008-4117
 	NOT-FOR-US: Sun Management Center (SunMC)
-CVE-2008-4116 (Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote ...)
+CVE-2008-4116
 	NOT-FOR-US: Apple
-CVE-2008-4201 (Heap-based buffer overflow in the decodeMP4file function ...)
+CVE-2008-4201
 	- faad2 2.6.1-3.1 (bug #499899)
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=238445
 	NOTE: http://www.audiocoding.com/
 	NOTE: http://www.audiocoding.com/patch/main_overflow.diff
-CVE-2008-4115 (TalkBack 2.3.6 allows remote attackers to obtain configuration ...)
+CVE-2008-4115
 	NOT-FOR-US: TalkBack
-CVE-2008-4114 (srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 ...)
+CVE-2008-4114
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-4113 (The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the ...)
+CVE-2008-4113
 	{DSA-1655-1}
 	- linux-2.6 2.6.26-5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 2.6.24-6~etchnhalf.6
 CVE-2008-4112
 	REJECTED
-CVE-2008-4111 (Unspecified vulnerability in Servlet Engine/Web Container in IBM ...)
+CVE-2008-4111
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-4110 (Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in ...)
+CVE-2008-4110
 	NOT-FOR-US: Microsoft
-CVE-2008-4107 (The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce ...)
+CVE-2008-4107
 	- php5 <removed> (unimportant; bug #500087)
 	NOTE: the rand() and mt_rand() functions were never said to be cryptographically strong
 	NOTE: http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html
-CVE-2008-4106 (WordPress before 2.6.2 does not properly handle MySQL warnings about ...)
+CVE-2008-4106
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-8 (bug #500115)
-CVE-2008-4105 (JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that ...)
+CVE-2008-4105
 	NOT-FOR-US: Joomla!
-CVE-2008-4104 (Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 ...)
+CVE-2008-4104
 	NOT-FOR-US: Joomla!
-CVE-2008-4103 (The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 ...)
+CVE-2008-4103
 	NOT-FOR-US: Joomla!
-CVE-2008-4102 (Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, ...)
+CVE-2008-4102
 	NOT-FOR-US: Joomla!
-CVE-2008-4101 (Vim 3.0 through 7.x before 7.2.010 does not properly escape ...)
+CVE-2008-4101
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (low; bug #500381)
 	[lenny] - vim 1:7.1.314-3+lenny1
 	[squeeze] - vim 1:7.1.314-3+lenny1
-CVE-2008-4098 (MySQL before 5.0.67 allows local users to bypass certain privilege ...)
+CVE-2008-4098
 	{DSA-1662-1}
 	- mysql-dfsg-5.0 5.0.67-1
 	[lenny] - mysql-dfsg-5.0 5.0.51a-18
 	[squeeze] - mysql-dfsg-5.0 5.0.51a-18
-CVE-2008-4097 (MySQL 5.0.51a allows local users to bypass certain privilege checks by ...)
+CVE-2008-4097
 	{DSA-1608-1}
 	- mysql-dfsg-5.0 5.0.51a-10
-CVE-2008-4095 (Multiple unspecified vulnerabilities in the Importer in Flip4Mac WMV ...)
+CVE-2008-4095
 	NOT-FOR-US: Flip4Mac WMV
-CVE-2008-4094 (Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 ...)
+CVE-2008-4094
 	- rails 2.1.0-1 (medium; bug #500791)
 	NOTE: in mysql this only allows information disclosure as multiline statements are
 	NOTE: not allowed by default
-CVE-2008-4093 (SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and ...)
+CVE-2008-4093
 	NOT-FOR-US: YourOwnBux
-CVE-2008-4092 (SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) ...)
+CVE-2008-4092
 	NOT-FOR-US: myPHPNuke
-CVE-2008-4091 (SQL injection vulnerability in index.php in Web Directory Script 1.5.3 ...)
+CVE-2008-4091
 	NOT-FOR-US: Web Directory Script
-CVE-2008-4090 (SQL injection vulnerability in index.php in PHP Coupon Script 4.0 ...)
+CVE-2008-4090
 	NOT-FOR-US: PHP Coupon Script
-CVE-2008-4089 (Cross-site scripting (XSS) vulnerability in print.php in myPHPNuke ...)
+CVE-2008-4089
 	NOT-FOR-US: myPHPNuke
-CVE-2008-4088 (SQL injection vulnerability in print.php in myPHPNuke (MPN) before ...)
+CVE-2008-4088
 	NOT-FOR-US: myPHPNuke
-CVE-2008-4087 (Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 ...)
+CVE-2008-4087
 	NOT-FOR-US: Acoustica Beatcraft
-CVE-2008-4086 (SQL injection vulnerability in index.php in Reciprocal Links Manager ...)
+CVE-2008-4086
 	NOT-FOR-US: Reciprocal Links Manager
-CVE-2008-4085 (plaiter in Plait before 1.6 allows local users to overwrite arbitrary ...)
+CVE-2008-4085
 	- plait 1.5.2-2 (low; bug #496381)
-CVE-2008-4084 (SQL injection vulnerability in staticpages/easyclassifields/index.php ...)
+CVE-2008-4084
 	NOT-FOR-US: MyioSoft EasyClassifields
-CVE-2008-4083 (Cross-site scripting (XSS) vulnerability in the Bookmarks plugin in ...)
+CVE-2008-4083
 	NOT-FOR-US: Brim
-CVE-2008-4082 (SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when ...)
+CVE-2008-4082
 	NOT-FOR-US: Brim
-CVE-2008-4081 (admin/login.php in Stash 1.0.3 allows remote attackers to bypass ...)
+CVE-2008-4081
 	NOT-FOR-US: Stash
-CVE-2008-4080 (SQL injection vulnerability in Stash 1.0.3, when magic_quotes_gpc is ...)
+CVE-2008-4080
 	NOT-FOR-US: Stash
-CVE-2008-4079 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) 4.x ...)
+CVE-2008-4079
 	- movabletype-opensource 4.2~rc5-1 (low; bug #499252)
-CVE-2008-4078 (SQL injection vulnerability in the AR/AP transaction report in (1) ...)
+CVE-2008-4078
 	- sql-ledger <unfixed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2008-4077 (The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) ...)
+CVE-2008-4077
 	- sql-ledger <unfixed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2008-4076 (Cross-site scripting (XSS) vulnerability in (1) Tor World Tor Board ...)
+CVE-2008-4076
 	NOT-FOR-US: Tor World Software
-CVE-2008-4075 (Directory traversal vulnerability in index.php in D-iscussion Board ...)
+CVE-2008-4075
 	NOT-FOR-US: D-iscussion Board
-CVE-2008-4074 (SQL injection vulnerability in index.php in Zanfi Autodealers CMS ...)
+CVE-2008-4074
 	NOT-FOR-US: Zanfi Autodealers CMS
-CVE-2008-4073 (SQL injection vulnerability in index.php in Zanfi Autodealers CMS ...)
+CVE-2008-4073
 	NOT-FOR-US: Zanfi Autodealers CMS
-CVE-2008-4072 (Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 ...)
+CVE-2008-4072
 	NOT-FOR-US: phsBlog
-CVE-2008-4071 (A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft ...)
+CVE-2008-4071
 	NOT-FOR-US: Microsoft
-CVE-2008-4070 (Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and ...)
+CVE-2008-4070
 	{DSA-1697-1 DSA-1696-1}
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
-CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey ...)
+CVE-2008-4069
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
-CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 ...)
+CVE-2008-4068
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4067 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 ...)
+CVE-2008-4067
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4066 (Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows ...)
+CVE-2008-4066
 	{DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.17-1
-CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird ...)
+CVE-2008-4065
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4064 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before ...)
+CVE-2008-4064
 	{DSA-1669-1}
 	- xulrunner 1.9.0.3-1
 	- iceweasel 3.0.3-1
 	[etch] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2008-4063 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before ...)
+CVE-2008-4063
 	{DSA-1669-1}
 	- xulrunner 1.9.0.3-1
 	- iceweasel 3.0.3-1
 	[etch] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2008-4062 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
+CVE-2008-4062
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4061 (Integer overflow in the MathML component in Mozilla Firefox before ...)
+CVE-2008-4061
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4060 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird ...)
+CVE-2008-4060
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4059 (The XPConnect component in Mozilla Firefox before 2.0.0.17 allows ...)
+CVE-2008-4059
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4058 (The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x ...)
+CVE-2008-4058
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4057 (Unspecified vulnerability in Objective Development Sharity 3 before ...)
+CVE-2008-4057
 	NOT-FOR-US: Objective Development Sharity
-CVE-2008-4056 (Cross-site scripting (XSS) vulnerability in admin/login.php in ...)
+CVE-2008-4056
 	NOT-FOR-US: Matterdaddy Market
-CVE-2008-4055 (SQL injection vulnerability in tops_top.php in Million Pixel Ad Script ...)
+CVE-2008-4055
 	NOT-FOR-US: Million Pixel Ad Script
-CVE-2008-4054 (SQL injection vulnerability in indir.php in Kolifa.net Download Script ...)
+CVE-2008-4054
 	NOT-FOR-US: Kolifa.net Download Script
-CVE-2008-4053 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-4053
 	NOT-FOR-US: Bluemoon PopnupBLOG
-CVE-2008-4052 (Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity ...)
+CVE-2008-4052
 	NOT-FOR-US: OpenVMS for Integrity Servers
-CVE-2008-4051 (Cross-site scripting (XSS) vulnerability in surveyresults.asp in Smart ...)
+CVE-2008-4051
 	NOT-FOR-US: Smart Survey
-CVE-2008-4050 (A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly ...)
+CVE-2008-4050
 	NOT-FOR-US: Friendly Technologies FriendlyPPPoE Client
-CVE-2008-4049 (A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly ...)
+CVE-2008-4049
 	NOT-FOR-US: Friendly Technologies FriendlyPPPoE Client
-CVE-2008-4048 (Heap-based buffer overflow in a certain ActiveX control in ...)
+CVE-2008-4048
 	NOT-FOR-US: Friendly Technologies FriendlyPPPoE Client
-CVE-2008-4047 (Unspecified vulnerability in Novell Forum (formerly SiteScape Forum) ...)
+CVE-2008-4047
 	NOT-FOR-US: Novell Forum
-CVE-2008-4046 (SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote ...)
+CVE-2008-4046
 	NOT-FOR-US: eliteCMS
-CVE-2008-4045 (Multiple cross-site scripting (XSS) vulnerabilities in @Mail 5.42 ...)
+CVE-2008-4045
 	NOT-FOR-US: @Mail
-CVE-2008-4044 (SQL injection vulnerability in article/readarticle.php in AJ Square ...)
+CVE-2008-4044
 	NOT-FOR-US: AJ Square aj-hyip
-CVE-2008-4043 (Multiple SQL injection vulnerabilities in AJ Square AJ HYIP Acme allow ...)
+CVE-2008-4043
 	NOT-FOR-US: AJ Square aj-hyip
 CVE-2008-4042
 	REJECTED
-CVE-2008-4041 (The IMAP server in Softalk Mail Server (formerly WorkgroupMail) ...)
+CVE-2008-4041
 	NOT-FOR-US: Softalk Mail Server
-CVE-2008-4040 (Directory traversal vulnerability in the Kyocera Command Center in ...)
+CVE-2008-4040
 	NOT-FOR-US: Kyocera FS-118MFP
-CVE-2008-4039 (SQL injection vulnerability in index.php in Spice Classifieds allows ...)
+CVE-2008-4039
 	NOT-FOR-US: Spice Classifieds
-CVE-2008-4038 (Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...)
+CVE-2008-4038
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-4037 (Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server ...)
+CVE-2008-4037
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-4036 (Integer overflow in Memory Manager in Microsoft Windows XP SP2 and ...)
+CVE-2008-4036
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4035
 	REJECTED
 CVE-2008-4034
 	REJECTED
-CVE-2008-4033 (Cross-domain vulnerability in Microsoft XML Core Services 3.0 through ...)
+CVE-2008-4033
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4032 (Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft ...)
+CVE-2008-4032
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4031 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+CVE-2008-4031
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4030 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+CVE-2008-4030
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4029 (Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, ...)
+CVE-2008-4029
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4028 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+CVE-2008-4028
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4027 (Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, ...)
+CVE-2008-4027
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4026 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+CVE-2008-4026
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4025 (Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 ...)
+CVE-2008-4025
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4024 (Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac ...)
+CVE-2008-4024
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4023 (Active Directory in Microsoft Windows 2000 SP4 does not properly ...)
+CVE-2008-4023
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4022
 	REJECTED
 CVE-2008-4021
 	REJECTED
-CVE-2008-4020 (Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 ...)
+CVE-2008-4020
 	NOT-FOR-US: Microsoft Office
-CVE-2008-4019 (Integer overflow in the REPT function in Microsoft Excel 2000 SP3, ...)
+CVE-2008-4019
 	NOT-FOR-US: Microsoft Office
-CVE-2008-4109 (A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before ...)
+CVE-2008-4109
 	{DSA-1638-1 CVE-2006-5051}
 	- openssh 1:4.6p1-1 (low)
 	NOTE: The patch backported for CVE-2006-5051 was incorrect and did not
 	NOTE: fully address the issue. The upstream fix in 4.4p1 was
 	NOTE: right, and it the next unstable upload after that was 4.6p1.
-CVE-2008-4100 (GNU adns 1.4 and earlier uses a fixed source port and sequential ...)
+CVE-2008-4100
 	- adns 1.4-2 (unimportant; bug #492698)
 	NOTE: adns is not supported in untrusted contexts, fix documents this in README.Debian
-CVE-2008-4099 (PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use ...)
+CVE-2008-4099
 	{DSA-1619-1}
 	- python-dns 2.3.1-5 (low; bug #490217)
-CVE-2008-4096 (libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 ...)
+CVE-2008-4096
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.8.1-2 (medium)
 CVE-2008-XXXX [unsafe use of tempfile in ssmclient]
 	- smsclient <unfixed> (unimportant; bug #498901)
 	NOTE: script is not in use and only a suggestion for users
-CVE-2008-4108 (Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) ...)
+CVE-2008-4108
 	- python-defaults <unfixed> (unimportant; bug #498899)
 	NOTE: script is an example, which can be used by users
-CVE-2008-4018 (swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local ...)
+CVE-2008-4018
 	NOT-FOR-US: IBM AIX
-CVE-2008-4017 (Unspecified vulnerability in the OC4J component in Oracle Application ...)
+CVE-2008-4017
 	NOT-FOR-US: Oracle
-CVE-2008-4016 (Unspecified vulnerability in the Collaborative Workspaces component in ...)
+CVE-2008-4016
 	NOT-FOR-US: Oracle
-CVE-2008-4015 (Unspecified vulnerability in the Oracle Streams component in Oracle ...)
+CVE-2008-4015
 	NOT-FOR-US: Oracle
-CVE-2008-4014 (Unspecified vulnerability in the Oracle BPEL Process Manager component ...)
+CVE-2008-4014
 	NOT-FOR-US: Oracle
-CVE-2008-4013 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2008-4013
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4012 (Unspecified vulnerability in the WebLogic Workshop component in BEA ...)
+CVE-2008-4012
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4011 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2008-4011
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4010 (Unspecified vulnerability in the WebLogic Workshop component in BEA ...)
+CVE-2008-4010
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4009 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2008-4009
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4008 (Unspecified vulnerability in the WebLogic Server Plugins for Apache ...)
+CVE-2008-4008
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4007 (Unspecified vulnerability in the PeopleSoft Enterprise Components ...)
+CVE-2008-4007
 	NOT-FOR-US: Oracle
-CVE-2008-4006 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-4006
 	NOT-FOR-US: Oracle
-CVE-2008-4005 (Unspecified vulnerability in the Oracle Application Express component ...)
+CVE-2008-4005
 	NOT-FOR-US: Oracle
-CVE-2008-4004 (Unspecified vulnerability in the JDE EnterpriseOne Business Service ...)
+CVE-2008-4004
 	NOT-FOR-US: Oracle
-CVE-2008-4003 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2008-4003
 	NOT-FOR-US: Oracle
-CVE-2008-4002 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2008-4002
 	NOT-FOR-US: Oracle
-CVE-2008-4001 (Unspecified vulnerability in the PeopleSoft Enterprise Portal ...)
+CVE-2008-4001
 	NOT-FOR-US: Oracle
-CVE-2008-4000 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2008-4000
 	NOT-FOR-US: Oracle
-CVE-2008-3999 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2008-3999
 	NOT-FOR-US: Oracle
-CVE-2008-3998 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2008-3998
 	NOT-FOR-US: Oracle
-CVE-2008-3997 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2008-3997
 	NOT-FOR-US: Oracle
-CVE-2008-3996 (Unspecified vulnerability in the Change Data Capture component in ...)
+CVE-2008-3996
 	NOT-FOR-US: Oracle
-CVE-2008-3995 (Unspecified vulnerability in the Change Data Capture component in ...)
+CVE-2008-3995
 	NOT-FOR-US: Oracle
-CVE-2008-3994 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2008-3994
 	NOT-FOR-US: Oracle
-CVE-2008-3993 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2008-3993
 	NOT-FOR-US: Oracle
-CVE-2008-3992 (Unspecified vulnerability in the Oracle Data Mining component in ...)
+CVE-2008-3992
 	NOT-FOR-US: Oracle
-CVE-2008-3991 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2008-3991
 	NOT-FOR-US: Oracle
-CVE-2008-3990 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2008-3990
 	NOT-FOR-US: Oracle
-CVE-2008-3989 (Unspecified vulnerability in the Oracle Data Mining component in ...)
+CVE-2008-3989
 	NOT-FOR-US: Oracle
-CVE-2008-3988 (Unspecified vulnerability in the iSupplier Portal component in Oracle ...)
+CVE-2008-3988
 	NOT-FOR-US: Oracle
-CVE-2008-3987 (Unspecified vulnerability in the Oracle Discoverer Desktop component ...)
+CVE-2008-3987
 	NOT-FOR-US: Oracle
-CVE-2008-3986 (Unspecified vulnerability in the Oracle Discoverer Administrator ...)
+CVE-2008-3986
 	NOT-FOR-US: Oracle
-CVE-2008-3985 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2008-3985
 	NOT-FOR-US: Oracle
-CVE-2008-3984 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2008-3984
 	NOT-FOR-US: Oracle
-CVE-2008-3983 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2008-3983
 	NOT-FOR-US: Oracle
-CVE-2008-3982 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2008-3982
 	NOT-FOR-US: Oracle
-CVE-2008-3981 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2008-3981
 	NOT-FOR-US: Oracle
-CVE-2008-3980 (Unspecified vulnerability in the Upgrade component in Oracle Database ...)
+CVE-2008-3980
 	NOT-FOR-US: Oracle
-CVE-2008-3979 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2008-3979
 	NOT-FOR-US: Oracle
-CVE-2008-3978 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2008-3978
 	NOT-FOR-US: Oracle
-CVE-2008-3977 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-3977
 	NOT-FOR-US: Oracle
-CVE-2008-3976 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2008-3976
 	NOT-FOR-US: Oracle
-CVE-2008-3975 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-3975
 	NOT-FOR-US: Oracle
-CVE-2008-3974 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2008-3974
 	NOT-FOR-US: Oracle
-CVE-2008-3973 (Unspecified vulnerability in the SQL*Plus Windows GUI component in ...)
+CVE-2008-3973
 	NOT-FOR-US: Oracle
-CVE-2008-3972 (pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to ...)
+CVE-2008-3972
 	{DSA-1627-2}
 	- opensc 0.11.4-5
-CVE-2008-3971 (Heap-based buffer overflow in the open_man_file function in ...)
+CVE-2008-3971
 	- gmanedit 0.4.1-1.1 (low; bug #497835)
 	[etch] - gmanedit <no-dsa> (Minor issue)
-CVE-2008-3970 (pam_mount 0.10 through 0.45, when luserconf is enabled, does not ...)
+CVE-2008-3970
 	{DTSA-169-1}
 	- libpam-mount 0.48-1 (low; bug #499841)
-CVE-2008-3969 (Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow ...)
+CVE-2008-3969
 	- bitlbee 1.2.3-1 (bug #498159)
 	[etch] - bitlbee <not-affected> (1.0.x not affected)
-CVE-2008-3968 (Cross-site scripting (XSS) vulnerability in userlist.php in PunBB ...)
+CVE-2008-3968
 	NOT-FOR-US: PunBB
-CVE-2008-3967 (moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not ...)
+CVE-2008-3967
 	NOT-FOR-US: MyBB
-CVE-2008-3966 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...)
+CVE-2008-3966
 	NOT-FOR-US: MyBB
-CVE-2008-3965 (SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) ...)
+CVE-2008-3965
 	NOT-FOR-US: MyBB
-CVE-2008-3961 (Multiple unspecified vulnerabilities in Adobe Illustrator CS2 on ...)
+CVE-2008-3961
 	NOT-FOR-US: Adobe Illustrator
-CVE-2008-3960 (Unspecified vulnerability in the JDBC Applet Server Service (aka ...)
+CVE-2008-3960
 	NOT-FOR-US: IBM DB2 UDB
-CVE-2008-3959 (IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before ...)
+CVE-2008-3959
 	NOT-FOR-US: IBM DB2 UDB
-CVE-2008-3958 (IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a ...)
+CVE-2008-3958
 	NOT-FOR-US: IBM DB2 UDB
-CVE-2008-3957 (The Microsoft Windows Image Acquisition Logger ActiveX control allows ...)
+CVE-2008-3957
 	NOT-FOR-US: Microsoft
-CVE-2008-3956 (orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted ...)
+CVE-2008-3956
 	NOT-FOR-US: Microsoft
-CVE-2008-3955 (SQL injection vulnerability in index.php in Masir Camp E-Shop Module ...)
+CVE-2008-3955
 	NOT-FOR-US: Masir Camp E-Shop Module
-CVE-2008-3954 (SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per ...)
+CVE-2008-3954
 	NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange
-CVE-2008-3953 (SQL injection vulnerability in keyword_search_action.php in Vastal ...)
+CVE-2008-3953
 	NOT-FOR-US: Vastal I-Tech Shaadi Zone
-CVE-2008-3952 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows ...)
+CVE-2008-3952
 	NOT-FOR-US: EsFaq
-CVE-2008-3951 (SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent ...)
+CVE-2008-3951
 	NOT-FOR-US: The Real Estate Script
-CVE-2008-3950 (Off-by-one error in the ...)
+CVE-2008-3950
 	- webkit <not-affected> (Vulnerable code not present)
 	NOTE: bug #500306
-CVE-2008-3949 (emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python ...)
+CVE-2008-3949
 	- emacs22 22.2+2-4 (low; bug #499568)
 	- emacs21 <not-affected> (doesn't provide the python functionality)
 	- xemacs21 <not-affected> (doesn't provide the python functionality)
 	NOTE: This can happen with any Python script, just because Emacs autoloads one
 	NOTE: doesn't make it much worse
-CVE-2008-3948 (SQL injection vulnerability in admin/users/self-2.php in XRMS allows ...)
+CVE-2008-3948
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3947 (DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain ...)
+CVE-2008-3947
 	NOT-FOR-US: OpenVMS
-CVE-2008-3946 (The finger client in HP TCP/IP Services for OpenVMS 5.x allows local ...)
+CVE-2008-3946
 	NOT-FOR-US: OpenVMS
-CVE-2008-3945 (SQL injection vulnerability in index.php in Words tag 1.2 allows ...)
+CVE-2008-3945
 	NOT-FOR-US: Words tag
-CVE-2008-3944 (SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows ...)
+CVE-2008-3944
 	NOT-FOR-US: ACG-PTP
-CVE-2008-3943 (SQL injection vulnerability in listtest.php in eZoneScripts Living ...)
+CVE-2008-3943
 	NOT-FOR-US: eZoneScripts Living Local
-CVE-2008-3942 (SQL injection vulnerability in landsee.php in Full PHP Emlak Script ...)
+CVE-2008-3942
 	NOT-FOR-US: Full PHP Emlak Script
-CVE-2008-3941 (Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and ...)
+CVE-2008-3941
 	NOT-FOR-US: BizDirectory
-CVE-2008-3940 (Format string vulnerability in the finger client in HP TCP/IP Services ...)
+CVE-2008-3940
 	NOT-FOR-US: OpenVMS
-CVE-2008-3939 (Directory traversal vulnerability in the web interface in AVTECH PageR ...)
+CVE-2008-3939
 	NOT-FOR-US: AVTECH PageR Enterprise
-CVE-2008-3938 (Cross-site request forgery (CSRF) vulnerability in user_admin.php in ...)
+CVE-2008-3938
 	NOT-FOR-US: Open Media Collectors Database
-CVE-2008-3937 (Multiple cross-site scripting (XSS) vulnerabilities in Open Media ...)
+CVE-2008-3937
 	NOT-FOR-US: Open Media Collectors Database
-CVE-2008-3936 (The web interface in Dreambox DM500C allows remote attackers to cause ...)
+CVE-2008-3936
 	NOT-FOR-US: Dreambox DM500C
-CVE-2008-3935 (Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and ...)
+CVE-2008-3935
 	NOT-FOR-US: DIC shop_v50
-CVE-2008-3931 (javareconf in R 2.7.2 allows local users to overwrite arbitrary files ...)
+CVE-2008-3931
 	- r-base-core-ra 1.1.1-2 (low; bug #496363)
 	- r-base 2.7.2-1 (low; bug #496418)
 	[etch] - r-base <no-dsa> (Minor issue)
 	[lenny] - r-base 2.7.1-1+lenny1
-CVE-2008-3930 (migrate_aliases.sh in Citadel Server 7.37 allows local users to ...)
+CVE-2008-3930
 	- citadel 7.37-3 (low; bug #496359)
-CVE-2008-3929 (gather-messages.sh in Ampache 3.4.1 allows local users to overwrite ...)
+CVE-2008-3929
 	- ampache 3.4.1-2 (unimportant; bug #496369)
 	NOTE: Tracking as unimportant, since the script is only used
 	NOTE: when translating ampache to a new language
-CVE-2008-3928 (test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary ...)
+CVE-2008-3928
 	- honeyd 1.5c-5 (unimportant; bug #496365)
 	NOTE: Script not used by package, only a manual test script
-CVE-2008-3927 (genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete ...)
+CVE-2008-3927
 	- tiger 1:3.2.2-4 (unimportant; bug #496415)
 	NOTE: Tracking as unimportant, since the script is only used
 	NOTE: during build time
-CVE-2008-3926 (Multiple directory traversal vulnerabilities in Content Management ...)
+CVE-2008-3926
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3925 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
+CVE-2008-3925
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3924 (The &quot;Make a backup&quot; functionality in Content Management Made Easy ...)
+CVE-2008-3924
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3923 (Multiple cross-site scripting (XSS) vulnerabilities in statistics.php ...)
+CVE-2008-3923
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3922 (awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote ...)
+CVE-2008-3922
 	NOT-FOR-US: AWStats Totals
-CVE-2008-3921 (Multiple cross-site scripting (XSS) vulnerabilities in AWStats Totals ...)
+CVE-2008-3921
 	NOT-FOR-US: AWStats Totals
-CVE-2008-3919 (Unspecified vulnerability in multiple JustSystems Ichitaro products ...)
+CVE-2008-3919
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2008-3918 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows ...)
+CVE-2008-3918
 	NOT-FOR-US: Ovidentia
-CVE-2008-3917 (Cross-site scripting (XSS) vulnerability in index.php in Ovidentia ...)
+CVE-2008-3917
 	NOT-FOR-US: Ovidentia
-CVE-2008-3916 (Heap-based buffer overflow in the strip_escapes function in signal.c ...)
+CVE-2008-3916
 	- ed 0.7-2 (low)
 	[etch] - ed <no-dsa> (Minor issue)
-CVE-2008-3915 (Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when ...)
+CVE-2008-3915
 	{DSA-1636-1}
 	- linux-2.6 2.6.26-5
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.19)
 	NOTE: 91b80969ba466ba4b915a4a1d03add8c297add3f
-CVE-2008-3911 (The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel ...)
+CVE-2008-3911
 	- linux-2.6 2.6.26-5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
-CVE-2008-3906 (CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows ...)
+CVE-2008-3906
 	- mono 1.9.1+dfsg-4 (low; bug #498894)
-CVE-2008-3905 (resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 ...)
+CVE-2008-3905
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #498978)
 	- ruby1.9 1.9.0.2-6 (bug #498977)
-CVE-2008-3903 (Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and ...)
+CVE-2008-3903
 	{DSA-1952-1}
 	- asterisk 1:1.6.1.0~dfsg-1 (low; bug #522528)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - asterisk <no-dsa> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2009-003.html
-CVE-2008-3902 (HP firmware 68DTT F.0D stores pre-boot authentication passwords in the ...)
+CVE-2008-3902
 	NOT-FOR-US: HP firmware 68DTT
-CVE-2008-3962 (The from_format function in ssmtp.c in ssmtp 2.61 and 2.62, in certain ...)
+CVE-2008-3962
 	- ssmtp 2.62-1.1 (low; bug #498366)
 	[etch] - ssmtp <no-dsa> (Minor issue, only affects rare corner cases)
-CVE-2008-3963 (MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does ...)
+CVE-2008-3963
 	{DSA-1783-1}
 	- mysql-dfsg-5.0 5.0.51a-15 (low; bug #498362)
-CVE-2008-3964 (Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 ...)
+CVE-2008-3964
 	- libpng 1.2.27-2 (low; bug #501109)
 	[etch] - libpng <not-affected> (Vulnerable code not present)
 	NOTE: off-by-one error in pngpread.c is not present, must have
 	NOTE: been introduced later, but pngtest.c is affected. However, there
 	NOTE: is no known exploit.
-CVE-2008-3912 (libclamav in ClamAV before 0.94 allows attackers to cause a denial of ...)
+CVE-2008-3912
 	{DSA-1660-1}
 	- clamav 0.94.dfsg-1
-CVE-2008-3913 (Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 ...)
+CVE-2008-3913
 	{DSA-1660-1}
 	- clamav 0.94.dfsg-1
-CVE-2008-3914 (Multiple unspecified vulnerabilities in ClamAV before 0.94 have ...)
+CVE-2008-3914
 	{DSA-1660-1}
 	- clamav 0.94.dfsg-1
-CVE-2008-3934 (Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 ...)
+CVE-2008-3934
 	{DTSA-167-1}
 	- wireshark 1.0.3-1 (bug #497878)
 	[etch] - wireshark <not-affected> (Only >= 0.99.6)
-CVE-2008-3933 (Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers ...)
+CVE-2008-3933
 	{DSA-1673-1 DTSA-167-1}
 	- wireshark 1.0.3-1 (low; bug #497878)
-CVE-2008-3932 (Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to ...)
+CVE-2008-3932
 	{DTSA-167-1}
 	- wireshark 1.0.3-1 (low; bug #497878)
-CVE-2008-3904 (src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop ...)
+CVE-2008-3904
 	- gpicview 0.1.9-2 (low; bug #498022)
-CVE-2008-3909 (The administration application in Django 0.91, 0.95, and 0.96 stores ...)
+CVE-2008-3909
 	{DSA-1640-1}
 	- python-django 1.0-1
 	NOTE: http://www.djangoproject.com/weblog/2008/sep/02/security/
-CVE-2008-3910 (dns2tcp before 0.4.1 does not properly handle negative values in a ...)
+CVE-2008-3910
 	- dns2tcp 0.4.dfsg-2 (medium; bug #497730)
-CVE-2008-3901 (Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, ...)
+CVE-2008-3901
 	- linux-patch-tuxonice <not-affected> (Fixed before initial upload)
-CVE-2008-3900 (Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot ...)
+CVE-2008-3900
 	NOT-FOR-US: Intel firmware
-CVE-2008-3899 (TrueCrypt 5.0 stores pre-boot authentication passwords in the BIOS ...)
+CVE-2008-3899
 	NOT-FOR-US: TrueCrypt
-CVE-2008-3898 (Secu Star DriveCrypt Plus Pack 3.9 stores pre-boot authentication ...)
+CVE-2008-3898
 	NOT-FOR-US: Secu Star DriveCrypt
-CVE-2008-3897 (DiskCryptor 0.2.6 on Windows stores pre-boot authentication passwords ...)
+CVE-2008-3897
 	NOT-FOR-US: DiskCryptor
-CVE-2008-3896 (Grub Legacy 0.97 and earlier stores pre-boot authentication passwords ...)
+CVE-2008-3896
 	- grub <unfixed> (unimportant)
 	NOTE: you need to be root on linux to do this, root can easily edit menu.lst anyway
-CVE-2008-3895 (LILO 22.6.1 and earlier stores pre-boot authentication passwords in ...)
+CVE-2008-3895
 	- lilo <unfixed> (unimportant)
 	NOTE: you need to be root on linux to do this, root can edit the configuration anyway
-CVE-2008-3894 (IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication ...)
+CVE-2008-3894
 	NOT-FOR-US: IBM Lenovo firmware
-CVE-2008-3893 (Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot ...)
+CVE-2008-3893
 	NOT-FOR-US: Bitlocker
-CVE-2008-3892 (Buffer overflow in a certain ActiveX control in the COM API in VMware ...)
+CVE-2008-3892
 	NOT-FOR-US: VMware COM API
-CVE-2008-3891 (The SAML Single Sign-On (SSO) Service for Google Apps allows remote ...)
+CVE-2008-3891
 	NOT-FOR-US: SAML Service for Google Apps
-CVE-2008-3890 (The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an ...)
+CVE-2008-3890
 	- kfreebsd-6 6.3-7
 	- kfreebsd-7 7.0-5
-CVE-2008-3888 (SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 ...)
+CVE-2008-3888
 	NOT-FOR-US: Mini-NUKE Freehost
-CVE-2008-3887 (Multiple SQL injection vulnerabilities in index.php in dotProject ...)
+CVE-2008-3887
 	NOT-FOR-US: dotProject
-CVE-2008-3886 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-3886
 	NOT-FOR-US: dotProject
-CVE-2008-3885 (Cross-site request forgery (CSRF) vulnerability in Blogn (BURO GUN) ...)
+CVE-2008-3885
 	NOT-FOR-US: Blogn
-CVE-2008-3884 (Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and ...)
+CVE-2008-3884
 	NOT-FOR-US: Blogn
-CVE-2008-3883 (configvar in Caudium 1.4.12 allows local users to overwrite arbitrary ...)
+CVE-2008-3883
 	- caudium 1.4.12-11.1 (low; bug #496404)
-CVE-2008-3882 (Unspecified &quot;Command Injection&quot; vulnerability in ZoneMinder 1.23.3 and ...)
+CVE-2008-3882
 	- zoneminder 1.24.1-1 (bug #497640)
-CVE-2008-3881 (Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder ...)
+CVE-2008-3881
 	- zoneminder 1.24.1-1 (low; bug #497640)
-CVE-2008-3880 (SQL injection vulnerability in zm_html_view_event.php in ZoneMinder ...)
+CVE-2008-3880
 	- zoneminder 1.24.1-1 (bug #497640)
-CVE-2008-3879 (The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 ...)
+CVE-2008-3879
 	NOT-FOR-US: ActiveX control in OfficeCtrl.ocx
-CVE-2008-3878 (Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control ...)
+CVE-2008-3878
 	NOT-FOR-US: ActiveX control in OfficeCtrl.ocx
-CVE-2008-3877 (Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 ...)
+CVE-2008-3877
 	NOT-FOR-US: Acoustica Mixcraft
-CVE-2008-3876 (Apple iPhone 2.0.2, in some configurations, allows physically ...)
+CVE-2008-3876
 	NOT-FOR-US: Apple iPhone
-CVE-2008-3875 (The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 ...)
+CVE-2008-3875
 	NOT-FOR-US: Sun Solaris 8
-CVE-2008-3874 (Cross-site scripting (XSS) vulnerability in account.php in Lussumo ...)
+CVE-2008-3874
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2008-3873 (The System.setClipboard method in ActionScript in Adobe Flash Player ...)
+CVE-2008-3873
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-3872 (Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, ...)
+CVE-2008-3872
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-3871 (Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and ...)
+CVE-2008-3871
 	NOT-FOR-US: UltraISO
-CVE-2008-3870 (Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote ...)
+CVE-2008-3870
 	NOT-FOR-US: Sun Solaris
-CVE-2008-3869 (Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows ...)
+CVE-2008-3869
 	NOT-FOR-US: Sun Solaris
-CVE-2008-3868 (Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 ...)
+CVE-2008-3868
 	NOT-FOR-US: Interact
-CVE-2008-3867 (SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 ...)
+CVE-2008-3867
 	NOT-FOR-US: Interact
-CVE-2008-3866 (The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend ...)
+CVE-2008-3866
 	NOT-FOR-US: Trend Micro Personal Firewall
-CVE-2008-3865 (Multiple heap-based buffer overflows in the ApiThread function in the ...)
+CVE-2008-3865
 	NOT-FOR-US: Trend Micro Network Security Component
-CVE-2008-3864 (The ApiThread function in the firewall service (aka TmPfw.exe) in ...)
+CVE-2008-3864
 	NOT-FOR-US: Trend Micro Network Security Component
-CVE-2008-3863 (Stack-based buffer overflow in the read_special_escape function in ...)
+CVE-2008-3863
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-3862 (Stack-based buffer overflow in CGI programs in the server in Trend ...)
+CVE-2008-3862
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-3861 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and ...)
+CVE-2008-3861
 	NOT-FOR-US: phpMyRealty
-CVE-2008-3860 (Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG ...)
+CVE-2008-3860
 	NOT-FOR-US: IBM, Lotus Quickr 8.1
-CVE-2008-3859 (Davlin Thickbox Gallery 2 allows remote attackers to obtain the ...)
+CVE-2008-3859
 	NOT-FOR-US: Davlin Thickbox Gallery
-CVE-2008-3858 (The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a ...)
+CVE-2008-3858
 	NOT-FOR-US: IBM DB2
-CVE-2008-3857 (The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 ...)
+CVE-2008-3857
 	NOT-FOR-US: IBM DB2
-CVE-2008-3856 (The routine infrastructure component in IBM DB2 8 before FP17, 9.1 ...)
+CVE-2008-3856
 	NOT-FOR-US: IBM DB2
-CVE-2008-3855 (Unspecified vulnerability in the DB2 Administration Server (DAS) in ...)
+CVE-2008-3855
 	NOT-FOR-US: IBM DB2
-CVE-2008-3854 (Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 ...)
+CVE-2008-3854
 	NOT-FOR-US: IBM DB2
-CVE-2008-3853 (Buffer overflow in the DAS server program in the Core DAS function ...)
+CVE-2008-3853
 	NOT-FOR-US: IBM DB2
-CVE-2008-3852 (Unspecified vulnerability in the CLR stored procedure deployment from ...)
+CVE-2008-3852
 	NOT-FOR-US: IBM DB2
-CVE-2008-3851 (Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on ...)
+CVE-2008-3851
 	NOT-FOR-US: Pluck CMS
-CVE-2008-3850 (Cross-site scripting (XSS) vulnerability in Accellion File Transfer ...)
+CVE-2008-3850
 	NOT-FOR-US: Accellion File Transfer
-CVE-2008-3849 (Cross-site scripting (XSS) vulnerability in the calendar controller in ...)
+CVE-2008-3849
 	NOT-FOR-US: Civic Website Manager
-CVE-2008-3848 (SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows ...)
+CVE-2008-3848
 	NOT-FOR-US: Z-Breaknews
-CVE-2008-3847 (Multiple cross-site scripting (XSS) vulnerabilities in AN Guestbook ...)
+CVE-2008-3847
 	NOT-FOR-US: AN Guestbook
-CVE-2008-3846 (Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and ...)
+CVE-2008-3846
 	NOT-FOR-US: mysql-lists
-CVE-2008-3845 (Multiple SQL injection vulnerabilities in Crafty Syntax Live Help ...)
+CVE-2008-3845
 	NOT-FOR-US: Crafty Syntax Live Help
 CVE-2008-XXXX [nfdump vulnerable to symlink attacks]
 	- nfdump 1.5.7-5 (bug #497452)
-CVE-2008-3889 (Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before ...)
+CVE-2008-3889
 	- postfix 2.5.5-1 (low)
 	[etch] - postfix <not-affected> (Vulnerable code not present)
 	NOTE: http://www.postfix.org/announcements/20080902.html
-CVE-2008-3908 (Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow ...)
+CVE-2008-3908
 	{DSA-1634-1 DTSA-163-1}
 	- wordnet 1:3.0-12 (medium; bug #497441)
 	[lenny] - wordnet 3.0-11+lenny1
 	[etch] - wordnet 1:2.1-4+etch1
 	NOTE: 1:3.0-12 had a regression and the patch was slightly updated
 	NOTE: by 1:3.0-13 to fix this bug
-CVE-2008-3907 (The open-in-browser command in newsbeuter before 1.1 allows remote ...)
+CVE-2008-3907
 	{DTSA-164-1 DTSA-164-2}
 	[lenny] - newsbeuter 0.9.1-1+lenny3
 	- newsbeuter 1.2-1 (medium)
 	NOTE: medium as versions < 1.0-1 didn't include a patch to wrap long article URLs so the
 	NOTE: crafted part of the URL can be hidden. This of course only affects people not reading
 	NOTE: articles in the built-in reader.
-CVE-2008-3920 (Unspecified vulnerability in BitlBee before 1.2.2 allows remote ...)
+CVE-2008-3920
 	- bitlbee 1.2.2-1
 	[etch] - bitlbee <not-affected> (1.0.x not affected)
-CVE-2008-4978 (radiance 3R9+20080530 allows local users to overwrite arbitrary files ...)
+CVE-2008-4978
 	- radiance 3R9+20080530-4 (low; bug #496423)
-CVE-2008-3844 (Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, ...)
+CVE-2008-3844
 	NOT-FOR-US: Red Hat services issue
-CVE-2008-3843 (Request Validation (aka the ValidateRequest filters) in ASP.NET in ...)
+CVE-2008-3843
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2008-3842 (Request Validation (aka the ValidateRequest filters) in ASP.NET in ...)
+CVE-2008-3842
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2008-3841 (Cross-site scripting (XSS) vulnerability in admin/search_links.php in ...)
+CVE-2008-3841
 	NOT-FOR-US: Freeway eCommerce
-CVE-2008-3840 (Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in ...)
+CVE-2008-3840
 	NOT-FOR-US: Crafty Syntax Live Help (CSLH)
-CVE-2008-3839 (Unspecified vulnerability in the NFS module in the kernel in Sun ...)
+CVE-2008-3839
 	NOT-FOR-US: Solaris
-CVE-2008-3838 (Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) ...)
+CVE-2008-3838
 	NOT-FOR-US: Solaris
-CVE-2008-3837 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey ...)
+CVE-2008-3837
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.3-1 (low)
 	- xulrunner 1.9.0.3-1 (low)
 	- iceape 1.1.12-1 (low)
-CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers ...)
+CVE-2008-3836
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
-CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox ...)
+CVE-2008-3835
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.1-1
 	- iceweasel 3.0.1-1
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
-CVE-2008-3834 (The dbus_signature_validate function in the D-bus library (libdbus) ...)
+CVE-2008-3834
 	{DSA-1658-1}
 	- dbus 1.2.1-4 (bug #501443)
-CVE-2008-3833 (The generic_file_splice_write function in fs/splice.c in the Linux ...)
+CVE-2008-3833
 	{DSA-1653-1}
 	- linux-2.6 2.6.19-1
 	- linux-2.6.24 <not-affected> (Fixed in upstream before 2.6.24)
-CVE-2008-3832 (A certain Fedora patch for the utrace subsystem in the Linux kernel ...)
+CVE-2008-3832
 	- linux-2.6 <not-affected> (Fedora-specific patch)
 	- linux-2.6.24 <not-affected> (Fedora-specific patch)
-CVE-2008-3831 (The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel ...)
+CVE-2008-3831
 	{DSA-1655-1}
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6 2.6.26-9
-CVE-2008-3830 (Condor before 7.0.5 does not properly handle when the configuration ...)
+CVE-2008-3830
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3829 (Unspecified vulnerability in the condor_ schedd daemon in Condor ...)
+CVE-2008-3829
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3828 (Stack-based buffer overflow in the condor_ schedd daemon in Condor ...)
+CVE-2008-3828
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3827 (Multiple integer underflows in the Real demuxer (demux_real.c) in ...)
+CVE-2008-3827
 	{DSA-1644-1 DTSA-168-1}
 	- mplayer 1.0~rc2-18 (medium; bug #500683)
 	NOTE: http://www.ocert.org/advisories/ocert-2008-013.html
-CVE-2008-3826 (Unspecified vulnerability in Condor before 7.0.5 allows attackers to ...)
+CVE-2008-3826
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3825 (pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when ...)
+CVE-2008-3825
 	NOT-FOR-US: Different code base than Debian's libpam-krb5
-CVE-2008-3824 (Cross-site scripting (XSS) vulnerability in (1) ...)
+CVE-2008-3824
 	{DSA-1642-1 DTSA-165-1}
 	- horde3 3.2.2+debian0-1 (low; bug #499579)
-CVE-2008-3823 (Cross-site scripting (XSS) vulnerability in MIME/MIME/Contents.php in ...)
+CVE-2008-3823
 	{DSA-1642-1 DTSA-165-1}
 	- horde3 3.2.2+debian0-1 (low; bug #499579)
 CVE-2008-3822
 	REJECTED
-CVE-2008-3821 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server ...)
+CVE-2008-3821
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3820 (Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event ...)
+CVE-2008-3820
 	NOT-FOR-US: Cisco Security Manager
-CVE-2008-3819 (dnsserver in Cisco Application Control Engine Global Site Selector ...)
+CVE-2008-3819
 	NOT-FOR-US: Cisco Application Control Engine Global Site Selector (GSS)
-CVE-2008-3818 (Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with ...)
+CVE-2008-3818
 	NOT-FOR-US: Cisco ONS
-CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series ...)
+CVE-2008-3817
 	NOT-FOR-US: Cisco
-CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2008-3816
 	NOT-FOR-US: Cisco
-CVE-2008-3815 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2008-3815
 	NOT-FOR-US: Cisco
-CVE-2008-3814 (Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x ...)
+CVE-2008-3814
 	NOT-FOR-US: Cisco
-CVE-2008-3813 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP ...)
+CVE-2008-3813
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3812 (Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) ...)
+CVE-2008-3812
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3811 (Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) ...)
+CVE-2008-3811
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3810 (Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) ...)
+CVE-2008-3810
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3809 (Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices ...)
+CVE-2008-3809
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3808 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote ...)
+CVE-2008-3808
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3807 (Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when ...)
+CVE-2008-3807
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3806 (Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 ...)
+CVE-2008-3806
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3805 (Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 ...)
+CVE-2008-3805
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3804 (Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) ...)
+CVE-2008-3804
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3803 (A &quot;logic error&quot; in Cisco IOS 12.0 through 12.4, when a Multiprotocol ...)
+CVE-2008-3803
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3802 (Unspecified vulnerability in the Session Initiation Protocol (SIP) ...)
+CVE-2008-3802
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3801 (Unspecified vulnerability in the Session Initiation Protocol (SIP) ...)
+CVE-2008-3801
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3800 (Unspecified vulnerability in the Session Initiation Protocol (SIP) ...)
+CVE-2008-3800
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3799 (Memory leak in the Session Initiation Protocol (SIP) implementation in ...)
+CVE-2008-3799
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3798 (Cisco IOS 12.4 allows remote attackers to cause a denial of service ...)
+CVE-2008-3798
 	NOT-FOR-US: Cisco IOS
 CVE-2008-3797
 	RESERVED
-CVE-2008-3796 (Swfdec 0.6 before 0.6.8 allows remote attackers to cause a denial of ...)
+CVE-2008-3796
 	- swfdec0.6 0.6.8-1
-CVE-2008-3795 (Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP ...)
+CVE-2008-3795
 	NOT-FOR-US: WS_FTP Home
 CVE-2008-3793
 	RESERVED
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-3792 (net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) ...)
+CVE-2008-3792
 	{DSA-1636-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-4
 	[etch] - linux-2.6 <not-affected>
-CVE-2008-3788 (Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, ...)
+CVE-2008-3788
 	NOT-FOR-US: PICTURESPRO Photo Cart 3.9
-CVE-2008-3787 (SQL injection vulnerability in listing_view.php in Web Directory ...)
+CVE-2008-3787
 	NOT-FOR-US: Web Directory Script
-CVE-2008-3786 (Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO ...)
+CVE-2008-3786
 	NOT-FOR-US: PICTURESPRO Photo Cart 3.9
-CVE-2008-3785 (Multiple SQL injection vulnerabilities in the com_content component in ...)
+CVE-2008-3785
 	NOT-FOR-US: MiaCMS
-CVE-2008-3784 (SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and ...)
+CVE-2008-3784
 	NOT-FOR-US: BtiTracker
-CVE-2008-3783 (Multiple SQL injection vulnerabilities in index.php in Matterdaddy ...)
+CVE-2008-3783
 	NOT-FOR-US: Matterdaddy Market
-CVE-2008-3782 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
+CVE-2008-3782
 	NOT-FOR-US: ACG-PTP
-CVE-2008-3781 (Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 ...)
+CVE-2008-3781
 	NOT-FOR-US: GMOD GBrowse
-CVE-2008-3780 (SQL injection vulnerability in recommend.php in Five Star Review ...)
+CVE-2008-3780
 	NOT-FOR-US: Five Star Review Script
-CVE-2008-3779 (Cross-site scripting (XSS) vulnerability in search/index.php in Five ...)
+CVE-2008-3779
 	NOT-FOR-US: Five Star Review Script
-CVE-2008-3778 (The remote management interface in SIP Enablement Services (SES) ...)
+CVE-2008-3778
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-3777 (The SIP Enablement Services (SES) Server in Avaya SIP Enablement ...)
+CVE-2008-3777
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-3776 (Directory traversal vulnerability in Fujitsu Web-Based Admin View ...)
+CVE-2008-3776
 	NOT-FOR-US: Fujitsu Web-Based Admin View
-CVE-2008-3775 (Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the ...)
+CVE-2008-3775
 	NOT-FOR-US: Folder Lock
-CVE-2008-3774 (SQL injection vulnerability in index.php in Simasy CMS allows remote ...)
+CVE-2008-3774
 	NOT-FOR-US: Simasy CMS
-CVE-2008-3773 (Cross-site scripting (XSS) vulnerability in vBulletin 3.7.2 PL1 and ...)
+CVE-2008-3773
 	NOT-FOR-US: vBulletin
-CVE-2008-3772 (SQL injection vulnerability in categories_portal.php in Pars4u ...)
+CVE-2008-3772
 	NOT-FOR-US: Pars4u Videosharing
-CVE-2008-3771 (Cross-site scripting (XSS) vulnerability in members.php in Pars4u ...)
+CVE-2008-3771
 	NOT-FOR-US: Pars4u Videosharing
-CVE-2008-3770 (Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, ...)
+CVE-2008-3770
 	NOT-FOR-US: Freeway
-CVE-2008-3769 (PHP remote file inclusion vulnerability in admin/create_order_new.php ...)
+CVE-2008-3769
 	NOT-FOR-US: Freeway
-CVE-2008-3768 (Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey ...)
+CVE-2008-3768
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2008-3767 (SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows ...)
+CVE-2008-3767
 	NOT-FOR-US: phpBazar
-CVE-2008-3766 (Realtime Internet Band Rehearsal Low-Latency (Internet) Connection ...)
+CVE-2008-3766
 	NOT-FOR-US: Realtime Internet Band Rehearsal Low-Latency (Internet) Connection tool (llcon)
-CVE-2008-3765 (SQL injection vulnerability in code.php in Quick Poll Script allows ...)
+CVE-2008-3765
 	NOT-FOR-US: Quick Poll Script
-CVE-2008-3764 (Eval injection vulnerability in globalsoff.php in Turnkey PHP Live ...)
+CVE-2008-3764
 	NOT-FOR-US: Turnkey PHP Live Helper
-CVE-2008-3763 (Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live ...)
+CVE-2008-3763
 	NOT-FOR-US: Turnkey PHP Live Helper
-CVE-2008-3762 (SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP ...)
+CVE-2008-3762
 	NOT-FOR-US: Turnkey PHP Live Helper
-CVE-2008-3761 (hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 ...)
+CVE-2008-3761
 	NOT-FOR-US: VMware Workstation
 	NOTE: we only share a package to build VMware
-CVE-2008-3760 (Cross-site request forgery (CSRF) vulnerability in the sign-out page ...)
+CVE-2008-3760
 	NOT-FOR-US: Vanilla
-CVE-2008-3759 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-3759
 	NOT-FOR-US: Vanilla
-CVE-2008-3758 (Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla ...)
+CVE-2008-3758
 	NOT-FOR-US: Vanilla
-CVE-2008-3757 (SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix ...)
+CVE-2008-3757
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3756 (SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing ...)
+CVE-2008-3756
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3755 (SQL injection vulnerability in view.php in YourFreeWorld Classifieds ...)
+CVE-2008-3755
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3754 (SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text ...)
+CVE-2008-3754
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3753 (SQL injection vulnerability in details.php in YourFreeWorld Programs ...)
+CVE-2008-3753
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3752 (SQL injection vulnerability in tr.php in YourFreeWorld Ad-Exchange ...)
+CVE-2008-3752
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3751 (SQL injection vulnerability in tr.php in YourFreeWorld Short Url &amp; Url ...)
+CVE-2008-3751
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3750 (SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator ...)
+CVE-2008-3750
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3749 (SQL injection vulnerability in tr.php in YourFreeWorld Banner ...)
+CVE-2008-3749
 	NOT-FOR-US: Banner Management Script
-CVE-2008-3748 (SQL injection vulnerability in view_group.php in Active PHP Bookmarks ...)
+CVE-2008-3748
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2008-4952 (emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite ...)
+CVE-2008-4952
 	- emacs-jabber 0.7.91-2 (low; bug #496428)
 	[etch] - emacs-jabber <no-dsa> (Minor issue)
-CVE-2008-4987 (xastir 1.9.2 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4987
 	- xastir 1.9.2-1.1 (low; bug #496383)
 	[etch] - xastir <no-dsa> (Minor issue)
-CVE-2008-4477 (alert.d/test.alert in mon 0.99.2 allows local users to overwrite ...)
+CVE-2008-4477
 	{DSA-1648-1}
 	- mon 0.99.2-13 (medium; bug #496398)
-CVE-2008-3790 (The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through ...)
+CVE-2008-3790
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #496808)
 	- ruby1.9 1.9.0.2-6 (bug #497610)
-CVE-2008-4939 (apertium 3.0.7 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4939
 	- apertium 3.0.7+1-1.1 (low; bug #496395)
 	[etch] - apertium <no-dsa> (Minor issue)
-CVE-2008-4946 (convirt 0.8.2 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4946
 	- convirt 0.9.6-1 (medium; bug #496419)
-CVE-2008-4942 (audiolink in audiolink 0.05 allows local users to overwrite arbitrary ...)
+CVE-2008-4942
 	- audiolink 0.05-1.1 (low; bug #496433)
 	[etch] - audiolink <no-dsa> (Minor issue)
-CVE-2008-4968 (The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users ...)
+CVE-2008-4968
 	- lmbench 3.0-a9-1 (low; bug #496427)
 	[etch] - lmbench <no-dsa> (Non-free not supported)
-CVE-2008-4975 (mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary ...)
+CVE-2008-4975
 	- newsgate <removed> (low; bug #496437)
 	[etch] - newsgate <no-dsa> (Non-free not supported)
-CVE-2008-4973 (i2myspell in myspell 3.1 allows local users to overwrite arbitrary ...)
+CVE-2008-4973
 	- myspell 1:3.0+pre3.1-21 (low; bug #496392)
 	[etch] - myspell <no-dsa> (Minor issue)
-CVE-2008-4976 (ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary ...)
+CVE-2008-4976
 	- ogle <removed> (unimportant; bug #496420; bug #496425)
 	NOTE: This only affects debugging scripts not present in standard path
-CVE-2008-3789 (Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb ...)
+CVE-2008-3789
 	{DTSA-161-1}
 	- samba 2:3.2.3-1 (bug #496073; medium)
 	[etch] - samba <not-affected> (Only affects Samba 3.2.x)
 CVE-2008-XXXX [insecure temp file in nvi]
 	- nvi 1.81.6-4 (low; bug #496462)
 	[etch] - nvi <no-dsa> (Minor issue, only exploitable in postinst)
-CVE-2008-4982 (rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary ...)
+CVE-2008-4982
 	- rkhunter 1.3.2-6 (low; bug #496375)
 	[etch] - rkhunter <no-dsa> (Minor issue, only in debug mode)
-CVE-2008-4984 (scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files ...)
+CVE-2008-4984
 	- scratchbox2 1.99.0.24-2 (low; bug #496409)
-CVE-2008-4981 (perl.robot in realtimebattle 1.0.8 allows local users to overwrite ...)
+CVE-2008-4981
 	- realtimebattle 1.0.8-8 (low; bug #496385)
 	[etch] - realtimebattle <no-dsa> (Minor issue)
-CVE-2008-4972 (mailgo in mgt 2.31 allows local users to overwrite arbitrary files via ...)
+CVE-2008-4972
 	- mgt 2.31-6 (low; bug #496434)
 	[etch] - mgt <no-dsa> (Minor issue)
-CVE-2008-4998 (** DISPUTED ** ...)
+CVE-2008-4998
 	- twiki 1:4.1.2-4 (low; bug #494648)
-CVE-2008-4971 (mafft-homologs in mafft 6.240 allows local users to overwrite ...)
+CVE-2008-4971
 	- mafft 6.240-2 (low; bug #496366)
-CVE-2008-4993 (qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary ...)
+CVE-2008-4993
 	- xen-3 3.4.0-1 (low; bug #496367)
 	[etch] - xen-3 <no-dsa> (Minor issue)
-CVE-2008-4936 (faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary ...)
+CVE-2008-4936
 	- mgetty 1.1.36-1.3 (low; bug #496403)
 	[etch] - mgetty <no-dsa> (Minor issue)
-CVE-2008-4476 (sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary ...)
+CVE-2008-4476
 	- sympa 5.3.4-5.1 (low; bug #496405; bug #494969)
 	[etch] - sympa <no-dsa> (Minor issues)
-CVE-2008-4935 (asciiview in aview 1.3.0 allows local users to overwrite arbitrary ...)
+CVE-2008-4935
 	- aview 1.3.0rc1-8.1 (low; bug #496422)
 	[etch] - aview <no-dsa> (Minor issue)
-CVE-2008-4956 (fwb_install in fwbuilder 2.1.19 allows local users to overwrite ...)
+CVE-2008-4956
 	- fwbuilder 2.1.19-5 (low; bug #496406)
 	[etch] - fwbuilder <no-dsa> (Minor issue)
-CVE-2008-4440 (The to-upgrade plugin in feta 1.4.16 allows local users to overwrite ...)
+CVE-2008-4440
 	{DSA-1643-1}
 	- feta 1.4.16+nmu1 (low; bug #496397)
-CVE-2008-4977 (** DISPUTED ** ...)
+CVE-2008-4977
 	- postfix <unfixed> (unimportant; bug #496401)
 	NOTE: Not enabled by default, needs manual modification of a script
-CVE-2008-4944 (writtercontrol in cdcontrol 1.90 allows local users to overwrite ...)
+CVE-2008-4944
 	- cdcontrol <removed> (low; bug #496438)
 	[etch] - cdcontrol <no-dsa> (Minor issue)
-CVE-2008-4951 (dtc 0.29.6 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4951
 	- dtc 0.29.10-1 (low; bug #496362)
-CVE-2008-4994 (The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local ...)
+CVE-2008-4994
 	- xmcd 2.6-21 (low; bug #496416)
 	[etch] - xmcd <no-dsa> (Minor issue)
-CVE-2008-4988 (pscal in xcal 4.1 allows local users to overwrite arbitrary files via ...)
+CVE-2008-4988
 	- xcal 4.1-19 (low; bug #496393)
 	[etch] - xcal <no-dsa> (Minor issue)
-CVE-2008-3791 (src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop ...)
+CVE-2008-3791
 	- gpicview 0.1.9-2 (low; bug #495968)
 	NOTE: http://sourceforge.net/tracker/index.php?func=detail&aid=2019481&group_id=180858&atid=894869
 CVE-2008-XXXX [Overwrite symlink without check]
@@ -8353,237 +8353,237 @@ CVE-2008-XXXX [Overwrite certain images without notice]
 	NOTE: http://sourceforge.net/tracker/index.php?func=detail&aid=2019492&group_id=180858&atid=894869
 	NOTE: non-issue, not exploitable by other users
 	NOTE: CVE id requested
-CVE-2008-4937 (senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite ...)
+CVE-2008-4937
 	- openoffice.org 1:2.4.1-8 (low; bug #496361)
 	[etch] - openoffice.org <not-affected> (Vulnerable code not present)
 	NOTE: also not present in 3.0.0, only in 2.4.1. Fix pending upload.
-CVE-2008-4979 (getipacctg in rancid 2.3.2~a8 allows local users to overwrite ...)
+CVE-2008-4979
 	- rancid 2.3.2~a8-2 (low; bug #496426)
 	[etch] - rancid <no-dsa> (Minor issue)
-CVE-2008-4985 (vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows ...)
+CVE-2008-4985
 	- vdr 1.6.0-6 (low; bug #496421)
 	[etch] - vdr <not-affected> (Vulnerable code not present)
-CVE-2008-5007 (create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to ...)
+CVE-2008-5007
 	- lazarus 0.9.24-0-11 (unimportant; bug #496377)
 	NOTE: vulnerable script only called when updating the source
 	NOTE: thus neither actively used nor invoked automatically
-CVE-2008-3794 (Integer signedness error in the mms_ReceiveCommand function in ...)
+CVE-2008-3794
 	{DSA-1819-1 DTSA-166-1}
 	- vlc 0.8.6.h-4 (medium; bug #496265)
-CVE-2008-3747 (The (1) get_edit_post_link and (2) get_edit_comment_link functions in ...)
+CVE-2008-3747
 	- wordpress 2.5.1-6 (low; bug #497216)
 	[etch] - wordpress <not-affected> (Does not have force-sll mechanism)
-CVE-2008-3746 (neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of ...)
+CVE-2008-3746
 	- neon27 0.28.2-4
 	- neon26 <not-affected> (Issue was introduced in 0.28)
-CVE-2008-3739 (Cross-site scripting (XSS) vulnerability in (1) System Consultants ...)
+CVE-2008-3739
 	NOT-FOR-US: La!Cooda WIZ
-CVE-2008-3738 (Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier ...)
+CVE-2008-3738
 	NOT-FOR-US: SpaceTag LacoodaST
-CVE-2008-3737 (Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 ...)
+CVE-2008-3737
 	NOT-FOR-US: La!Cooda WIZ
-CVE-2008-3736 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) ...)
+CVE-2008-3736
 	NOT-FOR-US: La!Cooda WIZ
-CVE-2008-3735 (Cross-site scripting (XSS) vulnerability in index.php in PHPizabi ...)
+CVE-2008-3735
 	NOT-FOR-US: PHPizabi
-CVE-2008-3734 (Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and ...)
+CVE-2008-3734
 	NOT-FOR-US: WS_FTP Home
-CVE-2008-3733 (Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote ...)
+CVE-2008-3733
 	NOT-FOR-US: EO Video
-CVE-2008-3732 (Integer overflow in the Open function in modules/demux/tta.c in VLC ...)
+CVE-2008-3732
 	{DTSA-166-1}
 	- vlc 0.8.6.h-2
 	[etch] - vlc <not-affected> (TTA module not present)
-CVE-2008-3731 (Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other ...)
+CVE-2008-3731
 	NOT-FOR-US: Serv-U File
-CVE-2008-3730 (Cross-site scripting (XSS) vulnerability in Nordicwind Document ...)
+CVE-2008-3730
 	NOT-FOR-US: NOAH
-CVE-2008-3729 (Web Based Administration in MicroWorld Technologies MailScan 5.6.a ...)
+CVE-2008-3729
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3728 (Web Based Administration in MicroWorld Technologies MailScan 5.6.a ...)
+CVE-2008-3728
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3727 (Directory traversal vulnerability in Web Based Administration in ...)
+CVE-2008-3727
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3726 (Cross-site scripting (XSS) vulnerability in Web Based Administration ...)
+CVE-2008-3726
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3725 (SQL injection vulnerability in trr.php in YourFreeWorld Ad Board ...)
+CVE-2008-3725
 	NOT-FOR-US: YourFreeWorld Ad Board Script
-CVE-2008-3724 (SQL injection vulnerability in index.php in Papoo before 3.7.2 allows ...)
+CVE-2008-3724
 	NOT-FOR-US: Papoo
-CVE-2008-3723 (Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 ...)
+CVE-2008-3723
 	NOT-FOR-US: PHPizabi
-CVE-2008-3722 (SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows ...)
+CVE-2008-3722
 	NOT-FOR-US: fipsCMS
-CVE-2008-3721 (PHP remote file inclusion vulnerability in user_language.php in DeeEmm ...)
+CVE-2008-3721
 	NOT-FOR-US: DeeEmm CMS
-CVE-2008-3720 (SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 ...)
+CVE-2008-3720
 	NOT-FOR-US: DeeEmm CMS
-CVE-2008-3719 (SQL injection vulnerability in directory.php in SFS Affiliate ...)
+CVE-2008-3719
 	NOT-FOR-US: SFS Affiliate Directory
-CVE-2008-3718 (Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote ...)
+CVE-2008-3718
 	NOT-FOR-US: cyberBB
-CVE-2008-3717 (Harmoni before 1.6.0 does not require administrative privileges to ...)
+CVE-2008-3717
 	NOT-FOR-US: Harmoni
-CVE-2008-3716 (Cross-site request forgery (CSRF) vulnerability in Harmoni before ...)
+CVE-2008-3716
 	NOT-FOR-US: Harmoni
-CVE-2008-3715 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-3715
 	NOT-FOR-US: FlexCMS
-CVE-2008-3714 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 ...)
+CVE-2008-3714
 	{DSA-1679-1}
 	- awstats 6.7.dfsg-5.1 (bug #495432; low)
 	NOTE: upstream bug 2001151
-CVE-2008-3713 (SQL injection vulnerability in product.php in PHPBasket allows remote ...)
+CVE-2008-3713
 	NOT-FOR-US: PHPBasket
-CVE-2008-3712 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and ...)
+CVE-2008-3712
 	NOT-FOR-US: Mambo
-CVE-2008-3711 (SQL injection vulnerability in index.php in PHPArcadeScript (PHP ...)
+CVE-2008-3711
 	NOT-FOR-US: PHPArcadeScript
-CVE-2008-3710 (Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 ...)
+CVE-2008-3710
 	NOT-FOR-US: CyBoards PHP Lite
-CVE-2008-3709 (Multiple cross-site scripting (XSS) vulnerabilities in CyBoards PHP ...)
+CVE-2008-3709
 	NOT-FOR-US: CyBoards PHP Lite
-CVE-2008-3708 (Multiple directory traversal vulnerabilities in dotCMS 1.6.0.9 allow ...)
+CVE-2008-3708
 	NOT-FOR-US: dotCMS
-CVE-2008-3707 (Multiple PHP remote file inclusion vulnerabilities in CyBoards PHP ...)
+CVE-2008-3707
 	NOT-FOR-US: CyBoards PHP Lite
-CVE-2008-3706 (SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 ...)
+CVE-2008-3706
 	NOT-FOR-US: ZEEJOBSITE
-CVE-2008-3705 (Stack-based buffer overflow in the CLogger::WriteFormated function in ...)
+CVE-2008-3705
 	NOT-FOR-US: EchoVNC Linux
-CVE-2008-3704 (Heap-based buffer overflow in the MaskedEdit ActiveX control in ...)
+CVE-2008-3704
 	NOT-FOR-US: Msmask32.ocx
-CVE-2008-3703 (The management console in the Volume Manager Scheduler Service (aka ...)
+CVE-2008-3703
 	NOT-FOR-US: Symantec Veritas Storage Foundation
-CVE-2008-3702 (Multiple stack-based buffer overflows in the Animation GIF ActiveX ...)
+CVE-2008-3702
 	NOT-FOR-US: SpeedBit Download Accelerator Plus
-CVE-2008-3701 (SQL injection vulnerability in staff/index.php in Kayako SupportSuite ...)
+CVE-2008-3701
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2008-3700 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako ...)
+CVE-2008-3700
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2008-3698 (Unspecified vulnerability in the OpenProcess function in VMware ...)
+CVE-2008-3698
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3697 (An unspecified ISAPI extension in VMware Server before 1.0.7 build ...)
+CVE-2008-3697
 	NOT-FOR-US: VMware Server on Windows
-CVE-2008-3696 (Unspecified vulnerability in a certain ActiveX control in VMware ...)
+CVE-2008-3696
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3695 (Unspecified vulnerability in a certain ActiveX control in VMware ...)
+CVE-2008-3695
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3694 (Unspecified vulnerability in a certain ActiveX control in VMware ...)
+CVE-2008-3694
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3693 (Unspecified vulnerability in a certain ActiveX control in VMware ...)
+CVE-2008-3693
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3692 (Unspecified vulnerability in a certain ActiveX control in VMware ...)
+CVE-2008-3692
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3691 (Unspecified vulnerability in a certain ActiveX control in VMware ...)
+CVE-2008-3691
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 CVE-2008-3690
 	RESERVED
 CVE-2008-3689
 	RESERVED
-CVE-2008-3688 (sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote ...)
+CVE-2008-3688
 	{DTSA-159-1}
 	- havp 0.88-1.1 (bug #496034)
-CVE-2008-3687 (Heap-based buffer overflow in the flask_security_label function in Xen ...)
+CVE-2008-3687
 	- xen-3 <not-affected> (Not compiled with XSM:FLASK)
-CVE-2008-3686 (The rt6_fill_node function in net/ipv6/route.c in Linux kernel ...)
+CVE-2008-3686
 	- linux-2.6.24 <not-affected> (Vulnerable code was introduced in 2.6.26)
 	- linux-2.6 2.6.26-5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.26)
-CVE-2008-3685 (Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent ...)
+CVE-2008-3685
 	NOT-FOR-US: EMC Documentum ApplicationXtender Workflow
-CVE-2008-3684 (Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service ...)
+CVE-2008-3684
 	NOT-FOR-US: EMC Documentum ApplicationXtender Workflow
-CVE-2008-3683 (Unspecified vulnerability in the FTP subsystem in Sun Java System Web ...)
+CVE-2008-3683
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2008-3682 (SQL injection vulnerability in dpage.php in YPN PHP Realty allows ...)
+CVE-2008-3682
 	NOT-FOR-US: YPN PHP Realty
-CVE-2008-3681 (components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does ...)
+CVE-2008-3681
 	NOT-FOR-US: Joomla!
-CVE-2008-3680 (The decryption function in Flagship Industries Ventrilo 3.0.2 and ...)
+CVE-2008-3680
 	NOT-FOR-US: Flagship Industries Ventrilo
-CVE-2008-3679 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-3679
 	NOT-FOR-US: IDevSpot PhpLinkExchange
-CVE-2008-3678 (Cross-site scripting (XSS) vulnerability in admin/search_links.php in ...)
+CVE-2008-3678
 	NOT-FOR-US: Freeway
-CVE-2008-3677 (Directory traversal vulnerability in ...)
+CVE-2008-3677
 	NOT-FOR-US: Freeway
-CVE-2008-3676 (Unspecified vulnerability in the IMAP server in hMailServer 4.4.1 ...)
+CVE-2008-3676
 	NOT-FOR-US: hMailServer
-CVE-2008-3675 (Directory traversal vulnerability in classes/imgsize.php in Gelato ...)
+CVE-2008-3675
 	NOT-FOR-US: Gelato
-CVE-2008-3674 (SQL injection vulnerability in ugroups.php in PozScripts TubeGuru ...)
+CVE-2008-3674
 	NOT-FOR-US: PozScripts TubeGuru Video Sharing Script
-CVE-2008-3673 (SQL injection vulnerability in browsecats.php in PozScripts Classified ...)
+CVE-2008-3673
 	NOT-FOR-US: PozScripts Classified Ads
-CVE-2008-3672 (SQL injection vulnerability in showcategory.php in PozScripts ...)
+CVE-2008-3672
 	NOT-FOR-US: PozScripts Classified Ads
-CVE-2008-3671 (Acronis True Image Echo Server 9.x build 8072 on Linux does not ...)
+CVE-2008-3671
 	NOT-FOR-US: Echo Server
-CVE-2008-3670 (SQL injection vulnerability in authordetail.php in Article Friendly ...)
+CVE-2008-3670
 	NOT-FOR-US: Article Friendly Pro
-CVE-2008-3669 (SQL injection vulnerability in comments.php in ZeeScripts Reviews ...)
+CVE-2008-3669
 	NOT-FOR-US: ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP
-CVE-2008-3668 (Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt ...)
+CVE-2008-3668
 	NOT-FOR-US: XOOPS
-CVE-2008-3667 (Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows ...)
+CVE-2008-3667
 	NOT-FOR-US: Maxthon Browser
-CVE-2008-3699 (The MagnatuneBrowser::listDownloadComplete function in ...)
+CVE-2008-3699
 	- amarok 1.4.10-1 (unimportant; bug #494765)
 	[etch] - amarok <not-affected>
 	NOTE: The code in question doesn't dereference the symlink, tested with Etch
 	NOTE: and Lenny. Given that it only takes a minute to test this, it's surprising
 	NOTE: that at least one vendor issued an advisory and upstream pushed a new release...
-CVE-2008-3740 (Cross-site scripting (XSS) vulnerability in the output filter in ...)
+CVE-2008-3740
 	{DTSA-156-1}
 	- drupal5 5.10-1 (low; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3741 (The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 ...)
+CVE-2008-3741
 	{DTSA-156-1}
 	- drupal5 5.10-1 (low; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3742 (Unrestricted file upload vulnerability in the BlogAPI module in Drupal ...)
+CVE-2008-3742
 	{DTSA-156-1}
 	- drupal5 5.10-1 (medium; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3743 (Multiple cross-site request forgery (CSRF) vulnerabilities in forms in ...)
+CVE-2008-3743
 	{DTSA-156-1}
 	- drupal5 <not-affected> (Vulnerable code not present)
 	- drupal-4.7 <removed>
-CVE-2008-3744 (Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal ...)
+CVE-2008-3744
 	{DTSA-156-1}
 	- drupal5 5.10-1 (low; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3745 (The Upload module in Drupal 6.x before 6.4 allows remote authenticated ...)
+CVE-2008-3745
 	{DTSA-156-1}
 	- drupal5 <not-affected> (Vulnerable code only present in 6.x)
 	- drupal-4.7 <removed>
-CVE-2008-3666 (Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before ...)
+CVE-2008-3666
 	NOT-FOR-US: Sun Solaris 10
 CVE-2008-3665
 	RESERVED
-CVE-2008-3664 (Multiple cross-site scripting (XSS) vulnerabilities in XRMS allow ...)
+CVE-2008-3664
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3663 (Squirrelmail 1.4.15 does not set the secure flag for the session ...)
+CVE-2008-3663
 	- squirrelmail 2:1.4.15-3 (low; bug #499942)
 	[etch] - squirrelmail <no-dsa> (less important and fix changes behaviour)
 	NOTE: only relevant for installations that are also offered over http
 	NOTE: which isn't normally a good idea anyway. Fixing in stable will
 	NOTE: change behaviour so not really suited for DSA.
-CVE-2008-3662 (Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure ...)
+CVE-2008-3662
 	- gallery 1.5.9-1
 	- gallery2 2.2.6-1
-CVE-2008-3661 (Drupal, probably 5.10 and 6.4, does not set the secure flag for the ...)
+CVE-2008-3661
 	- drupal5 5.10-2 (low; bug #501063)
 	- drupal6 6.4-2 (low; bug #501058)
 	NOTE: drupal upstreams advise the users to set session.cookie_secure in the php configuration
 	NOTE: to fix this has been documented in README.Debian
-CVE-2008-3660 (PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI ...)
+CVE-2008-3660
 	{DSA-1647-1}
 	- php5 5.2.6-4 (medium)
 	- php4 <removed>
 	NOTE: *not* duplicate after all, needs review
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.57&r2=1.267.2.15.2.58&view=patch
-CVE-2008-3659 (Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and ...)
+CVE-2008-3659
 	{DSA-1647-1}
 	- php4 <removed>
 	- php5 5.2.6-4 (medium)
@@ -8591,38 +8591,38 @@ CVE-2008-3659 (Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9
 	NOTE: (From upstream's ext/standard/tests/strings/explode_bug.phpt)
 	NOTE: could not reproduce locally
 	NOTE: fix in pkg-php svn for both etch and sid
-CVE-2008-3658 (Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP ...)
+CVE-2008-3658
 	{DSA-1647-1}
 	- php4 <removed>
 	- php5 5.2.6-4 (medium)
 	NOTE: fix in pkg-php svn for both etch and sid
-CVE-2008-3657 (The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, ...)
+CVE-2008-3657
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #494401)
 	- ruby1.9 1.9.0.2-6 (bug #494402)
 	NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
-CVE-2008-3656 (Algorithmic complexity vulnerability in the ...)
+CVE-2008-3656
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #494401)
 	- ruby1.9 1.9.0.2-6 (bug #494402)
 	NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
-CVE-2008-3655 (Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through ...)
+CVE-2008-3655
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #494401)
 	- ruby1.9 1.9.0.2-6 (bug #494402)
 	NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
-CVE-2008-3654 (Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows ...)
+CVE-2008-3654
 	- tikiwiki <removed>
-CVE-2008-3653 (Multiple unspecified vulnerabilities in TikiWiki CMS/Groupware before ...)
+CVE-2008-3653
 	- tikiwiki <removed>
-CVE-2008-3652 (src/racoon/handler.c in racoon in ipsec-tools does not remove an ...)
+CVE-2008-3652
 	- ipsec-tools 0.7.1-1.2 (low; bug #501026)
 	[etch] - ipsec-tools <no-dsa> (Minor issue)
 	NOTE: attacker needs to be authenticated, see https://bugzilla.redhat.com/show_bug.cgi?id=456660
-CVE-2008-3651 (Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools ...)
+CVE-2008-3651
 	- ipsec-tools 1:0.7.1-1 (low; bug #495214)
 	[etch] - ipsec-tools <no-dsa> (Minor issue)
-CVE-2008-3650 (Multiple unspecified vulnerabilities in Horde Groupware Webmail before ...)
+CVE-2008-3650
 	- horde3 3.2.1+debian0-1 (low; bug #495332)
 	- turba2 2.2.1-1
 	[etch] - turba2 <not-affected> (Vulnerable code not present)
@@ -8630,271 +8630,271 @@ CVE-2008-3650 (Multiple unspecified vulnerabilities in Horde Groupware Webmail b
 	NOTE: this is actually two issues:
 	NOTE: - one a dup of CVE-2008-3330 in horde3
 	NOTE: - another an issue in turba2
-CVE-2008-3649 (SQL injection vulnerability in categorydetail.php in Article Friendly ...)
+CVE-2008-3649
 	NOT-FOR-US: Article Friendly Standard
-CVE-2008-3648 (nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote ...)
+CVE-2008-3648
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-3647 (Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows ...)
+CVE-2008-3647
 	NOT-FOR-US: Mac OS
-CVE-2008-3646 (The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be ...)
+CVE-2008-3646
 	NOT-FOR-US: MacOS-only problem
-CVE-2008-3645 (Heap-based buffer overflow in the local IPC component in the ...)
+CVE-2008-3645
 	NOT-FOR-US: Mac OS
-CVE-2008-3644 (Apple Safari before 3.2 does not properly prevent caching of form data ...)
+CVE-2008-3644
 	NOT-FOR-US: Apple Safari
-CVE-2008-3643 (Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows ...)
+CVE-2008-3643
 	NOT-FOR-US: Mac OS
-CVE-2008-3642 (Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows ...)
+CVE-2008-3642
 	NOT-FOR-US: Mac OS
-CVE-2008-3641 (The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before ...)
+CVE-2008-3641
 	{DSA-1656-1}
 	- cupsys <removed>
 	- cups 1.3.8-1lenny2 (medium)
-CVE-2008-3640 (Integer overflow in the WriteProlog function in texttops in CUPS ...)
+CVE-2008-3640
 	{DSA-1656-1}
 	- cupsys <removed>
 	- cups 1.3.8-1lenny2 (medium)
-CVE-2008-3639 (Heap-based buffer overflow in the read_rle16 function in imagetops in ...)
+CVE-2008-3639
 	{DSA-1656-1}
 	- cupsys <removed>
 	- cups 1.3.8-1lenny2 (medium)
-CVE-2008-3638 (Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from ...)
+CVE-2008-3638
 	NOT-FOR-US: Mac OSX
-CVE-2008-3637 (The Hash-based Message Authentication Code (HMAC) provider in Java on ...)
+CVE-2008-3637
 	NOT-FOR-US: Mac OSX
-CVE-2008-3636 (Integer overflow in the IopfCompleteRequest API in the kernel in ...)
+CVE-2008-3636
 	NOT-FOR-US: Apple iTunes
-CVE-2008-3635 (Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an ...)
+CVE-2008-3635
 	NOT-FOR-US: Apple Quick Times
-CVE-2008-3634 (Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing ...)
+CVE-2008-3634
 	NOT-FOR-US: Apple iTunes
 CVE-2008-3633
 	RESERVED
-CVE-2008-3632 (Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through ...)
+CVE-2008-3632
 	- webkit 1.0.1-4 (bug #499771)
 	- qt4-x11 4:4.6.2-4 (bug #561760)
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against, Lenny is affected
 	NOTE: http://trac.webkit.org/changeset/34815
-CVE-2008-3631 (Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone ...)
+CVE-2008-3631
 	NOT-FOR-US: Apple iPod
-CVE-2008-3630 (mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an ...)
+CVE-2008-3630
 	NOT-FOR-US: Apple Bonjour
-CVE-2008-3629 (Apple QuickTime before 7.5.5 allows remote attackers to cause a denial ...)
+CVE-2008-3629
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3628 (Apple QuickTime before 7.5.5 on Windows allows remote attackers to ...)
+CVE-2008-3628
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3627 (Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms ...)
+CVE-2008-3627
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3626 (The CallComponentFunctionWithStorage function in Apple QuickTime ...)
+CVE-2008-3626
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3625 (Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows ...)
+CVE-2008-3625
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3624 (Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows ...)
+CVE-2008-3624
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3623 (Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 ...)
+CVE-2008-3623
 	NOT-FOR-US: Apple Safari on Windows
-CVE-2008-3622 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
+CVE-2008-3622
 	NOT-FOR-US: Mac OS X
-CVE-2008-3621 (VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 ...)
+CVE-2008-3621
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-3620
 	RESERVED
-CVE-2008-3619 (Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak ...)
+CVE-2008-3619
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3618 (The File Sharing pane in the Sharing preference pane in Apple Mac OS X ...)
+CVE-2008-3618
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3617 (Remote Management and Screen Sharing in Apple Mac OS X 10.5 through ...)
+CVE-2008-3617
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3616 (Multiple integer overflows in the SearchKit API in Apple Mac OS X ...)
+CVE-2008-3616
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3615 (ir50_32.qtx in an unspecified third-party Indeo v5 codec for ...)
+CVE-2008-3615
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3614 (Integer overflow in Apple QuickTime before 7.5.5 on Windows allows ...)
+CVE-2008-3614
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3613 (Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers ...)
+CVE-2008-3613
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3612 (The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and ...)
+CVE-2008-3612
 	NOT-FOR-US: Apple iPod
-CVE-2008-3611 (Login Window in Apple Mac OS X 10.4.11 does not clear the current ...)
+CVE-2008-3611
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3610 (Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, ...)
+CVE-2008-3610
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3609 (The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly ...)
+CVE-2008-3609
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3608 (ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows ...)
+CVE-2008-3608
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3607 (The IMAP server in NoticeWare Email Server NG 4.6.3 and earlier allows ...)
+CVE-2008-3607
 	NOT-FOR-US: NoticeWare Email Server NG
-CVE-2008-3606 (Heap-based buffer overflow in the IMAP service in Qbik WinGate ...)
+CVE-2008-3606
 	NOT-FOR-US: Qbik WinGate
-CVE-2008-3605 (Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, ...)
+CVE-2008-3605
 	NOT-FOR-US: McAfee Encrypted USB Manager
-CVE-2008-3604 (SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows ...)
+CVE-2008-3604
 	NOT-FOR-US: ZeeBuddy
-CVE-2008-3603 (SQL injection vulnerability in index.php in Vacation Rental Script 3.0 ...)
+CVE-2008-3603
 	NOT-FOR-US: Vacation Rental Script
-CVE-2008-3602 (admin/wr_admin.php in PHP-Ring Webring System (aka uPHP_ring_website) ...)
+CVE-2008-3602
 	NOT-FOR-US: PHP-Ring Webring System
-CVE-2008-3601 (SQL injection vulnerability in index.php in Quicksilver Forums 1.4.1 ...)
+CVE-2008-3601
 	NOT-FOR-US: Quicksilver Forums
-CVE-2008-3600 (Directory traversal vulnerability in contrib/phpBB2/modules.php in ...)
+CVE-2008-3600
 	- gallery <removed> (unimportant)
 	- gallery2 <not-affected> (Vulnerable code not present)
 	NOTE: We haven't supported installations with register_globals enabled since a long time
-CVE-2008-3599 (SQL injection vulnerability in image.php in OpenImpro 1.1 allows ...)
+CVE-2008-3599
 	NOT-FOR-US: OpenImpro
-CVE-2008-3598 (Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote ...)
+CVE-2008-3598
 	NOT-FOR-US: psipuss
-CVE-2008-3597 (Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial ...)
+CVE-2008-3597
 	NOT-FOR-US: Skulltag
-CVE-2008-3596 (Cross-site scripting (XSS) vulnerability in Harmoni before 1.4.7 ...)
+CVE-2008-3596
 	NOT-FOR-US: Harmoni
-CVE-2008-3595 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-3595
 	NOT-FOR-US: txtSQL
-CVE-2008-3594 (SQL injection vulnerability in viewdetails.php in MagicScripts E-Store ...)
+CVE-2008-3594
 	NOT-FOR-US: MagicScripts E-Store
-CVE-2008-3593 (Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows ...)
+CVE-2008-3593
 	NOT-FOR-US: SyzygyCMS
-CVE-2008-3592 (Unrestricted file upload vulnerability in the File Manager in the ...)
+CVE-2008-3592
 	NOT-FOR-US: Twentyone Degrees Symphony 1.7.01
-CVE-2008-3591 (SQL injection vulnerability in lib/class.admin.php in Twentyone ...)
+CVE-2008-3591
 	NOT-FOR-US: Twentyone Degrees Symphony 1.7.01
-CVE-2008-3590 (Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. ...)
+CVE-2008-3590
 	NOT-FOR-US: E. Z. Poll 2
-CVE-2008-3589 (Directory traversal vulnerability in download.php in moziloCMS 1.10.1, ...)
+CVE-2008-3589
 	NOT-FOR-US: mozilo CMS 1.10.1
-CVE-2008-3588 (Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote ...)
+CVE-2008-3588
 	NOT-FOR-US: phsBlog 0.1.1
-CVE-2008-3587 (Cross-site scripting (XSS) vulnerability in result.php in Chris ...)
+CVE-2008-3587
 	NOT-FOR-US: Homes 4 Sale
-CVE-2008-3586 (SQL injection vulnerability in the EZ Store (com_ezstore) component ...)
+CVE-2008-3586
 	NOT-FOR-US: EZ Store (com_ezstore) component for Joomla!
-CVE-2008-3585 (Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP ...)
+CVE-2008-3585
 	NOT-FOR-US: PozScripts GreenCart PHP Shopping Cart
-CVE-2008-3584 (NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not ...)
+CVE-2008-3584
 	NOT-FOR-US: NetBSD
-CVE-2008-3583 (Buffer overflow in the HTML parser in IntelliTamper 2.07 allows remote ...)
+CVE-2008-3583
 	NOT-FOR-US: IntelliTamper 2.07
-CVE-2008-3582 (SQL injection vulnerability in login.php in Keld PHP-MySQL News Script ...)
+CVE-2008-3582
 	NOT-FOR-US: Keld PHP-MySQL News Script 0.7.1
-CVE-2008-3581 (Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links ...)
+CVE-2008-3581
 	NOT-FOR-US: Qsoft K-Links
-CVE-2008-3580 (Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote ...)
+CVE-2008-3580
 	NOT-FOR-US: Qsoft K-Links
-CVE-2008-3579 (Calacode @Mail 5.41 on Linux does not require administrative ...)
+CVE-2008-3579
 	NOT-FOR-US: Calacode Atmail
-CVE-2008-3578 (HydraIRC 0.3.164 and earlier allows remote attackers to cause a denial ...)
+CVE-2008-3578
 	NOT-FOR-US: HydraIRC
-CVE-2008-3577 (Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows ...)
+CVE-2008-3577
 	- openttd 0.6.2-1 (unimportant)
 	NOTE: no vulnerability at all, not exploitable remote or local, openttd
-CVE-2008-3576 (Buffer overflow in the TruncateString function in src/gfx.cpp in ...)
+CVE-2008-3576
 	- openttd 0.6.2-1
-CVE-2008-3575 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-3575
 	NOT-FOR-US: ezContents CMS
-CVE-2008-3574 (Multiple cross-site scripting (XSS) vulnerabilities in Pluck 4.5.2, ...)
+CVE-2008-3574
 	NOT-FOR-US: Pluck CMS
-CVE-2008-3573 (The CAPTCHA implementation in (1) Pligg 9.9.5 and possibly (2) ...)
+CVE-2008-3573
 	NOT-FOR-US: Pligg
-CVE-2008-3572 (Cross-site scripting (XSS) vulnerability in index.php in Pligg 9.9.5 ...)
+CVE-2008-3572
 	NOT-FOR-US: Pligg
-CVE-2008-3571 (The Xerox Phaser 8400 allows remote attackers to cause a denial of ...)
+CVE-2008-3571
 	NOT-FOR-US: Xerox Phaser 8400
-CVE-2008-3570 (PHP remote file inclusion vulnerability in index.php in Africa Be Gone ...)
+CVE-2008-3570
 	NOT-FOR-US: Africa Be Gone
-CVE-2008-3569 (Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.6.7, ...)
+CVE-2008-3569
 	NOT-FOR-US: XAMPP
-CVE-2008-3568 (Absolute path traversal vulnerability in ...)
+CVE-2008-3568
 	- fckeditor <not-affected> (Vulnerable code not present)
 	NOTE: unak specific change, see fckeditor/unak_changes.txt in source
-CVE-2008-3567 (Cross-zone scripting vulnerability in the NowPlaying functionality in ...)
+CVE-2008-3567
 	NOT-FOR-US: NullSoft Winamp
-CVE-2008-3566 (Cross-site scripting (XSS) vulnerability in ZoneO-soft freeForum 1.7 ...)
+CVE-2008-3566
 	NOT-FOR-US: ZoneO-soft freeForum
-CVE-2008-3565 (Multiple cross-site scripting (XSS) vulnerabilities in Meeting Room ...)
+CVE-2008-3565
 	NOT-FOR-US: Meeting Room Booking System (MRBS)
-CVE-2008-3564 (Multiple directory traversal vulnerabilities in index.php in Dayfox ...)
+CVE-2008-3564
 	NOT-FOR-US: Dayfox Blog
-CVE-2008-3563 (Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier ...)
+CVE-2008-3563
 	NOT-FOR-US: Plogger
-CVE-2008-3562 (Directory traversal vulnerability in index.php in the Contact module ...)
+CVE-2008-3562
 	NOT-FOR-US: Chupix CMS
-CVE-2008-3561 (SQL injection vulnerability in s03.php in Powergap Shopsystem, when ...)
+CVE-2008-3561
 	NOT-FOR-US: Powergap Shopsystem
-CVE-2008-3560 (Cross-site scripting (XSS) vulnerability in kshop_search.php in the ...)
+CVE-2008-3560
 	NOT-FOR-US: Kshop module for Xoops
-CVE-2008-3559 (Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice ...)
+CVE-2008-3559
 	NOT-FOR-US: KAPhotoservice
-CVE-2008-3558 (Stack-based buffer overflow in the WebexUCFObject ActiveX control in ...)
+CVE-2008-3558
 	NOT-FOR-US: Webex Meeting Manager (Windows)
-CVE-2008-3557 (Free Hosting Manager 1.2 and 2.0 allows remote attackers to bypass ...)
+CVE-2008-3557
 	NOT-FOR-US: Free Hosting Manager
-CVE-2008-3556 (Multiple SQL injection vulnerabilities in index.php in Battle.net Clan ...)
+CVE-2008-3556
 	NOT-FOR-US: Battle.net Clan Script
-CVE-2008-3555 (Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 ...)
+CVE-2008-3555
 	NOT-FOR-US: Wsn Knowledge Base
-CVE-2008-3554 (SQL injection vulnerability in index.php in Discuz! 6.0.1 allows ...)
+CVE-2008-3554
 	NOT-FOR-US: Discuz!
-CVE-2008-3553 (Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition ...)
+CVE-2008-3553
 	NOT-FOR-US: Nokia Series 40 3rd edition devices
-CVE-2008-3552 (Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition ...)
+CVE-2008-3552
 	NOT-FOR-US: Nokia Series 40 3rd edition devices
-CVE-2008-3551 (Multiple unspecified vulnerabilities in Sun Java Platform Micro ...)
+CVE-2008-3551
 	NOT-FOR-US: Sun Java Platform Micro Edition
-CVE-2008-3550 (The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote ...)
+CVE-2008-3550
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2008-3549 (Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in ...)
+CVE-2008-3549
 	NOT-FOR-US: Sun Solaris 10 and OpenSolaris
-CVE-2008-3548 (Unspecified vulnerability in the Sun Netra T5220 Server with firmware ...)
+CVE-2008-3548
 	NOT-FOR-US: Sun Netra T5220 Server
-CVE-2008-3545 (Unspecified vulnerability in ovtopmd in HP OpenView Network Node ...)
+CVE-2008-3545
 	NOT-FOR-US: HP OpenView
-CVE-2008-3544 (Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView ...)
+CVE-2008-3544
 	NOT-FOR-US: HP OpenView
-CVE-2008-3543 (Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on ...)
+CVE-2008-3543
 	NOT-FOR-US: HP-UX
-CVE-2008-3542 (Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 ...)
+CVE-2008-3542
 	NOT-FOR-US: HP Insight Diagnostics
 CVE-2008-3541
 	REJECTED
 CVE-2008-3540
 	RESERVED
-CVE-2008-3539 (Unspecified vulnerability in HP OpenView Select Identity (HPSI) ...)
+CVE-2008-3539
 	NOT-FOR-US: HP OpenView Select Identity (HPSI)
-CVE-2008-3538 (Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 ...)
+CVE-2008-3538
 	NOT-FOR-US: HP Enterprise Discovery
-CVE-2008-3537 (Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node ...)
+CVE-2008-3537
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-3536 (Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node ...)
+CVE-2008-3536
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-3535 (Off-by-one error in the iov_iter_advance function in mm/filemap.c in ...)
+CVE-2008-3535
 	{DSA-1636-1}
 	- linux-2.6 2.6.26-2
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	NOTE: 94ad374a0751f40d25e22e036c37f7263569d24c
 	NOTE: Fixed in 2.6.25.14 and 2.6.26.1
-CVE-2008-3534 (The shmem_delete_inode function in mm/shmem.c in the tmpfs ...)
+CVE-2008-3534
 	{DSA-1636-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-2
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: 14fcc23fdc78e9d32372553ccf21758a9bd56fa1
 	NOTE: Fixed in 2.6.25.14 and 2.6.26.1
-CVE-2008-3533 (Format string vulnerability in the window_error function in ...)
+CVE-2008-3533
 	{DTSA-154-1}
 	- yelp 2.22.1-4 (low)
 	[etch] - yelp <not-affected> (Vulnerable code not present)
-CVE-2008-3531 (Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in ...)
+CVE-2008-3531
 	- kfreebsd-7 7.0-5
-CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD ...)
+CVE-2008-3530
 	- kfreebsd-6 6.3-7
 	- kfreebsd-7 7.0-5
-CVE-2008-3529 (Heap-based buffer overflow in the xmlParseAttValueComplex function in ...)
+CVE-2008-3529
 	{DSA-1654-1}
 	- libxml2 2.6.32.dfsg-4 (bug #498768)
-CVE-2008-3528 (The error-reporting functionality in (1) fs/ext2/dir.c, (2) ...)
+CVE-2008-3528
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
@@ -8912,144 +8912,144 @@ CVE-2008-3528 (The error-reporting functionality in (1) fs/ext2/dir.c, (2) ...)
 	NOTE: mount an arbitrary filesystem image (at which point why not just
 	NOTE: include a setuid shell or world-writable hard disk device file or some
 	NOTE: such). Me, I think they're just being silly.
-CVE-2008-3527 (arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects ...)
+CVE-2008-3527
 	{DSA-1687-1}
 	- linux-2.6 2.6.21-1
-CVE-2008-3526 (Integer overflow in the sctp_setsockopt_auth_key function in ...)
+CVE-2008-3526
 	{DSA-1636-1}
 	- linux-2.6 2.6.26-4
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	[etch] - linux-2.6 <not-affected>
-CVE-2008-3525 (The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem ...)
+CVE-2008-3525
 	{DSA-1655-1 DSA-1653-1}
 	- linux-2.6 2.6.26-7
 	- linux-2.6.24 2.6.24-6~etchnhalf.6
-CVE-2008-3524 (rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux ...)
+CVE-2008-3524
 	NOT-FOR-US: rc.sysinit on Fedora
 CVE-2008-3523
 	RESERVED
-CVE-2008-3522 (Buffer overflow in the jas_stream_printf function in ...)
+CVE-2008-3522
 	{DSA-2080-1}
 	- jasper 1.900.1-5.1 (medium; bug #501021)
 	- ghostscript 8.64~dfsg-2 (medium; bug #559778)
 	- gs-gpl <removed> (medium; bug #561717)
 	- netpbm-free <not-affected> (dynamically links to ghostscript if available)
-CVE-2008-3521 (Race condition in the jas_stream_tmpfile function in ...)
+CVE-2008-3521
 	- jasper 1.900.1-5.1 (unimportant; bug #501021)
 	NOTE: file is opened with O_EXCL even if tmpnam is used in this case
-CVE-2008-3520 (Multiple integer overflows in JasPer 1.900.1 might allow ...)
+CVE-2008-3520
 	- jasper 1.900.1-5.1 (medium; bug #501021)
 	- ghostscript 8.64~dfsg-2 (low; bug #559778)
 	[lenny] - ghostscript <not-affected> (Too intrusive to backport)
 	- gs-gpl <removed> (low; bug #561717)
 	- netpbm-free <not-affected> (dynamically links to ghostscript if available)
-CVE-2008-3519 (The default configuration of the JBossAs component in Red Hat JBoss ...)
+CVE-2008-3519
 	- jbossas4 <not-affected> (configuration not yet included in Debian package)
 CVE-2008-3518
 	REJECTED
 CVE-2008-3517
 	REJECTED
-CVE-2008-3516 (Multiple cross-site scripting (XSS) vulnerabilities in files generated ...)
+CVE-2008-3516
 	NOT-FOR-US: Adobe Presenter
-CVE-2008-3515 (Multiple cross-site scripting (XSS) vulnerabilities in files generated ...)
+CVE-2008-3515
 	NOT-FOR-US: Adobe Presenter
-CVE-2008-3514 (VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 ...)
+CVE-2008-3514
 	NOT-FOR-US: VMware VirtualCenter
-CVE-2008-3513 (SQL injection vulnerability in the Book Catalog module 1.0 for ...)
+CVE-2008-3513
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-3512 (SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke ...)
+CVE-2008-3512
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-3511 (Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image ...)
+CVE-2008-3511
 	NOT-FOR-US: Softbiz Image Gallery
-CVE-2008-3510 (Cross-site scripting (XSS) vulnerability in livehelp_js.php in Crafty ...)
+CVE-2008-3510
 	NOT-FOR-US: Crafty Syntax Live Help (CSLH)
-CVE-2008-3509 (LoveCMS 1.6.2 does not require administrative authentication for (1) ...)
+CVE-2008-3509
 	NOT-FOR-US: LoveCMS
-CVE-2008-3508 (LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote ...)
+CVE-2008-3508
 	NOT-FOR-US: LiteNews
-CVE-2008-3507 (SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and ...)
+CVE-2008-3507
 	NOT-FOR-US: LiteNews
-CVE-2008-3506 (SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows ...)
+CVE-2008-3506
 	NOT-FOR-US: PolyPager
-CVE-2008-3505 (Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and ...)
+CVE-2008-3505
 	NOT-FOR-US: PolyPager
-CVE-2008-3504 (Unspecified vulnerability in mask PHP File Manager (mPFM) before 2.3 ...)
+CVE-2008-3504
 	NOT-FOR-US: mask PHP File Manager (mPFM)
-CVE-2008-3503 (RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict ...)
+CVE-2008-3503
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2008-3502 (Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through ...)
+CVE-2008-3502
 	NOT-FOR-US: Best Practical Solutions RT
-CVE-2008-3501 (Cross-site scripting (XSS) vulnerability in the WebAccess simple ...)
+CVE-2008-3501
 	NOT-FOR-US: Novell Groupwise
-CVE-2008-3500 (Cross-site scripting (XSS) vulnerability in the Suggested Terms module ...)
+CVE-2008-3500
 	NOT-FOR-US: suggested terms, additional drupal module
-CVE-2008-3499 (Unspecified vulnerability in &quot;a page in the workarea folder&quot; in Ektron ...)
+CVE-2008-3499
 	NOT-FOR-US: Ektron CMS400.NET
-CVE-2008-3498 (SQL injection vulnerability in the nBill (com_netinvoice) component ...)
+CVE-2008-3498
 	NOT-FOR-US: nBill, joomla component
-CVE-2008-3497 (SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows ...)
+CVE-2008-3497
 	NOT-FOR-US: MyPHP CMS
-CVE-2008-3496 (Buffer overflow in format descriptor parsing in the uvc_parse_format ...)
+CVE-2008-3496
 	- linux-2.6 2.6.26-2
 	[etch] - linux-2.6 <not-affected> (code not present)
 	- linux-2.6.24 <not-affected> (code not present)
-CVE-2008-3495 (SQL injection vulnerability in kategori.asp in Pcshey Portal allows ...)
+CVE-2008-3495
 	NOT-FOR-US: Pcshey Portal
-CVE-2008-3494 (8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass ...)
+CVE-2008-3494
 	NOT-FOR-US: 8e6 R3000 Internet Filter
-CVE-2008-3493 (vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC ...)
+CVE-2008-3493
 	NOT-FOR-US: RealVNC Windows Client
-CVE-2008-3492 (America's Army (aka AA or Army Game Project) 2.8.3.1 and earlier ...)
+CVE-2008-3492
 	NOT-FOR-US: America's Army (aka AA or Army Game Project)
-CVE-2008-3491 (SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and ...)
+CVE-2008-3491
 	NOT-FOR-US: Scripts24 iPost
-CVE-2008-3490 (SQL injection vulnerability in members/mail.php in E-topbiz Online ...)
+CVE-2008-3490
 	NOT-FOR-US: E-topbiz Online Dating 3
-CVE-2008-3489 (SQL injection vulnerability in checkCookie function in ...)
+CVE-2008-3489
 	NOT-FOR-US: PHPX
-CVE-2008-3488 (Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) ...)
+CVE-2008-3488
 	NOT-FOR-US: Novell iManager
-CVE-2008-3487 (SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced ...)
+CVE-2008-3487
 	NOT-FOR-US: PHPAuction GPL Enhanced
-CVE-2008-3486 (Directory traversal vulnerability in the user_get_profile function in ...)
+CVE-2008-3486
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-3485 (Untrusted search path vulnerability in Citrix MetaFrame Presentation ...)
+CVE-2008-3485
 	NOT-FOR-US: Citrix MetaFrame Presentation Server
-CVE-2008-3532 (The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL ...)
+CVE-2008-3532
 	- pidgin 2.4.3-2 (bug #492434)
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
 	NOTE: http://developer.pidgin.im/ticket/6500
-CVE-2008-3546 (Stack-based buffer overflow in the (1) diff_addremove and (2) ...)
+CVE-2008-3546
 	{DSA-1637-1 DTSA-153-1 DTSA-153-2}
 	- git-core 1:1.5.6.5 (medium; bug #494097)
-CVE-2008-3484 (SQL injection vulnerability in eStoreAff 0.1 allows remote attackers ...)
+CVE-2008-3484
 	NOT-FOR-US: eStoreAff
-CVE-2008-3483 (Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and ...)
+CVE-2008-3483
 	NOT-FOR-US: ScrewTurn Wiki
-CVE-2008-3482 (Cross-site scripting (XSS) vulnerability in the error page feature in ...)
+CVE-2008-3482
 	NOT-FOR-US: Panasonic Network Camera
-CVE-2008-3481 (themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and ...)
+CVE-2008-3481
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-3480 (Stack-based buffer overflow in the Anzio Web Print Object (WePO) ...)
+CVE-2008-3480
 	NOT-FOR-US: Anzio Web Print Object
-CVE-2008-3479 (Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) ...)
+CVE-2008-3479
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-3478
 	REJECTED
-CVE-2008-3477 (Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not ...)
+CVE-2008-3477
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-3476 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle ...)
+CVE-2008-3476
 	NOT-FOR-US: Microsoft
-CVE-2008-3475 (Microsoft Internet Explorer 6 does not properly handle errors related ...)
+CVE-2008-3475
 	NOT-FOR-US: Microsoft
-CVE-2008-3474 (Microsoft Internet Explorer 6 and 7 does not properly determine the ...)
+CVE-2008-3474
 	NOT-FOR-US: Microsoft
-CVE-2008-3473 (Microsoft Internet Explorer 6 and 7 does not properly determine the ...)
+CVE-2008-3473
 	NOT-FOR-US: Microsoft
-CVE-2008-3472 (Microsoft Internet Explorer 6 and 7 does not properly determine the ...)
+CVE-2008-3472
 	NOT-FOR-US: Microsoft
-CVE-2008-3471 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, ...)
+CVE-2008-3471
 	NOT-FOR-US: Microsoft
 CVE-2008-3470
 	REJECTED
@@ -9059,11 +9059,11 @@ CVE-2008-3468
 	REJECTED
 CVE-2008-3467
 	REJECTED
-CVE-2008-3466 (Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not ...)
+CVE-2008-3466
 	NOT-FOR-US: Microsoft
-CVE-2008-3465 (Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 ...)
+CVE-2008-3465
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft ...)
+CVE-2008-3464
 	NOT-FOR-US: Microsoft
 CVE-2008-3463
 	REJECTED
@@ -9071,603 +9071,603 @@ CVE-2008-3462
 	REJECTED
 CVE-2008-3461
 	REJECTED
-CVE-2008-3460 (WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; ...)
+CVE-2008-3460
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3459 (Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when ...)
+CVE-2008-3459
 	- openvpn 2.1~rc9-1 (low; bug #493488)
 	NOTE: pull/push needs to be allowed, successful authentication, compromised or malicious server
 	[etch] - openvpn <not-affected> (Upstream states that the 2.0.x versions are unaffected)
-CVE-2008-3458 (Vtiger CRM before 5.0.4 stores sensitive information under the web ...)
+CVE-2008-3458
 	NOT-FOR-US: Vtiger CRM
-CVE-2008-3457 (Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin ...)
+CVE-2008-3457
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.8~rc1-1
 	NOTE: if an attacker can write arbitrary content to config/config.php you have way more problems than this XSS
-CVE-2008-3455 (PHP remote file inclusion vulnerability in include/admin.php in ...)
+CVE-2008-3455
 	NOT-FOR-US: JnSHosts PHP Hosting Directory
-CVE-2008-3454 (JnSHosts PHP Hosting Directory 2.0 allows remote attackers to bypass ...)
+CVE-2008-3454
 	NOT-FOR-US: JnSHosts PHP Hosting Directory
-CVE-2008-3453 (Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown ...)
+CVE-2008-3453
 	NOT-FOR-US: ImpressCMS
-CVE-2008-3452 (SQL injection vulnerability in the Calendar module in eNdonesia 8.4 ...)
+CVE-2008-3452
 	NOT-FOR-US: eNdonesia
-CVE-2008-3451 (PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with ...)
+CVE-2008-3451
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-3450 (Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 ...)
+CVE-2008-3450
 	NOT-FOR-US: Solaris
-CVE-2008-3449 (MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote ...)
+CVE-2008-3449
 	NOT-FOR-US: MailEnable
-CVE-2008-3448 (Cross-site scripting (XSS) vulnerability in index.php in common ...)
+CVE-2008-3448
 	NOT-FOR-US: csphonebook
-CVE-2008-3447 (The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote ...)
+CVE-2008-3447
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2008-3446 (Directory traversal vulnerability in inc/wysiwyg.php in LetterIt 2 ...)
+CVE-2008-3446
 	NOT-FOR-US: LetterIt
-CVE-2008-3445 (SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 ...)
+CVE-2008-3445
 	NOT-FOR-US: phpMyRealty
-CVE-2008-3444 (The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows ...)
+CVE-2008-3444
 	- iceweasel <removed> (unimportant)
 	NOTE: browser dos not treated as security issues
-CVE-2008-3443 (The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, ...)
+CVE-2008-3443
 	{DSA-1695-1}
 	- ruby1.8 1.8.7.72-1 (low; bug #494401)
 	- ruby1.9 1.9.0.2-9 (low)
 	NOTE: Upstream commits 18212 (for 1.8) and 18213 (for 1.9).
 	NOTE: this specific problem does not exist in ruby1.9 but a very similar problem
 	NOTE: that has been fixed in this version (308_regexp_segv.dpatch)
-CVE-2008-3442 (WinZip before 11.0 does not properly verify the authenticity of ...)
+CVE-2008-3442
 	NOT-FOR-US: WinZip
-CVE-2008-3441 (Nullsoft Winamp before 5.24 does not properly verify the authenticity ...)
+CVE-2008-3441
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2008-3440 (Sun Java 1.6.0_03 and earlier versions, and possibly later versions, ...)
+CVE-2008-3440
 	- sun-java5 <not-affected> (only java updater for windows affected)
 	- sun-java6 <not-affected> (only java updater for windows affected)
-CVE-2008-3439 (SpeedBit Video Acceleration before 2.2.1.8 does not properly verify ...)
+CVE-2008-3439
 	NOT-FOR-US: SpeedBit Video Acceleration
-CVE-2008-3438 (Apple Mac OS X does not properly verify the authenticity of updates, ...)
+CVE-2008-3438
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3437 (OpenOffice.org (OOo) before 2.1.0 does not properly verify the ...)
+CVE-2008-3437
 	- openoffice.org <not-affected> (update feature disabled)
-CVE-2008-3436 (The GUP generic update process in Notepad++ before 4.8.1 does not ...)
+CVE-2008-3436
 	NOT-FOR-US: Notepad++
-CVE-2008-3435 (LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly ...)
+CVE-2008-3435
 	NOT-FOR-US: LinkedIn
-CVE-2008-3434 (Apple iTunes before 10.5.1 does not properly verify the authenticity ...)
+CVE-2008-3434
 	NOT-FOR-US: Apple iTunes
-CVE-2008-3433 (SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not ...)
+CVE-2008-3433
 	NOT-FOR-US: SpeedBit Download Accelerator Plus
-CVE-2008-3432 (Heap-based buffer overflow in the mch_expand_wildcards function in ...)
+CVE-2008-3432
 	- vim <not-affected> (Vulnerable code only present in 6.2 and 6.3, none of them in the archive anymore)
-CVE-2008-3430 (Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in ...)
+CVE-2008-3430
 	NOT-FOR-US: Eyeball MessengerSDK
-CVE-2008-3428 (Session fixation vulnerability in phpFreeChat 1.1 allows remote ...)
+CVE-2008-3428
 	NOT-FOR-US: phpFreeChat
 CVE-2008-3427
 	REJECTED
-CVE-2008-3426 (Unspecified vulnerability in the Solaris Platform Information and ...)
+CVE-2008-3426
 	NOT-FOR-US: Solaris
-CVE-2008-3425 (Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin ...)
+CVE-2008-3425
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2008-3424 (Condor before 7.0.4 does not properly handle wildcards in the ...)
+CVE-2008-3424
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3423 (IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to ...)
+CVE-2008-3423
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2008-3422 (Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net ...)
+CVE-2008-3422
 	- mono 1.9.1+dfsg-4 (low; bug #494406)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=413534
 	NOTE: http://n2.nabble.com/-PATCH--HTML-encode-attributes-that-might-need-encoding-td584193.html
-CVE-2008-3431 (The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM ...)
+CVE-2008-3431
 	- virtualbox-ose <not-affected> (affects only windows host systems)
 	NOTE: CORE-2008-0716
-CVE-2008-3456 (phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from ...)
+CVE-2008-3456
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.8~rc1-1 (low)
 	NOTE: exploitation circumstances are rare or require other vulnerabilities to be present already. may fix combined with another issue but doesn't warrant DSA on its own
-CVE-2008-3547 (Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows ...)
+CVE-2008-3547
 	- openttd 0.6.2-1 (medium; bug #493714)
-CVE-2008-3421 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-3421
 	NOT-FOR-US: Blackboard Academic Suite
-CVE-2008-3420 (Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 ...)
+CVE-2008-3420
 	NOT-FOR-US: Mobius Web Publishing Software
-CVE-2008-3419 (SQL injection vulnerability in ugroups.php in Youtuber Clone allows ...)
+CVE-2008-3419
 	NOT-FOR-US: Youtuber Clone
-CVE-2008-3418 (SQL injection vulnerability in browse.php in TriO 2.1 and earlier ...)
+CVE-2008-3418
 	NOT-FOR-US: TriO
-CVE-2008-3417 (SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and ...)
+CVE-2008-3417
 	NOT-FOR-US: fipsCMS
-CVE-2008-3416 (SQL injection vulnerability in modules/members.php in IceBB before ...)
+CVE-2008-3416
 	NOT-FOR-US: IceBB
-CVE-2008-3415 (Directory traversal vulnerability in common.php in CMScout 2.05, when ...)
+CVE-2008-3415
 	NOT-FOR-US: CMScout
-CVE-2008-3414 (SQL injection vulnerability in line2.php in SiteAdmin allows remote ...)
+CVE-2008-3414
 	NOT-FOR-US: SiteAdmin
-CVE-2008-3413 (SQL injection vulnerability in category.php in Greatclone GC Auction ...)
+CVE-2008-3413
 	NOT-FOR-US: Greatclone GC Auction Platinum
-CVE-2008-3412 (SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 ...)
+CVE-2008-3412
 	NOT-FOR-US: Comsenz EPShop
-CVE-2008-3411 (The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 ...)
+CVE-2008-3411
 	NOT-FOR-US: The Axesstel AXW-D800 modem
-CVE-2008-3410 (Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to ...)
+CVE-2008-3410
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-3409 (Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows ...)
+CVE-2008-3409
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-3408 (Stack-based buffer overflow in CoolPlayer 2.18, and possibly other ...)
+CVE-2008-3408
 	NOT-FOR-US: CoolPlayer
-CVE-2008-3407 (phpLinkat 0.1 allows remote attackers to bypass authentication and ...)
+CVE-2008-3407
 	NOT-FOR-US: phpLinkat
-CVE-2008-3406 (SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows ...)
+CVE-2008-3406
 	NOT-FOR-US: phpLinkat
-CVE-2008-3405 (Directory traversal vulnerability in index.php in Ricardo Amaral ...)
+CVE-2008-3405
 	NOT-FOR-US: Ricardo Amaral nzFotolog
-CVE-2008-3404 (Cross-site scripting (XSS) vulnerability in guestbook.js.php in ...)
+CVE-2008-3404
 	NOT-FOR-US: MJGuest
-CVE-2008-3403 (SQL injection vulnerability in mojoClassified.cgi in MojoPersonals ...)
+CVE-2008-3403
 	NOT-FOR-US: MojoPersonals
-CVE-2008-3402 (Multiple PHP remote file inclusion vulnerabilities in HIOX Browser ...)
+CVE-2008-3402
 	NOT-FOR-US: HIOX Browser Statistics
-CVE-2008-3401 (PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX ...)
+CVE-2008-3401
 	NOT-FOR-US: HIOX Random Ad
-CVE-2008-3400 (XRMS CRM 1.99.2 allows remote attackers to obtain configuration ...)
+CVE-2008-3400
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3399 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-3399
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3398 (Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 ...)
+CVE-2008-3398
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3397 (Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS ...)
+CVE-2008-3397
 	NOT-FOR-US: Runesoft Cerberus CMS
-CVE-2008-3396 (Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote ...)
+CVE-2008-3396
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-3395 (Calacode @Mail 5.41 on Linux uses weak world-readable permissions for ...)
+CVE-2008-3395
 	NOT-FOR-US: Calacode
-CVE-2008-3394 (Multiple cross-site scripting (XSS) vulnerabilities in search.cfm in ...)
+CVE-2008-3394
 	NOT-FOR-US: BookMine
-CVE-2008-3393 (SQL injection vulnerability in events.cfm in BookMine allows remote ...)
+CVE-2008-3393
 	NOT-FOR-US: BookMine
-CVE-2008-3392 (Cross-site request forgery (CSRF) vulnerability in Web Wiz Forum 9.5 ...)
+CVE-2008-3392
 	NOT-FOR-US: Web Wiz Forum
-CVE-2008-3391 (Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum ...)
+CVE-2008-3391
 	NOT-FOR-US: Web Wiz Forum
-CVE-2008-3390 (Directory traversal vulnerability in libraries/general.init.php in ...)
+CVE-2008-3390
 	NOT-FOR-US: Minishowcase Image Gallery
-CVE-2008-3389 (Stack-based buffer overflow in the libbecompat library in Ingres 2.6, ...)
+CVE-2008-3389
 	NOT-FOR-US: Ingres
-CVE-2008-3388 (Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote ...)
+CVE-2008-3388
 	NOT-FOR-US: Def-Blog
-CVE-2008-3387 (SQL injection vulnerability in show.php in PHPFootball 1.6 allows ...)
+CVE-2008-3387
 	NOT-FOR-US: PHPFootball
-CVE-2008-3386 (SQL injection vulnerability in album.php in AlstraSoft Video Share ...)
+CVE-2008-3386
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2008-3385 (Directory traversal vulnerability in include/head_chat.inc.php in php ...)
+CVE-2008-3385
 	NOT-FOR-US: Help Agent
-CVE-2008-3384 (Multiple directory traversal vulnerabilities in help/help.php in ...)
+CVE-2008-3384
 	NOT-FOR-US: Interact Learning Community Environment Interact
-CVE-2008-3383 (SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote ...)
+CVE-2008-3383
 	NOT-FOR-US: MojoAuto
-CVE-2008-3382 (SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds ...)
+CVE-2008-3382
 	NOT-FOR-US: MojoClassifieds
-CVE-2008-3381 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-3381
 	- moin 1.7.1-1 (low)
 	[etch] - moin <not-affected> (Vulnerable macro not present)
-CVE-2008-3380 (Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in ...)
+CVE-2008-3380
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-3379 (Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 ...)
+CVE-2008-3379
 	NOT-FOR-US: Snark VisualPic
-CVE-2008-3378 (SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows ...)
+CVE-2008-3378
 	NOT-FOR-US: Fizzmedia
-CVE-2008-3377 (SQL injection vulnerability in picture.php in phpTest 0.6.3 allows ...)
+CVE-2008-3377
 	NOT-FOR-US: phpTest
-CVE-2008-3376 (Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have ...)
+CVE-2008-3376
 	NOT-FOR-US: JamRoom
-CVE-2008-3375 (The jrCookie function in includes/jamroom-misc.inc.php in JamRoom ...)
+CVE-2008-3375
 	NOT-FOR-US: JamRoom
-CVE-2008-3374 (SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier ...)
+CVE-2008-3374
 	NOT-FOR-US: Gregarius
-CVE-2008-3373 (The files parsing engine in Grisoft AVG Anti-Virus before 8.0.156 ...)
+CVE-2008-3373
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2008-3372 (SQL injection vulnerability in search_form.php in Getacoder Clone ...)
+CVE-2008-3372
 	NOT-FOR-US: Getacoder Clone
-CVE-2008-3371 (Directory traversal vulnerability in install/help.php in TalkBack ...)
+CVE-2008-3371
 	NOT-FOR-US: TalkBack
-CVE-2008-3370 (SQL injection vulnerability in the CUA Login Module in EMC Centera ...)
+CVE-2008-3370
 	NOT-FOR-US: CUA Login Module in EMC Centera Universal Access
-CVE-2008-3369 (SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and ...)
+CVE-2008-3369
 	NOT-FOR-US: ViArt Shop
-CVE-2008-3368 (PHP remote file inclusion vulnerability in tools/packages/import.php ...)
+CVE-2008-3368
 	NOT-FOR-US: ATutor
-CVE-2008-3367 (Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web ...)
+CVE-2008-3367
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-3366 (SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 ...)
+CVE-2008-3366
 	NOT-FOR-US: Pligg CMS
-CVE-2008-3365 (Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on ...)
+CVE-2008-3365
 	- pixelpost <not-affected> (Exploit relies on register_globals to be on)
-CVE-2008-3364 (Buffer overflow in the ObjRemoveCtrl Class ActiveX control in ...)
+CVE-2008-3364
 	NOT-FOR-US: Trend Micro OfficeScan Corp Edition Web-Deployment
-CVE-2008-3363 (Directory traversal vulnerability in user_portal.php in the Dokeos ...)
+CVE-2008-3363
 	NOT-FOR-US: Dokeos E-Learning System
-CVE-2008-3362 (Unrestricted file upload vulnerability in upload.php in the Giulio ...)
+CVE-2008-3362
 	NOT-FOR-US: Giulio Ganci Wp Downloads Manager module
-CVE-2008-3361 (Stack-based buffer overflow in IntelliTamper 2.07 allows remote web ...)
+CVE-2008-3361
 	NOT-FOR-US: IntelliTamper
-CVE-2008-3360 (Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 ...)
+CVE-2008-3360
 	NOT-FOR-US: IntelliTamper
-CVE-2008-3359 (SQL injection vulnerability in register.php in Steve Bourgeois and ...)
+CVE-2008-3359
 	- owl-dms 0.95-1.1 (bug #493372)
-CVE-2008-3358 (Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP ...)
+CVE-2008-3358
 	NOT-FOR-US: SAP NetWeaver portal
-CVE-2008-3357 (Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, ...)
+CVE-2008-3357
 	NOT-FOR-US: Ingres
-CVE-2008-3356 (verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres ...)
+CVE-2008-3356
 	NOT-FOR-US: Ingres
-CVE-2008-3355 (SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 ...)
+CVE-2008-3355
 	NOT-FOR-US: Camera Life
-CVE-2008-3354 (Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus ...)
+CVE-2008-3354
 	NOT-FOR-US: Newbb Plus
-CVE-2008-3353 (Multiple cross-site scripting (XSS) vulnerabilities in Pure Software ...)
+CVE-2008-3353
 	NOT-FOR-US: Pure Software Lore
-CVE-2008-3352 (SQL injection vulnerability in index.php in Live Music Plus 1.1.0 ...)
+CVE-2008-3352
 	NOT-FOR-US: Live Music Plus
-CVE-2008-3351 (SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog ...)
+CVE-2008-3351
 	NOT-FOR-US: Atom PhotoBlog
-CVE-2008-3350 (dnsmasq 2.43 allows remote attackers to cause a denial of service ...)
+CVE-2008-3350
 	- dnsmasq 2.44-1 (low)
 	[etch] - dnsmasq <not-affected> (Issue was introduced in 2.43)
-CVE-2008-3349 (Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on ...)
+CVE-2008-3349
 	NOT-FOR-US: NetApp Data ONTAP
-CVE-2008-3348 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-3348
 	NOT-FOR-US: MyioSoft EasyDynamicPages
-CVE-2008-3347 (SQL injection vulnerability in staticpages/easycalendar/index.php in ...)
+CVE-2008-3347
 	NOT-FOR-US: MyioSoft EasyDynamicPages
-CVE-2008-3346 (SQL injection vulnerability in product_detail.php in ShopCart DX ...)
+CVE-2008-3346
 	NOT-FOR-US: ShopCart DX
-CVE-2008-3345 (SQL injection vulnerability in staticpages/easyecards/index.php in ...)
+CVE-2008-3345
 	NOT-FOR-US: MyioSoft EasyE-Cards
-CVE-2008-3344 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-3344
 	NOT-FOR-US: MyioSoft EasyE-Cards
-CVE-2008-3343 (SQL injection vulnerability in staticpages/easypublish/index.php in ...)
+CVE-2008-3343
 	NOT-FOR-US: MyioSoft EasyPublish
-CVE-2008-3342 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-3342
 	NOT-FOR-US: MyioSoft EasyPublish
-CVE-2008-3341 (Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex ...)
+CVE-2008-3341
 	NOT-FOR-US: Jobbex JobSite
-CVE-2008-3340 (Cross-site scripting (XSS) vulnerability in search_result.cfm in ...)
+CVE-2008-3340
 	NOT-FOR-US: Jobbex JobSite
-CVE-2008-3339 (search_result.cfm in Jobbex JobSite allows remote attackers to obtain ...)
+CVE-2008-3339
 	NOT-FOR-US: Jobbex JobSite
-CVE-2008-3429 (Buffer overflow in URI processing in HTTrack and WinHTTrack before ...)
+CVE-2008-3429
 	{DSA-1626-1}
 	- httrack 3.42.3-1 (low)
-CVE-2008-3338 (Multiple buffer overflows in TIBCO Hawk (1) AMI C library ...)
+CVE-2008-3338
 	NOT-FOR-US: TIBCO Hawk
-CVE-2008-3337 (PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, ...)
+CVE-2008-3337
 	{DSA-1628-1}
 	- pdns 2.9.21.1-1 (low)
-CVE-2008-3336 (Multiple cross-site scripting (XSS) vulnerabilities in PunBB before ...)
+CVE-2008-3336
 	NOT-FOR-US: PunBB
-CVE-2008-3335 (Unspecified vulnerability in PunBB before 1.2.19 allows remote ...)
+CVE-2008-3335
 	NOT-FOR-US: PunBB
-CVE-2008-3334 (Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 ...)
+CVE-2008-3334
 	NOT-FOR-US: MyBB
-CVE-2008-3333 (Directory traversal vulnerability in core/lang_api.php in Mantis ...)
+CVE-2008-3333
 	- mantis 1.1.2+dfsg-2
 	NOTE: I've marked the above version as fixed, however I am not sure if it wasn't fixed
 	NOTE: earlier. However, lenny is fixed and it is not in etch and sarge is not supported anymore.
-CVE-2008-3332 (Eval injection vulnerability in adm_config_set.php in Mantis before ...)
+CVE-2008-3332
 	- mantis 1.1.2+dfsg-2
-CVE-2008-3331 (Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php ...)
+CVE-2008-3331
 	- mantis 1.1.2+dfsg-2
-CVE-2008-3329 (Unspecified vulnerability in Links before 2.1, when &quot;only proxies&quot; is ...)
+CVE-2008-3329
 	- links2 2.1pre37-1.1 (low; bug #492744)
 	[etch] - links2 <no-dsa> (Minor information leak)
-CVE-2008-3328 (Cross-site scripting (XSS) vulnerability in the wiki engine in Trac ...)
+CVE-2008-3328
 	- trac 0.11-1
 	[etch] - trac 0.10.3-1etch4
-CVE-2008-3324 (The PartyGaming PartyPoker client program 121/120 does not properly ...)
+CVE-2008-3324
 	NOT-FOR-US: PartyGaming PartyPoker
-CVE-2008-3323 (setup.exe before 2.573.2.3 in Cygwin does not properly verify the ...)
+CVE-2008-3323
 	NOT-FOR-US: Cygwin
-CVE-2008-3322 (admin/index.php in Maian Recipe 1.2 and earlier allows remote ...)
+CVE-2008-3322
 	NOT-FOR-US: Maian *
-CVE-2008-3321 (admin/index.php in Maian Uploader 4.0 and earlier allows remote ...)
+CVE-2008-3321
 	NOT-FOR-US: Maian *
-CVE-2008-3320 (admin/index.php in Maian Guestbook 3.2 and earlier allows remote ...)
+CVE-2008-3320
 	NOT-FOR-US: Maian *
-CVE-2008-3319 (admin/index.php in Maian Links 3.1 and earlier allows remote attackers ...)
+CVE-2008-3319
 	NOT-FOR-US: Maian *
-CVE-2008-3318 (admin/index.php in Maian Weblog 4.0 and earlier allows remote ...)
+CVE-2008-3318
 	NOT-FOR-US: Maian *
-CVE-2008-3317 (admin/index.php in Maian Search 1.1 and earlier allows remote ...)
+CVE-2008-3317
 	NOT-FOR-US: Maian *
-CVE-2008-3316 (Cross-site scripting (XSS) vulnerability in the search feature in the ...)
+CVE-2008-3316
 	NOT-FOR-US: Geeklog
-CVE-2008-3315 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...)
+CVE-2008-3315
 	NOT-FOR-US: Claroline
-CVE-2008-3314 (ZDaemon 1.08.07 and earlier allows remote attackers to cause a denial ...)
+CVE-2008-3314
 	NOT-FOR-US: ZDaemon
-CVE-2008-3313 (Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 ...)
+CVE-2008-3313
 	NOT-FOR-US: CreaCMS
-CVE-2008-3312 (Directory traversal vulnerability in ...)
+CVE-2008-3312
 	- fckeditor <not-affected> (Vulnerable code not present)
 	NOTE: lemon cms patched sources, vulnerable code not present in plain fckeditor in no version.
 	NOTE: if in doubt contact the fsckeditor people.
-CVE-2008-3311 (PHP remote file inclusion vulnerability in config.php in Adam ...)
+CVE-2008-3311
 	NOT-FOR-US: Adam Scheinberg Flip
-CVE-2008-3310 (SQL injection vulnerability in default.asp in Pre Survey Poll allows ...)
+CVE-2008-3310
 	NOT-FOR-US: Pre Survey Poll
-CVE-2008-3309 (SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and ...)
+CVE-2008-3309
 	NOT-FOR-US: DigiLeave
-CVE-2008-3308 (PHP remote file inclusion vulnerability in cuenta/cuerpo.php in C. ...)
+CVE-2008-3308
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3307 (SQL injection vulnerability in todos.php in C. Desseno YouTube Blog ...)
+CVE-2008-3307
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3306 (SQL injection vulnerability in info.php in C. Desseno YouTube Blog ...)
+CVE-2008-3306
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3305 (Cross-site scripting (XSS) vulnerability in mensaje.php in C. Desseno ...)
+CVE-2008-3305
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3304 (BilboBlog 0.2.1 allows remote attackers to obtain sensitive ...)
+CVE-2008-3304
 	NOT-FOR-US: BilboBlog
-CVE-2008-3303 (admin/login.php in BilboBlog 0.2.1, when register_globals is enabled, ...)
+CVE-2008-3303
 	NOT-FOR-US: BilboBlog
-CVE-2008-3302 (SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, ...)
+CVE-2008-3302
 	NOT-FOR-US: BilboBlog
-CVE-2008-3301 (Multiple cross-site scripting (XSS) vulnerabilities in BilboBlog 0.2.1 ...)
+CVE-2008-3301
 	NOT-FOR-US: BilboBlog
-CVE-2008-3300 (AlphAdmin CMS 1.0.5/03 allows remote attackers to bypass ...)
+CVE-2008-3300
 	NOT-FOR-US: AlphAdmin CMS
-CVE-2008-3299 (eSyndiCat 1.6 allows remote attackers to bypass authentication and ...)
+CVE-2008-3299
 	NOT-FOR-US: eSyndiCat
-CVE-2008-3298 (SocialEngine (SE) before 2.83 grants certain write privileges for ...)
+CVE-2008-3298
 	NOT-FOR-US: SocialEngine
-CVE-2008-3297 (Multiple SQL injection vulnerabilities in SocialEngine (SE) before ...)
+CVE-2008-3297
 	NOT-FOR-US: SocialEngine
-CVE-2008-3296 (Directory traversal vulnerability in modules/system/admin.php in XOOPS ...)
+CVE-2008-3296
 	NOT-FOR-US: XOOPS
-CVE-2008-3295 (Cross-site scripting (XSS) vulnerability in modules/system/admin.php ...)
+CVE-2008-3295
 	NOT-FOR-US: XOOPS
-CVE-2008-3294 (src/configure.in in Vim 5.0 through 7.1, when used for a build with ...)
+CVE-2008-3294
 	- vim <not-affected> (Build issue)
 	NOTE: It looks like the vulnerability only occurs during build, so it shouldn't be an issue for Debian
-CVE-2008-3293 (Directory traversal vulnerability in download.php in EZWebAlbum allows ...)
+CVE-2008-3293
 	NOT-FOR-US: EZWebAlbum
-CVE-2008-3292 (constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass ...)
+CVE-2008-3292
 	NOT-FOR-US: EZWebAlbum
-CVE-2008-3291 (SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS ...)
+CVE-2008-3291
 	NOT-FOR-US: AproxEngine
-CVE-2008-3290 (retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows ...)
+CVE-2008-3290
 	NOT-FOR-US: EMC Dantz Retrospect Backup Client
-CVE-2008-3289 (EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in ...)
+CVE-2008-3289
 	NOT-FOR-US: EMC Dantz Retrospect Backup Client
-CVE-2008-3288 (The Server Authentication Module in EMC Dantz Retrospect Backup Server ...)
+CVE-2008-3288
 	NOT-FOR-US: EMC Dantz Retrospect Backup Server
-CVE-2008-3287 (retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows ...)
+CVE-2008-3287
 	NOT-FOR-US: EMC Dantz Retrospect Backup Client
-CVE-2008-3286 (SWAT 4 1.1 and earlier allows remote attackers to cause a denial of ...)
+CVE-2008-3286
 	NOT-FOR-US: SWAT 4
-CVE-2008-3285 (The Filesys::SmbClientParser module 2.7 and earlier for Perl allows ...)
+CVE-2008-3285
 	NOT-FOR-US: Filesys::SmbClientParser
 CVE-2008-3284
 	REJECTED
-CVE-2008-3283 (Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red ...)
+CVE-2008-3283
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-3282 (Integer overflow in the rtl_allocateMemory function in ...)
+CVE-2008-3282
 	- openoffice.org <not-affected> (openoffice in Debian does not use the custom allocations but g/malloc)
 	NOTE: see ooo-build/distro-configs/CommonLinux.conf.in, openoffice builds on Debian using
 	NOTE: --with-alloc=system which causes the build scripts to use the system allocators instead of the
 	NOTE: custom ones
-CVE-2008-3281 (libxml2 2.6.32 and earlier does not properly detect recursion during ...)
+CVE-2008-3281
 	{DSA-1631-1 DTSA-158-1}
 	- libxml2 2.6.32.dfsg-3 (medium)
 	- chromium-browser 5.0.375.29~r46008-1
 CVE-2008-3280
 	RESERVED
-CVE-2008-3279 (Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 ...)
+CVE-2008-3279
 	- brltty <not-affected> (RedHat-specific)
 CVE-2008-3278
 	RESERVED
 	- frysk <removed>
-CVE-2008-3277 (Untrusted search path vulnerability in a certain Red Hat build script ...)
+CVE-2008-3277
 	- ibutils <not-affected> (RedHat-specific)
-CVE-2008-3276 (Integer overflow in the dccp_setsockopt_change function in ...)
+CVE-2008-3276
 	{DSA-1653-1 DSA-1636-1}
 	- linux-2.6 2.6.26-4
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
-CVE-2008-3275 (The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in ...)
+CVE-2008-3275
 	{DSA-1636-1 DSA-1630-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-2
 	NOTE: d70b67c8bc72ee23b55381bd6a884f4796692f77
-CVE-2008-3274 (The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA ...)
+CVE-2008-3274
 	NOT-FOR-US: FreeIPA
-CVE-2008-3273 (JBoss Enterprise Application Platform (aka JBossEAP or EAP) before ...)
+CVE-2008-3273
 	- jbossas4 <not-affected> (Only provides a few class libs)
-CVE-2008-3272 (The snd_seq_oss_synth_make_info function in ...)
+CVE-2008-3272
 	{DSA-1636-1 DSA-1630-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-2
 	NOTE: 82e68f7ffec3800425f2391c8c86277606860442
-CVE-2008-3271 (Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers ...)
+CVE-2008-3271
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.1
 	- tomcat6 <not-affected>
 	NOTE: It is unlikely that this is exploitable in real world scenarios.
-CVE-2008-3270 (yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify ...)
+CVE-2008-3270
 	NOT-FOR-US: Red Hat
-CVE-2008-3269 (WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full ...)
+CVE-2008-3269
 	NOT-FOR-US: WinRemotePC
-CVE-2008-3268 (Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when ...)
+CVE-2008-3268
 	NOT-FOR-US: phpScheduleIt
-CVE-2008-3267 (SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote ...)
+CVE-2008-3267
 	NOT-FOR-US: MojoJobs
-CVE-2008-3266 (SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel ...)
+CVE-2008-3266
 	NOT-FOR-US: SoftAcid Hotel Reservation System
-CVE-2008-3265 (SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 ...)
+CVE-2008-3265
 	NOT-FOR-US: DT Register
-CVE-2008-3264 (The FWDOWNL firmware-download implementation in Asterisk Open Source ...)
+CVE-2008-3264
 	- asterisk 1:1.4.21.2~dfsg-1
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: http://downloads.digium.com/pub/security/AST-2008-011.html
-CVE-2008-3263 (The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x ...)
+CVE-2008-3263
 	- asterisk 1:1.4.21.2~dfsg-1
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: http://downloads.digium.com/pub/security/AST-2008-010.html
-CVE-2008-3262 (Cross-site request forgery (CSRF) vulnerability in Claroline before ...)
+CVE-2008-3262
 	NOT-FOR-US: Claroline
-CVE-2008-3261 (Open redirect vulnerability in claroline/redirector.php in Claroline ...)
+CVE-2008-3261
 	NOT-FOR-US: Claroline
-CVE-2008-3260 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...)
+CVE-2008-3260
 	NOT-FOR-US: Claroline
-CVE-2008-3259 (OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the ...)
+CVE-2008-3259
 	- openssh <not-affected> (linux check that the effective userid matches or that bind addresses dont overlap on rebind)
-CVE-2008-3258 (Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow ...)
+CVE-2008-3258
 	- zoph 0.7.1-1
 	NOTE: http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=614672
-CVE-2008-3257 (Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle ...)
+CVE-2008-3257
 	NOT-FOR-US: Oracle
-CVE-2008-3256 (SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and ...)
+CVE-2008-3256
 	NOT-FOR-US: Siteframe CMS
-CVE-2008-3255 (Cross-site scripting (XSS) vulnerability in LunarNight Laboratory ...)
+CVE-2008-3255
 	NOT-FOR-US: LunarNight Laboratory WebProxy
-CVE-2008-3254 (SQL injection vulnerability in index.php in preCMS 1 allows remote ...)
+CVE-2008-3254
 	NOT-FOR-US: preCMS
-CVE-2008-3253 (Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces ...)
+CVE-2008-3253
 	NOT-FOR-US: Citrix XenServer Express
-CVE-2008-3252 (Stack-based buffer overflow in the read_article function in ...)
+CVE-2008-3252
 	{DSA-1622-1}
 	- newsx 1.6-3 (bug #492742)
-CVE-2008-3251 (Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow ...)
+CVE-2008-3251
 	NOT-FOR-US: tplSoccerSite
-CVE-2008-3250 (SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 ...)
+CVE-2008-3250
 	NOT-FOR-US: Arctic Issue Tracker
-CVE-2008-3249 (The client in Lenovo System Update before 3.14 does not properly ...)
+CVE-2008-3249
 	NOT-FOR-US: Lenovo System Update
-CVE-2008-3248 (qiomkfile in the Quick I/O for Database feature in Symantec Veritas ...)
+CVE-2008-3248
 	NOT-FOR-US: Symantec Veritas File System on HP-UX
-CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 ...)
+CVE-2008-3247
 	- linux-2.6 2.6.25-7
 	[etch] - linux-2.6 <not-affected> (2.6.25-only issue)
 	- linux-2.6.24 <not-affected> (2.6.25-only issue)
-CVE-2008-3246 (Unspecified vulnerability in the PDF distiller component in the ...)
+CVE-2008-3246
 	NOT-FOR-US: BlackBerry Attachment Service
-CVE-2008-3245 (SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, ...)
+CVE-2008-3245
 	NOT-FOR-US: phpHoo3
-CVE-2008-3244 (The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 ...)
+CVE-2008-3244
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2008-3243 (Multiple unspecified vulnerabilities in the scanning engine before ...)
+CVE-2008-3243
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2008-3242 (Heap-based buffer overflow in the PPMedia Class ActiveX control in ...)
+CVE-2008-3242
 	NOT-FOR-US: PPMate
-CVE-2008-3241 (SQL injection vulnerability in players-detail.php in UltraStats ...)
+CVE-2008-3241
 	NOT-FOR-US: UltraStats
-CVE-2008-3240 (SQL injection vulnerability in index.php in AlstraSoft Affiliate ...)
+CVE-2008-3240
 	NOT-FOR-US: AlstraSoft Affiliate Network Pro
-CVE-2008-3239 (Unrestricted file upload vulnerability in the writeLogEntry function ...)
+CVE-2008-3239
 	NOT-FOR-US: PHPizabi
-CVE-2008-3238 (Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow ...)
+CVE-2008-3238
 	NOT-FOR-US: ITechBids
-CVE-2008-3237 (Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ...)
+CVE-2008-3237
 	NOT-FOR-US: ITechBids
-CVE-2008-3236 (Unspecified vulnerability in Wsadmin in the System ...)
+CVE-2008-3236
 	NOT-FOR-US: Wsadmin
-CVE-2008-3235 (Unspecified vulnerability in the PropFilePasswordEncoder utility in ...)
+CVE-2008-3235
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-3234 (sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH ...)
+CVE-2008-3234
 	- openssh <unfixed> (unimportant)
 	NOTE: this is by design
-CVE-2008-3233 (Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN ...)
+CVE-2008-3233
 	- wordpress <not-affected> (Code was only present in svn versions)
-CVE-2008-3232 (Unrestricted file upload vulnerability in ecrire/images.php in ...)
+CVE-2008-3232
 	NOT-FOR-US: dotclear
-CVE-2008-3231 (xine-lib before 1.1.15 allows remote attackers to cause a denial of ...)
+CVE-2008-3231
 	- xine-lib 1.1.14-2 (bug #492870; unimportant)
 	NOTE: Only a NULL pointer deference, hardly security relevant
-CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a ...)
+CVE-2008-3230
 	- ffmpeg-debian 0.svn20080206-16 (unimportant; bug #498764; bug #498766)
 	- ffmpeg 0.svn20080206-16 (unimportant)
 	- xmovie <removed> (unimportant)
 	NOTE: Only a NULL pointer deference, hardly security relevant
-CVE-2008-3228 (Joomla! before 1.5.4 does not configure .htaccess to apply certain ...)
+CVE-2008-3228
 	NOT-FOR-US: Joomla!
-CVE-2008-3227 (Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact ...)
+CVE-2008-3227
 	NOT-FOR-US: Joomla!
-CVE-2008-3226 (The file caching implementation in Joomla! before 1.5.4 allows ...)
+CVE-2008-3226
 	NOT-FOR-US: Joomla!
-CVE-2008-3225 (Joomla! before 1.5.4 allows attackers to access administration ...)
+CVE-2008-3225
 	NOT-FOR-US: Joomla!
-CVE-2008-3217 (PowerDNS Recursor before 3.1.6 does not always use the strongest ...)
+CVE-2008-3217
 	{DSA-1544-2}
 	- pdns-recursor 3.1.7-1 (low; bug #493576)
-CVE-2008-3215 (libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to ...)
+CVE-2008-3215
 	{DSA-1616-2}
 	- clamav 0.93.1.dfsg-1.1 (medium)
-CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of service ...)
+CVE-2008-3214
 	- dnsmasq 2.26-1 (medium)
-CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS ...)
+CVE-2008-3213
 	NOT-FOR-US: WebCMS
-CVE-2008-3212 (Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting ...)
+CVE-2008-3212
 	NOT-FOR-US: Scripteen Free Image Hosting
-CVE-2008-3211 (Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote ...)
+CVE-2008-3211
 	NOT-FOR-US: Scripteen Free Image Hosting
-CVE-2008-3210 (rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows ...)
+CVE-2008-3210
 	NOT-FOR-US: ReSIProcate
-CVE-2008-3209 (Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in ...)
+CVE-2008-3209
 	NOT-FOR-US: Black Ice Document Imaging SDK
-CVE-2008-3208 (Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 ...)
+CVE-2008-3208
 	NOT-FOR-US: Simple DNS Plus
-CVE-2008-3207 (PHP remote file inclusion vulnerability in cms/modules/form.lib.php in ...)
+CVE-2008-3207
 	NOT-FOR-US: Pragyan CMS
-CVE-2008-3206 (SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black ...)
+CVE-2008-3206
 	NOT-FOR-US: Yuhhu Pubs Black Cat
-CVE-2008-3205 (Directory traversal vulnerability in index.php in Easy-Script Wysi ...)
+CVE-2008-3205
 	NOT-FOR-US: Easy-Script Wysi Wiki Wyg
-CVE-2008-3204 (SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels ...)
+CVE-2008-3204
 	NOT-FOR-US: E-topbiz Million Pixels
-CVE-2008-3203 (js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform ...)
+CVE-2008-3203
 	NOT-FOR-US: AuraCMS
-CVE-2008-3202 (Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 ...)
+CVE-2008-3202
 	NOT-FOR-US: Xomol
-CVE-2008-3201 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-3201
 	NOT-FOR-US: Pagefusion
-CVE-2008-3200 (SQL injection vulnerability in vlc_forum.php in Avlc Forum as of ...)
+CVE-2008-3200
 	NOT-FOR-US: Avlc Forum
-CVE-2008-3199 (Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow ...)
+CVE-2008-3199
 	NOT-FOR-US: ReSIProcate
-CVE-2008-3198 (Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject ...)
+CVE-2008-3198
 	{DSA-1614-1}
 	- iceweasel 3.0.1-1 (low)
 	NOTE: http://www.mozilla.org/security/announce/2008/mfsa2008-35.html
-CVE-2008-3195 (Directory traversal vulnerability in bin/configure in TWiki before ...)
+CVE-2008-3195
 	{DSA-1639-1}
 	- twiki 1:4.1.2-5 (low; bug #499534)
 	NOTE: access to configure script is restricted to localhost on Debian
-CVE-2008-3194 (Multiple directory traversal vulnerabilities in ...)
+CVE-2008-3194
 	NOT-FOR-US: pluck CMS
-CVE-2008-3193 (SQL injection vulnerability in jSite 1.0 OE allows remote attackers to ...)
+CVE-2008-3193
 	NOT-FOR-US: jSite
-CVE-2008-3192 (Directory traversal vulnerability in index.php in jSite 1.0 OE allows ...)
+CVE-2008-3192
 	NOT-FOR-US: jSite
-CVE-2008-3191 (Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, ...)
+CVE-2008-3191
 	NOT-FOR-US: mForum
-CVE-2008-3190 (Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 ...)
+CVE-2008-3190
 	NOT-FOR-US: CodeDB
-CVE-2008-3189 (SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager ...)
+CVE-2008-3189
 	NOT-FOR-US: DreamNews Manager
-CVE-2008-3188 (libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the ...)
+CVE-2008-3188
 	- libxcrypt <not-affected> (Suse issue)
-CVE-2008-3187 (zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 ...)
+CVE-2008-3187
 	NOT-FOR-US: SUSE Zypper
-CVE-2008-3330 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-3330
 	{DSA-1765-1}
 	- horde3 3.2.1+debian0-1 (low; bug #492578)
 	- turba2 2.2.1-1 (low)
 	[etch] - turba2 <not-affected> (only version 2.2 contains vulnerable code, etch has 2.1)
-CVE-2008-3325 (Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before ...)
+CVE-2008-3325
 	{DSA-1691-1}
 	- moodle 1.8.1-1 (low)
 	NOTE: http://moodle.org/mod/forum/discuss.php?d=101405
-CVE-2008-3326 (Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle ...)
+CVE-2008-3326
 	{DSA-1691-1}
 	- moodle 1.8.2-2 (low; bug #492492)
 	NOTE: http://moodle.org/mod/forum/discuss.php?d=101401
-CVE-2008-3327 (Moodle 1.6.5, when display_errors is enabled, allows remote attackers ...)
+CVE-2008-3327
 	- moodle <removed> (unimportant)
 	NOTE: http://moodle.org/mod/forum/discuss.php?d=101403
 	NOTE: Does not allow any attack vectors, apart from gaining non-sensible information
@@ -9677,7 +9677,7 @@ CVE-2008-XXXX [mantis multiple issues]
 	NOTE: CVE id requested by redhat
 	NOTE: 0008975 (CSRF) covered by CVE-2008-2276
 	NOTE: 0008976 remote code execution only possible with valid administrator account
-CVE-2008-3196 (skeleton.c in yacc does not properly handle reduction of a rule with ...)
+CVE-2008-3196
 	- byacc 20070509-1.1 (low; bug #491182)
 	[etch] - byacc <no-dsa> (Minor issue)
 CVE-2008-XXXX [libetpan NULL deref]
@@ -9689,270 +9689,270 @@ CVE-2008-XXXX [XSS in press-this of wordpress]
 	- wordpress <not-affected> (Vulnerable code not present)
 	NOTE: this code was never present in a released wordpress version
 	NOTE: http://www.openwall.com/lists/oss-security/2008/07/15/5
-CVE-2008-3224 (Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and ...)
+CVE-2008-3224
 	- phpbb3 3.0.2-1 (low)
 	- phpbb2 <not-affected> (Vulnerable code not present)
-CVE-2008-3197 (Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before ...)
+CVE-2008-3197
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.7.1-1 (low)
 	NOTE: this only allows via csrf to create an empty database.
 	NOTE: this would take a lot of work to get it only to the 'annoying' level, let alone a DoS
-CVE-2008-3186 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog ...)
+CVE-2008-3186
 	NOT-FOR-US: Chipmunk Blog
-CVE-2008-3185 (SQL injection vulnerability in index.php in Relative Real Estate ...)
+CVE-2008-3185
 	NOT-FOR-US: Relative Real Estate Systems
-CVE-2008-3184 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin ...)
+CVE-2008-3184
 	NOT-FOR-US: vBulletin
-CVE-2008-3183 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-3183
 	NOT-FOR-US: gapicms
-CVE-2008-3182 (Stack-based buffer overflow in DAP.exe in Download Accelerator Plus ...)
+CVE-2008-3182
 	NOT-FOR-US: Download Accelerator Plus
-CVE-2008-3181 (Unrestricted file upload vulnerability in upload.php in ContentNow CMS ...)
+CVE-2008-3181
 	NOT-FOR-US: ContentNow CMS
-CVE-2008-3180 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-3180
 	NOT-FOR-US: ContentNow CMS
-CVE-2008-3179 (Directory traversal vulnerability in website.php in Web 2 Business ...)
+CVE-2008-3179
 	NOT-FOR-US: phpDatingClub
-CVE-2008-3178 (Unrestricted file upload vulnerability in upload_pictures.php in ...)
+CVE-2008-3178
 	NOT-FOR-US: WebXell Editor
-CVE-2008-3177 (Sophos virus detection engine 2.75 on Linux and Unix, as used in ...)
+CVE-2008-3177
 	NOT-FOR-US: Sophos virus detection engine
 CVE-2008-3176
 	RESERVED
-CVE-2008-3175 (Integer underflow in rxRPC.dll in the LGServer service in the ...)
+CVE-2008-3175
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-3174 (Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based ...)
+CVE-2008-3174
 	NOT-FOR-US: r8 (Host-Based Intrusion Prevention System (HIPS))
-CVE-2008-3173 (Microsoft Internet Explorer allows web sites to set cookies for ...)
+CVE-2008-3173
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-3172 (Opera allows web sites to set cookies for country-specific top-level ...)
+CVE-2008-3172
 	NOT-FOR-US: Opera
-CVE-2008-3171 (Apple Safari sends Referer headers containing https URLs to different ...)
+CVE-2008-3171
 	NOT-FOR-US: Apple Safari
-CVE-2008-3170 (Apple Safari allows web sites to set cookies for country-specific ...)
+CVE-2008-3170
 	NOT-FOR-US: Apple Safari
-CVE-2008-3169 (Multiple heap-based buffer overflows in Empire Server before 4.3.15 ...)
+CVE-2008-3169
 	NOT-FOR-US: Empire Server
-CVE-2008-3168 (The files utility in Empire Server before 4.3.15 discloses the world ...)
+CVE-2008-3168
 	NOT-FOR-US: Empire Server
-CVE-2008-3167 (Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin ...)
+CVE-2008-3167
 	NOT-FOR-US: BoonEx Dolphin
-CVE-2008-3166 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-3166
 	NOT-FOR-US: BoonEx Ray
-CVE-2008-3165 (Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a ...)
+CVE-2008-3165
 	NOT-FOR-US: fuzzylime
-CVE-2008-3164 (Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, ...)
+CVE-2008-3164
 	NOT-FOR-US: fuzzylime
-CVE-2008-3163 (Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 ...)
+CVE-2008-3163
 	NOT-FOR-US: DodosMail
-CVE-2008-3162 (Stack-based buffer overflow in the str_read_packet function in ...)
+CVE-2008-3162
 	{DSA-1781-1}
 	- ffmpeg-debian 0.svn20080206-10 (bug #489965; low)
 	- ffmpeg 0.svn20080206-10
 	- xmovie <removed>
-CVE-2008-3161 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-3161
 	NOT-FOR-US: IBM Maximo
-CVE-2008-3160 (Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before ...)
+CVE-2008-3160
 	NOT-FOR-US: IBM Data ONTAP
-CVE-2008-3159 (Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory ...)
+CVE-2008-3159
 	NOT-FOR-US: eDirectory
-CVE-2008-3158 (Unspecified vulnerability in NWFS.SYS in Novell Client for Windows ...)
+CVE-2008-3158
 	NOT-FOR-US: Novell Client for Windows
-CVE-2008-3157 (Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit ...)
+CVE-2008-3157
 	NOT-FOR-US: Nortel SIP Multimedia PC Client
-CVE-2008-3156 (The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan ...)
+CVE-2008-3156
 	NOT-FOR-US: Panda ActiveScan
-CVE-2008-3155 (Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in ...)
+CVE-2008-3155
 	NOT-FOR-US: Panda ActiveScan
-CVE-2008-3154 (SQL injection vulnerability in index.php in WebBlizzard CMS allows ...)
+CVE-2008-3154
 	NOT-FOR-US: WebBlizzard CMS
-CVE-2008-3153 (SQL injection vulnerability in Triton CMS Pro allows remote attackers ...)
+CVE-2008-3153
 	NOT-FOR-US: Triton CMS Pro
-CVE-2008-3152 (SQL injection vulnerability in directory.php in SmartPPC and SmartPPC ...)
+CVE-2008-3152
 	NOT-FOR-US: SmartPPC
-CVE-2008-3151 (SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke ...)
+CVE-2008-3151
 	NOT-FOR-US: PHP-NUke
-CVE-2008-3150 (Directory traversal vulnerability in index.php in Neutrino Atomic ...)
+CVE-2008-3150
 	NOT-FOR-US: Neutrino Atomic Edition
-CVE-2008-3149 (The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote ...)
+CVE-2008-3149
 	NOT-FOR-US: F5 FirePass
-CVE-2008-3148 (Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f ...)
+CVE-2008-3148
 	NOT-FOR-US: OllyDBG/ImpREC
-CVE-2008-3147 (WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) ...)
+CVE-2008-3147
 	NOT-FOR-US: WeFi
-CVE-2008-3146 (Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly ...)
+CVE-2008-3146
 	{DTSA-167-1}
 	- wireshark 1.0.3-1 (medium; bug #497878)
-CVE-2008-3144 (Multiple integer overflows in the PyOS_vsnprintf function in ...)
+CVE-2008-3144
 	{DSA-1667-1 DTSA-157-1}
 	- python2.4 2.4.5-5
 	- python2.5 2.5.2-7
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
-CVE-2008-3143 (Multiple integer overflows in Python before 2.5.2 might allow ...)
+CVE-2008-3143
 	{DSA-1667-1}
 	- python2.4 2.4.5-1
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
 	- python2.5 2.5.2-1
-CVE-2008-3142 (Multiple buffer overflows in Python 2.5.2 and earlier on 32bit ...)
+CVE-2008-3142
 	{DSA-1667-1 DTSA-157-1}
 	- python2.5 2.5.2-10
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
 	- python2.4 2.4.5-5
-CVE-2008-3136 (SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x ...)
+CVE-2008-3136
 	NOT-FOR-US: AShop Delux
-CVE-2008-3135 (Soldner Secret Wars 33724 and earlier allows remote attackers to cause ...)
+CVE-2008-3135
 	NOT-FOR-US: Soldner Secret Wars
-CVE-2008-3134 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 ...)
+CVE-2008-3134
 	{DSA-1903-1}
 	- graphicsmagick 1.2.4-1 (bug #491439)
 	- imagemagick <unfixed> (unimportant; bug #559775)
 	NOTE: several DoS fixed in 1.2.4 according to upstream
 	NOTE: http://sourceforge.net/project/shownotes.php?release_id=610253
-CVE-2008-3133 (SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, ...)
+CVE-2008-3133
 	NOT-FOR-US: BareNuked CMS
-CVE-2008-3132 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...)
+CVE-2008-3132
 	NOT-FOR-US: Joomla component
-CVE-2008-3131 (SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when ...)
+CVE-2008-3131
 	NOT-FOR-US: PSys
-CVE-2008-3130 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-3130
 	NOT-FOR-US: OpenCart
-CVE-2008-3129 (Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta ...)
+CVE-2008-3129
 	NOT-FOR-US: Catviz
-CVE-2008-3128 (Directory traversal vulnerability in search.php in Pivot 1.40.5 allows ...)
+CVE-2008-3128
 	NOT-FOR-US: Pivot
-CVE-2008-3127 (PHP remote file inclusion vulnerability in hioxBannerRotate.php in ...)
+CVE-2008-3127
 	NOT-FOR-US: HIOX Banner Rotator
-CVE-2008-3126 (Multiple stack-based buffer overflows in the ServerView web interface ...)
+CVE-2008-3126
 	NOT-FOR-US: Fujitsu Siemens Computers ServerView
-CVE-2008-3125 (SQL injection vulnerability in index.php in Mole Group Lastminute ...)
+CVE-2008-3125
 	NOT-FOR-US: Mole Group Lastminute Script
-CVE-2008-3124 (SQL injection vulnerability in index.php in Mole Group Hotel Script ...)
+CVE-2008-3124
 	NOT-FOR-US: Mole Group
-CVE-2008-3123 (SQL injection vulnerability in index.php in Mole Group Real Estate ...)
+CVE-2008-3123
 	NOT-FOR-US: Mole Group
-CVE-2008-3122 (Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) ...)
+CVE-2008-3122
 	NOT-FOR-US: Xerox CentreWare Web
-CVE-2008-3121 (Multiple cross-site scripting (XSS) vulnerabilities in Xerox ...)
+CVE-2008-3121
 	NOT-FOR-US: Xerox CentreWare Web
 CVE-2008-3120
 	REJECTED
-CVE-2008-3119 (SQL injection vulnerability in index.php in DreamPics Builder allows ...)
+CVE-2008-3119
 	NOT-FOR-US: DreamPics Builder
-CVE-2008-3118 (SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier ...)
+CVE-2008-3118
 	NOT-FOR-US: PHPmotion
-CVE-2008-3117 (Unrestricted file upload vulnerability in update_profile.php in ...)
+CVE-2008-3117
 	NOT-FOR-US: PHPmotion
-CVE-2008-3116 (Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou ...)
+CVE-2008-3116
 	NOT-FOR-US: Snail Game
-CVE-2008-3229 (Stack-based buffer overflow in op before Changeset 563, when xauth ...)
+CVE-2008-3229
 	- op <not-affected> (not configured with xauth support)
-CVE-2008-3218 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x ...)
+CVE-2008-3218
 	- drupal5 <not-affected> (Vulnerable code not present, feature introduced in 6.0)
 	- drupal-4.7 <not-affected> (Vulnerable code not present, feature introduced in 6.0)
-CVE-2008-3219 (The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before ...)
+CVE-2008-3219
 	- drupal5 5.8-1 (low; bug #490559)
 	- drupal-4.7 <removed>
-CVE-2008-3220 (Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before ...)
+CVE-2008-3220
 	- drupal5 5.8-1 (low; bug #490559)
 	- drupal-4.7 <not-affected> (Vulnerable code not present)
 	NOTE: drupal-4.7 uses the locale_admin_string_delete callback which returns a confirmation dialog
-CVE-2008-3221 (Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before ...)
+CVE-2008-3221
 	- drupal5 <not-affected> (Vulnerable code not present, openids introduced in 6.0)
 	- drupal-4.7 <not-affected> (Vulnerable code not present, openids introduced in 6.0)
-CVE-2008-3222 (Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before ...)
+CVE-2008-3222
 	- drupal5 5.9-1 (low; bug #490559)
 	- drupal-4.7 <removed>
-CVE-2008-3223 (SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 ...)
+CVE-2008-3223
 	- drupal5 <not-affected> (Vulnerable code not present, introduced in 6.0)
 	- drupal-4.7 <not-affected> (Vulnerable code not present, introduced in 6.0)
-CVE-2008-3145 (The fragment_add_work function in epan/reassemble.c in Wireshark ...)
+CVE-2008-3145
 	{DSA-1673-1}
 	- wireshark 1.0.2-1 (low)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-04.html
-CVE-2008-3115 (Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and ...)
+CVE-2008-3115
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3114 (Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 ...)
+CVE-2008-3114
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3113 (Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 ...)
+CVE-2008-3113
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 <not-affected> (Only for sun-java5)
-CVE-2008-3112 (Directory traversal vulnerability in Sun Java Web Start in JDK and JRE ...)
+CVE-2008-3112
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
 	- openjdk-6 <undetermined> (bug #566770)
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2008-3111 (Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 ...)
+CVE-2008-3111
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-04-1 (bug #490260)
-CVE-2008-3110 (Unspecified vulnerability in scripting language support in Sun Java ...)
+CVE-2008-3110
 	- sun-java5 <not-affected> (Only for sun-java6)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3109 (Unspecified vulnerability in scripting language support in Sun Java ...)
+CVE-2008-3109
 	- sun-java5 <not-affected> (Only for sun-java6)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3108 (Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE ...)
+CVE-2008-3108
 	- sun-java5 1.5.0-10-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 <not-affected> (Only for sun-java5)
-CVE-2008-3107 (Unspecified vulnerability in the Virtual Machine in Sun Java Runtime ...)
+CVE-2008-3107
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3106 (Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK ...)
+CVE-2008-3106
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3105 (Unspecified vulnerability in the JAX-WS client and service in Sun Java ...)
+CVE-2008-3105
 	- sun-java5 <not-affected> (Only for sun-java6)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3104 (Multiple unspecified vulnerabilities in Sun Java Runtime Environment ...)
+CVE-2008-3104
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3103 (Unspecified vulnerability in the Java Management Extensions (JMX) ...)
+CVE-2008-3103
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3102 (Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the ...)
+CVE-2008-3102
 	- mantis 1.1.2+dfsg-6 (low; bug #501179)
-CVE-2008-3101 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
+CVE-2008-3101
 	NOT-FOR-US: vtiger CRM
-CVE-2008-3100 (Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve ...)
+CVE-2008-3100
 	- owl-dms 0.95-1.1 (low; bug #493579)
 CVE-2008-3099
 	RESERVED
-CVE-2008-3098 (Cross-site scripting (XSS) vulnerability in admin/usercheck.php in ...)
+CVE-2008-3098
 	NOT-FOR-US: fuzzylime
-CVE-2008-3097 (Cross-site scripting (XSS) vulnerability in the Tinytax module (aka ...)
+CVE-2008-3097
 	NOT-FOR-US: additional drupal module Tinytax
-CVE-2008-3096 (The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each ...)
+CVE-2008-3096
 	NOT-FOR-US: additional drupal module Outline Designer
-CVE-2008-3095 (Cross-site scripting (XSS) vulnerability in the Organic Groups (OG) ...)
+CVE-2008-3095
 	NOT-FOR-US: additional drupal module Organic Groups
-CVE-2008-3094 (The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before ...)
+CVE-2008-3094
 	NOT-FOR-US: additional drupal module Organic Groups
-CVE-2008-3093 (Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier ...)
+CVE-2008-3093
 	NOT-FOR-US: ImperialBB
-CVE-2008-3092 (SQL injection vulnerability in the Taxonomy Autotagger module 5.x ...)
+CVE-2008-3092
 	NOT-FOR-US: additional drupal module Taxonomy Autotagger
-CVE-2008-3091 (Cross-site scripting (XSS) vulnerability in the Taxonomy Autotagger ...)
+CVE-2008-3091
 	NOT-FOR-US: additional drupal module Taxonomy Autotagger
-CVE-2008-3090 (Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO ...)
+CVE-2008-3090
 	NOT-FOR-US: BlognPlus
-CVE-2008-3089 (SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze ...)
+CVE-2008-3089
 	NOT-FOR-US: ImperialBB
-CVE-2008-3088 (Cross-site scripting (XSS) vulnerability in the Files module in ...)
+CVE-2008-3088
 	NOT-FOR-US: Kasseler CMS
-CVE-2008-3087 (Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote ...)
+CVE-2008-3087
 	NOT-FOR-US: Kasseler CMS
 CVE-2008-3086
 	REJECTED
@@ -9960,670 +9960,670 @@ CVE-2008-3085
 	REJECTED
 CVE-2008-3084
 	REJECTED
-CVE-2008-3216 (The save function in br/prefmanager.d in projectl 1.001 creates a ...)
+CVE-2008-3216
 	- projectl 1.001.dfsg1-2 (low; bug #489988)
 	[etch] - projectl <no-dsa> (Minor issue)
-CVE-2008-3083 (SQL injection vulnerability in Brightcode Weblinks ...)
+CVE-2008-3083
 	NOT-FOR-US: com_brightweblinks omponent for Joomla!
-CVE-2008-3082 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-3082
 	NOT-FOR-US: Commtouch Enterprise Anti-Spam Gateway
-CVE-2008-3081 (Multiple unspecified &quot;input validation&quot; vulnerabilities in the Web ...)
+CVE-2008-3081
 	NOT-FOR-US: Avaya Message Storage Server
-CVE-2008-3080 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
+CVE-2008-3080
 	NOT-FOR-US: myBloggie
-CVE-2008-3079 (Unspecified vulnerability in Opera before 9.51 on Windows allows ...)
+CVE-2008-3079
 	NOT-FOR-US: Opera
-CVE-2008-3078 (Opera before 9.51 does not properly manage memory within functions ...)
+CVE-2008-3078
 	NOT-FOR-US: Opera
-CVE-2008-3077 (arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the ...)
+CVE-2008-3077
 	- linux-2.6 2.6.25-7
 	- linux-2.6.24 <not-affected> (Vulnerable code added later)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code added later)
 	NOTE: 1e9a615bfce7996ea4d815d45d364b47ac6a74e8
-CVE-2008-3076 (The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted ...)
+CVE-2008-3076
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (bug #506919)
 	[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
 	[squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3075 (The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, ...)
+CVE-2008-3075
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (bug #506919)
 	[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
 	[squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3074 (The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, ...)
+CVE-2008-3074
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (bug #506919)
 	[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
 	[squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3073 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x before ...)
+CVE-2008-3073
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-3072 (Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before ...)
+CVE-2008-3072
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-3071 (Directory traversal vulnerability in inc/class_language.php in MyBB ...)
+CVE-2008-3071
 	NOT-FOR-US: MyBB
-CVE-2008-3070 (Unspecified vulnerability in inc/datahandler/user.php in MyBB before ...)
+CVE-2008-3070
 	NOT-FOR-US: MyBB
-CVE-2008-3069 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB before ...)
+CVE-2008-3069
 	NOT-FOR-US: MyBB
-CVE-2008-3068 (Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, ...)
+CVE-2008-3068
 	NOT-FOR-US: Microsoft Crypto API
-CVE-2008-3067 (sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when ...)
+CVE-2008-3067
 	- sudo 1.6.9p12-1
 	[etch] - sudo <not-affected> (Issue was introduced in 1.6.9)
-CVE-2008-3066 (Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll ...)
+CVE-2008-3066
 	NOT-FOR-US: RealNetworks RealPlayer Enterprise
 CVE-2008-3065
 	RESERVED
-CVE-2008-3064 (Unspecified vulnerability in RealNetworks RealPlayer Enterprise, ...)
+CVE-2008-3064
 	NOT-FOR-US: RealNetworks RealPlayer Enterprise
-CVE-2008-3063 (SQL injection vulnerability in login.php in V-webmail 1.5.0 might ...)
+CVE-2008-3063
 	NOT-FOR-US: V-webmail
 CVE-2008-3062
 	RESERVED
-CVE-2008-3061 (Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows ...)
+CVE-2008-3061
 	NOT-FOR-US: V-webmail
-CVE-2008-3060 (V-webmail 1.5.0 allows remote attackers to obtain sensitive ...)
+CVE-2008-3060
 	NOT-FOR-US: V-webmail
-CVE-2008-3059 (member/settings_account.php in Octeth Oempro 3.5.5.1, and possibly ...)
+CVE-2008-3059
 	NOT-FOR-US: Octeth Oempro
-CVE-2008-3058 (Multiple SQL injection vulnerabilities in Octeth Oempro 3.5.5.1, and ...)
+CVE-2008-3058
 	NOT-FOR-US: Octeth Oempro
-CVE-2008-3057 (Octeth Oempro 3.5.5.1, and possibly other versions before 4, does not ...)
+CVE-2008-3057
 	NOT-FOR-US: Octeth Oempro
-CVE-2008-3056 (SQL injection vulnerability in the Codeon Petition (cd_petition) ...)
+CVE-2008-3056
 	NOT-FOR-US: cd_petition extension for TYPO3
-CVE-2008-3055 (SQL injection vulnerability in the Support view (ext_tbl) extension ...)
+CVE-2008-3055
 	NOT-FOR-US: ext_tbl extension for TYPO3
-CVE-2008-3054 (SQL injection vulnerability in the Branchenbuch (aka Yellow Pages ...)
+CVE-2008-3054
 	NOT-FOR-US: mh_branchenbuch extension for TYPO3
-CVE-2008-3053 (SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension ...)
+CVE-2008-3053
 	NOT-FOR-US: mh_omsqlio extension for TYPO3
-CVE-2008-3052 (Unspecified vulnerability in the SQL Frontend (mh_omsqlio) extension ...)
+CVE-2008-3052
 	NOT-FOR-US: mh_omsqlio extension for TYPO3
-CVE-2008-3051 (SQL injection vulnerability in the Pinboard extension 0.0.6 and ...)
+CVE-2008-3051
 	NOT-FOR-US: Pinboard extension for TYPO3
-CVE-2008-3050 (Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) ...)
+CVE-2008-3050
 	NOT-FOR-US: pdfcreator extension for TYPO3
-CVE-2008-3049 (The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for ...)
+CVE-2008-3049
 	NOT-FOR-US: pdfcreator extension for TYPO3
-CVE-2008-3048 (Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) ...)
+CVE-2008-3048
 	NOT-FOR-US: pdfcreator extension for TYPO3
-CVE-2008-3047 (Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) ...)
+CVE-2008-3047
 	NOT-FOR-US: kb_unpack extension for TYPO3
-CVE-2008-3046 (Incomplete blacklist vulnerability in the Packman (kb_packman) ...)
+CVE-2008-3046
 	NOT-FOR-US: kb_packman extension for TYPO3
-CVE-2008-3045 (Unspecified vulnerability in the Industry Database (aka ...)
+CVE-2008-3045
 	NOT-FOR-US: pro_industrydb extension for TYPO3
-CVE-2008-3044 (SQL injection vulnerability in the News Calendar (newscalendar) ...)
+CVE-2008-3044
 	NOT-FOR-US: newscalendar extension for TYPO3
-CVE-2008-3043 (Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) ...)
+CVE-2008-3043
 	NOT-FOR-US: wec_discussion extension for TYPO3
-CVE-2008-3042 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
+CVE-2008-3042
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3041 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
+CVE-2008-3041
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3040 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
+CVE-2008-3040
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3039 (SQL injection vulnerability in the DAM Frontend (dam_frontend) ...)
+CVE-2008-3039
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3038 (SQL injection vulnerability in the Address Directory (sp_directory) ...)
+CVE-2008-3038
 	NOT-FOR-US: sp_directory extension for TYPO3
-CVE-2008-3037 (Cross-site scripting (XSS) vulnerability in the Address Directory ...)
+CVE-2008-3037
 	NOT-FOR-US: sp_directory extension for TYPO3
-CVE-2008-3036 (Directory traversal vulnerability in index.php in CMS little 0.0.1 ...)
+CVE-2008-3036
 	NOT-FOR-US: CMS little
-CVE-2008-3035 (SQL injection vulnerability in newThread.php in XchangeBoard 1.70 ...)
+CVE-2008-3035
 	NOT-FOR-US: XchangeBoard
-CVE-2008-3034 (Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow ...)
+CVE-2008-3034
 	NOT-FOR-US: RSS-aggregator
-CVE-2008-3033 (RSS-aggregator 1.0 does not require administrative authentication for ...)
+CVE-2008-3033
 	NOT-FOR-US: RSS-aggregator
-CVE-2008-3032 (Cross-site scripting (XSS) vulnerability in the phpMyAdmin ...)
+CVE-2008-3032
 	NOT-FOR-US: phpmyadmin extension for TYPO3
-CVE-2008-3031 (Directory traversal vulnerability in index.php in Simple PHP Agenda ...)
+CVE-2008-3031
 	NOT-FOR-US: Simple PHP Agenda
-CVE-2008-3030 (SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows ...)
+CVE-2008-3030
 	NOT-FOR-US: EfesTECH Shop
-CVE-2008-3029 (Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum ...)
+CVE-2008-3029
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2008-3028 (Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card ...)
+CVE-2008-3028
 	NOT-FOR-US: sr_sendcard extension for TYPO3
-CVE-2008-3027 (SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 ...)
+CVE-2008-3027
 	NOT-FOR-US: VanGogh Web CMS
-CVE-2008-3026 (SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet ...)
+CVE-2008-3026
 	NOT-FOR-US: OneClick CMS
-CVE-2008-3025 (SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows ...)
+CVE-2008-3025
 	NOT-FOR-US: plx Ad Trader
-CVE-2008-3024 (Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) ...)
+CVE-2008-3024
 	NOT-FOR-US: phgrafx in QNX Momentics
-CVE-2008-3023 (Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.6.2 and ...)
+CVE-2008-3023
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2008-3022 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2008-3022
 	NOT-FOR-US: PHPortal
-CVE-2008-3021 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter ...)
+CVE-2008-3021
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3020 (Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works ...)
+CVE-2008-3020
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3019 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter ...)
+CVE-2008-3019
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3018 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter ...)
+CVE-2008-3018
 	NOT-FOR-US: Microsoft Office 2000
 CVE-2008-3017
 	REJECTED
 CVE-2008-3016
 	REJECTED
-CVE-2008-3015 (Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, ...)
+CVE-2008-3015
 	NOT-FOR-US: Microsoft Office XP
-CVE-2008-3014 (Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer ...)
+CVE-2008-3014
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-3013 (gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP ...)
+CVE-2008-3013
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-3012 (gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP ...)
+CVE-2008-3012
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-3011
 	REJECTED
-CVE-2008-3010 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 ...)
+CVE-2008-3010
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-3009 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 ...)
+CVE-2008-3009
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-3008 (Stack-based buffer overflow in the WMEncProfileManager ActiveX control ...)
+CVE-2008-3008
 	NOT-FOR-US: Microsoft Windows Media Encoder
-CVE-2008-3007 (Argument injection vulnerability in a URI handler in Microsoft Office ...)
+CVE-2008-3007
 	NOT-FOR-US: Microsoft Office XP
-CVE-2008-3006 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 ...)
+CVE-2008-3006
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-3005 (Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 ...)
+CVE-2008-3005
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-3004 (Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; ...)
+CVE-2008-3004
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-3003 (Microsoft Office Excel 2007 Gold and SP1 does not properly delete the ...)
+CVE-2008-3003
 	NOT-FOR-US: Microsoft Office Excel
 CVE-2008-3002
 	REJECTED
-CVE-2008-3001 (The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote ...)
+CVE-2008-3001
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-3000 (The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access ...)
+CVE-2008-3000
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-2999 (Multiple SQL injection vulnerabilities in the Aggregation module 5.x ...)
+CVE-2008-2999
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-2998 (Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation ...)
+CVE-2008-2998
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-2997 (Cross-site scripting (XSS) vulnerability in index.php in Gravity Board ...)
+CVE-2008-2997
 	NOT-FOR-US: Gravity Board
-CVE-2008-2996 (Multiple SQL injection vulnerabilities in index.php in Gravity Board X ...)
+CVE-2008-2996
 	NOT-FOR-US: Gravity Board
-CVE-2008-2995 (Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow ...)
+CVE-2008-2995
 	NOT-FOR-US: PHPEasyData
-CVE-2008-2994 (Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData ...)
+CVE-2008-2994
 	NOT-FOR-US: PHPEasyData
-CVE-2008-2993 (Multiple directory traversal vulnerabilities in index.php in FOG Forum ...)
+CVE-2008-2993
 	NOT-FOR-US: FOG Forum
-CVE-2008-2992 (Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and ...)
+CVE-2008-2992
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-2991 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 ...)
+CVE-2008-2991
 	NOT-FOR-US: Adobe RoboHelp Server 7
-CVE-2008-2990 (PHP remote file inclusion vulnerability in facileforms.frame.php in ...)
+CVE-2008-2990
 	NOT-FOR-US: FacileForms
-CVE-2008-2989 (SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows ...)
+CVE-2008-2989
 	NOT-FOR-US: HoMaP-CMS
-CVE-2008-2988 (Unrestricted file upload vulnerability in admin/upload.php in Benja ...)
+CVE-2008-2988
 	NOT-FOR-US: Benja CMS
-CVE-2008-2987 (Multiple cross-site scripting (XSS) vulnerabilities in Benja CMS 0.1 ...)
+CVE-2008-2987
 	NOT-FOR-US: Benja CMS
-CVE-2008-2986 (Multiple PHP remote file inclusion vulnerabilities in phpDMCA 1.0.0 ...)
+CVE-2008-2986
 	NOT-FOR-US: phpDMCA
-CVE-2008-2985 (Directory traversal vulnerability in load_language.php in CMReams CMS ...)
+CVE-2008-2985
 	NOT-FOR-US: CMReams CMS
-CVE-2008-2984 (Cross-site scripting (XSS) vulnerability in backend/umleitung.php in ...)
+CVE-2008-2984
 	NOT-FOR-US: CMReams CMS
-CVE-2008-2983 (SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows ...)
+CVE-2008-2983
 	NOT-FOR-US: Demo4 CMS
-CVE-2008-2982 (Multiple directory traversal vulnerabilities in HomePH Design 2.10 ...)
+CVE-2008-2982
 	NOT-FOR-US: HomePH
-CVE-2008-2981 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2981
 	NOT-FOR-US: HomePH
-CVE-2008-2980 (Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design ...)
+CVE-2008-2980
 	NOT-FOR-US: HomePH
-CVE-2008-2979 (Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php ...)
+CVE-2008-2979
 	NOT-FOR-US: Ourvideo CMS
-CVE-2008-2978 (Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, ...)
+CVE-2008-2978
 	NOT-FOR-US: Ourvideo CMS
-CVE-2008-2977 (Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 ...)
+CVE-2008-2977
 	NOT-FOR-US: Ourvideo CMS
-CVE-2008-2976 (Multiple directory traversal vulnerabilities in TinX/cms 1.1, when ...)
+CVE-2008-2976
 	NOT-FOR-US: TinX/cms
-CVE-2008-2975 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-2975
 	NOT-FOR-US: TinX/cms
-CVE-2008-2974 (Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, ...)
+CVE-2008-2974
 	NOT-FOR-US: MM Chat
-CVE-2008-2973 (Multiple cross-site scripting (XSS) vulnerabilities in chathead.php in ...)
+CVE-2008-2973
 	NOT-FOR-US: MM Chat
-CVE-2008-2972 (SQL injection vulnerability in index.php in KbLance allows remote ...)
+CVE-2008-2972
 	NOT-FOR-US: KbLance
-CVE-2008-2971 (SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows ...)
+CVE-2008-2971
 	NOT-FOR-US: CiBlog
-CVE-2008-2970 (Multiple session fixation vulnerabilities in Academic Web Tools (AWT ...)
+CVE-2008-2970
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2969 (Directory traversal vulnerability in download.php in Academic Web ...)
+CVE-2008-2969
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2968 (SQL injection vulnerability in rating.php in Academic Web Tools (AWT ...)
+CVE-2008-2968
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2967 (Multiple cross-site scripting (XSS) vulnerabilities in Academic Web ...)
+CVE-2008-2967
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2966 (Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 ...)
+CVE-2008-2966
 	NOT-FOR-US: JaxUltraBB
-CVE-2008-2965 (Cross-site scripting (XSS) vulnerability in viewforum.php in ...)
+CVE-2008-2965
 	NOT-FOR-US: JaxUltraBB
-CVE-2008-2964 (SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows ...)
+CVE-2008-2964
 	NOT-FOR-US: ResearchGuide
-CVE-2008-2963 (Multiple SQL injection vulnerabilities in MyBlog allow remote ...)
+CVE-2008-2963
 	NOT-FOR-US: MyBlog
-CVE-2008-2962 (Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow ...)
+CVE-2008-2962
 	NOT-FOR-US: MyBlog
-CVE-2008-2961 (Multiple directory traversal vulnerabilities in view/index.php in CMS ...)
+CVE-2008-2961
 	NOT-FOR-US: CMS Mini
-CVE-2008-2959 (Buffer overflow in a certain ActiveX control (vb6skit.dll) in ...)
+CVE-2008-2959
 	NOT-FOR-US: ActiveX control
-CVE-2008-2951 (Open redirect vulnerability in the search script in Trac before 0.10.5 ...)
+CVE-2008-2951
 	- trac 0.11-1
 	[etch] - trac 0.10.3-1etch4
-CVE-2008-2949 (Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 ...)
+CVE-2008-2949
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2948 (Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 ...)
+CVE-2008-2948
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, ...)
+CVE-2008-2947
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2946 (The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice ...)
+CVE-2008-2946
 	NOT-FOR-US: Solstice Enterprise Agents in Sun Solaris
-CVE-2008-2945 (Sun Java System Access Manager 6.3 through 7.1 and Sun Java System ...)
+CVE-2008-2945
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2008-2944 (Double free vulnerability in the utrace support in the Linux kernel, ...)
+CVE-2008-2944
 	- linux-2.6 <not-affected>
 	[etch] - linux-2.6 <not-affected>
 	- linux-2.6.24 <not-affected>
-CVE-2008-2943 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 ...)
+CVE-2008-2943
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2008-2941 (The hpssd message parser in hpssd.py in HP Linux Imaging and Printing ...)
+CVE-2008-2941
 	- hplip 2.8.6-1 (low; bug #499842)
 	[etch] - hplip <no-dsa> (Minor issue)
 	NOTE: Does not affect current version in lenny, marking as fixed in current upstream release
-CVE-2008-2940 (The alert-mailing implementation in HP Linux Imaging and Printing ...)
+CVE-2008-2940
 	- hplip 2.8.6-1 (low; bug #499842)
 	[etch] - hplip <no-dsa> (Minor issue)
 	NOTE: Does not affect current version in lenny, marking as fixed in current upstream release
-CVE-2008-2939 (Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the ...)
+CVE-2008-2939
 	- apache2 2.2.9-7 (low)
 	[etch] - apache2 2.2.3-4+etch6
 	- apache <not-affected> (vulnerable code not present)
-CVE-2008-2938 (Directory traversal vulnerability in Apache Tomcat 4.1.0 through ...)
+CVE-2008-2938
 	NOTE: This is an issue in the respective JVMs, Tomcat only includes a workaround
 	NOTE: Check status of free JVMs
 	- tomcat5.5 5.5.26-5 (unimportant; bug #496309)
-CVE-2008-2937 (Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a ...)
+CVE-2008-2937
 	- postfix 2.5.4-1 (low)
 	[etch] - postfix <no-dsa> (minor issue)
-CVE-2008-2936 (Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 ...)
+CVE-2008-2936
 	{DSA-1629-2 DSA-1629-1 DTSA-155-1}
 	- postfix 2.5.4-1
-CVE-2008-2935 (Multiple heap-based buffer overflows in the rc4 (1) encryption (aka ...)
+CVE-2008-2935
 	{DSA-1624-1 DTSA-152-1}
 	- libxslt 1.1.24-2 (bug #493162)
 	NOTE: http://www.ocert.org/advisories/ocert-2008-009.html
-CVE-2008-2934 (Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to ...)
+CVE-2008-2934
 	- iceweasel <not-affected> (MacOS-specific)
-CVE-2008-2933 (Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' ...)
+CVE-2008-2933
 	{DSA-1697-1 DSA-1615-1 DSA-1614-1}
 	- iceweasel 3.0.1-1 (low)
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
-CVE-2008-2932 (Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote ...)
+CVE-2008-2932
 	NOT-FOR-US: Red Hat adminutil
-CVE-2008-2931 (The do_change_type function in fs/namespace.c in the Linux kernel ...)
+CVE-2008-2931
 	{DSA-1630-1}
 	- linux-2.6 2.6.22
 	NOTE: ee6f958291e2a768fd727e7a67badfff0b67711a
-CVE-2008-2930 (Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, ...)
+CVE-2008-2930
 	NOT-FOR-US: Red Hat Directory Server / Fedora Directory Server
-CVE-2008-2929 (Multiple cross-site scripting (XSS) vulnerabilities in the adminutil ...)
+CVE-2008-2929
 	NOT-FOR-US: Red Hat Directory Server / Fedora Directory Server
-CVE-2008-2928 (Multiple buffer overflows in the adminutil library in CGI applications ...)
+CVE-2008-2928
 	NOT-FOR-US: Red Hat Directory Server / Fedora Directory Server
-CVE-2008-2926 (The kmxfw.sys driver in CA Host-Based Intrusion Prevention System ...)
+CVE-2008-2926
 	NOT-FOR-US: r8 (Host-Based Intrusion Prevention System)
-CVE-2008-2925 (SQL injection vulnerability in Webmatic before 2.8 allows remote ...)
+CVE-2008-2925
 	NOT-FOR-US: Webmatic
-CVE-2008-2924 (Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows ...)
+CVE-2008-2924
 	NOT-FOR-US: Webmatic
-CVE-2008-2923 (Cross-site scripting (XSS) vulnerability in read/search/results in ...)
+CVE-2008-2923
 	NOT-FOR-US: Lyris ListManager
-CVE-2008-2922 (Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier ...)
+CVE-2008-2922
 	NOT-FOR-US: Dana IRC client
-CVE-2008-2921 (SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and ...)
+CVE-2008-2921
 	NOT-FOR-US: EZTechhelp
-CVE-2008-2920 (admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and ...)
+CVE-2008-2920
 	NOT-FOR-US: EZTechhelp
-CVE-2008-2919 (SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 ...)
+CVE-2008-2919
 	NOT-FOR-US: Gryphon
-CVE-2008-2918 (SQL injection vulnerability in details.php in Application Dynamics ...)
+CVE-2008-2918
 	NOT-FOR-US: Application Dynamics Cartweaver
-CVE-2008-2917 (SQL injection vulnerability in productsofcat.asp in E-SMART CART ...)
+CVE-2008-2917
 	NOT-FOR-US: E-SMART CART
-CVE-2008-2916 (Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and ...)
+CVE-2008-2916
 	NOT-FOR-US: Pre ADS Portal
-CVE-2008-2915 (Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php ...)
+CVE-2008-2915
 	NOT-FOR-US: Pre Job Board
-CVE-2008-2914 (SQL injection vulnerability in jobseekers/JobSearch3.php (aka the ...)
+CVE-2008-2914
 	NOT-FOR-US: Pre Job Board
-CVE-2008-2913 (Directory traversal vulnerability in func.php in Devalcms 1.4a, when ...)
+CVE-2008-2913
 	NOT-FOR-US: Devalcms
-CVE-2008-2912 (Multiple PHP remote file inclusion vulnerabilities in Contenido CMS ...)
+CVE-2008-2912
 	NOT-FOR-US: Contenido CMS
-CVE-2008-2911 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-2911
 	NOT-FOR-US: Contenido CMS
-CVE-2008-2910 (Buffer overflow in the DXTTextOutEffect ActiveX control (aka the ...)
+CVE-2008-2910
 	NOT-FOR-US: ActiveX control
-CVE-2008-2909 (SQL injection vulnerability in results.php in Clever Copy 3.0 allows ...)
+CVE-2008-2909
 	NOT-FOR-US: Clever Copy
-CVE-2008-2908 (Multiple stack-based buffer overflows in a certain ActiveX control in ...)
+CVE-2008-2908
 	NOT-FOR-US: ActiveX control
-CVE-2008-2907 (SQL injection vulnerability in admin/index.php in WebChamado 1.1, when ...)
+CVE-2008-2907
 	NOT-FOR-US: WebChamado
-CVE-2008-2906 (SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 ...)
+CVE-2008-2906
 	NOT-FOR-US: WebChamado
-CVE-2008-2905 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2905
 	NOT-FOR-US: Mambo
 	NOTE: Mambo is only in experimental
 	NOTE: filed removal bug for Mambo from experimental #490291
-CVE-2008-2904 (SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows ...)
+CVE-2008-2904
 	NOT-FOR-US: Conkurent PHPMyCart
-CVE-2008-2903 (SQL injection vulnerability in news.php in Advanced Webhost Billing ...)
+CVE-2008-2903
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2008-2902 (SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 ...)
+CVE-2008-2902
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2008-2901 (Multiple SQL injection vulnerabilities in Haudenschilt Family ...)
+CVE-2008-2901
 	NOT-FOR-US: Haudenschilt Family Connections CMS
-CVE-2008-2900 (SQL injection vulnerability in item.php in PHPAuction 3.2 allows ...)
+CVE-2008-2900
 	NOT-FOR-US: PHPAuction
-CVE-2008-2899 (Unspecified vulnerability in includes/classes/page.php in j00lean-CMS ...)
+CVE-2008-2899
 	NOT-FOR-US: j00lean-CMS
-CVE-2008-2898 (Directory traversal vulnerability in includes/header.php in ...)
+CVE-2008-2898
 	NOT-FOR-US: Hedgehog-CMS
-CVE-2008-2897 (SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta ...)
+CVE-2008-2897
 	NOT-FOR-US: PageSquid
-CVE-2008-2896 (Directory traversal vulnerability in index.php in FireAnt 1.3 allows ...)
+CVE-2008-2896
 	NOT-FOR-US: FireAnt
-CVE-2008-2895 (Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 ...)
+CVE-2008-2895
 	NOT-FOR-US: AproxEngine
-CVE-2008-2894 (Directory traversal vulnerability in the FTP client in NCH Software ...)
+CVE-2008-2894
 	NOT-FOR-US: NCH Software Classic FTP Windows
-CVE-2008-2893 (SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ ...)
+CVE-2008-2893
 	NOT-FOR-US: AJ Square aj-hyip
-CVE-2008-2892 (SQL injection vulnerability in the EXP Shop (com_expshop) component ...)
+CVE-2008-2892
 	NOT-FOR-US: Joomla!
-CVE-2008-2891 (SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows ...)
+CVE-2008-2891
 	NOT-FOR-US: emuCMS
-CVE-2008-2890 (Multiple SQL injection vulnerabilities in Online Fantasy Football ...)
+CVE-2008-2890
 	NOT-FOR-US: Online Fantasy Football League
-CVE-2008-2889 (Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP ...)
+CVE-2008-2889
 	NOT-FOR-US: AceBIT WISE-FTP
-CVE-2008-2888 (Multiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, ...)
+CVE-2008-2888
 	NOT-FOR-US: MiGCMS
-CVE-2008-2887 (Directory traversal vulnerability in index.php in chaozz@work ...)
+CVE-2008-2887
 	NOT-FOR-US: FubarForum
-CVE-2008-2886 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2886
 	NOT-FOR-US: Jamroom
-CVE-2008-2885 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2885
 	NOT-FOR-US: Open Digital Assets Repository System
-CVE-2008-2884 (PHP remote file inclusion vulnerability in display.php in ...)
+CVE-2008-2884
 	NOT-FOR-US: RSS-aggregator
-CVE-2008-2883 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2883
 	NOT-FOR-US: Jamroom
-CVE-2008-2882 (upgrade.asp in sHibby sHop 2.2 and earlier does not require ...)
+CVE-2008-2882
 	NOT-FOR-US: sHibby sHop
-CVE-2008-2881 (Relative Real Estate Systems 3.0 and earlier stores passwords in ...)
+CVE-2008-2881
 	NOT-FOR-US: Relative Real Estate Systems
-CVE-2008-2880 (Heap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and ...)
+CVE-2008-2880
 	NOT-FOR-US: IBM AFP Viewer Plug-in
-CVE-2008-2879 (Benja CMS 0.1 does not require authentication for access to admin/, ...)
+CVE-2008-2879
 	NOT-FOR-US: Benja CMS
-CVE-2008-2878 (Open redirect vulnerability in rss_getfile.php in Academic Web Tools ...)
+CVE-2008-2878
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2877 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2877
 	NOT-FOR-US: cmsWorks
-CVE-2008-2876 (Directory traversal vulnerability in index.php in mUnky 0.0.1 allows ...)
+CVE-2008-2876
 	NOT-FOR-US: mUnky
-CVE-2008-2875 (SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 ...)
+CVE-2008-2875
 	NOT-FOR-US: Webdevindo-CMS
-CVE-2008-2874 (SQL injection vulnerability in index.php in Softbiz Jokes &amp; Funny Pics ...)
+CVE-2008-2874
 	NOT-FOR-US: Softbiz Jokes & Funny Pics
-CVE-2008-2873 (sHibby sHop 2.2 and earlier stores sensitive information under the web ...)
+CVE-2008-2873
 	NOT-FOR-US: sHibby sHop
-CVE-2008-2872 (SQL injection vulnerability in default.asp in sHibby sHop 2.2 and ...)
+CVE-2008-2872
 	NOT-FOR-US: sHibby sHop
-CVE-2008-2871 (Multiple cross-site scripting (XSS) vulnerabilities in template2.php ...)
+CVE-2008-2871
 	NOT-FOR-US: PEGames
-CVE-2008-2870 (Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow ...)
+CVE-2008-2870
 	NOT-FOR-US: ShareCMS
-CVE-2008-2869 (SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows ...)
+CVE-2008-2869
 	NOT-FOR-US: E-topbiz Link ADS
-CVE-2008-2868 (SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and ...)
+CVE-2008-2868
 	NOT-FOR-US: ware DUcalendar
-CVE-2008-2867 (SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 ...)
+CVE-2008-2867
 	NOT-FOR-US: E-topbiz Viral
-CVE-2008-2866 (SQL injection vulnerability in csc_article_details.php in Caupo.net ...)
+CVE-2008-2866
 	NOT-FOR-US: CaupoShop Classic
-CVE-2008-2865 (SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site ...)
+CVE-2008-2865
 	NOT-FOR-US: Kalptaru Infotech PHP Site
-CVE-2008-2864 (eLineStudio Site Composer (ESC) 2.6 and earlier allows remote ...)
+CVE-2008-2864
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2863 (Multiple absolute path traversal vulnerabilities in eLineStudio Site ...)
+CVE-2008-2863
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2862 (Multiple SQL injection vulnerabilities in eLineStudio Site Composer ...)
+CVE-2008-2862
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2861 (Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio ...)
+CVE-2008-2861
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2860 (SQL injection vulnerability in category.php in AJSquare AJ Auction Pro ...)
+CVE-2008-2860
 	NOT-FOR-US: AJSquare AJ Auction Pro Web
-CVE-2008-2859 (Unspecified vulnerability in the IMAP service in NetWin SurgeMail ...)
+CVE-2008-2859
 	NOT-FOR-US: NetWin SurgeMail
-CVE-2008-2858 (SQL injection vulnerability in index.php in WebChamado 1.1 allows ...)
+CVE-2008-2858
 	NOT-FOR-US: WebChamado
-CVE-2008-2857 (AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in ...)
+CVE-2008-2857
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2008-2856 (SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows ...)
+CVE-2008-2856
 	NOT-FOR-US: OwnRS
-CVE-2008-2855 (Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 ...)
+CVE-2008-2855
 	NOT-FOR-US: OwnRS
-CVE-2008-2854 (Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 ...)
+CVE-2008-2854
 	NOT-FOR-US: Orlando CMS
-CVE-2008-2853 (SQL injection vulnerability in index.php in Easy Webstore 1.2 allows ...)
+CVE-2008-2853
 	NOT-FOR-US: Easy Webstore
-CVE-2008-2852 (Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when ...)
+CVE-2008-2852
 	- cgiwrap <removed> (low; bug #497761)
 	[etch] - cgiwrap <no-dsa> (Minor issue)
 	NOTE: only applies to certain character sets and only works with
 	NOTE: browsers. There isn't a good solution available, the patch uses
 	NOTE: a compile-time charset specification. All in all not a real
 	NOTE: priority to fix in etch.
-CVE-2008-2851 (Multiple buffer overflows in OFF System before 0.19.14 allow remote ...)
+CVE-2008-2851
 	NOT-FOR-US: OFF System
-CVE-2008-2850 (SQL injection vulnerability in the TrailScout module 5.x before ...)
+CVE-2008-2850
 	NOT-FOR-US: additional drupal module TrailScout
-CVE-2008-2849 (Cross-site scripting (XSS) vulnerability in the TrailScout module 5.x ...)
+CVE-2008-2849
 	NOT-FOR-US: additional drupal module TrailScout
-CVE-2008-2848 (Cross-site scripting (XSS) vulnerability in the search functionality ...)
+CVE-2008-2848
 	NOT-FOR-US: MindTouch DekiWiki
-CVE-2008-2847 (SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 ...)
+CVE-2008-2847
 	NOT-FOR-US: Maxtrade
-CVE-2008-2846 (SQL injection vulnerability in index.php in BoatScripts Classifieds ...)
+CVE-2008-2846
 	NOT-FOR-US: BoatScripts Classifieds
-CVE-2008-2845 (SQL injection vulnerability in index.php in MyBizz-Classifieds allows ...)
+CVE-2008-2845
 	NOT-FOR-US: MyBizz-Classifieds
-CVE-2008-2844 (SQL injection vulnerability in index.php in Carscripts Classifieds ...)
+CVE-2008-2844
 	NOT-FOR-US: Carscripts Classifieds
-CVE-2008-2843 (Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and ...)
+CVE-2008-2843
 	NOT-FOR-US: doITLive CMS
-CVE-2008-2842 (Cross-site scripting (XSS) vulnerability in edit/showmedia.asp in ...)
+CVE-2008-2842
 	NOT-FOR-US: doITLive CMS
-CVE-2008-2950 (The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and ...)
+CVE-2008-2950
 	{DTSA-146-1}
 	- poppler 0.8.4-1.1 (medium; bug #489756)
 	[etch] - poppler <not-affected> (Vulnerable code not present)
 	- xpdf <not-affected> (Page.cc is not allocating the widget and therefore not vulnerable in the destructor, attrs initialized)
-CVE-2008-2927 (Multiple integer overflows in the msn_slplink_process_msg functions in ...)
+CVE-2008-2927
 	{DSA-1805-1 DSA-1610-1}
 	- pidgin 2.4.3-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=453764
-CVE-2008-3137 (The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through ...)
+CVE-2008-3137
 	{DSA-1673-1}
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3138 (The (1) PANA and (2) KISMET dissectors in Wireshark (formerly ...)
+CVE-2008-3138
 	{DSA-1673-1}
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3139 (The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through ...)
+CVE-2008-3139
 	- wireshark 1.0.1-1 (low; bug #488834)
 	[etch] - wireshark <not-affected> (Only affects 0.99.8 to 1.0.0)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3140 (The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows ...)
+CVE-2008-3140
 	- wireshark 1.0.1-1 (low; bug #488834)
 	[etch] - wireshark <not-affected> (Only affects 1.0.0)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3141 (Unspecified vulnerability in the RMI dissector in Wireshark (formerly ...)
+CVE-2008-3141
 	{DSA-1673-1}
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-2952 (liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to ...)
+CVE-2008-2952
 	{DSA-1650-1 DTSA-151-1}
 	- openldap2.3 <removed> (low; bug #488710)
 	- openldap 2.4.10-3 (low; bug #488710)
-CVE-2008-2955 (Pidgin 2.4.1 allows remote attackers to cause a denial of service ...)
+CVE-2008-2955
 	- pidgin 2.4.3-1 (low; bug #488632)
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
-CVE-2008-2956 (** DISPUTED ** ...)
+CVE-2008-2956
 	- pidgin <unfixed> (unimportant; bug #488632)
 	NOTE: Non-issue per analysis of Pidgin upstream developers, should be rejected
-CVE-2008-2957 (The UPnP functionality in Pidgin 2.0.0, and possibly other versions, ...)
+CVE-2008-2957
 	- pidgin 2.4.3-4 (low; bug #488632)
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
 	NOTE: probably only a bandwidth issue
-CVE-2008-2942 (Directory traversal vulnerability in patch.py in Mercurial 1.0.1 ...)
+CVE-2008-2942
 	- mercurial 1.0.1-2 (low; bug #488628)
 	[etch] - mercurial <not-affected> (Vulnerable functionality not present)
-CVE-2008-2953 (Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a ...)
+CVE-2008-2953
 	- linuxdcpp 1.0.1-2 (low; bug #488630)
 	[etch] - linuxdcpp <no-dsa> (Minor issue)
-CVE-2008-2954 (client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows ...)
+CVE-2008-2954
 	- linuxdcpp 1.0.1-2 (low; bug #488630)
 	[etch] - linuxdcpp <no-dsa> (Minor issue)
-CVE-2008-2958 (Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows ...)
+CVE-2008-2958
 	- checkinstall 1.6.1-7 (low; bug #488140)
 CVE-2008-XXXX [werkzeug hashes its secret instead of using hmac]
 	- python-werkzeug 0.3.1-1
 	NOTE: http://web.archive.org/web/20081229140824/http://lucumr.pocoo.org:80/cogitations/2008/06/24/werkzeug-031-released/
-CVE-2008-2841 (Argument injection vulnerability in XChat 2.8.7b and earlier on ...)
+CVE-2008-2841
 	- xchat <not-affected> (Windows specific problem)
-CVE-2008-2840 (Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and ...)
+CVE-2008-2840
 	NOT-FOR-US: Exero CMS
-CVE-2008-2839 (Cross-site scripting (XSS) vulnerability in the search module in ...)
+CVE-2008-2839
 	NOT-FOR-US: Traindepot
-CVE-2008-2838 (Directory traversal vulnerability in index.php in Traindepot 0.1 ...)
+CVE-2008-2838
 	NOT-FOR-US: Traindepot
-CVE-2008-2837 (SQL injection vulnerability in index.php in CMS-BRD allows remote ...)
+CVE-2008-2837
 	NOT-FOR-US: CMS-BRD
-CVE-2008-2836 (PHP remote file inclusion vulnerability in send_reminders.php in ...)
+CVE-2008-2836
 	- webcalendar 1.0.5-1 (low)
 	- gforge <not-affected> (code in lenny internally sets its own path)
-CVE-2008-2835 (SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows ...)
+CVE-2008-2835
 	NOT-FOR-US: IGSuite
-CVE-2008-2834 (SQL injection vulnerability in projects.php in Scientific Image ...)
+CVE-2008-2834
 	NOT-FOR-US: Scientific Image DataBase
-CVE-2008-2833 (admin/upload.php in le.cms 1.4 and earlier allows remote attackers to ...)
+CVE-2008-2833
 	NOT-FOR-US: le.cms
-CVE-2008-2832 (Unrestricted file upload vulnerability in calendar_admin.asp in Full ...)
+CVE-2008-2832
 	NOT-FOR-US: aspWebCalendar 2008
-CVE-2008-2831 (Multiple cross-site scripting (XSS) vulnerabilities in the delegated ...)
+CVE-2008-2831
 	NOT-FOR-US: MailMarshal
-CVE-2008-2830 (Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and ...)
+CVE-2008-2830
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-2829 (php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete ...)
+CVE-2008-2829
 	{DTSA-144-1}
 	- php5 5.2.6-2 (low)
 	[etch] - php5 <no-dsa> (Fix not feasible for etch, low priority issue)
 	NOTE: the fix sent to t-s and unstable does not seem possible in etch due to
 	NOTE: missing api features from the version of libc-client in etch.
-CVE-2008-2826 (Integer overflow in the sctp_getsockopt_local_addrs_old function in ...)
+CVE-2008-2826
 	{DSA-1630-1}
 	- linux-2.6 2.6.25-6 (low)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4 (low)
 	NOTE: 735ce972fbc8a65fb17788debd7bbe7b4383cc62, present in 2.6.25.9
-CVE-2008-2825 (Cross-site scripting (XSS) vulnerability in the embedded Web Server in ...)
+CVE-2008-2825
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2008-2824 (Unspecified vulnerability in the Extensible Interface Platform in Web ...)
+CVE-2008-2824
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2008-2823 (SQL injection vulnerability in newsarchive.php in PHPeasyblog ...)
+CVE-2008-2823
 	NOT-FOR-US: PHPeasyblog
-CVE-2008-2822 (Multiple directory traversal vulnerabilities in the FTP client in ...)
+CVE-2008-2822
 	NOT-FOR-US: 3D-FTP Client
-CVE-2008-2821 (Directory traversal vulnerability in the FTP client in Glub Tech ...)
+CVE-2008-2821
 	NOT-FOR-US: Glub Tech Secure FTP
-CVE-2008-2820 (Directory traversal vulnerability in lang/lang-system.php in Open ...)
+CVE-2008-2820
 	NOT-FOR-US: Open Azimyt CMS
-CVE-2008-2819 (SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and ...)
+CVE-2008-2819
 	NOT-FOR-US: BlognPlus
-CVE-2008-2818 (Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows ...)
+CVE-2008-2818
 	NOT-FOR-US: Easy-Clanpage
-CVE-2008-2817 (SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 ...)
+CVE-2008-2817
 	NOT-FOR-US: NiTrO Web Gallery
-CVE-2008-2816 (SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin ...)
+CVE-2008-2816
 	NOT-FOR-US: Oxygen
-CVE-2008-2815 (SQL injection vulnerability in shopping/index.php in MyMarket 1.72 ...)
+CVE-2008-2815
 	NOT-FOR-US: MyMarket
-CVE-2008-2814 (Cross-site scripting (XSS) vulnerability in WallCity-Server Shoutcast ...)
+CVE-2008-2814
 	NOT-FOR-US: WallCity-Server
-CVE-2008-2813 (Directory traversal vulnerability in index.php in WallCity-Server ...)
+CVE-2008-2813
 	NOT-FOR-US: WallCity-Server
-CVE-2008-2812 (The Linux kernel before 2.6.25.10 does not properly perform tty ...)
+CVE-2008-2812
 	{DSA-1630-1}
 	- linux-2.6 2.6.25-7
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
-CVE-2008-2811 (The block reflow implementation in Mozilla Firefox before 2.0.0.15, ...)
+CVE-2008-2811
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2810 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
+CVE-2008-2810
 	- iceweasel <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2008-2809 (Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, ...)
+CVE-2008-2809
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2808 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
+CVE-2008-2808
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2807 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
+CVE-2008-2807
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2806 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS ...)
+CVE-2008-2806
 	- iceweasel <not-affected> (MacOS-specific)
 	- iceape <not-affected> (MacOS-specific)
-CVE-2008-2805 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow ...)
+CVE-2008-2805
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
@@ -10631,77 +10631,77 @@ CVE-2008-2805 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow
 	- xulrunner 1.9.0.1-1
 CVE-2008-2804
 	REJECTED
-CVE-2008-2803 (The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox ...)
+CVE-2008-2803
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2802 (Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and ...)
+CVE-2008-2802
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- icedove 2.0.0.16-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2801 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
+CVE-2008-2801
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2800 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow ...)
+CVE-2008-2800
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2799 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
+CVE-2008-2799
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2798 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
+CVE-2008-2798
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2797 (Cross-site scripting (XSS) vulnerability in MainLayout.do in ...)
+CVE-2008-2797
 	NOT-FOR-US: ManageEngine OpUtils
-CVE-2008-2796 (SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote ...)
+CVE-2008-2796
 	NOT-FOR-US: FreeCMS
-CVE-2008-2795 (Directory traversal vulnerability in the FTP and SFTP clients in IDM ...)
+CVE-2008-2795
 	NOT-FOR-US: IDM Computer Solutions Inc UltraEdit
-CVE-2008-2794 (Unspecified vulnerability in the GUI in Symantec Altiris Notification ...)
+CVE-2008-2794
 	NOT-FOR-US: Symantec Altiris Notification
-CVE-2008-2793 (SQL injection vulnerability in group_posts.php in ClipShare before ...)
+CVE-2008-2793
 	NOT-FOR-US: ClipShare
-CVE-2008-2792 (SQL injection vulnerability in index.php in eroCMS 1.4 and earlier ...)
+CVE-2008-2792
 	NOT-FOR-US: eroCMS
-CVE-2008-2791 (SQL injection vulnerability in product.detail.php in Kalptaru Infotech ...)
+CVE-2008-2791
 	NOT-FOR-US: Kalptaru Infotech
-CVE-2008-2790 (SQL injection vulnerability in detail.php in MountainGrafix easyTrade ...)
+CVE-2008-2790
 	NOT-FOR-US: MountainGrafix easyTrade
-CVE-2008-2789 (SQL injection vulnerability in pages/index.php in BASIC-CMS allows ...)
+CVE-2008-2789
 	NOT-FOR-US: BASIC-CMS
-CVE-2008-2788 (Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan ...)
+CVE-2008-2788
 	NOT-FOR-US: OpenDocMan
-CVE-2008-2787 (Cross-site scripting (XSS) vulnerability in out.php in OpenDocMan ...)
+CVE-2008-2787
 	NOT-FOR-US: OpenDocMan
-CVE-2008-2960 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, ...)
+CVE-2008-2960
 	- phpmyadmin 4:2.11.7~rc2-1 (unimportant)
 	NOTE: We haven't supported installations with register_globals enabled since a long time
-CVE-2008-2827 (The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly ...)
+CVE-2008-2827
 	{DTSA-142-1}
 	- perl 5.10.0-11 (bug #487319; medium)
 	[etch] - perl <not-affected> (doesn't change link target permissions)
 	NOTE: affects other packages like debsums, see bugreport
-CVE-2008-2828 (Stack-based buffer overflow in tmsnc allows remote attackers to cause ...)
+CVE-2008-2828
 	- tmsnc 0.3.2-1.1 (low; bug #487222)
-CVE-2008-2786 (Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack ...)
+CVE-2008-2786
 	NOT-FOR-US: Just hashes posted to full-disclosure, no specific information
 	NOTE: Unless more specific information pops up, this can be considered covered by
 	NOTE: CVE-2008-2785
-CVE-2008-2785 (Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird ...)
+CVE-2008-2785
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1614-1}
 	- iceweasel 3.0 (medium; bug #488358)
 	- icedove 2.0.0.16-1
@@ -10709,122 +10709,122 @@ CVE-2008-2785 (Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird
 	- xulrunner 1.9.0.1-1 (bug #491161)
 	NOTE: Since 3.0 iceweasel links against xulrunner, marking it as fixed, since also need to track etch
 	NOTE: http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
-CVE-2008-2784 (The smtp_filter function in spamdyke before 3.1.8 does not filter RCPT ...)
+CVE-2008-2784
 	NOT-FOR-US: spamdyke
-CVE-2008-2783 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
+CVE-2008-2783
 	- kronolith2 <not-affected> (unimportant; Nonreproducable 'issue')
 	- horde3 <not-affected> (unimportant; Nonreproducable 'issue')
 	NOTE: not reproducible, redhat also seems to have problems reproducing this https://bugzilla.redhat.com/show_bug.cgi?id=452209
-CVE-2008-2782 (Multiple directory traversal vulnerabilities in OtomiGenX 2.2 allow ...)
+CVE-2008-2782
 	NOT-FOR-US: OtomiGenX
-CVE-2008-2781 (SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 ...)
+CVE-2008-2781
 	NOT-FOR-US: DZOIC Handshakes
-CVE-2008-2780 (The Anubis (aka Anubis+Ripe160) plugin before 1.3 for encrypt stores ...)
+CVE-2008-2780
 	NOT-FOR-US: Anubis
-CVE-2008-2779 (Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 ...)
+CVE-2008-2779
 	NOT-FOR-US: GlobalSCAPE CuteFTP Home
-CVE-2008-2778 (SQL injection vulnerability in inc/class_search.php in the Search ...)
+CVE-2008-2778
 	NOT-FOR-US: RevokeBB
-CVE-2008-2777 (Cross-site scripting (XSS) vulnerability in Ortro before 1.3.1 allows ...)
+CVE-2008-2777
 	NOT-FOR-US: Ortro
-CVE-2008-2776 (Cross-site scripting (XSS) vulnerability in search.asp in DT ...)
+CVE-2008-2776
 	NOT-FOR-US: DT Centrepiece
-CVE-2008-2775 (SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows ...)
+CVE-2008-2775
 	NOT-FOR-US: DT Centrepiece
-CVE-2008-2774 (SQL injection vulnerability in item.php in CartKeeper CKGold Shopping ...)
+CVE-2008-2774
 	NOT-FOR-US: CartKeeper CKGold Shopping Cart
-CVE-2008-2773 (Cross-site scripting (XSS) vulnerability in the Taxonomy Image module ...)
+CVE-2008-2773
 	NOT-FOR-US: Taxonomy Image module for Drupal
-CVE-2008-2772 (The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote ...)
+CVE-2008-2772
 	NOT-FOR-US: Magic Tabs module for Drupal
-CVE-2008-2771 (The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 ...)
+CVE-2008-2771
 	NOT-FOR-US: Node Hierarchy module for Drupal
-CVE-2008-2770 (SQL injection vulnerability in index.php in MycroCMS 0.5, when ...)
+CVE-2008-2770
 	NOT-FOR-US: MycroCMS
-CVE-2008-2769 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2769
 	NOT-FOR-US: phpRaider
-CVE-2008-2768 (Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla ...)
+CVE-2008-2768
 	NOT-FOR-US: Xigla Poll Manager XE
-CVE-2008-2767 (SQL injection vulnerability in search.asp in Xigla Poll Manager XE ...)
+CVE-2008-2767
 	NOT-FOR-US: Xigla Poll Manager XE
-CVE-2008-2766 (Cross-site scripting (XSS) vulnerability in Xigla Absolute Image ...)
+CVE-2008-2766
 	NOT-FOR-US: Xigla Absolute Image Gallery XE
-CVE-2008-2765 (SQL injection vulnerability in gallery.asp in Xigla Absolute Image ...)
+CVE-2008-2765
 	NOT-FOR-US: Xigla Absolute Image Gallery XE
-CVE-2008-2764 (Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla ...)
+CVE-2008-2764
 	NOT-FOR-US: Xigla Absolute Live Support XE
-CVE-2008-2763 (SQL injection vulnerability in search.asp in Xigla Absolute Live ...)
+CVE-2008-2763
 	NOT-FOR-US: Xigla Absolute Live Support XE
-CVE-2008-2762 (SQL injection vulnerability in search.asp in Xigla Absolute Form ...)
+CVE-2008-2762
 	NOT-FOR-US: Xigla Absolute Form Processor XE
-CVE-2008-2761 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute ...)
+CVE-2008-2761
 	NOT-FOR-US: Xigla Absolute Banner Manager XE
-CVE-2008-2760 (SQL injection vulnerability in searchbanners.asp in Xigla Absolute ...)
+CVE-2008-2760
 	NOT-FOR-US: Xigla Absolute Banner Manager XE
-CVE-2008-2759 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute ...)
+CVE-2008-2759
 	NOT-FOR-US: Xigla Absolute Form Processor XE
-CVE-2008-2758 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute ...)
+CVE-2008-2758
 	NOT-FOR-US: Xigla Absolute News Manager XE
-CVE-2008-2757 (SQL injection vulnerability in search.asp in Xigla Absolute News ...)
+CVE-2008-2757
 	NOT-FOR-US: Xigla Absolute News Manager XE
-CVE-2008-2756 (Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla ...)
+CVE-2008-2756
 	NOT-FOR-US: Xigla Absolute Control Panel XE
-CVE-2008-2755 (SQL injection vulnerability in index.php in JAMM CMS allows remote ...)
+CVE-2008-2755
 	NOT-FOR-US: JAMM CMS
-CVE-2008-2754 (SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, ...)
+CVE-2008-2754
 	NOT-FOR-US: eFiction
-CVE-2008-2753 (Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 ...)
+CVE-2008-2753
 	NOT-FOR-US: Pooya Site Builder
-CVE-2008-2752 (Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly ...)
+CVE-2008-2752
 	NOT-FOR-US: Microsoft Word
-CVE-2008-2751 (Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish ...)
+CVE-2008-2751
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-2750 (The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux ...)
+CVE-2008-2750
 	- linux-2.6 2.6.26
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.23)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
 	NOTE: 6b6707a50c7598a83820077393f8823ab791abf8
-CVE-2008-2749 (Unspecified vulnerability in cshttpd in Sun Java System Calendar ...)
+CVE-2008-2749
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-2748 (Skulltag 0.97d2-RC2 and earlier allows remote attackers to cause a ...)
+CVE-2008-2748
 	NOT-FOR-US: Skulltag
-CVE-2008-2747 (No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak ...)
+CVE-2008-2747
 	NOT-FOR-US: Windows
-CVE-2008-2746 (SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 ...)
+CVE-2008-2746
 	NOT-FOR-US: Gryphon gllcTS2
-CVE-2008-2745 (Stack-based buffer overflow in BiAnno ActiveX Control (BiAnno.ocx) in ...)
+CVE-2008-2745
 	NOT-FOR-US: BiAnno ActiveX Control
-CVE-2008-2744 (Cross-site scripting (XSS) vulnerability in vBulletin 3.6.10 and 3.7.1 ...)
+CVE-2008-2744
 	NOT-FOR-US: vBulletin
-CVE-2008-2743 (Cross-site scripting (XSS) vulnerability in the embedded web server in ...)
+CVE-2008-2743
 	NOT-FOR-US: web server Xerox
-CVE-2008-2742 (Unrestricted file upload in the mcpuk file editor ...)
+CVE-2008-2742
 	NOT-FOR-US: Achievo
 CVE-2008-2741
 	RESERVED
 CVE-2008-2740
 	RESERVED
-CVE-2008-2739 (The SERVICE.DNS signature engine in the Intrusion Prevention System ...)
+CVE-2008-2739
 	NOT-FOR-US: Cisco IOS
 CVE-2008-2738
 	RESERVED
 CVE-2008-2737
 	REJECTED
-CVE-2008-2736 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2008-2736
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2735 (The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 ...)
+CVE-2008-2735
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2734 (Memory leak in the crypto functionality in Cisco Adaptive Security ...)
+CVE-2008-2734
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2733 (Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 ...)
+CVE-2008-2733
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2732 (Multiple unspecified vulnerabilities in the SIP inspection ...)
+CVE-2008-2732
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
 CVE-2008-2731
 	RESERVED
-CVE-2008-2730 (The Real-Time Information Server (RIS) Data Collector service in Cisco ...)
+CVE-2008-2730
 	NOT-FOR-US: cisco
-CVE-2008-2729 (arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some ...)
+CVE-2008-2729
 	{DSA-1630-1}
 	- linux-2.6 2.6.19-1
 	NOTE: 3022d734a54cbd2b65eea9a024564821101b4a9a
@@ -10832,164 +10832,164 @@ CVE-2008-2728
 	REJECTED
 CVE-2008-2727
 	REJECTED
-CVE-2008-2726 (Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and ...)
+CVE-2008-2726
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2725 (Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and ...)
+CVE-2008-2725
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2718 (Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 ...)
+CVE-2008-2718
 	{DSA-1596-1}
 	- typo3-src 4.1.7-1 (bug #485814)
-CVE-2008-2716 (Unspecified vulnerability in Opera before 9.5 allows remote attackers ...)
+CVE-2008-2716
 	NOT-FOR-US: Opera
-CVE-2008-2715 (Unspecified vulnerability in Opera before 9.5 allows remote attackers ...)
+CVE-2008-2715
 	NOT-FOR-US: Opera
-CVE-2008-2714 (Opera before 9.26 allows remote attackers to misrepresent web page ...)
+CVE-2008-2714
 	NOT-FOR-US: Opera
-CVE-2008-2710 (Integer signedness error in the ip_set_srcfilter function in the IP ...)
+CVE-2008-2710
 	NOT-FOR-US: Solaris
-CVE-2008-2709 (Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module ...)
+CVE-2008-2709
 	NOT-FOR-US: Solaris
-CVE-2008-2708 (Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) ...)
+CVE-2008-2708
 	NOT-FOR-US: Solaris
-CVE-2008-2707 (Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and ...)
+CVE-2008-2707
 	NOT-FOR-US: Solaris
-CVE-2008-2706 (Unspecified vulnerability in the event port implementation in Sun ...)
+CVE-2008-2706
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2705 (Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, ...)
+CVE-2008-2705
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2008-2704 (Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows ...)
+CVE-2008-2704
 	NOT-FOR-US: Novell GroupWise
-CVE-2008-2703 (Multiple stack-based buffer overflows in Novell GroupWise Messenger ...)
+CVE-2008-2703
 	NOT-FOR-US: Novell GroupWise
-CVE-2008-2702 (Directory traversal vulnerability in the FTP client in ALTools ESTsoft ...)
+CVE-2008-2702
 	NOT-FOR-US: ALTools ESTsoft ALFTP
-CVE-2008-2701 (SQL injection vulnerability in the GameQ (com_gameq) component 4.0 and ...)
+CVE-2008-2701
 	NOT-FOR-US: joomla extension
-CVE-2008-2700 (SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and ...)
+CVE-2008-2700
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-2699 (Multiple directory traversal vulnerabilities in Galatolo WebManager ...)
+CVE-2008-2699
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-2698 (Multiple cross-site scripting (XSS) vulnerabilities in photo_add-c.php ...)
+CVE-2008-2698
 	NOT-FOR-US: WEBalbum
-CVE-2008-2697 (SQL injection vulnerability in the Rapid Recipe (com_rapidrecipe) ...)
+CVE-2008-2697
 	NOT-FOR-US: joomla extension
-CVE-2008-2695 (Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows ...)
+CVE-2008-2695
 	NOT-FOR-US: phpInv
-CVE-2008-2694 (Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 ...)
+CVE-2008-2694
 	NOT-FOR-US: phpInv
-CVE-2008-2693 (Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control ...)
+CVE-2008-2693
 	NOT-FOR-US: ActiveX control
-CVE-2008-2692 (SQL injection vulnerability in the yvComment (com_yvcomment) component ...)
+CVE-2008-2692
 	NOT-FOR-US: Joomla!
-CVE-2008-2691 (SQL injection vulnerability in read.asp in JiRo's FAQ Manager ...)
+CVE-2008-2691
 	NOT-FOR-US: JiRo's FAQ Manager eXperience
-CVE-2008-2690 (Multiple PHP remote file inclusion vulnerabilities in BrowserCRM ...)
+CVE-2008-2690
 	NOT-FOR-US: BrowserCRM
-CVE-2008-2689 (PHP remote file inclusion vulnerability in pub/clients.php in ...)
+CVE-2008-2689
 	NOT-FOR-US: BrowserCRM
-CVE-2008-2688 (SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 ...)
+CVE-2008-2688
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2008-2687 (Directory traversal vulnerability in inc/config.php in ProManager 0.73 ...)
+CVE-2008-2687
 	NOT-FOR-US: ProManager
-CVE-2008-2686 (webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and earlier allows ...)
+CVE-2008-2686
 	NOT-FOR-US: Flux CMS
 CVE-2008-XXXX [insecure tempfile in wdiff]
 	- wdiff 0.5-18 (low; bug #425254)
 	[etch] - wdiff  <no-dsa> (Minor issue)
-CVE-2008-2719 (Off-by-one error in the ppscan function (preproc.c) in Netwide ...)
+CVE-2008-2719
 	- nasm 2.03.01-1 (low; bug #486715)
 	[etch] - nasm <not-affected> (vulnerable code not present)
-CVE-2008-2712 (Vim 7.1.314, 6.4, and other versions allows user-assisted remote ...)
+CVE-2008-2712
 	{DSA-1733-1 DTSA-143-1}
 	- vim 1:7.1.314-3 (low; bug #486502)
-CVE-2008-2696 (Exiv2 0.16 allows user-assisted remote attackers to cause a denial of ...)
+CVE-2008-2696
 	- exiv2 0.17-1 (low; bug #486328)
 	[etch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1473&r2=1499
-CVE-2008-2713 (libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to ...)
+CVE-2008-2713
 	{DSA-1616-2 DTSA-138-1}
 	- clamav 0.93.1.dfsg-1.1 (low; bug #490925)
-CVE-2008-2711 (fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, ...)
+CVE-2008-2711
 	- fetchmail 6.3.9~rc2-1 (unimportant)
 	[etch] - fetchmail 6.3.6-1etch3
 	NOTE: http://www.openwall.com/lists/oss-security/2008/06/13/1
 	NOTE: -vv is only used for debugging purposes so this does not
 	NOTE: prevent a victim from getting mails. -vv is not used in non-interactive
 	NOTE: use.
-CVE-2008-2720 (Cross-site scripting (XSS) vulnerability in Menalto Gallery before ...)
+CVE-2008-2720
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2721 (Unspecified vulnerability in the album-select module in Menalto ...)
+CVE-2008-2721
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2722 (Menalto Gallery before 2.2.5 allows remote attackers to bypass ...)
+CVE-2008-2722
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2723 (embed.php in Menalto Gallery before 2.2.5 allows remote attackers to ...)
+CVE-2008-2723
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2724 (Menalto Gallery before 2.2.5 does not enforce permissions for ...)
+CVE-2008-2724
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2717 (TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, ...)
+CVE-2008-2717
 	{DSA-1596-1}
 	- typo3-src 4.1.7-1 (bug #485814)
-CVE-2008-2685 (SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 ...)
+CVE-2008-2685
 	NOT-FOR-US: Battle Blog
-CVE-2008-2684 (The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black ...)
+CVE-2008-2684
 	NOT-FOR-US: Black Ice Barcode
-CVE-2008-2683 (The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black ...)
+CVE-2008-2683
 	NOT-FOR-US: Black Ice Barcode
-CVE-2008-2682 (_RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote ...)
+CVE-2008-2682
 	NOT-FOR-US: Realm CMS
-CVE-2008-2681 (Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2008-2681
 	NOT-FOR-US: Realm CMS
-CVE-2008-2680 (Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp ...)
+CVE-2008-2680
 	NOT-FOR-US: Realm CMS
-CVE-2008-2679 (SQL injection vulnerability in the KeyWordsList function in ...)
+CVE-2008-2679
 	NOT-FOR-US: Realm CMS
-CVE-2008-2678 (Multiple SQL injection vulnerabilities in Telephone Directory 2008, ...)
+CVE-2008-2678
 	NOT-FOR-US: Telephone Directory 2008
-CVE-2008-2677 (Cross-site scripting (XSS) vulnerability in edit1.php in Telephone ...)
+CVE-2008-2677
 	NOT-FOR-US: Telephone Directory 2008
-CVE-2008-2676 (SQL injection vulnerability in the iJoomla News Portal ...)
+CVE-2008-2676
 	NOT-FOR-US: com_news_portal component for Joomla!
-CVE-2008-2675 (Cross-site scripting (XSS) vulnerability in index.php in PHP Image ...)
+CVE-2008-2675
 	NOT-FOR-US: PHP Image Gallery
-CVE-2008-2674 (Unspecified vulnerability in the Interstage Management Console, as ...)
+CVE-2008-2674
 	NOT-FOR-US: Interstage Management Console
-CVE-2008-2673 (SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, ...)
+CVE-2008-2673
 	NOT-FOR-US: pNews
-CVE-2008-2672 (Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and ...)
+CVE-2008-2672
 	- ewiki <removed> (unimportant)
 	NOTE: register_globals is not supported
-CVE-2008-2671 (SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows ...)
+CVE-2008-2671
 	NOT-FOR-US: DCFM Blog
-CVE-2008-2670 (Multiple SQL injection vulnerabilities in index.php in Insanely Simple ...)
+CVE-2008-2670
 	NOT-FOR-US: Insanely Simple Blog
-CVE-2008-2669 (Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote ...)
+CVE-2008-2669
 	NOT-FOR-US: yBlog
-CVE-2008-2668 (Multiple cross-site scripting (XSS) vulnerabilities in yBlog 0.2.2.2 ...)
+CVE-2008-2668
 	NOT-FOR-US: yBlog
-CVE-2008-2666 (Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier ...)
+CVE-2008-2666
 	- php5 <removed> (unimportant)
 	NOTE: safe mode not supported
-CVE-2008-2665 (Directory traversal vulnerability in the posix_access function in PHP ...)
+CVE-2008-2665
 	- php5 5.2.6.dfsg.1-3 (unimportant)
 	NOTE: safe mode not supported
-CVE-2008-2664 (The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before ...)
+CVE-2008-2664
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2663 (Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 ...)
+CVE-2008-2663
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2662 (Multiple integer overflows in the rb_str_buf_append function in Ruby ...)
+CVE-2008-2662
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
@@ -11009,374 +11009,374 @@ CVE-2008-2655
 	RESERVED
 CVE-2008-2653
 	RESERVED
-CVE-2008-2652 (Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b ...)
+CVE-2008-2652
 	NOT-FOR-US: SMEWeb
-CVE-2008-2651 (SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB ...)
+CVE-2008-2651
 	NOT-FOR-US: com_joobb component for Joomla!
-CVE-2008-2650 (Directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1, ...)
+CVE-2008-2650
 	NOT-FOR-US: CMSimple
-CVE-2008-2649 (Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 ...)
+CVE-2008-2649
 	NOT-FOR-US: DesktopOnNet
-CVE-2008-2648 (Unrestricted file upload vulnerability in upload/uploader.html in ...)
+CVE-2008-2648
 	NOT-FOR-US: meBiblio
-CVE-2008-2647 (SQL injection vulnerability in admin/journal_change_mask.inc.php in ...)
+CVE-2008-2647
 	NOT-FOR-US: meBiblio
-CVE-2008-2646 (Multiple cross-site scripting (XSS) vulnerabilities in meBiblio 0.4.7 ...)
+CVE-2008-2646
 	NOT-FOR-US: meBiblio
-CVE-2008-2645 (Multiple PHP remote file inclusion vulnerabilities in Brim (formerly ...)
+CVE-2008-2645
 	NOT-FOR-US: Brim
-CVE-2008-2644 (Multiple cross-site scripting (XSS) vulnerabilities in SMEWeb 1.4b and ...)
+CVE-2008-2644
 	NOT-FOR-US: SMEWeb
-CVE-2008-2643 (SQL injection vulnerability in the Bible Study (com_biblestudy) ...)
+CVE-2008-2643
 	NOT-FOR-US: com_biblestudy component for Joomla!
-CVE-2008-2642 (SQL injection vulnerability in login.php in OtomiGenX 2.2 allows ...)
+CVE-2008-2642
 	NOT-FOR-US: OtomiGenX
-CVE-2008-2641 (Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and ...)
+CVE-2008-2641
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2008-2640 (Multiple cross-site scripting (XSS) vulnerabilities in the Flex 3 ...)
+CVE-2008-2640
 	NOT-FOR-US: Adobe Flex
-CVE-2008-2639 (Stack-based buffer overflow in the ODBC server service in Citect ...)
+CVE-2008-2639
 	NOT-FOR-US: Citect CitectSCADA
-CVE-2008-2638 (Static code injection vulnerability in guestbook.php in 1Book 1.0.1 ...)
+CVE-2008-2638
 	NOT-FOR-US: 1Book
-CVE-2008-2637 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL ...)
+CVE-2008-2637
 	NOT-FOR-US: F5 FirePass SSL VPN
-CVE-2008-2636 (The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 ...)
+CVE-2008-2636
 	NOT-FOR-US: Cisco firmware
-CVE-2008-2635 (Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow ...)
+CVE-2008-2635
 	NOT-FOR-US: BitKinex
-CVE-2008-2634 (SQL injection vulnerability in index.asp in I-Pos Internet Pay Online ...)
+CVE-2008-2634
 	NOT-FOR-US: I-Pos Internet Pay Online Store
-CVE-2008-2633 (Multiple SQL injection vulnerabilities in the EXP JoomRadio ...)
+CVE-2008-2633
 	NOT-FOR-US: com_joomradio component for Joomla!
-CVE-2008-2632 (SQL injection vulnerability in the acctexp (com_acctexp) component ...)
+CVE-2008-2632
 	NOT-FOR-US: com_acctexp component for Joomla!
-CVE-2008-2631 (The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows ...)
+CVE-2008-2631
 	NOT-FOR-US: MDaemon
-CVE-2008-2630 (SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 ...)
+CVE-2008-2630
 	NOT-FOR-US: com_jb2 component for Joomla!
-CVE-2008-2629 (SQL injection vulnerability in the LifeType (formerly pLog) module for ...)
+CVE-2008-2629
 	NOT-FOR-US: LifeType module for Drupal
-CVE-2008-2628 (SQL injection vulnerability in the eQuotes (com_equotes) component ...)
+CVE-2008-2628
 	NOT-FOR-US: com_equotes component for Joomla!
-CVE-2008-2627 (SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 ...)
+CVE-2008-2627
 	NOT-FOR-US: com_idoblog for Joomla!
-CVE-2008-2626 (SQL injection vulnerability in comment.asp in Battle Blog 1.25 and ...)
+CVE-2008-2626
 	NOT-FOR-US: Battle Blog
-CVE-2008-2625 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2008-2625
 	NOT-FOR-US: Oracle
-CVE-2008-2624 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2008-2624
 	NOT-FOR-US: Oracle
-CVE-2008-2623 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2008-2623
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-2622 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-2622
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2621 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-2621
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2620 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-2620
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2619 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
+CVE-2008-2619
 	NOT-FOR-US: Oracle
-CVE-2008-2618 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-2618
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2617 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-2617
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2616 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-2616
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2615 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-2615
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2614 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2008-2614
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2613 (Unspecified vulnerability in the Database Scheduler component in ...)
+CVE-2008-2613
 	NOT-FOR-US: Oracle database
-CVE-2008-2612 (Unspecified vulnerability in the Hyperion BI Plus component in Oracle ...)
+CVE-2008-2612
 	NOT-FOR-US: Oracle database
-CVE-2008-2611 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2008-2611
 	NOT-FOR-US: Oracle database
-CVE-2008-2610 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2008-2610
 	NOT-FOR-US: Oracle database
-CVE-2008-2609 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-2609
 	NOT-FOR-US: Oracle database
-CVE-2008-2608 (Unspecified vulnerability in the Data Pump component in Oracle ...)
+CVE-2008-2608
 	NOT-FOR-US: Oracle database
-CVE-2008-2607 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
+CVE-2008-2607
 	NOT-FOR-US: Oracle database
-CVE-2008-2606 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2008-2606
 	NOT-FOR-US: Oracle database
-CVE-2008-2605 (Unspecified vulnerability in the Authentication component in Oracle ...)
+CVE-2008-2605
 	NOT-FOR-US: Oracle database
-CVE-2008-2604 (Unspecified vulnerability in the Authentication component in Oracle ...)
+CVE-2008-2604
 	NOT-FOR-US: Oracle database
-CVE-2008-2603 (Unspecified vulnerability in the Resource Manager component in Oracle ...)
+CVE-2008-2603
 	NOT-FOR-US: Oracle database
-CVE-2008-2602 (Unspecified vulnerability in the Data Pump component in Oracle ...)
+CVE-2008-2602
 	NOT-FOR-US: Oracle database
-CVE-2008-2601 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2008-2601
 	NOT-FOR-US: Oracle database
-CVE-2008-2600 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2008-2600
 	NOT-FOR-US: Oracle database
-CVE-2008-2599 (Unspecified vulnerability in the TimesTen Client/Server component in ...)
+CVE-2008-2599
 	NOT-FOR-US: Oracle database
-CVE-2008-2598 (Unspecified vulnerability in the TimesTen Client/Server component in ...)
+CVE-2008-2598
 	NOT-FOR-US: Oracle database
-CVE-2008-2597 (Unspecified vulnerability in the TimesTen Client/Server component in ...)
+CVE-2008-2597
 	NOT-FOR-US: Oracle database
-CVE-2008-2596 (Unspecified vulnerability in the Mobile Application Server component ...)
+CVE-2008-2596
 	NOT-FOR-US: Oracle database
-CVE-2008-2595 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2008-2595
 	NOT-FOR-US: Oracle database
-CVE-2008-2594 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-2594
 	NOT-FOR-US: Oracle database
-CVE-2008-2593 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-2593
 	NOT-FOR-US: Oracle database
-CVE-2008-2592 (Unspecified vulnerability in the Advanced Replication component in ...)
+CVE-2008-2592
 	NOT-FOR-US: Oracle database
-CVE-2008-2591 (Unspecified vulnerability in the Oracle Database Vault component in ...)
+CVE-2008-2591
 	NOT-FOR-US: Oracle database
-CVE-2008-2590 (Unspecified vulnerability in the Instance Management component in ...)
+CVE-2008-2590
 	NOT-FOR-US: Oracle database
-CVE-2008-2589 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-2589
 	NOT-FOR-US: Oracle database
-CVE-2008-2588 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2008-2588
 	NOT-FOR-US: Oracle
-CVE-2008-2587 (Unspecified vulnerability in the Advanced Replication component in ...)
+CVE-2008-2587
 	NOT-FOR-US: Oracle database
-CVE-2008-2586 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2008-2586
 	NOT-FOR-US: Oracle database
-CVE-2008-2585 (Unspecified vulnerability in the Oracle Report Manager component in ...)
+CVE-2008-2585
 	NOT-FOR-US: Oracle database
 CVE-2008-2584
 	REJECTED
-CVE-2008-2583 (Unspecified vulnerability in the sample Discussion Forum Portlet for ...)
+CVE-2008-2583
 	NOT-FOR-US: Oracle database
-CVE-2008-2582 (Unspecified vulnerability in the WebLogic Server component in Oracle ...)
+CVE-2008-2582
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2581 (Unspecified vulnerability in the WebLogic Server component in Oracle ...)
+CVE-2008-2581
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2580 (Unspecified vulnerability in the WebLogic Server component in Oracle ...)
+CVE-2008-2580
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2579 (Unspecified vulnerability in the WebLogic Server Plugins for Apache, ...)
+CVE-2008-2579
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2578 (Unspecified vulnerability in the WebLogic Server component in Oracle ...)
+CVE-2008-2578
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2577 (Unspecified vulnerability in the WebLogic Server component in Oracle ...)
+CVE-2008-2577
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2576 (Unspecified vulnerability in the WebLogic Server component in Oracle ...)
+CVE-2008-2576
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2574 (Unrestricted file upload vulnerability in admin/Editor/imgupload.php ...)
+CVE-2008-2574
 	NOT-FOR-US: FlashBlog
-CVE-2008-2573 (Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote ...)
+CVE-2008-2573
 	NOT-FOR-US: freeSSHd
-CVE-2008-2572 (SQL injection vulnerability in php/leer_comentarios.php in FlashBlog ...)
+CVE-2008-2572
 	NOT-FOR-US: FlashBlog
-CVE-2008-2571 (Cross-site request forgery (CSRF) vulnerability in LimeSurvey ...)
+CVE-2008-2571
 	- limesurvey <itp> (bug #472802)
-CVE-2008-2570 (Multiple unspecified vulnerabilities in LimeSurvey (formerly ...)
+CVE-2008-2570
 	- limesurvey <itp> (bug #472802)
-CVE-2008-2569 (SQL injection vulnerability in the EasyBook (com_easybook) component ...)
+CVE-2008-2569
 	NOT-FOR-US: com_easybook component for Joomla!
-CVE-2008-2568 (SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) ...)
+CVE-2008-2568
 	NOT-FOR-US: com_simpleshop component for Joomla!
-CVE-2008-2567 (Cross-site scripting (XSS) vulnerability in Fenriru Sleipnir 2.7.1 ...)
+CVE-2008-2567
 	NOT-FOR-US: Fenriru Sleipnir
-CVE-2008-2566 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Address ...)
+CVE-2008-2566
 	NOT-FOR-US: PHP Address Book
-CVE-2008-2565 (Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and ...)
+CVE-2008-2565
 	NOT-FOR-US: PHP Address Book
-CVE-2008-2564 (SQL injection vulnerability in the JotLoader (com_jotloader) component ...)
+CVE-2008-2564
 	NOT-FOR-US: com_jotloader component for Joomla!
-CVE-2008-2563 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2008-2563
 	NOT-FOR-US: SamTodo
-CVE-2008-2562 (SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and ...)
+CVE-2008-2562
 	NOT-FOR-US: PowerPhlogger
-CVE-2008-2561 (Multiple cross-site scripting (XSS) vulnerabilities in 427BB 2.3.1 ...)
+CVE-2008-2561
 	NOT-FOR-US: 427BB
-CVE-2008-2560 (SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows ...)
+CVE-2008-2560
 	NOT-FOR-US: 427BB
-CVE-2008-2654 (Off-by-one error in the read_client function in webhttpd.c in Motion ...)
+CVE-2008-2654
 	- motion 3.2.9-3 (low; bug #484572)
 	[etch] - motion <no-dsa> (minor issue)
-CVE-2008-2667 (SQL injection vulnerability in the Courier Authentication Library (aka ...)
+CVE-2008-2667
 	{DSA-1688-1}
 	- courier-authlib 0.60.1-2.1 (bug #485424)
 CVE-2008-XXXX [missing sanity checks allow DoS via mis-formated timestamp]
 	- evolution 2.22.2-1.1 (low; bug #484639)
 	[etch] - evolution <no-dsa> (Minor issue)
-CVE-2008-2559 (Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows ...)
+CVE-2008-2559
 	NOT-FOR-US: Borland Interbase
-CVE-2008-2558 (CRE Loaded 6.2.13.1 and earlier does not set the &quot;Secure&quot; attribute ...)
+CVE-2008-2558
 	NOT-FOR-US: CRE Loaded
-CVE-2008-2557 (Cross-site scripting (XSS) vulnerability in CRE Loaded 6.2.13.1 and ...)
+CVE-2008-2557
 	NOT-FOR-US: CRE Loaded
-CVE-2008-2556 (SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and ...)
+CVE-2008-2556
 	NOT-FOR-US: PHP Visit Counter
-CVE-2008-2555 (SQL injection vulnerability in index.php in EasyWay CMS allows remote ...)
+CVE-2008-2555
 	NOT-FOR-US: EasyWay CMS
-CVE-2008-2554 (Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote ...)
+CVE-2008-2554
 	NOT-FOR-US: BP Blog
-CVE-2008-2553 (Cross-site scripting (XSS) vulnerability in Slashdot Like Automated ...)
+CVE-2008-2553
 	{DSA-1633-1}
 	- slash 2.2.6-8etch1 (low; bug #484499)
 	NOTE: See CVE-2008-2231
 	NOTE: maintainer wants to remove package from unstable and move to experimental
-CVE-2008-2552 (Unspecified vulnerability in the Service Tag Registry on Sun Solaris ...)
+CVE-2008-2552
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2551 (The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6 ...)
+CVE-2008-2551
 	NOT-FOR-US: DownloaderActiveX Control
-CVE-2008-2550 (Unspecified vulnerability in the Web Services Security component in ...)
+CVE-2008-2550
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-2549 (Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows ...)
+CVE-2008-2549
 	NOT-FOR-US: Acrobat Reader
-CVE-2008-2548 (Stack-based buffer overflow in the JPEG thumbprint component in the ...)
+CVE-2008-2548
 	NOT-FOR-US: JPEG thumbprint component in the EXIF parser on Motorola cell phones
-CVE-2008-2547 (Stack-based buffer overflow in msiexec.exe 3.1.4000.1823 and ...)
+CVE-2008-2547
 	NOT-FOR-US: Microsoft Windows Installer
 CVE-2008-2546
 	REJECTED
-CVE-2008-2545 (Skype 3.6.0.248, and other versions before 3.8.0.139, uses a ...)
+CVE-2008-2545
 	NOT-FOR-US: Skype
 CVE-2008-2544
 	RESERVED
 	- linux <unfixed> (unimportant)
 	NOTE: non-issue, cf. https://bugzilla.redhat.com/show_bug.cgi?id=449089#c22
-CVE-2008-2543 (The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and ...)
+CVE-2008-2543
 	- asterisk-addons 1.4.7-1 (bug #484796)
-CVE-2008-2542 (Stack-based buffer overflow in the getline function in Ppm/ppm.C in ...)
+CVE-2008-2542
 	NOT-FOR-US: NASA Ames Research Center BigView
-CVE-2008-2541 (Multiple stack-based buffer overflows in the HTTP Gateway Service ...)
+CVE-2008-2541
 	NOT-FOR-US: CA eTrust
-CVE-2008-2540 (Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt ...)
+CVE-2008-2540
 	NOT-FOR-US: Apple Safari
-CVE-2008-2539 (The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 ...)
+CVE-2008-2539
 	NOT-FOR-US: Sun Solaris 8
-CVE-2008-2538 (Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and ...)
+CVE-2008-2538
 	NOT-FOR-US: Sun Solaris 8
-CVE-2008-2537 (SQL injection vulnerability in cat.php in HispaH Model Search allows ...)
+CVE-2008-2537
 	NOT-FOR-US: HispaH Model Search
-CVE-2008-2536 (SQL injection vulnerability in out.php in YABSoft Advanced Image ...)
+CVE-2008-2536
 	NOT-FOR-US: YABSoft Advanced Image
-CVE-2008-2535 (Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 ...)
+CVE-2008-2535
 	NOT-FOR-US: Phoenix View CMS Pre Alpha2
-CVE-2008-2534 (Directory traversal vulnerability in admin/admin_frame.php in Phoenix ...)
+CVE-2008-2534
 	NOT-FOR-US: Phoenix View CMS Pre Alpha2
-CVE-2008-2533 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View ...)
+CVE-2008-2533
 	NOT-FOR-US: Phoenix View CMS Pre Alpha2
-CVE-2008-2532 (SQL injection vulnerability in forum/topic_detail.php in AJ Square ...)
+CVE-2008-2532
 	NOT-FOR-US: AJ Square aj-hyip
-CVE-2008-2531 (Cross-site scripting (XSS) vulnerability in the search script in Build ...)
+CVE-2008-2531
 	NOT-FOR-US: Build A Niche Store
-CVE-2008-2530 (Multiple SQL injection vulnerabilities in Concepts &amp; Solutions ...)
+CVE-2008-2530
 	NOT-FOR-US: Concepts & Solutions QuickUpCMS
-CVE-2008-2529 (SQL injection vulnerability in read.php in Advanced Links Management ...)
+CVE-2008-2529
 	NOT-FOR-US: Advanced Links Management
-CVE-2008-2528 (Unspecified vulnerability in Citrix Access Gateway Standard Edition ...)
+CVE-2008-2528
 	NOT-FOR-US: Citrix Access Gateway Standard Edition
-CVE-2008-2527 (Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ...)
+CVE-2008-2527
 	NOT-FOR-US: ActualScripts ActualAnalyzer Server
-CVE-2008-2526 (Cross-site scripting (XSS) vulnerability in the WT Gallery (aka ...)
+CVE-2008-2526
 	NOT-FOR-US: WT Gallery
-CVE-2008-2525 (Cross-site scripting (XSS) vulnerability in the Event Database (aka ...)
+CVE-2008-2525
 	NOT-FOR-US: typo3 extension Event Database
-CVE-2008-2524 (BlogPHP 2.0 allows remote attackers to bypass authentication, and post ...)
+CVE-2008-2524
 	NOT-FOR-US: BlogPHP
-CVE-2008-2523 (SQL injection vulnerability in the Autopatcher server plugin in RakNet ...)
+CVE-2008-2523
 	NOT-FOR-US: RakNet
-CVE-2008-2522 (SQL injection vulnerability in members.php in Battle.net Clan Script ...)
+CVE-2008-2522
 	NOT-FOR-US: Battle.net Clan Script
-CVE-2008-2521 (SQL injection vulnerability in members.php in YABSoft Mega File ...)
+CVE-2008-2521
 	NOT-FOR-US: YABSoft Mega File
-CVE-2008-2520 (Multiple PHP remote file inclusion vulnerabilities in BigACE 2.4, when ...)
+CVE-2008-2520
 	NOT-FOR-US: BigACE
-CVE-2008-2519 (Directory traversal vulnerability in Core FTP client 2.1 Build 1565 ...)
+CVE-2008-2519
 	NOT-FOR-US: Core FTP client
-CVE-2008-2518 (Cross-site scripting (XSS) vulnerability in the advanced search ...)
+CVE-2008-2518
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2008-2517 (The sarab.sh script in SaraB before 0.2.4 places the dar program's ...)
+CVE-2008-2517
 	NOT-FOR-US: SaraB
-CVE-2008-2515 (Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 ...)
+CVE-2008-2515
 	NOT-FOR-US: IBM AIX
-CVE-2008-2514 (Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local ...)
+CVE-2008-2514
 	NOT-FOR-US: IBM AIX
-CVE-2008-2513 (Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows ...)
+CVE-2008-2513
 	NOT-FOR-US: IBM AIX
-CVE-2008-2512 (Directory traversal vulnerability in Symantec Backup Exec System ...)
+CVE-2008-2512
 	NOT-FOR-US: Symantec Backup Exec System Recovery Manager
-CVE-2008-2511 (Directory traversal vulnerability in the ...)
+CVE-2008-2511
 	NOT-FOR-US: CA Internet Security Suite
-CVE-2008-2510 (SQL injection vulnerability in wp-uploadfile.php in the Upload File ...)
+CVE-2008-2510
 	NOT-FOR-US: Upload File plugin for WordPress
-CVE-2008-2509 (SQL injection vulnerability in pwd.asp in Excuse Online allows remote ...)
+CVE-2008-2509
 	NOT-FOR-US: Excuse Online
-CVE-2008-2508 (Cross-site scripting (XSS) vulnerability in news.php in Tr Script News ...)
+CVE-2008-2508
 	NOT-FOR-US: Tr Script News
-CVE-2008-2507 (Cross-site scripting (XSS) vulnerability in Calcium40.pl in Brown Bear ...)
+CVE-2008-2507
 	NOT-FOR-US: Brown Bear Software Calcium
-CVE-2008-2506 (Multiple SQL injection vulnerabilities in Simpel Side Weblosning 1 ...)
+CVE-2008-2506
 	NOT-FOR-US: Simpel Side Weblosning
-CVE-2008-2505 (Cross-site scripting (XSS) vulnerability in result.php in Simpel Side ...)
+CVE-2008-2505
 	NOT-FOR-US: Simpel Side Weblosning
-CVE-2008-2504 (Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 ...)
+CVE-2008-2504
 	NOT-FOR-US: Simpel Side Netbutik
-CVE-2008-2503 (Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown ...)
+CVE-2008-2503
 	NOT-FOR-US: eMule X-Ray
-CVE-2008-2502 (Unspecified vulnerability in the web server in eMule X-Ray before 1.4 ...)
+CVE-2008-2502
 	NOT-FOR-US: eMule X-Ray
-CVE-2008-2501 (Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow ...)
+CVE-2008-2501
 	NOT-FOR-US: PHPhotoalbum
-CVE-2008-2500 (Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor ...)
+CVE-2008-2500
 	NOT-FOR-US: MOStlyContent Editor
-CVE-2008-2499 (Stack-based buffer overflow in the Community Services Multiplexer (aka ...)
+CVE-2008-2499
 	NOT-FOR-US: Community Services Multiplexer
-CVE-2008-2498 (Multiple SQL injection vulnerabilities in index.php in Mambo before ...)
+CVE-2008-2498
 	NOT-FOR-US: Mambo
-CVE-2008-2497 (CRLF injection vulnerability in Mambo before 4.6.4 allows remote ...)
+CVE-2008-2497
 	NOT-FOR-US: Mambo
-CVE-2008-2496 (Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 ...)
+CVE-2008-2496
 	NOT-FOR-US: Quate CMS
-CVE-2008-2495 (Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows ...)
+CVE-2008-2495
 	NOT-FOR-US: Zina
-CVE-2008-2494 (Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 ...)
+CVE-2008-2494
 	NOT-FOR-US: Zina
-CVE-2008-2493 (Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus ...)
+CVE-2008-2493
 	NOT-FOR-US: Campus Bulletin Board
-CVE-2008-2492 (Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 ...)
+CVE-2008-2492
 	NOT-FOR-US: Campus Bulletin Board
-CVE-2008-2491 (SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows ...)
+CVE-2008-2491
 	NOT-FOR-US: AbleSpace
-CVE-2008-2490 (Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 ...)
+CVE-2008-2490
 	NOT-FOR-US: KJ Image Lightbox 2
-CVE-2008-2489 (SQL injection vulnerability in the Library for Frontend Plugins (aka ...)
+CVE-2008-2489
 	NOT-FOR-US: Library for Frontend Plugins sg_zfelib
-CVE-2008-2488 (admin/userform.php in RoomPHPlanning 1.5 does not require ...)
+CVE-2008-2488
 	NOT-FOR-US: RoomPHPlanning
-CVE-2008-2487 (SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier ...)
+CVE-2008-2487
 	NOT-FOR-US: MAXSITE
-CVE-2008-2486 (Unspecified vulnerability in eMule Plus before 1.2d has unknown impact ...)
+CVE-2008-2486
 	- amule <not-affected> (Different code)
-CVE-2008-2485 (Cross-site scripting (XSS) vulnerability in the URL redirection script ...)
+CVE-2008-2485
 	NOT-FOR-US: PCPIN chat
-CVE-2008-2484 (SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when ...)
+CVE-2008-2484
 	NOT-FOR-US: Xomol CMS
-CVE-2008-2483 (Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 ...)
+CVE-2008-2483
 	NOT-FOR-US: Xomol CMS
-CVE-2008-2482 (Directory traversal vulnerability in install_mod.php in insanevisions ...)
+CVE-2008-2482
 	NOT-FOR-US: OneCMS
-CVE-2008-2481 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2481
 	NOT-FOR-US: phpRaider
-CVE-2008-2480 (PHP remote file inclusion vulnerability in plus.php in plusPHP Short ...)
+CVE-2008-2480
 	NOT-FOR-US: plusPHP
-CVE-2008-2479 (Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote ...)
+CVE-2008-2479
 	NOT-FOR-US: phpFix
-CVE-2008-2478 (** DISPUTED ** ...)
+CVE-2008-2478
 	NOT-FOR-US: cPanel
-CVE-2008-2477 (SQL injection vulnerability in index.php in MxBB (aka MX-System) ...)
+CVE-2008-2477
 	NOT-FOR-US: MxBB (MX-System)
-CVE-2008-2476 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) ...)
+CVE-2008-2476
 	- kfreebsd-7 7.0-6
 	NOTE: IPv6 NDP flaw not affecting Linux
-CVE-2008-2475 (eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) ...)
+CVE-2008-2475
 	NOT-FOR-US: eBay Enhanced Picture Uploader ActiveX control
-CVE-2008-2474 (Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit ...)
+CVE-2008-2474
 	NOT-FOR-US: ABB Process Communication Unit
 CVE-2008-2473
 	RESERVED
@@ -11384,12 +11384,12 @@ CVE-2008-2472
 	RESERVED
 CVE-2008-2471
 	RESERVED
-CVE-2008-2470 (The InstallShield Update Service Agent ActiveX control in isusweb.dll ...)
+CVE-2008-2470
 	NOT-FOR-US: InstallShield
-CVE-2008-2469 (Heap-based buffer overflow in the SPF_dns_resolv_lookup function in ...)
+CVE-2008-2469
 	{DSA-1659-1 DTSA-172-1}
 	- libspf2 1.2.9-1 (high)
-CVE-2008-2468 (Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) ...)
+CVE-2008-2468
 	NOT-FOR-US: LANDesk Management Suite
 CVE-2008-2467
 	RESERVED
@@ -11397,174 +11397,174 @@ CVE-2008-2466
 	RESERVED
 CVE-2008-2465
 	RESERVED
-CVE-2008-2464 (The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD ...)
+CVE-2008-2464
 	NOT-FOR-US: NetBSD
-CVE-2008-2463 (The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx ...)
+CVE-2008-2463
 	NOT-FOR-US: Microsoft Office Snapshot Viewer ActiveX
-CVE-2008-2462 (Cross-site scripting (XSS) vulnerability in the viewfile documentation ...)
+CVE-2008-2462
 	NOT-FOR-US: Caucho Resin
-CVE-2008-2461 (SQL injection vulnerability in index.php in Netious CMS 0.4 allows ...)
+CVE-2008-2461
 	NOT-FOR-US: Netious
-CVE-2008-2460 (SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows ...)
+CVE-2008-2460
 	NOT-FOR-US: vBulletin
-CVE-2008-2459 (Directory traversal vulnerability in page.php in EntertainmentScript ...)
+CVE-2008-2459
 	NOT-FOR-US: EntertainmentScript
-CVE-2008-2458 (Cross-site scripting (XSS) vulnerability in index.php in Starsgames ...)
+CVE-2008-2458
 	NOT-FOR-US: Starsgames
-CVE-2008-2457 (SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 ...)
+CVE-2008-2457
 	NOT-FOR-US: PHP-Jokesite
-CVE-2008-2456 (SQL injection vulnerability in index.php in ComicShout 2.5 and earlier ...)
+CVE-2008-2456
 	NOT-FOR-US: ComicShout
-CVE-2008-2455 (SQL injection vulnerability in comment.php in the MacGuru BLOG Engine ...)
+CVE-2008-2455
 	NOT-FOR-US: MacGuru BLOG Engine
-CVE-2008-2454 (SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) ...)
+CVE-2008-2454
 	NOT-FOR-US: xsstream-dm
-CVE-2008-2453 (Multiple SQL injection vulnerabilities in PHP Classifieds Script allow ...)
+CVE-2008-2453
 	NOT-FOR-US: PHP Classifieds Script
-CVE-2008-2452 (Cross-site scripting (XSS) vulnerability in the Questionaire (aka ...)
+CVE-2008-2452
 	NOT-FOR-US: Questionaire pbsurvey
-CVE-2008-2451 (Multiple SQL injection vulnerabilities in the Statistics (aka ...)
+CVE-2008-2451
 	NOT-FOR-US: Statistics ke_stats
-CVE-2008-2450 (Multiple cross-site scripting (XSS) vulnerabilities in the Statistics ...)
+CVE-2008-2450
 	NOT-FOR-US: Statistics ke_stats
-CVE-2008-2449 (Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan ...)
+CVE-2008-2449
 	NOT-FOR-US: phpInstantGallery
-CVE-2008-2448 (Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote ...)
+CVE-2008-2448
 	NOT-FOR-US: Meto Forum
-CVE-2008-2447 (SQL injection vulnerability in products.php in the Mytipper ZoGo-shop ...)
+CVE-2008-2447
 	NOT-FOR-US: Mytipper ZoGo-shop
-CVE-2008-2446 (Multiple SQL injection vulnerabilities in Web Group Communication ...)
+CVE-2008-2446
 	NOT-FOR-US: Web Group Communication Center
-CVE-2008-2445 (Cross-site scripting (XSS) vulnerability in profile.php in Web Group ...)
+CVE-2008-2445
 	NOT-FOR-US: Web Group Communication Center
-CVE-2008-2444 (SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 ...)
+CVE-2008-2444
 	NOT-FOR-US: CaLogic Calendars
-CVE-2008-2443 (SQL injection vulnerability in dpage.php in The Real Estate Script ...)
+CVE-2008-2443
 	NOT-FOR-US: Real Estate Script
 CVE-2008-2442
 	RESERVED
-CVE-2008-2441 (Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x ...)
+CVE-2008-2441
 	NOT-FOR-US: Cisco Secure ACS
 CVE-2008-2440
 	RESERVED
-CVE-2008-2439 (Directory traversal vulnerability in the UpdateAgent function in ...)
+CVE-2008-2439
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-2438 (Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager ...)
+CVE-2008-2438
 	NOT-FOR-US: HP OpenView
-CVE-2008-2437 (Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro ...)
+CVE-2008-2437
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-2436 (Multiple heap-based buffer overflows in the IppCreateServerRef ...)
+CVE-2008-2436
 	NOT-FOR-US: Novell iPrint Client
-CVE-2008-2435 (Use-after-free vulnerability in the Trend Micro HouseCall ActiveX ...)
+CVE-2008-2435
 	NOT-FOR-US: ActiveX
-CVE-2008-2434 (The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 ...)
+CVE-2008-2434
 	NOT-FOR-US: ActiveX
-CVE-2008-2433 (The web management console in Trend Micro OfficeScan 7.0 through 8.0, ...)
+CVE-2008-2433
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-2432 (Insecure method vulnerability in the GetFileList method in an ...)
+CVE-2008-2432
 	NOT-FOR-US: Novell iPrint
-CVE-2008-2431 (Multiple buffer overflows in Novell iPrint Client before 5.06 allow ...)
+CVE-2008-2431
 	NOT-FOR-US: Novell iPrint
-CVE-2008-2430 (Integer overflow in the Open function in modules/demux/wav.c in VLC ...)
+CVE-2008-2430
 	{DSA-1819-1 DTSA-148-1}
 	- vlc 0.8.6.h-1 (medium; bug #489004)
-CVE-2008-2429 (Multiple SQL injection vulnerabilities in Calendarix Basic ...)
+CVE-2008-2429
 	NOT-FOR-US: Calendarix
-CVE-2008-2428 (Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic ...)
+CVE-2008-2428
 	NOT-FOR-US: TorrentTrader
-CVE-2008-2427 (Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView ...)
+CVE-2008-2427
 	NOT-FOR-US: NConvert, GFL SDK, XnView
-CVE-2008-2426 (Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 ...)
+CVE-2008-2426
 	{DSA-1594-1}
 	- imlib2 1.4.0-1.1 (medium; bug #483816)
 	- imlib <not-affected> (Partly not present / partly fixed)
-CVE-2008-2425 (SQL injection vulnerability in index.php in FicHive 1.0 allows remote ...)
+CVE-2008-2425
 	NOT-FOR-US: FicHive
-CVE-2008-2422 (SQL injection vulnerability in index.php in Web Slider 0.6 allows ...)
+CVE-2008-2422
 	NOT-FOR-US: Web Slider
-CVE-2008-2421 (Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web ...)
+CVE-2008-2421
 	NOT-FOR-US: Web GUI in SAP Web Application Server (WAS)
-CVE-2008-2419 (Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of ...)
+CVE-2008-2419
 	NOTE: Mozilla bug 435130, not reproducible by upstream, Debian bug #484484
-CVE-2008-2418 (Race condition in the STREAMS Administrative Driver (sad) in Sun ...)
+CVE-2008-2418
 	NOT-FOR-US: STREAMS Administrative Driver SUN
-CVE-2008-2417 (SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard ...)
+CVE-2008-2417
 	NOT-FOR-US: Webboard
-CVE-2008-2416 (SQL injection vulnerability in index.php in FicHive 1.0 allows remote ...)
+CVE-2008-2416
 	NOT-FOR-US: FicHive
-CVE-2008-2415 (Directory traversal vulnerability in ...)
+CVE-2008-2415
 	NOT-FOR-US: DigitalHive
-CVE-2008-2414 (Cross-site scripting (XSS) vulnerability in send_email.php in AN ...)
+CVE-2008-2414
 	NOT-FOR-US: AN Guestbook
-CVE-2008-2413 (Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News ...)
+CVE-2008-2413
 	NOT-FOR-US: ACGV News
-CVE-2008-2412 (SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows ...)
+CVE-2008-2412
 	NOT-FOR-US: ACGV News
-CVE-2008-2411 (SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, ...)
+CVE-2008-2411
 	NOT-FOR-US: SazCart
-CVE-2008-2410 (Cross-site scripting (XSS) vulnerability in the servlet engine and Web ...)
+CVE-2008-2410
 	NOT-FOR-US: Web Server service in IBM Lotus Domino
-CVE-2008-2409 (Stack-based buffer overflow in Cerulean Studios Trillian before ...)
+CVE-2008-2409
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2008-2408 (Heap-based buffer overflow in the XML parsing functionality in ...)
+CVE-2008-2408
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2008-2407 (Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian ...)
+CVE-2008-2407
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2008-2406 (The administration application server in Sun Java Active Server Pages ...)
+CVE-2008-2406
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2405 (Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote ...)
+CVE-2008-2405
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2404 (Stack-based buffer overflow in the request handling implementation in ...)
+CVE-2008-2404
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2403 (Multiple directory traversal vulnerabilities in unspecified ASP ...)
+CVE-2008-2403
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2402 (The Admin Server in Sun Java Active Server Pages (ASP) Server before ...)
+CVE-2008-2402
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2401 (The Admin Server in Sun Java Active Server Pages (ASP) Server before ...)
+CVE-2008-2401
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2400 (Unspecified vulnerability in stunnel before 4.23, when running as a ...)
+CVE-2008-2400
 	- stunnel4 <not-affected> (Windows specific issue)
-CVE-2008-2399 (Directory traversal vulnerability in the FireFTP add-on before ...)
+CVE-2008-2399
 	NOT-FOR-US: FireFTP
-CVE-2008-2575 (cbrPager before 0.9.17 allows user-assisted remote attackers to ...)
+CVE-2008-2575
 	- cbrpager 0.9.17-1 (low; bug #482853)
 	[etch] - cbrpager 0.9.14-3+etch1
 	NOTE: Minor issue fixed in 4.0r4 point release
 CVE-2008-XXXX [resizing the monitor with xrandr can crash xscreensaver]
 	- xscreensaver 5.05-3 (unimportant; bug #482385)
-CVE-2008-2516 (pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not ...)
+CVE-2008-2516
 	- pam-pgsql 0.6.3-2 (medium; bug #481970)
 	[etch] - pam-pgsql <not-affected> (Vulnerable code not present)
 	NOTE: pam_pgsql is not configured as "sufficient" in Debian default configuration
-CVE-2008-2424 (Unspecified vulnerability in the 404 error page for the &quot;Standard ...)
+CVE-2008-2424
 	- interchange 5.5.1 (low; bug #482636)
-CVE-2008-2423 (Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 ...)
+CVE-2008-2423
 	- interchange 5.5.1 (low; bug #482636)
-CVE-2008-2420 (The OCSP functionality in stunnel before 4.24 does not properly search ...)
+CVE-2008-2420
 	- stunnel4 3:4.22-1.1 (low; bug #482644)
-CVE-2008-2398 (Cross-site scripting (XSS) vulnerability in index.php in AppServ Open ...)
+CVE-2008-2398
 	NOT-FOR-US: AppServ Open Project
-CVE-2008-2397 (Cross-site scripting (XSS) vulnerability in search-results.dot in ...)
+CVE-2008-2397
 	NOT-FOR-US: dotCMS
-CVE-2008-2396 (PHP remote file inclusion vulnerability in index.php in Wajox Software ...)
+CVE-2008-2396
 	NOT-FOR-US: microSSys
-CVE-2008-2395 (SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta ...)
+CVE-2008-2395
 	NOT-FOR-US: AlkalinePHP
-CVE-2008-2394 (Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow ...)
+CVE-2008-2394
 	NOT-FOR-US: TAGWORX.CMS
-CVE-2008-2393 (SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 ...)
+CVE-2008-2393
 	NOT-FOR-US: EntertainmentScript
-CVE-2008-2392 (Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier ...)
+CVE-2008-2392
 	- wordpress 2.5.1-4 (low; bug #485807)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: Unrestricted file upload vulnerability was introduced in 2.3.0
-CVE-2008-2391 (SubSonic allows remote attackers to bypass pagesize limits and cause a ...)
+CVE-2008-2391
 	NOT-FOR-US: SubSonic
-CVE-2008-2390 (Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ...)
+CVE-2008-2390
 	NOT-FOR-US: HP Software Update
-CVE-2008-2389 (opensuse-updater in openSUSE 10.2 allows local users to access ...)
+CVE-2008-2389
 	NOT-FOR-US: opensuse-updater
-CVE-2008-2388 (Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have ...)
+CVE-2008-2388
 	NOT-FOR-US: opensuse-updater
 CVE-2008-2387
 	RESERVED
@@ -11572,40 +11572,40 @@ CVE-2008-2386
 	RESERVED
 CVE-2008-2385
 	RESERVED
-CVE-2008-2384 (SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql ...)
+CVE-2008-2384
 	- mod-auth-mysql 4.3.9-11 (medium)
-CVE-2008-2383 (CRLF injection vulnerability in xterm allows user-assisted attackers ...)
+CVE-2008-2383
 	{DSA-1694-1 DTSA-182-1}
 	- xterm 238-2 (medium; bug #510030)
-CVE-2008-2382 (The protocol_client_msg function in vnc.c in the VNC server in (1) ...)
+CVE-2008-2382
 	- qemu 0.9.1-9
 	[etch] - qemu <not-affected> (Tested by maintainer)
 	- kvm 72+dfsg-4
 	- xen-unstable <not-affected> (Vulnerable code not present)
 	- xen-3 <not-affected> (Vulnerable code not present)
-CVE-2008-2381 (SQL injection vulnerability in the create function in ...)
+CVE-2008-2381
 	{DSA-1698-1}
 	- gforge 4.7~rc2-7
-CVE-2008-2380 (SQL injection vulnerability in authpgsqllib.c in Courier-Authlib ...)
+CVE-2008-2380
 	{DSA-1688-1 DTSA-180-1}
 	- courier-authlib 0.61.0-1+lenny1
-CVE-2008-2379 (Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 ...)
+CVE-2008-2379
 	{DSA-1682-1}
 	- squirrelmail 2:1.4.15-4
-CVE-2008-2378 (Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 ...)
+CVE-2008-2378
 	{DSA-1668-1}
 	- hf 0.8-8.1 (medium; bug #504182)
-CVE-2008-2377 (Use-after-free vulnerability in the ...)
+CVE-2008-2377
 	- gnutls26 2.4.1-1 (medium)
 	- gnutls13 <not-affected> (Problem was introduced in 2.3.5)
-CVE-2008-2376 (Integer overflow in the rb_ary_fill function in array.c in Ruby before ...)
+CVE-2008-2376
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-2
 	- ruby1.8 1.8.7.22-2
 	NOTE: http://www.openwall.com/lists/oss-security/2008/07/02/3
-CVE-2008-2375 (Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on ...)
+CVE-2008-2375
 	- vsftpd <not-affected> (debian versions all include the fix)
-CVE-2008-2374 (src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before ...)
+CVE-2008-2374
 	- bluez-libs 3.34 (low)
 	[etch] - bluez-libs <no-dsa> (Minor issue)
 	- bluez-utils 3.34 (low)
@@ -11613,253 +11613,253 @@ CVE-2008-2374 (src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs befor
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2374
 CVE-2008-2373
 	REJECTED
-CVE-2008-2372 (The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users ...)
+CVE-2008-2372
 	- linux-2.6 2.6.26-1
 	[etch] - linux-2.6 <not-affected> (Introduced between 2.6.23 and 2.6.24)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
 	NOTE: IMO this is a lack of optimisation, not a security issue? - jmm
 	NOTE: 89f5b7da2a6bad2e84670422ab8192382a5aeb9f
-CVE-2008-2371 (Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible ...)
+CVE-2008-2371
 	{DSA-1602-1 DTSA-145-1}
 	- pcre3 7.6-2.1 (medium; bug #488919)
-CVE-2008-2370 (Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 ...)
+CVE-2008-2370
 	- tomcat5.5 5.5.26-4 (bug #494504)
-CVE-2008-2369 (manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a ...)
+CVE-2008-2369
 	NOT-FOR-US: Red Hat Network Satellite Server
-CVE-2008-2368 (Red Hat Certificate System 7.2 stores passwords in cleartext in the ...)
+CVE-2008-2368
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2008-2367 (Red Hat Certificate System 7.2 uses world-readable permissions for ...)
+CVE-2008-2367
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2008-2366 (Untrusted search path vulnerability in a certain Red Hat build script ...)
+CVE-2008-2366
 	- openoffice.org <not-affected> (RedHat-specific packaging flaw)
-CVE-2008-2365 (Race condition in the ptrace and utrace support in the Linux kernel ...)
+CVE-2008-2365
 	- linux-2.6 2.6.17
 	NOTE: 5ecfbae093f0c37311e89b29bfc0c9d586eace87 f5b40e363ad6041a96e3da32281d8faa191597b9
 	NOTE: f358166a9405e4f1d8e50d8f415c26d95505b6de
-CVE-2008-2364 (The ap_proxy_http_process_response function in mod_proxy_http.c in the ...)
+CVE-2008-2364
 	- apache2 2.2.9-1 (low)
 	[etch] - apache2 2.2.3-4+etch6
 	- apache <not-affected> (vulnerable code not present)
-CVE-2008-2363 (The PartsBatch class in Pan 0.132 and earlier does not properly manage ...)
+CVE-2008-2363
 	- pan 0.132-3.1 (bug #483562)
 	[etch] - pan <not-affected> (Vulnerable code not added until 0.130)
 	NOTE: see http://svn.gnome.org/viewvc/pan2/trunk/pan/data/parts.cc?view=log&pathrev=286
-CVE-2008-2362 (Multiple integer overflows in the Render extension in the X server 1.4 ...)
+CVE-2008-2362
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-2361 (Integer overflow in the ProcRenderCreateCursor function in the Render ...)
+CVE-2008-2361
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-2360 (Integer overflow in the AllocateGlyph function in the Render extension ...)
+CVE-2008-2360
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-2359 (The default configuration of consolehelper in system-config-network ...)
+CVE-2008-2359
 	NOT-FOR-US: system-config-network Fedora
-CVE-2008-2358 (Integer overflow in the dccp_feat_change function in net/dccp/feat.c ...)
+CVE-2008-2358
 	{DSA-1592-1}
 	- linux-2.6 2.6.20-1
 	NOTE: DCCP feature sanitising was introduced in 2.6.20
 	NOTE: this version casts sizeof to int. This is a module, not a compiled in feature in Debian
-CVE-2008-2357 (Stack-based buffer overflow in the split_redraw function in split.c in ...)
+CVE-2008-2357
 	{DSA-1587-1}
 	- mtr 0.73-1
-CVE-2008-2356 (SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 ...)
+CVE-2008-2356
 	NOT-FOR-US: Archangel Weblog
-CVE-2008-2355 (Directory traversal vulnerability in index.php in WR-Meeting 1.0, when ...)
+CVE-2008-2355
 	NOT-FOR-US: WR-Meeting
-CVE-2008-2354 (Unspecified vulnerability in the data export function in testMaker ...)
+CVE-2008-2354
 	NOT-FOR-US: testMaker
-CVE-2008-2353 (Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 ...)
+CVE-2008-2353
 	NOT-FOR-US: GNU/Gallery
-CVE-2008-2352 (Directory traversal vulnerability in index.php in Smeego 1.0, when ...)
+CVE-2008-2352
 	NOT-FOR-US: Smeego
-CVE-2008-2351 (Multiple SQL injection vulnerabilities in index.php in CMS ...)
+CVE-2008-2351
 	NOT-FOR-US: WebManager-Pro
-CVE-2008-2350 (Directory traversal vulnerability in highlight.php in bcoos 1.0.9 ...)
+CVE-2008-2350
 	NOT-FOR-US: bcoos
-CVE-2008-2349 (Zomplog 3.8.2 and earlier allows remote attackers to gain ...)
+CVE-2008-2349
 	NOT-FOR-US: Zomplog
-CVE-2008-2348 (MeltingIce File System 1.0 allows remote attackers to bypass ...)
+CVE-2008-2348
 	NOT-FOR-US: MeltingIce File System
-CVE-2008-2347 (MyPicGallery 1.0 allows remote attackers to bypass application ...)
+CVE-2008-2347
 	NOT-FOR-US: MyPicGallery
-CVE-2008-2346 (AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass ...)
+CVE-2008-2346
 	NOT-FOR-US: AlkalinePHP
-CVE-2008-2345 (Unspecified vulnerability in the air_filemanager 0.6.0 and earlier ...)
+CVE-2008-2345
 	NOT-FOR-US: air_filemanager extension for typo3
-CVE-2008-2344 (Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 ...)
+CVE-2008-2344
 	NOT-FOR-US: air_filemanager extension for typo3
-CVE-2008-2343 (News Manager 2.0 allows remote attackers to bypass restrictions and ...)
+CVE-2008-2343
 	NOT-FOR-US: News Manager
-CVE-2008-2342 (Directory traversal vulnerability in attachments.php in News Manager ...)
+CVE-2008-2342
 	NOT-FOR-US: News Manager
-CVE-2008-2341 (PHP remote file inclusion vulnerability in ch_readalso.php in News ...)
+CVE-2008-2341
 	NOT-FOR-US: News Manager
-CVE-2008-2340 (Multiple SQL injection vulnerabilities in News Manager 2.0 allow ...)
+CVE-2008-2340
 	NOT-FOR-US: News Manager
-CVE-2008-2339 (SQL injection vulnerability in index.php in Turnkey Web Tools SunShop ...)
+CVE-2008-2339
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2008-2338 (Interspire ActiveKB 1.5 and earlier allows remote attackers to gain ...)
+CVE-2008-2338
 	NOT-FOR-US: Interspire ActiveKB
-CVE-2008-2337 (Multiple SQL injection vulnerabilities in IMGallery 2.5, when ...)
+CVE-2008-2337
 	NOT-FOR-US: IMGallery
-CVE-2008-2336 (SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 ...)
+CVE-2008-2336
 	NOT-FOR-US: 68 Classifieds
-CVE-2008-2335 (Cross-site scripting (XSS) vulnerability in search_results.php in ...)
+CVE-2008-2335
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2008-2334 (Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow ...)
+CVE-2008-2334
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-2333 (Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda ...)
+CVE-2008-2333
 	NOT-FOR-US: Barracuda
-CVE-2008-2332 (ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows ...)
+CVE-2008-2332
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2331 (Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update ...)
+CVE-2008-2331
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2330 (slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 ...)
+CVE-2008-2330
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2329 (Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active ...)
+CVE-2008-2329
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-2328
 	RESERVED
-CVE-2008-2327 (Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, ...)
+CVE-2008-2327
 	{DSA-1632-1 DTSA-160-1}
 	- tiff 3.8.2-11 (medium)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2008-2326 (mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for ...)
+CVE-2008-2326
 	NOT-FOR-US: Apple Bonjour for Windows
-CVE-2008-2325 (QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers ...)
+CVE-2008-2325
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2324 (The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 ...)
+CVE-2008-2324
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2323 (Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X ...)
+CVE-2008-2323
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2322 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, ...)
+CVE-2008-2322
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2321 (Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 ...)
+CVE-2008-2321
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2320 (Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 ...)
+CVE-2008-2320
 	NOT-FOR-US: Apple Mac OS X
 	NOTE: the original apple advisory (HT3613) is completely different from the current CVE
 	NOTE: description. it claims that this is a webkit issue, which is completely wrong
 CVE-2008-2319
 	RESERVED
-CVE-2008-2318 (The WOHyperlink implementation in WebObjects in Apple Xcode tools ...)
+CVE-2008-2318
 	NOT-FOR-US: Apple Xcode
-CVE-2008-2317 (WebCore in Apple Safari does not properly perform garbage collection ...)
+CVE-2008-2317
 	NOT-FOR-US: Safari
-CVE-2008-2316 (Integer overflow in _hashopenssl.c in the hashlib module in Python ...)
+CVE-2008-2316
 	{DSA-1977-1 DTSA-157-1}
 	- python2.5 2.5.2-11 (low; bug #493797)
 	- python2.4 <not-affected> (hashlib module introduced in python2.5)
-CVE-2008-2315 (Multiple integer overflows in Python 2.5.2 and earlier allow ...)
+CVE-2008-2315
 	{DSA-1667-1 DTSA-157-1}
 	- python2.5 2.5.2-10
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
 	- python2.4 2.4.5-5
-CVE-2008-2314 (Dock in Apple Mac OS X 10.5 before 10.5.4, when Expos&#233; hot corners is ...)
+CVE-2008-2314
 	NOT-FOR-US: Mac OS X
-CVE-2008-2313 (Apple Mac OS X before 10.5 uses weak permissions for the User Template ...)
+CVE-2008-2313
 	NOT-FOR-US: Mac OS X
-CVE-2008-2312 (Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in ...)
+CVE-2008-2312
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2311 (Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is ...)
+CVE-2008-2311
 	NOT-FOR-US: Mac OS X
-CVE-2008-2310 (Format string vulnerability in c++filt in Apple Mac OS X 10.5 before ...)
+CVE-2008-2310
 	- binutils 2.18.1~cvs20080103-1 (low)
 	[etch] - binutils <no-dsa> (Minor issue)
-CVE-2008-2309 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X ...)
+CVE-2008-2309
 	NOT-FOR-US: CoreTypes in Apple Mac OS X
-CVE-2008-2308 (Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 ...)
+CVE-2008-2308
 	NOT-FOR-US: Alias Manager in Apple Mac OS X
-CVE-2008-2307 (Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as ...)
+CVE-2008-2307
 	- webkit 1.0.1-1
 	- qt4-x11 4:4.6.2-4
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/34204
-CVE-2008-2306 (Apple Safari before 3.1.2 on Windows does not properly interpret the ...)
+CVE-2008-2306
 	NOT-FOR-US: Windows issue
-CVE-2008-2305 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+CVE-2008-2305
 	NOT-FOR-US: Apple Type Services (ATS)
-CVE-2008-2304 (Buffer overflow in Apple Core Image Fun House 2.0 and earlier in ...)
+CVE-2008-2304
 	NOT-FOR-US: Apple Core Image Fun House
-CVE-2008-2303 (Integer signedness error in Safari on Apple iPhone before 2.0 and iPod ...)
+CVE-2008-2303
 	NOT-FOR-US: Safari
-CVE-2008-2301 (SQL injection vulnerability in Kostenloses Linkmanagementscript allows ...)
+CVE-2008-2301
 	NOT-FOR-US: Kostenloses Linkmanagementscript
-CVE-2008-2300 (Unspecified vulnerability in Citrix Presentation Server 4.5 and ...)
+CVE-2008-2300
 	NOT-FOR-US: Citrix Software
-CVE-2008-2299 (Unspecified vulnerability in SecureICA and ICA Basic encryption of ...)
+CVE-2008-2299
 	NOT-FOR-US: Citrix Software
-CVE-2008-2298 (Admin.php in Web Slider 0.6 allows remote attackers to bypass ...)
+CVE-2008-2298
 	NOT-FOR-US: Web Slider
-CVE-2008-2297 (The admin.php file in Rantx allows remote attackers to bypass ...)
+CVE-2008-2297
 	NOT-FOR-US: Rantx
-CVE-2008-2296 (PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in ...)
+CVE-2008-2296
 	NOT-FOR-US: Rgboard
-CVE-2008-2295 (Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard ...)
+CVE-2008-2295
 	NOT-FOR-US: Rgboard
-CVE-2008-2294 (Pet Grooming Management System 2.0 allows remote attackers to gain ...)
+CVE-2008-2294
 	NOT-FOR-US: Pet Grooming Management System
-CVE-2008-2293 (admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows ...)
+CVE-2008-2293
 	NOT-FOR-US: Multi-Page Comment System
-CVE-2008-2292 (Buffer overflow in the __snprint_value function in snmp_get in ...)
+CVE-2008-2292
 	{DSA-1663-1 DTSA-134-1}
 	- net-snmp 5.4.1~dfsg-8 (medium; bug #482333)
-CVE-2008-2291 (axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x ...)
+CVE-2008-2291
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2290 (Unspecified vulnerability in the Agent user interface in Symantec ...)
+CVE-2008-2290
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2289 (Unspecified vulnerability in a tooltip element in Symantec Altiris ...)
+CVE-2008-2289
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2288 (Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 ...)
+CVE-2008-2288
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2287 (Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 ...)
+CVE-2008-2287
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2286 (SQL injection vulnerability in axengine.exe in Symantec Altiris ...)
+CVE-2008-2286
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2285 (The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not ...)
+CVE-2008-2285
 	{DSA-1576-1}
 	- openssh 1:4.7p1-10
-CVE-2008-2284 (PHP remote file inclusion vulnerability in fusebox5.php in Fusebox ...)
+CVE-2008-2284
 	NOT-FOR-US: Fusebox
-CVE-2008-2283 (IDAutomation allows remote attackers to overwrite arbitrary files via ...)
+CVE-2008-2283
 	NOT-FOR-US: IDAutomation
-CVE-2008-2282 (admin.php in Internet Photoshow and Internet Photoshow Special Edition ...)
+CVE-2008-2282
 	NOT-FOR-US: Internet Photoshow
-CVE-2008-2281 (Cross-zone scripting vulnerability in the Print Table of Links feature ...)
+CVE-2008-2281
 	NOT-FOR-US: Internet Explorer
-CVE-2008-2280 (Cross-site scripting (XSS) vulnerability in admin/index.php in Script ...)
+CVE-2008-2280
 	NOT-FOR-US: PHP PicEngine
-CVE-2008-2279 (Freelance Auction Script 1.0 stores user passwords in plaintext in the ...)
+CVE-2008-2279
 	NOT-FOR-US: Freelance Auction Script
-CVE-2008-2278 (SQL injection vulnerability in browseproject.php in Freelance Auction ...)
+CVE-2008-2278
 	NOT-FOR-US: Freelance Auction Script
-CVE-2008-2277 (SQL injection vulnerability in detail.php in Feedback and Rating ...)
+CVE-2008-2277
 	NOT-FOR-US: Feedback and Rating Script
-CVE-2008-2275 (Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to ...)
+CVE-2008-2275
 	NOT-FOR-US: sr_feuser_register extension for TYPO3
-CVE-2008-2274 (Cross-site scripting (XSS) vulnerability in the sr_feuser_register ...)
+CVE-2008-2274
 	NOT-FOR-US: sr_feuser_register extension for TYPO3
-CVE-2008-2273 (Unspecified vulnerability in the TACACS authentication component in ...)
+CVE-2008-2273
 	NOT-FOR-US: TACACS authentication component in Aruba Mobility Controller
-CVE-2008-2272 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2008-2272
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2008-2271 (The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before ...)
+CVE-2008-2271
 	NOT-FOR-US: Site Documentation Drupal module
-CVE-2008-2270 (Multiple PHP remote file inclusion vulnerabilities in PHPWAY ...)
+CVE-2008-2270
 	NOT-FOR-US: PHPWAY Linkmanagementscript
-CVE-2008-2269 (AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers ...)
+CVE-2008-2269
 	NOT-FOR-US: GasTracker
-CVE-2008-2268 (Open redirect vulnerability in interface/redirect.htm.php in Mjguest ...)
+CVE-2008-2268
 	NOT-FOR-US: Mjguest
-CVE-2008-2267 (Incomplete blacklist vulnerability in javaUpload.php in Postlet in the ...)
+CVE-2008-2267
 	NOT-FOR-US: Postlet
-CVE-2008-2265 (SQL injection vulnerability in news.php in EMO Realty Manager allows ...)
+CVE-2008-2265
 	NOT-FOR-US: EMO Realty Manager
-CVE-2008-2264 (Cross-site scripting (XSS) vulnerability in index.php in CyrixMED 1.4 ...)
+CVE-2008-2264
 	NOT-FOR-US: CyrixMED
-CVE-2008-2263 (SQL injection vulnerability in linking.page.php in Automated Link ...)
+CVE-2008-2263
 	NOT-FOR-US: Automated Link Exchange Portal
 CVE-2008-2262
 	REJECTED
@@ -11867,246 +11867,246 @@ CVE-2008-2261
 	REJECTED
 CVE-2008-2260
 	REJECTED
-CVE-2008-2259 (Microsoft Internet Explorer 6 and 7 does not perform proper &quot;argument ...)
+CVE-2008-2259
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2258 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized ...)
+CVE-2008-2258
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2257 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized ...)
+CVE-2008-2257
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2256 (Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle ...)
+CVE-2008-2256
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2255 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized ...)
+CVE-2008-2255
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2254 (Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, ...)
+CVE-2008-2254
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2253 (Unspecified vulnerability in Microsoft Windows Media Player 11 allows ...)
+CVE-2008-2253
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-2252 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2008-2252
 	NOT-FOR-US: Microsoft
-CVE-2008-2251 (Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
+CVE-2008-2251
 	NOT-FOR-US: Microsoft
-CVE-2008-2250 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2008-2250
 	NOT-FOR-US: Microsoft
-CVE-2008-2249 (Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
+CVE-2008-2249
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-2248 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2008-2248
 	NOT-FOR-US: Exchange Server
-CVE-2008-2247 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2008-2247
 	NOT-FOR-US: Exchange Server
-CVE-2008-2246 (Microsoft Windows Vista through SP1 and Server 2008 do not properly ...)
+CVE-2008-2246
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2008-2245 (Heap-based buffer overflow in the InternalOpenColorProfile function in ...)
+CVE-2008-2245
 	NOT-FOR-US: Microsoft Windows Image Color Management System (MSCMS)
-CVE-2008-2244 (Microsoft Office Word 2002 SP3 allows remote attackers to execute ...)
+CVE-2008-2244
 	NOT-FOR-US: Microsoft Office Word
 CVE-2008-2243
 	REJECTED
-CVE-2008-2242 (Multiple buffer overflows in xdr functions in the server in CA ...)
+CVE-2008-2242
 	NOT-FOR-US: CA BrightStor ARCServe Backup
-CVE-2008-2241 (Directory traversal vulnerability in caloggerd in CA BrightStor ...)
+CVE-2008-2241
 	NOT-FOR-US: CA BrightStor ARCServe Backup
-CVE-2008-2240 (Stack-based buffer overflow in the Web Server service in IBM Lotus ...)
+CVE-2008-2240
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2008-2239
 	RESERVED
-CVE-2008-2238 (Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 ...)
+CVE-2008-2238
 	{DSA-1661-1}
 	- openoffice.org 1:2.4.1-12
-CVE-2008-2237 (Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 ...)
+CVE-2008-2237
 	{DSA-1661-1}
 	- openoffice.org 1:2.4.1-12
-CVE-2008-2236 (Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom ...)
+CVE-2008-2236
 	- blosxom 2.1.2-1 (low; bug #500873)
 	[etch] - blosxom 2.0-14+etch1 (low; bug #500873)
-CVE-2008-2235 (OpenSC before 0.11.5 uses weak permissions (ADMIN file control ...)
+CVE-2008-2235
 	{DSA-1627-2}
 	- opensc 0.11.4-4
 	NOTE: https://web.archive.org/web/20081222095654/http://www.opensc-project.org/security.html
-CVE-2008-2234 (Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote ...)
+CVE-2008-2234
 	- openwsman <itp> (bug #754501)
-CVE-2008-2233 (The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, ...)
+CVE-2008-2233
 	- openwsman <itp> (bug #754501)
-CVE-2008-2232 (The expand_template function in afuse.c in afuse 0.2 allows local ...)
+CVE-2008-2232
 	{DSA-1611-1 DTSA-149-1}
 	- afuse 0.2-3 (bug #490921; medium)
-CVE-2008-2231 (SQL injection vulnerability in Slashdot Like Automated Storytelling ...)
+CVE-2008-2231
 	{DSA-1633-1}
 	- slash <removed> (medium; bug #484499)
 	NOTE: See CVE-2008-2553
 	NOTE: maintainer wants to remove package from unstable and move to experimental
-CVE-2008-2230 (Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and ...)
+CVE-2008-2230
 	- reportbug 3.41 (low; bug #484311)
 	- reportbug-ng 0.2008.03.28 (low; bug #484474)
 	[etch] - reportbug <no-dsa> (Unlikely attack scenario)
 CVE-2008-2229
 	RESERVED
-CVE-2008-2228 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2228
 	NOT-FOR-US: Cyberfolio
-CVE-2008-2227 (Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank ...)
+CVE-2008-2227
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-2226 (Unspecified vulnerability in the export feature in OpenKM before 2.0 ...)
+CVE-2008-2226
 	NOT-FOR-US: OpenKM
-CVE-2008-2225 (SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows ...)
+CVE-2008-2225
 	NOT-FOR-US: gameCMS
-CVE-2008-2224 (Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, ...)
+CVE-2008-2224
 	NOT-FOR-US: SazCart
-CVE-2008-2223 (SQL injection vulnerability in group_posts.php in vShare YouTube Clone ...)
+CVE-2008-2223
 	NOT-FOR-US: vShare YouTube Clone
-CVE-2008-2222 (SQL injection vulnerability in login.php in EQdkp 1.3.2f allows remote ...)
+CVE-2008-2222
 	NOT-FOR-US: EQdkp
-CVE-2008-2221 (Unspecified vulnerability in the Java plugin in IBM WebSphere ...)
+CVE-2008-2221
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-2220 (Multiple PHP remote file inclusion vulnerabilities in Interact ...)
+CVE-2008-2220
 	NOT-FOR-US: Interact Learning Community Environment
-CVE-2008-2219 (Cross-site scripting (XSS) vulnerability in install.php in C-News.fr ...)
+CVE-2008-2219
 	NOT-FOR-US: C-News.fr
-CVE-2008-2218 (Buffer overflow in the Multimedia PC Client in Nortel Multimedia ...)
+CVE-2008-2218
 	NOT-FOR-US: Nortel Multimedia
-CVE-2008-2217 (Directory traversal vulnerability in cm/graphie.php in Content ...)
+CVE-2008-2217
 	NOT-FOR-US: CMS Phprojekt
-CVE-2008-2216 (Unrestricted file upload vulnerability in src/yopy_upload.php in ...)
+CVE-2008-2216
 	NOT-FOR-US: PBCS
-CVE-2008-2215 (Multiple directory traversal vulnerabilities in Project-Based ...)
+CVE-2008-2215
 	NOT-FOR-US: PBCS
-CVE-2008-2214 (Stack-based buffer overflow in the Network Manager in Castle Rock ...)
+CVE-2008-2214
 	NOT-FOR-US: Castle Rock Computing SNMPc
-CVE-2008-2213 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-2213
 	NOT-FOR-US: Maian Links
-CVE-2008-2212 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1 ...)
+CVE-2008-2212
 	NOT-FOR-US: Maian Cart
-CVE-2008-2211 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-2211
 	NOT-FOR-US: Maian Guestbook
-CVE-2008-2210 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Support ...)
+CVE-2008-2210
 	NOT-FOR-US: Maian Support
-CVE-2008-2209 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-2209
 	NOT-FOR-US: Maian Greeting
-CVE-2008-2208 (SQL injection vulnerability in index.php in Maian Greeting 2.1 allows ...)
+CVE-2008-2208
 	NOT-FOR-US: Maian Greeting
-CVE-2008-2207 (Cross-site scripting (XSS) vulnerability in admin/index.php in Maian ...)
+CVE-2008-2207
 	NOT-FOR-US: Maian Gallery
-CVE-2008-2206 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Music 1.1 ...)
+CVE-2008-2206
 	NOT-FOR-US: Maian Music
-CVE-2008-2205 (SQL injection vulnerability in index.php in Maian Music 1.1 allows ...)
+CVE-2008-2205
 	NOT-FOR-US: Maian Music
-CVE-2008-2204 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-2204
 	NOT-FOR-US: Maian Search
-CVE-2008-2203 (SQL injection vulnerability in search.php in Maian Search 1.1 allows ...)
+CVE-2008-2203
 	NOT-FOR-US: Maian Search
-CVE-2008-2202 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader ...)
+CVE-2008-2202
 	NOT-FOR-US: Maian Uploader
-CVE-2008-2201 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-2201
 	NOT-FOR-US: Maian Recipe
-CVE-2008-2200 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog ...)
+CVE-2008-2200
 	NOT-FOR-US: Maian Weblog
-CVE-2008-2199 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2199
 	NOT-FOR-US: Kmita Mail
-CVE-2008-2198 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-2198
 	NOT-FOR-US: Kmita Tellfriend
-CVE-2008-2197 (SQL injection vulnerability in the blogwriter module 2.0 for Miniweb ...)
+CVE-2008-2197
 	NOT-FOR-US: Miniweb
-CVE-2008-2196 (Cross-site scripting (XSS) vulnerability in admin.php in LifeType ...)
+CVE-2008-2196
 	NOT-FOR-US: LifeType
-CVE-2008-2195 (Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and ...)
+CVE-2008-2195
 	NOT-FOR-US: DeluxeBB
-CVE-2008-2194 (SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier ...)
+CVE-2008-2194
 	NOT-FOR-US: DeluxeBB
-CVE-2008-2193 (PHP remote file inclusion vulnerability in example.php in Thomas ...)
+CVE-2008-2193
 	NOT-FOR-US: ScorpNews
-CVE-2008-2192 (Static code injection vulnerability in box/minichat/boxpop.php in ...)
+CVE-2008-2192
 	NOT-FOR-US: itcms
-CVE-2008-2191 (SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and ...)
+CVE-2008-2191
 	NOT-FOR-US: pnEncyclopedia
-CVE-2008-2190 (SQL injection vulnerability in index.php in Online Rent (aka Online ...)
+CVE-2008-2190
 	NOT-FOR-US: Online Rental Property Script
-CVE-2008-2189 (SQL injection vulnerability in viewfaqs.php in AnServ Auction XL ...)
+CVE-2008-2189
 	NOT-FOR-US: Online AnServ Auction XL
-CVE-2008-2188 (Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook ...)
+CVE-2008-2188
 	NOT-FOR-US: EJ3 BlackBook
-CVE-2008-2187 (Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 ...)
+CVE-2008-2187
 	NOT-FOR-US: Mjguest
-CVE-2008-2186 (Cross-site scripting (XSS) vulnerability in index.php in Chilek ...)
+CVE-2008-2186
 	NOT-FOR-US: Chilek CMS
-CVE-2008-2185 (Directory traversal vulnerability in index.php in SMartBlog (aka ...)
+CVE-2008-2185
 	NOT-FOR-US: SMartBlog (SMBlog)
-CVE-2008-2184 (Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 ...)
+CVE-2008-2184
 	NOT-FOR-US: SMartBlog (SMBlog)
-CVE-2008-2183 (SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 ...)
+CVE-2008-2183
 	NOT-FOR-US: SMartBlog (SMBlog)
-CVE-2008-2182 (Cross-site scripting (XSS) vulnerability in the powermail extension ...)
+CVE-2008-2182
 	NOT-FOR-US: powermail extension for TYPO3
-CVE-2008-2181 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
+CVE-2008-2181
 	NOT-FOR-US: cpLinks
-CVE-2008-2180 (Multiple SQL injection vulnerabilities in cpLinks 1.03, when ...)
+CVE-2008-2180
 	NOT-FOR-US: cpLinks
-CVE-2008-2179 (Cross-site scripting (XSS) vulnerability in SystemList.jsp in SysAid ...)
+CVE-2008-2179
 	NOT-FOR-US: SysAid
-CVE-2008-2178 (Cross-site scripting (XSS) vulnerability in admin.php in LifeType ...)
+CVE-2008-2178
 	NOT-FOR-US: LifeType
-CVE-2008-2177 (Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, ...)
+CVE-2008-2177
 	NOT-FOR-US: phpDirectorySource
-CVE-2008-2176 (Cross-site scripting (XSS) vulnerability in admin/category.php in ...)
+CVE-2008-2176
 	NOT-FOR-US: Zomplog
-CVE-2008-2175 (SQL injection vulnerability in comments.php in Gamma Scripts BlogMe ...)
+CVE-2008-2175
 	NOT-FOR-US: Gamma Scripts BlogMe PHP
-CVE-2008-2174 (Multiple unspecified vulnerabilities in Robin Rawson-Tetley Animal ...)
+CVE-2008-2174
 	NOT-FOR-US: Animal Shelter Manager
-CVE-2008-2173 (Unspecified vulnerability in Yamaha routers allows remote attackers to ...)
+CVE-2008-2173
 	NOT-FOR-US: Yamaha routers
-CVE-2008-2172 (Unspecified vulnerability in Hitachi GR routers allows remote ...)
+CVE-2008-2172
 	NOT-FOR-US: Hitachi GR routers
-CVE-2008-2171 (Unspecified vulnerability in AlaxalA AX routers allows remote ...)
+CVE-2008-2171
 	NOT-FOR-US: AlaxalA AX routers
-CVE-2008-2170 (Unspecified vulnerability in Century routers allows remote attackers ...)
+CVE-2008-2170
 	NOT-FOR-US: Century routers
-CVE-2008-2169 (Unspecified vulnerability in Avici routers allows remote attackers to ...)
+CVE-2008-2169
 	NOT-FOR-US: Avici routers
-CVE-2008-2168 (Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier ...)
+CVE-2008-2168
 	- apache2 2.2.8-1 (low)
 	[etch] - apache2 2.2.3-4+etch4 (low)
 	NOTE: This is really a browser issue. Recent apache versions add a workaround.
-CVE-2008-2167 (Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows ...)
+CVE-2008-2167
 	NOT-FOR-US: ZyXEL ZyWALL
-CVE-2008-2166 (Cross-site scripting (XSS) vulnerability in the search module in Sun ...)
+CVE-2008-2166
 	NOT-FOR-US: Sun Java System
-CVE-2008-2165 (Cross-site scripting (XSS) vulnerability in AccessCodeStart.asp in ...)
+CVE-2008-2165
 	NOT-FOR-US: Cisco Building Broadband Service Manager (BBSM) Captive Portal
 CVE-2008-2164
 	RESERVED
-CVE-2008-2163 (Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 ...)
+CVE-2008-2163
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-2276 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-2276
 	- mantis 1.0.8-4.1 (bug #481504)
-CVE-2008-2266 (uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and ...)
+CVE-2008-2266
 	- uudeview 0.5.20-3.1 (low; bug #480972)
 	[etch] - uudeview <no-dsa> (Minor issue)
 	- libconvert-uulib-perl <not-affected> (Code patched by libconver-uulib upstream to use mkstemp)
 	- pan <not-affected> (Code patched to use g_mkstemp)
 	NOTE: See CVE-2004-2265, where the problem occured as well
-CVE-2008-2302 (Cross-site scripting (XSS) vulnerability in the login form in the ...)
+CVE-2008-2302
 	- python-django 0.96.2-1 (bug #481164; low)
 	[etch] - python-django 0.95.1-1etch1
 	NOTE: Minor issue fixed in 4.0r4 point release
-CVE-2008-2162 (Cross-site scripting (XSS) vulnerability in SonicWall Email Security ...)
+CVE-2008-2162
 	NOT-FOR-US: SonicWall Email Security
-CVE-2008-2161 (Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly ...)
+CVE-2008-2161
 	NOT-FOR-US: TFTP Server SP 1.4 and 1.5 on Windows
-CVE-2008-2160 (Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image ...)
+CVE-2008-2160
 	NOT-FOR-US: Microsoft Windows CE 5.0
-CVE-2008-2159 (Microsoft Internet Explorer 7 can save encrypted pages in the cache ...)
+CVE-2008-2159
 	NOT-FOR-US: Microsoft Internet Explorer 7
-CVE-2008-2158 (Multiple stack-based buffer overflows in the Command Line Interface ...)
+CVE-2008-2158
 	NOT-FOR-US: AlphaStor
-CVE-2008-2157 (robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows ...)
+CVE-2008-2157
 	NOT-FOR-US: AlphaStor
 CVE-2008-2156
 	RESERVED
 CVE-2008-2155
 	RESERVED
-CVE-2008-2154 (IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an ...)
+CVE-2008-2154
 	NOT-FOR-US: IBM DB2
 CVE-2008-2153
 	RESERVED
-CVE-2008-2152 (Integer overflow in the rtl_allocateMemory function in ...)
+CVE-2008-2152
 	- openoffice.org <not-affected> (openoffice in Debian does not use the custom allocations but g/malloc)
 	NOTE: see ooo-build/distro-configs/CommonLinux.conf.in, openoffice builds on Debian using
 	NOTE: --with-alloc=system which causes the build scripts to use the system allocators instead of the
@@ -12115,87 +12115,87 @@ CVE-2008-2151
 	RESERVED
 CVE-2008-2150
 	RESERVED
-CVE-2008-2149 (Stack-based buffer overflow in the searchwn function in Wordnet 2.0, ...)
+CVE-2008-2149
 	{DSA-1634-1}
 	- wordnet 1:3.0-10 (bug #481186)
 	NOTE: wordnet can be used as a backend to web applications
-CVE-2008-2148 (The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and ...)
+CVE-2008-2148
 	- linux-2.6 2.6.25-3 (bug #481195)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
 	NOTE: utimensat() was introduced in 2.6.22 and sched_slice() in 2.6.24
-CVE-2008-2145 (Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier ...)
+CVE-2008-2145
 	NOT-FOR-US: Novell Client 4.91 SP4
-CVE-2008-2144 (Multiple unspecified vulnerabilities in Solaris print service for Sun ...)
+CVE-2008-2144
 	NOT-FOR-US: Solaris print service
-CVE-2008-2143 (Unspecified versions of Microsoft Outlook Web Access (OWA) use the ...)
+CVE-2008-2143
 	NOT-FOR-US: Microsoft Outlook Web Access (OWA)
 CVE-2008-2141
 	RESERVED
-CVE-2008-2140 (Cross-site request forgery (CSRF) vulnerability in the rootpw plugin ...)
+CVE-2008-2140
 	NOT-FOR-US: rpath Appliance Platform Agent
-CVE-2008-2139 (The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not ...)
+CVE-2008-2139
 	NOT-FOR-US: rpath Appliance Platform Agent
-CVE-2008-2138 (Oracle Application Server (OracleAS) Portal 10g allows remote ...)
+CVE-2008-2138
 	NOT-FOR-US: Oracle Application Server (OracleAS) Portal 10g
-CVE-2008-2137 (The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and ...)
+CVE-2008-2137
 	{DSA-1588-1}
 	- linux-2.6 2.6.25-3
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
 	NOTE: Upstream commit: 5816339310b2d9623cf413d33e538b45e815da5d, part of 2.6.25.3
-CVE-2008-2136 (Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux ...)
+CVE-2008-2136
 	{DSA-1588-1}
 	- linux-2.6 2.6.25-3
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
 	NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02, part of 2.6.25.3
-CVE-2008-2135 (Multiple SQL injection vulnerabilities in VisualShapers ezContents ...)
+CVE-2008-2135
 	NOT-FOR-US: VisualShapers ezContents
-CVE-2008-2134 (The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to ...)
+CVE-2008-2134
 	NOT-FOR-US: Tru-Zone Nuke ET
-CVE-2008-2133 (Cross-site scripting (XSS) vulnerability in the Journal module in ...)
+CVE-2008-2133
 	NOT-FOR-US: Tru-Zone Nuke ET
-CVE-2008-2132 (SQL injection vulnerability in step1.asp in Systementor PostcardMentor ...)
+CVE-2008-2132
 	NOT-FOR-US: Systementor PostcardMentor
-CVE-2008-2131 (Cross-site scripting (XSS) vulnerability in mvnForum 1.1 GA allows ...)
+CVE-2008-2131
 	NOT-FOR-US: mvnForum
-CVE-2008-2130 (SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows ...)
+CVE-2008-2130
 	NOT-FOR-US: iGaming
-CVE-2008-2129 (SQL injection vulnerability in index.php in Galleristic 1.0, when ...)
+CVE-2008-2129
 	NOT-FOR-US: Galleristic
-CVE-2008-2128 (PHP remote file inclusion vulnerability in templates/header.php in CMS ...)
+CVE-2008-2128
 	NOT-FOR-US: Faethon
-CVE-2008-2127 (Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon ...)
+CVE-2008-2127
 	NOT-FOR-US: Faethon
-CVE-2008-2126 (Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 ...)
+CVE-2008-2126
 	NOT-FOR-US: Tux CMS
-CVE-2008-2125 (SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and ...)
+CVE-2008-2125
 	NOT-FOR-US: Musicbox
-CVE-2008-2124 (SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS ...)
+CVE-2008-2124
 	NOT-FOR-US: fipsASP
-CVE-2008-2123 (Cross-site scripting (XSS) vulnerability in WGate in SAP Internet ...)
+CVE-2008-2123
 	NOT-FOR-US: WGate
-CVE-2008-2122 (IBM Rational Build Forge 7.0.2 allows remote attackers to cause a ...)
+CVE-2008-2122
 	NOT-FOR-US: IBM Rational Build Forge
-CVE-2008-2121 (The TCP implementation in Sun Solaris 8, 9, and 10 allows remote ...)
+CVE-2008-2121
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2120 (Unspecified vulnerability in Sun Java System Application Server 7 ...)
+CVE-2008-2120
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-2119 (Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business ...)
+CVE-2008-2119
 	- asterisk 1.4
 	NOTE: http://downloads.digium.com/pub/security/AST-2008-008.html
-CVE-2008-2118 (SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows ...)
+CVE-2008-2118
 	NOT-FOR-US: Project Alumni
-CVE-2008-2117 (Cross-site scripting (XSS) vulnerability in pages/news.page.inc in ...)
+CVE-2008-2117
 	NOT-FOR-US: Project Alumni
-CVE-2008-2116 (Multiple directory traversal vulnerabilities in editor.php in ...)
+CVE-2008-2116
 	NOT-FOR-US: ScriptsEZ.net Power Editor
-CVE-2008-2115 (Multiple cross-site scripting (XSS) vulnerabilities in editor.php in ...)
+CVE-2008-2115
 	NOT-FOR-US: ScriptsEZ.net Power Editor
-CVE-2008-2114 (SQL injection vulnerability in emall/search.php in Pre Shopping Mall ...)
+CVE-2008-2114
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2008-2113 (SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 ...)
+CVE-2008-2113
 	NOT-FOR-US: PHPEasyData
-CVE-2008-2142 (Emacs 21 and XEmacs automatically load and execute .flc (fast lock) ...)
+CVE-2008-2142
 	- emacs22 22.2+2-3 (low; bug #480885)
 	- xemacs21-packages 2009.02.17-1 (low; bug #480886)
 	[etch] - xemacs21-packages <no-dsa> (Minor issue)
@@ -12204,248 +12204,248 @@ CVE-2008-2142 (Emacs 21 and XEmacs automatically load and execute .flc (fast loc
 	[lenny] - xemacs21 <no-dsa> (Minor issue)
 	- emacs21 21.4a+1-5.5 (low; bug #480877)
 	[etch] - emacs21 <no-dsa> (Minor issue)
-CVE-2008-2147 (Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 ...)
+CVE-2008-2147
 	{DSA-1819-1 DTSA-132-1}
 	- vlc 0.8.6.e-2.2 (low; bug #480724)
 	NOTE: https://trac.videolan.org/vlc/ticket/1578
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181
 CVE-2008-6339
 	REJECTED
-CVE-2008-2112 (Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and ...)
+CVE-2008-2112
 	NOT-FOR-US: Sun Ray Kiosk Mode
-CVE-2008-2111 (The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and ...)
+CVE-2008-2111
 	NOT-FOR-US: Yahoo Assistant
-CVE-2008-2110 (Unrestricted file upload vulnerability in qtofm.php in QTOFileManager ...)
+CVE-2008-2110
 	NOT-FOR-US: QTOFileManager
-CVE-2008-2109 (field.c in the libid3tag 0.15.0b library allows context-dependent ...)
+CVE-2008-2109
 	- libid3tag 0.15.1b-8 (low; bug #480187)
 	[etch] - libid3tag <no-dsa> (Minor issue)
 	NOTE: totally different approach to fix the bug, see Kurts comments in the bug report
-CVE-2008-2108 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, ...)
+CVE-2008-2108
 	{DSA-1789-1}
 	- php5 5.2.2-1 (low)
 	NOTE: http://web.archive.org/web/20120118120046/http://www.sektioneins.de/advisories/SE-2008-02.txt
-CVE-2008-2107 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, ...)
+CVE-2008-2107
 	{DSA-1789-1}
 	- php5 5.2.2-1 (low)
 	NOTE: closely related to CVE-2008-2108
-CVE-2008-2106 (Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated ...)
+CVE-2008-2106
 	NOT-FOR-US: Call of Duty
-CVE-2008-2105 (email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.4, and 3.1.x before ...)
+CVE-2008-2105
 	- bugzilla 3.0.4-1 (low)
 	[etch] - bugzilla <not-affected> (vulnerable code introduced in 2.23.4)
-CVE-2008-2104 (The WebService in Bugzilla 3.1.3 allows remote authenticated users ...)
+CVE-2008-2104
 	- bugzilla <not-affected> (regression introduced in 3.1.3 referring to upstream)
-CVE-2008-2103 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later ...)
+CVE-2008-2103
 	- bugzilla 3.0.4-1 (low; bug #480190)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 CVE-2008-2102
 	RESERVED
-CVE-2008-2101 (The VMware Consolidated Backup (VCB) command-line utilities in VMware ...)
+CVE-2008-2101
 	NOT-FOR-US: VMware ESX
-CVE-2008-2100 (Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on ...)
+CVE-2008-2100
 	- vmware-package <removed> (low; bug #485919)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-2099 (Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 ...)
+CVE-2008-2099
 	- vmware-package <not-affected> (Windows issue according to CVE)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
-CVE-2008-2098 (Heap-based buffer overflow in the VMware Host Guest File System (HGFS) ...)
+CVE-2008-2098
 	- vmware-package <removed> (low; bug #484491)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-2097 (Buffer overflow in the openwsman management service in VMware ESXi 3.5 ...)
+CVE-2008-2097
 	NOT-FOR-US: Vmware ESX/i
-CVE-2008-2096 (SQL injection vulnerability in BackLinkSpider allows remote attackers ...)
+CVE-2008-2096
 	NOT-FOR-US: BackLinkSpider
-CVE-2008-2095 (SQL injection vulnerability in index.php in the FlippingBook ...)
+CVE-2008-2095
 	NOT-FOR-US: FlippingBook
-CVE-2008-2094 (SQL injection vulnerability in article.php in the Article module for ...)
+CVE-2008-2094
 	NOT-FOR-US: XOOPS
-CVE-2008-2093 (SQL injection vulnerability in the Profiler (com_comprofiler) ...)
+CVE-2008-2093
 	NOT-FOR-US: JOOMLA extra component
-CVE-2008-2092 (Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause ...)
+CVE-2008-2092
 	NOT-FOR-US: Linksys SPA-2102 Phone Adapter
-CVE-2008-2091 (Directory traversal vulnerability in ipn.php in KubeLabs Kubelance ...)
+CVE-2008-2091
 	NOT-FOR-US: Kubelance
-CVE-2008-2090 (Unspecified vulnerability in the SCTP protocol implementation in Sun ...)
+CVE-2008-2090
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2089 (Unspecified vulnerability in the SCTP protocol implementation in Sun ...)
+CVE-2008-2089
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2088 (SQL injection vulnerability in admin/news.php in PHP Forge 3.0 beta 2 ...)
+CVE-2008-2088
 	NOT-FOR-US: PHP Forge
-CVE-2008-2087 (SQL injection vulnerability in search_result.php in Softbiz Web Host ...)
+CVE-2008-2087
 	NOT-FOR-US: Softbiz Web Host Directory Script
-CVE-2008-2086 (Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and ...)
+CVE-2008-2086
 	- openjdk-6 <not-affected> (browser plugin is different code base)
 	- sun-java5 <removed>
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-10-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2008-2084 (SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 ...)
+CVE-2008-2084
 	NOT-FOR-US: MyArticles
-CVE-2008-2083 (SQL injection vulnerability in directory.php in Prozilla Hosting ...)
+CVE-2008-2083
 	NOT-FOR-US: Prozilla Hosting
-CVE-2008-2082 (Cross-site scripting (XSS) vulnerability in index.php in Siteman ...)
+CVE-2008-2082
 	NOT-FOR-US: Siteman
-CVE-2008-2081 (Directory traversal vulnerability in index.php in Siteman 2.0.x2 ...)
+CVE-2008-2081
 	NOT-FOR-US: Siteman
-CVE-2008-2080 (Stack-based buffer overflow in the Read32s_64 function in ...)
+CVE-2008-2080
 	NOT-FOR-US: NASA Goddard Space Flight Center Common Data Format (CDF) library
-CVE-2008-2079 (MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, ...)
+CVE-2008-2079
 	{DSA-1608-1 DTSA-150-1}
 	- mysql-dfsg-5.0 5.0.51a-10 (low; bug #480292)
-CVE-2008-2078 (Robocode before 1.6.0 allows user-assisted remote attackers to &quot;access ...)
+CVE-2008-2078
 	- robocode 1.6.0~beta2-1 (low)
-CVE-2008-2077 (Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown ...)
+CVE-2008-2077
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2008-2076 (Directory traversal vulnerability in admin.php in ActualScripts ...)
+CVE-2008-2076
 	NOT-FOR-US: ActualScripts
-CVE-2008-2075 (Cross-site scripting (XSS) vulnerability in pic.php in AstroCam 2.5.0 ...)
+CVE-2008-2075
 	NOT-FOR-US: AstroCam
-CVE-2008-2074 (Multiple PHP remote file inclusion vulnerabilities Harris Yusuf Arifin ...)
+CVE-2008-2074
 	NOT-FOR-US: Harris Yusuf Arifin Harris Wap Chat 1.0
-CVE-2008-2073 (Directory traversal vulnerability in include/global.inc.php in Virtual ...)
+CVE-2008-2073
 	NOT-FOR-US: vlbook
-CVE-2008-2072 (Cross-site scripting (XSS) vulnerability in index.php in Virtual ...)
+CVE-2008-2072
 	NOT-FOR-US: vlbook
-CVE-2008-2071 (Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM ...)
+CVE-2008-2071
 	NOT-FOR-US: cPanel
-CVE-2008-2070 (The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 ...)
+CVE-2008-2070
 	NOT-FOR-US: cPanel
-CVE-2008-2069 (Buffer overflow in Novell GroupWise 7 allows remote attackers to cause ...)
+CVE-2008-2069
 	NOT-FOR-US: Novell GroupWise
-CVE-2008-2068 (Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows ...)
+CVE-2008-2068
 	- wordpress 2.5.1-1
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2008-2067 (SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows ...)
+CVE-2008-2067
 	NOT-FOR-US: miniBB
-CVE-2008-2066 (Cross-site scripting (XSS) vulnerability in bb_admin.php in miniBB ...)
+CVE-2008-2066
 	NOT-FOR-US: miniBB
-CVE-2008-2065 (SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site ...)
+CVE-2008-2065
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-2064 (Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have ...)
+CVE-2008-2064
 	{DSA-1580-1}
 	- phpgedview 4.1.e+4.1.5-1
-CVE-2008-2063 (SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows ...)
+CVE-2008-2063
 	NOT-FOR-US: Joovili
-CVE-2008-2062 (The Real-Time Information Server (RIS) Data Collector service in Cisco ...)
+CVE-2008-2062
 	NOT-FOR-US: Cisco Real-Time Information Server (RIS) Data Collector service
-CVE-2008-2061 (The Computer Telephony Integration (CTI) Manager service in Cisco ...)
+CVE-2008-2061
 	NOT-FOR-US: Cisco Computer Telephony Integration (CTI) Manager service
-CVE-2008-2060 (Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) ...)
+CVE-2008-2060
 	NOT-FOR-US: Cisco
-CVE-2008-2059 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security ...)
+CVE-2008-2059
 	NOT-FOR-US: Cisco
-CVE-2008-2058 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security ...)
+CVE-2008-2058
 	NOT-FOR-US: Cisco
-CVE-2008-2057 (The Instant Messenger (IM) inspection engine in Cisco Adaptive ...)
+CVE-2008-2057
 	NOT-FOR-US: Cisco
-CVE-2008-2056 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security ...)
+CVE-2008-2056
 	NOT-FOR-US: Cisco
-CVE-2008-2055 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security ...)
+CVE-2008-2055
 	NOT-FOR-US: Cisco
-CVE-2008-2054 (Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 ...)
+CVE-2008-2054
 	NOT-FOR-US: Cisco CiscoWorks Common Services
-CVE-2008-2053 (Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) ...)
+CVE-2008-2053
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2008-2052 (Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 ...)
+CVE-2008-2052
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2008-2049 (The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows ...)
+CVE-2008-2049
 	NOT-FOR-US: E-Post Mail Server
-CVE-2008-2048 (Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in ...)
+CVE-2008-2048
 	NOT-FOR-US: Angelo-Emlak
-CVE-2008-2047 (Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow ...)
+CVE-2008-2047
 	NOT-FOR-US: Angelo-Emlak
-CVE-2008-2046 (Cross-site scripting (XSS) vulnerability in index.php in Softpedia ...)
+CVE-2008-2046
 	NOT-FOR-US: Softpedia
-CVE-2008-2045 (Absolute path traversal vulnerability in SugarCRM Sugar Community ...)
+CVE-2008-2045
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2008-2044 (includes/library.php in netOffice Dwins 1.3 p2 compares the ...)
+CVE-2008-2044
 	NOT-FOR-US: netOffice Dwins
-CVE-2008-2043 (Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, ...)
+CVE-2008-2043
 	NOT-FOR-US: cPanel
-CVE-2008-2085 (Multiple stack-based buffer overflows in the (1) get_remote_ip_media ...)
+CVE-2008-2085
 	- sip-tester 2.0.1-1.2 (low; bug #479039)
 	[etch] - sip-tester <no-dsa> (Minor issue)
-CVE-2008-2051 (The escapeshellcmd API function in PHP before 5.2.6 has unknown impact ...)
+CVE-2008-2051
 	{DSA-1578-1 DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: http://www.php.net/ChangeLog-5.php
 	NOTE: http://web.archive.org/web/20120524033327/http://www.sektioneins.de/advisories/SE-2008-03.txt
-CVE-2008-2050 (Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP ...)
+CVE-2008-2050
 	{DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: php4 not affected, the vulnerable code isn't present
 	NOTE: http://www.php.net/ChangeLog-5.php
-CVE-2008-2042 (The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly ...)
+CVE-2008-2042
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2008-2039
 	REJECTED
-CVE-2008-2038 (Multiple SQL injection vulnerabilities in admin/adminindex.php in ...)
+CVE-2008-2038
 	NOT-FOR-US: Tunkey WebTools
-CVE-2008-2037 (Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts ...)
+CVE-2008-2037
 	NOT-FOR-US: EidteurScripts
-CVE-2008-2036 (SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 ...)
+CVE-2008-2036
 	NOT-FOR-US: Koobi Pro
-CVE-2008-2035 (Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) ...)
+CVE-2008-2035
 	NOT-FOR-US: Bluemoon
-CVE-2008-2034 (SQL injection vulnerability in wp-download_monitor/download.php in the ...)
+CVE-2008-2034
 	NOT-FOR-US: wordpress Download Monitor 2.0.6 plugin
 CVE-2008-2033
 	REJECTED
-CVE-2008-2032 (The FTP service in Acritum Femitter Server 1.03 allows remote ...)
+CVE-2008-2032
 	NOT-FOR-US: Acritum Femitter Server
-CVE-2008-2031 (VicFTPS 5.0 allows remote attackers to cause a denial of service ...)
+CVE-2008-2031
 	NOT-FOR-US: VicFTPS
-CVE-2008-2030 (Cross-site scripting (XSS) vulnerability in installControl.php3 in F5 ...)
+CVE-2008-2030
 	NOT-FOR-US: FirePass
-CVE-2008-2029 (Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) ...)
+CVE-2008-2029
 	NOT-FOR-US: miniBB
-CVE-2008-2028 (miniBB 2.2, and possibly earlier, when register_globals is enabled, ...)
+CVE-2008-2028
 	NOT-FOR-US: miniBB
-CVE-2008-2027 (Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA ...)
+CVE-2008-2027
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2008-2026 (Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in ...)
+CVE-2008-2026
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2008-2025 (Cross-site scripting (XSS) vulnerability in Apache Struts before ...)
+CVE-2008-2025
 	- libstruts1.2-java 1.2.9-3.1 (low; bug #528352)
 	[lenny] - libstruts1.2-java <no-dsa> (Minor issue)
-CVE-2008-2024 (Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, ...)
+CVE-2008-2024
 	NOT-FOR-US: miniBB
-CVE-2008-2023 (Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 ...)
+CVE-2008-2023
 	NOT-FOR-US: MegaBBS
-CVE-2008-2022 (Mulatiple cross-site scripting (XSS) vulnerabilities in PD9 Software ...)
+CVE-2008-2022
 	NOT-FOR-US: MegaBBS
-CVE-2008-2021 (Heap-based buffer overflow in Lhaplus before 1.57 allows remote ...)
+CVE-2008-2021
 	NOT-FOR-US: Lhaplus
-CVE-2008-2020 (The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 ...)
+CVE-2008-2020
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-2019 (Simple Machines Forum (SMF), probably 1.1.4, relies on &quot;randomly ...)
+CVE-2008-2019
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-2018 (The AssignUser function in template.class.php in PHPizabi 0.848b C1 ...)
+CVE-2008-2018
 	NOT-FOR-US: PHPizabi
-CVE-2008-2017 (Directory traversal vulnerability in Chilek Content Management System ...)
+CVE-2008-2017
 	NOT-FOR-US: Chilek Content Management System
-CVE-2008-2016 (PHP remote file inclusion vulnerability in Chilek Content Management ...)
+CVE-2008-2016
 	NOT-FOR-US: Chilek Content Management System
-CVE-2008-2015 (Multiple absolute path traversal vulnerabilities in certain ActiveX ...)
+CVE-2008-2015
 	NOT-FOR-US: WatchFire
-CVE-2008-2014 (Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial ...)
+CVE-2008-2014
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes / hangs not treated as security issues
-CVE-2008-2013 (SQL injection vulnerability in index.php in the pnFlashGames 1.5 ...)
+CVE-2008-2013
 	NOT-FOR-US: pnFlashGames
-CVE-2008-2012 (SQL injection vulnerability in index.php in the PostSchedule 1.0 ...)
+CVE-2008-2012
 	NOT-FOR-US: PostSchedule
-CVE-2008-2011 (Cross-site scripting (XSS) vulnerability in the National Rail ...)
+CVE-2008-2011
 	NOT-FOR-US: National Rail Enquiries Live Departure Boards gadget
-CVE-2008-2010 (Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 ...)
+CVE-2008-2010
 	NOT-FOR-US: Windows
-CVE-2008-2009 (Xiph.org libvorbis before 1.0 does not properly check for ...)
+CVE-2008-2009
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
 	- libvorbis 1.2.0.dfsg-4 (bug #482039)
@@ -12453,312 +12453,312 @@ CVE-2008-2009 (Xiph.org libvorbis before 1.0 does not properly check for ...)
 	[lenny] - libvorbis <not-affected> (actual vulnerability fixed pre-1.0)
 	NOTE: additional hardening features have already been added to the unstable
 	NOTE: packages that would be useful to have in stable, so proposing as spu/ospu
-CVE-2008-2008 (Buffer overflow in the Display Names message feature in Cerulean ...)
+CVE-2008-2008
 	NOT-FOR-US: Cerulean Studios Trillian Basic
 CVE-2008-2007
 	REJECTED
-CVE-2008-2006 (Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and ...)
+CVE-2008-2006
 	NOT-FOR-US: Apple iCal
-CVE-2008-2005 (The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before ...)
+CVE-2008-2005
 	NOT-FOR-US: SuiteLink
-CVE-2008-2004 (The drive_init function in QEMU 0.9.1 determines the format of a raw ...)
+CVE-2008-2004
 	{DTSA-133-1}
 	- qemu 0.9.1-5
 	- kvm 66+dfsg-1.1 (bug #481204)
 	- xen-3 3.4.0-1 (bug #490409)
 	- xen-unstable <removed> (bug #490411)
 	- xen-3.0 <removed>
-CVE-2008-2003 (BadBlue 2.72 Personal Edition stores multiple programs in the web ...)
+CVE-2008-2003
 	NOT-FOR-US: BadBlue
-CVE-2008-2002 (Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola ...)
+CVE-2008-2002
 	NOT-FOR-US: Motorola software
-CVE-2008-2001 (Apple Safari 3.1.1 allows remote attackers to cause a denial of ...)
+CVE-2008-2001
 	NOT-FOR-US: Apple Safari
-CVE-2008-2000 (Unspecified vulnerability in Apple Safari 3.1.1 allows remote ...)
+CVE-2008-2000
 	NOT-FOR-US: Apple Safari
-CVE-2008-1999 (Apple Safari 3.1.1 allows remote attackers to spoof the address bar by ...)
+CVE-2008-1999
 	NOT-FOR-US: Apple Safari
-CVE-2008-1998 (The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, ...)
+CVE-2008-1998
 	NOT-FOR-US: Windows specific
-CVE-2008-1997 (Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 ...)
+CVE-2008-1997
 	NOT-FOR-US: IBM DB2
-CVE-2008-1996 (licq before 1.3.6 allows remote attackers to cause a denial of service ...)
+CVE-2008-1996
 	- licq 1.3.5-6 (low; bug #479036)
 	[etch] - licq <no-dsa> (Minor issue)
-CVE-2008-1995 (Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a ...)
+CVE-2008-1995
 	NOT-FOR-US: Sun Java System Directory Proxy Server
-CVE-2008-1994 (Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and ...)
+CVE-2008-1994
 	- acon 1.0.5-6.1 (low; bug #475733)
-CVE-2008-1993 (Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, ...)
+CVE-2008-1993
 	NOT-FOR-US: Acidcat
-CVE-2008-1992 (Acidcat CMS 3.4.1 does not properly restrict access to (1) ...)
+CVE-2008-1992
 	NOT-FOR-US: Acidcat
-CVE-2008-1991 (Cross-site scripting (XSS) vulnerability in admin_colors_swatch.asp in ...)
+CVE-2008-1991
 	NOT-FOR-US: Acidcat
-CVE-2008-1990 (Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow ...)
+CVE-2008-1990
 	NOT-FOR-US: Acidcat
-CVE-2008-1989 (PHP remote file inclusion vulnerability in 123flashchat.php in the 123 ...)
+CVE-2008-1989
 	NOT-FOR-US: Flash Chat
-CVE-2008-1988 (Unrestricted file upload vulnerability in the file_upload function in ...)
+CVE-2008-1988
 	NOT-FOR-US: EncapsGallery
-CVE-2008-1987 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+CVE-2008-1987
 	NOT-FOR-US: EncapsGallery
-CVE-2008-1986 (Cross-site scripting (XSS) vulnerability in liste_article.php in Blog ...)
+CVE-2008-1986
 	NOT-FOR-US: PixelMotion
-CVE-2008-1985 (Cross-site scripting (XSS) vulnerability in base.php in DigitalHive ...)
+CVE-2008-1985
 	NOT-FOR-US: DigitalHive
-CVE-2008-1984 (The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure ...)
+CVE-2008-1984
 	NOT-FOR-US: eTrust
-CVE-2008-1983 (Cross-site scripting (XSS) vulnerability in Advanced Electron Forum ...)
+CVE-2008-1983
 	NOT-FOR-US: Advanced Electron Forum (AEF)
-CVE-2008-1982 (SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) ...)
+CVE-2008-1982
 	NOT-FOR-US: Wordpress Spreadsheet plugin
-CVE-2008-1981 (Cross-site request forgery (CSRF) vulnerability in E-Publish 5.x ...)
+CVE-2008-1981
 	NOT-FOR-US: e-publish
-CVE-2008-1980 (Cross-site scripting (XSS) vulnerability in E-Publish 5.x before ...)
+CVE-2008-1980
 	NOT-FOR-US: e-publish
-CVE-2008-1979 (The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and ...)
+CVE-2008-1979
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-1978 (Cross-site scripting (XSS) vulnerability in the Ubercart 5.x before ...)
+CVE-2008-1978
 	NOT-FOR-US: Ubercart
-CVE-2008-1977 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2008-1977
 	NOT-FOR-US: Drupal internationalization and localizer module
-CVE-2008-1976 (Multiple cross-site scripting (XSS) vulnerabilities in the Drupal ...)
+CVE-2008-1976
 	NOT-FOR-US: Drupal internationalization and localizer module
-CVE-2008-1975 (SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote ...)
+CVE-2008-1975
 	NOT-FOR-US: E-RESERV
-CVE-2008-1973 (Heap-based buffer overflow in SubEdit Player build 4056 and 4066 ...)
+CVE-2008-1973
 	NOT-FOR-US: SubEdit Player
-CVE-2008-1972 (Multiple cross-site scripting (XSS) vulnerabilities in the user ...)
+CVE-2008-1972
 	NOT-FOR-US: Exponent CMS
-CVE-2008-1971 (phShoutBox Final 1.5 and earlier only checks passwords when specified ...)
+CVE-2008-1971
 	NOT-FOR-US: phShoutBox
-CVE-2008-1970 (muCommander before 0.8.2 stores credentials.xml with insecure ...)
+CVE-2008-1970
 	NOT-FOR-US: muCommander
-CVE-2008-1969 (Multiple cross-site scripting (XSS) vulnerabilities in Cezanne 6.5.1 ...)
+CVE-2008-1969
 	NOT-FOR-US: Cezanne
-CVE-2008-1968 (Multiple SQL injection vulnerabilities in Cezanne 7 allow remote ...)
+CVE-2008-1968
 	NOT-FOR-US: Cezanne
-CVE-2008-1967 (Cross-site scripting (XSS) vulnerability in CFLogon/CFLogon.asp in ...)
+CVE-2008-1967
 	NOT-FOR-US: Cezanne
-CVE-2008-1966 (Multiple buffer overflows in the JAR file administration routines in ...)
+CVE-2008-1966
 	NOT-FOR-US: Windows specific
-CVE-2008-1965 (Argument injection vulnerability in the cai: URI handler in ...)
+CVE-2008-1965
 	NOT-FOR-US: Lotus Expeditor
-CVE-2008-1964 (** DISPUTED ** ...)
+CVE-2008-1964
 	- xine-lib <not-affected> (nsf support disabled by maintainer)
 	NOTE: xine-lib (1.1.12) uses strndup to allocate the needed memory and limits it to 32 bytes
 	NOTE: while copyright is 100 bytes long (+ padding for chunks)
-CVE-2008-1963 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+CVE-2008-1963
 	NOT-FOR-US: Quate Grape Web Statistics
-CVE-2008-1962 (Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow ...)
+CVE-2008-1962
 	NOT-FOR-US: Aterr
-CVE-2008-1961 (SQL injection vulnerability in index.php in Voice Of Web AllMyGuests ...)
+CVE-2008-1961
 	NOT-FOR-US: Voice Of Web AllMyGuests
-CVE-2008-1960 (Cross-site scripting (XSS) vulnerability in cgi-bin/contray/search.cgi ...)
+CVE-2008-1960
 	NOT-FOR-US: ContRay
-CVE-2008-1959 (Stack-based buffer overflow in the get_remote_video_port_media ...)
+CVE-2008-1959
 	- sip-tester 2.0.1-1.2 (low; bug #479039)
 	[etch] - sip-tester <no-dsa> (Minor issue)
-CVE-2008-1958 (Unrestricted file upload vulnerability in the ajout_cat mode in ...)
+CVE-2008-1958
 	NOT-FOR-US: Tr Script News
-CVE-2008-1957 (SQL injection vulnerability in news.php in Tr Script News 2.1 allows ...)
+CVE-2008-1957
 	NOT-FOR-US: Tr Script News
-CVE-2008-2146 (wp-includes/vars.php in Wordpress before 2.2.3 does not properly ...)
+CVE-2008-2146
 	{DSA-1564-1}
 	- wordpress 2.2.3-1
 	NOTE: http://trac.wordpress.org/ticket/4748
 	NOTE: fixed in DSA-1564-1
-CVE-2008-2040 (Stack-based buffer overflow in the HTTP::getAuthUserPass function ...)
+CVE-2008-2040
 	{DSA-1583-1 DSA-1582-1}
 	- peercast 0.1218+svn20080104-1.1 (medium; bug #478573)
 	- gnome-peercast <removed>
 	NOTE: etch version tested with PoC, affected
-CVE-2008-1974 (Cross-site scripting (XSS) vulnerability in addevent.php in Horde ...)
+CVE-2008-1974
 	{DSA-1560-1}
 	- kronolith2 2.1.8-1
-CVE-2008-1956 (Cross-site scripting (XSS) vulnerability in index.php in Wikepage Opus ...)
+CVE-2008-1956
 	NOT-FOR-US: Wikepage Opus
-CVE-2008-1955 (Cross-site scripting (XSS) vulnerability in rep.php in Martin BOUCHER ...)
+CVE-2008-1955
 	NOT-FOR-US: Martin BOUCHER MyBoard
-CVE-2008-1954 (SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and ...)
+CVE-2008-1954
 	NOT-FOR-US: Web Calendar Pro
-CVE-2008-1953 (Cross-site scripting (XSS) vulnerability in the Sitedesigner before ...)
+CVE-2008-1953
 	NOT-FOR-US: Sitedesigner
-CVE-2008-1952 (The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in ...)
+CVE-2008-1952
 	- xen-3 3.2.1-2 (medium; bug #487095)
 	- xen-unstable <not-affected> (Vulnerable code not present, introduced in changeset 17630)
 	NOTE: vulnerable code no longer present as of xen 3.4 (xenfb.c has been removed)
-CVE-2008-1951 (Untrusted search path vulnerability in a certain Red Hat build script ...)
+CVE-2008-1951
 	NOT-FOR-US: Red Hat issue
-CVE-2008-1950 (Integer signedness error in the _gnutls_ciphertext2compressed function ...)
+CVE-2008-1950
 	{DSA-1581-1}
 	- gnutls13 2.0.4-4 (low)
 	- gnutls26 2.2.5-1 (low)
-CVE-2008-1949 (The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in ...)
+CVE-2008-1949
 	{DSA-1581-1}
 	- gnutls13 2.0.4-4 (low)
 	- gnutls26 2.2.5-1 (low)
-CVE-2008-1948 (The _gnutls_server_name_recv_params function in lib/ext_server_name.c ...)
+CVE-2008-1948
 	{DSA-1581-1}
 	- gnutls13 2.0.4-4 (medium)
 	- gnutls26 2.2.5-1 (medium)
-CVE-2008-1947 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 ...)
+CVE-2008-1947
 	{DSA-1593-1}
 	- tomcat5.5 5.5.26-3 (low; bug #484643)
 	- tomcat5 <removed>
-CVE-2008-1946 (The default configuration of su in /etc/pam.d/su in GNU coreutils ...)
+CVE-2008-1946
 	- coreutils 5.93-1
-CVE-2008-1945 (QEMU 0.9.0 does not properly handle changes to removable media, which ...)
+CVE-2008-1945
 	{DSA-1799-1}
 	- qemu 0.9.1-5 (low; bug #526013)
-CVE-2008-1944 (Buffer overflow in the backend framebuffer of XenSource Xen ...)
+CVE-2008-1944
 	- xen-3 3.2.1-2 (medium; bug #487095)
 	- xen-unstable 3.3-unstable+hg17602-1 (medium; bug #487097)
-CVE-2008-1943 (Buffer overflow in the backend of XenSource Xen Para Virtualized Frame ...)
+CVE-2008-1943
 	- xen-3 3.2.1-2 (medium; bug #487095)
 	- xen-unstable 3.3-unstable+hg17602-1 (medium; bug #487097)
-CVE-2008-1942 (Foxit Reader 2.2 allows remote attackers to cause a denial of service ...)
+CVE-2008-1942
 	NOT-FOR-US: Foxit Reader
-CVE-2008-1941 (Cross-site scripting (XSS) vulnerability in the profile update feature ...)
+CVE-2008-1941
 	NOT-FOR-US: Akiva WebBoard
-CVE-2008-1940 (The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and ...)
+CVE-2008-1940
 	- linux-patch-grsecurity2 2.1.11+2.6.24.5+200804211829-1 (bug #478133)
-CVE-2008-1939 (Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow ...)
+CVE-2008-1939
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-1938 (Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly ...)
+CVE-2008-1938
 	NOT-FOR-US: Sony firmware
-CVE-2008-1937 (The user form processing (userform.py) in MoinMoin before 1.6.3, when ...)
+CVE-2008-1937
 	- moin 1.6.3-1
 	[etch] - moin <not-affected> (1.5.x is not affected)
 	NOTE: acl_hierarchic was introduced in 1.6.0
 	NOTE: userform processing issue was introduced in 1.6.1
-CVE-2008-1936 (SQL injection vulnerability in index.php in Classifieds Caffe allows ...)
+CVE-2008-1936
 	NOT-FOR-US: Classifieds Caffe
-CVE-2008-1935 (SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! ...)
+CVE-2008-1935
 	NOT-FOR-US: Filiale
-CVE-2008-1934 (SQL injection vulnerability in commentaires.php in Crazy Goomba 1.2.1 ...)
+CVE-2008-1934
 	NOT-FOR-US: Crazy Goomba
-CVE-2008-1933 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
+CVE-2008-1933
 	NOT-FOR-US: Zune
-CVE-2008-1932 (Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and ...)
+CVE-2008-1932
 	NOT-FOR-US: Realtek HD Audio Codec
-CVE-2008-1931 (Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before ...)
+CVE-2008-1931
 	NOT-FOR-US: Realtek HD Audio Codec
 CVE-2008-1929
 	RESERVED
-CVE-2008-1928 (Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause ...)
+CVE-2008-1928
 	- libimager-perl 0.64-1
-CVE-2008-1926 (Argument injection vulnerability in login (login-utils/login.c) in ...)
+CVE-2008-1926
 	{DTSA-126-1}
 	- util-linux 2.13.1.1-1 (low; bug #478135)
 	[etch] - util-linux <not-affected> (Audit support not available in Etch's version)
-CVE-2008-1923 (The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision ...)
+CVE-2008-1923
 	- asterisk 1:1.4.19.1~dfsg-1 (medium)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-1922 (Multiple stack-based buffer overflows in Sarg might allow attackers to ...)
+CVE-2008-1922
 	- sarg 2.2.4-1
-CVE-2008-1921 (SQL injection vulnerability in store_pages/category_list.php in 5th ...)
+CVE-2008-1921
 	NOT-FOR-US: 5th Avenue Shopping Cart
-CVE-2008-1920 (Heap-based buffer overflow in the boxelyRenderer module in the ...)
+CVE-2008-1920
 	NOT-FOR-US: ICQ
-CVE-2008-1919 (SQL injection vulnerability in listtest.php in YourFreeWorld Apartment ...)
+CVE-2008-1919
 	NOT-FOR-US: YourFreeWorld Apartment Search Script
-CVE-2008-1918 (SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and ...)
+CVE-2008-1918
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-1917 (Multiple cross-site scripting (XSS) vulnerabilities in AMFPHP 1.2 ...)
+CVE-2008-1917
 	NOT-FOR-US: AMFPHP
-CVE-2008-1916 (Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart ...)
+CVE-2008-1916
 	NOT-FOR-US: Ubercart (drupal module)
-CVE-2008-1915 (SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows ...)
+CVE-2008-1915
 	NOT-FOR-US: BlogWorx
-CVE-2008-1930 (The cookie authentication method in WordPress 2.5 relies on a hash of ...)
+CVE-2008-1930
 	- wordpress 2.5.1-1 (medium; bug #477910)
 	NOTE: only exploitable in blogs that allow user registering
 	[etch] - wordpress <not-affected> (Vulnerable code was introduced in 2.5)
-CVE-2008-1927 (Double free vulnerability in Perl 5.8.8 allows context-dependent ...)
+CVE-2008-1927
 	{DSA-1556-2}
 	- perl 5.10.0-1 (bug #454792)
-CVE-2008-1925 (Buffer overflow in InspIRCd before 1.1.18, when using the namesx and ...)
+CVE-2008-1925
 	- inspircd 1.1.18+dfsg-1 (low)
-CVE-2008-1924 (Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running ...)
+CVE-2008-1924
 	{DSA-1557-1}
 	- phpmyadmin 4:2.11.5.2-1
 	NOTE: PMASA-2008-3
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_9/phpMyAdmin/libraries/tbl_replace_fields.inc.php?r1=11211&r2=11210&pathrev=11211
-CVE-2008-1914 (Stack-based buffer overflow in the AntServer module (AntServer.exe) in ...)
+CVE-2008-1914
 	NOT-FOR-US: BigAnt Messenger
-CVE-2008-1913 (SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, ...)
+CVE-2008-1913
 	NOT-FOR-US: Lasernet CMS
-CVE-2008-1912 (Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and ...)
+CVE-2008-1912
 	NOT-FOR-US: DivX Player
-CVE-2008-1911 (SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 ...)
+CVE-2008-1911
 	NOT-FOR-US: 1024 CMS
-CVE-2008-1910 (Stack-based buffer overflow in the database service (ibserver.exe) in ...)
+CVE-2008-1910
 	NOT-FOR-US: Borland InterBase
-CVE-2008-1909 (SQL injection vulnerability in comment.php in PHP Knowledge Base ...)
+CVE-2008-1909
 	NOT-FOR-US: PHPKB
-CVE-2008-1908 (Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow ...)
+CVE-2008-1908
 	NOT-FOR-US: cpCommerce
-CVE-2008-1907 (Multiple SQL injection vulnerabilities in ...)
+CVE-2008-1907
 	NOT-FOR-US: cpCommerce
-CVE-2008-1906 (Cross-site scripting (XSS) vulnerability in calendar.php in cpCommerce ...)
+CVE-2008-1906
 	NOT-FOR-US: cpCommerce
-CVE-2008-1905 (NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in ...)
+CVE-2008-1905
 	NOT-FOR-US: Nero MediaHome
-CVE-2008-1904 (Cicoandcico CcMail 1.0.1 and earlier does not verify that the ...)
+CVE-2008-1904
 	NOT-FOR-US: CcMail
-CVE-2008-1903 (PHP remote file inclusion vulnerability in news_show.php in Newanz ...)
+CVE-2008-1903
 	NOT-FOR-US: Newanz NewsOffice
-CVE-2008-1902 (The GUI for aptlinex before 0.91 does not sufficiently warn the user ...)
+CVE-2008-1902
 	- aptlinex 0.91-1 (low; bug #476572)
 	NOTE: the user gets a confirmation dialog
-CVE-2008-1901 (aptlinex before 0.91 allows local users to overwrite arbitrary files ...)
+CVE-2008-1901
 	- aptlinex 0.91-1 (medium; bug #476588)
 	NOTE: code execution via /tmp/gambas-apt-exec is also possible, maintainer confirmed this
-CVE-2008-1900 (option_Update.asp in Carbon Communities 2.4 and earlier allows remote ...)
+CVE-2008-1900
 	NOT-FOR-US: Carbon Communities
 CVE-2008-1899
 	RESERVED
-CVE-2008-1898 (A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed ...)
+CVE-2008-1898
 	NOT-FOR-US: Microsoft Works
-CVE-2008-1897 (The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, ...)
+CVE-2008-1897
 	{DSA-1563-1}
 	- asterisk 1:1.4.19.1~dfsg-1 (medium)
-CVE-2008-1896 (Multiple cross-site scripting (XSS) vulnerabilities in Carbon ...)
+CVE-2008-1896
 	NOT-FOR-US: Carbon Communities
-CVE-2008-1895 (Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and ...)
+CVE-2008-1895
 	NOT-FOR-US: Carbon Communities
-CVE-2008-1894 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-1894
 	NOT-FOR-US: BusinessObjects InfoView
-CVE-2008-1893 (PHP remote file inclusion vulnerability in index.php in W2B Online ...)
+CVE-2008-1893
 	NOT-FOR-US: W2B Online Banking
-CVE-2008-1892 (Cross-site scripting (XSS) vulnerability in bs_auth.php in ...)
+CVE-2008-1892
 	NOT-FOR-US: Blogator-script
-CVE-2008-1891 (Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and ...)
+CVE-2008-1891
 	- ruby1.8 1.8.7.22-1 (unimportant)
 	- ruby1.9 1.9.0.2-1 (unimportant)
 	NOTE: corner-case only exploitable if web application is run on windows fs
-CVE-2008-1890 (SQL injection vulnerability in the Jom Comment 2.0 build 345 component ...)
+CVE-2008-1890
 	NOT-FOR-US: Jom Comment for Joomla!
-CVE-2008-1889 (SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials ...)
+CVE-2008-1889
 	NOT-FOR-US: XplodPHP AutoTutorials
-CVE-2008-1888 (Cross-site scripting (XSS) vulnerability in Microsoft Windows ...)
+CVE-2008-1888
 	NOT-FOR-US: Windows
-CVE-2008-1886 (The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in ...)
+CVE-2008-1886
 	NOT-FOR-US: CDNetworks Nefficient Download
-CVE-2008-1885 (Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX ...)
+CVE-2008-1885
 	NOT-FOR-US: NeffyLauncher
-CVE-2008-1884 (Directory traversal vulnerability in index.php in Wikepage Opus 13 ...)
+CVE-2008-1884
 	NOT-FOR-US: Wikepage
-CVE-2008-1883 (The server in Blackboard Academic Suite 7.x stores MD5 password hashes ...)
+CVE-2008-1883
 	NOT-FOR-US: Blackboard Academic Suite
 CVE-2008-1882
 	RESERVED
-CVE-2008-1881 (Stack-based buffer overflow in the ParseSSA function ...)
+CVE-2008-1881
 	{DSA-1819-1 DTSA-125-1}
 	- vlc 0.8.6.e-2.1 (medium; bug #477805)
-CVE-2008-1880 (The default configuration of Firebird before 2.0.3.12981.0-r6 on ...)
+CVE-2008-1880
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Firebird 1.5 no longer supported, see last DSA)
 	- firebird2.0 2.0.3.12981.ds1-14 (bug #481389)
@@ -12766,415 +12766,415 @@ CVE-2008-1880 (The default configuration of Firebird before 2.0.3.12981.0-r6 on
 	NOTE: you need to call dpkg-reconfigure
 CVE-2008-1879
 	RESERVED
-CVE-2008-2041 (Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have ...)
+CVE-2008-2041
 	- egroupware 1.4.004-2.dfsg-1 (bug #476977)
-CVE-2008-1876 (PHP remote file inclusion vulnerability in index.php in VisualPic ...)
+CVE-2008-1876
 	NOT-FOR-US: VisualPic
-CVE-2008-1875 (SQL injection vulnerability in index.php in Terong PHP Photo Gallery ...)
+CVE-2008-1875
 	NOT-FOR-US: Terong PHP Photo Gallery
-CVE-2008-1874 (SQL injection vulnerability in account/user/mail.html in Xpoze Pro ...)
+CVE-2008-1874
 	NOT-FOR-US: Xpoze Pro
-CVE-2008-1873 (Cross-site scripting (XSS) vulnerability in the private message ...)
+CVE-2008-1873
 	NOT-FOR-US: Nuke ET
-CVE-2008-1872 (SQL injection vulnerability in home.news.php in Comdev News Publisher ...)
+CVE-2008-1872
 	NOT-FOR-US: Comdev News Publisher
-CVE-2008-1871 (SQL injection vulnerability in links.php in Scriptsagent.com Links ...)
+CVE-2008-1871
 	NOT-FOR-US: Scriptsagent.com
-CVE-2008-1870 (SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and ...)
+CVE-2008-1870
 	NOT-FOR-US: PIGMy-SQL
-CVE-2008-1869 (SQL injection vulnerability in Site Sift Listings allows remote ...)
+CVE-2008-1869
 	NOT-FOR-US: Site Sift Listings
-CVE-2008-1868 (admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does ...)
+CVE-2008-1868
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2008-1867 (SQL injection vulnerability in Blog Pixel Motion (aka Blog ...)
+CVE-2008-1867
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2008-1866 (admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) ...)
+CVE-2008-1866
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2008-1865 (Stack-based buffer overflow in the msx_readnode function in libmosix.c ...)
+CVE-2008-1865
 	NOT-FOR-US: openmosix-tools
-CVE-2008-1864 (SQL injection vulnerability in project.php in Prozilla Freelancers ...)
+CVE-2008-1864
 	NOT-FOR-US: Prozilla Freelancers
-CVE-2008-1863 (SQL injection vulnerability in view_reviews.php in Prozilla Cheat ...)
+CVE-2008-1863
 	NOT-FOR-US: Prozilla Cheat Script
-CVE-2008-1862 (ExBB Italia 0.22 and earlier only checks GET requests that use the ...)
+CVE-2008-1862
 	NOT-FOR-US: ExBB Italia
-CVE-2008-1861 (Directory traversal vulnerability in modules/threadstop/threadstop.php ...)
+CVE-2008-1861
 	NOT-FOR-US: ExBB Italia
-CVE-2008-1860 (Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and ...)
+CVE-2008-1860
 	NOT-FOR-US: LokiCMS
-CVE-2008-1859 (SQL injection vulnerability in events.php in iScripts SocialWare ...)
+CVE-2008-1859
 	NOT-FOR-US: iScripts SocialWare
-CVE-2008-1858 (SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 ...)
+CVE-2008-1858
 	NOT-FOR-US: 724Networks 724CMS
-CVE-2008-1857 (Multiple directory traversal vulnerabilities in viewsource.php in Make ...)
+CVE-2008-1857
 	NOT-FOR-US: Mole
-CVE-2008-1856 (plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not ...)
+CVE-2008-1856
 	NOT-FOR-US: LinPHA
-CVE-2008-1855 (FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 ...)
+CVE-2008-1855
 	NOT-FOR-US: McAfee
-CVE-2008-1854 (Unspecified vulnerability in SmarterMail Web Server (SMWebSvr.exe) in ...)
+CVE-2008-1854
 	NOT-FOR-US: SmarterMail Web Server
-CVE-2008-1853 (The ovtopmd service in HP OpenView Network Node Manager (OV NNM) 7.51, ...)
+CVE-2008-1853
 	NOT-FOR-US: HP OpenView
-CVE-2008-1852 (ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, ...)
+CVE-2008-1852
 	NOT-FOR-US: HP OpenView
-CVE-2008-1851 (ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, ...)
+CVE-2008-1851
 	NOT-FOR-US: HP OpenView
-CVE-2008-1850 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+CVE-2008-1850
 	NOT-FOR-US: Omnistar Interactive OSI Affiliate
-CVE-2008-1849 (Directory traversal vulnerability in index.php in the joomlaXplorer ...)
+CVE-2008-1849
 	NOT-FOR-US: com_joomlaxplorer Mambo/Joomla! component
-CVE-2008-1848 (Cross-site scripting (XSS) vulnerability in the joomlaXplorer ...)
+CVE-2008-1848
 	NOT-FOR-US: com_joomlaxplorer Mambo/Joomla!
-CVE-2008-1847 (SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook ...)
+CVE-2008-1847
 	NOT-FOR-US: phpAddressBook
-CVE-2008-1846 (The default configuration of SAP NetWeaver before 7.0 SP15 does not ...)
+CVE-2008-1846
 	NOT-FOR-US: SAP
-CVE-2008-1845 (The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not ...)
+CVE-2008-1845
 	- mksh 33.4-1 (low)
 	[etch] - mksh 28.0-3
-CVE-2008-1844 (SQL injection vulnerability in cat.php in W2B phpHotResources allows ...)
+CVE-2008-1844
 	NOT-FOR-US: W2B phpHotResources
-CVE-2008-1843 (SQL injection vulnerability in browse.php in W2B DatingClub (aka ...)
+CVE-2008-1843
 	NOT-FOR-US: W2B DatingClub
-CVE-2008-1842 (Integer signedness error in ovspmd.exe in HP OpenView Network Node ...)
+CVE-2008-1842
 	NOT-FOR-US: HP OpenView
-CVE-2008-1841 (SQL injection vulnerability in the session handling functionality in ...)
+CVE-2008-1841
 	NOT-FOR-US: Coppermine
-CVE-2008-1840 (SQL injection vulnerability in upload.php in Coppermine Photo Gallery ...)
+CVE-2008-1840
 	NOT-FOR-US: Coppermine
-CVE-2008-1839 (Multgiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-1839
 	NOT-FOR-US: WORK system e-commerce
-CVE-2008-1838 (SQL injection vulnerability in BosClassifieds Classified Ads System ...)
+CVE-2008-1838
 	NOT-FOR-US: BosClassifieds Classified Ads System
-CVE-2008-1836 (The rfc2231 function in message.c in libclamav in ClamAV before 0.93 ...)
+CVE-2008-1836
 	- clamav <not-affected> (Vulnerable code introduced later, checked back with upstream)
-CVE-2008-1834 (swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict ...)
+CVE-2008-1834
 	- swfdec0.6 0.6.4-1 (low)
 	- swfdec0.5 <removed> (low; bug #477037)
-CVE-2008-1833 (Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 ...)
+CVE-2008-1833
 	{DSA-1549-1}
 	- clamav 0.92.1~dfsg2-1.1 (medium; bug #476694)
-CVE-2008-1878 (Stack-based buffer overflow in the demux_nsf_send_chunk function in ...)
+CVE-2008-1878
 	{DSA-1586-1 DTSA-128-1}
 	- xine-lib 1.1.12-2 (medium; bug #476990)
 	NOTE: not patched but disabled in testing/unstable
-CVE-2008-1831 (Multiple unspecified vulnerabilities in the Siebel SimBuilder ...)
+CVE-2008-1831
 	NOT-FOR-US: Oracle Siebel Enterprise
-CVE-2008-1830 (Unspecified vulnerability in the PeopleSoft HCM ePerformance component ...)
+CVE-2008-1830
 	NOT-FOR-US: Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne
-CVE-2008-1829 (Unspecified vulnerability in the PeopleSoft HCM Recruiting component ...)
+CVE-2008-1829
 	NOT-FOR-US: Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne
-CVE-2008-1828 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2008-1828
 	NOT-FOR-US: Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne
-CVE-2008-1827 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2008-1827
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-1826 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
+CVE-2008-1826
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-1825 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2008-1825
 	NOT-FOR-US: Oracle
-CVE-2008-1824 (Unspecified vulnerability in the Oracle Dynamic Monitoring Service ...)
+CVE-2008-1824
 	NOT-FOR-US: Oracle
-CVE-2008-1823 (Unspecified vulnerability in the Oracle Jinitiator component in Oracle ...)
+CVE-2008-1823
 	NOT-FOR-US: Oracle
-CVE-2008-1822 (Unspecified vulnerability in the Oracle Application Express component ...)
+CVE-2008-1822
 	NOT-FOR-US: Oracle
-CVE-2008-1821 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
+CVE-2008-1821
 	NOT-FOR-US: Oracle
-CVE-2008-1820 (Unspecified vulnerability in the Data Pump component in Oracle ...)
+CVE-2008-1820
 	NOT-FOR-US: Oracle
-CVE-2008-1819 (Unspecified vulnerability in the Oracle Net Services component in ...)
+CVE-2008-1819
 	NOT-FOR-US: Oracle
-CVE-2008-1818 (Unspecified vulnerability in the Authentication component in Oracle ...)
+CVE-2008-1818
 	NOT-FOR-US: Oracle
-CVE-2008-1817 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, ...)
+CVE-2008-1817
 	NOT-FOR-US: Oracle
-CVE-2008-1816 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and ...)
+CVE-2008-1816
 	NOT-FOR-US: Oracle
-CVE-2008-1815 (Unspecified vulnerability in the Change Data Capture component in ...)
+CVE-2008-1815
 	NOT-FOR-US: Oracle
-CVE-2008-1814 (Unspecified vulnerability in the Oracle Secure Enterprise Search or ...)
+CVE-2008-1814
 	NOT-FOR-US: Oracle
-CVE-2008-1813 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, ...)
+CVE-2008-1813
 	NOT-FOR-US: Oracle
-CVE-2008-1812 (Unspecified vulnerability in the Oracle Enterprise Manager component ...)
+CVE-2008-1812
 	NOT-FOR-US: Oracle
-CVE-2008-1811 (Unspecified vulnerability in Oracle Application Express 3.0.1 has ...)
+CVE-2008-1811
 	NOT-FOR-US: Oracle
-CVE-2008-1810 (Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 ...)
+CVE-2008-1810
 	NOT-FOR-US: SAP MaxDB
-CVE-2008-1809 (Heap-based buffer overflow in Novell eDirectory 8.7.3 before ...)
+CVE-2008-1809
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-1808 (Multiple off-by-one errors in FreeType2 before 2.3.6 allow ...)
+CVE-2008-1808
 	{DSA-1635-1 DTSA-139-1}
 	- freetype 2.3.6-1 (low; bug #485841)
-CVE-2008-1807 (FreeType2 before 2.3.6 allow context-dependent attackers to execute ...)
+CVE-2008-1807
 	{DSA-1635-1 DTSA-139-1}
 	- freetype 2.3.6-1 (medium; bug #485841)
-CVE-2008-1806 (Integer overflow in FreeType2 before 2.3.6 allows context-dependent ...)
+CVE-2008-1806
 	{DSA-1635-1 DTSA-139-1}
 	- freetype 2.3.6-1 (medium; bug #485841)
-CVE-2008-1805 (Incomplete blacklist vulnerability in Skype 3.6.0.248, and other ...)
+CVE-2008-1805
 	NOT-FOR-US: Skype
-CVE-2008-1804 (preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not ...)
+CVE-2008-1804
 	{DTSA-173-1}
 	- snort 2.7.0-20 (low; bug #483160)
 	[lenny] - snort 2.7.0-20.2 (low; bug #483160)
 	[etch] - snort <not-affected> (Only 2.6 and 2.8 are affected)
-CVE-2008-1803 (Integer signedness error in the xrealloc function (rdesktop.c) in ...)
+CVE-2008-1803
 	{DSA-1573-1}
 	- rdesktop 1.5.0-4+cvs20071006 (bug #480135)
-CVE-2008-1802 (Buffer overflow in the process_redirect_pdu (rdp.c) function in ...)
+CVE-2008-1802
 	{DSA-1573-1}
 	- rdesktop 1.5.0-4+cvs20071006 (bug #480134)
-CVE-2008-1801 (Integer underflow in the iso_recv_msg function (iso.c) in rdesktop ...)
+CVE-2008-1801
 	{DSA-1573-1}
 	- rdesktop 1.5.0-4+cvs20071006 (bug #480133)
-CVE-2008-1800 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-1800
 	NOT-FOR-US: DivXDB
-CVE-2008-1799 (Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 ...)
+CVE-2008-1799
 	NOT-FOR-US: sabros.us
-CVE-2008-1798 (Directory traversal vulnerability in forum/kietu/libs/calendrier.php ...)
+CVE-2008-1798
 	NOT-FOR-US: Dragoon
-CVE-2008-1797 (Unspecified vulnerability in Secure Computing Webwasher 5.30 before ...)
+CVE-2008-1797
 	NOT-FOR-US: Secure Computing Webwasher
-CVE-2008-1796 (Comix 3.6.4 creates temporary directories with predictable names, ...)
+CVE-2008-1796
 	- comix 3.6.4-1.1 (unimportant)
 	NOTE: only exploitable with insecure umask settings
-CVE-2008-1795 (Multiple cross-site scripting (XSS) vulnerabilities in Blackboard ...)
+CVE-2008-1795
 	NOT-FOR-US: Blackboard Academic Suite
-CVE-2008-1794 (Multiple cross-site scripting (XSS) vulnerabilities in the Webform ...)
+CVE-2008-1794
 	NOT-FOR-US: Webform Drupal module
-CVE-2008-1793 (Multiple cross-site scripting (XSS) vulnerabilities in view.cgi in ...)
+CVE-2008-1793
 	NOT-FOR-US: Smart
-CVE-2008-1792 (Cross-site scripting (XSS) vulnerability in the insertion filter in ...)
+CVE-2008-1792
 	NOT-FOR-US: Flickr Drupal module
-CVE-2008-1791 (SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and ...)
+CVE-2008-1791
 	NOT-FOR-US: My Gaming Ladder
-CVE-2008-1790 (Unrestricted file upload vulnerability in iScripts SocialWare allows ...)
+CVE-2008-1790
 	NOT-FOR-US: iScripts
-CVE-2008-1789 (SQL injection vulnerability in forum.php in Prozilla Forum allows ...)
+CVE-2008-1789
 	NOT-FOR-US: Prozilla Forum
-CVE-2008-1788 (SQL injection vulnerability in directory.php in Prozilla Entertainers ...)
+CVE-2008-1788
 	NOT-FOR-US: Prozilla Entertainers
-CVE-2008-1787 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-1787
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2008-1786 (The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in ...)
+CVE-2008-1786
 	NOT-FOR-US: CA products
-CVE-2008-1785 (delete.php in Prozilla Top 100 1.2 allows remote authenticated users ...)
+CVE-2008-1785
 	NOT-FOR-US: Prozilla Top 100
-CVE-2008-1784 (Prozilla Topsites 1.0 allows remote attackers to perform ...)
+CVE-2008-1784
 	NOT-FOR-US: Prozilla Topsites
-CVE-2008-1783 (Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users ...)
+CVE-2008-1783
 	NOT-FOR-US: Prozilla Reviews
-CVE-2008-1782 (phpdemo/viewsource.php in Advanced Software Engineering ChartDirector ...)
+CVE-2008-1782
 	NOT-FOR-US: Advanced Software Engineering ChartDirector
-CVE-2008-1837 (libclamunrar in ClamAV before 0.93 allows remote attackers to cause a ...)
+CVE-2008-1837
 	- clamav <not-affected> (Debian doesn't include libunrar since it's non-free)
-CVE-2008-1835 (ClamAV before 0.93 allows remote attackers to bypass the scanning ...)
+CVE-2008-1835
 	- clamav <not-affected> (Debian doesn't include libunrar since it's non-free)
-CVE-2008-1832 (lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite ...)
+CVE-2008-1832
 	- cecilia 2.0.5-2.1 (low; bug #476321)
 	[etch] - cecilia <no-dsa> (Minor issue)
 CVE-2008-1781
 	REJECTED
-CVE-2008-1780 (Unspecified vulnerability in the labeled networking functionality in ...)
+CVE-2008-1780
 	NOT-FOR-US: Solaris
-CVE-2008-1779 (Sun Solaris 8, 9, and 10 allows &quot;remote privileged&quot; users to cause a ...)
+CVE-2008-1779
 	NOT-FOR-US: Solaris
-CVE-2008-1778 (Unspecified vulnerability in the floating point context switch ...)
+CVE-2008-1778
 	NOT-FOR-US: Solaris
-CVE-2008-1777 (The eDirectory Host Environment service (dhost.exe) in Novell ...)
+CVE-2008-1777
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-1776 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-1776
 	NOT-FOR-US: PhpBlock
-CVE-2008-1775 (Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine ...)
+CVE-2008-1775
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2008-1774 (SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows ...)
+CVE-2008-1774
 	NOT-FOR-US: Pligg
-CVE-2008-1773 (PHP remote file inclusion vulnerability in includes/header.inc.php in ...)
+CVE-2008-1773
 	NOT-FOR-US: Dragoon
-CVE-2008-1772 (iScripts SocialWare stores passwords in cleartext in a database, which ...)
+CVE-2008-1772
 	NOT-FOR-US: iScripts SocialWare
-CVE-2008-1771 (Integer overflow in the ws_getpostvars function in Firefly Media ...)
+CVE-2008-1771
 	{DSA-1597-1}
 	- mt-daapd 0.9~r1696-1.3 (medium; bug #476241)
-CVE-2008-1770 (CRLF injection vulnerability in Akamai Download Manager ActiveX ...)
+CVE-2008-1770
 	NOT-FOR-US: Akamai Download Manager
-CVE-2008-1769 (VLC before 0.8.6f allow remote attackers to cause a denial of service ...)
+CVE-2008-1769
 	{DSA-1819-1 DTSA-125-1}
 	- vlc 0.8.6.e-2.1 (low; bug #478140)
-CVE-2008-1768 (Multiple integer overflows in VLC before 0.8.6f allow remote attackers ...)
+CVE-2008-1768
 	{DSA-1819-1 DTSA-125-1}
 	- vlc 0.8.6.e-2.1 (medium; bug #478140)
-CVE-2008-1767 (Buffer overflow in pattern.c in libxslt before 1.1.24 allows ...)
+CVE-2008-1767
 	{DSA-1589-1}
 	- libxslt 1.1.24-1 (bug #482664)
-CVE-2008-1766 (Multiple unspecified vulnerabilities in phpBB before 3.0.1 have ...)
+CVE-2008-1766
 	- phpbb3 3.0.1-1 (low)
 	- phpbb2 <not-affected> (Vulnerable code not present)
-CVE-2008-1765 (Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and ...)
+CVE-2008-1765
 	NOT-FOR-US: Adobe
-CVE-2008-1764 (Unspecified vulnerability in Opera before 9.27 has unknown impact and ...)
+CVE-2008-1764
 	NOT-FOR-US: Opera
-CVE-2008-1763 (SQL injection vulnerability in _blogadata/include/sond_result.php in ...)
+CVE-2008-1763
 	NOT-FOR-US: Blogator-script
-CVE-2008-1762 (Opera before 9.27 allows remote attackers to cause a denial of service ...)
+CVE-2008-1762
 	NOT-FOR-US: Opera
-CVE-2008-1761 (Opera before 9.27 allows remote attackers to cause a denial of service ...)
+CVE-2008-1761
 	NOT-FOR-US: Opera
-CVE-2008-1760 (Multiple PHP remote file inclusion vulnerabilities in Blogator-script ...)
+CVE-2008-1760
 	NOT-FOR-US: Blogator-script
-CVE-2008-1759 (SQL injection vulnerability in the jeuxflash module for KwsPHP allows ...)
+CVE-2008-1759
 	NOT-FOR-US: KwsPHP
-CVE-2008-1758 (SQL injection vulnerability in the ConcoursPhoto module for KwsPHP ...)
+CVE-2008-1758
 	NOT-FOR-US: KwsPHP
-CVE-2008-1757 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
+CVE-2008-1757
 	NOT-FOR-US: KwsPHP
-CVE-2008-1756 (Unspecified vulnerability in the Qmaster daemon in Sun N1 Grid Engine ...)
+CVE-2008-1756
 	NOT-FOR-US: Sun
-CVE-2008-1755 (Directory traversal vulnerability in the showSource function in ...)
+CVE-2008-1755
 	NOT-FOR-US: World of Phaos
-CVE-2008-1754 (Symantec Altiris Deployment Solution before 6.9.164 stores the ...)
+CVE-2008-1754
 	NOT-FOR-US: Symantec
-CVE-2008-1753 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-1753
 	NOT-FOR-US: Alkacon OpenCMS
-CVE-2008-1752 (ezRADIUS 0.1 stores sensitive information under the web root with ...)
+CVE-2008-1752
 	NOT-FOR-US: ezRADIUS
-CVE-2008-1751 (Multiple directory traversal vulnerabilities in index.php in Ksemail ...)
+CVE-2008-1751
 	NOT-FOR-US: Ksemail
-CVE-2008-1750 (SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and ...)
+CVE-2008-1750
 	NOT-FOR-US: LiveCart
-CVE-2008-1749 (Memory leak in Cisco Content Switching Module (CSM) 4.2(3) up to ...)
+CVE-2008-1749
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1748 (Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before ...)
+CVE-2008-1748
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1747 (Unspecified vulnerability in Cisco Unified Communications Manager 4.1 ...)
+CVE-2008-1747
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1746 (The SNMP Trap Agent service in Cisco Unified Communications Manager ...)
+CVE-2008-1746
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1745 (Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x ...)
+CVE-2008-1745
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1744 (The Certificate Authority Proxy Function (CAPF) service in Cisco ...)
+CVE-2008-1744
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1743 (Memory leak in the Certificate Trust List (CTL) Provider service in ...)
+CVE-2008-1743
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1742 (Memory leak in the Certificate Trust List (CTL) Provider service in ...)
+CVE-2008-1742
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1741 (The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) ...)
+CVE-2008-1741
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1740 (The Presence Engine (PE) service in Cisco Unified Presence before ...)
+CVE-2008-1740
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1739 (Apple QuickTime before 7.4.5 allows remote attackers to cause a denial ...)
+CVE-2008-1739
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1738 (Rising Antivirus 2008 before 20.38.20 allows local users to cause a ...)
+CVE-2008-1738
 	NOT-FOR-US: Rising Antivirus
-CVE-2008-1737 (Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime ...)
+CVE-2008-1737
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2008-1736 (Comodo Firewall Pro before 3.0 does not properly validate certain ...)
+CVE-2008-1736
 	NOT-FOR-US: Comodo Firewall
-CVE-2008-1735 (BitDefender Antivirus 2008 20080118 and earlier allows local users to ...)
+CVE-2008-1735
 	NOT-FOR-US: BitDefender Antivirus
-CVE-2008-1734 (Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux ...)
+CVE-2008-1734
 	NOT-FOR-US: PHP Toolkit (Gentoo specific)
-CVE-2008-1733 (SQL injection vulnerability in puarcade.class.php 2.2 and earlier in ...)
+CVE-2008-1733
 	NOT-FOR-US: Joomla component Pragmatic Utopia PU Arcade
-CVE-2008-1732 (SQL injection vulnerability in showpredictionsformatch.php in ...)
+CVE-2008-1732
 	NOT-FOR-US: Prediction Football
-CVE-2008-1731 (The Simple Access module for Drupal 5.x through 5.x-1.2-2 does not ...)
+CVE-2008-1731
 	NOT-FOR-US: Drupal module Simple Access
-CVE-2008-1730 (Directory traversal vulnerability in download.html in ARWScripts ...)
+CVE-2008-1730
 	NOT-FOR-US: ARWScripts Gallery Script Lite
-CVE-2008-1729 (The menu system in Drupal 6 before 6.2 has incorrect menu settings, ...)
+CVE-2008-1729
 	NOT-FOR-US: Drupal 6 (not packaged yet)
-CVE-2008-1728 (ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows ...)
+CVE-2008-1728
 	NOT-FOR-US: Ignite Realtime Openfire
-CVE-2008-1727 (KnowledgeQuest 2.5 and 2.6 does not require authentication for access ...)
+CVE-2008-1727
 	NOT-FOR-US: KnowledgeQuest
-CVE-2008-1726 (Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when ...)
+CVE-2008-1726
 	NOT-FOR-US: KnowledgeQuest
-CVE-2008-1725 (The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz ...)
+CVE-2008-1725
 	NOT-FOR-US: ActiveX
-CVE-2008-1724 (Stack-based buffer overflow in the IActiveXTransfer.FileTransfer ...)
+CVE-2008-1724
 	NOT-FOR-US: ActiveX
 CVE-2008-1723
 	RESERVED
-CVE-2008-1722 (Multiple integer overflows in (1) filter/image-png.c and (2) ...)
+CVE-2008-1722
 	{DSA-1625-1}
 	- cups 1.3.7-2 (medium; bug #476305)
 	- cupsys 1.3.7-2 (medium; bug #476305)
-CVE-2008-1721 (Integer signedness error in the zlib extension module in Python 2.5.2 ...)
+CVE-2008-1721
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.5-2
 	- python2.5 2.5.2-3
-CVE-2008-1719 (Multiple cross-site request forgery (CSRF) vulnerabilities in Nuke ET ...)
+CVE-2008-1719
 	NOT-FOR-US: Nuke ET
-CVE-2008-1718 (Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, ...)
+CVE-2008-1718
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-1717 (WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 ...)
+CVE-2008-1717
 	NOT-FOR-US: WoltLab Community Framework
-CVE-2008-1716 (Cross-site scripting (XSS) vulnerability in WoltLab Community ...)
+CVE-2008-1716
 	NOT-FOR-US: WoltLab Community Framework
-CVE-2008-1715 (SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and ...)
+CVE-2008-1715
 	NOT-FOR-US: AuraCMS
-CVE-2008-1714 (SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when ...)
+CVE-2008-1714
 	NOT-FOR-US: FaScript FaPhoto
-CVE-2008-1713 (MailServer.exe in NoticeWare Email Server 4.6.1.0 allows remote ...)
+CVE-2008-1713
 	NOT-FOR-US: NoticeWare Email Server
-CVE-2008-1712 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-1712
 	NOT-FOR-US: mx_blogs
-CVE-2008-1711 (Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores ...)
+CVE-2008-1711
 	NOT-FOR-US: Terong PHP Photo Gallery
-CVE-2008-1710 (Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows ...)
+CVE-2008-1710
 	NOT-FOR-US: IBM AIX
-CVE-2008-1709 (Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows ...)
+CVE-2008-1709
 	NOT-FOR-US: Microsoft Visual InterDev
-CVE-2008-1708 (IBM solidDB 06.00.1018 and earlier does not validate a certain field ...)
+CVE-2008-1708
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1707 (IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a ...)
+CVE-2008-1707
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1706 (Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows ...)
+CVE-2008-1706
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1705 (Format string vulnerability in the logging function in IBM solidDB ...)
+CVE-2008-1705
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1887 (Python 2.5.2 and earlier allows context-dependent attackers to execute ...)
+CVE-2008-1887
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.5-2
 	- python2.5 2.5.2-3
-CVE-2008-1877 (tss 0.8.1 allows local users to read arbitrary files via the -a ...)
+CVE-2008-1877
 	- tss <removed> (medium; bug #475747; bug #475736)
-CVE-2008-1720 (Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute ...)
+CVE-2008-1720
 	{DSA-1545-1}
 	- rsync 3.0.2-1
 	NOTE: Etch is affected (it enables the acl upstream patch)
 	NOTE: http://samba.anu.edu.au/rsync/security.html#s3_0_2
-CVE-2008-1704 (Multiple buffer overflows in TIBCO Software Enterprise Message Service ...)
+CVE-2008-1704
 	NOT-FOR-US: TIBCO
-CVE-2008-1703 (Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, ...)
+CVE-2008-1703
 	NOT-FOR-US: TIBCO
-CVE-2008-1702 (Absolute path traversal vulnerability in dload.php in the my_gallery ...)
+CVE-2008-1702
 	NOT-FOR-US: my_gallery plugin for e107
-CVE-2008-1701 (Novell NetWare 6.5 allows attackers to cause a denial of service ...)
+CVE-2008-1701
 	NOT-FOR-US: Novell NetWare
-CVE-2008-1700 (The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite ...)
+CVE-2008-1700
 	NOT-FOR-US: WorkSite Web
-CVE-2008-1699 (SQL injection vulnerability in permalink.php in Desi Quintans Writer's ...)
+CVE-2008-1699
 	NOT-FOR-US: Desi Quintans Writer's Block CMS
-CVE-2008-1698 (Cross-site scripting (XSS) vulnerability in gallery.php in Simple ...)
+CVE-2008-1698
 	NOT-FOR-US: Simple Gallery
-CVE-2008-1697 (Stack-based buffer overflow in ovwparser.dll in HP OpenView Network ...)
+CVE-2008-1697
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-1696 (Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, ...)
+CVE-2008-1696
 	NOT-FOR-US: DaZPHPNews
 CVE-2008-1695
 	RESERVED
-CVE-2008-1694 (vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local ...)
+CVE-2008-1694
 	- emacs21 21.4a+1-5.6 (low; bug #476612)
 	[etch] - emacs21 <no-dsa> (Minor issue)
 	- emacs22 22.2+2-2 (low; bug #476611)
 	- xemacs21 21.4.21-4 (low; bug #476613)
 	[etch] - xemacs21 <no-dsa> (Minor issue)
-CVE-2008-1693 (The CairoFont::create function in CairoFontEngine.cc in Poppler, ...)
+CVE-2008-1693
 	{DSA-1606-1 DSA-1548-1}
 	- xpdf 3.02
 	- poppler 0.6.4-1 (bug #476842)
@@ -13184,384 +13184,384 @@ CVE-2008-1693 (The CairoFont::create function in CairoFontEngine.cc in Poppler,
 	NOTE: a stream or not. Anyone knows a fixed version?
 	- texlive-base <not-affected> (Vulnerable code not present)
 	- swftools <not-affected> (Vulnerable file/code not present)
-CVE-2008-1692 (Eterm 0.9.4 opens a terminal window on :0 if -display is not specified ...)
+CVE-2008-1692
 	- eterm 0.9.4.0debian1-2.1 (unimportant; bug #473127)
-CVE-2008-1691 (Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and ...)
+CVE-2008-1691
 	NOT-FOR-US: SLMail Pro
-CVE-2008-1690 (WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and ...)
+CVE-2008-1690
 	NOT-FOR-US: SLMail Pro
-CVE-2008-1689 (Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and ...)
+CVE-2008-1689
 	NOT-FOR-US: SLMail Pro
-CVE-2008-1688 (Unspecified vulnerability in GNU m4 before 1.4.11 might allow ...)
+CVE-2008-1688
 	- m4 <unfixed> (unimportant)
 	NOTE: The file name is passed through a cmdline argument and m4 doesn't run with
 	NOTE: elevated privileges.
-CVE-2008-1687 (The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before ...)
+CVE-2008-1687
 	- m4 <unfixed> (unimportant)
 	NOTE: This is more a generic bug and not a security issue: the random output would
 	NOTE: need to match the name of an existing macro
-CVE-2008-1686 (Array index vulnerability in Speex 1.1.12 and earlier, as used in ...)
+CVE-2008-1686
 	{DSA-1586-1 DSA-1585-1 DSA-1584-1 DTSA-127-1 DTSA-128-1 DTSA-129-1}
 	- speex 1.2~beta2-1 (medium)
 	- libfishsound 0.7.0-2.2 (medium; bug #475152)
 	- xine-lib 1.1.12-1 (medium)
-CVE-2008-1685 (** DISPUTED ** ...)
+CVE-2008-1685
 	- gcc-4.3 4.3.1-1 (bug #482698; unimportant)
 	NOTE: dup of CVE-2006-1902 which is fixed in Debian?
-CVE-2008-1684 (inetd on Sun Solaris 10, when debug logging is enabled, allows local ...)
+CVE-2008-1684
 	NOT-FOR-US: Sun Solaris
 CVE-2008-1683
 	REJECTED
-CVE-2008-1682 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-1682
 	NOT-FOR-US: com_onlineflashquiz component for Joomla!
-CVE-2008-1681 (Unspecified vulnerability in IBM DB2 Content Manager before 8.3 FP8 ...)
+CVE-2008-1681
 	NOT-FOR-US: IBM DB2IBM DB2
-CVE-2008-1680 (PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain ...)
+CVE-2008-1680
 	NOT-FOR-US: PHP-Nuke Platinum
-CVE-2008-1679 (Multiple integer overflows in imageop.c in Python before 2.5.3 allow ...)
+CVE-2008-1679
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.5-2
 	- python2.5 2.5.2-3
-CVE-2008-1678 (Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c ...)
+CVE-2008-1678
 	{DTSA-131-1}
 	- apache2 2.2.8-4
 	[etch] - apache2 <not-affected> (only a problem with openssl 0.9.8f or later)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=44975
-CVE-2008-1677 (Buffer overflow in the regular expression handler in Red Hat Directory ...)
+CVE-2008-1677
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-1676 (Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate ...)
+CVE-2008-1676
 	NOT-FOR-US: Red Hat Issue
-CVE-2008-1675 (The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux ...)
+CVE-2008-1675
 	- linux-2.6 2.6.25-2 (low)
 	[etch] - linux-2.6 <not-affected> (Tehuti driver not in 2.6.18)
 	- linux-2.6.24 2.6.24-6~etchnhalf.2
 	NOTE: Fixed in 2.6.24.6 and 2.6.25.1
 CVE-2008-1674
 	REJECTED
-CVE-2008-1673 (The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 ...)
+CVE-2008-1673
 	{DSA-1592-1}
 	- linux-2.6 2.6.25-5 (bug #485944)
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
-CVE-2008-1672 (OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of ...)
+CVE-2008-1672
 	{DTSA-136-1}
 	- openssl 0.9.8g-10.1 (bug #483379)
 	[etch] - openssl <not-affected> (Vulnerable code (TLS extensions) not present)
-CVE-2008-1671 (start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, ...)
+CVE-2008-1671
 	{DSA-1867-1}
 	- kdelibs 4:3.5.9.dfsg.1-4 (low; bug #478024)
 	[etch] - kdelibs <no-dsa> (Minor issue)
-CVE-2008-1670 (Heap-based buffer overflow in the progressive PNG Image loader ...)
+CVE-2008-1670
 	- kdelibs <not-affected> (Vulnerable code introduce in kde 4.0)
 	- kde4libs 4:4.0.72-1 (bug #478283)
-CVE-2008-1669 (Linux kernel before 2.6.25.2 does not apply a certain protection ...)
+CVE-2008-1669
 	{DSA-1575-1}
 	- linux-2.6 2.6.25-2 (low)
 	- linux-2.6.24 2.6.24-6~etchnhalf.2
 	NOTE: 0b2bac2f1ea0d33a3621b27ca68b9ae760fca2e9, fixed in 2.6.24.7 and 2.6.25.2
-CVE-2008-1668 (ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns ...)
+CVE-2008-1668
 	NOT-FOR-US: wu-ftpd in HP-UX
-CVE-2008-1667 (The Probe Builder Service (aka PBOVISServer.exe) in European ...)
+CVE-2008-1667
 	NOT-FOR-US: Probe Builder 2.2
-CVE-2008-1666 (Unspecified vulnerability in HP Oracle for OpenView (OfO) 8.1.7, ...)
+CVE-2008-1666
 	NOT-FOR-US: HP Oracle for OpenView
-CVE-2008-1665 (Multiple unspecified vulnerabilities in HP Select Identity (HPSI) ...)
+CVE-2008-1665
 	NOT-FOR-US: HP Select Identity
-CVE-2008-1664 (Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 ...)
+CVE-2008-1664
 	NOT-FOR-US: HP HP-UX
-CVE-2008-1663 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2008-1663
 	NOT-FOR-US: HP System Management Homepage
-CVE-2008-1662 (Unspecified vulnerability in the HP System Administration Manager ...)
+CVE-2008-1662
 	NOT-FOR-US: HP System Administration Manager
-CVE-2008-1661 (Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks ...)
+CVE-2008-1661
 	NOT-FOR-US: HP StorageWorks
-CVE-2008-1660 (Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and ...)
+CVE-2008-1660
 	NOT-FOR-US: HP-UX
-CVE-2008-1659 (Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 ...)
+CVE-2008-1659
 	NOT-FOR-US: HP LDAP-UX
-CVE-2008-1658 (Format string vulnerability in the grant helper ...)
+CVE-2008-1658
 	- policykit-1 0.8-1 (medium; bug #476615; bug #476616)
-CVE-2008-1657 (OpenSSH 4.4 up to versions before 4.9 allows remote authenticated ...)
+CVE-2008-1657
 	- openssh 1:4.7p1-8 (low; bug #475156)
 	[etch] - openssh <not-affected> (Vulnerable functionality was introduced in 4.4)
-CVE-2008-1656 (Adobe ColdFusion 8 and 8.0.1 does not properly implement the public ...)
+CVE-2008-1656
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-1655 (Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, ...)
+CVE-2008-1655
 	- flashplugin-nonfree 1:1.4
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	NOTE: Fix came from Adobe via new Adobe Flash Player, debian package didn't change
-CVE-2008-1654 (Interaction error between Adobe Flash and multiple Universal Plug and ...)
+CVE-2008-1654
 	- flashplugin-nonfree 1:1.4
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2008-1653 (Directory traversal vulnerability in index.php in Sava's Link Manager ...)
+CVE-2008-1653
 	NOT-FOR-US: Sava's Link Manager
-CVE-2008-1652 (Directory traversal vulnerability in the _serve_request_multiple ...)
+CVE-2008-1652
 	- perlbal <not-affected> (Fixed before initial upload to archive)
-CVE-2008-1651 (Directory traversal vulnerability in admin/login.php in EasyNews 4.0 ...)
+CVE-2008-1651
 	NOT-FOR-US: EasyNews
-CVE-2008-1650 (SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 ...)
+CVE-2008-1650
 	NOT-FOR-US: EasyNews
-CVE-2008-1649 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-1649
 	NOT-FOR-US: EasyNews
-CVE-2008-1648 (Sympa before 5.4 allows remote attackers to cause a denial of service ...)
+CVE-2008-1648
 	{DSA-1600-1}
 	- sympa 5.3.4-4 (medium; bug #475163)
-CVE-2008-1647 (The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ...)
+CVE-2008-1647
 	NOT-FOR-US: ChilkatHttp
-CVE-2008-1646 (SQL injection vulnerability in wp-download.php in the WP-Download 1.2 ...)
+CVE-2008-1646
 	NOT-FOR-US: WP-Download plugin for WordPress
-CVE-2008-1645 (Directory traversal vulnerability in body.php in phpSpamManager ...)
+CVE-2008-1645
 	NOT-FOR-US: phpSpamManager
-CVE-2008-1644 (SQL injection vulnerability in viewlinks.php in Sava's Link Manager ...)
+CVE-2008-1644
 	NOT-FOR-US: Sava's Link Manager
-CVE-2008-1643 (Directory traversal vulnerability in the PXE TFTP Service ...)
+CVE-2008-1643
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2008-1642 (Directory traversal vulnerability in index.php in Sava's GuestBook 2.0 ...)
+CVE-2008-1642
 	NOT-FOR-US: Sava's GuestBook
-CVE-2008-1641 (SQL injection vulnerability in default.asp in EfesTECH Video 5.0 ...)
+CVE-2008-1641
 	NOT-FOR-US: EfesTECH Video
-CVE-2008-1640 (SQL injection vulnerability in jgs_treffen.php in the JGS-XA ...)
+CVE-2008-1640
 	NOT-FOR-US: JGS-Treffen
-CVE-2008-1639 (SQL injection vulnerability in index.php in Neat weblog 0.2 allows ...)
+CVE-2008-1639
 	NOT-FOR-US: Neat weblog
-CVE-2008-1638 (Nik Sharpener Pro, possibly 2.0, uses world-writable permissions for ...)
+CVE-2008-1638
 	NOT-FOR-US: Nik Sharpener Pro
-CVE-2008-1637 (PowerDNS Recursor before 3.1.5 uses insufficient randomness to ...)
+CVE-2008-1637
 	{DSA-1544-2 DSA-1544-1}
 	- pdns-recursor 3.1.7-1
 	NOTE: Fix in 3.1.5 was incomplete, see CVE-2008-3217
-CVE-2008-1636 (Cross-site scripting (XSS) vulnerability in index.php in JV2 Quick ...)
+CVE-2008-1636
 	NOT-FOR-US: JV2 Quick Gallery
-CVE-2008-1635 (Directory traversal vulnerability in view_private.php in Keep It ...)
+CVE-2008-1635
 	NOT-FOR-US: Keep It Simple Guest Book
-CVE-2008-1634 (Cross-site scripting (XSS) vulnerability in index.php in JV2 Folder ...)
+CVE-2008-1634
 	NOT-FOR-US: JV2 Folder Gallery
-CVE-2008-1633 (Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown ...)
+CVE-2008-1633
 	- mondo 1:2.2.7-1 (bug #475221)
-CVE-2008-1632 (Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote ...)
+CVE-2008-1632
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1631 (SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 ...)
+CVE-2008-1631
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1630 (Multiple cross-site scripting (XSS) vulnerabilities in CuteFlow 1.5.0 ...)
+CVE-2008-1630
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1629 (Cross-site scripting (XSS) vulnerability in PHPkrm before 1.5.0 allows ...)
+CVE-2008-1629
 	NOT-FOR-US: PHPkrm
-CVE-2008-1628 (Stack-based buffer overflow in the audit_log_user_command function in ...)
+CVE-2008-1628
 	{DTSA-123-1}
 	- audit 1.5.3-2.1 (medium; bug #475227)
 	NOTE: auditd runs as root
-CVE-2008-1627 (CDS Invenio 0.92.1 and earlier allows remote authenticated users to ...)
+CVE-2008-1627
 	NOT-FOR-US: CDS Invenio
-CVE-2008-1626 (SQL injection vulnerability in eggBlog before 4.0.1 allows remote ...)
+CVE-2008-1626
 	NOT-FOR-US: eggBlog
-CVE-2008-1625 (aavmker4.sys in avast! Home and Professional 4.7 for Windows does not ...)
+CVE-2008-1625
 	NOT-FOR-US: avast! Home and Professional
-CVE-2008-1624 (Directory traversal vulnerability in v2demo/page.php in Jshop Server ...)
+CVE-2008-1624
 	NOT-FOR-US: Jshop Server
-CVE-2008-1623 (SQL injection vulnerability in admin_view_image.php in Smoothflash ...)
+CVE-2008-1623
 	NOT-FOR-US: Smoothflash
-CVE-2008-1622 (Multiple PHP remote file inclusion vulnerabilities in GeeCarts allow ...)
+CVE-2008-1622
 	NOT-FOR-US: GeeCarts
-CVE-2008-1621 (Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow ...)
+CVE-2008-1621
 	NOT-FOR-US: GeeCarts
-CVE-2008-1620 (Directory traversal vulnerability in 2X TFTP service (TFTPd.exe) ...)
+CVE-2008-1620
 	NOT-FOR-US: ThinClientServer
-CVE-2008-1619 (The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers ...)
+CVE-2008-1619
 	- xen-3 <not-affected> (Debian Xen does not support ia64)
 	- xen-unstable <not-affected> (Debian Xen does not support ia64)
 	- xen-3.0 <not-affected> (Debian Xen does not support ia64)
-CVE-2008-1618 (The PPTP VPN service in Watchguard Firebox before 10, when performing ...)
+CVE-2008-1618
 	NOT-FOR-US: Watchguard Firebox
-CVE-2008-1617 (Double free vulnerability in Web TransferCtrl Class 8,2,1,4 ...)
+CVE-2008-1617
 	NOT-FOR-US: WorkSite Web
 CVE-2008-1616
 	RESERVED
-CVE-2008-1615 (Linux kernel 2.6.18, and possibly other versions, when running on ...)
+CVE-2008-1615
 	{DSA-1588-1}
 	- linux-2.6 2.6.25-1 (medium; bug #480390)
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
-CVE-2008-1614 (suPHP before 0.6.3 allows local users to gain privileges via (1) a ...)
+CVE-2008-1614
 	{DSA-1550-1 DTSA-124-1}
 	- suphp 0.6.2-2.1 (low; bug #475431)
-CVE-2008-1613 (SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build ...)
+CVE-2008-1613
 	NOT-FOR-US: RedDot CMS
-CVE-2008-1612 (The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows ...)
+CVE-2008-1612
 	{DSA-1646-2}
 	- squid 2.6.18-1 (medium)
-CVE-2008-1611 (Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows ...)
+CVE-2008-1611
 	NOT-FOR-US: TFTP Server for Windows
-CVE-2008-1610 (Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 ...)
+CVE-2008-1610
 	NOT-FOR-US: TFTP Server Pro
-CVE-2008-1609 (Multiple PHP remote file inclusion vulnerabilities in just another ...)
+CVE-2008-1609
 	NOT-FOR-US: JAF CMS
-CVE-2008-1608 (SQL injection vulnerability in postview.php in Clever Copy 3.0 allows ...)
+CVE-2008-1608
 	NOT-FOR-US: Clever Copy
-CVE-2008-1607 (SQL injection vulnerability in haberoku.php in Serbay Arslanhan Bomba ...)
+CVE-2008-1607
 	NOT-FOR-US: Serbay Arslanhan Bomba Haber
-CVE-2008-1606 (Multiple directory traversal vulnerabilities in Elastic Path (EP) 4.1 ...)
+CVE-2008-1606
 	NOT-FOR-US: Elastic Path
-CVE-2008-1605 (The (1) ltmmCaptureCtrl Class, (2) ltmmConvertCtrl Class, and (3) ...)
+CVE-2008-1605
 	NOT-FOR-US: LEADTOOLS
-CVE-2008-1604 (Cross-site scripting (XSS) vulnerability in PerlMailer before 3.02 ...)
+CVE-2008-1604
 	NOT-FOR-US: PerlMailer
-CVE-2008-1603 (Cross-site scripting (XSS) vulnerability in GNB DesignForm before 3.9 ...)
+CVE-2008-1603
 	NOT-FOR-US: GNB DesignForm
-CVE-2008-1602 (Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows ...)
+CVE-2008-1602
 	NOT-FOR-US: Orbit downloader
-CVE-2008-1601 (Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and ...)
+CVE-2008-1601
 	NOT-FOR-US: IBM AIX
-CVE-2008-1600 (The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly ...)
+CVE-2008-1600
 	NOT-FOR-US: IBM AIX
-CVE-2008-1599 (The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly ...)
+CVE-2008-1599
 	NOT-FOR-US: IBM AIX
-CVE-2008-1598 (The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges ...)
+CVE-2008-1598
 	NOT-FOR-US: IBM AIX
-CVE-2008-1597 (The WPAR system call implementation in the kernel in IBM AIX 6.1 ...)
+CVE-2008-1597
 	NOT-FOR-US: IBM AIX
-CVE-2008-1596 (Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument ...)
+CVE-2008-1596
 	NOT-FOR-US: IBM AIX
-CVE-2008-1595 (The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not ...)
+CVE-2008-1595
 	NOT-FOR-US: IBM AIX
-CVE-2008-1594 (The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing ...)
+CVE-2008-1594
 	NOT-FOR-US: IBM AIX
-CVE-2008-1593 (The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, ...)
+CVE-2008-1593
 	NOT-FOR-US: IBM AIX
-CVE-2008-1592 (MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop ...)
+CVE-2008-1592
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-1591 (The pnVarPrepForStore function in PostNuke 0.764 and earlier skips ...)
+CVE-2008-1591
 	NOT-FOR-US: PostNuke
-CVE-2008-1590 (JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch ...)
+CVE-2008-1590
 	NOT-FOR-US: iPhone
-CVE-2008-1589 (Safari on Apple iPhone before 2.0 and iPod touch before 2.0 ...)
+CVE-2008-1589
 	NOT-FOR-US: iPhone
-CVE-2008-1588 (Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows ...)
+CVE-2008-1588
 	- webkit <not-affected> (mac-specific issue)
 	NOTE: http://trac.webkit.org/changeset/23963
 	NOTE: as of 1.1.21, all mac-specific code is no longer even present
 CVE-2008-1587
 	RESERVED
-CVE-2008-1586 (ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod ...)
+CVE-2008-1586
 	NOT-FOR-US: Apple ImageIO
-CVE-2008-1585 (Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler ...)
+CVE-2008-1585
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1584 (Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 ...)
+CVE-2008-1584
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1583 (Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote ...)
+CVE-2008-1583
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1582 (Unspecified vulnerability in Apple QuickTime before 7.5 allows remote ...)
+CVE-2008-1582
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1581 (Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows ...)
+CVE-2008-1581
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1580 (CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically ...)
+CVE-2008-1580
 	NOT-FOR-US: CFNetwork Safari Apple Mac OS
-CVE-2008-1579 (Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote ...)
+CVE-2008-1579
 	NOT-FOR-US: Wiki Server Apple Mac OS
-CVE-2008-1578 (The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 ...)
+CVE-2008-1578
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1577 (Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in ...)
+CVE-2008-1577
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1576 (Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, ...)
+CVE-2008-1576
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1575 (Unspecified vulnerability in the Apple Type Services (ATS) server in ...)
+CVE-2008-1575
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1574 (Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows ...)
+CVE-2008-1574
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1573 (The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X ...)
+CVE-2008-1573
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1572 (Image Capture in Apple Mac OS X before 10.5 does not properly use ...)
+CVE-2008-1572
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1571 (Directory traversal vulnerability in the embedded web server in Image ...)
+CVE-2008-1571
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1566 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine ...)
+CVE-2008-1566
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-1565 (Directory traversal vulnerability in forum/irc/irc.php in the PJIRC ...)
+CVE-2008-1565
 	NOT-FOR-US: PJIRC module for phpBB
-CVE-2008-1564 (Directory traversal vulnerability in Dan Costin File Transfer before ...)
+CVE-2008-1564
 	NOT-FOR-US: Dan Costin File Transfer
-CVE-2008-1563 (The &quot;decode as&quot; feature in packet-bssap.c in the SCCP dissector in ...)
+CVE-2008-1563
 	- wireshark 1.0.0-1 (low)
 	[etch] - wireshark <not-affected> (Only 0.99.6 to 0.99.8 are affected)
-CVE-2008-1562 (The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through ...)
+CVE-2008-1562
 	- wireshark <not-affected> (Only Windows builds are affected according to #1613)
-CVE-2008-1561 (Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) ...)
+CVE-2008-1561
 	- wireshark 1.0.0-1 (low)
 	[etch] - wireshark <not-affected> (Only 0.99.5 to 0.99.8 are affected)
-CVE-2008-1560 (Multiple cross-site scripting (XSS) vulnerabilities in Digiappz ...)
+CVE-2008-1560
 	NOT-FOR-US: Digiappz DigiDomain
-CVE-2008-1559 (SQL injection vulnerability in the Bernard Gilly AlphaContent ...)
+CVE-2008-1559
 	NOT-FOR-US: com_alphacontent component for Joomla!
-CVE-2008-1558 (Uncontrolled array index in the sdpplin_parse function in ...)
+CVE-2008-1558
 	{DSA-1552-1 DTSA-121-1}
 	- mplayer 1.0~rc2-10 (medium; bug #473056)
-CVE-2008-1557 (BolinOS 4.6.1 allows remote attackers to obtain sensitive information ...)
+CVE-2008-1557
 	NOT-FOR-US: BolinOS
-CVE-2008-1556 (Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 ...)
+CVE-2008-1556
 	NOT-FOR-US: BolinOS
-CVE-2008-1555 (Directory traversal vulnerability in ...)
+CVE-2008-1555
 	NOT-FOR-US: BolinOS
-CVE-2008-1554 (SQL injection vulnerability in account/index.php in TopperMod 2.0, ...)
+CVE-2008-1554
 	NOT-FOR-US: TopperMod
-CVE-2008-1553 (Directory traversal vulnerability in mod.php in TopperMod 1.0 allows ...)
+CVE-2008-1553
 	NOT-FOR-US: TopperMod
-CVE-2008-1552 (The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) ...)
+CVE-2008-1552
 	- silc-toolkit 1.1.7-1 (low)
 	- silc-client <not-affected> (links against libsilc)
 	NOTE: this can't result code execution but only in a crash as data_len - i always results
 	NOTE: in -1 and malloc will never succeed and thus not reaching any free
-CVE-2008-1551 (SQL injection vulnerability in viewcat.php in the Photo 3.02 module ...)
+CVE-2008-1551
 	NOT-FOR-US: RunCMS
-CVE-2008-1550 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-1550
 	NOT-FOR-US: CubeCart
-CVE-2008-1549 (Multiple SQL injection vulnerabilities in Aeries Browser Interface ...)
+CVE-2008-1549
 	NOT-FOR-US: Eagle Software Aries Student Information System
-CVE-2008-1548 (Multiple cross-site scripting (XSS) vulnerabilities in Aeries Browser ...)
+CVE-2008-1548
 	NOT-FOR-US: Eagle Software Aries Student Information System
-CVE-2008-1547 (Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft ...)
+CVE-2008-1547
 	NOT-FOR-US: Outlook
-CVE-2008-1546 (servlet/MIMEReceiveServlet in the web controller for Mitsubishi ...)
+CVE-2008-1546
 	NOT-FOR-US: Mitsubishi Electric GB-50 and GB-50A air-conditioning control systems
-CVE-2008-1545 (The setRequestHeader method of the XMLHttpRequest object in Microsoft ...)
+CVE-2008-1545
 	NOT-FOR-US: Microsoft IE7
-CVE-2008-1544 (The setRequestHeader method of the XMLHttpRequest object in Microsoft ...)
+CVE-2008-1544
 	NOT-FOR-US: Microsoft IE7
-CVE-2008-1543 (The Advanced User Interface Pages in the ProST Web Management ...)
+CVE-2008-1543
 	NOT-FOR-US: Airspan WiMAX ProST
-CVE-2008-1542 (Airspan Base Station Distribution Unit (BSDU) has &quot;topsecret&quot; as its ...)
+CVE-2008-1542
 	NOT-FOR-US: BSDU
-CVE-2008-1541 (Directory traversal vulnerability in cgi-bin/his-webshop.pl in HIS ...)
+CVE-2008-1541
 	NOT-FOR-US: HIS Webshop
-CVE-2008-1540 (SQL injection vulnerability in the Datsogallery (com_datsogallery) ...)
+CVE-2008-1540
 	NOT-FOR-US: com_datsogallery module for Joomla!
-CVE-2008-1539 (SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke ...)
+CVE-2008-1539
 	NOT-FOR-US: PHP-Nuke Platinum
-CVE-2008-1538 (Cross-site scripting (XSS) vulnerability in searchAction.do in ...)
+CVE-2008-1538
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2008-1537 (Directory traversal vulnerability in pb_inc/admincenter/index.php in ...)
+CVE-2008-1537
 	NOT-FOR-US: PowerScripts PowerBook
-CVE-2008-1536 (Cross-site scripting (XSS) vulnerability in index.php in Pictures Pro ...)
+CVE-2008-1536
 	NOT-FOR-US: Photo Cart
-CVE-2008-1535 (SQL injection vulnerability in the Matti Kiviharju rekry (aka ...)
+CVE-2008-1535
 	NOT-FOR-US: com_rekry component for Joomla!
-CVE-2008-1534 (Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b ...)
+CVE-2008-1534
 	NOT-FOR-US: PowerPHPBoard
-CVE-2008-1533 (Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! ...)
+CVE-2008-1533
 	NOT-FOR-US: Joomla!
-CVE-2008-1532 (Perlbal before 1.70, when buffered upload is enabled, allows remote ...)
+CVE-2008-1532
 	- perlbal <not-affected> (Fixed before initial upload to archive)
-CVE-2008-1531 (The connection_state_machine function (connections.c) in lighttpd ...)
+CVE-2008-1531
 	{DSA-1540-1}
 	- lighttpd 1.4.19-2 (low; bug #475438)
-CVE-2008-1570 (Race condition in the create_lockpath function in policyd-weight ...)
+CVE-2008-1570
 	{DSA-1531-2}
 	- policyd-weight 0.1.14.17-1 (low)
 	NOTE: http://www.mail-archive.com/policyd-weight-list%40ek-muc.de/msg00798.html
-CVE-2008-1569 (policyd-weight 0.1.14 beta-16 and earlier allows local users to modify ...)
+CVE-2008-1569
 	{DSA-1531-2}
 	- policyd-weight 0.1.14.17-1 (low)
-CVE-2008-1568 (comix 3.6.4 allows attackers to execute arbitrary commands via a ...)
+CVE-2008-1568
 	- comix 3.6.4-1.1 (low; bug #462840)
 	[etch] - comix <no-dsa> (Minor issue)
 	NOTE: comix can't be used in a non-interactive setup thus the impact level
-CVE-2008-1567 (phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) ...)
+CVE-2008-1567
 	{DSA-1557-1}
 	- phpmyadmin 2.11.5.1
 	NOTE: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2
@@ -13569,7 +13569,7 @@ CVE-2008-1567 (phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2)
 	NOTE: session files on a shared host. This limitation is documented with
 	NOTE: PHP, warned against and not a specific vulnerability in phpMyAdmin.
 	NOTE: I hence consider it a security enhancement/feature, not a vulnerability.
-CVE-2008-1530 (GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial ...)
+CVE-2008-1530
 	- gnupg <not-affected> (Only 1.4.8 is affected)
 	NOTE: The next upload was 1.4.9-1, so no vulnerable version was ever in the
 	NOTE: archive
@@ -13578,182 +13578,182 @@ CVE-2008-1530 (GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a de
 	- gnupg2 2.0.9-1 (bug #472928)
 	[etch] - gnupg2 <not-affected> (Only 2.0.8 is affected)
 	[sarge] - gnupg2 <not-affected> (Only 2.0.8 is affected)
-CVE-2008-1529 (ZyXEL Prestige routers have a minimum password length for the admin ...)
+CVE-2008-1529
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1528 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+CVE-2008-1528
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1527 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+CVE-2008-1527
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1526 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+CVE-2008-1526
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1525 (The default SNMP configuration on ZyXEL Prestige routers, including ...)
+CVE-2008-1525
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1524 (The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 ...)
+CVE-2008-1524
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1523 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+CVE-2008-1523
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1522 (ZyXEL Prestige routers, including P-660 and P-661 models with firmware ...)
+CVE-2008-1522
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1521 (ZyXEL Prestige routers, including P-660 and P-661 models with firmware ...)
+CVE-2008-1521
 	NOT-FOR-US: ZyXEL Prestige router firmware
 CVE-2008-1520
 	RESERVED
 CVE-2008-1519
 	RESERVED
-CVE-2008-1518 (Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and ...)
+CVE-2008-1518
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2008-1517 (Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 ...)
+CVE-2008-1517
 	NOT-FOR-US: Apple Mac OS X xnu Kernel
 CVE-2008-1516
 	RESERVED
-CVE-2008-1515 (The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 ...)
+CVE-2008-1515
 	- otrs2 2.2.5-2
 	[etch] - otrs2 <not-affected> (Vulnerable code not present)
 	[etch] - otrs <not-affected> (Vulnerable code not present)
 	[sarge] - otrs <not-affected> (Vulnerable code not present)
 	NOTE: http://packages.qa.debian.org/o/otrs2/news/20080320T211729Z.html
-CVE-2008-1514 (arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions ...)
+CVE-2008-1514
 	{DSA-1655-1 DSA-1653-1}
 	- linux-2.6 2.6.26-8
 	NOTE: s390 specific issue, counterpart for x86 not reproducible with 2.6.24 here
-CVE-2008-1513 (SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and ...)
+CVE-2008-1513
 	NOT-FOR-US: Danneo CMS
-CVE-2008-1512 (Directory traversal vulnerability in admin/admin_xs.php in eXtreme ...)
+CVE-2008-1512
 	NOT-FOR-US: XS module for phpBB
-CVE-2008-1511 (Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 ...)
+CVE-2008-1511
 	NOT-FOR-US: ooComments
-CVE-2008-1510 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-1510
 	NOT-FOR-US: Alkacon OpenCMS
-CVE-2008-1509 (SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier ...)
+CVE-2008-1509
 	NOT-FOR-US: XLPortal
-CVE-2008-1508 (SQL injection vulnerability in EfesTech E-Kont&#246;r and earlier allows ...)
+CVE-2008-1508
 	NOT-FOR-US: EfesTech E-Kontoer
-CVE-2008-1507 (PEEL, possibly 3.x and earlier, has (1) a default info@peel.fr account ...)
+CVE-2008-1507
 	NOT-FOR-US: Peel
-CVE-2008-1506 (PEEL, possibly 3.x and earlier, allows remote attackers to obtain ...)
+CVE-2008-1506
 	NOT-FOR-US: Peel
-CVE-2008-1505 (PHP remote file inclusion vulnerability in the SSTREAMTV custompages ...)
+CVE-2008-1505
 	NOT-FOR-US: com_custompages component for Joomla!
-CVE-2008-1504 (Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven ...)
+CVE-2008-1504
 	NOT-FOR-US: phpMyChat
-CVE-2008-1503 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2008-1503
 	NOT-FOR-US: F5 BIG-IP
-CVE-2008-1501 (The send_user_mode function in s_user.c in (1) Undernet ircu ...)
+CVE-2008-1501
 	- ircd-ircu <not-affected> (Vulnerable code not present)
 	NOTE: vulnerable code introduced later than 2.0.12.10, see: http://hg.quakenet.org/snircd/rev/1ee48bee2f20
 	NOTE: no other possible NULL ptr dereferences of p found and PoC not reproducible
-CVE-2008-1500 (Cross-site scripting (XSS) vulnerability in index.php in TinyPortal ...)
+CVE-2008-1500
 	NOT-FOR-US: TinyPortal
-CVE-2008-1499 (Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in ...)
+CVE-2008-1499
 	NOT-FOR-US: cPanel
-CVE-2008-1498 (Stack-based buffer overflow in the IMAP service in NetWin Surgemail ...)
+CVE-2008-1498
 	NOT-FOR-US: Surgemail
-CVE-2008-1497 (Stack-based buffer overflow in the IMAP service in NetWin SurgeMail ...)
+CVE-2008-1497
 	NOT-FOR-US: Surgemail
-CVE-2008-1496 (Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and ...)
+CVE-2008-1496
 	NOT-FOR-US: PEEL
-CVE-2008-1495 (Unrestricted file upload vulnerability in administrer/produits.php in ...)
+CVE-2008-1495
 	NOT-FOR-US: PEEL
-CVE-2008-1494 (SQL injection vulnerability in inc/module/online.php in Easy-Clanpage ...)
+CVE-2008-1494
 	NOT-FOR-US: Easy-Clanpage
-CVE-2008-1493 (Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 ...)
+CVE-2008-1493
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1492 (Multiple directory traversal vulnerabilities in CoronaMatrix ...)
+CVE-2008-1492
 	NOT-FOR-US: CoronaMatrix
-CVE-2008-1491 (Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ...)
+CVE-2008-1491
 	NOT-FOR-US: ASUS Remote Console
-CVE-2008-1490 (Buffer overflow in a certain Aurigma ActiveX control in ...)
+CVE-2008-1490
 	NOT-FOR-US: ImageUploader4
-CVE-2008-1489 (Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC ...)
+CVE-2008-1489
 	{DSA-1543-1 DTSA-119-1}
 	- vlc 0.8.6.e-1.1 (medium; bug #472635)
-CVE-2008-1488 (Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) ...)
+CVE-2008-1488
 	- php-apc <not-affected> (Fixed before initial upload)
-CVE-2008-1487 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...)
+CVE-2008-1487
 	NOT-FOR-US: LinPHA
-CVE-2008-1486 (SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft ...)
+CVE-2008-1486
 	NOT-FOR-US: Phorum
-CVE-2008-1485 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.16 and earlier ...)
+CVE-2008-1485
 	NOT-FOR-US: PunBB
-CVE-2008-1484 (The password reset feature in PunBB 1.2.16 and earlier uses ...)
+CVE-2008-1484
 	NOT-FOR-US: PunBB
-CVE-2008-1483 (OpenSSH 4.3p2, and probably other versions, allows local users to ...)
+CVE-2008-1483
 	{DSA-1576-1}
 	- openssh 1:4.7p1-5 (bug #463011)
-CVE-2008-1482 (Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote ...)
+CVE-2008-1482
 	{DSA-1586-1 DTSA-120-1}
 	- xine-lib 1.1.11.1-1 (medium; bug #472639)
-CVE-2008-1481 (Cross-site scripting (XSS) vulnerability in index.php in webSPELL ...)
+CVE-2008-1481
 	NOT-FOR-US: webSPELL
-CVE-2008-1480 (rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial ...)
+CVE-2008-1480
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1479 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2008-1479
 	NOT-FOR-US: cfnetgs
-CVE-2008-1478 (Home FTP Server 1.4.5.89 allows remote attackers to cause a denial of ...)
+CVE-2008-1478
 	NOT-FOR-US: Home FTP Server
-CVE-2008-1477 (Multiple cross-site scripting (XSS) vulnerabilities in busca.php in ...)
+CVE-2008-1477
 	NOT-FOR-US: eForum
-CVE-2008-1475 (The xml-rpc server in Roundup 1.4.4 does not check property ...)
+CVE-2008-1475
 	- roundup 1.4.4-1.1 (medium; bug #484728)
 	[etch] - roundup <not-affected> (xml-rpc code introduced in 1.4.0)
-CVE-2008-1474 (Multiple unspecified vulnerabilities in Roundup before 1.4.4 have ...)
+CVE-2008-1474
 	{DSA-1554-1}
 	- roundup 1.3.3-3.1 (low; bug #472643)
-CVE-2008-1473 (The Altiris Client Service (AClient.exe) in Symantec Altiris ...)
+CVE-2008-1473
 	NOT-FOR-US: Symantec Altiris
-CVE-2008-1472 (Stack-based buffer overflow in the ListCtrl ActiveX Control ...)
+CVE-2008-1472
 	NOT-FOR-US: ARCserve Backup
-CVE-2008-1471 (The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ ...)
+CVE-2008-1471
 	NOT-FOR-US: Panda Internet Security/Antivirus+ Firewall
-CVE-2008-1470 (Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID ...)
+CVE-2008-1470
 	NOT-FOR-US: WebID RSA Authentication Agent
-CVE-2008-1469 (Gallarific Free Edition 1.1 does not require authentication for (1) ...)
+CVE-2008-1469
 	NOT-FOR-US: Gallarific
-CVE-2008-1468 (Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu ...)
+CVE-2008-1468
 	- namazu2 2.0.18-0.1 (low; bug #472644)
-CVE-2008-1467 (** DISPUTED ** ...)
+CVE-2008-1467
 	- centerim 4.22.3-1 (unimportant; bug #472649)
 	NOTE: the victim needs to list the URLs in the message with F2 and press enter on it
 	NOTE: the victim can see the complete URL including the commands however so the impact is really low
-CVE-2008-1466 (Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 ...)
+CVE-2008-1466
 	NOT-FOR-US: W-Agora
-CVE-2008-1465 (SQL injection vulnerability in the Detodas Restaurante ...)
+CVE-2008-1465
 	NOT-FOR-US: com_restaurante component for Mambo and Joomla!
-CVE-2008-1464 (Multiple SQL injection vulnerabilities in Gallarific Free Edition 1.1 ...)
+CVE-2008-1464
 	NOT-FOR-US: Gallarific
-CVE-2008-1463 (Cross-site scripting (XSS) vulnerability in the management GUI in ...)
+CVE-2008-1463
 	NOT-FOR-US: Imperva SecureSphere MX Management Server
-CVE-2008-1462 (SQL injection vulnerability in the sections (Section) module in RunCMS ...)
+CVE-2008-1462
 	NOT-FOR-US: RunCMS
-CVE-2008-1461 (Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers ...)
+CVE-2008-1461
 	NOT-FOR-US: XnView
-CVE-2008-1460 (SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and ...)
+CVE-2008-1460
 	NOT-FOR-US: com_joovideo component for Mambo and Joomla!
-CVE-2008-1459 (SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and ...)
+CVE-2008-1459
 	NOT-FOR-US: com_alberghi component for Mambo and Joomla!
-CVE-2008-1458 (Cross-site scripting (XSS) vulnerability in index.php in CS-Cart 1.3.2 ...)
+CVE-2008-1458
 	NOT-FOR-US: CS-Cart
-CVE-2008-1457 (The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...)
+CVE-2008-1457
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2008-1456 (Array index vulnerability in the Event System in Microsoft Windows ...)
+CVE-2008-1456
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2008-1455 (A &quot;memory calculation error&quot; in Microsoft Office PowerPoint 2000 SP3, ...)
+CVE-2008-1455
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2008-1454 (Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server ...)
+CVE-2008-1454
 	NOT-FOR-US: Windows issue
-CVE-2008-1453 (The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista ...)
+CVE-2008-1453
 	NOT-FOR-US: Windows Xp
 CVE-2008-1452
 	REJECTED
-CVE-2008-1451 (The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 ...)
+CVE-2008-1451
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-1450
 	REJECTED
 CVE-2008-1449
 	REJECTED
-CVE-2008-1448 (The MHTML protocol handler in a component of Microsoft Outlook Express ...)
+CVE-2008-1448
 	NOT-FOR-US: Microsoft Outlook Express
-CVE-2008-1447 (The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, ...)
+CVE-2008-1447
 	{DSA-1605-1 DSA-1604-1 DSA-1623-1 DSA-1619-1 DSA-1617-1 DSA-1603-1 DTSA-147-1}
 	- bind9 1:9.5.0.dfsg-5 (high)
 	NOTE: glibc stub resolver relies on source port randomisation in kernel
@@ -13777,53 +13777,53 @@ CVE-2008-1447 (The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0
 	NOTE: already use source port randomization.
 	NOTE: Marking non-caching stub resolvers as low since these really should be fixed,
 	NOTE: but are much less vulnerable than a caching server.
-CVE-2008-1446 (Integer overflow in the Internet Printing Protocol (IPP) ISAPI ...)
+CVE-2008-1446
 	NOT-FOR-US: Microsoft
-CVE-2008-1445 (Active Directory on Microsoft Windows 2000 Server SP4, XP Professional ...)
+CVE-2008-1445
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-1444 (Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on ...)
+CVE-2008-1444
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-1443
 	REJECTED
-CVE-2008-1442 (Heap-based buffer overflow in the substringData method in Microsoft ...)
+CVE-2008-1442
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-1441 (Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold ...)
+CVE-2008-1441
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-1440 (Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does ...)
+CVE-2008-1440
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-1439
 	REJECTED
-CVE-2008-1438 (Unspecified vulnerability in Microsoft Malware Protection Engine ...)
+CVE-2008-1438
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2008-1437 (Unspecified vulnerability in Microsoft Malware Protection Engine ...)
+CVE-2008-1437
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2008-1436 (Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 ...)
+CVE-2008-1436
 	NOT-FOR-US: Windows
-CVE-2008-1435 (Windows Explorer in Microsoft Windows Vista up to SP1, and Server ...)
+CVE-2008-1435
 	NOT-FOR-US: Windows issue
-CVE-2008-1434 (Use-after-free vulnerability in Microsoft Word in Office 2000 and XP ...)
+CVE-2008-1434
 	NOT-FOR-US: Microsoft Word
 CVE-2008-1433
 	REJECTED
-CVE-2008-1432 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ...)
+CVE-2008-1432
 	NOT-FOR-US: ManageEngine SupportCenter Plus
-CVE-2008-1431 (RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a ...)
+CVE-2008-1431
 	NOT-FOR-US: RaidSonic NAS-4220-B firmware
-CVE-2008-1430 (SQL injection vulnerability in links.asp in ASPapp allows remote ...)
+CVE-2008-1430
 	NOT-FOR-US: ASPapp
-CVE-2008-1429 (Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows ...)
+CVE-2008-1429
 	- silc-server 1.1.1-1 (medium)
-CVE-2008-1428 (Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart ...)
+CVE-2008-1428
 	NOT-FOR-US: Ubercart
-CVE-2008-1427 (SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 ...)
+CVE-2008-1427
 	NOT-FOR-US: com_acajoom component for Joomla!
-CVE-2008-1426 (SQL injection vulnerability in album.asp in KAPhotoservice allows ...)
+CVE-2008-1426
 	NOT-FOR-US: KAPhotoservice
-CVE-2008-1425 (SQL injection vulnerability in index.php in the gallery module in ...)
+CVE-2008-1425
 	NOT-FOR-US: Easy-Clanpage
 CVE-2008-1424
 	RESERVED
-CVE-2008-1423 (Integer overflow in a certain quantvals and quantlist calculation in ...)
+CVE-2008-1423
 	{DSA-1591-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -13832,86 +13832,86 @@ CVE-2008-1422
 	REJECTED
 CVE-2008-1421
 	REJECTED
-CVE-2008-1420 (Integer overflow in residue partition value (aka partvals) evaluation ...)
+CVE-2008-1420
 	{DSA-1591-1}
 	- libvorbisidec <not-affected> (Vulnerable code not present)
 	- libvorbis 1.2.0.dfsg-3.1 (bug #482518)
-CVE-2008-1419 (Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero ...)
+CVE-2008-1419
 	{DSA-1591-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
 	- libvorbis 1.2.0.dfsg-3.1 (bug #482518)
 CVE-2008-1418
 	RESERVED
-CVE-2008-1416 (Multiple PHP remote file inclusion vulnerabilities in PHPauction GPL ...)
+CVE-2008-1416
 	NOT-FOR-US: PHPauction GPL
-CVE-2008-1415 (Directory traversal vulnerability in index.php in Multiple Time Sheets ...)
+CVE-2008-1415
 	NOT-FOR-US: Multiple Time Sheets
-CVE-2008-1414 (Cross-site scripting (XSS) vulnerability in Multiple Time Sheets (MTS) ...)
+CVE-2008-1414
 	NOT-FOR-US: Multiple Time Sheets
-CVE-2008-1413 (Cross-site scripting (XSS) vulnerability in search.php in SNewsCMS Rus ...)
+CVE-2008-1413
 	NOT-FOR-US: SNewsCMS Rus
-CVE-2008-1412 (Unspecified vulnerability in multiple F-Secure anti-virus products, ...)
+CVE-2008-1412
 	NOT-FOR-US: F-Secure anti-virus
-CVE-2008-1411 (The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and ...)
+CVE-2008-1411
 	NOT-FOR-US: Acronis Snap Deploy
-CVE-2008-1410 (Directory traversal vulnerability in the PXE Server (pxesrv.exe) in ...)
+CVE-2008-1410
 	NOT-FOR-US: Acronis Snap Deploy
-CVE-2008-1409 (Multiple directory traversal vulnerabilities in the Default theme in ...)
+CVE-2008-1409
 	NOT-FOR-US: Exero CMS
-CVE-2008-1408 (SQL injection vulnerability in includes/functions/banners-external.php ...)
+CVE-2008-1408
 	NOT-FOR-US: phpBP
-CVE-2008-1407 (SQL injection vulnerability in index.php in the WebChat 1.60 module ...)
+CVE-2008-1407
 	NOT-FOR-US: WebChat module for eXV2
-CVE-2008-1406 (SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 ...)
+CVE-2008-1406
 	NOT-FOR-US: MyAnnonces
-CVE-2008-1405 (PHP remote file inclusion vulnerability in code/display.php in ...)
+CVE-2008-1405
 	NOT-FOR-US: fuzzylime
-CVE-2008-1404 (SQL injection vulnerability in index.php in the Viso (Industry Book) ...)
+CVE-2008-1404
 	NOT-FOR-US: Viso module for eXV2
-CVE-2008-1403 (Stack-based buffer overflow in the TFTP server in BootManage TFTPD ...)
+CVE-2008-1403
 	NOT-FOR-US: BootManage TFTPD
-CVE-2008-1402 (MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote ...)
+CVE-2008-1402
 	NOT-FOR-US: MG-SOFT Net Inspector
-CVE-2008-1401 (Format string vulnerability in the Net Inspector HTTP server (mghttpd) ...)
+CVE-2008-1401
 	NOT-FOR-US: MG-SOFT Net Inspector
-CVE-2008-1400 (Directory traversal vulnerability in the Net Inspector HTTP Server ...)
+CVE-2008-1400
 	NOT-FOR-US: MG-SOFT Net Inspector
-CVE-2008-1399 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2008-1399
 	NOT-FOR-US: Clansphere
-CVE-2008-1398 (SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 ...)
+CVE-2008-1398
 	NOT-FOR-US: AuraCMS
-CVE-2008-1397 (Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 ...)
+CVE-2008-1397
 	NOT-FOR-US: Check Point VPN
-CVE-2008-1396 (Plone CMS 3.x uses invariant data (a client username and a server ...)
+CVE-2008-1396
 	- plone3 <removed> (low; bug #473571)
 	[lenny] - plone3 <no-dsa> (Only an issue if not following best practices, see bug #473571)
-CVE-2008-1395 (Plone CMS does not record users' authentication states, and implements ...)
+CVE-2008-1395
 	- plone3 <removed> (low; bug #473571)
 	[lenny] - plone3 <no-dsa> (Only an issue if not following best practices, see bug #473571)
-CVE-2008-1394 (Plone CMS before 3 places a base64 encoded form of the username and ...)
+CVE-2008-1394
 	- zope-cmfplone <removed>
 	[etch] - zope-cmfplone <no-dsa> (low)
 	NOTE: doesn't apply to v3
 	NOTE: more a security enhancement
-CVE-2008-1393 (Plone CMS 3.0.5, and probably other 3.x versions, places a base64 ...)
+CVE-2008-1393
 	- plone3 <removed> (low; bug #473571; bug #486333)
 	[lenny] - plone3 <no-dsa> (Only an issue if not following best practices, see bug #473571)
-CVE-2008-1392 (The default configuration of VMware Workstation 6.0.2, VMware Player ...)
+CVE-2008-1392
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-1476 (Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before ...)
+CVE-2008-1476
 	{DSA-1528-1}
 	- serendipity 1.3-1
 	NOTE: http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
-CVE-2008-1502 (The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in ...)
+CVE-2008-1502
 	{DSA-1871-2 DSA-1871-1 DSA-1691-1}
 	- egroupware 1.4.002.dfsg-2.1 (bug #471839)
 	- wordpress 2.5.0-1 (bug #504243)
 	- moodle 1.8.2-1.3 (bug #489533)
-CVE-2008-1391 (Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, ...)
+CVE-2008-1391
 	{DSA-2058-1}
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-7 <not-affected> (see bug #483152)
@@ -13922,80 +13922,80 @@ CVE-2008-1391 (Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=199eb0de8d
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=10600
 	NOTE: PoC php -r 'money_format("%.1073741821i",1);' I can reproduce on 32bit, not 64bit
-CVE-2008-1390 (The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before ...)
+CVE-2008-1390
 	- asterisk 1:1.4.19.1~dfsg-1 (low)
 	[etch] - asterisk <not-affected> (Only 1.4.x affected)
 	[sarge] - asterisk <not-affected> (Only 1.4.x affected)
-CVE-2008-1389 (libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows ...)
+CVE-2008-1389
 	- clamav 0.94.dfsg-1
 	[etch] - clamav <not-affected> (parsing does not continue on error)
 	NOTE: see <20081203184852.GB30968@l03.local>
 CVE-2008-1388
 	RESERVED
-CVE-2008-1387 (ClamAV before 0.93 allows remote attackers to cause a denial of ...)
+CVE-2008-1387
 	- clamav 0.92.1~dfsg2-1
 	[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2008-1386 (Multiple cross-site scripting (XSS) vulnerabilities in the installer ...)
+CVE-2008-1386
 	- serendipity <not-affected> (Vulnerable code not present)
 	NOTE: we do not ship the serendipity installer
-CVE-2008-1385 (Cross-site scripting (XSS) vulnerability in the Top Referrers (aka ...)
+CVE-2008-1385
 	- serendipity 1.3.1-1 (low)
 	NOTE: etch affected, but only in specific plugin.
-CVE-2008-1384 (Integer overflow in PHP 5.2.5 and earlier allows context-dependent ...)
+CVE-2008-1384
 	{DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: http://securityreason.com/achievement_securityalert/52
 	NOTE: Only exploitable through malicious script
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/formatted_print.c?r1=1.104&r2=1.105&diff_format=u
-CVE-2008-1383 (The docert function in ssl-cert.eclass, when used by src_compile or ...)
+CVE-2008-1383
 	NOT-FOR-US: Gentoo Linux Ebuilds
-CVE-2008-1382 (libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 ...)
+CVE-2008-1382
 	- libpng 1.2.26-1 (low; bug #476669)
 	NOTE: 1.2.26-1 contains a patch to fix that
 	[etch] - libpng 1.2.15~beta5-1+etch2
-CVE-2008-1381 (ZoneMinder before 1.23.3 allows remote authenticated users, and ...)
+CVE-2008-1381
 	{DTSA-130-1}
 	- zoneminder 1.23.3-1 (medium; bug #479034)
 	NOTE: http://www.awe.com/mark/blog/200804272230.html
-CVE-2008-1380 (The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird ...)
+CVE-2008-1380
 	{DSA-1696-1 DSA-1562-1 DSA-1558-1 DSA-1555-1}
 	- iceweasel 2.0.0.14-1
 	- icedove 2.0.0.14-1
 	- iceape 1.1.9-2
 	- xulrunner 1.8.1.14-1
-CVE-2008-1379 (Integer overflow in the fbShmPutImage function in the MIT-SHM ...)
+CVE-2008-1379
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
 CVE-2008-1378
 	REJECTED
-CVE-2008-1377 (The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients ...)
+CVE-2008-1377
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-1376 (A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on ...)
+CVE-2008-1376
 	NOT-FOR-US: Red Hat build script
-CVE-2008-1375 (Race condition in the directory notification subsystem (dnotify) in ...)
+CVE-2008-1375
 	{DSA-1565-1}
 	- linux-2.6 2.6.25-2 (low)
 	- linux-2.6.24 2.6.24-6~etchnhalf.2
-CVE-2008-1374 (Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux ...)
+CVE-2008-1374
 	- cupsys <not-affected> (Redhat-specific incomplete patch, upstream patch is complete)
 	- cups <not-affected> (Redhat-specific incomplete patch, upstream patch is complete)
-CVE-2008-1373 (Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows ...)
+CVE-2008-1373
 	{DSA-1625-1 DTSA-122-1}
 	- cupsys 1.3.7-1 (medium)
 	- cups 1.3.7-1 (medium)
-CVE-2008-1372 (bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to ...)
+CVE-2008-1372
 	- bzip2 1.0.5-0.1 (low; bug #471670)
 	[etch] - bzip2 <no-dsa> (Pure crasher, no code injection, mostly a regular bug)
-CVE-2008-1371 (Absolute path traversal vulnerability in install/index.php in Drake ...)
+CVE-2008-1371
 	NOT-FOR-US: Drake CMS
-CVE-2008-1370 (PHP remote file inclusion vulnerability in index.php in wildmary Yap ...)
+CVE-2008-1370
 	NOT-FOR-US: wildmary Yap Blog
-CVE-2008-1369 (A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and ...)
+CVE-2008-1369
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1368 (CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 ...)
+CVE-2008-1368
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-1367 (gcc 4.3.x does not generate a cld instruction while compiling ...)
+CVE-2008-1367
 	- linux-2.6 2.6.24-5 (bug #469058)
 	[etch] - linux-2.6 <not-affected> (Only exposed with GCC 4.3)
 	- kfreebsd-6 6.3-4 (bug #469564)
@@ -14003,513 +14003,513 @@ CVE-2008-1367 (gcc 4.3.x does not generate a cld instruction while compiling ...
 	- gcc-4.3 4.3.0-2 (bug #469567)
 	- glibc 2.7-8 (bug #465583)
 	[etch] - glibc <not-affected> (Problem only exposed with GCC 4.3)
-CVE-2008-1366 (Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and ...)
+CVE-2008-1366
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2008-1365 (Stack-based buffer overflow in Trend Micro OfficeScan Corporate ...)
+CVE-2008-1365
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2008-1364 (Unspecified vulnerability in the DHCP service in VMware Workstation ...)
+CVE-2008-1364
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-1363 (VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware ...)
+CVE-2008-1363
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-1362 (VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware ...)
+CVE-2008-1362
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-1361 (VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware ...)
+CVE-2008-1361
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-1359 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB ...)
+CVE-2008-1359
 	NOT-FOR-US: Invision Power Board
-CVE-2008-1358 (Stack-based buffer overflow in the IMAP server in Alt-N Technologies ...)
+CVE-2008-1358
 	NOT-FOR-US: MDaemon
-CVE-2008-1357 (Format string vulnerability in the logDetail function of applib.dll in ...)
+CVE-2008-1357
 	NOT-FOR-US: McAfee Common Management Agent
-CVE-2008-1356 (Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java ...)
+CVE-2008-1356
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1355 (Cross-site scripting (XSS) vulnerability in index.php in Jeebles ...)
+CVE-2008-1355
 	NOT-FOR-US: Jeebles Directory
-CVE-2008-1354 (SQL injection vulnerability in MyIssuesView.asp in Advanced Data ...)
+CVE-2008-1354
 	NOT-FOR-US: VSO-XP
-CVE-2008-1353 (zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a ...)
+CVE-2008-1353
 	- zabbix 1:1.4.5-1 (low; bug #471678)
 	[etch] - zabbix <no-dsa> (Minor issue)
-CVE-2008-1352 (Directory traversal vulnerability in search.php in EdiorCMS (ecms) 3.0 ...)
+CVE-2008-1352
 	NOT-FOR-US: EdiorCMS
-CVE-2008-1351 (SQL injection vulnerability in the Tutorials 2.1b module for XOOPS ...)
+CVE-2008-1351
 	NOT-FOR-US: Tutorials module for XOOPS
-CVE-2008-1350 (SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) ...)
+CVE-2008-1350
 	NOT-FOR-US: Fully Modded phpBB
-CVE-2008-1349 (SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama ...)
+CVE-2008-1349
 	NOT-FOR-US: bamaGalerie
-CVE-2008-1348 (Cross-site scripting (XSS) vulnerability in index.php in the eWebsite ...)
+CVE-2008-1348
 	NOT-FOR-US: eWeather module for PHP-Nuke
-CVE-2008-1347 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-1347
 	NOT-FOR-US: MyioSoft EasyGallery
-CVE-2008-1346 (SQL injection vulnerability in staticpages/easygallery/index.php in ...)
+CVE-2008-1346
 	NOT-FOR-US: MyioSoft EasyGallery
-CVE-2008-1345 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-1345
 	NOT-FOR-US: MyioSoft EasyCalendar
-CVE-2008-1344 (Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr ...)
+CVE-2008-1344
 	NOT-FOR-US: MyioSoft EasyCalendar
-CVE-2008-1343 (Directory traversal vulnerability in (1) pkgadd and (2) pkgrm in SCO ...)
+CVE-2008-1343
 	NOT-FOR-US: SCO Unixware
-CVE-2008-1342 (Multiple cross-site scripting (XSS) vulnerabilities in the search ...)
+CVE-2008-1342
 	NOT-FOR-US: Polymita BPM-Suite and CollagePortal
-CVE-2008-1341 (SQL injection vulnerability in SearchResults.aspx in LaGarde ...)
+CVE-2008-1341
 	NOT-FOR-US: LaGarde StoreFront
-CVE-2008-1340 (Virtual Machine Communication Interface (VMCI) in VMware Workstation ...)
+CVE-2008-1340
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-1339
 	RESERVED
-CVE-2008-1338 (The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and ...)
+CVE-2008-1338
 	NOT-FOR-US: Perforce Server
-CVE-2008-1337 (The instant message service in Timbuktu Pro 8.6.5 RC 229 and earlier ...)
+CVE-2008-1337
 	NOT-FOR-US: Timbuktu Pro for Windows
-CVE-2008-1336 (SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows ...)
+CVE-2008-1336
 	NOT-FOR-US: Koobi CMS
-CVE-2008-1335 (The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 ...)
+CVE-2008-1335
 	NOT-FOR-US: NetBSD
-CVE-2008-1334 (cgi/b on the BT Home Hub router allows remote attackers to bypass ...)
+CVE-2008-1334
 	NOT-FOR-US: BT Home Hub router
-CVE-2008-1333 (Format string vulnerability in Asterisk Open Source 1.6.x before ...)
+CVE-2008-1333
 	{DSA-1525-1}
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
 	NOTE: Etch's release is unimportant, since not exploitable, but was fixed anyway
 	[sarge] - asterisk <not-affected> (Only 1.6.x affected)
-CVE-2008-1332 (Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, ...)
+CVE-2008-1332
 	{DSA-1525-1}
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
-CVE-2008-1331 (cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access ...)
+CVE-2008-1331
 	NOT-FOR-US: OmniPCX Office
-CVE-2008-1330 (Unspecified vulnerability in the Windows client API in Novell ...)
+CVE-2008-1330
 	NOT-FOR-US: Novell Groupwise
-CVE-2008-1329 (Unspecified vulnerability in the NetBackup service in CA ARCserve ...)
+CVE-2008-1329
 	NOT-FOR-US: CA ARCserve
-CVE-2008-1328 (Buffer overflow in the LGServer service in CA ARCserve Backup for ...)
+CVE-2008-1328
 	NOT-FOR-US: CA ARCserve
-CVE-2008-1327 (Gallarific does not require authentication for (1) users.php and (2) ...)
+CVE-2008-1327
 	NOT-FOR-US: Gallarific
-CVE-2008-1326 (Cross-site scripting (XSS) vulnerability in search.php in Gallarific ...)
+CVE-2008-1326
 	NOT-FOR-US: Gallarific
-CVE-2008-1325 (Multiple directory traversal vulnerabilities in index.php in Uberghey ...)
+CVE-2008-1325
 	NOT-FOR-US: Uberghey CMS
-CVE-2008-1324 (Multiple directory traversal vulnerabilities in index.php in ...)
+CVE-2008-1324
 	NOT-FOR-US: Travelsized CMS
-CVE-2008-1323 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+CVE-2008-1323
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-1322 (The File Check Utility (fcheck.exe) in ASG-Sentry Network Manager ...)
+CVE-2008-1322
 	NOT-FOR-US: ASG-Sentry Network Manager
-CVE-2008-1321 (The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier ...)
+CVE-2008-1321
 	NOT-FOR-US: ASG-Sentry Network Manager
-CVE-2008-1320 (Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and ...)
+CVE-2008-1320
 	NOT-FOR-US: ASG-Sentry Network Manager
-CVE-2008-1319 (Untrusted search path and argument injection vulnerability in the ...)
+CVE-2008-1319
 	NOT-FOR-US: Versant Object Database
-CVE-2008-1317 (Unspecified vulnerability in the Inter-Process Communication (IPC) ...)
+CVE-2008-1317
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1316 (SQL injection vulnerability in qtf_ind_search_ov.php in QT-cute ...)
+CVE-2008-1316
 	NOT-FOR-US: QuickTalk Forum
-CVE-2008-1315 (SQL injection vulnerability in the ZClassifieds module for PHP-Nuke ...)
+CVE-2008-1315
 	NOT-FOR-US: ZClassifieds module for PHP-Nuke
-CVE-2008-1314 (SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module ...)
+CVE-2008-1314
 	NOT-FOR-US: Johannes Hass gaestebuch
-CVE-2008-1313 (Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and ...)
+CVE-2008-1313
 	NOT-FOR-US: Bloo
-CVE-2008-1312 (Unspecified vulnerability in the TFTP server in PacketTrap Networks ...)
+CVE-2008-1312
 	NOT-FOR-US: PacketTrap Networks Tool Suite
-CVE-2008-1311 (The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and ...)
+CVE-2008-1311
 	NOT-FOR-US: PacketTrap Networks Tool Suite
-CVE-2008-1310 (Directory traversal vulnerability in the TFTP server in PacketTrap ...)
+CVE-2008-1310
 	NOT-FOR-US: PacketTrap Networks Tool Suite
-CVE-2008-1309 (The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in ...)
+CVE-2008-1309
 	NOT-FOR-US: RealPlayer
-CVE-2008-1308 (SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 ...)
+CVE-2008-1308
 	NOT-FOR-US: NukeC30 module for PHP-Nuke
-CVE-2008-1307 (Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in ...)
+CVE-2008-1307
 	NOT-FOR-US: KingSoft Antivirus
-CVE-2008-1306 (Multiple cross-site scripting (XSS) vulnerabilities in Savvy Content ...)
+CVE-2008-1306
 	NOT-FOR-US: Savvy Content Manager
-CVE-2008-1305 (SQL injection vulnerability in filebase.php in the Filebase mod for ...)
+CVE-2008-1305
 	NOT-FOR-US: Filebase mod for phpBb
-CVE-2008-1304 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.3.2 ...)
+CVE-2008-1304
 	- wordpress <not-affected> (Vulnerable code not present)
 	NOTE: referring to upstream this only affected wordpress.com and not the regular wordpress code
-CVE-2008-1303 (The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and ...)
+CVE-2008-1303
 	NOT-FOR-US: Perforce Server
-CVE-2008-1302 (The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and ...)
+CVE-2008-1302
 	NOT-FOR-US: Perforce Server
-CVE-2008-1301 (Absolute path traversal vulnerability in ...)
+CVE-2008-1301
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2008-1300 (Cross-site scripting (XSS) vulnerability in the Logfile Viewer ...)
+CVE-2008-1300
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2008-1299 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ...)
+CVE-2008-1299
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2008-1298 (SQL injection vulnerability in Hadith module for PHP-Nuke allows ...)
+CVE-2008-1298
 	NOT-FOR-US: Hadith module for PHP-Nuke
-CVE-2008-1297 (SQL injection vulnerability in index.php in the eWriting ...)
+CVE-2008-1297
 	NOT-FOR-US: com_ewriting module for Mambo and Joomla!
-CVE-2008-1296 (Multiple cross-site scripting (XSS) vulnerabilities in EncapsGallery ...)
+CVE-2008-1296
 	NOT-FOR-US: EncapsGallery
-CVE-2008-1295 (SQL injection vulnerability in archives.php in Gregory Kokanosky (aka ...)
+CVE-2008-1295
 	NOT-FOR-US: phpMyNewsletter
-CVE-2008-1292 (ViewVC before 1.0.5 provides revision metadata without properly ...)
+CVE-2008-1292
 	- viewvc 1.0.5-0.1 (bug #471380)
-CVE-2008-1291 (ViewVC before 1.0.5 stores sensitive information under the web root ...)
+CVE-2008-1291
 	- viewvc 1.0.5-0.1 (bug #471380)
-CVE-2008-1290 (ViewVC before 1.0.5 includes &quot;all-forbidden&quot; files within search ...)
+CVE-2008-1290
 	- viewvc 1.0.5-0.1 (bug #471380)
-CVE-2008-1289 (Multiple buffer overflows in Asterisk Open Source 1.4.x before ...)
+CVE-2008-1289
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
 	[etch] - asterisk <not-affected> (Only 1.4.x and above affected)
 	[sarge] - asterisk <not-affected> (Only 1.4.x and above affected)
-CVE-2008-1360 (Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows ...)
+CVE-2008-1360
 	{DSA-1883-2 DSA-1883-1}
 	- nagios2 2.11-1 (low)
-CVE-2008-1417 (The prerm script in axyl 2.1.7 allows local users to overwrite ...)
+CVE-2008-1417
 	- axyl 2.2.0 (low; bug #471227)
 	[sarge] - axyl <not-affected> (Vulnerable code not present)
 	[etch] - axyl <not-affected> (Vulnerable code not present)
-CVE-2008-1294 (Linux kernel 2.6.17, and other versions before 2.6.22, does not check ...)
+CVE-2008-1294
 	{DSA-1565-1}
 	- linux-2.6 2.6.22-1 (low)
-CVE-2008-1318 (Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows ...)
+CVE-2008-1318
 	- mediawiki 1:1.11.2-1
 	[etch] - mediawiki <not-affected> (Versions prior to 1.11 do not include callback feature)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-March/000070.html
-CVE-2008-1288 (IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or ...)
+CVE-2008-1288
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2008-1287 (IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error ...)
+CVE-2008-1287
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2008-1286 (Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and ...)
+CVE-2008-1286
 	NOT-FOR-US: Sun Javav Web Console
-CVE-2008-1285 (Cross-site scripting (XSS) vulnerability in Sun Java Server Faces ...)
+CVE-2008-1285
 	NOT-FOR-US: Sun Java Server Faces
-CVE-2008-1284 (Directory traversal vulnerability in Horde 3.1.6, Groupware before ...)
+CVE-2008-1284
 	{DSA-1519-1}
 	- horde3 3.1.7-1 (medium; bug #470640)
-CVE-2008-1283 (Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 ...)
+CVE-2008-1283
 	NOT-FOR-US: Neptune Web Server
-CVE-2008-1282 (Buffer overflow in the BFup ActiveX control (BFup.dll) in B21Soft BFup ...)
+CVE-2008-1282
 	NOT-FOR-US: B21Soft BFup
-CVE-2008-1281 (Directory traversal vulnerability in TFTPsrvs.exe 2.5.3.1 and earlier, ...)
+CVE-2008-1281
 	NOT-FOR-US: Argon Technology Client Management Services
-CVE-2008-1280 (Acronis True Image Windows Agent 1.0.0.54 and earlier, included in ...)
+CVE-2008-1280
 	NOT-FOR-US: Acronis True Image
-CVE-2008-1279 (Acronis True Image Group Server 1.5.19.191 and earlier, included in ...)
+CVE-2008-1279
 	NOT-FOR-US: Acronis True Image
-CVE-2008-1278 (The RemotelyAnywhere.exe service in the Remotely Anywhere Server and ...)
+CVE-2008-1278
 	NOT-FOR-US: Remotely Anywhere
-CVE-2008-1277 (The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and ...)
+CVE-2008-1277
 	NOT-FOR-US: MailEnable
-CVE-2008-1276 (Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in ...)
+CVE-2008-1276
 	NOT-FOR-US: MailEnable
-CVE-2008-1275 (Multiple unspecified vulnerabilities in the SMTP service in MailEnable ...)
+CVE-2008-1275
 	NOT-FOR-US: MailEnable
-CVE-2008-1274 (Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows ...)
+CVE-2008-1274
 	NOT-FOR-US: IBM AIX
-CVE-2008-1273 (Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 ...)
+CVE-2008-1273
 	NOT-FOR-US: imageVue
-CVE-2008-1272 (Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and ...)
+CVE-2008-1272
 	NOT-FOR-US: BM Classifieds
 CVE-2008-1271
 	REJECTED
-CVE-2008-1270 (mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not ...)
+CVE-2008-1270
 	{DSA-1521-1}
 	- lighttpd 1.4.19-1
 	NOTE: user configuration error, default documented in moduserdir documentation
-CVE-2008-1269 (cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus ...)
+CVE-2008-1269
 	NOT-FOR-US: Alice Gate 2 Plus router firmware
-CVE-2008-1268 (The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware ...)
+CVE-2008-1268
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1267 (The Siemens SpeedStream 6520 router allows remote attackers to cause a ...)
+CVE-2008-1267
 	NOT-FOR-US: Siemens SpeedStream
-CVE-2008-1266 (Multiple buffer overflows in the web interface on the D-Link DI-524 ...)
+CVE-2008-1266
 	NOT-FOR-US: D-Link router
-CVE-2008-1265 (The Linksys WRT54G router allows remote attackers to cause a denial of ...)
+CVE-2008-1265
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1264 (The Linksys WRT54G router has &quot;admin&quot; as its default FTP password, ...)
+CVE-2008-1264
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1263 (The Linksys WRT54G router stores passwords and keys in cleartext in ...)
+CVE-2008-1263
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1262 (The administration panel on the Airspan WiMax ProST 4.1 antenna with ...)
+CVE-2008-1262
 	NOT-FOR-US: Airspan WiMax ProST antenna
-CVE-2008-1261 (The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware provides ...)
+CVE-2008-1261
 	NOT-FOR-US: Zyxel router
-CVE-2008-1260 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2008-1260
 	NOT-FOR-US: Zyxel router
-CVE-2008-1259 (The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains ...)
+CVE-2008-1259
 	NOT-FOR-US: Zyxel router
-CVE-2008-1258 (Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link ...)
+CVE-2008-1258
 	NOT-FOR-US: D-Link router
-CVE-2008-1257 (Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ...)
+CVE-2008-1257
 	NOT-FOR-US: Zyxel router
-CVE-2008-1256 (The ZyXEL P-660HW series router has &quot;admin&quot; as its default password, ...)
+CVE-2008-1256
 	NOT-FOR-US: Zyxel router
-CVE-2008-1255 (The ZyXEL P-660HW series router maintains authentication state by IP ...)
+CVE-2008-1255
 	NOT-FOR-US: Zyxel router
-CVE-2008-1254 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2008-1254
 	NOT-FOR-US: Zyxel router
-CVE-2008-1253 (Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the ...)
+CVE-2008-1253
 	NOT-FOR-US: D-Link router
-CVE-2008-1252 (b_banner.stm (aka the login page) on the Deutsche Telekom Speedport ...)
+CVE-2008-1252
 	NOT-FOR-US: Telekom Speedport W500 DSL router
-CVE-2008-1251 (Cross-site scripting (XSS) vulnerability in the web interface on the ...)
+CVE-2008-1251
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1250 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2008-1250
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1249 (snomControl.swf in the central phone server for the Snom 320 SIP Phone ...)
+CVE-2008-1249
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1248 (The web interface on the central phone server for the Snom 320 SIP ...)
+CVE-2008-1248
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1247 (The web interface on the Linksys WRT54g router with firmware 1.00.9 ...)
+CVE-2008-1247
 	NOT-FOR-US: Linksys WRT54g router
-CVE-2008-1246 (** DISPUTED ** ...)
+CVE-2008-1246
 	NOT-FOR-US: Cisco PIX/ASA Finesse Operation System
-CVE-2008-1245 (cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with ...)
+CVE-2008-1245
 	NOT-FOR-US: Belkin router
-CVE-2008-1244 (cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware ...)
+CVE-2008-1244
 	NOT-FOR-US: Belkin router
-CVE-2008-1243 (Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router ...)
+CVE-2008-1243
 	NOT-FOR-US: Linksys WRT300N router
-CVE-2008-1242 (The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 ...)
+CVE-2008-1242
 	NOT-FOR-US: Belkin router
-CVE-2008-1241 (GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and ...)
+CVE-2008-1241
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1240 (LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before ...)
+CVE-2008-1240
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 CVE-2008-1239
 	RESERVED
-CVE-2008-1238 (Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when ...)
+CVE-2008-1238
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1237 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
+CVE-2008-1237
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1236 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
+CVE-2008-1236
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1235 (Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, ...)
+CVE-2008-1235
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1234 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2008-1234
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1233 (Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, ...)
+CVE-2008-1233
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1232 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 ...)
+CVE-2008-1232
 	- tomcat5.5 5.5.26-4 (low; bug #494504)
-CVE-2008-1231 (Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and ...)
+CVE-2008-1231
 	- jspwiki 2.8.0-1 (bug #470477)
-CVE-2008-1230 (Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 ...)
+CVE-2008-1230
 	- jspwiki 2.8.0-1 (bug #470477)
-CVE-2008-1229 (Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki ...)
+CVE-2008-1229
 	- jspwiki 2.8.0-1 (bug #470477)
-CVE-2008-1228 (Cross-site scripting (XSS) vulnerability in admin.php in MG2 (formerly ...)
+CVE-2008-1228
 	NOT-FOR-US: MG2
-CVE-2008-1227 (Stack-based buffer overflow in the silc_fingerprint function in ...)
+CVE-2008-1227
 	- silc-toolkit 1.1.6-1
-CVE-2008-1226 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+CVE-2008-1226
 	NOT-FOR-US: Zimbra Collaboration Suite
-CVE-2008-1225 (Multiple cross-site scripting (XSS) vulnerabilities in WebCT Campus ...)
+CVE-2008-1225
 	NOT-FOR-US: WebCT Campus Edition
-CVE-2008-1224 (Cross-site scripting (XSS) vulnerability in account.php in ...)
+CVE-2008-1224
 	NOT-FOR-US: BosClassifieds Classified Ads System
-CVE-2008-1223 (Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers ...)
+CVE-2008-1223
 	NOT-FOR-US: Dokeos
-CVE-2008-1222 (Cross-site scripting (XSS) vulnerability in Dokeos 1.8.4 before SP3 ...)
+CVE-2008-1222
 	NOT-FOR-US: Dokeos
-CVE-2008-1221 (Absolute path traversal vulnerability in the FTP server in MicroWorld ...)
+CVE-2008-1221
 	NOT-FOR-US: MicroWorld eScan
-CVE-2008-1220 (SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke ...)
+CVE-2008-1220
 	NOT-FOR-US: 4nChat for PHP-Nuke
-CVE-2008-1219 (SQL injection vulnerability in the Kutub-i Sitte (KutubiSitte) 1.1 ...)
+CVE-2008-1219
 	NOT-FOR-US: Kutub-i Sitte for PHP-Nuke
-CVE-2008-1217 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus ...)
+CVE-2008-1217
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-1216 (IBM Lotus Quickr 8.0 server, and possibly QuickPlace 7.x, does not ...)
+CVE-2008-1216
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-1215 (Stack-based buffer overflow in the command_Expand_Interpret function ...)
+CVE-2008-1215
 	NOT-FOR-US: BSD net/userppp
-CVE-2008-1214 (MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux ...)
+CVE-2008-1214
 	NOT-FOR-US: Numara FootPrints
-CVE-2008-1213 (Cross-site scripting (XSS) vulnerability in Numara FootPrints for ...)
+CVE-2008-1213
 	NOT-FOR-US: Numara FootPrints
-CVE-2008-1212 (Cross-site scripting (XSS) vulnerability in set_permissions.php in ...)
+CVE-2008-1212
 	NOT-FOR-US: Podcast Generator
-CVE-2008-1211 (Cross-site scripting (XSS) vulnerability in BosDates 3.x and 4.x ...)
+CVE-2008-1211
 	NOT-FOR-US: BosDates
-CVE-2008-1210 (Stack-based buffer overflow in the ctags parsing code in Programmer's ...)
+CVE-2008-1210
 	NOT-FOR-US: Programmer's Notepad
-CVE-2008-1209 (Cross-site scripting (XSS) vulnerability in redirect.do in Xitex ...)
+CVE-2008-1209
 	NOT-FOR-US: Xitex WebContent M1
-CVE-2008-1208 (Cross-site scripting (XSS) vulnerability in the login page in Check ...)
+CVE-2008-1208
 	NOT-FOR-US: CheckPoint VPN-1
-CVE-2008-1207 (Multiple unspecified vulnerabilities in Fujitsu Interstage Smart ...)
+CVE-2008-1207
 	NOT-FOR-US: Fujitsu Interstage
-CVE-2008-1206 (Format string vulnerability in the log_message function in lks.c in ...)
+CVE-2008-1206
 	NOT-FOR-US: Linux Kiss Server
-CVE-2008-1205 (Unspecified vulnerability in the ipsecah kernel module in Sun Solaris ...)
+CVE-2008-1205
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1204 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2008-1204
 	NOT-FOR-US: Sun Java System
-CVE-2008-1203 (The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 ...)
+CVE-2008-1203
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-1202 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2008-1202
 	NOT-FOR-US: Adobe LiveCycle Workflow
-CVE-2008-1201 (Multiple unspecified vulnerabilities in FLA file parsing in Adobe ...)
+CVE-2008-1201
 	NOT-FOR-US: Adobe Flash CS3 Professional
-CVE-2008-1200 (Unspecified vulnerability in Microsoft Access allows remote ...)
+CVE-2008-1200
 	NOT-FOR-US: Microsoft Access
-CVE-2008-1198 (The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 ...)
+CVE-2008-1198
 	NOT-FOR-US: Red Hat specific
-CVE-2008-1197 (The Marvell driver for the Netgear WN802T Wi-Fi access point with ...)
+CVE-2008-1197
 	NOT-FOR-US: Marvell driver for the Netgear WN802T Wi-Fi access point
-CVE-2008-1196 (Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK ...)
+CVE-2008-1196
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1195 (Unspecified vulnerability in Sun JDK and Java Runtime Environment ...)
+CVE-2008-1195
 	- sun-java6 6-05-1 (low)
 	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1194 (Multiple unspecified vulnerabilities in the color management library ...)
+CVE-2008-1194
 	- sun-java6 6-05-1 (unimportant)
 	- sun-java5 1.5.0-15-1 (unimportant)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1193 (Unspecified vulnerability in Java Runtime Environment Image Parsing ...)
+CVE-2008-1193
 	- sun-java6 6-05-1 (low)
 	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1192 (Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 ...)
+CVE-2008-1192
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1191 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 ...)
+CVE-2008-1191
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1190 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 ...)
+CVE-2008-1190
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 <not-affected> (No more information by sun)
-CVE-2008-1189 (Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and ...)
+CVE-2008-1189
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1188 (Multiple buffer overflows in the useEncodingDecl function in Java Web ...)
+CVE-2008-1188
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1187 (Unspecified vulnerability in Sun Java Runtime Environment (JRE) and ...)
+CVE-2008-1187
 	- sun-java6 6-05-1 (low)
 	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1186 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime ...)
+CVE-2008-1186
 	- sun-java6 6-05-1
 	- sun-java5 1.5.0-15-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1185 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime ...)
+CVE-2008-1185
 	- sun-java6 6-05-1
 	- sun-java5 1.5.0-15-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1184 (The DNSSEC validation library (libval) library in dnssec-tools before ...)
+CVE-2008-1184
 	- dnssec-tools <not-affected> (first version in Debian was 1.4.1)
-CVE-2008-1183 (Multiple cross-site scripting (XSS) vulnerabilities in Crafty Syntax ...)
+CVE-2008-1183
 	NOT-FOR-US: Crafty Syntax Live Help
-CVE-2008-1182 (Cross-site scripting (XSS) vulnerability in BSD Perimeter pfSense ...)
+CVE-2008-1182
 	NOT-FOR-US: BSD Perimeter pfSense
-CVE-2008-1181 (Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote ...)
+CVE-2008-1181
 	NOT-FOR-US: Juniper
-CVE-2008-1180 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-1180
 	NOT-FOR-US: Juniper
-CVE-2008-1179 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-1179
 	NOT-FOR-US: Centreon
-CVE-2008-1178 (Directory traversal vulnerability in include/doc/index.php in Centreon ...)
+CVE-2008-1178
 	NOT-FOR-US: Centreon
-CVE-2008-1177 (SQL injection vulnerability in shop/detail.php in Affiliate Market ...)
+CVE-2008-1177
 	NOT-FOR-US: Affiliate Market
-CVE-2008-1176 (Cross-site scripting (XSS) vulnerability in function/sideblock.php in ...)
+CVE-2008-1176
 	NOT-FOR-US: Affiliate Market
-CVE-2008-1175 (Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial ...)
+CVE-2008-1175
 	NOT-FOR-US: AuthentiX
-CVE-2008-1174 (Cross-site scripting (XSS) vulnerability in editUser.asp in AuthentiX ...)
+CVE-2008-1174
 	NOT-FOR-US: AuthentiX
-CVE-2008-1173 (Cross-site scripting (XSS) vulnerability in account-inbox.php in ...)
+CVE-2008-1173
 	NOT-FOR-US: TorrentTrader
-CVE-2008-1172 (Cross-site request forgery (CSRF) vulnerabilities in account-inbox.php ...)
+CVE-2008-1172
 	NOT-FOR-US: TorrentTrader
-CVE-2008-1171 (** DISPUTED ** ...)
+CVE-2008-1171
 	NOT-FOR-US: 123 Flash Chat Module for phpBB
-CVE-2008-1170 (Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow ...)
+CVE-2008-1170
 	NOT-FOR-US: KCWiki
-CVE-2008-1169 (Directory traversal vulnerability in the embedded HTTP server in SCI ...)
+CVE-2008-1169
 	NOT-FOR-US: SCI Photo Chat Server
-CVE-2008-1168 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report ...)
+CVE-2008-1168
 	- sarg 2.2.5-1
-CVE-2008-1167 (Stack-based buffer overflow in the useragent function in useragent.c ...)
+CVE-2008-1167
 	- sarg 2.2.4-1
-CVE-2008-1166 (Flyspray 0.9.9.4 generates different error messages depending on ...)
+CVE-2008-1166
 	- flyspray <removed>
-CVE-2008-1165 (Multiple cross-site scripting (XSS) vulnerabilities in Flyspray 0.9.9 ...)
+CVE-2008-1165
 	- flyspray <removed>
-CVE-2008-1164 (SQL injection vulnerability in index.php in phpComasy 0.8 allows ...)
+CVE-2008-1164
 	NOT-FOR-US: phpComasy CMS
-CVE-2008-1163 (SQL injection vulnerability in index.php in phpArcadeScript 1.0 ...)
+CVE-2008-1163
 	NOT-FOR-US: phpArcadeScript
-CVE-2008-1162 (SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic ...)
+CVE-2008-1162
 	NOT-FOR-US: phpwebscript
-CVE-2008-1161 (Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in ...)
+CVE-2008-1161
 	{DSA-1536-1}
 	- xine-lib 1.1.10.1-1 (medium)
-CVE-2008-1160 (ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra ...)
+CVE-2008-1160
 	NOT-FOR-US: ZyXEL ZyWALL 1050
-CVE-2008-1159 (Multiple unspecified vulnerabilities in the SSH server in Cisco IOS ...)
+CVE-2008-1159
 	NOT-FOR-US: Cisco ssh server
-CVE-2008-1158 (The Presence Engine (PE) service in Cisco Unified Presence before ...)
+CVE-2008-1158
 	NOT-FOR-US: Presence Engine (PE) Cisco Unified Presence
-CVE-2008-1157 (Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a ...)
+CVE-2008-1157
 	NOT-FOR-US: Cisco IPM
-CVE-2008-1156 (Unspecified vulnerability in the Multicast Virtual Private Network ...)
+CVE-2008-1156
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1155 (Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before ...)
+CVE-2008-1155
 	NOT-FOR-US: Cisco
-CVE-2008-1154 (The Disaster Recovery Framework (DRF) master server in Cisco Unified ...)
+CVE-2008-1154
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1153 (Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the ...)
+CVE-2008-1153
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1152 (The data-link switching (DLSw) component in Cisco IOS 12.0 through ...)
+CVE-2008-1152
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1151 (Memory leak in the virtual private dial-up network (VPDN) component in ...)
+CVE-2008-1151
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1150 (The virtual private dial-up network (VPDN) component in Cisco IOS ...)
+CVE-2008-1150
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1149 (phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters ...)
+CVE-2008-1149
 	{DSA-1557-1}
 	- phpmyadmin 4:2.11.5-1 (low)
 	[etch] - phpmyadmin <no-dsa> (Minor issue)
@@ -14517,426 +14517,426 @@ CVE-2008-1149 (phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parame
 	NOTE: PMASA-2008-1. SQL injection if you can set local cookies, which means
 	NOTE: you must be able to create pages in the same cookie domain, which seems
 	NOTE: rare and unwise. low priority.
-CVE-2008-1148 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
+CVE-2008-1148
 	NOT-FOR-US: OpenBSD / NetBSD
-CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
+CVE-2008-1147
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 <removed> (bug #559107)
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2008-1146 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
+CVE-2008-1146
 	NOT-FOR-US: OpenBSD
-CVE-2008-1144 (The Marvell driver for the Netgear WN802T Wi-Fi access point with ...)
+CVE-2008-1144
 	NOT-FOR-US: Marvell driver for the Netgear WN802T Wi-Fi access point
 CVE-2008-1143
 	RESERVED
-CVE-2008-1141 (Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier ...)
+CVE-2008-1141
 	NOT-FOR-US: DESlock+
-CVE-2008-1140 (DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users ...)
+CVE-2008-1140
 	NOT-FOR-US: DESlock+
-CVE-2008-1139 (DESlock+ 3.2.6 and earlier, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys ...)
+CVE-2008-1139
 	NOT-FOR-US: DESlock+
-CVE-2008-1138 (DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users ...)
+CVE-2008-1138
 	NOT-FOR-US: DESlock+
-CVE-2008-1137 (SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) ...)
+CVE-2008-1137
 	NOT-FOR-US: com_garyscookbook component for Mambo and Joomla!
-CVE-2008-1136 (The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through ...)
+CVE-2008-1136
 	- vdccm <removed>
-CVE-2008-1135 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates ...)
+CVE-2008-1135
 	NOT-FOR-US: OMEGA
-CVE-2008-1134 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports ...)
+CVE-2008-1134
 	NOT-FOR-US: OMEGA
-CVE-2008-1133 (The Drupal.checkPlain function in Drupal 6.0 only escapes the first ...)
+CVE-2008-1133
 	- drupal5 <not-affected> (Vulnerable code introduced in 6.x)
-CVE-2008-1218 (Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and ...)
+CVE-2008-1218
 	{DSA-1516-1}
 	- dovecot 1:1.0.13-1
 	[etch] - dovecot <not-affected> (Vulnerable code not present)
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
 	NOTE: exploitable through code introduced in 1.0.11
 	NOTE: http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
-CVE-2008-1293 (ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac ...)
+CVE-2008-1293
 	{DSA-1561-1 DTSA-118-1}
 	- ldm 2:0.1~bzr20080308-1 (bug #469462)
 	- ltsp 5.0.40~bzr20071229-1
 	NOTE: In revision 5.0.40~bzr20071229-1 ldm has been split into a separate source package
-CVE-2008-1145 (Directory traversal vulnerability in WEBrick in Ruby 1.8 before ...)
+CVE-2008-1145
 	- ruby1.8 1.8.6.114-1 (unimportant; bug #469475)
 	- ruby1.9 1.9.0.1-1 (unimportant; bug #469482)
 	[sarge] - ruby1.8 <no-dsa> (case insensitive FS, corner case)
 	[etch] - ruby1.8 <no-dsa> (case insensitive FS, corner case)
 	[etch] - ruby1.9 <no-dsa> (case insensitive FS, corner case)
 	NOTE: http://www.ruby-lang.org/en/news/2008/03/03/webrick-file-access-vulnerability/
-CVE-2008-1199 (Dovecot before 1.0.11, when configured to use mail_extra_groups to ...)
+CVE-2008-1199
 	{DSA-1516-1}
 	- dovecot 1:1.0.12-1 (medium; bug #469457)
-CVE-2008-1132 (Untrusted search path vulnerability in src/mainwindow.c in Net ...)
+CVE-2008-1132
 	NOT-FOR-US: Net Activity Viewer
-CVE-2008-1131 (Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote ...)
+CVE-2008-1131
 	- drupal <not-affected> (Vulnerable code not present, affects only 6.x branch)
 	- drupal5 <not-affected> (Vulnerable code not present, affects only 6.x branch)
-CVE-2008-1130 (Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and ...)
+CVE-2008-1130
 	NOT-FOR-US: WebSphere
-CVE-2008-1129 (Cross-site scripting (XSS) vulnerability in admin/users/self.php in ...)
+CVE-2008-1129
 	NOT-FOR-US: XRMS
-CVE-2008-1128 (PHP remote file inclusion vulnerability in tourney/index.php in ...)
+CVE-2008-1128
 	NOT-FOR-US: phpMyTourney
-CVE-2008-1127 (Format string vulnerability in the cryactio function in Crysis ...)
+CVE-2008-1127
 	NOT-FOR-US: Crysis
-CVE-2008-1126 (PHP remote file inclusion vulnerability in main.php in Barryvan Compo ...)
+CVE-2008-1126
 	NOT-FOR-US: Barryvan Compo Manager
-CVE-2008-1125 (Multiple directory traversal vulnerabilities in Podcast Generator 1.0 ...)
+CVE-2008-1125
 	NOT-FOR-US: Podcast Generator
-CVE-2008-1124 (Multiple PHP remote file inclusion vulnerabilities in Podcast ...)
+CVE-2008-1124
 	NOT-FOR-US: Podcast Generator
-CVE-2008-1123 (Multiple PHP remote file inclusion vulnerabilities in SiteBuilder ...)
+CVE-2008-1123
 	NOT-FOR-US: SiteBuilder
-CVE-2008-1122 (SQL injection vulnerability in the downloads module in Koobi Pro 5.7 ...)
+CVE-2008-1122
 	NOT-FOR-US: Koobi
-CVE-2008-1121 (SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier ...)
+CVE-2008-1121
 	NOT-FOR-US: eazyPortal
-CVE-2008-1120 (Format string vulnerability in the embedded Internet Explorer ...)
+CVE-2008-1120
 	NOT-FOR-US: ICQ
-CVE-2008-1119 (Directory traversal vulnerability in include/doc/get_image.php in ...)
+CVE-2008-1119
 	NOT-FOR-US: Centreon
-CVE-2008-1118 (Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does ...)
+CVE-2008-1118
 	NOT-FOR-US: Timbuktu Pro
-CVE-2008-1117 (Directory traversal vulnerability in the Notes (aka Flash Notes or ...)
+CVE-2008-1117
 	NOT-FOR-US: Timbuktu Pro
-CVE-2008-1116 (Insecure method vulnerability in the Web Scan Object ActiveX control ...)
+CVE-2008-1116
 	NOT-FOR-US: Rising Antivirus
-CVE-2008-1115 (Unspecified vulnerability in Sun Solaris 8 directory functions allows ...)
+CVE-2008-1115
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1114 (Vocera Communications wireless handsets, when using Protected ...)
+CVE-2008-1114
 	NOT-FOR-US: Vocera
-CVE-2008-1113 (Cisco Unified Wireless IP Phone 7921, when using Protected Extensible ...)
+CVE-2008-1113
 	NOT-FOR-US: Cisco
 CVE-2008-1112
 	REJECTED
-CVE-2008-1110 (Buffer overflow in demuxers/demux_asf.c (aka the ASF demuxer) in the ...)
+CVE-2008-1110
 	- xine-lib 1.1.10-1
 	[etch] - xine-lib <not-affected> (Not affected per assessment of maintainer)
 	[sarge] - xine-lib <not-affected> (Not affected per assessment of maintainer)
-CVE-2008-1109 (Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted ...)
+CVE-2008-1109
 	- evolution 2.22.2-1.1 (low; bug #484639)
 	[etch] - evolution <no-dsa> (Minor issue)
 	NOTE: Requires that the user accepts the iCalendar request and replies
 	NOTE: to it from the "Calendars" window.
-CVE-2008-1108 (Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is ...)
+CVE-2008-1108
 	- evolution 2.22.2-1.1 (low; bug #484639)
 	[etch] - evolution <no-dsa> (Minor issue)
 	NOTE: Requires that the ITip Formatter plugin is disabled, which is enabled by default.
-CVE-2008-1107 (Multiple stack-based buffer overflows in the Danske Bank e-Sec Control ...)
+CVE-2008-1107
 	NOT-FOR-US: Danske Bank e-Sec Control Module
-CVE-2008-1106 (The management interface in Akamai Client (formerly Red Swoosh) 3322 ...)
+CVE-2008-1106
 	NOT-FOR-US: Akamai Client
-CVE-2008-1105 (Heap-based buffer overflow in the receive_smb_raw function in ...)
+CVE-2008-1105
 	{DSA-1590-1}
 	- samba 1:3.0.30-1 (medium; bug #483410)
-CVE-2008-1104 (Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 ...)
+CVE-2008-1104
 	NOT-FOR-US: Foxit Reader
-CVE-2008-1103 (Multiple unspecified vulnerabilities in Blender have unknown impact ...)
+CVE-2008-1103
 	- blender 2.40-1 (low)
-CVE-2008-1102 (Stack-based buffer overflow in the imb_loadhdr function in Blender ...)
+CVE-2008-1102
 	{DSA-1567-1}
 	- blender 2.45-5 (medium; bug #477808)
-CVE-2008-1101 (Buffer overflow in kvdocve.dll in the KeyView document viewing engine ...)
+CVE-2008-1101
 	NOT-FOR-US: KeyView
-CVE-2008-1100 (Buffer overflow in the cli_scanpe function in libclamav ...)
+CVE-2008-1100
 	{DSA-1549-1}
 	- clamav 0.92.1~dfsg2-1
-CVE-2008-1099 (_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not ...)
+CVE-2008-1099
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-1098 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 ...)
+CVE-2008-1098
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-1097 (Heap-based buffer overflow in the ReadPCXImage function in the PCX ...)
+CVE-2008-1097
 	{DSA-1858-1}
 	- graphicsmagick 1.1.7-13
 	- imagemagick 7:6.2.4.5.dfsg1-1
-CVE-2008-1096 (The load_tile function in the XCF coder in coders/xcf.c in (1) ...)
+CVE-2008-1096
 	{DSA-1903-1 DSA-1858-1}
 	- imagemagick 7:6.3.7.9.dfsg1-2.1 (medium; bug #414370)
 	[lenny] - imagemagick 7:6.3.7.9.dfsg1-2.1+lenny1
 	- graphicsmagick 1.1.11-3.2 (medium; bug #414370)
-CVE-2008-1095 (Unspecified vulnerability in the Internet Protocol (IP) implementation ...)
+CVE-2008-1095
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1094 (SQL injection vulnerability in index.cgi in the Account View page in ...)
+CVE-2008-1094
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2008-1093 (Acresso InstallShield Update Agent does not properly verify the ...)
+CVE-2008-1093
 	NOT-FOR-US: FLEXnet Connect
-CVE-2008-1092 (Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet ...)
+CVE-2008-1092
 	NOT-FOR-US: Microsoft Jet Database Engine
-CVE-2008-1091 (Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, ...)
+CVE-2008-1091
 	NOT-FOR-US: Microsoft Word
-CVE-2008-1090 (Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and ...)
+CVE-2008-1090
 	NOT-FOR-US: Microsoft
-CVE-2008-1089 (Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and ...)
+CVE-2008-1089
 	NOT-FOR-US: Microsoft
-CVE-2008-1088 (Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 ...)
+CVE-2008-1088
 	NOT-FOR-US: Microsoft
-CVE-2008-1087 (Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP ...)
+CVE-2008-1087
 	NOT-FOR-US: Microsoft
-CVE-2008-1086 (The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft ...)
+CVE-2008-1086
 	NOT-FOR-US: Microsoft
-CVE-2008-1085 (Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, ...)
+CVE-2008-1085
 	NOT-FOR-US: Microsoft
-CVE-2008-1084 (Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
+CVE-2008-1084
 	NOT-FOR-US: Microsoft
-CVE-2008-1083 (Heap-based buffer overflow in the CreateDIBPatternBrushPt function in ...)
+CVE-2008-1083
 	NOT-FOR-US: Microsoft
-CVE-2008-1082 (Opera before 9.26 allows remote attackers to &quot;bypass sanitization ...)
+CVE-2008-1082
 	NOT-FOR-US: Opera
-CVE-2008-1081 (Opera before 9.26 allows user-assisted remote attackers to execute ...)
+CVE-2008-1081
 	NOT-FOR-US: Opera
-CVE-2008-1080 (Opera before 9.26 allows user-assisted remote attackers to read ...)
+CVE-2008-1080
 	NOT-FOR-US: Opera
-CVE-2008-1079 (The outboxWriteUnsent function in FTPThread.class in SendFile.jar for ...)
+CVE-2008-1079
 	NOT-FOR-US: Beehive Software SendFile.NET
-CVE-2008-1078 (expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and ...)
+CVE-2008-1078
 	- am-utils <not-affected> (Affected code not present in the binary package)
 	NOTE: sendmail includes a copy of the script, which has been fixed since
 	NOTE: several years
-CVE-2008-1077 (SQL injection vulnerability in index.php in the Simpleboard ...)
+CVE-2008-1077
 	NOT-FOR-US: com_simpleboard component for Mambo and Joomla!
-CVE-2008-1076 (Cross-site scripting (XSS) vulnerability in search.php in Interspire ...)
+CVE-2008-1076
 	NOT-FOR-US: Interspire Shopping Cart
-CVE-2008-1075 (Cross-site scripting (XSS) vulnerability in index.php in Maian Cart ...)
+CVE-2008-1075
 	NOT-FOR-US: Maian Cart
-CVE-2008-1074 (PHP remote file inclusion vulnerability in lib/head_auth.php in ...)
+CVE-2008-1074
 	NOT-FOR-US: GROUP-E
-CVE-2008-1073 (Cross-site scripting (XSS) vulnerability in the report interface in ...)
+CVE-2008-1073
 	NOT-FOR-US: Internet Security Systems
-CVE-2008-1072 (The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through ...)
+CVE-2008-1072
 	- wireshark 0.99.8-1 (low; bug #469488)
 	[etch] - wireshark <not-affected> (Only affected in conjunction with later libcairo)
 	[sarge] - ethereal <not-affected> (Only affected in conjunction with later libcairo)
-CVE-2008-1071 (The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through ...)
+CVE-2008-1071
 	- wireshark 0.99.8-1 (low; bug #469488)
 	[etch] - wireshark <not-affected> (Only affects 0.99.6 onwards)
 	[sarge] - ethereal <not-affected> (Only affects 0.99.6 onwards)
-CVE-2008-1070 (The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through ...)
+CVE-2008-1070
 	- wireshark 0.99.8-1 (low; bug #469488)
 	[etch] - wireshark <not-affected> (Only affects 0.99.5 onwards)
 	[sarge] - ethereal <not-affected> (Only affects 0.99.5 onwards)
-CVE-2008-1069 (Multiple PHP remote file inclusion vulnerabilities in Quantum Game ...)
+CVE-2008-1069
 	NOT-FOR-US: Quantum Game Library
-CVE-2008-1068 (Multiple PHP remote file inclusion vulnerabilities in Portail Web Php ...)
+CVE-2008-1068
 	NOT-FOR-US: Portail Web Php
-CVE-2008-1067 (Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 ...)
+CVE-2008-1067
 	- phpqladmin <removed>
-CVE-2008-1066 (The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used ...)
+CVE-2008-1066
 	{DSA-1520-1}
 	- smarty 2.6.18-1.1 (low; bug #469492)
 	- moodle <not-affected> (low; bug #471158)
 	- gallery2 2.2.5-2 (low; bug #471160)
 	- mahara 0.9.2-2 (low; bug #471201)
 	NOTE: Moodle ships Smarty but uses it in only one file, which doesn't use regex_replace
-CVE-2008-1065 (Multiple SQL injection vulnerabilities in index.php in the ...)
+CVE-2008-1065
 	NOT-FOR-US: xmmemberstats module for XOOPS
-CVE-2008-1064 (Cross-site scripting (XSS) vulnerability in images.php in the Red ...)
+CVE-2008-1064
 	NOT-FOR-US: rmgs module for XOOPs
-CVE-2008-1063 (Cross-site scripting (XSS) vulnerability index.php in the ...)
+CVE-2008-1063
 	NOT-FOR-US: xmmemberstats module for XOOPS
-CVE-2008-1062 (InterVideo IMC Server (aka IMCSvr.exe) and InterVideo Home Theater ...)
+CVE-2008-1062
 	NOT-FOR-US: InterVideo IMC Server/InterVideo Home Theater
-CVE-2008-1061 (Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets ...)
+CVE-2008-1061
 	NOT-FOR-US: Sniplets plugin for WordPress
-CVE-2008-1060 (Eval injection vulnerability in modules/execute.php in the Sniplets ...)
+CVE-2008-1060
 	NOT-FOR-US: Sniplets plugin for WordPress
-CVE-2008-1059 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-1059
 	NOT-FOR-US: Sniplets plugin for WordPress
-CVE-2008-1058 (The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 ...)
+CVE-2008-1058
 	NOT-FOR-US: OpenBSD
-CVE-2008-1057 (The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 ...)
+CVE-2008-1057
 	NOT-FOR-US: OpenBSD
-CVE-2008-1056 (Multiple stack-based buffer overflows in Symark PowerBroker 2.8 ...)
+CVE-2008-1056
 	NOT-FOR-US: Symark PowerBroker
-CVE-2008-1111 (mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts ...)
+CVE-2008-1111
 	{DSA-1513-1}
 	- lighttpd 1.4.18-4 (low; bug #469307)
-CVE-2008-1142 (rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment ...)
+CVE-2008-1142
 	- rxvt 1:2.6.4-13 (unimportant; bug #469296)
-CVE-2008-1055 (Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 ...)
+CVE-2008-1055
 	NOT-FOR-US: SurgeMail
-CVE-2008-1054 (Stack-based buffer overflow in the _lib_spawn_user_getpid function in ...)
+CVE-2008-1054
 	NOT-FOR-US: SurgeMail
-CVE-2008-1053 (Multiple SQL injection vulnerabilities in the Kose_Yazilari module for ...)
+CVE-2008-1053
 	NOT-FOR-US: Kose_Yazilari module for PHP-Nuke
-CVE-2008-1052 (The administration web interface in NetWin SurgeFTP 2.3a2 and earlier ...)
+CVE-2008-1052
 	NOT-FOR-US: SurgeFTP
-CVE-2008-1051 (PHP remote file inclusion vulnerability in include/body_comm.inc.php ...)
+CVE-2008-1051
 	NOT-FOR-US: phpProfiles
-CVE-2008-1050 (SQL injection vulnerability in index.php in Softbiz Jokes &amp; Funny Pics ...)
+CVE-2008-1050
 	NOT-FOR-US: Softbiz Jokes & Funny Pics Script
-CVE-2008-1049 (Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and ...)
+CVE-2008-1049
 	NOT-FOR-US: Parallels SiteStudio
-CVE-2008-1048 (Cross-site scripting (XSS) vulnerability in manager/xmedia.php in ...)
+CVE-2008-1048
 	NOT-FOR-US: Plume CMS
-CVE-2008-1047 (Cross-site scripting (XSS) vulnerability in tiki-edit_article.php in ...)
+CVE-2008-1047
 	- tikiwiki <removed>
-CVE-2008-1046 (PHP remote file inclusion vulnerability in footer.php in Quinsonnas ...)
+CVE-2008-1046
 	NOT-FOR-US: Quinsonnas Mail Checker
-CVE-2008-1045 (Cross-site scripting (XSS) vulnerability in the file tree navigation ...)
+CVE-2008-1045
 	NOT-FOR-US: OpenCMS
-CVE-2008-1044 (Stack-based buffer overflow in the Quantum Streaming Player (Quantum ...)
+CVE-2008-1044
 	NOT-FOR-US: Quantum Streaming Player
-CVE-2008-1043 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-1043
 	NOT-FOR-US: Linux Web Shop
-CVE-2008-1042 (Directory traversal vulnerability in include/body.inc.php in Linux Web ...)
+CVE-2008-1042
 	NOT-FOR-US: Linux Web Shop
-CVE-2008-1041 (Cross-site scripting (XSS) vulnerability in mwhois.php in Matt Wilson ...)
+CVE-2008-1041
 	NOT-FOR-US: MWhois
-CVE-2008-1040 (Buffer overflow in the Single Sign-On function in Fujitsu Interstage ...)
+CVE-2008-1040
 	NOT-FOR-US: Fujitsu Interstage Application Server
-CVE-2008-1039 (SQL injection vulnerability in question.asp in PORAR WEBBOARD allows ...)
+CVE-2008-1039
 	NOT-FOR-US: PORAR WEBBOARD
-CVE-2008-1038 (PHP remote file inclusion vulnerability in mod/mod.extmanager.php in ...)
+CVE-2008-1038
 	NOT-FOR-US: DBHcms
-CVE-2008-1037 (Cross-site scripting (XSS) vulnerability in the file listing function ...)
+CVE-2008-1037
 	NOT-FOR-US: Packeteer PacketShaper
-CVE-2008-1036 (The International Components for Unicode (ICU) library in Apple Mac OS ...)
+CVE-2008-1036
 	{DSA-1762-1}
 	- icu 4.0.1-1
-CVE-2008-1035 (Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows ...)
+CVE-2008-1035
 	NOT-FOR-US: Apple iCal
-CVE-2008-1034 (Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows ...)
+CVE-2008-1034
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1033 (The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug ...)
+CVE-2008-1033
 	- cups 1.3.7-1
-CVE-2008-1032 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X ...)
+CVE-2008-1032
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1031 (CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers ...)
+CVE-2008-1031
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1030 (Integer overflow in the CFDataReplaceBytes function in the CFData API ...)
+CVE-2008-1030
 	NOT-FOR-US: Apple Mac OS
 CVE-2008-1029
 	RESERVED
-CVE-2008-1028 (Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 ...)
+CVE-2008-1028
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1027 (Apple Filing Protocol (AFP) Server in Apple Mac OS X before 10.5.3 ...)
+CVE-2008-1027
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1026 (Integer overflow in the PCRE regular expression compiler ...)
+CVE-2008-1026
 	- webkit 0~svn31841-1
 	- qt4-x11 <not-affected> (vulnerable code not present referring to upstream)
 	NOTE: for qt, referring to upstream this only applies to optimized code in safari 3.1
 	NOTE: branch and qt 4.4 is based on safari 3.0
-CVE-2008-1025 (Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in ...)
+CVE-2008-1025
 	- qt4-x11 <not-affected> (QUrl handles URLs and is not vulnerable to this CVE, see bug #479644)
 	- webkit 0~svn31841-1 (medium)
-CVE-2008-1024 (Apple Safari before 3.1.1, when running on Windows XP or Vista, allows ...)
+CVE-2008-1024
 	NOT-FOR-US: Apple Safari
-CVE-2008-1023 (Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime ...)
+CVE-2008-1023
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1022 (Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows ...)
+CVE-2008-1022
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1021 (Heap-based buffer overflow in Animation codec content handling in ...)
+CVE-2008-1021
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1020 (Heap-based buffer overflow in quickTime.qts in Apple QuickTime before ...)
+CVE-2008-1020
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1019 (Heap-based buffer overflow in quickTime.qts in Apple QuickTime before ...)
+CVE-2008-1019
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1018 (Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows ...)
+CVE-2008-1018
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1017 (Heap-based buffer overflow in clipping region (aka crgn) atom handling ...)
+CVE-2008-1017
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1016 (Apple QuickTime before 7.4.5 does not properly handle movie media ...)
+CVE-2008-1016
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1015 (Buffer overflow in the data reference atom handling in Apple QuickTime ...)
+CVE-2008-1015
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1014 (Apple QuickTime before 7.4.5 does not properly handle external URLs in ...)
+CVE-2008-1014
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1013 (Apple QuickTime before 7.4.5 enables deserialization of QTJava objects ...)
+CVE-2008-1013
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1012 (Unspecified vulnerability in Apple AirPort Extreme Base Station ...)
+CVE-2008-1012
 	NOT-FOR-US: Apple AirPort
-CVE-2008-1011 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
+CVE-2008-1011
 	NOTE: As far as I can see this has been addressed in revision 30871.
 	NOTE: Please doublecheck.
-CVE-2008-1010 (Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows ...)
+CVE-2008-1010
 	NOTE: As far as I can see this has been addressed in revision 31388.
 	NOTE: Please doublecheck.
-CVE-2008-1009 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple ...)
+CVE-2008-1009
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1008 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple ...)
+CVE-2008-1008
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1007 (WebCore, as used in Apple Safari before 3.1, does not enforce the ...)
+CVE-2008-1007
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1006 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple ...)
+CVE-2008-1006
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1005 (WebCore, as used in Apple Safari before 3.1, does not properly mask ...)
+CVE-2008-1005
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1004 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple ...)
+CVE-2008-1004
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1003 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple ...)
+CVE-2008-1003
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1002 (Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1 ...)
+CVE-2008-1002
 	NOT-FOR-US: Apple Safari
-CVE-2008-1001 (Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1, ...)
+CVE-2008-1001
 	NOT-FOR-US: Apple Safari
-CVE-2008-1000 (Directory traversal vulnerability in ContentServer.py in the Wiki ...)
+CVE-2008-1000
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0999 (Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial ...)
+CVE-2008-0999
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0998 (Unspecified vulnerability in NetCfgTool in the System Configuration ...)
+CVE-2008-0998
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0997 (Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows ...)
+CVE-2008-0997
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0996 (The Printing component in Apple Mac OS X 10.5.2 might save ...)
+CVE-2008-0996
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0995 (The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when ...)
+CVE-2008-0995
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0994 (Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF ...)
+CVE-2008-0994
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0993 (Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes ...)
+CVE-2008-0993
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0992 (Array index error in pax in Apple Mac OS X 10.5.2 allows ...)
+CVE-2008-0992
 	- pax <not-affected> (issue specific to Apple's version of pax)
 CVE-2008-0991
 	RESERVED
-CVE-2008-0990 (notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death ...)
+CVE-2008-0990
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0989 (Format string vulnerability in mDNSResponderHelper in Apple Mac OS X ...)
+CVE-2008-0989
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0988 (Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS ...)
+CVE-2008-0988
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0987 (Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and ...)
+CVE-2008-0987
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0986 (Integer overflow in the BMP::readFromStream method in the libsgl.so ...)
+CVE-2008-0986
 	NOT-FOR-US: Google Android
-CVE-2008-0985 (Heap-based buffer overflow in the GIF library in the WebKit framework ...)
+CVE-2008-0985
 	NOT-FOR-US: Google Android
-CVE-2008-0984 (The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as ...)
+CVE-2008-0984
 	{DSA-1543-1 DTSA-116-1}
 	- vlc 0.8.6.e-1 (medium; bug #467652)
 CVE-2008-6426
 	REJECTED
-CVE-2008-0982 (Spyce - Python Server Pages (PSP) 2.1.3 allows remote attackers to ...)
+CVE-2008-0982
 	NOT-FOR-US: Spyce
-CVE-2008-0981 (Open redirect vulnerability in spyce/examples/redirect.spy in Spyce - ...)
+CVE-2008-0981
 	NOT-FOR-US: Spyce
-CVE-2008-0980 (Multiple cross-site scripting (XSS) vulnerabilities in Spyce - Python ...)
+CVE-2008-0980
 	NOT-FOR-US: Spyce
-CVE-2008-0979 (Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, ...)
+CVE-2008-0979
 	NOT-FOR-US: Double-Take
-CVE-2008-0978 (Double-Take 5.0.0.2865 and earlier, distributed under the HP ...)
+CVE-2008-0978
 	NOT-FOR-US: Double-Take
-CVE-2008-0977 (Double-Take 5.0.0.2865 and earlier, distributed under the HP ...)
+CVE-2008-0977
 	NOT-FOR-US: Double-Take
-CVE-2008-0976 (Double-Take 5.0.0.2865 and earlier, distributed under the HP ...)
+CVE-2008-0976
 	NOT-FOR-US: Double-Take
-CVE-2008-0975 (Double-Take 5.0.0.2865 and earlier, distributed under the HP ...)
+CVE-2008-0975
 	NOT-FOR-US: Double-Take
-CVE-2008-0974 (Double-Take 5.0.0.2865 and earlier, distributed under the HP ...)
+CVE-2008-0974
 	NOT-FOR-US: Double-Take
-CVE-2008-0973 (Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) ...)
+CVE-2008-0973
 	NOT-FOR-US: Double-Take
 CVE-2008-0972
 	RESERVED
-CVE-2008-0971 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in ...)
+CVE-2008-0971
 	NOT-FOR-US: Barracuda Networks products
 CVE-2008-0970
 	RESERVED
@@ -14944,914 +14944,914 @@ CVE-2008-0969
 	RESERVED
 CVE-2008-0968
 	RESERVED
-CVE-2008-0967 (Untrusted search path vulnerability in vmware-authd in VMware ...)
+CVE-2008-0967
 	- vmware-package <removed> (low; bug #486110)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-0966
 	RESERVED
-CVE-2008-0965 (Multiple format string vulnerabilities in snoop on Sun Solaris 8 ...)
+CVE-2008-0965
 	NOT-FOR-US: Sun Solaris and OpenSolaris
-CVE-2008-0964 (Multiple stack-based buffer overflows in snoop on Sun Solaris 8 ...)
+CVE-2008-0964
 	NOT-FOR-US: Sun Solaris and OpenSolaris
-CVE-2008-0963 (Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 ...)
+CVE-2008-0963
 	NOT-FOR-US: EMC DiskXtender
-CVE-2008-0962 (Stack-based buffer overflow in the File System Manager for EMC ...)
+CVE-2008-0962
 	NOT-FOR-US: EMC DiskXtender
-CVE-2008-0961 (EMV DiskXtender 6.20.060 has a hard-coded login and password, which ...)
+CVE-2008-0961
 	NOT-FOR-US: EMC DiskXtender
-CVE-2008-0960 (SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x ...)
+CVE-2008-0960
 	{DSA-1663-1 DTSA-137-1}
 	- net-snmp 5.4.1~dfsg-8.1 (medium; bug #485945)
-CVE-2008-0959 (Multiple stack-based buffer overflows in the Online Media Technologies ...)
+CVE-2008-0959
 	NOT-FOR-US: Online Media Technologies NCTSoft NCTAudioInformation2
-CVE-2008-0958 (Multiple stack-based buffer overflows in the Online Media Technologies ...)
+CVE-2008-0958
 	NOT-FOR-US: Online Media Technologies NCTSoft NCTAudioInformation2
-CVE-2008-0957 (Multiple stack-based buffer overflows in the PhotoStockPlus Uploader ...)
+CVE-2008-0957
 	NOT-FOR-US: PhotoStockPlus Uploader Tool ActiveX control
-CVE-2008-0956 (Multiple stack-based buffer overflows in the BackWeb Lite Install ...)
+CVE-2008-0956
 	NOT-FOR-US: BackWeb Lite Install
-CVE-2008-0955 (Stack-based buffer overflow in the Creative Software AutoUpdate Engine ...)
+CVE-2008-0955
 	NOT-FOR-US: CTSUEng.ocx
 CVE-2008-0954
 	RESERVED
-CVE-2008-0953 (The StartApp function in the HPISDataManagerLib.Datamgr ActiveX ...)
+CVE-2008-0953
 	NOT-FOR-US: ActiveX control
-CVE-2008-0952 (The AppendStringToFile function in the HPISDataManagerLib.Datamgr ...)
+CVE-2008-0952
 	NOT-FOR-US: ActiveX control
-CVE-2008-0951 (Microsoft Windows Vista does not properly enforce the ...)
+CVE-2008-0951
 	NOT-FOR-US: Windows Vista
 CVE-2008-0950
 	RESERVED
-CVE-2008-0949 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x ...)
+CVE-2008-0949
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0948 (Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by ...)
+CVE-2008-0948
 	- krb5 1.3-1 (unimportant)
 	NOTE: glibc properly defines FD_SETSIZE
-CVE-2008-0947 (Buffer overflow in the RPC library used by libgssrpc and kadmind in ...)
+CVE-2008-0947
 	{DSA-1524-1}
 	- krb5 1.6.dfsg.3~beta1-4 (medium)
-CVE-2008-0946 (Directory traversal vulnerability in the IM Server (aka IMserve or ...)
+CVE-2008-0946
 	NOT-FOR-US: Ipswitch Instant Messaging
-CVE-2008-0945 (Format string vulnerability in the logging function in the IM Server ...)
+CVE-2008-0945
 	NOT-FOR-US: Ipswitch Instant Messaging
-CVE-2008-0944 (Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote ...)
+CVE-2008-0944
 	NOT-FOR-US: Ipswitch Instant Messaging
-CVE-2008-0943 (Multiple SQL injection vulnerabilities in Eagle Software Aeries ...)
+CVE-2008-0943
 	NOT-FOR-US: Eagle Software Aeries
-CVE-2008-0942 (SQL injection vulnerability in GradebookStuScores.asp in Eagle ...)
+CVE-2008-0942
 	NOT-FOR-US: Eagle Software Aeries Browser Interface
-CVE-2008-0941 (Cross-site scripting (XSS) vulnerability in Eagle Software Aeries ...)
+CVE-2008-0941
 	NOT-FOR-US: Eagle Software Aeries Browser Interface
-CVE-2008-0940 (Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before ...)
+CVE-2008-0940
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2008-0939 (Multiple SQL injection vulnerabilities in wppa.php in the WP Photo ...)
+CVE-2008-0939
 	NOT-FOR-US: WP Photo Album plugin for WordPress
-CVE-2008-0938 (Unspecified vulnerability in the dynamic tracing framework (DTrace) in ...)
+CVE-2008-0938
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0937 (SQL injection vulnerability in index.php in the Tiny Event (tinyevent) ...)
+CVE-2008-0937
 	NOT-FOR-US: XOOPS module
-CVE-2008-0936 (SQL injection vulnerability in index.php in the Prayer List ...)
+CVE-2008-0936
 	NOT-FOR-US: XOOPS module
-CVE-2008-0935 (Stack-based buffer overflow in the Novell iPrint Control ActiveX ...)
+CVE-2008-0935
 	NOT-FOR-US: Novell iPrint Client
-CVE-2008-0934 (SQL injection vulnerability in modules.php in the NukeC 2.1 module for ...)
+CVE-2008-0934
 	NOT-FOR-US: NukeC phpnuke module
-CVE-2008-0933 (Multiple race conditions in the CPU Performance Counters (cpc) ...)
+CVE-2008-0933
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0931 (w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure ...)
+CVE-2008-0931
 	{DSA-1526-1}
 	- xwine <removed> (low; bug #468050)
-CVE-2008-0930 (w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to ...)
+CVE-2008-0930
 	{DSA-1526-1}
 	- xwine <removed> (low; bug #468050)
 CVE-2008-0929
 	REJECTED
-CVE-2008-0928 (Qemu 0.9.1 and earlier does not perform range checks for block device ...)
+CVE-2008-0928
 	{DSA-1799-1 DTSA-133-1}
 	- qemu 0.9.1+svn20081207-1 (low; bug #469649)
 	- xen-unstable 3.2.0-4 (bug #469654)
 	- xen-3 3.2.0-4 (bug #469662)
 	- xen-3.0 <removed>
 	- kvm 63+dfsg-1 (bug #469666)
-CVE-2008-0927 (dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows ...)
+CVE-2008-0927
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0926 (The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 ...)
+CVE-2008-0926
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0925 (Cross-site scripting (XSS) vulnerability in the iMonitor interface in ...)
+CVE-2008-0925
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0924 (Stack-based buffer overflow in the DoLBURPRequest function in libnldap ...)
+CVE-2008-0924
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0923 (Directory traversal vulnerability in the Shared Folders feature for ...)
+CVE-2008-0923
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-0922 (SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke ...)
+CVE-2008-0922
 	NOT-FOR-US: Manuales module for PHP-Nuke
-CVE-2008-0921 (SQL injection vulnerability in news.php in beContent 0.3.1 allows ...)
+CVE-2008-0921
 	NOT-FOR-US: beContent
-CVE-2008-0920 (SQL injection vulnerability in port/modifyportform.php in Open Source ...)
+CVE-2008-0920
 	NOT-FOR-US: OSSIM
-CVE-2008-0919 (Cross-site scripting (XSS) vulnerability in session/login.php in Open ...)
+CVE-2008-0919
 	NOT-FOR-US: OSSIM
-CVE-2008-0918 (SQL injection vulnerability in includes/count_dl_or_link.inc.php in ...)
+CVE-2008-0918
 	NOT-FOR-US: astatsPRO component for Joomla!
-CVE-2008-0917 (Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 ...)
+CVE-2008-0917
 	NOT-FOR-US: TorWorld software
-CVE-2008-0916 (SQL injection vulnerability in the Highwood Design hwdVideoShare ...)
+CVE-2008-0916
 	NOT-FOR-US: com_hwdvideoshare component for Joomla!
-CVE-2008-0915 (The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and ...)
+CVE-2008-0915
 	NOT-FOR-US: IPdiva SSL VPN Server
-CVE-2008-0914 (Multiple cross-site scripting (XSS) vulnerabilities in the Mediation ...)
+CVE-2008-0914
 	NOT-FOR-US: IPdiva SSL VPN Server
-CVE-2008-0913 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB ...)
+CVE-2008-0913
 	NOT-FOR-US: Invision Power Board
-CVE-2008-0912 (Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink ...)
+CVE-2008-0912
 	NOT-FOR-US: Sybase MobiLink
-CVE-2008-0911 (SQL injection vulnerability in productdetails.php in iScripts ...)
+CVE-2008-0911
 	NOT-FOR-US: iScripts MultiCart
-CVE-2008-0910 (Multiple F-Secure anti-virus products, including Internet Security ...)
+CVE-2008-0910
 	NOT-FOR-US: Internet Security, Anti-Virus, F-Secure Protection Service
-CVE-2008-0909 (Cross-site scripting (XSS) vulnerability in browse.asp in Schoolwires ...)
+CVE-2008-0909
 	NOT-FOR-US: Schoolwires Academic Portal
-CVE-2008-0908 (SQL injection vulnerability in browse.asp in Schoolwires Academic ...)
+CVE-2008-0908
 	NOT-FOR-US: Schoolwires Academic Portal
-CVE-2008-0907 (SQL injection vulnerability in the Inhalt module for PHP-Nuke allows ...)
+CVE-2008-0907
 	NOT-FOR-US: Inhalt module for PHP-Nuke
-CVE-2008-0906 (SQL injection vulnerability in the Docum module in PHP-Nuke allows ...)
+CVE-2008-0906
 	NOT-FOR-US: Docum module for PHP-Nuke
-CVE-2008-0905 (Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 ...)
+CVE-2008-0905
 	NOT-FOR-US: Globsy
-CVE-2008-0904 (Unspecified vulnerability in the download servlet in BEA Plumtree ...)
+CVE-2008-0904
 	NOT-FOR-US: BEA Plumtree Collaboration and AquaLogic Interaction
-CVE-2008-0903 (Unspecified vulnerability in the BEA WebLogic Server and Express proxy ...)
+CVE-2008-0903
 	NOT-FOR-US: BEA WebLogic Server and Express proxy plugin
-CVE-2008-0902 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
+CVE-2008-0902
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0901 (BEA WebLogic Server and Express 7.0 through 10.0 allows remote ...)
+CVE-2008-0901
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0900 (Session fixation vulnerability in BEA WebLogic Server and Express 8.1 ...)
+CVE-2008-0900
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0899 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2008-0899
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0898 (The distributed queue feature in JMS in BEA WebLogic Server 9.0 ...)
+CVE-2008-0898
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2008-0897 (Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 ...)
+CVE-2008-0897
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2008-0896 (BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator ...)
+CVE-2008-0896
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2008-0895 (BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows ...)
+CVE-2008-0895
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0894 (Apple Safari might allow remote attackers to obtain potentially ...)
+CVE-2008-0894
 	NOT-FOR-US: Apple Safari
-CVE-2008-0893 (Red Hat Administration Server, as used by Red Hat Directory Server 8.0 ...)
+CVE-2008-0893
 	NOT-FOR-US: Red Hat Administration Server
-CVE-2008-0892 (The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat ...)
+CVE-2008-0892
 	NOT-FOR-US: Red Hat Administration Server
-CVE-2008-0891 (Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS ...)
+CVE-2008-0891
 	{DTSA-136-1}
 	- openssl 0.9.8g-10.1 (bug #483379)
 	[etch] - openssl <not-affected> (Vulnerable code (TLS extensions) not present)
-CVE-2008-0890 (Red Hat Directory Server 7.1 before SP4 uses insecure permissions for ...)
+CVE-2008-0890
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-0889 (Red Hat Directory Server 8.0, when running on Red Hat Enterprise ...)
+CVE-2008-0889
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-0888 (The NEEDBITS macro in the inflate_dynamic function in inflate.c for ...)
+CVE-2008-0888
 	{DSA-1522-1}
 	- unzip 5.52-11
-CVE-2008-0887 (gnome-screensaver before 2.22.1, when a remote authentication server ...)
+CVE-2008-0887
 	- gnome-screensaver 2.22.2-1 (low; bug #475154)
 	[etch] - gnome-screensaver <no-dsa> (Minor issue, requires attacker with high level of control, see #433964)
 CVE-2008-0886
 	REJECTED
 CVE-2008-0885
 	RESERVED
-CVE-2008-0884 (The Replace function in the capp-lspp-config script in the (1) ...)
+CVE-2008-0884
 	NOT-FOR-US: Red Hat Enterprise Linux
 	NOTE: Seems Redhat specific
-CVE-2008-0882 (Double free vulnerability in the process_browse_data function in CUPS ...)
+CVE-2008-0882
 	{DSA-1530-1 DTSA-117-1}
 	- cupsys 1.3.6-1 (medium; bug #467653)
 	- cups 1.3.6-1 (medium; bug #467653)
 	[sarge] - cupsys <no-dsa> (Remote DoS is minor issue)
-CVE-2008-0881 (SQL injection vulnerability in modules.php in the Okul 1.0 module for ...)
+CVE-2008-0881
 	NOT-FOR-US: Okul module for PHP-Nuke
-CVE-2008-0880 (SQL injection vulnerability in modules.php in the EasyContent module ...)
+CVE-2008-0880
 	NOT-FOR-US: EasyContent module for PHP-Nuke
-CVE-2008-0879 (SQL injection vulnerability in modules.php in the Web_Links module for ...)
+CVE-2008-0879
 	NOT-FOR-US: Web_Links module for PHP-Nuke
-CVE-2008-0878 (SQL injection vulnerability in index.php in the MyAnnonces 1.7 and ...)
+CVE-2008-0878
 	NOT-FOR-US: MyAnnonces module for RunCMS
-CVE-2008-0877 (Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media ...)
+CVE-2008-0877
 	NOT-FOR-US: Jinzora Media Jukebox
-CVE-2008-0876 (Unspecified vulnerability in the SEWB3 messaging service in Hitachi ...)
+CVE-2008-0876
 	NOT-FOR-US: Hitachi SEWB3
-CVE-2008-0875 (Unspecified vulnerability in Hitachi EUR Print Manager, and related ...)
+CVE-2008-0875
 	NOT-FOR-US: Hitachi EUR Print Manager
-CVE-2008-0874 (SQL injection vulnerability in index.php in the eEmpregos module for ...)
+CVE-2008-0874
 	NOT-FOR-US: eEmpregos module for XOOPS
-CVE-2008-0873 (SQL injection vulnerability in index.php in the jlmZone Classifieds ...)
+CVE-2008-0873
 	NOT-FOR-US: jlmZone Classifieds module for XOOPS
-CVE-2008-0872 (Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail ...)
+CVE-2008-0872
 	NOT-FOR-US: SmarterTools SmarterMail Enterprise
-CVE-2008-0871 (Multiple stack-based buffer overflows in Now SMS/MMS Gateway ...)
+CVE-2008-0871
 	NOT-FOR-US: Now SMS/MMS Gateway
-CVE-2008-0870 (BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under ...)
+CVE-2008-0870
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0869 (Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 ...)
+CVE-2008-0869
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0868 (Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic ...)
+CVE-2008-0868
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0867 (Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA ...)
+CVE-2008-0867
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0866 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
+CVE-2008-0866
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0865 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 ...)
+CVE-2008-0865
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0864 (Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can ...)
+CVE-2008-0864
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0863 (BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web ...)
+CVE-2008-0863
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0862 (IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a ...)
+CVE-2008-0862
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-0861 (Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus ...)
+CVE-2008-0861
 	NOT-FOR-US: IBM Lotus Quickplace
-CVE-2008-0860 (Unspecified vulnerability in the AVG plugin in Kerio MailServer before ...)
+CVE-2008-0860
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-0859 (Unspecified vulnerability in Kerio MailServer before 6.5.0 allows ...)
+CVE-2008-0859
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-0858 (Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer ...)
+CVE-2008-0858
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-0857 (SQL injection vulnerability in index.php in WoltLab Burning Board ...)
+CVE-2008-0857
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-0856 (Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow ...)
+CVE-2008-0856
 	NOT-FOR-US: e-Vision CMS
-CVE-2008-0855 (SQL injection vulnerability in the Facile Forms (com_facileforms) ...)
+CVE-2008-0855
 	NOT-FOR-US: com_facileforms component for Joomla! and Mambo
-CVE-2008-0854 (SQL injection vulnerability in the com_salesrep component for Joomla! ...)
+CVE-2008-0854
 	NOT-FOR-US: com_salesrep component for Joomla! and Mambo
-CVE-2008-0853 (SQL injection vulnerability in the com_detail component for Joomla! ...)
+CVE-2008-0853
 	NOT-FOR-US: com_detail component for Joomla! and Mambo
-CVE-2008-0852 (freeSSHd 1.2 and earlier allows remote attackers to cause a denial of ...)
+CVE-2008-0852
 	NOT-FOR-US: freeSSHd
-CVE-2008-0851 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 ...)
+CVE-2008-0851
 	- dokeos <itp> (bug #433352)
-CVE-2008-0850 (Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote ...)
+CVE-2008-0850
 	- dokeos <itp> (bug #433352)
-CVE-2008-0849 (SQL injection vulnerability in index.php in the Downloads ...)
+CVE-2008-0849
 	NOT-FOR-US: com_downloads component for Mambo and Joomla!
-CVE-2008-0848 (Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty ...)
+CVE-2008-0848
 	NOT-FOR-US: Crafty Syntax Live Help
-CVE-2008-0847 (SQL injection vulnerability in print.php in the myTopics module for ...)
+CVE-2008-0847
 	NOT-FOR-US: myTopics module for XOOPS
-CVE-2008-0846 (SQL injection vulnerability in index.php in the com_profile component ...)
+CVE-2008-0846
 	NOT-FOR-US: com_profile component for Mambo and Joomla!
-CVE-2008-0845 (SQL injection vulnerability in wp-people-popup.php in Dean Logan ...)
+CVE-2008-0845
 	NOT-FOR-US: WP-People plugin for WordPress
-CVE-2008-0844 (SQL injection vulnerability in index.php in the PccookBook ...)
+CVE-2008-0844
 	NOT-FOR-US: com_pccookbook component for Joomla!
-CVE-2008-0843 (StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive ...)
+CVE-2008-0843
 	NOT-FOR-US: StatCounteX
-CVE-2008-0842 (SQL injection vulnerability in index.php in the Classifier ...)
+CVE-2008-0842
 	NOT-FOR-US: com_clasifier component for Joomla!
-CVE-2008-0841 (SQL injection vulnerability in index.php in the Giorgio Nordo Ricette ...)
+CVE-2008-0841
 	NOT-FOR-US: com_ricette component for Joomla!
-CVE-2008-0840 (Directory traversal vulnerability in view_member.php in Public ...)
+CVE-2008-0840
 	NOT-FOR-US: LightBlog
-CVE-2008-0839 (SQL injection vulnerability in refer.php in the astatsPRO ...)
+CVE-2008-0839
 	NOT-FOR-US: com_astatspro component for Joomla!
-CVE-2008-0838 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2008-0838
 	NOT-FOR-US: Sophos, Email Security Appliance
-CVE-2008-0837 (Cross-site scripting (XSS) vulnerability in the log feature in the ...)
+CVE-2008-0837
 	NOT-FOR-US: John Godley Search Unleashed plugin for WordPress
-CVE-2008-0836 (Unspecified vulnerability in the vuidmice STREAMS modules in Sun ...)
+CVE-2008-0836
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0835 (SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and ...)
+CVE-2008-0835
 	NOT-FOR-US: Simple CMS
-CVE-2008-0834 (Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS ...)
+CVE-2008-0834
 	NOT-FOR-US: Lotus Quickr
-CVE-2008-0833 (SQL injection vulnerability in index.php in the com_galeria component ...)
+CVE-2008-0833
 	NOT-FOR-US: com_galeria component for Joomla!
-CVE-2008-0832 (SQL injection vulnerability in index.php in the Kemas Antonius ...)
+CVE-2008-0832
 	NOT-FOR-US: com_quran component for Mambo and Joomla!
-CVE-2008-0831 (Multiple SQL injection vulnerabilities in the Rapid Recipe ...)
+CVE-2008-0831
 	NOT-FOR-US: com_rapidrecipe component for Joomla!
-CVE-2008-0830 (The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 ...)
+CVE-2008-0830
 	NOT-FOR-US: DPAP server for iPhoto
-CVE-2008-0829 (SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! ...)
+CVE-2008-0829
 	NOT-FOR-US: com_jooget component for Joomla! and Mambo
-CVE-2008-0828 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 ...)
+CVE-2008-0828
 	NOT-FOR-US: ATutor
-CVE-2008-0827 (SQL injection vulnerability in the Books module of PHP-Nuke allows ...)
+CVE-2008-0827
 	NOT-FOR-US: Books module of PHP-Nuke
-CVE-2008-0826 (Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 ...)
+CVE-2008-0826
 	NOT-FOR-US: Claroline
-CVE-2008-0825 (SQL injection vulnerability in Claroline before 1.8.9 allows remote ...)
+CVE-2008-0825
 	NOT-FOR-US: Claroline
-CVE-2008-0824 (Unspecified vulnerability in the php2phps function in Claroline before ...)
+CVE-2008-0824
 	NOT-FOR-US: Claroline
-CVE-2008-0823 (Unspecified vulnerability in the Header Image Module before 5.x-1.1 ...)
+CVE-2008-0823
 	NOT-FOR-US: Header Image Module for Drupal
-CVE-2008-0822 (Directory traversal vulnerability in index.php in Scribe 0.2 allows ...)
+CVE-2008-0822
 	NOT-FOR-US: Scribe
-CVE-2008-0821 (SQL injection vulnerability in admin/traffic/knowledge_searchm.php in ...)
+CVE-2008-0821
 	NOT-FOR-US: PHP Live!
-CVE-2008-0820 (** DISPUTED ** ...)
+CVE-2008-0820
 	NOT-FOR-US: Etomite CMS
-CVE-2008-0819 (Directory traversal vulnerability in index.php in PlutoStatus Locator ...)
+CVE-2008-0819
 	NOT-FOR-US: PlutoStatus Locator
-CVE-2008-0818 (Multiple directory traversal vulnerabilities in freePHPgallery 0.6 ...)
+CVE-2008-0818
 	NOT-FOR-US: freePHPgallery
-CVE-2008-0817 (SQL injection vulnerability in the com_filebase component for Joomla! ...)
+CVE-2008-0817
 	NOT-FOR-US: com_filebase component for Joomla! and Mambo
-CVE-2008-0816 (SQL injection vulnerability in the com_sg component for Joomla! and ...)
+CVE-2008-0816
 	NOT-FOR-US: com_sg component for Joomla! and Mambo
-CVE-2008-0815 (SQL injection vulnerability in the com_mezun component for Joomla! ...)
+CVE-2008-0815
 	NOT-FOR-US: com_mezun component for Joomla!
-CVE-2008-0814 (Directory traversal vulnerability in download.php in Tracking ...)
+CVE-2008-0814
 	NOT-FOR-US: TRUC
-CVE-2008-0813 (Directory traversal vulnerability in Download.php in XPWeb 3.0.1, ...)
+CVE-2008-0813
 	NOT-FOR-US: XPWeb
-CVE-2008-0812 (Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 ...)
+CVE-2008-0812
 	NOT-FOR-US: BanPro DMS
-CVE-2008-0811 (Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote ...)
+CVE-2008-0811
 	NOT-FOR-US: AuraCMS
-CVE-2008-0810 (SQL injection vulnerability in the com_scheduling module for Joomla! ...)
+CVE-2008-0810
 	NOT-FOR-US: com_scheduling module for Joomla! and Mambo
-CVE-2008-0805 (Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b ...)
+CVE-2008-0805
 	NOT-FOR-US: PHPizabi
-CVE-2008-0804 (PHP remote file inclusion vulnerability in usrgetform.html in Thecus ...)
+CVE-2008-0804
 	NOT-FOR-US: Thecus N5200Pro NAS Server
-CVE-2008-0983 (lighttpd 1.4.18, and possibly other versions before 1.5.0, does not ...)
+CVE-2008-0983
 	{DSA-1609-1}
 	- lighttpd 1.4.18-2 (medium; bug #466663)
-CVE-2008-0883 (acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite ...)
+CVE-2008-0883
 	NOT-FOR-US: Adobe Acrobat Reader
 	NOTE: http://www.openwall.com/lists/oss-security/2008/02/21/5
-CVE-2008-0803 (Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan ...)
+CVE-2008-0803
 	NOT-FOR-US: LookStrike Lan Manager
-CVE-2008-0802 (SQL injection vulnerability in index.php in the MediaSlide ...)
+CVE-2008-0802
 	NOT-FOR-US: Joomla component
-CVE-2008-0801 (SQL injection vulnerability in index.php in the PAXXGallery ...)
+CVE-2008-0801
 	NOT-FOR-US: Joomla component
-CVE-2008-0800 (SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) ...)
+CVE-2008-0800
 	NOT-FOR-US: Joomla component
-CVE-2008-0799 (SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 ...)
+CVE-2008-0799
 	NOT-FOR-US: Joomla component
-CVE-2008-0798 (Multiple directory traversal vulnerabilities in artmedic webdesign ...)
+CVE-2008-0798
 	NOT-FOR-US: artmedic webdesign
-CVE-2008-0797 (Directory traversal vulnerability in lib/download.php in iTheora 1.0 ...)
+CVE-2008-0797
 	NOT-FOR-US: iTheora
-CVE-2008-0796 (SQL injection vulnerability in threads.php in Nuboard 0.5 allows ...)
+CVE-2008-0796
 	NOT-FOR-US: Nuboard
-CVE-2008-0795 (SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) ...)
+CVE-2008-0795
 	NOT-FOR-US: Joomla component
-CVE-2008-0794 (Directory traversal vulnerability in user/header.php in Affiliate ...)
+CVE-2008-0794
 	NOT-FOR-US: Affiliate Market
-CVE-2008-0793 (Multiple cross-site scripting (XSS) vulnerabilities in search.asp in ...)
+CVE-2008-0793
 	NOT-FOR-US: Tendenci CMS
-CVE-2008-0792 (Multiple F-Secure anti-virus products, including Internet Security ...)
+CVE-2008-0792
 	NOT-FOR-US: F-Secure
-CVE-2008-0791 (ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote ...)
+CVE-2008-0791
 	NOT-FOR-US: Intermate WinIPDS
-CVE-2008-0790 (Directory traversal vulnerability in ipdsserver.exe in Intermate ...)
+CVE-2008-0790
 	NOT-FOR-US: Intermate WinIPDS
-CVE-2008-0789 (SQL injection vulnerability in countdown.php in LI-Scripts ...)
+CVE-2008-0789
 	NOT-FOR-US: LI Countdown
-CVE-2008-0788 (Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB ...)
+CVE-2008-0788
 	NOT-FOR-US: MyBB
-CVE-2008-0787 (SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before ...)
+CVE-2008-0787
 	NOT-FOR-US: MyBB
-CVE-2008-0786 (CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 ...)
+CVE-2008-0786
 	- cacti 0.8.7b-1
 	[etch] - cacti <not-affected> (Not exploitable with Etch PHP version)
 	NOTE: this is prevented by PHP since 4.4.2/5.1.2.
-CVE-2008-0785 (Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b ...)
+CVE-2008-0785
 	{DSA-1569-1}
 	- cacti 0.8.7b-1 (low; bug #530919)
-CVE-2008-0784 (graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows ...)
+CVE-2008-0784
 	- cacti 0.8.7b-1 (unimportant)
 	NOTE: paths on Debian already known
-CVE-2008-0783 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 ...)
+CVE-2008-0783
 	{DSA-1569-1}
 	- cacti 0.8.7b-1 (low; bug #530919)
 	[etch] - cacti 0.8.6i-3.3
-CVE-2008-0782 (Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows ...)
+CVE-2008-0782
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-0781 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0781
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-0780 (Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through ...)
+CVE-2008-0780
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-0932 (diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows ...)
+CVE-2008-0932
 	{DSA-1508-1}
 	- sword 1.5.9-8 (high; bug #466449)
 	NOTE: source package named sword, binary package named diatheke
-CVE-2008-0806 (wyrd 1.4.3b allows local users to overwrite arbitrary files via a ...)
+CVE-2008-0806
 	- wyrd 1.4.3b-4 (low; bug #466382)
 	[etch] - wyrd <no-dsa> (Minor issue)
-CVE-2008-0807 (lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before ...)
+CVE-2008-0807
 	{DSA-1507-1}
 	- turba2 2.1.7-1 (bug #464058)
-CVE-2008-0779 (The fortimon.sys device driver in Fortinet FortiClient Host Security ...)
+CVE-2008-0779
 	NOT-FOR-US: Fortinet FortiClient 3.0
-CVE-2008-0778 (Multiple stack-based buffer overflows in an ActiveX control in ...)
+CVE-2008-0778
 	NOT-FOR-US: QuickTime
-CVE-2008-0777 (The sendfile system call in FreeBSD 5.5 through 7.0 does not check the ...)
+CVE-2008-0777
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (FreeBSD not supported)
 	- kfreebsd-6 6.3-3 (bug #483152)
 	- kfreebsd-7 7.0-1 (bug #483152)
-CVE-2008-0776 (SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows ...)
+CVE-2008-0776
 	NOT-FOR-US: iTechBids
-CVE-2008-0775 (Cross-site scripting (XSS) vulnerability in sboxDB.php in Simple ...)
+CVE-2008-0775
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-0774 (Cross-site scripting (XSS) vulnerability in search.cgi in Loris Hotel ...)
+CVE-2008-0774
 	NOT-FOR-US: Loris Hotel Reservations
-CVE-2008-0773 (SQL injection vulnerability in Phil Taylor Comments (com_comments, aka ...)
+CVE-2008-0773
 	NOT-FOR-US: Mambo plugin
-CVE-2008-0772 (SQL injection vulnerability in index.php in the com_doc component for ...)
+CVE-2008-0772
 	NOT-FOR-US: Mambo plugin
-CVE-2008-0771 (Multiple SQL injection vulnerabilities in default.asp in Site2Nite ...)
+CVE-2008-0771
 	NOT-FOR-US: Site2Nite
-CVE-2008-0770 (SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and ...)
+CVE-2008-0770
 	NOT-FOR-US: ibProArcade
-CVE-2008-0769 (Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through ...)
+CVE-2008-0769
 	NOT-FOR-US: Livelink
-CVE-2008-0768 (Multiple stack-based and heap-based buffer overflows in the Windows ...)
+CVE-2008-0768
 	NOT-FOR-US: IBM Informix
-CVE-2008-0767 (ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and ...)
+CVE-2008-0767
 	NOT-FOR-US: ExtremeZ-IP
-CVE-2008-0766 (Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print ...)
+CVE-2008-0766
 	NOT-FOR-US: Brooks Remote Print Manager
-CVE-2008-0765 (Multiple cross-site scripting (XSS) vulnerabilities in artmedic ...)
+CVE-2008-0765
 	NOT-FOR-US: artmedic
-CVE-2008-0764 (Format string vulnerability in the logging function in Larson Network ...)
+CVE-2008-0764
 	NOT-FOR-US: Larson Network Print Server
-CVE-2008-0763 (Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print ...)
+CVE-2008-0763
 	NOT-FOR-US: Larson Network Print Server
-CVE-2008-0762 (SQL injection vulnerability in index.php in the com_iomezun component ...)
+CVE-2008-0762
 	NOT-FOR-US: com_iomezun component for Joomla!
-CVE-2008-0761 (SQL injection vulnerability in index.php in the Prince Clan Chess Club ...)
+CVE-2008-0761
 	NOT-FOR-US: Prince Clan Chess Club component for Joomla!
-CVE-2008-0760 (Directory traversal vulnerability in SafeNet Sentinel Protection ...)
+CVE-2008-0760
 	NOT-FOR-US: SafeNet Sentinel Protection Server
-CVE-2008-0759 (ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and ...)
+CVE-2008-0759
 	NOT-FOR-US: ExtremeZ-IP
-CVE-2008-0758 (Multiple directory traversal vulnerabilities in the Zidget/HTTP ...)
+CVE-2008-0758
 	NOT-FOR-US: ExtremeZ-IP
-CVE-2008-0757 (Cross-site scripting (XSS) vulnerability in index.php in MercuryBoard ...)
+CVE-2008-0757
 	NOT-FOR-US: MercuryBoard
-CVE-2008-0756 (The LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; ...)
+CVE-2008-0756
 	NOT-FOR-US: cyan soft Opium OPI software
-CVE-2008-0755 (Format string vulnerability in the ReportSysLogEvent function in the ...)
+CVE-2008-0755
 	NOT-FOR-US: cyan soft Opium OPI software
-CVE-2008-0754 (Multiple SQL injection vulnerabilities in index.php in the Rapid ...)
+CVE-2008-0754
 	NOT-FOR-US: Rapid Recipe component for Joomla!
-CVE-2008-0753 (SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 ...)
+CVE-2008-0753
 	NOT-FOR-US: Virtual War
-CVE-2008-0752 (SQL injection vulnerability in index.php in the Neogallery ...)
+CVE-2008-0752
 	NOT-FOR-US: Neogallery component for Joomla!
-CVE-2008-0751 (Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 ...)
+CVE-2008-0751
 	NOT-FOR-US: Spartacus plugin (freetag) for serendipity
-CVE-2008-0750 (SQL injection vulnerability in philboard_forum.asp in Husrev ...)
+CVE-2008-0750
 	NOT-FOR-US: Husrev BlackBoard
-CVE-2008-0749 (Cross-site scripting (XSS) vulnerability in index.php in Calimero.CMS ...)
+CVE-2008-0749
 	NOT-FOR-US: Calimero.CMS
-CVE-2008-0748 (Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX ...)
+CVE-2008-0748
 	NOT-FOR-US: Sony ImageStation
-CVE-2008-0747 (Stack-based buffer overflow in COWON America jetAudio 7.0.5 and ...)
+CVE-2008-0747
 	NOT-FOR-US: COWON America jetAudio
-CVE-2008-0746 (SQL injection vulnerability in index.php in the Gallery (com_gallery) ...)
+CVE-2008-0746
 	NOT-FOR-US: Gallery component for Mambo and Joomla!
-CVE-2008-0745 (Directory traversal vulnerability in aides/index.php in DomPHP 0.82 ...)
+CVE-2008-0745
 	NOT-FOR-US: DomPHP
-CVE-2008-0744 (SQL injection vulnerability in user_login.asp in PreProjects.com Pre ...)
+CVE-2008-0744
 	NOT-FOR-US: Pre Hotels & Resorts Management System
-CVE-2008-0743 (PHP remote file inclusion vulnerability in members_help.php in Joovili ...)
+CVE-2008-0743
 	NOT-FOR-US: Joovili
-CVE-2008-0742 (Multiple directory traversal vulnerabilities in PowerScripts PowerNews ...)
+CVE-2008-0742
 	NOT-FOR-US: PowerNews
-CVE-2008-0741 (Unspecified vulnerability in the PropFilePasswordEncoder utility in ...)
+CVE-2008-0741
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-0740 (IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 ...)
+CVE-2008-0740
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-0739 (SQL injection vulnerability in admin/SA_shipFedExMeter.asp in ...)
+CVE-2008-0739
 	NOT-FOR-US: CandyPress
-CVE-2008-0738 (Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, ...)
+CVE-2008-0738
 	NOT-FOR-US: CandyPress
-CVE-2008-0737 (SQL injection vulnerability in admin/utilities_ConfigHelp.asp in ...)
+CVE-2008-0737
 	NOT-FOR-US: CandyPress
-CVE-2008-0736 (admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly ...)
+CVE-2008-0736
 	NOT-FOR-US: CandyPress
-CVE-2008-0735 (SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in ...)
+CVE-2008-0735
 	NOT-FOR-US: AuraCMS
-CVE-2008-0734 (SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, ...)
+CVE-2008-0734
 	NOT-FOR-US: Limbo CMS
-CVE-2008-0733 (SQL injection vulnerability in index.php in CS Team Counter Strike ...)
+CVE-2008-0733
 	NOT-FOR-US: CS Team Counter Strike Portals
-CVE-2008-0732 (The init script for Apache Geronimo on SUSE Linux follows symlinks ...)
+CVE-2008-0732
 	NOT-FOR-US: Apache Geronimo
-CVE-2008-0731 (The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not ...)
+CVE-2008-0731
 	NOT-FOR-US: SuSE kernel/apparmor
-CVE-2008-0730 (The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and ...)
+CVE-2008-0730
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0729 (Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers ...)
+CVE-2008-0729
 	NOT-FOR-US: Apple iPhone
-CVE-2008-0728 (The unmew11 function in libclamav/mew.c in libclamav in ClamAV before ...)
+CVE-2008-0728
 	- clamav 0.92.1~dfsg-1
 	[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2008-0727 (Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server ...)
+CVE-2008-0727
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0726 (Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows ...)
+CVE-2008-0726
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2008-0725 (Multiple heap-based buffer overflows in the (1) FTP service and (2) ...)
+CVE-2008-0725
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-0724 (The Everything Development Engine in The Everything Development System ...)
+CVE-2008-0724
 	NOT-FOR-US: The Everything Development System
-CVE-2008-0723 (Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews ...)
+CVE-2008-0723
 	NOT-FOR-US: MyNews
-CVE-2008-0722 (Cross-site scripting (XSS) vulnerability in index.php in Pagetool ...)
+CVE-2008-0722
 	NOT-FOR-US: Pagetool
-CVE-2008-0721 (SQL injection vulnerability in index.php in the Sermon (com_sermon) ...)
+CVE-2008-0721
 	NOT-FOR-US: Sermon component for Mambo
-CVE-2008-0720 (Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and ...)
+CVE-2008-0720
 	- webmin <removed>
-CVE-2008-0719 (SQL injection vulnerability in customer_testimonials.php in the ...)
+CVE-2008-0719
 	NOT-FOR-US: osCommerce Online Merchant
-CVE-2008-0718 (Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in ...)
+CVE-2008-0718
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0717 (Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 ...)
+CVE-2008-0717
 	NOT-FOR-US: IBM WebSphere Edge Server
-CVE-2008-0716 (The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 ...)
+CVE-2008-0716
 	NOT-FOR-US: Symantec Altiris Notification Server
-CVE-2008-0715 (Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows ...)
+CVE-2008-0715
 	NOT-FOR-US: ACDSee
-CVE-2008-0714 (SQL injection vulnerability in users.php in Mihalism Multi Host allows ...)
+CVE-2008-0714
 	NOT-FOR-US: Mihalism Multi Host
-CVE-2008-0713 (Unspecified vulnerability in the FTP server for HP-UX B.11.11, ...)
+CVE-2008-0713
 	NOT-FOR-US: HP-UX B
-CVE-2008-0712 (Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ...)
+CVE-2008-0712
 	NOT-FOR-US: HP HPeDiag
-CVE-2008-0711 (Unspecified vulnerability in the embedded management console in HP ...)
+CVE-2008-0711
 	NOT-FOR-US: HP iLO-2 management processors
 CVE-2008-0710
 	REJECTED
-CVE-2008-0709 (Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, ...)
+CVE-2008-0709
 	NOT-FOR-US: HP Select Identity
-CVE-2008-0708 (HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) ...)
+CVE-2008-0708
 	NOT-FOR-US: HP USB 2.0 Floppy Drive Key
-CVE-2008-0707 (HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX ...)
+CVE-2008-0707
 	NOT-FOR-US: HP-UX
-CVE-2008-0706 (Unspecified vulnerability in the BIOS F.26 and earlier for the HP ...)
+CVE-2008-0706
 	NOT-FOR-US: BIOS F.26
 CVE-2008-0705
 	REJECTED
-CVE-2008-0704 (Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP ...)
+CVE-2008-0704
 	NOT-FOR-US: HP OpenVMS
-CVE-2008-0703 (Multiple directory traversal vulnerabilities in sflog! 0.96 allow ...)
+CVE-2008-0703
 	NOT-FOR-US: sflog!
-CVE-2008-0702 (Multiple heap-based buffer overflows in Titan FTP Server 6.03 and ...)
+CVE-2008-0702
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-0701 (ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check ...)
+CVE-2008-0701
 	NOT-FOR-US: Magnolia CE
-CVE-2008-0700 (Cross-site scripting (XSS) vulnerability in search.php in Crux ...)
+CVE-2008-0700
 	NOT-FOR-US: CruxCMS
-CVE-2008-0699 (Unspecified vulnerability in the ADMIN_SP_C procedure ...)
+CVE-2008-0699
 	NOT-FOR-US: IBM DB2
-CVE-2008-0698 (Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 ...)
+CVE-2008-0698
 	NOT-FOR-US: IBM DB2
-CVE-2008-0697 (Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 ...)
+CVE-2008-0697
 	NOT-FOR-US: IBM DB2
-CVE-2008-0696 (IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization ...)
+CVE-2008-0696
 	NOT-FOR-US: IBM DB2
-CVE-2008-0695 (SQL injection vulnerability in index.php in BookmarkX script 2007 ...)
+CVE-2008-0695
 	NOT-FOR-US: BookmarkX
-CVE-2008-0694 (Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM ...)
+CVE-2008-0694
 	NOT-FOR-US: IBM OS/400 V5R3M0 and V5R4M0
-CVE-2008-0693 (Stack-based buffer overflow in PQCore.exe in Print Manager Plus 2008 ...)
+CVE-2008-0693
 	NOT-FOR-US: Print Manager Plus
-CVE-2008-0692 (SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and ...)
+CVE-2008-0692
 	NOT-FOR-US: iTechBids
-CVE-2008-0691 (Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php ...)
+CVE-2008-0691
 	NOT-FOR-US: WP-Footnotes plugin for WordPress
-CVE-2008-0690 (SQL injection vulnerability in index.php in the mosDirectory ...)
+CVE-2008-0690
 	NOT-FOR-US: mosDirectory component for Joomla!
-CVE-2008-0689 (SQL injection vulnerability in index.php in the Marketplace ...)
+CVE-2008-0689
 	NOT-FOR-US: Marketplace component for Joomla!
-CVE-2008-0688 (Cross-site scripting (XSS) vulnerability in catalog.php in Smartscript ...)
+CVE-2008-0688
 	NOT-FOR-US: Smartscript Domain Trader
-CVE-2008-0687 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-0687
 	NOT-FOR-US: Youtube Clone Script
-CVE-2008-0686 (SQL injection vulnerability in index.php in the NeoReferences ...)
+CVE-2008-0686
 	NOT-FOR-US: NeoReferences component for Joomla!
-CVE-2008-0685 (SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 ...)
+CVE-2008-0685
 	NOT-FOR-US: iTechClassifieds
-CVE-2008-0684 (Cross-site scripting (XSS) vulnerability in ViewCat.php in ...)
+CVE-2008-0684
 	NOT-FOR-US: iTechClassifieds
-CVE-2008-0683 (SQL injection vulnerability in shiftthis-preview.php in the ShiftThis ...)
+CVE-2008-0683
 	NOT-FOR-US: st_newsletter plugin for WordPress
-CVE-2008-0682 (SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin ...)
+CVE-2008-0682
 	NOT-FOR-US: Wordspew plugin for Wordpress
-CVE-2008-0681 (SQL injection vulnerability in index.php in PHPShop 0.8.1 allows ...)
+CVE-2008-0681
 	NOT-FOR-US: PHPShop
-CVE-2008-0680 (SNMPd in MikroTik RouterOS 3.2 and earlier allows remote attackers to ...)
+CVE-2008-0680
 	NOT-FOR-US: MicroTik RouterOS
-CVE-2008-0679 (Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 ...)
+CVE-2008-0679
 	NOT-FOR-US: BlogPHP
-CVE-2008-0678 (SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote ...)
+CVE-2008-0678
 	NOT-FOR-US: BlogPHP
-CVE-2008-0677 (SQL injection vulnerability in blog.php in A-Blog 2 allows remote ...)
+CVE-2008-0677
 	NOT-FOR-US: A-Blog
-CVE-2008-0676 (Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 ...)
+CVE-2008-0676
 	NOT-FOR-US: A-Blog
-CVE-2008-0675 (SQL injection vulnerability in cms/index.pl in The Everything ...)
+CVE-2008-0675
 	NOT-FOR-US: Everything Development System
-CVE-2008-0674 (Buffer overflow in PCRE before 7.6 allows remote attackers to execute ...)
+CVE-2008-0674
 	{DSA-1499-1 DTSA-115-1}
 	- pcre3 7.6-1 (medium)
 	- php5 <not-affected> (Uses sytem copy)
-CVE-2008-0673 (TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an ...)
+CVE-2008-0673
 	- tintin++ 1.97.9-2 (low; bug #465643)
 	[etch] - tintin++ <no-dsa> (Minor issue)
-CVE-2008-0672 (The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 ...)
+CVE-2008-0672
 	- tintin++ 1.97.9-2 (low; bug #465643)
 	[etch] - tintin++ <no-dsa> (Minor issue)
-CVE-2008-0671 (Stack-based buffer overflow in the add_line_buffer function in ...)
+CVE-2008-0671
 	- tintin++ 1.97.9-2 (medium; bug #465643)
 	[etch] - tintin++ <no-dsa> (Minor issue)
-CVE-2008-0670 (SQL injection vulnerability in index.php in the Noticias ...)
+CVE-2008-0670
 	NOT-FOR-US: Noticias component for Joomla!
-CVE-2008-0669 (Cross-site scripting (XSS) vulnerability in search.cgi in Sift Unity ...)
+CVE-2008-0669
 	NOT-FOR-US: Sift Unity
-CVE-2008-0668 (The excel_read_HLINK function in plugins/excel/ms-excel-read.c in ...)
+CVE-2008-0668
 	{DSA-1546-1}
 	- gnumeric 1.8.1-1 (medium)
-CVE-2008-0667 (The DOC.print function in the Adobe JavaScript API, as used by Adobe ...)
+CVE-2008-0667
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2008-0663 (Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with ...)
+CVE-2008-0663
 	NOT-FOR-US: Novell Challenge Response Client
-CVE-2008-0662 (The Auto Local Logon feature in Check Point VPN-1 ...)
+CVE-2008-0662
 	NOT-FOR-US: SecuRemote/SecureClient NGX R60 and R56
-CVE-2008-0661 (Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote ...)
+CVE-2008-0661
 	NOT-FOR-US: dBpowerAMP Audio Player
-CVE-2008-0660 (Multiple stack-based buffer overflows in Aurigma Image Uploader ...)
+CVE-2008-0660
 	NOT-FOR-US: Aurigma Image Uploader
-CVE-2008-0659 (Stack-based buffer overflow in Aurigma Image Uploader ActiveX control ...)
+CVE-2008-0659
 	NOT-FOR-US: Aurigma Image Uploader
-CVE-2008-0658 (slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP ...)
+CVE-2008-0658
 	{DSA-1541-1}
 	- openldap2.3 2.4.7-6.1 (low; bug #465875)
 	- openldap2.2 <removed>
 	- openldap2 <not-affected> (slapd not built from this version)
 	NOTE: only authenticated users can exploit this
-CVE-2008-0657 (Multiple unspecified vulnerabilities in the Java Runtime Environment ...)
+CVE-2008-0657
 	- sun-java6 6-02-1
 	- sun-java5 1.5.0-14-1
 	[etch] - sun-java5 1.5.0-14-1etch1
-CVE-2008-0656 (Unrestricted file upload vulnerability in dmclTrace.jsp in EMC ...)
+CVE-2008-0656
 	NOT-FOR-US: Documentum Administrator and Webtop
-CVE-2008-0655 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat ...)
+CVE-2008-0655
 	NOT-FOR-US: Adobe Reader
-CVE-2008-0654 (Multiple directory traversal vulnerabilities in Azucar CMS 1.3 allow ...)
+CVE-2008-0654
 	NOT-FOR-US: Azucar CMS
-CVE-2008-0653 (SQL injection vulnerability in index.php in the Ynews (com_ynews) ...)
+CVE-2008-0653
 	NOT-FOR-US: Ynews component for Joomla!
-CVE-2008-0652 (SQL injection vulnerability in index.php in the Downloads ...)
+CVE-2008-0652
 	NOT-FOR-US: Downloads for Mambo and Joomla!
-CVE-2008-0651 (SQL injection vulnerability in login.php in Pedro Santana Codice CMS ...)
+CVE-2008-0651
 	NOT-FOR-US: Pedro Santana Codice CMS
-CVE-2008-0650 (SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta ...)
+CVE-2008-0650
 	NOT-FOR-US: Simple OS CMS
-CVE-2008-0649 (SQL injection vulnerability in detail.php in Astanda Directory Project ...)
+CVE-2008-0649
 	NOT-FOR-US: Astanda Directory Project
-CVE-2008-0648 (Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin ...)
+CVE-2008-0648
 	NOT-FOR-US: OpenSiteAdmin
-CVE-2008-0647 (Multiple stack-based buffer overflows in the ...)
+CVE-2008-0647
 	NOT-FOR-US: Ourgame GLWorld
-CVE-2008-0646 (The bdecode_recursive function in include/libtorrent/bencode.hpp in ...)
+CVE-2008-0646
 	- deluge-torrent 0.5.8.3-1 (bug #463357)
-CVE-2008-0645 (Multiple PHP remote file inclusion vulnerabilities in Portail Web Php ...)
+CVE-2008-0645
 	NOT-FOR-US: Portail Web Php
-CVE-2008-0644 (Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to ...)
+CVE-2008-0644
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-0643 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ...)
+CVE-2008-0643
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-0642 (Cross-site scripting (XSS) vulnerability in files created by Adobe ...)
+CVE-2008-0642
 	NOT-FOR-US: Adobe
-CVE-2008-0808 (Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki ...)
+CVE-2008-0808
 	{DSA-1523-1}
 	- ikiwiki 2.31.1 (low; bug #465110)
-CVE-2008-0809 (Cross-site scripting (XSS) vulnerability in the htmlscrubber in ...)
+CVE-2008-0809
 	{DSA-1523-1}
 	- ikiwiki 2.31.1 (low; bug #465110)
 CVE-2008-0641
 	RESERVED
-CVE-2008-0640 (Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 ...)
+CVE-2008-0640
 	NOT-FOR-US: Symantec Ghost Solution Suite
-CVE-2008-0639 (Stack-based buffer overflow in the EnumPrinters function in the ...)
+CVE-2008-0639
 	NOT-FOR-US: Novell Client
-CVE-2008-0638 (Heap-based buffer overflow in the Veritas Enterprise Administrator ...)
+CVE-2008-0638
 	NOT-FOR-US: Veritas Enterprise Administrator service
 CVE-2008-0637
 	RESERVED
-CVE-2008-0636 (Level Platforms, Inc. (LPI) Managed Workplace Service Center 4.x, 5.x ...)
+CVE-2008-0636
 	NOT-FOR-US: Managed Workplace Service Center
-CVE-2008-0635 (Unspecified vulnerability in the delivery engine in Openads 2.4.0 ...)
+CVE-2008-0635
 	NOT-FOR-US: Openads
-CVE-2008-0634 (Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in ...)
+CVE-2008-0634
 	NOT-FOR-US: NamoInstaller
-CVE-2008-0633 (Buffer overflow in Anon Proxy Server 0.102 and earlier, when user ...)
+CVE-2008-0633
 	NOT-FOR-US: Anon Proxy Server
 	NOTE: this is not anon-proxy
-CVE-2008-0632 (Unrestricted file upload vulnerability in cp_upload_image.php in ...)
+CVE-2008-0632
 	NOT-FOR-US: LightBlog
-CVE-2008-0631 (Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow ...)
+CVE-2008-0631
 	NOT-FOR-US: MailBee Objects
-CVE-2008-0630 (Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 ...)
+CVE-2008-0630
 	{DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (medium; bug #464532)
-CVE-2008-0629 (Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before ...)
+CVE-2008-0629
 	{DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (medium; bug #464533)
-CVE-2008-0628 (The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 ...)
+CVE-2008-0628
 	- sun-java6 6-04-1
 	- sun-java5 <not-affected> (referring to sun this vulnerability is not present in java5)
 CVE-2008-0627
 	REJECTED
 CVE-2008-0626
 	REJECTED
-CVE-2008-0625 (Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in ...)
+CVE-2008-0625
 	NOT-FOR-US: Yahoo! Music Jukebox
-CVE-2008-0624 (Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in ...)
+CVE-2008-0624
 	NOT-FOR-US: Yahoo! JukeBox
-CVE-2008-0623 (Stack-based buffer overflow in the YMP Datagrid ActiveX control ...)
+CVE-2008-0623
 	NOT-FOR-US: Yahoo! JukeBox
-CVE-2008-0622 (Cross-site scripting (XSS) vulnerability in RaidenHTTPD 2.0.19 and ...)
+CVE-2008-0622
 	NOT-FOR-US: RaidenHTTPD
-CVE-2008-0621 (Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 ...)
+CVE-2008-0621
 	NOT-FOR-US: SAP GUI
-CVE-2008-0620 (SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before ...)
+CVE-2008-0620
 	NOT-FOR-US: SAPSprint
-CVE-2008-0619 (Buffer overflow in NeroMediaPlayer.exe in Nero Media Player 1.4.0.35 ...)
+CVE-2008-0619
 	NOT-FOR-US: Nero Media Player
-CVE-2008-0618 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2008-0618
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0617 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2008-0617
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0616 (SQL injection vulnerability in the administration panel in the ...)
+CVE-2008-0616
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0615 (Directory traversal vulnerability in wp-admin/admin.php in the ...)
+CVE-2008-0615
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0614 (SQL injection vulnerability in index.php in Photokorn Gallery 1.543 ...)
+CVE-2008-0614
 	NOT-FOR-US: Photokorn Gallery
-CVE-2008-0613 (Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows ...)
+CVE-2008-0613
 	NOT-FOR-US: XOOPS
-CVE-2008-0612 (Directory traversal vulnerability in htdocs/install/index.php in XOOPS ...)
+CVE-2008-0612
 	NOT-FOR-US: XOOPS
-CVE-2008-0611 (SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery ...)
+CVE-2008-0611
 	NOT-FOR-US: RMSOFT Gallery module for XOOPS
-CVE-2008-0610 (Stack-based buffer overflow in the ...)
+CVE-2008-0610
 	NOT-FOR-US: UltraVNC
-CVE-2008-0609 (Directory traversal vulnerability in index.php in DivideConcept VHD ...)
+CVE-2008-0609
 	NOT-FOR-US: Web Pack 2.0
-CVE-2008-0608 (The Logging Server (ftplogsrv.exe) 7.9.14.0 and earlier in IPSwitch ...)
+CVE-2008-0608
 	NOT-FOR-US: IPSwitch WS_FTP
-CVE-2008-0607 (SQL injection vulnerability in index.php in the Sigsiu Online Business ...)
+CVE-2008-0607
 	NOT-FOR-US: Sigsiu Online Business Index 2 component for Joomla! and Mambo
-CVE-2008-0606 (SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) ...)
+CVE-2008-0606
 	NOT-FOR-US: Shambo2 component for Mambo and Joomla!
-CVE-2008-0605 (Multiple cross-site scripting (XSS) vulnerabilities in AstroSoft ...)
+CVE-2008-0605
 	NOT-FOR-US: AstroSoft HelpDesk
-CVE-2008-0604 (The LDAP authentication feature in XLight FTP Server before 2.83, when ...)
+CVE-2008-0604
 	NOT-FOR-US: XLight FTP Server
-CVE-2008-0603 (SQL injection vulnerability in index.php in the amazOOP Awesom! ...)
+CVE-2008-0603
 	NOT-FOR-US: amazOOP Awesom! component for Mambo and Joomla!
-CVE-2008-0602 (Directory traversal vulnerability in index.php in All Club CMS (ACCMS) ...)
+CVE-2008-0602
 	NOT-FOR-US: All Club CMS (ACCMS)
-CVE-2008-0601 (SQL injection vulnerability in index.php in All Club CMS (ACCMS) ...)
+CVE-2008-0601
 	NOT-FOR-US: All Club CMS (ACCMS)
-CVE-2008-0600 (The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 ...)
+CVE-2008-0600
 	{DSA-1494-1 DTSA-113-1}
 	- linux-2.6 2.6.24-4 (high)
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
-CVE-2008-0599 (The init_request_info function in sapi/cgi/cgi_main.c in PHP before ...)
+CVE-2008-0599
 	{DTSA-135-1}
 	- php5 5.2.6-1
 	[etch] - php5 <not-affected> (Vulnerable code not yet present, introduced in 5.2.3)
 	[etch] - php4 <not-affected> (Vulnerable code not yet present, introduced in 5.2.3)
-CVE-2008-0598 (Unspecified vulnerability in the 32-bit and 64-bit emulation in the ...)
+CVE-2008-0598
 	{DSA-1630-1}
 	- linux-2.6 2.6.26-4 (bug #490910)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
-CVE-2008-0597 (Use-after-free vulnerability in CUPS before 1.1.22, and possibly other ...)
+CVE-2008-0597
 	- cupsys 1.2.1-1
 	- cups <not-affected> (Vulnerable code not present)
 	NOTE: (mimeDeleteType included since 1.2.x
 	NOTE: according to maintainer, applies to 1.1.x series only. exact fixed
 	NOTE: version in 1.1 unknown but irrelevant. cups package never had 1.1
 	NOTE: versions in Debian.
-CVE-2008-0596 (Memory leak in CUPS before 1.1.22, and possibly other versions, allows ...)
+CVE-2008-0596
 	- cupsys 1.2.1-1
 	- cups <not-affected> (Vulnerable code not present)
 	NOTE: see CVE-2008-0597
-CVE-2008-0595 (dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes ...)
+CVE-2008-0595
 	{DSA-1599-1}
 	- dbus 1.1.20-1
-CVE-2008-0594 (Mozilla Firefox before 2.0.0.12 does not always display a web forgery ...)
+CVE-2008-0594
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.12-1
-CVE-2008-0593 (Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and ...)
+CVE-2008-0593
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0592 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows ...)
+CVE-2008-0592
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0591 (Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does ...)
+CVE-2008-0591
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.12-1
-CVE-2008-0590 (Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows ...)
+CVE-2008-0590
 	NOT-FOR-US: WS_FTP Server with SSH
-CVE-2008-0589 (The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows ...)
+CVE-2008-0589
 	NOT-FOR-US: IBM AIX
-CVE-2008-0588 (Buffer overflow in the utape program in devices.scsi.tape.diag in IBM ...)
+CVE-2008-0588
 	NOT-FOR-US: IBM AIX
-CVE-2008-0587 (Buffer overflow in the uspchrp program in devices.chrp.base.diag in ...)
+CVE-2008-0587
 	NOT-FOR-US: IBM AIX
-CVE-2008-0586 (Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to ...)
+CVE-2008-0586
 	NOT-FOR-US: IBM AIX
-CVE-2008-0585 (sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable ...)
+CVE-2008-0585
 	NOT-FOR-US: IBM AIX
-CVE-2008-0584 (Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 ...)
+CVE-2008-0584
 	NOT-FOR-US: IBM AIX
-CVE-2008-0583 (Cross-zone scripting vulnerability in the Internet Explorer web ...)
+CVE-2008-0583
 	NOT-FOR-US: Skype
-CVE-2008-0582 (Cross-zone scripting vulnerability in the Internet Explorer web ...)
+CVE-2008-0582
 	NOT-FOR-US: Skype
-CVE-2008-0581 (Geert Moernaut LSrunasE allows local users to gain privileges by ...)
+CVE-2008-0581
 	NOT-FOR-US: LSrunasE
-CVE-2008-0580 (Geert Moernaut LSrunasE and Supercrypt use an encryption key composed ...)
+CVE-2008-0580
 	NOT-FOR-US: LSrunasE and Supercrypt
-CVE-2008-0579 (SQL injection vulnerability in index.php in the buslicense ...)
+CVE-2008-0579
 	NOT-FOR-US: buslicense component for Joomla!
-CVE-2008-0578 (Cross-site scripting (XSS) vulnerability in the web management login ...)
+CVE-2008-0578
 	NOT-FOR-US: Tripwire Enterprise/Server Management Web Interface
-CVE-2008-0577 (The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the ...)
+CVE-2008-0577
 	NOT-FOR-US: Project Issue Tracking module for Drupal
-CVE-2008-0576 (Cross-site scripting (XSS) vulnerability in the Project Issue Tracking ...)
+CVE-2008-0576
 	NOT-FOR-US: Project Issue Tracking module for Drupal
-CVE-2008-0575 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-0575
 	NOT-FOR-US: webSPELL
-CVE-2008-0574 (Cross-site scripting (XSS) vulnerability in index.php in webSPELL ...)
+CVE-2008-0574
 	NOT-FOR-US: webSPELL
-CVE-2008-0573 (IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote ...)
+CVE-2008-0573
 	NOT-FOR-US: SafeNET HighAssurance Remote and SoftRemote
-CVE-2008-0572 (Multiple PHP remote file inclusion vulnerabilities in Mindmeld ...)
+CVE-2008-0572
 	NOT-FOR-US: Mindmeld
-CVE-2008-0571 (The point moderation form in the Userpoints 4.7.x before 4.7.x-2.3, ...)
+CVE-2008-0571
 	NOT-FOR-US: Userpoints module for Drupal
-CVE-2008-0570 (The OpenID 5.x-1.0 and earlier module for Drupal does not properly ...)
+CVE-2008-0570
 	NOT-FOR-US: OpenID module for Drupal
-CVE-2008-0569 (The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 ...)
+CVE-2008-0569
 	NOT-FOR-US: Comment upload module for Drupal
-CVE-2008-0568 (Unspecified vulnerability in the IP-authentication feature in the ...)
+CVE-2008-0568
 	NOT-FOR-US: Secure Site module for Drupal
-CVE-2008-0567 (Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ...)
+CVE-2008-0567
 	NOT-FOR-US: ChronoEngine ChronoForms component for Joomla!
-CVE-2008-0566 (PHP remote file inclusion vulnerability in includes/smarty.php in ...)
+CVE-2008-0566
 	NOT-FOR-US: DeltaScripts PHP Links
-CVE-2008-0565 (SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 ...)
+CVE-2008-0565
 	NOT-FOR-US: DeltaScripts PHP Links
-CVE-2008-0563 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-0563
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0562 (SQL injection vulnerability in index.php in the Restaurant ...)
+CVE-2008-0562
 	NOT-FOR-US: Restaurant component for Mambo and Joomla!
-CVE-2008-0561 (SQL injection vulnerability in index.php in the Arthur Konze ...)
+CVE-2008-0561
 	NOT-FOR-US: AkoGallery component for Mambo and Joomla!
-CVE-2008-0560 (** DISPUTED ** ...)
+CVE-2008-0560
 	NOT-FOR-US: cforms wordpress plugin
-CVE-2008-0559 (Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 ...)
+CVE-2008-0559
 	NOT-FOR-US: cforms wordpress plugin
-CVE-2008-0558 (Cross-site scripting (XSS) vulnerability in Uniwin eCart Professional ...)
+CVE-2008-0558
 	NOT-FOR-US: Uniwin eCart Professiona
-CVE-2008-0557 (SQL injection vulnerability in index.php in the CatalogShop ...)
+CVE-2008-0557
 	NOT-FOR-US: CatalogShop componenent for Mambo and Joomla!
-CVE-2008-0556 (Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, ...)
+CVE-2008-0556
 	NOT-FOR-US: OpenCA PKI Project
-CVE-2008-0555 (The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 ...)
+CVE-2008-0555
 	- apache <removed>
 	[etch] - apache <no-dsa> (only exploitable in very specific setups)
 	NOTE: Only affects the apache-ssl package, not apache or apache-perl.
@@ -15865,107 +15865,107 @@ CVE-2008-0555 (The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.
 	NOTE: While these cases are not really supported by Debian, all in all the low
 	NOTE: severity of the issue is not in proportion to the risk of breaking something
 	NOTE: with the fix.
-CVE-2008-0552 (Cross-site scripting (XSS) vulnerability in index.php in eTicket ...)
+CVE-2008-0552
 	NOT-FOR-US: eTicket
-CVE-2008-0551 (The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll ...)
+CVE-2008-0551
 	NOT-FOR-US: Namo Web Editor
-CVE-2008-0550 (Off-by-one error in Steamcast 0.9.75 and earlier allows remote ...)
+CVE-2008-0550
 	NOT-FOR-US: Steamcast
-CVE-2008-0549 (Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 ...)
+CVE-2008-0549
 	NOT-FOR-US: Steamcast
-CVE-2008-0548 (Steamcast 0.9.75 and earlier allows remote attackers to cause a denial ...)
+CVE-2008-0548
 	NOT-FOR-US: Steamcast
-CVE-2008-0547 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-0547
 	NOT-FOR-US: CandyPress
-CVE-2008-0546 (Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, ...)
+CVE-2008-0546
 	NOT-FOR-US: CandyPress
-CVE-2008-0545 (Multiple directory traversal vulnerabilities in Bubbling Library 1.32 ...)
+CVE-2008-0545
 	NOT-FOR-US: Bubbling Library
-CVE-2008-0543 (Multiple SQL injection vulnerabilities in Pre Dynamic Institution ...)
+CVE-2008-0543
 	NOT-FOR-US: Pre Dynamic Institution
-CVE-2008-0542 (Directory traversal vulnerability in thumbnail.php in Gerd Tentler ...)
+CVE-2008-0542
 	NOT-FOR-US: Simple Forum
-CVE-2008-0541 (Multiple cross-site scripting (XSS) vulnerabilities in forum.php in ...)
+CVE-2008-0541
 	NOT-FOR-US: Simple Forum
-CVE-2008-0540 (Multiple cross-site scripting (XSS) vulnerabilities in trixbox 2.4.2.0 ...)
+CVE-2008-0540
 	NOT-FOR-US: trixbox
-CVE-2008-0539 (Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php ...)
+CVE-2008-0539
 	NOT-FOR-US: F5 BIG-IP Application Security Manager
-CVE-2008-0538 (Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow ...)
+CVE-2008-0538
 	NOT-FOR-US: phpIP Management
-CVE-2008-0537 (Unspecified vulnerability in the Supervisor Engine 32 (Sup32), ...)
+CVE-2008-0537
 	NOT-FOR-US: Cisco
-CVE-2008-0536 (Unspecified vulnerability in the SSH server in (1) Cisco Service ...)
+CVE-2008-0536
 	NOT-FOR-US: Cisco
-CVE-2008-0535 (Unspecified vulnerability in the SSH server in (1) Cisco Service ...)
+CVE-2008-0535
 	NOT-FOR-US: Cisco
-CVE-2008-0534 (The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, ...)
+CVE-2008-0534
 	NOT-FOR-US: Cisco
-CVE-2008-0533 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0533
 	NOT-FOR-US: Cisco ACS
-CVE-2008-0532 (Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in ...)
+CVE-2008-0532
 	NOT-FOR-US: Cisco ACS
-CVE-2008-0531 (Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, ...)
+CVE-2008-0531
 	NOT-FOR-US: Cisco
-CVE-2008-0530 (Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G ...)
+CVE-2008-0530
 	NOT-FOR-US: Cisco
-CVE-2008-0529 (Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, ...)
+CVE-2008-0529
 	NOT-FOR-US: Cisco
-CVE-2008-0528 (Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G ...)
+CVE-2008-0528
 	NOT-FOR-US: Cisco
-CVE-2008-0527 (The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP ...)
+CVE-2008-0527
 	NOT-FOR-US: Cisco
-CVE-2008-0526 (Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP ...)
+CVE-2008-0526
 	NOT-FOR-US: Cisco
-CVE-2008-0525 (PatchLink Update client for Unix, as used by Novell ZENworks Patch ...)
+CVE-2008-0525
 	NOT-FOR-US: PatchLink Update client for Unix
-CVE-2008-0524 (Cross-site request forgery (CSRF) vulnerability in the management ...)
+CVE-2008-0524
 	NOT-FOR-US: Yamaha router firmware
-CVE-2008-0523 (Multiple cross-site scripting (XSS) vulnerabilities in SoftCart.exe in ...)
+CVE-2008-0523
 	NOT-FOR-US: SoftCart
-CVE-2008-0522 (Cross-site scripting (XSS) vulnerability in multiple Hal Networks ...)
+CVE-2008-0522
 	NOT-FOR-US: Hal Networks shopping-cart products
-CVE-2008-0521 (Multiple directory traversal vulnerabilities in Bubbling Library 1.32 ...)
+CVE-2008-0521
 	NOT-FOR-US: Bubbling Library
-CVE-2008-0520 (Multiple SQL injection vulnerabilities in main.php in the WassUp ...)
+CVE-2008-0520
 	NOT-FOR-US: WassUp plugin for WordPress
-CVE-2008-0519 (SQL injection vulnerability in index.php in the Atapin Jokes ...)
+CVE-2008-0519
 	NOT-FOR-US: Atapin Jokes component for Mambo and Joomla!
-CVE-2008-0518 (SQL injection vulnerability in index.php in the Recipes (com_recipes) ...)
+CVE-2008-0518
 	NOT-FOR-US: Recipes component for Mambo and Joomla!
-CVE-2008-0517 (SQL injection vulnerability in index.php in the Darko Selesi ...)
+CVE-2008-0517
 	NOT-FOR-US: EstateAgent component for Mambo and Joomla!
-CVE-2008-0516 (PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in ...)
+CVE-2008-0516
 	NOT-FOR-US: SQLiteManager
-CVE-2008-0515 (SQL injection vulnerability in index.php in the musepoes ...)
+CVE-2008-0515
 	NOT-FOR-US: musepoes component for Mambo and Joomla!
-CVE-2008-0514 (SQL injection vulnerability in index.php in the Glossary ...)
+CVE-2008-0514
 	NOT-FOR-US: Glossary component for Mambo and Joomla!
-CVE-2008-0513 (Directory traversal vulnerability in ...)
+CVE-2008-0513
 	NOT-FOR-US: phpCMS
-CVE-2008-0512 (SQL injection vulnerability in index.php in the fq (com_fq) component ...)
+CVE-2008-0512
 	NOT-FOR-US: fq component for Mambo and Joomla!
-CVE-2008-0511 (SQL injection vulnerability in index.php in the MaMML (com_mamml) ...)
+CVE-2008-0511
 	NOT-FOR-US: MaMML component for Mambo and Joomla!
-CVE-2008-0510 (SQL injection vulnerability in index.php in the Newsletter ...)
+CVE-2008-0510
 	NOT-FOR-US: Newsletter component for Mambo and Joomla!
-CVE-2008-0509 (Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to ...)
+CVE-2008-0509
 	NOT-FOR-US: IBM AIX
-CVE-2008-0508 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2008-0508
 	NOT-FOR-US: Dean's Permalinks Migration plugin for WordPress
-CVE-2008-0507 (SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin ...)
+CVE-2008-0507
 	NOT-FOR-US: AdServe plugin for WordPress
-CVE-2008-0506 (include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) ...)
+CVE-2008-0506
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-0505 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0505
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-0504 (Multiple SQL injection vulnerabilities in Coppermine Photo Gallery ...)
+CVE-2008-0504
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-0503 (Eval injection vulnerability in admin/op/disp.php in Netwerk Smart ...)
+CVE-2008-0503
 	NOT-FOR-US: Netwerk Smart Publisher
-CVE-2008-0502 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-0502
 	NOT-FOR-US: Connectix Boards
-CVE-2008-0664 (The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, ...)
+CVE-2008-0664
 	{DSA-1601-1}
 	- wordpress 2.3.3-1 (medium; bug #464170)
 	[etch] - wordpress <not-affected> (vulnerable code not present)
@@ -15974,16 +15974,16 @@ CVE-2008-0664 (The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3
 	NOTE: This is specific to wordpress' implementation of xmlrpc.php, which is
 	NOTE: not included in any other packages.
 	- libwordpress-xmlrpc-perl <removed>
-CVE-2008-0553 (Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in ...)
+CVE-2008-0553
 	{DSA-1598-1 DSA-1491-1 DSA-1490-1 DTSA-140-1}
 	- tk8.5 8.5.0-3
 	- tk8.4 8.4.17-2
 	- tk8.3 8.3.5-12
 	- libtk-img 1:1.3-release-7 (bug #485785)
-CVE-2008-0554 (Buffer overflow in the readImageData function in giftopnm.c in netpbm ...)
+CVE-2008-0554
 	{DSA-1579-1}
 	- netpbm-free 10.0-11.1 (medium; bug #464056)
-CVE-2008-0564 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...)
+CVE-2008-0564
 	- mailman 1:2.1.10~b3-1 (low)
 	[etch] - mailman <no-dsa> (Minor issue)
 	[sarge] - mailman <no-dsa> (Minor issue)
@@ -15992,50 +15992,50 @@ CVE-2008-0564 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman be
 	NOTE: control over the mailinglist, so not a very important issue.
 	NOTE: This enhances the fix for CVE-2006-3636.
 	NOTE: http://mail.python.org/pipermail/mailman-announce/2008-February/000095.html
-CVE-2008-0665 (wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 ...)
+CVE-2008-0665
 	{DSA-1492-1}
 	- wml 2.0.11-3.1 (low; bug #463907)
 	[sarge] - wml <not-affected> (Vulnerable code is patched to use mkdtemp)
-CVE-2008-0666 (Website META Language (WML) 2.0.11 allows local users to overwrite ...)
+CVE-2008-0666
 	{DSA-1492-1}
 	- wml 2.0.11-3.1 (low; bug #463907)
 	[sarge] - wml <not-affected> (Vulnerable code is patched to use mkdtemp)
-CVE-2008-0501 (Directory traversal vulnerability in phpMyClub 0.0.1 allows remote ...)
+CVE-2008-0501
 	NOT-FOR-US: phpMyClub
-CVE-2008-0500 (Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have ...)
+CVE-2008-0500
 	NOT-FOR-US: MamboXChange LaiThai
-CVE-2008-0499 (SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote ...)
+CVE-2008-0499
 	NOT-FOR-US: MamboXChange LaiThai
-CVE-2008-0498 (SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop ...)
+CVE-2008-0498
 	NOT-FOR-US: Bigware Shop
-CVE-2008-0497 (Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS ...)
+CVE-2008-0497
 	NOT-FOR-US: Nucleus CMS
-CVE-2008-0496 (Cross-site scripting (XSS) vulnerability in index.php in AmpJuke 0.7.0 ...)
+CVE-2008-0496
 	NOT-FOR-US: AmpJuke
-CVE-2008-0495 (Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware ...)
+CVE-2008-0495
 	NOT-FOR-US: Pegasus CIM Server
-CVE-2008-0494 (Cross-site scripting (XSS) vulnerability in vpnum/userslist.php in ...)
+CVE-2008-0494
 	NOT-FOR-US: Endian Firewall
-CVE-2008-0493 (fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows ...)
+CVE-2008-0493
 	NOT-FOR-US: FlashPix plugin for IrfanView
-CVE-2008-0492 (Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control ...)
+CVE-2008-0492
 	NOT-FOR-US: Persits XUpload
-CVE-2008-0491 (SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 ...)
+CVE-2008-0491
 	NOT-FOR-US: fGallery for WordPress
-CVE-2008-0490 (SQL injection vulnerability in functions/editevent.php in the WP-Cal ...)
+CVE-2008-0490
 	NOT-FOR-US: WP-Cal plugin for WordPress
-CVE-2008-0489 (Directory traversal vulnerability in install.php in Clansphere ...)
+CVE-2008-0489
 	NOT-FOR-US: Clansphere
-CVE-2008-0488 (Directory traversal vulnerability in tseekdir.cgi in VB Marketing ...)
+CVE-2008-0488
 	NOT-FOR-US: VB Marketing
-CVE-2008-0487 (Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect ...)
+CVE-2008-0487
 	NOT-FOR-US: ASPired2Protect
-CVE-2008-0486 (Array index vulnerability in libmpdemux/demux_audio.c in MPlayer ...)
+CVE-2008-0486
 	{DSA-1536-1 DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (bug #464060)
 	- xine-lib 1.1.10.1-1 (bug #464696)
 	[sarge] - xine-lib <not-affected> (Vulnerable code not present)
-CVE-2008-0485 (Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and ...)
+CVE-2008-0485
 	{DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (bug #464060)
 CVE-2008-0484
@@ -16044,402 +16044,402 @@ CVE-2008-0483
 	RESERVED
 CVE-2008-0482
 	RESERVED
-CVE-2008-0481 (Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz ...)
+CVE-2008-0481
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-0480 (Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 ...)
+CVE-2008-0480
 	NOT-FOR-US: Web Wiz Forums
-CVE-2008-0479 (Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz ...)
+CVE-2008-0479
 	NOT-FOR-US: Web Wiz NewsPad
-CVE-2008-0478 (Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows ...)
+CVE-2008-0478
 	NOT-FOR-US: SetCMS
-CVE-2008-0477 (Stack-based buffer overflow in the QMPUpgrade.Upgrade.1 ActiveX ...)
+CVE-2008-0477
 	NOT-FOR-US: Move Networks Upgrade Manager
-CVE-2008-0476 (ManageEngine Applications Manager 8.1 build 8100 does not check ...)
+CVE-2008-0476
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-0475 (ManageEngine Applications Manager 8.1 build 8100 allows remote ...)
+CVE-2008-0475
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-0474 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2008-0474
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-0473 (RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote ...)
+CVE-2008-0473
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-0472 (Cross-site request forgery (CSRF) vulnerability in modcp.php in ...)
+CVE-2008-0472
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2008-0471 (Cross-site request forgery (CSRF) vulnerability in privmsg.php in ...)
+CVE-2008-0471
 	{DSA-1488-1}
 	- phpbb2 2.0.22-3 (low; bug #463589)
-CVE-2008-0470 (A certain ActiveX control in Comodo AntiVirus 2.0 allows remote ...)
+CVE-2008-0470
 	NOT-FOR-US: Comodo AntiVirus
-CVE-2008-0469 (SQL injection vulnerability in index.php in Tiger Php News System ...)
+CVE-2008-0469
 	NOT-FOR-US: Tiger Php News System
-CVE-2008-0468 (SQL injection vulnerability in category.php in Flinx 1.3 and earlier ...)
+CVE-2008-0468
 	NOT-FOR-US: Flinx
-CVE-2008-0467 (Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before ...)
+CVE-2008-0467
 	{DSA-1529-1}
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 2.0.3.12981.ds1-5 (medium; bug #463596)
-CVE-2008-0466 (Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor ...)
+CVE-2008-0466
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-0465 (Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 ...)
+CVE-2008-0465
 	NOT-FOR-US: Seagull
-CVE-2008-0464 (Directory traversal vulnerability in archiv.cgi in absofort aconon ...)
+CVE-2008-0464
 	NOT-FOR-US: aconon Mail Enterprise SQL
-CVE-2008-0463 (Cross-site scripting (XSS) vulnerability in the Workflow 4.7.x before ...)
+CVE-2008-0463
 	NOT-FOR-US: Workflow module for Drupal
-CVE-2008-0462 (Cross-site scripting (XSS) vulnerability in the Archive 5.x before ...)
+CVE-2008-0462
 	NOT-FOR-US: Archive module for Drupal
-CVE-2008-0461 (SQL injection vulnerability in index.php in the Search module in ...)
+CVE-2008-0461
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-0460 (Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki ...)
+CVE-2008-0460
 	- mediawiki 1:1.11.1-1 (low)
 	[etch] - mediawiki <not-affected> (Doesn't include API functionality)
-CVE-2008-0459 (Directory traversal vulnerability in update/index.php in Liquid-Silver ...)
+CVE-2008-0459
 	NOT-FOR-US: Liquit-Silver CMS
-CVE-2008-0458 (Directory traversal vulnerability in function/sources.php in SLAED CMS ...)
+CVE-2008-0458
 	NOT-FOR-US: SLAED CMS
-CVE-2008-0457 (Unrestricted file upload vulnerability in the FileUpload class running ...)
+CVE-2008-0457
 	NOT-FOR-US: Symantec LiveState Apache Tomcat server
-CVE-2008-0456 (CRLF injection vulnerability in the mod_negotiation module in the ...)
+CVE-2008-0456
 	- apache <unfixed> (unimportant)
 	- apache2 <unfixed> (unimportant)
 	NOTE: This is only relevant if an attacker can upload files with arbitrary names
 	NOTE: but not with arbitrary contents.
-CVE-2008-0455 (Cross-site scripting (XSS) vulnerability in the mod_negotiation module ...)
+CVE-2008-0455
 	- apache <removed> (unimportant)
 	- apache2 <unfixed> (unimportant)
 	NOTE: This is only relevant if an attacker can upload files with arbitrary names
 	NOTE: but not with arbitrary contents.
-CVE-2008-0454 (Cross-zone scripting vulnerability in the Internet Explorer web ...)
+CVE-2008-0454
 	NOT-FOR-US: Skype
-CVE-2008-0453 (SQL injection vulnerability in list.php in Easysitenetwork Recipe ...)
+CVE-2008-0453
 	NOT-FOR-US: Easysitenetwork Recipe
-CVE-2008-0452 (Directory traversal vulnerability in articles.php in Siteman 1.1.9 ...)
+CVE-2008-0452
 	NOT-FOR-US: Siteman
-CVE-2008-0451 (Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote ...)
+CVE-2008-0451
 	NOT-FOR-US: PacerCMS
-CVE-2008-0450 (Multiple PHP remote file inclusion vulnerabilities in BLOG:CMS 4.2.1.c ...)
+CVE-2008-0450
 	NOT-FOR-US: BLOG:CMS
-CVE-2008-0449 (SQL injection vulnerability in paypalresult.asp in VP-ASP Shopping ...)
+CVE-2008-0449
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2008-0448 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-0448
 	NOT-FOR-US: phpSearch
-CVE-2008-0447 (SQL injection vulnerability in index.php in Foojan WMS PHP Weblog 1.0 ...)
+CVE-2008-0447
 	NOT-FOR-US: Foojan WMS PHP Weblog
-CVE-2008-0446 (SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows ...)
+CVE-2008-0446
 	NOT-FOR-US: Foojan WMS PHP Weblog
-CVE-2008-0445 (The replace_inline_img function in elogd in Electronic Logbook (ELOG) ...)
+CVE-2008-0445
 	- elog 2.9.2+2014.05.11git44800a7-1 (low; bug #463600)
-CVE-2008-0444 (Cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) ...)
+CVE-2008-0444
 	- elog 2.9.2+2014.05.11git44800a7-1 (low; bug #463600)
-CVE-2008-0443 (Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX ...)
+CVE-2008-0443
 	NOT-FOR-US: Lycos FileUploader Module
-CVE-2008-0442 (PHP remote file inclusion vulnerability in inc/linkbar.php in Small ...)
+CVE-2008-0442
 	NOT-FOR-US: Small Axe Weblog
-CVE-2008-0441 (IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in ...)
+CVE-2008-0441
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2008-0440 (AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in ...)
+CVE-2008-0440
 	NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange
-CVE-2008-0439 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-0439
 	NOT-FOR-US: DeluxeBB
-CVE-2008-0438 (Cross-site scripting (XSS) vulnerability in the font rendering ...)
+CVE-2008-0438
 	NOT-FOR-US: Novemberborn sIFR
-CVE-2008-0437 (Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ...)
+CVE-2008-0437
 	NOT-FOR-US: HP Virtual Rooms
-CVE-2008-0436 (Cross-site scripting (XSS) vulnerability in profile-upload/upload.asp ...)
+CVE-2008-0436
 	NOT-FOR-US: PD9 Software MegaBBS
-CVE-2008-0435 (Directory traversal vulnerability in index.php in OZJournals 2.1.1 ...)
+CVE-2008-0435
 	NOT-FOR-US: OZJournals
-CVE-2008-0434 (Format string vulnerability in the AXIMilter module in AXIGEN Mail ...)
+CVE-2008-0434
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2008-0433 (PHP remote file inclusion vulnerability in ...)
+CVE-2008-0433
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2008-0432 (Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo ...)
+CVE-2008-0432
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2008-0431 (Directory traversal vulnerability in administrator/download.php in ...)
+CVE-2008-0431
 	NOT-FOR-US: IDMOS
-CVE-2008-0430 (SQL injection vulnerability in form.php in 360 Web Manager 3.0 allows ...)
+CVE-2008-0430
 	NOT-FOR-US: 360 Web Manager
-CVE-2008-0429 (SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per ...)
+CVE-2008-0429
 	NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange
-CVE-2008-0428 (Multiple SQL injection vulnerabilities in the login function in ...)
+CVE-2008-0428
 	NOT-FOR-US: bloofoxCMS
-CVE-2008-0427 (Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows ...)
+CVE-2008-0427
 	NOT-FOR-US: bloofoxCMS
-CVE-2008-0426 (Multiple cross-site scripting (XSS) vulnerabilities in submit.php in ...)
+CVE-2008-0426
 	NOT-FOR-US: PacerCMS
-CVE-2008-0425 (Absolute path traversal vulnerability in explorerdir.php in Frimousse ...)
+CVE-2008-0425
 	NOT-FOR-US: Frimousse
-CVE-2008-0424 (SQL injection vulnerability in blog.php in Mooseguy Blog System (MGBS) ...)
+CVE-2008-0424
 	NOT-FOR-US: Mooseguy Blog System
-CVE-2008-0423 (Multiple PHP remote file inclusion vulnerabilities in Lama Software ...)
+CVE-2008-0423
 	NOT-FOR-US: Lama Software
-CVE-2008-0422 (SQL injection vulnerability in mail.php in boastMachine (aka bMachine) ...)
+CVE-2008-0422
 	NOT-FOR-US: bMachine
-CVE-2008-0421 (SQL injection vulnerability in Invision Gallery 2.0.7 and earlier ...)
+CVE-2008-0421
 	NOT-FOR-US: Invision Gallery
-CVE-2008-0420 (modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox ...)
+CVE-2008-0420
 	{DSA-1534-1 DSA-1484-1}
 	- iceape 1.1.8-1
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	NOTE: The initial advisory claimed Thunderbird/Icedove were vulnerable, but clarified
 	NOTE: later, see http://www.mozilla.org/security/announce/2008/mfsa2008-07.html
-CVE-2008-0419 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows ...)
+CVE-2008-0419
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0418 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, ...)
+CVE-2008-0418
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0417 (CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows ...)
+CVE-2008-0417
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0416 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
+CVE-2008-0416
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- icedove 2.0.0.12-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-0415 (Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and ...)
+CVE-2008-0415
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
-CVE-2008-0414 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows ...)
+CVE-2008-0414
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0413 (The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird ...)
+CVE-2008-0413
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0412 (The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird ...)
+CVE-2008-0412
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0411 (Stack-based buffer overflow in the zseticcspace function in zicc.c in ...)
+CVE-2008-0411
 	{DSA-1510-1}
 	- ghostscript 8.61.dfsg.1-1.1 (medium; bug #468190)
 	- gs-gpl <removed> (medium)
 CVE-2008-XXXX [exempi buffer overflow in GIF ReadHeader() function]
 	- exempi 1.99.7-1 (bug #454297)
-CVE-2008-0544 (Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c ...)
+CVE-2008-0544
 	{DSA-1493-2 DSA-1493-1}
 	- sdl-image1.2 1.2.6-3 (medium)
-CVE-2008-0410 (HTTP File Server (HFS) before 2.2c allows remote attackers to obtain ...)
+CVE-2008-0410
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0409 (Cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) ...)
+CVE-2008-0409
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0408 (HTTP File Server (HFS) before 2.2c allows remote attackers to append ...)
+CVE-2008-0408
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0407 (HTTP File Server (HFS) before 2.2c tags HTTP request log entries with ...)
+CVE-2008-0407
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0406 (HTTP File Server (HFS) before 2.2c, when account names are used as log ...)
+CVE-2008-0406
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0405 (Multiple directory traversal vulnerabilities in HTTP File Server (HFS) ...)
+CVE-2008-0405
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0404 (Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows ...)
+CVE-2008-0404
 	- mantis <not-affected> (Vulnerable code not present)
 	NOTE: code was introduced in the 1.1.x series, which are not shipped by us yet
-CVE-2008-0403 (The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does ...)
+CVE-2008-0403
 	NOT-FOR-US: Belkin Wireless firmware
-CVE-2008-0402 (Unspecified vulnerability in IBM WebSphere Business Modeler Basic and ...)
+CVE-2008-0402
 	NOT-FOR-US: IBM WebSphere Business Modeler
-CVE-2008-0401 (Buffer overflow in the logging functionality of the HTTP server in IBM ...)
+CVE-2008-0401
 	NOT-FOR-US: IBM Tivoli Provisioning Manager for OS Deployment before
-CVE-2008-0400 (Cross-site scripting (XSS) vulnerability in header.tpl.php in the ...)
+CVE-2008-0400
 	NOT-FOR-US: Singapore
-CVE-2008-0399 (Multiple buffer overflows in Toshiba Surveillance (Surveillix) ...)
+CVE-2008-0399
 	NOT-FOR-US: Toshiba Surveillance
-CVE-2008-0398 (Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly ...)
+CVE-2008-0398
 	NOT-FOR-US: aflog
-CVE-2008-0397 (Multiple SQL injection vulnerabilities in aflog 1.01, and possibly ...)
+CVE-2008-0397
 	NOT-FOR-US: aflog
-CVE-2008-0396 (Directory traversal vulnerability in BitDefender Update Server ...)
+CVE-2008-0396
 	NOT-FOR-US: BitDefender Update Server
-CVE-2008-0395 (Kayako SupportSuite 3.11.01 allows remote attackers to obtain server ...)
+CVE-2008-0395
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2008-0394 (Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote ...)
+CVE-2008-0394
 	NOT-FOR-US: Citadel SMTP server
-CVE-2008-0393 (Directory traversal vulnerability in info.php in GradMan 0.1.3 and ...)
+CVE-2008-0393
 	NOT-FOR-US: GradMan
-CVE-2008-0392 (Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition ...)
+CVE-2008-0392
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-0391 (inc/elementz.php in aliTalk 1.9.1.1 does not properly verify ...)
+CVE-2008-0391
 	NOT-FOR-US: aliTalk
-CVE-2008-0390 (stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows ...)
+CVE-2008-0390
 	NOT-FOR-US: AuraCMS
-CVE-2008-0389 (Unspecified vulnerability in the serveServletsByClassnameEnabled ...)
+CVE-2008-0389
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-0388 (SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress ...)
+CVE-2008-0388
 	NOT-FOR-US: WP-Forum plugin for WordPress
-CVE-2008-0387 (Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before ...)
+CVE-2008-0387
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-4 (bug #460048)
 	[lenny] - firebird2.0 2.0.3.12981.ds1-1+lenny1
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
-CVE-2008-0386 (Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to ...)
+CVE-2008-0386
 	- xdg-utils <not-affected> (Ships a patch that modifies the vulnerable code and uses sed secure)
 	NOTE: xdg-open-generic replaces the vulnerable code and runs view-mailcap or sensible-browser
-CVE-2008-0385 (SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 ...)
+CVE-2008-0385
 	NOT-FOR-US: Urulu
-CVE-2008-0384 (OpenBSD 4.2 allows local users to cause a denial of service (kernel ...)
+CVE-2008-0384
 	NOT-FOR-US: OpenBSD
-CVE-2008-0383 (Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier ...)
+CVE-2008-0383
 	NOT-FOR-US: MyBB
-CVE-2008-0382 (Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier ...)
+CVE-2008-0382
 	NOT-FOR-US: MyBB
-CVE-2008-0381 (Unspecified vulnerability in Mahara before 0.9.1 has unknown impact ...)
+CVE-2008-0381
 	- mahara 0.9.1-1 (low)
-CVE-2008-0380 (Buffer overflow in the Digital Data Communications RtspVaPgCtrl ...)
+CVE-2008-0380
 	NOT-FOR-US: Digital Data Communications
-CVE-2008-0379 (Race condition in the Enterprise Tree ActiveX control ...)
+CVE-2008-0379
 	NOT-FOR-US: Crystal Reports
-CVE-2008-0378 (Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when ...)
+CVE-2008-0378
 	NOT-FOR-US: SocksCap
-CVE-2008-0377 (MicroNews allows remote attackers to bypass authentication and gain ...)
+CVE-2008-0377
 	NOT-FOR-US: MicroNews
-CVE-2008-0376 (PHP remote file inclusion vulnerability in inc/linkbar.php in Small ...)
+CVE-2008-0376
 	NOT-FOR-US: Small Axe Weblog
-CVE-2008-0375 (Unspecified vulnerability in OKI C5510MFP Printer CU H2.15, PU ...)
+CVE-2008-0375
 	NOT-FOR-US: OKI C5510MFP Printer firmware
-CVE-2008-0374 (OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web ...)
+CVE-2008-0374
 	NOT-FOR-US: OKI C5510MFP Printer firmware
-CVE-2008-0373 (Unrestricted file upload vulnerability in PHP F1 Max's File Uploader ...)
+CVE-2008-0373
 	NOT-FOR-US: PHP F1 Max's File Uploader
-CVE-2008-0372 (8e6 R3000 Internet Filter 2.0.05.33, and other versions before 2.0.11, ...)
+CVE-2008-0372
 	NOT-FOR-US: 8e6 R3000 Internet Filter
-CVE-2008-0371 (Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when ...)
+CVE-2008-0371
 	NOT-FOR-US: aliTalk
-CVE-2008-0370 (Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel ...)
+CVE-2008-0370
 	NOT-FOR-US: cPanel
-CVE-2008-0369 (Multiple unspecified programs in IBM Informix Dynamic Server (IDS) ...)
+CVE-2008-0369
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0368 (onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 ...)
+CVE-2008-0368
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0367 (Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when ...)
+CVE-2008-0367
 	- iceweasel 3.0 (low)
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Mozilla #244273
-CVE-2008-0366 (CORE FORCE before 0.95.172 does not properly validate arguments to ...)
+CVE-2008-0366
 	NOT-FOR-US: CORE FORCE
-CVE-2008-0365 (Multiple buffer overflows in CORE FORCE before 0.95.172 allow local ...)
+CVE-2008-0365
 	NOT-FOR-US: CORE FORCE
-CVE-2008-0364 (Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent ...)
+CVE-2008-0364
 	NOT-FOR-US: BitTorrent/uTorrent
-CVE-2008-0363 (Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier ...)
+CVE-2008-0363
 	NOT-FOR-US: Clever Copy
-CVE-2008-0362 (Cross-site scripting (XSS) vulnerability in gallery.php in Clever Copy ...)
+CVE-2008-0362
 	NOT-FOR-US: Clever Copy
-CVE-2008-0361 (Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 ...)
+CVE-2008-0361
 	NOT-FOR-US: GradMan
-CVE-2008-0360 (Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote ...)
+CVE-2008-0360
 	NOT-FOR-US: BLOG:CMS
-CVE-2008-0359 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b ...)
+CVE-2008-0359
 	NOT-FOR-US: BLOG:CMS
-CVE-2008-0358 (SQL injection vulnerability in index.php in Pixelpost 1.7 allows ...)
+CVE-2008-0358
 	NOT-FOR-US: Pixelpost
-CVE-2008-0357 (Directory traversal vulnerability in pages/upload.php in Galaxyscripts ...)
+CVE-2008-0357
 	NOT-FOR-US: Galaxyscripts
-CVE-2008-0356 (Buffer overflow in the Independent Management Architecture (IMA) ...)
+CVE-2008-0356
 	NOT-FOR-US: Citrix Presentation Server
-CVE-2008-0355 (SQL injection vulnerability in index.php in the forum module in ...)
+CVE-2008-0355
 	NOT-FOR-US: PHPEcho CMS
-CVE-2008-0354 (Cross-site scripting (XSS) vulnerability in the chat client in IBM ...)
+CVE-2008-0354
 	NOT-FOR-US: IBM Lotus Sametime
-CVE-2008-0353 (SQL injection vulnerability in visualizza_tabelle.php in php-residence ...)
+CVE-2008-0353
 	NOT-FOR-US: php-residence
 CVE-2008-XXXX [apt-cacher arbitrary command execution]
 	- apt-cacher 1.6.1
 	[etch] - apt-cacher <not-affected> (vulnerable code introduced in 1.6.0)
 	[sarge] - apt-cacher <not-affected> (vulnerable code introduced in 1.6.0)
-CVE-2008-0352 (The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to ...)
+CVE-2008-0352
 	- linux-2.6 2.6.22-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced after 2.6.19 release)
-CVE-2008-0351 (admin/config.php in Evilsentinel 1.0.9 and earlier allows remote ...)
+CVE-2008-0351
 	NOT-FOR-US: EvilSentinel
-CVE-2008-0350 (admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to ...)
+CVE-2008-0350
 	NOT-FOR-US: EvilSentinel
-CVE-2008-0349 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2008-0349
 	NOT-FOR-US: Oracle
-CVE-2008-0348 (Multiple unspecified vulnerabilities in the PeopleTools component in ...)
+CVE-2008-0348
 	NOT-FOR-US: Oracle
-CVE-2008-0347 (Unspecified vulnerability in the Oracle Ultra Search component in ...)
+CVE-2008-0347
 	NOT-FOR-US: Oracle
-CVE-2008-0346 (Unspecified vulnerability in the Oracle Jinitiator component in Oracle ...)
+CVE-2008-0346
 	NOT-FOR-US: Oracle
-CVE-2008-0345 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2008-0345
 	NOT-FOR-US: Oracle
-CVE-2008-0344 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2008-0344
 	NOT-FOR-US: Oracle
-CVE-2008-0343 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2008-0343
 	NOT-FOR-US: Oracle
-CVE-2008-0342 (Unspecified vulnerability in the Upgrade/Downgrade component in Oracle ...)
+CVE-2008-0342
 	NOT-FOR-US: Oracle
-CVE-2008-0341 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
+CVE-2008-0341
 	NOT-FOR-US: Oracle
-CVE-2008-0340 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, ...)
+CVE-2008-0340
 	NOT-FOR-US: Oracle
-CVE-2008-0339 (Unspecified vulnerability in the XML DB component in Oracle Database ...)
+CVE-2008-0339
 	NOT-FOR-US: Oracle
-CVE-2008-0338 (Directory traversal vulnerability in the mwGetLocalFileName function ...)
+CVE-2008-0338
 	NOT-FOR-US: miniweb
-CVE-2008-0337 (Heap-based buffer overflow in the _mwProcessReadSocket function in ...)
+CVE-2008-0337
 	NOT-FOR-US: miniweb
-CVE-2008-0336 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-0336
 	NOT-FOR-US: BugTracker.NET
-CVE-2008-0335 (Cross-site scripting (XSS) vulnerability in BugTracker.NET before ...)
+CVE-2008-0335
 	NOT-FOR-US: BugTracker.NET
-CVE-2008-0334 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-0334
 	NOT-FOR-US: pMachine
-CVE-2008-0333 (Directory traversal vulnerability in download_view_attachment.aspx in ...)
+CVE-2008-0333
 	NOT-FOR-US: AfterLogic MailBee WebMail Pro 4.1 for ASP.NET
-CVE-2008-0332 (Directory traversal vulnerability in arias/help/effect.php in aria ...)
+CVE-2008-0332
 	NOT-FOR-US: Aria ERP (not the aria we ship)
-CVE-2008-0331 (Unspecified vulnerability in Funkwerk System Software before 7.4.1 ...)
+CVE-2008-0331
 	NOT-FOR-US: Funkwerk
-CVE-2008-0330 (Open System Consultants (OSC) Radiator before 4.0 allows remote ...)
+CVE-2008-0330
 	NOT-FOR-US: Radiator
-CVE-2008-0329 (LulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) ...)
+CVE-2008-0329
 	NOT-FOR-US: LulieBlog
-CVE-2008-0328 (SQL injection vulnerability in page.php in FaScript FaName 1.0 allows ...)
+CVE-2008-0328
 	NOT-FOR-US: FaScript
-CVE-2008-0327 (SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows ...)
+CVE-2008-0327
 	NOT-FOR-US: FaScript
-CVE-2008-0326 (SQL injection vulnerability in class/show.php in FaScript ...)
+CVE-2008-0326
 	NOT-FOR-US: FaScript
-CVE-2008-0325 (SQL injection vulnerability in show.php in FaScript FaPersian Petition ...)
+CVE-2008-0325
 	NOT-FOR-US: FaScript
-CVE-2008-0324 (Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 ...)
+CVE-2008-0324
 	NOT-FOR-US: Cisco
 CVE-2008-0323
 	RESERVED
-CVE-2008-0322 (The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for ...)
+CVE-2008-0322
 	NOT-FOR-US: Microsoft Windows XP driver
 CVE-2008-0321
 	RESERVED
-CVE-2008-0320 (Heap-based buffer overflow in the OLE importer in OpenOffice.org ...)
+CVE-2008-0320
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
 CVE-2008-0319
 	RESERVED
-CVE-2008-0318 (Integer overflow in the cli_scanpe function in libclamav in ClamAV ...)
+CVE-2008-0318
 	{DSA-1497-1}
 	- clamav 0.92.1~dfsg-1 (medium)
 CVE-2008-0317
@@ -16448,447 +16448,447 @@ CVE-2008-0316
 	RESERVED
 CVE-2008-0315
 	RESERVED
-CVE-2008-0314 (Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 ...)
+CVE-2008-0314
 	{DSA-1549-1}
 	- clamav 0.92.1~dfsg2-1 (medium)
-CVE-2008-0313 (The ActiveDataInfo.LaunchProcess method in the ...)
+CVE-2008-0313
 	NOT-FOR-US: Symantec Norton products
-CVE-2008-0312 (Stack-based buffer overflow in the AutoFix Support Tool ActiveX ...)
+CVE-2008-0312
 	NOT-FOR-US: Symantec Norton products
-CVE-2008-0311 (Stack-based buffer overflow in the PGMWebHandler::parse_request ...)
+CVE-2008-0311
 	NOT-FOR-US: Borland CaliberRM
-CVE-2008-0310 (Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 ...)
+CVE-2008-0310
 	NOT-FOR-US: SCO UnixWare
-CVE-2008-0309 (Stack-based buffer overflow in Symantec Decomposer, as used in certain ...)
+CVE-2008-0309
 	NOT-FOR-US: Symantec Decomposer
-CVE-2008-0308 (Symantec Decomposer, as used in certain Symantec antivirus products ...)
+CVE-2008-0308
 	NOT-FOR-US: Symantec Decomposer
-CVE-2008-0307 (Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and ...)
+CVE-2008-0307
 	- maxdb-7.5.00 <removed>
-CVE-2008-0306 (sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows ...)
+CVE-2008-0306
 	- maxdb-7.5.00 <removed>
 CVE-2008-0305
 	RESERVED
-CVE-2008-0304 (Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and ...)
+CVE-2008-0304
 	{DSA-1697-1 DSA-1621-1}
 	- icedove 2.0.0.12-1 (medium)
 	- iceape 1.1.8-1 (medium)
-CVE-2008-0303 (The FTP print feature in multiple Canon printers, including ...)
+CVE-2008-0303
 	NOT-FOR-US: Canon printer firmware
-CVE-2008-0301 (Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote ...)
+CVE-2008-0301
 	NOT-FOR-US: Mapbender
-CVE-2008-0300 (mapFiler.php in Mapbender 2.4 to 2.4.4 allows remote attackers to ...)
+CVE-2008-0300
 	NOT-FOR-US: Mapbender
-CVE-2008-0298 (KHTML WebKit as used in Apple Safari 2.x allows remote attackers to ...)
+CVE-2008-0298
 	- webkit <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	- qt4-x11 <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	- kdelibs <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	- kde4libs <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	NOTE: Not reproducible, might be fixed before all the forks went off
-CVE-2008-0297 (PhotoKorn allows remote attackers to obtain database credentials via a ...)
+CVE-2008-0297
 	NOT-FOR-US: PhotoKorn
-CVE-2008-0296 (Heap-based buffer overflow in the libaccess_realrtsp plugin in ...)
+CVE-2008-0296
 	{DSA-1543-1 DTSA-111-1}
 	- vlc 0.8.6.c-6 (bug #461544; medium)
-CVE-2008-0295 (Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in ...)
+CVE-2008-0295
 	{DSA-1543-1 DTSA-111-1}
 	- vlc 0.8.6.c-6 (bug #461544; medium)
 	NOTE: this does not affect xine-lib itself, its just vlc that ships a really old version of it
-CVE-2008-0294 (Unspecified vulnerability in the seat-locking implementation in ...)
+CVE-2008-0294
 	NOT-FOR-US: FreeSeat
-CVE-2008-0293 (Unspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when ...)
+CVE-2008-0293
 	NOT-FOR-US: FreeSeat
-CVE-2008-0292 (Cross-site scripting (XSS) vulnerability in photo_album.pl in Dansie ...)
+CVE-2008-0292
 	NOT-FOR-US: Dansie Photo Album
-CVE-2008-0291 (SQL injection vulnerability in showproduct.asp in RichStrong CMS ...)
+CVE-2008-0291
 	NOT-FOR-US: RichStrong CMS
 CVE-2008-0161
 	RESERVED
-CVE-2008-0290 (Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and ...)
+CVE-2008-0290
 	NOT-FOR-US: Digital Hive
-CVE-2008-0289 (PHP remote file inclusion vulnerability in view_func.php in Member ...)
+CVE-2008-0289
 	NOT-FOR-US: Member Area System
-CVE-2008-0288 (Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow ...)
+CVE-2008-0288
 	NOT-FOR-US: ImageAlbum
-CVE-2008-0287 (PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 ...)
+CVE-2008-0287
 	NOT-FOR-US: VisionBurst vcart
-CVE-2008-0286 (SQL injection vulnerability in admin/login.php in Article Dashboard ...)
+CVE-2008-0286
 	NOT-FOR-US: Article Dashboard
-CVE-2008-0285 (ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows ...)
+CVE-2008-0285
 	- ngircd 0.10.3-2 (bug #461067; low)
 	[etch] - ngircd <no-dsa> (Minor issue)
-CVE-2008-0284 (Cross-site scripting (XSS) vulnerability in Simple Machines Forum ...)
+CVE-2008-0284
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-0283 (PHP remote file inclusion vulnerability in /aides/index.php in DomPHP ...)
+CVE-2008-0283
 	NOT-FOR-US: DomPHP
-CVE-2008-0282 (SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 ...)
+CVE-2008-0282
 	NOT-FOR-US: DomPHP
-CVE-2008-0281 (SQL injection vulnerability in liste.php in ID-Commerce 2.0 and ...)
+CVE-2008-0281
 	NOT-FOR-US: ID-Commerce
-CVE-2008-0280 (SQL injection vulnerability in index.php in MTCMS 2.0 and possibly ...)
+CVE-2008-0280
 	NOT-FOR-US: MTCMS
-CVE-2008-0279 (SQL injection vulnerability in liretopic.php in Xforum 1.4 and ...)
+CVE-2008-0279
 	NOT-FOR-US: Xforum
-CVE-2008-0278 (SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly ...)
+CVE-2008-0278
 	NOT-FOR-US: X7 Chat
-CVE-2008-0277 (Unspecified vulnerability in the Fileshare module for Drupal allows ...)
+CVE-2008-0277
 	NOT-FOR-US: Fileshare module for Drupal
-CVE-2008-0276 (Cross-site scripting (XSS) vulnerability in the Devel module before ...)
+CVE-2008-0276
 	NOT-FOR-US: Devel module for Drupal
-CVE-2008-0275 (The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal ...)
+CVE-2008-0275
 	NOT-FOR-US: Atom module for Drupal
-CVE-2008-0274 (Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when ...)
+CVE-2008-0274
 	- drupal5 5.6-1 (unimportant)
 	NOTE: needs register_globals on
-CVE-2008-0273 (Interpretation conflict in Drupal 4.7.x before 4.7.11 and 5.x before ...)
+CVE-2008-0273
 	- drupal5 5.6-1 (low)
-CVE-2008-0272 (Cross-site request forgery (CSRF) vulnerability in the aggregator ...)
+CVE-2008-0272
 	- drupal5 5.6-1 (low)
-CVE-2008-0271 (The editor deletion form in BUEditor 4.7.x before 4.7.x-1.0 and 5.x ...)
+CVE-2008-0271
 	NOT-FOR-US: BUEditor
-CVE-2008-0270 (SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and ...)
+CVE-2008-0270
 	NOT-FOR-US: TaskFreak!
-CVE-2008-0269 (Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 ...)
+CVE-2008-0269
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0268 (Cross-site scripting (XSS) vulnerability in view.php in eTicket ...)
+CVE-2008-0268
 	NOT-FOR-US: eTicket
-CVE-2008-0267 (Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote ...)
+CVE-2008-0267
 	NOT-FOR-US: eTicket
-CVE-2008-0266 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
+CVE-2008-0266
 	NOT-FOR-US: eTicket
-CVE-2008-0265 (Multiple cross-site scripting (XSS) vulnerabilities in the Search ...)
+CVE-2008-0265
 	NOT-FOR-US: F5 BIG-IP
-CVE-2008-0264 (Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 ...)
+CVE-2008-0264
 	NOT-FOR-US: Meta Tags module for Drupal
-CVE-2008-0263 (The SIP module in Ingate Firewall before 4.6.1 and SIParator before ...)
+CVE-2008-0263
 	NOT-FOR-US: Ingate Firewall
-CVE-2008-0262 (SQL injection vulnerability in includes/articleblock.php in Agares ...)
+CVE-2008-0262
 	NOT-FOR-US: Agares PhpAutoVideo
-CVE-2008-0261 (Unspecified vulnerability in the search component and module in Mambo ...)
+CVE-2008-0261
 	NOT-FOR-US: Mambo
 	NOTE: Mambo is in experimental
-CVE-2008-0260 (minimal Gallery 0.8 allows remote attackers to obtain configuration ...)
+CVE-2008-0260
 	NOT-FOR-US: minimal Gallery
-CVE-2008-0259 (Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php ...)
+CVE-2008-0259
 	NOT-FOR-US: minimal Gallery
-CVE-2008-0258 (Cross-site scripting (XSS) vulnerability in index.php in PHP Running ...)
+CVE-2008-0258
 	NOT-FOR-US: PHP Running Management
-CVE-2008-0257 (Cross-site scripting (XSS) vulnerability in search.pl in Dansie Search ...)
+CVE-2008-0257
 	NOT-FOR-US: Dansie Search
-CVE-2008-0256 (Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo ...)
+CVE-2008-0256
 	NOT-FOR-US: Matteo Binda ASP Photo Gallery
-CVE-2008-0255 (SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 ...)
+CVE-2008-0255
 	NOT-FOR-US: iGaming
-CVE-2008-0254 (SQL injection vulnerability in activate.php in TutorialCMS (aka ...)
+CVE-2008-0254
 	NOT-FOR-US: TutorialCMS
-CVE-2008-0253 (SQL injection vulnerability in full_text.php in Binn SBuilder allows ...)
+CVE-2008-0253
 	NOT-FOR-US: Binn SBuilder
-CVE-2008-0252 (Directory traversal vulnerability in the _get_file_path function in ...)
+CVE-2008-0252
 	{DSA-1481-1}
 	- python-cherrypy 2.2.1-3.1 (low; bug #461069)
 	- cherrypy3 3.0.2-2
-CVE-2008-0251 (Unrestricted file upload vulnerability in PhotoPost vBGallery before ...)
+CVE-2008-0251
 	NOT-FOR-US: PhotoPost vBGallery
-CVE-2008-0250 (Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows ...)
+CVE-2008-0250
 	NOT-FOR-US: Microsoft Visual InterDev
-CVE-2008-0249 (PHP Webquest 2.6 allows remote attackers to retrieve database ...)
+CVE-2008-0249
 	NOT-FOR-US: PHP Webquest
-CVE-2008-0248 (Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ...)
+CVE-2008-0248
 	NOT-FOR-US: StreamAudio ChainCast ProxyManager
-CVE-2008-0247 (Heap-based buffer overflow in the Express Backup Server service ...)
+CVE-2008-0247
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2008-0246 (admin.php in UploadScript 1.0 does not check for the original password ...)
+CVE-2008-0246
 	NOT-FOR-US: UploadScript
-CVE-2008-0245 (admin.php in UploadImage 1.0 does not check for the original password ...)
+CVE-2008-0245
 	NOT-FOR-US: UploadImage
-CVE-2008-0244 (SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to ...)
+CVE-2008-0244
 	- maxdb-7.5.00 <removed> (medium; bug #461444)
 	NOTE: see #461456 for removal explanation
-CVE-2008-0243 (Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 ...)
+CVE-2008-0243
 	NOT-FOR-US: Lotus Domino
-CVE-2008-0242 (Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local ...)
+CVE-2008-0242
 	NOT-FOR-US: Sun Solari
-CVE-2008-0241 (Open redirect vulnerability in /idm/user/login.jsp in Sun Java System ...)
+CVE-2008-0241
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-0240 (/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 ...)
+CVE-2008-0240
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-0239 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2008-0239
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-0238 (Multiple heap-based buffer overflows in the rmff_dump_cont function in ...)
+CVE-2008-0238
 	NOTE: Dupe of CVE-2008-0225
-CVE-2008-0299 (common.py in Paramiko 1.7.1 and earlier, when using threads or forked ...)
+CVE-2008-0299
 	- paramiko 1.6.4-1.1 (low; bug #460706)
 	[etch] - paramiko <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20100715101310/http://www.lag.net/pipermail/paramiko/2008-January/000599.html
-CVE-2008-0237 (The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 ...)
+CVE-2008-0237
 	NOT-FOR-US: Microsoft Rich Textbox ActiveX Control
-CVE-2008-0236 (An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) ...)
+CVE-2008-0236
 	NOT-FOR-US: Microsoft Visual FoxPro
-CVE-2008-0235 (The Microsoft VFP_OLE_Server ActiveX control allows remote attackers ...)
+CVE-2008-0235
 	NOT-FOR-US: Microsoft VFP_OLE_Server ActiveX control
-CVE-2008-0234 (Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions ...)
+CVE-2008-0234
 	NOT-FOR-US: Apple Quicktime Player
-CVE-2008-0233 (Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and ...)
+CVE-2008-0233
 	NOT-FOR-US: Zero CMS
-CVE-2008-0232 (Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow ...)
+CVE-2008-0232
 	NOT-FOR-US: Zero CMS
-CVE-2008-0231 (Multiple directory traversal vulnerabilities in index.php in Tuned ...)
+CVE-2008-0231
 	NOT-FOR-US: Tune Studio
-CVE-2008-0230 (PHP remote file inclusion vulnerability in php121db.php in osDate ...)
+CVE-2008-0230
 	NOT-FOR-US: osDate
-CVE-2008-0229 (The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless ...)
+CVE-2008-0229
 	NOT-FOR-US: LevelOne router firmware
-CVE-2008-0228 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in the ...)
+CVE-2008-0228
 	NOT-FOR-US: Linksys WRT54GL firmware
-CVE-2008-0227 (yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, ...)
+CVE-2008-0227
 	{DSA-1478-1}
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.51-3 (low; bug #460873)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
-CVE-2008-0226 (Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL ...)
+CVE-2008-0226
 	{DSA-1478-1}
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.51-3 (medium; bug #460873)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
-CVE-2008-0225 (Heap-based buffer overflow in the rmff_dump_cont function in ...)
+CVE-2008-0225
 	{DSA-1472-1 DTSA-109-1}
 	- xine-lib 1.1.10-1 (medium; bug #460551)
-CVE-2008-0224 (SQL injection vulnerability in index.php in the Newbb_plus 0.92 and ...)
+CVE-2008-0224
 	NOT-FOR-US: RunCMS
-CVE-2008-0223 (Buffer overflow in JustSystems JSFC.DLL, as used in multiple ...)
+CVE-2008-0223
 	NOT-FOR-US: JustSystem
-CVE-2008-0222 (Unrestricted file upload vulnerability in ajaxfilemanager.php in the ...)
+CVE-2008-0222
 	NOT-FOR-US: Wp-FileManager plugin for WordPress
-CVE-2008-0221 (Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka ...)
+CVE-2008-0221
 	NOT-FOR-US: Gateway Weblaunch
-CVE-2008-0220 (Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 ...)
+CVE-2008-0220
 	NOT-FOR-US: Gateway Weblaunch
-CVE-2008-0219 (SQL injection vulnerability in soporte_horizontal_w.php in PHP ...)
+CVE-2008-0219
 	NOT-FOR-US: Webquest
-CVE-2008-0218 (Cross-site scripting (XSS) vulnerability in admin/index.html in Merak ...)
+CVE-2008-0218
 	NOT-FOR-US: Merak IceWarp Mail Server
-CVE-2008-0217 (The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes ...)
+CVE-2008-0217
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (FreeBSD not supported)
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-7 <not-affected> (see bug #483152)
-CVE-2008-0216 (The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not ...)
+CVE-2008-0216
 	- kfreebsd-5 <not-affected> (see bug #483152)
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-7 <not-affected> (see bug #483152)
-CVE-2008-0215 (Multiple unspecified vulnerabilities in HP Storage Essentials Storage ...)
+CVE-2008-0215
 	NOT-FOR-US: HP SRM
-CVE-2008-0214 (Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, ...)
+CVE-2008-0214
 	NOT-FOR-US: HP Select Identity
-CVE-2008-0213 (Unspecified vulnerability in a certain ActiveX control for HP Virtual ...)
+CVE-2008-0213
 	NOT-FOR-US: HP Virtual Rooms
-CVE-2008-0212 (ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and ...)
+CVE-2008-0212
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-0211 (Unspecified vulnerability in the BIOS F.04 through F.11 for the HP ...)
+CVE-2008-0211
 	NOT-FOR-US: BIOS F.04
-CVE-2008-0210 (Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication ...)
+CVE-2008-0210
 	NOT-FOR-US: Uebimiau Webmail
-CVE-2008-0209 (Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 ...)
+CVE-2008-0209
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0208 (Cross-site scripting (XSS) vulnerability in login.asp in Snitz Forums ...)
+CVE-2008-0208
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0207 (Multiple cross-site scripting (XSS) vulnerabilities in PRO-Search 0.17 ...)
+CVE-2008-0207
 	NOT-FOR-US: PRO-Search
-CVE-2008-0206 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0206
 	NOT-FOR-US: Captcha!
-CVE-2008-0205 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-0205
 	NOT-FOR-US: Math Comment Spam Protection plugin for WordPress
-CVE-2008-0204 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0204
 	NOT-FOR-US: Math Comment Spam Protection plugin for WordPress
-CVE-2008-0203 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0203
 	NOT-FOR-US: Cryptographp plugin for WordPress
-CVE-2008-0202 (CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 ...)
+CVE-2008-0202
 	NOT-FOR-US: ExpressionEngine
-CVE-2008-0201 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2008-0201
 	NOT-FOR-US: ExpressionEngine
-CVE-2008-0200 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0200
 	NOT-FOR-US: RotaBanner
-CVE-2008-0199 (PRO-Search 0.17 and earlier allows remote attackers to cause a denial ...)
+CVE-2008-0199
 	NOT-FOR-US: PRO-Search
-CVE-2008-0198 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2008-0198
 	NOT-FOR-US: WP-ContactForm plugin for WordPress
-CVE-2008-0197 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0197
 	NOT-FOR-US: WP-ContactForm plugin for WordPress
-CVE-2008-0196 (Multiple directory traversal vulnerabilities in WordPress 2.0.11 and ...)
+CVE-2008-0196
 	- wordpress 2.3.3-1
 	[etch] - wordpress <no-dsa> (Auth is needed and attacker should have permissions to edit files)
-CVE-2008-0195 (WordPress 2.0.11 and earlier allows remote attackers to obtain ...)
+CVE-2008-0195
 	- wordpress 2.1.0-1 (unimportant)
 	NOTE: full path and DB structure already known on Debian
 	NOTE: poked hendry
-CVE-2008-0194 (Directory traversal vulnerability in wp-db-backup.php in WordPress ...)
+CVE-2008-0194
 	{DSA-1502-1}
 	- wordpress 2.1.0-1
 	NOTE: Vulnerable code removed since 2.1 release
-CVE-2008-0193 (Cross-site scripting (XSS) vulnerability in wp-db-backup.php in ...)
+CVE-2008-0193
 	{DSA-1502-1}
 	- wordpress 2.1.0-1
 	NOTE: Vulnerable code removed since 2.1 release
-CVE-2008-0192 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 ...)
+CVE-2008-0192
 	- wordpress 2.0.10-1
 	NOTE: poked hendry
-CVE-2008-0191 (WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ...)
+CVE-2008-0191
 	- wordpress <unfixed> (unimportant)
 	NOTE: full path and DB structure already known on Debian
 	NOTE: poked hendry
-CVE-2008-0190 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2008-0190
 	NOT-FOR-US: AwesomeTemplateEngine
 CVE-2008-0189
 	REJECTED
 CVE-2008-0188
 	REJECTED
-CVE-2008-0187 (SQL injection vulnerability in songinfo.php in SAM Broadcaster ...)
+CVE-2008-0187
 	NOT-FOR-US: SAM Broadcaster samPHPweb
-CVE-2008-0186 (Cross-site scripting (XSS) vulnerability in index.php in NetRisk 1.9.7 ...)
+CVE-2008-0186
 	NOT-FOR-US: NetRisk
-CVE-2008-0185 (SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly ...)
+CVE-2008-0185
 	NOT-FOR-US: NetRisk
-CVE-2008-0184 (Absolute path traversal vulnerability in index.php in Sys-Hotel on ...)
+CVE-2008-0184
 	NOT-FOR-US: Sys-Hotel
 CVE-2008-0183
 	RESERVED
-CVE-2008-0182 (Cross-site request forgery (CSRF) vulnerability in the Admin portlet ...)
+CVE-2008-0182
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0181 (Cross-site scripting (XSS) vulnerability in the Admin portlet in ...)
+CVE-2008-0181
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0180 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-0180
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0179 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2008-0179
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0178 (Cross-site scripting (XSS) vulnerability in the Enterprise Admin ...)
+CVE-2008-0178
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0177 (The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME ...)
+CVE-2008-0177
 	- kfreebsd-7 <not-affected> (see bug #483152)
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (FreeBSD not supported)
 	NOTE: Linux kernel code is not affected, the proper check is there
 	NOTE: (somewhat difficult to spot, it happens in the caller).
-CVE-2008-0176 (Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI ...)
+CVE-2008-0176
 	NOT-FOR-US: GE Fanuc CIMPLICITY
-CVE-2008-0175 (Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time ...)
+CVE-2008-0175
 	NOT-FOR-US: GE Fanuc Proficy Real-Time Information Portal
-CVE-2008-0174 (GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses ...)
+CVE-2008-0174
 	NOT-FOR-US: GE Fanuc Proficy Real-Time Information Portal
-CVE-2008-0172 (The get_repeat_type function in basic_regex_creator.hpp in the Boost ...)
+CVE-2008-0172
 	- boost 1.34.1-5 (low; bug #461236)
 	[etch] - boost <no-dsa> (Minor issue)
-CVE-2008-0171 (regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library ...)
+CVE-2008-0171
 	- boost 1.34.1-5 (low; bug #461236)
 	[etch] - boost <no-dsa> (Minor issue)
 CVE-2008-0170
 	RESERVED
-CVE-2008-0169 (Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 ...)
+CVE-2008-0169
 	- ikiwiki 2.48 (medium; bug #483770)
 	[etch] - ikiwiki <not-affected> (Vulnerable code introduced in 1.34)
 CVE-2008-0168
 	RESERVED
-CVE-2008-0167 (The write_array_file function in utils/include.pl in GForge 4.5.14 ...)
+CVE-2008-0167
 	{DSA-1577-1}
 	- gforge 4.6.99+svn6496-1 (low)
 	NOTE: https://rt.debian.org/Ticket/Display.html?id=672
-CVE-2008-0166 (OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based ...)
+CVE-2008-0166
 	{DSA-1576-1 DSA-1571-1}
 	- openssl 0.9.8g-9 (high)
 	[sarge] - openssl <not-affected> (Vulnerable code not present)
 	- openssh 4.7p1-9 (high)
 	NOTE: http://www.debian.org/security/key-rollover/
-CVE-2008-0165 (Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 ...)
+CVE-2008-0165
 	{DSA-1553-1}
 	- ikiwiki 2.42
-CVE-2008-0164 (Multiple cross-site request forgery (CSRF) vulnerabilities in Plone ...)
+CVE-2008-0164
 	- plone3 3.1.1-1 (bug #473571)
-CVE-2008-0163 (Linux kernel 2.6, when using vservers, allows local users to access ...)
+CVE-2008-0163
 	{DSA-1494-1}
 	- linux-2.6 2.6.25-1 (high)
-CVE-2008-0162 (misc.c in splitvt 1.6.6 and earlier does not drop group privileges ...)
+CVE-2008-0162
 	{DSA-1500-1}
 	- splitvt 1.6.6-4
-CVE-2008-0302 (Untrusted search path vulnerability in apt-listchanges.py in ...)
+CVE-2008-0302
 	{DSA-1465-2}
 	- apt-listchanges 2.82 (medium)
 	[sarge] - apt-listchanges <not-affected> (Vulnerable code not present)
 	NOTE: see http://web.archive.org/web/20080206193307/http://git.madism.org:80/?p=apt-listchanges.git;a=commitdiff;h=1bcfbf3dc55413bb83a1782dc9a54515a963fb32
 CVE-2008-0160
 	RESERVED
-CVE-2008-0173 (SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote ...)
+CVE-2008-0173
 	{DSA-1459-1}
 	- gforge 4.6.99+svn6330-1 (medium)
 	NOTE: this is exploitable by unauthenticated users
 	NOTE: Requires register_globals to be On, unsupported in lenny+sid.
 	NOTE: In lenny+sid these scripts just don't work, so no security issue.
 	NOTE: In etch+sarge we support gforge with rg On, unfortunately.
-CVE-2008-0159 (SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier ...)
+CVE-2008-0159
 	NOT-FOR-US: eggBlog
-CVE-2008-0158 (Directory traversal vulnerability in index.php in Shop-Script 2.0 and ...)
+CVE-2008-0158
 	NOT-FOR-US: Shop-Script
-CVE-2008-0157 (SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote ...)
+CVE-2008-0157
 	NOT-FOR-US: FlexBB
-CVE-2008-0156 (Absolute path traversal vulnerability in index.php in Million Dollar ...)
+CVE-2008-0156
 	NOT-FOR-US: Million Dollar Script
-CVE-2008-0155 (Cross-site scripting (XSS) vulnerability in index.php in EvilBoard ...)
+CVE-2008-0155
 	NOT-FOR-US: EvilBoard
-CVE-2008-0154 (SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) ...)
+CVE-2008-0154
 	NOT-FOR-US: EvilBoard
-CVE-2008-0153 (telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers ...)
+CVE-2008-0153
 	NOT-FOR-US: Pragma TelnetServer
-CVE-2008-0152 (SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier ...)
+CVE-2008-0152
 	NOT-FOR-US: SeattleLab SLNet RF Telnet Server
-CVE-2008-0151 (Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build ...)
+CVE-2008-0151
 	NOT-FOR-US: Foxit WAC Server
-CVE-2008-0150 (Unspecified vulnerability in the LDAP authentication feature in Aruba ...)
+CVE-2008-0150
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2008-0149 (TUTOS 1.3 allows remote attackers to read system information via a ...)
+CVE-2008-0149
 	- tutos <removed>
 	- tutos2 <not-affected> (vulnerable code not present)
-CVE-2008-0148 (TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows ...)
+CVE-2008-0148
 	- tutos <removed>
 	- tutos2 <not-affected> (vulnerable code not present)
-CVE-2008-0147 (SQL injection vulnerability in index.php in SmallNuke 2.0.4 and ...)
+CVE-2008-0147
 	NOT-FOR-US: SmallNuke
-CVE-2008-0146 (Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL ...)
+CVE-2008-0146
 	NOT-FOR-US: W3-mSQL
-CVE-2008-0145 (Unspecified vulnerability in glob in PHP before 4.4.8, when ...)
+CVE-2008-0145
 	- php4 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2008-0144 (PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 ...)
+CVE-2008-0144
 	NOT-FOR-US: NetRisk
-CVE-2008-0143 (PHP remote file inclusion vulnerability in common/db.php in samPHPweb, ...)
+CVE-2008-0143
 	NOT-FOR-US: samPHPweb
-CVE-2008-0142 (Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow ...)
+CVE-2008-0142
 	NOT-FOR-US: WebPortal CMS
-CVE-2008-0141 (actions.php in WebPortal CMS 0.6-beta generates predictable passwords ...)
+CVE-2008-0141
 	NOT-FOR-US: WebPortal CMS
-CVE-2008-0140 (Directory traversal vulnerability in error.php in Uebimiau Webmail ...)
+CVE-2008-0140
 	NOT-FOR-US: Uebimiau Webmail
-CVE-2008-0139 (Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog ...)
+CVE-2008-0139
 	NOT-FOR-US: Loudblog
-CVE-2008-0138 (PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php ...)
+CVE-2008-0138
 	NOT-FOR-US: XOOPS
-CVE-2008-0137 (PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS ...)
+CVE-2008-0137
 	NOT-FOR-US: SNETWORKS
-CVE-2008-0136 (Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive ...)
+CVE-2008-0136
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0135 (Snitz Forums 2000 3.4.06 and earlier stores sensitive information ...)
+CVE-2008-0135
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0134 (Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz ...)
+CVE-2008-0134
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0133 (Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier ...)
+CVE-2008-0133
 	NOT-FOR-US: Tribisur
-CVE-2008-0132 (Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long ...)
+CVE-2008-0132
 	NOT-FOR-US: Pragma FortressSSH
-CVE-2008-0131 (Cross-site scripting (XSS) vulnerability in login_form.asp in Instant ...)
+CVE-2008-0131
 	NOT-FOR-US: Instant Softwares Dating Site
-CVE-2008-0130 (SQL injection vulnerability in login_form.asp in Instant Softwares ...)
+CVE-2008-0130
 	NOT-FOR-US: Instant Softwares Dating Site
-CVE-2008-0129 (SQL injection vulnerability in starnet/addons/slideshow_full.php in ...)
+CVE-2008-0129
 	NOT-FOR-US: Site@School
-CVE-2008-0128 (The SingleSignOn Valve ...)
+CVE-2008-0128
 	{DSA-1468-1}
 	- tomcat5 <removed> (unimportant)
 	NOTE: SSO cookies not working in 5.0, have only been fixed in 5.5.13, see #34724
@@ -16896,21 +16896,21 @@ CVE-2008-0128 (The SingleSignOn Valve ...)
 	NOTE: SSO cookies sent over secure connections do not require
 	NOTE: secure connections, possibly defeating HTTPS encryption.
 	NOTE: See: http://issues.apache.org/bugzilla/show_bug.cgi?id=41217
-CVE-2008-0127 (The administration interface in McAfee E-Business Server 8.5.2 and ...)
+CVE-2008-0127
 	NOT-FOR-US: McAfee E-Business Server
 CVE-2008-0126
 	RESERVED
-CVE-2008-0125 (Cross-site scripting (XSS) vulnerability in phpstats.php in Michael ...)
+CVE-2008-0125
 	NOT-FOR-US: Michael Wagner phpstats
-CVE-2008-0124 (Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before ...)
+CVE-2008-0124
 	{DSA-1528-1}
 	- serendipity 1.3~b1-1 (low; bug #469667)
-CVE-2008-0123 (Cross-site scripting (XSS) vulnerability in install.php for Moodle ...)
+CVE-2008-0123
 	- moodle 1.9.8-1 (unimportant)
 	NOTE: the issue itself has a quite small attack vector
 	NOTE: and considering that the apache configuration that comes
 	NOTE: with moodle limits connections to localhost this is no issue
-CVE-2008-0122 (Off-by-one error in the inet_network function in libbind in ISC BIND ...)
+CVE-2008-0122
 	- bind <removed>
 	[sarge] - bind <no-dsa> (applications will use inet_network in libc)
 	[etch] - bind <no-dsa> (applications will use inet_network in libc)
@@ -16918,211 +16918,211 @@ CVE-2008-0122 (Off-by-one error in the inet_network function in libbind in ISC B
 	- glibc 2.2-1
 	NOTE: The fix for the BIND-based resolver in GNU libc was made in 2000.
 	NOTE: libbind9 is distinct code, not related to the old libbind.
-CVE-2008-0121 (A &quot;memory calculation error&quot; in Microsoft PowerPoint Viewer 2003 ...)
+CVE-2008-0121
 	NOT-FOR-US: Microsoft PowerPoint Viewer
-CVE-2008-0120 (Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote ...)
+CVE-2008-0120
 	NOT-FOR-US: Microsoft PowerPoint Viewer
-CVE-2008-0119 (Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP ...)
+CVE-2008-0119
 	NOT-FOR-US: Microsoft Publisher
-CVE-2008-0118 (Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 ...)
+CVE-2008-0118
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0117 (Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, ...)
+CVE-2008-0117
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0116 (Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility ...)
+CVE-2008-0116
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0115 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, ...)
+CVE-2008-0115
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0114 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 ...)
+CVE-2008-0114
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0113 (Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to ...)
+CVE-2008-0113
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0112 (Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for ...)
+CVE-2008-0112
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0111 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, ...)
+CVE-2008-0111
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0110 (Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP ...)
+CVE-2008-0110
 	NOT-FOR-US: Microsoft Outlook
-CVE-2008-0109 (Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office ...)
+CVE-2008-0109
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0108 (Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File ...)
+CVE-2008-0108
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0107 (Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, ...)
+CVE-2008-0107
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0106 (Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 ...)
+CVE-2008-0106
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0105 (Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, ...)
+CVE-2008-0105
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0104 (Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, ...)
+CVE-2008-0104
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0103 (Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, ...)
+CVE-2008-0103
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0102 (Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, ...)
+CVE-2008-0102
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0101 (Format string vulnerability in the swDebugf function in DuneApp.cpp in ...)
+CVE-2008-0101
 	- whitedune 0.28.13-1 (medium)
-CVE-2008-0100 (Stack-based buffer overflow in the Scene::errorf function in Scene.cpp ...)
+CVE-2008-0100
 	- whitedune 0.28.13-1 (medium)
-CVE-2008-0099 (Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier ...)
+CVE-2008-0099
 	NOT-FOR-US: MyPHP Forum
-CVE-2008-0098 (Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote ...)
+CVE-2008-0098
 	NOT-FOR-US: RealPlayer
-CVE-2008-0097 (Format string vulnerability in the log function in Georgia SoftWorks ...)
+CVE-2008-0097
 	NOT-FOR-US: Georgia SoftWorks SSH2 Server
-CVE-2008-0096 (Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) ...)
+CVE-2008-0096
 	NOT-FOR-US: Georgia SoftWorks SSH2 Server
-CVE-2008-0095 (The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, ...)
+CVE-2008-0095
 	- asterisk 1:1.4.17~dfsg-1 (medium; bug #458952)
 	[etch] - asterisk <not-affected> (Only Asterisk 1.4.x affected)
 	[sarge] - asterisk <not-affected> (Only Asterisk 1.4.x affected)
-CVE-2008-0094 (Multiple directory traversal vulnerabilities in MODx Content ...)
+CVE-2008-0094
 	NOT-FOR-US: MODx Content Management System
-CVE-2008-0093 (Multiple cross-site scripting (XSS) vulnerabilities in newticket.php ...)
+CVE-2008-0093
 	NOT-FOR-US: eTicket
-CVE-2008-0092 (Cross-site scripting (XSS) vulnerability in index.php in the search ...)
+CVE-2008-0092
 	NOT-FOR-US: Appalachian State University phpWebSite
-CVE-2008-0091 (Directory traversal vulnerability in download2.php in AGENCY4NET ...)
+CVE-2008-0091
 	NOT-FOR-US: AGENCY4NET WEBFTP
-CVE-2008-0090 (A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows ...)
+CVE-2008-0090
 	NOT-FOR-US: DivX Player
-CVE-2008-0089 (SQL injection vulnerability in uprofile.php in ClipShare allows remote ...)
+CVE-2008-0089
 	NOT-FOR-US: ClipShare
-CVE-2008-0088 (Unspecified vulnerability in Active Directory on Microsoft Windows ...)
+CVE-2008-0088
 	NOT-FOR-US: Windows
-CVE-2008-0087 (The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 ...)
+CVE-2008-0087
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-0086 (Buffer overflow in the convert function in Microsoft SQL Server 2000 ...)
+CVE-2008-0086
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0085 (SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine ...)
+CVE-2008-0085
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0084 (Unspecified vulnerability in the TCP/IP support in Microsoft Windows ...)
+CVE-2008-0084
 	NOT-FOR-US: Windows
-CVE-2008-0083 (The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) ...)
+CVE-2008-0083
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-0082 (An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 ...)
+CVE-2008-0082
 	NOT-FOR-US: Windows Messenger
-CVE-2008-0081 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 ...)
+CVE-2008-0081
 	NOT-FOR-US: Microsoft
-CVE-2008-0080 (Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft ...)
+CVE-2008-0080
 	NOT-FOR-US: Windows
 CVE-2008-0079
 	REJECTED
-CVE-2008-0078 (Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in ...)
+CVE-2008-0078
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0077 (Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 ...)
+CVE-2008-0077
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0076 (Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 ...)
+CVE-2008-0076
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0075 (Unspecified vulnerability in Microsoft Internet Information Services ...)
+CVE-2008-0075
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0074 (Unspecified vulnerability in Microsoft Internet Information Services ...)
+CVE-2008-0074
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0073 (Array index error in the sdpplin_parse function in ...)
+CVE-2008-0073
 	{DSA-1543-1 DSA-1536-1 DTSA-119-1 DTSA-128-1}
 	- xine-lib 1.1.11-1 (medium)
 	- vlc 0.8.6.e-2 (medium; bug #473057)
 	NOTE: http://bugs.xine-project.org/show_bug.cgi?id=58
-CVE-2008-0072 (Format string vulnerability in the emf_multipart_encrypted function in ...)
+CVE-2008-0072
 	{DSA-1512-1}
 	- evolution 2.12.3-1.1
 	NOTE: SA29057
-CVE-2008-0071 (The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) ...)
+CVE-2008-0071
 	NOT-FOR-US: uTorrent 1.7.7 (build 8179) / BitTorrent 6.0.1 (build 7859)
-CVE-2008-0070 (Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA ...)
+CVE-2008-0070
 	NOT-FOR-US: Orb Networks Orb and Winamp Remote BETA
-CVE-2008-0069 (Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows ...)
+CVE-2008-0069
 	NOT-FOR-US: XnView
-CVE-2008-0068 (Directory traversal vulnerability in OpenView5.exe in HP OpenView ...)
+CVE-2008-0068
 	NOT-FOR-US: HP OpenView
-CVE-2008-0067 (Multiple stack-based buffer overflows in HP OpenView Network Node ...)
+CVE-2008-0067
 	NOT-FOR-US: HP OpenView Network Node Manager (OV NNM)
-CVE-2008-0066 (Multiple buffer overflows in htmsr.dll in the HTML speed reader in ...)
+CVE-2008-0066
 	NOT-FOR-US: KeyView
-CVE-2008-0065 (Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, ...)
+CVE-2008-0065
 	NOT-FOR-US: Winamp
-CVE-2008-0064 (Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView ...)
+CVE-2008-0064
 	NOT-FOR-US: XnView, nconvert GFL SDK for Windows
-CVE-2008-0063 (The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not ...)
+CVE-2008-0063
 	{DSA-1524-1}
 	- krb5 1.6.dfsg.3~beta1-4 (medium)
-CVE-2008-0062 (KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for ...)
+CVE-2008-0062
 	{DSA-1524-1}
 	- krb5 1.6.dfsg.3~beta1-4 (high)
-CVE-2008-0060 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote ...)
+CVE-2008-0060
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0059 (Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 ...)
+CVE-2008-0059
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0058 (Race condition in the NSURLConnection cache management functionality ...)
+CVE-2008-0058
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0057 (Multiple integer overflows in a &quot;legacy serialization format&quot; parser ...)
+CVE-2008-0057
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0056 (Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 ...)
+CVE-2008-0056
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0055 (Foundation in Apple Mac OS X 10.4.11 creates world-writable ...)
+CVE-2008-0055
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0054 (Foundation in Apple Mac OS X 10.4.11 might allow context-dependent ...)
+CVE-2008-0054
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0053 (Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS ...)
+CVE-2008-0053
 	{DSA-1625-1}
 	- cupsys 1.3.6-1
 	- cups 1.3.6-1
 	NOTE: https://bugzilla.redhat.com/attachment.cgi?id=298651
-CVE-2008-0052 (CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file ...)
+CVE-2008-0052
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0051 (Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might ...)
+CVE-2008-0051
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0050 (CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers ...)
+CVE-2008-0050
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0049 (AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication ...)
+CVE-2008-0049
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0048 (Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows ...)
+CVE-2008-0048
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0047 (Heap-based buffer overflow in the cgiCompileSearch function in CUPS ...)
+CVE-2008-0047
 	{DSA-1530-1}
 	- cupsys 1.3.6-3 (medium; bug #472105)
 	- cups 1.3.6-3 (medium; bug #472105)
 	[sarge] - cupsys <not-affected> (Vulnerable code not present)
-CVE-2008-0046 (The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect ...)
+CVE-2008-0046
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0045 (Unspecified vulnerability in AFP Server in Apple Mac OS X 10.4.11 ...)
+CVE-2008-0045
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0044 (Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and ...)
+CVE-2008-0044
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0043 (Format string vulnerability in Apple iPhoto before 7.1.2 allows remote ...)
+CVE-2008-0043
 	NOT-FOR-US: Apple iPhoto
-CVE-2008-0042 (Argument injection vulnerability in Terminal.app in Terminal in Apple ...)
+CVE-2008-0042
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0041 (Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts ...)
+CVE-2008-0041
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0040 (Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 ...)
+CVE-2008-0040
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0039 (Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows ...)
+CVE-2008-0039
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0038 (Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an ...)
+CVE-2008-0038
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0037 (X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle ...)
+CVE-2008-0037
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0036 (Buffer overflow in Apple QuickTime before 7.4 allows remote attackers ...)
+CVE-2008-0036
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-0035 (Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 ...)
+CVE-2008-0035
 	NOT-FOR-US: Apple cocoa Foundation
 	NOTE: AFAICS this is not the same as libfoundation in Debian
-CVE-2008-0034 (Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through ...)
+CVE-2008-0034
 	NOT-FOR-US: Apple iPhone
-CVE-2008-0033 (Unspecified vulnerability in Apple QuickTime before 7.4 allows remote ...)
+CVE-2008-0033
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-0032 (Apple QuickTime before 7.4 allows remote attackers to execute ...)
+CVE-2008-0032
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-0031 (Unspecified vulnerability in Apple QuickTime before 7.4 allows remote ...)
+CVE-2008-0031
 	NOT-FOR-US: Apple QuickTime
 CVE-2008-0030
 	REJECTED
-CVE-2008-0029 (Cisco Application Velocity System (AVS) before 5.1.0 is installed with ...)
+CVE-2008-0029
 	NOT-FOR-US: Cisco
-CVE-2008-0028 (Unspecified vulnerability in Cisco PIX 500 Series Security Appliance ...)
+CVE-2008-0028
 	NOT-FOR-US: Cisco
-CVE-2008-0027 (Heap-based buffer overflow in the Certificate Trust List (CTL) ...)
+CVE-2008-0027
 	NOT-FOR-US: Cisco
-CVE-2008-0026 (SQL injection vulnerability in Cisco Unified ...)
+CVE-2008-0026
 	NOT-FOR-US: Cisco
 CVE-2008-0025
 	RESERVED
@@ -17134,54 +17134,54 @@ CVE-2008-0022
 	RESERVED
 CVE-2008-0021
 	RESERVED
-CVE-2008-0020 (Unspecified vulnerability in the Load method in the IPersistStreamInit ...)
+CVE-2008-0020
 	NOT-FOR-US: Microsoft
 CVE-2008-0019
 	RESERVED
 CVE-2008-0018
 	RESERVED
-CVE-2008-0017 (The http-index-format MIME type parser (nsDirIndexParser) in Firefox ...)
+CVE-2008-0017
 	{DSA-1697-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- iceape 1.1.13-1
-CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in ...)
+CVE-2008-0016
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.1-1
 	- iceweasel 3.0.1-1
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
-CVE-2008-0015 (Stack-based buffer overflow in the CComVariant::ReadFromStream ...)
+CVE-2008-0015
 	NOT-FOR-US: Microsoft
-CVE-2008-0014 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
+CVE-2008-0014
 	NOT-FOR-US: Trend Micro
-CVE-2008-0013 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
+CVE-2008-0013
 	NOT-FOR-US: Trend Micro
-CVE-2008-0012 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
+CVE-2008-0012
 	NOT-FOR-US: Trend Micro
-CVE-2008-0011 (Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 ...)
+CVE-2008-0011
 	NOT-FOR-US: Microsoft DirectX
-CVE-2008-0010 (The copy_from_user_mmap_sem function in fs/splice.c in the Linux ...)
+CVE-2008-0010
 	- linux-2.6 2.6.24-4
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-0009 (The vmsplice_to_user function in fs/splice.c in the Linux kernel ...)
+CVE-2008-0009
 	- linux-2.6 2.6.24-4
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-0008 (The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 ...)
+CVE-2008-0008
 	{DSA-1476-1}
 	- pulseaudio 0.9.9-1
-CVE-2008-0007 (Linux kernel before 2.6.22.17, when using certain drivers that ...)
+CVE-2008-0007
 	{DSA-1565-1 DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
 	- linux-2.6 2.6.24-4
-CVE-2008-0006 (Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont ...)
+CVE-2008-0006
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 	- libxfont 1:1.3.1-2
 	[etch] - libxfont 1:1.2.2-2.etch1
-CVE-2008-0005 (mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before ...)
+CVE-2008-0005
 	- apache2 2.2.8-1 (low)
 	- apache <removed> (low)
 	[etch] - apache <no-dsa> (browser issue; low impact)
@@ -17190,15 +17190,15 @@ CVE-2008-0005 (mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before ...)
 	[etch] - apache2 2.2.3-4+etch4 (low)
 CVE-2008-0004
 	REJECTED
-CVE-2008-0003 (Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback ...)
+CVE-2008-0003
 	NOT-FOR-US: OpenPegasus CIM management server
-CVE-2008-0002 (Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context ...)
+CVE-2008-0002
 	- tomcat5.5 <not-affected> (Only Tomcat 6 is affected, according to upstream)
-CVE-2008-0001 (VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before ...)
+CVE-2008-0001
 	{DSA-1479-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
-CVE-2008-0061 (MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before ...)
+CVE-2008-0061
 	{DSA-1445-1}
 	- maradns 1.2.12.08-1
 	NOTE: http://marc.info/?l=maradns-list&m=118842373527534&w=2
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index b55d9ec6f2..c4052abaf5 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -1,4 +1,4 @@
-CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in ...)
+CVE-2009-5155
 	[experimental] - gnulib 20180621~6979c25-1
 	- gnulib 20140202+stable-3.2 (bug #924613)
 	- glibc 2.28-1
@@ -12,21 +12,21 @@ CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=11053
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18986
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672
-CVE-2009-5154 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a ...)
+CVE-2009-5154
 	NOT-FOR-US: MOBOTIX
-CVE-2009-5153 (In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing ...)
+CVE-2009-5153
 	NOT-FOR-US: Novell NetWare
-CVE-2009-5152 (Absolute Computrace Agent, as distributed on certain Dell Inspiron ...)
+CVE-2009-5152
 	NOT-FOR-US: Absolute Computrace Agent
-CVE-2009-5151 (The stub component of Absolute Computrace Agent V70.785 executes code ...)
+CVE-2009-5151
 	NOT-FOR-US: Absolute Computrace Agent
-CVE-2009-5150 (Absolute Computrace Agent V80.845 and V80.866 does not have a digital ...)
+CVE-2009-5150
 	NOT-FOR-US: Absolute Computrace Agent
-CVE-2009-5149 (Arris DG860A, TG862A, and TG862G devices with firmware ...)
+CVE-2009-5149
 	NOT-FOR-US: Arris hardware
 CVE-2009-5148
 	RESERVED
-CVE-2009-5147 (DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel ...)
+CVE-2009-5147
 	{DLA-300-1 DLA-299-1}
 	- ruby1.8 <removed>
 	[wheezy] - ruby1.8 <no-dsa> (Minor issue)
@@ -50,86 +50,86 @@ CVE-2009-5146 [memory leak in hostname TLS extension]
 	NOTE: Fixed by: https://github.com/openssl/openssl/commit/7587347bc48e7e8a1e800e48bb0a658f1557c424 (OpenSSL_0_9_8k)
 	NOTE: Introduced by: https://github.com/openssl/openssl/commit/865a90eb4f0b0e3abbdd9dc2d3a4d57595575315 (OpenSSL_0_9_8f)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/16/4
-CVE-2009-5145 (Cross-site scripting (XSS) vulnerability in ZMI pages that use the ...)
+CVE-2009-5145
 	- zope2.12 2.12.10-1
-CVE-2009-5144 (mod-gnutls does not validate client certificates when ...)
+CVE-2009-5144
 	- mod-gnutls 0.5.6-1 (bug #578663)
 	NOTE: http://issues.outoforder.cc/view.php?id=93
-CVE-2009-5143 (GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) ...)
+CVE-2009-5143
 	NOT-FOR-US: GE Healthcare Discovery 530C
-CVE-2009-5142 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb ...)
+CVE-2009-5142
 	NOT-FOR-US: TimThumb
-CVE-2009-5141 (Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 ...)
+CVE-2009-5141
 	NOT-FOR-US: War FTP Daemon
 CVE-2009-5140
 	RESERVED
 CVE-2009-5139
 	RESERVED
-CVE-2009-5138 (GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag ...)
+CVE-2009-5138
 	- gnutls26 2.7.12-1
 	- gnutls28 <not-affected> (Only affects versions before 2.7.6)
 	NOTE: Only affects version prior of 2.7.6, fix: https://gitlab.com/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd
 	NOTE: and the issue has different root than CVE-2014-1959
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1069301
-CVE-2009-5137 (Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows ...)
+CVE-2009-5137
 	NOT-FOR-US: CastRipper
-CVE-2009-5136 (The policy definition evaluator in Condor before 7.4.2 does not ...)
+CVE-2009-5136
 	- condor <not-affected> (Fixed before initial upload)
-CVE-2009-5135 (The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 allows ...)
+CVE-2009-5135
 	NOT-FOR-US: Echo
-CVE-2009-5134 (Buffer overflow in the &quot;create torrent dialog&quot; functionality in ...)
+CVE-2009-5134
 	NOT-FOR-US: uTorrent
 CVE-2009-5133
 	RESERVED
-CVE-2009-5132 (The Filtering Service in Websense Web Security and Web Filter before ...)
+CVE-2009-5132
 	NOT-FOR-US: Websense
-CVE-2009-5131 (The Receive Service in Websense Email Security before 7.1 does not ...)
+CVE-2009-5131
 	NOT-FOR-US: Websense
-CVE-2009-5130 (The Rules Service in Websense Email Security before 7.1 allows remote ...)
+CVE-2009-5130
 	NOT-FOR-US: Websense
-CVE-2009-5129 (The Websense V10000 appliance before 1.0.1 allows remote attackers to ...)
+CVE-2009-5129
 	NOT-FOR-US: Websense
-CVE-2009-5128 (The Websense V10000 appliance before 1.0.1 allows remote attackers to ...)
+CVE-2009-5128
 	NOT-FOR-US: Websense
-CVE-2009-5127 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2009-5127
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5126 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2009-5126
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5125 (Comodo Internet Security before 3.9.95478.509 allows remote attackers ...)
+CVE-2009-5125
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5124 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2009-5124
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5123 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2009-5123
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5122 (The Personal Email Manager component in Websense Email Security before ...)
+CVE-2009-5122
 	NOT-FOR-US: Websense
-CVE-2009-5121 (Websense Email Security 7.1 before Hotfix 4 allows remote attackers to ...)
+CVE-2009-5121
 	NOT-FOR-US: Websense
-CVE-2009-5120 (The default configuration of Apache Tomcat in Websense Manager in ...)
+CVE-2009-5120
 	NOT-FOR-US: Websense
-CVE-2009-5119 (The default configuration of Apache Tomcat in Websense Manager in ...)
+CVE-2009-5119
 	NOT-FOR-US: Websense
-CVE-2009-5118 (Untrusted search path vulnerability in McAfee VirusScan Enterprise ...)
+CVE-2009-5118
 	NOT-FOR-US: McAfee
-CVE-2009-5117 (The Web Post Protection feature in McAfee Host Data Loss Prevention ...)
+CVE-2009-5117
 	NOT-FOR-US: McAfee
-CVE-2009-5116 (McAfee LinuxShield 1.5.1 and earlier does not properly implement ...)
+CVE-2009-5116
 	NOT-FOR-US: McAfee
-CVE-2009-5115 (McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 ...)
+CVE-2009-5115
 	NOT-FOR-US: McAfee
-CVE-2009-5114 (Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 ...)
+CVE-2009-5114
 	NOT-FOR-US: WebGlimpse
-CVE-2009-5113 (Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse ...)
+CVE-2009-5113
 	NOT-FOR-US: WebGlimpse
-CVE-2009-5112 (wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers ...)
+CVE-2009-5112
 	NOT-FOR-US: WebGlimpse
-CVE-2009-5111 (GoAhead WebServer allows remote attackers to cause a denial of service ...)
+CVE-2009-5111
 	NOT-FOR-US: GoAhead WebServer
-CVE-2009-5110 (dhttpd allows remote attackers to cause a denial of service (daemon ...)
+CVE-2009-5110
 	- dhttpd <removed> (low; bug #533665)
 	[squeeze] - dhttpd <no-dsa> (Minor issue)
 	[lenny] - dhttpd <no-dsa> (Minor issue)
-CVE-2009-5109 (Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows ...)
+CVE-2009-5109
 	NOT-FOR-US: Mini-Stream Ripper
 CVE-2009-5108
 	REJECTED
@@ -141,77 +141,77 @@ CVE-2009-5105
 	RESERVED
 CVE-2009-5104
 	RESERVED
-CVE-2009-5103 (Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP ...)
+CVE-2009-5103
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2009-5102 (SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ...)
+CVE-2009-5102
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2009-5101 (Pentaho BI Server 1.7.0.1062 and earlier includes the session ID ...)
+CVE-2009-5101
 	NOT-FOR-US: Pentaho BI Server
-CVE-2009-5100 (Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete ...)
+CVE-2009-5100
 	NOT-FOR-US: Pentaho BI Server
-CVE-2009-5099 (Cross-site scripting (XSS) vulnerability in ViewAction in Pentaho BI ...)
+CVE-2009-5099
 	NOT-FOR-US: Pentaho BI Server
-CVE-2009-5098 (The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not ...)
+CVE-2009-5098
 	NOT-FOR-US: Palm WebOS
-CVE-2009-5097 (Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, ...)
+CVE-2009-5097
 	NOT-FOR-US: Palm WebOS
-CVE-2009-5096 (Cross-site scripting (XSS) vulnerability in the Flag Content module ...)
+CVE-2009-5096
 	NOT-FOR-US: Drupal module Flag Content
 	NOTE: might get packaged
-CVE-2009-5095 (PHP remote file inclusion vulnerability in index_inc.php in ea gBook ...)
+CVE-2009-5095
 	NOT-FOR-US: ea gBook
-CVE-2009-5094 (SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate ...)
+CVE-2009-5094
 	NOT-FOR-US: CMS Faethon
-CVE-2009-5093 (Directory traversal vulnerability in gastbuch.php in G&#228;stebuch ...)
+CVE-2009-5093
 	NOT-FOR-US: Gastebuch
-CVE-2009-5092 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2009-5092
 	NOT-FOR-US: Microsoft FAST ESP
-CVE-2009-5091 (SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 ...)
+CVE-2009-5091
 	NOT-FOR-US: Vlinks
-CVE-2009-5090 (SQL injection vulnerability in editcomments.php in Bloggeruniverse ...)
+CVE-2009-5090
 	NOT-FOR-US: Bloggeruniverse Beta 2
-CVE-2009-5089 (Directory traversal vulnerability in index.php in IdeaCart 0.02 and ...)
+CVE-2009-5089
 	NOT-FOR-US: IdeaCart
-CVE-2009-5088 (SQL injection vulnerability in secure/index.php in IdeaCart 0.02 ...)
+CVE-2009-5088
 	NOT-FOR-US: IdeaCart
-CVE-2009-5087 (Directory traversal vulnerability in geohttpserver in Geovision ...)
+CVE-2009-5087
 	NOT-FOR-US: Geovision Digital Video Surveillance System
-CVE-2009-5086 (Cross-site scripting (XSS) vulnerability in Appliance Configuration ...)
+CVE-2009-5086
 	NOT-FOR-US: Juniper IDP
-CVE-2009-5085 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, ...)
+CVE-2009-5085
 	NOT-FOR-US: Tivoli
-CVE-2009-5084 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, ...)
+CVE-2009-5084
 	NOT-FOR-US: Tivoli
-CVE-2009-5083 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, ...)
+CVE-2009-5083
 	NOT-FOR-US: Tivoli
-CVE-2009-5082 (The (1) configure and (2) config.guess scripts in GNU troff (aka ...)
+CVE-2009-5082
 	- groff 1.20.1-5 (unimportant; bug #538338)
 	NOTE: Only exploitable during build
-CVE-2009-5081 (The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) ...)
+CVE-2009-5081
 	- groff 1.20.1-5 (unimportant)
 	NOTE: Only exploitable during build
-CVE-2009-5080 (The (1) contrib/eqn2graph/eqn2graph.sh, (2) ...)
+CVE-2009-5080
 	- groff 1.20.1-5 (low; bug #538330)
 	[lenny] - groff <no-dsa> (Minor issue)
-CVE-2009-5079 (The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) ...)
+CVE-2009-5079
 	- groff 1.20.1-5 (unimportant)
-CVE-2009-5078 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 ...)
+CVE-2009-5078
 	- groff 1.20.1-5 (low; bug #538338)
 	[etch] - groff <not-affected> (pdfroff not yet present)
 	[lenny] - groff <not-affected> (pdfroff not yet present)
-CVE-2009-5077 (CRE Loaded before 6.2.14 allows remote attackers to bypass ...)
+CVE-2009-5077
 	NOT-FOR-US: CRE Loaded
-CVE-2009-5076 (CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, ...)
+CVE-2009-5076
 	NOT-FOR-US: CRE Loaded
-CVE-2009-5075 (Monkey's Audio before 4.02 allows remote attackers to cause a denial ...)
+CVE-2009-5075
 	NOT-FOR-US: Monkey's Audio
-CVE-2009-5074 (Unspecified vulnerability in the MojoX::Dispatcher::Static ...)
+CVE-2009-5074
 	- libmojolicious-perl <not-affected> (Fixed before initial upload)
-CVE-2009-5073 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka ...)
+CVE-2009-5073
 	NOT-FOR-US: Tivoli
-CVE-2009-5072 (Memory leak in the ldap_explode_dn function in IBM Tivoli Directory ...)
+CVE-2009-5072
 	NOT-FOR-US: Tivoli
-CVE-2009-5071 (Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown ...)
+CVE-2009-5071
 	NOT-FOR-US: Palm WebOS
 CVE-2009-5070
 	RESERVED
@@ -220,358 +220,358 @@ CVE-2009-5069
 CVE-2009-5068
 	RESERVED
 	NOT-FOR-US: Simple Machines Forum
-CVE-2009-5067 (Directory traversal vulnerability in html2ps before 1.0b6 allows ...)
+CVE-2009-5067
 	- html2ps 1.0b7-1 (low; bug #548633)
 	[squeeze] - html2ps <no-dsa> (Minor issue)
-CVE-2009-5066 (twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials ...)
+CVE-2009-5066
 	- jbossas4 <not-affected> (twiddle.sh is included in the source package, but not in any of the binary packages)
-CVE-2009-5065 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
+CVE-2009-5065
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
-CVE-2009-5064 (** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and ...)
+CVE-2009-5064
 	- eglibc 2.10.1-7
 	- glibc 2.10.1-7
 	NOTE: Obscure attack
-CVE-2009-5063 (Memory leak in the embedded_profile_len function in pngwutil.c in ...)
+CVE-2009-5063
 	- libpng 1.2.39-1 (unimportant)
-CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX ...)
+CVE-2009-5062
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 ...)
+CVE-2009-5061
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5060 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 ...)
+CVE-2009-5060
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5059 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 ...)
+CVE-2009-5059
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5058 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 ...)
+CVE-2009-5058
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5057 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 ...)
+CVE-2009-5057
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2009-5056 (Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly ...)
+CVE-2009-5056
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2009-5055 (Open Ticket Request System (OTRS) before 2.4.4 grants ticket access on ...)
+CVE-2009-5055
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2009-5054 (Smarty before 3.0.0 beta 4 does not consider the umask value when ...)
+CVE-2009-5054
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...)
+CVE-2009-5053
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...)
+CVE-2009-5052
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
+CVE-2009-5051
 	- hastymail <removed>
-CVE-2009-5040 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote ...)
+CVE-2009-5040
 	NOT-FOR-US: Cisco IOS
-CVE-2009-5039 (Memory leak in the gk_circuit_info_do_in_acf function in the H.323 ...)
+CVE-2009-5039
 	NOT-FOR-US: Cisco IOS
-CVE-2009-5038 (Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during ...)
+CVE-2009-5038
 	NOT-FOR-US: Cisco IOS
-CVE-2009-5037 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2009-5037
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows ...)
+CVE-2009-5036
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not ...)
+CVE-2009-5035
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated ...)
+CVE-2009-5034
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a &quot;* ...)
+CVE-2009-5033
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before ...)
+CVE-2009-5032
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5031 (ModSecurity before 2.5.11 treats request parameter values containing ...)
+CVE-2009-5031
 	- modsecurity-apache <not-affected> (Fixed before initial upload)
 	- libapache-mod-security 2.5.12-1
 	NOTE: https://www.modsecurity.org/fisheye/browse/modsecurity/m2/branches/2.5.x/apache2/msc_multipart.c?r2=1419&r1=1366
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/2
-CVE-2009-5030 (The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 ...)
+CVE-2009-5030
 	{DSA-2629-1}
 	- openjpeg 1.3+dfsg-4.1 (medium; bug #672455)
 	NOTE: Upstream ticket http://code.google.com/p/openjpeg/issues/detail?id=5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=812317
-CVE-2009-5029 (Integer overflow in the __tzfile_read function in glibc before 2.15 ...)
+CVE-2009-5029
 	- eglibc 2.13-24 (low; bug #656108)
 	[squeeze] - eglibc 2.11.3-3
 	- glibc 2.13-24
 	NOTE: http://support.novell.com/security/cve/CVE-2009-5029.html
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=735850
-CVE-2009-5028 (Stack-based buffer overflow in Namazu before 2.0.20 allows remote ...)
+CVE-2009-5028
 	- namazu2 2.0.20-1.0 (low)
 CVE-2009-5027
 	REJECTED
-CVE-2009-5026 (The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x ...)
+CVE-2009-5026
 	- mysql-5.1 5.1.53-1
 CVE-2009-5025 [PyForum XSS+CSRF]
 	RESERVED
 	NOT-FOR-US: PyForum
-CVE-2009-5024 (ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb ...)
+CVE-2009-5024
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.3 (bug #671482)
-CVE-2009-5023 (The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, ...)
+CVE-2009-5023
 	- fail2ban 0.8.4+svn20110323-1 (low; bug #544232)
 	[lenny] - fail2ban <no-dsa> (Minor issue)
 	[squeeze] - fail2ban 0.8.4-3+squeeze1
-CVE-2009-5022 (Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in ...)
+CVE-2009-5022
 	{DSA-2256-1}
 	- tiff 3.9.5-1 (bug #624287)
 	- tiff3 <not-affected> (fixed before initial upload)
 	[lenny] - tiff <not-affected> (3.9+ only)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=1999
-CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
+CVE-2009-5021
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95 ...)
+CVE-2009-5020
 	- awstats 6.9.5~dfsg-1 (unimportant)
-CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root with ...)
+CVE-2009-5019
 	NOT-FOR-US: Web Wiz NewsPad
-CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong ...)
+CVE-2009-5017
 	- xulrunner <undetermined>
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in ...)
+CVE-2009-5016
 	- php5 5.3.3-4
 	[lenny] - php5 5.2.6.dfsg.1-1+lenny10
 	[squeeze] - php5 5.3.3-7+squeeze1
 	NOTE: Also fixed by debian/patches/CVE-2010-3870.patch
-CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
+CVE-2009-5015
 	- turbogears2 2.0.3-1
-CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...)
+CVE-2009-5014
 	- turbogears2 2.0.3-1
-CVE-2009-5013 (Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib ...)
+CVE-2009-5013
 	- python-pyftpdlib 0.5.2-1
-CVE-2009-5012 (ftpserver.py in pyftpdlib before 0.5.2 does not require the l ...)
+CVE-2009-5012
 	- python-pyftpdlib 0.5.2-1
-CVE-2009-5011 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...)
+CVE-2009-5011
 	- python-pyftpdlib 0.5.2-1
-CVE-2009-5010 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...)
+CVE-2009-5010
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-5009 (Double free vulnerability in OpenConnect before 1.40 might allow ...)
+CVE-2009-5009
 	- openconnect 1.40-1
-CVE-2009-5008 (Cisco Secure Desktop (CSD), when used in conjunction with an ...)
+CVE-2009-5008
 	NOT-FOR-US: isco Secure Desktop
-CVE-2009-5007 (The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows ...)
+CVE-2009-5007
 	NOT-FOR-US: Cisco AnyConnect SSL VPN trial client
-CVE-2009-5006 (The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in ...)
+CVE-2009-5006
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
-CVE-2009-5005 (The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache ...)
+CVE-2009-5005
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
 CVE-2009-5004
 	RESERVED
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
-CVE-2009-5003 (SQL injection vulnerability in click.php in e-soft24 Banner Exchange ...)
+CVE-2009-5003
 	NOT-FOR-US: e-soft24 Banner Exchange Script
-CVE-2009-5002 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
+CVE-2009-5002
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-5001 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
+CVE-2009-5001
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-5000 (Multiple cross-site scripting (XSS) vulnerabilities in the Workplace ...)
+CVE-2009-5000
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-4999 (Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) ...)
+CVE-2009-4999
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-4998 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
+CVE-2009-4998
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-4997 (gnome-power-manager 2.27.92 does not properly implement the ...)
+CVE-2009-4997
 	- gnome-power-manager 2.28.0-1 (unimportant)
-CVE-2009-4996 (** DISPUTED ** ...)
+CVE-2009-4996
 	NOTE: Disputed non-issue
-CVE-2009-4995 (Cross-site scripting (XSS) vulnerability in frmTickets.aspx in ...)
+CVE-2009-4995
 	NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4994 (Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in ...)
+CVE-2009-4994
 	NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4993 (PHP remote file inclusion vulnerability in home.php in LM Starmail ...)
+CVE-2009-4993
 	NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4992 (SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail ...)
+CVE-2009-4992
 	NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4991 (Cross-site scripting (XSS) vulnerability in users/resume_register.php ...)
+CVE-2009-4991
 	NOT-FOR-US: Omnistar Recruiting
-CVE-2009-4990 (Cross-site scripting (XSS) vulnerability in the Webform report module ...)
+CVE-2009-4990
 	NOT-FOR-US: Webform report module for Drupal
-CVE-2009-4989 (Cross-site scripting (XSS) vulnerability in index.php in AJ Auction ...)
+CVE-2009-4989
 	NOT-FOR-US: AJ Auction Pro OOPD
-CVE-2009-4988 (Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business ...)
+CVE-2009-4988
 	NOT-FOR-US: SAP Business One
-CVE-2009-4987 (admin/header.php in Scripteen Free Image Hosting Script 2.3 allows ...)
+CVE-2009-4987
 	NOT-FOR-US: Scripteen Free Image Hosting Script
-CVE-2009-4986 (Directory traversal vulnerability in index.php in In-Portal 4.3.1, ...)
+CVE-2009-4986
 	NOT-FOR-US: In-Portal
-CVE-2009-4985 (SQL injection vulnerability in browse.php in Accessories Me PHP ...)
+CVE-2009-4985
 	NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4984 (Multiple cross-site scripting (XSS) vulnerabilities in Accessories Me ...)
+CVE-2009-4984
 	NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4983 (Multiple cross-site scripting (XSS) vulnerabilities in Silurus ...)
+CVE-2009-4983
 	NOT-FOR-US: Silurus Classifieds
-CVE-2009-4982 (SQL injection vulnerability in the select function in Irokez CMS ...)
+CVE-2009-4982
 	NOT-FOR-US: Irokez CMS
-CVE-2009-4981 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4981
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4980 (Multiple cross-site scripting (XSS) vulnerabilities in Photokorn ...)
+CVE-2009-4980
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4979 (Multiple SQL injection vulnerabilities in search.php in Photokorn ...)
+CVE-2009-4979
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4978 (Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows ...)
+CVE-2009-4978
 	NOT-FOR-US: MyBackup
-CVE-2009-4977 (PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 ...)
+CVE-2009-4977
 	NOT-FOR-US: MyBackup
-CVE-2009-4976 (Cross-site scripting (XSS) vulnerability in webkitpart.cpp in ...)
+CVE-2009-4976
 	- webkitkde 0.4svn1059630-1
-CVE-2009-4975 (Cross-site scripting (XSS) vulnerability in webview.cpp in ...)
+CVE-2009-4975
 	- rekonq 0.5.0-1
-CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar ...)
+CVE-2009-4974
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4973 (SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows ...)
+CVE-2009-4973
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4972 (Cross-site scripting (XSS) vulnerability in index.php (aka the log in ...)
+CVE-2009-4972
 	NOT-FOR-US: SimpleID
-CVE-2009-4971 (SQL injection vulnerability in the AJAX Chat (vjchat) extension before ...)
+CVE-2009-4971
 	NOT-FOR-US: AJAX Chat
-CVE-2009-4970 (SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for ...)
+CVE-2009-4970
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4969 (SQL injection vulnerability in the Solidbase Bannermanagement ...)
+CVE-2009-4969
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4968 (SQL injection vulnerability in the Event Registration (event_registr) ...)
+CVE-2009-4968
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4967 (SQL injection vulnerability in the Car (car) extension before 0.1.1 ...)
+CVE-2009-4967
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4966 (SQL injection vulnerability in the AST ZipCodeSearch ...)
+CVE-2009-4966
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4965 (SQL injection vulnerability in the AIRware Lexicon (air_lexicon) ...)
+CVE-2009-4965
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4964 (Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers ...)
+CVE-2009-4964
 	NOT-FOR-US: KSP
-CVE-2009-4963 (Cross-site scripting (XSS) vulnerability in the Commerce extension ...)
+CVE-2009-4963
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4962 (Stack-based buffer overflow in Fat Player 0.6b allows remote attackers ...)
+CVE-2009-4962
 	NOT-FOR-US: Fat Player
-CVE-2009-4961 (Lanai Core 0.6 allows remote attackers to obtain configuration ...)
+CVE-2009-4961
 	NOT-FOR-US: Lanai Core
-CVE-2009-4960 (Directory traversal vulnerability in modules/backup/download.php in ...)
+CVE-2009-4960
 	NOT-FOR-US: Lanai Core
-CVE-2009-4959 (SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) ...)
+CVE-2009-4959
 	NOT-FOR-US: T3M E-Mail Marketing Tool
-CVE-2009-4958 (SQL injection vulnerability in video.php in EMO Breeder Manager (aka ...)
+CVE-2009-4958
 	NOT-FOR-US: EMO Breader Manager
-CVE-2009-4957 (Directory traversal vulnerability in loadpanel.php in Interspire ...)
+CVE-2009-4957
 	NOT-FOR-US: Interspire ActiveKB
-CVE-2009-4956 (Cross-site scripting (XSS) vulnerability in the Visitor Tracking ...)
+CVE-2009-4956
 	NOT-FOR-US: typo3 third party component (ws_stats)
-CVE-2009-4955 (SQL injection vulnerability in the ultraCards (th_ultracards) ...)
+CVE-2009-4955
 	NOT-FOR-US: typo3 third party component (th_ultracards)
-CVE-2009-4954 (SQL injection vulnerability in the Versatile Calendar Extension [VCE] ...)
+CVE-2009-4954
 	NOT-FOR-US: typo3 third party component (sk_calendar)
-CVE-2009-4953 (Cross-site scripting (XSS) vulnerability in the Userdata Create/Edit ...)
+CVE-2009-4953
 	NOT-FOR-US: typo3 third party component (sg_userdata)
-CVE-2009-4952 (Directory traversal vulnerability in the Directory Listing ...)
+CVE-2009-4952
 	NOT-FOR-US: typo3 third party component (dir_listing)
-CVE-2009-4951 (Unspecified vulnerability in the ClickStream Analyzer [output] ...)
+CVE-2009-4951
 	NOT-FOR-US: typo3 third party component (alternet_csa_out)
-CVE-2009-4950 (SQL injection vulnerability in the A21glossary Advanced Output ...)
+CVE-2009-4950
 	NOT-FOR-US: typo3 third party component (a21glossary_advanced_output)
-CVE-2009-4949 (SQL injection vulnerability in the Store Locator extension before ...)
+CVE-2009-4949
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2009-4948 (Cross-site scripting (XSS) vulnerability in the Store Locator ...)
+CVE-2009-4948
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2009-4947 (SQL injection vulnerability in frmLoginPwdReminderPopup.aspx in Q2 ...)
+CVE-2009-4947
 	NOT-FOR-US: Q2 Solutions ConnX
-CVE-2009-4946 (Directory traversal vulnerability in the Messaging (com_messaging) ...)
+CVE-2009-4946
 	NOT-FOR-US: Joomla! Messaging
-CVE-2009-4945 (AdPeeps 8.5d1 has a default password of admin for the admin account, ...)
+CVE-2009-4945
 	NOT-FOR-US: AdPeeps
-CVE-2009-4944 (Multiple cross-site scripting (XSS) vulnerabilities in ATRC ACollab ...)
+CVE-2009-4944
 	NOT-FOR-US: ATRC ACollab
-CVE-2009-4943 (index.php in AdPeeps 8.5d1 allows remote attackers to obtain sensitive ...)
+CVE-2009-4943
 	NOT-FOR-US: AdPeeps
-CVE-2009-4942 (Cross-site request forgery (CSRF) vulnerability in ACollab 1.2 allows ...)
+CVE-2009-4942
 	NOT-FOR-US: ATRC ACollab
-CVE-2009-4941 (Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC ...)
+CVE-2009-4941
 	NOT-FOR-US: ATRC ACollab
-CVE-2009-4940 (SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier ...)
+CVE-2009-4940
 	NOT-FOR-US: Zeus Cart
-CVE-2009-4939 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-4939
 	NOT-FOR-US: AdPeeps
-CVE-2009-4938 (SQL injection vulnerability in the JVideo! (com_jvideo) component ...)
+CVE-2009-4938
 	NOT-FOR-US: JVideo
-CVE-2009-4937 (Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 ...)
+CVE-2009-4937
 	NOT-FOR-US: SPirate
-CVE-2009-4936 (Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 ...)
+CVE-2009-4936
 	NOT-FOR-US: SPirate
-CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook Pro ...)
+CVE-2009-4935
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online Photo ...)
+CVE-2009-4934
 	NOT-FOR-US: Online Photo Pro
-CVE-2009-4933 (Multiple SQL injection vulnerabilities in login.php in EZ Webitor ...)
+CVE-2009-4933
 	NOT-FOR-US: EZ Webitor
-CVE-2009-4932 (Stack-based buffer overflow in 1by1 1.67 (aka 1.6.7.0) allows remote ...)
+CVE-2009-4932
 	NOT-FOR-US: 1by1
-CVE-2009-4931 (Stack-based buffer overflow in Groovy Media Player 1.1.0 allows remote ...)
+CVE-2009-4931
 	NOT-FOR-US: Groovy Media Player
-CVE-2009-4930 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2009-4930
 	NOT-FOR-US: SunGard Banner Student System
-CVE-2009-4929 (admin/manage_users.php in TotalCalendar 2.4 does not require ...)
+CVE-2009-4929
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4928 (PHP remote file inclusion vulnerability in config.php in TotalCalendar ...)
+CVE-2009-4928
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4927 (WB News 2.1.2 allows remote attackers to bypass authentication and ...)
+CVE-2009-4927
 	NOT-FOR-US: WB News
-CVE-2009-4926 (Multiple cross-site scripting (XSS) vulnerabilities in Online Contact ...)
+CVE-2009-4926
 	NOT-FOR-US: Online Contact Manager
-CVE-2009-4925 (Multiple SQL injection vulnerabilities in Portale e-commerce Creasito ...)
+CVE-2009-4925
 	NOT-FOR-US: Portale e-commerce Creasito
-CVE-2009-4924 (Dan Pascu python-cjson 1.0.5 does not properly handle a ['/'] argument ...)
+CVE-2009-4924
 	- python-cjson 1.0.5-4 (low; bug #593302)
 	[lenny] - python-cjson <no-dsa> (Minor issue)
-CVE-2009-4923 (Unspecified vulnerability in the DTLS implementation on Cisco Adaptive ...)
+CVE-2009-4923
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4922 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-4922
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4921 (Cisco Adaptive Security Appliances (ASA) 5580 series devices with ...)
+CVE-2009-4921
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4920 (Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances ...)
+CVE-2009-4920
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4919 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 ...)
+CVE-2009-4919
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4918 (Cisco Adaptive Security Appliances (ASA) 5580 series devices with ...)
+CVE-2009-4918
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4917 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-4917
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4916 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-4916
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4915 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-4915
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4914 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series ...)
+CVE-2009-4914
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4913 (The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-4913
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4912 (Cisco Adaptive Security Appliances (ASA) 5580 series devices with ...)
+CVE-2009-4912
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4911 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-4911
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4910 (Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco ...)
+CVE-2009-4910
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4909 (admin/index.php in oBlog allows remote attackers to conduct ...)
+CVE-2009-4909
 	NOT-FOR-US: oBlog
-CVE-2009-4908 (Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow ...)
+CVE-2009-4908
 	NOT-FOR-US: oBlog
-CVE-2009-4907 (Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog ...)
+CVE-2009-4907
 	NOT-FOR-US: oBlog
-CVE-2009-4906 (Cross-site request forgery (CSRF) vulnerability in index.php in Acc ...)
+CVE-2009-4906
 	NOT-FOR-US: Acc PHP eMail
-CVE-2009-4905 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4905
 	NOT-FOR-US: Acc Statistics
-CVE-2009-4904 (article.php in oBlog does not properly restrict comments, which allows ...)
+CVE-2009-4904
 	NOT-FOR-US: oBlog
-CVE-2009-4903 (Cross-site scripting (XSS) vulnerability in index.php in oBlog allows ...)
+CVE-2009-4903
 	NOT-FOR-US: oBlog
-CVE-2009-4902 (Buffer overflow in the MSGFunctionDemarshall function in ...)
+CVE-2009-4902
 	- pcsc-lite <not-affected> (Covered by initial CVE-2010-0407 fix)
 	NOTE: See https://bugzilla.redhat.com/show_bug.cgi?id=596426#c20 for an explanation
 	NOTE: of the weird CVE assignments on this one
-CVE-2009-4901 (The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC ...)
+CVE-2009-4901
 	- pcsc-lite <not-affected> (Covered by initial CVE-2010-0407 fix)
 	NOTE: See https://bugzilla.redhat.com/show_bug.cgi?id=596426#c20 for an explanation
 	NOTE: of the weird CVE assignments on this one
@@ -583,605 +583,605 @@ CVE-2009-4899 [pixelpost SQL injection]
 	RESERVED
 	- pixelpost <removed> (bug #597224)
 	NOTE: http://www.pixelpost.org/blog/2009/09/02/pixelpost-173-security-update/
-CVE-2009-4898 (Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2 ...)
+CVE-2009-4898
 	NOT-FOR-US: TWiki
-CVE-2009-4897 (Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier ...)
+CVE-2009-4897
 	{DSA-2093-1}
 	- ghostscript 8.70~dfsg-1
-CVE-2009-4896 (Multiple directory traversal vulnerabilities in the mlmmj-php-admin ...)
+CVE-2009-4896
 	{DSA-2073-1}
 	- mlmmj 1.2.17-1.1 (bug #588038)
-CVE-2009-4895 (Race condition in the tty_fasync function in drivers/char/tty_io.c in ...)
+CVE-2009-4895
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-9
-CVE-2009-4894 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in ...)
+CVE-2009-4894
 	NOT-FOR-US: PunBB
-CVE-2009-4893 (Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when ...)
+CVE-2009-4893
 	- unrealircd <itp> (bug #515130)
-CVE-2009-4892 (SQL injection vulnerability in Content Management System WEBjump! ...)
+CVE-2009-4892
 	NOT-FOR-US: Content Management System WEBjump!
-CVE-2009-4891 (SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 ...)
+CVE-2009-4891
 	NOT-FOR-US: CS-Cart
-CVE-2009-4890 (Multiple cross-site scripting (XSS) vulnerabilities in the login ...)
+CVE-2009-4890
 	NOT-FOR-US: vBook
-CVE-2009-4889 (SQL injection vulnerability in books.php in the Book Panel ...)
+CVE-2009-4889
 	NOT-FOR-US: book_panel module for php-fusion
-CVE-2009-4888 (Cross-site scripting (XSS) vulnerability in poster.php in PHortail ...)
+CVE-2009-4888
 	NOT-FOR-US: PHortail
-CVE-2009-4887 (PHP remote file inclusion vulnerability in index.php in CMS S.Builder ...)
+CVE-2009-4887
 	NOT-FOR-US: CMS S.Builder
-CVE-2009-4886 (Multiple directory traversal vulnerabilities in phpCommunity 2 2.1.8 ...)
+CVE-2009-4886
 	NOT-FOR-US: phpCommunity
-CVE-2009-4885 (Cross-site scripting (XSS) vulnerability in templates/1/login.php in ...)
+CVE-2009-4885
 	NOT-FOR-US: phpCommunity
-CVE-2009-4884 (Multiple SQL injection vulnerabilities in phpCommunity 2 2.1.8, when ...)
+CVE-2009-4884
 	NOT-FOR-US: phpCommunity
-CVE-2009-4883 (SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and ...)
+CVE-2009-4883
 	NOT-FOR-US: PHPRecipeBook
-CVE-2009-4882 (Cross-site scripting (XSS) vulnerability in zc/publisher/html.rb in ...)
+CVE-2009-4882
 	{DSA-2056-1}
 	- zonecheck 2.1.1-1 (bug #583290)
-CVE-2009-4881 (Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in ...)
+CVE-2009-4881
 	{DSA-2058-1}
 	- eglibc 2.10.1-1 (unimportant)
 	- glibc 2.11.1-1 (unimportant)
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commit;h=153aa31b93be22e01b236375fb02a9f9b9a0195f
-CVE-2009-4880 (Multiple integer overflows in the strfmon implementation in the GNU C ...)
+CVE-2009-4880
 	{DSA-2058-1}
 	- eglibc 2.11.1-1 (unimportant)
 	- glibc 2.11.1-1 (unimportant)
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commit;h=199eb0de8d673fb23aa127721054b4f1803d61f3
-CVE-2009-4879 (The Identity Server in Novell Access Manager before 3.1 SP1 allows ...)
+CVE-2009-4879
 	NOT-FOR-US: Novell Access Manager
-CVE-2009-4878 (Unspecified vulnerability in the Administration Console in Novell ...)
+CVE-2009-4878
 	NOT-FOR-US: Novell Access Manager
-CVE-2009-4877 (Multiple cross-site request forgery (CSRF) vulnerabilities in WebGUI ...)
+CVE-2009-4877
 	- webgui 7.7.22-1
-CVE-2009-4876 (admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify ...)
+CVE-2009-4876
 	NOT-FOR-US: Netrix CMS
-CVE-2009-4875 (FCKeditor.Java 2.4 allows remote attackers to cause a denial of ...)
+CVE-2009-4875
 	NOT-FOR-US: FCKeditor.Java, different than fckeditor in the archive
-CVE-2009-4874 (TalkBack 2.3.14 does not properly restrict access to the edit comment ...)
+CVE-2009-4874
 	NOT-FOR-US: TalkBack
-CVE-2009-4873 (Stack-based buffer overflow in the HTTP server in Rhino Software ...)
+CVE-2009-4873
 	NOT-FOR-US: Rhino Software Serv-U Web Client
-CVE-2009-4872 (Multiple SQL injection vulnerabilities in globepersonnel_login.asp in ...)
+CVE-2009-4872
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4871 (SQL injection vulnerability in globepersonnel_forum.asp in Logoshows ...)
+CVE-2009-4871
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4870 (Multiple SQL injection vulnerabilities in login.php in PHPCityPortal ...)
+CVE-2009-4870
 	NOT-FOR-US: PHPCityPortal
-CVE-2009-4869 (Cross-site scripting (XSS) vulnerability in index.php in Nasim Guest ...)
+CVE-2009-4869
 	NOT-FOR-US: Nasim Guest Book
-CVE-2009-4868 (Cross-site scripting (XSS) vulnerability in Hitron Soft Answer Me 1.0 ...)
+CVE-2009-4868
 	NOT-FOR-US: Hitron Soft Answer Me
-CVE-2009-4867 (Buffer overflow in Tuniac 090517c allows remote attackers to cause a ...)
+CVE-2009-4867
 	NOT-FOR-US: Tuniac
-CVE-2009-4866 (Cross-site scripting (XSS) vulnerability in search.cgi in Matt's ...)
+CVE-2009-4866
 	NOT-FOR-US: Matt's Script Archive (MSA) Simple Search
-CVE-2009-4865 (Multiple SQL injection vulnerabilities in escorts_search.php in ...)
+CVE-2009-4865
 	NOT-FOR-US: I-Escorts Directory Script and Agency Script
-CVE-2009-4864 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-4864
 	NOT-FOR-US: I-Escorts Directory Script and Agency Script
-CVE-2009-4863 (Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows ...)
+CVE-2009-4863
 	NOT-FOR-US: UltraPlayer Media Player
-CVE-2009-4862 (Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote ...)
+CVE-2009-4862
 	NOT-FOR-US: Alwasel
-CVE-2009-4861 (Cross-site scripting (XSS) vulnerability in shownews.php in SupportPRO ...)
+CVE-2009-4861
 	NOT-FOR-US: SupportPRO SupportDesk
-CVE-2009-4860 (SQL injection vulnerability in demo.php in Typing Pal 1.0 and earlier ...)
+CVE-2009-4860
 	NOT-FOR-US: Typing Pal
-CVE-2009-4859 (Multiple cross-site scripting (XSS) vulnerabilities in Online Work ...)
+CVE-2009-4859
 	NOT-FOR-US: Online Work Order Suite (OWOS)
-CVE-2009-4858 (Cross-site scripting (XSS) vulnerability in questiondetail.php in ...)
+CVE-2009-4858
 	NOT-FOR-US: Yahoo Answers Clone
-CVE-2009-4857 (Cross-site scripting (XSS) vulnerability in login.php in PHP Photo ...)
+CVE-2009-4857
 	NOT-FOR-US: PHP Photo Vote
-CVE-2009-4856 (Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy ...)
+CVE-2009-4856
 	NOT-FOR-US: PHP Easy Shopping Cart
-CVE-2009-4855 (** DISPUTED ** ...)
+CVE-2009-4855
 	NOT-FOR-US: Bogus issue claimed for typo3
 	NOTE: See http://secure.t3sec.info/blog/post/2009/08/06/typo3-cms-40-showuid-exploit-not-a-vulnerability/4.2.5-1+lenny3
-CVE-2009-4854 (addons/import.php in TalkBack 2.3.14 allows remote attackers to ...)
+CVE-2009-4854
 	NOT-FOR-US: TalkBack
-CVE-2009-4853 (Multiple cross-site scripting (XSS) vulnerabilities in JumpBox before ...)
+CVE-2009-4853
 	NOT-FOR-US: JumpBox
-CVE-2009-4852 (Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle ...)
+CVE-2009-4852
 	NOT-FOR-US: SemanticScuttle
-CVE-2009-4851 (The activation resend function in the Profiles module in XOOPS before ...)
+CVE-2009-4851
 	NOT-FOR-US: XOOPS
-CVE-2009-4850 (The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote ...)
+CVE-2009-4850
 	NOT-FOR-US: Awingsoft Awakening Winds3D Viewer
-CVE-2009-4849 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4849
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4848 (Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual ...)
+CVE-2009-4848
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4847 (Deliantra Server before 2.82 allows remote authenticated users to ...)
+CVE-2009-4847
 	NOT-FOR-US: Deliantra Server
-CVE-2009-4846 (Multiple buffer overflows in Deliantra Server before 2.82 allow remote ...)
+CVE-2009-4846
 	NOT-FOR-US: Deliantra Server
-CVE-2009-4845 (The configuration page in ToutVirtual VirtualIQ Pro 3.2 build 7882 ...)
+CVE-2009-4845
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4844 (ToutVirtual VirtualIQ Pro 3.2 build 7882 does not restrict access to ...)
+CVE-2009-4844
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4843 (ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require ...)
+CVE-2009-4843
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4842 (Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual ...)
+CVE-2009-4842
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4841 (Heap-based buffer overflow in the SonicMediaPlayer ActiveX control in ...)
+CVE-2009-4841
 	NOT-FOR-US: Roxio CinePlayer
-CVE-2009-4840 (Heap-based buffer overflow in the IAManager ActiveX control in ...)
+CVE-2009-4840
 	NOT-FOR-US: Roxio CinePlayer
-CVE-2009-4839 (Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis ...)
+CVE-2009-4839
 	- acidbase 1.4.5-1 (bug #587819)
 	[lenny] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4838 (SQL injection vulnerability in base_ag_common.php in Basic Analysis ...)
+CVE-2009-4838
 	- acidbase 1.4.4-1 (low)
 	[lenny] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4837 (Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis ...)
+CVE-2009-4837
 	- acidbase 1.4.4-1 (low)
 	[lenny] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4836 (Eval injection vulnerability in system/services/init.php in Movie PHP ...)
+CVE-2009-4836
 	NOT-FOR-US: Movie PHP Script
-CVE-2009-4835 (The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, ...)
+CVE-2009-4835
 	- libsndfile 1.0.21-3 (unimportant; bug #530831)
 	NOTE: application crash only, so not security-relevant
-CVE-2009-4834 (lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute ...)
+CVE-2009-4834
 	NOT-FOR-US: Zeroboard
-CVE-2009-4833 (MySQL Connector/NET before 6.0.4, when using encryption, does not ...)
+CVE-2009-4833
 	NOT-FOR-US: MySQL Connector/NET
-CVE-2009-4832 (The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local ...)
+CVE-2009-4832
 	NOT-FOR-US: DLPCryptCore
-CVE-2009-4831 (Cerulean Studios Trillian 3.1 Basic does not check SSL certificates ...)
+CVE-2009-4831
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2009-4830 (Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote ...)
+CVE-2009-4830
 	- openx <itp> (bug #513771)
-CVE-2009-4829 (Cross-site scripting (XSS) vulnerability in the Automated Logout ...)
+CVE-2009-4829
 	NOT-FOR-US: Automated Logout module for drupal
-CVE-2009-4828 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2009-4828
 	NOT-FOR-US: Ad Manager Pro
-CVE-2009-4827 (Cross-site request forgery (CSRF) vulnerability in admin.php in Mail ...)
+CVE-2009-4827
 	NOT-FOR-US: Mail Manager Pro
-CVE-2009-4826 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2009-4826
 	NOT-FOR-US: ScriptsEz Mini Hosting Panel
-CVE-2009-4825 (8pixel.net Blog 4 stores sensitive information under the web root with ...)
+CVE-2009-4825
 	NOT-FOR-US: 8pixel.net Blog
-CVE-2009-4824 (Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab ...)
+CVE-2009-4824
 	{DSA-1897-1}
 	- kolab-webclient <undetermined>
 	- horde3 3.3.5+debian0-1
 	NOTE: package only in experimental; claimed fixed in version 20091202, but not enough info to check
 	NOTE: http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/horde-webmail/1.2.0/tg/Attic/t_framework_H_JS_Form_FixFormSecurityForImageUploads.diff?rev=1.1.2.1&only_with_tag=kolab_2_2_branch
-CVE-2009-4823 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-4823
 	NOT-FOR-US: cPanel
-CVE-2009-4822 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-4822
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-4821 (The D-Link DIR-615 with firmware 3.10NA does not require ...)
+CVE-2009-4821
 	NOT-FOR-US: D-Link DIR-615
-CVE-2009-4820 (Angelo-Emlak 1.0 stores sensitive information under the web root with ...)
+CVE-2009-4820
 	NOT-FOR-US: Angelo-Emlak
-CVE-2009-4819 (Multiple unrestricted file upload vulnerabilities in upload.php in ...)
+CVE-2009-4819
 	NOT-FOR-US: PHPhotoalbum
-CVE-2009-4818 (Unrestricted file upload vulnerability in upload.php in PHPSimplicity ...)
+CVE-2009-4818
 	NOT-FOR-US: PHPSimplicity of Upload
-CVE-2009-4817 (Unrestricted file upload vulnerability in Element-IT Ultimate Uploader ...)
+CVE-2009-4817
 	NOT-FOR-US: Element-IT Ultimate Uploader
-CVE-2009-4816 (Directory traversal vulnerability in api/download_checker.php in ...)
+CVE-2009-4816
 	NOT-FOR-US: MegaLab The Uploader
-CVE-2009-4815 (Directory traversal vulnerability in Serv-U before 9.2.0.1 allows ...)
+CVE-2009-4815
 	NOT-FOR-US: Serv-U
-CVE-2009-4814 (Cross-site scripting (XSS) vulnerability in Wolfram Research ...)
+CVE-2009-4814
 	NOT-FOR-US: Wolfram Research webMathematica
-CVE-2009-4813 (Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka ...)
+CVE-2009-4813
 	NOT-FOR-US: MyBB
-CVE-2009-4812 (Wolfram Research webMathematica allows remote attackers to obtain ...)
+CVE-2009-4812
 	NOT-FOR-US: Wolfram Research webMathematica
-CVE-2009-4811 (VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware ...)
+CVE-2009-4811
 	NOT-FOR-US: VMware
-CVE-2009-4810 (The Secure Remote Password (SRP) implementation in Samhain before ...)
+CVE-2009-4810
 	- samhain 2.5.4-1 (unimportant)
 	NOTE: Support for client/server operation is not enabled in the Debian packages
-CVE-2009-4809 (Directory traversal vulnerability in thumbnail.ghp in Easy File ...)
+CVE-2009-4809
 	NOT-FOR-US: Easy File Sharing Web Server
-CVE-2009-4808 (admin.php in Graugon PHP Article Publisher 1.0 allows remote attackers ...)
+CVE-2009-4808
 	NOT-FOR-US: Graugon PHP Article Publisher
-CVE-2009-4807 (Multiple SQL injection vulnerabilities in Graugon PHP Article ...)
+CVE-2009-4807
 	NOT-FOR-US: Graugon PHP Article Publisher
-CVE-2009-4806 (admin/save_user.asp in Digital Interchange Document Library 1.0.1 does ...)
+CVE-2009-4806
 	NOT-FOR-US: Digital Interchange Document Library
-CVE-2009-4805 (Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when ...)
+CVE-2009-4805
 	NOT-FOR-US: EZ-Blog
-CVE-2009-4804 (Cross-site scripting (XSS) vulnerability in the Calendar Base (cal) ...)
+CVE-2009-4804
 	NOT-FOR-US: cal extension for typo3
-CVE-2009-4803 (SQL injection vulnerability in the Accessibility Glossary ...)
+CVE-2009-4803
 	NOT-FOR-US: a21glossary extension for typo3
-CVE-2009-4802 (SQL injection vulnerability in the Flat Manager (flatmgr) extension ...)
+CVE-2009-4802
 	NOT-FOR-US: fsatmgr extension for typo3
-CVE-2009-4801 (EZ-Blog Beta 1 does not require authentication, which allows remote ...)
+CVE-2009-4801
 	NOT-FOR-US: EZ-Blog
-CVE-2009-4800 (Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 ...)
+CVE-2009-4800
 	NOT-FOR-US: Sysax Multi Server
-CVE-2009-4799 (Diskos CMS 6.x stores sensitive information under the web root with ...)
+CVE-2009-4799
 	NOT-FOR-US: Diskos CMS
-CVE-2009-4798 (Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote ...)
+CVE-2009-4798
 	NOT-FOR-US: Diskos CMS
-CVE-2009-4797 (SQL injection vulnerability in browse.php in JobHut 1.2 and earlier ...)
+CVE-2009-4797
 	NOT-FOR-US: JobHut
-CVE-2009-4796 (Multiple SQL injection vulnerabilities in the ExecuteQueries function ...)
+CVE-2009-4796
 	NOT-FOR-US: glFusion
-CVE-2009-4795 (Multiple SQL injection vulnerabilities in Xlight FTP Server before ...)
+CVE-2009-4795
 	NOT-FOR-US: Xlight FTP Server
-CVE-2009-4794 (Multiple SQL injection vulnerabilities in Community CMS 0.5 allow ...)
+CVE-2009-4794
 	NOT-FOR-US: Community CMS
-CVE-2009-4793 (Unrestricted file upload vulnerability in ...)
+CVE-2009-4793
 	NOT-FOR-US: BandSite CMS
-CVE-2009-4792 (SQL injection vulnerability in includes/content/member_content.php in ...)
+CVE-2009-4792
 	NOT-FOR-US: BandSite CMS
-CVE-2009-4791 (Multiple SQL injection vulnerabilities in Family Connections (aka ...)
+CVE-2009-4791
 	NOT-FOR-US: Family Connections
-CVE-2009-4790 (Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 ...)
+CVE-2009-4790
 	NOT-FOR-US: Sysax Multi Server
-CVE-2009-4789 (Multiple PHP remote file inclusion vulnerabilities in the MojoBlog ...)
+CVE-2009-4789
 	NOT-FOR-US: mojoblog component for joomla!
-CVE-2009-4788 (Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier ...)
+CVE-2009-4788
 	NOT-FOR-US: Pligg
-CVE-2009-4787 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg ...)
+CVE-2009-4787
 	NOT-FOR-US: Pligg
-CVE-2009-4786 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg before ...)
+CVE-2009-4786
 	NOT-FOR-US: Pligg
-CVE-2009-4785 (SQL injection vulnerability in the Quick News (com_quicknews) ...)
+CVE-2009-4785
 	NOT-FOR-US: com_quicknews component for joomla!
-CVE-2009-4784 (SQL injection vulnerability in the Joaktree (com_joaktree) component ...)
+CVE-2009-4784
 	NOT-FOR-US: com_joaktree component for joomla!
-CVE-2009-4783 (Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, ...)
+CVE-2009-4783
 	NOT-FOR-US: Theeta CMS
-CVE-2009-4782 (Multiple cross-site scripting (XSS) vulnerabilities in Theeta CMS, ...)
+CVE-2009-4782
 	NOT-FOR-US: Theeta CMS
-CVE-2009-4781 (TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for ...)
+CVE-2009-4781
 	NOT-FOR-US: TUKEVA Password Reminder
-CVE-2009-4780 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-4780
 	NOT-FOR-US: phpMyFAQ
-CVE-2009-4779 (Multiple PHP remote file inclusion vulnerabilities in NukeHall 0.3 and ...)
+CVE-2009-4779
 	NOT-FOR-US: NukeHall
-CVE-2009-4778 (Multiple unspecified vulnerabilities in the PDF distiller in the ...)
+CVE-2009-4778
 	NOT-FOR-US: BlackBerry PDF distiller
-CVE-2009-4777 (Unspecified vulnerability in multiple versions of Hitachi ...)
+CVE-2009-4777
 	NOT-FOR-US: Hitachi Job Management / System Observer
-CVE-2009-4776 (Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit ...)
+CVE-2009-4776
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2009-4775 (Format string vulnerability in Ipswitch WS_FTP Professional 12 before ...)
+CVE-2009-4775
 	NOT-FOR-US: Ipswitch WS_FTP Professional
-CVE-2009-4774 (Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 ...)
+CVE-2009-4774
 	NOT-FOR-US: OpenSolaris
-CVE-2009-4773 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2009-4773
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2009-4772 (Unspecified vulnerability in the PayPal Website Payments Standard ...)
+CVE-2009-4772
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2009-4771 (The PayPal Website Payments Standard functionality in the Ubercart ...)
+CVE-2009-4771
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2009-4770 (The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 ...)
+CVE-2009-4770
 	NOT-FOR-US: httpdx
-CVE-2009-4769 (Multiple format string vulnerabilities in the tolog function in httpdx ...)
+CVE-2009-4769
 	NOT-FOR-US: httpdx
-CVE-2009-4768 (Unspecified vulnerability in the JASS script interpreter in Warcraft ...)
+CVE-2009-4768
 	NOT-FOR-US: World of Warcraft
-CVE-2009-4767 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-4767
 	NOT-FOR-US: Plohni Shoutbox
-CVE-2009-4766 (YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores ...)
+CVE-2009-4766
 	NOT-FOR-US: MS-Pro Portal Scripti
-CVE-2009-4765 (CNR Hikaye Portal 2.0 stores sensitive information under the web root ...)
+CVE-2009-4765
 	NOT-FOR-US: CNR Hikaye Portal
-CVE-2009-4764 (Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that ...)
+CVE-2009-4764
 	NOT-FOR-US: Adobe Reader
-CVE-2009-4763 (Unspecified vulnerability in the ClickHeat plugin, as used in ...)
+CVE-2009-4763
 	NOT-FOR-US: ClickHeat plugin
-CVE-2009-4762 (MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ...)
+CVE-2009-4762
 	- moin 1.9.2-1 (bug #569975; medium)
 	[lenny] - moin 1.7.1-3+lenny3 (bug #569975; medium)
 	NOTE: see http://www.debian.org/security/2010/dsa-2014
-CVE-2009-4761 (Stack-based buffer overflow in Mini-stream RM Downloader allows remote ...)
+CVE-2009-4761
 	NOT-FOR-US: Mini-stream RM Downloader
-CVE-2009-4760 (Winn ASP Guestbook 1.01 Beta stores sensitive information under the ...)
+CVE-2009-4760
 	NOT-FOR-US: Winn ASP Guestbook
-CVE-2009-4759 (Buffer overflow in BrotherSoft BMXPlay 0.4.4b allows remote attackers ...)
+CVE-2009-4759
 	NOT-FOR-US: BrotherSoft BMXPlay
-CVE-2009-4758 (Stack-based buffer overflow in dicas Mpegable Player 2.12 allows ...)
+CVE-2009-4758
 	NOT-FOR-US: Mpegable Player
-CVE-2009-4757 (Stack-based buffer overflow in BrotherSoft EW-MusicPlayer 0.8 allows ...)
+CVE-2009-4757
 	NOT-FOR-US: BrotherSoft EW-MusicPlayer
-CVE-2009-4756 (Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in ...)
+CVE-2009-4756
 	NOT-FOR-US: Beatport Player
-CVE-2009-4755 (Multiple stack-based buffer overflows in Mercury Audio Player 1.21 ...)
+CVE-2009-4755
 	NOT-FOR-US: Mercury Audio Player
-CVE-2009-4754 (Stack-based buffer overflow in Mercury Audio Player 1.21 allows remote ...)
+CVE-2009-4754
 	NOT-FOR-US: Mercury Audio Player
-CVE-2009-4753 (Multiple buffer overflows in the FTP server on the Addonics NAS ...)
+CVE-2009-4753
 	NOT-FOR-US: Addonics NAS Adapter NASU2FW41
-CVE-2009-4752 (PHP remote file inclusion vulnerability in anzeiger/start.php in ...)
+CVE-2009-4752
 	NOT-FOR-US: Swinger Club Portal
-CVE-2009-4751 (SQL injection vulnerability in anzeiger/start.php in Swinger Club ...)
+CVE-2009-4751
 	NOT-FOR-US: Swinger Club Portal
-CVE-2009-4750 (PHP remote file inclusion vulnerability in home.php in Top Paidmailer ...)
+CVE-2009-4750
 	NOT-FOR-US: Top Paidmailer
-CVE-2009-4749 (Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 ...)
+CVE-2009-4749
 	NOT-FOR-US: PHP Live!
-CVE-2009-4748 (SQL injection vulnerability in mycategoryorder.php in the My Category ...)
+CVE-2009-4748
 	NOT-FOR-US: My Category Order plugin for wordpress
-CVE-2009-4747 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-4747
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2009-4746 (Cross-site scripting (XSS) vulnerability in index.php in Dreamlevels ...)
+CVE-2009-4746
 	NOT-FOR-US: Dreamlevels DreamPoll
-CVE-2009-4745 (Multiple SQL injection vulnerabilities in index.php in Dreamlevels ...)
+CVE-2009-4745
 	NOT-FOR-US: Dreamlevels DreamPoll
-CVE-2009-4744 (Cross-site scripting (XSS) vulnerability in the Contact module in ...)
+CVE-2009-4744
 	NOT-FOR-US: Exponent CMS
-CVE-2009-4743 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-4743
 	NOT-FOR-US: AfterLogic WebMail
-CVE-2009-4742 (Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote ...)
+CVE-2009-4742
 	NOT-FOR-US: Docebo
-CVE-2009-4741 (Unspecified vulnerability in the Extras Manager before 2.0.0.67 in ...)
+CVE-2009-4741
 	NOT-FOR-US: Skype
-CVE-2009-4740 (Directory traversal vulnerability in the Webesse E-Card (ws_ecard) ...)
+CVE-2009-4740
 	NOT-FOR-US: ws_ecard extension for typo3
-CVE-2009-4739 (PHP remote file inclusion vulnerability in index.php in SkaDate Dating ...)
+CVE-2009-4739
 	NOT-FOR-US: SkaDate Dating
-CVE-2009-4738 (Unspecified vulnerability in JustSystems Corporation ATOK 2006 through ...)
+CVE-2009-4738
 	NOT-FOR-US: JustSystems Corporation
-CVE-2009-4737 (Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, ...)
+CVE-2009-4737
 	NOT-FOR-US: JustSystems Corporation Ichitaro
-CVE-2009-4736 (Cross-site scripting (XSS) vulnerability in search.php in CommonSense ...)
+CVE-2009-4736
 	NOT-FOR-US: CommonSense CMS
-CVE-2009-4735 (SQL injection vulnerability in login.php in Allomani Audio &amp; Video ...)
+CVE-2009-4735
 	NOT-FOR-US: Allomani Audio & Video Library
-CVE-2009-4734 (SQL injection vulnerability in login.php in Allomani Movies Library ...)
+CVE-2009-4734
 	NOT-FOR-US: Allomani Movies Library
-CVE-2009-4733 (SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, ...)
+CVE-2009-4733
 	NOT-FOR-US: SimpleLoginSys
-CVE-2009-4732 (SQL injection vulnerability in tt/index.php in TT Web Site Manager ...)
+CVE-2009-4732
 	NOT-FOR-US: TT Web Site Manager
-CVE-2009-4731 (SQL injection vulnerability in photos.php in Model Agency Manager PRO ...)
+CVE-2009-4731
 	NOT-FOR-US: Model Agency Manager PRO
-CVE-2009-4730 (SQL injection vulnerability in report.php in x10 Adult Media Script ...)
+CVE-2009-4730
 	NOT-FOR-US: Adult Media Script
-CVE-2009-4729 (Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media ...)
+CVE-2009-4729
 	NOT-FOR-US: Adult Media Script
-CVE-2009-4728 (SQL injection vulnerability in the administrative interface in ...)
+CVE-2009-4728
 	NOT-FOR-US: Questions Answered
-CVE-2009-4727 (SQL injection vulnerability in x/login in JungleScripts Ajax Short Url ...)
+CVE-2009-4727
 	NOT-FOR-US: JungleScripts Ajax Short Url
-CVE-2009-4726 (Directory traversal vulnerability in download.php in Quickdev 4 PHP ...)
+CVE-2009-4726
 	NOT-FOR-US: Quickdev 4 PHP
-CVE-2009-4725 (Directory traversal vulnerability in modules/aljazeera/admin/setup.php ...)
+CVE-2009-4725
 	NOT-FOR-US: Arab Portal
-CVE-2009-4724 (SQL injection vulnerability in shop.htm in PaymentProcessorScript.net ...)
+CVE-2009-4724
 	NOT-FOR-US: PaymentProcessorScript.net PPScript
-CVE-2009-4723 (Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 ...)
+CVE-2009-4723
 	NOT-FOR-US: Netpet CMS
-CVE-2009-4722 (SQL injection vulnerability in the CheckLogin function in ...)
+CVE-2009-4722
 	NOT-FOR-US: Limny
-CVE-2009-4721 (Multiple SQL injection vulnerabilities in Admin/index.asp in ...)
+CVE-2009-4721
 	NOT-FOR-US: Andrews-Web BannerAd
-CVE-2009-4720 (SQL injection vulnerability in cgi-bin/gnudip.cgi in GnuDIP 2.1.1 ...)
+CVE-2009-4720
 	- gnudip <removed> (medium; bug #539452)
-CVE-2009-4719 (SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows ...)
+CVE-2009-4719
 	NOT-FOR-US: Discloser
-CVE-2009-4718 (SQL injection vulnerability in visitorduration.php in Gonafish ...)
+CVE-2009-4718
 	NOT-FOR-US: Gonafish WebStatCaffe
-CVE-2009-4717 (Multiple cross-site scripting (XSS) vulnerabilities in Gonafish ...)
+CVE-2009-4717
 	NOT-FOR-US: Gonafish WebStatCaffe
-CVE-2009-4716 (Cross-site scripting (XSS) vulnerability in results.php in EDGEPHP ...)
+CVE-2009-4716
 	NOT-FOR-US: EDGEPHP EZWebSearch
-CVE-2009-4715 (Cross-site scripting (XSS) vulnerability in rates.php in Real Time ...)
+CVE-2009-4715
 	NOT-FOR-US: Real Time Currency Exchange
-CVE-2009-4714 (Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS ...)
+CVE-2009-4714
 	NOT-FOR-US: XOOPS Celepar
-CVE-2009-4713 (Multiple cross-site scripting (XSS) vulnerabilities in the Qas (aka ...)
+CVE-2009-4713
 	NOT-FOR-US: XOOPS Celepar
-CVE-2009-4712 (SQL injection vulnerability in index.php in Tukanas Classifieds (aka ...)
+CVE-2009-4712
 	NOT-FOR-US: EasyClassifieds
-CVE-2009-4711 (SQL injection vulnerability in the CoolURI (cooluri) extension before ...)
+CVE-2009-4711
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4710 (SQL injection vulnerability in the Reset backend password ...)
+CVE-2009-4710
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4709 (SQL injection vulnerability in the datamints Newsticker ...)
+CVE-2009-4709
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4708 (SQL injection vulnerability in the [Gobernalia] Front End News ...)
+CVE-2009-4708
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4707 (Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End ...)
+CVE-2009-4707
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4706 (Cross-site scripting (XSS) vulnerability in the Mailform (mailform) ...)
+CVE-2009-4706
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4705 (Cross-site scripting (XSS) vulnerability in the Twitter Search ...)
+CVE-2009-4705
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4704 (Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension ...)
+CVE-2009-4704
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4703 (SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) ...)
+CVE-2009-4703
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4702 (SQL injection vulnerability in the Tour Extension (pm_tour) extension ...)
+CVE-2009-4702
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4701 (SQL injection vulnerability in the Myth download (myth_download) ...)
+CVE-2009-4701
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4700 (Directory traversal vulnerability in index.php in SkaDate Dating ...)
+CVE-2009-4700
 	NOT-FOR-US: SkaDate Dating
-CVE-2009-4699 (Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating ...)
+CVE-2009-4699
 	NOT-FOR-US: SkaDate Dating
-CVE-2009-4698 (Multiple SQL injection vulnerabilities in the Qas (aka Quas) module ...)
+CVE-2009-4698
 	NOT-FOR-US: XOOPS Celepar
-CVE-2009-4697 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-4697
 	NOT-FOR-US: RadNICS Gold 5
-CVE-2009-4696 (SQL injection vulnerability in index.php in RadNICS Gold 5 allows ...)
+CVE-2009-4696
 	NOT-FOR-US: RadNICS Gold 5
-CVE-2009-4695 (SQL injection vulnerability in index.php in RadScripts RadLance Gold ...)
+CVE-2009-4695
 	NOT-FOR-US: RadScripts RadLance Gold
-CVE-2009-4694 (Cross-site scripting (XSS) vulnerability in index.php in RadScripts ...)
+CVE-2009-4694
 	NOT-FOR-US: RadScripts RadLance Gold
-CVE-2009-4693 (Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB ...)
+CVE-2009-4693
 	NOT-FOR-US: GraFX MiniCWB
-CVE-2009-4692 (Cross-site scripting (XSS) vulnerability in index.php in RadScripts ...)
+CVE-2009-4692
 	NOT-FOR-US: RadScripts RadLance Gold
-CVE-2009-4691 (SQL injection vulnerability in addlink.php in Classified Linktrader ...)
+CVE-2009-4691
 	NOT-FOR-US: Classified Linktrader Script
-CVE-2009-4690 (Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld ...)
+CVE-2009-4690
 	NOT-FOR-US: YourFreeWorld Programs Rating Script
-CVE-2009-4689 (SQL injection vulnerability in index.php in PHP Shopping Cart Selling ...)
+CVE-2009-4689
 	NOT-FOR-US: PHP Shopping Cart Selling Website Script
-CVE-2009-4688 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-4688
 	NOT-FOR-US: PHP Shopping Cart Selling Website Script
-CVE-2009-4687 (SQL injection vulnerability in silentum_guestbook.php in Silentum ...)
+CVE-2009-4687
 	NOT-FOR-US: Silentum Guestbook
-CVE-2009-4686 (Cross-site scripting (XSS) vulnerability in account.php in phplemon ...)
+CVE-2009-4686
 	NOT-FOR-US: phplemon AdQuick
-CVE-2009-4685 (Cross-site scripting (XSS) vulnerability in celebrities.php in PHP ...)
+CVE-2009-4685
 	NOT-FOR-US: PHP Scripts Now Astrology
-CVE-2009-4684 (Cross-site scripting (XSS) vulnerability in index.php in EZodiak ...)
+CVE-2009-4684
 	NOT-FOR-US: EZodiak
-CVE-2009-4683 (Directory traversal vulnerability in vote.php in Good/Bad Vote allows ...)
+CVE-2009-4683
 	NOT-FOR-US: Good/Bad Vote
-CVE-2009-4682 (Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote ...)
+CVE-2009-4682
 	NOT-FOR-US: Good/Bad Vote
-CVE-2009-4681 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+CVE-2009-4681
 	NOT-FOR-US: phpDirectorySource
-CVE-2009-4680 (SQL injection vulnerability in search.php in phpDirectorySource 1.x ...)
+CVE-2009-4680
 	NOT-FOR-US: phpDirectorySource
-CVE-2009-4679 (Directory traversal vulnerability in the inertialFATE iF Portfolio ...)
+CVE-2009-4679
 	NOT-FOR-US: com_if_nexus component for Joomla!
-CVE-2009-4678 (Cross-site scripting (XSS) vulnerability in index.php in Winn ...)
+CVE-2009-4678
 	NOT-FOR-US: Winn Guestbook
-CVE-2009-4677 (Cross-site scripting (XSS) vulnerability in search.php in phpFK PHP ...)
+CVE-2009-4677
 	NOT-FOR-US: phpFK PHP Forum
-CVE-2009-4676 (Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio ...)
+CVE-2009-4676
 	NOT-FOR-US: JetCast.exe
-CVE-2009-4675 (admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant ...)
+CVE-2009-4675
 	NOT-FOR-US: Mole Group Gastro Portal
-CVE-2009-4674 (admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script ...)
+CVE-2009-4674
 	NOT-FOR-US: Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket
-CVE-2009-4673 (SQL injection vulnerability in profile.php in Mole Group Adult Portal ...)
+CVE-2009-4673
 	NOT-FOR-US: Mole Group Adult Portal Script
-CVE-2009-4672 (Directory traversal vulnerability in main.php in the WP-Lytebox plugin ...)
+CVE-2009-4672
 	NOT-FOR-US: WP-Lytebox plugin for WordPress
-CVE-2009-4671 (Login.php in RoomPHPlanning 1.6 allows remote attackers to bypass ...)
+CVE-2009-4671
 	NOT-FOR-US: RoomPHPlanning
-CVE-2009-4670 (admin/delitem.php in RoomPHPlanning 1.6 does not require ...)
+CVE-2009-4670
 	NOT-FOR-US: RoomPHPlanning
-CVE-2009-4669 (Multiple SQL injection vulnerabilities in RoomPHPlanning 1.6 allow ...)
+CVE-2009-4669
 	NOT-FOR-US: RoomPHPlanning
-CVE-2009-4668 (Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio ...)
+CVE-2009-4668
 	NOT-FOR-US: JetCast.exe
-CVE-2009-4667 (SQL injection vulnerability in form.php in WebMember 1.0 allows remote ...)
+CVE-2009-4667
 	NOT-FOR-US: WebMember
-CVE-2009-4666 (Multiple PHP remote file inclusion vulnerabilities in Webradev ...)
+CVE-2009-4666
 	NOT-FOR-US: Webradev Download Protect
-CVE-2009-4665 (Directory traversal vulnerability in ...)
+CVE-2009-4665
 	NOT-FOR-US: Cute Editor
-CVE-2009-4664 (Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, ...)
+CVE-2009-4664
 	- fwbuilder 3.0.7-1 (bug #547390; medium)
 	[lenny] - fwbuilder <not-affected> (only versions 3.0.4, 3.0.5 and 3.0.6 are affected)
 	- libfwbuilder 3.0.7-1 (bug #547390; medium)
 	[lenny] - libfwbuilder <not-affected> (only versions 3.0.4, 3.0.5 and 3.0.6 are affected)
 	NOTE: m68k package in debports in still affected at version 3.0.5
 	NOTE: see http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7
-CVE-2009-4663 (Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX ...)
+CVE-2009-4663
 	NOT-FOR-US: Quiksoft EasyMail Objects
-CVE-2009-4662 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
+CVE-2009-4662
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-4661 (Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow ...)
+CVE-2009-4661
 	NOT-FOR-US: BigAnt Server
-CVE-2009-4660 (Stack-based buffer overflow in the AntServer Module (AntServer.exe) in ...)
+CVE-2009-4660
 	NOT-FOR-US: BigAnt IM Server
-CVE-2009-4659 (Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20 allows ...)
+CVE-2009-4659
 	NOT-FOR-US: MP3-Cutter Ease Audio Cutter
-CVE-2009-4658 (Xerver 4.32 allows remote authenticated users to cause a denial of ...)
+CVE-2009-4658
 	NOT-FOR-US: Xerver
-CVE-2009-4657 (The administrator package for Xerver 4.32 does not require ...)
+CVE-2009-4657
 	NOT-FOR-US: Xerver
-CVE-2009-4656 (Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including ...)
+CVE-2009-4656
 	NOT-FOR-US: E-Soft DJ Studio Pro
-CVE-2009-4652 (The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in ...)
+CVE-2009-4652
 	- ngircd 15-0.1
 	[lenny] - ngircd <not-affected> (SSL/TLS support not yet present)
-CVE-2009-4655 (The dhost web service in Novell eDirectory 8.8.5 uses a predictable ...)
+CVE-2009-4655
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-4654 (Stack-based buffer overflow in the dhost module in Novell eDirectory ...)
+CVE-2009-4654
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-4653 (Stack-based buffer overflow in the dhost module in Novell eDirectory ...)
+CVE-2009-4653
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-4651 (Multiple cross-site scripting (XSS) vulnerabilities in the Webee ...)
+CVE-2009-4651
 	NOT-FOR-US: Webee Comments component for Joomla!
-CVE-2009-4650 (SQL injection vulnerability in the Webee Comments (com_webeecomment) ...)
+CVE-2009-4650
 	NOT-FOR-US: Webee Comments component for Joomla!
-CVE-2009-4649 (Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 ...)
+CVE-2009-4649
 	NOT-FOR-US: geccBBlite
-CVE-2009-4648 (Accellion Secure File Transfer Appliance before 8_0_105 does not ...)
+CVE-2009-4648
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4647 (Cross-site scripting (XSS) vulnerability in Accellion Secure File ...)
+CVE-2009-4647
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4646 (Static code injection vulnerability in the administrative web ...)
+CVE-2009-4646
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4645 (Directory traversal vulnerability in web_client_user_guide.html in ...)
+CVE-2009-4645
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4644 (Accellion Secure File Transfer Appliance before 8_0_105 allows remote ...)
+CVE-2009-4644
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
 CVE-2009-5050 [konversation DoS]
 	RESERVED
 	- konversation 1.2.3-1 (low)
 	[lenny] - konversation <not-affected> (Doesn't affect the combination of kdelibs/QT in Lenny)
 	NOTE: http://bugs.kde.org/show_bug.cgi?id=219985
-CVE-2009-4643 (Stack-based buffer overflow in dsInstallerService.dll in the Juniper ...)
+CVE-2009-4643
 	NOT-FOR-US: Juniper Installer Service
 CVE-2009-XXXX [ffmpeg potentially remaining vulnerabilities after DSA 2000]
 	- ffmpeg 4:0.5.1-1 (medium; bug #570713)
 	- ffmpeg-debian <end-of-life>
-CVE-2009-4642 (gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface ...)
+CVE-2009-4642
 	- gnome-screensaver 2.26.1-2
 	[lenny] - gnome-screensaver <not-affected> (vulnerability introduced in 2.26)
 	NOTE: only an issue under certain desktop environments such as xfce
-CVE-2009-4641 (gnome-screensaver 2.28.0 does not resume adherence to its activation ...)
+CVE-2009-4641
 	- gnome-screensaver 2.28.0-2 (low; bug #569667)
 	[etch] - gnome-screensaver <not-affected> (Vulnerable code not present)
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
-CVE-2009-4640 (Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote ...)
+CVE-2009-4640
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4639 (The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows ...)
+CVE-2009-4639
 	- ffmpeg 7:2.4.1-1 (unimportant; bug #550442)
 	- ffmpeg-debian <removed> (unimportant)
 	NOTE: denial-of-service only, so not worth worrying about
 	NOTE: http://thread.gmane.org/gmane.comp.video.ffmpeg.devel/97154/focus=97156
 	NOTE: http://thread.gmane.org/gmane.comp.video.ffmpeg.issues/6111/focus=6116
-CVE-2009-4638 (Integer overflow in FFmpeg 0.5 allows remote attackers to cause a ...)
+CVE-2009-4638
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4637 (FFmpeg 0.5 allows remote attackers to cause a denial of service ...)
+CVE-2009-4637
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4636 (FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) ...)
+CVE-2009-4636
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4635 (FFmpeg 0.5 allows remote attackers to cause a denial of service and ...)
+CVE-2009-4635
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4634 (Multiple integer underflows in FFmpeg 0.5 allow remote attackers to ...)
+CVE-2009-4634
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4633 (vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a ...)
+CVE-2009-4633
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4632 (oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain ...)
+CVE-2009-4632
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4631 (Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows ...)
+CVE-2009-4631
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4630 (Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, ...)
+CVE-2009-4630
 	- xulrunner 1.9.1-1 (low)
 	[etch] - xulrunner <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - xulrunner <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
@@ -1191,7 +1191,7 @@ CVE-2009-4630 (Mozilla Necko, as used in Firefox, SeaMonkey, and other applicati
 	[etch] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	NOTE: mozilla's dns prefetching leads to disclosure of the user's network location
-CVE-2009-4629 (Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other ...)
+CVE-2009-4629
 	- icedove 3.0.2-1 (unimportant)
 	[etch] - icedove <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - icedove <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
@@ -1200,265 +1200,265 @@ CVE-2009-4629 (Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other
 	- iceape <removed> (unimportant)
 	[etch] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
-CVE-2009-4628 (SQL injection vulnerability in the TemplatePlaza.com TPDugg ...)
+CVE-2009-4628
 	NOT-FOR-US: Joomla!
-CVE-2009-4627 (Directory traversal vulnerability in sources/_template_parser.php in ...)
+CVE-2009-4627
 	NOT-FOR-US: Moa Gallery
-CVE-2009-4626 (Directory traversal vulnerability in menu.php in phpNagios 1.2.0 ...)
+CVE-2009-4626
 	NOT-FOR-US: phpNagios
-CVE-2009-4625 (SQL injection vulnerability in the updateOnePage function in ...)
+CVE-2009-4625
 	NOT-FOR-US: Joomla!
-CVE-2009-4624 (SQL injection vulnerability in download.php in Nicecoder iDesk allows ...)
+CVE-2009-4624
 	NOT-FOR-US: Nicecoder iDesk
-CVE-2009-4623 (Multiple PHP remote file inclusion vulnerabilities in Advanced Comment ...)
+CVE-2009-4623
 	NOT-FOR-US: Advanced Comment System
-CVE-2009-4622 (PHP remote file inclusion vulnerability in admin/admin_news_bot.php in ...)
+CVE-2009-4622
 	NOT-FOR-US: Drunken:Golem Gaming Portal
-CVE-2009-4621 (SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier ...)
+CVE-2009-4621
 	NOT-FOR-US: Discuz
-CVE-2009-4620 (SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 ...)
+CVE-2009-4620
 	NOT-FOR-US: Joomla!
-CVE-2009-4619 (SQL injection vulnerability in the Lucy Games (com_lucygames) ...)
+CVE-2009-4619
 	NOT-FOR-US: Joomla!
-CVE-2009-4618 (Multiple SQL injection vulnerabilities in Tourism Script Bus Script ...)
+CVE-2009-4618
 	NOT-FOR-US: Tourism Script Bus Script
-CVE-2009-4617 (Multiple SQL injection vulnerabilities in Tourism Script Accommodation ...)
+CVE-2009-4617
 	NOT-FOR-US: Tourism Script Accommodation Hotel Booking Portal Script
-CVE-2009-4616 (Cross-site scripting (XSS) vulnerability in search.php in MYRE Holiday ...)
+CVE-2009-4616
 	NOT-FOR-US: MYRE Holiday Rental Manager
-CVE-2009-4615 (SQL injection vulnerability in review.php in MYRE Holiday Rental ...)
+CVE-2009-4615
 	NOT-FOR-US: MYRE Holiday Rental Manager
-CVE-2009-4614 (Multiple PHP remote file inclusion vulnerabilities in Moa Gallery ...)
+CVE-2009-4614
 	NOT-FOR-US: Moa Gallery
-CVE-2009-4613 (SQL injection vulnerability in realestate20/loginaction.php in NetArt ...)
+CVE-2009-4613
 	NOT-FOR-US: NetArt Media Real Estate Portal
-CVE-2009-4612 (Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP ...)
+CVE-2009-4612
 	- jetty 6.1.22-1 (bug #575789)
-CVE-2009-4611 (Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing ...)
+CVE-2009-4611
 	- jetty 6.1.22-1
-CVE-2009-4610 (Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty ...)
+CVE-2009-4610
 	- jetty <not-affected> (low; bug #575790)
 	NOTE: the exploitable servlet is not shipped in Debian packages
-CVE-2009-4609 (The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote ...)
+CVE-2009-4609
 	- jetty <not-affected> (low; bug #575791)
 	NOTE: the exploitable servlet is not shipped in Debian packages
-CVE-2009-4608 (Cross-site scripting (XSS) vulnerability in Canon IT Solutions Inc. ...)
+CVE-2009-4608
 	NOT-FOR-US: ACCESSGUARDIAN
-CVE-2009-4607 (The command line interface in Overland Storage Snap Server 410 with ...)
+CVE-2009-4607
 	NOT-FOR-US: Overland Storage Snap Server
-CVE-2009-4606 (South River Technologies WebDrive 9.02 build 2232 installs the ...)
+CVE-2009-4606
 	NOT-FOR-US: South River Technologies WebDrive
-CVE-2009-4604 (PHP remote file inclusion vulnerability in mamboleto.php in the ...)
+CVE-2009-4604
 	NOT-FOR-US: Joomla!
-CVE-2009-4603 (Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, ...)
+CVE-2009-4603
 	NOT-FOR-US: SAP Kernel
-CVE-2009-4602 (Cross-site scripting (XSS) vulnerability in the Randomizer module 5.x ...)
+CVE-2009-4602
 	NOT-FOR-US: Randomizer module for Drupal
-CVE-2009-4601 (Cross-site scripting (XSS) vulnerability in basic_search_result.php in ...)
+CVE-2009-4601
 	NOT-FOR-US: ZeeJobsite
-CVE-2009-4600 (SQL injection vulnerability in realestate20/loginaction.php in NetArt ...)
+CVE-2009-4600
 	NOT-FOR-US: NetArt Media Real Estate Portal
-CVE-2009-4599 (Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) ...)
+CVE-2009-4599
 	NOT-FOR-US: Joomla!
-CVE-2009-4598 (SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 ...)
+CVE-2009-4598
 	NOT-FOR-US: Joomla!
-CVE-2009-4597 (Multiple SQL injection vulnerabilities in index.php in PHP Inventory ...)
+CVE-2009-4597
 	NOT-FOR-US: PHP Inventory
-CVE-2009-4596 (Cross-site scripting (XSS) vulnerability in index.php in PHP Inventory ...)
+CVE-2009-4596
 	NOT-FOR-US: PHP Inventory
-CVE-2009-4595 (SQL injection vulnerability in index.php in PHP Inventory 1.2 allows ...)
+CVE-2009-4595
 	NOT-FOR-US: PHP Inventory
-CVE-2009-4605 (scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before ...)
+CVE-2009-4605
 	{DSA-2034-1}
 	- phpmyadmin 4:3.2.4-1
 	NOTE: vulnerable code does not in the 3.x series (sid and squeeze checked)
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
 	NOTE: there is still at least one unserialize() call on _POST data
-CVE-2009-4594 (Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access ...)
+CVE-2009-4594
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2009-4593 (The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not ...)
+CVE-2009-4593
 	NOT-FOR-US: Bftpd
-CVE-2009-4592 (Unspecified vulnerability in base_local_rules.php in Basic Analysis ...)
+CVE-2009-4592
 	- acidbase 1.4.4-1
 	[lenny] - acidbase <no-dsa> (Minor issue)
 	[etch] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4591 (SQL injection vulnerability in Basic Analysis and Security Engine ...)
+CVE-2009-4591
 	- acidbase 1.4.4-1
 	[lenny] - acidbase <no-dsa> (Minor issue)
 	[etch] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4590 (Cross-site scripting (XSS) vulnerability in base_local_rules.php in ...)
+CVE-2009-4590
 	- acidbase 1.4.4-1
 	[lenny] - acidbase <no-dsa> (Minor issue)
 	[etch] - acidbase <no-dsa> (Minor issue)
 	NOTE: 1.4.5 fixed more XSS issues in this file
-CVE-2009-4588 (Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control ...)
+CVE-2009-4588
 	NOT-FOR-US: AwingSoft Awakening
-CVE-2009-4587 (Cherokee Web Server 0.5.4 allows remote attackers to cause a denial of ...)
+CVE-2009-4587
 	- cherokee <not-affected> (Only affects Windows and DOS)
 	NOTE: this only works on windows and dos as you are not allowed
 	NOTE: to use a file name with AUX and any or no extension as this is a
 	NOTE: reserved device name. cherokee was lacking error handling...
-CVE-2009-4586 (Multiple cross-site scripting (XSS) vulnerabilities in index.html in ...)
+CVE-2009-4586
 	NOT-FOR-US: Wowd client
-CVE-2009-4585 (UranyumSoft Listing Service stores sensitive information under the web ...)
+CVE-2009-4585
 	NOT-FOR-US: UranyumSoft Listing Service
-CVE-2009-4584 (admin.php in dB Masters Multimedia Links Directory 3.1.3 allows remote ...)
+CVE-2009-4584
 	NOT-FOR-US: dB Masters Multimedia Links Directory
-CVE-2009-4583 (SQL injection vulnerability in the DhForum (com_dhforum) component for ...)
+CVE-2009-4583
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4582 (SQL injection vulnerability in detail.php in the Dictionary module for ...)
+CVE-2009-4582
 	NOT-FOR-US: XOOPS module
-CVE-2009-4581 (Directory traversal vulnerability in modules/admincp.php in ...)
+CVE-2009-4581
 	NOT-FOR-US: RoseOnlineCMS
-CVE-2009-4580 (Multiple cross-site scripting (XSS) vulnerabilities in Hasta Blog 2.3 ...)
+CVE-2009-4580
 	NOT-FOR-US: Hasta Blog
-CVE-2009-4579 (Cross-site scripting (XSS) vulnerability in the Artist avenue ...)
+CVE-2009-4579
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4578 (Cross-site scripting (XSS) vulnerability in the Facileforms ...)
+CVE-2009-4578
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4577 (SQL injection vulnerability in the MDForum module 2.x through 2.07 for ...)
+CVE-2009-4577
 	NOT-FOR-US: MDForum module for MAXdev MDPro
-CVE-2009-4576 (SQL injection vulnerability in the BeeHeard (com_beeheard) component ...)
+CVE-2009-4576
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4575 (Cross-site scripting (XSS) vulnerability in the Q-Personel ...)
+CVE-2009-4575
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4574 (SQL injection vulnerability in country_escorts.php in I-Escorts ...)
+CVE-2009-4574
 	NOT-FOR-US: I-Escorts Directory Script
-CVE-2009-4573 (Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus ...)
+CVE-2009-4573
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4572 (Cross-site request forgery (CSRF) vulnerability in PhpShop 0.8.1 ...)
+CVE-2009-4572
 	NOT-FOR-US: PhpShop
-CVE-2009-4571 (Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 ...)
+CVE-2009-4571
 	NOT-FOR-US: PhpShop
-CVE-2009-4570 (Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows ...)
+CVE-2009-4570
 	NOT-FOR-US: PhpShop
-CVE-2009-4569 (SQL injection vulnerability in elkagroup Image Gallery allows remote ...)
+CVE-2009-4569
 	NOT-FOR-US: elkagroup Image Gallery
-CVE-2009-4568 (Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and ...)
+CVE-2009-4568
 	NOT-FOR-US: Webmin
-CVE-2009-4567 (Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php ...)
+CVE-2009-4567
 	NOT-FOR-US: Viscacha
-CVE-2009-4566 (SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows ...)
+CVE-2009-4566
 	NOT-FOR-US: Zenphoto
-CVE-2009-4564 (SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ...)
+CVE-2009-4564
 	NOT-FOR-US: Zenphoto
-CVE-2009-4563 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2009-4563
 	NOT-FOR-US: Zenphoto
-CVE-2009-4562 (Cross-site scripting (XSS) vulnerability in zp-core/admin.php in ...)
+CVE-2009-4562
 	NOT-FOR-US: Zenphoto
-CVE-2009-4561 (Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague ...)
+CVE-2009-4561
 	NOT-FOR-US: WebLeague
-CVE-2009-4560 (SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows ...)
+CVE-2009-4560
 	NOT-FOR-US: WebLeague
-CVE-2009-4559 (Cross-site scripting (XSS) vulnerability in the Submitted By module ...)
+CVE-2009-4559
 	NOT-FOR-US: module for Drupal
-CVE-2009-4558 (The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before ...)
+CVE-2009-4558
 	NOT-FOR-US: module for Drupal
-CVE-2009-4557 (Cross-site scripting (XSS) vulnerability in the Image Assist module ...)
+CVE-2009-4557
 	NOT-FOR-US: module for Drupal
-CVE-2009-4556 (Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security ...)
+CVE-2009-4556
 	NOT-FOR-US: Quick Heal products
-CVE-2009-4555 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4555
 	NOT-FOR-US: AgoraCart
-CVE-2009-4554 (Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums ...)
+CVE-2009-4554
 	NOT-FOR-US: Snitz Forums
-CVE-2009-4553 (Stack-based buffer overflow in iRehearse allows remote attackers to ...)
+CVE-2009-4553
 	NOT-FOR-US: iRehearse
-CVE-2009-4552 (Cross-site scripting (XSS) vulnerability in the Survey Pro module for ...)
+CVE-2009-4552
 	NOT-FOR-US: module for Miniweb
-CVE-2009-4551 (SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 ...)
+CVE-2009-4551
 	NOT-FOR-US: module for Miniweb
-CVE-2009-4550 (SQL injection vulnerability in the Kunena Forum (com_kunena) component ...)
+CVE-2009-4550
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4549 (Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote ...)
+CVE-2009-4549
 	NOT-FOR-US: A2 Media Player Pro
-CVE-2009-4548 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk ...)
+CVE-2009-4548
 	NOT-FOR-US: ViArt Helpdesk
-CVE-2009-4547 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x ...)
+CVE-2009-4547
 	NOT-FOR-US: ViArt CMS
-CVE-2009-4546 (globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers ...)
+CVE-2009-4546
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4545 (Logoshows BBS 2.0 stores sensitive information under the web root with ...)
+CVE-2009-4545
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4544 (Cross-site scripting (XSS) vulnerability in kbase/kbase.php in ...)
+CVE-2009-4544
 	NOT-FOR-US: Cromosoft Technologies Facil Helpdesk
-CVE-2009-4543 (PHP remote file inclusion vulnerability in index.php in Cromosoft ...)
+CVE-2009-4543
 	NOT-FOR-US: Cromosoft Technologies Facil Helpdesk
-CVE-2009-4542 (Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft ...)
+CVE-2009-4542
 	NOT-FOR-US: IsolSoft Support Center
-CVE-2009-4541 (Multiple PHP remote file inclusion vulnerabilities in IsolSoft Support ...)
+CVE-2009-4541
 	NOT-FOR-US: IsolSoft Support Center
-CVE-2009-4540 (SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows ...)
+CVE-2009-4540
 	NOT-FOR-US: Mini CMS
-CVE-2009-4539 (Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager ...)
+CVE-2009-4539
 	NOT-FOR-US: SQLiteManager
-CVE-2009-4538 (drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel ...)
+CVE-2009-4538
 	{DSA-2005-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6 (low; bug #564114)
 	[etch] - linux-2.6 <not-affected> (does not have e1000e driver)
 	- linux-2.6.24 <removed> (low)
 	NOTE: just like CVE-2009-4536 but was reported later
-CVE-2009-4537 (drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 ...)
+CVE-2009-4537
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-11 (medium; bug #564110; bug #591581)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4536 (drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel ...)
+CVE-2009-4536
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6 (low; bug #564114)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-4535 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...)
+CVE-2009-4535
 	NOT-FOR-US: Mongoose
-CVE-2009-4534 (Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before ...)
+CVE-2009-4534
 	NOT-FOR-US: module for Drupal
-CVE-2009-4533 (The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module ...)
+CVE-2009-4533
 	NOT-FOR-US: module for Drupal
-CVE-2009-4532 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...)
+CVE-2009-4532
 	NOT-FOR-US: module for Drupal
-CVE-2009-4531 (httpdx 1.4.4 and earlier allows remote attackers to obtain the source ...)
+CVE-2009-4531
 	NOT-FOR-US: httpdx
-CVE-2009-4530 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...)
+CVE-2009-4530
 	NOT-FOR-US: Mongoose
-CVE-2009-4529 (InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote ...)
+CVE-2009-4529
 	NOT-FOR-US: InterVations NaviCOPA Web Server
-CVE-2009-4528 (The Organic Groups (OG) Vocabulary module 6.x before 6.x-1.0 for ...)
+CVE-2009-4528
 	NOT-FOR-US: module for Drupal
-CVE-2009-4527 (The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before ...)
+CVE-2009-4527
 	NOT-FOR-US: module for Drupal
-CVE-2009-4526 (The Send by e-mail sub-module in the Print (aka Printer, e-mail and ...)
+CVE-2009-4526
 	NOT-FOR-US: module for Drupal
-CVE-2009-4525 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, ...)
+CVE-2009-4525
 	NOT-FOR-US: module for Drupal
-CVE-2009-4524 (Cross-site scripting (XSS) vulnerability in the RealName module ...)
+CVE-2009-4524
 	NOT-FOR-US: module for Drupal
-CVE-2009-4523 (Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 ...)
+CVE-2009-4523
 	NOT-FOR-US: Zainu
-CVE-2009-4522 (Cross-site scripting (XSS) vulnerability in search.5.html in ...)
+CVE-2009-4522
 	NOT-FOR-US: BloofoxCMS
-CVE-2009-4521 (Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse ...)
+CVE-2009-4521
 	NOT-FOR-US: Eclipse Business Intelligence and Reporting Tools
-CVE-2009-4520 (The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before ...)
+CVE-2009-4520
 	NOT-FOR-US: module for Drupal
-CVE-2009-4519 (Multiple unspecified vulnerabilities in Ortro before 1.3.4 have ...)
+CVE-2009-4519
 	NOT-FOR-US: Ortro
-CVE-2009-4518 (Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x ...)
+CVE-2009-4518
 	NOT-FOR-US: module for Drupal
-CVE-2009-4517 (Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module ...)
+CVE-2009-4517
 	NOT-FOR-US: module for Drupal
-CVE-2009-4516 (Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and ...)
+CVE-2009-4516
 	NOT-FOR-US: module for Drupal
-CVE-2009-4515 (The Storm module 6.x before 6.x-1.25 for Drupal does not enforce ...)
+CVE-2009-4515
 	NOT-FOR-US: module for Drupal
-CVE-2009-4514 (Cross-site scripting (XSS) vulnerability in the OpenSocial ...)
+CVE-2009-4514
 	NOT-FOR-US: module for Drupal
-CVE-2009-4513 (Multiple cross-site scripting (XSS) vulnerabilities in the Workflow ...)
+CVE-2009-4513
 	NOT-FOR-US: module for Drupal
-CVE-2009-4512 (Directory traversal vulnerability in index.php in Oscailt 3.3, when ...)
+CVE-2009-4512
 	NOT-FOR-US: Oscailt
-CVE-2009-4511 (Multiple directory traversal vulnerabilities in the web administration ...)
+CVE-2009-4511
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2009-4510 (The SSH service on the TANDBERG Video Communication Server (VCS) ...)
+CVE-2009-4510
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2009-4509 (The administrative web console on the TANDBERG Video Communication ...)
+CVE-2009-4509
 	NOT-FOR-US: TANDBERG Video Communication Server
 CVE-2009-4508
 	RESERVED
@@ -1466,476 +1466,476 @@ CVE-2009-4507
 	RESERVED
 CVE-2009-4506
 	RESERVED
-CVE-2009-4505 (Multiple cross-site scripting (XSS) vulnerabilities in OpenCMS OAMP ...)
+CVE-2009-4505
 	NOT-FOR-US: OpenCMS
 CVE-2009-4504
 	RESERVED
 CVE-2009-4503
 	RESERVED
-CVE-2009-4502 (The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, ...)
+CVE-2009-4502
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4501 (The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix ...)
+CVE-2009-4501
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4500 (The process_trap function in trapper/trapper.c in Zabbix Server before ...)
+CVE-2009-4500
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4499 (SQL injection vulnerability in the get_history_lastid function in the ...)
+CVE-2009-4499
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4498 (The node_process_command function in Zabbix Server before 1.8 allows ...)
+CVE-2009-4498
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4497 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 ...)
+CVE-2009-4497
 	{DSA-2092-1}
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #575745)
 	NOTE: http://sourceforge.net/mailarchive/forum.php?thread_name=E1NS2s4-0001PE-F2@3bkjzd1.ch3.sourceforge.com&forum_name=lxr-developer
-CVE-2009-4496 (Boa 0.94.14rc21 writes data to a log file without sanitizing ...)
+CVE-2009-4496
 	- boa 0.94.14rc21-4 (unimportant; bug #578035)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4495 (Yaws 1.85 writes data to a log file without sanitizing non-printable ...)
+CVE-2009-4495
 	- yaws <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4494 (AOLserver 4.5.1 writes data to a log file without sanitizing ...)
+CVE-2009-4494
 	- aolserver4 <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4493 (Orion Application Server 2.0.7 writes data to a log file without ...)
+CVE-2009-4493
 	NOT-FOR-US: Orion httpd
-CVE-2009-4492 (WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through ...)
+CVE-2009-4492
 	- ruby1.8 1.8.7.249-1 (unimportant; bug #564598)
 	- ruby1.9 <removed> (unimportant; bug #564647)
 	- ruby1.9.1 1.9.1.378-1 (unimportant; bug #564646)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
 	NOTE: same as CVE-2009-4487
-CVE-2009-4491 (thttpd 2.25b0 writes data to a log file without sanitizing ...)
+CVE-2009-4491
 	- thttpd <removed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4490 (mini_httpd 1.19 writes data to a log file without sanitizing ...)
+CVE-2009-4490
 	- mini-httpd <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4489 (header.c in Cherokee before 0.99.32 writes data to a log file without ...)
+CVE-2009-4489
 	- cherokee 0.99.37-1 (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4488 (** DISPUTED ** Varnish 2.0.6 writes data to a log file without ...)
+CVE-2009-4488
 	- varnish <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4487 (nginx 0.7.64 writes data to a log file without sanitizing ...)
+CVE-2009-4487
 	- nginx <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4486 (Stack-based buffer overflow in the eDirectory plugin in Novell ...)
+CVE-2009-4486
 	NOT-FOR-US: iManager
 CVE-2009-4485
 	REJECTED
-CVE-2009-4484 (Multiple stack-based buffer overflows in the CertDecoder::GetName ...)
+CVE-2009-4484
 	{DSA-1997-1}
 	- mysql-dfsg-5.0 <removed> (medium)
 	- mysql-5.1 5.1.41-4 (medium)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: http://web.archive.org/web/20100129040903/http://intevydis.blogspot.com:80/2010/01/mysq-yassl-stack-overflow.html
 	NOTE: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1
-CVE-2009-4483 (Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows ...)
+CVE-2009-4483
 	NOT-FOR-US: MailSite
-CVE-2009-4482 (Buffer overflow in MediaServer.exe in TVersity 1.6 allows remote ...)
+CVE-2009-4482
 	NOT-FOR-US: TVersity
 CVE-2009-4481
 	REJECTED
-CVE-2009-4480 (Buffer overflow in the web service in AzeoTech DAQFactory 5.77 might ...)
+CVE-2009-4480
 	NOT-FOR-US: AzeoTech DAQFactory
-CVE-2009-4479 (LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a denial ...)
+CVE-2009-4479
 	NOT-FOR-US: MailSite
-CVE-2009-4478 (Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real ...)
+CVE-2009-4478
 	NOT-FOR-US: Xstate Real Estate
-CVE-2009-4477 (SQL injection vulnerability in page.html in Xstate Real Estate 1.0 ...)
+CVE-2009-4477
 	NOT-FOR-US: Xstate Real Estate
-CVE-2009-4476 (Stack-based buffer overflow in HAURI ViRobot Desktop 5.5 before ...)
+CVE-2009-4476
 	NOT-FOR-US: HAURI ViRobot Desktop
-CVE-2009-4475 (SQL injection vulnerability in the Joomlub (com_joomlub) component for ...)
+CVE-2009-4475
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4474 (SQL injection vulnerability in the Mike de Boer zoom (com_zoom) ...)
+CVE-2009-4474
 	NOT-FOR-US: Mambo component
-CVE-2009-4473 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-4473
 	NOT-FOR-US: Ektron CMS400.NET
-CVE-2009-4472 (Multiple PHP remote file inclusion vulnerabilities in PHPope 1.0.0 and ...)
+CVE-2009-4472
 	NOT-FOR-US: PHPope
-CVE-2009-4471 (Multiple PHP remote file inclusion vulnerabilities in FreeSchool 1.1.0 ...)
+CVE-2009-4471
 	NOT-FOR-US: FreeSchool
-CVE-2009-4470 (SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows ...)
+CVE-2009-4470
 	NOT-FOR-US: DVBBS
-CVE-2009-4469 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-4469
 	NOT-FOR-US: phpPowerCards
-CVE-2009-4468 (Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB 1.3 ...)
+CVE-2009-4468
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4467 (misc.php in DeluxeBB 1.3 allows remote attackers to register accounts ...)
+CVE-2009-4467
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4466 (DeluxeBB 1.3 allows remote attackers to obtain sensitive information ...)
+CVE-2009-4466
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4465 (DeluxeBB 1.3 stores sensitive information under the web root with ...)
+CVE-2009-4465
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4464 (Cross-site scripting (XSS) vulnerability in searchadvance.asp in ...)
+CVE-2009-4464
 	NOT-FOR-US: Active Business Directory
-CVE-2009-4463 (Intellicom NetBiter WebSCADA devices use default passwords for the ...)
+CVE-2009-4463
 	NOT-FOR-US: Intellicom NetBiter WebSCADA
-CVE-2009-4462 (Stack-based buffer overflow in the NetBiterConfig utility ...)
+CVE-2009-4462
 	NOT-FOR-US: Intellicom NetBiter WebSCADA
-CVE-2009-4461 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 ...)
+CVE-2009-4461
 	- flatpress <itp> (bug #466297)
-CVE-2009-4460 (Multiple cross-site scripting (XSS) vulnerabilities in Auto-Surf ...)
+CVE-2009-4460
 	NOT-FOR-US: Auto-Surf Traffic Exchange Script
-CVE-2009-4459 (Redmine 0.8.7 and earlier uses the title tag before defining the ...)
+CVE-2009-4459
 	- redmine 0.9.1-1 (bug #563940)
-CVE-2009-4565 (sendmail before 8.14.4 does not properly handle a '\0' character in a ...)
+CVE-2009-4565
 	{DSA-1985-1}
 	- sendmail 8.14.3-9.1 (medium; bug #564581)
 	NOTE: http://www.sendmail.org/releases/8.14.4
-CVE-2009-4458 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 ...)
+CVE-2009-4458
 	NOT-FOR-US: FreePBX
-CVE-2009-4457 (Multiple unspecified vulnerabilities in the Vsftpd Webmin module ...)
+CVE-2009-4457
 	NOT-FOR-US: Webmin
-CVE-2009-4456 (SQL injection vulnerability in news_detail.php in Green Desktiny ...)
+CVE-2009-4456
 	NOT-FOR-US: Green Desktiny
-CVE-2009-4455 (The default configuration of Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2009-4455
 	NOT-FOR-US: Cisco
-CVE-2009-4454 (vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user ...)
+CVE-2009-4454
 	- videocache <itp> (bug #505329)
-CVE-2009-4453 (Insecure method vulnerability in SoftCab Sound Converter ActiveX ...)
+CVE-2009-4453
 	NOT-FOR-US: SoftCab Sound Converter ActiveX
-CVE-2009-4452 (Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; ...)
+CVE-2009-4452
 	NOT-FOR-US: Kaspersky Anti-Viru
-CVE-2009-4451 (Unrestricted file upload vulnerability in upper.php in kandalf upper ...)
+CVE-2009-4451
 	NOT-FOR-US: kandalf upper
-CVE-2009-4450 (Multiple cross-site scripting (XSS) vulnerabilities in map.php in ...)
+CVE-2009-4450
 	NOT-FOR-US: LiveZilla
-CVE-2009-4449 (Directory traversal vulnerability in MyBB (aka MyBulletinBoard) ...)
+CVE-2009-4449
 	NOT-FOR-US: MyBB
-CVE-2009-4448 (inc/functions_time.php in MyBB (aka MyBulletinBoard) 1.4.10, and ...)
+CVE-2009-4448
 	NOT-FOR-US: MyBB
-CVE-2009-4447 (Jax Guestbook 3.5.0 allows remote attackers to bypass authentication ...)
+CVE-2009-4447
 	NOT-FOR-US: Jax Guestbook
-CVE-2009-4446 (Cross-site scripting (XSS) vulnerability in admin.php in ...)
+CVE-2009-4446
 	NOT-FOR-US: phpInstantGallery
-CVE-2009-4445 (Microsoft Internet Information Services (IIS), when used in ...)
+CVE-2009-4445
 	NOT-FOR-US: Microsoft
-CVE-2009-4444 (Microsoft Internet Information Services (IIS) 5.x and 6.x uses only ...)
+CVE-2009-4444
 	NOT-FOR-US: Microsoft
-CVE-2009-4443 (Unspecified vulnerability in the psearch (aka persistent search) ...)
+CVE-2009-4443
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4442 (Directory Proxy Server (DPS) in Sun Java System Directory Server ...)
+CVE-2009-4442
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4441 (Directory Proxy Server (DPS) in Sun Java System Directory Server ...)
+CVE-2009-4441
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4440 (Directory Proxy Server (DPS) in Sun Java System Directory Server ...)
+CVE-2009-4440
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4439 (Unspecified vulnerability in the Query Compiler, Rewrite, and ...)
+CVE-2009-4439
 	NOT-FOR-US: DB2
-CVE-2009-4438 (The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 ...)
+CVE-2009-4438
 	NOT-FOR-US: DB2
-CVE-2009-4437 (Multiple SQL injection vulnerabilities in Active Auction House 3.6 ...)
+CVE-2009-4437
 	NOT-FOR-US: Active Auction House 3.6
-CVE-2009-4436 (Multiple SQL injection vulnerabilities in Active Web Softwares ...)
+CVE-2009-4436
 	NOT-FOR-US: Active Web Softwares eWebquiz
-CVE-2009-4435 (Multiple directory traversal vulnerabilities in F3Site 2009 allow ...)
+CVE-2009-4435
 	NOT-FOR-US: F3Site 2009
-CVE-2009-4434 (Directory traversal vulnerability in index.php in IDevSpot iSupport ...)
+CVE-2009-4434
 	NOT-FOR-US: IDevSpot
-CVE-2009-4433 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot ...)
+CVE-2009-4433
 	NOT-FOR-US: IDevSpot
-CVE-2009-4432 (SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 ...)
+CVE-2009-4432
 	NOT-FOR-US: CodeMight VideoCMS
-CVE-2009-4431 (PHP remote file inclusion vulnerability in cal_popup.php in the ...)
+CVE-2009-4431
 	NOT-FOR-US: Joomla addon
-CVE-2009-4430 (SQL injection vulnerability in index.php in VirtueMart 1.0 allows ...)
+CVE-2009-4430
 	NOT-FOR-US: VirtueMart
-CVE-2009-4429 (Cross-site scripting (XSS) vulnerability in the Sections module 5.x ...)
+CVE-2009-4429
 	NOT-FOR-US: Drupal addon
-CVE-2009-4428 (SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) ...)
+CVE-2009-4428
 	NOT-FOR-US: Joomla addon
-CVE-2009-4427 (Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 ...)
+CVE-2009-4427
 	{DSA-1965-1}
 	- phpldapadmin 1.1.0.7-1.1 (medium; bug #561975)
 	[etch] - phpldapadmin <not-affected> (Vulnerable code not present)
-CVE-2009-4426 (Multiple directory traversal vulnerabilities in Ignition 1.2, when ...)
+CVE-2009-4426
 	NOT-FOR-US: Ignition
-CVE-2009-4425 (Cross-site scripting (XSS) vulnerability in index.php in iDevCart 1.09 ...)
+CVE-2009-4425
 	NOT-FOR-US: iDevCart
-CVE-2009-4424 (SQL injection vulnerability in results.php in the Pyrmont plugin 2 for ...)
+CVE-2009-4424
 	NOT-FOR-US: Wordpress plugin
 CVE-2009-XXXX [ampache DoS and CSRF]
 	- ampache 3.5.3-1 (low)
 	[lenny] - ampache <no-dsa> (minor issue)
-CVE-2009-4423 (SQL injection vulnerability in index.php in weenCompany 4.0.0 allows ...)
+CVE-2009-4423
 	NOT-FOR-US: weenCompany
-CVE-2009-4422 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2009-4422
 	- libphp-jpgraph <not-affected> (Vulnerable code not present)
-CVE-2009-4421 (Directory traversal vulnerability in languages_cgi.php in Simple PHP ...)
+CVE-2009-4421
 	NOT-FOR-US: Simple PHP Blog
-CVE-2009-4420 (Buffer overflow in the bd daemon in F5 Networks BIG-IP Application ...)
+CVE-2009-4420
 	NOT-FOR-US: F5 Networks BIG-IP Application Security Manager (ASM) and Protocol Security Manager (PSM)
-CVE-2009-4419 (Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the ...)
+CVE-2009-4419
 	NOT-FOR-US: Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets
-CVE-2009-4418 (The unserialize function in PHP 5.3.0 and earlier allows ...)
+CVE-2009-4418
 	- php5 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script, not treated as a security issue
 	NOTE: per Debian PHP security policy
-CVE-2009-4417 (The shutdown function in the Zend_Log_Writer_Mail class in Zend ...)
+CVE-2009-4417
 	NOTE: the CVE talks about the Zend Framework, but the culprit
 	NOTE: is actually piwik
-CVE-2009-4416 (Cross-site scripting (XSS) vulnerability in login.php in phpGroupWare ...)
+CVE-2009-4416
 	{DSA-1978-1}
 	- phpgroupware 1:0.9.16.012+dfsg-9
-CVE-2009-4415 (Multiple directory traversal vulnerabilities in phpGroupWare ...)
+CVE-2009-4415
 	{DSA-1978-1}
 	- phpgroupware 1:0.9.16.012+dfsg-9
-CVE-2009-4414 (SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in ...)
+CVE-2009-4414
 	{DSA-1978-1}
 	- phpgroupware 1:0.9.16.012+dfsg-9
-CVE-2009-4412 (Unrestricted file upload vulnerability in Serendipity before 1.5 ...)
+CVE-2009-4412
 	- serendipity 1.5.3-1 (low; bug #562634)
-CVE-2009-4411 (The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when ...)
+CVE-2009-4411
 	- acl 2.2.49-2 (low; bug #499076)
 	[etch] - acl <not-affected> (Vulnerable code not present)
 	[lenny] - acl <no-dsa> (Minor issue, symlink attack not always as root)
 	NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499076#51
-CVE-2009-4409 (The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP ...)
+CVE-2009-4409
 	NOT-FOR-US: Internet Initiative Japan SEIL/B1 firmware
-CVE-2009-4408 (Multiple cross-site scripting (XSS) vulnerabilities in models.parser ...)
+CVE-2009-4408
 	NOT-FOR-US: PyForum
-CVE-2009-4407 (Multiple cross-site request forgery (CSRF) vulnerabilities in PyForum ...)
+CVE-2009-4407
 	NOT-FOR-US: PyForum
-CVE-2009-4406 (Cross-site scripting (XSS) vulnerability in Forms/login1 in American ...)
+CVE-2009-4406
 	NOT-FOR-US: APC Switched Rack PDU AP7932 B2
-CVE-2009-4405 (Multiple unspecified vulnerabilities in Trac before 0.11.6 have ...)
+CVE-2009-4405
 	- trac 0.11.6-1 (low)
 	[lenny] - trac <no-dsa> (Minor information disclosure)
-CVE-2009-4404 (Unspecified vulnerability in t-prot (TOFU Protection) before 2.8 ...)
+CVE-2009-4404
 	- t-prot 2.8-1 (low)
 	[etch] - t-prot <no-dsa> (Minor issue)
 	[lenny] - t-prot <no-dsa> (Minor issue)
-CVE-2009-4403 (Cross-site scripting (XSS) vulnerability in index.php in Rumba XML 1.8 ...)
+CVE-2009-4403
 	NOT-FOR-US: Rumba XML
-CVE-2009-4402 (The default configuration of SQL-Ledger 2.8.24 allows remote attackers ...)
+CVE-2009-4402
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-4410 (The fuse_ioctl_copy_user function in the ioctl handler in ...)
+CVE-2009-4410
 	- linux-2.6 2.6.32-1 (low)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
-CVE-2009-4401 (SQL injection vulnerability in the Parish Administration Database ...)
+CVE-2009-4401
 	NOT-FOR-US: ste_parish_admin typo3 extension
-CVE-2009-4400 (Cross-site scripting (XSS) vulnerability in the Parish Administration ...)
+CVE-2009-4400
 	NOT-FOR-US: ste_parish_admin typo3 extension
-CVE-2009-4399 (SQL injection vulnerability in the Parish of the Holy Spirit Religious ...)
+CVE-2009-4399
 	NOT-FOR-US: hs_religiousartgallery typo3 extension
-CVE-2009-4398 (Cross-site scripting (XSS) vulnerability in the Parish of the Holy ...)
+CVE-2009-4398
 	NOT-FOR-US: hs_religiousartgallery typo3 extension
-CVE-2009-4397 (Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth ...)
+CVE-2009-4397
 	NOT-FOR-US: pd_resources typo3 extension
-CVE-2009-4396 (SQL injection vulnerability in the Diocese of Portsmouth Resources ...)
+CVE-2009-4396
 	NOT-FOR-US: pd_resources typo3 extension
-CVE-2009-4395 (Cross-site scripting (XSS) vulnerability in the Random Prayer 2 ...)
+CVE-2009-4395
 	NOT-FOR-US: ste_prayer2 typo3 extension
-CVE-2009-4394 (SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) ...)
+CVE-2009-4394
 	NOT-FOR-US: ste_prayer2 typo3 extension
-CVE-2009-4393 (SQL injection vulnerability in the Document Directorys ...)
+CVE-2009-4393
 	NOT-FOR-US: danp_documentdirs
-CVE-2009-4392 (SQL injection vulnerability in the XDS Staff List (xds_staff) ...)
+CVE-2009-4392
 	NOT-FOR-US: xds_staff typo3 extension
-CVE-2009-4391 (Cross-site scripting (XSS) vulnerability in the File list (dr_blob) ...)
+CVE-2009-4391
 	NOT-FOR-US: dr_blob typo3 extension
-CVE-2009-4390 (SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 ...)
+CVE-2009-4390
 	NOT-FOR-US: car typo3 extension
-CVE-2009-4389 (Unspecified vulnerability in the Watchdog (aba_watchdog) extension ...)
+CVE-2009-4389
 	NOT-FOR-US: aba_watchdog typo3 extension
-CVE-2009-4388 (Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) ...)
+CVE-2009-4388
 	NOT-FOR-US: nl_listman typo3 extension
-CVE-2009-4387 (The cross-site scripting (XSS) protection mechanism in ...)
+CVE-2009-4387
 	NOT-FOR-US: ManageEngine Password Manager Pro (PMP)
-CVE-2009-4386 (SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur ...)
+CVE-2009-4386
 	NOT-FOR-US: Venalsur Booking Centre Booking System
-CVE-2009-4385 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4385
 	NOT-FOR-US: Scriptsez.net Ez Poll Hoster
-CVE-2009-4384 (Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net ...)
+CVE-2009-4384
 	NOT-FOR-US: Scriptsez.net Ez Poll Hoster
-CVE-2009-4383 (Directory traversal vulnerability in Pforum.php in Rocomotion P forum ...)
+CVE-2009-4383
 	NOT-FOR-US: Rocomotion P forum
-CVE-2009-4382 (Cross-site scripting (XSS) vulnerability in module.php in PHPFABER ...)
+CVE-2009-4382
 	NOT-FOR-US: PHPFABER CMS
-CVE-2009-4381 (Cross-site scripting (XSS) vulnerability in index.php in texmedia ...)
+CVE-2009-4381
 	NOT-FOR-US: texmedia Million Pixel Script
-CVE-2009-4380 (Multiple SQL injection vulnerabilities in Valarsoft Webmatic before ...)
+CVE-2009-4380
 	NOT-FOR-US: Valarsoft Webmatic
-CVE-2009-4379 (Multiple cross-site scripting (XSS) vulnerabilities in Valarsoft ...)
+CVE-2009-4379
 	NOT-FOR-US: Valarsoft Webmatic
-CVE-2009-4378 (The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows ...)
+CVE-2009-4378
 	- wireshark <not-affected> (Windows-specific)
-CVE-2009-4377 (The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 ...)
+CVE-2009-4377
 	{DSA-1983-1}
 	- wireshark 1.2.5-1
 	[etch] - wireshark <no-dsa> (Minor issue)
-CVE-2009-4376 (Buffer overflow in the daintree_sna_read function in the Daintree SNA ...)
+CVE-2009-4376
 	- wireshark 1.2.5-1
 	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
-CVE-2009-4375 (SQL injection vulnerability in repository/repository_attachment.php in ...)
+CVE-2009-4375
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4374 (Directory traversal vulnerability in ...)
+CVE-2009-4374
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4373 (Unrestricted file upload vulnerability in ...)
+CVE-2009-4373
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4372 (AlienVault Open Source Security Information Management (OSSIM) 2.1.5, ...)
+CVE-2009-4372
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4371 (Cross-site scripting (XSS) vulnerability in the Locale module ...)
+CVE-2009-4371
 	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 6.6-3lenny4
 	- drupal5 5.21-1
 	[lenny] - drupal5 <no-dsa> (Minor issue, requires auth)
-CVE-2009-4370 (Cross-site scripting (XSS) vulnerability in the Menu module ...)
+CVE-2009-4370
 	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 6.6-3lenny4
 	- drupal5 5.21-1
 	[lenny] - drupal5 <no-dsa> (Minor issue, requires auth)
-CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module ...)
+CVE-2009-4369
 	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 6.6-3lenny4
 	- drupal5 5.21-1 (low)
 	[lenny] - drupal5 <no-dsa> (Minor issue, requires auth)
-CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have ...)
+CVE-2009-4368
 	NOT-FOR-US: Centreon
-CVE-2009-4367 (The Staging Webservice (&quot;sitecore modules/staging/service/api.asmx&quot;) ...)
+CVE-2009-4367
 	NOT-FOR-US: Sitecore Staging Module
-CVE-2009-4366 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez ...)
+CVE-2009-4366
 	NOT-FOR-US: ScriptsEz Ez Blog
-CVE-2009-4365 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4365
 	NOT-FOR-US: ScriptsEz Ez Blog
-CVE-2009-4364 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez ...)
+CVE-2009-4364
 	NOT-FOR-US: ScriptsEz Ez Blog
-CVE-2009-4363 (Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application ...)
+CVE-2009-4363
 	{DSA-1966-1}
 	- horde3 3.3.6+debian0-1 (low)
-CVE-2009-4362 (Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users ...)
+CVE-2009-4362
 	NOT-FOR-US: IBM AIX
-CVE-2009-4361 (Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users ...)
+CVE-2009-4361
 	NOT-FOR-US: IBM AIX
-CVE-2009-4360 (SQL injection vulnerability in modules/content/index.php in the ...)
+CVE-2009-4360
 	NOT-FOR-US: XOOPS
-CVE-2009-4359 (Cross-site scripting (XSS) vulnerability in folder.php in the ...)
+CVE-2009-4359
 	NOT-FOR-US: XOOPS
-CVE-2009-4358 (freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure ...)
+CVE-2009-4358
 	NOT-FOR-US: freebsd-update
-CVE-2009-4357 (CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 ...)
+CVE-2009-4357
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2009-4356 (Multiple integer overflows in the jpeg.w5s and png.w5s filters in ...)
+CVE-2009-4356
 	NOT-FOR-US: Winamp
-CVE-2009-4355 (Memory leak in the zlib_stateful_finish function in ...)
+CVE-2009-4355
 	{DSA-1970-1}
 	- openssl 0.9.8k-8 (low)
 	[etch] - openssl <not-affected> (affects only 0.9.8f and later)
 	NOTE: apache2 packages in squeeze/sid do not seem to allow exploit
-CVE-2009-4354 (TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not ...)
+CVE-2009-4354
 	NOT-FOR-US: TransWARE Active
-CVE-2009-4353 (The Mobile Edition of TransWARE Active! mail 2003 build 2003.0139.0871 ...)
+CVE-2009-4353
 	NOT-FOR-US: TransWARE Active
-CVE-2009-4352 (Multiple cross-site scripting (XSS) vulnerabilities in TransWARE ...)
+CVE-2009-4352
 	NOT-FOR-US: TransWARE Active
-CVE-2009-4351 (SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, ...)
+CVE-2009-4351
 	NOT-FOR-US: WSCreator
-CVE-2009-4350 (SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 ...)
+CVE-2009-4350
 	NOT-FOR-US: Arctic Issue Tracker
-CVE-2009-4349 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2009-4349
 	NOT-FOR-US: Link Up Gold
-CVE-2009-4348 (Cross-site scripting (XSS) vulnerability in index.php in Harold ...)
+CVE-2009-4348
 	NOT-FOR-US: Harold Bakker's NewsScript
-CVE-2009-4347 (Cross-site scripting (XSS) vulnerability in daloradius-users/login.php ...)
+CVE-2009-4347
 	NOT-FOR-US: daloRADIUS
-CVE-2009-4346 (Cross-site scripting (XSS) vulnerability in the Frontend news ...)
+CVE-2009-4346
 	NOT-FOR-US: fe_rtenews typo3 extension
-CVE-2009-4345 (Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) ...)
+CVE-2009-4345
 	NOT-FOR-US: vShoutbox typo3 extension
-CVE-2009-4344 (Cross-site scripting (XSS) vulnerability in the ZID Linkliste ...)
+CVE-2009-4344
 	NOT-FOR-US: zid_linklist typo3 extension
-CVE-2009-4343 (Cross-site scripting (XSS) vulnerability in the Training Company ...)
+CVE-2009-4343
 	NOT-FOR-US: trainincdb typo3 extension
-CVE-2009-4342 (SQL injection vulnerability in the Job Exchange (jobexchange) ...)
+CVE-2009-4342
 	NOT-FOR-US: jobexchange typo3 extension
-CVE-2009-4341 (SQL injection vulnerability in the No indexed Search ...)
+CVE-2009-4341
 	NOT-FOR-US: no_indexed_search typo3 extension
-CVE-2009-4340 (Cross-site scripting (XSS) vulnerability in the No indexed Search ...)
+CVE-2009-4340
 	NOT-FOR-US: no_indexed_search typo3 extension
-CVE-2009-4339 (SQL injection vulnerability in the Subscription (mf_subscription) ...)
+CVE-2009-4339
 	NOT-FOR-US: mf_subscription typo3 extension
-CVE-2009-4338 (SQL injection vulnerability in the Flash SlideShow (slideshow) ...)
+CVE-2009-4338
 	NOT-FOR-US: slideshow typo3 extension
-CVE-2009-4337 (SQL injection vulnerability in the Diocese of Portsmouth Calendar ...)
+CVE-2009-4337
 	NOT-FOR-US: pd_calendar typo3 extension
-CVE-2009-4336 (Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth ...)
+CVE-2009-4336
 	NOT-FOR-US: pd_calendar typo3 extension
-CVE-2009-4335 (Multiple unspecified vulnerabilities in bundled stored procedures in ...)
+CVE-2009-4335
 	NOT-FOR-US: IBM DB2
-CVE-2009-4334 (The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before ...)
+CVE-2009-4334
 	NOT-FOR-US: IBM DB2
-CVE-2009-4333 (The Relational Data Services component in IBM DB2 9.5 before FP5 ...)
+CVE-2009-4333
 	NOT-FOR-US: IBM DB2
-CVE-2009-4332 (db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 ...)
+CVE-2009-4332
 	NOT-FOR-US: IBM DB2
-CVE-2009-4331 (The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 ...)
+CVE-2009-4331
 	NOT-FOR-US: IBM DB2
-CVE-2009-4330 (Unspecified vulnerability in db2licm in the Engine Utilities component ...)
+CVE-2009-4330
 	NOT-FOR-US: IBM DB2
-CVE-2009-4329 (Unspecified vulnerability in the Engine Utilities component in IBM DB2 ...)
+CVE-2009-4329
 	NOT-FOR-US: IBM DB2
-CVE-2009-4328 (Unspecified vulnerability in the DRDA Services component in IBM DB2 ...)
+CVE-2009-4328
 	NOT-FOR-US: IBM DB2
-CVE-2009-4327 (The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and ...)
+CVE-2009-4327
 	NOT-FOR-US: IBM DB2
-CVE-2009-4326 (The RAND scalar function in the Common Code Infrastructure component ...)
+CVE-2009-4326
 	NOT-FOR-US: IBM DB2
-CVE-2009-4325 (The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before ...)
+CVE-2009-4325
 	NOT-FOR-US: IBM DB2
 CVE-2009-XXXX [libhaml-ruby XSS issue]
 	- libhaml-ruby 2.2.8-1
 CVE-2009-XXXX [roundup: unspecified issue]
 	- roundup 1.4.11-1
-CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in ...)
+CVE-2009-4324
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-4323 (The installation for Zen Cart stores sensitive information and ...)
+CVE-2009-4323
 	NOT-FOR-US: Zen Cart
-CVE-2009-4322 (extras/ipn_test_return.php in Zen Cart allows remote attackers to ...)
+CVE-2009-4322
 	NOT-FOR-US: Zen Cart
-CVE-2009-4321 (extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other ...)
+CVE-2009-4321
 	NOT-FOR-US: Zen Cart
-CVE-2009-4320 (Cross-site scripting (XSS) vulnerability in searchform.php in The Next ...)
+CVE-2009-4320
 	NOT-FOR-US: The Next Generation of Genealogy Sitebuilding
-CVE-2009-4319 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-4319
 	NOT-FOR-US: eoCMS
-CVE-2009-4318 (Cross-site scripting (XSS) vulnerability in index.php in Real Estate ...)
+CVE-2009-4318
 	NOT-FOR-US: Real Estate Manager
-CVE-2009-4317 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez ...)
+CVE-2009-4317
 	NOT-FOR-US: ScriptsEz
-CVE-2009-4316 (Cross-site scripting (XSS) vulnerability in searchresults_main.php in ...)
+CVE-2009-4316
 	NOT-FOR-US: ZeeLyrics
-CVE-2009-4315 (Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS ...)
+CVE-2009-4315
 	NOT-FOR-US: Nuggetz CMS
-CVE-2009-4314 (Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group ...)
+CVE-2009-4314
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-4313 (ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 ...)
+CVE-2009-4313
 	NOT-FOR-US: Microsoft
-CVE-2009-4312 (Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 ...)
+CVE-2009-4312
 	NOT-FOR-US: Microsoft
-CVE-2009-4311 (Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 ...)
+CVE-2009-4311
 	NOT-FOR-US: Microsoft
-CVE-2009-4310 (Stack-based buffer overflow in the Intel Indeo41 codec for Windows ...)
+CVE-2009-4310
 	NOT-FOR-US: Microsoft
-CVE-2009-4309 (Heap-based buffer overflow in the Intel Indeo41 codec for Windows ...)
+CVE-2009-4309
 	NOT-FOR-US: Microsoft
-CVE-2009-4308 (The ext4_decode_error function in fs/ext4/super.c in the ext4 ...)
+CVE-2009-4308
 	{DSA-2005-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (ext4 introduced in 2.6.19)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4307 (The ext4_fill_flex_info function in fs/ext4/super.c in the Linux ...)
+CVE-2009-4307
 	{DSA-2443-1}
 	- linux-2.6 2.6.32-2 (low)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	- linux-2.6.24 <not-affected> (vulnerabile code introduced in 2.6.27)
-CVE-2009-4306 (Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ...)
+CVE-2009-4306
 	- linux-2.6 2.6.32-2 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
@@ -1974,30 +1974,30 @@ CVE-2009-4276
 	REJECTED
 CVE-2009-4275
 	REJECTED
-CVE-2009-4274 (Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm ...)
+CVE-2009-4274
 	{DSA-2026-1 DTSA-206-1}
 	- netpbm-free 2:10.0-12.2 (medium; bug #569060)
-CVE-2009-4273 (stap-server in SystemTap before 1.1 allows remote attackers to execute ...)
+CVE-2009-4273
 	- systemtap 1.1-1 (bug #568865)
 	[lenny] - systemtap <not-affected> (Server component not yet present)
 	[etch] - systemtap <not-affected> (Server component not yet present)
-CVE-2009-4272 (A certain Red Hat patch for net/ipv4/route.c in the Linux kernel ...)
+CVE-2009-4272
 	- linux-2.6 2.6.31-1 (medium)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.27)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545411
-CVE-2009-4271 (The Linux kernel 2.6.9 through 2.6.17 on the x86_64 and amd64 ...)
+CVE-2009-4271
 	- linux-2.6 2.6.18-1
-CVE-2009-4270 (Stack-based buffer overflow in the errprintf function in base/gsmisc.c ...)
+CVE-2009-4270
 	{DSA-2080-1}
 	- ghostscript 8.70~dfsg-2.1 (medium; bug #562643)
-CVE-2009-4269 (The password hash generation algorithm in the BUILTIN authentication ...)
+CVE-2009-4269
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://issues.apache.org/jira/browse/DERBY-4483
 CVE-2009-4268
 	REJECTED
-CVE-2009-4267 (The console in Apache jUDDI 3.0.0 does not properly escape line feeds, ...)
+CVE-2009-4267
 	NOT-FOR-US: Apache jUDDI
 CVE-2009-XXXX [gnome-screensaver inhibitor not removed when connection is closed]
 	- gnome-screensaver 2.28.0-2 (low; bug #560895)
@@ -2005,7 +2005,7 @@ CVE-2009-XXXX [gnome-screensaver inhibitor not removed when connection is closed
 	[lenny] - gnome-screensaver <not-affected> (vulnerable code introduced in 2.28)
 	NOTE: the code in etch's version is more different but it seems to be affected
 	NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=284c9924969a49dbf2d5fae1d680d3310c4df4a3
-CVE-2009-5018 (Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier ...)
+CVE-2009-5018
 	- gif2png 2.5.2-1 (low; bug #550978)
 	[etch] - gif2png <no-dsa> (minor issue)
 	[lenny] - gif2png <no-dsa> (minor issue)
@@ -2022,7 +2022,7 @@ CVE-2009-XXXX [browser-based css info disclosure]
 	NOTE: Minor design issue
 CVE-2009-XXXX [xpat2: save game permissions issue]
 	- xpat2 1.07-17 (unimportant; bug #560087)
-CVE-2009-4144 (NetworkManager (NM) 0.7.2 does not ensure that the configured ...)
+CVE-2009-4144
 	- network-manager-applet 0.7.2-2 (low; bug #560067)
 	[lenny] - network-manager-applet <not-affected> (WPA/enterprise was added in 0.7.2)
 	- network-manager <not-affected> (vulnerable code is in -applet, which is a source package on its own as of 0.6.5)
@@ -2033,67 +2033,67 @@ CVE-2009-XXXX [unsafe xfs]
 CVE-2009-XXXX [xserver-xorg: inherits user's mask]
 	- xorg-server 2:1.7.2-1 (low; bug #555308)
 	[lenny] - xorg-server 2:1.4.2-10.lenny3
-CVE-2009-4296 (SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and ...)
+CVE-2009-4296
 	NOT-FOR-US: Taxonomy Timer module for Drupal
-CVE-2009-4295 (Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA ...)
+CVE-2009-4295
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-4294 (Unspecified vulnerability in the Authentication Manager (aka utauthd) ...)
+CVE-2009-4294
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-4293 (Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.30 ...)
+CVE-2009-4293
 	NOT-FOR-US: Internet Initiative Japan
-CVE-2009-4292 (Buffer overflow in the URL filtering function in Internet Initiative ...)
+CVE-2009-4292
 	NOT-FOR-US: Internet Initiative Japan
-CVE-2009-4266 (Cross-site scripting (XSS) vulnerability in search.php in YABSoft ...)
+CVE-2009-4266
 	NOT-FOR-US: YABSoft Advanced Image Hosting (AIH) Script
-CVE-2009-4265 (Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and ...)
+CVE-2009-4265
 	NOT-FOR-US: Ideal Administration
-CVE-2009-4264 (PHP remote file inclusion vulnerability in components/core/connect.php ...)
+CVE-2009-4264
 	NOT-FOR-US: AROUNDMe
-CVE-2009-4263 (SQL injection vulnerability in main_forum.php in PTCPay GeN3 forum 1.3 ...)
+CVE-2009-4263
 	NOT-FOR-US: PTCPay
-CVE-2009-4262 (Harold Bakker's NewsScript (HB-NS) 1.3 allows remote attackers to ...)
+CVE-2009-4262
 	NOT-FOR-US: Harold Bakker's Newscript HB-NS
 CVE-2009-XXXX [php-net-ping argument injection]
 	- php-net-ping 2.4.2-1.1 (medium)
 	[etch] - php-net-ping 2.4.2-1+etch1
 	[lenny] - php-net-ping 2.4.2-1+lenny1
-CVE-2009-4305 (SQL injection vulnerability in the SCORM module in Moodle 1.8 before ...)
+CVE-2009-4305
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (medium; bug #559531)
 	NOTE: MSA-09-0031
-CVE-2009-4304 (Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random ...)
+CVE-2009-4304
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (bug #559531)
 	[lenny] - moodle <no-dsa> (Minor issue)
 	[etch] - moodle <no-dsa> (Minor issue)
 	NOTE: MSA-09-0029
-CVE-2009-4303 (Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password ...)
+CVE-2009-4303
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0028
-CVE-2009-4302 (login/index_form.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 ...)
+CVE-2009-4302
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0027
-CVE-2009-4301 (mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when ...)
+CVE-2009-4301
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0026
-CVE-2009-4300 (Multiple unspecified authentication plugins in Moodle 1.8 before ...)
+CVE-2009-4300
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (bug #559531)
 	[lenny] - moodle <no-dsa> (Minor issue)
 	[etch] - moodle <no-dsa> (Minor issue)
 	NOTE: MSA-09-0025
-CVE-2009-4299 (mod/glossary/showentry.php in the Glossary module for Moodle 1.8 ...)
+CVE-2009-4299
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0024
-CVE-2009-4298 (The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before ...)
+CVE-2009-4298
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0023
-CVE-2009-4297 (Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle ...)
+CVE-2009-4297
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0022
@@ -2103,7 +2103,7 @@ CVE-2009-5042 [docutils insecure usage of temporary files]
 	[etch] - python-docutils <not-affected> (vulnerable code introduced in 0.5)
 	[lenny] - python-docutils 0.5-2+lenny1
 	NOTE: cve requested
-CVE-2009-4261 (Multiple directory traversal vulnerabilities in the iallocator ...)
+CVE-2009-4261
 	{DSA-1959-1}
 	- ganeti 2.0.5-1 (low)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-019.html
@@ -2113,278 +2113,278 @@ CVE-2009-4259
 	RESERVED
 CVE-2009-4258
 	RESERVED
-CVE-2009-4257 (Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in ...)
+CVE-2009-4257
 	NOT-FOR-US: RealPlayer
-CVE-2009-4256 (Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 ...)
+CVE-2009-4256
 	NOT-FOR-US: AlefMentor
-CVE-2009-4255 (Cross-site scripting (XSS) vulnerability in the You!Hostit! template ...)
+CVE-2009-4255
 	NOT-FOR-US: Joomla! component
-CVE-2009-4254 (PowerPhlogger 2.2.5 allows remote attackers to obtain sensitive ...)
+CVE-2009-4254
 	NOT-FOR-US: PowerPhlogger
-CVE-2009-4253 (Cross-site scripting (XSS) vulnerability in dspStats.php in ...)
+CVE-2009-4253
 	NOT-FOR-US: PowerPhlogger
-CVE-2009-4252 (Cross-site scripting (XSS) vulnerability in images.php in Image ...)
+CVE-2009-4252
 	NOT-FOR-US: Image Hosting Script DPI
-CVE-2009-4251 (Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel ...)
+CVE-2009-4251
 	NOT-FOR-US: Jasc Paint Shop Pro
-CVE-2009-4250 (Multiple cross-site scripting (XSS) vulnerabilities in CutePHP ...)
+CVE-2009-4250
 	NOT-FOR-US: CuteNews
-CVE-2009-4249 (Multiple cross-site scripting (XSS) vulnerabilities in CutePHP ...)
+CVE-2009-4249
 	NOT-FOR-US: CuteNews
-CVE-2009-4248 (Buffer overflow in the RTSPProtocol::HandleSetParameterRequest ...)
+CVE-2009-4248
 	NOT-FOR-US: RealPlayer
-CVE-2009-4247 (Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in ...)
+CVE-2009-4247
 	NOT-FOR-US: RealPlayer
-CVE-2009-4246 (Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer ...)
+CVE-2009-4246
 	NOT-FOR-US: RealPlayer
-CVE-2009-4245 (Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer ...)
+CVE-2009-4245
 	NOT-FOR-US: RealPlayer
-CVE-2009-4244 (Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer ...)
+CVE-2009-4244
 	NOT-FOR-US: RealPlayer
-CVE-2009-4243 (RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through ...)
+CVE-2009-4243
 	NOT-FOR-US: RealPlayer
-CVE-2009-4242 (Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function ...)
+CVE-2009-4242
 	NOT-FOR-US: RealPlayer
-CVE-2009-4241 (Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer ...)
+CVE-2009-4241
 	NOT-FOR-US: RealPlayer
-CVE-2009-4240 (Multiple buffer overflows in unspecified setuid executables in the ...)
+CVE-2009-4240
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2009-4239 (Cross-site scripting (XSS) vulnerability in the Web console in IBM ...)
+CVE-2009-4239
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2009-4238 (Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow ...)
+CVE-2009-4238
 	NOT-FOR-US: TestLink
-CVE-2009-4237 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...)
+CVE-2009-4237
 	NOT-FOR-US: TestLink
-CVE-2009-4236 (The process function in ...)
+CVE-2009-4236
 	NOT-FOR-US: EC-CUBE
-CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users ...)
+CVE-2009-4235
 	{DSA-1960-1}
 	- acpid 1.0.6 (low; bug #560771)
 	NOTE: all versions set umask(0), might be worth double-checking what it opens
-CVE-2009-4234 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-4234
 	NOT-FOR-US: Micronet Network Access Controller
-CVE-2009-4233 (Cross-site scripting (XSS) vulnerability in modules/mod_yj_whois.php ...)
+CVE-2009-4233
 	NOT-FOR-US: Joomla! component
-CVE-2009-4232 (The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not ...)
+CVE-2009-4232
 	NOT-FOR-US: Joomla! component
-CVE-2009-4231 (Directory traversal vulnerability in as/lib/plugins.php in SweetRice ...)
+CVE-2009-4231
 	NOT-FOR-US: SweetRice
-CVE-2009-4230 (Multiple stack-based buffer overflows in src/Task.cc in the FastCGI ...)
+CVE-2009-4230
 	NOT-FOR-US: IIPImage Server
-CVE-2009-4229 (Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active ...)
+CVE-2009-4229
 	NOT-FOR-US: ActiveWebSoftwares Active Bids
-CVE-2009-4226 (Race condition in the IP module in the kernel in Sun OpenSolaris ...)
+CVE-2009-4226
 	NOT-FOR-US: OpenSolaris kernel
-CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control ...)
+CVE-2009-4225
 	NOT-FOR-US: PestPatrol
-CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and ...)
+CVE-2009-4228
 	- xfig <unfixed> (unimportant)
-CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in ...)
+CVE-2009-4227
 	- xfig 1:3.2.5.b-1 (low; bug #559274)
 	[lenny] - xfig <no-dsa> (Minor issue)
 	[etch] - xfig <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=543905
-CVE-2009-4413 (The httpClientDiscardBody function in client.c in Polipo 0.9.8, ...)
+CVE-2009-4413
 	{DSA-2002-1}
 	- polipo 1.0.4-2 (low; bug #560779)
 	[etch] - polipo <no-dsa> (Minor issue)
 	[lenny] - polipo <no-dsa> (Minor issue)
-CVE-2009-4224 (Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, ...)
+CVE-2009-4224
 	NOT-FOR-US: SweetRice
-CVE-2009-4223 (PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web ...)
+CVE-2009-4223
 	NOT-FOR-US: KR-Web
-CVE-2009-4222 (phpBazar 2.1.1fix and earlier does not require administrative ...)
+CVE-2009-4222
 	NOT-FOR-US: phpBazar
-CVE-2009-4221 (SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and ...)
+CVE-2009-4221
 	NOT-FOR-US: phpBazar
-CVE-2009-4220 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-4220
 	NOT-FOR-US: PointComma
-CVE-2009-4219 (Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX ...)
+CVE-2009-4219
 	NOT-FOR-US: Haihaisoft Universal Player
-CVE-2009-4218 (Multiple SQL injection vulnerabilities in files/login.asp in JiRo's ...)
+CVE-2009-4218
 	NOT-FOR-US: JiRo's Banner System eXperience (JBSX)
-CVE-2009-4217 (SQL injection vulnerability in the Itamar Elharar MusicGallery ...)
+CVE-2009-4217
 	NOT-FOR-US: Joomla! component
-CVE-2009-4216 (Directory traversal vulnerability in funzioni/lib/menulast.php in ...)
+CVE-2009-4216
 	NOT-FOR-US: klinza
-CVE-2009-4215 (Panda Global Protection 2010, Internet Security 2010, and Antivirus ...)
+CVE-2009-4215
 	NOT-FOR-US: Panda
 CVE-2009-4213
 	RESERVED
-CVE-2009-4212 (Multiple integer underflows in the (1) AES and (2) RC4 decryption ...)
+CVE-2009-4212
 	{DSA-1969-1}
 	- krb5 1.8+dfsg~alpha1-1
-CVE-2009-4211 (The U.S. Defense Information Systems Agency (DISA) Security Readiness ...)
+CVE-2009-4211
 	NOT-FOR-US: U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script
-CVE-2009-4210 (The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and ...)
+CVE-2009-4210
 	NOT-FOR-US: Microsoft
-CVE-2009-4209 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
+CVE-2009-4209
 	NOT-FOR-US: moziloCMS
-CVE-2009-4208 (SQL injection vulnerability in the os_news module in Open-school (OS) ...)
+CVE-2009-4208
 	NOT-FOR-US: Open-school
-CVE-2009-4207 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...)
+CVE-2009-4207
 	NOT-FOR-US: module for Drupal
-CVE-2009-4206 (SQL injection vulnerability in admin.link.modify.php in Million Dollar ...)
+CVE-2009-4206
 	NOT-FOR-US: Million Dollar Text Links
-CVE-2009-4205 (Directory traversal vulnerability in admin.php in Flashlight Free ...)
+CVE-2009-4205
 	NOT-FOR-US: Flashlight Free Edition
-CVE-2009-4204 (SQL injection vulnerability in read.php in Flashlight Free Edition ...)
+CVE-2009-4204
 	NOT-FOR-US: Flashlight Free Edition
-CVE-2009-4203 (Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php ...)
+CVE-2009-4203
 	NOT-FOR-US: Arab Portal
-CVE-2009-4202 (Directory traversal vulnerability in the Omilen Photo Gallery ...)
+CVE-2009-4202
 	NOT-FOR-US: Joomla! component
-CVE-2009-4201 (Multiple stack-based buffer overflows in Mp3 Tag Assistant ...)
+CVE-2009-4201
 	NOT-FOR-US: Mp3 Tag Assistant Professional
-CVE-2009-4200 (SQL injection vulnerability in the Seminar (com_seminar) component ...)
+CVE-2009-4200
 	NOT-FOR-US: Joomla! component
-CVE-2009-4199 (Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos ...)
+CVE-2009-4199
 	NOT-FOR-US: Joomla! component
-CVE-2009-4198 (SQL injection vulnerability in my_orders.php in MyMiniBill allows ...)
+CVE-2009-4198
 	NOT-FOR-US: MyMiniBill
-CVE-2009-4197 (rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware ...)
+CVE-2009-4197
 	NOT-FOR-US: Huawei MT882 V100R002B020
-CVE-2009-4196 (Multiple cross-site scripting (XSS) vulnerabilities in multiple ...)
+CVE-2009-4196
 	NOT-FOR-US: Huawei MT882 V100R002B020
-CVE-2009-4195 (Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and ...)
+CVE-2009-4195
 	NOT-FOR-US: Adobe Illustrator
-CVE-2009-4194 (Directory traversal vulnerability in Golden FTP Server 4.30 Free and ...)
+CVE-2009-4194
 	NOT-FOR-US: Golden FTP
-CVE-2009-4192 (Directory traversal vulnerability in dialog/file_manager.php in ...)
+CVE-2009-4192
 	NOT-FOR-US: Interspire Knowledge Manager
-CVE-2009-4191 (Unspecified vulnerability in the kernel in Sun Solaris 10 and ...)
+CVE-2009-4191
 	NOT-FOR-US: Sun Solaris
-CVE-2009-4190 (Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 ...)
+CVE-2009-4190
 	NOT-FOR-US: Sun Solaris
-CVE-2009-4189 (HP Operations Manager has a default password of OvW*busr1 for the ...)
+CVE-2009-4189
 	NOT-FOR-US: HP Operations Manager
-CVE-2009-4188 (HP Operations Dashboard has a default password of j2deployer for the ...)
+CVE-2009-4188
 	NOT-FOR-US: HP Operations Dashboard
-CVE-2009-4187 (Multiple cross-site scripting (XSS) vulnerabilities in the Gateway ...)
+CVE-2009-4187
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2009-4186 (Stack consumption vulnerability in Apple Safari 4.0.3 on Windows ...)
+CVE-2009-4186
 	NOT-FOR-US: Apple Safari
-CVE-2009-4185 (Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in ...)
+CVE-2009-4185
 	NOT-FOR-US: HP System Management Homepage
-CVE-2009-4184 (Unspecified vulnerability in HP Enterprise Cluster Master Toolkit ...)
+CVE-2009-4184
 	NOT-FOR-US: HP Enterprise Cluster Master Toolkit
-CVE-2009-4183 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 ...)
+CVE-2009-4183
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2009-4182 (Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a ...)
+CVE-2009-4182
 	NOT-FOR-US: HP Web Jetadmin
-CVE-2009-4181 (Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network ...)
+CVE-2009-4181
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4180 (Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network ...)
+CVE-2009-4180
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4179 (Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node ...)
+CVE-2009-4179
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4178 (Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network ...)
+CVE-2009-4178
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4177 (Buffer overflow in webappmon.exe in HP OpenView Network Node Manager ...)
+CVE-2009-4177
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4176 (Multiple heap-based buffer overflows in ovsessionmgr.exe in HP ...)
+CVE-2009-4176
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4175 (CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote ...)
+CVE-2009-4175
 	NOT-FOR-US: CuteNews
-CVE-2009-4174 (The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews ...)
+CVE-2009-4174
 	NOT-FOR-US: CuteNews
-CVE-2009-4173 (Cross-site request forgery (CSRF) vulnerability in CutePHP CuteNews ...)
+CVE-2009-4173
 	NOT-FOR-US: CuteNews
-CVE-2009-4172 (Cross-site scripting (XSS) vulnerability in index.php in CutePHP ...)
+CVE-2009-4172
 	NOT-FOR-US: CuteNews
-CVE-2009-4171 (An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger ...)
+CVE-2009-4171
 	NOT-FOR-US: ActiveX
-CVE-2009-4170 (WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, ...)
+CVE-2009-4170
 	NOT-FOR-US: WP-Cumulus Plug-in 1.20 for WordPress
-CVE-2009-4169 (Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the ...)
+CVE-2009-4169
 	NOT-FOR-US: WP-Cumulus Plug-in 1.20 for WordPress
-CVE-2009-4168 (Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as ...)
+CVE-2009-4168
 	NOT-FOR-US: WP-Cumulus Plug-in 1.20 for WordPress
-CVE-2009-4167 (Unspecified vulnerability in the Automatic Base Tags for RealUrl ...)
+CVE-2009-4167
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4166 (SQL injection vulnerability in the Trips (mchtrips) extension 2.0.0 ...)
+CVE-2009-4166
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4165 (SQL injection vulnerability in the simple Glossar (simple_glossar) ...)
+CVE-2009-4165
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4164 (Cross-site scripting (XSS) vulnerability in the simple Glossar ...)
+CVE-2009-4164
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4163 (SQL injection vulnerability in the TW Productfinder (tw_productfinder) ...)
+CVE-2009-4163
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4162 (Unspecified vulnerability in the DB Integration (wfqbe) extension ...)
+CVE-2009-4162
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4161 (Cross-site scripting (XSS) vulnerability in the [AN] Search it! ...)
+CVE-2009-4161
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4160 (Unspecified vulnerability in the Simple download-system with counter ...)
+CVE-2009-4160
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4159 (Cross-site scripting (XSS) vulnerability in the newsletter ...)
+CVE-2009-4159
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4158 (SQL injection vulnerability in the Calendar Base (cal) extension ...)
+CVE-2009-4158
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4157 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-4157
 	NOT-FOR-US: Joomla!
-CVE-2009-4156 (PHP remote file inclusion vulnerability in modules/pms/index.php in ...)
+CVE-2009-4156
 	NOT-FOR-US: Ciamos CMS
-CVE-2009-4155 (Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote ...)
+CVE-2009-4155
 	NOT-FOR-US: Eshopbuilde
-CVE-2009-4154 (Directory traversal vulnerability in includes/feedcreator.class.php in ...)
+CVE-2009-4154
 	NOT-FOR-US: Elxis CMS
-CVE-2009-4153 (Unspecified vulnerability in the XMLAccess component in IBM WebSphere ...)
+CVE-2009-4153
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-4152 (Cross-site scripting (XSS) vulnerability in the Collaboration ...)
+CVE-2009-4152
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-4151 (Session fixation vulnerability in html/Elements/SetupSessionCookie in ...)
+CVE-2009-4151
 	{DSA-1944-1}
 	- request-tracker3.6 3.6.9-2 (low)
 	- request-tracker3.4 <removed>
-CVE-2009-4150 (dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and ...)
+CVE-2009-4150
 	NOT-FOR-US: IBM DB2
-CVE-2009-4149 (Cross-site scripting (XSS) vulnerability in the web interface in CA ...)
+CVE-2009-4149
 	NOT-FOR-US: CA Service Desk
-CVE-2009-4148 (DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote attackers ...)
+CVE-2009-4148
 	NOT-FOR-US: DAZ Studio
-CVE-2009-4147 (The _rtld function in the Run-Time Link-Editor (rtld) in ...)
+CVE-2009-4147
 	- kfreebsd-6 <not-affected> (the affected file -rtld.c-  is not in the archive, not even kFreeBSD)
-CVE-2009-4146 (The _rtld function in the Run-Time Link-Editor (rtld) in ...)
+CVE-2009-4146
 	- kfreebsd-6 <not-affected> (the affected file -rtld.c-  is not in the archive, not even kFreeBSD)
-CVE-2009-4145 (nm-connection-editor in NetworkManager (NM) 0.7.x exports connection ...)
+CVE-2009-4145
 	- network-manager-applet 0.7.2-2 (low; bug #563371)
 	- network-manager <not-affected> (-editor introduced in 0.7 on the -applet package)
 	[lenny] - network-manager-applet <not-affected> (-editor was introduced in 0.7)
-CVE-2009-4143 (PHP before 5.2.12 does not properly handle session data, which has ...)
+CVE-2009-4143
 	{DSA-2001-1}
 	- php5 5.2.12.dfsg.1-1 (low)
-CVE-2009-4142 (The htmlspecialchars function in PHP before 5.2.12 does not properly ...)
+CVE-2009-4142
 	{DSA-2001-1}
 	- php5 5.2.12.dfsg.1-1 (medium)
-CVE-2009-4141 (Use-after-free vulnerability in the fasync_helper function in ...)
+CVE-2009-4141
 	- linux-2.6 2.6.32-6
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=53281b6d3
-CVE-2009-4140 (Unrestricted file upload vulnerability in ofc_upload_image.php in Open ...)
+CVE-2009-4140
 	- piwik <itp> (bug #506933)
-CVE-2009-4139 (Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java ...)
+CVE-2009-4139
 	NOT-FOR-US: spacewalk-java
-CVE-2009-4138 (drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when ...)
+CVE-2009-4138
 	{DSA-2005-1}
 	- linux-2.6 2.6.32-3 (medium)
 	[etch] - linux-2.6 <not-affected> (ohci introduced in 2.6.22)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4137 (The loadContentFromCookie function in core/Cookie.php in Piwik before ...)
+CVE-2009-4137
 	- piwik <itp> (bug #506933)
-CVE-2009-4136 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before ...)
+CVE-2009-4136
 	{DSA-1964-1}
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
 	- postgresql-8.3 8.3.9-1 (low)
 	- postgresql-8.4 8.4.2-1 (low)
-CVE-2009-4135 (The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 ...)
+CVE-2009-4135
 	- coreutils <not-affected> (this issue only affects the coreutils build process; bug #560898)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545439
-CVE-2009-4134 (Buffer underflow in the rgbimg module in Python 2.5 allows remote ...)
+CVE-2009-4134
 	- python3.1 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.7 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.6 <not-affected> (rgbimgmodule no longer included in source)
@@ -2392,11 +2392,11 @@ CVE-2009-4134 (Buffer underflow in the rgbimg module in Python 2.5 allows remote
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2009-4133 (Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for ...)
+CVE-2009-4133
 	- condor <not-affected> (Fixed before initial upload to archive)
 CVE-2009-4132
 	REJECTED
-CVE-2009-4131 (The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ...)
+CVE-2009-4131
 	- linux-2.6 2.6.32-2 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.31)
@@ -2404,23 +2404,23 @@ CVE-2009-4131 (The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in
 CVE-2009-XXXX [monkey DoS]
 	- monkey 0.9.3-1 (low)
 	[lenny] - monkey <no-dsa> (Minor issue, fringe package)
-CVE-2009-4130 (Visual truncation vulnerability in the MakeScriptDialogTitle function ...)
+CVE-2009-4130
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-4129 (Race condition in Mozilla Firefox allows remote attackers to produce a ...)
+CVE-2009-4129
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-4128 (GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted ...)
+CVE-2009-4128
 	- grub2 1.97+20091115-1 (bug #555195)
 	[lenny] - grub2 <not-affected> (Password authentication not yet present)
 	- grub <not-affected> (only affects grub2)
-CVE-2009-4127 (Unspecified vulnerability in Wikipedia Toolbar extension before ...)
+CVE-2009-4127
 	NOT-FOR-US: Wikipedia Toolbar extension for Firefox
 CVE-2009-4126
 	RESERVED
 CVE-2009-4125
 	RESERVED
-CVE-2009-4124 (Heap-based buffer overflow in the rb_str_justify function in string.c ...)
+CVE-2009-4124
 	- ruby1.9.1 1.9.1.376-1
 	- ruby1.9 <removed> (bug #572817)
 	- ruby1.8 <not-affected>
@@ -2429,116 +2429,116 @@ CVE-2009-4123
 	RESERVED
 CVE-2009-4122
 	RESERVED
-CVE-2009-4121 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4121
 	NOT-FOR-US: Quick CMS
-CVE-2009-4120 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-4120
 	NOT-FOR-US: Quick.Cart
-CVE-2009-4119 (Cross-site scripting (XSS) vulnerability in Feed Element Mapper module ...)
+CVE-2009-4119
 	NOT-FOR-US: module for Drupal
-CVE-2009-4118 (The StartServiceCtrlDispatcher function in the cvpnd service ...)
+CVE-2009-4118
 	NOT-FOR-US: Cisco VPN client for Windows
-CVE-2009-4117 (Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before ...)
+CVE-2009-4117
 	NOT-FOR-US: MuPDF
-CVE-2009-4116 (Multiple directory traversal vulnerabilities in CutePHP CuteNews ...)
+CVE-2009-4116
 	NOT-FOR-US: CutePHP
-CVE-2009-4115 (Multiple static code injection vulnerabilities in the Categories ...)
+CVE-2009-4115
 	NOT-FOR-US: CutePHP CuteNews
-CVE-2009-4114 (kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other ...)
+CVE-2009-4114
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2009-4113 (Static code injection vulnerability in the Categories module in ...)
+CVE-2009-4113
 	NOT-FOR-US: CutePHP CuteNews
-CVE-2009-4110 (Cross-site scripting (XSS) vulnerability in the search functionality ...)
+CVE-2009-4110
 	NOT-FOR-US: DotNetNuke
-CVE-2009-4109 (The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent ...)
+CVE-2009-4109
 	NOT-FOR-US: DotNetNuke
-CVE-2009-4108 (XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to ...)
+CVE-2009-4108
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2009-4107 (Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted ...)
+CVE-2009-4107
 	NOT-FOR-US: Invisible Browsing
-CVE-2009-4106 (Unrestricted file upload vulnerability in admintools/editpage-2.php in ...)
+CVE-2009-4106
 	NOT-FOR-US: Agoko CMS
-CVE-2009-4105 (TYPSoft FTP Server 1.10 allows remote authenticated users to cause a ...)
+CVE-2009-4105
 	NOT-FOR-US: TYPSoft FTP Server
-CVE-2009-4104 (SQL injection vulnerability in Lyften Designs LyftenBloggie ...)
+CVE-2009-4104
 	NOT-FOR-US: Joomla! component
-CVE-2009-4103 (Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, ...)
+CVE-2009-4103
 	NOT-FOR-US: Robo-FTP
-CVE-2009-4102 (Sage 1.4.3 and earlier extension for Firefox performs certain ...)
+CVE-2009-4102
 	{DSA-1951-1}
 	- firefox-sage 1.4.3-4 (medium; bug #559267)
-CVE-2009-4101 (infoRSS 1.1.4.2 and earlier extension for Firefox performs certain ...)
+CVE-2009-4101
 	NOT-FOR-US: infoRSS extension for Firefox
-CVE-2009-4100 (Yoono extension before 6.1.1 for Firefox performs certain operations ...)
+CVE-2009-4100
 	NOT-FOR-US: Yoono extension for Firefox
-CVE-2009-4099 (SQL injection vulnerability in the Google Calendar GCalendar ...)
+CVE-2009-4099
 	NOT-FOR-US: Joomla! Component
-CVE-2009-4098 (Unrestricted file upload vulnerability in banner-edit.php in OpenX ...)
+CVE-2009-4098
 	- openx <itp> (bug #513771)
-CVE-2009-4097 (Stack-based buffer overflow in the MplayInputFile function in Serenity ...)
+CVE-2009-4097
 	NOT-FOR-US: Serenity Audio Player
-CVE-2009-4096 (RADIO istek scripti 2.5 stores sensitive information under the web ...)
+CVE-2009-4096
 	NOT-FOR-US: RADIO istek scripti
-CVE-2009-4095 (myPhile 1.2.1 allows remote attackers to bypass authentication via an ...)
+CVE-2009-4095
 	NOT-FOR-US: myPhile
-CVE-2009-4094 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-4094
 	NOT-FOR-US: Joomla! component
-CVE-2009-4093 (Multiple cross-site scripting (XSS) vulnerabilities in comments.php in ...)
+CVE-2009-4093
 	NOT-FOR-US: Simplog
-CVE-2009-4092 (Cross-site request forgery (CSRF) vulnerability in user.php in Simplog ...)
+CVE-2009-4092
 	NOT-FOR-US: Simplog
-CVE-2009-4091 (comments.php in Simplog 0.9.3.2, and possibly earlier, does not ...)
+CVE-2009-4091
 	NOT-FOR-US: Simplog
-CVE-2009-4090 (Unrestricted file upload vulnerability in ajax/addComment.php in ...)
+CVE-2009-4090
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4089 (telepark.wiki 2.4.23 and earlier allows remote attackers to bypass ...)
+CVE-2009-4089
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4088 (Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 ...)
+CVE-2009-4088
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4087 (Cross-site scripting (XSS) vulnerability in index.php in telepark.wiki ...)
+CVE-2009-4087
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4086 (CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 ...)
+CVE-2009-4086
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-4085 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-4085
 	NOT-FOR-US: PHP Traverser
-CVE-2009-4084 (SQL injection vulnerability in the search feature in e107 0.7.16 and ...)
+CVE-2009-4084
 	NOT-FOR-US: e107
-CVE-2009-4083 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.16 and ...)
+CVE-2009-4083
 	NOT-FOR-US: e107
-CVE-2009-4082 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-4082
 	NOT-FOR-US: Outreach Project Tool
-CVE-2009-4081 (Untrusted search path vulnerability in dstat before r3199 allows local ...)
+CVE-2009-4081
 	- dstat <not-affected> (Fixed/tracked as CVE-2009-3894)
 	NOTE: This second ID is about the same issue, but for an older version, see
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=293497
 	NOTE: For Debian we'll just use CVE-2009-3894 and mark this one as not-affected
-CVE-2009-4080 (Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP ...)
+CVE-2009-4080
 	NOT-FOR-US: ldap_cachemgr in Sun Solaris
-CVE-2009-4079 (Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and ...)
+CVE-2009-4079
 	- redmine 0.9.0~svn2902-1
-CVE-2009-4078 (Multiple cross-site scripting (XSS) vulnerabilities in Redmine 0.8.5 ...)
+CVE-2009-4078
 	- redmine 0.9.0~svn2902-1
-CVE-2009-4077 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail ...)
+CVE-2009-4077
 	- roundcube 0.3-1
-CVE-2009-4076 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail ...)
+CVE-2009-4076
 	- roundcube 0.3-1
-CVE-2009-4075 (Unspecified vulnerability in the timeout mechanism in sshd in Sun ...)
+CVE-2009-4075
 	NOT-FOR-US: Sun Solaris
-CVE-2009-4074 (The XSS Filter in Microsoft Internet Explorer 8 allows remote ...)
+CVE-2009-4074
 	NOT-FOR-US: Microsoft Internet Explorer 8
-CVE-2009-4214 (Cross-site scripting (XSS) vulnerability in the strip_tags function in ...)
+CVE-2009-4214
 	{DSA-2301-1 DSA-2260-1}
 	- rails 2.2.3-2 (low; bug #558685)
 	NOTE: http://groups.google.com/group/rubyonrails-security/browse_thread/thread/4d4f71f2aef4c0ab?pli=1
-CVE-2009-4073 (The printing functionality in Microsoft Internet Explorer 8 allows ...)
+CVE-2009-4073
 	NOT-FOR-US: Microsoft Internet Explorer 8
-CVE-2009-4072 (Unspecified vulnerability in Opera before 10.10 has unknown impact and ...)
+CVE-2009-4072
 	NOT-FOR-US: Opera
-CVE-2009-4071 (Opera before 10.10, when exception stacktraces are enabled, places ...)
+CVE-2009-4071
 	NOT-FOR-US: Opera
-CVE-2009-4070 (SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly ...)
+CVE-2009-4070
 	{DSA-1818-1}
 	- gforge 4.7.3-2
-CVE-2009-4069 (Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, ...)
+CVE-2009-4069
 	{DSA-1818-1}
 	- gforge 4.7.3-2
 CVE-2009-4068
@@ -2548,83 +2548,83 @@ CVE-2009-4067
 	{DSA-2310-1}
 	- linux-2.6 2.6.28-1 (low)
 	NOTE: Driver was removed in 2.6.27
-CVE-2009-4066 (Multiple cross-site request forgery (CSRF) vulnerabilities in the &quot;My ...)
+CVE-2009-4066
 	NOT-FOR-US: module for Drupal
-CVE-2009-4065 (Cross-site scripting (XSS) vulnerability in the settings page in the ...)
+CVE-2009-4065
 	NOT-FOR-US: module for Drupal
-CVE-2009-4064 (Cross-site scripting (XSS) vulnerability in the Gallery Assist module ...)
+CVE-2009-4064
 	NOT-FOR-US: module for Drupal
-CVE-2009-4063 (Cross-site scripting (XSS) vulnerability in the Subgroups for Organic ...)
+CVE-2009-4063
 	NOT-FOR-US: module for Drupal
-CVE-2009-4062 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2009-4062
 	NOT-FOR-US: module for Drupal
-CVE-2009-4061 (Multiple cross-site scripting (XSS) vulnerabilities in the Agreement ...)
+CVE-2009-4061
 	NOT-FOR-US: module for Drupal
-CVE-2009-4060 (SQL injection vulnerability in includes/content/viewProd.inc.php in ...)
+CVE-2009-4060
 	NOT-FOR-US: CubeCart
-CVE-2009-4059 (SQL injection vulnerability in the JoomClip (com_joomclip) component ...)
+CVE-2009-4059
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4058 (SQL injection vulnerability in allauctions.php in Telebid Auction ...)
+CVE-2009-4058
 	NOT-FOR-US: Telebid Auction Script
-CVE-2009-4057 (SQL injection vulnerability in the inertialFATE iF Portfolio Nexus ...)
+CVE-2009-4057
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4056 (Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 ...)
+CVE-2009-4056
 	NOT-FOR-US: Betsy CMS
-CVE-2009-4055 (rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before ...)
+CVE-2009-4055
 	{DSA-1952-1}
 	- asterisk 1:1.6.2.0~rc7-1 (bug #559103)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 CVE-2009-4054
 	REJECTED
-CVE-2009-4053 (Multiple directory traversal vulnerabilities in Home FTP Server ...)
+CVE-2009-4053
 	NOT-FOR-US: Home FTP Server
-CVE-2009-4052 (Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget ...)
+CVE-2009-4052
 	NOT-FOR-US: IBM Rational Application Developer for WebSphere
-CVE-2009-4051 (Home FTP Server 1.10.1.139 allows remote attackers to cause a denial ...)
+CVE-2009-4051
 	NOT-FOR-US: Home FTP Server
-CVE-2009-4050 (Directory traversal vulnerability in get_file.php in phpMyBackupPro ...)
+CVE-2009-4050
 	NOT-FOR-US: phpMyBackupPro
-CVE-2009-4049 (Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in ...)
+CVE-2009-4049
 	NOT-FOR-US: avast
-CVE-2009-4048 (Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote authenticated ...)
+CVE-2009-4048
 	NOT-FOR-US: Dxmsoft XM Easy Personal FTP Server
-CVE-2009-4047 (Multiple cross-site scripting (XSS) vulnerabilities in PHD Help Desk ...)
+CVE-2009-4047
 	NOT-FOR-US: PHD Help Desk
-CVE-2009-4112 (Cacti 0.8.7e and earlier allows remote authenticated administrators to ...)
+CVE-2009-4112
 	[experimental] - cacti 1.2.0~beta2+ds1-1
 	- cacti 1.2.1+ds1-1 (unimportant; bug #561339)
 	NOTE: 4B0E1566.1070509@moritz-naumann.com in bugtraq
 	NOTE: as one requires admin access to cacti, upstream will implement a whitelist
 	NOTE: https://github.com/Cacti/cacti/issues/1072
-CVE-2009-4032 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e ...)
+CVE-2009-4032
 	{DSA-1954-1}
 	- cacti 0.8.7e-1.1 (low; bug #561338)
 	NOTE: http://docs.cacti.net/#cross-site_scripting_fixes
 	NOTE: http://www.cacti.net/download_patches.php
 	NOTE: incomplete, probably another CVE id will be allocated: https://bugzilla.redhat.com/show_bug.cgi?id=541279#c17
-CVE-2009-4046 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x ...)
+CVE-2009-4046
 	NOT-FOR-US: FrontAccounting
-CVE-2009-4045 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before ...)
+CVE-2009-4045
 	NOT-FOR-US: FrontAccounting
-CVE-2009-4044 (The Web Services module 6.x for Drupal does not perform the expected ...)
+CVE-2009-4044
 	NOT-FOR-US: Web Services module for Drupal
-CVE-2009-4043 (Cross-site scripting (XSS) vulnerability in the AddToAny module 5.x ...)
+CVE-2009-4043
 	NOT-FOR-US: module for Drupal
-CVE-2009-4042 (Cross-site scripting (XSS) vulnerability in the RootCandy theme 6.x ...)
+CVE-2009-4042
 	NOT-FOR-US: theme for Drupal
-CVE-2009-4041 (UseBB 1.0.9 before 1.0.10 allows remote attackers to cause a denial of ...)
+CVE-2009-4041
 	NOT-FOR-US: UseBB
-CVE-2009-4040 (Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and ...)
+CVE-2009-4040
 	NOT-FOR-US: phpMyFAQ
-CVE-2009-4039 (Cross-site scripting (XSS) vulnerability in Piwigo before 2.0.6 allows ...)
+CVE-2009-4039
 	- piwigo <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-4038 (Multiple cross-site scripting (XSS) vulnerabilities in NCH Software ...)
+CVE-2009-4038
 	NOT-FOR-US: NCH Software Axon Virtual PBX
-CVE-2009-4037 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before ...)
+CVE-2009-4037
 	NOT-FOR-US: FrontAccounting
 CVE-2009-4036
 	REJECTED
-CVE-2009-4035 (The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf ...)
+CVE-2009-4035
 	- kdegraphics 4:4.0.0-1
 	- xpdf 3.01-1
 	- poppler 0.5.1-1
@@ -2632,28 +2632,28 @@ CVE-2009-4035 (The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0,
 	NOTE: was silently fixed by upstream xpdf, fix propagated to poppler in 4b4fc5c017b/2005-09-14
 	NOTE: but at least version 0.4.5 does *not* contain the ship.
 	NOTE: Was fixed somewhere between 0.4.5 and 0.5.1
-CVE-2009-4034 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before ...)
+CVE-2009-4034
 	{DSA-1964-1}
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
 	- postgresql-8.3 8.3.9-1 (low)
 	- postgresql-8.4 8.4.2-1 (low)
-CVE-2009-4033 (A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to ...)
+CVE-2009-4033
 	- acpid <not-affected> (problem in redhat-specific patch; debian uses sensible permissions 0664)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=515062
-CVE-2009-4031 (The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 ...)
+CVE-2009-4031
 	{DSA-1962-1}
 	- linux-2.6 2.6.32-3 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed> (low; bug #562075)
-CVE-2009-4030 (MySQL 5.1.x before 5.1.41 allows local users to bypass certain ...)
+CVE-2009-4030
 	{DSA-1997-1}
 	- mysql-5.1 5.1.43-1
 	- mysql-dfsg-5.0 <removed>
-CVE-2009-4029 (The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, ...)
+CVE-2009-4029
 	- automake 1:1.4-p6-13.1
 	[lenny] - automake <no-dsa> (Minor issue)
 	- automake1.9 1.9.6+nogfdl-3.1
@@ -2664,49 +2664,49 @@ CVE-2009-4029 (The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.
 	[lenny] - automake1.10 <no-dsa> (Minor issue)
 	NOTE: spu will be released to avoid spreading the bug even further
 	NOTE: http://lists.gnu.org/archive/html/automake/2009-12/msg00012.html
-CVE-2009-4028 (The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x ...)
+CVE-2009-4028
 	- mysql-5.1 <not-affected> (Vulnerable code not present)
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
 	NOTE: built with --without-openssl
-CVE-2009-4027 (Race condition in the mac80211 subsystem in the Linux kernel before ...)
+CVE-2009-4027
 	{DSA-1996-1 DTSA-204-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.26)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.26)
-CVE-2009-4026 (The mac80211 subsystem in the Linux kernel before ...)
+CVE-2009-4026
 	{DTSA-204-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.30)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.30)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.30)
-CVE-2009-4025 (Argument injection vulnerability in the traceroute function in ...)
+CVE-2009-4025
 	NOT-FOR-US: Net_Traceroute PEAR module
-CVE-2009-4024 (Argument injection vulnerability in the ping function in Ping.php in ...)
+CVE-2009-4024
 	{DSA-1949-1}
 	- php-net-ping 2.4.2-1.1 (medium)
 	NOTE: fix applied by upstream is incomplete, reported to oss-sec
-CVE-2009-4111 (Argument injection vulnerability in Mail/sendmail.php in the Mail ...)
+CVE-2009-4111
 	{DSA-1938-1}
 	- php-mail 1.1.14-2 (medium; bug #557121)
 	[lenny] - php-mail  1.1.14-1+lenny1
 	[etch] - php-mail 1.1.6-2+etch1
-CVE-2009-4023 (Argument injection vulnerability in the sendmail implementation of the ...)
+CVE-2009-4023
 	{DSA-1938-1}
 	- php-mail 1.1.14-2 (medium; bug #557121)
 	[lenny] - php-mail  1.1.14-1+lenny1
 	[etch] - php-mail 1.1.6-2+etch1
-CVE-2009-4022 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before ...)
+CVE-2009-4022
 	{DSA-1961-1}
 	- bind9 1:9.6.1.dfsg.P2-1 (medium)
 	NOTE: https://www.isc.org/node/504
 	NOTE: Only affects installations with trust anchors, but then the
 	NOTE: consequences are quite severe.
-CVE-2009-4020 (Stack-based buffer overflow in the hfs subsystem in the Linux kernel ...)
+CVE-2009-4020
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-3 (medium)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4019 (mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not ...)
+CVE-2009-4019
 	{DSA-1997-1}
 	- mysql-5.1 5.1.41-1
 	- mysql-dfsg-5.0 <removed>
@@ -2714,75 +2714,75 @@ CVE-2009-4019 (mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does
 	NOTE: http://web.archive.org/web/20140723045533/http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
 	NOTE: http://bugs.mysql.com/47780
 	NOTE: http://bugs.mysql.com/48291
-CVE-2009-4018 (The proc_open function in ext/standard/proc_open.c in PHP before ...)
+CVE-2009-4018
 	- php5 5.2.11.dfsg.1-1 (unimportant)
 	NOTE: safe_mode bypass
-CVE-2009-4016 (Integer underflow in the clean_string function in irc_string.c in (1) ...)
+CVE-2009-4016
 	{DSA-1980-1}
 	- ircd-ratbox 3.0.6.dfsg-1 (medium; bug #567191)
 	- ircd-hybrid 1:7.2.2.dfsg.2-6.1 (medium; bug #567192)
 	- oftc-hybrid 1.6.3.dfsg-1.1 (medium; bug #567193)
-CVE-2009-4015 (Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x ...)
+CVE-2009-4015
 	{DSA-1979-1}
 	- lintian 2.3.2 (medium)
-CVE-2009-4014 (Multiple format string vulnerabilities in Lintian 1.23.x through ...)
+CVE-2009-4014
 	{DSA-1979-1}
 	- lintian 2.3.2 (medium)
-CVE-2009-4013 (Multiple directory traversal vulnerabilities in Lintian 1.23.x through ...)
+CVE-2009-4013
 	{DSA-1979-1}
 	- lintian 2.3.2 (medium)
-CVE-2009-4012 (Multiple integer overflows in LibThai before 0.1.13 might allow ...)
+CVE-2009-4012
 	{DSA-1971-1}
 	- libthai 0.1.13-1
 CVE-2009-4011 [dtc-xen race condition]
 	RESERVED
 	- dtc-xen 0.5.4-1
 	[lenny] - dtc-xen <not-affected> (Only affects 0.5.x)
-CVE-2009-4010 (Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows ...)
+CVE-2009-4010
 	{DSA-1968-2 DSA-1968-1}
 	- pdns-recursor 3.1.7.2-1 (high)
-CVE-2009-4009 (Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote ...)
+CVE-2009-4009
 	{DSA-1968-1}
 	- pdns-recursor 3.1.7.2-1 (high)
 	[etch] - pdns-recursor <not-affected> (vulnerable code not present)
-CVE-2009-4008 (Unbound before 1.4.4 does not send responses for signed zones after ...)
+CVE-2009-4008
 	{DSA-2243-1}
 	- unbound 1.4.4-1 (low)
-CVE-2009-4007 (Unspecified vulnerability in the NormaliseTrainConsist function in ...)
+CVE-2009-4007
 	- openttd 0.7.5-1
 	[lenny] - openttd 0.6.2-1+lenny1
-CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft ...)
+CVE-2009-4006
 	NOT-FOR-US: Serv-U FTP server
-CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the ...)
+CVE-2009-4005
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-1 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (low)
-CVE-2009-4003 (Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 ...)
+CVE-2009-4003
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-4002 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 ...)
+CVE-2009-4002
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-4001 (Integer overflow in XnView before 1.97.2 might allow remote attackers ...)
+CVE-2009-4001
 	NOT-FOR-US: XnView
-CVE-2009-4000 (Directory traversal vulnerability in goform/formExportDataLogs in HP ...)
+CVE-2009-4000
 	NOT-FOR-US: HP Power Manager
-CVE-2009-3999 (Stack-based buffer overflow in goform/formExportDataLogs in HP Power ...)
+CVE-2009-3999
 	NOT-FOR-US: HP Power Manager
 CVE-2009-3998
 	RESERVED
-CVE-2009-3997 (Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in ...)
+CVE-2009-3997
 	NOT-FOR-US: winamp
-CVE-2009-3996 (Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder ...)
+CVE-2009-3996
 	{DSA-2071-1}
 	- libmikmod 3.1.11-6.2 (bug #575742)
 	- pysol-sound-server <removed> (unimportant)
 	NOTE: pysol-sound-server embeds a mikmod copy, but only reads to local files
-CVE-2009-3995 (Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module ...)
+CVE-2009-3995
 	{DSA-2081-1 DSA-2071-1}
 	- libmikmod 3.1.11-6.2 (bug #575742)
 	- pysol-sound-server <removed> (unimportant)
 	NOTE: pysol-sound-server embeds a mikmod copy, but only reads to local files
-CVE-2009-3994 (Stack-based buffer overflow in the GetUID function in ...)
+CVE-2009-3994
 	- devil 1.7.8-6 (low; bug #560080)
 	[lenny] - devil <no-dsa> (Minor issue)
 	[etch] - devil <no-dsa> (Minor issue)
@@ -2794,10 +2794,10 @@ CVE-2009-3991
 	REJECTED
 CVE-2009-3990
 	REJECTED
-CVE-2009-3989 (Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and ...)
+CVE-2009-3989
 	- bugzilla 3.4.7.0-1 (unimportant)
 	NOTE: http://www.bugzilla.org/security/3.0.10/
-CVE-2009-3988 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and ...)
+CVE-2009-3988
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
@@ -2805,165 +2805,165 @@ CVE-2009-3988 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and .
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.3-1
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
-CVE-2009-3987 (The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and ...)
+CVE-2009-3987
 	- xulrunner <not-affected> (Windows-specific vulnerability)
-CVE-2009-3986 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey ...)
+CVE-2009-3986
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3985 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey ...)
+CVE-2009-3985
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3984 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey ...)
+CVE-2009-3984
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3983 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey ...)
+CVE-2009-3983
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3982 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
+CVE-2009-3982
 	- xulrunner 1.9.1.6-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3981 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2009-3981
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1
 	NOTE: Only affects Firefox 3
-CVE-2009-3980 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2009-3980
 	- xulrunner 1.9.1.6-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3979 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2009-3979
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3978 (The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp ...)
+CVE-2009-3978
 	- xulrunner 1.9.1.5-1 (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-3977 (Multiple buffer overflows in a certain ActiveX control in ...)
+CVE-2009-3977
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3976 (Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to ...)
+CVE-2009-3976
 	NOT-FOR-US: Labtam ProFTP
-CVE-2009-3975 (SQL injection vulnerability in index.php in Moa Gallery 1.1.0 and ...)
+CVE-2009-3975
 	NOT-FOR-US: Moa Gallery
-CVE-2009-3974 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB or ...)
+CVE-2009-3974
 	NOT-FOR-US: Invision Power Board
-CVE-2009-3973 (SQL injection vulnerability in index.php in Turnkey Arcade Script ...)
+CVE-2009-3973
 	NOT-FOR-US: Turnkey Arcade Script
-CVE-2009-3972 (SQL injection vulnerability in the Q-Proje Siirler Bileseni ...)
+CVE-2009-3972
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3971 (SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 ...)
+CVE-2009-3971
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3970 (SQL injection vulnerability in index.php in PHP Dir Submit (aka ...)
+CVE-2009-3970
 	NOT-FOR-US: PHP Dir Submit
-CVE-2009-3969 (Stack-based buffer overflow in Faslo Player 7.0 allows remote ...)
+CVE-2009-3969
 	NOT-FOR-US: Faslo Player
-CVE-2009-3968 (Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote ...)
+CVE-2009-3968
 	NOT-FOR-US: ITechBids
-CVE-2009-3967 (SQL injection vulnerability in browse.php in Ed Charkow SuperCharged ...)
+CVE-2009-3967
 	NOT-FOR-US: Ed Charkow SuperCharged Linking
-CVE-2009-3966 (Arcade Trade Script 1.0 allows remote attackers to bypass ...)
+CVE-2009-3966
 	NOT-FOR-US: Arcade Trade Script
-CVE-2009-3965 (SQL injection vulnerability in rating.php in New 5 star Rating 1.0 ...)
+CVE-2009-3965
 	NOT-FOR-US: New 5 star Rating
-CVE-2009-3964 (SQL injection vulnerability in the NinjaMonials (com_ninjacentral) ...)
+CVE-2009-3964
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3898 (Directory traversal vulnerability in ...)
+CVE-2009-3898
 	- nginx 0.7.63-1 (low; bug #557389)
 	[etch] - nginx <no-dsa> (upload rights required)
 	[lenny] - nginx <no-dsa> (upload rights required)
-CVE-2009-3897 (Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of ...)
+CVE-2009-3897
 	- dovecot 1:1.2.8-1 (medium; bug #557601)
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
 	[etch] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2009-4017 (PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number ...)
+CVE-2009-4017
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-2 (medium)
 	- php4 <removed> (medium)
 	NOTE: workarounds include using 5.3.1 or php5-suhosin
 	NOTE: 4B068517.802@acunetix.com on bugtraq explains it
-CVE-2009-3080 (Array index error in the gdth_read_event function in ...)
+CVE-2009-3080
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=690e744869f3262855b83b4fb59199cf142765b0
-CVE-2009-4021 (The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in ...)
+CVE-2009-4021
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-1 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=538734
-CVE-2009-3963 (Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have ...)
+CVE-2009-3963
 	NOT-FOR-US: XOOPS
-CVE-2009-3962 (The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, ...)
+CVE-2009-3962
 	NOT-FOR-US: 2wire Gateway
-CVE-2009-3961 (SQL injection vulnerability in user.php in Super Serious Stats (aka ...)
+CVE-2009-3961
 	NOT-FOR-US: Super Serious Stats
-CVE-2009-3960 (Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in ...)
+CVE-2009-3960
 	NOT-FOR-US: LiveCycle
-CVE-2009-3959 (Integer overflow in the U3D implementation in Adobe Reader and Acrobat ...)
+CVE-2009-3959
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3958 (Multiple stack-based buffer overflows in the NOS Microsystems getPlus ...)
+CVE-2009-3958
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3957 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows ...)
+CVE-2009-3957
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3956 (The default configuration of Adobe Reader and Acrobat 9.x before 9.3, ...)
+CVE-2009-3956
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3955 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows ...)
+CVE-2009-3955
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3954 (The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and ...)
+CVE-2009-3954
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3953 (The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x ...)
+CVE-2009-3953
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and ...)
+CVE-2009-3952
 	NOT-FOR-US: Adobe Illustrator
-CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
+CVE-2009-3951
 	NOT-FOR-US: Flash Player
-CVE-2009-3950 (Multiple cross-site scripting (XSS) vulnerabilities in Bractus ...)
+CVE-2009-3950
 	NOT-FOR-US: Bractus SunTrack
-CVE-2009-3949 (cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not ...)
+CVE-2009-3949
 	NOT-FOR-US: VivaPrograms Infinity
-CVE-2009-3948 (JetAudio 7.5.3 COWON Media Center allows remote attackers to cause a ...)
+CVE-2009-3948
 	NOT-FOR-US: JetAudio
-CVE-2009-3947 (Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows ...)
+CVE-2009-3947
 	NOT-FOR-US: Tandberg MXP F7.0
-CVE-2009-3946 (Joomla! before 1.5.15 allows remote attackers to read an extension's ...)
+CVE-2009-3946
 	NOT-FOR-US: Joomla!
-CVE-2009-3945 (Unspecified vulnerability in the Front-End Editor in the com_content ...)
+CVE-2009-3945
 	NOT-FOR-US: component in Joomla!
-CVE-2009-3944 (Research In Motion (RIM) BlackBerry Browser on the BlackBerry 8800 ...)
+CVE-2009-3944
 	NOT-FOR-US: BlackBerry Browser on the BlackBerry 8800
-CVE-2009-3943 (Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through ...)
+CVE-2009-3943
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3942 (Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not ...)
+CVE-2009-3942
 	- msmtp <not-affected> (uses GnuTLS and not OpenSSL; bug #557324)
-CVE-2009-3941 (Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not ...)
+CVE-2009-3941
 	- mpop <not-affected> (uses GnuTLS and not OpenSSL; bug #557326)
-CVE-2009-3940 (Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox ...)
+CVE-2009-3940
 	- virtualbox-guest-additions 3.0.10-1
-CVE-2009-3939 (The poll_mode_io file for the megaraid_sas driver in the Linux kernel ...)
+CVE-2009-3939
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-6 (low)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in ...)
+CVE-2009-4004
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not present)
@@ -2971,28 +2971,28 @@ CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in .
 	- kvm 88+dfsg-2 (medium; bug #557736)
 	[lenny] - kvm <not-affected> (vulnerable code not present)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa
-CVE-2009-3937 (Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through ...)
+CVE-2009-3937
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-3936 (Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x ...)
+CVE-2009-3936
 	NOT-FOR-US: Citrix Online Plug-in
-CVE-2009-3935 (Multiple unspecified vulnerabilities in the Advanced Management Module ...)
+CVE-2009-3935
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-3934 (The WebFrameLoaderClient::dispatchDidChangeLocationWithinPage function ...)
+CVE-2009-3934
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-3933 (WebKit before r50173, as used in Google Chrome before 3.0.195.32, ...)
+CVE-2009-3933
 	- webkit <not-affected> (chromium-specific issue in their timer)
 	- qt4-x11 <not-affected> (chromium-specific issue in their timer)
 	- kdelibs <not-affected> (chromium-specific issue in their timer)
 	- kde4libs <not-affected> (chromium-specific issue in their timer)
 	- chromium-browser <not-affected> (Only 0.x is affected)
-CVE-2009-3932 (The Gears plugin in Google Chrome before 3.0.195.32 allows ...)
+CVE-2009-3932
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (gears is only implemented in chromium)
-CVE-2009-3931 (Incomplete blacklist vulnerability in browser/download/download_exe.cc ...)
+CVE-2009-3931
 	- chromium-browser <not-affected> (Only 3.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-3930 (Multiple integer overflows in Christos Zoulas file before 5.02 allow ...)
+CVE-2009-3930
 	- file 5.03-1
 	[lenny] - file <not-affected>
 	[etch] - file <not-affected>
@@ -3009,37 +3009,37 @@ CVE-2009-3925
 CVE-2009-XXXX [eglibc: ldd arbitrary code execution]
 	- eglibc 2.10.1-7 (unimportant; bug #552518)
 	- glibc 2.10.1-7 (unimportant; bug #552518)
-CVE-2009-3924 (Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and ...)
+CVE-2009-3924
 	NOT-FOR-US: Soldier of Fortune
-CVE-2009-3923 (The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop ...)
+CVE-2009-3923
 	NOT-FOR-US: Sun Virtual Desktop Infrastructure
-CVE-2009-3922 (Multiple cross-site request forgery (CSRF) vulnerabilities in the User ...)
+CVE-2009-3922
 	NOT-FOR-US: module for Drupal
-CVE-2009-3921 (The Smartqueue_og module 5.x before 5.x-1.3 and 6.x before ...)
+CVE-2009-3921
 	NOT-FOR-US: module for Drupal
-CVE-2009-3920 (An administration page in the NGP COO/CWP Integration (crmngp) module ...)
+CVE-2009-3920
 	NOT-FOR-US: module for Drupal
-CVE-2009-3919 (Cross-site scripting (XSS) vulnerability in the NGP COO/CWP ...)
+CVE-2009-3919
 	NOT-FOR-US: module for Drupal
-CVE-2009-3918 (Cross-site scripting (XSS) vulnerability in the Zoomify module 5.x ...)
+CVE-2009-3918
 	NOT-FOR-US: module for Drupal
-CVE-2009-3917 (Cross-site scripting (XSS) vulnerability in the S5 Presentation Player ...)
+CVE-2009-3917
 	NOT-FOR-US: module for Drupal
-CVE-2009-3916 (Cross-site scripting (XSS) vulnerability in the Node Hierarchy module ...)
+CVE-2009-3916
 	NOT-FOR-US: module for Drupal
-CVE-2009-3915 (Cross-site scripting (XSS) vulnerability in the &quot;Separate title and ...)
+CVE-2009-3915
 	NOT-FOR-US: module for Drupal
-CVE-2009-3914 (Cross-site scripting (XSS) vulnerability in the Temporary Invitation ...)
+CVE-2009-3914
 	NOT-FOR-US: module for Drupal
-CVE-2009-3913 (SQL injection vulnerability in summary.php in Xerox Fiery Webtools ...)
+CVE-2009-3913
 	NOT-FOR-US: Xerox Fiery Webtools
-CVE-2009-3912 (Directory traversal vulnerability in index.php in TFTgallery 0.13 ...)
+CVE-2009-3912
 	NOT-FOR-US: TFTgallery
-CVE-2009-3911 (Cross-site scripting (XSS) vulnerability in settings.php in TFTgallery ...)
+CVE-2009-3911
 	NOT-FOR-US: TFTgallery
 CVE-2009-3910
 	RESERVED
-CVE-2009-3909 (Integer overflow in the read_channel_data function in ...)
+CVE-2009-3909
 	- gimp 2.6.7-1.1 (medium; bug #556750)
 	NOTE: http://secunia.com/secunia_research/2009-43/
 CVE-2009-3908
@@ -3048,49 +3048,49 @@ CVE-2009-3907
 	REJECTED
 CVE-2009-3906
 	REJECTED
-CVE-2009-3905 (Multiple cross-site scripting (XSS) vulnerabilities in e-Courier CMS ...)
+CVE-2009-3905
 	NOT-FOR-US: e-Courier CMS
-CVE-2009-3904 (classes/session/cc_admin_session.php in CubeCart 4.3.4 does not ...)
+CVE-2009-3904
 	NOT-FOR-US: CubeCart
-CVE-2009-3903 (Multiple cross-site scripting (XSS) vulnerabilities in jspui/index.jsp ...)
+CVE-2009-3903
 	NOT-FOR-US: ManageEngine Netflow Analyzer 7.5 build 7500
-CVE-2009-3902 (Directory traversal vulnerability in Cherokee Web Server 0.5.4 and ...)
+CVE-2009-3902
 	- cherokee <not-affected> (Only windows version is affected)
-CVE-2009-3901 (Multiple cross-site scripting (XSS) vulnerabilities in e-Courier CMS ...)
+CVE-2009-3901
 	NOT-FOR-US: e-Courier CMS
-CVE-2009-3900 (Unspecified vulnerability in the Cluster Management component in IBM ...)
+CVE-2009-3900
 	NOT-FOR-US: IBM PowerHA
-CVE-2009-3899 (Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris ...)
+CVE-2009-3899
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3896 (src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through ...)
+CVE-2009-3896
 	{DSA-1920-1}
 	- nginx 0.7.62-1
-CVE-2009-3895 (Heap-based buffer overflow in the exif_entry_fix function (aka the tag ...)
+CVE-2009-3895
 	- libexif 0.6.19-1 (medium; bug #557137)
 	[lenny] - libexif <not-affected> (Only 0.6.18 is affected)
 	[etch] - libexif <not-affected> (Only 0.6.18 is affected)
-CVE-2009-3894 (Multiple untrusted search path vulnerabilities in dstat before 0.7.0 ...)
+CVE-2009-3894
 	- dstat 0.7.0-1 (low; bug #557989)
 	[lenny] - dstat <no-dsa> (Minor issue)
 	[etch] - dstat <no-dsa> (Minor issue)
 	NOTE: http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
 CVE-2009-3893
 	RESERVED
-CVE-2009-3891 (Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in ...)
+CVE-2009-3891
 	- wordpress 2.8.6-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	[lenny] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2009-3890 (Unrestricted file upload vulnerability in the wp_check_filetype ...)
+CVE-2009-3890
 	- wordpress 2.8.6-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	[lenny] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2009-3889 (The dbg_lvl file for the megaraid_sas driver in the Linux kernel ...)
+CVE-2009-3889
 	{DSA-2005-1}
 	- linux-2.6 2.6.27-1 (low)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3888 (The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before ...)
+CVE-2009-3888
 	- linux-2.6 <not-affected> (Vulnerable code not built)
 	- linux-2.6.24 <not-affected> (Vulnerable code not built)
 CVE-2009-3887 [ytnef path traversal]
@@ -3099,225 +3099,225 @@ CVE-2009-3887 [ytnef path traversal]
 	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
-CVE-2009-3886 (The Java Web Start implementation in Sun Java SE 6 before Update 17 ...)
+CVE-2009-3886
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3885 (Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows ...)
+CVE-2009-3885
 	- openjdk-6 <not-affected> (a problem in code that is unused on non-windows platforms)
 	- sun-java6 <not-affected> (a problem in code that is unused on non-windows platforms)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=530114
-CVE-2009-3884 (The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 ...)
+CVE-2009-3884
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3883 (Multiple unspecified vulnerabilities in the Windows Pluggable Look and ...)
+CVE-2009-3883
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3882 (Multiple unspecified vulnerabilities in the Swing implementation in ...)
+CVE-2009-3882
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3881 (Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, ...)
+CVE-2009-3881
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3880 (The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in ...)
+CVE-2009-3880
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3879 (Multiple unspecified vulnerabilities in the (1) X11 and (2) ...)
+CVE-2009-3879
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3878 (Buffer overflow in Sun Java System Web Server 7.0 Update 6 has ...)
+CVE-2009-3878
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2009-3877 (Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before ...)
+CVE-2009-3877
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3876 (Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before ...)
+CVE-2009-3876
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3875 (The MessageDigest.isEqual function in Java Runtime Environment (JRE) ...)
+CVE-2009-3875
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3874 (Integer overflow in the JPEGImageReader implementation in the ImageI/O ...)
+CVE-2009-3874
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3873 (The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update ...)
+CVE-2009-3873
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3872 (Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in ...)
+CVE-2009-3872
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3871 (Heap-based buffer overflow in the setBytePixels function in the ...)
+CVE-2009-3871
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3869 (Stack-based buffer overflow in the setDiffICM function in the Abstract ...)
+CVE-2009-3869
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3868 (Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before ...)
+CVE-2009-3868
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3867 (Stack-based buffer overflow in the HsbParser.getSoundBank function in ...)
+CVE-2009-3867
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3866 (The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before ...)
+CVE-2009-3866
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3865 (The launch method in the Deployment Toolkit plugin in Java Runtime ...)
+CVE-2009-3865
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3864 (The Java Update functionality in Java Runtime Environment (JRE) in Sun ...)
+CVE-2009-3864
 	- openjdk-6 6b17 (unimportant)
 	- sun-java6 6-17-1 (unimportant)
 	NOTE: a problem in their updater, which is irrelevant since debian
 	NOTE: updates are provided by the security team
-CVE-2009-3863 (Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise ...)
+CVE-2009-3863
 	NOT-FOR-US: ActiveX
-CVE-2009-3862 (The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and ...)
+CVE-2009-3862
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-3861 (Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and ...)
+CVE-2009-3861
 	NOT-FOR-US: SafeNet SoftRemote
-CVE-2009-3860 (Multiple insecure method vulnerabilities in Idefense Labs COMRaider ...)
+CVE-2009-3860
 	NOT-FOR-US: Idefense Labs COMRaider
-CVE-2009-3859 (Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in ...)
+CVE-2009-3859
 	NOT-FOR-US: Retina Network Security Scanner
-CVE-2009-3858 (Cross-site scripting (XSS) vulnerability in GejoSoft allows remote ...)
+CVE-2009-3858
 	NOT-FOR-US: GejoSoft
-CVE-2009-3857 (Buffer overflow in Softonic International SciTE 1.72 allows ...)
+CVE-2009-3857
 	NOT-FOR-US: Softonic International SciTE
-CVE-2009-3856 (Cross-site scripting (XSS) vulnerability in the default URI in news/ ...)
+CVE-2009-3856
 	NOT-FOR-US: Twilight CMS
-CVE-2009-3855 (Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux ...)
+CVE-2009-3855
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-3854 (Buffer overflow in the traditional client scheduler in the client in ...)
+CVE-2009-3854
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-3853 (Stack-based buffer overflow in the client acceptor daemon (CAD) ...)
+CVE-2009-3853
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-3852 (Unspecified vulnerability in the XML component in IBM Runtimes for ...)
+CVE-2009-3852
 	NOT-FOR-US: IBM Runtimes for Java Technology 5.0.0
-CVE-2009-3851 (Trusted Extensions in Sun Solaris 10 interferes with the operation of ...)
+CVE-2009-3851
 	NOT-FOR-US: Sun Solaris 10
-CVE-2009-3850 (Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to ...)
+CVE-2009-3850
 	- blender <unfixed> (unimportant)
 	NOTE: attack vector is social engineering to get the user to open
 	NOTE: a malicious .blend file. by design, blend files support
 	NOTE: all python operations, so ultimately any code can be executed
-CVE-2009-3849 (Multiple stack-based buffer overflows in HP OpenView Network Node ...)
+CVE-2009-3849
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3848 (Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network ...)
+CVE-2009-3848
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3847 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2009-3847
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3846 (Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView ...)
+CVE-2009-3846
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3845 (The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2009-3845
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3844 (Stack-based buffer overflow in the OmniInet process in HP OpenView ...)
+CVE-2009-3844
 	NOT-FOR-US: HP OpenView Data Protector Application
-CVE-2009-3843 (HP Operations Manager 8.10 on Windows contains a &quot;hidden account&quot; in ...)
+CVE-2009-3843
 	NOT-FOR-US: HP Operations Manager
-CVE-2009-3842 (Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction ...)
+CVE-2009-3842
 	NOT-FOR-US: HP Color LaserJet
-CVE-2009-3841 (Unspecified vulnerability in HP Discovery &amp; Dependency Mapping ...)
+CVE-2009-3841
 	NOT-FOR-US: HP Discovery & Dependency Mapping
-CVE-2009-3840 (The embedded database engine service (aka ovdbrun.exe) in HP OpenView ...)
+CVE-2009-3840
 	NOT-FOR-US: HP OpenView
-CVE-2009-3839 (Unspecified vulnerability in the Solaris Trusted Extensions Policy ...)
+CVE-2009-3839
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3838 (Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly ...)
+CVE-2009-3838
 	NOT-FOR-US: Pegasus Mail
-CVE-2009-3837 (Stack-based buffer overflow in Eureka Email 2.2q allows remote POP3 ...)
+CVE-2009-3837
 	NOT-FOR-US: Eureka Email
-CVE-2009-3836 (ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the ...)
+CVE-2009-3836
 	NOT-FOR-US: ArubaOS
-CVE-2009-3835 (SQL injection vulnerability in the JShop (com_jshop) component for ...)
+CVE-2009-3835
 	NOT-FOR-US: Joomla!
-CVE-2009-3834 (SQL injection vulnerability in the Photoblog (com_photoblog) component ...)
+CVE-2009-3834
 	NOT-FOR-US: Joomla!
-CVE-2009-3833 (Cross-site scripting (XSS) vulnerability in index.php in TFTgallery ...)
+CVE-2009-3833
 	NOT-FOR-US: TFTgallery
-CVE-2009-3832 (Opera before 10.01 on Windows does not prevent use of Web fonts in ...)
+CVE-2009-3832
 	NOT-FOR-US: Opera
-CVE-2009-3831 (Opera before 10.01 allows remote attackers to execute arbitrary code ...)
+CVE-2009-3831
 	NOT-FOR-US: Opera
-CVE-2009-3830 (The download functionality in Team Services in Microsoft Office ...)
+CVE-2009-3830
 	NOT-FOR-US: Microsoft
-CVE-2009-3829 (Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows ...)
+CVE-2009-3829
 	{DSA-1942-1}
 	- wireshark 1.2.2-1 (bug #553583)
-CVE-2009-3828 (The web interface for Everfocus EDR1600 DVR allows remote attackers to ...)
+CVE-2009-3828
 	NOT-FOR-US: Everfocus EDR1600 DVR
 CVE-2009-3827
 	RESERVED
-CVE-2009-3826 (Multiple buffer overflows in squidGuard 1.4 allow remote attackers to ...)
+CVE-2009-3826
 	{DSA-2040-1}
 	- squidguard 1.2.0-9 (low; bug #553319)
-CVE-2009-3825 (Multiple directory traversal vulnerabilities in GenCMS 2006 allow ...)
+CVE-2009-3825
 	NOT-FOR-US: GenCMS
-CVE-2009-3824 (Directory traversal vulnerability in include/processor.php in ...)
+CVE-2009-3824
 	NOT-FOR-US: Greenwood PHP Content Manager
-CVE-2009-3823 (Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, ...)
+CVE-2009-3823
 	NOT-FOR-US: Mobilelib GOLD
-CVE-2009-3822 (PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat ...)
+CVE-2009-3822
 	NOT-FOR-US: com_ajaxchat component for Joomla
-CVE-2009-3821 (Cross-site scripting (XSS) vulnerability in the Apache Solr Search ...)
+CVE-2009-3821
 	NOT-FOR-US: Apache Solr Search extension for TYPO3
-CVE-2009-3820 (SQL injection vulnerability in the Flagbit Filebase (fb_filebase) ...)
+CVE-2009-3820
 	NOT-FOR-US: Flagbit Filebase extension for TYPO3
-CVE-2009-3819 (Unspecified vulnerability in the Random Images (maag_randomimage) ...)
+CVE-2009-3819
 	NOT-FOR-US: Random Images extension for TYPO3
-CVE-2009-3818 (Unspecified vulnerability in the session handling feature in freeCap ...)
+CVE-2009-3818
 	NOT-FOR-US: freeCap CAPTCHA for TYPO3
-CVE-2009-3817 (PHP remote file inclusion vulnerability in doc/releasenote.php in the ...)
+CVE-2009-3817
 	NOT-FOR-US: com_booklibrary component for Joomla!
-CVE-2009-3816 (Multiple cross-site scripting (XSS) vulnerabilities in Activities ...)
+CVE-2009-3816
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2009-3815 (RunCMS 2M1, when running with certain error_reporting levels, allows ...)
+CVE-2009-3815
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3814 (Static code injection vulnerability in RunCMS 2M1 allows remote ...)
+CVE-2009-3814
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3813 (Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote ...)
+CVE-2009-3813
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3812 (Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio ...)
+CVE-2009-3812
 	NOT-FOR-US: OtsAV products
-CVE-2009-3811 (Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows ...)
+CVE-2009-3811
 	NOT-FOR-US: Music Tag Editor
-CVE-2009-3810 (Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471 allows ...)
+CVE-2009-3810
 	NOT-FOR-US: Acoustica MP3 Audio Mixer
-CVE-2009-3809 (Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote ...)
+CVE-2009-3809
 	NOT-FOR-US: Acoustica MP3 Audio Mixer
-CVE-2009-3808 (MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a denial ...)
+CVE-2009-3808
 	NOT-FOR-US: MixSense DJ Studio
-CVE-2009-3807 (Stack-based buffer overflow in MixVibes 7.043 Pro allows remote ...)
+CVE-2009-3807
 	NOT-FOR-US: MixVibes
-CVE-2009-3806 (SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows ...)
+CVE-2009-3806
 	NOT-FOR-US: DedeCMS
-CVE-2009-3805 (gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows ...)
+CVE-2009-3805
 	NOT-FOR-US: Gpg4win
 	NOTE: looks like an issue in gpg2 for windows (gpg4win.org), not specific
 	NOTE: to kleopatra
-CVE-2009-3804 (Multiple SQL injection vulnerabilities in modules/forum/post.php in ...)
+CVE-2009-3804
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3803 (Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS ...)
+CVE-2009-3803
 	NOT-FOR-US: Amiro.CMS
-CVE-2009-3802 (Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain ...)
+CVE-2009-3802
 	NOT-FOR-US: Amiro.CMS
-CVE-2009-3801 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows ...)
+CVE-2009-3801
 	NOT-FOR-US: OpenDocMan
 CVE-2009-XXXX [multiple missing input sanity checks in KDE]
 	- kdelibs 4:3.5.10.dfsg.1-3 (low)
@@ -3330,51 +3330,51 @@ CVE-2009-XXXX [multiple missing input sanity checks in KDE]
 	NOTE: advisory mentions kmail and ark (from kdepim and kdeutils, respectively)
 	NOTE: but the "fixes" linked from the advisory only change code in kdelibs
 	NOTE: more info at oss-sec threads
-CVE-2009-3800 (Multiple unspecified vulnerabilities in Adobe Flash Player before ...)
+CVE-2009-3800
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3799 (Integer overflow in the Verifier::parseExceptionHandlers function in ...)
+CVE-2009-3799
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3798 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might ...)
+CVE-2009-3798
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3797 (Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 ...)
+CVE-2009-3797
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3796 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might ...)
+CVE-2009-3796
 	NOT-FOR-US: Adobe Flash Player
 CVE-2009-3795
 	REJECTED
-CVE-2009-3794 (Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and ...)
+CVE-2009-3794
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3793 (Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and ...)
+CVE-2009-3793
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3792 (Directory traversal vulnerability in Adobe Flash Media Server (FMS) ...)
+CVE-2009-3792
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2009-3791 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before ...)
+CVE-2009-3791
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2009-3790 (Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation ...)
+CVE-2009-3790
 	NOT-FOR-US: FormMax
-CVE-2009-3789 (Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan ...)
+CVE-2009-3789
 	NOT-FOR-US: OpenDocMan
-CVE-2009-3788 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows ...)
+CVE-2009-3788
 	NOT-FOR-US: OpenDocMan
-CVE-2009-3787 (files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct ...)
+CVE-2009-3787
 	NOT-FOR-US: Vivvo CMS
-CVE-2009-3786 (Cross-site scripting (XSS) vulnerability in Organic Groups (OG) ...)
+CVE-2009-3786
 	NOT-FOR-US: module for Drupal
-CVE-2009-3785 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-3785
 	NOT-FOR-US: module for Drupal
-CVE-2009-3784 (Open redirect vulnerability in Simplenews Statistics 6.x before ...)
+CVE-2009-3784
 	NOT-FOR-US: module for Drupal
-CVE-2009-3783 (Cross-site scripting (XSS) vulnerability in Simplenews Statistics 6.x ...)
+CVE-2009-3783
 	NOT-FOR-US: module for Drupal
-CVE-2009-3782 (Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module ...)
+CVE-2009-3782
 	NOT-FOR-US: module for Drupal
-CVE-2009-3781 (The filefield_file_download function in FileField 6.x-3.1, a module ...)
+CVE-2009-3781
 	NOT-FOR-US: module for Drupal
-CVE-2009-3780 (Cross-site scripting (XSS) vulnerability in Abuse 5.x before 5.x-2.1 ...)
+CVE-2009-3780
 	NOT-FOR-US: module for Drupal
-CVE-2009-3779 (Cross-site scripting (XSS) vulnerability in vCard 5.x before 5.x-1.4 ...)
+CVE-2009-3779
 	NOT-FOR-US: module for Drupal
-CVE-2009-3778 (SQL injection vulnerability in Moodle Course List 6.x before 6.x-1.2, ...)
+CVE-2009-3778
 	NOT-FOR-US: module for Drupal
 CVE-2009-5045 [multiple vulnerabilities in jetty]
 	RESERVED
@@ -3425,73 +3425,73 @@ CVE-2009-3769
 	RESERVED
 CVE-2009-3768
 	RESERVED
-CVE-2009-3767 (libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other ...)
+CVE-2009-3767
 	{DSA-1943-1}
 	- openldap 2.4.17-2.1 (low; bug #553432)
 	- openldap2.3 <removed>
-CVE-2009-3766 (mutt_ssl.c in mutt 1.5.16 and other versions before 1.5.19, when ...)
+CVE-2009-3766
 	- mutt <not-affected> (uses GnuTLS and not OpenSSL)
 	NOTE: our mutt is linked against gnutls, bug #553433
-CVE-2009-3765 (mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not ...)
+CVE-2009-3765
 	- mutt <not-affected> (uses GnuTLS and not OpenSSL)
 	NOTE: our mutt is linked against gnutls
-CVE-2009-3764 (Unspecified vulnerability in the OpenSSO component in Oracle OpenSSO ...)
+CVE-2009-3764
 	NOT-FOR-US: Oracle OpenSSO
-CVE-2009-3763 (Unspecified vulnerability in the Access Manager / OpenSSO component in ...)
+CVE-2009-3763
 	NOT-FOR-US: Oracle OpenSSO
-CVE-2009-3762 (Unspecified vulnerability in Oracle OpenSSO Enterprise 8.0 allows ...)
+CVE-2009-3762
 	NOT-FOR-US: Oracle OpenSSO
 CVE-2009-3761
 	RESERVED
-CVE-2009-3760 (Static code injection vulnerability in config/writeconfig.php in the ...)
+CVE-2009-3760
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3759 (Multiple cross-site request forgery (CSRF) vulnerabilities in sample ...)
+CVE-2009-3759
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3758 (SQL injection vulnerability in login.php in sample code in the ...)
+CVE-2009-3758
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3757 (Multiple cross-site scripting (XSS) vulnerabilities in sample code in ...)
+CVE-2009-3757
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3756 (phpBMS 0.96 allows remote attackers to obtain sensitive information ...)
+CVE-2009-3756
 	NOT-FOR-US: phpBMS
-CVE-2009-3755 (Multiple cross-site scripting (XSS) vulnerabilities in phpBMS 0.96 ...)
+CVE-2009-3755
 	NOT-FOR-US: phpBMS
-CVE-2009-3754 (Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote ...)
+CVE-2009-3754
 	NOT-FOR-US: phpBMS
-CVE-2009-3753 (Unrestricted file upload vulnerability in Opial 1.0 allows remote ...)
+CVE-2009-3753
 	NOT-FOR-US: Opial
-CVE-2009-3752 (SQL injection vulnerability in home.php in Opial 1.0 allows remote ...)
+CVE-2009-3752
 	NOT-FOR-US: Opial
-CVE-2009-3751 (Cross-site scripting (XSS) vulnerability in home.php in Opial 1.0 ...)
+CVE-2009-3751
 	NOT-FOR-US: Opial
-CVE-2009-3750 (SQL injection vulnerability in read.php in ToyLog 0.1 allows remote ...)
+CVE-2009-3750
 	NOT-FOR-US: ToyLog
-CVE-2009-3749 (The Web Administrator service (STEMWADM.EXE) in Websense Personal ...)
+CVE-2009-3749
 	NOT-FOR-US: Websense Personal Email Manager
-CVE-2009-3748 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ...)
+CVE-2009-3748
 	NOT-FOR-US: Websense Personal Email Manager
-CVE-2009-3747 (Cross-site scripting (XSS) vulnerability in index.php in TBmnetCMS 1.0 ...)
+CVE-2009-3747
 	NOT-FOR-US: TBmnetCMS
-CVE-2009-3746 (XScreenSaver in Sun Solaris 10, when the accessibility feature is ...)
+CVE-2009-3746
 	NOT-FOR-US: XScreenSaver in Sun Solaris 10
-CVE-2009-3745 (Cross-site scripting (XSS) vulnerability in the help pages in IBM ...)
+CVE-2009-3745
 	NOT-FOR-US: IBM Rational AppScan Enterprise Edition
-CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote ...)
+CVE-2009-3744
 	NOT-FOR-US: EMC RepliStor
-CVE-2009-3743 (Off-by-one error in the Ins_MINDEX function in the TrueType bytecode ...)
+CVE-2009-3743
 	- ghostscript 8.71~dfsg-1
-CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...)
+CVE-2009-3742
 	- liferay-portal <itp> (bug #569819)
 CVE-2009-3741
 	REJECTED
 CVE-2009-3740
 	RESERVED
-CVE-2009-3739 (Multiple unspecified vulnerabilities on the Rockwell Automation AB ...)
+CVE-2009-3739
 	NOT-FOR-US: Micrologix
 CVE-2009-3738
 	RESERVED
-CVE-2009-3737 (The Oracle Siebel Option Pack for IE ActiveX control does not properly ...)
+CVE-2009-3737
 	NOT-FOR-US: Oracle Siebel Option Pack
-CVE-2009-3736 (ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as ...)
+CVE-2009-3736
 	{DSA-1958-1}
 	- libtool 2.2.6b-1 (low; bug #559797)
 	- arts <not-affected> (Uses absolute path to the sound backend)
@@ -3591,39 +3591,39 @@ CVE-2009-3736 (ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
 	NOTE: might've been fixed earlier
 	- graphviz 2.26.3-14 (low; bug #702436)
 	[squeeze] - graphviz 2.26.3-5+squeeze1
-CVE-2009-3735 (The ActiveScan Installer ActiveX control in as2stubie.dll before ...)
+CVE-2009-3735
 	NOT-FOR-US: ActiveScan Installer ActiveX control
-CVE-2009-3734 (Unspecified vulnerability in the management console in the S2 Security ...)
+CVE-2009-3734
 	NOT-FOR-US: S2 Security Linear eMerge Access Control System
 CVE-2009-XXXX [mandos 0600 file being included in initrd]
 	- mandos 1.0.13-1 (bug #551907)
-CVE-2009-3733 (Directory traversal vulnerability in VMware Server 1.x before 1.0.10 ...)
+CVE-2009-3733
 	- vmware-package <removed>
-CVE-2009-3732 (Format string vulnerability in vmware-vmrc.exe build 158248 in VMware ...)
+CVE-2009-3732
 	NOT-FOR-US: VMware
-CVE-2009-3731 (Multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help ...)
+CVE-2009-3731
 	NOT-FOR-US: WebWorks Help
-CVE-2009-3730 (Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help ...)
+CVE-2009-3730
 	NOT-FOR-US: ReqWeb
-CVE-2009-3729 (Unspecified vulnerability in the TrueType font parsing functionality ...)
+CVE-2009-3729
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3728 (Directory traversal vulnerability in the ICC_Profile.getInstance ...)
+CVE-2009-3728
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3727 (Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, ...)
+CVE-2009-3727
 	{DSA-1952-1}
 	- asterisk 1:1.6.2.0~rc6-1
 	[lenny] - asterisk <no-dsa> (Minor issue)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3726 (The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client ...)
+CVE-2009-3726
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-3725 (The connector layer in the Linux kernel before 2.6.31.5 does not ...)
+CVE-2009-3725
 	{DSA-2012-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -3637,7 +3637,7 @@ CVE-2009-3723 [Unauthorized calls allowed on prohibited networks in asterisk]
 	[lenny] - asterisk <not-affected>
 	- asterisk 1:1.6.2.0~rc3-2 (medium; bug #552756)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2009-007.html
-CVE-2009-3722 (The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in ...)
+CVE-2009-3722
 	{DSA-1962-1}
 	[etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
 	[lenny] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
@@ -3651,7 +3651,7 @@ CVE-2009-3721 [ytnef buffer overflow]
 	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
-CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...)
+CVE-2009-3720
 	{DSA-1977-1 DSA-1921-1}
 	- expat 2.0.1-5 (low; bug #551936)
 	- mcabber 0.10.0-1 (low; bug #601053)
@@ -3708,72 +3708,72 @@ CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in E
 	- vnc4 <not-affected> (Not affected, see bug #560949)
 	- xotcl 1.6.5-1.2 (low; bug #560950)
 	[lenny] - xotcl <no-dsa> (minor issue)
-CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...)
+CVE-2009-3719
 	NOT-FOR-US: Battle Blog
-CVE-2009-3718 (SQL injection vulnerability in admin/authenticate.asp in Battle Blog ...)
+CVE-2009-3718
 	NOT-FOR-US: Battle Blog
-CVE-2009-3717 (Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote ...)
+CVE-2009-3717
 	NOT-FOR-US: LucVil PatPlayer
-CVE-2009-3716 (Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 ...)
+CVE-2009-3716
 	NOT-FOR-US: MCshoutbox
-CVE-2009-3715 (Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox ...)
+CVE-2009-3715
 	NOT-FOR-US: MCshoutbox
-CVE-2009-3714 (Cross-site scripting (XSS) vulnerability in admin_login.php in ...)
+CVE-2009-3714
 	NOT-FOR-US: MCshoutbox
-CVE-2009-3713 (SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and ...)
+CVE-2009-3713
 	NOT-FOR-US: MorcegoCMS
-CVE-2009-3712 (Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote ...)
+CVE-2009-3712
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-3711 (Stack-based buffer overflow in the h_handlepeer function in http.cpp ...)
+CVE-2009-3711
 	NOT-FOR-US: httpdx
-CVE-2009-3710 (RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username ...)
+CVE-2009-3710
 	NOT-FOR-US: RioRey RIOS
-CVE-2009-3709 (Stack-based buffer overflow in the Meta Content Optimizer in Konae ...)
+CVE-2009-3709
 	NOT-FOR-US: Konae Technologies Alleycode HTML Editor
-CVE-2009-3708 (Stack-based buffer overflow in the Meta Content Optimizer in Konae ...)
+CVE-2009-3708
 	NOT-FOR-US: Konae Technologies Alleycode HTML Editor
-CVE-2009-3707 (VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware ...)
+CVE-2009-3707
 	NOT-FOR-US: VMware
-CVE-2009-3706 (Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and ...)
+CVE-2009-3706
 	NOT-FOR-US: ZFS filesystem in Sun Solaris
-CVE-2009-3705 (PHP remote file inclusion vulnerability in debugger.php in Achievo ...)
+CVE-2009-3705
 	NOT-FOR-US: Achievo
-CVE-2009-3704 (ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, ...)
+CVE-2009-3704
 	NOT-FOR-US: ZoIPer
-CVE-2009-3703 (Multiple SQL injection vulnerabilities in the WP-Forum plugin before ...)
+CVE-2009-3703
 	NOT-FOR-US: WordPress plugin
-CVE-2009-3702 (Multiple absolute path traversal vulnerabilities in PHP-Calendar 1.1 ...)
+CVE-2009-3702
 	NOT-FOR-US: PHP-Calendar
-CVE-2009-3701 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2009-3701
 	{DSA-1966-1}
 	- horde3 3.3.6+debian0-1 (low)
 	NOTE: In order to successfully exploit this vulnerability the targeted user has to be logged as an administrator.
-CVE-2009-3700 (Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote ...)
+CVE-2009-3700
 	{DSA-2040-1}
 	- squidguard 1.2.0-9 (low; bug #553319)
-CVE-2009-3699 (Stack-based buffer overflow in libcsa.a (aka the calendar daemon ...)
+CVE-2009-3699
 	NOT-FOR-US: IBM AIX
-CVE-2009-3698 (An unspecified function in the Dalvik API in Android 1.5 and earlier ...)
+CVE-2009-3698
 	NOT-FOR-US: Dalvik API in Android
-CVE-2009-3697 (SQL injection vulnerability in the PDF schema generator functionality ...)
+CVE-2009-3697
 	{DSA-1918-1}
 	- phpmyadmin 4:3.2.2.1-1
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-3696 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before ...)
+CVE-2009-3696
 	{DSA-1918-1}
 	- phpmyadmin 4:3.2.2.1-1
 CVE-2009-3610
 	REJECTED
-CVE-2009-3695 (Algorithmic complexity vulnerability in the forms library in Django ...)
+CVE-2009-3695
 	{DSA-1905-1}
 	- python-django 1.1.1-1 (medium; bug #550457)
 	[etch] - python-django <not-affected> (introduced in 1.0)
 	[lenny] - python-django 1.0.2-1+lenny2
-CVE-2009-3694 (Directory traversal vulnerability in config/config.php in ezRecipe-Zee ...)
+CVE-2009-3694
 	NOT-FOR-US: ezRecipe-Zee 91
-CVE-2009-3693 (Directory traversal vulnerability in the Persits.XUpload.2 ActiveX ...)
+CVE-2009-3693
 	NOT-FOR-US: Persits.XUpload.2 ActiveX
-CVE-2009-3691 (Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM ...)
+CVE-2009-3691
 	NOT-FOR-US: IBM Informix Client SDK
 CVE-2009-3690
 	RESERVED
@@ -3799,181 +3799,181 @@ CVE-2009-3680
 	REJECTED
 CVE-2009-3679
 	REJECTED
-CVE-2009-3678 (Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in ...)
+CVE-2009-3678
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-3677 (The Internet Authentication Service (IAS) in Microsoft Windows 2000 ...)
+CVE-2009-3677
 	NOT-FOR-US: Microsoft Internet Authentication Service
-CVE-2009-3676 (The SMB client in the kernel in Microsoft Windows Server 2008 R2 and ...)
+CVE-2009-3676
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2009-3675 (LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in ...)
+CVE-2009-3675
 	NOT-FOR-US: Microsoft Local Security Authority Subsystem Service
-CVE-2009-3674 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2009-3674
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3673 (Microsoft Internet Explorer 7 and 8 does not properly handle objects ...)
+CVE-2009-3673
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3672 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
+CVE-2009-3672
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3671 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2009-3671
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3670 (Stack-based buffer overflow in KSP Sound Player 2009 R2 and R2.1 ...)
+CVE-2009-3670
 	NOT-FOR-US: KSP Sound Player
-CVE-2009-3669 (SQL injection vulnerability in the foobla Suggestions ...)
+CVE-2009-3669
 	NOT-FOR-US: Joomla! component
-CVE-2009-3668 (Cross-site scripting (XSS) vulnerability in ardguest.php in Ardguest ...)
+CVE-2009-3668
 	NOT-FOR-US: Ardguest 1.8
-CVE-2009-3667 (SQL injection vulnerability in admin/index.php in AdsDX 3.05 allows ...)
+CVE-2009-3667
 	NOT-FOR-US: AdsDX
-CVE-2009-3666 (Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog ...)
+CVE-2009-3666
 	NOT-FOR-US: Nullam Blog
-CVE-2009-3665 (Multiple SQL injection vulnerabilities in index.php in Nullam Blog ...)
+CVE-2009-3665
 	NOT-FOR-US: Nullam Blog
-CVE-2009-3664 (Multiple directory traversal vulnerabilities in index.php in Nullam ...)
+CVE-2009-3664
 	NOT-FOR-US: Nullam Blog
-CVE-2009-3663 (Format string vulnerability in the h_readrequest function in http.c in ...)
+CVE-2009-3663
 	NOT-FOR-US: httpdx
-CVE-2009-3662 (FileCopa FTP Server 5.01 allows remote attackers to cause a denial of ...)
+CVE-2009-3662
 	NOT-FOR-US: FileCopa FTP Server
-CVE-2009-3661 (Multiple SQL injection vulnerabilities in the DJ-Catalog ...)
+CVE-2009-3661
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3660 (PHP remote file inclusion vulnerability in libraries/database.php in ...)
+CVE-2009-3660
 	NOT-FOR-US: Efront
-CVE-2009-3659 (SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 ...)
+CVE-2009-3659
 	NOT-FOR-US: BS Counter
-CVE-2009-3658 (Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control ...)
+CVE-2009-3658
 	NOT-FOR-US: Sb.SuperBuddy.1 ActiveX
-CVE-2009-3657 (Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module ...)
+CVE-2009-3657
 	NOT-FOR-US: module for Drupal
-CVE-2009-3656 (Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x ...)
+CVE-2009-3656
 	NOT-FOR-US: module for Drupal
-CVE-2009-3655 (Rhino Software Serv-U 7.0.0.1 through 8.2.0.3 allows remote attackers ...)
+CVE-2009-3655
 	NOT-FOR-US: Rhino Software Serv-U
-CVE-2009-3654 (Unspecified vulnerability in Boost before 6.x-1.03, a module for ...)
+CVE-2009-3654
 	NOT-FOR-US: module for Drupal
-CVE-2009-3653 (Cross-site scripting (XSS) vulnerability in the additional links ...)
+CVE-2009-3653
 	NOT-FOR-US: module for Drupal
-CVE-2009-3652 (Cross-site scripting (XSS) vulnerability in Organic Groups (OG) ...)
+CVE-2009-3652
 	NOT-FOR-US: module for Drupal
-CVE-2009-3651 (Cross-site scripting (XSS) vulnerability in the &quot;Monitor browsers' ...)
+CVE-2009-3651
 	NOT-FOR-US: module for Drupal
-CVE-2009-3650 (Cross-site scripting (XSS) vulnerability in Dex 5.x-1.0 and earlier ...)
+CVE-2009-3650
 	NOT-FOR-US: module for Drupal
-CVE-2009-3649 (Cross-site scripting (XSS) vulnerability in forums/index.php in Power ...)
+CVE-2009-3649
 	NOT-FOR-US: PBBoard
-CVE-2009-3648 (Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a ...)
+CVE-2009-3648
 	NOT-FOR-US: module for Drupal
-CVE-2009-3647 (Cross-site scripting (XSS) vulnerability in emaullinks.php in YABSoft ...)
+CVE-2009-3647
 	NOT-FOR-US: YABSoft Mega File Hosting Script (aka MFH or MFHS)
-CVE-2009-3646 (InterVations NaviCOPA Web Server 3.01 allows remote attackers to ...)
+CVE-2009-3646
 	NOT-FOR-US: NaviCOPA Web Server
-CVE-2009-3645 (SQL injection vulnerability in the JoomlaCache CB Resume Builder ...)
+CVE-2009-3645
 	NOT-FOR-US: JoomlaCache
-CVE-2009-3644 (SQL injection vulnerability in the Soundset (com_soundset) component ...)
+CVE-2009-3644
 	NOT-FOR-US: Joomla component
-CVE-2009-3643 (Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote attackers to ...)
+CVE-2009-3643
 	NOT-FOR-US: Dxmsoft XM Easy Personal FTP Server
-CVE-2009-3642 (Multiple SQL injection vulnerabilities in the Call Logging feature in ...)
+CVE-2009-3642
 	NOT-FOR-US: FrontRange HEAT
-CVE-2009-3641 (Snort before 2.8.5.1, when the -v option is enabled, allows remote ...)
+CVE-2009-3641
 	- snort 2.8.5.2-1 (unimportant; bug #553584)
 	NOTE: current debian packages are not compiled with support for ipv6
-CVE-2009-3640 (The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM ...)
+CVE-2009-3640
 	- linux-2.6 2.6.31-1 (medium)
 	[lenny] - linux-2.6 <not-affected> (introduced post 2.6.27)
 	[etch] - linux-2.6 <not-affected> (introduced post 2.6.27)
 	- linux-2.6.24 <not-affected> (introduced post 2.6.27)
 	- kvm 88+dfsg-2 (medium; bug #557737)
 	[lenny] - kvm <not-affected> (Vulnerable code not present)
-CVE-2009-3639 (The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before ...)
+CVE-2009-3639
 	{DSA-1925-1}
 	- proftpd-dfsg 1.3.2a-2 (low)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=3275
-CVE-2009-3638 (Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in ...)
+CVE-2009-3638
 	{DSA-1962-1 DSA-1927-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.25)
 	NOTE: fixed in upstream 2.6.32-rc4
 	- linux-2.6.24 <not-affected> (introduced in 2.6.25)
 	- kvm <removed> (medium; bug #562076)
-CVE-2009-3637 (Stack-based buffer overflow in the M_AddToServerList function in ...)
+CVE-2009-3637
 	- alien-arena 7.33-1 (medium; bug #552038)
 	[lenny] - alien-arena 7.0-1+lenny1
-CVE-2009-3636 (Cross-site scripting (XSS) vulnerability in the Install Tool ...)
+CVE-2009-3636
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3635 (The Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x ...)
+CVE-2009-3635
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3634 (Cross-site scripting (XSS) vulnerability in the Frontend Login Box ...)
+CVE-2009-3634
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3633 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2009-3633
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3632 (SQL injection vulnerability in the traditional frontend editing ...)
+CVE-2009-3632
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3631 (The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before ...)
+CVE-2009-3631
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3630 (The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before ...)
+CVE-2009-3630
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3629 (Multiple cross-site scripting (XSS) vulnerabilities in the Backend ...)
+CVE-2009-3629
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3628 (The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before ...)
+CVE-2009-3628
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3627 (The decode_entities function in util.c in HTML-Parser before 3.63 ...)
+CVE-2009-3627
 	{DSA-1923-1}
 	- libhtml-parser-perl 3.64-1 (bug #552531)
 	NOTE: http://secunia.com/advisories/37155/
-CVE-2009-3626 (Perl 5.10.1 allows context-dependent attackers to cause a denial of ...)
+CVE-2009-3626
 	- perl 5.10.1-6 (bug #552291)
 	[lenny] - perl <not-affected> (Vulnerable code not present)
 	[etch] - perl <not-affected> (Vulnerable code not present)
-CVE-2009-3625 (Directory traversal vulnerability in www/index.php in Sahana 0.6.2.2 ...)
+CVE-2009-3625
 	- sahana <itp> (bug #497414)
-CVE-2009-3624 (The get_instantiation_keyring function in security/keys/keyctl.c in ...)
+CVE-2009-3624
 	- linux-2.6 2.6.31-2 (low)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
 	NOTE: fixed upstream in 2.6.32-rc5
-CVE-2009-3623 (The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 ...)
+CVE-2009-3623
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
-CVE-2009-3622 (Algorithmic complexity vulnerability in wp-trackback.php in WordPress ...)
+CVE-2009-3622
 	- wordpress 2.8.5-1
 	[lenny] - wordpress 2.5.1-11+lenny3
 	[etch] - wordpress 2.0.10-1etch6
 	NOTE: http://seclists.org/fulldisclosure/2009/Oct/263
-CVE-2009-3621 (net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows ...)
+CVE-2009-3621
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-2 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3620 (The ATI Rage 128 (aka r128) driver in the Linux kernel before ...)
+CVE-2009-3620
 	{DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.32-1 (medium)
 	- linux-2.6.24 <removed> (medium)
 	NOTE: https://git.kernel.org/linus/7dc482dfeeeefcfd000d4271c4626937406756d7
-CVE-2009-3619 (Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1 before ...)
+CVE-2009-3619
 	- viewvc 1.0.9-1 (low; bug #545779; bug #560903)
-CVE-2009-3618 (Cross-site scripting (XSS) vulnerability in viewvc.py in ViewVC 1.0 ...)
+CVE-2009-3618
 	- viewvc 1.0.9-1 (low; bug #545779; bug #560903)
-CVE-2009-3617 (Format string vulnerability in the AbstractCommand::onAbort function ...)
+CVE-2009-3617
 	- aria2 1.6.2-1 (low)
 	[lenny] - aria2 <not-affected> (Vulnerable code not present)
 	[etch] - aria2 <not-affected> (Vulnerable code not present)
-CVE-2009-3616 (Multiple use-after-free vulnerabilities in vnc.c in the VNC server in ...)
+CVE-2009-3616
 	- qemu 0.11.0-1 (medium; bug #553589)
 	[lenny] - qemu <not-affected> (Vulnerable code not present)
 	[etch] - qemu <not-affected> (Vulnerable code not present)
 	- kvm <removed> (medium; bug #553590)
 	[lenny] - kvm <not-affected> (Vulnerable code not present)
-CVE-2009-3615 (The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and ...)
+CVE-2009-3615
 	{DSA-1932-1}
 	- pidgin 2.6.3-1
 	NOTE: http://pidgin.im/news/security/?id=41
@@ -3982,159 +3982,159 @@ CVE-2009-3614 [oping suid 0 arbitrary file disclosure]
 	- liboping 1.3.3-1 (low; bug #548684)
 	[lenny] - liboping <not-affected> (doesn't have -f option yet)
 	[etch] - liboping <not-affected> (doesn't have -f option yet)
-CVE-2009-3613 (The swiotlb functionality in the r8169 driver in drivers/net/r8169.c ...)
+CVE-2009-3613
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.29-1 (medium)
 	- linux-2.6.24 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2009/10/15/4
-CVE-2009-3612 (The tcf_fill_node function in net/sched/cls_api.c in the netlink ...)
+CVE-2009-3612
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-2 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3611 (common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes ...)
+CVE-2009-3611
 	- backintime 0.9.26-3 (bug #543785)
-CVE-2009-3609 (Integer overflow in the ImageStream::ImageStream function in Stream.cc ...)
+CVE-2009-3609
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3608 (Integer overflow in the ObjectStream::ObjectStream function in XRef.cc ...)
+CVE-2009-3608
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3607 (Integer overflow in the create_surface_from_thumbnail_data function in ...)
+CVE-2009-3607
 	{DSA-1941-1}
 	- poppler 0.12.2-1 (medium; bug #551289)
-CVE-2009-3606 (Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf ...)
+CVE-2009-3606
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3605 (Multiple integer overflows in Poppler 0.10.5 and earlier allow remote ...)
+CVE-2009-3605
 	{DSA-1941-1}
 	- poppler 0.12.2-1 (medium; bug #551289)
-CVE-2009-3604 (The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before ...)
+CVE-2009-3604
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3603 (Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf ...)
+CVE-2009-3603
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3591 (Dopewars 1.5.12 allows remote attackers to cause a denial of service ...)
+CVE-2009-3591
 	- dopewars 1.5.12-9 (low; bug #550913)
 	[etch] - dopewars <no-dsa> (negligible issue)
 	[lenny] - dopewars <no-dsa> (neglibigble issue)
-CVE-2009-3589 (incron 0.5.5 does not initialize supplementary groups when running a ...)
+CVE-2009-3589
 	- incron 0.5.7-1
-CVE-2009-3588 (Unspecified vulnerability in the arclib component in the Anti-Virus ...)
+CVE-2009-3588
 	NOT-FOR-US: eTrust Antivirus
-CVE-2009-3587 (Unspecified vulnerability in the arclib component in the Anti-Virus ...)
+CVE-2009-3587
 	NOT-FOR-US: eTrust Antivirus
-CVE-2009-3586 (Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows ...)
+CVE-2009-3586
 	NOT-FOR-US: CoreHTTP
-CVE-2009-3585 (Session fixation vulnerability in html/Elements/SetupSessionCookie in ...)
+CVE-2009-3585
 	{DSA-1944-1}
 	- request-tracker3.4 <removed>
 	- request-tracker3.6 3.6.9-2 (low)
-CVE-2009-3584 (SQL-Ledger 2.8.24 does not set the secure flag for the session cookie ...)
+CVE-2009-3584
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3583 (Directory traversal vulnerability in the Preferences menu item in ...)
+CVE-2009-3583
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3582 (Multiple SQL injection vulnerabilities in the delete subroutine in ...)
+CVE-2009-3582
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3581 (Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger ...)
+CVE-2009-3581
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3580 (Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger ...)
+CVE-2009-3580
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3578 (Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya ...)
+CVE-2009-3578
 	NOT-FOR-US: Autodesk Maya
-CVE-2009-3577 (Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 ...)
+CVE-2009-3577
 	NOT-FOR-US: Autodesk
-CVE-2009-3576 (Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to ...)
+CVE-2009-3576
 	NOT-FOR-US: Autodesk Softimage
-CVE-2009-3575 (Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, ...)
+CVE-2009-3575
 	{DSA-1957-1}
 	- aria2 1.2.0-1 (low; bug #551070)
 	[etch] - aria2 <not-affected> (Vulnerable code not present)
-CVE-2009-3571 (Unspecified vulnerability in OpenOffice.org (OOo) has unknown impact ...)
+CVE-2009-3571
 	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn't materialised in any form
-CVE-2009-3570 (Unspecified vulnerability in OpenOffice.org (OOo) has unspecified ...)
+CVE-2009-3570
 	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn't materialised in any form
-CVE-2009-3569 (Stack-based buffer overflow in OpenOffice.org (OOo) allows remote ...)
+CVE-2009-3569
 	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn't materialised in any form
-CVE-2009-3568 (Comment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module for ...)
+CVE-2009-3568
 	NOT-FOR-US: module for Drupal
-CVE-2009-3692 (Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in ...)
+CVE-2009-3692
 	- virtualbox-ose 3.0.8-dfsg-1
 	[lenny] - virtualbox-ose <not-affected> (vulnerable code not present)
-CVE-2009-3602 (Unbound before 1.3.4 does not properly verify signatures for NSEC3 ...)
+CVE-2009-3602
 	{DSA-1963-1}
 	- unbound 1.3.4-1 (low)
 	NOTE: http://unbound.net/pipermail/unbound-users/2009-October/000852.html
-CVE-2009-3601 (Cross-site scripting (XSS) vulnerability in demo_page.php in Scriptsez ...)
+CVE-2009-3601
 	NOT-FOR-US: Scriptsez Ultimate Poll
-CVE-2009-3600 (HUBScript 1.0 allows remote attackers to obtain configuration ...)
+CVE-2009-3600
 	NOT-FOR-US: HUBScript
-CVE-2009-3599 (Cross-site scripting (XSS) vulnerability in single_winner1.php in ...)
+CVE-2009-3599
 	NOT-FOR-US: HUBScript
-CVE-2009-3598 (Cross-site scripting (XSS) vulnerability in survey_result.php in ...)
+CVE-2009-3598
 	NOT-FOR-US: eCardMAX FormXP
-CVE-2009-3597 (Digitaldesign CMS 0.1 stores sensitive information under the web root ...)
+CVE-2009-3597
 	NOT-FOR-US: Digitaldesign CMS
-CVE-2009-3596 (JoxTechnology Ajox Poll does not properly restrict access to ...)
+CVE-2009-3596
 	NOT-FOR-US: JoxTechnology Ajox Poll
-CVE-2009-3595 (SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows ...)
+CVE-2009-3595
 	NOT-FOR-US: VS PANEL
-CVE-2009-3594 (Cross-site scripting (XSS) vulnerability in bpost.php in BLOB Blog ...)
+CVE-2009-3594
 	NOT-FOR-US: BLOB Blog System
-CVE-2009-3593 (Multiple cross-site scripting (XSS) vulnerabilities in Freelancers 1.0 ...)
+CVE-2009-3593
 	NOT-FOR-US: Freelancers
-CVE-2009-3592 (Cross-site scripting (XSS) vulnerability in customer/home.php in ...)
+CVE-2009-3592
 	NOT-FOR-US: Qualiteam X-Cart
-CVE-2009-3590 (SQL injection vulnerability in showcat.php in VS PANEL 7.3.6 allows ...)
+CVE-2009-3590
 	NOT-FOR-US: VS PANEL
-CVE-2009-3574 (Tuniac 090517c allows remote attackers to cause a denial of service ...)
+CVE-2009-3574
 	NOT-FOR-US: Tuniac
-CVE-2009-3573 (Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ...)
+CVE-2009-3573
 	NOT-FOR-US: ActiveX
-CVE-2009-3572 (OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not ...)
+CVE-2009-3572
 	NOT-FOR-US: OpenBSD
-CVE-2009-3567 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-3567
 	NOT-FOR-US: Kayako SupportSuite and eSupport
-CVE-2009-3579 (Cross-site scripting (XSS) vulnerability in the CookieDump.java sample ...)
+CVE-2009-3579
 	- jetty <unfixed> (unimportant)
 	NOTE: http://www.coresecurity.com/content/jetty-persistent-xss
 	NOTE: only an example application
-CVE-2009-3566 (McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 ...)
+CVE-2009-3566
 	NOT-FOR-US: McAfee IntruShield Network Security Manager
-CVE-2009-3565 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-3565
 	NOT-FOR-US: McAfee IntruShield Network Security Manager
-CVE-2009-3564 (puppetmasterd in puppet 0.24.6 does not reset supplementary groups ...)
+CVE-2009-3564
 	- puppet 0.25.1-3 (low; bug #551073)
 	[etch] - puppet <no-dsa> (minor issue)
 	[lenny] - puppet <no-dsa> (minor issue)
-CVE-2009-3563 (ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote ...)
+CVE-2009-3563
 	{DSA-1948-1}
 	- ntp 1:4.2.4p8+dfsg-1 (medium; bug #560074)
-CVE-2009-3562 (Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 ...)
+CVE-2009-3562
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-3561 (Directory traversal vulnerability in Xerver HTTP Server 4.32 allows ...)
+CVE-2009-3561
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, ...)
+CVE-2009-3560
 	{DSA-1977-1 DSA-1953-2 DSA-1953-1}
 	- expat 2.0.1-6 (low; bug #560901)
 	- mcabber 0.10.0-1 (low; bug #601053)
@@ -4189,19 +4189,19 @@ CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0
 	- texlive-bin <not-affected> (Files are not compiled in, see #560948)
 	- vnc4 <not-affected> (Not affected, see bug #560949)
 	- xotcl <not-affected> (Vulnerable code not present in embedded Expat copy)
-CVE-2009-3559 (** DISPUTED ** ...)
+CVE-2009-3559
 	- php5 <removed> (unimportant)
 	NOTE: safe_mode regression
-CVE-2009-3558 (The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 ...)
+CVE-2009-3558
 	- php5 5.2.12.dfsg.1-1 (unimportant)
 	NOTE: open_basedir bypass
-CVE-2009-3557 (The tempnam function in ext/standard/file.c in PHP before 5.2.12 and ...)
+CVE-2009-3557
 	- php5 5.2.12.dfsg.1-1 (unimportant)
 	NOTE: safe_mode bypass
-CVE-2009-3556 (A certain Red Hat configuration step for the qla2xxx driver in the ...)
+CVE-2009-3556
 	- linux-2.6 <not-affected> (redhat-specific configuration issue)
 	- linux-2.6.24 <not-affected> (redhat-specific configuration issue)
-CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...)
+CVE-2009-3555
 	{DSA-3253-1 DSA-2626-1 DSA-2141-2 DSA-2141-1 DSA-1934-1 DLA-400-1}
 	- apache2 2.2.14-2
 	- openssl 0.9.8k-6
@@ -4233,10 +4233,10 @@ CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier,
 	NOTE: - apache 2.2.15-1
 	NOTE: - nss 3.12.6-1
 	NOTE: - sun-java6 6.19-1
-CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss ...)
+CVE-2009-3554
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor handling ...)
+CVE-2009-3553
 	{DSA-2176-1}
 	- cups 1.4.2-4 (low; bug #557740)
 	[lenny] - cups <no-dsa> (Minor issue)
@@ -4245,24 +4245,24 @@ CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor hand
 CVE-2009-3552
 	RESERVED
 	NOT-FOR-US: Red Hat Enterprise Virtualization Manager
-CVE-2009-3551 (Off-by-one error in the dissect_negprot_response function in ...)
+CVE-2009-3551
 	- wireshark 1.2.3-1 (low; bug #553583)
 	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
-CVE-2009-3550 (The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 ...)
+CVE-2009-3550
 	{DSA-1942-1}
 	- wireshark 1.2.3-1 (low; bug #553583)
-CVE-2009-3549 (packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through ...)
+CVE-2009-3549
 	- wireshark 1.2.3-1 (low; bug #553583)
 	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
-CVE-2009-3548 (The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 ...)
+CVE-2009-3548
 	- tomcat6 <not-affected> (Windows only)
-CVE-2009-3547 (Multiple race conditions in fs/pipe.c in the Linux kernel before ...)
+CVE-2009-3547
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-2 (high)
 	- linux-2.6.24 <removed> (high)
-CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before ...)
+CVE-2009-3546
 	{DSA-1936-1}
 	- libwmf <unfixed>  (unimportant)
 	- racket 5.0.2-1 (unimportant; bug #601525)
@@ -4271,11 +4271,11 @@ CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x befo
 	- php5 <not-affected> (the php packages use the system libgd2)
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=289557
 	NOTE: <20091015173822.084de220@redhat.com> in OSS-sec
-CVE-2009-3545 (DataWizard Technologies FtpXQ FTP Server 3.0 allows remote ...)
+CVE-2009-3545
 	NOT-FOR-US: DataWizard Technologies FtpXQ FTP Server
-CVE-2009-3544 (Xerver HTTP Server 4.32 allows remote attackers to obtain the source ...)
+CVE-2009-3544
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-3527 (Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 ...)
+CVE-2009-3527
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 CVE-2009-3526
@@ -4285,39 +4285,39 @@ CVE-2009-XXXX [kfreebsd: Devfs / VFS NULL pointer race condition]
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.2-9 (bug #549871)
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2009-3543 (SQL injection vulnerability in _phenotype/admin/login.php in Phenotype ...)
+CVE-2009-3543
 	NOT-FOR-US: Phenotype CMS
-CVE-2009-3542 (Directory traversal vulnerability in ls.php in LittleSite (aka LS or ...)
+CVE-2009-3542
 	NOT-FOR-US: LittleSite
-CVE-2009-3541 (PHP remote file inclusion vulnerability in CoupleDB.php in ...)
+CVE-2009-3541
 	NOT-FOR-US: PHPGenealogy
-CVE-2009-3540 (Cross-site scripting (XSS) vulnerability in listads.php in ...)
+CVE-2009-3540
 	NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro
-CVE-2009-3539 (Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld ...)
+CVE-2009-3539
 	NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro
-CVE-2009-3538 (Directory traversal vulnerability in thumb.php in Clear Content 1.1 ...)
+CVE-2009-3538
 	NOT-FOR-US: Clear Content
-CVE-2009-3537 (Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 ...)
+CVE-2009-3537
 	NOT-FOR-US: EpicDJSoftware EpicDJ
-CVE-2009-3536 (Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 ...)
+CVE-2009-3536
 	NOT-FOR-US: EpicDJSoftware EpicVJ
-CVE-2009-3535 (Directory traversal vulnerability in image.php in Clear Content 1.1 ...)
+CVE-2009-3535
 	NOT-FOR-US: Clear Content
-CVE-2009-3534 (Directory traversal vulnerability in index.php in LionWiki 3.0.3, when ...)
+CVE-2009-3534
 	NOT-FOR-US: LionWiki
-CVE-2009-3533 (SQL injection vulnerability in report.php in Meeting Room Booking ...)
+CVE-2009-3533
 	NOT-FOR-US: Meeting Room Booking System
-CVE-2009-3532 (Multiple SQL injection vulnerabilities in login.asp (aka the login ...)
+CVE-2009-3532
 	NOT-FOR-US: LogRover
-CVE-2009-3531 (SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows ...)
+CVE-2009-3531
 	NOT-FOR-US: Universe CMS
-CVE-2009-3530 (Cross-site scripting (XSS) vulnerability in storefront.php in ...)
+CVE-2009-3530
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2009-3529 (SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 ...)
+CVE-2009-3529
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2009-3528 (SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows ...)
+CVE-2009-3528
 	NOT-FOR-US: MyMsg
-CVE-2009-3525 (The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not ...)
+CVE-2009-3525
 	- xen-3 <unfixed> (unimportant)
 	- xen-unstable <removed> (unimportant)
 	NOTE: This is an enhancement, not a security issue.
@@ -4328,118 +4328,118 @@ CVE-2009-5041 [buffer overflow in overkill]
 	- overkill 0.16-14.1 (bug #549310; low)
 	[lenny] - overkill <no-dsa> (Minor issue)
 	[etch] - overkill <no-dsa> (Minor issue)
-CVE-2009-3524 (Unspecified vulnerability in ashWsFtr.dll in avast! Home and ...)
+CVE-2009-3524
 	NOT-FOR-US: avast! Home and Professional
-CVE-2009-3523 (aavmKer4.sys in avast! Home and Professional for Windows before ...)
+CVE-2009-3523
 	NOT-FOR-US: avast! Home and Professional
-CVE-2009-3522 (Stack-based buffer overflow in aswMon2.sys in avast! Home and ...)
+CVE-2009-3522
 	NOT-FOR-US: avast! Home and Professional
-CVE-2009-3521 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2009-3521
 	NOT-FOR-US: WebSphere
-CVE-2009-3520 (Cross-site request forgery (CSRF) vulnerability in the Your_account ...)
+CVE-2009-3520
 	NOT-FOR-US: CMSphp
-CVE-2009-3519 (Multiple memory leaks in the IP module in the kernel in Sun Solaris 8 ...)
+CVE-2009-3519
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3518 (Argument injection vulnerability in the iim: URI handler in IBMIM.exe ...)
+CVE-2009-3518
 	NOT-FOR-US: IBM Installation Manager
-CVE-2009-3517 (nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does ...)
+CVE-2009-3517
 	NOT-FOR-US: IBM AIX
-CVE-2009-3516 (gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not ...)
+CVE-2009-3516
 	NOT-FOR-US: IBM AIX
-CVE-2009-3515 (Directory traversal vulnerability in dnet_admin/index.php in d.net CMS ...)
+CVE-2009-3515
 	NOT-FOR-US: d.net CMS
-CVE-2009-3514 (Multiple SQL injection vulnerabilities in d.net CMS allow remote ...)
+CVE-2009-3514
 	NOT-FOR-US: d.net CMS
-CVE-2009-3513 (Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group ...)
+CVE-2009-3513
 	NOT-FOR-US: Pilot Group (PG) eTraining
-CVE-2009-3512 (Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 ...)
+CVE-2009-3512
 	NOT-FOR-US: MyWeight
-CVE-2009-3511 (Multiple PHP remote file inclusion vulnerabilities in justVisual 1.2 ...)
+CVE-2009-3511
 	NOT-FOR-US: justVisual
-CVE-2009-3510 (SQL injection vulnerability in viewListing.php in linkSpheric 0.74 ...)
+CVE-2009-3510
 	NOT-FOR-US: linkSpheric
-CVE-2009-3509 (Cross-site scripting (XSS) vulnerability in admin/admin_index.php in ...)
+CVE-2009-3509
 	NOT-FOR-US: CJ Dynamic Poll PRO
-CVE-2009-3508 (Multiple directory traversal vulnerabilities in MUJE CMS 1.0.4.34 ...)
+CVE-2009-3508
 	NOT-FOR-US: MUJE CMS
-CVE-2009-3507 (Directory traversal vulnerability in modules.php in CMSphp 0.21 allows ...)
+CVE-2009-3507
 	NOT-FOR-US: CMSphp
-CVE-2009-3506 (Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 ...)
+CVE-2009-3506
 	NOT-FOR-US: CMSphp
-CVE-2009-3505 (SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG ...)
+CVE-2009-3505
 	NOT-FOR-US: Vastal I-Tech MMORPG Zone
-CVE-2009-3504 (SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 ...)
+CVE-2009-3504
 	NOT-FOR-US: Alibaba Clone
-CVE-2009-3503 (Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse ...)
+CVE-2009-3503
 	NOT-FOR-US: BPowerHouse BPHolidayLettings
-CVE-2009-3502 (SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 ...)
+CVE-2009-3502
 	NOT-FOR-US: BPowerHouse BPMusic
-CVE-2009-3501 (SQL injection vulnerability in students.php in BPowerHouse BPStudents ...)
+CVE-2009-3501
 	NOT-FOR-US: BPowerHouse BPStudents
-CVE-2009-3500 (Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 ...)
+CVE-2009-3500
 	NOT-FOR-US: BPowerHouse BPGames
-CVE-2009-3499 (SQL injection vulnerability in employee.aspx in BPowerHouse ...)
+CVE-2009-3499
 	NOT-FOR-US: BPowerHouse BPLawyerCaseDocuments
-CVE-2009-3498 (SQL injection vulnerability in php/update_article_hits.php in HBcms ...)
+CVE-2009-3498
 	NOT-FOR-US: HBcms
-CVE-2009-3497 (SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent ...)
+CVE-2009-3497
 	NOT-FOR-US: Vastal I-Tech Agent
-CVE-2009-3496 (Cross-site scripting (XSS) vulnerability in view_mag.php in Vastal ...)
+CVE-2009-3496
 	NOT-FOR-US: Vastal I-Tech DVD Zone
-CVE-2009-3495 (SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone ...)
+CVE-2009-3495
 	NOT-FOR-US: Vastal I-Tech DVD Zone
-CVE-2009-3494 (Multiple SQL injection vulnerabilities in index.php in T-HTB Manager ...)
+CVE-2009-3494
 	NOT-FOR-US: T-HTB Manager
-CVE-2009-3493 (Multiple cross-site scripting (XSS) vulnerabilities in Zenas ...)
+CVE-2009-3493
 	NOT-FOR-US: Zenas PaoBacheca Guestbook
-CVE-2009-3492 (Multiple PHP remote file inclusion vulnerabilities in Loggix Project ...)
+CVE-2009-3492
 	NOT-FOR-US: Loggix Project
-CVE-2009-3491 (SQL injection vulnerability in the Kinfusion SportFusion ...)
+CVE-2009-3491
 	NOT-FOR-US: Kinfusion SportFusion
-CVE-2009-3490 (GNU Wget before 1.12 does not properly handle a '\0' character in a ...)
+CVE-2009-3490
 	{DSA-1904-1}
 	- wget 1.12-1 (medium; bug #549293)
-CVE-2009-3489 (Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 ...)
+CVE-2009-3489
 	NOT-FOR-US: Adobe Photoshop Elements
-CVE-2009-3488 (Cross-site scripting (XSS) vulnerability in the Bibliography (aka ...)
+CVE-2009-3488
 	NOT-FOR-US: Drupal Bibliography Module
-CVE-2009-3487 (Multiple cross-site scripting (XSS) vulnerabilities in the J-Web ...)
+CVE-2009-3487
 	NOT-FOR-US: J-Web interface in Juniper JUNOS
-CVE-2009-3486 (Multiple cross-site scripting (XSS) vulnerabilities in the J-Web ...)
+CVE-2009-3486
 	NOT-FOR-US: J-Web interface in Juniper JUNOS
-CVE-2009-3485 (Cross-site scripting (XSS) vulnerability in the J-Web interface in ...)
+CVE-2009-3485
 	NOT-FOR-US: J-Web interface in Juniper JUNOS
-CVE-2009-3484 (Stack-based buffer overflow in Core FTP 2.1 build 1612 allows ...)
+CVE-2009-3484
 	NOT-FOR-US: Core FTP
-CVE-2009-3483 (Heap-based buffer overflow in the Create New Site feature in ...)
+CVE-2009-3483
 	NOT-FOR-US: CuteFTP
-CVE-2009-3482 (TrustPort Antivirus before 2.8.0.2266 and PC Security before ...)
+CVE-2009-3482
 	NOT-FOR-US: TrustPort Antivirus and PC Security
-CVE-2009-3481 (A certain interface in the iCRM Basic (com_icrmbasic) component ...)
+CVE-2009-3481
 	NOT-FOR-US: Joomla component
-CVE-2009-3480 (SQL injection vulnerability in the iCRM Basic (com_icrmbasic) ...)
+CVE-2009-3480
 	NOT-FOR-US: Joomla component
-CVE-2009-3479 (Cross-site scripting (XSS) vulnerability in Bibliography (Biblio) 5.x ...)
+CVE-2009-3479
 	NOT-FOR-US: Bibliography
-CVE-2009-3478 (Argument injection vulnerability in (1) ...)
+CVE-2009-3478
 	NOT-FOR-US: Bibliography
-CVE-2009-3477 (The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before ...)
+CVE-2009-3477
 	NOT-FOR-US: Blackberry Browser in RIM BlackBerry Device Software
-CVE-2009-3476 (Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 ...)
+CVE-2009-3476
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
 	- shibboleth-sp 3.0.2+dfsg1-2
 	- shibboleth-sp2 2.2.1+dfsg-1
-CVE-2009-3475 (Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and ...)
+CVE-2009-3475
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
 	- shibboleth-sp 3.0.2+dfsg1-2
 	- shibboleth-sp2 2.2.1+dfsg-1
-CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by ...)
+CVE-2009-3474
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
@@ -4448,182 +4448,182 @@ CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as use
 	- shibboleth-sp2 2.2.1+dfsg-1
 	[lenny] - opensaml 1.1.1-2+lenny1
 	[lenny] - opensaml2 2.0-2+lenny1
-CVE-2009-3473 (IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege ...)
+CVE-2009-3473
 	NOT-FOR-US: IBM DB2
-CVE-2009-3472 (IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows ...)
+CVE-2009-3472
 	NOT-FOR-US: IBM DB2
-CVE-2009-3471 (IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before ...)
+CVE-2009-3471
 	NOT-FOR-US: IBM DB2
-CVE-2009-3470 (IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 ...)
+CVE-2009-3470
 	NOT-FOR-US: IBM Informix Dynamic Server (IDS)
-CVE-2009-3469 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-3469
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2009-3468 (Multiple unspecified vulnerabilities in Common Desktop Environment ...)
+CVE-2009-3468
 	NOT-FOR-US: Common Desktop Environment (CDE) in Sun Solaris
-CVE-2009-3467 (Cross-site scripting (XSS) vulnerability in an unspecified method in ...)
+CVE-2009-3467
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-3466 (Adobe Shockwave Player before 11.5.2.602 allows remote attackers to ...)
+CVE-2009-3466
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3465 (Adobe Shockwave Player before 11.5.2.602 allows remote attackers to ...)
+CVE-2009-3465
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3464 (Adobe Shockwave Player before 11.5.2.602 allows remote attackers to ...)
+CVE-2009-3464
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3463 (Array index error in Adobe Shockwave Player before 11.5.2.602 allows ...)
+CVE-2009-3463
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3462 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+CVE-2009-3462
 	NOT-FOR-US: Adobe
-CVE-2009-3461 (Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows ...)
+CVE-2009-3461
 	NOT-FOR-US: Adobe
-CVE-2009-3460 (Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x ...)
+CVE-2009-3460
 	NOT-FOR-US: Adobe
-CVE-2009-3459 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before ...)
+CVE-2009-3459
 	NOT-FOR-US: Adobe Acrobat
-CVE-2009-3458 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+CVE-2009-3458
 	NOT-FOR-US: Adobe
-CVE-2009-3457 (Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) ...)
+CVE-2009-3457
 	NOT-FOR-US: Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF)
-CVE-2009-3456 (Google Chrome, possibly 3.0.195.21 and earlier, does not properly ...)
+CVE-2009-3456
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: This was caused by a bug in NSS (CVE-2009-2408). chromium-browser uses libnss3
-CVE-2009-3455 (Apple Safari, possibly before 4.0.3, on Mac OS X does not properly ...)
+CVE-2009-3455
 	NOT-FOR-US: Apple Safari
 CVE-2009-3454
 	REJECTED
-CVE-2009-3453 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
+CVE-2009-3453
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-3452 (WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote ...)
+CVE-2009-3452
 	NOT-FOR-US: RADactive I-Load
-CVE-2009-3451 (Directory traversal vulnerability in WebCoreModule.ashx in RADactive ...)
+CVE-2009-3451
 	NOT-FOR-US: RADactive
-CVE-2009-3450 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-3450
 	NOT-FOR-US: RADactive I-Load
-CVE-2009-3449 (MP3 Collector 2.3 allows remote attackers to cause a denial of service ...)
+CVE-2009-3449
 	NOT-FOR-US: MP3 Collector
-CVE-2009-3448 (npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote ...)
+CVE-2009-3448
 	NOT-FOR-US: BakBone NetVault Backup
-CVE-2009-3447 (Unrestricted file upload vulnerability in RADactive I-Load before ...)
+CVE-2009-3447
 	NOT-FOR-US: RADactive I-Load
 CVE-2009-XXXX [xen-tools: world readable disk image files]
 	- xen-tools 4.2~beta1-1 (low; bug #548909)
 	[lenny] - xen-tools 3.9-4+lenny1
-CVE-2009-3446 (SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) ...)
+CVE-2009-3446
 	NOT-FOR-US: com_mytube component for Joomla!
-CVE-2009-3445 (Unspecified vulnerability in Code-Crafters Ability Mail Server before ...)
+CVE-2009-3445
 	NOT-FOR-US: Ability Mail Server
-CVE-2009-3444 (Cross-site scripting (XSS) vulnerability in email.php in e107 0.7.16 ...)
+CVE-2009-3444
 	NOT-FOR-US: e107
-CVE-2009-3443 (SQL injection vulnerability in the Fastball (com_fastball) component ...)
+CVE-2009-3443
 	NOT-FOR-US: com_fastball component for Joomla!
-CVE-2009-3442 (The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does ...)
+CVE-2009-3442
 	NOT-FOR-US: Nodewords module for Drupal
-CVE-2009-3441 (Open Source Security Information Management (OSSIM) before 2.1.2 ...)
+CVE-2009-3441
 	NOT-FOR-US: Open Source Security Information Management
-CVE-2009-3440 (Cross-site scripting (XSS) vulnerability in Open Source Security ...)
+CVE-2009-3440
 	NOT-FOR-US: Open Source Security Information Management
-CVE-2009-3439 (Multiple SQL injection vulnerabilities in Open Source Security ...)
+CVE-2009-3439
 	NOT-FOR-US: Open Source Security Information Management
-CVE-2009-3438 (SQL injection vulnerability in the JoomlaFacebook (com_facebook) ...)
+CVE-2009-3438
 	NOT-FOR-US: com_facebook component for Joomla!
-CVE-2009-3437 (Cross-site scripting (XSS) vulnerability in the live preview feature ...)
+CVE-2009-3437
 	NOT-FOR-US: Markdown Preview module for Drupal
-CVE-2009-3436 (Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal ...)
+CVE-2009-3436
 	NOT-FOR-US: MaxWebPortal
-CVE-2009-3435 (Cross-site scripting (XSS) vulnerability in the variable editor in the ...)
+CVE-2009-3435
 	NOT-FOR-US: Devel module for Drupal
-CVE-2009-3434 (SQL injection vulnerability in the Tupinambis (com_tupinambis) ...)
+CVE-2009-3434
 	NOT-FOR-US: com_tupinambis for Mambo and Joomla!
-CVE-2009-3433 (Unspecified vulnerability in clsetup in the configuration utility in ...)
+CVE-2009-3433
 	NOT-FOR-US: Sun Solaris Cluster
-CVE-2009-3432 (Unspecified vulnerability in xscreensaver in Sun Solaris 10, and ...)
+CVE-2009-3432
 	NOT-FOR-US: Sun OpenSolaris xscreensaver
-CVE-2009-3431 (Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, ...)
+CVE-2009-3431
 	NOT-FOR-US: Adobe Acrobat
-CVE-2009-3892 (Cross-site scripting (XSS) vulnerability in Best Practical Solutions ...)
+CVE-2009-3892
 	- request-tracker3.8 3.8.5-1 (bug #546829)
 	- request-tracker3.6 3.6.9-1 (bug #546778)
 	[etch] - request-tracker3.6 <not-affected> (vulnerable code not present)
 	[lenny] - request-tracker3.6 3.6.7-5+lenny2
 	NOTE: CVE id requested
-CVE-2009-3430 (SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows ...)
+CVE-2009-3430
 	NOT-FOR-US: Allomani Mobile
-CVE-2009-3429 (Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 ...)
+CVE-2009-3429
 	NOT-FOR-US: Pirate Radio Destiny Media Player
-CVE-2009-3428 (Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote ...)
+CVE-2009-3428
 	NOT-FOR-US: Easy Music Player
-CVE-2009-3427 (Cross-site scripting (XSS) vulnerability in Kayako SupportSuite ...)
+CVE-2009-3427
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2009-3426 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-3426
 	NOT-FOR-US: MaxCMS
-CVE-2009-3425 (Directory traversal vulnerability in ...)
+CVE-2009-3425
 	NOT-FOR-US: MaxCMS
-CVE-2009-3424 (Multiple PHP remote file inclusion vulnerabilities in MaxCMS 3.11.20b, ...)
+CVE-2009-3424
 	NOT-FOR-US: MaxCMS
-CVE-2009-3423 (login.php in Zenas PaoLink 1.0, when register_globals is enabled, ...)
+CVE-2009-3423
 	NOT-FOR-US: Zenas PaoLink
-CVE-2009-3422 (login.php in Zenas PaoLiber 1.1, when register_globals is enabled, ...)
+CVE-2009-3422
 	NOT-FOR-US: Zenas PaoLiber
-CVE-2009-3421 (login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is ...)
+CVE-2009-3421
 	NOT-FOR-US: Zenas PaoBacheca Guestbook
-CVE-2009-3420 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-3420
 	NOT-FOR-US: Miniweb Publisher module
-CVE-2009-3419 (SQL injection vulnerability in index.php in the Publisher module 2.0 ...)
+CVE-2009-3419
 	NOT-FOR-US: Miniweb Publisher module
-CVE-2009-3418 (Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow (1) ...)
+CVE-2009-3418
 	NOT-FOR-US: Plume CMS
-CVE-2009-3417 (SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 ...)
+CVE-2009-3417
 	NOT-FOR-US: IDoBlog component Joomla
-CVE-2009-3416 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2009-3416
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3415 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2009-3415
 	NOT-FOR-US: Oracle Database
-CVE-2009-3414 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2009-3414
 	NOT-FOR-US: Oracle Database
-CVE-2009-3413 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2009-3413
 	NOT-FOR-US: Oracle Database
-CVE-2009-3412 (Unspecified vulnerability in the Unzip component in Oracle Database ...)
+CVE-2009-3412
 	NOT-FOR-US: Oracle Database and Oracle Application Server
-CVE-2009-3411 (Unspecified vulnerability in the Oracle Data Pump component in Oracle ...)
+CVE-2009-3411
 	NOT-FOR-US: Oracle Database
-CVE-2009-3410 (Unspecified vulnerability in the RDBMS component in Oracle Database ...)
+CVE-2009-3410
 	NOT-FOR-US: Oracle Database
-CVE-2009-3409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM (TAM) ...)
+CVE-2009-3409
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3408 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2009-3408
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3407 (Unspecified vulnerability in the Portal component in Oracle ...)
+CVE-2009-3407
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-3406 (Unspecified vulnerability in the JD Edwards Tools component in Oracle ...)
+CVE-2009-3406
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3405 (Unspecified vulnerability in the JD Edwards Tools component in Oracle ...)
+CVE-2009-3405
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3404 (Unspecified vulnerability in the PeopleSoft PeopleTools &amp; Enterprise ...)
+CVE-2009-3404
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3403 (Unspecified vulnerability in the JRockit component in BEA Product ...)
+CVE-2009-3403
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-3402 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2009-3402
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3401 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2009-3401
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3400 (Unspecified vulnerability in the Oracle Advanced Benefits component in ...)
+CVE-2009-3400
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3399 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2009-3399
 	NOT-FOR-US: BEA Product Suite
 CVE-2009-3398
 	REJECTED
-CVE-2009-3397 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2009-3397
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3396 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2009-3396
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-3395 (Unspecified vulnerability in the AutoVue component in Oracle ...)
+CVE-2009-3395
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2009-3394
 	REJECTED
-CVE-2009-3393 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2009-3393
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3392 (Unspecified vulnerability in the Agile Engineering Data Management ...)
+CVE-2009-3392
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-4193 (Merkaartor 0.14 allows local users to append data to arbitrary files ...)
+CVE-2009-4193
 	- merkaartor 0.14+svnfixes~20090912-2 (low; bug #548546)
 	[lenny] - merkaartor <not-affected> (vulnerable code not present)
 	NOTE: does not run as root so minor issue.
@@ -4632,9 +4632,9 @@ CVE-2009-XXXX [SA-CORE-2009-008]
 	[lenny] - drupal6 6.6-3lenny3
 CVE-2009-3391
 	RESERVED
-CVE-2009-3390 (Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) ...)
+CVE-2009-3390
 	NOT-FOR-US: iscsiadm and iscsitadm programs in Sun Solaris 10
-CVE-2009-3389 (Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used ...)
+CVE-2009-3389
 	{DSA-2045-1}
 	- libtheora 1.1 (bug #572950)
 	[etch] - libtheora <not-affected> (vulnerable code not present)
@@ -4643,27 +4643,27 @@ CVE-2009-3389 (Integer overflow in libtheora in Xiph.Org Theora before 1.1, as u
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
-CVE-2009-3388 (liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before ...)
+CVE-2009-3388
 	- liboggplay 0.2.1~git20091227-1.1 (bug #575743)
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
-CVE-2009-3387 (Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group ...)
+CVE-2009-3387
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3386 (Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1 ...)
+CVE-2009-3386
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3385 (The mail component in Mozilla SeaMonkey before 1.1.19 does not ...)
+CVE-2009-3385
 	{DSA-1922-1}
 	- xulrunner 1.9.0.15-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0-1
 	[lenny] - iceape <not-affected> (stub package)
-CVE-2009-3384 (Multiple unspecified vulnerabilities in WebKit in Apple Safari before ...)
+CVE-2009-3384
 	- webkit 1.1.17-2 (medium; bug #559759)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- qt4-x11 4:4.6.2-4 (bug #561760)
@@ -4673,23 +4673,23 @@ CVE-2009-3384 (Multiple unspecified vulnerabilities in WebKit in Apple Safari be
 	- kdelibs <not-affected> (vulnerable code not present)
 	- kde4libs <not-affected> (vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/48725
-CVE-2009-3383 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
+CVE-2009-3383
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3382 (layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla ...)
+CVE-2009-3382
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3381 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2009-3381
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3380 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2009-3380
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3379 (Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla ...)
+CVE-2009-3379
 	{DSA-1939-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -4697,221 +4697,221 @@ CVE-2009-3379 (Multiple unspecified vulnerabilities in libvorbis, as used in Moz
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3378 (The oggplay_data_handle_theora_frame function in ...)
+CVE-2009-3378
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (ogg support added in firefox 3.5)
 	[lenny] - xulrunner <not-affected> (ogg support added in firefox 3.5)
 	- liboggplay 0.2.1~git20091120-1 (medium; bug #552743)
-CVE-2009-3377 (Multiple unspecified vulnerabilities in liboggz before ...)
+CVE-2009-3377
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	- liboggz 0.9.9-1 (low)
 	[lenny] - liboggz <no-dsa> (Too intrusive to backport, needs to be updated to 0.9.9. Requires additional rebuild of rev dep)
-CVE-2009-3376 (Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey ...)
+CVE-2009-3376
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3375 (content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x ...)
+CVE-2009-3375
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.x)
-CVE-2009-3374 (The XPCVariant::VariantDataToJS function in the XPCOM implementation ...)
+CVE-2009-3374
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3373 (Heap-based buffer overflow in the GIF image parser in Mozilla Firefox ...)
+CVE-2009-3373
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.x)
-CVE-2009-3372 (Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey ...)
+CVE-2009-3372
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3371 (Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 ...)
+CVE-2009-3371
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (web workers introduced in firefox 3.5)
 	[lenny] - xulrunner <not-affected> (web workers introduced in firefox 3.5)
 	- kompozer <unfixed> (unimportant; bug #555326)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-3370 (Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote ...)
+CVE-2009-3370
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3368 (Cross-site scripting (XSS) vulnerability in the Hotel Booking ...)
+CVE-2009-3368
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3367 (Multiple cross-site scripting (XSS) vulnerabilities in An image ...)
+CVE-2009-3367
 	NOT-FOR-US: An image gallery 1.0
-CVE-2009-3366 (Directory traversal vulnerability in navigation.php in An image ...)
+CVE-2009-3366
 	NOT-FOR-US: An image gallery 1.0
-CVE-2009-3365 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-3365
 	NOT-FOR-US: Aurora CMS
-CVE-2009-3364 (Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote ...)
+CVE-2009-3364
 	NOT-FOR-US: FTPShell Client
-CVE-2009-3363 (Cross-site scripting (XSS) vulnerability in the BUEditor module 5.x ...)
+CVE-2009-3363
 	NOT-FOR-US: a module for Drupal
-CVE-2009-3362 (PHP remote file inclusion vulnerability in printnews.php3 in SZNews ...)
+CVE-2009-3362
 	NOT-FOR-US: SZNews
-CVE-2009-3361 (SQL injection vulnerability in index.php in PHP-IPNMonitor allows ...)
+CVE-2009-3361
 	NOT-FOR-US: PHP-IPNMonitor
-CVE-2009-3360 (Multiple cross-site scripting (XSS) vulnerabilities in Datemill 1.0 ...)
+CVE-2009-3360
 	NOT-FOR-US: Datemill
-CVE-2009-3359 (Multiple cross-site scripting (XSS) vulnerabilities in Match Agency ...)
+CVE-2009-3359
 	NOT-FOR-US: Match Agency BiZ
-CVE-2009-3358 (SQL injection vulnerability in profile.php in Tourism Scripts Adult ...)
+CVE-2009-3358
 	NOT-FOR-US: Tourism Scripts Adult
-CVE-2009-3357 (Multiple SQL injection vulnerabilities in the Hotel Booking ...)
+CVE-2009-3357
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3356 (SQL injection vulnerability in index.php in Image voting 1.0 allows ...)
+CVE-2009-3356
 	NOT-FOR-US: Image voting
-CVE-2009-3355 (Cross-site scripting (XSS) vulnerability in profile.php in Datetopia ...)
+CVE-2009-3355
 	NOT-FOR-US: Datetopia Buy Dating Site
-CVE-2009-3354 (Multiple unspecified vulnerabilities in the Rest API module for Drupal ...)
+CVE-2009-3354
 	NOT-FOR-US: Rest API module for Drupal
-CVE-2009-3353 (Multiple unspecified vulnerabilities in the Node2Node module for ...)
+CVE-2009-3353
 	NOT-FOR-US: Node2Node module for Drupal
-CVE-2009-3352 (Multiple unspecified vulnerabilities in the quota_by_role (Quota by ...)
+CVE-2009-3352
 	NOT-FOR-US: quota_by_role (Quota by role) module for Drupal
-CVE-2009-3351 (Multiple unspecified vulnerabilities in the Node Browser module for ...)
+CVE-2009-3351
 	NOT-FOR-US: Node Browser module for Drupal
-CVE-2009-3350 (Multiple unspecified vulnerabilities in the Subdomain Manager module ...)
+CVE-2009-3350
 	NOT-FOR-US: Subdomain Manager module for Drupal
-CVE-2009-3349 (SQL injection vulnerability in Datavore Gyro 5.0 allows remote ...)
+CVE-2009-3349
 	NOT-FOR-US: Datavore Gyro
-CVE-2009-3348 (Cross-site scripting (XSS) vulnerability in Datavore Gyro 5.0 allows ...)
+CVE-2009-3348
 	NOT-FOR-US: Datavore Gyro
-CVE-2009-3347 (Buffer overflow on the D-Link DIR-400 wireless router allows remote ...)
+CVE-2009-3347
 	NOT-FOR-US: D-Link DIR-400 wireless router
-CVE-2009-3346 (Unspecified vulnerability in SAP Crystal Reports Server 2008 allows ...)
+CVE-2009-3346
 	NOT-FOR-US: SAP Crystal Reports Server
-CVE-2009-3345 (Heap-based buffer overflow in SAP Crystal Reports Server 2008 has ...)
+CVE-2009-3345
 	NOT-FOR-US: SAP Crystal Reports Server
-CVE-2009-3344 (Unspecified vulnerability in SAP Crystal Reports Server 2008 on ...)
+CVE-2009-3344
 	NOT-FOR-US: SAP Crystal Reports Server
-CVE-2009-3343 (SQL injection vulnerability in details.asp in HotWeb Rentals allows ...)
+CVE-2009-3343
 	NOT-FOR-US: HotWeb Rentals
-CVE-2009-3342 (SQL injection vulnerability in frontend/assets/ajax/checkusername.php ...)
+CVE-2009-3342
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3341 (Buffer overflow on the Linksys WRT54GL wireless router allows remote ...)
+CVE-2009-3341
 	NOT-FOR-US: Linksys WRT54GL wireless router
-CVE-2009-3340 (Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to ...)
+CVE-2009-3340
 	NOT-FOR-US: FreeSSHD
-CVE-2009-3339 (Unspecified vulnerability in McAfee Email and Web Security Appliance ...)
+CVE-2009-3339
 	NOT-FOR-US: McAfee Email and Web Security Appliance
-CVE-2009-3338 (Stack-based buffer overflow in EffectMatrix (E.M.) Magic Morph 1.95b ...)
+CVE-2009-3338
 	NOT-FOR-US: Magic Morph
-CVE-2009-3337 (SQL injection vulnerability in the Freetag (serendipity_event_freetag) ...)
+CVE-2009-3337
 	NOT-FOR-US: plugin for Serendipity
-CVE-2009-3336 (SQL injection vulnerability in auction_details.php in PHP Pro Bid ...)
+CVE-2009-3336
 	NOT-FOR-US: PHP Pro Bid
-CVE-2009-3335 (SQL injection vulnerability in the TurtuShout component 0.11 for ...)
+CVE-2009-3335
 	NOT-FOR-US: TurtuShout component 0.11 for Joomla!
-CVE-2009-3334 (SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! ...)
+CVE-2009-3334
 	NOT-FOR-US: Lhacky! Extensions Cave Joomla!
-CVE-2009-3333 (PHP remote file inclusion vulnerability in koesubmit.php in the ...)
+CVE-2009-3333
 	NOT-FOR-US: koeSubmit (com_koesubmit) component 1.0 for Mambo
-CVE-2009-3332 (SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) ...)
+CVE-2009-3332
 	NOT-FOR-US: BudgetsMagic (com_jbudgetsmagic) component for Joomla!
-CVE-2009-3331 (Multiple PHP remote file inclusion vulnerabilities in DDL CMS 1.0 ...)
+CVE-2009-3331
 	NOT-FOR-US: DDL CMS
-CVE-2009-3330 (SQL injection vulnerability in index.php in cP Creator 2.7.1, when ...)
+CVE-2009-3330
 	NOT-FOR-US: cP Creator
-CVE-2009-3329 (Stack-based buffer overflow in Winplot 1.25.0.1 allows user-assisted ...)
+CVE-2009-3329
 	NOT-FOR-US: Winplot
-CVE-2009-3328 (Cross-site scripting (XSS) vulnerability in sign.php in WX-Guestbook ...)
+CVE-2009-3328
 	NOT-FOR-US: WX-Guestbook
-CVE-2009-3327 (Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow ...)
+CVE-2009-3327
 	NOT-FOR-US: WX-Guestbook
-CVE-2009-3326 (SQL injection vulnerability in index.php in CMScontrol Content ...)
+CVE-2009-3326
 	NOT-FOR-US: CMScontrol
-CVE-2009-3325 (SQL injection vulnerability in the Focusplus Developments Survey ...)
+CVE-2009-3325
 	NOT-FOR-US: Survey Manager (com_surveymanager) component 1.5.0 for Joomla!
-CVE-2009-3324 (PHP remote file inclusion vulnerability in include/prodler.class.php ...)
+CVE-2009-3324
 	NOT-FOR-US: ProdLer
-CVE-2009-3323 (Multiple PHP remote file inclusion vulnerabilities in BAnner ROtation ...)
+CVE-2009-3323
 	NOT-FOR-US: BAnner ROtation System mini (BAROSmini)
-CVE-2009-3322 (The Siemens Gigaset SE361 WLAN router allows remote attackers to cause ...)
+CVE-2009-3322
 	NOT-FOR-US: Siemens Gigaset SE361 WLAN router
-CVE-2009-3321 (SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc ...)
+CVE-2009-3321
 	NOT-FOR-US: SaphpLesson
-CVE-2009-3320 (Cross-site scripting (XSS) vulnerability in scrivi.php in Zenas ...)
+CVE-2009-3320
 	NOT-FOR-US: Zenas PaoLink (aka Pao-Link)
-CVE-2009-3319 (SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 ...)
+CVE-2009-3319
 	NOT-FOR-US: DCI-Designs Dawaween
-CVE-2009-3318 (Directory traversal vulnerability in the Roland Breedveld Album ...)
+CVE-2009-3318
 	NOT-FOR-US: Roland Breedveld Album (com_album) component 1.14 for Joomla!
-CVE-2009-3317 (PHP remote file inclusion vulnerability in pages/pageHeader.php in ...)
+CVE-2009-3317
 	NOT-FOR-US: OpenSiteAdmin
-CVE-2009-3316 (SQL injection vulnerability in the JReservation (com_jreservation) ...)
+CVE-2009-3316
 	NOT-FOR-US: JReservation (com_jreservation) component 1.0 and 1.5 for Joomla!
-CVE-2009-3315 (SQL injection vulnerability in admin/index.php in NeLogic Nephp ...)
+CVE-2009-3315
 	NOT-FOR-US: NeLogic Nephp Publisher Enterprise
-CVE-2009-3314 (SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 ...)
+CVE-2009-3314
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2009-3313 (Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote ...)
+CVE-2009-3313
 	NOT-FOR-US: FMyClone
-CVE-2009-3312 (PHP remote file inclusion vulnerability in php/init.poll.php in ...)
+CVE-2009-3312
 	NOT-FOR-US: phpPollScript
-CVE-2009-3311 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2009-3311
 	NOT-FOR-US: RSSMediaScript
-CVE-2009-3310 (SQL injection vulnerability in index.php in Zainu 1.0 allows remote ...)
+CVE-2009-3310
 	NOT-FOR-US: Zainu
-CVE-2009-3309 (SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta ...)
+CVE-2009-3309
 	NOT-FOR-US: CF ShopKart
-CVE-2009-3308 (SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows ...)
+CVE-2009-3308
 	NOT-FOR-US: FanUpdate
-CVE-2009-3307 (Multiple PHP remote file inclusion vulnerabilities in FSphp 0.2.1 ...)
+CVE-2009-3307
 	NOT-FOR-US: FSphp
-CVE-2009-3306 (PHP remote file inclusion vulnerability in include/header.php in ...)
+CVE-2009-3306
 	NOT-FOR-US: ClearSite
-CVE-2009-3305 (Polipo 1.0.4, and possibly other versions, allows remote attackers to ...)
+CVE-2009-3305
 	{DSA-2002-1}
 	- polipo 1.0.4-1.1 (low; bug #547047)
 	[etch] - polipo <no-dsa> (Minor issue)
 	[lenny] - polipo <no-dsa> (Minor issue)
-CVE-2009-3304 (GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite ...)
+CVE-2009-3304
 	{DSA-1945-1}
 	- gforge  4.8.2-1
-CVE-2009-3303 (Cross-site scripting (XSS) vulnerability in www/help/tracker.php in ...)
+CVE-2009-3303
 	{DSA-1937-1}
 	- gforge 4.8.1-3 (low)
-CVE-2009-3302 (filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows ...)
+CVE-2009-3302
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-3301 (Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) ...)
+CVE-2009-3301
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the Identity ...)
+CVE-2009-3300
 	{DSA-1947-1}
 	- shibboleth-sp2 2.3+dfsg-1 (medium; bug #555608)
 	- shibboleth-sp 3.0.2+dfsg1-2 (medium)
 	- opensaml2 2.3-1 (medium)
 	NOTE: xmltooling also needs to be updated, changed in sid in 1.3.1-1
-CVE-2009-3299 (Cross-site scripting (XSS) vulnerability in the resume blocktype in ...)
+CVE-2009-3299
 	{DSA-1924-1}
 	- mahara 1.1.7-1 (low)
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=1170
-CVE-2009-3298 (Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote ...)
+CVE-2009-3298
 	{DSA-1924-1}
 	- mahara 1.1.7-1 (low)
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=1169
 CVE-2009-3297 [mount race conditions]
 	REJECTED
-CVE-2009-3296 (Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow ...)
+CVE-2009-3296
 	{DSA-1912-2 DSA-1912-1}
 	- camlimages 1:3.0.1-5 (low)
 	- advi 1.6.0-15 (low; bug #551282)
-CVE-2009-3295 (The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm ...)
+CVE-2009-3295
 	- krb5 1.7+dfsg-4 (medium)
 	[lenny] - krb5 <not-affected> (code introduced in 1.7)
 	[etch] - krb5 <not-affected> (code introduced in 1.7)
-CVE-2009-3294 (The popen API function in TSRM/tsrm_win32.c in PHP before 5.2.11 and ...)
+CVE-2009-3294
 	- php5 <not-affected> (win32-specific)
-CVE-2009-3293 (Unspecified vulnerability in the imagecolortransparent function in PHP ...)
+CVE-2009-3293
 	- php5 <not-affected> (the php packages use the system libgd2)
 	- php4 <not-affected> (the php packages use the system libgd2)
 	NOTE: the transparent colours functionality is only on php5's bundled libgd2
-CVE-2009-3292 (Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before ...)
+CVE-2009-3292
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-1 (low)
 	NOTE: unknown impact, it is related to missing sanity checks
@@ -4919,7 +4919,7 @@ CVE-2009-3292 (Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before
 	NOTE: a missing limit on the nesting level of TIFF files, and
 	NOTE: missing EOF checks, possibly leading to NULL dereferences
 	NOTE: experimental is likely to be affected (as of 5.3.0)
-CVE-2009-3291 (The php_openssl_apply_verification_policy function in PHP before ...)
+CVE-2009-3291
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-1 (low)
 	[lenny] - php5 <no-dsa> (rather unimportant)
@@ -4927,325 +4927,325 @@ CVE-2009-3291 (The php_openssl_apply_verification_policy function in PHP before
 	NOTE: seems to be related to handling of \0 on CN
 	NOTE: not worth a dsa on its own, php doesn't verify certificates by default
 	NOTE: experimental is likely to be affected (as of 5.3.0)
-CVE-2009-3289 (The g_file_copy function in glib 2.0 sets the permissions of a target ...)
+CVE-2009-3289
 	- glib2.0 2.22.0-1 (low)
 	[lenny] - glib2.0 2.16.6-3
 	[etch] - glib2.0 <no-dsa> (Minor issue)
-CVE-2009-3287 (lib/thin/connection.rb in Thin web server before 1.2.4 relies on the ...)
+CVE-2009-3287
 	- thin 1.2.4-1 (low)
 CVE-2009-3285
 	RESERVED
-CVE-2009-3284 (Directory traversal vulnerability in phpspot PHP BBS, PHP Image ...)
+CVE-2009-3284
 	NOT-FOR-US: phpspot Products
-CVE-2009-3283 (Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image ...)
+CVE-2009-3283
 	NOT-FOR-US: phpspot Products
-CVE-2009-3282 (Integer overflow in the vmx86 kernel extension in VMware Fusion before ...)
+CVE-2009-3282
 	NOT-FOR-US: VMware Fusion
-CVE-2009-3281 (The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 ...)
+CVE-2009-3281
 	NOT-FOR-US: VMware Fusion
-CVE-2009-3280 (Integer signedness error in the find_ie function in ...)
+CVE-2009-3280
 	- linux-2.6 2.6.31-1 (medium)
 	- linux-2.6.24 <not-affected> (vulnerable code not present)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2009-3279 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 ...)
+CVE-2009-3279
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639
-CVE-2009-3278 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 ...)
+CVE-2009-3278
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639
-CVE-2009-3277 (DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs in datavault ...)
+CVE-2009-3277
 	NOT-FOR-US: datavault
-CVE-2009-3276 (Zoran/WinFormsAdvansed/RegeularDataToXML/Form1.cs in WinFormsAdvansed ...)
+CVE-2009-3276
 	NOT-FOR-US: NASD CORE.NET Terelik (aka corenet1)
-CVE-2009-3275 (Blocks/Common/Src/Configuration/Manageability/Adm/AdmContentBuilder.cs ...)
+CVE-2009-3275
 	NOT-FOR-US: Microsoft patterns & practices Enterprise Library
-CVE-2009-3274 (Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and ...)
+CVE-2009-3274
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3273 (iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not ...)
+CVE-2009-3273
 	NOT-FOR-US: Apple iPhone
-CVE-2009-3272 (Stack consumption vulnerability in WebKit.dll in WebKit in Apple ...)
+CVE-2009-3272
 	- qt4-x11 <unfixed> (unimportant)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: browser crashers are not considered security-relevant
-CVE-2009-3271 (Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a ...)
+CVE-2009-3271
 	NOT-FOR-US: Apple Safari on iPhone OS 3.0.1
-CVE-2009-3290 (The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the ...)
+CVE-2009-3290
 	{DSA-1915-1 DSA-1907-1 DTSA-203-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.25)
 	- kvm 85+dfsg-4.1 (high; bug #548975)
-CVE-2009-3288 (The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel ...)
+CVE-2009-3288
 	- linux-2.6 2.6.31-1 (low)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.28)
-CVE-2009-3286 (NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does ...)
+CVE-2009-3286
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.30-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-3270 (Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote ...)
+CVE-2009-3270
 	NOT-FOR-US: Microsoft Internet Explorer 7
-CVE-2009-3269 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)
+CVE-2009-3269
 	NOT-FOR-US: Opera
-CVE-2009-3268 (Google Chrome 1.0.154.48 and earlier allows remote attackers to cause ...)
+CVE-2009-3268
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	NOTE: browser denial of services not considered security-relevant
-CVE-2009-3267 (Microsoft Internet Explorer 6 through 6.0.2900.2180, and ...)
+CVE-2009-3267
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3266 (Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) ...)
+CVE-2009-3266
 	NOT-FOR-US: Opera
-CVE-2009-3265 (Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows ...)
+CVE-2009-3265
 	NOT-FOR-US: Opera
-CVE-2009-3264 (The getSVGDocument method in Google Chrome before 3.0.195.21 omits an ...)
+CVE-2009-3264
 	- chromium-browser <not-affected> (Only 3.x is affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-3263 (Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x ...)
+CVE-2009-3263
 	- chromium-browser <not-affected> (Only 3.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
 	NOTE: http://seclists.org/fulldisclosure/2009/Sep/201
 	NOTE: other browsers are not affected (only chrome and opera)
-CVE-2009-3262 (Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) ...)
+CVE-2009-3262
 	NOT-FOR-US: IBM Tivoli Identity Manager
-CVE-2009-3261 (update/update_0.1.2_to_0.2.php in LiveStreet 0.2 does not require ...)
+CVE-2009-3261
 	NOT-FOR-US: LiveStreet
-CVE-2009-3260 (Cross-site scripting (XSS) vulnerability in LiveStreet 0.2 allows ...)
+CVE-2009-3260
 	NOT-FOR-US: LiveStreet
-CVE-2009-3259 (Multiple SQL injection vulnerabilities in RASH Quote Management System ...)
+CVE-2009-3259
 	NOT-FOR-US: RASH Quote Management System (RQMS)
-CVE-2009-3258 (vtiger CRM before 5.1.0 allows remote authenticated users, with ...)
+CVE-2009-3258
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3257 (vtiger CRM before 5.1.0 allows remote authenticated users to bypass ...)
+CVE-2009-3257
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3256 (Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php ...)
+CVE-2009-3256
 	NOT-FOR-US: LiveStreet
-CVE-2009-3255 (SQL injection vulnerability in RASH Quote Management System (RQMS) ...)
+CVE-2009-3255
 	NOT-FOR-US: RASH Quote Management System (RQMS)
-CVE-2009-3254 (Multiple stack-based buffer overflows in Ultimate Player 1.56 beta ...)
+CVE-2009-3254
 	NOT-FOR-US: Ultimate Player
-CVE-2009-3253 (Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 ...)
+CVE-2009-3253
 	NOT-FOR-US: TriceraSoft Swift Ultralite
-CVE-2009-3252 (Multiple SQL injection vulnerabilities in news.php in Rock Band CMS ...)
+CVE-2009-3252
 	NOT-FOR-US: Rock Band CMS
-CVE-2009-3251 (include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows ...)
+CVE-2009-3251
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3250 (The saveForwardAttachments procedure in the Compose Mail functionality ...)
+CVE-2009-3250
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3249 (Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow ...)
+CVE-2009-3249
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3248 (Cross-site request forgery (CSRF) vulnerability in the RSS module in ...)
+CVE-2009-3248
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3247 (Cross-site scripting (XSS) vulnerability in the Activities module in ...)
+CVE-2009-3247
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3246 (SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX ...)
+CVE-2009-3246
 	NOT-FOR-US: MyBuxScript PTC-BUX
-CVE-2009-3245 (OpenSSL before 0.9.8m does not check for a NULL return value from ...)
+CVE-2009-3245
 	- openssl 0.9.8m-1 (low; bug #575433)
 	[lenny] - openssl 0.9.8g-15+lenny7
-CVE-2009-3244 (Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe ...)
+CVE-2009-3244
 	NOT-FOR-US: Adobe ShockWave Player
-CVE-2009-3243 (Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and ...)
+CVE-2009-3243
 	- wireshark <not-affected> (Windows-only issue)
-CVE-2009-3242 (Unspecified vulnerability in packet.c in the GSM A RR dissector in ...)
+CVE-2009-3242
 	- wireshark 1.2.2-1 (low; bug #547704)
 	[etch] - wireshark <not-affected> (Only affects 1.2.x)
 	[lenny] - wireshark <not-affected> (Only affects 1.2.x)
-CVE-2009-3241 (Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark ...)
+CVE-2009-3241
 	{DSA-1942-1}
 	- wireshark 1.2.2-1 (low; bug #547704)
 	[etch] - wireshark <not-affected> (Only affects >= 0.99.6)
 	[lenny] - wireshark 1.0.2-3+lenny6
-CVE-2009-3240 (Cross-site scripting (XSS) vulnerability in the Happy Linux XF-Section ...)
+CVE-2009-3240
 	NOT-FOR-US: module for XOOPS
 CVE-2009-3239
 	REJECTED
-CVE-2009-3238 (The get_random_int function in drivers/char/random.c in the Linux ...)
+CVE-2009-3238
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.30-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3237 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
+CVE-2009-3237
 	{DSA-1966-1}
 	- horde3 3.3.5+debian0-1 (low)
 	[lenny] - horde3 3.2.2+debian0-2+lenny1
 	NOTE: horde3 issue fixed in backport of latest DSA, DSA however did not fix etch
-CVE-2009-3235 (Multiple stack-based buffer overflows in the Sieve plugin in Dovecot ...)
+CVE-2009-3235
 	{DSA-1893-1 DSA-1892-1}
 	- cyrus-imapd-2.2 2.2.13-17 (medium; bug #547947)
 	- kolab-cyrus-imapd 2.2.13-5.1 (medium; bug #547712)
 	- dovecot 1:1.2.1-1 (medium; bug #546656)
 	NOTE: This is a different vulnerability than CVE-2009-2632, it covers a few additional buffer overflows
-CVE-2009-3228 (The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem ...)
+CVE-2009-3228
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3236 (The form library in Horde Application Framework 3.2 before 3.2.5 and ...)
+CVE-2009-3236
 	{DSA-1897-1}
 	- horde3 3.3.5+debian0-1 (medium; bug #547318)
-CVE-2009-3234 (Buffer overflow in the perf_copy_attr function in ...)
+CVE-2009-3234
 	- linux-2.6 <not-affected> (Introduced in 2.6.31, fixed in Debian package before initial 2.6.31 upload)
 	- linux-2.6.24 <not-affected> (Introduced in 2.6.31)
-CVE-2009-3227 (Cross-site scripting (XSS) vulnerability in index.php in AlmondSoft ...)
+CVE-2009-3227
 	NOT-FOR-US: AlmondSoft Almond Classifieds Ads Enterprise
-CVE-2009-3226 (SQL injection vulnerability in index.php in AlmondSoft Almond ...)
+CVE-2009-3226
 	NOT-FOR-US: AlmondSoft Almond Classifieds Ads Enterprise
-CVE-2009-3225 (Multiple cross-site scripting (XSS) vulnerabilities in AlmondSoft ...)
+CVE-2009-3225
 	NOT-FOR-US: AlmondSoft Almond Classifieds Wap and Pro
-CVE-2009-3224 (SQL injection vulnerability in index.php in Super Mod System, when ...)
+CVE-2009-3224
 	NOT-FOR-US: Super Mod System
-CVE-2009-3223 (SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver ...)
+CVE-2009-3223
 	NOT-FOR-US: Inout Adserver
-CVE-2009-3222 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2009-3222
 	NOT-FOR-US: FreeWebScriptz Honest Traffic
-CVE-2009-3221 (Stack-based buffer overflow in Audio Lib Player (ALP) allows remote ...)
+CVE-2009-3221
 	NOT-FOR-US: Audio Lib Player (ALP)
-CVE-2009-3220 (PHP remote file inclusion vulnerability in cp_html2txt.php in All In ...)
+CVE-2009-3220
 	NOT-FOR-US: All In One Control Panel
-CVE-2009-3219 (Directory traversal vulnerability in a.php in AR Web Content Manager ...)
+CVE-2009-3219
 	NOT-FOR-US: AR Web Content Manager
-CVE-2009-3218 (SQL injection vulnerability in control/login.php in AR Web Content ...)
+CVE-2009-3218
 	NOT-FOR-US: AR Web Content Manager
-CVE-2009-3217 (SQL injection vulnerability in the admin module in iWiccle 1.01 allows ...)
+CVE-2009-3217
 	NOT-FOR-US: iWiccle
-CVE-2009-3216 (Multiple directory traversal vulnerabilities in iWiccle 1.01, when ...)
+CVE-2009-3216
 	NOT-FOR-US: iWiccle
-CVE-2009-3215 (SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, ...)
+CVE-2009-3215
 	NOT-FOR-US: IXXO Cart Standalone
-CVE-2009-3214 (Multiple stack-based buffer overflows in Photodex ProShow Gold ...)
+CVE-2009-3214
 	NOT-FOR-US: Photodex ProShow Gold
-CVE-2009-3213 (Stack-based buffer overflow in broid 1.0 Beta 3a allows remote ...)
+CVE-2009-3213
 	NOT-FOR-US: broid
-CVE-2009-3212 (SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, ...)
+CVE-2009-3212
 	NOT-FOR-US: VivaPrograms Infinity Script
-CVE-2009-3211 (Directory traversal vulnerability in VivaPrograms Infinity Script ...)
+CVE-2009-3211
 	NOT-FOR-US: VivaPrograms Infinity Script
-CVE-2009-3210 (Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka ...)
+CVE-2009-3210
 	NOT-FOR-US: Print (aka Printer, e-mail and PDF versions) Drupal module (3rd party module)
-CVE-2009-3209 (SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 ...)
+CVE-2009-3209
 	NOT-FOR-US: PHP eMail Manager
-CVE-2009-3208 (Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote ...)
+CVE-2009-3208
 	NOT-FOR-US: phpfreeBB
-CVE-2009-3207 (The ImageCache module 5.x before 5.x-2.5 and 6.x before ...)
+CVE-2009-3207
 	NOT-FOR-US: ImageCache module for Drupal (3rd party module)
-CVE-2009-3206 (Multiple cross-site scripting (XSS) vulnerabilities in the ImageCache ...)
+CVE-2009-3206
 	NOT-FOR-US: ImageCache module for Drupal (3rd party module)
-CVE-2009-3205 (SQL injection vulnerability in main.php in CBAuthority allows remote ...)
+CVE-2009-3205
 	NOT-FOR-US: CBAuthority
-CVE-2009-3204 (Multiple cross-site scripting (XSS) vulnerabilities in Stiva Forum 1.0 ...)
+CVE-2009-3204
 	NOT-FOR-US: Stiva Forum
-CVE-2009-3203 (SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x ...)
+CVE-2009-3203
 	NOT-FOR-US: AJ Auction Pro OOPD
-CVE-2009-3202 (Cross-site scripting (XSS) vulnerability in search.php in ULoKI PHP ...)
+CVE-2009-3202
 	NOT-FOR-US: ULoKI PHP Forum
-CVE-2009-3201 (Integer overflow in Media Player Classic 6.4.9 allows user-assisted ...)
+CVE-2009-3201
 	NOT-FOR-US: Media Player Classic
-CVE-2009-3200 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 ...)
+CVE-2009-3200
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639 Pro
-CVE-2009-3199 (Uebimiau Webmail 3.2.0-2.0 stores sensitive information under the web ...)
+CVE-2009-3199
 	NOT-FOR-US: Uebimiau Webmail
-CVE-2009-3198 (Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech ...)
+CVE-2009-3198
 	NOT-FOR-US: Affiliate Master
-CVE-2009-3197 (Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP ...)
+CVE-2009-3197
 	NOT-FOR-US: JCE-Tech PHP Calendars
-CVE-2009-3196 (Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP ...)
+CVE-2009-3196
 	NOT-FOR-US: JCE-Tech PHP Video Script
-CVE-2009-3195 (Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech ...)
+CVE-2009-3195
 	NOT-FOR-US: JCE-Tech Auction RSS Content Script
-CVE-2009-3194 (Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech ...)
+CVE-2009-3194
 	NOT-FOR-US: JCE-Tech SearchFeed Script
-CVE-2009-3193 (SQL injection vulnerability in the DigiFolio (com_digifolio) component ...)
+CVE-2009-3193
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3192 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-3192
 	NOT-FOR-US: LinkorCMS
-CVE-2009-3191 (Multiple cross-site scripting (XSS) vulnerabilities in PAD Site ...)
+CVE-2009-3191
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-3190 (Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow ...)
+CVE-2009-3190
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-3189 (Cross-site scripting (XSS) vulnerability in search.php in DigiOz ...)
+CVE-2009-3189
 	NOT-FOR-US: DigiOz Guestbook
-CVE-2009-3188 (PHP remote file inclusion vulnerability in save.php in phpSANE 0.5.0 ...)
+CVE-2009-3188
 	NOT-FOR-US: phpSANE
-CVE-2009-3187 (Cross-site scripting (XSS) vulnerability in gamelist.php in Stand ...)
+CVE-2009-3187
 	NOT-FOR-US: Stand Alone Arcade
-CVE-2009-3186 (Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ ...)
+CVE-2009-3186
 	NOT-FOR-US: VideoGirls BiZ
-CVE-2009-3185 (SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 ...)
+CVE-2009-3185
 	NOT-FOR-US: Crazy Star plugin 2.0 for Discuz!
-CVE-2009-3184 (Multiple SQL injection vulnerabilities in index.php in Pirates of The ...)
+CVE-2009-3184
 	NOT-FOR-US: Pirates of The Caribbean
-CVE-2009-3233 (changetrack 4.3 allows local users to execute arbitrary commands via ...)
+CVE-2009-3233
 	{DSA-1891-1}
 	- changetrack 4.5-2 (medium; bug #546791)
-CVE-2009-3183 (Heap-based buffer overflow in w in Sun Solaris 8 through 10, and ...)
+CVE-2009-3183
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3166 (token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL ...)
+CVE-2009-3166
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3165 (SQL injection vulnerability in the Bug.create WebService function in ...)
+CVE-2009-3165
 	{DSA-1913-1}
 	- bugzilla 3.2.5.0-1 (low; bug #547132)
 	[etch] - bugzilla <not-affected> (Vulnerable code not present)
 	NOTE: Introduced in 2.23.4
-CVE-2009-3182 (Unrestricted file upload vulnerability in ...)
+CVE-2009-3182
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3181 (Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows ...)
+CVE-2009-3181
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3180 (Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a ...)
+CVE-2009-3180
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3179 (Multiple unspecified vulnerabilities in Symantec Altiris Deployment ...)
+CVE-2009-3179
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3178 (Unspecified vulnerability in mm.exe in Symantec Altiris Deployment ...)
+CVE-2009-3178
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3177 (Unspecified vulnerability in Kaspersky Online Scanner 7.0 has unknown ...)
+CVE-2009-3177
 	NOT-FOR-US: Kaspersky Online Scanner
-CVE-2009-3176 (Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 ...)
+CVE-2009-3176
 	NOT-FOR-US: Novell iPrint Client
-CVE-2009-3175 (Multiple SQL injection vulnerabilities in Model Agency Manager PRO ...)
+CVE-2009-3175
 	NOT-FOR-US: Model Agency Manager PRO
-CVE-2009-3174 (PHP remote file inclusion vulnerability in fonctions_racine.php in ...)
+CVE-2009-3174
 	NOT-FOR-US: OBOphiX
-CVE-2009-3173 (Unrestricted file upload vulnerability in admin/add_album.php in The ...)
+CVE-2009-3173
 	NOT-FOR-US: Rat CMS Alpha
-CVE-2009-3172 (Unspecified vulnerability in Hitachi Groupmax Groupware Server 07-00 ...)
+CVE-2009-3172
 	NOT-FOR-US: Hitachi Groupmax Groupware Server
-CVE-2009-3171 (Multiple cross-site scripting (XSS) vulnerabilities in Anantasoft ...)
+CVE-2009-3171
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3170 (Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) ...)
+CVE-2009-3170
 	NOT-FOR-US: AIMP2 Audio Converter
-CVE-2009-3169 (Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission ...)
+CVE-2009-3169
 	NOT-FOR-US: Hitachi
-CVE-2009-3168 (Mevin Productions Basic PHP Events Lister 2.0 does not properly ...)
+CVE-2009-3168
 	NOT-FOR-US: Mevin Productions Basic PHP Events Lister
-CVE-2009-3167 (Directory traversal vulnerability in index.php in Anantasoft Gazelle ...)
+CVE-2009-3167
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3232 (pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian ...)
+CVE-2009-3232
 	- pam 1.0.1-10 (bug #519927)
 	[lenny] - pam <not-affected> (pam-auth-update not yet present)
 	[etch] - pam <not-affected> (pam-auth-update not yet present)
-CVE-2009-3229 (The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before ...)
+CVE-2009-3229
 	{DSA-1900-1}
 	- postgresql-8.4 8.4.1-1
 	- postgresql-8.3 8.3.8-1
 	- postgresql-8.1 <not-affected>
 	- postgresql-7.4 <not-affected>
-CVE-2009-3230 (The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before ...)
+CVE-2009-3230
 	{DSA-1900-1}
 	- postgresql-8.4 8.4.1-1
 	- postgresql-8.3 8.3.8-1
 	- postgresql-8.1 <removed>
 	- postgresql-7.4 <removed>
-CVE-2009-3231 (The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 ...)
+CVE-2009-3231
 	{DSA-1900-1}
 	- postgresql-8.4 8.4.1-1
 	- postgresql-8.3 8.3.8-1
 	- postgresql-8.1 <not-affected>
 	- postgresql-7.4 <not-affected>
-CVE-2009-3164 (Unspecified vulnerability in the IPv6 networking stack in Sun Solaris ...)
+CVE-2009-3164
 	NOT-FOR-US: Solaris
-CVE-2009-3163 (Multiple format string vulnerabilities in lib/silcclient/command.c in ...)
+CVE-2009-3163
 	{DSA-1879-1}
 	- silc-toolkit 1.1.10-1 (medium)
 	- silc-client 1.1-2 (medium)
@@ -5271,345 +5271,345 @@ CVE-2009-3137
 	REJECTED
 CVE-2009-3136
 	REJECTED
-CVE-2009-3135 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 ...)
+CVE-2009-3135
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3134 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+CVE-2009-3134
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3133 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and ...)
+CVE-2009-3133
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3132 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+CVE-2009-3132
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3131 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+CVE-2009-3131
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3130 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office ...)
+CVE-2009-3130
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3129 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+CVE-2009-3129
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3128 (Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer ...)
+CVE-2009-3128
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3127 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
+CVE-2009-3127
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3126 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
+CVE-2009-3126
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3162 (Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows ...)
+CVE-2009-3162
 	NOT-FOR-US: Multi Website
-CVE-2009-3161 (The server in IBM WebSphere MQ 7.0.0.1, 7.0.0.2, and 7.0.1.0 allows ...)
+CVE-2009-3161
 	NOT-FOR-US: IBM WebSpHere MQ
-CVE-2009-3160 (IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and ...)
+CVE-2009-3160
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2009-3159 (Unspecified vulnerability in the rriDecompress function in IBM ...)
+CVE-2009-3159
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2009-3158 (admin/files.php in simplePHPWeb 0.2 does not require authentication, ...)
+CVE-2009-3158
 	NOT-FOR-US: simplePHPWeb
-CVE-2009-3157 (Cross-site scripting (XSS) vulnerability in the Calendar module 6.x ...)
+CVE-2009-3157
 	NOT-FOR-US: Calendar module for Drupal
-CVE-2009-3156 (Cross-site scripting (XSS) vulnerability in the Date Tools sub-module ...)
+CVE-2009-3156
 	NOT-FOR-US: Date module for Drupal
-CVE-2009-3155 (Cross-site scripting (XSS) vulnerability in gmap.php in the Almond ...)
+CVE-2009-3155
 	NOT-FOR-US: Almond Classifieds component for Joomla!
-CVE-2009-3154 (SQL injection vulnerability in the Almond Classifieds (com_aclassf) ...)
+CVE-2009-3154
 	NOT-FOR-US: Almond Classifieds component for Joomla!
-CVE-2009-3153 (Multiple cross-site scripting (XSS) vulnerabilities in x10 MP3 Search ...)
+CVE-2009-3153
 	NOT-FOR-US: x10 MP3 Search engine
-CVE-2009-3152 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-3152
 	NOT-FOR-US: NTSOFT BBS E-Market Professional
-CVE-2009-3151 (Directory traversal vulnerability in actions/downloadFile.php in ...)
+CVE-2009-3151
 	NOT-FOR-US: Ultrize TimeSheet
-CVE-2009-3150 (SQL injection vulnerability in index.php in Multi Website 1.5 allows ...)
+CVE-2009-3150
 	NOT-FOR-US: Multi Website
-CVE-2009-3149 (Directory traversal vulnerability in _css/js.php in Elgg 1.5, when ...)
+CVE-2009-3149
 	- elgg <itp> (bug #526197)
-CVE-2009-3148 (Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 ...)
+CVE-2009-3148
 	NOT-FOR-US: PortalXP Teacher Edition
-CVE-2009-3147 (Cross-site scripting (XSS) vulnerability in showproduct.php in ...)
+CVE-2009-3147
 	NOT-FOR-US: ReviewPost Pro
-CVE-2009-3146 (Cross-site scripting (XSS) vulnerability in search_advance.php in ...)
+CVE-2009-3146
 	NOT-FOR-US: ArticleFriend Script
-CVE-2009-3125 (SQL injection vulnerability in the Bug.search WebService function in ...)
+CVE-2009-3125
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3124 (Directory traversal vulnerability in get_message.cgi in QuarkMail ...)
+CVE-2009-3124
 	NOT-FOR-US: QuarkMail
-CVE-2009-3123 (Directory traversal vulnerability in gallery/gallery.php in Wap-Motor ...)
+CVE-2009-3123
 	NOT-FOR-US: Wap-Motor
-CVE-2009-3122 (The Ajax Table module 5.x for Drupal does not perform access control, ...)
+CVE-2009-3122
 	NOT-FOR-US: Ajax Table module module for Drupal
-CVE-2009-3121 (Cross-site scripting (XSS) vulnerability in the Ajax Table module 5.x ...)
+CVE-2009-3121
 	NOT-FOR-US: Ajax Table module module for Drupal
-CVE-2009-3120 (Cross-site scripting (XSS) vulnerability in public/index.php in BIGACE ...)
+CVE-2009-3120
 	NOT-FOR-US: BIGACE Web CMS
-CVE-2009-3119 (SQL injection vulnerability in screen.php in the Download System mSF ...)
+CVE-2009-3119
 	NOT-FOR-US: PHP-Fusion
-CVE-2009-3118 (SQL injection vulnerability in mod/poll/comment.php in the vote module ...)
+CVE-2009-3118
 	NOT-FOR-US: Danneo CMS
-CVE-2009-3117 (SQL injection vulnerability in category.php in Snow Hall Silurus ...)
+CVE-2009-3117
 	NOT-FOR-US: Snow Hall Silurus System
-CVE-2009-3116 (SQL injection vulnerability in index.php in Uiga Church Portal allows ...)
+CVE-2009-3116
 	NOT-FOR-US: Uiga Church Portal
-CVE-2009-3115 (SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers ...)
+CVE-2009-3115
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2009-3114 (The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from ...)
+CVE-2009-3114
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2009-3113 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and ...)
+CVE-2009-3113
 	NOT-FOR-US: OXID eShop Professional
-CVE-2009-3112 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and ...)
+CVE-2009-3112
 	NOT-FOR-US: OXID eShop Professional
-CVE-2009-3111 (The rad_decode function in FreeRADIUS before 1.1.8 allows remote ...)
+CVE-2009-3111
 	- freeradius 2.0.0-1 (low)
-CVE-2009-3110 (Race condition in the file transfer functionality in Symantec Altiris ...)
+CVE-2009-3110
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3109 (Unspecified vulnerability in the AClient agent in Symantec Altiris ...)
+CVE-2009-3109
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3108 (The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before ...)
+CVE-2009-3108
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3107 (Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 ...)
+CVE-2009-3107
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3106 (The Servlet Engine/Web Container component in IBM WebSphere ...)
+CVE-2009-3106
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-3105 (Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka ...)
+CVE-2009-3105
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2009-3104 (Unspecified vulnerability in Symantec Norton AntiVirus 2005 through ...)
+CVE-2009-3104
 	NOT-FOR-US: Symantec Norton AntiVirus
-CVE-2009-3103 (Array index error in the SMBv2 protocol implementation in srv2.sys in ...)
+CVE-2009-3103
 	NOT-FOR-US: Microsoft
-CVE-2009-3102 (The doHotCopy subroutine in socket-server.pl in Zmanda Recovery ...)
+CVE-2009-3102
 	NOT-FOR-US: Zmanda Recovery Manager
-CVE-2009-3101 (xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and ...)
+CVE-2009-3101
 	- xscreensaver <not-affected> (OpenSolaris-specific, patch 120094-22 causes this)
-CVE-2009-3100 (xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, ...)
+CVE-2009-3100
 	- xscreensaver <not-affected> (OpenSolaris-specific, patch 120094-22 causes this)
-CVE-2009-3099 (Unspecified vulnerability in HP OpenView Operations Manager 8.1 on ...)
+CVE-2009-3099
 	NOT-FOR-US: HP OpenView Operations Manager
-CVE-2009-3098 (Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 ...)
+CVE-2009-3098
 	NOT-FOR-US: HP Operations Dashboard
-CVE-2009-3097 (Multiple unspecified vulnerabilities in HP Performance Insight 5.3 on ...)
+CVE-2009-3097
 	NOT-FOR-US: HP Performance Insight
-CVE-2009-3096 (Multiple unspecified vulnerabilities in HP Performance Insight 5.3 ...)
+CVE-2009-3096
 	NOT-FOR-US: HP Performance Insight
-CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows remote ...)
+CVE-2009-3095
 	{DSA-1934-1}
 	- apache2 2.2.13-2 (low; bug #545951)
 	[etch] - apache2 <no-dsa> (minor issue)
 	[lenny] - apache2 2.2.9-10+lenny5 (low; bug #545951)
 	NOTE: The attacker needs to have valid credentials for the FTP server, which
 	NOTE: makes this irrelevant in most cases. Based on a VulnDisco commercial 0day.
-CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the ...)
+CVE-2009-3094
 	{DSA-1934-1}
 	- apache2 2.2.13-2 (low; bug #545951)
 	[etch] - apache2 <no-dsa> (minor issue)
 	[lenny] - apache2 2.2.9-10+lenny5 (low; bug #545951)
-CVE-2009-3093 (Unspecified vulnerability on the ASUS WL-500W wireless router has ...)
+CVE-2009-3093
 	NOT-FOR-US: ASUS WL-500W
-CVE-2009-3092 (Buffer overflow on the ASUS WL-500W wireless router has unknown impact ...)
+CVE-2009-3092
 	NOT-FOR-US: ASUS WL-500W
-CVE-2009-3091 (Unspecified vulnerability on the ASUS WL-330gE has unknown impact and ...)
+CVE-2009-3091
 	NOT-FOR-US: ASUS WL-330gE
-CVE-2009-3090 (Unspecified vulnerability in IBM Tivoli Directory Server (TDS) 6.0 on ...)
+CVE-2009-3090
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2009-3089 (IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause ...)
+CVE-2009-3089
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2009-3088 (Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server ...)
+CVE-2009-3088
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2009-3087 (Unspecified vulnerability in nserver.exe in the server in IBM Lotus ...)
+CVE-2009-3087
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2009-3086 (A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x ...)
+CVE-2009-3086
 	{DSA-2260-1}
 	- rails 2.2.3-1 (low; bug #545063)
 	[etch] - rails <no-dsa> (Minor issue)
-CVE-2009-3085 (The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not ...)
+CVE-2009-3085
 	- pidgin 2.6.2-1 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
-CVE-2009-3084 (The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c ...)
+CVE-2009-3084
 	{DSA-2038-1}
 	- pidgin 2.6.2-1 (low)
-CVE-2009-3083 (The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the ...)
+CVE-2009-3083
 	{DSA-2038-1}
 	- pidgin 2.6.2-1 (low)
-CVE-2009-3082 (SQL injection vulnerability in wcategory.php in Snow Hall Silurus ...)
+CVE-2009-3082
 	NOT-FOR-US: Snow Hall Silurus System
-CVE-2009-3081 (SQL injection vulnerability in index.php in Uiga Church Portal allows ...)
+CVE-2009-3081
 	NOT-FOR-US: Uiga Church Portal
-CVE-2009-3079 (Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x ...)
+CVE-2009-3079
 	{DSA-1886-1}
 	- iceweasel 3.0.14-1
 	[etch] - iceweasel <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3078 (Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and ...)
+CVE-2009-3078
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3077 (Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not ...)
+CVE-2009-3077
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3076 (Mozilla Firefox before 3.0.14 does not properly implement certain ...)
+CVE-2009-3076
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3075 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
+CVE-2009-3075
 	{DSA-2025-1 DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	- icedove 3.0~rc2-2
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3074 (Unspecified vulnerability in the JavaScript engine in Mozilla Firefox ...)
+CVE-2009-3074
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3073 (Unspecified vulnerability in the JavaScript engine in Mozilla Firefox ...)
+CVE-2009-3073
 	- xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
-CVE-2009-3072 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2009-3072
 	{DSA-2025-1 DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	- icedove 3.0~rc2-2
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3071 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2009-3071
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3070 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2009-3070
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3069 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2009-3069
 	- xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
-CVE-2009-3068 (Unrestricted file upload vulnerability in the RoboHelpServer Servlet ...)
+CVE-2009-3068
 	NOT-FOR-US: Adobe RoboHelp Server
-CVE-2009-3067 (Cross-site scripting (XSS) vulnerability in index.php in Reservation ...)
+CVE-2009-3067
 	NOT-FOR-US: Reservation Manager
-CVE-2009-3066 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-3066
 	NOT-FOR-US: PropertyWatchScript.com Property Watch
-CVE-2009-3065 (PHP remote file inclusion vulnerability in editor/edit_htmlarea.php in ...)
+CVE-2009-3065
 	NOT-FOR-US: Ve-EDIT
-CVE-2009-3064 (Directory traversal vulnerability in debugger/debug_php.php in Ve-EDIT ...)
+CVE-2009-3064
 	NOT-FOR-US: Ve-EDIT
-CVE-2009-3063 (SQL injection vulnerability in the Game Server (com_gameserver) ...)
+CVE-2009-3063
 	NOT-FOR-US: Joomla!
-CVE-2009-3062 (SQL injection vulnerability in message_box.php in OSI Codes PHP Live! ...)
+CVE-2009-3062
 	NOT-FOR-US: OSI Codes PHP Live!
-CVE-2009-3061 (SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 ...)
+CVE-2009-3061
 	NOT-FOR-US: Alqatari Q R Script
-CVE-2009-3060 (Multiple cross-site scripting (XSS) vulnerabilities in Joker Board ...)
+CVE-2009-3060
 	NOT-FOR-US: Joker Board
-CVE-2009-3059 (Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 ...)
+CVE-2009-3059
 	NOT-FOR-US: Joker Board
-CVE-2009-3058 (Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers ...)
+CVE-2009-3058
 	NOT-FOR-US: akPlayer
-CVE-2009-3057 (Multiple cross-site scripting (XSS) vulnerabilities in AOM Software ...)
+CVE-2009-3057
 	NOT-FOR-US: AOM Software Beex
-CVE-2009-3056 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-3056
 	NOT-FOR-US: KingCMS
-CVE-2009-3055 (PHP remote file inclusion vulnerability in engine/api/api.class.php in ...)
+CVE-2009-3055
 	NOT-FOR-US: DataLife Engine
-CVE-2009-3054 (SQL injection vulnerability in the Artetics.com Art Portal ...)
+CVE-2009-3054
 	NOT-FOR-US: Joomla!
-CVE-2009-3053 (Directory traversal vulnerability in the Agora (com_agora) component ...)
+CVE-2009-3053
 	NOT-FOR-US: Joomla!
-CVE-2009-3052 (SQL injection vulnerability in root/includes/prime_quick_style.php in ...)
+CVE-2009-3052
 	NOT-FOR-US: Prime Quick Style addon
-CVE-2009-3051 (Multiple format string vulnerabilities in ...)
+CVE-2009-3051
 	{DSA-1879-1}
 	- silc-toolkit 1.1.10-1 (medium)
 	- silc-client 1.1-2 (medium)
 	- silc-server 1.1.2-1 (medium)
 	NOTE: silc-client/silc-server use libsilc from silc-toolkit since 1.1-2
-CVE-2009-3050 (Buffer overflow in the set_page_size function in util.cxx in HTMLDOC ...)
+CVE-2009-3050
 	- htmldoc 1.8.27-4.1 (low; bug #537637)
 	[etch] - htmldoc <no-dsa> (Minor issue)
 	[lenny] - htmldoc <no-dsa> (Minor issue)
-CVE-2009-3049 (Opera before 10.00 does not properly display all characters in ...)
+CVE-2009-3049
 	NOT-FOR-US: Opera
-CVE-2009-3048 (Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly ...)
+CVE-2009-3048
 	NOT-FOR-US: Opera
-CVE-2009-3047 (Opera before 10.00, when a collapsed address bar is used, does not ...)
+CVE-2009-3047
 	NOT-FOR-US: Opera
-CVE-2009-3046 (Opera before 10.00 does not check all intermediate X.509 certificates ...)
+CVE-2009-3046
 	NOT-FOR-US: Opera
-CVE-2009-3045 (Opera before 10.00 trusts root X.509 certificates signed with the MD2 ...)
+CVE-2009-3045
 	NOT-FOR-US: Opera
-CVE-2009-3044 (Opera before 10.00 does not properly handle a (1) '\0' character or ...)
+CVE-2009-3044
 	NOT-FOR-US: Opera
-CVE-2009-3043 (The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux ...)
+CVE-2009-3043
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
 CVE-2009-3039
 	RESERVED
-CVE-2009-3038 (A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research ...)
+CVE-2009-3038
 	NOT-FOR-US: ActiveX
-CVE-2009-3037 (Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka ...)
+CVE-2009-3037
 	NOT-FOR-US: Autonomy KeyView XLS viewer
-CVE-2009-3036 (Cross-site scripting (XSS) vulnerability in the console in Symantec IM ...)
+CVE-2009-3036
 	NOT-FOR-US: Symantec IM Manager
-CVE-2009-3035 (The web console in Symantec Altiris Notification Server 6.0.x before ...)
+CVE-2009-3035
 	NOT-FOR-US: Symantec Altiris Notification Server
 CVE-2009-3034
 	REJECTED
-CVE-2009-3033 (Buffer overflow in the RunCmd method in the Altiris eXpress NS Console ...)
+CVE-2009-3033
 	NOT-FOR-US: ActiveX
-CVE-2009-3032 (Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the ...)
+CVE-2009-3032
 	NOT-FOR-US: Autonomy KeyView
-CVE-2009-3031 (Stack-based buffer overflow in the BrowseAndSaveFile method in the ...)
+CVE-2009-3031
 	NOT-FOR-US: Symantec Altiris Notification Server
-CVE-2009-3030 (Cross-site scripting (XSS) vulnerability in Symantec ...)
+CVE-2009-3030
 	NOT-FOR-US: Symantec SecurityExpressions Audit and Compliance Server
-CVE-2009-3029 (Cross-site scripting (XSS) vulnerability in the console in Symantec ...)
+CVE-2009-3029
 	NOT-FOR-US: Symantec SecurityExpressions Audit and Compliance Server
-CVE-2009-3028 (The Altiris eXpress NS SC Download ActiveX control in ...)
+CVE-2009-3028
 	NOT-FOR-US: Symantec
-CVE-2009-3027 (VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection ...)
+CVE-2009-3027
 	NOT-FOR-US: Symantec Backup Exec Continuous Protection Server
-CVE-2009-3025 (Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to ...)
+CVE-2009-3025
 	- pidgin 2.6.1-1 (low)
 	[lenny] - pidgin <not-affected> (Vulnerable code introduced in 2.6.0)
 	[etch] - pidgin <not-affected> (Vulnerable code introduced in 2.6.0)
-CVE-2009-3024 (The verify_hostname_of_cert function in the certificate checking ...)
+CVE-2009-3024
 	- libio-socket-ssl-perl 1.30-1
 	[lenny] - libio-socket-ssl-perl 1.16-1+lenny1
 	[etch] - libio-socket-ssl-perl <not-affected> (Affected functionality introduced in 1.14)
-CVE-2009-3023 (Buffer overflow in the FTP Service in Microsoft Internet Information ...)
+CVE-2009-3023
 	NOT-FOR-US: Microsoft IIS
-CVE-2009-3022 (Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and ...)
+CVE-2009-3022
 	NOT-FOR-US: bingo!CMS
-CVE-2009-3021 (Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' ...)
+CVE-2009-3021
 	NOT-FOR-US: Site Calendar 'mycaljp' plugin
-CVE-2009-3020 (win32k.sys in Microsoft Windows Server 2003 SP2 allows remote ...)
+CVE-2009-3020
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2009-3019 (Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet ...)
+CVE-2009-3019
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3018 (Maxthon Browser 3.0.0.145 Alpha with Ultramode does not properly block ...)
+CVE-2009-3018
 	NOT-FOR-US: Maxthon Browser
-CVE-2009-3017 (Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh ...)
+CVE-2009-3017
 	NOT-FOR-US: Orca Browser
-CVE-2009-3016 (Apple Safari 4.0.3 does not properly block javascript: and data: URIs ...)
+CVE-2009-3016
 	NOT-FOR-US: Apple Safari
-CVE-2009-3015 (QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and ...)
+CVE-2009-3015
 	- qt4-x11 <unfixed> (unimportant)
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: This is a web site issue (open redirector), not a browser problem.
-CVE-2009-3014 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; ...)
+CVE-2009-3014
 	NOTE: This is a web site issue (open redirector), not a browser problem.
 	- iceweasel <removed> (unimportant)
-CVE-2009-3013 (Opera 9.52 and earlier, and 10.00 Beta 3 Build 1699, does not properly ...)
+CVE-2009-3013
 	NOT-FOR-US: Opera
-CVE-2009-3012 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre ...)
+CVE-2009-3012
 	NOTE: This is a web site issue (open redirector), not a browser problem.
-CVE-2009-3011 (Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and ...)
+CVE-2009-3011
 	NOT-FOR-US: Unclear, historic Chrome issue
-CVE-2009-3010 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; ...)
+CVE-2009-3010
 	NOTE: This is a web site issue (open redirector), not a browser problem.
 	- iceweasel <removed> (unimportant)
-CVE-2009-3009 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before ...)
+CVE-2009-3009
 	{DSA-1887-1}
 	- rails 2.2.3-1 (low; bug #545063)
 	[etch] - rails <no-dsa> (Unsupported)
-CVE-2009-3008 (K-Meleon 1.5.3 allows context-dependent attackers to spoof the address ...)
+CVE-2009-3008
 	NOT-FOR-US: K-Meleon
-CVE-2009-3007 (Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow ...)
+CVE-2009-3007
 	{DSA-1922-1}
 	- xulrunner 1.9.1.3-3 (low)
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
@@ -5617,213 +5617,213 @@ CVE-2009-3007 (Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allo
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - iceape <not-affected> (Iceape from Lenny only provides NSS libs)
 	- webkit <not-affected> (proof-of-concept did not work)
-CVE-2009-3006 (Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the ...)
+CVE-2009-3006
 	NOT-FOR-US: Maxthon Browser
-CVE-2009-3005 (Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the address ...)
+CVE-2009-3005
 	NOT-FOR-US: Lunascape
-CVE-2009-3004 (Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof ...)
+CVE-2009-3004
 	NOT-FOR-US: Avant Browser
-CVE-2009-3003 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2009-3003
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3002 (The Linux kernel before 2.6.31-rc7 does not initialize certain data ...)
+CVE-2009-3002
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.30-7 (low)
 	- linux-2.6.24 <removed>
 	NOTE: minor info leaks
-CVE-2009-3001 (The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel ...)
+CVE-2009-3001
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.30-7 (low)
 	- linux-2.6.24 <removed>
 	NOTE: minor info leak
-CVE-2009-3000 (The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris ...)
+CVE-2009-3000
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2999 (The com.android.phone process in Android 1.5 CRBxx allows remote ...)
+CVE-2009-2999
 	NOT-FOR-US: Android
 CVE-2009-XXXX [serveez: buffer overflow in header parser]
 	- serveez <removed> (low)
 	[lenny] - serveez 0.1.5-2.1+lenny1
 	[etch] - serveez 0.1.5-2+etch1
-CVE-2009-2998 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+CVE-2009-2998
 	NOT-FOR-US: Adobe
-CVE-2009-2997 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before ...)
+CVE-2009-2997
 	NOT-FOR-US: Adobe
-CVE-2009-2996 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+CVE-2009-2996
 	NOT-FOR-US: Adobe
-CVE-2009-2995 (Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7, ...)
+CVE-2009-2995
 	NOT-FOR-US: Adobe
-CVE-2009-2994 (Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x ...)
+CVE-2009-2994
 	NOT-FOR-US: Adobe
-CVE-2009-2993 (The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before ...)
+CVE-2009-2993
 	NOT-FOR-US: Adobe
-CVE-2009-2992 (An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before ...)
+CVE-2009-2992
 	NOT-FOR-US: Adobe
-CVE-2009-2991 (Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and ...)
+CVE-2009-2991
 	NOT-FOR-US: Adobe
-CVE-2009-2990 (Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x ...)
+CVE-2009-2990
 	NOT-FOR-US: Adobe
-CVE-2009-2989 (Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, ...)
+CVE-2009-2989
 	NOT-FOR-US: Adobe
-CVE-2009-2988 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+CVE-2009-2988
 	NOT-FOR-US: Adobe
-CVE-2009-2987 (Unspecified vulnerability in an ActiveX control in Adobe Reader and ...)
+CVE-2009-2987
 	NOT-FOR-US: Adobe
-CVE-2009-2986 (Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x ...)
+CVE-2009-2986
 	NOT-FOR-US: Adobe
-CVE-2009-2985 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+CVE-2009-2985
 	NOT-FOR-US: Adobe
-CVE-2009-2984 (Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x ...)
+CVE-2009-2984
 	NOT-FOR-US: Adobe
-CVE-2009-2983 (Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and ...)
+CVE-2009-2983
 	NOT-FOR-US: Adobe
-CVE-2009-2982 (An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, ...)
+CVE-2009-2982
 	NOT-FOR-US: Adobe
-CVE-2009-2981 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+CVE-2009-2981
 	NOT-FOR-US: Adobe
-CVE-2009-2980 (Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x ...)
+CVE-2009-2980
 	NOT-FOR-US: Adobe
-CVE-2009-2979 (Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and ...)
+CVE-2009-2979
 	NOT-FOR-US: Adobe
-CVE-2009-2978 (SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and ...)
+CVE-2009-2978
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2009-2977 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
+CVE-2009-2977
 	NOT-FOR-US: Cisco
-CVE-2009-2976 (Cisco Aironet Lightweight Access Point (AP) devices send the contents ...)
+CVE-2009-2976
 	NOT-FOR-US: Cisco
-CVE-2009-2975 (Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly ...)
+CVE-2009-2975
 	- xulrunner <not-affected> (unimportant)
 	NOTE: browser crashes not treated as security issues
 	NOTE: not reproducible, probably only Firefox in Windows XP is affected
-CVE-2009-2974 (Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote ...)
+CVE-2009-2974
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (doesn't support 'chromehtml' protocol)
-CVE-2009-2973 (Google Chrome before 2.0.172.43 does not prevent SSL connections to a ...)
+CVE-2009-2973
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2972 (in.lpd in the print service in Sun Solaris 8 and 9 allows remote ...)
+CVE-2009-2972
 	NOT-FOR-US: Sun Solaris
 CVE-2009-2971
 	RESERVED
-CVE-2009-2970 (Stack-based buffer overflow in the GetUiDllVersion function in an ...)
+CVE-2009-2970
 	NOT-FOR-US: UiTV UiPlayer
 CVE-2009-2969
 	RESERVED
-CVE-2009-2968 (Directory traversal vulnerability in a support component in the web ...)
+CVE-2009-2968
 	NOT-FOR-US: VMware Studio
-CVE-2009-2967 (Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 ...)
+CVE-2009-2967
 	- buildbot 0.7.11p3-1
 	[lenny] - buildbot <no-dsa> (Minor issue)
 	[etch] - buildbot <not-affected> (According to the vendor 0.7.5 and earlier are not affected)
-CVE-2009-2966 (avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus ...)
+CVE-2009-2966
 	NOT-FOR-US: Kaspersky Internet Security
-CVE-2009-2965 (Cross-site scripting (XSS) vulnerability in entry/index.jsp in ...)
+CVE-2009-2965
 	NOT-FOR-US: Radvision Scopia
-CVE-2009-2964 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-2964
 	{DSA-2091-1}
 	- squirrelmail 2:1.4.20~rc2-1 (low; bug #543818)
-CVE-2009-2963 (Unspecified vulnerability in the update feature in Toolbar Uninstaller ...)
+CVE-2009-2963
 	NOT-FOR-US: Toolbar Uninstaller
-CVE-2009-2961 (Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows ...)
+CVE-2009-2961
 	NOT-FOR-US: Thaddy de Konng KOL Player
-CVE-2009-2960 (CuteFlow 2.10.3 and 2.11.0_c does not properly restrict access to ...)
+CVE-2009-2960
 	NOT-FOR-US: CuteFlow
-CVE-2009-2959 (Cross-site scripting (XSS) vulnerability in the waterfall web status ...)
+CVE-2009-2959
 	- buildbot 0.7.11p3-1 (low; bug #543822)
 	[lenny] - buildbot <no-dsa> (Minor issue)
 	[etch] - buildbot <not-affected> (According to the vendor 0.7.5 and earlier are not affected)
-CVE-2009-2958 (The tftp_request function in tftp.c in dnsmasq before 2.50, when ...)
+CVE-2009-2958
 	{DSA-1876-1}
 	- dnsmasq 2.50-1
 	[etch] - dnsmasq <not-affected>
-CVE-2009-2957 (Heap-based buffer overflow in the tftp_request function in tftp.c in ...)
+CVE-2009-2957
 	{DSA-1876-1}
 	- dnsmasq 2.50-1
 	[etch] - dnsmasq <not-affected>
-CVE-2009-2956 (The (1) Net.Commerce and (2) Net.Data components in IBM WebSphere ...)
+CVE-2009-2956
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2955 (Google Chrome 1.0.154.48 and earlier allows remote attackers to cause ...)
+CVE-2009-2955
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	NOTE: browser denial of services are not considered security-relevant
-CVE-2009-2954 (Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote ...)
+CVE-2009-2954
 	NOT-FOR-US: Microsoft
-CVE-2009-2953 (Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote ...)
+CVE-2009-2953
 	- xulrunner <unfixed> (unimportant; bug #557753)
 	NOTE: browser denial-of-services are considered unimportant
-CVE-2009-2952 (Unspecified vulnerability in the pollwakeup function in Sun Solaris ...)
+CVE-2009-2952
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2951 (Phenotype CMS before 2.9 does not use a random salt value for password ...)
+CVE-2009-2951
 	NOT-FOR-US: Phenotype CMS
-CVE-2009-2950 (Heap-based buffer overflow in the ...)
+CVE-2009-2950
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-2949 (Integer overflow in the XPMReader::ReadXPM function in ...)
+CVE-2009-2949
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-2948 (mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before ...)
+CVE-2009-2948
 	{DSA-1908-1}
 	- samba 2:3.4.2-1 (medium; bug #550423)
-CVE-2009-2947 (Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16 ...)
+CVE-2009-2947
 	{DSA-1882-1}
 	- xapian-omega 1.0.15-2
-CVE-2009-2946 (Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in ...)
+CVE-2009-2946
 	{DSA-1878-2 DSA-1878-1}
 	- devscripts 2.10.54
-CVE-2009-2945 (weblogin/login.fcgi (aka the WebLogin login script) in Stanford ...)
+CVE-2009-2945
 	- webauth 3.6.2-1 (low)
 	[lenny] - webauth 3.6.0-1+lenny1
 	[etch] - webauth <not-affected> (Vulnerable code not present)
-CVE-2009-2944 (Incomplete blacklist vulnerability in the teximg plugin in ikiwiki ...)
+CVE-2009-2944
 	{DSA-1875-1}
 	- ikiwiki 3.1415926
-CVE-2009-2943 (The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL ...)
+CVE-2009-2943
 	{DSA-1909-1}
 	- postgresql-ocaml 1.12.1-1 (low)
-CVE-2009-2942 (The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the ...)
+CVE-2009-2942
 	{DSA-1910-1}
 	- mysql-ocaml 1.0.4-7 (low)
 CVE-2009-2941
 	RESERVED
-CVE-2009-2940 (The pygresql module 3.8.1 and 4.0 for Python does not properly support ...)
+CVE-2009-2940
 	{DSA-1911-1}
 	- pygresql 1:4.0-1 (low)
-CVE-2009-2939 (The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix ...)
+CVE-2009-2939
 	- postfix 2.6.5-3 (low)
 	[lenny] - postfix 2.5.5-1.1+lenny1
 	[etch] - postfix <no-dsa> (Minor issue)
 CVE-2009-2938
 	RESERVED
-CVE-2009-2937 (Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet ...)
+CVE-2009-2937
 	- planet <removed> (low; bug #546178)
 	[lenny] - planet <no-dsa> (Minor issue)
 	[etch] - planet <no-dsa> (Minor issue)
 	- planet-venus 0~bzr116-1 (low; bug #546179)
 	[lenny] - planet-venus 0~bzr95-2+lenny1
 	[etch] - planet-venus <no-dsa> (Minor issue)
-CVE-2009-2936 (** DISPUTED ** The Command Line Interface (aka Server CLI or ...)
+CVE-2009-2936
 	- varnish 2.1.0-2 (unimportant)
 	NOTE: Only a security issue if used against best practices
-CVE-2009-2935 (Google V8, as used in Google Chrome before 2.0.172.43, allows remote ...)
+CVE-2009-2935
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-2934 (Multiple stack-based buffer overflows in xaudio.dll in Programmed ...)
+CVE-2009-2934
 	NOT-FOR-US: Programmed Integration PIPL
-CVE-2009-2933 (SQL injection vulnerability in comments.php in Piwigo before 2.0.3 ...)
+CVE-2009-2933
 	- piwigo <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-2932 (Cross-site scripting (XSS) vulnerability in uddiclient/process in the ...)
+CVE-2009-2932
 	NOT-FOR-US: SAP NetWeaver
-CVE-2009-2931 (Directory traversal vulnerability in p.php in SlideShowPro Director ...)
+CVE-2009-2931
 	NOT-FOR-US: SlideShowPro Director
-CVE-2009-2930 (Cross-site scripting (XSS) vulnerability in the Search feature in elka ...)
+CVE-2009-2930
 	NOT-FOR-US: elka CMS (aka Elkapax)
-CVE-2009-2929 (Multiple SQL injection vulnerabilities in TGS Content Management 0.x ...)
+CVE-2009-2929
 	NOT-FOR-US: TGS Content Management
-CVE-2009-2928 (Cross-site scripting (XSS) vulnerability in login.php in TGS Content ...)
+CVE-2009-2928
 	NOT-FOR-US: TGS Content Management
-CVE-2009-2927 (SQL injection vulnerability in DetailFile.php in DigitalSpinners DS ...)
+CVE-2009-2927
 	NOT-FOR-US: DigitalSpinners DS CMS
-CVE-2009-2926 (Multiple SQL injection vulnerabilities in PHP Competition System BETA ...)
+CVE-2009-2926
 	NOT-FOR-US: PHP Competition System BETA
-CVE-2009-3026 (protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly ...)
+CVE-2009-3026
 	- pidgin 2.6.1-1 (low; bug #542891)
 	[lenny] - pidgin 2.4.3-4lenny4
 	NOTE: gaim nof affected, it never claimed to support TLS/SSL
@@ -5831,113 +5831,113 @@ CVE-2009-3026 (protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibl
 	NOTE: http://developer.pidgin.im/viewmtn/revision/diff/312e056d702d29379ea61aea9d27765f127bc888/with/55897c4ce0787edc1e7721b7f4a9b5cbc8357279
 CVE-2009-2962
 	REJECTED
-CVE-2009-2925 (Directory traversal vulnerability in DJcalendar.cgi in DJCalendar ...)
+CVE-2009-2925
 	NOT-FOR-US: DJCalendar
-CVE-2009-2924 (Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 ...)
+CVE-2009-2924
 	NOT-FOR-US: Videos Broadcast Yourself 2
-CVE-2009-2923 (Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance ...)
+CVE-2009-2923
 	NOT-FOR-US: BitmixSoft PHP-Lance
-CVE-2009-2922 (Absolute path traversal vulnerability in pixaria.image.php in Pixaria ...)
+CVE-2009-2922
 	NOT-FOR-US: Pixaria Gallery
-CVE-2009-2921 (Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP ...)
+CVE-2009-2921
 	NOT-FOR-US: MOC Designs PHP News
-CVE-2009-2920 (Multiple cross-site scripting (XSS) vulnerabilities in Elvin 1.2.2 ...)
+CVE-2009-2920
 	NOT-FOR-US: Elvin
-CVE-2009-2919 (Cross-site scripting (XSS) vulnerability in Boonex Orca 2.0 and 2.0.2 ...)
+CVE-2009-2919
 	NOT-FOR-US: Boonex Orca
-CVE-2009-2918 (The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows ...)
+CVE-2009-2918
 	NOT-FOR-US: TheGreenBow IPSec VPN Client
-CVE-2009-2917 (Stack-based buffer overflow in ImTOO MPEG Encoder 3.1.53 allows remote ...)
+CVE-2009-2917
 	NOT-FOR-US: ImTOO MPEG Encoder
-CVE-2009-2916 (Format string vulnerability in the CNS_AddTxt function in logs.dll in ...)
+CVE-2009-2916
 	NOT-FOR-US: 2K Games Vietcong
-CVE-2009-2915 (SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery ...)
+CVE-2009-2915
 	NOT-FOR-US: 2FLY Gift Delivery System
-CVE-2009-2914 (Cross-site scripting (XSS) vulnerability in index.php in XZero ...)
+CVE-2009-2914
 	NOT-FOR-US: XZero Community Classified
-CVE-2009-2913 (Cross-site scripting (XSS) vulnerability in index.php in XZero ...)
+CVE-2009-2913
 	NOT-FOR-US: XZero Community Classified
-CVE-2009-2912 (The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through ...)
+CVE-2009-2912
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2911 (SystemTap 1.0, when the --unprivileged option is used, does not ...)
+CVE-2009-2911
 	- systemtap 1.0-2 (bug #551918)
 	[lenny] - systemtap <not-affected> (Affected functionality only added in 1.0)
-CVE-2009-2910 (arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the ...)
+CVE-2009-2910
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	- linux-2.6.24 <unfixed> (medium)
-CVE-2009-2909 (Integer signedness error in the ax25_setsockopt function in ...)
+CVE-2009-2909
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-2908 (The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux ...)
+CVE-2009-2908
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.19)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-2907 (Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc ...)
+CVE-2009-2907
 	NOT-FOR-US: SpringSource tc Server, Application Management Suite, Hyperic HQ Open Source, and Hyperic Enterprise
-CVE-2009-2906 (smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, ...)
+CVE-2009-2906
 	{DSA-1908-1}
 	- samba 2:3.4.2-1 (low; bug #550423)
-CVE-2009-2905 (Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and ...)
+CVE-2009-2905
 	{DSA-1894-1}
 	- newt 0.52.10-4.1 (medium; bug #548198)
-CVE-2009-2904 (A certain Red Hat modification to the ChrootDirectory feature in ...)
+CVE-2009-2904
 	- openssh <not-affected> (issue with homechroot patch specific to Red Hat)
-CVE-2009-2903 (Memory leak in the appletalk subsystem in the Linux kernel 2.4.x ...)
+CVE-2009-2903
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-2902 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through ...)
+CVE-2009-2902
 	{DSA-2207-1}
 	- tomcat6 6.0.24-1 (low)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5.5 <removed>
-CVE-2009-2901 (The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and ...)
+CVE-2009-2901
 	- tomcat6 <not-affected> (Windows-only)
 	- tomcat5.5 <not-affected> (Windows-only)
 CVE-2009-2900
 	RESERVED
-CVE-2009-2899 (The monitor perl script in the Sybase database plug-in in SpringSource ...)
+CVE-2009-2899
 	NOT-FOR-US: SpringSource Hyperic HQ
-CVE-2009-2898 (Cross-site scripting (XSS) vulnerability in the Alerts list feature in ...)
+CVE-2009-2898
 	NOT-FOR-US: SpringSource Hyperic HQ
-CVE-2009-2897 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-2897
 	NOT-FOR-US: SpringSource Hyperic HQ
-CVE-2009-2896 (Buffer overflow in KMplayer 2.9.4.1433 and earlier allows remote ...)
+CVE-2009-2896
 	NOT-FOR-US: KMPlayer: http://www.kmplayer.com
-CVE-2009-2895 (SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate ...)
+CVE-2009-2895
 	NOT-FOR-US: Ultimate Regnow Affiliate
-CVE-2009-2894 (Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote ...)
+CVE-2009-2894
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-2893 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-2893
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2009-2892 (Multiple SQL injection vulnerabilities in header.php in Scripteen Free ...)
+CVE-2009-2892
 	NOT-FOR-US: Scripteen Free Image Hosting Script
-CVE-2009-2891 (SQL injection vulnerability in list.php in PHP Scripts Now Riddles ...)
+CVE-2009-2891
 	NOT-FOR-US: PHP Scripts Now Riddles
-CVE-2009-2890 (Cross-site scripting (XSS) vulnerability in results.php in PHP Scripts ...)
+CVE-2009-2890
 	NOT-FOR-US: PHP Scripts Now Riddles
-CVE-2009-2889 (Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts ...)
+CVE-2009-2889
 	NOT-FOR-US: PHP Scripts Now Riddles
-CVE-2009-2888 (SQL injection vulnerability in index.php in PHP Scripts Now Hangman ...)
+CVE-2009-2888
 	NOT-FOR-US: PHP Scripts Now Hangman
-CVE-2009-2887 (Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts ...)
+CVE-2009-2887
 	NOT-FOR-US: PHP Scripts Now President Bios
-CVE-2009-2886 (SQL injection vulnerability in bios.php in PHP Scripts Now President ...)
+CVE-2009-2886
 	NOT-FOR-US: PHP Scripts Now President
-CVE-2009-2885 (SQL injection vulnerability in bios.php in PHP Scripts Now World's ...)
+CVE-2009-2885
 	NOT-FOR-US: PHP Scripts Now World's
-CVE-2009-2884 (Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts ...)
+CVE-2009-2884
 	NOT-FOR-US: PHP Scripts Now World's Tallest Buildings
-CVE-2009-2883 (SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, ...)
+CVE-2009-2883
 	NOT-FOR-US: SaphpLesson
-CVE-2009-2882 (Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking ...)
+CVE-2009-2882
 	NOT-FOR-US: PG MatchMaking
-CVE-2009-2881 (Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote ...)
+CVE-2009-2881
 	NOT-FOR-US: Basilic
-CVE-2009-3369 (CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in ...)
+CVE-2009-3369
 	- backuppc 3.1.0-8 (low; bug #542218)
 	[etch] - backuppc <not-affected> (No configuration GUI)
 	[lenny] - backuppc 3.1.0-4lenny2
@@ -5946,105 +5946,105 @@ CVE-2009-5043 [burn: Insecure escaping of file names]
 	- burn 0.4.5-1 (low; bug #542329)
 	[lenny] - burn 0.4.3-2.1+lenny1
 	[etch] - burn <no-dsa> (Minor issue)
-CVE-2009-2880 (Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x ...)
+CVE-2009-2880
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2879 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...)
+CVE-2009-2879
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2878 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...)
+CVE-2009-2878
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2877 (Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF ...)
+CVE-2009-2877
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2876 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...)
+CVE-2009-2876
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2875 (Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x ...)
+CVE-2009-2875
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2874 (The TimesTenD process in Cisco Unified Presence 1.x, 6.x before ...)
+CVE-2009-2874
 	NOT-FOR-US: Cisco Unified Presence
-CVE-2009-2873 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco ...)
+CVE-2009-2873
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2872 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco ...)
+CVE-2009-2872
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2871 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN ...)
+CVE-2009-2871
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2870 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the ...)
+CVE-2009-2870
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2869 (Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, ...)
+CVE-2009-2869
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2868 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when ...)
+CVE-2009-2868
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2867 (Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, ...)
+CVE-2009-2867
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2866 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote ...)
+CVE-2009-2866
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2865 (Buffer overflow in the login implementation in the Extension Mobility ...)
+CVE-2009-2865
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2864 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2009-2864
 	NOT-FOR-US: Cisco
-CVE-2009-2863 (Race condition in the Firewall Authentication Proxy feature in Cisco ...)
+CVE-2009-2863
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2862 (The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS ...)
+CVE-2009-2862
 	NOT-FOR-US: Cisco
-CVE-2009-2861 (The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet ...)
+CVE-2009-2861
 	NOT-FOR-US: Cisco
-CVE-2009-2860 (Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows ...)
+CVE-2009-2860
 	NOT-FOR-US: db2jds in IBM DB2
-CVE-2009-2859 (IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access ...)
+CVE-2009-2859
 	NOT-FOR-US: IBM DB2
-CVE-2009-2858 (Memory leak in the Security component in IBM DB2 8.1 before FP18 on ...)
+CVE-2009-2858
 	NOT-FOR-US: IBM DB2
-CVE-2009-2857 (The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before ...)
+CVE-2009-2857
 	NOT-FOR-US: kernel in Sun Solaris
-CVE-2009-2856 (Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding ...)
+CVE-2009-2856
 	NOT-FOR-US: Sun Virtual Desktop Infrastructure
-CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 ...)
+CVE-2009-2855
 	{DSA-1991-1}
 	- squid 2.7.STABLE7-1 (low; bug #534982)
 	- squid3 3.0.STABLE19-1
-CVE-2009-2854 (Wordpress before 2.8.3 does not check capabilities for certain ...)
+CVE-2009-2854
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1
-CVE-2009-2853 (Wordpress before 2.8.3 allows remote attackers to gain privileges via ...)
+CVE-2009-2853
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1
-CVE-2009-2852 (WP-Syntax plugin 0.9.1 and earlier for Wordpress, with ...)
+CVE-2009-2852
 	NOT-FOR-US: WP-Syntax plugin
-CVE-2009-2851 (Cross-site scripting (XSS) vulnerability in the administrator ...)
+CVE-2009-2851
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low)
-CVE-2009-2850 (Multiple buffer overflows in NASA Common Data Format (CDF) allow ...)
+CVE-2009-2850
 	NOT-FOR-US: NASA Common Data Format
 CVE-2009-2845
 	REJECTED
-CVE-2009-2849 (The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 ...)
+CVE-2009-2849
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-4 (medium)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (medium)
-CVE-2009-2848 (The execve function in the Linux kernel, possibly 2.6.30-rc6 and ...)
+CVE-2009-2848
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-7 (low)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (low)
-CVE-2009-2847 (The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 ...)
+CVE-2009-2847
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-6 (low)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (low)
-CVE-2009-2846 (The eisa_eeprom_read function in the parisc isa-eeprom component ...)
+CVE-2009-2846
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-6 (low)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (low)
-CVE-2009-2844 (cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and ...)
+CVE-2009-2844
 	- linux-2.6 2.6.30-7 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 	- linux-2.6.24 <not-affected> (vulnerability introduced in 2.6.30)
-CVE-2009-2843 (Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 ...)
+CVE-2009-2843
 	NOT-FOR-US: Mac OS X
-CVE-2009-2842 (Apple Safari before 4.0.4 does not properly implement certain (1) Open ...)
+CVE-2009-2842
 	NOT-FOR-US: Apple Safari
-CVE-2009-2841 (The HTMLMediaElement::loadResource function in ...)
+CVE-2009-2841
 	- webkit 1.1.21-1 (medium; bug #559759)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/49480
@@ -6053,59 +6053,59 @@ CVE-2009-2841 (The HTMLMediaElement::loadResource function in ...)
 	[lenny] - qt4-x11 <not-affected> (HTML video support introduced in version 4.5)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <not-affected> (No support for HTML5 video tags)
-CVE-2009-2840 (Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary ...)
+CVE-2009-2840
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2839 (Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to ...)
+CVE-2009-2839
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2838 (Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote ...)
+CVE-2009-2838
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2837 (Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X ...)
+CVE-2009-2837
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2836 (Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, ...)
+CVE-2009-2836
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2835 (The kernel in Apple Mac OS X before 10.6.2 does not properly handle ...)
+CVE-2009-2835
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2834 (IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the ...)
+CVE-2009-2834
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2833 (Buffer overflow in the UCCompareTextDefault API in International ...)
+CVE-2009-2833
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2832 (Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows ...)
+CVE-2009-2832
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2831 (Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create ...)
+CVE-2009-2831
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2830 (Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple ...)
+CVE-2009-2830
 	- file 5.03-1
 	[lenny] - file <not-affected>
 	[etch] - file <not-affected>
-CVE-2009-2829 (Event Monitor in Apple Mac OS X 10.5.8 does not properly handle ...)
+CVE-2009-2829
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2828 (The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote ...)
+CVE-2009-2828
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2827 (Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 ...)
+CVE-2009-2827
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2826 (Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 ...)
+CVE-2009-2826
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2825 (Certificate Assistant in Apple Mac OS X before 10.6.2 does not ...)
+CVE-2009-2825
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2824 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+CVE-2009-2824
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2823 (The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the ...)
+CVE-2009-2823
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2822 (AirPort Utility before 5.5.1 for Apple AirPort Base Station does not ...)
+CVE-2009-2822
 	NOT-FOR-US: AirPort Utility
 CVE-2009-2821
 	RESERVED
-CVE-2009-2820 (The web interface in CUPS before 1.4.2, as used on Apple Mac OS X ...)
+CVE-2009-2820
 	{DSA-1933-1}
 	- cups 1.4.2-1 (low; bug #555666)
 	- cupsys <removed>
-CVE-2009-2819 (AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to ...)
+CVE-2009-2819
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2818 (Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly ...)
+CVE-2009-2818
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2817 (Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers ...)
+CVE-2009-2817
 	NOT-FOR-US: Apple iTunes
-CVE-2009-2816 (The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, ...)
+CVE-2009-2816
 	- webkit 1.1.21-1 (low; bug #559759)
 	[lenny] - webkit <not-affected> (vulnerable code not present)
 	- kdelibs <not-affected>
@@ -6114,50 +6114,50 @@ CVE-2009-2816 (The implementation of Cross-Origin Resource Sharing (CORS) in Web
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	[lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/47494
-CVE-2009-2815 (The Telephony component in Apple iPhone OS before 3.1 does not ...)
+CVE-2009-2815
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2814 (Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple ...)
+CVE-2009-2814
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2813 (Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and ...)
+CVE-2009-2813
 	{DSA-1908-1}
 	- samba 2:3.4.2-1 (bug #550422)
 	NOTE: requires an administrator to manually configure a user account without
 	NOTE: a home dir, otherwise, this is ineffective
-CVE-2009-2812 (Launch Services in Apple Mac OS X 10.5.8 does not properly recognize ...)
+CVE-2009-2812
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2811 (Incomplete blacklist vulnerability in Launch Services in Apple Mac OS ...)
+CVE-2009-2811
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2810 (Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively ...)
+CVE-2009-2810
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2809 (ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers ...)
+CVE-2009-2809
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2808 (Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS ...)
+CVE-2009-2808
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2807 (Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS ...)
+CVE-2009-2807
 	- cupsys <not-affected> (issue in darwin-specific code; bug #550150)
 	- cups <not-affected> (issue in darwin-specific code; bug #550150)
 CVE-2009-2806
 	RESERVED
-CVE-2009-2805 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 ...)
+CVE-2009-2805
 	NOT-FOR-US: CoreGraphics in Apple Mac OS X
-CVE-2009-2804 (Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, ...)
+CVE-2009-2804
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2803 (CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to ...)
+CVE-2009-2803
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2802
 	RESERVED
 	- mantis <not-affected> (Only affects 1.2.x)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=11952
 	NOTE: http://www.mantisbt.org/blog/?p=113
-CVE-2009-2801 (The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified ...)
+CVE-2009-2801
 	NOT-FOR-US: Apple Application Firewall
-CVE-2009-2800 (Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 ...)
+CVE-2009-2800
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2799 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows ...)
+CVE-2009-2799
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2798 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows ...)
+CVE-2009-2798
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2797 (The WebKit component in Safari in Apple iPhone OS before 3.1, and ...)
+CVE-2009-2797
 	- webkit 1.1.21-1 (low; bug #559759)
 	[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
 	- kdelibs <not-affected>
@@ -6166,82 +6166,82 @@ CVE-2009-2797 (The WebKit component in Safari in Apple iPhone OS before 3.1, and
 	- qt4-x11 4:4.6.2-4 (low)
 	[lenny] - qt4-x11 <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
 	NOTE: http://trac.webkit.org/changeset/42483
-CVE-2009-2796 (The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for ...)
+CVE-2009-2796
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2795 (Heap-based buffer overflow in the Recovery Mode component in Apple ...)
+CVE-2009-2795
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2794 (The Exchange Support component in Apple iPhone OS before 3.1, and ...)
+CVE-2009-2794
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2793 (The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms ...)
+CVE-2009-2793
 	NOT-FOR-US: NetBSD kernel
-CVE-2009-2792 (Directory traversal vulnerability in plugings/pagecontent.php in ...)
+CVE-2009-2792
 	NOT-FOR-US: Really Simple CMS
-CVE-2009-2791 (PHP remote file inclusion vulnerability in pda_projects.php in ...)
+CVE-2009-2791
 	NOT-FOR-US: WebDynamite ProjectButler
-CVE-2009-2790 (SQL injection vulnerability in cat_products.php in SoftBiz Dating ...)
+CVE-2009-2790
 	NOT-FOR-US: SoftBiz Dating
-CVE-2009-2789 (SQL injection vulnerability in the Permis (com_groups) component 1.0 ...)
+CVE-2009-2789
 	NOT-FOR-US: com_groups component for Joomla!
-CVE-2009-2788 (Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow ...)
+CVE-2009-2788
 	NOT-FOR-US: Mobilelib GOLD
-CVE-2009-2787 (Directory traversal vulnerability in ...)
+CVE-2009-2787
 	NOT-FOR-US: Reputation plugin for PunBB
-CVE-2009-2786 (SQL injection vulnerability in reputation.php in the Reputation plugin ...)
+CVE-2009-2786
 	NOT-FOR-US: Reputation plugin for PunBB
-CVE-2009-2785 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Open ...)
+CVE-2009-2785
 	NOT-FOR-US: PHP Open Classifieds Script
-CVE-2009-2784 (Multiple directory traversal vulnerabilities in dit.cms 1.3, when ...)
+CVE-2009-2784
 	NOT-FOR-US: dit.cms
-CVE-2009-2783 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.3.3 ...)
+CVE-2009-2783
 	NOT-FOR-US: XOOPS
-CVE-2009-2782 (SQL injection vulnerability in the JFusion (com_jfusion) component for ...)
+CVE-2009-2782
 	NOT-FOR-US: com_jfusion component for Joomla!
-CVE-2009-2781 (SQL injection vulnerability in forum.php in Arab Portal 2.x, when ...)
+CVE-2009-2781
 	NOT-FOR-US: Arab Portal
-CVE-2009-2780 (Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds ...)
+CVE-2009-2780
 	NOT-FOR-US: 68 Classifieds
-CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows ...)
+CVE-2009-2779
 	NOT-FOR-US: AJ Matrix DNA
-CVE-2009-2778 (Cross-site scripting (XSS) vulnerability in visitor/view.php in ...)
+CVE-2009-2778
 	NOT-FOR-US: GarageSales script
-CVE-2009-2777 (SQL injection vulnerability in visitor/view.php in GarageSales Script ...)
+CVE-2009-2777
 	NOT-FOR-US: GarageSales Script
-CVE-2009-2776 (SQL injection vulnerability in showresult.asp in Smart ASP Survey ...)
+CVE-2009-2776
 	NOT-FOR-US: Smart ASP Survey
-CVE-2009-2775 (SQL injection vulnerability in linkout.php in PHPArcadeScript (PHP ...)
+CVE-2009-2775
 	NOT-FOR-US: PHPArcadeScript
-CVE-2009-2774 (SQL injection vulnerability in paidbanner.php in PHP Paid 4 Mail ...)
+CVE-2009-2774
 	NOT-FOR-US: PHP Paid 4 Mail
-CVE-2009-2773 (PHP remote file inclusion vulnerability in home.php in PHP Paid 4 Mail ...)
+CVE-2009-2773
 	NOT-FOR-US: PHP Paid 4 Mail
-CVE-2009-2772 (Multiple cross-site scripting (XSS) vulnerabilities in PG Roommate ...)
+CVE-2009-2772
 	NOT-FOR-US: PG Roommate Finder Solution
-CVE-2009-2771 (Cross-site scripting (XSS) vulnerability in Free Arcade Script 1.3 ...)
+CVE-2009-2771
 	NOT-FOR-US: Free Arcade Script
-CVE-2009-2770 (PowerUpload 2.4 allows remote attackers to bypass authentication and ...)
+CVE-2009-2770
 	NOT-FOR-US: PowerUpload
-CVE-2009-2769 (PHP remote file inclusion vulnerability in include/timesheet.php in ...)
+CVE-2009-2769
 	NOT-FOR-US: Ultrize TimeSheet
-CVE-2009-2768 (The load_flat_shared_library function in fs/binfmt_flat.c in the flat ...)
+CVE-2009-2768
 	- linux-2.6 2.6.30-6 (medium)
 	[etch] - linux-2.6 <not-affected> (kernel/cred.c introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (kernel/cred.c introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (kernel/cred.c introduced in 2.6.29)
-CVE-2009-2767 (The init_posix_timers function in kernel/posix-timers.c in the Linux ...)
+CVE-2009-2767
 	- linux-2.6 2.6.30-6 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.28)
-CVE-2009-2766 (httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not ...)
+CVE-2009-2766
 	NOT-FOR-US: DD-WRT
-CVE-2009-2765 (httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other ...)
+CVE-2009-2765
 	NOT-FOR-US: DD-WRT
-CVE-2009-2764 (Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 ...)
+CVE-2009-2764
 	NOT-FOR-US: Microsoft
-CVE-2009-3040 (Multiple SQL injection vulnerabilities in Open Computer and Software ...)
+CVE-2009-3040
 	- ocsinventory-server 1.02.1-2 (unimportant; bug #541995)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2009-3042 (SQL injection vulnerability in machine.php in Open Computer and ...)
+CVE-2009-3042
 	- ocsinventory-server 1.02.1-2 (unimportant; bug #541995)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
 CVE-2009-2763
@@ -6253,7 +6253,7 @@ CVE-2009-XXXX [XSS in drupal printing module]
 	- drupal6 <removed> (unimportant)
 	NOTE: you need admin privs in orde to exploit this
 	NOTE: http://lampsecurity.org/drupal-print-module-vulnerabilities
-CVE-2009-2761 (Unquoted Windows search path vulnerability in the scheduler ...)
+CVE-2009-2761
 	NOT-FOR-US: Avira AntiVir
 CVE-2009-2760
 	RESERVED
@@ -6267,58 +6267,58 @@ CVE-2009-2756
 	RESERVED
 CVE-2009-2755
 	RESERVED
-CVE-2009-2754 (Integer signedness error in the authentication functionality in ...)
+CVE-2009-2754
 	NOT-FOR-US: Informix Storage Manager
-CVE-2009-2753 (Multiple buffer overflows in the authentication functionality in ...)
+CVE-2009-2753
 	NOT-FOR-US: Informix Storage Manager
-CVE-2009-2752 (IBM WebSphere Commerce 7.0 does not properly encrypt data in a ...)
+CVE-2009-2752
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2009-2751 (IBM WebSphere Commerce 7.0 uses the same cryptographic key for session ...)
+CVE-2009-2751
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2009-2750 (IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 ...)
+CVE-2009-2750
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2009-2749 (Feature Pack for Communications Enabled Applications (CEA) before ...)
+CVE-2009-2749
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2748 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2009-2748
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2747 (The Java Naming and Directory Interface (JNDI) implementation in IBM ...)
+CVE-2009-2747
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2746 (Cross-site request forgery (CSRF) vulnerability in the administrative ...)
+CVE-2009-2746
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-2745
 	RESERVED
-CVE-2009-2744 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2009-2744
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2743 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 ...)
+CVE-2009-2743
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2742 (Cross-site scripting (XSS) vulnerability in Eclipse Help in IBM ...)
+CVE-2009-2742
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2741 (Unspecified vulnerability in the wberuntimeear application in the test ...)
+CVE-2009-2741
 	NOT-FOR-US: IBM WebSphere Business Events
-CVE-2009-2740 (kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention ...)
+CVE-2009-2740
 	NOT-FOR-US: CA Host-Based Intrusion Prevention System (HIPS)
-CVE-2009-2739 (Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 ...)
+CVE-2009-2739
 	NOT-FOR-US: FreeNAS
-CVE-2009-2738 (Cross-site request forgery (CSRF) vulnerability in the WebGUI in ...)
+CVE-2009-2738
 	NOT-FOR-US: FreeNAS
-CVE-2009-2737 (The EditCSVAction function in cgi/actions.py in Roundup 1.2 before ...)
+CVE-2009-2737
 	{DSA-1754-1}
 	- roundup 1.4.4-4+lenny1 (bug #518768)
-CVE-2009-2736 (Static code injection vulnerability in admin.php in sun-jester ...)
+CVE-2009-2736
 	NOT-FOR-US: OpenNews
-CVE-2009-2735 (SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, ...)
+CVE-2009-2735
 	NOT-FOR-US: OpenNews
-CVE-2009-2734 (SQL injection vulnerability in the get_employee function in ...)
+CVE-2009-2734
 	NOT-FOR-US: Achievo
-CVE-2009-2733 (Multiple cross-site scripting (XSS) vulnerabilities in Achievo before ...)
+CVE-2009-2733
 	NOT-FOR-US: Achievo
-CVE-2009-2732 (The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier ...)
+CVE-2009-2732
 	- ntop 3:3.3-12 (low; bug #543312)
 	[lenny] - ntop <no-dsa> (Minor issue)
 	[etch] - ntop <no-dsa> (Minor issue)
 CVE-2009-2731
 	RESERVED
-CVE-2009-2730 (libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' ...)
+CVE-2009-2730
 	{DSA-1935-1}
 	- gnutls26 2.8.3-1 (low; bug #541439)
 	- gnutls13 <removed>
@@ -6326,82 +6326,82 @@ CVE-2009-2729
 	RESERVED
 CVE-2009-2728
 	RESERVED
-CVE-2009-2727 (Stack-based buffer overflow in the _tt_internal_realpath function in ...)
+CVE-2009-2727
 	NOT-FOR-US: IBM AIX
-CVE-2009-2726 (The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, ...)
+CVE-2009-2726
 	- asterisk 1:1.6.2.0~dfsg~rc1-1 (bug #541441)
 	[squeeze] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 	[lenny] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 	[etch] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 CVE-2009-2725
 	RESERVED
-CVE-2009-2724 (Race condition in the java.lang package in Sun Java SE 5.0 before ...)
+CVE-2009-2724
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2723 (Unspecified vulnerability in deserialization in the Provider class in ...)
+CVE-2009-2723
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2722 (Multiple unspecified vulnerabilities in the Provider class in Sun Java ...)
+CVE-2009-2722
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2721 (Multiple unspecified vulnerabilities in the Provider class in Sun Java ...)
+CVE-2009-2721
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2720 (Unspecified vulnerability in the ...)
+CVE-2009-2720
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2719 (The Java Web Start implementation in Sun Java SE 6 before Update 15 ...)
+CVE-2009-2719
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2718 (The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 ...)
+CVE-2009-2718
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2717 (The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 ...)
+CVE-2009-2717
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2716 (The plugin functionality in Sun Java SE 6 before Update 15 does not ...)
+CVE-2009-2716
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2762 (wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to ...)
+CVE-2009-2762
 	- wordpress 2.8.3-2 (unimportant; bug #541102)
 	[lenny] - wordpress <not-affected> (Vulnerable code not present)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: not really a security issue in my opinion, just an annoying bug
-CVE-2009-2715 (Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause ...)
+CVE-2009-2715
 	- virtualbox-ose 3.0.4-dfsg-1 (medium)
 	[lenny] - virtualbox-ose <not-affected> (Doesn't affect 1.6.x)
-CVE-2009-2714 (Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows ...)
+CVE-2009-2714
 	- virtualbox-ose 3.0.4-dfsg-1
 	[lenny] - virtualbox-ose <not-affected> (Only 3.0.x affected per Sun advisory)
-CVE-2009-2713 (The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 ...)
+CVE-2009-2713
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-2712 (Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and ...)
+CVE-2009-2712
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-2711 (XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and ...)
+CVE-2009-2711
 	NOT-FOR-US: XScreenSaver in Sun Solaris
 CVE-2009-XXXX [mantis: information leak]
 	- mantis 1.1.8+dfsg-2 (medium; bug #425010)
 	[lenny] - mantis 1.1.6+dfsg-2lenny1
 	NOTE: cve id requested on oss-sec
-CVE-2009-3041 (SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper ...)
+CVE-2009-3041
 	- spip 2.0.9-1 (medium)
 CVE-2009-XXXX [rubygems: integrity violation]
 	- libgems-ruby <not-affected> (Debian's version installs gems packages to /var/lib/gems, bug #540610)
@@ -6412,7 +6412,7 @@ CVE-2009-XXXX [bugzilla: unauthorized bug modification]
 	[etch] - bugzilla <no-dsa> (minor issue)
 	[lenny] - bugzilla <no-dsa> (minor issue)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495257
-CVE-2009-5044 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows ...)
+CVE-2009-5044
 	- groff 1.20.1-5 (low; bug #538330)
 	[etch] - groff <not-affected> (pdfroff not yet present)
 	[lenny] - groff <not-affected> (pdfroff not yet present)
@@ -6421,7 +6421,7 @@ CVE-2009-XXXX [xscreensaver: local screen lock bypassable via low resolution vid
 	- xscreensaver 5.05-3+nmu1 (low; bug #539699)
 	[etch] - xscreensaver <not-affected> (vulnerable code not present)
 	[lenny] - xscreensaver 5.05-3+lenny1
-CVE-2009-2626 (The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, ...)
+CVE-2009-2626
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-1 (low; bug #540605)
 	[etch] - php5 <no-dsa> (too risky to fix it there)
@@ -6435,104 +6435,104 @@ CVE-2009-2709
 	REJECTED
 CVE-2009-2708
 	REJECTED
-CVE-2009-2707 (Unspecified vulnerability in ia32el (aka the IA 32 emulation ...)
+CVE-2009-2707
 	NOT-FOR-US: SUSE Linux
 CVE-2009-2706
 	REJECTED
-CVE-2009-2705 (CA SiteMinder allows remote attackers to bypass cross-site scripting ...)
+CVE-2009-2705
 	NOT-FOR-US: SiteMinder
-CVE-2009-2704 (CA SiteMinder allows remote attackers to bypass cross-site scripting ...)
+CVE-2009-2704
 	NOT-FOR-US: SiteMinder
-CVE-2009-2703 (libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple ...)
+CVE-2009-2703
 	- pidgin 2.6.2 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[etch] - pidgin <no-dsa> (Minor issue)
 	[lenny] - gaim <not-affected> (Only a transitional package)
 	- gaim <removed>
 	NOTE: this is only a null ptr dereference and can only be triggered by a rogue irc server
-CVE-2009-2702 (KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a ...)
+CVE-2009-2702
 	{DSA-1916-1}
 	- kdelibs 4:3.5.10.dfsg.1-2.1 (low; bug #546212)
 	- kde4libs 4:4.3.2-1 (low; bug #546218)
 	[lenny] - kde4libs <no-dsa> (Minor issue)
-CVE-2009-2701 (Unspecified vulnerability in the Zope Enterprise Objects (ZEO) ...)
+CVE-2009-2701
 	- zodb 1:3.9.0-1
 	[etch] - zodb <not-affected> (The vulnerability was introduced in ZODB 3.8)
 	[lenny] - zodb <not-affected> (The vulnerability was introduced in ZODB 3.8)
-CVE-2009-2700 (src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not ...)
+CVE-2009-2700
 	{DSA-1988-1}
 	- qt4-x11 4:4.5.3-1 (medium; bug #545793)
 	[etch] - qt4-x11 <not-affected> (QSsl* classes were introduced in Qt 4.3)
-CVE-2009-2699 (The Solaris pollset feature in the Event Port backend in ...)
+CVE-2009-2699
 	- apr <not-affected> (does not affect Linux or kFreeBSD)
-CVE-2009-2698 (The udp_sendmsg function in the UDP implementation in (1) ...)
+CVE-2009-2698
 	{DSA-1872-1}
 	- linux-2.6 2.6.19-1 (high)
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, 2.6.19)
-CVE-2009-2697 (The Red Hat build script for the GNOME Display Manager (GDM) before ...)
+CVE-2009-2697
 	- gdm <not-affected> (TCP Wrappers support enabled correctly)
-CVE-2009-2696 (Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the ...)
+CVE-2009-2696
 	NOT-FOR-US: Red-Hat-specific patching problem in Tomcat
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=616717
-CVE-2009-2695 (The Linux kernel before 2.6.31-rc7 does not properly prevent mmap ...)
+CVE-2009-2695
 	{DSA-2005-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (2.6.18 does not have mmap_min_addr)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-2694 (The msn_slplink_process_msg function in ...)
+CVE-2009-2694
 	{DSA-1870-1}
 	- pidgin 2.5.9-1 (medium; bug #542486)
 	[lenny] - gaim <not-affected> (Only a transitional package)
 	- gaim <removed>
-CVE-2009-2693 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through ...)
+CVE-2009-2693
 	{DSA-2207-1}
 	- tomcat6 6.0.24-1 (low)
 	[lenny] - tomcat6 <not-affected> (The package only ships the servlet packages)
 	- tomcat5.5 <removed>
-CVE-2009-2692 (The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, ...)
+CVE-2009-2692
 	{DSA-1864-1 DSA-1865-1 DSA-1862-1}
 	- linux-2.6 2.6.30-6 (high; bug #541403)
 	- linux-2.6.24 <removed>
-CVE-2009-2691 (The mm_for_maps function in fs/proc/base.c in the Linux kernel ...)
+CVE-2009-2691
 	{DSA-2005-1}
 	- linux-2.6 2.6.30-7 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed>
-CVE-2009-2690 (The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants ...)
+CVE-2009-2690
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2689 (JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 ...)
+CVE-2009-2689
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2688 (Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when ...)
+CVE-2009-2688
 	- xemacs21 21.4.22-3 (low; bug #540470)
 	[etch] - xemacs21 <no-dsa> (Minor issue, obscure attack vector)
 	[lenny] - xemacs21 <no-dsa> (Minor issue, obscure attack vector)
-CVE-2009-2686 (Unspecified vulnerability in HP NonStop G06.12.00 through G06.32.00, ...)
+CVE-2009-2686
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2685 (Stack-based buffer overflow in the login form in the management web ...)
+CVE-2009-2685
 	NOT-FOR-US: HP Power Manager
-CVE-2009-2684 (Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and ...)
+CVE-2009-2684
 	NOT-FOR-US: Embedded Web Server in HP printers
-CVE-2009-2683 (Unspecified vulnerability in the Sender module in HP Remote Graphics ...)
+CVE-2009-2683
 	NOT-FOR-US: HP Remote Graphics
-CVE-2009-2682 (Unspecified vulnerability in Role-Based Access Control (RBAC) in HP ...)
+CVE-2009-2682
 	NOT-FOR-US: HP-UX
-CVE-2009-2681 (Unspecified vulnerability in HP ProCurve Identity Driven Manager (IDM) ...)
+CVE-2009-2681
 	NOT-FOR-US: HP ProCurve Identity Driven Manager
-CVE-2009-2680 (Unspecified vulnerability in the Remote Management Interface (RMI) for ...)
+CVE-2009-2680
 	NOT-FOR-US: HP StorageWorks
-CVE-2009-2679 (Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and ...)
+CVE-2009-2679
 	NOT-FOR-US: HP HP-UX
-CVE-2009-2678 (Unspecified vulnerability in Open System Services (OSS) Name Server on ...)
+CVE-2009-2678
 	NOT-FOR-US: Open System Services (OSS) Name Server on HP NonStop
-CVE-2009-2677 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+CVE-2009-2677
 	NOT-FOR-US: HP Insight Control Suite For Linux (aka ICE-LX)
-CVE-2009-2676 (Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE ...)
+CVE-2009-2676
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
@@ -6540,7 +6540,7 @@ CVE-2009-2676 (Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, a
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <undetermined> (bug #566769)
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2009-2675 (Integer overflow in the unpack200 utility in Sun Java Runtime ...)
+CVE-2009-2675
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
@@ -6548,59 +6548,59 @@ CVE-2009-2675 (Integer overflow in the unpack200 utility in Sun Java Runtime ...
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <undetermined> (bug #566769)
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2009-2674 (Integer overflow in javaws.exe in Sun Java Web Start in Sun Java ...)
+CVE-2009-2674
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2673 (The proxy mechanism implementation in Sun Java Runtime Environment ...)
+CVE-2009-2673
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2672 (The proxy mechanism implementation in Sun Java Runtime Environment ...)
+CVE-2009-2672
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2671 (The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) ...)
+CVE-2009-2671
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2670 (The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE ...)
+CVE-2009-2670
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2669 (A certain debugging component in IBM AIX 5.3 and 6.1 does not properly ...)
+CVE-2009-2669
 	NOT-FOR-US: IBM AIX
-CVE-2009-2668 (Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through ...)
+CVE-2009-2668
 	NOT-FOR-US: Microsoft
-CVE-2009-2667 (Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) ...)
+CVE-2009-2667
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2009-2666 (socket.c in fetchmail before 6.3.11 does not properly handle a '\0' ...)
+CVE-2009-2666
 	{DSA-1852-1}
 	- fetchmail 6.3.9~rc2-6
-CVE-2009-2665 (The nsDocument::SetScriptGlobalObject function in ...)
+CVE-2009-2665
 	- xulrunner 1.9.1.8-1
 	[lenny] - xulrunner <not-affected> (vulnerability introduced in firefox 3.5)
 	[etch] - xulrunner <not-affected> (vulnerability introduced in firefox 3.5)
-CVE-2009-2664 (The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript ...)
+CVE-2009-2664
 	{DSA-1873-1}
 	- xulrunner 1.9.0.13-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 ...)
+CVE-2009-2663
 	{DSA-1939-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -6608,110 +6608,110 @@ CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox 3.5.x before
 	- xulrunner 1.9.1.2-1 (medium; bug #540961)
 	[etch] - xulrunner <not-affected> (vulnerability introduced in 1.9.1.0)
 	[lenny] - xulrunner <not-affected> (vulnerability introduced in 1.9.1.0)
-CVE-2009-2662 (The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote ...)
+CVE-2009-2662
 	{DSA-1873-1}
 	- xulrunner 1.9.0.13-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2661 (The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before ...)
+CVE-2009-2661
 	{DSA-1899-1}
 	- strongswan 4.3.2-1.1 (bug #540144)
-CVE-2009-2660 (Multiple integer overflows in CamlImages 2.2 might allow ...)
+CVE-2009-2660
 	{DSA-1912-2 DSA-1912-1 DSA-1857-1}
 	- camlimages 1:3.0.1-3 (low; bug #540146)
 	- advi 1.6.0-15 (low; bug #551282)
-CVE-2009-2657 (nilfs-utils before 2.0.14 installs multiple programs with unnecessary ...)
+CVE-2009-2657
 	- nilfs2-tools <not-affected> (dh_fixperms removes the setuid and setgid bits from all files)
-CVE-2009-2656 (Unspecified vulnerability in the com.android.phone process in Android ...)
+CVE-2009-2656
 	NOT-FOR-US: Android
-CVE-2009-2655 (mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 ...)
+CVE-2009-2655
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2654 (Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote ...)
+CVE-2009-2654
 	{DSA-1873-1}
 	- xulrunner 1.9.0.13-1 (low; bug #539891)
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2653 (** DISPUTED ** ...)
+CVE-2009-2653
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2652 (Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris ...)
+CVE-2009-2652
 	NOT-FOR-US: Solaris Trusted Extensions
-CVE-2009-3938 (Buffer overflow in the ABWOutputDev::endWord function in ...)
+CVE-2009-3938
 	{DSA-1941-1}
 	- poppler 0.12.2-2.1 (low; bug #534680)
 	[etch] - poppler <not-affected> (Vulnerable code not present)
-CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox before ...)
+CVE-2009-2408
 	{DSA-2025-1 DSA-1874-1}
 	- nss 3.12.3-1 (medium; bug #539934)
 	- icedove 2.0.0.24-1 (medium)
-CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ...)
+CVE-2009-2651
 	- asterisk 1:1.6.2.0~dfsg~rc1-1 (low; bug #539473)
 	[etch] - asterisk <not-affected> (Vulnerable code not present)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: AST-2009-004
-CVE-2009-2650 (Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 ...)
+CVE-2009-2650
 	NOT-FOR-US: Sorcerer Software MultiMedia Jukebox
-CVE-2009-2649 (The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev ...)
+CVE-2009-2649
 	- kfreebsd-8 8.0-1 (bug #572811)
 	- kfreebsd-7 7.3-1 (bug #572811)
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <removed> (bug #572811)
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
-CVE-2009-2648 (FlashDen Guestbook allows remote attackers to obtain configuration ...)
+CVE-2009-2648
 	NOT-FOR-US: FlashDen Guestbook
-CVE-2009-2647 (Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky ...)
+CVE-2009-2647
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2009-2646 (Multiple unspecified vulnerabilities in the PDF distiller in the ...)
+CVE-2009-2646
 	NOT-FOR-US: Research In Motion (RIM) BlackBerry Enterprise Server (BES)
 CVE-2009-2645
 	REJECTED
-CVE-2009-2644 (Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and ...)
+CVE-2009-2644
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2659 (The Admin media handler in core/servers/basehttp.py in Django 1.0 and ...)
+CVE-2009-2659
 	- python-django 1.1-1 (low; bug #539134)
 	[etch] - python-django <no-dsa> (Minor issue)
 	[lenny] - python-django 1.0.2-1+lenny1
-CVE-2009-2643 (Multiple unspecified vulnerabilities in the PDF distiller in the ...)
+CVE-2009-2643
 	NOT-FOR-US: BlackBerry Products
 CVE-2009-XXXX [ser2net DoS]
 	- ser2net 2.6-1 (low; bug #535159)
 	[etch] - ser2net <no-dsa> (Minor issue)
 	[lenny] - ser2net <no-dsa> (Minor issue)
-CVE-2009-2642 (index.php in Desi Short URL Script 1.0 allows remote attackers to ...)
+CVE-2009-2642
 	NOT-FOR-US: Desi Short URL
-CVE-2009-2641 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-2641
 	NOT-FOR-US: School Data Navigator
-CVE-2009-2640 (Multiple SQL injection vulnerabilities in cgi/admin.cgi in Interlogy ...)
+CVE-2009-2640
 	NOT-FOR-US: Interlogy Profile Manager Basic
-CVE-2009-2639 (SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System ...)
+CVE-2009-2639
 	NOT-FOR-US: MRCGIGUY
-CVE-2009-2638 (SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 ...)
+CVE-2009-2638
 	NOT-FOR-US: Joomla! component
-CVE-2009-2637 (PHP remote file inclusion vulnerability in toolbar_ext.php in the ...)
+CVE-2009-2637
 	NOT-FOR-US: Joomla! component
-CVE-2009-2636 (Cross-site scripting (XSS) vulnerability in the Integration page in ...)
+CVE-2009-2636
 	NOT-FOR-US: WebMail component in Kerio MailServer
-CVE-2009-2635 (PHP remote file inclusion vulnerability in toolbar_ext.php in the ...)
+CVE-2009-2635
 	NOT-FOR-US: Joomla! component
-CVE-2009-2634 (PHP remote file inclusion vulnerability in toolbar_ext.php in the ...)
+CVE-2009-2634
 	NOT-FOR-US: Joomla! component
-CVE-2009-2633 (PHP remote file inclusion vulnerability in toolbar_ext.php in the ...)
+CVE-2009-2633
 	NOT-FOR-US: Joomla! component
-CVE-2009-2632 (Buffer overflow in the SIEVE script component (sieve/script.c), as ...)
+CVE-2009-2632
 	{DSA-1893-1 DSA-1892-1 DSA-1881-1}
 	- cyrus-imapd-2.2 2.2.13-15 (medium)
 	- kolab-cyrus-imapd 2.2.13-5.1 (medium; bug #547712)
 	- dovecot 1:1.2.1-1 (medium; bug #546656)
-CVE-2009-2631 (Multiple clientless SSL VPN products that run in web browsers, ...)
+CVE-2009-2631
 	NOT-FOR-US: Commercial SSL VPN products
 CVE-2009-2630
 	RESERVED
-CVE-2009-2629 (Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through ...)
+CVE-2009-2629
 	{DSA-1884-1}
 	- nginx 0.7.61-3 (medium)
-CVE-2009-2628 (The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 ...)
+CVE-2009-2628
 	NOT-FOR-US: VMware Movie Decoder
-CVE-2009-2627 (Insecure method vulnerability in the Acer LunchApp (aka ...)
+CVE-2009-2627
 	NOT-FOR-US: Acer LunchApp
-CVE-2009-2625 (XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime ...)
+CVE-2009-2625
 	{DSA-1984-1}
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
@@ -6720,96 +6720,96 @@ CVE-2009-2625 (XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runti
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 	- libxerces2-java 2.9.1-4.1 (bug #548358)
-CVE-2009-2624 (The huft_build function in inflate.c in gzip before 1.3.13 creates a ...)
+CVE-2009-2624
 	{DSA-1974-1}
 	- gzip 1.3.12-8 (medium; bug #507263)
 CVE-2009-2623
 	RESERVED
-CVE-2009-2620 (src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before ...)
+CVE-2009-2620
 	- firebird2.0 2.0.5.13206-0.ds2-4 (low; bug #539477)
 	[lenny] - firebird2.0 2.0.4.13130-1.ds1-4+lenny1
 	- firebird2.1 2.1.2.18118-0.ds1-4 (low; bug #539478)
-CVE-2009-2619 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
+CVE-2009-2619
 	NOT-FOR-US: DataCheck Solutions V-SpacePal
-CVE-2009-2618 (SQL injection vulnerability in the Surveys (aka NS-Polls) module in ...)
+CVE-2009-2618
 	NOT-FOR-US: MDPro module
-CVE-2009-2617 (Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 ...)
+CVE-2009-2617
 	NOT-FOR-US: BaoFeng Storm
-CVE-2009-2616 (SQL injection vulnerability in z_admin_login.asp in DataCheck ...)
+CVE-2009-2616
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2615 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck ...)
+CVE-2009-2615
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2614 (SQL injection vulnerability in z_admin_login.asp in DataCheck ...)
+CVE-2009-2614
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2613 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck ...)
+CVE-2009-2613
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2612 (SQL injection vulnerability in login.aspx in ProSMDR allows remote ...)
+CVE-2009-2612
 	NOT-FOR-US: ProSMDR
-CVE-2009-2611 (Directory traversal vulnerability in ...)
+CVE-2009-2611
 	NOT-FOR-US: MyFusion
-CVE-2009-2610 (Cross-site scripting (XSS) vulnerability in the Links Related module ...)
+CVE-2009-2610
 	NOT-FOR-US: Drupal module
-CVE-2009-2609 (SQL injection vulnerability in the amoCourse (com_amocourse) component ...)
+CVE-2009-2609
 	NOT-FOR-US: Joomla! module
-CVE-2009-2608 (Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow ...)
+CVE-2009-2608
 	NOT-FOR-US: PHP Address Book
-CVE-2009-2607 (SQL injection vulnerability in the com_pinboard component for Joomla! ...)
+CVE-2009-2607
 	NOT-FOR-US: Joomla! component
-CVE-2009-2606 (ASP Football Pool 2.3 stores sensitive information under the web root ...)
+CVE-2009-2606
 	NOT-FOR-US: ASP Football Pool
-CVE-2009-2605 (Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up ...)
+CVE-2009-2605
 	NOT-FOR-US: Traidnt up
-CVE-2009-2604 (Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help ...)
+CVE-2009-2604
 	NOT-FOR-US: Zen Help Desk
-CVE-2009-2603 (Multiple SQL injection vulnerabilities in index.php in Escon ...)
+CVE-2009-2603
 	NOT-FOR-US: Escon SupportPortal Pro
-CVE-2009-2602 (R2 Newsletter Lite, Pro, and Stats stores sensitive information under ...)
+CVE-2009-2602
 	NOT-FOR-US: R2 Newsletter Store
-CVE-2009-2601 (SQL injection vulnerability in the Joomlaequipment (aka JUser or ...)
+CVE-2009-2601
 	NOT-FOR-US: Joomla! component
-CVE-2009-2600 (Multiple directory traversal vulnerabilities in view.php in Webboard ...)
+CVE-2009-2600
 	NOT-FOR-US: Webboard
-CVE-2009-2599 (SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 ...)
+CVE-2009-2599
 	NOT-FOR-US: RadCLASSIFIEDS
-CVE-2009-2598 (Multiple SQL injection vulnerabilities in Online Grades &amp; Attendance ...)
+CVE-2009-2598
 	NOT-FOR-US: Online Grades & Attendance
-CVE-2009-2597 (The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for ...)
+CVE-2009-2597
 	NOT-FOR-US: Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server
-CVE-2009-2596 (Unspecified vulnerability in the Solaris Auditing subsystem in Sun ...)
+CVE-2009-2596
 	NOT-FOR-US: Solaris Auditing subsystem
-CVE-2009-2622 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote ...)
+CVE-2009-2622
 	{DSA-1843-2 DSA-1843-1}
 	- squid3 3.0.STABLE18-1 (medium; bug #538989)
 	- squid <not-affected> (see NOTE)
 	NOTE: squid 2.x not affected, according to
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
-CVE-2009-2621 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not ...)
+CVE-2009-2621
 	{DSA-1843-2 DSA-1843-1}
 	- squid3 3.0.STABLE18-1 (medium; bug #538989)
 	- squid <not-affected> (see NOTE)
 	NOTE: squid 2.x not affected, according to
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
-CVE-2009-2595 (Cross-site scripting (XSS) vulnerability in productSearch.html in ...)
+CVE-2009-2595
 	NOT-FOR-US: Censura
-CVE-2009-2594 (Cross-site scripting (XSS) vulnerability in censura.php in Censura ...)
+CVE-2009-2594
 	NOT-FOR-US: Censura
-CVE-2009-2593 (SQL injection vulnerability in censura.php in Censura 1.16.04 allows ...)
+CVE-2009-2593
 	NOT-FOR-US: Censura
-CVE-2009-2592 (SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 ...)
+CVE-2009-2592
 	NOT-FOR-US: PHPJunkYard
-CVE-2009-2591 (SQL injection vulnerability in the MyAnnonces module for E-Xoopport ...)
+CVE-2009-2591
 	NOT-FOR-US: MyAnnonces module for E-Xoopport
-CVE-2009-2590 (SQL injection vulnerability in showcategory.php in Hutscripts PHP ...)
+CVE-2009-2590
 	NOT-FOR-US: Hutscripts PHP
-CVE-2009-2589 (Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP ...)
+CVE-2009-2589
 	NOT-FOR-US: Hutscripts PHP
-CVE-2009-2588 (Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type ...)
+CVE-2009-2588
 	NOT-FOR-US: Hotscripts Type PHP Clone Script
-CVE-2009-2587 (Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart ...)
+CVE-2009-2587
 	NOT-FOR-US: DragDropCart
-CVE-2009-2586 (Cross-site scripting (XSS) vulnerability in articles.php in EDGEPHP ...)
+CVE-2009-2586
 	NOT-FOR-US: EZArticles
-CVE-2009-2585 (SQL injection vulnerability in index.php in Mlffat 2.2 allows remote ...)
+CVE-2009-2585
 	NOT-FOR-US: Mlffat
 CVE-2009-XXXX [nilfs-tools privilege escalation]
 	- nilfs2-tools <not-affected> (We don't install this with setuid)
@@ -6819,218 +6819,218 @@ CVE-2009-XXXX [XSS in drupal 6 calendar field]
 	NOTE: you need to be able to create new calendar items, e.g. admistrative
 	NOTE: access in order to exploit that
 	NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2009-July/069849.html
-CVE-2009-2584 (Off-by-one error in the options_write function in ...)
+CVE-2009-2584
 	- linux-2.6 2.6.31-2 (high)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not present)
 	- linux-2.6.24 <not-affected> (vulnerable code not present)
 	NOTE: exploit code exists
-CVE-2009-2583 (Multiple session fixation vulnerabilities in IBM Tivoli Identity ...)
+CVE-2009-2583
 	NOT-FOR-US: IBM Tivoli
-CVE-2009-2582 (Stack-based buffer overflow in manager.exe in Akamai Download Manager ...)
+CVE-2009-2582
 	NOT-FOR-US: Akamai Download Manager
-CVE-2009-2581 (Cross-site scripting (XSS) vulnerability in modifier.php in ...)
+CVE-2009-2581
 	NOT-FOR-US: EditeurScripts EsNews
 CVE-2009-2580
 	REJECTED
-CVE-2009-2579 (SQL injection vulnerability in reward_points.post.php in the Reward ...)
+CVE-2009-2579
 	NOT-FOR-US: CS-Cart
-CVE-2009-2578 (Google Chrome 2.x through 2.0.172 allows remote attackers to cause a ...)
+CVE-2009-2578
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	NOTE: browser denial of services not considered security-relevant
-CVE-2009-2577 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)
+CVE-2009-2577
 	NOT-FOR-US: Opera
-CVE-2009-2576 (Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote ...)
+CVE-2009-2576
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2575 (The Research In Motion (RIM) BlackBerry 8800 allows remote attackers ...)
+CVE-2009-2575
 	NOT-FOR-US: BlackBerry
-CVE-2009-2574 (index.php in MiniTwitter 0.2 beta allows remote authenticated users to ...)
+CVE-2009-2574
 	NOT-FOR-US: MiniTwitter
-CVE-2009-2573 (Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when ...)
+CVE-2009-2573
 	NOT-FOR-US: MiniTwitter
-CVE-2009-2572 (Cross-site request forgery (CSRF) vulnerability in the Fivestar module ...)
+CVE-2009-2572
 	NOT-FOR-US: Drupal Module
-CVE-2009-2571 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-2571
 	NOT-FOR-US: VerliAdmin
-CVE-2009-2570 (Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX ...)
+CVE-2009-2570
 	NOT-FOR-US: Symantec WinFax Pro
-CVE-2009-2569 (Multiple cross-site scripting (XSS) vulnerabilities in Verlihub ...)
+CVE-2009-2569
 	NOT-FOR-US: vhcp
-CVE-2009-2568 (Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) ...)
+CVE-2009-2568
 	NOT-FOR-US: Sorinara Streaming Audio Player
-CVE-2009-2567 (SQL injection vulnerability in the Almond Classifieds (com_aclassf) ...)
+CVE-2009-2567
 	NOT-FOR-US: Joomla! component
-CVE-2009-2566 (Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly ...)
+CVE-2009-2566
 	NOT-FOR-US: TFM MMPlayer
-CVE-2009-2565 (Cross-site scripting (XSS) vulnerability in Perl CGI's By Mrs. ...)
+CVE-2009-2565
 	NOT-FOR-US: Perl CGI's By Mrs. Shiromuku shiromuku
-CVE-2009-2564 (NOS Microsystems getPlus Download Manager, as used in Adobe Reader ...)
+CVE-2009-2564
 	NOT-FOR-US: Adobe
-CVE-2009-2563 (Unspecified vulnerability in the Infiniband dissector in Wireshark ...)
+CVE-2009-2563
 	- wireshark 1.2.1-1 (bug #538237)
 	[etch] - wireshark <not-affected> (Only affects 1.0.6 to 1.2.0)
 	[lenny] - wireshark <not-affected> (Only affects 1.0.6 to 1.2.0)
-CVE-2009-2562 (Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 ...)
+CVE-2009-2562
 	{DSA-1942-1}
 	- wireshark 1.2.1-1 (low; bug #538237)
 	[lenny] - wireshark 1.0.2-3+lenny6
 	[etch] - wireshark <no-dsa> (Minor issue)
-CVE-2009-2561 (Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 ...)
+CVE-2009-2561
 	- wireshark 1.2.1-1 (bug #538237)
 	[etch] - wireshark <not-affected> (Only affects 1.2.0)
 	[lenny] - wireshark <not-affected> (Only affects 1.2.0)
-CVE-2009-2560 (Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote ...)
+CVE-2009-2560
 	{DSA-1942-1}
 	- wireshark 1.2.1-1 (bug #538237)
-CVE-2009-2559 (Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote ...)
+CVE-2009-2559
 	- wireshark 1.2.1-1 (bug #538237)
 	[etch] - wireshark <not-affected> (Only affects 1.2.0)
 	[lenny] - wireshark <not-affected> (Only affects 1.2.0)
-CVE-2009-2558 (system/message.php in Admin News Tools 2.5 does not properly restrict ...)
+CVE-2009-2558
 	NOT-FOR-US: Admin News Tools
-CVE-2009-2557 (Directory traversal vulnerability in system/download.php in Admin News ...)
+CVE-2009-2557
 	NOT-FOR-US: Admin News Tools
-CVE-2009-2556 (Google Chrome before 2.0.172.37 allows attackers to leverage renderer ...)
+CVE-2009-2556
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (chrome-specfic renderer issue)
-CVE-2009-2555 (Heap-based buffer overflow in src/jsregexp.cc in Google V8 before ...)
+CVE-2009-2555
 	- chromium-browser <not-affected> (Only 1.x and 2.x are affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-2658 (Directory traversal vulnerability in ZNC before 0.072 allows remote ...)
+CVE-2009-2658
 	{DSA-1848-1}
 	- znc 0.074-1 (medium; bug #537977)
 	NOTE: http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570
 	NOTE: CVE id requested
-CVE-2009-2554 (SQL injection vulnerability in the search method in jobline.class.php ...)
+CVE-2009-2554
 	NOT-FOR-US: Joomla!
-CVE-2009-2553 (Multiple SQL injection vulnerabilities in comments.php in Super Simple ...)
+CVE-2009-2553
 	NOT-FOR-US: Super Simple Blog Script
-CVE-2009-2552 (Multiple directory traversal vulnerabilities in comments.php in Super ...)
+CVE-2009-2552
 	NOT-FOR-US: Super Simple Blog Script
-CVE-2009-2551 (Multiple cross-site scripting (XSS) vulnerabilities in ScriptsEz Easy ...)
+CVE-2009-2551
 	NOT-FOR-US: ScriptsEz Easy Image Downloader
-CVE-2009-2550 (Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote ...)
+CVE-2009-2550
 	NOT-FOR-US: Hamster Audio Player
-CVE-2009-2549 (Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed ...)
+CVE-2009-2549
 	NOT-FOR-US: Armed Assault
-CVE-2009-2548 (Format string vulnerability in Armed Assault (aka ArmA) 1.14 and ...)
+CVE-2009-2548
 	NOT-FOR-US: Armed Assault
-CVE-2009-2547 (Integer underflow in Armed Assault (aka ArmA) 1.14 and earlier, and ...)
+CVE-2009-2547
 	NOT-FOR-US: Armed Assault
-CVE-2009-2546 (Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x ...)
+CVE-2009-2546
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2009-2545 (SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when ...)
+CVE-2009-2545
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2009-2544 (Directory traversal vulnerability in the Marcelo Costa FileServer ...)
+CVE-2009-2544
 	NOT-FOR-US: Marcelo Costa FileServer
-CVE-2009-2543 (Multiple unspecified vulnerabilities in the IBM Proventia engine ...)
+CVE-2009-2543
 	NOT-FOR-US: IBM Proventia engine
-CVE-2009-2542 (Netscape 6 and 8 allows remote attackers to cause a denial of service ...)
+CVE-2009-2542
 	NOT-FOR-US: Netscape 6 and 8
-CVE-2009-2541 (The web browser on the Sony PLAYSTATION 3 (PS3) allows remote ...)
+CVE-2009-2541
 	NOT-FOR-US: Sony PLAYSTATION 3
-CVE-2009-2540 (Opera, possibly 9.64 and earlier, allows remote attackers to cause a ...)
+CVE-2009-2540
 	NOT-FOR-US: Opera
-CVE-2009-2539 (The Aigo P8860 allows remote attackers to cause a denial of service ...)
+CVE-2009-2539
 	NOT-FOR-US: Aigo P8860
-CVE-2009-2538 (The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet ...)
+CVE-2009-2538
 	NOT-FOR-US: Nokia N95
-CVE-2009-2537 (KDE Konqueror allows remote attackers to cause a denial of service ...)
+CVE-2009-2537
 	- kdebase <unfixed> (unimportant; bug #537931)
-CVE-2009-2536 (Microsoft Internet Explorer 5 through 8 allows remote attackers to ...)
+CVE-2009-2536
 	NOT-FOR-US: Microsoft Internet Explorer 5
-CVE-2009-2535 (Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and ...)
+CVE-2009-2535
 	- iceweasel 3.0.5-1 (unimportant)
 	[etch] - iceweasel 2.0.0.19-0etch1 (unimportant)
-CVE-2009-2534 (RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allow ...)
+CVE-2009-2534
 	NOT-FOR-US: RealNetworks Helix Server and Helix Mobile Server
-CVE-2009-2533 (rmserver in RealNetworks Helix Server and Helix Mobile Server before ...)
+CVE-2009-2533
 	NOT-FOR-US: RealNetworks Helix Server and Helix Mobile Server
-CVE-2009-2532 (Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold ...)
+CVE-2009-2532
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2009-2531 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly ...)
+CVE-2009-2531
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2530 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly ...)
+CVE-2009-2530
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2529 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not ...)
+CVE-2009-2529
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2528 (GDI+ in Microsoft Office XP SP3 does not properly handle malformed ...)
+CVE-2009-2528
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-2527 (Heap-based buffer overflow in Microsoft Windows Media Player 6.4 ...)
+CVE-2009-2527
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2009-2526 (Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and ...)
+CVE-2009-2526
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2009-2525 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice ...)
+CVE-2009-2525
 	NOT-FOR-US: Microsoft Windows Media Runtime
-CVE-2009-2524 (Integer underflow in the NTLM authentication feature in the Local ...)
+CVE-2009-2524
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2009-2523 (The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 ...)
+CVE-2009-2523
 	NOT-FOR-US: Microsoft Windows 2000
 CVE-2009-2522
 	REJECTED
-CVE-2009-2521 (Stack consumption vulnerability in the FTP Service in Microsoft ...)
+CVE-2009-2521
 	NOT-FOR-US: Microsoft Internet Information Server
 CVE-2009-2520
 	REJECTED
-CVE-2009-2519 (The DHTML Editing Component ActiveX control in Microsoft Windows 2000 ...)
+CVE-2009-2519
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2518 (Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote ...)
+CVE-2009-2518
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-2517 (The kernel in Microsoft Windows Server 2003 SP2 does not properly ...)
+CVE-2009-2517
 	NOT-FOR-US: Microsoft Windows Server 2003
-CVE-2009-2516 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2009-2516
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2515 (Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 ...)
+CVE-2009-2515
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2514 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and ...)
+CVE-2009-2514
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2513 (The Graphics Device Interface (GDI) in win32k.sys in the kernel in ...)
+CVE-2009-2513
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2512 (The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, ...)
+CVE-2009-2512
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2511 (Integer overflow in the CryptoAPI component in Microsoft Windows 2000 ...)
+CVE-2009-2511
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2510 (The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 ...)
+CVE-2009-2510
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2509 (Active Directory Federation Services (ADFS) in Microsoft Windows ...)
+CVE-2009-2509
 	NOT-FOR-US: Microsoft Active Directory Federation Services
-CVE-2009-2508 (The single sign-on implementation in Active Directory Federation ...)
+CVE-2009-2508
 	NOT-FOR-US: Microsoft Active Directory Federation Services
-CVE-2009-2507 (A certain ActiveX control in the Indexing Service in Microsoft Windows ...)
+CVE-2009-2507
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2506 (Integer overflow in the text converters in Microsoft Office Word 2002 ...)
+CVE-2009-2506
 	NOT-FOR-US: Microsoft Office
-CVE-2009-2505 (The Internet Authentication Service (IAS) in Microsoft Windows Vista ...)
+CVE-2009-2505
 	NOT-FOR-US: Microsoft Office
-CVE-2009-2504 (Multiple integer overflows in unspecified APIs in GDI+ in Microsoft ...)
+CVE-2009-2504
 	NOT-FOR-US: Microsoft products
-CVE-2009-2503 (GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, ...)
+CVE-2009-2503
 	NOT-FOR-US: Microsoft products
-CVE-2009-2502 (Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
+CVE-2009-2502
 	NOT-FOR-US: Microsoft products
-CVE-2009-2501 (Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 ...)
+CVE-2009-2501
 	NOT-FOR-US: Microsoft products
-CVE-2009-2500 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
+CVE-2009-2500
 	NOT-FOR-US: Microsoft products
-CVE-2009-2499 (Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft ...)
+CVE-2009-2499
 	NOT-FOR-US: Microsoft Windows Media Format Runtime
-CVE-2009-2498 (Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows ...)
+CVE-2009-2498
 	NOT-FOR-US: Microsoft Windows Media Format Runtime
-CVE-2009-2497 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 ...)
+CVE-2009-2497
 	NOT-FOR-US: Microsoft products
-CVE-2009-2496 (Heap-based buffer overflow in the Office Web Components ActiveX ...)
+CVE-2009-2496
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-2495 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
+CVE-2009-2495
 	NOT-FOR-US: Microsoft Visual Studio .NET
-CVE-2009-2494 (The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP ...)
+CVE-2009-2494
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
+CVE-2009-2493
 	NOT-FOR-US: Microsoft Visual Studio .NET
-CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
+CVE-2009-2492
 	- movabletype-opensource 4.2.6.1-1 (low; bug #537935)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny1
-CVE-2009-4589 (Cross-site scripting (XSS) vulnerability in the Special:Block ...)
+CVE-2009-4589
 	- mediawiki 1:1.15.0-1.1 (low; bug #537634)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
@@ -7041,27 +7041,27 @@ CVE-2009-XXXX [insecure tmp file vulnerability in slim]
 	- slim <removed> (unimportant; bug #537604)
 	NOTE: exploit scenario too constructed
 	[lenny] - slim 1.3.0-1+lenny2
-CVE-2009-2484 (Stack-based buffer overflow in the Win32AddConnection function in ...)
+CVE-2009-2484
 	- vlc <not-affected> (The vulnerability affects Windows builds only)
-CVE-2009-2479 (Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote ...)
+CVE-2009-2479
 	- xulrunner 1.9.1.1-1
 	[etch] - xulrunner <not-affected> (only affects firefox 3.5)
 	[lenny] - xulrunner <not-affected> (only affects firefox 3.5)
-CVE-2009-2478 (Mozilla Firefox 3.5 allows remote attackers to cause a denial of ...)
+CVE-2009-2478
 	- xulrunner <not-affected> (unimportant)
 	NOTE: browser crashes not treated as security issues
-CVE-2009-2476 (The Java Management Extensions (JMX) implementation in Sun Java SE 6 ...)
+CVE-2009-2476
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2475 (Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, ...)
+CVE-2009-2475
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2474 (neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly ...)
+CVE-2009-2474
 	- neon27 0.28.6-1 (low; bug #542926)
 	[lenny] - neon27 <no-dsa> (Minor issue)
 	- neon26 0.26.4-3 (low; bug #542926)
@@ -7073,168 +7073,168 @@ CVE-2009-2474 (neon before 0.28.6, when OpenSSL or GnuTLS is used, does not prop
 	- litmus 0.13-1
 	NOTE: affected neon code copy present in litmus [./libneon/*]
 	NOTE: The new reintroduced litmus package removes the embedded copy
-CVE-2009-2473 (neon before 0.28.6, when expat is used, does not properly detect ...)
+CVE-2009-2473
 	- neon27 <not-affected> (neon27 is compiled to use libxml2 instead of expat)
 	- neon26 <not-affected> (neon26 is compiled to use libxml2 instead of expat)
 	- neon <removed>
 	[etch] - neon <not-affected> (neon is compiled to use libxml2 instead of expat)
-CVE-2009-2472 (Mozilla Firefox before 3.0.12 does not always use ...)
+CVE-2009-2472
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2471 (The setTimeout function in Mozilla Firefox before 3.0.12 does not ...)
+CVE-2009-2471
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2470 (Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote ...)
+CVE-2009-2470
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2469 (Mozilla Firefox before 3.0.12 does not properly handle an SVG element ...)
+CVE-2009-2469
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2468 (Integer overflow in Apple CoreGraphics, as used in Safari before ...)
+CVE-2009-2468
 	NOT-FOR-US: CoreGraphics in Apple Mac OS X
 	NOTE: related issue to CVE-2009-1194
-CVE-2009-2467 (Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote ...)
+CVE-2009-2467
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2466 (The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird ...)
+CVE-2009-2466
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2465 (Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers ...)
+CVE-2009-2465
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2464 (The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in ...)
+CVE-2009-2464
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2463 (Multiple integer overflows in the (1) PL_Base64Decode and (2) ...)
+CVE-2009-2463
 	{DSA-2025-1 DSA-1931-1}
 	- nspr 4.8.2-1
 	- icedove 3.0~rc2-2
 	[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-2462 (The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird ...)
+CVE-2009-2462
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2491 (The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when ...)
+CVE-2009-2491
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2490 (Unspecified vulnerability in the utaudiod daemon in Sun Ray Server ...)
+CVE-2009-2490
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2489 (Unspecified vulnerability in the utdmsession program in Sun Ray Server ...)
+CVE-2009-2489
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2488 (Unspecified vulnerability in the NFSv4 module in the kernel in Sun ...)
+CVE-2009-2488
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2487 (Use-after-free vulnerability in the frpr_icmp function in the ipfilter ...)
+CVE-2009-2487
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2486 (Unspecified vulnerability in the SCTP implementation in Sun Solaris ...)
+CVE-2009-2486
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2485 (Stack-based buffer overflow in HT-MP3Player 1.0 allows remote ...)
+CVE-2009-2485
 	NOT-FOR-US: HT-MP3Player
-CVE-2009-2483 (libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local ...)
+CVE-2009-2483
 	NOT-FOR-US: NetBSD
-CVE-2009-2482 (The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 ...)
+CVE-2009-2482
 	NOT-FOR-US: NetBSD OpenPAM
-CVE-2009-2481 (mt-wizard.cgi in Six Apart Movable Type before 4.261, when global ...)
+CVE-2009-2481
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2009-2480 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
+CVE-2009-2480
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2009-2461 (mathtex.cgi in mathTeX, when downloaded before 20090713, does not ...)
+CVE-2009-2461
 	- mathtex 1.03-1 (low; bug #537253)
-CVE-2009-2460 (Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when ...)
+CVE-2009-2460
 	- mathtex 1.03-1 (medium; bug #537253)
 	NOTE: severity set to medium as this is used in several web applications for conversions
-CVE-2009-2459 (Multiple unspecified vulnerabilities in mimeTeX, when downloaded ...)
+CVE-2009-2459
 	{DSA-1917-1}
 	- mimetex 1.50-1.1 (medium; bug #537254)
 	NOTE: set impact to medium as this is used in several web applications for conversions
-CVE-2009-2458 (Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100 ...)
+CVE-2009-2458
 	NOT-FOR-US: Sun Fire V215 Server
-CVE-2009-2457 (The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows ...)
+CVE-2009-2457
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-2456 (The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows ...)
+CVE-2009-2456
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-2455 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-2455
 	NOT-FOR-US: @mail
-CVE-2009-2454 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, ...)
+CVE-2009-2454
 	NOT-FOR-US: Citrix Web Interface
-CVE-2009-2453 (Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 ...)
+CVE-2009-2453
 	NOT-FOR-US: Citrix XenApp
-CVE-2009-2452 (Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have ...)
+CVE-2009-2452
 	NOT-FOR-US: Citrix Licensing
-CVE-2009-2451 (Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX ...)
+CVE-2009-2451
 	NOT-FOR-US: MIM:InfiniX
-CVE-2009-2477 (js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka ...)
+CVE-2009-2477
 	- xulrunner 1.9.1.2-1 (bug #537104)
 	[lenny] - xulrunner <not-affected> (vulnerable code introduced in firefox 3.5)
 	[etch] - xulrunner <not-affected> (vulnerable code introduced in firefox 3.5)
-CVE-2009-2450 (The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online ...)
+CVE-2009-2450
 	NOT-FOR-US: Tall Emu Online Armor Personal Firewall
-CVE-2009-2449 (Directory traversal vulnerability in ...)
+CVE-2009-2449
 	NOT-FOR-US: ADbNewsSender
-CVE-2009-2448 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online ...)
+CVE-2009-2448
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2447 (Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in ...)
+CVE-2009-2447
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2445 (Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ...)
+CVE-2009-2445
 	NOT-FOR-US: Sun ONE Web Server
-CVE-2009-2444 (Directory traversal vulnerability in maillinglist/setup/step1.php.inc ...)
+CVE-2009-2444
 	NOT-FOR-US: ADbNewsSender
-CVE-2009-2443 (Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to ...)
+CVE-2009-2443
 	NOT-FOR-US: Siteframe
-CVE-2009-2442 (Cross-site scripting (XSS) vulnerability in public/index.php in ...)
+CVE-2009-2442
 	NOT-FOR-US: Linea21
-CVE-2009-2441 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online ...)
+CVE-2009-2441
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2440 (Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook ...)
+CVE-2009-2440
 	NOT-FOR-US: JNM Guestbook
-CVE-2009-2439 (Multiple SQL injection vulnerabilities in Web Development House ...)
+CVE-2009-2439
 	NOT-FOR-US: Web Development House Alibaba
-CVE-2009-2438 (Cross-site scripting (XSS) vulnerability in index.php in the search ...)
+CVE-2009-2438
 	NOT-FOR-US: ClanSphere
-CVE-2009-2437 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-2437
 	NOT-FOR-US: MyPHPDating
-CVE-2009-2436 (SQL injection vulnerability in page.php in Online Dating Software ...)
+CVE-2009-2436
 	NOT-FOR-US: MyPHPDating
-CVE-2009-2435 (The Sametime server in IBM Lotus Instant Messaging and Web ...)
+CVE-2009-2435
 	NOT-FOR-US: IBM Lotus
-CVE-2009-2434 (Buffer overflow in the syscall implementation in IBM AIX 5.3 allows ...)
+CVE-2009-2434
 	NOT-FOR-US: IBM AIX
-CVE-2009-2433 (Stack-based buffer overflow in the AddFavorite method in Microsoft ...)
+CVE-2009-2433
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2432 (WordPress and WordPress MU before 2.8.1 allow remote attackers to ...)
+CVE-2009-2432
 	- wordpress 2.8.3-1 (unimportant; bug #537146)
 	NOTE: Installation path is a known fact on a Debian package installation
-CVE-2009-2431 (WordPress 2.7.1 places the username of a post's author in an HTML ...)
+CVE-2009-2431
 	- wordpress 2.8.3-1 (unimportant; bug #537146)
 	NOTE: Minor information leak
-CVE-2009-2430 (Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and ...)
+CVE-2009-2430
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2429 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in ...)
+CVE-2009-2429
 	NOT-FOR-US: SmartFilter Web Gateway Security
-CVE-2009-2428 (Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow ...)
+CVE-2009-2428
 	NOT-FOR-US: Tausch Ticket Script
-CVE-2009-2427 (SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows ...)
+CVE-2009-2427
 	NOT-FOR-US: Jobbr
-CVE-2009-2426 (The connection_edge_process_relay_cell_not_open function in ...)
+CVE-2009-2426
 	- tor 0.2.0.35-1 (low; bug #537148)
 	[lenny] - tor 0.2.0.35-1~lenny1
-CVE-2009-2425 (Tor before 0.2.0.35 allows remote attackers to cause a denial of ...)
+CVE-2009-2425
 	- tor 0.2.0.35-1 (low; bug #537148)
 	[lenny] - tor 0.2.0.35-1~lenny1
-CVE-2009-2424 (Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone ...)
+CVE-2009-2424
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-2423 (SQL injection vulnerability in category.php in Ebay Clone 2009 allows ...)
+CVE-2009-2423
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-2422 (The example code for the digest authentication functionality ...)
+CVE-2009-2422
 	- rails 2.3.5-1 (bug #535896)
 	[lenny] - rails <not-affected> (vulnerable code not present, introduced in 2.3.x)
-CVE-2009-2446 (Multiple format string vulnerabilities in the dispatch_command ...)
+CVE-2009-2446
 	{DSA-1877-1}
 	- mysql-dfsg-5.0 <removed> (low; bug #536726)
 	[squeeze] - mysql-dfsg-5.0 5.0.51a-24+lenny2
@@ -7244,45 +7244,45 @@ CVE-2009-XXXX [libio-socket-ssl-perl: partial hostname matching vulnerability]
 	NOTE: hostname validition is not implemented until 1.14, so etch
 	NOTE: is in a way is not affected, but in another sense, it is
 	NOTE: completely affected since no validation done at all
-CVE-2009-2421 (The CFCharacterSetInitInlineBuffer method in CoreFoundation.dll in ...)
+CVE-2009-2421
 	NOT-FOR-US: Apple Safari
-CVE-2009-2420 (Apple Safari 3.2.3 does not properly implement the file: protocol ...)
+CVE-2009-2420
 	NOT-FOR-US: Apple Safari
-CVE-2009-2419 (Use-after-free vulnerability in the servePendingRequests function in ...)
+CVE-2009-2419
 	- webkit 1.1.10-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 CVE-2009-2418
 	REJECTED
-CVE-2009-2417 (lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is ...)
+CVE-2009-2417
 	{DSA-1869-1}
 	- curl 7.19.5-1.1 (medium; bug #541991)
-CVE-2009-2416 (Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, ...)
+CVE-2009-2416
 	{DSA-1861-1 DSA-1859-1}
 	- libxml2 2.7.3.dfsg-2.1 (low; bug #540865)
 	- libxml <removed>
-CVE-2009-2415 (Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote ...)
+CVE-2009-2415
 	{DSA-1853-1}
 	- memcached 1.4.1-1 (medium; bug #540379)
 	- memcachedb 1.2.0-5 (medium; bug #540381)
 	NOTE: the impact varies, on etch this runs as root and is not bound
 	NOTE: to the loopback interface by default, memcached is even distributed
 	NOTE: but fortunately not in a stable release.
-CVE-2009-2414 (Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, ...)
+CVE-2009-2414
 	{DSA-1861-1 DSA-1859-1}
 	- libxml2 2.7.3.dfsg-2.1 (medium; bug #540865)
 	- libxml <removed>
 CVE-2009-2413
 	REJECTED
-CVE-2009-2412 (Multiple integer overflows in the Apache Portable Runtime (APR) ...)
+CVE-2009-2412
 	{DSA-1854-1}
 	- apr 1.3.8-1
 	- apr-util 1.3.9+dfsg-1
-CVE-2009-2411 (Multiple integer overflows in the libsvn_delta library in Subversion ...)
+CVE-2009-2411
 	{DSA-1855-1}
 	- subversion 1.6.4dfsg-1
-CVE-2009-2410 (The local_handler_callback function in ...)
+CVE-2009-2410
 	- sssd <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-2409 (The Network Security Services (NSS) library before 3.12.3, as used in ...)
+CVE-2009-2409
 	{DSA-1935-1 DSA-1888-1 DSA-1874-1}
 	- nss 3.12.3-1 (low; bug #539895)
 	- openssl 0.9.8k-4 (low; bug #539899)
@@ -7292,189 +7292,189 @@ CVE-2009-2409 (The Network Security Services (NSS) library before 3.12.3, as use
 	- gnutls13 <removed>
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-2407 (Heap-based buffer overflow in the parse_tag_3_packet function in ...)
+CVE-2009-2407
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-5 (medium)
 	[etch] - linux-2.6 <not-affected> (ecryptfs not yet present)
 	- linux-2.6.24 <removed>
-CVE-2009-2406 (Stack-based buffer overflow in the parse_tag_11_packet function in ...)
+CVE-2009-2406
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-5 (medium)
 	[etch] - linux-2.6 <not-affected> (ecryptfs not yet present)
 	- linux-2.6.24 <removed>
-CVE-2009-2405 (Multiple cross-site scripting (XSS) vulnerabilities in the Web Console ...)
+CVE-2009-2405
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-2404 (Heap-based buffer overflow in a regular-expression parser in Mozilla ...)
+CVE-2009-2404
 	{DSA-2025-1 DSA-1874-1}
 	- nss 3.12.3-1 (low; bug #539934)
 	- icedove 2.0.0.24-1 (low)
-CVE-2009-2403 (Heap-based buffer overflow in SCMPX 1.5.1 allows remote attackers to ...)
+CVE-2009-2403
 	NOT-FOR-US: SCMPX
-CVE-2009-2402 (SQL injection vulnerability in index.php in the forum module in ...)
+CVE-2009-2402
 	NOT-FOR-US: PHPEcho
-CVE-2009-2401 (Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows ...)
+CVE-2009-2401
 	NOT-FOR-US: PHPEcho
-CVE-2009-2400 (SQL injection vulnerability in the PHP (com_php) component for Joomla! ...)
+CVE-2009-2400
 	NOT-FOR-US: Joomla!
-CVE-2009-2399 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-2399
 	NOT-FOR-US: DM FileManager
-CVE-2009-2398 (Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 ...)
+CVE-2009-2398
 	NOT-FOR-US: PHP-Sugar
-CVE-2009-2397 (Directory traversal vulnerability in download.php in Audio Article ...)
+CVE-2009-2397
 	NOT-FOR-US: Audio Article Directory
-CVE-2009-2396 (PHP remote file inclusion vulnerability in template/album.php in DM ...)
+CVE-2009-2396
 	NOT-FOR-US: DM Albums
-CVE-2009-2395 (SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta ...)
+CVE-2009-2395
 	NOT-FOR-US: Joomla!
-CVE-2009-2394 (SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp ...)
+CVE-2009-2394
 	NOT-FOR-US: SMSPages
-CVE-2009-2393 (admin/index.php in Virtuenetz Virtue Online Test Generator does not ...)
+CVE-2009-2393
 	NOT-FOR-US: Virtuenetz Virtue Online Test Generator
-CVE-2009-2392 (SQL injection vulnerability in text.php in Virtuenetz Virtue Online ...)
+CVE-2009-2392
 	NOT-FOR-US: Virtuenetz Virtue Online Test Generator
-CVE-2009-2391 (Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz ...)
+CVE-2009-2391
 	NOT-FOR-US: Virtuenetz Virtue Online Test Generator
-CVE-2009-2390 (SQL injection vulnerability in the BookFlip (com_bookflip) component ...)
+CVE-2009-2390
 	NOT-FOR-US: Joomla!
-CVE-2009-2389 (Multiple SQL injection vulnerabilities in newsscript.php in USOLVED ...)
+CVE-2009-2389
 	NOT-FOR-US: USOLVED NEWSolved
-CVE-2009-2388 (SQL injection vulnerability in admin/index.php in Opial 1.0 allows ...)
+CVE-2009-2388
 	NOT-FOR-US: Opial
-CVE-2009-2387 (Unspecified vulnerability in the proc filesystem in Sun OpenSolaris ...)
+CVE-2009-2387
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-2386 (Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer ...)
+CVE-2009-2386
 	NOT-FOR-US: Awingsoft Awakening Winds3D Viewer plugin
-CVE-2009-2369 (Integer overflow in the wxImage::Create function in ...)
+CVE-2009-2369
 	{DSA-1890-1}
 	- wxwidgets2.8 2.8.7.1-2 (medium; bug #537174)
 	- wxwidgets2.6 2.6.3.2.2-3.1 (medium; bug #537175)
 	- wxwindows2.4 <removed> (medium)
-CVE-2009-2360 (Cross-site scripting (XSS) vulnerability in passwd/main.php in the ...)
+CVE-2009-2360
 	{DSA-1829-1}
 	- sork-passwd-h3 3.1-1.1 (low; bug #536554)
-CVE-2009-2385 (SQL injection vulnerability in the awardsMembers function in ...)
+CVE-2009-2385
 	NOT-FOR-US: Member Awards component for Simple Machines Forum
-CVE-2009-2384 (Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows ...)
+CVE-2009-2384
 	NOT-FOR-US: Brothersoft PEamp
-CVE-2009-2383 (SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites ...)
+CVE-2009-2383
 	NOT-FOR-US: Related Sites plugin for WordPress
-CVE-2009-2382 (admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to ...)
+CVE-2009-2382
 	NOT-FOR-US: phpMyBlockchecker
-CVE-2009-2381 (Gizmo 3.1.0.79 on Linux does not verify a server's SSL certificate, ...)
+CVE-2009-2381
 	NOT-FOR-US: Gizmo
-CVE-2009-2380 (Cross-site scripting (XSS) vulnerability in includes/functions.php in ...)
+CVE-2009-2380
 	NOT-FOR-US: 4images
-CVE-2009-2379 (Directory traversal vulnerability in public/index.php in BIGACE Web ...)
+CVE-2009-2379
 	NOT-FOR-US: BIGACE Web CMS
-CVE-2009-2378 (PHP remote file inclusion vulnerability in formmailer.admin.inc.php in ...)
+CVE-2009-2378
 	NOT-FOR-US: Jax FormMailer
-CVE-2009-2377 (Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in ...)
+CVE-2009-2377
 	NOT-FOR-US: AVAX-software Avax Vector ActiveX
-CVE-2009-2376 (Cross-site scripting (XSS) vulnerability in the Html::textarea ...)
+CVE-2009-2376
 	NOT-FOR-US: TangoCMS
-CVE-2009-2375 (Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly ...)
+CVE-2009-2375
 	NOT-FOR-US: Photo DVD Maker
-CVE-2009-2371 (Advanced Forum 6.x before 6.x-1.1, a module for Drupal, does not ...)
+CVE-2009-2371
 	NOT-FOR-US: Advanced Forum module for Drupal
-CVE-2009-2370 (Cross-site scripting (XSS) vulnerability in Advanced Forum 5.x before ...)
+CVE-2009-2370
 	NOT-FOR-US: Advanced Forum module for Drupal
-CVE-2009-2368 (Unspecified vulnerability in Socks Server 5 before 3.7.8-8 has unknown ...)
+CVE-2009-2368
 	NOT-FOR-US: Socks Server
-CVE-2009-2367 (cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable ...)
+CVE-2009-2367
 	NOT-FOR-US: Iomega StorCenter Pro
-CVE-2009-2366 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
+CVE-2009-2366
 	NOT-FOR-US: DataCheck Solutions ForumPal FE
-CVE-2009-2365 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
+CVE-2009-2365
 	NOT-FOR-US: DataCheck Solutions GalleryPal FE
-CVE-2009-2364 (Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers ...)
+CVE-2009-2364
 	NOT-FOR-US: Mp3-Nator
-CVE-2009-2363 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows ...)
+CVE-2009-2363
 	NOT-FOR-US: KUDRSOFT AudioPLUS
-CVE-2009-2362 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows ...)
+CVE-2009-2362
 	NOT-FOR-US: KUDRSOFT AudioPLUS
-CVE-2009-2361 (SQL injection vulnerability in include/class.staff.php in osTicket ...)
+CVE-2009-2361
 	NOT-FOR-US: osTicket
-CVE-2009-2359 (Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow ...)
+CVE-2009-2359
 	NOT-FOR-US: TekRADIUS
-CVE-2009-2358 (TekRADIUS 3.0 uses BUILTIN\Users:R permissions for the TekRADIUS.ini ...)
+CVE-2009-2358
 	NOT-FOR-US: TekRADIUS
-CVE-2009-2357 (The default configuration of TekRADIUS 3.0 uses the sa account to ...)
+CVE-2009-2357
 	NOT-FOR-US: TekRADIUS
-CVE-2009-2356 (Multiple stack-based buffer overflows in the pgsqlQuery function in ...)
+CVE-2009-2356
 	NOT-FOR-US: NullLogic Groupware
-CVE-2009-2355 (The forum module in NullLogic Groupware 1.2.7 allows remote ...)
+CVE-2009-2355
 	NOT-FOR-US: NullLogic Groupware
-CVE-2009-2354 (SQL injection vulnerability in the auth_checkpass function in the ...)
+CVE-2009-2354
 	NOT-FOR-US: NullLogic Groupware
-CVE-2009-2353 (encoder.php in eAccelerator allows remote attackers to execute ...)
+CVE-2009-2353
 	- eaccelerator-src <itp> (bug #460341)
-CVE-2009-2352 (Google Chrome 1.0.154.48 and earlier does not block javascript: URIs ...)
+CVE-2009-2352
 	- chromium-browser 5.0.375.70~r48679-2
 	- webkit <not-affected> (doesn't have a 'view-source' handler)
 	NOTE: poc didn't seem to work against 5.0.375.70~r48679-2
 	NOTE: chromium security team doesn't consider this a valid security issue
 	NOTE: http://crbug.com/40086
-CVE-2009-2351 (Opera 9.52 and earlier does not block javascript: URIs in Refresh ...)
+CVE-2009-2351
 	NOT-FOR-US: Opera
-CVE-2009-2350 (Microsoft Internet Explorer 6.0.2900.2180 and earlier does not block ...)
+CVE-2009-2350
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2009-2349
 	RESERVED
-CVE-2009-2348 (Android 1.5 CRBxx allows local users to bypass the (1) ...)
+CVE-2009-2348
 	NOT-FOR-US: Android
-CVE-2009-2347 (Multiple integer overflows in inter-color spaces conversion tools in ...)
+CVE-2009-2347
 	{DSA-1835-1}
 	- tiff 3.8.2-13
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2009-2346 (The IAX2 protocol implementation in Asterisk Open Source 1.2.x before ...)
+CVE-2009-2346
 	- asterisk 1:1.6.2.0~dfsg~beta3-1 (bug #539473)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - asterisk <no-dsa> (Intrusive protocol-level vulnerabilitity, see http://downloads.asterisk.org/pub/security/IAX2-security.pdf)
-CVE-2009-2345 (Multiple SQL injection vulnerabilities in ClanSphere before 2009.0.1 ...)
+CVE-2009-2345
 	NOT-FOR-US: ClanSphere
-CVE-2009-2344 (The web-based management interfaces in Sourcefire Defense Center (DC) ...)
+CVE-2009-2344
 	NOT-FOR-US: Sourcefire
-CVE-2009-2342 (Cross-site scripting (XSS) vulnerability in admin.php (aka the login ...)
+CVE-2009-2342
 	NOT-FOR-US: CMME
-CVE-2009-2341 (SQL injection vulnerability in albumdetail.php in Opial 1.0 allows ...)
+CVE-2009-2341
 	NOT-FOR-US: Opial
-CVE-2009-2340 (SQL injection vulnerability in admin/index.php in Opial 1.0 allows ...)
+CVE-2009-2340
 	NOT-FOR-US: Opial
-CVE-2009-2339 (SQL injection vulnerability in index.php in Rentventory allows remote ...)
+CVE-2009-2339
 	NOT-FOR-US: Rentventory
-CVE-2009-2338 (Directory traversal vulnerability in includes/startmodules.inc.php in ...)
+CVE-2009-2338
 	NOT-FOR-US: FreeWebshop.org
-CVE-2009-2337 (SQL injection vulnerability in includes/module/book/index.inc.php in ...)
+CVE-2009-2337
 	NOT-FOR-US: w3b|cms
-CVE-2009-2336 (The forgotten mail interface in WordPress and WordPress MU before ...)
+CVE-2009-2336
 	- wordpress 2.8.3-1 (unimportant; bug #536724)
 	NOTE: Minor information leak
-CVE-2009-2335 (WordPress and WordPress MU before 2.8.1 exhibit different behavior for ...)
+CVE-2009-2335
 	- wordpress 2.8.3-1 (unimportant; bug #536724)
 	NOTE: Minor information leak
-CVE-2009-2334 (wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not ...)
+CVE-2009-2334
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #536724)
-CVE-2009-2333 (Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and ...)
+CVE-2009-2333
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2332 (CMS Chainuk 1.2 and earlier allows remote attackers to obtain ...)
+CVE-2009-2332
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2331 (Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and ...)
+CVE-2009-2331
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2330 (Cross-site scripting (XSS) vulnerability in admin/admin_menu.php in ...)
+CVE-2009-2330
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2329 (KerviNet Forum 1.1 and earlier allows remote attackers to obtain ...)
+CVE-2009-2329
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2328 (admin/edit_user.php in KerviNet Forum 1.1 and earlier does not require ...)
+CVE-2009-2328
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2327 (Cross-site scripting (XSS) vulnerability in add_voting.php in KerviNet ...)
+CVE-2009-2327
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2326 (Multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and ...)
+CVE-2009-2326
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2325 (Directory traversal vulnerability in index.php in Clicknet CMS 2.1 ...)
+CVE-2009-2325
 	NOT-FOR-US: Clicknet CMS
-CVE-2009-2324 (Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor ...)
+CVE-2009-2324
 	{DSA-1836-1}
 	- fckeditor 1:2.6.4.1-1 (low; bug #536051)
 	- moin 1.8.2-2
@@ -7490,27 +7490,27 @@ CVE-2009-2324 (Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor
 	[etch] - gforge <not-affected> (doesn't contain FCKeditor)
 	- egroupware <not-affected> (doesn't provide FCKeditor sample files)
 	- request-tracker3.8 <not-affected> (doesn't provide FCKeditor sample files)
-CVE-2009-2323 (The web interface on the Axesstel MV 410R redirects users back to the ...)
+CVE-2009-2323
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2322 (Cross-site scripting (XSS) vulnerability in cgi-bin/sysconf.cgi on the ...)
+CVE-2009-2322
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2321 (cgi-bin/sysconf.cgi on the Axesstel MV 410R allows remote attackers to ...)
+CVE-2009-2321
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2320 (The web interface on the Axesstel MV 410R relies on client-side ...)
+CVE-2009-2320
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2319 (The default configuration of the Wi-Fi component on the Axesstel MV ...)
+CVE-2009-2319
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2318 (The Axesstel MV 410R allows remote attackers to cause a denial of ...)
+CVE-2009-2318
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2317 (The Axesstel MV 410R has a certain default administrator password, and ...)
+CVE-2009-2317
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2316 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli ...)
+CVE-2009-2316
 	NOT-FOR-US: IBM Tivoli
 CVE-2009-2315
 	REJECTED
-CVE-2009-2314 (Race condition in the Sun Lightweight Availability Collection Tool 3.0 ...)
+CVE-2009-2314
 	NOT-FOR-US: Lightweight Availability Collection Tool
-CVE-2009-2687 (The exif_read_data function in the Exif module in PHP before 5.2.10 ...)
+CVE-2009-2687
 	{DSA-1940-1}
 	- php5 5.2.10.dfsg.1-2 (low; bug #535888)
 	- php4 <removed> (low; bug #535897)
@@ -7530,92 +7530,92 @@ CVE-2009-XXXX [mimedecode: potential dos/crash due to invalid input]
 	- mimedecode <removed> (low; bug #530430)
 	[etch] - mimedecode <no-dsa> (minor issue)
 	[lenny] - mimedecode <no-dsa> (minor issue)
-CVE-2009-2313 (Directory traversal vulnerability in index.php in Jinzora Media ...)
+CVE-2009-2313
 	NOT-FOR-US: Jinzora Media Jukebox
-CVE-2009-2312 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in ...)
+CVE-2009-2312
 	NOT-FOR-US: Secure Computing SmartFilter
-CVE-2009-2311 (SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab ...)
+CVE-2009-2311
 	NOT-FOR-US: rGallery plugin for WoltLab
-CVE-2009-2310 (SQL injection vulnerability in include/get_read.php in ...)
+CVE-2009-2310
 	NOT-FOR-US: Extensible-BioLawCom CMS
-CVE-2009-2309 (SQL injection vulnerability in index.php in Codice CMS 2 allows remote ...)
+CVE-2009-2309
 	NOT-FOR-US: Codice CMS 2
-CVE-2009-2308 (Multiple SQL injection vulnerabilities in affiliates.php in the ...)
+CVE-2009-2308
 	NOT-FOR-US: PunBB
-CVE-2009-2307 (SQL injection vulnerability in the CWGuestBook module 2.1 and earlier ...)
+CVE-2009-2307
 	NOT-FOR-US: MDPro
-CVE-2009-2306 (The ARD-9808 DVR card security camera stores sensitive information ...)
+CVE-2009-2306
 	NOT-FOR-US: ARD-9808 DVR card security camera
-CVE-2009-2305 (The ARD-9808 DVR card security camera allows remote attackers to cause ...)
+CVE-2009-2305
 	NOT-FOR-US: ARD-9808 DVR card security camera
-CVE-2009-2304 (index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote ...)
+CVE-2009-2304
 	NOT-FOR-US: Aardvark Topsites
-CVE-2009-2303 (index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote ...)
+CVE-2009-2303
 	NOT-FOR-US: Aardvark Topsites
-CVE-2009-2302 (Cross-site scripting (XSS) vulnerability in index.php in Aardvark ...)
+CVE-2009-2302
 	NOT-FOR-US: Aardvark Topsites
-CVE-2009-2301 (The radware AppWall Web Application Firewall (WAF) 1.0.2.6, with ...)
+CVE-2009-2301
 	NOT-FOR-US: AppWall Web Application Firewall
-CVE-2009-2300 (The management interface in the phion airlock Web Application Firewall ...)
+CVE-2009-2300
 	NOT-FOR-US: phion airlock Web Application Firewall
-CVE-2009-2299 (The Artofdefence Hyperguard Web Application Firewall (WAF) module ...)
+CVE-2009-2299
 	NOT-FOR-US: Artofdefence Hyperguard Web Application Firewall
-CVE-2009-2298 (Stack-based buffer overflow in rping in HP OpenView Network Node ...)
+CVE-2009-2298
 	NOT-FOR-US: HP Network Node Manager rping
-CVE-2009-2297 (Unspecified vulnerability in the udp subsystem in the kernel in Sun ...)
+CVE-2009-2297
 	NOT-FOR-US: kernel in Sun Solaris
-CVE-2009-2296 (The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris ...)
+CVE-2009-2296
 	NOT-FOR-US: kernel module in Sun Solaris
-CVE-2009-2295 (Multiple integer overflows in CamlImages 2.2 and earlier might allow ...)
+CVE-2009-2295
 	{DSA-1912-2 DSA-1832-1}
 	- camlimages 1:3.0.1-2 (low; bug #535909)
 	- advi 1.6.0-15 (low; bug #550440)
-CVE-2009-2294 (Integer overflow in the Png_datainfo_callback function in Dillo 2.1 ...)
+CVE-2009-2294
 	- dillo 3.0-1 (medium; bug #535788)
-CVE-2009-2293 (Optimum Web Design Tutorial Share 3.5.0 and earlier allows remote ...)
+CVE-2009-2293
 	NOT-FOR-US: Optimum Web Design Tutorial Share
-CVE-2009-2292 (Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 ...)
+CVE-2009-2292
 	NOT-FOR-US: Appleple a-News
-CVE-2009-2291 (Unspecified vulnerability in LoginToboggan 6.x-1.x before 6.x-1.5, a ...)
+CVE-2009-2291
 	NOT-FOR-US: LoginToboggan module for Drupal
-CVE-2009-2290 (SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) ...)
+CVE-2009-2290
 	NOT-FOR-US: Joomla!
-CVE-2009-2289 (Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade ...)
+CVE-2009-2289
 	NOT-FOR-US: Arcade Trade Script
-CVE-2009-2287 (The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel ...)
+CVE-2009-2287
 	{DSA-1846-1 DSA-1845-1}
 	- linux-2.6 2.6.30-2 (low)
 	- linux-2.6.24 <removed>
 	- kvm 88+dfsg-2 (low; bug #557737)
-CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...)
+CVE-2009-2285
 	{DSA-1835-1}
 	- tiff 3.8.2-12 (low; bug #534137)
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	NOTE: this doesn't allow code execution, only a crash.
-CVE-2009-2283 (Multiple cross-site scripting (XSS) vulnerabilities in the help jsp ...)
+CVE-2009-2283
 	NOT-FOR-US: Sun Java Web Console in Solaris
-CVE-2009-2282 (The Virtual Network Terminal Server daemon (vntsd) for Logical Domains ...)
+CVE-2009-2282
 	NOT-FOR-US: LDoms in Sun Solaris
-CVE-2009-2373 (Cross-site scripting (XSS) vulnerability in the Forum module in Drupal ...)
+CVE-2009-2373
 	{DSA-1930-1}
 	- drupal6 6.12-1.1 (low; bug #535435)
 	- drupal5 <not-affected> (Vulnerable code not present)
 	NOTE: http://drupal.org/node/507572
 	NOTE: requested CVE id
-CVE-2009-2372 (Drupal 6.x before 6.13 does not prevent users from modifying user ...)
+CVE-2009-2372
 	{DSA-1930-1}
 	- drupal6 6.12-1.1 (medium; bug #535435)
 	- drupal5 <not-affected> (Vulnerable code not present)
 	NOTE: http://drupal.org/node/507572
 	NOTE: marked as medium as this might lead to code execution if the php filter is enabled
 	NOTE: requested CVE id
-CVE-2009-2374 (Drupal 5.x before 5.19 and 6.x before 6.13 does not properly sanitize ...)
+CVE-2009-2374
 	{DSA-1930-1}
 	- drupal6 6.12-1.1 (low; bug #535435)
 	- drupal5 5.18-1.1 (low; bug #535476)
 	NOTE: http://drupal.org/node/507572
 	NOTE: requested CVE id
-CVE-2009-2284 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 ...)
+CVE-2009-2284
 	- phpmyadmin 4:3.2.0.1-1 (medium; bug #535890)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -7626,35 +7626,35 @@ CVE-2009-2279
 	RESERVED
 CVE-2009-2278
 	RESERVED
-CVE-2009-2277 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware ...)
+CVE-2009-2277
 	NOT-FOR-US: VMware
-CVE-2009-2276 (SQL injection vulnerability in voteforus.php in the Vote For Us ...)
+CVE-2009-2276
 	NOT-FOR-US: voteforus.php extension for PunBB
-CVE-2009-2275 (Directory traversal vulnerability in frontend/x3/stats/lastvisit.html ...)
+CVE-2009-2275
 	NOT-FOR-US: cPanel
-CVE-2009-2274 (The Huawei D100 allows remote attackers to obtain sensitive ...)
+CVE-2009-2274
 	NOT-FOR-US: Huawei D100
-CVE-2009-2273 (The default configuration of the Wi-Fi component on the Huawei D100 ...)
+CVE-2009-2273
 	NOT-FOR-US: Huawei D100
-CVE-2009-2272 (The Huawei D100 stores the administrator's account name and password ...)
+CVE-2009-2272
 	NOT-FOR-US: Huawei D100
-CVE-2009-2271 (The Huawei D100 has (1) a certain default administrator password for ...)
+CVE-2009-2271
 	NOT-FOR-US: Huawei D100
-CVE-2009-2270 (Unrestricted file upload vulnerability in member/uploads_edit.php in ...)
+CVE-2009-2270
 	NOT-FOR-US: dedecms
-CVE-2009-2269 (SQL injection vulnerability in Empire CMS 5.1 allows remote attackers ...)
+CVE-2009-2269
 	NOT-FOR-US: Empire CMS
-CVE-2009-2268 (Cross-site scripting (XSS) vulnerability in the Cross-Domain ...)
+CVE-2009-2268
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-2267 (VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player ...)
+CVE-2009-2267
 	- vmware-package <removed>
-CVE-2009-2266 (OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote ...)
+CVE-2009-2266
 	NOT-FOR-US: OXID eShop
-CVE-2009-2281 (Multiple heap-based buffer underflows in the readPostBody function in ...)
+CVE-2009-2281
 	{DSA-1914-1}
 	- mapserver 5.4.2-1 (medium; bug #535340)
 	NOTE: http://www.openwall.com/lists/oss-security/2009/06/22/2
-CVE-2009-2265 (Multiple directory traversal vulnerabilities in FCKeditor before ...)
+CVE-2009-2265
 	{DSA-1836-1}
 	- fckeditor 1:2.6.4.1-1 (medium; bug #536051)
 	NOTE: http://dev.fckeditor.net/changeset/3815/FCKeditor/trunk/editor/filemanager
@@ -7674,27 +7674,27 @@ CVE-2009-2265 (Multiple directory traversal vulnerabilities in FCKeditor before
 	NOTE: knowledgeroot from 0.9.8.5-3 uses systemwide copy of fckeditor
 CVE-2009-2264
 	RESERVED
-CVE-2009-2263 (Directory traversal vulnerability in index.php in Awesome PHP Mega ...)
+CVE-2009-2263
 	NOT-FOR-US: Mega File Manager
-CVE-2009-2262 (PHP remote file inclusion vulnerability in install/di.php in ...)
+CVE-2009-2262
 	NOT-FOR-US: AjaxPortal
-CVE-2009-2261 (PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted ...)
+CVE-2009-2261
 	NOT-FOR-US: PeaZIP
-CVE-2009-2260 (stardict 3.0.1, when Enable Net Dict is configured, sends the contents ...)
+CVE-2009-2260
 	- stardict 3.0.1-5 (low; bug #534731)
 	[etch] - stardict <not-affected> (netdict plugin not yet present)
 	[lenny] - stardict 3.0.1-4+lenny1
 CVE-2009-2259
 	REJECTED
-CVE-2009-2258 (Directory traversal vulnerability in cgi-bin/webcm in the ...)
+CVE-2009-2258
 	NOT-FOR-US: Netgear DG632
-CVE-2009-2257 (The administrative web interface on the Netgear DG632 with firmware ...)
+CVE-2009-2257
 	NOT-FOR-US: Netgear DG632
-CVE-2009-2256 (The administrative web interface on the Netgear DG632 with firmware ...)
+CVE-2009-2256
 	NOT-FOR-US: Netgear DG632
-CVE-2009-2255 (Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative ...)
+CVE-2009-2255
 	NOT-FOR-US: Zen Cart
-CVE-2009-2254 (Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative ...)
+CVE-2009-2254
 	NOT-FOR-US: Zen Cart
 CVE-2009-2253
 	RESERVED
@@ -7716,27 +7716,27 @@ CVE-2009-2245
 	RESERVED
 CVE-2009-2244
 	RESERVED
-CVE-2009-2243 (SQL injection vulnerability in active_appointments.asp in ASP Inline ...)
+CVE-2009-2243
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2009-2242 (SQL injection vulnerability in active_appointments.asp in ASP Inline ...)
+CVE-2009-2242
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2009-2241 (Cross-site scripting (XSS) vulnerability in search.asp in ASP Inline ...)
+CVE-2009-2241
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2009-2240 (Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka ...)
+CVE-2009-2240
 	NOT-FOR-US: Web Conference Room Free
-CVE-2009-2239 (SQL injection vulnerability in the (1) casinobase (com_casinobase), ...)
+CVE-2009-2239
 	NOT-FOR-US: Joomla! components
-CVE-2009-2238 (Unrestricted file upload vulnerability in ...)
+CVE-2009-2238
 	NOT-FOR-US: DMXReady Registration Manager
-CVE-2009-2237 (Unspecified vulnerability in Views Bulk Operations 5.x-1.x before ...)
+CVE-2009-2237
 	NOT-FOR-US: contributed Views Bulk Operations module for Drupal
-CVE-2009-2236 (SQL injection vulnerability in yad-admin/login.php in Your Article ...)
+CVE-2009-2236
 	NOT-FOR-US: Your Articles Directory
-CVE-2009-2235 (SQL injection vulnerability in page.php in Your Articles Directory ...)
+CVE-2009-2235
 	NOT-FOR-US: Your Articles Directory
-CVE-2009-2234 (Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call ...)
+CVE-2009-2234
 	NOT-FOR-US: VICIDIAL Call Center Suite
-CVE-2009-2210 (Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow ...)
+CVE-2009-2210
 	{DSA-1830-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -7747,7 +7747,7 @@ CVE-2009-2210 (Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 a
 	- kompozer <not-affected> (mail suite not compiled)
 	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-33.html
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495057
-CVE-2009-2343 (Cross-site scripting (XSS) vulnerability in people.php in Zoph before ...)
+CVE-2009-2343
 	- zoph 0.7.5-1 (low; bug #535188)
 	[lenny] - zoph <no-dsa> (Minor issue, fringe package)
 	NOTE: http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
@@ -7756,99 +7756,99 @@ CVE-2009-XXXX [udev: creates aacraid devices that are rw by group floppy]
 	- udev 0.141-1 (low; bug #530245; bug #462655; bug #404927)
 	[lenny] - udev <no-dsa> (Minor issue)
 	[etch] - udev <no-dsa> (minor issue)
-CVE-2009-2288 (statuswml.cgi in Nagios before 3.1.1 allows remote attackers to ...)
+CVE-2009-2288
 	{DSA-1825-1}
 	- nagios3 3.0.6-5
 	- nagios2 <removed>
 	NOTE: http://secunia.com/advisories/35543
-CVE-2009-2286 (Buffer overflow in compface 1.5.2 and earlier allows user-assisted ...)
+CVE-2009-2286
 	- libcompface 1:1.5.2-5 (unimportant; bug #534973)
-CVE-2009-2233 (The admin interface in AWScripts.com Gallery Search Engine 1.5 allows ...)
+CVE-2009-2233
 	NOT-FOR-US: AWScripts.com Gallery Search Engine
-CVE-2009-2232 (SQL injection vulnerability in image.php in Softbiz Banner Ad ...)
+CVE-2009-2232
 	NOT-FOR-US: Softbiz Banner Ad Management Script
-CVE-2009-2231 (MIDAS 1.43 allows remote attackers to bypass authentication and obtain ...)
+CVE-2009-2231
 	NOT-FOR-US: MIDAS
-CVE-2009-2230 (SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka ...)
+CVE-2009-2230
 	NOT-FOR-US: MyBB
-CVE-2009-2229 (Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 ...)
+CVE-2009-2229
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-2228 (Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS ...)
+CVE-2009-2228
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-2227 (Stack-based buffer overflow in B Labs Bopup Communication Server ...)
+CVE-2009-2227
 	NOT-FOR-US: Bopup Communication Server
-CVE-2009-2226 (Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS ...)
+CVE-2009-2226
 	NOT-FOR-US: Let's PHP! Tree BBS
-CVE-2009-2225 (Stack-based buffer overflow in SureThing CD/DVD Labeler 5.1.616 trial ...)
+CVE-2009-2225
 	NOT-FOR-US: SureThing CD/DVD Labeler
-CVE-2009-2224 (Directory traversal vulnerability in ang/shared/flags.php in AN ...)
+CVE-2009-2224
 	NOT-FOR-US: AN Guestbook
-CVE-2009-2223 (Directory traversal vulnerability in locms/smarty.php in LightOpenCMS ...)
+CVE-2009-2223
 	NOT-FOR-US: LightOpenCMS
-CVE-2009-2222 (Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier ...)
+CVE-2009-2222
 	NOT-FOR-US: PHP-I-BOARD
-CVE-2009-2221 (Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and ...)
+CVE-2009-2221
 	NOT-FOR-US: PHP-I-BOARD
-CVE-2009-2220 (Multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c, ...)
+CVE-2009-2220
 	NOT-FOR-US: Tribiq CMS
-CVE-2009-2219 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-2219
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2218 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2009-2218
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2217 (Cross-site scripting (XSS) vulnerability in NBBC before 1.4.2 allows ...)
+CVE-2009-2217
 	NOT-FOR-US: NBBC
-CVE-2009-2216 (Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in ...)
+CVE-2009-2216
 	NOT-FOR-US: DirectAdmin
-CVE-2009-2215 (Multiple cross-site scripting (XSS) vulnerabilities in URD before ...)
+CVE-2009-2215
 	NOT-FOR-US: URD
-CVE-2009-2214 (The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier ...)
+CVE-2009-2214
 	NOT-FOR-US: Citrix Secure Gateway
-CVE-2009-2213 (The default configuration of the Security global settings on the ...)
+CVE-2009-2213
 	NOT-FOR-US: Citrix NetScaler Access Gateway
-CVE-2009-2212 (The CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and ...)
+CVE-2009-2212
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2009-2211 (Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM ...)
+CVE-2009-2211
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2009-2209 (SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 ...)
+CVE-2009-2209
 	NOT-FOR-US: RS-CMS
-CVE-2009-2208 (FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the ...)
+CVE-2009-2208
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.2-2
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
 	NOTE: http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
-CVE-2009-2207 (The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone ...)
+CVE-2009-2207
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2206 (Multiple heap-based buffer overflows in the AudioCodecs library in the ...)
+CVE-2009-2206
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2205 (Stack-based buffer overflow in the Java Web Start command launcher in ...)
+CVE-2009-2205
 	NOT-FOR-US: Mac OS X
-CVE-2009-2204 (Unspecified vulnerability in the CoreTelephony component in Apple ...)
+CVE-2009-2204
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2203 (Buffer overflow in Apple QuickTime before 7.6.4 allows remote ...)
+CVE-2009-2203
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2202 (Apple QuickTime before 7.6.4 allows remote attackers to execute ...)
+CVE-2009-2202
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2201 (The screensharing feature in the Admin application in Apple Xsan ...)
+CVE-2009-2201
 	NOT-FOR-US: Admin application in Apple Xsan
-CVE-2009-2200 (WebKit in Apple Safari before 4.0.3 does not properly restrict the URL ...)
+CVE-2009-2200
 	- kdelibs <not-affected>
 	- webkit <not-affected> (gtk-based frame loader not affected)
 	- qt4-x11 <not-affected>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=517273
 	NOTE: http://trac.webkit.org/changeset/44905
 	NOTE: http://trac.webkit.org/changeset/44909
-CVE-2009-2199 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...)
+CVE-2009-2199
 	- kdelibs <not-affected>
 	- webkit <not-affected> (problem with look-alike character rendering with mac-specific fonts)
 	- qt4-x11 <not-affected>
-CVE-2009-2198 (Apple GarageBand before 5.1 reconfigures Safari to accept all cookies ...)
+CVE-2009-2198
 	NOT-FOR-US: Apple GarageBand
-CVE-2009-2197 (Apple Safari before 9.1 allows remote attackers to spoof the user ...)
+CVE-2009-2197
 	NOT-FOR-US: Apple Safari
-CVE-2009-2196 (Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote ...)
+CVE-2009-2196
 	NOT-FOR-US: Apple Safari
-CVE-2009-2195 (Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote ...)
+CVE-2009-2195
 	- webkit 1.1.12-1 (medium)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -7856,192 +7856,192 @@ CVE-2009-2195 (Buffer overflow in WebKit in Apple Safari before 4.0.3 allows rem
 	- qt4-x11 <not-affected>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=517273
 	NOTE: http://trac.webkit.org/changeset/45696
-CVE-2009-2194 (Apple Mac OS X 10.5 before 10.5.8 does not properly share file ...)
+CVE-2009-2194
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2193 (Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 ...)
+CVE-2009-2193
 	NOT-FOR-US: kernel in Apple Mac OS X
-CVE-2009-2192 (MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete ...)
+CVE-2009-2192
 	NOT-FOR-US: MobileMe in Apple Mac OS X
-CVE-2009-2191 (Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 ...)
+CVE-2009-2191
 	NOT-FOR-US: Login Window in Apple Mac OS X
-CVE-2009-2190 (launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers ...)
+CVE-2009-2190
 	NOT-FOR-US: launchd in Apple Mac OS X
-CVE-2009-2189 (The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme ...)
+CVE-2009-2189
 	NOT-FOR-US: Apple
-CVE-2009-2188 (Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and ...)
+CVE-2009-2188
 	NOT-FOR-US: ImageIO in Apple Mac OS X
-CVE-2009-2187 (Multiple memory leaks in the (1) IP and (2) IPv6 multicast ...)
+CVE-2009-2187
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2186 (Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 ...)
+CVE-2009-2186
 	NOT-FOR-US: Adobe Shockwave Playe
-CVE-2009-2185 (The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, ...)
+CVE-2009-2185
 	{DSA-1899-1 DSA-1898-1}
 	- strongswan 4.2.14-1.2 (bug #533837)
 	- openswan 1:2.6.22+dfsg-1
-CVE-2009-2184 (Absolute path traversal vulnerability in forcedownload.php in Gravy ...)
+CVE-2009-2184
 	NOT-FOR-US: Gravy Media Photo
-CVE-2009-2183 (Directory traversal vulnerability in admin-files/ad.php in Campsite ...)
+CVE-2009-2183
 	NOT-FOR-US: Campsite
-CVE-2009-2182 (Multiple PHP remote file inclusion vulnerabilities in Campsite 3.3.0 ...)
+CVE-2009-2182
 	NOT-FOR-US: Campsite
-CVE-2009-2181 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-2181
 	NOT-FOR-US: Campsite
-CVE-2009-2180 (Multiple directory traversal vulnerabilities in upfiles/index.php in ...)
+CVE-2009-2180
 	NOT-FOR-US: Pc4 Uploader
-CVE-2009-2179 (SQL injection vulnerability in search.php in phpDatingClub 3.7 allows ...)
+CVE-2009-2179
 	NOT-FOR-US: phpDatingClub
-CVE-2009-2178 (Cross-site scripting (XSS) vulnerability in website.php in ...)
+CVE-2009-2178
 	NOT-FOR-US: phpDatingClub
-CVE-2009-2177 (code/display.php in fuzzylime (cms) 3.03a and earlier, when ...)
+CVE-2009-2177
 	NOT-FOR-US: fuzzylime
-CVE-2009-2176 (Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a ...)
+CVE-2009-2176
 	NOT-FOR-US: fuzzylime
-CVE-2009-2175 (Stack-based buffer overflow in the flattenIncrementally function in ...)
+CVE-2009-2175
 	- gnome-xcf-thumbnailer 1.0-1.1 (low; bug #601735)
 	[lenny] - gnome-xcf-thumbnailer <no-dsa> (Minor issue)
 	- xcftools 1.0.7-1 (low; bug #533361)
 	[etch] - xcftools 1.0.4-1+etch1
 	[lenny] - xcftools 1.0.4-1+lenny1
-CVE-2009-2174 (GUPnP 0.12.7 allows remote attackers to cause a denial of service ...)
+CVE-2009-2174
 	- gupnp 0.12.6-3.1 (low; bug #534594)
 	[etch] - gupnp <no-dsa> (Minor issue)
 	[lenny] - gupnp <no-dsa> (Minor issue)
-CVE-2009-2173 (The LAN game feature in Carom3D 5.06 allows remote authenticated users ...)
+CVE-2009-2173
 	NOT-FOR-US: Carom3D
-CVE-2009-2172 (Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in ...)
+CVE-2009-2172
 	NOT-FOR-US: Radio and TV Player addon for vBulletin
-CVE-2009-2169 (Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX ...)
+CVE-2009-2169
 	NOT-FOR-US: Edraw PDF Viewer
-CVE-2009-2168 (cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier sends a ...)
+CVE-2009-2168
 	NOT-FOR-US: EgyPlus 7ammel (aka 7ml)
-CVE-2009-2167 (Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus ...)
+CVE-2009-2167
 	NOT-FOR-US: EgyPlus 7ammel (aka 7ml)
-CVE-2009-2166 (Absolute path traversal vulnerability in cvs.php in OCS Inventory NG ...)
+CVE-2009-2166
 	- ocsinventory-server 1.02.1-1 (unimportant; bug #531735)
 	NOTE: README.Debian states Important: access to the reports server should be restricted
-CVE-2009-2165 (SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and ...)
+CVE-2009-2165
 	NOT-FOR-US: SerendipityNZ (aka SimpleBoxes) Serene Bach
-CVE-2009-2164 (Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, ...)
+CVE-2009-2164
 	NOT-FOR-US: kjtechforce
-CVE-2009-2163 (Cross-site scripting (XSS) vulnerability in login/default.aspx in ...)
+CVE-2009-2163
 	NOT-FOR-US: Sitecore CMS
-CVE-2009-2162 (Cross-site scripting (XSS) vulnerability in the XOOPS MANIAC ...)
+CVE-2009-2162
 	NOT-FOR-US: XOOPS MANIAC PukiWikiMod module
-CVE-2009-2161 (Directory traversal vulnerability in backend/admin-functions.php in ...)
+CVE-2009-2161
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2160 (TorrentTrader Classic 1.09 allows remote attackers to (1) obtain ...)
+CVE-2009-2160
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2159 (backup-database.php in TorrentTrader Classic 1.09 does not require ...)
+CVE-2009-2159
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2158 (account-recover.php in TorrentTrader Classic 1.09 chooses random ...)
+CVE-2009-2158
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2157 (Multiple SQL injection vulnerabilities in TorrentTrader Classic 1.09 ...)
+CVE-2009-2157
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2156 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentTrader ...)
+CVE-2009-2156
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2155 (Cross-site scripting (XSS) vulnerability in report/ReportViewAction.do ...)
+CVE-2009-2155
 	NOT-FOR-US: WebNMS
-CVE-2009-2154 (SQL injection vulnerability in admin/login.php in Impleo Music ...)
+CVE-2009-2154
 	NOT-FOR-US: Impleo Music Collection
-CVE-2009-2153 (Cross-site scripting (XSS) vulnerability in index.php in Impleo Music ...)
+CVE-2009-2153
 	NOT-FOR-US: Impleo Music Collection
-CVE-2009-2152 (SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows ...)
+CVE-2009-2152
 	NOT-FOR-US: AdaptWeb
-CVE-2009-2151 (Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 ...)
+CVE-2009-2151
 	NOT-FOR-US: AdaptWeb
-CVE-2009-2150 (Multiple cross-site request forgery (CSRF) vulnerabilities in Campus ...)
+CVE-2009-2150
 	NOT-FOR-US: Campus Virtual-LMS
-CVE-2009-2149 (Multiple cross-site scripting (XSS) vulnerabilities in Campus ...)
+CVE-2009-2149
 	NOT-FOR-US: Campus Virtual-LMS
-CVE-2009-2148 (SQL injection vulnerability in news/index.php in Campus Virtual-LMS ...)
+CVE-2009-2148
 	NOT-FOR-US: Campus Virtual-LMS
-CVE-2009-2147 (SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and ...)
+CVE-2009-2147
 	NOT-FOR-US: phpWebThings
-CVE-2009-2146 (Unrestricted file upload vulnerability in the Compose Email feature in ...)
+CVE-2009-2146
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2009-2145 (Multiple cross-site scripting (XSS) vulnerabilities in transLucid 1.75 ...)
+CVE-2009-2145
 	NOT-FOR-US: transLucid
-CVE-2009-2144 (SQL injection vulnerability in the FireStats plugin before ...)
+CVE-2009-2144
 	NOT-FOR-US: FireStats plugin for WordPress
-CVE-2009-2143 (PHP remote file inclusion vulnerability in firestats-wordpress.php in ...)
+CVE-2009-2143
 	NOT-FOR-US: FireStats plugin for WordPress
-CVE-2009-2142 (Multiple SQL injection vulnerabilities in admin/index.asp in Zip Store ...)
+CVE-2009-2142
 	NOT-FOR-US: Zip Store Chat
-CVE-2009-2141 (Multiple cross-site scripting (XSS) vulnerabilities in TBDev.NET ...)
+CVE-2009-2141
 	NOT-FOR-US: TBDev.NET
-CVE-2009-2140 (Multiple heap-based buffer overflows in ...)
+CVE-2009-2140
 	- openoffice.org <not-affected> (bug introduced by a patch not applied to the deb)
-CVE-2009-2139 (Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx ...)
+CVE-2009-2139
 	{DSA-1880-1}
 	- openoffice.org 1:3.1.1~ooo310m15-1
-CVE-2009-2138 (Multiple open redirect vulnerabilities in TBDev.NET 01-01-08 allow ...)
+CVE-2009-2138
 	NOT-FOR-US: TBDev.NET
-CVE-2009-2137 (Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka ...)
+CVE-2009-2137
 	NOT-FOR-US: Ultra-SPARC T2 crypto provider device driver in Sun Solaris 10
-CVE-2009-2136 (Unspecified vulnerability in the TCP/IP networking stack in Sun ...)
+CVE-2009-2136
 	NOT-FOR-US: Sun Solaris 10
-CVE-2009-2135 (Multiple race conditions in the Solaris Event Port API in Sun Solaris ...)
+CVE-2009-2135
 	NOT-FOR-US: Sun Solaris 10
-CVE-2009-2134 (pivot/tb.php in Pivot 1.40.4 and 1.40.7 allows remote attackers to ...)
+CVE-2009-2134
 	NOT-FOR-US: Pivot
-CVE-2009-2133 (Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.40.4 ...)
+CVE-2009-2133
 	NOT-FOR-US: Pivot
-CVE-2009-2132 (Directory traversal vulnerability in global.php in 4images before ...)
+CVE-2009-2132
 	NOT-FOR-US: 4images
-CVE-2009-2131 (Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and earlier ...)
+CVE-2009-2131
 	NOT-FOR-US: 4images
-CVE-2009-2130 (Elvin 1.2.0 allows remote attackers to read the PHP source code of (1) ...)
+CVE-2009-2130
 	NOT-FOR-US: Elvin
-CVE-2009-2129 (Cross-site request forgery (CSRF) vulnerability in login.php in Elvin ...)
+CVE-2009-2129
 	NOT-FOR-US: Elvin
-CVE-2009-2128 (SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 ...)
+CVE-2009-2128
 	NOT-FOR-US: Elvin
-CVE-2009-2127 (Cross-site scripting (XSS) vulnerability in show_activity.php in Elvin ...)
+CVE-2009-2127
 	NOT-FOR-US: Elvin
-CVE-2009-2126 (Cross-site scripting (XSS) vulnerability in close_bug.php in Elvin ...)
+CVE-2009-2126
 	NOT-FOR-US: Elvin
-CVE-2009-2125 (delete_bug.php in Elvin before 1.2.1 does not require administrative ...)
+CVE-2009-2125
 	NOT-FOR-US: Elvin
-CVE-2009-2124 (Directory traversal vulnerability in page.php in Elvin 1.2.0 allows ...)
+CVE-2009-2124
 	NOT-FOR-US: Elvin
-CVE-2009-2123 (Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote ...)
+CVE-2009-2123
 	NOT-FOR-US: Elvin
-CVE-2009-2122 (SQL injection vulnerability in viewimg.php in the Paolo Palmonari ...)
+CVE-2009-2122
 	NOT-FOR-US: Photoracer plugin for WordPress
-CVE-2009-2121 (Buffer overflow in the browser kernel in Google Chrome before ...)
+CVE-2009-2121
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2170 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 ...)
+CVE-2009-2170
 	{DSA-1822-1}
 	- mahara 1.1.5-1 (low)
-CVE-2009-2171 (Mahara 1.1 before 1.1.5 does not apply permission checks when saving a ...)
+CVE-2009-2171
 	- mahara 1.1.5-1 (low)
 	[lenny] - mahara <not-affected> (vulnerable code introduced in 1.1)
-CVE-2009-2120 (Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow ...)
+CVE-2009-2120
 	NOT-FOR-US: TekBase
-CVE-2009-2119 (Cross-site scripting (XSS) vulnerability in the login interface ...)
+CVE-2009-2119
 	NOT-FOR-US: FirePass
-CVE-2009-2118 (Integer overflow in IrfanView 4.23, when the resampling or screen ...)
+CVE-2009-2118
 	NOT-FOR-US: IrfanView
-CVE-2009-2117 (uye_paneli.php in phPortal 1.0 allows remote attackers to bypass ...)
+CVE-2009-2117
 	NOT-FOR-US: phPortal
-CVE-2009-2116 (Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 ...)
+CVE-2009-2116
 	NOT-FOR-US: SkyBlueCanvas
-CVE-2009-2115 (admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated ...)
+CVE-2009-2115
 	NOT-FOR-US: SkyBlueCanvas
-CVE-2009-2114 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...)
+CVE-2009-2114
 	NOT-FOR-US: SkyBlueCanvas
-CVE-2009-2113 (Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote ...)
+CVE-2009-2113
 	NOT-FOR-US: FretsWeb
-CVE-2009-2112 (Directory traversal vulnerability in include/page_bottom.php in phpFK ...)
+CVE-2009-2112
 	NOT-FOR-US: phpFK
-CVE-2009-2111 (Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 ...)
+CVE-2009-2111
 	NOT-FOR-US: DB Top Site
-CVE-2009-2110 (Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when ...)
+CVE-2009-2110
 	NOT-FOR-US: DB Top Sites 1.0
-CVE-2009-2109 (Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow ...)
+CVE-2009-2109
 	NOT-FOR-US: FretsWeb
-CVE-2009-2108 (git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to ...)
+CVE-2009-2108
 	{DSA-1841-2 DSA-1841-1}
 	- git-core 1:1.6.3.3-1 (medium; bug #532935)
 	NOTE: http://git.kernel.org/?p=git/git.git;a=commitdiff;h=73bb33a9
@@ -8058,7 +8058,7 @@ CVE-2009-XXXX ["slowloris" denial-of-service vulnerabilty in webservers]
 	- squid3 <not-affected>
 	NOTE: http://www.squid-cache.org/bugs/show_bug.cgi?id=2694
 	- lighttpd <not-affected>
-CVE-2009-2107 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-2107
 	NOT-FOR-US: Webmedia Explorer
 CVE-2009-XXXX [ShowConfigTab unintentionally grants rights intended for SuperUsers]
 	- request-tracker3.6 3.6.8-1 (low; bug #532990)
@@ -8066,73 +8066,73 @@ CVE-2009-XXXX [ShowConfigTab unintentionally grants rights intended for SuperUse
 	[etch] - request-tracker3.6 <not-affected> (flaw introduced in 3.6.2)
 	- request-tracker3.4 <not-affected> (flaw introduced in 3.6.2; bug #534498)
 	- request-tracker3.8 3.8.4-1
-CVE-2009-2106 (SQL injection vulnerability in the Virtual Civil Services (civserv) ...)
+CVE-2009-2106
 	NOT-FOR-US: Virtual Civil Services extension for TYPO3
-CVE-2009-2105 (SQL injection vulnerability in the References database (t3references) ...)
+CVE-2009-2105
 	NOT-FOR-US: References database extension for TYPO3
-CVE-2009-2104 (Cross-site scripting (XSS) vulnerability in the Modern Guestbook / ...)
+CVE-2009-2104
 	NOT-FOR-US: Modern Guestbook extension for TYPO3
-CVE-2009-2103 (SQL injection vulnerability in the Frontend MP3 Player (fe_mp3player) ...)
+CVE-2009-2103
 	NOT-FOR-US: Frontend MP3 Player extension for TYPO3
-CVE-2009-2102 (SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and ...)
+CVE-2009-2102
 	NOT-FOR-US: Jumi component for Joomla
-CVE-2009-2101 (Directory traversal vulnerability in archive.php in TorrentVolve 1.4, ...)
+CVE-2009-2101
 	NOT-FOR-US: TorrentVolve
-CVE-2009-2100 (Directory traversal vulnerability in the JoomlaPraise Projectfork ...)
+CVE-2009-2100
 	NOT-FOR-US: JoomlaPraise component for Joomla
-CVE-2009-2099 (SQL injection vulnerability in the iJoomla RSS Feeder ...)
+CVE-2009-2099
 	NOT-FOR-US: iJoomla RSS Feeder component for Joomla
-CVE-2009-2098 (SQL injection vulnerability in topicler.php in phPortal 1.0 allows ...)
+CVE-2009-2098
 	NOT-FOR-US: phPortal
-CVE-2009-2097 (SQL injection vulnerability in ...)
+CVE-2009-2097
 	NOT-FOR-US: Zoki Catalog
-CVE-2009-2096 (SQL injection vulnerability in house/listing_view.php in ...)
+CVE-2009-2096
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2095 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-2095
 	NOT-FOR-US: Mundi Mail
-CVE-2009-2094 (Unspecified vulnerability in IBM WebSphere Commerce 6.0 Enterprise ...)
+CVE-2009-2094
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2009-2093 (SQL injection vulnerability in the console in IBM WebSphere Partner ...)
+CVE-2009-2093
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2092 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not ...)
+CVE-2009-2092
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2091 (The System Management/Repository component in IBM WebSphere ...)
+CVE-2009-2091
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2090 (Unspecified vulnerability in wsadmin in the System ...)
+CVE-2009-2090
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2089 (The Migration component in IBM WebSphere Application Server (WAS) 6.1 ...)
+CVE-2009-2089
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2088 (The Servlet Engine/Web Container component in IBM WebSphere ...)
+CVE-2009-2088
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2087 (The Web Services functionality in IBM WebSphere Application Server ...)
+CVE-2009-2087
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-2086
 	REJECTED
-CVE-2009-2085 (The Security component in IBM WebSphere Application Server (WAS) 6.1 ...)
+CVE-2009-2085
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2084 (Simple Linux Utility for Resource Management (SLURM) 1.2 and 1.3 ...)
+CVE-2009-2084
 	{DSA-1776-1}
 	- slurm-llnl 1.3.15-1 (bug #524980)
 	[lenny] - slurm-llnl 1.3.6-1lenny3
-CVE-2009-2083 (Cross-site scripting (XSS) vulnerability in the term data detail page ...)
+CVE-2009-2083
 	NOT-FOR-US: Taxonomy
-CVE-2009-2082 (SQL injection vulnerability in insidepage.php in Creative Web ...)
+CVE-2009-2082
 	NOT-FOR-US: Creative Web Solutions Multi-Level CMS
-CVE-2009-2081 (Directory traversal vulnerability in help.php in phpWebThings 1.5.2 ...)
+CVE-2009-2081
 	NOT-FOR-US: phpWebThings
-CVE-2009-2080 (admin.php in MRCGIGUY The Ticket System 2.0 does not properly restrict ...)
+CVE-2009-2080
 	NOT-FOR-US: MRCGIGUY
-CVE-2009-2079 (Cross-site scripting (XSS) vulnerability in the administrative page ...)
+CVE-2009-2079
 	NOT-FOR-US: Taxonomy
-CVE-2009-2078 (Multiple cross-site scripting (XSS) vulnerabilities in Booktree 5.x ...)
+CVE-2009-2078
 	NOT-FOR-US: Booktree module for drupal
-CVE-2009-2077 (Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote ...)
+CVE-2009-2077
 	- drupal6-mod-views <not-affected> (Fixed before initial upload)
-CVE-2009-2076 (Cross-site scripting (XSS) vulnerability in Views 6.x before 6.x-2.6, ...)
+CVE-2009-2076
 	- drupal6-mod-views <not-affected> (Fixed before initial upload)
-CVE-2009-2075 (Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for ...)
+CVE-2009-2075
 	NOT-FOR-US: Nodequeue module for Drupal
-CVE-2009-2074 (Cross-site scripting (XSS) vulnerability in Nodequeue 5.x before ...)
+CVE-2009-2074
 	NOT-FOR-US: Nodequeue module for Drupal
 CVE-2009-XXXX [backuppc: web frontend installed insecurely by default]
 	- backuppc 3.1.0-6
@@ -8142,240 +8142,240 @@ CVE-2009-XXXX [clamav scanner bypass with archives]
 	[lenny] - clamav <no-dsa> (Inherent to the concept of malware concept)
 	[etch] - clamav <no-dsa> (Support was discontinued)
 	NOTE: http://blog.zoller.lu/2009/05/advisory-clamav-generic-bypass.html
-CVE-2009-2073 (Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N ...)
+CVE-2009-2073
 	NOT-FOR-US: Linksys
-CVE-2009-2072 (Apple Safari does not require a cached certificate before displaying a ...)
+CVE-2009-2072
 	NOT-FOR-US: Apple Safari
-CVE-2009-2071 (Google Chrome before 1.0.154.53 displays a cached certificate for a ...)
+CVE-2009-2071
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2070 (Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT ...)
+CVE-2009-2070
 	NOT-FOR-US: Opera
-CVE-2009-2069 (Microsoft Internet Explorer before 8 displays a cached certificate for ...)
+CVE-2009-2069
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2068 (Google Chrome detects http content in https web pages only when the ...)
+CVE-2009-2068
 	- chromium-browser 5.0.342.9~r43360-1
-CVE-2009-2067 (Opera detects http content in https web pages only when the top-level ...)
+CVE-2009-2067
 	NOT-FOR-US: Opera
-CVE-2009-2066 (Apple Safari detects http content in https web pages only when the ...)
+CVE-2009-2066
 	NOT-FOR-US: Apple Safari
-CVE-2009-2065 (Mozilla Firefox 3.0.10, and possibly other versions, detects http ...)
+CVE-2009-2065
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-2064 (Microsoft Internet Explorer 8, and possibly other versions, detects ...)
+CVE-2009-2064
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2063 (Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response ...)
+CVE-2009-2063
 	NOT-FOR-US: Opera
-CVE-2009-2062 (Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response before ...)
+CVE-2009-2062
 	NOT-FOR-US: Apple Safari
-CVE-2009-2061 (Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response ...)
+CVE-2009-2061
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-2060 (src/net/http/http_transaction_winhttp.cc in Google Chrome before ...)
+CVE-2009-2060
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2059 (Opera, possibly before 9.25, uses the HTTP Host header to determine ...)
+CVE-2009-2059
 	NOT-FOR-US: Opera
-CVE-2009-2058 (Apple Safari before 3.2.2 uses the HTTP Host header to determine the ...)
+CVE-2009-2058
 	NOT-FOR-US: Apple Safari
-CVE-2009-2057 (Microsoft Internet Explorer before 8 uses the HTTP Host header to ...)
+CVE-2009-2057
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2056 (Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to ...)
+CVE-2009-2056
 	NOT-FOR-US: Cisco
-CVE-2009-2055 (Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a ...)
+CVE-2009-2055
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2054 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2009-2054
 	NOT-FOR-US: Cisco
-CVE-2009-2053 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2009-2053
 	NOT-FOR-US: Cisco
-CVE-2009-2052 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2009-2052
 	NOT-FOR-US: Cisco
-CVE-2009-2051 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x ...)
+CVE-2009-2051
 	NOT-FOR-US: Cisco
-CVE-2009-2050 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2009-2050
 	NOT-FOR-US: Cisco
-CVE-2009-2049 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through ...)
+CVE-2009-2049
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration ...)
+CVE-2009-2048
 	NOT-FOR-US: Cisco
-CVE-2009-2047 (Directory traversal vulnerability in the Administration interface in ...)
+CVE-2009-2047
 	NOT-FOR-US: Cisco
-CVE-2009-2046 (The embedded web server on the Cisco Video Surveillance 2500 Series IP ...)
+CVE-2009-2046
 	NOT-FOR-US: Cisco
-CVE-2009-2045 (The Cisco Video Surveillance Stream Manager firmware before 5.3, as ...)
+CVE-2009-2045
 	NOT-FOR-US: Cisco
-CVE-2009-2044 (Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to ...)
+CVE-2009-2044
 	- xulrunner <not-affected> (uses external cairo library)
 	- cairo 1.8.8-2 (unimportant)
 	NOTE: http://cgit.freedesktop.org/cairo/commit/?id=2cf82eaf0d08e68b787bb0792da97e73d8d4ce38
 	NOTE: Just a crasher
-CVE-2009-2043 (nsViewManager.cpp in Mozilla Firefox 3.0.2 through 3.0.10 allows ...)
+CVE-2009-2043
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced images ...)
+CVE-2009-2042
 	{DSA-2032-1}
 	- libpng 1.2.37-1 (low; bug #533676)
 	[etch] - libpng <no-dsa> (Minor issue, only exploitable in rare setups)
 	- xulrunner <not-affected> (xulrunner dynamically linked against libpng; embeded code copy not used)
-CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab ...)
+CVE-2009-2041
 	NOT-FOR-US: activeCollab
-CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict access, ...)
+CVE-2009-2040
 	NOT-FOR-US: Grestul
-CVE-2009-2039 (Unspecified vulnerability in the Luottokunta module before 1.3 for ...)
+CVE-2009-2039
 	NOT-FOR-US: Luottokunta module for osCommerce
-CVE-2009-2038 (Unspecified vulnerability in the Finnish Bank Payment module 2.2 for ...)
+CVE-2009-2038
 	NOT-FOR-US: Finnish Bank Payment module 2.2 for osCommerce
-CVE-2009-2037 (Multiple directory traversal vulnerabilities in Online Grades &amp; ...)
+CVE-2009-2037
 	NOT-FOR-US: Online Grades
-CVE-2009-2036 (SQL injection vulnerability in index.php in Open Biller 0.1 allows ...)
+CVE-2009-2036
 	NOT-FOR-US: Open Biller
-CVE-2009-2035 (Unspecified vulnerability in Services 6.x before 6.x-0.14, a module ...)
+CVE-2009-2035
 	NOT-FOR-US: Service module for Drupal
-CVE-2009-2034 (SQL injection vulnerability in writemessage.php in Yogurt 0.3, when ...)
+CVE-2009-2034
 	NOT-FOR-US: Yogurt
-CVE-2009-2033 (Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 ...)
+CVE-2009-2033
 	NOT-FOR-US: Yogurt
-CVE-2009-2032 (Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, ...)
+CVE-2009-2032
 	NOT-FOR-US: PDshopPro
-CVE-2009-2031 (smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount ...)
+CVE-2009-2031
 	NOT-FOR-US: OpenSolaris
-CVE-2009-2030 (Unspecified vulnerability in the XML Digital Signature verification ...)
+CVE-2009-2030
 	NOT-FOR-US: IBM OS/400
-CVE-2009-2029 (Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and ...)
+CVE-2009-2029
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2028 (Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 ...)
+CVE-2009-2028
 	NOT-FOR-US: Adobe
-CVE-2009-2027 (The Installer in Apple Safari before 4.0 on Windows allows local users ...)
+CVE-2009-2027
 	NOT-FOR-US: Apple Safari
-CVE-2009-2026 (Stack-based buffer overflow in a token searching function in the ...)
+CVE-2009-2026
 	NOT-FOR-US: CA Software Delivery
-CVE-2009-2025 (admin/login.php in DM FileManager 3.9.2 allows remote attackers to ...)
+CVE-2009-2025
 	NOT-FOR-US: DM FileManager
-CVE-2009-2024 (Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the ...)
+CVE-2009-2024
 	NOT-FOR-US: Vlad Titarenko ASP VT Auth
-CVE-2009-2023 (SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when ...)
+CVE-2009-2023
 	NOT-FOR-US: Shop-Script
-CVE-2009-2022 (fipsCMS Light 2.1 stores sensitive information under the web root with ...)
+CVE-2009-2022
 	NOT-FOR-US: fipsCMS
-CVE-2009-2021 (SQL injection vulnerability in search.php in Virtue Classifieds allows ...)
+CVE-2009-2021
 	NOT-FOR-US: Virtue Classifieds allows
-CVE-2009-2020 (Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue ...)
+CVE-2009-2020
 	NOT-FOR-US: News Manager
-CVE-2009-2019 (SQL injection vulnerability in news_detail.php in Virtue News Manager ...)
+CVE-2009-2019
 	NOT-FOR-US: Virtue News Manager
-CVE-2009-2018 (SQL injection vulnerability in admin/index.php in Jared Eckersley ...)
+CVE-2009-2018
 	NOT-FOR-US: Jared Eckersley MyCars
-CVE-2009-2017 (SQL injection vulnerability in products.php in Virtue Book Store ...)
+CVE-2009-2017
 	NOT-FOR-US: Virtue Book Store
-CVE-2009-2016 (SQL injection vulnerability in products.php in Virtue Shopping Mall ...)
+CVE-2009-2016
 	NOT-FOR-US: Virtue Shopping Mall
-CVE-2009-2015 (Directory traversal vulnerability in includes/file_includer.php in the ...)
+CVE-2009-2015
 	NOT-FOR-US: com_moofaq for Joomla!
-CVE-2009-2014 (SQL injection vulnerability in the ComSchool (com_school) component ...)
+CVE-2009-2014
 	NOT-FOR-US: com_school for Joomla!
-CVE-2009-2013 (SQL injection vulnerability in bin/aps_browse_sources.php in Frontis ...)
+CVE-2009-2013
 	NOT-FOR-US: Frontis
-CVE-2009-2012 (Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through ...)
+CVE-2009-2012
 	NOT-FOR-US: OpenSolaris
-CVE-2009-2011 (Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and ...)
+CVE-2009-2011
 	NOT-FOR-US: Worldweaver DX Studio Player
-CVE-2009-2010 (Multiple SQL injection vulnerabilities in Haudenschilt Family ...)
+CVE-2009-2010
 	NOT-FOR-US: Haudenschilt Family Connections CMS
-CVE-2009-2009 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, ...)
+CVE-2009-2009
 	NOT-FOR-US: Dokeos
-CVE-2009-2008 (Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly ...)
+CVE-2009-2008
 	NOT-FOR-US: Dokeos
-CVE-2009-2007 (Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and ...)
+CVE-2009-2007
 	NOT-FOR-US: Dokeos
-CVE-2009-2006 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, ...)
+CVE-2009-2006
 	NOT-FOR-US: Dokeos
-CVE-2009-2005 (Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and ...)
+CVE-2009-2005
 	NOT-FOR-US: Dokeos
-CVE-2009-2004 (Multiple SQL injection vulnerabilities in main/mySpace/myStudents.php ...)
+CVE-2009-2004
 	NOT-FOR-US: Dokeos
-CVE-2009-2003 (Ascad Networks Password Protector SD 1.3.1 allows remote attackers to ...)
+CVE-2009-2003
 	NOT-FOR-US: Ascad Networks Password Protector
-CVE-2009-2002 (Unspecified vulnerability in the WebLogic Portal component in BEA ...)
+CVE-2009-2002
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-2001 (Unspecified vulnerability in the PL/SQL component in Oracle Database ...)
+CVE-2009-2001
 	NOT-FOR-US: Oracle Database
-CVE-2009-2000 (Unspecified vulnerability in the Authentication component in Oracle ...)
+CVE-2009-2000
 	NOT-FOR-US: Oracle Database
-CVE-2009-1999 (Unspecified vulnerability in the Business Intelligence Enterprise ...)
+CVE-2009-1999
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1998 (Unspecified vulnerability in the Oracle Communications Order and ...)
+CVE-2009-1998
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2009-1997 (Unspecified vulnerability in the Authentication component in Oracle ...)
+CVE-2009-1997
 	NOT-FOR-US: Oracle Database
-CVE-2009-1996 (Unspecified vulnerability in the Logical Standby component in Oracle ...)
+CVE-2009-1996
 	NOT-FOR-US: Oracle Database
-CVE-2009-1995 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
+CVE-2009-1995
 	NOT-FOR-US: Oracle Database
-CVE-2009-1994 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2009-1994
 	NOT-FOR-US: Oracle Database
-CVE-2009-1993 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2009-1993
 	NOT-FOR-US: Oracle Database
-CVE-2009-1992 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2009-1992
 	NOT-FOR-US: Oracle Database
-CVE-2009-1991 (Unspecified vulnerability in the Oracle Text component in Oracle ...)
+CVE-2009-1991
 	NOT-FOR-US: Oracle Database
-CVE-2009-1990 (Unspecified vulnerability in the Business Intelligence Enterprise ...)
+CVE-2009-1990
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1989 (Unspecified vulnerability in the PeopleSoft Enterprise FMS component ...)
+CVE-2009-1989
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1988 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile ...)
+CVE-2009-1988
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1987 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools - ...)
+CVE-2009-1987
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1986 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2009-1986
 	NOT-FOR-US: Oracle Applications Manager
-CVE-2009-1985 (Unspecified vulnerability in the Network Authentication component in ...)
+CVE-2009-1985
 	NOT-FOR-US: Oracle Database
-CVE-2009-1984 (Unspecified vulnerability in the Application Install component in ...)
+CVE-2009-1984
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1983 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2009-1983
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1982 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2009-1982
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1981 (Unspecified vulnerability in the Highly Interactive Client component ...)
+CVE-2009-1981
 	NOT-FOR-US: Siebel Product Suite
-CVE-2009-1980 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2009-1980
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1979 (Unspecified vulnerability in the Network Authentication component in ...)
+CVE-2009-1979
 	NOT-FOR-US: Oracle Database
-CVE-2009-1978 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2009-1978
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2009-1977 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2009-1977
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2009-1976 (Unspecified vulnerability in the HTTP Server component in Oracle ...)
+CVE-2009-1976
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1975 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2009-1975
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2009-1974 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2009-1974
 	NOT-FOR-US: BEA WebLogic
-CVE-2009-1973 (Unspecified vulnerability in the Virtual Private Database component in ...)
+CVE-2009-1973
 	NOT-FOR-US: Oracle Database
-CVE-2009-1972 (Unspecified vulnerability in the Auditing component in Oracle Database ...)
+CVE-2009-1972
 	NOT-FOR-US: Oracle Database
-CVE-2009-1971 (Unspecified vulnerability in the Data Pump component in Oracle ...)
+CVE-2009-1971
 	NOT-FOR-US: Oracle Database
-CVE-2009-1970 (Unspecified vulnerability in the Listener component in Oracle Database ...)
+CVE-2009-1970
 	NOT-FOR-US: Oracle Database
-CVE-2009-1969 (Unspecified vulnerability in the Auditing component in Oracle Database ...)
+CVE-2009-1969
 	NOT-FOR-US: Oracle Database
-CVE-2009-1968 (Unspecified vulnerability in the Secure Enterprise Search component in ...)
+CVE-2009-1968
 	NOT-FOR-US: Oracle Database
-CVE-2009-1967 (Unspecified vulnerability in the Config Management component in (1) ...)
+CVE-2009-1967
 	NOT-FOR-US: Oracle Database
-CVE-2009-1966 (Unspecified vulnerability in the Config Management component in (1) ...)
+CVE-2009-1966
 	NOT-FOR-US: Oracle Database
-CVE-2009-1965 (Unspecified vulnerability in the Net Foundation Layer component in ...)
+CVE-2009-1965
 	NOT-FOR-US: Oracle Database
-CVE-2009-1964 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2009-1964
 	NOT-FOR-US: Oracle Database
-CVE-2009-1963 (Unspecified vulnerability in the Network Foundation component in ...)
+CVE-2009-1963
 	NOT-FOR-US: Oracle Database
 CVE-2009-XXXX [predictable random number generator used in web browsers]
 	- webkit 1.2 (low; bug #532514)
@@ -8393,70 +8393,70 @@ CVE-2009-XXXX [predictable random number generator used in web browsers]
 	- dillo <not-affected> (bug #532522)
 	NOTE: These issues can be fixed in more recent upstream versions, but the risk
 	NOTE: of regression doesn't outweigh the issue at hand
-CVE-2009-1961 (The inode double locking code in fs/ocfs2/file.c in the Linux kernel ...)
+CVE-2009-1961
 	{DSA-1844-1}
 	- linux-2.6 2.6.30-1 (low)
 	[etch] - linux-2.6 <not-affected> (Affected code was introduced in 2.6.19)
 	[lenny] - linux-2.6 2.6.26-16
 	- linux-2.6.24 <removed>
 	NOTE: fixed in lenny 5.0.2 release
-CVE-2009-1959 (Off-by-one error in the event_wallops function in ...)
+CVE-2009-1959
 	- irssi 0.8.13-2 (low; bug #532607; bug #531357)
 	[lenny] - irssi 0.8.12-7
 	[etch] - irssi 0.8.10-3
 	NOTE: exploitability limited, DoS rather obscure attack scenario
-CVE-2009-1956 (Off-by-one error in the apr_brigade_vprintf function in Apache ...)
+CVE-2009-1956
 	- apr-util 1.3.7+dfsg-1 (low)
 	[lenny] - apr-util 1.2.12+dfsg-8+lenny3
-CVE-2009-1955 (The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in ...)
+CVE-2009-1955
 	{DSA-1812-1}
 	- apr-util 1.3.7+dfsg-1 (medium)
-CVE-2009-1954 (Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 ...)
+CVE-2009-1954
 	NOT-FOR-US: IBM AIX
-CVE-2009-1953 (IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM ...)
+CVE-2009-1953
 	NOT-FOR-US: IBM FileNet Content Manager
-CVE-2009-1952 (Multiple SQL injection vulnerabilities in the administrative login ...)
+CVE-2009-1952
 	NOT-FOR-US: PropertyMax
-CVE-2009-1951 (Cross-site scripting (XSS) vulnerability in index.php in PropertyMax ...)
+CVE-2009-1951
 	NOT-FOR-US: PropertyMax
-CVE-2009-1950 (SQL injection vulnerability in yorum.asp in WebEyes Guest Book 3 ...)
+CVE-2009-1950
 	NOT-FOR-US: WebEyes Guest Book
-CVE-2009-1949 (import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote ...)
+CVE-2009-1949
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2009-1948 (Multiple directory traversal vulnerabilities in forum.php in ...)
+CVE-2009-1948
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2009-1947 (SQL injection vulnerability in the UnbDbEncode function in ...)
+CVE-2009-1947
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2009-1946 (PHP remote file inclusion vulnerability in latestposts.php in AdaptBB ...)
+CVE-2009-1946
 	NOT-FOR-US: AdaptBB
-CVE-2009-1945 (SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 ...)
+CVE-2009-1945
 	NOT-FOR-US: cWebCal
-CVE-2009-1944 (Stack-based buffer overflow in AIMP 2.51 build 330 allows remote ...)
+CVE-2009-1944
 	NOT-FOR-US: AIMP
-CVE-2009-1943 (Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet ...)
+CVE-2009-1943
 	NOT-FOR-US: SafeNet SoftRemote
-CVE-2009-1942 (Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, ...)
+CVE-2009-1942
 	NOT-FOR-US: Quiz module for Drupal
-CVE-2009-1941 (PAD Site Scripts 3.6 stores sensitive information under the web ...)
+CVE-2009-1941
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-1940 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
+CVE-2009-1940
 	NOT-FOR-US: Joomla!
-CVE-2009-1939 (Cross-site scripting (XSS) vulnerability in the JA_Purity template for ...)
+CVE-2009-1939
 	NOT-FOR-US: Joomla!
-CVE-2009-1938 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through ...)
+CVE-2009-1938
 	NOT-FOR-US: Joomla!
-CVE-2009-1937 (Cross-site scripting (XSS) vulnerability in the comment posting ...)
+CVE-2009-1937
 	NOT-FOR-US: LightNEasy
-CVE-2009-1936 (_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a ...)
+CVE-2009-1936
 	NOT-FOR-US: cpCommerce
-CVE-2009-1935 (Integer overflow in the pipe_build_write_buffer function ...)
+CVE-2009-1935
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.2-2
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2009-1934 (Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in ...)
+CVE-2009-1934
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2009-1933 (Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, ...)
+CVE-2009-1933
 	NOT-FOR-US: Solaris
 CVE-2009-XXXX [pgp4pine off-by-one]
 	- pgp4pine <removed> (bug #457947; medium)
@@ -8464,139 +8464,139 @@ CVE-2009-XXXX [pgp4pine off-by-one]
 	[lenny] - pgp4pine <no-dsa> (Contrib not supported)
 	NOTE: http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0122.html
 	NOTE: unlike the note states this is not just an off-by-one, classic stack-based buffer overflow
-CVE-2009-1932 (Multiple integer overflows in the (1) user_info_callback, (2) ...)
+CVE-2009-1932
 	{DSA-1839-1}
 	- gst-plugins-good0.10 0.10.15-2 (medium; bug #531631; bug #532352)
 CVE-2009-1931
 	RESERVED
-CVE-2009-1930 (The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
+CVE-2009-1930
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1929 (Heap-based buffer overflow in the Microsoft Terminal Services Client ...)
+CVE-2009-1929
 	NOT-FOR-US: ActiveX
-CVE-2009-1928 (Stack consumption vulnerability in the LDAP service in Active ...)
+CVE-2009-1928
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-1927
 	REJECTED
-CVE-2009-1926 (Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista ...)
+CVE-2009-1926
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1925 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and ...)
+CVE-2009-1925
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2009-1924 (Integer overflow in the Windows Internet Name Service (WINS) component ...)
+CVE-2009-1924
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1923 (Heap-based buffer overflow in the Windows Internet Name Service (WINS) ...)
+CVE-2009-1923
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1922 (The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, ...)
+CVE-2009-1922
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-1921
 	REJECTED
-CVE-2009-1920 (The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in ...)
+CVE-2009-1920
 	NOT-FOR-US: Microsoft
-CVE-2009-1919 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...)
+CVE-2009-1919
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1918 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...)
+CVE-2009-1918
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1917 (Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP ...)
+CVE-2009-1917
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1916 (dig.php in GScripts.net DNS Tools allows remote attackers to execute ...)
+CVE-2009-1916
 	NOT-FOR-US: GScripts.net DNS Tools
-CVE-2009-1915 (Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ...)
+CVE-2009-1915
 	NOT-FOR-US: ICQ
-CVE-2009-1914 (The pci_register_iommu_region function in ...)
+CVE-2009-1914
 	{DSA-1844-1}
 	- linux-2.6 2.6.29-1 (low; bug #532722)
 	[lenny] - linux-2.6 2.6.26-16
 	- linux-2.6.24 <removed>
 	NOTE: updated in lenny 5.0.2 release
-CVE-2009-1913 (SQL injection vulnerability in manager.php in LuxBum 0.5.5, when ...)
+CVE-2009-1913
 	NOT-FOR-US: LuxBum
-CVE-2009-1912 (Directory traversal vulnerability in src/func/language.php in webSPELL ...)
+CVE-2009-1912
 	NOT-FOR-US: webSPELL
-CVE-2009-1911 (Directory traversal vulnerability in .include/init.php (aka ...)
+CVE-2009-1911
 	NOT-FOR-US: QuiXplorer
-CVE-2009-1910 (SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows ...)
+CVE-2009-1910
 	NOT-FOR-US: RTWebalbum
-CVE-2009-1909 (SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and ...)
+CVE-2009-1909
 	NOT-FOR-US: Skip
-CVE-2009-1908 (Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, ...)
+CVE-2009-1908
 	NOT-FOR-US: Skip
-CVE-2009-1907 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-1907
 	NOT-FOR-US: Claroline
-CVE-2009-1906 (The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before ...)
+CVE-2009-1906
 	NOT-FOR-US: IBM DB2
-CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 ...)
+CVE-2009-1905
 	NOT-FOR-US: IBM DB2
-CVE-2009-1904 (The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 ...)
+CVE-2009-1904
 	{DSA-1860-1}
 	- ruby1.8 1.8.7.173-1 (low; bug #532689)
 	- ruby1.9 <removed> (bug #575778)
 	NOTE: http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/
-CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 allows ...)
+CVE-2009-1903
 	- libapache-mod-security 2.5.9-1
-CVE-2009-1902 (The multipart processor in ModSecurity before 2.5.9 allows remote ...)
+CVE-2009-1902
 	- libapache-mod-security 2.5.9-1
-CVE-2009-1901 (The Security component in IBM WebSphere Application Server (WAS) 6.0.2 ...)
+CVE-2009-1901
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1900 (The Configservice APIs in the Administrative Console component in IBM ...)
+CVE-2009-1900
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1899 (Unspecified vulnerability in the Administrative Configservice API in ...)
+CVE-2009-1899
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1898 (The secure login page in the Administrative Console component in IBM ...)
+CVE-2009-1898
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1960 (inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, ...)
+CVE-2009-1960
 	- dokuwiki 0.0.20090214b-1 (unimportant)
 	NOTE: we don't support setups with register_globals enabled
-CVE-2009-1897 (The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in ...)
+CVE-2009-1897
 	- linux-2.6 2.6.30-3 (high; bug #537409)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
 	NOTE: http://seclists.org/fulldisclosure/2009/Jul/0241.html
-CVE-2009-1896 (The Java Web Start framework in IcedTea in OpenJDK before ...)
+CVE-2009-1896
 	- openjdk-6 6b16-1.6-1 (bug #542210)
-CVE-2009-1895 (The personality subsystem in the Linux kernel before 2.6.31-rc3 has a ...)
+CVE-2009-1895
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-3 (low)
 	[etch] - linux-2.6 <not-affected> (mmap_min_addr first indroduced in 2.6.23)
 	- linux-2.6.24 <removed>
-CVE-2009-1894 (Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local ...)
+CVE-2009-1894
 	{DSA-1838-1}
 	- pulseaudio 0.9.15-4.1 (high; bug #537351)
 	[etch] - pulseaudio <not-affected> (vulnerable code not present)
-CVE-2009-1893 (The configtest function in the Red Hat dhcpd init script for DHCP ...)
+CVE-2009-1893
 	NOT-FOR-US: Red Hat dhcpd init script for DHCP
-CVE-2009-1892 (dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and ...)
+CVE-2009-1892
 	{DSA-1833-2}
 	- isc-dhcp 3.1.2p1-2 (low; bug #539492)
 	- dhcp3 3.1.2p1-2 (low; bug #549584)
 	[etch] - dhcp3 <not-affected> (problematic assert is not present)
 	[lenny] - dhcp3 3.1.1-6+lenny2
-CVE-2009-1891 (The mod_deflate module in Apache httpd 2.2.11 and earlier compresses ...)
+CVE-2009-1891
 	{DSA-1834-1}
 	- apache2 2.2.11-7 (medium; bug #534712)
-CVE-2009-1890 (The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy ...)
+CVE-2009-1890
 	{DSA-1834-1}
 	- apache2 2.2.11-7 (medium; bug #536718)
 	[etch] - apache2 <not-affected> (bug introduced in 2.2.5)
 	[lenny] - apache2 2.2.9-10+lenny4
-CVE-2009-1889 (The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets ...)
+CVE-2009-1889
 	- pidgin 2.5.8-1 (low; bug #535790)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	NOTE: http://developer.pidgin.im/ticket/9483
 	NOTE: http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
-CVE-2009-1888 (The acl_group_override function in smbd/posix_acls.c in smbd in Samba ...)
+CVE-2009-1888
 	{DSA-1823-1}
 	- samba 2:3.3.6-1 (low)
 	[etch] - samba <not-affected> (Vulnerable code not present)
 	NOTE: Successful exploitation requires that "dos filemode" is set to "yes" in smb.conf.
-CVE-2009-1887 (agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise ...)
+CVE-2009-1887
 	- net-snmp <not-affected> (Vulnerable code not present)
 	NOTE: Red Hat incorrect fix for CVE-2008-4309. Checked code in oldstable and stable.
-CVE-2009-1886 (Multiple format string vulnerabilities in client/client.c in smbclient ...)
+CVE-2009-1886
 	{DSA-1823-1}
 	- samba 2:3.3.6-1
 	[etch] - samba <not-affected> (Vulnerable code not present)
 	NOTE: Only the 3.2.x branch was affected, so marking 3.3 as affected
-CVE-2009-1885 (Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in ...)
+CVE-2009-1885
 	- xerces-c 3.0.1-2 (low; bug #540297)
 	[etch] - xerces-c <no-dsa> (Minor issue)
 	[lenny] - xerces-c <no-dsa> (Minor issue)
@@ -8604,21 +8604,21 @@ CVE-2009-1885 (Stack consumption vulnerability in validators/DTD/DTDScanner.cpp
 	[lenny] - xerces-c2 2.8.0-3+lenny1
 	- xerces27 <removed>
 	[etch] - xerces27 <no-dsa> (Minor issue)
-CVE-2009-1884 (Off-by-one error in the bzinflate function in Bzip2.xs in the ...)
+CVE-2009-1884
 	- libcompress-raw-bzip2-perl 2.018-1 (medium; bug #542777)
 	[lenny] - libcompress-raw-bzip2-perl 2.011-2lenny1
-CVE-2009-1883 (The z90crypt_unlocked_ioctl function in the z90crypt driver in the ...)
+CVE-2009-1883
 	{DSA-1929-1}
 	- linux-2.6 2.6.19-1
 	- linux-2.6.24 <not-affected> (problem was fixed before first upload, 2.6.19)
 	NOTE: See Solar Designer's posting to oss-security
-CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c in ...)
+CVE-2009-1882
 	{DSA-1903-1 DSA-1858-1}
 	- imagemagick 7:6.5.1.0-1.1 (medium; bug #530838)
 	- graphicsmagick 1.3.5-5.1 (medium; bug #530946)
-CVE-2009-1881 (Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows ...)
+CVE-2009-1881
 	NOT-FOR-US: MT312
-CVE-2009-1880 (Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows ...)
+CVE-2009-1880
 	NOT-FOR-US: MT312
 CVE-2009-XXXX [OCS Inventory NG SQL Injection Vulnerability]
 	- ocsinventory-server 1.02.1-1 (unimportant; bug #531735)
@@ -8626,216 +8626,216 @@ CVE-2009-XXXX [OCS Inventory NG SQL Injection Vulnerability]
 	NOTE: can be exploited only if magic_quotes is off
 CVE-2009-3870
 	REJECTED
-CVE-2009-1879 (Cross-site scripting (XSS) vulnerability in index.template.html in the ...)
+CVE-2009-1879
 	NOT-FOR-US: Adobe Flex
-CVE-2009-1878 (Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier ...)
+CVE-2009-1878
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1877 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and ...)
+CVE-2009-1877
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1876 (Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain ...)
+CVE-2009-1876
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1875 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe ...)
+CVE-2009-1875
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1874 (Multiple cross-site scripting (XSS) vulnerabilities in the Management ...)
+CVE-2009-1874
 	NOT-FOR-US: Adobe JRun
-CVE-2009-1873 (Directory traversal vulnerability in logging/logviewer.jsp in the ...)
+CVE-2009-1873
 	NOT-FOR-US: Adobe JRun
-CVE-2009-1872 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe ...)
+CVE-2009-1872
 	NOT-FOR-US: Adobe ColdFusion Server
 CVE-2009-1871
 	REJECTED
-CVE-2009-1870 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and ...)
+CVE-2009-1870
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1869 (Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile ...)
+CVE-2009-1869
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1868 (Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and ...)
+CVE-2009-1868
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1867 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and ...)
+CVE-2009-1867
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1866 (Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and ...)
+CVE-2009-1866
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1865 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and ...)
+CVE-2009-1865
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1864 (Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and ...)
+CVE-2009-1864
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1863 (Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and ...)
+CVE-2009-1863
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1862 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x through ...)
+CVE-2009-1862
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1861 (Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 ...)
+CVE-2009-1861
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1860 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 ...)
+CVE-2009-1860
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-1859 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...)
+CVE-2009-1859
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1858 (The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...)
+CVE-2009-1858
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1857 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...)
+CVE-2009-1857
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1856 (Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...)
+CVE-2009-1856
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1855 (Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before ...)
+CVE-2009-1855
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1854 (Million Dollar Text Links 1.0 allows remote attackers to bypass ...)
+CVE-2009-1854
 	NOT-FOR-US: Million Dollar Text Links
-CVE-2009-1853 (Multiple SQL injection vulnerabilities in index.php in Kensei Board ...)
+CVE-2009-1853
 	NOT-FOR-US: Kensei Board
-CVE-2009-1852 (Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow ...)
+CVE-2009-1852
 	NOT-FOR-US: Graphiks MyForum
-CVE-2009-1851 (SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and ...)
+CVE-2009-1851
 	NOT-FOR-US: phpBugTracker
-CVE-2009-1850 (SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows ...)
+CVE-2009-1850
 	NOT-FOR-US: phpBugTracker
-CVE-2009-1849 (Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth ...)
+CVE-2009-1849
 	NOT-FOR-US: PRTG Traffic Grapher
-CVE-2009-1848 (SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or ...)
+CVE-2009-1848
 	NOT-FOR-US: JoomlaMe
-CVE-2009-1847 (Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 ...)
+CVE-2009-1847
 	NOT-FOR-US: Easy PX 41 CMS
-CVE-2009-1846 (Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 ...)
+CVE-2009-1846
 	NOT-FOR-US: SiteX
-CVE-2009-1845 (Cross-site scripting (XSS) vulnerability in ajax/updatecheck.php in ...)
+CVE-2009-1845
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2009-1844 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...)
+CVE-2009-1844
 	{DSA-1808-1}
 	- drupal5 5.17-1.1 (low; bug #529191)
 	- drupal6 6.11-1.1 (low; bug #529190; bug #531386)
-CVE-2009-1843 (Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow ...)
+CVE-2009-1843
 	NOT-FOR-US: Flash Quiz
-CVE-2009-1842 (SQL injection vulnerability in main/tracking/userLog.php in Francisco ...)
+CVE-2009-1842
 	NOT-FOR-US: PHP-Nuke
-CVE-2009-1957 (charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 ...)
+CVE-2009-1957
 	{DSA-1899-1}
 	- strongswan 4.2.14-1.1 (medium; bug #531612)
 	[etch] - strongswan <not-affected> (Vulnerable code not present, IKEv2 was introduced in 4.3)
-CVE-2009-1958 (charon/sa/tasks/child_create.c in the charon daemon in strongSWAN ...)
+CVE-2009-1958
 	{DSA-1899-1}
 	- strongswan 4.2.14-1.1 (medium; bug #531612)
 	[etch] - strongswan <not-affected> (Vulnerable code not present, IKEv2 was introduced in 4.3)
-CVE-2009-1841 (js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before ...)
+CVE-2009-1841
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1840 (Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check ...)
+CVE-2009-1840
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1839 (Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with ...)
+CVE-2009-1839
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1838 (The garbage-collection implementation in Mozilla Firefox before ...)
+CVE-2009-1838
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1837 (Race condition in the NPObjWrapper_NewResolve function in ...)
+CVE-2009-1837
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <not-affected> (Doesn't affect Gecko 1.8)
-CVE-2009-1836 (Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and ...)
+CVE-2009-1836
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1835 (Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate ...)
+CVE-2009-1835
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1834 (Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in ...)
+CVE-2009-1834
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1833 (The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird ...)
+CVE-2009-1833
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1832 (Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and ...)
+CVE-2009-1832
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1828 (Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of ...)
+CVE-2009-1828
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-1827 (The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to ...)
+CVE-2009-1827
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-1831 (The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft ...)
+CVE-2009-1831
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2009-1830 (Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote ...)
+CVE-2009-1830
 	NOT-FOR-US: Soulseek
-CVE-2009-1826 (modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not require ...)
+CVE-2009-1826
 	NOT-FOR-US: myGesuad
-CVE-2009-1825 (modules/admuser.php in myColex 1.4.2 does not require administrative ...)
+CVE-2009-1825
 	NOT-FOR-US: myColex
-CVE-2009-1824 (The ps_drv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus ...)
+CVE-2009-1824
 	NOT-FOR-US: ArcaBit ArcaVir
-CVE-2009-1823 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, ...)
+CVE-2009-1823
 	NOT-FOR-US: 3rd party Printer, e-mail and PDF module for Drupal
-CVE-2009-1822 (Multiple PHP remote file inclusion vulnerabilities in the InterJoomla ...)
+CVE-2009-1822
 	NOT-FOR-US: Joomla!
-CVE-2009-1821 (DMXReady Registration Manager 1.1 stores sensitive information under ...)
+CVE-2009-1821
 	NOT-FOR-US: DMXReady Registration Manager
-CVE-2009-1820 (Cross-site scripting (XSS) vulnerability in product.php in 2daybiz ...)
+CVE-2009-1820
 	NOT-FOR-US: 2daybiz Custom T-shirt Design Script
-CVE-2009-1819 (SQL injection vulnerability in product.php in 2daybiz Custom T-shirt ...)
+CVE-2009-1819
 	NOT-FOR-US: 2daybiz Custom T-shirt Design Script
-CVE-2009-1818 (SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 ...)
+CVE-2009-1818
 	NOT-FOR-US: MaxCMS
-CVE-2009-1817 (Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote ...)
+CVE-2009-1817
 	NOT-FOR-US: DigiMode Maya
-CVE-2009-1816 (SQL injection vulnerability in admin.php in My Game Script 2.0 allows ...)
+CVE-2009-1816
 	NOT-FOR-US: My Game Script
-CVE-2009-1815 (Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b ...)
+CVE-2009-1815
 	NOT-FOR-US: Sonic Spot Audioactive Player
-CVE-2009-1814 (SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier ...)
+CVE-2009-1814
 	NOT-FOR-US: PHPenpals
-CVE-2009-1813 (Multiple SQL injection vulnerabilities in admin/index.php in Submitter ...)
+CVE-2009-1813
 	NOT-FOR-US: Submitter Script
-CVE-2009-1812 (Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) ...)
+CVE-2009-1812
 	NOT-FOR-US: myGesuad
-CVE-2009-1811 (Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 ...)
+CVE-2009-1811
 	NOT-FOR-US: myGesuad
-CVE-2009-1810 (Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote ...)
+CVE-2009-1810
 	NOT-FOR-US: myColex
-CVE-2009-1809 (Multiple cross-site scripting (XSS) vulnerabilities in myColex 1.4.2 ...)
+CVE-2009-1809
 	NOT-FOR-US: myColex
-CVE-2009-1829 (Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 ...)
+CVE-2009-1829
 	{DSA-1942-1}
 	- wireshark 1.0.8-1 (low; bug #533347)
 	[lenny] - wireshark 1.0.2-3+lenny6
 	[etch] - wireshark <no-dsa> (Minor issue)
-CVE-2009-1808 (Microsoft Windows XP SP3 allows local users to cause a denial of ...)
+CVE-2009-1808
 	NOT-FOR-US: Microsoft
-CVE-2009-1807 (Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 ...)
+CVE-2009-1807
 	NOT-FOR-US: Baofeng
-CVE-2009-1806 (Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 ...)
+CVE-2009-1806
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2009-1805 (Unspecified vulnerability in the VMware Descheduled Time Accounting ...)
+CVE-2009-1805
 	NOT-FOR-US: VMware (experimental feature anyway)
-CVE-2009-1804 (Multiple SQL injection vulnerabilities in admin/index.php in ...)
+CVE-2009-1804
 	NOT-FOR-US: videoscript
-CVE-2009-1803 (FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, ...)
+CVE-2009-1803
 	NOT-FOR-US: FreePBX
-CVE-2009-1802 (Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX ...)
+CVE-2009-1802
 	NOT-FOR-US: FreePBX
-CVE-2009-1801 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, ...)
+CVE-2009-1801
 	NOT-FOR-US: FreePBX
-CVE-2009-1800 (Stack-based buffer overflow in the Chinagames CGAgent ActiveX control ...)
+CVE-2009-1800
 	NOT-FOR-US: Chinagames
-CVE-2009-1799 (Multiple SQL injection vulnerabilities in the getGalleryImage function ...)
+CVE-2009-1799
 	NOT-FOR-US: ST-Gallery
-CVE-2009-1798 (Multiple cross-site scripting (XSS) vulnerabilities on the Network ...)
+CVE-2009-1798
 	NOT-FOR-US: APC
-CVE-2009-1797 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2009-1797
 	NOT-FOR-US: APC
-CVE-2009-1796 (Cross-site scripting (XSS) vulnerability in Sun Java System Portal ...)
+CVE-2009-1796
 	NOT-FOR-US: Sun Java System Portal Server
 CVE-2009-1795
 	RESERVED
@@ -8843,140 +8843,140 @@ CVE-2009-1794
 	RESERVED
 CVE-2009-1793
 	RESERVED
-CVE-2009-1792 (The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka ...)
+CVE-2009-1792
 	NOT-FOR-US: StoneTrip Ston3D StandalonePlayer
-CVE-2009-1790 (Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees before ...)
+CVE-2009-1790
 	NOT-FOR-US: CGI Rescue Trees
-CVE-2009-1787 (Multiple SQL injection vulnerabilities in PHP Dir Submit (aka ...)
+CVE-2009-1787
 	NOT-FOR-US: PHP Dir Submit
-CVE-2009-1786 (The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users ...)
+CVE-2009-1786
 	NOT-FOR-US: IBM AIX libc
-CVE-2009-1785 (Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop ...)
+CVE-2009-1785
 	NOT-FOR-US: Ulteo Open Virtual Desktop
-CVE-2009-1784 (The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus ...)
+CVE-2009-1784
 	NOT-FOR-US: AVG anti-virus
-CVE-2009-1783 (Multiple FRISK Software F-Prot anti-virus products, including ...)
+CVE-2009-1783
 	NOT-FOR-US: FRISK Software F-Prot anti-virus
-CVE-2009-1782 (Multiple F-Secure anti-virus products, including Anti-Virus for ...)
+CVE-2009-1782
 	NOT-FOR-US: F-Secure anti-virus
-CVE-2009-1781 (Static code injection vulnerability in admin.php in Frax.dk Php ...)
+CVE-2009-1781
 	NOT-FOR-US: Frax.dk Php Recommend
-CVE-2009-1780 (admin.php in Frax.dk Php Recommend 1.3 and earlier does not require ...)
+CVE-2009-1780
 	NOT-FOR-US: Frax.dk Php Recommend
-CVE-2009-1779 (PHP remote file inclusion vulnerability in admin.php in Frax.dk Php ...)
+CVE-2009-1779
 	NOT-FOR-US: Frax.dk Php Recommend
-CVE-2009-1778 (SQL injection vulnerability in the new user registration feature in ...)
+CVE-2009-1778
 	NOT-FOR-US: BigACE CMS
-CVE-2009-1777 (CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail ...)
+CVE-2009-1777
 	NOT-FOR-US: Matt Wright FormMail
-CVE-2009-1776 (Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in ...)
+CVE-2009-1776
 	NOT-FOR-US: Matt Wright FormMail
-CVE-2009-1775 (Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open ...)
+CVE-2009-1775
 	NOT-FOR-US: Ulteo Open Virtual Desktop
-CVE-2009-1774 (Directory traversal vulnerability in plugins/ddb/foot.php in ...)
+CVE-2009-1774
 	NOT-FOR-US: Strawberry
-CVE-2009-1773 (activeCollab 2.1 Corporate allows remote attackers to obtain sensitive ...)
+CVE-2009-1773
 	NOT-FOR-US: activeCollab
-CVE-2009-1772 (Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate ...)
+CVE-2009-1772
 	NOT-FOR-US: activeCollab
-CVE-2009-1771 (index.php in Flyspeck CMS 6.8 does not require administrative ...)
+CVE-2009-1771
 	NOT-FOR-US: Flyspeck CMS
-CVE-2009-1770 (Directory traversal vulnerability in ...)
+CVE-2009-1770
 	NOT-FOR-US: Flyspeck CMS
-CVE-2009-1769 (The web interface in Open Computer and Software Inventory Next ...)
+CVE-2009-1769
 	- ocsinventory-server 1.02.1-1 (unimportant; bug #529344)
 	NOTE: README.Debian states Important: access to the reports server should be restricted
-CVE-2009-1768 (Directory traversal vulnerability in download.php in Rama Zaiten CMS ...)
+CVE-2009-1768
 	NOT-FOR-US: Rama Zaiten CMS
-CVE-2009-1767 (admin/edituser.php in 2daybiz Template Monster Clone does not require ...)
+CVE-2009-1767
 	NOT-FOR-US: 2daybiz Template Monster Clone
-CVE-2009-1766 (SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows ...)
+CVE-2009-1766
 	NOT-FOR-US: LightOpenCMS
-CVE-2009-1765 (Multiple directory traversal vulnerabilities in pluck 4.6.2, when ...)
+CVE-2009-1765
 	NOT-FOR-US: pluck CMS
-CVE-2009-1764 (SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows ...)
+CVE-2009-1764
 	NOT-FOR-US: MaxCMS
-CVE-2009-1763 (Unspecified vulnerability in the Solaris Secure Digital slot driver ...)
+CVE-2009-1763
 	NOT-FOR-US: Solaris
-CVE-2009-1762 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess ...)
+CVE-2009-1762
 	NOT-FOR-US: Novell GroupWise
 CVE-2009-XXXX [radare-common insecure temp files handling]
 	- radare 1.4-1 (low)
-CVE-2009-1761 (The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for ...)
+CVE-2009-1761
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2009-1760 (Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar ...)
+CVE-2009-1760
 	{DSA-1815-1}
 	- libtorrent-rasterbar 0.14.4-1 (medium)
-CVE-2009-1759 (Stack-based buffer overflow in the btFiles::BuildFromMI function ...)
+CVE-2009-1759
 	{DSA-1817-1}
 	- ctorrent 1.3.4-dnh3.2-1.1 (medium; bug #530255)
-CVE-2009-1758 (The hypervisor_callback function in Xen, possibly before 3.4.0, as ...)
+CVE-2009-1758
 	{DSA-1809-1}
 	- linux-2.6 2.6.28-1 (low; bug #536148)
 	- linux-2.6.24 <removed>
-CVE-2009-1757 (Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 ...)
+CVE-2009-1757
 	- transmission 1.61-1 (low)
 	[lenny] - transmission <not-affected> (Vulnerable code not present, the web interface was introduced in 1.30)
 	[etch] - transmission <not-affected> (Vulnerable code not present, the web interface was introduced in 1.30)
-CVE-2009-1754 (The PackageManagerService class in ...)
+CVE-2009-1754
 	NOT-FOR-US: Android
-CVE-2009-1752 (exJune Office Message System 1 does not properly restrict access to ...)
+CVE-2009-1752
 	NOT-FOR-US: exJune Office Message System
-CVE-2009-1751 (SQL injection vulnerability in list_list.php in Realty Webware ...)
+CVE-2009-1751
 	NOT-FOR-US: Realty Web-Base
-CVE-2009-1750 (Unrestricted file upload vulnerability in VidSharePro allows remote ...)
+CVE-2009-1750
 	NOT-FOR-US: VidSharePro
-CVE-2009-1749 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-1749
 	NOT-FOR-US: Catviz
-CVE-2009-1748 (Multiple directory traversal vulnerabilities in index.php in Catviz ...)
+CVE-2009-1748
 	NOT-FOR-US: Catviz
-CVE-2009-1747 (SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 ...)
+CVE-2009-1747
 	NOT-FOR-US: bSpeak
-CVE-2009-1746 (SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 ...)
+CVE-2009-1746
 	NOT-FOR-US: Dian Gemilang DGNews
-CVE-2009-1745 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x ...)
+CVE-2009-1745
 	NOT-FOR-US: Armorlogic Profense Web Application Firewall
-CVE-2009-1744 (InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in ...)
+CVE-2009-1744
 	NOT-FOR-US: Pinnacle
-CVE-2009-1743 (Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in ...)
+CVE-2009-1743
 	NOT-FOR-US: Pinnacle
-CVE-2009-1742 (code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for ...)
+CVE-2009-1742
 	NOT-FOR-US: PC4Arb Pc4 Uploader
-CVE-2009-1741 (Multiple SQL injection vulnerabilities in login.php in DM FileManager ...)
+CVE-2009-1741
 	NOT-FOR-US: DM FileManager
-CVE-2009-1740 (Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ...)
+CVE-2009-1740
 	NOT-FOR-US: D-Link MPEG4 Viewer
-CVE-2009-1739 (PAD Site Scripts 3.6 allows remote attackers to bypass authentication ...)
+CVE-2009-1739
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-1738 (Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before ...)
+CVE-2009-1738
 	NOT-FOR-US: Feed Block
-CVE-2009-1737 (Directory traversal vulnerability in bom.php in MyPic 2.1 allows ...)
+CVE-2009-1737
 	NOT-FOR-US: MyPic
-CVE-2009-1736 (SQL injection vulnerability in the GridSupport (GS) Ticket System ...)
+CVE-2009-1736
 	NOT-FOR-US: GridSupport component for Joomla
-CVE-2009-1735 (Cross-site scripting (XSS) vulnerability in search.php in VidSharePro ...)
+CVE-2009-1735
 	NOT-FOR-US: VidSharePro
-CVE-2009-1734 (SQL injection vulnerability in listing_video.php in VidSharePro allows ...)
+CVE-2009-1734
 	NOT-FOR-US: VidSharePro
-CVE-2009-1733 (Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows ...)
+CVE-2009-1733
 	- ipplan 4.91a-1.1 (unimportant; bug #530271)
 	NOTE: Only exploitable with admin rights
-CVE-2009-1732 (Cross-site scripting (XSS) vulnerability in admin/usermanager in ...)
+CVE-2009-1732
 	{DSA-1827-1}
 	- ipplan 4.91a-1.1 (low; bug #530271)
-CVE-2009-1731 (SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows ...)
+CVE-2009-1731
 	NOT-FOR-US: MLFFAT
-CVE-2009-1730 (Multiple directory traversal vulnerabilities in NetMechanica ...)
+CVE-2009-1730
 	NOT-FOR-US: NetDecision TFTP Server
-CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2009-1729
 	NOT-FOR-US: Sun Java System Communications Express
-CVE-2009-1728 (Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before ...)
+CVE-2009-1728
 	NOT-FOR-US: Image RAW in Apple Mac OS X
-CVE-2009-1727 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 ...)
+CVE-2009-1727
 	NOT-FOR-US: CoreTypes in Apple Mac OS X
-CVE-2009-1726 (Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and ...)
+CVE-2009-1726
 	NOT-FOR-US: ColorSync in Apple Mac OS X
-CVE-2009-1725 (WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, ...)
+CVE-2009-1725
 	{DSA-1988-1 DSA-1950-1}
 	- webkit 1.1.13-1 (medium; bug #538346)
 	- qt4-x11 4:4.5.2-2 (medium; bug #538347)
@@ -8986,7 +8986,7 @@ CVE-2009-1725 (WebKit in Apple Safari before 4.0.2, as used on iPhone OS before
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=513813#c18
 	NOTE: patch http://trac.webkit.org/changeset/44799/
 	NOTE: PoC http://web.archive.org/web/20110813092643/https://cevans-app.appspot.com/static/webkitentityoffbyone.html
-CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1724
 	- qt4-x11 <not-affected> (bug #538403)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- webkit 1.1.13-1 (low; bug #538402)
@@ -8994,20 +8994,20 @@ CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: http://www.thespanner.co.uk/2009/06/19/minor-safari-cross-domain-bug/
-CVE-2009-1723 (CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL ...)
+CVE-2009-1723
 	NOT-FOR-US: CFNetwork in Apple Mac OS X
-CVE-2009-1722 (Heap-based buffer overflow in the compression implementation in ...)
+CVE-2009-1722
 	{DSA-1842-1}
 	- openexr 1.6.1-1 (medium; bug #540424)
-CVE-2009-1721 (The decompression implementation in the Imf::hufUncompress function in ...)
+CVE-2009-1721
 	{DSA-1842-1}
 	- openexr 1.6.1-4.1 (medium; bug #540424)
-CVE-2009-1720 (Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow ...)
+CVE-2009-1720
 	{DSA-1842-1}
 	- openexr 1.6.1-4.1 (medium; bug #540424)
-CVE-2009-1719 (The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X ...)
+CVE-2009-1719
 	NOT-FOR-US: Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X
-CVE-2009-1718 (WebKit in Apple Safari before 4.0 allows user-assisted remote ...)
+CVE-2009-1718
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <no-dsa> (Minor issue)
 	- kdelibs <unfixed> (unimportant)
@@ -9016,11 +9016,11 @@ CVE-2009-1718 (WebKit in Apple Safari before 4.0 allows user-assisted remote ...
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/44010
-CVE-2009-1717 (Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 ...)
+CVE-2009-1717
 	NOT-FOR-US: Mac OS X
-CVE-2009-1716 (CFNetwork in Apple Safari before 4.0 on Windows does not properly ...)
+CVE-2009-1716
 	NOT-FOR-US: CFNetwork in Apple
-CVE-2009-1715 (Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...)
+CVE-2009-1715
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- kdelibs <not-affected>
 	- kde4libs <not-affected>
@@ -9028,7 +9028,7 @@ CVE-2009-1715 (Cross-site scripting (XSS) vulnerability in Web Inspector in WebK
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/31890
-CVE-2009-1714 (Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...)
+CVE-2009-1714
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9036,7 +9036,7 @@ CVE-2009-1714 (Cross-site scripting (XSS) vulnerability in Web Inspector in WebK
 	- qt4-x11 4:4.6.3-1 (low)
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: http://trac.webkit.org/changeset/36359
-CVE-2009-1713 (The XSLT functionality in WebKit in Apple Safari before 4.0 does not ...)
+CVE-2009-1713
 	{DSA-1988-1}
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9044,7 +9044,7 @@ CVE-2009-1713 (The XSLT functionality in WebKit in Apple Safari before 4.0 does
 	- qt4-x11 4:4.5.2-2
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	NOTE: http://trac.webkit.org/changeset/34533
-CVE-2009-1712 (WebKit in Apple Safari before 4.0 does not prevent remote loading of ...)
+CVE-2009-1712
 	{DSA-1988-1 DSA-1950-1}
 	- webkit 1.1.12-1 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9052,7 +9052,7 @@ CVE-2009-1712 (WebKit in Apple Safari before 4.0 does not prevent remote loading
 	- qt4-x11 4:4.5.2-2
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	NOTE: http://trac.webkit.org/changeset/41568
-CVE-2009-1711 (WebKit in Apple Safari before 4.0 does not properly initialize memory ...)
+CVE-2009-1711
 	{DSA-1988-1 DSA-1950-1}
 	- webkit 1.1.12-1 (medium; bug #535793)
 	NOTE: http://trac.webkit.org/changeset/36918
@@ -9060,7 +9060,7 @@ CVE-2009-1711 (WebKit in Apple Safari before 4.0 does not properly initialize me
 	- kde4libs <not-affected>
 	- qt4-x11 4:4.5.2-1
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1710 (WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...)
+CVE-2009-1710
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9069,7 +9069,7 @@ CVE-2009-1710 (WebKit in Apple Safari before 4.0 allows remote attackers to spoo
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/35157
-CVE-2009-1709 (Use-after-free vulnerability in the garbage-collection implementation ...)
+CVE-2009-1709
 	{DSA-1866-1}
 	- webkit 0~svn32442-1
 	NOTE: fixed in upstream commit http://trac.webkit.org/changeset/32230
@@ -9077,17 +9077,17 @@ CVE-2009-1709 (Use-after-free vulnerability in the garbage-collection implementa
 	- kde4libs <not-affected> (Vulnerable code not present)
 	- kdegraphics 4:4.0 (medium; bug #534951)
 	NOTE: kdegraphics >4.0 not affected since ksvg is only in 3.5.x series)
-CVE-2009-1708 (Apple Safari before 4.0 does not prevent calls to the open-help-anchor ...)
+CVE-2009-1708
 	NOT-FOR-US: Apple Safari
-CVE-2009-1707 (Race condition in the Reset Safari implementation in Apple Safari ...)
+CVE-2009-1707
 	NOT-FOR-US: Apple Safari
-CVE-2009-1706 (The Private Browsing feature in Apple Safari before 4.0 on Windows ...)
+CVE-2009-1706
 	NOT-FOR-US: Apple Safari
-CVE-2009-1705 (CoreGraphics in Apple Safari before 4.0 on Windows does not properly ...)
+CVE-2009-1705
 	NOT-FOR-US: Apple Safari
-CVE-2009-1704 (CFNetwork in Apple Safari before 4.0 misinterprets downloaded image ...)
+CVE-2009-1704
 	NOT-FOR-US: Apple Safari
-CVE-2009-1703 (WebKit in Apple Safari before 4.0 does not prevent references to file: ...)
+CVE-2009-1703
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <no-dsa> (Minor issue)
 	- kdelibs <not-affected>
@@ -9096,7 +9096,7 @@ CVE-2009-1703 (WebKit in Apple Safari before 4.0 does not prevent references to
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	[lenny] - qt4-x11 <not-affected> (HTML video support introduced in version 4.5)
 	NOTE: http://trac.webkit.org/changeset/42533
-CVE-2009-1702 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1702
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- kdelibs <not-affected>
@@ -9105,7 +9105,7 @@ CVE-2009-1702 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/42216
-CVE-2009-1701 (Use-after-free vulnerability in the JavaScript DOM implementation in ...)
+CVE-2009-1701
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <no-dsa> (Unmaintained, only affects fringe apps)
 	- kdelibs <not-affected>
@@ -9114,7 +9114,7 @@ CVE-2009-1701 (Use-after-free vulnerability in the JavaScript DOM implementation
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: invasive patch to backport.
 	NOTE: http://trac.webkit.org/changeset/40881
-CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone ...)
+CVE-2009-1700
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- kdelibs <not-affected>
@@ -9123,14 +9123,14 @@ CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0, iPh
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/38065
-CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before ...)
+CVE-2009-1699
 	{DSA-1988-1}
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- kdelibs <not-affected>
 	- kde4libs <not-affected>
 	- qt4-x11 4:4.5.2-2
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1698 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
+CVE-2009-1698
 	{DSA-1988-1 DSA-1950-1 DSA-1868-1 DSA-1867-1}
 	- webkit 1.1.5-1 (medium; bug #534946)
 	NOTE: http://trac.webkit.org/changeset/42081
@@ -9138,7 +9138,7 @@ CVE-2009-1698 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, a
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	- kdelibs 4:3.5.10.dfsg.1-2.1 (medium; bug #534949)
 	- kde4libs 4:4.3.0-1 (medium)
-CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0, ...)
+CVE-2009-1697
 	{DSA-1950-1}
 	- webkit 1.1.15.2-1 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9147,7 +9147,7 @@ CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/41262
-CVE-2009-1696 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
+CVE-2009-1696
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9157,7 +9157,7 @@ CVE-2009-1696 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, a
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/39510
 	NOTE: http://trac.webkit.org/changeset/39553
-CVE-2009-1695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1695
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9166,7 +9166,7 @@ CVE-2009-1695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	[lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/42223
-CVE-2009-1694 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
+CVE-2009-1694
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9175,7 +9175,7 @@ CVE-2009-1694 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, a
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/35935
-CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
+CVE-2009-1693
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9184,7 +9184,7 @@ CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, a
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: http://trac.webkit.org/changeset/35928
-CVE-2009-1692 (WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, ...)
+CVE-2009-1692
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <unfixed> (unimportant)
@@ -9193,7 +9193,7 @@ CVE-2009-1692 (WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: upstream (undisclosed) bug report is https://bugs.webkit.org/show_bug.cgi?id=23319
 	NOTE: http://trac.webkit.org/changeset/41741
-CVE-2009-1691 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1691
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/32791
@@ -9201,7 +9201,7 @@ CVE-2009-1691 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	- kde4libs <not-affected>
 	- qt4-x11 4.4.3-1
 	NOTE: QT4 might be fixed earlier, but only Lenny version was checked
-CVE-2009-1690 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
+CVE-2009-1690
 	{DSA-1988-1 DSA-1950-1 DSA-1868-1 DSA-1867-1}
 	- webkit 1.1.5-1 (medium; bug #534946)
 	NOTE: http://trac.webkit.org/changeset/42532
@@ -9210,7 +9210,7 @@ CVE-2009-1690 (Use-after-free vulnerability in WebKit, as used in Apple Safari b
 	NOTE: http://websvn.kde.org/?view=rev&revision=983316
 	- qt4-x11 4:4.5.2-1 (medium; bug #534947)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1689 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1689
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9218,7 +9218,7 @@ CVE-2009-1689 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	- qt4-x11 4.4.3-1
 	NOTE: QT4 might be fixed earlier, but only Lenny version was checked
 	NOTE: http://trac.webkit.org/changeset/32791
-CVE-2009-1688 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1688
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9226,7 +9226,7 @@ CVE-2009-1688 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	- qt4-x11 4.4.3-1
 	NOTE: QT4 might be fixed earlier, but only Lenny version was checked
 	NOTE: http://trac.webkit.org/changeset/32791
-CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before 4.0, ...)
+CVE-2009-1687
 	{DSA-1988-1 DSA-1950-1 DSA-1868-1 DSA-1867-1}
 	- webkit 1.1.5-1 (medium; bug #534946)
 	- kdelibs 4:3.5.10.dfsg.1-2.1 (bug #534952)
@@ -9234,7 +9234,7 @@ CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before
 	NOTE: http://trac.webkit.org/changeset/41854
 	- qt4-x11 4:4.5.2-1 (medium; bug #534946)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1686 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
+CVE-2009-1686
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9243,14 +9243,14 @@ CVE-2009-1686 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, a
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/31431
-CVE-2009-1685 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1685
 	- webkit 1.0.1-4 (bug #535793)
 	- kdelibs <not-affected>
 	- qt4-x11 4:4.6.2-4 (low)
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/34574
-CVE-2009-1684 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2009-1684
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9259,11 +9259,11 @@ CVE-2009-1684 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/42365
-CVE-2009-1683 (The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and ...)
+CVE-2009-1683
 	NOT-FOR-US: iPhone
-CVE-2009-1682 (Apple Safari before 4.0 does not properly check for revoked Extended ...)
+CVE-2009-1682
 	NOT-FOR-US: Apple Safari
-CVE-2009-1681 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
+CVE-2009-1681
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9272,333 +9272,333 @@ CVE-2009-1681 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, a
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against, Lenny is affected
 	NOTE: http://trac.webkit.org/changeset/42333
-CVE-2009-1680 (Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod ...)
+CVE-2009-1680
 	NOT-FOR-US: Safari in Apple iPhone OS
-CVE-2009-1679 (The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone ...)
+CVE-2009-1679
 	NOT-FOR-US: iPhone
-CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 places the X authority magic cookie ...)
+CVE-2009-1756
 	- slim 1.3.1-2 (low; bug #529306)
 	[lenny] - slim 1.3.0-1+lenny2
-CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in packet.c ...)
+CVE-2009-1755
 	{DSA-1803-1}
 	- nsd3 3.2.2-1 (medium; bug #529418)
 	- nsd 2.3.7-3 (medium; bug #529420)
 	NOTE: VU#710316
-CVE-2009-1753 (Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a ...)
+CVE-2009-1753
 	- coccinelle 0.1.7.deb-3 (low)
-CVE-2009-1678 (Directory traversal vulnerability in the saveFeed function in ...)
+CVE-2009-1678
 	NOT-FOR-US: Bitweaver
-CVE-2009-1677 (Multiple static code injection vulnerabilities in the saveFeed ...)
+CVE-2009-1677
 	NOT-FOR-US: Bitweaver
 CVE-2009-1676
 	REJECTED
-CVE-2009-1675 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows ...)
+CVE-2009-1675
 	NOT-FOR-US: ElectraSoft 32bit FTP
-CVE-2009-1674 (Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows ...)
+CVE-2009-1674
 	NOT-FOR-US: Microchip MPLAB IDE
-CVE-2009-1673 (The kernel in Sun Solaris 9 allows local users to cause a denial of ...)
+CVE-2009-1673
 	NOT-FOR-US: SunOS
-CVE-2009-1672 (The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in ...)
+CVE-2009-1672
 	NOT-FOR-US: ActiveX
-CVE-2009-1671 (Multiple buffer overflows in the Deployment Toolkit ActiveX control in ...)
+CVE-2009-1671
 	NOT-FOR-US: ActiveX
-CVE-2009-1670 (user/index.php in TCPDB 3.8 does not require administrative ...)
+CVE-2009-1670
 	NOT-FOR-US: TCPDB
-CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in ...)
+CVE-2009-1669
 	{DSA-1919-1}
 	- smarty 2.6.26-0.1 (low; bug #529810)
 	[etch] - smarty <not-affected> (Vulnerable code not present)
 	[lenny] - smarty <no-dsa> (Minor issue)
-CVE-2009-1668 (TYPSoft FTP Server 1.11 allows remote attackers to cause a denial of ...)
+CVE-2009-1668
 	NOT-FOR-US: TYPSoft
-CVE-2009-1667 (Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows ...)
+CVE-2009-1667
 	NOT-FOR-US: CastRipper
-CVE-2009-1666 (Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite ...)
+CVE-2009-1666
 	NOT-FOR-US: CycloMedia CycloScopeLite
-CVE-2009-1665 (myaccount.php in Easy Scripts Answer and Question Script allows remote ...)
+CVE-2009-1665
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1664 (myaccount.php in Easy Scripts Answer and Question Script does not ...)
+CVE-2009-1664
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1663 (Unrestricted file upload vulnerability in myaccount.php in Easy ...)
+CVE-2009-1663
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1662 (Multiple SQL injection vulnerabilities in admin/login.php in Wright ...)
+CVE-2009-1662
 	NOT-FOR-US: Wright Way Services Recipe Script
-CVE-2009-1661 (SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when ...)
+CVE-2009-1661
 	NOT-FOR-US: uTopic
-CVE-2009-1660 (Stack-based buffer overflow in URUWorks ViPlay3 3.0 and earlier allows ...)
+CVE-2009-1660
 	NOT-FOR-US: ViPlay3
-CVE-2009-1659 (Unrestricted file upload vulnerability in admin/uploadimage.php in ...)
+CVE-2009-1659
 	NOT-FOR-US: eLitius
-CVE-2009-1658 (Multiple SQL injection vulnerabilities in admin/admin.php in Realty ...)
+CVE-2009-1658
 	NOT-FOR-US: Web-Base
-CVE-2009-1657 (Multiple SQL injection vulnerabilities in the Starrating plugin before ...)
+CVE-2009-1657
 	NOT-FOR-US: Starrating plugin for b2evolution
-CVE-2009-1656 (Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and ...)
+CVE-2009-1656
 	NOT-FOR-US: Xerox
-CVE-2009-1655 (Multiple SQL injection vulnerabilities in myaccount.php in Easy ...)
+CVE-2009-1655
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1654 (Cross-site scripting (XSS) vulnerability in questiondetail.php in Easy ...)
+CVE-2009-1654
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1653 (Directory traversal vulnerability in ...)
+CVE-2009-1653
 	NOT-FOR-US: TinyButStrong
-CVE-2009-1652 (admin/adminaddeditdetails.php in Business Community Script does not ...)
+CVE-2009-1652
 	NOT-FOR-US: Business Community Script
-CVE-2009-1651 (SQL injection vulnerability in admin/member_details.php in 2daybiz ...)
+CVE-2009-1651
 	NOT-FOR-US: 2daybiz
-CVE-2009-1650 (Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 ...)
+CVE-2009-1650
 	NOT-FOR-US: Shutter
-CVE-2009-1649 (Directory traversal vulnerability in arch.php in beLive 0.2.3 allows ...)
+CVE-2009-1649
 	NOT-FOR-US: beLive
-CVE-2009-1648 (The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise ...)
+CVE-2009-1648
 	NOT-FOR-US: yast2-ldap-server on SUSE
-CVE-2009-1647 (Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 ...)
+CVE-2009-1647
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2009-1646 (Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 ...)
+CVE-2009-1646
 	NOT-FOR-US: Mini-stream RM Downloader
-CVE-2009-1645 (Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 ...)
+CVE-2009-1645
 	NOT-FOR-US: Mini-stream Easy RM-MP Converter
-CVE-2009-1644 (Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 ...)
+CVE-2009-1644
 	NOT-FOR-US: Streaming Audio Player
-CVE-2009-1643 (Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows ...)
+CVE-2009-1643
 	NOT-FOR-US: Sorinara Soritong MP3 Player
-CVE-2009-1642 (Multiple stack-based buffer overflows in Mini-stream ASX to MP3 ...)
+CVE-2009-1642
 	NOT-FOR-US: Mini-stream ASX to MP3 Converter
-CVE-2009-1641 (Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 ...)
+CVE-2009-1641
 	NOT-FOR-US: Mini-stream Ripper
-CVE-2009-1640 (Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery ...)
+CVE-2009-1640
 	NOT-FOR-US: Nucleus Data Recovery Kernel Recovery
-CVE-2009-1639 (Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery ...)
+CVE-2009-1639
 	NOT-FOR-US: Nucleus Data Recovery Kernel Recovery
-CVE-2009-1638 (Techno Dreams Job Career Package 3.0 allows remote attackers to bypass ...)
+CVE-2009-1638
 	NOT-FOR-US: Techno Dreams Job Career Package
-CVE-2009-1637 (profile.php in Simple Customer 1.3 does not require administrative ...)
+CVE-2009-1637
 	NOT-FOR-US: Simple Customer
-CVE-2009-1788 (Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 ...)
+CVE-2009-1788
 	{DSA-1814-1 DTSA-202-1}
 	- libsndfile 1.0.20-1 (low; bug #528650)
-CVE-2009-1791 (Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 ...)
+CVE-2009-1791
 	{DSA-1814-1 DTSA-202-1}
 	- libsndfile 1.0.20-1 (low; bug #528650)
-CVE-2009-1636 (Multiple buffer overflows in the Internet Agent (aka GWIA) component ...)
+CVE-2009-1636
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-1635 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess ...)
+CVE-2009-1635
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-1634 (The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and ...)
+CVE-2009-1634
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-1633 (Multiple buffer overflows in the cifs subsystem in the Linux kernel ...)
+CVE-2009-1633
 	{DSA-1865-1 DSA-1844-1 DSA-1809-1}
 	- linux-2.6 2.6.30-1
 	- linux-2.6.24 <removed>
-CVE-2009-1632 (Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote ...)
+CVE-2009-1632
 	{DSA-1804-1}
 	- ipsec-tools 1:0.7.1-1.5 (medium; bug #528933)
-CVE-2009-1631 (The Mailer component in Evolution 2.26.1 and earlier uses ...)
+CVE-2009-1631
 	- evolution 2.29.90-1 (unimportant; bug #526409)
 	NOTE: Mostly a security enhancement, only for local users/mail and open homedirs
-CVE-2009-1630 (The nfs_permission function in fs/nfs/dir.c in the NFS client ...)
+CVE-2009-1630
 	{DSA-1865-1 DSA-1844-1 DSA-1809-1}
 	- linux-2.6 2.6.30-1
 	- linux-2.6.24 <removed>
-CVE-2009-1629 (ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with ...)
+CVE-2009-1629
 	{DSA-1994-1}
 	- ajaxterm 0.10-5 (medium; bug #528938)
-CVE-2009-1789 (mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and ...)
+CVE-2009-1789
 	{DSA-1826-1}
 	- eggdrop 1.6.19-1.2 (medium; bug #528778)
 CVE-2009-XXXX [cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked]
 	- cron 3.0pl1-106 (low; bug #528434)
 	[lenny] - cron <no-dsa> (Minor issue)
 	[etch] - cron <no-dsa> (Minor issue)
-CVE-2009-1628 (Stack-based buffer overflow in mnet.exe in Unisys Business Information ...)
+CVE-2009-1628
 	NOT-FOR-US: Unisys Business Information Server
-CVE-2009-1627 (Stack-based buffer overflow in Streaming Download Project (SDP) ...)
+CVE-2009-1627
 	NOT-FOR-US: Streaming Download Project (SDP)
-CVE-2009-1626 (SQL injection vulnerability in public/specific.php in EZ-Blog before ...)
+CVE-2009-1626
 	NOT-FOR-US: EZ-Blog
-CVE-2009-1625 (Directory traversal vulnerability in index.php in Thickbox Gallery 2 ...)
+CVE-2009-1625
 	NOT-FOR-US: Thickbox Gallery 2
-CVE-2009-1624 (Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 ...)
+CVE-2009-1624
 	NOT-FOR-US: Dew-NewPHPLinks 2.0
-CVE-2009-1623 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2009-1623
 	NOT-FOR-US: Dew-NewPHPLinks 2.0
-CVE-2009-1622 (SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote ...)
+CVE-2009-1622
 	NOT-FOR-US: EcShop 2.5.0
-CVE-2009-1621 (Directory traversal vulnerability in index.php in OpenCart 1.1.8 ...)
+CVE-2009-1621
 	NOT-FOR-US: OpenCart
-CVE-2009-1620 (Multiple cross-site scripting (XSS) vulnerabilities in input.php in ...)
+CVE-2009-1620
 	NOT-FOR-US: MataChat
-CVE-2009-1619 (Teraway FileStream 1.0 allows remote attackers to bypass ...)
+CVE-2009-1619
 	NOT-FOR-US: Teraway FileStream
-CVE-2009-1618 (Teraway LiveHelp 2.0 allows remote attackers to bypass authentication ...)
+CVE-2009-1618
 	NOT-FOR-US: Teraway LiveHelp
-CVE-2009-1617 (Teraway LinkTracker 1.0 allows remote attackers to bypass ...)
+CVE-2009-1617
 	NOT-FOR-US: Teraway LinkTracker
-CVE-2009-1616 (Cross-site scripting (XSS) vulnerability in docs/showdoc.php in ...)
+CVE-2009-1616
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2009-1615 (Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote ...)
+CVE-2009-1615
 	NOT-FOR-US: Leap CMS
-CVE-2009-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 ...)
+CVE-2009-1614
 	NOT-FOR-US: Leap CMS
-CVE-2009-1613 (Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, ...)
+CVE-2009-1613
 	NOT-FOR-US: Leap CMS
-CVE-2009-1612 (Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control ...)
+CVE-2009-1612
 	NOT-FOR-US: ActiveX
-CVE-2009-1611 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows ...)
+CVE-2009-1611
 	NOT-FOR-US: ElectraSoft 32bit FTP
-CVE-2009-1610 (admin/changepassword.php in Job Script Job Board Software 2.0 allows ...)
+CVE-2009-1610
 	NOT-FOR-US: Job Script Job Board Software
-CVE-2009-1609 (Unrestricted file upload vulnerability in admin/uploadform.asp in ...)
+CVE-2009-1609
 	NOT-FOR-US: Battle Blog
-CVE-2009-1608 (Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly ...)
+CVE-2009-1608
 	NOT-FOR-US: Microchip MPLAB IDE
-CVE-2009-1607 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
+CVE-2009-1607
 	NOT-FOR-US: LinkBase
-CVE-2009-1606 (Multiple stack-based and heap-based buffer overflows in Dafolo ...)
+CVE-2009-1606
 	NOT-FOR-US: Dafolo DafoloControl ActiveX
-CVE-2009-1605 (Heap-based buffer overflow in the loadexponentialfunc function in ...)
+CVE-2009-1605
 	NOT-FOR-US: MuPDF
-CVE-2009-1604 (Unspecified vulnerability in LimeSurvey before 1.82 allows remote ...)
+CVE-2009-1604
 	- limesurvey <itp> (bug #472802)
-CVE-2009-1603 (src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used ...)
+CVE-2009-1603
 	- opensc 0.11.8 (high; bug #527640)
 	[etch] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
 	[lenny] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
 	NOTE: checked code, public exponent set correctly in etch/lenny versions (CK_BYTE publicExponent[] = { 3 };)
-CVE-2009-1602 (Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote ...)
+CVE-2009-1602
 	NOT-FOR-US: Pablo Software
-CVE-2009-1601 (The Ubuntu clamav-milter.init script in clamav-milter before ...)
+CVE-2009-1601
 	- clamav <not-affected> (Vulnerable code not present)
 	NOTE: from what I see this code was never uploaded to the debian archive
-CVE-2009-1600 (Apple Safari executes DOM calls in response to a javascript: URI in ...)
+CVE-2009-1600
 	NOT-FOR-US: Apple Safari
-CVE-2009-1599 (Opera executes DOM calls in response to a javascript: URI in the ...)
+CVE-2009-1599
 	NOT-FOR-US: Opera
-CVE-2009-1598 (Google Chrome executes DOM calls in response to a javascript: URI in ...)
+CVE-2009-1598
 	- chromium-browser <unfixed> (unimportant)
 	- webkit <not-affected> (chrome-specific issue)
 	NOTE: it sounds like a "researcher misconception bug" (as seeming explained by Abobe) rather than a security issue
-CVE-2009-1597 (Mozilla Firefox executes DOM calls in response to a javascript: URI in ...)
+CVE-2009-1597
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-1596 (Ignite Realtime Openfire before 3.6.5 does not properly implement the ...)
+CVE-2009-1596
 	NOT-FOR-US: Openfire
-CVE-2009-1595 (The jabber:iq:auth implementation in IQAuthHandler.java in Ignite ...)
+CVE-2009-1595
 	NOT-FOR-US: Openfire
 CVE-2009-XXXX [More file buffer overflows]
 	- file 5.03-1 (bug #525820)
 	[etch] - file <not-affected> (CDF code not yet present in 4.x)
 	[lenny] - file <not-affected> (CDF code not yet present in 4.x)
-CVE-2009-1594 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x ...)
+CVE-2009-1594
 	NOT-FOR-US: Armorlogic Profense Web Application Firewall
-CVE-2009-1593 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x ...)
+CVE-2009-1593
 	NOT-FOR-US: Armorlogic Profense Web Application Firewall
-CVE-2009-1592 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows ...)
+CVE-2009-1592
 	NOT-FOR-US: ElectraSoft 32bit FTP
-CVE-2009-1591 (CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 ...)
+CVE-2009-1591
 	NOT-FOR-US: CGI RESCUE Web Mailer
-CVE-2009-1590 (Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows ...)
+CVE-2009-1590
 	NOT-FOR-US: CGI RESCUE FORM2MAIL
-CVE-2009-1589 (Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows ...)
+CVE-2009-1589
 	NOT-FOR-US: CGI RESCUE MiniBBS
-CVE-2009-1588 (Cross-site scripting (XSS) vulnerability in CGI RESCUE MiniBBS 8t ...)
+CVE-2009-1588
 	NOT-FOR-US: CGI RESCUE MiniBBS
 CVE-2009-XXXX [hex-a-hop: buffer overflow in loading save games]
 	- hex-a-hop <unfixed> (unimportant; bug #528250)
 	NOTE: That's a simple bug, it's silly to treat this as a security issue
-CVE-2009-1587 (index.php in PHP Site Lock 2.0 allows remote attackers to bypass ...)
+CVE-2009-1587
 	NOT-FOR-US: PHP Site Lock
-CVE-2009-1586 (Stack-based buffer overflow in the NZB importer feature in GrabIt ...)
+CVE-2009-1586
 	NOT-FOR-US: GrabIt
-CVE-2009-1585 (Multiple SQL injection vulnerabilities in TemaTres 1.031, when ...)
+CVE-2009-1585
 	NOT-FOR-US: TemaTres
-CVE-2009-1584 (Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, ...)
+CVE-2009-1584
 	NOT-FOR-US: TemaTres
-CVE-2009-1583 (Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3 ...)
+CVE-2009-1583
 	NOT-FOR-US: TemaTres
-CVE-2009-1582 (Million Dollar Text Links 1.0 does not properly restrict administrator ...)
+CVE-2009-1582
 	NOT-FOR-US: Million Dollar Text Links
-CVE-2009-1581 (functions/mime.php in SquirrelMail before 1.4.18 does not protect the ...)
+CVE-2009-1581
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (low; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13667
-CVE-2009-1580 (Session fixation vulnerability in SquirrelMail before 1.4.18 allows ...)
+CVE-2009-1580
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (low; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13676
-CVE-2009-1579 (The map_yp_alias function in functions/imap_general.php in ...)
+CVE-2009-1579
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (medium; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13674
 	NOTE: doesn't affect every setup
-CVE-2009-1578 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail ...)
+CVE-2009-1578
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (low; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13670
-CVE-2009-1577 (Multiple stack-based buffer overflows in the putstring function in ...)
+CVE-2009-1577
 	- cscope 15.6-1
-CVE-2009-1576 (Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before ...)
+CVE-2009-1576
 	{DSA-1792-1}
 	- drupal6 6.11-1 (bug #526378)
 	- drupal5 5.17-1
-CVE-2009-1575 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and ...)
+CVE-2009-1575
 	{DSA-1792-1}
 	- drupal6 6.11-1 (bug #526378)
 	- drupal5 5.17-1
-CVE-2009-1574 (racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote ...)
+CVE-2009-1574
 	{DSA-1804-1}
 	- ipsec-tools 1:0.7.1-1.4 (medium; bug #527634)
-CVE-2009-1571 (Use-after-free vulnerability in the HTML parser in Mozilla Firefox ...)
+CVE-2009-1571
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
 	- iceape 2.0.3-1
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
-CVE-2009-1570 (Integer overflow in the ReadImage function in ...)
+CVE-2009-1570
 	- gimp 2.6.7-1.1 (medium; bug #555929)
-CVE-2009-1569 (Multiple stack-based buffer overflows in Novell iPrint Client 4.38, ...)
+CVE-2009-1569
 	NOT-FOR-US: Novell iPrint Client
-CVE-2009-1568 (Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client ...)
+CVE-2009-1568
 	NOT-FOR-US: Novell iPrint Client
-CVE-2009-1567 (Multiple stack-based buffer overflows in the Lateral Arts Photobox ...)
+CVE-2009-1567
 	NOT-FOR-US: ActiveX
-CVE-2009-1566 (Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio ...)
+CVE-2009-1566
 	NOT-FOR-US: Roxio Easy Media Creator
-CVE-2009-1565 (vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 ...)
+CVE-2009-1565
 	NOT-FOR-US: VMware Movie Decoder
-CVE-2009-1564 (Heap-based buffer overflow in vmnc.dll in the VMnc media codec in ...)
+CVE-2009-1564
 	NOT-FOR-US: VMwar
 CVE-2009-1563
 	REJECTED
 CVE-2009-1562
 	RESERVED
-CVE-2009-1561 (Cross-site request forgery (CSRF) vulnerability in administration.cgi ...)
+CVE-2009-1561
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1560 (The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 ...)
+CVE-2009-1560
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1559 (Absolute path traversal vulnerability in adm/file.cgi on the Cisco ...)
+CVE-2009-1559
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1558 (Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys ...)
+CVE-2009-1558
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1557 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco ...)
+CVE-2009-1557
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1556 (img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with ...)
+CVE-2009-1556
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1555 (The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 ...)
+CVE-2009-1555
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1554 (Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun ...)
+CVE-2009-1554
 	NOT-FOR-US: Sun Woodstock
-CVE-2009-1553 (Multiple cross-site scripting (XSS) vulnerabilities in the Admin ...)
+CVE-2009-1553
 	NOT-FOR-US: Sun GlassFish Enterprise Server
-CVE-2009-1552 (Unspecified vulnerability in the IGMP driver in SCO Unixware Release ...)
+CVE-2009-1552
 	NOT-FOR-US: SCO UnixWare
-CVE-2009-1551 (Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 ...)
+CVE-2009-1551
 	NOT-FOR-US: Qt quickteam
-CVE-2009-1550 (Zakkis Technology ABC Advertise 1.0 does not properly restrict access ...)
+CVE-2009-1550
 	NOT-FOR-US: Zakkis Technology ABC Advertise
-CVE-2009-1549 (AGTC MyShop 3.2b allows remote attackers to bypass authentication and ...)
+CVE-2009-1549
 	NOT-FOR-US: AGTC MyShop
-CVE-2009-1548 (SQL injection vulnerability in index.php in BluSky CMS allows remote ...)
+CVE-2009-1548
 	NOT-FOR-US: BluSky CMS
 CVE-2009-XXXX [prelude-manager: password world-readable]
 	- prelude-manager <not-affected> (The postinst sets correct permissions, see bug #527344)
@@ -9608,63 +9608,63 @@ CVE-2009-XXXX [bash-completion: does not properly quote characters]
 	NOTE: adding this reference to track the fact that this has already been addressed by debian security
 	NOTE: fixed over a year ago in debian; but fedora finally got around to addressing the issue recently
 	NOTE: FEDORA-2009-3639 http://lwn.net/Articles/331605
-CVE-2009-1547 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, ...)
+CVE-2009-1547
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1546 (Integer overflow in Avifil32.dll in the Windows Media file handling ...)
+CVE-2009-1546
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1545 (Unspecified vulnerability in Avifil32.dll in the Windows Media file ...)
+CVE-2009-1545
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1544 (Double free vulnerability in the Workstation service in Microsoft ...)
+CVE-2009-1544
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-1543
 	REJECTED
-CVE-2009-1542 (The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, ...)
+CVE-2009-1542
 	NOT-FOR-US: Microsoft
 CVE-2009-1541
 	REJECTED
 CVE-2009-1540
 	REJECTED
-CVE-2009-1539 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in ...)
+CVE-2009-1539
 	NOT-FOR-US: Microsoft DirectX
-CVE-2009-1538 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in ...)
+CVE-2009-1538
 	NOT-FOR-US: Microsoft DirectX
-CVE-2009-1537 (Unspecified vulnerability in the QuickTime Movie Parser Filter in ...)
+CVE-2009-1537
 	NOT-FOR-US: Microsoft DirectX
-CVE-2009-1536 (ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and ...)
+CVE-2009-1536
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2009-1535 (The WebDAV extension in Microsoft Internet Information Services (IIS) ...)
+CVE-2009-1535
 	NOT-FOR-US: IIS
-CVE-2009-1534 (Buffer overflow in the Office Web Components ActiveX Control in ...)
+CVE-2009-1534
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-1533 (Buffer overflow in the Works for Windows document converters in ...)
+CVE-2009-1533
 	NOT-FOR-US: Microsoft
-CVE-2009-1532 (Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server ...)
+CVE-2009-1532
 	NOT-FOR-US: Microsoft
-CVE-2009-1531 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...)
+CVE-2009-1531
 	NOT-FOR-US: Microsoft
-CVE-2009-1530 (Use-after-free vulnerability in Microsoft Internet Explorer 7 for ...)
+CVE-2009-1530
 	NOT-FOR-US: Microsoft
-CVE-2009-1529 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...)
+CVE-2009-1529
 	NOT-FOR-US: Microsoft
-CVE-2009-1528 (Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and ...)
+CVE-2009-1528
 	NOT-FOR-US: Microsoft
-CVE-2009-1527 (Race condition in the ptrace_attach function in kernel/ptrace.c in the ...)
+CVE-2009-1527
 	- linux-2.6 2.6.29-5 (high)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
-CVE-2009-1526 (JBMC Software DirectAdmin before 1.334 allows local users to create or ...)
+CVE-2009-1526
 	NOT-FOR-US: Directadmin
-CVE-2009-1525 (CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote ...)
+CVE-2009-1525
 	NOT-FOR-US: Directadmin
-CVE-2009-1524 (Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before ...)
+CVE-2009-1524
 	- jetty 6.1.19-1 (low; bug #527571)
-CVE-2009-1523 (Directory traversal vulnerability in the HTTP server in Mort Bay Jetty ...)
+CVE-2009-1523
 	- jetty 6.1.19-1 (low; bug #528389)
-CVE-2009-1522 (The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through 5.5.1.17 ...)
+CVE-2009-1522
 	NOT-FOR-US: Tivoli
-CVE-2009-1521 (Unspecified vulnerability in the Java GUI in the IBM Tivoli Storage ...)
+CVE-2009-1521
 	NOT-FOR-US: Tivoli
-CVE-2009-1520 (Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) ...)
+CVE-2009-1520
 	NOT-FOR-US: Tivoli
 CVE-2009-XXXX [moin: XSS in AttachFile.py via attachements]
 	- moin 1.8.3-1 (low; bug #526594)
@@ -9672,264 +9672,264 @@ CVE-2009-XXXX [moin: XSS in AttachFile.py via attachements]
 	[etch] - moin <not-affected> (Vulnerable code not present)
 	NOTE: http://hg.moinmo.in/moin/1.8/rev/269a1fbc3ed7
 	NOTE: CVE id requested
-CVE-2009-1513 (Buffer overflow in the PATinst function in src/load_pat.cpp in ...)
+CVE-2009-1513
 	{DSA-1850-1}
 	- libmodplug 1:0.8.7-1 (medium; bug #526084)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code not present; bug #527077)
 	[etch] - libmodplug <not-affected> (Vulnerable code not present)
 	NOTE: gst-plugins-bad0.10 in testing and unstable builds against an external libmodplug.
-CVE-2009-1519 (Directory traversal vulnerability in index.php in Pecio CMS 1.1.5 ...)
+CVE-2009-1519
 	NOT-FOR-US: Pecio CMS
-CVE-2009-1518 (Cross-site request forgery (CSRF) vulnerability in Beltane before ...)
+CVE-2009-1518
 	NOT-FOR-US: Beltane
-CVE-2009-1517 (Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ...)
+CVE-2009-1517
 	NOT-FOR-US: ActiveX
-CVE-2009-1516 (Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX ...)
+CVE-2009-1516
 	NOT-FOR-US: ActiveX
-CVE-2009-1514 (Google Chrome 1.0.154.53 allows remote attackers to cause a denial of ...)
+CVE-2009-1514
 	- chromium-browser 5.0.375.38~r46659-1 (low)
 	NOTE: proof of concept maximum impact against webkit is dos-only
-CVE-2009-1573 (xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly ...)
+CVE-2009-1573
 	- xorg-server 2:1.6.1.901-3 (low; bug #526678)
 	[etch] - xorg-server <no-dsa> (minor issue)
 	[lenny] - xorg-server <no-dsa> (minor issue)
-CVE-2009-1515 (Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c ...)
+CVE-2009-1515
 	- file 5.02-1
 	[lenny] - file <not-affected> (Vulnerable code not present)
 	[etch] - file <not-affected> (Vulnerable code not present)
 	NOTE: code introduced in 5.xx series
-CVE-2009-1512 (Static code injection vulnerability in X-Forum 0.6.2 allows remote ...)
+CVE-2009-1512
 	NOT-FOR-US: X-Forum
-CVE-2009-1511 (GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a ...)
+CVE-2009-1511
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1510 (Multiple directory traversal vulnerabilities in KoschtIT Image Gallery ...)
+CVE-2009-1510
 	NOT-FOR-US: KoschtIT Image Gallery
-CVE-2009-1509 (SQL injection vulnerability in ajaxp_backend.php in MyioSoft ...)
+CVE-2009-1509
 	NOT-FOR-US: MyioSoft AjaxPortal
-CVE-2009-1508 (SQL injection vulnerability in the xforum_validateUser function in ...)
+CVE-2009-1508
 	NOT-FOR-US: X-Forum
-CVE-2009-1507 (The Node Access User Reference module 5.x before 5.x-2.0-beta4 and 6.x ...)
+CVE-2009-1507
 	NOT-FOR-US: Node Access User Reference module for Drupal
-CVE-2009-1506 (SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows ...)
+CVE-2009-1506
 	NOT-FOR-US: eLitius
-CVE-2009-1505 (SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 ...)
+CVE-2009-1505
 	NOT-FOR-US: News Page module for Drupal
-CVE-2009-1504 (Absolute Form Processor XE 1.5 allows remote attackers to bypass ...)
+CVE-2009-1504
 	NOT-FOR-US: Absolute Form Processor XE
-CVE-2009-1503 (Multiple SQL injection vulnerabilities in login.php in Tiger Document ...)
+CVE-2009-1503
 	NOT-FOR-US: Tiger Document Management System
-CVE-2009-1502 (Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable ...)
+CVE-2009-1502
 	NOT-FOR-US: S-Cms
-CVE-2009-1501 (Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x ...)
+CVE-2009-1501
 	NOT-FOR-US: EXIF module for Drupal
-CVE-2009-1500 (SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows ...)
+CVE-2009-1500
 	NOT-FOR-US: ProjectCMS
-CVE-2009-1499 (SQL injection vulnerability in the MailTo (aka com_mailto) component ...)
+CVE-2009-1499
 	NOT-FOR-US: com_mailto component for Joomla!
-CVE-2009-1498 (Directory traversal vulnerability in inc/profilemain.php in Game Maker ...)
+CVE-2009-1498
 	NOT-FOR-US: Game Maker 2k Internet Discussion Boards
-CVE-2009-1497 (Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie ...)
+CVE-2009-1497
 	NOT-FOR-US: GOM Player
-CVE-2009-1496 (Directory traversal vulnerability in the Cmi Marketplace ...)
+CVE-2009-1496
 	NOT-FOR-US: com_cmimarketplace component for Joomla!
-CVE-2009-1495 (Web File Explorer 3.1 stores sensitive information under the web root ...)
+CVE-2009-1495
 	NOT-FOR-US: Web File Explorer
-CVE-2009-1494 (The process_stat function in Memcached 1.2.8 discloses ...)
+CVE-2009-1494
 	- memcached 1.2.8-1 (low; bug #526554)
 	[lenny] - memcached <not-affected> (Affected compile-time options not set)
 	[etch] - memcached <not-affected> (Affected compile-time options not set)
-CVE-2009-1493 (The customDictionaryOpen spell method in the JavaScript API in Adobe ...)
+CVE-2009-1493
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1492 (The getAnnots Doc method in the JavaScript API in Adobe Reader and ...)
+CVE-2009-1492
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1491 (McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and ...)
+CVE-2009-1491
 	NOT-FOR-US: McAfee GroupShield for Microsoft Exchange
-CVE-2009-1490 (Heap-based buffer overflow in Sendmail before 8.13.2 allows remote ...)
+CVE-2009-1490
 	- sendmail 8.13.2-0
 CVE-2009-XXXX [samba: Account locking out doesnt work with an LDAP backend]
 	- samba 2:3.2.6 (bug #514151)
 	[lenny] - samba 2:3.2.5-4lenny1
 	[etch] - samba <not-affected> (Bug not yet present in Etch's version)
-CVE-2009-1572 (The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote ...)
+CVE-2009-1572
 	{DSA-1788-1}
 	- quagga 0.99.11-2 (high; bug #526270)
 	[lenny] - quagga 0.99.10-1lenny2
 	[etch] - quagga <not-affected> (no AS4 code)
-CVE-2009-1489 (includes/user.php in Fungamez RC1 allows remote attackers to bypass ...)
+CVE-2009-1489
 	NOT-FOR-US: Fungamez
-CVE-2009-1488 (Directory traversal vulnerability in admin/load.php in FunGamez RC1 ...)
+CVE-2009-1488
 	NOT-FOR-US: Fungamez
-CVE-2009-1487 (SQL injection vulnerability in pages/login.php in FunGamez RC1 allows ...)
+CVE-2009-1487
 	NOT-FOR-US: Fungamez
-CVE-2009-1486 (Directory traversal vulnerability in pmscript.php in Flatchat 3.0 ...)
+CVE-2009-1486
 	NOT-FOR-US: Flatchat
-CVE-2009-1485 (The logging feature in eMule Plus before 1.2e allows remote attackers ...)
+CVE-2009-1485
 	NOT-FOR-US: eMule Plus
-CVE-2009-1484 (Cross-site scripting (XSS) vulnerability in the web mail interface ...)
+CVE-2009-1484
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2009-1483 (Unrestricted file upload vulnerability in upload-file.php in Adam ...)
+CVE-2009-1483
 	NOT-FOR-US: Adam Patterson Studio Lounge Address Book
-CVE-2009-1482 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-1482
 	{DSA-1791-1}
 	- moin 1.8.3-1 (low; bug #526594)
 	[etch] - moin <not-affected> (Not exploitable)
 	NOTE: http://hg.moinmo.in/moin/1.8/rev/5f51246a4df1
-CVE-2009-1481 (SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) ...)
+CVE-2009-1481
 	NOT-FOR-US: PuterJam's Blog
-CVE-2009-1480 (SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows ...)
+CVE-2009-1480
 	NOT-FOR-US: Pragyan CMS
-CVE-2009-1479 (Directory traversal vulnerability in client/desktop/default.htm in ...)
+CVE-2009-1479
 	NOT-FOR-US: Boxalino
-CVE-2009-1478 (Multiple unspecified vulnerabilities in the DTrace ioctl handlers in ...)
+CVE-2009-1478
 	NOT-FOR-US: Solaris
-CVE-2009-1477 (The https web interfaces on the ATEN KH1516i IP KVM switch with ...)
+CVE-2009-1477
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2009-1476 (Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter ...)
+CVE-2009-1476
 	NOT-FOR-US: IPFilter
 CVE-2009-1475
 	RESERVED
-CVE-2009-1474 (The ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP ...)
+CVE-2009-1474
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2009-1473 (The (1) Windows and (2) Java client programs for the ATEN KH1516i IP ...)
+CVE-2009-1473
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2009-1472 (The Java client program for the ATEN KH1516i IP KVM switch with ...)
+CVE-2009-1472
 	NOT-FOR-US: ATEN IP KVM Switch
 CVE-2009-1471
 	RESERVED
 CVE-2009-1470
 	RESERVED
-CVE-2009-1469 (CRLF injection vulnerability in the Forgot Password implementation in ...)
+CVE-2009-1469
 	NOT-FOR-US: IceWarp
-CVE-2009-1468 (Multiple SQL injection vulnerabilities in the search form in ...)
+CVE-2009-1468
 	NOT-FOR-US: IceWarp
-CVE-2009-1467 (Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail ...)
+CVE-2009-1467
 	NOT-FOR-US: IceWarp
-CVE-2009-1466 (Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) ...)
+CVE-2009-1466
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2009-1465 (Application Access Server (A-A-S) 2.0.48 has &quot;wildbat&quot; as its default ...)
+CVE-2009-1465
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2009-1464 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-1464
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2009-1463 (Static code injection vulnerability in razorCMS before 0.4 allows ...)
+CVE-2009-1463
 	NOT-FOR-US: razorCMS
-CVE-2009-1462 (The Security Manager in razorCMS before 0.4 does not verify the ...)
+CVE-2009-1462
 	NOT-FOR-US: razorCMS
-CVE-2009-1461 (Cross-site scripting (XSS) vulnerability in the Create New Page form ...)
+CVE-2009-1461
 	NOT-FOR-US: razorCMS
-CVE-2009-1460 (razorCMS before 0.4 uses weak permissions for (1) ...)
+CVE-2009-1460
 	NOT-FOR-US: razorCMS
-CVE-2009-1459 (Cross-site request forgery (CSRF) vulnerability in razorCMS before 0.4 ...)
+CVE-2009-1459
 	NOT-FOR-US: razorCMS
-CVE-2009-1458 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
+CVE-2009-1458
 	NOT-FOR-US: razorCMS
-CVE-2009-1457 (Cross-site scripting (XSS) vulnerability in player.php in Nuke ...)
+CVE-2009-1457
 	NOT-FOR-US: Nuke Evolution Xtreme
-CVE-2009-1456 (Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows ...)
+CVE-2009-1456
 	NOT-FOR-US: Malleo
-CVE-2009-1455 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-1455
 	NOT-FOR-US: WebCollab
-CVE-2009-1454 (Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab ...)
+CVE-2009-1454
 	NOT-FOR-US: WebCollab
-CVE-2009-1453 (SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 ...)
+CVE-2009-1453
 	NOT-FOR-US: Tiny Blogr
-CVE-2009-1452 (Multiple PHP remote file inclusion vulnerabilities in theme/format.php ...)
+CVE-2009-1452
 	NOT-FOR-US: SMA-DB
-CVE-2009-1451 (Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB ...)
+CVE-2009-1451
 	NOT-FOR-US: SMA-DB
-CVE-2009-1450 (PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 ...)
+CVE-2009-1450
 	NOT-FOR-US: SMA-DB
-CVE-2009-1449 (Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka ...)
+CVE-2009-1449
 	NOT-FOR-US: CoolPlayer
-CVE-2009-1448 (Cross-site scripting (XSS) vulnerability in apricot.php in LovPop.net ...)
+CVE-2009-1448
 	NOT-FOR-US: LovPop.net
-CVE-2009-1447 (Unrestricted file upload vulnerability in admin/editor/image.php in ...)
+CVE-2009-1447
 	NOT-FOR-US: e-cart.biz Free Shopping Car
-CVE-2009-1446 (Unrestricted file upload vulnerability in upload.php in Elkagroup ...)
+CVE-2009-1446
 	NOT-FOR-US: Elkagroup Image Gallery
-CVE-2009-1445 (Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta ...)
+CVE-2009-1445
 	NOT-FOR-US: WebPortal CMS
-CVE-2009-1444 (PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS ...)
+CVE-2009-1444
 	NOT-FOR-US: WebPortal CMS
-CVE-2009-1443 (Multiple unspecified vulnerabilities in the Server component in OCS ...)
+CVE-2009-1443
 	- ocsinventory-server 1.02-1 (unimportant)
 	NOTE: Only supported in trusted environments, see debtags
-CVE-2009-1442 (Multiple integer overflows in Skia, as used in Google Chrome 1.x ...)
+CVE-2009-1442
 	NOT-FOR-US: skia
-CVE-2009-1441 (Heap-based buffer overflow in the ParamTraits&lt;SkBitmap&gt;::Read function ...)
+CVE-2009-1441
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-1439 (Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel ...)
+CVE-2009-1439
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-2 (bug #523365)
 	- linux-2.6.24 <removed>
-CVE-2009-1438 (Integer overflow in the CSoundFile::ReadMed function ...)
+CVE-2009-1438
 	{DSA-1851-1 DSA-1850-1}
 	- libmodplug 1:0.8.7-1 (low; bug #526657; bug #527076)
 	- gst-plugins-bad0.10 0.10.10.2-1 (bug #527075)
 	NOTE: gstreamer in unstable dynamically linked to external libmodplug
-CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka ...)
+CVE-2009-1437
 	NOT-FOR-US: CoolPlayer
-CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and ...)
+CVE-2009-1436
 	- kfreebsd-7 <not-affected> (Debian/kfreebsd uses glibc)
-CVE-2009-1435 (NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 ...)
+CVE-2009-1435
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2009-1434 (Cross-site request forgery (CSRF) vulnerability in Foswiki before ...)
+CVE-2009-1434
 	- foswiki <itp> (bug #509864)
-CVE-2009-1433 (SQL injection vulnerability in File::find (filesystem/File.php) in ...)
+CVE-2009-1433
 	NOT-FOR-US: SilverStripe
-CVE-2009-1432 (Symantec Reporting Server, as used in Symantec AntiVirus (SAV) ...)
+CVE-2009-1432
 	NOT-FOR-US: Symantec
-CVE-2009-1431 (XFR.EXE in the Intel File Transfer service in the console in Symantec ...)
+CVE-2009-1431
 	NOT-FOR-US: Symantec
-CVE-2009-1430 (Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert ...)
+CVE-2009-1430
 	NOT-FOR-US: Symantec
-CVE-2009-1429 (The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management ...)
+CVE-2009-1429
 	NOT-FOR-US: Symantec
-CVE-2009-1428 (Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in ...)
+CVE-2009-1428
 	NOT-FOR-US: Symantec
-CVE-2009-1427 (Unspecified vulnerability in HP-UX B.11.31 allows local users to cause ...)
+CVE-2009-1427
 	NOT-FOR-US: HP-UX
-CVE-2009-1426 (Unspecified vulnerability on HP ProLiant DL and ML 100 Series G5, G5p, ...)
+CVE-2009-1426
 	NOT-FOR-US: HP ProLiant
-CVE-2009-1425 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
+CVE-2009-1425
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1424 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
+CVE-2009-1424
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1423 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
+CVE-2009-1423
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1422 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
+CVE-2009-1422
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1421 (Unspecified vulnerability in NFS / ONCplus B.11.31_06 and B.11.31_07 ...)
+CVE-2009-1421
 	NOT-FOR-US: ONCplus on HP HP-UX
-CVE-2009-1420 (Stack-based buffer overflow in rping in HP OpenView Network Node ...)
+CVE-2009-1420
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-1419 (Unspecified vulnerability in HP Discovery &amp; Dependency Mapping ...)
+CVE-2009-1419
 	NOT-FOR-US: HP Discovery & Dependency Mapping Inventory
-CVE-2009-1418 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2009-1418
 	NOT-FOR-US: HP System Management Homepage
-CVE-2009-1417 (gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and ...)
+CVE-2009-1417
 	- gnutls26 2.6.6-1 (low; bug #528281)
 	[lenny] - gnutls26 <no-dsa> (Minor issue, explicitly labeled as a test program)
 	- gnutls13 <removed>
 	[etch] - gnutls13 <no-dsa> (Minor issue, explicitly labeled as a test program)
-CVE-2009-1416 (lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates ...)
+CVE-2009-1416
 	- gnutls26 2.6.6-1 (medium)
 	- gnutls13 <removed>
 	[lenny] - gnutls26 <not-affected> (Vulnerable code not present, only affects 2.6.x)
 	[etch] - gnutls13 <not-affected> (Vulnerable code not present, only affects 2.6.x)
-CVE-2009-1415 (lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not ...)
+CVE-2009-1415
 	- gnutls26 2.6.6-1 (medium)
 	- gnutls13 <removed>
 	[lenny] - gnutls26 <not-affected> (Vulnerable code not present)
 	[etch] - gnutls26 <not-affected> (Vulnerable code not present)
 	[etch] - gnutls13 <not-affected> (Vulnerable code not present, only affects 2.6.x)
-CVE-2009-1414 (Google Chrome 2.0.x lets modifications to the global object persist ...)
+CVE-2009-1414
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (doesn't have a 'chromehtml' handler)
-CVE-2009-1413 (Google Chrome 1.0.x does not cancel timeouts upon a page transition, ...)
+CVE-2009-1413
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (doesn't have a 'chromehtml' handler)
-CVE-2009-1412 (Argument injection vulnerability in the chromehtml: protocol handler ...)
+CVE-2009-1412
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (doesn't have a 'chromehtml' handler)
 CVE-2009-XXXX [iodine: DoS against iodined triggerable by authenticated users]
@@ -9954,447 +9954,447 @@ CVE-2009-1396
 	RESERVED
 CVE-2009-1395
 	RESERVED
-CVE-2009-1394 (Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows ...)
+CVE-2009-1394
 	NOT-FOR-US: Motorola Timbuktu Pro
 CVE-2009-1393
 	RESERVED
-CVE-2009-1392 (The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird ...)
+CVE-2009-1392
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1391 (Off-by-one error in the inflate function in Zlib.xs in ...)
+CVE-2009-1391
 	- perl 5.10.0-23 (low; bug #532736)
 	[etch] - perl <not-affected> (Doesn't yet include Compress-Raw-Zlib)
 	- libcompress-raw-zlib-perl 2.015-2 (low; bug #532738)
 	[lenny] - libcompress-raw-zlib-perl 2.012-1lenny1
 	[lenny] - perl 5.10.0-19lenny1
-CVE-2009-1390 (Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) ...)
+CVE-2009-1390
 	- mutt 1.5.20-1
 	[lenny] - mutt <not-affected> (Affected code was introduced in 1.5.19)
 	[etch] - mutt <not-affected> (Affected code was introduced in 1.5.19)
 	[squeeze] - mutt <not-affected> (Affected code was introduced in 1.5.19)
-CVE-2009-1389 (Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the ...)
+CVE-2009-1389
 	{DSA-1865-1 DSA-1844-1}
 	- linux-2.6 2.6.26-16 (high; bug #532376)
 	- linux-2.6.24 <removed>
 	NOTE: potential for kernel memory corruption by remote attacker
-CVE-2009-1388 (The ptrace_start function in kernel/ptrace.c in the Linux kernel ...)
+CVE-2009-1388
 	- linux-2.6 <not-affected> (problem in redhat-specific kernel patches)
 	- linux-2.6.24 <not-affected> (problem in redhat-specific kernel patches)
-CVE-2009-1387 (The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in ...)
+CVE-2009-1387
 	- openssl 0.9.8k-2 (low; bug #532037)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1386 (ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause ...)
+CVE-2009-1386
 	- openssl 0.9.8k-1 (low; bug #532037)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1385 (Integer underflow in the e1000_clean_rx_irq function in ...)
+CVE-2009-1385
 	{DSA-1865-1 DSA-1844-1}
 	- linux-2.6 2.6.26-16 (low; bug #532721)
 	- linux-2.6.24 <removed>
-CVE-2009-1384 (pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux ...)
+CVE-2009-1384
 	- libpam-krb5 <not-affected> (different code base than Debian's libpam-krb5)
-CVE-2009-1383 (The getdirective function in mathtex.cgi in mathTeX, when downloaded ...)
+CVE-2009-1383
 	- mathtex 1.03-1 (medium; bug #537258)
-CVE-2009-1382 (Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when ...)
+CVE-2009-1382
 	{DSA-1917-1}
 	- mimetex 1.50-1.1 (medium; bug #537254)
-CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in ...)
+CVE-2009-1381
 	{DSA-1802-2}
 	- squirrelmail 2:1.4.19-1
-CVE-2009-1380 (Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in ...)
+CVE-2009-1380
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-1379 (Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment ...)
+CVE-2009-1379
 	- openssl 0.9.8k-1 (low; bug #530400)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1378 (Multiple memory leaks in the dtls1_process_out_of_seq_message function ...)
+CVE-2009-1378
 	- openssl 0.9.8k-1 (low; bug #530400)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1377 (The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and ...)
+CVE-2009-1377
 	- openssl 0.9.8k-1 (low; bug #530400)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1376 (Multiple integer overflows in the msn_slplink_process_msg functions in ...)
+CVE-2009-1376
 	{DSA-1805-1}
 	- pidgin 2.5.6-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (Only a transitional package)
-CVE-2009-1375 (The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before ...)
+CVE-2009-1375
 	{DSA-1805-1}
 	- pidgin 2.5.6-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (Only a transitional package)
-CVE-2009-1374 (Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) ...)
+CVE-2009-1374
 	- pidgin 2.5.6-1
 	[lenny] - pidgin <not-affected> (QQ support not yet present)
 	- gaim <not-affected> (QQ support not yet present)
-CVE-2009-1373 (Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin ...)
+CVE-2009-1373
 	{DSA-1805-1}
 	- pidgin 2.5.6-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (Only a transitional package)
-CVE-2009-1365 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before ...)
+CVE-2009-1365
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2009-1364 (Use-after-free vulnerability in the embedded GD library in libwmf ...)
+CVE-2009-1364
 	{DSA-1796-1}
 	- libwmf 0.2.8.4-6.1 (low; bug #526434)
 CVE-2009-1363
 	RESERVED
-CVE-2009-1360 (The __inet6_check_established function in net/ipv6/inet6_hashtables.c ...)
+CVE-2009-1360
 	- linux-2.6 2.6.29-1 (low; bug #529342)
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.27)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
 	- linux-2.6.24 <not-affected> (Introduced in 2.6.27)
-CVE-2009-1411 (SQL injection vulnerability in events/inc/events.inc.php in the Events ...)
+CVE-2009-1411
 	NOT-FOR-US: Seditio CMS
-CVE-2009-1410 (SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows ...)
+CVE-2009-1410
 	NOT-FOR-US: Quick.Cms.Lite
-CVE-2009-1409 (SQL injection vulnerability in usersettings.php in e107 0.7.15 and ...)
+CVE-2009-1409
 	NOT-FOR-US: e107
-CVE-2009-1408 (Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows ...)
+CVE-2009-1408
 	NOT-FOR-US: webSPELL
-CVE-2009-1407 (Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows ...)
+CVE-2009-1407
 	NOT-FOR-US: NotFTP
-CVE-2009-1406 (Directory traversal vulnerability in cms_detect.php in TotalCalendar ...)
+CVE-2009-1406
 	NOT-FOR-US: TotalCalendar
-CVE-2009-1405 (Directory traversal vulnerability in index.php in PastelCMS 0.8.0, ...)
+CVE-2009-1405
 	NOT-FOR-US: PastelCMS
-CVE-2009-1404 (SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when ...)
+CVE-2009-1404
 	NOT-FOR-US: PastelCMS
-CVE-2009-1403 (SQL injection vulnerability in product_info.php in CRE Loaded 6.2 ...)
+CVE-2009-1403
 	NOT-FOR-US: CRE Loaded
-CVE-2009-1370 (Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video ...)
+CVE-2009-1370
 	NOT-FOR-US: Xilisoft Video Converter
-CVE-2009-1369 (moziloCMS 1.11 allows remote attackers to obtain sensitive information ...)
+CVE-2009-1369
 	NOT-FOR-US: moziloCMS
-CVE-2009-1368 (Directory traversal vulnerability in index.php in moziloCMS 1.11 ...)
+CVE-2009-1368
 	NOT-FOR-US: moziloCMS
-CVE-2009-1367 (Cross-site scripting (XSS) vulnerability in index.php in moziloCMS ...)
+CVE-2009-1367
 	NOT-FOR-US: moziloCMS
-CVE-2009-1366 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-1366
 	NOT-FOR-US: DotNetNuke
-CVE-2009-1362 (SQL injection vulnerability in administration/index.php in chCounter ...)
+CVE-2009-1362
 	NOT-FOR-US: chCounter
-CVE-2009-1361 (dig.php in GScripts.net DNS Tools allows remote attackers to execute ...)
+CVE-2009-1361
 	NOT-FOR-US: GScripts.net DNS Tools
-CVE-2009-1359 (Unspecified vulnerability in the SCTP sockets implementation in Sun ...)
+CVE-2009-1359
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-1357 (CRLF injection vulnerability in da/DA/Login in Sun Java System ...)
+CVE-2009-1357
 	NOT-FOR-US: Sun Java System Delegated Administrator
-CVE-2009-1356 (Stack-based buffer overflow in Elecard AVC HD Player allows remote ...)
+CVE-2009-1356
 	NOT-FOR-US: Elecard AVC HD Player
-CVE-2009-1355 (Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 ...)
+CVE-2009-1355
 	NOT-FOR-US: IBM AIX
-CVE-2009-1354 (Directory traversal vulnerability in Mongoose 2.4 allows remote ...)
+CVE-2009-1354
 	NOT-FOR-US: Mongoose
-CVE-2009-1353 (Buffer overflow in the http_parse_hex function in libz/misc.c in ...)
+CVE-2009-1353
 	NOT-FOR-US: Zervit Webserver
-CVE-2009-1352 (Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote ...)
+CVE-2009-1352
 	NOT-FOR-US: PowerCHM
-CVE-2009-1351 (Heap-based buffer overflow in Apollo 37zz allows remote attackers to ...)
+CVE-2009-1351
 	NOT-FOR-US: Apollo 37zz
-CVE-2009-1350 (Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client ...)
+CVE-2009-1350
 	NOT-FOR-US: Novell NetIdentity Client
-CVE-2009-1349 (Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 ...)
+CVE-2009-1349
 	NOT-FOR-US: C2Net Stronghold
-CVE-2009-1358 (apt-get in apt before 0.7.21 does not check for the correct error code ...)
+CVE-2009-1358
 	{DSA-1779-1 DTSA-199-1}
 	- apt 0.7.21 (bug #433091)
-CVE-2009-1440 (Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule ...)
+CVE-2009-1440
 	{DSA-1821-1}
 	- amule 2.2.5-1.1 (low; bug #525078)
 	[etch] - amule <not-affected> (Doesn't support preview of complete files, which is the vulnerable part)
-CVE-2009-1348 (The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, ...)
+CVE-2009-1348
 	NOT-FOR-US: Various AV junk
-CVE-2009-1347 (Multiple SQL injection vulnerabilities in stats/index.php in chCounter ...)
+CVE-2009-1347
 	NOT-FOR-US: chCounter
-CVE-2009-1346 (SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 ...)
+CVE-2009-1346
 	NOT-FOR-US: NetHoteles
-CVE-2009-1345 (SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows ...)
+CVE-2009-1345
 	NOT-FOR-US: cpCommerce
-CVE-2009-1344 (Cross-site scripting (XSS) vulnerability in the Localization client ...)
+CVE-2009-1344
 	NOT-FOR-US: Localization client for drupal
-CVE-2009-1343 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, ...)
+CVE-2009-1343
 	NOT-FOR-US: Print module for Drupal
-CVE-2009-1342 (Cross-site scripting (XSS) vulnerability in the CCK comment reference ...)
+CVE-2009-1342
 	NOT-FOR-US: CCK comment module for Drupal
 CVE-2009-XXXX [git-core in Debian has non-root-owned files under /usr]
 	- git-core 1:1.6.2.1-1 (bug #516669)
 	[lenny] - git-core 1:1.5.6.5-3+lenny3.2
 	NOTE: fixed accidently through spu
-CVE-2009-1341 (Memory leak in the dequote_bytea function in quote.c in the DBD::Pg ...)
+CVE-2009-1341
 	{DSA-1780-1}
 	- libdbd-pg-perl 2.1.3-1
 CVE-2009-1340
 	RESERVED
-CVE-2009-1339 (Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.1 ...)
+CVE-2009-1339
 	- twiki <removed> (bug #526258)
 	NOTE: We should probably request removal from unstable, replaced by foswiki
-CVE-2009-1338 (The kill_something_info function in kernel/signal.c in the Linux ...)
+CVE-2009-1338
 	{DSA-1800-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2009-1337 (The exit_notify function in kernel/exit.c in the Linux kernel before ...)
+CVE-2009-1337
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-5
 	- linux-2.6.24 <removed>
-CVE-2009-1336 (fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly ...)
+CVE-2009-1336
 	{DSA-1794-1}
 	- linux-2.6 2.6.23-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2009-1335 (Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows ...)
+CVE-2009-1335
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1334 (Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html ...)
+CVE-2009-1334
 	NOT-FOR-US: IBM Tivoli Continuous Data Protection
-CVE-2009-1333 (Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the ...)
+CVE-2009-1333
 	NOT-FOR-US: HP Deskjet
-CVE-2009-1332 (The Online Help feature in Sun Java System Directory Server 5.2 and ...)
+CVE-2009-1332
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2009-1331 (Integer overflow in Microsoft Windows Media Player (WMP) ...)
+CVE-2009-1331
 	NOT-FOR-US: Windows Media Player
 CVE-2009-XXXX [pptp-linux: unrestrictive pptpsetup permissions]
 	- pptp-linux 1.7.2-3 (low; bug #523476)
 	[lenny] - pptp-linux <no-dsa> (Minor issue)
 	[etch] - pptp-linux <no-dsa> (Minor issue)
-CVE-2009-1330 (Stack-based buffer overflow in Easy RM to MP3 Converter allows remote ...)
+CVE-2009-1330
 	NOT-FOR-US: Easy RM to MP3 Converter
-CVE-2009-1329 (Stack-based buffer overflow in Mini-stream Shadow Stream Recorder ...)
+CVE-2009-1329
 	NOT-FOR-US: Mini-stream
-CVE-2009-1328 (Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 ...)
+CVE-2009-1328
 	NOT-FOR-US: Mini-stream
-CVE-2009-1327 (Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 ...)
+CVE-2009-1327
 	NOT-FOR-US: Mini-stream
-CVE-2009-1326 (Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 ...)
+CVE-2009-1326
 	NOT-FOR-US: Mini-stream
-CVE-2009-1325 (Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows ...)
+CVE-2009-1325
 	NOT-FOR-US: Mini-stream
-CVE-2009-1324 (Stack-based buffer overflow in Mini-stream ASX to MP3 Converter ...)
+CVE-2009-1324
 	NOT-FOR-US: Mini-stream
-CVE-2009-1323 (SQL injection vulnerability in body.asp in Web File Explorer 3.1 ...)
+CVE-2009-1323
 	NOT-FOR-US: Web File Explorer
-CVE-2009-1322 (ASP Product Catalog 1.0 stores sensitive information under the web ...)
+CVE-2009-1322
 	NOT-FOR-US: ASP Product Catalog
-CVE-2009-1321 (Cross-site scripting (XSS) vulnerability in search.asp in ASP Product ...)
+CVE-2009-1321
 	NOT-FOR-US: ASP Product Catalog
-CVE-2009-1320 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-1320
 	NOT-FOR-US: Zazzle Store Builder
-CVE-2009-1319 (Directory traversal vulnerability in includes/ini.inc.php in GuestCal ...)
+CVE-2009-1319
 	NOT-FOR-US: GuestCal
-CVE-2009-1318 (Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 ...)
+CVE-2009-1318
 	NOT-FOR-US: Jamroom
-CVE-2009-1317 (Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when ...)
+CVE-2009-1317
 	NOT-FOR-US: Aqua CMS
-CVE-2009-1316 (Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote ...)
+CVE-2009-1316
 	NOT-FOR-US: AbleSpace
-CVE-2009-1315 (Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 ...)
+CVE-2009-1315
 	NOT-FOR-US: Ablespace
-CVE-2009-1314 (body.asp in Web File Explorer 3.1 allows remote attackers to create ...)
+CVE-2009-1314
 	NOT-FOR-US: Web File Explorer
-CVE-2009-1313 (The nsTextFrame::ClearTextRun function in ...)
+CVE-2009-1313
 	- xulrunner 1.9.0.10-1 (low)
 	[etch] - xulrunner <not-affected> (introduced in 1.9.0.9)
 	[lenny] - xulrunner <not-affected> (introduced in 1.9.0.9)
-CVE-2009-1312 (Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block ...)
+CVE-2009-1312
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer <unfixed> (unimportant)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-1311 (Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow ...)
+CVE-2009-1311
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-3
-CVE-2009-1310 (Cross-site scripting (XSS) vulnerability in the MozSearch plugin ...)
+CVE-2009-1310
 	{DSA-1886-1}
 	- iceweasel 3.0.9-1
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1309 (Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not ...)
+CVE-2009-1309
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer <unfixed> (unimportant)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-1308 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2009-1308
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1307 (The view-source: URI implementation in Mozilla Firefox before 3.0.9, ...)
+CVE-2009-1307
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1306 (The jar: URI implementation in Mozilla Firefox before 3.0.9, ...)
+CVE-2009-1306
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1305 (The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird ...)
+CVE-2009-1305
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer <unfixed> (unimportant)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-1304 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird ...)
+CVE-2009-1304
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1303 (The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before ...)
+CVE-2009-1303
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1302 (The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird ...)
+CVE-2009-1302
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1301 (Integer signedness error in the store_id3_text function in the ID3v2 ...)
+CVE-2009-1301
 	- mpg123 1.7.2-1 (low)
 	[etch] - mpg123 <no-dsa> (Minor issue)
 	[lenny] - mpg123 <no-dsa> (Minor issue)
 	NOTE: http://secunia.com/advisories/34587/3/
 	NOTE: unlike secunia states I can't see that this allows code execution but is just an invalid read
 	NOTE: crashing the application
-CVE-2009-1300 (apt 0.7.20 does not check when the date command returns an &quot;invalid ...)
+CVE-2009-1300
 	{DSA-1779-1 DTSA-199-1}
 	- apt 0.7.21 (bug #523213)
-CVE-2009-1299 (The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 ...)
+CVE-2009-1299
 	{DSA-2017-1}
 	- pulseaudio 0.9.21-1.1 (bug #573615)
-CVE-2009-1298 (The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux ...)
+CVE-2009-1298
 	{DTSA-204-1}
 	- linux-2.6 2.6.32-1 (low)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.29)
-CVE-2009-1297 (iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and ...)
+CVE-2009-1297
 	- open-iscsi 2.0.871-1 (low; bug #547011)
 	[lenny] - open-iscsi 2.0.870~rc3-0.4.1
 	[etch] - open-iscsi <not-affected> (Vulnerable script not yet present)
-CVE-2009-1296 (The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on ...)
+CVE-2009-1296
 	- ecryptfs-utils 75-2 (unimportant; bug #532372)
 	NOTE: this is a non-issue as the debian installer doesn't support per user
 	NOTE: encrypted home directories with ecryptfs, so no passphrase is stored in the
 	NOTE: installer logs on disk
-CVE-2009-1295 (Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu ...)
+CVE-2009-1295
 	[experimental] - apport <not-affected> (Fixed before initial upload into Debian)
-CVE-2009-1294 (Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home ...)
+CVE-2009-1294
 	NOT-FOR-US: Novell Teaming
-CVE-2009-1293 (The web login functionality (c/portal/login) in Novell Teaming 1.0 ...)
+CVE-2009-1293
 	NOT-FOR-US: Novell Teaming
-CVE-2009-1292 (UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x ...)
+CVE-2009-1292
 	NOT-FOR-US: ClearCase
-CVE-2009-1371 (The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before ...)
+CVE-2009-1371
 	{DSA-1771-1}
 	- clamav 0.95.1+dfsg-1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=1552
-CVE-2009-1372 (Stack-based buffer overflow in the cli_url_canon function in ...)
+CVE-2009-1372
 	- clamav 0.95.1+dfsg-1
 	[etch] - clamav <not-affected> (vulnerable code not present)
 	[lenny] - clamav <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=1552
-CVE-2009-1291 (Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, ...)
+CVE-2009-1291
 	NOT-FOR-US: SmartSockets
-CVE-2009-1290 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2009-1290
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-1289 (private/login.ssi in the Advanced Management Module (AMM) on the IBM ...)
+CVE-2009-1289
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-1288 (Multiple cross-site scripting (XSS) vulnerabilities in the Advanced ...)
+CVE-2009-1288
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-1287 (Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge ...)
+CVE-2009-1287
 	NOT-FOR-US: Cisco Subscriber Edge Services Manager
-CVE-2009-1286 (The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 ...)
+CVE-2009-1286
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2009-1285 (Static code injection vulnerability in the getConfigFile function in ...)
+CVE-2009-1285
 	- phpmyadmin 4:3.1.3.2-1 (unimportant; bug #524804)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-1284 (Buffer overflow in BibTeX 0.99 allows context-dependent attackers to ...)
+CVE-2009-1284
 	- texlive-bin 2009-1 (low; bug #520920)
 	[etch] - texlive-bin <no-dsa> (Minor issue)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=492136
-CVE-2009-1283 (glFusion before 1.1.3 performs authentication with a user-provided ...)
+CVE-2009-1283
 	NOT-FOR-US: glFusion
-CVE-2009-1282 (SQL injection vulnerability in private/system/lib-session.php in ...)
+CVE-2009-1282
 	NOT-FOR-US: glFusion
-CVE-2009-1281 (Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 ...)
+CVE-2009-1281
 	NOT-FOR-US: glFusion
-CVE-2009-1280 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2009-1280
 	NOT-FOR-US: Joomla!
-CVE-2009-1279 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 ...)
+CVE-2009-1279
 	NOT-FOR-US: Joomla!
-CVE-2009-1278 (Static code injection vulnerability in forms/ajax/configure.php in ...)
+CVE-2009-1278
 	NOT-FOR-US: Gravity Board
-CVE-2009-1277 (SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 ...)
+CVE-2009-1277
 	NOT-FOR-US: Gravity Board
-CVE-2009-1276 (XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and ...)
+CVE-2009-1276
 	NOT-FOR-US: Sun Solaris
-CVE-2009-1275 (Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other ...)
+CVE-2009-1275
 	- tiles 2.2.0-1
-CVE-2009-1273 (pam_ssh 1.92 and possibly other versions, as used when PAM is compiled ...)
+CVE-2009-1273
 	- libpam-ssh 1.92-7 (low; bug #535877)
 	[etch] - libpam-ssh <no-dsa> (Minor issue)
 	[lenny] - libpam-ssh 1.91.0-9.3+lenny1
-CVE-2009-1272 (The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x ...)
+CVE-2009-1272
 	{DTSA-188-1}
 	- php5 5.2.6.dfsg.1-3
 	[etch] - php5 <not-affected> (this is caused by the fix for CVE-2008-5658, which was not applied to php4)
 	- php4 <not-affected> (this is caused by the fix for CVE-2008-5658, which was not applied to php4)
-CVE-2009-1271 (The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before ...)
+CVE-2009-1271
 	{DSA-1789-1 DSA-1775-1}
 	- php5 5.2.9.dfsg.1-1
 	- php4 <not-affected> (the JSON extension was introduced in php5.2)
 	- php-json-ext <unfixed>
-CVE-2009-1269 (Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows ...)
+CVE-2009-1269
 	{DSA-1785-1}
 	- wireshark 1.0.7-1 (low)
 	[etch] - wireshark <not-affected> (Vulnerable code not present; introduced in 0.99.6)
-CVE-2009-1268 (The Check Point High-Availability Protocol (CPHAP) dissector in ...)
+CVE-2009-1268
 	{DSA-1785-1}
 	- wireshark 1.0.7-1 (low)
 	[etch] - wireshark 0.99.4-5.etch.4
-CVE-2009-1267 (Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 ...)
+CVE-2009-1267
 	- wireshark <not-affected> (Only affects Wireshark on Windows)
-CVE-2009-1266 (Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact ...)
+CVE-2009-1266
 	NOTE: Dupe of CVE-2009-1210
-CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux ...)
+CVE-2009-1265
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-4
 	- linux-2.6.24 <removed>
-CVE-2009-1264 (Frontend User Registration (sr_feuser_register) extension 2.5.20 and ...)
+CVE-2009-1264
 	NOT-FOR-US: Frontend User Registration (sr_feuser_register) extension
-CVE-2009-1263 (SQL injection vulnerability in sub_commententry.php in the BookJoomlas ...)
+CVE-2009-1263
 	NOT-FOR-US: Joomla!
-CVE-2009-1262 (Format string vulnerability in Fortinet FortiClient 3.0.614, and ...)
+CVE-2009-1262
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2009-1261 (Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk ...)
+CVE-2009-1261
 	NOT-FOR-US: Web Help Desk
-CVE-2009-1260 (Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and ...)
+CVE-2009-1260
 	NOT-FOR-US: UltraISO
-CVE-2009-1259 (SQL injection vulnerability in inc/bb/topic.php in Insane Visions ...)
+CVE-2009-1259
 	NOT-FOR-US: Insane Visions AdaptBB
-CVE-2009-1258 (SQL injection vulnerability in the RD-Autos (com_rdautos) component ...)
+CVE-2009-1258
 	NOT-FOR-US: Joomla!
-CVE-2009-1257 (Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows ...)
+CVE-2009-1257
 	NOT-FOR-US: Magic ISO Maker
-CVE-2009-1256 (SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to ...)
+CVE-2009-1256
 	NOT-FOR-US: FlexCMS
-CVE-2009-1255 (The process_stat function in (1) Memcached before 1.2.8 and (2) ...)
+CVE-2009-1255
 	- memcached 1.2.8-1 (low)
 	[etch] - memcached <no-dsa> (Minor issue)
 	[lenny] - memcached <no-dsa> (Minor issue)
@@ -10403,183 +10403,183 @@ CVE-2009-1255 (The process_stat function in (1) Memcached before 1.2.8 and (2) .
 	[squeeze] - memcachedb <no-dsa> (Minor issue)
 	NOTE: why are weaknesses in security hardening features like ASLR considered minor?
 	NOTE: even though this is not directly a vulnerability itself, part of this application's armor is now missing; making it easier for unknown vulnerabilities to be effective.
-CVE-2009-1270 (libclamav/untar.c in ClamAV before 0.95 allows remote attackers to ...)
+CVE-2009-1270
 	{DSA-1771-1}
 	- clamav 0.95.1+dfsg-1 (medium; bug #523016)
-CVE-2009-1254 (James Stone Tunapie 2.1 allows remote attackers to execute arbitrary ...)
+CVE-2009-1254
 	{DSA-1764-1}
 	- tunapie 2.1.17-1
-CVE-2009-1253 (James Stone Tunapie 2.1 allows local users to overwrite arbitrary ...)
+CVE-2009-1253
 	{DSA-1764-1}
 	- tunapie 2.1.17-1
-CVE-2009-1252 (Stack-based buffer overflow in the crypto_recv function in ...)
+CVE-2009-1252
 	{DSA-1801-1}
 	- ntp 1:4.2.4p6+dfsg-2 (high; bug #525373)
 	NOTE: VU#853097
-CVE-2009-1251 (Heap-based buffer overflow in the cache manager in the client in ...)
+CVE-2009-1251
 	{DSA-1768-1}
 	- openafs 1.4.10+dfsg1-1
-CVE-2009-1250 (The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 ...)
+CVE-2009-1250
 	{DSA-1768-1}
 	- openafs 1.4.10+dfsg1-1
 	[etch] - openafs 1.4.2-6etch3
-CVE-2009-1249 (Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x ...)
+CVE-2009-1249
 	NOT-FOR-US: Feed element mapper for Drupal
-CVE-2009-1248 (Multiple PHP remote file inclusion vulnerabilities in Acute Control ...)
+CVE-2009-1248
 	NOT-FOR-US: Acute Control Panel
-CVE-2009-1247 (SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 ...)
+CVE-2009-1247
 	NOT-FOR-US: Acute Control Panel
-CVE-2009-1246 (Multiple directory traversal vulnerabilities in Blogplus 1.0 allow ...)
+CVE-2009-1246
 	NOT-FOR-US: Blogplus
-CVE-2009-1245 (Multiple SQL injection vulnerabilities in the insert_to_pastebin ...)
+CVE-2009-1245
 	NOT-FOR-US: CCCP Community Clan Portal Pastebin
-CVE-2009-1244 (Unspecified vulnerability in the virtual machine display function in ...)
+CVE-2009-1244
 	NOT-FOR-US: VMware
-CVE-2009-1243 (net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an ...)
+CVE-2009-1243
 	- linux-2.6 <not-affected> (Issue was introduced after 2.6.27 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.27 release)
-CVE-2009-1242 (The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX ...)
+CVE-2009-1242
 	{DSA-1800-1 DSA-1787-1}
 	- linux-2.6 2.6.30-1
 	[etch] - linux-2.6 <not-affected> (Doesn't include KVM yet)
 	- linux-2.6.24 <removed>
-CVE-2009-1241 (Unspecified vulnerability in ClamAV before 0.95 allows remote ...)
+CVE-2009-1241
 	- clamav 0.95+dfsg-1 (medium; bug #526042)
 	[etch] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time)
 	[lenny] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time)
-CVE-2009-1240 (Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 ...)
+CVE-2009-1240
 	NOT-FOR-US: IBM Proventia
-CVE-2009-1239 (IBM DB2 9.1 before FP7 returns incorrect query results in certain ...)
+CVE-2009-1239
 	NOT-FOR-US: IBM DB2
-CVE-2009-1274 (Integer overflow in the qt_error parse_trak_atom function in ...)
+CVE-2009-1274
 	- xine-lib 1.1.16.3-1 (medium; bug #522811)
 	- vlc <not-affected> (affected part of xine-lib code not present)
-CVE-2009-1238 (Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and ...)
+CVE-2009-1238
 	NOT-FOR-US: Mac OS X
-CVE-2009-1237 (Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X ...)
+CVE-2009-1237
 	NOT-FOR-US: Mac OS X
-CVE-2009-1236 (Heap-based buffer overflow in the AppleTalk networking stack in XNU ...)
+CVE-2009-1236
 	NOT-FOR-US: Mac OS X
-CVE-2009-1235 (XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does ...)
+CVE-2009-1235
 	NOT-FOR-US: Mac OS X
-CVE-2009-1234 (Opera 9.64 allows remote attackers to cause a denial of service ...)
+CVE-2009-1234
 	NOT-FOR-US: Opera
-CVE-2009-1233 (Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to ...)
+CVE-2009-1233
 	NOT-FOR-US: Safari on Windows
-CVE-2009-1232 (Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote ...)
+CVE-2009-1232
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-1231 (Unspecified vulnerability in the eClient in IBM DB2 Content Manager ...)
+CVE-2009-1231
 	NOT-FOR-US: DB2
-CVE-2009-1230 (Static code injection vulnerability in index.php in Podcast Generator ...)
+CVE-2009-1230
 	NOT-FOR-US: Podcast Generator
-CVE-2009-1229 (SQL injection vulnerability in Arcadwy Arcade Script allows remote ...)
+CVE-2009-1229
 	NOT-FOR-US: Arcadwy Arcade Script
-CVE-2009-1228 (Cross-site scripting (XSS) vulnerability in register.php in Arcadwy ...)
+CVE-2009-1228
 	NOT-FOR-US: Arcadwy Arcade Script
-CVE-2009-1227 (** DISPUTED ** ...)
+CVE-2009-1227
 	NOT-FOR-US: Check Point
-CVE-2009-1226 (core/admin/delete.php in Podcast Generator 1.1 and earlier does not ...)
+CVE-2009-1226
 	NOT-FOR-US: Podcast Generator
-CVE-2009-1225 (Cross-site scripting (XSS) vulnerability in index.php in Turnkey Ebook ...)
+CVE-2009-1225
 	NOT-FOR-US: Turnkey Ebook Store
-CVE-2009-1224 (SQL injection vulnerability in ...)
+CVE-2009-1224
 	NOT-FOR-US: vsp stats processor
-CVE-2009-1223 (aspWebCalendar Free Edition stores sensitive information under the web ...)
+CVE-2009-1223
 	NOT-FOR-US: aspWebCalendar Free Edition
-CVE-2009-1222 (Directory traversal vulnerability in index.php in webEdition 6.0.0.4 ...)
+CVE-2009-1222
 	NOT-FOR-US: webEdition
 CVE-2009-1221
 	RESERVED
-CVE-2009-1220 (Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in ...)
+CVE-2009-1220
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1219 (Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun ...)
+CVE-2009-1219
 	NOT-FOR-US: Sun Calendar Express Web Server
-CVE-2009-1218 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar ...)
+CVE-2009-1218
 	NOT-FOR-US: Sun Calendar Express Web Server
-CVE-2009-1217 (Off-by-one error in the GpFont::SetData function in gdiplus.dll in ...)
+CVE-2009-1217
 	NOT-FOR-US: Windows GDI+
-CVE-2009-1216 (Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c ...)
+CVE-2009-1216
 	NOTE: Duplicate of CVE-2006-4335, confirmed by Microsoft. They're working on
 	NOTE: getting it rejected
-CVE-2009-1215 (Race condition in GNU screen 4.0.3 allows local users to create or ...)
+CVE-2009-1215
 	- screen 4.0.3-13 (low; bug #521123)
 	[etch] - screen <not-affected> (etch version predates #433338)
 	[lenny] - screen 4.0.3-11+lenny1
-CVE-2009-1214 (GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with ...)
+CVE-2009-1214
 	- screen 4.0.3-13 (bug #521123)
 	[lenny] - screen 4.0.3-11+lenny1
 	NOTE: documented behaviour "or the public accessible screen-exchange", see man screen
-CVE-2009-1213 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...)
+CVE-2009-1213
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
 	NOTE: should this really be considered minor?  see fedora bug and FSA:
 	NOTE: - https://bugzilla.redhat.com/show_bug.cgi?id=494398
 	NOTE: - https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00191.html
-CVE-2009-1212 (Multiple insecure method vulnerabilities in PRECIS~2.DLL in the ...)
+CVE-2009-1212
 	NOT-FOR-US: PrecisionID Datamatrix ActiveX control
-CVE-2009-1211 (Blue Coat ProxySG, when transparent interception mode is enabled, uses ...)
+CVE-2009-1211
 	NOT-FOR-US: Blue Coat ProxySG
-CVE-2009-1210 (Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in ...)
+CVE-2009-1210
 	{DSA-1785-1}
 	- wireshark 1.0.7-1 (low)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.6)
-CVE-2009-1209 (Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows ...)
+CVE-2009-1209
 	- amaya <removed>
-CVE-2009-1208 (SQL injection vulnerability in auth2db 0.2.5, and possibly other ...)
+CVE-2009-1208
 	{DSA-1757-1}
 	- auth2db 0.2.5-2+dfsg-1.1 (bug #521823; low)
-CVE-2009-1207 (Race condition in the dircmp script in Sun Solaris 8 through 10, and ...)
+CVE-2009-1207
 	NOT-FOR-US: Solaris
-CVE-2009-1206 (Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI ...)
+CVE-2009-1206
 	NOT-FOR-US: Cafe Access Analyzer CGI Professional
 CVE-2009-1205
 	REJECTED
-CVE-2009-1204 (Cross-site scripting (XSS) vulnerability in TikiWiki (Tiki) ...)
+CVE-2009-1204
 	- tikiwiki <removed>
-CVE-2009-1203 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with ...)
+CVE-2009-1203
 	NOT-FOR-US: Cisco
-CVE-2009-1202 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with ...)
+CVE-2009-1202
 	NOT-FOR-US: Cisco
-CVE-2009-1201 (Eval injection vulnerability in the csco_wrap_js function in ...)
+CVE-2009-1201
 	NOT-FOR-US: Cisco
 CVE-2009-1200
 	RESERVED
 CVE-2009-1199
 	RESERVED
-CVE-2009-1198 (Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 ...)
+CVE-2009-1198
 	NOT-FOR-US: Apache jUDDI
-CVE-2009-1197 (Apache jUDDI before 2.0 allows attackers to spoof entries in log files ...)
+CVE-2009-1197
 	NOT-FOR-US: Apache jUDDI
-CVE-2009-1196 (The directory-services functionality in the scheduler in CUPS 1.1.17 ...)
+CVE-2009-1196
 	- cups 1.1.99.b1.r4748-1
 	- cupsys <removed>
 	[etch] - cupsys 1.1.99.b1.r4748-1
-CVE-2009-1195 (The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not ...)
+CVE-2009-1195
 	{DSA-1816-1}
 	- apache2 2.2.11-6 (low; bug #530834)
-CVE-2009-1194 (Integer overflow in the pango_glyph_string_set_size function in ...)
+CVE-2009-1194
 	{DSA-1798-1}
 	- pango1.0 1.24.0-2 (medium; bug #527474)
 CVE-2009-1193
 	REJECTED
-CVE-2009-1192 (The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages ...)
+CVE-2009-1192
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-4
 	- linux-2.6.24 <removed>
-CVE-2009-1191 (mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server ...)
+CVE-2009-1191
 	- apache2 2.2.11-4 (low)
 	[etch] - apache2 <not-affected> (introduced in 2.2.11)
 	[lenny] - apache2 <not-affected> (introduced in 2.2.11)
-CVE-2009-1190 (Algorithmic complexity vulnerability in the ...)
+CVE-2009-1190
 	- libspring-2.5-java 2.5.6.SEC01-1
-CVE-2009-1189 (The _dbus_validate_signature_with_reason function ...)
+CVE-2009-1189
 	{DSA-1837-1}
 	- dbus 1.2.14-1 (high; bug #532720)
 	NOTE: remote signature spoofing possible, and this was supposed to be
 	NOTE: originally fixed with the updates for CVE-2008-3834
-CVE-2009-1188 (Integer overflow in the JBIG2 decoding feature in the ...)
+CVE-2009-1188
 	{DSA-2050-1 DSA-2028-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[etch] - poppler <not-affected> (SplashBitmap code not present)
@@ -10587,21 +10587,21 @@ CVE-2009-1188 (Integer overflow in the JBIG2 decoding feature in the ...)
 	- xpdf 3.02-2 (bug #575779)
 	- kdegraphics 4:4.0
 	- swftools 0.9.2+ds1-2
-CVE-2009-1187 (Integer overflow in the JBIG2 decoding feature in Poppler before ...)
+CVE-2009-1187
 	{DSA-1941-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
-CVE-2009-1186 (Buffer overflow in the util_path_encode function in ...)
+CVE-2009-1186
 	{DSA-1772-1}
 	- udev 0.141-1 (medium)
-CVE-2009-1185 (udev before 1.4.1 does not verify whether a NETLINK message originates ...)
+CVE-2009-1185
 	{DSA-1772-1}
 	- udev 0.141-1 (medium)
-CVE-2009-1184 (The selinux_ip_postroute_iptables_compat function in ...)
+CVE-2009-1184
 	{DSA-1809-1 DSA-1800-1}
 	- linux-2.6 2.6.29-5
 	[etch] - linux-2.6 <not-affected> (Issue was introduced after 2.6.24 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24 release)
-CVE-2009-1183 (The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and ...)
+CVE-2009-1183
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10609,7 +10609,7 @@ CVE-2009-1183 (The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1182 (Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and ...)
+CVE-2009-1182
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10617,7 +10617,7 @@ CVE-2009-1182 (Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1181 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
+CVE-2009-1181
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10625,7 +10625,7 @@ CVE-2009-1181 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and ear
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1180 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
+CVE-2009-1180
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10633,7 +10633,7 @@ CVE-2009-1180 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and ear
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1179 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, ...)
+CVE-2009-1179
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10641,143 +10641,143 @@ CVE-2009-1179 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1178 (Unspecified vulnerability in the server in IBM Tivoli Storage Manager ...)
+CVE-2009-1178
 	NOT-FOR-US: Tivoli
-CVE-2009-1177 (Multiple stack-based buffer overflows in maptemplate.c in mapserv in ...)
+CVE-2009-1177
 	- mapserver 5.2.2-1 (medium; bug #523027)
 	[lenny] - mapserver <not-affected> (Vulnerable code not present or covered by 02_CVE-2009-840-CVE-2009-2281.dpatch)
 	[etch] - mapserver <not-affected> (Vulnerable code not present or covered by 02_CVE-2009-840-CVE-2009-2281.dpatch)
-CVE-2009-1176 (mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before ...)
+CVE-2009-1176
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (low; bug #523027)
 	NOTE: covered by 02_CVE-2009-840-CVE-2009-2281.dpatch as well
-CVE-2009-1175 (Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in ...)
+CVE-2009-1175
 	- banshee <unfixed> (unimportant)
 	NOTE: banshee is intented as a desktop music player with no serious
 	NOTE: login credentials that an attacker could use remote
-CVE-2009-1174 (The Web Services Security component in IBM WebSphere Application ...)
+CVE-2009-1174
 	NOT-FOR-US: WebSphere
-CVE-2009-1173 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak ...)
+CVE-2009-1173
 	NOT-FOR-US: WebSphere
-CVE-2009-1172 (The JAX-RPC WS-Security runtime in the Web Services Security component ...)
+CVE-2009-1172
 	NOT-FOR-US: WebSphere
-CVE-2009-1171 (The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 ...)
+CVE-2009-1171
 	{DSA-1761-1}
 	- moodle 1.8.2.dfsg-5 (medium; bug #522116)
 	NOTE: this applies only to people who have a complete tex environment and
 	NOTE: aren't just using mimetex to render the tex
-CVE-2009-1170 (Unspecified vulnerability in Sun OpenSolaris snv_100 through snv_101 ...)
+CVE-2009-1170
 	NOT-FOR-US: OpenSolaris
-CVE-2009-1169 (The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox ...)
+CVE-2009-1169
 	{DSA-1756-1}
 	- xulrunner 1.9.0.8-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-1168 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through ...)
+CVE-2009-1168
 	NOT-FOR-US: Cisco IOS
-CVE-2009-1167 (Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) ...)
+CVE-2009-1167
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1166 (The administrative web interface on the Cisco Wireless LAN Controller ...)
+CVE-2009-1166
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1165 (Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x ...)
+CVE-2009-1165
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1164 (The administrative web interface on the Cisco Wireless LAN Controller ...)
+CVE-2009-1164
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software before ...)
+CVE-2009-1163
 	NOT-FOR-US: Cisco
-CVE-2009-1162 (Cross-site scripting (XSS) vulnerability in the Spam Quarantine login ...)
+CVE-2009-1162
 	NOT-FOR-US: Cisco IronPort AsyncOS
-CVE-2009-1161 (Directory traversal vulnerability in the TFTP service in Cisco ...)
+CVE-2009-1161
 	NOT-FOR-US: CiscoWorks
-CVE-2009-1160 (Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security ...)
+CVE-2009-1160
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1159 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-1159
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1158 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-1158
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1157 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series ...)
+CVE-2009-1157
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1156 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2009-1156
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1155 (Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security ...)
+CVE-2009-1155
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1154 (Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a ...)
+CVE-2009-1154
 	NOT-FOR-US: Cisco
 CVE-2009-1153
 	REJECTED
-CVE-2009-1152 (Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly ...)
+CVE-2009-1152
 	NOT-FOR-US: Siemens router
-CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x ...)
+CVE-2009-1151
 	{DSA-1824-1}
 	- phpmyadmin 4:3.1.3.1-1
-CVE-2009-1150 (Multiple cross-site scripting (XSS) vulnerabilities in the export page ...)
+CVE-2009-1150
 	{DSA-1824-1}
 	- phpmyadmin 4:3.1.3.1-1
-CVE-2009-1149 (CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB ...)
+CVE-2009-1149
 	- phpmyadmin 4:3.1.3.1-1
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-1148 (Directory traversal vulnerability in bs_disp_as_mime_type.php in the ...)
+CVE-2009-1148
 	- phpmyadmin 4:3.1.3.1-1
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-1147 (Unspecified vulnerability in vmci.sys in the Virtual Machine ...)
+CVE-2009-1147
 	NOT-FOR-US: VmWare
-CVE-2009-1146 (Unspecified vulnerability in an ioctl in hcmon.sys in VMware ...)
+CVE-2009-1146
 	NOT-FOR-US: VmWare
 CVE-2009-1145
 	RESERVED
-CVE-2009-1144 (Untrusted search path vulnerability in the Gentoo package of Xpdf ...)
+CVE-2009-1144
 	- xpdf <not-affected> (Gentoo specific vulnerability in building xpdf)
 CVE-2009-1143
 	RESERVED
 CVE-2009-1142
 	RESERVED
-CVE-2009-1141 (Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server ...)
+CVE-2009-1141
 	NOT-FOR-US: Microsoft
-CVE-2009-1140 (Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP ...)
+CVE-2009-1140
 	NOT-FOR-US: Microsoft
-CVE-2009-1139 (Memory leak in the LDAP service in Active Directory on Microsoft ...)
+CVE-2009-1139
 	NOT-FOR-US: Microsoft
-CVE-2009-1138 (The LDAP service in Active Directory on Microsoft Windows 2000 SP4 ...)
+CVE-2009-1138
 	NOT-FOR-US: Microsoft
-CVE-2009-1137 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+CVE-2009-1137
 	NOT-FOR-US: Microsoft
-CVE-2009-1136 (The Microsoft Office Web Components Spreadsheet ActiveX control (aka ...)
+CVE-2009-1136
 	NOT-FOR-US: ActiveX
-CVE-2009-1135 (Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold ...)
+CVE-2009-1135
 	NOT-FOR-US: Microsoft Internet Security and Acceleration (ISA) Server
-CVE-2009-1134 (Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office ...)
+CVE-2009-1134
 	NOT-FOR-US: Microsoft
-CVE-2009-1133 (Heap-based buffer overflow in Microsoft Remote Desktop Connection ...)
+CVE-2009-1133
 	NOT-FOR-US: Microsoft
-CVE-2009-1132 (Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka ...)
+CVE-2009-1132
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2009-1131 (Multiple stack-based buffer overflows in Microsoft Office PowerPoint ...)
+CVE-2009-1131
 	NOT-FOR-US: Microsoft
-CVE-2009-1130 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and ...)
+CVE-2009-1130
 	NOT-FOR-US: Microsoft
-CVE-2009-1129 (Multiple stack-based buffer overflows in the PowerPoint 95 importer ...)
+CVE-2009-1129
 	NOT-FOR-US: Microsoft
-CVE-2009-1128 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+CVE-2009-1128
 	NOT-FOR-US: Microsoft
-CVE-2009-1127 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and ...)
+CVE-2009-1127
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1126 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server ...)
+CVE-2009-1126
 	NOT-FOR-US: Microsoft
-CVE-2009-1125 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2009-1125
 	NOT-FOR-US: Microsoft
-CVE-2009-1124 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2009-1124
 	NOT-FOR-US: Microsoft
-CVE-2009-1123 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2009-1123
 	NOT-FOR-US: Microsoft
-CVE-2009-1122 (The WebDAV extension in Microsoft Internet Information Services (IIS) ...)
+CVE-2009-1122
 	NOT-FOR-US: Microsoft
 CVE-2009-1121
 	RESERVED
 CVE-2009-1120
 	RESERVED
-CVE-2009-1119 (Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 ...)
+CVE-2009-1119
 	NOT-FOR-US: EMC RepliStor
 CVE-2009-1118
 	RESERVED
@@ -10801,396 +10801,396 @@ CVE-2009-1109
 	RESERVED
 CVE-2009-1108
 	RESERVED
-CVE-2009-1086 (Heap-based buffer overflow in the ldns_rr_new_frm_str_internal ...)
+CVE-2009-1086
 	{DSA-1795-1}
 	- ldns 1.5.1-1
-CVE-2009-1107 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime ...)
+CVE-2009-1107
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1106 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime ...)
+CVE-2009-1106
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1105 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime ...)
+CVE-2009-1105
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1104 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime ...)
+CVE-2009-1104
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1103 (Unspecified vulnerability in the Java Plug-in in Java SE Development ...)
+CVE-2009-1103
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1102 (Unspecified vulnerability in the Virtual Machine in Java SE ...)
+CVE-2009-1102
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1101 (Unspecified vulnerability in the lightweight HTTP server ...)
+CVE-2009-1101
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1100 (Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) ...)
+CVE-2009-1100
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1099 (Integer signedness error in Java SE Development Kit (JDK) and Java ...)
+CVE-2009-1099
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1098 (Buffer overflow in Java SE Development Kit (JDK) and Java Runtime ...)
+CVE-2009-1098
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1097 (Multiple buffer overflows in Java SE Development Kit (JDK) and Java ...)
+CVE-2009-1097
 	{DSA-1769-1}
 	- sun-java6 6-13-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1096 (Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java ...)
+CVE-2009-1096
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1095 (Integer overflow in unpack200 in Java SE Development Kit (JDK) and ...)
+CVE-2009-1095
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1094 (Unspecified vulnerability in the LDAP implementation in Java SE ...)
+CVE-2009-1094
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1093 (LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java ...)
+CVE-2009-1093
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1962 (Xfig, possibly 3.2.5, allows local users to read and write arbitrary ...)
+CVE-2009-1962
 	- xfig 1:3.2.5.a-1
 	[etch] - xfig <no-dsa> (Minor issue)
 	[lenny] - xfig <no-dsa> (Minor issue)
-CVE-2009-1092 (Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX ...)
+CVE-2009-1092
 	NOT-FOR-US: LIVEAUDIO.LiveAudioCtrl.1 ActiveX
-CVE-2009-1091 (Cross-site scripting (XSS) vulnerability in upload.php in Rapidleech ...)
+CVE-2009-1091
 	NOT-FOR-US: Rapidleech
-CVE-2009-1090 (Directory traversal vulnerability in upload.php in Rapidleech rev.36 ...)
+CVE-2009-1090
 	NOT-FOR-US: Rapidleech
-CVE-2009-1089 (Absolute path traversal vulnerability in upload.php in Rapidleech ...)
+CVE-2009-1089
 	NOT-FOR-US: Rapidleech
-CVE-2009-1088 (Hannon Hill Cascade Server 5.7 and other versions allows remote ...)
+CVE-2009-1088
 	NOT-FOR-US: Hannon Hill Cascade Server
-CVE-2009-1087 (Multiple argument injection vulnerabilities in PPLive.exe in PPLive ...)
+CVE-2009-1087
 	NOT-FOR-US: PPLive
-CVE-2009-1085 (Piwik 0.2.32 and earlier stores sensitive information under the web ...)
+CVE-2009-1085
 	- piwik <itp> (bug #506933)
-CVE-2009-1084 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not ...)
+CVE-2009-1084
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1083 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, ...)
+CVE-2009-1083
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1082 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 allows remote ...)
+CVE-2009-1082
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1081 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2009-1081
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1080 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2009-1080
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1079 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2009-1079
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1078 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not ...)
+CVE-2009-1078
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1077 (The Change My Password implementation in the admin interface in Sun ...)
+CVE-2009-1077
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1076 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds ...)
+CVE-2009-1076
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1075 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds ...)
+CVE-2009-1075
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1074 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not use ...)
+CVE-2009-1074
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1073 (nss-ldapd before 0.6.8 uses world-readable permissions for the ...)
+CVE-2009-1073
 	{DSA-1758-1}
 	- nss-ldapd 0.6.8
-CVE-2009-1072 (nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD ...)
+CVE-2009-1072
 	{DSA-1800-1}
 	- linux-2.6 2.6.29-1
 	[etch] - linux-2.6 <not-affected> (Issue was introduced after 2.6.24 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24 release)
-CVE-2009-0934 (Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 ...)
+CVE-2009-0934
 	{DSA-1774-1}
 	- ejabberd 2.0.5-1 (bug #520852)
 	[etch] - ejabberd <not-affected> (Vulnerable expression not present)
-CVE-2009-1071 (Stack-based buffer overflow in Icarus 2.0 allows remote attackers to ...)
+CVE-2009-1071
 	NOT-FOR-US: Icarus
-CVE-2009-1070 (Cross-site scripting (XSS) vulnerability in system/index.php in ...)
+CVE-2009-1070
 	NOT-FOR-US: ExpressionEngine
-CVE-2009-1069 (Multiple cross-site scripting (XSS) vulnerabilities in the node edit ...)
+CVE-2009-1069
 	NOT-FOR-US: Drupal module
-CVE-2009-1068 (Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 ...)
+CVE-2009-1068
 	NOT-FOR-US: BS.Player
-CVE-2009-1067 (Cross-site scripting (XSS) vulnerability in index.php in Pixie CMS ...)
+CVE-2009-1067
 	NOT-FOR-US: Pixie CMS
-CVE-2009-1066 (SQL injection vulnerability in the referral function in ...)
+CVE-2009-1066
 	NOT-FOR-US: Pixie CMS
-CVE-2009-1065 (SQL injection vulnerability in index.php in Pixie CMS 1.01a allows ...)
+CVE-2009-1065
 	NOT-FOR-US: Pixie CMS
-CVE-2009-1064 (Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit ...)
+CVE-2009-1064
 	NOT-FOR-US: Orbit Downloader
-CVE-2009-1063 (Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers ...)
+CVE-2009-1063
 	NOT-FOR-US: eXeScope
-CVE-2009-1062 (Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 ...)
+CVE-2009-1062
 	NOT-FOR-US: Acrobat Reader
-CVE-2009-1061 (Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 ...)
+CVE-2009-1061
 	NOT-FOR-US: Acrobat Reader
-CVE-2009-1060 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows ...)
+CVE-2009-1060
 	NOT-FOR-US: Apple Safari
-CVE-2009-1059 (Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote ...)
+CVE-2009-1059
 	NOT-FOR-US: Trident PowerZip
-CVE-2009-1058 (Stack-based buffer overflow in ZipGenius might allow remote attackers ...)
+CVE-2009-1058
 	NOT-FOR-US: ZipGenius
-CVE-2009-1057 (MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to ...)
+CVE-2009-1057
 	NOT-FOR-US: MicroSmarts Enterprise ZipItFast!
-CVE-2009-1056 (IBM Rational AppScan Enterprise before 5.5 FP1 allows remote attackers ...)
+CVE-2009-1056
 	NOT-FOR-US: IBM Rational AppScan Enterprise
-CVE-2009-1055 (Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 ...)
+CVE-2009-1055
 	NOT-FOR-US: Sitecore CMS
-CVE-2009-1054 (Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through ...)
+CVE-2009-1054
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2009-1053 (chaozzDB 1.2 and earlier stores sensitive information under the web ...)
+CVE-2009-1053
 	NOT-FOR-US: chaozzDB
-CVE-2009-1052 (FireAnt 1.3 and earlier stores sensitive information under the web ...)
+CVE-2009-1052
 	NOT-FOR-US: FireAnt
-CVE-2009-1051 (FubarForum 1.6 and earlier stores sensitive information under the web ...)
+CVE-2009-1051
 	NOT-FOR-US: FubarForum
-CVE-2009-1050 (Bloginator 1A allows remote attackers to bypass authentication and ...)
+CVE-2009-1050
 	NOT-FOR-US: Bloginator
-CVE-2009-1049 (SQL injection vulnerability in articleCall.php in Bloginator 1A allows ...)
+CVE-2009-1049
 	NOT-FOR-US: Bloginator
-CVE-2009-1048 (The web interface on the snom VoIP phones snom 300, snom 320, snom ...)
+CVE-2009-1048
 	NOT-FOR-US: snom VoIP phones
-CVE-2009-1047 (Cross-site scripting (XSS) vulnerability in the Send by e-mail module ...)
+CVE-2009-1047
 	NOT-FOR-US: Send by e-mail module for Drupal
-CVE-2009-1046 (The console selection feature in the Linux kernel 2.6.28 before ...)
+CVE-2009-1046
 	{DSA-1800-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	- linux-2.6.24 <removed>
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.23-rc1)
-CVE-2009-1045 (requests/status.xml in VLC 0.9.8a allows remote attackers to cause a ...)
+CVE-2009-1045
 	- vlc 0.9.9a-1 (unimportant; bug #522170)
 	NOTE: access is limited to localhost
-CVE-2009-1044 (Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute ...)
+CVE-2009-1044
 	{DSA-1756-1}
 	- xulrunner 1.9.0.8-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-3
-CVE-2009-1043 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
+CVE-2009-1043
 	NOT-FOR-US: Microsoft
-CVE-2009-1042 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows ...)
+CVE-2009-1042
 	NOT-FOR-US: Apple Safari
-CVE-2009-1041 (The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 ...)
+CVE-2009-1041
 	- kfreebsd-7 7.1-3
 	[lenny] - kfreebsd-7 7.0-7lenny1
-CVE-2009-1040 (Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote ...)
+CVE-2009-1040
 	NOT-FOR-US: WinAsm
-CVE-2009-1039 (Buffer overflow in CDex 1.70b2 allows remote attackers to execute ...)
+CVE-2009-1039
 	NOT-FOR-US: CDex
-CVE-2009-1038 (Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote ...)
+CVE-2009-1038
 	NOT-FOR-US: YAP Blog
-CVE-2009-1037 (Unspecified vulnerability in the Send by e-mail module in the ...)
+CVE-2009-1037
 	NOT-FOR-US: Send by e-mail module for Drupal
-CVE-2009-1036 (Cross-site request forgery (CSRF) vulnerability in the Plus 1 module ...)
+CVE-2009-1036
 	NOT-FOR-US: Plus 1 module for Drupal
-CVE-2009-1035 (Cross-site scripting (XSS) vulnerability in the Tasklist module ...)
+CVE-2009-1035
 	NOT-FOR-US: Tasklist module for Drupal
-CVE-2009-1034 (SQL injection vulnerability in the Tasklist module 5.x-1.x before ...)
+CVE-2009-1034
 	NOT-FOR-US: Tasklist module for Drupal
-CVE-2009-1033 (SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier ...)
+CVE-2009-1033
 	NOT-FOR-US: DeluxeBB
-CVE-2009-1032 (SQL injection vulnerability in gallery_list.php in YABSoft Advanced ...)
+CVE-2009-1032
 	NOT-FOR-US: YABSoft Advanced Image Gallery
-CVE-2009-1031 (Directory traversal vulnerability in the FTP server in Rhino Software ...)
+CVE-2009-1031
 	NOT-FOR-US: FTP Rhino Software Serv-U
-CVE-2009-1030 (Cross-site scripting (XSS) vulnerability in the choose_primary_blog ...)
+CVE-2009-1030
 	- wordpress-mu 2.9.1-1 (bug #399756)
-CVE-2009-1029 (Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows ...)
+CVE-2009-1029
 	NOT-FOR-US: POP Peeper
-CVE-2009-1028 (Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote ...)
+CVE-2009-1028
 	NOT-FOR-US: ediSys eZip Wizard
-CVE-2009-1027 (SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers ...)
+CVE-2009-1027
 	NOT-FOR-US: OpenCart
-CVE-2009-1026 (Multiple SQL injection vulnerabilities in login.php in Kim Websites ...)
+CVE-2009-1026
 	NOT-FOR-US: Kim Websites
-CVE-2009-1025 (PHP remote file inclusion vulnerability in linkadmin.php in Beerwin ...)
+CVE-2009-1025
 	NOT-FOR-US: Beerwin PHPLinkAdmin
-CVE-2009-1024 (Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 ...)
+CVE-2009-1024
 	NOT-FOR-US: Beerwin PHPLinkAdmin
-CVE-2009-1023 (SQL injection vulnerability in index.php in phpComasy 0.9.1 allows ...)
+CVE-2009-1023
 	NOT-FOR-US: phpComasy
-CVE-2009-1022 (Heap-based buffer overflow in the Preview/ Set Segment function in ...)
+CVE-2009-1022
 	NOT-FOR-US: Gretech GOMlab GOM Encoder
-CVE-2009-1021 (Unspecified vulnerability in the Advanced Replication component in ...)
+CVE-2009-1021
 	NOT-FOR-US: Oracle Database
-CVE-2009-1020 (Unspecified vulnerability in the Network Foundation component in ...)
+CVE-2009-1020
 	NOT-FOR-US: Oracle Database
-CVE-2009-1019 (Unspecified vulnerability in the Network Authentication component in ...)
+CVE-2009-1019
 	NOT-FOR-US: Oracle Database
-CVE-2009-1018 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2009-1018
 	NOT-FOR-US: Oracle Database
-CVE-2009-1017 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+CVE-2009-1017
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1016 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2009-1016
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1015 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2009-1015
 	NOT-FOR-US: Oracle Database
-CVE-2009-1014 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2009-1014
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1013 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2009-1013
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1012 (Unspecified vulnerability in the plug-ins for Apache and IIS web ...)
+CVE-2009-1012
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1011 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2009-1011
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1010 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2009-1010
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1009 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2009-1009
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1008 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2009-1008
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1007 (Unspecified vulnerability in the Data Mining component in Oracle ...)
+CVE-2009-1007
 	NOT-FOR-US: Oracle Database
-CVE-2009-1006 (Unspecified vulnerability in the JRockit component in BEA Product ...)
+CVE-2009-1006
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1005 (Unspecified vulnerability in the Oracle Data Service Integrator ...)
+CVE-2009-1005
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1004 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2009-1004
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1003 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2009-1003
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1002 (Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 ...)
+CVE-2009-1002
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1001 (Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold ...)
+CVE-2009-1001
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1000 (The Oracle Applications Framework component in Oracle E-Business Suite ...)
+CVE-2009-1000
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-0999 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2009-0999
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-0998 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ...)
+CVE-2009-0998
 	NOT-FOR-US: PeopleSoft Enterprise HRMS
-CVE-2009-0997 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2009-0997
 	NOT-FOR-US: Oracle Database
-CVE-2009-0996 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+CVE-2009-0996
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0995 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2009-0995
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-0994 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+CVE-2009-0994
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0993 (Unspecified vulnerability in the OPMN component in Oracle Application ...)
+CVE-2009-0993
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0992 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
+CVE-2009-0992
 	NOT-FOR-US: Oracle Database
-CVE-2009-0991 (Unspecified vulnerability in the Listener component in Oracle Database ...)
+CVE-2009-0991
 	NOT-FOR-US: Oracle Database
-CVE-2009-0990 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+CVE-2009-0990
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0989 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+CVE-2009-0989
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0988 (Unspecified vulnerability in the Password Policy component in Oracle ...)
+CVE-2009-0988
 	NOT-FOR-US: Oracle Database
-CVE-2009-0987 (Unspecified vulnerability in the Upgrade component in Oracle Database ...)
+CVE-2009-0987
 	NOT-FOR-US: Oracle Database
-CVE-2009-0986 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2009-0986
 	NOT-FOR-US: Oracle Database
-CVE-2009-0985 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2009-0985
 	NOT-FOR-US: Oracle Database
-CVE-2009-0984 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2009-0984
 	NOT-FOR-US: Oracle Database
-CVE-2009-0983 (Unspecified vulnerability in the Portal component in Oracle ...)
+CVE-2009-0983
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0982 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2009-0982
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-0981 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2009-0981
 	NOT-FOR-US: Oracle Database
-CVE-2009-0980 (Unspecified vulnerability in the SQLX Functions component in Oracle ...)
+CVE-2009-0980
 	NOT-FOR-US: Oracle Database
-CVE-2009-0979 (Unspecified vulnerability in the Resource Manager component in Oracle ...)
+CVE-2009-0979
 	NOT-FOR-US: Oracle Database
-CVE-2009-0978 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2009-0978
 	NOT-FOR-US: Oracle Database
-CVE-2009-0977 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
+CVE-2009-0977
 	NOT-FOR-US: Oracle Database
-CVE-2009-0976 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2009-0976
 	NOT-FOR-US: Oracle Database
-CVE-2009-0975 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2009-0975
 	NOT-FOR-US: Oracle Database
-CVE-2009-0974 (Unspecified vulnerability in the Portal component in Oracle ...)
+CVE-2009-0974
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0973 (Unspecified vulnerability in the Cluster Ready Services component in ...)
+CVE-2009-0973
 	NOT-FOR-US: Oracle Database
-CVE-2009-0972 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2009-0972
 	NOT-FOR-US: Oracle Database
-CVE-2009-0971 (Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access ...)
+CVE-2009-0971
 	NOT-FOR-US: futomi's CGI Cafe Access Analyzer CGI Standard Version
-CVE-2009-0970 (PHP remote file inclusion vulnerability in includes/class_image.php in ...)
+CVE-2009-0970
 	NOT-FOR-US: PHP Pro Bid
-CVE-2009-0969 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2009-0969
 	NOT-FOR-US: phpFoX
-CVE-2009-0968 (SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 ...)
+CVE-2009-0968
 	NOT-FOR-US: fMoblog plugin for WordPress
-CVE-2009-0967 (The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote ...)
+CVE-2009-0967
 	NOT-FOR-US: Serv-U
-CVE-2009-0966 (PHP remote file inclusion vulnerability in cross.php in YABSoft Mega ...)
+CVE-2009-0966
 	NOT-FOR-US: YABSoft Mega File Hosting
-CVE-2009-0965 (SQL injection vulnerability in functions/browse.php in Ganesha Digital ...)
+CVE-2009-0965
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2009-0964 (UserView_list.php in PHPRunner 4.2, and possibly earlier, stores ...)
+CVE-2009-0964
 	NOT-FOR-US: PHPRunner
-CVE-2009-0963 (Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly ...)
+CVE-2009-0963
 	NOT-FOR-US: PHPRunner
-CVE-2009-0962 (Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI ...)
+CVE-2009-0962
 	NOT-FOR-US: Futomi's CGI Cafe MP Form Mail CGI eCommerce
-CVE-2009-0961 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS ...)
+CVE-2009-0961
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0960 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS ...)
+CVE-2009-0960
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0959 (The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone ...)
+CVE-2009-0959
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0958 (Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 ...)
+CVE-2009-0958
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0957 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
+CVE-2009-0957
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0956 (Apple QuickTime before 7.6.2 does not properly initialize memory ...)
+CVE-2009-0956
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0955 (Apple QuickTime before 7.6.2 allows remote attackers to execute ...)
+CVE-2009-0955
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0954 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows ...)
+CVE-2009-0954
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0953 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
+CVE-2009-0953
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0952 (Buffer overflow in Apple QuickTime before 7.6.2 allows remote ...)
+CVE-2009-0952
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0951 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
+CVE-2009-0951
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0950 (Stack-based buffer overflow in Apple iTunes before 8.2 allows remote ...)
+CVE-2009-0950
 	NOT-FOR-US: Apple iTunes
-CVE-2009-0949 (The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 ...)
+CVE-2009-0949
 	{DSA-1811-1}
 	- cups 1.3.10-1
 CVE-2009-0948
@@ -11199,10 +11199,10 @@ CVE-2009-0948
 CVE-2009-0947
 	RESERVED
 	- file 5.02-1
-CVE-2009-0946 (Multiple integer overflows in FreeType 2.3.9 and earlier allow remote ...)
+CVE-2009-0946
 	{DSA-1784-1}
 	- freetype 2.3.9-4.1 (medium; bug #524925)
-CVE-2009-0945 (Array index error in the insertItemBefore method in WebKit, as used in ...)
+CVE-2009-0945
 	{DSA-1988-1 DSA-1950-1 DSA-1866-1}
 	- qt4-x11 4:4.5.2-1 (medium; bug #532718)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
@@ -11214,347 +11214,347 @@ CVE-2009-0945 (Array index error in the insertItemBefore method in WebKit, as us
 	- kdegraphics 4:4.0 (medium; bug #534918)
 	NOTE: kdegraphics >4.0 not affected since ksvg is only in 3.5.x series
 	NOTE: http://websvn.kde.org/?view=rev&revision=983306
-CVE-2009-0944 (The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X ...)
+CVE-2009-0944
 	NOT-FOR-US: Microsoft Office Spotlight
-CVE-2009-0943 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not ...)
+CVE-2009-0943
 	NOT-FOR-US: Help Viewer in Apple Mac OS X
-CVE-2009-0942 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not ...)
+CVE-2009-0942
 	NOT-FOR-US: Help Viewer in Apple Mac OS X
-CVE-2009-0941 (The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline ...)
+CVE-2009-0941
 	NOT-FOR-US: HP Embedded Web Server
-CVE-2009-0940 (Multiple cross-site request forgery (CSRF) vulnerabilities in the HP ...)
+CVE-2009-0940
 	NOT-FOR-US: HP Embedded Web Server
-CVE-2009-0939 (Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which ...)
+CVE-2009-0939
 	- tor 0.2.0.34-1
-CVE-2009-0938 (Unspecified vulnerability in Tor before 0.2.0.34 allows directory ...)
+CVE-2009-0938
 	- tor 0.2.0.34-1 (bug #512728)
-CVE-2009-0937 (Unspecified vulnerability in Tor before 0.2.0.34 allows directory ...)
+CVE-2009-0937
 	- tor 0.2.0.34-1 (bug #514580)
-CVE-2009-0936 (Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to ...)
+CVE-2009-0936
 	- tor 0.2.0.34-1
-CVE-2009-0935 (The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, ...)
+CVE-2009-0935
 	- linux-2.6 2.6.30-1 (low)
 	[etch] - linux-2.6 <not-affected> (Vulnerability was introduced in 2.6.27-rc9)
 	[lenny] - linux-2.6 <not-affected> (Vulnerability was introduced in 2.6.27-rc9)
 	- linux-2.6.24 <not-affected> (Vulnerability was introduced in 2.6.27-rc9)
-CVE-2009-0933 (Cross-site scripting (XSS) vulnerability in the administrative ...)
+CVE-2009-0933
 	- dotclear <not-affected> (Fixed before initial upload to archive)
-CVE-2009-0932 (Directory traversal vulnerability in framework/Image/Image.php in ...)
+CVE-2009-0932
 	{DSA-1765-1}
 	- horde3 3.2.2+debian0-2 (bug #513265; medium)
-CVE-2009-0931 (Cross-site scripting (XSS) vulnerability in the tag cloud search ...)
+CVE-2009-0931
 	- horde3 3.2.2+debian0-2 (bug #513265)
 	[etch] - horde3 <not-affected> (Vulnerable code not present)
-CVE-2009-0930 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP ...)
+CVE-2009-0930
 	{DSA-1770-1}
 	- imp4 4.2-4 (medium; bug #513266)
-CVE-2009-0929 (Directory traversal vulnerability in the media manager in Nucleus CMS ...)
+CVE-2009-0929
 	NOT-FOR-US: Nucleus CMS
-CVE-2009-0928 (Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat ...)
+CVE-2009-0928
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2009-0927 (Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before ...)
+CVE-2009-0927
 	NOT-FOR-US: Adobe Reader and Adobe Acrobat
-CVE-2009-0926 (Unspecified vulnerability in the UFS filesystem functionality in Sun ...)
+CVE-2009-0926
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-0925 (Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, ...)
+CVE-2009-0925
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0924 (Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, ...)
+CVE-2009-0924
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-0923 (Unspecified vulnerability in Kerberos Incremental Propagation in ...)
+CVE-2009-0923
 	NOT-FOR-US: Solaris
-CVE-2009-0922 (PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows ...)
+CVE-2009-0922
 	- postgresql-8.3 8.3.7-1 (bug #517405)
 	[lenny] - postgresql-8.3 8.3.7-0lenny1
 	- postgresql-8.1 <removed>
 	- postgresql-7.4 <removed>
 	[etch] - postgresql-8.1 8.1.17-0etch1
 	[etch] - postgresql-7.4 <no-dsa> (Minor issue)
-CVE-2009-0921 (Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP ...)
+CVE-2009-0921
 	NOT-FOR-US: HP Openview
-CVE-2009-0920 (Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView ...)
+CVE-2009-0920
 	NOT-FOR-US: HP Openview
-CVE-2009-0919 (XAMPP installs multiple packages with insecure default passwords, ...)
+CVE-2009-0919
 	NOT-FOR-US: DFLabs PTK
-CVE-2009-0918 (Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 ...)
+CVE-2009-0918
 	NOT-FOR-US: DFLabs PTK
-CVE-2009-0917 (Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through ...)
+CVE-2009-0917
 	NOT-FOR-US: DFLabs PTK
-CVE-2009-0916 (Unspecified vulnerability in Opera before 9.64 has unknown impact and ...)
+CVE-2009-0916
 	NOT-FOR-US: Opera
-CVE-2009-0915 (Opera before 9.64 allows remote attackers to conduct cross-domain ...)
+CVE-2009-0915
 	NOT-FOR-US: Opera
-CVE-2009-0914 (Opera before 9.64 allows remote attackers to execute arbitrary code ...)
+CVE-2009-0914
 	NOT-FOR-US: Opera
-CVE-2009-0913 (Unspecified vulnerability in the keysock kernel module in Solaris 10 ...)
+CVE-2009-0913
 	NOT-FOR-US: Solaris
-CVE-2009-0912 (perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly ...)
+CVE-2009-0912
 	NOT-FOR-US: perl-MDK-Common
 CVE-2009-0911
 	RESERVED
-CVE-2009-0910 (Heap-based buffer overflow in the VNnc Codec in VMware Workstation ...)
+CVE-2009-0910
 	NOT-FOR-US: VmWare
-CVE-2009-0909 (Heap-based buffer overflow in the VNnc Codec in VMware Workstation ...)
+CVE-2009-0909
 	NOT-FOR-US: VmWare
-CVE-2009-0908 (Unspecified vulnerability in the ACE shared folders implementation in ...)
+CVE-2009-0908
 	NOT-FOR-US: VmWare
 CVE-2009-0907
 	REJECTED
-CVE-2009-0906 (The Service Component Architecture (SCA) feature pack for IBM ...)
+CVE-2009-0906
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0905 (IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not ...)
+CVE-2009-0905
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0904 (The IBM Stax XMLStreamWriter in the Web Services component in IBM ...)
+CVE-2009-0904
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0903 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the ...)
+CVE-2009-0903
 	NOT-FOR-US: WebSphere
 CVE-2009-0902
 	RESERVED
-CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
+CVE-2009-0901
 	NOT-FOR-US: Microsoft Visual Studio .NET
-CVE-2009-0900 (Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 ...)
+CVE-2009-0900
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 ...)
+CVE-2009-0899
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0898 (Stack-based buffer overflow in HP OpenView Network Node Manager (OV ...)
+CVE-2009-0898
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-0897 (IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 ...)
+CVE-2009-0897
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0896 (Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before ...)
+CVE-2009-0896
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0895 (Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and ...)
+CVE-2009-0895
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-0894 (Heap-based buffer overflow in the decoder_create function in the ...)
+CVE-2009-0894
 	- xvidcore <not-affected> (Fixed before initial release)
-CVE-2009-0893 (Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the ...)
+CVE-2009-0893
 	- xvidcore <not-affected> (Fixed before initial release)
-CVE-2009-0892 (The administrative console in IBM WebSphere Application Server (WAS) ...)
+CVE-2009-0892
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0891 (The Web Services Security component in IBM WebSphere Application ...)
+CVE-2009-0891
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-0890
 	RESERVED
-CVE-2009-0889 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
+CVE-2009-0889
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0888 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
+CVE-2009-0888
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0887 (Integer signedness error in the _pam_StrTok function in ...)
+CVE-2009-0887
 	- pam 1.0.1-10 (low; bug #520115)
 	[lenny] - pam 1.0.1-5+lenny1
 	[etch] - pam 0.79-5+etch1
-CVE-2009-0886 (Directory traversal vulnerability in login.php in OneOrZero Helpdesk ...)
+CVE-2009-0886
 	NOT-FOR-US: OneOrZero Helpdesk
-CVE-2009-0885 (Multiple heap-based buffer overflows in Media Commands 1.0 allow ...)
+CVE-2009-0885
 	NOT-FOR-US: Media Commands
-CVE-2009-0884 (Buffer overflow in FileZilla Server before 0.9.31 allows remote ...)
+CVE-2009-0884
 	NOT-FOR-US: FileZilla Server (only client packaged in debian)
-CVE-2009-0883 (SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when ...)
+CVE-2009-0883
 	NOT-FOR-US: Blue Eye CMS
-CVE-2009-0882 (Multiple SQL injection vulnerabilities in nForum 1.5 allow remote ...)
+CVE-2009-0882
 	NOT-FOR-US: nForum
-CVE-2009-0881 (SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows ...)
+CVE-2009-0881
 	NOT-FOR-US: isiAJAX
-CVE-2009-0880 (Directory traversal vulnerability in the CIM server in IBM Director ...)
+CVE-2009-0880
 	NOT-FOR-US: Windows
-CVE-2009-0879 (The CIM server in IBM Director before 5.20.3 Service Update 2 on ...)
+CVE-2009-0879
 	NOT-FOR-US: Windows
-CVE-2009-0878 (The read_game_map function in src/terrain_translation.cpp in Wesnoth ...)
+CVE-2009-0878
 	{DSA-1737-1}
 	- wesnoth 1:1.4.7-4
-CVE-2009-0877 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+CVE-2009-0877
 	NOT-FOR-US: Sun Java System Communications Express
-CVE-2009-0876 (Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and ...)
+CVE-2009-0876
 	- virtualbox-ose <not-affected> (Vulnerable code not present, Debian version patches localconf)
 	[lenny] - virtualbox-ose <not-affected> (lenny version doesn't install binaries with suid 0)
-CVE-2009-0875 (Race condition in the Doors subsystem in the kernel in Sun Solaris 8 ...)
+CVE-2009-0875
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0874 (Multiple unspecified vulnerabilities in the Doors subsystem in the ...)
+CVE-2009-0874
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0873 (The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before ...)
+CVE-2009-0873
 	NOT-FOR-US: Solaris
-CVE-2009-0872 (The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does ...)
+CVE-2009-0872
 	NOT-FOR-US: Solaris
-CVE-2009-0871 (The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and ...)
+CVE-2009-0871
 	- asterisk <not-affected> (Vulnerable code introduced in 1.4.22)
-CVE-2009-0870 (The NFSv4 Server module in the kernel in Sun Solaris 10, and ...)
+CVE-2009-0870
 	NOT-FOR-US: Solaris
-CVE-2009-0869 (Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM ...)
+CVE-2009-0869
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-0868 (CRLF injection vulnerability in the WebLink template in Fujitsu ...)
+CVE-2009-0868
 	NOT-FOR-US: Fujitsu Jasmine2000 Enterprise Edition
-CVE-2009-0867 (The HRM-S service in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 ...)
+CVE-2009-0867
 	NOT-FOR-US: Fujitsu Enhanced Support Facility
-CVE-2009-0866 (pHNews Alpha 1 stores sensitive information under the web root with ...)
+CVE-2009-0866
 	NOT-FOR-US: pHNews
-CVE-2009-0865 (Directory traversal vulnerability in the SnapShotToFile method in the ...)
+CVE-2009-0865
 	NOT-FOR-US: GeoVision
-CVE-2009-0864 (S-Cms 1.1 Stable allows remote attackers to bypass authentication and ...)
+CVE-2009-0864
 	NOT-FOR-US: S-Cms
-CVE-2009-0863 (SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 ...)
+CVE-2009-0863
 	NOT-FOR-US: S-Cms
-CVE-2009-0862 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2009-0862
 	NOT-FOR-US: TangoCMS
-CVE-2009-0861 (Cross-site scripting (XSS) vulnerability in phpDenora before 1.2.3 ...)
+CVE-2009-0861
 	NOT-FOR-US: phpDenora
-CVE-2009-0860 (Cross-site scripting (XSS) vulnerability in the web user interface in ...)
+CVE-2009-0860
 	NOT-FOR-US: NetMRI
-CVE-2009-0859 (The shm_get_stat function in ipc/shm.c in the shm subsystem in the ...)
+CVE-2009-0859
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	NOTE: All Debian kernels set CONFIG_SHMEM, so this is moot except
 	NOTE: for locally modified configs and even for that I fail to
 	NOTE: see why anyone would run a kernel w/o CONFIG_SHMEM?
-CVE-2009-0858 (The response_addname function in response.c in Daniel J. Bernstein ...)
+CVE-2009-0858
 	{DSA-1831-1}
 	- djbdns 1:1.05-5 (low; bug #518169; bug #517631)
-CVE-2009-0857 (Cross-site scripting (XSS) vulnerability in /prm/reports in the ...)
+CVE-2009-0857
 	NOT-FOR-US: SunMC
-CVE-2009-0856 (Multiple cross-site scripting (XSS) vulnerabilities in sample ...)
+CVE-2009-0856
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0855 (Cross-site scripting (XSS) vulnerability in the administrative console ...)
+CVE-2009-0855
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0853 (login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows ...)
+CVE-2009-0853
 	NOT-FOR-US: CelerBB
-CVE-2009-0852 (showme.php in CelerBB 0.0.2 allows remote attackers to obtain ...)
+CVE-2009-0852
 	NOT-FOR-US: CelerBB
-CVE-2009-0851 (Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when ...)
+CVE-2009-0851
 	NOT-FOR-US: CelerBB
-CVE-2009-0850 (Cross-site scripting (XSS) vulnerability in BitDefender Internet ...)
+CVE-2009-0850
 	NOT-FOR-US: BitDefender
-CVE-2009-0849 (Stack-based buffer overflow in the DtbClsLogin function in NovaStor ...)
+CVE-2009-0849
 	NOT-FOR-US: NovaNET
-CVE-2009-0848 (Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 ...)
+CVE-2009-0848
 	- gtk+2.0 <not-affected> (suse specific patch)
-CVE-2009-0847 (The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka ...)
+CVE-2009-0847
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
 	[etch] - krb5 <not-affected> (Affected code present, but not exploitable before 1.6.3)
-CVE-2009-0846 (The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c ...)
+CVE-2009-0846
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
-CVE-2009-0845 (The spnego_gss_accept_sec_context function in ...)
+CVE-2009-0845
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
 	[etch] - krb5 <not-affected> (Vulnerable code was introduced in 1.5)
-CVE-2009-0844 (The get_input_token function in the SPNEGO implementation in MIT ...)
+CVE-2009-0844
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
 	[etch] - krb5 <not-affected> (Vulnerable code was introduced in 1.5)
-CVE-2009-0843 (The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and ...)
+CVE-2009-0843
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (bug #523027)
 	NOTE: this can only probe for files that are not present, useless when not
 	NOTE: in combination with another attack
-CVE-2009-0842 (mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows ...)
+CVE-2009-0842
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (low; bug #523027)
-CVE-2009-0841 (Directory traversal vulnerability in mapserv.c in mapserv in MapServer ...)
+CVE-2009-0841
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (bug #523027)
 	NOTE: this doesn't work under linux as the root from the directory traversal needs to exist
-CVE-2009-0840 (Heap-based buffer underflow in the readPostBody function in cgiutil.c ...)
+CVE-2009-0840
 	{DSA-1914-1}
 	- mapserver 5.4.2-1 (medium; bug #523027)
 	NOTE: Initial fix was incomplete
-CVE-2009-0839 (Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x ...)
+CVE-2009-0839
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (medium; bug #523027)
-CVE-2009-0838 (The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris ...)
+CVE-2009-0838
 	NOT-FOR-US: Solaris
-CVE-2009-0837 (Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, ...)
+CVE-2009-0837
 	NOT-FOR-US: Foxit Reader
-CVE-2009-0836 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, ...)
+CVE-2009-0836
 	NOT-FOR-US: Foxit Reader
-CVE-2009-0854 (Untrusted search path vulnerability in dash 0.5.4, when used as a ...)
+CVE-2009-0854
 	- dash <not-affected> (Debian uses upstream's patch to implement -l)
-CVE-2009-0835 (The __secure_computing function in kernel/seccomp.c in the seccomp ...)
+CVE-2009-0835
 	{DSA-1800-1}
 	- linux-2.6 2.6.30-1 (low)
 	[etch] - linux-2.6 <not-affected> (Not enabled in 2.6.18)
 	- linux-2.6.24 <removed>
 	[etch] - linux-2.6.24 <no-dsa> (unimportant)
 	NOTE: CONFIG_SECCOMP has only been enabled in 2.6.26
-CVE-2009-0834 (The audit_syscall_entry function in the Linux kernel 2.6.28.7 and ...)
+CVE-2009-0834
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-0833 (Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 ...)
+CVE-2009-0833
 	NOT-FOR-US: Winamp
-CVE-2009-0832 (SQL injection vulnerability in items.php in the E-Cart module 1.3 for ...)
+CVE-2009-0832
 	NOT-FOR-US: PHP-Fusion
-CVE-2009-0831 (SQL injection vulnerability in members.php in the Members CV (job) ...)
+CVE-2009-0831
 	NOT-FOR-US: PHP-Fusion
-CVE-2009-0830 (Cross-site scripting (XSS) vulnerability in QuoteBook allows remote ...)
+CVE-2009-0830
 	NOT-FOR-US: QuoteBook
-CVE-2009-0829 (Multiple SQL injection vulnerabilities in QuoteBook allow remote ...)
+CVE-2009-0829
 	NOT-FOR-US: QuoteBook
-CVE-2009-0828 (QuoteBook stores quotes.inc under the web root with insufficient ...)
+CVE-2009-0828
 	NOT-FOR-US: QuoteBook
-CVE-2009-0827 (PollHelper stores poll.inc under the web root with insufficient access ...)
+CVE-2009-0827
 	NOT-FOR-US: PollHelper
-CVE-2009-0826 (BlogHelper stores common_db.inc under the web root with insufficient ...)
+CVE-2009-0826
 	NOT-FOR-US: BlogHelper
-CVE-2009-0825 (SQL injection vulnerability in system/rss.php in TinX/cms 3.x before ...)
+CVE-2009-0825
 	NOT-FOR-US: TinX/cms
-CVE-2009-0824 (Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in ...)
+CVE-2009-0824
 	NOT-FOR-US: Elaborate Bytes ElbyCDIO.sys
 CVE-2009-0823
 	RESERVED
 CVE-2009-0822
 	RESERVED
-CVE-2009-0821 (Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause ...)
+CVE-2009-0821
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser DoS not treated as security issues
-CVE-2009-0820 (Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 ...)
+CVE-2009-0820
 	NOT-FOR-US: phpScheduleIt
-CVE-2009-0819 (sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 ...)
+CVE-2009-0819
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code introduced in 5.1.5)
 	- mysql-5.1 5.1.32-1
-CVE-2009-0818 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2009-0818
 	NOT-FOR-US: Taxonomy Theme module for Drupal
-CVE-2009-0817 (Cross-site scripting (XSS) vulnerability in the Protected Node module ...)
+CVE-2009-0817
 	NOT-FOR-US: Protected Node module for Drupal
-CVE-2009-0816 (Multiple cross-site scripting (XSS) vulnerabilities in the backend ...)
+CVE-2009-0816
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (low; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8
-CVE-2009-0815 (The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through ...)
+CVE-2009-0815
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (medium; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8
-CVE-2009-0814 (Cross-site scripting (XSS) vulnerability in Widgets.aspx in Blogsa 1.0 ...)
+CVE-2009-0814
 	NOT-FOR-US: Blogsa
-CVE-2009-0813 (Insecure method vulnerability in the ImeraIEPlugin ActiveX control ...)
+CVE-2009-0813
 	NOT-FOR-US: ActiveX
-CVE-2009-0812 (Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, ...)
+CVE-2009-0812
 	NOT-FOR-US: BreakPoint Software Hex Workshop
-CVE-2009-0811 (Insecure method vulnerability in the SopCast SopCore ActiveX control ...)
+CVE-2009-0811
 	NOT-FOR-US: ActiveX
-CVE-2009-0810 (SQL injection vulnerability in login.php in xGuestbook 2.0 allows ...)
+CVE-2009-0810
 	NOT-FOR-US: xGuestbook
-CVE-2009-0809 (The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release ...)
+CVE-2009-0809
 	NOT-FOR-US: Dassault Systemes ENOVIA SmarTeam
-CVE-2009-0808 (Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 ...)
+CVE-2009-0808
 	NOT-FOR-US: SimpleCMMS
-CVE-2009-0807 (zFeeder 1.6 allows remote attackers to gain administrative access via ...)
+CVE-2009-0807
 	NOT-FOR-US: zFeeder
-CVE-2009-0806 (Unspecified vulnerability in OpenGoo before 1.2.1 allows remote ...)
+CVE-2009-0806
 	NOT-FOR-US: OpenGoo
-CVE-2009-0805 (Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a ...)
+CVE-2009-0805
 	NOT-FOR-US: piCal
-CVE-2009-0804 (Ziproxy 2.6.0, when transparent interception mode is enabled, uses the ...)
+CVE-2009-0804
 	- ziproxy 2.7.2-1 (low; bug #521051)
 	[lenny] - ziproxy <no-dsa> (Minor issue)
-CVE-2009-0803 (SmoothWall SmoothGuardian, as used in SmoothWall Firewall, ...)
+CVE-2009-0803
 	NOT-FOR-US: SmoothWall
-CVE-2009-0802 (Qbik WinGate, when transparent interception mode is enabled, uses the ...)
+CVE-2009-0802
 	NOT-FOR-US: Qbik WinGate
-CVE-2009-0801 (Squid, when transparent interception mode is enabled, uses the HTTP ...)
+CVE-2009-0801
 	- squid <unfixed> (unimportant; bug #521053)
 	- squid3 3.3.3-1 (unimportant; bug #521052)
 	NOTE: This only affects HTTP connections and only in transparent mode
 	NOTE: Also, same origin validations in the browsers still apply and keep this mostly harmless
 	NOTE: http://marc.info/?l=squid-dev&m=123542836103750&w=4
-CVE-2009-0800 (Multiple &quot;input validation flaws&quot; in the JBIG2 decoder in Xpdf 3.02pl2 ...)
+CVE-2009-0800
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -11562,7 +11562,7 @@ CVE-2009-0800 (Multiple &quot;input validation flaws&quot; in the JBIG2 decoder
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0  (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
+CVE-2009-0799
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -11570,46 +11570,46 @@ CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and ear
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0798 (ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to ...)
+CVE-2009-0798
 	{DSA-1786-1}
 	- acpid 1.0.10-1 (medium)
 CVE-2009-0797
 	REJECTED
-CVE-2009-0796 (Cross-site scripting (XSS) vulnerability in Status.pm in ...)
+CVE-2009-0796
 	- libapache2-mod-perl2 2.0.4-6 (low; bug #567635)
 	[lenny] - libapache2-mod-perl2 2.0.4-5+lenny1
 	- apache <removed>
 	[etch] - apache <no-dsa> (minor issue)
 CVE-2009-0795
 	REJECTED
-CVE-2009-0794 (Integer overflow in the PulseAudioTargetDataL class in ...)
+CVE-2009-0794
 	- openjdk-6 6b16-1
 	[lenny] - openjdk-6 <not-affected> (no PulseAudio support included)
-CVE-2009-0793 (cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK ...)
+CVE-2009-0793
 	{DSA-1769-1}
 	- openjdk-6 6b16-1
 	- lcms 1.18.dfsg-1.1 (low; bug #530785)
 	[lenny] - lcms <no-dsa> (Minor issue)
 	[etch] - lcms <no-dsa> (Minor issue)
-CVE-2009-0792 (Multiple integer overflows in icc.c in the International Color ...)
+CVE-2009-0792
 	{DSA-2080-1 DTSA-198-1}
 	- argyll 1.0.3-3 (medium; bug #523472; bug #524802)
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #524915)
 	- gs-gpl <removed> (medium; bug #561717)
-CVE-2009-0791 (Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as ...)
+CVE-2009-0791
 	- cupsys <removed> (medium; bug #535488)
 	- cups 1.3.10-1 (medium; bug #535489)
 	[etch] - cupsys <not-affected> (pdftops source included, but not built)
 	[lenny] - cups <not-affected> (pdftops source included, but not built)
-CVE-2009-0790 (The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before ...)
+CVE-2009-0790
 	{DSA-1760-1 DSA-1759-1}
 	- openswan 1:2.6.21+dfsg-1 (medium; bug #521949)
 	- strongswan 4.2.14-1 (medium; bug #521950)
-CVE-2009-0789 (OpenSSL before 0.9.8k on WIN64 and certain other platforms does not ...)
+CVE-2009-0789
 	- openssl <not-affected> (only non-Debian architectures affected)
-CVE-2009-0788 (Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly ...)
+CVE-2009-0788
 	NOT-FOR-US: Red Hat Network Satellite Server
-CVE-2009-0787 (The ecryptfs_write_metadata_to_contents function in the eCryptfs ...)
+CVE-2009-0787
 	- linux-2.6 2.6.29-1 (medium; bug #529326)
 	[etch] - linux-2.6 <not-affected> (ecryptfs was merged in 2.6.19)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
@@ -11618,11 +11618,11 @@ CVE-2009-0786
 	REJECTED
 CVE-2009-0785
 	RESERVED
-CVE-2009-0784 (Race condition in the SystemTap stap tool 0.0.20080705 and ...)
+CVE-2009-0784
 	{DSA-1755-1}
 	- systemtap 0.0.20090314-2
 	[etch] - systemtap <not-affected> (vulnerable code not present)
-CVE-2009-0783 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
+CVE-2009-0783
 	{DSA-2207-1}
 	- tomcat5.5 <removed> (low; bug #532366)
 	- tomcat6 6.0.20-1 (low; bug #532362)
@@ -11630,24 +11630,24 @@ CVE-2009-0783 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0
 	- tomcat5 <removed> (low; bug #532363)
 CVE-2009-0782
 	REJECTED
-CVE-2009-0781 (Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the ...)
+CVE-2009-0781
 	{DSA-2207-1}
 	- tomcat5.5 <removed> (unimportant; bug #532366)
 	- tomcat6 6.0.20-1 (unimportant; bug #532362)
 	- tomcat5 <removed> (unimportant; bug #532363)
 	NOTE: Just examples on how to use Tomcat, not for production
-CVE-2009-0780 (The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and ...)
+CVE-2009-0780
 	NOT-FOR-US: openbsd
-CVE-2009-0779 (Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users ...)
+CVE-2009-0779
 	NOT-FOR-US: IBM AIX
-CVE-2009-0778 (The icmp_send function in net/ipv4/icmp.c in the Linux kernel before ...)
+CVE-2009-0778
 	- linux-2.6 <not-affected> (Issue was introduced after 2.6.24 release and fixed before release of 2.6.25)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24 release and fixed before release of 2.6.25)
-CVE-2009-0777 (Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and ...)
+CVE-2009-0777
 	- iceweasel 3.0.7-1 (low; bug #576466)
 	[lenny] - iceweasel <no-dsa> (minor issue)
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0776 (nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before ...)
+CVE-2009-0776
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -11657,11 +11657,11 @@ CVE-2009-0776 (nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-3
-CVE-2009-0775 (Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird ...)
+CVE-2009-0775
 	{DSA-1751-1}
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <not-affected> (Vulnerable code not present)
-CVE-2009-0774 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird ...)
+CVE-2009-0774
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -11670,13 +11670,13 @@ CVE-2009-0774 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunde
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0773 (The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird ...)
+CVE-2009-0773
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <not-affected> (Vulnerable code not present)
-CVE-2009-0772 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird ...)
+CVE-2009-0772
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -11685,220 +11685,220 @@ CVE-2009-0772 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunde
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0771 (The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before ...)
+CVE-2009-0771
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <not-affected> (Vulnerable code not present)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-0769 (QIP 2005 build 8082 allows remote attackers to cause a denial of ...)
+CVE-2009-0769
 	NOT-FOR-US: QIP
-CVE-2009-0768 (SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier ...)
+CVE-2009-0768
 	NOT-FOR-US: YapBB
-CVE-2009-0767 (Kipper 2.01 stores sensitive information under the web root with ...)
+CVE-2009-0767
 	NOT-FOR-US: Kipper
-CVE-2009-0766 (Directory traversal vulnerability in default.php in Kipper 2.01 allows ...)
+CVE-2009-0766
 	NOT-FOR-US: Kipper
-CVE-2009-0765 (Directory traversal vulnerability in index.php in Kipper 2.01 allows ...)
+CVE-2009-0765
 	NOT-FOR-US: Kipper
-CVE-2009-0764 (Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 ...)
+CVE-2009-0764
 	NOT-FOR-US: Kipper
-CVE-2009-0763 (Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 ...)
+CVE-2009-0763
 	NOT-FOR-US: Kipper
-CVE-2009-0762 (Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment ...)
+CVE-2009-0762
 	NOT-FOR-US: ScriptsEz Ez PHP Comment
-CVE-2009-0761 (Cross-site scripting (XSS) vulnerability in online.asp in Team Board ...)
+CVE-2009-0761
 	NOT-FOR-US: Team Board
-CVE-2009-0760 (Team Board 1.x and 2.x stores sensitive information under the web root ...)
+CVE-2009-0760
 	NOT-FOR-US: Team Board
-CVE-2009-0759 (Multiple CRLF injection vulnerabilities in webadmin in ZNC before ...)
+CVE-2009-0759
 	{DSA-1735-1}
 	- znc 0.066-1 (bug #516950)
-CVE-2009-0758 (The originates_from_local_legacy_unicast_socket function in ...)
+CVE-2009-0758
 	{DSA-2086-1}
 	- avahi 0.6.24-3 (low; bug #517683)
 	[etch] - avahi <no-dsa> (Minor issue)
 	NOTE: reflector is off by default
-CVE-2009-0757 (Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent ...)
+CVE-2009-0757
 	- mpfr 2.4.0-5 (low; bug #527475)
 	[lenny] - mpfr <not-affected> (Vulnerable code not yet present)
 	[etch] - mpfr <not-affected> (Vulnerable code not yet present)
-CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 ...)
+CVE-2009-0756
 	- poppler 0.10.6-1 (low; bug #518478)
 	[lenny] - poppler 0.8.7-2
 	[etch] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
 	NOTE: poppler in lenny fixed in batch of CVEs pushed out in 5.0.2 release
-CVE-2009-0755 (The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 ...)
+CVE-2009-0755
 	{DSA-1941-1}
 	- poppler 0.10.6-1 (low; bug #518478)
 	[lenny] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
 	[etch] - poppler <not-affected> (vulnerable code not present; forms introduced after 0.4.5)
-CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows ...)
+CVE-2009-0754
 	{DSA-1789-1}
 	- php4 <removed> (low)
 	- php5 5.2.9.dfsg.1-2 (low; bug #523049)
-CVE-2009-0752 (Unspecified vulnerability in Movable Type Pro and Community Solution ...)
+CVE-2009-0752
 	- movabletype-opensource <not-affected> (bug #518469)
 	NOTE: http://www.sixapart.com/pipermail/mtos-dev/2009-March/002677.html
-CVE-2009-0751 (Yaws before 1.80 allows remote attackers to cause a denial of service ...)
+CVE-2009-0751
 	{DSA-1740-1}
 	- yaws 1.80-1
-CVE-2009-0750 (SQL injection vulnerability in login.php in the smNews example script ...)
+CVE-2009-0750
 	NOT-FOR-US: txtSQL
-CVE-2009-0748 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel ...)
+CVE-2009-0748
 	{DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0747 (The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 ...)
+CVE-2009-0747
 	{DSA-1749-1}
 	- linux-2.6 2.6.28-2 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0746 (The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel ...)
+CVE-2009-0746
 	{DSA-1749-1}
 	- linux-2.6 2.6.28-1 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0745 (The ext4_group_add function in fs/ext4/resize.c in the Linux kernel ...)
+CVE-2009-0745
 	{DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0744 (Apple Safari 4 Beta build 528.16 allows remote attackers to cause a ...)
+CVE-2009-0744
 	NOT-FOR-US: Apple Safari
-CVE-2009-0743 (Cross-site scripting (XSS) vulnerability in the edit account page in ...)
+CVE-2009-0743
 	NOT-FOR-US: Cisco Unified MeetingPlace Web Conferencing
-CVE-2009-0742 (The username command in Cisco ACE Application Control Engine Module ...)
+CVE-2009-0742
 	NOT-FOR-US: Cisco
-CVE-2009-0770 (dkim-milter 2.6.0 through 2.8.0 allows remote attackers to cause a ...)
+CVE-2009-0770
 	{DSA-1728-1}
 	- dkim-milter 2.6.0.dfsg-2 (low)
 	[lenny] - dkim-milter 2.6.0.dfsg-1+lenny1
 	NOTE: http://sourceforge.net/tracker/index.php?func=detail&aid=2508602&group_id=139420&atid=744358
-CVE-2009-0749 (Use-after-free vulnerability in the GIFReadNextExtension function in ...)
+CVE-2009-0749
 	- optipng 0.6.2.1-1 (low)
 	[etch] - optipng 0.5.5-2
 	[lenny] - optipng 0.6.1.1-2
-CVE-2009-0741 (SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home ...)
+CVE-2009-0741
 	NOT-FOR-US: Craft Silicon Banking@Home
-CVE-2009-0740 (SQL injection vulnerability in login.php in BlueBird Prelease allows ...)
+CVE-2009-0740
 	NOT-FOR-US: BlueBird Prelease
-CVE-2009-0739 (SQL injection vulnerability in login.php in MyNews 0.10 allows remote ...)
+CVE-2009-0739
 	NOT-FOR-US: MyNews
-CVE-2009-0738 (SQL injection vulnerability in login.php in Auth Php 1.0 allows remote ...)
+CVE-2009-0738
 	NOT-FOR-US: Auth Php
-CVE-2009-0736 (Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows ...)
+CVE-2009-0736
 	NOT-FOR-US: Pebble
-CVE-2009-0735 (Directory traversal vulnerability in lib/classes/message_class.php in ...)
+CVE-2009-0735
 	NOT-FOR-US: Papoo CMS
-CVE-2009-0734 (Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia ...)
+CVE-2009-0734
 	NOT-FOR-US: MultimediaPlayer.exe
-CVE-2009-0733 (Multiple stack-based buffer overflows in the ReadSetOfCurves function ...)
+CVE-2009-0733
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
 	- openjdk-6 6b18-1.8.13-0+squeeze2
 	NOTE: Marking the current oldstable version as fixed, but likely fixed way earlier
-CVE-2009-0732 (Downloadcenter 2.1 stores common.h under the web root with ...)
+CVE-2009-0732
 	NOT-FOR-US: Downloadcenter
-CVE-2009-0731 (Directory traversal vulnerability in pages/play.php in Free Arcade ...)
+CVE-2009-0731
 	NOT-FOR-US: Free Arcade Script
-CVE-2009-0730 (Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) ...)
+CVE-2009-0730
 	NOT-FOR-US: GigCalendar
-CVE-2009-0729 (Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 ...)
+CVE-2009-0729
 	NOT-FOR-US: Page Engine CMS
-CVE-2009-0728 (SQL injection vulnerability in the My_eGallery module for MAXdev MDPro ...)
+CVE-2009-0728
 	NOT-FOR-US: MAXdev MDPro/Postnuke
-CVE-2009-0727 (SQL injection vulnerability in jobdetails.php in taifajobs 1.0 and ...)
+CVE-2009-0727
 	NOT-FOR-US: taifajobs
-CVE-2009-0726 (SQL injection vulnerability in the GigCalendar (com_gigcal) component ...)
+CVE-2009-0726
 	NOT-FOR-US: Joomla!
 CVE-2009-0725
 	RESERVED
 CVE-2009-0724
 	RESERVED
-CVE-2009-0723 (Multiple integer overflows in LittleCMS (aka lcms or liblcms) before ...)
+CVE-2009-0723
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
 	- openjdk-6 6b18-1.8.13-0+squeeze2
 	NOTE: Marking the current oldstable version as fixed, but likely fixed way earlier
-CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News 1.0.0 ...)
+CVE-2009-0722
 	NOT-FOR-US: Potato News
-CVE-2009-0721 (Unspecified vulnerability in Easy Login in the Sender module in HP ...)
+CVE-2009-0721
 	NOT-FOR-US: HP Remote Graphics
-CVE-2009-0720 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2009-0720
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-0719 (Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and ...)
+CVE-2009-0719
 	NOT-FOR-US: HP-UX
-CVE-2009-0718 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
+CVE-2009-0718
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2009-0717 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
+CVE-2009-0717
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2009-0716 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
+CVE-2009-0716
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2009-0715 (Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials ...)
+CVE-2009-0715
 	NOT-FOR-US: HP Storage Essentials
-CVE-2009-0714 (Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for ...)
+CVE-2009-0714
 	NOT-FOR-US: HP Data Protector Express
-CVE-2009-0713 (Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager ...)
+CVE-2009-0713
 	NOT-FOR-US: WMI Mapper
-CVE-2009-0712 (Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager ...)
+CVE-2009-0712
 	NOT-FOR-US: WMI Mapper
-CVE-2009-0711 (filter.php in PHPFootball 1.6 and earlier allows remote attackers to ...)
+CVE-2009-0711
 	NOT-FOR-US: PHPFootball
-CVE-2009-0710 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFootball 1.6 ...)
+CVE-2009-0710
 	NOT-FOR-US: PHPFootball
-CVE-2009-0709 (SQL injection vulnerability in login.php in PHPFootball 1.6 allows ...)
+CVE-2009-0709
 	NOT-FOR-US: PHPFootball
-CVE-2009-0708 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-0708
 	NOT-FOR-US: SemanticScuttle
-CVE-2009-0707 (SQL injection vulnerability in admin/index.php in PowerClan 1.14a ...)
+CVE-2009-0707
 	NOT-FOR-US: PowerClan
-CVE-2009-0706 (SQL injection vulnerability in the Simple Review (com_simple_review) ...)
+CVE-2009-0706
 	NOT-FOR-US: Joomla!
-CVE-2009-0705 (SQL injection vulnerability in news.php in PowerScripts PowerNews ...)
+CVE-2009-0705
 	NOT-FOR-US: PowerScripts PowerNews
-CVE-2009-0704 (SQL injection vulnerability in search.php in WSN Guest 1.23 allows ...)
+CVE-2009-0704
 	NOT-FOR-US: WSN Guest
-CVE-2009-0703 (SQL injection vulnerability in bview.asp in ASPThai.Net Webboard 6.0 ...)
+CVE-2009-0703
 	NOT-FOR-US: ASPThai.Net Webboard
-CVE-2009-0702 (SQL injection vulnerability in the Phoca Documentation ...)
+CVE-2009-0702
 	NOT-FOR-US: Joomla!
-CVE-2009-0701 (Multiple PHP remote file inclusion vulnerabilities in index.php in ...)
+CVE-2009-0701
 	NOT-FOR-US: Cybershade
-CVE-2009-0700 (Plunet BusinessManager 4.1 and earlier allows remote authenticated ...)
+CVE-2009-0700
 	NOT-FOR-US: Plunet BusinessManager
-CVE-2009-0699 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2009-0699
 	NOT-FOR-US: Plunet BusinessManager
-CVE-2009-0698 (Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib ...)
+CVE-2009-0698
 	- xine-lib 1.1.16.2-1 (bug #517792; bug #523475; medium)
 	- vlc <not-affected> (affected part of xine-lib code not present)
 CVE-2009-0697
 	RESERVED
-CVE-2009-0696 (The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 ...)
+CVE-2009-0696
 	{DSA-1847-1}
 	- bind9 1:9.6.1.dfsg.P1-1 (bug #538975; high)
 	NOTE: See also http://www.kb.cert.org/vuls/id/725188
-CVE-2009-0695 (hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require ...)
+CVE-2009-0695
 	NOT-FOR-US: Wyse Device Manager not in Debian
 CVE-2009-0694
 	RESERVED
-CVE-2009-0693 (Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow ...)
+CVE-2009-0693
 	NOT-FOR-US: Wyse Device Manager not in Debian
-CVE-2009-0692 (Stack-based buffer overflow in the script_write_params method in ...)
+CVE-2009-0692
 	{DSA-1833-2 DSA-1833-1}
 	- dhcp3 3.1.2p1-1 (medium)
 	NOTE: dhcp in etch is not affected.
-CVE-2009-0691 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit ...)
+CVE-2009-0691
 	NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
-CVE-2009-0690 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit ...)
+CVE-2009-0690
 	NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
-CVE-2009-0689 (Array index error in the (1) dtoa implementation in dtoa.c (aka ...)
+CVE-2009-0689
 	{DSA-1998-1 DSA-1931-1 DLA-1564-1 DLA-376-1}
 	- nspr 4.8-2
 	[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
@@ -11909,14 +11909,14 @@ CVE-2009-0689 (Array index error in the (1) dtoa implementation in dtoa.c (aka .
 	[wheezy] - mono <no-dsa> (Minor issue)
 	NOTE: http://www.mono-project.com/docs/about-mono/vulnerabilities/
 	NOTE: https://gist.github.com/directhex/01e853567fd2cc74ed39
-CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 ...)
+CVE-2009-0688
 	{DSA-1807-1 DTSA-200-1 DTSA-201-1}
 	- cyrus-sasl2 2.1.23.dfsg1-1 (bug #528749)
 	- cyrus-sasl2-heimdal 2.1.23.dfsg1-1
 	NOTE: VU#238019
-CVE-2009-0687 (The pf_test_rule function in OpenBSD Packet Filter (PF), as used in ...)
+CVE-2009-0687
 	NOT-FOR-US: OpenBSD Packet Filter
-CVE-2009-0686 (The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in ...)
+CVE-2009-0686
 	NOT-FOR-US: Trend Micro Internet Pro
 CVE-2009-0685
 	RESERVED
@@ -11924,19 +11924,19 @@ CVE-2009-0684
 	RESERVED
 CVE-2009-0683
 	RESERVED
-CVE-2009-0682 (vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before ...)
+CVE-2009-0682
 	NOT-FOR-US: CA Internet Security Suite
-CVE-2009-0681 (PGP Desktop before 9.10 allows local users to (1) cause a denial of ...)
+CVE-2009-0681
 	NOT-FOR-US: PGP Desktop
-CVE-2009-0680 (cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows ...)
+CVE-2009-0680
 	NOT-FOR-US: Netgear
-CVE-2009-0679 (Cross-site scripting (XSS) vulnerability in the Your Account module in ...)
+CVE-2009-0679
 	NOT-FOR-US: RavenNuke
-CVE-2009-0678 (images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain ...)
+CVE-2009-0678
 	NOT-FOR-US: RavenNuke
-CVE-2009-0677 (avatarlist.php in the Your Account module, reached through ...)
+CVE-2009-0677
 	NOT-FOR-US: RavenNuke
-CVE-2009-0676 (The sock_getsockopt function in net/core/sock.c in the Linux kernel ...)
+CVE-2009-0676
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <unfixed> (low)
@@ -11944,82 +11944,82 @@ CVE-2009-0676 (The sock_getsockopt function in net/core/sock.c in the Linux kern
 	NOTE: <http://marc.info/?l=linux-kernel&m=123540732700371&w=2>
 	NOTE: Reproducer in <https://bugzilla.redhat.com/show_bug.cgi?id=486305>
 	NOTE: lacks initialzer for len. Leak confirmed with fixed reproducer.
-CVE-2009-0675 (The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux ...)
+CVE-2009-0675
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-0674 (images/captcha.php in Raven Web Services RavenNuke 2.30, when ...)
+CVE-2009-0674
 	NOT-FOR-US: RavenNuke
-CVE-2009-0673 (Eval injection vulnerability in the Custom Fields feature in the Your ...)
+CVE-2009-0673
 	NOT-FOR-US: RavenNuke
-CVE-2009-0672 (SQL injection vulnerability in the Resend_Email module in Raven Web ...)
+CVE-2009-0672
 	NOT-FOR-US: RavenNuke
 CVE-2009-0671
 	REJECTED
 CVE-2009-0670
 	RESERVED
-CVE-2009-0669 (Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise ...)
+CVE-2009-0669
 	{DSA-2234-1 DSA-1863-1}
 	- zope3 <removed> (bug #540462)
 	- zope2.11 2.11.4-1 (bug #540463)
 	- zope2.10 2.10.9-1 (bug #540464)
 	- zope2.9 <removed>
 	- zodb 1:3.8.2-1 (bug #540465)
-CVE-2009-0668 (Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, ...)
+CVE-2009-0668
 	{DSA-2234-1 DSA-1863-1}
 	- zope3 <removed> (medium; bug #540462)
 	- zope2.11 2.11.4-1 (medium; bug #540463)
 	- zope2.10 2.10.9-1 (medium; bug #540464)
 	- zope2.9 <removed>
 	- zodb 1:3.8.2-1 (medium; bug #540465)
-CVE-2009-0667 (Untrusted search path vulnerability in Agent/Backend.pm in ...)
+CVE-2009-0667
 	{DSA-1828-1}
 	- ocsinventory-agent 1:0.0.9.2repack1-5 (medium; bug #506416)
 CVE-2009-0666
 	RESERVED
 CVE-2009-0665
 	RESERVED
-CVE-2009-0664 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x ...)
+CVE-2009-0664
 	{DSA-1778-1}
 	- mahara 1.1.3-1 (low)
-CVE-2009-0663 (Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or ...)
+CVE-2009-0663
 	{DSA-1780-1}
 	- libdbd-pg-perl 2.1.3-1
-CVE-2009-0662 (The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product ...)
+CVE-2009-0662
 	- plone3 <removed> (medium; bug #525943)
-CVE-2009-0661 (Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote ...)
+CVE-2009-0661
 	{DSA-1744-1}
 	- weechat 0.2.6.1-1 (medium; bug #519940)
 	[etch] - weechat <not-affected> (vulnerable code not present)
-CVE-2009-0660 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 ...)
+CVE-2009-0660
 	{DSA-1736-1}
 	- mahara 1.1.2-1 (low)
-CVE-2009-0659 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...)
+CVE-2009-0659
 	NOT-FOR-US: TPTEST
-CVE-2009-0658 (Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and ...)
+CVE-2009-0658
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0657 (Toshiba Face Recognition 2.0.2.32 allows physically proximate ...)
+CVE-2009-0657
 	NOT-FOR-US: Toshiba Face Recognition
-CVE-2009-0656 (Asus SmartLogon 1.0.0005 allows physically proximate attackers to ...)
+CVE-2009-0656
 	NOT-FOR-US: Asus SmartLogon
-CVE-2009-0655 (Lenovo Veriface III allows physically proximate attackers to login to ...)
+CVE-2009-0655
 	NOT-FOR-US: Lenovo Veriface
-CVE-2009-0654 (Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote ...)
+CVE-2009-0654
 	- tor <unfixed> (unimportant)
 	NOTE: attacker already controls entry and exit node at this stage
-CVE-2009-0653 (OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an ...)
+CVE-2009-0653
 	- openssl 0.9.8-1 (bug #517791)
-CVE-2009-0652 (The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox ...)
+CVE-2009-0652
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0651 (Unspecified vulnerability in the Veritas network daemon (aka vnetd) in ...)
+CVE-2009-0651
 	NOT-FOR-US: Veritas network daemon
-CVE-2009-0650 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...)
+CVE-2009-0650
 	NOT-FOR-US: TPTEST
-CVE-2009-0649 (The web browser in Symbian OS on the Nokia N95 cell phone allows ...)
+CVE-2009-0649
 	NOT-FOR-US: Symbian OS
 CVE-2009-XXXX [thunar: potential exploits via  application launchers]
 	- thunar <unfixed> (bug #517020; unimportant)
@@ -12033,302 +12033,302 @@ CVE-2009-XXXX [sysvinit: no-root option in expert installer exposes locally expl
 	NOTE:   possible without impacting authorized users. otherwise, why spend so much effort
 	NOTE:   to make sure xscreensaver, gdm, and login are rock solid?
 	NOTE: - i would like to track as low, rather than unimportant
-CVE-2009-0753 (Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 ...)
+CVE-2009-0753
 	{DSA-1739-1}
 	- mldonkey 3.0.0-1 (bug #516829; medium)
 	[etch] - mldonkey <not-affected> (vulnerable code not present)
 	NOTE: daemon is run as non-root and can only be exploited via localhost
-CVE-2009-0648 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2009-0648
 	NOT-FOR-US: Falt4 CMS
-CVE-2009-0647 (msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, ...)
+CVE-2009-0647
 	NOT-FOR-US: Windows Live Messenger
-CVE-2009-0646 (Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier ...)
+CVE-2009-0646
 	NOT-FOR-US: 4Site CMS
-CVE-2009-0645 (Directory traversal vulnerability in index.php in Jaws 0.8.8 allows ...)
+CVE-2009-0645
 	NOT-FOR-US: Jaws
-CVE-2009-0644 (The HTTP interface in Swann DVR4-SecuraNet has a certain default ...)
+CVE-2009-0644
 	NOT-FOR-US: Swann DVR4-SecuraNet
-CVE-2009-0643 (Static code injection vulnerability in post.php in Simple PHP News 1.0 ...)
+CVE-2009-0643
 	NOT-FOR-US: Simple PHP News
-CVE-2009-0642 (ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check ...)
+CVE-2009-0642
 	{DSA-1860-1}
 	- ruby1.9 1.9.0.5-1 (bug #513528)
 	- ruby1.8 1.8.7.72-3.1 (medium; bug #517639; bug #522939)
-CVE-2009-0641 (sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions ...)
+CVE-2009-0641
 	NOT-FOR-US: FreeBSD telnetd (apparently there's some common code base in netkit-telnet, but it's not affected
-CVE-2009-0640 (Directory traversal vulnerability in the administrative web server in ...)
+CVE-2009-0640
 	NOT-FOR-US: Swann DVR4-SecuraNet
-CVE-2009-0639 (PHP remote file inclusion vulnerability in moduli/libri/index.php in ...)
+CVE-2009-0639
 	NOT-FOR-US: phpyabs
-CVE-2009-0638 (The Cisco Firewall Services Module (FWSM) 2.x, 3.1 before 3.1(16), 3.2 ...)
+CVE-2009-0638
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2009-0637 (The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI ...)
+CVE-2009-0637
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0636 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP ...)
+CVE-2009-0636
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0635 (Memory leak in the Cisco Tunneling Control Protocol (cTCP) ...)
+CVE-2009-0635
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0634 (Multiple unspecified vulnerabilities in the home agent (HA) ...)
+CVE-2009-0634
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0633 (Multiple unspecified vulnerabilities in the (1) Mobile IP NAT ...)
+CVE-2009-0633
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0632 (The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco ...)
+CVE-2009-0632
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2009-0631 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when ...)
+CVE-2009-0631
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0630 (The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway ...)
+CVE-2009-0630
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0629 (The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka ...)
+CVE-2009-0629
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0628 (Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 ...)
+CVE-2009-0628
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0627 (Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when ...)
+CVE-2009-0627
 	NOT-FOR-US: Cisco NX-OS
-CVE-2009-0626 (The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote ...)
+CVE-2009-0626
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0625 (Unspecified vulnerability in Cisco ACE Application Control Engine ...)
+CVE-2009-0625
 	NOT-FOR-US: Cisco
-CVE-2009-0624 (Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE ...)
+CVE-2009-0624
 	NOT-FOR-US: Cisco
-CVE-2009-0623 (Unspecified vulnerability in Cisco ACE Application Control Engine ...)
+CVE-2009-0623
 	NOT-FOR-US: Cisco
-CVE-2009-0622 (Unspecified vulnerability in Cisco ACE Application Control Engine ...)
+CVE-2009-0622
 	NOT-FOR-US: Cisco
-CVE-2009-0621 (Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses ...)
+CVE-2009-0621
 	NOT-FOR-US: Cisco
-CVE-2009-0620 (Cisco ACE Application Control Engine Module for Catalyst 6500 Switches ...)
+CVE-2009-0620
 	NOT-FOR-US: Cisco
-CVE-2009-0619 (Unspecified vulnerability in the Session Border Controller (SBC) ...)
+CVE-2009-0619
 	NOT-FOR-US: Cisco
-CVE-2009-0618 (Unspecified vulnerability in the Java agent in Cisco Application ...)
+CVE-2009-0618
 	NOT-FOR-US: Cisco
-CVE-2009-0617 (Cisco Application Networking Manager (ANM) before 2.0 uses a default ...)
+CVE-2009-0617
 	NOT-FOR-US: Cisco
-CVE-2009-0616 (Cisco Application Networking Manager (ANM) before 2.0 uses default ...)
+CVE-2009-0616
 	NOT-FOR-US: Cisco
-CVE-2009-0615 (Directory traversal vulnerability in Cisco Application Networking ...)
+CVE-2009-0615
 	NOT-FOR-US: Cisco
-CVE-2009-0614 (Unspecified vulnerability in the Web Server in Cisco Unified ...)
+CVE-2009-0614
 	NOT-FOR-US: Cisco
-CVE-2009-0613 (Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 ...)
+CVE-2009-0613
 	NOT-FOR-US: Trend Micro
-CVE-2009-0612 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 3.x and ...)
+CVE-2009-0612
 	NOT-FOR-US: Trend Micro
-CVE-2009-0611 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-0611
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2009-0610 (Multiple static code injection vulnerabilities in post.php in Simple ...)
+CVE-2009-0610
 	NOT-FOR-US: Simple PHP News
-CVE-2009-0609 (Sun Java System Directory Proxy Server in Sun Java System Directory ...)
+CVE-2009-0609
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-0608 (Integer overflow in the showLog function in fake_log_device.c in ...)
+CVE-2009-0608
 	NOT-FOR-US: Android
-CVE-2009-0607 (Multiple integer overflows in malloc_leak.c in Bionic in Open Handset ...)
+CVE-2009-0607
 	NOT-FOR-US: Android
-CVE-2009-0606 (The link_image function in linker/linker.c in the dynamic linker in ...)
+CVE-2009-0606
 	NOT-FOR-US: Android
-CVE-2009-0605 (Stack consumption vulnerability in the do_page_fault function in ...)
+CVE-2009-0605
 	- linux-2.6 <not-affected> (CONFIG_KPROBES is not enabled)
 	- linux-2.6.24 <not-affected> (CONFIG_KPROBES is not enabled)
-CVE-2009-0604 (SQL injection vulnerability in index.php in PHP Director 0.21 and ...)
+CVE-2009-0604
 	NOT-FOR-US: PHP Director
-CVE-2009-0603 (Cross-site scripting (XSS) vulnerability in index.php in the Link ...)
+CVE-2009-0603
 	NOT-FOR-US: Link drupal module
-CVE-2009-0602 (Unrestricted file upload vulnerability in upload.php in WikkiTikkiTavi ...)
+CVE-2009-0602
 	NOT-FOR-US: WikkiTikkiTavi
-CVE-2009-0601 (Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on ...)
+CVE-2009-0601
 	- wireshark 1.0.6-1
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.8)
 	[lenny] - wireshark 1.0.2-3+lenny4
-CVE-2009-0600 (Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers ...)
+CVE-2009-0600
 	- wireshark 1.0.6-1
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.6)
 	[lenny] - wireshark 1.0.2-3+lenny4
-CVE-2009-0599 (Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through ...)
+CVE-2009-0599
 	- wireshark 1.0.6-1
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny4
-CVE-2009-0598 (SQL injection vulnerability in index.php in PhpMesFilms 1.0 and 1.8 ...)
+CVE-2009-0598
 	NOT-FOR-US: PhpMesFilms
-CVE-2009-0597 (SQL injection vulnerability in admin/index.php in w3b&gt;cms (aka ...)
+CVE-2009-0597
 	NOT-FOR-US: w3b>cms
-CVE-2009-0596 (Directory traversal vulnerability in skysilver/login.tpl.php in ...)
+CVE-2009-0596
 	NOT-FOR-US: phpSkelSite
-CVE-2009-0595 (PHP remote file inclusion vulnerability in skysilver/login.tpl.php in ...)
+CVE-2009-0595
 	NOT-FOR-US: phpSkelSite
-CVE-2009-0594 (Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite ...)
+CVE-2009-0594
 	NOT-FOR-US: phpSkelSite
-CVE-2009-0593 (SQL injection vulnerability in members.php in plx Auto Reminder 3.7 ...)
+CVE-2009-0593
 	NOT-FOR-US: plx Auto Reminder
-CVE-2009-0592 (Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and ...)
+CVE-2009-0592
 	NOT-FOR-US: PNphpBB2
-CVE-2009-0591 (The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is ...)
+CVE-2009-0591
 	- openssl <not-affected> (vulnerable versions not uploaded to Debian)
-CVE-2009-0590 (The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows ...)
+CVE-2009-0590
 	{DSA-1763-1}
 	- openssl 0.9.8g-16 (low; bug #522002)
 CVE-2009-0589
 	REJECTED
-CVE-2009-0588 (agent/request/op.cgi in the Registration Authority (RA) component in ...)
+CVE-2009-0588
 	NOT-FOR-US: Registration Authority (RA) component in Red Hat Certificate System (RHCS)
-CVE-2009-0587 (Multiple integer overflows in Evolution Data Server (aka ...)
+CVE-2009-0587
 	{DSA-1813-1}
 	- evolution-data-server 2.22.3-1 (medium)
 	NOTE: this version doesnt fix the overflows but uses the glib functions for decoding instead
-CVE-2009-0586 (Integer overflow in the gst_vorbis_tag_add_coverart function ...)
+CVE-2009-0586
 	- gst-plugins-base0.10 0.10.22-4
 	[lenny] - gst-plugins-base0.10 <not-affected> (Vulnerable lib calls not present)
 	[etch] - gst-plugins-base0.10 <not-affected> (Vulnerable lib calls not present)
-CVE-2009-0585 (Integer overflow in the soup_base64_encode function in soup-misc.c in ...)
+CVE-2009-0585
 	{DSA-1748-1}
 	- libsoup 2.2.105-4 (medium; bug #520039)
-CVE-2009-0584 (icc.c in the International Color Consortium (ICC) Format library (aka ...)
+CVE-2009-0584
 	{DSA-1746-1 DTSA-198-1}
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #522416)
 	- argyll 1.0.3-2 (bug #522448)
 	- gs-gpl <removed> (medium)
 	- gs-esp <removed>
-CVE-2009-0583 (Multiple integer overflows in icc.c in the International Color ...)
+CVE-2009-0583
 	{DSA-1746-1 DTSA-198-1}
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #522416)
 	- argyll 1.0.3-2 (bug #522448)
 	- gs-gpl <removed> (medium)
 	- gs-esp <removed>
-CVE-2009-0582 (The ntlm_challenge function in the NTLM SASL authentication mechanism ...)
+CVE-2009-0582
 	{DSA-1813-1}
 	- evolution-data-server 2.26.1.1-1
-CVE-2009-0581 (Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as ...)
+CVE-2009-0581
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
-CVE-2009-0580 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
+CVE-2009-0580
 	{DSA-2207-1}
 	- tomcat6 6.0.20-1 (low; bug #532362)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5 <removed> (low; bug #532363)
 	- tomcat5.5 <removed> (low; bug #532366)
-CVE-2009-0579 (Linux-PAM before 1.0.4 does not enforce the minimum password age ...)
+CVE-2009-0579
 	- pam 1.0.1-10 (unimportant; bug #514437)
 	NOTE: the ability to change a password earlier than scheduled is not a security
 	NOTE: vulnerability in itself (unless the user changes their password back to
 	NOTE: their previous password; thus violating the security policy as defined by
 	NOTE: the administrator)
-CVE-2009-0578 (GNOME NetworkManager before 0.7.0.99 does not properly verify ...)
+CVE-2009-0578
 	- network-manager-applet 0.7.0.99-1 (medium; bug #519801)
 	[lenny] - network-manager-applet <not-affected> (Bug affected the 0.7.x series)
-CVE-2009-0577 (Integer overflow in the WriteProlog function in texttops in CUPS ...)
+CVE-2009-0577
 	NOT-FOR-US: RedHat specific, because they had a problem applying the fix for CVE-2008-3640
-CVE-2009-0576 (Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 ...)
+CVE-2009-0576
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2009-0575 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2009-0575
 	NOT-FOR-US: Views Bulk Operations
-CVE-2009-0574 (SQL injection vulnerability in index.php in Easy CafeEngine allows ...)
+CVE-2009-0574
 	NOT-FOR-US: Easy CafeEngine
-CVE-2009-0573 (Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb 6.0 ...)
+CVE-2009-0573
 	NOT-FOR-US: FotoWeb
-CVE-2009-0572 (PHP remote file inclusion vulnerability in include/flatnux.php in ...)
+CVE-2009-0572
 	NOT-FOR-US: FlatnuX CMS
-CVE-2009-0571 (admin.php in Ninja Designs Mailist 3.0 stores backup copies of ...)
+CVE-2009-0571
 	NOT-FOR-US: Ninja Designs Mailist
-CVE-2009-0570 (Directory traversal vulnerability in send.php in Ninja Designs Mailist ...)
+CVE-2009-0570
 	NOT-FOR-US: Ninja Designs Mailist
-CVE-2009-0569 (Buffer overflow in Becky! Internet Mail 2.48.02 and earlier allows ...)
+CVE-2009-0569
 	NOT-FOR-US: Becky! Internet Mail
-CVE-2009-0568 (The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP ...)
+CVE-2009-0568
 	NOT-FOR-US: Microsoft
 CVE-2009-0567
 	REJECTED
-CVE-2009-0566 (Microsoft Office Publisher 2007 SP1 does not properly calculate object ...)
+CVE-2009-0566
 	NOT-FOR-US: Microsoft Office Publisher
-CVE-2009-0565 (Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 ...)
+CVE-2009-0565
 	NOT-FOR-US: Microsoft
 CVE-2009-0564
 	RESERVED
-CVE-2009-0563 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 ...)
+CVE-2009-0563
 	NOT-FOR-US: Microsoft
-CVE-2009-0562 (The Office Web Components ActiveX Control in Microsoft Office XP SP3, ...)
+CVE-2009-0562
 	NOT-FOR-US: ActiveX
-CVE-2009-0561 (Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, ...)
+CVE-2009-0561
 	NOT-FOR-US: Microsoft
-CVE-2009-0560 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, ...)
+CVE-2009-0560
 	NOT-FOR-US: Microsoft
-CVE-2009-0559 (Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and ...)
+CVE-2009-0559
 	NOT-FOR-US: Microsoft
-CVE-2009-0558 (Array index error in Excel in Microsoft Office 2000 SP3 and Office ...)
+CVE-2009-0558
 	NOT-FOR-US: Microsoft
-CVE-2009-0557 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, ...)
+CVE-2009-0557
 	NOT-FOR-US: Microsoft
-CVE-2009-0556 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and ...)
+CVE-2009-0556
 	NOT-FOR-US: Microsoft Office
-CVE-2009-0555 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice ...)
+CVE-2009-0555
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0554 (Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 ...)
+CVE-2009-0554
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0553 (Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, ...)
+CVE-2009-0553
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0552 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 ...)
+CVE-2009-0552
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0551 (Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, ...)
+CVE-2009-0551
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0550 (Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP ...)
+CVE-2009-0550
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0549 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, ...)
+CVE-2009-0549
 	NOT-FOR-US: Microsoft
-CVE-2009-0548 (Cross-site scripting (XSS) vulnerability in the Additional Report ...)
+CVE-2009-0548
 	NOT-FOR-US: Additional Report Settings interface in ESET Remote Administrator
-CVE-2009-0547 (Evolution 2.22.3.1 checks S/MIME signatures against a copy of the ...)
+CVE-2009-0547
 	{DSA-1813-1}
 	- evolution-data-server 2.24.5-2 (low; bug #508479)
-CVE-2009-0546 (Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier ...)
+CVE-2009-0546
 	NOT-FOR-US: NewsGator FeedDemon
-CVE-2009-0545 (cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote ...)
+CVE-2009-0545
 	NOT-FOR-US: ZeroShell
-CVE-2009-0544 (Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote ...)
+CVE-2009-0544
 	{DSA-1726-1}
 	- python-crypto 2.0.1+dfsg1-3 (bug #516660)
-CVE-2009-0543 (ProFTPD Server 1.3.1, with NLS support enabled, allows remote ...)
+CVE-2009-0543
 	{DSA-1730-1 DSA-1727-1}
 	- proftpd-dfsg 1.3.2-1 (medium; bug #516388)
 	[etch] - proftpd-dfsg <not-affected> (etch version not affected)
 	[lenny] - proftpd-dfsg 1.3.1-17lenny2
-CVE-2009-0542 (SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 ...)
+CVE-2009-0542
 	{DSA-1730-1 DSA-1727-1}
 	- proftpd-dfsg 1.3.2-1 (medium; bug #516388)
 	[etch] - proftpd-dfsg <not-affected> (etch version not affected)
 	[lenny] - proftpd-dfsg 1.3.1-17lenny2
-CVE-2009-0541 (Multiple cross-site scripting (XSS) vulnerabilities in Magento 1.2.0 ...)
+CVE-2009-0541
 	NOT-FOR-US: Magento
-CVE-2009-0540 (Cross-site scripting (XSS) vulnerability in Libero 5.3 SP5, and ...)
+CVE-2009-0540
 	NOT-FOR-US: Libero
 CVE-2009-0539
 	RESERVED
-CVE-2009-0538 (Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 ...)
+CVE-2009-0538
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2009-0537 (Integer overflow in the fts_build function in fts.c in libc in (1) ...)
+CVE-2009-0537
 	- glibc <not-affected> (Vulnerable code not present)
 	NOTE: glibc checks the comlete path length being not longer than USHRT_MAX
 	NOTE: and closes the directory path + free of structures in case , io/fts.c line 727
-CVE-2009-0536 (at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 ...)
+CVE-2009-0536
 	NOT-FOR-US: IBM AIX
-CVE-2009-0535 (Directory traversal vulnerability in export.php in Thyme 1.3 and ...)
+CVE-2009-0535
 	NOT-FOR-US: Thyme
-CVE-2009-0534 (SQL injection vulnerability in FlexCMS allows remote attackers to ...)
+CVE-2009-0534
 	NOT-FOR-US: FlexCMS
-CVE-2009-0533 (Cross-site scripting (XSS) vulnerability in password.php in Scripts ...)
+CVE-2009-0533
 	NOT-FOR-US: Sites EZ Reminder
-CVE-2009-0532 (Cross-site scripting (XSS) vulnerability in password.php in Scripts ...)
+CVE-2009-0532
 	NOT-FOR-US: Scripts For Sites (SFS) EZ Baby
-CVE-2009-0531 (SQL injection vulnerability in gallery/view.asp in A Better ...)
+CVE-2009-0531
 	NOT-FOR-US: A Better Member-Based ASP Photo Gallery
-CVE-2009-0530 (Multiple PHP remote file inclusion vulnerabilities in SnippetMaster ...)
+CVE-2009-0530
 	NOT-FOR-US: SnippetMaster
-CVE-2009-0529 (Cross-site scripting (XSS) vulnerability in index.php in SnippetMaster ...)
+CVE-2009-0529
 	NOT-FOR-US: SnippetMaster
-CVE-2009-0528 (SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and ...)
+CVE-2009-0528
 	NOT-FOR-US: Rhadrix If-CMS
-CVE-2009-0527 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-0527
 	NOT-FOR-US: AdaptCMS
-CVE-2009-0526 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2009-0526
 	NOT-FOR-US: AdaptCMS
-CVE-2009-0525 (Cross-site scripting (XSS) vulnerability in the sajax_get_common_js ...)
+CVE-2009-0525
 	NOT-FOR-US: Sajax
 CVE-2009-XXXX [nautilus: potential exploits via application launchers]
 	- nautilus 2.26.2-1 (low; bug #515104)
@@ -12338,355 +12338,355 @@ CVE-2009-XXXX [nautilus: potential exploits via application launchers]
 CVE-2009-XXXX [konqueror: potential exploits via application launchers]
 	- kdebase <unfixed> (unimportant; bug #515106)
 	NOTE: Minor impact, any attack would still require a significant amount of social engineering
-CVE-2009-0737 (Multiple cross-site scripting (XSS) vulnerabilities in the web-based ...)
+CVE-2009-0737
 	{DSA-1901-1}
 	- mediawiki 1:1.14.0-1 (low; bug #514547)
 	- mediawiki1.7 <removed>
 	[lenny] - mediawiki 1:1.12.0-2lenny3
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2009-0524 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 6 and 7, ...)
+CVE-2009-0524
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2009-0523 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 ...)
+CVE-2009-0523
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2009-0522 (Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on ...)
+CVE-2009-0522
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0521 (Untrusted search path vulnerability in Adobe Flash Player 9.x before ...)
+CVE-2009-0521
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0520 (Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 ...)
+CVE-2009-0520
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0519 (Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 ...)
+CVE-2009-0519
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0518 (VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 ...)
+CVE-2009-0518
 	NOT-FOR-US: VMware
-CVE-2009-0517 (Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and ...)
+CVE-2009-0517
 	NOT-FOR-US: phpSlash
-CVE-2009-0516 (SQL injection vulnerability in the classified page (classified.php) in ...)
+CVE-2009-0516
 	NOT-FOR-US: BusinessSpace
-CVE-2009-0515 (Directory traversal vulnerability in check_lang.php in Yet Another ...)
+CVE-2009-0515
 	NOT-FOR-US: YANOCC
-CVE-2009-0514 (Multiple directory traversal vulnerabilities in WebFrame 0.76 allow ...)
+CVE-2009-0514
 	NOT-FOR-US: WebFrame
-CVE-2009-0513 (Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 ...)
+CVE-2009-0513
 	NOT-FOR-US: WebFrame
-CVE-2009-0512 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
+CVE-2009-0512
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0511 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
+CVE-2009-0511
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0510 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
+CVE-2009-0510
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0509 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
+CVE-2009-0509
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0508 (The Servlet Engine/Web Container and JSP components in IBM WebSphere ...)
+CVE-2009-0508
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0507 (IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2 before ...)
+CVE-2009-0507
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0506 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2009-0506
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0505 (The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for ...)
+CVE-2009-0505
 	NOT-FOR-US: IBM TXSeries
-CVE-2009-0504 (WSPolicy in the Web Services component in IBM WebSphere Application ...)
+CVE-2009-0504
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0503 (IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database ...)
+CVE-2009-0503
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php ...)
+CVE-2009-0502
 	{DSA-1724-1}
 	- moodle 1.8.2.dfsg-3 (low)
 	NOTE: MSA-09-0004
-CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in Moodle 1.8 ...)
+CVE-2009-0501
 	{DTSA-195-1}
 	- moodle 1.8.2.dfsg-4 (low)
 	[etch] - moodle <not-affected> (Vulnerable code not present)
-CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle ...)
+CVE-2009-0500
 	{DSA-1724-1 DTSA-195-1}
 	- moodle 1.8.2.dfsg-3 (low)
-CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum code in ...)
+CVE-2009-0499
 	- moodle 1.8.2.dfsg-3 (low)
 	[etch] - moodle <not-affected> (Vulnerable code not present)
-CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information under the ...)
+CVE-2009-0498
 	NOT-FOR-US: Virtual GuestBook
-CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime ...)
+CVE-2009-0497
 	NOT-FOR-US: Openfire
-CVE-2009-0496 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...)
+CVE-2009-0496
 	NOT-FOR-US: Openfire
-CVE-2009-0495 (PHP remote file inclusion vulnerability in include/define.php in ...)
+CVE-2009-0495
 	NOT-FOR-US: REALTOR
-CVE-2009-0494 (SQL injection vulnerability in the Portfol (com_portfol) 1.2 component ...)
+CVE-2009-0494
 	NOT-FOR-US: Joomla!
-CVE-2009-0493 (SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier ...)
+CVE-2009-0493
 	NOT-FOR-US: IT CMS
-CVE-2009-0492 (Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has ...)
+CVE-2009-0492
 	NOT-FOR-US: SimpleIrcBot
-CVE-2009-0491 (Stack-based buffer overflow in Elecard MPEG Player 5.5 build ...)
+CVE-2009-0491
 	NOT-FOR-US: Elecard MPEG Player
-CVE-2009-0488 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 ...)
+CVE-2009-0488
 	NOT-FOR-US: Phorum
-CVE-2009-0486 (Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls ...)
+CVE-2009-0486
 	- bugzilla 3.2.4.0-1 (bug #514143)
 	[etch] - bugzilla <not-affected> (Versions before 3.2.1, 3.0.7, and 3.3.2 were not affected)
 	[lenny] - bugzilla <not-affected> (Versions before 3.2.1, 3.0.7, and 3.3.2 were not affected)
-CVE-2009-0485 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to ...)
+CVE-2009-0485
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0484 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before ...)
+CVE-2009-0484
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0483 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 ...)
+CVE-2009-0483
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0482 (Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 ...)
+CVE-2009-0482
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0481 (Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and ...)
+CVE-2009-0481
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0480 (The IP implementation in Sun Solaris 8 through 10, and OpenSolaris ...)
+CVE-2009-0480
 	NOT-FOR-US: Solaris
-CVE-2009-0489 (The DBus configuration file for Wicd before 1.5.9 allows arbitrary ...)
+CVE-2009-0489
 	- wicd 1.5.9-1
-CVE-2009-0479 (Multiple SQL injection vulnerabilities in admin/admin_login.php in ...)
+CVE-2009-0479
 	NOT-FOR-US: Online Grades
-CVE-2009-0477 (Unspecified vulnerability in the process (aka proc) filesystem in Sun ...)
+CVE-2009-0477
 	NOT-FOR-US: OpenSolaris
-CVE-2009-0476 (Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 ...)
+CVE-2009-0476
 	NOT-FOR-US: MultiMedia Soft audio components
-CVE-2009-0475 (Integer underflow in the Huffman decoding functionality ...)
+CVE-2009-0475
 	NOT-FOR-US: OpenCORE
-CVE-2009-0474 (The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A ...)
+CVE-2009-0474
 	NOT-FOR-US: Rockwell EtherNet/IP Bridge Module
-CVE-2009-0473 (Open redirect vulnerability in the web interface in the Rockwell ...)
+CVE-2009-0473
 	NOT-FOR-US: Rockwell EtherNet/IP Bridge Module
-CVE-2009-0472 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2009-0472
 	NOT-FOR-US: Rockwell EtherNet/IP Bridge Module
-CVE-2009-0471 (Cross-site request forgery (CSRF) vulnerability in the HTTP server in ...)
+CVE-2009-0471
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0470 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server ...)
+CVE-2009-0470
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0469 (Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI ...)
+CVE-2009-0469
 	NOT-FOR-US: futomi's CGI Cafe
-CVE-2009-0468 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2009-0468
 	NOT-FOR-US: Profense Web Application Firewall
-CVE-2009-0467 (Cross-site scripting (XSS) vulnerability in proxy.html in Profense Web ...)
+CVE-2009-0467
 	NOT-FOR-US: Profense Web Application Firewall
-CVE-2009-0466 (Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 ...)
+CVE-2009-0466
 	NOT-FOR-US: Vivvo CMS
-CVE-2009-0465 (The SaveDoc method in the All_In_The_Box.AllBox ActiveX control in ...)
+CVE-2009-0465
 	NOT-FOR-US: Synactis ALL In-The-Box ActiveX 3
-CVE-2009-0464 (PHP remote file inclusion vulnerability in includes/header.php in ...)
+CVE-2009-0464
 	NOT-FOR-US: Groone GBook
-CVE-2009-0463 (PHP remote file inclusion vulnerability in includes/header.php in ...)
+CVE-2009-0463
 	NOT-FOR-US: Groone GLinks
-CVE-2009-0462 (Multiple SQL injection vulnerabilities in customer_login_check.asp in ...)
+CVE-2009-0462
 	NOT-FOR-US: ClickTech ClickCart
-CVE-2009-0461 (Whole Hog Password Protect: Enhanced 1.x allows remote attackers to ...)
+CVE-2009-0461
 	NOT-FOR-US: Whole Hog Password Protect
-CVE-2009-0460 (Whole Hog Ware Support 1.x allows remote attackers to bypass ...)
+CVE-2009-0460
 	NOT-FOR-US: Whole Hog Ware Support
-CVE-2009-0459 (Multiple SQL injection vulnerabilities in admin/login_submit.php in ...)
+CVE-2009-0459
 	NOT-FOR-US: Whole Hog Password Protect
-CVE-2009-0458 (Multiple SQL injection vulnerabilities in admin/login_submit.php in ...)
+CVE-2009-0458
 	NOT-FOR-US: Whole Hog Ware Support
-CVE-2009-0457 (Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow ...)
+CVE-2009-0457
 	NOT-FOR-US: AJA Portal
-CVE-2009-0456 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-0456
 	NOT-FOR-US: patForms
-CVE-2009-0455 (Cross-site scripting (XSS) vulnerability in the anonymous comments ...)
+CVE-2009-0455
 	NOT-FOR-US: glFusion
-CVE-2009-0454 (Multiple SQL injection vulnerabilities in DMXReady Online Notebook ...)
+CVE-2009-0454
 	NOT-FOR-US: DMXReady Online Notebook Manager
-CVE-2009-0453 (Online Grades 3.2.4 allows remote attackers to obtain configuration ...)
+CVE-2009-0453
 	NOT-FOR-US: Online Grades
-CVE-2009-0452 (Multiple SQL injection vulnerabilities in parents/login.php in Online ...)
+CVE-2009-0452
 	NOT-FOR-US: Online Grades
-CVE-2009-0451 (SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote ...)
+CVE-2009-0451
 	NOT-FOR-US: Skalfa SkaLinks
-CVE-2009-0450 (Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier ...)
+CVE-2009-0450
 	NOT-FOR-US: BlazeVideo
-CVE-2009-0449 (Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations ...)
+CVE-2009-0449
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2009-0448 (Directory traversal vulnerability in admin/modules/aa/preview.php in ...)
+CVE-2009-0448
 	NOT-FOR-US: Syntax Desktop
-CVE-2009-0447 (Multiple SQL injection vulnerabilities in default.asp in MyDesign ...)
+CVE-2009-0447
 	NOT-FOR-US: MyDesign Sayac
-CVE-2009-0446 (SQL injection vulnerability in photo.php in WEBalbum 2.4b allows ...)
+CVE-2009-0446
 	NOT-FOR-US: WEBalbum
-CVE-2009-0445 (SQL injection vulnerability in index.php in Dreampics Gallery Builder ...)
+CVE-2009-0445
 	NOT-FOR-US: Dreampics Gallery Builder
-CVE-2009-0444 (Multiple PHP remote file inclusion vulnerabilities in GRBoard 1.8, ...)
+CVE-2009-0444
 	NOT-FOR-US: GRBoard
-CVE-2009-0443 (Stack-based buffer overflow in Elecard AVC HD PLAYER 5.5.90116 allows ...)
+CVE-2009-0443
 	NOT-FOR-US: Elecard AVC HD PLAYER
-CVE-2009-0442 (Directory traversal vulnerability in bbcode.php in PHPbbBook 1.3 and ...)
+CVE-2009-0442
 	NOT-FOR-US: PHPbbBook
-CVE-2009-0441 (PHP remote file inclusion vulnerability in ...)
+CVE-2009-0441
 	NOT-FOR-US: Technote
-CVE-2009-0440 (IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not ...)
+CVE-2009-0440
 	NOT-FOR-US: IBM WebSphere Partner Gateway
-CVE-2009-0439 (Unspecified vulnerability in the queue manager in IBM WebSphere MQ ...)
+CVE-2009-0439
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0438 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows ...)
+CVE-2009-0438
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0437 (The Installation Factory installation process for IBM WebSphere ...)
+CVE-2009-0437
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0436 (The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server 6.0.x ...)
+CVE-2009-0436
 	NOT-FOR-US: IBM HTTP Server
-CVE-2009-0435 (Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO or ...)
+CVE-2009-0435
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0434 (PerfServlet in the PMI/Performance Tools component in IBM WebSphere ...)
+CVE-2009-0434
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0433 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2009-0433
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0432 (The installation process for the File Transfer servlet in the System ...)
+CVE-2009-0432
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0431 (SQL injection vulnerability in Default.asp in LinksPro Standard ...)
+CVE-2009-0431
 	NOT-FOR-US: LinksPro
-CVE-2009-0430 (Multiple cross-site scripting (XSS) vulnerabilities in Active Bids ...)
+CVE-2009-0430
 	NOT-FOR-US: Active Bids
-CVE-2009-0429 (Multiple SQL injection vulnerabilities in Active Bids allow remote ...)
+CVE-2009-0429
 	NOT-FOR-US: Active Bids
-CVE-2009-0428 (SQL injection vulnerability in ...)
+CVE-2009-0428
 	NOT-FOR-US: DMXReady Secure Document
-CVE-2009-0427 (SQL injection vulnerability in ...)
+CVE-2009-0427
 	NOT-FOR-US: DMXReady Secure Document
-CVE-2009-0426 (SQL injection vulnerability in ...)
+CVE-2009-0426
 	NOT-FOR-US: DMXReady Secure Document
-CVE-2009-0425 (SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and ...)
+CVE-2009-0425
 	NOT-FOR-US: Blue Eye CMS
-CVE-2009-0424 (Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook ...)
+CVE-2009-0424
 	NOT-FOR-US: AN Guestbook
-CVE-2009-0423 (Directory traversal vulnerability in index.php in Php Photo Album ...)
+CVE-2009-0423
 	NOT-FOR-US: Php Photo Album
-CVE-2009-0422 (Dynamic variable evaluation vulnerability in lists/admin.php in ...)
+CVE-2009-0422
 	NOT-FOR-US: phpList
-CVE-2009-0421 (SQL injection vulnerability in the Eventing (com_eventing) 1.6.x ...)
+CVE-2009-0421
 	NOT-FOR-US: Joomla!
-CVE-2009-0420 (SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable ...)
+CVE-2009-0420
 	NOT-FOR-US: Joomla!
-CVE-2009-0419 (Microsoft XML Core Services, as used in Microsoft Expression Web, ...)
+CVE-2009-0419
 	NOT-FOR-US: Microsoft
-CVE-2009-0418 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX ...)
+CVE-2009-0418
 	NOT-FOR-US: HP HP-UX
-CVE-2009-0417 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2009-0417
 	NOT-FOR-US: Agavi
-CVE-2009-0416 (The SSL certificate setup program (genSslCert.sh) in Standards Based ...)
+CVE-2009-0416
 	NOT-FOR-US: sblim-sfcb
-CVE-2009-0415 (Untrusted search path vulnerability in trickle 1.07 allows local users ...)
+CVE-2009-0415
 	- trickle 1.07-6 (bug #513456; low)
 	[etch] - trickle <no-dsa> (Minor issue)
-CVE-2009-0413 (Cross-site scripting (XSS) vulnerability in RoundCube Webmail ...)
+CVE-2009-0413
 	- roundcube 0.2~stable-1 (low; bug #514179)
 	[lenny] - roundcube <not-affected> (Vulnerable code not present)
-CVE-2009-0412 (The ProcessLogin function in class.auth.php in Interspire Shopping ...)
+CVE-2009-0412
 	NOT-FOR-US: Interspire Shopping Cart
-CVE-2009-0411 (Google Chrome before 1.0.154.46 does not properly restrict access from ...)
+CVE-2009-0411
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-0410 (Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) ...)
+CVE-2009-0410
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0409 (SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and ...)
+CVE-2009-0409
 	NOT-FOR-US: Max.Blog
-CVE-2009-0408 (Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC ...)
+CVE-2009-0408
 	NOT-FOR-US: osCommerce
-CVE-2009-0407 (SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 ...)
+CVE-2009-0407
 	NOT-FOR-US: PHP-CMS
-CVE-2009-0406 (SQL injection vulnerability in index.php in Community CMS 0.4 and ...)
+CVE-2009-0406
 	NOT-FOR-US: Community CMS
-CVE-2009-0405 (SQL injection vulnerability in articles.php in smartSite CMS 1.0 ...)
+CVE-2009-0405
 	NOT-FOR-US: smartSite CMS
-CVE-2009-0404 (Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics ...)
+CVE-2009-0404
 	NOT-FOR-US: Bioinformatics htmLawed
-CVE-2009-0403 (SQL injection vulnerability in admin/authenticate.php in Chipmunk ...)
+CVE-2009-0403
 	NOT-FOR-US: Chipmunk Blogger Script
-CVE-2009-0402 (SQL injection vulnerability in client/new_account.php in Domain ...)
+CVE-2009-0402
 	NOT-FOR-US: Domain Technologie Control
-CVE-2009-0401 (SQL injection vulnerability in browsecats.php in E-Php CMS allows ...)
+CVE-2009-0401
 	NOT-FOR-US: E-Php CMS
-CVE-2009-0400 (SQL injection vulnerability in blog.php in SocialEngine 3.06 trial ...)
+CVE-2009-0400
 	NOT-FOR-US: SocialEngine
-CVE-2009-0399 (Chipmunk Blogger Script allows remote attackers to gain administrator ...)
+CVE-2009-0399
 	NOT-FOR-US: Chipmunk Blogger Script
-CVE-2009-0398 (Array index error in the gst_qtp_trak_handler function in ...)
+CVE-2009-0398
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code not present)
-CVE-2009-0397 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...)
+CVE-2009-0397
 	{DSA-1729-1}
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
 	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
 	- gst-plugins-bad0.10 0.10.4-1
-CVE-2009-0396 (The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, ...)
+CVE-2009-0396
 	NOT-FOR-US: Sony Ericsson
-CVE-2009-0395 (SQL injection vulnerability in the login feature in NetArt Media Car ...)
+CVE-2009-0395
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2009-0394 (SQL injection vulnerability in login.php in Pre Lecture Exercises ...)
+CVE-2009-0394
 	NOT-FOR-US: Pre Lecture Exercises
-CVE-2009-0393 (Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola ...)
+CVE-2009-0393
 	NOT-FOR-US: Motorola Wimax
-CVE-2009-0392 (Directory traversal vulnerability in sysconf.cgi in Motorola Wimax ...)
+CVE-2009-0392
 	NOT-FOR-US: Motorola Wimax
-CVE-2009-0391 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2009-0391
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0390 (Argument injection vulnerability in Enomaly Elastic Computing Platform ...)
+CVE-2009-0390
 	NOT-FOR-US: Enomaly Elastic Computing Platform
-CVE-2009-0389 (Multiple insecure method vulnerabilities in the Web On Windows (WOW) ...)
+CVE-2009-0389
 	NOT-FOR-US: ActiveX
-CVE-2009-0388 (Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and ...)
+CVE-2009-0388
 	- tightvnc <not-affected> (bug in the windows-specific client connection code)
 	NOTE: http://bugs.debian.org/528204
-CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in ...)
+CVE-2009-0387
 	{DSA-1729-1}
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
 	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
 	- gst-plugins-bad0.10 0.10.4-1
-CVE-2009-0386 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...)
+CVE-2009-0386
 	{DSA-1729-1}
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
 	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
 	- gst-plugins-bad0.10 0.10.4-1
-CVE-2009-0384 (SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows ...)
+CVE-2009-0384
 	NOT-FOR-US: OwnRS CMS
-CVE-2009-0383 (delete.php in Max.Blog 1.0.6 does not properly restrict access, which ...)
+CVE-2009-0383
 	NOT-FOR-US: Max.Blog
-CVE-2009-0382 (Unspecified vulnerability in Internationalization (i18n) Translation ...)
+CVE-2009-0382
 	- drupal5 <not-affected> (Translation module not packaged)
 	- drupal6 <not-affected> (Issue only affects the 5.x branch)
-CVE-2009-0381 (SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping ...)
+CVE-2009-0381
 	NOT-FOR-US: BazaarBuilder Ecommerce Shopping Cart
-CVE-2009-0380 (** DISPUTED ** ...)
+CVE-2009-0380
 	NOT-FOR-US: Sigsiu Online Business Index
-CVE-2009-0379 (SQL injection vulnerability in the Prince Clan Chess Club ...)
+CVE-2009-0379
 	NOT-FOR-US: Prince Clan Chess Club
-CVE-2009-0378 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
+CVE-2009-0378
 	NOT-FOR-US: Joomla!
-CVE-2009-0377 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...)
+CVE-2009-0377
 	NOT-FOR-US: Joomla!
-CVE-2009-0376 (Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer ...)
+CVE-2009-0376
 	NOT-FOR-US: RealPlayer
-CVE-2009-0375 (Buffer overflow in a DLL file in RealNetworks RealPlayer 10, ...)
+CVE-2009-0375
 	NOT-FOR-US: RealPlayer
-CVE-2009-0374 (** DISPUTED ** ...)
+CVE-2009-0374
 	- chromium-browser <unfixed> (unimportant)
 	- webkit <not-affected> (poc doesn't work)
-CVE-2009-0373 (SQL injection vulnerability in the ElearningForce Flash Magazine ...)
+CVE-2009-0373
 	NOT-FOR-US: Joomla!
-CVE-2009-0372 (Unrestricted file upload vulnerability in index.php in Miltenovik ...)
+CVE-2009-0372
 	NOT-FOR-US: Miltenovik Manojlo MemHT Portal
-CVE-2009-0371 (Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and ...)
+CVE-2009-0371
 	NOT-FOR-US: SiteXS CMS
-CVE-2009-0370 (Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 ...)
+CVE-2009-0370
 	NOT-FOR-US: IBM AIX
-CVE-2009-0369 (Microsoft Internet Explorer 7 allows remote attackers to trick a user ...)
+CVE-2009-0369
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0487 (Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows ...)
+CVE-2009-0487
 	- mahara 1.0.9-1 (low)
 	[lenny] - mahara 1.0.4-4
-CVE-2009-0478 (Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 ...)
+CVE-2009-0478
 	{DSA-1732-1}
 	- squid 2.7.STABLE3-4.1 (medium; bug #514142)
 	- squid3 3.0.STABLE8-3 (medium)
@@ -12694,56 +12694,56 @@ CVE-2009-0478 (Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4
 CVE-2009-XXXX [glpi sql injection]
 	- glpi 0.71.5-1 (bug #513611; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2009-0490 (Stack-based buffer overflow in the String_parse::get_nonspace_quoted ...)
+CVE-2009-0490
 	{DTSA-192-1}
 	- audacity 1.3.6-1 (bug #514138)
 	[lenny] - audacity 1.3.5-2+lenny1
-CVE-2009-0368 (OpenSC before 0.11.7 allows physically proximate attackers to bypass ...)
+CVE-2009-0368
 	{DSA-1734-1}
 	- opensc 0.11.7-1
 	[etch] - opensc <not-affected> (vulnerable code not present)
-CVE-2009-0367 (The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows ...)
+CVE-2009-0367
 	{DSA-1737-1}
 	- wesnoth 1:1.4.7-4
-CVE-2009-0366 (The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth ...)
+CVE-2009-0366
 	{DSA-1737-1}
 	- wesnoth 1:1.4.7-4
-CVE-2009-0365 (nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an ...)
+CVE-2009-0365
 	{DSA-1955-1}
 	- network-manager-applet 0.7.0.99-1 (medium; bug #519801)
 	- network-manager 0.6.5-1 (medium)
 	NOTE: network-manager in lenny not affected, because it is in network-manager-applet
-CVE-2009-0364 (Format string vulnerability in the mini_calendar component in ...)
+CVE-2009-0364
 	{DSA-1752-1}
 	- webcit 7.38b-dfsg-2 (low)
-CVE-2009-0363 (Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl ...)
+CVE-2009-0363
 	{DTSA-197-1}
 	- barnowl 1.0.5-1
 	[lenny] - barnowl 1.0.1-4
 	- owl 2.2.2-1 (bug #515118)
 	[lenny] - owl <no-dsa> (Minor issue)
 	[etch] - owl <no-dsa> (Minor issue)
-CVE-2009-0362 (filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular ...)
+CVE-2009-0362
 	- fail2ban 0.8.3-2sid1 (low; bug #514163)
-CVE-2009-0361 (Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in ...)
+CVE-2009-0361
 	{DSA-1722-1 DSA-1721-1}
 	- libpam-heimdal 3.10-2.1 (bug #516695)
 	- libpam-krb5 3.13-2
 	[lenny] - libpam-krb5 3.11-4
-CVE-2009-0360 (Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, ...)
+CVE-2009-0360
 	{DSA-1721-1}
 	- libpam-krb5 3.13-2
 	[lenny] - libpam-krb5 3.11-4
-CVE-2009-0359 (Multiple cross-site scripting (XSS) vulnerabilities in Samizdat before ...)
+CVE-2009-0359
 	{DTSA-194-1}
 	- samizdat 0.6.2-2
-CVE-2009-0358 (Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) ...)
+CVE-2009-0358
 	- iceweasel 3.0
 	[etch] - iceweasel <not-affected> (Only affects Firefox 3.x)
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Only affects Xulrunner 1.9)
-CVE-2009-0357 (Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not ...)
+CVE-2009-0357
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceweasel in Lenny links against Xulrunner
@@ -12753,7 +12753,7 @@ CVE-2009-0357 (Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not .
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceape in Lenny only provides XPCOM libs
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-0356 (Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the ...)
+CVE-2009-0356
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceweasel in Lenny links against Xulrunner
@@ -12763,16 +12763,16 @@ CVE-2009-0356 (Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceape in Lenny only provides XPCOM libs
 	- kompozer <not-affected> (.desktop file support is not available)
-CVE-2009-0355 (components/sessionstore/src/nsSessionStore.js in Mozilla Firefox ...)
+CVE-2009-0355
 	- iceweasel 3.0.6-1
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0354 (Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x ...)
+CVE-2009-0354
 	- iceweasel 3.0
 	[etch] - iceweasel <not-affected> (Only affects Firefox 3.x)
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Only affects Xulrunner 1.9)
-CVE-2009-0353 (Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, ...)
+CVE-2009-0353
 	{DSA-1830-1}
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
@@ -12784,7 +12784,7 @@ CVE-2009-0353 (Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, ..
 	NOTE: Iceape in Lenny only provides XPCOM libs
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-0352 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before ...)
+CVE-2009-0352
 	{DSA-1830-1}
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
@@ -12797,73 +12797,73 @@ CVE-2009-0352 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x befor
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-0343 (Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform ...)
+CVE-2009-0343
 	NOT-FOR-US: Systrace
-CVE-2009-0342 (Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows ...)
+CVE-2009-0342
 	NOT-FOR-US: Systrace
-CVE-2009-0351 (Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows ...)
+CVE-2009-0351
 	NOT-FOR-US: WinFTP
-CVE-2009-0350 (Stack-based buffer overflow in Merak Media Player 3.2 allows remote ...)
+CVE-2009-0350
 	NOT-FOR-US: Merak Media Player
-CVE-2009-0349 (Stack-based buffer overflow in FTPShell Server 4.3 allows ...)
+CVE-2009-0349
 	NOT-FOR-US: FTPShell Server
-CVE-2009-0348 (The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), ...)
+CVE-2009-0348
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-0347 (Open redirect vulnerability in cs.html in the Autonomy (formerly ...)
+CVE-2009-0347
 	NOT-FOR-US: Autonomy (formerly Verity) Ultraseek search engine
-CVE-2009-0346 (The IP-in-IP packet processing implementation in the IPsec and IP ...)
+CVE-2009-0346
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0345 (Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on ...)
+CVE-2009-0345
 	NOT-FOR-US: Embedded Lights Out Manager (ELOM)
-CVE-2009-0344 (Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on ...)
+CVE-2009-0344
 	NOT-FOR-US: Embedded Lights Out Manager (ELOM)
-CVE-2009-0341 (The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP ...)
+CVE-2009-0341
 	NOT-FOR-US: Microsoft
-CVE-2009-0340 (Multiple directory traversal vulnerabilities in Simple PHP Newsletter ...)
+CVE-2009-0340
 	NOT-FOR-US: Simple PHP Newsletter
-CVE-2009-0339 (SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog ...)
+CVE-2009-0339
 	NOT-FOR-US: DMXReady Blog Manager
-CVE-2009-0338 (Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in ...)
+CVE-2009-0338
 	NOT-FOR-US: DMXReady Blog Manager
-CVE-2009-0337 (SQL injection vulnerability in index.asp in Katy Whitton BlogIt! ...)
+CVE-2009-0337
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0336 (Katy Whitton BlogIt! stores sensitive information under the web root ...)
+CVE-2009-0336
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0335 (Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton ...)
+CVE-2009-0335
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0334 (SQL injection vulnerability in index.asp in Katy Whitton BlogIt! ...)
+CVE-2009-0334
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0333 (SQL injection vulnerability in the WebAmoeba (WA) Ticket System ...)
+CVE-2009-0333
 	NOT-FOR-US: Joomla!
-CVE-2009-0332 (Multiple SQL injection vulnerabilities in AV Book Library before 1.1 ...)
+CVE-2009-0332
 	NOT-FOR-US: AV Book Library
-CVE-2009-0331 (Directory traversal vulnerability in gallery/comment.php in Enhanced ...)
+CVE-2009-0331
 	NOT-FOR-US: Enhanced Simple PHP Gallery (ESPG)
-CVE-2009-0330 (Directory traversal vulnerability in index.php in Simple Content ...)
+CVE-2009-0330
 	NOT-FOR-US: Simple Content Management System (SCMS)
-CVE-2009-0329 (SQL injection vulnerability in the PcCookBook (com_pccookbook) ...)
+CVE-2009-0329
 	NOT-FOR-US: Joomla!
-CVE-2009-0328 (ROBS-PROJECTS Digital Sales IPN (aka DS-IPN.NET or DS-IPN Paypal Shop) ...)
+CVE-2009-0328
 	NOT-FOR-US: ROBS-PROJECTS Digital Sales IPN
-CVE-2009-0327 (SQL injection vulnerability in readbible.php in Free Bible Search PHP ...)
+CVE-2009-0327
 	NOT-FOR-US: Free Bible Search PHP Script
-CVE-2009-0326 (SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta ...)
+CVE-2009-0326
 	NOT-FOR-US: Dark Age CMS
-CVE-2009-0325 (Directory traversal vulnerability in entries/index.php in Ninja Blog ...)
+CVE-2009-0325
 	NOT-FOR-US: Ninja Blog
-CVE-2009-0324 (Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote ...)
+CVE-2009-0324
 	NOT-FOR-US: BibCiter
-CVE-2009-0322 (drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and ...)
+CVE-2009-0322
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-0321 (Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote ...)
+CVE-2009-0321
 	NOT-FOR-US: Apple Safari on Windows
-CVE-2009-0320 (Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O ...)
+CVE-2009-0320
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0319 (Unspecified vulnerability in the autofs module in the kernel in Sun ...)
+CVE-2009-0319
 	NOT-FOR-US: Solaris
-CVE-2009-0385 (Integer signedness error in the fourxm_read_header function in ...)
+CVE-2009-0385
 	{DSA-1782-1 DSA-1781-1}
 	- ffmpeg-debian 0.svn20080206-16 (medium; bug #524799)
 	- ffmpeg 0.svn20080206-16
@@ -12871,243 +12871,243 @@ CVE-2009-0385 (Integer signedness error in the fourxm_read_header function in ..
 	- mplayer 1.0~rc2-14 (medium; bug #524805)
 	NOTE: MPlayer links against libavformat since 1.0~rc2-14, etch Mplayer still needs a fix
 	NOTE: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
-CVE-2009-0318 (Untrusted search path vulnerability in the GObject Python interpreter ...)
+CVE-2009-0318
 	{DTSA-190-1}
 	- gnumeric 1.8.4-3 (low; bug #513418)
 	[etch] - gnumeric 1.6.3-5.1+etch2
-CVE-2009-0317 (Untrusted search path vulnerability in the Python language bindings ...)
+CVE-2009-0317
 	- nautilus-python 0.4.3-3.2 (low; bug #513419)
-CVE-2009-0316 (Untrusted search path vulnerability in src/if_python.c in the Python ...)
+CVE-2009-0316
 	- vim 2:7.2.025-2 (low; bug #493937)
 	[lenny] - vim 1:7.1.314-3+lenny2
 	[squeeze] - vim 1:7.1.314-3+lenny2
 	[etch] - vim <no-dsa> (Minor issue)
 	NOTE: Not included in this round, could be fixed via next DSA with other issues
-CVE-2009-0315 (Untrusted search path vulnerability in the Python module in xchat ...)
+CVE-2009-0315
 	- xchat 2.8.6-2.1 (low; bug #513509)
 	[etch] - xchat <no-dsa> (Minor issue)
-CVE-2009-0314 (Untrusted search path vulnerability in the Python module in gedit ...)
+CVE-2009-0314
 	{DTSA-191-1}
 	- gedit 2.22.3-2 (low; bug #513513)
 	[etch] - gedit <no-dsa> (Minor issue)
-CVE-2009-0313 (winetricks before 20081223 allows local users to overwrite arbitrary ...)
+CVE-2009-0313
 	NOT-FOR-US: winetricks
-CVE-2009-0311 (The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 ...)
+CVE-2009-0311
 	NOT-FOR-US: EMC AutoStart
-CVE-2009-0310 (Buffer overflow in SUSE blinux (aka sbl) in SUSE openSUSE 10.3 through ...)
+CVE-2009-0310
 	NOT-FOR-US: SuSE blinux
 CVE-2009-0309
 	RESERVED
 CVE-2009-0308
 	RESERVED
-CVE-2009-0307 (Cross-site scripting (XSS) vulnerability in the &quot;Customize Statistics ...)
+CVE-2009-0307
 	NOT-FOR-US: Motion (RIM) BlackBerry Enterprise Server
-CVE-2009-0306 (Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in ...)
+CVE-2009-0306
 	NOT-FOR-US: IBM Lotus Notes Intellisync ActiveX
-CVE-2009-0305 (Multiple stack-based buffer overflows in the Research in Motion RIM ...)
+CVE-2009-0305
 	NOT-FOR-US: ActiveX
-CVE-2009-0304 (The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before ...)
+CVE-2009-0304
 	NOT-FOR-US: Solaris
-CVE-2009-0303 (Cross-site scripting (XSS) vulnerability in Web Help Desk before ...)
+CVE-2009-0303
 	NOT-FOR-US: Web Help Desk
-CVE-2009-0302 (SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 ...)
+CVE-2009-0302
 	NOT-FOR-US: PHP-Nuke
-CVE-2009-0301 (Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX ...)
+CVE-2009-0301
 	NOT-FOR-US: FlexCell Grid Control
 CVE-2009-0300
 	REJECTED
-CVE-2009-0299 (SQL injection vulnerability in index.php in Groone GLinks 2.1 allows ...)
+CVE-2009-0299
 	NOT-FOR-US: Groone GLinks
-CVE-2009-0298 (Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control ...)
+CVE-2009-0298
 	NOT-FOR-US: MW6 Technologies Barcode
-CVE-2009-0297 (SQL injection vulnerability in login_check.asp in ClickAuction allows ...)
+CVE-2009-0297
 	NOT-FOR-US: ClickAuction
-CVE-2009-0296 (SQL injection vulnerability in shop_display_products.php in Script ...)
+CVE-2009-0296
 	NOT-FOR-US: Script Toko Online
-CVE-2009-0295 (SQL injection vulnerability in index.php in Information Technology ...)
+CVE-2009-0295
 	NOT-FOR-US: ITLPoll
-CVE-2009-0294 (Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, ...)
+CVE-2009-0294
 	NOT-FOR-US: WB News
-CVE-2009-0293 (SQL injection vulnerability in profile_view.php in Wazzum Dating ...)
+CVE-2009-0293
 	NOT-FOR-US: Wazzum Dating Software
-CVE-2009-0292 (SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows ...)
+CVE-2009-0292
 	NOT-FOR-US: SHOP-INET
-CVE-2009-0291 (Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows ...)
+CVE-2009-0291
 	- openx <itp> (bug #513771)
-CVE-2009-0290 (Directory traversal vulnerability in common.php in SIR GNUBoard ...)
+CVE-2009-0290
 	NOT-FOR-US: GNUBoard
-CVE-2009-0289 (k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to ...)
+CVE-2009-0289
 	NOT-FOR-US: k23productions TFTPUtil GUI
-CVE-2009-0288 (Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 ...)
+CVE-2009-0288
 	NOT-FOR-US: k23productions TFTPUtil GUI
-CVE-2009-0287 (SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before ...)
+CVE-2009-0287
 	NOT-FOR-US: KEEP Toolkit
-CVE-2009-0286 (Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, ...)
+CVE-2009-0286
 	NOT-FOR-US: OpenGoo
-CVE-2009-0285 (Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 ...)
+CVE-2009-0285
 	NOT-FOR-US: BBSXP
-CVE-2009-0284 (SQL injection vulnerability in category.php in Flax Article Manager ...)
+CVE-2009-0284
 	NOT-FOR-US: Flax Article Manager
-CVE-2009-0283 (Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows ...)
+CVE-2009-0283
 	NOT-FOR-US: Oblog
-CVE-2009-0281 (SQL injection vulnerability in login.aspx in WarHound Walking Club ...)
+CVE-2009-0281
 	NOT-FOR-US: WarHound Walking Club
-CVE-2009-0280 (Asp Project Management 1.0 allows remote attackers to bypass ...)
+CVE-2009-0280
 	NOT-FOR-US: Asp Project Management
-CVE-2009-0279 (SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and ...)
+CVE-2009-0279
 	NOT-FOR-US: Pardal CMS
-CVE-2009-0323 (Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 ...)
+CVE-2009-0323
 	- amaya <removed> (medium; bug #507587)
 	NOTE: http://www.coresecurity.com/content/amaya-buffer-overflows
-CVE-2009-0282 (Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 ...)
+CVE-2009-0282
 	{DSA-1714-1 DSA-1713-1 DSA-1712-1}
 	- rt2400 1.2.2+cvs20080623-3 (bug #512999)
 	- rt2500 1:1.1.0-b4+cvs20080623-3 (bug #513000)
 	- rt2570 1.1.0+cvs20080623-2 (bug #513001)
 	- rt73 1:1.0.3.6-cvs20080623-dfsg1-3 (bug #512995)
-CVE-2009-0312 (Cross-site scripting (XSS) vulnerability in the antispam feature ...)
+CVE-2009-0312
 	{DSA-1715-1 DTSA-187-1}
 	- moin 1.8.1-1.1 (low)
 	NOTE: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad
-CVE-2009-0276 (Cross-domain vulnerability in the V8 JavaScript engine in Google ...)
+CVE-2009-0276
 	- chromium-browser <not-affected> (only 1.x is affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-0274 (Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, ...)
+CVE-2009-0274
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0273 (Multiple cross-site scripting (XSS) vulnerabilities in Novell ...)
+CVE-2009-0273
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0272 (Cross-site request forgery (CSRF) vulnerability in Novell GroupWise ...)
+CVE-2009-0272
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0269 (fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel ...)
+CVE-2009-0269
 	{DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1
 	[etch] - linux-2.6 <not-affected> (ecryptfs was merged in 2.6.19)
 	- linux-2.6.24 <removed>
-CVE-2009-0265 (Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not ...)
+CVE-2009-0265
 	- bind9 <not-affected> (vulnerable code not present, introduced in 9.6.x)
-CVE-2009-0278 (Sun Java System Application Server (AS) 8.1 and 8.2 allows remote ...)
+CVE-2009-0278
 	NOT-FOR-US: Sun Java System Application Server (AS)
-CVE-2009-0277 (Unspecified vulnerability in the kernel in OpenSolaris snv_100 through ...)
+CVE-2009-0277
 	NOT-FOR-US: OpenSolaris
-CVE-2009-0275 (Static code injection vulnerability in admin.php in Ryneezy phoSheezy ...)
+CVE-2009-0275
 	NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0271 (Directory traversal vulnerability in the TFTP service in Fujitsu ...)
+CVE-2009-0271
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0270 (Stack-based buffer overflow in PXEService.exe in Fujitsu ...)
+CVE-2009-0270
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0268 (Race condition in the pseudo-terminal (aka pty) driver module in Sun ...)
+CVE-2009-0268
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0267 (libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does ...)
+CVE-2009-0267
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0266 (Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows ...)
+CVE-2009-0266
 	NOT-FOR-US: Triologic Media Player
-CVE-2009-0264 (Buffer overflow in the Registry Setting Tool in Fujitsu ...)
+CVE-2009-0264
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0263 (Multiple buffer overflows in Winamp 5.541 and earlier allow remote ...)
+CVE-2009-0263
 	NOT-FOR-US: Winamp
-CVE-2009-0262 (Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 ...)
+CVE-2009-0262
 	NOT-FOR-US: Triologic Media Player
-CVE-2009-0261 (Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 ...)
+CVE-2009-0261
 	NOT-FOR-US: EffectMatrix Total Video Player
-CVE-2009-0260 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2009-0260
 	{DSA-1715-1 DTSA-187-1}
 	- moin 1.8.1-1.1 (bug #513158; low)
-CVE-2009-0259 (The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote ...)
+CVE-2009-0259
 	- openoffice.org 2.0.4.dfsg.2-7
 	NOTE: Checked with maintainer and issue was fixed long ago, marking etch version as fixed for now
-CVE-2009-0254 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted ...)
+CVE-2009-0254
 	NOT-FOR-US: easyHDR PRO
-CVE-2009-0253 (Mozilla Firefox 3.0.5 allows remote attackers to trick a user into ...)
+CVE-2009-0253
 	NOTE: Mozilla #474967, upstream disputes this being a bug
-CVE-2009-0252 (Multiple SQL injection vulnerabilities in default.asp in Enthrallweb ...)
+CVE-2009-0252
 	NOT-FOR-US: Enthrallweb eReservations
-CVE-2009-0251 (Static code injection vulnerability in admin.php in Ryneezy phoSheezy ...)
+CVE-2009-0251
 	NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0250 (Ryneezy phoSheezy 0.2 stores sensitive information under the web root ...)
+CVE-2009-0250
 	NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0249 (Katy Whitton RankEm stores sensitive information under the web root ...)
+CVE-2009-0249
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2009-0248 (Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton ...)
+CVE-2009-0248
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2009-0247 (The server for 53KF Web IM 2009 Home, Professional, and Enterprise ...)
+CVE-2009-0247
 	NOT-FOR-US: 53KF Web IM
-CVE-2009-0246 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted ...)
+CVE-2009-0246
 	NOT-FOR-US: easyHDR PRO
-CVE-2009-0414 (Unspecified vulnerability in Tor before 0.2.0.33 has unspecified ...)
+CVE-2009-0414
 	- tor 0.2.0.33-1
-CVE-2009-0245 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS ...)
+CVE-2009-0245
 	NOT-FOR-US: Usagi Project MyNETS
-CVE-2009-0244 (Directory traversal vulnerability in the OBEX FTP Service in the ...)
+CVE-2009-0244
 	NOT-FOR-US: Microsoft product
-CVE-2009-0243 (Microsoft Windows does not properly enforce the Autorun and ...)
+CVE-2009-0243
 	NOT-FOR-US: Microsoft product
-CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 ...)
+CVE-2009-0255
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
-CVE-2009-0256 (Session fixation vulnerability in the authentication library in TYPO3 ...)
+CVE-2009-0256
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
-CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 ...)
+CVE-2009-0257
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
-CVE-2009-0258 (The Indexed Search Engine (indexed_search) system extension in TYPO3 ...)
+CVE-2009-0258
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
 CVE-2009-0242
 	REJECTED
-CVE-2009-0241 (Stack-based buffer overflow in the process_path function in ...)
+CVE-2009-0241
 	{DSA-1710-1}
 	- ganglia-monitor-core 2.5.7-5 (medium; bug #512637)
-CVE-2009-0240 (listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN ...)
+CVE-2009-0240
 	{DSA-1725-1}
 	- websvn 2.0-4+lenny1 (bug #512191)
 	[etch] - websvn <not-affected> (authenthication doesn't exist in that version)
-CVE-2009-0239 (Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for ...)
+CVE-2009-0239
 	NOT-FOR-US: Microsoft
-CVE-2009-0238 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; ...)
+CVE-2009-0238
 	NOT-FOR-US: Microsoft
-CVE-2009-0237 (Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML ...)
+CVE-2009-0237
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
 CVE-2009-0236
 	REJECTED
-CVE-2009-0235 (Stack-based buffer overflow in the Word 97 text converter in WordPad ...)
+CVE-2009-0235
 	NOT-FOR-US: Microsoft WordPad
-CVE-2009-0234 (The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in ...)
+CVE-2009-0234
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0233 (The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in ...)
+CVE-2009-0233
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0232 (Integer overflow in the Embedded OpenType (EOT) Font Engine in ...)
+CVE-2009-0232
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0231 (The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft ...)
+CVE-2009-0231
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0230 (The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and ...)
+CVE-2009-0230
 	NOT-FOR-US: Microsoft
-CVE-2009-0229 (The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and ...)
+CVE-2009-0229
 	NOT-FOR-US: Microsoft
-CVE-2009-0228 (Stack-based buffer overflow in the EnumeratePrintShares function in ...)
+CVE-2009-0228
 	NOT-FOR-US: Microsoft
-CVE-2009-0227 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter ...)
+CVE-2009-0227
 	NOT-FOR-US: Microsoft
-CVE-2009-0226 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in ...)
+CVE-2009-0226
 	NOT-FOR-US: Microsoft
-CVE-2009-0225 (Microsoft Office PowerPoint 2002 SP3 allows remote attackers to ...)
+CVE-2009-0225
 	NOT-FOR-US: Microsoft
-CVE-2009-0224 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 ...)
+CVE-2009-0224
 	NOT-FOR-US: Microsoft
-CVE-2009-0223 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+CVE-2009-0223
 	NOT-FOR-US: Microsoft
-CVE-2009-0222 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+CVE-2009-0222
 	NOT-FOR-US: Microsoft
-CVE-2009-0221 (Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 ...)
+CVE-2009-0221
 	NOT-FOR-US: Microsoft
-CVE-2009-0220 (Multiple stack-based buffer overflows in the PowerPoint 4.0 importer ...)
+CVE-2009-0220
 	NOT-FOR-US: Microsoft
-CVE-2009-0219 (The PDF distiller in the Attachment Service in Research in Motion ...)
+CVE-2009-0219
 	NOT-FOR-US: BlackBerry
-CVE-2009-0218 (Insecure method vulnerability in Particle Software IntraLaunch ...)
+CVE-2009-0218
 	NOT-FOR-US: IntraLaunch Application Launcher ActiveX control
-CVE-2009-0217 (The design of the W3C XML Signature Syntax and Processing (XMLDsig) ...)
+CVE-2009-0217
 	{DSA-1995-1 DSA-1849-1 DTSA-205-1}
 	- xml-security-c 1.4.0-4
 	- xmlsec1 1.2.12-1
@@ -13120,117 +13120,117 @@ CVE-2009-0217 (The design of the W3C XML Signature Syntax and Processing (XMLDsi
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 	- openoffice.org 1:3.1.1-16
-CVE-2009-0216 (GE Fanuc iFIX 5.0 and earlier relies on client-side authentication ...)
+CVE-2009-0216
 	NOT-FOR-US: GE Fanuc iFIX
-CVE-2009-0215 (Stack-based buffer overflow in the GetXMLValue method in the IBM ...)
+CVE-2009-0215
 	NOT-FOR-US: IBM Access Support ActiveX
-CVE-2009-0214 (Unspecified vulnerability in the WebFGServer application in AREVA ...)
+CVE-2009-0214
 	NOT-FOR-US: WebFGServer
-CVE-2009-0213 (Unspecified vulnerability in the NETIO application in AREVA ...)
+CVE-2009-0213
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0212 (Unspecified vulnerability in the WebFGServer application in AREVA ...)
+CVE-2009-0212
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0211 (Unspecified vulnerability in the WebFGServer application in AREVA ...)
+CVE-2009-0211
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0210 (Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and ...)
+CVE-2009-0210
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0209 (PI Server in OSIsoft PI System before 3.4.380.x does not properly use ...)
+CVE-2009-0209
 	NOT-FOR-US: OSIsoft PI System
-CVE-2009-0208 (Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, ...)
+CVE-2009-0208
 	NOT-FOR-US: HP Virtual Rooms Client
-CVE-2009-0207 (Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk ...)
+CVE-2009-0207
 	NOT-FOR-US: VERITAS Oracle Disk Manager
-CVE-2009-0206 (Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and earlier ...)
+CVE-2009-0206
 	NOT-FOR-US: HP ONCplus
 CVE-2009-0205
 	RESERVED
-CVE-2009-0204 (Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and ...)
+CVE-2009-0204
 	NOT-FOR-US: HP Select Access
 CVE-2009-0203
 	RESERVED
-CVE-2009-0202 (Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows ...)
+CVE-2009-0202
 	NOT-FOR-US: Microsoft
-CVE-2009-0201 (Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and ...)
+CVE-2009-0201
 	{DSA-1880-1}
 	- openoffice.org 1:3.1.1~ooo310m15-1
-CVE-2009-0200 (Integer underflow in OpenOffice.org (OOo) before 3.1.1 and ...)
+CVE-2009-0200
 	{DSA-1880-1}
 	- openoffice.org 1:3.1.1~ooo310m15-1
-CVE-2009-0199 (Heap-based buffer overflow in the VMnc media codec in vmnc.dll in ...)
+CVE-2009-0199
 	NOT-FOR-US: VMware Movie Decoder
-CVE-2009-0198 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
+CVE-2009-0198
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0197 (Integer overflow in the FORMATS Plugin before 4.23 for IrfanView ...)
+CVE-2009-0197
 	NOT-FOR-US: IrfanView
-CVE-2009-0196 (Heap-based buffer overflow in the big2_decode_symbol_dict function ...)
+CVE-2009-0196
 	{DSA-2080-1 DTSA-198-1}
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #524803)
 	- gs-gpl <removed> (medium; bug #561717)
 	- jbig2dec <not-affected> (already fixed in initial upload)
-CVE-2009-0195 (Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, ...)
+CVE-2009-0195
 	{DSA-1790-1}
 	- xpdf 3.02-1.4+lenny1 (medium; bug #524809)
 	[squeeze] - xpdf 3.02-1.4+lenny1
-CVE-2009-0194 (The domain-locking implementation in the ...)
+CVE-2009-0194
 	NOT-FOR-US: Garmin Communicator Plug-In
-CVE-2009-0193 (Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 ...)
+CVE-2009-0193
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2009-0192 (Off-by-one error in the iMonitor component in Novell eDirectory 8.8 ...)
+CVE-2009-0192
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-0191 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, ...)
+CVE-2009-0191
 	NOT-FOR-US: Foxit Reader
 CVE-2009-0190
 	REJECTED
 CVE-2009-0189
 	REJECTED
-CVE-2009-0188 (Apple QuickTime before 7.6.2 allows remote attackers to execute ...)
+CVE-2009-0188
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0187 (Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and ...)
+CVE-2009-0187
 	NOT-FOR-US: Orbit Downloader
-CVE-2009-0186 (Integer overflow in libsndfile 1.0.18, as used in Winamp and other ...)
+CVE-2009-0186
 	{DSA-1742-1 DTSA-202-1}
 	- libsndfile 1.0.19-1 (medium)
-CVE-2009-0185 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
+CVE-2009-0185
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0184 (Multiple buffer overflows in the torrent parsing implementation in ...)
+CVE-2009-0184
 	NOT-FOR-US: Free Download Manager
-CVE-2009-0183 (Stack-based buffer overflow in Remote Control Server in Free Download ...)
+CVE-2009-0183
 	NOT-FOR-US: Free Download Manager
-CVE-2009-0182 (Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted ...)
+CVE-2009-0182
 	NOT-FOR-US: VUPlayer
-CVE-2009-0181 (Buffer overflow in VUPlayer allows user-assisted attackers to have an ...)
+CVE-2009-0181
 	NOT-FOR-US: VUPlayer
-CVE-2009-0180 (Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on ...)
+CVE-2009-0180
 	NOT-FOR-US: Fedora specific issue
-CVE-2009-0179 (libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other ...)
+CVE-2009-0179
 	- libmikmod 3.1.11-6.1 (low; bug #476339)
 	[etch] - libmikmod <no-dsa> (Minor issue)
 	[lenny] - libmikmod <no-dsa> (Minor issue)
-CVE-2009-0178 (Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 ...)
+CVE-2009-0178
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2009-0177 (vmwarebase.dll, as used in the vmware-authd service (aka ...)
+CVE-2009-0177
 	NOT-FOR-US: vmware-authd
-CVE-2009-0176 (Multiple heap-based buffer overflows in the PDF distiller in the ...)
+CVE-2009-0176
 	NOT-FOR-US: Attachment Service in Research in Motion
-CVE-2009-0175 (Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 ...)
+CVE-2009-0175
 	NOT-FOR-US: Heathco Software MP3 TrackMaker
-CVE-2009-0174 (Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers ...)
+CVE-2009-0174
 	NOT-FOR-US: VUPlayer
-CVE-2009-0173 (Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 ...)
+CVE-2009-0173
 	NOT-FOR-US: IBM DB2
-CVE-2009-0172 (Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, ...)
+CVE-2009-0172
 	NOT-FOR-US: IBM DB2 9.1
-CVE-2009-0171 (The Sun SPARC Enterprise M4000 and M5000 Server, within a certain ...)
+CVE-2009-0171
 	NOT-FOR-US: Sun SPARC Enterprise M4000 and M5000 Server
-CVE-2009-0170 (Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows ...)
+CVE-2009-0170
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-0169 (Sun Java System Access Manager 7.1 allows remote authenticated ...)
+CVE-2009-0169
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-0168 (Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris ...)
+CVE-2009-0168
 	NOT-FOR-US: ppdmgr in Sun Solaris 10 and OpenSolaris
-CVE-2009-0167 (Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris ...)
+CVE-2009-0167
 	NOT-FOR-US: lpadmin in Sun Solaris 10 and OpenSolaris
-CVE-2009-0166 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
+CVE-2009-0166
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -13239,55 +13239,55 @@ CVE-2009-0166 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and ear
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0165 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as ...)
+CVE-2009-0165
 	{DSA-1793-1 DSA-1790-1}
 	- xpdf 3.02-1.4+lenny1 (low; bug #524809)
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (low; bug #528369)
-CVE-2009-0164 (The web interface for CUPS before 1.3.10 does not validate the HTTP ...)
+CVE-2009-0164
 	- cups 1.3.10-1 (low)
 	[lenny] - cups <no-dsa> (Minor issue, needs several prerequirements for attack)
 	- cupsys <removed>
 	[etch] - cupsys <no-dsa> (Minor issue, needs several prerequirements for attack)
-CVE-2009-0163 (Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and ...)
+CVE-2009-0163
 	{DSA-1773-1}
 	- cups 1.3.10-1
 	- cupsys <removed>
-CVE-2009-0162 (Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 ...)
+CVE-2009-0162
 	NOT-FOR-US: Safari
-CVE-2009-0161 (The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 ...)
+CVE-2009-0161
 	NOT-FOR-US: Mac OS X
 	NOTE: dupe of CVE-2009-0642
-CVE-2009-0160 (QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 ...)
+CVE-2009-0160
 	NOT-FOR-US: QuickDraw Manager
-CVE-2009-0159 (Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c ...)
+CVE-2009-0159
 	{DSA-1801-1}
 	- ntp 1:4.2.4p6+dfsg-2 (low; bug #525373)
-CVE-2009-0158 (Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and ...)
+CVE-2009-0158
 	NOT-FOR-US: telnet in Apple Mac OS X
-CVE-2009-0157 (Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before ...)
+CVE-2009-0157
 	NOT-FOR-US: CFNetwork in Apple
-CVE-2009-0156 (Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 ...)
+CVE-2009-0156
 	NOT-FOR-US: Launch Services in Apple Mac OS
-CVE-2009-0155 (Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before ...)
+CVE-2009-0155
 	NOT-FOR-US: CoreGraphics in Apple Mac OS
-CVE-2009-0154 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+CVE-2009-0154
 	NOT-FOR-US: Apple Type Services
-CVE-2009-0153 (International Components for Unicode (ICU) 4.0, 3.6, and other 3.x ...)
+CVE-2009-0153
 	{DSA-1889-1}
 	- icu 4.0.1-1 (low; bug #534590)
-CVE-2009-0152 (iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL ...)
+CVE-2009-0152
 	NOT-FOR-US: iChat in Apple Mac OS X
-CVE-2009-0151 (The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not ...)
+CVE-2009-0151
 	NOT-FOR-US: screen saver in Dock in Apple Mac OS X
-CVE-2009-0150 (Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 ...)
+CVE-2009-0150
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0149 (Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to ...)
+CVE-2009-0149
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0148 (Multiple buffer overflows in Cscope before 15.7a allow remote ...)
+CVE-2009-0148
 	{DSA-1806-1}
 	- cscope 15.7a-1 (low; bug #528510)
-CVE-2009-0147 (Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ...)
+CVE-2009-0147
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (low; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -13296,7 +13296,7 @@ CVE-2009-0147 (Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 a
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0146 (Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ...)
+CVE-2009-0146
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -13305,74 +13305,74 @@ CVE-2009-0146 (Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 an
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0145 (CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone ...)
+CVE-2009-0145
 	NOT-FOR-US: CoreGraphics in Apple Mac OS X
-CVE-2009-0144 (CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse ...)
+CVE-2009-0144
 	NOT-FOR-US: CFNetwork in Apple Mac OS X
-CVE-2009-0143 (Apple iTunes before 8.1 does not properly inform the user about the ...)
+CVE-2009-0143
 	NOT-FOR-US: Apple iTunes
-CVE-2009-0142 (Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local ...)
+CVE-2009-0142
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0141 (XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, ...)
+CVE-2009-0141
 	NOT-FOR-US: XTerm in Apple Mac OS X
-CVE-2009-0140 (Unspecified vulnerability in the SMB component in Apple Mac OS X ...)
+CVE-2009-0140
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0139 (Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows ...)
+CVE-2009-0139
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0138 (servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly ...)
+CVE-2009-0138
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0137 (Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X ...)
+CVE-2009-0137
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0134 (Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX ...)
+CVE-2009-0134
 	NOT-FOR-US: EasyGrid.SGCtrl.32 ActiveX control
-CVE-2009-0135 (Multiple integer overflows in the Audible::Tag::readTag function in ...)
+CVE-2009-0135
 	{DSA-1706-1}
 	- amarok 1.4.10-2 (medium)
-CVE-2009-0136 (Multiple array index errors in the Audible::Tag::readTag function in ...)
+CVE-2009-0136
 	{DSA-1706-1}
 	- amarok 1.4.10-2 (medium)
-CVE-2009-0133 (Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier ...)
+CVE-2009-0133
 	NOT-FOR-US: Microsoft HTML Help Workshop
-CVE-2009-0132 (Integer overflow in the aio_suspend function in Sun Solaris 8 through ...)
+CVE-2009-0132
 	NOT-FOR-US: Solaris
-CVE-2009-0131 (The UFS implementation in the kernel in Sun OpenSolaris snv_29 through ...)
+CVE-2009-0131
 	NOT-FOR-US: UFS in OpenSolaris
-CVE-2009-0130 (** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not ...)
+CVE-2009-0130
 	- erlang <unfixed> (unimportant; bug #511520)
 	NOTE: the return value is passed to the caller (lib/crypto/src/crypto.erl) which
 	NOTE: only return success in case of DSA_do_verify returning 1 and failure otherwise
 	NOTE: this is likely to be rejected
-CVE-2009-0129 (libcrypt-openssl-dsa-perl does not properly check the return value ...)
+CVE-2009-0129
 	- libcrypt-openssl-dsa-perl 0.13-4 (bug #511519)
-CVE-2009-0128 (plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for ...)
+CVE-2009-0128
 	{DTSA-185-1}
 	- slurm-llnl 1.3.13-1 (bug #511511)
-CVE-2009-0127 (** DISPUTED ** M2Crypto does not properly check the return value from ...)
+CVE-2009-0127
 	- m2crypto <unfixed> (bug #511515; unimportant)
 	NOTE: m2crypto provides a direct mapping of the OpenSSL functions, no incorrect
 	NOTE: call sites are known, if such are found they should be fixed in the respective
 	NOTE: applications
-CVE-2009-0126 (The decrypt_public function in lib/crypt.cpp in the client in Berkeley ...)
+CVE-2009-0126
 	{DSA-1718-1}
 	- boinc 6.2.14-3 (bug #511521)
-CVE-2009-0125 (** DISPUTED ** ...)
+CVE-2009-0125
 	- libnasl <removed> (unimportant; bug #511517)
-CVE-2009-0124 (The tqsl_verifyDataBlock function in openssl_cert.cpp in American ...)
+CVE-2009-0124
 	- tqsllib 2.0-8 (low; bug #511509)
 	[etch] - tqsllib <no-dsa> (Minor issue)
-CVE-2009-0123 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows ...)
+CVE-2009-0123
 	NOT-FOR-US: Apple Safari
-CVE-2009-0122 (hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and ...)
+CVE-2009-0122
 	- hplip <not-affected> (only a bug in ubuntus postinst script, we use our own postinst which is not vulnerable)
 CVE-2009-XXXX [unspecified multiple Drupal vulnerabilies, likely some overlap with the next temp entry]
 	- drupal6 6.6-3
 CVE-2009-XXXX [unspecified Drupal SQL injection]
 	- drupal5 5.15-1
-CVE-2009-0121 (SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 ...)
+CVE-2009-0121
 	NOT-FOR-US: Goople CMS
-CVE-2009-0120 (The IBM WebSphere DataPower XML Security Gateway XS40 with firmware ...)
+CVE-2009-0120
 	NOT-FOR-US: Web Sphere
-CVE-2009-0119 (Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to ...)
+CVE-2009-0119
 	NOT-FOR-US: Windows
 CVE-2009-0118
 	RESERVED
@@ -13380,272 +13380,272 @@ CVE-2009-0117
 	RESERVED
 CVE-2009-0116
 	RESERVED
-CVE-2009-0115 (The Device Mapper multipathing driver (aka multipath-tools or ...)
+CVE-2009-0115
 	{DSA-1767-1}
 	- multipath-tools 0.4.8-15 (low; bug #522813)
 CVE-2009-XXXX [openslp: insecure cert validation through openssl api misuse]
 	- openslp-dfsg <not-affected> (Debian's openslp doesn't build with SSL support)
-CVE-2009-0114 (Unspecified vulnerability in the Settings Manager in Adobe Flash ...)
+CVE-2009-0114
 	NOT-FOR-US: Flash
-CVE-2009-0113 (Directory traversal vulnerability in attachmentlibrary.php in the ...)
+CVE-2009-0113
 	NOT-FOR-US: Joomla! component
-CVE-2009-0112 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2009-0112
 	NOT-FOR-US: PollPro
-CVE-2009-0111 (SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and ...)
+CVE-2009-0111
 	NOT-FOR-US: Goople CMS
-CVE-2009-0110 (SQL injection vulnerability in read.php in RiotPix 0.61 and earlier ...)
+CVE-2009-0110
 	NOT-FOR-US: RiotPix
-CVE-2009-0109 (SQL injection vulnerability in index.php in RiotPix 0.61 and earlier ...)
+CVE-2009-0109
 	NOT-FOR-US: RiotPix
-CVE-2009-0108 (PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass ...)
+CVE-2009-0108
 	NOT-FOR-US: PHPAuctions
-CVE-2009-0107 (Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions ...)
+CVE-2009-0107
 	NOT-FOR-US: PHPAuctions
-CVE-2009-0106 (SQL injection vulnerability in profile.php in PHPAuctions (aka ...)
+CVE-2009-0106
 	NOT-FOR-US: PHPAuctions
-CVE-2009-0105 (Cross-site scripting (XSS) vulnerability in index.php in EZpack 4.2b2 ...)
+CVE-2009-0105
 	NOT-FOR-US: EZpack
-CVE-2009-0104 (SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote ...)
+CVE-2009-0104
 	NOT-FOR-US: EZpack
-CVE-2009-0103 (Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 ...)
+CVE-2009-0103
 	NOT-FOR-US: playSMS
-CVE-2009-0102 (Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, ...)
+CVE-2009-0102
 	NOT-FOR-US: Microsoft
 CVE-2009-0101
 	REJECTED
-CVE-2009-0100 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; ...)
+CVE-2009-0100
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2009-0099 (The Electronic Messaging System Microsoft Data Base (EMSMDB32) ...)
+CVE-2009-0099
 	NOT-FOR-US: Microsoft
-CVE-2009-0098 (Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and ...)
+CVE-2009-0098
 	NOT-FOR-US: Microsoft
-CVE-2009-0097 (Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly ...)
+CVE-2009-0097
 	NOT-FOR-US: Microsoft
-CVE-2009-0096 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not ...)
+CVE-2009-0096
 	NOT-FOR-US: Microsoft
-CVE-2009-0095 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not ...)
+CVE-2009-0095
 	NOT-FOR-US: Microsoft
-CVE-2009-0094 (The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and ...)
+CVE-2009-0094
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0093 (Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and ...)
+CVE-2009-0093
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-0092
 	REJECTED
-CVE-2009-0091 (Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly ...)
+CVE-2009-0091
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2009-0090 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not ...)
+CVE-2009-0090
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2009-0089 (Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP ...)
+CVE-2009-0089
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0088 (The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft ...)
+CVE-2009-0088
 	NOT-FOR-US: Microsoft Office
-CVE-2009-0087 (Unspecified vulnerability in the Word 6 text converter in WordPad in ...)
+CVE-2009-0087
 	NOT-FOR-US: Microsoft Word
-CVE-2009-0086 (Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft ...)
+CVE-2009-0086
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0085 (The Secure Channel (aka SChannel) authentication component in ...)
+CVE-2009-0085
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0084 (Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 ...)
+CVE-2009-0084
 	NOT-FOR-US: DirectX
-CVE-2009-0083 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server ...)
+CVE-2009-0083
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0082 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2009-0082
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0081 (The graphics device interface (GDI) implementation in the kernel in ...)
+CVE-2009-0081
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0080 (The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, ...)
+CVE-2009-0080
 	NOT-FOR-US: Windows Vista
-CVE-2009-0079 (The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 ...)
+CVE-2009-0079
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2009-0078 (The Windows Management Instrumentation (WMI) provider in Microsoft ...)
+CVE-2009-0078
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2009-0077 (The firewall engine in Microsoft Forefront Threat Management Gateway, ...)
+CVE-2009-0077
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
-CVE-2009-0076 (Microsoft Internet Explorer 7, when XHTML strict mode is used, allows ...)
+CVE-2009-0076
 	NOT-FOR-US: Microsoft
-CVE-2009-0075 (Microsoft Internet Explorer 7 does not properly handle errors during ...)
+CVE-2009-0075
 	NOT-FOR-US: Microsoft
 CVE-2009-0074
 	REJECTED
 CVE-2009-0073
 	REJECTED
-CVE-2009-0072 (Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote ...)
+CVE-2009-0072
 	NOT-FOR-US: Internet Explorer
-CVE-2009-0071 (Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is ...)
+CVE-2009-0071
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-0070 (Integer signedness error in Apple Safari allows remote attackers to ...)
+CVE-2009-0070
 	NOT-FOR-US: Apple Safari
-CVE-2009-0069 (Unspecified vulnerability in the nfs4rename_persistent_fh function in ...)
+CVE-2009-0069
 	NOT-FOR-US: Solaris
-CVE-2009-0068 (Interaction error in xdg-open allows remote attackers to execute ...)
+CVE-2009-0068
 	- xdg-utils <not-affected> (xdg-open is not added to mailcap)
 CVE-2009-0067
 	RESERVED
-CVE-2009-0066 (Multiple unspecified vulnerabilities in Intel system software for ...)
+CVE-2009-0066
 	NOT-FOR-US: Intel system software for TXT
-CVE-2009-0065 (Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control ...)
+CVE-2009-0065
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1
 	- linux-2.6.24 <removed>
-CVE-2009-0064 (Multiple unspecified vulnerabilities in the Control Center in Symantec ...)
+CVE-2009-0064
 	NOT-FOR-US: Symantec Brightmail Gateway Appliance
-CVE-2009-0063 (Cross-site scripting (XSS) vulnerability in the Control Center in ...)
+CVE-2009-0063
 	NOT-FOR-US: Symantec Brightmail Gateway Appliance
-CVE-2009-0062 (Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), ...)
+CVE-2009-0062
 	NOT-FOR-US: Cisco
-CVE-2009-0061 (Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC ...)
+CVE-2009-0061
 	NOT-FOR-US: Cisco
 CVE-2009-0060
 	RESERVED
-CVE-2009-0059 (The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless ...)
+CVE-2009-0059
 	NOT-FOR-US: Cisco
-CVE-2009-0058 (The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless ...)
+CVE-2009-0058
 	NOT-FOR-US: Cisco
-CVE-2009-0057 (The Certificate Authority Proxy Function (CAPF) service in Cisco ...)
+CVE-2009-0057
 	NOT-FOR-US: Cisco
-CVE-2009-0056 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
+CVE-2009-0056
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0055 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
+CVE-2009-0055
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0054 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before ...)
+CVE-2009-0054
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0053 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before ...)
+CVE-2009-0053
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0052 (The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access ...)
+CVE-2009-0052
 	NOT-FOR-US: Netgear WNDAP330 Access Point
-CVE-2009-0051 (ZXID 0.29 and earlier does not properly check the return value from ...)
+CVE-2009-0051
 	NOT-FOR-US: ZXID
-CVE-2009-0050 (Lasso 2.2.1 and earlier does not properly check the return value from ...)
+CVE-2009-0050
 	{DSA-1700-1}
 	- lasso 2.2.1-2 (bug #511262)
-CVE-2009-0049 (Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly ...)
+CVE-2009-0049
 	{DSA-1946-1}
 	- belpic 2.6.0-6 (bug #511261)
-CVE-2009-0048 (OpenEvidence 1.0.6 and earlier does not properly check the return ...)
+CVE-2009-0048
 	NOT-FOR-US: OpenEvidence
-CVE-2009-0047 (Gale 0.99 and earlier does not properly check the return value from ...)
+CVE-2009-0047
 	NOT-FOR-US: Gale
-CVE-2009-0046 (Sun GridEngine 5.3 and earlier does not properly check the return ...)
+CVE-2009-0046
 	NOT-FOR-US: Sun GridEngine
 CVE-2009-0045
 	RESERVED
 CVE-2009-0044
 	RESERVED
-CVE-2009-0043 (The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 ...)
+CVE-2009-0043
 	NOT-FOR-US: CA Service Metric Analysis r11.0 through r11.1 SP1 and Service
-CVE-2009-0042 (Multiple unspecified vulnerabilities in the Arclib library ...)
+CVE-2009-0042
 	NOT-FOR-US: CA Anti-Virus
-CVE-2009-0041 (IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before ...)
+CVE-2009-0041
 	{DSA-1952-1}
 	- asterisk 1:1.6.1.0~dfsg~rc3-1 (low; bug #513413)
 	[lenny] - asterisk <no-dsa> (Minor issue)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0040 (The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before ...)
+CVE-2009-0040
 	{DSA-1830-1 DSA-1750-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- libpng 1.2.35-1 (bug #516256)
-CVE-2009-0039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2009-0039
 	- geronimo <itp> (bug #481869)
-CVE-2009-0038 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2009-0038
 	- geronimo <itp> (bug #481869)
-CVE-2009-0037 (The redirect implementation in curl and libcurl 5.11 through 7.19.3, ...)
+CVE-2009-0037
 	{DSA-1738-1}
 	- curl 7.18.2-8.1 (bug #518423)
-CVE-2009-0036 (Buffer overflow in the proxyReadClientSocket function in ...)
+CVE-2009-0036
 	- libvirt 0.5.1-7 (unimportant)
 	NOTE: not building libvirt proxy from libvirt source package
 CVE-2009-0035 [alsainfo insecure temp file usage]
 	RESERVED
 	- alsa-driver 1.0.20-1 (unimportant)
 	NOTE: alsainfo not built into source package
-CVE-2009-0034 (parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret ...)
+CVE-2009-0034
 	- sudo 1.6.9p17-2 (medium)
 	[etch] - sudo <not-affected> (Vulnerable code not present)
-CVE-2009-0033 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 ...)
+CVE-2009-0033
 	{DSA-2207-1}
 	- tomcat6 6.0.28-1
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5 <removed> (medium; bug #532363)
 	- tomcat5.5 <removed> (medium; bug #532366)
-CVE-2009-0032 (CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) ...)
+CVE-2009-0032
 	NOT-FOR-US: issue affects pdfdistiller
-CVE-2009-0031 (Memory leak in the keyctl_join_session_keyring function ...)
+CVE-2009-0031
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-0030 (A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID ...)
+CVE-2009-0030
 	- squirrelmail <not-affected> (RedHat-specific regression)
-CVE-2009-0029 (The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, ...)
+CVE-2009-0029
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (medium; bug #536147)
 	- linux-2.6.24 <removed>
-CVE-2009-0028 (The clone system call in the Linux kernel 2.6.28 and earlier allows ...)
+CVE-2009-0028
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	- linux-2.6.24 <removed>
-CVE-2009-0027 (The request handler in JBossWS in JBoss Enterprise Application ...)
+CVE-2009-0027
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-0026 (Multiple cross-site scripting (XSS) vulnerabilities in Apache ...)
+CVE-2009-0026
 	NOT-FOR-US: Apache Jackrabbit
-CVE-2009-0025 (BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check ...)
+CVE-2009-0025
 	{DSA-1703-1}
 	- bind9 1:9.5.1.dfsg.P1-1 (low; bug #511936)
 	NOTE: unlike the advisory states it is DSA_do_verify not DSA_verify
 	NOTE: low severity because it is believed hard to trigger and only
 	NOTE: affects DNSSEC with DSA, which is supposedly rarely used.
-CVE-2009-0024 (The sys_remap_file_pages function in mm/fremap.c in the Linux kernel ...)
+CVE-2009-0024
 	- linux-2.6 2.6.24-4
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.23)
 	NOTE: Fixed in 2.6.24 before initial upload
-CVE-2009-0023 (The apr_strmatch_precompile function in strmatch/apr_strmatch.c in ...)
+CVE-2009-0023
 	{DSA-1812-1}
 	- apr-util 1.3.7+dfsg-1
-CVE-2009-0022 (Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows ...)
+CVE-2009-0022
 	- samba 2:3.2.5-3
 	[etch] - samba <not-affected> (Only 3.2.x affected)
-CVE-2009-0021 (NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly ...)
+CVE-2009-0021
 	{DSA-1702-1}
 	- ntp 1:4.2.4p4+dfsg-8
-CVE-2009-0020 (Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and ...)
+CVE-2009-0020
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0019 (Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote ...)
+CVE-2009-0019
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0018 (The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 ...)
+CVE-2009-0018
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0017 (csregprinter in the Printing component in Apple Mac OS X 10.4.11 and ...)
+CVE-2009-0017
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0016 (Apple iTunes before 8.1 on Windows allows remote attackers to cause a ...)
+CVE-2009-0016
 	NOT-FOR-US: Apple iTunes
-CVE-2009-0015 (Unspecified vulnerability in fseventsd in the FSEvents framework in ...)
+CVE-2009-0015
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0014 (Folder Manager in Apple Mac OS X 10.5.6 uses insecure default ...)
+CVE-2009-0014
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0013 (dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that ...)
+CVE-2009-0013
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0012 (Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows ...)
+CVE-2009-0012
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0011 (Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to ...)
+CVE-2009-0011
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0010 (Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and ...)
+CVE-2009-0010
 	NOT-FOR-US: QuickDraw Manager in Apple Mac OS X
-CVE-2009-0009 (Unspecified vulnerability in the Pixlet codec in Apple Mac OS X ...)
+CVE-2009-0009
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0008 (Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component ...)
+CVE-2009-0008
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0007 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
+CVE-2009-0007
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0006 (Integer signedness error in Apple QuickTime before 7.6 allows remote ...)
+CVE-2009-0006
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0005 (Unspecified vulnerability in Apple QuickTime before 7.6 allows remote ...)
+CVE-2009-0005
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0004 (Buffer overflow in Apple QuickTime before 7.6 allows remote attackers ...)
+CVE-2009-0004
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0003 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
+CVE-2009-0003
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
+CVE-2009-0002
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
+CVE-2009-0001
 	NOT-FOR-US: Apple QuickTime
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index 73a1e69738..d9690a92e2 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -1,14 +1,14 @@
-CVE-2010-5329 (The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the ...)
+CVE-2010-5329
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: Fixed by: https://git.kernel.org/linus/fc0a80798576f80ca10b3f6c9c7097f12fd1d64e (v2.6.39-rc2)
-CVE-2010-5328 (include/linux/init_task.h in the Linux kernel before 2.6.35 does not ...)
+CVE-2010-5328
 	- linux <not-affected> (Fixed before the src:linux-2.6 -> src:linux rename)
 	- linux-2.6 2.6.37-1
-CVE-2010-5327 (Liferay Portal through 6.2.10 allows remote authenticated users to ...)
+CVE-2010-5327
 	NOT-FOR-US: Liferay Portal
-CVE-2010-5326 (The Invoker Servlet on SAP NetWeaver Application Server Java ...)
+CVE-2010-5326
 	NOT-FOR-US: SAP
-CVE-2010-5325 (Heap-based buffer overflow in the unhtmlify function in foomatic-rip ...)
+CVE-2010-5325
 	- foomatic-filters 4.0.5-6
 	- cups-filters <not-affected> (Vulnerable code not present)
 	NOTE: cups-filters 1.0.42 introduced foomatic-rip filter which already was fixed.
@@ -16,41 +16,41 @@ CVE-2010-5325 (Heap-based buffer overflow in the unhtmlify function in foomatic-
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1218297
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic/foomatic-filters/revision/239 (HEAD)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/revision/225 (4.0.x branch)
-CVE-2010-5324 (Directory traversal vulnerability in UploadServlet in the Remote ...)
+CVE-2010-5324
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2010-5323 (Directory traversal vulnerability in UploadServlet in the Remote ...)
+CVE-2010-5323
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2010-5322 (Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier ...)
+CVE-2010-5322
 	NOT-FOR-US: ZeusCart
 CVE-2010-XXXX [crash when parsing overly long links]
 	- lynx-cur 2.8.8dev.4-1
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/07/2
-CVE-2010-5321 (Memory leak in drivers/media/video/videobuf-core.c in the videobuf ...)
+CVE-2010-5321
 	- linux <unfixed> (unimportant; bug #827340)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Unclear, old report for Linux
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=620629#c0
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=120571
-CVE-2010-5320 (Multiple cross-site request forgery (CSRF) vulnerabilities in MemHT ...)
+CVE-2010-5320
 	NOT-FOR-US: MemHT Portal
-CVE-2010-5319 (Multiple cross-site request forgery (CSRF) vulnerabilities in Kandidat ...)
+CVE-2010-5319
 	NOT-FOR-US: Kandidat CMS
-CVE-2010-5318 (The password-reset feature in as/index.php in SweetRice CMS before ...)
+CVE-2010-5318
 	NOT-FOR-US: SweetRice CMS
-CVE-2010-5317 (Multiple SQL injection vulnerabilities in index.php in SweetRice CMS ...)
+CVE-2010-5317
 	NOT-FOR-US: SweetRice CMS
-CVE-2010-5316 (Cross-site scripting (XSS) vulnerability in as/index.php in SweetRice ...)
+CVE-2010-5316
 	NOT-FOR-US: SweetRice CMS
-CVE-2010-5315 (Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita ...)
+CVE-2010-5315
 	NOT-FOR-US: BEdita
-CVE-2010-5314 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-5314
 	NOT-FOR-US: BEdita
-CVE-2010-5313 (Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 ...)
+CVE-2010-5313
 	- linux 2.6.38-1
 	- linux-2.6 2.6.38-1
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fc3a9157d314 (v2.6.38-rc1)
-CVE-2010-5312 (Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the ...)
+CVE-2010-5312
 	{DSA-3249-1 DLA-258-1}
 	- jqueryui 1.10.1+dfsg-1
 	- owncloud <not-affected> (embedded copy, bug #722500, of version 1.10.1, already fixed)
@@ -62,359 +62,359 @@ CVE-2010-XXXX [insecure handling of /tmp files in debian/preinst]
 	- riece 8.0.0-1.3 (unimportant; bug #601325)
 	[squeeze] - riece <no-dsa> (Minor issue)
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2010-5310 (The Acquisition Workstation for the GE Healthcare Revolution XQ/i has ...)
+CVE-2010-5310
 	NOT-FOR-US: GE Healthcare Revolution XQ/i
-CVE-2010-5309 (GE Healthcare CADStream Server has a default password of confirma for ...)
+CVE-2010-5309
 	NOT-FOR-US: GE Healthcare CADStream Server
-CVE-2010-5308 (GE Healthcare Optima MR360 does not require authentication for the ...)
+CVE-2010-5308
 	NOT-FOR-US: GE Healthcare Optima MR360
-CVE-2010-5307 (The HIPAA configuration interface in GE Healthcare Optima MR360 has a ...)
+CVE-2010-5307
 	NOT-FOR-US: GE Healthcare Optima MR360
-CVE-2010-5306 (GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default ...)
+CVE-2010-5306
 	NOT-FOR-US: GE Healthcare Optima
 CVE-2010-5305
 	RESERVED
 CVE-2010-5304
 	RESERVED
 	NOT-FOR-US: RealVNC
-CVE-2010-5303 (Cross-site scripting (XSS) vulnerability in the displayError function ...)
+CVE-2010-5303
 	NOT-FOR-US: TimThumb
-CVE-2010-5302 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb ...)
+CVE-2010-5302
 	NOT-FOR-US: TimThumb
-CVE-2010-5301 (Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to ...)
+CVE-2010-5301
 	NOT-FOR-US: Kolibri
-CVE-2010-5300 (Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows ...)
+CVE-2010-5300
 	NOT-FOR-US: www.jzip.com
 	NOTE: This is the jzip Z-code interpreter in Debian.
-CVE-2010-5299 (Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote ...)
+CVE-2010-5299
 	NOT-FOR-US: MicroP
-CVE-2010-5298 (Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL ...)
+CVE-2010-5298
 	{DSA-2908-1}
 	- openssl 1.0.1g-3 (unimportant)
 	[squeeze] - openssl <not-affected> (Introduced in 1.0.0)
 	NOTE: Only exploitable with OPENSSL_NO_BUF_FREELIST enabled
-CVE-2010-5297 (WordPress before 3.0.1, when a Multisite installation is used, ...)
+CVE-2010-5297
 	- wordpress 3.0.1-1
-CVE-2010-5296 (wp-includes/capabilities.php in WordPress before 3.0.2, when a ...)
+CVE-2010-5296
 	- wordpress 3.0.2-1
-CVE-2010-5295 (Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in ...)
+CVE-2010-5295
 	- wordpress 3.0.2-1
-CVE-2010-5294 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2010-5294
 	- wordpress 3.0.2-1
-CVE-2010-5293 (wp-includes/comment.php in WordPress before 3.0.2 does not properly ...)
+CVE-2010-5293
 	- wordpress 3.0.2-1
-CVE-2010-5292 (Amberdms Billing System (ABS) before 1.4.1, when a multi-instance ...)
+CVE-2010-5292
 	NOT-FOR-US: Amberdms Billing System
-CVE-2010-5291 (Amberdms Billing System (ABS) before 1.4.1 does not properly implement ...)
+CVE-2010-5291
 	NOT-FOR-US: Amberdms Billing System
-CVE-2010-5289 (Buffer overflow in the Authenticate method in the ...)
+CVE-2010-5289
 	NOT-FOR-US: IncrediMail
-CVE-2010-5288 (Buffer overflow in the lsConnectionCached function in editcp in ...)
+CVE-2010-5288
 	NOT-FOR-US: EDItran Communications Platform
-CVE-2010-5290 (The authentication process in Adobe ColdFusion before 10 does not ...)
+CVE-2010-5290
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-5287 (SQL injection vulnerability in default.php in Cornerstone Technologies ...)
+CVE-2010-5287
 	NOT-FOR-US: Cornerstone Technologies webConductor
-CVE-2010-5286 (Directory traversal vulnerability in Jstore (com_jstore) component for ...)
+CVE-2010-5286
 	NOT-FOR-US: Joomla jstore
-CVE-2010-5285 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
+CVE-2010-5285
 	NOTE: Old report against collabtive, Poc has vanished and likely fixed in current release, see #695348
-CVE-2010-5284 (Multiple cross-site scripting (XSS) vulnerabilities in Collabtive ...)
+CVE-2010-5284
 	- collabtive 0.7.6-1 (bug #695348)
 	NOTE: Might be fixed earlier, but 0.7.6 was tested
-CVE-2010-5283 (Cross-site request forgery (CSRF) vulnerability in OpenText ECM ...)
+CVE-2010-5283
 	NOT-FOR-US: OpenText ECM
-CVE-2010-5282 (Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM ...)
+CVE-2010-5282
 	NOT-FOR-US: OpenText ECM
-CVE-2010-5281 (Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 ...)
+CVE-2010-5281
 	NOT-FOR-US: CMScout IBrowser TinyMCE Plugin
-CVE-2010-5280 (Directory traversal vulnerability in the Community Builder Enhanced ...)
+CVE-2010-5280
 	NOT-FOR-US: CBE for Joomla
-CVE-2010-5279 (article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers ...)
+CVE-2010-5279
 	NOT-FOR-US: VWar
-CVE-2010-5278 (Directory traversal vulnerability in ...)
+CVE-2010-5278
 	NOT-FOR-US: MODx Revolution
-CVE-2010-5277 (Unspecified vulnerability in the Views Bulk Operations module 6 before ...)
+CVE-2010-5277
 	NOT-FOR-US: Drupal Views Bulk Operations
-CVE-2010-5276 (The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for ...)
+CVE-2010-5276
 	NOT-FOR-US: Drupal Memcache
-CVE-2010-5275 (Cross-site scripting (XSS) vulnerability in memcache_admin in the ...)
+CVE-2010-5275
 	NOT-FOR-US: Drupal Memcache
-CVE-2010-5274 (Untrusted search path vulnerability in PKZIP before 12.50.0014 allows ...)
+CVE-2010-5274
 	NOT-FOR-US: PKZIP
-CVE-2010-5273 (Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise ...)
+CVE-2010-5273
 	NOT-FOR-US: Altova DiffDog 2011 Enterprise
-CVE-2010-5272 (Untrusted search path vulnerability in Altova DatabaseSpy 2011 ...)
+CVE-2010-5272
 	NOT-FOR-US: Altova DatabaseSpy 2011
-CVE-2010-5271 (Untrusted search path vulnerability in Altova MapForce 2011 Enterprise ...)
+CVE-2010-5271
 	NOT-FOR-US: Altova MapForce 2011
-CVE-2010-5270 (Multiple untrusted search path vulnerabilities in Adobe Device Central ...)
+CVE-2010-5270
 	NOT-FOR-US: Adobe Device Central
-CVE-2010-5269 (Untrusted search path vulnerability in tbb.dll in Intel Threading ...)
+CVE-2010-5269
 	NOT-FOR-US: Intel Threading Building Blocks
-CVE-2010-5268 (Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 ...)
+CVE-2010-5268
 	NOT-FOR-US: Amazon Kindle for PC
-CVE-2010-5267 (Untrusted search path vulnerability in MunSoft Easy Office Recovery ...)
+CVE-2010-5267
 	NOT-FOR-US: MunSoft Easy Office Recovery
-CVE-2010-5266 (Untrusted search path vulnerability in VideoCharge Studio 2.9.0.632 ...)
+CVE-2010-5266
 	NOT-FOR-US: VideoCharge Studio
-CVE-2010-5265 (Untrusted search path vulnerability in SmartSniff 1.71 allows local ...)
+CVE-2010-5265
 	NOT-FOR-US: SmartSniff
-CVE-2010-5264 (Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ...)
+CVE-2010-5264
 	NOT-FOR-US: Prof-UIS
-CVE-2010-5263 (Untrusted search path vulnerability in Sothink SWF Decompiler 6.0 ...)
+CVE-2010-5263
 	NOT-FOR-US: Sothink SWF Decompiler
-CVE-2010-5262 (Multiple untrusted search path vulnerabilities in libmcl-5.4.0.dll in ...)
+CVE-2010-5262
 	NOT-FOR-US: Gromada Multimedia Conversion Library
-CVE-2010-5261 (Untrusted search path vulnerability in SnowFox Total Video Converter ...)
+CVE-2010-5261
 	NOT-FOR-US: SnowFox Total Video Converter
-CVE-2010-5260 (Untrusted search path vulnerability in Agrin All DVD Ripper 4.0 allows ...)
+CVE-2010-5260
 	NOT-FOR-US: Agrin All DVD Ripper
-CVE-2010-5259 (Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow ...)
+CVE-2010-5259
 	NOT-FOR-US: IsoBuster
-CVE-2010-5258 (Untrusted search path vulnerability in Adobe Audition 3.0 build 7283.0 ...)
+CVE-2010-5258
 	NOT-FOR-US: Adobe Audition
-CVE-2010-5257 (Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 ...)
+CVE-2010-5257
 	NOT-FOR-US: ArchiCAD
-CVE-2010-5256 (Untrusted search path vulnerability in CDisplay 1.8.1 allows local ...)
+CVE-2010-5256
 	NOT-FOR-US: CDisplay
-CVE-2010-5255 (Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows ...)
+CVE-2010-5255
 	NOT-FOR-US: UltraISO
-CVE-2010-5254 (Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 ...)
+CVE-2010-5254
 	NOT-FOR-US: GFI Backup
-CVE-2010-5253 (Untrusted search path vulnerability in WinImage 8.50 allows local ...)
+CVE-2010-5253
 	NOT-FOR-US: WinImage
-CVE-2010-5252 (Untrusted search path vulnerability in HTTrack 3.43-9 allows local ...)
+CVE-2010-5252
 	- httrack <not-affected> (Only affects Windows)
-CVE-2010-5251 (Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 ...)
+CVE-2010-5251
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2010-5250 (Untrusted search path vulnerability in the ...)
+CVE-2010-5250
 	NOT-FOR-US: Pthreads-win32
-CVE-2010-5249 (Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 ...)
+CVE-2010-5249
 	NOT-FOR-US: Sophos Free Encryption
-CVE-2010-5248 (Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local ...)
+CVE-2010-5248
 	NOT-FOR-US: UltraVNC
-CVE-2010-5247 (Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 ...)
+CVE-2010-5247
 	NOT-FOR-US: QtWeb Browser
-CVE-2010-5246 (Multiple untrusted search path vulnerabilities in Maxthon Browser ...)
+CVE-2010-5246
 	NOT-FOR-US: Maxthon Browser
-CVE-2010-5245 (Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build ...)
+CVE-2010-5245
 	NOT-FOR-US: PDF-XChange Viewer
-CVE-2010-5244 (Untrusted search path vulnerability in SiSoftware Sandra 2010 Lite ...)
+CVE-2010-5244
 	NOT-FOR-US: SiSoftware Sandra
-CVE-2010-5243 (Multiple untrusted search path vulnerabilities in Cyberlink Power2Go ...)
+CVE-2010-5243
 	NOT-FOR-US: Cyberlink Power2Go
-CVE-2010-5242 (Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 ...)
+CVE-2010-5242
 	NOT-FOR-US: Sound Forge Pro
-CVE-2010-5241 (Multiple untrusted search path vulnerabilities in Autodesk AutoCAD ...)
+CVE-2010-5241
 	NOT-FOR-US: Autodesk AutoCAD
-CVE-2010-5240 (Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT ...)
+CVE-2010-5240
 	NOT-FOR-US: Corel PHOTO-PAINT and CorelDRAW
-CVE-2010-5239 (Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 ...)
+CVE-2010-5239
 	NOT-FOR-US: DAEMON Tools Lite and Pro Standard
-CVE-2010-5238 (Untrusted search path vulnerability in CyberLink PowerDirector ...)
+CVE-2010-5238
 	NOT-FOR-US: CyberLink PowerDirector
-CVE-2010-5237 (Untrusted search path vulnerability in CyberLink PowerDirector 7 ...)
+CVE-2010-5237
 	NOT-FOR-US: CyberLink PowerDirector
-CVE-2010-5236 (Untrusted search path vulnerability in Roxio Easy Media Creator Home ...)
+CVE-2010-5236
 	NOT-FOR-US: Roxio Easy Media Creator Home
-CVE-2010-5235 (Untrusted search path vulnerability in IZArc Archiver 4.1.2 allows ...)
+CVE-2010-5235
 	NOT-FOR-US: IZArc Archiver
-CVE-2010-5234 (Multiple untrusted search path vulnerabilities in Camtasia Studio ...)
+CVE-2010-5234
 	NOT-FOR-US: Camtasia Studio
-CVE-2010-5233 (Untrusted search path vulnerability in Virtual DJ 6.1.2 Trial b301 ...)
+CVE-2010-5233
 	NOT-FOR-US: Virtual DJ
-CVE-2010-5232 (Untrusted search path vulnerability in DivX Plus Player 8.1.0 allows ...)
+CVE-2010-5232
 	NOT-FOR-US: DivX Plus Player
-CVE-2010-5231 (Untrusted search path vulnerability in DivX Player 7.2.019 allows ...)
+CVE-2010-5231
 	NOT-FOR-US: DivX Player
-CVE-2010-5230 (Multiple untrusted search path vulnerabilities in MicroStation 7.1 ...)
+CVE-2010-5230
 	NOT-FOR-US: MicroStation
-CVE-2010-5229 (Untrusted search path vulnerability in 010 Editor before 3.1.3 allows ...)
+CVE-2010-5229
 	NOT-FOR-US: 010 Editor
-CVE-2010-5228 (Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 ...)
+CVE-2010-5228
 	NOT-FOR-US: RealPlayer SP
-CVE-2010-5227 (Untrusted search path vulnerability in Opera before 10.62 allows local ...)
+CVE-2010-5227
 	NOT-FOR-US: Opera
-CVE-2010-5226 (Multiple untrusted search path vulnerabilities in Autodesk Design ...)
+CVE-2010-5226
 	NOT-FOR-US: Autodesk Design Review
-CVE-2010-5225 (Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local ...)
+CVE-2010-5225
 	NOT-FOR-US: Babylon 8.1.0
-CVE-2010-5224 (Untrusted search path vulnerability in Cool iPhone Ringtone Maker ...)
+CVE-2010-5224
 	NOT-FOR-US: Cool iPhone Ringtone Maker
-CVE-2010-5223 (Multiple untrusted search path vulnerabilities in Phoenix Project ...)
+CVE-2010-5223
 	NOT-FOR-US: Phoenix Project Manager
-CVE-2010-5222 (Untrusted search path vulnerability in Ease Jukebox 1.40 allows local ...)
+CVE-2010-5222
 	NOT-FOR-US: Ease Jukebox
-CVE-2010-5221 (Untrusted search path vulnerability in STDU Explorer 1.0.201 allows ...)
+CVE-2010-5221
 	NOT-FOR-US: STDU Explorer
-CVE-2010-5220 (Untrusted search path vulnerability in MEO Encryption Software 2.02 ...)
+CVE-2010-5220
 	NOT-FOR-US: MEO Encryption Software
-CVE-2010-5219 (Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows ...)
+CVE-2010-5219
 	NOT-FOR-US: SmartFTP
-CVE-2010-5218 (Untrusted search path vulnerability in Dupehunter 9.0.0.3911 allows ...)
+CVE-2010-5218
 	NOT-FOR-US: Dupehunter
-CVE-2010-5217 (Multiple untrusted search path vulnerabilities in TuneUp Utilities ...)
+CVE-2010-5217
 	NOT-FOR-US: TuneUp Utilities
-CVE-2010-5216 (Untrusted search path vulnerability in LINGO 11.0.1.6 and 12.0.2.20 ...)
+CVE-2010-5216
 	NOT-FOR-US: LINGO
-CVE-2010-5215 (Multiple untrusted search path vulnerabilities in SWiSH Max3 3.0 ...)
+CVE-2010-5215
 	NOT-FOR-US: SWiSH Max3
-CVE-2010-5214 (Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 ...)
+CVE-2010-5214
 	NOT-FOR-US: Fotobook Editor
-CVE-2010-5213 (Untrusted search path vulnerability in Adobe LiveCycle Designer ...)
+CVE-2010-5213
 	NOT-FOR-US: Adobe LiveCycle Designer
-CVE-2010-5212 (Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 ...)
+CVE-2010-5212
 	NOT-FOR-US: Adobe LiveCycle Designer ES2
-CVE-2010-5211 (Untrusted search path vulnerability in ALSee 6.20.0.1 allows local ...)
+CVE-2010-5211
 	NOT-FOR-US: ALSee
-CVE-2010-5210 (Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows ...)
+CVE-2010-5210
 	NOT-FOR-US: Sorax Reader
-CVE-2010-5209 (Multiple untrusted search path vulnerabilities in Nuance PDF Reader ...)
+CVE-2010-5209
 	NOT-FOR-US: Nuance PDF Reader
-CVE-2010-5208 (Multiple untrusted search path vulnerabilities in the (1) ...)
+CVE-2010-5208
 	NOT-FOR-US: Kingsoft Office
-CVE-2010-5207 (Multiple untrusted search path vulnerabilities in CelFrame Office 2008 ...)
+CVE-2010-5207
 	NOT-FOR-US: CelFrame Office
-CVE-2010-5206 (Multiple untrusted search path vulnerabilities in e-press ONE Office ...)
+CVE-2010-5206
 	NOT-FOR-US: ONE Office
-CVE-2010-5205 (Multiple untrusted search path vulnerabilities in e-press ONE Office ...)
+CVE-2010-5205
 	NOT-FOR-US: ONE Office
-CVE-2010-5204 (Multiple untrusted search path vulnerabilities in IBM Lotus Symphony ...)
+CVE-2010-5204
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2010-5203 (Multiple untrusted search path vulnerabilities in NCP Secure ...)
+CVE-2010-5203
 	NOT-FOR-US: NCP Secure Enterprise
-CVE-2010-5202 (Untrusted search path vulnerability in JetAudio 8.0.7.1000 Basic ...)
+CVE-2010-5202
 	NOT-FOR-US: JetAudio
-CVE-2010-5201 (Untrusted search path vulnerability in MAGIX Samplitude Producer 11 ...)
+CVE-2010-5201
 	NOT-FOR-US: MAGIX Samplitude Producer
-CVE-2010-5200 (Untrusted search path vulnerability in KeePass Password Safe before ...)
+CVE-2010-5200
 	NOT-FOR-US: KeePass 1 (a Windows only program) is not in Debian, only KeePass 2 (multi-OS version of KeePass) and KeePassX (port/rewrite of KeePass)
-CVE-2010-5199 (Untrusted search path vulnerability in PhotoImpact X3 13.00.0000.0 ...)
+CVE-2010-5199
 	NOT-FOR-US: PhotoImpact
-CVE-2010-5198 (Multiple untrusted search path vulnerabilities in Intuit QuickBooks ...)
+CVE-2010-5198
 	NOT-FOR-US: Intuit QuickBooks
-CVE-2010-5197 (Untrusted search path vulnerability in Pixia 4.70j allows local users ...)
+CVE-2010-5197
 	NOT-FOR-US: Pixia 4.70j
-CVE-2010-5196 (Untrusted search path vulnerability in KeePass Password Safe before ...)
+CVE-2010-5196
 	- keepass2 <not-affected> (only affects Windows)
-CVE-2010-5195 (Untrusted search path vulnerability in Roxio MyDVD 9 allows local ...)
+CVE-2010-5195
 	NOT-FOR-US: Roxio MyDVD 9
-CVE-2010-5194 (Stack-based buffer overflow in the Image2PDF function in the ...)
+CVE-2010-5194
 	NOT-FOR-US: Viscom Image Viewer CP Pro
-CVE-2010-5193 (Stack-based buffer overflow in the TIFMergeMultiFiles function in the ...)
+CVE-2010-5193
 	NOT-FOR-US: Viscom Image Viewer CP Pro
-CVE-2010-5192 (Cross-site scripting (XSS) vulnerability in the Java Management ...)
+CVE-2010-5192
 	NOT-FOR-US: Blue Coat
-CVE-2010-5191 (Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue ...)
+CVE-2010-5191
 	NOT-FOR-US: Blue Coat
-CVE-2010-5190 (The Active Content Transformation functionality in Blue Coat ProxySG ...)
+CVE-2010-5190
 	NOT-FOR-US: Blue Coat
-CVE-2010-5189 (Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 ...)
+CVE-2010-5189
 	NOT-FOR-US: Blue Coat
-CVE-2010-5188 (SilverStripe 2.3.x before 2.3.6 allows remote attackers to obtain ...)
+CVE-2010-5188
 	- silverstripe <itp> (bug #528461)
-CVE-2010-5187 (SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1, when running ...)
+CVE-2010-5187
 	- silverstripe <itp> (bug #528461)
-CVE-2010-5186 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2010-5186
 	NOT-FOR-US: Comodo Internet Security
-CVE-2010-5185 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2010-5185
 	NOT-FOR-US: Comodo Internet Security
-CVE-2010-5184 (** DISPUTED ** Race condition in ZoneAlarm Extreme Security ...)
+CVE-2010-5184
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5183 (** DISPUTED ** Race condition in Webroot Internet Security Essentials ...)
+CVE-2010-5183
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5182 (** DISPUTED ** Race condition in VirusBuster Internet Security Suite ...)
+CVE-2010-5182
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5181 (** DISPUTED ** Race condition in VIPRE Antivirus Premium 4.0.3272 on ...)
+CVE-2010-5181
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5180 (** DISPUTED ** Race condition in VBA32 Personal 3.12.12.4 on Windows ...)
+CVE-2010-5180
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5179 (** DISPUTED ** Race condition in Trend Micro Internet Security Pro ...)
+CVE-2010-5179
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5178 (** DISPUTED ** Race condition in ThreatFire 4.7.0.17 on Windows XP ...)
+CVE-2010-5178
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5177 (** DISPUTED ** Race condition in Sophos Endpoint Security and Control ...)
+CVE-2010-5177
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5176 (** DISPUTED ** Race condition in Security Shield 2010 13.0.16.313 on ...)
+CVE-2010-5176
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5175 (** DISPUTED ** Race condition in PrivateFirewall 7.0.20.37 on Windows ...)
+CVE-2010-5175
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5174 (** DISPUTED ** Race condition in Prevx 3.0.5.143 on Windows XP allows ...)
+CVE-2010-5174
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5173 (** DISPUTED ** Race condition in PC Tools Firewall Plus 6.0.0.88 on ...)
+CVE-2010-5173
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5172 (** DISPUTED ** Race condition in Panda Internet Security 2010 15.01.00 ...)
+CVE-2010-5172
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5171 (** DISPUTED ** Race condition in Outpost Security Suite Pro ...)
+CVE-2010-5171
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5170 (** DISPUTED ** Race condition in Online Solutions Security Suite ...)
+CVE-2010-5170
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5169 (** DISPUTED ** Race condition in Online Armor Premium 4.0.0.35 on ...)
+CVE-2010-5169
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5168 (** DISPUTED ** Race condition in Symantec Norton Internet Security ...)
+CVE-2010-5168
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5167 (** DISPUTED ** Race condition in Norman Security Suite PRO 8.0 on ...)
+CVE-2010-5167
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5166 (** DISPUTED ** Race condition in McAfee Total Protection 2010 10.0.580 ...)
+CVE-2010-5166
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5165 (** DISPUTED ** Race condition in Malware Defender 2.6.0 on Windows XP ...)
+CVE-2010-5165
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5164 (** DISPUTED ** Race condition in KingSoft Personal Firewall 9 Plus ...)
+CVE-2010-5164
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5163 (** DISPUTED ** Race condition in Kaspersky Internet Security 2010 ...)
+CVE-2010-5163
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5162 (** DISPUTED ** Race condition in G DATA TotalCare 2010 on Windows XP ...)
+CVE-2010-5162
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5161 (** DISPUTED ** Race condition in F-Secure Internet Security 2010 10.00 ...)
+CVE-2010-5161
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5160 (** DISPUTED ** Race condition in ESET Smart Security 4.2.35.3 on ...)
+CVE-2010-5160
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5159 (** DISPUTED ** Race condition in Dr.Web Security Space Pro 6.0.0.03100 ...)
+CVE-2010-5159
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5158 (** DISPUTED ** Race condition in DefenseWall Personal Firewall 3.00 on ...)
+CVE-2010-5158
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5157 (Race condition in Comodo Internet Security before 4.1.149672.916 on ...)
+CVE-2010-5157
 	NOT-FOR-US: Comodo Internet Security
-CVE-2010-5156 (** DISPUTED ** Race condition in CA Internet Security Suite Plus 2010 ...)
+CVE-2010-5156
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5155 (** DISPUTED ** Race condition in Blink Professional 4.6.1 on Windows ...)
+CVE-2010-5155
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5154 (** DISPUTED ** Race condition in BitDefender Total Security 2010 ...)
+CVE-2010-5154
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5153 (** DISPUTED ** Race condition in Avira Premium Security Suite ...)
+CVE-2010-5153
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5152 (** DISPUTED ** Race condition in AVG Internet Security 9.0.791 on ...)
+CVE-2010-5152
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5151 (** DISPUTED ** Race condition in avast! Internet Security 5.0.462 on ...)
+CVE-2010-5151
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5150 (** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 ...)
+CVE-2010-5150
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5149 (Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x ...)
+CVE-2010-5149
 	NOT-FOR-US: Websense
-CVE-2010-5148 (Websense Web Security and Web Filter before 7.1 Hotfix 21 do not set ...)
+CVE-2010-5148
 	NOT-FOR-US: Websense
-CVE-2010-5147 (The Remote Filtering component in Websense Web Security and Web Filter ...)
+CVE-2010-5147
 	NOT-FOR-US: Websense
-CVE-2010-5146 (The Remote Filtering component in Websense Web Security and Web Filter ...)
+CVE-2010-5146
 	NOT-FOR-US: Websense
-CVE-2010-5145 (The Filtering Service in Websense Web Security and Web Filter before ...)
+CVE-2010-5145
 	NOT-FOR-US: Websense
-CVE-2010-5144 (The ISAPI Filter plug-in in Websense Enterprise, Websense Web ...)
+CVE-2010-5144
 	NOT-FOR-US: Websense
-CVE-2010-5143 (McAfee VirusScan Enterprise before 8.8 allows local users to disable ...)
+CVE-2010-5143
 	NOT-FOR-US: McAfee
-CVE-2010-5142 (chef-server-api/app/controllers/users.rb in the API in Chef before ...)
+CVE-2010-5142
 	- chef 0.10.10-1
-CVE-2010-5141 (wxBitcoin and bitcoind before 0.3.5 do not properly handle script ...)
+CVE-2010-5141
 	- bitcoin <not-affected> (Fixed before initial release)
-CVE-2010-5140 (wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins ...)
+CVE-2010-5140
 	- bitcoin <not-affected> (Fixed before initial release)
-CVE-2010-5139 (Integer overflow in wxBitcoin and bitcoind before 0.3.11 allows remote ...)
+CVE-2010-5139
 	- bitcoin <not-affected> (Fixed before initial release)
-CVE-2010-5138 (wxBitcoin and bitcoind 0.3.x allow remote attackers to cause a denial ...)
+CVE-2010-5138
 	- bitcoin 0.4.0-1
-CVE-2010-5137 (wxBitcoin and bitcoind before 0.3.5 allow remote attackers to cause a ...)
+CVE-2010-5137
 	- bitcoin <not-affected> (Fixed before initial release)
 CVE-2010-5136
 	REJECTED
@@ -466,18 +466,18 @@ CVE-2010-5113
 	RESERVED
 CVE-2010-5112
 	RESERVED
-CVE-2010-5111 (Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote ...)
+CVE-2010-5111
 	- echoping 6.0.2-4 (low; bug #606808)
 	[squeeze] - echoping <no-dsa> (Minor issue)
 	NOTE: Upstream fix http://sourceforge.net/p/echoping/bugs/55/
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=349569
 	NOTE: http://xforce.iss.net/xforce/xfdb/64141
 	NOTE: http://secunia.com/advisories/42619/
-CVE-2010-5110 (DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause ...)
+CVE-2010-5110
 	{DLA-24-1}
 	- poppler 0.16.3-1 (bug #722705)
 	[squeeze] - poppler 0.12.4-1.2+squeeze4
-CVE-2010-5109 (Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's ...)
+CVE-2010-5109
 	- libytnef 1.5-5 (low; bug #705468)
 	[squeeze] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
@@ -490,614 +490,614 @@ CVE-2010-5109 (Off-by-one error in the DecompressRTF function in ytnef.c in Yera
 CVE-2010-5108 [Trac Ticket Modification Workflow Permission Restriction Bypass]
 	RESERVED
 	- trac 0.11.7-1 (bug #573260)
-CVE-2010-5107 (The default configuration of OpenSSH through 6.1 enforces a fixed time ...)
+CVE-2010-5107
 	- openssh 1:6.0p1-4 (low; bug #700102)
 	[squeeze] - openssh 1:5.5p1-6+squeeze3
-CVE-2010-5106 (The XML-RPC remote publishing interface in xmlrpc.php in WordPress ...)
+CVE-2010-5106
 	- wordpress 3.0.3-1
-CVE-2010-5105 (The undo save quit routine in the kernel in Blender 2.5, 2.63a, and ...)
+CVE-2010-5105
 	- blender <unfixed> (unimportant; bug #584621)
 	[squeeze] - blender <no-dsa> (Minor issue)
 	[wheezy] - blender <no-dsa> (Minor issue)
 	NOTE: Neutralised by kernel temp hardening
-CVE-2010-5104 (The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before ...)
+CVE-2010-5104
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5103 (SQL injection vulnerability in the list module in TYPO3 4.2.x before ...)
+CVE-2010-5103
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5102 (Directory traversal vulnerability in mod/tools/em/class.em_unzip.php ...)
+CVE-2010-5102
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5101 (Directory traversal vulnerability in the TypoScript setup in TYPO3 ...)
+CVE-2010-5101
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5100 (Multiple cross-site scripting (XSS) vulnerabilities in the Install ...)
+CVE-2010-5100
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5099 (The fileDenyPattern functionality in the PHP file inclusion protection ...)
+CVE-2010-5099
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5098 (Cross-site scripting (XSS) vulnerability in the FORM content object in ...)
+CVE-2010-5098
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5097 (Cross-site scripting (XSS) vulnerability in the click enlarge ...)
+CVE-2010-5097
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5096 (** DISPUTED ** ...)
+CVE-2010-5096
 	NOT-FOR-US: MyBB
-CVE-2010-5095 (Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before ...)
+CVE-2010-5095
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5094 (The deleteinstallfiles function in control/ContentController.php in ...)
+CVE-2010-5094
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5093 (Member_ProfileForm in security/Member.php in SilverStripe 2.3.x before ...)
+CVE-2010-5093
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5092 (The Add Member dialog in the Security admin page in SilverStripe 2.4.0 ...)
+CVE-2010-5092
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5091 (The setName function in filesystem/File.php in SilverStripe 2.3.x ...)
+CVE-2010-5091
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5090 (SilverStripe before 2.4.2 allows remote authenticated users to change ...)
+CVE-2010-5090
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5089 (SilverStripe before 2.4.2 does not properly restrict access to pages ...)
+CVE-2010-5089
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5088 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2010-5088
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5087 (SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 allows remote ...)
+CVE-2010-5087
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5086 (Directory traversal vulnerability in wiki/rankings.php in Bitweaver ...)
+CVE-2010-5086
 	NOT-FOR-US: Bitweaver
-CVE-2010-5085 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2010-5085
 	NOT-FOR-US: Hulihan Amethyst
-CVE-2010-5084 (The cross-site request forgery (CSRF) protection mechanism in e107 ...)
+CVE-2010-5084
 	NOT-FOR-US: e107
-CVE-2010-5083 (SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 ...)
+CVE-2010-5083
 	NOT-FOR-US: PHP-Nuke
-CVE-2010-5082 (Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in ...)
+CVE-2010-5082
 	NOT-FOR-US: Windows Server
-CVE-2010-5081 (Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 ...)
+CVE-2010-5081
 	NOT-FOR-US: Mini-Stream RM-MP3 Converter
-CVE-2010-5080 (The Security/changepassword URL action in SilverStripe 2.3.x before ...)
+CVE-2010-5080
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5079 (SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak ...)
+CVE-2010-5079
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5078 (SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 stores ...)
+CVE-2010-5078
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5077 (server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, ...)
+CVE-2010-5077
 	{DSA-2442-1}
 	- openarena 0.8.5-6 (medium; bug #665656)
 	- ioquake3 <not-affected> (fixed before upload)
 	- tremulous 1.1.0-8 (bug #665842)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2010-5076 (QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in ...)
+CVE-2010-5076
 	- qt4-x11 4:4.6.3-1
 	NOTE: Might be fixed earlier, but Squeeze version has been validated to be fixed
-CVE-2010-5075 (Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security ...)
+CVE-2010-5075
 	NOT-FOR-US: Avast! Internet Security
-CVE-2010-5074 (The layout engine in Mozilla Firefox before 4.0, Thunderbird before ...)
+CVE-2010-5074
 	- iceweasel 4.0-1 (unimportant)
-CVE-2010-5073 (The JavaScript implementation in Google Chrome 4 does not properly ...)
+CVE-2010-5073
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2010-5072 (The JavaScript implementation in Opera 10.5 does not properly restrict ...)
+CVE-2010-5072
 	NOT-FOR-US: Opera
-CVE-2010-5071 (The JavaScript implementation in Microsoft Internet Explorer 8.0 and ...)
+CVE-2010-5071
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-5070 (The JavaScript implementation in Apple Safari 4 does not properly ...)
+CVE-2010-5070
 	NOT-FOR-US: Safari
-CVE-2010-5069 (The Cascading Style Sheets (CSS) implementation in Google Chrome 4 ...)
+CVE-2010-5069
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2010-5068 (The Cascading Style Sheets (CSS) implementation in Opera 10.5 does not ...)
+CVE-2010-5068
 	NOT-FOR-US: Opera
-CVE-2010-5067 (Virtual War (aka VWar) 1.6.1 R2 uses static session cookies that ...)
+CVE-2010-5067
 	NOT-FOR-US: Virtual War
-CVE-2010-5066 (The createRandomPassword function in includes/functions_common.php in ...)
+CVE-2010-5066
 	NOT-FOR-US: Virtual War
-CVE-2010-5065 (popup.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers ...)
+CVE-2010-5065
 	NOT-FOR-US: Virtual War
-CVE-2010-5064 (Multiple cross-site scripting (XSS) vulnerabilities in Virtual War ...)
+CVE-2010-5064
 	NOT-FOR-US: Virtual War
-CVE-2010-5063 (SQL injection vulnerability in article.php in Virtual War (aka VWar) ...)
+CVE-2010-5063
 	NOT-FOR-US: Virtual War
-CVE-2010-5062 (SQL injection vulnerability in search.php in MH Products ...)
+CVE-2010-5062
 	NOT-FOR-US: MH Products kleinanzeigenmarkt
-CVE-2010-5061 (SQL injection vulnerability in index.php in RSStatic allows remote ...)
+CVE-2010-5061
 	NOT-FOR-US: RSStatic
-CVE-2010-5060 (SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows ...)
+CVE-2010-5060
 	NOT-FOR-US: NUs Newssystem
-CVE-2010-5059 (SQL injection vulnerability in index.php in CMScout 2.0.8 allows ...)
+CVE-2010-5059
 	NOT-FOR-US: CMScout
-CVE-2010-5058 (SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 ...)
+CVE-2010-5058
 	NOT-FOR-US: CMS Ariadna
-CVE-2010-5057 (SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 ...)
+CVE-2010-5057
 	NOT-FOR-US: CMS Ariadna
-CVE-2010-5056 (SQL injection vulnerability in the GBU Facebook (com_gbufacebook) ...)
+CVE-2010-5056
 	NOT-FOR-US: GBU Facebook
-CVE-2010-5055 (SQL injection vulnerability in index.php in Almnzm 2.1 allows remote ...)
+CVE-2010-5055
 	NOT-FOR-US: Almnzm
-CVE-2010-5054 (Cross-site scripting (XSS) vulnerability in Special:Login in JAMWiki ...)
+CVE-2010-5054
 	NOT-FOR-US: JAMWiki
-CVE-2010-5053 (SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 ...)
+CVE-2010-5053
 	NOT-FOR-US: Joomla extension
-CVE-2010-5052 (Cross-site scripting (XSS) vulnerability in admin/components.php in ...)
+CVE-2010-5052
 	NOT-FOR-US: GetSimple CMS
-CVE-2010-5051 (Cross-site scripting (XSS) vulnerability in admin/core/admin_func.php ...)
+CVE-2010-5051
 	NOT-FOR-US: razorCMS
-CVE-2010-5050 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-5050
 	NOT-FOR-US: ManageEngine ADManager Plus
-CVE-2010-5049 (SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier ...)
+CVE-2010-5049
 	- zabbix  1:1.8.2-1
-CVE-2010-5048 (Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the ...)
+CVE-2010-5048
 	NOT-FOR-US: Joomla extension
-CVE-2010-5047 (SQL injection vulnerability in page.php in V-EVA Press Release Script ...)
+CVE-2010-5047
 	NOT-FOR-US: V-EVA Press Release Script
-CVE-2010-5046 (Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows ...)
+CVE-2010-5046
 	NOT-FOR-US: ecoCMS
-CVE-2010-5045 (Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ...)
+CVE-2010-5045
 	NOT-FOR-US: Smart ASP Survey
-CVE-2010-5044 (SQL injection vulnerability in models/log.php in the Search Log ...)
+CVE-2010-5044
 	NOT-FOR-US: Search log Joomla addon
-CVE-2010-5043 (SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) ...)
+CVE-2010-5043
 	NOT-FOR-US: Joomla extension
-CVE-2010-5042 (Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery ...)
+CVE-2010-5042
 	NOT-FOR-US: Joomla extension
-CVE-2010-5041 (SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 ...)
+CVE-2010-5041
 	NOT-FOR-US: Nucleus CMS extension
-CVE-2010-5040 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-5040
 	NOT-FOR-US: Nucleus CMS extension
-CVE-2010-5039 (SQL injection vulnerability in control/admin_login.php in ScriptsFeed ...)
+CVE-2010-5039
 	NOT-FOR-US: ScriptsFeed Recipes Listing Portal
-CVE-2010-5038 (PHP remote file inclusion vulnerability in contact/contact.php in ...)
+CVE-2010-5038
 	NOT-FOR-US: Groone's Simple Contact Form
-CVE-2010-5037 (SQL injection vulnerability in article.php in SenseSites CommonSense ...)
+CVE-2010-5037
 	NOT-FOR-US: SenseSites CommonSense CMS
-CVE-2010-5036 (SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 ...)
+CVE-2010-5036
 	NOT-FOR-US: iScripts eSwap
-CVE-2010-5035 (Cross-site scripting (XSS) vulnerability in search.php in iScripts ...)
+CVE-2010-5035
 	NOT-FOR-US: iScripts eSwap
-CVE-2010-5034 (SQL injection vulnerability in viewhistorydetail.php in iScripts ...)
+CVE-2010-5034
 	NOT-FOR-US: iScripts EasyBiller
-CVE-2010-5033 (SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows ...)
+CVE-2010-5033
 	NOT-FOR-US: Fusebox
-CVE-2010-5032 (SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component ...)
+CVE-2010-5032
 	NOT-FOR-US: Joomla extension
-CVE-2010-5031 (Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 ...)
+CVE-2010-5031
 	NOT-FOR-US: fileNice
-CVE-2010-5030 (Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS ...)
+CVE-2010-5030
 	NOT-FOR-US: Ecomat CMS
-CVE-2010-5029 (SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows ...)
+CVE-2010-5029
 	NOT-FOR-US: Ecomat CMS
-CVE-2010-5028 (SQL injection vulnerability in the JExtensions JE Job (com_jejob) ...)
+CVE-2010-5028
 	NOT-FOR-US: Joomla extension
-CVE-2010-5027 (Cross-site scripting (XSS) vulnerability in winners.php in Science ...)
+CVE-2010-5027
 	NOT-FOR-US: Science Fair In A Box (SFIAB)
-CVE-2010-5026 (SQL injection vulnerability in winners.php in Science Fair In A Box ...)
+CVE-2010-5026
 	NOT-FOR-US: Science Fair In A Box (SFIAB)
-CVE-2010-5025 (Cross-site scripting (XSS) vulnerability in manage/main.php in ...)
+CVE-2010-5025
 	NOT-FOR-US: CuteSITE CMS
-CVE-2010-5024 (SQL injection vulnerability in manage/add_user.php in CuteSITE CMS ...)
+CVE-2010-5024
 	NOT-FOR-US: CuteSITE CMS
-CVE-2010-5023 (SQL injection vulnerability in index.asp in Digital Interchange ...)
+CVE-2010-5023
 	NOT-FOR-US: Digital Interchange Calendar
-CVE-2010-5022 (SQL injection vulnerability in the JExtensions JE Story Submit ...)
+CVE-2010-5022
 	NOT-FOR-US: Joomla extension
-CVE-2010-5021 (SQL injection vulnerability in view_group.asp in Digital Interchange ...)
+CVE-2010-5021
 	NOT-FOR-US: Digital Interchange Calendar
-CVE-2010-5020 (SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 ...)
+CVE-2010-5020
 	NOT-FOR-US: NetArt Media iBoutique
-CVE-2010-5019 (SQL injection vulnerability in view_photo.php in 2daybiz Online ...)
+CVE-2010-5019
 	NOT-FOR-US: 2daybiz Online Classified Script
-CVE-2010-5018 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-5018
 	NOT-FOR-US: 2daybiz Online Classified Script
-CVE-2010-5017 (SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 ...)
+CVE-2010-5017
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2010-5016 (SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 ...)
+CVE-2010-5016
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2010-5015 (SQL injection vulnerability in view_photo.php in 2daybiz Network ...)
+CVE-2010-5015
 	NOT-FOR-US: 2daybiz Network Community Script
-CVE-2010-5014 (SQL injection vulnerability in standings.php in Elite Gaming Ladders ...)
+CVE-2010-5014
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2010-5013 (SQL injection vulnerability in listing_detail.asp in Mckenzie ...)
+CVE-2010-5013
 	NOT-FOR-US: Mckenzie Creations Virtual Real Estate Manager
-CVE-2010-5012 (SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows ...)
+CVE-2010-5012
 	NOT-FOR-US: DaLogin
-CVE-2010-5011 (SQL injection vulnerability in schoolmv2/html/studentmain.php in ...)
+CVE-2010-5011
 	NOT-FOR-US: SchoolMation
-CVE-2010-5010 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-5010
 	NOT-FOR-US: SchoolMation
-CVE-2010-5009 (SQL injection vulnerability in index.php in UTStats Beta 4 and earlier ...)
+CVE-2010-5009
 	NOT-FOR-US: UTStats
-CVE-2010-5008 (SQL injection vulnerability in pages/contact_list_mail_form.asp in ...)
+CVE-2010-5008
 	NOT-FOR-US: BrightSuite Groupware
-CVE-2010-5007 (Cross-site scripting (XSS) vulnerability in pages/match_report.php in ...)
+CVE-2010-5007
 	NOT-FOR-US: UTStats
-CVE-2010-5006 (SQL injection vulnerability in googlemap/index.php in EMO Realty ...)
+CVE-2010-5006
 	NOT-FOR-US: EMO Realty Manager
-CVE-2010-5005 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-5005
 	NOT-FOR-US: Rayzz Photoz
-CVE-2010-5004 (SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka ...)
+CVE-2010-5004
 	NOT-FOR-US: 2daybiz Polls
-CVE-2010-5000 (SQL injection vulnerability in login/login_index.php in MCLogin System ...)
+CVE-2010-5000
 	NOT-FOR-US: MCLogin System
-CVE-2010-4998 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-4998
 	NOT-FOR-US: ardeaCore PHP Framework
-CVE-2010-4997 (SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 ...)
+CVE-2010-4997
 	NOT-FOR-US: OlyKit Swoopo Clone 2010
-CVE-2010-4971 (Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way ...)
+CVE-2010-4971
 	NOT-FOR-US: VideoWhisper PHP 2 Way Video Chat
-CVE-2010-5003 (SQL injection vulnerability in the AutarTimonial (com_autartimonial) ...)
+CVE-2010-5003
 	NOT-FOR-US: Joomla extension
-CVE-2010-5002 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-5002
 	NOT-FOR-US: Exponent CMS
-CVE-2010-5001 (SQL injection vulnerability in view.php in esoftpro Online Contact ...)
+CVE-2010-5001
 	NOT-FOR-US: esoftpro Online Contact Manager
-CVE-2010-4999 (SQL injection vulnerability in index.php in esoftpro Online Photo Pro ...)
+CVE-2010-4999
 	NOT-FOR-US: esoftpro Online Photo Pro
-CVE-2010-4996 (SQL injection vulnerability in ogp_show.php in esoftpro Online ...)
+CVE-2010-4996
 	NOT-FOR-US: esoftpro Online Guestbook Pro
-CVE-2010-4995 (SQL injection vulnerability in the NeoRecruit (com_neorecruit) ...)
+CVE-2010-4995
 	NOT-FOR-US: Joomla extension
-CVE-2010-4994 (SQL injection vulnerability in the Jobs Pro component 1.6.4 for ...)
+CVE-2010-4994
 	NOT-FOR-US: Joomla extension
-CVE-2010-4993 (SQL injection vulnerability in the eventcal (com_eventcal) component ...)
+CVE-2010-4993
 	NOT-FOR-US: Joomla extension
-CVE-2010-4992 (SQL injection vulnerability in the Payments Plus component 2.1.5 for ...)
+CVE-2010-4992
 	NOT-FOR-US: Joomla extension
-CVE-2010-4991 (SQL injection vulnerability in the NinjaMonials (com_ninjamonials) ...)
+CVE-2010-4991
 	NOT-FOR-US: Joomla extension
-CVE-2010-4990 (SQL injection vulnerability in the Front-edit Address Book ...)
+CVE-2010-4990
 	NOT-FOR-US: Joomla extension
-CVE-2010-4989 (SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows ...)
+CVE-2010-4989
 	NOT-FOR-US: Ziggurat Farsi CMS
-CVE-2010-4988 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-4988
 	NOT-FOR-US: Family Connections Who is Chatting
-CVE-2010-4987 (SQL injection vulnerability in default.asp in KMSoft Guestbook (aka ...)
+CVE-2010-4987
 	NOT-FOR-US: KMSoft Guestbook (aka GBook)
-CVE-2010-4986 (SQL injection vulnerability in detail.php in Simple Document ...)
+CVE-2010-4986
 	NOT-FOR-US: Simple Document Management System (SDMS)
-CVE-2010-4985 (Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam ...)
+CVE-2010-4985
 	NOT-FOR-US: My Kazaam Notes Management System
-CVE-2010-4984 (SQL injection vulnerability in notes.php in My Kazaam Notes Management ...)
+CVE-2010-4984
 	NOT-FOR-US: My Kazaam Notes Management System
-CVE-2010-4983 (SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 ...)
+CVE-2010-4983
 	NOT-FOR-US: iScripts CyberMatch
-CVE-2010-4982 (SQL injection vulnerability in address_book/contacts.php in My Kazaam ...)
+CVE-2010-4982
 	NOT-FOR-US: My Kazaam Address & Contact Organizer
-CVE-2010-4981 (SQL injection vulnerability in trackads.php in YourFreeWorld Banner ...)
+CVE-2010-4981
 	NOT-FOR-US: YourFreeWorld Banner Management
-CVE-2010-4980 (SQL injection vulnerability in packagedetails.php in iScripts ...)
+CVE-2010-4980
 	NOT-FOR-US: iScripts ReserveLogic
-CVE-2010-4979 (SQL injection vulnerability in image/view.php in CANDID allows remote ...)
+CVE-2010-4979
 	NOT-FOR-US: CANDID
-CVE-2010-4978 (Cross-site scripting (XSS) vulnerability in image/view.php in CANDID ...)
+CVE-2010-4978
 	NOT-FOR-US: CANDID
-CVE-2010-4977 (SQL injection vulnerability in menu.php in the Canteen (com_canteen) ...)
+CVE-2010-4977
 	NOT-FOR-US: Joomla extension
-CVE-2010-4976 (Cross-site scripting (XSS) vulnerability in search/search.php in ...)
+CVE-2010-4976
 	NOT-FOR-US: MetInfo
-CVE-2010-4975 (SQL injection vulnerability in the Techjoomla SocialAds For JomSocial ...)
+CVE-2010-4975
 	NOT-FOR-US: Joomla extension
-CVE-2010-4974 (SQL injection vulnerability in info.php in BrotherScripts (BS) and ...)
+CVE-2010-4974
 	NOT-FOR-US: BrotherScripts (BS) and ScriptsFeed Auto Dealer
-CVE-2010-4973 (Cross-site scripting (XSS) vulnerability in the search feature in ...)
+CVE-2010-4973
 	NOT-FOR-US: Campsite
-CVE-2010-4972 (SQL injection vulnerability in index.php in YPNinc JokeScript allows ...)
+CVE-2010-4972
 	NOT-FOR-US: YPNinc JokeScript
-CVE-2010-4970 (SQL injection vulnerability in handlers/getpage.php in Wiki Web Help ...)
+CVE-2010-4970
 	NOT-FOR-US: Wiki Web Help
-CVE-2010-4969 (SQL injection vulnerability in articlesdetails.php in BrotherScripts ...)
+CVE-2010-4969
 	NOT-FOR-US: BrotherScripts (BS) Business Directory
-CVE-2010-4968 (SQL injection vulnerability in the webmaster-tips.net Flash Gallery ...)
+CVE-2010-4968
 	NOT-FOR-US: Joomla extension
-CVE-2010-4967 (SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 ...)
+CVE-2010-4967
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2010-4966 (Cross-site scripting (XSS) vulnerability in default.asp in ATCOM ...)
+CVE-2010-4966
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2010-4965 (/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 ...)
+CVE-2010-4965
 	NOT-FOR-US: D-Link DCS-2121
-CVE-2010-4964 (recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 ...)
+CVE-2010-4964
 	NOT-FOR-US: D-Link DCS-2121
-CVE-2010-4963 (SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows ...)
+CVE-2010-4963
 	NOT-FOR-US: Hulihan BXR
-CVE-2010-4962 (Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension ...)
+CVE-2010-4962
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4961 (SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension ...)
+CVE-2010-4961
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4960 (Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka ...)
+CVE-2010-4960
 	NOT-FOR-US: Branchenbuch
-CVE-2010-4959 (SQL injection vulnerability in the login feature in Pre Projects Pre ...)
+CVE-2010-4959
 	NOT-FOR-US: Pre Projects Pre Podcast Portal
-CVE-2010-4958 (SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows ...)
+CVE-2010-4958
 	NOT-FOR-US: Prado Portal
-CVE-2010-4957 (SQL injection vulnerability in the Questionnaire (ke_questionnaire) ...)
+CVE-2010-4957
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4956 (Cross-site scripting (XSS) vulnerability in the Questionnaire ...)
+CVE-2010-4956
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4955 (SQL injection vulnerability in board/board.php in APBoard Developers ...)
+CVE-2010-4955
 	NOT-FOR-US: APBoard Developers APBoard
-CVE-2010-4954 (SQL injection vulnerability in product_reviews_info.php in xt:Commerce ...)
+CVE-2010-4954
 	NOT-FOR-US: xt:Commerce Gambio
-CVE-2010-4953 (Unspecified vulnerability in the JW Calendar (jw_calendar) extension ...)
+CVE-2010-4953
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4952 (SQL injection vulnerability in the FE user statistic (festat) ...)
+CVE-2010-4952
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4951 (Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox ...)
+CVE-2010-4951
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4950 (SQL injection vulnerability in the Event (event) extension before ...)
+CVE-2010-4950
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4949 (Cross-site scripting (XSS) vulnerability in the (1) FreiChat component ...)
+CVE-2010-4949
 	NOT-FOR-US: Joomla extension
-CVE-2010-4948 (PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in ...)
+CVE-2010-4948
 	NOT-FOR-US: PHP Free Photo Gallery
-CVE-2010-4947 (Cross-site scripting (XSS) vulnerability in advanced_search_result.php ...)
+CVE-2010-4947
 	NOT-FOR-US: ALLPC
-CVE-2010-4946 (SQL injection vulnerability in product_info.php in ALLPC 2.5 allows ...)
+CVE-2010-4946
 	NOT-FOR-US: ALLPC
-CVE-2010-4945 (SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) ...)
+CVE-2010-4945
 	NOT-FOR-US: CamelcityDB
-CVE-2010-4944 (SQL injection vulnerability in the Elite Experts (com_elite_experts) ...)
+CVE-2010-4944
 	NOT-FOR-US: Joomla extension
-CVE-2010-4943 (Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 ...)
+CVE-2010-4943
 	NOT-FOR-US: Saurus CMS
-CVE-2010-4942 (SQL injection vulnerability in location.php in the eCal module in ...)
+CVE-2010-4942
 	NOT-FOR-US: E-Xoopport Samsara
-CVE-2010-4941 (SQL injection vulnerability in the Teams (com_teams) component ...)
+CVE-2010-4941
 	NOT-FOR-US: Joomla extension
-CVE-2010-4940 (SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows ...)
+CVE-2010-4940
 	NOT-FOR-US: WAnewsletter
-CVE-2010-4939 (PHP remote file inclusion vulnerability in index.php in MailForm 1.2 ...)
+CVE-2010-4939
 	NOT-FOR-US: MailForm
-CVE-2010-4938 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...)
+CVE-2010-4938
 	NOT-FOR-US: Joomla extension
-CVE-2010-4937 (Multiple SQL injection vulnerabilities in the Amblog (com_amblog) ...)
+CVE-2010-4937
 	NOT-FOR-US: Amblog
-CVE-2010-4936 (SQL injection vulnerability in the Slide Show (com_slideshow) ...)
+CVE-2010-4936
 	NOT-FOR-US: Slide Show extension for Joomla
-CVE-2010-4935 (SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier ...)
+CVE-2010-4935
 	NOT-FOR-US: Entrans
-CVE-2010-4934 (SQL injection vulnerability in video.php in Get Tube 4.51 and earlier ...)
+CVE-2010-4934
 	NOT-FOR-US: Get Tube
-CVE-2010-4933 (SQL injection vulnerability in filemgmt/singlefile.php in Geeklog ...)
+CVE-2010-4933
 	NOT-FOR-US: Geeklog
-CVE-2010-4932 (Cross-site scripting (XSS) vulnerability in search.php in Entrans ...)
+CVE-2010-4932
 	NOT-FOR-US: Entrans
-CVE-2010-4931 (** DISPUTED ** Directory traversal vulnerability in maincore.php in ...)
+CVE-2010-4931
 	NOT-FOR-US: PHP-Fusion
-CVE-2010-4930 (Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail ...)
+CVE-2010-4930
 	NOT-FOR-US: @mail Webmail
-CVE-2010-4929 (SQL injection vulnerability in the Joostina (com_ezautos) component ...)
+CVE-2010-4929
 	NOT-FOR-US: Joomla extension
-CVE-2010-4928 (Cross-site scripting (XSS) vulnerability in the Restaurant Guide ...)
+CVE-2010-4928
 	NOT-FOR-US: Joomla extension
-CVE-2010-4927 (SQL injection vulnerability in the Restaurant Guide ...)
+CVE-2010-4927
 	NOT-FOR-US: Joomla extension
-CVE-2010-4926 (SQL injection vulnerability in the TimeTrack (com_timetrack) component ...)
+CVE-2010-4926
 	NOT-FOR-US: Joomla extension
-CVE-2010-4925 (SQL injection vulnerability in clic.php in the Partenaires module 1.5 ...)
+CVE-2010-4925
 	NOT-FOR-US: Nuked Klan
-CVE-2010-4924 (** DISPUTED ** PHP remote file inclusion vulnerability in ...)
+CVE-2010-4924
 	NOT-FOR-US: clearBudget
-CVE-2010-4923 (SQL injection vulnerability in book/detail.php in Virtue Netz Virtue ...)
+CVE-2010-4923
 	NOT-FOR-US: Virtue Netz Virtue
-CVE-2010-4922 (Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow ...)
+CVE-2010-4922
 	NOT-FOR-US: Allinta CMS
-CVE-2010-4921 (SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady ...)
+CVE-2010-4921
 	NOT-FOR-US: DMXReady Polling Booth Manager
-CVE-2010-4920 (SQL injection vulnerability in detail.asp in Micronetsoft Rental ...)
+CVE-2010-4920
 	NOT-FOR-US: Micronetsoft
-CVE-2010-4919 (SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer ...)
+CVE-2010-4919
 	NOT-FOR-US: Micronetsoft
-CVE-2010-4918 (PHP remote file inclusion vulnerability in iJoomla Magazine ...)
+CVE-2010-4918
 	NOT-FOR-US: Joomla extension
-CVE-2010-4917 (SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows ...)
+CVE-2010-4917
 	NOT-FOR-US: A-Blog
-CVE-2010-4916 (Multiple SQL injection vulnerabilities in index.cfm in ColdGen ...)
+CVE-2010-4916
 	NOT-FOR-US: ColdGen ColdUserGroup
-CVE-2010-4915 (SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 ...)
+CVE-2010-4915
 	NOT-FOR-US: ColdGen ColdBookmarks
-CVE-2010-4914 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-4914
 	NOT-FOR-US: PHP Classifieds
-CVE-2010-4913 (Cross-site scripting (XSS) vulnerability in the search feature in ...)
+CVE-2010-4913
 	NOT-FOR-US: ColdGen ColdUserGroup
-CVE-2010-4912 (SQL injection vulnerability in shop.php in UCenter Home 2.0 allows ...)
+CVE-2010-4912
 	NOT-FOR-US: UCenter
-CVE-2010-4911 (SQL injection vulnerability in classi/detail.php in PHP Classifieds ...)
+CVE-2010-4911
 	NOT-FOR-US: PHP Classifieds
-CVE-2010-4910 (SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 ...)
+CVE-2010-4910
 	NOT-FOR-US: ColdGen ColdCalendar
-CVE-2010-4909 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-4909
 	NOT-FOR-US: PaysiteReviewCMS
-CVE-2010-4908 (SQL injection vulnerability in detail.php in Virtue Shopping Mall ...)
+CVE-2010-4908
 	NOT-FOR-US: Virtue Shopping Mall
-CVE-2010-4907 (Cross-site scripting (XSS) vulnerability in zp-core/admin.php in ...)
+CVE-2010-4907
 	NOT-FOR-US: Zenphoto
-CVE-2010-4906 (SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 ...)
+CVE-2010-4906
 	NOT-FOR-US: Zenphoto
-CVE-2010-4905 (SQL injection vulnerability in article_details.php in Softbiz Article ...)
+CVE-2010-4905
 	NOT-FOR-US: Softbiz
-CVE-2010-4904 (SQL injection vulnerability in the Aardvertiser (com_aardvertiser) ...)
+CVE-2010-4904
 	NOT-FOR-US: Aardvertiser
-CVE-2010-4903 (SQL injection vulnerability in index.php in CubeCart 4.3.3 allows ...)
+CVE-2010-4903
 	NOT-FOR-US: CubeCart
-CVE-2010-4902 (Multiple SQL injection vulnerabilities in the Clantools ...)
+CVE-2010-4902
 	NOT-FOR-US: Joomla extension
-CVE-2010-4901 (Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in ...)
+CVE-2010-4901
 	NOT-FOR-US: MySource Matrix
-CVE-2010-4900 (Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and ...)
+CVE-2010-4900
 	NOT-FOR-US: CMS WebManager-Pro
-CVE-2010-4899 (SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 ...)
+CVE-2010-4899
 	NOT-FOR-US: CMS WebManager-Pro
-CVE-2010-4898 (SQL injection vulnerability in the Gantry (com_gantry) component ...)
+CVE-2010-4898
 	NOT-FOR-US: Joomla extension
-CVE-2010-4897 (SQL injection vulnerability in comment.php in BlueCMS 1.6 allows ...)
+CVE-2010-4897
 	NOT-FOR-US: BlueCMS
-CVE-2010-4896 (Cross-site scripting (XSS) vulnerability in admin/index.asp in Member ...)
+CVE-2010-4896
 	NOT-FOR-US: Member Management System
-CVE-2010-4895 (Cross-site scripting (XSS) vulnerability in core/showsite.php in ...)
+CVE-2010-4895
 	NOT-FOR-US: chillyCMS
-CVE-2010-4894 (SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 ...)
+CVE-2010-4894
 	NOT-FOR-US: chillyCMS
-CVE-2010-4893 (Cross-site scripting (XSS) vulnerability in foodvendors.php in FestOS ...)
+CVE-2010-4893
 	NOT-FOR-US: FestOS
-CVE-2010-4892 (Cross-site scripting (XSS) vulnerability in the powermail extension ...)
+CVE-2010-4892
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4891 (SQL injection vulnerability in the Yet Another Calendar (ke_yac) ...)
+CVE-2010-4891
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4890 (Cross-site scripting (XSS) vulnerability in the Yet Another Calendar ...)
+CVE-2010-4890
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4889 (Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension ...)
+CVE-2010-4889
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4888 (SQL injection vulnerability in the Tiny Market (hm_tinymarket) ...)
+CVE-2010-4888
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4887 (SQL injection vulnerability in the Commenting system Backend Module ...)
+CVE-2010-4887
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4886 (Cross-site scripting (XSS) vulnerability in the &quot;official twitter ...)
+CVE-2010-4886
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4885 (Cross-site scripting (XSS) vulnerability in the XING Button (xing) ...)
+CVE-2010-4885
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4884 (PHP remote file inclusion vulnerability in guestbook/gbook.php in ...)
+CVE-2010-4884
 	NOT-FOR-US: Gaestebuch
-CVE-2010-4883 (Cross-site scripting (XSS) vulnerability in manager/index.php in MODx ...)
+CVE-2010-4883
 	NOT-FOR-US: MODx Revolution
-CVE-2010-4882 (Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS ...)
+CVE-2010-4882
 	NOT-FOR-US: Auto CMS
-CVE-2010-4881 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2010-4881
 	NOT-FOR-US: ApPHP Calendar
-CVE-2010-4880 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-4880
 	NOT-FOR-US: ApPHP Calendar
-CVE-2010-4879 (PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 ...)
+CVE-2010-4879
 	- php-dompdf 0.6.1+dfsg-1
-CVE-2010-4878 (PHP remote file inclusion vulnerability in formmailer.php in Kontakt ...)
+CVE-2010-4878
 	NOT-FOR-US: Kontakt Formular
-CVE-2010-4877 (Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 ...)
+CVE-2010-4877
 	NOT-FOR-US: OneCMS
-CVE-2010-4876 (SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows ...)
+CVE-2010-4876
 	NOT-FOR-US: mBlogger
-CVE-2010-4875 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-4875
 	NOT-FOR-US: Wordpress plugin
-CVE-2010-4874 (Multiple cross-site scripting (XSS) vulnerabilities in users.php in ...)
+CVE-2010-4874
 	NOT-FOR-US: NinkoBB
-CVE-2010-4873 (Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 ...)
+CVE-2010-4873
 	NOT-FOR-US: WeBid
-CVE-2010-4872 (SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 ...)
+CVE-2010-4872
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2010-4871 (Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows ...)
+CVE-2010-4871
 	NOT-FOR-US: SmartFTP
-CVE-2010-4870 (SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows ...)
+CVE-2010-4870
 	NOT-FOR-US: BloofoxCMS
-CVE-2010-4869 (SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote ...)
+CVE-2010-4869
 	NOT-FOR-US: DBHcms
-CVE-2010-4868 (Cross-site scripting (XSS) vulnerability in search.php3 (aka ...)
+CVE-2010-4868
 	NOT-FOR-US: W-Agora
-CVE-2010-4867 (Directory traversal vulnerability in search.php3 (aka search.php) in ...)
+CVE-2010-4867
 	NOT-FOR-US: W-Agora
-CVE-2010-4866 (SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows ...)
+CVE-2010-4866
 	NOT-FOR-US: Chipmunk Board
-CVE-2010-4865 (SQL injection vulnerability in the JE Guestbook (com_jeguestbook) ...)
+CVE-2010-4865
 	NOT-FOR-US: Joomla extension
-CVE-2010-4864 (SQL injection vulnerability in the Club Manager (com_clubmanager) ...)
+CVE-2010-4864
 	NOT-FOR-US: Joomla extension
-CVE-2010-4863 (Cross-site scripting (XSS) vulnerability in admin/changedata.php in ...)
+CVE-2010-4863
 	NOT-FOR-US: GetSimple CMS
-CVE-2010-4862 (SQL injection vulnerability in the JExtensions JE Directory ...)
+CVE-2010-4862
 	NOT-FOR-US: Joomla extension
-CVE-2010-4861 (SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows ...)
+CVE-2010-4861
 	NOT-FOR-US: webSPELL
-CVE-2010-4860 (SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 ...)
+CVE-2010-4860
 	NOT-FOR-US: MyPhpAuction
-CVE-2010-4859 (SQL injection vulnerability in index.php in WebAsyst Shop-Script ...)
+CVE-2010-4859
 	NOT-FOR-US: WebAsyst Shop-Script
-CVE-2010-4858 (Directory traversal vulnerability in team.rc5-72.php in DNET ...)
+CVE-2010-4858
 	NOT-FOR-US: DNET Live-Stats
-CVE-2010-4857 (SQL injection vulnerability in click.php in CAG CMS 0.2 Beta allows ...)
+CVE-2010-4857
 	NOT-FOR-US: CAG CMS
-CVE-2010-4856 (SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote ...)
+CVE-2010-4856
 	NOT-FOR-US: xWeblog
-CVE-2010-4855 (SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote ...)
+CVE-2010-4855
 	NOT-FOR-US: xWebLog
-CVE-2010-4854 (SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when ...)
+CVE-2010-4854
 	NOT-FOR-US: Zuitu
-CVE-2010-4853 (SQL injection vulnerability in the ccInvoices (com_ccinvoices) ...)
+CVE-2010-4853
 	NOT-FOR-US: Joomla extension
-CVE-2010-4852 (Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b ...)
+CVE-2010-4852
 	NOT-FOR-US: Eclime
-CVE-2010-4851 (Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote ...)
+CVE-2010-4851
 	NOT-FOR-US: Eclime
-CVE-2010-4850 (Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 ...)
+CVE-2010-4850
 	NOT-FOR-US: Diferior
-CVE-2010-4849 (SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B ...)
+CVE-2010-4849
 	NOT-FOR-US: Alibaba Clone B2B
-CVE-2010-4848 (Multiple cross-site scripting (XSS) vulnerabilities in addlink.php in ...)
+CVE-2010-4848
 	NOT-FOR-US: AXScripts AxsLinks
-CVE-2010-4847 (SQL injection vulnerability in view_item.php in MH Products MHP ...)
+CVE-2010-4847
 	NOT-FOR-US: MH Products MHP Downloadshop
-CVE-2010-4846 (SQL injection vulnerability in view_item.php in MH Products Pay Pal ...)
+CVE-2010-4846
 	NOT-FOR-US: MH Products Pay Pal Shop Digital
-CVE-2010-4845 (Multiple SQL injection vulnerabilities in MH Products Projekt Shop ...)
+CVE-2010-4845
 	NOT-FOR-US: MH Products Projekt Shop
-CVE-2010-4844 (SQL injection vulnerability in content.php in MH Products Easy Online ...)
+CVE-2010-4844
 	NOT-FOR-US: MH Products Easy Online Shop
-CVE-2010-4843 (SQL injection vulnerability in website-page.php in PHP Web Scripts Ad ...)
+CVE-2010-4843
 	NOT-FOR-US: PHP Web Scripts Ad Manager Pro
-CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP DownloadScript ...)
+CVE-2010-4842
 	NOT-FOR-US: MH Products Download Center
-CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2010-4841
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine ...)
+CVE-2010-4840
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2010-4839 (SQL injection vulnerability in the Event Registration plugin 5.32 and ...)
+CVE-2010-4839
 	NOT-FOR-US: Wordpress plugin Event Registration
-CVE-2010-4838 (SQL injection vulnerability in the JSupport (com_jsupport) component ...)
+CVE-2010-4838
 	NOT-FOR-US: Joomla!
-CVE-2010-4837 (Cross-site scripting (XSS) vulnerability in the JSupport ...)
+CVE-2010-4837
 	NOT-FOR-US: Joomla!
-CVE-2010-4836 (Cross-site scripting (XSS) vulnerability in register.html in PHPShop ...)
+CVE-2010-4836
 	NOT-FOR-US: PHPShop
-CVE-2010-4835 (Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 ...)
+CVE-2010-4835
 	NOT-FOR-US: OneOrZero AIMS
-CVE-2010-4834 (Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS ...)
+CVE-2010-4834
 	NOT-FOR-US: OneOrZero AIMS
-CVE-2010-4833 (Untrusted search path vulnerability in ...)
+CVE-2010-4833
 	- gtk+2.0 <not-affected> (win32 specific)
-CVE-2010-4832 (Android OS before 2.2 does not display the correct SSL certificate in ...)
+CVE-2010-4832
 	NOT-FOR-US: Android
-CVE-2010-4831 (Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in ...)
+CVE-2010-4831
 	- gtk+2.0 <not-affected> (Win32-specific)
-CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno ...)
+CVE-2010-4830
 	NOT-FOR-US: Techno Dreams (T-Dreams) Job Career Package
-CVE-2010-4829 (SQL injection vulnerability in processview.asp in Techno Dreams ...)
+CVE-2010-4829
 	NOT-FOR-US: Techno Dreams
-CVE-2010-4828 (Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds ...)
+CVE-2010-4828
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2010-4827 (Cross-site scripting (XSS) vulnerability in members.asp in Snitz ...)
+CVE-2010-4827
 	NOT-FOR-US: Snitz Forums
-CVE-2010-4826 (SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 ...)
+CVE-2010-4826
 	NOT-FOR-US: Snitz Forums
-CVE-2010-4825 (Cross-site scripting (XSS) vulnerability in magpie_debug.php in the ...)
+CVE-2010-4825
 	NOT-FOR-US: Wordpress plugin
-CVE-2010-4824 (SQL injection vulnerability in the augmentSQL method in ...)
+CVE-2010-4824
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-4823 (Cross-site scripting (XSS) vulnerability in the httpError method in ...)
+CVE-2010-4823
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-4822 (core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when ...)
+CVE-2010-4822
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-4821 (Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 ...)
+CVE-2010-4821
 	NOT-FOR-US: phpMyFAQ
-CVE-2010-4820 (Untrusted search path vulnerability in Ghostscript 8.62 allows local ...)
+CVE-2010-4820
 	- ghostscript 8.71~dfsg2-6.1
 	[lenny] - ghostscript <no-dsa> (too risky for regressions)
-CVE-2010-4819 (The ProcRenderAddGlyphs function in the Render extension ...)
+CVE-2010-4819
 	- xorg-server 2:1.9.0.901-1
 	[squeeze] - xorg-server 2:1.7.7-14
 	[lenny] - xorg-server <no-dsa> (Minor issue)
-CVE-2010-4818 (The GLX extension in X.Org xserver 1.7.7 allows remote authenticated ...)
+CVE-2010-4818
 	- xorg-server 2:1.9.99.902-1
 	[squeeze] - xorg-server 2:1.7.7-4
 	[lenny] - xorg-server <no-dsa> (Minor issue)
@@ -1113,363 +1113,363 @@ CVE-2010-4816
 CVE-2010-4815
 	RESERVED
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2010-4814 (SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) ...)
+CVE-2010-4814
 	NOT-FOR-US: Best Soft Inc.
-CVE-2010-4813 (Cross-site scripting (XSS) vulnerability in the Category Tokens module ...)
+CVE-2010-4813
 	NOT-FOR-US: Drupal 6.x Category Tokens module
-CVE-2010-4812 (Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 ...)
+CVE-2010-4812
 	NOT-FOR-US: 6kbbs
-CVE-2010-4811 (Multiple cross-site scripting (XSS) vulnerabilities in ajaxmember.php ...)
+CVE-2010-4811
 	NOT-FOR-US: 6kbbs
-CVE-2010-4810 (Multiple PHP remote file inclusion vulnerabilities in AR Web Content ...)
+CVE-2010-4810
 	NOT-FOR-US: AR Web Content Manager
-CVE-2010-4809 (SQL injection vulnerability in index.php in DBSite 1.0 allows remote ...)
+CVE-2010-4809
 	NOT-FOR-US: DBSite
-CVE-2010-4808 (SQL injection vulnerability in index.php in Webmatic allows remote ...)
+CVE-2010-4808
 	NOT-FOR-US: Webmatic
-CVE-2010-4805 (The socket implementation in net/core/sock.c in the Linux kernel ...)
+CVE-2010-4805
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2010-4807 (Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 ...)
+CVE-2010-4807
 	NOT-FOR-US: IBM Web Content Manager
-CVE-2010-4806 (The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 ...)
+CVE-2010-4806
 	NOT-FOR-US: IBM Web Content Manager
-CVE-2010-4804 (The Android browser in Android before 2.3.4 allows remote attackers to ...)
+CVE-2010-4804
 	NOT-FOR-US: Android Browser
-CVE-2010-4803 (Mojolicious before 0.999927 does not properly implement HMAC-MD5 ...)
+CVE-2010-4803
 	{DSA-2239-1}
 	- libmojolicious-perl 0.999929-1
-CVE-2010-4802 (Commands.pm in Mojolicious before 0.999928 does not properly perform ...)
+CVE-2010-4802
 	{DSA-2239-1}
 	- libmojolicious-perl 0.999929-1
-CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in BaconMap ...)
+CVE-2010-4801
 	NOT-FOR-US: BaconMap
-CVE-2010-4800 (SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote ...)
+CVE-2010-4800
 	NOT-FOR-US: BaconMap
-CVE-2010-4799 (Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when ...)
+CVE-2010-4799
 	NOT-FOR-US: Chipmunk Pwngame
-CVE-2010-4798 (Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 ...)
+CVE-2010-4798
 	NOT-FOR-US: OrangeHRM
-CVE-2010-4797 (Multiple SQL injection vulnerabilities in the log-in form in Truworth ...)
+CVE-2010-4797
 	NOT-FOR-US: Truworth Flex Timesheet
-CVE-2010-4796 (Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote ...)
+CVE-2010-4796
 	NOT-FOR-US: PHPYun
-CVE-2010-4795 (SQL injection vulnerability in the JS Calendar (com_jscalendar) ...)
+CVE-2010-4795
 	NOT-FOR-US: JS Calendar component for Joomla!
-CVE-2010-4794 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2010-4794
 	NOT-FOR-US: JoomlaSeller JS Calendar component for Joomla!
-CVE-2010-4793 (SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager ...)
+CVE-2010-4793
 	NOT-FOR-US: Site2Nite Auto e-Manager
-CVE-2010-4792 (Cross-site scripting (XSS) vulnerability in title.php in OPEN IT ...)
+CVE-2010-4792
 	NOT-FOR-US: OPEN IT OverLook
-CVE-2010-4791 (SQL injection vulnerability in ...)
+CVE-2010-4791
 	NOT-FOR-US: MG User-Fotoalbum module for PHP-Fusion
-CVE-2010-4790 (Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and ...)
+CVE-2010-4790
 	NOT-FOR-US: FilterFTP
-CVE-2010-4789 (Use-after-free vulnerability in the proxy-server implementation in IBM ...)
+CVE-2010-4789
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-4788 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka ...)
+CVE-2010-4788
 	NOT-FOR-US: Tivoli
-CVE-2010-4787 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...)
+CVE-2010-4787
 	NOT-FOR-US: Tivoli
-CVE-2010-4786 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...)
+CVE-2010-4786
 	NOT-FOR-US: Tivoli
-CVE-2010-4785 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...)
+CVE-2010-4785
 	NOT-FOR-US: Tivoli
-CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web ...)
+CVE-2010-4784
 	NOT-FOR-US: PHP Web Scripts Easy Banner Free
-CVE-2010-4783 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-4783
 	NOT-FOR-US: PHP Web Scripts Easy Banner Free
-CVE-2010-4782 (Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal ...)
+CVE-2010-4782
 	NOT-FOR-US: Softwebs Nepal Ananda Real Estate
-CVE-2010-4781 (index.php in Enano CMS 1.1.7pl1, and possibly other versions before ...)
+CVE-2010-4781
 	NOT-FOR-US: Enano CMS
-CVE-2010-4780 (SQL injection vulnerability in the check_banlist function in ...)
+CVE-2010-4780
 	NOT-FOR-US: Enano CMS
-CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php ...)
+CVE-2010-4779
 	NOT-FOR-US: WPtouch plugin for WordPress
-CVE-2010-4778 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-4778
 	- imp4 4.3.10+debian0-1
 	[squeeze] - imp4 <no-dsa> (Minor issue)
-CVE-2010-4777 (The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, ...)
+CVE-2010-4777
 	- perl 5.20.1-1 (unimportant; bug #628836)
 	NOTE: Only affects Perl builds with enabled assertions, i.e. the debugperl binary from perl-debug
 	NOTE: likely fixed sometime around 5.18, but 5.20 was the version checked
-CVE-2010-4776 (SQL injection vulnerability in takefreestart.php in PreProjects Pre ...)
+CVE-2010-4776
 	NOT-FOR-US: PreProjects Pre Online Tests Generator Pro
-CVE-2010-4775 (The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 ...)
+CVE-2010-4775
 	NOT-FOR-US: Relevant Content addon for Drupal
-CVE-2010-4774 (SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote ...)
+CVE-2010-4774
 	NOT-FOR-US: AuraCMS
-CVE-2010-4773 (Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D ...)
+CVE-2010-4773
 	NOT-FOR-US: Hitachi EUR Form, uCosminexus EUR Form Service
-CVE-2010-4772 (Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS ...)
+CVE-2010-4772
 	NOT-FOR-US: S-CMS
-CVE-2010-4771 (SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows ...)
+CVE-2010-4771
 	NOT-FOR-US: S-CMS
-CVE-2010-4770 (SQL injection vulnerability in index.php in CommodityRentals DVD ...)
+CVE-2010-4770
 	NOT-FOR-US: CommodityRentals DVD Rentals Script
-CVE-2010-4769 (Directory traversal vulnerability in the Jimtawl (com_jimtawl) ...)
+CVE-2010-4769
 	NOT-FOR-US: Jimtawl
-CVE-2010-4768 (Open Ticket Request System (OTRS) before 2.3.5 does not properly ...)
+CVE-2010-4768
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2010-4767 (Open Ticket Request System (OTRS) before 2.3.6 does not properly ...)
+CVE-2010-4767
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2010-4766 (The AgentTicketForward feature in Open Ticket Request System (OTRS) ...)
+CVE-2010-4766
 	- otrs2 2.4.7+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
-CVE-2010-4765 (Race condition in the Kernel::System::Main::FileWrite method in Open ...)
+CVE-2010-4765
 	- otrs2 2.4.8+dfsg1-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2010-4764 (Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, ...)
+CVE-2010-4764
 	- otrs2 2.4.10+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
-CVE-2010-4763 (The ACL-customer-status Ticket Type setting in Open Ticket Request ...)
+CVE-2010-4763
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security impact
-CVE-2010-4762 (Cross-site scripting (XSS) vulnerability in the rich-text-editor ...)
+CVE-2010-4762
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security impact
-CVE-2010-4761 (The customer-interface ticket-print dialog in Open Ticket Request ...)
+CVE-2010-4761
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
-CVE-2010-4760 (Open Ticket Request System (OTRS) before 3.0.0-beta6 adds ...)
+CVE-2010-4760
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: No security impact, feature enhancement
-CVE-2010-4759 (Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly ...)
+CVE-2010-4759
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: No security impact, feature enhancement
-CVE-2010-4758 (installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an ...)
+CVE-2010-4758
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security enhancement
-CVE-2010-4757 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 ...)
+CVE-2010-4757
 	NOT-FOR-US: e107
-CVE-2010-4756 (The glob implementation in the GNU C Library (aka glibc or libc6) ...)
+CVE-2010-4756
 	- glibc <removed> (unimportant)
 	- eglibc <unfixed> (unimportant)
 	NOTE: That's standard POSIX behaviour implemented by (e)glibc. Applications using
 	NOTE: glob need to impose limits for themselves
-CVE-2010-4755 (The (1) remote_glob function in sftp-glob.c and the (2) process_put ...)
+CVE-2010-4755
 	NOTE: That's essentially shooting yourself in your own foot:
 	NOTE: http://lists.mindrot.org/pipermail/openssh-unix-dev/2011-March/029433.html
-CVE-2010-4754 (The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, ...)
+CVE-2010-4754
 	NOT-FOR-US: FreeBSD/NetBSD libc
-CVE-2010-4753 (Cross-site scripting (XSS) vulnerability in LightNEasy.php in ...)
+CVE-2010-4753
 	NOT-FOR-US: LightNEasy
-CVE-2010-4752 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
+CVE-2010-4752
 	NOT-FOR-US: LightNEasy
-CVE-2010-4751 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
+CVE-2010-4751
 	NOT-FOR-US: LightNEasy
-CVE-2010-4750 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2010-4750
 	NOT-FOR-US: BLOG:CMS
-CVE-2010-4749 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS ...)
+CVE-2010-4749
 	NOT-FOR-US: BLOG:CMS
-CVE-2010-4748 (Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki ...)
+CVE-2010-4748
 	NOT-FOR-US: pmwiki
-CVE-2010-4747 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-4747
 	NOT-FOR-US: Wordpress plugin
-CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 ...)
+CVE-2010-4746
 	NOT-FOR-US: 389 LDAP server
-CVE-2010-4745 (Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before ...)
+CVE-2010-4745
 	NOT-FOR-US: PHPXref
-CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have ...)
+CVE-2010-4744
 	- abcm2ps 5.9.22-1 (low)
 	[squeeze] - abcm2ps <no-dsa> (Minor issue)
 	[lenny] - abcm2ps <no-dsa> (Minor issue)
-CVE-2010-4743 (Heap-based buffer overflow in the getarena function in abc2ps.c in ...)
+CVE-2010-4743
 	- abcm2ps 5.9.22-1 (low)
 	[squeeze] - abcm2ps <no-dsa> (Minor issue)
 	[lenny] - abcm2ps <no-dsa> (Minor issue)
-CVE-2010-4742 (Stack-based buffer overflow in a certain ActiveX control in ...)
+CVE-2010-4742
 	NOT-FOR-US: MediaDBPlayback.DLL
-CVE-2010-4741 (Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool ...)
+CVE-2010-4741
 	NOT-FOR-US: Moxa Device Manager
-CVE-2010-4740 (Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC ...)
+CVE-2010-4740
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2010-4739 (SQL injection vulnerability in the Maian Media Silver (com_maianmedia) ...)
+CVE-2010-4739
 	NOT-FOR-US: Maian Media Silver
-CVE-2010-4738 (Multiple SQL injection vulnerabilities in Rae Media INC Real Estate ...)
+CVE-2010-4738
 	NOT-FOR-US: Rae Media INC Real Estate Single and Multi Agent System
-CVE-2010-4737 (SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb ...)
+CVE-2010-4737
 	NOT-FOR-US: HotWebScripts HotWeb Rentals
-CVE-2010-4736 (SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and ...)
+CVE-2010-4736
 	NOT-FOR-US: GateSoft DocuSafe
-CVE-2010-4735 (SQL injection vulnerability in shoppingcart.asp in Ecommercemax ...)
+CVE-2010-4735
 	NOT-FOR-US: Ecommercemax Solutions Digital-goods seller
-CVE-2010-4734 (Multiple cross-site scripting (XSS) vulnerabilities in the comment ...)
+CVE-2010-4734
 	NOT-FOR-US: Skeletonz CMS
-CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway ...)
+CVE-2010-4733
 	NOT-FOR-US: WebSCADA
-CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, ...)
+CVE-2010-4732
 	NOT-FOR-US: WebSCADA
-CVE-2010-4731 (Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
+CVE-2010-4731
 	NOT-FOR-US: WebSCADA
-CVE-2010-4730 (Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
+CVE-2010-4730
 	NOT-FOR-US: WebSCADA
-CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection mechanism for ...)
+CVE-2010-4729
 	NOT-FOR-US: zikula
-CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for random ...)
+CVE-2010-4728
 	NOT-FOR-US: zikula
-CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the &lt;?php and ?&gt; ...)
+CVE-2010-4727
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0.0 ...)
+CVE-2010-4726
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4725 (Smarty before 3.0.0 RC3 does not properly handle an on value of the ...)
+CVE-2010-4725
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4724 (Multiple unspecified vulnerabilities in the parser implementation in ...)
+CVE-2010-4724
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
+CVE-2010-4723
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...)
+CVE-2010-4722
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...)
+CVE-2010-4721
 	NOT-FOR-US: Immo Makler
-CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
+CVE-2010-4720
 	NOT-FOR-US: Joomla JEAuto addon
-CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component ...)
+CVE-2010-4719
 	NOT-FOR-US: Joomla JRadio addon
-CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2010-4718
 	NOT-FOR-US: Joomla Lyftenbloggie addon
-CVE-2010-4717 (Multiple stack-based buffer overflows in the IMAP server component in ...)
+CVE-2010-4717
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4716 (Cross-site scripting (XSS) vulnerability in the WebPublisher component ...)
+CVE-2010-4716
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4715 (Multiple directory traversal vulnerabilities in the (1) WebAccess ...)
+CVE-2010-4715
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4714 (Multiple stack-based buffer overflows in Novell GroupWise before ...)
+CVE-2010-4714
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4713 (Integer signedness error in gwia.exe in GroupWise Internet Agent ...)
+CVE-2010-4713
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4712 (Multiple stack-based buffer overflows in gwia.exe in GroupWise ...)
+CVE-2010-4712
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4711 (Double free vulnerability in the IMAP server component in GroupWise ...)
+CVE-2010-4711
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4710 (Cross-site scripting (XSS) vulnerability in the addItem method in the ...)
+CVE-2010-4710
 	- yui <removed> (unimportant)
 	NOTE: Mostly a case of mis-documentation
-CVE-2010-4709 (Heap-based buffer overflow in Automated Solutions Modbus/TCP Master ...)
+CVE-2010-4709
 	NOT-FOR-US: Automated Solutions Modbus/TCP Master
-CVE-2010-4708 (The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the ...)
+CVE-2010-4708
 	- pam 1.1.3-7.1 (low; bug #611136)
 	[lenny] - pam <no-dsa> (Minor issue, too invasive for a stable release)
 	[squeeze] - pam <no-dsa> (Minor issue, too invasive for a stable release)
-CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in ...)
+CVE-2010-4707
 	- pam 1.1.3-1 (low)
 	[lenny] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
-CVE-2010-4706 (The pam_sm_close_session function in pam_xauth.c in the pam_xauth ...)
+CVE-2010-4706
 	- pam 1.1.3-1 (low)
 	[lenny] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
-CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function in ...)
+CVE-2010-4705
 	{DSA-2165-1}
 	- ffmpeg <not-affected> (issue introduced in 0.6.x series; bug #611495)
 	- ffmpeg-debian <removed>
 	NOTE: recheck when 0.6.x gets uploaded
-CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and ...)
+CVE-2010-4704
 	{DSA-2306-1 DSA-2165-1}
 	- libav 4:0.6.2-1 (low; bug #611495)
 	- ffmpeg 7:2.4.1-1 (low; bug #611495)
 	- ffmpeg-debian <removed>
 	NOTE: this is a crash found by fuzzing and not clearly exploitable (can be combined with other fixes so low urgency)
-CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts HotWeb ...)
+CVE-2010-4703
 	NOT-FOR-US: HotWebScripts HotWeb Rentals
-CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component before ...)
+CVE-2010-4702
 	NOT-FOR-US: Joomla component
-CVE-2010-4701 (Heap-based buffer overflow in the CDrawPoly::Serialize function in ...)
+CVE-2010-4701
 	NOT-FOR-US: Microsoft Windows Fax Services Cover Page Editor
-CVE-2010-4700 (The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the ...)
+CVE-2010-4700
 	- php5 <not-affected> (vuln code in mysqlnd, we use libmysqlclient)
-CVE-2010-4699 (The iconv_mime_decode_headers function in the Iconv extension in PHP ...)
+CVE-2010-4699
 	- php5 5.3.5-1 (unimportant)
-CVE-2010-4698 (Stack-based buffer overflow in the GD extension in PHP before 5.2.15 ...)
+CVE-2010-4698
 	- php5 5.3.3-7 (unimportant)
 	NOTE: Only exloitable with malicious script
-CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 ...)
+CVE-2010-4697
 	{DSA-2408-1}
 	- php5 5.3.5-1 (unimportant)
 	NOTE: requires attacker to be able to execute code already
-CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
+CVE-2010-4696
 	NOT-FOR-US: Joomla!
-CVE-2010-4695 (A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as ...)
+CVE-2010-4695
 	- gif2png 2.5.4-2 (low; bug #610479)
 	[lenny] - gif2png <no-dsa> (Minor issue)
 	[squeeze] - gif2png <no-dsa> (Minor issue)
-CVE-2010-4694 (Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow ...)
+CVE-2010-4694
 	- gif2png 2.5.4-2 (low; bug #610479)
 	[lenny] - gif2png <no-dsa> (Minor issue)
 	[squeeze] - gif2png <no-dsa> (Minor issue)
-CVE-2010-4693 (Multiple cross-site scripting (XSS) vulnerabilities in Coppermine ...)
+CVE-2010-4693
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2010-4692 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2010-4692
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4691 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2010-4691
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4690 (The Mobile User Security (MUS) service on Cisco Adaptive Security ...)
+CVE-2010-4690
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4689 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2010-4689
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4688 (Unspecified vulnerability in the SIP inspection feature on Cisco ...)
+CVE-2010-4688
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4687 (STCAPP (aka the SCCP telephony control application) on Cisco IOS ...)
+CVE-2010-4687
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4686 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not ...)
+CVE-2010-4686
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4685 (Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a ...)
+CVE-2010-4685
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4684 (Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, ...)
+CVE-2010-4684
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4683 (Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote ...)
+CVE-2010-4683
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4682 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series ...)
+CVE-2010-4682
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4681 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2010-4681
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4680 (The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2010-4680
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4679 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2010-4679
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4678 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2010-4678
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4677 (emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices ...)
+CVE-2010-4677
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4676 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2010-4676
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4675 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2010-4675
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4674 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2010-4674
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4673 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2010-4673
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4672 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2010-4672
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4671 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+CVE-2010-4671
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4670 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+CVE-2010-4670
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4669 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+CVE-2010-4669
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4645 (strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 ...)
+CVE-2010-4645
 	- php5 5.3.3-7 (high)
 	[lenny] - php5 <not-affected>
 	NOTE: lenny10 includes a test for the bug. With lenny's toolchain
@@ -1479,17 +1479,17 @@ CVE-2010-XXXX [XSS in ftpls]
 	[squeeze] - ftpcopy <no-dsa> (Minor issue)
 	[lenny] - ftpcopy <no-dsa> (Minor issue)
 	NOTE: CVE ID requested
-CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+CVE-2010-4668
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4667 (Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery ...)
+CVE-2010-4667
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2010-4666 (Buffer overflow in libarchive 3.0 pre-release code allows remote ...)
+CVE-2010-4666
 	- libarchive 3.0.4-2 (bug #669197)
 	[squeeze] - libarchive <not-affected> (no cab support prior to 3.0)
 	NOTE: http://code.google.com/p/libarchive/source/detail?r=488ef3fb28c416285ebe4c00266268db7330466b
 	NOTE: Might be fixed earlier than 3.0.4-2, but was tested against the Wheezy version
-CVE-2010-4665 (Integer overflow in the ReadDirectory function in tiffdump.c in ...)
+CVE-2010-4665
 	{DSA-2552-1}
 	- tiff <not-affected> (vulnerable code not present)
 	- tiff3 3.9.5
@@ -1497,7 +1497,7 @@ CVE-2010-4664
 	RESERVED
 	- consolekit 0.4.2-1 (low)
 	[squeeze] - consolekit <no-dsa> (Minor issue)
-CVE-2010-4663 (Unspecified vulnerability in the News module in CMS Made Simple ...)
+CVE-2010-4663
 	NOT-FOR-US: CMS Made Simple
 CVE-2010-4662
 	RESERVED
@@ -1524,12 +1524,12 @@ CVE-2010-4657 [xmlTextWriterWriteAttribute heap disclosure]
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=631551
 	NOTE: Not sure when this was initially fixed, tested with the initial Wheezy version 5.4.4
 	NOTE: and the reproducer from https://bugs.launchpad.net/php/%2Bbug/655442
-CVE-2010-4656 (The iowarrior_write function in drivers/usb/misc/iowarrior.c in the ...)
+CVE-2010-4656
 	{DSA-2153-1}
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4655 (net/core/ethtool.c in the Linux kernel before 2.6.36 does not ...)
+CVE-2010-4655
 	{DSA-2264-1}
 	- linux-2.6 2.6.32-27
 CVE-2010-4654 [Malformed commands may cause corruption of the internal stack]
@@ -1548,182 +1548,182 @@ CVE-2010-4653 [integer overflow when parsing CharCodes for fonts]
 	[lenny] - poppler <no-dsa> (minor issue)
 	[squeeze] - poppler 0.12.4-1.2+squeeze1
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=cad66a7d25abdb6aa15f3aa94a35737b119b2659
-CVE-2010-4652 (Heap-based buffer overflow in the sql_prepare_where function ...)
+CVE-2010-4652
 	{DSA-2191-1}
 	- proftpd-dfsg 1.3.3a-6
-CVE-2010-4651 (Directory traversal vulnerability in util.c in GNU patch 2.6.1 and ...)
+CVE-2010-4651
 	- patch <unfixed> (unimportant)
 	NOTE: Applying a patch blindly opens more severe security issues than only directory traversal...
 	NOTE: openwall ships a fix
 	NOTE: See https://bugzilla.redhat.com/show_bug.cgi?id=667529 for details
-CVE-2010-4650 (Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the ...)
+CVE-2010-4650
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29)
-CVE-2010-4649 (Integer overflow in the ib_uverbs_poll_cq function in ...)
+CVE-2010-4649
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4648 (The orinoco_ioctl_set_auth function in ...)
+CVE-2010-4648
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28)
-CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...)
+CVE-2010-4647
 	- eclipse 3.5.2-9 (low; bug #611849)
 	[squeeze] - eclipse 3.5.2-6squeeze2
-CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 ...)
+CVE-2010-4646
 	- hastymail <removed>
-CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...)
+CVE-2010-4644
 	- subversion 1.6.12dfsg-3 (low; bug #608989)
 	[lenny] - subversion <no-dsa> (Minor issue)
-CVE-2010-4643 (Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and ...)
+CVE-2010-4643
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-4642 (Cross-site scripting (XSS) vulnerability in XWiki Enterprise before ...)
+CVE-2010-4642
 	NOT-FOR-US: XWiki
-CVE-2010-4641 (SQL injection vulnerability in XWiki Enterprise before 2.5 allows ...)
+CVE-2010-4641
 	NOT-FOR-US: XWiki
-CVE-2010-4640 (Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 ...)
+CVE-2010-4640
 	NOT-FOR-US: XWiki
-CVE-2010-4639 (SQL injection vulnerability in index.php in MySource Matrix allows ...)
+CVE-2010-4639
 	NOT-FOR-US: MySource Matrix
-CVE-2010-4638 (SQL injection vulnerability in the submitSurvey function in ...)
+CVE-2010-4638
 	NOT-FOR-US: Joomla! JQuarks4s component
-CVE-2010-4637 (Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php ...)
+CVE-2010-4637
 	NOT-FOR-US: FeedList
-CVE-2010-4636 (SQL injection vulnerability in detail.asp in Site2Nite Business ...)
+CVE-2010-4636
 	NOT-FOR-US: Site2Nite
-CVE-2010-4635 (SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental ...)
+CVE-2010-4635
 	NOT-FOR-US: Site2Nite
-CVE-2010-4634 (** DISPUTED ** ...)
+CVE-2010-4634
 	NOT-FOR-US: osTicket
-CVE-2010-4633 (SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows ...)
+CVE-2010-4633
 	NOT-FOR-US: digiSHOP
-CVE-2010-4632 (Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow ...)
+CVE-2010-4632
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2010-4631 (Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot ...)
+CVE-2010-4631
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2010-4630 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-4630
 	NOT-FOR-US: WordPress Survey and Quiz Tool plugin
-CVE-2010-4629 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly restrict ...)
+CVE-2010-4629
 	NOT-FOR-US: MyBB
-CVE-2010-4628 (member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a certain ...)
+CVE-2010-4628
 	NOT-FOR-US: MyBB
-CVE-2010-4627 (Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB ...)
+CVE-2010-4627
 	NOT-FOR-US: MyBB
-CVE-2010-4626 (The my_rand function in functions.php in MyBB (aka MyBulletinBoard) ...)
+CVE-2010-4626
 	NOT-FOR-US: MyBB
-CVE-2010-4625 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a ...)
+CVE-2010-4625
 	NOT-FOR-US: MyBB
-CVE-2010-4624 (MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated ...)
+CVE-2010-4624
 	NOT-FOR-US: MyBB
-CVE-2010-4623 (WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before ...)
+CVE-2010-4623
 	NOT-FOR-US: IBM Tivoli Access Manager
-CVE-2010-4622 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access ...)
+CVE-2010-4622
 	NOT-FOR-US: IBM Tivoli Access Manager
 CVE-2010-4621
 	RESERVED
 CVE-2010-4620
 	RESERVED
-CVE-2010-4543 (Heap-based buffer overflow in the read_channel_data function in ...)
+CVE-2010-4543
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4542 (Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb ...)
+CVE-2010-4542
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4541 (Stack-based buffer overflow in the loadit function in ...)
+CVE-2010-4541
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4540 (Stack-based buffer overflow in the load_preset_response function in ...)
+CVE-2010-4540
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4619 (SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka ...)
+CVE-2010-4619
 	NOT-FOR-US: Mafya Oyun Scrpti
-CVE-2010-4618 (Cross-site scripting (XSS) vulnerability in the Algis Info ...)
+CVE-2010-4618
 	NOT-FOR-US: Algis Info for Joomla!
-CVE-2010-4617 (Directory traversal vulnerability in the JotLoader (com_jotloader) ...)
+CVE-2010-4617
 	NOT-FOR-US: JotLoader for Joomla!
-CVE-2010-4616 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-4616
 	NOT-FOR-US: ImpressCMS
-CVE-2010-4615 (Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow ...)
+CVE-2010-4615
 	NOT-FOR-US: Oto Galeri Sistemi
-CVE-2010-4614 (SQL injection vulnerability in item.php in Ero Auktion 2010 allows ...)
+CVE-2010-4614
 	NOT-FOR-US: Ero Auktion
-CVE-2010-4613 (Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow ...)
+CVE-2010-4613
 	NOT-FOR-US: Hycus CMS
-CVE-2010-4612 (Multiple SQL injection vulnerabilities in index.php in Hycus CMS ...)
+CVE-2010-4612
 	NOT-FOR-US: Hycus CMS
-CVE-2010-4611 (Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive ...)
+CVE-2010-4611
 	NOT-FOR-US: Html-edit CMS
-CVE-2010-4610 (Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS ...)
+CVE-2010-4610
 	NOT-FOR-US: Html-edit CMS
-CVE-2010-4609 (SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows ...)
+CVE-2010-4609
 	NOT-FOR-US: Html-edit CMS
-CVE-2010-4608 (Habari 0.6.5 allows remote attackers to obtain sensitive information ...)
+CVE-2010-4608
 	NOT-FOR-US: Habari
-CVE-2010-4607 (Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, ...)
+CVE-2010-4607
 	NOT-FOR-US: Habari
-CVE-2010-4606 (Unspecified vulnerability in the Space Management client in the ...)
+CVE-2010-4606
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-4605 (Unspecified vulnerability in the backup-archive client in IBM Tivoli ...)
+CVE-2010-4605
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-4604 (Stack-based buffer overflow in the GeneratePassword function in dsmtca ...)
+CVE-2010-4604
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-4603 (IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, ...)
+CVE-2010-4603
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4602 (The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and ...)
+CVE-2010-4602
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4601 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x ...)
+CVE-2010-4601
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4600 (Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest ...)
+CVE-2010-4600
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4599 (Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 ...)
+CVE-2010-4599
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and ...)
+CVE-2010-4598
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2010-4597 (Stack-based buffer overflow in the save method in the ...)
+CVE-2010-4597
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2010-4596 (Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, ...)
+CVE-2010-4596
 	NOT-FOR-US: RealNetworks Helix
-CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 ...)
+CVE-2010-4595
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when ...)
+CVE-2010-4594
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4593 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does ...)
+CVE-2010-4593
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4592 (The Mobile Network Connections functionality in the Connection Manager ...)
+CVE-2010-4592
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4591 (The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, ...)
+CVE-2010-4591
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4590 (Cross-site scripting (XSS) vulnerability in HTTP Access Services ...)
+CVE-2010-4590
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4589 (Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote ...)
+CVE-2010-4589
 	NOT-FOR-US: IBM ENOVIA 6
-CVE-2010-4588 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI ...)
+CVE-2010-4588
 	NOT-FOR-US: Microsoft
-CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
+CVE-2010-4578
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-4
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/73432
-CVE-2010-4577 (The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp ...)
+CVE-2010-4577
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-4
 	- webkit 1.2.7-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=49883
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=63866
 	NOTE: http://trac.webkit.org/changeset/72685
-CVE-2010-4576 (browser/worker_host/message_port_dispatcher.cc in Google Chrome before ...)
+CVE-2010-4576
 	- chromium-browser 6.0.472.63~r59945-4 (bug #607843; low)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=63529
-CVE-2010-4575 (The ThemeInstalledInfoBarDelegate::Observe function in ...)
+CVE-2010-4575
 	- chromium-browser 6.0.472.63~r59945-4 (bug #607846; low)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=60761
 	NOTE: http://codereview.chromium.org/5326011/
-CVE-2010-4574 (The Pickle::Pickle function in base/pickle.cc in Google Chrome before ...)
+CVE-2010-4574
 	- chromium-browser 6.0.472.63~r59945-4 (bug #607848; low)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=56449
 	NOTE: http://codereview.chromium.org/4716006
-CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is ...)
+CVE-2010-4573
 	NOT-FOR-US: VMware ESXi
-CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, ...)
+CVE-2010-4572
 	{DSA-2322-1}
 	- bugzilla <removed>
 	[squeeze] - bugzilla 3.6.2.0-4.4
@@ -1731,34 +1731,34 @@ CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.
 	NOTE: perl and associate packages are CVE-2010-2761 and CVE-2010-4411 (see above reference)
 CVE-2010-4571
 	RESERVED
-CVE-2010-4570 (Cross-site scripting (XSS) vulnerability in the duplicate-detection ...)
+CVE-2010-4570
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
-CVE-2010-4569 (Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, ...)
+CVE-2010-4569
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
-CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; ...)
+CVE-2010-4568
 	{DSA-2322-1}
 	- bugzilla <removed> (bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
+CVE-2010-4567
 	{DSA-2322-1}
 	- bugzilla <removed> (high; bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2010-4566 (The web authentication form in the NT4 authentication component in ...)
+CVE-2010-4566
 	NOT-FOR-US: Citrix Acces Gateway
-CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) ...)
+CVE-2010-4565
 	{DSA-2153-1}
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 CVE-2010-4564
 	RESERVED
-CVE-2010-4563 (The Linux kernel, when using IPv6, allows remote attackers to ...)
+CVE-2010-4563
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2011/Apr/254
-CVE-2010-4562 (Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, ...)
+CVE-2010-4562
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-4561
 	RESERVED
@@ -1766,23 +1766,23 @@ CVE-2010-4560
 	REJECTED
 CVE-2010-4559
 	REJECTED
-CVE-2010-4587 (Opera before 11.00 on Windows does not properly implement the Insecure ...)
+CVE-2010-4587
 	NOT-FOR-US: Opera
-CVE-2010-4586 (The default configuration of Opera before 11.00 enables WebSockets ...)
+CVE-2010-4586
 	NOT-FOR-US: Opera
-CVE-2010-4585 (Unspecified vulnerability in the auto-update functionality in Opera ...)
+CVE-2010-4585
 	NOT-FOR-US: Opera
-CVE-2010-4584 (Opera before 11.00, when Opera Turbo is used, does not properly ...)
+CVE-2010-4584
 	NOT-FOR-US: Opera
-CVE-2010-4583 (Opera before 11.00, when Opera Turbo is enabled, does not display a ...)
+CVE-2010-4583
 	NOT-FOR-US: Opera
-CVE-2010-4582 (Opera before 11.00 does not properly handle security policies during ...)
+CVE-2010-4582
 	NOT-FOR-US: Opera
-CVE-2010-4581 (Unspecified vulnerability in Opera before 11.00 has unknown impact and ...)
+CVE-2010-4581
 	NOT-FOR-US: Opera
-CVE-2010-4580 (Opera before 11.00 does not clear WAP WML form fields after manual ...)
+CVE-2010-4580
 	NOT-FOR-US: Opera
-CVE-2010-4579 (Opera before 11.00 does not properly constrain dialogs to appear on ...)
+CVE-2010-4579
 	NOT-FOR-US: Opera
 CVE-2010-XXXX [calibre XSS]
 	- calibre 0.7.38+dfsg-1 (bug #608822)
@@ -1799,63 +1799,63 @@ CVE-2010-XXXX [webkit info leak]
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: this was fixed much earlier (webkit 1.2), but this was the version checked
 	NOTE: http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html
-CVE-2010-4558 (phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and ...)
+CVE-2010-4558
 	NOT-FOR-US: phpMyFAQ
-CVE-2010-4557 (Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch ...)
+CVE-2010-4557
 	NOT-FOR-US: Invensys Wonderware InBatch
-CVE-2010-4556 (Stack-based buffer overflow in the SapThemeRepository ActiveX control ...)
+CVE-2010-4556
 	NOT-FOR-US: SAP NetWeaver Business Client
-CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 ...)
+CVE-2010-4523
 	- opensc 0.11.13-1.1 (low; bug #607427)
 	[lenny] - opensc 0.11.4-5+lenny1.1
-CVE-2010-4555 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail ...)
+CVE-2010-4555
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1 (low)
 	NOTE: difficult to exploit
-CVE-2010-4554 (functions/page_header.php in SquirrelMail 1.4.21 and earlier does not ...)
+CVE-2010-4554
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1
-CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 ...)
+CVE-2010-4553
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote ...)
+CVE-2010-4552
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
+CVE-2010-4551
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to ...)
+CVE-2010-4550
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device ...)
+CVE-2010-4549
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
+CVE-2010-4548
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain ...)
+CVE-2010-4547
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment ...)
+CVE-2010-4546
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
+CVE-2010-4545
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus ...)
+CVE-2010-4544
 	NOT-FOR-US: IBM Lotus Notes Traveler
 CVE-2010-XXXX [ircd-ratbox password disclosure during TLS handshake]
 	- ircd-ratbox 3.0.6.dfsg-2
 	[lenny] - ircd-ratbox <not-affected> (TLS support not yet activated)
-CVE-2010-4539 (The walk function in repos.c in the mod_dav_svn module for the Apache ...)
+CVE-2010-4539
 	- subversion 1.6.12dfsg-4 (low; bug #608989)
 	[lenny] - subversion <no-dsa> (Minor issue)
-CVE-2010-4538 (Buffer overflow in the sect_enttec_dmx_da function in ...)
+CVE-2010-4538
 	{DSA-2144-1}
 	- wireshark 1.2.11-6 (bug #608990)
-CVE-2010-4537 (Unspecified vulnerability in CrawlTrack before 3.2.7, when a public ...)
+CVE-2010-4537
 	NOT-FOR-US: CrawlTrack
-CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used ...)
+CVE-2010-4536
 	- wordpress 3.0.4+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
 	- moodle <not-affected> (Moodle's version of KSES is not affected)
 	- egroupware <not-affected> (Only uses a minor subset of KSES)
-CVE-2010-4535 (The password reset functionality in django.contrib.auth in Django ...)
+CVE-2010-4535
 	- python-django 1.2.4-1
 	[squeeze] - python-django 1.2.3-3
 	NOTE: http://www.djangoproject.com/weblog/2010/dec/22/security/
-CVE-2010-4534 (The administrative interface in django.contrib.admin in Django before ...)
+CVE-2010-4534
 	- python-django 1.2.4-1
 	[squeeze] - python-django 1.2.3-3
 	NOTE: http://www.djangoproject.com/weblog/2010/dec/22/security/
@@ -1870,166 +1870,166 @@ CVE-2010-4532 [no SSL cert validation]
 	- offlineimap 6.3.2~rc3-2 (low; bug #603450)
 	[squeeze] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
 	[lenny] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
-CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the ...)
+CVE-2010-4531
 	{DSA-2156-1}
 	- pcsc-lite 1.5.5-4 (low; bug #607781)
-CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart ...)
+CVE-2010-4530
 	- ccid 1.3.11-2 (unimportant; bug #607780)
 	NOTE: Theoretical attack
-CVE-2010-4529 (Integer underflow in the irda_getsockopt function in ...)
+CVE-2010-4529
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4528 (directconn.c in the MSN protocol plugin in libpurple 2.7.6 through ...)
+CVE-2010-4528
 	- pidgin 2.7.9-1 (bug #608331; medium)
 	[squeeze] - pidgin <not-affected> (Vulnerable code not present)
 	[lenny] - pidgin <not-affected> (Vulnerable code not present)
-CVE-2010-4527 (The load_mixer_volumes function in sound/oss/soundcard.c in the OSS ...)
+CVE-2010-4527
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4526 (Race condition in the sctp_icmp_proto_unreachable function in ...)
+CVE-2010-4526
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4525 (Linux kernel 2.6.33 and 2.6.34.y does not initialize the ...)
+CVE-2010-4525
 	- linux-2.6 2.6.35-1
 	[squeeze] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
 	[lenny] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
 	[wheezy] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
-CVE-2010-4524 (Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in ...)
+CVE-2010-4524
 	- mhonarc 2.6.18-1 (low; bug #607693)
 	[squeeze] - mhonarc <no-dsa> (Minor issue)
-CVE-2010-4522 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...)
+CVE-2010-4522
 	NOT-FOR-US: MyBB
-CVE-2010-4521 (Cross-site scripting (XSS) vulnerability in the Views module 6.x ...)
+CVE-2010-4521
 	- drupal6-mod-views 2.12-1
-CVE-2010-4520 (Multiple cross-site scripting (XSS) vulnerabilities in the Views ...)
+CVE-2010-4520
 	- drupal6-mod-views 2.11-1
-CVE-2010-4519 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2010-4519
 	- drupal6-mod-views 2.11-1
-CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-4518
 	NOT-FOR-US: Safe Search plugin for WordPress
-CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
+CVE-2010-4517
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the JXtended ...)
+CVE-2010-4516
 	NOT-FOR-US: Joomla!
-CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, ...)
+CVE-2010-4515
 	NOT-FOR-US: Citrix Web Interface
-CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx ...)
+CVE-2010-4514
 	NOT-FOR-US: DotNetNuke
-CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
+CVE-2010-4513
 	NOT-FOR-US: Zimplit CMS
-CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
+CVE-2010-4512
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
+CVE-2010-4511
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2
-CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 ...)
+CVE-2010-4509
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2
-CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
+CVE-2010-4508
 	- xulrunner <not-affected> (Only affects Firefox 4.x)
-CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2010-4507
 	NOT-FOR-US: iSpot/ClearSpot hardware devices
-CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...)
+CVE-2010-4506
 	NOT-FOR-US: Passlogix
-CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
+CVE-2010-4505
 	NOT-FOR-US: Injader
-CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat ...)
+CVE-2010-4504
 	NOT-FOR-US: eSyndiCat
-CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows ...)
+CVE-2010-4503
 	NOT-FOR-US: Aigaion
-CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite ...)
+CVE-2010-4502
 	NOT-FOR-US: CA Internet Security Suite
 CVE-2010-4501
 	REJECTED
-CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
+CVE-2010-4500
 	NOT-FOR-US: MRCGIGUY FreeTicket
-CVE-2010-4499 (Session fixation vulnerability in Collaborative Information Manager ...)
+CVE-2010-4499
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4498 (Unspecified vulnerability in Collaborative Information Manager server, ...)
+CVE-2010-4498
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4497 (Cross-site scripting (XSS) vulnerability in Collaborative Information ...)
+CVE-2010-4497
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4496 (Multiple SQL injection vulnerabilities in Collaborative Information ...)
+CVE-2010-4496
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component in ...)
+CVE-2010-4495
 	NOT-FOR-US: TIBCO ActiveMatrix
-CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as used ...)
+CVE-2010-4494
 	{DSA-2137-1}
 	- libxml2 2.7.8.dfsg-2 (bug #607922)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (never embedded libxml2's xpath.c)
-CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+CVE-2010-4493
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/72013
-CVE-2010-4492 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+CVE-2010-4492
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/71686
-CVE-2010-4491 (Google Chrome before 8.0.552.215 does not properly restrict privileged ...)
+CVE-2010-4491
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in chromium-specific webkit code)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=62168
 	NOTE: http://trac.webkit.org/changeset/71533
-CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to cause a ...)
+CVE-2010-4490
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <not-affected> (chromium specific issue)
-CVE-2010-4489 (libvpx, as used in Google Chrome before 8.0.552.215 and possibly other ...)
+CVE-2010-4489
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	- libvpx 0.9.5-1 (bug #610510)
 	[squeeze] - libvpx <not-affected> (regression in later version)
-CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP proxy ...)
+CVE-2010-4488
 	- chromium-browser 9.0.597.83~r72435-1 (unimportant)
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium issue)
 	NOTE: only a browser crash
-CVE-2010-4487 (Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 ...)
+CVE-2010-4487
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <not-affected> (chromium issue)
-CVE-2010-4486 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+CVE-2010-4486
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/71170
-CVE-2010-4485 (Google Chrome before 8.0.552.215 does not properly restrict the ...)
+CVE-2010-4485
 	- chromium-browser 9.0.597.83~r72435-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/69914
 	NOTE: only a browser crash due to opening too many dialogs (i.e. a dos)
-CVE-2010-4484 (Google Chrome before 8.0.552.215 does not properly handle HTML5 ...)
+CVE-2010-4484
 	- chromium-browser 9.0.597.83~r72435-1 (unimportant)
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 	NOTE: only a browser crash
-CVE-2010-4483 (Google Chrome before 8.0.552.215 does not properly restrict read ...)
+CVE-2010-4483
 	- chromium-browser 6.0.472.63~r59945-3
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=46678
-CVE-2010-4482 (Unspecified vulnerability in Google Chrome before 8.0.552.215 allows ...)
+CVE-2010-4482
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: unimportant, bypass the pop-up blocker
 	NOTE: http://trac.webkit.org/changeset/69990
-CVE-2010-4481 (phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass ...)
+CVE-2010-4481
 	{DSA-2139-1}
 	- phpmyadmin 4:3.3.7-3 (bug #608290)
 	NOTE: enables phpinfo output; this is disabled by default and phpinfo on Debian
 	NOTE: systems is by and large full of otherwise predictable information.
-CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1, and other versions before ...)
+CVE-2010-4480
 	{DSA-2139-1}
 	- phpmyadmin 4:3.3.7-3 (bug #608290)
 CVE-2010-4510
 	REJECTED
-CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before ...)
+CVE-2010-4479
 	- clamav 0.96.5+dfsg-1
 	[lenny] - clamav <not-affected> (Introduced in 3643f3d2b0a38fdc7bc6777d093c857b9760804e)
 	NOTE: Fixed in 019f1955194360600ecf0644959ceca6734c2d7b
-CVE-2010-4478 (OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly ...)
+CVE-2010-4478
 	- openssh <not-affected> (J-PAKE not activated, see bug #606922)
 CVE-2010-4477
 	REJECTED
-CVE-2010-4476 (The Double.parseDouble method in Java Runtime Environment (JRE) in ...)
+CVE-2010-4476
 	{DSA-2161-2 DSA-2161-1}
 	- openjdk-6 6b18-1.8.7-1 (bug #612660)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
@@ -2038,188 +2038,188 @@ CVE-2010-4476 (The Double.parseDouble method in Java Runtime Environment (JRE) i
 	NOTE: Patch http://mail.openjdk.java.net/pipermail/core-libs-dev/2011-February/005795.html
 	NOTE: Oracle http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html
 	NOTE: Original report http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/
-CVE-2010-4475 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4475
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4474 (Unspecified vulnerability in the Java DB component in Oracle Java SE ...)
+CVE-2010-4474
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4473 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4473
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4472 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4472
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4471 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4471
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4470 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4470
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4469 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4469
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4468 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4468
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4467 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4467
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4466 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4466
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4465 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4465
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
+CVE-2010-4464
 	NOT-FOR-US: Oracle Convergence
-CVE-2010-4463 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4463
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4462 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4462
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2010-4461
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4460 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2010-4460
 	NOT-FOR-US: Solaris
-CVE-2010-4459 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+CVE-2010-4459
 	NOT-FOR-US: Solaris
-CVE-2010-4458 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+CVE-2010-4458
 	NOT-FOR-US: Solaris
-CVE-2010-4457 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote ...)
+CVE-2010-4457
 	NOT-FOR-US: Solaris
-CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System Communications ...)
+CVE-2010-4456
 	NOT-FOR-US: Oracle Sun Java System Communications Express
-CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2010-4455
 	NOT-FOR-US: Oracle Fusion
-CVE-2010-4454 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4454
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2010-4453
 	NOT-FOR-US: Oracle WebLogic
-CVE-2010-4452 (Unspecified vulnerability in the Deployment component in Java Runtime ...)
+CVE-2010-4452
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4451 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4451
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4450 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4450
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in Oracle Audit ...)
+CVE-2010-4449
 	NOT-FOR-US: Oracle Audit
-CVE-2010-4448 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4448
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4447 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4447
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+CVE-2010-4446
 	NOT-FOR-US: Solaris
-CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2010-4445
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4444 (Unspecified vulnerability in Oracle Sun Java System Access Manager and ...)
+CVE-2010-4444
 	NOT-FOR-US: OpenSSO
-CVE-2010-4443 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2010-4443
 	NOT-FOR-US: Solaris
-CVE-2010-4442 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2010-4442
 	NOT-FOR-US: Solaris
-CVE-2010-4441 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2010-4441
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4440 (Unspecified vulnerability in Oracle 10 and 11 Express allows local ...)
+CVE-2010-4440
 	NOT-FOR-US: Oracle Express
-CVE-2010-4439 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2010-4439
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4438 (Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, ...)
+CVE-2010-4438
 	- glassfish <not-affected> (Only builds a few class libs)
-CVE-2010-4437 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2010-4437
 	NOT-FOR-US: WebLogic
-CVE-2010-4436 (Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 ...)
+CVE-2010-4436
 	NOT-FOR-US: SunMC
-CVE-2010-4435 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
+CVE-2010-4435
 	NOT-FOR-US: Solaris
-CVE-2010-4434 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-4434
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4433 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
+CVE-2010-4433
 	NOT-FOR-US: Solaris
-CVE-2010-4432 (Unspecified vulnerability in the Oracle Transportation Manager ...)
+CVE-2010-4432
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2010-4431 (Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 ...)
+CVE-2010-4431
 	NOT-FOR-US: Oracle Sun Java System Portal Server
-CVE-2010-4430 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2010-4430
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4429 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
+CVE-2010-4429
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2010-4428 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2010-4428
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4427 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2010-4427
 	NOT-FOR-US: Oracle BI Publisher
-CVE-2010-4426 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-4426
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4425 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2010-4425
 	NOT-FOR-US: Oracle BI Publisher
-CVE-2010-4424 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-4424
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility component in ...)
+CVE-2010-4423
 	NOT-FOR-US: Oracle Database
-CVE-2010-4422 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2010-4422
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2010-4421
 	NOT-FOR-US: Oracle Database
-CVE-2010-4420 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2010-4420
 	NOT-FOR-US: Oracle Database
-CVE-2010-4419 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
+CVE-2010-4419
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4418 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-4418
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4417 (Unspecified vulnerability in the Services for Beehive component in ...)
+CVE-2010-4417
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-4416 (Unspecified vulnerability in the Oracle GoldenGate Veridata component ...)
+CVE-2010-4416
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-4415 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+CVE-2010-4415
 	NOT-FOR-US: Solaris
-CVE-2010-4414 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...)
+CVE-2010-4414
 	- virtualbox-ose <not-affected> (Support for extensions was added in 4.x, see #611925)
-CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in Oracle ...)
+CVE-2010-4413
 	NOT-FOR-US: Oracle Database
-CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
+CVE-2010-4412
 	NOT-FOR-US: pfSense
-CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
+CVE-2010-4411
 	- perl 5.10.1-17 (bug #606995)
 	[lenny] - perl 5.10.0-19lenny3
 	- libcgi-simple-perl 1.111-2 (bug #606379)
@@ -2227,7 +2227,7 @@ CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remot
 	- libcgi-pm-perl 3.51-1 (bug #606370)
 	[lenny] - libcgi-pm-perl 3.38-2lenny2
 	[squeeze] - libcgi-pm-perl 3.49-1squeeze1
-CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
+CVE-2010-4410
 	- perl 5.10.1-17 (bug #606995)
 	[lenny] - perl 5.10.0-19lenny3
 	- libcgi-pm-perl 3.50-1 (bug #606370)
@@ -2235,209 +2235,209 @@ CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm
 	[squeeze] - libcgi-pm-perl 3.49-1squeeze1
 	- libcgi-simple-perl 1.111-2 (bug #606379)
 	[lenny] - libcgi-simple-perl 1.105-1lenny1
-CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through ...)
+CVE-2010-4408
 	NOT-FOR-US: Apache archiva
-CVE-2010-4334 (The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not ...)
+CVE-2010-4334
 	- libio-socket-ssl-perl 1.35-1 (bug #606058)
 	[squeeze] - libio-socket-ssl-perl 1.33-1+squeeze1
 	[lenny] - libio-socket-ssl-perl <not-affected> (Vulnerable code not present)
-CVE-2010-4335 (The _validatePost function in libs/controller/components/security.php ...)
+CVE-2010-4335
 	- cakephp 1.3.2-1.1 (bug #606386)
 	[lenny] - cakephp <not-affected>
 	NOTE: https://github.com/cakephp/cakephp/commit/e431e86aa4301ced4273dc7919b59362cbb353cb
-CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd ...)
+CVE-2010-4336
 	{DSA-2133-1}
 	- collectd 4.10.1-2.1 (bug #605092; low)
 	[squeeze] - collectd 4.10.1-1+squeeze2
-CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite ...)
+CVE-2010-4337
 	{DSA-2435-1}
 	- gnash 0.8.8-8 (unimportant; bug #605419)
-CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
+CVE-2010-4409
 	- php5 5.3.3-6
 	[lenny] - php5 <not-affected> (intl extension included since 5.3)
 	NOTE: http://www.kb.cert.org/vuls/id/479900
-CVE-2010-4407 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-4407
 	NOT-FOR-US: AlGuest
-CVE-2010-4406 (Directory traversal vulnerability in gallery.php in Brunetton ...)
+CVE-2010-4406
 	NOT-FOR-US: LittlePhpGallery
-CVE-2010-4405 (Cross-site scripting (XSS) vulnerability in the Yannick Gaultier ...)
+CVE-2010-4405
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4404 (SQL injection vulnerability in the Yannick Gaultier sh404SEF component ...)
+CVE-2010-4404
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4403 (The Register Plus plugin 3.5.1 and earlier for WordPress allows remote ...)
+CVE-2010-4403
 	NOT-FOR-US: The Register Plus plugin for WordPress
-CVE-2010-4402 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
+CVE-2010-4402
 	NOT-FOR-US: The Register Plus plugin for WordPress
-CVE-2010-4401 (languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain ...)
+CVE-2010-4401
 	NOT-FOR-US: DynPG
-CVE-2010-4400 (SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows ...)
+CVE-2010-4400
 	NOT-FOR-US: DynPG
-CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG CMS ...)
+CVE-2010-4399
 	NOT-FOR-US: DynPG
-CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in ...)
+CVE-2010-4398
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4397 (Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer ...)
+CVE-2010-4397
 	NOT-FOR-US: RealPlayer
-CVE-2010-4396 (Cross-zone scripting vulnerability in the HandleAction method in a ...)
+CVE-2010-4396
 	NOT-FOR-US: RealPlayer
-CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4395
 	NOT-FOR-US: RealPlayer
-CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4394
 	NOT-FOR-US: RealPlayer
-CVE-2010-4393 (Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer ...)
+CVE-2010-4393
 	NOT-FOR-US: RealPlayer
-CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4392
 	NOT-FOR-US: RealPlayer
-CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4391
 	NOT-FOR-US: RealPlayer
-CVE-2010-4390 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
+CVE-2010-4390
 	NOT-FOR-US: RealPlayer
-CVE-2010-4389 (Heap-based buffer overflow in the cook codec in RealNetworks ...)
+CVE-2010-4389
 	NOT-FOR-US: RealPlayer
-CVE-2010-4388 (The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components ...)
+CVE-2010-4388
 	NOT-FOR-US: RealPlayer
-CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+CVE-2010-4387
 	NOT-FOR-US: RealPlayer
-CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
+CVE-2010-4386
 	NOT-FOR-US: RealPlayer
-CVE-2010-4385 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
+CVE-2010-4385
 	NOT-FOR-US: RealPlayer
-CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1, ...)
+CVE-2010-4384
 	NOT-FOR-US: RealPlayer
-CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4383
 	NOT-FOR-US: RealPlayer
-CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
+CVE-2010-4382
 	NOT-FOR-US: RealPlayer
-CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4381
 	NOT-FOR-US: RealPlayer
-CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4380
 	NOT-FOR-US: RealPlayer
-CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4379
 	NOT-FOR-US: RealPlayer
-CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks ...)
+CVE-2010-4378
 	NOT-FOR-US: RealPlayer
-CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4377
 	NOT-FOR-US: RealPlayer
-CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4376
 	NOT-FOR-US: RealPlayer
-CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-4375
 	NOT-FOR-US: RealPlayer
-CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
+CVE-2010-4374
 	NOT-FOR-US: Winamp
-CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to ...)
+CVE-2010-4373
 	NOT-FOR-US: Winamp
-CVE-2010-4372 (Integer overflow in the in_nsv plugin in Winamp before 5.6 allows ...)
+CVE-2010-4372
 	NOT-FOR-US: Winamp
-CVE-2010-4371 (Buffer overflow in the in_mod plugin in Winamp before 5.6 allows ...)
+CVE-2010-4371
 	NOT-FOR-US: Winamp
-CVE-2010-4370 (Multiple integer overflows in the in_midi plugin in Winamp before 5.6 ...)
+CVE-2010-4370
 	NOT-FOR-US: Winamp
-CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows remote ...)
+CVE-2010-4369
 	- awstats 6.9.5~dfsg-5 (low; bug #606263)
 	[lenny] - awstats 6.7.dfsg-5.1+lenny1
-CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir ...)
+CVE-2010-4368
 	- awstats <not-affected> (Windows-specific issue)
 	NOTE: looks like it's the same as CVE-2010-4367
-CVE-2010-4367 (awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the ...)
+CVE-2010-4367
 	- awstats 6.9.5~dfsg-5 (low; bug #606263)
 	[lenny] - awstats 6.7.dfsg-5.1+lenny1
-CVE-2010-4338 (ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify ...)
+CVE-2010-4338
 	- ocrodjvu 0.4.6-2 (low; bug #598134)
-CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows ...)
+CVE-2010-4339
 	- hypermail <removed> (low; bug #598743)
 	[lenny] - hypermail <no-dsa> (Minor issue)
-CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-4366
 	NOT-FOR-US: Chameleon Social Networking
-CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar ...)
+CVE-2010-4365
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4364 (DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does ...)
+CVE-2010-4364
 	NOT-FOR-US: DaDaBIK
-CVE-2010-4363 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
+CVE-2010-4363
 	NOT-FOR-US: FreeTicket
-CVE-2010-4362 (Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer ...)
+CVE-2010-4362
 	NOT-FOR-US: MicroNetsoft RV Dealer
-CVE-2010-4361 (Cross-site scripting (XSS) vulnerability in url-gateway.php in ...)
+CVE-2010-4361
 	NOT-FOR-US: Jurpopage
-CVE-2010-4360 (Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 ...)
+CVE-2010-4360
 	NOT-FOR-US: Jurpopage
-CVE-2010-4359 (SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows ...)
+CVE-2010-4359
 	NOT-FOR-US: Jurpopage
-CVE-2010-4358 (Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in ...)
+CVE-2010-4358
 	NOT-FOR-US: MRCGIGUY (MCG) Guestbook
-CVE-2010-4357 (SQL injection vulnerability in comments.php in SiteEngine 7.1 allows ...)
+CVE-2010-4357
 	NOT-FOR-US: SiteEngine
-CVE-2010-4356 (SQL injection vulnerability in news_default.asp in Site2Nite Big Truck ...)
+CVE-2010-4356
 	NOT-FOR-US: Site2Nite Big Truck
-CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, ...)
+CVE-2010-4355
 	NOT-FOR-US: DaDaBIK
 CVE-2010-XXXX [elfsign uses cryptographically weak md5 hashes]
 	- elfsign <removed> (low; bug #555668)
 	[lenny] - elfsign <no-dsa> (a stronger hashing algorithm would completely change functionality of the package)
-CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security ...)
+CVE-2010-4354
 	NOT-FOR-US: Cisco ASA
-CVE-2010-4353 (Unrestricted file upload vulnerability in ...)
+CVE-2010-4353
 	- gallery3 <itp> (bug #511715)
-CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 ...)
+CVE-2010-4352
 	{DSA-2149-1}
 	- dbus 1.2.24-4
-CVE-2010-4351 (The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 ...)
+CVE-2010-4351
 	{DSA-2224-1}
 	- openjdk-6 6b18-1.8.4-1
 	[squeeze] - openjdk-6 <no-dsa> (bug #614151)
 	[lenny] - openjdk-6 <no-dsa> (bug #614151)
-CVE-2010-4350 (Directory traversal vulnerability in admin/upgrade_unattended.php in ...)
+CVE-2010-4350
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4349 (admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote ...)
+CVE-2010-4349
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4348 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-4348
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4347 (The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 ...)
+CVE-2010-4347
 	- linux-2.6 <not-affected> (Introduced in 2.6.33 and fixed in 2.6.36.2, we never released an affected kernel)
-CVE-2010-4346 (The install_special_mapping function in mm/mmap.c in the Linux kernel ...)
+CVE-2010-4346
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by ...)
+CVE-2010-4345
 	{DSA-2154-1}
 	- exim4 4.72-3 (bug #606527)
-CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in string.c ...)
+CVE-2010-4344
 	{DSA-2131-1}
 	- exim4 4.70-1 (bug #606612)
-CVE-2010-4343 (drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not ...)
+CVE-2010-4343
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Driver introduced in 2.6.32)
-CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux ...)
+CVE-2010-4342
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...)
+CVE-2010-4341
 	- sssd 1.2.1-4.1 (bug #610032)
 	[squeeze] - sssd 1.2.1-4+squeeze1
 	[wheezy] - sssd 1.2.1-4+squeeze1
-CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers ...)
+CVE-2010-4333
 	NOT-FOR-US: Pointter PHP Micro-Blogging Social Network
-CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote attackers to ...)
+CVE-2010-4332
 	NOT-FOR-US: Pointter PHP Content Management System
-CVE-2010-4331 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 ...)
+CVE-2010-4331
 	NOT-FOR-US: Seo Panel
-CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
+CVE-2010-4330
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
+CVE-2010-4329
 	{DSA-2139-1}
 	- phpmyadmin 4:3.3.7-2
-CVE-2010-4328 (Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd ...)
+CVE-2010-4328
 	NOT-FOR-US: Novell iPrint LPD
-CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory ...)
+CVE-2010-4327
 	NOT-FOR-US: Novell eDirectory
-CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent ...)
+CVE-2010-4326
 	NOT-FOR-US: Groupwise
-CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in ...)
+CVE-2010-4325
 	NOT-FOR-US: Groupwise
-CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the ...)
+CVE-2010-4324
 	NOT-FOR-US: Novell Identity Manager
-CVE-2010-4323 (Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks ...)
+CVE-2010-4323
 	NOT-FOR-US: Novell ZENworks
-CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell ...)
+CVE-2010-4322
 	NOT-FOR-US: Novell Vibe
-CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx in ...)
+CVE-2010-4321
 	NOT-FOR-US: Novell iPrint client
 CVE-2010-4320
 	RESERVED
@@ -2451,44 +2451,44 @@ CVE-2010-4316
 	RESERVED
 CVE-2010-4315
 	RESERVED
-CVE-2010-4314 (Remote attackers can use the iPrint web-browser ActiveX plugin in ...)
+CVE-2010-4314
 	NOT-FOR-US: iPrint web-browser ActiveX plugin in Novell iPrint Client
-CVE-2010-4313 (Unrestricted file upload vulnerability in fileman_file_upload.php in ...)
+CVE-2010-4313
 	NOT-FOR-US: Orbis CMS
-CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the ...)
+CVE-2010-4312
 	- tomcat6 6.0.35-5 (unimportant; bug #608286)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows ...)
+CVE-2010-4311
 	NOT-FOR-US: Free Simple Software
 CVE-2010-4310
 	RESERVED
-CVE-2010-4309 (Adobe Shockwave Player before 11.6.1.629 allows attackers to execute ...)
+CVE-2010-4309
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4308 (Adobe Shockwave Player before 11.6.1.629 allows attackers to execute ...)
+CVE-2010-4308
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
+CVE-2010-4307
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+CVE-2010-4306
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
+CVE-2010-4305
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System ...)
+CVE-2010-4304
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
+CVE-2010-4303
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified ...)
+CVE-2010-4302
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...)
+CVE-2010-4299
 	NOT-FOR-US: Novell Zenworks
-CVE-2010-4298 (SQL injection vulnerability in the download module in Free Simple ...)
+CVE-2010-4298
 	NOT-FOR-US: Free Simple Software
-CVE-2010-4297 (The VMware Tools update functionality in VMware Workstation 6.5.x ...)
+CVE-2010-4297
 	NOT-FOR-US: VMware
-CVE-2010-4296 (vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on ...)
+CVE-2010-4296
 	NOT-FOR-US: VMware
-CVE-2010-4295 (Race condition in the mounting process in vmware-mount in VMware ...)
+CVE-2010-4295
 	NOT-FOR-US: VMware
-CVE-2010-4294 (The frame decompression functionality in the VMnc media codec in ...)
+CVE-2010-4294
 	NOT-FOR-US: VMware
 CVE-2010-XXXX [directory traversal]
 	- openacs 5.5.1+dfsg-2
@@ -2516,9 +2516,9 @@ CVE-2010-XXXX [insecure python path handling]
 	- mmass 3.8.0-2 (low; bug #605150)
 	[squeeze] - mmass <not-affected> (Doesn't set PYTHONPATH)
 	- guake 0.4.2-3 (low; bug #605163)
-CVE-2010-4301 (epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in ...)
+CVE-2010-4301
 	- wireshark <not-affected> (Only affects >= 1.4)
-CVE-2010-4300 (Heap-based buffer overflow in the dissect_ldss_transfer function ...)
+CVE-2010-4300
 	- wireshark 1.2.11-4
 	[lenny] - wireshark <not-affected> (Only affects >= 1.2)
 CVE-2010-4293
@@ -2539,101 +2539,101 @@ CVE-2010-4286
 	REJECTED
 CVE-2010-4285
 	REJECTED
-CVE-2010-4284 (SQL injection vulnerability in the authentication form in the ...)
+CVE-2010-4284
 	NOT-FOR-US: Samsung Integrated Management System
-CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in ...)
+CVE-2010-4283
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS before ...)
+CVE-2010-4282
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean function ...)
+CVE-2010-4281
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 ...)
+CVE-2010-4280
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an ...)
+CVE-2010-4279
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows ...)
+CVE-2010-4278
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4277 (Cross-site scripting (XSS) vulnerability in lembedded-video.php in the ...)
+CVE-2010-4277
 	NOT-FOR-US: Embedded Video plugin 4.1 for WordPress
-CVE-2010-4276 (Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid ...)
+CVE-2010-4276
 	NOT-FOR-US: LiveZilla
-CVE-2010-4275 (Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager ...)
+CVE-2010-4275
 	NOT-FOR-US: Radius Manager
-CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
+CVE-2010-4274
 	NOT-FOR-US: IBM Systems Director
-CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC ...)
+CVE-2010-4273
 	NOT-FOR-US: DescargarVista ACC
-CVE-2010-4272 (SQL injection vulnerability in the Pulse Infotech Sponsor Wall ...)
+CVE-2010-4272
 	NOT-FOR-US: Pulse Infotech Sponsor Wall
-CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows ...)
+CVE-2010-4271
 	NOT-FOR-US: ImpressCMS
-CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) ...)
+CVE-2010-4270
 	NOT-FOR-US: Joomla addon
-CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...)
+CVE-2010-4269
 	NOT-FOR-US: Collabtive
-CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
+CVE-2010-4268
 	NOT-FOR-US: Pulse Infotech
-CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in ...)
+CVE-2010-4267
 	{DSA-2152-1}
 	- hplip 3.10.6-2 (bug #610960)
 CVE-2010-4266
 	RESERVED
-CVE-2010-4265 (The ...)
+CVE-2010-4265
 	- jbossas4 <not-affected> (Red Hat issue, they didn't include the fix for CVE-2010-3862 in the update)
 CVE-2010-4264
 	RESERVED
-CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the ...)
+CVE-2010-4263
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote ...)
+CVE-2010-4262
 	- xfig 1:3.2.5.b-1.1 (bug #606257)
 	NOTE: details and patch at https://bugzilla.redhat.com/659676
-CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ...)
+CVE-2010-4261
 	- clamav 0.96.5+dfsg-1
 	[lenny] - clamav <not-affected> (icon extractor not yet present)
 	NOTE: Fixed in 1f3db7f074995bd4e1d0183b2db8b1c472d2f41b
-CVE-2010-4260 (Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV ...)
+CVE-2010-4260
 	- clamav 0.96.5+dfsg-1
 	[lenny] - clamav <not-affected> (Introduced in 3643f3d2b0a38fdc7bc6777d093c857b9760804e)
 	NOTE: Fixed in 019f1955194360600ecf0644959ceca6734c2d7b
-CVE-2010-4259 (Stack-based buffer overflow in FontForge 20100501 allows remote ...)
+CVE-2010-4259
 	{DSA-2253-1}
 	- fontforge 0.0.20100501-4 (bug #605537)
-CVE-2010-4258 (The do_exit function in kernel/exit.c in the Linux kernel before ...)
+CVE-2010-4258
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in ...)
+CVE-2010-4257
 	{DSA-2138-1}
 	NOTE: http://core.trac.wordpress.org/changeset/16625
 	- wordpress 3.0.2-1 (bug #605603)
-CVE-2010-4256 (The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 ...)
+CVE-2010-4256
 	- linux-2.6 <not-affected> (introduced in 2.6.35; fixed in 2.6.37)
-CVE-2010-4255 (The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and ...)
+CVE-2010-4255
 	- xen 4.0.1-2 (bug #609531)
-CVE-2010-4254 (Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is ...)
+CVE-2010-4254
 	- moon <not-affected> (Debian's version of Moonlight is not affected, see #608288)
-CVE-2010-4253 (Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and ...)
+CVE-2010-4253
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-4252 (OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly ...)
+CVE-2010-4252
 	- openssl <not-affected> (configured with -DOPENSSL_NO_JPAKE; bug #606902)
 	NOTE: http://www.openssl.org/news/secadv/20101202.txt
-CVE-2010-4251 (The socket implementation in net/core/sock.c in the Linux kernel ...)
+CVE-2010-4251
 	- linux-2.6 2.6.32-22
-CVE-2010-4250 (Memory leak in the inotify_init1 function in ...)
+CVE-2010-4250
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced after 2.6.32)
 	[lenny] - linux-2.6 <not-affected> (Introduced after 2.6.32)
 	[wheezy] - linux-2.6 <not-affected> (Introduced after 2.6.32)
-CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux ...)
+CVE-2010-4249
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the ...)
+CVE-2010-4248
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4247 (The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and ...)
+CVE-2010-4247
 	- linux-2.6 <not-affected> (changes included since introduction of dom0 support)
-CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in ...)
+CVE-2010-4246
 	NOT-FOR-US: pfSense
 CVE-2010-4245
 	RESERVED
@@ -2641,10 +2641,10 @@ CVE-2010-4245
 	[lenny] - pootle <not-affected> (Vulnerable code not present)
 CVE-2010-4244
 	REJECTED
-CVE-2010-4243 (fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM ...)
+CVE-2010-4243
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver ...)
+CVE-2010-4242
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-28
 CVE-2010-4241
@@ -2656,32 +2656,32 @@ CVE-2010-4240
 CVE-2010-4239
 	RESERVED
 	- tikiwiki <removed>
-CVE-2010-4238 (The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on ...)
+CVE-2010-4238
 	- linux-2.6 <not-affected> (RedHat-specific issue, does not affect Xen-upstream/Debian)
-CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...)
+CVE-2010-4236
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-4235 (Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, ...)
+CVE-2010-4235
 	NOT-FOR-US: RealNetworks Helix
-CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...)
+CVE-2010-4234
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera and ...)
+CVE-2010-4233
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4232 (The web-based administration interface on the Camtron CMNC-200 Full HD ...)
+CVE-2010-4232
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...)
+CVE-2010-4231
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
+CVE-2010-4230
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4229 (Directory traversal vulnerability in an unspecified servlet in the ...)
+CVE-2010-4229
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...)
+CVE-2010-4228
 	NOT-FOR-US: Novell NetWare
-CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before ...)
+CVE-2010-4227
 	NOT-FOR-US: Novell Netware
-CVE-2010-4226 (cpio, as used in build 2007.05.10, 2010.07.28, and possibly other ...)
+CVE-2010-4226
 	NOT-FOR-US: OpenSuSE build services
 	NOTE: This might qualify as a cpio hardening issue, but this CVE-ID is not about cpio itself.
-CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x ...)
+CVE-2010-4225
 	- mono 2.6.7-5 (bug #608288)
 CVE-2010-4224
 	RESERVED
@@ -2689,119 +2689,119 @@ CVE-2010-4223
 	RESERVED
 CVE-2010-4222
 	RESERVED
-CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets ...)
+CVE-2010-4221
 	- proftpd-dfsg 1.3.3a-5 (bug #603511; bug #602279)
 	[lenny] - proftpd-dfsg <not-affected> (Introduced in 1.3.2rc3)
-CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated Solution ...)
+CVE-2010-4220
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in SemanticTagService.js in ...)
+CVE-2010-4219
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-4218 (Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown ...)
+CVE-2010-4218
 	NOT-FOR-US: IBM ENOVIA 6
-CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli ...)
+CVE-2010-4217
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before ...)
+CVE-2010-4216
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-4215 (UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated ...)
+CVE-2010-4215
 	- foswiki <itp> (bug #509864)
-CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a username ...)
+CVE-2010-4214
 	NOT-FOR-US: Wells Fargo Mobile for Android
-CVE-2010-4213 (The Bank of America application 2.12 for Android stores a security ...)
+CVE-2010-4213
 	NOT-FOR-US: Bank of America application for Android
-CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of each ...)
+CVE-2010-4212
 	NOT-FOR-US: USAA application for Android
-CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the server ...)
+CVE-2010-4211
 	NOT-FOR-US: PayPal app for iOS
-CVE-2010-4210 (The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x ...)
+CVE-2010-4210
 	- kfreebsd-7 <unfixed>
 	[lenny] - kfreebsd-7 <no-dsa> (Not covered by security support in Lenny)
 	- kfreebsd-8 8.1-1
 	- kfreebsd-9 <not-affected> (fixed prior to first upload)
 	- kfreebsd-10 <not-affected> (fixed prior to first upload)
-CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+CVE-2010-4209
 	- yui 2.8.2r1~squeeze-1 (bug #603513)
-CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+CVE-2010-4208
 	- yui 2.8.2r1~squeeze-1 (bug #603513)
-CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+CVE-2010-4207
 	- yui 2.8.2r1~squeeze-1 (bug #603513)
-CVE-2010-4206 (Array index error in the FEBlend::apply function in ...)
+CVE-2010-4206
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/70652
-CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data ...)
+CVE-2010-4205
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=48159
 	NOTE: http://trac.webkit.org/changeset/70550
-CVE-2010-4204 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before ...)
+CVE-2010-4204
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=48281
 	NOTE: http://trac.webkit.org/changeset/70517
-CVE-2010-4202 (Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux ...)
+CVE-2010-4202
 	- webkit <not-affected> (skia issue)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://code.google.com/p/skia/source/detail?r=606
 	NOTE: http://code.google.com/p/skia/source/detail?r=607
-CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
+CVE-2010-4201
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=47522
 CVE-2010-4200
 	REJECTED
-CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
+CVE-2010-4199
 	{DSA-2188-1}
 	- webkit 1.2.7-1
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/69936
-CVE-2010-4198 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before ...)
+CVE-2010-4198
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/69735
 	NOTE: style fix change set: http://trac.webkit.org/changeset/69801
-CVE-2010-4197 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...)
+CVE-2010-4197
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/70594
-CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before ...)
+CVE-2010-4196
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does ...)
+CVE-2010-4195
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does ...)
+CVE-2010-4194
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate ...)
+CVE-2010-4193
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+CVE-2010-4192
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+CVE-2010-4191
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+CVE-2010-4190
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows ...)
+CVE-2010-4189
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
+CVE-2010-4188
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+CVE-2010-4187
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
+CVE-2010-4186
 	NOT-FOR-US: OnlineTechTools
-CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...)
+CVE-2010-4185
 	NOT-FOR-US: Energine
-CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with ...)
+CVE-2010-4184
 	NOT-FOR-US: NetSupport Manager
-CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier ...)
+CVE-2010-4183
 	- php-htmlpurifier 4.1.1+dfsg1-1
-CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...)
+CVE-2010-4182
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...)
+CVE-2010-4181
 	- yaws <not-affected> (Only affects Windows)
-CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
+CVE-2010-4180
 	{DSA-2141-1}
 	- openssl 0.9.8o-4
 	NOTE: http://www.openssl.org/news/secadv/20101202.txt
-CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging, ...)
+CVE-2010-4179
 	NOT-FOR-US: RedHat documentation of MRG
 CVE-2010-4178
 	RESERVED
@@ -2813,96 +2813,96 @@ CVE-2010-4177
 	- mysql-gui-tools <unfixed> (low; bug #605542)
 	[squeeze] - mysql-gui-tools <no-dsa> (Minor issue)
 	[lenny] - mysql-gui-tools <no-dsa> (Minor issue)
-CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 ...)
+CVE-2010-4176
 	- dracut <not-affected> (vulnerable script not shipped)
 	- udev <not-affected> (vulnerable script not shipped; fedora-specific issue)
-CVE-2010-4175 (Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) ...)
+CVE-2010-4175
 	- linux-2.6 2.6.32-28
 	[lenny] - linux-2.6 <not-affected> (RDS introduced in 2.6.30)
 CVE-2010-4174
 	REJECTED
-CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
+CVE-2010-4173
 	- libsdp 1.1.99-2.1 (bug #603841)
-CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
+CVE-2010-4172
 	- tomcat6 6.0.28-9 (bug #606388)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a ...)
+CVE-2010-4171
 	{DSA-2348-1}
 	- systemtap 1.2-3 (bug #603946)
-CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly clear the ...)
+CVE-2010-4170
 	{DSA-2348-1}
 	- systemtap 1.2-3 (bug #603946)
-CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...)
+CVE-2010-4169
 	- linux-2.6 2.6.32-29
 	[lenny] - linux-2.6 <not-affected> (perf counters not yet present)
-CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...)
+CVE-2010-4168
 	- openttd 1.0.4-3 (bug #603752)
 	[lenny] - openttd <not-affected> (Introduced in 1.0)
-CVE-2010-4167 (Untrusted search path vulnerability in configure.c in ImageMagick ...)
+CVE-2010-4167
 	- imagemagick 8:6.6.0.4-3 (low; bug #601824)
 	[lenny] - imagemagick 7:6.3.7.9.dfsg2-1~lenny4
-CVE-2010-4166 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
+CVE-2010-4166
 	NOT-FOR-US: Joomla!
-CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...)
+CVE-2010-4165
 	- linux-2.6 2.6.32-28
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28)
-CVE-2010-4164 (Multiple integer underflows in the x25_parse_facilities function in ...)
+CVE-2010-4164
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-4163 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+CVE-2010-4163
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4162 (Multiple integer overflows in fs/bio.c in the Linux kernel before ...)
+CVE-2010-4162
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4161 (The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat ...)
+CVE-2010-4161
 	- linux-2.6 2.6.28-1
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 ...)
+CVE-2010-4159
 	- mono 2.6.7-4 (bug #605097)
 	[lenny] - mono <no-dsa> (Minor issue)
-CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...)
+CVE-2010-4156
 	- php5 5.3.3-4 (bug #603751)
 	[lenny] - php5 <not-affected> (Only affects 5.3.x)
-CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 ...)
+CVE-2010-4155
 	NOT-FOR-US: eXV2 CMS
-CVE-2010-4154 (Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager ...)
+CVE-2010-4154
 	NOT-FOR-US: Rhino Software, Inc. FTP Voyager
-CVE-2010-4153 (Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably ...)
+CVE-2010-4153
 	NOT-FOR-US: CrossFTP
-CVE-2010-4152 (SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, ...)
+CVE-2010-4152
 	NOT-FOR-US: 4site CMS
-CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
+CVE-2010-4151
 	NOT-FOR-US: DeluxeBB
-CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
+CVE-2010-4150
 	{DSA-2195-1}
 	- php5 5.3.3-7
-CVE-2010-4203 (WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google ...)
+CVE-2010-4203
 	- libvpx 0.9.1-2 (bug #602693)
-CVE-2010-4160 (Multiple integer overflows in the (1) pppol2tp_sendmsg function in ...)
+CVE-2010-4160
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27 (low)
-CVE-2010-4158 (The sk_run_filter function in net/core/filter.c in the Linux kernel ...)
+CVE-2010-4158
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4157 (Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...)
+CVE-2010-4157
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28 (low)
-CVE-2010-4149 (Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, ...)
+CVE-2010-4149
 	NOT-FOR-US: FreshWebMaster Fresh FTP
-CVE-2010-4148 (Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly ...)
+CVE-2010-4148
 	NOT-FOR-US: AnyConnect
-CVE-2010-4147 (Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping ...)
+CVE-2010-4147
 	NOT-FOR-US: Pentasoft Avactis Shopping Cart
-CVE-2010-4146 (Cross-site scripting (XSS) vulnerability in Attachmate Reflection for ...)
+CVE-2010-4146
 	NOT-FOR-US: Attachmate Reflection
-CVE-2010-4145 (Kisisel Radyo Script stores sensitive information under the web root ...)
+CVE-2010-4145
 	NOT-FOR-US: Kisisel Radyo Script
-CVE-2010-4144 (SQL injection vulnerability in radyo.asp in Kisisel Radyo Script ...)
+CVE-2010-4144
 	NOT-FOR-US: Kisisel Radyo Script
-CVE-2010-4143 (SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when ...)
+CVE-2010-4143
 	NOT-FOR-US: phpCheckZ
-CVE-2010-4142 (Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build ...)
+CVE-2010-4142
 	NOT-FOR-US: DATAC RealWin
 CVE-2010-4141
 	REJECTED
@@ -2944,11 +2944,11 @@ CVE-2010-4123
 	REJECTED
 CVE-2010-4122
 	REJECTED
-CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning ...)
+CVE-2010-4121
 	NOT-FOR-US: IBM Tivoli
 CVE-2010-XXXX
 	- weborf 0.12.4-1 (bug #601585)
-CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM console ...)
+CVE-2010-4120
 	NOT-FOR-US: IBM Tivoli
 CVE-2010-4119
 	REJECTED
@@ -2956,122 +2956,122 @@ CVE-2010-4118
 	REJECTED
 CVE-2010-4117
 	REJECTED
-CVE-2010-4116 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5.x ...)
+CVE-2010-4116
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2010-4115 (HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, ...)
+CVE-2010-4115
 	NOT-FOR-US: HP StorageWorks
-CVE-2010-4114 (Cross-site scripting (XSS) vulnerability in HP Discovery &amp; Dependency ...)
+CVE-2010-4114
 	NOT-FOR-US: HP DDMI
-CVE-2010-4113 (Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 ...)
+CVE-2010-4113
 	NOT-FOR-US: HP HPPM
-CVE-2010-4112 (HP Insight Management Agents before 8.6 allows remote attackers to ...)
+CVE-2010-4112
 	NOT-FOR-US: HP Insight Management Agents
-CVE-2010-4111 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics ...)
+CVE-2010-4111
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2010-4110 (Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the ...)
+CVE-2010-4110
 	NOT-FOR-US: HP OpenVMS
-CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
+CVE-2010-4109
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...)
+CVE-2010-4108
 	NOT-FOR-US: HP-UX
-CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
+CVE-2010-4107
 	NOT-FOR-US: HP LaserJet
-CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+CVE-2010-4106
 	NOT-FOR-US: HP Insight Orchestration
-CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
+CVE-2010-4105
 	NOT-FOR-US: HP Insight Orchestration
-CVE-2010-4104 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
+CVE-2010-4104
 	NOT-FOR-US: HP Insight Orchestration
-CVE-2010-4103 (Unspecified vulnerability in HP Insight Managed System Setup Wizard ...)
+CVE-2010-4103
 	NOT-FOR-US: HP Insight Managed System Setup Wizard
-CVE-2010-4102 (Unspecified vulnerability in HP Insight Recovery before 6.2 allows ...)
+CVE-2010-4102
 	NOT-FOR-US: HP Insight Recovery
-CVE-2010-4101 (Cross-site scripting (XSS) vulnerability in HP Insight Recovery before ...)
+CVE-2010-4101
 	NOT-FOR-US: HP Insight Recovery
-CVE-2010-4100 (Unspecified vulnerability in HP Insight Control Performance Management ...)
+CVE-2010-4100
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is ...)
+CVE-2010-4099
 	NOT-FOR-US: NitroSecurity NitroView
-CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote commands, ...)
+CVE-2010-4098
 	- monotone 0.48-3
 	[lenny] - monotone <not-affected> (Vulnerable feature introduced in 0.46)
-CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-4097
 	NOT-FOR-US: Aardvark Topsites PHP
-CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...)
+CVE-2010-4095
 	NOT-FOR-US: Serengeti Systems Incorporated Robo-FTP 3.7.3
-CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
+CVE-2010-4094
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+CVE-2010-4093
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
+CVE-2010-4092
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, ...)
+CVE-2010-4091
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute ...)
+CVE-2010-4090
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
+CVE-2010-4089
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4088 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
+CVE-2010-4088
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4087 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
+CVE-2010-4087
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4086 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
+CVE-2010-4086
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4085 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
+CVE-2010-4085
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4084 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
+CVE-2010-4084
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4083 (The copy_semid_to_user function in ipc/sem.c in the Linux kernel ...)
+CVE-2010-4083
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4082 (The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c ...)
+CVE-2010-4082
 	- linux-2.6 2.6.32-24 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-4081 (The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the ...)
+CVE-2010-4081
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27 (low)
-CVE-2010-4080 (The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the ...)
+CVE-2010-4080
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27 (low)
-CVE-2010-4079 (The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the ...)
+CVE-2010-4079
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4078 (The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux ...)
+CVE-2010-4078
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24 (low)
-CVE-2010-4077 (The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the ...)
+CVE-2010-4077
 	- linux-2.6 2.6.37-1 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4076 (The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel ...)
+CVE-2010-4076
 	- linux-2.6 2.6.37-1 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4075 (The uart_get_count function in drivers/serial/serial_core.c in the ...)
+CVE-2010-4075
 	{DSA-2264-1}
 	- linux-2.6 2.6.37-1 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4074 (The USB subsystem in the Linux kernel before 2.6.36-rc5 does not ...)
+CVE-2010-4074
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24 (low)
-CVE-2010-4073 (The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not ...)
+CVE-2010-4073
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4072 (The copy_shmid_to_user function in ipc/shm.c in the Linux kernel ...)
+CVE-2010-4072
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4071 (Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS ...)
+CVE-2010-4071
 	- otrs2 2.4.9+dfsg1-1
 	[lenny] - otrs2 <not-affected> (Only affects OTRS 2.4)
-CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper ...)
+CVE-2010-4070
 	NOT-FOR-US: portmap.exe
-CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x ...)
+CVE-2010-4069
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x ...)
+CVE-2010-4068
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local ...)
+CVE-2010-4096
 	- monkeysphere 0.31-3 (bug #600304)
 	NOTE: micah requested this CVE from mitre, issue has been fixed in debian already
 CVE-2010-4067
@@ -3094,24 +3094,24 @@ CVE-2010-4059
 	RESERVED
 CVE-2010-4058
 	RESERVED
-CVE-2010-4057 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
+CVE-2010-4057
 	NOT-FOR-US: IBM solidDB
-CVE-2010-4056 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
+CVE-2010-4056
 	NOT-FOR-US: IBM solidDB
-CVE-2010-4055 (Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 ...)
+CVE-2010-4055
 	NOT-FOR-US: IBM solidDB
-CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote attackers ...)
+CVE-2010-4054
 	- ghostscript 8.71~dfsg-1 (unimportant)
 	NOTE: Crash-only
-CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function in ...)
+CVE-2010-4053
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2010-4052 (Stack consumption vulnerability in the regcomp implementation in the ...)
+CVE-2010-4052
 	- glibc <removed> (unimportant)
 	- eglibc <unfixed> (unimportant)
 	NOTE: Deficiency in the regexp engine of glibc, while there implementations which
 	NOTE: process such expressions more efficiently, imposing a limit lies within
 	NOTE: the application accepting it from user input
-CVE-2010-4051 (The regcomp implementation in the GNU C Library (aka glibc or libc6) ...)
+CVE-2010-4051
 	- glibc <removed> (unimportant)
 	- eglibc <unfixed> (unimportant)
 	NOTE: Deficiency in the regexp engine of glibc, while there implementations which
@@ -3122,91 +3122,91 @@ CVE-2010-XXXX [XSS vulnerability discovered -plugin-globalsearch]
 CVE-2010-XXXX [insecure usage of temporary files in flash-kernel]
 	- flash-kernel 2.33 (low)
 	[lenny] - flash-kernel <no-dsa> (Minor issue)
-CVE-2010-4050 (Opera before 10.63 allows remote attackers to cause a denial of ...)
+CVE-2010-4050
 	NOT-FOR-US: Opera
-CVE-2010-4049 (Opera before 10.63 allows remote attackers to cause a denial of ...)
+CVE-2010-4049
 	NOT-FOR-US: Opera
-CVE-2010-4048 (Opera before 10.63 allows user-assisted remote web servers to cause a ...)
+CVE-2010-4048
 	NOT-FOR-US: Opera
-CVE-2010-4047 (Opera before 10.63 does not properly select the security context of ...)
+CVE-2010-4047
 	NOT-FOR-US: Opera
-CVE-2010-4046 (Opera before 10.63 does not properly verify the origin of video ...)
+CVE-2010-4046
 	NOT-FOR-US: Opera
-CVE-2010-4045 (Opera before 10.63 does not properly restrict web script in ...)
+CVE-2010-4045
 	NOT-FOR-US: Opera
-CVE-2010-4044 (Opera before 10.63 does not ensure that the portion of a URL shown in ...)
+CVE-2010-4044
 	NOT-FOR-US: Opera
-CVE-2010-4043 (Opera before 10.63 does not prevent interpretation of a cross-origin ...)
+CVE-2010-4043
 	NOT-FOR-US: Opera
-CVE-2010-4042 (Google Chrome before 7.0.517.41 does not properly handle element maps, ...)
+CVE-2010-4042
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/68096
-CVE-2010-4041 (The sandbox implementation in Google Chrome before 7.0.517.41 on Linux ...)
+CVE-2010-4041
 	- webkit <not-affected> (issue with chromium sandbox)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4040 (Google Chrome before 7.0.517.41 does not properly handle animated GIF ...)
+CVE-2010-4040
 	{DSA-2188-1}
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/68446
-CVE-2010-4039 (Google Chrome before 7.0.517.41 on Linux does not properly set the ...)
+CVE-2010-4039
 	- webkit <not-affected> (chromium-specifc LD_LIBRARY_PATH issue)
 	- chromium-browser <not-affected> (package uses its own startup script)
-CVE-2010-4038 (The Web Sockets implementation in Google Chrome before 7.0.517.41 does ...)
+CVE-2010-4038
 	- webkit <not-affected> (issue in chromium code base)
 	- chromium-browser 9.0.570
 	[squeeze] - chromium-browser <not-affected> (websocket_experiment not enabled in v6)
 	[wheezy] - chromium-browser <not-affected>
-CVE-2010-4037 (Unspecified vulnerability in Google Chrome before 7.0.517.41 allows ...)
+CVE-2010-4037
 	- webkit <not-affected> (affected gesture code not present in 1.2.x)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: http://trac.webkit.org/changeset/67716
-CVE-2010-4036 (Google Chrome before 7.0.517.41 does not properly handle the unloading ...)
+CVE-2010-4036
 	- webkit <not-affected> (chromium-specifc issue)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4035 (Google Chrome before 7.0.517.41 does not properly perform autofill ...)
+CVE-2010-4035
 	- webkit <not-affected> (issue in chromium code base)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4034 (Google Chrome before 7.0.517.41 does not properly handle forms, which ...)
+CVE-2010-4034
 	- webkit <not-affected> (issue in chromium code base)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4033 (Google Chrome before 7.0.517.41 does not properly implement the ...)
+CVE-2010-4033
 	- webkit <not-affected> (issue in gestures, which resides in the webkit codebase, but is only used by chromium right now)
 	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/63786
 	NOTE: http://trac.webkit.org/changeset/67240
-CVE-2010-4032 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+CVE-2010-4032
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4031 (Unspecified vulnerability in HP Insight Control Performance Management ...)
+CVE-2010-4031
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4030 (Cross-site scripting (XSS) vulnerability in HP Insight Control ...)
+CVE-2010-4030
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before 6.3.0, when ...)
+CVE-2010-4029
 	NOT-FOR-US: HP Storage Essentials
-CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP ...)
+CVE-2010-4028
 	NOT-FOR-US: HP LoadRunner
-CVE-2010-4027 (Unspecified vulnerability in the camera application in HP Palm webOS ...)
+CVE-2010-4027
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4026 (Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 ...)
+CVE-2010-4026
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4025 (Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows ...)
+CVE-2010-4025
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+CVE-2010-4024
 	NOT-FOR-US: HP Insight Control Power Management
-CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power ...)
+CVE-2010-4023
 	NOT-FOR-US: HP Insight Control Power Management
-CVE-2010-4022 (The do_standalone function in the MIT krb5 KDC database propagation ...)
+CVE-2010-4022
 	- krb5 1.8.3+dfsg-5 (low)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <not-affected> (Only affects 1.7.x onwards)
 	[etch] - krb5 <not-affected> (Only affects 1.7.x onwards)
-CVE-2010-4021 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 ...)
+CVE-2010-4021
 	- krb5 1.8+dfsg~alpha1-1
 	[lenny] - krb5 <not-affected> (Only affects 1.7.x)
-CVE-2010-4020 (MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 ...)
+CVE-2010-4020
 	- krb5 1.8.3+dfsg-3 (bug #605553)
 	[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.8)
 CVE-2010-4019
@@ -3217,31 +3217,31 @@ CVE-2010-4017
 	RESERVED
 CVE-2010-4016
 	RESERVED
-CVE-2010-4015 (Buffer overflow in the gettoken function in ...)
+CVE-2010-4015
 	{DSA-2157-1}
 	- postgresql-9.0 9.0.3-1
 	- postgresql-8.4 8.4.7-1
 	- postgresql-8.3 <removed>
 CVE-2010-4014
 	RESERVED
-CVE-2010-4013 (Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x ...)
+CVE-2010-4013
 	NOT-FOR-US: This is not the PackageKit distributed by Debian, but a different code base
-CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later ...)
+CVE-2010-4012
 	NOT-FOR-US: Apple iOS
-CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
+CVE-2010-4011
 	- dovecot <not-affected> (HT4452 claims it is Apple-specific and doesn't affect the OSS version)
-CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
+CVE-2010-4010
 	NOT-FOR-US: Apple Type Services
-CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote ...)
+CVE-2010-4009
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
+CVE-2010-4008
 	{DSA-2128-1}
 	- libxml2 2.7.8.dfsg-1 (bug #602609)
-CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
+CVE-2010-4007
 	- mojarra <not-affected> (Fixed before initial upload, in 2.0.1)
-CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links ...)
+CVE-2010-4006
 	NOT-FOR-US: WSN Links
-CVE-2010-4005 (The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and ...)
+CVE-2010-4005
 	- tomboy 1.2.2-2 (low; bug #605096)
 	[lenny] - tomboy <no-dsa> (Minor issue)
 CVE-2010-4004
@@ -3250,364 +3250,364 @@ CVE-2010-4003
 	RESERVED
 CVE-2010-4002
 	RESERVED
-CVE-2010-4001 (** DISPUTED ** GMXRC.bash in Gromacs 4.5.1 and earlier places a ...)
+CVE-2010-4001
 	NOTE: Not a security issue
-CVE-2010-4000 (gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name ...)
+CVE-2010-4000
 	- gnome-shell 2.91.3-1 (bug #605098)
 	[lenny] - gnome-shell <no-dsa> (Minor issue)
-CVE-2010-3999 (gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length ...)
+CVE-2010-3999
 	- gnucash 2.2.9-10 (low; bug #603329)
 	[lenny] - gnucash <no-dsa> (Minor issue)
-CVE-2010-3998 (The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and ...)
+CVE-2010-3998
 	- banshee 1.6.1-1.1 (bug #605095)
 	[lenny] - banshee <no-dsa> (Minor issue)
 CVE-2010-3997
 	RESERVED
-CVE-2010-3996 (festival_server in Centre for Speech Technology Research (CSTR) ...)
+CVE-2010-3996
 	- festival <not-affected> (From Lenny onwards we don't include the server component)
 CVE-2010-3995
 	RESERVED
-CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control ...)
+CVE-2010-3994
 	NOT-FOR-US: HP VCRM
-CVE-2010-3993 (Unspecified vulnerability in HP Insight Control Server Migration ...)
+CVE-2010-3993
 	NOT-FOR-US: HP Insight
-CVE-2010-3992 (Unspecified vulnerability in HP Insight Control Server Migration ...)
+CVE-2010-3992
 	NOT-FOR-US: HP Insight
-CVE-2010-3991 (Cross-site scripting (XSS) vulnerability in HP Insight Control Server ...)
+CVE-2010-3991
 	NOT-FOR-US: HP Insight
-CVE-2010-3990 (Unspecified vulnerability in HP Virtual Server Environment before 6.2 ...)
+CVE-2010-3990
 	NOT-FOR-US: HP Virtual Server Environment
-CVE-2010-3989 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+CVE-2010-3989
 	NOT-FOR-US: HP Insight
-CVE-2010-3988 (Unspecified vulnerability in HP Insight Control Virtual Machine ...)
+CVE-2010-3988
 	NOT-FOR-US: HP Insight
-CVE-2010-3987 (Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual ...)
+CVE-2010-3987
 	NOT-FOR-US: HP Insight
-CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...)
+CVE-2010-3986
 	NOT-FOR-US: HP VCEM
-CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
+CVE-2010-3985
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2010-3984 (Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 ...)
+CVE-2010-3984
 	NOT-FOR-US: CA XOsoft
-CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...)
+CVE-2010-3983
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3982 (SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to ...)
+CVE-2010-3982
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3981 (Cross-site scripting (XSS) vulnerability in SAP BusinessObjects ...)
+CVE-2010-3981
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3980 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the ...)
+CVE-2010-3980
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different ...)
+CVE-2010-3979
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data ...)
+CVE-2010-3978
 	NOT-FOR-US: Spree
-CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-3977
 	NOT-FOR-US: cForm wordpress plugin
-CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
+CVE-2010-3976
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...)
+CVE-2010-3975
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3974 (fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 ...)
+CVE-2010-3974
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3973 (The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in ...)
+CVE-2010-3973
 	NOT-FOR-US: Microsoft
-CVE-2010-3972 (Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData ...)
+CVE-2010-3972
 	NOT-FOR-US: Microsoft Internet Information Services
-CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify function ...)
+CVE-2010-3971
 	NOT-FOR-US: Microsoft Internet Explorer 7 and 8
-CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION function in ...)
+CVE-2010-3970
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3969
 	REJECTED
 CVE-2010-3968
 	REJECTED
-CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie Maker ...)
+CVE-2010-3967
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server 2008 ...)
+CVE-2010-3966
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9 on ...)
+CVE-2010-3965
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3964 (Unrestricted file upload vulnerability in the Document Conversions ...)
+CVE-2010-3964
 	NOT-FOR-US: Microsoft Office SharePoint Server
-CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy component in ...)
+CVE-2010-3963
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
+CVE-2010-3962
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1 and ...)
+CVE-2010-3961
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...)
+CVE-2010-3960
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2010-3959
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3958 (The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, ...)
+CVE-2010-3958
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...)
+CVE-2010-3957
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2010-3956
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
+CVE-2010-3955
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote ...)
+CVE-2010-3954
 	NOT-FOR-US: Microsoft Publisher
 CVE-2010-3953
 	REJECTED
-CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft ...)
+CVE-2010-3952
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics ...)
+CVE-2010-3951
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office ...)
+CVE-2010-3950
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in ...)
+CVE-2010-3949
 	NOT-FOR-US: Microsoft Office
 CVE-2010-3948
 	REJECTED
-CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics ...)
+CVE-2010-3947
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters ...)
+CVE-2010-3946
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in ...)
+CVE-2010-3945
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...)
+CVE-2010-3944
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2010-3943
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2010-3942
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
+CVE-2010-3941
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
+CVE-2010-3940
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2010-3939
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3938
 	REJECTED
-CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote ...)
+CVE-2010-3937
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
+CVE-2010-3936
 	NOT-FOR-US: Forefront Unified Access Gateway
 CVE-2010-3935
 	REJECTED
-CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Software ...)
+CVE-2010-3934
 	NOT-FOR-US: BlackBerry Device Software
-CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested ...)
+CVE-2010-3933
 	- rails <not-affected> (Only affects >= 2.3.9, which is not yet in the archive)
 CVE-2010-3932
 	REJECTED
-CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion ...)
+CVE-2010-3931
 	NOT-FOR-US: Rocomotion
-CVE-2010-3930 (Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier ...)
+CVE-2010-3930
 	NOT-FOR-US: MODx
-CVE-2010-3929 (SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows ...)
+CVE-2010-3929
 	NOT-FOR-US: MODx
-CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a ...)
+CVE-2010-3928
 	NOT-FOR-US: Ruby Version Manager
-CVE-2010-3927 (Untrusted search path vulnerability in Lunascape before 6.4.0 allows ...)
+CVE-2010-3927
 	NOT-FOR-US: Lunascape
-CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in ...)
+CVE-2010-3926
 	NOT-FOR-US: SGX-SP Final
-CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which ...)
+CVE-2010-3925
 	NOT-FOR-US: Contents-Mall
-CVE-2010-3924 (SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows ...)
+CVE-2010-3924
 	NOT-FOR-US: Aimluck Aipo
-CVE-2010-3923 (Untrusted search path vulnerability in AttacheCase before 2.70 allows ...)
+CVE-2010-3923
 	NOT-FOR-US: AttacheCase
-CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
+CVE-2010-3922
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2 (bug #606311)
-CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before ...)
+CVE-2010-3921
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2 (bug #606311)
-CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 ...)
+CVE-2010-3920
 	NOT-FOR-US: Seiko Epson printer driver
-CVE-2010-3919 (Fenrir Grani 4.5 and earlier does not prevent interaction between web ...)
+CVE-2010-3919
 	NOT-FOR-US: Fenrir Grani
-CVE-2010-3918 (Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between ...)
+CVE-2010-3918
 	NOT-FOR-US: Fenrir Sleipnir
 CVE-2010-3917
 	RESERVED
-CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
+CVE-2010-3916
 	NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
-CVE-2010-3915 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
+CVE-2010-3915
 	NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
-CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group GVim ...)
+CVE-2010-3914
 	- vim <not-affected> (Windows-specific)
-CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build ...)
+CVE-2010-3913
 	NOT-FOR-US: TransWARE Active! mail
-CVE-2010-3912 (The supportconfig script in supportutils in SUSE Linux Enterprise 11 ...)
+CVE-2010-3912
 	NOT-FOR-US: SLES support scripts
-CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
+CVE-2010-3911
 	NOT-FOR-US: vTiger CRM
-CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...)
+CVE-2010-3910
 	NOT-FOR-US: vTiger CRM
-CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...)
+CVE-2010-3909
 	NOT-FOR-US: vtiger CRM
-CVE-2010-3908 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...)
+CVE-2010-3908
 	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin in ...)
+CVE-2010-3907
 	- vlc 1.1.3-1squeeze1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
-CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...)
+CVE-2010-3906
 	- git-core <removed>
 	[lenny] - git-core 1.5.6.5-3+lenny3.3
 	- git 1:1.7.2.3-2.2
-CVE-2010-3905 (The password reset feature in the administrator interface for ...)
+CVE-2010-3905
 	- eucalyptus <not-affected> (bug #608289) (It was once removed from archive, then re-added as 3.1.0)
-CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable ...)
+CVE-2010-3904
 	- linux-2.6 2.6.32-26
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.30)
-CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows remote ...)
+CVE-2010-3903
 	- openconnect 2.25-0.1
-CVE-2010-3902 (OpenConnect before 2.26 places the webvpn cookie value in the ...)
+CVE-2010-3902
 	- openconnect 3.02-1 (unimportant)
 	NOTE: This is an additional safety net for careless users, not a vulnerability
-CVE-2010-3901 (OpenConnect before 2.25 does not properly validate X.509 certificates, ...)
+CVE-2010-3901
 	- openconnect 2.25-0.1 (bug #590873)
-CVE-2010-3900 (Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before ...)
+CVE-2010-3900
 	- midori 0.2.7-1.1 (unimportant; bug #607497)
 	NOTE: Current Midori SSL support is very limited
 	NOTE: Midori should not be used if SSL support is important to you
-CVE-2010-3899 (IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with ...)
+CVE-2010-3899
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3898 (IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict ...)
+CVE-2010-3898
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3897 (ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x ...)
+CVE-2010-3897
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3896 (The ESSearchApplication directory tree in IBM OmniFind Enterprise ...)
+CVE-2010-3896
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3895 (esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows ...)
+CVE-2010-3895
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3894 (Stack-based buffer overflow in the ...)
+CVE-2010-3894
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3893 (The administrator interface in IBM OmniFind Enterprise Edition 8.x and ...)
+CVE-2010-3893
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3892 (Session fixation vulnerability in the login form in the administrator ...)
+CVE-2010-3892
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3891 (Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do ...)
+CVE-2010-3891
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3890 (Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise ...)
+CVE-2010-3890
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
+CVE-2010-3889
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
+CVE-2010-3888
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality in Mail ...)
+CVE-2010-3887
 	NOT-FOR-US: Apple Mail
-CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft ...)
+CVE-2010-3886
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3885
 	REJECTED
-CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple ...)
+CVE-2010-3884
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-3883 (Cross-site request forgery (CSRF) vulnerability in the Change Group ...)
+CVE-2010-3883
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
+CVE-2010-3882
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-3881 (arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not ...)
+CVE-2010-3881
 	- linux-2.6 2.6.32-29 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not ...)
+CVE-2010-3880
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3879 (FUSE, possibly 2.8.5 and earlier, allows local users to create mtab ...)
+CVE-2010-3879
 	- fuse 2.8.5-1 (bug #602333)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3879
-CVE-2010-3878 (Cross-site request forgery (CSRF) vulnerability in the JMX Console in ...)
+CVE-2010-3878
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-3877 (The get_name function in net/tipc/socket.c in the Linux kernel before ...)
+CVE-2010-3877
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3876 (net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not ...)
+CVE-2010-3876
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3875 (The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel ...)
+CVE-2010-3875
 	{DSA-2264-1 DSA-2240-1 DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3874 (Heap-based buffer overflow in the bcm_connect function in ...)
+CVE-2010-3874
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-3873 (The X.25 implementation in the Linux kernel before 2.6.36.2 does not ...)
+CVE-2010-3873
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28 (low)
-CVE-2010-3872 (The fcgid_header_bucket_read function in fcgid_bucket.c in the ...)
+CVE-2010-3872
 	{DSA-2140-1}
 	- libapache2-mod-fcgid 1:2.3.6-1 (bug #605484)
-CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-3871
 	- mahara <not-affected> (Vulnerable feature introduced in 1.3)
-CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
+CVE-2010-3870
 	{DSA-2195-1}
 	- php5 5.3.3-4 (bug #603751)
-CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
+CVE-2010-3869
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
+CVE-2010-3868
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
+CVE-2010-3867
 	{DSA-2191-1}
 	- proftpd-dfsg 1.3.3a-4
 CVE-2010-3866
 	REJECTED
-CVE-2010-3865 (Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in ...)
+CVE-2010-3865
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through ...)
+CVE-2010-3864
 	{DSA-2125-1}
 	- openssl 0.9.8o-3
-CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
+CVE-2010-3863
 	- shiro <not-affected> (Fixed before the initial release in Debian)
-CVE-2010-3862 (The ...)
+CVE-2010-3862
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux ...)
+CVE-2010-3861
 	- linux-2.6 2.6.32-29
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
-CVE-2010-3860 (IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before ...)
+CVE-2010-3860
 	- openjdk-6 6b18-1.8.3-1
-CVE-2010-3859 (Multiple integer signedness errors in the TIPC implementation in the ...)
+CVE-2010-3859
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27
-CVE-2010-3858 (The setup_arg_pages function in fs/exec.c in the Linux kernel before ...)
+CVE-2010-3858
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27
 CVE-2010-3857 [JBoss BRMS XSS via UUID parameter]
 	RESERVED
 	- jbossas4 <not-affected> (Vulnerable code not present)
 	NOTE: JBoss 5 only; fixed in 5.1.0
-CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and ...)
+CVE-2010-3856
 	{DSA-2122-2 DSA-2122-1}
 	- glibc 2.11.2-8
 	- eglibc 2.11.2-8 (bug #600667)
-CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...)
+CVE-2010-3855
 	{DSA-2155-1}
 	- freetype 2.4.2-2.1 (bug #602221)
-CVE-2010-3854 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2010-3854
 	- couchdb 1.1.0-1
 	[squeeze] - couchdb <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-3853 (pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) ...)
+CVE-2010-3853
 	- pam 1.1.3-1 (low; bug #608273)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
-CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga ...)
+CVE-2010-3852
 	NOT-FOR-US: Red Hat Conga
-CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 ...)
+CVE-2010-3851
 	NOT-FOR-US: libguestfs
-CVE-2010-3850 (The ec_dev_ioctl function in net/econet/af_econet.c in the Linux ...)
+CVE-2010-3850
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-3849 (The econet_sendmsg function in net/econet/af_econet.c in the Linux ...)
+CVE-2010-3849
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-3848 (Stack-based buffer overflow in the econet_sendmsg function in ...)
+CVE-2010-3848
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-3847 (elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) ...)
+CVE-2010-3847
 	{DSA-2122-2 DSA-2122-1}
 	- eglibc 2.11.2-8 (bug #600667)
 	- glibc 2.11.2-8
-CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CVS ...)
+CVE-2010-3846
 	- cvs <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3852
 CVE-2010-3844
@@ -3618,171 +3618,171 @@ CVE-2010-3843
 	RESERVED
 	- ettercap 1:0.7.4-1 (unimportant; bug #600130)
 	NOTE: Very far-fetched attack vector
-CVE-2010-3842 (Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, ...)
+CVE-2010-3842
 	- curl <not-affected> (Doesn't affect POSIX systems)
-CVE-2010-3841 (Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in ...)
+CVE-2010-3841
 	NOT-FOR-US: TWiki
-CVE-2010-3845 (libapache-authenhook-perl 2.00-04 stores usernames and passwords in ...)
+CVE-2010-3845
 	- libapache-authenhook-perl 2.00-04+pristine-2 (low; bug #599712)
 	[lenny] - libapache-authenhook-perl 2.00-04+pristine-1+lenny1
 CVE-2010-4237
 	RESERVED
 	- mercurial 1.6.4-1 (low; bug #598841)
 	[lenny] - mercurial <no-dsa> (Minor issue)
-CVE-2010-3840 (The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL ...)
+CVE-2010-3840
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3839 (MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote ...)
+CVE-2010-3839
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3838 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 ...)
+CVE-2010-3838
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3837 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 ...)
+CVE-2010-3837
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3836 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 ...)
+CVE-2010-3836
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3835 (MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote ...)
+CVE-2010-3835
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3834 (Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before ...)
+CVE-2010-3834
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3833 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does ...)
+CVE-2010-3833
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3832 (Heap-based buffer overflow in the GSM mobility management ...)
+CVE-2010-3832
 	NOT-FOR-US: Apple iOS Telophony
-CVE-2010-3831 (Photos in Apple iOS before 4.2 enables support for HTTP Basic ...)
+CVE-2010-3831
 	NOT-FOR-US: Apple iOS Photos
-CVE-2010-3830 (Networking in Apple iOS before 4.2 accesses an invalid pointer during ...)
+CVE-2010-3830
 	NOT-FOR-US: Apple iOS Networking
-CVE-2010-3829 (WebKit in Apple iOS before 4.2 allows remote attackers to bypass the ...)
+CVE-2010-3829
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3828 (iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle ...)
+CVE-2010-3828
 	NOT-FOR-US: Apple iOS iAd
-CVE-2010-3827 (Apple iOS before 4.2 does not properly validate signatures before ...)
+CVE-2010-3827
 	NOT-FOR-US: Apple iOS configuration installation utility
-CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3826
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2010-3825
 	RESERVED
-CVE-2010-3824 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+CVE-2010-3824
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3823 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+CVE-2010-3823
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3822 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3822
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3821 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3821
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3820 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3820
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3819 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3819
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3818 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+CVE-2010-3818
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3817 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3817
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3816 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+CVE-2010-3816
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2010-3815
 	RESERVED
-CVE-2010-3814 (Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in ...)
+CVE-2010-3814
 	{DSA-2155-1}
 	- freetype 2.4.2-2.1 (bug #602221)
-CVE-2010-3813 (The WebCore::HTMLLinkElement::process function in ...)
+CVE-2010-3813
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: fixed much earlier in chromium, but this was the version checked
-CVE-2010-3812 (Integer overflow in the Text::wholeText method in dom/Text.cpp in ...)
+CVE-2010-3812
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: fixed much earlier in chromium, but this was the version checked
 	NOTE: http://www.zerodayinitiative.com/advisories/ZDI-10-257
-CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+CVE-2010-3811
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3810 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3810
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3809 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3809
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3808 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3808
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2010-3807
 	RESERVED
 CVE-2010-3806
 	RESERVED
-CVE-2010-3805 (Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
+CVE-2010-3805
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 ...)
+CVE-2010-3804
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
+CVE-2010-3803
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows remote ...)
+CVE-2010-3802
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
+CVE-2010-3801
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
+CVE-2010-3800
 	NOT-FOR-US: Apple QuickTime
 CVE-2010-3799
 	RESERVED
-CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before ...)
+CVE-2010-3798
 	- xar <removed>
 	[lenny] - xar <no-dsa> (Minor issue)
-CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
+CVE-2010-3797
 	NOT-FOR-US: Apple Wiki Server
-CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not ...)
+CVE-2010-3796
 	NOT-FOR-US: Apple Safari RSS
-CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
+CVE-2010-3795
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
+CVE-2010-3794
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
+CVE-2010-3793
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before ...)
+CVE-2010-3792
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 ...)
+CVE-2010-3791
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
+CVE-2010-3790
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
+CVE-2010-3789
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
+CVE-2010-3788
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x ...)
+CVE-2010-3787
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
+CVE-2010-3786
 	NOT-FOR-US: Apple QuickLook
-CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x ...)
+CVE-2010-3785
 	NOT-FOR-US: Apple QuickLook
-CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in Apple ...)
+CVE-2010-3784
 	NOT-FOR-US: Apple Printing
-CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does ...)
+CVE-2010-3783
 	NOT-FOR-US: Apple Password Server
 CVE-2010-3782
 	RESERVED
-CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not properly ...)
+CVE-2010-3781
 	- postgresql-9.0 9.0.1-1
-CVE-2010-3780 (Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause ...)
+CVE-2010-3780
 	- dovecot 1:1.2.15-1 (bug #599521)
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3779 (Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the ...)
+CVE-2010-3779
 	- dovecot 1:1.2.15-1 (bug #599521)
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3778 (Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, ...)
+CVE-2010-3778
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.11-1
@@ -3792,9 +3792,9 @@ CVE-2010-3778 (Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16,
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3777 (Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and ...)
+CVE-2010-3777
 	- iceweasel <not-affected> (Only affects Firefox 3.6, which is only in experimental)
-CVE-2010-3776 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-3776
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3804,7 +3804,7 @@ CVE-2010-3776 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3775 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+CVE-2010-3775
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3812,7 +3812,7 @@ CVE-2010-3775 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMon
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3774 (The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h ...)
+CVE-2010-3774
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -3820,7 +3820,7 @@ CVE-2010-3774 (The NS_SecurityCompareURIs function in netwerk/base/public/nsNetU
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (Doesn't affect 1.9.0)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3773 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+CVE-2010-3773
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3828,7 +3828,7 @@ CVE-2010-3773 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMon
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3772 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+CVE-2010-3772
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3836,7 +3836,7 @@ CVE-2010-3772 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMon
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3771 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+CVE-2010-3771
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3844,7 +3844,7 @@ CVE-2010-3771 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMon
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3770 (Multiple cross-site scripting (XSS) vulnerabilities in the rendering ...)
+CVE-2010-3770
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3852,7 +3852,7 @@ CVE-2010-3770 (Multiple cross-site scripting (XSS) vulnerabilities in the render
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3769 (The line-breaking implementation in Mozilla Firefox before 3.5.16 and ...)
+CVE-2010-3769
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.11-1
@@ -3862,7 +3862,7 @@ CVE-2010-3769 (The line-breaking implementation in Mozilla Firefox before 3.5.16
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (font-face support introduced in 1.9.1)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3768 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird ...)
+CVE-2010-3768
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner <not-affected> (Vulnerable code not present)
 	- icedove 3.0.11-1
@@ -3871,7 +3871,7 @@ CVE-2010-3768 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbir
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3767 (Integer overflow in the NewIdArray function in Mozilla Firefox before ...)
+CVE-2010-3767
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3879,7 +3879,7 @@ CVE-2010-3767 (Integer overflow in the NewIdArray function in Mozilla Firefox be
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3766 (Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and ...)
+CVE-2010-3766
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 3.5.16-1
@@ -3887,7 +3887,7 @@ CVE-2010-3766 (Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, ...)
+CVE-2010-3765
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.15-1
@@ -3898,49 +3898,49 @@ CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, ..
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (bug in optimization added later)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3764 (The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, ...)
+CVE-2010-3764
 	- bugzilla 3.6.3.0-1 (bug #602420; low)
 	[squeeze] - bugzilla 3.6.2.0-4.2
-CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in core/summary_api.php in ...)
+CVE-2010-3763
 	- mantis 1.1.8+dfsg-9 (bug #601618)
 	[lenny] - mantis 1.1.6+dfsg-2lenny4
-CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not ...)
+CVE-2010-3762
 	{DSA-2130-1}
 	- bind9 1:9.7.2.dfsg.P2-1 (bug #599515)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
 	NOTE: ACL bypass claimed to only affect >=9.7.2: https://kb.isc.org/article/AA-00935/0/CVE-2010-3762%3A-failure-to-handle-bad-signatures-if-multiple-trust-anchors-configured.html
 	NOTE: The crash with multiple trust anchors affects 9.6 and is fixed in 9.6-ESV-R2.
-CVE-2010-3761 (Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack ...)
+CVE-2010-3761
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3760 (FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager ...)
+CVE-2010-3760
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3759 (FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager ...)
+CVE-2010-3759
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3758 (Multiple stack-based buffer overflows in FastBackServer.exe in the ...)
+CVE-2010-3758
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3757 (Format string vulnerability in the _Eventlog function in ...)
+CVE-2010-3757
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3756 (The _CalcHashValueWithLength function in FastBackServer.exe in the ...)
+CVE-2010-3756
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3755 (The _DAS_ReadBlockReply function in FastBackServer.exe in the Server ...)
+CVE-2010-3755
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3754 (The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the ...)
+CVE-2010-3754
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3753 (programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 ...)
+CVE-2010-3753
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.26)
-CVE-2010-3752 (programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 ...)
+CVE-2010-3752
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3751 (Multiple heap-based buffer overflows in an ActiveX control in ...)
+CVE-2010-3751
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3750 (rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer ...)
+CVE-2010-3750
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3749 (The browser-plugin implementation in RealNetworks RealPlayer 11.0 ...)
+CVE-2010-3749
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3748 (Stack-based buffer overflow in the RichFX component in RealNetworks ...)
+CVE-2010-3748
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3747 (An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, ...)
+CVE-2010-3747
 	NOT-FOR-US: RealNetworks RealPlayer
 CVE-2010-3746
 	RESERVED
@@ -3948,39 +3948,39 @@ CVE-2010-3745
 	RESERVED
 CVE-2010-3744
 	RESERVED
-CVE-2010-3743 (Directory traversal vulnerability in Visual Synapse HTTP Server 1.0 ...)
+CVE-2010-3743
 	NOT-FOR-US: Visual Synapse HTTP Server
-CVE-2010-3742 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2010-3742
 	NOT-FOR-US: Free Simple CMS 1.0
-CVE-2010-3741 (The offline backup mechanism in Research In Motion (RIM) BlackBerry ...)
+CVE-2010-3741
 	NOT-FOR-US: BlackBerry Desktop Software
-CVE-2010-3740 (The Net Search Extender (NSE) implementation in the Text Search ...)
+CVE-2010-3740
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3739 (The audit facility in the Security component in IBM DB2 UDB 9.5 before ...)
+CVE-2010-3739
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3738 (The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT ...)
+CVE-2010-3738
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3737 (Memory leak in the Relational Data Services component in IBM DB2 UDB ...)
+CVE-2010-3737
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3736 (Memory leak in the Relational Data Services component in IBM DB2 UDB ...)
+CVE-2010-3736
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3735 (The &quot;Query Compiler, Rewrite, Optimizer&quot; component in IBM DB2 UDB 9.5 ...)
+CVE-2010-3735
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3734 (The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, ...)
+CVE-2010-3734
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3733 (The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses ...)
+CVE-2010-3733
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows ...)
+CVE-2010-3732
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3731 (Stack-based buffer overflow in the validateUser implementation in the ...)
+CVE-2010-3731
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3730 (Google Chrome before 6.0.472.62 does not properly use information ...)
+CVE-2010-3730
 	- webkit <not-affected> (issue in libv8)
 	- chromium-browser 6.0.472.62~r59676-1
 	- libv8 <not-affected>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=45700
 	NOTE: http://trac.webkit.org/changeset/67509
-CVE-2010-3729 (The SPDY protocol implementation in Google Chrome before 6.0.472.62 ...)
+CVE-2010-3729
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.62~r59676-1
 CVE-2010-3728
@@ -4001,57 +4001,57 @@ CVE-2010-3721
 	REJECTED
 CVE-2010-3720
 	REJECTED
-CVE-2010-3719 (Eval injection vulnerability in IMAdminSchedTask.asp in the ...)
+CVE-2010-3719
 	NOT-FOR-US: Symantec IM Manager
-CVE-2010-3718 (Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running ...)
+CVE-2010-3718
 	{DSA-2160-1}
 	- tomcat5.5 <removed> (low)
 	[lenny] - tomcat5.5 <no-dsa> (Minor issue)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x ...)
+CVE-2010-3717
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3716 (The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x ...)
+CVE-2010-3716
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3715 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x ...)
+CVE-2010-3715
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3714 (The jumpUrl (aka access tracking) implementation in ...)
+CVE-2010-3714
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum ...)
+CVE-2010-3713
 	NOT-FOR-US: UseBB
-CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before ...)
+CVE-2010-3712
 	NOT-FOR-US: Joomla!
-CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the return ...)
+CVE-2010-3711
 	- pidgin 2.7.4-1
 	[squeeze] - pidgin 2.7.3-1+squeeze1
-CVE-2010-3710 (Stack consumption vulnerability in the filter_var function in PHP ...)
+CVE-2010-3710
 	{DSA-2195-1}
 	- php5 5.3.3-3 (bug #601619)
-CVE-2010-3709 (The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 ...)
+CVE-2010-3709
 	{DSA-2195-1}
 	- php5 5.3.3-4 (bug #603751)
-CVE-2010-3708 (The serialization implementation in JBoss Drools in Red Hat JBoss ...)
+CVE-2010-3708
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...)
+CVE-2010-3707
 	- dovecot 1:1.2.15-1
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...)
+CVE-2010-3706
 	- dovecot 1:1.2.15-1
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3705 (The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux ...)
+CVE-2010-3705
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
-CVE-2010-3704 (The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser ...)
+CVE-2010-3704
 	{DSA-2135-1 DSA-2119-1}
 	- kdegraphics 4:4.0.0-1
 	- xpdf 3.02-9
 	- poppler 0.12.4-1.2 (bug #599165)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
-CVE-2010-3703 (The PostScriptFunction::PostScriptFunction function in ...)
+CVE-2010-3703
 	- kdegraphics 4:4.0.0-1
 	[lenny] - kdegraphics <not-affected> (Vulnerable code not present)
 	- xpdf 3.02-9
@@ -4059,222 +4059,222 @@ CVE-2010-3703 (The PostScriptFunction::PostScriptFunction function in ...)
 	- poppler 0.12.4-1.2 (bug #599165)
 	[lenny] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f
-CVE-2010-3702 (The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, ...)
+CVE-2010-3702
 	{DSA-2135-1 DSA-2119-1}
 	- kdegraphics 4:4.0.0-1
 	- xpdf 3.02-9
 	- poppler 0.12.4-1.2 (bug #599165)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf
-CVE-2010-3701 (lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows ...)
+CVE-2010-3701
 	NOT-FOR-US: Red Hat Enterprise MRG
-CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before ...)
+CVE-2010-3700
 	NOT-FOR-US: VMware SpringSource Spring Security
-CVE-2010-3699 (The backend driver in Xen 3.x allows guest OS users to cause a denial ...)
+CVE-2010-3699
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-31
-CVE-2010-3698 (The KVM implementation in the Linux kernel before 2.6.36 does not ...)
+CVE-2010-3698
 	- linux-2.6 2.6.32-28
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...)
+CVE-2010-3697
 	- freeradius 2.1.10+dfsg-1 (bug #600176; unimportant)
 	NOTE: requires server to be down already
-CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in ...)
+CVE-2010-3696
 	- freeradius 2.1.10+dfsg-1 (bug #600176)
 	[lenny] - freeradius <not-affected> (Vulnerable code not present)
-CVE-2010-3695 (Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in ...)
+CVE-2010-3695
 	{DSA-2204-1}
 	- imp4 4.3.7+debian0-2.1 (bug #598584; low)
 	NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html
-CVE-2010-3694 (Cross-site request forgery (CSRF) vulnerability in the Horde ...)
+CVE-2010-3694
 	{DSA-2278-1}
 	- horde3 3.3.8+debian0-2 (bug #598582)
 	NOTE: http://lists.horde.org/archives/announce/2010/000568.html
-CVE-2010-3693 (Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) ...)
+CVE-2010-3693
 	- dimp1 1.1.4+debian2-1.1 (bug #598583)
 	NOTE: http://lists.horde.org/archives/announce/2010/000561.html
-CVE-2010-3692 (Directory traversal vulnerability in the callback function in ...)
+CVE-2010-3692
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is ...)
+CVE-2010-3691
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-3690 (Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before ...)
+CVE-2010-3690
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-3689 (soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length ...)
+CVE-2010-3689
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3687 (Unspecified vulnerability in the powermail extension 1.5.3 and earlier ...)
+CVE-2010-3687
 	NOT-FOR-US: powermail extension 1.5.3 for typo3
-CVE-2010-3686 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
+CVE-2010-3686
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3685 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
+CVE-2010-3685
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-4340 (libcloud before 0.4.1 does not verify SSL certificates for HTTPS ...)
+CVE-2010-4340
 	- libcloud 0.5.0-1 (low; bug #598463)
-CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA ...)
+CVE-2010-3688
 	NOT-FOR-US: NetArtMEDIA WebSiteAdmin
-CVE-2010-3684 (The FTP authentication module in Synology Disk Station 2.x logs ...)
+CVE-2010-3684
 	NOT-FOR-US: Synology Disk Station
-CVE-2010-3683 (Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet ...)
+CVE-2010-3683
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3682 (Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote ...)
+CVE-2010-3682
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3681 (Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote ...)
+CVE-2010-3681
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3680 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ...)
+CVE-2010-3680
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3679 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ...)
+CVE-2010-3679
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3678 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ...)
+CVE-2010-3678
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3677 (Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote ...)
+CVE-2010-3677
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3676 (storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before ...)
+CVE-2010-3676
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
 CVE-2010-3675
 	RESERVED
-CVE-2010-3658 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-3658
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3657 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-3657
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3656 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-3656
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player ...)
+CVE-2010-3655
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
+CVE-2010-3654
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before ...)
+CVE-2010-3653
 	NOT-FOR-US: Adobe Shockwave
-CVE-2010-3652 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3652
 	NOT-FOR-US: Adobe Flash Player
 CVE-2010-3651
 	REJECTED
-CVE-2010-3650 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3650
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3649 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3649
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3648 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3648
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3647 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3647
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3646 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3646
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3645 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3645
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3644 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3644
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3643 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3643
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3642 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3642
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3641 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3641
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3640 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3640
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3639 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3639
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3638 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+CVE-2010-3638
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 ...)
+CVE-2010-3637
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
+CVE-2010-3636
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3635 (Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, ...)
+CVE-2010-3635
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-3634 (Unspecified vulnerability in the edge process in Adobe Flash Media ...)
+CVE-2010-3634
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-3633 (Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, ...)
+CVE-2010-3633
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-3632 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-3632
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3631 (Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x ...)
+CVE-2010-3631
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3630 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-3630
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3629 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-3629
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3628 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-3628
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3627 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-3627
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3626 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-3626
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3625 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-3625
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3624 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 ...)
+CVE-2010-3624
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3623 (Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS ...)
+CVE-2010-3623
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3622 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-3622
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3621 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-3621
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3620 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-3620
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3619 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-3619
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does ...)
+CVE-2010-3618
 	NOT-FOR-US: PGP Desktop
 CVE-2010-3617
 	RESERVED
-CVE-2010-3616 (ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover ...)
+CVE-2010-3616
 	- isc-dhcp <not-affected> (Only affects 4.2.x)
 	- dhcp3 <not-affected> (Only affects 4.2.x)
 	- dhcp <not-affected> (Only affects 4.2.x)
-CVE-2010-3615 (named in ISC BIND 9.7.2-P2 does not check all intended locations for ...)
+CVE-2010-3615
 	- bind9 1:9.7.2.dfsg.P3-1 (bug #605876)
 	[lenny] - bind9 <not-affected> (Doesn't affect 9.6 ESV)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
-CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV ...)
+CVE-2010-3614
 	{DSA-2130-1}
 	- bind9 1:9.7.2.dfsg.P3-1 (bug #605876)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
-CVE-2010-3613 (named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, ...)
+CVE-2010-3613
 	{DSA-2130-1}
 	- bind9 1:9.7.2.dfsg.P3-1 (bug #605876)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
 CVE-2010-3612
 	RESERVED
-CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before ...)
+CVE-2010-3611
 	- isc-dhcp 4.1.1-P1-14
 	- dhcp3 <not-affected> (Only affects DHCP 4.x)
 	- dhcp <not-affected> (Only affects DHCP 4.x)
 CVE-2010-3610
 	RESERVED
-CVE-2010-3609 (The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other ...)
+CVE-2010-3609
 	{DLA-304-1}
 	- openslp-dfsg 1.2.1-8 (low; bug #623551)
 	[squeeze] - openslp-dfsg <no-dsa> (Minor issue)
 	[lenny] - openslp-dfsg <no-dsa> (Minor issue)
-CVE-2010-3659 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x ...)
+CVE-2010-3659
 	{DSA-2098-1}
 	- typo3-src 4.3.5-1 (bug #590719)
 CVE-2010-3660 [Multiple security issues]
@@ -4342,406 +4342,406 @@ CVE-2010-XXXX [piwigo]
 	NOTE: http://www.exploit-db.com/exploits/14973/
 	NOTE: First unfilled CVE-request http://www.openwall.com/lists/oss-security/2010/12/07/1
 	NOTE: Second CVE-request http://www.openwall.com/lists/oss-security/2012/10/06/3
-CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
+CVE-2010-3608
 	NOT-FOR-US: wpQuiz
-CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt ...)
+CVE-2010-3607
 	NOT-FOR-US: NetArt MEDIA Real Estate Portal
-CVE-2010-3606 (Multiple directory traversal vulnerabilities in AGENTS/index.php in ...)
+CVE-2010-3606
 	NOT-FOR-US: NetArt MEDIA Real Estate Portal
-CVE-2010-3605 (Cross-site scripting (XSS) vulnerability in the powermail extension ...)
+CVE-2010-3605
 	NOT-FOR-US: powermail extension 1.5.3 for typo3
-CVE-2010-3604 (SQL injection vulnerability in the powermail extension 1.5.3 and ...)
+CVE-2010-3604
 	NOT-FOR-US: powermail extension 1.5.3 for typo3
-CVE-2010-3603 (Cross-site request forgery (CSRF) vulnerability in the file manager ...)
+CVE-2010-3603
 	NOT-FOR-US: mojoPortal
-CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in ...)
+CVE-2010-3602
 	NOT-FOR-US: mojoPortal
-CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows ...)
+CVE-2010-3601
 	NOT-FOR-US: ibPhotohost
-CVE-2010-3499 (F-Secure Anti-Virus does not properly interact with the processing of ...)
+CVE-2010-3499
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2010-3498 (AVG Anti-Virus does not properly interact with the processing of ...)
+CVE-2010-3498
 	NOT-FOR-US: AVG Anti-Virus
-CVE-2010-3497 (Symantec Norton AntiVirus 2011 does not properly interact with the ...)
+CVE-2010-3497
 	NOT-FOR-US: Symantec Norton AntiVirus
-CVE-2010-3496 (McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact ...)
+CVE-2010-3496
 	NOT-FOR-US: McAfee VirusScan Enterprise
-CVE-2010-3495 (Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) ...)
+CVE-2010-3495
 	- zodb 1:3.9.4-1.1 (bug #599711)
-CVE-2010-3494 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...)
+CVE-2010-3494
 	- python-pyftpdlib 0.5.2-1 (low)
 	NOTE: http://code.google.com/p/pyftpdlib/issues/detail?id=104
-CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python ...)
+CVE-2010-3493
 	- python3.1 3.1.2+20100829-1
 	- python2.6 2.6.6-1 (low; bug #601690)
 	- python2.5 <unfixed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
 	[lenny] - python2.5 <no-dsa> (Minor issue)
-CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle ...)
+CVE-2010-3492
 	- python2.7 2.7.8-11 (unimportant)
 	- python3.1 <removed> (unimportant)
 	- python3.2 3.4.2-1 (unimportant)
 	NOTE: likely fixed much earlier, but these were the versions checked
-CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator ...)
+CVE-2010-3491
 	NOT-FOR-US: TIBCO ActiveMatrix Service Grid
-CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...)
+CVE-2010-3490
 	NOT-FOR-US: FreePBX
-CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-3489
 	NOT-FOR-US: CMS Digital Workroom
-CVE-2010-3488 (Directory traversal vulnerability in QuickShare 1.0 allows remote ...)
+CVE-2010-3488
 	NOT-FOR-US: QuickShare
-CVE-2010-3487 (Directory traversal vulnerability in YelloSoft Pinky 1.0 for Windows ...)
+CVE-2010-3487
 	NOT-FOR-US: YelloSoft Pinky
-CVE-2010-3486 (Directory traversal vulnerability in FileStorageUpload.ashx in ...)
+CVE-2010-3486
 	NOT-FOR-US: SmarterMail
-CVE-2010-3483 (cms_write.php in Primitive CMS 1.0.9 does not properly restrict ...)
+CVE-2010-3483
 	NOT-FOR-US: Primitive CMS
-CVE-2010-3482 (Multiple SQL injection vulnerabilities in cms_write.php in Primitive ...)
+CVE-2010-3482
 	NOT-FOR-US: Primitive CMS
-CVE-2010-3481 (Multiple SQL injection vulnerabilities in login.php in ApPHP PHP ...)
+CVE-2010-3481
 	NOT-FOR-US: MicroCMS
-CVE-2010-3480 (Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS ...)
+CVE-2010-3480
 	NOT-FOR-US: MicroCMS
-CVE-2010-3479 (SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote ...)
+CVE-2010-3479
 	NOT-FOR-US: BoutikOne
 CVE-2010-3478
 	RESERVED
-CVE-2010-3477 (The tcf_act_police_dump function in net/sched/act_police.c in the ...)
+CVE-2010-3477
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
-CVE-2010-3600 (Unspecified vulnerability in the Client System Analyzer component in ...)
+CVE-2010-3600
 	NOT-FOR-US: Oracle Database
-CVE-2010-3599 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+CVE-2010-3599
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3598 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+CVE-2010-3598
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3597 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2010-3597
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3596 (Unspecified vulnerability in the mod_ssl component in Oracle Secure ...)
+CVE-2010-3596
 	NOT-FOR-US: Dupe of CVE-2009-3555, will be rejected
-CVE-2010-3595 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+CVE-2010-3595
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3594 (Unspecified vulnerability in the Real User Experience Insight ...)
+CVE-2010-3594
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2010-3593 (Unspecified vulnerability in the Health Sciences - Oracle Argus Safety ...)
+CVE-2010-3593
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2010-3592 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+CVE-2010-3592
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3591 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+CVE-2010-3591
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3590 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2010-3590
 	NOT-FOR-US: Oracle Database
-CVE-2010-3589 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2010-3589
 	NOT-FOR-US: Oracle Application Object Library component
-CVE-2010-3588 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
+CVE-2010-3588
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3587 (Unspecified vulnerability in the Oracle Common Applications component ...)
+CVE-2010-3587
 	NOT-FOR-US: Oracle Applications
-CVE-2010-3586 (Unspecified vulnerability in Oracle Solaris 9 allows local users to ...)
+CVE-2010-3586
 	- xscreensaver <not-affected> (Solaris-specific patch)
-CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
+CVE-2010-3585
 	NOT-FOR-US: OracleVM
-CVE-2010-3584 (Unspecified vulnerability in the Oracle VM component in Oracle VM ...)
+CVE-2010-3584
 	NOT-FOR-US: OracleVM
-CVE-2010-3583 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
+CVE-2010-3583
 	NOT-FOR-US: OracleVM
-CVE-2010-3582 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
+CVE-2010-3582
 	NOT-FOR-US: OracleVM
-CVE-2010-3581 (Unspecified vulnerability in the BPEL Console component in Oracle ...)
+CVE-2010-3581
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3580 (Unspecified vulnerability in Oracle OpenSolaris allows local users to ...)
+CVE-2010-3580
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3579 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun ...)
+CVE-2010-3579
 	NOT-FOR-US: Java Communications Suite
-CVE-2010-3578 (Unspecified vulnerability in Oracle OpenSolaris allows remote ...)
+CVE-2010-3578
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3577 (Unspecified vulnerability in Oracle OpenSolaris allows remote ...)
+CVE-2010-3577
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3576 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
+CVE-2010-3576
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3575 (Unspecified vulnerability in the Oracle Communications Messaging ...)
+CVE-2010-3575
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3574 (Unspecified vulnerability in the Networking component in Oracle Java ...)
+CVE-2010-3574
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3573 (Unspecified vulnerability in the Networking component in Oracle Java ...)
+CVE-2010-3573
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3572 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
+CVE-2010-3572
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3571 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
+CVE-2010-3571
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3570 (Unspecified vulnerability in the Deployment Toolkit component in ...)
+CVE-2010-3570
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3569 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-3569
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3568 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-3568
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3567 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
+CVE-2010-3567
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3566 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
+CVE-2010-3566
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3565 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
+CVE-2010-3565
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3564 (Unspecified vulnerability in the Oracle Communications Messaging ...)
+CVE-2010-3564
 	- openjdk-6 6b18-1.8.2-1
-CVE-2010-3563 (Unspecified vulnerability in the Deployment component in Oracle Java ...)
+CVE-2010-3563
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3562 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
+CVE-2010-3562
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3561 (Unspecified vulnerability in the CORBA component in Oracle Java SE and ...)
+CVE-2010-3561
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3560 (Unspecified vulnerability in the Networking component in Oracle Java ...)
+CVE-2010-3560
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3559 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
+CVE-2010-3559
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3558 (Unspecified vulnerability in the Java Web Start component in Oracle ...)
+CVE-2010-3558
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3557 (Unspecified vulnerability in the Swing component in Oracle Java SE and ...)
+CVE-2010-3557
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3556 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
+CVE-2010-3556
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3555 (Unspecified vulnerability in the Deployment component in Oracle Java ...)
+CVE-2010-3555
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3554 (Unspecified vulnerability in the CORBA component in Oracle Java SE and ...)
+CVE-2010-3554
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3553 (Unspecified vulnerability in the Swing component in Oracle Java SE and ...)
+CVE-2010-3553
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3552 (Unspecified vulnerability in the New Java Plug-in component in Oracle ...)
+CVE-2010-3552
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3551 (Unspecified vulnerability in the Networking component in Oracle Java ...)
+CVE-2010-3551
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3550 (Unspecified vulnerability in the Java Web Start component in Oracle ...)
+CVE-2010-3550
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3549 (Unspecified vulnerability in the Networking component in Oracle Java ...)
+CVE-2010-3549
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3548 (Unspecified vulnerability in the Java Naming and Directory Interface ...)
+CVE-2010-3548
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3547 (Unspecified vulnerability in the PeopleSoft FMS ESA - EX component in ...)
+CVE-2010-3547
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-3546 (Unspecified vulnerability in the Sun Java System Identity Manager ...)
+CVE-2010-3546
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3545 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
+CVE-2010-3545
 	NOT-FOR-US: Oracle iPlanet Web Server
-CVE-2010-3544 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
+CVE-2010-3544
 	NOT-FOR-US: Oracle iPlanet Web Server
 CVE-2010-3543
 	REJECTED
-CVE-2010-3542 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
+CVE-2010-3542
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3541 (Unspecified vulnerability in the Networking component in Oracle Java ...)
+CVE-2010-3541
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3540 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+CVE-2010-3540
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3539 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL ...)
+CVE-2010-3539
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3538 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL ...)
+CVE-2010-3538
 	NOT-FOR-US: PeopleSoft Enterprise FMS
-CVE-2010-3537 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM ...)
+CVE-2010-3537
 	NOT-FOR-US: PeopleSoft Enterprise FMS
-CVE-2010-3536 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...)
+CVE-2010-3536
 	NOT-FOR-US: PeopleSoft Enterprise SCM
-CVE-2010-3535 (Unspecified vulnerability in the Directory Server Enterprise Edition ...)
+CVE-2010-3535
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3534 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2010-3534
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2010-3533 (Unspecified vulnerability in the PeopleSoft Enterprise SCM OM and CRM ...)
+CVE-2010-3533
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3532 (Unspecified vulnerability in the PeopleSoft Enterprise CRM - Order ...)
+CVE-2010-3532
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3531 (Unspecified vulnerability in the PeopleSoft Enterprise FMS ESA - RM ...)
+CVE-2010-3531
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - HR ...)
+CVE-2010-3530
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3529 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - Cash ...)
+CVE-2010-3529
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3528 (Unspecified vulnerability in the PeopleSoft Enterprise CRM - Common ...)
+CVE-2010-3528
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3527 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM ...)
+CVE-2010-3527
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3526 (Unspecified vulnerability in the PeopleSoft Enterprise SCM - PO ...)
+CVE-2010-3526
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3525 (Unspecified vulnerability in the (1) PeopleSoft Enterprise FMS, (2) ...)
+CVE-2010-3525
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3524 (Unspecified vulnerability in the PeopleSoft Enterprise SCM - Strategic ...)
+CVE-2010-3524
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3523 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-3523
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3522 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-3522
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ePay ...)
+CVE-2010-3521
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3520 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - GP France ...)
+CVE-2010-3520
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3519 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-3519
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3518 (Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan ...)
+CVE-2010-3518
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3517 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+CVE-2010-3517
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3516 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+CVE-2010-3516
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3515 (Unspecified vulnerability in the Solaris component in Oracle Solaris 9 ...)
+CVE-2010-3515
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3514 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
+CVE-2010-3514
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3513 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, ...)
+CVE-2010-3513
 	NOT-FOR-US: Oracle Solaris and OpenSolaris
-CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
+CVE-2010-3512
 	NOT-FOR-US: Oracle iPlanet Web Server
-CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local users to ...)
+CVE-2010-3511
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3510 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2010-3510
 	NOT-FOR-US: Oracle WebLogic
-CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
+CVE-2010-3509
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2010-3508
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+CVE-2010-3507
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer) ...)
+CVE-2010-3506
 	NOT-FOR-US: Oracle Explorer
-CVE-2010-3505 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
+CVE-2010-3505
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2010-3504
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+CVE-2010-3503
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3502 (Unspecified vulnerability in the Siebel Core component in Oracle ...)
+CVE-2010-3502
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-3501 (Unspecified vulnerability in the OID component in Oracle Fusion ...)
+CVE-2010-3501
 	NOT-FOR-US: Oracle Fusion
-CVE-2010-3500 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
+CVE-2010-3500
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-3476 (Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before ...)
+CVE-2010-3476
 	- otrs2 2.4.8+dfsg1-1
 	[lenny] - otrs2 <not-affected> (Only affects OTRS 2.3 and 2.4)
-CVE-2010-3475 (IBM DB2 9.7 before FP3 does not properly enforce privilege ...)
+CVE-2010-3475
 	NOT-FOR-US: IBM DB2
-CVE-2010-3474 (IBM DB2 9.7 before FP3 does not perform the expected drops or ...)
+CVE-2010-3474
 	NOT-FOR-US: IBM DB2
-CVE-2010-3473 (Open redirect vulnerability in the Workplace (aka WP) component in IBM ...)
+CVE-2010-3473
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2010-3472 (Multiple cross-site scripting (XSS) vulnerabilities in the Workplace ...)
+CVE-2010-3472
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2010-3471 (Session fixation vulnerability in the Workplace (aka WP) component in ...)
+CVE-2010-3471
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2010-3470 (Multiple cross-site scripting (XSS) vulnerabilities in the Workplace ...)
+CVE-2010-3470
 	NOT-FOR-US: IBM FileNet P8 Application Engine
 CVE-2010-3469
 	RESERVED
-CVE-2010-3468 (Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 ...)
+CVE-2010-3468
 	NOT-FOR-US: Mura CMS
-CVE-2010-3467 (SQL injection vulnerability in modules/sections/index.php in ...)
+CVE-2010-3467
 	NOT-FOR-US: E-Xoopport Samsara
-CVE-2010-3466 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
+CVE-2010-3466
 	NOT-FOR-US: NetArt Media iBoutique.MALL
-CVE-2010-3465 (Multiple cross-site scripting (XSS) vulnerabilities in XSE Shopping ...)
+CVE-2010-3465
 	NOT-FOR-US: XSE Shopping Cart
-CVE-2010-3464 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2010-3464
 	NOT-FOR-US: SantaFox
-CVE-2010-3463 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-3463
 	NOT-FOR-US: SantaFox
-CVE-2010-3462 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-3462
 	NOT-FOR-US: Mollify
-CVE-2010-3461 (SQL injection vulnerability in the Publisher module in eNdonesia 8.4 ...)
+CVE-2010-3461
 	NOT-FOR-US: eNdonesia
-CVE-2010-3460 (Directory traversal vulnerability in the HTTP interface in AXIGEN Mail ...)
+CVE-2010-3460
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2010-3459 (Cross-site scripting (XSS) vulnerability in the Ajax WebMail interface ...)
+CVE-2010-3459
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2010-3458 (SQL injection vulnerability in lib/toolkit/events/event.section.php in ...)
+CVE-2010-3458
 	NOT-FOR-US: Symphony CMS
-CVE-2010-3457 (Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS ...)
+CVE-2010-3457
 	NOT-FOR-US: Symphony CMS
-CVE-2010-3456 (Directory traversal vulnerability in download.php in EnergyScripts ...)
+CVE-2010-3456
 	NOT-FOR-US: EnergyScripts Simple Download
-CVE-2010-3455 (Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 ...)
+CVE-2010-3455
 	NOT-FOR-US: AChecker
-CVE-2010-3454 (Multiple off-by-one errors in the WW8DopTypography::ReadFromMem ...)
+CVE-2010-3454
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3453 (The WW8ListManager::WW8ListManager function in oowriter in ...)
+CVE-2010-3453
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3452 (Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x ...)
+CVE-2010-3452
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3451 (Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x ...)
+CVE-2010-3451
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3450 (Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) ...)
+CVE-2010-3450
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
+CVE-2010-3449
 	NOT-FOR-US: Redback
-CVE-2010-3448 (drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 ...)
+CVE-2010-3448
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-12 (bug #565790; unimportant)
 	NOTE: this is more of a hardware bug rather than a security issue
-CVE-2010-3447 (Cross-site scripting (XSS) vulnerability in view.php in the file ...)
+CVE-2010-3447
 	- gollem 1.1.1+debian0-1.1 (bug #598585)
 	[lenny] - gollem <not-affected> ($filename not printed directly and passed through htmlspecialchars())
 	NOTE: http://bugs.horde.org/ticket/9191
 CVE-2010-3446
 	RESERVED
-CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in ...)
+CVE-2010-3445
 	{DSA-2127-1}
 	- wireshark 1.2.11-3 (low)
 	NOTE: http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html
-CVE-2010-3444 (Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU ...)
+CVE-2010-3444
 	- pyfribidi 0.10.0-2 (bug #570068)
 	[lenny] - pyfribidi <not-affected> (fribidi 0.19.1 or higher needs to be installed to trigger this)
-CVE-2010-3443 (ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows ...)
+CVE-2010-3443
 	- quassel 0.7.1-1 (bug #597853)
 	[squeeze] - quassel 0.6.3-1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774
-CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
+CVE-2010-3442
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=5591bf07225523600450edd9e6ad258bb877b779
-CVE-2010-3441 (Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote ...)
+CVE-2010-3441
 	- abcm2ps 5.9.13-0.1 (low; bug #577014)
 	[lenny] - abcm2ps <no-dsa> (Minor issue)
 CVE-2010-3440 [babiloo insecure downloading and unpacking of dictionary files]
@@ -4755,40 +4755,40 @@ CVE-2010-3438 [Insufficient stripping of CR/LF allows arbitrary IRC command exec
 	RESERVED
 	- libpoe-component-irc-perl 6.32+dfsg-1
 	[lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194)
-CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function in ...)
+CVE-2010-3437
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
-CVE-2010-3436 (fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote ...)
+CVE-2010-3436
 	- php5 5.3.3-4 (unimportant)
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=303824
-CVE-2010-3435 (The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before ...)
+CVE-2010-3435
 	- pam 1.1.3-1 (low; bug #599832)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
 	NOTE: Fix from 1.1.2 is not fully complete
-CVE-2010-3434 (Buffer overflow in the find_stream_bounds function in pdf.c in ...)
+CVE-2010-3434
 	- clamav 0.96.3+dfsg-1
 	[lenny] - clamav <end-of-life>
 	NOTE: libclamav/pdf.c: Add missing boundscheck to pdf code (bb #2226)
-CVE-2010-3433 (The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before ...)
+CVE-2010-3433
 	{DSA-2120-1}
 	- postgresql-9.0 9.0.1-1
 	- postgresql-8.4 8.4.5-1
 	[squeeze] - postgresql-8.4 8.4.5-0squeeze1
 	- postgresql-8.3 <removed>
-CVE-2010-3432 (The sctp_packet_config function in net/sctp/output.c in the Linux ...)
+CVE-2010-3432
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3431 (The privilege-dropping implementation in the (1) pam_env and (2) ...)
+CVE-2010-3431
 	- pam 1.1.3-1 (low; bug #599832)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	NOTE: 20100924164823.GA21584@openwall.com
-CVE-2010-3430 (The privilege-dropping implementation in the (1) pam_env and (2) ...)
+CVE-2010-3430
 	- pam 1.1.3-1 (bug #599832)
 	[squeeze] - pam <not-affected> (Affected functionality introduced in 1.1.2, see #599832)
 	[lenny] - pam <not-affected> (Affected functionality introduced in 1.1.2, see #599832)
 	NOTE: 20100924164823.GA21584@openwall.com
-CVE-2010-3429 (flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in ...)
+CVE-2010-3429
 	{DSA-2165-1}
 	- ffmpeg 4:0.5.2-6 (bug #598590)
 	- ffmpeg-debian <removed>
@@ -4809,52 +4809,52 @@ CVE-2010-XXXX [mediatomb directory traversal]
 	[wheezy] - mediatomb 0.12.1-4+deb7u1
 	[squeeze] - mediatomb 0.12.0~svn2018-6.1
 	NOTE: was previously fixed in 580120 but patch was not applied to later maintainer uploads
-CVE-2010-3428 (SQL injection vulnerability in modules/notes/json.php in Intermesh ...)
+CVE-2010-3428
 	NOT-FOR-US: Intermesh Group-Office
-CVE-2010-3427 (Multiple cross-site scripting (XSS) vulnerabilities in Open ...)
+CVE-2010-3427
 	NOT-FOR-US: Open Classifieds
-CVE-2010-3426 (Directory traversal vulnerability in jphone.php in the JPhone ...)
+CVE-2010-3426
 	NOT-FOR-US: JPhone for Joomla
-CVE-2010-3425 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-3425
 	NOT-FOR-US: SmarterStats
-CVE-2010-3424 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-3424
 	NOT-FOR-US: Invision Power Board
-CVE-2010-3423 (SQL injection vulnerability in the Yr Weatherdata module for Drupal ...)
+CVE-2010-3423
 	NOT-FOR-US: Yr Weatherdata module for Drupal
-CVE-2010-3422 (SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 ...)
+CVE-2010-3422
 	NOT-FOR-US: JGen for Joomla
-CVE-2010-3421 (Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ...)
+CVE-2010-3421
 	NOT-FOR-US: ProductCart
-CVE-2010-3420 (Cross-site scripting (XSS) vulnerability in Products_Results.php in ...)
+CVE-2010-3420
 	NOT-FOR-US: PowerStore
-CVE-2010-3419 (Multiple PHP remote file inclusion vulnerabilities in Haudenschilt ...)
+CVE-2010-3419
 	NOT-FOR-US: Haudenschilt Family Connections CMS
-CVE-2010-3418 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media ...)
+CVE-2010-3418
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2010-3417 (Google Chrome before 6.0.472.59 does not prompt the user before ...)
+CVE-2010-3417
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.59~r59126-1
-CVE-2010-3416 (Google Chrome before 6.0.472.59 on Linux does not properly implement ...)
+CVE-2010-3416
 	- webkit <not-affected> (issue in chromium-specific code)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44960
 	NOTE: http://trac.webkit.org/changeset/66689
-CVE-2010-3415 (Google Chrome before 6.0.472.59 does not properly implement ...)
+CVE-2010-3415
 	- webkit <not-affected> (issue in chromium-specific code)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=45112
 	NOTE: http://trac.webkit.org/changeset/66837
 	NOTE: depends on http://trac.webkit.org/changeset/66837
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=45257
-CVE-2010-3414 (Google Chrome before 6.0.472.59 on Mac OS X does not properly ...)
+CVE-2010-3414
 	- webkit <not-affected> (Does not affect linux)
 	- chromium-browser <not-affected> (Does not affect linux)
-CVE-2010-3413 (Unspecified vulnerability in the pop-up blocking functionality in ...)
+CVE-2010-3413
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.59~r59126-1
-CVE-2010-3412 (Race condition in the console implementation in Google Chrome before ...)
+CVE-2010-3412
 	- libv8 2.2.24-6 (bug #597856)
-CVE-2010-3411 (Google Chrome before 6.0.472.59 on Linux does not properly handle ...)
+CVE-2010-3411
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.59~r59126-1
 CVE-2010-3410
@@ -4863,37 +4863,37 @@ CVE-2010-3409
 	REJECTED
 CVE-2010-3408
 	REJECTED
-CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function in ...)
+CVE-2010-3407
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2010-3406 (Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM ...)
+CVE-2010-3406
 	NOT-FOR-US: AIX 5.3
-CVE-2010-3405 (Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, ...)
+CVE-2010-3405
 	NOT-FOR-US: AIX 6.1, VIOS
-CVE-2010-3404 (Multiple SQL injection vulnerabilities in eshtery CMS (aka ...)
+CVE-2010-3404
 	NOT-FOR-US: eshtery CMS
-CVE-2010-3403 (Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic ...)
+CVE-2010-3403
 	NOT-FOR-US: Qualcomm eXtensible Diagnostic Monitor
-CVE-2010-3402 (Untrusted search path vulnerability in IDM Computer Solutions ...)
+CVE-2010-3402
 	NOT-FOR-US: UltraEdit
 CVE-2010-3401
 	RESERVED
-CVE-2010-3400 (The js_InitRandom function in the JavaScript implementation in Mozilla ...)
+CVE-2010-3400
 	NOTE: These will likely be rejected, Mozilla people will clarify with MITRE
-CVE-2010-3399 (The js_InitRandom function in the JavaScript implementation in Mozilla ...)
+CVE-2010-3399
 	NOTE: These will likely be rejected, Mozilla people will clarify with MITRE
-CVE-2010-3398 (Unspecified vulnerability in the webcontainer implementation in IBM ...)
+CVE-2010-3398
 	NOT-FOR-US: IBM Lotus Sametime Connect
-CVE-2010-3397 (Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, ...)
+CVE-2010-3397
 	NOT-FOR-US: PGP Desktop
-CVE-2010-3396 (Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and ...)
+CVE-2010-3396
 	NOT-FOR-US: Kingsoft Antivirus
 CVE-2010-3395
 	RESERVED
-CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
+CVE-2010-3394
 	- texmacs 1:1.0.7.7-1.1 (bug #598424)
 	[squeeze] - texmacs 1:1.0.7.4-3.1
 	[lenny] - texmacs <no-dsa> (minor issue)
-CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...)
+CVE-2010-3393
 	- magics++ 2.10.0.dfsg-5.1 (bug #598418)
 CVE-2010-3392
 	RESERVED
@@ -4901,34 +4901,34 @@ CVE-2010-3391
 	RESERVED
 CVE-2010-3390
 	RESERVED
-CVE-2010-3389 (The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents ...)
+CVE-2010-3389
 	- cluster-agents 1:1.0.3-3.1 (bug #598549)
 CVE-2010-3388
 	RESERVED
-CVE-2010-3387 (** DISPUTED ** ...)
+CVE-2010-3387
 	- vdr 1.6.0-19.1 (unimportant; bug #598308)
 	NOTE: Only affects a debugging tool, see bug #598308
-CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length ...)
+CVE-2010-3386
 	- ust 0.7-2.1 (bug #598309)
 	[squeeze] - ust 0.5-1+squeeze1
 	[wheezy] - ust 0.5-1+squeeze1
-CVE-2010-3385 (TuxGuitar 1.2 places a zero-length directory name in the ...)
+CVE-2010-3385
 	- tuxguitar 1.2-7 (bug #598307)
 	[lenny] - tuxguitar <no-dsa> (Minor issue)
-CVE-2010-3384 (The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and ...)
+CVE-2010-3384
 	- torcs 1.3.1-5 (bug #598306)
 	[lenny] - torcs <no-dsa> (Minor issue)
-CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 ...)
+CVE-2010-3383
 	- teamspeak-client 2.0.32-3.1 (low; bug #598304)
 	[lenny] - teamspeak-client <no-dsa> (Non-free not supported)
 	- teamspeak-server 2.0.24.1+debian-1.1 (low; bug #598305)
 	[lenny] - teamspeak-server <no-dsa> (Non-free not supported)
-CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a ...)
+CVE-2010-3382
 	- tau 2.16.4-1.4 (bug #598303)
-CVE-2010-3381 (The (1) tangerine and (2) tangerine-properties scripts in Tangerine ...)
+CVE-2010-3381
 	- tangerine 0.3.2.2-6 (bug #598302)
 	[lenny] - tangerine <no-dsa> (minor issue)
-CVE-2010-3380 (The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before ...)
+CVE-2010-3380
 	- slurm-llnl 2.1.15-2 (bug #602340)
 	[wheezy] - slurm-llnl 2.1.11-1squeeze1 (bug #602340)
 	[squeeze] - slurm-llnl 2.1.11-1squeeze1 (bug #602340)
@@ -4936,191 +4936,191 @@ CVE-2010-3380 (The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM bef
 	NOTE: Debian package ships its own, also vulnerable, init script. NOT fixed in 2.1.14-1
 CVE-2010-3379
 	RESERVED
-CVE-2010-3378 (The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in ...)
+CVE-2010-3378
 	- scilab 5.2.2-8 (bug #598423; bug #598422)
 	[lenny] - scilab <no-dsa> (Non-free not supported)
-CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) ...)
+CVE-2010-3377
 	- salome 5.1.3-11 (bug #598421)
-CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ...)
+CVE-2010-3376
 	- root-system 5.34.00-1 (bug #598420; bug #598419)
 	[lenny] - root-system <no-dsa> (minor issue)
 CVE-2010-3375
 	RESERVED
 	- qtparted 0.4.5-8 (low; bug #598301)
 	[lenny] - qtparted <no-dsa> (Minor issue)
-CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in the ...)
+CVE-2010-3374
 	- qtcreator 1.3.1-3 (bug #598300)
 CVE-2010-3373
 	RESERVED
 	- paxtest 1:0.9.9-1 (unimportant; bug #598413)
-CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced Resource ...)
+CVE-2010-3372
 	- nordugrid-arc-nox 1.1.0~rc6-2.1 (bug #606151)
 CVE-2010-3371
 	RESERVED
 CVE-2010-3370
 	RESERVED
-CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, ...)
+CVE-2010-3369
 	- mono-debugger 2.6.3-2.1 (low; bug #598299)
 	[lenny] - mono-debugger <no-dsa> (Minor issue)
 CVE-2010-3368
 	RESERVED
 CVE-2010-3367
 	RESERVED
-CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the ...)
+CVE-2010-3366
 	- mn-fit <removed> (bug #598298)
 	[lenny] - mn-fit <no-dsa> (Minor issue)
-CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the ...)
+CVE-2010-3365
 	- mistelix 0.31-2 (low; bug #598297)
-CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length directory ...)
+CVE-2010-3364
 	- vips 7.14.5-2 (unimportant; bug #598296)
 	NOTE: Scripts are not used for any real world scenarios
-CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in the ...)
+CVE-2010-3363
 	- roaraudio 0.3-2 (low; bug #598295)
 	[lenny] - roaraudio <no-dsa> (Minor issue)
-CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the ...)
+CVE-2010-3362
 	- lastfm 1:1.5.4.26862+dfsg-5 (low; bug #598294)
 	[lenny] - lastfm 1:1.5.1.31879.dfsg-1+lenny1
-CVE-2010-3361 (The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 ...)
+CVE-2010-3361
 	- ike 2.1.5+dfsg-2 (low; bug #598292)
 	[lenny] - ike <no-dsa> (Minor issue)
-CVE-2010-3360 (Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, ...)
+CVE-2010-3360
 	- hipo <removed> (bug #598291)
 	[lenny] - hipo <no-dsa> (Minor issue)
 CVE-2010-3359 [gargoyle: insecure library loading]
 	RESERVED
 	- gargoyle-free 2009-08-25-2
 	NOTE: http://groups.google.com/group/garglk-dev/browse_thread/thread/1c92ab6f24d5ebe6
-CVE-2010-3358 (HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in ...)
+CVE-2010-3358
 	- henplus <removed> (bug #598290)
-CVE-2010-3357 (gnome-subtitles 1.0 places a zero-length directory name in the ...)
+CVE-2010-3357
 	- gnome-subtitles 1.0-2 (low; bug #598289)
 	[lenny] - gnome-subtitles <no-dsa> (Minor issue)
 CVE-2010-3356
 	RESERVED
-CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
+CVE-2010-3355
 	- ember 0.5.7-1.1 (low; bug #598288)
-CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name in the ...)
+CVE-2010-3354
 	- dropbox 0.8.107-1 (low; bug #598287)
 	[lenny] - dropbox <no-dsa> (Non-free not supported)
-CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length directory name in the ...)
+CVE-2010-3353
 	- cowbell <not-affected> (See bug #598286)
 CVE-2010-3352
 	RESERVED
-CVE-2010-3351 (startBristol in Bristol 0.60.5 places a zero-length directory name in ...)
+CVE-2010-3351
 	- bristol 0.60.5-2 (bug #598285)
-CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
+CVE-2010-3350
 	- bareftp 0.3.4-1.1 (bug #598284)
-CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
+CVE-2010-3349
 	- ardour 1:2.8.11-2 (low; bug #598282)
-CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
+CVE-2010-3348
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3347
 	REJECTED
-CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+CVE-2010-3346
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2010-3345
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3344
 	REJECTED
-CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
+CVE-2010-3343
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
+CVE-2010-3342
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3341
 	REJECTED
-CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
+CVE-2010-3340
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3339
 	REJECTED
-CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, ...)
+CVE-2010-3338
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
+CVE-2010-3337
 	NOT-FOR-US: Microsoft Office 2007 SP2
-CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac ...)
+CVE-2010-3336
 	NOT-FOR-US: Microsoft Office XP SP3
-CVE-2010-3335 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
+CVE-2010-3335
 	NOT-FOR-US: Microsoft Office XP SP3
-CVE-2010-3334 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
+CVE-2010-3334
 	NOT-FOR-US: Microsoft Office XP SP3
-CVE-2010-3333 (Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 ...)
+CVE-2010-3333
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, ...)
+CVE-2010-3332
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+CVE-2010-3331
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly restrict ...)
+CVE-2010-3330
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3329 (mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote ...)
+CVE-2010-3329
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3328 (Use-after-free vulnerability in the CAttrArray::PrivateFind function ...)
+CVE-2010-3328
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3327 (The implementation of HTML content creation in Microsoft Internet ...)
+CVE-2010-3327
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
+CVE-2010-3326
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+CVE-2010-3325
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and the ...)
+CVE-2010-3324
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session ...)
+CVE-2010-3323
 	NOT-FOR-US: Splunk
-CVE-2010-3322 (The XML parser in Splunk 4.0.0 through 4.1.4 allows remote ...)
+CVE-2010-3322
 	NOT-FOR-US: Splunk
-CVE-2010-3321 (RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not ...)
+CVE-2010-3321
 	NOT-FOR-US: RSA Authentication Client
-CVE-2010-3320 (Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before ...)
+CVE-2010-3320
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3319 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a ...)
+CVE-2010-3319
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3318 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits ...)
+CVE-2010-3318
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3317 (Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) ...)
+CVE-2010-3317
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3316 (The run_coprocess function in pam_xauth.c in the pam_xauth module in ...)
+CVE-2010-3316
 	- pam 1.1.2-1 (unimportant; bug #599832)
 	NOTE: partial fix http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commitdiff;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
 	NOTE: Not exploitable with current kernels
-CVE-2010-3315 (authz.c in the mod_dav_svn module for the Apache HTTP Server, as ...)
+CVE-2010-3315
 	{DSA-2118-1}
 	- subversion 1.6.12dfsg-2 (low)
-CVE-2010-3314 (Cross-site scripting (XSS) vulnerability in login.php in EGroupware ...)
+CVE-2010-3314
 	{DSA-2013-1}
 	- egroupware <removed> (high; bug #573279)
 	[lenny] - egroupware 1.4.004-2.dfsg-4.2
-CVE-2010-3313 (phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php ...)
+CVE-2010-3313
 	{DSA-2013-1}
 	- egroupware <removed> (high; bug #573279)
 	[lenny] - egroupware 1.4.004-2.dfsg-4.2
-CVE-2010-3312 (Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, ...)
+CVE-2010-3312
 	- epiphany-browser 2.29.91-1 (bug #564690)
 	[lenny] - epiphany-browser <not-affected> (Introduced with the switch to webkit after Lenny release)
-CVE-2010-3311 (Integer overflow in base/ftstream.c in libXft (aka the X FreeType ...)
+CVE-2010-3311
 	{DSA-2116-1}
 	- freetype 2.4.0-1
 	NOTE: Only the 2.3.x series is affected
-CVE-2010-3310 (Multiple integer signedness errors in net/rose/af_rose.c in the Linux ...)
+CVE-2010-3310
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
 CVE-2010-3309
 	REJECTED
-CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in Openswan ...)
+CVE-2010-3308
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in ...)
+CVE-2010-3307
 	NOT-FOR-US: Free Simple CMS 1.0
 CVE-2010-3305 [pixel CSRF]
 	RESERVED
 	- pixelpost <removed> (bug #597224)
-CVE-2010-3304 (The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to ...)
+CVE-2010-3304
 	- dovecot 1.2.13-1
 	[lenny] - dovecot <not-affected> (only affects 1.2.x)
-CVE-2010-3303 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before ...)
+CVE-2010-3303
 	- mantis 1.1.8+dfsg-8 (bug #599710)
 	[lenny] - mantis 1.1.6+dfsg-2lenny3
-CVE-2010-3302 (Buffer overflow in programs/pluto/xauth.c in the client in Openswan ...)
+CVE-2010-3302
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3301 (The IA32 system call emulation functionality in ...)
+CVE-2010-3301
 	- linux-2.6 2.6.32-23
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27)
 CVE-2010-3300
@@ -5131,47 +5131,47 @@ CVE-2010-3299 [ruby on rails: padding oracle attack]
 	NOTE: http://seclists.org/oss-sec/2010/q3/415
 	NOTE: http://seclists.org/oss-sec/2010/q3/413
 	NOTE: http://usenix.org/events/woot10/tech/full_papers/Rizzo.pdf
-CVE-2010-3298 (The hso_get_count function in drivers/net/usb/hso.c in the Linux ...)
+CVE-2010-3298
 	- linux-2.6 2.6.32-24
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
-CVE-2010-3297 (The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel ...)
+CVE-2010-3297
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3296 (The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in ...)
+CVE-2010-3296
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
 CVE-2010-3295 [drivers/net/tulip/de4x5.c: reading uninitialized stack memory]
 	RESERVED
 	NOTE: assigned to linux-2.6, but claimed not a problem: http://www.openwall.com/lists/oss-security/2010/09/15/2
 	NOTE: will probably get rejected
-CVE-2010-3291 (Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x ...)
+CVE-2010-3291
 	NOT-FOR-US: HP AssetCenter
-CVE-2010-3290 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2010-3290
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3289 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
+CVE-2010-3289
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3288 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight ...)
+CVE-2010-3288
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3287 (Unspecified vulnerability on HP ProCurve Access Points, Access ...)
+CVE-2010-3287
 	NOT-FOR-US: HP ProCurve
-CVE-2010-3286 (Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and ...)
+CVE-2010-3286
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2010-3285
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2010-3284
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3283 (Open redirect vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2010-3283
 	NOT-FOR-US: HP System Management Homepage
 CVE-2010-3282
 	RESERVED
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2010-3281 (Stack-based buffer overflow in the HTTP proxy service in ...)
+CVE-2010-3281
 	NOT-FOR-US: Alcatel-Lucent OmniVista
-CVE-2010-3280 (The CCAgent option 9.0.8.4 and earlier in the management server (aka ...)
+CVE-2010-3280
 	NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center
-CVE-2010-3279 (The default configuration of the CCAgent option before 9.0.8.4 in the ...)
+CVE-2010-3279
 	NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center
-CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Alternative ...)
+CVE-2010-3294
 	- php-apc <unfixed> (unimportant)
 	NOTE: vulnerable script is, mainly, for debugging purposes
 	NOTE: and is distributed gzip-compressed
@@ -5185,244 +5185,244 @@ CVE-2010-3292 [mailscanner may use spoofed data]
 	[squeeze] - mailscanner <no-dsa> (Minor issue)
 CVE-2010-3278
 	REJECTED
-CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and ...)
+CVE-2010-3277
 	NOT-FOR-US: VMware Workstation
-CVE-2010-3276 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
+CVE-2010-3276
 	{DSA-2211-1}
 	- vlc 1.1.8-1
 	NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
-CVE-2010-3275 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
+CVE-2010-3275
 	{DSA-2211-1}
 	- vlc 1.1.8-1
 	NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
-CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-3274
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows ...)
+CVE-2010-3273
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ...)
+CVE-2010-3272
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3271 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2010-3271
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...)
+CVE-2010-3270
 	NOT-FOR-US: Cisco WebEx Meeting Center
-CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx Recording ...)
+CVE-2010-3269
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3268 (The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in ...)
+CVE-2010-3268
 	NOT-FOR-US: Symantec Antivirus
-CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...)
+CVE-2010-3267
 	NOT-FOR-US: BugTracker.NET
-CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET ...)
+CVE-2010-3266
 	NOT-FOR-US: BugTracker.NET
 CVE-2010-3265
 	RESERVED
-CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores ...)
+CVE-2010-3264
 	NOT-FOR-US: Novell Identity Manager
-CVE-2010-3263 (Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php ...)
+CVE-2010-3263
 	- phpmyadmin 4:3.3.7-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...)
+CVE-2010-3262
 	NOT-FOR-US: flock
-CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...)
+CVE-2010-3261
 	NOT-FOR-US: RSA Authentication Agent 7.0 for Web
-CVE-2010-3260 (oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server ...)
+CVE-2010-3260
 	NOT-FOR-US: Orbeon Forms
-CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, ...)
+CVE-2010-3259
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44399
 	NOTE: http://trac.webkit.org/changeset/65826
-CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 does not ...)
+CVE-2010-3258
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3257 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
+CVE-2010-3257
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/65748
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44226
-CVE-2010-3256 (Google Chrome before 6.0.472.53 does not properly limit the number of ...)
+CVE-2010-3256
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3255 (Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not ...)
+CVE-2010-3255
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43812
 	NOTE: http://trac.webkit.org/changeset/66052
-CVE-2010-3254 (The WebSockets implementation in Google Chrome before 6.0.472.53 does ...)
+CVE-2010-3254
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/65135
-CVE-2010-3253 (The implementation of notification permissions in Google Chrome before ...)
+CVE-2010-3253
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected> (notifications not yet used in webkit)
 	NOTE: http://trac.webkit.org/changeset/64647
 	NOTE: http://trac.webkit.org/changeset/64651
-CVE-2010-3252 (Use-after-free vulnerability in the Notifications presenter in Google ...)
+CVE-2010-3252
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected> (notifications not yet used in webkit)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43645
 	NOTE: http://trac.webkit.org/changeset/65742
-CVE-2010-3251 (The WebSockets implementation in Google Chrome before 6.0.472.53 ...)
+CVE-2010-3251
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3250 (Unspecified vulnerability in Google Chrome before 6.0.472.53 allows ...)
+CVE-2010-3250
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3249 (Google Chrome before 6.0.472.53 does not properly implement SVG ...)
+CVE-2010-3249
 	- chromium-browser 6.0.472.53~r57914-1
 	NOTE: http://trac.webkit.org/changeset/60541
-CVE-2010-3248 (Google Chrome before 6.0.472.53 does not properly restrict copying to ...)
+CVE-2010-3248
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/58703
-CVE-2010-3247 (Google Chrome before 6.0.472.53 does not properly restrict the ...)
+CVE-2010-3247
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3246 (Google Chrome before 6.0.472.53 does not properly handle the _blank ...)
+CVE-2010-3246
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected> (vulnerable code not present in 1.2.x series)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34541
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44969
 	NOTE: http://trac.webkit.org/changeset/66742
-CVE-2010-3245 (The automated-backup functionality in Blackboard Transact Suite ...)
+CVE-2010-3245
 	NOT-FOR-US: Blackboard Transact Suite
-CVE-2010-3244 (BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly ...)
+CVE-2010-3244
 	NOT-FOR-US: Blackboard Transact Suite
-CVE-2010-3306 (Directory traversal vulnerability in the modURL function in instance.c ...)
+CVE-2010-3306
 	- weborf 0.12.3-1 (bug #596112)
-CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML function ...)
+CVE-2010-3243
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+CVE-2010-3242
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+CVE-2010-3241
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office ...)
+CVE-2010-3240
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record ...)
+CVE-2010-3239
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does ...)
+CVE-2010-3238
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly ...)
+CVE-2010-3237
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+CVE-2010-3236
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
+CVE-2010-3235
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
+CVE-2010-3234
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate ...)
+CVE-2010-3233
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; ...)
+CVE-2010-3232
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+CVE-2010-3231
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers ...)
+CVE-2010-3230
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft ...)
+CVE-2010-3229
 	NOT-FOR-US: Microsoft OSes
-CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms ...)
+CVE-2010-3228
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method ...)
+CVE-2010-3227
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3226
 	REJECTED
-CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing ...)
+CVE-2010-3225
 	NOT-FOR-US: Microsoft Windows Vista
 CVE-2010-3224
 	REJECTED
-CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in Microsoft ...)
+CVE-2010-3223
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call Subsystem ...)
+CVE-2010-3222
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word ...)
+CVE-2010-3221
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 ...)
+CVE-2010-3220
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3219 (Array index vulnerability in Microsoft Word 2002 SP3 allows remote ...)
+CVE-2010-3219
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote ...)
+CVE-2010-3218
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3217 (Double free vulnerability in Microsoft Word 2002 SP3 allows remote ...)
+CVE-2010-3217
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers ...)
+CVE-2010-3216
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
+CVE-2010-3215
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 ...)
+CVE-2010-3214
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook ...)
+CVE-2010-3213
 	NOT-FOR-US: Microsoft Outlook Web Access
-CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier ...)
+CVE-2010-3212
 	NOT-FOR-US: Seagull
-CVE-2010-3211 (Multiple SQL injection vulnerabilities in the JE FAQ Pro ...)
+CVE-2010-3211
 	NOT-FOR-US: Joomla addon
-CVE-2010-3210 (Multiple PHP remote file inclusion vulnerabilities in Multi-lingual ...)
+CVE-2010-3210
 	NOT-FOR-US: Multi-lingual E-Commerce System
-CVE-2010-3209 (Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 ...)
+CVE-2010-3209
 	NOT-FOR-US: Seagull
-CVE-2010-3208 (Cross-site scripting (XSS) vulnerability in ajax.php in Wiccle Web ...)
+CVE-2010-3208
 	NOT-FOR-US: Wiccle Web Builder
-CVE-2010-3207 (SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when ...)
+CVE-2010-3207
 	NOT-FOR-US: GaleriaSHQIP
-CVE-2010-3206 (Multiple PHP remote file inclusion vulnerabilities in DiY-CMS 1.0 ...)
+CVE-2010-3206
 	NOT-FOR-US: DiY-CMS
-CVE-2010-3205 (PHP remote file inclusion vulnerability in index.php in Textpattern ...)
+CVE-2010-3205
 	- textpattern <removed>
 	[squeeze] - textpattern <no-dsa> (Minor issue)
-CVE-2010-3204 (Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 ...)
+CVE-2010-3204
 	NOT-FOR-US: Pecio CMS
-CVE-2010-3203 (Directory traversal vulnerability in the PicSell (com_picsell) ...)
+CVE-2010-3203
 	NOT-FOR-US: PicSell
-CVE-2010-3202 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 ...)
+CVE-2010-3202
 	NOT-FOR-US: flock
-CVE-2010-3201 (Cross-site scripting (XSS) vulnerability in NetWin Surgemail before ...)
+CVE-2010-3201
 	NOT-FOR-US: NetWin Surgemail
-CVE-2010-3200 (MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote ...)
+CVE-2010-3200
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3199 (Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 ...)
+CVE-2010-3199
 	NOT-FOR-US: TortoiseSVN
-CVE-2010-3198 (ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows ...)
+CVE-2010-3198
 	- zope2.10 <removed>
 	- zope2.11 <removed>
-CVE-2010-3197 (IBM DB2 9.7 before FP2 does not perform the expected access control on ...)
+CVE-2010-3197
 	NOT-FOR-US: IBM DB2
-CVE-2010-3196 (IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote ...)
+CVE-2010-3196
 	NOT-FOR-US: IBM DB2
-CVE-2010-3195 (Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, ...)
+CVE-2010-3195
 	NOT-FOR-US: IBM DB2
-CVE-2010-3194 (The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 ...)
+CVE-2010-3194
 	NOT-FOR-US: IBM DB2
-CVE-2010-3193 (Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before ...)
+CVE-2010-3193
 	NOT-FOR-US: IBM DB2
-CVE-2010-3192 (Certain run-time memory protection mechanisms in the GNU C Library ...)
+CVE-2010-3192
 	- eglibc <unfixed> (unimportant)
 	NOTE: Minor information leak
-CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and ...)
+CVE-2010-3191
 	NOT-FOR-US: Adobe Captivate
-CVE-2010-3190 (Untrusted search path vulnerability in the Microsoft Foundation Class ...)
+CVE-2010-3190
 	NOT-FOR-US: ATL MFC Trace Tool
-CVE-2010-3189 (The extSetOwner function in the UfProxyBrowserCtrl ActiveX control ...)
+CVE-2010-3189
 	NOT-FOR-US: Trend Micro Internet Security Pro
-CVE-2010-3188 (SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and ...)
+CVE-2010-3188
 	NOT-FOR-US: BugTracker.NET
-CVE-2010-3187 (Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote ...)
+CVE-2010-3187
 	NOT-FOR-US: IBM AIX
-CVE-2010-3186 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and ...)
+CVE-2010-3186
 	NOT-FOR-US: WebSphere
 CVE-2010-3185
 	RESERVED
 CVE-2010-3184
 	RESERVED
-CVE-2010-3183 (The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox ...)
+CVE-2010-3183
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.14-1
@@ -5433,13 +5433,13 @@ CVE-2010-3183 (The LookupGetterOrSetter function in js3250.dll in Mozilla Firefo
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (bug in optimization added later)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3182 (A certain application-launch script in Mozilla Firefox before 3.5.14 ...)
+CVE-2010-3182
 	- icedove 3.0.9-1
 	[lenny] - icedove <end-of-life>
 	- iceweasel <not-affected> (run-mozilla.sh not used)
-CVE-2010-3181 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 ...)
+CVE-2010-3181
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2010-3180 (Use-after-free vulnerability in the nsBarProp function in Mozilla ...)
+CVE-2010-3180
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5449,7 +5449,7 @@ CVE-2010-3180 (Use-after-free vulnerability in the nsBarProp function in Mozilla
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3179 (Stack-based buffer overflow in the text-rendering functionality in ...)
+CVE-2010-3179
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5459,7 +5459,7 @@ CVE-2010-3179 (Stack-based buffer overflow in the text-rendering functionality i
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3178 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird ...)
+CVE-2010-3178
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5469,7 +5469,7 @@ CVE-2010-3178 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbir
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3177 (Multiple cross-site scripting (XSS) vulnerabilities in the Gopher ...)
+CVE-2010-3177
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.14-1
@@ -5477,7 +5477,7 @@ CVE-2010-3177 (Multiple cross-site scripting (XSS) vulnerabilities in the Gopher
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3176 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-3176
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.14-1
@@ -5485,9 +5485,9 @@ CVE-2010-3176 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3175 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-3175
 	- iceweasel <not-affected> (Only affects Firefox 3.6, which is only in experimental)
-CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2010-3174
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5497,15 +5497,15 @@ CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3173 (The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x ...)
+CVE-2010-3173
 	{DSA-2123-1}
 	- nss 3.12.8-1
-CVE-2010-3172 (CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before ...)
+CVE-2010-3172
 	- bugzilla 3.6.3.0-1 (bug #602420; low)
 	[squeeze] - bugzilla 3.6.2.0-4.2
-CVE-2010-3171 (The Math.random function in the JavaScript implementation in Mozilla ...)
+CVE-2010-3171
 	NOTE: Will likely be rejected by MITRE
-CVE-2010-3170 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird ...)
+CVE-2010-3170
 	{DSA-2123-1}
 	- nss 3.12.8-1
 	- kde4libs 4:4.4.5-4 (low)
@@ -5514,7 +5514,7 @@ CVE-2010-3170 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbir
 	[lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
 	[squeeze] - kde4libs 4:4.4.5-2+squeeze2
 	[lenny] - kde4libs <no-dsa> (Minor issue)
-CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-3169
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -5524,7 +5524,7 @@ CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3168 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird ...)
+CVE-2010-3168
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -5534,7 +5534,7 @@ CVE-2010-3168 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3167 (The nsTreeContentView function in Mozilla Firefox before 3.5.12 and ...)
+CVE-2010-3167
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -5544,7 +5544,7 @@ CVE-2010-3167 (The nsTreeContentView function in Mozilla Firefox before 3.5.12 a
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3166 (Heap-based buffer overflow in the nsTextFrameUtils::TransformText ...)
+CVE-2010-3166
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -5554,98 +5554,98 @@ CVE-2010-3166 (Heap-based buffer overflow in the nsTextFrameUtils::TransformText
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3165 (Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and ...)
+CVE-2010-3165
 	NOT-FOR-US: Yokka NoEditor and others
-CVE-2010-3164 (Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and ...)
+CVE-2010-3164
 	NOT-FOR-US: Fenrir Sleipnir, Grani
-CVE-2010-3163 (Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 ...)
+CVE-2010-3163
 	NOT-FOR-US: Fenrir Sleipnir, Grani
-CVE-2010-3162 (Untrusted search path vulnerability in Apsaly before 3.74 allows local ...)
+CVE-2010-3162
 	NOT-FOR-US: Apsaly
-CVE-2010-3161 (Untrusted search path vulnerability in TeraPad before 1.00 allows ...)
+CVE-2010-3161
 	NOT-FOR-US: TeraPad
-CVE-2010-3160 (Untrusted search path vulnerability in Archive Decoder 1.23 and ...)
+CVE-2010-3160
 	NOT-FOR-US: Archive Decoder
-CVE-2010-3159 (Untrusted search path vulnerability in Explzh 5.67 and earlier allows ...)
+CVE-2010-3159
 	NOT-FOR-US: Explzh
-CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
+CVE-2010-3158
 	NOT-FOR-US: Lhaplus
-CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows ...)
+CVE-2010-3157
 	NOT-FOR-US: XacRett
-CVE-2010-3156 (Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows ...)
+CVE-2010-3156
 	NOT-FOR-US: K2Editor
-CVE-2010-3133 (Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 ...)
+CVE-2010-3133
 	- wireshark <not-affected> (Only affects Windows port)
-CVE-2010-3131 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 ...)
+CVE-2010-3131
 	- xulrunner <not-affected> (Only affects Windows port)
 	- iceweasel <not-affected> (Only affects Windows port)
 CVE-2010-3123
 	RESERVED
-CVE-2010-3155 (Untrusted search path vulnerability in Adobe ExtendScript Toolkit ...)
+CVE-2010-3155
 	NOT-FOR-US: Adobe ExtendedScript Toolkit
-CVE-2010-3154 (Untrusted search path vulnerability in Adobe Extension Manager CS5 ...)
+CVE-2010-3154
 	NOT-FOR-US: Adobe Extension Manager
-CVE-2010-3153 (Untrusted search path vulnerability in Adobe InDesign CS4 6.0, ...)
+CVE-2010-3153
 	NOT-FOR-US: Adobe InDesign
-CVE-2010-3152 (Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, ...)
+CVE-2010-3152
 	NOT-FOR-US: Adobe Illustrator
-CVE-2010-3151 (Untrusted search path vulnerability in Adobe On Location CS4 Build 315 ...)
+CVE-2010-3151
 	NOT-FOR-US: Adobe On Location
-CVE-2010-3150 (Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 ...)
+CVE-2010-3150
 	NOT-FOR-US: Adobe Premier Pro
-CVE-2010-3149 (Untrusted search path vulnerability in Adobe Device Central CS5 ...)
+CVE-2010-3149
 	NOT-FOR-US: Adobe Device Central
-CVE-2010-3148 (Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows ...)
+CVE-2010-3148
 	NOT-FOR-US: Microsoft Visio
-CVE-2010-3147 (Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in ...)
+CVE-2010-3147
 	NOT-FOR-US: Microsoft Address Book
-CVE-2010-3146 (Multiple untrusted search path vulnerabilities in Microsoft Groove ...)
+CVE-2010-3146
 	NOT-FOR-US: Microsoft Office Groove
-CVE-2010-3145 (Untrusted search path vulnerability in the BitLocker Drive Encryption ...)
+CVE-2010-3145
 	NOT-FOR-US: Microsoft Vista BitLocker
-CVE-2010-3144 (Untrusted search path vulnerability in the Internet Connection Signup ...)
+CVE-2010-3144
 	NOT-FOR-US: Microsoft Internet Connection Signup Wizard
-CVE-2010-3143 (Untrusted search path vulnerability in Microsoft Windows Contacts ...)
+CVE-2010-3143
 	NOT-FOR-US: Microsoft Windows Contacts
-CVE-2010-3142 (Untrusted search path vulnerability in Microsoft Office PowerPoint ...)
+CVE-2010-3142
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-3141 (Untrusted search path vulnerability in Microsoft PowerPoint 2010 ...)
+CVE-2010-3141
 	NOT-FOR-US: Microsoft Power Point
-CVE-2010-3140 (Untrusted search path vulnerability in Microsoft Windows Internet ...)
+CVE-2010-3140
 	NOT-FOR-US: Microsoft Windows Internet Communication Settings
-CVE-2010-3139 (Untrusted search path vulnerability in Microsoft Windows Progman Group ...)
+CVE-2010-3139
 	NOT-FOR-US: Microsoft Windows Progman Group Converter
-CVE-2010-3138 (Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax ...)
+CVE-2010-3138
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-3137 (Untrusted search path vulnerability in Nullsoft Winamp 5.581, and ...)
+CVE-2010-3137
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2010-3136 (Untrusted search path vulnerability in Skype 4.2.0.169 and earlier ...)
+CVE-2010-3136
 	NOT-FOR-US: Skype
-CVE-2010-3135 (Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows ...)
+CVE-2010-3135
 	NOT-FOR-US: Cisco Packet Tracer
-CVE-2010-3134 (Untrusted search path vulnerability in Google Earth 5.1.3535.3218 ...)
+CVE-2010-3134
 	NOT-FOR-US: Google Earth
-CVE-2010-3132 (Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 ...)
+CVE-2010-3132
 	NOT-FOR-US: Adobe Dreamweaver
-CVE-2010-3130 (Untrusted search path vulnerability in TechSmith Snagit 10 (Build 788) ...)
+CVE-2010-3130
 	NOT-FOR-US: TechSmith Snagit
-CVE-2010-3129 (Untrusted search path vulnerability in uTorrent 2.0.3 and earlier ...)
+CVE-2010-3129
 	NOT-FOR-US: uTorrent
-CVE-2010-3128 (Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier ...)
+CVE-2010-3128
 	NOT-FOR-US: TeamViewer
-CVE-2010-3127 (Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 ...)
+CVE-2010-3127
 	NOT-FOR-US: Adobe PhotoShop
-CVE-2010-3126 (Untrusted search path vulnerability in avast! Free Antivirus version ...)
+CVE-2010-3126
 	NOT-FOR-US: avast! Free Antivirus version
-CVE-2010-3125 (Untrusted search path vulnerability in TeamMate Audit Management ...)
+CVE-2010-3125
 	NOT-FOR-US: TeamMate Audit Management Software Suite
-CVE-2010-3122 (The DevonIT thin-client management tool relies on a shared secret for ...)
+CVE-2010-3122
 	NOT-FOR-US: DevonIT thin-client management tool
-CVE-2010-3121 (Buffer overflow in tm-console-bin in the DevonIT thin-client ...)
+CVE-2010-3121
 	NOT-FOR-US: DevonIT thin-client management tool
-CVE-2010-3124 (Untrusted search path vulnerability in bin/winvlc.c in VLC Media ...)
+CVE-2010-3124
 	- vlc <not-affected> (Windows specific vulnerability)
-CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the ...)
+CVE-2010-3120
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
@@ -5654,19 +5654,19 @@ CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44096
 	NOTE: http://trac.webkit.org/changeset/65329
 	NOTE: http://trac.webkit.org/changeset/65325
-CVE-2010-3119 (Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not ...)
+CVE-2010-3119
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43795
 	NOTE: http://trac.webkit.org/changeset/65090
-CVE-2010-3118 (The autosuggest feature in the Omnibox implementation in Google Chrome ...)
+CVE-2010-3118
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit <not-affected> (chromium specific)
-CVE-2010-3117 (Google Chrome before 5.0.375.127 does not properly implement the ...)
+CVE-2010-3117
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit <not-affected> (chromium specific)
-CVE-2010-3116 (Multiple use-after-free vulnerabilities in WebKit, as used in Apple ...)
+CVE-2010-3116
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
@@ -5674,188 +5674,188 @@ CVE-2010-3116 (Multiple use-after-free vulnerabilities in WebKit, as used in App
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43147
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43888
 	NOTE: http://trac.webkit.org/changeset/65280 vulnerable code not present in 1.2 series
-CVE-2010-3115 (Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not ...)
+CVE-2010-3115
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: http://trac.webkit.org/changeset/63925
 	NOTE: http://trac.webkit.org/changeset/64077
 	NOTE: only partially fixed: only 64077 applied in 1.2.4-1
-CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.127, ...)
+CVE-2010-3114
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=42655
 	NOTE: http://trac.webkit.org/changeset/63773
-CVE-2010-3113 (Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not ...)
+CVE-2010-3113
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=42659
 	NOTE: http://trac.webkit.org/changeset/63865
-CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement file ...)
+CVE-2010-3112
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 5.0.375.127~r55887-1
-CVE-2010-3111 (Google Chrome before 6.0.472.53 does not properly mitigate an ...)
+CVE-2010-3111
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit <not-affected> (chromium specific)
-CVE-2010-3110 (Multiple buffer overflows in the Novell Client novfs module for the ...)
+CVE-2010-3110
 	NOT-FOR-US: novfs kernel module (only included in SUSE it seems)
-CVE-2010-2948 (Stack-based buffer overflow in the bgp_route_refresh_receive function ...)
+CVE-2010-2948
 	{DSA-2104-1}
 	- quagga 0.99.17-1 (bug #594262)
-CVE-2010-2949 (bgpd in Quagga before 0.99.17 does not properly parse AS paths, which ...)
+CVE-2010-2949
 	{DSA-2104-1}
 	- quagga 0.99.17-1 (bug #594262)
-CVE-2010-3109 (Stack-based buffer overflow in the browser plugin in Novell iPrint ...)
+CVE-2010-3109
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3108 (Buffer overflow in the browser plugin in Novell iPrint Client before ...)
+CVE-2010-3108
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3107 (A certain ActiveX control in ienipp.ocx in the browser plugin in ...)
+CVE-2010-3107
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3106 (The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint ...)
+CVE-2010-3106
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3105 (The PluginGetDriverFile function in Novell iPrint Client before 5.44 ...)
+CVE-2010-3105
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3104 (Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, ...)
+CVE-2010-3104
 	NOT-FOR-US: DeskShare AutoFTP Manager
-CVE-2010-3103 (Directory traversal vulnerability in FTPGetter Team FTPGetter ...)
+CVE-2010-3103
 	NOT-FOR-US: FTPGetter
-CVE-2010-3102 (Directory traversal vulnerability in SiteDesigner Technologies, Inc. ...)
+CVE-2010-3102
 	NOT-FOR-US: SiteDesigner Technologies
-CVE-2010-3101 (Directory traversal vulnerability in FTPx Corp FTP Explorer 10.5.19.1 ...)
+CVE-2010-3101
 	NOT-FOR-US: FTPx Corp FTP Explorer
-CVE-2010-3100 (Directory traversal vulnerability in Porta+ FTP Client 4.1, and ...)
+CVE-2010-3100
 	NOT-FOR-US: Porta+ FTP Client
-CVE-2010-3099 (Directory traversal vulnerability in SmartSoft Ltd SmartFTP Client ...)
+CVE-2010-3099
 	NOT-FOR-US: SmartSoft Ltd SmartFTP
-CVE-2010-3098 (Directory traversal vulnerability in IoRush Software FTP Rush 1.1.3 ...)
+CVE-2010-3098
 	NOT-FOR-US: IoRush Software FTP Rush
-CVE-2010-3097 (Directory traversal vulnerability in WinFrigate Frigate 3 FTP client ...)
+CVE-2010-3097
 	NOT-FOR-US: WinFrigate Frigate 3 FTP
-CVE-2010-3096 (Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly ...)
+CVE-2010-3096
 	NOT-FOR-US: SoftX FTP Client 3.3
 CVE-2010-3095 [mailscanner incomplete fix for CVE-2008-5313]
 	RESERVED
 	- mailscanner 4.79.11-2.1 (bug #596403)
-CVE-2010-3094 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x ...)
+CVE-2010-3094
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3093 (The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 ...)
+CVE-2010-3093
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3092 (The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does ...)
+CVE-2010-3092
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3091 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
+CVE-2010-3091
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
 CVE-2010-3090
 	REJECTED
-CVE-2010-3089 (Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman ...)
+CVE-2010-3089
 	{DSA-2170-1}
 	- mailman 1:2.1.13-4.1 (bug #599833)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id={631881,631859}
-CVE-2010-3088 (The notify function in pidgin-knotify.c in the pidgin-knotify plugin ...)
+CVE-2010-3088
 	NOT-FOR-US: Knotify plugin for Pidgin
-CVE-2010-3087 (LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote ...)
+CVE-2010-3087
 	- tiff 3.9.4-5 (bug #600188)
 	- tiff3 <not-affected> (fixed before initial upload)
 	[lenny] - tiff <not-affected> (Vulnerable code not present)
-CVE-2010-3086 (include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not ...)
+CVE-2010-3086
 	- linux-2.6 2.6.25-1
-CVE-2010-3085 (The network-play implementation in Mednafen before 0.8.D might allow ...)
+CVE-2010-3085
 	- mednafen 0.8.D-1 (unimportant)
 	NOTE: Extremely obscure attack vector, marking as unimportant
-CVE-2010-3084 (Buffer overflow in the niu_get_ethtool_tcam_all function in ...)
+CVE-2010-3084
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.30)
-CVE-2010-3083 (sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat ...)
+CVE-2010-3083
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
-CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 ...)
+CVE-2010-3082
 	- python-django 1.2.3-1 (low; bug #596205)
 	NOTE: http://www.djangoproject.com/weblog/2010/sep/08/security-release/
-CVE-2010-3081 (The compat_alloc_user_space functions in include/asm/compat.h files in ...)
+CVE-2010-3081
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-23 (high)
-CVE-2010-3080 (Double free vulnerability in the snd_seq_oss_open function in ...)
+CVE-2010-3080
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3079 (kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when ...)
+CVE-2010-3079
 	- linux-2.6 2.6.32-24
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2010-3078 (The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the ...)
+CVE-2010-3078
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3077 (Cross-site scripting (XSS) vulnerability in util/icon_browser.php in ...)
+CVE-2010-3077
 	{DSA-2278-1}
 	- horde3 3.3.8+debian0-2 (bug #598582)
 	NOTE: http://seclists.org/fulldisclosure/2010/Sep/82
-CVE-2010-3076 (The filter function in php/src/include.php in Simple Management for ...)
+CVE-2010-3076
 	{DSA-2103-1}
 	- smbind 0.4.7-5 (high)
 	NOTE: http://packetstormsecurity.org/1009-exploits/smbind-sql.txt
-CVE-2010-3075 (EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher ...)
+CVE-2010-3075
 	- encfs 1.7.2-1 (bug #595998)
 	[lenny] - encfs <no-dsa> (Not backportable, breaks backwards-compatibility)
-CVE-2010-3074 (SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of ...)
+CVE-2010-3074
 	- encfs 1.7.2-1 (bug #595998)
 	[lenny] - encfs <no-dsa> (Minor issue)
-CVE-2010-3073 (SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer ...)
+CVE-2010-3073
 	- encfs 1.7.2-1 (bug #595998)
 	[lenny] - encfs <no-dsa> (Minor issue)
-CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x before ...)
+CVE-2010-3072
 	{DSA-2111-1}
 	- squid3 3.1.6-1.1 (bug #596086; low)
 	- squid <not-affected> (Only affects 3.x)
-CVE-2010-3071 (bip before 0.8.6 allows remote attackers to cause a denial of service ...)
+CVE-2010-3071
 	- bip 0.8.6-1 (low; bug #595409)
 	[lenny] - bip <not-affected> (vulnerable code ('LINK(lc)->name') not in 0.7.4-2)
 	[squeeze] - bip 0.8.2-1squeeze2
-CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in ...)
+CVE-2010-3070
 	- nusoap 0.7.3-4 (low; bug #595248)
-CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse ...)
+CVE-2010-3069
 	{DSA-2109-1}
 	- samba 2:3.5.5~dfsg-1 (bug #596891)
 CVE-2010-3068
 	REJECTED
-CVE-2010-3067 (Integer overflow in the do_io_submit function in fs/aio.c in the Linux ...)
+CVE-2010-3067
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3066 (The io_submit_one function in fs/aio.c in the Linux kernel before ...)
+CVE-2010-3066
 	- linux-2.6 2.6.23-1
-CVE-2010-3064 (Stack-based buffer overflow in the php_mysqlnd_auth_write function in ...)
+CVE-2010-3064
 	- php5 <removed> (unimportant)
 	NOTE: mysqlnd not used in squeeze/sid
-CVE-2010-3063 (The php_mysqlnd_read_error_from_line function in the Mysqlnd extension ...)
+CVE-2010-3063
 	- php5 <removed> (unimportant)
 	NOTE: mysqlnd not used in squeeze/sid
-CVE-2010-3062 (mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through ...)
+CVE-2010-3062
 	- php5 <removed> (unimportant)
 	NOTE: mysqlnd not used in squeeze/sid
-CVE-2010-3061 (Unspecified vulnerability in the message-protocol implementation in ...)
+CVE-2010-3061
 	NOT-FOR-US: Tivoli
-CVE-2010-3060 (Unspecified vulnerability in the message-protocol implementation in ...)
+CVE-2010-3060
 	NOT-FOR-US: Tivoli
-CVE-2010-3059 (Buffer overflow in the message-protocol implementation in the Server ...)
+CVE-2010-3059
 	NOT-FOR-US: Tivoli
-CVE-2010-3058 (The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x ...)
+CVE-2010-3058
 	NOT-FOR-US: Tivoli
-CVE-2010-3065 (The default session serializer in PHP 5.2 through 5.2.13 and 5.3 ...)
+CVE-2010-3065
 	{DSA-2089-1}
 	- php5 5.3.3-1
 CVE-2010-3057
 	RESERVED
-CVE-2010-3054 (Unspecified vulnerability in FreeType 2.3.9, and other versions before ...)
+CVE-2010-3054
 	- freetype 2.4.2-1 (unimportant)
-CVE-2010-3053 (bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause ...)
+CVE-2010-3053
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-3056 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2010-3056
 	{DSA-2097-2 DSA-2097-1}
 	- phpmyadmin 4:3.3.5.1-1
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php
-CVE-2010-3055 (The configuration setup script (aka scripts/setup.php) in phpMyAdmin ...)
+CVE-2010-3055
 	{DSA-2097-2 DSA-2097-1}
 	- phpmyadmin 4:3.0.0
 	NOTE: Affects only 2.x branch
@@ -5863,9 +5863,9 @@ CVE-2010-3052
 	RESERVED
 CVE-2010-3051
 	RESERVED
-CVE-2010-3050 (Cisco IOS before 12.2(33)SXI allows remote authenticated users to ...)
+CVE-2010-3050
 	NOT-FOR-US: Cisco
-CVE-2010-3049 (Cisco IOS before 12.2(33)SXI allows local users to cause a denial of ...)
+CVE-2010-3049
 	NOT-FOR-US: Cisco
 CVE-2010-3048
 	RESERVED
@@ -5875,357 +5875,357 @@ CVE-2010-3046
 	RESERVED
 CVE-2010-3045
 	RESERVED
-CVE-2010-3044 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2010-3044
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3043 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2010-3043
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3042 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2010-3042
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3041 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2010-3041
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
+CVE-2010-3040
 	NOT-FOR-US: Cisco Intelligent Contact Manager
-CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications ...)
+CVE-2010-3039
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
+CVE-2010-3038
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing ...)
+CVE-2010-3037
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the ...)
+CVE-2010-3036
 	NOT-FOR-US: Cisco
-CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not ...)
+CVE-2010-3035
 	NOT-FOR-US: Cisco IOS XR
-CVE-2010-3034 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or ...)
+CVE-2010-3034
 	NOT-FOR-US: Cisco
-CVE-2010-3033 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through ...)
+CVE-2010-3033
 	NOT-FOR-US: Cisco
-CVE-2010-3032 (Integer overflow in the OBGIOPServerWorker::extractHeader function in ...)
+CVE-2010-3032
 	NOT-FOR-US: SAP Crystal Reports 2008
-CVE-2010-3031 (Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other ...)
+CVE-2010-3031
 	NOT-FOR-US: Wyse ThinOS
-CVE-2010-3030 (Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open ...)
+CVE-2010-3030
 	NOT-FOR-US: Tomaz Muraus Open Blog
-CVE-2010-3029 (SQL injection vulnerability in statistics.php in PHPKick 0.8 allows ...)
+CVE-2010-3029
 	NOT-FOR-US: PHPKick
-CVE-2010-3028 (The Aardvertiser component before 2.2.1 for Joomla! uses insecure ...)
+CVE-2010-3028
 	NOT-FOR-US: Joomla!
-CVE-2010-3027 (SQL injection vulnerability in index.php in Tycoon Baseball Script ...)
+CVE-2010-3027
 	NOT-FOR-US: Tycoon Baseball Script
-CVE-2010-3026 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2010-3026
 	NOT-FOR-US: Tomaz Muraus Open Blog
-CVE-2010-3025 (Multiple cross-site scripting (XSS) vulnerabilities in Tomaz Muraus ...)
+CVE-2010-3025
 	NOT-FOR-US: Tomaz Muraus Open Blog
-CVE-2010-3024 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2010-3024
 	NOT-FOR-US: DiamondList
-CVE-2010-3023 (Multiple cross-site scripting (XSS) vulnerabilities in DiamondList ...)
+CVE-2010-3023
 	NOT-FOR-US: DiamondList
-CVE-2010-3022 (Cross-site scripting (XSS) vulnerability in the Performance logging ...)
+CVE-2010-3022
 	NOT-FOR-US: Drupal Addon
-CVE-2010-3021 (Unspecified vulnerability in Opera before 10.61 allows remote ...)
+CVE-2010-3021
 	NOT-FOR-US: Opera
-CVE-2010-3020 (The news-feed preview feature in Opera before 10.61 does not properly ...)
+CVE-2010-3020
 	NOT-FOR-US: Opera
-CVE-2010-3019 (Heap-based buffer overflow in Opera before 10.61 allows remote ...)
+CVE-2010-3019
 	NOT-FOR-US: Opera
-CVE-2010-3018 (RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before ...)
+CVE-2010-3018
 	NOT-FOR-US: RSA Access Manager
-CVE-2010-3017 (Unspecified vulnerability in RSA Access Manager Agent 4.7.1 before ...)
+CVE-2010-3017
 	NOT-FOR-US: RSA Access Manager
 CVE-2010-3016
 	REJECTED
-CVE-2010-3013 (SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 ...)
+CVE-2010-3013
 	NOT-FOR-US: Pligg
-CVE-2010-3012 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2010-3012
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3011 (CRLF injection vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2010-3011
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3010 (Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect ...)
+CVE-2010-3010
 	NOT-FOR-US: HP 3Com OfficeConnect
-CVE-2010-3009 (Unspecified vulnerability in HP System Management Homepage (SMH) for ...)
+CVE-2010-3009
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3008 (Unspecified vulnerability in HP Data Protector Express, and Data ...)
+CVE-2010-3008
 	NOT-FOR-US: HP Data Protector Express
-CVE-2010-3007 (Unspecified vulnerability in HP Data Protector Express, and Data ...)
+CVE-2010-3007
 	NOT-FOR-US: HP Data Protector Express
-CVE-2010-3006 (Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote ...)
+CVE-2010-3006
 	NOT-FOR-US: HP ProLiant G6 Lights-Out
-CVE-2010-3005 (Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on ...)
+CVE-2010-3005
 	NOT-FOR-US: HP Operations Agents
-CVE-2010-3004 (Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on ...)
+CVE-2010-3004
 	NOT-FOR-US: HP Operations Agents
-CVE-2010-3003 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics ...)
+CVE-2010-3003
 	NOT-FOR-US: HP Insight Diagnostics Online Edition
-CVE-2010-3002 (Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 ...)
+CVE-2010-3002
 	NOT-FOR-US: RealPlayer
-CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet ...)
+CVE-2010-3001
 	NOT-FOR-US: Internet Explorer
-CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
+CVE-2010-3000
 	NOT-FOR-US: RealPlayer
-CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
+CVE-2010-2999
 	NOT-FOR-US: RealPlayer
-CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...)
+CVE-2010-2998
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-2997
 	NOT-FOR-US: RealPlayer
-CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...)
+CVE-2010-2996
 	NOT-FOR-US: RealPlayer
-CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client ...)
+CVE-2010-2991
 	NOT-FOR-US: Citrix ICA Client
-CVE-2010-2990 (Citrix Online Plug-in for Windows for XenApp &amp; XenDesktop before 11.2, ...)
+CVE-2010-2990
 	NOT-FOR-US: Citrix ICA Client
-CVE-2010-2989 (nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for ...)
+CVE-2010-2989
 	NOT-FOR-US: Nessus
-CVE-2010-2988 (Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless ...)
+CVE-2010-2988
 	NOT-FOR-US: Cisco
-CVE-2010-2987 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless ...)
+CVE-2010-2987
 	NOT-FOR-US: Cisco
-CVE-2010-2986 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-2986
 	NOT-FOR-US: Cisco
-CVE-2010-2985 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere ...)
+CVE-2010-2985
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-2984 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on ...)
+CVE-2010-2984
 	NOT-FOR-US: Cisco
-CVE-2010-2983 (The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless ...)
+CVE-2010-2983
 	NOT-FOR-US: Cisco
-CVE-2010-2982 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 ...)
+CVE-2010-2982
 	NOT-FOR-US: Cisco
-CVE-2010-2981 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 ...)
+CVE-2010-2981
 	NOT-FOR-US: Cisco
-CVE-2010-2980 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on ...)
+CVE-2010-2980
 	NOT-FOR-US: Cisco
-CVE-2010-2979 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on ...)
+CVE-2010-2979
 	NOT-FOR-US: Cisco
-CVE-2010-2978 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does ...)
+CVE-2010-2978
 	NOT-FOR-US: Cisco
-CVE-2010-2977 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does ...)
+CVE-2010-2977
 	NOT-FOR-US: Cisco
-CVE-2010-2976 (The controller in Cisco Unified Wireless Network (UWN) Solution 7.x ...)
+CVE-2010-2976
 	NOT-FOR-US: Cisco
-CVE-2010-2975 (Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 ...)
+CVE-2010-2975
 	NOT-FOR-US: Cisco
-CVE-2010-2974 (Stack-based buffer overflow in the IConfigurationAccess interface in ...)
+CVE-2010-2974
 	NOT-FOR-US: Wonderware Application Server
-CVE-2010-2973 (Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone ...)
+CVE-2010-2973
 	NOT-FOR-US: Apple
 CVE-2010-2972
 	REJECTED
-CVE-2010-3014 (The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when ...)
+CVE-2010-3014
 	- kfreebsd-7 <unfixed>
 	- kfreebsd-8 8.1-5
 	- kfreebsd-9 <not-affected> (fixed prior to first upload)
 	- kfreebsd-10 <not-affected> (fixed prior to first upload)
-CVE-2010-3015 (Integer overflow in the ext4_ext_get_blocks function in ...)
+CVE-2010-3015
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-22
-CVE-2010-2995 (The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark ...)
+CVE-2010-2995
 	{DSA-2101-1}
 	- wireshark 1.2.10-1
-CVE-2010-2992 (packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through ...)
+CVE-2010-2992
 	- wireshark 1.2.10-1
 	[lenny] - wireshark <not-affected> (Only affects 1.2.x)
-CVE-2010-2994 (Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark ...)
+CVE-2010-2994
 	{DSA-2101-1}
 	- wireshark 1.2.10-1
-CVE-2010-2993 (The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote ...)
+CVE-2010-2993
 	- wireshark 1.2.10-1
 	[lenny] - wireshark <not-affected> (Only affects 1.2.x)
-CVE-2010-2971 (loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly ...)
+CVE-2010-2971
 	{DSA-2081-1}
 	- libmikmod 3.1.11-6.3
-CVE-2010-2970 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x ...)
+CVE-2010-2970
 	- moin 1.9.3-1 (low)
-CVE-2010-2969 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ...)
+CVE-2010-2969
 	- moin 1.9.3-1
-CVE-2010-2968 (The FTP daemon in Wind River VxWorks does not close the TCP connection ...)
+CVE-2010-2968
 	NOT-FOR-US: vxworks
-CVE-2010-2967 (The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks ...)
+CVE-2010-2967
 	NOT-FOR-US: vxworks
-CVE-2010-2966 (The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and ...)
+CVE-2010-2966
 	NOT-FOR-US: vxworks
-CVE-2010-2965 (The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and ...)
+CVE-2010-2965
 	NOT-FOR-US: vxworks
 CVE-2010-2964
 	RESERVED
-CVE-2010-2963 (drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) ...)
+CVE-2010-2963
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-26
-CVE-2010-2962 (drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager ...)
+CVE-2010-2962
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-2961 (mountall.c in mountall before 2.15.2 uses 0666 permissions for the ...)
+CVE-2010-2961
 	NOT-FOR-US: mountall
-CVE-2010-2960 (The keyctl_session_to_parent function in security/keys/keyctl.c in the ...)
+CVE-2010-2960
 	- linux-2.6 2.6.32-23
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.32)
-CVE-2010-2959 (Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) ...)
+CVE-2010-2959
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-20
-CVE-2010-2958 (Cross-site scripting (XSS) vulnerability in libraries/Error.class.php ...)
+CVE-2010-2958
 	- phpmyadmin 4:3.3.6-1
 	[lenny] - phpmyadmin <not-affected> (only affects 3.x)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php
-CVE-2010-2957 (Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, ...)
+CVE-2010-2957
 	- serendipity 1.5.3-2 (bug #594905)
-CVE-2010-2956 (Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not ...)
+CVE-2010-2956
 	- sudo 1.7.4p4-1 (bug #595935)
 	[lenny] - sudo <not-affected> (Only affects 1.7.x)
 	NOTE: http://www.sudo.ws/sudo/alerts/runas_group.html
-CVE-2010-2955 (The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in ...)
+CVE-2010-2955
 	- linux-2.6 2.6.32-23
-CVE-2010-2954 (The irda_bind function in net/irda/af_irda.c in the Linux kernel ...)
+CVE-2010-2954
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-22
-CVE-2010-2953 (Untrusted search path vulnerability in a certain Debian GNU/Linux ...)
+CVE-2010-2953
 	{DSA-2107-1}
 	- couchdb 0.11.0-1 (low; bug #594412)
-CVE-2010-2952 (Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, ...)
+CVE-2010-2952
 	- trafficserver <not-affected> (Fixed before initial release)
-CVE-2010-2951 (dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not ...)
+CVE-2010-2951
 	- squid3 3.1.6-1.2 (bug #599709)
 	[lenny] - squid3 <not-affected> (vulnerable code introduced in 3.1.6)
 	NOTE: http://marc.info/?l=squid-users&m=128263555724981&w=2
-CVE-2010-2950 (Format string vulnerability in stream.c in the phar extension in PHP ...)
+CVE-2010-2950
 	- php5 5.3.3-2 (low)
 	[lenny] - php5 <not-affected> (phar extension introduced in 5.3)
-CVE-2010-2947 (Heap-based buffer overflow in the HX_split function in string.c in ...)
+CVE-2010-2947
 	- libhx 3.5-2 (low; bug #594393)
 	[lenny] - libhx <no-dsa> (Minor issue, asked maintainer to fix through spu)
-CVE-2010-2946 (fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly ...)
+CVE-2010-2946
 	- linux-2.6 2.6.32-21
 	[lenny] - linux-2.6 2.6.26-25
-CVE-2010-2945 (The default configuration of SLiM before 1.3.2 places ./ (dot slash) ...)
+CVE-2010-2945
 	- slim 1.3.1-7 (low; bug #594414)
 	[lenny] - slim 1.3.0-1+lenny3
-CVE-2010-2944 (The authenticate function in LDAPUserFolder/LDAPUserFolder.py in ...)
+CVE-2010-2944
 	{DSA-2096-1}
 	- zope-ldapuserfolder <removed> (high; bug #593466)
-CVE-2010-2943 (The xfs implementation in the Linux kernel before 2.6.35 does not look ...)
+CVE-2010-2943
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 	[lenny] - linux-2.6 <not-affected> (test case fails on 2.6.26)
-CVE-2010-2942 (The actions implementation in the network queueing functionality in ...)
+CVE-2010-2942
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 2.6.26-25
-CVE-2010-2941 (ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate ...)
+CVE-2010-2941
 	{DSA-2176-1}
 	- cups 1.4.4-7 (bug #603344)
-CVE-2010-2940 (The auth_send function in providers/ldap/ldap_auth.c in System ...)
+CVE-2010-2940
 	- sssd 1.2.1-4 (bug #594413)
-CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function in the ...)
+CVE-2010-2939
 	{DSA-2100-1}
 	- openssl 0.9.8o-2 (low; bug #594415)
-CVE-2010-2938 (arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure ...)
+CVE-2010-2938
 	- linux-2.6 <not-affected> (affected code not present in any of the released kernels; only affects xen package itself)
 	- xen 4.0.1-1
 	NOTE: probably fixed well before this version, but this is the one i checked and its fixed
-CVE-2010-2937 (The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in ...)
+CVE-2010-2937
 	- vlc 1.1.3-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
-CVE-2010-2936 (Integer overflow in simpress.bin in the Impress module in ...)
+CVE-2010-2936
 	{DSA-2099-1}
 	- openoffice.org 1:3.2.1-6
-CVE-2010-2935 (simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x ...)
+CVE-2010-2935
 	{DSA-2099-1}
 	- openoffice.org 1:3.2.1-6
-CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote ...)
+CVE-2010-2934
 	- znc 0.092-2 (unimportant; bug #599708)
-CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote ...)
+CVE-2010-2933
 	NOT-FOR-US: AV Arcade
-CVE-2010-2932 (Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control ...)
+CVE-2010-2932
 	NOT-FOR-US: BarCodeWiz BarCode
-CVE-2010-2931 (Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows ...)
+CVE-2010-2931
 	NOT-FOR-US: SigPlus Pro activex control
-CVE-2010-2930 (Multiple stack-based buffer overflows in hsolinkcontrol in hsolink ...)
+CVE-2010-2930
 	- hsolink <removed>
-CVE-2010-2929 (Untrusted search path vulnerability in hsolinkcontrol in hsolink ...)
+CVE-2010-2929
 	- hsolink <removed>
-CVE-2010-2928 (The vCenter Tomcat Management Application in VMware vCenter Server 4.1 ...)
+CVE-2010-2928
 	NOT-FOR-US: VMware vCenter Server
-CVE-2010-2927 (The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) ...)
+CVE-2010-2927
 	NOT-FOR-US: Tivoli
-CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remote ...)
+CVE-2010-2926
 	NOT-FOR-US: sNews CMS
-CVE-2010-2925 (SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 ...)
+CVE-2010-2925
 	NOT-FOR-US: OpenFreeway
-CVE-2010-2924 (SQL injection vulnerability in myLDlinker.php in the myLinksDump ...)
+CVE-2010-2924
 	NOT-FOR-US: myLinksDump WordPress plugin
-CVE-2010-2923 (SQL injection vulnerability in the YouTube (com_youtube) component 1.5 ...)
+CVE-2010-2923
 	NOT-FOR-US: com_youtube Joomla extension
-CVE-2010-2922 (SQL injection vulnerability in default.asp in AKY Blog allows remote ...)
+CVE-2010-2922
 	NOT-FOR-US: Aspindir AKY Blog
-CVE-2010-2921 (SQL injection vulnerability in the Golf Course Guide ...)
+CVE-2010-2921
 	NOT-FOR-US: Joomla Component com_golfcourseguide
-CVE-2010-2920 (Directory traversal vulnerability in the Foobla Suggestions ...)
+CVE-2010-2920
 	NOT-FOR-US: Joomla Component Foobla Suggestions
-CVE-2010-2919 (SQL injection vulnerability in the StaticXT (com_staticxt) component ...)
+CVE-2010-2919
 	NOT-FOR-US: Joomla Component StaticXT
-CVE-2010-2918 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-2918
 	NOT-FOR-US: Joomla Component Visites
-CVE-2010-2917 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ ...)
+CVE-2010-2917
 	NOT-FOR-US: AJ square
-CVE-2010-2916 (SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN ...)
+CVE-2010-2916
 	NOT-FOR-US: AJ square
-CVE-2010-2915 (SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME ...)
+CVE-2010-2915
 	NOT-FOR-US: AJ square
-CVE-2010-2914 (Cross-site scripting (XSS) vulnerability in nessusd_www_server.nbin in ...)
+CVE-2010-2914
 	NOT-FOR-US: Nessus plugin
-CVE-2010-2913 (The Citibank Citi Mobile app before 2.0.3 for iOS stores account data ...)
+CVE-2010-2913
 	NOT-FOR-US: Citibank Citi Mobile app
-CVE-2010-2912 (SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 ...)
+CVE-2010-2912
 	NOT-FOR-US: Kayako eSupport
-CVE-2010-2911 (SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 ...)
+CVE-2010-2911
 	NOT-FOR-US: Kayako eSupport
-CVE-2010-2910 (SQL injection vulnerability in the Ozio Gallery (com_oziogallery) ...)
+CVE-2010-2910
 	NOT-FOR-US: Ozio Gallery
-CVE-2010-2909 (SQL injection vulnerability in ttvideo.php in the TTVideo ...)
+CVE-2010-2909
 	NOT-FOR-US: Joomla addon
-CVE-2010-2908 (SQL injection vulnerability in the Joomdle (com_joomdle) component ...)
+CVE-2010-2908
 	NOT-FOR-US: Joomla addon
-CVE-2010-2907 (SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) ...)
+CVE-2010-2907
 	NOT-FOR-US: Joomla addon
-CVE-2010-2906 (SQL injection vulnerability in articlesdetails.php in ScriptsFeed and ...)
+CVE-2010-2906
 	NOT-FOR-US: ScriptsFeed / BrotherScripts
-CVE-2010-2905 (SQL injection vulnerability in info.php in ScriptsFeed and ...)
+CVE-2010-2905
 	NOT-FOR-US: ScriptsFeed / BrotherScripts
-CVE-2010-2904 (Multiple cross-site scripting (XSS) vulnerabilities in the System ...)
+CVE-2010-2904
 	NOT-FOR-US: System Landscape Directory
-CVE-2010-2903 (Google Chrome before 5.0.375.125 performs unexpected truncation and ...)
+CVE-2010-2903
 	- webkit <not-affected> (Chromium specific issue)
 	- chromium-browser 5.0.375.125~r53311-1
-CVE-2010-2902 (The SVG implementation in Google Chrome before 5.0.375.125 allows ...)
+CVE-2010-2902
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41621
 	NOTE: http://trac.webkit.org/changeset/62662
 	NOTE: duplicate of cve-2010-1793
-CVE-2010-2901 (The rendering implementation in Google Chrome before 5.0.375.125 ...)
+CVE-2010-2901
 	{DSA-2188-1}
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41373
 	NOTE: http://trac.webkit.org/changeset/63048
-CVE-2010-2900 (Google Chrome before 5.0.375.125 does not properly handle a large ...)
+CVE-2010-2900
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41962
 	NOTE: http://trac.webkit.org/changeset/63219
-CVE-2010-2899 (Unspecified vulnerability in the layout implementation in Google ...)
+CVE-2010-2899
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38977
 	NOTE: http://trac.webkit.org/changeset/62134
-CVE-2010-2898 (Google Chrome before 5.0.375.125 does not properly mitigate an ...)
+CVE-2010-2898
 	- webkit <not-affected> (chromium specific issue)
 	- chromium-browser 5.0.375.125~r53311-1
-CVE-2010-2897 (Google Chrome before 5.0.375.125 does not properly mitigate an ...)
+CVE-2010-2897
 	- webkit <not-affected> (chromium specific issue)
 	- chromium-browser 5.0.375.125~r53311-1
-CVE-2010-2896 (IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before ...)
+CVE-2010-2896
 	NOT-FOR-US: IBM FileNet Content Manager
 CVE-2010-XXXX [flaw that allows unsigned code to access any file on the machine (accessible to the user) and write to it.]
 	- openjdk-6  6b18-1.8.1-1
@@ -6237,254 +6237,254 @@ CVE-2010-2894
 	RESERVED
 CVE-2010-2893
 	RESERVED
-CVE-2010-2892 (gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and ...)
+CVE-2010-2892
 	NOT-FOR-US: LANDesk Management Gateway
-CVE-2010-2891 (Buffer overflow in the smiGetNode function in lib/smi.c in libsmi ...)
+CVE-2010-2891
 	{DSA-2145-1}
 	- libsmi 0.4.8+dfsg2-3
-CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
+CVE-2010-2890
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2889 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
+CVE-2010-2889
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2888 (Multiple unspecified vulnerabilities in an ActiveX control in Adobe ...)
+CVE-2010-2888
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x ...)
+CVE-2010-2887
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp ...)
+CVE-2010-2886
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, ...)
+CVE-2010-2885
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, ...)
+CVE-2010-2884
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and ...)
+CVE-2010-2883
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2882 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2882
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2881 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2881
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2880 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2880
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2879 (Multiple integer overflows in the allocator in the TextXtra.x32 module ...)
+CVE-2010-2879
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2878 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2878
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2877 (Adobe Shockwave Player before 11.5.8.612 does not properly validate a ...)
+CVE-2010-2877
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2876 (Adobe Shockwave Player before 11.5.8.612 does not properly validate ...)
+CVE-2010-2876
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2875 (Integer signedness error in Adobe Shockwave Player before 11.5.8.612 ...)
+CVE-2010-2875
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2874 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 ...)
+CVE-2010-2874
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2873 (Adobe Shockwave Player before 11.5.8.612 does not properly validate ...)
+CVE-2010-2873
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2872 (Adobe Shockwave Player before 11.5.8.612 does not properly validate an ...)
+CVE-2010-2872
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2871 (Integer overflow in the 3D object functionality in Adobe Shockwave ...)
+CVE-2010-2871
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2870 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2870
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2869 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2869
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2868 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2868
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2867 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2867
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2866 (Integer signedness error in the DIRAPI module in Adobe Shockwave ...)
+CVE-2010-2866
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2865 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 ...)
+CVE-2010-2865
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2864 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
+CVE-2010-2864
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2863 (Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a ...)
+CVE-2010-2863
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2862 (Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and ...)
+CVE-2010-2862
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2861 (Multiple directory traversal vulnerabilities in the administrator ...)
+CVE-2010-2861
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-2860 (The EMC Celerra Network Attached Storage (NAS) appliance accepts ...)
+CVE-2010-2860
 	NOT-FOR-US: EMC
-CVE-2010-2859 (news.php in SimpNews 2.47.3 and earlier allows remote attackers to ...)
+CVE-2010-2859
 	NOT-FOR-US: SimpNews
-CVE-2010-2858 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
+CVE-2010-2858
 	NOT-FOR-US: SimpNews
-CVE-2010-2857 (Directory traversal vulnerability in the Music Manager component for ...)
+CVE-2010-2857
 	NOT-FOR-US: Joomla! Music Manager
-CVE-2010-2856 (Cross-site scripting (XSS) vulnerability in admin/currencies.php in ...)
+CVE-2010-2856
 	NOT-FOR-US: osCSS
-CVE-2010-2855 (Multiple SQL injection vulnerabilities in modfile.php in Event Horizon ...)
+CVE-2010-2855
 	NOT-FOR-US: Event Horizon
-CVE-2010-2854 (Multiple cross-site scripting (XSS) vulnerabilities in modfile.php in ...)
+CVE-2010-2854
 	NOT-FOR-US: Event Horizon
-CVE-2010-2853 (SQL injection vulnerability in flashPlayer/playVideo.php in iScripts ...)
+CVE-2010-2853
 	NOT-FOR-US: iScripts VisualCaster
-CVE-2010-2852 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-2852
 	NOT-FOR-US: RunCMS
-CVE-2010-2851 (SQL injection vulnerability in the BookLibrary From Same Author ...)
+CVE-2010-2851
 	NOT-FOR-US: Joomla! BookLibrary From Same Author
-CVE-2010-2850 (Directory traversal vulnerability in productionnu2/fileuploader.php in ...)
+CVE-2010-2850
 	NOT-FOR-US: nuBuilder
-CVE-2010-2849 (Cross-site scripting (XSS) vulnerability in productionnu2/nuedit.php ...)
+CVE-2010-2849
 	NOT-FOR-US: nuBuilder
-CVE-2010-2848 (Directory traversal vulnerability in ...)
+CVE-2010-2848
 	NOT-FOR-US: Joomla! ArtForms
-CVE-2010-2847 (Multiple SQL injection vulnerabilities in the InterJoomla ArtForms ...)
+CVE-2010-2847
 	NOT-FOR-US: Joomla! ArtForms
-CVE-2010-2846 (Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms ...)
+CVE-2010-2846
 	NOT-FOR-US: Joomla! ArtForms
-CVE-2010-2845 (SQL injection vulnerability in the QuickFAQ (com_quickfaq) component ...)
+CVE-2010-2845
 	NOT-FOR-US: Joomla! QuickFAQ
-CVE-2010-2844 (Cross-site scripting (XSS) vulnerability in news_show.php in Newanz ...)
+CVE-2010-2844
 	NOT-FOR-US: Newanz NewsOffice
-CVE-2010-2843 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through ...)
+CVE-2010-2843
 	NOT-FOR-US: Cisco WLC
-CVE-2010-2842 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through ...)
+CVE-2010-2842
 	NOT-FOR-US: Cisco WLC
-CVE-2010-2841 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) ...)
+CVE-2010-2841
 	NOT-FOR-US: Cisco WLC
-CVE-2010-2840 (The Presence Engine (PE) service in Cisco Unified Presence 6.x before ...)
+CVE-2010-2840
 	NOT-FOR-US: Cisco
-CVE-2010-2839 (SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) ...)
+CVE-2010-2839
 	NOT-FOR-US: Cisco
-CVE-2010-2838 (The SendCombinedStatusInfo implementation in Cisco Unified ...)
+CVE-2010-2838
 	NOT-FOR-US: Cisco
-CVE-2010-2837 (The SIPStationInit implementation in Cisco Unified Communications ...)
+CVE-2010-2837
 	NOT-FOR-US: Cisco
-CVE-2010-2836 (Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, ...)
+CVE-2010-2836
 	NOT-FOR-US: Cisco
-CVE-2010-2835 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x ...)
+CVE-2010-2835
 	NOT-FOR-US: Cisco
-CVE-2010-2834 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x ...)
+CVE-2010-2834
 	NOT-FOR-US: Cisco
-CVE-2010-2833 (Unspecified vulnerability in the NAT for H.225.0 implementation in ...)
+CVE-2010-2833
 	NOT-FOR-US: Cisco
-CVE-2010-2832 (Unspecified vulnerability in the NAT for H.323 implementation in Cisco ...)
+CVE-2010-2832
 	NOT-FOR-US: Cisco
-CVE-2010-2831 (Unspecified vulnerability in the NAT for SIP implementation in Cisco ...)
+CVE-2010-2831
 	NOT-FOR-US: Cisco
-CVE-2010-2830 (The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and ...)
+CVE-2010-2830
 	NOT-FOR-US: Cisco
-CVE-2010-2829 (Unspecified vulnerability in the H.323 implementation in Cisco IOS ...)
+CVE-2010-2829
 	NOT-FOR-US: Cisco
-CVE-2010-2828 (Unspecified vulnerability in the H.323 implementation in Cisco IOS ...)
+CVE-2010-2828
 	NOT-FOR-US: Cisco
-CVE-2010-2827 (Cisco IOS 15.1(2)T allows remote attackers to cause a denial of ...)
+CVE-2010-2827
 	NOT-FOR-US: Cisco
-CVE-2010-2826 (SQL injection vulnerability in Cisco Wireless Control System (WCS) ...)
+CVE-2010-2826
 	NOT-FOR-US: Cisco
-CVE-2010-2825 (Unspecified vulnerability in the SIP inspection feature on the Cisco ...)
+CVE-2010-2825
 	NOT-FOR-US: Cisco
-CVE-2010-2824 (Unspecified vulnerability on the Cisco Application Control Engine ...)
+CVE-2010-2824
 	NOT-FOR-US: Cisco
-CVE-2010-2823 (Unspecified vulnerability in the deep packet inspection feature on the ...)
+CVE-2010-2823
 	NOT-FOR-US: Cisco
-CVE-2010-2822 (Unspecified vulnerability in the RTSP inspection feature on the Cisco ...)
+CVE-2010-2822
 	NOT-FOR-US: Cisco
-CVE-2010-2821 (Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) ...)
+CVE-2010-2821
 	NOT-FOR-US: Cisco
-CVE-2010-2820 (Unspecified vulnerability in the SunRPC inspection feature on the ...)
+CVE-2010-2820
 	NOT-FOR-US: Cisco
-CVE-2010-2819 (Unspecified vulnerability in the SunRPC inspection feature on the ...)
+CVE-2010-2819
 	NOT-FOR-US: Cisco
-CVE-2010-2818 (Unspecified vulnerability in the SunRPC inspection feature on the ...)
+CVE-2010-2818
 	NOT-FOR-US: Cisco
-CVE-2010-2817 (Unspecified vulnerability in the IKE implementation on Cisco Adaptive ...)
+CVE-2010-2817
 	NOT-FOR-US: Cisco
-CVE-2010-2816 (Unspecified vulnerability in the SIP inspection feature on Cisco ...)
+CVE-2010-2816
 	NOT-FOR-US: Cisco
-CVE-2010-2815 (Unspecified vulnerability in the Transport Layer Security (TLS) ...)
+CVE-2010-2815
 	NOT-FOR-US: Cisco
-CVE-2010-2814 (Unspecified vulnerability in the Transport Layer Security (TLS) ...)
+CVE-2010-2814
 	NOT-FOR-US: Cisco
-CVE-2010-2813 (functions/imap_general.php in SquirrelMail before 1.4.21 does not ...)
+CVE-2010-2813
 	{DSA-2091-1}
 	- squirrelmail 2:1.4.21-1 (low)
 	[lenny] - squirrelmail <no-dsa> (low-risk issue)
-CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of ...)
+CVE-2010-2812
 	- znc 0.092-2 (unimportant; bug #599708)
-CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
+CVE-2010-2811
 	- vdsm <itp> (bug #668538)
-CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in ...)
+CVE-2010-2810
 	- lynx-cur 2.8.8dev.5-1 (bug #594300)
 	[lenny] - lynx-cur <no-dsa> (Minor issue, exploit scenario really obscure)
-CVE-2010-2809 (The default configuration of the &lt;Button2&gt; binding in Uzbl before ...)
+CVE-2010-2809
 	- uzbl 0.0.0~git.20100403-3 (bug #594301)
-CVE-2010-2808 (Buffer overflow in the Mac_Read_POST_Resource function in ...)
+CVE-2010-2808
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-2807 (FreeType before 2.4.2 uses incorrect integer data types during bounds ...)
+CVE-2010-2807
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-2806 (Array index error in the t42_parse_sfnts function in type42/t42parse.c ...)
+CVE-2010-2806
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-2805 (The FT_Stream_EnterFrame function in base/ftstream.c in FreeType ...)
+CVE-2010-2805
 	{DSA-2105-1}
 	- freetype 2.4.2-1
 CVE-2010-2804
 	RESERVED
-CVE-2010-2803 (The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct ...)
+CVE-2010-2803
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-22
-CVE-2010-2802 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 ...)
+CVE-2010-2802
 	- mantis <not-affected> (vulnerable code introduced in 1.2.x)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=11952
-CVE-2010-2801 (Integer signedness error in the Quantum decompressor in cabextract ...)
+CVE-2010-2801
 	{DSA-2087-1}
 	- cabextract 1.3-1 (bug #591552)
-CVE-2010-2800 (The MS-ZIP decompressor in cabextract before 1.3 allows remote ...)
+CVE-2010-2800
 	- cabextract 1.3-1 (bug #591552; unimportant)
-CVE-2010-2799 (Stack-based buffer overflow in the nestlex function in nestlex.c in ...)
+CVE-2010-2799
 	{DSA-2090-1}
 	- socat 1.7.1.3-1 (bug #591443; medium)
-CVE-2010-2798 (The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux ...)
+CVE-2010-2798
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-20
-CVE-2010-2797 (Directory traversal vulnerability in lib/translation.functions.php in ...)
+CVE-2010-2797
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when ...)
+CVE-2010-2796
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack ...)
+CVE-2010-2795
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users ...)
+CVE-2010-2794
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2010-2793 (Race condition in the SPICE (aka spice-activex) plug-in for Internet ...)
+CVE-2010-2793
 	NOT-FOR-US: SPICE plugin for Internet Explorer
-CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox ...)
+CVE-2010-2792
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, ...)
+CVE-2010-2791
 	- apache2 2.2.9-10 (low)
-CVE-2010-2790 (Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery ...)
+CVE-2010-2790
 	- zabbix 1:1.8.3-1 (bug #594304)
 	[squeeze] - zabbix 1:1.8.2-1squeeze1
 	[lenny] - zabbix <no-dsa> (Minor issue)
-CVE-2010-2789 (PHP remote file inclusion vulnerability in MediaWikiParserTest.php in ...)
+CVE-2010-2789
 	- mediawiki <not-affected> (Affects mediawiki 1:1.16.0beta* - was not and will not be in Debian)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
-CVE-2010-2788 (Cross-site scripting (XSS) vulnerability in profileinfo.php in ...)
+CVE-2010-2788
 	- mediawiki 1:1.15.5-1 (bug #590669; low)
 	[lenny] - mediawiki 1:1.12.0-2lenny6
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
-CVE-2010-2787 (api.php in MediaWiki before 1.15.5 does not prevent use of public ...)
+CVE-2010-2787
 	- mediawiki 1:1.15.5-1 (bug #590660; low)
 	[lenny] - mediawiki <no-dsa> (Minor issue)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
-CVE-2010-2786 (Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows ...)
+CVE-2010-2786
 	- piwik <itp> (bug #506933)
-CVE-2010-2785 (The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not ...)
+CVE-2010-2785
 	{DSA-2078-1}
 	- kvirc 4:4.0.0-3
-CVE-2010-2784 (The subpage MMIO initialization functionality in the subpage_register ...)
+CVE-2010-2784
 	- qemu-kvm 0.12.5+dfsg-3 (bug #594478)
 	- kvm <removed>
 	[lenny] - kvm 72+dfsg-5~lenny6
@@ -6497,11 +6497,11 @@ CVE-2010-2781
 	RESERVED
 CVE-2010-2780
 	RESERVED
-CVE-2010-2779 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
+CVE-2010-2779
 	NOT-FOR-US: GroupWise
-CVE-2010-2778 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
+CVE-2010-2778
 	NOT-FOR-US: GroupWise
-CVE-2010-2777 (Stack-based buffer overflow in the IMAP server component in GroupWise ...)
+CVE-2010-2777
 	NOT-FOR-US: GroupWise
 CVE-2010-2776
 	RESERVED
@@ -6511,21 +6511,21 @@ CVE-2010-2774
 	RESERVED
 CVE-2010-2773
 	RESERVED
-CVE-2010-2772 (Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded ...)
+CVE-2010-2772
 	NOT-FOR-US: SCADA
-CVE-2010-2771 (solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to ...)
+CVE-2010-2771
 	NOT-FOR-US: IBM solidDB
-CVE-2010-3484 (SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows ...)
+CVE-2010-3484
 	- mapserver 5.6.4-1 (low)
 	[lenny] - mapserver <no-dsa> (Minor issue)
-CVE-2010-3485 (SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows ...)
+CVE-2010-3485
 	- mapserver 5.6.4-1 (low)
 	[lenny] - mapserver <no-dsa> (Minor issue)
-CVE-2010-2770 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird ...)
+CVE-2010-2770
 	- xulrunner <not-affected> (The vulnerability is MacOS-specific)
 	- iceweasel <not-affected> (The vulnerability is MacOS-specific)
 	- iceape <not-affected> (The vulnerability is MacOS-specific)
-CVE-2010-2769 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2010-2769
 	{DSA-2124-1 DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6535,7 +6535,7 @@ CVE-2010-2769 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox befor
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2768 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird ...)
+CVE-2010-2768
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6545,7 +6545,7 @@ CVE-2010-2768 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2767 (The navigator.plugins implementation in Mozilla Firefox before 3.5.12 ...)
+CVE-2010-2767
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6555,7 +6555,7 @@ CVE-2010-2767 (The navigator.plugins implementation in Mozilla Firefox before 3.
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2766 (The normalizeDocument function in Mozilla Firefox before 3.5.12 and ...)
+CVE-2010-2766
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6565,7 +6565,7 @@ CVE-2010-2766 (The normalizeDocument function in Mozilla Firefox before 3.5.12 a
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2765 (Integer overflow in the FRAMESET element implementation in Mozilla ...)
+CVE-2010-2765
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6575,7 +6575,7 @@ CVE-2010-2765 (Integer overflow in the FRAMESET element implementation in Mozill
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2764 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird ...)
+CVE-2010-2764
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -6585,7 +6585,7 @@ CVE-2010-2764 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2763 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
+CVE-2010-2763
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6595,10 +6595,10 @@ CVE-2010-2763 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2762 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
+CVE-2010-2762
 	- xulrunner <not-affected> (Only affects 3.6, only in experimental)
 	- iceweasel <not-affected> (Only affects 3.6, only in experimental)
-CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) ...)
+CVE-2010-2761
 	- perl 5.10.1-17 (bug #606995)
 	- libcgi-pm-perl 3.50-1 (bug #606370)
 	[lenny] - libcgi-pm-perl 3.38-2lenny2
@@ -6606,7 +6606,7 @@ CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) ...
 	- libcgi-simple-perl 1.111-2 (bug #606379)
 	[lenny] - libcgi-simple-perl 1.105-1lenny1
 	[lenny] - perl 5.10.0-19lenny3 (bug #606995)
-CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in ...)
+CVE-2010-2760
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6616,18 +6616,18 @@ CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in .
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through ...)
+CVE-2010-2759
 	- bugzilla 3.6.2.0-1 (bug #595015; medium)
-CVE-2010-2758 (Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through ...)
+CVE-2010-2758
 	- bugzilla 3.6.2.0-1 (bug #595015; low)
-CVE-2010-2757 (The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through ...)
+CVE-2010-2757
 	- bugzilla 3.6.2.0-1 (bug #595015; low)
-CVE-2010-2756 (Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 ...)
+CVE-2010-2756
 	- bugzilla 3.6.2.0-1 (bug #595015; low)
-CVE-2010-2755 (layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not ...)
+CVE-2010-2755
 	- xulrunner <not-affected> (Only exploitable in Firefox 3.6.x and above)
 	- iceweasel <not-affected> (Only exploitable in Firefox 3.6.x and above)
-CVE-2010-2754 (dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 ...)
+CVE-2010-2754
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
@@ -6636,7 +6636,7 @@ CVE-2010-2754 (dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.
 	[lenny] - icedove <end-of-life>
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2753 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x ...)
+CVE-2010-2753
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
@@ -6645,7 +6645,7 @@ CVE-2010-2753 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x before ...)
+CVE-2010-2752
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceweasel 3.5.11-2
@@ -6654,38 +6654,38 @@ CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x befor
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-2751 (The nsDocShell::OnRedirectStateChange function in ...)
+CVE-2010-2751
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2750 (Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac ...)
+CVE-2010-2750
 	NOT-FOR-US: Microsoft Word
 CVE-2010-2749
 	REJECTED
-CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check ...)
+CVE-2010-2748
 	NOT-FOR-US: Microsoft Word
-CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
+CVE-2010-2747
 	NOT-FOR-US: Microsoft Word
-CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common control ...)
+CVE-2010-2746
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not properly ...)
+CVE-2010-2745
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2010-2744
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2743 (The kernel-mode drivers in Microsoft Windows XP SP3 do not properly ...)
+CVE-2010-2743
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and ...)
+CVE-2010-2742
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
+CVE-2010-2741
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
+CVE-2010-2740
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in ...)
+CVE-2010-2739
 	NOT-FOR-US: Windows
-CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation in ...)
+CVE-2010-2738
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-2737
 	REJECTED
@@ -6693,202 +6693,202 @@ CVE-2010-2736
 	REJECTED
 CVE-2010-2735
 	REJECTED
-CVE-2010-2734 (Cross-site scripting (XSS) vulnerability in the mobile portal in ...)
+CVE-2010-2734
 	NOT-FOR-US: Microsoft Forefront Unified Access Gateway
-CVE-2010-2733 (Cross-site scripting (XSS) vulnerability in the Web Monitor in ...)
+CVE-2010-2733
 	NOT-FOR-US: Microsoft Forefront Unified Access Gateway
-CVE-2010-2732 (Open redirect vulnerability in the web interface in Microsoft ...)
+CVE-2010-2732
 	NOT-FOR-US: Microsoft Forefront Unified Access Gateway
-CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ...)
+CVE-2010-2731
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, ...)
+CVE-2010-2730
 	NOT-FOR-US: Microsoft IIS
-CVE-2010-2729 (The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2010-2729
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2728 (Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, ...)
+CVE-2010-2728
 	NOT-FOR-US: Microsoft Outlook
 CVE-2010-2727
 	REJECTED
 CVE-2010-2726
 	REJECTED
-CVE-2010-2725 (BarnOwl before 1.6.2 does not check the return code of calls to the ...)
+CVE-2010-2725
 	{DSA-2102-1}
 	- barnowl 1.6.2-1 (bug #593299)
-CVE-2010-2724 (Cross-site scripting (XSS) vulnerability in the Hierarchical Select ...)
+CVE-2010-2724
 	NOT-FOR-US: Drupal addon module
-CVE-2010-2723 (Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows ...)
+CVE-2010-2723
 	NOT-FOR-US: LISTSERV
-CVE-2010-2722 (Cross-site scripting (XSS) vulnerability in index.php in RightInPoint ...)
+CVE-2010-2722
 	NOT-FOR-US: RightInPoint Lyrics Script
-CVE-2010-2721 (SQL injection vulnerability in index.php in RightInPoint Lyrics Script ...)
+CVE-2010-2721
 	NOT-FOR-US: RightInPoint Lyrics Script
-CVE-2010-2720 (SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and ...)
+CVE-2010-2720
 	NOT-FOR-US: phpaaCms
-CVE-2010-2719 (SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and ...)
+CVE-2010-2719
 	NOT-FOR-US: phpaaCms
-CVE-2010-2718 (Multiple cross-site scripting (XSS) vulnerabilities in CruxSoftware ...)
+CVE-2010-2718
 	NOT-FOR-US: CruxSoftware
-CVE-2010-2717 (Cross-site scripting (XSS) vulnerability in manager/login.php in ...)
+CVE-2010-2717
 	NOT-FOR-US: CruxSoftware
-CVE-2010-2716 (Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote ...)
+CVE-2010-2716
 	NOT-FOR-US: PsNews
-CVE-2010-2715 (Cross-site scripting (XSS) vulnerability in photos/index.php in TCW ...)
+CVE-2010-2715
 	NOT-FOR-US: TCW PHP Album
-CVE-2010-2714 (SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 ...)
+CVE-2010-2714
 	NOT-FOR-US: TCW PHP Album
-CVE-2010-2713 (The vte_sequence_handler_window_manipulation function in vteseq.c in ...)
+CVE-2010-2713
 	[lenny] - vte <not-affected> (Uses a hardcoded string in the terminal icon/window title)
 	- vte 1:0.24.3-1
 	NOTE: http://git.gnome.org/browse/vte/commit/?id=58bc3a942f198a1a8788553ca72c19d7c1702b74
 	NOTE: http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91
-CVE-2010-2712 (Unspecified vulnerability in Software Distributor (sd) in HP HP-UX ...)
+CVE-2010-2712
 	NOT-FOR-US: Software Distributor in HP HP-UX
-CVE-2010-2711 (Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the ...)
+CVE-2010-2711
 	NOT-FOR-US: HP MagCloud app
-CVE-2010-2710 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2010-2710
 	NOT-FOR-US: HP OpenView
-CVE-2010-2709 (Stack-based buffer overflow in webappmon.exe in HP OpenView Network ...)
+CVE-2010-2709
 	NOT-FOR-US: HP OpenView
-CVE-2010-2708 (Unspecified vulnerability on the HP ProCurve 2610 switch before ...)
+CVE-2010-2708
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2707 (Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches ...)
+CVE-2010-2707
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2706 (Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 ...)
+CVE-2010-2706
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2705 (Unspecified vulnerability on the HP ProCurve 1800-24G switch with ...)
+CVE-2010-2705
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2704 (Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and ...)
+CVE-2010-2704
 	NOT-FOR-US: HP OpenView
-CVE-2010-2703 (Stack-based buffer overflow in the execvp_nc function in the ov.dll ...)
+CVE-2010-2703
 	NOT-FOR-US: HP OpenView
-CVE-2010-2702 (Buffer overflow in the UGameEngine::UpdateConnectingMessage function ...)
+CVE-2010-2702
 	NOT-FOR-US: Unreal engine
-CVE-2010-2701 (Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow ...)
+CVE-2010-2701
 	NOT-FOR-US: FathFTP ActiveX control
-CVE-2010-2700 (Cross-site scripting (XSS) vulnerability in index.php in Edge PHP ...)
+CVE-2010-2700
 	NOT-FOR-US: Edge PHP Clickbank Affiliate Marketplace Script
-CVE-2010-2699 (SQL injection vulnerability in index.php in Edge PHP Clickbank ...)
+CVE-2010-2699
 	NOT-FOR-US: Edge PHP Clickbank Affiliate Marketplace Script
-CVE-2010-2698 (Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community ...)
+CVE-2010-2698
 	NOT-FOR-US: Sijio Community Software
-CVE-2010-2697 (Cross-site scripting (XSS) vulnerability in Sijio Community Software ...)
+CVE-2010-2697
 	NOT-FOR-US: Sijio Community Software
-CVE-2010-2696 (SQL injection vulnerability in gallery/index.php in Sijio Community ...)
+CVE-2010-2696
 	NOT-FOR-US: Sijio Community Software
-CVE-2010-2695 (Directory traversal vulnerability in the SFTP/SSH2 virtual server in ...)
+CVE-2010-2695
 	NOT-FOR-US: Xlight FTP Server
-CVE-2010-2694 (SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 ...)
+CVE-2010-2694
 	NOT-FOR-US: Joomla addon
-CVE-2010-2693 (FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag ...)
+CVE-2010-2693
 	- kfreebsd-7 7.3-5
 	[lenny] - kfreebsd-7 <no-dsa> (Not covered by security support in Lenny)
 	- kfreebsd-8 8.0-10
-CVE-2010-2692 (Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt ...)
+CVE-2010-2692
 	NOT-FOR-US: 2daybiz Custom T-Shirt Design Script
-CVE-2010-2691 (Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt ...)
+CVE-2010-2691
 	NOT-FOR-US: 2daybiz Custom T-Shirt Design Script
-CVE-2010-2690 (SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) ...)
+CVE-2010-2690
 	NOT-FOR-US: Joomla addon
-CVE-2010-2689 (SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS ...)
+CVE-2010-2689
 	NOT-FOR-US: Internet DM WebDM CMS
-CVE-2010-2688 (SQL injection vulnerability in detail.asp in Site2Nite Boat ...)
+CVE-2010-2688
 	NOT-FOR-US: Site2Nite Boat Classifieds
-CVE-2010-2687 (SQL injection vulnerability in printdetail.asp in Site2Nite Boat ...)
+CVE-2010-2687
 	NOT-FOR-US: Site2Nite Boat Classifieds
-CVE-2010-2686 (Multiple SQL injection vulnerabilities in clientes.asp in the TopManage ...)
+CVE-2010-2686
 	NOT-FOR-US: SAP module
-CVE-2010-2685 (siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not ...)
+CVE-2010-2685
 	NOT-FOR-US: Customer Paradigm PageDirector CMS
-CVE-2010-2684 (SQL injection vulnerability in index.php in Customer Paradigm ...)
+CVE-2010-2684
 	NOT-FOR-US: Customer Paradigm PageDirector CMS
-CVE-2010-2683 (SQL injection vulnerability in result.php in Customer Paradigm ...)
+CVE-2010-2683
 	NOT-FOR-US: Customer Paradigm PageDirector CMS
-CVE-2010-2682 (Directory traversal vulnerability in the Realtyna Translator ...)
+CVE-2010-2682
 	NOT-FOR-US: Joomla addon
-CVE-2010-2681 (PHP remote file inclusion vulnerability in the SEF404x (com_sef) ...)
+CVE-2010-2681
 	NOT-FOR-US: Joomla addon
-CVE-2010-2680 (Directory traversal vulnerability in the JExtensions JE ...)
+CVE-2010-2680
 	NOT-FOR-US: Joomla addon
-CVE-2010-2679 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...)
+CVE-2010-2679
 	NOT-FOR-US: Joomla addon
-CVE-2010-2678 (SQL injection vulnerability in xmap (com_xmap) component for Joomla! ...)
+CVE-2010-2678
 	NOT-FOR-US: Joomla addon
-CVE-2010-2677 (PHP remote file inclusion vulnerability in mw_plugin.php in Open Web ...)
+CVE-2010-2677
 	NOT-FOR-US: Open Web Analytics
-CVE-2010-2676 (Multiple directory traversal vulnerabilities in index.php in Open Web ...)
+CVE-2010-2676
 	NOT-FOR-US: Open Web Analytics
-CVE-2010-2675 (Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS ...)
+CVE-2010-2675
 	NOT-FOR-US: TSOKA:CMS
-CVE-2010-2674 (SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and ...)
+CVE-2010-2674
 	NOT-FOR-US: TSOKA:CMS
-CVE-2010-2673 (SQL injection vulnerability in profile_view.php in Devana 1.6.6 and ...)
+CVE-2010-2673
 	NOT-FOR-US: Devana
-CVE-2010-2672 (Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through ...)
+CVE-2010-2672
 	- ezpublish <removed>
-CVE-2010-2671 (Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ ...)
+CVE-2010-2671
 	- ezpublish <removed>
-CVE-2010-2670 (SQL injection vulnerability in recipedetail.php in BrotherScripts ...)
+CVE-2010-2670
 	NOT-FOR-US: BrotherScripts Recipe Website
-CVE-2010-2669 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-2669
 	NOT-FOR-US: Orbis CMS
-CVE-2010-2668 (Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet ...)
+CVE-2010-2668
 	NOT-FOR-US: Adaptive Micro Systems ALPHA Ethernet Adapter
-CVE-2010-2667 (Multiple unspecified vulnerabilities in the Virtual Appliance ...)
+CVE-2010-2667
 	NOT-FOR-US: VMware Studio
-CVE-2010-2666 (Opera before 10.54 on Windows and Mac OS X does not properly enforce ...)
+CVE-2010-2666
 	NOT-FOR-US: Opera
-CVE-2010-2665 (Cross-site scripting (XSS) vulnerability in Opera before 10.54 on ...)
+CVE-2010-2665
 	NOT-FOR-US: Opera
-CVE-2010-2664 (Opera before 10.60 allows remote attackers to cause a denial of ...)
+CVE-2010-2664
 	NOT-FOR-US: Opera
-CVE-2010-2663 (Opera before 10.60 allows remote attackers to cause a denial of ...)
+CVE-2010-2663
 	NOT-FOR-US: Opera
-CVE-2010-2662 (Opera before 10.60 allows remote attackers to bypass the popup blocker ...)
+CVE-2010-2662
 	NOT-FOR-US: Opera
-CVE-2010-2661 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX ...)
+CVE-2010-2661
 	NOT-FOR-US: Opera
-CVE-2010-2660 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX ...)
+CVE-2010-2660
 	NOT-FOR-US: Opera
-CVE-2010-2659 (Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before ...)
+CVE-2010-2659
 	NOT-FOR-US: Opera
-CVE-2010-2658 (Opera before 10.60 does not properly restrict certain interaction ...)
+CVE-2010-2658
 	NOT-FOR-US: Opera
-CVE-2010-2657 (Opera before 10.60 on Windows and Mac OS X does not properly prevent ...)
+CVE-2010-2657
 	NOT-FOR-US: Opera
-CVE-2010-2656 (The IBM BladeCenter with Advanced Management Module (AMM) firmware ...)
+CVE-2010-2656
 	NOT-FOR-US: BladeCenter software
-CVE-2010-2655 (Directory traversal vulnerability in private/file_management.php on ...)
+CVE-2010-2655
 	NOT-FOR-US: BladeCenter software
-CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM ...)
+CVE-2010-2654
 	NOT-FOR-US: BladeCenter software
-CVE-2010-2653 (Race condition in the hvc_close function in drivers/char/hvc_console.c ...)
+CVE-2010-2653
 	- linux-2.6 2.6.32-25
-CVE-2010-2652 (Google Chrome before 5.0.375.99 does not properly implement modal ...)
+CVE-2010-2652
 	- webkit <not-affected> (chromium specific issue)
 	- chromium-browser 5.0.375.99~r51029-1
-CVE-2010-2651 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...)
+CVE-2010-2651
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38891
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=51014
 	NOTE: http://trac.webkit.org/changeset/59247
-CVE-2010-2650 (Unspecified vulnerability in Google Chrome before 5.0.375.99 has ...)
+CVE-2010-2650
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 5.0.375.99~r51029-1
-CVE-2010-2649 (Unspecified vulnerability in Google Chrome before 5.0.375.99 allows ...)
+CVE-2010-2649
 	- webkit <not-affected> (issue in chromium-specific code)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39797
 	NOTE: http://trac.webkit.org/changeset/60973
 	NOTE: http://trac.webkit.org/changeset/60977
-CVE-2010-2648 (The implementation of the Unicode Bidirectional Algorithm (aka Bidi ...)
+CVE-2010-2648
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39305
 	NOTE: http://trac.webkit.org/projects/webkit/changeset/61921
-CVE-2010-2647 (Google Chrome before 5.0.375.99 allows remote attackers to cause a ...)
+CVE-2010-2647
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
@@ -6898,112 +6898,112 @@ CVE-2010-2647 (Google Chrome before 5.0.375.99 allows remote attackers to cause
 	NOTE: http://trac.webkit.org/changeset/61676 chromium fixes
 	NOTE: http://trac.webkit.org/changeset/61679 additional layout test
 	NOTE: duplicate of cve-2010-1786
-CVE-2010-2646 (Google Chrome before 5.0.375.99 does not properly isolate sandboxed ...)
+CVE-2010-2646
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38151
 	NOTE: http://trac.webkit.org/changeset/58873
 	NOTE: http://trac.webkit.org/changeset/59870 chromium updates
-CVE-2010-2645 (Unspecified vulnerability in Google Chrome before 5.0.375.99, when ...)
+CVE-2010-2645
 	- webkit <not-affected> (doesn't include webgl code yet)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38039
 	NOTE: http://trac.webkit.org/changeset/58957
-CVE-2010-2644 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 ...)
+CVE-2010-2644
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2010-2643 (Integer overflow in the TFM font parser in the dvi-backend component ...)
+CVE-2010-2643
 	{DSA-2357-1}
 	- evince 2.30.3-2 (bug #609534)
-CVE-2010-2642 (Heap-based buffer overflow in the AFM font parser in the dvi-backend ...)
+CVE-2010-2642
 	{DSA-2388-1 DSA-2357-1}
 	- evince 3.0.2-1 (bug #609534)
 	[squeeze] - evince 2.30.3-2+squeeze1
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
 	[squeeze] - t1lib 5.1.2-3+squeeze1
-CVE-2010-2641 (Array index error in the VF font parser in the dvi-backend component ...)
+CVE-2010-2641
 	{DSA-2357-1}
 	- evince 2.30.3-2 (bug #609534)
-CVE-2010-2640 (Array index error in the PK font parser in the dvi-backend component ...)
+CVE-2010-2640
 	{DSA-2357-1}
 	- evince 2.30.3-2 (bug #609534)
-CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote ...)
+CVE-2010-2639
 	NOT-FOR-US: IBM WebSphere Commerce Enterprise 7.0
-CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 ...)
+CVE-2010-2638
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not ...)
+CVE-2010-2637
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store ...)
+CVE-2010-2636
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0 before ...)
+CVE-2010-2635
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users to cause ...)
+CVE-2010-2634
 	NOT-FOR-US: RSA enVision
-CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, ...)
+CVE-2010-2633
 	NOT-FOR-US: EMC
-CVE-2010-2632 (Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, ...)
+CVE-2010-2632
 	NOT-FOR-US: Solaris FTP server
-CVE-2010-2631 (LibTIFF 3.9.0 ignores tags in certain situations during the first ...)
+CVE-2010-2631
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed before initial upload)
-CVE-2010-2630 (The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly ...)
+CVE-2010-2630
 	{DSA-2552-1}
 	- tiff 3.9.6-1
 	- tiff3 3.9.6-1
 	NOTE: may have been fixed earlier
-CVE-2010-2629 (The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 ...)
+CVE-2010-2629
 	NOT-FOR-US: Cisco
-CVE-2010-2628 (The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 ...)
+CVE-2010-2628
 	- strongswan 4.4.1-1
 	[lenny] - strongswan <not-affected> (Vulnerability introduced in 4.3.3)
 	[squeeze] - strongswan <not-affected> (Vulnerability introduced in 4.3.3)
-CVE-2010-2627 (Multiple directory traversal vulnerabilities in the Refractor 2 ...)
+CVE-2010-2627
 	NOT-FOR-US: Refractor 2
-CVE-2010-2626 (index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to ...)
+CVE-2010-2626
 	NOT-FOR-US: Miyabi CGI Tools SEO Links
-CVE-2010-2625 (Unspecified vulnerability in the Client Service for DPM in Hitachi ...)
+CVE-2010-2625
 	NOT-FOR-US: Hitachi ServerConductor
-CVE-2010-2624 (Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow ...)
+CVE-2010-2624
 	NOT-FOR-US: iScripts EasySnaps
-CVE-2010-2623 (SQL injection vulnerability in pages.php in Internet DM Specialist Bed ...)
+CVE-2010-2623
 	NOT-FOR-US: Internet DM Specialist Bed and Breakfast
-CVE-2010-2622 (SQL injection vulnerability in the Joomanager component, possibly ...)
+CVE-2010-2622
 	NOT-FOR-US: Joomanager
-CVE-2010-2621 (The QSslSocketBackendPrivate::transmit function in ...)
+CVE-2010-2621
 	- qt4-x11 4:4.6.3-2 (low; bug #587711)
 	[lenny] - qt4-x11 <no-dsa> (Harmless impact)
 	NOTE: Fixed by commit c25c7c9bdfade6b906f37ac8bad44f6f0de57597
-CVE-2010-2620 (Open&amp;Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote ...)
+CVE-2010-2620
 	NOT-FOR-US: Open&Compact FTP Server
-CVE-2010-2619 (Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and ...)
+CVE-2010-2619
 	NOT-FOR-US: Citrix XenServer (it's based on Xen, likely a duplicate of an existing Xen issue)
-CVE-2010-2494 (Multiple buffer underflows in the base64 decoder in base64.c in (1) ...)
+CVE-2010-2494
 	- bogofilter 1.2.1-3 (low; bug #588090)
 	[lenny] - bogofilter 1.1.7-1+lenny1
 	NOTE: this is "only" null write to an invalid pointer, no arbitrary location
-CVE-2010-2495 (The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP ...)
+CVE-2010-2495
 	- linux-2.6 2.6.32-16
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.29)
-CVE-2010-2618 (PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in ...)
+CVE-2010-2618
 	NOT-FOR-US: AdaptCMS
-CVE-2010-2617 (Cross-site scripting (XSS) vulnerability in bible.php in PHP Bible ...)
+CVE-2010-2617
 	NOT-FOR-US: PHP Bible Search
-CVE-2010-2616 (SQL injection vulnerability in bible.php in PHP Bible Search, probably ...)
+CVE-2010-2616
 	NOT-FOR-US: PHP Bible Search
-CVE-2010-2615 (Multiple cross-site scripting (XSS) vulnerabilities in admin/admin.php ...)
+CVE-2010-2615
 	NOT-FOR-US: Grafik CMS
-CVE-2010-2614 (SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, ...)
+CVE-2010-2614
 	NOT-FOR-US: Grafik CMS
-CVE-2010-2613 (Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd ...)
+CVE-2010-2613
 	NOT-FOR-US: com_awd_song component for joomla!
-CVE-2010-2612 (Unspecified vulnerability in the HP OpenVMS Auditing feature in ...)
+CVE-2010-2612
 	NOT-FOR-US: HP OpenVMS
-CVE-2010-2611 (SQL injection vulnerability in show_search_result.php in i-netsolution ...)
+CVE-2010-2611
 	NOT-FOR-US: i-netsolution Job Search Engine
-CVE-2010-2610 (Multiple SQL injection vulnerabilities in 2daybiz Job Site Script ...)
+CVE-2010-2610
 	NOT-FOR-US: 2daybiz Job Site Script
-CVE-2010-2609 (SQL injection vulnerability in show_search_result.php in 2daybiz Job ...)
+CVE-2010-2609
 	NOT-FOR-US: 2daybiz Job Search Engine Script
 CVE-2010-2608
 	RESERVED
@@ -7013,19 +7013,19 @@ CVE-2010-2606
 	RESERVED
 CVE-2010-2605
 	RESERVED
-CVE-2010-2604 (Multiple buffer overflows in the PDF Distiller in the BlackBerry ...)
+CVE-2010-2604
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2010-2603 (RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for ...)
+CVE-2010-2603
 	NOT-FOR-US: RIM BlackBerry Desktop Software
-CVE-2010-2602 (Multiple buffer overflows in the PDF distiller component in the ...)
+CVE-2010-2602
 	NOT-FOR-US: BlackBerry Enterprise Serve
-CVE-2010-2601 (Multiple buffer overflows in the PDF distiller in the Attachment ...)
+CVE-2010-2601
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2010-2600 (Untrusted search path vulnerability in BlackBerry Desktop Software ...)
+CVE-2010-2600
 	NOT-FOR-US: BlackBerry Desktop Software
-CVE-2010-2599 (Unspecified vulnerability in Research In Motion (RIM) BlackBerry ...)
+CVE-2010-2599
 	NOT-FOR-US: BlackBerry Device Software
-CVE-2010-2594 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2010-2594
 	NOT-FOR-US: InterSect Allience Snare Agent
 CVE-2010-2593
 	RESERVED
@@ -7033,37 +7033,37 @@ CVE-2010-2592
 	RESERVED
 CVE-2010-2591
 	RESERVED
-CVE-2010-2590 (Heap-based buffer overflow in the ...)
+CVE-2010-2590
 	NOT-FOR-US: ActiveX
-CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player ...)
+CVE-2010-2589
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
+CVE-2010-2588
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
+CVE-2010-2587
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...)
+CVE-2010-2586
 	NOT-FOR-US: Winamp
-CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...)
+CVE-2010-2585
 	NOT-FOR-US: RealPage Module ActiveX Controls
-CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control in ...)
+CVE-2010-2584
 	NOT-FOR-US: RealPage Module ActiveX Controls
-CVE-2010-2583 (Stack-based buffer overflow in SonicWALL SSL-VPN End-Point ...)
+CVE-2010-2583
 	NOT-FOR-US: SonicWALL
-CVE-2010-2582 (An unspecified function in TextXtra.x32 in Adobe Shockwave Player ...)
+CVE-2010-2582
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote ...)
+CVE-2010-2581
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
+CVE-2010-2580
 	NOT-FOR-US: MailEnable
-CVE-2010-2579 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+CVE-2010-2579
 	NOT-FOR-US: RealPlayer
-CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-2578
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow ...)
+CVE-2010-2577
 	NOT-FOR-US: Pligg
-CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download ...)
+CVE-2010-2576
 	NOT-FOR-US: Opera
-CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in ...)
+CVE-2010-2575
 	- okular 4:4.4.5-2
 	[lenny] - okular 0.7-2+lenny1
 	- kdegraphics 4:4.4.5-2
@@ -7071,18 +7071,18 @@ CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality
 	NOTE: http://www.kde.org/info/security/advisory-20100825-1.txt
 	NOTE: Okular was initially a single source package (lenny days), then it was merged into
 	NOTE: kdegraphics (squeeze days) and later split off again (wheezy)
-CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in ...)
+CVE-2010-2574
 	- mantis 1.1.8+dfsg-6 (low; bug #595510)
 	[lenny] - mantis 1.1.6+dfsg-2lenny2
-CVE-2010-2598 (LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as ...)
+CVE-2010-2598
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2597 (The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 ...)
+CVE-2010-2597
 	{DSA-2552-1}
 	- tiff 3.9.6-1
 	- tiff3 3.9.6-1
 	NOTE: may have been fixed earlier
-CVE-2010-2596 (The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and ...)
+CVE-2010-2596
 	{DLA-610-1}
 	- tiff 4.0.6-1 (unimportant)
 	- tiff3 <removed> (unimportant)
@@ -7092,201 +7092,201 @@ CVE-2010-2596 (The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and
 	NOTE: that the reproducer does not trigger the crash anymore.
 	NOTE: Tom Lane's patch should be applied for tiff in Wheezy too.
 	NOTE: Not confirmed which exact version should fix the issue.
-CVE-2010-2595 (The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ...)
+CVE-2010-2595
 	{DSA-2552-1}
 	- tiff 3.9.6-1
 	- tiff3 3.9.6-1
 	NOTE: may have been fixed earlier
-CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, ...)
+CVE-2010-2573
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
+CVE-2010-2572
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in ...)
+CVE-2010-2571
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter ...)
+CVE-2010-2570
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
+CVE-2010-2569
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 ...)
+CVE-2010-2568
 	NOT-FOR-US: Microsoft
-CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3 and ...)
+CVE-2010-2567
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2566 (The Secure Channel (aka SChannel) security package in Microsoft ...)
+CVE-2010-2566
 	NOT-FOR-US: Microsoft
 CVE-2010-2565
 	REJECTED
-CVE-2010-2564 (Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and ...)
+CVE-2010-2564
 	NOT-FOR-US: Microsoft
-CVE-2010-2563 (The Word 97 text converter in the WordPad Text Converters in Microsoft ...)
+CVE-2010-2563
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2562 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
+CVE-2010-2562
 	NOT-FOR-US: Microsoft
-CVE-2010-2561 (Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle ...)
+CVE-2010-2561
 	NOT-FOR-US: Microsoft
-CVE-2010-2560 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+CVE-2010-2560
 	NOT-FOR-US: Microsoft
-CVE-2010-2559 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2010-2559
 	NOT-FOR-US: Microsoft
-CVE-2010-2558 (Race condition in Microsoft Internet Explorer 6, 7, and 8 allows ...)
+CVE-2010-2558
 	NOT-FOR-US: Microsoft
-CVE-2010-2557 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
+CVE-2010-2557
 	NOT-FOR-US: Microsoft
-CVE-2010-2556 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+CVE-2010-2556
 	NOT-FOR-US: Microsoft
-CVE-2010-2555 (The Tracing Feature for Services in Microsoft Windows Vista SP1 and ...)
+CVE-2010-2555
 	NOT-FOR-US: Microsoft
-CVE-2010-2554 (The Tracing Feature for Services in Microsoft Windows Vista SP1 and ...)
+CVE-2010-2554
 	NOT-FOR-US: Microsoft
-CVE-2010-2553 (The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista ...)
+CVE-2010-2553
 	NOT-FOR-US: Microsoft
-CVE-2010-2552 (Stack consumption vulnerability in the SMB Server in Microsoft Windows ...)
+CVE-2010-2552
 	NOT-FOR-US: Microsoft
-CVE-2010-2551 (The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server ...)
+CVE-2010-2551
 	NOT-FOR-US: Microsoft
-CVE-2010-2550 (The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server ...)
+CVE-2010-2550
 	NOT-FOR-US: Microsoft
-CVE-2010-2549 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft ...)
+CVE-2010-2549
 	NOT-FOR-US: Microsoft
 CVE-2010-2548
 	RESERVED
 	- openjdk-6 6b18-1.8.1-1
-CVE-2010-2547 (Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG ...)
+CVE-2010-2547
 	{DSA-2076-1}
 	- gnupg2 2.0.14-2
-CVE-2010-2546 (Multiple heap-based buffer overflows in loaders/load_it.c in ...)
+CVE-2010-2546
 	{DSA-2081-1}
 	- libmikmod 3.1.11-6.3
-CVE-2010-2545 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti before ...)
+CVE-2010-2545
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-2544 (Cross-site scripting (XSS) vulnerability in utilities.php in Cacti ...)
+CVE-2010-2544
 	- cacti 0.8.7g-1
-CVE-2010-2543 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-2543
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-2542 (Stack-based buffer overflow in the is_git_directory function in ...)
+CVE-2010-2542
 	{DSA-2114-1}
 	- git-core 1:1.7.1-1.1 (low; bug #590026)
-CVE-2010-2541 (Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType ...)
+CVE-2010-2541
 	{DSA-2105-1}
 	- freetype 2.4.2-1 (low)
-CVE-2010-2540 (mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 ...)
+CVE-2010-2540
 	{DSA-2079-1}
 	- mapserver 5.6.4-1
-CVE-2010-2539 (Buffer overflow in the msTmpFile function in maputil.c in mapserv in ...)
+CVE-2010-2539
 	{DSA-2079-1}
 	- mapserver 5.6.4-1
-CVE-2010-2538 (Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c ...)
+CVE-2010-2538
 	- linux-2.6 2.6.32-19
 	[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.29)
-CVE-2010-2537 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel ...)
+CVE-2010-2537
 	- linux-2.6 2.6.32-19
 	[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.29)
-CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and ...)
+CVE-2010-2536
 	- rekonq 0.5.0-2 (bug #593300)
-CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back End in ...)
+CVE-2010-2535
 	NOT-FOR-US: Joomla!
-CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...)
+CVE-2010-2534
 	- openttd 1.0.3-1
 	[lenny] - openttd <not-affected> (Introduced in 1.0.1)
 	NOTE: http://bugs.openttd.org/task/3909
 CVE-2010-2533
 	REJECTED
-CVE-2010-2532 (** DISPUTED ** ...)
+CVE-2010-2532
 	- lxsession 0.4.4-3 (bug #591409)
-CVE-2010-2531 (The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 ...)
+CVE-2010-2531
 	{DSA-2266-1}
 	- php5 5.3.3-2 (low)
-CVE-2010-2530 (Multiple integer signedness errors in smb_subr.c in the netsmb module ...)
+CVE-2010-2530
 	NOT-FOR-US: NetBSD
-CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, ...)
+CVE-2010-2529
 	{DSA-2645-1}
 	- iputils 3:20100418-2
 	- inetutils 2:1.9-2
 	[lenny] - iputils 3:20071127-1+lenny1
-CVE-2010-2528 (The clientautoresp function in family_icbm.c in the oscar protocol ...)
+CVE-2010-2528
 	- pidgin 2.7.2-1
 	[lenny] - pidgin <not-affected> (Vulnerable code not present, support for X-Status was added later)
-CVE-2010-2527 (Multiple buffer overflows in demo programs in FreeType before 2.4.0 ...)
+CVE-2010-2527
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2526 (The cluster logical volume manager daemon (clvmd) in lvm2-cluster in ...)
+CVE-2010-2526
 	{DSA-2095-1}
 	- lvm2 2.02.66-3 (bug #591204)
 CVE-2010-2525
 	RESERVED
-CVE-2010-2524 (The DNS resolution functionality in the CIFS implementation in the ...)
+CVE-2010-2524
 	{DSA-2264-1}
 	- linux-2.6 2.6.32-19
-CVE-2010-2523 (Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 ...)
+CVE-2010-2523
 	NOT-FOR-US: UMIP
-CVE-2010-2522 (The mipv6 daemon in UMIP 0.4 does not verify that netlink messages ...)
+CVE-2010-2522
 	NOT-FOR-US: UMIP
-CVE-2010-2521 (Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR ...)
+CVE-2010-2521
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-13
-CVE-2010-2520 (Heap-based buffer overflow in the Ins_IUP function in ...)
+CVE-2010-2520
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2519 (Heap-based buffer overflow in the Mac_Read_POST_Resource function in ...)
+CVE-2010-2519
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2518 (Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before ...)
+CVE-2010-2518
 	NOT-FOR-US: P8 Content Search Engine
-CVE-2010-2517 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest before ...)
+CVE-2010-2517
 	NOT-FOR-US: ClearQuest
-CVE-2010-2516 (Multiple SQL injection vulnerabilities in 2daybiz Multi Level ...)
+CVE-2010-2516
 	NOT-FOR-US: 2daybiz Multi Level Marketing
-CVE-2010-2515 (Multiple SQL injection vulnerabilities in index.php in the JFaq ...)
+CVE-2010-2515
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2514 (Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) ...)
+CVE-2010-2514
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2513 (SQL injection vulnerability in the JE Ajax Event Calendar ...)
+CVE-2010-2513
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2512 (SQL injection vulnerability in customprofile.php in 2daybiz ...)
+CVE-2010-2512
 	NOT-FOR-US: 2daybiz Matrimonial Script
-CVE-2010-2511 (SQL injection vulnerability in viewnews.php in 2daybiz Multi Level ...)
+CVE-2010-2511
 	NOT-FOR-US: 2daybiz Multi Level Marketing
-CVE-2010-2510 (SQL injection vulnerability in customize.php in 2daybiz Web Template ...)
+CVE-2010-2510
 	NOT-FOR-US: 2daybiz Web Template
-CVE-2010-2509 (Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web ...)
+CVE-2010-2509
 	NOT-FOR-US: 2daybiz Web Template
-CVE-2010-2508 (SQL injection vulnerability in user-profile.php in 2daybiz Video ...)
+CVE-2010-2508
 	NOT-FOR-US: 2daybiz Video
-CVE-2010-2507 (Directory traversal vulnerability in the Picasa2Gallery ...)
+CVE-2010-2507
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2506 (Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys ...)
+CVE-2010-2506
 	NOT-FOR-US: Linksys
-CVE-2010-2505 (Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows ...)
+CVE-2010-2505
 	NOT-FOR-US: Soft SaschArt SasCAM Webcam Server
-CVE-2010-2504 (Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote ...)
+CVE-2010-2504
 	NOT-FOR-US: Splunk
-CVE-2010-2503 (Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 ...)
+CVE-2010-2503
 	NOT-FOR-US: Splunk
-CVE-2010-2502 (Multiple directory traversal vulnerabilities in Splunk 4.0 through ...)
+CVE-2010-2502
 	NOT-FOR-US: Splunk
 CVE-2010-2501
 	RESERVED
-CVE-2010-2500 (Integer overflow in the gray_render_span function in smooth/ftgrays.c ...)
+CVE-2010-2500
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2499 (Buffer overflow in the Mac_Read_POST_Resource function in ...)
+CVE-2010-2499
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2498 (The psh_glyph_find_strong_points function in pshinter/pshalgo.c in ...)
+CVE-2010-2498
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2497 (Integer underflow in glyph handling in FreeType before 2.4.0 allows ...)
+CVE-2010-2497
 	{DSA-2070-1}
 	- freetype 2.4.0-1
 CVE-2010-2496
 	RESERVED
-CVE-2010-2493 (The default configuration of the deployment descriptor (aka web.xml) ...)
+CVE-2010-2493
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-2492 (Buffer overflow in the ecryptfs_uid_hash macro in ...)
+CVE-2010-2492
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-19
-CVE-2010-2491 (Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup ...)
+CVE-2010-2491
 	- roundup 1.4.13-3.1 (bug #590769)
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=326395
 	NOTE: http://roundup.svn.sourceforge.net/viewvc/roundup?view=revision&revision=4486
@@ -7295,153 +7295,153 @@ CVE-2010-2490 [murmur DoS via malformed client query]
 	- mumble 1.2.2-4 (bug #587713)
 	[lenny] - mumble <no-dsa> (Minor issue)
 	- qt4-x11 <not-affected> (low; bug #587713)
-CVE-2010-2489 (Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow ...)
+CVE-2010-2489
 	- ruby1.8 <not-affected> (Windows-specific)
 	- ruby1.9.1 <not-affected> (Windows-specific)
 CVE-2010-2488 [znc null pointer deref]
 	RESERVED
 	{DSA-2069-1}
 	- znc 0.090-2 (bug #584929)
-CVE-2010-2487 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ...)
+CVE-2010-2487
 	{DSA-2083-1}
 	- moin 1.9.3-1 (bug #584809)
 CVE-2010-2486
 	RESERVED
 CVE-2010-2485
 	RESERVED
-CVE-2010-2484 (The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent ...)
+CVE-2010-2484
 	- php5 5.3.3-1 (unimportant)
-CVE-2010-2483 (The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers ...)
+CVE-2010-2483
 	- tiff 3.9.4-4 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2482 (LibTIFF 3.9.4 and earlier does not properly handle an invalid ...)
+CVE-2010-2482
 	{DSA-2552-1}
 	- tiff 3.9.4-1 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2481 (The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly ...)
+CVE-2010-2481
 	- tiff 3.9.4-1 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2480 (Mako before 0.3.4 relies on the cgi.escape function in the Python ...)
+CVE-2010-2480
 	- mako 0.3.4-1 (low)
 	[lenny] - mako <no-dsa> (Minor issue)
-CVE-2010-2478 (Integer overflow in the ethtool_get_rxnfc function in ...)
+CVE-2010-2478
 	- linux-2.6 2.6.32-19
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=608950
 	NOTE: http://thread.gmane.org/gmane.linux.network/164869
-CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2010-2477
 	- paste 1.7.4-1 (low)
 	[lenny] - paste 1.7.1-1+lenny1
 	NOTE: http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
 CVE-2010-2475
 	RESERVED
-CVE-2010-2474 (JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise ...)
+CVE-2010-2474
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-2470 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through ...)
+CVE-2010-2470
 	- bugzilla <not-affected> (Only affects 3.5 to 3.7)
 CVE-2010-2476 [syscp open_basedir bypassing]
 	RESERVED
 	- syscp <removed> (bug #587481)
-CVE-2010-2469 (The Linear eMerge 50 and 5000 uses a default password of eMerge for ...)
+CVE-2010-2469
 	NOT-FOR-US: Linear eMerge
-CVE-2010-2468 (The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 ...)
+CVE-2010-2468
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2467 (The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear ...)
+CVE-2010-2467
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2466 (The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear ...)
+CVE-2010-2466
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2465 (The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge ...)
+CVE-2010-2465
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2464 (Multiple cross-site scripting (XSS) vulnerabilities in the RSComments ...)
+CVE-2010-2464
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2463 (Cross-site scripting (XSS) vulnerability in forum.php in Jamroom ...)
+CVE-2010-2463
 	NOT-FOR-US: Jamroom
-CVE-2010-2462 (SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP ...)
+CVE-2010-2462
 	NOT-FOR-US: Toma Cero OroHYIP
-CVE-2010-2461 (SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 ...)
+CVE-2010-2461
 	NOT-FOR-US: JCE-Tech Overstock
-CVE-2010-2460 (SQL injection vulnerability in merchant_product_list.php in JCE-Tech ...)
+CVE-2010-2460
 	NOT-FOR-US: JCE-Tech Shareasale Script
-CVE-2010-2459 (SQL injection vulnerability in video.php in 2daybiz Video Community ...)
+CVE-2010-2459
 	NOT-FOR-US: 2daybiz Video Community Portal Script
-CVE-2010-2458 (Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video ...)
+CVE-2010-2458
 	NOT-FOR-US: 2daybiz Video Community Portal Script
-CVE-2010-2457 (Cross-site scripting (XSS) vulnerability in index.php in K-Search ...)
+CVE-2010-2457
 	NOT-FOR-US: K-Search
-CVE-2010-2456 (Multiple directory traversal vulnerabilities in index.php in Linker ...)
+CVE-2010-2456
 	NOT-FOR-US: Linker IMG
-CVE-2010-2455 (Opera does not properly manage the address bar between the request to ...)
+CVE-2010-2455
 	NOT-FOR-US: Opera
-CVE-2010-2454 (Apple Safari does not properly manage the address bar between the ...)
+CVE-2010-2454
 	- webkit <not-affected> (iceweasel/safari-specific issues)
 	- chromium-browser <not-affected> (iceweasel/safari-specific issues)
 	NOTE: i tested both firefox and safari poc's, and neither of them caused the
 	NOTE: address bar to be spoofed in either webkit or chrome
 	NOTE: this will be address in iceweasel in cve-2010-1206
-CVE-2010-2453 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Disk ...)
+CVE-2010-2453
 	NOT-FOR-US: Synology Disk Station
-CVE-2010-2452 (Directory traversal vulnerability in the DCC functionality in KVIrc ...)
+CVE-2010-2452
 	{DSA-2065-1}
 	- kvirc 4:4.0.0~svn4340+rc3-1
-CVE-2010-2451 (Multiple format string vulnerabilities in the DCC functionality in ...)
+CVE-2010-2451
 	{DSA-2065-1}
 	- kvirc 4:4.0.0~svn4340+rc3-1
-CVE-2010-2443 (The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before ...)
+CVE-2010-2443
 	- tiff 3.9.4-1 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	NOTE: Triggers a NULL pointer deref, crasher only
-CVE-2010-2442 (Microsoft Internet Explorer, possibly 8, does not properly restrict ...)
+CVE-2010-2442
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-2441 (WebKit does not properly restrict focus changes, which allows remote ...)
+CVE-2010-2441
 	- webkit 1.2.1-3 (low)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: http://trac.webkit.org/changeset/58829
-CVE-2010-2440 (Stack-based buffer overflow in st-wizard.exe in Subtitle Translation ...)
+CVE-2010-2440
 	NOT-FOR-US: Subtitle Translation Wizard
-CVE-2010-2439 (Stack-based buffer overflow in MoreAmp allows remote attackers to ...)
+CVE-2010-2439
 	NOT-FOR-US: MoreAmp
-CVE-2010-2438 (SQL injection vulnerability in G.CMS generator allows remote attackers ...)
+CVE-2010-2438
 	NOT-FOR-US: G.CMS
-CVE-2010-2437 (Cross-site scripting (XSS) vulnerability in class/tools.class.php in ...)
+CVE-2010-2437
 	NOT-FOR-US: AneCMS BLog
-CVE-2010-2436 (SQL injection vulnerability in modules/blog/index.php in AneCMS Blog ...)
+CVE-2010-2436
 	NOT-FOR-US: AneCMS Blog
-CVE-2010-2435 (Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause ...)
+CVE-2010-2435
 	- weborf 0.12.2-1
-CVE-2010-2434 (Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software ...)
+CVE-2010-2434
 	NOT-FOR-US: Explzh
-CVE-2010-2433 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-2433
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-2432 (The cupsDoAuthentication function in auth.c in the client in CUPS ...)
+CVE-2010-2432
 	{DSA-2176-1}
 	- cups 1.4.4-1
-CVE-2010-2431 (The cupsFileOpen function in CUPS before 1.4.4 allows local users, ...)
+CVE-2010-2431
 	{DSA-2176-1}
 	- cups 1.4.4-1
 CVE-2010-2430
 	RESERVED
-CVE-2010-2429 (Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, ...)
+CVE-2010-2429
 	NOT-FOR-US: Splunk
-CVE-2010-2428 (Cross-site scripting (XSS) vulnerability in admin_loginok.html in the ...)
+CVE-2010-2428
 	NOT-FOR-US: Wing FTP Server
-CVE-2010-2427 (VMware Studio 2.0 does not properly write to temporary files, which ...)
+CVE-2010-2427
 	NOT-FOR-US: VMware Studio
-CVE-2010-2426 (Directory traversal vulnerability in TitanFTPd in South River ...)
+CVE-2010-2426
 	NOT-FOR-US: Titan FTP Server
-CVE-2010-2425 (Directory traversal vulnerability in TitanFTPd in South River ...)
+CVE-2010-2425
 	NOT-FOR-US: Titan FTP Server
 CVE-2010-2424
 	RESERVED
 CVE-2010-2423
 	RESERVED
-CVE-2010-2422 (Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone ...)
+CVE-2010-2422
 	- plone3 <removed>
-CVE-2010-2421 (Multiple unspecified vulnerabilities in Opera before 10.54 have ...)
+CVE-2010-2421
 	NOT-FOR-US: Opera
-CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
+CVE-2010-2420
 	NOT-FOR-US: Sleipnir
-CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before ...)
+CVE-2010-2479
 	{DSA-2067-1}
 	- php-htmlpurifier 4.1.1+dfsg1-1
 	- mahara 1.2.5-1
@@ -7449,274 +7449,274 @@ CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before
 	[lenny] - moodle <not-affected> (doesn't ship/use htmlpurifier)
 	- knowledgeroot 0.9.9.5-5
 	[lenny] - knowledgeroot <no-dsa> (low)
-CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component in ...)
+CVE-2010-2419
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management component ...)
+CVE-2010-2418
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle Supply ...)
+CVE-2010-2417
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2010-2416
 	NOT-FOR-US: Oracle E-Business Intelligence
-CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component in ...)
+CVE-2010-2415
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun ...)
+CVE-2010-2414
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+CVE-2010-2413
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle Database ...)
+CVE-2010-2412
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle ...)
+CVE-2010-2411
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
+CVE-2010-2410
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
+CVE-2010-2409
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
+CVE-2010-2408
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle Database ...)
+CVE-2010-2407
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
+CVE-2010-2406
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
+CVE-2010-2405
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
+CVE-2010-2404
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
+CVE-2010-2403
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-2402
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2401 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile ...)
+CVE-2010-2401
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2400 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, ...)
+CVE-2010-2400
 	NOT-FOR-US: Solaris
-CVE-2010-2399 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+CVE-2010-2399
 	NOT-FOR-US: Solaris
-CVE-2010-2398 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2010-2398
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application Server ...)
+CVE-2010-2397
 	NOT-FOR-US: Oracle Sun Java System Application Serve
-CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle Fusion ...)
+CVE-2010-2396
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
+CVE-2010-2395
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2010-2394
 	NOT-FOR-US: Solaris
-CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+CVE-2010-2393
 	NOT-FOR-US: Solaris
-CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+CVE-2010-2392
 	NOT-FOR-US: Solaris
-CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2010-2391
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM ...)
+CVE-2010-2390
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle Database ...)
+CVE-2010-2389
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2010-2388
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2387 (vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x ...)
+CVE-2010-2387
 	- gdm 2.20.11-1
-CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
+CVE-2010-2386
 	NOT-FOR-US: Solaris
-CVE-2010-2385 (Unspecified vulnerability in Oracle Sun Java System Web Proxy Server ...)
+CVE-2010-2385
 	NOT-FOR-US: Oracle Sun Java System Web Proxy Server
-CVE-2010-2384 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local ...)
+CVE-2010-2384
 	NOT-FOR-US: Solaris
-CVE-2010-2383 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
+CVE-2010-2383
 	NOT-FOR-US: Solaris
-CVE-2010-2382 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+CVE-2010-2382
 	NOT-FOR-US: Solaris
-CVE-2010-2381 (Unspecified vulnerability in the Application Server Control component ...)
+CVE-2010-2381
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2380 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
+CVE-2010-2380
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2379 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - Time &amp; ...)
+CVE-2010-2379
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2378 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
+CVE-2010-2378
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2377 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2010-2377
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2376 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+CVE-2010-2376
 	NOT-FOR-US: Solaris
-CVE-2010-2375 (Package/Privilege: Plugins for Apache, Sun and IIS web servers ...)
+CVE-2010-2375
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2374 (Unspecified vulnerability in Solaris Studio 12 update 1 allows local ...)
+CVE-2010-2374
 	NOT-FOR-US: Solaris
-CVE-2010-2373 (Unspecified vulnerability in the Console component in Oracle ...)
+CVE-2010-2373
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2010-2372 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2010-2372
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2010-2371 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2010-2371
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process Management ...)
+CVE-2010-2370
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2369 (Untrusted search path vulnerability in Lhasa 0.19 and earlier allows ...)
+CVE-2010-2369
 	NOT-FOR-US: Lhasa
-CVE-2010-2368 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
+CVE-2010-2368
 	NOT-FOR-US: Lhaplus
-CVE-2010-2367 (Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 ...)
+CVE-2010-2367
 	NOT-FOR-US: AD-EDIT2
-CVE-2010-2366 (Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access ...)
+CVE-2010-2366
 	NOT-FOR-US: CGI Cafe Access Analyzer
-CVE-2010-2365 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 ...)
+CVE-2010-2365
 	NOT-FOR-US: Free CGI Moo moobbs2
-CVE-2010-2364 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before ...)
+CVE-2010-2364
 	NOT-FOR-US: Free CGI Moo moobbs2
-CVE-2010-2363 (The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the ...)
+CVE-2010-2363
 	NOT-FOR-US: SEIL/X1, SEIL/X2, and SEIL/B1 routers
-CVE-2010-2362 (Winny 2.0b7.1 and earlier does not properly process node information, ...)
+CVE-2010-2362
 	NOT-FOR-US: Winny
-CVE-2010-2361 (Winny 2.0b7.1 and earlier does not properly process BBS information, ...)
+CVE-2010-2361
 	NOT-FOR-US: Winny
-CVE-2010-2360 (Multiple buffer overflows in Winny 2.0b7.1 and earlier might allow ...)
+CVE-2010-2360
 	NOT-FOR-US: Winny
-CVE-2010-2359 (SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com ...)
+CVE-2010-2359
 	NOT-FOR-US: eWebquiz
-CVE-2010-2358 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-2358
 	NOT-FOR-US: Nakid CMS
-CVE-2010-2357 (SQL injection vulnerability in index.php in Eicra Realestate Script ...)
+CVE-2010-2357
 	NOT-FOR-US: Eicra Realestate Script
-CVE-2010-2356 (Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot ...)
+CVE-2010-2356
 	NOT-FOR-US: Pilot Group eLMS Pro
-CVE-2010-2355 (Cross-site scripting (XSS) vulnerability in error.php in Pilot Group ...)
+CVE-2010-2355
 	NOT-FOR-US: Pilot Group eLMS Pro
-CVE-2010-2354 (SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS ...)
+CVE-2010-2354
 	NOT-FOR-US: Pilot Group eLMS Pro
-CVE-2010-2353 (The Node Reference module in Content Construction Kit (CCK) module 6.x ...)
+CVE-2010-2353
 	- drupal6-mod-cck <not-affected> (Fixed before initial upload)
-CVE-2010-2352 (The Node Reference module in Content Construction Kit (CCK) module 5.x ...)
+CVE-2010-2352
 	- drupal6-mod-cck <not-affected> (Fixed before initial upload)
-CVE-2010-2351 (Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 ...)
+CVE-2010-2351
 	NOT-FOR-US: Novell Netware
-CVE-2010-2350 (Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows ...)
+CVE-2010-2350
 	- ziproxy 3.1.1-1 (bug #587039)
 	[lenny] - ziproxy <not-affected> (Introduced in 3.1.0)
-CVE-2010-2349 (H264WebCam 3.7 allows remote attackers to cause a denial of service ...)
+CVE-2010-2349
 	NOT-FOR-US: H264WebCam
-CVE-2010-2348 (Stack-based buffer overflow in Batch Audio Converter Lite Edition ...)
+CVE-2010-2348
 	NOT-FOR-US: Batch Audio Converter
-CVE-2010-2347 (The Telnet interface in the SAP J2EE Engine Core (SAP-JEECOR) 6.40 ...)
+CVE-2010-2347
 	NOT-FOR-US: SAP J2EE Telnet Interface
 CVE-2010-2346
 	RESERVED
-CVE-2010-2345 (Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and ...)
+CVE-2010-2345
 	NOT-FOR-US: odCMS
-CVE-2010-2344 (Multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06, and ...)
+CVE-2010-2344
 	NOT-FOR-US: odCMS
-CVE-2010-2343 (Stack-based buffer overflow in D.R. Software Audio Converter 8.1, ...)
+CVE-2010-2343
 	NOT-FOR-US: D.R. Software Audio Converter
-CVE-2010-2342 (SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady ...)
+CVE-2010-2342
 	NOT-FOR-US: DMXReady Online Notebook Manager
-CVE-2010-2341 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-2341
 	NOT-FOR-US: EZPX Photoblog
-CVE-2010-2340 (SQL injection vulnerability in members.php in Arab Portal 2.2, when ...)
+CVE-2010-2340
 	NOT-FOR-US: Arab Portal
-CVE-2010-2339 (SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x ...)
+CVE-2010-2339
 	NOT-FOR-US: Subdreamer CMS
-CVE-2010-2338 (Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor ...)
+CVE-2010-2338
 	NOT-FOR-US: VU Web Visitor Analyst
-CVE-2010-2337 (Open redirect vulnerability in RSA Federated Identity Manager 4.0 ...)
+CVE-2010-2337
 	NOT-FOR-US: RSA Federated Identity Manager
-CVE-2010-2336 (index.php in Yamamah Photo Gallery 1.00 allows remote attackers to ...)
+CVE-2010-2336
 	NOT-FOR-US: Yamamah Photo Gallery
-CVE-2010-2335 (SQL injection vulnerability in index.php in Yamamah Photo Gallery ...)
+CVE-2010-2335
 	NOT-FOR-US: Yamamah Photo Gallery
-CVE-2010-2334 (Directory traversal vulnerability in themes/default/download.php in ...)
+CVE-2010-2334
 	NOT-FOR-US: Yamamah Phote Gallery
-CVE-2010-2333 (LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows ...)
+CVE-2010-2333
 	NOT-FOR-US: LiteSpeed Web Server
-CVE-2010-2332 (Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other versions ...)
+CVE-2010-2332
 	NOT-FOR-US: Impact PDF Reader
-CVE-2010-2331 (Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 ...)
+CVE-2010-2331
 	NOT-FOR-US: iSharer File Sharing Wizard
-CVE-2010-2330 (Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 ...)
+CVE-2010-2330
 	NOT-FOR-US: iSharer File Sharing Wizard
-CVE-2010-2329 (Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote ...)
+CVE-2010-2329
 	NOT-FOR-US: Rosoft Audio Converter
-CVE-2010-2328 (The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0 before ...)
+CVE-2010-2328
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2327 (mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before ...)
+CVE-2010-2327
 	NOT-FOR-US: IBM HTTP Server
-CVE-2010-2326 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when ...)
+CVE-2010-2326
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2325 (Cross-site scripting (XSS) vulnerability in the administrative console ...)
+CVE-2010-2325
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2324 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS ...)
+CVE-2010-2324
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2323 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS ...)
+CVE-2010-2323
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2322 (Absolute path traversal vulnerability in the extract_jar function in ...)
+CVE-2010-2322
 	- fastjar 2:0.98-3 (low)
 	[lenny] - fastjar <no-dsa> (Minor issue)
-CVE-2010-2321 (Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote ...)
+CVE-2010-2321
 	NOT-FOR-US: Adobe InDesign
-CVE-2010-2320 (bozotic HTTP server (aka bozohttpd) before 20100621 allows remote ...)
+CVE-2010-2320
 	- bozohttpd 20100621-1 (low; bug #590298)
 	[lenny] - bozohttpd <no-dsa> (Minor information leak)
-CVE-2010-2319 (SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 ...)
+CVE-2010-2319
 	NOT-FOR-US: IDevSpot TextAds
-CVE-2010-2318 (Cross-site scripting (XSS) vulnerability in cms_data.php in ...)
+CVE-2010-2318
 	NOT-FOR-US: PHPCityPortal
-CVE-2010-2317 (Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow ...)
+CVE-2010-2317
 	NOT-FOR-US: WmsCms
-CVE-2010-2316 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+CVE-2010-2316
 	NOT-FOR-US: WmsCms
-CVE-2010-2315 (PHP remote file inclusion vulnerability in picturelib.php in ...)
+CVE-2010-2315
 	NOT-FOR-US: SmartISoft phpBazar
-CVE-2010-2314 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-2314
 	NOT-FOR-US: NP_Twitter Plugin
-CVE-2010-2313 (Directory traversal vulnerability in index.php in Anodyne Productions ...)
+CVE-2010-2313
 	NOT-FOR-US: SIMM Management System
-CVE-2010-2312 (SQL injection vulnerability in index.php in HauntmAx Haunted House ...)
+CVE-2010-2312
 	NOT-FOR-US: HauntmAx Haunted House Directory Listing CMS
-CVE-2010-2311 (Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows ...)
+CVE-2010-2311
 	NOT-FOR-US: Power Tab Editor
-CVE-2010-2310 (SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a ...)
+CVE-2010-2310
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2010-2309 (Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and ...)
+CVE-2010-2309
 	NOT-FOR-US: EvoLogical EvoCam
-CVE-2010-2308 (Unspecified vulnerability in the filter driver (savonaccessfilter.sys) ...)
+CVE-2010-2308
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2010-2307 (Multiple directory traversal vulnerabilities in the web server for ...)
+CVE-2010-2307
 	NOT-FOR-US: Motorola firmware
-CVE-2010-2306 (The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; ...)
+CVE-2010-2306
 	NOT-FOR-US: Sourcefire 3D Sensor
-CVE-2010-2305 (Buffer overflow in an ActiveX control in SSHelper.dll for Symantec ...)
+CVE-2010-2305
 	NOT-FOR-US: Symantec Sygate Personal Firewall
 CVE-2010-2304
 	REJECTED
 CVE-2010-2303
 	REJECTED
-CVE-2010-2302 (Use-after-free vulnerability in WebCore in WebKit in Google Chrome ...)
+CVE-2010-2302
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: http://trac.webkit.org/changeset/59876
 	NOTE: duplicate of cve-2010-1771
-CVE-2010-2301 (Cross-site scripting (XSS) vulnerability in editing/markup.cpp in ...)
+CVE-2010-2301
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: http://trac.webkit.org/changeset/59241
 	NOTE: http://trac.webkit.org/changeset/59242
 	NOTE: duplicate of cve-2010-1762
-CVE-2010-2300 (Use-after-free vulnerability in the Element::normalizeAttributes ...)
+CVE-2010-2300
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: http://trac.webkit.org/changeset/59109
 	NOTE: duplicate of cve-2010-1759
-CVE-2010-2299 (The Clipboard::DispatchObject function in app/clipboard/clipboard.cc ...)
+CVE-2010-2299
 	- webkit <not-affected> (chromium-specific)
 	- chromium-browser 5.0.375.70~r48679-1
-CVE-2010-2298 (browser/renderer_host/database_dispatcher_host.cc in Google Chrome ...)
+CVE-2010-2298
 	- webkit <not-affected> (chromium-specific)
 	- chromium-browser 5.0.375.70~r48679-1
-CVE-2010-2297 (rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome ...)
+CVE-2010-2297
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: http://trac.webkit.org/changeset/59495
-CVE-2010-2296 (The implementation of unspecified DOM methods in Google Chrome before ...)
+CVE-2010-2296
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
@@ -7726,487 +7726,487 @@ CVE-2010-2296 (The implementation of unspecified DOM methods in Google Chrome be
 	NOTE: http://trac.webkit.org/changeset/57658
 	NOTE: http://trac.webkit.org/changeset/59769
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=48159
-CVE-2010-2295 (page/EventHandler.cpp in WebCore in WebKit in Google Chrome before ...)
+CVE-2010-2295
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: http://trac.webkit.org/changeset/58829
-CVE-2010-2294 (Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and ...)
+CVE-2010-2294
 	NOT-FOR-US: Plume CMS
-CVE-2010-2293 (The Ping tools web interface in Dlink Di-604 router allows remote ...)
+CVE-2010-2293
 	NOT-FOR-US: Dlink Di-604
-CVE-2010-2292 (Cross-site scripting (XSS) vulnerability in the Ping tools web ...)
+CVE-2010-2292
 	NOT-FOR-US: Dlink Di-604 Router
-CVE-2010-2291 (Unspecified vulnerability in the web interface in snom VoIP Phone ...)
+CVE-2010-2291
 	NOT-FOR-US: snom VoIP Phone
-CVE-2010-2290 (Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in ...)
+CVE-2010-2290
 	NOT-FOR-US: McAfee
-CVE-2010-2289 (Open redirect vulnerability in dana/home/homepage.cgi in Juniper ...)
+CVE-2010-2289
 	NOT-FOR-US: Juniper Networks
-CVE-2010-2288 (Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in ...)
+CVE-2010-2288
 	NOT-FOR-US: Juniper Networks
-CVE-2010-2282 (Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 ...)
+CVE-2010-2282
 	NOT-FOR-US: TomatoCMS
-CVE-2010-2281 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-2281
 	NOT-FOR-US: TomatoCMS
-CVE-2010-2280 (Open redirect vulnerability in the Mobile component in IBM Lotus ...)
+CVE-2010-2280
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2279 (The Top Updates implementation in the Homepage component in IBM Lotus ...)
+CVE-2010-2279
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2278 (The bookmarklet pop-up in the Bookmarks component in IBM Lotus ...)
+CVE-2010-2278
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2277 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
+CVE-2010-2277
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2276 (The default configuration of the build process in Dojo 0.4.x before ...)
+CVE-2010-2276
 	- dojo <not-affected> (Doesn't affect the Debian packaging)
-CVE-2010-2275 (Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js ...)
+CVE-2010-2275
 	- dojo 1.4.2+dfsg-1
-CVE-2010-2274 (Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, ...)
+CVE-2010-2274
 	- dojo 1.4.2+dfsg-1
-CVE-2010-2273 (Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x ...)
+CVE-2010-2273
 	- dojo 1.4.2+dfsg-1
-CVE-2010-2272 (Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before ...)
+CVE-2010-2272
 	- dojo <not-affected> (only affects 0.4 branch)
-CVE-2010-2271 (Format string vulnerability in authcfg.cgi in Accoria Web Server (aka ...)
+CVE-2010-2271
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2270 (Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable ...)
+CVE-2010-2270
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2269 (Directory traversal vulnerability in loadstatic.cgi in Accoria Web ...)
+CVE-2010-2269
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2268 (Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in ...)
+CVE-2010-2268
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2267 (Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web ...)
+CVE-2010-2267
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2266 (nginx 0.8.36 allows remote attackers to cause a denial of service ...)
+CVE-2010-2266
 	- nginx <not-affected> (Confirmed Windows only, see bug #590768)
-CVE-2010-2265 (Cross-site scripting (XSS) vulnerability in the GetServerName function ...)
+CVE-2010-2265
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2264 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...)
+CVE-2010-2264
 	- chromium-browser 6.0.466.0~r52279-1
 	NOTE: This is a large series of risky behaviour-changing changesets.
 	NOTE: upstream changelog says this is fixed in 1.2.3, but i'm doubtful of that
-CVE-2010-2263 (nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on ...)
+CVE-2010-2263
 	- nginx <not-affected> (Windows-specific vulnerability when running on NTFS)
-CVE-2010-2283 (The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 ...)
+CVE-2010-2283
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2285 (The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 ...)
+CVE-2010-2285
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2284 (Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 ...)
+CVE-2010-2284
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2287 (Buffer overflow in the SigComp Universal Decompressor Virtual Machine ...)
+CVE-2010-2287
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2286 (The SigComp Universal Decompressor Virtual Machine dissector in ...)
+CVE-2010-2286
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2262 (Galileo Students Team Weborf before 0.12.1 allows remote attackers to ...)
+CVE-2010-2262
 	- weborf 0.12.1-1
-CVE-2010-2261 (Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers ...)
+CVE-2010-2261
 	NOT-FOR-US: Linksys WAP54Gv3
-CVE-2010-2260 (Multiple cross-site scripting (XSS) vulnerabilities in Gambit Design ...)
+CVE-2010-2260
 	NOT-FOR-US: Gabmbit Design Bandwidth Meter
-CVE-2010-2259 (Directory traversal vulnerability in the BF Survey (com_bfsurvey) ...)
+CVE-2010-2259
 	NOT-FOR-US: com_bfsurvey component for joomla!
-CVE-2010-2258 (Cross-site scripting (XSS) vulnerability in signupconfirm.php in ...)
+CVE-2010-2258
 	NOT-FOR-US: phpBannerExchange
-CVE-2010-2257 (SQL injection vulnerability in index_ie.php in Pay Per Minute Video ...)
+CVE-2010-2257
 	NOT-FOR-US: Pay Per Minute Video Chat Script
-CVE-2010-2256 (Multiple cross-site scripting (XSS) vulnerabilities in Pay Per Minute ...)
+CVE-2010-2256
 	NOT-FOR-US: Pay Per Minute Video Chat Script
-CVE-2010-2255 (SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) ...)
+CVE-2010-2255
 	NOT-FOR-US: com_bfsurvey component for joomla!
-CVE-2010-2254 (SQL injection vulnerability in the Shape5 Bridge of Hope template for ...)
+CVE-2010-2254
 	NOT-FOR-US: joomla!
-CVE-2010-2253 (lwp-download in libwww-perl before 5.835 does not reject downloads to ...)
+CVE-2010-2253
 	- libwww-perl 5.835-1 (low)
 	[lenny] - libwww-perl 5.813-1+lenny2
-CVE-2010-2252 (GNU Wget 1.12 and earlier uses a server-provided filename instead of ...)
+CVE-2010-2252
 	{DSA-2088-1}
 	- wget 1.12-2.1 (low; bug #590296)
-CVE-2010-2251 (The get1 command, as used by lftpget, in LFTP before 4.0.6 does not ...)
+CVE-2010-2251
 	{DSA-2085-1}
 	- lftp 4.0.6-1 (low)
 	[lenny] - lftp <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2010-001.html
-CVE-2010-2249 (Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before ...)
+CVE-2010-2249
 	{DSA-2072-1}
 	- libpng 1.2.44-1 (low; bug #587670)
 	- tuxonice-userui 1.0-1 (unimportant)
 	NOTE: tuxonice-userui 1.0-1 was binNMUed
-CVE-2010-2248 (fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel ...)
+CVE-2010-2248
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-12 (low)
 CVE-2010-2247 [makepasswd: insecure passwords generated with default settings]
 	RESERVED
 	- makepasswd 1.10-5 (low; bug #564559)
 	[lenny] - makepasswd 1.10-3+lenny1
-CVE-2010-2246 (feh before 1.8, when the --wget-timestamp option is enabled, might ...)
+CVE-2010-2246
 	- feh 1.8-1 (low; bug #587205)
 	[lenny] - feh <no-dsa> (Minor issue)
-CVE-2010-2245 (XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and ...)
+CVE-2010-2245
 	NOT-FOR-US: Apache Wink
-CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in ...)
+CVE-2010-2244
 	{DSA-2086-1}
 	- avahi 0.6.26-1
 CVE-2010-2243 [timekeeping oops]
 	RESERVED
 	- linux-2.6 2.6.32-11
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-2242 (Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with ...)
+CVE-2010-2242
 	- libvirt 0.8.3-1 (low)
 	[lenny] - libvirt 0.4.6-10+lenny1
-CVE-2010-2241 (The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red ...)
+CVE-2010-2241
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2010-2240 (The do_anonymous_page function in mm/memory.c in the Linux kernel ...)
+CVE-2010-2240
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-21
-CVE-2010-2239 (Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images ...)
+CVE-2010-2239
 	- libvirt 0.8.3-1 (low)
 	[lenny] - libvirt <not-affected> (only affects >= 0.6.0)
-CVE-2010-2238 (Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into ...)
+CVE-2010-2238
 	- libvirt 0.8.3-1
 	[lenny] - libvirt <not-affected> (only affects >= 0.7.2)
-CVE-2010-2237 (Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing ...)
+CVE-2010-2237
 	- libvirt 0.8.3-1
 	[lenny] - libvirt <not-affected> (only affects >= 0.6.1)
-CVE-2010-2236 (The monitoring probe display in spacewalk-java before 2.1.148-1 and ...)
+CVE-2010-2236
 	NOT-FOR-US: Red Hat Satellite
-CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network ...)
+CVE-2010-2235
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...)
+CVE-2010-2233
 	- tiff 3.9.4-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
-CVE-2010-2232 (In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export ...)
+CVE-2010-2232
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://issues.apache.org/jira/browse/DERBY-2925
-CVE-2010-2231 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2010-2231
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
-CVE-2010-2230 (The KSES text cleaning filter in lib/weblib.php in Moodle before ...)
+CVE-2010-2230
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
 	- wordpress 3.0.4+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
 	- egroupware <not-affected> (Only forks a minor subset of KSES)
-CVE-2010-2229 (Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php ...)
+CVE-2010-2229
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
-CVE-2010-2228 (Cross-site scripting (XSS) vulnerability in the MNET access-control ...)
+CVE-2010-2228
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
-CVE-2010-2227 (Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 ...)
+CVE-2010-2227
 	{DSA-2207-1}
 	- tomcat5.5 <removed>
 	- tomcat6 6.0.28-1 (bug #588813)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-2226 (The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel ...)
+CVE-2010-2226
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-19
-CVE-2010-2225 (Use-after-free vulnerability in the SplObjectStorage unserializer in ...)
+CVE-2010-2225
 	{DSA-2089-1}
 	- php5 5.3.3-1
-CVE-2010-2224 (The snapshot merging functionality in Red Hat Enterprise ...)
+CVE-2010-2224
 	NOT-FOR-US: Red Hat Enterprise Virtualization Manager (RHEV-M)
-CVE-2010-2223 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
+CVE-2010-2223
 	- vdsm <itp> (bug #668538)
 CVE-2010-2222
 	RESERVED
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2010-2221 (Multiple buffer overflows in the iSNS implementation in isns.c in (1) ...)
+CVE-2010-2221
 	- iscsitarget 1.4.20.1-1
-CVE-2010-2220 (Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, ...)
+CVE-2010-2220
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2219 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before ...)
+CVE-2010-2219
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2218 (Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, ...)
+CVE-2010-2218
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2217 (Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, ...)
+CVE-2010-2217
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2216 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and ...)
+CVE-2010-2216
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2215 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and ...)
+CVE-2010-2215
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2214 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and ...)
+CVE-2010-2214
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2213 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and ...)
+CVE-2010-2213
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2212 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x ...)
+CVE-2010-2212
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2211 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2211
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2210 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2210
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2209 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2209
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2208 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2208
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2207 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2207
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2206 (Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x ...)
+CVE-2010-2206
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2205 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2205
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2204 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before ...)
+CVE-2010-2204
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2203 (Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to ...)
+CVE-2010-2203
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2202 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2202
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2201 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2201
 	NOT-FOR-US: Adobe Reader
 CVE-2010-2200
 	RESERVED
-CVE-2010-2199 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the ...)
+CVE-2010-2199
 	- rpm <unfixed> (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2010-2198 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the ...)
+CVE-2010-2198
 	- rpm <unfixed> (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2010-2197 (rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax ...)
+CVE-2010-2197
 	- rpm 4.8.1-1 (low; bug #584257)
 	[lenny] - rpm <no-dsa> (Minor issue)
 CVE-2010-2196
 	RESERVED
-CVE-2010-2195 (bozotic HTTP server (aka bozohttpd) 20090522 through 20100512 allows ...)
+CVE-2010-2195
 	- bozohttpd 20100621-1 (low; bug #590298)
 	[lenny] - bozohttpd <not-affected> (Only affects 20090522 to 20100512)
 CVE-2010-2194
 	RESERVED
-CVE-2010-2193 (Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) ...)
+CVE-2010-2193
 	NOT-FOR-US: CA Global Advisor
-CVE-2010-2192 (The make_lockdir_name function in policy.c in pmount 0.9.18 allow ...)
+CVE-2010-2192
 	{DSA-2063-1}
 	- pmount 0.9.23-1
-CVE-2010-2191 (The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; ...)
+CVE-2010-2191
 	- php5 5.3.3-1 (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2190 (The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions ...)
+CVE-2010-2190
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2189 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2189
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2188 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2188
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2187 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2187
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2186 (Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and ...)
+CVE-2010-2186
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2185 (Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before ...)
+CVE-2010-2185
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2184 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2184
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2183 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x ...)
+CVE-2010-2183
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2182 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2182
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2181 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x ...)
+CVE-2010-2181
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2180 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2180
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2179 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2010-2179
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2178 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2178
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2177 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2177
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2176 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2176
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2175 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2175
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2174 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2174
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2173 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2173
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2172 (Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms ...)
+CVE-2010-2172
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2171 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2171
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2170 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x ...)
+CVE-2010-2170
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2169 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2169
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2168 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-2168
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2167 (Multiple heap-based buffer overflows in Adobe Flash Player before ...)
+CVE-2010-2167
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2166 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2166
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2165 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2165
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2164 (Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 ...)
+CVE-2010-2164
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2163 (Multiple unspecified vulnerabilities in Adobe Flash Player before ...)
+CVE-2010-2163
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2162 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2162
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2161 (Array index error in Adobe Flash Player before 9.0.277.0 and 10.x ...)
+CVE-2010-2161
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2160 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...)
+CVE-2010-2160
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2159 (Dameng DM Database Server allows remote authenticated users to cause a ...)
+CVE-2010-2159
 	NOT-FOR-US: Dameng DM Database
-CVE-2010-2158 (Multiple cross-site scripting (XSS) vulnerabilities in the Storm ...)
+CVE-2010-2158
 	NOT-FOR-US: Storm module for Drupal
-CVE-2010-2157 (Unspecified vulnerability in CA ARCserve Backup r11.5 SP4, r12.0 SP2, ...)
+CVE-2010-2157
 	NOT-FOR-US: CA ARCserve
-CVE-2010-2156 (ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote ...)
+CVE-2010-2156
 	- isc-dhcp 4.1.1-P1-1
 	- dhcp3 <not-affected> (Only affects DHCP 4.x)
 	- dhcp <not-affected> (Only affects DHCP 4.x)
 	NOTE: http://www.isc.org/software/dhcp/advisories/cve-2010-2156
-CVE-2010-2155 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-2155
 	{DSA-2056-1}
 	- zonecheck 2.1.1-1 (bug #583290)
-CVE-2010-2154 (Cross-site scripting (XSS) vulnerability in the Search Site in CMScout ...)
+CVE-2010-2154
 	NOT-FOR-US: CMScout
-CVE-2010-2153 (Unrestricted file upload vulnerability in ...)
+CVE-2010-2153
 	NOT-FOR-US: TCExam
-CVE-2010-2152 (Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, ...)
+CVE-2010-2152
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2010-2151 (Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 ...)
+CVE-2010-2151
 	NOT-FOR-US: Fujitsu e-Pares
-CVE-2010-2150 (Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 ...)
+CVE-2010-2150
 	NOT-FOR-US: Fujitsu e-Pares
-CVE-2010-2149 (Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, ...)
+CVE-2010-2149
 	NOT-FOR-US: Fujitsu e-Pares
-CVE-2010-2148 (SQL injection vulnerability in the My Car (com_mycar) component 1.0 ...)
+CVE-2010-2148
 	NOT-FOR-US: My Car for Joomla
-CVE-2010-2147 (Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) ...)
+CVE-2010-2147
 	NOT-FOR-US: My Car for Joomla
-CVE-2010-2146 (PHP remote file inclusion vulnerability in banned.php in Visitor ...)
+CVE-2010-2146
 	NOT-FOR-US: Visitor Logger
-CVE-2010-2145 (Multiple PHP remote file inclusion vulnerabilities in ClearSite Beta ...)
+CVE-2010-2145
 	NOT-FOR-US: ClearSite
-CVE-2010-2144 (Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways ...)
+CVE-2010-2144
 	NOT-FOR-US: Zeeways eBay Clone auction script
-CVE-2010-2143 (Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 ...)
+CVE-2010-2143
 	NOT-FOR-US: Symphony CMS
-CVE-2010-2142 (SQL injection vulnerability in default.asp in Cyberhost allows remote ...)
+CVE-2010-2142
 	NOT-FOR-US: Cyberhost
-CVE-2010-2141 (SQL injection vulnerability in index.php in NITRO Web Gallery allows ...)
+CVE-2010-2141
 	NOT-FOR-US: NITRO Web Gallery
-CVE-2010-2140 (SQL injection vulnerability in itemdetail.php in Multishop CMS allows ...)
+CVE-2010-2140
 	NOT-FOR-US: Multishop CMS
-CVE-2010-2139 (SQL injection vulnerability in pages.php in Multishop CMS allows ...)
+CVE-2010-2139
 	NOT-FOR-US: Multishop CMS
-CVE-2010-2138 (Multiple directory traversal vulnerabilities in ProMan 0.1.1 and ...)
+CVE-2010-2138
 	NOT-FOR-US: ProMan
-CVE-2010-2137 (PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 ...)
+CVE-2010-2137
 	NOT-FOR-US: ProMan
-CVE-2010-2136 (Directory traversal vulnerability in admin/index.php in Article ...)
+CVE-2010-2136
 	NOT-FOR-US: Article Friendly
-CVE-2010-2135 (Multiple SQL injection vulnerabilities in login.php in HazelPress Lite ...)
+CVE-2010-2135
 	NOT-FOR-US: HazelPress Lite
-CVE-2010-2134 (Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 ...)
+CVE-2010-2134
 	NOT-FOR-US: Project Man
-CVE-2010-2133 (SQL injection vulnerability in contact.php in My Little Forum allows ...)
+CVE-2010-2133
 	NOT-FOR-US: My Little Forum
-CVE-2010-2132 (Multiple PHP remote file inclusion vulnerabilities in Open Education ...)
+CVE-2010-2132
 	NOT-FOR-US: Open Education System
-CVE-2010-2131 (SQL injection vulnerability in the Calendar Base (cal) extension ...)
+CVE-2010-2131
 	NOT-FOR-US: Typo3 extenson Calendar Base
-CVE-2010-2130 (Cross-site scripting (XSS) vulnerability in wflogin.jsp in Aris Global ...)
+CVE-2010-2130
 	NOT-FOR-US: Aris Global ARISg
-CVE-2010-2129 (Directory traversal vulnerability in the JE Ajax Event Calendar ...)
+CVE-2010-2129
 	NOT-FOR-US: JE Ajax Event Calenda
-CVE-2010-2128 (Directory traversal vulnerability in the JE Quotation Form ...)
+CVE-2010-2128
 	NOT-FOR-US: JE Quotation Form for Joomla
-CVE-2010-2127 (PHP remote file inclusion vulnerability in gallery.php in JV2 Folder ...)
+CVE-2010-2127
 	NOT-FOR-US: JV2 Folder Gallery
-CVE-2010-2126 (Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery ...)
+CVE-2010-2126
 	NOT-FOR-US: Snipe Gallery
-CVE-2010-2125 (Multiple cross-site scripting (XSS) vulnerabilities in the Rotor ...)
+CVE-2010-2125
 	NOT-FOR-US: Rotor Banner module for Drupal
-CVE-2010-2124 (SQL injection vulnerability in firma.php in Bartels Schone ConPresso ...)
+CVE-2010-2124
 	NOT-FOR-US: Bartels Schone ConPresso
-CVE-2010-2123 (Multiple cross-site scripting (XSS) vulnerabilities in the Storm ...)
+CVE-2010-2123
 	NOT-FOR-US: Storm module for Drupal
-CVE-2010-2122 (Directory traversal vulnerability in the SimpleDownload ...)
+CVE-2010-2122
 	NOT-FOR-US: SimpleDownload for Joomla
-CVE-2010-2121 (Opera 9.52 allows remote attackers to cause a denial of service ...)
+CVE-2010-2121
 	NOT-FOR-US: Opera
-CVE-2010-2120 (Google Chrome 1.0.154.48 allows remote attackers to cause a denial of ...)
+CVE-2010-2120
 	NOT-FOR-US: Unclear, historic Chrome issue
-CVE-2010-2119 (Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to ...)
+CVE-2010-2119
 	NOT-FOR-US: MS IE
-CVE-2010-2118 (Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows ...)
+CVE-2010-2118
 	NOT-FOR-US: MS IE
-CVE-2010-2117 (Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to ...)
+CVE-2010-2117
 	- xulrunner <unfixed> (unimportant)
-CVE-2010-2116 (The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 ...)
+CVE-2010-2116
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2010-2115 (SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a ...)
+CVE-2010-2115
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2010-2114 (Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke ...)
+CVE-2010-2114
 	NOT-FOR-US: Brekeke PBX
-CVE-2010-2113 (Multiple cross-site request forgery (CSRF) vulnerabilities in The ...)
+CVE-2010-2113
 	NOT-FOR-US: The Uniform Server
-CVE-2010-2112 (Directory traversal vulnerability in the FTP service in FileCOPA ...)
+CVE-2010-2112
 	NOT-FOR-US: FileCOPA
-CVE-2010-2111 (Cross-site request forgery (CSRF) vulnerability in user/user-set.do in ...)
+CVE-2010-2111
 	NOT-FOR-US: Pacific Timesheet
-CVE-2010-2110 (Google Chrome before 5.0.375.55 does not properly execute JavaScript ...)
+CVE-2010-2110
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (issue in chrome's libv8 bindings)
 	NOTE: http://trac.webkit.org/changeset/58229
-CVE-2010-2109 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows ...)
+CVE-2010-2109
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/58441
-CVE-2010-2108 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows ...)
+CVE-2010-2108
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-2107 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows ...)
+CVE-2010-2107
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (doesn't have safebrowsing feature)
-CVE-2010-2106 (Unspecified vulnerability in Google Chrome before 5.0.375.55 might ...)
+CVE-2010-2106
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-2105 (Google Chrome before 5.0.375.55 does not properly follow the Safe ...)
+CVE-2010-2105
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (doesn't have safebrowsing feature)
-CVE-2010-2104 (Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and ...)
+CVE-2010-2104
 	NOT-FOR-US: Orbit Downloader
-CVE-2010-2103 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-2103
 	- axis <not-affected> (axis != axis2, vulnerable code not present)
-CVE-2010-2102 (Buffer overflow in Webby Webserver 1.01 allows remote attackers to ...)
+CVE-2010-2102
 	NOT-FOR-US: Webby Webserver
-CVE-2010-2101 (The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) ...)
+CVE-2010-2101
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2100 (The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) ...)
+CVE-2010-2100
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2099 (bbcode/php.bb in e107 0.7.20 and earlier does not perform access ...)
+CVE-2010-2099
 	NOT-FOR-US: e107
-CVE-2010-2098 (Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 ...)
+CVE-2010-2098
 	NOT-FOR-US: e107
-CVE-2010-2097 (The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode ...)
+CVE-2010-2097
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2096 (Directory traversal vulnerability in index.php in CMSQlite 1.2 and ...)
+CVE-2010-2096
 	NOT-FOR-US: CMSQlite
-CVE-2010-2095 (SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier ...)
+CVE-2010-2095
 	NOT-FOR-US: CMSQlite
-CVE-2010-2094 (Multiple format string vulnerabilities in the phar extension in PHP ...)
+CVE-2010-2094
 	- php5 5.3.3-1 (low)
 	[lenny] - php5 <not-affected> (Vulnerable code not present)
-CVE-2010-2093 (Use-after-free vulnerability in the request shutdown functionality in ...)
+CVE-2010-2093
 	- php5 5.3.3-1 (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2092 (SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier ...)
+CVE-2010-2092
 	{DSA-2060-1}
 	- cacti 0.8.7e-4 (bug #582691)
-CVE-2010-2091 (Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 ...)
+CVE-2010-2091
 	NOT-FOR-US: Microsoft OWA
-CVE-2010-2090 (The npb_protocol_error function in sna V5router64 in IBM ...)
+CVE-2010-2090
 	NOT-FOR-US: IBM Communications Server
-CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the ...)
+CVE-2010-2089
 	- python3.1 3.1.2+20100706-1 (low)
 	- python2.7 2.7-1 (low)
 	- python2.6 2.6.5+20100706-1 (low)
@@ -8214,63 +8214,63 @@ CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the ...)
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted ...)
+CVE-2010-2088
 	NOT-FOR-US: Microsoft .NET
-CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ...)
+CVE-2010-2087
 	- mojarra <unfixed> (unimportant; bug #611130)
 	NOTE: Affected feature is fundamentally insecure
-CVE-2010-2086 (Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application ...)
+CVE-2010-2086
 	NOT-FOR-US: Apache MyFaces
-CVE-2010-2085 (The default configuration of ASP.NET in Microsoft .NET before 1.1 has ...)
+CVE-2010-2085
 	NOT-FOR-US: Microsoft .NET
-CVE-2010-2084 (Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property ...)
+CVE-2010-2084
 	NOT-FOR-US: Microsoft .NET
-CVE-2010-2083 (Microsoft Dynamics GP has a default value of ACCESS for the system ...)
+CVE-2010-2083
 	NOT-FOR-US: Microsoft Dynamics GP
-CVE-2010-2082 (The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 ...)
+CVE-2010-2082
 	NOT-FOR-US: Cisco
 CVE-2010-2081
 	RESERVED
-CVE-2010-2080 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
+CVE-2010-2080
 	- otrs2 2.4.8+dfsg1-1
 	[lenny] - otrs2 <not-affected> (Only affects OTRS 2.3 and 2.4)
-CVE-2010-2079 (DataTrack System 3.5 allows remote attackers to bypass intended ...)
+CVE-2010-2079
 	NOT-FOR-US: DataTrack System
-CVE-2010-2078 (DataTrack System 3.5 allows remote attackers to list the root ...)
+CVE-2010-2078
 	NOT-FOR-US: DataTrack System
 CVE-2010-2077
 	REJECTED
-CVE-2010-2076 (Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before ...)
+CVE-2010-2076
 	NOT-FOR-US: Apache CXF
-CVE-2010-2075 (UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from ...)
+CVE-2010-2075
 	- unrealircd <itp> (bug #515130)
-CVE-2010-2074 (istream.c in w3m 0.5.2 and possibly other versions, when ...)
+CVE-2010-2074
 	- w3m 0.5.2-5 (low; bug #587445)
 	[lenny] - w3m 0.5.2-2+lenny1
-CVE-2010-2073 (auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and ...)
+CVE-2010-2073
 	- pyftpd 0.8.5 (low; bug #585776)
 	[lenny] - pyftpd 0.8.4.6+lenny1
-CVE-2010-2072 (Pyftpd 0.8.4 creates log files with predictable names in a temporary ...)
+CVE-2010-2072
 	- pyftpd 0.8.5 (low; bug #585773)
 	[lenny] - pyftpd 0.8.4.6+lenny1
-CVE-2010-2071 (The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the ...)
+CVE-2010-2071
 	- linux-2.6 2.6.32-16
 	[lenny] - linux-2.6 <not-affected> (btrfs introduced in 2.6.29)
-CVE-2010-2070 (arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and ...)
+CVE-2010-2070
 	- xen-3 3.2.1-2
 	NOTE: The respective patch is present in Lenny's version of xen-3, might be fixed even earlier
 CVE-2010-2069
 	REJECTED
-CVE-2010-2068 (mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 ...)
+CVE-2010-2068
 	- apache2 <not-affected> (does not affect UNIX, only Windows, etc.)
-CVE-2010-2067 (Stack-based buffer overflow in the TIFFFetchSubjectDistance function ...)
+CVE-2010-2067
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
-CVE-2010-2066 (The mext_check_arguments function in fs/ext4/move_extent.c in the ...)
+CVE-2010-2066
 	- linux-2.6 2.6.32-21
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.31)
-CVE-2010-2065 (Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 ...)
+CVE-2010-2065
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
@@ -8280,11 +8280,11 @@ CVE-2010-2064
 	RESERVED
 	- rpcbind 0.2.0-4.1
 	NOTE: This version changed the state directory to /var/run/rpcbind, which is only writable by root
-CVE-2010-2063 (Buffer overflow in the SMB1 packet chaining implementation in the ...)
+CVE-2010-2063
 	{DSA-2061-1}
 	- samba 2:3.4.0~pre1-1 (high)
 	NOTE: the affected code has been completely rewritten since 3.4.x
-CVE-2010-2062 (Integer underflow in the real_get_rdt_chunk function in real.c, as ...)
+CVE-2010-2062
 	{DSA-2044-1 DSA-2043-1}
 	- vlc 1.0.1-1
 	[lenny] - vlc 0.8.6.h-4+lenny2.3
@@ -8297,583 +8297,583 @@ CVE-2010-2062 (Integer underflow in the real_get_rdt_chunk function in real.c, a
 CVE-2010-2061
 	RESERVED
 	- rpcbind 0.2.0-4.1
-CVE-2010-2060 (The put command functionality in beanstalkd 1.4.5 and earlier allows ...)
+CVE-2010-2060
 	- beanstalkd 1.4.6-1 (unimportant; bug #585162)
 	NOTE: Package description reads: "Beanstalkd is meant to be ran in a trusted network,
 	NOTE: "as it has no authorisation/authentication mechanisms". So this is likely a non-issue
-CVE-2010-2059 (lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and ...)
+CVE-2010-2059
 	- rpm 4.8.1-1 (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2010-2058 (setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable ...)
+CVE-2010-2058
 	- prewikka 1.0.0-1.1 (low; bug #584469)
 	[lenny] - prewikka <no-dsa> (The insecure permissions only apply for a very short timeframe during pkg update)
 	NOTE: FEDORA-2009-3761 http://lwn.net/Articles/330642
-CVE-2010-2057 (shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, ...)
+CVE-2010-2057
 	NOT-FOR-US: Apache MyFaces
-CVE-2010-2056 (GNU gv before 3.7.0 allows local users to overwrite arbitrary files ...)
+CVE-2010-2056
 	- gv 1:3.7.1-1 (low)
 	[lenny] - gv <no-dsa> (Minor issue)
-CVE-2010-2055 (Ghostscript 8.71 and earlier reads initialization files from the ...)
+CVE-2010-2055
 	- ghostscript 8.71~dfsg2-6.1 (bug #584653; bug #592569; bug #584663)
 	[lenny] - ghostscript <no-dsa> (too risky for regressions)
-CVE-2010-2054 (Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 ...)
+CVE-2010-2054
 	NOT-FOR-US: SBLIM SFCB
-CVE-2010-2053 (emesenelib/ProfileManager.py in emesene before 1.6.2 allows local ...)
+CVE-2010-2053
 	- emesene 1.6.2-1 (low)
 	[lenny] - emesene <not-affected> (Introduced in 1.6.1)
 CVE-2010-2052
 	REJECTED
-CVE-2010-2051 (SQL injection vulnerability in article.php in Debliteck DBCart allows ...)
+CVE-2010-2051
 	NOT-FOR-US: Debliteck DBCart
-CVE-2010-2050 (Directory traversal vulnerability in the Moron Solutions MS Comment ...)
+CVE-2010-2050
 	NOT-FOR-US: Moron Solutions MS Comment
-CVE-2010-2049 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-2049
 	NOT-FOR-US: ManageEngine ADAudit Plus
-CVE-2010-2048 (Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat ...)
+CVE-2010-2048
 	NOT-FOR-US: Heartbeat module for Drupal
-CVE-2010-2047 (SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 ...)
+CVE-2010-2047
 	NOT-FOR-US: JE CMS
-CVE-2010-2046 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2010-2046
 	NOT-FOR-US: ActiveHelper LiveHelp for Joomla
-CVE-2010-2045 (Directory traversal vulnerability in the Dione Form Wizard (aka FDione ...)
+CVE-2010-2045
 	NOT-FOR-US: Dione Form Wizard
-CVE-2010-2044 (SQL injection vulnerability in the Konsultasi (com_konsultasi) ...)
+CVE-2010-2044
 	NOT-FOR-US: Konsultasi for Joomla
-CVE-2010-2043 (Cross-site scripting (XSS) vulnerability in Home.aspx in DataTrack ...)
+CVE-2010-2043
 	NOT-FOR-US: DataTrack System
-CVE-2010-2042 (SQL injection vulnerability in search.php in ECShop 2.7.2 allows ...)
+CVE-2010-2042
 	NOT-FOR-US: ECShop
-CVE-2010-2041 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-2041
 	NOT-FOR-US: PHP-Calendar
-CVE-2010-2040 (Cross-site scripting (XSS) vulnerability in search.php in V-EVA ...)
+CVE-2010-2040
 	NOT-FOR-US: V-EVA Shopzilla script
-CVE-2010-2039 (Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, ...)
+CVE-2010-2039
 	NOT-FOR-US: gpEasy CMS
-CVE-2010-2038 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-2038
 	NOT-FOR-US: gpEasy CMS
-CVE-2010-2037 (Directory traversal vulnerability in the Percha Downloads Attach ...)
+CVE-2010-2037
 	NOT-FOR-US: Percha
-CVE-2010-2036 (Directory traversal vulnerability in the Percha Fields Attach ...)
+CVE-2010-2036
 	NOT-FOR-US: Percha
-CVE-2010-2035 (Directory traversal vulnerability in the Percha Gallery ...)
+CVE-2010-2035
 	NOT-FOR-US: Percha
-CVE-2010-2034 (Directory traversal vulnerability in the Percha Image Attach ...)
+CVE-2010-2034
 	NOT-FOR-US: Percha
-CVE-2010-2033 (Directory traversal vulnerability in the Percha Multicategory Article ...)
+CVE-2010-2033
 	NOT-FOR-US: Percha
-CVE-2010-2032 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-2032
 	NOT-FOR-US: Caucho Technology Resin Professional
-CVE-2010-2031 (KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield ...)
+CVE-2010-2031
 	NOT-FOR-US: Kingsoft Webshield
-CVE-2010-2030 (Cross-site scripting (XSS) vulnerability in the External Link Page ...)
+CVE-2010-2030
 	NOT-FOR-US: External Link Page module for Drupal
-CVE-2010-2029 (Cybozu Office 7 Ktai and Dotsales do not properly restrict access to ...)
+CVE-2010-2029
 	NOT-FOR-US: Cybozu Office and Dotsales
-CVE-2010-2028 (Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 ...)
+CVE-2010-2028
 	NOT-FOR-US: k23productions TFTPGUI
-CVE-2010-2027 (Mathematica 7, when running on Linux, allows local users to overwrite ...)
+CVE-2010-2027
 	NOT-FOR-US: Mathematica
-CVE-2010-2026 (The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 ...)
+CVE-2010-2026
 	NOT-FOR-US: Cisco
-CVE-2010-2025 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2010-2025
 	NOT-FOR-US: Cisco
-CVE-2010-2024 (transports/appendfile.c in Exim before 4.72, when MBX locking is ...)
+CVE-2010-2024
 	- exim4 4.72-1 (low)
 	[lenny] - exim4 <no-dsa> (Minor issue)
-CVE-2010-2023 (transports/appendfile.c in Exim before 4.72, when a world-writable ...)
+CVE-2010-2023
 	- exim4 4.72-1 (low)
 	[lenny] - exim4 <no-dsa> (Minor issue)
-CVE-2010-2022 (jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the &quot;-l -U ...)
+CVE-2010-2022
 	- kfreebsd-6 <not-affected> (jail binary not yet provided, see bug #584930)
 	- kfreebsd-7 <not-affected> (jail binary not yet provided, see bug #584930)
 	- kfreebsd-8 <not-affected> (jail binary not yet provided, see bug #584930)
-CVE-2010-2021 (Open redirect vulnerability in the Global Redirect module 6.x-1.x ...)
+CVE-2010-2021
 	NOT-FOR-US: Global Redirect module for Drupal is not in Debian
-CVE-2010-2020 (sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD ...)
+CVE-2010-2020
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (Minor issue, not enabled by default)
 	- kfreebsd-7 7.3-2
 	[lenny] - kfreebsd-7 <no-dsa> (Minor issue, not enabled by default)
 	- kfreebsd-8 8.0-6 (bug #584930)
-CVE-2010-2019 (SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, ...)
+CVE-2010-2019
 	NOT-FOR-US: Lokomedia CMS
-CVE-2010-2018 (Directory traversal vulnerability in downlot.php in Lokomedia CMS ...)
+CVE-2010-2018
 	NOT-FOR-US: Lokomedia CMS
-CVE-2010-2017 (Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in ...)
+CVE-2010-2017
 	NOT-FOR-US: Lokomedia CMS
-CVE-2010-2016 (SQL injection vulnerability in details.php in Iceberg CMS allows ...)
+CVE-2010-2016
 	NOT-FOR-US: Iceberg CMS
-CVE-2010-2015 (Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote ...)
+CVE-2010-2015
 	NOT-FOR-US: LiSK CMS
-CVE-2010-2014 (Cross-site scripting (XSS) vulnerability in cp/list_content.php in ...)
+CVE-2010-2014
 	NOT-FOR-US: LiSK CMS
-CVE-2010-2013 (Cross-site scripting (XSS) vulnerability in cp/edit_email.php in LiSK ...)
+CVE-2010-2013
 	NOT-FOR-US: LiSK CMS
-CVE-2010-2012 (SQL injection vulnerability in function.php in MigasCMS 1.1, when ...)
+CVE-2010-2012
 	NOT-FOR-US: MigasCMS
-CVE-2010-2011 (Microsoft Dynamics GP uses a substitution cipher to encrypt the system ...)
+CVE-2010-2011
 	NOT-FOR-US: Microsoft Dynamics GP
-CVE-2010-2010 (Multiple cross-site scripting (XSS) vulnerabilities in the Chaos Tool ...)
+CVE-2010-2010
 	NOT-FOR-US: CTools module for Drupal
-CVE-2010-2009 (Stack-based buffer overflow in the media library in BS.Global ...)
+CVE-2010-2009
 	NOT-FOR-US: BS.Global BS.Player
-CVE-2010-2008 (MySQL before 5.1.48 allows remote authenticated users with alter ...)
+CVE-2010-2008
 	- mysql-5.1 5.1.48-1
 	- mysql-dfsg-5.0 <not-affected> (Only affects MySQL 5.1 onwards)
-CVE-2010-2007 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS ...)
+CVE-2010-2007
 	- mydms <removed> (bug #590904; low)
 	[lenny] - mydms <no-dsa> (Minor issue)
 	NOTE: seems to have changed name to letoDMS
-CVE-2010-2006 (Directory traversal vulnerability in op/op.Login.php in LetoDMS ...)
+CVE-2010-2006
 	{DSA-2146-1}
 	- mydms 1.7.2+1.7.3-1.1 (bug #582587; medium)
 	NOTE: seems to have changed name to letoDMS
-CVE-2010-2005 (Multiple PHP remote file inclusion vulnerabilities in DataLife Engine ...)
+CVE-2010-2005
 	NOT-FOR-US: Datalife Engine
-CVE-2010-2004 (Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 ...)
+CVE-2010-2004
 	NOT-FOR-US: BS.Player
-CVE-2010-2003 (Cross-site scripting (XSS) vulnerability in misc/get_admin.php in ...)
+CVE-2010-2003
 	NOT-FOR-US: Advanced Poll
-CVE-2010-2002 (Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x ...)
+CVE-2010-2002
 	NOT-FOR-US: Wordfilter module for Drupal
-CVE-2010-2001 (Cross-site scripting (XSS) vulnerability in the CiviRegister module ...)
+CVE-2010-2001
 	NOT-FOR-US: CiviRegister module for Drupal
-CVE-2010-2000 (Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) ...)
+CVE-2010-2000
 	NOT-FOR-US: Biblio module for Drupal
-CVE-2010-1999 (Directory traversal vulnerability in scr/soustab.php in OpenMairie ...)
+CVE-2010-1999
 	NOT-FOR-US: OpenMairie
-CVE-2010-1998 (Cross-site scripting (XSS) vulnerability in the CCK TableField module ...)
+CVE-2010-1998
 	NOT-FOR-US: CCK TableField module for Drupal
-CVE-2010-1997 (Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus ...)
+CVE-2010-1997
 	NOT-FOR-US: Saurus CMS
-CVE-2010-1996 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-1996
 	NOT-FOR-US: Tomato CMS
-CVE-2010-1995 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-1995
 	NOT-FOR-US: Tomato CMS
-CVE-2010-1994 (SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 ...)
+CVE-2010-1994
 	NOT-FOR-US: Tomato CMS
-CVE-2010-1993 (Opera 9.52 does not properly handle an IFRAME element with a mailto: ...)
+CVE-2010-1993
 	NOT-FOR-US: Opera
-CVE-2010-1992 (Google Chrome 1.0.154.48 executes a mail application in situations ...)
+CVE-2010-1992
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: http://translate.google.com/translate?hl=en&u=http://websecurity.com.ua/4206/&sl=uk&tl=en
 	NOTE: poc is just one window, but can be changed to open many
 	NOTE: this is a dos-only attack, so its considered unimportant
-CVE-2010-1991 (Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 ...)
+CVE-2010-1991
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1990 (Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, ...)
+CVE-2010-1990
 	- xulrunner <unfixed> (unimportant; bug #582590)
 	- iceape <removed> (unimportant)
 	NOTE: browser dos attacks are not considered security-relevant
-CVE-2010-1989 (Opera 9.52 executes a mail application in situations where an IMG ...)
+CVE-2010-1989
 	NOT-FOR-US: Opera
-CVE-2010-1988 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
+CVE-2010-1988
 	- xulrunner <unfixed> (unimportant)
 	- iceape <removed> (unimportant)
 	NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
-CVE-2010-1987 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
+CVE-2010-1987
 	- xulrunner <unfixed> (unimportant)
 	- iceape <removed> (unimportant)
 	NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
-CVE-2010-1986 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
+CVE-2010-1986
 	- xulrunner <unfixed> (unimportant)
 	- iceape <removed> (unimportant)
 	NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
-CVE-2010-1985 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2010-1985
 	NOT-FOR-US: Six Apart Movable type
-CVE-2010-1984 (Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb ...)
+CVE-2010-1984
 	NOT-FOR-US: Taxonomy Breadcrumb module for Drupal
-CVE-2010-1983 (Directory traversal vulnerability in the redTWITTER (com_redtwitter) ...)
+CVE-2010-1983
 	NOT-FOR-US: com_redtwitter component for joomla!
-CVE-2010-1982 (Directory traversal vulnerability in the JA Voice (com_javoice) ...)
+CVE-2010-1982
 	NOT-FOR-US: com_javoice component for joomla!
-CVE-2010-1981 (Directory traversal vulnerability in the Fabrik (com_fabrik) component ...)
+CVE-2010-1981
 	NOT-FOR-US: com_fabrik component for joomla!
-CVE-2010-1980 (Directory traversal vulnerability in joomlaflickr.php in the Joomla ...)
+CVE-2010-1980
 	NOT-FOR-US: com_joomlaflickr component for joomla!
-CVE-2010-1979 (Directory traversal vulnerability in the Affiliate Datafeeds ...)
+CVE-2010-1979
 	NOT-FOR-US: com_datafeeds component for joomla!
-CVE-2010-1978 (PHP remote file inclusion vulnerability in default_theme.php in ...)
+CVE-2010-1978
 	NOT-FOR-US: FreePHPBlogSoftware
-CVE-2010-1977 (Directory traversal vulnerability in the J!WHMCS Integrator ...)
+CVE-2010-1977
 	NOT-FOR-US: com_jwhmcs component for joomla!
-CVE-2010-1976 (Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb ...)
+CVE-2010-1976
 	NOT-FOR-US: Taxonomy Breadcrumb module for Drupal
-CVE-2010-1975 (PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, ...)
+CVE-2010-1975
 	{DSA-2051-1}
 	- postgresql-8.4 8.4.4-1 (low)
 	- postgresql-8.3 <removed> (low)
 CVE-2010-1974
 	REJECTED
-CVE-2010-1973 (Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, ...)
+CVE-2010-1973
 	NOT-FOR-US: OpenVMS
-CVE-2010-1972 (The default configuration of HP Client Automation (HPCA) Enterprise ...)
+CVE-2010-1972
 	NOT-FOR-US: HP Client Automation
-CVE-2010-1971 (Cross-site request forgery (CSRF) vulnerability in HP Insight Software ...)
+CVE-2010-1971
 	NOT-FOR-US: HP Insight
-CVE-2010-1970 (Unspecified vulnerability in HP Insight Software Installer for Windows ...)
+CVE-2010-1970
 	NOT-FOR-US: HP Insight
-CVE-2010-1969 (Cross-site scripting (XSS) vulnerability in HP Virtual Connect ...)
+CVE-2010-1969
 	NOT-FOR-US: HP Virtual Connect Enterprise Manager
-CVE-2010-1968 (Cross-site request forgery (CSRF) vulnerability in HP Insight Software ...)
+CVE-2010-1968
 	NOT-FOR-US: HP Insight
-CVE-2010-1967 (Unspecified vulnerability in HP Insight Software Installer for Windows ...)
+CVE-2010-1967
 	NOT-FOR-US: HP Insight
-CVE-2010-1966 (Unspecified vulnerability in HP Insight Control power management for ...)
+CVE-2010-1966
 	NOT-FOR-US: HP Insight
-CVE-2010-1965 (Unspecified vulnerability in HP Insight Orchestration for Windows ...)
+CVE-2010-1965
 	NOT-FOR-US: HP Insight
-CVE-2010-1964 (Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node ...)
+CVE-2010-1964
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1963 (Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows ...)
+CVE-2010-1963
 	NOT-FOR-US: HP ServiceCenter
-CVE-2010-1962 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
+CVE-2010-1962
 	NOT-FOR-US: HP StorageWorks
-CVE-2010-1961 (Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView ...)
+CVE-2010-1961
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1960 (Buffer overflow in the error handling functionality in ...)
+CVE-2010-1960
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1959 (Unspecified vulnerability in HP TestDirector for Quality Center 9.2 ...)
+CVE-2010-1959
 	NOT-FOR-US: HP TestDirector for Quality Center
-CVE-2010-1958 (Cross-site scripting (XSS) vulnerability in the FileField module 5.x ...)
+CVE-2010-1958
 	NOT-FOR-US: Drupal addon
-CVE-2010-1957 (Directory traversal vulnerability in the Love Factory ...)
+CVE-2010-1957
 	NOT-FOR-US: com_lovefactory component for joomla!
-CVE-2010-1956 (Directory traversal vulnerability in the Gadget Factory ...)
+CVE-2010-1956
 	NOT-FOR-US: com_gadgetfactory component for joomla!
-CVE-2010-1955 (Directory traversal vulnerability in the Deluxe Blog Factory ...)
+CVE-2010-1955
 	NOT-FOR-US: com_blogfactory component for joomla!
-CVE-2010-1954 (Directory traversal vulnerability in the iNetLanka Multiple root ...)
+CVE-2010-1954
 	NOT-FOR-US: com_multiroot component for joomla!
-CVE-2010-1953 (Directory traversal vulnerability in the iNetLanka Multiple Map ...)
+CVE-2010-1953
 	NOT-FOR-US: com_multimap component for joomla!
-CVE-2010-1952 (Directory traversal vulnerability in the BeeHeard (com_beeheard) and ...)
+CVE-2010-1952
 	NOT-FOR-US: com_beeheard component for joomla!
-CVE-2010-1951 (Multiple directory traversal vulnerabilities in 60cycleCMS allow ...)
+CVE-2010-1951
 	NOT-FOR-US: 60cycleCMS
-CVE-2010-1950 (SQL injection vulnerability in the Online News Paper Manager ...)
+CVE-2010-1950
 	NOT-FOR-US: Online News Paper Manager
-CVE-2010-1949 (SQL injection vulnerability in the Online News Paper Manager ...)
+CVE-2010-1949
 	NOT-FOR-US: Online News Paper Manager
-CVE-2010-1948 (Directory traversal vulnerability in scr/soustab.php in openMairie ...)
+CVE-2010-1948
 	NOT-FOR-US: openMairie
-CVE-2010-1947 (Directory traversal vulnerability in scr/soustab.php in openMairie ...)
+CVE-2010-1947
 	NOT-FOR-US: openMairie
-CVE-2010-1946 (Multiple PHP remote file inclusion vulnerabilities in openMairie ...)
+CVE-2010-1946
 	NOT-FOR-US: openMairie
-CVE-2010-1945 (Multiple PHP remote file inclusion vulnerabilities in openMairie ...)
+CVE-2010-1945
 	NOT-FOR-US: openMairie
-CVE-2010-1944 (Multiple PHP remote file inclusion vulnerabilities in openMairie ...)
+CVE-2010-1944
 	NOT-FOR-US: openMairie
-CVE-2010-1943 (Unspecified vulnerability in NEC CapsSuite Small Edition PatchMeister ...)
+CVE-2010-1943
 	NOT-FOR-US: NEC CapsSuite Small Edition
-CVE-2010-1942 (Unspecified vulnerability in the Servlet service in Fujitsu Limited ...)
+CVE-2010-1942
 	NOT-FOR-US: Fujitsu Limited Interstage Application Server
-CVE-2010-1941 (Unspecified vulnerability in NEC WebSAM DeploymentManager 5.13 and ...)
+CVE-2010-1941
 	NOT-FOR-US: NEC WebSAM DeploymentManager
-CVE-2010-1940 (Apple Safari 4.0.5 on Windows sends the &quot;Authorization: Basic&quot; header ...)
+CVE-2010-1940
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: Safari-specific. Chromium and Safari have totally separate HTTP stacks.
-CVE-2010-1939 (Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows ...)
+CVE-2010-1939
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: poc seems to cause a dos in both chromium and webkit; not sure if code execution is possible
 	NOTE: This is Safari only
-CVE-2010-1938 (Off-by-one error in the __opiereadrec function in readrec.c in libopie ...)
+CVE-2010-1938
 	- opie 2.32.dfsg.1-0.2 (low; bug #584932)
 	[lenny] - opie 2.32-10.2+lenny2
-CVE-2010-1937 (Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM ...)
+CVE-2010-1937
 	NOT-FOR-US: SBLIM SFCB
-CVE-2010-1936 (Directory traversal vulnerability in scr/soustab.php in openMairie ...)
+CVE-2010-1936
 	NOT-FOR-US: openMairie openComInterne
-CVE-2010-1935 (Directory traversal vulnerability in scr/soustab.php in openMairie ...)
+CVE-2010-1935
 	NOT-FOR-US: openMairie Openpresse
-CVE-2010-1934 (Multiple PHP remote file inclusion vulnerabilities in openMairie ...)
+CVE-2010-1934
 	NOT-FOR-US: openMairie openPlanning
-CVE-2010-1928 (Directory traversal vulnerability in scr/soustab.php in openMairie ...)
+CVE-2010-1928
 	NOT-FOR-US: openMairie openPlanning
-CVE-2010-1927 (Multiple PHP remote file inclusion vulnerabilities in openMairie ...)
+CVE-2010-1927
 	NOT-FOR-US: openMairie openCourrier
-CVE-2010-1926 (Directory traversal vulnerability in scr/soustab.php in openMairie ...)
+CVE-2010-1926
 	NOT-FOR-US: openMairie openCourrier
-CVE-2010-1925 (SQL injection vulnerability in makale.php in tekno.Portal 0.1b allows ...)
+CVE-2010-1925
 	NOT-FOR-US: tekno.Portal
-CVE-2010-1924 (SQL injection vulnerability in index.php in Hi Web Wiesbaden Live ...)
+CVE-2010-1924
 	NOT-FOR-US: Hi Web Wiesbaden Live Shopping multi Portal System
-CVE-2010-1923 (SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 ...)
+CVE-2010-1923
 	NOT-FOR-US: Hi Web Wiesbaden Web Social Network Community System
-CVE-2010-1922 (Multiple PHP remote file inclusion vulnerabilities in 29o3 CMS 0.1 ...)
+CVE-2010-1922
 	NOT-FOR-US: 29o3 CMS
-CVE-2010-1921 (Multiple PHP remote file inclusion vulnerabilities in OpenMairie ...)
+CVE-2010-1921
 	NOT-FOR-US: OpenMairie openAnnuaire
-CVE-2010-1920 (Directory traversal vulnerability in scr/soustab.php in OpenMairie ...)
+CVE-2010-1920
 	NOT-FOR-US: OpenMairie openAnnuaire
 CVE-2010-1933
 	RESERVED
-CVE-2010-1932 (Heap-based buffer overflow in XnView 1.97.4 and possibly earlier ...)
+CVE-2010-1932
 	NOT-FOR-US: XnView
-CVE-2010-1931 (SQL injection vulnerability in includes/content/cart.inc.php in ...)
+CVE-2010-1931
 	NOT-FOR-US: CubeCart PHP Shopping Cart
-CVE-2010-1930 (Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows ...)
+CVE-2010-1930
 	NOT-FOR-US: Novell iManager
-CVE-2010-1929 (Multiple stack-based buffer overflows in the ...)
+CVE-2010-1929
 	NOT-FOR-US: Novell iImanager
-CVE-2010-1919 (Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 ...)
+CVE-2010-1919
 	NOT-FOR-US: EMC
-CVE-2010-1913 (The default configuration of pluginlicense.ini for the ...)
+CVE-2010-1913
 	NOT-FOR-US: Consona
-CVE-2010-1912 (The SdcWebSecureBase interface in tgctlcm.dll in Consona Live ...)
+CVE-2010-1912
 	NOT-FOR-US: Consona
-CVE-2010-1911 (The site-locking implementation in the SdcWebSecureBase interface in ...)
+CVE-2010-1911
 	NOT-FOR-US: Consona
-CVE-2010-1910 (The Forgot Password implementation in Consona Live Assistance, Dynamic ...)
+CVE-2010-1910
 	NOT-FOR-US: Consona
-CVE-2010-1909 (Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX ...)
+CVE-2010-1909
 	NOT-FOR-US: Consona
-CVE-2010-1908 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...)
+CVE-2010-1908
 	NOT-FOR-US: Consona
-CVE-2010-1907 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...)
+CVE-2010-1907
 	NOT-FOR-US: ConsonA
-CVE-2010-1906 (tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair ...)
+CVE-2010-1906
 	NOT-FOR-US: Consona
-CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona Live ...)
+CVE-2010-1905
 	NOT-FOR-US: Consona
-CVE-2010-1904 (SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client ...)
+CVE-2010-1904
 	NOT-FOR-US: EMC RSA key manager
-CVE-2010-1903 (Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, ...)
+CVE-2010-1903
 	NOT-FOR-US: Microsoft Word
-CVE-2010-1902 (Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 ...)
+CVE-2010-1902
 	NOT-FOR-US: Microsoft Word
-CVE-2010-1901 (Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft ...)
+CVE-2010-1901
 	NOT-FOR-US: Microsoft Word
-CVE-2010-1900 (Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft ...)
+CVE-2010-1900
 	NOT-FOR-US: Microsoft Office Word
-CVE-2010-1899 (Stack consumption vulnerability in the ASP implementation in Microsoft ...)
+CVE-2010-1899
 	NOT-FOR-US: Microsoft IIS
-CVE-2010-1898 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, ...)
+CVE-2010-1898
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-1897 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP ...)
+CVE-2010-1897
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1896 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP ...)
+CVE-2010-1896
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1895 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP ...)
+CVE-2010-1895
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1894 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP ...)
+CVE-2010-1894
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1893 (Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, ...)
+CVE-2010-1893
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1892 (The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows ...)
+CVE-2010-1892
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1891 (The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem ...)
+CVE-2010-1891
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1890 (The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 ...)
+CVE-2010-1890
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1889 (Double free vulnerability in the kernel in Microsoft Windows Vista SP1 ...)
+CVE-2010-1889
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1888 (Race condition in the kernel in Microsoft Windows XP SP3 allows local ...)
+CVE-2010-1888
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1887 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP ...)
+CVE-2010-1887
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1886 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows ...)
+CVE-2010-1886
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1885 (The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help ...)
+CVE-2010-1885
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-1884
 	REJECTED
-CVE-2010-1883 (Integer overflow in the Embedded OpenType (EOT) Font Engine in ...)
+CVE-2010-1883
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1882 (Multiple buffer overflows in the MPEG Layer-3 Audio Codec for ...)
+CVE-2010-1882
 	NOT-FOR-US: MPEG Layer-3 Audio Codec for
-CVE-2010-1881 (The FieldList ActiveX control in the Microsoft Access Wizard Controls ...)
+CVE-2010-1881
 	NOT-FOR-US: Microsoft
-CVE-2010-1880 (Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft ...)
+CVE-2010-1880
 	NOT-FOR-US: Microsoft
-CVE-2010-1879 (Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media ...)
+CVE-2010-1879
 	NOT-FOR-US: Microsoft
-CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) ...)
+CVE-2010-1878
 	NOT-FOR-US: com_orgchart component for joomla!
-CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component ...)
+CVE-2010-1877
 	NOT-FOR-US: com_jtm component for joomla!
-CVE-2010-1876 (SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 ...)
+CVE-2010-1876
 	NOT-FOR-US: AJ Shopping Cart
-CVE-2010-1875 (Directory traversal vulnerability in the Real Estate Property ...)
+CVE-2010-1875
 	NOT-FOR-US: com_properties component for joomla!
-CVE-2010-1874 (SQL injection vulnerability in the Real Estate Property ...)
+CVE-2010-1874
 	NOT-FOR-US: com_properties component for joomla!
-CVE-2010-1873 (SQL injection vulnerability in the Jvehicles (com_jvehicles) component ...)
+CVE-2010-1873
 	NOT-FOR-US: com_jvehicles component for joomla!
-CVE-2010-1872 (Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard ...)
+CVE-2010-1872
 	NOT-FOR-US: FlashCard
-CVE-2010-1918 (SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and ...)
+CVE-2010-1918
 	NOT-FOR-US: EFront ask_chat
-CVE-2010-1917 (Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 ...)
+CVE-2010-1917
 	{DSA-2089-1}
 	- php5 5.3.3-1 (low)
 	[lenny] - php5 <no-dsa> (Minor issue)
-CVE-2010-1916 (The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 ...)
+CVE-2010-1916
 	- serendipity 1.5.3-1
 	[lenny] - serendipity <not-affected> (Only affects >= 1.4)
 	- horde3 <not-affected> (Vulnerable code not included, see bug #585165)
 	- openacs <not-affected> (Doesn't use the PHP interface, see bug #585163)
 	- dotlrn <not-affected> (Doesn't use the PHP interface, see bug #585164)
-CVE-2010-1915 (The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through ...)
+CVE-2010-1915
 	- php5 <removed> (unimportant)
-CVE-2010-1914 (The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows ...)
+CVE-2010-1914
 	- php5 <removed> (unimportant)
-CVE-2010-1871 (JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application ...)
+CVE-2010-1871
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in Struts ...)
+CVE-2010-1870
 	- libstruts1.2-java <not-affected> (issue involves a problem in xwork, which was introduced in struts2)
 	- libspring-2.5-java <not-affected> (Vulnerable code not present)
-CVE-2010-1869 (Stack-based buffer overflow in the parser function in GhostScript 8.70 ...)
+CVE-2010-1869
 	{DSA-2080-1}
 	- ghostscript 8.71~dfsg-4
 	NOTE: http://www.openwall.com/lists/oss-security/2010/05/11/3
-CVE-2010-1868 (The (1) sqlite_single_query and (2) sqlite_array_query functions in ...)
+CVE-2010-1868
 	- php5 <removed> (unimportant)
-CVE-2010-1867 (SQL injection vulnerability in the ...)
+CVE-2010-1867
 	NOT-FOR-US: Campsite
-CVE-2010-1866 (The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP ...)
+CVE-2010-1866
 	- php5 5.3.3-1 (low)
 	[lenny] - php5 <not-affected> (dechunk filter introduced in 5.3)
-CVE-2010-1865 (Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and ...)
+CVE-2010-1865
 	NOT-FOR-US: ClanSphere
-CVE-2010-1864 (The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through ...)
+CVE-2010-1864
 	- php5 5.3.3-1 (unimportant)
-CVE-2010-1863 (SQL injection vulnerability in the shoutbox module ...)
+CVE-2010-1863
 	NOT-FOR-US: ClanTiger
-CVE-2010-1862 (The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through ...)
+CVE-2010-1862
 	- php5 <removed> (unimportant)
-CVE-2010-1861 (The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 ...)
+CVE-2010-1861
 	- php5 <removed> (unimportant)
-CVE-2010-1860 (The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 ...)
+CVE-2010-1860
 	- php5 5.3.3-1 (unimportant)
-CVE-2010-1859 (SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and ...)
+CVE-2010-1859
 	NOT-FOR-US: DeluxeBB
-CVE-2010-1858 (Directory traversal vulnerability in the SMEStorage (com_smestorage) ...)
+CVE-2010-1858
 	NOT-FOR-US: com_smestorage component for joomla!
-CVE-2010-1857 (SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, ...)
+CVE-2010-1857
 	NOT-FOR-US: RepairShop2
-CVE-2010-1856 (Cross-site scripting (XSS) vulnerability in index.php in RepairShop2 ...)
+CVE-2010-1856
 	NOT-FOR-US: RepairShop2
-CVE-2010-1855 (SQL injection vulnerability in auktion.php in Pay Per Watch &amp; Bid ...)
+CVE-2010-1855
 	NOT-FOR-US: Pay Per Watch & Bid Auktions System
-CVE-2010-1854 (Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per ...)
+CVE-2010-1854
 	NOT-FOR-US: Pay Per Watch & Bid Auktions System
-CVE-2010-1853 (Multiple stack-based buffer overflows in the tr_magnetParse function ...)
+CVE-2010-1853
 	- transmission 1.92-1
 	[lenny] - transmission <not-affected> (Support for Magnet links not yet available)
-CVE-2010-1852 (Microsoft Internet Explorer, when the Invisible Hand extension is ...)
+CVE-2010-1852
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1851 (Google Chrome, when the Invisible Hand extension is enabled, uses ...)
+CVE-2010-1851
 	NOT-FOR-US: Invisible Hand extension for chromium
-CVE-2010-1850 (Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 ...)
+CVE-2010-1850
 	{DSA-2057-1}
 	- mysql-5.1 5.1.47-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed>
 CVE-2010-XXXX [wicd changes permissions of resolv.conf]
 	- wicd 1.7.0+ds1-3 (low; bug #582798)
-CVE-2010-1849 (The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through ...)
+CVE-2010-1849
 	{DSA-2057-1}
 	- mysql-5.1 5.1.47-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-1848 (Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 ...)
+CVE-2010-1848
 	{DSA-2057-1}
 	- mysql-5.1 5.1.47-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-1847 (The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
+CVE-2010-1847
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1846 (Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and ...)
+CVE-2010-1846
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
+CVE-2010-1845
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1844 (Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x ...)
+CVE-2010-1844
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1843 (Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote ...)
+CVE-2010-1843
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1842 (Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 ...)
+CVE-2010-1842
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1841 (Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
+CVE-2010-1841
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1840 (Stack-based buffer overflow in the password-validation functionality ...)
+CVE-2010-1840
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-1839
 	RESERVED
-CVE-2010-1838 (Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 ...)
+CVE-2010-1838
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1837 (CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
+CVE-2010-1837
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1836 (Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 ...)
+CVE-2010-1836
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-1835
 	RESERVED
-CVE-2010-1834 (CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
+CVE-2010-1834
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1833 (Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 ...)
+CVE-2010-1833
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1832 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+CVE-2010-1832
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1831 (Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 ...)
+CVE-2010-1831
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1830 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates ...)
+CVE-2010-1830
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1829 (Directory traversal vulnerability in AFP Server in Apple Mac OS X ...)
+CVE-2010-1829
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1828 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
+CVE-2010-1828
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-1827
 	RESERVED
 CVE-2010-1826
 	RESERVED
-CVE-2010-1825 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...)
+CVE-2010-1825
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/66847
-CVE-2010-1824 (Use-after-free vulnerability in WebKit, as used in Apple iTunes before ...)
+CVE-2010-1824
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/66795
-CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...)
+CVE-2010-1823
 	- webkit <not-affected> (vulnerable code not present in 1.2.x series)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/65958
-CVE-2010-1822 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 ...)
+CVE-2010-1822
 	- webkit <not-affected> (rendererIsNeeded function not present in 1.2.x series)
 	- chromium-browser 6.0.472.62~r59676-1
-CVE-2010-1821 (Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through ...)
+CVE-2010-1821
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through ...)
+CVE-2010-1820
 	NOT-FOR-US: Apple Filing Protocol Server
-CVE-2010-1819 (Untrusted search path vulnerability in the Picture Viewer in Apple ...)
+CVE-2010-1819
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-1818 (The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple ...)
+CVE-2010-1818
 	NOT-FOR-US: QuickTime
-CVE-2010-1817 (Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and ...)
+CVE-2010-1817
 	NOT-FOR-US: Apple iOS
-CVE-2010-1816 (Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and ...)
+CVE-2010-1816
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1815 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
+CVE-2010-1815
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-1814 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and ...)
+CVE-2010-1814
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
+CVE-2010-1813
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/63048
-CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
+CVE-2010-1812
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1811 (ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
+CVE-2010-1811
 	NOT-FOR-US: Apple iOS
-CVE-2010-1810 (FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not ...)
+CVE-2010-1810
 	NOT-FOR-US: Apple iOS
-CVE-2010-1809 (The Accessibility component in Apple iOS before 4.1 on the iPhone and ...)
+CVE-2010-1809
 	NOT-FOR-US: Apple iOS
-CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+CVE-2010-1808
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android ...)
+CVE-2010-1807
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
@@ -8884,109 +8884,109 @@ CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; And
 	NOTE: scheme used by webkit (and mozilla). The fix is not to accept "NAN(payload)".
 	NOTE: test-case: -parseFloat("NAN(ffffeeeeeff0f)")
 	NOTE: reproduced with epiphany
-CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
+CVE-2010-1806
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: http://trac.webkit.org/changeset/63772
-CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 ...)
+CVE-2010-1805
 	- webkit <not-affected> (windows-specific issue)
 	- chromium-browser <not-affected> (windows-specific issue)
 	NOTE: This is the windows DLL planting attack
-CVE-2010-1804 (Unspecified vulnerability in the network bridge functionality on the ...)
+CVE-2010-1804
 	NOT-FOR-US: Apple
-CVE-2010-1803 (Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify ...)
+CVE-2010-1803
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly ...)
+CVE-2010-1802
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1801 (Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 ...)
+CVE-2010-1801
 	NOT-FOR-US: CoreGraphics
-CVE-2010-1800 (CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL ...)
+CVE-2010-1800
 	NOT-FOR-US: CFNetwork
-CVE-2010-1799 (Stack-based buffer overflow in the error-logging functionality in ...)
+CVE-2010-1799
 	NOT-FOR-US: Apple QuickTime on Windows
 CVE-2010-1798
 	RESERVED
-CVE-2010-1797 (Multiple stack-based buffer overflows in the ...)
+CVE-2010-1797
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-1796 (The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 ...)
+CVE-2010-1796
 	- webkit <not-affected>
 	- chromium-browser <not-affected>
 	NOTE: Very Safari specific
-CVE-2010-1795 (Untrusted search path vulnerability in Apple iTunes before 9.1, when ...)
+CVE-2010-1795
 	NOT-FOR-US: Apple iTunes on Windows
-CVE-2010-1794 (The webdav_mount function in webdav_vfsops.c in the WebDAV kernel ...)
+CVE-2010-1794
 	NOT-FOR-US: Apple
-CVE-2010-1793 (Multiple use-after-free vulnerabilities in WebKit in Apple Safari ...)
+CVE-2010-1793
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: http://trac.webkit.org/changeset/62482
 	NOTE: http://trac.webkit.org/changeset/62662
 	NOTE: duplicated as cve-2010-2902
-CVE-2010-1792 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1792
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/62386
 	NOTE: Chromium uses a totally different regexp implementation.
-CVE-2010-1791 (Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac ...)
+CVE-2010-1791
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: this is specific to Safari's JavaScript engine
-CVE-2010-1790 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1790
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/62301
 	NOTE: this is specific to Safari's JavaScript engine
-CVE-2010-1789 (Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on ...)
+CVE-2010-1789
 	- webkit <not-affected>
 	- chromium-browser <not-affected>
 	NOTE: this is specific to Safari's JavaScript engine
-CVE-2010-1788 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1788
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=40994
 	NOTE: http://trac.webkit.org/changeset/62482
-CVE-2010-1787 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1787
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: http://trac.webkit.org/changeset/61044
-CVE-2010-1786 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
+CVE-2010-1786
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: http://trac.webkit.org/changeset/61667
 	NOTE: duplicated as cve-2010-2647
-CVE-2010-1785 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1785
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: http://trac.webkit.org/changeset/61050
 	NOTE: http://trac.webkit.org/changeset/61051
-CVE-2010-1784 (The counters functionality in the Cascading Style Sheets (CSS) ...)
+CVE-2010-1784
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: http://trac.webkit.org/changeset/62271
-CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1783
 	{DSA-2188-1}
 	- webkit 1.2.7-1
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: (Chromium Sec) This seems a duplicate of CVE-2010-2899
 	NOTE: http://trac.webkit.org/changeset/62134
-CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1782
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41375
 	NOTE: http://trac.webkit.org/changeset/61921
-CVE-2010-1781 (Double free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
+CVE-2010-1781
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
+CVE-2010-1780
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
@@ -8994,60 +8994,60 @@ CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0
 	NOTE: http://trac.webkit.org/changeset/60984
 CVE-2010-1779
 	RESERVED
-CVE-2010-1778 (Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 ...)
+CVE-2010-1778
 	- webkit <not-affected>
 	- chromium-browser <not-affected>
 	NOTE: Safari only (chromium security team)
-CVE-2010-1777 (Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers ...)
+CVE-2010-1777
 	NOT-FOR-US: Apple iTunes
-CVE-2010-1776 (Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and ...)
+CVE-2010-1776
 	NOT-FOR-US: Apple iOS
-CVE-2010-1775 (Race condition in Passcode Lock in Apple iOS before 4 on the iPhone ...)
+CVE-2010-1775
 	NOT-FOR-US: Apple iPhone Passcode Lock
-CVE-2010-1774 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1774
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38261
 	NOTE: http://trac.webkit.org/changeset/59495
-CVE-2010-1773 (Off-by-one error in the toAlphabetic function in ...)
+CVE-2010-1773
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39508
 	NOTE: http://trac.webkit.org/changeset/59950
-CVE-2010-1772 (Use-after-free vulnerability in page/Geolocation.cpp in WebCore in ...)
+CVE-2010-1772
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39388
 	NOTE: http://trac.webkit.org/changeset/59859
-CVE-2010-1771 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1771
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39453
 	NOTE: http://trac.webkit.org/changeset/59876
-CVE-2010-1770 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1770
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38626
 	NOTE: http://trac.webkit.org/changeset/59795
-CVE-2010-1769 (WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 ...)
+CVE-2010-1769
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: dupe of CVE-2010-1774
-CVE-2010-1768 (Unspecified vulnerability in Apple iTunes before 9.1 allows local ...)
+CVE-2010-1768
 	NOT-FOR-US: Apple iTunes
-CVE-2010-1767 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2010-1767
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36843
 	NOTE: http://trac.webkit.org/changeset/57041
-CVE-2010-1766 (Off-by-one error in the WebSocketHandshake::readServerHandshake ...)
+CVE-2010-1766
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
@@ -9059,174 +9059,174 @@ CVE-2010-1765
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37933
 	NOTE: http://trac.webkit.org/changeset/57995
-CVE-2010-1764 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1764
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=31410
 	NOTE: http://trac.webkit.org/changeset/55157
-CVE-2010-1763 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on ...)
+CVE-2010-1763
 	- webkit <not-affected> (vulnerable code introduced in svn58950, which isn't included in 1.2.1 yet)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39008
 	NOTE: http://trac.webkit.org/changeset/59486
-CVE-2010-1762 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2010-1762
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38922
 	NOTE: http://trac.webkit.org/changeset/59241
 	NOTE: http://trac.webkit.org/changeset/59242
-CVE-2010-1761 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1761
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37760
 	NOTE: http://trac.webkit.org/changeset/59263
-CVE-2010-1760 (loader/DocumentThreadableLoader.cpp in the XMLHttpRequest ...)
+CVE-2010-1760
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37781
 	NOTE: http://trac.webkit.org/changeset/58409
-CVE-2010-1759 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1759
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38583
 	NOTE: http://trac.webkit.org/changeset/59109
-CVE-2010-1758 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1758
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=28697
 	NOTE: http://trac.webkit.org/changeset/59098
-CVE-2010-1757 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not ...)
+CVE-2010-1757
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1756 (The Settings application in Apple iOS before 4 on the iPhone and iPod ...)
+CVE-2010-1756
 	NOT-FOR-US: Apple iPhone
-CVE-2010-1755 (Safari in Apple iOS before 4 on the iPhone and iPod touch does not ...)
+CVE-2010-1755
 	NOT-FOR-US: Apple Safari
-CVE-2010-1754 (Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does ...)
+CVE-2010-1754
 	NOT-FOR-US: Apple Passcode Lock
-CVE-2010-1753 (ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows ...)
+CVE-2010-1753
 	NOT-FOR-US: iOS
-CVE-2010-1752 (Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the ...)
+CVE-2010-1752
 	NOT-FOR-US: Apple CFNetwork
-CVE-2010-1751 (Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch ...)
+CVE-2010-1751
 	NOT-FOR-US: Apple Application Sandbox
-CVE-2010-1750 (Use-after-free vulnerability in Apple Safari before 5.0 on Windows ...)
+CVE-2010-1750
 	NOT-FOR-US: Apple Safari
-CVE-2010-1749 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1749
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=27193
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625
 	NOTE: http://trac.webkit.org/changeset/45941
-CVE-2010-1748 (The cgi_initialize_string function in cgi-bin/var.c in the web ...)
+CVE-2010-1748
 	{DSA-2176-1}
 	- cups 1.4.4-1
 CVE-2010-1747
 	RESERVED
-CVE-2010-1746 (Multiple cross-site scripting (XSS) vulnerabilities in the Table JX ...)
+CVE-2010-1746
 	NOT-FOR-US: com_grid component for joomla!
 CVE-2010-1745
 	REJECTED
-CVE-2010-1744 (SQL injection vulnerability in product.html in B2B Gold Script allows ...)
+CVE-2010-1744
 	NOT-FOR-US: B2B Gold Script
-CVE-2010-1743 (SQL injection vulnerability in projects.php in Scratcher allows remote ...)
+CVE-2010-1743
 	NOT-FOR-US: Scratcher
-CVE-2010-1742 (Cross-site scripting (XSS) vulnerability in projects.php in Scratcher ...)
+CVE-2010-1742
 	NOT-FOR-US: Scratcher
-CVE-2010-1741 (SQL injection vulnerability in request_account.php in Billwerx RC ...)
+CVE-2010-1741
 	NOT-FOR-US: Billwerx
-CVE-2010-1740 (SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows ...)
+CVE-2010-1740
 	NOT-FOR-US: GuppY
-CVE-2010-1739 (SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component ...)
+CVE-2010-1739
 	NOT-FOR-US: com_newsfeeds component for joomla!
 CVE-2010-1738
 	REJECTED
-CVE-2010-1737 (PHP remote file inclusion vulnerability in ...)
+CVE-2010-1737
 	NOT-FOR-US: Gallo
-CVE-2010-1736 (KrM Haber 1.0 stores sensitive information under the web root with ...)
+CVE-2010-1736
 	NOT-FOR-US: KrM Haber
-CVE-2010-1735 (The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft ...)
+CVE-2010-1735
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1734 (The SfnINSTRING function in win32k.sys in the kernel in Microsoft ...)
+CVE-2010-1734
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1733 (Multiple SQL injection vulnerabilities in OCS Inventory NG before ...)
+CVE-2010-1733
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2010-1732 (Cross-site request forgery (CSRF) vulnerability in the users module in ...)
+CVE-2010-1732
 	NOT-FOR-US: Zikula Application Framework
-CVE-2010-1731 (Google Chrome on the HTC Hero allows remote attackers to cause a ...)
+CVE-2010-1731
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: various crashes on window close after opening the file on chromium (including sometimes segfaults)
 	NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects
 	NOTE: not reproducible with chromium-browser 5.0.375.55~r47796-1
-CVE-2010-1730 (Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause ...)
+CVE-2010-1730
 	NOT-FOR-US: Dolphin browser, Konqueror not covered by security support
 	NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects
-CVE-2010-1729 (WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, ...)
+CVE-2010-1729
 	- webkit <unfixed> (unimportant)
 	NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects
 	NOTE: dos-only on webkit
-CVE-2010-1728 (Opera before 10.53 on Windows and Mac OS X does not properly handle a ...)
+CVE-2010-1728
 	NOT-FOR-US: Opera
-CVE-2010-1727 (SQL injection vulnerability in type.asp in JobPost 1.0 allows remote ...)
+CVE-2010-1727
 	NOT-FOR-US: JobPost
-CVE-2010-1726 (SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows ...)
+CVE-2010-1726
 	NOT-FOR-US: EC21
-CVE-2010-1725 (SQL injection vulnerability in offers_buy.php in Alibaba Clone ...)
+CVE-2010-1725
 	NOT-FOR-US: Alibaba Clone Platinum
-CVE-2010-1724 (Multiple cross-site scripting (XSS) vulnerabilities in Zikula ...)
+CVE-2010-1724
 	NOT-FOR-US: Zikula Application Framework
-CVE-2010-1723 (Directory traversal vulnerability in the iNetLanka Contact Us Draw ...)
+CVE-2010-1723
 	NOT-FOR-US: com_drawroot component for joomla!
-CVE-2010-1722 (Directory traversal vulnerability in the Online Market (com_market) ...)
+CVE-2010-1722
 	NOT-FOR-US: com_market component for joomla!
-CVE-2010-1721 (SQL injection vulnerability in the Intellectual Property (aka ...)
+CVE-2010-1721
 	NOT-FOR-US: com_iproperty component for joomla!
-CVE-2010-1720 (SQL injection vulnerability in the Q-Personel (com_qpersonel) ...)
+CVE-2010-1720
 	NOT-FOR-US: com_qpersonel component for joomla!
-CVE-2010-1719 (Directory traversal vulnerability in the MT Fire Eagle ...)
+CVE-2010-1719
 	NOT-FOR-US: com_mtfireeagle component for joomla!
-CVE-2010-1718 (Directory traversal vulnerability in archeryscores.php in the Archery ...)
+CVE-2010-1718
 	NOT-FOR-US: com_archeryscores component for joomla!
-CVE-2010-1717 (Directory traversal vulnerability in the iF surfALERT ...)
+CVE-2010-1717
 	NOT-FOR-US: com_if_surfalert component for joomla!
-CVE-2010-1716 (SQL injection vulnerability in the Agenda Address Book (com_agenda) ...)
+CVE-2010-1716
 	NOT-FOR-US: com_agenda component for joomla!
-CVE-2010-1715 (Directory traversal vulnerability in the Online Examination (aka ...)
+CVE-2010-1715
 	NOT-FOR-US: com_onlineexam component for joomla!
-CVE-2010-1714 (Directory traversal vulnerability in the Arcade Games ...)
+CVE-2010-1714
 	NOT-FOR-US: com_arcadegames component for joomla!
-CVE-2010-1713 (SQL injection vulnerability in modules.php in PostNuke 0.764 allows ...)
+CVE-2010-1713
 	NOT-FOR-US: PostNuke
-CVE-2010-1712 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-1712
 	NOT-FOR-US: Webmobo WB News
-CVE-2010-1711 (Cross-site scripting (XSS) vulnerability in carga_foto_al.php in ...)
+CVE-2010-1711
 	NOT-FOR-US: Siestta
-CVE-2010-1710 (Directory traversal vulnerability in login.php in Siestta 2.0, when ...)
+CVE-2010-1710
 	NOT-FOR-US: Siestta
-CVE-2010-1709 (Multiple cross-site scripting (XSS) vulnerabilities in upload.cgi in ...)
+CVE-2010-1709
 	NOT-FOR-US: G5-Scripts
-CVE-2010-1708 (Multiple SQL injection vulnerabilities in agentadmin.php in Free ...)
+CVE-2010-1708
 	NOT-FOR-US: Free Realty
-CVE-2010-1707 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
+CVE-2010-1707
 	- piwigo 2.0.10-1
-CVE-2010-1706 (Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction ...)
+CVE-2010-1706
 	NOT-FOR-US: 2daybiz Auction Script
-CVE-2010-1705 (SQL injection vulnerability in casting_view.php in Modelbook allows ...)
+CVE-2010-1705
 	NOT-FOR-US: Modelbook
-CVE-2010-1704 (Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced ...)
+CVE-2010-1704
 	NOT-FOR-US: 2daybiz Polls Script
-CVE-2010-1703 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-1703
 	NOT-FOR-US: 2daybiz Polls Script
-CVE-2010-1702 (SQL injection vulnerability in submitticket.php in WHMCompleteSolution ...)
+CVE-2010-1702
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2010-1701 (SQL injection vulnerability in browse.html in PHP Video Battle Script ...)
+CVE-2010-1701
 	NOT-FOR-US: PHP Video Battle Script
 CVE-2010-1700
 	REJECTED
@@ -9242,7 +9242,7 @@ CVE-2010-1695
 	REJECTED
 CVE-2010-1694
 	REJECTED
-CVE-2010-1693 (openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows ...)
+CVE-2010-1693
 	NOT-FOR-US: OpenFabrics Enterprise Distribution (OFED)
 	NOTE: openibd is part of ofa-kernel (ofa_1_5_kernel-20101028-0200/ofed_scripts/openibd), fixed in 2010-10-28 build
 	NOTE: http://www.openfabrics.org/downloads/ofa_1_5_kernel/
@@ -9251,17 +9251,17 @@ CVE-2010-1692
 	REJECTED
 CVE-2010-1691
 	REJECTED
-CVE-2010-1690 (The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in ...)
+CVE-2010-1690
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1689 (The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in ...)
+CVE-2010-1689
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1688 (Stack-based buffer overflow in 2BrightSparks SyncBack Freeware ...)
+CVE-2010-1688
 	NOT-FOR-US: 2BrightSparks SyncBack Freeware
-CVE-2010-1687 (Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows ...)
+CVE-2010-1687
 	NOT-FOR-US: Mocha W32 LPD
-CVE-2010-1686 (Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2) ABC ...)
+CVE-2010-1686
 	NOT-FOR-US: Urgent Backup
-CVE-2010-1685 (Stack-based buffer overflow in CursorArts ZipWrangler 1.20 allows ...)
+CVE-2010-1685
 	NOT-FOR-US: CursorArts ZipWrangler
 CVE-2010-1684
 	RESERVED
@@ -9269,27 +9269,27 @@ CVE-2010-1683
 	RESERVED
 CVE-2010-1682
 	RESERVED
-CVE-2010-1681 (Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office ...)
+CVE-2010-1681
 	NOT-FOR-US: Microsoft Office Visio
 CVE-2010-1680
 	REJECTED
-CVE-2010-1679 (Directory traversal vulnerability in dpkg-source in dpkg before ...)
+CVE-2010-1679
 	{DSA-2142-1}
 	- dpkg 1.15.8.8
 CVE-2010-1678
 	RESERVED
 	- mapserver 5.6.5-2
 	NOTE: http://trac.osgeo.org/mapserver/ticket/3641
-CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
+CVE-2010-1677
 	- mhonarc 2.6.18-1 (low)
 	[squeeze] - mhonarc <no-dsa> (Minor issue)
-CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
+CVE-2010-1676
 	{DSA-2136-1}
 	- tor 0.2.1.26-6
-CVE-2010-1675 (bgpd in Quagga before 0.99.18 allows remote attackers to cause a ...)
+CVE-2010-1675
 	{DSA-2197-1}
 	- quagga 0.99.18-1
-CVE-2010-1674 (The extended-community parser in bgpd in Quagga before 0.99.18 allows ...)
+CVE-2010-1674
 	{DSA-2197-1}
 	- quagga 0.99.18-1
 CVE-2010-1673 [ikiwiki xss due to insufficient html scrubbing]
@@ -9299,109 +9299,109 @@ CVE-2010-1673 [ikiwiki xss due to insufficient html scrubbing]
 	[lenny] - ikiwiki <not-affected>
 CVE-2010-1672
 	RESERVED
-CVE-2010-1671 (hsolinkcontrol in hsolink 1.0.118 allows local users to gain ...)
+CVE-2010-1671
 	- hsolink <removed> (bug #590670)
-CVE-2010-1670 (Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has ...)
+CVE-2010-1670
 	{DSA-2067-1}
 	- mahara 1.2.5-1
-CVE-2010-1669 (SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x ...)
+CVE-2010-1669
 	- mahara 1.2.5-1
 	[lenny] - mahara <not-affected>
-CVE-2010-1668 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara ...)
+CVE-2010-1668
 	{DSA-2067-1}
 	- mahara 1.2.5-1
-CVE-2010-1667 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara before ...)
+CVE-2010-1667
 	{DSA-2067-1}
 	- mahara 1.2.5-1
-CVE-2010-1666 (Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding ...)
+CVE-2010-1666
 	{DSA-2068-1}
 	- python-cjson 1.0.5-3 (bug #587700)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274
-CVE-2010-1665 (Google Chrome before 4.1.249.1064 does not properly handle fonts, ...)
+CVE-2010-1665
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/58201
-CVE-2010-1664 (Google Chrome before 4.1.249.1064 does not properly handle HTML5 ...)
+CVE-2010-1664
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/57922
-CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google ...)
+CVE-2010-1663
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (issue is in google url; i.e. chromium-specific)
-CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in ...)
+CVE-2010-1662
 	NOT-FOR-US: PHP-Quick-Arcade
-CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) ...)
+CVE-2010-1661
 	NOT-FOR-US: PHP-Quick-Arcade
-CVE-2010-1660 (SQL injection vulnerability in help-details.php in CLScript ...)
+CVE-2010-1660
 	NOT-FOR-US: CLScript Classifieds Script
-CVE-2010-1659 (Directory traversal vulnerability in the Ultimate Portfolio ...)
+CVE-2010-1659
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1658 (Directory traversal vulnerability in the Code-Garage NoticeBoard ...)
+CVE-2010-1658
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1657 (Directory traversal vulnerability in the SmartSite (com_smartsite) ...)
+CVE-2010-1657
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1656 (SQL injection vulnerability in the Airiny ABC (com_abc) component ...)
+CVE-2010-1656
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1655 (Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in ...)
+CVE-2010-1655
 	NOT-FOR-US: PowerEasy
-CVE-2010-1654 (Multiple SQL injection vulnerabilities in system_member_login.php in ...)
+CVE-2010-1654
 	NOT-FOR-US: Infocus Real Estate Enterprise Edition
-CVE-2010-1653 (Directory traversal vulnerability in graphics.php in the Graphics ...)
+CVE-2010-1653
 	NOT-FOR-US: Graphics component for Joomla!
-CVE-2010-1652 (Directory traversal vulnerability in the HelpCenter module in Help ...)
+CVE-2010-1652
 	NOT-FOR-US: Help Center Live
-CVE-2010-1651 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x ...)
+CVE-2010-1651
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-1650 (IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x ...)
+CVE-2010-1650
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-1649 (Multiple cross-site scripting (XSS) vulnerabilities in the back end in ...)
+CVE-2010-1649
 	NOT-FOR-US: Joomla!
-CVE-2010-1648 (Cross-site request forgery (CSRF) vulnerability in the login interface ...)
+CVE-2010-1648
 	- mediawiki 1:1.15.4-1 (bug #585918; low)
 	[lenny] - mediawiki 1:1.12.0-2lenny6
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
-CVE-2010-1647 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before ...)
+CVE-2010-1647
 	- mediawiki 1:1.15.4-1 (bug #585918; low)
 	[lenny] - mediawiki 1:1.12.0-2lenny6
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
-CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and ...)
+CVE-2010-1646
 	{DSA-2062-1}
 	- sudo 1.7.2p7-1 (bug #585394)
-CVE-2010-1645 (Cacti before 0.8.7f, as used in Red Hat High Performance Computing ...)
+CVE-2010-1645
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-1644 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti before ...)
+CVE-2010-1644
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-1643 (mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict ...)
+CVE-2010-1643
 	- linux-2.6 2.6.28-1
 	[lenny] - linux-2.6 2.6.26-23
-CVE-2010-1642 (The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in ...)
+CVE-2010-1642
 	- samba 2:3.5.4~dfsg-2 (unimportant)
 	NOTE: Only crashes a single connection, not the entire smbd
-CVE-2010-1641 (The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel ...)
+CVE-2010-1641
 	- linux-2.6 2.6.32-16
 	[lenny] - linux-2.6 2.6.26-23
-CVE-2010-1640 (Off-by-one error in the parseicon function in libclamav/pe_icons.c in ...)
+CVE-2010-1640
 	- clamav 0.96.1+dfsg-1 (bug #584183)
 	[lenny] - clamav <end-of-life>
-CVE-2010-1639 (The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows ...)
+CVE-2010-1639
 	- clamav 0.96.1+dfsg-1 (bug #584183)
 	[lenny] - clamav <end-of-life>
-CVE-2010-1638 (The IMP plugin in Horde allows remote attackers to bypass firewall ...)
+CVE-2010-1638
 	- horde3 <unfixed> (unimportant)
-CVE-2010-1637 (The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote ...)
+CVE-2010-1637
 	- squirrelmail 2:1.4.21-1 (unimportant)
-CVE-2010-1636 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs ...)
+CVE-2010-1636
 	- linux-2.6 2.6.32-14
 	[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.32)
-CVE-2010-1635 (The chain_reply function in process.c in smbd in Samba before 3.4.8 ...)
+CVE-2010-1635
 	- samba 2:3.6.1-2 (unimportant)
 	NOTE: http://git.samba.org/?p=samba.git;a=commitdiff;h=25452a2268ac7013da28125f3df22085139af12d
 	NOTE: Only crashes a single connection, not the entire smbd
-CVE-2010-1634 (Multiple integer overflows in audioop.c in the audioop module in ...)
+CVE-2010-1634
 	- python3.1 3.1.2+20100822-1 (low)
 	- python2.7 2.7-1 (low)
 	- python2.6 2.6.6-1 (low)
@@ -9409,140 +9409,140 @@ CVE-2010-1634 (Multiple integer overflows in audioop.c in the audioop module in
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-1633 (RSA verification recovery in the EVP_PKEY_verify_recover function in ...)
+CVE-2010-1633
 	- openssl <not-affected> (This bug is only present in OpenSSL 1.0.0, first version of 1.0.0 ever uploaded was 1.0.0c)
-CVE-2010-1632 (Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server ...)
+CVE-2010-1632
 	- axis2c 1.6.0-1
 CVE-2010-1631
 	REJECTED
-CVE-2010-1630 (Unspecified vulnerability in posting.php in phpBB before 3.0.5 has ...)
+CVE-2010-1630
 	- phpbb3 3.0.7-PL1-1 (low)
 	[lenny] - phpbb3 <no-dsa> (Minor issue)
-CVE-2010-1629 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 ...)
+CVE-2010-1629
 	NOT-FOR-US: Phorum
-CVE-2010-1628 (Ghostscript 8.64, 8.70, and possibly other versions allows ...)
+CVE-2010-1628
 	{DSA-2093-1}
 	- ghostscript 8.71~dfsg2-4 (medium; bug #584516)
 	NOTE: no upstream fix available, see issue #1 in ubuntu bug report:
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/546009
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=691295
-CVE-2010-1627 (feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check ...)
+CVE-2010-1627
 	- phpbb3 3.0.7-PL1-1 (low)
 	[lenny] - phpbb3 <no-dsa> (Minor issue)
-CVE-2010-1626 (MySQL before 5.1.46 allows local users to delete the data and index ...)
+CVE-2010-1626
 	{DSA-2057-1}
 	- mysql-5.1 5.1.46-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed> (low; bug #584400)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=553648
-CVE-2010-1625 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer ...)
+CVE-2010-1625
 	{DSA-2092-1}
 	- lxr <removed> (low; bug #588138)
 	[lenny] - lxr <no-dsa> (Minor issue)
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588137)
-CVE-2010-1624 (The msn_emoticon_msg function in slp.c in the MSN protocol plugin in ...)
+CVE-2010-1624
 	- pidgin 2.7.0-1 (low)
 	[lenny] - pidgin 2.4.3-4lenny6
 	NOTE: MSN support was disabled in 2.4.3-4lenny6
-CVE-2010-1623 (Memory leak in the apr_brigade_split_line function in ...)
+CVE-2010-1623
 	{DSA-2117-1}
 	- apr-util 1.3.9+dfsg-4 (medium)
 	- apache2 2.2.16-3
 	[lenny] - apache2 <not-affected> (vulnerable code introduced in 2.2.15-2 or -3)
-CVE-2010-1622 (SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before ...)
+CVE-2010-1622
 	- libspring-2.5-java 2.5.6.SEC02-1 (medium)
-CVE-2010-1621 (The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 ...)
+CVE-2010-1621
 	- mysql-5.1 5.1.46-1
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=590190
-CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c in ...)
+CVE-2010-1620
 	- gnustep-base 1.19.3-2 (bug #584401)
 	[lenny] - gnustep-base <no-dsa> (Minor issue)
-CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...)
+CVE-2010-1612
 	NOT-FOR-US: IBM WebSphere DataPower XML Accelerator
-CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...)
+CVE-2010-1611
 	NOT-FOR-US: AlegroCart
-CVE-2010-1610 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+CVE-2010-1610
 	NOT-FOR-US: OpenCart
-CVE-2010-1609 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before ...)
+CVE-2010-1609
 	NOT-FOR-US: SAP NetWeaver
-CVE-2010-1608 (Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and ...)
+CVE-2010-1608
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2010-1607 (Directory traversal vulnerability in wmi.php in the Webmoney Web ...)
+CVE-2010-1607
 	NOT-FOR-US: Webmoney Web Merchant Interface component for Joomla!
-CVE-2010-1606 (Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal ...)
+CVE-2010-1606
 	NOT-FOR-US: NCT Jobs Portal Script
-CVE-2010-1605 (Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs ...)
+CVE-2010-1605
 	NOT-FOR-US: NCT Jobs Portal Script
-CVE-2010-1604 (Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs ...)
+CVE-2010-1604
 	NOT-FOR-US: NCT Jobs Portal Script
-CVE-2010-1603 (Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or ...)
+CVE-2010-1603
 	NOT-FOR-US: ZiMB Core component for Joomla!
-CVE-2010-1602 (Directory traversal vulnerability in the ZiMB Comment ...)
+CVE-2010-1602
 	NOT-FOR-US: ZiMB Comment component for Joomla!
-CVE-2010-1601 (Directory traversal vulnerability in the JA Comment (com_jacomment) ...)
+CVE-2010-1601
 	NOT-FOR-US: JA Comment component for Joomla!
-CVE-2010-1600 (SQL injection vulnerability in the Media Mall Factory (com_mediamall) ...)
+CVE-2010-1600
 	NOT-FOR-US: Media Mall Factory component for Joomla!
-CVE-2010-1599 (SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and ...)
+CVE-2010-1599
 	NOT-FOR-US: NKInFoWeb
-CVE-2010-1598 (phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ...)
+CVE-2010-1598
 	NOT-FOR-US: phpThumb()
-CVE-2010-1597 (Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 ...)
+CVE-2010-1597
 	NOT-FOR-US: ZipGenius
-CVE-2010-1619 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2010-1619
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (low; bug #585425)
 	- wordpress <not-affected> (Vulnerable code not present)
 	- egroupware <not-affected> (Vulneable code not present)
-CVE-2010-1618 (Cross-site scripting (XSS) vulnerability in the phpCAS client library ...)
+CVE-2010-1618
 	{DSA-2115-1}
 	- libphp-cas <itp> (bug #495542)
 	- moodle 1.9.8-1 (low; bug #574757)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2010-1617 (user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 ...)
+CVE-2010-1617
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (unimportant; bug #585427)
 	NOTE: i have a hard time seeing the security impact, moodle is a course management
 	NOTE: system and the real names of your colleagues are probably not a secret, since
 	NOTE: a patch exists I filed a bug anyway
-CVE-2010-1616 (Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when ...)
+CVE-2010-1616
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1615 (Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 ...)
+CVE-2010-1615
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x ...)
+CVE-2010-1614
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1613 (Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the &quot;Regenerate ...)
+CVE-2010-1613
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1596 (Support Incident Tracker before 3.51, when using LDAP authentication ...)
+CVE-2010-1596
 	NOT-FOR-US: Support Incident Tracker
-CVE-2010-1595 (Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS ...)
+CVE-2010-1595
 	- ocsinventory-server 1.02.1-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2010-1594 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-1594
 	- ocsinventory-server 1.02.1-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2010-1593 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
+CVE-2010-1593
 	- silverstripe <itp> (bug #528461)
-CVE-2010-1592 (sandra.sys 15.18.1.1 and earlier in the Sandra Device Driver in ...)
+CVE-2010-1592
 	NOT-FOR-US: SiSoftware Sandra
-CVE-2010-1591 (Beijing Rising International Rising Antivirus 2008 through 2010 does ...)
+CVE-2010-1591
 	NOT-FOR-US: Beijing Rising International Rising Antivirus
-CVE-2010-1590 (Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in ...)
+CVE-2010-1590
 	NOT-FOR-US: Rocksalt International VP-ASP Shopping Cart
-CVE-2010-1589 (Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt ...)
+CVE-2010-1589
 	NOT-FOR-US: Rocksalt International VP-ASP Shopping Cart
-CVE-2010-1588 (SQL injection vulnerability in the Getwebsess function in ...)
+CVE-2010-1588
 	NOT-FOR-US: Rocksalt International VP-ASP Shopping Cart
-CVE-2010-1587 (The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and ...)
+CVE-2010-1587
 	NOT-FOR-US: Apache ActiveMQ
-CVE-2010-1586 (Open redirect vulnerability in red2301.html in HP System Management ...)
+CVE-2010-1586
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-1585 (The nsIScriptableUnescapeHTML.parseFragment method in the ...)
+CVE-2010-1585
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -9553,235 +9553,235 @@ CVE-2010-1585 (The nsIScriptableUnescapeHTML.parseFragment method in the ...)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-1584 (Cross-site scripting (XSS) vulnerability in the Context module before ...)
+CVE-2010-1584
 	NOT-FOR-US: Context module for drupal
-CVE-2010-1583 (SQL injection vulnerability in the loadByKey function in the ...)
+CVE-2010-1583
 	NOT-FOR-US: Tirzen Framework
 CVE-2010-1582
 	RESERVED
-CVE-2010-1581 (Unspecified vulnerability in the Transport Layer Security (TLS) ...)
+CVE-2010-1581
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1580 (Unspecified vulnerability in the SunRPC inspection feature on Cisco ...)
+CVE-2010-1580
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1579 (Unspecified vulnerability in the SunRPC inspection feature on Cisco ...)
+CVE-2010-1579
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1578 (Unspecified vulnerability in the SunRPC inspection feature on Cisco ...)
+CVE-2010-1578
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1577 (Directory traversal vulnerability in Cisco Internet Streamer, as used ...)
+CVE-2010-1577
 	NOT-FOR-US: Cisco
-CVE-2010-1576 (The Cisco Content Services Switch (CSS) 11500 with software before ...)
+CVE-2010-1576
 	NOT-FOR-US: Cisco
-CVE-2010-1575 (The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 ...)
+CVE-2010-1575
 	NOT-FOR-US: Cisco
-CVE-2010-1574 (IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 ...)
+CVE-2010-1574
 	NOT-FOR-US: Cisco
-CVE-2010-1573 (Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded ...)
+CVE-2010-1573
 	NOT-FOR-US: Linksys firmware
-CVE-2010-1572 (Unspecified vulnerability in the tech support diagnostic shell in ...)
+CVE-2010-1572
 	NOT-FOR-US: Cisco
-CVE-2010-1571 (Directory traversal vulnerability in the bootstrap service in Cisco ...)
+CVE-2010-1571
 	NOT-FOR-US: Cisco
-CVE-2010-1570 (The computer telephony integration (CTI) server component in Cisco ...)
+CVE-2010-1570
 	NOT-FOR-US: Cisco
 CVE-2010-1569
 	RESERVED
-CVE-2010-1568 (The Send Secure functionality in the Cisco IronPort Desktop Flag ...)
+CVE-2010-1568
 	NOT-FOR-US: Cisco IronPort Desktop Flag Plug-in for Microsoft Outlook
-CVE-2010-1567 (The SIP implementation on the Cisco PGW 2200 Softswitch with software ...)
+CVE-2010-1567
 	NOT-FOR-US: Cisco PGW
 CVE-2010-1566
 	RESERVED
-CVE-2010-1565 (Unspecified vulnerability in the SIP implementation on the Cisco PGW ...)
+CVE-2010-1565
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1563 (The SIP implementation on the Cisco PGW 2200 Softswitch with software ...)
+CVE-2010-1563
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1562 (The SIP implementation on the Cisco PGW 2200 Softswitch with software ...)
+CVE-2010-1562
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1561 (The SIP implementation on the Cisco PGW 2200 Softswitch with software ...)
+CVE-2010-1561
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1560 (Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 ...)
+CVE-2010-1560
 	NOT-FOR-US: IBM DB2
-CVE-2010-1559 (SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) ...)
+CVE-2010-1559
 	NOT-FOR-US: com_sermonspeaker component for joomla!
 CVE-2010-2447 [gitolite "not filtering src/ or hooks/ from pathnames"]
 	RESERVED
 	- gitolite 1.4.2-1 (low)
 	NOTE: http://secunia.com/advisories/39587/
-CVE-2010-2448 (znc.cpp in ZNC before 0.092 allows remote authenticated users to cause ...)
+CVE-2010-2448
 	- gitolite 1.4.2-1 (medium)
 	NOTE: http://secunia.com/advisories/39587/
-CVE-2010-1558 (Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital ...)
+CVE-2010-1558
 	NOT-FOR-US: HP MFP Digital Sending Software
-CVE-2010-1557 (Multiple cross-site scripting (XSS) vulnerabilities in HP Insight ...)
+CVE-2010-1557
 	NOT-FOR-US: HP Insight Control Server Migration
-CVE-2010-1556 (Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 ...)
+CVE-2010-1556
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-1555 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network ...)
+CVE-2010-1555
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1554 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network ...)
+CVE-2010-1554
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1553 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network ...)
+CVE-2010-1553
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1552 (Stack-based buffer overflow in the doLoad function in snmpviewer.exe ...)
+CVE-2010-1552
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1551 (Stack-based buffer overflow in the _OVParseLLA function in ov.dll in ...)
+CVE-2010-1551
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1550 (Format string vulnerability in ovet_demandpoll.exe in HP OpenView ...)
+CVE-2010-1550
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1549 (Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 ...)
+CVE-2010-1549
 	NOT-FOR-US: HP LoadRunner
-CVE-2010-1548 (The auto-complete functionality in the Chaos Tool Suite (aka CTools) ...)
+CVE-2010-1548
 	NOT-FOR-US: CTools module for Drupal
-CVE-2010-1547 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2010-1547
 	NOT-FOR-US: CTools module for Drupal
-CVE-2010-1546 (Multiple eval injection vulnerabilities in the import functionality in ...)
+CVE-2010-1546
 	NOT-FOR-US: CTools module for Drupal
 CVE-2010-1545
 	RESERVED
-CVE-2010-1544 (micro_httpd on the RCA DCM425 cable modem allows remote attackers to ...)
+CVE-2010-1544
 	NOT-FOR-US: RCA DCM425 Cable Modem
-CVE-2010-1543 (Cross-site scripting (XSS) vulnerability in the eTracker module before ...)
+CVE-2010-1543
 	NOT-FOR-US: eTracker module for drupal
-CVE-2010-1542 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2010-1542
 	NOT-FOR-US: DFD Cart
-CVE-2010-1541 (Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, ...)
+CVE-2010-1541
 	NOT-FOR-US: DFD Cart
-CVE-2010-1540 (Directory traversal vulnerability in index.php in the MyBlog ...)
+CVE-2010-1540
 	NOT-FOR-US: com_myblog component for joomla!
-CVE-2010-1539 (Cross-site scripting (XSS) vulnerability in the Workflow module ...)
+CVE-2010-1539
 	NOT-FOR-US: workflow module for drupal
-CVE-2010-1538 (SQL injection vulnerability in print_raincheck.php in phpRAINCHECK ...)
+CVE-2010-1538
 	NOT-FOR-US: phpRAINCHECK
-CVE-2010-1537 (Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier ...)
+CVE-2010-1537
 	NOT-FOR-US: phpCDB
-CVE-2010-1536 (Cross-site scripting (XSS) vulnerability in the AddThis Button module ...)
+CVE-2010-1536
 	NOT-FOR-US: AddThis Button module for drupal
-CVE-2010-1535 (Directory traversal vulnerability in the TRAVELbook (com_travelbook) ...)
+CVE-2010-1535
 	NOT-FOR-US: com_travelbook component for joomla!
-CVE-2010-1534 (Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) ...)
+CVE-2010-1534
 	NOT-FOR-US: com_shoutbox component for joomla!
-CVE-2010-1533 (Directory traversal vulnerability in the TweetLA (com_tweetla) ...)
+CVE-2010-1533
 	NOT-FOR-US: com_tweetla component for joomla!
-CVE-2010-1532 (Directory traversal vulnerability in the givesight PowerMail Pro ...)
+CVE-2010-1532
 	NOT-FOR-US: com_powermail component for joomla!
-CVE-2010-1531 (Directory traversal vulnerability in the redSHOP (com_redshop) ...)
+CVE-2010-1531
 	NOT-FOR-US: com_redshop component for joomla!
-CVE-2010-1530 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2010-1530
 	NOT-FOR-US: Internationalization module for drupal
-CVE-2010-1529 (SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) ...)
+CVE-2010-1529
 	NOT-FOR-US: com_fsf component for joomla!
-CVE-2010-1528 (PHP remote file inclusion vulnerability in include/template.php in ...)
+CVE-2010-1528
 	NOT-FOR-US: Uiga Proxy
-CVE-2010-1527 (Stack-based buffer overflow in Novell iPrint Client before 5.44 allows ...)
+CVE-2010-1527
 	NOT-FOR-US: Novell iPrint Client
-CVE-2010-1526 (Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow ...)
+CVE-2010-1526
 	- libgdiplus 2.6.7-2 (low; bug #594155)
 	[lenny] - libgdiplus 1.9-1+lenny1
-CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in ...)
+CVE-2010-1525
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 ...)
+CVE-2010-1524
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-1523 (Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in ...)
+CVE-2010-1523
 	NOT-FOR-US: Winamp
-CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic ...)
+CVE-2010-1522
 	NOT-FOR-US: com_booklibrary component for joomla!
-CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in ...)
+CVE-2010-1521
 	NOT-FOR-US: TaskFreak! Original multi user
-CVE-2010-1520 (Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! ...)
+CVE-2010-1520
 	NOT-FOR-US: TaskFreak! Original multi user
-CVE-2010-1519 (Multiple integer overflows in glpng.c in glpng 1.45 allow ...)
+CVE-2010-1519
 	- libglpng <removed> (low; bug #595171)
 	[lenny] - libglpng <no-dsa> (Minor issue)
-CVE-2010-1518 (Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 ...)
+CVE-2010-1518
 	NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
-CVE-2010-1517 (The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers ...)
+CVE-2010-1517
 	NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
-CVE-2010-1516 (Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to ...)
+CVE-2010-1516
 	NOT-FOR-US: SWFtools (were once packaged)
-CVE-2010-1515 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-1515
 	NOT-FOR-US: TomatoCMS
-CVE-2010-1514 (Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier ...)
+CVE-2010-1514
 	NOT-FOR-US: TomatoCMS
-CVE-2010-1513 (Multiple integer overflows in src/image.c in Ziproxy before 3.0.1 ...)
+CVE-2010-1513
 	- ziproxy 3.1.0-1 (bug #584933)
 	[lenny] - ziproxy <no-dsa> (Minor issue, obscure attack vector)
-CVE-2010-1512 (Directory traversal vulnerability in aria2 before 1.9.3 allows remote ...)
+CVE-2010-1512
 	{DSA-2047-1}
 	- aria2 1.9.3-1
 	NOTE: http://seclists.org/fulldisclosure/2010/May/168
-CVE-2010-1511 (KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request ...)
+CVE-2010-1511
 	- kdenetwork 4:4.4.4-1 (low)
 	[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
 	NOTE: http://seclists.org/fulldisclosure/2010/May/164
-CVE-2010-1510 (Heap-based buffer overflow in IrfanView before 4.27 allows remote ...)
+CVE-2010-1510
 	NOT-FOR-US: IrfanView
-CVE-2010-1509 (IrfanView before 4.27 does not properly handle an unspecified integer ...)
+CVE-2010-1509
 	NOT-FOR-US: IrfanView
-CVE-2010-1508 (Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows ...)
+CVE-2010-1508
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-1507 (WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the ...)
+CVE-2010-1507
 	NOT-FOR-US: YAST
-CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059 allow ...)
+CVE-2010-1506
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (doesn't use v8 bindings yet)
 	NOTE: http://trac.webkit.org/changeset/45826
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37210
 	NOTE: http://trac.webkit.org/changeset/57224
-CVE-2010-1505 (Google Chrome before 4.1.249.1059 does not prevent pages from loading ...)
+CVE-2010-1505
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific issue)
-CVE-2010-1504 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+CVE-2010-1504
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific issue)
-CVE-2010-1503 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+CVE-2010-1503
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific issue)
-CVE-2010-1502 (Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows ...)
+CVE-2010-1502
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific directory traversal)
 CVE-2010-1501
 	REJECTED
-CVE-2010-1500 (Google Chrome before 4.1.249.1059 does not properly support forms, ...)
+CVE-2010-1500
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (proof-of-concept not effective; chromium-specific issue)
-CVE-2010-1499 (SQL injection vulnerability in genre_artists.php in MusicBox 3.3 ...)
+CVE-2010-1499
 	NOT-FOR-US: MusicBox
-CVE-2010-1498 (Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow ...)
+CVE-2010-1498
 	NOT-FOR-US: dl_stats
-CVE-2010-1497 (Cross-site scripting (XSS) vulnerability in download_proc.php in ...)
+CVE-2010-1497
 	NOT-FOR-US: dl_stats
-CVE-2010-1496 (SQL injection vulnerability in the JoltCard (com_joltcard) component ...)
+CVE-2010-1496
 	NOT-FOR-US: com_joltcard component for joomla!
-CVE-2010-1495 (Directory traversal vulnerability in the Matamko (com_matamko) ...)
+CVE-2010-1495
 	NOT-FOR-US: com_matamko component for joomla!
-CVE-2010-1494 (Directory traversal vulnerability in the AWDwall (com_awdwall) ...)
+CVE-2010-1494
 	NOT-FOR-US: com_awdwall component for joomla!
-CVE-2010-1493 (SQL injection vulnerability in the AWDwall (com_awdwall) component ...)
+CVE-2010-1493
 	NOT-FOR-US: com_awdwall component for joomla!
-CVE-2010-1492 (Directory traversal vulnerability in help/frameRight.php in Elastix ...)
+CVE-2010-1492
 	NOT-FOR-US: Elastix
-CVE-2010-1491 (Directory traversal vulnerability in the MMS Blog (com_mmsblog) ...)
+CVE-2010-1491
 	NOT-FOR-US: com_mmsblog component for joomla!
-CVE-2010-1490 (Unspecified vulnerability in IBM Cognos 8 Business Intelligence before ...)
+CVE-2010-1490
 	NOT-FOR-US: IBM Cognos
 CVE-2010-XXXX [prosody password world-readable]
 	- prosody 0.7.0-1 (low; bug #579087)
 CVE-2010-XXXX [gnome-orca: shell access without logon]
 	- gnome-orca 2.30.0-2 (bug #578928)
 	[lenny] - gnome-orca <not-affected> (Doesn't affect Lenny's version)
-CVE-2010-1431 (SQL injection vulnerability in templates_export.php in Cacti 0.8.7e ...)
+CVE-2010-1431
 	{DSA-2039-1}
 	- cacti 0.8.7e-3 (bug #578909)
 	NOTE: http://seclists.org/fulldisclosure/2010/Apr/272
 	NOTE: http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch
-CVE-2010-1489 (The XSS Filter in Microsoft Internet Explorer 8 does not properly ...)
+CVE-2010-1489
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1488 (The proc_oom_score function in fs/proc/base.c in the Linux kernel ...)
+CVE-2010-1488
 	- linux-2.6 2.6.32-12
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.32)
-CVE-2010-1487 (IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in ...)
+CVE-2010-1487
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2010-1486 (Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in ...)
+CVE-2010-1486
 	NOT-FOR-US: CactuShop
 CVE-2010-1485
 	RESERVED
@@ -9789,81 +9789,81 @@ CVE-2010-1484
 	RESERVED
 CVE-2010-1483
 	RESERVED
-CVE-2010-1482 (Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the ...)
+CVE-2010-1482
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-1481 (Cross-site scripting (XSS) vulnerability in the table feature in ...)
+CVE-2010-1481
 	NOT-FOR-US: PmWiki
-CVE-2010-1480 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
+CVE-2010-1480
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1479 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
+CVE-2010-1479
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1478 (Directory traversal vulnerability in the Ternaria Informatica ...)
+CVE-2010-1478
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1477 (SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) ...)
+CVE-2010-1477
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1476 (Directory traversal vulnerability in the AlphaUserPoints ...)
+CVE-2010-1476
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1475 (Directory traversal vulnerability in the Preventive &amp; Reservation ...)
+CVE-2010-1475
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1474 (Directory traversal vulnerability in the Sweety Keeper ...)
+CVE-2010-1474
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1473 (Directory traversal vulnerability in the Advertising (com_advertising) ...)
+CVE-2010-1473
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1472 (Directory traversal vulnerability in the Daily Horoscope ...)
+CVE-2010-1472
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1471 (Directory traversal vulnerability in the AddressBook (com_addressbook) ...)
+CVE-2010-1471
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1470 (Directory traversal vulnerability in the Web TV (com_webtv) component ...)
+CVE-2010-1470
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1469 (Directory traversal vulnerability in the Ternaria Informatica JProject ...)
+CVE-2010-1469
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1468 (SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager ...)
+CVE-2010-1468
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1467 (Multiple PHP remote file inclusion vulnerabilities in openUrgence ...)
+CVE-2010-1467
 	NOT-FOR-US: openUrgence
-CVE-2010-1466 (Directory traversal vulnerability in scr/soustab.php in openUrgence ...)
+CVE-2010-1466
 	NOT-FOR-US: openUrgence
-CVE-2010-1465 (Stack-based buffer overflow in Trellian FTP client 3.01, including ...)
+CVE-2010-1465
 	NOT-FOR-US: Trellian FTP
-CVE-2010-1464 (Multiple cross-site scripting (XSS) vulnerabilities in WebAsyst ...)
+CVE-2010-1464
 	NOT-FOR-US: WebAsyst Shop-Script FREE
-CVE-2010-1463 (Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE ...)
+CVE-2010-1463
 	NOT-FOR-US: WebAsyst Shop-Script FREE
-CVE-2010-1462 (Directory traversal vulnerability in WebAsyst Shop-Script FREE has ...)
+CVE-2010-1462
 	NOT-FOR-US: WebAsyst Shop-Script FREE
-CVE-2010-1461 (Directory traversal vulnerability in the Photo Battle ...)
+CVE-2010-1461
 	NOT-FOR-US: Photo Battle Component for Joomla!
-CVE-2010-1460 (The IBM BladeCenter with Advanced Management Module (AMM) firmware ...)
+CVE-2010-1460
 	NOT-FOR-US: IBM BladeCenter Management Module
-CVE-2010-1459 (The default configuration of ASP.NET in Mono before 2.6.4 has a value ...)
+CVE-2010-1459
 	- mono 2.4.4~svn151842-3 (bug #585440)
-CVE-2010-1458 (Stack-based buffer overflow in Create and Extract Zips TweakFS Zip ...)
+CVE-2010-1458
 	NOT-FOR-US: TweakFS
-CVE-2010-1167 (fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not ...)
+CVE-2010-1167
 	- fetchmail 6.3.16-2 (low)
 	[lenny] - fetchmail <no-dsa> (only vulnerable when run under debug verbosity level)
 	NOTE: http://www.fetchmail.info/fetchmail-SA-2010-02.txt
 	NOTE: http://gitorious.org/fetchmail/fetchmail/commit/ec06293
-CVE-2010-1457 (Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local ...)
+CVE-2010-1457
 	- gnustep-base 1.19.3-2 (bug #584402)
 	[lenny] - gnustep-base <not-affected> (Not installed setuid root)
 	NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
 CVE-2010-1456
 	REJECTED
-CVE-2010-1455 (The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 ...)
+CVE-2010-1455
 	- wireshark 1.2.8-1 (unimportant)
 	NOTE: Not triggerable remotely
-CVE-2010-1454 (com.springsource.tcserver.serviceability.rmi.JmxSocketListener in ...)
+CVE-2010-1454
 	NOT-FOR-US: VMware
-CVE-2010-1453 (Cross-site scripting (XSS) vulnerability in the Login form in Piwik ...)
+CVE-2010-1453
 	- piwik <itp> (bug #506933)
-CVE-2010-1452 (The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server ...)
+CVE-2010-1452
 	- apache2 2.2.16-1 (low)
 	[lenny] - apache2 2.2.9-10+lenny10
-CVE-2010-1451 (The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the ...)
+CVE-2010-1451
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-10
-CVE-2010-1450 (Multiple buffer overflows in the RLE decoder in the rgbimg module in ...)
+CVE-2010-1450
 	- python3.1 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.7 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.6 <not-affected> (rgbimgmodule no longer included in source)
@@ -9871,7 +9871,7 @@ CVE-2010-1450 (Multiple buffer overflows in the RLE decoder in the rgbimg module
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-1449 (Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 ...)
+CVE-2010-1449
 	- python3.1 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.7 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.6 <not-affected> (rgbimgmodule no longer included in source)
@@ -9879,52 +9879,52 @@ CVE-2010-1449 (Integer overflow in rgbimgmodule.c in the rgbimg module in Python
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-1448 (Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR ...)
+CVE-2010-1448
 	{DSA-2092-1}
 	- lxr <removed> (low; bug #585411)
 	[lenny] - lxr <no-dsa> (Minor issue)
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588036)
 	NOTE: seems to be a dupe of CVE-2010-1738
-CVE-2010-1447 (The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for ...)
+CVE-2010-1447
 	{DSA-2267-1 DSA-2051-1}
 	- postgresql-8.4 8.4.4-1
 	- postgresql-8.3 <removed>
 	- perl 5.12.3-1
 	NOTE: Originally attributed to Postgres, but also affects standard Perl
-CVE-2010-1446 (arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and ...)
+CVE-2010-1446
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12 (unimportant)
 	NOTE: KGDB is not currently enabled in debian builds
-CVE-2010-1445 (Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 ...)
+CVE-2010-1445
 	- vlc 1.0.6-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1444 (The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 ...)
+CVE-2010-1444
 	- vlc 1.0.6-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1443 (The parse_track_node function in modules/demux/playlist/xspf.c in the ...)
+CVE-2010-1443
 	- vlc 1.0.6-1 (unimportant)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1442 (VideoLAN VLC media player before 1.0.6 allows remote attackers to ...)
+CVE-2010-1442
 	- vlc 1.0.6-1
 	[lenny] - vlc 0.8.6.h-4+lenny3
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1441 (Multiple heap-based buffer overflows in VideoLAN VLC media player ...)
+CVE-2010-1441
 	- vlc 1.0.6-1
 	[lenny] - vlc 0.8.6.h-4+lenny3
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1440 (Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live ...)
+CVE-2010-1440
 	- texlive-bin 2009-6 (low; bug #580668)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny3
-CVE-2010-1439 (yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) ...)
+CVE-2010-1439
 	NOT-FOR-US: Red Hat Network Client Tools
-CVE-2010-1438 (Web Application Finger Printer (WAFP) 0.01-26c3 uses fixed pathnames ...)
+CVE-2010-1438
 	- wafp <itp> (bug #562949)
-CVE-2010-1437 (Race condition in the find_keyring_by_name function in ...)
+CVE-2010-1437
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-13
-CVE-2010-1436 (gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not ...)
+CVE-2010-1436
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 2.6.26-23
 CVE-2010-1435
@@ -9937,39 +9937,39 @@ CVE-2010-1432
 	RESERVED
 CVE-2010-1430
 	REJECTED
-CVE-2010-1429 (Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) ...)
+CVE-2010-1429
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-1428 (The Web Console (aka web-console) in JBossAs in Red Hat JBoss ...)
+CVE-2010-1428
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-1427 (Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin ...)
+CVE-2010-1427
 	NOT-FOR-US: MODx Evolution
-CVE-2010-1426 (SQL injection vulnerability in MODx Evolution before 1.0.3 allows ...)
+CVE-2010-1426
 	NOT-FOR-US: MODx Evolution
-CVE-2010-1425 (F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft ...)
+CVE-2010-1425
 	NOT-FOR-US: F-Secure Internet Security
-CVE-2010-1424 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
+CVE-2010-1424
 	NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
-CVE-2010-1422 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1422
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=26824
 	NOTE: http://trac.webkit.org/changeset/58829
-CVE-2010-1421 (The execCommand JavaScript function in WebKit in Apple Safari before ...)
+CVE-2010-1421
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=27751
 	NOTE: http://trac.webkit.org/changeset/58703
-CVE-2010-1420 (Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari ...)
+CVE-2010-1420
 	NOT-FOR-US: Apple Safari
-CVE-2010-1419 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1419
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37618
 	NOTE: http://trac.webkit.org/changeset/58616
-CVE-2010-1418 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2010-1418
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
@@ -9979,60 +9979,60 @@ CVE-2010-1418 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	NOTE: http://trac.webkit.org/changeset/58844
 	NOTE: http://trac.webkit.org/changeset/56651
 	NOTE: http://trac.webkit.org/changeset/57627
-CVE-2010-1417 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...)
+CVE-2010-1417
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38001
 	NOTE: http://trac.webkit.org/changeset/58201
 	NOTE: if this commit is correct, this is a dup of cve-2010-1665
-CVE-2010-1416 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1416
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36838
 	NOTE: http://trac.webkit.org/changeset/56810
-CVE-2010-1415 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1415
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36000
 	NOTE: http://trac.webkit.org/changeset/56420
-CVE-2010-1414 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1414
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35818
 	NOTE: http://trac.webkit.org/changeset/55783
-CVE-2010-1413 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1413
 	- webkit <not-affected> (affected cf/iss code is not present)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37230
 	NOTE: http://trac.webkit.org/changeset/57232
-CVE-2010-1412 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1412
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=29635
 	NOTE: http://trac.webkit.org/changeset/57759
 	NOTE: http://trac.webkit.org/changeset/57817
-CVE-2010-1411 (Multiple integer overflows in the Fax3SetupState function in ...)
+CVE-2010-1411
 	{DSA-2084-1}
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-1410 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1410
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35603
 	NOTE: http://trac.webkit.org/changeset/55511
-CVE-2010-1409 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...)
+CVE-2010-1409
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34451
 	NOTE: http://trac.webkit.org/changeset/54193
-CVE-2010-1408 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1408
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
@@ -10040,116 +10040,116 @@ CVE-2010-1408 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 a
 	NOTE: http://trac.webkit.org/changeset/56489
 	NOTE: http://trac.webkit.org/changeset/56492
 	NOTE: http://trac.webkit.org/changeset/56879
-CVE-2010-1407 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not ...)
+CVE-2010-1407
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36435
 	NOTE: http://trac.webkit.org/changeset/56365
-CVE-2010-1406 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1406
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=30841
 	NOTE: http://trac.webkit.org/changeset/50226
 	NOTE: http://trac.webkit.org/changeset/50240
-CVE-2010-1405 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1405
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36198
 	NOTE: http://trac.webkit.org/changeset/56186
-CVE-2010-1404 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1404
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35709
 	NOTE: http://trac.webkit.org/changeset/53446
-CVE-2010-1403 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1403
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35708
 	NOTE: http://trac.webkit.org/changeset/53446
-CVE-2010-1402 (Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac ...)
+CVE-2010-1402
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35598
 	NOTE: http://trac.webkit.org/changeset/55182
-CVE-2010-1401 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2010-1401
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35353
 	NOTE: http://trac.webkit.org/changeset/55196
-CVE-2010-1400 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1400
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34734
 	NOTE: http://trac.webkit.org/changeset/54521
-CVE-2010-1399 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1399
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35599
 	NOTE: http://trac.webkit.org/changeset/46437
-CVE-2010-1398 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-1398
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35305
 	NOTE: http://trac.webkit.org/changeset/55167
-CVE-2010-1397 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1397
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=32842
 	NOTE: http://trac.webkit.org/changeset/52034
 	NOTE: http://trac.webkit.org/changeset/55114
-CVE-2010-1396 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1396
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35621
 	NOTE: http://trac.webkit.org/changeset/55462
 	NOTE: http://trac.webkit.org/changeset/55465
-CVE-2010-1395 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2010-1395
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=26868
 	NOTE: http://trac.webkit.org/changeset/46068
-CVE-2010-1394 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2010-1394
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: http://trac.webkit.org/changeset/55203
 	NOTE: http://trac.webkit.org/changeset/55212
-CVE-2010-1393 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...)
+CVE-2010-1393
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=33683
 	NOTE: http://trac.webkit.org/changeset/53607
-CVE-2010-1392 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1392
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34641
 	NOTE: http://trac.webkit.org/changeset/56297
-CVE-2010-1391 (Multiple directory traversal vulnerabilities in the (a) Local Storage ...)
+CVE-2010-1391
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36243
 	NOTE: http://trac.webkit.org/changeset/56139
-CVE-2010-1390 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2010-1390
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=29078
 	NOTE: http://trac.webkit.org/changeset/49487
-CVE-2010-1389 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2010-1389
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
@@ -10159,12 +10159,12 @@ CVE-2010-1389 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safar
 	NOTE: http://trac.webkit.org/changeset/53442
 	NOTE: http://trac.webkit.org/changeset/53835
 	NOTE: http://trac.webkit.org/changeset/53659
-CVE-2010-1388 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and ...)
+CVE-2010-1388
 	- webkit <not-affected> (issue in mac-specific code)
 	- chromium-browser <not-affected> (issue in mac-specific code)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=28755
 	NOTE: http://trac.webkit.org/changeset/47829
-CVE-2010-1387 (Use-after-free vulnerability in JavaScriptCore in WebKit in Apple ...)
+CVE-2010-1387
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
@@ -10172,43 +10172,43 @@ CVE-2010-1387 (Use-after-free vulnerability in JavaScriptCore in WebKit in Apple
 	NOTE: http://trac.webkit.org/changeset/54129
 	NOTE: http://trac.webkit.org/changeset/54141
 	NOTE: http://trac.webkit.org/changeset/54265
-CVE-2010-1386 (page/Geolocation.cpp in WebCore in WebKit before r56188 and before ...)
+CVE-2010-1386
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36255
 	NOTE: http://trac.webkit.org/changeset/56188
-CVE-2010-1385 (Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X ...)
+CVE-2010-1385
 	- webkit <not-affected> (this is a bug in Apple's PDFKit)
 	- chromium-browser <not-affected> (this is a bug in Apple's PDFKit)
-CVE-2010-1384 (Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and ...)
+CVE-2010-1384
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: This is based on various misconceptions surrounding "phishing" The only supported browser security model
 	NOTE: surrounding URLs is the accurate post-link-click indication of the final target URL in the URL bar.
-CVE-2010-1383 (CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web ...)
+CVE-2010-1383
 	NOT-FOR-US: Apple Safari
-CVE-2010-1382 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
+CVE-2010-1382
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1381 (The default configuration of SMB File Server in Apple Mac OS X 10.5.8, ...)
+CVE-2010-1381
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1380 (Integer overflow in the cgtexttops CUPS filter in Printing in Apple ...)
+CVE-2010-1380
 	NOT-FOR-US: Apple-specific CUPS filter "cgtexttops"
-CVE-2010-1379 (Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly ...)
+CVE-2010-1379
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1378 (OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
+CVE-2010-1378
 	- openssl <not-affected> (fix for an apple-specific flaw)
 	NOTE: sounds like a duplicate of CVE-2009-2409
-CVE-2010-1377 (Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an ...)
+CVE-2010-1377
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1376 (Multiple format string vulnerabilities in Network Authorization in ...)
+CVE-2010-1376
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1375 (NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does ...)
+CVE-2010-1375
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1374 (Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, ...)
+CVE-2010-1374
 	NOT-FOR-US: iChat
-CVE-2010-1373 (Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac ...)
+CVE-2010-1373
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1423 (Argument injection vulnerability in the URI handler in (a) Java NPAPI ...)
+CVE-2010-1423
 	- sun-java6 6.20-1 (high)
 	[lenny] - sun-java6 6-20-0lenny1
 CVE-2010-2449 [gource: predictable log file located in /tmp]
@@ -10216,280 +10216,280 @@ CVE-2010-2449 [gource: predictable log file located in /tmp]
 	- gource 0.26-2 (low; bug #577958)
 CVE-2010-1564
 	REJECTED
-CVE-2010-1372 (SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) ...)
+CVE-2010-1372
 	NOT-FOR-US: Joomla!
-CVE-2010-1371 (Cross-site scripting (XSS) vulnerability in signup.asp in Pre ...)
+CVE-2010-1371
 	NOT-FOR-US: Pre Classified Listings ASP
-CVE-2010-1370 (SQL injection vulnerability in detailad.asp in Pre Classified Listings ...)
+CVE-2010-1370
 	NOT-FOR-US: Pre Classified Listings ASP
-CVE-2010-1369 (SQL injection vulnerability in signup.asp in Pre Classified Listings ...)
+CVE-2010-1369
 	NOT-FOR-US: Pre Classified Listings ASP
-CVE-2010-1368 (SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows ...)
+CVE-2010-1368
 	NOT-FOR-US: GameScript
-CVE-2010-1367 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2010-1367
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1366 (Multiple SQL injection vulnerabilities in admin/admin_login.php in ...)
+CVE-2010-1366
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1365 (SQL injection vulnerability in index.php in Uiga Fan Club, as ...)
+CVE-2010-1365
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1364 (SQL injection vulnerability in index.php in Uiga Personal Portal, as ...)
+CVE-2010-1364
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1363 (SQL injection vulnerability in the JProjects (com_j-projects) ...)
+CVE-2010-1363
 	NOT-FOR-US: Joomla!
-CVE-2010-1362 (Cross-site scripting (XSS) vulnerability in the Own Term module ...)
+CVE-2010-1362
 	NOT-FOR-US: Own Term module for Drupal
-CVE-2010-1361 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-1361
 	NOT-FOR-US: PHPepperShop
-CVE-2010-1360 (Multiple PHP remote file inclusion vulnerabilities in FAQEngine ...)
+CVE-2010-1360
 	NOT-FOR-US: FAQEngine
-CVE-2010-1359 (SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL ...)
+CVE-2010-1359
 	NOT-FOR-US: xt:Commerce
-CVE-2010-1358 (Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) ...)
+CVE-2010-1358
 	NOT-FOR-US: Biblio module for Drupal
-CVE-2010-1357 (Cross-site scripting (XSS) vulnerability in editors/logindialogue.php ...)
+CVE-2010-1357
 	NOT-FOR-US: SBD Directory Software
-CVE-2010-1356 (Unspecified vulnerability on the TANDBERG Video Communication Server ...)
+CVE-2010-1356
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2010-1355 (Cross-site scripting (XSS) vulnerability on the TANDBERG Video ...)
+CVE-2010-1355
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2010-1354 (Directory traversal vulnerability in the VJDEO (com_vjdeo) component ...)
+CVE-2010-1354
 	NOT-FOR-US: Joomla!
-CVE-2010-1353 (Directory traversal vulnerability in the LoginBox Pro (com_loginbox) ...)
+CVE-2010-1353
 	NOT-FOR-US: Joomla!
-CVE-2010-1352 (Directory traversal vulnerability in the JOOFORGE Jutebox ...)
+CVE-2010-1352
 	NOT-FOR-US: Joomla!
-CVE-2010-1351 (Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 ...)
+CVE-2010-1351
 	NOT-FOR-US: Nodesforum
-CVE-2010-1350 (SQL injection vulnerability in the JP Jobs (com_jp_jobs) component ...)
+CVE-2010-1350
 	NOT-FOR-US: Joomla!
-CVE-2010-1349 (Integer overflow in Opera 10.10 through 10.50 allows remote attackers ...)
+CVE-2010-1349
 	NOT-FOR-US: Opera
-CVE-2010-1348 (Unspecified vulnerability in the login process in IBM WebSphere Portal ...)
+CVE-2010-1348
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-1347 (Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and ...)
+CVE-2010-1347
 	NOT-FOR-US: IBM AIX
-CVE-2010-1346 (SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, ...)
+CVE-2010-1346
 	NOT-FOR-US: Mini CMS RibaFS
-CVE-2010-1345 (Directory traversal vulnerability in the Cookex Agency CKForms ...)
+CVE-2010-1345
 	NOT-FOR-US: Joomla!
-CVE-2010-1344 (SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) ...)
+CVE-2010-1344
 	NOT-FOR-US: Joomla!
-CVE-2010-1343 (SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows ...)
+CVE-2010-1343
 	NOT-FOR-US: SiteX
-CVE-2010-1342 (Multiple PHP remote file inclusion vulnerabilities in Direct News ...)
+CVE-2010-1342
 	NOT-FOR-US: Direct News
-CVE-2010-1341 (SQL injection vulnerability in index.php in Systemsoftware Community ...)
+CVE-2010-1341
 	NOT-FOR-US: Systemsoftware Community Black Forum
-CVE-2010-1340 (Directory traversal vulnerability in jresearch.php in the J!Research ...)
+CVE-2010-1340
 	NOT-FOR-US: Joomla!
-CVE-2010-1339 (Cross-site scripting (XSS) vulnerability in ts_other.php in the ...)
+CVE-2010-1339
 	NOT-FOR-US: Teamsite Hack plugin
-CVE-2010-1338 (SQL injection vulnerability in ts_other.php in the Teamsite Hack ...)
+CVE-2010-1338
 	NOT-FOR-US: Teamsite Hack plugin
-CVE-2010-1337 (Multiple PHP remote file inclusion vulnerabilities in definitions.php ...)
+CVE-2010-1337
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2010-1336 (Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote ...)
+CVE-2010-1336
 	NOT-FOR-US: INVOhost
-CVE-2010-1335 (Multiple PHP remote file inclusion vulnerabilities in Insky CMS ...)
+CVE-2010-1335
 	NOT-FOR-US: Insky CMS
-CVE-2010-1334 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows ...)
+CVE-2010-1334
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-1333 (Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. ...)
+CVE-2010-1333
 	NOT-FOR-US: Almas Inc. Compiere J300_A02
-CVE-2010-1332 (Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail ...)
+CVE-2010-1332
 	NOT-FOR-US: PrettyBook PrettyFormMail
-CVE-2010-1331 (SQL injection vulnerability in Heartlogic HL-SiteManager allows remote ...)
+CVE-2010-1331
 	NOT-FOR-US: Heartlogic HL-SiteManager
-CVE-2010-1330 (The regular expression engine in JRuby before 1.4.1, when $KCODE is ...)
+CVE-2010-1330
 	- jruby 1.5.0~rc1-1
-CVE-2010-1329 (Imperva SecureSphere Web Application Firewall and Database Firewall ...)
+CVE-2010-1329
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall and Database Firewall
-CVE-2010-1328 (Multiple cross-site scripting (XSS) vulnerabilities in TornadoStore ...)
+CVE-2010-1328
 	NOT-FOR-US: TornadoStore
-CVE-2010-1327 (Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and ...)
+CVE-2010-1327
 	NOT-FOR-US: TornadoStore
-CVE-2010-1326 (perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 ...)
+CVE-2010-1326
 	{DSA-2108-1}
 	- cvsnt 2.5.04.3236-1.2 (medium; bug #593884)
 	NOTE: http://march-hare.com/cvspro/vuln.htm
-CVE-2010-1325 (Cross-site request forgery (CSRF) vulnerability in the apache2-slms ...)
+CVE-2010-1325
 	NOT-FOR-US: SUSE Lifecycle Management Server
-CVE-2010-1324 (MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not ...)
+CVE-2010-1324
 	- krb5 1.8.3+dfsg-3 (bug #605553)
 	[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.7)
-CVE-2010-1323 (MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x ...)
+CVE-2010-1323
 	{DSA-2129-1}
 	- krb5 1.8.3+dfsg-3 (bug #605553)
-CVE-2010-1322 (The merge_authdata function in kdc_authdata.c in the Key Distribution ...)
+CVE-2010-1322
 	- krb5 1.8.3+dfsg-2 (bug #599237)
 	[lenny] - krb5 <not-affected> (Only affects 1.8)
 	[etch] - krb5 <not-affected> (Only affects 1.8)
 	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txt
-CVE-2010-1321 (The kg_accept_krb5 function in krb5/accept_sec_context.c in the ...)
+CVE-2010-1321
 	{DSA-2052-1}
 	- krb5 1.8.1+dfsg-3 (low; bug #582261)
 	- heimdal 1.4.0~git20100605.dfsg.1-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-1320 (Double free vulnerability in do_tgs_req.c in the Key Distribution ...)
+CVE-2010-1320
 	- krb5 1.8.1+dfsg-2 (bug #577490)
 	[lenny] - krb5 <not-affected> (Only affects 1.7/1.8)
 	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt
-CVE-2010-1319 (Integer overflow in the AgentX::receive_agentx function in AgentX++ ...)
+CVE-2010-1319
 	NOT-FOR-US: Real Helix Server
-CVE-2010-1318 (Stack-based buffer overflow in the AgentX::receive_agentx function in ...)
+CVE-2010-1318
 	NOT-FOR-US: Real Helix Server
-CVE-2010-1317 (Heap-based buffer overflow in the NTLM authentication functionality in ...)
+CVE-2010-1317
 	NOT-FOR-US: Real Helix Server
-CVE-2010-1316 (Multiple stack-based buffer overflows in Tembria Server Monitor before ...)
+CVE-2010-1316
 	NOT-FOR-US: Tembria Server Monitor
-CVE-2010-1315 (Directory traversal vulnerability in weberpcustomer.php in the ...)
+CVE-2010-1315
 	NOT-FOR-US: Joomla!
-CVE-2010-1314 (Directory traversal vulnerability in the Highslide JS (com_hsconfig) ...)
+CVE-2010-1314
 	NOT-FOR-US: Joomla!
-CVE-2010-1313 (Directory traversal vulnerability in the Seber Cart (com_sebercart) ...)
+CVE-2010-1313
 	NOT-FOR-US: Joomla!
-CVE-2010-1312 (Directory traversal vulnerability in the iJoomla News Portal ...)
+CVE-2010-1312
 	NOT-FOR-US: Joomla!
-CVE-2010-1311 (The qtm_decompress function in libclamav/mspack.c in ClamAV before ...)
+CVE-2010-1311
 	- clamav 0.96+dfsg-2 (bug #577462; low)
 	[lenny] - clamav <end-of-life> (bug #577462; low)
 	NOTE: Lenny version achieved end of life! see
 	NOTE: http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/
-CVE-2010-1310 (Opera 10.50 allows remote attackers to obtain sensitive information ...)
+CVE-2010-1310
 	NOT-FOR-US: Opera
-CVE-2010-1309 (Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) ...)
+CVE-2010-1309
 	NOT-FOR-US: Pepsi CMS
-CVE-2010-1308 (Directory traversal vulnerability in the SVMap (com_svmap) component ...)
+CVE-2010-1308
 	NOT-FOR-US: Joomla!
-CVE-2010-1307 (Directory traversal vulnerability in the Magic Updater ...)
+CVE-2010-1307
 	NOT-FOR-US: Joomla!
-CVE-2010-1306 (Directory traversal vulnerability in the Picasa (com_joomlapicasa2) ...)
+CVE-2010-1306
 	NOT-FOR-US: Joomla!
-CVE-2010-1305 (Directory traversal vulnerability in jinventory.php in the JInventory ...)
+CVE-2010-1305
 	NOT-FOR-US: Joomla!
-CVE-2010-1304 (Directory traversal vulnerability in userstatus.php in the User Status ...)
+CVE-2010-1304
 	NOT-FOR-US: Joomla!
-CVE-2010-1303 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy ...)
+CVE-2010-1303
 	NOT-FOR-US: Drupal module
-CVE-2010-1302 (Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW ...)
+CVE-2010-1302
 	NOT-FOR-US: Joomla!
-CVE-2010-1301 (SQL injection vulnerability in main.php in Centreon 2.1.5 allows ...)
+CVE-2010-1301
 	NOT-FOR-US: Centreon
-CVE-2010-1300 (SQL injection vulnerability in index.php in Yamamah (aka Dove Photo ...)
+CVE-2010-1300
 	NOT-FOR-US: Yamamah
-CVE-2010-1299 (Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, ...)
+CVE-2010-1299
 	NOT-FOR-US: DynPG CMS
-CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 ...)
+CVE-2010-1298
 	NOT-FOR-US: Pulse CMS
-CVE-2010-1297 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe ...)
+CVE-2010-1297
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow ...)
+CVE-2010-1296
 	NOT-FOR-US: Adobe Photoshop CS4
-CVE-2010-1295 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-1295
 	NOT-FOR-US: Adobe Reader
-CVE-2010-1294 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 ...)
+CVE-2010-1294
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-1293 (Cross-site scripting (XSS) vulnerability in the Administrator page in ...)
+CVE-2010-1293
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-1292 (The implementation of pami RIFF chunk parsing in Adobe Shockwave ...)
+CVE-2010-1292
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1291 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...)
+CVE-2010-1291
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1290 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...)
+CVE-2010-1290
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1289 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...)
+CVE-2010-1289
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1288 (Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might ...)
+CVE-2010-1288
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1287 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...)
+CVE-2010-1287
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1286 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...)
+CVE-2010-1286
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1285 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-1285
 	NOT-FOR-US: Adobe Reader
-CVE-2010-1284 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...)
+CVE-2010-1284
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1283 (Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D ...)
+CVE-2010-1283
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1282 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ...)
+CVE-2010-1282
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1281 (iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not ...)
+CVE-2010-1281
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1280 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ...)
+CVE-2010-1280
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1279 (Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x ...)
+CVE-2010-1279
 	NOT-FOR-US: Adobe Photoshop
-CVE-2010-1278 (Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in ...)
+CVE-2010-1278
 	NOT-FOR-US: Adobe Download Manager
-CVE-2010-1277 (SQL injection vulnerability in the user.authenticate method in the API ...)
+CVE-2010-1277
 	- zabbix 1:1.8.2-1 (bug #577058)
 	[lenny] - zabbix <not-affected> (vulnerable code not present)
 	[etch] - zabbix <not-affected> (vulnerable code not present)
 	NOTE: This is a bug that was introduced with the Zabbix 1.8 API
-CVE-2010-1276 (Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 ...)
+CVE-2010-1276
 	NOT-FOR-US: BBSXP
-CVE-2010-1275 (Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 ...)
+CVE-2010-1275
 	NOT-FOR-US: BBSXP
-CVE-2010-1274 (Cross-site scripting (XSS) vulnerability in Emweb Wt before 3.1.1 ...)
+CVE-2010-1274
 	NOT-FOR-US: Emweb Wt
-CVE-2010-1273 (Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form ...)
+CVE-2010-1273
 	NOT-FOR-US: Emweb Wt
-CVE-2010-1272 (PHP remote file inclusion vulnerability in includes/tgpinc.php in ...)
+CVE-2010-1272
 	NOT-FOR-US: Gnat-TGP
-CVE-2010-1271 (SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows ...)
+CVE-2010-1271
 	NOT-FOR-US: smartplugs
-CVE-2010-1270 (SQL injection vulnerability in auktion.php in Multi Auktions Komplett ...)
+CVE-2010-1270
 	NOT-FOR-US: Multi Auktions Komplett System
-CVE-2010-1269 (SQL injection vulnerability in auktion.php in phpscripte24 Niedrig ...)
+CVE-2010-1269
 	NOT-FOR-US: Gebote Pro Auktions System
-CVE-2010-1268 (Directory traversal vulnerability in index.php in justVisual CMS 2.0, ...)
+CVE-2010-1268
 	NOT-FOR-US: justVisual CMS
-CVE-2010-1267 (Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta ...)
+CVE-2010-1267
 	NOT-FOR-US: WebMaid CMS
-CVE-2010-1266 (Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS ...)
+CVE-2010-1266
 	NOT-FOR-US: WebMaid CMS
-CVE-2010-1265 (SQL injection vulnerability in Adam Corley dcsFlashGames ...)
+CVE-2010-1265
 	NOT-FOR-US: dcsFlashGames
-CVE-2010-1264 (Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 ...)
+CVE-2010-1264
 	NOT-FOR-US: Microsoft
-CVE-2010-1263 (Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2010-1263
 	NOT-FOR-US: Microsoft
-CVE-2010-1262 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote ...)
+CVE-2010-1262
 	NOT-FOR-US: Microsoft
-CVE-2010-1261 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, ...)
+CVE-2010-1261
 	NOT-FOR-US: Microsoft
-CVE-2010-1260 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, ...)
+CVE-2010-1260
 	NOT-FOR-US: Microsoft
-CVE-2010-1259 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote ...)
+CVE-2010-1259
 	NOT-FOR-US: Microsoft
-CVE-2010-1258 (Microsoft Internet Explorer 6, 7, and 8 does not properly determine ...)
+CVE-2010-1258
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1257 (Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as ...)
+CVE-2010-1257
 	NOT-FOR-US: Microsoft
-CVE-2010-1256 (Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when ...)
+CVE-2010-1256
 	NOT-FOR-US: Microsoft
-CVE-2010-1255 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...)
+CVE-2010-1255
 	NOT-FOR-US: Microsoft
-CVE-2010-1254 (The installation for Microsoft Open XML File Format Converter for Mac ...)
+CVE-2010-1254
 	NOT-FOR-US: Microsoft
-CVE-2010-1253 (Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for ...)
+CVE-2010-1253
 	NOT-FOR-US: Microsoft
-CVE-2010-1252 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
+CVE-2010-1252
 	NOT-FOR-US: Microsoft
-CVE-2010-1251 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
+CVE-2010-1251
 	NOT-FOR-US: Microsoft
-CVE-2010-1250 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office ...)
+CVE-2010-1250
 	NOT-FOR-US: Microsoft
-CVE-2010-1249 (Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for ...)
+CVE-2010-1249
 	NOT-FOR-US: Microsoft
-CVE-2010-1248 (Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for ...)
+CVE-2010-1248
 	NOT-FOR-US: Microsoft
-CVE-2010-1247 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows ...)
+CVE-2010-1247
 	NOT-FOR-US: Microsoft
-CVE-2010-1246 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows ...)
+CVE-2010-1246
 	NOT-FOR-US: Microsoft
-CVE-2010-1245 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office ...)
+CVE-2010-1245
 	NOT-FOR-US: Microsoft
 CVE-2010-XXXX [tcpdf code execution via tcpdf tag]
 	- moodle <not-affected> (Vulnerable code not present)
@@ -10502,102 +10502,102 @@ CVE-2010-XXXX [xmail insecure temp files handling]
 	- xmail 1.27-1 (low)
 	[lenny] - xmail <no-dsa> (Minor issue)
 	NOTE: http://www.xmailserver.org/ChangeLog.html#feb_25__2010_v_1_27
-CVE-2010-1159 (Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow ...)
+CVE-2010-1159
 	- aircrack-ng 1:1.1-1 (low; bug #577758)
 	[lenny] - aircrack-ng <no-dsa> (low)
 	[etch] - aircrack-ng <no-dsa> (low)
 	NOTE: http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py
-CVE-2010-1244 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2010-1244
 	NOT-FOR-US: Apache ActiveMQ
-CVE-2010-1243 (The IBM Web Interface for Content Management (aka WEBi) before 1.0.4 ...)
+CVE-2010-1243
 	NOT-FOR-US: IBM Web Interface for Content Management
-CVE-2010-1242 (Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web ...)
+CVE-2010-1242
 	NOT-FOR-US: IBM Web Interface for Content Management
-CVE-2010-1241 (Heap-based buffer overflow in the custom heap management system in ...)
+CVE-2010-1241
 	NOT-FOR-US: Acrobat Reader
-CVE-2010-1240 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on ...)
+CVE-2010-1240
 	NOT-FOR-US: Adobe Reader
-CVE-2010-1239 (Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute ...)
+CVE-2010-1239
 	NOT-FOR-US: Foxit Reader
-CVE-2010-1238 (MoinMoin 1.7.1 allows remote attackers to bypass the textcha ...)
+CVE-2010-1238
 	- moin 1.9.2-3 (bug #575995; medium)
 	[lenny] - moin 1.7.1-3+lenny4 (bug #575995; medium)
 	NOTE: see http://www.debian.org/security/2010/dsa-2024
-CVE-2010-1237 (Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to ...)
+CVE-2010-1237
 	- webkit 1.1.90-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://trac.webkit.org/changeset/55511
 	NOTE: evidence of memory corruption http://code.google.com/p/chromium/issues/detail?id=37061
-CVE-2010-1236 (The protocolIs function in platform/KURLGoogle.cpp in WebCore in ...)
+CVE-2010-1236
 	- webkit <not-affected> (bug #577457; proof-of-concepts are not effective against webkit)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://trac.webkit.org/changeset/55822
-CVE-2010-1235 (Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows ...)
+CVE-2010-1235
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: issue in chrome-specific download dialog
-CVE-2010-1234 (Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows ...)
+CVE-2010-1234
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1233 (Multiple integer overflows in Google Chrome before 4.1.249.1036 allow ...)
+CVE-2010-1233
 	- webkit <not-affected> (v8 and webgl not yet included)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://trac.webkit.org/changeset/55376
-CVE-2010-1232 (Google Chrome before 4.1.249.1036 allows remote attackers to cause a ...)
+CVE-2010-1232
 	- webkit 1.1.90-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=34978
-CVE-2010-1231 (Google Chrome before 4.1.249.1036 processes HTTP headers before ...)
+CVE-2010-1231
 	- webkit <not-affected> (does not yet have a "safe browsing" feature; i.e. chromium-specific issue)
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2010-1230 (Google Chrome before 4.1.249.1036 does not have the expected behavior ...)
+CVE-2010-1230
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1229 (The sandbox infrastructure in Google Chrome before 4.1.249.1036 does ...)
+CVE-2010-1229
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1228 (Multiple race conditions in the sandbox infrastructure in Google ...)
+CVE-2010-1228
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1227 (Cross-site scripting (XSS) vulnerability in Sun Java System ...)
+CVE-2010-1227
 	NOT-FOR-US: Sun Java System Communication Express
-CVE-2010-1226 (The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G ...)
+CVE-2010-1226
 	NOT-FOR-US: Apple iPhone
-CVE-2010-1225 (The memory-management implementation in the Virtual Machine Monitor ...)
+CVE-2010-1225
 	NOT-FOR-US: Microsoft Virtual PC
-CVE-2010-1224 (main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x ...)
+CVE-2010-1224
 	- asterisk 1:1.6.2.6-1 (low; bug #576560)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2010-1223 (Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote ...)
+CVE-2010-1223
 	NOT-FOR-US: CA XOsoft
-CVE-2010-1222 (CA XOsoft r12.5 does not properly perform authentication, which allows ...)
+CVE-2010-1222
 	NOT-FOR-US: CA XOsoft
-CVE-2010-1221 (CA XOsoft r12.0 and r12.5 does not properly perform authentication, ...)
+CVE-2010-1221
 	NOT-FOR-US: CA XOsoft
 CVE-2010-1220
 	RESERVED
 CVE-2010-XXXX [interchange potential HTTP response splitting vulnerability]
 	- interchange 5.7.6-1
-CVE-2010-1219 (Directory traversal vulnerability in the JA News (com_janews) ...)
+CVE-2010-1219
 	NOT-FOR-US: com_janews component for Joomla!
-CVE-2010-1218 (Cross-site scripting (XSS) vulnerability in the mm_forum extension ...)
+CVE-2010-1218
 	NOT-FOR-US: mm_forum extension for TYPO3
-CVE-2010-1217 (Directory traversal vulnerability in the JE Form Creator ...)
+CVE-2010-1217
 	NOT-FOR-US: com_jeformcr component for Joomla!
-CVE-2010-1216 (PHP remote file inclusion vulnerability in templates/template.php in ...)
+CVE-2010-1216
 	NOT-FOR-US: notsoPureEdit
-CVE-2010-1215 (Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 ...)
+CVE-2010-1215
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
 	- iceweasel <not-affected> (Only affects Firefox 3.6.x and above)
-CVE-2010-1214 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x ...)
+CVE-2010-1214
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1213 (The importScripts Web Worker method in Mozilla Firefox 3.5.x before ...)
+CVE-2010-1213
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceweasel 3.5.11-2
@@ -10606,12 +10606,12 @@ CVE-2010-1213 (The importScripts Web Worker method in Mozilla Firefox 3.5.x befo
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.0.6-1
-CVE-2010-1212 (js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x ...)
+CVE-2010-1212
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
 	- iceweasel <not-affected> (Only affects Firefox 3.6.x and above)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-1211 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-1211
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
@@ -10620,63 +10620,63 @@ CVE-2010-1211 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[lenny] - icedove <end-of-life>
 	- icedove 3.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1210 (intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before ...)
+CVE-2010-1210
 	- xulrunner <not-affected> (Only affects 1.9.2 and above)
 	- iceweasel <not-affected> (Only affects 1.9.2 and above)
-CVE-2010-1209 (Use-after-free vulnerability in the NodeIterator implementation in ...)
+CVE-2010-1209
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1208 (Use-after-free vulnerability in the attribute-cloning functionality in ...)
+CVE-2010-1208
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1207 (Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not ...)
+CVE-2010-1207
 	- xulrunner <not-affected> (Only affects 1.9.2 and above)
 	- iceweasel <not-affected> (Only affects 1.9.2 and above)
-CVE-2010-1206 (The startDocumentLoad function in browser/base/content/browser.js in ...)
+CVE-2010-1206
 	- iceweasel 3.5.11-1
 	[lenny] - iceweasel <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by https://bugzilla.mozilla.org/show_bug.cgi?id=254714
-CVE-2010-1205 (Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before ...)
+CVE-2010-1205
 	{DSA-2075-1 DSA-2072-1}
 	- libpng 1.2.44-1 (bug #587670)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
 	- tuxonice-userui 1.0-1 (unimportant)
 	NOTE: tuxonice-userui 1.0-1 was binNMUed
-CVE-2010-1204 (Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 ...)
+CVE-2010-1204
 	- bugzilla 3.4.7.0-1 (low; bug #587663)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2010-1203 (The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow ...)
+CVE-2010-1203
 	- xulrunner <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2)
-CVE-2010-1202 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
+CVE-2010-1202
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1201 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2010-1201
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1200 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-1200
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1199 (Integer overflow in the XSLT node sorting implementation in Mozilla ...)
+CVE-2010-1199
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
@@ -10685,21 +10685,21 @@ CVE-2010-1199 (Integer overflow in the XSLT node sorting implementation in Mozil
 	[lenny] - icedove <end-of-life>
 	- icedove 3.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1198 (Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 ...)
+CVE-2010-1198
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1197 (Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and ...)
+CVE-2010-1197
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1196 (Integer overflow in the nsGenericDOMDataNode::SetTextInternal function ...)
+CVE-2010-1196
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
@@ -10708,168 +10708,168 @@ CVE-2010-1196 (Integer overflow in the nsGenericDOMDataNode::SetTextInternal fun
 	- iceape 2.0.5-1
 	- icedove 3.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1194 (The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and ...)
+CVE-2010-1194
 	- libesmtp 1.0.4-2 (bug #311191)
-CVE-2010-1191 (Sahana disaster management system 0.6.2.2, and possibly other ...)
+CVE-2010-1191
 	- sahana <itp> (bug #497414)
-CVE-2010-1186 (Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the ...)
+CVE-2010-1186
 	NOT-FOR-US: NextGEN Gallery plugin for WordPress
-CVE-2010-1188 (Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux ...)
+CVE-2010-1188
 	- linux-2.6 2.6.20-1
-CVE-2010-1187 (The Transparent Inter-Process Communication (TIPC) functionality in ...)
+CVE-2010-1187
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12
-CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and ...)
+CVE-2010-1185
 	NOT-FOR-US: SAP MaxDB
-CVE-2010-1184 (The Microsoft wireless keyboard uses XOR encryption with a key derived ...)
+CVE-2010-1184
 	NOT-FOR-US: Microsoft Wireless Keyboard
-CVE-2010-1183 (Certain patch-installation scripts in Oracle Solaris allow local users ...)
+CVE-2010-1183
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-1182 (Multiple unspecified vulnerabilities in the administrative console in ...)
+CVE-2010-1182
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-1181 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+CVE-2010-1181
 	NOTE: proof of concept maximum impact against webkit is dos-only
-CVE-2010-1180 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+CVE-2010-1180
 	NOTE: proof of concept maximum impact against webkit is dos-only
-CVE-2010-1179 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+CVE-2010-1179
 	- webkit <not-affected>
-CVE-2010-1178 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+CVE-2010-1178
 	- webkit <not-affected>
-CVE-2010-1177 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+CVE-2010-1177
 	- webkit <not-affected>
-CVE-2010-1176 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+CVE-2010-1176
 	- webkit <not-affected>
-CVE-2010-1175 (Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 ...)
+CVE-2010-1175
 	NOT-FOR-US: Microsoft Internet Explorer 7.0
-CVE-2010-1174 (Cisco TFTP Server 1.1 allows remote attackers to cause a denial of ...)
+CVE-2010-1174
 	NOT-FOR-US: Cisco TFTP Server
-CVE-2010-1173 (The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the ...)
+CVE-2010-1173
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12
-CVE-2010-1172 (DBus-GLib 0.73 disregards the access flag of exported GObject ...)
+CVE-2010-1172
 	- dbus-glib 0.88-1 (low; bug #592753)
 	[lenny] - dbus-glib <no-dsa> (Minor issue)
-CVE-2010-1171 (Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, ...)
+CVE-2010-1171
 	NOT-FOR-US: Red Hat Network Satellite Server
-CVE-2010-1170 (The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before ...)
+CVE-2010-1170
 	{DSA-2051-1}
 	- postgresql-8.4 8.4.4-1 (low)
 	- postgresql-8.3 <removed>
-CVE-2010-1169 (PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, ...)
+CVE-2010-1169
 	{DSA-2051-1}
 	- postgresql-8.4 8.4.4-1 (low)
 	- postgresql-8.3 <removed>
-CVE-2010-1168 (The Safe (aka Safe.pm) module before 2.25 for Perl allows ...)
+CVE-2010-1168
 	- perl 5.10.1-13 (bug #582978)
 	[lenny] - perl 5.10.0-19lenny3
-CVE-2010-1166 (The fbComposite function in fbpict.c in the Render extension in the X ...)
+CVE-2010-1166
 	- xorg-server <not-affected> (Xorg in Lenny onwards uses Pixman, which isn't affected)
 	NOTE: https://rhn.redhat.com/errata/RHSA-2010-0382.html
-CVE-2010-1165 (Atlassian JIRA 3.12 through 4.1 allows remote authenticated ...)
+CVE-2010-1165
 	NOT-FOR-US: Atlassian JIRA
-CVE-2010-1164 (Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA ...)
+CVE-2010-1164
 	NOT-FOR-US: Atlassian JIRA
-CVE-2010-1163 (The command matching functionality in sudo 1.6.8 through 1.7.2p5 does ...)
+CVE-2010-1163
 	- sudo 1.7.2p6-1 (bug #578275)
 	[lenny] - sudo <not-affected> (ignore_dot default value is off and can't be changed in runtime)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=580441#c3
-CVE-2010-1162 (The release_one_tty function in drivers/char/tty_io.c in the Linux ...)
+CVE-2010-1162
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12
-CVE-2010-1161 (Race condition in GNU nano before 2.2.4, when run by root to edit a ...)
+CVE-2010-1161
 	- nano 2.2.4-1 (low; bug #577817)
 	[lenny] - nano 2.0.7-5
-CVE-2010-1160 (GNU nano before 2.2.4 does not verify whether a file has been changed ...)
+CVE-2010-1160
 	- nano 2.2.4-1 (low; bug #577817)
 	[lenny] - nano 2.0.7-5
-CVE-2010-1158 (Integer overflow in the regular expression engine in Perl 5.8.x allows ...)
+CVE-2010-1158
 	- perl <not-affected> (re engine rewritten for 5.10 to address issues such as this; and proof-of-concept not effective)
-CVE-2010-1157 (Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might ...)
+CVE-2010-1157
 	{DSA-2207-1}
 	- tomcat6 6.0.26-5 (bug #587447; unimportant)
 	- tomcat5.5 <removed> (unimportant)
 	NOTE: Negligible information disclosure
-CVE-2010-1156 (core/nicklist.c in Irssi before 0.8.15 allows remote attackers to ...)
+CVE-2010-1156
 	- irssi 0.8.15-1 (low)
 	[lenny] - irssi <no-dsa> (Minor issue)
-CVE-2010-1155 (Irssi before 0.8.15, when SSL is used, does not verify that the server ...)
+CVE-2010-1155
 	- irssi 0.8.15-1 (low)
 	[lenny] - irssi <no-dsa> (Minor issue)
 CVE-2010-1154
 	REJECTED
-CVE-2010-1153 (PHP remote file inclusion vulnerability in the autoloader in TYPO3 ...)
+CVE-2010-1153
 	- typo3-src 4.3.3-1 (bug #577993)
 	[lenny] - typo3-src <not-affected> (Only affects 4.3.x)
-CVE-2010-1152 (memcached.c in memcached before 1.4.3 allows remote attackers to cause ...)
+CVE-2010-1152
 	- memcached 1.4.5-1 (low; bug #579913)
 	[lenny] - memcached <no-dsa> (Minor issue)
-CVE-2010-1151 (Race condition in the mod_auth_shadow module for the Apache HTTP ...)
+CVE-2010-1151
 	- libapache2-mod-auth-shadow <itp> (bug #503184)
-CVE-2010-1150 (MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not ...)
+CVE-2010-1150
 	{DSA-2041-1}
 	- mediawiki 1:1.15.3-1 (low)
-CVE-2010-1149 (probers/udisks-dm-export.c in udisks before 1.0.1 exports ...)
+CVE-2010-1149
 	- udisks 1.0.1-1 (medium; bug #576687)
-CVE-2010-1148 (The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 ...)
+CVE-2010-1148
 	- linux-2.6 2.6.32-12
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not yet present)
-CVE-2010-1147 (Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC ...)
+CVE-2010-1147
 	- opendchub 0.8.2-1 (bug #576308)
 	[lenny] - opendchub <not-affected> (Vulnerable code not present)
-CVE-2010-1146 (The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem ...)
+CVE-2010-1146
 	- linux-2.6 2.6.32-12
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 CVE-2010-1145
 	REJECTED
-CVE-2010-0751 (The ip_evictor function in ip_fragment.c in libnids 1.24, as used in ...)
+CVE-2010-0751
 	- libnids 1.23-1.2 (low; bug #576281)
 	[lenny] - libnids <no-dsa> (Minor issue)
 	NOTE: dsniff is the only software in Debian using this lib so the impact is pretty minor
-CVE-2010-1143 (Cross-site scripting (XSS) vulnerability in VMware View (formerly ...)
+CVE-2010-1143
 	NOT-FOR-US: VMware
-CVE-2010-1142 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; ...)
+CVE-2010-1142
 	NOT-FOR-US: VMware products
-CVE-2010-1141 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; ...)
+CVE-2010-1141
 	NOT-FOR-US: VMware products
-CVE-2010-1140 (The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 ...)
+CVE-2010-1140
 	NOT-FOR-US: VMware products
-CVE-2010-1139 (Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware ...)
+CVE-2010-1139
 	NOT-FOR-US: VMware products
-CVE-2010-1138 (The virtual networking stack in VMware Workstation 7.0 before 7.0.1 ...)
+CVE-2010-1138
 	NOT-FOR-US: VMware products
-CVE-2010-1137 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware ...)
+CVE-2010-1137
 	NOT-FOR-US: VMware Server
-CVE-2010-1136 (The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 ...)
+CVE-2010-1136
 	- tikiwiki <removed>
-CVE-2010-1135 (The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does ...)
+CVE-2010-1135
 	- tikiwiki <removed>
-CVE-2010-1134 (SQL injection vulnerability in the _find function in searchlib.php in ...)
+CVE-2010-1134
 	- tikiwiki <removed>
-CVE-2010-1133 (Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x ...)
+CVE-2010-1133
 	- tikiwiki <removed>
-CVE-2010-1131 (JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, ...)
+CVE-2010-1131
 	NOTE: browser crashes are not considered security-relevant
-CVE-2010-1130 (session.c in the session extension in PHP before 5.2.13, and 5.3.1, ...)
+CVE-2010-1130
 	- php5 5.3.2-1 (unimportant)
 	NOTE: open_basedir not supported
-CVE-2010-1129 (The safe_mode implementation in PHP before 5.2.13 does not properly ...)
+CVE-2010-1129
 	- php5 5.3.2-1 (unimportant)
 	NOTE: safe_mode not supported
-CVE-2010-1128 (The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not ...)
+CVE-2010-1128
 	{DSA-2195-1}
 	- php5 5.3.2-1 (low)
-CVE-2010-1127 (Microsoft Internet Explorer 6 and 7 does not initialize certain data ...)
+CVE-2010-1127
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1126 (The JavaScript implementation in WebKit allows remote attackers to ...)
+CVE-2010-1126
 	- webkit <not-affected> (proof-of-concept not effective; windows-only?)
-CVE-2010-1125 (The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and ...)
+CVE-2010-1125
 	- xulrunner <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2)
 	NOTE: Description is wrong, only affects Firefox 3.6 per https://bugzilla.mozilla.org/show_bug.cgi?id=552255
-CVE-2010-1124 (bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading ...)
+CVE-2010-1124
 	NOT-FOR-US: IBM AIX
-CVE-2010-1123 (Chip Salzenberg Deliver does not properly associate a lockfile with ...)
+CVE-2010-1123
 	- deliver <removed>
-CVE-2010-2445 (freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read ...)
+CVE-2010-2445
 	- freeciv 2.2.1-1 (low; bug #584589)
 	[lenny] - freeciv <no-dsa> (Minor issue)
 	NOTE: http://gna.org/bugs/?15624
@@ -10878,259 +10878,259 @@ CVE-2010-2446 [Rbot Owner Reaction Command Execution]
 	- rbot 0.9.14-2 (bug #575286)
 	[lenny] - rbot <not-affected> ("reaction" plugin not present in 0.9.10)
 	[etch] - rbot <not-affected> ("reaction" plugin not present in 0.9.10)
-CVE-2010-1122 (Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 ...)
+CVE-2010-1122
 	- xulrunner <not-affected> (Only affects the Firefox 3.6 branch)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=552216
-CVE-2010-1121 (Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes ...)
+CVE-2010-1121
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-1120 (Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows ...)
+CVE-2010-1120
 	NOT-FOR-US: Apple Type Services
-CVE-2010-1119 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
+CVE-2010-1119
 	- webkit 1.2.1-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=33850
 	NOTE: http://trac.webkit.org/changeset/53501
 	NOTE: http://trac.webkit.org/changeset/53504
-CVE-2010-1118 (Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows ...)
+CVE-2010-1118
 	NOT-FOR-US: Internet Explorer
-CVE-2010-1117 (Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows ...)
+CVE-2010-1117
 	NOT-FOR-US: Internet Explorer
-CVE-2010-1116 (LookMer Music Portal stores sensitive information under the web root ...)
+CVE-2010-1116
 	NOT-FOR-US: LookMer Music Portal
-CVE-2010-1115 (Directory traversal vulnerability in news/include/customize.php in Web ...)
+CVE-2010-1115
 	NOT-FOR-US: Web Server Creator - Web Portal
-CVE-2010-1114 (Multiple PHP remote file inclusion vulnerabilities in Web Server ...)
+CVE-2010-1114
 	NOT-FOR-US: Web Server Creator - Web Portal
-CVE-2010-1113 (Cross-site scripting (XSS) vulnerability in the forum page in Web ...)
+CVE-2010-1113
 	NOT-FOR-US: Web Server Creator - Web Portal
-CVE-2010-1112 (Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 ...)
+CVE-2010-1112
 	NOT-FOR-US: KloNews
-CVE-2010-1111 (Multiple cross-site scripting (XSS) vulnerabilities in Jokes Complete ...)
+CVE-2010-1111
 	NOT-FOR-US: Jokes Complete Website
-CVE-2010-1110 (Directory traversal vulnerability in index.php in phpMySport 1.4 ...)
+CVE-2010-1110
 	NOT-FOR-US: phpMySport
-CVE-2010-1109 (Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, ...)
+CVE-2010-1109
 	NOT-FOR-US: phpMySport
-CVE-2010-1108 (Cross-site scripting (XSS) vulnerability in the Control Panel module ...)
+CVE-2010-1108
 	NOT-FOR-US: third-party Drupal module
-CVE-2010-1107 (Cross-site scripting (XSS) vulnerability in the Recent Comments module ...)
+CVE-2010-1107
 	NOT-FOR-US: third-party Drupal module
-CVE-2010-1106 (PHP remote file inclusion vulnerability in cgi/index.php in ...)
+CVE-2010-1106
 	NOT-FOR-US: AdvertisementManager
-CVE-2010-1105 (Cross-site scripting (XSS) vulnerability in cgi/index.php in ...)
+CVE-2010-1105
 	NOT-FOR-US: AdvertisementManager
-CVE-2010-1103 (Integer overflow in Stainless allows remote attackers to bypass ...)
+CVE-2010-1103
 	NOT-FOR-US: Stainless
-CVE-2010-1102 (Integer overflow in OmniWeb allows remote attackers to bypass intended ...)
+CVE-2010-1102
 	NOT-FOR-US: OmniWeb
-CVE-2010-1101 (Integer overflow in Alexander Clauss iCab allows remote attackers to ...)
+CVE-2010-1101
 	NOT-FOR-US: Alexander Clauss iCab
-CVE-2010-1100 (Integer overflow in Arora allows remote attackers to bypass intended ...)
+CVE-2010-1100
 	- arora <not-affected> (Advisory is wrong, URL range is protected by QUrl)
-CVE-2010-1099 (Integer overflow in Apple Safari allows remote attackers to bypass ...)
+CVE-2010-1099
 	NOT-FOR-US: Apple Safari
-CVE-2010-1098 (The ANI parser in Microsoft Windows before 7 on the x86 platform, as ...)
+CVE-2010-1098
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1097 (include/userlogin.class.php in DeDeCMS 5.5 GBK, when ...)
+CVE-2010-1097
 	NOT-FOR-US: DeDeCMS
-CVE-2010-1096 (Multiple SQL injection vulnerabilities in searchmatch.php in ...)
+CVE-2010-1096
 	NOT-FOR-US: ScriptsFeed Dating Software
-CVE-2010-1095 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-1095
 	NOT-FOR-US: Tracking Requirements & Use Cases
-CVE-2010-1094 (SQL injection vulnerability in news.php in DZ EROTIK Auktionshaus ...)
+CVE-2010-1094
 	NOT-FOR-US: Auktionshaus V4rgo
-CVE-2010-1093 (SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when ...)
+CVE-2010-1093
 	NOT-FOR-US: 1024 CMS
-CVE-2010-1092 (Multiple SQL injection vulnerabilities in login.php in ScriptsFeed ...)
+CVE-2010-1092
 	NOT-FOR-US: ScriptsFeed Business Directory
-CVE-2010-1091 (Multiple cross-site scripting (XSS) vulnerabilities in contact.php in ...)
+CVE-2010-1091
 	NOT-FOR-US: phpMySite
-CVE-2010-1090 (SQL injection vulnerability in index.php in phpMySite allows remote ...)
+CVE-2010-1090
 	NOT-FOR-US: phpMySite
-CVE-2010-1089 (SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 ...)
+CVE-2010-1089
 	NOT-FOR-US: PHP Trouble Ticket
-CVE-2010-1088 (fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always ...)
+CVE-2010-1088
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-10
-CVE-2010-1087 (The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel ...)
+CVE-2010-1087
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-9 (low)
-CVE-2010-1086 (The ULE decapsulation functionality in ...)
+CVE-2010-1086
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-10 (low)
-CVE-2010-1085 (The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 ...)
+CVE-2010-1085
 	- linux-2.6 2.6.32-9
 	[lenny] - linux-2.6 <not-affected> (affected call not present)
-CVE-2010-1084 (Linux kernel 2.6.18 through 2.6.33, and possibly other versions, ...)
+CVE-2010-1084
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-11
-CVE-2010-1083 (The processcompl_compat function in drivers/usb/core/devio.c in Linux ...)
+CVE-2010-1083
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-9
-CVE-2010-1082 (Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when ...)
+CVE-2010-1082
 	NOT-FOR-US: OI.Blogs
-CVE-2010-1081 (Directory traversal vulnerability in the Community Polls ...)
+CVE-2010-1081
 	NOT-FOR-US: com_communitypolls component for Joomla!
-CVE-2010-1080 (Cross-site scripting (XSS) vulnerability in view.php in Pulse CMS ...)
+CVE-2010-1080
 	NOT-FOR-US: Pulse CMS
-CVE-2010-1079 (Cross-site scripting (XSS) vulnerability in Sawmill before 7.2.18 ...)
+CVE-2010-1079
 	NOT-FOR-US: Sawmill
-CVE-2010-1078 (SQL injection vulnerability in archive.php in XlentProjects SphereCMS ...)
+CVE-2010-1078
 	NOT-FOR-US: Xlent Projects SphereCMS
-CVE-2010-1077 (Directory traversal vulnerability in vbseo.php in Crawlability vBSEO ...)
+CVE-2010-1077
 	NOT-FOR-US: Crawlability vBSEO plugin for vBulletin
-CVE-2010-1076 (Cross-site scripting (XSS) vulnerability in index.php in Entry Level ...)
+CVE-2010-1076
 	NOT-FOR-US: Entry Level CMS
-CVE-2010-1075 (SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) ...)
+CVE-2010-1075
 	NOT-FOR-US: Entry Level CMS
-CVE-2010-1074 (Cross-site scripting (XSS) vulnerability in the Currency Exchange ...)
+CVE-2010-1074
 	NOT-FOR-US: Currency Exchange module for Drupal
-CVE-2010-1073 (SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) ...)
+CVE-2010-1073
 	NOT-FOR-US: com_jembed component for Joomla!
-CVE-2010-1072 (Cross-site scripting (XSS) vulnerability in search.php in Sniggabo CMS ...)
+CVE-2010-1072
 	NOT-FOR-US: Sniggabo CMS
-CVE-2010-1071 (SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows ...)
+CVE-2010-1071
 	NOT-FOR-US: phpMDJ
-CVE-2010-1070 (SQL injection vulnerability in index.php in ImagoScripts Deviant Art ...)
+CVE-2010-1070
 	NOT-FOR-US: ImagoScripts
-CVE-2010-1069 (SQL injection vulnerability in games/game.php in ProArcadeScript ...)
+CVE-2010-1069
 	NOT-FOR-US: ProArcadeScript
-CVE-2010-1068 (Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi ...)
+CVE-2010-1068
 	NOT-FOR-US: NetWin SurgeFTP
-CVE-2010-1067 (E-membres 1.0 stores sensitive information under the web root with ...)
+CVE-2010-1067
 	NOT-FOR-US: E-membres
-CVE-2010-1066 (AR Web Content Manager (AWCM) 2.1 stores sensitive information under ...)
+CVE-2010-1066
 	NOT-FOR-US: AR Web Content Manager
-CVE-2010-1065 (Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information ...)
+CVE-2010-1065
 	NOT-FOR-US: Lebisoft Ziparetci Defteri
-CVE-2010-1064 (Erolife AjxGaleri VT stores sensitive information under the web root ...)
+CVE-2010-1064
 	NOT-FOR-US: Erolife AjxGaleri VT
-CVE-2010-1063 (Multiple directory traversal vulnerabilities in Phpkobo Free Real ...)
+CVE-2010-1063
 	NOT-FOR-US: Phpkobo Free Real Estate Contact Form
-CVE-2010-1062 (Directory traversal vulnerability in codelib/sys/common.inc.php in ...)
+CVE-2010-1062
 	NOT-FOR-US: Phpkobo Free Real Estate Contact Form
-CVE-2010-1061 (Multiple directory traversal vulnerabilities in Phpkobo Short URL ...)
+CVE-2010-1061
 	NOT-FOR-US: Phpkbo Short URL
-CVE-2010-1060 (Directory traversal vulnerability in staff/app/common.inc.php in ...)
+CVE-2010-1060
 	NOT-FOR-US: Phpkobo Short URL
-CVE-2010-1059 (Directory traversal vulnerability in staff/app/common.inc.php in ...)
+CVE-2010-1059
 	NOT-FOR-US: Phpkobo Address Book Script
-CVE-2010-1058 (Directory traversal vulnerability in codelib/cfg/common.inc.php in ...)
+CVE-2010-1058
 	NOT-FOR-US: Phpkobo Adress Book Script
-CVE-2010-1057 (Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka ...)
+CVE-2010-1057
 	NOT-FOR-US: Phpkobo AdFreely
-CVE-2010-1056 (Directory traversal vulnerability in the RokDownloads ...)
+CVE-2010-1056
 	NOT-FOR-US: com_rokdownloads component for Joomla!
-CVE-2010-1055 (Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and ...)
+CVE-2010-1055
 	NOT-FOR-US: osDate
-CVE-2010-1054 (Multiple SQL injection vulnerabilities in ParsCMS allow remote ...)
+CVE-2010-1054
 	NOT-FOR-US: ParsCMS
-CVE-2010-1053 (Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and ...)
+CVE-2010-1053
 	NOT-FOR-US: Zen Time Tracking
-CVE-2010-1052 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-1052
 	NOT-FOR-US: AudiStat
-CVE-2010-1051 (Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 ...)
+CVE-2010-1051
 	NOT-FOR-US: AudiStat
-CVE-2010-1050 (SQL injection vulnerability in index.php in AudiStat 1.3 allows remote ...)
+CVE-2010-1050
 	NOT-FOR-US: AudiStat
-CVE-2010-1049 (Multiple SQL injection vulnerabilities in Uiga Business Portal allow ...)
+CVE-2010-1049
 	NOT-FOR-US: Uiga Business Portal
-CVE-2010-1048 (Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga ...)
+CVE-2010-1048
 	NOT-FOR-US: Uiga Business Portal
-CVE-2010-1047 (SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and ...)
+CVE-2010-1047
 	NOT-FOR-US: MASA2EL Music City
-CVE-2010-1046 (Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 ...)
+CVE-2010-1046
 	NOT-FOR-US: Rostermain
-CVE-2010-1045 (SQL injection vulnerability in the Productbook (com_productbook) ...)
+CVE-2010-1045
 	NOT-FOR-US: com_productbook component for Joomla!
-CVE-2010-1044 (SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 ...)
+CVE-2010-1044
 	NOT-FOR-US: ManageEngine OpUtils
-CVE-2010-1043 (Directory traversal vulnerability in index.php in jaxCMS 1.0 allows ...)
+CVE-2010-1043
 	NOT-FOR-US: jaxCMS
-CVE-2010-1042 (Microsoft Windows Media Player 11 does not properly perform colorspace ...)
+CVE-2010-1042
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-1041 (Unspecified vulnerability in the single sign-on functionality in the ...)
+CVE-2010-1041
 	NOT-FOR-US: IBM DB2 Content Manager Toolkit
-CVE-2010-1040 (The &quot;IP address range limitation&quot; function in OpenPNE 1.6 through 1.8, ...)
+CVE-2010-1040
 	NOT-FOR-US: OpenPNE
-CVE-2010-1039 (Format string vulnerability in the _msgout function in rpc.pcnfsd in ...)
+CVE-2010-1039
 	NOT-FOR-US: HP-UX
-CVE-2010-1038 (Unspecified vulnerability in HP System Insight Manager before 6.0 ...)
+CVE-2010-1038
 	NOT-FOR-US: HP System Insight Manager
-CVE-2010-1037 (Cross-site request forgery (CSRF) vulnerability in HP System Insight ...)
+CVE-2010-1037
 	NOT-FOR-US: HP System Insight Manager
-CVE-2010-1036 (Cross-site scripting (XSS) vulnerability in HP System Insight Manager ...)
+CVE-2010-1036
 	NOT-FOR-US: hP System Insight Manager
-CVE-2010-1035 (Multiple unspecified vulnerabilities in HP Virtual Machine Manager ...)
+CVE-2010-1035
 	NOT-FOR-US: HP Virtual Machine Manager
-CVE-2010-1034 (Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 ...)
+CVE-2010-1034
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-1033 (Multiple stack-based buffer overflows in a certain Tetradyne ActiveX ...)
+CVE-2010-1033
 	NOT-FOR-US: HP Operations Manager
-CVE-2010-1032 (Unspecified vulnerability in HP HP-UX B.11.11 allows local users to ...)
+CVE-2010-1032
 	NOT-FOR-US: HP-UX
-CVE-2010-1031 (Unspecified vulnerability in HP Insight Control for Linux (aka ...)
+CVE-2010-1031
 	NOT-FOR-US: HP Insight Control
-CVE-2010-1030 (Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules ...)
+CVE-2010-1030
 	NOT-FOR-US: HP-UX
-CVE-2010-1029 (Stack consumption vulnerability in the WebCore::CSSSelector function ...)
+CVE-2010-1029
 	- webkit <not-affected> (proof-of-concept not effective)
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2010-1027 (SQL injection vulnerability in the Meet Travelmates (travelmate) ...)
+CVE-2010-1027
 	NOT-FOR-US: travelmate extension for typo3
-CVE-2010-1026 (SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) ...)
+CVE-2010-1026
 	NOT-FOR-US: tmsw_cleandb extension for typo3
-CVE-2010-1025 (Cross-site scripting (XSS) vulnerability in the TGM-Newsletter ...)
+CVE-2010-1025
 	NOT-FOR-US: tgm_newsletter extension for typo3
-CVE-2010-1024 (SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) ...)
+CVE-2010-1024
 	NOT-FOR-US: tgm_newsletter extension for typo3
-CVE-2010-1023 (Cross-site scripting (XSS) vulnerability in the UserTask Center, ...)
+CVE-2010-1023
 	NOT-FOR-US: taskcenter_recent extension for typo3
-CVE-2010-1022 (The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) ...)
+CVE-2010-1022
 	NOT-FOR-US: t3sec_saltedpw extension for typo3
-CVE-2010-1021 (Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer ...)
+CVE-2010-1021
 	NOT-FOR-US: t3quixplorer extension for typo3
-CVE-2010-1020 (Cross-site scripting (XSS) vulnerability in the Simple Gallery ...)
+CVE-2010-1020
 	NOT-FOR-US: sk_simplegallery extension for typo3
-CVE-2010-1019 (SQL injection vulnerability in the Simple Gallery (sk_simplegallery) ...)
+CVE-2010-1019
 	NOT-FOR-US: sk_simplegallery extension for typo3
-CVE-2010-1018 (SQL injection vulnerability in the Book Reviews (sk_bookreview) ...)
+CVE-2010-1018
 	NOT-FOR-US: sk_bookreview extension for typo3
-CVE-2010-1017 (SQL injection vulnerability in the SAV Filter Months ...)
+CVE-2010-1017
 	NOT-FOR-US: sav_filter_months extension for typo3
-CVE-2010-1016 (SQL injection vulnerability in the SAV Filter Selectors ...)
+CVE-2010-1016
 	NOT-FOR-US: sav_filter_selectors extension for typo3
-CVE-2010-1015 (SQL injection vulnerability in the SAV Filter Alphabetic ...)
+CVE-2010-1015
 	NOT-FOR-US: sav_filter_abc extension for typo3
-CVE-2010-1014 (Cross-site scripting (XSS) vulnerability in the Reports Logfile View ...)
+CVE-2010-1014
 	NOT-FOR-US: reports_logview extension for typo3
-CVE-2010-1013 (SQL injection vulnerability in the Diocese of Portsmouth Database ...)
+CVE-2010-1013
 	NOT-FOR-US: pd_diocesedatabase extension for typo3
-CVE-2010-1012 (SQL injection vulnerability in the CleanDB (nf_cleandb) extension ...)
+CVE-2010-1012
 	NOT-FOR-US: nf_cleandb extension for typo3
-CVE-2010-1011 (Cross-site scripting (XSS) vulnerability in the myDashboard ...)
+CVE-2010-1011
 	NOT-FOR-US: mydashboard extension for typo3
-CVE-2010-1010 (SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) ...)
+CVE-2010-1010
 	NOT-FOR-US: mk_wastebasket extension for typo3
-CVE-2010-1009 (SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 ...)
+CVE-2010-1009
 	NOT-FOR-US: educator extension for typo3
-CVE-2010-1008 (Cross-site scripting (XSS) vulnerability in the Sellector.com Widget ...)
+CVE-2010-1008
 	NOT-FOR-US: chsellector extension for typo3
-CVE-2010-1007 (Unspecified vulnerability in the Power Extension Manager (ch_lightem) ...)
+CVE-2010-1007
 	NOT-FOR-US: ch_lightem extension for typo3
-CVE-2010-1006 (SQL injection vulnerability in the Brainstorming extension 0.1.8 and ...)
+CVE-2010-1006
 	NOT-FOR-US: brainstorming extension for typo3
-CVE-2010-1005 (Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 ...)
+CVE-2010-1005
 	NOT-FOR-US: yatse extension for typo3
-CVE-2010-1004 (SQL injection vulnerability in the Yet another TYPO3 search engine ...)
+CVE-2010-1004
 	NOT-FOR-US: yatse extension for typo3
 CVE-2010-XXXX [phpCAS XSS in final_uri; PHPCAS-52]
 	- libphp-cas <itp> (bug #495542)
 	- glpi 0.72.4-2 (bug #574760; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: http://www.ja-sig.org/issues/browse/PHPCAS-52
-CVE-2010-1028 (Integer overflow in the decompression functionality in the Web Open ...)
+CVE-2010-1028
 	- xulrunner <not-affected> (vulnerability introduced in firefox 3.6)
 	- iceape <not-affected> (Vulnerable code not present)
 	- calibre 2.38.0+dfsg-1 (bug #787085)
@@ -11141,93 +11141,93 @@ CVE-2010-XXXX [Escape href attribute in auto links]
 	- redmine 0.9.3-3
 CVE-2010-XXXX [Fixes permission check in QueriesController]
 	- redmine 0.9.3-3
-CVE-2010-1003 (Directory traversal vulnerability in ...)
+CVE-2010-1003
 	NOT-FOR-US: eFront-learning
 CVE-2010-1002
 	RESERVED
 CVE-2010-1001
 	RESERVED
-CVE-2010-1000 (Directory traversal vulnerability in KGet in KDE SC 4.0.0 through ...)
+CVE-2010-1000
 	- kdenetwork 4:4.4.3-2
 	[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
 	NOTE: http://seclists.org/fulldisclosure/2010/May/165
-CVE-2010-0999 (Directory traversal vulnerability in Free Download Manager (FDM) ...)
+CVE-2010-0999
 	NOT-FOR-US: Free Download Manager
-CVE-2010-0998 (Multiple stack-based buffer overflows in Free Download Manager (FDM) ...)
+CVE-2010-0998
 	NOT-FOR-US: Free Download Manager
-CVE-2010-0997 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-0997
 	NOT-FOR-US: e107
-CVE-2010-0996 (Unrestricted file upload vulnerability in e107 before 0.7.20 allows ...)
+CVE-2010-0996
 	NOT-FOR-US: e107
-CVE-2010-0995 (Stack-based buffer overflow in Internet Download Manager (IDM) before ...)
+CVE-2010-0995
 	NOT-FOR-US: Internet Download Manager
-CVE-2010-0994 (Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library ...)
+CVE-2010-0994
 	NOT-FOR-US: Visualization Library
-CVE-2010-0993 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and ...)
+CVE-2010-0993
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-0992 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse ...)
+CVE-2010-0992
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-0991 (Multiple heap-based buffer overflows in imlib2 1.4.3 allow ...)
+CVE-2010-0991
 	- imlib2 <not-affected> (vulnerable code introduced in 1.4.3)
-CVE-2010-0990 (Stack-based buffer overflow in Creative Software AutoUpdate Engine ...)
+CVE-2010-0990
 	NOT-FOR-US: Creative Software AutoUpdate
-CVE-2010-0989 (Directory traversal vulnerability in delete.php in Pulse CMS before ...)
+CVE-2010-0989
 	NOT-FOR-US: Pulse CMS
-CVE-2010-0988 (Multiple unspecified vulnerabilities in Pulse CMS before 1.2.3 allow ...)
+CVE-2010-0988
 	NOT-FOR-US: Pulse CMS
-CVE-2010-0987 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 ...)
+CVE-2010-0987
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0986 (Adobe Shockwave Player before 11.5.7.609 does not properly process ...)
+CVE-2010-0986
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-XXXX [dojo can be used as a redirector]
 	- dojo 1.4.2+dfsg-1 (low)
 	NOTE: http://web.archive.org/web/20101029020014/http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/
 	NOTE: http://bugs.dojotoolkit.org/ticket/10773
-CVE-2010-0985 (Directory traversal vulnerability in the Abbreviations Manager ...)
+CVE-2010-0985
 	NOT-FOR-US: com_abbrev component for Joomla!
-CVE-2010-0984 (Acidcat CMS 3.5.3 and earlier stores sensitive information under the ...)
+CVE-2010-0984
 	NOT-FOR-US: Acidcat CMS
-CVE-2010-0983 (PHP remote file inclusion vulnerability in include/mail.inc.php in ...)
+CVE-2010-0983
 	NOT-FOR-US: Rezervi
-CVE-2010-0982 (Directory traversal vulnerability in the CARTwebERP (com_cartweberp) ...)
+CVE-2010-0982
 	NOT-FOR-US: com_cartweberp component for Joomla!
-CVE-2010-0981 (SQL injection vulnerability in the TPJobs (com_tpjobs) component for ...)
+CVE-2010-0981
 	NOT-FOR-US: com_tpjobs component for Joomla!
-CVE-2010-0980 (SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats ...)
+CVE-2010-0980
 	NOT-FOR-US: Left 4 Dead Stats
-CVE-2010-0979 (Cross-site scripting (XSS) vulnerability in display.php in ...)
+CVE-2010-0979
 	NOT-FOR-US: Obsession-Design Image-Gallery
-CVE-2010-0978 (KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under ...)
+CVE-2010-0978
 	NOT-FOR-US: KMSoft Guestbook
-CVE-2010-0977 (PD PORTAL 4.0 stores sensitive information under the web root with ...)
+CVE-2010-0977
 	NOT-FOR-US: PD PORTAL
-CVE-2010-0976 (Acidcat CMS 3.5.x does not prevent access to install.asp after ...)
+CVE-2010-0976
 	NOT-FOR-US: Acidcat CMS
-CVE-2010-0975 (PHP remote file inclusion vulnerability in external.php in ...)
+CVE-2010-0975
 	NOT-FOR-US: PHPCityPortal
-CVE-2010-0974 (Multiple SQL injection vulnerabilities in PHPCityPortal allow remote ...)
+CVE-2010-0974
 	NOT-FOR-US: PHPCityPortal
-CVE-2010-0973 (SQL injection vulnerability in index.php in phppool media Domain ...)
+CVE-2010-0973
 	NOT-FOR-US: phppool Media Domain Verkaus and Auktions Portal
-CVE-2010-0972 (Directory traversal vulnerability in the GCalendar (com_gcalendar) ...)
+CVE-2010-0972
 	NOT-FOR-US: com_gcalendar component for Joomla!
-CVE-2010-0971 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 ...)
+CVE-2010-0971
 	NOT-FOR-US: ATutor CMS
-CVE-2010-0970 (SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows ...)
+CVE-2010-0970
 	NOT-FOR-US: PhpMyLogon
-CVE-2010-0968 (SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 ...)
+CVE-2010-0968
 	NOT-FOR-US: Geekhelps ADMP
-CVE-2010-0967 (Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, ...)
+CVE-2010-0967
 	NOT-FOR-US: Geekhelps ADMP
-CVE-2010-0966 (PHP remote file inclusion vulnerability in inc/config.php in deV!L`z ...)
+CVE-2010-0966
 	NOT-FOR-US: deV!L`z Clanportal
-CVE-2010-0965 (Jevci Siparis Formu Scripti stores sensitive information under the web ...)
+CVE-2010-0965
 	NOT-FOR-US: Jevci Siparis Formu Scripti
-CVE-2010-0964 (SQL injection vulnerability in start.php in Eros Webkatalog allows ...)
+CVE-2010-0964
 	NOT-FOR-US: Eros Webkatalog
-CVE-2010-0963 (Cross-site scripting (XSS) vulnerability in index.php in dl Download ...)
+CVE-2010-0963
 	NOT-FOR-US: dl Download Ticket Service
-CVE-2010-1195 (Cross-site scripting (XSS) vulnerability in the htmlscrubber component ...)
+CVE-2010-1195
 	{DSA-2020-1}
 	- ikiwiki 3.20100312 (low)
 CVE-2010-0747 [linux-2.6 drbd connector issue]
@@ -11236,353 +11236,353 @@ CVE-2010-0747 [linux-2.6 drbd connector issue]
 	- linux-2.6 <not-affected> (drbd introduced for the first time in 2.6.32-12, which included the fix for this issue, so no supported debian kernel was ever affected)
 	- drbd8 2:8.3.7-1
 	[lenny] - drbd8 2:8.0.14-2+lenny1
-CVE-2010-0969 (Unbound before 1.4.3 does not properly align structures on 64-bit ...)
+CVE-2010-0969
 	- unbound 1.4.3-1
 	[lenny] - unbound <not-affected> (Vulnerable code not present)
 CVE-2010-XXXX [moin: hierarchical ACLs security issue]
 	- moin 1.8.4-1 (low)
 	[lenny] - moin 1.7.1-3+lenny3
 	NOTE: http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2
-CVE-2010-0962 (The FTP proxy server in Apple AirPort Express, AirPort Extreme, and ...)
+CVE-2010-0962
 	NOT-FOR-US: Apple
-CVE-2010-0961 (Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and ...)
+CVE-2010-0961
 	NOT-FOR-US: IBM AIX and VIOS
-CVE-2010-0960 (Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and ...)
+CVE-2010-0960
 	NOT-FOR-US: IBM AIX and VIOS
-CVE-2010-0959 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-0959
 	NOT-FOR-US: IBM ENOVIA SmarTeam
-CVE-2010-0958 (Directory traversal vulnerability in modules/hayoo/index.php in ...)
+CVE-2010-0958
 	NOT-FOR-US: Tribisur
-CVE-2010-0957 (Directory traversal vulnerability in content.php in Saskia's ...)
+CVE-2010-0957
 	NOT-FOR-US: Saskia's Shopsystem
-CVE-2010-0956 (SQL injection vulnerability in index.php in OpenCart 1.3.2 allows ...)
+CVE-2010-0956
 	NOT-FOR-US: OpenCart
-CVE-2010-0955 (SQL injection vulnerability in index.php in Bild Flirt Community 2.0 ...)
+CVE-2010-0955
 	NOT-FOR-US: Bild Flirt Community
-CVE-2010-0954 (SQL injection vulnerability in search_result.asp in Pre Projects Pre ...)
+CVE-2010-0954
 	NOT-FOR-US: Pre Projects Pre E-Learning Portal
-CVE-2010-0953 (Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows ...)
+CVE-2010-0953
 	NOT-FOR-US: phpCOIN
-CVE-2010-0952 (SQL injection vulnerability in index.php in OneCMS 2.5, when ...)
+CVE-2010-0952
 	NOT-FOR-US: OneCMS
-CVE-2010-0951 (SQL injection vulnerability in go_target.php in dev4u CMS allows ...)
+CVE-2010-0951
 	NOT-FOR-US: dev4u CMS
-CVE-2010-0950 (Multiple SQL injection vulnerabilities in Natychmiast CMS allow remote ...)
+CVE-2010-0950
 	NOT-FOR-US: Natychmiast CMS
-CVE-2010-0949 (Multiple cross-site scripting (XSS) vulnerabilities in Natychmiast CMS ...)
+CVE-2010-0949
 	NOT-FOR-US: Natychmiast CMS
-CVE-2010-0948 (SQL injection vulnerability in profil.php in Bigforum 4.5, when ...)
+CVE-2010-0948
 	NOT-FOR-US: Bigforum
-CVE-2010-0947 (Cross-site scripting (XSS) vulnerability in post.aspx in Max Network ...)
+CVE-2010-0947
 	NOT-FOR-US: BBSMAX
-CVE-2010-1132 (The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter ...)
+CVE-2010-1132
 	{DSA-2021-2 DSA-2021-1}
 	- spamass-milter 0.3.1-9 (bug #573228)
 	[lenny] - spamass-milter 0.3.1-8+lenny1
-CVE-2010-1189 (MediaWiki before 1.15.2 does not prevent wiki editors from linking to ...)
+CVE-2010-1189
 	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 	[lenny] - mediawiki 1:1.12.0-2lenny4
-CVE-2010-1190 (thumb.php in MediaWiki before 1.15.2, when used with ...)
+CVE-2010-1190
 	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	[lenny] - mediawiki 1:1.12.0-2lenny4
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
-CVE-2010-0946 (SQL injection vulnerability in the Keep It Simple Stupid (KISS) ...)
+CVE-2010-0946
 	NOT-FOR-US: com_ksadvertiser component for Joomla!
-CVE-2010-0945 (SQL injection vulnerability in the HotBrackets Tournament Brackets ...)
+CVE-2010-0945
 	NOT-FOR-US: com_hotbrackets component for Joomla!
-CVE-2010-0944 (Directory traversal vulnerability in the JCollection (com_jcollection) ...)
+CVE-2010-0944
 	NOT-FOR-US: com_jcollection component for Joomla!
-CVE-2010-0943 (Directory traversal vulnerability in the JA Showcase (com_jashowcase) ...)
+CVE-2010-0943
 	NOT-FOR-US: com_jashowcase component for Joomla!
-CVE-2010-0942 (Directory traversal vulnerability in the jVideoDirect ...)
+CVE-2010-0942
 	NOT-FOR-US: com_jvideodirect component for Joomla!
-CVE-2010-0941 (Multiple cross-site scripting (XSS) vulnerabilities in eTek Systems ...)
+CVE-2010-0941
 	NOT-FOR-US: eTek Systems Hit Counter
-CVE-2010-0940 (Cross-site scripting (XSS) vulnerability in guestbook.php in Simple ...)
+CVE-2010-0940
 	NOT-FOR-US: Simple PHP Guestbook
-CVE-2010-0939 (Visialis ABB Forum 1.1 stores sensitive information under the web root ...)
+CVE-2010-0939
 	NOT-FOR-US: Visialis ABB Forum
-CVE-2010-0938 (Cross-site scripting (XSS) vulnerability in todooforum.php in Todoo ...)
+CVE-2010-0938
 	NOT-FOR-US: Todoo Forum
-CVE-2010-0937 (Multiple unspecified vulnerabilities in Visualization Library before ...)
+CVE-2010-0937
 	NOT-FOR-US: Visualization Library
-CVE-2010-0936 (Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK ...)
+CVE-2010-0936
 	NOT-FOR-US: D-LINK firmware
 CVE-2010-XXXX [phpbb 3.0.7 permissions bypass]
 	- phpbb3 3.0.7-PL1
 	[lenny] - phpbb3 <not-affected> (older version is in the archive)
 	[squeeze] - phpbb3 <not-affected> (older version is in the archive)
 	NOTE: http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195
-CVE-2010-0928 (OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx ...)
+CVE-2010-0928
 	- openssl <unfixed> (unimportant)
 	NOTE: http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf
 	NOTE: somewhat impractical right now, but the openssl developers are working
 	NOTE: on a fix just in case
-CVE-2010-0926 (The default configuration of smbd in Samba before 3.3.11, 3.4.x before ...)
+CVE-2010-0926
 	- samba 2:3.4.6~dfsg-1 (low; bug #568493; bug #572953)
 	[lenny] - samba <no-dsa> (Minor issue, patch breaks existing behaviour, can be fixed through configuration modifications)
-CVE-2010-0935 (Perforce Server 2009.2 and earlier, when the protection table is ...)
+CVE-2010-0935
 	NOT-FOR-US: Perforce Server
-CVE-2010-0934 (The triggers functionality in Perforce Server 2008.1 allows remote ...)
+CVE-2010-0934
 	NOT-FOR-US: Perforce Server
-CVE-2010-0933 (Directory traversal vulnerability in Perforce Server 2008.1 allows ...)
+CVE-2010-0933
 	NOT-FOR-US: Perforce Server
-CVE-2010-0932 (The FTP server in Perforce Server 2008.1 allows remote attackers to ...)
+CVE-2010-0932
 	NOT-FOR-US: Perforce Server
-CVE-2010-0931 (The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote ...)
+CVE-2010-0931
 	NOT-FOR-US: Perforce Server
-CVE-2010-0930 (The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote ...)
+CVE-2010-0930
 	NOT-FOR-US: Perforce Server
-CVE-2010-0929 (The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote ...)
+CVE-2010-0929
 	NOT-FOR-US: Perforce Server
-CVE-2010-0927 (Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in ...)
+CVE-2010-0927
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2010-0925 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 ...)
+CVE-2010-0925
 	NOT-FOR-US: Apple Safari
-CVE-2010-0924 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 ...)
+CVE-2010-0924
 	NOT-FOR-US: Apple Safari
-CVE-2010-0923 (Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner ...)
+CVE-2010-0923
 	- kdebase 4:4.4.2-1
 	[lenny] - kdebase <not-affected> (Only affected version 4.4.0)
 	- kdebase-workspace 4:4.4.2-1
-CVE-2010-0922 (Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP ...)
+CVE-2010-0922
 	NOT-FOR-US: IBM AIX
-CVE-2010-0921 (Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes ...)
+CVE-2010-0921
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0920 (Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka ...)
+CVE-2010-0920
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0919 (Stack-based buffer overflow in the Lotus Domino Web Access ActiveX ...)
+CVE-2010-0919
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0918 (Multiple unspecified vulnerabilities in the UltraLite functionality in ...)
+CVE-2010-0918
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0917 (Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, ...)
+CVE-2010-0917
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0916 (Unspecified vulnerability in Oracle OpenSolaris 10 allows local users ...)
+CVE-2010-0916
 	NOT-FOR-US: Solaris
-CVE-2010-0915 (Unspecified vulnerability in the Oracle Advanced Product Catalog ...)
+CVE-2010-0915
 	NOT-FOR-US: Oracle
-CVE-2010-0914 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
+CVE-2010-0914
 	NOT-FOR-US: Oracle
-CVE-2010-0913 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2010-0913
 	NOT-FOR-US: Oracle
-CVE-2010-0912 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2010-0912
 	NOT-FOR-US: Oracle
-CVE-2010-0911 (Unspecified vulnerability in the Listener component in Oracle Database ...)
+CVE-2010-0911
 	NOT-FOR-US: Oracle
-CVE-2010-0910 (Unspecified vulnerability in the Data Server component in Oracle ...)
+CVE-2010-0910
 	NOT-FOR-US: Oracle
-CVE-2010-0909 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2010-0909
 	NOT-FOR-US: Oracle
-CVE-2010-0908 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2010-0908
 	NOT-FOR-US: Oracle
-CVE-2010-0907 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+CVE-2010-0907
 	NOT-FOR-US: Oracle
-CVE-2010-0906 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+CVE-2010-0906
 	NOT-FOR-US: Oracle
-CVE-2010-0905 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2010-0905
 	NOT-FOR-US: Oracle
-CVE-2010-0904 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+CVE-2010-0904
 	NOT-FOR-US: Oracle
-CVE-2010-0903 (Unspecified vulnerability in the Net Foundation Layer component in ...)
+CVE-2010-0903
 	NOT-FOR-US: Oracle
-CVE-2010-0902 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2010-0902
 	NOT-FOR-US: Oracle
-CVE-2010-0901 (Unspecified vulnerability in the Export component in Oracle Database ...)
+CVE-2010-0901
 	NOT-FOR-US: Oracle
-CVE-2010-0900 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+CVE-2010-0900
 	NOT-FOR-US: Oracle
-CVE-2010-0899 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+CVE-2010-0899
 	NOT-FOR-US: Oracle
-CVE-2010-0898 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+CVE-2010-0898
 	NOT-FOR-US: Oracle
-CVE-2010-0897 (Unspecified vulnerability in the Sun Java System Directory Server ...)
+CVE-2010-0897
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2010-0896 (Unspecified vulnerability in the Sun Convergence component in Oracle ...)
+CVE-2010-0896
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0895 (Unspecified vulnerability in the Solaris component in Oracle Sun ...)
+CVE-2010-0895
 	NOT-FOR-US: OpenSolaris
-CVE-2010-0894 (Unspecified vulnerability in the Sun Java System Access Manager ...)
+CVE-2010-0894
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0893 (Unspecified vulnerability in the Sun Convergence component in Oracle ...)
+CVE-2010-0893
 	NOT-FOR-US: Oracle sun Product Suite
-CVE-2010-0892 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2010-0892
 	NOT-FOR-US: Oracle
-CVE-2010-0891 (Unspecified vulnerability in the Sun Management Center component in ...)
+CVE-2010-0891
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0890 (Unspecified vulnerability in the Solaris component in Oracle Sun ...)
+CVE-2010-0890
 	NOT-FOR-US: OpenSolaris
-CVE-2010-0889 (Unspecified vulnerability in the Solaris component in Oracle Sun ...)
+CVE-2010-0889
 	NOT-FOR-US: OpenSolaris
-CVE-2010-0888 (Unspecified vulnerability in the Sun Ray Server Software component in ...)
+CVE-2010-0888
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0887 (Unspecified vulnerability in the New Java Plug-in component in Oracle ...)
+CVE-2010-0887
 	- sun-java6 6.20-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0886 (Unspecified vulnerability in the Java Deployment Toolkit component in ...)
+CVE-2010-0886
 	- sun-java6 6.20-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0885 (Unspecified vulnerability in the Sun Java System Communications ...)
+CVE-2010-0885
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0884 (Unspecified vulnerability in the Sun Cluster component in Oracle Sun ...)
+CVE-2010-0884
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0883 (Unspecified vulnerability in the Sun Cluster component in Oracle Sun ...)
+CVE-2010-0883
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0882 (Unspecified vulnerability in the Solaris component in Oracle Sun ...)
+CVE-2010-0882
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0881 (Unspecified vulnerability in the User Interface Components in Oracle ...)
+CVE-2010-0881
 	NOT-FOR-US: Oracle Collaboration Suite
-CVE-2010-0880 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2010-0880
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0879 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2010-0879
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0878 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2010-0878
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0877 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
+CVE-2010-0877
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0876 (Unspecified vulnerability in the Life Sciences - Oracle Clinical ...)
+CVE-2010-0876
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0875 (Unspecified vulnerability in the Life Sciences - Oracle Thesaurus ...)
+CVE-2010-0875
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0874 (Unspecified vulnerability in the Communications - Oracle ...)
+CVE-2010-0874
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0873 (Unspecified vulnerability in the Data Server component in Oracle ...)
+CVE-2010-0873
 	NOT-FOR-US: Oracle
-CVE-2010-0872 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2010-0872
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0871 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2010-0871
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0870 (Unspecified vulnerability in the Change Data Capture component in ...)
+CVE-2010-0870
 	NOT-FOR-US: Oracle Database
-CVE-2010-0869 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2010-0869
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0868 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2010-0868
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0867 (Unspecified vulnerability in the JavaVM component in Oracle Database ...)
+CVE-2010-0867
 	NOT-FOR-US: Oracle Database
-CVE-2010-0866 (Unspecified vulnerability in the JavaVM component in Oracle Database ...)
+CVE-2010-0866
 	NOT-FOR-US: Oracle Database
-CVE-2010-0865 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+CVE-2010-0865
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0864 (Unspecified vulnerability in the Retail - Oracle Retail Place ...)
+CVE-2010-0864
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0863 (Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season ...)
+CVE-2010-0863
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0862 (Unspecified vulnerability in the Retail - Oracle Retail Markdown ...)
+CVE-2010-0862
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0861 (Unspecified vulnerability in the Oracle HRMS (Self Service) component ...)
+CVE-2010-0861
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0860 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2010-0860
 	NOT-FOR-US: Oracle Database
-CVE-2010-0859 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2010-0859
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0858 (Unspecified vulnerability in the E-Business Intelligence component in ...)
+CVE-2010-0858
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0857 (Unspecified vulnerability in the Oracle Workflow Cartridge component ...)
+CVE-2010-0857
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0856 (Unspecified vulnerability in the Portal component in Oracle Fusion ...)
+CVE-2010-0856
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0855 (Unspecified vulnerability in the Portal component in Oracle Fusion ...)
+CVE-2010-0855
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0854 (Unspecified vulnerability in the Audit component in Oracle Database ...)
+CVE-2010-0854
 	NOT-FOR-US: Oracle Database
-CVE-2010-0853 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2010-0853
 	NOT-FOR-US: Oracle Database
-CVE-2010-0852 (Unspecified vulnerability in the XML DB component in Oracle Database ...)
+CVE-2010-0852
 	NOT-FOR-US: Oracle Database
-CVE-2010-0851 (Unspecified vulnerability in the XML DB component in Oracle Database ...)
+CVE-2010-0851
 	NOT-FOR-US: Oracle Database
-CVE-2010-0850 (Unspecified vulnerability in the Java 2D component in Oracle Java SE ...)
+CVE-2010-0850
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0849 (Unspecified vulnerability in the Java 2D component in Oracle Java SE ...)
+CVE-2010-0849
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0848 (Unspecified vulnerability in the Java 2D component in Oracle Java SE ...)
+CVE-2010-0848
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0847 (Unspecified vulnerability in the Java 2D component in Oracle Java SE ...)
+CVE-2010-0847
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0846 (Unspecified vulnerability in the ImageIO component in Oracle Java SE ...)
+CVE-2010-0846
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0845 (Unspecified vulnerability in the HotSpot Server component in Oracle ...)
+CVE-2010-0845
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0844 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
+CVE-2010-0844
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0843 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
+CVE-2010-0843
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0842 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
+CVE-2010-0842
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0841 (Unspecified vulnerability in the ImageIO component in Oracle Java SE ...)
+CVE-2010-0841
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0840 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0840
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0839 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
+CVE-2010-0839
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0838 (Unspecified vulnerability in the Java 2D component in Oracle Java SE ...)
+CVE-2010-0838
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0837 (Unspecified vulnerability in the Pack200 component in Oracle Java SE ...)
+CVE-2010-0837
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0836 (Unspecified vulnerability in the Oracle Knowledge Management component ...)
+CVE-2010-0836
 	NOT-FOR-US: Oracle
-CVE-2010-0835 (Unspecified vulnerability in the Wireless component in Oracle Fusion ...)
+CVE-2010-0835
 	NOT-FOR-US: Oracle
-CVE-2010-0834 (The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before ...)
+CVE-2010-0834
 	- base-files <not-affected> (ubuntu-specific fix for their default OEM configuration on the Dell Latitude 2110, which permitted installation of unsigned packages)
-CVE-2010-0833 (The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build ...)
+CVE-2010-0833
 	NOT-FOR-US: Likewise
-CVE-2010-0832 (pam_motd (aka the MOTD module) in libpam-modules before ...)
+CVE-2010-0832
 	- pam <not-affected> (flaw in ubuntu-specific changes to the package)
-CVE-2010-0831 (Directory traversal vulnerability in the extract_jar function in ...)
+CVE-2010-0831
 	- fastjar 2:0.98-3 (low)
 	[lenny] - fastjar <no-dsa> (Minor issue)
-CVE-2010-0830 (Integer signedness error in the elf_get_dynamic_info function in ...)
+CVE-2010-0830
 	{DSA-2058-1}
 	- glibc 2.11-1
 	- eglibc 2.11-1
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5
-CVE-2010-0829 (Multiple array index errors in set.c in dvipng 1.11 and 1.12, and ...)
+CVE-2010-0829
 	{DSA-2048-1}
 	- dvipng 1.13-1 (low; bug #580628)
 	- texlive-bin <not-affected> (dvipng is not shipped in texlive-bin Debian packages)
-CVE-2010-0828 (Cross-site scripting (XSS) vulnerability in action/Despam.py in the ...)
+CVE-2010-0828
 	{DSA-2024-1}
 	- moin 1.9.2-3 (low; bug #575995)
-CVE-2010-0827 (Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, ...)
+CVE-2010-0827
 	- texlive-bin 2009-6 (low; bug #580669)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny3
-CVE-2010-0826 (The Free Software Foundation (FSF) Berkeley DB NSS module (aka ...)
+CVE-2010-0826
 	- libnss-db 2.2.3pre1-3.2 (low; bug #577057)
 	[squeeze] - libnss-db <no-dsa> (Minor issue)
 	[lenny] - libnss-db <no-dsa> (Minor issue)
-CVE-2010-0825 (lib-src/movemail.c in movemail in emacs 22 and 23 allows local users ...)
+CVE-2010-0825
 	- emacs21 <removed> (low)
 	[lenny] - emacs21 <no-dsa> (Minor issue)
 	NOTE: Only exploitable when configured as setgid mail, which isn't set by default
@@ -11602,11 +11602,11 @@ CVE-2010-2450 [shibboleth-sp2: world-readable key]
 	- shibboleth-sp2 2.3.1+dfsg-2 (low; bug #571631)
 	[lenny] - shibboleth-sp2 <no-dsa> (Minor issue)
 	- shibboleth-sp <not-affected> (Vulnerable code not present)
-CVE-2010-1192 (libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0' ...)
+CVE-2010-1192
 	- libesmtp 1.0.4-5 (bug #572960)
 	[lenny] - libesmtp <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/6
-CVE-2010-1193 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware Server ...)
+CVE-2010-1193
 	NOT-FOR-US: VMware Server
 CVE-2010-XXXX [argyll unsafe udev rules]
 	- argyll <not-affected> (issue with redhat-specific changes to the package)
@@ -11629,166 +11629,166 @@ CVE-2010-2250 [Installation cross site scripting]
 	- drupal6 6.18-1 (bug #592716)
 CVE-2010-XXXX [linux-ftpd: null ptr dereference]
 	- linux-ftpd <not-affected> (Performs proper length checks, see #572813)
-CVE-2010-0824 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
+CVE-2010-0824
 	NOT-FOR-US: Microsoft
-CVE-2010-0823 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 ...)
+CVE-2010-0823
 	NOT-FOR-US: Microsoft
-CVE-2010-0822 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office ...)
+CVE-2010-0822
 	NOT-FOR-US: Microsoft
-CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 ...)
+CVE-2010-0821
 	NOT-FOR-US: Microsoft
-CVE-2010-0820 (Heap-based buffer overflow in the Local Security Authority Subsystem ...)
+CVE-2010-0820
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0819 (Unspecified vulnerability in the Windows OpenType Compact Font Format ...)
+CVE-2010-0819
 	NOT-FOR-US: Microsoft
-CVE-2010-0818 (The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP ...)
+CVE-2010-0818
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
+CVE-2010-0817
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...)
+CVE-2010-0816
 	NOT-FOR-US: Microsoft Outlook Express, Windows Live Mail, and Windows Mail
-CVE-2010-0815 (VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft ...)
+CVE-2010-0815
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0814 (The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office ...)
+CVE-2010-0814
 	NOT-FOR-US: Microsoft
 CVE-2010-0813
 	REJECTED
-CVE-2010-0812 (Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, ...)
+CVE-2010-0812
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0811 (Multiple unspecified vulnerabilities in the Microsoft Internet ...)
+CVE-2010-0811
 	NOT-FOR-US: Microsoft
-CVE-2010-0810 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows ...)
+CVE-2010-0810
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-0809
 	REJECTED
-CVE-2010-0808 (Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not ...)
+CVE-2010-0808
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0807 (Microsoft Internet Explorer 7 does not properly handle objects in ...)
+CVE-2010-0807
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0806 (Use-after-free vulnerability in the Peer Objects component (aka ...)
+CVE-2010-0806
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0805 (The Tabular Data Control (TDC) ActiveX control in Microsoft Internet ...)
+CVE-2010-0805
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0804 (Cross-site scripting (XSS) vulnerability in index.php in iBoutique 4.0 ...)
+CVE-2010-0804
 	NOT-FOR-US: iBoutique
-CVE-2010-0803 (SQL injection vulnerability in the jVideoDirect (com_jvideodirect) ...)
+CVE-2010-0803
 	NOT-FOR-US: jVideoDirect
-CVE-2010-0802 (SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a ...)
+CVE-2010-0802
 	NOT-FOR-US: Invision Power Board
-CVE-2010-0801 (Directory traversal vulnerability in the AutartiTarot ...)
+CVE-2010-0801
 	NOT-FOR-US: Joomla!
-CVE-2010-0800 (SQL injection vulnerability in the Ossolution Team Documents Seller ...)
+CVE-2010-0800
 	NOT-FOR-US: Joomla!
-CVE-2010-0799 (Directory traversal vulnerability in misc/tell_a_friend/tell.php in ...)
+CVE-2010-0799
 	NOT-FOR-US: phpunity.newsmanager
-CVE-2010-0798 (SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier ...)
+CVE-2010-0798
 	NOT-FOR-US: T3BLOG extension for TYPO3
-CVE-2010-0797 (Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 ...)
+CVE-2010-0797
 	NOT-FOR-US: T3BLOG extension for TYPO3
-CVE-2010-0796 (SQL injection vulnerability in the JE Quiz (com_jequizmanagement) ...)
+CVE-2010-0796
 	NOT-FOR-US: Joomla!
-CVE-2010-0795 (SQL injection vulnerability in the JE Event Calendars ...)
+CVE-2010-0795
 	NOT-FOR-US: Joomla!
 CVE-2010-0794
 	RESERVED
-CVE-2010-0793 (Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to ...)
+CVE-2010-0793
 	{DSA-2049-1}
 	- barnowl 1.5.1-1 (bug #574418)
-CVE-2010-0792 (fcrontab in fcron before 3.0.5 allows local users to read arbitrary ...)
+CVE-2010-0792
 	- fcron <removed> (unimportant; bug #572587)
 	NOTE: On Debian runs suid/sgid fcron and the issue is limited to the exposure
 	NOTE: of the content of crontabs
-CVE-2010-0791 (The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs ...)
+CVE-2010-0791
 	- ncpfs 2.2.6-7 (bug #572937)
 	[lenny] - ncpfs <no-dsa> (Minor issue)
-CVE-2010-0790 (sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain ...)
+CVE-2010-0790
 	- ncpfs 2.2.6-7 (bug #572937)
 	[lenny] - ncpfs <no-dsa> (Minor issue)
-CVE-2010-0789 (fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local ...)
+CVE-2010-0789
 	{DSA-1989-1}
 	- fuse 2.8.1-1.2 (bug #567633)
 	NOTE: Initial DSA released as CVE-2009-3297
-CVE-2010-0788 (ncpfs 2.2.6 allows local users to cause a denial of service, obtain ...)
+CVE-2010-0788
 	- ncpfs 2.2.6-7 (bug #572937)
 	[lenny] - ncpfs <no-dsa> (Minor issue)
-CVE-2010-0787 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, ...)
+CVE-2010-0787
 	{DSA-2004-1}
 	- samba 2:3.4.5~dfsg-2 (bug #567554)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=6853
 	NOTE: Initial DSA released as CVE-2009-3297
-CVE-2010-0786 (The Web Services Security component in IBM WebSphere Application ...)
+CVE-2010-0786
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2010-0785 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
+CVE-2010-0785
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0784 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
+CVE-2010-0784
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0783 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
+CVE-2010-0783
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows ...)
+CVE-2010-0782
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM ...)
+CVE-2010-0781
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0780 (IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a ...)
+CVE-2010-0780
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0779 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2010-0779
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0778 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2010-0778
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0777 (The Web Container in IBM WebSphere Application Server (WAS) 6.0 before ...)
+CVE-2010-0777
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0776 (The Web Container in IBM WebSphere Application Server (WAS) 6.0 before ...)
+CVE-2010-0776
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0775 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2010-0775
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0774 (The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations ...)
+CVE-2010-0774
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2010-0773
 	RESERVED
-CVE-2010-0772 (Unspecified vulnerability in the channel process in IBM WebSphere MQ ...)
+CVE-2010-0772
 	NOT-FOR-US: IMB WebSphere MQ
 CVE-2010-0771
 	REJECTED
-CVE-2010-0770 (IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before ...)
+CVE-2010-0770
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0769 (IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before ...)
+CVE-2010-0769
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0768 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2010-0768
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2010-0767
 	RESERVED
-CVE-2010-0766 (Integer overflow in the Swap4 function in valet4.dll in Luxology Modo ...)
+CVE-2010-0766
 	NOT-FOR-US: Luxology Modo
-CVE-2010-0765 (fipsForum 2.6 stores sensitive information under the web root with ...)
+CVE-2010-0765
 	NOT-FOR-US: fipsForum
-CVE-2010-0764 (SQL injection vulnerability in index.php in KuwaitPHP eSmile allows ...)
+CVE-2010-0764
 	NOT-FOR-US: KuwaitPHP eSmile
-CVE-2010-0763 (SQL injection vulnerability in index.php in CommodityRentals Vacation ...)
+CVE-2010-0763
 	NOT-FOR-US: ComodityRentals Vacation Rental Software
-CVE-2010-0762 (SQL injection vulnerability in index.php in CommodityRentals CD Rental ...)
+CVE-2010-0762
 	NOT-FOR-US: CommodityRentals CD Rental Software
-CVE-2010-0761 (SQL injection vulnerability in index.php in CommodityRentals ...)
+CVE-2010-0761
 	NOT-FOR-US: CommodityRentals Books/eBooks Rentals Script
-CVE-2010-0760 (Multiple directory traversal vulnerabilities in the Core Design ...)
+CVE-2010-0760
 	NOT-FOR-US: Joomla!
-CVE-2010-0759 (Directory traversal vulnerability in ...)
+CVE-2010-0759
 	NOT-FOR-US: Joomla!
-CVE-2010-0758 (SQL injection vulnerability in news_desc.php in Softbiz Jobs allows ...)
+CVE-2010-0758
 	NOT-FOR-US: Softbiz Jobs
-CVE-2010-0757 (Unrestricted file upload vulnerability in index.php/Attach in WikyBlog ...)
+CVE-2010-0757
 	NOT-FOR-US: WikyBlog
-CVE-2010-0756 (Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote ...)
+CVE-2010-0756
 	NOT-FOR-US: WikyBlog
-CVE-2010-0755 (PHP remote file inclusion vulnerability in include/WBmap.php in ...)
+CVE-2010-0755
 	NOT-FOR-US: WikyBlog
-CVE-2010-0754 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-0754
 	NOT-FOR-US: WikyBlog
-CVE-2010-0753 (SQL injection vulnerability in the SQL Reports (com_sqlreport) ...)
+CVE-2010-0753
 	NOT-FOR-US: Joomla!
-CVE-2010-0752 (The week_post_page function in the Weekly Archive by Node Type module ...)
+CVE-2010-0752
 	NOT-FOR-US: Weekly Archive by Node Type (Drupal module)
 CVE-2010-1144
 	REJECTED
-CVE-2010-0750 (pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users ...)
+CVE-2010-0750
 	- policykit-1 <not-affected> (pkexec introduced in 0.92)
 	[lenny] - policykit-1 <not-affected> (pkexec introduced in 0.92)
 CVE-2010-0749
@@ -11798,248 +11798,248 @@ CVE-2010-0748 [transmission magnet links parser buffer overflow]
 	RESERVED
 	- transmission 1.92-1 (medium; bug #574507)
 	[lenny] - transmission <not-affected> (Support for Magnet links not yet available)
-CVE-2010-0746 (Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as ...)
+CVE-2010-0746
 	- udisks 1.0.0~git20100212.aae17d9-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=523178
 	NOTE: http://cgit.freedesktop.org/DeviceKit/DeviceKit-disks/commit/?id=62f883c7d38e75d0669c162529062a1e81d00da2
 	NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=23235
-CVE-2010-0745 (Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote ...)
+CVE-2010-0745
 	- dovecot 1:1.2.11-1 (low)
 	[lenny] - dovecot <not-affected> (this problem exists only with v1.2.x, not with v1.0 or v1.1)
 	NOTE: http://www.dovecot.org/list/dovecot-news/2010-March/000152.html
 	[etch] - dovecot <not-affected> (Vulnerable code not present)
-CVE-2010-0744 (aMSN (aka Alvaro's Messenger) 0.98.3 and earlier, when SSL is used, ...)
+CVE-2010-0744
 	- amsn 0.98.3-1 (low; bug #572818)
 	[lenny] - amsn <no-dsa> (Minor issue)
-CVE-2010-0743 (Multiple format string vulnerabilities in isns.c in (1) Linux SCSI ...)
+CVE-2010-0743
 	{DSA-2042-1}
 	- iscsitarget 0.4.17+svn229-1.4 (medium; bug #574935)
 	- tgt 1:1.0.3-2 (medium; bug #576086)
-CVE-2010-0742 (The Cryptographic Message Syntax (CMS) implementation in ...)
+CVE-2010-0742
 	- openssl 1.0.0e-1 (unimportant; bug #584592)
 	[lenny] - openssl <not-affected> (CMS is only present in OpenSSL 0.9.8h and later)
 	NOTE: unimportant since cms is disabled by default
-CVE-2010-0741 (The virtio_net_bad_features function in hw/virtio-net.c in the ...)
+CVE-2010-0741
 	- linux-2.6 2.6.26-1
-CVE-2010-0740 (The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ...)
+CVE-2010-0740
 	- openssl 0.9.8n-1 (medium; bug #575607)
 	[lenny] - openssl <not-affected> (only 0.9.8m is affected with 16 bit shorts)
 	NOTE: http://www.openssl.org/news/secadv/20100324.txt
-CVE-2010-0739 (Integer overflow in the predospecial function in dospecial.c in dvips ...)
+CVE-2010-0739
 	- texlive-bin 2009-6 (low; bug #560668)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny3
-CVE-2010-0738 (The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise ...)
+CVE-2010-0738
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2010-0737
 	RESERVED
 	NOT-FOR-US: JBoss Operations Network
-CVE-2010-0736 (Cross-site scripting (XSS) vulnerability in the view_queryform ...)
+CVE-2010-0736
 	- viewvc 1.1.5-1 (bug #575787)
 CVE-2010-0735
 	REJECTED
-CVE-2010-0734 (content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is ...)
+CVE-2010-0734
 	{DSA-2023-1}
 	- curl 7.20.0-1 (low)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/16/11
 	NOTE: depends on the application that uses libcurl
-CVE-2010-0733 (Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL ...)
+CVE-2010-0733
 	- postgresql-8.4 8.4.2-1
-CVE-2010-0732 (gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver ...)
+CVE-2010-0732
 	- gtk+2.0 2.18.5-1
 	[lenny] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
 	[etch] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/12/1
-CVE-2010-0731 (The gnutls_x509_crt_get_serial function in the GnuTLS library before ...)
+CVE-2010-0731
 	- gnutls26 <not-affected> (Fixed before initial release)
 	- gnutls13 1.2.1-1
-CVE-2010-0730 (The MMIO instruction decoder in the Xen hypervisor in the Linux kernel ...)
+CVE-2010-0730
 	- linux-2.6 <not-affected> (redhat-specific issue in the 2.6.18 xen kernel)
-CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat Enterprise ...)
+CVE-2010-0729
 	- linux-2.6 <not-affected> (vulnerability in redhat-specific patch)
-CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is ...)
+CVE-2010-0728
 	- samba 2:3.4.7~dfsg-1 (high; bug #573223)
 	[lenny] - samba <not-affected> (Only affects 3.3.11, 3.4.6 and 3.5.0)
-CVE-2010-0727 (The gfs2_lock function in the Linux kernel before ...)
+CVE-2010-0727
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-11
-CVE-2010-0726 (Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack ...)
+CVE-2010-0726
 	{DSA-2009-1}
 	- tdiary 2.2.1-1.1 (low; bug #572417)
-CVE-2010-0717 (The default configuration of cfg.packagepages_actions_excluded in ...)
+CVE-2010-0717
 	{DSA-2014-1}
 	- moin 1.9.0~rc2-1
-CVE-2010-0725 (Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart ...)
+CVE-2010-0725
 	NOT-FOR-US: Arab Cart
-CVE-2010-0724 (SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows ...)
+CVE-2010-0724
 	NOT-FOR-US: Arab Cart
-CVE-2010-0723 (SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 ...)
+CVE-2010-0723
 	NOT-FOR-US: Ero Auktion
-CVE-2010-0722 (SQL injection vulnerability in news.php in Php Auktion Pro allows ...)
+CVE-2010-0722
 	NOT-FOR-US: Php Auktion Pro
-CVE-2010-0721 (SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 ...)
+CVE-2010-0721
 	NOT-FOR-US: Auktionshaus Gelb
-CVE-2010-0720 (SQL injection vulnerability in news.php in Erotik Auktionshaus allows ...)
+CVE-2010-0720
 	NOT-FOR-US: Erotik Auktionshaus
-CVE-2010-0719 (An unspecified API in Microsoft Windows 2000, Windows XP, Windows ...)
+CVE-2010-0719
 	NOT-FOR-US: Microsoft
-CVE-2010-0718 (Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 ...)
+CVE-2010-0718
 	NOT-FOR-US: Microsoft
-CVE-2010-0716 (_layouts/Upload.aspx in the Documents module in Microsoft SharePoint ...)
+CVE-2010-0716
 	NOT-FOR-US: Microsoft
-CVE-2010-0715 (Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM ...)
+CVE-2010-0715
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2010-0714 (Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere ...)
+CVE-2010-0714
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2010-0713 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss ...)
+CVE-2010-0713
 	- zenoss <itp> (bug #361253)
 	NOTE: http://seclists.org/fulldisclosure/2010/Jan/296
-CVE-2010-0712 (Multiple SQL injection vulnerabilities in ...)
+CVE-2010-0712
 	- zenoss <itp> (bug #361253)
 	NOTE: http://seclists.org/fulldisclosure/2010/Jan/241
-CVE-2010-0711 (Cross-site request forgery (CSRF) vulnerability in default.asp in ...)
+CVE-2010-0711
 	NOT-FOR-US: ASPCode CMS
-CVE-2010-0710 (SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 ...)
+CVE-2010-0710
 	NOT-FOR-US: ASPCode CMS
-CVE-2010-0709 (Multiple cross-site request forgery (CSRF) vulnerabilities in Limny ...)
+CVE-2010-0709
 	NOT-FOR-US: Limny
-CVE-2010-0708 (Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe ...)
+CVE-2010-0708
 	NOT-FOR-US: Sun Directory Server Enterprise Edition
-CVE-2010-0707 (Cross-site request forgery (CSRF) vulnerability in add_user.php in ...)
+CVE-2010-0707
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0706 (Cross-site scripting (XSS) vulnerability in the login/prompt component ...)
+CVE-2010-0706
 	NOT-FOR-US: Subex Nikira Fraud Management System
-CVE-2010-0705 (Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 ...)
+CVE-2010-0705
 	NOT-FOR-US: Windows 2000
-CVE-2010-0704 (Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM ...)
+CVE-2010-0704
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2010-0703 (Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL ...)
+CVE-2010-0703
 	NOT-FOR-US: PortWise SSL VPN
-CVE-2010-0702 (SQL injection vulnerability in cisco/services/PhonecDirectory.php in ...)
+CVE-2010-0702
 	NOT-FOR-US: Fonality Trixbox
-CVE-2010-0701 (SQL injection vulnerability in ForceChangePassword.jsp in Newgen ...)
+CVE-2010-0701
 	NOT-FOR-US: Newgen Software OmniDocs
-CVE-2010-0700 (Cross-site scripting (XSS) vulnerability in index.php in WampServer ...)
+CVE-2010-0700
 	NOT-FOR-US: WampServer
-CVE-2010-0699 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+CVE-2010-0699
 	NOT-FOR-US: VideoSearchScript Pro
-CVE-2010-0698 (SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC ...)
+CVE-2010-0698
 	NOT-FOR-US: Dynamicsoft WSC CMS
-CVE-2010-0697 (Cross-site scripting (XSS) vulnerability in the iTweak Upload module ...)
+CVE-2010-0697
 	NOT-FOR-US: iTweak Upload module for Drupal
-CVE-2010-0696 (Directory traversal vulnerability in includes/download.php in the ...)
+CVE-2010-0696
 	NOT-FOR-US: Joomla!
-CVE-2010-0695 (Cross-site scripting (XSS) vulnerability in pages/index.php in ...)
+CVE-2010-0695
 	NOT-FOR-US: BASIC-CMS
-CVE-2010-0694 (SQL injection vulnerability in the PerchaGallery (com_perchagallery) ...)
+CVE-2010-0694
 	NOT-FOR-US: Joomla!
-CVE-2010-0693 (SQL injection vulnerability in products.php in CommodityRentals Trade ...)
+CVE-2010-0693
 	NOT-FOR-US: CommodityRentals Trade Manager Script
-CVE-2010-0692 (SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) ...)
+CVE-2010-0692
 	NOT-FOR-US: Joomla!
-CVE-2010-0691 (SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows ...)
+CVE-2010-0691
 	NOT-FOR-US: JTL-Shop
-CVE-2010-0690 (SQL injection vulnerability in index.php in CommodityRentals Video ...)
+CVE-2010-0690
 	NOT-FOR-US: CommodityRentals Video Games Rentals
-CVE-2010-0689 (The ExecuteExe method in the DVBSExeCall Control ActiveX control ...)
+CVE-2010-0689
 	NOT-FOR-US: ActiveX
-CVE-2010-0688 (Stack-based buffer overflow in Orbital Viewer 1.04 allows ...)
+CVE-2010-0688
 	NOT-FOR-US: Orbital Viewer
 CVE-2010-0687
 	RESERVED
-CVE-2010-0686 (WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, ...)
+CVE-2010-0686
 	NOT-FOR-US: VMware Server
-CVE-2010-0685 (The design of the dialplan functionality in Asterisk Open Source ...)
+CVE-2010-0685
 	- asterisk 1:1.6.2.6-1
 	NOTE: Design limitation documented in that version
 	[lenny] - asterisk <no-dsa> (Unfixable design issue, best practice docs need to be followed)
 	[squeeze] - asterisk <no-dsa> (Unfixable design issue, best practice docs need to be followed)
-CVE-2010-0684 (Cross-site scripting (XSS) vulnerability in createDestination.action ...)
+CVE-2010-0684
 	NOT-FOR-US: Apache ActiveMQ
-CVE-2010-0683 (Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator ...)
+CVE-2010-0683
 	NOT-FOR-US: TIBCO Administrator
-CVE-2010-0682 (WordPress 2.9 before 2.9.2 allows remote authenticated users to read ...)
+CVE-2010-0682
 	- wordpress 2.9.2-1 (low)
 	[lenny] - wordpress <not-affected> (Only affects Wordpress >= 2.9)
 CVE-2010-XXXX [multiple typo issues]
 	- typo3-src 4.3.2-1 (bug #571151)
 	[lenny] - typo3-src 4.2.5-1+lenny3
 	NOTE: DSA-2008
-CVE-2010-0681 (ZeusCMS 0.2 stores sensitive information under the web root with ...)
+CVE-2010-0681
 	NOT-FOR-US: ZeusCMS
-CVE-2010-0680 (Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows ...)
+CVE-2010-0680
 	NOT-FOR-US: ZeusCMS
-CVE-2010-0679 (Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ...)
+CVE-2010-0679
 	NOT-FOR-US: ActiveX
-CVE-2010-0678 (PHP remote file inclusion vulnerability in includes/moderation.php in ...)
+CVE-2010-0678
 	NOT-FOR-US: Katalog Stron Hurricane
-CVE-2010-0677 (SQL injection vulnerability in index.php in Katalog Stron Hurricane ...)
+CVE-2010-0677
 	NOT-FOR-US: Katalog Stron Hurricane
-CVE-2010-0676 (Directory traversal vulnerability in index.php in the RWCards ...)
+CVE-2010-0676
 	NOT-FOR-US: RWCards component for Joomla!
-CVE-2010-0675 (Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik ...)
+CVE-2010-0675
 	NOT-FOR-US: BGSvetionik BGS CMS
-CVE-2010-0674 (StatCounteX 3.1 stores sensitive information under the web root with ...)
+CVE-2010-0674
 	NOT-FOR-US: StatCounteX
-CVE-2010-0673 (SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog ...)
+CVE-2010-0673
 	NOT-FOR-US: Copperleaf Photolog plugin for WordPress
-CVE-2010-0672 (SQL injection vulnerability in index.php in WSN Guest 1.02 allows ...)
+CVE-2010-0672
 	NOT-FOR-US: WSN Guest
-CVE-2010-0671 (SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS ...)
+CVE-2010-0671
 	NOT-FOR-US: KR MEDIA Pogodny CMS
-CVE-2010-0670 (Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) ...)
+CVE-2010-0670
 	NOT-FOR-US: IP-Tech JQuarks (com_jquarks) Component
-CVE-2010-0669 (MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly ...)
+CVE-2010-0669
 	{DSA-2014-1}
 	- moin 1.9.2-1 (bug #569975)
-CVE-2010-0668 (Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x ...)
+CVE-2010-0668
 	{DSA-2014-1}
 	- moin 1.9.2-1 (bug #569975)
-CVE-2010-0667 (MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of ...)
+CVE-2010-0667
 	- moin 1.9.1-1
 	[lenny] - moin <not-affected> (versions before 1.9 are not affected)
 	[etch] - moin <not-affected> (versions before 1.9 are not affected)
 	NOTE: http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2
 	NOTE: http://hg.moinmo.in/moin/1.9/rev/04afdde50094
 	NOTE: http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18
-CVE-2010-0666 (Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch ...)
+CVE-2010-0666
 	NOT-FOR-US: Novell eDirectory
-CVE-2010-0665 (JAG (Just Another Guestbook) 1.14 stores sensitive information under ...)
+CVE-2010-0665
 	NOT-FOR-US: JAG
-CVE-2010-0664 (Stack consumption vulnerability in the ...)
+CVE-2010-0664
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0663 (The ParamTraits&lt;SkBitmap&gt;::Read function in ...)
+CVE-2010-0663
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0662 (The ParamTraits&lt;SkBitmap&gt;::Read function in ...)
+CVE-2010-0662
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0661 (WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before ...)
+CVE-2010-0661
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (libv8 issue)
 	NOTE: http://trac.webkit.org/changeset/52401
-CVE-2010-0660 (Google Chrome before 4.0.249.78 sends an https URL in the Referer ...)
+CVE-2010-0660
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0659 (The image decoder in WebKit before r52833, as used in Google Chrome ...)
+CVE-2010-0659
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-0658 (Multiple integer overflows in Skia, as used in Google Chrome before ...)
+CVE-2010-0658
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0657 (Google Chrome before 4.0.249.78 on Windows does not perform the ...)
+CVE-2010-0657
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
 	NOTE: claimed to be a windows-only issue
-CVE-2010-0656 (WebKit before r51295, as used in Google Chrome before 4.0.249.78, ...)
+CVE-2010-0656
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-0655 (Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows ...)
+CVE-2010-0655
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0654 (Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, ...)
+CVE-2010-0654
 	{DSA-2124-1 DSA-2075-1}
 	- xulrunner 1.9.1.11-1 (bug #570743)
 	- iceweasel 3.5.11-2
@@ -12048,417 +12048,417 @@ CVE-2010-0654 (Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, ...)
 	[lenny] - icedove <end-of-life>
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0653 (Opera before 10.10 permits cross-origin loading of CSS stylesheets ...)
+CVE-2010-0653
 	NOT-FOR-US: Opera
-CVE-2010-0652 (Microsoft Internet Explorer permits cross-origin loading of CSS ...)
+CVE-2010-0652
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0651 (WebKit before r52784, as used in Google Chrome before 4.0.249.78 and ...)
+CVE-2010-0651
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
 	NOTE: http://trac.webkit.org/changeset/52784
-CVE-2010-0650 (WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, ...)
+CVE-2010-0650
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (unimportant)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=3275
 	NOTE: unimportant because this is just a popup blocker bypass
-CVE-2010-0649 (Integer overflow in the CrossCallParamsEx::CreateFromBuffer function ...)
+CVE-2010-0649
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0648 (Mozilla Firefox, possibly before 3.6, allows remote attackers to ...)
+CVE-2010-0648
 	- xulrunner <undetermined> (bug #570743)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2010-0647 (WebKit before r53525, as used in Google Chrome before 4.0.249.89, ...)
+CVE-2010-0647
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (medium)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-0646 (Multiple integer signedness errors in factory.cc in Google V8 before ...)
+CVE-2010-0646
 	- chromium-browser 5.0.375.29~r46008-1
 	- libv8 2.1.6-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2010-0645 (Multiple integer overflows in factory.cc in Google V8 before r3560, as ...)
+CVE-2010-0645
 	- chromium-browser 5.0.375.29~r46008-1
 	- libv8 2.1.6-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2010-0644 (Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is ...)
+CVE-2010-0644
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0643 (Google Chrome before 4.0.249.89 attempts to make direct connections to ...)
+CVE-2010-0643
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0642 (Cisco Collaboration Server (CCS) 5 allows remote attackers to read the ...)
+CVE-2010-0642
 	NOT-FOR-US: Cisco Collaboration Server
-CVE-2010-0641 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2010-0641
 	NOT-FOR-US: Cisco Collaboration Server
-CVE-2010-0640 (Cross-site scripting (XSS) vulnerability in CA eHealth Performance ...)
+CVE-2010-0640
 	NOT-FOR-US: CA eHealth Performance Manager
-CVE-2010-0639 (The htcpHandleTstRequest function in htcp.c in Squid 2.x before ...)
+CVE-2010-0639
 	- squid 2.7.STABLE8-1 (bug #572553)
 	[lenny] - squid <no-dsa> (Minor issue, only affects non-default setup)
 	- squid3 3.1.0.17-1 (bug #572554)
 	[lenny] - squid3 <no-dsa> (Minor issue, only affects non-default setup)
-CVE-2010-0638 (Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 ...)
+CVE-2010-0638
 	- webcalendar <removed> (bug #572557)
 CVE-2010-XXXX [phpbb3 weak captcha]
 	- phpbb3 3.0.7-PL1-1 (unimportant; bug #570011)
-CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) ...)
+CVE-2010-0634
 	- flex 2.5.35-1
-CVE-2010-0629 (Use-after-free vulnerability in kadmin/server/server_stubs.c in ...)
+CVE-2010-0629
 	{DSA-2031-1}
 	- krb5 1.7+dfsg-1 (low)
 	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt
-CVE-2010-0628 (The spnego_gss_accept_sec_context function in ...)
+CVE-2010-0628
 	- krb5 1.8+dfsg-1.1 (bug #575740)
 	[lenny] - krb5 <not-affected> (Only affects 1.7/1.8)
-CVE-2010-2234 (Cross-site request forgery (CSRF) vulnerability in Apache CouchDB ...)
+CVE-2010-2234
 	- couchdb 0.11.0-2.1 (bug #570013)
 	[lenny] - couchdb <no-dsa> (does not support authentication at all)
-CVE-2010-0637 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2010-0637
 	- webcalendar <removed> (bug #572557)
-CVE-2010-0636 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)
+CVE-2010-0636
 	- webcalendar <removed> (bug #572557)
-CVE-2010-0635 (SQL injection vulnerability in the plgSearchEventsearch::onSearch ...)
+CVE-2010-0635
 	NOT-FOR-US: JEvents Search plugin for Joomla!
-CVE-2010-0633 (Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and ...)
+CVE-2010-0633
 	NOT-FOR-US: Citrix XenServer
-CVE-2010-0632 (SQL injection vulnerability in the Parkview Consultants SimpleFAQ ...)
+CVE-2010-0632
 	NOT-FOR-US: Parkview Consultants SimpleFAQ component for Joomla!
-CVE-2010-0631 (Multiple SQL injection vulnerabilities in index.php in Eicra Car ...)
+CVE-2010-0631
 	NOT-FOR-US: Eicra Car Rental-Script
-CVE-2010-0630 (SQL injection vulnerability in viewjokes.php in Evernew Free Joke ...)
+CVE-2010-0630
 	NOT-FOR-US: Evernew Free Joke Script
 CVE-2010-0627
 	RESERVED
 CVE-2010-0626
 	RESERVED
-CVE-2010-0625 (Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP ...)
+CVE-2010-0625
 	NOT-FOR-US: Novell NetWare
-CVE-2010-0624 (Heap-based buffer overflow in the rmt_read__ function in ...)
+CVE-2010-0624
 	- cpio 2.11-1 (low)
 	- tar 1.23-1 (low)
 	[lenny] - tar 1.20-1+lenny1
 	[lenny] - cpio 2.9-13lenny1
 CVE-2010-0621
 	RESERVED
-CVE-2010-0620 (Directory traversal vulnerability in the SSL Service in EMC HomeBase ...)
+CVE-2010-0620
 	NOT-FOR-US: EMC HomeBase Server
-CVE-2010-0619 (Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode ...)
+CVE-2010-0619
 	NOT-FOR-US: Lexmark laser printers
-CVE-2010-0618 (The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode ...)
+CVE-2010-0618
 	NOT-FOR-US: Lexmark laser and injet printers and MarkNet devices
-CVE-2010-0617 (Cross-site scripting (XSS) vulnerability in ajax.php in evalSMSI ...)
+CVE-2010-0617
 	NOT-FOR-US: evalSMSI
-CVE-2010-0616 (evalSMSI 2.1.03 stores passwords in cleartext in the database, which ...)
+CVE-2010-0616
 	NOT-FOR-US: evalSMSI
-CVE-2010-0615 (Cross-site scripting (XSS) vulnerability in assess.php in evalSMSI ...)
+CVE-2010-0615
 	NOT-FOR-US: evalSMSI
-CVE-2010-0614 (SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows ...)
+CVE-2010-0614
 	NOT-FOR-US: evalSMSI
-CVE-2010-0613 (Directory traversal vulnerability in viewfile.php in ARWScripts Fonts ...)
+CVE-2010-0613
 	NOT-FOR-US: ARWScripts Fonts Script
-CVE-2010-0612 (Unspecified vulnerability in DocumentManager before 4.0 has unknown ...)
+CVE-2010-0612
 	NOT-FOR-US: DocumentManager
-CVE-2010-0611 (Multiple SQL injection vulnerabilities in adminlogin.php in Baal ...)
+CVE-2010-0611
 	NOT-FOR-US: Baal Systems
-CVE-2010-0610 (Multiple SQL injection vulnerabilities in the Photoblog ...)
+CVE-2010-0610
 	NOT-FOR-US: Photoblog component for Joomla!
-CVE-2010-0609 (SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows ...)
+CVE-2010-0609
 	NOT-FOR-US: NovaBoard
-CVE-2010-0608 (SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows ...)
+CVE-2010-0608
 	NOT-FOR-US: NovaBoard
-CVE-2010-0607 (Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 ...)
+CVE-2010-0607
 	NOT-FOR-US: Sterlite SAM300 AX Router
-CVE-2010-0606 (Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket ...)
+CVE-2010-0606
 	NOT-FOR-US: osTicket
-CVE-2010-0605 (SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 ...)
+CVE-2010-0605
 	NOT-FOR-US: osTicket
-CVE-2010-0604 (Unspecified vulnerability in the SIP implementation on the Cisco PGW ...)
+CVE-2010-0604
 	NOT-FOR-US: Cisco PGW
-CVE-2010-0603 (The SIP implementation on the Cisco PGW 2200 Softswitch with software ...)
+CVE-2010-0603
 	NOT-FOR-US: Cisco PWG
-CVE-2010-0602 (The SIP implementation on the Cisco PGW 2200 Softswitch with software ...)
+CVE-2010-0602
 	NOT-FOR-US: Cisco PGW
-CVE-2010-0601 (The MGCP implementation on the Cisco PGW 2200 Softswitch with software ...)
+CVE-2010-0601
 	NOT-FOR-US: Cisco PGW
-CVE-2010-0600 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before ...)
+CVE-2010-0600
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0599 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before ...)
+CVE-2010-0599
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0598 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before ...)
+CVE-2010-0598
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0597 (Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before ...)
+CVE-2010-0597
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0596 (Unspecified vulnerability in Cisco Mediator Framework 2.2 before ...)
+CVE-2010-0596
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0595 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before ...)
+CVE-2010-0595
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0594 (Cross-site scripting (XSS) vulnerability in Cisco Router and Security ...)
+CVE-2010-0594
 	NOT-FOR-US: Cisco Router and Security Device Manager
-CVE-2010-0593 (The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, ...)
+CVE-2010-0593
 	NOT-FOR-US: Cisco RVS4000 Router
-CVE-2010-0592 (The CTI Manager service in Cisco Unified Communications Manager (aka ...)
+CVE-2010-0592
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0591 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2010-0591
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0590 (The CMSIPUtility component in Cisco Unified Communications Manager ...)
+CVE-2010-0590
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0589 (The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure ...)
+CVE-2010-0589
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2010-0588 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2010-0588
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0587 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2010-0587
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0586 (Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager ...)
+CVE-2010-0586
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0585 (Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager ...)
+CVE-2010-0585
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0584 (Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP ...)
+CVE-2010-0584
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0583 (Memory leak in the H.323 implementation in Cisco IOS 12.1 through ...)
+CVE-2010-0583
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0582 (Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote ...)
+CVE-2010-0582
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0581 (Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 ...)
+CVE-2010-0581
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0580 (Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 ...)
+CVE-2010-0580
 	NOT-FOR-US: CiscoIOS
-CVE-2010-0579 (The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote ...)
+CVE-2010-0579
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0578 (The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 ...)
+CVE-2010-0578
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0577 (Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size ...)
+CVE-2010-0577
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0576 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x ...)
+CVE-2010-0576
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0575 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or ...)
+CVE-2010-0575
 	NOT-FOR-US: Cisco WLC
-CVE-2010-0574 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) ...)
+CVE-2010-0574
 	NOT-FOR-US: Cisco WLC
-CVE-2010-0573 (Unspecified vulnerability on the Cisco Digital Media Player before 5.2 ...)
+CVE-2010-0573
 	NOT-FOR-US: Cisco Digital Media Player
-CVE-2010-0572 (Cisco Digital Media Manager (DMM) before 5.2 allows remote ...)
+CVE-2010-0572
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2010-0571 (Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x ...)
+CVE-2010-0571
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2010-0570 (Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default ...)
+CVE-2010-0570
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2010-0569 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2010-0569
 	NOT-FOR-US: Cisco
-CVE-2010-0568 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2010-0568
 	NOT-FOR-US: Cisco
-CVE-2010-0567 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2010-0567
 	NOT-FOR-US: Cisco
-CVE-2010-0566 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2010-0566
 	NOT-FOR-US: Cisco
-CVE-2010-0565 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2010-0565
 	NOT-FOR-US: Cisco
 CVE-2010-XXXX [multiple mod_security issues]
 	- libapache-mod-security 2.5.12-1 (bug #569658)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=563455
-CVE-2010-0623 (The futex_lock_pi function in kernel/futex.c in the Linux kernel ...)
+CVE-2010-0623
 	- linux-2.6 2.6.32-9
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
-CVE-2010-0622 (The wake_futex_pi function in kernel/futex.c in the Linux kernel ...)
+CVE-2010-0622
 	{DSA-2012-1 DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-9
 	- linux-2.6.24 <removed>
-CVE-2010-0564 (Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in ...)
+CVE-2010-0564
 	NOT-FOR-US: Trend Micro URL Filtering Engine
-CVE-2010-0563 (The Single Sign-on (SSO) functionality in IBM WebSphere Application ...)
+CVE-2010-0563
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2010-0562 (The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, ...)
+CVE-2010-0562
 	- fetchmail 6.3.13-2 (low)
 	[lenny] - fetchmail <not-affected> (This issue was introduced in 6.3.11)
 	[etch] - fetchmail <not-affected> (This issue was introduced in 6.3.11)
 	NOTE: the conditions so that this is exploitable are rather obscure
-CVE-2010-0561 (Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before ...)
+CVE-2010-0561
 	NOT-FOR-US: NetBSD
-CVE-2010-0560 (Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, ...)
+CVE-2010-0560
 	NOT-FOR-US: Intel Desktop BIOS
-CVE-2010-0559 (The default configuration of Oracle OpenSolaris snv_91 through snv_131 ...)
+CVE-2010-0559
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-0558 (The default configuration of Oracle OpenSolaris snv_77 through snv_131 ...)
+CVE-2010-0558
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-0557 (IBM Cognos Express 9.0 allows attackers to obtain unspecified access ...)
+CVE-2010-0557
 	NOT-FOR-US: IBM Cognos Express
-CVE-2010-0556 (browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 ...)
+CVE-2010-0556
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0555 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not ...)
+CVE-2010-0555
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0554 (The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and ...)
+CVE-2010-0554
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0553 (Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users ...)
+CVE-2010-0553
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0552 (Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a ...)
+CVE-2010-0552
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0551 (HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and ...)
+CVE-2010-0551
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0550 (admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly ...)
+CVE-2010-0550
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0549 (Unspecified vulnerability in the Network Controller in Xerox ...)
+CVE-2010-0549
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2010-0548 (Multiple unspecified vulnerabilities in the Network Controller and Web ...)
+CVE-2010-0548
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2010-0547 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier ...)
+CVE-2010-0547
 	{DSA-2004-1}
 	- samba 2:3.4.5~dfsg-2 (bug #568942; medium)
-CVE-2010-0546 (Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, ...)
+CVE-2010-0546
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0545 (The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 ...)
+CVE-2010-0545
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0544 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2010-0544
 	- webkit 1.2.1-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected> (only Safari is affected, they have a different URL parsing implementation)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37662
 	NOTE: http://trac.webkit.org/changeset/58792
 	NOTE: http://trac.webkit.org/changeset/58796
-CVE-2010-0543 (ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows ...)
+CVE-2010-0543
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text Filter ...)
+CVE-2010-0542
 	{DSA-2176-1}
 	- cups 1.4.4-1
-CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in ...)
+CVE-2010-0541
 	- ruby1.8 1.8.7.302-1
 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
 	- ruby1.9 <removed>
 	[lenny] - ruby1.9 <no-dsa> (Minor issue)
 	- ruby1.9.1 1.9.2.0-1 (bug #593298)
-CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
+CVE-2010-0540
 	{DSA-2176-1}
 	- cups 1.4.4-1
-CVE-2010-0539 (Integer signedness error in the window drawing implementation in Apple ...)
+CVE-2010-0539
 	NOT-FOR-US: Apple Java
-CVE-2010-0538 (Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X ...)
+CVE-2010-0538
 	NOT-FOR-US: Apple Java
-CVE-2010-0537 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly ...)
+CVE-2010-0537
 	NOT-FOR-US: Apple DesktopServices
-CVE-2010-0536 (Apple QuickTime before 7.6.6 on Windows allows remote attackers to ...)
+CVE-2010-0536
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0535 (Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is ...)
+CVE-2010-0535
 	- dovecot <not-affected> (Apple specific, http://marc.info/?l=oss-security&m=136546217008001&w=2)
-CVE-2010-0534 (Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the ...)
+CVE-2010-0534
 	NOT-FOR-US: Apple Wiki Server
-CVE-2010-0533 (Directory traversal vulnerability in AFP Server in Apple Mac OS X ...)
+CVE-2010-0533
 	NOT-FOR-US: Apple AFP Server
-CVE-2010-0532 (Race condition in the installation package in Apple iTunes before 9.1 ...)
+CVE-2010-0532
 	NOT-FOR-US: Apple itunes
-CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of ...)
+CVE-2010-0531
 	NOT-FOR-US: Apple iTunes
-CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the ...)
+CVE-2010-0530
 	NOT-FOR-US: QuickTime
-CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before ...)
+CVE-2010-0529
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers to ...)
+CVE-2010-0528
 	NOT-FOR-US: Apple Quicktime
-CVE-2010-0527 (Integer overflow in Apple QuickTime before 7.6.6 on Windows allows ...)
+CVE-2010-0527
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0526 (Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple ...)
+CVE-2010-0526
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0525 (Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key ...)
+CVE-2010-0525
 	NOT-FOR-US: Apple Mail
-CVE-2010-0524 (The default configuration of the FreeRADIUS server in Apple Mac OS X ...)
+CVE-2010-0524
 	- freeradius <not-affected> (Apple specific configuration issue)
-CVE-2010-0523 (Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types ...)
+CVE-2010-0523
 	NOT-FOR-US: Apple Wiki Server
-CVE-2010-0522 (Server Admin in Apple Mac OS X Server 10.5.8 does not properly ...)
+CVE-2010-0522
 	NOT-FOR-US: Apple Server Admin
-CVE-2010-0521 (Server Admin in Apple Mac OS X Server before 10.6.3 does not properly ...)
+CVE-2010-0521
 	NOT-FOR-US: Apple Server Admin
-CVE-2010-0520 (Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in ...)
+CVE-2010-0520
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0519 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows ...)
+CVE-2010-0519
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0518 (QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+CVE-2010-0518
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0517 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+CVE-2010-0517
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0516 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+CVE-2010-0516
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0515 (QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+CVE-2010-0515
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0514 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+CVE-2010-0514
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0513 (Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before ...)
+CVE-2010-0513
 	NOT-FOR-US: Apple PS Normalizer
-CVE-2010-0512 (The Accounts Preferences implementation in Apple Mac OS X 10.6 before ...)
+CVE-2010-0512
 	NOT-FOR-US: Apple Accounts Preferences
-CVE-2010-0511 (Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the ...)
+CVE-2010-0511
 	NOT-FOR-US: Apple Podcast Producer
-CVE-2010-0510 (Password Server in Apple Mac OS X Server before 10.6.3 does not ...)
+CVE-2010-0510
 	NOT-FOR-US: Apple Password Server
-CVE-2010-0509 (SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local ...)
+CVE-2010-0509
 	NOT-FOR-US: Apple SFLServer
-CVE-2010-0508 (Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules ...)
+CVE-2010-0508
 	NOT-FOR-US: Apple Mail
-CVE-2010-0507 (Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows ...)
+CVE-2010-0507
 	NOT-FOR-US: Apple Image RAW
-CVE-2010-0506 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote ...)
+CVE-2010-0506
 	NOT-FOR-US: Apple Image RAW
-CVE-2010-0505 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 ...)
+CVE-2010-0505
 	NOT-FOR-US: Apple ImageIO
-CVE-2010-0504 (Multiple stack-based buffer overflows in iChat Server in Apple Mac OS ...)
+CVE-2010-0504
 	NOT-FOR-US: Apple iChat
-CVE-2010-0503 (Use-after-free vulnerability in iChat Server in Apple Mac OS X Server ...)
+CVE-2010-0503
 	NOT-FOR-US: Apple iChat
-CVE-2010-0502 (iChat Server in Apple Mac OS X Server before 10.6.3, when group chat ...)
+CVE-2010-0502
 	NOT-FOR-US: Apple iChat
-CVE-2010-0501 (Directory traversal vulnerability in FTP Server in Apple Mac OS X ...)
+CVE-2010-0501
 	NOT-FOR-US: Apple FTP Server
-CVE-2010-0500 (Event Monitor in Apple Mac OS X before 10.6.3 does not properly ...)
+CVE-2010-0500
 	NOT-FOR-US: Apple Event Monitor
 CVE-2010-0499
 	RESERVED
-CVE-2010-0498 (Directory Services in Apple Mac OS X before 10.6.3 does not properly ...)
+CVE-2010-0498
 	NOT-FOR-US: Apple Directory Services
-CVE-2010-0497 (Disk Images in Apple Mac OS X before 10.6.3 does not provide the ...)
+CVE-2010-0497
 	NOT-FOR-US: Apple Disk Images
-CVE-2010-0496 (FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for ...)
+CVE-2010-0496
 	NOT-FOR-US: Apple iPhone OS
 CVE-2010-0495
 	REJECTED
-CVE-2010-0494 (Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, ...)
+CVE-2010-0494
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-0493
 	REJECTED
-CVE-2010-0492 (Use-after-free vulnerability in mstime.dll in Microsoft Internet ...)
+CVE-2010-0492
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0491 (Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, ...)
+CVE-2010-0491
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0490 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly ...)
+CVE-2010-0490
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0489 (Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and ...)
+CVE-2010-0489
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0488 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not ...)
+CVE-2010-0488
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0487 (The Authenticode Signature verification functionality in cabview.dll ...)
+CVE-2010-0487
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0486 (The WinVerifyTrust function in Authenticode Signature Verification ...)
+CVE-2010-0486
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0485 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...)
+CVE-2010-0485
 	NOT-FOR-US: Microsoft
-CVE-2010-0484 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...)
+CVE-2010-0484
 	NOT-FOR-US: Microsoft
-CVE-2010-0483 (vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows ...)
+CVE-2010-0483
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0482 (The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not ...)
+CVE-2010-0482
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0481 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows ...)
+CVE-2010-0481
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0480 (Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs ...)
+CVE-2010-0480
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0479 (Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and ...)
+CVE-2010-0479
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0478 (Stack-based buffer overflow in nsum.exe in the Windows Media Unicast ...)
+CVE-2010-0478
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0477 (The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does ...)
+CVE-2010-0477
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0476 (The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, ...)
+CVE-2010-0476
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0475 (Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the ...)
+CVE-2010-0475
 	NOT-FOR-US: Palo Alto Networks Firewall
 CVE-2010-0474
 	RESERVED
@@ -12466,17 +12466,17 @@ CVE-2010-0474
 	- webkit 1.4.0-1
 CVE-2010-0473
 	RESERVED
-CVE-2010-0472 (kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 ...)
+CVE-2010-0472
 	NOT-FOR-US: IBM DB2
-CVE-2010-0471 (SQL injection vulnerability in the comment submission interface ...)
+CVE-2010-0471
 	NOT-FOR-US: Enano CMS
-CVE-2010-0470 (Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend ...)
+CVE-2010-0470
 	NOT-FOR-US: Comtrend
-CVE-2010-0469 (SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, ...)
+CVE-2010-0469
 	NOT-FOR-US: Files2Links
-CVE-2010-0468 (Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in ...)
+CVE-2010-0468
 	NOT-FOR-US: PaperThin CommonSpot Content Server
-CVE-2010-0467 (Directory traversal vulnerability in the ccNewsletter ...)
+CVE-2010-0467
 	NOT-FOR-US: ccNewsletter component for Joomla!
 CVE-2010-XXXX [nautilus: file preview html script execution]
 	- nautilus <not-affected> (proof-of-concept script is previewed as text, not executed)
@@ -12489,191 +12489,191 @@ CVE-2010-XXXX [browser javascript document.write denial-of-service]
 	- kde4libs <unfixed> (unimportant)
 CVE-2010-0466
 	RESERVED
-CVE-2010-0465 (Cross-site scripting (XSS) vulnerability in the online Documents ...)
+CVE-2010-0465
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2010-0464 (Roundcube 0.3.1 and earlier does not request that the web browser ...)
+CVE-2010-0464
 	- roundcube 0.3.1-3 (bug #569660)
-CVE-2010-0463 (Horde IMP 4.3.6 and earlier does not request that the web browser ...)
+CVE-2010-0463
 	- imp4 4.3.7+debian0-2 (low; bug #569661)
 	[lenny] - imp4 4.2-4lenny2
-CVE-2010-0462 (Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, ...)
+CVE-2010-0462
 	NOT-FOR-US: IBM DB2
-CVE-2010-0461 (SQL injection vulnerability in the casino (com_casino) component 1.0 ...)
+CVE-2010-0461
 	NOT-FOR-US: Joomla!
-CVE-2010-0460 (Multiple cross-site scripting (XSS) vulnerabilities in staff/index.php ...)
+CVE-2010-0460
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2010-0459 (SQL injection vulnerability in the Mochigames (com_mochigames) ...)
+CVE-2010-0459
 	NOT-FOR-US: Joomla!
-CVE-2010-0458 (Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 ...)
+CVE-2010-0458
 	NOT-FOR-US: NetArt Media Blog System
-CVE-2010-0457 (SQL injection vulnerability in home.php in magic-portal 2.1 allows ...)
+CVE-2010-0457
 	NOT-FOR-US: magic-portal
-CVE-2010-0456 (SQL injection vulnerability in the indianpulse Game Server ...)
+CVE-2010-0456
 	NOT-FOR-US: Joomla!
-CVE-2010-0455 (Cross-site scripting (XSS) vulnerability in forum/viewtopic.php in ...)
+CVE-2010-0455
 	NOT-FOR-US: PunBB
-CVE-2010-0454 (SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in ...)
+CVE-2010-0454
 	NOT-FOR-US: Publique! CMS
-CVE-2010-0453 (The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and ...)
+CVE-2010-0453
 	NOT-FOR-US: Sun Solaris
-CVE-2010-0452 (Multiple cross-site scripting (XSS) vulnerabilities in HP Project and ...)
+CVE-2010-0452
 	NOT-FOR-US: HP Project and Portfolio Management Center
-CVE-2010-0451 (The installation process for NFS/ONCplus B.11.31_08 and earlier on HP ...)
+CVE-2010-0451
 	NOT-FOR-US: HP-UX
-CVE-2010-0450 (Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 ...)
+CVE-2010-0450
 	NOT-FOR-US: HP SOA Registry Foundation
-CVE-2010-0449 (Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation ...)
+CVE-2010-0449
 	NOT-FOR-US: HP SOA Registry Foundation
-CVE-2010-0448 (Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 ...)
+CVE-2010-0448
 	NOT-FOR-US: HP SOA Registry Foundation
-CVE-2010-0447 (The helpmanager servlet in the web server in HP OpenView Performance ...)
+CVE-2010-0447
 	NOT-FOR-US: HP OpenView Performance Insight
-CVE-2010-0446 (Unspecified vulnerability on the HP DreamScreen 100 and 130 with ...)
+CVE-2010-0446
 	NOT-FOR-US: HP DreamScreen
-CVE-2010-0445 (Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, ...)
+CVE-2010-0445
 	NOT-FOR-US: HP Network Node Manager
-CVE-2010-0444 (HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a ...)
+CVE-2010-0444
 	NOT-FOR-US: HP Operations Agent
-CVE-2010-0443 (Unspecified vulnerability in Record Management Services (RMS) before ...)
+CVE-2010-0443
 	NOT-FOR-US: HP OpenVMS
-CVE-2010-0441 (Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, ...)
+CVE-2010-0441
 	- asterisk 1:1.6.2.2-1
 	[lenny] - asterisk <not-affected> (Only affects 1.6.x)
 	[etch] - asterisk <not-affected> (Only affects 1.6.x)
-CVE-2010-0440 (Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in ...)
+CVE-2010-0440
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2010-0439 (Chip Salzenberg Deliver allows local users to cause a denial of ...)
+CVE-2010-0439
 	- deliver <removed>
-CVE-2010-0438 (Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in ...)
+CVE-2010-0438
 	{DSA-1993-1}
 	- otrs <not-affected> (vulnerable code not present)
 	[etch] - otrs2 <not-affected> (vulnerable code not present)
 	- otrs2 2.4.7-1 (medium)
 	NOTE: http://web.archive.org/web/20111224162621/http://otrs.org/advisory/OSA-2010-01-en/
-CVE-2010-0437 (The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux ...)
+CVE-2010-0437
 	- linux-2.6 2.6.26-9
-CVE-2010-0436 (Race condition in backend/ctrl.c in KDM in KDE Software Compilation ...)
+CVE-2010-0436
 	{DSA-2037-1}
 	- kdebase 4:4.0
 	- kdebase-workspace 4:4.4.3-1
 	NOTE: The binary package kdm was built from kdebase in Lenny and from kdebase-workspace
 	NOTE: in KDE 4.x, i.e. Squeeze onwards
-CVE-2010-0435 (The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise ...)
+CVE-2010-0435
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-0434 (The ap_read_request function in server/protocol.c in the Apache HTTP ...)
+CVE-2010-0434
 	{DSA-2035-1}
 	- apache2 2.2.15-1
-CVE-2010-0433 (The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before ...)
+CVE-2010-0433
 	- openssl <not-affected> (Kerberos support not enabled)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/5
-CVE-2010-0432 (Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open ...)
+CVE-2010-0432
 	NOT-FOR-US: Apache Open For Business Project (OFBiz)
-CVE-2010-0431 (QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat ...)
+CVE-2010-0431
 	- qemu-kvm <not-affected> (QXL support not yet present in Debian packages)
 	- kvm <not-affected> (QXL support not yet present in Debian packages)
-CVE-2010-0430 (libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization ...)
+CVE-2010-0430
 	- spice <not-affected> (Fixed before initial upload to archive)
-CVE-2010-0429 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...)
+CVE-2010-0429
 	- spice <not-affected> (Fixed before initial upload to archive)
-CVE-2010-0428 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...)
+CVE-2010-0428
 	- spice <not-affected> (Fixed before initial upload to archive)
-CVE-2010-0427 (sudo 1.6.x before 1.6.9p21, when the runas_default option is used, ...)
+CVE-2010-0427
 	{DSA-2006-1}
 	- sudo 1.7.0-1
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/23/4
-CVE-2010-0426 (sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a ...)
+CVE-2010-0426
 	{DSA-2006-1}
 	- sudo 1.7.2p1-1.2 (bug #570737)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/23/4
-CVE-2010-0425 (modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server ...)
+CVE-2010-0425
 	- apache2 <not-affected> (Windows only)
-CVE-2010-0424 (The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) ...)
+CVE-2010-0424
 	- cron <not-affected> (vulnerability in redhat-specific changes to their cron forks; cronie and vixie-cron)
-CVE-2010-0423 (gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a ...)
+CVE-2010-0423
 	{DSA-2038-1}
 	- pidgin 2.6.6-1 (low)
 	- gaim <removed> (low)
 	[lenny] - gaim <not-affected> (gaim is a transitional dummy package only)
 	- qutecom 2.2~rc3.hg396~dfsg1-6 (low; bug #572946)
-CVE-2010-0422 (gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize ...)
+CVE-2010-0422
 	- gnome-screensaver 2.28.3-1
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
-CVE-2010-0421 (Array index error in the hb_ot_layout_build_glyph_classes function in ...)
+CVE-2010-0421
 	{DSA-2019-1}
 	- pango1.0 1.26.2-1 (bug #574021)
-CVE-2010-0420 (libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user ...)
+CVE-2010-0420
 	{DSA-2038-1}
 	- pidgin 2.6.6-1 (low)
 	- gaim <removed> (low)
 	[lenny] - gaim <not-affected> (gaim is a transitional dummy package only)
 	- qutecom 2.2~rc3.hg396~dfsg1-6 (low; bug #572946)
-CVE-2010-0419 (The x86 emulator in KVM 83, when a guest is configured for Symmetric ...)
+CVE-2010-0419
 	{DSA-2010-1}
 	- kvm <removed>
-CVE-2010-0418 (The web interface in chumby one before 1.0.4 and chumby classic before ...)
+CVE-2010-0418
 	NOT-FOR-US: Chumby device's web interface
-CVE-2010-0417 (Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and ...)
+CVE-2010-0417
 	NOT-FOR-US: RealPlayer/Helix Player
-CVE-2010-0416 (Buffer overflow in the Unescape function in common/util/hxurl.cpp and ...)
+CVE-2010-0416
 	NOT-FOR-US: RealPlayer/Helix Player
-CVE-2010-0415 (The do_pages_move function in mm/migrate.c in the Linux kernel before ...)
+CVE-2010-0415
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
-CVE-2010-0414 (gnome-screensaver before 2.28.2 allows physically proximate attackers ...)
+CVE-2010-0414
 	- gnome-screensaver 2.28.2-1 (bug #569084)
 	[etch] - gnome-screensaver <not-affected> (Vulnerable code not present)
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
 CVE-2010-0413
 	RESERVED
-CVE-2010-0412 (stap-server in SystemTap 1.1 does not properly restrict the value of ...)
+CVE-2010-0412
 	- systemtap 1.2-1 (bug #572560)
 	[lenny] - systemtap <not-affected> (Server component not yet present)
 	[etch] - systemtap <not-affected> (Server component not yet present)
-CVE-2010-0411 (Multiple integer signedness errors in the (1) __get_argv and (2) ...)
+CVE-2010-0411
 	- systemtap 1.2-1 (low; bug #568809)
 	[lenny] - systemtap <not-affected> (Vulnerable code not present)
 	[etch] - systemtap <no-dsa> (Minor issue)
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=11234 and RH
-CVE-2010-0410 (drivers/connector/connector.c in the Linux kernel before 2.6.32.8 ...)
+CVE-2010-0410
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f98bfbd78c37c5946cc53089da32a5f741efdeb7
-CVE-2010-0409 (Buffer overflow in the GMIME_UUENCODE_LEN macro in ...)
+CVE-2010-0409
 	{DSA-2082-1}
 	- gmime2.2 2.2.25-1.1 (bug #568291)
 	- gmime2.4 2.4.14-1+nmu1 (bug #573877)
-CVE-2010-0408 (The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp ...)
+CVE-2010-0408
 	{DSA-2035-1}
 	- apache2 2.2.15-1 (low)
 	[lenny] - apache2 <no-dsa> (minor issue)
 	NOTE: Will be fixed in s-p-u
-CVE-2010-0407 (Multiple buffer overflows in the MSGFunctionDemarshall function in ...)
+CVE-2010-0407
 	{DSA-2059-1}
 	- pcsc-lite 1.5.4-1
-CVE-2010-0406 (OpenTTD before 1.0.1 allows remote attackers to cause a denial of ...)
+CVE-2010-0406
 	- openttd 1.0.1-1
 	[lenny] - openttd 0.6.2-1+lenny2
-CVE-2010-0405 (Integer overflow in the BZ2_decompress function in decompress.c in ...)
+CVE-2010-0405
 	{DSA-2112-1}
 	- bzip2 1.0.5-6
 	- clamav 0.96.3+dfsg-1
 	[lenny] - clamav <end-of-life> (No longer supported in Lenny)
-CVE-2010-0404 (Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before ...)
+CVE-2010-0404
 	{DSA-2046-1}
 	- phpgroupware 1:0.9.16.016+dfsg-1 (bug #584517)
-CVE-2010-0403 (Directory traversal vulnerability in about.php in phpGroupWare (phpgw) ...)
+CVE-2010-0403
 	{DSA-2046-1}
 	- phpgroupware 1:0.9.16.016+dfsg-1 (bug #584518)
-CVE-2010-0402 (OpenTTD before 1.0.1 does not properly validate index values of ...)
+CVE-2010-0402
 	- openttd 1.0.1-1
 	[lenny] - openttd 0.6.2-1+lenny2
-CVE-2010-0401 (OpenTTD before 1.0.1 accepts a company password for authentication in ...)
+CVE-2010-0401
 	- openttd 1.0.1-1
 	[lenny] - openttd 0.6.2-1+lenny2
-CVE-2010-0400 (SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows ...)
+CVE-2010-0400
 	{DSA-2030-1}
 	- mahara 1.2.4-1 (medium)
 CVE-2010-0399
@@ -12681,65 +12681,65 @@ CVE-2010-0399
 CVE-2010-0398 [autokey arbitrary file overwriting via symlinks]
 	RESERVED
 	- autokey 0.61.3-2
-CVE-2010-0397 (The xmlrpc extension in PHP 5.3.1 does not properly handle a missing ...)
+CVE-2010-0397
 	{DSA-2018-1}
 	- php5 5.3.2-1 (medium; bug #573573)
-CVE-2010-0396 (Directory traversal vulnerability in the dpkg-source component in dpkg ...)
+CVE-2010-0396
 	{DSA-2011-1}
 	- dpkg 1.15.6
-CVE-2010-0395 (OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote ...)
+CVE-2010-0395
 	{DSA-2055-1}
 	- openoffice.org 1:3.2.1-1 (low)
-CVE-2010-0394 (PyGIT.py in the Trac Git plugin (trac-git) before ...)
+CVE-2010-0394
 	{DSA-1990-2 DSA-1990-1}
 	- trac-git 0.0.20090320-1 (high; bug #567039)
-CVE-2010-0393 (The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS ...)
+CVE-2010-0393
 	{DSA-2007-1}
 	- cupsys <removed>
 	- cups 1.4.2-9.1
-CVE-2010-0392 (Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN ...)
+CVE-2010-0392
 	NOT-FOR-US: TheGreenBow IPSec VPN Client
-CVE-2010-0391 (Multiple stack-based buffer overflows in Embarcadero Technologies ...)
+CVE-2010-0391
 	NOT-FOR-US: InterBase SMP 2009 9.0.3.437
-CVE-2010-0390 (Unrestricted file upload vulnerability in maxImageUpload/index.php in ...)
+CVE-2010-0390
 	NOT-FOR-US: PHP F1 Max's Image Uploader
-CVE-2010-0389 (The admin server in Sun Java System Web Server 7.0 Update 6 allows ...)
+CVE-2010-0389
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0388 (Format string vulnerability in the WebDAV implementation in webservd ...)
+CVE-2010-0388
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0387 (Multiple heap-based buffer overflows in (1) webservd and (2) the admin ...)
+CVE-2010-0387
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0386 (The default configuration of Sun Java System Application Server 7 and ...)
+CVE-2010-0386
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2010-0385 (Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when ...)
+CVE-2010-0385
 	- tor 0.2.1.22-1 (low)
 	[lenny] - tor <not-affected> (only affects versions > 0.2.1.6-alpha)
 	NOTE: the CVE entry is wrong, only 0.2.1.6-alpha and up are affected
 	NOTE: confirmed with Tor developers, Lenny is not affected
-CVE-2010-0384 (Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory ...)
+CVE-2010-0384
 	- tor <not-affected> (only affects versions 0.2.2.x)
 	[lenny] - tor <not-affected> (only affects versions 0.2.2.x)
 	NOTE: does not appear to be a real vulnerability?
-CVE-2010-0383 (Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated ...)
+CVE-2010-0383
 	- tor 0.2.1.22-1 (medium)
 	[lenny] - tor 0.2.0.35-1~lenny2 (medium)
-CVE-2010-0382 (ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before ...)
+CVE-2010-0382
 	{DSA-2054-1}
 	- bind9 1:9.7.0.dfsg-1
-CVE-2010-0381 (SQL injection vulnerability in modules/arcade/index.php in PHP MySpace ...)
+CVE-2010-0381
 	NOT-FOR-US: PHP MySpace Gold Edition
-CVE-2010-0380 (install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows ...)
+CVE-2010-0380
 	NOT-FOR-US: JCE-Tech PHP Calendars
 CVE-2010-XXXX [gmetad incorrect file permissions]
 	- ganglia 3.1.2-3 (low; bug #567175)
-CVE-2010-0442 (The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL ...)
+CVE-2010-0442
 	{DSA-2051-1}
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
 	- postgresql-8.3 <removed> (low; bug #567058)
 	- postgresql-8.4 8.4.3-1
-CVE-2010-2444 (parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before ...)
+CVE-2010-2444
 	- maradns 1.4.03-1 (low; bug #584587)
 	[lenny] - maradns <no-dsa> (minor issue)
 	[etch] - maradns <not-affected> (vulnerable code introduced in 1.3.03)
@@ -12753,54 +12753,54 @@ CVE-2010-XXXX [backup-manager: make sure password is not written to world-readab
 	NOTE: checked in 0.7.9-1, but may have been fixed sooner
 CVE-2010-XXXX [sudosh3: many security weaknesses]
 	- sudosh3 <removed> (high; bug #566142)
-CVE-2010-0379 (Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX ...)
+CVE-2010-0379
 	NOT-FOR-US: Macromedia Flash ActiveX
-CVE-2010-0378 (Use-after-free vulnerability in Adobe Flash Player 6.0.79, as ...)
+CVE-2010-0378
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-0377 (SQL injection vulnerability in modules/arcade/index.php in PHP MySpace ...)
+CVE-2010-0377
 	NOT-FOR-US: PHP MySpace Gold Edition
-CVE-2010-0376 (Cross-site scripting (XSS) vulnerability in product_list.php in ...)
+CVE-2010-0376
 	NOT-FOR-US: JCE-Tech PHP Calendars
-CVE-2010-0375 (SQL injection vulnerability in product_list.php in JCE-Tech PHP ...)
+CVE-2010-0375
 	NOT-FOR-US: JCE-Tech PHP Calendars
-CVE-2010-0374 (Cross-site scripting (XSS) vulnerability in the Marketplace ...)
+CVE-2010-0374
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0373 (SQL injection vulnerability in the libros (com_libros) component for ...)
+CVE-2010-0373
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0372 (SQL injection vulnerability in the Articlemanager (com_articlemanager) ...)
+CVE-2010-0372
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0371 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2010-0371
 	NOT-FOR-US: Hitmaaan Gallery
-CVE-2010-0370 (Cross-site scripting (XSS) vulnerability in the Node Blocks module ...)
+CVE-2010-0370
 	NOT-FOR-US: Node Blocks module for Drupal
 CVE-2010-0369
 	RESERVED
 CVE-2010-0368
 	RESERVED
-CVE-2010-0367 (Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits ...)
+CVE-2010-0367
 	NOT-FOR-US: BitScripts Bits Video Script
-CVE-2010-0366 (Multiple unrestricted file upload vulnerabilities in (1) register.php ...)
+CVE-2010-0366
 	NOT-FOR-US: BitScripts Bits Video Script
-CVE-2010-0365 (Cross-site scripting (XSS) vulnerability in search.php in BitScripts ...)
+CVE-2010-0365
 	NOT-FOR-US: BitScripts Bits Video Script
-CVE-2010-0364 (Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows ...)
+CVE-2010-0364
 	- vlc 0.8.6.c-4.1 (low; bug #458318)
 	NOTE: subset of CVE-2007-6681
-CVE-2010-0363 (Cross-site scripting (XSS) vulnerability in Zeus Web Server before ...)
+CVE-2010-0363
 	NOT-FOR-US: Zeus Web Server
-CVE-2010-0362 (Zeus Web Server before 4.3r5 does not use random transaction IDs for ...)
+CVE-2010-0362
 	NOT-FOR-US: Zeus Web Server
-CVE-2010-0361 (Stack-based buffer overflow in the WebDAV implementation in webservd ...)
+CVE-2010-0361
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0360 (Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote ...)
+CVE-2010-0360
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0359 (Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 ...)
+CVE-2010-0359
 	NOT-FOR-US: Zeus Web Server
-CVE-2010-0358 (Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 ...)
+CVE-2010-0358
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2010-0357 (Cross-site scripting (XSS) vulnerability in the Login page in IBM ...)
+CVE-2010-0357
 	NOT-FOR-US: IBM Lotus Web Content Management
-CVE-2010-0356 (Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ...)
+CVE-2010-0356
 	NOT-FOR-US: ActiveX
 CVE-2010-0355
 	RESERVED
@@ -12812,7 +12812,7 @@ CVE-2010-0352
 	RESERVED
 CVE-2010-0351
 	RESERVED
-CVE-2010-1104 (Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, ...)
+CVE-2010-1104
 	- zope3 <removed> (low)
 	[lenny] - zope3 <no-dsa> (Minor issue)
 	- zope2.11 <removed>
@@ -12820,94 +12820,94 @@ CVE-2010-1104 (Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8
 	[lenny] - zope2.10 <no-dsa> (Minor issue)
 	- zope2.9 <removed>
 	NOTE: https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
-CVE-2010-0350 (Directory traversal vulnerability in the Photo Book (goof_fotoboek) ...)
+CVE-2010-0350
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0349 (Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 ...)
+CVE-2010-0349
 	NOT-FOR-US: WebCalenderC3
-CVE-2010-0348 (Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and ...)
+CVE-2010-0348
 	NOT-FOR-US: WebCalenderC3
-CVE-2010-0347 (Cross-site scripting (XSS) vulnerability in the VD / Geomap ...)
+CVE-2010-0347
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0346 (Cross-site scripting (XSS) vulnerability in the Tip many friends ...)
+CVE-2010-0346
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0345 (Cross-site scripting (XSS) vulnerability in the Majordomo extension ...)
+CVE-2010-0345
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0344 (SQL injection vulnerability in the zak_store_management extension ...)
+CVE-2010-0344
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0343 (SQL injection vulnerability in the Clan Users List (pb_clanlist) ...)
+CVE-2010-0343
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0342 (SQL injection vulnerability in the Reports for Job (job_reports) ...)
+CVE-2010-0342
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0341 (SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) ...)
+CVE-2010-0341
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0340 (SQL injection vulnerability in the MJS Event Pro (mjseventpro) ...)
+CVE-2010-0340
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0339 (SQL injection vulnerability in the User Links (vm19_userlinks) ...)
+CVE-2010-0339
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0338 (SQL injection vulnerability in the TT_Products editor (ttpedit) ...)
+CVE-2010-0338
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0337 (SQL injection vulnerability in the tt_news Mail alert ...)
+CVE-2010-0337
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0336 (Unspecified vulnerability in the kiddog_mysqldumper ...)
+CVE-2010-0336
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0335 (Cross-site scripting (XSS) vulnerability in the Vote rank for news ...)
+CVE-2010-0335
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0334 (SQL injection vulnerability in the Vote rank for news ...)
+CVE-2010-0334
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0333 (SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 ...)
+CVE-2010-0333
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0332 (SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) ...)
+CVE-2010-0332
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0331 (Cross-site scripting (XSS) vulnerability in the TV21 Talkshow ...)
+CVE-2010-0331
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0330 (SQL injection vulnerability in the Googlemaps for tt_news ...)
+CVE-2010-0330
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0329 (SQL injection vulnerability in the powermail extension 1.5.1 and ...)
+CVE-2010-0329
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0328 (Cross-site scripting (XSS) vulnerability in the Unit Converter ...)
+CVE-2010-0328
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0327 (Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox ...)
+CVE-2010-0327
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0326 (Cross-site scripting (XSS) vulnerability in the Developer log (devlog) ...)
+CVE-2010-0326
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0325 (Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) ...)
+CVE-2010-0325
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0324 (SQL injection vulnerability in the Customer Reference List (ref_list) ...)
+CVE-2010-0324
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0323 (Unspecified vulnerability in the Photo Book (goof_fotoboek) extension ...)
+CVE-2010-0323
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0322 (SQL injection vulnerability in the init function in MK-AnydropdownMenu ...)
+CVE-2010-0322
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0321 (Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit ...)
+CVE-2010-0321
 	NOT-FOR-US: Jamit Job Board 3.0
-CVE-2010-0320 (Cross-site scripting (XSS) vulnerability in submitlink.php in Glitter ...)
+CVE-2010-0320
 	NOT-FOR-US: Glitter Central Script
-CVE-2010-0319 (Cross-site scripting (XSS) vulnerability in index.php in Docmint 1.0 ...)
+CVE-2010-0319
 	NOT-FOR-US: Docmint
-CVE-2010-0318 (The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, ...)
+CVE-2010-0318
 	- kfreebsd-6 <not-affected> (vulnerable code introduced in freebsd 7)
 	- kfreebsd-7 7.2-10 (medium; bug #566684)
 	[lenny] - kfreebsd-7 <no-dsa> (kfreebsd not support in Lenny)
 	- kfreebsd-8 8.0-2 (medium)
-CVE-2010-0317 (Novell Netware 6.5 SP8 allows remote attackers to cause a denial of ...)
+CVE-2010-0317
 	NOT-FOR-US: Novell Netware
-CVE-2010-0316 (Integer overflow in Google SketchUp before 7.1 M2 allows remote ...)
+CVE-2010-0316
 	NOT-FOR-US: Google SketchUp
-CVE-2010-0315 (WebKit before r53607, as used in Google Chrome before 4.0.249.89, ...)
+CVE-2010-0315
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
-CVE-2010-0314 (Apple Safari allows remote attackers to discover a redirect's target ...)
+CVE-2010-0314
 	- webkit 1.1.90-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2010-0313 (The core_get_proxyauth_dn function in ns-slapd in Sun Java System ...)
+CVE-2010-0313
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2010-0312 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...)
+CVE-2010-0312
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-0311 (Unspecified vulnerability in Sun Java System Identity Manager (aka ...)
+CVE-2010-0311
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2010-0310 (Trusted Extensions in Sun Solaris 10 allows local users to gain ...)
+CVE-2010-0310
 	NOT-FOR-US: Trusted Extensions in Sun Solaris 10
 CVE-2010-XXXX [zend framework multiple issues]
 	- zendframework 1.9.7-1
@@ -12915,123 +12915,123 @@ CVE-2010-XXXX [zend framework multiple issues]
 CVE-2010-XXXX [ZF2010-07]
 	- zendframework 1.10.3-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2010-07
-CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer (PIT) ...)
+CVE-2010-0309
 	{DSA-2010-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=336f40a728b9a4a5db5e1df5c89852c79ff95604
-CVE-2010-0308 (lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through ...)
+CVE-2010-0308
 	{DSA-1991-1}
 	- squid 2.7.STABLE8-1
 	- squid3 3.1.0.16-1 (bug #575747)
-CVE-2010-0307 (The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel ...)
+CVE-2010-0307
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
-CVE-2010-0306 (The x86 emulator in KVM 83, when a guest is configured for Symmetric ...)
+CVE-2010-0306
 	{DSA-2010-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
-CVE-2010-0305 (ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to ...)
+CVE-2010-0305
 	{DSA-2033-1}
 	- ejabberd 2.1.2-2 (medium; bug #568383)
 	NOTE: https://support.process-one.net/browse/EJAB-1173
-CVE-2010-0304 (Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 ...)
+CVE-2010-0304
 	{DSA-1983-1}
 	- wireshark 1.2.6-1
-CVE-2010-0303 (mystring.c in hybserv in IRCD-Hybrid (aka Hybrid2 IRC Services) 1.9.2 ...)
+CVE-2010-0303
 	{DSA-1982-1}
 	- hybserv 1.9.2-4.1 (low; bug #550389)
-CVE-2010-0302 (Use-after-free vulnerability in the abstract file-descriptor handling ...)
+CVE-2010-0302
 	- cups 1.4.2-10 (bug #572940)
 	[lenny] - cups 1.3.8-1+lenny9
 	- cupsys <not-affected> (vulnerable code introduced in 1.3.x)
 	NOTE: This is for an incomplete fix for CVE-2009-3553
-CVE-2010-0301 (main.C in maildrop 2.3.0 and earlier, when run by root with the -d ...)
+CVE-2010-0301
 	{DSA-1981-1}
 	- maildrop 2.2.0-3.1 (low; bug #564601)
-CVE-2010-0300 (cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a ...)
+CVE-2010-0300
 	{DSA-1980-1}
 	- ircd-ratbox 3.0.6.dfsg-1 (low; bug #567191)
 	- ircd-hybrid 1:7.2.2.dfsg.2-6.1 (low)
-CVE-2010-0299 (openSUSE 11.2 installs the devtmpfs root directory with insecure ...)
+CVE-2010-0299
 	- linux-2.6 2.6.32-6
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
-CVE-2010-0298 (The x86 emulator in KVM 83 does not use the Current Privilege Level ...)
+CVE-2010-0298
 	{DSA-2010-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
-CVE-2010-0297 (Buffer overflow in the usb_host_handle_control function in the USB ...)
+CVE-2010-0297
 	- qemu-kvm 0.11.1+dfsg-1
 	- kvm <removed> (low)
 	[lenny] - kvm <no-dsa> (minor issue)
-CVE-2010-0296 (The encode_name macro in misc/mntent_r.c in the GNU C Library (aka ...)
+CVE-2010-0296
 	{DSA-2058-1}
 	- glibc 2.11-1 (bug #583908)
 	- eglibc 2.11-1
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ab00f4eac8f4932211259ff87be83144f5211540
-CVE-2010-0295 (lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read ...)
+CVE-2010-0295
 	{DSA-1987-1}
 	- lighttpd 1.4.26-1 (medium)
-CVE-2010-0294 (chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a ...)
+CVE-2010-0294
 	{DSA-1992-1}
 	- chrony 1.23-7 (low)
-CVE-2010-0293 (The client logging functionality in chronyd in Chrony before 1.23.1 ...)
+CVE-2010-0293
 	{DSA-1992-1}
 	- chrony 1.23-7 (low)
-CVE-2010-0292 (The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony ...)
+CVE-2010-0292
 	{DSA-1992-1}
 	- chrony 1.23-7 (medium)
-CVE-2010-0291 (The Linux kernel before 2.6.32.4 allows local users to gain privileges ...)
+CVE-2010-0291
 	{DSA-2005-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6
-CVE-2010-0290 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before ...)
+CVE-2010-0290
 	{DSA-2054-1}
 	- bind9 1:9.7.0.dfsg-1 (medium)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=554851#c7
-CVE-2010-0289 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL ...)
+CVE-2010-0289
 	{DSA-1976-1}
 	- dokuwiki 0.0.20090214b-3.1 (low)
 	[etch] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: http://secunia.com/advisories/38205/
-CVE-2010-0288 (A typo in the administrator permission check in the ACL Manager plugin ...)
+CVE-2010-0288
 	{DSA-1976-1}
 	- dokuwiki 0.0.20090214b-3.1 (medium; bug #565406)
 	[etch] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: http://bugs.splitbrain.org/index.php?do=details&task_id=1847
 	NOTE: issue being exploited
-CVE-2010-0287 (Directory traversal vulnerability in the ACL Manager plugin ...)
+CVE-2010-0287
 	{DSA-1976-1}
 	- dokuwiki 0.0.20090214b-3.1 (low)
 	[etch] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: http://secunia.com/advisories/38205/
-CVE-2010-0286 (Unspecified vulnerability in the OpenID Identity Authentication ...)
+CVE-2010-0286
 	- typo3-src 4.3.1-1 (bug #567163)
 	[lenny] - typo3-src <not-affected> (Only affects 4.3.x)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
-CVE-2010-0285 (gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the ...)
+CVE-2010-0285
 	- gnome-screensaver 2.28.3-1 (low)
 	[lenny] - gnome-screensaver <no-dsa> (Minor issue)
 	NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616
-CVE-2010-0284 (Directory traversal vulnerability in the getEntry method in the ...)
+CVE-2010-0284
 	NOT-FOR-US: Novell Access Manager
-CVE-2010-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 ...)
+CVE-2010-0283
 	- krb5 1.8+dfsg~alpha1-7
 	[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.7)
 CVE-2010-0282
 	RESERVED
 CVE-2010-0281
 	RESERVED
-CVE-2010-0280 (Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in ...)
+CVE-2010-0280
 	- lib3ds 1.3.0-5 (low; bug #575741)
 	[lenny] - lib3ds <no-dsa> (Minor issue)
 	[etch] - lib3ds <no-dsa> (Minor issue)
@@ -13042,157 +13042,157 @@ CVE-2010-0280 (Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in
 	NOTE: issue was published saying it affects google sketchup,
 	NOTE: but the vulnerable code is in lib3ds
 	NOTE: http://code.google.com/p/lib3ds/issues/detail?id=9
-CVE-2010-0279 (Unrestricted file upload vulnerability in upload.php in BTS-GI Read ...)
+CVE-2010-0279
 	NOT-FOR-US: BTS-GI Read excel
-CVE-2010-0278 (A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft ...)
+CVE-2010-0278
 	NOT-FOR-US: ActiveX
-CVE-2010-0277 (slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, ...)
+CVE-2010-0277
 	{DSA-2038-1}
 	- pidgin 2.6.6-1 (low; bug #566775)
 	- gaim <removed> (low)
 	[lenny] - gaim <not-affected> (gaim is a transitional dummy package only)
 	- qutecom 2.2~rc3.hg396~dfsg1-6 (low; bug #572946)
-CVE-2010-0276 (IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for ...)
+CVE-2010-0276
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2010-0275 (Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) ...)
+CVE-2010-0275
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2010-0274 (Unspecified vulnerability in the Edit Contact scene in Ultra-light ...)
+CVE-2010-0274
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2010-0273 (Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 ...)
+CVE-2010-0273
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0272 (Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 ...)
+CVE-2010-0272
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0271 (hald in Sun OpenSolaris snv_51 through snv_130 does not have the ...)
+CVE-2010-0271
 	NOT-FOR-US: hald in Sun OpenSolaris
-CVE-2010-0270 (The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does ...)
+CVE-2010-0270
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0269 (The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, ...)
+CVE-2010-0269
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0268 (Unspecified vulnerability in the Windows Media Player ActiveX control ...)
+CVE-2010-0268
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0267 (Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle ...)
+CVE-2010-0267
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0266 (Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does ...)
+CVE-2010-0266
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0265 (Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, ...)
+CVE-2010-0265
 	NOT-FOR-US: Microsoft Windows Movie Maker
-CVE-2010-0264 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and ...)
+CVE-2010-0264
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0263 (Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML ...)
+CVE-2010-0263
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0262 (Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not ...)
+CVE-2010-0262
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0261 (Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 ...)
+CVE-2010-0261
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0260 (Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; ...)
+CVE-2010-0260
 	NOT-FOR-US: Microsoft Office
 CVE-2010-0259
 	REJECTED
-CVE-2010-0258 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+CVE-2010-0258
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0257 (Microsoft Office Excel 2002 SP3 does not properly parse the Excel file ...)
+CVE-2010-0257
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0256 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does ...)
+CVE-2010-0256
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0255 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not ...)
+CVE-2010-0255
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0254 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does ...)
+CVE-2010-0254
 	NOT-FOR-US: Microsoft Office
 CVE-2010-0253
 	REJECTED
-CVE-2010-0252 (The Microsoft Data Analyzer ActiveX control (aka the Office Excel ...)
+CVE-2010-0252
 	NOT-FOR-US: Microsoft Data Analyzer ActiveX control
 CVE-2010-0251
 	REJECTED
-CVE-2010-0250 (Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used ...)
+CVE-2010-0250
 	NOT-FOR-US: Microsoft DirectX
-CVE-2010-0249 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, ...)
+CVE-2010-0249
 	NOT-FOR-US: Microsoft
-CVE-2010-0248 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly ...)
+CVE-2010-0248
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0247 (Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly ...)
+CVE-2010-0247
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0246 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2010-0246
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0245 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2010-0245
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0244 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly ...)
+CVE-2010-0244
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0243 (Buffer overflow in MSO.DLL in Microsoft Office XP SP3 and Office 2004 ...)
+CVE-2010-0243
 	NOT-FOR-US: Microsoft Office XP
-CVE-2010-0242 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and ...)
+CVE-2010-0242
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0241 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and ...)
+CVE-2010-0241
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0240 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and ...)
+CVE-2010-0240
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0239 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and ...)
+CVE-2010-0239
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0238 (Unspecified vulnerability in registry-key validation in the kernel in ...)
+CVE-2010-0238
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0237 (The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows ...)
+CVE-2010-0237
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0236 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2010-0236
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0235 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2010-0235
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0234 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
+CVE-2010-0234
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0233 (Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
+CVE-2010-0233
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0232 (The kernel in Microsoft Windows NT 3.1 through Windows 7, including ...)
+CVE-2010-0232
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0231 (The SMB implementation in the Server service in Microsoft Windows 2000 ...)
+CVE-2010-0231
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0230 (SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures ...)
+CVE-2010-0230
 	- postfix <not-affected> (SUSE-specific packaging issue)
-CVE-2010-0229 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash ...)
+CVE-2010-0229
 	NOT-FOR-US: Verbatim Corporate Secure
-CVE-2010-0228 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash ...)
+CVE-2010-0228
 	NOT-FOR-US: Verbatim Corporate Secure
-CVE-2010-0227 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash ...)
+CVE-2010-0227
 	NOT-FOR-US: Verbatim Corporate Secure
-CVE-2010-0226 (SanDisk Cruzer Enterprise USB flash drives do not prevent password ...)
+CVE-2010-0226
 	NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
-CVE-2010-0225 (SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for ...)
+CVE-2010-0225
 	NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
-CVE-2010-0224 (SanDisk Cruzer Enterprise USB flash drives validate passwords with a ...)
+CVE-2010-0224
 	NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
-CVE-2010-0223 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
+CVE-2010-0223
 	NOT-FOR-US: Kingston USB flash drives
-CVE-2010-0222 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
+CVE-2010-0222
 	NOT-FOR-US: Kingston USB flash drives
-CVE-2010-0221 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
+CVE-2010-0221
 	NOT-FOR-US: Kingston USB flash drives
-CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...)
+CVE-2010-0220
 	- xulrunner <unfixed> (unimportant)
 	NOTE: browser DoS not treated as security issue
-CVE-2010-0219 (Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects ...)
+CVE-2010-0219
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ...)
+CVE-2010-0218
 	- bind9 <not-affected> (Only affects 9.7.2, which is not yet in the archive)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
 	NOTE: ACL bypass claimed to only affect >=9.7.2: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
-CVE-2010-0217 (Zeacom Chat Server before 5.1 uses too short a random string for the ...)
+CVE-2010-0217
 	NOT-FOR-US: Zeacom Chat Server
-CVE-2010-0216 (authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows ...)
+CVE-2010-0216
 	NOT-FOR-US: MediaCAST
-CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass ...)
+CVE-2010-0215
 	NOT-FOR-US: ActiveCollab
-CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with ...)
+CVE-2010-0214
 	NOT-FOR-US: PolyVision RoomWizard
-CVE-2010-0213 (BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a ...)
+CVE-2010-0213
 	- bind9 9.7.1.dfsg.P2
 	[lenny] - bind9 <not-affected> (vulnerability introduced in 9.7.1)
-CVE-2010-0212 (OpenLDAP 2.4.22 allows remote attackers to cause a denial of service ...)
+CVE-2010-0212
 	{DSA-2077-1}
 	- openldap 2.4.23-1
-CVE-2010-0211 (The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not ...)
+CVE-2010-0211
 	{DSA-2077-1}
 	- openldap 2.4.23-1
 CVE-2010-0210
 	RESERVED
-CVE-2010-0209 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and ...)
+CVE-2010-0209
 	NOT-FOR-US: Adobe Flash Plugin
 CVE-2010-0208
 	RESERVED
@@ -13211,60 +13211,60 @@ CVE-2010-0206 [xpdf: Invalid pointer dereference by processing JBIG2 PDF stream
 	- poppler 0.16.3-1 (unimportant)
 	[squeeze] - poppler 0.12.4-1.2+squeeze1
 	NOTE: Just a crasher, not treated as a security issue
-CVE-2010-0205 (The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before ...)
+CVE-2010-0205
 	{DSA-2032-1}
 	- libpng 1.2.43-1 (low; bug #572308)
 	NOTE: http://www.kb.cert.org/vuls/id/576029
-CVE-2010-0204 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on ...)
+CVE-2010-0204
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0203 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x ...)
+CVE-2010-0203
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0202 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x ...)
+CVE-2010-0202
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0201 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on ...)
+CVE-2010-0201
 	NOT-FOR-US: Adobe Reader
 CVE-2010-0200
 	REJECTED
-CVE-2010-0199 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x ...)
+CVE-2010-0199
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0198 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x ...)
+CVE-2010-0198
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0197 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on ...)
+CVE-2010-0197
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0196 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before ...)
+CVE-2010-0196
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0195 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on ...)
+CVE-2010-0195
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0194 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on ...)
+CVE-2010-0194
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0193 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before ...)
+CVE-2010-0193
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0192 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before ...)
+CVE-2010-0192
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0191 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on ...)
+CVE-2010-0191
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0190 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
+CVE-2010-0190
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0189 (A certain ActiveX control in NOS Microsystems getPlus Download Manager ...)
+CVE-2010-0189
 	NOT-FOR-US: Adobe Download Manager
-CVE-2010-0188 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 ...)
+CVE-2010-0188
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0187 (Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 ...)
+CVE-2010-0187
 	NOT-FOR-US: Adobe Flash plugin
-CVE-2010-0186 (Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, ...)
+CVE-2010-0186
 	NOT-FOR-US: Adobe Flash plugin
-CVE-2010-0185 (The default configuration of Adobe ColdFusion 9.0 does not restrict ...)
+CVE-2010-0185
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-0184 (The (1) domainutility and (2) domainutilitycmd components in TIBCO ...)
+CVE-2010-0184
 	NOT-FOR-US: TIBCO Domain Utility in TIBCO Runtime Agent
-CVE-2010-0183 (Use-after-free vulnerability in the nsCycleCollector::MarkRoots ...)
+CVE-2010-0183
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0182 (The XMLDocument::load function in Mozilla Firefox before 3.5.9 and ...)
+CVE-2010-0182
 	{DSA-2075-1}
 	- xulrunner 1.9.1.9-1 (low)
 	[lenny] - xulrunner <no-dsa> (Minor issue, no upstream fix for 3.0 series)
@@ -13274,36 +13274,36 @@ CVE-2010-0182 (The XMLDocument::load function in Mozilla Firefox before 3.5.9 an
 	- icedove 3.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - icedove <end-of-life>
-CVE-2010-0181 (Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey ...)
+CVE-2010-0181
 	- xulrunner 1.9.1.9-1 (unimportant)
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0180 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when ...)
+CVE-2010-0180
 	- bugzilla <not-affected> (Only affects 3.5 to 3.7)
-CVE-2010-0179 (Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey ...)
+CVE-2010-0179
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0178 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before ...)
+CVE-2010-0178
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0177 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before ...)
+CVE-2010-0177
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0176 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before ...)
+CVE-2010-0176
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
@@ -13312,7 +13312,7 @@ CVE-2010-0176 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x befo
 	- icedove 3.0.4-1
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0175 (Use-after-free vulnerability in the nsTreeSelection implementation in ...)
+CVE-2010-0175
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
@@ -13321,7 +13321,7 @@ CVE-2010-0175 (Use-after-free vulnerability in the nsTreeSelection implementatio
 	- icedove 3.0.4-1
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0174 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-0174
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
@@ -13330,7 +13330,7 @@ CVE-2010-0174 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- icedove 3.0.4-1
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0173 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2010-0173
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
@@ -13339,11 +13339,11 @@ CVE-2010-0173 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.5)
-CVE-2010-0172 (toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the ...)
+CVE-2010-0172
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0171 (Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x ...)
+CVE-2010-0171
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceweasel 3.5.11-2
@@ -13352,11 +13352,11 @@ CVE-2010-0171 (Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-0170 (Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected ...)
+CVE-2010-0170
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0169 (The CSSLoaderImpl::DoSheetComplete function in ...)
+CVE-2010-0169
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceape 2.0.3-1
@@ -13365,11 +13365,11 @@ CVE-2010-0169 (The CSSLoaderImpl::DoSheetComplete function in ...)
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-0168 (The nsDocument::MaybePreLoadImage function in ...)
+CVE-2010-0168
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0167 (The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x ...)
+CVE-2010-0167
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceweasel 3.5.11-2
@@ -13378,22 +13378,22 @@ CVE-2010-0167 (The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-0166 (The gfxTextRun::SanitizeGlyphRuns function in ...)
+CVE-2010-0166
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0165 (The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp ...)
+CVE-2010-0165
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0164 (Use-after-free vulnerability in the ...)
+CVE-2010-0164
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0163 (Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 ...)
+CVE-2010-0163
 	{DSA-2025-1}
 	- icedove 3.0.4-1 (medium)
-CVE-2010-0162 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and ...)
+CVE-2010-0162
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceweasel 3.5.11-2
@@ -13401,11 +13401,11 @@ CVE-2010-0162 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and .
 	[etch] - xulrunner <end-of-life>
 	- iceape 2.0.3-1
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
-CVE-2010-0161 (The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in ...)
+CVE-2010-0161
 	- xulrunner <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2010-0160 (The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 ...)
+CVE-2010-0160
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <not-affected> (web workers introduced in gecko 1.9.1)
 	[lenny] - xulrunner <not-affected> (web workers introduced in gecko 1.9.1)
@@ -13414,7 +13414,7 @@ CVE-2010-0160 (The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.
 	- iceape 2.0.3-1
 	[etch] - iceape <not-affected> (web workers introduced in gecko 1.9.1)
 	[lenny] - iceape <not-affected> (web workers introduced in gecko 1.9.1)
-CVE-2010-0159 (The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x ...)
+CVE-2010-0159
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
@@ -13424,402 +13424,402 @@ CVE-2010-0159 (The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-0158 (** DISPUTED ** ...)
+CVE-2010-0158
 	NOT-FOR-US: JoomlaBamboo (JB) Simpla Admin template
-CVE-2010-0157 (Directory traversal vulnerability in the Bible Study (com_biblestudy) ...)
+CVE-2010-0157
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0156 (Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local ...)
+CVE-2010-0156
 	- puppet 0.25.4-2
 	[lenny] - puppet <no-dsa> (Minor issue)
-CVE-2010-0155 (CRLF injection vulnerability in load.php in the Local Management ...)
+CVE-2010-0155
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0154 (Directory traversal vulnerability in sla/index.php in the Local ...)
+CVE-2010-0154
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0153 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2010-0153
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0152 (Multiple cross-site scripting (XSS) vulnerabilities in the Local ...)
+CVE-2010-0152
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0151 (The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used ...)
+CVE-2010-0151
 	NOT-FOR-US: Cisco
-CVE-2010-0150 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2010-0150
 	NOT-FOR-US: Cisco
-CVE-2010-0149 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
+CVE-2010-0149
 	NOT-FOR-US: Cisco
-CVE-2010-0148 (Unspecified vulnerability in Cisco Security Agent 5.2 before ...)
+CVE-2010-0148
 	NOT-FOR-US: Cisco Security Agent
-CVE-2010-0147 (SQL injection vulnerability in the Management Center for Cisco ...)
+CVE-2010-0147
 	NOT-FOR-US: Cisco
-CVE-2010-0146 (Directory traversal vulnerability in the Management Center for Cisco ...)
+CVE-2010-0146
 	NOT-FOR-US: Cisco
-CVE-2010-0145 (Unspecified vulnerability in the embedded HTTPS server on the Cisco ...)
+CVE-2010-0145
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2010-0144 (Unspecified vulnerability in the WebSafe DistributorServlet in the ...)
+CVE-2010-0144
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2010-0143 (Unspecified vulnerability in the administrative interface in the ...)
+CVE-2010-0143
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2010-0142 (MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly ...)
+CVE-2010-0142
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0141 (MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly ...)
+CVE-2010-0141
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0140 (Multiple unspecified vulnerabilities in the web server in Cisco ...)
+CVE-2010-0140
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0139 (Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before ...)
+CVE-2010-0139
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0138 (Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor ...)
+CVE-2010-0138
 	NOT-FOR-US: Cisco CiscoWorks Internetwork Performance Monitor
-CVE-2010-0137 (Unspecified vulnerability in the sshd_child_handler process in the SSH ...)
+CVE-2010-0137
 	NOT-FOR-US: Cisco IOS XR
-CVE-2010-0136 (OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce ...)
+CVE-2010-0136
 	{DSA-1995-1}
 	- openoffice.org 1:3.1.1-11
-CVE-2010-0135 (Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), ...)
+CVE-2010-0135
 	NOT-FOR-US: WordPerfect reader on Windows
-CVE-2010-0134 (Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and ...)
+CVE-2010-0134
 	NOT-FOR-US: Autonomy KeyView
-CVE-2010-0133 (Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 ...)
+CVE-2010-0133
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-0132 (Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 ...)
+CVE-2010-0132
 	- viewvc 1.1.5-1 (bug #576307)
-CVE-2010-0131 (Stack-based buffer overflow in the SpreadSheet Lotus 123 reader ...)
+CVE-2010-0131
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-0130 (Integer overflow in Adobe Shockwave Player before 11.5.7.609 might ...)
+CVE-2010-0130
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0129 (Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 ...)
+CVE-2010-0129
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0128 (Integer signedness error in dirapi.dll in Adobe Shockwave Player ...)
+CVE-2010-0128
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ...)
+CVE-2010-0127
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...)
+CVE-2010-0126
 	NOT-FOR-US: Autonomy KeyView
-CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
+CVE-2010-0125
 	NOT-FOR-US: RealPlayer
-CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...)
+CVE-2010-0124
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...)
+CVE-2010-0123
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...)
+CVE-2010-0122
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+CVE-2010-0121
 	NOT-FOR-US: RealPlayer
-CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2010-0120
 	NOT-FOR-US: RealPlayer
-CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, ...)
+CVE-2010-0119
 	NOT-FOR-US: Bournal
-CVE-2010-0118 (Bournal before 1.4.1 allows local users to overwrite arbitrary files ...)
+CVE-2010-0118
 	NOT-FOR-US: Bournal
-CVE-2010-0117 (RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 ...)
+CVE-2010-0117
 	NOT-FOR-US: RealPlayer
-CVE-2010-0116 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and ...)
+CVE-2010-0116
 	NOT-FOR-US: RealPlayer
-CVE-2010-0115 (SQL injection vulnerability in login.php in the GUI management console ...)
+CVE-2010-0115
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2010-0114 (fw_charts.php in the reporting module in the Manager (aka SEPM) ...)
+CVE-2010-0114
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
+CVE-2010-0113
 	NOT-FOR-US: Symantec Norton Mobile Security application 1.0
-CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
+CVE-2010-0112
 	NOT-FOR-US: Symantec IM Manager
-CVE-2010-0111 (HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel ...)
+CVE-2010-0111
 	NOT-FOR-US: Symantec Intel Alert Handler
-CVE-2010-0110 (Multiple stack-based buffer overflows in Intel Alert Management System ...)
+CVE-2010-0110
 	NOT-FOR-US: Symantec Intel Alert Handler
-CVE-2010-0109 (DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 ...)
+CVE-2010-0109
 	NOT-FOR-US: Symantec
-CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the ...)
+CVE-2010-0108
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2010-0107 (Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 ...)
+CVE-2010-0107
 	NOT-FOR-US: Symantec
-CVE-2010-0106 (The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before ...)
+CVE-2010-0106
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2010-0105 (The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before ...)
+CVE-2010-0105
 	NOT-FOR-US: Apple hfs implementation
-CVE-2010-0104 (Unspecified vulnerability in the Broadcom Integrated NIC Management ...)
+CVE-2010-0104
 	NOT-FOR-US: Broadcom Integrated NIC Management Firmware
-CVE-2010-0103 (UsbCharger.dll in the Energizer DUO USB battery charger software ...)
+CVE-2010-0103
 	NOT-FOR-US: Energizer DUO USB Battery Charger Software
 CVE-2010-0102
 	RESERVED
-CVE-2010-0101 (The embedded HTTP server in multiple Lexmark laser and inkjet printers ...)
+CVE-2010-0101
 	NOT-FOR-US: Lexmark printers and MarkNet devices
 CVE-2010-0100
 	RESERVED
 CVE-2010-0099
 	REJECTED
-CVE-2010-0098 (ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z ...)
+CVE-2010-0098
 	- clamav 0.96+dfsg-1
 	[lenny] - clamav <end-of-life> (No longer supported in Lenny)
-CVE-2010-0097 (ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before ...)
+CVE-2010-0097
 	{DSA-2054-1}
 	- bind9 1:9.7.0.dfsg-1
 CVE-2010-0096
 	RESERVED
-CVE-2010-0095 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0095
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0094 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0094
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0093 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0093
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0092 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0092
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0091 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0091
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0090 (Unspecified vulnerability in the Java Web Start, Java Plug-in ...)
+CVE-2010-0090
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0089 (Unspecified vulnerability in the Java Web Start, Java Plug-in ...)
+CVE-2010-0089
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0088 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0088
 	- openjdk-6 6b18-1.8-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0087 (Unspecified vulnerability in the Java Web Start, Java Plug-in ...)
+CVE-2010-0087
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0086 (Unspecified vulnerability in the Portal component in Oracle Fusion ...)
+CVE-2010-0086
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0085 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0085
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0084 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2010-0084
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0083 (Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows ...)
+CVE-2010-0083
 	NOT-FOR-US: Solaris
-CVE-2010-0082 (Unspecified vulnerability in the HotSpot Server component in Oracle ...)
+CVE-2010-0082
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0081 (Unspecified vulnerability in the Application Server Control component ...)
+CVE-2010-0081
 	NOT-FOR-US: Oracle Fusion
-CVE-2010-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile ...)
+CVE-2010-0080
 	NOT-FOR-US: PeopleSoft Enterprise HCM
-CVE-2010-0079 (Multiple vulnerabilities in the JRockit component in BEA Product Suite ...)
+CVE-2010-0079
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0078 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2010-0078
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0077 (Unspecified vulnerability in the CRM Technical Foundation (mobile) ...)
+CVE-2010-0077
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0076 (Unspecified vulnerability in the Application Express Application ...)
+CVE-2010-0076
 	NOT-FOR-US: Oracle Database
-CVE-2010-0075 (Unspecified vulnerability in the Oracle HRMS (Self Service) component ...)
+CVE-2010-0075
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0074 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2010-0074
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0073 (Unspecified vulnerability in the WebLogic Server in Oracle WebLogic ...)
+CVE-2010-0073
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2010-0072 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2010-0072
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2010-0071 (Unspecified vulnerability in the Listener component in Oracle Database ...)
+CVE-2010-0071
 	NOT-FOR-US: Oracle Database
-CVE-2010-0070 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2010-0070
 	NOT-FOR-US: Oracle Application Server
-CVE-2010-0069 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2010-0069
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0068 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+CVE-2010-0068
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0067 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2010-0067
 	NOT-FOR-US: Oracle Application Server
-CVE-2010-0066 (Unspecified vulnerability in the Access Manager Identity Server ...)
+CVE-2010-0066
 	NOT-FOR-US: Oracle Application Server
-CVE-2010-0065 (Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted ...)
+CVE-2010-0065
 	NOT-FOR-US: Apple Disk Images
-CVE-2010-0064 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ...)
+CVE-2010-0064
 	NOT-FOR-US: Apple DesktopServices
-CVE-2010-0063 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X ...)
+CVE-2010-0063
 	NOT-FOR-US: Apple CoreTypes
-CVE-2010-0062 (Heap-based buffer overflow in quicktime.qts in CoreMedia and QuickTime ...)
+CVE-2010-0062
 	NOT-FOR-US: Apple QuickTime
 CVE-2010-0061
 	RESERVED
-CVE-2010-0060 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+CVE-2010-0060
 	NOT-FOR-US: Apple CoreAudio
-CVE-2010-0059 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+CVE-2010-0059
 	NOT-FOR-US: Apple CoreAudio
-CVE-2010-0058 (freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update ...)
+CVE-2010-0058
 	- clamav <not-affected> (apple-specific configuration issue)
-CVE-2010-0057 (AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest use ...)
+CVE-2010-0057
 	NOT-FOR-US: Apple AFP Server
-CVE-2010-0056 (Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X ...)
+CVE-2010-0056
 	NOT-FOR-US: Apple AppKit
-CVE-2010-0055 (xar in Apple Mac OS X 10.5.8 does not properly validate package ...)
+CVE-2010-0055
 	- xar <removed> (bug #572556)
 	[lenny] - xar <no-dsa> (Minor issue)
-CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+CVE-2010-0054
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/53812
 	NOTE: http://trac.webkit.org/changeset/53813
 	NOTE: http://trac.webkit.org/changeset/54242
-CVE-2010-0053 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+CVE-2010-0053
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/50466
-CVE-2010-0052 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+CVE-2010-0052
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/51877
-CVE-2010-0051 (WebKit in Apple Safari before 4.0.5 does not properly validate the ...)
+CVE-2010-0051
 	NOTE: http://trac.webkit.org/changeset/52784
 	NOTE: duplicate of CVE-2010-0651
-CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+CVE-2010-0050
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/52073
-CVE-2010-0049 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+CVE-2010-0049
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/52527
-CVE-2010-0048 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+CVE-2010-0048
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/51962
-CVE-2010-0047 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+CVE-2010-0047
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/50698
-CVE-2010-0046 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...)
+CVE-2010-0046
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/51727
-CVE-2010-0045 (Apple Safari before 4.0.5 on Windows does not properly validate ...)
+CVE-2010-0045
 	NOT-FOR-US: Apple Safari
-CVE-2010-0044 (PubSub in Apple Safari before 4.0.5 does not properly implement use of ...)
+CVE-2010-0044
 	NOT-FOR-US: Apple PubSub
 	NOTE: apple's pubsub is rss-oriented and all debian packages with pubsub
 	NOTE: components are not; hence this is very likely an issue specifically with
 	NOTE: their own code, or their wrapper code around another PubSub library
-CVE-2010-0043 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows ...)
+CVE-2010-0043
 	NOT-FOR-US: Apple Safari
-CVE-2010-0042 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows ...)
+CVE-2010-0042
 	NOT-FOR-US: Apple Safari
-CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows ...)
+CVE-2010-0041
 	NOT-FOR-US: Apple Safari
-CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, ...)
+CVE-2010-0040
 	NOT-FOR-US: Apple Safari
-CVE-2010-0039 (The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort ...)
+CVE-2010-0039
 	NOT-FOR-US: Apple
-CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for ...)
+CVE-2010-0038
 	NOT-FOR-US: Apple iPhone OS
-CVE-2010-0037 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 ...)
+CVE-2010-0037
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0036 (Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 ...)
+CVE-2010-0036
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0035 (The Key Distribution Center (KDC) in Kerberos in Microsoft Windows ...)
+CVE-2010-0035
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0034 (Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 ...)
+CVE-2010-0034
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0033 (Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 ...)
+CVE-2010-0033
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0032 (Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 ...)
+CVE-2010-0032
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0031 (Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 ...)
+CVE-2010-0031
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0030 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and ...)
+CVE-2010-0030
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0029 (Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote ...)
+CVE-2010-0029
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0028 (Integer overflow in Microsoft Paint in Windows 2000 SP4, XP SP2 and ...)
+CVE-2010-0028
 	NOT-FOR-US: Microsoft Paint
-CVE-2010-0027 (The URL validation functionality in Microsoft Internet Explorer 5.01, ...)
+CVE-2010-0027
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0026 (The Hyper-V server implementation in Microsoft Windows Server 2008 ...)
+CVE-2010-0026
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2010-0025 (The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
+CVE-2010-0025
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0024 (The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
+CVE-2010-0024
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0023 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000 ...)
+CVE-2010-0023
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0022 (The SMB implementation in the Server service in Microsoft Windows 2000 ...)
+CVE-2010-0022
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0021 (Multiple race conditions in the SMB implementation in the Server ...)
+CVE-2010-0021
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0020 (The SMB implementation in the Server service in Microsoft Windows 2000 ...)
+CVE-2010-0020
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0019 (Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before ...)
+CVE-2010-0019
 	NOT-FOR-US: Microsoft Silverlight on Windows
-CVE-2010-0018 (Integer overflow in the Embedded OpenType (EOT) Font Engine ...)
+CVE-2010-0018
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0017 (Race condition in the SMB client implementation in Microsoft Windows ...)
+CVE-2010-0017
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2010-0016 (The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 ...)
+CVE-2010-0016
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0015 (nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 ...)
+CVE-2010-0015
 	{DSA-1973-1}
 	- eglibc 2.10.2-4 (medium; bug #560333)
 	- glibc 2.10.2-4 (medium)
-CVE-2010-0014 (System Security Services Daemon (SSSD) before 1.0.1, when the krb5 ...)
+CVE-2010-0014
 	- sssd 1.0.5-1
-CVE-2010-0013 (Directory traversal vulnerability in slp.c in the MSN protocol plugin ...)
+CVE-2010-0013
 	- pidgin 2.6.5-1 (medium; bug #563206)
 	[lenny] - pidgin <not-affected> (vulnerable code not present)
 	- gaim <not-affected> (vulnerable code not present)
 	NOTE: http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf
-CVE-2010-0012 (Directory traversal vulnerability in libtransmission/metainfo.c in ...)
+CVE-2010-0012
 	{DSA-1967-1}
 	- transmission 1.77-1 (low)
 	NOTE: http://trac.transmissionbt.com/changeset/9829/
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/transmission/+bug/500625
-CVE-2010-0011 (The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes ...)
+CVE-2010-0011
 	- uzbl 0.0.0~git.20100105-1 (medium)
 	NOTE: http://www.uzbl.org/news.php?id=22
 	NOTE: maintainer is aware of it
-CVE-2010-0010 (Integer overflow in the ap_proxy_send_fb function in ...)
+CVE-2010-0010
 	- apache <removed> (low)
 	NOTE: Exploitability is fairly limited: Can only be exploited by a malicious server,
 	NOTE: not by a client. No sane person uses apache 1.3 as forward proxy and in reverse
 	NOTE: proxy situations, the backend server is usually trusted, anyway.
-CVE-2010-0009 (Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain ...)
+CVE-2010-0009
 	- couchdb 0.11.0-1 (bug #576304)
 	[lenny] - couchdb <no-dsa> (Minor information leak)
-CVE-2010-0008 (The sctp_rcv_ootb function in the SCTP implementation in the Linux ...)
+CVE-2010-0008
 	- linux-2.6 2.6.23-1
-CVE-2010-0007 (net/bridge/netfilter/ebtables.c in the ebtables module in the ...)
+CVE-2010-0007
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6
 	- linux-2.6.24 <removed>
-CVE-2010-0006 (The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel ...)
+CVE-2010-0006
 	- linux-2.6 2.6.32-6
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
-CVE-2010-0005 (query.py in the query interface in ViewVC before 1.1.3 does not reject ...)
+CVE-2010-0005
 	- viewvc 1.1.5-1 (bug #575777)
-CVE-2010-0004 (ViewVC before 1.1.3 composes the root listing view without using the ...)
+CVE-2010-0004
 	- viewvc 1.1.5-1 (bug #575777)
-CVE-2010-0003 (The print_fatal_signal function in kernel/signal.c in the Linux kernel ...)
+CVE-2010-0003
 	{DSA-2005-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6
 	[etch] - linux-2.6 <not-affected> (does not have print-fatal-signals)
 	- linux-2.6.24 <removed>
-CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
+CVE-2010-0002
 	- bash <not-affected> (mandriva-specific packaging issue)
-CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
+CVE-2010-0001
 	{DSA-2074-1 DSA-1974-1}
 	- gzip 1.3.12-9 (medium; bug #566002)
 	- linux-2.6 <not-affected> (does not include unlzw.c in its gzip code copy)
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 4a67d59ef8..98d0e10dbe 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -1,32 +1,32 @@
-CVE-2011-5326 (imlib2 before 1.4.9 allows remote attackers to cause a denial of ...)
+CVE-2011-5326
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #639414)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/5
-CVE-2011-5325 (Directory traversal vulnerability in the BusyBox implementation of tar ...)
+CVE-2011-5325
 	{DLA-1445-1}
 	- busybox 1:1.27.2-1 (bug #802702)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	[squeeze] - busybox <no-dsa> (Minor issue)
-CVE-2011-5324 (The TeraRecon server, as used in GE Healthcare Centricity PACS-IW ...)
+CVE-2011-5324
 	NOT-FOR-US: GE Healthcare Centricity PACS-IW
-CVE-2011-5323 (GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other ...)
+CVE-2011-5323
 	NOT-FOR-US: GE Healthcare Centricity PACS-IW
-CVE-2011-5322 (GE Healthcare Centricity Analytics Server 1.1 has a default password ...)
+CVE-2011-5322
 	NOT-FOR-US: GE Healthcare Centricity Analytics Server
-CVE-2011-5321 (The tty_open function in drivers/tty/tty_io.c in the Linux kernel ...)
+CVE-2011-5321
 	{DLA-246-1}
 	- linux 3.2.20-1
 	- linux-2.6 3.2.1-1
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376 (v3.2-rc1)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a2b5fddd53b80efcb3266ee36e23b8de28e761a (v2.6.28-rc1)
 	NOTE: 3.2.20-1 is the first version after the src:linux-2.6 -> src:linux rename.
-CVE-2011-5319 (content/renderer/device_sensors/device_motion_event_pump.cc in Google ...)
+CVE-2011-5319
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-5320 (scanf and related functions in glibc before 2.15 allow local users to ...)
+CVE-2011-5320
 	{DLA-165-1}
 	- glibc 2.15
 	- eglibc 2.13-25 (bug #553206)
@@ -36,77 +36,77 @@ CVE-2011-5320 (scanf and related functions in glibc before 2.15 allow local user
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/26/2
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0
 	NOTE: CVE assigned specific to the https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4 issue
-CVE-2011-5318 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2011-5318
 	NOT-FOR-US: diafan.CMS
-CVE-2011-5317 (Cross-site scripting (XSS) vulnerability in editText.php in WonderCMS ...)
+CVE-2011-5317
 	NOT-FOR-US: WonderCMS
-CVE-2011-5316 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
+CVE-2011-5316
 	NOT-FOR-US: Cambio
-CVE-2011-5315 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
+CVE-2011-5315
 	NOT-FOR-US: whCMS
-CVE-2011-5314 (templates/default/index.php in Redaxscript 0.3.2 allows remote ...)
+CVE-2011-5314
 	NOT-FOR-US: Redaxscript
-CVE-2011-5313 (Multiple SQL injection vulnerabilities in includes/password.php in ...)
+CVE-2011-5313
 	NOT-FOR-US: Redaxscript
-CVE-2011-5312 (Multiple cross-site scripting (XSS) vulnerabilities in Gollos 2.8 ...)
+CVE-2011-5312
 	NOT-FOR-US: Gollos
-CVE-2011-5311 (Cross-site request forgery (CSRF) vulnerability in pages.php in ...)
+CVE-2011-5311
 	NOT-FOR-US: Wikipad
-CVE-2011-5310 (Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows ...)
+CVE-2011-5310
 	NOT-FOR-US: Wikipad
-CVE-2011-5309 (Cross-site scripting (XSS) vulnerability in pages.php in Wikipad 1.6.0 ...)
+CVE-2011-5309
 	NOT-FOR-US: Wikipad
-CVE-2011-5308 (Multiple SQL injection vulnerabilities in cdnvote-post.php in the ...)
+CVE-2011-5308
 	NOT-FOR-US: cdnvote plugin for WordPress
-CVE-2011-5307 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
+CVE-2011-5307
 	NOT-FOR-US: PhotoSmash plugin for WordPress
-CVE-2011-5306 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-5306
 	NOT-FOR-US: CosmoShop ePRO
-CVE-2011-5305 (Multiple cross-site scripting (XSS) vulnerabilities in CosmoShop ePRO ...)
+CVE-2011-5305
 	NOT-FOR-US: CosmoShop ePRO
-CVE-2011-5304 (Multiple cross-site scripting (XSS) vulnerabilities in the Sodahead ...)
+CVE-2011-5304
 	NOT-FOR-US: Sodahead Polls plugin for WordPress
-CVE-2011-5303 (Cross-site scripting (XSS) vulnerability in Spitfire CMS 1.0.436 ...)
+CVE-2011-5303
 	NOT-FOR-US: Spitfire CMS
-CVE-2011-5302 (Cross-site request forgery (CSRF) vulnerability in adm/admin_edit.php ...)
+CVE-2011-5302
 	NOT-FOR-US: PHPDug
-CVE-2011-5301 (Multiple cross-site scripting (XSS) vulnerabilities in PHPDug 2.0.0 ...)
+CVE-2011-5301
 	NOT-FOR-US: PHPDug
-CVE-2011-5300 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-5300
 	NOT-FOR-US: poMMo Aardvark
-CVE-2011-5299 (Multiple cross-site scripting (XSS) vulnerabilities in poMMo Aardvark ...)
+CVE-2011-5299
 	NOT-FOR-US: poMMo Aardvark
-CVE-2011-5298 (Multiple cross-site request forgery (CSRF) vulnerabilities in Argyle ...)
+CVE-2011-5298
 	NOT-FOR-US: Argyle Social
-CVE-2011-5297 (Multiple cross-site scripting (XSS) vulnerabilities in TTChat 1.0.4 ...)
+CVE-2011-5297
 	NOT-FOR-US: TTChat
-CVE-2011-5296 (Cross-site scripting (XSS) vulnerability in profilo.php in Happy Chat ...)
+CVE-2011-5296
 	NOT-FOR-US: Happy Chat
-CVE-2011-5295 (Buffer overflow in the Download method in a certain ActiveX control in ...)
+CVE-2011-5295
 	NOT-FOR-US: Gogago YouTube Video Converter
-CVE-2011-5294 (The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in ...)
+CVE-2011-5294
 	NOT-FOR-US: Kofax e-Transactions Sender Sendbox
-CVE-2011-5293 (The cmdSave method in the ThreeDify.ThreeDifyDesigner.1 ActiveX ...)
+CVE-2011-5293
 	NOT-FOR-US: ThreeDify Designer
-CVE-2011-5292 (The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe ...)
+CVE-2011-5292
 	NOT-FOR-US: Easewe FTP OCX
-CVE-2011-5291 (The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in ...)
+CVE-2011-5291
 	NOT-FOR-US: Ashampoo 3D CAD Professional
-CVE-2011-5290 (The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control ...)
+CVE-2011-5290
 	NOT-FOR-US: IDrive Online Backup
-CVE-2011-5289 (The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX ...)
+CVE-2011-5289
 	NOT-FOR-US: aTube Catcher
-CVE-2011-5288 (Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX ...)
+CVE-2011-5288
 	NOT-FOR-US: ThreeDify Designer
-CVE-2011-5287 (Multiple cross-site scripting (XSS) vulnerabilities in HESK before ...)
+CVE-2011-5287
 	NOT-FOR-US: HESK
-CVE-2011-5286 (SQL injection vulnerability in social-slider-2/ajax.php in the Social ...)
+CVE-2011-5286
 	NOT-FOR-US: Social Slider plugin for WordPress
-CVE-2011-5285 (Multiple cross-site scripting (XSS) vulnerabilities in BugFree 2.1.3 ...)
+CVE-2011-5285
 	NOT-FOR-US: BugFree
-CVE-2011-5284 (Cross-site request forgery (CSRF) vulnerability in the web management ...)
+CVE-2011-5284
 	NOT-FOR-US: Smoothwall
-CVE-2011-5283 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2011-5283
 	NOT-FOR-US: Smoothwall
 CVE-2011-5282
 	RESERVED
@@ -114,76 +114,76 @@ CVE-2011-5374
 	RESERVED
 CVE-2011-5281
 	RESERVED
-CVE-2011-5280 (Multiple stack-based buffer overflows in BOINC 6.13.x allow remote ...)
+CVE-2011-5280
 	- boinc 7.0.2+dfsg-1 (low)
 	[squeeze] - boinc <no-dsa> (Minor issue)
-CVE-2011-5279 (CRLF injection vulnerability in the CGI implementation in Microsoft ...)
+CVE-2011-5279
 	NOT-FOR-US: Microsoft IIS
-CVE-2011-5278 (SQL injection vulnerability in signature.php in Advanced Forum ...)
+CVE-2011-5278
 	NOT-FOR-US: MyBB plugin Advanced Forum Signatures
-CVE-2011-5277 (Multiple SQL injection vulnerabilities in signature.php in the ...)
+CVE-2011-5277
 	NOT-FOR-US: MyBB plugin Advanced Forum Signatures
-CVE-2011-5276 (SQL injection vulnerability in the drawAdminTools_PackageInstaller ...)
+CVE-2011-5276
 	- dtc 0.34.1-1
-CVE-2011-5275 (The install script in Domain Technologie Control (DTC) before 0.34.1 ...)
+CVE-2011-5275
 	- dtc 0.34.1-1
-CVE-2011-5274 (The drawAdminTools_PackageInstaller function in ...)
+CVE-2011-5274
 	- dtc 0.34.1-1
-CVE-2011-5273 (Directory traversal vulnerability in shared/package-installer in ...)
+CVE-2011-5273
 	- dtc 0.34.1-1
-CVE-2011-5272 (SQL injection vulnerability in Domain Technologie Control (DTC) before ...)
+CVE-2011-5272
 	- dtc 0.34.1-1
 CVE-2011-5271 [configure creates temp files insecurely]
 	RESERVED
 	- pacemaker 1.1.6-1 (unimportant; bug #633964)
 	NOTE: https://github.com/ClusterLabs/pacemaker/commit/23ad834
 	NOTE: Only exploitable at build time
-CVE-2011-5270 (wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the ...)
+CVE-2011-5270
 	- wordpress 3.2.1+dfsg-1
-CVE-2011-5269 (Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3 ...)
+CVE-2011-5269
 	NOT-FOR-US: ProjectForge
-CVE-2011-5268 (connection.c in Bip before 0.8.9 does not properly close sockets, ...)
+CVE-2011-5268
 	- bip 0.8.9-1
 	[squeeze] - bip <no-dsa> (Minor issue)
 	[wheezy] - bip <no-dsa> (Minor issue)
 	NOTE: Difference between CVE-2011-5268 and CVE-2013-4550: http://www.openwall.com/lists/oss-security/2014/01/02/9
-CVE-2011-5267 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-5267
 	NOT-FOR-US: SpellChecker module in Xinha
 CVE-2011-5266
 	RESERVED
-CVE-2011-5265 (Cross-site scripting (XSS) vulnerability in cached_image.php in the ...)
+CVE-2011-5265
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5264 (Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the ...)
+CVE-2011-5264
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5263 (Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in ...)
+CVE-2011-5263
 	NOT-FOR-US: SAP NetWeaver
-CVE-2011-5262 (SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail ...)
+CVE-2011-5262
 	NOT-FOR-US: SonicWALL Aventail
-CVE-2011-5261 (Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis ...)
+CVE-2011-5261
 	NOT-FOR-US: Axis M10 Series Network Cameras
-CVE-2011-5260 (Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP ...)
+CVE-2011-5260
 	NOT-FOR-US: NetWeaver
-CVE-2011-5259 (SQL injection vulnerability in lib/controllers/CentralController.php ...)
+CVE-2011-5259
 	NOT-FOR-US: OrangehRM
-CVE-2011-5258 (Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM ...)
+CVE-2011-5258
 	NOT-FOR-US: OrangehRM
-CVE-2011-5257 (Multiple cross-site scripting (XSS) vulnerabilities in the Classipress ...)
+CVE-2011-5257
 	NOT-FOR-US: WordPress theme
-CVE-2011-5256 (Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey ...)
+CVE-2011-5256
 	- limesurvey <itp> (bug #472802)
-CVE-2011-5255 (Multiple cross-site scripting (XSS) vulnerabilities in admin/login in ...)
+CVE-2011-5255
 	NOT-FOR-US: X3 CMS
-CVE-2011-5254 (Unspecified vulnerability in the Connections plugin before 0.7.1.6 for ...)
+CVE-2011-5254
 	NOT-FOR-US: Connections plugin for WordPress
-CVE-2011-5253 (Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to ...)
+CVE-2011-5253
 	NOT-FOR-US: Dl Download Ticket Service
-CVE-2011-5252 (Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x ...)
+CVE-2011-5252
 	NOT-FOR-US: Orchard
-CVE-2011-5251 (Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and ...)
+CVE-2011-5251
 	NOT-FOR-US: vBulletin
 CVE-2011-5250
 	RESERVED
-CVE-2011-5249 (Cross-site scripting (XSS) vulnerability in the events page in the ...)
+CVE-2011-5249
 	NOT-FOR-US: SNARE
 CVE-2011-5248
 	RESERVED
@@ -199,495 +199,495 @@ CVE-2011-5371
 	REJECTED
 CVE-2011-5370
 	REJECTED
-CVE-2011-5245 (The readFrom function in providers.jaxb.JAXBXmlTypeProvider in ...)
+CVE-2011-5245
 	NOT-FOR-US: RESTEasy framework for JBoss
-CVE-2011-5244 (Multiple off-by-one errors in the (1) token and (2) linetoken ...)
+CVE-2011-5244
 	{DSA-2357-1}
 	- evince 2.32.0-1
 	[squeeze] - evince 2.30.3-2+squeeze1
 	NOTE: This issue was already fixed in DSA-2357-1 by shipping the correct fix from the start
-CVE-2011-5243 (TwitterOAuth does not verify that the server hostname matches a domain ...)
+CVE-2011-5243
 	NOT-FOR-US: TwitterOAuth
-CVE-2011-5242 (tmhOAuth before 0.61 does not verify that the server hostname matches ...)
+CVE-2011-5242
 	NOT-FOR-US: tmhOAuth
-CVE-2011-5241 (Services_Twitter 0.6.3 does not verify that the server hostname ...)
+CVE-2011-5241
 	NOT-FOR-US: PEAR module for Twitter
-CVE-2011-5240 (Magento 1.5 and 1.6.2 does not verify that the server hostname matches ...)
+CVE-2011-5240
 	NOT-FOR-US: Magento
-CVE-2011-5239 (CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname ...)
+CVE-2011-5239
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2011-5238 (google-checkout-php-sample-code before 1.3.2 does not verify that the ...)
+CVE-2011-5238
 	NOT-FOR-US: google-checkout-php-sample-code
-CVE-2011-5237 (PayPal WPS ToolKit does not verify that the server hostname matches a ...)
+CVE-2011-5237
 	NOT-FOR-US: PayPal WPS ToolKit
-CVE-2011-5236 (Moneris eSelectPlus 2.03 PHP API does not verify that the server ...)
+CVE-2011-5236
 	NOT-FOR-US: Moneris eSelectPlus 2.03 PHP API
-CVE-2011-5235 (SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote ...)
+CVE-2011-5235
 	NOT-FOR-US: mnoGoSearch
-CVE-2011-5234 (SQL injection vulnerability in user.php in Social Network Community 2 ...)
+CVE-2011-5234
 	NOT-FOR-US: Social Network Community
-CVE-2011-5233 (Heap-based buffer overflow in IrfanView before 4.32 allows remote ...)
+CVE-2011-5233
 	NOT-FOR-US: IrfanView
 CVE-2011-5232
 	REJECTED
 CVE-2011-5231
 	REJECTED
-CVE-2011-5230 (Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass ...)
+CVE-2011-5230
 	NOT-FOR-US: Seotoaster
-CVE-2011-5229 (SQL injection vulnerability in quickstart/profile/index.php in the ...)
+CVE-2011-5229
 	NOT-FOR-US: appRain CMF
-CVE-2011-5228 (Cross-site scripting (XSS) vulnerability in the Search module ...)
+CVE-2011-5228
 	NOT-FOR-US: appRain CMF
-CVE-2011-5227 (Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in ...)
+CVE-2011-5227
 	NOT-FOR-US: Enterasys Network Management Suite
-CVE-2011-5226 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-5226
 	NOT-FOR-US: WordPress plugin Sentinel
-CVE-2011-5225 (Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in ...)
+CVE-2011-5225
 	NOT-FOR-US: WordPress plugin Sentinel
-CVE-2011-5224 (SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress ...)
+CVE-2011-5224
 	NOT-FOR-US: WordPress plugin Sentinel
-CVE-2011-5223 (Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti ...)
+CVE-2011-5223
 	- cacti 0.8.7i-1 (low)
 	[squeeze] - cacti 0.8.7g-1+squeeze4
-CVE-2011-5222 (SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and ...)
+CVE-2011-5222
 	NOT-FOR-US: PHP Flirt-Projekt
-CVE-2011-5221 (Cross-site scripting (XSS) vulnerability in the getLog function in ...)
+CVE-2011-5221
 	- websvn 2.3.1-1
-CVE-2011-5220 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-5220
 	NOT-FOR-US: PHP-SCMS
-CVE-2011-5219 (Directory traversal vulnerability in examples/show_code.php in mPDF ...)
+CVE-2011-5219
 	NOT-FOR-US: mPDF
-CVE-2011-5218 (SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows ...)
+CVE-2011-5218
 	NOT-FOR-US: DotA OpenStats
-CVE-2011-5217 (Directory traversal vulnerability in the PXE Mtftp service in Hitachi ...)
+CVE-2011-5217
 	NOT-FOR-US: Hitachi JP1/ServerConductor/DeploymentManager
-CVE-2011-5216 (SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress ...)
+CVE-2011-5216
 	NOT-FOR-US: WordPress plugin SCORM Cloud
-CVE-2011-5215 (SQL injection vulnerability in index.php in Video Community Portal ...)
+CVE-2011-5215
 	NOT-FOR-US: Video Community Portal
-CVE-2011-5214 (Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM ...)
+CVE-2011-5214
 	NOT-FOR-US: BrowserCRM
-CVE-2011-5213 (Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and ...)
+CVE-2011-5213
 	NOT-FOR-US: BrowserCRM
-CVE-2011-5212 (SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 ...)
+CVE-2011-5212
 	NOT-FOR-US: Subrion CMS
-CVE-2011-5211 (Cross-site scripting (XSS) vulnerability in the poll module in Subrion ...)
+CVE-2011-5211
 	NOT-FOR-US: Subrion CMS
-CVE-2011-5210 (Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 ...)
+CVE-2011-5210
 	NOT-FOR-US: Limny
-CVE-2011-5209 (Cross-site scripting (XSS) vulnerability in search/ in GraphicsClone ...)
+CVE-2011-5209
 	NOT-FOR-US: GraphicsClone
-CVE-2011-5208 (Multiple directory traversal vulnerabilities in the BackWPup plugin ...)
+CVE-2011-5208
 	NOT-FOR-US: BackWPup
-CVE-2011-5207 (Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php ...)
+CVE-2011-5207
 	NOT-FOR-US: WP TheCartPress
-CVE-2011-5206 (Cross-site scripting (XSS) vulnerability in notes.php in Rapidleech ...)
+CVE-2011-5206
 	NOT-FOR-US: Rapidleech
-CVE-2011-5205 (Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 ...)
+CVE-2011-5205
 	NOT-FOR-US: Rapidleech
-CVE-2011-5204 (Akiva WebBoard 8.x stores passwords in plaintext, which allows local ...)
+CVE-2011-5204
 	NOT-FOR-US: Akiva WebBoard
-CVE-2011-5203 (SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before ...)
+CVE-2011-5203
 	NOT-FOR-US: Akiva WebBoard
-CVE-2011-5202 (BazisVirtualCDBus.sys in WinCDEmu 3.6 allows local users to cause a ...)
+CVE-2011-5202
 	NOT-FOR-US: WinCDEmu
-CVE-2011-5201 (Multiple SQL injection vulnerabilities in sign.php in tinyguestbook ...)
+CVE-2011-5201
 	NOT-FOR-US: tinyguestbook
-CVE-2011-5200 (Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow ...)
+CVE-2011-5200
 	NOT-FOR-US: DeDeCMS
-CVE-2011-5199 (Cross-site scripting (XSS) vulnerability in sign.php in tinyguestbook ...)
+CVE-2011-5199
 	NOT-FOR-US: tinyguestbook
-CVE-2011-5198 (SQL injection vulnerability in search.php in Neturf eCommerce Shopping ...)
+CVE-2011-5198
 	NOT-FOR-US: Neturf eCommerce Shopping Cart
-CVE-2011-5197 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-5197
 	NOT-FOR-US: Public Knowledge Project Open Harvester Systems
-CVE-2011-5196 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-5196
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2011-5195 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-5195
 	NOT-FOR-US: Public Knowledge Project Open Conference Systems
-CVE-2011-5194 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-5194
 	NOT-FOR-US: Wordpress Whois search plugin
-CVE-2011-5193 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-5193
 	NOT-FOR-US: Wordpress Whois search plugin
-CVE-2011-5192 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty ...)
+CVE-2011-5192
 	NOT-FOR-US: Wordpress Pretty Link Lite plugin
-CVE-2011-5191 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty ...)
+CVE-2011-5191
 	NOT-FOR-US: Wordpress Pretty Link Lite plugin
-CVE-2011-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Social Book ...)
+CVE-2011-5190
 	NOT-FOR-US: Social Book Facebook Clone 2010
-CVE-2011-5189 (Cross-site scripting (XSS) vulnerability in the Webform Validation ...)
+CVE-2011-5189
 	NOT-FOR-US: Drupal addon
-CVE-2011-5187 (Cross-site scripting (XSS) vulnerability in the Support Ticketing ...)
+CVE-2011-5187
 	NOT-FOR-US: Drupal addon
-CVE-2011-5186 (Cross-site scripting (XSS) vulnerability in jbshop.php in the jbShop ...)
+CVE-2011-5186
 	NOT-FOR-US: jbShop plugin for e107
-CVE-2011-5185 (Cross-site scripting (XSS) vulnerability in video_comments.php in ...)
+CVE-2011-5185
 	NOT-FOR-US: Online Subtitles Workshop
-CVE-2011-5184 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
+CVE-2011-5184
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-5182 (** DISPUTED ** ...)
+CVE-2011-5182
 	NOT-FOR-US: Wordpress Lanoba Social plugin
-CVE-2011-5181 (Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk ...)
+CVE-2011-5181
 	NOT-FOR-US: Wordpress ClickDesk Live Support - Live Chat plugin
-CVE-2011-5180 (Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in ...)
+CVE-2011-5180
 	NOT-FOR-US: Wordpress ZooEffect plugin
-CVE-2011-5179 (Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php ...)
+CVE-2011-5179
 	NOT-FOR-US: Skysa App Bar
-CVE-2011-5177 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-5177
 	NOT-FOR-US: eSyndiCat Pro
-CVE-2011-5188 (Cross-site scripting (XSS) vulnerability in the Support Timer module ...)
+CVE-2011-5188
 	NOT-FOR-US: Drupal module
-CVE-2011-5183 (Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier ...)
+CVE-2011-5183
 	NOT-FOR-US: OrderSys
-CVE-2011-5178 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-5178
 	NOT-FOR-US: Infoblox NetMRI
-CVE-2011-5176 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
+CVE-2011-5176
 	NOT-FOR-US: Banana Dance
-CVE-2011-5175 (SQL injection vulnerability in search.php in Banana Dance, possibly ...)
+CVE-2011-5175
 	NOT-FOR-US: Banana Dance
-CVE-2011-5174 (Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT ...)
+CVE-2011-5174
 	NOT-FOR-US: Intel Trusted Execution Technology
-CVE-2011-5173 (Buffer overflow in Bugbear Entertainment FlatOut 2005 allows ...)
+CVE-2011-5173
 	NOT-FOR-US: Bugbear Entertainment FlatOut 2005
-CVE-2011-5172 (Stack-based buffer overflow in StoryBoard Quick 6 Build 3786, and ...)
+CVE-2011-5172
 	NOT-FOR-US: StoryBoard Quick 6 Build, StoryBoard Artist and StoryBoard Studio
-CVE-2011-5171 (Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build ...)
+CVE-2011-5171
 	NOT-FOR-US: CyberLink Power2Go
-CVE-2011-5170 (Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 ...)
+CVE-2011-5170
 	NOT-FOR-US: Castillo Bueno Systems CCMPlayer
-CVE-2011-5169 (SQL injection vulnerability in ...)
+CVE-2011-5169
 	NOT-FOR-US: SonicWall ViewPoint
-CVE-2011-5168 (SQL injection vulnerability in user.php in Banana Dance before B.1.5 ...)
+CVE-2011-5168
 	NOT-FOR-US: Banana Dance
-CVE-2011-5167 (Heap-based buffer overflow in the SetDevNames method of the Tidestone ...)
+CVE-2011-5167
 	NOT-FOR-US: Oracle Hyperion Strategic Finance
-CVE-2011-5166 (Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote ...)
+CVE-2011-5166
 	NOT-FOR-US: KnFTP
-CVE-2011-5165 (Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and ...)
+CVE-2011-5165
 	NOT-FOR-US: Free MP3 CD Ripper
-CVE-2011-5164 (Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 ...)
+CVE-2011-5164
 	NOT-FOR-US: VanDyke Software AbsoluteFTP
-CVE-2011-5163 (Buffer overflow in an unspecified third-party component in the Batch ...)
+CVE-2011-5163
 	NOT-FOR-US: Schneider Electric CitectSCADA
-CVE-2011-5162 (Stack-based buffer overflow in GOM Player 2.1.33.5071 allows ...)
+CVE-2011-5162
 	NOT-FOR-US: GOM Player
-CVE-2011-5161 (Unrestricted file upload vulnerability in the patient photograph ...)
+CVE-2011-5161
 	NOT-FOR-US: OpenEMR
-CVE-2011-5160 (Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 ...)
+CVE-2011-5160
 	NOT-FOR-US: OpenEMR
-CVE-2011-5159 (Cross-site scripting (XSS) vulnerability in admin/configuration.php in ...)
+CVE-2011-5159
 	NOT-FOR-US: Geeklog
-CVE-2011-5158 (Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and ...)
+CVE-2011-5158
 	NOT-FOR-US: DATEV Grundpaket Basis
-CVE-2011-5157 (Untrusted search path vulnerability in Attachmate Reflection before ...)
+CVE-2011-5157
 	NOT-FOR-US: Attachmate Reflection
-CVE-2011-5156 (Untrusted search path vulnerability in Effective File Search 6.7 ...)
+CVE-2011-5156
 	NOT-FOR-US: Effective File Search
-CVE-2011-5155 (Untrusted search path vulnerability in Help &amp; Manual 5.5.1 Build 1296 ...)
+CVE-2011-5155
 	NOT-FOR-US: Help & Manual 5.5.1 Build
-CVE-2011-5154 (Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and ...)
+CVE-2011-5154
 	NOT-FOR-US: SAP GUI
-CVE-2011-5153 (Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows ...)
+CVE-2011-5153
 	NOT-FOR-US: FotoSlate
-CVE-2011-5152 (Multiple untrusted search path vulnerabilities in ACDSee Photo Editor ...)
+CVE-2011-5152
 	NOT-FOR-US: ACDSee Photo Editor
-CVE-2011-5151 (Untrusted search path vulnerability in ACDSee Picture Frame Manager ...)
+CVE-2011-5151
 	NOT-FOR-US: ACDSee Picture Frame Manager
-CVE-2011-3090 (Race condition in Google Chrome before 19.0.1084.46 allows remote ...)
+CVE-2011-3090
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-5150 (Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 ...)
+CVE-2011-5150
 	NOT-FOR-US: SpamTitan 5.07
-CVE-2011-5149 (Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 ...)
+CVE-2011-5149
 	NOT-FOR-US: SpamTitan 5.08
-CVE-2011-5148 (Multiple incomplete blacklist vulnerabilities in the Simple File ...)
+CVE-2011-5148
 	NOT-FOR-US: Simple File Upload
-CVE-2011-5147 (Static code injection vulnerability in ajax_save_name.php in the Ajax ...)
+CVE-2011-5147
 	NOT-FOR-US: tinymce plugin
-CVE-2011-5145 (Multiple SQL injection vulnerabilities in Open Business Management ...)
+CVE-2011-5145
 	NOT-FOR-US: Open Business Management
-CVE-2011-5144 (Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote ...)
+CVE-2011-5144
 	NOT-FOR-US: Open Business Management
-CVE-2011-5143 (Multiple cross-site scripting (XSS) vulnerabilities in Open Business ...)
+CVE-2011-5143
 	NOT-FOR-US: Open Business Management
-CVE-2011-5142 (Multiple cross-site scripting (XSS) vulnerabilities in Open Business ...)
+CVE-2011-5142
 	NOT-FOR-US: Open Business Management
-CVE-2011-5141 (Directory traversal vulnerability in exportcsv/exportcsv_index.php in ...)
+CVE-2011-5141
 	NOT-FOR-US: Open Business Management
-CVE-2011-5140 (Multiple SQL injection vulnerabilities in the blog module 1.0 for ...)
+CVE-2011-5140
 	NOT-FOR-US: DIY CMS
-CVE-2011-5139 (SQL injection vulnerability in page.php in Pre Studio Business Cards ...)
+CVE-2011-5139
 	NOT-FOR-US: Pre Studio Business Cards Designer
-CVE-2011-5138 (Cross-site scripting (XSS) vulnerability in member.php in tForum ...)
+CVE-2011-5138
 	NOT-FOR-US: tForum
-CVE-2011-5137 (Multiple SQL injection vulnerabilities in tForum b0.915 allow remote ...)
+CVE-2011-5137
 	NOT-FOR-US: tForum
-CVE-2011-5136 (showImg.php in EPractize Labs Subscription Manager, possibly 1.0, ...)
+CVE-2011-5136
 	NOT-FOR-US: EPractize Labs Subscription Manager
-CVE-2011-5135 (Multiple SQL injection vulnerabilities in the save_connection function ...)
+CVE-2011-5135
 	NOT-FOR-US: DoceboLMS
-CVE-2011-5134 (Unrestricted file upload vulnerability in ...)
+CVE-2011-5134
 	NOT-FOR-US: JCE component for Joomla!
-CVE-2011-5133 (Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and ...)
+CVE-2011-5133
 	NOT-FOR-US: MyBB
-CVE-2011-5132 (Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows ...)
+CVE-2011-5132
 	NOT-FOR-US: MyBB
-CVE-2011-5131 (Cross-site request forgery (CSRF) vulnerability in global.php in MyBB ...)
+CVE-2011-5131
 	NOT-FOR-US: MyBB
-CVE-2011-5130 (dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when ...)
+CVE-2011-5130
 	NOT-FOR-US: Family Connections CMS
-CVE-2011-5129 (Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote ...)
+CVE-2011-5129
 	- xchat <unfixed> (unimportant; bug #686454)
-CVE-2011-5128 (Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize ...)
+CVE-2011-5128
 	NOT-FOR-US: Adminimize plugin for Wordpress
-CVE-2011-5127 (Directory traversal vulnerability in Blue Coat Reporter 9.x before ...)
+CVE-2011-5127
 	NOT-FOR-US: Blue Coat
-CVE-2011-5126 (Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 ...)
+CVE-2011-5126
 	NOT-FOR-US: Blue Coat
-CVE-2011-5125 (Cross-site scripting (XSS) vulnerability in Blue Coat Director before ...)
+CVE-2011-5125
 	NOT-FOR-US: Blue Coat
-CVE-2011-5124 (Stack-based buffer overflow in the BCAAA component before build 60258, ...)
+CVE-2011-5124
 	NOT-FOR-US: Blue Coat
-CVE-2011-5123 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2011-5123
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5122 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2011-5122
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5121 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2011-5121
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5120 (The Antivirus component in Comodo Internet Security before ...)
+CVE-2011-5120
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5119 (Multiple race conditions in Comodo Internet Security before ...)
+CVE-2011-5119
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5118 (Multiple race conditions in Comodo Internet Security before ...)
+CVE-2011-5118
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5117 (Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, ...)
+CVE-2011-5117
 	NOT-FOR-US: Sophos SafeGuard
-CVE-2011-5116 (SQL injection vulnerability in setseed-hub in SetSeed CMS 5.8.20, ...)
+CVE-2011-5116
 	NOT-FOR-US: SetSeed CMS
-CVE-2011-5115 (Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and ...)
+CVE-2011-5115
 	NOT-FOR-US: DLguard
-CVE-2011-5114 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-5114
 	NOT-FOR-US: DLguard
-CVE-2011-5113 (SQL injection vulnerability in frontend/models/techfoliodetail.php in ...)
+CVE-2011-5113
 	NOT-FOR-US: Joomla addon
-CVE-2011-5112 (SQL injection vulnerability in Alameda (com_alameda) component before ...)
+CVE-2011-5112
 	NOT-FOR-US: Joomla addon
-CVE-2011-5111 (Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang ...)
+CVE-2011-5111
 	NOT-FOR-US: Kajian Website CMS
-CVE-2011-5110 (Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and ...)
+CVE-2011-5110
 	NOT-FOR-US: Blogs Manager
-CVE-2011-5109 (Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and ...)
+CVE-2011-5109
 	NOT-FOR-US: Freelancer calendar
-CVE-2011-5108 (Cross-site scripting (XSS) vulnerability in config.php in AdaptCMS ...)
+CVE-2011-5108
 	NOT-FOR-US: AdaptCMS
-CVE-2011-5107 (Cross-site scripting (XSS) vulnerability in post_alert.php in Alert ...)
+CVE-2011-5107
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5106 (Cross-site scripting (XSS) vulnerability in edit-post.php in the ...)
+CVE-2011-5106
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5105 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-5105
 	NOT-FOR-US: ZOHO ManageEngine ADSelfService Plus
-CVE-2011-5104 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-5104
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5103 (SQL injection vulnerability in Alurian Prismotube PHP Video Script ...)
+CVE-2011-5103
 	NOT-FOR-US: Alurian Prismotube PHP Video Script
-CVE-2011-5102 (The Investigative Reports web interface in the TRITON management ...)
+CVE-2011-5102
 	NOT-FOR-US: Websense
-CVE-2011-5101 (The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 ...)
+CVE-2011-5101
 	NOT-FOR-US: McAfee
-CVE-2011-5100 (The web interface in McAfee Firewall Reporter before 5.1.0.13 does not ...)
+CVE-2011-5100
 	NOT-FOR-US: McAfee
-CVE-2011-5099 (SQL injection vulnerability in helper/popup.php in the ccNewsletter ...)
+CVE-2011-5099
 	NOT-FOR-US: Joomla addon
-CVE-2011-5098 (chef-server-api/app/controllers/clients.rb in Chef Server in Chef ...)
+CVE-2011-5098
 	- chef 0.10.10-1
-CVE-2011-5097 (chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef ...)
+CVE-2011-5097
 	- chef 0.10.10-1
-CVE-2011-5096 (Stack-based buffer overflow in cstore.exe in the Media Application ...)
+CVE-2011-5096
 	NOT-FOR-US: Avaya Aura Application Server
-CVE-2011-5095 (The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...)
+CVE-2011-5095
 	- openssl 0.9.8a-1 (bug #684527)
 	NOTE: fips version not used in Debian
-CVE-2011-5094 (** DISPUTED ** Mozilla Network Security Services (NSS) 3.x, with ...)
+CVE-2011-5094
 	NOTE: Disputed NSS issue
-CVE-2011-5093 (Best Practical Solutions RT 4.x before 4.0.6 does not properly ...)
+CVE-2011-5093
 	NOTE: Dupe of CVE-2011-4458
-CVE-2011-5092 (Best Practical Solutions RT 3.8.x before 3.8.12 and 4.x before 4.0.6 ...)
+CVE-2011-5092
 	NOTE: Dupe of CVE-2011-4458
-CVE-2011-5091 (Multiple SQL injection vulnerabilities in GR Board (aka grboard) ...)
+CVE-2011-5091
 	NOT-FOR-US: GR Board
-CVE-2011-5090 (GR Board (aka grboard) 1.8.6.5 Community Edition does not require ...)
+CVE-2011-5090
 	NOT-FOR-US: GR Board
-CVE-2011-5089 (Buffer overflow in the Security Login ActiveX controls in ICONICS ...)
+CVE-2011-5089
 	NOT-FOR-US: ICONICS, BizViz
-CVE-2011-5088 (The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 ...)
+CVE-2011-5088
 	NOT-FOR-US: ICONICS GENESIS32, BizViz
-CVE-2011-5087 (Unspecified vulnerability in AdAstrA TRACE MODE Data Center allows ...)
+CVE-2011-5087
 	NOT-FOR-US: AdAstrA TRACE MODE Data Center
-CVE-2011-5086 (https50.ocx in IP*Works! SSL in the server in Unitronics UniOPC before ...)
+CVE-2011-5086
 	NOT-FOR-US: Unitronics UniOPC
-CVE-2011-5085 (Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x ...)
+CVE-2011-5085
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.2+dfsg-1
-CVE-2011-5084 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before ...)
+CVE-2011-5084
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.2+dfsg-1
-CVE-2011-5083 (Unrestricted file upload vulnerability in inc/swf/swfupload.swf in ...)
+CVE-2011-5083
 	- dotclear 2.5+dfsg-1 (low; bug #670227)
 	NOTE: Post-authentication; vulnerability is actually in admin/media.php.
-CVE-2011-5082 (Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin ...)
+CVE-2011-5082
 	NOT-FOR-US: s2Member Pro plugin for WordPress
-CVE-2011-5081 (Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC ...)
+CVE-2011-5081
 	- backuppc 3.1.0-9.1 (low; bug #661011)
 	[squeeze] - backuppc 3.1.0-9.1
 	[lenny] - backuppc <no-dsa> (Minor issue)
-CVE-2011-5080 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-5080
 	NOT-FOR-US: jftcaforms extension for TYPO3
-CVE-2011-5079 (Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 ...)
+CVE-2011-5079
 	NOT-FOR-US: irfaq extension for TYPO3
-CVE-2011-5078 (The web administration interface in the server in Sybase M-Business ...)
+CVE-2011-5078
 	NOT-FOR-US: Sybase
-CVE-2011-5077 (Unrestricted file upload vulnerability in attachement.php in HDWiki ...)
+CVE-2011-5077
 	NOT-FOR-US: HDWiki
-CVE-2011-5076 (SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, ...)
+CVE-2011-5076
 	NOT-FOR-US: HDWiki
-CVE-2011-5075 (translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 ...)
+CVE-2011-5075
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5074 (Multiple cross-site request forgery (CSRF) vulnerabilities in Support ...)
+CVE-2011-5074
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5073 (Multiple cross-site scripting (XSS) vulnerabilities in Support ...)
+CVE-2011-5073
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5072 (Multiple SQL injection vulnerabilities in Support Incident Tracker ...)
+CVE-2011-5072
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5071 (Multiple SQL injection vulnerabilities in Support Incident Tracker ...)
+CVE-2011-5071
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5070 (Multiple cross-site scripting (XSS) vulnerabilities in Support ...)
+CVE-2011-5070
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5069 (Unrestricted file upload vulnerability in incident_attachments.php in ...)
+CVE-2011-5069
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5068 (Multiple cross-site request forgery (CSRF) vulnerabilities in Support ...)
+CVE-2011-5068
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5067 (move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 ...)
+CVE-2011-5067
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5066 (The SibRaRecoverableSiXaResource class in the Default Messaging ...)
+CVE-2011-5066
 	NOT-FOR-US: WebSphere
-CVE-2011-5065 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
+CVE-2011-5065
 	NOT-FOR-US: WebSphere
-CVE-2011-5064 (DigestAuthenticator.java in the HTTP Digest Access Authentication ...)
+CVE-2011-5064
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-5063 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
+CVE-2011-5063
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-5062 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
+CVE-2011-5062
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-5061 (functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x ...)
+CVE-2011-5061
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2011-5060 (The par_mktmpdir function in the PAR module before 1.003 for Perl ...)
+CVE-2011-5060
 	- libpar-perl 1.005-1 (bug #650707)
 	[squeeze] - libpar-perl 1.000-1+squeeze1
-CVE-2011-5059 (Stack-based buffer overflow in Final Draft 8 before 8.02 allows remote ...)
+CVE-2011-5059
 	NOT-FOR-US: Final Draft
-CVE-2011-5058 (The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 ...)
+CVE-2011-5058
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5057 (Apache Struts 2.3.1.1 and earlier provides interfaces that do not ...)
+CVE-2011-5057
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2011-5056 (The authoritative server in MaraDNS through 2.0.04 computes hash ...)
+CVE-2011-5056
 	- maradns <not-affected> (Only affects 2.x, see #653838)
-CVE-2011-5055 (MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without ...)
+CVE-2011-5055
 	- maradns 1.4.09-1 (low)
 	[squeeze] - maradns <no-dsa> (Minor issue)
-CVE-2011-5054 (kcheckpass passes a user-supplied argument to the pam_start function, ...)
+CVE-2011-5054
 	- kdebase-workspace <unfixed> (unimportant)
 	NOTE: the kcheckpass utility is not present in sid (still present in src package, will check with KDE maints)
 	NOTE: Not exploitable without OpenPAM
-CVE-2011-5053 (The Wi-Fi Protected Setup (WPS) protocol, when the &quot;external ...)
+CVE-2011-5053
 	NOT-FOR-US: This vulnerability affects a protocol, not a product. More information can be found at http://www.kb.cert.org/vuls/id/723755 . All products listed there are not part of Debian.
-CVE-2011-5052 (Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote ...)
+CVE-2011-5052
 	NOT-FOR-US: CoCSoft Stream Down
-CVE-2011-5051 (Multiple unrestricted file upload vulnerabilities in the WP Symposium ...)
+CVE-2011-5051
 	NOT-FOR-US: Symposium plugin for Wordpress
-CVE-2011-5050 (SQL injection vulnerability in corporate/Controller in Elitecore ...)
+CVE-2011-5050
 	NOT-FOR-US: Elitecore Technologies Cyberoam UTM
-CVE-2011-5049 (MySQL 5.5.8, when running on Windows, allows remote attackers to cause ...)
+CVE-2011-5049
 	NOT-FOR-US: MySQL on Windows
-CVE-2011-5048 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Web ...)
+CVE-2011-5048
 	NOT-FOR-US: IBM Web Experience Factory
-CVE-2011-5047 (Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in ...)
+CVE-2011-5047
 	NOT-FOR-US: pfSense
-CVE-2011-5046 (The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode ...)
+CVE-2011-5046
 	NOT-FOR-US: Microsoft Windows 7
-CVE-2011-5045 (Cross-site scripting (XSS) vulnerability in details_view.php in PHP ...)
+CVE-2011-5045
 	NOT-FOR-US: PHP Booking Calendar 10e (not in Debian)
-CVE-2011-5044 (SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for ...)
+CVE-2011-5044
 	NOT-FOR-US: SopCast (not in Debian)
-CVE-2011-5043 (TomatoSoft Free Mp3 Player 1.0 allows remote attackers to cause a ...)
+CVE-2011-5043
 	NOT-FOR-US: TomatoSoft Free Mp3 Player (not in Debian)
-CVE-2011-5042 (Cross-site scripting (XSS) vulnerability in inc/lib/lib.base.php in ...)
+CVE-2011-5042
 	NOT-FOR-US: SASHA (not in Debian)
-CVE-2011-5041 (Multiple cross-site scripting (XSS) vulnerabilities in Pulse Pro CMS ...)
+CVE-2011-5041
 	NOT-FOR-US: Pulse Pro CMS (not in Debian)
-CVE-2011-5040 (Multiple cross-site scripting (XSS) vulnerabilities in Infoproject ...)
+CVE-2011-5040
 	NOT-FOR-US: Infoproject Biznis Heroj (not in Debian)
-CVE-2011-5039 (Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj ...)
+CVE-2011-5039
 	NOT-FOR-US: Infoproject Biznis Heroj (not in Debian)
-CVE-2011-5038 (SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly ...)
+CVE-2011-5038
 	NOT-FOR-US: hitAppoint (not in Debian)
-CVE-2011-5037 (Google V8 computes hash values for form parameters without restricting ...)
+CVE-2011-5037
 	- libv8 3.6.6.14-2 (bug #653962)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-5036 (Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes ...)
+CVE-2011-5036
 	{DSA-2783-1}
 	- ruby-rack 1.4.0-1 (bug #653963)
 	- librack-ruby <removed>
 	NOTE: https://github.com/rack/rack/commit/5b9d09a81a9fdc9475f0ab0095cb2a33bf2a8f91
-CVE-2011-5035 (Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications ...)
+CVE-2011-5035
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- glassfish <not-affected> (Debian only builds some core libs, not the full application stack)
-CVE-2011-5034 (Apache Geronimo 2.2.1 and earlier computes hash values for form ...)
+CVE-2011-5034
 	NOT-FOR-US: Apache Geronimo
-CVE-2011-5033 (Stack-based buffer overflow in CFS.c in ConfigServer Security &amp; ...)
+CVE-2011-5033
 	NOT-FOR-US: ConfigServer Security & Firewall
-CVE-2011-5032 (WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to ...)
+CVE-2011-5032
 	NOT-FOR-US: WinMount
-CVE-2011-5031 (Multiple SQL injection vulnerabilities in ...)
+CVE-2011-5031
 	NOT-FOR-US: cApexWEB
-CVE-2011-5030 (Cross-site scripting (XSS) vulnerability in the Meta tags quick module ...)
+CVE-2011-5030
 	NOT-FOR-US: Meta tags quick module for Drupal
-CVE-2011-5029 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
+CVE-2011-5029
 	NOT-FOR-US: Sumple PHP Blog
-CVE-2011-5028 (Directory traversal vulnerability in novelllogmanager/FileDownload in ...)
+CVE-2011-5028
 	NOT-FOR-US: Novell Sentinel Log Manager
-CVE-2011-5027 (Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 ...)
+CVE-2011-5027
 	- zabbix 1:1.8.10-1 (bug #652664)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-5026 (Cross-site scripting (XSS) vulnerability in the addPost function in ...)
+CVE-2011-5026
 	NOT-FOR-US: Winn Guestbook
-CVE-2011-5025 (Multiple cross-site scripting (XSS) vulnerabilities in the wiki ...)
+CVE-2011-5025
 	- yaws 1.92-1 (low; bug #653966)
 	[squeeze] - yaws <no-dsa> (Minor issue)
-CVE-2011-5024 (Cross-site scripting (XSS) vulnerability in mmsearch/design in the ...)
+CVE-2011-5024
 	NOT-FOR-US: ht://Dig integration for Mailman
-CVE-2011-5023 (Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows ...)
+CVE-2011-5023
 	NOT-FOR-US: Pligg CMS
-CVE-2011-5022 (SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows ...)
+CVE-2011-5022
 	NOT-FOR-US: Pligg CMS
-CVE-2011-5021 (PHPIDS before 0.7 does not properly implement Regular Expression ...)
+CVE-2011-5021
 	- php-ids <itp> (bug #488848)
 CVE-2011-5020
 	RESERVED
-CVE-2011-5019 (Cross-site scripting (XSS) vulnerability in setup/index.php in ...)
+CVE-2011-5019
 	- textpattern <unfixed> (low)
 	[squeeze] - textpattern <no-dsa> (Vulnerability is in setup.php, which becomes inaccessible after installation)
 CVE-2011-5018
@@ -702,31 +702,31 @@ CVE-2011-5014
 	RESERVED
 CVE-2011-5013
 	RESERVED
-CVE-2011-5012 (Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll ...)
+CVE-2011-5012
 	NOT-FOR-US: Attachmate Reflection
-CVE-2011-5011 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2011-5011
 	NOT-FOR-US: xt:Commerce
-CVE-2011-5010 (apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows ...)
+CVE-2011-5010
 	NOT-FOR-US: Ctek SkyRouter
-CVE-2011-5009 (The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 ...)
+CVE-2011-5009
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5008 (Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 ...)
+CVE-2011-5008
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5007 (Stack-based buffer overflow in the CmpWebServer component in 3S ...)
+CVE-2011-5007
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5006 (Stack-based buffer overflow in QQPlayer 3.2.845 allows remote ...)
+CVE-2011-5006
 	NOT-FOR-US: QQPlayer
-CVE-2011-5005 (Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier ...)
+CVE-2011-5005
 	NOT-FOR-US: QuiXplorer
-CVE-2011-5004 (Unrestricted file upload vulnerability in models/importcsv.php in the ...)
+CVE-2011-5004
 	NOT-FOR-US: Joomla extension
-CVE-2011-5003 (Stack-based buffer overflow in the Phonetic Indexer ...)
+CVE-2011-5003
 	NOT-FOR-US: Avid Media Composer
-CVE-2011-5002 (Multiple stack-based buffer overflows in Final Draft 8 before 8.02 ...)
+CVE-2011-5002
 	NOT-FOR-US: Final Draft
-CVE-2011-5001 (Stack-based buffer overflow in the CGenericScheduler::AddTask function ...)
+CVE-2011-5001
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2011-5000 (The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and ...)
+CVE-2011-5000
 	- openssh 1:5.9p1-1
 	[squeeze] - openssh 1:5.5p1-6+squeeze4
 	NOTE: looking at the code an additional integer overflow check was added in at least 5.9
@@ -782,7 +782,7 @@ CVE-2011-4975
 	RESERVED
 CVE-2011-4974
 	RESERVED
-CVE-2011-4973 (Authentication bypass vulnerability in mod_nss 1.0.8 allows remote ...)
+CVE-2011-4973
 	- libapache2-mod-nss 1.0.8-4 (low; bug #729626)
 	[wheezy] - libapache2-mod-nss <no-dsa> (Minor issue)
 	NOTE: https://www.redhat.com/archives/mod_nss-list/2011-May/msg00001.html
@@ -791,16 +791,16 @@ CVE-2011-4973 (Authentication bypass vulnerability in mod_nss 1.0.8 allows remot
 CVE-2011-4972 [CKEditor module for Drupal access bypass]
 	RESERVED
 	NOT-FOR-US: Drupal module
-CVE-2011-4971 (Multiple integer signedness errors in the (1) process_bin_sasl_auth, ...)
+CVE-2011-4971
 	{DSA-2832-1}
 	- memcached 1.4.13-0.3 (bug #706426)
 	NOTE: https://github.com/memcached/memcached/commit/6695ccbc525c36d693aaa3e8337b36aa0c784424
-CVE-2011-4970 (Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) ...)
+CVE-2011-4970
 	- lcgdm 1.8.6-1 (low; bug #702895)
 	[wheezy] - lcgdm <no-dsa> (Minor issue)
 	- dpm <removed>
 	[squeeze] - dpm <no-dsa> (Minor issue)
-CVE-2011-4969 (Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when ...)
+CVE-2011-4969
 	- jquery 1.6.4-1 (low; bug #699482)
 	[squeeze] - jquery <no-dsa> (Minor issue)
 	NOTE: http://blog.jquery.com/2011/09/01/jquery-1-6-3-released/
@@ -816,80 +816,80 @@ CVE-2011-4968 [nginx http proxy module does not verify peer identity of https or
 CVE-2011-4967
 	RESERVED
 	NOT-FOR-US: OpenPegasus
-CVE-2011-4966 (modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode ...)
+CVE-2011-4966
 	- freeradius 2.1.12+dfsg-1.2 (low; bug #694407)
 	[squeeze] - freeradius <no-dsa> (Minor issue)
 CVE-2011-4965
 	REJECTED
 CVE-2011-4964
 	REJECTED
-CVE-2011-4963 (nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote ...)
+CVE-2011-4963
 	- nginx <not-affected> (Only affects Nginx on Windows)
-CVE-2011-4962 (code/sitefeatures/PageCommentInterface.php in SilverStripe 2.4.x ...)
+CVE-2011-4962
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4961 (SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote ...)
+CVE-2011-4961
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4960 (SQL injection vulnerability in the Folder::findOrMake method in ...)
+CVE-2011-4960
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4959 (SQL injection vulnerability in the addslashes method in SilverStripe ...)
+CVE-2011-4959
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4958 (Cross-site scripting (XSS) vulnerability in the process function in ...)
+CVE-2011-4958
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4957 (The make_clickable function in wp-includes/formatting.php in WordPress ...)
+CVE-2011-4957
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
-CVE-2011-4956 (Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 ...)
+CVE-2011-4956
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
-CVE-2011-4955 (Multiple cross-site scripting (XSS) vulnerabilities in ui_stats.php in ...)
+CVE-2011-4955
 	NOT-FOR-US: wordpress bsuite plugin
 CVE-2011-4954
 	RESERVED
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2011-4953 (The set_mgmt_parameters function in item.py in cobbler before 2.2.2 ...)
+CVE-2011-4953
 	- cobbler <not-affected> (Fixed before initial upload)
 CVE-2011-4952
 	RESERVED
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2011-4951 (Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware ...)
+CVE-2011-4951
 	NOT-FOR-US: EGroupware
-CVE-2011-4950 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-4950
 	NOT-FOR-US: EGroupware
-CVE-2011-4949 (SQL injection vulnerability in ...)
+CVE-2011-4949
 	NOT-FOR-US: EGroupware
-CVE-2011-4948 (Directory traversal vulnerability in admin/remote.php in EGroupware ...)
+CVE-2011-4948
 	NOT-FOR-US: EGroupware
-CVE-2011-4947 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-4947
 	NOT-FOR-US: e107
-CVE-2011-4946 (SQL injection vulnerability in e107_admin/users_extended.php in e107 ...)
+CVE-2011-4946
 	NOT-FOR-US: e107
-CVE-2011-4945 (PolicyKit 0.103 sets the AdminIdentities to &quot;wheel&quot; by default, which ...)
+CVE-2011-4945
 	- policykit-1 0.103-1
 	[squeeze] - policykit-1 <not-affected> (vulnerable code introduced in 0.103)
-CVE-2011-4944 (Python 2.6 through 3.2 creates ~/.pypirc with world-readable ...)
+CVE-2011-4944
 	{DLA-25-1}
 	- python2.7 2.7.3~rc2-2 (low; bug #650555)
 	- python2.6 2.6.8-1 (unimportant; bug #615118)
 	NOTE: Negligible impact
 CVE-2011-4943
 	RESERVED
-CVE-2011-4942 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-4942
 	NOT-FOR-US: Geeklog
-CVE-2011-4941 (Unspecified vulnerability in Piwik 1.2 through 1.4 allows remote ...)
+CVE-2011-4941
 	- piwik <itp> (bug #506933)
-CVE-2011-4940 (The list_directory function in Lib/SimpleHTTPServer.py in ...)
+CVE-2011-4940
 	{DLA-25-1}
 	- python2.7 2.7.2-8 (unimportant)
 	- python2.6 <unfixed> (unimportant; bug #664135)
 	- python2.5 <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/11
 	NOTE: This only affects IE7, which is inherently insecure anyway
-CVE-2011-4939 (The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin ...)
+CVE-2011-4939
 	- pidgin 2.10.2-1 (bug #664028)
 	[squeeze] - pidgin <not-affected> (vulnerable code not present)
 	NOTE: http://pidgin.im/news/security/?id=60
@@ -907,29 +907,29 @@ CVE-2011-4934
 	REJECTED
 CVE-2011-4933
 	REJECTED
-CVE-2011-4932 (Eval injection vulnerability in ...)
+CVE-2011-4932
 	NOT-FOR-US: ImpressPages CMS not in Debian
 CVE-2011-4931
 	RESERVED
 	- gpw <unfixed> (unimportant; bug #651510)
 	NOTE: This has only marginal security impact
-CVE-2011-4930 (Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, ...)
+CVE-2011-4930
 	- condor <not-affected> (Fixed before initial release)
-CVE-2011-4929 (Unspecified vulnerability in the bazaar repository adapter in Redmine ...)
+CVE-2011-4929
 	{DSA-2261-1}
 	- redmine 1.0.5-1 (bug #608397)
 	NOTE: http://www.redmine.org/news/49
-CVE-2011-4928 (Cross-site scripting (XSS) vulnerability in the textile formatter in ...)
+CVE-2011-4928
 	{DSA-2261-1}
 	- redmine 1.0.5-1 (bug #608397)
 	NOTE: http://www.redmine.org/news/49
-CVE-2011-4927 (Unspecified vulnerability in the bazaar repository adapter in Redmine ...)
+CVE-2011-4927
 	{DSA-2261-1}
 	- redmine 1.0.5-1 (bug #608397)
 	NOTE: http://www.redmine.org/news/49
-CVE-2011-4926 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-4926
 	NOT-FOR-US: WordPress plugin Adminimize
-CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...)
+CVE-2011-4925
 	- torque <not-affected> (The version in Debian doesn't yet have MUNGE support)
 CVE-2011-4924
 	RESERVED
@@ -941,24 +941,24 @@ CVE-2011-4924
 	- zope2.11 <removed>
 	- zope2.9 <removed>
 	NOTE: http://openwall.com/lists/oss-security/2012/01/19/16
-CVE-2011-4923 (Cross-site scripting (XSS) vulnerability in View.pm in BackupPC 3.0.0, ...)
+CVE-2011-4923
 	- backuppc 3.2.1-2 (bug #646865)
 	[squeeze] - backuppc 3.1.0-9.1
-CVE-2011-4922 (cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 ...)
+CVE-2011-4922
 	- pidgin 2.7.11-1 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[squeeze] - pidgin <no-dsa> (Minor issue)
 	NOTE: http://www.pidgin.im/news/security/?id=50
-CVE-2011-4921 (SQL injection vulnerability in usersettings.php in e107 0.7.26, and ...)
+CVE-2011-4921
 	NOT-FOR-US: e107
-CVE-2011-4920 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26, ...)
+CVE-2011-4920
 	NOT-FOR-US: e107
 CVE-2011-4919 [mpack info disclosure]
 	RESERVED
 	- mpack 1.6-8 (low; bug #655971)
 	[squeeze] - mpack <no-dsa> (Minor issue)
 	NOTE: http://openwall.com/lists/oss-security/2011/12/31/1
-CVE-2011-4918 (Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS ...)
+CVE-2011-4918
 	NOT-FOR-US: Elxis CMS, Aphrodite
 CVE-2011-4917
 	RESERVED
@@ -972,20 +972,20 @@ CVE-2011-4915
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Minor info leak, unlikely to be fixed upstream
-CVE-2011-4914 (The ROSE protocol implementation in the Linux kernel before 2.6.39 ...)
+CVE-2011-4914
 	{DSA-2389-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-4913 (The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux ...)
+CVE-2011-4913
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
 CVE-2011-4912
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-4911 (Joomla! before 1.5.12 does not perform a JEXEC check in unspecified ...)
+CVE-2011-4911
 	NOT-FOR-US: Joomla!
-CVE-2011-4910 (Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 ...)
+CVE-2011-4910
 	NOT-FOR-US: Joomla!
-CVE-2011-4909 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2011-4909
 	NOT-FOR-US: Joomla!
 CVE-2011-4908
 	RESERVED
@@ -996,12 +996,12 @@ CVE-2011-4907
 CVE-2011-4906
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-4905 (Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial ...)
+CVE-2011-4905
 	- activemq 5.5.0+dfsg-5 (bug #655495)
-CVE-2011-4899 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
+CVE-2011-4899
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
-CVE-2011-4898 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
+CVE-2011-4898
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
 CVE-2011-4904
@@ -1024,13 +1024,13 @@ CVE-2011-4900
 	RESERVED
 	{DSA-2289-1}
 	- typo3-src 4.5.4+dfsg1-1 (bug #635937)
-CVE-2011-4897 (Tor before 0.2.2.25-alpha, when configured as a relay without the ...)
+CVE-2011-4897
 	- tor 0.2.2.27-beta-1 (unimportant)
-CVE-2011-4896 (Tor before 0.2.2.24-alpha continues to use a reachable bridge that was ...)
+CVE-2011-4896
 	- tor 0.2.2.27-beta-1 (unimportant)
-CVE-2011-4895 (Tor before 0.2.2.34, when configured as a bridge, sets up circuits ...)
+CVE-2011-4895
 	- tor 0.2.2.34-1 (unimportant)
-CVE-2011-4894 (Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort ...)
+CVE-2011-4894
 	- tor 0.2.2.34-1 (unimportant)
 CVE-2011-4893
 	REJECTED
@@ -1038,104 +1038,104 @@ CVE-2011-4892
 	REJECTED
 CVE-2011-4891
 	REJECTED
-CVE-2011-4890 (The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows ...)
+CVE-2011-4890
 	NOT-FOR-US: IBM solidDB
-CVE-2011-4889 (The javax.naming.directory.AttributeInUseException class in the ...)
+CVE-2011-4889
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-4888
 	RESERVED
-CVE-2011-4887 (Cross-site scripting (XSS) vulnerability in the Violations Table in ...)
+CVE-2011-4887
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall
 CVE-2011-4886
 	RESERVED
-CVE-2011-4885 (PHP before 5.3.9 computes hash values for form parameters without ...)
+CVE-2011-4885
 	{DSA-2399-1}
 	- php5 5.3.9-1 (low)
 CVE-2011-4884
 	RESERVED
-CVE-2011-4883 (The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 ...)
+CVE-2011-4883
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4882 (The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 ...)
+CVE-2011-4882
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4881 (The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 ...)
+CVE-2011-4881
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4880 (Directory traversal vulnerability in the web server in Certec atvise ...)
+CVE-2011-4880
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4879 (miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, ...)
+CVE-2011-4879
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4878 (Directory traversal vulnerability in miniweb.exe in the HMI web server ...)
+CVE-2011-4878
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4877 (HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, ...)
+CVE-2011-4877
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4876 (Directory traversal vulnerability in HmiLoad in the runtime loader in ...)
+CVE-2011-4876
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4875 (Stack-based buffer overflow in HmiLoad in the runtime loader in ...)
+CVE-2011-4875
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4874 (Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows ...)
+CVE-2011-4874
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4873 (Unspecified vulnerability in the server in Certec EDV atvise before ...)
+CVE-2011-4873
 	NOT-FOR-US: Certec EDV atvise
-CVE-2011-4872 (Multiple HTC Android devices including Desire HD FRG83D and GRI40, ...)
+CVE-2011-4872
 	NOT-FOR-US: Android devices
-CVE-2011-4871 (Open Automation Software OPC Systems.NET before 5.0 allows remote ...)
+CVE-2011-4871
 	NOT-FOR-US: opcsystems.com
-CVE-2011-4870 (Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and ...)
+CVE-2011-4870
 	NOT-FOR-US: Invensys Wonderware
-CVE-2011-4869 (validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly ...)
+CVE-2011-4869
 	{DSA-2370-1}
 	- unbound 1.4.14-1 (medium)
-CVE-2011-4868 (The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when ...)
+CVE-2011-4868
 	- isc-dhcp 4.2.2.dfsg.1-5 (low; bug #655746)
 	[squeeze] - isc-dhcp <not-affected> (vulnerable code not present)
-CVE-2011-4867 (The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android ...)
+CVE-2011-4867
 	NOT-FOR-US: Tencent QQPhoto (com.tencent.qqphoto) application
-CVE-2011-4866 (The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for ...)
+CVE-2011-4866
 	NOT-FOR-US: Kaixin001 (com.kaixin001.activity) application
-CVE-2011-4865 (The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 ...)
+CVE-2011-4865
 	NOT-FOR-US: Tencent WBlog
-CVE-2011-4864 (The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for ...)
+CVE-2011-4864
 	NOT-FOR-US: Tencent MobileQQ (com.tencent.mobileqq) application
-CVE-2011-4863 (The Tencent QQPimSecure (com.tencent.qqpimsecure) application 3.0.2 ...)
+CVE-2011-4863
 	NOT-FOR-US: Tencent QQPimSecure (com.tencent.qqpimsecure) application
-CVE-2011-4862 (Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 ...)
+CVE-2011-4862
 	{DSA-2375-1 DSA-2373-1 DSA-2372-1}
 	- heimdal 1.5.dfsg.1-1 (high)
 	- inetutils 2:1.8-6 (high)
 	- krb5 1.8+dfsg~aa+r23527-1 (high)
 	- krb5-appl 1:1.0.1-1.2 (high; bug #654231)
 	NOTE: krb5 fixed through move of code to krb5-appl.
-CVE-2011-4861 (The modbus_125_handler function in the Schneider Electric Quantum ...)
+CVE-2011-4861
 	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
-CVE-2011-4860 (The ComputePassword function in the Schneider Electric Quantum ...)
+CVE-2011-4860
 	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
-CVE-2011-4859 (The Schneider Electric Quantum Ethernet Module, as used in the Quantum ...)
+CVE-2011-4859
 	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
-CVE-2011-4858 (Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 ...)
+CVE-2011-4858
 	{DSA-2401-1}
 	- tomcat5 <removed>
 	- tomcat6 6.0.35-1
 	- tomcat7 7.0.26-1
-CVE-2011-4857 (Heap-based buffer overflow in the in_mod.dll plugin in Winamp before ...)
+CVE-2011-4857
 	NOT-FOR-US: Winamp
-CVE-2011-4856 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4856
 	NOT-FOR-US: Plesk
-CVE-2011-4855 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4855
 	NOT-FOR-US: Plesk
-CVE-2011-4854 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4854
 	NOT-FOR-US: Plesk
-CVE-2011-4853 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4853
 	NOT-FOR-US: Plesk
-CVE-2011-4852 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4852
 	NOT-FOR-US: Plesk
-CVE-2011-4851 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4851
 	NOT-FOR-US: Plesk
-CVE-2011-4850 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4850
 	NOT-FOR-US: Plesk
-CVE-2011-4849 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4849
 	NOT-FOR-US: Plesk
-CVE-2011-4848 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
+CVE-2011-4848
 	NOT-FOR-US: Plesk
-CVE-2011-4847 (SQL injection vulnerability in the Control Panel in Parallels Plesk ...)
+CVE-2011-4847
 	NOT-FOR-US: Plesk
 CVE-2011-4846
 	RESERVED
@@ -1153,88 +1153,88 @@ CVE-2011-4840
 	RESERVED
 CVE-2011-4839
 	RESERVED
-CVE-2011-4838 (JRuby before 1.6.5.1 computes hash values without restricting the ...)
+CVE-2011-4838
 	{DLA-209-1}
 	- jruby 1.5.6-4 (low; bug #686867)
-CVE-2011-4837 (Cross-site request forgery (CSRF) vulnerability in /ctrl in the web ...)
+CVE-2011-4837
 	NOT-FOR-US: HomeSeer
-CVE-2011-4836 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+CVE-2011-4836
 	NOT-FOR-US: HomeSeer
-CVE-2011-4835 (Directory traversal vulnerability in the web interface in HomeSeer HS2 ...)
+CVE-2011-4835
 	NOT-FOR-US: HomeSeer
-CVE-2011-4834 (The GetInstalledPackages function in the configuration tool in HP ...)
+CVE-2011-4834
 	NOT-FOR-US: HP Application Lifestyle Management
-CVE-2011-4833 (Multiple SQL injection vulnerabilities in the Leads module in SugarCRM ...)
+CVE-2011-4833
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2011-4832 (Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop ...)
+CVE-2011-4832
 	NOT-FOR-US: CaupoShop
-CVE-2011-4831 (Directory traversal vulnerability in webFileBrowser.php in Web File ...)
+CVE-2011-4831
 	NOT-FOR-US: Web File Browser
-CVE-2011-4830 (Multiple cross-site scripting (XSS) vulnerabilities in the com_listing ...)
+CVE-2011-4830
 	NOT-FOR-US: Joomla extension
-CVE-2011-4829 (SQL injection vulnerability in the com_listing component in Barter ...)
+CVE-2011-4829
 	NOT-FOR-US: Joomla extension
-CVE-2011-4828 (Unrestricted file upload vulnerability in ...)
+CVE-2011-4828
 	NOT-FOR-US: AutoSec Tools V-CMS
-CVE-2011-4827 (Multiple cross-site scripting (XSS) vulnerabilities in AutoSec Tools ...)
+CVE-2011-4827
 	NOT-FOR-US: AutoSec Tools V-CMS
-CVE-2011-4826 (SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 ...)
+CVE-2011-4826
 	NOT-FOR-US: AutoSec Tools V-CMS
-CVE-2011-4825 (Static code injection vulnerability in inc/function.base.php in Ajax ...)
+CVE-2011-4825
 	NOT-FOR-US: Ajax File and Image Manager
-CVE-2011-4824 (SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h ...)
+CVE-2011-4824
 	{DSA-2384-1}
 	- cacti 0.8.7i-1 (high; bug #652371)
-CVE-2011-4823 (Multiple SQL injection vulnerabilities in Vik Real Estate ...)
+CVE-2011-4823
 	NOT-FOR-US: Joomla extension
-CVE-2011-4822 (Multiple cross-site scripting (XSS) vulnerabilities in the user ...)
+CVE-2011-4822
 	NOT-FOR-US: Atlassian FishEye
-CVE-2011-4821 (Directory traversal vulnerability in the TFTP server in D-Link DIR-601 ...)
+CVE-2011-4821
 	NOT-FOR-US: D-Link router
 CVE-2011-4820
 	RESERVED
-CVE-2011-4819 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo ...)
+CVE-2011-4819
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4818 (Open redirect vulnerability in IBM Maximo Asset Management and Asset ...)
+CVE-2011-4818
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4817 (The About option on the Help menu in IBM Maximo Asset Management and ...)
+CVE-2011-4817
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4816 (SQL injection vulnerability in the KPI component in IBM Maximo Asset ...)
+CVE-2011-4816
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4815 (Ruby (aka CRuby) before 1.8.7-p357 computes hash values without ...)
+CVE-2011-4815
 	{DLA-88-1}
 	- ruby1.8 1.8.7.358-1
 	- ruby1.9 <not-affected> (Includes randomisation of the hash function)
 	- ruby1.9.1 <not-affected> (Includes randomisation of the hash function)
-CVE-2011-4814 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 ...)
+CVE-2011-4814
 	- dolibarr 3.3.4-1 (low)
-CVE-2011-4813 (Directory traversal vulnerability in clientarea.php in ...)
+CVE-2011-4813
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2011-4812 (Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro ...)
+CVE-2011-4812
 	NOT-FOR-US: BestShopPro
-CVE-2011-4811 (SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows ...)
+CVE-2011-4811
 	NOT-FOR-US: BestShopPro
-CVE-2011-4810 (Multiple directory traversal vulnerabilities in WHMCompleteSolution ...)
+CVE-2011-4810
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2011-4809 (Multiple cross-site scripting (XSS) vulnerabilities in the HM ...)
+CVE-2011-4809
 	NOT-FOR-US: Joomla extension
-CVE-2011-4808 (SQL injection vulnerability in the HM Community (com_hmcommunity) ...)
+CVE-2011-4808
 	NOT-FOR-US: Joomla extension
-CVE-2011-4807 (Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and ...)
+CVE-2011-4807
 	NOT-FOR-US: phpAlbum
-CVE-2011-4806 (Multiple cross-site scripting (XSS) vulnerabilities in main.php in ...)
+CVE-2011-4806
 	NOT-FOR-US: phpAlbum
-CVE-2011-4805 (Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP ...)
+CVE-2011-4805
 	NOT-FOR-US: SAP Crystal Report Server
-CVE-2011-4804 (Directory traversal vulnerability in the obSuggest (com_obsuggest) ...)
+CVE-2011-4804
 	NOT-FOR-US: Joomla extension
-CVE-2011-4803 (SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin ...)
+CVE-2011-4803
 	NOT-FOR-US: WPTouch WordPress plugin
-CVE-2011-4802 (Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and ...)
+CVE-2011-4802
 	- dolibarr 3.3.4-1
-CVE-2011-4801 (SQL injection vulnerability in akeyActivationLogin.do in Authenex Web ...)
+CVE-2011-4801
 	NOT-FOR-US: Authenex Strong Authentication System
-CVE-2011-4800 (Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 ...)
+CVE-2011-4800
 	NOT-FOR-US: Serv-U FTP Server
 CVE-2011-4799
 	REJECTED
@@ -1252,271 +1252,271 @@ CVE-2011-4793
 	REJECTED
 CVE-2011-4792
 	REJECTED
-CVE-2011-4791 (DBServer.exe in HP Data Protector Media Operations 6.11 and earlier ...)
+CVE-2011-4791
 	NOT-FOR-US: HP Data Protector
-CVE-2011-4790 (Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, ...)
+CVE-2011-4790
 	NOT-FOR-US: HP Network Automation
-CVE-2011-4789 (Stack-based buffer overflow in magentservice.exe in the server in HP ...)
+CVE-2011-4789
 	NOT-FOR-US: HP Diagnostics
-CVE-2011-4788 (Absolute path traversal vulnerability in the web interface on HP ...)
+CVE-2011-4788
 	NOT-FOR-US: HP StorageWorks
-CVE-2011-4787 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care ...)
+CVE-2011-4787
 	NOT-FOR-US: HP Easy Printer Care
-CVE-2011-4786 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care ...)
+CVE-2011-4786
 	NOT-FOR-US: HP Easy Printer Care
-CVE-2011-4785 (Directory traversal vulnerability in the HP-ChaiSOE/1.0 web server on ...)
+CVE-2011-4785
 	NOT-FOR-US: HP-ChaiSOE/1.0 web server
-CVE-2011-4784 (The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not ...)
+CVE-2011-4784
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2011-4783 (The IDAPython plugin before 1.5.2.3 in IDA Pro allows user-assisted ...)
+CVE-2011-4783
 	NOT-FOR-US: IDA Pro
-CVE-2011-4782 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-4782
 	- phpmyadmin 4:3.4.9-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: unlikely exploitation scenario
 CVE-2011-4781
 	RESERVED
-CVE-2011-4780 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-4780
 	- phpmyadmin 4:3.4.9-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: unlikely exploitation scenario
 CVE-2011-4779
 	REJECTED
-CVE-2011-4778 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x ...)
+CVE-2011-4778
 	NOT-FOR-US: Splunk Web
-CVE-2011-4777 (Cross-site scripting (XSS) vulnerability in the Site Editor (aka ...)
+CVE-2011-4777
 	NOT-FOR-US: Plesk
-CVE-2011-4776 (Multiple cross-site scripting (XSS) vulnerabilities in the Control ...)
+CVE-2011-4776
 	NOT-FOR-US: Plesk
 CVE-2011-4775
 	RESERVED
 CVE-2011-4774
 	RESERVED
-CVE-2011-5146 (Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users ...)
+CVE-2011-5146
 	- bokken 1.5-3 (bug #651931)
-CVE-2011-4773 (The AnGuanJia (com.anguanjia.safe) application 2.10.343 for Android ...)
+CVE-2011-4773
 	NOT-FOR-US: AnGuanJia (com.anguanjia.safe) application
-CVE-2011-4772 (The 360 KouXin (com.qihoo360.kouxin) application 1.5.3 for Android ...)
+CVE-2011-4772
 	NOT-FOR-US: 360 KouXin (com.qihoo360.kouxin) application
-CVE-2011-4771 (The Scan to PDF Free (com.scan.to.pdf.trial) application 2.0.4 for ...)
+CVE-2011-4771
 	NOT-FOR-US: Scan to PDF Free (com.scan.to.pdf.trial) application
-CVE-2011-4770 (The QIWI Wallet (ru.mw) application before 1.14.2 for Android does not ...)
+CVE-2011-4770
 	NOT-FOR-US: QIWI Wallet (ru.mw) application
-CVE-2011-4769 (The 360 MobileSafe (com.qihoo360.mobilesafe) application 2.x before ...)
+CVE-2011-4769
 	NOT-FOR-US: 360 MobileSafe (com.qihoo360.mobilesafe) application
-CVE-2011-4768 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small ...)
+CVE-2011-4768
 	NOT-FOR-US: Plesk
-CVE-2011-4767 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small ...)
+CVE-2011-4767
 	NOT-FOR-US: Plesk
-CVE-2011-4766 (** DISPUTED ** The Site Editor (aka SiteBuilder) feature in Parallels ...)
+CVE-2011-4766
 	NOT-FOR-US: Plesk
-CVE-2011-4765 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small ...)
+CVE-2011-4765
 	NOT-FOR-US: Plesk
-CVE-2011-4764 (Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor ...)
+CVE-2011-4764
 	NOT-FOR-US: Plesk
-CVE-2011-4763 (Multiple SQL injection vulnerabilities in the Site Editor (aka ...)
+CVE-2011-4763
 	NOT-FOR-US: Plesk
-CVE-2011-4762 (Parallels Plesk Small Business Panel 10.2.0 sends incorrect ...)
+CVE-2011-4762
 	NOT-FOR-US: Plesk
-CVE-2011-4761 (Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type ...)
+CVE-2011-4761
 	NOT-FOR-US: Plesk
-CVE-2011-4760 (Parallels Plesk Small Business Panel 10.2.0 has web pages containing ...)
+CVE-2011-4760
 	NOT-FOR-US: Plesk
-CVE-2011-4759 (Parallels Plesk Small Business Panel 10.2.0 generates web pages ...)
+CVE-2011-4759
 	NOT-FOR-US: Plesk
-CVE-2011-4758 (Parallels Plesk Small Business Panel 10.2.0 receives cleartext ...)
+CVE-2011-4758
 	NOT-FOR-US: Plesk
-CVE-2011-4757 (Parallels Plesk Small Business Panel 10.2.0 generates a password form ...)
+CVE-2011-4757
 	NOT-FOR-US: Plesk
-CVE-2011-4756 (Parallels Plesk Small Business Panel 10.2.0 does not include the ...)
+CVE-2011-4756
 	NOT-FOR-US: Plesk
-CVE-2011-4755 (Parallels Plesk Small Business Panel 10.2.0 does not properly validate ...)
+CVE-2011-4755
 	NOT-FOR-US: Plesk
-CVE-2011-4754 (Multiple cross-site scripting (XSS) vulnerabilities in Parallels Plesk ...)
+CVE-2011-4754
 	NOT-FOR-US: Plesk
-CVE-2011-4753 (Multiple SQL injection vulnerabilities in Parallels Plesk Small ...)
+CVE-2011-4753
 	NOT-FOR-US: Plesk
-CVE-2011-4752 (SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type ...)
+CVE-2011-4752
 	NOT-FOR-US: SmarterTools SmaterStats
-CVE-2011-4751 (SmarterTools SmarterStats 6.2.4100 generates web pages containing ...)
+CVE-2011-4751
 	NOT-FOR-US: SmarterTools SmaterStats
-CVE-2011-4750 (Multiple cross-site scripting (XSS) vulnerabilities in SmarterTools ...)
+CVE-2011-4750
 	NOT-FOR-US: SmarterTools SmaterStats
-CVE-2011-4749 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
+CVE-2011-4749
 	NOT-FOR-US: Plesk
-CVE-2011-4748 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
+CVE-2011-4748
 	NOT-FOR-US: Plesk
-CVE-2011-4747 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
+CVE-2011-4747
 	NOT-FOR-US: Plesk
-CVE-2011-4746 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
+CVE-2011-4746
 	NOT-FOR-US: Plesk
-CVE-2011-4745 (Multiple cross-site scripting (XSS) vulnerabilities in the billing ...)
+CVE-2011-4745
 	NOT-FOR-US: Plesk
-CVE-2011-4744 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4744
 	NOT-FOR-US: Plesk
-CVE-2011-4743 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4743
 	NOT-FOR-US: Plesk
-CVE-2011-4742 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4742
 	NOT-FOR-US: Plesk
-CVE-2011-4741 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4741
 	NOT-FOR-US: Plesk
-CVE-2011-4740 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4740
 	NOT-FOR-US: Plesk
-CVE-2011-4739 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4739
 	NOT-FOR-US: Plesk
-CVE-2011-4738 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4738
 	NOT-FOR-US: Plesk
-CVE-2011-4737 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4737
 	NOT-FOR-US: Plesk
-CVE-2011-4736 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ...)
+CVE-2011-4736
 	NOT-FOR-US: Plesk
-CVE-2011-4735 (Multiple cross-site scripting (XSS) vulnerabilities in the Control ...)
+CVE-2011-4735
 	NOT-FOR-US: Plesk
-CVE-2011-4734 (Multiple SQL injection vulnerabilities in the Control Panel in ...)
+CVE-2011-4734
 	NOT-FOR-US: Plesk
-CVE-2011-4733 (The Server Administration Panel in Parallels Plesk Panel ...)
+CVE-2011-4733
 	NOT-FOR-US: Plesk
-CVE-2011-4732 (The Server Administration Panel in Parallels Plesk Panel ...)
+CVE-2011-4732
 	NOT-FOR-US: Plesk
-CVE-2011-4731 (The Server Administration Panel in Parallels Plesk Panel ...)
+CVE-2011-4731
 	NOT-FOR-US: Plesk
-CVE-2011-4730 (The Server Administration Panel in Parallels Plesk Panel ...)
+CVE-2011-4730
 	NOT-FOR-US: Plesk
-CVE-2011-4729 (The Server Administration Panel in Parallels Plesk Panel ...)
+CVE-2011-4729
 	NOT-FOR-US: Plesk
-CVE-2011-4728 (The Server Administration Panel in Parallels Plesk Panel ...)
+CVE-2011-4728
 	NOT-FOR-US: Plesk
-CVE-2011-4727 (The Server Administration Panel in Parallels Plesk Panel ...)
+CVE-2011-4727
 	NOT-FOR-US: Plesk
-CVE-2011-4726 (Multiple cross-site scripting (XSS) vulnerabilities in the Server ...)
+CVE-2011-4726
 	NOT-FOR-US: Plesk
-CVE-2011-4725 (Multiple SQL injection vulnerabilities in the Server Administration ...)
+CVE-2011-4725
 	NOT-FOR-US: Plesk
 CVE-2011-4724
 	RESERVED
-CVE-2011-4723 (The D-Link DIR-300 router stores cleartext passwords, which allows ...)
+CVE-2011-4723
 	NOT-FOR-US: D-Link DIR-300 router
-CVE-2011-4722 (Directory traversal vulnerability in the TFTP Server 1.0.0.24 in ...)
+CVE-2011-4722
 	NOT-FOR-US: Ipswitch WhatsUp Gold
 CVE-2011-4721
 	RESERVED
-CVE-2011-4720 (Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a ...)
+CVE-2011-4720
 	NOT-FOR-US: Hillstone HS TFTP Server
-CVE-2011-4719 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2011-4719
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: Duplicate for chromebooks
-CVE-2011-4718 (Session fixation vulnerability in the Sessions subsystem in PHP before ...)
+CVE-2011-4718
 	- php5 5.5.2+dfsg-1 (low)
 	[wheezy] - php5 <no-dsa> (Too intrusive to backport, mitigations exists)
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport, mitigations exists)
 	NOTE: 5.5.2 implements strict sessions RFC (https://wiki.php.net/rfc/strict_sessions)
-CVE-2011-4717 (Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows ...)
+CVE-2011-4717
 	NOT-FOR-US: zFTPServer Suite
-CVE-2011-4716 (Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, ...)
+CVE-2011-4716
 	NOT-FOR-US: DreamBox
-CVE-2011-4715 (Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha ...)
+CVE-2011-4715
 	- koha <itp> (bug #389876)
-CVE-2011-4714 (Directory traversal vulnerability in Virtual Vertex Muster before 6.20 ...)
+CVE-2011-4714
 	NOT-FOR-US: Virtual Vertex Muster
-CVE-2011-4713 (Directory traversal vulnerability in catalog/content.php in osCSS2 ...)
+CVE-2011-4713
 	NOT-FOR-US: osCSS2
-CVE-2011-4712 (Directory traversal vulnerability in Oxide WebServer allows remote ...)
+CVE-2011-4712
 	NOT-FOR-US: Oxide
-CVE-2011-4711 (Multiple directory traversal vulnerabilities in namazu.cgi in Namazu ...)
+CVE-2011-4711
 	- namazu2 <not-affected> (Windows-specific issue)
-CVE-2011-4710 (Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 ...)
+CVE-2011-4710
 	NOT-FOR-US: Pixie CMS
-CVE-2011-4709 (Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in ...)
+CVE-2011-4709
 	NOT-FOR-US: Hotaru
-CVE-2011-4708 (Cross-site scripting (XSS) vulnerability in IBM Rational Asset Manager ...)
+CVE-2011-4708
 	NOT-FOR-US: IBM Rational Asset Manager
-CVE-2011-4707 (Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan ...)
+CVE-2011-4707
 	NOT-FOR-US: SAP Netweaver
 CVE-2011-4706
 	RESERVED
-CVE-2011-4705 (The Ming Blacklist Free (vc.software.blacklist) application 1.8.1 and ...)
+CVE-2011-4705
 	NOT-FOR-US: Ming Blacklist Free (vc.software.blacklist) application
-CVE-2011-4704 (The Voxofon (com.voxofon) application before 2.5.2 for Android does ...)
+CVE-2011-4704
 	NOT-FOR-US: Voxofon (com.voxofon) application
-CVE-2011-4703 (The Limit My Call (com.limited.call.view) application 2.11 for Android ...)
+CVE-2011-4703
 	NOT-FOR-US: Limit My Call (com.limited.call.view) application
-CVE-2011-4702 (The Nimbuzz (com.nimbuzz) application 2.0.8 and 2.0.10 for Android ...)
+CVE-2011-4702
 	NOT-FOR-US: Nimbuzz (com.nimbuzz) application
-CVE-2011-4701 (The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 ...)
+CVE-2011-4701
 	NOT-FOR-US: CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application
-CVE-2011-4700 (The UberMedia UberSocial (com.twidroid) application 7.x before 7.2.4 ...)
+CVE-2011-4700
 	NOT-FOR-US: UberMedia UberSocial (com.twidroid) application
-CVE-2011-4699 (The Ubermedia Twidroyd Legacy (com.twidroydlegacy) application 4.3.11 ...)
+CVE-2011-4699
 	NOT-FOR-US: Ubermedia Twidroyd Legacy (com.twidroydlegacy) application
-CVE-2011-4698 (The AndroidAppTools Easy Filter (com.phoneblocker.android) application ...)
+CVE-2011-4698
 	NOT-FOR-US: AndroidAppTools Easy Filter (com.phoneblocker.android)
-CVE-2011-4697 (The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before ...)
+CVE-2011-4697
 	NOT-FOR-US: Xiaomi MiTalk Messenger (com.xiaomi.channel) application
-CVE-2011-4696 (Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 ...)
+CVE-2011-4696
 	NOT-FOR-US: Eye-Fi Helper
-CVE-2011-4695 (Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is ...)
+CVE-2011-4695
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-4694 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows ...)
+CVE-2011-4694
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-4693 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows ...)
+CVE-2011-4693
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-4692 (WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 ...)
+CVE-2011-4692
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-4691 (Google Chrome 15.0.874.121 and earlier does not prevent capture of ...)
+CVE-2011-4691
 	- chromium-browser 17.0.963.56~r121963-1 (unimportant)
-CVE-2011-4690 (Opera 11.60 and earlier does not prevent capture of data about the ...)
+CVE-2011-4690
 	NOT-FOR-US: Opera
-CVE-2011-4689 (Microsoft Internet Explorer 6 through 9 does not prevent capture of ...)
+CVE-2011-4689
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-4688 (Mozilla Firefox 8.0.1 and earlier does not prevent capture of data ...)
+CVE-2011-4688
 	- iceweasel <removed> (unimportant)
-CVE-2011-4687 (Opera before 11.60 allows remote attackers to cause a denial of ...)
+CVE-2011-4687
 	NOT-FOR-US: Opera
-CVE-2011-4686 (Unspecified vulnerability in the Web Workers implementation in Opera ...)
+CVE-2011-4686
 	NOT-FOR-US: Opera
-CVE-2011-4685 (Dragonfly in Opera before 11.60 allows remote attackers to cause a ...)
+CVE-2011-4685
 	NOT-FOR-US: Opera
-CVE-2011-4684 (Opera before 11.60 does not properly handle certificate revocation, ...)
+CVE-2011-4684
 	NOT-FOR-US: Opera
-CVE-2011-4683 (Unspecified vulnerability in Opera before 11.60 has unknown impact and ...)
+CVE-2011-4683
 	NOT-FOR-US: Opera
-CVE-2011-4682 (The JavaScript engine in Opera before 11.60 does not properly ...)
+CVE-2011-4682
 	NOT-FOR-US: Opera
-CVE-2011-4681 (Opera before 11.60 does not properly consider the number of . (dot) ...)
+CVE-2011-4681
 	NOT-FOR-US: Opera
-CVE-2011-4680 (Multiple cross-site scripting (XSS) vulnerabilities in the customer ...)
+CVE-2011-4680
 	NOT-FOR-US: vtiger CRM
-CVE-2011-4679 (vtiger CRM before 5.3.0 does not properly recognize the disabled ...)
+CVE-2011-4679
 	NOT-FOR-US: vtiger CRM
-CVE-2011-4678 (The password reset feature in One Click Orgs before 1.2.3 generates ...)
+CVE-2011-4678
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4677 (One Click Orgs before 1.2.3 does not have an off autocomplete ...)
+CVE-2011-4677
 	NOT-FOR-US: One Click Orgs
 CVE-2011-4676
 	RESERVED
-CVE-2011-4675 (The pathname canonicalization functionality in ...)
+CVE-2011-4675
 	- widelands 1:15-3 (low)
 	NOTE: Nearly a duplicate of CVE-2011-1932.
 	NOTE: CVE's SPLIT decision is unclear.
-CVE-2011-4674 (SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, ...)
+CVE-2011-4674
 	- zabbix 1:1.8.9-1 (bug #651225)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-4673 (SQL injection vulnerability in modules/sharedaddy.php in the Jetpack ...)
+CVE-2011-4673
 	NOT-FOR-US: Jetpack plugin for Wordpress
-CVE-2011-4672 (Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and ...)
+CVE-2011-4672
 	NOT-FOR-US: Valid tiny-erp, different from TinyERP, the former name of OpenERP
-CVE-2011-4671 (SQL injection vulnerability in adrotate/adrotate-out.php in the ...)
+CVE-2011-4671
 	NOT-FOR-US: Adrorate plugin for Wordpress
-CVE-2011-4670 (Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM ...)
+CVE-2011-4670
 	NOT-FOR-US: vTiger CRM
-CVE-2011-4669 (SQL injection vulnerability in wp-users.php in WordPress Users plugin ...)
+CVE-2011-4669
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-4668 (IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers ...)
+CVE-2011-4668
 	NOT-FOR-US: Tivoli
-CVE-2011-4667 (The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and ...)
+CVE-2011-4667
 	NOT-FOR-US: Cisco
 CVE-2011-4666
 	RESERVED
@@ -1532,7 +1532,7 @@ CVE-2011-4661
 	RESERVED
 CVE-2011-4660
 	RESERVED
-CVE-2011-4659 (Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video ...)
+CVE-2011-4659
 	NOT-FOR-US: Cisco TelePresence Software
 CVE-2011-4658
 	RESERVED
@@ -1550,31 +1550,31 @@ CVE-2011-4652
 	RESERVED
 CVE-2011-4651
 	RESERVED
-CVE-2011-4650 (Cisco Data Center Network Manager is affected by Excessive Logging ...)
+CVE-2011-4650
 	NOT-FOR-US: Cisco
 CVE-2011-4649
 	RESERVED
 CVE-2011-4648
 	RESERVED
-CVE-2011-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the story ...)
+CVE-2011-4647
 	NOT-FOR-US: Geeklog
-CVE-2011-4646 (SQL injection vulnerability in wp-postratings.php in the ...)
+CVE-2011-4646
 	NOT-FOR-US: Wordpress plugin
 CVE-2011-4645
 	RESERVED
-CVE-2011-4644 (Splunk 4.2.5 and earlier, when a Free license is selected, enables ...)
+CVE-2011-4644
 	NOT-FOR-US: Splunk Web
-CVE-2011-4643 (Multiple directory traversal vulnerabilities in Splunk 4.x before ...)
+CVE-2011-4643
 	NOT-FOR-US: Splunk Web
-CVE-2011-4642 (mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly ...)
+CVE-2011-4642
 	NOT-FOR-US: Splunk Web
 CVE-2011-4641
 	RESERVED
-CVE-2011-4640 (Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan ...)
+CVE-2011-4640
 	NOT-FOR-US: SpamTitan
-CVE-2011-4639 (The (1) Traceroute and (2) Ping implementations in tools.php in ...)
+CVE-2011-4639
 	NOT-FOR-US: SpamTitan
-CVE-2011-4638 (Multiple SQL injection vulnerabilities in SpamTitan WebTitan before ...)
+CVE-2011-4638
 	NOT-FOR-US: SpamTitan
 CVE-2011-4637
 	RESERVED
@@ -1582,7 +1582,7 @@ CVE-2011-4636
 	RESERVED
 CVE-2011-4635
 	RESERVED
-CVE-2011-4634 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2011-4634
 	- phpmyadmin 4:3.4.8-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -1620,40 +1620,40 @@ CVE-2011-4625 [simplesamlphp xml encryption issues]
 	RESERVED
 	{DSA-2330-1}
 	- simplesamlphp 1.8.1-1
-CVE-2011-4624 (Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND ...)
+CVE-2011-4624
 	NOT-FOR-US: WordPress flash-album-gallery
-CVE-2011-4623 (Integer overflow in the rsCStrExtendBuf function in ...)
+CVE-2011-4623
 	- rsyslog 5.7.4-1
 	[squeeze] - rsyslog <no-dsa> (Minor issue)
-CVE-2011-4622 (The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and ...)
+CVE-2011-4622
 	{DSA-2389-1}
 	- linux-2.6 3.1.8-1
-CVE-2011-4621 (The Linux kernel before 2.6.37 does not properly implement a certain ...)
+CVE-2011-4621
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.35)
-CVE-2011-4620 (Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB ...)
+CVE-2011-4620
 	{DSA-2425-1}
 	- plib 1.8.5-5.1 (bug #654785)
-CVE-2011-4619 (The Server Gated Cryptography (SGC) implementation in OpenSSL before ...)
+CVE-2011-4619
 	{DSA-2390-1}
 	- openssl 1.0.0h-1
-CVE-2011-4618 (Cross-site scripting (XSS) vulnerability in advancedtext.php in ...)
+CVE-2011-4618
 	NOT-FOR-US: WordPress advanced-text-widget
-CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to overwrite ...)
+CVE-2011-4617
 	- python-virtualenv 1.6-1 (low; bug #652653)
 	[lenny] - python-virtualenv <no-dsa> (Minor issue)
 	[squeeze] - python-virtualenv 1.4.9-3squeeze1
-CVE-2011-4616 (Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro ...)
+CVE-2011-4616
 	- libhtml-template-pro-perl 0.9507-1 (low; bug #652587)
 	[squeeze] - libhtml-template-pro-perl 0.9502-1+squeeze1
-CVE-2011-4615 (Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before ...)
+CVE-2011-4615
 	- zabbix 1:1.8.10-1 (bug #652664)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-4614 (PHP remote file inclusion vulnerability in ...)
+CVE-2011-4614
 	- typo3-src 4.5.9+dfsg1-1 (bug #652365)
 	[squeeze] - typo3-src <not-affected> (Only affects 4.5 onwards)
 	[lenny] - typo3-src <not-affected> (Only affects 4.5 onwards)
-CVE-2011-4613 (The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu ...)
+CVE-2011-4613
 	{DSA-2364-1}
 	- xorg 1:7.6+10 (low; bug #652249)
 	[lenny] - xorg <not-affected> (Introduced in 1:7.4~4)
@@ -1662,152 +1662,152 @@ CVE-2011-XXXX [X launcher doesn't drop group privileges]
 	[squeeze] - xorg 1:7.5+8+squeeze1
 	[lenny] - xorg <no-dsa> (potential privilege handling weakness, no known attack vector)
 	NOTE: http://anonscm.debian.org/gitweb/?p=pkg-xorg/debian/xorg.git;a=commitdiff;h=e81b3943be75ca6674867fc7756905490e979522
-CVE-2011-4612 (icecast before 2.3.3 allows remote attackers to inject control ...)
+CVE-2011-4612
 	- icecast2 2.3.3-1 (bug #652663)
 	[lenny] - icecast2 <no-dsa> (Minor issue)
 	[squeeze] - icecast2 <no-dsa> (Minor issue)
 	[wheezy] - icecast2 2.3.2-9+deb7u2
-CVE-2011-4611 (Integer overflow in the perf_event_interrupt function in ...)
+CVE-2011-4611
 	{DSA-2389-1}
 	- linux-2.6 3.0.0-1
-CVE-2011-4610 (JBoss Web, as used in Red Hat JBoss Communications Platform before ...)
+CVE-2011-4610
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2011-4609 (The svc_run function in the RPC implementation in glibc before 2.15 ...)
+CVE-2011-4609
 	- eglibc 2.13-33 (low; bug #671478)
 	[squeeze] - eglibc 2.11.3-4
-CVE-2011-4608 (mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat ...)
+CVE-2011-4608
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2011-4607 (PuTTY 0.59 through 0.61 does not clear sensitive process memory when ...)
+CVE-2011-4607
 	- putty 0.62-1 (unimportant)
 	[squeeze] - putty 0.60+2010-02-20-1+squeeze2
 	NOTE: DSA-2736-1
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html
 	NOTE: Hardening measure, not a vulnerability
-CVE-2011-4606 (Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 ...)
+CVE-2011-4606
 	- rocksndiamonds 3.3.0.1+dfsg1-2.2 (bug #651620)
 	[squeeze] - rocksndiamonds <no-dsa> (Contrib not supported)
 	[lenny] - rocksndiamonds <no-dsa> (Contrib not supported)
-CVE-2011-4605 (The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory ...)
+CVE-2011-4605
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2011-4604 (The bat_socket_read function in net/batman-adv/icmp_socket.c in the ...)
+CVE-2011-4604
 	- batmand-adv-kernelland <removed>
 	[squeeze] - batmand-adv-kernelland <not-affected> (Vulnerable code not present)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-4603 (The silc_channel_message function in ops.c in the SILC protocol plugin ...)
+CVE-2011-4603
 	- pidgin 2.10.1-1 (low)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
-CVE-2011-4602 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not ...)
+CVE-2011-4602
 	- pidgin 2.10.1-1 (low)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
-CVE-2011-4601 (family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin ...)
+CVE-2011-4601
 	- pidgin 2.10.1-1 (low)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
-CVE-2011-4600 (The networkReloadIptablesRules function in network/bridge_driver.c in ...)
+CVE-2011-4600
 	- libvirt 0.9.9-1 (low)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-4599 (Stack-based buffer overflow in the _canonicalize function in ...)
+CVE-2011-4599
 	{DSA-2397-1}
 	- icu 4.8.1.1-3 (bug #654883)
-CVE-2011-4598 (The handle_request_info function in channels/chan_sip.c in Asterisk ...)
+CVE-2011-4598
 	{DSA-2367-1}
 	- asterisk 1:1.8.8.0~dfsg-1 (bug #651552)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-4597 (The SIP over UDP implementation in Asterisk Open Source 1.4.x before ...)
+CVE-2011-4597
 	{DSA-2367-1}
 	- asterisk 1:1.8.8.0~dfsg-1 (bug #651552)
-CVE-2011-4596 (Multiple directory traversal vulnerabilities in OpenStack Nova before ...)
+CVE-2011-4596
 	- nova 2012.1~e1-4
 CVE-2011-4595
 	RESERVED
 	NOT-FOR-US: WordPress pretty-link plugin
-CVE-2011-4594 (The __sys_sendmsg function in net/socket.c in the Linux kernel before ...)
+CVE-2011-4594
 	- linux-2.6 3.1-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced and fixed during 3.1 dev cycle)
 	[lenny] - linux-2.6 <not-affected> (Introduced and fixed during 3.1 dev cycle)
-CVE-2011-4593 (Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 ...)
+CVE-2011-4593
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4592 (The command-line cron implementation in Moodle 2.0.x before 2.0.6 and ...)
+CVE-2011-4592
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4591 (Cross-site scripting (XSS) vulnerability in the print_object function ...)
+CVE-2011-4591
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4590 (The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x ...)
+CVE-2011-4590
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4589 (backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and ...)
+CVE-2011-4589
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4588 (The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x ...)
+CVE-2011-4588
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4587 (lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, ...)
+CVE-2011-4587
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4586 (CRLF injection vulnerability in calendar/set.php in the Calendar ...)
+CVE-2011-4586
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4585 (login/change_password.php in Moodle 1.9.x before 1.9.15 does not use ...)
+CVE-2011-4585
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4584 (The MNET authentication functionality in Moodle 1.9.x before 1.9.15, ...)
+CVE-2011-4584
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4583 (Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service ...)
+CVE-2011-4583
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4582 (Open redirect vulnerability in the Calendar set page in Moodle 2.1.x ...)
+CVE-2011-4582
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4581 (mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before ...)
+CVE-2011-4581
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4580 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss ...)
+CVE-2011-4580
 	NOT-FOR-US: JBoss Enterprise Portal Platform
-CVE-2011-4579 (The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in ...)
+CVE-2011-4579
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4931c8f0f10bf8dedcf626104a6b85bfefadc6f2
-CVE-2011-4578 (event.c in acpid (aka acpid2) before 2.0.11 does not have an ...)
+CVE-2011-4578
 	{DSA-2362-1}
 	- acpid 1:2.0.11-1
-CVE-2011-4577 (OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is ...)
+CVE-2011-4577
 	- openssl 1.0.0f-1 (unimportant)
 	NOTE: RFC 3779 support has not been enabled at compile time.
-CVE-2011-4576 (The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before ...)
+CVE-2011-4576
 	{DSA-2390-1}
 	- openssl 1.0.0f-1
-CVE-2011-4575 (Cross-site scripting (XSS) vulnerability in the JMX console in JBoss ...)
+CVE-2011-4575
 	NOT-FOR-US: JMX Console
 CVE-2011-4574
 	RESERVED
-CVE-2011-4573 (Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly ...)
+CVE-2011-4573
 	NOT-FOR-US: JBoss Operations Network
-CVE-2011-4572 (Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF ...)
+CVE-2011-4572
 	NOT-FOR-US: CF Image Hosting Script
-CVE-2011-4571 (SQL injection vulnerability in the Estate Agent (com_estateagent) ...)
+CVE-2011-4571
 	NOT-FOR-US: Joomla extension
-CVE-2011-4570 (SQL injection vulnerability in the Time Returns (com_timereturns) ...)
+CVE-2011-4570
 	NOT-FOR-US: Joomla extension
-CVE-2011-4569 (SQL injection vulnerability in userbarsettings.php in the Userbar ...)
+CVE-2011-4569
 	NOT-FOR-US: MyBB extension
-CVE-2011-4568 (Cross-site scripting (XSS) vulnerability in view/frontend-head.php in ...)
+CVE-2011-4568
 	NOT-FOR-US: Wordpress extension
-CVE-2011-4567 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-4567
 	NOT-FOR-US: Zen Cart
-CVE-2011-4566 (Integer overflow in the exif_process_IFD_TAG function in exif.c in the ...)
+CVE-2011-4566
 	{DSA-2399-1}
 	- php5 5.3.9-1
-CVE-2011-4565 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.5.1.a, ...)
+CVE-2011-4565
 	NOT-FOR-US: XOOPS
-CVE-2011-4564 (Cross-site scripting (XSS) vulnerability in the admin script in Active ...)
+CVE-2011-4564
 	NOT-FOR-US: Active CMS
-CVE-2011-4563 (Cross-site scripting (XSS) vulnerability in index.php in JAKCMS ...)
+CVE-2011-4563
 	NOT-FOR-US: JAKCMS
-CVE-2011-4562 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2011-4562
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-4561 (Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 ...)
+CVE-2011-4561
 	NOT-FOR-US: Phorum
-CVE-2011-4560 (Cross-site scripting (XSS) vulnerability in the Petition Node module ...)
+CVE-2011-4560
 	NOT-FOR-US: Petition node module for Drupal
-CVE-2011-4559 (SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 ...)
+CVE-2011-4559
 	NOT-FOR-US: vTiger
 CVE-2011-4558
 	RESERVED
@@ -1818,136 +1818,136 @@ CVE-2011-4557
 	RESERVED
 CVE-2011-4556
 	RESERVED
-CVE-2011-4555 (One Click Orgs before 1.2.3 does not require unique e-mail addresses ...)
+CVE-2011-4555
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4554 (One Click Orgs before 1.2.3 allows remote authenticated users to ...)
+CVE-2011-4554
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4553 (Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 ...)
+CVE-2011-4553
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4552 (Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs ...)
+CVE-2011-4552
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4551 (Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in ...)
+CVE-2011-4551
 	- tikiwiki <removed>
 CVE-2011-4550
 	RESERVED
 CVE-2011-4549
 	RESERVED
-CVE-2011-4548 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2011-4548
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: duplicate for chromebooks
-CVE-2011-4547 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-4547
 	NOT-FOR-US: Zen Cart
 CVE-2011-4546
 	RESERVED
-CVE-2011-4545 (CRLF injection vulnerability in admin/displayImage.php in Prestashop ...)
+CVE-2011-4545
 	NOT-FOR-US: Prestashop
-CVE-2011-4544 (Multiple cross-site scripting (XSS) vulnerabilities in Prestashop ...)
+CVE-2011-4544
 	NOT-FOR-US: Prestashop
-CVE-2011-4543 (Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow ...)
+CVE-2011-4543
 	NOT-FOR-US: osCommerce
-CVE-2011-4542 (Hastymail2 2.1.1 before RC2 allows remote attackers to execute ...)
+CVE-2011-4542
 	- hastymail <removed>
-CVE-2011-4541 (Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 ...)
+CVE-2011-4541
 	- hastymail <removed>
-CVE-2011-4540 (Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open ...)
+CVE-2011-4540
 	- atmailopen <removed>
-CVE-2011-4539 (dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 ...)
+CVE-2011-4539
 	{DSA-2519-2 DSA-2519-1}
 	- dhcp3 <not-affected> (Only affects DHCP 4.x)
 	- isc-dhcp 4.2.2.dfsg.1-5 (bug #652259; low)
 CVE-2011-4538
 	RESERVED
-CVE-2011-4537 (Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical ...)
+CVE-2011-4537
 	NOT-FOR-US: 7-Technologies IGSS
-CVE-2011-4536 (Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka ...)
+CVE-2011-4536
 	NOT-FOR-US: WellinTech KingView
-CVE-2011-4535 (Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ...)
+CVE-2011-4535
 	NOT-FOR-US: TurboPower Abbrevia
-CVE-2011-4534 (ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows ...)
+CVE-2011-4534
 	NOT-FOR-US: COPA-DATA
-CVE-2011-4533 (zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows ...)
+CVE-2011-4533
 	NOT-FOR-US: COPA-DATA
-CVE-2011-4532 (Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ...)
+CVE-2011-4532
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4531 (Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 ...)
+CVE-2011-4531
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4530 (Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does ...)
+CVE-2011-4530
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4529 (Multiple buffer overflows in Siemens Automation License Manager (ALM) ...)
+CVE-2011-4529
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4528 (Unbound before 1.4.13p2 attempts to free unallocated memory during ...)
+CVE-2011-4528
 	{DSA-2370-1}
 	- unbound 1.4.14-1 (medium)
 CVE-2011-4527
 	RESERVED
-CVE-2011-4526 (Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess ...)
+CVE-2011-4526
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4525 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to ...)
+CVE-2011-4525
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4524 (Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows ...)
+CVE-2011-4524
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4523 (Cross-site scripting (XSS) vulnerability in bwview.asp in ...)
+CVE-2011-4523
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4522 (Cross-site scripting (XSS) vulnerability in bwerrdn.asp in ...)
+CVE-2011-4522
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4521 (SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
+CVE-2011-4521
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4520 (Heap-based buffer overflow in an ActiveX component in MICROSYS ...)
+CVE-2011-4520
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4519 (Stack-based buffer overflow in an ActiveX component in MICROSYS ...)
+CVE-2011-4519
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4518 (Directory traversal vulnerability in the PmWebDir object in the web ...)
+CVE-2011-4518
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4517 (The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer ...)
+CVE-2011-4517
 	{DSA-2371-1}
 	- jasper 1.900.1-13 (bug #652649)
 	- ghostscript 8.64~dfsg-2
 	NOTE: ghostscript using system jasper since this version
-CVE-2011-4516 (Heap-based buffer overflow in the jpc_cox_getcompparms function in ...)
+CVE-2011-4516
 	{DSA-2371-1}
 	- jasper 1.900.1-13 (bug #652649)
 	- ghostscript 8.64~dfsg-2
 	NOTE: ghostscript using system jasper since this version
-CVE-2011-4515 (Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing ...)
+CVE-2011-4515
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4514 (The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and ...)
+CVE-2011-4514
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4513 (Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA ...)
+CVE-2011-4513
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4512 (CRLF injection vulnerability in the HMI web server in Siemens WinCC ...)
+CVE-2011-4512
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4511 (Cross-site scripting (XSS) vulnerability in the HMI web server in ...)
+CVE-2011-4511
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4510 (Cross-site scripting (XSS) vulnerability in the HMI web server in ...)
+CVE-2011-4510
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4509 (The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and ...)
+CVE-2011-4509
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4508 (The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and ...)
+CVE-2011-4508
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4507 (The D-Link DIR-685 router, when certain WPA and WPA2 configurations ...)
+CVE-2011-4507
 	NOT-FOR-US: D-Link DIR-685 router
-CVE-2011-4506 (The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 ...)
+CVE-2011-4506
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4505 (The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware ...)
+CVE-2011-4505
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4504 (The UPnP IGD implementation in the Pseudo ICS UPnP software on the ...)
+CVE-2011-4504
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4503 (The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 ...)
+CVE-2011-4503
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4502 (The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K ...)
+CVE-2011-4502
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4501 (The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K ...)
+CVE-2011-4501
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4500 (The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware ...)
+CVE-2011-4500
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4499 (The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco ...)
+CVE-2011-4499
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4498 (Cross-site request forgery (CSRF) vulnerability in the web console in ...)
+CVE-2011-4498
 	NOT-FOR-US: Zenprise Device Manager
-CVE-2011-4497 (QIS_wizard.htm on the ASUS RT-N56U router with firmware before ...)
+CVE-2011-4497
 	NOT-FOR-US: Asus device
-CVE-2011-4496 (Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote attackers ...)
+CVE-2011-4496
 	NOT-FOR-US: Aviosoft DTV Player
 CVE-2011-4495
 	RESERVED
@@ -1965,9 +1965,9 @@ CVE-2011-4489
 	RESERVED
 CVE-2011-4488
 	RESERVED
-CVE-2011-4487 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+CVE-2011-4487
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-4486 (Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x ...)
+CVE-2011-4486
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-4485
 	RESERVED
@@ -2009,27 +2009,27 @@ CVE-2011-4467
 	RESERVED
 CVE-2011-4466
 	RESERVED
-CVE-2011-4465 (Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile Connect ...)
+CVE-2011-4465
 	NOT-FOR-US: IBM Lotus Mobile Connect
 CVE-2011-4464
 	RESERVED
 CVE-2011-4463
 	RESERVED
-CVE-2011-4462 (Plone 4.1.3 and earlier computes hash values for form parameters ...)
+CVE-2011-4462
 	- plone3 <removed>
-CVE-2011-4461 (Jetty 8.1.0.RC2 and earlier computes hash values for form parameters ...)
+CVE-2011-4461
 	- jetty 6.1.26-1
 	[squeeze] - jetty <no-dsa> (Minor issue)
-CVE-2011-4460 (SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x ...)
+CVE-2011-4460
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-4459 (Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 ...)
+CVE-2011-4459
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-4458 (Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and ...)
+CVE-2011-4458
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-4457 (OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when ...)
+CVE-2011-4457
 	NOT-FOR-US: OWASP HTML Sanitizer
 CVE-2011-4456
 	REJECTED
@@ -2041,19 +2041,19 @@ CVE-2011-4454
 	RESERVED
 	- tikiwiki <removed>
 	NOTE: http://secunia.com/advisories/46740/
-CVE-2011-4453 (The PageListSort function in scripts/pagelist.php in PmWiki 2.x before ...)
+CVE-2011-4453
 	- pmwiki <itp> (bug #330117)
-CVE-2011-4452 (Cross-site request forgery (CSRF) vulnerability in the AdminUsers ...)
+CVE-2011-4452
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4451 (** DISPUTED ** libs/Wakka.class.php in WikkaWiki 1.3.1 and 1.3.2, when ...)
+CVE-2011-4451
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4450 (Directory traversal vulnerability in handlers/files.xml/files.xml.php ...)
+CVE-2011-4450
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4449 (actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when ...)
+CVE-2011-4449
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4448 (SQL injection vulnerability in actions/usersettings/usersettings.php ...)
+CVE-2011-4448
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4447 (The &quot;encrypt wallet&quot; feature in wxBitcoin and bitcoind 0.4.x before ...)
+CVE-2011-4447
 	- bitcoin 0.5.1-1
 CVE-2011-4446
 	RESERVED
@@ -2075,17 +2075,17 @@ CVE-2011-4438
 	RESERVED
 CVE-2011-4437
 	RESERVED
-CVE-2011-4436 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-4436
 	NOT-FOR-US: Dell appliance
-CVE-2011-4435 (The web-server component in the Consolidation and Analysis Engine ...)
+CVE-2011-4435
 	NOT-FOR-US: IBM DB2
-CVE-2011-4434 (Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 ...)
+CVE-2011-4434
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-4433
 	REJECTED
-CVE-2011-4432 (www/include/configuration/nconfigObject/contact/DB-Func.php in ...)
+CVE-2011-4432
 	NOT-FOR-US: Merethis Centreon
-CVE-2011-4431 (Directory traversal vulnerability in main.php in Merethis Centreon ...)
+CVE-2011-4431
 	NOT-FOR-US: Merethis Centreon
 CVE-2011-4430
 	REJECTED
@@ -2117,7 +2117,7 @@ CVE-2011-4417
 	REJECTED
 CVE-2011-4416
 	REJECTED
-CVE-2011-4415 (The ap_pregsub function in server/util.c in the Apache HTTP Server ...)
+CVE-2011-4415
 	- apache2 2.4.1-1 (unimportant)
 	NOTE: apache2 does not protect or claim to protect against DoS through .htaccess
 CVE-2011-4414
@@ -2130,24 +2130,24 @@ CVE-2011-4411
 	REJECTED
 CVE-2011-4410
 	REJECTED
-CVE-2011-4409 (The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 ...)
+CVE-2011-4409
 	NOT-FOR-US: Ubuntu One
-CVE-2011-4408 (The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and ...)
+CVE-2011-4408
 	- ubuntu-sso-client <removed> (bug #680492)
-CVE-2011-4407 (ppa.py in Software Properties before 0.81.13.3 does not validate the ...)
+CVE-2011-4407
 	- software-properties 0.76.7debian2+nmu2
 	[squeeze] - software-properties <not-affected> (Vulnerable code not present)
 	[lenny] - software-properties <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/915210/
-CVE-2011-4406 (The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does ...)
+CVE-2011-4406
 	- accountsservice 0.6.15-3
-CVE-2011-4405 (The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and ...)
+CVE-2011-4405
 	- system-config-printer 1.3.7-1 (low; bug #651204)
 	[squeeze] - system-config-printer <no-dsa> (Minor issue)
-CVE-2011-4404 (The default configuration of the HTTP server in Jetty in vSphere ...)
+CVE-2011-4404
 	- jetty 6.1.19-1 (low; bug #528389)
 	NOTE: duplicate of CVE-2009-1523
-CVE-2011-4403 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart ...)
+CVE-2011-4403
 	NOT-FOR-US: Zen Cart
 CVE-2011-4402
 	REJECTED
@@ -2205,70 +2205,70 @@ CVE-2011-4376
 	REJECTED
 CVE-2011-4375
 	REJECTED
-CVE-2011-4374 (Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows ...)
+CVE-2011-4374
 	NOT-FOR-US: Adobe Reader
-CVE-2011-4373 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on ...)
+CVE-2011-4373
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4372 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on ...)
+CVE-2011-4372
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4371 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on ...)
+CVE-2011-4371
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4370 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on ...)
+CVE-2011-4370
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4369 (Unspecified vulnerability in the PRC component in Adobe Reader and ...)
+CVE-2011-4369
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development ...)
+CVE-2011-4368
 	NOT-FOR-US: Adobe Cold Fusion
-CVE-2011-4367 (Multiple directory traversal vulnerabilities in MyFaces JavaServer ...)
+CVE-2011-4367
 	- mojarra <not-affected> (The Debian package only ships some API classes)
 CVE-2011-4366
 	REJECTED
 CVE-2011-4365
 	REJECTED
-CVE-2011-4364 (Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg ...)
+CVE-2011-4364
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://www.usenix.org/events/woot11/tech/final_files/Yamaguchi.pdf
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=494cfacdb9ba3f0549e37f76b3a2f86a7aeeac3c
-CVE-2011-4363 (ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when ...)
+CVE-2011-4363
 	- libproc-processtable-perl 0.45-6 (low; bug #650500)
 	[squeeze] - libproc-processtable-perl 0.45-1+squeeze1
-CVE-2011-4362 (Integer signedness error in the base64_decode function in the HTTP ...)
+CVE-2011-4362
 	{DSA-2368-1}
 	- lighttpd 1.4.30-1 (low; bug #652726)
 	NOTE: http://openwall.com/lists/oss-security/2011/11/29/8
 	NOTE: http://redmine.lighttpd.net/issues/2370
 	NOTE: the announcement says that the debian package is not affected, but there are no additional patches that would cause different behavior (i.e. the base64_reverse_table is the same in debian and upstream), so if upstream is affected, so too is the debian package
-CVE-2011-4361 (MediaWiki before 1.17.1 does not check for read permission before ...)
+CVE-2011-4361
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
-CVE-2011-4360 (MediaWiki before 1.17.1 allows remote attackers to obtain the page ...)
+CVE-2011-4360
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
 CVE-2011-4359 [MyFaces - includeViewParameters re-evaluates param/model values as EL expressions]
 	REJECTED
-CVE-2011-4358 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...)
+CVE-2011-4358
 	{DSA-2359-1}
 	- mojarra 2.0.3-2 (bug #650430)
-CVE-2011-4357 (Format string vulnerability in the p_cgi_error function in ...)
+CVE-2011-4357
 	{DSA-2355-1}
 	- clearsilver 0.10.5-1.3 (bug #649322)
-CVE-2011-4356 (Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before ...)
+CVE-2011-4356
 	- celery 2.4.6-1
 	- django-celery <not-affected> (Vulnerable code not present)
-CVE-2011-4355 (GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is ...)
+CVE-2011-4355
 	- gdb 7.6-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=703238
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=HEAD (lists "auto-load safe-path" under "Changes in GDB 7.5")
-CVE-2011-4354 (crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as ...)
+CVE-2011-4354
 	{DSA-2390-1}
 	- openssl 0.9.8o-4squeeze3 (bug #650621)
-CVE-2011-4353 (The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) ...)
+CVE-2011-4353
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
@@ -2278,12 +2278,12 @@ CVE-2011-4353 (The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) ...)
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=30c08e2
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=7367cbe
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=28acce2
-CVE-2011-4352 (Integer overflow in the vp3_dequant function in the VP3 decoder ...)
+CVE-2011-4352
 	- libav 4:0.7.3-1
 	- ffmpeg <not-affected> (Was introduced in 0.6)
 	- ffmpeg-debian <not-affected> (Was introduced in 0.6)
 	NOTE: http://article.gmane.org/gmane.comp.video.libav.devel/15182
-CVE-2011-4351 (Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x ...)
+CVE-2011-4351
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
@@ -2296,195 +2296,195 @@ CVE-2011-4350
 	- yaws 1.91-2 (bug #650009)
 	[lenny] - yaws <not-affected> (Vulnerable code not present)
 	[squeeze] - yaws <not-affected> (Vulnerable code not present)
-CVE-2011-4349 (Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) ...)
+CVE-2011-4349
 	- colord 0.1.15-1 (medium; bug #650021)
-CVE-2011-4348 (Race condition in the sctp_rcv function in net/sctp/input.c in the ...)
+CVE-2011-4348
 	- linux-2.6 <not-affected> (Incomplete fix for RHEL5-specific backport regression)
 	NOTE: incomplete fix for CVE-2011-2482
-CVE-2011-4347 (The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in ...)
+CVE-2011-4347
 	{DSA-2443-1}
 	- linux-2.6 <removed>
-CVE-2011-4346 (Cross-site scripting (XSS) vulnerability in the web interface in Red ...)
+CVE-2011-4346
 	NOT-FOR-US: Red Hat Satellite
-CVE-2011-4345 (Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when ...)
+CVE-2011-4345
 	- namazu2 2.0.21-1 (low)
 	[squeeze] - namazu2 <no-dsa> (Minor issue)
-CVE-2011-4344 (Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins ...)
+CVE-2011-4344
 	- jenkins-winstone 0.9.10-jenkins-29+dfsg-1  (bug #649900)
-CVE-2011-4343 (Information disclosure vulnerability in Apache MyFaces Core 2.0.1 ...)
+CVE-2011-4343
 	NOT-FOR-US: Apache MyFaces
-CVE-2011-4342 (PHP remote file inclusion vulnerability in wp_xml_export.php in the ...)
+CVE-2011-4342
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-4341 (Multiple SQL injection vulnerabilities in ...)
+CVE-2011-4341
 	NOT-FOR-US: Symphony CMS
-CVE-2011-4340 (Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS ...)
+CVE-2011-4340
 	NOT-FOR-US: Symphony CMS
-CVE-2011-4339 (ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ...)
+CVE-2011-4339
 	{DSA-2376-2 DSA-2376-1}
 	- ipmitool 1.8.11-5 (bug #651917)
 CVE-2011-4338
 	RESERVED
 	NOT-FOR-US: Arch-Linux specific tool
-CVE-2011-4337 (Static code injection vulnerability in translate.php in Support ...)
+CVE-2011-4337
 	NOT-FOR-US: Support Incident Tracker
 CVE-2011-4336
 	RESERVED
 	NOT-FOR-US: Tiki Wiki
-CVE-2011-4335 (Multiple cross-site scripting (XSS) vulnerabilities in Contao before ...)
+CVE-2011-4335
 	NOT-FOR-US: Contao
-CVE-2011-4334 (edit.php in LabWiki 1.1 and earlier does not properly verify uploaded ...)
+CVE-2011-4334
 	NOT-FOR-US: LabWiki
-CVE-2011-4333 (Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and ...)
+CVE-2011-4333
 	NOT-FOR-US: LabWiki
-CVE-2011-4332 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 ...)
+CVE-2011-4332
 	NOT-FOR-US: Joomla!
 CVE-2011-4331
 	REJECTED
-CVE-2011-4330 (Stack-based buffer overflow in the hfs_mac2asc function in ...)
+CVE-2011-4330
 	- linux-2.6 3.1.4-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-4329 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 ...)
+CVE-2011-4329
 	- dolibarr 3.3.4-1 (low)
-CVE-2011-4328 (plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions ...)
+CVE-2011-4328
 	{DSA-2435-1}
 	- gnash 0.8.10-1 (low; bug #649384)
-CVE-2011-4327 (ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain ...)
+CVE-2011-4327
 	- openssh <not-affected> (Only affects platforms w/o /dev/random)
 	NOTE: http://www.openssh.com/txt/portable-keysign-rand-helper.adv
-CVE-2011-4326 (The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel ...)
+CVE-2011-4326
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-40
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-4325 (The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain ...)
+CVE-2011-4325
 	- linux-2.6 2.6.32-1
-CVE-2011-4324 (The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux ...)
+CVE-2011-4324
 	- linux-2.6 <not-affected> (RHEL5-specific backport error)
 CVE-2011-4323
 	REJECTED
 CVE-2011-4322
 	RESERVED
 	NOT-FOR-US: websitebaker
-CVE-2011-4321 (The password reset functionality in Joomla! 1.5.x through 1.5.24 uses ...)
+CVE-2011-4321
 	NOT-FOR-US: Joomla!
-CVE-2011-4320 (The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and ...)
+CVE-2011-4320
 	- ejabberd 2.1.9-1 (low)
 	[squeeze] - ejabberd <no-dsa> (Only triggerable with malformed config file)
 	NOTE: https://support.process-one.net/browse/EJAB-1498
-CVE-2011-4319 (Cross-site scripting (XSS) vulnerability in the i18n translations ...)
+CVE-2011-4319
 	- rails <not-affected> (Only affects RoR 3.0 and above)
-CVE-2011-4318 (Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and ...)
+CVE-2011-4318
 	- dovecot 1:2.0.18-1 (unimportant; bug #649511)
 	NOTE: Additional hardening
-CVE-2011-4317 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, ...)
+CVE-2011-4317
 	{DSA-2405-1}
 	- apache2 2.2.21-3
 	NOTE: Related to CVE-2011-3368 and CVE-2011-3639 but a different issue
-CVE-2011-4316 (Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in ...)
+CVE-2011-4316
 	NOT-FOR-US: ovirt
 	NOTE: While the Red Hat advisory refers to SPICE, this is a vulnerability in
 	NOTE: the server-side ovirt logic (contacted Red Hat for clarification)
-CVE-2011-4315 (Heap-based buffer overflow in compression-pointer processing in ...)
+CVE-2011-4315
 	- nginx 1.1.8-1 (low)
 	[squeeze] - nginx 0.7.67-3+squeeze1
 	[lenny] - nginx <no-dsa> (Minor issue)
 	NOTE: http://trac.nginx.org/nginx/changeset/4268/nginx
-CVE-2011-4314 (message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used ...)
+CVE-2011-4314
 	- openid4java 0.9.6.662-1
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2011-4313 (query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, ...)
+CVE-2011-4313
 	{DSA-2347-1}
 	- bind9 1:9.8.1.dfsg.P1-1 (high; bug #649099)
-CVE-2011-4312 (Multiple cross-site scripting (XSS) vulnerabilities in the commenting ...)
+CVE-2011-4312
 	NOT-FOR-US: Review Board
-CVE-2011-4311 (ResourceSpace before 4.2.2833 does not properly validate access keys, ...)
+CVE-2011-4311
 	NOT-FOR-US: ResourceSpace
 CVE-2011-4310
 	RESERVED
 	- cmsms <itp> (bug #608888)
-CVE-2011-4309 (Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote ...)
+CVE-2011-4309
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4308 (mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, ...)
+CVE-2011-4308
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2011-4307 (Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php ...)
+CVE-2011-4307
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4306 (Cross-site scripting (XSS) vulnerability in course/editsection.html in ...)
+CVE-2011-4306
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4305 (message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote ...)
+CVE-2011-4305
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4304 (The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before ...)
+CVE-2011-4304
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4303 (lib/db/upgrade.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 ...)
+CVE-2011-4303
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4302 (mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x ...)
+CVE-2011-4302
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4301 (The MoodleQuickForm class in the Forms Library in lib/formslib.php in ...)
+CVE-2011-4301
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4300 (The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x ...)
+CVE-2011-4300
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4299 (Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in ...)
+CVE-2011-4299
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4298 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2011-4298
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4297 (comment/lib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 ...)
+CVE-2011-4297
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4296 (lib/db/access.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 ...)
+CVE-2011-4296
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4295 (The moodle_enrol_external:role_assign function in ...)
+CVE-2011-4295
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4294 (The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x ...)
+CVE-2011-4294
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4293 (The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before ...)
+CVE-2011-4293
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4292 (Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...)
+CVE-2011-4292
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4291 (Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...)
+CVE-2011-4291
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4290 (Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php ...)
+CVE-2011-4290
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4289 (Moodle 2.0.x before 2.0.3 does not recognize the configuration setting ...)
+CVE-2011-4289
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4288 (Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly ...)
+CVE-2011-4288
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4287 (admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force ...)
+CVE-2011-4287
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4286 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-4286
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4285 (The default configuration of Moodle 2.0.x before 2.0.2 has an ...)
+CVE-2011-4285
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4284 (Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-4284
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4283 (Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS ...)
+CVE-2011-4283
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4282 (Multiple cross-site scripting (XSS) vulnerabilities in the course-tags ...)
+CVE-2011-4282
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4281 (Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle ...)
+CVE-2011-4281
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4280 (Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka ...)
+CVE-2011-4280
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4279 (Moodle 2.0.x before 2.0.2 does not use the forceloginforprofiles ...)
+CVE-2011-4279
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4278 (Cross-site scripting (XSS) vulnerability in the tag autocomplete ...)
+CVE-2011-4278
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4277 (Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum ...)
+CVE-2011-4277
 	NOT-FOR-US: CourseForum
-CVE-2011-4276 (The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) ...)
+CVE-2011-4276
 	NOT-FOR-US: Android
-CVE-2011-4275 (Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT ...)
+CVE-2011-4275
 	NOT-FOR-US: IT Operations Portal
-CVE-2011-4274 (Cross-site scripting (XSS) vulnerability in the A-Form PC and ...)
+CVE-2011-4274
 	NOT-FOR-US: Movable Type plugin
-CVE-2011-4273 (Multiple cross-site scripting (XSS) vulnerabilities in GoAhead ...)
+CVE-2011-4273
 	NOT-FOR-US: GoAhead Webserver
 CVE-2011-4272
 	REJECTED
@@ -2498,51 +2498,51 @@ CVE-2011-4268
 	REJECTED
 CVE-2011-4267
 	REJECTED
-CVE-2011-4266 (Untrusted search path vulnerability in FFFTP before 1.98d allows local ...)
+CVE-2011-4266
 	NOT-FOR-US: FFFTP
-CVE-2011-4265 (Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 ...)
+CVE-2011-4265
 	NOT-FOR-US: phpWebSite
-CVE-2011-4264 (Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows ...)
+CVE-2011-4264
 	NOT-FOR-US: Etomite
-CVE-2011-4263 (Cross-site scripting (XSS) vulnerability in Schneider Electric ...)
+CVE-2011-4263
 	NOT-FOR-US: Schneider Electric PowerChute Business Edition
-CVE-2011-4262 (Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 ...)
+CVE-2011-4262
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4261 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
+CVE-2011-4261
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4260 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
+CVE-2011-4260
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4259 (Integer underflow in RealNetworks RealPlayer before 15.0.0 allows ...)
+CVE-2011-4259
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4258 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
+CVE-2011-4258
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4257 (The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote ...)
+CVE-2011-4257
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4256 (The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac ...)
+CVE-2011-4256
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4255 (Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and ...)
+CVE-2011-4255
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4254 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
+CVE-2011-4254
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4253 (Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer ...)
+CVE-2011-4253
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4252 (The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac ...)
+CVE-2011-4252
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4251 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
+CVE-2011-4251
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4250 (Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer ...)
+CVE-2011-4250
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4249 (Array index error in the RV30 codec in RealNetworks RealPlayer before ...)
+CVE-2011-4249
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4248 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
+CVE-2011-4248
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4247 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
+CVE-2011-4247
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4246 (The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac ...)
+CVE-2011-4246
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4245 (The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and ...)
+CVE-2011-4245
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4244 (Heap-based buffer overflow in the RealVideo renderer in RealNetworks ...)
+CVE-2011-4244
 	NOT-FOR-US: RealNetworks RealPlayer
 CVE-2011-4243
 	RESERVED
@@ -2556,7 +2556,7 @@ CVE-2011-4239
 	RESERVED
 CVE-2011-4238
 	RESERVED
-CVE-2011-4237 (CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks ...)
+CVE-2011-4237
 	NOT-FOR-US: Cisco
 CVE-2011-4236
 	RESERVED
@@ -2566,9 +2566,9 @@ CVE-2011-4234
 	RESERVED
 CVE-2011-4233
 	RESERVED
-CVE-2011-4232 (The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces ...)
+CVE-2011-4232
 	NOT-FOR-US: Cisco
-CVE-2011-4231 (Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec ...)
+CVE-2011-4231
 	NOT-FOR-US: Cisco IOS
 CVE-2011-4230
 	RESERVED
@@ -2584,31 +2584,31 @@ CVE-2011-4225
 	RESERVED
 CVE-2011-4224
 	RESERVED
-CVE-2011-4223 (Unspecified vulnerability in Investintech.com Absolute PDF Server ...)
+CVE-2011-4223
 	NOT-FOR-US: Investintech.com Absolute PDF Server
-CVE-2011-4222 (Unspecified vulnerability in Investintech.com Able2Extract and ...)
+CVE-2011-4222
 	NOT-FOR-US: Investintech.com Able2Extract
-CVE-2011-4221 (Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc ...)
+CVE-2011-4221
 	NOT-FOR-US: Investintech.com Able2Doc
-CVE-2011-4220 (Investintech.com SlimPDF Reader does not properly restrict the ...)
+CVE-2011-4220
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4219 (Investintech.com SlimPDF Reader does not prevent faulting-address data ...)
+CVE-2011-4219
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4218 (Investintech.com SlimPDF Reader does not prevent faulting-instruction ...)
+CVE-2011-4218
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4217 (Investintech.com SlimPDF Reader does not properly restrict read ...)
+CVE-2011-4217
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4216 (Investintech.com SlimPDF Reader does not properly restrict write ...)
+CVE-2011-4216
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4215 (SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action ...)
+CVE-2011-4215
 	NOT-FOR-US: OneOrZero Action & Information Management System (AIMS)
-CVE-2011-4214 (OneOrZero Action &amp; Information Management System (AIMS) 2.7.0 allows ...)
+CVE-2011-4214
 	NOT-FOR-US: OneOrZero Action & Information Management System (AIMS)
-CVE-2011-4213 (The sandbox environment in the Google App Engine Python SDK before ...)
+CVE-2011-4213
 	NOT-FOR-US: Google App Engine
-CVE-2011-4212 (The sandbox environment in the Google App Engine Python SDK before ...)
+CVE-2011-4212
 	NOT-FOR-US: Google App Engine
-CVE-2011-4211 (The FakeFile implementation in the sandbox environment in the Google ...)
+CVE-2011-4211
 	NOT-FOR-US: Google App Engine
 CVE-2011-4210
 	RESERVED
@@ -2624,11 +2624,11 @@ CVE-2011-4205
 	RESERVED
 CVE-2011-4204
 	RESERVED
-CVE-2011-4203 (CRLF injection vulnerability in calendar/set.php in the Calendar ...)
+CVE-2011-4203
 	NOT-FOR-US: Moodle addon
-CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions ...)
+CVE-2011-4202
 	NOT-FOR-US: Tadasoft Restorepoint
-CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image ...)
+CVE-2011-4201
 	NOT-FOR-US: Tadasoft Restorepoint
 CVE-2011-4200
 	RESERVED
@@ -2636,7 +2636,7 @@ CVE-2011-4199
 	RESERVED
 CVE-2011-4198
 	RESERVED
-CVE-2011-4197 (etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 ...)
+CVE-2011-4197
 	NOT-FOR-US: pfSense
 CVE-2011-XXXX [spip privilege escalation]
 	- spip 2.1.12-1 (bug #649113)
@@ -2650,37 +2650,37 @@ CVE-2011-XXXX [spip path disclosure]
 	NOTE: Path disclosure not an issue for Debian
 CVE-2011-4196
 	RESERVED
-CVE-2011-4195 (kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 ...)
+CVE-2011-4195
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-4194 (Buffer overflow in Novell iPrint Server in Novell Open Enterprise ...)
+CVE-2011-4194
 	NOT-FOR-US: Novell iPrint
-CVE-2011-4193 (Cross-site scripting (XSS) vulnerability in the overlay files tab in ...)
+CVE-2011-4193
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-4192 (kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and ...)
+CVE-2011-4192
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-4191 (Stack-based buffer overflow in the xdrDecodeString function in ...)
+CVE-2011-4191
 	NOT-FOR-US: Novell NetWare
-CVE-2011-4190 (The kdump implementation is missing the host key verification in the ...)
+CVE-2011-4190
 	NOT-FOR-US: kdump as used in SuSE
-CVE-2011-4189 (The client in Novell GroupWise 8.0x through 8.02HP3 allows remote ...)
+CVE-2011-4189
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-4188 (Buffer overflow in the Create Attribute function in jclient in Novell ...)
+CVE-2011-4188
 	NOT-FOR-US: Novell iManager
-CVE-2011-4187 (Buffer overflow in the GetDriverSettings function in nipplib.dll in ...)
+CVE-2011-4187
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-4186 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-4186
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-4185 (The GetPrinterURLList2 method in the ActiveX control in Novell iPrint ...)
+CVE-2011-4185
 	NOT-FOR-US: ActiveX
 CVE-2011-4184
 	RESERVED
-CVE-2011-4183 (A vulnerability in open build service allows remote attackers to ...)
+CVE-2011-4183
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=736243
 	NOTE: https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
-CVE-2011-4182 (Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise ...)
+CVE-2011-4182
 	NOT-FOR-US: sysconfig in SUSE Linux Enterprise
-CVE-2011-4181 (A vulnerability in open build service allows remote attackers to gain ...)
+CVE-2011-4181
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=734003
 	NOTE: https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
@@ -2698,54 +2698,54 @@ CVE-2011-4175
 	RESERVED
 CVE-2011-4174
 	RESERVED
-CVE-2011-4173 (Cross-site request forgery (CSRF) vulnerability in Simple Machines ...)
+CVE-2011-4173
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-4172 (Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB ...)
+CVE-2011-4172
 	NOT-FOR-US: KENT WEB FORUM
-CVE-2011-4171 (Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM ...)
+CVE-2011-4171
 	NOT-FOR-US: WebSphere
-CVE-2011-4170 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2011-4170
 	- empathy 3.2.1.1-1
 	[squeeze] - empathy <no-dsa> (Minor issue)
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
-CVE-2011-4169 (Unspecified vulnerability in HP Managed Printing Administration before ...)
+CVE-2011-4169
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4168 (Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in ...)
+CVE-2011-4168
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4167 (Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing ...)
+CVE-2011-4167
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4166 (Directory traversal vulnerability in the ...)
+CVE-2011-4166
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4165 (Unspecified vulnerability in HP Database Archiving Software 6.31 ...)
+CVE-2011-4165
 	NOT-FOR-US: HP Database Archiving Software
-CVE-2011-4164 (Unspecified vulnerability in HP Database Archiving Software 6.31 ...)
+CVE-2011-4164
 	NOT-FOR-US: HP Database Archiving Software
-CVE-2011-4163 (Unspecified vulnerability in HP Database Archiving Software 6.31 ...)
+CVE-2011-4163
 	NOT-FOR-US: HP Database Archiving Software
-CVE-2011-4162 (The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, ...)
+CVE-2011-4162
 	NOT-FOR-US: HP Protect Tools Device Access Manager
-CVE-2011-4161 (The default configuration of the HP CM8060 Color MFP with Edgeline; ...)
+CVE-2011-4161
 	NOT-FOR-US: HP CM8060 Color MFP
-CVE-2011-4160 (Unspecified vulnerability in HP Operations Agent 11.00 and Performance ...)
+CVE-2011-4160
 	NOT-FOR-US: HP Operations Agent
-CVE-2011-4159 (Unspecified vulnerability in System Administration Manager (SAM) in ...)
+CVE-2011-4159
 	NOT-FOR-US: HP-UX
-CVE-2011-4158 (Unspecified vulnerability in HP Directories Support for ProLiant ...)
+CVE-2011-4158
 	NOT-FOR-US: HP Directories Support
-CVE-2011-4157 (Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on ...)
+CVE-2011-4157
 	NOT-FOR-US: HP SAN/iQ
-CVE-2011-4156 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i ...)
+CVE-2011-4156
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-4155 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i ...)
+CVE-2011-4155
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-4154
 	RESERVED
-CVE-2011-4153 (PHP 5.3.8 does not always check the return value of the zend_strndup ...)
+CVE-2011-4153
 	{DSA-2408-1}
 	- php5 5.3.9-1 (low)
 CVE-2011-4152
 	RESERVED
-CVE-2011-4151 (The krb5_db2_lockout_audit function in the Key Distribution Center ...)
+CVE-2011-4151
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	[lenny] - krb5 <not-affected> (introduced in 1.8)
@@ -2761,55 +2761,55 @@ CVE-2011-4146
 	REJECTED
 CVE-2011-4145
 	REJECTED
-CVE-2011-4144 (Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 ...)
+CVE-2011-4144
 	NOT-FOR-US: EMC
-CVE-2011-4143 (EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote ...)
+CVE-2011-4143
 	NOT-FOR-US: EMC
-CVE-2011-4142 (The Web Search feature in EMC SourceOne Email Management 6.5 before ...)
+CVE-2011-4142
 	NOT-FOR-US: EMC SourceOne Email Management
-CVE-2011-4141 (Untrusted search path vulnerability in EMC RSA SecurID Software Token ...)
+CVE-2011-4141
 	NOT-FOR-US: RSA SecurID
-CVE-2011-4140 (The CSRF protection mechanism in Django through 1.2.7 and 1.3.x ...)
+CVE-2011-4140
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4139 (Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host ...)
+CVE-2011-4139
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4138 (The verify_exists functionality in the URLField implementation in ...)
+CVE-2011-4138
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4137 (The verify_exists functionality in the URLField implementation in ...)
+CVE-2011-4137
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4136 (django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, ...)
+CVE-2011-4136
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4135 (Multiple directory traversal vulnerabilities in lmgrd in Flexera ...)
+CVE-2011-4135
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2011-4134 (Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher ...)
+CVE-2011-4134
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2011-4133 (Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before ...)
+CVE-2011-4133
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4132 (The cleanup_journal_tail function in the Journaling Block Device (JBD) ...)
+CVE-2011-4132
 	- linux-2.6 3.1.6-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-4131 (The NFSv4 implementation in the Linux kernel before 3.2.2 does not ...)
+CVE-2011-4131
 	- linux 3.2.9-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, minor impact)
-CVE-2011-4130 (Use-after-free vulnerability in the Response API in ProFTPD before ...)
+CVE-2011-4130
 	{DSA-2346-2 DSA-2346-1}
 	- proftpd-dfsg 1.3.4~rc3-2 (high; bug #648373)
 	[lenny] - proftpd-dfsg <not-affected> (vulnerable functionality not present)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=3711
-CVE-2011-4129 ((1) services/twitter/twitter-contact-view.c and (2) ...)
+CVE-2011-4129
 	- libsocialweb 0.25.20-1
-CVE-2011-4128 (Buffer overflow in the gnutls_session_get_data function in ...)
+CVE-2011-4128
 	- gnutls26 2.12.14-1 (low; bug #648441)
 	[squeeze] - gnutls26 2.8.6-1+squeeze1
 	[lenny] - gnutls26 <no-dsa> (Minor issue)
-CVE-2011-4127 (The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl ...)
+CVE-2011-4127
 	{DSA-2443-1 DSA-2389-1}
 	- libguestfs 1:1.14.8-1
 	- linux-2.6 <removed>
@@ -2821,7 +2821,7 @@ CVE-2011-4124
 	RESERVED
 CVE-2011-4123
 	REJECTED
-CVE-2011-4122 (Directory traversal vulnerability in openpam_configure.c in OpenPAM ...)
+CVE-2011-4122
 	NOT-FOR-US: OpenPAM
 CVE-2011-4121
 	RESERVED
@@ -2844,15 +2844,15 @@ CVE-2011-4115
 	- libparallel-forkmanager-perl <not-affected> (issue introduced in 0.7.6 upstream, never in Debian)
 	NOTE: affected code was never in Debian. Upstream fixed in 1.0.0
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=68298
-CVE-2011-4114 (The par_mktmpdir function in the PAR::Packer module before 1.012 for ...)
+CVE-2011-4114
 	- libpar-packer-perl 1.012-1 (bug #650706)
 	[squeeze] - libpar-packer-perl 1.006-1+squeeze1
-CVE-2011-4113 (SQL injection vulnerability in the Views module before 6.x-2.13 for ...)
+CVE-2011-4113
 	- drupal6-mod-views 2.14-1
-CVE-2011-4112 (The net subsystem in the Linux kernel before 3.1 does not properly ...)
+CVE-2011-4112
 	- linux-2.6 3.1-1 (unimportant)
 	NOTE: Turned out to be a non-issue, http://www.openwall.com/lists/oss-security/2011/11/24/3
-CVE-2011-4111 (Buffer overflow in the ccid_card_vscard_handle_message function in ...)
+CVE-2011-4111
 	- qemu 0.15.1+dfsg-2
 	[lenny] - qemu <not-affected> (Vulnerable CCID code not present)
 	[squeeze] - qemu <not-affected> (Vulnerable CCID code not present)
@@ -2860,57 +2860,57 @@ CVE-2011-4111 (Buffer overflow in the ccid_card_vscard_handle_message function i
 	[wheezy] - xen <not-affected> (Vulnerable code introduced after 0.14.50, embedded version is 0.10.2)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: Vulnerable code introduced after 0.14.50: http://git.qemu.org/?p=qemu.git;a=commit;h=edbb21363fbfe40e050f583df921484cbc31c79d
-CVE-2011-4110 (The user_update function in security/keys/user_defined.c in the Linux ...)
+CVE-2011-4110
 	{DSA-2389-1}
 	- linux-2.6 3.1.4-1
-CVE-2011-4109 (Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when ...)
+CVE-2011-4109
 	{DSA-2390-1}
 	- openssl 1.0.0c-1
-CVE-2011-4108 (The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f ...)
+CVE-2011-4108
 	{DSA-2390-1}
 	- openssl 1.0.0f-1 (low; bug #645805)
 	NOTE: http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest
-CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in ...)
+CVE-2011-4107
 	{DSA-2391-1}
 	- phpmyadmin 4:3.4.7.1-1 (bug #656247)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=751112
-CVE-2011-4106 (TimThumb (timthumb.php) before 2.0 does not validate the entire source ...)
+CVE-2011-4106
 	NOT-FOR-US: wordpress plugin timthumb
-CVE-2011-4105 (LightDM before 1.0.6 allows local users to change ownership of ...)
+CVE-2011-4105
 	- lightdm 1.0.6-2
-CVE-2011-4104 (The from_yaml method in serializers.py in Django Tastypie before ...)
+CVE-2011-4104
 	- django-tastypie 0.9.10-1 (bug #647314)
-CVE-2011-4103 (emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 ...)
+CVE-2011-4103
 	{DSA-2344-1}
 	- python-django-piston 0.2.2-2 (high; bug #647315)
-CVE-2011-4102 (Heap-based buffer overflow in the erf_read_header function in ...)
+CVE-2011-4102
 	{DSA-2351-1}
 	- wireshark 1.6.3-1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-19.html
 	NOTE: http://anonsvn.wireshark.org/viewvc/trunk/wiretap/erf.c?r1=39508&r2=39507&pathrev=39508&view=patch
 	NOTE: Affects 1.0 and 1.2, the versions listed in the advisory are relative to the supported upstream branches
-CVE-2011-4101 (The dissect_infiniband_common function in ...)
+CVE-2011-4101
 	- wireshark 1.6.3-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-18.html
-CVE-2011-4100 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in ...)
+CVE-2011-4100
 	- wireshark 1.6.3-1
 	[squeeze] - wireshark <not-affected> (Affects only 1.6.0-1.6.2)
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0-1.6.2)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-17.html
-CVE-2011-4099 (The capsh program in libcap before 2.22 does not change the current ...)
+CVE-2011-4099
 	- libcap2 1:2.22-1 (low)
 	[squeeze] - libcap2 <no-dsa> (Minor issue)
-CVE-2011-4098 (The fallocate implementation in the GFS2 filesystem in the Linux ...)
+CVE-2011-4098
 	- linux 3.2.1-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (fallocate support was added to GFS2 in 2.37)
-CVE-2011-4097 (Integer overflow in the oom_badness function in mm/oom_kill.c in the ...)
+CVE-2011-4097
 	- linux-2.6 3.0.0-6
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-4096 (The idnsGrokReply function in Squid before 3.1.16 does not properly ...)
+CVE-2011-4096
 	{DSA-2381-1}
 	- squid3 3.1.16-1
 	[lenny] - squid3 <not-affected> (no IPv6 support)
@@ -2920,16 +2920,16 @@ CVE-2011-4095
 CVE-2011-4094
 	RESERVED
 	NOT-FOR-US: Jara
-CVE-2011-4093 (Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 ...)
+CVE-2011-4093
 	- net6 1:1.3.14-1 (low; bug #647318)
 	[squeeze] - net6 <no-dsa> (Minor issue)
 	[lenny] - net6 <no-dsa> (Minor issue)
-CVE-2011-4092 (obby (aka libobby) does not verify SSL server certificates, which ...)
+CVE-2011-4092
 	- obby <removed> (low; bug #647317)
 	[wheezy] - obby <no-dsa> (Minor design limitation)
 	[lenny] - obby <no-dsa> (Minor design limitation)
 	[squeeze] - obby <no-dsa> (Minor design limitation)
-CVE-2011-4091 (The libobby server in inc/server.hpp in libnet6 (aka net6) before ...)
+CVE-2011-4091
 	[squeeze] - net6 <no-dsa> (Minor issue)
 	[lenny] - net6 <no-dsa> (Minor issue)
 	- net6 1:1.3.14-1 (low; bug #647318)
@@ -2938,47 +2938,47 @@ CVE-2011-4090 [serendipity before 1.6 backend XSS in karma plugin]
 	- serendipity <removed> (bug #650937)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2011/q4/192
-CVE-2011-4089 (The bzexe command in bzip2 1.0.5 and earlier generates compressed ...)
+CVE-2011-4089
 	- bzip2 1.0.6-1 (low; bug #632862)
 	[squeeze] - bzip2 1.0.5-6+squeeze1
 	[lenny] - bzip2 <no-dsa> (Minor issue)
 CVE-2011-4088
 	RESERVED
 	NOT-FOR-US: abrt/libreport
-CVE-2011-4087 (The br_parse_ip_options function in net/bridge/br_netfilter.c in the ...)
+CVE-2011-4087
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.37)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.37)
-CVE-2011-4086 (The journal_unmap_buffer function in fs/jbd2/transaction.c in the ...)
+CVE-2011-4086
 	{DSA-2469-1}
 	- linux-2.6 <removed> (low)
-CVE-2011-4085 (The servlets invoked by httpha-invoker in JBoss Enterprise Application ...)
+CVE-2011-4085
 	NOT-FOR-US: JBoss Enterprise SOA Platform
 CVE-2011-4084
 	REJECTED
-CVE-2011-4083 (The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x ...)
+CVE-2011-4083
 	NOT-FOR-US: RedHat sos
 CVE-2011-4082
 	RESERVED
 	- phpldapadmin 0.9.8-1
-CVE-2011-4081 (crypto/ghash-generic.c in the Linux kernel before 3.1 allows local ...)
+CVE-2011-4081
 	- linux-2.6 3.0.0-6
 	[squeeze] - linux-2.6 <not-affected> (CRYPTO_GHASH Introduced in 2.6.32)
-CVE-2011-4080 (The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux ...)
+CVE-2011-4080
 	- linux-2.6 2.6.39-1
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.37 with eaf06b241b091357e72b76863ba16e89610d31bd)
 	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.37 with eaf06b241b091357e72b76863ba16e89610d31bd)
-CVE-2011-4079 (Off-by-one error in the UTF8StringNormalize function in OpenLDAP ...)
+CVE-2011-4079
 	- openldap 2.4.28-1 (unimportant; bug #647610)
 	NOTE: Not exploitable with glibc, see
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059;selectid=7059
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4079
-CVE-2011-4078 (include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP ...)
+CVE-2011-4078
 	- roundcube 0.6+dfsg-1 (bug #646675)
 	[squeeze] - roundcube <not-affected> (squeeze PHP version does not expose the issue)
 	NOTE: http://trac.roundcube.net/ticket/1488086
 	NOTE: This is arguably a PHP issue, but will probably not be fixed upstream.
-CVE-2011-4077 (Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c ...)
+CVE-2011-4077
 	{DSA-2389-1}
 	- linux-2.6 3.0.0-6
 CVE-2011-4076
@@ -2986,13 +2986,13 @@ CVE-2011-4076
 	- nova 2012.1~e1-1
 	NOTE: https://bugs.launchpad.net/nova/+bug/868360
 	NOTE: the patch for this bug is available at https://review.openstack.org/#/c/794/
-CVE-2011-4075 (The masort function in lib/functions.php in phpLDAPadmin 1.2.x before ...)
+CVE-2011-4075
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646754)
-CVE-2011-4074 (Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin ...)
+CVE-2011-4074
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646769)
-CVE-2011-4073 (Use-after-free vulnerability in the cryptographic helper handler ...)
+CVE-2011-4073
 	{DSA-2374-1}
 	- openswan 1:2.6.37-1 (low; bug #650674)
 CVE-2011-4072
@@ -3001,107 +3001,107 @@ CVE-2011-4071
 	RESERVED
 CVE-2011-4070
 	RESERVED
-CVE-2011-4069 (html/admin/login.php in PacketFence before 3.0.2 allows remote ...)
+CVE-2011-4069
 	NOT-FOR-US: PacketFence
-CVE-2011-4068 (The check_password function in html/admin/login.php in PacketFence ...)
+CVE-2011-4068
 	NOT-FOR-US: PacketFence
 CVE-2011-4067
 	RESERVED
-CVE-2011-4066 (SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and ...)
+CVE-2011-4066
 	NOT-FOR-US: Gnuboard
 CVE-2011-4065
 	RESERVED
-CVE-2011-4063 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x ...)
+CVE-2011-4063
 	- asterisk 1:1.8.7.1~dfsg-1 (bug #647252)
 	[lenny] - asterisk <not-affected> (Only affects >= 1.8)
 	[squeeze] - asterisk <not-affected> (Only affects >= 1.8)
-CVE-2011-4062 (Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows ...)
+CVE-2011-4062
 	{DSA-2325-1}
 	- kfreebsd-10 10.0~svn226224-1
 	- kfreebsd-9 9.0~svn225873-1
 	- kfreebsd-8 8.2-11 (bug #645377)
 	- kfreebsd-7 <removed>
-CVE-2011-4061 (Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) ...)
+CVE-2011-4061
 	NOT-FOR-US: DB2
-CVE-2011-4060 (The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 ...)
+CVE-2011-4060
 	NOT-FOR-US: QNX
 CVE-2011-4059
 	RESERVED
 CVE-2011-4058
 	RESERVED
-CVE-2011-4064 (Cross-site scripting (XSS) vulnerability in the setup interface in ...)
+CVE-2011-4064
 	- phpmyadmin 4:3.4.6-1 (unimportant)
-CVE-2011-4057 (Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly other ...)
+CVE-2011-4057
 	NOT-FOR-US: Wibu-Systems AG CodeMeter Runtime
-CVE-2011-4056 (An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix ...)
+CVE-2011-4056
 	NOT-FOR-US: Siemens Tecnomatix
-CVE-2011-4055 (Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix ...)
+CVE-2011-4055
 	NOT-FOR-US: Siemens Tecnomatix
-CVE-2011-4054 (Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder ...)
+CVE-2011-4054
 	NOT-FOR-US: CA SiteMinder
-CVE-2011-4053 (Untrusted search path vulnerability in 7-Technologies (7T) Interactive ...)
+CVE-2011-4053
 	NOT-FOR-US: 7-Technologies (7T) Interactive Graphical SCADA System
-CVE-2011-4052 (Stack-based buffer overflow in CEServer.exe in the CEServer component ...)
+CVE-2011-4052
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2011-4051 (CEServer.exe in the CEServer component in the Remote Agent module in ...)
+CVE-2011-4051
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2011-4050 (Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA ...)
+CVE-2011-4050
 	NOT-FOR-US: Interactive Graphical SCADA System
 CVE-2011-4049
 	RESERVED
-CVE-2011-4048 (The Dell KACE K2000 System Deployment Appliance has a default username ...)
+CVE-2011-4048
 	NOT-FOR-US: Dell appliance
-CVE-2011-4047 (The Dell KACE K2000 System Deployment Appliance allows remote ...)
+CVE-2011-4047
 	NOT-FOR-US: Dell appliance
-CVE-2011-4046 (The Dell KACE K2000 System Deployment Appliance stores the recovery ...)
+CVE-2011-4046
 	NOT-FOR-US: Dell appliance
-CVE-2011-4045 (Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ...)
+CVE-2011-4045
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4044 (An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique ...)
+CVE-2011-4044
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4043 (Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ...)
+CVE-2011-4043
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4042 (An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique ...)
+CVE-2011-4042
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4041 (webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers ...)
+CVE-2011-4041
 	NOT-FOR-US: Advantech WebAccess
-CVE-2011-4040 (Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows ...)
+CVE-2011-4040
 	NOT-FOR-US: NJStar Communicator
-CVE-2011-4039 (Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in ...)
+CVE-2011-4039
 	NOT-FOR-US: Invensys Wonderware HMI Reports
-CVE-2011-4038 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI ...)
+CVE-2011-4038
 	NOT-FOR-US: Invensys Wonderware HMI Reports
-CVE-2011-4037 (Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog ...)
+CVE-2011-4037
 	NOT-FOR-US: Sielco Sistemi Winlog PRO
-CVE-2011-4036 (Directory traversal vulnerability in Schneider Electric Vijeo ...)
+CVE-2011-4036
 	NOT-FOR-US: Schneider Electric Vijeo
-CVE-2011-4035 (Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo ...)
+CVE-2011-4035
 	NOT-FOR-US: Schneider Electric Vijeo
-CVE-2011-4034 (Buffer overflow in the Steema TeeChart ActiveX control, as used in ...)
+CVE-2011-4034
 	NOT-FOR-US: Steema TeeChart
-CVE-2011-4033 (Buffer overflow in the Steema TeeChart ActiveX control, as used in ...)
+CVE-2011-4033
 	NOT-FOR-US: Steema TeeChart
 CVE-2011-4032
 	RESERVED
-CVE-2011-4031 (Integer underflow in the asfrtp_parse_packet function in ...)
+CVE-2011-4031
 	- libav 0.8-1 (bug #675767)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2011-4030 (The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and ...)
+CVE-2011-4030
 	- plone3 <not-affected> (Only affects Plone 4.x)
-CVE-2011-4029 (The LockServer function in os/utils.c in X.Org xserver before 1.11.2 ...)
+CVE-2011-4029
 	- xorg-server 2:1.11.1.901-2 (low)
 	[squeeze] - xorg-server 2:1.7.7-14
 	[lenny] - xorg-server <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4
 	NOTE: this has a poc now: http://web.archive.org/web/20111204204028/http://vladz.devzero.fr:80/Xorg-CVE-2011-4029.txt
-CVE-2011-4028 (The LockServer function in os/utils.c in X.Org xserver before 1.11.2 ...)
+CVE-2011-4028
 	- xorg-server 2:1.11.1.901-2 (low)
 	[squeeze] - xorg-server 2:1.7.7-14
 	[lenny] - xorg-server <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34
 CVE-2011-4027
 	RESERVED
-CVE-2011-4026 (SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows ...)
+CVE-2011-4026
 	NOT-FOR-US: NexusPHP
 CVE-2011-XXXX [lintian disclosure of file presense]
 	- lintian 2.5.2 (unimportant)
@@ -3111,32 +3111,32 @@ CVE-2011-XXXX [0.1.1+dfsg-1 multiple issues]
 	[squeeze] - ibid 0.1.0+dfsg-2+squeeze1
 CVE-2011-4025
 	RESERVED
-CVE-2011-4024 (Cross-site scripting (XSS) vulnerability in ocsinventory in OCS ...)
+CVE-2011-4024
 	- ocsinventory-server 2.0.2-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2011-4023 (Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows ...)
+CVE-2011-4023
 	NOT-FOR-US: Cisco
-CVE-2011-4022 (The sensor in Cisco Intrusion Prevention System (IPS) 7.0 and 7.1 ...)
+CVE-2011-4022
 	NOT-FOR-US: Cisco
 CVE-2011-4021
 	RESERVED
 CVE-2011-4020
 	RESERVED
-CVE-2011-4019 (Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified ...)
+CVE-2011-4019
 	NOT-FOR-US: Cisco IOS
 CVE-2011-4018
 	RESERVED
 CVE-2011-4017
 	RESERVED
-CVE-2011-4016 (The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when ...)
+CVE-2011-4016
 	NOT-FOR-US: Cisco IOS
-CVE-2011-4015 (Cisco IOS 15.2S allows remote attackers to cause a denial of service ...)
+CVE-2011-4015
 	NOT-FOR-US: Cisco IOS
-CVE-2011-4014 (The TAC Case Attachment tool in Cisco Wireless Control System (WCS) ...)
+CVE-2011-4014
 	NOT-FOR-US: Cisco
 CVE-2011-4013
 	RESERVED
-CVE-2011-4012 (Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) ...)
+CVE-2011-4012
 	NOT-FOR-US: Cisco IOS
 CVE-2011-4011
 	RESERVED
@@ -3146,172 +3146,172 @@ CVE-2011-4009
 	RESERVED
 CVE-2011-4008
 	RESERVED
-CVE-2011-4007 (Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the &quot;set ...)
+CVE-2011-4007
 	NOT-FOR-US: Cisco IOS
-CVE-2011-4006 (The ESMTP inspection feature on Cisco Adaptive Security Appliances ...)
+CVE-2011-4006
 	NOT-FOR-US: Cisco
-CVE-2011-4005 (Cross-site request forgery (CSRF) vulnerability in the Services Ready ...)
+CVE-2011-4005
 	NOT-FOR-US: Cisco SRP
-CVE-2011-4004 (Buffer overflow in the ATAS32 processing functionality in the Cisco ...)
+CVE-2011-4004
 	NOT-FOR-US: Cisco Webex
 CVE-2011-4003
 	RESERVED
-CVE-2011-4002 (HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to ...)
+CVE-2011-4002
 	NOT-FOR-US: HP no Mawashimono Nikki
-CVE-2011-4001 (Directory traversal vulnerability in HP no Mawashimono Nikki 6.6 and ...)
+CVE-2011-4001
 	NOT-FOR-US: HP no Mawashimono Nikki
-CVE-2011-4000 (Buffer overflow in ChaSen 2.4.x allows remote attackers to execute ...)
+CVE-2011-4000
 	{DSA-2361-1}
 	- chasen 2.4.4-17 (medium; bug #648359)
-CVE-2011-3999 (Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader ...)
+CVE-2011-3999
 	NOT-FOR-US: Iwate Portal Bar
-CVE-2011-3998 (Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and ...)
+CVE-2011-3998
 	NOT-FOR-US: Apple WebObjects
-CVE-2011-3997 (Opengear console servers with firmware before 2.2.1 allow remote ...)
+CVE-2011-3997
 	NOT-FOR-US: Opengear
-CVE-2011-3996 (The LiveData Service in CSWorks before 2.0.4115.1 allows remote ...)
+CVE-2011-3996
 	NOT-FOR-US: CSWorks
-CVE-2011-3995 (Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 ...)
+CVE-2011-3995
 	NOT-FOR-US: Twilight Frontier Touhou Hisouten
-CVE-2011-3994 (Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before ...)
+CVE-2011-3994
 	NOT-FOR-US: Movable Type plugin
-CVE-2011-3993 (SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, ...)
+CVE-2011-3993
 	NOT-FOR-US: Movable Type plugin
-CVE-2011-3992 (Buffer overflow in the SSH server functionality on the D-Link DES-3800 ...)
+CVE-2011-3992
 	NOT-FOR-US: D-Link device
-CVE-2011-3991 (Untrusted search path vulnerability in FFFTP 1.98a and earlier allows ...)
+CVE-2011-3991
 	NOT-FOR-US: FFFTP
-CVE-2011-3990 (Cross-site scripting (XSS) vulnerability in plugin/comment.inc.php in ...)
+CVE-2011-3990
 	NOT-FOR-US: PukiWiki
-CVE-2011-3989 (SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows ...)
+CVE-2011-3989
 	NOT-FOR-US: DBD::mysqlPP Perl module
-CVE-2011-3988 (SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE ...)
+CVE-2011-3988
 	NOT-FOR-US: EC-CUBE
-CVE-2011-3987 (dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard ...)
+CVE-2011-3987
 	NOT-FOR-US: DAEMON Tools
-CVE-2011-3986 (Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows ...)
+CVE-2011-3986
 	NOT-FOR-US: Pligg
-CVE-2011-3985 (Cross-site scripting (XSS) vulnerability in Plume before 1.2.3 allows ...)
+CVE-2011-3985
 	NOT-FOR-US: Plume
-CVE-2011-3984 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and ...)
+CVE-2011-3984
 	NOT-FOR-US: KENT-WEB WEB FORUM
-CVE-2011-3983 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and ...)
+CVE-2011-3983
 	NOT-FOR-US: KENT-WEB WEB FORUM
-CVE-2011-3982 (The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 ...)
+CVE-2011-3982
 	NOT-FOR-US: IBM AIX driver
-CVE-2011-3981 (PHP remote file inclusion vulnerability in actions.php in the ...)
+CVE-2011-3981
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-3980 (Unspecified vulnerability in the Drag Drop Mass Upload ...)
+CVE-2011-3980
 	NOT-FOR-US: TYPO3 extension
-CVE-2011-3979 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-3979
 	NOT-FOR-US: Zikula Application Framework
-CVE-2011-3978 (Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php ...)
+CVE-2011-3978
 	NOT-FOR-US: LightNEasy
-CVE-2011-3977 (Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x ...)
+CVE-2011-3977
 	NOT-FOR-US: NoMachine NX components
-CVE-2011-3976 (Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP ...)
+CVE-2011-3976
 	NOT-FOR-US: AmmSoft ScriptFTP
-CVE-2011-3975 (A certain HTC update for Android 2.3.4 build GRJ22, when the Sense ...)
+CVE-2011-3975
 	NOT-FOR-US: HTC Android
-CVE-2011-3974 (Integer signedness error in the decode_residual_inter function in ...)
+CVE-2011-3974
 	{DSA-2336-1}
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-3973 (cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 ...)
+CVE-2011-3973
 	{DSA-2336-1}
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-3972 (The shader translator implementation in Google Chrome before ...)
+CVE-2011-3972
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3971 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+CVE-2011-3971
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3970 (libxslt, as used in Google Chrome before 17.0.963.46, allows remote ...)
+CVE-2011-3970
 	- libxslt 1.1.26-11 (low; bug #660650)
 	[squeeze] - libxslt 1.1.26-6+squeeze1
-CVE-2011-3969 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+CVE-2011-3969
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3968 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+CVE-2011-3968
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3967 (Unspecified vulnerability in Google Chrome before 17.0.963.46 allows ...)
+CVE-2011-3967
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3966 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
+CVE-2011-3966
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3965 (Google Chrome before 17.0.963.46 does not properly check signatures, ...)
+CVE-2011-3965
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3964 (Google Chrome before 17.0.963.46 does not properly implement the ...)
+CVE-2011-3964
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3963 (Google Chrome before 17.0.963.46 does not properly handle PDF FAX ...)
+CVE-2011-3963
 	- chromium-browser <not-affected> (Only affects proprietary Chrome)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3962 (Google Chrome before 17.0.963.46 does not properly perform path ...)
+CVE-2011-3962
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3961 (Race condition in Google Chrome before 17.0.963.46 allows remote ...)
+CVE-2011-3961
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3960 (Google Chrome before 17.0.963.46 does not properly decode audio data, ...)
+CVE-2011-3960
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3959 (Buffer overflow in the locale implementation in Google Chrome before ...)
+CVE-2011-3959
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3958 (Google Chrome before 17.0.963.46 does not properly perform casts of ...)
+CVE-2011-3958
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3957 (Use-after-free vulnerability in the garbage-collection functionality ...)
+CVE-2011-3957
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3956 (The extension implementation in Google Chrome before 17.0.963.46 does ...)
+CVE-2011-3956
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3955 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...)
+CVE-2011-3955
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3954 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...)
+CVE-2011-3954
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3953 (Google Chrome before 17.0.963.46 does not prevent monitoring of the ...)
+CVE-2011-3953
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3952 (The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 ...)
+CVE-2011-3952
 	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3951 (The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg ...)
+CVE-2011-3951
 	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3950 (The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg ...)
+CVE-2011-3950
 	- libav <not-affected> (Specific to newer ffmpeg after split)
 	- ffmpeg <not-affected> (Specific to newer ffmpeg after split)
-CVE-2011-3949 (The dirac_unpack_idwt_params function in libavcodec/diracdec.c in ...)
+CVE-2011-3949
 	- libav <not-affected> (Specific to newer ffmpeg after split)
 	- ffmpeg <not-affected> (Specific to newer ffmpeg after split)
 CVE-2011-3948
 	RESERVED
-CVE-2011-3947 (Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before ...)
+CVE-2011-3947
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3946 (The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg ...)
+CVE-2011-3946
 	{DSA-3003-1}
 	- libav 6:10.3-1 (unimportant)
 	- ffmpeg 7:2.4.1-1 (unimportant)
 	NOTE: Not suitable for code injection, not treated as security issue
-CVE-2011-3945 (The decode_frame function in the KVG1 decoder (kgv1dec.c) in ...)
+CVE-2011-3945
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2011-3944 (The smacker_decode_header_tree function in libavcodec/smacker.c in ...)
+CVE-2011-3944
 	{DSA-2855-1}
 	- libav 6:9.10-1
 	- ffmpeg 7:2.4.1-1
@@ -3321,12 +3321,12 @@ CVE-2011-3943
 	RESERVED
 CVE-2011-3942
 	RESERVED
-CVE-2011-3941 (The decode_mb function in libavcodec/error_resilience.c in FFmpeg ...)
+CVE-2011-3941
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6193ff68549ecbaf1a4d63a0e06964ec580ac620
-CVE-2011-3940 (nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before ...)
+CVE-2011-3940
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
@@ -3334,19 +3334,19 @@ CVE-2011-3939
 	RESERVED
 CVE-2011-3938
 	RESERVED
-CVE-2011-3937 (The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, ...)
+CVE-2011-3937
 	- libav 6:0.8.3-1
 	- ffmpeg <not-affected> (Vulnerable code not present, introduced in 0.7)
-CVE-2011-3936 (The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before ...)
+CVE-2011-3936
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3935 (The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows ...)
+CVE-2011-3935
 	{DSA-3003-1}
 	- libav 6:10-1
 	- ffmpeg <not-affected> (vuln. code not present, introduced later)
 	NOTE: [Diego] applies to 0.8 and 9 only, cherrypicked fixes on ML
-CVE-2011-3934 (Double free vulnerability in the vp3_update_thread_context function in ...)
+CVE-2011-3934
 	{DSA-3003-1}
 	- libav 6:10-1 (unimportant)
 	- ffmpeg 7:2.4.1-1 (unimportant)
@@ -3360,23 +3360,23 @@ CVE-2011-3931
 	RESERVED
 CVE-2011-3930
 	RESERVED
-CVE-2011-3929 (The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x ...)
+CVE-2011-3929
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3928 (Use-after-free vulnerability in Google Chrome before 16.0.912.77 ...)
+CVE-2011-3928
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3927 (Skia, as used in Google Chrome before 16.0.912.77, does not perform ...)
+CVE-2011-3927
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3926 (Heap-based buffer overflow in the tree builder in Google Chrome before ...)
+CVE-2011-3926
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3925 (Use-after-free vulnerability in the Safe Browsing feature in Google ...)
+CVE-2011-3925
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3924 (Use-after-free vulnerability in Google Chrome before 16.0.912.77 ...)
+CVE-2011-3924
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3923 [struts ParameterInterceptor remote code execution]
@@ -3384,71 +3384,71 @@ CVE-2011-3923 [struts ParameterInterceptor remote code execution]
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-009
 	NOTE: http://blog.o0o.nu/2012/01/cve-2011-3923-yet-another-struts2.html
-CVE-2011-3922 (Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows ...)
+CVE-2011-3922
 	- chromium-browser 16.0.912.75~r116452-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3921 (Use-after-free vulnerability in Google Chrome before 16.0.912.75 ...)
+CVE-2011-3921
 	- chromium-browser 16.0.912.75~r116452-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3920
 	RESERVED
-CVE-2011-3919 (Heap-based buffer overflow in libxml2, as used in Google Chrome before ...)
+CVE-2011-3919
 	{DSA-2394-1}
 	- chromium-browser 16.0.912.75~r116452-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxml2 2.7.8.dfsg-7 (bug #656377)
-CVE-2011-3918 (The Zygote process in Android 4.0.3 and earlier accepts fork requests ...)
+CVE-2011-3918
 	NOT-FOR-US: Android
-CVE-2011-3917 (Stack-based buffer overflow in FileWatcher in Google Chrome before ...)
+CVE-2011-3917
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3916 (Google Chrome before 16.0.912.63 does not properly handle PDF cross ...)
+CVE-2011-3916
 	- chromium-browser <not-affected> (Chrome pdf plugin)
-CVE-2011-3915 (Buffer overflow in Google Chrome before 16.0.912.63 allows remote ...)
+CVE-2011-3915
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (Chrome pdf plugin)
-CVE-2011-3914 (The internationalization (aka i18n) functionality in Google V8, as ...)
+CVE-2011-3914
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (v8-i18n chrome issue)
-CVE-2011-3913 (Use-after-free vulnerability in Google Chrome before 16.0.912.63 ...)
+CVE-2011-3913
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/100827
-CVE-2011-3912 (Use-after-free vulnerability in Google Chrome before 16.0.912.63 ...)
+CVE-2011-3912
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/100502
-CVE-2011-3911 (Google Chrome before 16.0.912.63 does not properly handle PDF ...)
+CVE-2011-3911
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (Chrome pdf plugin)
-CVE-2011-3910 (Google Chrome before 16.0.912.63 does not properly handle YUV video ...)
+CVE-2011-3910
 	- chromium-browser 16.0.912.63~r113337-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3909 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...)
+CVE-2011-3909
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/98374
-CVE-2011-3908 (Google Chrome before 16.0.912.63 does not properly parse SVG ...)
+CVE-2011-3908
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/99025
-CVE-2011-3907 (The view-source feature in Google Chrome before 16.0.912.63 allows ...)
+CVE-2011-3907
 	- chromium-browser 16.0.912.63~r113337-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3906 (The PDF parser in Google Chrome before 16.0.912.63 allows remote ...)
+CVE-2011-3906
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (Chrome pdf plugin)
-CVE-2011-3905 (libxml2, as used in Google Chrome before 16.0.912.63, allows remote ...)
+CVE-2011-3905
 	{DSA-2394-1}
 	- libxml2 2.7.8.dfsg-5.1 (bug #652352)
-CVE-2011-3904 (Use-after-free vulnerability in Google Chrome before 16.0.912.63 ...)
+CVE-2011-3904
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/99462
-CVE-2011-3903 (Google Chrome before 16.0.912.63 does not properly perform regex ...)
+CVE-2011-3903
 	- chromium-browser 16.0.912.63~r113337-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
@@ -3456,7 +3456,7 @@ CVE-2011-3902
 	RESERVED
 CVE-2011-3901
 	RESERVED
-CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows remote ...)
+CVE-2011-3900
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	- libv8 3.5.10.24
@@ -3464,29 +3464,29 @@ CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows r
 	[squeeze] - libv8 <not-affected>
 CVE-2011-3899
 	RESERVED
-CVE-2011-3898 (Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) ...)
+CVE-2011-3898
 	- chromium-browser 15.0.874.121~r109964-1 (unimportant)
 	- webkit <not-affected> (Chrome issue)
-CVE-2011-3897 (Use-after-free vulnerability in Google Chrome before 15.0.874.120 ...)
+CVE-2011-3897
 	- chromium-browser 15.0.874.121~r109964-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/99023
-CVE-2011-3896 (Buffer overflow in Google Chrome before 15.0.874.120 allows remote ...)
+CVE-2011-3896
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google Chrome ...)
+CVE-2011-3895
 	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (Chrome issue)
 	- ffmpeg 7:2.4.1-1
 	- libav 4:0.8~beta2-1 (bug #654534; bug #654573)
-CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 ...)
+CVE-2011-3894
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the MKV ...)
+CVE-2011-3893
 	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
@@ -3496,7 +3496,7 @@ CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the
 	NOTE: this is due to http://llvm.org/bugs/show_bug.cgi?id=7554
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106599
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106621
-CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google Chrome ...)
+CVE-2011-3892
 	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
@@ -3504,75 +3504,75 @@ CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google Chrome
 	- libav 4:0.8~beta2-1 (bug #654534; bug #654571)
 	- ffmpeg 7:2.4.1-1
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=107489
-CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...)
+CVE-2011-3891
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3890 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 ...)
+CVE-2011-3890
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/97451
-CVE-2011-3889 (Heap-based buffer overflow in the Web Audio implementation in Google ...)
+CVE-2011-3889
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96843
-CVE-2011-3888 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 ...)
+CVE-2011-3888
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/96868
-CVE-2011-3887 (Google Chrome before 15.0.874.102 does not properly handle javascript: ...)
+CVE-2011-3887
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96260
-CVE-2011-3886 (Google V8, as used in Google Chrome before 15.0.874.102, allows remote ...)
+CVE-2011-3886
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	- libv8 3.6
 	[squeeze] - libv8 <not-affected>
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3885 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 ...)
+CVE-2011-3885
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/97402
-CVE-2011-3884 (Google Chrome before 15.0.874.102 does not properly address timing ...)
+CVE-2011-3884
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3883 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 ...)
+CVE-2011-3883
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96632
-CVE-2011-3882 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 ...)
+CVE-2011-3882
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3881 (WebKit, as used in Google Chrome before 15.0.874.102 and Android ...)
+CVE-2011-3881
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/97353
-CVE-2011-3880 (Google Chrome before 15.0.874.102 does not prevent use of an ...)
+CVE-2011-3880
 	- chromium-browser 15.0.874.106~r107270-1 (unimportant)
 	- webkit <not-affected> (Chrome issue)
-CVE-2011-3879 (Google Chrome before 15.0.874.102 does not prevent redirects to ...)
+CVE-2011-3879
 	- chromium-browser 15.0.874.106~r107270-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/96610
-CVE-2011-3878 (Race condition in Google Chrome before 15.0.874.102 allows remote ...)
+CVE-2011-3878
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96999
-CVE-2011-3877 (Cross-site scripting (XSS) vulnerability in the appcache internals ...)
+CVE-2011-3877
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3876 (Google Chrome before 15.0.874.102 does not properly handle downloading ...)
+CVE-2011-3876
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3875 (Google Chrome before 15.0.874.102 does not properly handle drag and ...)
+CVE-2011-3875
 	- chromium-browser 15.0.874.106~r107270-1 (unimportant)
 	- webkit <not-affected> (Chrome issue)
-CVE-2011-3874 (Stack-based buffer overflow in libsysutils in Android 2.2.x through ...)
+CVE-2011-3874
 	NOT-FOR-US: Android
-CVE-2011-3873 (Google Chrome before 14.0.835.202 does not properly implement shader ...)
+CVE-2011-3873
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
@@ -3581,393 +3581,393 @@ CVE-2011-XXXX [Fix file indirectory injection]
 	[squeeze] - puppet 2.6.2-5+squeeze1
 	NOTE: Only exploitable during build/test suite run
 	NOTE: DSA-2314-1
-CVE-2011-3872 (Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet ...)
+CVE-2011-3872
 	{DSA-2352-1}
 	- puppet 2.7.6-1
-CVE-2011-3871 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when ...)
+CVE-2011-3871
 	{DSA-2314-1}
 	- puppet 2.7.3-3
-CVE-2011-3870 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows ...)
+CVE-2011-3870
 	{DSA-2314-1}
 	- puppet 2.7.3-3
-CVE-2011-3869 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows ...)
+CVE-2011-3869
 	{DSA-2314-1}
 	- puppet 2.7.3-3
-CVE-2011-3868 (Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player ...)
+CVE-2011-3868
 	NOT-FOR-US: Vmware
 CVE-2011-3867
 	REJECTED
-CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly ...)
+CVE-2011-3866
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3865 (Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme ...)
+CVE-2011-3865
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3864 (Cross-site scripting (XSS) vulnerability in the The Erudite theme ...)
+CVE-2011-3864
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3863 (Cross-site scripting (XSS) vulnerability in the RedLine theme before ...)
+CVE-2011-3863
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3862 (Cross-site scripting (XSS) vulnerability in the Morning Coffee theme ...)
+CVE-2011-3862
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3861 (Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 ...)
+CVE-2011-3861
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3860 (Cross-site scripting (XSS) vulnerability in the Cover WP theme before ...)
+CVE-2011-3860
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3859 (Cross-site scripting (XSS) vulnerability in the Trending theme before ...)
+CVE-2011-3859
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3858 (Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme ...)
+CVE-2011-3858
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3857 (Cross-site scripting (XSS) vulnerability in the Antisnews theme before ...)
+CVE-2011-3857
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3856 (Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme ...)
+CVE-2011-3856
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3855 (Cross-site scripting (XSS) vulnerability in the F8 Lite theme before ...)
+CVE-2011-3855
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3854 (Cross-site scripting (XSS) vulnerability in the ZenLite theme before ...)
+CVE-2011-3854
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3853 (Cross-site scripting (XSS) vulnerability in the Hybrid theme before ...)
+CVE-2011-3853
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3852 (Cross-site scripting (XSS) vulnerability in the EvoLve theme before ...)
+CVE-2011-3852
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3851 (Cross-site scripting (XSS) vulnerability in the News theme before 0.2 ...)
+CVE-2011-3851
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3850 (Cross-site scripting (XSS) vulnerability in the Atahualpa theme before ...)
+CVE-2011-3850
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3849 (Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 ...)
+CVE-2011-3849
 	NOT-FOR-US: CA Directory
-CVE-2011-3848 (Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and ...)
+CVE-2011-3848
 	{DSA-2314-1}
 	- puppet 2.7.3-2
 CVE-2011-3847
 	RESERVED
-CVE-2011-3846 (Cross-site request forgery (CSRF) vulnerability in HP System ...)
+CVE-2011-3846
 	NOT-FOR-US: HP System Management Homepage
-CVE-2011-3845 (Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in ...)
+CVE-2011-3845
 	NOT-FOR-US: Apple Safari
-CVE-2011-3844 (Apple Safari 5.0.5 does not properly implement the setInterval ...)
+CVE-2011-3844
 	NOT-FOR-US: Apple Safari
 CVE-2011-3843
 	RESERVED
 CVE-2011-3842
 	RESERVED
-CVE-2011-3841 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-3841
 	NOT-FOR-US: Wordpress plugin
 CVE-2011-3840
 	RESERVED
-CVE-2011-3839 (The administration functionality in Wuzly 2.0 allows remote attackers ...)
+CVE-2011-3839
 	NOT-FOR-US: Wuzly
-CVE-2011-3838 (Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote ...)
+CVE-2011-3838
 	NOT-FOR-US: Wuzly
-CVE-2011-3837 (Directory traversal vulnerability in blog_system/data_functions.php in ...)
+CVE-2011-3837
 	NOT-FOR-US: Wuzly
-CVE-2011-3836 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wuzly ...)
+CVE-2011-3836
 	NOT-FOR-US: Wuzly
-CVE-2011-3835 (Multiple cross-site scripting (XSS) vulnerabilities in Wuzly 2.0 allow ...)
+CVE-2011-3835
 	NOT-FOR-US: Wuzly
-CVE-2011-3834 (Multiple integer overflows in the in_avi.dll plugin in Winamp before ...)
+CVE-2011-3834
 	NOT-FOR-US: Winamp
-CVE-2011-3833 (Unrestricted file upload vulnerability in ftp_upload_file.php in ...)
+CVE-2011-3833
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3832 (Eval injection vulnerability in config.php in Support Incident Tracker ...)
+CVE-2011-3832
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3831 (SQL injection vulnerability in incident_attachments.php in Support ...)
+CVE-2011-3831
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3830 (Cross-site scripting (XSS) vulnerability in search.php in Support ...)
+CVE-2011-3830
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3829 (ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows ...)
+CVE-2011-3829
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3828 (DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote ...)
+CVE-2011-3828
 	NOT-FOR-US: DVR Remote
-CVE-2011-3827 (The iCalendar component in gwwww1.dll in GroupWise Internet Agent ...)
+CVE-2011-3827
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3826
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3825 (Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers ...)
+CVE-2011-3825
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3824 (Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain ...)
+CVE-2011-3824
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3823 (Yamamah 1.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3823
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3822 (XOOPS 2.5.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3822
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3821 (xajax 0.6 beta1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3821
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3820 (WSN Software 6.0.6 allows remote attackers to obtain sensitive ...)
+CVE-2011-3820
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3819 (WoW Server Status 4.1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3819
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3818 (WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive ...)
+CVE-2011-3818
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3817 (Website Baker 2.8.1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3817
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3816 (WEBinsta mailing list manager 1.3e allows remote attackers to obtain ...)
+CVE-2011-3816
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3815 (WeBid 1.0.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3815
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3814 (WebCalendar 1.2.3, and other versions before 1.2.5, allows remote ...)
+CVE-2011-3814
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3813 (Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain ...)
+CVE-2011-3813
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3812 (Vanilla 2.0.16 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3812
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3811 (TomatoCart 1.1.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3811
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3810 (TinyWebGallery (TWG) 1.8.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3810
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3809 (TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3809
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3808 (The Bug Genie 2.1.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-3808
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3807 (Textpattern 4.2.0 allows remote attackers to obtain sensitive ...)
+CVE-2011-3807
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3806 (TCExam 11.1.015 allows remote attackers to obtain sensitive ...)
+CVE-2011-3806
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3805 (TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive ...)
+CVE-2011-3805
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3804 (SweetRice 0.7.1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3804
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3803 (SugarCRM 6.1.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3803
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3802 (StatusNet 0.9.6 allows remote attackers to obtain sensitive ...)
+CVE-2011-3802
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3801 (SimpleTest 1.0.1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3801
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3800 (Serendipity 1.5.5 allows remote attackers to obtain sensitive ...)
+CVE-2011-3800
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3799 (ReOS 2.0.5 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3799
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3798 (Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive ...)
+CVE-2011-3798
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3797 (ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3797
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3796 (PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive ...)
+CVE-2011-3796
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3795 (Podcast Generator 1.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3795
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3794 (Pligg CMS 1.1.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3794
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3793 (Pixie 1.04 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3793
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3792 (Pixelpost 1.7.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3792
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3791 (Piwik 1.1 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3791
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3790 (Piwigo 2.1.5 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3790
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3789 (phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive ...)
+CVE-2011-3789
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3788 (PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3788
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3787 (phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive ...)
+CVE-2011-3787
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3786 (PHProjekt 6.0.5 allows remote attackers to obtain sensitive ...)
+CVE-2011-3786
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3785 (PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain ...)
+CVE-2011-3785
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3784 (Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain ...)
+CVE-2011-3784
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3783 (phpMyFAQ 2.6.13 allows remote attackers to obtain sensitive ...)
+CVE-2011-3783
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3782 (phpLD 2-151.2.0 allows remote attackers to obtain sensitive ...)
+CVE-2011-3782
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3781 (PHPIDS 0.6.5 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3781
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3780 (PHP iCalendar 2.4 allows remote attackers to obtain sensitive ...)
+CVE-2011-3780
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3779 (PhpHostBot 2.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3779
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3778 (PhpGedView 4.2.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3778
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3777 (phpFreeChat 1.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3777
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3776 (phpFormGenerator 2.09 allows remote attackers to obtain sensitive ...)
+CVE-2011-3776
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3775 (PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3775
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3774 (php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to ...)
+CVE-2011-3774
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3773 (PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive ...)
+CVE-2011-3773
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3772 (phpCollab 2.5 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3772
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3771 (phpBook 2.1.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3771
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3770 (phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive ...)
+CVE-2011-3770
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3769 (PHPads 2.0 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3769
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3768 (Phorum 5.2.15a allows remote attackers to obtain sensitive information ...)
+CVE-2011-3768
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3767 (osCommerce 3.0a5 allows remote attackers to obtain sensitive ...)
+CVE-2011-3767
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3766 (OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-3766
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3765 (Open-Realty 2.5.8 allows remote attackers to obtain sensitive ...)
+CVE-2011-3765
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3764 (OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain ...)
+CVE-2011-3764
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3763 (OpenCart 1.4.9.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3763
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3762 (OpenBlog 1.2.1 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3762
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3761 (NuSOAP 0.9.5 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3761
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3760 (Nucleus 3.61 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3760
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3759 (MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain ...)
+CVE-2011-3759
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3758 (::mound:: 2.1.6 allows remote attackers to obtain sensitive ...)
+CVE-2011-3758
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3757 (Moodle 2.0.1 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3757
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3756 (MicroBlog 0.9.5 allows remote attackers to obtain sensitive ...)
+CVE-2011-3756
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3755 (MantisBT 1.2.4 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3755
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3754 (Mambo 4.6.5 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3754
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3753 (LinPHA 1.3.4 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3753
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3752 (LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain ...)
+CVE-2011-3752
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3751 (LifeType 1.2.10 allows remote attackers to obtain sensitive ...)
+CVE-2011-3751
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3750 (kPlaylist 1.8.502 allows remote attackers to obtain sensitive ...)
+CVE-2011-3750
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3749 (ka-Map 1.0-20070205 allows remote attackers to obtain sensitive ...)
+CVE-2011-3749
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3748 (Kamads Classifieds 2_B3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3748
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3747 (Joomla! 1.6.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3747
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3746 (Jcow 4.2.1 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3746
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3745 (HycusCMS 1.0.3 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3745
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3744 (HTML Purifier 4.2.0 allows remote attackers to obtain sensitive ...)
+CVE-2011-3744
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3743 (Hesk 2.2 allows remote attackers to obtain sensitive information via a ...)
+CVE-2011-3743
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3742 (HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive ...)
+CVE-2011-3742
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3741 (Ganglia 3.1.7 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3741
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3740 (FrontAccounting 2.3.1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3740
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3739 (Freeway 1.5 Alpha allows remote attackers to obtain sensitive ...)
+CVE-2011-3739
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3738 (Feng Office 1.7.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-3738
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3737 (eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3737
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3736 (ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive ...)
+CVE-2011-3736
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3735 (Escort Agency CMS (aka escort-agency-cms) allows remote attackers to ...)
+CVE-2011-3735
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3734 (Energine 2.3.8 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3734
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3733 (Elgg 1.7.6 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3733
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3732 (eggBlog 4.1.2 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3732
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3731 (e107 0.7.24 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3731
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3730 (Drupal 7.0 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3730
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3729 (dotproject 2.1.4 allows remote attackers to obtain sensitive ...)
+CVE-2011-3729
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3728 (Dolphin 7.0.4 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3728
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3727 (DokuWiki 2009-12-25c allows remote attackers to obtain sensitive ...)
+CVE-2011-3727
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3726 (DoceboLMS 4.0.4 allows remote attackers to obtain sensitive ...)
+CVE-2011-3726
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3725 (DeluxeBB 1.3 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3725
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3724 (CubeCart 4.4.3 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3724
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3723 (Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-3723
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3722 (Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to ...)
+CVE-2011-3722
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3721 (concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to obtain ...)
+CVE-2011-3721
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3720 (conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote ...)
+CVE-2011-3720
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3719 (CodeIgniter 1.7.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-3719
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3718 (CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain ...)
+CVE-2011-3718
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3717 (ClipBucket 2.0.9 allows remote attackers to obtain sensitive ...)
+CVE-2011-3717
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3716 (Claroline 1.9.7 allows remote attackers to obtain sensitive ...)
+CVE-2011-3716
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3715 (ClanTiger 1.1.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3715
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3714 (ClanSphere 2010.0 allows remote attackers to obtain sensitive ...)
+CVE-2011-3714
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3713 (cFTP r80 allows remote attackers to obtain sensitive information via a ...)
+CVE-2011-3713
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3712 (CakePHP 1.3.7 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3712
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3711 (BIGACE 2.7.5 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3711
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3710 (bbPress 1.0.2 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3710
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3709 (b2evolution 3.3.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3709
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3708 (Automne 4.0.2 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3708
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3707 (JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote ...)
+CVE-2011-3707
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3706 (ATutor 2.0 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3706
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3705 (Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive ...)
+CVE-2011-3705
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3704 (appRain 0.1.0 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3704
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3703 (AneCMS 1.0 allows remote attackers to obtain sensitive information via ...)
+CVE-2011-3703
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3702 (Ananta Gazelle 1.0 allows remote attackers to obtain sensitive ...)
+CVE-2011-3702
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3701 (AlegroCart 1.2.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3701
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3700 (Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain ...)
+CVE-2011-3700
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3699 (John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain ...)
+CVE-2011-3699
 	- libphp-adodb <unfixed> (unimportant)
 	NOTE: path is already known
-CVE-2011-3698 (AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive ...)
+CVE-2011-3698
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3697 (Achievo 1.4.5 allows remote attackers to obtain sensitive information ...)
+CVE-2011-3697
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3696 (60cycleCMS 2.5.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-3696
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3695 (111WebCalendar 1.2.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3695
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3694 (The Server Administration Console in NetSaro Enterprise Messenger ...)
+CVE-2011-3694
 	NOT-FOR-US: NetSaro Enterprise Messenger
-CVE-2011-3693 (NetSaro Enterprise Messenger Server 2.0 allows local users to discover ...)
+CVE-2011-3693
 	NOT-FOR-US: NetSaro Enterprise Messenger
-CVE-2011-3692 (NetSaro Enterprise Messenger Server 2.0 stores cleartext console ...)
+CVE-2011-3692
 	NOT-FOR-US: NetSaro Enterprise Messenger
-CVE-2011-3691 (Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 ...)
+CVE-2011-3691
 	NOT-FOR-US: Foxit Reader
-CVE-2011-3690 (Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 ...)
+CVE-2011-3690
 	NOT-FOR-US: PlotSoft PDFill PDF Editor
-CVE-2011-3689 (Cross-site scripting (XSS) vulnerability in Licenses.html in ...)
+CVE-2011-3689
 	NOT-FOR-US: Wibu-Systems CodeMeter WebAdmin
-CVE-2011-3688 (Multiple SQL injection vulnerabilities in Sonexis ConferenceManager ...)
+CVE-2011-3688
 	NOT-FOR-US: Sonexis ConferenceManager
-CVE-2011-3687 (Multiple cross-site scripting (XSS) vulnerabilities in Sonexis ...)
+CVE-2011-3687
 	NOT-FOR-US: Sonexis ConferenceManager
-CVE-2011-3686 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-3686
 	NOT-FOR-US: Sonexis ConferenceManager
-CVE-2011-3685 (Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution ...)
+CVE-2011-3685
 	NOT-FOR-US: Tembria Server Monitor
-CVE-2011-3684 (Multiple cross-site scripting (XSS) vulnerabilities in Tembria Server ...)
+CVE-2011-3684
 	NOT-FOR-US: Tembria Server Monitor
 CVE-2011-3683
 	RESERVED
@@ -3993,13 +3993,13 @@ CVE-2011-3673
 	REJECTED
 CVE-2011-3672
 	REJECTED
-CVE-2011-3671 (Use-after-free vulnerability in the nsHTMLSelectElement function in ...)
+CVE-2011-3671
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3670 (Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before ...)
+CVE-2011-3670
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove 7.0-1
 	[lenny] - icedove <end-of-life>
@@ -4009,29 +4009,29 @@ CVE-2011-3670 (Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird be
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3669 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...)
+CVE-2011-3669
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2011-3668 (Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in ...)
+CVE-2011-3668
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2011-3667 (The User.offer_account_by_email WebService method in Bugzilla 2.x and ...)
+CVE-2011-3667
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <end-of-life> (Not supported in Squeeze LTS)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2011-3666 (Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS ...)
+CVE-2011-3666
 	- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3665 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and ...)
+CVE-2011-3665
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3664 (Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey ...)
+CVE-2011-3664
 	- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3663 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and ...)
+CVE-2011-3663
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -4039,30 +4039,30 @@ CVE-2011-3663 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2011-3662
 	RESERVED
-CVE-2011-3661 (YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 ...)
+CVE-2011-3661
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3660 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-3660
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3659 (Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x ...)
+CVE-2011-3659
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3658 (The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and ...)
+CVE-2011-3658
 	- iceweasel 9.0-1
 	- iceape 2.7.1-1
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3657 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x ...)
+CVE-2011-3657
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <end-of-life> (Not supported in Squeeze LTS)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
@@ -4070,33 +4070,33 @@ CVE-2011-3656
 	RESERVED
 	- iceweasel 4.0-1
 	[squeeze] - iceweasel <end-of-life> (Iceweasel not supported in Squeeze LTS)
-CVE-2011-3655 (Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 ...)
+CVE-2011-3655
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3654 (The browser engine in Mozilla Firefox before 8.0 and Thunderbird ...)
+CVE-2011-3654
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3653 (Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do ...)
+CVE-2011-3653
 	- iceweasel <not-affected> (MacOS X-specific)
-CVE-2011-3652 (The browser engine in Mozilla Firefox before 8.0 and Thunderbird ...)
+CVE-2011-3652
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3651 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-3651
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3650 (Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird ...)
+CVE-2011-3650
 	{DSA-2345-1 DSA-2342-1 DSA-2341-1}
 	- icedove 3.1.16-1
 	[lenny] - icedove <end-of-life>
@@ -4106,9 +4106,9 @@ CVE-2011-3650 (Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird
 	- iceape 2.0.14-9
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3649 (Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) ...)
+CVE-2011-3649
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2011-3648 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2011-3648
 	{DSA-2345-1 DSA-2342-1 DSA-2341-1}
 	- icedove 3.1.16-1
 	[lenny] - icedove <end-of-life>
@@ -4118,7 +4118,7 @@ CVE-2011-3648 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox befor
 	- iceape 2.0.14-9
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3647 (The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird ...)
+CVE-2011-3647
 	{DSA-2345-1 DSA-2342-1 DSA-2341-1}
 	- icedove 3.1.16-1
 	[lenny] - icedove <end-of-life>
@@ -4128,9 +4128,9 @@ CVE-2011-3647 (The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunde
 	- iceape 2.0.14-9
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3646 (phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote ...)
+CVE-2011-3646
 	- phpmyadmin 4:3.4.6-1 (unimportant)
-CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access ...)
+CVE-2011-3645
 	NOT-FOR-US: Newgen OmniDocs
 CVE-2011-XXXX [atftp DoS]
 	- atftp 0.7.dfsg-11 (low)
@@ -4147,7 +4147,7 @@ CVE-2011-3642 [flowplayer-core: Arbitrary plugins with remote code execution (XS
 	NOTE: https://code.google.com/p/flowplayer-core/issues/detail?id=441
 CVE-2011-3641
 	RESERVED
-CVE-2011-3640 (** DISPUTED ** Untrusted search path vulnerability in Mozilla Network ...)
+CVE-2011-3640
 	{DSA-2339-1}
 	- nss 3.13.1.with.ckbi.1.88-1 (low; bug #647614)
 	[lenny] - nss <no-dsa> (Minor issue)
@@ -4155,24 +4155,24 @@ CVE-2011-3640 (** DISPUTED ** Untrusted search path vulnerability in Mozilla Net
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: attacker needs to get malicious file into cwd first
 	NOTE: http://seclists.org/fulldisclosure/2011/Oct/734
-CVE-2011-3639 (The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 ...)
+CVE-2011-3639
 	{DSA-2405-1}
 	- apache2 2.2.18-1
 	NOTE: Related to CVE-2011-3368 and CVE-2011-4317 but a different issue
-CVE-2011-3638 (fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a ...)
+CVE-2011-3638
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-3637 (The m_stop function in fs/proc/task_mmu.c in the Linux kernel before ...)
+CVE-2011-3637
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-3636 (Cross-site request forgery (CSRF) vulnerability in the management ...)
+CVE-2011-3636
 	NOT-FOR-US: FreeIPA
-CVE-2011-3635 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2011-3635
 	- empathy 3.2.1.1-1
 	[squeeze] - empathy <no-dsa> (Minor issue)
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
-CVE-2011-3634 (methods/https.cc in apt before 0.8.11 accepts connections when the ...)
+CVE-2011-3634
 	{DLA-0005-1}
 	- apt 0.8.11 (low)
 	[squeeze] - apt 0.8.10.3+squeeze2
@@ -4193,19 +4193,19 @@ CVE-2011-3630 [hardlink has buffer overflows, is unsafe on changing trees]
 CVE-2011-3629
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-3628 (Untrusted search path vulnerability in pam_motd (aka the MOTD module) ...)
+CVE-2011-3628
 	- pam 1.1.3-7 (low; bug #670076)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/%2Bsource/pam/%2Bbug/610125
 	NOTE: https://launchpadlibrarian.net/82729670/610125.patch
 	NOTE: its not clear which version fixed this, but its present in the checked version 1.1.3-7
-CVE-2011-3627 (The bytecode engine in ClamAV before 0.97.3 allows remote attackers to ...)
+CVE-2011-3627
 	- clamav 0.97.3+dfsg-1 (low)
 	[squeeze] - clamav 0.97.3+dfsg-1~squeeze1
-CVE-2011-3626 (Double free vulnerability in the prepare_exec function in src/exec.c ...)
+CVE-2011-3626
 	NOT-FOR-US: Logsurfer
-CVE-2011-3625 (Stack-based buffer overflow in the sub_read_line_sami function in ...)
+CVE-2011-3625
 	- mplayer 2:1.0~rc4.dfsg1+svn33713-2 (bug #645987)
 	[squeeze] - mplayer <not-affected> (Malformed SMI file correctly rejected, possibly introduced by later changes)
 	- mplayer2 2.0-134-g84d8671-9 (bug #646937)
@@ -4220,7 +4220,7 @@ CVE-2011-3624
 	- ruby1.9.1 <removed> (low; bug #646020)
 	[squeeze] - ruby1.9.1 <no-dsa> (Minor issue, there seems to be no patch upstream)
 	[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
-CVE-2011-3623 (Multiple stack-based buffer overflows in VideoLAN VLC media player ...)
+CVE-2011-3623
 	- vlc 1.1.3-1
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=285370
 CVE-2011-3622
@@ -4229,9 +4229,9 @@ CVE-2011-3622
 CVE-2011-3621
 	RESERVED
 	NOT-FOR-US: fluxbb
-CVE-2011-3620 (Apache Qpid 0.12 does not properly verify credentials during the ...)
+CVE-2011-3620
 	- qpid-cpp <not-affected> (Red Hat-specific extension, see bug #672124)
-CVE-2011-3619 (The apparmor_setprocattr function in security/apparmor/lsm.c in the ...)
+CVE-2011-3619
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
@@ -4243,11 +4243,11 @@ CVE-2011-3618 [atop insecure tempfile handling]
 CVE-2011-3617 [tahoe-lafs: an unauthorized user can delete files]
 	RESERVED
 	- tahoe-lafs 1.8.3-1 (bug #641540)
-CVE-2011-3616 (The getSkillname function in the eve module in Conky 1.8.1 and earlier ...)
+CVE-2011-3616
 	- conky 1.8.0-1.1 (low; bug #612033)
 	[squeeze] - conky 1.8.0-1+squeeze1
 	[lenny] - conky 1.6.0-2+lenny1
-CVE-2011-3615 (Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) ...)
+CVE-2011-3615
 	NOT-FOR-US: Simple Machines Forum
 CVE-2011-3614 [vanilla plugin access control]
 	RESERVED
@@ -4269,28 +4269,28 @@ CVE-2011-3609 [CSRF in the JBoss AS 7 administration console & HTTP management A
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2011-3608
 	REJECTED
-CVE-2011-3607 (Integer overflow in the ap_pregsub function in server/util.c in the ...)
+CVE-2011-3607
 	{DSA-2405-1}
 	- apache2 2.2.21-4
 CVE-2011-3606 [DOM based XSS in the JBoss AS 7 administration console]
 	RESERVED
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2011-3605 (The process_rs function in the router advertisement daemon (radvd) ...)
+CVE-2011-3605
 	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
-CVE-2011-3604 (The process_ra function in the router advertisement daemon (radvd) ...)
+CVE-2011-3604
 	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
-CVE-2011-3603 (The router advertisement daemon (radvd) before 1.8.2 does not properly ...)
+CVE-2011-3603
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 	NOTE: should be rejected (http://seclists.org/oss-sec/2011/q4/72)
-CVE-2011-3602 (Directory traversal vulnerability in device-linux.c in the router ...)
+CVE-2011-3602
 	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
-CVE-2011-3601 (Buffer overflow in the process_ra function in the router advertisement ...)
+CVE-2011-3601
 	{DSA-2323-1}
 	- radvd 1:1.8-1.2 (bug #644614)
 	[squeeze] - radvd <not-affected> (No support for ND_OPT_DNSSL_INFORMATION)
@@ -4300,14 +4300,14 @@ CVE-2011-3600
 	RESERVED
 	- libxmlrpc3-java 3.1.3-1 (low)
 	[lenny] - libxmlrpc3-java <no-dsa> (Minor issue)
-CVE-2011-3599 (The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when ...)
+CVE-2011-3599
 	- libcrypt-dsa-perl 1.17-3 (unimportant; bug #644189)
 	NOTE: All supported Debian kernels have /dev/random, so severity unimportant
-CVE-2011-3598 (Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin ...)
+CVE-2011-3598
 	- phppgadmin 5.0.3-1 (low; bug #644290)
 	[squeeze] - phppgadmin 4.2.3-1.1squeeze1
 	[lenny] - phppgadmin 4.2.2-1lenny1
-CVE-2011-3597 (Eval injection vulnerability in the Digest module before 1.17 for Perl ...)
+CVE-2011-3597
 	- libdigest-perl 1.17-1 (low; bug #644108)
 	[squeeze] - libdigest-perl 1.16-1+squeeze1
 	[lenny] - libdigest-perl 1.15-2+lenny1
@@ -4323,30 +4323,30 @@ CVE-2011-3596
 CVE-2011-3595
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-3594 (The g_markup_escape_text function in the SILC protocol plug-in in ...)
+CVE-2011-3594
 	- pidgin 2.10.1-1 (unimportant)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
 	NOTE: relatively obscure client crash
-CVE-2011-3593 (A certain Red Hat patch to the vlan_hwaccel_do_receive function in ...)
+CVE-2011-3593
 	- linux-2.6 <not-affected> (RHEL6 only because of badly backported patches)
-CVE-2011-3592 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-3592
 	- phpmyadmin 4:3.4.5-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-3591 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2011-3591
 	- phpmyadmin 4:3.4.5-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-3590 (The Red Hat mkdumprd script for kexec-tools, as distributed in the ...)
+CVE-2011-3590
 	- kexec-tools <not-affected> (The flaw exists in kdump.init and mkdumprd scrits, shipped only with Red Hat and Fedora)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=716439
-CVE-2011-3589 (The Red Hat mkdumprd script for kexec-tools, as distributed in the ...)
+CVE-2011-3589
 	- kexec-tools <not-affected> (The flaw exists in kdump.init and mkdumprd scrits, shipped only with Red Hat and Fedora)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=716439
-CVE-2011-3588 (The SSH configuration in the Red Hat mkdumprd script for kexec-tools, ...)
+CVE-2011-3588
 	- kexec-tools <not-affected> (The flaw exists in kdump.init and mkdumprd scrits, shipped only with Red Hat and Fedora)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=716439
-CVE-2011-3587 (Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone ...)
+CVE-2011-3587
 	- zope2.10 <not-affected> (Introduced in 2.12)
 	- zope2.12 2.12.20-2
 CVE-2011-3586
@@ -4371,65 +4371,65 @@ CVE-2011-3583 [TYPO3-SA-2011-002]
 CVE-2011-3582
 	RESERVED
 	NOT-FOR-US: Advanced Electron Forums
-CVE-2011-3581 (Heap-based buffer overflow in the ldns_rr_new_frm_str_internal ...)
+CVE-2011-3581
 	{DSA-2353-1}
 	- ldns 1.6.11-1 (bug #647297)
-CVE-2011-3580 (IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote ...)
+CVE-2011-3580
 	NOT-FOR-US: IceWarp Mail Server
-CVE-2011-3579 (server/webmail.php in IceWarp WebMail in IceWarp Mail Server before ...)
+CVE-2011-3579
 	NOT-FOR-US: IceWarp Mail Server
-CVE-2011-3578 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-3578
 	- mantis 1.2.7-1
 	[squeeze] - mantis 1.1.8+dfsg-10squeeze1
-CVE-2011-3577 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 ...)
+CVE-2011-3577
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2011-3576 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 ...)
+CVE-2011-3576
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-3575 (Stack-based buffer overflow in the NSFComputeEvaluateExt function in ...)
+CVE-2011-3575
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-3574 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
+CVE-2011-3574
 	NOT-FOR-US: Oracle Communications Unified
-CVE-2011-3573 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
+CVE-2011-3573
 	NOT-FOR-US: Oracle Communications Unified
 CVE-2011-3572
 	REJECTED
-CVE-2011-3571 (Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) ...)
+CVE-2011-3571
 	NOTE: CVE was misused by Oracle. Replaced by CVE-2012-0507.
-CVE-2011-3570 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
+CVE-2011-3570
 	NOT-FOR-US: Oracle Communications Unified
-CVE-2011-3569 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
+CVE-2011-3569
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3568 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
+CVE-2011-3568
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3567
 	REJECTED
-CVE-2011-3566 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2011-3566
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3565 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
+CVE-2011-3565
 	NOT-FOR-US: Oracle Communications Unified
-CVE-2011-3564 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 ...)
+CVE-2011-3564
 	- glassfish <not-affected> (administration component not shipped)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=783897
-CVE-2011-3563 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-3563
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
-CVE-2011-3562 (Unspecified vulnerability in the Portal component in Oracle Fusion ...)
+CVE-2011-3562
 	NOT-FOR-US: Oracle Fusion
-CVE-2011-3561 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3561
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3560 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3560
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3559 (Unspecified vulnerability in Oracle Communications Server 2.0; ...)
+CVE-2011-3559
 	NOT-FOR-US: Oracle Communications Server, GlassFish Enterprise Server, Sun Java System App Server
-CVE-2011-3558 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3558
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
@@ -4437,217 +4437,217 @@ CVE-2011-3558 (Unspecified vulnerability in the Java Runtime Environment compone
 	[squeeze] - openjdk-6 <not-affected> (Hotspot version too old)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3557 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3557
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3556 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3556
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3555 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3555
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3554 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3554
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3553 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3553
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3552 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3552
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3551 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3551
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3550 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3550
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3549 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3549
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3548 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3548
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3547 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3547
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3546 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3546
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3545 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3545
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3544 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3544
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3543 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote ...)
+CVE-2011-3543
 	NOT-FOR-US: Oracle Solaris 11 Express
-CVE-2011-3542 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2011-3542
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3541 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2011-3541
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3540
 	REJECTED
-CVE-2011-3539 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2011-3539
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3538 (Unspecified vulnerability in the Sun Ray component in Oracle ...)
+CVE-2011-3538
 	NOT-FOR-US: Oracle Virtualization
-CVE-2011-3537 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-3537
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3536 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2011-3536
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3535 (Unspecified vulnerability in the Solaris component in Oracle Sun ...)
+CVE-2011-3535
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3534 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-3534
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3533 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-3533
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3532 (Unspecified vulnerability in the Oracle Agile Product Supplier ...)
+CVE-2011-3532
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2011-3531 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
+CVE-2011-3531
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-3530
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3529 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-3529
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3528 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-3528
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3527 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-3527
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3526 (Unspecified vulnerability in the Siebel Core - UIF Server component in ...)
+CVE-2011-3526
 	NOT-FOR-US: Oracle Siebel
-CVE-2011-3525 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2011-3525
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-3524 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-3524
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-3523 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
+CVE-2011-3523
 	NOT-FOR-US: Oracle Fusion
-CVE-2011-3522 (Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra ...)
+CVE-2011-3522
 	NOT-FOR-US: SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade
-CVE-2011-3521 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3521
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3520 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2011-3520
 	NOT-FOR-US: PeopleSoft Enterprise PeopleTools
-CVE-2011-3519 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2011-3519
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-3518 (Unspecified vulnerability in the Siebel Core - UIF Client component in ...)
+CVE-2011-3518
 	NOT-FOR-US: Oracle Siebel
-CVE-2011-3517 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2011-3517
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-3516 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2011-3516
 	- sun-java6 <not-affected> (Windows-specific)
 	- openjdk-6 <not-affected> (Windows-specific)
-CVE-2011-3515 (Unspecified vulnerability in the Oracle Solaris 10 and 11 Express ...)
+CVE-2011-3515
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3514 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-3514
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-3513 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2011-3513
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-3512 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-3512
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-3511 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2011-3511
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-3510 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2011-3510
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3509 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-3509
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-3508 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-3508
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3507 (Unspecified vulnerability in the Oracle Communications Unified ...)
+CVE-2011-3507
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-3506 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2011-3506
 	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2011-3505
 	REJECTED
-CVE-2011-3504 (The Matroska format decoder in FFmpeg before 0.8.3 does not properly ...)
+CVE-2011-3504
 	{DSA-2336-1}
 	- libav 4:0.7.2-1 (bug #643859)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-3503 (Untrusted search path vulnerability in eSignal 10.6.2425.1208, and ...)
+CVE-2011-3503
 	NOT-FOR-US: eSignal
-CVE-2011-3502 (The web server in Cogent DataHub 7.1.1.63 and earlier allows remote ...)
+CVE-2011-3502
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3501 (Integer overflow in Cogent DataHub 7.1.1.63 and earlier allows remote ...)
+CVE-2011-3501
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3500 (Directory traversal vulnerability in the web server in Cogent DataHub ...)
+CVE-2011-3500
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3499 (Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote ...)
+CVE-2011-3499
 	NOT-FOR-US: Progea Movicon / PowerHMI
-CVE-2011-3498 (Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and ...)
+CVE-2011-3498
 	NOT-FOR-US: Progea Movicon / PowerHMI
-CVE-2011-3497 (service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote ...)
+CVE-2011-3497
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3496 (service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote ...)
+CVE-2011-3496
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3495 (Multiple directory traversal vulnerabilities in service.exe in ...)
+CVE-2011-3495
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3494 (WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to ...)
+CVE-2011-3494
 	NOT-FOR-US: eSignal
-CVE-2011-3493 (Multiple stack-based buffer overflows in the DH_OneSecondTick function ...)
+CVE-2011-3493
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3492 (Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and ...)
+CVE-2011-3492
 	NOT-FOR-US: Azeotech DAQFactory
-CVE-2011-3491 (Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and ...)
+CVE-2011-3491
 	NOT-FOR-US: Progea Movicon / PowerHMI
-CVE-2011-3490 (Multiple stack-based buffer overflows in service.exe in Measuresoft ...)
+CVE-2011-3490
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3489 (RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and ...)
+CVE-2011-3489
 	NOT-FOR-US: Rockwell RSLogix
-CVE-2011-3488 (Use-after-free vulnerability in Equis MetaStock 11 and earlier allows ...)
+CVE-2011-3488
 	NOT-FOR-US: Equis MetaStock
-CVE-2011-3487 (Directory traversal vulnerability in CarelDataServer.exe in Carel ...)
+CVE-2011-3487
 	NOT-FOR-US: Carel PlantVisor
-CVE-2011-3486 (Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to ...)
+CVE-2011-3486
 	NOT-FOR-US: Beckhoff TwinCAT
 CVE-2011-3485
 	RESERVED
-CVE-2011-3481 (The index_get_ids function in index.c in imapd in Cyrus IMAP Server ...)
+CVE-2011-3481
 	{DSA-2377-1}
 	- cyrus-imapd-2.2 <unfixed>
 	- cyrus-imapd-2.4 2.4.11-1
@@ -4655,11 +4655,11 @@ CVE-2011-3481 (The index_get_ids function in index.c in imapd in Cyrus IMAP Serv
 	[squeeze] - kolab-cyrus-imapd <end-of-life> (Unsupported in squeeze-lts)
 CVE-2011-3480
 	REJECTED
-CVE-2011-3479 (Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite ...)
+CVE-2011-3479
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2011-3478 (The host-services component in Symantec pcAnywhere 12.5.x through ...)
+CVE-2011-3478
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2011-3477 (GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in ...)
+CVE-2011-3477
 	NOT-FOR-US: Symantec
 CVE-2011-3476
 	REJECTED
@@ -4685,21 +4685,21 @@ CVE-2011-3466
 	RESERVED
 CVE-2011-3465
 	RESERVED
-CVE-2011-3464 (Off-by-one error in the png_formatted_warning function in pngerror.c ...)
+CVE-2011-3464
 	- libpng <not-affected> (Only affects libpng 1.5, which is only in experimental)
-CVE-2011-3463 (WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not ...)
+CVE-2011-3463
 	NOT-FOR-US: Mac OS X
-CVE-2011-3462 (Time Machine in Apple Mac OS X before 10.7.3 does not verify the ...)
+CVE-2011-3462
 	NOT-FOR-US: Mac OS X
 CVE-2011-3461
 	RESERVED
-CVE-2011-3460 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows ...)
+CVE-2011-3460
 	NOT-FOR-US: QuickTime
-CVE-2011-3459 (Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows ...)
+CVE-2011-3459
 	NOT-FOR-US: QuickTime
-CVE-2011-3458 (QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to ...)
+CVE-2011-3458
 	NOT-FOR-US: QuickTime
-CVE-2011-3457 (The OpenGL implementation in Apple Mac OS X before 10.7.3 does not ...)
+CVE-2011-3457
 	NOT-FOR-US: Mac OS X
 CVE-2011-3456
 	RESERVED
@@ -4707,163 +4707,163 @@ CVE-2011-3455
 	RESERVED
 CVE-2011-3454
 	RESERVED
-CVE-2011-3453 (Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows ...)
+CVE-2011-3453
 	NOT-FOR-US: Mac OS X
-CVE-2011-3452 (Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the ...)
+CVE-2011-3452
 	NOT-FOR-US: Mac OS X
 CVE-2011-3451
 	RESERVED
-CVE-2011-3450 (CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly ...)
+CVE-2011-3450
 	NOT-FOR-US: Mac OS X
-CVE-2011-3449 (Use-after-free vulnerability in CoreText in Apple Mac OS X before ...)
+CVE-2011-3449
 	NOT-FOR-US: Mac OS X
-CVE-2011-3448 (Heap-based buffer overflow in CoreMedia in Apple Mac OS X before ...)
+CVE-2011-3448
 	NOT-FOR-US: Mac OS X
-CVE-2011-3447 (CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly ...)
+CVE-2011-3447
 	NOT-FOR-US: Mac OS X
-CVE-2011-3446 (Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not ...)
+CVE-2011-3446
 	NOT-FOR-US: Mac OS X
 CVE-2011-3445
 	RESERVED
-CVE-2011-3444 (Address Book in Apple Mac OS X before 10.7.3 automatically switches to ...)
+CVE-2011-3444
 	NOT-FOR-US: Mac OS X
-CVE-2011-3443 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
+CVE-2011-3443
 	NOT-FOR-US: Webspecidied Safari webkit issue, likely a Apple dupe
-CVE-2011-3442 (The kernel in Apple iOS before 5.0.1 does not ensure the validity of ...)
+CVE-2011-3442
 	NOT-FOR-US: Apple iOS
-CVE-2011-3441 (libinfo in Apple iOS before 5.0.1 does not properly formulate ...)
+CVE-2011-3441
 	NOT-FOR-US: Apple iOS
-CVE-2011-3440 (The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does ...)
+CVE-2011-3440
 	NOT-FOR-US: Apple iOS
-CVE-2011-3439 (FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote ...)
+CVE-2011-3439
 	{DSA-2350-1}
 	- freetype 2.4.8-1 (bug #649122)
-CVE-2011-3438 (WebKit, as used in Safari 5.0.6, allows remote attackers to cause a ...)
+CVE-2011-3438
 	NOT-FOR-US: Apple Safari
-CVE-2011-3437 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
+CVE-2011-3437
 	NOT-FOR-US: Apple Type Services (ATS) in Apple Mac OS
-CVE-2011-3436 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a ...)
+CVE-2011-3436
 	NOT-FOR-US: Open Directory in Apple Mac OS
-CVE-2011-3435 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users ...)
+CVE-2011-3435
 	NOT-FOR-US: Open Directory in Apple Mac OS
-CVE-2011-3434 (The WiFi component in Apple iOS before 5 stores WiFi credentials in an ...)
+CVE-2011-3434
 	NOT-FOR-US: WiFi component in Apple iOS
 CVE-2011-3433
 	RESERVED
-CVE-2011-3432 (The UIKit Alerts component in Apple iOS before 5 allows remote ...)
+CVE-2011-3432
 	NOT-FOR-US: UIKit Alerts component in Apple iOS
-CVE-2011-3431 (The Home screen component in Apple iOS before 5 does not properly ...)
+CVE-2011-3431
 	NOT-FOR-US: Home screen component in Apple iOS
-CVE-2011-3430 (The Settings component in Apple iOS before 5, when a configuration ...)
+CVE-2011-3430
 	NOT-FOR-US: Apple iOS
-CVE-2011-3429 (The Settings component in Apple iOS before 5 stores a cleartext ...)
+CVE-2011-3429
 	NOT-FOR-US: Apple iOS
-CVE-2011-3428 (Buffer overflow in QuickTime before 7.7.1 for Windows allows remote ...)
+CVE-2011-3428
 	NOT-FOR-US: Apple Quicktime
-CVE-2011-3427 (The Data Security component in Apple iOS before 5 and Apple TV before ...)
+CVE-2011-3427
 	NOT-FOR-US: Apple iOS
-CVE-2011-3426 (Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before ...)
+CVE-2011-3426
 	NOT-FOR-US: Apple iOS
 CVE-2011-3425
 	RESERVED
-CVE-2011-3424 (Session fixation vulnerability in the Managed File Transfer server in ...)
+CVE-2011-3424
 	NOT-FOR-US: TIBCO Managed File Transfer Internet Server
-CVE-2011-3423 (Cross-site scripting (XSS) vulnerability in the Managed File Transfer ...)
+CVE-2011-3423
 	NOT-FOR-US: TIBCO Managed File Transfer Internet Server
-CVE-2011-3482 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in ...)
+CVE-2011-3482
 	- wireshark 1.6.2-1
 	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-16.html
-CVE-2011-3483 (Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial ...)
+CVE-2011-3483
 	{DSA-2395-1}
 	- wireshark 1.6.2-1
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-14.html
-CVE-2011-3484 (The unxorFrame function in epan/dissectors/packet-opensafety.c in the ...)
+CVE-2011-3484
 	- wireshark 1.6.2-1
 	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-12.html
-CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does ...)
+CVE-2011-3422
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2011-3421
 	- chromium-browser 14.0.835.163~r101024-1 (unimportant)
 	NOTE: duplicate
-CVE-2011-3420 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2011-3420
 	- chromium-browser 14.0.835.163~r101024-1 (unimportant)
 	NOTE: duplicate
 CVE-2011-3419
 	REJECTED
 CVE-2011-3418
 	REJECTED
-CVE-2011-3417 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft ...)
+CVE-2011-3417
 	NOT-FOR-US: Microsoft ASP.NET
-CVE-2011-3416 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft ...)
+CVE-2011-3416
 	NOT-FOR-US: Microsoft ASP.NET
-CVE-2011-3415 (Open redirect vulnerability in the Forms Authentication feature in the ...)
+CVE-2011-3415
 	NOT-FOR-US: Microsoft ASP.NET
-CVE-2011-3414 (The CaseInsensitiveHashProvider.getHashCode function in the HashTable ...)
+CVE-2011-3414
 	NOT-FOR-US: Microsoft .NET Framework
 	NOTE: Might affect Mono, pinged maintainers
-CVE-2011-3413 (Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office ...)
+CVE-2011-3413
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2011-3412 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote ...)
+CVE-2011-3412
 	NOT-FOR-US: Microsoft Publisher
-CVE-2011-3411 (Microsoft Publisher 2003 SP3 allows remote attackers to execute ...)
+CVE-2011-3411
 	NOT-FOR-US: Microsoft Publisher
-CVE-2011-3410 (Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and ...)
+CVE-2011-3410
 	NOT-FOR-US: Microsoft Publisher
 CVE-2011-3409
 	REJECTED
-CVE-2011-3408 (Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the ...)
+CVE-2011-3408
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-3407
 	REJECTED
-CVE-2011-3406 (Buffer overflow in Active Directory, Active Directory Application Mode ...)
+CVE-2011-3406
 	NOT-FOR-US: Microsoft Active Directory
 CVE-2011-3405
 	REJECTED
-CVE-2011-3404 (Microsoft Internet Explorer 6 through 9 does not properly use the ...)
+CVE-2011-3404
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-3403 (Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly ...)
+CVE-2011-3403
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-3402 (Unspecified vulnerability in the TrueType font parsing engine in ...)
+CVE-2011-3402
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-3401 (ENCDEC.DLL in Windows Media Player and Media Center in Microsoft ...)
+CVE-2011-3401
 	NOT-FOR-US: Microsoft Media Player
-CVE-2011-3400 (Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly ...)
+CVE-2011-3400
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-3399
 	REJECTED
 CVE-2011-3398
 	REJECTED
-CVE-2011-3397 (The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 ...)
+CVE-2011-3397
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2011-3396 (Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 ...)
+CVE-2011-3396
 	NOT-FOR-US: Microsoft PowerPoint
 CVE-2011-3395
 	REJECTED
-CVE-2011-3394 (SQL injection vulnerability in findagent.php in MYRE Real Estate ...)
+CVE-2011-3394
 	NOT-FOR-US: MYRE Real Estate
-CVE-2011-3393 (Multiple cross-site scripting (XSS) vulnerabilities in findagent.php ...)
+CVE-2011-3393
 	NOT-FOR-US: MYRE Real Estate
-CVE-2011-3392 (Cross-site scripting (XSS) vulnerability in control.php in the ...)
+CVE-2011-3392
 	NOT-FOR-US: Phorum
-CVE-2011-3391 (IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code ...)
+CVE-2011-3391
 	NOT-FOR-US: IBM Rational Build Forge
-CVE-2011-3354 (The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel ...)
+CVE-2011-3354
 	- quassel 0.7.3-1 (low; bug #640960)
 	[squeeze] - quassel 0.6.3-2+squeeze1 (bug #640960)
 	NOTE: http://git.quassel-irc.org/?p=quassel.git;a=commit;h=da215fcb9cd3096a3e223c87577d5d4ab8f8518b
-CVE-2011-3390 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2011-3390
 	NOT-FOR-US: IBM OpenAdmin Too
 CVE-2011-3350 [masqmail improper privilege dropping]
 	RESERVED
 	- masqmail 0.2.30-1 (low; bug #638002)
 	[lenny] - masqmail <no-dsa> (no security issue by itself)
 	[squeeze] - masqmail 0.2.27-1.1+squeeze1
-CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft ...)
+CVE-2011-3389
 	{DSA-2398-1 DSA-2368-1 DSA-2358-1 DSA-2356-1 DLA-400-1 DLA-154-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
@@ -4919,40 +4919,40 @@ CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24972
 	NOTE: patch for 11 (jessie): https://code.asterisk.org/code/changelog/asterisk?cs=f233bcd81d85626ce5bdd27b05bc95d131faf3e4
 	NOTE: all versions vulnerable, backport required for wheezy
-CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...)
+CVE-2011-3388
 	NOT-FOR-US: Opera
-CVE-2011-3387 (The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote ...)
+CVE-2011-3387
 	NOT-FOR-US: IBM Java
-CVE-2011-3386 (Unspecified vulnerability in Medtronic Paradigm wireless insulin pump ...)
+CVE-2011-3386
 	NOT-FOR-US: Medtronic Paradigm wireless insulin pump
-CVE-2011-3385 (Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, ...)
+CVE-2011-3385
 	NOT-FOR-US: WebsiteBaker
-CVE-2011-3384 (Cross-site scripting (XSS) vulnerability in the Sage add-on 1.3.10 and ...)
+CVE-2011-3384
 	NOT-FOR-US: Sage
-CVE-2011-3383 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and ...)
+CVE-2011-3383
 	NOT-FOR-US: KENT-WEB WEB FORUM
-CVE-2011-3382 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 ...)
+CVE-2011-3382
 	NOT-FOR-US: Phorum
-CVE-2011-3381 (Cross-site request forgery (CSRF) vulnerability in Phorum before ...)
+CVE-2011-3381
 	NOT-FOR-US: Phorum
-CVE-2011-3380 (Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a ...)
+CVE-2011-3380
 	- openswan <not-affected> (vulnerable versions never uploaded to the archive)
-CVE-2011-3379 (The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the ...)
+CVE-2011-3379
 	- php5 5.3.9-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
 	[lenny] - php5 <not-affected> (Introduced in 5.3.7)
-CVE-2011-3378 (RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote ...)
+CVE-2011-3378
 	- rpm 4.9.1.2-1 (low; bug #645325)
 	[squeeze] - rpm 4.8.1-6+squeeze1
 	[lenny] - rpm <no-dsa> (rpm isn't used a a package manager, very limited attack vector)
-CVE-2011-3377 (The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x ...)
+CVE-2011-3377
 	{DSA-2420-1}
 	- openjdk-6 6b21~pre1-1
 	- icedtea-web 1.1.4-1
 	NOTE: Browser plugin was removed in openjdk-6 6b21~pre1-1.
-CVE-2011-3376 (org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat ...)
+CVE-2011-3376
 	- tomcat7 7.0.22-1
-CVE-2011-3375 (Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not ...)
+CVE-2011-3375
 	{DSA-2401-1}
 	- tomcat6 6.0.33-1
 	- tomcat7 7.0.22-1
@@ -4963,75 +4963,75 @@ CVE-2011-3374 [apt-key insecure validation]
 CVE-2011-3373
 	RESERVED
 	NOT-FOR-US: Views Bulk Operations module for Drupal
-CVE-2011-3372 (imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before ...)
+CVE-2011-3372
 	{DSA-2318-1}
 	- cyrus-imapd-2.2 2.4.11-1 (medium)
 	- cyrus-imapd-2.4 2.4.11-1 (medium)
 	- kolab-cyrus-imapd <removed> (medium)
 	[squeeze] - kolab-cyrus-imapd <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-3371 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-3371
 	NOT-FOR-US: PunBB
 CVE-2011-3370
 	RESERVED
 	- statusnet <itp> (bug #491723)
-CVE-2011-3369 (The add_conversation function in conversations.c in EtherApe before ...)
+CVE-2011-3369
 	- etherape 0.9.12-1 (low; bug #645324)
 	[lenny] - etherape <no-dsa> (Minor issue)
 	[squeeze] - etherape 0.9.8-1+squeeze1
-CVE-2011-3368 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, ...)
+CVE-2011-3368
 	{DSA-2405-1}
 	- apache2 2.2.21-2 (medium)
 	NOTE: http://article.gmane.org/gmane.comp.apache.announce/61
-CVE-2011-3367 (Arora, possibly 0.11 and other versions, does not use a certain font ...)
+CVE-2011-3367
 	- arora <unfixed> (unimportant)
 	NOTE: Requires CA compromise to exploit, browser still displays warning.
-CVE-2011-3366 (Rekonq 0.7.0 and earlier does not use a certain font when rendering ...)
+CVE-2011-3366
 	- rekonq <not-affected> (Only affected the 0.8.x devel versions and was fixed before final 0.8 release, see bug #647298)
 	NOTE: http://www.kde.org/info/security/advisory-20111003-1.txt
-CVE-2011-3365 (The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and ...)
+CVE-2011-3365
 	- kde4libs 4:4.7.2-1
 	[squeeze] - kde4libs <not-affected> (only 4.6.0 - 4.7.1 are vulnerable)
 	[lenny] - kde4libs <not-affected> (only 4.6.0 - 4.7.1 are vulnerable)
-CVE-2011-3364 (Incomplete blacklist vulnerability in the svEscape function in ...)
+CVE-2011-3364
 	- network-manager-applet <not-affected> (ifcfg-rh plugin not built/included in Debian)
-CVE-2011-3363 (The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel ...)
+CVE-2011-3363
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in commit 1bfe73c2)
-CVE-2011-3362 (Integer signedness error in the decode_residual_block function in ...)
+CVE-2011-3362
 	{DSA-2336-1}
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://www.ocert.org/advisories/ocert-2011-002.html
-CVE-2011-3361 (Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC ...)
+CVE-2011-3361
 	- backuppc 3.2.1-2 (bug #641450)
 	[squeeze] - backuppc 3.1.0-9.1
 	NOTE: http://sourceforge.net/mailarchive/forum.php?thread_name=f1f1ef74-716d-4af8-b1bf-c1ba6d9a98a1%40SC1EXHC-02.global.atheros.com&forum_name=backuppc-devel
 	NOTE: http://backuppc.cvs.sourceforge.net/viewvc/backuppc/BackupPC/lib/BackupPC/CGI/Browse.pm?r1=1.23&r2=1.24
-CVE-2011-3360 (Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 ...)
+CVE-2011-3360
 	{DSA-2324-1}
 	- wireshark 1.6.2-1 (low)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-15.html
-CVE-2011-3359 (The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux ...)
+CVE-2011-3359
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34
 	[lenny] - linux-2.6 <not-affected> (b43 allocate recieve buffer is 2404 bytes, which is already larger than the upstream fix of increasing it to 2382 bytes)
-CVE-2011-3358 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before ...)
+CVE-2011-3358
 	{DSA-2308-1}
 	- mantis 1.2.7-1 (low; bug #640297)
 	[squeeze] - mantis <not-affected> (Vulnerable code not present)
-CVE-2011-3357 (Directory traversal vulnerability in bug_actiongroup_ext_page.php in ...)
+CVE-2011-3357
 	{DSA-2308-1}
 	- mantis 1.2.7-1 (medium; bug #640297)
-CVE-2011-3356 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-3356
 	- mantis 1.2.7-1 (low; bug #640297)
 	[squeeze] - mantis <not-affected> (Vulnerable code not present)
 	[lenny] - mantis <not-affected> (Vulnerable code not present)
 CVE-2011-3355
 	RESERVED
 	- evolution-data-server3 3.2.1-1 (bug #641052)
-CVE-2011-3353 (Buffer overflow in the fuse_notify_inval_entry function in ...)
+CVE-2011-3353
 	{DSA-2389-1}
 	- linux-2.6 3.1.0~rc4-1~experimental.1 (low)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in commit 3b463ae0)
@@ -5047,39 +5047,39 @@ CVE-2011-3351
 CVE-2011-3349 [lightdm denial of service]
 	RESERVED
 	- lightdm 0.9.6-1 (bug #639151)
-CVE-2011-3348 (The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when ...)
+CVE-2011-3348
 	- apache2 2.2.21-1
 	[squeeze] - apache2 2.2.16-6+squeeze4
 	[lenny] - apache2 <not-affected> (introduced in 2.2.12)
-CVE-2011-3347 (A certain Red Hat patch to the be2net implementation in the kernel ...)
+CVE-2011-3347
 	- linux-2.6 3.2-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-3346 (Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before ...)
+CVE-2011-3346
 	- qemu-kvm 0.15.1+dfsg-1 (bug #646118)
 	[squeeze] - qemu-kvm <no-dsa> (SCSI support in 0.12 generally broken, no complete fix other than updating to 0.15)
-CVE-2011-3345 (ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ...)
+CVE-2011-3345
 	- ofa-kernel <itp> (bug #541849)
-CVE-2011-3344 (Cross-site scripting (XSS) vulnerability in the Lookup Login/Password ...)
+CVE-2011-3344
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-3343 (Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to ...)
+CVE-2011-3343
 	{DSA-2386-1}
 	- openttd 1.1.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2011/09/02/4
-CVE-2011-3342 (Multiple buffer overflows in OpenTTD before 1.1.3 allow remote ...)
+CVE-2011-3342
 	{DSA-2386-1}
 	- openttd 1.1.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2011/09/02/4
-CVE-2011-3341 (Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 ...)
+CVE-2011-3341
 	{DSA-2386-1}
 	- openttd 1.1.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2011/09/02/4
-CVE-2011-3340 (SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows ...)
+CVE-2011-3340
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2011-3339 (Cross-site scripting (XSS) vulnerability in the Admin Control Center ...)
+CVE-2011-3339
 	NOT-FOR-US: Sentinel HASP Run-time Environment
 CVE-2011-3338
 	RESERVED
-CVE-2011-3337 (eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 ...)
+CVE-2011-3337
 	NOT-FOR-US: eEye Digital Security Audits
 CVE-2011-3336
 	RESERVED
@@ -5089,46 +5089,46 @@ CVE-2011-3334
 	RESERVED
 CVE-2011-3333
 	RESERVED
-CVE-2011-3332 (Stack-based buffer overflow in Iceni Argus 6.20 and earlier and Infix ...)
+CVE-2011-3332
 	NOT-FOR-US: Iceni Argus
 CVE-2011-3331
 	RESERVED
-CVE-2011-3330 (Buffer overflow in the UnitelWay Windows Device Driver, as used in ...)
+CVE-2011-3330
 	NOT-FOR-US: Schneider Electric
 CVE-2011-3329
 	RESERVED
-CVE-2011-3328 (The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when ...)
+CVE-2011-3328
 	- libpng <not-affected> (Introduced in 1.5.4, which was only in experimental and which has been fixed since then)
-CVE-2011-3327 (Heap-based buffer overflow in the ecommunity_ecom2str function in ...)
+CVE-2011-3327
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3326 (The ospf_flood function in ospf_flood.c in ospfd in Quagga before ...)
+CVE-2011-3326
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3325 (ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote ...)
+CVE-2011-3325
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3324 (The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 ...)
+CVE-2011-3324
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3323 (The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows ...)
+CVE-2011-3323
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3322 (Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon ...)
+CVE-2011-3322
 	NOT-FOR-US: Scadatec Limited Procyon SCADA
-CVE-2011-3321 (Heap-based buffer overflow in the Siemens WinCC Runtime Advanced ...)
+CVE-2011-3321
 	NOT-FOR-US: SIMATIC WinCC
-CVE-2011-3320 (Cross-site scripting (XSS) vulnerability in the Web Administrator ...)
+CVE-2011-3320
 	NOT-FOR-US: GE Intelligent Platforms Proficy Historian
-CVE-2011-3319 (Buffer overflow in the WRF parsing functionality in the Cisco WebEx ...)
+CVE-2011-3319
 	NOT-FOR-US: WebEx
-CVE-2011-3318 (Cisco Video Surveillance 2421 and 2500 series cameras with software ...)
+CVE-2011-3318
 	NOT-FOR-US: Cisco
-CVE-2011-3317 (Multiple cross-site scripting (XSS) vulnerabilities in the Solution ...)
+CVE-2011-3317
 	NOT-FOR-US: Cisco
 CVE-2011-3316
 	RESERVED
-CVE-2011-3315 (Directory traversal vulnerability in Cisco Unified Communications ...)
+CVE-2011-3315
 	NOT-FOR-US: Cisco
 CVE-2011-3314
 	RESERVED
@@ -5138,9 +5138,9 @@ CVE-2011-3312
 	RESERVED
 CVE-2011-3311
 	RESERVED
-CVE-2011-3310 (The Home Page component in Cisco CiscoWorks Common Services before 4.1 ...)
+CVE-2011-3310
 	NOT-FOR-US: Cisco CiscoWorks
-CVE-2011-3309 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2011-3309
 	NOT-FOR-US: Cisco
 CVE-2011-3308
 	RESERVED
@@ -5148,243 +5148,243 @@ CVE-2011-3307
 	RESERVED
 CVE-2011-3306
 	RESERVED
-CVE-2011-3305 (Directory traversal vulnerability in Cisco Network Admission Control ...)
+CVE-2011-3305
 	NOT-FOR-US: Cisco Network Admission Control
-CVE-2011-3304 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2011-3304
 	NOT-FOR-US: Cisco
-CVE-2011-3303 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2011-3303
 	NOT-FOR-US: Cisco
-CVE-2011-3302 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2011-3302
 	NOT-FOR-US: Cisco
-CVE-2011-3301 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2011-3301
 	NOT-FOR-US: Cisco
-CVE-2011-3300 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2011-3300
 	NOT-FOR-US: Cisco
-CVE-2011-3299 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2011-3299
 	NOT-FOR-US: Cisco
-CVE-2011-3298 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2011-3298
 	NOT-FOR-US: Cisco
-CVE-2011-3297 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 ...)
+CVE-2011-3297
 	NOT-FOR-US: Cisco
-CVE-2011-3296 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 ...)
+CVE-2011-3296
 	NOT-FOR-US: Cisco
-CVE-2011-3295 (The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as ...)
+CVE-2011-3295
 	NOT-FOR-US: Cisco IOS XR
-CVE-2011-3294 (Cross-site scripting (XSS) vulnerability in the login page in the ...)
+CVE-2011-3294
 	NOT-FOR-US: Cisco TelePresence
-CVE-2011-3293 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2011-3293
 	NOT-FOR-US: Cisco
 CVE-2011-3292
 	RESERVED
 CVE-2011-3291
 	RESERVED
-CVE-2011-3290 (Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default ...)
+CVE-2011-3290
 	NOT-FOR-US: Cisco
-CVE-2011-3289 (Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate ...)
+CVE-2011-3289
 	NOT-FOR-US: Cisco IOS
-CVE-2011-3288 (Cisco Unified Presence before 8.5(4) does not properly detect ...)
+CVE-2011-3288
 	NOT-FOR-US: Cisco
-CVE-2011-3287 (Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x ...)
+CVE-2011-3287
 	NOT-FOR-US: Cisco
 CVE-2011-3286
 	RESERVED
-CVE-2011-3285 (CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive ...)
+CVE-2011-3285
 	NOT-FOR-US: Cisco
 CVE-2011-3284
 	RESERVED
-CVE-2011-3283 (Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a ...)
+CVE-2011-3283
 	NOT-FOR-US: Cisco
-CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...)
+CVE-2011-3282
 	NOT-FOR-US: Cisco
-CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain ...)
+CVE-2011-3281
 	NOT-FOR-US: Cisco
-CVE-2011-3280 (Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 ...)
+CVE-2011-3280
 	NOT-FOR-US: Cisco
-CVE-2011-3279 (The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through ...)
+CVE-2011-3279
 	NOT-FOR-US: Cisco
-CVE-2011-3278 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
+CVE-2011-3278
 	NOT-FOR-US: Cisco
-CVE-2011-3277 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
+CVE-2011-3277
 	NOT-FOR-US: Cisco
-CVE-2011-3276 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
+CVE-2011-3276
 	NOT-FOR-US: Cisco
-CVE-2011-3275 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x ...)
+CVE-2011-3275
 	NOT-FOR-US: Cisco
-CVE-2011-3274 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...)
+CVE-2011-3274
 	NOT-FOR-US: Cisco
-CVE-2011-3273 (Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based ...)
+CVE-2011-3273
 	NOT-FOR-US: Cisco
-CVE-2011-3272 (The IP Service Level Agreement (IP SLA) functionality in Cisco IOS ...)
+CVE-2011-3272
 	NOT-FOR-US: Cisco
-CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in Cisco ...)
+CVE-2011-3271
 	NOT-FOR-US: Cisco
-CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and ...)
+CVE-2011-3270
 	NOT-FOR-US: Cisco
 CVE-2011-3269
 	RESERVED
-CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows ...)
+CVE-2011-3268
 	- php5 5.3.8-1
 	[squeeze] - php5 <not-affected> (Only affected 5.3.7)
 	[lenny] - php5 <not-affected> (Only affected 5.3.7)
-CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log function, ...)
+CVE-2011-3267
 	{DSA-2408-1}
 	- php5 5.3.7-1
 	[squeeze] - php5 <not-affected> (Vulnerable code not present)
 	[lenny] - php5 <not-affected> (Vulnerable code not present)
-CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and ...)
+CVE-2011-3266
 	- wireshark 1.6.2-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
-CVE-2011-3265 (popup.php in Zabbix before 1.8.7 allows remote attackers to read the ...)
+CVE-2011-3265
 	- zabbix 1:1.8.9-1
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
-CVE-2011-3264 (Zabbix before 1.8.6 allows remote attackers to obtain sensitive ...)
+CVE-2011-3264
 	- zabbix 1:1.8.6-1 (unimportant)
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Installation path is known anyway for the Debian package
-CVE-2011-3263 (zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows ...)
+CVE-2011-3263
 	- zabbix 1:1.8.6-1
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
-CVE-2011-3262 (tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 ...)
+CVE-2011-3262
 	{DSA-2337-1}
 	- xen 4.1.1-1
 	- xen-3 <removed>
 	[lenny] - xen-3 <no-dsa> (Minor issue; only marginally affected)
-CVE-2011-3261 (Double free vulnerability in OfficeImport in Apple iOS before 5 allows ...)
+CVE-2011-3261
 	NOT-FOR-US: Apple iOS
-CVE-2011-3260 (Buffer overflow in OfficeImport in Apple iOS before 5 allows remote ...)
+CVE-2011-3260
 	NOT-FOR-US: Apple iOS
-CVE-2011-3259 (The kernel in Apple iOS before 5 and Apple TV before 4.4 does not ...)
+CVE-2011-3259
 	NOT-FOR-US: Apple iOS
 CVE-2011-3258
 	RESERVED
-CVE-2011-3257 (The Data Access component in Apple iOS before 5 does not properly ...)
+CVE-2011-3257
 	NOT-FOR-US: Apple iOS
-CVE-2011-3256 (FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before ...)
+CVE-2011-3256
 	{DSA-2328-1}
 	- freetype 2.4.7-1 (bug #646120)
-CVE-2011-3255 (CFNetwork in Apple iOS before 5 stores AppleID credentials in an ...)
+CVE-2011-3255
 	NOT-FOR-US: Apple iOS
-CVE-2011-3254 (Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS ...)
+CVE-2011-3254
 	NOT-FOR-US: Apple iOS
-CVE-2011-3253 (CalDAV in Apple iOS before 5 does not validate X.509 certificates for ...)
+CVE-2011-3253
 	NOT-FOR-US: Apple iOS
-CVE-2011-3252 (Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, ...)
+CVE-2011-3252
 	NOT-FOR-US: Apple iTunes
-CVE-2011-3251 (Apple QuickTime before 7.7.1 on Windows allows remote attackers to ...)
+CVE-2011-3251
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3250 (Integer overflow in Apple QuickTime before 7.7.1 allows remote ...)
+CVE-2011-3250
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3249 (Buffer overflow in Apple QuickTime before 7.7.1 allows remote ...)
+CVE-2011-3249
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3248 (Integer signedness error in Apple QuickTime before 7.7.1 allows remote ...)
+CVE-2011-3248
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3247 (Integer overflow in Apple QuickTime before 7.7.1 on Windows allows ...)
+CVE-2011-3247
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3246 (CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 ...)
+CVE-2011-3246
 	NOT-FOR-US: Apple iOS
-CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the final ...)
+CVE-2011-3245
 	NOT-FOR-US: Apple iOS
-CVE-2011-3244 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3244
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3243 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
+CVE-2011-3243
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3242 (The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X ...)
+CVE-2011-3242
 	NOT-FOR-US: Apple Safari
-CVE-2011-3241 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3241
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-3240
 	RESERVED
-CVE-2011-3239 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3239
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3238 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3238
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3237 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3237
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3236 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3236
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3235 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3235
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3234 (Google Chrome before 14.0.835.163 does not properly handle boxes, ...)
+CVE-2011-3234
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/92132
-CVE-2011-3233 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-3233
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3232 (YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, ...)
+CVE-2011-3232
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-3231 (The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before ...)
+CVE-2011-3231
 	NOT-FOR-US: Apple Safari
-CVE-2011-3230 (Apple Safari before 5.1.1 on Mac OS X does not enforce an intended ...)
+CVE-2011-3230
 	NOT-FOR-US: Apple Safari
-CVE-2011-3229 (Directory traversal vulnerability in Apple Safari before 5.1.1 allows ...)
+CVE-2011-3229
 	NOT-FOR-US: Apple Safari
-CVE-2011-3228 (QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to ...)
+CVE-2011-3228
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3227 (libsecurity in Apple Mac OS X before 10.7.2 does not properly handle ...)
+CVE-2011-3227
 	NOT-FOR-US: libsecurity in Apple Mac OS X
-CVE-2011-3226 (Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 ...)
+CVE-2011-3226
 	NOT-FOR-US: Open Directory in Apple Mac OS X
-CVE-2011-3225 (The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 ...)
+CVE-2011-3225
 	NOT-FOR-US: SMB File Server component in Apple Mac OS X
-CVE-2011-3224 (The User Documentation component in Apple Mac OS X through 10.6.8 uses ...)
+CVE-2011-3224
 	NOT-FOR-US: User Documentation component in Apple Mac OS X
-CVE-2011-3223 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows ...)
+CVE-2011-3223
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3222 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows ...)
+CVE-2011-3222
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3221 (QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the ...)
+CVE-2011-3221
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3220 (QuickTime in Apple Mac OS X before 10.7.2 does not properly process ...)
+CVE-2011-3220
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3219 (Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, ...)
+CVE-2011-3219
 	NOT-FOR-US: Apple CoreMedia
-CVE-2011-3218 (The &quot;Save for Web&quot; selection in QuickTime Player in Apple Mac OS X ...)
+CVE-2011-3218
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3217 (MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to ...)
+CVE-2011-3217
 	NOT-FOR-US: Mac OS X
-CVE-2011-3216 (The kernel in Apple Mac OS X before 10.7.2 does not properly implement ...)
+CVE-2011-3216
 	NOT-FOR-US: kernel in Apple Mac OS X
-CVE-2011-3215 (The kernel in Apple Mac OS X before 10.7.2 does not properly prevent ...)
+CVE-2011-3215
 	NOT-FOR-US: kernel in Apple Mac OS X
-CVE-2011-3214 (IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a ...)
+CVE-2011-3214
 	NOT-FOR-US: IOGraphics in Apple Mac OS X
-CVE-2011-3213 (The File Systems component in Apple Mac OS X before 10.7.2 does not ...)
+CVE-2011-3213
 	NOT-FOR-US: File Systems component in Apple Mac OS X
-CVE-2011-3212 (CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that ...)
+CVE-2011-3212
 	NOT-FOR-US: CoreStorage in Apple Mac OS X
-CVE-2011-3211 (The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows ...)
+CVE-2011-3211
 	{DSA-2302-1}
 	- bcfg2 1.1.2-2 (bug #640028)
 	NOTE: information as reported by maintainer
-CVE-2011-3210 (The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through ...)
+CVE-2011-3210
 	- openssl 1.0.0e-1
 	[lenny] - openssl 0.9.8g-15+lenny13
 	[squeeze] - openssl 0.9.8o-4squeeze3
-CVE-2011-3209 (The div_long_long_rem implementation in include/asm-x86/div64.h in the ...)
+CVE-2011-3209
 	- linux-2.6 2.6.26-1
-CVE-2011-3208 (Stack-based buffer overflow in the split_wildmats function in nntpd.c ...)
+CVE-2011-3208
 	{DSA-2318-1}
 	- cyrus-imapd-2.2 2.4.11-1 (medium)
 	- cyrus-imapd-2.4 2.4.11-1 (medium)
 	- kolab-cyrus-imapd <removed> (medium)
 	[squeeze] - kolab-cyrus-imapd <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-3207 (crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not ...)
+CVE-2011-3207
 	- openssl 1.0.0e-1
 	[squeeze] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
 	[lenny] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
-CVE-2011-3206 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-3206
 	NOT-FOR-US: RHQ
-CVE-2011-3205 (Buffer overflow in the gopherToHTML function in gopher.cc in the ...)
+CVE-2011-3205
 	{DSA-2304-1}
 	- squid3 3.1.15-1 (low; bug #639755)
 	- squid <not-affected> (Only a buffer overflow in Squid 3, see https://bugzilla.redhat.com/show_bug.cgi?id=734583#c4)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
-CVE-2011-3204 (hammerhead.cc in Hammerhead 2.1.4 allows local users to write to ...)
+CVE-2011-3204
 	- hammerhead <removed> (bug #639890)
 	[lenny] - hammerhead <no-dsa> (Minor issue)
 	[squeeze] - hammerhead <no-dsa> (Minor issue)
@@ -5395,158 +5395,158 @@ CVE-2011-3203 [Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution]
 CVE-2011-3202 [Jcow CMS 4.2 <= | Cross Site Scripting]
 	RESERVED
 	NOT-FOR-US: Jcow
-CVE-2011-3201 (GNOME Evolution before 3.2.3 allows user-assisted remote attackers to ...)
+CVE-2011-3201
 	- evolution <unfixed> (unimportant)
 	NOTE: Any attacks still involve quite some social engineering
-CVE-2011-3200 (Stack-based buffer overflow in the parseLegacySyslogMsg function in ...)
+CVE-2011-3200
 	- rsyslog 5.8.5-1 (low; bug #644611)
 	[squeeze] - rsyslog <no-dsa> (Minor issue)
 	[lenny] - rsyslog <no-dsa> (Minor issue)
 	NOTE: off-by-one/-two limited to 0 or :0
-CVE-2011-3199 (Multiple cross-site scripting (XSS) vulnerabilities in Domain ...)
+CVE-2011-3199
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637584)
-CVE-2011-3198 (Domain Technologie Control (DTC) before 0.34.1 includes a password in ...)
+CVE-2011-3198
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637537)
-CVE-2011-3197 (SQL injection vulnerability in Domain Technologie Control (DTC) before ...)
+CVE-2011-3197
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637487; bug #637498)
-CVE-2011-3196 (The setup script in Domain Technologie Control (DTC) before 0.34.1 ...)
+CVE-2011-3196
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637485)
-CVE-2011-3195 (shared/inc/sql/lists.php in Domain Technologie Control (DTC) before ...)
+CVE-2011-3195
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637477)
-CVE-2011-3194 (Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt ...)
+CVE-2011-3194
 	{DLA-117-1}
 	- qt4-x11 4:4.7.4-1 (bug #641738)
-CVE-2011-3193 (Heap-based buffer overflow in the Lookup_MarkMarkPos function in the ...)
+CVE-2011-3193
 	{DLA-117-1}
 	- qt4-x11 4:4.7.4-1 (bug #641738)
 	- pango1.0 1.28.3-1
 	NOTE: affected code in pango1.0 removed earlier, but this is the version checked (lenny is affected)
-CVE-2011-3192 (The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through ...)
+CVE-2011-3192
 	{DSA-2298-1}
 	- apache2 2.2.19-2
-CVE-2011-3191 (Integer signedness error in the CIFSFindNext function in ...)
+CVE-2011-3191
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-5
-CVE-2011-3190 (Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 ...)
+CVE-2011-3190
 	{DSA-2401-1}
 	- tomcat6 6.0.35-1
 	- tomcat7 7.0.21-1
 	- tomcat5.5 <removed>
-CVE-2011-3189 (The crypt function in PHP 5.3.7, when the MD5 hash type is used, ...)
+CVE-2011-3189
 	- php5 5.3.8-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
 	[lenny] - php5 <not-affected> (Introduced in 5.3.7)
-CVE-2011-3188 (The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before ...)
+CVE-2011-3188
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-3187 (The to_s method in ...)
+CVE-2011-3187
 	- rails <unfixed> (unimportant)
 	NOTE: X-Forwarded-For header is user supplied (like User-Agent)
-CVE-2011-3186 (CRLF injection vulnerability in ...)
+CVE-2011-3186
 	{DSA-2301-1}
 	- rails 2.3.14
-CVE-2011-3185 (gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted ...)
+CVE-2011-3185
 	- pidgin <not-affected> (Windows-specific)
-CVE-2011-3184 (The msn_httpconn_parse_data function in httpconn.c in the MSN protocol ...)
+CVE-2011-3184
 	- pidgin 2.10.0-1 (unimportant)
 	NOTE: Only exploitable by a malicious MSN server to crash the client
 CVE-2011-3183
 	RESERVED
 	NOT-FOR-US: Concrete CMS
-CVE-2011-3182 (PHP before 5.3.7 does not properly check the return values of the ...)
+CVE-2011-3182
 	{DSA-2408-1}
 	- php5 5.3.7-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2011-3181 (Multiple cross-site scripting (XSS) vulnerabilities in the Tracking ...)
+CVE-2011-3181
 	{DSA-2391-1}
 	- phpmyadmin 4:3.4.4-1
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-3180 (kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 ...)
+CVE-2011-3180
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-3179 (The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and ...)
+CVE-2011-3179
 	NOT-FOR-US: Novell Messenger
-CVE-2011-3178 (In the web ui of the openbuildservice before 2.3.0 a code injection of ...)
+CVE-2011-3178
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
-CVE-2011-3177 (The YaST2 network created files with world readable permissions which ...)
+CVE-2011-3177
 	NOT-FOR-US: YaST
-CVE-2011-3176 (Stack-based buffer overflow in the Preboot Service in Novell ZENworks ...)
+CVE-2011-3176
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-3175 (Stack-based buffer overflow in the Preboot Service in Novell ZENworks ...)
+CVE-2011-3175
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-3174 (Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ...)
+CVE-2011-3174
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-3173 (Stack-based buffer overflow in the GetDriverSettings function in ...)
+CVE-2011-3173
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2011-3172 (A vulnerability in pam_modules of SUSE SUSE Linux Enterprise allows ...)
+CVE-2011-3172
 	- libpam-unix2 <removed>
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=707645
 	NOTE: Issue was not fixed up to the version removed from unstable.
 	NOTE: Proposed update form SUSE: https://bugzilla.novell.com/attachment.cgi?id=441720
-CVE-2011-3171 (Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly ...)
+CVE-2011-3171
 	NOT-FOR-US: pure-FTPd add-on
-CVE-2011-3170 (The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and ...)
+CVE-2011-3170
 	{DSA-2354-1}
 	- cups 1.5.0-8
 	NOTE: This ID is for an incomplete fix for CVE-2011-2896
-CVE-2011-3169 (Unspecified vulnerability in the SMTP service implementation in HP ...)
+CVE-2011-3169
 	NOT-FOR-US: HP OpenVMS
-CVE-2011-3168 (Unspecified vulnerability in the POP and IMAP service implementations ...)
+CVE-2011-3168
 	NOT-FOR-US: HP OpenVMS
-CVE-2011-3167 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2011-3167
 	NOT-FOR-US: HP OpenView
-CVE-2011-3166 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2011-3166
 	NOT-FOR-US: HP OpenView
-CVE-2011-3165 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+CVE-2011-3165
 	NOT-FOR-US: HP OpenView
-CVE-2011-3164 (Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure ...)
+CVE-2011-3164
 	NOT-FOR-US: HP-UX
-CVE-2011-3163 (HP MFP Digital Sending Software 4.9x through 4.91.21 allows local ...)
+CVE-2011-3163
 	NOT-FOR-US: HP MFP Digital Sending Software
-CVE-2011-3162 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
+CVE-2011-3162
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3161 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
+CVE-2011-3161
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3160 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
+CVE-2011-3160
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3159 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
+CVE-2011-3159
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3158 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
+CVE-2011-3158
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3157 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
+CVE-2011-3157
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3156 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
+CVE-2011-3156
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3155 (Unspecified vulnerability in HP Onboard Administrator (OA) 3.21 ...)
+CVE-2011-3155
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2011-3154 (DistUpgrade/DistUpgradeViewKDE.py in Update Manager before ...)
+CVE-2011-3154
 	- update-manager <not-affected> (ubuntu-specific issue)
 	NOTE: see bug #650307
-CVE-2011-3153 (dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows ...)
+CVE-2011-3153
 	- lightdm 1.0.6-2
-CVE-2011-3152 (DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before ...)
+CVE-2011-3152
 	- update-manager <not-affected> (ubuntu-specific issue)
 	NOTE: see bug #650307
 CVE-2011-3151
 	RESERVED
-CVE-2011-3150 (Software Center in Ubuntu 11.10, 11.04 10.10 does not properly ...)
+CVE-2011-3150
 	- software-center <not-affected> (ubuntu-specific issue)
 	NOTE: debian package does not contain the vulnerable purchaseview.py code, and probably won't ever as that's part of their commercial interface code
-CVE-2011-3149 (The _expand_arg function in the pam_env module ...)
+CVE-2011-3149
 	{DSA-2326-1}
 	- pam 1.1.3-5
 	[lenny] - pam <not-affected> (user_env parsing not yet available)
-CVE-2011-3148 (Stack-based buffer overflow in the _assemble_line function in ...)
+CVE-2011-3148
 	{DSA-2326-1}
 	- pam 1.1.3-5
 	[lenny] - pam <not-affected> (user_env parsing not yet available)
 CVE-2011-3147
 	RESERVED
-CVE-2011-3146 (librsvg before 2.34.1 uses the node name to identify the type of node, ...)
+CVE-2011-3146
 	- librsvg 2.34.1-1
 	[squeeze] - librsvg <no-dsa> (Minor issue)
 	NOTE: http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84
@@ -5556,64 +5556,64 @@ CVE-2011-3145
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
 	[lenny] - ecryptfs-utils <not-affected> (Vulnerable code not present)
-CVE-2011-3144 (Cross-site scripting (XSS) vulnerability in Control Microsystems ...)
+CVE-2011-3144
 	NOT-FOR-US: Control Microsystems ClearSCADA
-CVE-2011-3143 (Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, ...)
+CVE-2011-3143
 	NOT-FOR-US: Control Microsystems ClearSCADA
-CVE-2011-3142 (Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in ...)
+CVE-2011-3142
 	NOT-FOR-US: WellinTech KingView
-CVE-2011-3141 (Buffer overflow in the InBatch BatchField ActiveX control for Invensys ...)
+CVE-2011-3141
 	NOT-FOR-US: Wonderware InBatch
-CVE-2011-3140 (IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and ...)
+CVE-2011-3140
 	NOT-FOR-US: IBM Web Application Firewall
 CVE-2011-3139
 	REJECTED
-CVE-2011-3138 (The LTPA STS module support implementation in IBM Tivoli Federated ...)
+CVE-2011-3138
 	NOT-FOR-US: Tivoli
-CVE-2011-3137 (Unspecified vulnerability in the Management Console in IBM Tivoli ...)
+CVE-2011-3137
 	NOT-FOR-US: Tivoli
-CVE-2011-3136 (Unspecified vulnerability in the Management Console in IBM Tivoli ...)
+CVE-2011-3136
 	NOT-FOR-US: Tivoli
-CVE-2011-3135 (Unspecified vulnerability in the Runtime in IBM Tivoli Federated ...)
+CVE-2011-3135
 	NOT-FOR-US: Tivoli
-CVE-2011-3134 (Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, ...)
+CVE-2011-3134
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2011-3133 (Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before ...)
+CVE-2011-3133
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2011-3132 (Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server ...)
+CVE-2011-3132
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2011-3131 (Xen 4.1.1 and earlier allows local guest OS kernels with control of a ...)
+CVE-2011-3131
 	{DSA-2582-1}
 	- xen 4.1.2-1
-CVE-2011-3130 (wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before ...)
+CVE-2011-3130
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3129 (The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 ...)
+CVE-2011-3129
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3128 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached ...)
+CVE-2011-3128
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3127 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent ...)
+CVE-2011-3127
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3126 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote ...)
+CVE-2011-3126
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3125 (Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before ...)
+CVE-2011-3125
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3124 (IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, ...)
+CVE-2011-3124
 	NOT-FOR-US: InfoSphere
-CVE-2011-3123 (IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, ...)
+CVE-2011-3123
 	NOT-FOR-US: InfoSphere
-CVE-2011-3122 (Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before ...)
+CVE-2011-3122
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
@@ -5630,164 +5630,164 @@ CVE-2011-3117
 	REJECTED
 CVE-2011-3116
 	REJECTED
-CVE-2011-3115 (Google V8, as used in Google Chrome before 19.0.1084.52, allows remote ...)
+CVE-2011-3115
 	- libv8 <not-affected> (Only affects >= 3.9, bug #687574)
-CVE-2011-3114 (Multiple buffer overflows in the PDF functionality in Google Chrome ...)
+CVE-2011-3114
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3113 (The PDF functionality in Google Chrome before 19.0.1084.52 does not ...)
+CVE-2011-3113
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3112 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
+CVE-2011-3112
 	- chromium-browser <not-affected> (PDF functionality specific to Chrome)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3111 (Google V8, as used in Google Chrome before 19.0.1084.52, allows remote ...)
+CVE-2011-3111
 	- libv8 3.8.9.20-2 (bug #687574)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-3110 (The PDF functionality in Google Chrome before 19.0.1084.52 allows ...)
+CVE-2011-3110
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3109 (Google Chrome before 19.0.1084.52 on Linux does not properly perform a ...)
+CVE-2011-3109
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3108 (Use-after-free vulnerability in Google Chrome before 19.0.1084.52 ...)
+CVE-2011-3108
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3107 (Google Chrome before 19.0.1084.52 does not properly implement ...)
+CVE-2011-3107
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3106 (The WebSockets implementation in Google Chrome before 19.0.1084.52 ...)
+CVE-2011-3106
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3105 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2011-3105
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3104 (Skia, as used in Google Chrome before 19.0.1084.52, allows remote ...)
+CVE-2011-3104
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3103 (Google V8, as used in Google Chrome before 19.0.1084.52, does not ...)
+CVE-2011-3103
 	- libv8 <not-affected> (Only affects >= 3.9, bug #687574)
-CVE-2011-3102 (Off-by-one error in libxml2, as used in Google Chrome before ...)
+CVE-2011-3102
 	{DSA-2479-1}
 	- libxml2 2.7.8.dfsg-9.1 (bug #674191)
 	NOTE: http://git.gnome.org/browse/libxml2/commit/?id=d8e1faeaa99c7a7c07af01c1c72de352eb590a3e
-CVE-2011-3101 (Google Chrome before 19.0.1084.46 on Linux does not properly mitigate ...)
+CVE-2011-3101
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 20.0.1132.21~r139451-1
-CVE-2011-3100 (Google Chrome before 19.0.1084.46 does not properly draw dash paths, ...)
+CVE-2011-3100
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3099 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
+CVE-2011-3099
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3098 (Google Chrome before 19.0.1084.46 on Windows uses an incorrect search ...)
+CVE-2011-3098
 	- chromium-browser <not-affected> (Windows-specific)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3097 (The PDF functionality in Google Chrome before 19.0.1084.46 allows ...)
+CVE-2011-3097
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3096 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on ...)
+CVE-2011-3096
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3095 (The OGG container in Google Chrome before 19.0.1084.46 allows remote ...)
+CVE-2011-3095
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3094 (Google Chrome before 19.0.1084.46 does not properly handle Tibetan ...)
+CVE-2011-3094
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3093 (Google Chrome before 19.0.1084.46 does not properly handle glyphs, ...)
+CVE-2011-3093
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3092 (The regex implementation in Google V8, as used in Google Chrome before ...)
+CVE-2011-3092
 	- libv8 <not-affected> (Only affects >= 3.9, bug #687574)
-CVE-2011-3091 (Use-after-free vulnerability in the IndexedDB implementation in Google ...)
+CVE-2011-3091
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3089 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 ...)
+CVE-2011-3089
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3088 (Google Chrome before 19.0.1084.46 does not properly draw hairlines, ...)
+CVE-2011-3088
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3087 (Google Chrome before 19.0.1084.46 does not properly perform window ...)
+CVE-2011-3087
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3086 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 ...)
+CVE-2011-3086
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3085 (The Autofill feature in Google Chrome before 19.0.1084.46 does not ...)
+CVE-2011-3085
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3084 (Google Chrome before 19.0.1084.46 does not use a dedicated process for ...)
+CVE-2011-3084
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3083 (browser/profiles/profile_impl_io_data.cc in Google Chrome before ...)
+CVE-2011-3083
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3082
 	RESERVED
-CVE-2011-3081 (Use-after-free vulnerability in Google Chrome before 18.0.1025.168 ...)
+CVE-2011-3081
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3080 (Race condition in the Inter-process Communication (IPC) implementation ...)
+CVE-2011-3080
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3079 (The Inter-process Communication (IPC) implementation in Google Chrome ...)
+CVE-2011-3079
 	{DSA-3260-1}
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 	- icedove <not-affected> (Only affects Thunderbird on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-57/
-CVE-2011-3078 (Use-after-free vulnerability in Google Chrome before 18.0.1025.168 ...)
+CVE-2011-3078
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3077 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 ...)
+CVE-2011-3077
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3076 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 ...)
+CVE-2011-3076
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3075 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 ...)
+CVE-2011-3075
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3074 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 ...)
+CVE-2011-3074
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3073 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 ...)
+CVE-2011-3073
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3072 (Google Chrome before 18.0.1025.151 allows remote attackers to bypass ...)
+CVE-2011-3072
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3071 (Use-after-free vulnerability in the HTMLMediaElement implementation in ...)
+CVE-2011-3071
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3070 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 ...)
+CVE-2011-3070
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3069 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2011-3069
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3068 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2011-3068
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3067 (Google Chrome before 18.0.1025.151 allows remote attackers to bypass ...)
+CVE-2011-3067
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3066 (Skia, as used in Google Chrome before 18.0.1025.151, does not properly ...)
+CVE-2011-3066
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3065 (Skia, as used in Google Chrome before 18.0.1025.142, allows remote ...)
+CVE-2011-3065
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3064 (Use-after-free vulnerability in Google Chrome before 18.0.1025.142 ...)
+CVE-2011-3064
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 18.0.1025.142~r129054-1
-CVE-2011-3063 (Google Chrome before 18.0.1025.142 does not properly validate the ...)
+CVE-2011-3063
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3062 (Off-by-one error in the OpenType Sanitizer in Google Chrome before ...)
+CVE-2011-3062
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
 	- icedove 10.0.4-1
@@ -5796,99 +5796,99 @@ CVE-2011-3062 (Off-by-one error in the OpenType Sanitizer in Google Chrome befor
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2011-3061 (Google Chrome before 18.0.1025.142 does not properly check X.509 ...)
+CVE-2011-3061
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3060 (Google Chrome before 18.0.1025.142 does not properly handle text ...)
+CVE-2011-3060
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3059 (Google Chrome before 18.0.1025.142 does not properly handle SVG text ...)
+CVE-2011-3059
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3058 (Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP ...)
+CVE-2011-3058
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3057 (Google V8, as used in Google Chrome before 17.0.963.83, allows remote ...)
+CVE-2011-3057
 	- libv8 3.8.9.20-1 (bug #687574)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=117794
 	NOTE: access restricted to chrome/libv8 bug log, so uncheckable
-CVE-2011-3056 (Google Chrome before 17.0.963.83 allows remote attackers to bypass the ...)
+CVE-2011-3056
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3055 (The browser native UI in Google Chrome before 17.0.963.83 does not ...)
+CVE-2011-3055
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3054 (The WebUI privilege implementation in Google Chrome before 17.0.963.83 ...)
+CVE-2011-3054
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3053 (Use-after-free vulnerability in Google Chrome before 17.0.963.83 ...)
+CVE-2011-3053
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3052 (The WebGL implementation in Google Chrome before 17.0.963.83 does not ...)
+CVE-2011-3052
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3051 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2011-3051
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3050 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2011-3050
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3049 (Google Chrome before 17.0.963.83 does not properly restrict the ...)
+CVE-2011-3049
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3048 (The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, ...)
+CVE-2011-3048
 	{DSA-2446-1}
 	- libpng 1.2.49-1 (bug #667475)
-CVE-2011-3047 (The GPU process in Google Chrome before 17.0.963.79 allows remote ...)
+CVE-2011-3047
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3046 (The extension subsystem in Google Chrome before 17.0.963.78 does not ...)
+CVE-2011-3046
 	- chromium-browser 17.0.963.78~r125577-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3045 (Integer signedness error in the png_inflate function in pngrutil.c in ...)
+CVE-2011-3045
 	{DSA-2439-1}
 	- libpng 1.2.47-2 (bug #665208; high)
-CVE-2011-3044 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3044
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3043 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3043
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3042 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3042
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3041 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3041
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3040 (Google Chrome before 17.0.963.65 does not properly handle text, which ...)
+CVE-2011-3040
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3039 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3039
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3038 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3038
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3037 (Google Chrome before 17.0.963.65 does not properly perform casts of ...)
+CVE-2011-3037
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3036 (Google Chrome before 17.0.963.65 does not properly perform a cast of ...)
+CVE-2011-3036
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3035 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3035
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3034 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3034
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3033 (Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, ...)
+CVE-2011-3033
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3032 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 ...)
+CVE-2011-3032
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3031 (Use-after-free vulnerability in the element wrapper in Google V8, as ...)
+CVE-2011-3031
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3030
@@ -5897,99 +5897,99 @@ CVE-2011-3029
 	RESERVED
 CVE-2011-3028
 	RESERVED
-CVE-2011-3027 (Google Chrome before 17.0.963.56 does not properly perform a cast of ...)
+CVE-2011-3027
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3026 (Integer overflow in libpng, as used in Google Chrome before ...)
+CVE-2011-3026
 	{DSA-2410-1}
 	- libpng 1.2.46-5 (high; bug #660026)
-CVE-2011-3025 (Google Chrome before 17.0.963.56 does not properly parse H.264 data, ...)
+CVE-2011-3025
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3024 (Google Chrome before 17.0.963.56 allows remote attackers to cause a ...)
+CVE-2011-3024
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3023 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 ...)
+CVE-2011-3023
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3022 (translate/translate_manager.cc in Google Chrome before 17.0.963.56 and ...)
+CVE-2011-3022
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3021 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 ...)
+CVE-2011-3021
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3020 (Unspecified vulnerability in the Native Client validator ...)
+CVE-2011-3020
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3019 (Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows ...)
+CVE-2011-3019
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3018 (Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows ...)
+CVE-2011-3018
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3017 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 ...)
+CVE-2011-3017
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3016 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 ...)
+CVE-2011-3016
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3015 (Multiple integer overflows in the PDF codecs in Google Chrome before ...)
+CVE-2011-3015
 	- chromium-browser <not-affected> (PDF functionality not built)
-CVE-2011-3014 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+CVE-2011-3014
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-3013 (WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer ...)
+CVE-2011-3013
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-3012 (The ioQuake3 engine, as used in World of Padman 1.2 and earlier, ...)
+CVE-2011-3012
 	- openarena 0.8.5-5+exp1
 	NOTE: Current openarena packages use the share ioquake3 engine
 	[squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point update)
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle ...)
+CVE-2011-3011
 	NOT-FOR-US: CA ARCserve D2D
-CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki before ...)
+CVE-2011-3010
 	- twiki <removed>
-CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
+CVE-2011-3009
 	- ruby1.8 1.8.7.352-1
 	[squeeze] - ruby1.8 1.8.7.302-2squeeze2
-CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway ...)
+CVE-2011-3008
 	NOT-FOR-US: Avaya Secure Access Link Gateway
-CVE-2011-3007 (The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint ...)
+CVE-2011-3007
 	NOT-FOR-US: McAfee SaaS
-CVE-2011-3006 (The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS ...)
+CVE-2011-3006
 	NOT-FOR-US: McAfee SaaS
-CVE-2011-3005 (Use-after-free vulnerability in Mozilla Firefox 4.x through 6, ...)
+CVE-2011-3005
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3004 (The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey ...)
+CVE-2011-3004
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3003 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote ...)
+CVE-2011-3003
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3002 (Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla ...)
+CVE-2011-3002
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3001 (Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey ...)
+CVE-2011-3001
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3000 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before ...)
+CVE-2011-3000
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -5999,7 +5999,7 @@ CVE-2011-3000 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird befo
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2999 (Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before ...)
+CVE-2011-2999
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -6009,7 +6009,7 @@ CVE-2011-2999 (Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird befo
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2998 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote ...)
+CVE-2011-2998
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -6020,18 +6020,18 @@ CVE-2011-2998 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows r
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: Only affects firefox 3.6 code base, not 4.0 oder later
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2997 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-2997
 	- xulrunner <not-affected> (Only affects Firefox 6)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox 6)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 6)
 	- iceape <not-affected> (Only affects Firefox 6)
-CVE-2011-2996 (Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x ...)
+CVE-2011-2996
 	- icedove <not-affected> (Only affects MacOS)
 	- xulrunner <not-affected> (Only affects MacOS)
 	- iceweasel <not-affected> (Only affects MacOS)
 	- iceape <not-affected> (Only affects MacOS)
-CVE-2011-2995 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-2995
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -6043,65 +6043,65 @@ CVE-2011-2995 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	NOTE: xulrunner in wheezy is not covered by security support
 CVE-2011-2994
 	RESERVED
-CVE-2011-2993 (The implementation of digital signatures for JAR files in Mozilla ...)
+CVE-2011-2993
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2992 (The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, ...)
+CVE-2011-2992
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2991 (The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x ...)
+CVE-2011-2991
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2990 (The implementation of Content Security Policy (CSP) violation reports ...)
+CVE-2011-2990
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2989 (The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x ...)
+CVE-2011-2989
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2988 (Buffer overflow in an unspecified string class in the WebGL shader ...)
+CVE-2011-2988
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2987 (Heap-based buffer overflow in Almost Native Graphics Layer Engine ...)
+CVE-2011-2987
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2986 (Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x ...)
+CVE-2011-2986
 	- xulrunner <not-affected> (Only affects Windows)
 	- iceweasel <not-affected> (Only affects Windows)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2985 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-2985
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2984 (Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before ...)
+CVE-2011-2984
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6112,7 +6112,7 @@ CVE-2011-2984 (Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x bef
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2983 (Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, ...)
+CVE-2011-2983
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6123,7 +6123,7 @@ CVE-2011-2983 (Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2982 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-2982
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6134,7 +6134,7 @@ CVE-2011-2982 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2981 (The event-management implementation in Mozilla Firefox before 3.6.20, ...)
+CVE-2011-2981
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6145,23 +6145,23 @@ CVE-2011-2981 (The event-management implementation in Mozilla Firefox before 3.6
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2980 (Untrusted search path vulnerability in the ThinkPadSensor::Startup ...)
+CVE-2011-2980
 	- icedove <not-affected> (Only affects Windows)
 	- xulrunner <not-affected> (Only affects Windows)
 	- iceweasel <not-affected> (Only affects Windows)
-CVE-2011-2979 (Bugzilla 4.1.x before 4.1.3 generates different responses for certain ...)
+CVE-2011-2979
 	{DSA-2322-1}
 	- bugzilla <not-affected> (Only affects Bugzilla 4.1, never uploaded to the archive)
-CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
+CVE-2011-2978
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x ...)
+CVE-2011-2977
 	- bugzilla <not-affected> (Only affects Bugzilla on Windows)
-CVE-2011-2976 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through ...)
+CVE-2011-2976
 	- bugzilla 3.6.1.0-0.1 (low)
 	NOTE: Fixed in 3.5.1, but 3.6.1 was first fixed upload to archive
-CVE-2011-2975 (Double free vulnerability in the msAddImageSymbol function in ...)
+CVE-2011-2975
 	- mapserver 6.0.1-1
 	[lenny] - mapserver <not-affected> (Vulnerable code not present)
 	[squeeze] - mapserver <not-affected> (Vulnerable code not present)
@@ -6185,79 +6185,79 @@ CVE-2011-2966
 	REJECTED
 CVE-2011-2965
 	REJECTED
-CVE-2011-2964 (foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 ...)
+CVE-2011-2964
 	{DSA-2380-1}
 	- foomatic-filters 4.0.9-1
 	NOTE: There two implementation of the affected filter: the version from foomatic-filters
 	NOTE: 4.0 is written in C and has been assigned CVE-2011-2964 and the version in
 	NOTE: foomatic-filters 3.x is written in Perl and has been assigned CVE-2011-2697
 	NOTE: Fixed in foomatic-filters 4.0.8
-CVE-2011-2963 (TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not ...)
+CVE-2011-2963
 	NOT-FOR-US: Progea Movicon
-CVE-2011-2962 (Multiple stack-based buffer overflows in Invensys Wonderware ...)
+CVE-2011-2962
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2011-2961 (Heap-based buffer overflow in AngelServer.exe 6.0.11.3 in Sunway ...)
+CVE-2011-2961
 	NOT-FOR-US: Sunway pNetPower
-CVE-2011-2960 (Heap-based buffer overflow in httpsvr.exe 6.0.5.3 in Sunway ...)
+CVE-2011-2960
 	NOT-FOR-US: Sunway ForceControl
-CVE-2011-2959 (Stack-based buffer overflow in the Open Database Connectivity (ODBC) ...)
+CVE-2011-2959
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System (IGSS)
-CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava ...)
+CVE-2011-2958
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2011-2957 (Unspecified vulnerability in Rockwell Automation FactoryTalk ...)
+CVE-2011-2957
 	NOT-FOR-US: Rockwell Automation FactoryTalk Diagnostics Viewer
-CVE-2011-2956 (AzeoTech DAQFactory before 5.85 (Build 1842) does not perform ...)
+CVE-2011-2956
 	NOT-FOR-US: AzeoTech DAQFactory
 CVE-2011-XXXX [rtkit: failure to drop supplemental groups]
 	- rtkit 0.10-2
 CVE-2011-XXXX [minissdpd multiple issues]
 	- minissdpd 1.0.20110729-1 (bug #635836)
-CVE-2011-2955 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
+CVE-2011-2955
 	NOT-FOR-US: RealNetworks RealPlayer 11.0
-CVE-2011-2954 (Use-after-free vulnerability in the AutoUpdate feature in RealNetworks ...)
+CVE-2011-2954
 	NOT-FOR-US: RealNetworks RealPlayer 11.0
-CVE-2011-2953 (An unspecified ActiveX control in the browser plugin in RealNetworks ...)
+CVE-2011-2953
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2952 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
+CVE-2011-2952
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2951 (Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and ...)
+CVE-2011-2951
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2950 (Heap-based buffer overflow in qcpfformat.dll in RealNetworks ...)
+CVE-2011-2950
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2949 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2011-2949
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2948 (RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, ...)
+CVE-2011-2948
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2947 (Cross-zone scripting vulnerability in the RealPlayer ActiveX control ...)
+CVE-2011-2947
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2946 (Unspecified vulnerability in an ActiveX control in RealNetworks ...)
+CVE-2011-2946
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2945 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+CVE-2011-2945
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2944 (SQL injection vulnerability in login.php in MegaLab The Uploader ...)
+CVE-2011-2944
 	NOT-FOR-US: MegaLab The Uploader
-CVE-2011-2943 (The irc_msg_who function in msgs.c in the IRC protocol plugin in ...)
+CVE-2011-2943
 	- pidgin 2.10.0-1 (bug #638709)
 	[squeeze] - pidgin <not-affected> (Only affects 2.8 to 2.10)
 	[lenny] - pidgin <not-affected> (Only affects 2.8 to 2.10)
-CVE-2011-2942 (A certain Red Hat patch to the __br_deliver function in ...)
+CVE-2011-2942
 	- linux-2.6 <not-affected> (RHEL-specific backport issue)
-CVE-2011-2941 (Open redirect vulnerability in Red Hat JBoss Enterprise Portal ...)
+CVE-2011-2941
 	NOT-FOR-US: JBoss Enterprise Portal Platform
-CVE-2011-2940 (stunnel 4.40 and 4.41 might allow remote attackers to execute ...)
+CVE-2011-2940
 	- stunnel4 3:4.42-1 (bug #638758)
 	[squeeze] - stunnel4 <not-affected> (Only 4.4x affected)
 	[lenny] - stunnel4 <not-affected> (Only 4.4x affected)
-CVE-2011-2939 (Off-by-one error in the decode_xs function in Unicode/Unicode.xs in ...)
+CVE-2011-2939
 	- perl 5.12.4-4 (low; bug #637376)
 	[squeeze] - perl 5.10.1-17squeeze3
 	[lenny] - perl <no-dsa> (Minor issue)
 	- libencode-perl 2.44-1 (low)
-CVE-2011-2938 (Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php ...)
+CVE-2011-2938
 	- mantis 1.2.6-1 (bug #638321)
 	[squeeze] - mantis <not-affected> (Only affects Mantis 1.1)
 	[lenny] - mantis <not-affected> (Only affects Mantis 1.1)
-CVE-2011-2937 (Cross-site scripting (XSS) vulnerability in the UI messages ...)
+CVE-2011-2937
 	- roundcube 0.5.4+dfsg-1 (low; bug #641996)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
 CVE-2011-2936
@@ -6272,25 +6272,25 @@ CVE-2011-2934
 CVE-2011-2933
 	RESERVED
 	NOT-FOR-US: WebsiteBaker
-CVE-2011-2932 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-2932
 	{DSA-2655-1}
 	- rails 2.3.14
-CVE-2011-2931 (Cross-site scripting (XSS) vulnerability in the strip_tags helper in ...)
+CVE-2011-2931
 	{DSA-2301-1}
 	- rails 2.3.14
-CVE-2011-2930 (Multiple SQL injection vulnerabilities in the quote_table_name method ...)
+CVE-2011-2930
 	{DSA-2301-1}
 	- rails 2.3.14
-CVE-2011-2929 (The template selection functionality in ...)
+CVE-2011-2929
 	- rails <not-affected> (Only affects RoR 3.0 and above)
-CVE-2011-2928 (The befs_follow_link function in fs/befs/linuxvfs.c in the Linux ...)
+CVE-2011-2928
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-2927 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, ...)
+CVE-2011-2927
 	NOT-FOR-US: Red Hat Network Satellite server
 CVE-2011-2926
 	RESERVED
-CVE-2011-2925 (Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 ...)
+CVE-2011-2925
 	NOT-FOR-US: Cumin
 CVE-2011-2924
 	RESERVED
@@ -6306,33 +6306,33 @@ CVE-2011-2922
 CVE-2011-2921
 	RESERVED
 	- ktsuss <removed>
-CVE-2011-2920 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, ...)
+CVE-2011-2920
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-2919 (Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in ...)
+CVE-2011-2919
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-2918 (The Performance Events subsystem in the Linux kernel before 3.1 does ...)
+CVE-2011-2918
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
 	[lenny] - linux-2.6 <not-affected> (perf not yet present)
-CVE-2011-2917 (SQL injection vulnerability in administrator/index2.php in Mambo CMS ...)
+CVE-2011-2917
 	NOT-FOR-US: Mambo
 CVE-2011-2916
 	RESERVED
 	- qtnx <removed> (low; bug #637439)
 	[squeeze] - qtnx <no-dsa> (Minor issue)
-CVE-2011-2915 (Off-by-one error in the CSoundFile::ReadAMS2 function in ...)
+CVE-2011-2915
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2914 (Off-by-one error in the CSoundFile::ReadDSM function in ...)
+CVE-2011-2914
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2913 (Off-by-one error in the CSoundFile::ReadAMS function in ...)
+CVE-2011-2913
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2912 (Stack-based buffer overflow in the CSoundFile::ReadS3M function in ...)
+CVE-2011-2912
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2911 (Integer overflow in the CSoundFile::ReadWav function in ...)
+CVE-2011-2911
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
 CVE-2011-2910
@@ -6340,110 +6340,110 @@ CVE-2011-2910
 	- ax25-tools 0.0.8-13.2 (low; bug #638198)
 	[lenny] - ax25-tools <no-dsa> (Minor issue)
 	[squeeze] - ax25-tools <no-dsa> (Minor issue)
-CVE-2011-2909 (The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c ...)
+CVE-2011-2909
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-2908 (Cross-site request forgery (CSRF) vulnerability in the JMX Console ...)
+CVE-2011-2908
 	NOT-FOR-US: JBoss Enterprise Application Platform
-CVE-2011-2907 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...)
+CVE-2011-2907
 	- torque 2.4.15+dfsg-1
 	[squeeze] - torque <no-dsa> (Not fixable, would need an update to a release with MUNGE support, clusters typically run in locked down environments)
-CVE-2011-2906 (** DISPUTED ** Integer signedness error in the ...)
+CVE-2011-2906
 	NOT-FOR-US: ** REJECT **
-CVE-2011-2905 (Untrusted search path vulnerability in the perf_config function in ...)
+CVE-2011-2905
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
 	[lenny] - linux-2.6 <not-affected> (perf not yet present)
-CVE-2011-2904 (Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix ...)
+CVE-2011-2904
 	- zabbix 1:1.8.6-1
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-2903 (Heap-based buffer overflow in tcptrack before 1.4.2 might allow ...)
+CVE-2011-2903
 	- tcptrack 1.4.2-1 (unimportant; bug #551092)
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=377917
-CVE-2011-2902 (zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and ...)
+CVE-2011-2902
 	- xpdf 3.02-19 (low; bug #635849)
 	[lenny] - xpdf <no-dsa> (zxpdf script is indeed affected, but it's not associated with pdf handling by default, so not a concern for remote abuse)
 	[squeeze] - xpdf 3.02-12+squeeze1
-CVE-2011-2901 (Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows ...)
+CVE-2011-2901
 	- xen <not-affected> (Only affects Xen <= 3.3)
 	- xen-3 <removed>
-CVE-2011-2900 (Stack-based buffer overflow in the (1) put_dir function in mongoose.c ...)
+CVE-2011-2900
 	NOT-FOR-US: Mongoose
-CVE-2011-2899 (pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in ...)
+CVE-2011-2899
 	- foomatic-gui 0.7.9.5 (low)
 	- system-config-printer <not-affected> (Vulnerable code not present; bug #639243)
 	[squeeze] - system-config-printer <not-affected> (Vulnerable code not present)
 	[lenny] - system-config-printer <no-dsa> (Minor issue)
-CVE-2011-2898 (net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not ...)
+CVE-2011-2898
 	{DSA-2389-1}
 	- linux-2.6 3.0.0-1
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.27)
 CVE-2011-2897
 	RESERVED
 	- gdk-pixbuf <not-affected> (This only applies to the old standalone copy shipped until Lenny)
-CVE-2011-2896 (The LZW decompressor in the LWZReadByte function in giftoppm.c in the ...)
+CVE-2011-2896
 	{DSA-2426-1 DSA-2354-1}
 	- cups 1.5.0-8
 	- gimp 2.6.11-5 (bug #643753)
-CVE-2011-2895 (The LZW decompressor in (1) the BufCompressedFill function in ...)
+CVE-2011-2895
 	{DSA-2293-1}
 	- libxfont 1:1.4.4-1
-CVE-2011-2894 (Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through ...)
+CVE-2011-2894
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
 	[squeeze] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2011-2893 (The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows ...)
+CVE-2011-2893
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2892 (Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a ...)
+CVE-2011-2892
 	NOT-FOR-US: Joomla!
-CVE-2011-2891 (Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-2891
 	NOT-FOR-US: Joomla!
-CVE-2011-2890 (The MediaViewMedia class in ...)
+CVE-2011-2890
 	NOT-FOR-US: Joomla!
-CVE-2011-2889 (templates/system/error.php in Joomla! before 1.5.23 might allow remote ...)
+CVE-2011-2889
 	NOT-FOR-US: Joomla!
-CVE-2011-2888 (IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a ...)
+CVE-2011-2888
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2887 (IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to ...)
+CVE-2011-2887
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2886 (IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a ...)
+CVE-2011-2886
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2885 (IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a ...)
+CVE-2011-2885
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2884 (Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before ...)
+CVE-2011-2884
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2883 (The NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access ...)
+CVE-2011-2883
 	NOT-FOR-US: Citrix Access Gateway
-CVE-2011-2882 (Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control ...)
+CVE-2011-2882
 	NOT-FOR-US: Citrix Access Gateway
-CVE-2011-2881 (Google Chrome before 14.0.835.202 does not properly handle Google V8 ...)
+CVE-2011-2881
 	- chromium-browser <not-affected> (chromium uses libv8 system copy)
 	- libv8 3.8.9.20-1 (bug #687574)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=97784
 	NOTE: access restricted to chrome/libv8 bug log, so uncheckable
-CVE-2011-2880 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 ...)
+CVE-2011-2880
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/95667
 	NOTE: http://trac.webkit.org/changeset/95689
 	NOTE: http://trac.webkit.org/changeset/95728
-CVE-2011-2879 (Google Chrome before 14.0.835.202 does not properly consider object ...)
+CVE-2011-2879
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/94984
-CVE-2011-2878 (Google Chrome before 14.0.835.202 does not properly restrict access to ...)
+CVE-2011-2878
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/95488
-CVE-2011-2877 (Google Chrome before 14.0.835.202 does not properly handle SVG text, ...)
+CVE-2011-2877
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/94508
-CVE-2011-2876 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 ...)
+CVE-2011-2876
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/95600
-CVE-2011-2875 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
+CVE-2011-2875
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (libv8 issue)
@@ -6451,529 +6451,529 @@ CVE-2011-2875 (Google V8, as used in Google Chrome before 14.0.835.163, does not
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=95920
 	NOTE: access restricted to chrome/libv8 bug log, so uncheckable
-CVE-2011-2874 (Google Chrome before 14.0.835.163 does not perform an expected pin ...)
+CVE-2011-2874
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2873 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2873
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2872 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2872
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2871 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2871
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2870 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2870
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2869 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2869
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2868 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2868
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2867 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2867
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2866 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
+CVE-2011-2866
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
 CVE-2011-2865
 	RESERVED
-CVE-2011-2864 (Google Chrome before 14.0.835.163 does not properly handle Tibetan ...)
+CVE-2011-2864
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-2863
 	RESERVED
-CVE-2011-2862 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
+CVE-2011-2862
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2861 (Google Chrome before 14.0.835.163 does not properly handle strings in ...)
+CVE-2011-2861
 	- chromium-browser <not-affected> (pdf plugin)
-CVE-2011-2860 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+CVE-2011-2860
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/93794
-CVE-2011-2859 (Google Chrome before 14.0.835.163 uses incorrect permissions for ...)
+CVE-2011-2859
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2858 (Google Chrome before 14.0.835.163 does not properly handle triangle ...)
+CVE-2011-2858
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2857 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+CVE-2011-2857
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/93514
-CVE-2011-2856 (Google V8, as used in Google Chrome before 14.0.835.163, allows remote ...)
+CVE-2011-2856
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected> (uses libv8 system copy)
 	- webkit <not-affected>
 	- libv8 3.4.14.21-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2855 (Google Chrome before 14.0.835.163 does not properly handle Cascading ...)
+CVE-2011-2855
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/93227
-CVE-2011-2854 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+CVE-2011-2854
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/94109
 	NOTE: http://trac.webkit.org/changeset/94543
-CVE-2011-2853 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+CVE-2011-2853
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2852 (Off-by-one error in Google V8, as used in Google Chrome before ...)
+CVE-2011-2852
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected> (uses libv8 system copy)
 	- webkit <not-affected>
 	- libv8 3.4.14.21-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2851 (Google Chrome before 14.0.835.163 does not properly handle video, ...)
+CVE-2011-2851
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2850 (Google Chrome before 14.0.835.163 does not properly handle Khmer ...)
+CVE-2011-2850
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2849 (The WebSockets implementation in Google Chrome before 14.0.835.163 ...)
+CVE-2011-2849
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2848 (Google Chrome before 14.0.835.163 allows user-assisted remote ...)
+CVE-2011-2848
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2847 (Use-after-free vulnerability in the document loader in Google Chrome ...)
+CVE-2011-2847
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/93521
-CVE-2011-2846 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+CVE-2011-2846
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-2845 (Google Chrome before 15.0.874.102 does not properly handle history ...)
+CVE-2011-2845
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-2844 (Google Chrome before 14.0.835.163 does not properly process MP3 files, ...)
+CVE-2011-2844
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2011-2843 (Google Chrome before 14.0.835.163 does not properly handle media ...)
+CVE-2011-2843
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2842 (The installer in Google Chrome before 14.0.835.163 on Mac OS X does ...)
+CVE-2011-2842
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2011-2841 (Google Chrome before 14.0.835.163 does not properly perform garbage ...)
+CVE-2011-2841
 	- chromium-browser <not-affected> (pdf plugin)
 	- webkit <not-affected>
-CVE-2011-2840 (Google Chrome before 14.0.835.163 allows user-assisted remote ...)
+CVE-2011-2840
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/90164
-CVE-2011-2839 (The PDF implementation in Google Chrome before 13.0.782.215 on Linux ...)
+CVE-2011-2839
 	- chromium-browser <not-affected> (Pdf plugin)
-CVE-2011-2838 (Google Chrome before 14.0.835.163 does not properly consider the MIME ...)
+CVE-2011-2838
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2837 (Google Chrome before 14.0.835.163 on Linux does not use the PIC and ...)
+CVE-2011-2837
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2836 (Google Chrome before 14.0.835.163 does not require Infobar interaction ...)
+CVE-2011-2836
 	- chromium-browser 14.0.835.163~r101024-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2835 (Race condition in Google Chrome before 14.0.835.163 allows attackers ...)
+CVE-2011-2835
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before ...)
+CVE-2011-2834
 	{DSA-2394-1}
 	- libxml2 2.7.8.dfsg-5 (low; bug #643648)
-CVE-2011-2833 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2011-2833
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2832
 	RESERVED
-CVE-2011-2831 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2831
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2830 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
+CVE-2011-2830
 	NOTE: CVE description is wrong, see #656057
-CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit ...)
+CVE-2011-2829
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/92413
-CVE-2011-2828 (Google V8, as used in Google Chrome before 13.0.782.215, allows remote ...)
+CVE-2011-2828
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-2827 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
+CVE-2011-2827
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91908
-CVE-2011-2826 (Google Chrome before 13.0.782.215 allows remote attackers to bypass ...)
+CVE-2011-2826
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91957
-CVE-2011-2825 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
+CVE-2011-2825
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/r91738
 	NOTE: http://trac.webkit.org/r91739
 	NOTE: http://trac.webkit.org/changeset/92744
-CVE-2011-2824 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
+CVE-2011-2824
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/92630
-CVE-2011-2823 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
+CVE-2011-2823
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-2822 (Google Chrome before 13.0.782.215 on Windows does not properly parse ...)
+CVE-2011-2822
 	- chromium-browser <not-affected> (windows only)
 	- webkit <not-affected>
-CVE-2011-2821 (Double free vulnerability in libxml2, as used in Google Chrome before ...)
+CVE-2011-2821
 	{DSA-2394-1}
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 	- libxml2 2.7.8.dfsg-5 (low; bug #643648)
 	[squeeze] - libxml2 <no-dsa> (denial-of-service only issue)
-CVE-2011-2820 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2820
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2819 (Google Chrome before 13.0.782.107 allows remote attackers to bypass ...)
+CVE-2011-2819
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91611
-CVE-2011-2818 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2818
 	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	NOTE: http://trac.webkit.org/changeset/91386
-CVE-2011-2817 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2817
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2816 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2816
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2815 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2815
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2814 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2814
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2813 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2813
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2812
 	RESERVED
-CVE-2011-2811 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2811
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2810
 	REJECTED
-CVE-2011-2809 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2809
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2808
 	RESERVED
 CVE-2011-2807
 	RESERVED
-CVE-2011-2806 (Google Chrome before 13.0.782.215 on Windows does not properly handle ...)
+CVE-2011-2806
 	- chromium-browser <not-affected> (It's in Windows-specific code)
-CVE-2011-2805 (Google Chrome before 13.0.782.107 allows remote attackers to bypass ...)
+CVE-2011-2805
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91152
-CVE-2011-2804 (Google Chrome before 13.0.782.107 does not properly handle nested ...)
+CVE-2011-2804
 	- chromium-browser <not-affected> (pdf plugin)
-CVE-2011-2803 (Google Chrome before 13.0.782.107 does not properly handle Skia paths, ...)
+CVE-2011-2803
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (skia code)
-CVE-2011-2802 (Google V8, as used in Google Chrome before 13.0.782.107, does not ...)
+CVE-2011-2802
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected>
 	- libv8 3.4
 	[squeeze] - libv8 <not-affected>
 	NOTE: Bug was introduced in http://code.google.com/p/v8/source/detail?r=8224
-CVE-2011-2801 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2801
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/90936
-CVE-2011-2800 (Google Chrome before 13.0.782.107 allows remote attackers to obtain ...)
+CVE-2011-2800
 	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/91044
 	NOTE: http://developer.apple.com/library/safari/#documentation/Tools/Conceptual/SafariExtensionGuide/MessagesandProxies/MessagesandProxies.html#//apple_ref/doc/uid/TP40009977-CH14-SW9
-CVE-2011-2799 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2799
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/90130
-CVE-2011-2798 (Google Chrome before 13.0.782.107 does not properly restrict access to ...)
+CVE-2011-2798
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2797 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2797
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/90595
-CVE-2011-2796 (Use-after-free vulnerability in Skia, as used in Google Chrome before ...)
+CVE-2011-2796
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (skia code)
-CVE-2011-2795 (Google Chrome before 13.0.782.107 does not prevent calls to functions ...)
+CVE-2011-2795
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/89782
-CVE-2011-2794 (Google Chrome before 13.0.782.107 does not properly perform text ...)
+CVE-2011-2794
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89831
-CVE-2011-2793 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2793
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89595
-CVE-2011-2792 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2792
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89836
-CVE-2011-2791 (The International Components for Unicode (ICU) functionality in Google ...)
+CVE-2011-2791
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (icu issue)
 	NOTE: ICU bug only in debug build
-CVE-2011-2790 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2790
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89165
-CVE-2011-2789 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2789
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2788 (Buffer overflow in the inspector serialization functionality in Google ...)
+CVE-2011-2788
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88444
-CVE-2011-2787 (Google Chrome before 13.0.782.107 does not properly address ...)
+CVE-2011-2787
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2786 (Google Chrome before 13.0.782.107 does not ensure that the ...)
+CVE-2011-2786
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2785 (The extensions implementation in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2785
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2784 (Google Chrome before 13.0.782.107 allows remote attackers to obtain ...)
+CVE-2011-2784
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in angleproject)
-CVE-2011-2783 (Google Chrome before 13.0.782.107 does not ensure that developer-mode ...)
+CVE-2011-2783
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2782 (The drag-and-drop implementation in Google Chrome before 13.0.782.107 ...)
+CVE-2011-2782
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-2781
 	RESERVED
-CVE-2011-2780 (Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 ...)
+CVE-2011-2780
 	NOT-FOR-US: Chyrp
-CVE-2011-2779 (Windows Event Log SmartConnector in HP ArcSight Connector Appliance ...)
+CVE-2011-2779
 	NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2011-2778 (Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow ...)
+CVE-2011-2778
 	{DSA-2363-1}
 	- tor 0.2.2.35-1
-CVE-2011-2777 (samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier ...)
+CVE-2011-2777
 	- acpid 1:2.0.14-1
 	[lenny] - acpid <not-affected> (Vulnerable code not present)
 	[squeeze] - acpid 1:2.0.7-1squeeze3
-CVE-2011-2776 (Buffer overflow in the Error function in super.c in Super 3.30.0 might ...)
+CVE-2011-2776
 	{DSA-2383-1}
 	- super 3.30.0-6
 CVE-2011-2775
 	RESERVED
-CVE-2011-2774 (The &quot;Reply to message&quot; feature in Mahara 1.3.x and 1.4.x before 1.4.1 ...)
+CVE-2011-2774
 	- mahara 1.4.1-1
 	[squeeze] - mahara <not-affected> (Vulnerable code not present)
 	[lenny] - mahara <not-affected> (Vulnerable code not present)
-CVE-2011-4118 (Mahara before 1.4.1, when MNet (aka the Moodle network feature) is ...)
+CVE-2011-4118
 	{DSA-2334-1}
 	- mahara 1.4.1-1
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=4138
-CVE-2011-2773 (Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 ...)
+CVE-2011-2773
 	{DSA-2334-1}
 	- mahara 1.4.1-1
-CVE-2011-2772 (The get_dataroot_image_path function in lib/file.php in Mahara before ...)
+CVE-2011-2772
 	{DSA-2334-1}
 	- mahara 1.4.1-1
-CVE-2011-2771 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara before ...)
+CVE-2011-2771
 	{DSA-2334-1}
 	- mahara 1.4.1-1
-CVE-2011-2770 (Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html ...)
+CVE-2011-2770
 	{DSA-2335-1}
 	- man2html 1.6g-6
-CVE-2011-2769 (Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE ...)
+CVE-2011-2769
 	{DSA-2331-1}
 	- tor 0.2.2.34-1
-CVE-2011-2768 (Tor before 0.2.2.34, when configured as a client or bridge, sends a ...)
+CVE-2011-2768
 	{DSA-2331-1}
 	- tor 0.2.2.34-1
-CVE-2011-2767 (mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl ...)
+CVE-2011-2767
 	{DLA-1507-1}
 	- libapache2-mod-perl2 2.0.10-3 (bug #644169)
 	[stretch] - libapache2-mod-perl2 2.0.10-2+deb9u1
 	NOTE: https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=126984
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1623265#c3
-CVE-2011-2766 (The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by ...)
+CVE-2011-2766
 	{DSA-2327-1}
 	- libfcgi-perl 0.73-2 (bug #607479)
 	[lenny] - libfcgi-perl <not-affected> (Introduced in 0.70)
-CVE-2011-2765 (pyro before 3.15 unsafely handles pid files in temporary directory ...)
+CVE-2011-2765
 	- pyro 1:3.14-1 (low; bug #631912)
 	[lenny] - pyro <no-dsa> (Minor issue)
 	[squeeze] - pyro <no-dsa> (Minor issue)
 	NOTE: https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e
-CVE-2011-2764 (The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ...)
+CVE-2011-2764
 	- openarena 0.8.5-5+exp1
 	NOTE: Current openarena packages use the share ioquake3 engine
 	[squeeze] - openarena 0.8.5-5+squeeze1
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2011-2763 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and ...)
+CVE-2011-2763
 	NOT-FOR-US: LifeSize Room appliance
-CVE-2011-2762 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) ...)
+CVE-2011-2762
 	NOT-FOR-US: LifeSize Room appliance
-CVE-2011-2761 (Google Chrome 14.0.794.0 does not properly handle a reload of a page ...)
+CVE-2011-2761
 	- chromium-browser 14.0.835.157~r99685-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium issue)
-CVE-2011-2760 (Brocade BigIron RX switches allow remote attackers to bypass ACL rules ...)
+CVE-2011-2760
 	NOT-FOR-US: Brocade BigIron RX
-CVE-2011-2759 (The login page of IDSWebApp in the Web Administration Tool in IBM ...)
+CVE-2011-2759
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2011-2758 (IDSWebApp in the Web Administration Tool in IBM Tivoli Directory ...)
+CVE-2011-2758
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2011-2757 (Directory traversal vulnerability in FileDownload.jsp in ManageEngine ...)
+CVE-2011-2757
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-2756 (FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build ...)
+CVE-2011-2756
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-2755 (Directory traversal vulnerability in FileDownload.jsp in ManageEngine ...)
+CVE-2011-2755
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-2754 (Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page ...)
+CVE-2011-2754
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2753 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2011-2753
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1 (low)
 	NOTE: difficult to exploit
-CVE-2011-2752 (CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows ...)
+CVE-2011-2752
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1 (low)
 	NOTE: difficult to exploit
-CVE-2011-2751 (SQL injection vulnerability in Parodia before 6.809 allows remote ...)
+CVE-2011-2751
 	NOT-FOR-US: Parodia
-CVE-2011-2750 (NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote ...)
+CVE-2011-2750
 	NOT-FOR-US: Novell File Reporter
-CVE-2011-2749 (The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before ...)
+CVE-2011-2749
 	{DSA-2292-1}
 	- isc-dhcp 4.2.2-1 (bug #638404)
 	- dhcp3 <removed>
-CVE-2011-2748 (The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before ...)
+CVE-2011-2748
 	{DSA-2292-1}
 	- isc-dhcp 4.2.2-1 (bug #638404)
 	- dhcp3 <removed>
-CVE-2011-2747 (Google Picasa before 3.6 Build 105.67 does not properly handle invalid ...)
+CVE-2011-2747
 	NOT-FOR-US: Google Picasa
-CVE-2011-2746 (Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in ...)
+CVE-2011-2746
 	- otrs2 2.4.7-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2011-2745 (upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier ...)
+CVE-2011-2745
 	NOT-FOR-US: Chyrp
-CVE-2011-2744 (Directory traversal vulnerability in Chyrp 2.1 and earlier allows ...)
+CVE-2011-2744
 	NOT-FOR-US: Chyrp
-CVE-2011-2743 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and ...)
+CVE-2011-2743
 	NOT-FOR-US: Chyrp
-CVE-2011-2742 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
+CVE-2011-2742
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2741 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
+CVE-2011-2741
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2740 (EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when ...)
+CVE-2011-2740
 	NOT-FOR-US: EMC RSA Key Manager
-CVE-2011-2739 (The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x ...)
+CVE-2011-2739
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2011-2738 (Multiple unspecified vulnerabilities in Cisco Unified Service Monitor ...)
+CVE-2011-2738
 	NOT-FOR-US: Cisco Unified Service Monitor, CiscoWorks LAN Management Solution
-CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to ...)
+CVE-2011-2737
 	NOT-FOR-US: RSA enVision
-CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative ...)
+CVE-2011-2736
 	NOT-FOR-US: RSA enVision
-CVE-2011-2735 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before ...)
+CVE-2011-2735
 	NOT-FOR-US: EMC AutoStart
 CVE-2011-2734
 	REJECTED
-CVE-2011-2733 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
+CVE-2011-2733
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2732 (CRLF injection vulnerability in the logout functionality in VMware ...)
+CVE-2011-2732
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
 	[squeeze] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2011-2731 (Race condition in the RunAsManager mechanism in VMware SpringSource ...)
+CVE-2011-2731
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
 	[squeeze] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2011-2730 (VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, ...)
+CVE-2011-2730
 	{DSA-2504-1}
 	- libspring-2.5-java <unfixed> (bug #677814)
-CVE-2011-2729 (native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 ...)
+CVE-2011-2729
 	- commons-daemon 1.0.7-1
 	[squeeze] - commons-daemon <not-affected> (Support for libcap was only added in 1.0.6)
 	NOTE: According to http://tomcat.apache.org/security-7.html jsvc needs to be build againt libcap to be exploitable
-CVE-2011-2728 (The bsd_glob function in the File::Glob module for Perl before 5.14.2 ...)
+CVE-2011-2728
 	- perl 5.14.2-1 (unimportant)
 	NOTE: requires the attacker to manipulate glob flags
-CVE-2011-2727 (The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and ...)
+CVE-2011-2727
 	NOT-FOR-US: Tribiq CMS
 CVE-2011-2726 [SA-CORE-2011-003]
 	RESERVED
 	- drupal7 7.6-1
-CVE-2011-2725 (Directory traversal vulnerability in Ark 4.7.x and earlier allows ...)
+CVE-2011-2725
 	- kdeutils 4:4.6.5-4 (low; bug #635541)
 	[lenny] - kdeutils <no-dsa> (Minor issue)
 	[squeeze] - kdeutils 4:4.4.5-1+squeeze1
-CVE-2011-2724 (The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs ...)
+CVE-2011-2724
 	- samba 2:3.4.7~dfsg-2 (low)
 	- cifs-utils 2:5.1-1 (low)
 	[squeeze] - cifs-utils 2:4.5-2+squeeze1
 	NOTE: cifs-utils was split off from the samba source package with 2:3.4.7~dfsg-2, so marking it as fixed
 	NOTE: http://web.archive.org/web/20111209193822/http://git.samba.org/?p=cifs-utils.git;a=commit;h=1e7a32924b22d1f786b6f490ce8590656f578f91
-CVE-2011-2723 (The skb_gro_header_slow function in include/linux/netdevice.h in the ...)
+CVE-2011-2723
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-2722 (The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP ...)
+CVE-2011-2722
 	- hplip 3.11.10-1 (bug #635549; low)
 	[squeeze] - hplip 3.10.6-2+squeeze0
 	[lenny] - hplip <not-affected> (Vulnerable code not present)
-CVE-2011-2721 (Off-by-one error in the cli_hm_scan function in matcher-hash.c in ...)
+CVE-2011-2721
 	- clamav 0.97.2+dfsg-1 (bug #635599)
 	[squeeze] - clamav 0.97.2+dfsg-1~squeeze1
-CVE-2011-2720 (The autocompletion functionality in GLPI before 0.80.2 does not ...)
+CVE-2011-2720
 	- glpi 0.80.2-1 (bug #635544; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2011-2719 (libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before ...)
+CVE-2011-2719
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.2-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2718 (Multiple directory traversal vulnerabilities in the relational schema ...)
+CVE-2011-2718
 	- phpmyadmin 4:3.4.3.2-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-2717
 	RESERVED
 	NOT-FOR-US: udhcp6c
-CVE-2011-2716 (The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP ...)
+CVE-2011-2716
 	- busybox 1:1.20.0-3 (unimportant; bug #635548)
 	NOTE: the default action script of busybox is not vulnerable to this attack
 	NOTE: fixed in 1.20 (experimental). default script in udeb may be vulnerable.
@@ -6983,58 +6983,58 @@ CVE-2011-2715
 CVE-2011-2714
 	RESERVED
 	NOT-FOR-US: Drupal data module
-CVE-2011-2713 (oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows ...)
+CVE-2011-2713
 	{DSA-2315-1}
 	- libreoffice 1:3.4.3-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
-CVE-2011-2712 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
+CVE-2011-2712
 	NOT-FOR-US: Apache Wicket
-CVE-2011-2711 (Cross-site scripting (XSS) vulnerability in the print_fileinfo ...)
+CVE-2011-2711
 	NOT-FOR-US: cgit
-CVE-2011-2710 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2011-2710
 	NOT-FOR-US: Joomla!
-CVE-2011-2709 (libgssapi and libgssglue before 0.4 do not properly check privileges, ...)
+CVE-2011-2709
 	- libgssglue 0.4-1 (low; bug #670256)
 	[squeeze] - libgssglue <no-dsa> (Minor issue in Squeeze)
 	NOTE: Our mount.nfs does not link against libgssglue,
 	NOTE: so we do not appear to be affected directly.
 CVE-2011-2708
 	REJECTED
-CVE-2011-2707 (The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the ...)
+CVE-2011-2707
 	- linux-2.6 <not-affected> (xtensa arch not used in Debian)
 CVE-2011-2706
 	RESERVED
 	NOT-FOR-US: sNews
-CVE-2011-2705 (The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby ...)
+CVE-2011-2705
 	{DLA-235-1 DLA-88-1}
 	- ruby1.8 1.8.7.352-1 (low; bug #635878)
 	- ruby1.9.1 1.9.3~preview1-1 (low)
-CVE-2011-2704 (Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before ...)
+CVE-2011-2704
 	{DSA-2285-1}
 	- mapserver 6.0.1-1
-CVE-2011-2703 (Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x ...)
+CVE-2011-2703
 	{DSA-2285-1}
 	- mapserver 6.0.1-1
-CVE-2011-2702 (Integer signedness error in Glibc before 2.13 and eglibc before 2.13, ...)
+CVE-2011-2702
 	- eglibc 2.13-10
 	[squeeze] - eglibc <not-affected> (ssse3 optimizations not included in squeeze version)
 	- glibc <not-affected> (ssse3 optimizations not included)
 	NOTE: http://web.archive.org/web/20110824011938/http://www.nodefense.org:80/eglibc.txt
 	NOTE: fixed well before 2.13-10, but that is the present testing version that was available to check
-CVE-2011-2701 (The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when ...)
+CVE-2011-2701
 	- freeradius <not-affected> (Introduced in 2.1.11, even sid ships 2.1.10+dfsg-3+b2)
-CVE-2011-2700 (Multiple buffer overflows in the si4713_write_econtrol_string function ...)
+CVE-2011-2700
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-1
 	[lenny] - linux-2.6 <not-affected> (Driver introduced in 2.6.32)
-CVE-2011-2699 (The IPv6 implementation in the Linux kernel before 3.1 does not ...)
+CVE-2011-2699
 	- linux-2.6 3.0.0-2
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-2698 (Off-by-one error in the elem_cell_id_aux function in ...)
+CVE-2011-2698
 	- wireshark 1.6.1-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
-CVE-2011-2697 (foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 ...)
+CVE-2011-2697
 	{DSA-2380-1}
 	- hplip 3.10.6-2 (bug #635549; medium)
 	NOTE: hplip might have been fixed earlier than stable, current versions use foomatic-rip
@@ -7045,77 +7045,77 @@ CVE-2011-2697 (foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.
 	NOTE: foomatic-filters 3.x is written in Perl and has been assigned CVE-2011-2697
 	NOTE: hplip includes local copy of the Perl version. It needs to be checked, whether
 	NOTE: it's modified somehow
-CVE-2011-2696 (Integer overflow in libsndfile before 1.0.25 allows remote attackers ...)
+CVE-2011-2696
 	{DSA-2288-1}
 	- libsndfile 1.0.25-1
-CVE-2011-2695 (Multiple off-by-one errors in the ext4 subsystem in the Linux kernel ...)
+CVE-2011-2695
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2011-2694 (Cross-site scripting (XSS) vulnerability in the chg_passwd function in ...)
+CVE-2011-2694
 	{DSA-2290-1}
 	- samba 2:3.5.10~dfsg-1 (low)
-CVE-2011-2693 (The perf subsystem in the kernel package 2.6.32-122.el6.x86_64 in Red ...)
+CVE-2011-2693
 	NOTE: Duplicate of CVE-2011-2521
-CVE-2011-2692 (The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before ...)
+CVE-2011-2692
 	{DSA-2287-1}
 	- libpng 1.2.46-1 (low; bug #633871)
-CVE-2011-2691 (The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, ...)
+CVE-2011-2691
 	{DSA-2287-1}
 	- libpng 1.2.46-1 (low; bug #633871)
-CVE-2011-2690 (Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, ...)
+CVE-2011-2690
 	{DSA-2287-1}
 	- libpng 1.2.46-1 (high; bug #633871)
-CVE-2011-2689 (The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel ...)
+CVE-2011-2689
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 <not-affected> (gfs didn't have fallocate support until 2.6.37)
 	[lenny] - linux-2.6 <not-affected> (gfs didn't have fallocate support until 2.6.37)
-CVE-2011-2688 (SQL injection vulnerability in mysql/mysql-auth.pl in the ...)
+CVE-2011-2688
 	{DSA-2279-1}
 	- libapache2-mod-authnz-external 3.2.4-2.1 (medium; bug #633637)
-CVE-2011-2687 (Drupal 7.x before 7.3 allows remote attackers to bypass intended ...)
+CVE-2011-2687
 	NOTE: http://drupal.org/node/1168756
 	- drupal7 7.2-1 (bug #633385)
 	- drupal6 6.22-1
 	[squeeze] - drupal6 6.18-1squeeze1
-CVE-2011-2686 (Ruby before 1.8.7-p352 does not reset the random seed upon forking, ...)
+CVE-2011-2686
 	{DLA-88-1}
 	- ruby1.8 1.8.7.352-1 (low; bug #635878)
-CVE-2011-2685 (Stack-based buffer overflow in the Lotus Word Pro import filter in ...)
+CVE-2011-2685
 	{DSA-2275-1}
 	- libreoffice 1:3.3.3-1
 	- openoffice.org 1:3.3.0-1
 	[lenny] - openoffice.org <not-affected> (Vulnerable code not present)
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
-CVE-2011-2684 (foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, ...)
+CVE-2011-2684
 	- foo2zjs 20110722dfsg-1 (low; bug #633870)
 	[lenny] - foo2zjs <no-dsa> (Minor issue)
 	[squeeze] - foo2zjs 20090908dfsg-5.1+squeeze0
-CVE-2011-2683 (reseed seeds random numbers from an insecure HTTP request to ...)
+CVE-2011-2683
 	- reseed <removed>
 	[lenny] - reseed <no-dsa> (Minor issue)
-CVE-2011-2682 (The Login component in IBM Rational DOORS Web Access 1.4.x before ...)
+CVE-2011-2682
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2681 (IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly ...)
+CVE-2011-2681
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2680 (Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x ...)
+CVE-2011-2680
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2679 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Web ...)
+CVE-2011-2679
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2678 (The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows ...)
+CVE-2011-2678
 	NOT-FOR-US: Cisco VPN Client
-CVE-2011-2677 (Cybozu Office before 8.0.0 allows remote authenticated users to bypass ...)
+CVE-2011-2677
 	NOT-FOR-US: Cybozu Office
-CVE-2011-2676 (The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and ...)
+CVE-2011-2676
 	NOT-FOR-US: A-Form
-CVE-2011-2675 (Cross-site scripting (XSS) vulnerability in Enkai-kun before 110916 ...)
+CVE-2011-2675
 	NOT-FOR-US: Enkai-kun
-CVE-2011-2674 (BaserCMS before 1.6.12 does not properly restrict additions to the ...)
+CVE-2011-2674
 	NOT-FOR-US: BaserCMS
-CVE-2011-2673 (Cross-site scripting (XSS) vulnerability in BaserCMS before 1.6.13.2 ...)
+CVE-2011-2673
 	NOT-FOR-US: BaserCMS
-CVE-2011-2672 (Cross-site scripting (XSS) vulnerability in SemanticScuttle before ...)
+CVE-2011-2672
 	NOT-FOR-US: SemanticScuttle
-CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th ...)
+CVE-2011-2671
 	NOT-FOR-US: Megalith
 CVE-2011-2670
 	RESERVED
@@ -7123,142 +7123,142 @@ CVE-2011-2669
 	RESERVED
 CVE-2011-2668
 	RESERVED
-CVE-2011-2667 (Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway ...)
+CVE-2011-2667
 	NOT-FOR-US: CA Gateway Security for HTTP
-CVE-2011-2666 (The default configuration of the SIP channel driver in Asterisk Open ...)
+CVE-2011-2666
 	- asterisk 1:1.8.3.3-1
 	[squeeze] - asterisk <no-dsa> (minor issue; can be addressed through configuration)
-CVE-2011-2665 (reqresp_parser.c in the SIP channel driver in Asterisk Open Source ...)
+CVE-2011-2665
 	- asterisk 1:1.8.4.3-1 (bug #631445)
 	[squeeze] - asterisk <not-affected>
 	[lenny] - asterisk <not-affected>
-CVE-2011-2664 (Unspecified vulnerability in Check Point Multi-Domain Management / ...)
+CVE-2011-2664
 	NOT-FOR-US: Check Point Multi-Domain Management
-CVE-2011-2663 (Array index error in GroupWise Internet Agent (GWIA) in Novell ...)
+CVE-2011-2663
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2662 (Integer signedness error in GroupWise Internet Agent (GWIA) in Novell ...)
+CVE-2011-2662
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2661 (Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in ...)
+CVE-2011-2661
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2660 (The modify_resolvconf_suse script in the vpnc package before ...)
+CVE-2011-2660
 	- vpnc <not-affected>
 	NOTE: This only affects the SUSE packaging.
 CVE-2011-2659
 	RESERVED
-CVE-2011-2658 (The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks ...)
+CVE-2011-2658
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-2657 (Directory traversal vulnerability in the LaunchProcess function in the ...)
+CVE-2011-2657
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-2656 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld ...)
+CVE-2011-2656
 	NOT-FOR-US: Novell ZENworks
-CVE-2011-2655 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld ...)
+CVE-2011-2655
 	NOT-FOR-US: Novell ZENworks
-CVE-2011-2654 (The RPC implementation in the server in Novell Cloud Manager 1.1.2 ...)
+CVE-2011-2654
 	NOT-FOR-US: Novell Cloud Manager
-CVE-2011-2653 (Directory traversal vulnerability in the rtrlet component in Novell ...)
+CVE-2011-2653
 	NOT-FOR-US: Novell ZENworks
-CVE-2011-2652 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as ...)
+CVE-2011-2652
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2651 (Unspecified vulnerability in the file browser in Kiwi before 3.74.2, ...)
+CVE-2011-2651
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2650 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as ...)
+CVE-2011-2650
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2649 (Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows ...)
+CVE-2011-2649
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2648 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE ...)
+CVE-2011-2648
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2647 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE ...)
+CVE-2011-2647
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2646 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE ...)
+CVE-2011-2646
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2645 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE ...)
+CVE-2011-2645
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2644 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as ...)
+CVE-2011-2644
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2643 (Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x ...)
+CVE-2011-2643
 	- phpmyadmin 4:3.4.3.2-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2642 (Multiple cross-site scripting (XSS) vulnerabilities in the table Print ...)
+CVE-2011-2642
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.2-1
 CVE-2011-XXXX [stardict: minor information disclosure]
 	- stardict 3.0.1-5 (low; bug #632260)
 	[squeeze] - stardict <no-dsa> (minor information disclosure)
 	[lenny] - stardict <no-dsa> (minor information disclosure)
-CVE-2011-2641 (Opera 11.11 allows remote attackers to cause a denial of service ...)
+CVE-2011-2641
 	NOT-FOR-US: Opera
-CVE-2011-2640 (Opera before 11.10 allows remote attackers to cause a denial of ...)
+CVE-2011-2640
 	NOT-FOR-US: Opera
-CVE-2011-2639 (Opera before 11.10 does not properly handle hidden animated GIF ...)
+CVE-2011-2639
 	NOT-FOR-US: Opera
-CVE-2011-2638 (Unspecified vulnerability in Opera before 11.10 allows remote ...)
+CVE-2011-2638
 	NOT-FOR-US: Opera
-CVE-2011-2637 (Unspecified vulnerability in Opera before 11.10 allows remote ...)
+CVE-2011-2637
 	NOT-FOR-US: Opera
-CVE-2011-2636 (Unspecified vulnerability in Opera before 11.10 allows remote ...)
+CVE-2011-2636
 	NOT-FOR-US: Opera
-CVE-2011-2635 (The Cascading Style Sheets (CSS) implementation in Opera before 11.10 ...)
+CVE-2011-2635
 	NOT-FOR-US: Opera
-CVE-2011-2634 (Opera before 11.10 allows remote attackers to hijack (1) searches and ...)
+CVE-2011-2634
 	NOT-FOR-US: Opera
-CVE-2011-2633 (Unspecified vulnerability in Opera before 11.11 allows remote ...)
+CVE-2011-2633
 	NOT-FOR-US: Opera
-CVE-2011-2632 (Opera before 11.11 does not properly handle destruction of a ...)
+CVE-2011-2632
 	NOT-FOR-US: Opera
-CVE-2011-2631 (The Cascading Style Sheets (CSS) implementation in Opera before 11.11 ...)
+CVE-2011-2631
 	NOT-FOR-US: Opera
-CVE-2011-2630 (Opera before 11.11 allows user-assisted remote attackers to cause a ...)
+CVE-2011-2630
 	NOT-FOR-US: Opera
-CVE-2011-2629 (Unspecified vulnerability in Opera before 11.11 allows remote ...)
+CVE-2011-2629
 	NOT-FOR-US: Opera
-CVE-2011-2628 (Opera before 11.11 does not properly implement FRAMESET elements, ...)
+CVE-2011-2628
 	NOT-FOR-US: Opera
-CVE-2011-2627 (Unspecified vulnerability in the DOM implementation in Opera before ...)
+CVE-2011-2627
 	NOT-FOR-US: Opera
-CVE-2011-2626 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+CVE-2011-2626
 	NOT-FOR-US: Opera
-CVE-2011-2625 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+CVE-2011-2625
 	NOT-FOR-US: Opera
-CVE-2011-2624 (Opera before 11.50 allows user-assisted remote attackers to cause a ...)
+CVE-2011-2624
 	NOT-FOR-US: Opera
-CVE-2011-2623 (Unspecified vulnerability in the SVG BiDi implementation in Opera ...)
+CVE-2011-2623
 	NOT-FOR-US: Opera
-CVE-2011-2622 (Unspecified vulnerability in the Web Workers implementation in Opera ...)
+CVE-2011-2622
 	NOT-FOR-US: Opera
-CVE-2011-2621 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+CVE-2011-2621
 	NOT-FOR-US: Opera
-CVE-2011-2620 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+CVE-2011-2620
 	NOT-FOR-US: Opera
-CVE-2011-2619 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+CVE-2011-2619
 	NOT-FOR-US: Opera
-CVE-2011-2618 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+CVE-2011-2618
 	NOT-FOR-US: Opera
-CVE-2011-2617 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+CVE-2011-2617
 	NOT-FOR-US: Opera
-CVE-2011-2616 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+CVE-2011-2616
 	NOT-FOR-US: Opera
-CVE-2011-2615 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+CVE-2011-2615
 	NOT-FOR-US: Opera
-CVE-2011-2614 (The SVG implementation in Opera before 11.50 allows remote attackers ...)
+CVE-2011-2614
 	NOT-FOR-US: Opera
-CVE-2011-2613 (The Array.prototype.join method in Opera before 11.50 allows remote ...)
+CVE-2011-2613
 	NOT-FOR-US: Opera
-CVE-2011-2612 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+CVE-2011-2612
 	NOT-FOR-US: Opera
-CVE-2011-2611 (Unspecified vulnerability in the printing functionality in Opera ...)
+CVE-2011-2611
 	NOT-FOR-US: Opera
-CVE-2011-2610 (Unspecified vulnerability in Opera before 11.50 has unknown impact and ...)
+CVE-2011-2610
 	NOT-FOR-US: Opera
-CVE-2011-2609 (Opera before 11.50 does not properly restrict data: URIs, which makes ...)
+CVE-2011-2609
 	NOT-FOR-US: Opera
-CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance ...)
+CVE-2011-2608
 	NOT-FOR-US: HP OpenView
-CVE-2011-2607 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
+CVE-2011-2607
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2011-2606 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Rational ...)
+CVE-2011-2606
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2011-2605 (CRLF injection vulnerability in the ...)
+CVE-2011-2605
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner 1.9.0.19-12
@@ -7269,67 +7269,67 @@ CVE-2011-2605 (CRLF injection vulnerability in the ...)
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2604 (The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote ...)
+CVE-2011-2604
 	NOT-FOR-US: Windows XP
-CVE-2011-2603 (The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote ...)
+CVE-2011-2603
 	NOT-FOR-US: Mac OS X
-CVE-2011-2602 (The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3 allows ...)
+CVE-2011-2602
 	NOT-FOR-US: Windows XP
-CVE-2011-2601 (The GPU support functionality in Mac OS X does not properly restrict ...)
+CVE-2011-2601
 	NOT-FOR-US: Mac OS X
-CVE-2011-2600 (The GPU support functionality in Windows XP does not properly restrict ...)
+CVE-2011-2600
 	NOT-FOR-US: Windows XP
-CVE-2011-2599 (Google Chrome 11 does not block use of a cross-domain image as a WebGL ...)
+CVE-2011-2599
 	- chromium-browser <unfixed> (unimportant)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-2598 (The WebGL implementation in Mozilla Firefox 4.x allows remote ...)
+CVE-2011-2598
 	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
-CVE-2011-2597 (The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x ...)
+CVE-2011-2597
 	- wireshark 1.6.1-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 CVE-2011-2596
 	RESERVED
-CVE-2011-2595 (Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build ...)
+CVE-2011-2595
 	NOT-FOR-US: ACDSee FotoSlate
-CVE-2011-2594 (Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other ...)
+CVE-2011-2594
 	NOT-FOR-US: KMPlayer
 	NOTE: This is http://www.kmplayer.com and not our kmplayer package.
-CVE-2011-2593 (Integer overflow in the StartEpa method in the nsepacom ActiveX ...)
+CVE-2011-2593
 	NOT-FOR-US: Citrix Access Gateway Enterprise Edition Plug-in
-CVE-2011-2592 (Heap-based buffer overflow in the StartEpa method in the nsepacom ...)
+CVE-2011-2592
 	NOT-FOR-US: ActiveX control for Citrix Access Gateway
-CVE-2011-2591 (Multiple buffer overflows in the Provideo ActiveX controls allow ...)
+CVE-2011-2591
 	NOT-FOR-US: Provideo ActiveX
-CVE-2011-2590 (The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 ...)
+CVE-2011-2590
 	NOT-FOR-US: UUSee 201
-CVE-2011-2589 (Heap-based buffer overflow in the SendLogAction method in the UUPlayer ...)
+CVE-2011-2589
 	NOT-FOR-US: UUSee 201
-CVE-2011-2588 (Heap-based buffer overflow in the AVI_ChunkRead_strf function in ...)
+CVE-2011-2588
 	- vlc 1.1.11-1 (bug #633675)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2587 (Heap-based buffer overflow in the DemuxAudioSipr function in real.c in ...)
+CVE-2011-2587
 	- vlc 1.1.11-1 (bug #633674)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2586 (The HTTP client in Cisco IOS 12.4 and 15.0 allows user-assisted remote ...)
+CVE-2011-2586
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2585 (Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows ...)
+CVE-2011-2585
 	NOT-FOR-US: Cisco Show and Share
-CVE-2011-2584 (Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows ...)
+CVE-2011-2584
 	NOT-FOR-US: Cisco Show and Share
-CVE-2011-2583 (Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows ...)
+CVE-2011-2583
 	NOT-FOR-US: Cisco CCX
 CVE-2011-2582
 	RESERVED
-CVE-2011-2581 (The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before ...)
+CVE-2011-2581
 	NOT-FOR-US: Cisco NX-OS
 CVE-2011-2580
 	RESERVED
 CVE-2011-2579
 	RESERVED
-CVE-2011-2578 (Memory leak in Cisco IOS 15.1 and 15.2 allows remote attackers to ...)
+CVE-2011-2578
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2577 (Unspecified vulnerability in Cisco TelePresence C Series Endpoints, ...)
+CVE-2011-2577
 	NOT-FOR-US: Cisco TelePresence
 CVE-2011-2576
 	RESERVED
@@ -7345,7 +7345,7 @@ CVE-2011-2571
 	RESERVED
 CVE-2011-2570
 	RESERVED
-CVE-2011-2569 (Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing ...)
+CVE-2011-2569
 	NOT-FOR-US: Cisco NX-OS
 CVE-2011-2568
 	RESERVED
@@ -7355,15 +7355,15 @@ CVE-2011-2566
 	RESERVED
 CVE-2011-2565
 	RESERVED
-CVE-2011-2564 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
+CVE-2011-2564
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2563 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
+CVE-2011-2563
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2562 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+CVE-2011-2562
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2561 (The SIP process in Cisco Unified Communications Manager (aka CUCM, ...)
+CVE-2011-2561
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2560 (The Packet Capture Service in Cisco Unified Communications Manager ...)
+CVE-2011-2560
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-2559
 	RESERVED
@@ -7373,7 +7373,7 @@ CVE-2011-2557
 	RESERVED
 CVE-2011-2556
 	RESERVED
-CVE-2011-2555 (Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a ...)
+CVE-2011-2555
 	NOT-FOR-US: Cisco TelePresence Recording Server
 CVE-2011-2554
 	RESERVED
@@ -7385,19 +7385,19 @@ CVE-2011-2551
 	RESERVED
 CVE-2011-2550
 	RESERVED
-CVE-2011-2549 (Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco ...)
+CVE-2011-2549
 	NOT-FOR-US: Cisco IOS XR
 CVE-2011-2548
 	RESERVED
-CVE-2011-2547 (The web-based management interface on Cisco SA 500 series security ...)
+CVE-2011-2547
 	NOT-FOR-US: Cisco SA 500 series appliances management interface
-CVE-2011-2546 (SQL injection vulnerability in the web-based management interface on ...)
+CVE-2011-2546
 	NOT-FOR-US: Cisco SA 500 series appliances management interface
-CVE-2011-2545 (Cross-site scripting (XSS) vulnerability in the SIP implementation on ...)
+CVE-2011-2545
 	NOT-FOR-US: Cisco SPA
-CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
+CVE-2011-2544
 	NOT-FOR-US: Cisco
-CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence System ...)
+CVE-2011-2543
 	NOT-FOR-US: Cisco
 CVE-2011-2542
 	RESERVED
@@ -7414,133 +7414,133 @@ CVE-2011-2537
 	RESERVED
 CVE-2011-XXXX [unspecified security vulnerabilities from 4.3.7]
 	- movabletype-opensource 4.3.7+dfsg-1 (bug #631437)
-CVE-2011-2536 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x ...)
+CVE-2011-2536
 	{DSA-2276-2 DSA-2276-1}
 	- asterisk 1:1.8.4.4~dfsg-1 (bug #632029)
-CVE-2011-2534 (Buffer overflow in the clusterip_proc_write function in ...)
+CVE-2011-2534
 	- linux-2.6 2.6.32-34 (low)
-CVE-2011-2533 (The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows ...)
+CVE-2011-2533
 	- dbus 1.3.2~git20100715.821f99c-1 (unimportant)
 	NOTE: Compile-time only
-CVE-2011-2532 (The json.decode function in util/json.lua in Prosody 0.8.x before ...)
+CVE-2011-2532
 	- prosody 0.8.1-1
 	[squeeze] - prosody <no-dsa> (Minor issue)
-CVE-2011-2531 (Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect ...)
+CVE-2011-2531
 	- prosody 0.8.1-1
 	[squeeze] - prosody <no-dsa> (Minor issue)
-CVE-2011-2530 (Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware ...)
+CVE-2011-2530
 	NOT-FOR-US: EDS Hardware Installation tool
-CVE-2011-2535 (chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x ...)
+CVE-2011-2535
 	{DSA-2276-2 DSA-2276-1}
 	- asterisk 1:1.8.4.3-1 (bug #631448)
 	[squeeze] - asterisk <not-affected>
 	[lenny] - asterisk <not-affected>
-CVE-2011-2529 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x ...)
+CVE-2011-2529
 	{DSA-2276-2 DSA-2276-1}
 	- asterisk 1:1.8.4.3-1 (bug #631446)
-CVE-2011-2528 (Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x ...)
+CVE-2011-2528
 	- plone3 <removed>
-CVE-2011-2527 (The change_process_uid function in os-posix.c in Qemu 0.14.0 and ...)
+CVE-2011-2527
 	{DSA-2282-1}
 	- qemu-kvm 0.14.1+dfsg-3 (bug #633669)
 	- kvm <not-affected> (Vulnerable code not present)
-CVE-2011-2526 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before ...)
+CVE-2011-2526
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7 (bug #634992)
 	- tomcat7 7.0.19-1 (bug #634992)
 	- tomcat5.5 <removed> (bug #634992)
-CVE-2011-2525 (The qdisc_notify function in net/sched/sch_api.c in the Linux kernel ...)
+CVE-2011-2525
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.35-1
-CVE-2011-2524 (Directory traversal vulnerability in soup-uri.c in SoupServer in ...)
+CVE-2011-2524
 	{DSA-2369-1}
 	- libsoup2.4 2.34.3-1 (bug #635837)
 CVE-2011-2523
 	RESERVED
 	- vsftpd <not-affected> (backdoored version was never in the Debian archive)
-CVE-2011-2522 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2011-2522
 	{DSA-2290-1}
 	- samba 2:3.5.10~dfsg-1 (low)
-CVE-2011-2521 (The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c ...)
+CVE-2011-2521
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-2520 (fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the ...)
+CVE-2011-2520
 	NOT-FOR-US: system-config-firewall
-CVE-2011-2519 (Xen in the Linux kernel, when running a guest on a host without ...)
+CVE-2011-2519
 	- xen-3 3.2.1-2
 	NOTE: Possibly fixed earlier than 3.2.1-2, but that's the version in oldstable, which
 	NOTE: was checked to contain http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644
 	- xen <not-affected> (Only affects older Xen 3 releases)
-CVE-2011-2518 (The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux ...)
+CVE-2011-2518
 	- linux-2.6 2.6.39-3 (low)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-2517 (Multiple buffer overflows in net/wireless/nl80211.c in the Linux ...)
+CVE-2011-2517
 	{DSA-2303-1}
 	- linux-2.6 2.6.39-3 (unimportant)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Requires CAP_NET_ADMIn to exploit
-CVE-2011-2516 (Off-by-one error in the XML signature feature in Apache XML Security ...)
+CVE-2011-2516
 	{DSA-2277-1}
 	- xml-security-c 1.6.1-1 (low; bug #632973)
 CVE-2011-2515
 	RESERVED
 	- packagekit 0.6.17-1
-CVE-2011-2514 (The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ...)
+CVE-2011-2514
 	- openjdk-6 6b21~pre1-1
 	- icedtea-web 1.1-1
 	NOTE: Browser plugin was removed in openjdk-6 6b21~pre1-1.
-CVE-2011-2513 (The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ...)
+CVE-2011-2513
 	- openjdk-6 6b21~pre1-1
 	- icedtea-web 1.1.2-1
 	NOTE: Browser plugin was removed in openjdk-6 6b21~pre1-1.
-CVE-2011-2512 (The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not ...)
+CVE-2011-2512
 	{DSA-2270-1}
 	- qemu-kvm 0.14.1+dfsg-2 (bug #631975)
 	- kvm <removed>
 	[lenny] - kvm <not-affected> (Vulnerability not present)
-CVE-2011-2511 (Integer overflow in libvirt before 0.9.3 allows remote authenticated ...)
+CVE-2011-2511
 	{DSA-2280-1}
 	- libvirt 0.9.2-7 (bug #633630)
-CVE-2011-2510 (Cross-site scripting (XSS) vulnerability in the RSS embedding feature ...)
+CVE-2011-2510
 	- dokuwiki 0.0.20110525a-1 (low; bug #631818)
 	[squeeze] - dokuwiki 0.0.20091225c-10+squeeze2
 	[lenny] - dokuwiki 0.0.20080505-4+lenny3
-CVE-2011-2509 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
+CVE-2011-2509
 	NOT-FOR-US: Joomla!
-CVE-2011-2508 (Directory traversal vulnerability in libraries/display_tbl.lib.php in ...)
+CVE-2011-2508
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2507 (libraries/server_synchronize.lib.php in the Synchronize implementation ...)
+CVE-2011-2507
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1 (unimportant)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: neutralized by Suhosin patch
-CVE-2011-2506 (setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 ...)
+CVE-2011-2506
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2505 (libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication ...)
+CVE-2011-2505
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2504 (Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf ...)
+CVE-2011-2504
 	- x11-apps 7.7~1 (low)
 	[squeeze] - x11-apps <no-dsa> (Minor issue)
-CVE-2011-2503 (The insert_module function in runtime/staprun/staprun_funcs.c in the ...)
+CVE-2011-2503
 	{DSA-2348-1}
 	- systemtap 1.6-1 (bug #635542)
 	[lenny] - systemtap <not-affected> (Signed modules not yet supported)
-CVE-2011-2502 (runtime/staprun/staprun_funcs.c in the systemtap runtime tool ...)
+CVE-2011-2502
 	- systemtap 1.6-1 (bug #635542)
 	[lenny] - systemtap <not-affected> (Affected option introduced in 1.4)
 	[squeeze] - systemtap <not-affected> (Affected option introduced in 1.4)
-CVE-2011-2501 (The png_format_buffer function in pngerror.c in libpng 1.0.x before ...)
+CVE-2011-2501
 	{DSA-2287-1}
 	- libpng 1.2.44-3 (bug #632786)
-CVE-2011-2500 (The host_reliable_addrinfo function in support/export/hostname.c in ...)
+CVE-2011-2500
 	- nfs-utils 1:1.2.4-1 (bug #633155)
 	[lenny] - nfs-utils <not-affected> (Introduced in 1.2.3)
 	[squeeze] - nfs-utils <not-affected> (Introduced in 1.2.3)
@@ -7552,50 +7552,50 @@ CVE-2011-2498
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.36)
-CVE-2011-2497 (Integer underflow in the l2cap_config_req function in ...)
+CVE-2011-2497
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-3
-CVE-2011-2496 (Integer overflow in the vma_to_resize function in mm/mremap.c in the ...)
+CVE-2011-2496
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-1 (low)
-CVE-2011-2495 (fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly ...)
+CVE-2011-2495
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1 (low)
-CVE-2011-2494 (kernel/taskstats.c in the Linux kernel before 3.1 allows local users ...)
+CVE-2011-2494
 	- linux-2.6 3.0.0-5 (low)
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-2493 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel ...)
+CVE-2011-2493
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (sbi->s_err-report didn't exist yet)
 	[lenny] - linux-2.6 <not-affected> (sbi->s_err-report didn't exist yet)
-CVE-2011-2492 (The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not ...)
+CVE-2011-2492
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1 (low)
-CVE-2011-2491 (The Network Lock Manager (NLM) protocol implementation in the NFS ...)
+CVE-2011-2491
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1
-CVE-2011-2490 (opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not ...)
+CVE-2011-2490
 	{DSA-2281-1}
 	- opie <removed> (bug #631345)
-CVE-2011-2489 (Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 ...)
+CVE-2011-2489
 	{DSA-2281-1}
 	- opie <removed> (bug #631344)
-CVE-2011-2488 (Joomla! before 1.5.23 does not properly check for errors, which allows ...)
+CVE-2011-2488
 	NOT-FOR-US: Joomla!
 CVE-2011-2487
 	RESERVED
 	NOT-FOR-US: Apache CXF
-CVE-2011-2486 (nspluginwrapper before 1.4.4 does not properly provide access to ...)
+CVE-2011-2486
 	- nspluginwrapper <unfixed> (bug #671846)
 	[squeeze] - nspluginwrapper <no-dsa> (Contrib not supported)
-CVE-2011-2485 (The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in ...)
+CVE-2011-2485
 	- gdk-pixbuf 2.23.3-3.1 (bug #631524)
 	[squeeze] - gdk-pixbuf <no-dsa> (Minor issue)
 	[lenny] - gdk-pixbuf <no-dsa> (Minor issue)
-CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux ...)
+CVE-2011-2484
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-3 (low)
-CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain ...)
+CVE-2011-2483
 	{DSA-2399-1 DSA-2340-1}
 	- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
 	- php-suhosin <not-affected> (bug #631283; that portion is not used since PHP 5.3)
@@ -7607,9 +7607,9 @@ CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain
 	- libxcrypt 1:2.4-1.1 (bug #679628)
 	[squeeze] - libxcrypt <no-dsa> (Minor issue)
 	NOTE: http://openwall.com/lists/oss-security/2011/06/20/2
-CVE-2011-2482 (A certain Red Hat patch to the sctp_sock_migrate function in ...)
+CVE-2011-2482
 	- linux-2.6 <not-affected> (RHEL-specific regression)
-CVE-2011-2481 (Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace ...)
+CVE-2011-2481
 	- tomcat7 7.0.19-1
 CVE-2011-2480 [kfreebsd info disclosure]
 	RESERVED
@@ -7617,166 +7617,166 @@ CVE-2011-2480 [kfreebsd info disclosure]
 	- kfreebsd-8 8.2-3 (bug #631161)
 	[squeeze] - kfreebsd-8 8.1+dfsg-8+squeeze1
 	- kfreebsd-7 <removed>
-CVE-2011-2479 (The Linux kernel before 2.6.39 does not properly create transparent ...)
+CVE-2011-2479
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.38)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.38)
-CVE-2011-2478 (Google SketchUp before 8 does not properly handle edge geometry in ...)
+CVE-2011-2478
 	NOT-FOR-US: Google SketchUp
-CVE-2011-2470 (Cross-site scripting (XSS) vulnerability in chat/base/admin/login.php ...)
+CVE-2011-2470
 	NOT-FOR-US: A Really Simple Chat
 CVE-2011-2469
 	RESERVED
-CVE-2011-2467 (SQL injection vulnerability in lsassd in Lsass in the Likewise ...)
+CVE-2011-2467
 	NOT-FOR-US: Likewise
 CVE-2011-2466
 	RESERVED
-CVE-2011-2465 (Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and ...)
+CVE-2011-2465
 	- bind9 1:9.8.1.dfsg.P1-1
 	[squeeze] - bind9 <not-affected> (Only affects 9.8)
 	[lenny] - bind9 <not-affected> (Only affects 9.8)
-CVE-2011-2464 (Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, ...)
+CVE-2011-2464
 	{DSA-2272-1}
 	- bind9 1:9.8.1.dfsg-1 (high)
-CVE-2011-2463 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 ...)
+CVE-2011-2463
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-2462 (Unspecified vulnerability in the U3D component in Adobe Reader and ...)
+CVE-2011-2462
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-2461 (Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and ...)
+CVE-2011-2461
 	NOT-FOR-US: Adobe Flex
-CVE-2011-2460 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2460
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2459 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2459
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2458 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2458
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2457 (Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 ...)
+CVE-2011-2457
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2456 (Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x ...)
+CVE-2011-2456
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2455 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2455
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2454 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2454
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2453 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2453
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2452 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2452
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2451 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2451
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2450 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2450
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2449 (The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows ...)
+CVE-2011-2449
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2448 (The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows ...)
+CVE-2011-2448
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2447 (Adobe Shockwave Player before 11.6.3.633 allows attackers to execute ...)
+CVE-2011-2447
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2446 (The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows ...)
+CVE-2011-2446
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2445 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on ...)
+CVE-2011-2445
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2444 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2011-2444
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2443 (Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier ...)
+CVE-2011-2443
 	NOT-FOR-US: Adobe Photoshop Elements
-CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x ...)
+CVE-2011-2442
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2441 (Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader ...)
+CVE-2011-2441
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2440 (Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before ...)
+CVE-2011-2440
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2439 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x ...)
+CVE-2011-2439
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2438 (Multiple stack-based buffer overflows in the image-parsing library in ...)
+CVE-2011-2438
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2437 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before ...)
+CVE-2011-2437
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2436 (Heap-based buffer overflow in the image-parsing library in Adobe ...)
+CVE-2011-2436
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2435 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x ...)
+CVE-2011-2435
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2434 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before ...)
+CVE-2011-2434
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2433 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before ...)
+CVE-2011-2433
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2432 (Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat ...)
+CVE-2011-2432
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x ...)
+CVE-2011-2431
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2430 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2430
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2429 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2429
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2428 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2428
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2427 (Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) ...)
+CVE-2011-2427
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2426 (Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) ...)
+CVE-2011-2426
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2425
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2424
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2423 (msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
+CVE-2011-2423
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2422 (Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
+CVE-2011-2422
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2421 (Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows ...)
+CVE-2011-2421
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2420 (Adobe Shockwave Player before 11.6.1.629 allows remote attackers to ...)
+CVE-2011-2420
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2419 (IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
+CVE-2011-2419
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2011-2418
 	REJECTED
-CVE-2011-2417 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2417
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2416 (Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2416
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2415 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2415
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2414 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2414
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2413
 	RESERVED
-CVE-2011-2412 (Unspecified vulnerability in HP Business Service Automation (BSA) ...)
+CVE-2011-2412
 	NOT-FOR-US: HP Business Service Automation
-CVE-2011-2411 (Unspecified vulnerability on HP NonStop Servers with software H06.x ...)
+CVE-2011-2411
 	NOT-FOR-US: HP NonStop Servers
-CVE-2011-2410 (Cross-site scripting (XSS) vulnerability in HP OpenView Performance ...)
+CVE-2011-2410
 	NOT-FOR-US: HP OpenView
-CVE-2011-2409 (Cross-site scripting (XSS) vulnerability in the Calendar application ...)
+CVE-2011-2409
 	NOT-FOR-US: HP Palm webOS 3.x
-CVE-2011-2408 (Cross-site scripting (XSS) vulnerability in the Contacts application ...)
+CVE-2011-2408
 	NOT-FOR-US: HP Palm webOS 3.x
-CVE-2011-2407 (Unspecified vulnerability in HP OpenView Performance Insight 5.3, ...)
+CVE-2011-2407
 	NOT-FOR-US: HP OpenView Performance Insight
-CVE-2011-2406 (Cross-site scripting (XSS) vulnerability in HP OpenView Performance ...)
+CVE-2011-2406
 	NOT-FOR-US: HP OpenView Performance Insight
-CVE-2011-2405 (The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware ...)
+CVE-2011-2405
 	NOT-FOR-US: HP ProLiant SL Advanced Power Manager
-CVE-2011-2404 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care ...)
+CVE-2011-2404
 	NOT-FOR-US: HP Easy Printer Care Software
-CVE-2011-2403 (SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...)
+CVE-2011-2403
 	NOT-FOR-US: HP Network Automation
-CVE-2011-2402 (Cross-site scripting (XSS) vulnerability in HP Network Automation ...)
+CVE-2011-2402
 	NOT-FOR-US: HP Network Automation
-CVE-2011-2401 (Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x ...)
+CVE-2011-2401
 	NOT-FOR-US: HP SiteScope
-CVE-2011-2400 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, ...)
+CVE-2011-2400
 	NOT-FOR-US: HP SiteScope
-CVE-2011-2399 (Unspecified vulnerability in the Media Management Daemon (mmd) in HP ...)
+CVE-2011-2399
 	NOT-FOR-US: HP Data Protector
-CVE-2011-2398 (Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, ...)
+CVE-2011-2398
 	NOT-FOR-US: HP-UX
-CVE-2011-2397 (The Agent service in Iron Mountain Connected Backup 8.4 allows remote ...)
+CVE-2011-2397
 	NOT-FOR-US: Iron Mountain Connected Backup
 CVE-2011-2396
 	RESERVED
 CVE-2011-2394
 	RESERVED
-CVE-2011-2393 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+CVE-2011-2393
 	- kfreebsd-7 <removed> (low)
 	- kfreebsd-8 <removed> (low)
 	[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
@@ -7790,7 +7790,7 @@ CVE-2011-2393 (The Neighbor Discovery (ND) protocol implementation in the IPv6 s
 	NOTE: Starting with stretch kfreebsd is no longer supported
 CVE-2011-2392
 	RESERVED
-CVE-2011-2391 (The IPv6 implementation in the kernel in Apple iOS before 7 allows ...)
+CVE-2011-2391
 	NOT-FOR-US: Apple iOS
 CVE-2011-2390
 	RESERVED
@@ -7800,25 +7800,25 @@ CVE-2011-2388
 	RESERVED
 CVE-2011-2387
 	RESERVED
-CVE-2011-2386 (VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey ...)
+CVE-2011-2386
 	NOT-FOR-US: VisiWave Site Survey
-CVE-2011-2385 (The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in ...)
+CVE-2011-2385
 	- otrs2 <not-affected> (does not include iPhoneHandle package)
 CVE-2011-2384
 	RESERVED
-CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x ...)
+CVE-2011-2381
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...)
+CVE-2011-2380
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...)
+CVE-2011-2379
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird ...)
+CVE-2011-2378
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -7829,12 +7829,12 @@ CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20, Thunde
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2377 (Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird ...)
+CVE-2011-2377
 	- xulrunner <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- iceweasel <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- iceape <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- icedove <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
-CVE-2011-2376 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-2376
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner 1.9.0.19-12
@@ -7845,10 +7845,10 @@ CVE-2011-2376 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2375 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-2375
 	- xulrunner <not-affected> (Only affects Firefox 5.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 5.0, not yet in unstable)
-CVE-2011-2374 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-2374
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner 1.9.0.19-12
@@ -7859,7 +7859,7 @@ CVE-2011-2374 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2373 (Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x ...)
+CVE-2011-2373
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-3
@@ -7870,7 +7870,7 @@ CVE-2011-2373 (Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2372 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before ...)
+CVE-2011-2372
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -7880,7 +7880,7 @@ CVE-2011-2372 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird befo
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2371 (Integer overflow in the Array.reduceRight method in Mozilla Firefox ...)
+CVE-2011-2371
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-3
@@ -7891,26 +7891,26 @@ CVE-2011-2371 (Integer overflow in the Array.reduceRight method in Mozilla Firef
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2370 (Mozilla Firefox before 5.0 does not properly enforce the whitelist for ...)
+CVE-2011-2370
 	- xulrunner <not-affected> (Only affects Firefox 4.x and above)
 	- iceweasel 5.0-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 4.x and above)
 	- iceape <not-affected> (Only affects Firefox 4.x and above)
 	- icedove <not-affected> (Only affects Firefox 4.x and above)
-CVE-2011-2369 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x ...)
+CVE-2011-2369
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2368 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not ...)
+CVE-2011-2368
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2367 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not ...)
+CVE-2011-2367
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2366 (Mozilla Gecko before 5.0, as used in Firefox before 5.0 and ...)
+CVE-2011-2366
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2365 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-2365
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 3.5.19-3
@@ -7920,12 +7920,12 @@ CVE-2011-2365 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
-CVE-2011-2364 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-2364
 	- xulrunner <not-affected> (Only affects Firefox >= 3.6)
 	- iceweasel <not-affected> (Only affects Firefox >= 3.6)
 	- iceape <not-affected> (Only affects Firefox >= 3.6)
 	- icedove <not-affected> (Only affects Firefox >= 3.6)
-CVE-2011-2363 (Use-after-free vulnerability in the nsSVGPointList::AppendElement ...)
+CVE-2011-2363
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -7936,7 +7936,7 @@ CVE-2011-2363 (Use-after-free vulnerability in the nsSVGPointList::AppendElement
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2362 (Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and ...)
+CVE-2011-2362
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -7947,72 +7947,72 @@ CVE-2011-2362 (Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and ...
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2361 (The Basic Authentication dialog implementation in Google Chrome before ...)
+CVE-2011-2361
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2360 (Google Chrome before 13.0.782.107 does not ensure that the user is ...)
+CVE-2011-2360
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2359 (Google Chrome before 13.0.782.107 does not properly track line boxes ...)
+CVE-2011-2359
 	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	NOTE: http://trac.webkit.org/changeset/90068
-CVE-2011-2358 (Google Chrome before 13.0.782.107 does not ensure that extension ...)
+CVE-2011-2358
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2357 (Cross-application scripting vulnerability in the Browser URL loading ...)
+CVE-2011-2357
 	NOT-FOR-US: Android
-CVE-2011-2356 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2356
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2355
 	RESERVED
-CVE-2011-2354 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2354
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2353
 	RESERVED
-CVE-2011-2352 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2352
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2351 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 ...)
+CVE-2011-2351
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88584
 	NOTE: http://trac.webkit.org/changeset/88549
-CVE-2011-2350 (The HTML parser in Google Chrome before 12.0.742.112 does not properly ...)
+CVE-2011-2350
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88411
 	NOTE: http://trac.webkit.org/changeset/88434
-CVE-2011-2349 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 ...)
+CVE-2011-2349
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88456
-CVE-2011-2348 (Google V8, as used in Google Chrome before 12.0.742.112, performs an ...)
+CVE-2011-2348
 	- libv8 3.4.14-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Fixed in V8 bleeding edge r8230, 3.2.10.17 and 3.3.10.9.
-CVE-2011-2347 (Google Chrome before 12.0.742.112 does not properly handle Cascading ...)
+CVE-2011-2347
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88448
-CVE-2011-2346 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 ...)
+CVE-2011-2346
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: introduced in http://trac.webkit.org/changeset/77740
 	NOTE: http://trac.webkit.org/changeset/87827
-CVE-2011-2345 (The NPAPI implementation in Google Chrome before 12.0.742.112 does not ...)
+CVE-2011-2345
 	- chromium-browser <not-affected> (linux version is not affected)
 	- webkit <not-affected>
-CVE-2011-2344 (Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext ...)
+CVE-2011-2344
 	NOT-FOR-US: Android SDK
 CVE-2011-2343
 	RESERVED
-CVE-2011-2341 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2341
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2340
 	RESERVED
-CVE-2011-2339 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2339
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2338 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
+CVE-2011-2338
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2337
 	RESERVED
@@ -8024,124 +8024,124 @@ CVE-2011-2334
 	RESERVED
 CVE-2011-2333
 	RESERVED
-CVE-2011-2329 (The rampart_timestamp_token_validate function in ...)
+CVE-2011-2329
 	- rampart 1.3.0-3 (low; bug #631221)
 	[squeeze] - rampart <no-dsa> (Minor issue)
-CVE-2011-2327 (Unspecified vulnerability in the Oracle Communications Unified ...)
+CVE-2011-2327
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2326 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-2326
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2325 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-2325
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2324 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-2324
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2323 (Unspecified vulnerability in the Health Sciences - Oracle Thesaurus ...)
+CVE-2011-2323
 	NOT-FOR-US: Oracle Thesaurus Management System
-CVE-2011-2322 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2011-2322
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2321 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-2321
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2320 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2011-2320
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2319 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2011-2319
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2318 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2011-2318
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2317 (Unspecified vulnerability in the EnterpriseOne Tools component in ...)
+CVE-2011-2317
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2316 (Unspecified vulnerability in the Siebel Apps - Marketing component in ...)
+CVE-2011-2316
 	NOT-FOR-US: Oracle Siebel
-CVE-2011-2315 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2011-2315
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2011-2314 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2011-2314
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2313 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2011-2313
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2312 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2011-2312
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2311 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2011-2311
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2310 (Unspecified vulnerability in the Oracle Waveset component in Oracle ...)
+CVE-2011-2310
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2309 (Unspecified vulnerability in the Health Sciences - Oracle Clinical, ...)
+CVE-2011-2309
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2011-2308 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2011-2308
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2307 (Unspecified vulnerability in Oracle SysFW 8.1.0.a in various Oracle ...)
+CVE-2011-2307
 	NOT-FOR-US: Oracle SysFW
-CVE-2011-2306 (Unspecified vulnerability in Oracle Linux 4 and 5 allows remote ...)
+CVE-2011-2306
 	NOT-FOR-US: Oracle Linux-specific feature
-CVE-2011-2305 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...)
+CVE-2011-2305
 	- virtualbox-ose <not-affected> (Only affects 4.x)
 	- virtualbox 4.0.10-dfsg-1
-CVE-2011-2304 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
+CVE-2011-2304
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2303 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2011-2303
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2302 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2011-2302
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2301 (Unspecified vulnerability in the Oracle Text component in Oracle ...)
+CVE-2011-2301
 	NOT-FOR-US: Oracle Database
-CVE-2011-2300 (Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and ...)
+CVE-2011-2300
 	- virtualbox-guest-additions-iso 4.0.10-1 (bug #635276)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
-CVE-2011-2299 (Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, ...)
+CVE-2011-2299
 	NOT-FOR-US: Oracle SPARC Enterprise
-CVE-2011-2298 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2011-2298
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2297 (Unspecified vulnerability in Oracle Solaris Cluster 3.3 allows local ...)
+CVE-2011-2297
 	NOT-FOR-US: Oracle Solaris Cluster
-CVE-2011-2296 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+CVE-2011-2296
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2295 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-2295
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2294 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2011-2294
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2293 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+CVE-2011-2293
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2292 (Unspecified vulnerability in Oracle Solaris 9 and 11 Express allows ...)
+CVE-2011-2292
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2291 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2011-2291
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2290 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows ...)
+CVE-2011-2290
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2289 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2011-2289
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2288 (Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM) ...)
+CVE-2011-2288
 	NOT-FOR-US: Oracle SysFW
-CVE-2011-2287 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-2287
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2286 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2011-2286
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2285 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2011-2285
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2284 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-2284
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2283 (Unspecified vulnerability in the PeopleSoft Enterprise FMS component ...)
+CVE-2011-2283
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2282 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2011-2282
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2281 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-2281
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2280 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2011-2280
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2279 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-2279
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2278 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2011-2278
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2277 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...)
+CVE-2011-2277
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2011-2276
 	REJECTED
-CVE-2011-2275 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2011-2275
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2274 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2011-2274
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2273 (Unspecified vulnerability in the Agile Core Technology component in ...)
+CVE-2011-2273
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2011-2272 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
+CVE-2011-2272
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2271 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2011-2271
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2011-2270
 	REJECTED
@@ -8149,68 +8149,68 @@ CVE-2011-2269
 	REJECTED
 CVE-2011-2268
 	REJECTED
-CVE-2011-2267 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2011-2267
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-2266
 	REJECTED
 CVE-2011-2265
 	REJECTED
-CVE-2011-2264 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2011-2264
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2263 (Unspecified vulnerability in Sun Integrated Lights Out Manager in ...)
+CVE-2011-2263
 	NOT-FOR-US: Oracle SysFW
-CVE-2011-2262 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2011-2262
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2011-2261 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2011-2261
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2011-2260 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2011-2260
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2259 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-2259
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2258 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-2258
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2257 (Unspecified vulnerability in the Database Target Type Menus component ...)
+CVE-2011-2257
 	NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
 CVE-2011-2256
 	REJECTED
-CVE-2011-2255 (Unspecified vulnerability in the Oracle WebLogic Portal component in ...)
+CVE-2011-2255
 	NOT-FOR-US: Oracle Fusion
 CVE-2011-2254
 	REJECTED
-CVE-2011-2253 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-2253
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2252 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2011-2252
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2011-2251 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
+CVE-2011-2251
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2011-2250 (Unspecified vulnerability in the PeopleSoft Enterprise FIN component ...)
+CVE-2011-2250
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2249 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
+CVE-2011-2249
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2248 (Unspecified vulnerability in the SQL Performance Advisories/UIs ...)
+CVE-2011-2248
 	NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
 CVE-2011-2247
 	REJECTED
-CVE-2011-2246 (Unspecified vulnerability in the Business Intelligence component in ...)
+CVE-2011-2246
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2245 (Unspecified vulnerability in the Solaris component in Oracle Sun ...)
+CVE-2011-2245
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2244 (Unspecified vulnerability in the Security Framework component in ...)
+CVE-2011-2244
 	NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
-CVE-2011-2243 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-2243
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2242 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-2242
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2241 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2011-2241
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2240 (Unspecified vulnerability in the Oracle Universal Installer component ...)
+CVE-2011-2240
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2239 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-2239
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2238 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2011-2238
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2237 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
+CVE-2011-2237
 	NOT-FOR-US: Oracle Fusion
 CVE-2011-2236
 	REJECTED
@@ -8220,43 +8220,43 @@ CVE-2011-2234
 	REJECTED
 CVE-2011-2233
 	REJECTED
-CVE-2011-2232 (Unspecified vulnerability in the XML Developer Kit component in Oracle ...)
+CVE-2011-2232
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2231 (Unspecified vulnerability in the XML Developer Kit component in Oracle ...)
+CVE-2011-2231
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2230 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-2230
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-2229
 	REJECTED
 CVE-2011-2228
 	REJECTED
-CVE-2011-2227 (Cross-site scripting (XSS) vulnerability in Novell Identity Manager ...)
+CVE-2011-2227
 	NOT-FOR-US: Novell Identity Manager
-CVE-2011-2226 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as ...)
+CVE-2011-2226
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2225 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE ...)
+CVE-2011-2225
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2224 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+CVE-2011-2224
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2223 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+CVE-2011-2223
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2222 (Session fixation vulnerability in WebAdmin in the Mobility Pack before ...)
+CVE-2011-2222
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2221 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...)
+CVE-2011-2221
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2220 (Stack-based buffer overflow in NFREngine.exe in Novell File Reporter ...)
+CVE-2011-2220
 	NOT-FOR-US: Novell File Reporter
-CVE-2011-2219 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell ...)
+CVE-2011-2219
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2218 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell ...)
+CVE-2011-2218
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) ...)
+CVE-2011-2217
 	NOT-FOR-US: VMware
-CVE-2011-2213 (The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux ...)
+CVE-2011-2213
 	{DSA-2389-1 DSA-2310-1}
 	- linux-2.6 2.6.39-3
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2011-2212 (Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier ...)
+CVE-2011-2212
 	{DSA-2282-1}
 	- qemu-kvm 0.14.1+dfsg-3 (bug #632987)
 	- kvm <removed>
@@ -8264,13 +8264,13 @@ CVE-2011-2207
 	RESERVED
 	- dirmngr <unfixed> (unimportant; bug #627377)
 	NOTE: Negligible impact
-CVE-2011-2206 (XMLParser.pm in DJabberd before 0.85 allows remote authenticated users ...)
+CVE-2011-2206
 	NOT-FOR-US: Djabberd
-CVE-2011-2205 (Prosody before 0.8.1 does not properly detect recursion during entity ...)
+CVE-2011-2205
 	- prosody 0.7.0-1 (low; bug #579087)
 	[squeeze] - prosody <no-dsa> (Minor issue)
 	[lenny] - prosody <no-dsa> (Minor issue)
-CVE-2011-2204 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before ...)
+CVE-2011-2204
 	{DSA-2401-1}
 	- tomcat5.5 <removed> (low; bug #632882)
 	[lenny] - tomcat5.5 <no-dsa> (Minor issue)
@@ -8278,30 +8278,30 @@ CVE-2011-2204 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x bef
 	[lenny] - tomcat6 <no-dsa> (Minor issue)
 	[squeeze] - tomcat6 <no-dsa> (Minor issue)
 	- tomcat7 7.0.16-3 (low; bug #632882)
-CVE-2011-2201 (The Data::FormValidator module 4.66 and earlier for Perl, when ...)
+CVE-2011-2201
 	- libdata-formvalidator-perl 4.66-3 (low; bug #629511)
 	[lenny] - libdata-formvalidator-perl <no-dsa> (Minor issue)
 	[squeeze] - libdata-formvalidator-perl 4.66-1+squeeze1
-CVE-2011-2200 (The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus ...)
+CVE-2011-2200
 	- dbus 1.4.12-1 (low; bug #629938)
 	[squeeze] - dbus 1.2.24-4+squeeze1
 	[lenny] - dbus <no-dsa> (Minor issue)
-CVE-2011-2197 (The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x ...)
+CVE-2011-2197
 	- rails <not-affected> (Affected plugin not installed, see bug #634990)
-CVE-2011-2196 (jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as ...)
+CVE-2011-2196
 	NOT-FOR-US: JBoss Seam
 CVE-2011-2195
 	RESERVED
-CVE-2011-2193 (Multiple buffer overflows in Terascale Open-Source Resource and Queue ...)
+CVE-2011-2193
 	{DSA-2329-1}
 	- torque 2.4.15+dfsg-1 (bug #635342)
-CVE-2011-2192 (The Curl_input_negotiate function in http_negotiate.c in libcurl ...)
+CVE-2011-2192
 	{DSA-2271-1}
 	- curl 7.21.6-2 (high; bug #631615)
-CVE-2011-2191 (Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in ...)
+CVE-2011-2191
 	- cherokee <removed> (low; bug #661993)
 	[squeeze] - cherokee <no-dsa> (Minor issue)
-CVE-2011-2189 (net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does ...)
+CVE-2011-2189
 	- linux-2.6 2.6.35-1 (low)
 	[lenny] - linux-2.6 <no-dsa> (attacker needs elevated CAP_SYS_ADMIN privileges to abuse this)
 	[squeeze] - linux-2.6 <no-dsa> (attacker needs elevated CAP_SYS_ADMIN privileges to abuse this)
@@ -8318,154 +8318,154 @@ CVE-2011-2187
 CVE-2011-2186
 	RESERVED
 	NOTE: Disputed gitweb non-issue: https://bugzilla.redhat.com/show_bug.cgi?id=713298
-CVE-2011-2181 (Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) ...)
+CVE-2011-2181
 	NOT-FOR-US: A Really Simple Chat
-CVE-2011-2180 (Cross-site scripting (XSS) vulnerability in dereferer.php in A Really ...)
+CVE-2011-2180
 	NOT-FOR-US: A Really Simple Chat
 CVE-2011-2177
 	RESERVED
 	NOT-FOR-US: Claimed older OpenOffice vulnerability, which was never disclosed
-CVE-2011-2176 (GNOME NetworkManager before 0.8.6 does not properly enforce the ...)
+CVE-2011-2176
 	- network-manager 0.9.0-1 (low; bug #631520)
 	[squeeze] - network-manager <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=id=e7273c1609ac267e1d77ff03c97c8929f15e3737
 	NOTE: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=id=287fe10c40ae9b90ce703b79f3479b755f0956c0
 	NOTE: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=id=e5085f950730b1e2e68645231e2042127c29a82e
-CVE-2011-2167 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot ...)
+CVE-2011-2167
 	- dovecot 1:2.0.13-1 (low)
 	[squeeze] - dovecot <not-affected> (Vulnerable script not present)
 	[lenny] - dovecot <not-affected> (Vulnerable script not present)
-CVE-2011-2166 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the user ...)
+CVE-2011-2166
 	- dovecot 1:2.0.13-1 (low)
 	[squeeze] - dovecot <not-affected> (Vulnerable script not present)
 	[lenny] - dovecot <not-affected> (Vulnerable script not present)
-CVE-2011-2477 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in ...)
+CVE-2011-2477
 	- icinga 1.4.1-1
 	[squeeze] - icinga <no-dsa> (Minor issue)
 	- nagios3 3.4.1-1
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
 	NOTE: Nagios might be fixed earlier than 3.4.1, checked the Wheezy version
-CVE-2011-2476 (Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery ...)
+CVE-2011-2476
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2011-2208 (Integer signedness error in the osf_getdomainname function in ...)
+CVE-2011-2208
 	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2209 (Integer signedness error in the osf_sysinfo function in ...)
+CVE-2011-2209
 	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2210 (The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the ...)
+CVE-2011-2210
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2211 (The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux ...)
+CVE-2011-2211
 	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2203 (The hfs_find_init function in the Linux kernel 2.6 allows local users ...)
+CVE-2011-2203
 	- linux-2.6 3.1.1-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-2202 (The rfc1867_post_handler function in main/rfc1867.c in PHP before ...)
+CVE-2011-2202
 	{DSA-2266-1}
 	- php5 5.3.6-12
-CVE-2011-2199 (Buffer overflow in tftp-hpa before 5.1 allows remote attackers to ...)
+CVE-2011-2199
 	- tftp-hpa 5.1-1 (low)
 	[squeeze] - tftp-hpa <no-dsa> (Minor issue)
 	NOTE: http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8
-CVE-2011-2198 (The &quot;insert-blank-characters&quot; capability in caps.c in gnome-terminal ...)
+CVE-2011-2198
 	- vte 1:0.28.1-1 (low; bug #629688)
 	[lenny] - vte <no-dsa> (Minor issue)
 	[squeeze] - vte 1:0.24.3-3
-CVE-2011-2185 (Fabric before 1.1.0 allows local users to overwrite arbitrary files ...)
+CVE-2011-2185
 	- fabric 1.1.2-1 (low; bug #629003)
 	[squeeze] - fabric <no-dsa> (Minor issue)
-CVE-2011-2475 (Format string vulnerability in ECTrace.dll in the iMailGateway service ...)
+CVE-2011-2475
 	NOT-FOR-US: Sybase OneBridge Mobile Data Suite
-CVE-2011-2474 (Directory traversal vulnerability in the HTTP Server in Sybase ...)
+CVE-2011-2474
 	NOT-FOR-US: Sybase EAServer
-CVE-2011-2473 (The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and ...)
+CVE-2011-2473
 	- oprofile 0.9.6-1.1+squeeze2 (bug #630084)
-CVE-2011-2472 (Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 ...)
+CVE-2011-2472
 	- oprofile 0.9.6-1.1+squeeze2 (bug #630084)
-CVE-2011-2471 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users ...)
+CVE-2011-2471
 	- oprofile 0.9.6-1.1+squeeze2 (bug #630084)
-CVE-2011-2468 (Directory traversal vulnerability in the web interface in AnyMacro ...)
+CVE-2011-2468
 	NOT-FOR-US: AnyMacro Mail System G4X
-CVE-2011-2395 (The Neighbor Discovery (ND) protocol implementation in Cisco IOS on ...)
+CVE-2011-2395
 	NOT-FOR-US: Cisco
-CVE-2011-2383 (Microsoft Internet Explorer 9 and earlier does not properly restrict ...)
+CVE-2011-2383
 	NOT-FOR-US: Microsoft
-CVE-2011-2342 (The DOM implementation in Google Chrome before 12.0.742.91 allows ...)
+CVE-2011-2342
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88071
-CVE-2011-2382 (Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 ...)
+CVE-2011-2382
 	NOT-FOR-US: Microsoft
-CVE-2011-2332 (Google V8, as used in Google Chrome before 12.0.742.91, allows remote ...)
+CVE-2011-2332
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8 3.4.14-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: execScript removed in libv8 3.2 branch
-CVE-2011-2194 (Integer overflow in the XSPF playlist parser in VideoLAN VLC media ...)
+CVE-2011-2194
 	{DSA-2257-1}
 	- vlc 1.1.10-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://repo.or.cz/w/vlc.git/commitdiff/cd929923ff49175a501bb3e9553a683bc42ff61c
-CVE-2011-2190 (The generate_admin_password function in Cherokee before 1.2.99 uses ...)
+CVE-2011-2190
 	- cherokee 1.0.14-1 (low; bug #647205)
 	[squeeze] - cherokee 1.0.8-5+squeeze1
 	[lenny] - cherokee <no-dsa> (Minor issue)
 	NOTE: http://code.google.com/p/cherokee/issues/detail?id=1212
-CVE-2011-2188 (LuaExpat before 1.2.0 does not properly detect recursion during entity ...)
+CVE-2011-2188
 	- lua-expat 1.2.0-1 (low; bug #629225)
 	[squeeze] - lua-expat 1.2.0-0squeeze1
 	[lenny] - lua-expat <no-dsa> (Minor issue)
-CVE-2011-2184 (The key_replace_session_keyring function in ...)
+CVE-2011-2184
 	- linux-2.6 2.6.39-2
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-2183 (Race condition in the scan_get_next_rmap_item function in mm/ksm.c in ...)
+CVE-2011-2183
 	{DSA-2389-1}
 	- linux-2.6 2.6.39-3 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2011-2331 (Integer overflow in img.exe in HP Intelligent Management Center (IMC) ...)
+CVE-2011-2331
 	NOT-FOR-US: HP Intelligent Management Center (IMC)
-CVE-2011-2330 (Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, ...)
+CVE-2011-2330
 	NOT-FOR-US: IBM Tivoli Management Framework
-CVE-2011-2328 (Buffer overflow in HP LoadRunner allows remote attackers to cause a ...)
+CVE-2011-2328
 	NOT-FOR-US: HP LoadRunner
-CVE-2011-2215 (Unspecified vulnerability in WalRack 1.x before 1.1.8 and 2.x before ...)
+CVE-2011-2215
 	NOT-FOR-US: WalRack
-CVE-2011-2214 (Unspecified vulnerability in the Open Database Connectivity (ODBC) ...)
+CVE-2011-2214
 	NOT-FOR-US: 7T Interactive Graphical SCADA System
-CVE-2011-2175 (Integer underflow in the visual_read function in wiretap/visual.c in ...)
+CVE-2011-2175
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant; bug #630159)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-2174 (Double free vulnerability in the tvb_uncompress function in ...)
+CVE-2011-2174
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (bug #630159)
-CVE-2011-2173 (The implementation of OutputMediator objects in IBM WebSphere Portal ...)
+CVE-2011-2173
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2172 (Cross-site scripting (XSS) vulnerability in the search center in IBM ...)
+CVE-2011-2172
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2171 (Unspecified vulnerability in the dbugs package in Google Chrome OS ...)
+CVE-2011-2171
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2170 (Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is ...)
+CVE-2011-2170
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2169 (Google Chrome OS before R12 0.12.433.38 Beta allows local users to ...)
+CVE-2011-2169
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2168 (Multiple integer overflows in the glob implementation in libc in ...)
+CVE-2011-2168
 	NOT-FOR-US: OpenBSD
-CVE-2011-2165 (The STARTTLS implementation in WatchGuard XCS 9.0 and 9.1 does not ...)
+CVE-2011-2165
 	NOT-FOR-US: WatchGuard XCS
-CVE-2011-2182 (The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel ...)
+CVE-2011-2182
 	{DSA-2264-1}
 	- linux-2.6 2.6.39-2
 	[squeeze] - linux-2.6 2.6.32-35
-CVE-2011-2179 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in ...)
+CVE-2011-2179
 	- nagios3 3.2.3-3 (bug #629127)
 	[lenny] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
 	[squeeze] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
@@ -8473,13 +8473,13 @@ CVE-2011-2179 (Multiple cross-site scripting (XSS) vulnerabilities in config.c i
 	[squeeze] - icinga <not-affected> (Affected feature got introduced in 1.3.1)
 	[lenny] - icinga <not-affected> (Affected feature got introduced in 1.3.1)
 	NOTE: http://tracker.nagios.org/view.php?id=224
-CVE-2011-2178 (The virSecurityManagerGetPrivateData function in ...)
+CVE-2011-2178
 	- libvirt 0.9.1-2 (bug #629128)
 	[squeeze] - libvirt <not-affected> (Introduced in 0.8.8)
 	[lenny] - libvirt <not-affected> (Introduced in 0.8.8)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=709769
 	NOTE: https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html
-CVE-2011-2216 (reqresp_parser.c in the SIP channel driver in Asterisk Open Source ...)
+CVE-2011-2216
 	- asterisk 1:1.8.4.2-1 (bug #629130)
 	[lenny] - asterisk <not-affected> (Only affects 1.8)
 	[squeeze] - asterisk <not-affected> (Only affects 1.8)
@@ -8488,212 +8488,212 @@ CVE-2011-XXXX [unspecified security vulnerabilities]
 	- movabletype-opensource 4.3.6+dfsg-1 (bug #627936)
 	[squeeze] - movabletype-opensource 4.3.5+dfsg-2+squeeze2
 	[lenny] - movabletype-opensource 4.2.3-1+lenny3
-CVE-2011-2164 (Multiple unspecified vulnerabilities in Adobe Photoshop before 12.0.4 ...)
+CVE-2011-2164
 	NOT-FOR-US: Photoshop
-CVE-2011-2163 (Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM ...)
+CVE-2011-2163
 	NOT-FOR-US: IBM Systems Director
-CVE-2011-2162 (Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as ...)
+CVE-2011-2162
 	{DSA-2306-1}
 	- libav 4:0.6-1 (bug #628448)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: duplicate of CVE-2011-1198
-CVE-2011-2161 (The ape_read_header function in ape.c in libavformat in FFmpeg before ...)
+CVE-2011-2161
 	{DSA-2306-1}
 	- libav 4:0.6-1 (bug #628448)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1c31b26b
-CVE-2011-2160 (The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in ...)
+CVE-2011-2160
 	{DSA-2306-1}
 	- libav 4:0.6-1 (bug #628448)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: duplicate of CVE-2011-0723
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8069e2f6
-CVE-2011-2159 (The SmarterTools SmarterStats 6.0 web server omits the Content-Type ...)
+CVE-2011-2159
 	NOT-FOR-US: SmarterStats
-CVE-2011-2158 (The SmarterTools SmarterStats 6.0 web server sends incorrect ...)
+CVE-2011-2158
 	NOT-FOR-US: SmarterStats
-CVE-2011-2157 (The (1) Admin/frmEmailReportSettings.aspx and (2) ...)
+CVE-2011-2157
 	NOT-FOR-US: SmarterStats
-CVE-2011-2156 (The SmarterTools SmarterStats 6.0 web server allows remote attackers ...)
+CVE-2011-2156
 	NOT-FOR-US: SmarterStats
-CVE-2011-2155 (Login.aspx in the SmarterTools SmarterStats 6.0 web server generates a ...)
+CVE-2011-2155
 	NOT-FOR-US: SmarterStats
-CVE-2011-2154 (login.aspx in the SmarterTools SmarterStats 6.0 web server does not ...)
+CVE-2011-2154
 	NOT-FOR-US: SmarterStats
-CVE-2011-2153 (Login.aspx in the SmarterTools SmarterStats 6.0 web server supports ...)
+CVE-2011-2153
 	NOT-FOR-US: SmarterStats
-CVE-2011-2152 (The SmarterTools SmarterStats 6.0 web server generates web pages ...)
+CVE-2011-2152
 	NOT-FOR-US: SmarterStats
-CVE-2011-2151 (The (1) Admin/frmEmailReportSettings.aspx, (2) ...)
+CVE-2011-2151
 	NOT-FOR-US: SmarterStats
-CVE-2011-2150 (The SmarterTools SmarterStats 6.0 web server does not properly ...)
+CVE-2011-2150
 	NOT-FOR-US: SmarterStats
-CVE-2011-2149 (Multiple SQL injection vulnerabilities in the SmarterTools ...)
+CVE-2011-2149
 	NOT-FOR-US: SmarterStats
-CVE-2011-2148 (Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web server ...)
+CVE-2011-2148
 	NOT-FOR-US: SmarterStats
-CVE-2011-2147 (Openswan 2.2.x does not properly restrict permissions for (1) ...)
+CVE-2011-2147
 	- openswan <not-affected> (In Debian no starter.pid is ever written and the subsys entry gets created with -rw-r--r-- permissions, bug #628449)
-CVE-2011-2146 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware ...)
+CVE-2011-2146
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bug #631507)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-2145 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware ...)
+CVE-2011-2145
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bug #631508)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-2144 (The eDocument Conversion Actions implementation in IBM Datacap ...)
+CVE-2011-2144
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2143 (IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows ...)
+CVE-2011-2143
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2142 (The Web Client Service in IBM Datacap Taskmaster Capture 8.0.1 before ...)
+CVE-2011-2142
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2141 (SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture ...)
+CVE-2011-2141
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2140 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2140
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2139 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2139
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2138 (Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2138
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2137 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2137
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2136 (Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2136
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2135 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2135
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2134 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2134
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2133 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 ...)
+CVE-2011-2133
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2011-2132 (Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, ...)
+CVE-2011-2132
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2011-2131 (Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative ...)
+CVE-2011-2131
 	NOT-FOR-US: Adobe Photoshop
-CVE-2011-2130 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
+CVE-2011-2130
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2129
 	REJECTED
-CVE-2011-2128 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
+CVE-2011-2128
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2127 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
+CVE-2011-2127
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2126 (Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-2126
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2125 (Buffer overflow in Dirapix.dll in Adobe Shockwave Player before ...)
+CVE-2011-2125
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2124 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
+CVE-2011-2124
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2123 (Integer overflow in the Shockwave 3D Asset x32 component in Adobe ...)
+CVE-2011-2123
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2122 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-2122
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2121 (Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-2121
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2120 (Integer overflow in the CursorAsset x32 component in Adobe Shockwave ...)
+CVE-2011-2120
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2119 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-2119
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2118 (The FLV ASSET Xtra component in Adobe Shockwave Player before ...)
+CVE-2011-2118
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2117 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
+CVE-2011-2117
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2116 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
+CVE-2011-2116
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote ...)
+CVE-2011-2115
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2114 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
+CVE-2011-2114
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2113 (Multiple buffer overflows in the Shockwave3DAsset component in Adobe ...)
+CVE-2011-2113
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2112 (Multiple buffer overflows in IML32.dll in Adobe Shockwave Player ...)
+CVE-2011-2112
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2111 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
+CVE-2011-2111
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2110 (Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-2110
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2109 (Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player ...)
+CVE-2011-2109
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2108 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
+CVE-2011-2108
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2107 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2011-2107
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2106 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
+CVE-2011-2106
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2105 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
+CVE-2011-2105
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2104 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
+CVE-2011-2104
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2103 (Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow ...)
+CVE-2011-2103
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2102 (Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on ...)
+CVE-2011-2102
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2101 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
+CVE-2011-2101
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2100 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x ...)
+CVE-2011-2100
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2099 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
+CVE-2011-2099
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2098 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x ...)
+CVE-2011-2098
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2097 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
+CVE-2011-2097
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2096 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, ...)
+CVE-2011-2096
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2095 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
+CVE-2011-2095
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2094 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
+CVE-2011-2094
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2093 (Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and ...)
+CVE-2011-2093
 	NOT-FOR-US: Adobe LiveCycle Data Services
-CVE-2011-2092 (Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and ...)
+CVE-2011-2092
 	NOT-FOR-US: Adobe LiveCycle Data Services
-CVE-2011-2091 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and ...)
+CVE-2011-2091
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2011-2090
 	RESERVED
-CVE-2011-2089 (Stack-based buffer overflow in the SetActiveXGUID method in the ...)
+CVE-2011-2089
 	NOT-FOR-US: ICONICS BizViz, GENESIS32
-CVE-2011-2088 (XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in ...)
+CVE-2011-2088
 	- libstruts1.2-java <not-affected> (struts 2 issue)
-CVE-2011-2087 (Multiple cross-site scripting (XSS) vulnerabilities in component ...)
+CVE-2011-2087
 	- libstruts1.2-java <not-affected> (struts 2 issue)
 CVE-2011-2086
 	RESERVED
-CVE-2011-2085 (Multiple cross-site request forgery (CSRF) vulnerabilities in Best ...)
+CVE-2011-2085
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2084 (Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 ...)
+CVE-2011-2084
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2083 (Multiple cross-site scripting (XSS) vulnerabilities in Best Practical ...)
+CVE-2011-2083
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2082 (The vulnerable-passwords script in Best Practical Solutions RT 3.x ...)
+CVE-2011-2082
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2081 (MediaCAST 8 and earlier does not properly handle requests for ...)
+CVE-2011-2081
 	NOT-FOR-US: MediaCAST
-CVE-2011-2080 (Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier ...)
+CVE-2011-2080
 	NOT-FOR-US: MediaCAST
-CVE-2011-2079 (MediaCAST 8 and earlier allows remote attackers to have an unspecified ...)
+CVE-2011-2079
 	NOT-FOR-US: MediaCAST
-CVE-2011-2078 (Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta ...)
+CVE-2011-2078
 	NOT-FOR-US: New Atlanta BlueDragon
-CVE-2011-2077 (The default configuration of the New Atlanta BlueDragon administrative ...)
+CVE-2011-2077
 	NOT-FOR-US: New Atlanta BlueDragon
-CVE-2011-2076 (MediaCAST 8 and earlier stores passwords in cleartext, which makes it ...)
+CVE-2011-2076
 	NOT-FOR-US: MediaCAST
-CVE-2011-2075 (Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 ...)
+CVE-2011-2075
 	NOT-FOR-US: Historical Chrome issue on Windows
-CVE-2011-2074 (Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 ...)
+CVE-2011-2074
 	NOT-FOR-US: Skype
 CVE-2011-2073
 	RESERVED
-CVE-2011-2072 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x ...)
+CVE-2011-2072
 	NOT-FOR-US: Cisco
 CVE-2011-2071
 	RESERVED
@@ -8709,7 +8709,7 @@ CVE-2011-2066
 	RESERVED
 CVE-2011-2065
 	RESERVED
-CVE-2011-2064 (Cisco IOS 12.4MDA before 12.4(24)MDA5 on the Cisco Content Services ...)
+CVE-2011-2064
 	NOT-FOR-US: Cisco IOS
 CVE-2011-2063
 	RESERVED
@@ -8717,13 +8717,13 @@ CVE-2011-2062
 	RESERVED
 CVE-2011-2061
 	RESERVED
-CVE-2011-2060 (The platform-sw component on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2011-2060
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2011-2059 (The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote ...)
+CVE-2011-2059
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2058 (The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does ...)
+CVE-2011-2058
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2057 (The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does ...)
+CVE-2011-2057
 	NOT-FOR-US: Cisco IOS
 CVE-2011-2056
 	RESERVED
@@ -8754,13 +8754,13 @@ CVE-2011-2044
 	RESERVED
 CVE-2011-2043
 	RESERVED
-CVE-2011-2042 (The Sybase SQL Anywhere database component in Cisco CiscoWorks Common ...)
+CVE-2011-2042
 	NOT-FOR-US: Cisco CiscoWorks
-CVE-2011-2041 (The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure ...)
+CVE-2011-2041
 	NOT-FOR-US: Cisco
-CVE-2011-2040 (The helper application in Cisco AnyConnect Secure Mobility Client ...)
+CVE-2011-2040
 	NOT-FOR-US: Cisco
-CVE-2011-2039 (The helper application in Cisco AnyConnect Secure Mobility Client ...)
+CVE-2011-2039
 	NOT-FOR-US: Cisco
 CVE-2011-2038
 	RESERVED
@@ -8790,195 +8790,195 @@ CVE-2011-2026
 	RESERVED
 CVE-2011-2025
 	RESERVED
-CVE-2011-2024 (Cisco Network Registrar before 7.2 has a default administrative ...)
+CVE-2011-2024
 	NOT-FOR-US: Cisco
-CVE-2011-2023 (Cross-site scripting (XSS) vulnerability in functions/mime.php in ...)
+CVE-2011-2023
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1
-CVE-2011-2022 (The agp_generic_remove_memory function in drivers/char/agp/generic.c ...)
+CVE-2011-2022
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-2021 (Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 ...)
+CVE-2011-2021
 	NOT-FOR-US: TIBCO iProcess Engine
-CVE-2011-2020 (Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine ...)
+CVE-2011-2020
 	NOT-FOR-US: TIBCO iProcess Engine
-CVE-2011-2019 (Untrusted search path vulnerability in Microsoft Internet Explorer 9 ...)
+CVE-2011-2019
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-2018 (The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 ...)
+CVE-2011-2018
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-2017
 	REJECTED
-CVE-2011-2016 (Untrusted search path vulnerability in Windows Mail and Windows ...)
+CVE-2011-2016
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-2015
 	REJECTED
-CVE-2011-2014 (The LDAP over SSL (aka LDAPS) implementation in Active Directory, ...)
+CVE-2011-2014
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2013 (Integer overflow in the TCP/IP implementation in Microsoft Windows ...)
+CVE-2011-2013
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2012 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, ...)
+CVE-2011-2012
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-2011 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-2011
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2010 (The Microsoft Office Input Method Editor (IME) for Simplified Chinese ...)
+CVE-2011-2010
 	NOT-FOR-US: Microsoft Office
-CVE-2011-2009 (Untrusted search path vulnerability in Windows Media Center in ...)
+CVE-2011-2009
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2008 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and ...)
+CVE-2011-2008
 	NOT-FOR-US: Microsoft Host Integration Server
-CVE-2011-2007 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and ...)
+CVE-2011-2007
 	NOT-FOR-US: Microsoft Host Integration Server
 CVE-2011-2006
 	REJECTED
-CVE-2011-2005 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 ...)
+CVE-2011-2005
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2004 (Array index error in win32k.sys in the kernel-mode drivers in ...)
+CVE-2011-2004
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2003 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2011-2003
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2002 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
+CVE-2011-2002
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2001 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-2001
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-2000 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-2000
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1999 (Microsoft Internet Explorer 8 does not properly allocate and access ...)
+CVE-2011-1999
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1998 (Microsoft Internet Explorer 9 does not properly handle objects in ...)
+CVE-2011-1998
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1997 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
+CVE-2011-1997
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1996 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+CVE-2011-1996
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1995 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-1995
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1994
 	REJECTED
-CVE-2011-1993 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-1993
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1992 (The XSS Filter in Microsoft Internet Explorer 8 allows remote ...)
+CVE-2011-1992
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1991 (Multiple untrusted search path vulnerabilities in Microsoft Windows XP ...)
+CVE-2011-1991
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1990 (Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; ...)
+CVE-2011-1990
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1989 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel ...)
+CVE-2011-1989
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1988 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; ...)
+CVE-2011-1988
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1987 (Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in ...)
+CVE-2011-1987
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1986 (Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote ...)
+CVE-2011-1986
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1985 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1985
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1984 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and ...)
+CVE-2011-1984
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1983 (Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, ...)
+CVE-2011-1983
 	NOT-FOR-US: Microsoft Office
-CVE-2011-1982 (Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize ...)
+CVE-2011-1982
 	NOT-FOR-US: Microsoft Office
 CVE-2011-1981
 	REJECTED
-CVE-2011-1980 (Untrusted search path vulnerability in Microsoft Office 2003 SP3 and ...)
+CVE-2011-1980
 	NOT-FOR-US: Microsoft Office
-CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate ...)
+CVE-2011-1979
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly ...)
+CVE-2011-1978
 	NOT-FOR-US: Microsoft .NET
-CVE-2011-1977 (The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart ...)
+CVE-2011-1977
 	NOT-FOR-US: Microsoft .NET
-CVE-2011-1976 (Cross-site scripting (XSS) vulnerability in the Report Viewer Control ...)
+CVE-2011-1976
 	NOT-FOR-US: Microsoft Visual Studio
-CVE-2011-1975 (Untrusted search path vulnerability in the Data Access Tracing ...)
+CVE-2011-1975
 	NOT-FOR-US: Microsoft
-CVE-2011-1974 (NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in ...)
+CVE-2011-1974
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1973
 	REJECTED
-CVE-2011-1972 (Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not ...)
+CVE-2011-1972
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-1971 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, ...)
+CVE-2011-1971
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1970 (The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server ...)
+CVE-2011-1970
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1969 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, ...)
+CVE-2011-1969
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1968 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2011-1968
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1967 (Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the ...)
+CVE-2011-1967
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1966 (The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 ...)
+CVE-2011-1966
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1965 (Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and ...)
+CVE-2011-1965
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1964 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-1964
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1963 (Microsoft Internet Explorer 7 through 9 does not properly handle ...)
+CVE-2011-1963
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1962 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-1962
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1961 (The telnet URI handler in Microsoft Internet Explorer 6 through 9 does ...)
+CVE-2011-1961
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1960 (Microsoft Internet Explorer 6 through 9 does not properly implement ...)
+CVE-2011-1960
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1959 (The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before ...)
+CVE-2011-1959
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant; bug #630159)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-1958 (Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows ...)
+CVE-2011-1958
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-1957 (The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the ...)
+CVE-2011-1957
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-1956 (The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect ...)
+CVE-2011-1956
 	- wireshark 1.4.6-1 (unimportant)
 	[lenny] - wireshark <not-affected> (Affects 1.4.5 only)
 	[squeeze] - wireshark <not-affected> (Affects 1.4.5 only)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
 CVE-2011-1955
 	RESERVED
-CVE-2011-1954 (Multiple cross-site request forgery (CSRF) vulnerabilities in Post ...)
+CVE-2011-1954
 	NOT-FOR-US: Post Revolution
-CVE-2011-1953 (Multiple cross-site scripting (XSS) vulnerabilities in common.php in ...)
+CVE-2011-1953
 	NOT-FOR-US: Post Revolution
-CVE-2011-1952 (common.php in Post Revolution before 0.8.0c-2 allows remote attackers ...)
+CVE-2011-1952
 	NOT-FOR-US: Post Revolution
-CVE-2011-1951 (lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global ...)
+CVE-2011-1951
 	- syslog-ng 3.2.4-1 (low)
 	[squeeze] - syslog-ng <not-affected> (Only affects PCRE >= 8.12)
 	[lenny] - syslog-ng <not-affected> (Only affects PCRE >= 8.12)
 	NOTE: http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commit;h=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff
-CVE-2011-1950 (plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users ...)
+CVE-2011-1950
 	- plone3 <removed>
-CVE-2011-1949 (Cross-site scripting (XSS) vulnerability in the safe_html filter in ...)
+CVE-2011-1949
 	- plone3 <removed>
-CVE-2011-1948 (Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier ...)
+CVE-2011-1948
 	- plone3 <removed>
-CVE-2011-1947 (fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time ...)
+CVE-2011-1947
 	- fetchmail 6.3.22-1 (unimportant)
 	NOTE: http://www.fetchmail.info/fetchmail-SA-2011-01.txt
-CVE-2011-1946 (gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but ...)
+CVE-2011-1946
 	NOT-FOR-US: libgnomesu
-CVE-2011-1945 (The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and ...)
+CVE-2011-1945
 	{DSA-2309-1}
 	- openssl 1.0.0e-1 (low)
-CVE-2011-1944 (Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x ...)
+CVE-2011-1944
 	{DSA-2255-1}
 	- libxml2 2.7.8.dfsg-3 (bug #628537)
-CVE-2011-1943 (The destroy_one_secret function in nm-setting-vpn.c in libnm-util in ...)
+CVE-2011-1943
 	- network-manager-openvpn <not-affected> (Affected code was only in experimental, see bug #628730)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=708876
 CVE-2011-1942
 	RESERVED
-CVE-2011-1941 (Open redirect vulnerability in the redirector feature in phpMyAdmin ...)
+CVE-2011-1941
 	- phpmyadmin 4:3.4.1-1
 	[lenny] - phpmyadmin <not-affected> (3.4.x only)
 	[squeeze] - phpmyadmin <not-affected> (3.4.x only)
-CVE-2011-1940 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2011-1940
 	{DSA-2391-1}
 	- phpmyadmin 4:3.4.1-1
 	[lenny] - phpmyadmin <not-affected> (3.3.x+ only)
@@ -8987,15 +8987,15 @@ CVE-2011-1939
 	RESERVED
 	- zendframework 1.11.6-1 (low)
 	[squeeze] - zendframework <no-dsa> (Minor issue)
-CVE-2011-1938 (Stack-based buffer overflow in the socket_connect function in ...)
+CVE-2011-1938
 	{DSA-2399-1}
 	- php5 5.3.6-13 (low)
 	[lenny] - php5 <not-affected> (The Lenny version doesn't use memcpy)
-CVE-2011-1937 (Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier ...)
+CVE-2011-1937
 	NOT-FOR-US: Webmin
-CVE-2011-1936 (Xen, when using x86 Intel processors and the VMX virtualization ...)
+CVE-2011-1936
 	- linux-2.6 <not-affected> (Only affected the old Xen kernel patch from 2.6.18/2.6.26)
-CVE-2011-1935 (pcap-linux.c in libpcap 1.1.1 before commit ...)
+CVE-2011-1935
 	- libpcap 1.1.1-4 (low; bug #623868)
 	[squeeze] - libpcap 1.1.1-2+squeeze1
 	[lenny] - libpcap <not-affected>
@@ -9009,10 +9009,10 @@ CVE-2011-1933
 	RESERVED
 	- libjifty-dbi-perl 0.68-1 (low; bug #622919)
 	[squeeze] - libjifty-dbi-perl 0.60-1+squeeze1
-CVE-2011-1932 (Directory traversal vulnerability in io/filesystem/filesystem.cc in ...)
+CVE-2011-1932
 	- widelands 1:15-3 (low; bug #617960)
 	[lenny] - widelands <no-dsa> (Minor issue)
-CVE-2011-1931 (sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg ...)
+CVE-2011-1931
 	- libav 4:0.6.2-3 (bug #624339)
 	- ffmpeg <not-affected> (vulnerability introduced in 0.6)
 	- ffmpeg-debian <not-affected> (vulnerability introduced in 0.6)
@@ -9021,342 +9021,342 @@ CVE-2011-1930
 	- klibc 1.5.22-1 (low)
 	[squeeze] - klibc 1.5.20-1+squeeze1
 	[lenny] - klibc 1.5.12-2lenny1
-CVE-2011-1929 (lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and ...)
+CVE-2011-1929
 	{DSA-2252-1}
 	- dovecot 1:2.0.13-1 (bug #627443)
 	NOTE: [lenny] - dovecot <not-affected> (Vulnerability introduced in 1.1)
 	NOTE: <e15277de7326d4d7f8b560cd853e1a12@muenster.org> claims lenny is affected
-CVE-2011-1928 (The fnmatch implementation in apr_fnmatch.c in the Apache Portable ...)
+CVE-2011-1928
 	{DSA-2237-2}
 	- apr 1.4.5-1 (bug #627182)
-CVE-2011-1927 (The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel ...)
+CVE-2011-1927
 	- linux-2.6 2.6.39-1 (high)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-1926 (The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not ...)
+CVE-2011-1926
 	{DSA-2258-1 DSA-2242-1}
 	- cyrus-imapd-2.2 2.2.13p1-11 (bug #627081)
 	- cyrus-imapd-2.4 2.4.7-1
 	- kolab-cyrus-imapd 2.2.13p1-0.1 (bug #629350)
-CVE-2011-1925 (nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote ...)
+CVE-2011-1925
 	- nbd 1:2.9.22-1 (bug #627042)
 	[wheezy] - nbd <not-affected>
 	[squeeze] - nbd <not-affected>
 	[lenny] - nbd <not-affected>
-CVE-2011-1924 (Buffer overflow in the policy_summarize function in or/policies.c in ...)
+CVE-2011-1924
 	- tor 0.2.1.30-1
 	[squeeze] - tor <no-dsa> (Only affects the central Tor directory servers)
 	[lenny] - tor <no-dsa> (Only affects the central Tor directory servers)
-CVE-2011-1923 (The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL ...)
+CVE-2011-1923
 	- polarssl 0.14.3-1 (low; bug #616114)
 	[squeeze] - polarssl <no-dsa> (Minor issue)
-CVE-2011-1922 (daemon/worker.c in Unbound 1.x before 1.4.10, when debugging ...)
+CVE-2011-1922
 	- unbound 1.4.10-1 (unimportant)
 	[lenny] - unbound 1.4.6-1~lenny2 (unimportant)
 	[squeeze] - unbound 1.4.6-1+squeeze2 (unimportant)
 	NOTE: http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt
 	NOTE: asserts not enabled in Debian build
-CVE-2011-1921 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+CVE-2011-1921
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
-CVE-2011-1920 (The make include files in NetBSD before 1.6.2, as used in pmake 1.111 ...)
+CVE-2011-1920
 	- pmake 1.111-3 (low; bug #626673)
 	[squeeze] - pmake 1.111-2+squeeze1
 	[lenny] - pmake 1.111-1+lenny1
-CVE-2011-1919 (Multiple stack-based buffer overflows in GE Intelligent Platforms ...)
+CVE-2011-1919
 	NOT-FOR-US: GE Intelligent Platforms
-CVE-2011-1918 (Stack-based buffer overflow in the Data Archiver service in GE ...)
+CVE-2011-1918
 	NOT-FOR-US: GE Intelligent Platforms
 CVE-2011-1917
 	RESERVED
 CVE-2011-1916
 	RESERVED
-CVE-2011-1915 (SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution ...)
+CVE-2011-1915
 	NOT-FOR-US: Enspire Distribution Management Solution
-CVE-2011-1914 (Buffer overflow in the Advantech ADAM OLE for Process Control (OPC) ...)
+CVE-2011-1914
 	NOT-FOR-US: ActiveX
-CVE-2011-1913 (SQL injection vulnerability in the login form in the web interface in ...)
+CVE-2011-1913
 	NOT-FOR-US: Mercator SENTINEL
 CVE-2011-1912
 	RESERVED
-CVE-2011-1911 (JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 ...)
+CVE-2011-1911
 	NOT-FOR-US: JasperReports Server
-CVE-2011-1910 (Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x ...)
+CVE-2011-1910
 	{DSA-2244-1}
 	- bind9 1:9.8.1.dfsg-1 (high)
 	NOTE: https://lists.isc.org/pipermail/bind-users/2011-May/083819.html
 CVE-2011-1909
 	RESERVED
-CVE-2011-1908 (Integer overflow in the Type 1 font decoder in the FreeType engine in ...)
+CVE-2011-1908
 	NOT-FOR-US: Foxit Reader
-CVE-2011-1906 (Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific ...)
+CVE-2011-1906
 	NOT-FOR-US: Trustwave WebDefend Enterprise
-CVE-2011-1905 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2011-1905
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1904 (An unspecified function in the web interface in Proofpoint Messaging ...)
+CVE-2011-1904
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1903 (SQL injection vulnerability in an unspecified function in Proofpoint ...)
+CVE-2011-1903
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1902 (Directory traversal vulnerability in the web interface in Proofpoint ...)
+CVE-2011-1902
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1901 (The mail-filter web interface in Proofpoint Messaging Security Gateway ...)
+CVE-2011-1901
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1900 (Directory traversal vulnerability in NTWebServer in InduSoft Web ...)
+CVE-2011-1900
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2011-1899 (Multiple cross-site scripting (XSS) vulnerabilities in CA eHealth ...)
+CVE-2011-1899
 	NOT-FOR-US: CA eHealth
-CVE-2011-1898 (Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough ...)
+CVE-2011-1898
 	{DSA-2337-1}
 	- xen 4.1.1-1
 	[lenny] - xen-3 <not-affected>
-CVE-2011-1897 (Cross-site scripting (XSS) vulnerability in Microsoft Forefront ...)
+CVE-2011-1897
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1896 (Cross-site scripting (XSS) vulnerability in Microsoft Forefront ...)
+CVE-2011-1896
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1895 (CRLF injection vulnerability in Microsoft Forefront Unified Access ...)
+CVE-2011-1895
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1894 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2011-1894
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1893 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
+CVE-2011-1893
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-1892 (Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and ...)
+CVE-2011-1892
 	NOT-FOR-US: Microsoft Office
-CVE-2011-1891 (Cross-site scripting (XSS) vulnerability in Microsoft Windows ...)
+CVE-2011-1891
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-1890 (Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft ...)
+CVE-2011-1890
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-1889 (The NSPLookupServiceNext function in the client in Microsoft Forefront ...)
+CVE-2011-1889
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
-CVE-2011-1888 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 ...)
+CVE-2011-1888
 	NOT-FOR-US: MS Windows
-CVE-2011-1887 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 ...)
+CVE-2011-1887
 	NOT-FOR-US: MS Windows
-CVE-2011-1886 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does ...)
+CVE-2011-1886
 	NOT-FOR-US: MS Windows
-CVE-2011-1885 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1885
 	NOT-FOR-US: MS Windows
-CVE-2011-1884 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1884
 	NOT-FOR-US: MS Windows
-CVE-2011-1883 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1883
 	NOT-FOR-US: MS Windows
-CVE-2011-1882 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1882
 	NOT-FOR-US: MS Windows
-CVE-2011-1881 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1881
 	NOT-FOR-US: MS Windows
-CVE-2011-1880 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1880
 	NOT-FOR-US: MS Windows
-CVE-2011-1879 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1879
 	NOT-FOR-US: MS Windows
-CVE-2011-1878 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1878
 	NOT-FOR-US: MS Windows
-CVE-2011-1877 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1877
 	NOT-FOR-US: MS Windows
-CVE-2011-1876 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1876
 	NOT-FOR-US: MS Windows
-CVE-2011-1875 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1875
 	NOT-FOR-US: MS Windows
-CVE-2011-1874 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1874
 	NOT-FOR-US: MS Windows
-CVE-2011-1873 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, ...)
+CVE-2011-1873
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1872 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 ...)
+CVE-2011-1872
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1871 (Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows ...)
+CVE-2011-1871
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2011-1870 (Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) ...)
+CVE-2011-1870
 	NOT-FOR-US: MS Windows
-CVE-2011-1869 (The Distributed File System (DFS) implementation in Microsoft Windows ...)
+CVE-2011-1869
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1868 (The Distributed File System (DFS) implementation in Microsoft Windows ...)
+CVE-2011-1868
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-XXXX [fglrx-driver xauth cookie leak]
 	- fglrx-driver 1:11-6-3 (low; bug #625868)
 	[squeeze] - fglrx-driver <no-dsa> (Non-free not supported)
 	[lenny] - fglrx-driver <no-dsa> (Non-free not supported)
-CVE-2011-1907 (ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset ...)
+CVE-2011-1907
 	- bind9 1:9.8.1.dfsg.P1-1
 	[squeeze] - bind9 <not-affected> (Only affects 9.8.0)
 	[lenny] - bind9 <not-affected> (Only affects 9.8.0)
-CVE-2011-1765 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, ...)
+CVE-2011-1765
 	- mediawiki <not-affected> (Incomplete fix was never released for Debian, neither in sid, nor oldstable/stable)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
-CVE-2011-1766 (includes/User.php in MediaWiki before 1.16.5, when ...)
+CVE-2011-1766
 	- mediawiki <not-affected> (Vulnerable code not present, planned next upload will skip it)
 	[lenny] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
-CVE-2011-1867 (Stack-based buffer overflow in iNodeMngChecker.exe in the User Access ...)
+CVE-2011-1867
 	NOT-FOR-US: iNodeMngChecker.exe of HP Intelligent Management Center
-CVE-2011-1866 (Buffer overflow in omniinet.exe in the inet service in HP OpenView ...)
+CVE-2011-1866
 	NOT-FOR-US: HP OpenView
-CVE-2011-1865 (Multiple stack-based buffer overflows in the inet service in HP ...)
+CVE-2011-1865
 	NOT-FOR-US: HP OpenView
-CVE-2011-1864 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, ...)
+CVE-2011-1864
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1863 (HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...)
+CVE-2011-1863
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1862 (Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, ...)
+CVE-2011-1862
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1861 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
+CVE-2011-1861
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1860 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
+CVE-2011-1860
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1859 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
+CVE-2011-1859
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1858 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
+CVE-2011-1858
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1857 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and ...)
+CVE-2011-1857
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1856 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
+CVE-2011-1856
 	NOT-FOR-US: HP Business Availability
-CVE-2011-1855 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x ...)
+CVE-2011-1855
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-1854 (Use-after-free vulnerability in HP Intelligent Management Center (IMC) ...)
+CVE-2011-1854
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1853 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before ...)
+CVE-2011-1853
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1852 (Multiple stack-based buffer overflows in tftpserver.exe in HP ...)
+CVE-2011-1852
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1851 (Stack-based buffer overflow in tftpserver.exe in HP Intelligent ...)
+CVE-2011-1851
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1850 (Stack-based buffer overflow in the logging functionality in dbman.exe ...)
+CVE-2011-1850
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1849 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before ...)
+CVE-2011-1849
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1848 (Stack-based buffer overflow in img.exe in HP Intelligent Management ...)
+CVE-2011-1848
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1847 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
+CVE-2011-1847
 	NOT-FOR-US: IBM DB2 9.5
-CVE-2011-1846 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
+CVE-2011-1846
 	NOT-FOR-US: IBM DB2 9.5
-CVE-2011-1845 (Multiple memory leaks in the DataGrid control implementation in ...)
+CVE-2011-1845
 	NOT-FOR-US: Silverlight
-CVE-2011-1844 (Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows ...)
+CVE-2011-1844
 	NOT-FOR-US: Silverlight
-CVE-2011-1843 (Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow ...)
+CVE-2011-1843
 	- tinyproxy 1.8.2-2 (unimportant; bug #627503)
 	[squeeze] - tinyproxy 1.8.2-1squeeze2 (unimportant)
 	NOTE: Only exploitable through config files, which are under admin control
-CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector before ...)
+CVE-2011-1842
 	NOT-FOR-US: Ubuntu-specific language-selector package
-CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper in ...)
+CVE-2011-1841
 	{DSA-2239-1}
 	- libmojolicious-perl 1.12-1
-CVE-2011-1840 (The MartiniCreations PassmanLite Password Manager application before ...)
+CVE-2011-1840
 	NOT-FOR-US: MartiniCreations PassmanLite Password Manager for Android
-CVE-2011-1839 (IBM Rational Build Forge 7.1.0 uses the HTTP GET method during ...)
+CVE-2011-1839
 	NOT-FOR-US: IBM Rational Build Forge 7.1.0
-CVE-2011-1838 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-1838
 	- twiki <removed>
-CVE-2011-1837 (The lock-counter implementation in utils/mount.ecryptfs_private.c in ...)
+CVE-2011-1837
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1836 (utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not ...)
+CVE-2011-1836
 	- ecryptfs-utils 92-1
 	[squeeze] - ecryptfs-utils <not-affected> (Vulnerable code not present)
 	[lenny] - ecryptfs-utils <not-affected> (Vulnerable code not present)
-CVE-2011-1835 (The encrypted private-directory setup process in ...)
+CVE-2011-1835
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1834 (utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not ...)
+CVE-2011-1834
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1833 (Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in ...)
+CVE-2011-1833
 	{DSA-2443-1}
 	- ecryptfs-utils 92-1
 	[squeeze] - ecryptfs-utils <no-dsa> (Minor issue)
 	- linux-2.6 3.1.1-1
 	NOTE: cannot be fixed in ecryptfs-utils (squeeze, lenny) until kernel fix is in place
-CVE-2011-1832 (utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not ...)
+CVE-2011-1832
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1831 (utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not ...)
+CVE-2011-1831
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
 CVE-2011-1830
 	RESERVED
-CVE-2011-1829 (APT before 0.8.15.2 does not properly validate inline GPG signatures, ...)
+CVE-2011-1829
 	- apt 0.8.15.2
 	[squeeze] - apt <not-affected> (Vulnerable code not present)
 	[lenny] - apt <not-affected> (Vulnerable code not present)
-CVE-2011-1828 (usb-creator-helper in usb-creator before 0.2.28.3 does not enforce ...)
+CVE-2011-1828
 	NOT-FOR-US: usb-creator, Ubuntu-specific package
 CVE-2011-XXXX [spip DoS]
 	- spip 2.1.11-0.1
 	[squeeze] - spip 2.1.1-3squeeze1
-CVE-2011-1827 (Multiple unspecified vulnerabilities in Check Point SSL Network ...)
+CVE-2011-1827
 	NOT-FOR-US: Check Point
-CVE-2011-1826 (Open redirect vulnerability in the Administrative Console in CA Arcot ...)
+CVE-2011-1826
 	NOT-FOR-US: CA Arcot WebFort Versatile Authentication Server
-CVE-2011-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-1825
 	NOT-FOR-US: CA Arcot WebFort Versatile Authentication Server
-CVE-2011-1824 (The VEGAOpBitmap::AddLine function in Opera before 10.61 does not ...)
+CVE-2011-1824
 	NOT-FOR-US: Opera
-CVE-2011-1823 (The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 ...)
+CVE-2011-1823
 	NOT-FOR-US: Android
-CVE-2011-1822 (The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 ...)
+CVE-2011-1822
 	NOT-FOR-US: Tivoli
-CVE-2011-1821 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010 ...)
+CVE-2011-1821
 	NOT-FOR-US: Tivoli
-CVE-2011-1820 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, ...)
+CVE-2011-1820
 	NOT-FOR-US: Tivoli
-CVE-2011-1819 (Google Chrome before 12.0.742.91 allows remote attackers to perform ...)
+CVE-2011-1819
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions)
-CVE-2011-1818 (Use-after-free vulnerability in the image loader in Google Chrome ...)
+CVE-2011-1818
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/86725
-CVE-2011-1817 (Google Chrome before 12.0.742.91 does not properly implement history ...)
+CVE-2011-1817
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1816 (Use-after-free vulnerability in the developer tools in Google Chrome ...)
+CVE-2011-1816
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/86507
-CVE-2011-1815 (Google Chrome before 12.0.742.91 allows remote attackers to inject ...)
+CVE-2011-1815
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions specific)
-CVE-2011-1814 (Google Chrome before 12.0.742.91 attempts to read data from an ...)
+CVE-2011-1814
 	- chromium-browser <not-affected> (chromium pdiflugin)
 	- webkit <not-affected> (chromium pdf plugin)
-CVE-2011-1813 (Google Chrome before 12.0.742.91 does not properly implement the ...)
+CVE-2011-1813
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1812 (Google Chrome before 12.0.742.91 allows remote attackers to bypass ...)
+CVE-2011-1812
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions)
-CVE-2011-1811 (Google Chrome before 12.0.742.91 does not properly handle a large ...)
+CVE-2011-1811
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1810 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...)
+CVE-2011-1810
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/83345
-CVE-2011-1809 (Use-after-free vulnerability in the accessibility feature in Google ...)
+CVE-2011-1809
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80890
-CVE-2011-1808 (Use-after-free vulnerability in Google Chrome before 12.0.742.91 ...)
+CVE-2011-1808
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84096
 	NOTE: http://trac.webkit.org/changeset/84098
 	NOTE: http://trac.webkit.org/changeset/84119
-CVE-2011-1807 (Google Chrome before 11.0.696.71 does not properly handle blobs, which ...)
+CVE-2011-1807
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1806 (Google Chrome before 11.0.696.71 does not properly implement the GPU ...)
+CVE-2011-1806
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-1805
 	RESERVED
-CVE-2011-1804 (rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in ...)
+CVE-2011-1804
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/86448
@@ -9364,36 +9364,36 @@ CVE-2011-1803
 	RESERVED
 CVE-2011-1802
 	RESERVED
-CVE-2011-1801 (Unspecified vulnerability in Google Chrome before 11.0.696.71 allows ...)
+CVE-2011-1801
 	- chromium-browser 11.0.696.71~r86024-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/85977
-CVE-2011-1800 (Multiple integer overflows in the SVG Filters implementation in ...)
+CVE-2011-1800
 	- chromium-browser 11.0.696.68~r84545-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/85926
-CVE-2011-1799 (Google Chrome before 11.0.696.68 does not properly perform casts of ...)
+CVE-2011-1799
 	{DSA-2245-1}
 	- chromium-browser 11.0.696.68~r84545-1
-CVE-2011-1798 (rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome ...)
+CVE-2011-1798
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84085
-CVE-2011-1797 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-1797
 	{DSA-2245-1}
 	- chromium-browser 12.0.742.91~r87961-1
-CVE-2011-1796 (Use-after-free vulnerability in the ...)
+CVE-2011-1796
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84300
-CVE-2011-1795 (Integer underflow in the HTMLFormElement::removeFormElement function ...)
+CVE-2011-1795
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/83690
-CVE-2011-1794 (Integer overflow in the FilterEffect::copyImageBytes function in ...)
+CVE-2011-1794
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84422
-CVE-2011-1793 (rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in ...)
+CVE-2011-1793
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/85406
@@ -9403,246 +9403,246 @@ CVE-2011-1791
 	RESERVED
 CVE-2011-1790
 	RESERVED
-CVE-2011-1789 (The self-extracting installer in the vSphere Client Installer package ...)
+CVE-2011-1789
 	NOT-FOR-US: vSphere
-CVE-2011-1788 (vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before ...)
+CVE-2011-1788
 	NOT-FOR-US: vCenter
-CVE-2011-1787 (Race condition in mount.vmhgfs in the VMware Host Guest File System ...)
+CVE-2011-1787
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bug #631506)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-1786 (lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 ...)
+CVE-2011-1786
 	NOT-FOR-US: Likewise
-CVE-2011-1785 (VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to ...)
+CVE-2011-1785
 	NOT-FOR-US: VMware
-CVE-2011-1784 (The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and ...)
+CVE-2011-1784
 	- keepalived 1:1.2.2-2 (low; bug #626281)
 	[lenny] - keepalived <no-dsa> (Minor issue)
 	[squeeze] - keepalived 1:1.1.20-1+squeeze1
-CVE-2011-1783 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+CVE-2011-1783
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
-CVE-2011-1782 (Heap-based buffer overflow in the read_channel_data function in ...)
+CVE-2011-1782
 	{DSA-2426-1}
 	- gimp 2.6.11-3 (bug #629830)
-CVE-2011-1781 (SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows ...)
+CVE-2011-1781
 	- systemtap 1.6-1 (bug #628819)
 	[squeeze] - systemtap <not-affected> (Only affects version 1.4.x)
 	[lenny] - systemtap <not-affected> (Only affects version 1.4.x)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=702687#c29
-CVE-2011-1780 (The instruction emulation in Xen 3.0.3 allows local SMP guest users to ...)
+CVE-2011-1780
 	- linux-2.6 <not-affected> (Only affected the old Xen kernel patch from 2.6.18/2.6.26)
-CVE-2011-1779 (Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 ...)
+CVE-2011-1779
 	- libarchive 3.0.4-2 (bug #669197)
 	[squeeze] - libarchive <not-affected> (vulnerable code not present in 2.x series)
 	NOTE: http://code.google.com/p/libarchive/source/detail?r=0736e0890a8fce59e96d57340405c56f084407e7
 	NOTE: Might be fixed earlier than 3.0.4-2, but was tested against the Wheezy version
-CVE-2011-1778 (Buffer overflow in libarchive through 2.8.5 allows remote attackers to ...)
+CVE-2011-1778
 	{DSA-2413-1}
 	- libarchive 2.8.5-5 (bug #651844)
-CVE-2011-1777 (Multiple buffer overflows in the (1) heap_add_entry and (2) ...)
+CVE-2011-1777
 	{DSA-2413-1}
 	- libarchive 2.8.5-5 (bug #651844)
-CVE-2011-1776 (The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel ...)
+CVE-2011-1776
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.39-1 (low)
-CVE-2011-1775 (The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx ...)
+CVE-2011-1775
 	- tigervnc <not-affected> (Fixed before initial release in Debian)
 	NOTE: https://github.com/TigerVNC/tigervnc/commit/ce6c8b097f0d5b161039dc8c8208aff078d433ff
-CVE-2011-1774 (WebKit in Apple Safari before 5.0.6 has improper libxslt security ...)
+CVE-2011-1774
 	NOTE: CVE-2011-1774 is about webkit's interface to xmlsec, CVE-2011-1425 is the actual issue
 	NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
-CVE-2011-1773 (virt-v2v before 0.8.4 does not preserve the VNC console password when ...)
+CVE-2011-1773
 	NOT-FOR-US: virt-v2v
-CVE-2011-1772 (Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache ...)
+CVE-2011-1772
 	- libstruts1.2-java <not-affected> (xwork introduced in 2.x)
-CVE-2011-1771 (The cifs_close function in fs/cifs/file.c in the Linux kernel before ...)
+CVE-2011-1771
 	- linux-2.6 2.6.38-4
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.37)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.37)
-CVE-2011-1770 (Integer underflow in the dccp_parse_options function ...)
+CVE-2011-1770
 	{DSA-2240-1}
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34squeeze1
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29 with commit e77b8363b2ea7c0d89919547c1a8b0562f298b57)
-CVE-2011-1769 (SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is ...)
+CVE-2011-1769
 	- systemtap 1.6-1 (unimportant; bug #628819)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=702687#c29
 	NOTE: http://sourceware.org/git/?p=systemtap.git;a=commit;h=fa2e3415185a28542d419a641ecd6cddd52e3cd9
 	NOTE: a DoS with a very limited exploitation possibility
-CVE-2011-1768 (The tunnels implementation in the Linux kernel before 2.6.34, when ...)
+CVE-2011-1768
 	{DSA-2264-1}
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-35
-CVE-2011-1767 (net/ipv4/ip_gre.c in the Linux kernel before 2.6.34, when ip_gre is ...)
+CVE-2011-1767
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-34squeeze1
-CVE-2011-1764 (Format string vulnerability in the dkim_exim_verify_finish function in ...)
+CVE-2011-1764
 	{DSA-2232-1}
 	- exim4 4.75-3 (high; bug #624670)
 	[lenny] - exim4 <not-affected> (vulnerable code not present)
-CVE-2011-1763 (The get_free_port function in Xen allows local authenticated DomU ...)
+CVE-2011-1763
 	- linux-2.6 <not-affected> (Only affected the old Xen kernel patch from 2.6.18/2.6.26)
 CVE-2011-1762
 	RESERVED
-CVE-2011-1761 (Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) ...)
+CVE-2011-1761
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1 (low; bug #625966)
-CVE-2011-1760 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users ...)
+CVE-2011-1760
 	{DSA-2254-2 DSA-2254-1}
 	- oprofile 0.9.6-1.2 (medium; bug #624212)
-CVE-2011-1759 (Integer overflow in the sys_oabi_semtimedop function in ...)
+CVE-2011-1759
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.39-1
-CVE-2011-1758 (The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in ...)
+CVE-2011-1758
 	- sssd <not-affected> (Only affects version 1.5+)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=700867
 	NOTE: http://git.fedorahosted.org/git/?p=sssd.git;a=commitdiff;h=fffdae81651b460f3d2c119c56d5caa09b4de42a
-CVE-2011-1757 (DJabberd 0.84 and earlier does not properly detect recursion during ...)
+CVE-2011-1757
 	NOTE: DJabberd
-CVE-2011-1756 (modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly ...)
+CVE-2011-1756
 	{DSA-2250-1}
 	- citadel 8.04-1 (medium)
-CVE-2011-1755 (jabberd2 before 2.2.14 does not properly detect recursion during ...)
+CVE-2011-1755
 	- jabberd2 2.2.8-2.1 (medium)
-CVE-2011-1754 (jabberd14 1.6.1.1 and earlier does not properly detect recursion ...)
+CVE-2011-1754
 	{DSA-2249-1}
 	- jabberd14 1.6.1.1-5.1
-CVE-2011-1753 (expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and ...)
+CVE-2011-1753
 	{DSA-2248-1}
 	- ejabberd 2.1.6-2.1 (medium)
-CVE-2011-1752 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+CVE-2011-1752
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
-CVE-2011-1751 (The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power ...)
+CVE-2011-1751
 	{DSA-2241-1}
 	- qemu-kvm 0.14.1+dfsg-1
 	- kvm <undetermined>
-CVE-2011-1750 (Multiple heap-based buffer overflows in the virtio-blk driver ...)
+CVE-2011-1750
 	{DSA-2230-1}
 	- qemu-kvm 0.14.1+dfsg-1 (bug #624177)
 	- kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=698906
-CVE-2011-1749 (The nfs_addmntent function in support/nfs/nfs_mntent.c in the ...)
+CVE-2011-1749
 	- nfs-utils 1:1.2.3-3 (low; bug #629420)
 	[squeeze] - nfs-utils 1:1.2.2-4squeeze2
 	[lenny] - nfs-utils <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=697975
-CVE-2011-1748 (The raw_release function in net/can/raw.c in the Linux kernel before ...)
+CVE-2011-1748
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.39-1
-CVE-2011-1747 (The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not ...)
+CVE-2011-1747
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Can only be triggered with root equivalent privs -> non-issue
-CVE-2011-1746 (Multiple integer overflows in the (1) agp_allocate_memory and (2) ...)
+CVE-2011-1746
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1745 (Integer overflow in the agp_generic_insert_memory function in ...)
+CVE-2011-1745
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1744 (EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin ...)
+CVE-2011-1744
 	NOT-FOR-US: EMC
-CVE-2011-1743 (Cross-site scripting (XSS) vulnerability in EMC Captiva eInput 2.1.1 ...)
+CVE-2011-1743
 	NOT-FOR-US: EMC
-CVE-2011-1742 (EMC Data Protection Advisor before 5.8.1 places cleartext account ...)
+CVE-2011-1742
 	NOT-FOR-US: EMC
-CVE-2011-1741 (Stack-based buffer overflow in ftserver.exe in the OpenText ...)
+CVE-2011-1741
 	NOT-FOR-US: OpenText Hummingbird Client Connector
-CVE-2011-1740 (EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote ...)
+CVE-2011-1740
 	NOT-FOR-US: EMC Avamar
-CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...)
+CVE-2011-1739
 	NOT-FOR-US: FreeBSD mountd
-CVE-2011-1738 (HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in ...)
+CVE-2011-1738
 	NOT-FOR-US: HP Palm webOS
-CVE-2011-1737 (Multiple cross-site scripting (XSS) vulnerabilities in the Email ...)
+CVE-2011-1737
 	NOT-FOR-US: HP Palm webOS
-CVE-2011-1736 (Directory traversal vulnerability in OmniInet.exe in the Backup Client ...)
+CVE-2011-1736
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1735 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1735
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1734 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1734
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1733 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1733
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1732 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1732
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1731 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1731
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1730 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1730
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1729 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1729
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1728 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+CVE-2011-1728
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1727 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
+CVE-2011-1727
 	NOT-FOR-US: HP SiteScope
-CVE-2011-1726 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
+CVE-2011-1726
 	NOT-FOR-US: HP SiteScope
-CVE-2011-1725 (Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...)
+CVE-2011-1725
 	NOT-FOR-US: HP Network Automation
-CVE-2011-1724 (Unspecified vulnerability in HP Virtual Server Environment before 6.3 ...)
+CVE-2011-1724
 	NOT-FOR-US: HP Virtual Server Environment
-CVE-2011-1723 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-1723
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2011-1722 (Multiple SQL injection vulnerabilities in WEC Discussion Forum ...)
+CVE-2011-1722
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2011-1721 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-1721
 	NOT-FOR-US: WebJaxe
-CVE-2011-1720 (The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x ...)
+CVE-2011-1720
 	{DSA-2233-1}
 	- postfix 2.8.3-1
 	NOTE: http://www.postfix.org/CVE-2011-1720.html
-CVE-2011-1719 (Multiple stack-based buffer overflows in the Web Viewer ActiveX ...)
+CVE-2011-1719
 	NOT-FOR-US: ActiveX
-CVE-2011-1718 (The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 ...)
+CVE-2011-1718
 	NOT-FOR-US: CA SiteMinder
-CVE-2011-1716 (Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in ...)
+CVE-2011-1716
 	- xymon 4.3.7-1
 	[wheezy] - xymon <no-dsa> (Minor issue)
 	[squeeze] - xymon <no-dsa> (Minor issue)
-CVE-2011-1717 (Skype for Android stores sensitive user data without encryption in ...)
+CVE-2011-1717
 	NOT-FOR-US: Skype for Android
-CVE-2011-1715 (Directory traversal vulnerability in ...)
+CVE-2011-1715
 	NOT-FOR-US: QooxDoo
-CVE-2011-1714 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-1714
 	NOT-FOR-US: QooxDoo
-CVE-2011-1713 (Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, ...)
+CVE-2011-1713
 	NOT-FOR-US: Microsoft
-CVE-2011-1712 (The txXPathNodeUtils::getXSLTId function in ...)
+CVE-2011-1712
 	- iceweasel 4.0.1-1 (unimportant)
-CVE-2011-1711 (Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in ...)
+CVE-2011-1711
 	NOT-FOR-US: Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer
-CVE-2011-1710 (Multiple integer overflows in the HTTP server in the Novell XTier ...)
+CVE-2011-1710
 	NOT-FOR-US: Novell XTier
-CVE-2011-1709 (GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, ...)
+CVE-2011-1709
 	- gdm3 <not-affected> (Vulnerable code patched out in Debian package in sid, patched in 3.0.4 experimental)
 	- gdm <not-affected> (Vulnerable code not present)
-CVE-2011-1708 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1708
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1707 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1707
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1706 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1706
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1705 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1705
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1704 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1704
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1703 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1703
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1702 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1702
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1701 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1701
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1700 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1700
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1699 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+CVE-2011-1699
 	NOT-FOR-US: Novell iPrint Client
 CVE-2011-1698
 	RESERVED
 CVE-2011-1697
 	RESERVED
-CVE-2011-1696 (Cross-site scripting (XSS) vulnerability in Novell Identity Manager ...)
+CVE-2011-1696
 	NOT-FOR-US: Novell Identity Manager
 CVE-2011-1695
 	RESERVED
@@ -9652,149 +9652,149 @@ CVE-2011-1693
 	RESERVED
 CVE-2011-1692
 	RESERVED
-CVE-2011-1691 (The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in ...)
+CVE-2011-1691
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/82222
-CVE-2011-1690 (Best Practical Solutions RT 3.6.0 through 3.6.10 and 3.8.0 through ...)
+CVE-2011-1690
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1689 (Multiple cross-site scripting (XSS) vulnerabilities in Best Practical ...)
+CVE-2011-1689
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1688 (Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 ...)
+CVE-2011-1688
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1687 (Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, ...)
+CVE-2011-1687
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1686 (Multiple SQL injection vulnerabilities in Best Practical Solutions RT ...)
+CVE-2011-1686
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1685 (Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through ...)
+CVE-2011-1685
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
-CVE-2011-1683 (IBM WebSphere Application Server (WAS) 6.0.x through 6.0.2.43, 6.1.x ...)
+CVE-2011-1683
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-1682 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList ...)
+CVE-2011-1682
 	NOT-FOR-US: phpList
-CVE-2011-1684 (Heap-based buffer overflow in the MP4_ReadBox_skcr function in ...)
+CVE-2011-1684
 	{DSA-2218-1}
 	- vlc 1.1.8-3 (medium)
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	[squeeze] - vlc 1.1.3-1squeeze5
 	NOTE: CVE id requested
-CVE-2011-1681 (vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka ...)
+CVE-2011-1681
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (low; bug #623968)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-1680 (ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ ...)
+CVE-2011-1680
 	- ncpfs 2.2.6-9 (low; bug #660545)
 	[squeeze] - ncpfs <no-dsa> (Minor issue)
-CVE-2011-1679 (ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the ...)
+CVE-2011-1679
 	- ncpfs 2.2.6-9 (low; bug #660545)
 	[squeeze] - ncpfs <no-dsa> (Minor issue)
-CVE-2011-1678 (smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to ...)
+CVE-2011-1678
 	- samba 2:3.4.7~dfsg-2 (low)
 	- cifs-utils 2:5.1-1 (low)
 	[squeeze] - cifs-utils 2:4.5-2+squeeze1
 	NOTE: cifs-utils was split off from the samba source package with 2:3.4.7~dfsg-2, so marking it as fixed
 	NOTE: http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=f6eae44a3d05b6515a59651e6bed8b6dde689aec
-CVE-2011-1677 (mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ ...)
+CVE-2011-1677
 	- util-linux 2.20.1-1 (low)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
-CVE-2011-1676 (mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp ...)
+CVE-2011-1676
 	NOTE: This was found to be a non-issue, see http://thread.gmane.org/gmane.comp.security.oss.general/4374/focus=4983
-CVE-2011-1675 (mount in util-linux 2.19 and earlier attempts to append to the ...)
+CVE-2011-1675
 	- util-linux 2.20.1-1 (low)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
-CVE-2011-1674 (The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote ...)
+CVE-2011-1674
 	NOT-FOR-US: NetGear ProSafe WNAP210
-CVE-2011-1673 (BackupConfig.php on the NetGear ProSafe WNAP210 allows remote ...)
+CVE-2011-1673
 	NOT-FOR-US: NetGear ProSafe WNAP210
-CVE-2011-1672 (The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier ...)
+CVE-2011-1672
 	NOT-FOR-US: Dell KACE K2000 Systems Deployment Appliance
-CVE-2011-1671 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-1671
 	NOT-FOR-US: Tracks
-CVE-2011-1670 (Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra ...)
+CVE-2011-1670
 	NOT-FOR-US: InTerra
-CVE-2011-1669 (Directory traversal vulnerability in wp-download.php in the WP Custom ...)
+CVE-2011-1669
 	NOT-FOR-US: WP Custom Pages module for WordPress
-CVE-2011-1668 (Cross-site scripting (XSS) vulnerability in search.php in AR Web ...)
+CVE-2011-1668
 	NOT-FOR-US: AR Web Content Manager
-CVE-2011-1667 (SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows ...)
+CVE-2011-1667
 	NOT-FOR-US: Anzeigenmarkt
-CVE-2011-1666 (Metaways Tine 2.0 allows remote attackers to obtain sensitive ...)
+CVE-2011-1666
 	NOT-FOR-US: Metaways Tine
-CVE-2011-1665 (PHPBoost 3.0 stores sensitive information under the web root with ...)
+CVE-2011-1665
 	NOT-FOR-US: PHPBoost
-CVE-2011-1664 (Cross-site request forgery (CSRF) vulnerability in the Translation ...)
+CVE-2011-1664
 	NOT-FOR-US: Translation Management module for Drupal
-CVE-2011-1663 (SQL injection vulnerability in the Translation Management module 6.x ...)
+CVE-2011-1663
 	NOT-FOR-US: Translation Management module for Drupal
-CVE-2011-1662 (Cross-site scripting (XSS) vulnerability in Translation Management ...)
+CVE-2011-1662
 	NOT-FOR-US: Translation Management module for Drupal
-CVE-2011-1661 (The Node Quick Find module 6.x-1.1 for Drupal does not use ...)
+CVE-2011-1661
 	NOT-FOR-US: Node Quick Find module for Drupal
-CVE-2011-1660 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-1660
 	NOT-FOR-US: GrapeCity Data Dynamics Reports
-CVE-2011-1659 (Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or ...)
+CVE-2011-1659
 	- eglibc 2.13-8
 	[squeeze] - eglibc 2.11.3-2
 	- glibc 2.13-8
 	[lenny] - glibc <no-dsa> (Minor issue)
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8126d90480fa
-CVE-2011-1658 (ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier ...)
+CVE-2011-1658
 	- eglibc 2.13-33 (low; bug #672119)
 	[squeeze] - eglibc <not-affected>
-CVE-2011-1657 (The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions ...)
+CVE-2011-1657
 	{DSA-2408-1}
 	- php5 5.3.7-1 (unimportant)
 	NOTE: safe mode not supported
 CVE-2011-1656
 	RESERVED
-CVE-2011-1655 (The management.asmx module in the Management Web Service in the ...)
+CVE-2011-1655
 	NOT-FOR-US: CA Total Defense
-CVE-2011-1654 (Directory traversal vulnerability in the Heartbeat Web Service in ...)
+CVE-2011-1654
 	NOT-FOR-US: CA Total Defense
-CVE-2011-1653 (Multiple SQL injection vulnerabilities in the Unified Network Control ...)
+CVE-2011-1653
 	NOT-FOR-US: CA Total Defense
-CVE-2011-1652 (** DISPUTED ** The default configuration of Microsoft Windows 7 ...)
+CVE-2011-1652
 	NOT-FOR-US: Microsoft Windows 7
-CVE-2011-1651 (Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when ...)
+CVE-2011-1651
 	NOT-FOR-US: Cisco
 CVE-2011-1650
 	RESERVED
-CVE-2011-1649 (The Internet Streamer application in Cisco Content Delivery System ...)
+CVE-2011-1649
 	NOT-FOR-US: Cisco
 CVE-2011-1648
 	RESERVED
-CVE-2011-1647 (The web management interface on the Cisco RVS4000 Gigabit Security ...)
+CVE-2011-1647
 	NOT-FOR-US: Cisco
-CVE-2011-1646 (The web management interface on the Cisco RVS4000 Gigabit Security ...)
+CVE-2011-1646
 	NOT-FOR-US: Cisco
-CVE-2011-1645 (The web management interface on the Cisco RVS4000 Gigabit Security ...)
+CVE-2011-1645
 	NOT-FOR-US: Cisco
 CVE-2011-1644
 	RESERVED
-CVE-2011-1643 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
+CVE-2011-1643
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-1642
 	RESERVED
 CVE-2011-1641
 	RESERVED
-CVE-2011-1640 (The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does ...)
+CVE-2011-1640
 	NOT-FOR-US: Cisco IOS
 CVE-2011-1639
 	RESERVED
 CVE-2011-1638
 	RESERVED
-CVE-2011-1637 (Cisco Unified IP Phones 7900 devices (aka TNP phones) with software ...)
+CVE-2011-1637
 	NOT-FOR-US: Cisco
 CVE-2011-1636
 	RESERVED
@@ -9818,11 +9818,11 @@ CVE-2011-1627
 	RESERVED
 CVE-2011-1626
 	RESERVED
-CVE-2011-1625 (Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link ...)
+CVE-2011-1625
 	NOT-FOR-US: Cisco IOS
-CVE-2011-1624 (Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote ...)
+CVE-2011-1624
 	NOT-FOR-US: Cisco IOS
-CVE-2011-1623 (Cisco Media Processing Software before 1.2 on Media Experience Engine ...)
+CVE-2011-1623
 	NOT-FOR-US: Cisco
 CVE-2011-1622
 	RESERVED
@@ -9842,39 +9842,39 @@ CVE-2011-1615
 	RESERVED
 CVE-2011-1614
 	RESERVED
-CVE-2011-1613 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) ...)
+CVE-2011-1613
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2011-1612
 	RESERVED
 CVE-2011-1611
 	RESERVED
-CVE-2011-1610 (Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the ...)
+CVE-2011-1610
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1609 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+CVE-2011-1609
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-1608
 	RESERVED
-CVE-2011-1607 (Directory traversal vulnerability in Cisco Unified Communications ...)
+CVE-2011-1607
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1606 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+CVE-2011-1606
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1605 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+CVE-2011-1605
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1604 (Memory leak in Cisco Unified Communications Manager (aka CUCM, ...)
+CVE-2011-1604
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1603 (Cisco Unified IP Phones 7900 devices (aka TNP phones) with software ...)
+CVE-2011-1603
 	NOT-FOR-US: Cisco
-CVE-2011-1602 (The su utility on Cisco Unified IP Phones 7900 devices (aka TNP ...)
+CVE-2011-1602
 	NOT-FOR-US: Cisco
 CVE-2011-1601
 	RESERVED
 CVE-2011-1600
 	RESERVED
-CVE-2011-1599 (manager.c in the Manager Interface in Asterisk Open Source 1.4.x ...)
+CVE-2011-1599
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-1598 (The bcm_release function in net/can/bcm.c in the Linux kernel before ...)
+CVE-2011-1598
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
 CVE-2011-1597
@@ -9883,129 +9883,129 @@ CVE-2011-1597
 CVE-2011-1596
 	RESERVED
 	NOT-FOR-US: ** REJECT ** (regular bug in gnome-screensaver-dialog)
-CVE-2011-1595 (Directory traversal vulnerability in the disk_create function in ...)
+CVE-2011-1595
 	- rdesktop 1.7.0-1 (low; bug #623552)
 	[squeeze] - rdesktop <no-dsa> (Minor issue)
 	[lenny] - rdesktop <no-dsa> (Minor issue)
-CVE-2011-1594 (Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat ...)
+CVE-2011-1594
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-1593 (Multiple integer overflows in the next_pidmap function in kernel/pid.c ...)
+CVE-2011-1593
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1592 (The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x ...)
+CVE-2011-1592
 	- wireshark <not-affected> (Windows-specific)
-CVE-2011-1591 (Stack-based buffer overflow in the DECT dissector in ...)
+CVE-2011-1591
 	- wireshark 1.4.5-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.4.x)
 	[lenny] - wireshark <not-affected> (Only affects 1.4.x)
-CVE-2011-1590 (The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x ...)
+CVE-2011-1590
 	{DSA-2274-1}
 	- wireshark 1.4.5-1 (unimportant)
-CVE-2011-1589 (Directory traversal vulnerability in Path.pm in Mojolicious before ...)
+CVE-2011-1589
 	{DSA-2221-1}
 	- libmojolicious-perl 1.16-1
 CVE-2011-1588
 	RESERVED
 	- thunar <not-affected> (Introduced in 1.2, only in experimental)
 	NOTE: http://git.xfce.org/xfce/thunar/diff/?id=03dd312e157d4fa8a11d5fa402706ae5b05806fa
-CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, ...)
+CVE-2011-1587
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1586 (Directory traversal vulnerability in the ...)
+CVE-2011-1586
 	- kdenetwork 4:4.6.3-1
 	[squeeze] - kdenetwork 4:4.4.5-2+squeeze1
 	[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
-CVE-2011-1585 (The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux ...)
+CVE-2011-1585
 	{DSA-2240-1}
 	- linux-2.6 <removed> (unimportant)
 	NOTE: an exploitation requires the ability to run mount.cifs w/ root privs
-CVE-2011-1584 (The updateFile function in inc/core/class.dc.media.php in the Media ...)
+CVE-2011-1584
 	- dotclear <not-affected> (Fixed before initial upload to archive)
-CVE-2011-1583 (Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in ...)
+CVE-2011-1583
 	{DSA-2337-1}
 	- xen 4.1.1-1
 	- xen-3 <removed>
 	[lenny] - xen-3 <no-dsa> (Minor issue; only marginally affected)
-CVE-2011-1582 (Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a ...)
+CVE-2011-1582
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1581 (The bond_select_queue function in drivers/net/bonding/bond_main.c in ...)
+CVE-2011-1581
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
-CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3 does not ...)
+CVE-2011-1580
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext parser ...)
+CVE-2011-1579
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, ...)
+CVE-2011-1578
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1577 (Heap-based buffer overflow in the is_gpt_valid function in ...)
+CVE-2011-1577
 	{DSA-2264-1}
 	- linux-2.6 2.6.39-3 (low)
 	[squeeze] - linux-2.6 2.6.32-35
-CVE-2011-1576 (The Generic Receive Offload (GRO) implementation in the Linux kernel ...)
+CVE-2011-1576
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-5
 	[lenny] - linux-2.6 <not-affected> (Code not present)
 	NOTE: "...code path in question is no longer reachable..." not sure when this was fixed
-CVE-2011-1575 (The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 ...)
+CVE-2011-1575
 	- pure-ftpd 1.0.30-1 (low)
 	[squeeze] - pure-ftpd 1.0.28-3+squeeze1
 	[lenny] - pure-ftpd <no-dsa> (Minor issue)
-CVE-2011-1574 (Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in ...)
+CVE-2011-1574
 	{DSA-2226-1}
 	- libmodplug 1:0.8.8.2-1 (low; bug #622091)
-CVE-2011-1573 (net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when ...)
+CVE-2011-1573
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-34
 	NOTE: http://xorl.wordpress.com/2011/05/08/cve-2011-1573-linux-kernel-sctp-initinit-ack-length-miscalculation/
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a8170c35e738d62e9919ce5b109cf4ed66e9
-CVE-2011-1572 (Directory traversal vulnerability in the Admin Defined Commands (ADC) ...)
+CVE-2011-1572
 	{DSA-2215-1}
 	- gitolite 1.5.7-2
 	NOTE: https://github.com/sitaramc/gitolite/commit/a33f0f85047834212ff4baf5b479c6cf3d2a6075
 	NOTE: https://github.com/sitaramc/gitolite/commit/4ce00aef84d1ff7c35f7adbbb99a6241cfda00cc
 	[squeeze] - gitolite 1.5.4-2+squeeze1
-CVE-2011-1571 (Unspecified vulnerability in the XSL Content portlet in Liferay Portal ...)
+CVE-2011-1571
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1570 (Cross-site scripting (XSS) vulnerability in Liferay Portal Community ...)
+CVE-2011-1570
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1569 (download.aspx in Douran Portal 3.9.7.8 allows remote attackers to ...)
+CVE-2011-1569
 	NOT-FOR-US: Douran Portal
-CVE-2011-1568 (Format string vulnerability in the logText function in shmemmgr9.dll ...)
+CVE-2011-1568
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1567 (Multiple stack-based buffer overflows in IGSSdataServer.exe ...)
+CVE-2011-1567
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1566 (Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier ...)
+CVE-2011-1566
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1565 (Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 ...)
+CVE-2011-1565
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1564 (Multiple integer overflows in the HMI application in DATAC RealFlex ...)
+CVE-2011-1564
 	NOT-FOR-US: DATAC RealFlex RealWin
-CVE-2011-1563 (Multiple stack-based buffer overflows in the HMI application in DATAC ...)
+CVE-2011-1563
 	NOT-FOR-US: DATAC RealFlex RealWin
-CVE-2011-1562 (Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote ...)
+CVE-2011-1562
 	NOT-FOR-US: Ecava IntegraXor HMI
-CVE-2011-1561 (The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, ...)
+CVE-2011-1561
 	NOT-FOR-US: IBM AIX 6.1
-CVE-2011-1560 (solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x ...)
+CVE-2011-1560
 	NOT-FOR-US: IBM solidDB
-CVE-2011-1559 (Unspecified vulnerability in the IBM Web Interface for Content ...)
+CVE-2011-1559
 	NOT-FOR-US: IBM WEBi
-CVE-2011-1558 (Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web ...)
+CVE-2011-1558
 	NOT-FOR-US: IBM WEBi
 CVE-2011-XXXX [drupal6-mod-tagadelic XSS]
 	- drupal6-mod-tagadelic 1.3-1 (low)
 	NOTE: DRUPAL-SA-CONTRIB-2011-013
-CVE-2011-1557 (SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows ...)
+CVE-2011-1557
 	NOT-FOR-US: ICloudCenter ICJobSite
-CVE-2011-1556 (SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's ...)
+CVE-2011-1556
 	NOT-FOR-US: Aphpkb
-CVE-2011-1555 (SQL injection vulnerability in saa.php in Andy's PHP Knowledgebase ...)
+CVE-2011-1555
 	NOT-FOR-US: Aphpkb
-CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before ...)
+CVE-2011-1554
 	{DSA-2388-1}
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
@@ -10013,7 +10013,7 @@ CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf befo
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
-CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in ...)
+CVE-2011-1553
 	{DSA-2388-1}
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
@@ -10021,7 +10021,7 @@ CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
-CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ...)
+CVE-2011-1552
 	{DSA-2388-1}
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
@@ -10029,73 +10029,73 @@ CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, a
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
-CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...)
+CVE-2011-1551
 	- cobbler <not-affected> (bug #796151; perms different on Debian)
 	NOTE: /var/log/cobbler is set to cobbler:cobbler and daemon runs as root
-CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses ...)
+CVE-2011-1550
 	- logrotate <not-affected> (SuSE-specific, see CVE-2011-1548 for Debian)
-CVE-2011-1549 (The default configuration of logrotate on Gentoo Linux uses root ...)
+CVE-2011-1549
 	- logrotate <not-affected> (Gentoo-specific, see CVE-2011-1548 for Debian)
-CVE-2011-1548 (The default configuration of logrotate on Debian GNU/Linux uses root ...)
+CVE-2011-1548
 	- logrotate 3.7.8-6
-CVE-2011-1547 (Multiple stack consumption vulnerabilities in the kernel in NetBSD ...)
+CVE-2011-1547
 	NOT-FOR-US: NetBSD
-CVE-2011-1546 (Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase ...)
+CVE-2011-1546
 	NOT-FOR-US: Aphpkb
-CVE-2011-1545 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+CVE-2011-1545
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2011-1544 (Unspecified vulnerability in HP Insight Control Performance Management ...)
+CVE-2011-1544
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2011-1543 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight ...)
+CVE-2011-1543
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2011-1542 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
+CVE-2011-1542
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2011-1541 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2011-1541
 	NOT-FOR-US: HP System Management Homepage
-CVE-2011-1540 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2011-1540
 	NOT-FOR-US: HP System Management Homepage
-CVE-2011-1539 (Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 ...)
+CVE-2011-1539
 	NOT-FOR-US: HP Proliant Support Pack
-CVE-2011-1538 (Open redirect vulnerability in HP Proliant Support Pack (PSP) before ...)
+CVE-2011-1538
 	NOT-FOR-US: HP Proliant Support Pack
-CVE-2011-1537 (Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack ...)
+CVE-2011-1537
 	NOT-FOR-US: HP Proliant Support Pack
-CVE-2011-1536 (Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, ...)
+CVE-2011-1536
 	NOT-FOR-US: HP Performance Insight
-CVE-2011-1535 (Unspecified vulnerability in HP Insight Control for Linux (aka ...)
+CVE-2011-1535
 	NOT-FOR-US: HP Insight Control
-CVE-2011-1534 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x ...)
+CVE-2011-1534
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-1533 (Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and ...)
+CVE-2011-1533
 	NOT-FOR-US: HP Photosmart
-CVE-2011-1532 (Unspecified vulnerability in the SNMP component on the HP Photosmart ...)
+CVE-2011-1532
 	NOT-FOR-US: HP Photosmart
-CVE-2011-1531 (The webscan component in the Embedded Web Server (EWS) on the HP ...)
+CVE-2011-1531
 	NOT-FOR-US: HP Photosmart
-CVE-2011-1530 (The process_tgs_req function in do_tgs_req.c in the Key Distribution ...)
+CVE-2011-1530
 	- krb5 1.10+dfsg~alpha1-7
 	[squeeze] - krb5 <not-affected> (Only affecs 1.9 and higher)
 	[lenny] - krb5 <not-affected> (Only affecs 1.9 and higher)
-CVE-2011-1529 (The lookup_lockout_policy function in the Key Distribution Center ...)
+CVE-2011-1529
 	{DSA-2379-1}
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[lenny] - krb5 <not-affected> (Introduced in 1.8)
-CVE-2011-1528 (The krb5_ldap_lockout_audit function in the Key Distribution Center ...)
+CVE-2011-1528
 	{DSA-2379-1}
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[lenny] - krb5 <not-affected> (Introduced in 1.8)
-CVE-2011-1527 (The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT ...)
+CVE-2011-1527
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[squeeze] - krb5 <not-affected> (Introduced in 1.9)
 	[lenny] - krb5 <not-affected> (Introduced in 1.9)
-CVE-2011-1526 (ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 ...)
+CVE-2011-1526
 	{DSA-2283-1}
 	- krb5-appl 1:1.0.1-1.1
-CVE-2011-1525 (Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer ...)
+CVE-2011-1525
 	NOT-FOR-US: RealPlayer
-CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login GUI ...)
+CVE-2011-1524
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2011-1523 (Cross-site scripting (XSS) vulnerability in statusmap.c in ...)
+CVE-2011-1523
 	- nagios3 3.2.3-3 (bug #629127)
 	- icinga 1.4.1-1 (bug #629131)
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
@@ -10103,17 +10103,17 @@ CVE-2011-1523 (Cross-site scripting (XSS) vulnerability in statusmap.c in ...)
 	[squeeze] - icinga <no-dsa> (Minor issue)
 	[lenny] - icinga <no-dsa> (Minor issue)
 	NOTE: http://tracker.nagios.org/view.php?id=207
-CVE-2011-1522 (Multiple SQL injection vulnerabilities in the ...)
+CVE-2011-1522
 	{DSA-2223-1}
 	- doctrine 1.2.4-1 (bug #622674)
-CVE-2011-1520 (The default configuration of the server console in IBM Lotus Domino ...)
+CVE-2011-1520
 	NOT-FOR-US: Lotus Domino
-CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino 7.x ...)
+CVE-2011-1519
 	NOT-FOR-US: Lotus Domino
-CVE-2011-1518 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
+CVE-2011-1518
 	{DSA-2231-1}
 	- otrs2 2.4.10+dfsg1-1
-CVE-2011-1521 (The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x ...)
+CVE-2011-1521
 	{DLA-25-1}
 	- python3.1 <removed> (bug #628453)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
@@ -10132,69 +10132,69 @@ CVE-2011-XXXX [htmlpurifier various]
 	NOTE: If apps are vulnerable, this must be addressed there (as done for Mahara)
 CVE-2011-1517
 	RESERVED
-CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in ...)
+CVE-2011-1516
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00 through ...)
+CVE-2011-1515
 	NOT-FOR-US: HP OpenView
-CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00 through ...)
+CVE-2011-1514
 	NOT-FOR-US: HP OpenView
-CVE-2011-1513 (Static code injection vulnerability in install_.php in e107 CMS 0.7.24 ...)
+CVE-2011-1513
 	NOT-FOR-US: e107
-CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used ...)
+CVE-2011-1512
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2011-1511
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-1510 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ...)
+CVE-2011-1510
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-1509 (The encryptPassword function in Login.js in ManageEngine ServiceDesk ...)
+CVE-2011-1509
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-1508 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly ...)
+CVE-2011-1508
 	NOT-FOR-US: Microsoft Publisher
-CVE-2011-1507 (Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, ...)
+CVE-2011-1507
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
-CVE-2011-1506 (The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and ...)
+CVE-2011-1506
 	NOT-FOR-US: Kerio
-CVE-2011-1505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 ...)
+CVE-2011-1505
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2011-1504 (Cross-site scripting (XSS) vulnerability in Liferay Portal Community ...)
+CVE-2011-1504
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1503 (The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x ...)
+CVE-2011-1503
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1502 (Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache ...)
+CVE-2011-1502
 	- liferay-portal <itp> (bug #569819)
 CVE-2011-1501
 	REJECTED
-CVE-2011-1500 (PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict ...)
+CVE-2011-1500
 	- pithos 0.3.8-1 (low)
-CVE-2011-1499 (acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting ...)
+CVE-2011-1499
 	{DSA-2222-1}
 	- tinyproxy 1.8.2-2 (bug #621493)
 	[lenny] - tinyproxy <not-affected> (Vulnerable code not present)
-CVE-2011-1498 (Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used ...)
+CVE-2011-1498
 	- httpcomponents-client 4.1.1-1 (bug #628727)
 	[squeeze] - httpcomponents-client 4.0.1-1squeeze1
 	NOTE: http://seclists.org/oss-sec/2011/q2/188
 	NOTE: http://web.archive.org/web/20130102213624/http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES-4.1.x.txt
 CVE-2011-1497
 	RESERVED
-CVE-2011-1496 (tmux 1.3 and 1.4 does not properly drop group privileges, which allows ...)
+CVE-2011-1496
 	{DSA-2212-1}
 	- tmux 1.4-6 (bug #620304)
 	NOTE: CVE id requested
-CVE-2011-1495 (drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and ...)
+CVE-2011-1495
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-5 (unimportant)
-CVE-2011-1494 (Integer overflow in the _ctl_do_mpt_command function in ...)
+CVE-2011-1494
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-5 (unimportant)
-CVE-2011-1493 (Array index error in the rose_parse_national function in ...)
+CVE-2011-1493
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1492 (steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not ...)
+CVE-2011-1492
 	- roundcube 0.5.1-1
 	[squeeze] - roundcube <no-dsa> (Minor issue)
-CVE-2011-1491 (The login form in Roundcube Webmail before 0.5.1 does not properly ...)
+CVE-2011-1491
 	- roundcube 0.5.1-1 (low)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
 CVE-2011-1490
@@ -10212,87 +10212,87 @@ CVE-2011-1488
 	- rsyslog 5.7.6-1 (low)
 	[squeeze] - rsyslog <no-dsa> (Minor issue)
 	[lenny] - rsyslog <no-dsa> (Minor issue)
-CVE-2011-1487 (The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl ...)
+CVE-2011-1487
 	{DSA-2265-1}
 	- perl 5.10.1-20 (unimportant; bug #622817)
 	NOTE: http://nntp.perl.org/group/perl.perl5.porters/171010
-CVE-2011-1486 (libvirtd in libvirt before 0.9.0 does not use thread-safe error ...)
+CVE-2011-1486
 	{DSA-2280-1}
 	- libvirt 0.9.0-1 (low; bug #623222)
 	[lenny] - libvirt <no-dsa> (Minor issue)
-CVE-2011-1485 (Race condition in the pkexec utility and polkitd daemon in PolicyKit ...)
+CVE-2011-1485
 	{DSA-2319-1}
 	- policykit-1 0.101-4 (bug #644500)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=692922
-CVE-2011-1484 (jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as ...)
+CVE-2011-1484
 	NOT-FOR-US: JBoss Seam
-CVE-2011-1483 (wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise ...)
+CVE-2011-1483
 	NOT-FOR-US: JBoss Enterprise Web Platform
-CVE-2011-1482 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2011-1482
 	NOT-FOR-US: PHP-Nuke
-CVE-2011-1481 (Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi ...)
+CVE-2011-1481
 	NOT-FOR-US: PHP-Nuke
-CVE-2011-1480 (SQL injection vulnerability in admin.php in the administration backend ...)
+CVE-2011-1480
 	NOT-FOR-US: PHP-Nuke
-CVE-2011-1479 (Double free vulnerability in the inotify subsystem in the Linux kernel ...)
+CVE-2011-1479
 	- linux-2.6 2.6.38-4
 	[lenny] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38)
 	[squeeze] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38)
-CVE-2011-1478 (The napi_reuse_skb function in net/core/dev.c in the Generic Receive ...)
+CVE-2011-1478
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-1
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-1477 (Multiple array index errors in sound/oss/opl3.c in the Linux kernel ...)
+CVE-2011-1477
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1476 (Integer underflow in the Open Sound System (OSS) subsystem in the ...)
+CVE-2011-1476
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1475 (The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not ...)
+CVE-2011-1475
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1474
 	RESERVED
 	NOT-FOR-US: PaX hardening patch
 	NOTE: http://seclists.org/oss-sec/2011/q1/579
-CVE-2011-1473 (** DISPUTED ** OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not ...)
+CVE-2011-1473
 	NOTE: Generic protocol issue, no code fix. Workarounds exist, see bug #672456
 	NOTE: and http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html
-CVE-2011-1472 (The Nokia E75 phone with firmware before 211.12.01 allows physically ...)
+CVE-2011-1472
 	NOT-FOR-US: Nokia E75 phone
-CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in PHP ...)
+CVE-2011-1471
 	{DSA-2266-1}
 	- php5 5.3.6-1
-CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent ...)
+CVE-2011-1470
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2011-1469 (Unspecified vulnerability in the Streams component in PHP before 5.3.6 ...)
+CVE-2011-1469
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2011-1468 (Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 ...)
+CVE-2011-1468
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: under normal conditions the amount of memory leaked is insignificant
-CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka ...)
+CVE-2011-1467
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	[lenny] - php5 <not-affected> (intl extension included since 5.3)
 	NOTE: Only triggerable with malicious script
-CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...)
+CVE-2011-1466
 	{DSA-2266-1}
 	- php5 5.3.6-1
 	NOTE: null pointer deref because of int overflow. Fix has a bug
-CVE-2011-1465 (The SPDY implementation in net/http/http_network_transaction.cc in ...)
+CVE-2011-1465
 	- chromium-browser <not-affected> (only the dev version was affected)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1464 (Buffer overflow in the strval function in PHP before 5.3.6, when the ...)
+CVE-2011-1464
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: ini setting needs to be modified.
 CVE-2011-1463
 	RESERVED
-CVE-2011-1462 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-1462
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-1461
 	RESERVED
@@ -10302,396 +10302,396 @@ CVE-2011-1459
 	RESERVED
 CVE-2011-1458
 	RESERVED
-CVE-2011-1457 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-1457
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-1456 (Google Chrome before 11.0.696.57 does not properly handle PDF forms, ...)
+CVE-2011-1456
 	- chromium-browser <not-affected> (chrome pdf plugin)
-CVE-2011-1455 (Google Chrome before 11.0.696.57 does not properly handle PDF ...)
+CVE-2011-1455
 	- chromium-browser <not-affected> (chrome pdf plugin)
-CVE-2011-1454 (Use-after-free vulnerability in the DOM id handling functionality in ...)
+CVE-2011-1454
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84015
-CVE-2011-1453 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-1453
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-1452 (Google Chrome before 11.0.696.57 allows user-assisted remote attackers ...)
+CVE-2011-1452
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1451 (Google Chrome before 11.0.696.57 does not properly handle DOM id maps, ...)
+CVE-2011-1451
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/83209
-CVE-2011-1450 (Google Chrome before 11.0.696.57 does not properly present file ...)
+CVE-2011-1450
 	- chromium-browser 11.0.696.65~r84435-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1449 (Use-after-free vulnerability in the WebSockets implementation in ...)
+CVE-2011-1449
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/82088
-CVE-2011-1448 (Google Chrome before 11.0.696.57 does not properly perform height ...)
+CVE-2011-1448
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81786
-CVE-2011-1447 (Google Chrome before 11.0.696.57 does not properly handle drop-down ...)
+CVE-2011-1447
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81851
-CVE-2011-1446 (Google Chrome before 11.0.696.57 allows remote attackers to spoof the ...)
+CVE-2011-1446
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1445 (Google Chrome before 11.0.696.57 does not properly handle SVG ...)
+CVE-2011-1445
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81689
-CVE-2011-1444 (Race condition in the sandbox launcher implementation in Google Chrome ...)
+CVE-2011-1444
 	{DSA-2245-1}
 	- chromium-browser 11.0.696.65~r84435-1
 	- webkit <not-affected> (chromium sandbox)
-CVE-2011-1443 (Google Chrome before 11.0.696.57 does not properly implement layering, ...)
+CVE-2011-1443
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/82624
-CVE-2011-1442 (Google Chrome before 11.0.696.57 does not properly handle mutation ...)
+CVE-2011-1442
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81611
-CVE-2011-1441 (Google Chrome before 11.0.696.57 does not properly perform a cast of ...)
+CVE-2011-1441
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80773
 	NOTE: http://trac.webkit.org/changeset/81088
-CVE-2011-1440 (Use-after-free vulnerability in Google Chrome before 11.0.696.57 ...)
+CVE-2011-1440
 	{DSA-2245-1}
 	- chromium-browser 11.0.696.65~r84435-1
 	NOTE: http://trac.webkit.org/changeset/84009
-CVE-2011-1439 (Google Chrome before 11.0.696.57 on Linux does not properly isolate ...)
+CVE-2011-1439
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1438 (Google Chrome before 11.0.696.57 allows remote attackers to bypass the ...)
+CVE-2011-1438
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81399
-CVE-2011-1437 (Multiple integer overflows in Google Chrome before 11.0.696.57 allow ...)
+CVE-2011-1437
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/79462
-CVE-2011-1436 (Google Chrome before 11.0.696.57 on Linux does not properly interact ...)
+CVE-2011-1436
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1435 (Google Chrome before 11.0.696.57 does not properly implement the tabs ...)
+CVE-2011-1435
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1434 (Google Chrome before 11.0.696.57 does not ensure thread safety during ...)
+CVE-2011-1434
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1433 (The (1) AgentInterface and (2) CustomerInterface components in Open ...)
+CVE-2011-1433
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security impact
-CVE-2011-1432 (The STARTTLS implementation in SCO SCOoffice Server does not properly ...)
+CVE-2011-1432
 	NOT-FOR-US: SCO SCOoffice Server
-CVE-2011-1431 (The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the ...)
+CVE-2011-1431
 	- qmail <removed> (unimportant; bug #652378)
 	NOTE: The TLS patch is shipped in the source package, but it's not applied
 	- netqmail <not-affected> (Doesn't include the TLS patch)
-CVE-2011-1430 (The STARTTLS implementation in the server in Ipswitch IMail 11.03 and ...)
+CVE-2011-1430
 	NOT-FOR-US: Ipswitch IMail
-CVE-2011-1429 (Mutt does not verify that the smtps server hostname matches the domain ...)
+CVE-2011-1429
 	- mutt 1.5.21-5 (low; bug #619216)
 	[squeeze] - mutt 1.5.20-9+squeeze2
 	[lenny] - mutt <no-dsa> (Minor issue)
 	NOTE: http://dev.mutt.org/trac/ticket/3506
-CVE-2011-1428 (Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does ...)
+CVE-2011-1428
 	{DSA-2598-1}
 	- weechat 0.3.5-1
-CVE-2011-1427 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite ...)
+CVE-2011-1427
 	NOT-FOR-US: Kodak InSite
-CVE-2011-1426 (The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 ...)
+CVE-2011-1426
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-1425 (xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in ...)
+CVE-2011-1425
 	{DSA-2219-1}
 	- xmlsec1 1.2.14-1.1 (bug #620560)
 	NOTE: http://www.aleksey.com/xmlsec/news.html
-CVE-2011-1424 (The default configuration of ExShortcut\Web.config in EMC SourceOne ...)
+CVE-2011-1424
 	NOT-FOR-US: EMC SourceOne Email Management
-CVE-2011-1423 (Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention ...)
+CVE-2011-1423
 	NOT-FOR-US: RSA Data Loss Prevention Enterprise Manager
-CVE-2011-1422 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...)
+CVE-2011-1422
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-1421 (EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the ...)
+CVE-2011-1421
 	NOT-FOR-US: EMC NetWorker
-CVE-2011-1420 (EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC ...)
+CVE-2011-1420
 	NOT-FOR-US: EMC Data Protection Advisor Collector
-CVE-2011-1419 (Apache Tomcat 7.x before 7.0.11, when web.xml has no security ...)
+CVE-2011-1419
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC) functionality in ...)
+CVE-2011-1418
 	NOT-FOR-US: Apple iOS
-CVE-2011-1417 (Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 ...)
+CVE-2011-1417
 	NOT-FOR-US: QuickLook,
-CVE-2011-1416 (The Research In Motion (RIM) BlackBerry Torch 9800 with firmware ...)
+CVE-2011-1416
 	NOT-FOR-US: BlackBerry
 CVE-2011-1415
 	REJECTED
-CVE-2011-1414 (Cross-site scripting (XSS) vulnerability in the tibbr web server, as ...)
+CVE-2011-1414
 	NOT-FOR-US: TIBCO tibbr
-CVE-2011-1413 (Google Chrome before 10.0.648.127 on Linux does not properly mitigate ...)
+CVE-2011-1413
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1412 (sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in ...)
+CVE-2011-1412
 	- openarena <not-affected> (Vulnerable code not present, the version in sid uses ioquake3)
 	- ioquake3 1.36+svn1946-4
-CVE-2011-1411 (Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, ...)
+CVE-2011-1411
 	{DSA-2284-1}
 	- opensaml2 2.4.3-1
 CVE-2011-1410
 	RESERVED
-CVE-2011-1409 (Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly ...)
+CVE-2011-1409
 	{DSA-2259-1}
 	- fex 20110610-1
 CVE-2011-1408 [ikiwiki tty hijacking vulnerability]
 	RESERVED
 	- ikiwiki 3.20110608 (low)
 	[squeeze] - ikiwiki <no-dsa> (Minor issue)
-CVE-2011-1407 (The DKIM implementation in Exim 4.7x before 4.76 permits matching for ...)
+CVE-2011-1407
 	{DSA-2236-1}
 	- exim4 4.76-1
 	[lenny] - exim4 <not-affected> (Vulnerable code not present)
-CVE-2011-1406 (Mahara before 1.3.6 does not properly handle an https URL in the ...)
+CVE-2011-1406
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1405 (Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows ...)
+CVE-2011-1405
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1404 (Mahara before 1.3.6 does not properly restrict the data in responses ...)
+CVE-2011-1404
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1403 (Cross-site request forgery (CSRF) vulnerability in the pieforms ...)
+CVE-2011-1403
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1402 (Mahara before 1.3.6 allows remote authenticated users to bypass ...)
+CVE-2011-1402
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1401 (ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber ...)
+CVE-2011-1401
 	{DSA-2214-1}
 	- ikiwiki 3.20110328
-CVE-2011-1400 (The default configuration of the shell_escape_commands directive in ...)
+CVE-2011-1400
 	{DSA-2198-1}
 	- tex-common 2.09
 CVE-2011-1399
 	RESERVED
-CVE-2011-1398 (The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and ...)
+CVE-2011-1398
 	- php5 5.4.0~rc5-1 (low)
 	[squeeze] - php5 <no-dsa> (Minor issue)
-CVE-2011-1397 (Cross-site request forgery (CSRF) vulnerability in the Labor Reporting ...)
+CVE-2011-1397
 	NOT-FOR-US: IBM Tivoli
-CVE-2011-1396 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2011-1396
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-1395 (Cross-site scripting (XSS) vulnerability in imicon.jsp in IBM Maximo ...)
+CVE-2011-1395
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-1394 (IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, ...)
+CVE-2011-1394
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-1393 (Unspecified vulnerability in the authentication functionality in the ...)
+CVE-2011-1393
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-1392 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll ...)
+CVE-2011-1392
 	NOT-FOR-US: IBM Rational Rhapsody
-CVE-2011-1391 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll ...)
+CVE-2011-1391
 	NOT-FOR-US: IBM Rational Rhapsody
-CVE-2011-1390 (SQL injection vulnerability in the Maintenance tool in IBM Rational ...)
+CVE-2011-1390
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2011-1389 (Multiple directory traversal vulnerabilities in the vendor daemon in ...)
+CVE-2011-1389
 	NOT-FOR-US: Telelogic License Server
-CVE-2011-1388 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll ...)
+CVE-2011-1388
 	NOT-FOR-US: IBM Rational Rhapsody
 CVE-2011-1387
 	RESERVED
-CVE-2011-1386 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated ...)
+CVE-2011-1386
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2011-1385 (IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote ...)
+CVE-2011-1385
 	NOT-FOR-US: IBM AIX
-CVE-2011-1384 (The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd ...)
+CVE-2011-1384
 	NOT-FOR-US: IBM AIX
 CVE-2011-1383
 	RESERVED
 CVE-2011-1382
 	RESERVED
-CVE-2011-1381 (Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before ...)
+CVE-2011-1381
 	NOT-FOR-US: IBM OpenPages GRC Platform
 CVE-2011-1380
 	RESERVED
 CVE-2011-1379
 	RESERVED
-CVE-2011-1378 (IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM ...)
+CVE-2011-1378
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1377 (The Web Services Security component in the Web Services Feature Pack ...)
+CVE-2011-1377
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1376 (iscdeploy in IBM WebSphere Application Server (WAS) 6.1 before ...)
+CVE-2011-1376
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1375 (IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and ...)
+CVE-2011-1375
 	NOT-FOR-US: IBM AIX
-CVE-2011-1374 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote ...)
+CVE-2011-1374
 	NOT-FOR-US: Appe QuickTime
-CVE-2011-1373 (Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the ...)
+CVE-2011-1373
 	NOT-FOR-US: IBM DB2
-CVE-2011-1372 (The Web User Interface on the IBM TS3100 and TS3200 tape libraries ...)
+CVE-2011-1372
 	NOT-FOR-US: IBM web interface to tape libraries
-CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM ...)
+CVE-2011-1371
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1370 (The default configuration of the Sametime configuration servlet (SCS) ...)
+CVE-2011-1370
 	NOT-FOR-US: IBM Lotus Sametime
 CVE-2011-1369
 	RESERVED
-CVE-2011-1368 (The JavaServer Faces (JSF) application functionality in IBM WebSphere ...)
+CVE-2011-1368
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1367 (Unspecified vulnerability in the File Load feature in IBM Rational ...)
+CVE-2011-1367
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2011-1366 (Unspecified vulnerability in the Import feature in IBM Rational ...)
+CVE-2011-1366
 	NOT-FOR-US: IBM Rational AppScan
 CVE-2011-1365
 	RESERVED
-CVE-2011-1364 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-1364
 	NOT-FOR-US: Goole App Engine Python SDK
 CVE-2011-1363
 	RESERVED
-CVE-2011-1362 (Cross-site scripting (XSS) vulnerability in the Installation ...)
+CVE-2011-1362
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-1361
 	RESERVED
-CVE-2011-1360 (Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server ...)
+CVE-2011-1360
 	NOT-FOR-US: IBM HTTP Server
-CVE-2011-1359 (Directory traversal vulnerability in the administration console in IBM ...)
+CVE-2011-1359
 	NOT-FOR-US: IBM WebSphere
 CVE-2011-1358
 	RESERVED
-CVE-2011-1357 (Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web ...)
+CVE-2011-1357
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2011-1356 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 ...)
+CVE-2011-1356
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-1355 (Open redirect vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2011-1355
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-1354
 	RESERVED
-CVE-2011-1353 (Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on ...)
+CVE-2011-1353
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-1352 (The PowerVR SGX driver in Android before 2.3.6 allows attackers to ...)
+CVE-2011-1352
 	NOT-FOR-US: Anroid
 CVE-2011-1351
 	RESERVED
-CVE-2011-1350 (The PowerVR SGX driver in Android before 2.3.6 allows attackers to ...)
+CVE-2011-1350
 	NOT-FOR-US: Android
 CVE-2011-1349
 	RESERVED
 CVE-2011-1348
 	RESERVED
-CVE-2011-1347 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
+CVE-2011-1347
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1346 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
+CVE-2011-1346
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+CVE-2011-1345
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1344 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
+CVE-2011-1344
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
+CVE-2011-1343
 	NOT-FOR-US: Tivoli
-CVE-2011-1342 (SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ...)
+CVE-2011-1342
 	NOT-FOR-US: Aimluck Aipo
-CVE-2011-1341 (Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before ...)
+CVE-2011-1341
 	NOT-FOR-US: Aimluck Aipo
-CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-1340
 	- plone3 <removed>
-CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
+CVE-2011-1339
 	NOT-FOR-US: Google Search Appliance
-CVE-2011-1338 (Untrusted search path vulnerability in XnView before 1.98.1 allows ...)
+CVE-2011-1338
 	NOT-FOR-US: XnView
-CVE-2011-1337 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+CVE-2011-1337
 	NOT-FOR-US: Opera
-CVE-2011-1336 (Buffer overflow in ALZip 8.21 and earlier allows remote attackers to ...)
+CVE-2011-1336
 	NOT-FOR-US: ALZip
-CVE-2011-1335 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 ...)
+CVE-2011-1335
 	NOT-FOR-US: Cybozu Office
-CVE-2011-1334 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu ...)
+CVE-2011-1334
 	NOT-FOR-US: Cybozu
-CVE-2011-1333 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu ...)
+CVE-2011-1333
 	NOT-FOR-US: Cybozu
-CVE-2011-1332 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...)
+CVE-2011-1332
 	NOT-FOR-US: Cybozu Garoon
-CVE-2011-1331 (JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, ...)
+CVE-2011-1331
 	NOT-FOR-US: JustSystems Ichitaro Products
-CVE-2011-1330 (Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 ...)
+CVE-2011-1330
 	NOT-FOR-US: WeblyGo
-CVE-2011-1329 (WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly ...)
+CVE-2011-1329
 	NOT-FOR-US: WalRack
-CVE-2011-1328 (SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows ...)
+CVE-2011-1328
 	NOT-FOR-US: RADVISION iVIEW Suite
-CVE-2011-1327 (The Keystroke Encryption feature in Trend Micro Internet Security 2009 ...)
+CVE-2011-1327
 	NOT-FOR-US: Trend Micro Internet Security
-CVE-2011-1326 (Unspecified vulnerability on the La Fonera+ router with firmware ...)
+CVE-2011-1326
 	NOT-FOR-US: La Fonera+ router
-CVE-2011-1325 (Cross-site request forgery (CSRF) vulnerability in EC-CUBE before ...)
+CVE-2011-1325
 	NOT-FOR-US: EC-CUBE
-CVE-2011-1324 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2011-1324
 	NOT-FOR-US: Buffalo routers
-CVE-2011-1323 (Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware ...)
+CVE-2011-1323
 	NOT-FOR-US: Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers
-CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in the ...)
+CVE-2011-1322
 	NOT-FOR-US: WebSphere
-CVE-2011-1321 (The AuthCache purge implementation in the Security component in IBM ...)
+CVE-2011-1321
 	NOT-FOR-US: WebSphere
-CVE-2011-1320 (The Security component in IBM WebSphere Application Server (WAS) ...)
+CVE-2011-1320
 	NOT-FOR-US: WebSphere
-CVE-2011-1319 (The Security component in IBM WebSphere Application Server (WAS) ...)
+CVE-2011-1319
 	NOT-FOR-US: WebSphere
-CVE-2011-1318 (Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the ...)
+CVE-2011-1318
 	NOT-FOR-US: WebSphere
-CVE-2011-1317 (Memory leak in com.ibm.ws.jsp.runtime.WASJSPStrBufferImpl in the ...)
+CVE-2011-1317
 	NOT-FOR-US: WebSphere
-CVE-2011-1316 (The Session Initiation Protocol (SIP) Proxy in the HTTP Transport ...)
+CVE-2011-1316
 	NOT-FOR-US: WebSphere
-CVE-2011-1315 (Memory leak in the messaging engine in IBM WebSphere Application ...)
+CVE-2011-1315
 	NOT-FOR-US: WebSphere
-CVE-2011-1314 (The Service Integration Bus (SIB) messaging engine in IBM WebSphere ...)
+CVE-2011-1314
 	NOT-FOR-US: WebSphere
-CVE-2011-1313 (Double free vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2011-1313
 	NOT-FOR-US: WebSphere
-CVE-2011-1312 (The Administrative Console component in IBM WebSphere Application ...)
+CVE-2011-1312
 	NOT-FOR-US: WebSphere
-CVE-2011-1311 (The Security component in IBM WebSphere Application Server (WAS) ...)
+CVE-2011-1311
 	NOT-FOR-US: WebSphere
-CVE-2011-1310 (The Administrative Scripting Tools component in IBM WebSphere ...)
+CVE-2011-1310
 	NOT-FOR-US: WebSphere
-CVE-2011-1309 (The Plug-in component in IBM WebSphere Application Server (WAS) before ...)
+CVE-2011-1309
 	NOT-FOR-US: WebSphere
-CVE-2011-1308 (Cross-site scripting (XSS) vulnerability in the Installation ...)
+CVE-2011-1308
 	NOT-FOR-US: WebSphere
-CVE-2011-1307 (The installer in IBM WebSphere Application Server (WAS) before ...)
+CVE-2011-1307
 	NOT-FOR-US: WebSphere
-CVE-2011-1306 (Unspecified vulnerability in the Scratchpad application in Google ...)
+CVE-2011-1306
 	NOT-FOR-US: Google ChromeOS
-CVE-2011-1305 (Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS ...)
+CVE-2011-1305
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/76713
-CVE-2011-1304 (Unspecified vulnerability in Google Chrome before 11.0.696.57 allows ...)
+CVE-2011-1304
 	- chromium-browser 11.0.696.65~r84435-1 (unimportant)
-CVE-2011-1303 (Google Chrome before 11.0.696.57 does not properly handle floating ...)
+CVE-2011-1303
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80682
-CVE-2011-1302 (Heap-based buffer overflow in the GPU process in Google Chrome before ...)
+CVE-2011-1302
 	- chromium-browser 10.0.648.205~r81283-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1301 (Use-after-free vulnerability in the GPU process in Google Chrome ...)
+CVE-2011-1301
 	- chromium-browser 10.0.648.205~r81283-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1300 (The Program::getActiveUniformMaxLength function in ...)
+CVE-2011-1300
 	NOT-FOR-US: Mozilla Firefox on Windows, Google Chrome on Windows
 CVE-2011-1299
 	RESERVED
@@ -10699,31 +10699,31 @@ CVE-2011-1298
 	RESERVED
 CVE-2011-1297
 	RESERVED
-CVE-2011-1296 (Google Chrome before 10.0.648.204 does not properly handle SVG text, ...)
+CVE-2011-1296
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80520
-CVE-2011-1295 (WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari ...)
+CVE-2011-1295
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/80487
-CVE-2011-1294 (Google Chrome before 10.0.648.204 does not properly handle Cascading ...)
+CVE-2011-1294
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80144
-CVE-2011-1293 (Use-after-free vulnerability in the HTMLCollection implementation in ...)
+CVE-2011-1293
 	{DSA-2245-1}
 	- chromium-browser 10.0.648.204~r79063-1
 	NOTE: http://trac.webkit.org/changeset/80797
-CVE-2011-1292 (Use-after-free vulnerability in the frame-loader implementation in ...)
+CVE-2011-1292
 	{DSA-2245-1}
 	- chromium-browser 10.0.648.204~r79063-1
 	NOTE: http://trac.webkit.org/changeset/79808
-CVE-2011-1291 (Google Chrome before 10.0.648.204 does not properly handle base ...)
+CVE-2011-1291
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1290 (Integer overflow in WebKit, as used on the Research In Motion (RIM) ...)
+CVE-2011-1290
 	{DSA-2192-1}
 	- chromium-browser 10.0.648.133~r77742-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
@@ -10731,163 +10731,163 @@ CVE-2011-1290 (Integer overflow in WebKit, as used on the Research In Motion (RI
 	NOTE: http://trac.webkit.org/changeset/80787
 CVE-2011-1289
 	RESERVED
-CVE-2011-1288 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-1288
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-1287
 	RESERVED
-CVE-2011-1286 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...)
+CVE-2011-1286
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1285 (The regular-expression functionality in Google Chrome before ...)
+CVE-2011-1285
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1284 (Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) ...)
+CVE-2011-1284
 	NOT-FOR-US: MS Windows
-CVE-2011-1283 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 ...)
+CVE-2011-1283
 	NOT-FOR-US: MS Windows
-CVE-2011-1282 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 ...)
+CVE-2011-1282
 	NOT-FOR-US: MS Windows
-CVE-2011-1281 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 ...)
+CVE-2011-1281
 	NOT-FOR-US: MS Windows
-CVE-2011-1280 (The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server ...)
+CVE-2011-1280
 	NOT-FOR-US: Microsoft InfoPath, SQL Server, SQL Server Management Studio Express, Visual Studio
-CVE-2011-1279 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+CVE-2011-1279
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1278 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly ...)
+CVE-2011-1278
 	NOT-FOR-US: Microsoft Excel, Office
-CVE-2011-1277 (Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File ...)
+CVE-2011-1277
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1276 (Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; ...)
+CVE-2011-1276
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1275 (Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and ...)
+CVE-2011-1275
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1274 (Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 ...)
+CVE-2011-1274
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1273 (Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, ...)
+CVE-2011-1273
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1272 (Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 ...)
+CVE-2011-1272
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1271 (The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, ...)
+CVE-2011-1271
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2011-1270 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
+CVE-2011-1270
 	NOT-FOR-US: Microsoft PowerPoint 2002 SP3 and 2003 SP3
-CVE-2011-1269 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...)
+CVE-2011-1269
 	NOT-FOR-US: Microsoft
-CVE-2011-1268 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server ...)
+CVE-2011-1268
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1267 (The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server ...)
+CVE-2011-1267
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1266 (The Vector Markup Language (VML) implementation in vgx.dll in ...)
+CVE-2011-1266
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1265 (The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and ...)
+CVE-2011-1265
 	NOT-FOR-US: MS Windows
-CVE-2011-1264 (Cross-site scripting (XSS) vulnerability in Active Directory ...)
+CVE-2011-1264
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1263 (Cross-site scripting (XSS) vulnerability in the logon page in Remote ...)
+CVE-2011-1263
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1262 (Microsoft Internet Explorer 7 through 9 does not properly handle ...)
+CVE-2011-1262
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1261 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-1261
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1260 (Microsoft Internet Explorer 8 and 9 does not properly handle objects ...)
+CVE-2011-1260
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1259
 	REJECTED
-CVE-2011-1258 (Microsoft Internet Explorer 6 through 8 does not properly restrict web ...)
+CVE-2011-1258
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1257 (Race condition in Microsoft Internet Explorer 6 through 8 allows ...)
+CVE-2011-1257
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1256 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+CVE-2011-1256
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1255 (The Timed Interactive Multimedia Extensions (aka HTML+TIME) ...)
+CVE-2011-1255
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1254 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+CVE-2011-1254
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1253 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and ...)
+CVE-2011-1253
 	NOT-FOR-US: Microsoft .NET Framework, Silverlight
-CVE-2011-1252 (Cross-site scripting (XSS) vulnerability in the SafeHTML function in ...)
+CVE-2011-1252
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1251 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2011-1251
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1250 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2011-1250
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1249 (The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP ...)
+CVE-2011-1249
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1248 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, ...)
+CVE-2011-1248
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1247 (Untrusted search path vulnerability in the Microsoft Active ...)
+CVE-2011-1247
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1246 (Microsoft Internet Explorer 8 does not properly handle content ...)
+CVE-2011-1246
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict script ...)
+CVE-2011-1245
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1244 (Microsoft Internet Explorer 6, 7, and 8 does not enforce intended ...)
+CVE-2011-1244
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1243 (The Windows Messenger ActiveX control in msgsc.dll in Microsoft ...)
+CVE-2011-1243
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1242 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1242
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1241 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1241
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1240 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1240
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1239 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1239
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1238 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1238
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1237 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1237
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1236 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1236
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1235 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1235
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1234 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-1234
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1233 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1233
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1232 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1232
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1231 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1231
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1230 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1230
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1229 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1229
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1228 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1228
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1227 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1227
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1226 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1226
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1225 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-1225
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-XXXX [dokuwiki ACL bypass]
 	- dokuwiki 0.0.20101107a-1 (low)
 	[squeeze] - dokuwiki <no-dsa> (Minor issue)
 	[lenny] - dokuwiki <no-dsa> (Minor issue)
-CVE-2011-1224 (IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not ...)
+CVE-2011-1224
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2011-1223 (Buffer overflow in the Alternate Data Stream (aka ADS or named stream) ...)
+CVE-2011-1223
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2011-1222 (Buffer overflow in the Journal Based Backup (JBB) feature in the ...)
+CVE-2011-1222
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2011-1221 (Cross-zone scripting vulnerability in the RealPlayer ActiveX control ...)
+CVE-2011-1221
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-1220 (Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM ...)
+CVE-2011-1220
 	NOT-FOR-US: IBM Tivoli Management Framework
 CVE-2011-1219
 	RESERVED
-CVE-2011-1218 (Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM ...)
+CVE-2011-1218
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1217 (Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM ...)
+CVE-2011-1217
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1216 (Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used ...)
+CVE-2011-1216
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1215 (Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used ...)
+CVE-2011-1215
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1214 (Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used ...)
+CVE-2011-1214
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1213 (Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM ...)
+CVE-2011-1213
 	NOT-FOR-US: Autonomy KeyView
 CVE-2011-1212
 	RESERVED
@@ -10895,27 +10895,27 @@ CVE-2011-1211
 	RESERVED
 CVE-2011-1210
 	RESERVED
-CVE-2011-1209 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 ...)
+CVE-2011-1209
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-1208 (IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and ...)
+CVE-2011-1208
 	NOT-FOR-US: IBM solidDB
-CVE-2011-1207 (The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX ...)
+CVE-2011-1207
 	NOT-FOR-US: IBM Rational System
-CVE-2011-1206 (Stack-based buffer overflow in the server process in ibmslapd.exe in ...)
+CVE-2011-1206
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2011-1205 (Multiple buffer overflows in unspecified COM objects in Rational ...)
+CVE-2011-1205
 	NOT-FOR-US: IBM Rational ClearCase, ClearQuest
-CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle attributes, ...)
+CVE-2011-1204
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/79810
 	NOTE: very hard to merge: needs introduction of ScopedEventQueue.cpp
-CVE-2011-1203 (Google Chrome before 10.0.648.127 does not properly handle SVG ...)
+CVE-2011-1203
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/79476
-CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 ...)
+CVE-2011-1202
 	- libxslt 1.1.26-7 (low; bug #617413)
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner <no-dsa> (minor issue)
@@ -10929,83 +10929,83 @@ CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1
 	[squeeze] - libxslt 1.1.26-6+squeeze1
 	[lenny] - libxslt <no-dsa> (minor issue)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-1201 (The context implementation in WebKit, as used in Google Chrome before ...)
+CVE-2011-1201
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (losecontext not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/78921
-CVE-2011-1200 (Google Chrome before 10.0.648.127 does not properly perform a cast of ...)
+CVE-2011-1200
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/78744
-CVE-2011-1199 (Google Chrome before 10.0.648.127 does not properly handle DataView ...)
+CVE-2011-1199
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in libv8 bindings)
 	NOTE: https://trac.webkit.org/changeset/78738
-CVE-2011-1198 (The video functionality in Google Chrome before 10.0.648.127 allows ...)
+CVE-2011-1198
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- libav <not-affected> (Specific to ffmpeg-mt)
-CVE-2011-1197 (Google Chrome before 10.0.648.127 does not properly perform table ...)
+CVE-2011-1197
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/79734
-CVE-2011-1196 (The OGG container implementation in Google Chrome before 10.0.648.127 ...)
+CVE-2011-1196
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- libav 4:0.7.1-1
 	- ffmpeg-debian <not-affected> (Info from maintainer: the patch does not apply 0.5, and I failed to reproduce)
 	- ffmpeg <not-affected> (Info from maintainer: the patch does not apply 0.5, and I failed to reproduce)
-CVE-2011-1195 (Use-after-free vulnerability in Google Chrome before 10.0.648.127 ...)
+CVE-2011-1195
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/78147
-CVE-2011-1194 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2011-1194
 	- chromium-browser 10.0.648.127~r76697-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/77049
 	NOTE: http://trac.webkit.org/changeset/77329
 	NOTE: popup blocker bypass not treated as a security issue
-CVE-2011-1193 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...)
+CVE-2011-1193
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1192 (Google Chrome before 10.0.648.127 on Linux does not properly handle ...)
+CVE-2011-1192
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in chromium-specific code)
 	NOTE: http://trac.webkit.org/changeset/76732
-CVE-2011-1191 (Use-after-free vulnerability in Google Chrome before 10.0.648.127 ...)
+CVE-2011-1191
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not yet present)
 	NOTE: http://trac.webkit.org/changeset/76652
-CVE-2011-1190 (The Web Workers implementation in Google Chrome before 10.0.648.127 ...)
+CVE-2011-1190
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/77563
-CVE-2011-1189 (Google Chrome before 10.0.648.127 does not properly perform box ...)
+CVE-2011-1189
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/79689
-CVE-2011-1188 (Google Chrome before 10.0.648.127 does not properly handle counter ...)
+CVE-2011-1188
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/77142
-CVE-2011-1187 (Google Chrome before 10.0.648.127 allows remote attackers to bypass ...)
+CVE-2011-1187
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- icedove 17.0.2-1 (low)
@@ -11018,102 +11018,102 @@ CVE-2011-1187 (Google Chrome before 10.0.648.127 allows remote attackers to bypa
 	[wheezy] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	[squeeze] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	NOTE: Fixed in Thunderbird 12 and Seamonkey 2.9
-CVE-2011-1186 (Google Chrome before 10.0.648.127 on Linux does not properly handle ...)
+CVE-2011-1186
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1185 (Google Chrome before 10.0.648.127 does not prevent (1) navigation and ...)
+CVE-2011-1185
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/74853
-CVE-2011-1184 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
+CVE-2011-1184
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-1183 (Apache Tomcat 7.0.11, when web.xml has no login configuration, does ...)
+CVE-2011-1183
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1182 (kernel/signal.c in the Linux kernel before 2.6.39 allows local users ...)
+CVE-2011-1182
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 CVE-2011-1181 [missing error handling in linux netdev]
 	REJECTED
-CVE-2011-1180 (Multiple stack-based buffer overflows in the ...)
+CVE-2011-1180
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1179 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly ...)
+CVE-2011-1179
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2011-1178 (Multiple integer overflows in the load_image function in file-pcx.c in ...)
+CVE-2011-1178
 	- gimp 2.6.10-1
 	NOTE: Likely fixed earlier, but only the squeeze version was checked
 CVE-2011-1177
 	RESERVED
-CVE-2011-1176 (The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk ...)
+CVE-2011-1176
 	{DSA-2202-1}
 	- apache2 2.2.17-2 (bug #618857; medium)
 	[lenny] - apache2 <not-affected> (different source package in lenny: apache2-mpm-itk)
 	- apache2-mpm-itk <removed>
 	[lenny] - apache2-mpm-itk <not-affected> (bug was introduced later, in 2.2.11-01)
-CVE-2011-1175 (tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before ...)
+CVE-2011-1175
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-1174 (manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x ...)
+CVE-2011-1174
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-1173 (The econet_sendmsg function in net/econet/af_econet.c in the Linux ...)
+CVE-2011-1173
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1172 (net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the ...)
+CVE-2011-1172
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1171 (net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux ...)
+CVE-2011-1171
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1170 (net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the ...)
+CVE-2011-1170
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1169 (Array index error in the asihpi_hpi_ioctl function in ...)
+CVE-2011-1169
 	- linux-2.6 2.6.38-2
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
-CVE-2011-1168 (Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError ...)
+CVE-2011-1168
 	- kde4libs 4:4.4.5-4 (low)
 	[squeeze] - kde4libs 4:4.4.5-2+squeeze2
 	[lenny] - kde4libs <no-dsa> (Minor issue)
-CVE-2011-1167 (Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in ...)
+CVE-2011-1167
 	{DSA-2210-1}
 	- tiff 3.9.4-9 (bug #619614)
 	- tiff3 <not-affected> (fixed before initial upload)
-CVE-2011-1166 (Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a ...)
+CVE-2011-1166
 	{DSA-2337-1}
 	- xen 4.1.0-1
 	- xen-3 <removed>
-CVE-2011-1165 (Vino, possibly before 3.2, does not properly document that it opens ...)
+CVE-2011-1165
 	- vino <unfixed> (unimportant)
 	NOTE: Mostly interface glitches
-CVE-2011-1164 (Vino before 2.99.4 can connect external networks contrary to the ...)
+CVE-2011-1164
 	- vino <unfixed> (unimportant)
 	NOTE: Mostly interface glitches
-CVE-2011-1163 (The osf_partition function in fs/partitions/osf.c in the Linux kernel ...)
+CVE-2011-1163
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1
-CVE-2011-1162 (The tpm_read function in the Linux kernel 2.6 does not properly clear ...)
+CVE-2011-1162
 	- linux-2.6 3.0.0-5 (low)
 	[squeeze] - linux-2.6 2.6.32-40
 CVE-2011-1161
 	REJECTED
-CVE-2011-1160 (The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel ...)
+CVE-2011-1160
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1159 (acpid.c in acpid before 2.0.9 does not properly handle a situation in ...)
+CVE-2011-1159
 	{DSA-2362-1}
 	- acpid 1:2.0.9-1
 	[lenny] - acpid <no-dsa> (Minor issue)
-CVE-2011-1158 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
+CVE-2011-1158
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
@@ -11122,7 +11122,7 @@ CVE-2011-1158 (Cross-site scripting (XSS) vulnerability in feedparser.py in Univ
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120304003020/https://code.google.com/p/feedparser/issues/detail?id=255
-CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
+CVE-2011-1157
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
@@ -11131,7 +11131,7 @@ CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in Univ
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120211010803/https://code.google.com/p/feedparser/issues/detail?id=254
-CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or ...)
+CVE-2011-1156
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
@@ -11140,13 +11140,13 @@ CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or ...)
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20130326201801/http://code.google.com/p/feedparser/issues/detail?id=91
-CVE-2011-1155 (The writeState function in logrotate.c in logrotate 3.7.9 and earlier ...)
+CVE-2011-1155
 	- logrotate 3.8.0-1
 	[squeeze] - logrotate <no-dsa> (Minor issue)
-CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier ...)
+CVE-2011-1154
 	- logrotate 3.8.0-1
 	[squeeze] - logrotate <no-dsa> (Minor issue)
-CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ...)
+CVE-2011-1153
 	{DSA-2266-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: only exploitable by malicious scripts
@@ -11158,16 +11158,16 @@ CVE-2011-1151
 CVE-2011-1150
 	RESERVED
 	NOT-FOR-US: bbPress
-CVE-2011-1149 (Android before 2.3 does not properly restrict access to the system ...)
+CVE-2011-1149
 	NOT-FOR-US: Android
-CVE-2011-1148 (Use-after-free vulnerability in the substr_replace function in PHP ...)
+CVE-2011-1148
 	{DSA-2408-1}
 	- php5 5.4.0-1 (unimportant)
 	NOTE: only exploitable by malicious scripts
-CVE-2011-1147 (Multiple stack-based and heap-based buffer overflows in the (1) ...)
+CVE-2011-1147
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1 (bug #614580)
-CVE-2011-1146 (libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly ...)
+CVE-2011-1146
 	{DSA-2194-1}
 	- libvirt 0.8.8-3 (low; bug #617773)
 	[lenny] - libvirt <not-affected> (Vulnerable code not present)
@@ -11178,201 +11178,201 @@ CVE-2011-1145 [buffer overflow in unixODBC's SQLDriverConnect()]
 	[squeeze] - unixodbc <no-dsa> (Only exploitable through a malicious server)
 	[lenny] - unixodbc <no-dsa> (Only exploitable through a malicious server)
 	NOTE: http://seclists.org/oss-sec/2011/q1/446
-CVE-2011-1144 (The installer in PEAR 1.9.2 and earlier allows local users to ...)
+CVE-2011-1144
 	- php5 <not-affected> (incomplete fix never used in Debian packages)
-CVE-2011-1143 (epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark ...)
+CVE-2011-1143
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1142 (Stack consumption vulnerability in the dissect_ber_choice function in ...)
+CVE-2011-1142
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1141 (epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through ...)
+CVE-2011-1141
 	{DSA-2201-1}
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1140 (Multiple stack consumption vulnerabilities in the ...)
+CVE-2011-1140
 	{DSA-2201-1}
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1139 (wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through ...)
+CVE-2011-1139
 	{DSA-2201-1}
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1138 (Off-by-one error in the dissect_6lowpan_iphc function in ...)
+CVE-2011-1138
 	- wireshark 1.4.4-1
 	[lenny] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
-CVE-2011-1131 (The PlushSearch2 function in Search.php in Simple Machines Forum (SMF) ...)
+CVE-2011-1131
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1130 (Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, ...)
+CVE-2011-1130
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1129 (Cross-site scripting (XSS) vulnerability in the EditNews function in ...)
+CVE-2011-1129
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1128 (The loadUserSettings function in Load.php in Simple Machines Forum ...)
+CVE-2011-1128
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1127 (SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before ...)
+CVE-2011-1127
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1126 (VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware ...)
+CVE-2011-1126
 	NOT-FOR-US: VMware Workstation
-CVE-2011-1125 (Google Chrome before 9.0.597.107 does not properly perform layout, ...)
+CVE-2011-1125
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code introduced in commit 75823)
 	NOTE: http://trac.webkit.org/changeset/78775
-CVE-2011-1124 (Use-after-free vulnerability in Google Chrome before 9.0.597.107 ...)
+CVE-2011-1124
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-1123 (Google Chrome before 9.0.597.107 does not properly restrict access to ...)
+CVE-2011-1123
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1122 (The WebGL implementation in Google Chrome before 9.0.597.107 allows ...)
+CVE-2011-1122
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=53782
-CVE-2011-1121 (Integer overflow in Google Chrome before 9.0.597.107 allows remote ...)
+CVE-2011-1121
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: needs port (s/logicalBottom/bottom)
 	NOTE: http://trac.webkit.org/changeset/77565
-CVE-2011-1120 (The WebGL implementation in Google Chrome before 9.0.597.107 allows ...)
+CVE-2011-1120
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (webgl support not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/77956
-CVE-2011-1119 (Google Chrome before 9.0.597.107 does not properly determine device ...)
+CVE-2011-1119
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (device orientation code/support not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/77418
-CVE-2011-1118 (Google Chrome before 9.0.597.107 does not properly handle TEXTAREA ...)
+CVE-2011-1118
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/77144
-CVE-2011-1117 (Google Chrome before 9.0.597.107 does not properly handle XHTML ...)
+CVE-2011-1117
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/77262
-CVE-2011-1116 (Google Chrome before 9.0.597.107 does not properly handle SVG ...)
+CVE-2011-1116
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/77548
-CVE-2011-1115 (Google Chrome before 9.0.597.107 does not properly render tables, ...)
+CVE-2011-1115
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76915
-CVE-2011-1114 (Google Chrome before 9.0.597.107 does not properly handle tables, ...)
+CVE-2011-1114
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (vulnerable code introduced after 1.2, and the fix restores this code to its 1.2 state)
 	NOTE: http://trac.webkit.org/changeset/77141
-CVE-2011-1113 (Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not ...)
+CVE-2011-1113
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1112 (Google Chrome before 9.0.597.107 does not properly perform SVG ...)
+CVE-2011-1112
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-1111 (Google Chrome before 9.0.597.107 does not properly implement forms ...)
+CVE-2011-1111
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: needs port (s/FormAssociatedElement/HTMLFormElement)
 	NOTE: http://trac.webkit.org/changeset/77114
-CVE-2011-1110 (Google Chrome before 9.0.597.107 does not properly implement key frame ...)
+CVE-2011-1110
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/76828
-CVE-2011-1109 (Google Chrome before 9.0.597.107 does not properly process nodes in ...)
+CVE-2011-1109
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76728
-CVE-2011-1108 (Google Chrome before 9.0.597.107 does not properly implement ...)
+CVE-2011-1108
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-1107 (Unspecified vulnerability in Google Chrome before 9.0.597.107 allows ...)
+CVE-2011-1107
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (history controller code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/76205
-CVE-2011-1106 (Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server ...)
+CVE-2011-1106
 	NOT-FOR-US: IBM Lotus Sametime
-CVE-2011-1105 (Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM ...)
+CVE-2011-1105
 	NOT-FOR-US: Mutare EVM
-CVE-2011-1104 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare ...)
+CVE-2011-1104
 	NOT-FOR-US: Mutare EVM
-CVE-2011-1103 (The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before ...)
+CVE-2011-1103
 	NOT-FOR-US: F-Secure Policy Manager
-CVE-2011-1102 (Cross-site scripting (XSS) vulnerability in the WebReporting module in ...)
+CVE-2011-1102
 	NOT-FOR-US: F-Secure Policy Manager
-CVE-2011-1101 (Multiple unspecified vulnerabilities in a third-party component of the ...)
+CVE-2011-1101
 	NOT-FOR-US: Citrix License Management Console
-CVE-2011-1100 (Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost ...)
+CVE-2011-1100
 	- pixelpost <removed>
-CVE-2011-1099 (Multiple directory traversal vulnerabilities in FocalMedia.Net Quick ...)
+CVE-2011-1099
 	NOT-FOR-US: FocalMedia.Net Quick Polls
-CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c in ...)
+CVE-2011-1098
 	- logrotate 3.8.0-1 (low)
 	[squeeze] - logrotate <no-dsa> (Minor issue)
-CVE-2011-1097 (rsync 3.x before 3.0.8, when certain recursion, deletion, and ...)
+CVE-2011-1097
 	- rsync 3.0.8 (low; bug #621866)
 	[squeeze] - rsync <no-dsa> (Minor issue)
-CVE-2011-1096 (The W3C XML Encryption Standard, as used in the JBoss Web Services ...)
+CVE-2011-1096
 	NOT-FOR-US: alleged flaw in W3C XML Encryption standard. Nothing specific to fix
-CVE-2011-1095 (locale/programs/locale.c in locale in the GNU C Library (aka glibc or ...)
+CVE-2011-1095
 	- glibc 2.13-16
 	[lenny] - glibc <no-dsa> (Minor issue)
 	- eglibc 2.13-16
 	[squeeze] - eglibc 2.11.3-2
 	NOTE: http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=330923
-CVE-2011-1094 (kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not ...)
+CVE-2011-1094
 	- kde4libs 4:4.4.5-4 (low)
 	[squeeze] - kde4libs 4:4.4.5-2+squeeze2
 	[lenny] - kde4libs <no-dsa> (Minor issue)
 	- kdelibs <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/oss-sec/2011/q1/434
-CVE-2011-1093 (The dccp_rcv_state_process function in net/dccp/input.c in the ...)
+CVE-2011-1093
 	{DSA-2264-1}
 	- linux-2.6 2.6.38-1 (low)
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-1092 (Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows ...)
+CVE-2011-1092
 	{DSA-2408-1}
 	- php5 5.4.0-1 (unimportant)
 	NOTE: only exploitable by malicious scripts
 	NOTE: http://seclists.org/oss-sec/2011/q1/430
-CVE-2011-1091 (libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 ...)
+CVE-2011-1091
 	- pidgin 2.7.11-1 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[squeeze] - pidgin <no-dsa> (Minor issue)
-CVE-2011-1090 (The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux ...)
+CVE-2011-1090
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1 (low)
-CVE-2011-1089 (The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 ...)
+CVE-2011-1089
 	- glibc 2.13-8
 	- eglibc 2.13-8
 	[squeeze] - eglibc 2.11.3-1
 	NOTE: http://seclists.org/oss-sec/2011/q1/368
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e1fb097f447a89aa69a926e45e673a52d86a6c57
-CVE-2011-1088 (Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity ...)
+CVE-2011-1088
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1087 (Buffer overflow in VideoLAN VLC media player 1.0.5 allows ...)
+CVE-2011-1087
 	- vlc 1.1.10-1 (low; bug #616156)
 	[squeeze] - vlc <no-dsa> (Minor issue)
 	[lenny] - vlc <no-dsa> (Minor issue)
@@ -11387,39 +11387,39 @@ CVE-2011-1085
 CVE-2011-1084
 	RESERVED
 	NOT-FOR-US: smoothwall
-CVE-2011-1083 (The epoll implementation in the Linux kernel 2.6.37.2 and earlier does ...)
+CVE-2011-1083
 	- linux-2.6 3.2.9-1 (low)
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2011-1082 (fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file ...)
+CVE-2011-1082
 	- linux-2.6 2.6.38-1 (low)
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote ...)
+CVE-2011-1081
 	- openldap 2.4.25-1 (low; bug #617606)
 	[lenny] - openldap 2.4.11-1+lenny2.1
 	[squeeze] - openldap 2.4.23-7.1
-CVE-2011-1080 (The do_replace function in net/bridge/netfilter/ebtables.c in the ...)
+CVE-2011-1080
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1079 (The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux ...)
+CVE-2011-1079
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1078 (The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the ...)
+CVE-2011-1078
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1077 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva ...)
+CVE-2011-1077
 	NOT-FOR-US: Apache Archiva
-CVE-2011-1076 (net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows ...)
+CVE-2011-1076
 	- linux-2.6 2.6.38-1
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 CVE-2011-1075
 	RESERVED
-CVE-2011-1074 (crontab.c in crontab in FreeBSD allows local users to determine the ...)
+CVE-2011-1074
 	- cron <not-affected> (Debian's cron not affected)
-CVE-2011-1073 (crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users ...)
+CVE-2011-1073
 	- cron <not-affected> (Debian's cron not affected)
-CVE-2011-1071 (The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded ...)
+CVE-2011-1071
 	- glibc 2.11.2-12
 	- eglibc 2.11.2-12 (bug #615120)
 	[squeeze] - eglibc 2.11.3-2
@@ -11431,66 +11431,66 @@ CVE-2011-1070
 CVE-2011-1069
 	RESERVED
 	NOT-FOR-US: PHPShop
-CVE-2011-1068 (Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before ...)
+CVE-2011-1068
 	NOT-FOR-US: Microsoft Windows Azure SDK
-CVE-2011-1067 (slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not ...)
+CVE-2011-1067
 	NOT-FOR-US: s389 LDAP server
-CVE-2011-1066 (Cross-site scripting (XSS) vulnerability in the Messaging module ...)
+CVE-2011-1066
 	NOT-FOR-US: Messaging module for Drupal
-CVE-2011-1065 (Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX ...)
+CVE-2011-1065
 	NOT-FOR-US: PIPI Player
-CVE-2011-1064 (SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 ...)
+CVE-2011-1064
 	NOT-FOR-US: Qi Bo CMS
-CVE-2011-1063 (Multiple cross-site scripting (XSS) vulnerabilities in Cherry-Design ...)
+CVE-2011-1063
 	NOT-FOR-US: Cherry-Design Photopad
-CVE-2011-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-1062
 	NOT-FOR-US: TaskFreak!
-CVE-2011-1061 (SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows ...)
+CVE-2011-1061
 	NOT-FOR-US: WSN Guest
-CVE-2011-1060 (SQL injection vulnerability in the member function in ...)
+CVE-2011-1060
 	NOT-FOR-US: WSN Guest
-CVE-2011-1059 (Use-after-free vulnerability in WebCore in WebKit before r77705, as ...)
+CVE-2011-1059
 	- webkit <not-affected> (history controller code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/77705
-CVE-2011-1058 (Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ...)
+CVE-2011-1058
 	{DSA-2321-1}
 	- moin 1.9.3-3
 CVE-2011-1057
 	REJECTED
-CVE-2011-1056 (The installer for Metasploit Framework 3.5.1, when running on Windows, ...)
+CVE-2011-1056
 	NOT-FOR-US: Metasploit Framework
-CVE-2011-1055 (SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS ...)
+CVE-2011-1055
 	NOT-FOR-US: Lingxia I.C.E CMS
-CVE-2011-1054 (Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA ...)
+CVE-2011-1054
 	NOT-FOR-US: IDA Pro
-CVE-2011-1053 (Unspecified vulnerability in the Mach-O input file loader in Hex-Rays ...)
+CVE-2011-1053
 	NOT-FOR-US: IDA Pro
-CVE-2011-1052 (Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA ...)
+CVE-2011-1052
 	NOT-FOR-US: IDA Pro
-CVE-2011-1051 (Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in ...)
+CVE-2011-1051
 	NOT-FOR-US: IDA Pro
-CVE-2011-1050 (Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown ...)
+CVE-2011-1050
 	NOT-FOR-US: IDA Pro
-CVE-2011-1049 (Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro ...)
+CVE-2011-1049
 	NOT-FOR-US: IDA Pro
-CVE-2011-1048 (SQL injection vulnerability in product.php in MihanTools 1.33 allows ...)
+CVE-2011-1048
 	NOT-FOR-US: MihanTools
-CVE-2011-1047 (Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ...)
+CVE-2011-1047
 	NOT-FOR-US: VastHTML Forum Server
-CVE-2011-1046 (IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used ...)
+CVE-2011-1046
 	NOT-FOR-US: FileNet P8 Content Engine
-CVE-2011-1045 (Unspecified vulnerability in the Rendition Engine (aka P8RE) 4.0.1 ...)
+CVE-2011-1045
 	NOT-FOR-US: Rendition Engine
 CVE-2011-XXXX [pam_pgsql overflow]
 	- pam-pgsql 0.7.1-5 (bug #603436)
 	[lenny] - pam-pgsql 0.6.3-2+lenny1
 	[squeeze] - pam-pgsql 0.7.1-4+squeeze1
-CVE-2011-1044 (The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c ...)
+CVE-2011-1044
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 2.6.26-26lenny2
 CVE-2011-1043
 	RESERVED
-CVE-2011-1042 (Use-after-free vulnerability in flimflamd in flimflam in Google Chrome ...)
+CVE-2011-1042
 	NOT-FOR-US: flimflam in Google Chrome OS
 CVE-2011-1041
 	RESERVED
@@ -11498,27 +11498,27 @@ CVE-2011-1040
 	RESERVED
 CVE-2011-1039
 	RESERVED
-CVE-2011-1038 (Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in ...)
+CVE-2011-1038
 	NOT-FOR-US: Lotus Sametime
 CVE-2011-1037
 	RESERVED
-CVE-2011-1036 (The XML Security Database Parser class in the XMLSecDB ActiveX control ...)
+CVE-2011-1036
 	NOT-FOR-US: CA Internet Security Suite
-CVE-2011-1035 (The password reset in PivotX before 2.2.4 allows remote attackers to ...)
+CVE-2011-1035
 	NOT-FOR-US: PivotX
-CVE-2011-1034 (Cross-site scripting (XSS) vulnerability in the UI in IBM Rational ...)
+CVE-2011-1034
 	NOT-FOR-US: IBM Rational Build Forge
-CVE-2011-1033 (Stack-based buffer overflow in oninit in IBM Informix Dynamic Server ...)
+CVE-2011-1033
 	NOT-FOR-US: IBM
-CVE-2011-1032 (IBM Lotus Connections 3.0, when IBM WebSphere Application Server ...)
+CVE-2011-1032
 	NOT-FOR-US: IBM
-CVE-2011-1031 (The feh_unique_filename function in utils.c in feh 1.11.2 and earlier ...)
+CVE-2011-1031
 	- feh 1.12-1 (low)
 	[lenny] - feh <no-dsa> (Minor issue)
 	[squeeze] - feh <no-dsa> (Minor issue)
-CVE-2011-1030 (Cross-site scripting (XSS) vulnerability in the Wikis component in IBM ...)
+CVE-2011-1030
 	NOT-FOR-US: IBM
-CVE-2011-1029 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
+CVE-2011-1029
 	NOT-FOR-US: IBM
 CVE-2011-1028
 	RESERVED
@@ -11526,49 +11526,49 @@ CVE-2011-1028
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1027 (Off-by-one error in the convert_query_hexchar function in html.c in ...)
+CVE-2011-1027
 	NOT-FOR-US: cgit
-CVE-2011-1026 (Multiple cross-site request forgery (CSRF) vulnerabilities in Apache ...)
+CVE-2011-1026
 	NOT-FOR-US: Apache Archiva
-CVE-2011-1025 (bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require ...)
+CVE-2011-1025
 	- openldap 2.4.25-1 (unimportant; bug #617606)
 	[squeeze] - openldap 2.4.23-7.1
 	NOTE: NBD backend disabled in Debian builds
-CVE-2011-1024 (chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a ...)
+CVE-2011-1024
 	- openldap 2.4.25-1 (low; bug #617606)
 	[lenny] - openldap 2.4.11-1+lenny2.1
 	[squeeze] - openldap 2.4.23-7.1
-CVE-2011-1023 (The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel ...)
+CVE-2011-1023
 	- linux-2.6 2.6.38-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
-CVE-2011-1022 (The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in ...)
+CVE-2011-1022
 	{DSA-2193-1}
 	- libcgroup 0.37.1-1 (bug #615987)
-CVE-2011-1021 (drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local ...)
+CVE-2011-1021
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.33)
-CVE-2011-1020 (The proc filesystem implementation in the Linux kernel 2.6.37 and ...)
+CVE-2011-1020
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-1
-CVE-2011-1019 (The dev_load function in net/core/dev.c in the Linux kernel before ...)
+CVE-2011-1019
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.32)
 	- linux-2.6 2.6.38-1 (unimportant)
 	NOTE: We won't fix this for Squeeze. This only applies to non-standard setups with fine
 	NOTE: grained security capability models, and an attacker can only load modules from
 	NOTE: /lib/modules, which is only writable with root privs
-CVE-2011-1018 (logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute ...)
+CVE-2011-1018
 	{DSA-2182-1}
 	- logwatch 7.3.6.cvs20090906-2 (bug #615995)
-CVE-2011-1017 (Heap-based buffer overflow in the ldm_frag_add function in ...)
+CVE-2011-1017
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1016 (The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not ...)
+CVE-2011-1016
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-1
-CVE-2011-1015 (The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in ...)
+CVE-2011-1015
 	{DLA-25-1}
 	- python2.6 2.6.8-1 (low; bug #614860)
 	[wheezy] - python2.6 <no-dsa> (Minor issue, fix modifies behaviour, too intrusive to backport)
@@ -11581,18 +11581,18 @@ CVE-2011-1015 (The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module
 	NOTE: http://bugs.python.org/issue2254
 CVE-2011-1014
 	REJECTED
-CVE-2011-1013 (Integer signedness error in the drm_modeset_ctl function in (1) ...)
+CVE-2011-1013
 	- linux-2.6 2.6.38-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-1012 (The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel ...)
+CVE-2011-1012
 	{DSA-2264-1}
 	- linux-2.6 2.6.38-1
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-1011 (The seunshare_mount function in sandbox/seunshare.c in seunshare in ...)
+CVE-2011-1011
 	NOT-FOR-US: seunshare
-CVE-2011-1010 (Buffer overflow in the mac_partition function in fs/partitions/mac.c ...)
+CVE-2011-1010
 	{DSA-2264-1}
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
@@ -11600,24 +11600,24 @@ CVE-2011-1010 (Buffer overflow in the mac_partition function in fs/partitions/ma
 CVE-2011-1009
 	RESERVED
 	NOT-FOR-US: Vanilla Forums
-CVE-2011-1008 (Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not ...)
+CVE-2011-1008
 	- request-tracker3.8 3.8.10-1 (bug #614576)
 	[squeeze] - request-tracker3.8 3.8.8-7+squeeze1
 	[lenny] - request-tracker3.6 3.6.7-5+lenny6
-CVE-2011-1007 (Best Practical Solutions RT before 3.8.9 does not perform certain ...)
+CVE-2011-1007
 	- request-tracker3.6 <removed> (unimportant)
 	- request-tracker3.8 3.8.10-1 (unimportant)
 	NOTE: A physically proximate attacker can do far more damage anyway
-CVE-2011-1006 (Heap-based buffer overflow in the parse_cgroup_spec function in ...)
+CVE-2011-1006
 	{DSA-2193-1}
 	- libcgroup 0.37.1-1
-CVE-2011-1005 (The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through ...)
+CVE-2011-1005
 	- ruby1.8 1.8.7.334-1 (bug #615517)
 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
 	[squeeze] - ruby1.8 <no-dsa> (Minor issue)
 	- ruby1.9 <not-affected>
 	- ruby1.9.1 <not-affected>
-CVE-2011-1004 (The FileUtils.remove_entry_secure method in Ruby 1.8.6 through ...)
+CVE-2011-1004
 	- ruby1.8 1.8.7.334-1 (bug #615518)
 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
 	[squeeze] - ruby1.8 <no-dsa> (Minor issue)
@@ -11625,27 +11625,27 @@ CVE-2011-1004 (The FileUtils.remove_entry_secure method in Ruby 1.8.6 through ..
 	[lenny] - ruby1.9 <no-dsa> (Minor issue)
 	- ruby1.9.1 1.9.2.180-1 (bug #615519)
 	[squeeze] - ruby1.9.1 <no-dsa> (Minor issue, patch would change behaviour and might break things)
-CVE-2011-1003 (Double free vulnerability in the vba_read_project_strings function in ...)
+CVE-2011-1003
 	- clamav 0.97+dfsg-1 (low)
 	[squeeze] - clamav 0.97+dfsg-2~squeeze1 (bug #617444)
 	[lenny] - clamav <end-of-life>
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=2486
 	NOTE: http://web.archive.org/web/20110304224953/http://git.clamav.net:80/gitweb?p=clamav-devel.git;a=commit;h=d21fb8d975f8c9688894a8cef4d50d977022e09f
-CVE-2011-1002 (avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows ...)
+CVE-2011-1002
 	{DSA-2174-1}
 	- avahi 0.6.28-4 (bug #614785)
 	NOTE: duped with CVE-2011-0634
-CVE-2011-1001 (dexdump in Android SDK before 2.3 does not properly perform structural ...)
+CVE-2011-1001
 	NOT-FOR-US: Android SDK
-CVE-2011-1000 (jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before ...)
+CVE-2011-1000
 	{DSA-2169-1}
 	- telepathy-gabble 0.9.15-2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=34048
-CVE-2011-0999 (mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not ...)
+CVE-2011-0999
 	- linux-2.6 <not-affected> (Introduced in 2.6.38-rc1, fixed in 2.6.38-rc5)
 CVE-2011-0998
 	RESERVED
-CVE-2011-0997 (dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV ...)
+CVE-2011-0997
 	{DSA-2217-1 DSA-2216-1}
 	- isc-dhcp 4.1.1-P1-16.1 (bug #621099)
 	- dhcp3 <removed>
@@ -11654,26 +11654,26 @@ CVE-2011-XXXX [isc-dhcp: omapi dos]
 	- dhcp3 <not-affected> (only affects 4.2.0)
 	NOTE: http://thread.gmane.org/gmane.comp.security.oss.general/4820
 	NOTE: inrodroduced in 4.2.0 and fixed in 4.2.1
-CVE-2011-0996 (dhcpcd before 5.2.12 allows remote attackers to execute arbitrary ...)
+CVE-2011-0996
 	- dhcpcd <not-affected> (old shell quoting code is not vulnerable)
 	NOTE: Debian's dhcpcd.sh is not vulnerable.
-CVE-2011-0995 (The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 ...)
+CVE-2011-0995
 	- ruby-sqlite3 <not-affected> (SuSE-specific packaging flaw)
-CVE-2011-0994 (Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter ...)
+CVE-2011-0994
 	NOT-FOR-US: Novell File Reporter
-CVE-2011-0993 (SUSE Lifecycle Management Server before 1.1 uses world readable ...)
+CVE-2011-0993
 	NOT-FOR-US: SUSE Lifecycle Management Server
-CVE-2011-0992 (Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 ...)
+CVE-2011-0992
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0991 (Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 ...)
+CVE-2011-0991
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0990 (Race condition in the FastCopy optimization in the Array.Copy method ...)
+CVE-2011-0990
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0989 (The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, ...)
+CVE-2011-0989
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0988 (pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and ...)
+CVE-2011-0988
 	- pure-ftpd <not-affected> (SUSE-specific)
-CVE-2011-1132 (The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 ...)
+CVE-2011-1132
 	NOT-FOR-US: Apple IPv6 implementation
 CVE-2011-XXXX [kfreebsd dos]
 	- kfreebsd-8 8.2-1 (low; bug #613312; bug #611476)
@@ -11705,7 +11705,7 @@ CVE-2011-1135 [xinha multiple vulns]
 	- openacs <not-affected> (PHP bindings not used)
 	- dotlrn <not-affected> (PHP bindings not used)
 	NOTE: http://secunia.com/advisories/40669/
-CVE-2011-1137 (Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d ...)
+CVE-2011-1137
 	{DSA-2185-1}
 	- proftpd-dfsg 1.3.3d-4 (bug #616179)
 	[lenny] - proftpd-dfsg <not-affected> (Vulnerable code not present)
@@ -11718,51 +11718,51 @@ CVE-2011-XXXX [incorrect handling of {$smarty.template} and {$smarty.current_dir
 	NOTE: http://code.google.com/p/smarty-php/source/detail?r=3989
 	NOTE: https://github.com/smarty-php/smarty/commit/0154f17de2b2dd16ff9c016923015ac19af9c0cb(3.0.7)
 	NOTE: non-issue in practice, if you can place arbitrary template files you have worse problems
-CVE-2011-0987 (The PMA_Bookmark_get function in libraries/bookmark.lib.php in ...)
+CVE-2011-0987
 	{DSA-2167-1}
 	- phpmyadmin 4:3.3.9.2-1
-CVE-2011-0986 (phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not ...)
+CVE-2011-0986
 	- phpmyadmin 4:3.3.9.2-1 (unimportant)
 	NOTE: Path disclosure; paths in Debian are public info already
-CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform process ...)
+CVE-2011-0985
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle plug-ins, ...)
+CVE-2011-0984
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (doesn't include v8 code)
 	NOTE: http://trac.webkit.org/changeset/76264
 	NOTE: ^ this has to be the wrong commit, its a v8 fix, but that doesn't match the description at all
-CVE-2011-0983 (Google Chrome before 9.0.597.94 does not properly handle anonymous ...)
+CVE-2011-0983
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (vulnerable code not yet present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/75810
-CVE-2011-0982 (Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows ...)
+CVE-2011-0982
 	- chromium-browser 9.0.597.98~r74359-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76990
-CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event ...)
+CVE-2011-0981
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76708
-CVE-2011-0980 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+CVE-2011-0980
 	NOT-FOR-US: Microsoft Office Excel 2003
-CVE-2011-0979 (Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, ...)
+CVE-2011-0979
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0978 (Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and ...)
+CVE-2011-0978
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0977 (Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 ...)
+CVE-2011-0977
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0976 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...)
+CVE-2011-0976
 	NOT-FOR-US: Microsoft Office
-CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in ...)
+CVE-2011-0975
 	NOT-FOR-US: BMC PATROL
 CVE-2011-0974
 	RESERVED
@@ -11780,21 +11780,21 @@ CVE-2011-0968
 	RESERVED
 CVE-2011-0967
 	RESERVED
-CVE-2011-0966 (Directory traversal vulnerability in cwhp/auditLog.do in the Homepage ...)
+CVE-2011-0966
 	NOT-FOR-US: Cisco CiscoWorks Common Services
 CVE-2011-0965
 	RESERVED
 CVE-2011-0964
 	RESERVED
-CVE-2011-0963 (The default configuration of the RADIUS authentication feature on the ...)
+CVE-2011-0963
 	NOT-FOR-US: Cisco Network Access Control (NAC) Guest Server
-CVE-2011-0962 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-0962
 	NOT-FOR-US: Cisco Unified Operations Manager
-CVE-2011-0961 (Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in ...)
+CVE-2011-0961
 	NOT-FOR-US: Cisco CiscoWorks Common Services
-CVE-2011-0960 (Multiple SQL injection vulnerabilities in Cisco Unified Operations ...)
+CVE-2011-0960
 	NOT-FOR-US: Cisco Unified Operations Manager
-CVE-2011-0959 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
+CVE-2011-0959
 	NOT-FOR-US: Cisco Unified Operations Manager
 CVE-2011-0958
 	RESERVED
@@ -11810,31 +11810,31 @@ CVE-2011-0953
 	RESERVED
 CVE-2011-0952
 	RESERVED
-CVE-2011-0951 (The web-based management interface in Cisco Secure Access Control ...)
+CVE-2011-0951
 	NOT-FOR-US: Cisco ACS
 CVE-2011-0950
 	RESERVED
-CVE-2011-0949 (Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does ...)
+CVE-2011-0949
 	NOT-FOR-US: Cisco
 CVE-2011-0948
 	RESERVED
 CVE-2011-0947
 	RESERVED
-CVE-2011-0946 (The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through ...)
+CVE-2011-0946
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0945 (Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS ...)
+CVE-2011-0945
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0944 (Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a ...)
+CVE-2011-0944
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause ...)
+CVE-2011-0943
 	NOT-FOR-US: Cisco
 CVE-2011-0942
 	RESERVED
-CVE-2011-0941 (Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before ...)
+CVE-2011-0941
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-0940
 	RESERVED
-CVE-2011-0939 (Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS ...)
+CVE-2011-0939
 	NOT-FOR-US: Cisco IOS
 CVE-2011-0938
 	RESERVED
@@ -11842,7 +11842,7 @@ CVE-2011-0937
 	RESERVED
 CVE-2011-0936
 	RESERVED
-CVE-2011-0935 (The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent ...)
+CVE-2011-0935
 	NOT-FOR-US: Cisco IOS
 CVE-2011-0934
 	RESERVED
@@ -11860,375 +11860,375 @@ CVE-2011-0928
 	RESERVED
 CVE-2011-0927
 	RESERVED
-CVE-2011-0926 (A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure ...)
+CVE-2011-0926
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2011-0925 (The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in ...)
+CVE-2011-0925
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2011-0924 (The client in HP Data Protector does not verify the contents of files ...)
+CVE-2011-0924
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0923 (The client in HP Data Protector does not properly validate EXEC_CMD ...)
+CVE-2011-0923
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0922 (The client in HP Data Protector allows remote attackers to execute ...)
+CVE-2011-0922
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0921 (crs.exe in the Cell Manager Service in the client in HP Data Protector ...)
+CVE-2011-0921
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0920 (The Remote Console in IBM Lotus Domino, when a certain unsupported ...)
+CVE-2011-0920
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0919 (Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP ...)
+CVE-2011-0919
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0918 (Stack-based buffer overflow in the NRouter (aka Router) service in IBM ...)
+CVE-2011-0918
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0917 (Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote ...)
+CVE-2011-0917
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0916 (Stack-based buffer overflow in the SMTP service in IBM Lotus Domino ...)
+CVE-2011-0916
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0915 (Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before ...)
+CVE-2011-0915
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0914 (Integer signedness error in ndiiop.exe in the DIIOP implementation in ...)
+CVE-2011-0914
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0913 (Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation ...)
+CVE-2011-0913
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0912 (Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 ...)
+CVE-2011-0912
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2011-0911 (Cross-site scripting (XSS) vulnerability in the Users module in Zikula ...)
+CVE-2011-0911
 	NOT-FOR-US: zikula
-CVE-2011-0910 (The cookie implementation in Vanilla Forums before 2.0.17.6 makes it ...)
+CVE-2011-0910
 	NOT-FOR-US: Vanilla Forums
-CVE-2011-0909 (Cross-site scripting (XSS) vulnerability in Vanilla Forums before ...)
+CVE-2011-0909
 	NOT-FOR-US: Vanilla Forums
-CVE-2011-0908 (Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows ...)
+CVE-2011-0908
 	NOT-FOR-US: Vanilla Forums
 CVE-2011-0907
 	RESERVED
 CVE-2011-0906
 	RESERVED
-CVE-2011-0905 (The rfbSendFramebufferUpdate function in ...)
+CVE-2011-0905
 	{DSA-2238-1}
 	- vino 2.28.2-3
 	- libvncserver <not-affected> (Performs sufficient range validation, but was initially reported as affected)
 	- kdenetwork 4:4.0
 	NOTE: Only affects the krfb from KDE 3.5
-CVE-2011-0904 (The rfbSendFramebufferUpdate function in ...)
+CVE-2011-0904
 	{DSA-2238-1}
 	- vino 2.28.2-3
 	- libvncserver <not-affected> (Performs sufficient range validation, but was initially reported as affected)
 	- kdenetwork 4:4.0
 	NOTE: Only affects the krfb from KDE 3.5
-CVE-2011-0903 (Multiple directory traversal vulnerabilities in AR Web Content Manager ...)
+CVE-2011-0903
 	NOT-FOR-US: AR Web Content Manager
-CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java Service in ...)
+CVE-2011-0902
 	NOT-FOR-US: SunOS
-CVE-2011-0901 (Multiple stack-based buffer overflows in the tsc_launch_remote ...)
+CVE-2011-0901
 	- tsclient <removed> (low; bug #613204)
 	[lenny] - tsclient <no-dsa> (Minor issue)
 	[squeeze] - tsclient <no-dsa> (Minor issue)
-CVE-2011-0900 (Stack-based buffer overflow in the tsc_launch_remote function ...)
+CVE-2011-0900
 	- tsclient <removed> (low; bug #613204)
 	[lenny] - tsclient <no-dsa> (Minor issue)
 	[squeeze] - tsclient <no-dsa> (Minor issue)
-CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain debugging ...)
+CVE-2011-0899
 	NOT-FOR-US: AES module for Drupal
-CVE-2011-0898 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i ...)
+CVE-2011-0898
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-0897 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 ...)
+CVE-2011-0897
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on ...)
+CVE-2011-0896
 	NOT-FOR-US: HP-UX
-CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and ...)
+CVE-2011-0895
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX platforms ...)
+CVE-2011-0894
 	NOT-FOR-US: HP Operations
-CVE-2011-0893 (Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX ...)
+CVE-2011-0893
 	NOT-FOR-US: HP Operations
-CVE-2011-0892 (Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and ...)
+CVE-2011-0892
 	NOT-FOR-US: HP Diagnostics
-CVE-2011-0891 (Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX ...)
+CVE-2011-0891
 	NOT-FOR-US: HP HP-UX
-CVE-2011-0890 (HP Discovery &amp; Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, ...)
+CVE-2011-0890
 	NOT-FOR-US: HP Discovery & Dependency Mapping Inventory
-CVE-2011-0889 (Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA ...)
+CVE-2011-0889
 	NOT-FOR-US: HP Client Automation Enterprise
 CVE-2011-0888
 	RESERVED
-CVE-2011-0887 (The web management portal on the SMC SMCD3G-CCR (aka Comcast Business ...)
+CVE-2011-0887
 	NOT-FOR-US: SMC SMCD3G-CCR
-CVE-2011-0886 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2011-0886
 	NOT-FOR-US: SMC SMCD3G-CCR
-CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR ...)
+CVE-2011-0885
 	NOT-FOR-US: SMC SMCD3G-CCR
-CVE-2011-0884 (Unspecified vulnerability in the Oracle BPEL Process Manager component ...)
+CVE-2011-0884
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0883 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2011-0883
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0882 (Unspecified vulnerability in the Content Management component in ...)
+CVE-2011-0882
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0881 (Unspecified vulnerability in the EMCTL component in Oracle Database ...)
+CVE-2011-0881
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0880 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-0880
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0879 (Unspecified vulnerability in the Instance Management component in ...)
+CVE-2011-0879
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-0878
 	REJECTED
-CVE-2011-0877 (Unspecified vulnerability in the Instance Management component in ...)
+CVE-2011-0877
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0876 (Unspecified vulnerability in the Enterprise Manager Console component ...)
+CVE-2011-0876
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0875 (Unspecified vulnerability in the EMCTL component in Oracle Database ...)
+CVE-2011-0875
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-0874
 	REJECTED
-CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0873
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0872 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0872
 	NOT-FOR-US: OpenJDK on Microsoft Windows
-CVE-2011-0871 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0871
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0870 (Unspecified vulnerability in the Schema Management component in Oracle ...)
+CVE-2011-0870
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0869
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0868
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0867
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0866 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0866
 	NOT-FOR-US: Java on Windows
-CVE-2011-0865 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0865
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0864 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0864
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0863 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0863
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
-CVE-2011-0862 (Multiple unspecified vulnerabilities in the Java Runtime Environment ...)
+CVE-2011-0862
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0861 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+CVE-2011-0861
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0860 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+CVE-2011-0860
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0859 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Tax ...)
+CVE-2011-0859
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0858 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+CVE-2011-0858
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0857 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+CVE-2011-0857
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0856 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49 GA ...)
+CVE-2011-0856
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0855 (Unspecified vulnerability in the InForm component in Oracle Industry ...)
+CVE-2011-0855
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2011-0854 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 ...)
+CVE-2011-0854
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0853 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+CVE-2011-0853
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0852 (Unspecified vulnerability in the Security Management component in ...)
+CVE-2011-0852
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0851 (Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 ...)
+CVE-2011-0851
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0850 (Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 ...)
+CVE-2011-0850
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0849 (Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 ...)
+CVE-2011-0849
 	NOT-FOR-US: Oracle Java Dynamic Management Kit
-CVE-2011-0848 (Unspecified vulnerability in the Security Framework component in ...)
+CVE-2011-0848
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0847 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java ...)
+CVE-2011-0847
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-0846 (Unspecified vulnerability in the Oracle Sun Java System Access Manager ...)
+CVE-2011-0846
 	NOT-FOR-US: Oracle Sun Java System Access Manager Policy Agent
-CVE-2011-0845 (Unspecified vulnerability in the Database Control component in Oracle ...)
+CVE-2011-0845
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2011-0844 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java ...)
+CVE-2011-0844
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-0843 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...)
+CVE-2011-0843
 	NOT-FOR-US: Oracle Siebel CRM
 CVE-2011-0842
 	REJECTED
-CVE-2011-0841 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote ...)
+CVE-2011-0841
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0840 (Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools ...)
+CVE-2011-0840
 	NOT-FOR-US: Oracle PeopleSoft Enterprise PeopleTools
-CVE-2011-0839 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...)
+CVE-2011-0839
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0838 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-0838
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0837 (Unspecified vulnerability in the Agile Technology Platform component ...)
+CVE-2011-0837
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2011-0836 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+CVE-2011-0836
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0835 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-0835
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0834 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...)
+CVE-2011-0834
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2011-0833 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...)
+CVE-2011-0833
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2011-0832 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2011-0832
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0831 (Unspecified vulnerability in the Enterprise Config Management ...)
+CVE-2011-0831
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0830 (Unspecified vulnerability in the Event Management component in Oracle ...)
+CVE-2011-0830
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0829 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2011-0829
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0828 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle ...)
+CVE-2011-0828
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0827 (Unspecified vulnerability in the PeopleSoft Enterprise component in ...)
+CVE-2011-0827
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-0826 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle ...)
+CVE-2011-0826
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-0825 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+CVE-2011-0825
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0824 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+CVE-2011-0824
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0823 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+CVE-2011-0823
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0822 (Unspecified vulnerability in the Streams, AQ &amp; Replication Mgmt ...)
+CVE-2011-0822
 	NOT-FOR-US: Oracle Database Serve
-CVE-2011-0821 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+CVE-2011-0821
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0820 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows ...)
+CVE-2011-0820
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0819 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+CVE-2011-0819
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0818 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+CVE-2011-0818
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0817 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0817
 	NOT-FOR-US: Java on Windows
-CVE-2011-0816 (Unspecified vulnerability in the CMDB Metadata &amp; Instance APIs ...)
+CVE-2011-0816
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0815
 	NOT-FOR-US: Java on Windows
-CVE-2011-0814 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0814
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
-CVE-2011-0813 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2011-0813
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0812 (Unspecified vulnerability in the Solaris component in Oracle Solaris ...)
+CVE-2011-0812
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0811 (Unspecified vulnerability in the Enterprise Config Management ...)
+CVE-2011-0811
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0810 (Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools 8.9 GA ...)
+CVE-2011-0810
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0809 (Unspecified vulnerability in the Web ADI component in Oracle ...)
+CVE-2011-0809
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0808 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2011-0808
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0807 (Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server ...)
+CVE-2011-0807
 	NOT-FOR-US: Oracle Sun GlassFish Enterprise Server
-CVE-2011-0806 (Unspecified vulnerability in the Network Foundation component in ...)
+CVE-2011-0806
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0805 (Unspecified vulnerability in the UIX component in Oracle Database ...)
+CVE-2011-0805
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0804 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2011-0804
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0803 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2011-0803
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-0802 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0802
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
-CVE-2011-0801 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+CVE-2011-0801
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0800 (Unspecified vulnerability in the Solaris component in Oracle Solaris ...)
+CVE-2011-0800
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0799 (Unspecified vulnerability in the Oracle Warehouse Builder component in ...)
+CVE-2011-0799
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0798 (Unspecified vulnerability in the Portal component in Oracle Fusion ...)
+CVE-2011-0798
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0797 (Unspecified vulnerability in the Applications Install component in ...)
+CVE-2011-0797
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0796 (Unspecified vulnerability in the Applications Install component in ...)
+CVE-2011-0796
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0795 (Unspecified vulnerability in the Single Sign On component in Oracle ...)
+CVE-2011-0795
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0794 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2011-0794
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0793 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2011-0793
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0792 (Unspecified vulnerability in the Oracle Warehouse Builder component in ...)
+CVE-2011-0792
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0791 (Unspecified vulnerability in the Application Object Library component ...)
+CVE-2011-0791
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0790 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local ...)
+CVE-2011-0790
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0789 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2011-0789
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0788 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0788
 	NOT-FOR-US: Java on Windows
-CVE-2011-0787 (Unspecified vulnerability in the Application Service Level Management ...)
+CVE-2011-0787
 	NOT-FOR-US: Oracle
-CVE-2011-0786 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2011-0786
 	NOT-FOR-US: Java on Windows
-CVE-2011-0785 (Unspecified vulnerability in the Oracle Help component in Oracle ...)
+CVE-2011-0785
 	NOT-FOR-US: Oracle
-CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote ...)
+CVE-2011-0784
 	- chromium-browser 9.0.597.84~r72991-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84 allows ...)
+CVE-2011-0783
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0782 (Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate ...)
+CVE-2011-0782
 	- chromium-browser <not-affected> (mac only)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0781 (Google Chrome before 9.0.597.84 does not properly handle autofill ...)
+CVE-2011-0781
 	- chromium-browser 9.0.597.84~r72991-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0780 (The PDF event handler in Google Chrome before 9.0.597.84 does not ...)
+CVE-2011-0780
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0779 (Google Chrome before 9.0.597.84 does not properly handle a missing key ...)
+CVE-2011-0779
 	{DSA-2192-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0778 (Google Chrome before 9.0.597.84 does not properly restrict drag and ...)
+CVE-2011-0778
 	{DSA-2188-1 DSA-2166-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/71925
-CVE-2011-0777 (Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows ...)
+CVE-2011-0777
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/72230
-CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84 on Mac ...)
+CVE-2011-0776
 	- chromium-browser <not-affected> (mac only)
 	- webkit <not-affected> (chromium specific)
 CVE-2011-XXXX [evince segfault]
@@ -12247,32 +12247,32 @@ CVE-2011-XXXX [aptitude tempfile]
 	- aptitude 0.6.3-4 (low; bug #612034)
 	[squeeze] - aptitude 0.6.3-2.1+squeeze1 (bug #612034)
 	[lenny] - aptitude 0.4.11.11-1~lenny2 (bug #612034)
-CVE-2011-0775 (pivotx/modules/module_image.php in PivotX 2.2.2 allows remote ...)
+CVE-2011-0775
 	NOT-FOR-US: PivotX
-CVE-2011-0774 (PivotX before 2.2.2 allows remote attackers to obtain sensitive ...)
+CVE-2011-0774
 	NOT-FOR-US: PivotX
-CVE-2011-0773 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-0773
 	NOT-FOR-US: PivotX
-CVE-2011-0772 (Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, ...)
+CVE-2011-0772
 	NOT-FOR-US: PivotX
-CVE-2011-0771 (The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not ...)
+CVE-2011-0771
 	NOT-FOR-US: Janrain Engage Drupal module
-CVE-2011-0770 (Cross-site scripting (XSS) vulnerability in Windows Event Log ...)
+CVE-2011-0770
 	NOT-FOR-US: Windows Event Log SmartConnector
 CVE-2011-0769
 	RESERVED
 CVE-2011-0768
 	RESERVED
-CVE-2011-0767 (Cross-site scripting (XSS) vulnerability in the management GUI in the ...)
+CVE-2011-0767
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall
-CVE-2011-0766 (The random number generator in the Crypto application before 2.0.2.2, ...)
+CVE-2011-0766
 	- erlang 1:14.b.3-dfsg-1 (low; bug #628456)
 	[squeeze] - erlang 1:14.a-dfsg-3squeeze1
 	NOTE: http://www.kb.cert.org/vuls/id/178990
 	NOTE: https://github.com/erlang/otp/commit/f228601de45c5
-CVE-2011-0765 (Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) ...)
+CVE-2011-0765
 	NOT-FOR-US: pWhois Layer Four Traceroute
-CVE-2011-0764 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ...)
+CVE-2011-0764
 	{DSA-2388-1}
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
@@ -12282,185 +12282,185 @@ CVE-2011-0764 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, a
 	NOTE: http://www.toucan-system.com/advisories/tssa-2011-01.txt
 CVE-2011-0763
 	RESERVED
-CVE-2011-0762 (The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 ...)
+CVE-2011-0762
 	{DSA-2305-1}
 	- vsftpd 2.3.4-1 (bug #622741)
 	[squeeze] - vsftpd 2.3.2-3+squeeze2
 	[lenny] - vsftpd 2.0.7-1+lenny1
-CVE-2011-0761 (Perl 5.10.x allows context-dependent attackers to cause a denial of ...)
+CVE-2011-0761
 	- perl 5.12.0-1 (unimportant; bug #628817)
-CVE-2011-0760 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2011-0760
 	NOT-FOR-US: WP Related Posts plugin for WordPress
-CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2011-0759
 	NOT-FOR-US: Recaptcha plugin for WordPress
-CVE-2011-0758 (The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager ...)
+CVE-2011-0758
 	NOT-FOR-US: CA ETrust
-CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
+CVE-2011-0757
 	NOT-FOR-US: IBM DB2
-CVE-2011-0756 (The application server in Trustwave WebDefend Enterprise before 5.0 ...)
+CVE-2011-0756
 	NOT-FOR-US: Trustwave WebDefend Enterprise
-CVE-2011-0755 (Integer overflow in the mt_rand function in PHP before 5.3.4 might ...)
+CVE-2011-0755
 	- php5 5.3.5-1 (unimportant)
 	NOTE: Only exploitable with malicious script
-CVE-2011-0754 (The SplFileInfo::getType function in the Standard PHP Library (SPL) ...)
+CVE-2011-0754
 	- php5 <not-affected> (Only affects PHP on Windows)
-CVE-2011-0753 (Race condition in the PCNTL extension in PHP before 5.3.4, when a ...)
+CVE-2011-0753
 	- php5 5.3.5-1 (unimportant)
 	NOTE: Only exploitable with malicious script
-CVE-2011-0752 (The extract function in PHP before 5.2.15 does not prevent use of the ...)
+CVE-2011-0752
 	- php5 5.3.3-7 (unimportant)
 	NOTE: Only exploitable with malicious script
-CVE-2011-0751 (Directory traversal vulnerability in nhttpd (aka Nostromo webserver) ...)
+CVE-2011-0751
 	NOT-FOR-US: Nostromo webserver
 CVE-2011-0750
 	RESERVED
 CVE-2011-0749
 	RESERVED
-CVE-2011-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList ...)
+CVE-2011-0748
 	NOT-FOR-US: phpList
 CVE-2011-0747
 	RESERVED
-CVE-2011-0746 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-0746
 	NOT-FOR-US: ZyXEL O2 DSL Router
-CVE-2011-0745 (SugarCRM before 6.1.3 does not properly handle reloads and direct ...)
+CVE-2011-0745
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
 CVE-2011-0744
 	RESERVED
 CVE-2011-0743
 	RESERVED
-CVE-2011-0742 (Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management ...)
+CVE-2011-0742
 	NOT-FOR-US: Novell ZENworks Handheld Management
-CVE-2011-0741 (Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution ...)
+CVE-2011-0741
 	NOT-FOR-US: ModX
-CVE-2011-0740 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-0740
 	- magpierss 0.72-10 (low; bug #611940)
 	[squeeze] - magpierss 0.72-8+squeeze1
 	[lenny] - magpierss 0.72-5+lenny1
-CVE-2011-0739 (The deliver function in the sendmail delivery agent ...)
+CVE-2011-0739
 	NOT-FOR-US: Ruby mail gem
-CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through ...)
+CVE-2011-0738
 	NOT-FOR-US: MyProxy
-CVE-2011-0737 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote ...)
+CVE-2011-0737
 	NOT-FOR-US: Adobe Coldfusion
-CVE-2011-0736 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web ...)
+CVE-2011-0736
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0735 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before ...)
+CVE-2011-0735
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0734 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before ...)
+CVE-2011-0734
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0733 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before ...)
+CVE-2011-0733
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0732 (Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal ...)
+CVE-2011-0732
 	NOT-FOR-US: IBM Tivoli Integrated Portal
-CVE-2011-0731 (Buffer overflow in the DB2 Administration Server (DAS) component in ...)
+CVE-2011-0731
 	NOT-FOR-US: IBM DB2
-CVE-2011-0730 (Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in ...)
+CVE-2011-0730
 	- eucalyptus <not-affected> (It was once removed from archive, then re-added as 3.1.0)
-CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector ...)
+CVE-2011-0729
 	NOT-FOR-US: Ubuntu-specific language-selector package
-CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py in ...)
+CVE-2011-0728
 	- loggerhead 1.18.1-1 (low)
 	[squeeze] - loggerhead <no-dsa> (Minor issue)
-CVE-2011-0727 (GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to ...)
+CVE-2011-0727
 	{DSA-2205-1}
 	- gdm3 2.30.5-9
 	- gdm <not-affected> (Affected code was introduced in 2.28)
-CVE-2011-0726 (The do_task_stat function in fs/proc/array.c in the Linux kernel ...)
+CVE-2011-0726
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 	[lenny] - linux-2.6 2.6.26-26lenny3
 	[squeeze] - linux-2.6 2.6.32-32
-CVE-2011-0725 (Absolute path traversal vulnerability in the ...)
+CVE-2011-0725
 	- aptdaemon 0.43+bzr707-1
 	[squeeze] - aptdaemon <not-affected> (Introduced in 0.33)
-CVE-2011-0724 (The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not ...)
+CVE-2011-0724
 	- italc <not-affected> (Only Edubuntu Live DVD affected)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/italc/+bug/714864
 	NOTE: http://web.archive.org/web/20140817234205/https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html
-CVE-2011-0723 (FFmpeg 0.5.x, as used in MPlayer and other products, allows remote ...)
+CVE-2011-0723
 	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-0722 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...)
+CVE-2011-0722
 	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-0721 (Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in ...)
+CVE-2011-0721
 	{DSA-2164-1}
 	- shadow 1:4.1.4.2+svn3283-3
 	[lenny] - shadow <not-affected> (Vulnerable code not present)
-CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, ...)
+CVE-2011-0720
 	- plone3 <removed>
-CVE-2011-0719 (Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 ...)
+CVE-2011-0719
 	{DSA-2175-1}
 	- samba 2:3.5.7~dfsg-1
-CVE-2011-0718 (Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay ...)
+CVE-2011-0718
 	NOT-FOR-US: Red Hat Network Satellite/Spacewalk
-CVE-2011-0717 (Session fixation vulnerability in Red Hat Network (RHN) Satellite ...)
+CVE-2011-0717
 	NOT-FOR-US: Red Hat Network Satellite/Spacewalk
-CVE-2011-0716 (The br_multicast_add_group function in net/bridge/br_multicast.c in ...)
+CVE-2011-0716
 	- linux-2.6 2.6.38-1 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34)
 	[wheezy] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34)
-CVE-2011-0715 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+CVE-2011-0715
 	{DSA-2181-1}
 	- subversion 1.6.16dfsg-1
-CVE-2011-0714 (Use-after-free vulnerability in a certain Red Hat patch for the RPC ...)
+CVE-2011-0714
 	- linux-2.6 <not-affected> (This issue only affects Red Hat Enterprise Linux 6)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=678144
 	NOTE: http://seclists.org/oss-sec/2011/q1/438
-CVE-2011-0713 (Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 ...)
+CVE-2011-0713
 	{DSA-2201-1}
 	- wireshark 1.4.4-1
 	[lenny] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
-CVE-2011-0712 (Multiple buffer overflows in the caiaq Native Instruments USB audio ...)
+CVE-2011-0712
 	{DSA-2310-1}
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-0711 (The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel ...)
+CVE-2011-0711
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1 (low)
-CVE-2011-0710 (The task_show_regs function in arch/s390/kernel/traps.c in the Linux ...)
+CVE-2011-0710
 	{DSA-2264-1}
 	- linux-2.6 2.6.37-2 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-0709 (The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux ...)
+CVE-2011-0709
 	- linux-2.6 <not-affected> (Introduced in 2.6.35-rc1 and fixed in 2.6.35-rc5)
-CVE-2011-0708 (exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms ...)
+CVE-2011-0708
 	{DSA-2266-1}
 	- php5 5.3.6-1
-CVE-2011-0707 (Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py ...)
+CVE-2011-0707
 	{DSA-2170-1}
 	- mailman 1:2.1.14-1
 	NOTE: patch http://mail.python.org/pipermail/mailman-developers/attachments/20110218/15500b22/attachment.txt
 	NOTE: present in 2.1.14 and earlier
 	NOTE: http://mail.python.org/pipermail/mailman-developers/2011-February/021317.html
-CVE-2011-0706 (The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in ...)
+CVE-2011-0706
 	{DSA-2224-1}
 	- openjdk-6 6b18-1.8.7-1
 CVE-2011-0705
 	REJECTED
-CVE-2011-0704 (389 Directory Server 1.2.7.5, when built with mozldap, allows remote ...)
+CVE-2011-0704
 	NOT-FOR-US: 389 Directory Server
 CVE-2011-0703
 	RESERVED
 	- gksu-polkit <removed> (bug #684489)
 	[squeeze] - gksu-polkit <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-0702 (The feh_unique_filename function in utils.c in feh before 1.11.2 might ...)
+CVE-2011-0702
 	- feh 1.12-1 (low; bug #612035)
 	[squeeze] - feh <no-dsa> (Minor issue)
 	[lenny] - feh <no-dsa> (Minor issue)
-CVE-2011-0701 (wp-admin/async-upload.php in the media uploader in WordPress before ...)
+CVE-2011-0701
 	{DSA-2190-1}
 	- wordpress 3.0.5+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
-CVE-2011-0700 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress ...)
+CVE-2011-0700
 	{DSA-2190-1}
 	- wordpress 3.0.5+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
@@ -12470,25 +12470,25 @@ CVE-2011-0699
 	[wheezy] - linux-2.6 <not-affected> (code introduced in .37)
 	[squeeze] - linux-2.6 <not-affected> (code introduced in .37)
 	[lenny] - linux-2.6 <not-affected> (code introduced in .37)
-CVE-2011-0698 (Directory traversal vulnerability in Django 1.1.x before 1.1.4 and ...)
+CVE-2011-0698
 	- python-django <not-affected> (Windows-specific)
 	NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
-CVE-2011-0697 (Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 ...)
+CVE-2011-0697
 	{DSA-2163-1}
 	- python-django 1.2.5-1
 	[lenny] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
 	[squeeze] - python-django 1.2.3-3+squeeze1
-CVE-2011-0696 (Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly ...)
+CVE-2011-0696
 	{DSA-2163-1}
 	- python-django 1.2.5-1
 	[lenny] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
 	[squeeze] - python-django 1.2.3-3+squeeze1
-CVE-2011-0695 (Race condition in the cm_work_handler function in the InfiniBand ...)
+CVE-2011-0695
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
-CVE-2011-0694 (RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and ...)
+CVE-2011-0694
 	NOT-FOR-US: RealPlayer
 CVE-2011-0693
 	RESERVED
@@ -12500,123 +12500,123 @@ CVE-2011-0690
 	RESERVED
 CVE-2011-0689
 	RESERVED
-CVE-2011-0688 (Intel Alert Management System (aka AMS or AMS2), as used in Symantec ...)
+CVE-2011-0688
 	NOT-FOR-US: Symantec Intel Alert Handler
-CVE-2011-0687 (Opera before 11.01 does not properly implement Wireless Application ...)
+CVE-2011-0687
 	NOT-FOR-US: Opera
-CVE-2011-0686 (Unspecified vulnerability in Opera before 11.01 allows remote ...)
+CVE-2011-0686
 	NOT-FOR-US: Opera
-CVE-2011-0685 (The Delete Private Data feature in Opera before 11.01 does not ...)
+CVE-2011-0685
 	NOT-FOR-US: Opera
-CVE-2011-0684 (Opera before 11.01 does not properly handle redirections and ...)
+CVE-2011-0684
 	NOT-FOR-US: Opera
-CVE-2011-0683 (Opera before 11.01 does not properly restrict the use of opera: URLs, ...)
+CVE-2011-0683
 	NOT-FOR-US: Opera
-CVE-2011-0682 (Integer truncation error in opera.dll in Opera before 11.01 allows ...)
+CVE-2011-0682
 	NOT-FOR-US: Opera
-CVE-2011-0681 (The Cascading Style Sheets (CSS) Extensions for XML implementation in ...)
+CVE-2011-0681
 	NOT-FOR-US: Opera
-CVE-2011-0680 (data/WorkingMessage.java in the Mms application in Android before ...)
+CVE-2011-0680
 	NOT-FOR-US: Mms for Android
-CVE-2011-0679 (IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web ...)
+CVE-2011-0679
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-0678 (Unrestricted file upload vulnerability in the EasyEdit module in ...)
+CVE-2011-0678
 	NOT-FOR-US: Lomtec ActiveWeb Professional
-CVE-2011-0677 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-0677
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0676 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-0676
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0675 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0675
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0674 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0674
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0673 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 ...)
+CVE-2011-0673
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0672 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0672
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0671 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0671
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0670 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0670
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0669
 	REJECTED
 CVE-2011-0668
 	RESERVED
-CVE-2011-0667 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0667
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0666 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0666
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0665 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0665
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0664 (Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and ...)
+CVE-2011-0664
 	NOT-FOR-US: Microsoft .NET Framework, Silverlight
-CVE-2011-0663 (Multiple integer overflows in the Microsoft (1) JScript 5.6 through ...)
+CVE-2011-0663
 	NOT-FOR-US: Microsoft JScript
-CVE-2011-0662 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2011-0662
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0661 (The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2011-0661
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0660 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server ...)
+CVE-2011-0660
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0659
 	REJECTED
-CVE-2011-0658 (Integer underflow in the OLE Automation protocol implementation in ...)
+CVE-2011-0658
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0657 (DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2011-0657
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0656 (Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office ...)
+CVE-2011-0656
 	NOT-FOR-US: Microsoft
-CVE-2011-0655 (Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 ...)
+CVE-2011-0655
 	NOT-FOR-US: Microsoft
-CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in the ...)
+CVE-2011-0654
 	NOT-FOR-US: Windows 2003
-CVE-2011-0653 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
+CVE-2011-0653
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-0652 (lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 ...)
+CVE-2011-0652
 	NOT-FOR-US: Look 'n' Stop Firewall
-CVE-2011-0651 (Buffer overflow in the key exchange functionality in Icon Labs ...)
+CVE-2011-0651
 	NOT-FOR-US: Iconfidant SSL Server (VxWorks OS)
-CVE-2011-0650 (Cross-site request forgery (CSRF) vulnerability in Greenbone Security ...)
+CVE-2011-0650
 	NOT-FOR-US: Greenbone Security Manager appliance
-CVE-2011-0649 (Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through ...)
+CVE-2011-0649
 	NOT-FOR-US: TIBCO Rendezvous
-CVE-2011-0648 (Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote ...)
+CVE-2011-0648
 	NOT-FOR-US: EMC Avamar
-CVE-2011-0647 (The irccd.exe service in EMC Replication Manager Client before 5.3 and ...)
+CVE-2011-0647
 	NOT-FOR-US: EMC
-CVE-2011-0646 (SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows ...)
+CVE-2011-0646
 	NOT-FOR-US: PHPLOWBIDS
-CVE-2011-0645 (SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows ...)
+CVE-2011-0645
 	NOT-FOR-US: PHPCMS
-CVE-2011-0644 (SQL injection vulnerability in include/admin/model_field.class.php in ...)
+CVE-2011-0644
 	NOT-FOR-US: PHPCMS
-CVE-2011-0643 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2011-0643
 	NOT-FOR-US: PHP Link Directory
-CVE-2011-0642 (Cross-site request forgery (CSRF) vulnerability in news/admin.php in ...)
+CVE-2011-0642
 	NOT-FOR-US: N-13 News
-CVE-2011-0641 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2011-0641
 	NOT-FOR-US: StatPressCN Wordpress Plugin
-CVE-2011-0640 (The default configuration of udev on Linux does not warn the user ...)
+CVE-2011-0640
 	NOTE: Not much that could sensibly be fixed here
-CVE-2011-0639 (Apple Mac OS X does not properly warn the user before enabling ...)
+CVE-2011-0639
 	NOT-FOR-US: Mac OS X
-CVE-2011-0638 (Microsoft Windows does not properly warn the user before enabling ...)
+CVE-2011-0638
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0637 (The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a ...)
+CVE-2011-0637
 	NOT-FOR-US: AIX
-CVE-2011-0636 (The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA ...)
+CVE-2011-0636
 	NOT-FOR-US: NVIDIA CUDA Toolkit
-CVE-2011-0635 (Static code injection vulnerability in Simploo CMS 1.7.1 and earlier ...)
+CVE-2011-0635
 	NOT-FOR-US: Simploo
 CVE-2011-XXXX [shibboleth Single TransientID Mapped to Multiple Principals]
 	NOTE: Not packaged in Debian, separate package Shibboleth IdP
 	NOTE: http://shibboleth.internet2.edu/secadv/secadv_20110113.txt
-CVE-2011-0520 (The compress_add_dlabel_points function in dns/Compress.c in MaraDNS ...)
+CVE-2011-0520
 	{DSA-2196-1}
 	- maradns 1.4.03-1.1 (bug #610834)
 CVE-2011-0634
 	REJECTED
-CVE-2011-0633 (The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in ...)
+CVE-2011-0633
 	- libwww-perl 6.01-1 (low; bug #669126)
 	[squeeze] - libwww-perl <no-dsa> (Minor issue)
 CVE-2011-0632
@@ -12625,482 +12625,482 @@ CVE-2011-0631
 	RESERVED
 CVE-2011-0630
 	RESERVED
-CVE-2011-0629 (Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion ...)
+CVE-2011-0629
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0628 (Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, ...)
+CVE-2011-0628
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0627 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0627
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0626 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0626
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0625 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0625
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0624 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0624
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0623 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0623
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0622 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0622
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0621 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0621
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0620 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0620
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0619 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0619
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0618 (Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, ...)
+CVE-2011-0618
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-0617
 	REJECTED
 CVE-2011-0616
 	REJECTED
-CVE-2011-0615 (Multiple buffer overflows in Adobe Audition 3.0.1 and earlier allow ...)
+CVE-2011-0615
 	NOT-FOR-US: Adobe Audition
-CVE-2011-0614 (Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote ...)
+CVE-2011-0614
 	NOT-FOR-US: Adobe Audition
-CVE-2011-0613 (Multiple cross-site scripting (XSS) vulnerabilities in RoboHelp 7 and ...)
+CVE-2011-0613
 	NOT-FOR-US: RoboHelp
-CVE-2011-0612 (Adobe Flash Media Server (FMS) before 3.5.6, and 4.x before 4.0.2, ...)
+CVE-2011-0612
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2011-0611 (Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0611
 	NOT-FOR-US: Adobe Flash Player / Acrobat Reader
-CVE-2011-0610 (The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through ...)
+CVE-2011-0610
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0609 (Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and ...)
+CVE-2011-0609
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0608 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0608
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0607 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0607
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0606 (Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat ...)
+CVE-2011-0606
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0605 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0605
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0604 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
+CVE-2011-0604
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0603 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0603
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0602 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0602
 	NOT-FOR-US: Adobe Reader
 CVE-2011-0601
 	REJECTED
-CVE-2011-0600 (The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x ...)
+CVE-2011-0600
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0599 (The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat ...)
+CVE-2011-0599
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0598 (Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before ...)
+CVE-2011-0598
 	NOT-FOR-US: Adobe Reader
 CVE-2011-0597
 	REJECTED
-CVE-2011-0596 (The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat ...)
+CVE-2011-0596
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0595 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0595
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0594 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0594
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0593 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0593
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0592 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0592
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0591 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0591
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0590 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0590
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0589 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0589
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0588 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
+CVE-2011-0588
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0587 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
+CVE-2011-0587
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0586 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0586
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0585 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2011-0585
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0584 (Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 ...)
+CVE-2011-0584
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0583 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 ...)
+CVE-2011-0583
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0582 (Unspecified vulnerability in the administrator console in Adobe ...)
+CVE-2011-0582
 	NOT-FOR-US: ColdFusion
-CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 ...)
+CVE-2011-0581
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2011-0580
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0579 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
+CVE-2011-0579
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0578
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0577 (Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 ...)
+CVE-2011-0577
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-0576
 	REJECTED
-CVE-2011-0575 (Untrusted search path vulnerability in Adobe Flash Player before ...)
+CVE-2011-0575
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0574 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0574
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0573 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0573
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0572 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0572
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0571 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0571
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0570 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
+CVE-2011-0570
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0569 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
+CVE-2011-0569
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0568 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2011-0568
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0567 (AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x ...)
+CVE-2011-0567
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0566 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0566
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0565 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2011-0565
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0564 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0564
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0563 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+CVE-2011-0563
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0562 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
+CVE-2011-0562
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0561 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0561
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0560 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0560
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0559 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+CVE-2011-0559
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0558 (Integer overflow in Adobe Flash Player before 10.2.152.26 allows ...)
+CVE-2011-0558
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0557 (Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
+CVE-2011-0557
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0556 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
+CVE-2011-0556
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0555 (The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
+CVE-2011-0555
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0554 (The management console in Symantec IM Manager before 8.4.18 allows ...)
+CVE-2011-0554
 	NOT-FOR-US: Symantec IM Manager
-CVE-2011-0553 (SQL injection vulnerability in the management console in Symantec IM ...)
+CVE-2011-0553
 	NOT-FOR-US: Symantec IM Manager
-CVE-2011-0552 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2011-0552
 	NOT-FOR-US: Symantec IM Manager
-CVE-2011-0551 (Cross-site request forgery (CSRF) vulnerability in the Web Interface ...)
+CVE-2011-0551
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2011-0550 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ...)
+CVE-2011-0550
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2011-0549 (SQL injection vulnerability in forget.php in the management GUI in ...)
+CVE-2011-0549
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in ...)
+CVE-2011-0548
 	NOT-FOR-US: Lotus Freelance Graphics
-CVE-2011-0547 (Multiple integer overflows in vxsvc.exe in the Veritas Enterprise ...)
+CVE-2011-0547
 	NOT-FOR-US: Veritas
-CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not ...)
+CVE-2011-0546
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in ...)
+CVE-2011-0545
 	NOT-FOR-US: Symantec LiveUpdate Administrator
 CVE-2011-0544
 	RESERVED
 	- phpbb3 3.0.7-PL1-5 (low; bug #612477)
 	[squeeze] - phpbb3 <no-dsa> (Minor issue)
-CVE-2011-0543 (Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, ...)
+CVE-2011-0543
 	- fuse 2.8.5-1 (low; bug #624551)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
-CVE-2011-0542 (fusermount in fuse 2.8.5 and earlier does not perform a chdir to / ...)
+CVE-2011-0542
 	- fuse 2.8.5-1 (low; bug #624551)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
-CVE-2011-0541 (fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot ...)
+CVE-2011-0541
 	- fuse 2.8.5-1 (low; bug #624551)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
 CVE-2011-0540
 	REJECTED
-CVE-2011-0539 (The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, ...)
+CVE-2011-0539
 	- openssh 1:5.8p1-2
 	[squeeze] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
 	[lenny] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
-CVE-2011-0538 (Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees ...)
+CVE-2011-0538
 	{DSA-2201-1}
 	- wireshark 1.4.3-3 (low; bug #613202)
-CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
+CVE-2011-0537
 	- mediawiki <not-affected> (Only affected when running on Windows or Novell Netware)
-CVE-2011-0536 (Multiple untrusted search path vulnerabilities in elf/dl-object.c in ...)
+CVE-2011-0536
 	- eglibc 2.11.2-8 (bug #600667)
 	- glibc <not-affected> (Lenny version not affected)
-CVE-2011-0535 (Cross-site request forgery (CSRF) vulnerability in the Users module in ...)
+CVE-2011-0535
 	NOT-FOR-US: zikula
-CVE-2011-0534 (Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not ...)
+CVE-2011-0534
 	{DSA-2160-1}
 	- tomcat5.5 <not-affected> (Vulnerable code not present)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2011-0533 (Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 ...)
+CVE-2011-0533
 	NOT-FOR-US: Apache Continuum
-CVE-2011-0532 (The (1) backup and restore scripts, (2) main initialization script, ...)
+CVE-2011-0532
 	NOT-FOR-US: 389 LDAP server
-CVE-2011-0531 (demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media ...)
+CVE-2011-0531
 	{DSA-2159-1}
 	- vlc 1.1.7-1 (medium)
 	[lenny] - vlc 0.8.6.h-4+lenny3
-CVE-2011-0530 (Buffer overflow in the mainloop function in nbd-server.c in the server ...)
+CVE-2011-0530
 	{DSA-2183-1}
 	- nbd 1:2.9.16-8 (bug #611187)
 	[etch] - nbd <not-affected> (reintroduced in 2.9.0)
 CVE-2011-0529
 	RESERVED
 	- weborf 0.12.5-1
-CVE-2011-0528 (Puppet 2.6.0 through 2.6.3 does not properly restrict access to node ...)
+CVE-2011-0528
 	- puppet 2.6.2-3
 	[lenny] - puppet <not-affected> (Only affects 2.6.x)
-CVE-2011-0527 (VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before ...)
+CVE-2011-0527
 	NOT-FOR-US: VMware vFabric tc Server
-CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in Vanilla ...)
+CVE-2011-0526
 	NOT-FOR-US: Vanilla Forums
 CVE-2011-0525
 	RESERVED
 	NOT-FOR-US: Batavi
-CVE-2011-0524 (Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 ...)
+CVE-2011-0524
 	- gypsy <itp> (bug #491723)
-CVE-2011-0523 (gypsy 0.8 does not properly restrict the files that can be read while ...)
+CVE-2011-0523
 	- gypsy <itp> (bug #491723)
-CVE-2011-0521 (The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in ...)
+CVE-2011-0521
 	{DSA-2153-1}
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-0519 (SQL injection vulnerability in gallery.php in Gallarific PHP Photo ...)
+CVE-2011-0519
 	NOT-FOR-US: Gallarific
-CVE-2011-0518 (Directory traversal vulnerability in core/lib/router.php in LotusCMS ...)
+CVE-2011-0518
 	NOT-FOR-US: LotusCMS
-CVE-2011-0517 (Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and ...)
+CVE-2011-0517
 	NOT-FOR-US: Winlog Pro
-CVE-2011-0516 (SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site ...)
+CVE-2011-0516
 	NOT-FOR-US: BetMore Site Suite
-CVE-2011-0515 (KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 ...)
+CVE-2011-0515
 	NOT-FOR-US: Kingsoft AntiVirus
-CVE-2011-0514 (The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows ...)
+CVE-2011-0514
 	NOT-FOR-US: HP Data Protector Manager
-CVE-2011-0513 (DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows ...)
+CVE-2011-0513
 	NOT-FOR-US: SecurStar DriveCrypt
-CVE-2011-0512 (SQL injection vulnerability in team.php in the Teams Structure module ...)
+CVE-2011-0512
 	NOT-FOR-US: PHP-Fusion
-CVE-2011-0511 (SQL injection vulnerability in the allCineVid component ...)
+CVE-2011-0511
 	NOT-FOR-US: Joomla! component
-CVE-2011-0510 (SQL injection vulnerability in cart.php in Advanced Webhost Billing ...)
+CVE-2011-0510
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2011-0509 (Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows ...)
+CVE-2011-0509
 	NOT-FOR-US: Vaadin
-CVE-2011-0508 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2011-0508
 	NOT-FOR-US: Contao CMS
-CVE-2011-0507 (FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 ...)
+CVE-2011-0507
 	NOT-FOR-US: Blackmoon FTP
 	NOTE: Windows-only
-CVE-2011-0506 (Directory traversal vulnerability in modules/profile/user.php in Ax ...)
+CVE-2011-0506
 	NOT-FOR-US: AxDCMS
-CVE-2011-0505 (Directory traversal vulnerability in system/system.php in Zwii 2.1.1, ...)
+CVE-2011-0505
 	NOT-FOR-US: Zwii
-CVE-2011-0504 (Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, ...)
+CVE-2011-0504
 	NOT-FOR-US: VaM Shop
-CVE-2011-0503 (Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, ...)
+CVE-2011-0503
 	NOT-FOR-US: VaM Shop
-CVE-2011-0502 (Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly ...)
+CVE-2011-0502
 	NOT-FOR-US: Music Animation Machine MIDI Player
 	NOTE: Windows-only
-CVE-2011-0501 (Stack-based buffer overflow in Music Animation Machine MIDI Player ...)
+CVE-2011-0501
 	NOT-FOR-US: Music Animation Machine MIDI Player
 	NOTE: Windows-only
-CVE-2011-0500 (Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and ...)
+CVE-2011-0500
 	NOT-FOR-US: VideoSpirit Pro
-CVE-2011-0499 (Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier ...)
+CVE-2011-0499
 	NOT-FOR-US: VideoSpirit Pro
-CVE-2011-0498 (Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, ...)
+CVE-2011-0498
 	NOT-FOR-US: Nokia Multimedia Player
-CVE-2011-0497 (Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ...)
+CVE-2011-0497
 	NOT-FOR-US: Sybase EAServer
-CVE-2011-0496 (Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ...)
+CVE-2011-0496
 	NOT-FOR-US: Sybase EAServer
-CVE-2011-0495 (Stack-based buffer overflow in the ast_uri_encode function in ...)
+CVE-2011-0495
 	{DSA-2171-1}
 	- asterisk 1:1.6.2.9-2+squeeze1 (bug #610487)
-CVE-2011-0494 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access ...)
+CVE-2011-0494
 	NOT-FOR-US: IBM Tivoli Access Manager
-CVE-2011-0489 (The server components in Objectivity/DB 10.0 do not require ...)
+CVE-2011-0489
 	NOT-FOR-US: Objectivity/DB
-CVE-2011-0488 (Stack-based buffer overflow in NTWebServer.exe in the test web service ...)
+CVE-2011-0488
 	NOT-FOR-US: NTWebServer
-CVE-2011-0487 (ICQ 7 does not verify the authenticity of updates, which allows ...)
+CVE-2011-0487
 	NOT-FOR-US: ICQ
-CVE-2011-0486 (Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 ...)
+CVE-2011-0486
 	NOT-FOR-US: IBM Cognos
-CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow ...)
+CVE-2011-0493
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0492 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote ...)
+CVE-2011-0492
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0491 (The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before ...)
+CVE-2011-0491
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0490 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to ...)
+CVE-2011-0490
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
 CVE-2011-XXXX [multiple spip issues]
 	- spip 2.1.1-3 (bug #609212; bug #610016)
-CVE-2011-0485 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0485
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0484 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0484
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/75082
 	NOTE: http://trac.webkit.org/changeset/75084
-CVE-2011-0483 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0483
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/74787
-CVE-2011-0482 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0482
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/74779
-CVE-2011-0481 (Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS ...)
+CVE-2011-0481
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in ...)
+CVE-2011-0480
 	{DSA-2306-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (webm not supported yet)
 	- ffmpeg-debian <not-affected> (webm not supported yet)
 	- libav 4:0.6.1-1 (bug #610550)
-CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0479
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0478 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0478
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/74636
-CVE-2011-0477 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0477
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0476 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 ...)
+CVE-2011-0476
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0475 (Use-after-free vulnerability in Google Chrome before 8.0.552.237 and ...)
+CVE-2011-0475
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0474 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0474
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/74574
-CVE-2011-0473 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0473
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/73927
 	NOTE: http://trac.webkit.org/changeset/73937
-CVE-2011-0472 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0472
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0471 (The node-iteration implementation in Google Chrome before 8.0.552.237 ...)
+CVE-2011-0471
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/73559
 	NOTE: http://trac.webkit.org/changeset/73620
-CVE-2011-0470 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+CVE-2011-0470
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0469 (Code injection in openSUSE when running some source services used in ...)
+CVE-2011-0469
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=679325
 	NOTE: Main fix: https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e02dd22279cdeec2a
 	NOTE: Secondary fix: https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6ca8418a14c8725c6
-CVE-2011-0468 (The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and ...)
+CVE-2011-0468
 	NOT-FOR-US: OpenSUSE aaa_base package
-CVE-2011-0467 (A vulnerability in the listing of available software of SUSE SUSE ...)
+CVE-2011-0467
 	NOT-FOR-US: SUSE Studio Onsite
-CVE-2011-0466 (The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and ...)
+CVE-2011-0466
 	NOT-FOR-US: openSUSE Build Service
-CVE-2011-0465 (xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote ...)
+CVE-2011-0465
 	{DSA-2213-1}
 	- x11-xserver-utils 7.6+2 (low; bug #621423)
 	NOTE: http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56
 	NOTE: low as this is not enabled in a standard setup
-CVE-2011-0464 (Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 ...)
+CVE-2011-0464
 	NOT-FOR-US: Novell Vibe OnPrem
-CVE-2011-0463 (The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the ...)
+CVE-2011-0463
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34
-CVE-2011-0462 (Multiple cross-site scripting (XSS) vulnerabilities in the login page ...)
+CVE-2011-0462
 	NOT-FOR-US: openSUSE Build Service
-CVE-2011-0461 (/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 ...)
+CVE-2011-0461
 	NOT-FOR-US: OpenSUSE aaa_base package
-CVE-2011-0460 (The init script in kbd, possibly 1.14.1 and earlier, allows local ...)
+CVE-2011-0460
 	- kbd <not-affected> (SUSE-specific)
-CVE-2011-0459 (Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault ...)
+CVE-2011-0459
 	NOT-FOR-US: Cyber-Ark
-CVE-2011-0458 (Untrusted search path vulnerability in the Locate on Disk feature in ...)
+CVE-2011-0458
 	NOT-FOR-US: Google Picasa
-CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier ...)
+CVE-2011-0457
 	NOT-FOR-US: e107
-CVE-2011-0456 (webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier ...)
+CVE-2011-0456
 	- otrs2 2.4.5-1
-CVE-2011-0455 (Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 ...)
+CVE-2011-0455
 	NOT-FOR-US: Things BBS
-CVE-2011-0454 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 ...)
+CVE-2011-0454
 	NOT-FOR-US: PPP Access Concentrator
-CVE-2011-0453 (F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not ...)
+CVE-2011-0453
 	NOT-FOR-US: F-Secure Internet Gatekeeper
-CVE-2011-0452 (Untrusted search path vulnerability in the script function in ...)
+CVE-2011-0452
 	NOT-FOR-US: Lunascape
-CVE-2011-0451 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2011-0451
 	NOT-FOR-US: EC-CUBE
-CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not ...)
+CVE-2011-0450
 	NOT-FOR-US: Opera
-CVE-2011-0449 (actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x ...)
+CVE-2011-0449
 	- rails <not-affected> (Only affects 3.x)
-CVE-2011-0448 (Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the ...)
+CVE-2011-0448
 	- rails <not-affected> (Only affects 3.x)
-CVE-2011-0447 (Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before ...)
+CVE-2011-0447
 	{DSA-2247-1}
 	- rails 2.3.11-0.1 (bug #614864)
-CVE-2011-0446 (Multiple cross-site scripting (XSS) vulnerabilities in the mail_to ...)
+CVE-2011-0446
 	{DSA-2247-1}
 	- rails 2.3.11-0.1 (bug #614864)
-CVE-2011-0426 (Directory traversal vulnerability in vCenter Server in VMware vCenter ...)
+CVE-2011-0426
 	NOT-FOR-US: VMware
-CVE-2011-0445 (The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote ...)
+CVE-2011-0445
 	- wireshark <not-affected> (Only affects Wireshark 1.4, fixed in experimental)
-CVE-2011-0444 (Buffer overflow in the MAC-LTE dissector ...)
+CVE-2011-0444
 	- wireshark 1.2.11-6
 	[lenny] - wireshark <not-affected> (Vulnerable code not present)
-CVE-2011-0443 (SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, ...)
+CVE-2011-0443
 	NOT-FOR-US: tinyBB
-CVE-2011-0442 (The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to ...)
+CVE-2011-0442
 	NOT-FOR-US: EMC Avamar
-CVE-2011-0441 (The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows ...)
+CVE-2011-0441
 	{DSA-2195-1}
 	- php5 5.3.6-1 (bug #618489)
 	NOTE: Debian-specific
-CVE-2011-0440 (Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before ...)
+CVE-2011-0440
 	{DSA-2206-1}
 	- mahara 1.2.7-1
-CVE-2011-0439 (Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before 1.2.7 ...)
+CVE-2011-0439
 	{DSA-2206-1}
 	- mahara 1.2.7-1
-CVE-2011-0438 (nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success ...)
+CVE-2011-0438
 	- nss-pam-ldapd <not-affected> (Only affects 0.8.0, which was only uploaded to experimental)
-CVE-2011-0437 (shared/inc/sql/ssh.php in the SSH accounts management implementation ...)
+CVE-2011-0437
 	{DSA-2179-1}
 	- dtc 0.32.10-1
-CVE-2011-0436 (The register_user function in client/new_account_form.php in Domain ...)
+CVE-2011-0436
 	{DSA-2179-1}
 	- dtc 0.32.10-1 (bug #614302)
-CVE-2011-0435 (Domain Technologie Control (DTC) before 0.32.9 does not require ...)
+CVE-2011-0435
 	{DSA-2179-1}
 	- dtc 0.32.10-1
-CVE-2011-0434 (Multiple SQL injection vulnerabilities in Domain Technologie Control ...)
+CVE-2011-0434
 	{DSA-2179-1}
 	- dtc 0.32.10-1
-CVE-2011-0433 (Heap-based buffer overflow in the linetoken function in afmparse.c in ...)
+CVE-2011-0433
 	{DSA-2388-1}
 	- evince 2.32.0-1 (bug #614668)
 	[squeeze] - evince 2.30.3-2+squeeze1
@@ -13114,13 +13114,13 @@ CVE-2011-0433 (Heap-based buffer overflow in the linetoken function in afmparse.
 	NOTE: vuln source file is lib/t1lib/parseAFM.c, which differs slightly from evince's afmparse.c in the affected areas but it is indeed affected
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=643882
-CVE-2011-0432 (Multiple SQL injection vulnerabilities in the get_userinfo method in ...)
+CVE-2011-0432
 	{DSA-2177-1}
 	- pywebdav 0.9.4-3
-CVE-2011-0431 (The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel ...)
+CVE-2011-0431
 	{DSA-2168-1}
 	- openafs 1.4.14+dfsg-1
-CVE-2011-0430 (Double free vulnerability in the Rx server process in OpenAFS 1.4.14, ...)
+CVE-2011-0430
 	{DSA-2168-1}
 	- openafs 1.4.14+dfsg-1
 CVE-2011-0429
@@ -13131,34 +13131,34 @@ CVE-2011-0428
 	[squeeze] - ikiwiki 3.20100815.5
 	[lenny] - ikiwiki <not-affected> (Vulnerable code not present)
 	NOTE: https://ikiwiki.info/security/#index38h2
-CVE-2011-0427 (Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before ...)
+CVE-2011-0427
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
 CVE-2011-0425
 	RESERVED
 CVE-2011-0424
 	RESERVED
-CVE-2011-0423 (The PolyVision RoomWizard with firmware 3.2.3 has a default password ...)
+CVE-2011-0423
 	NOT-FOR-US: PolyVision RoomWizard
 CVE-2011-0422
 	RESERVED
-CVE-2011-0421 (The _zip_name_locate function in zip_name_locate.c in the Zip ...)
+CVE-2011-0421
 	{DSA-2266-1}
 	- php5 5.3.6-1
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=307867
 	- libzip 0.10-1 (low)
 	[squeeze] - libzip <no-dsa> (Minor issue)
 	NOTE: http://hg.nih.at/libzip/?fd=13654bfdc88c;file=lib/zip_name_locate.c
-CVE-2011-0420 (The grapheme_extract function in the Internationalization extension ...)
+CVE-2011-0420
 	{DSA-2266-1}
 	- php5 5.3.6-1 (unimportant)
 	[lenny] - php5 <not-affected> (intl extension added in 5.3)
 	NOTE: Only triggerable through malicious script
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=306449
-CVE-2011-0419 (Stack consumption vulnerability in the fnmatch implementation in ...)
+CVE-2011-0419
 	{DSA-2237-2}
 	- apr 1.4.4-1 (low)
-CVE-2011-0418 (The glob implementation in Pure-FTPd before 1.0.32, and in libc in ...)
+CVE-2011-0418
 	- pure-ftpd 1.0.32-1 (unimportant)
 	NOTE: The attack could not be reproduced on Linux. The upstream change from 1.0.32
 	NOTE: only disables GLOB_BRACE, possibly to protect installations with a vulnerable libc
@@ -13168,104 +13168,104 @@ CVE-2011-0416
 	RESERVED
 CVE-2011-0415
 	RESERVED
-CVE-2011-0414 (ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative ...)
+CVE-2011-0414
 	{DSA-2208-1}
 	- bind9 1:9.7.3.dfsg-1 (bug #601830)
 	[lenny] - bind9 <not-affected> (Introduced in 9.7.1)
-CVE-2011-0413 (The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV ...)
+CVE-2011-0413
 	{DSA-2184-1}
 	- isc-dhcp 4.1.1-P1-16 (bug #611217)
 	- dhcp3 <not-affected> (vuln code introduced in 4.0)
 	- dhcp <not-affected> (vuln code introduced in 4.0)
 	NOTE: maintainer is aware
 	NOTE: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
-CVE-2011-0412 (Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) ...)
+CVE-2011-0412
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0411 (The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x ...)
+CVE-2011-0411
 	{DSA-2233-1}
 	- postfix 2.8.0-1 (bug #617849)
 	NOTE: http://www.securityfocus.com/archive/1/516901/30/0/threaded
 	NOTE: http://www.postfix.org/announcements/postfix-2.7.3.html
 	NOTE: http://www.postfix.org/CVE-2011-0411.html
 	NOTE: http://www.kb.cert.org/vuls/id/MAPG-8D9M5Q
-CVE-2011-0410 (CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for ...)
+CVE-2011-0410
 	NOT-FOR-US: CollabNet ScrumWorks Basic
 CVE-2011-0409
 	RESERVED
-CVE-2011-0408 (pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to ...)
+CVE-2011-0408
 	- libpng <not-affected> (vulnerable code introduced in 1.5.0, not packaged)
-CVE-2011-0407 (SQL injection vulnerability in the store function in ...)
+CVE-2011-0407
 	NOT-FOR-US: Phenotype CMS
-CVE-2011-0406 (Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView ...)
+CVE-2011-0406
 	NOT-FOR-US: WellinTech KingView
-CVE-2011-0405 (Directory traversal vulnerability in module.php in PhpGedView 4.2.3 ...)
+CVE-2011-0405
 	- phpgedview <removed>
-CVE-2011-0404 (Stack-based buffer overflow in NetSupport Manager Agent for Linux ...)
+CVE-2011-0404
 	NOT-FOR-US: NetSupport Manager Agent for Linux
-CVE-2011-0403 (Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, ...)
+CVE-2011-0403
 	NOT-FOR-US: ImgBurn
-CVE-2011-0402 (dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted ...)
+CVE-2011-0402
 	{DSA-2142-1}
 	- dpkg 1.15.8.8
-CVE-2011-0401 (Piwik before 1.1 does not properly limit the number of files stored ...)
+CVE-2011-0401
 	- piwik <itp> (bug #506933)
-CVE-2011-0400 (Cookie.php in Piwik before 1.1 does not set the secure flag for the ...)
+CVE-2011-0400
 	- piwik <itp> (bug #506933)
-CVE-2011-0399 (Piwik before 1.1 does not prevent the rendering of the login form ...)
+CVE-2011-0399
 	- piwik <itp> (bug #506933)
-CVE-2011-0398 (The Piwik_Common::getIP function in Piwik before 1.1 does not properly ...)
+CVE-2011-0398
 	- piwik <itp> (bug #506933)
 CVE-2011-0397
 	RESERVED
-CVE-2011-0396 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2011-0396
 	NOT-FOR-US: Cisco
-CVE-2011-0395 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2011-0395
 	NOT-FOR-US: Cisco
-CVE-2011-0394 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2011-0394
 	NOT-FOR-US: Cisco
-CVE-2011-0393 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2011-0393
 	NOT-FOR-US: Cisco
-CVE-2011-0392 (Cisco TelePresence Recording Server devices with software 1.6.x do not ...)
+CVE-2011-0392
 	NOT-FOR-US: Cisco
-CVE-2011-0391 (Cisco TelePresence Recording Server devices with software 1.6.x allow ...)
+CVE-2011-0391
 	NOT-FOR-US: Cisco
-CVE-2011-0390 (The XML-RPC implementation on Cisco TelePresence Multipoint Switch ...)
+CVE-2011-0390
 	NOT-FOR-US: Cisco
-CVE-2011-0389 (Cisco TelePresence Multipoint Switch (CTMS) devices with software ...)
+CVE-2011-0389
 	NOT-FOR-US: Cisco
-CVE-2011-0388 (Cisco TelePresence Recording Server devices with software 1.6.x and ...)
+CVE-2011-0388
 	NOT-FOR-US: Cisco
-CVE-2011-0387 (The administrative web interface on Cisco TelePresence Multipoint ...)
+CVE-2011-0387
 	NOT-FOR-US: Cisco
-CVE-2011-0386 (The XML-RPC implementation on Cisco TelePresence Recording Server ...)
+CVE-2011-0386
 	NOT-FOR-US: Cisco
-CVE-2011-0385 (The administrative web interface on Cisco TelePresence Recording ...)
+CVE-2011-0385
 	NOT-FOR-US: Cisco
-CVE-2011-0384 (The Java Servlet framework on Cisco TelePresence Multipoint Switch ...)
+CVE-2011-0384
 	NOT-FOR-US: Cisco
-CVE-2011-0383 (The Java Servlet framework on Cisco TelePresence Recording Server ...)
+CVE-2011-0383
 	NOT-FOR-US: Cisco
-CVE-2011-0382 (The CGI subsystem on Cisco TelePresence Recording Server devices with ...)
+CVE-2011-0382
 	NOT-FOR-US: Cisco
-CVE-2011-0381 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers ...)
+CVE-2011-0381
 	NOT-FOR-US: Cisco
-CVE-2011-0380 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers ...)
+CVE-2011-0380
 	NOT-FOR-US: Cisco
-CVE-2011-0379 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 ...)
+CVE-2011-0379
 	NOT-FOR-US: Cisco
-CVE-2011-0378 (The XML-RPC implementation on Cisco TelePresence endpoint devices with ...)
+CVE-2011-0378
 	NOT-FOR-US: Cisco
-CVE-2011-0377 (Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x ...)
+CVE-2011-0377
 	NOT-FOR-US: Cisco
-CVE-2011-0376 (The TFTP implementation on Cisco TelePresence endpoint devices with ...)
+CVE-2011-0376
 	NOT-FOR-US: Cisco
-CVE-2011-0375 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+CVE-2011-0375
 	NOT-FOR-US: Cisco
-CVE-2011-0374 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+CVE-2011-0374
 	NOT-FOR-US: Cisco
-CVE-2011-0373 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+CVE-2011-0373
 	NOT-FOR-US: Cisco
-CVE-2011-0372 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+CVE-2011-0372
 	NOT-FOR-US: Cisco
 CVE-2011-0371
 	RESERVED
@@ -13281,7 +13281,7 @@ CVE-2011-0366
 	RESERVED
 CVE-2011-0365
 	RESERVED
-CVE-2011-0364 (The Management Console (webagent.exe) in Cisco Security Agent 5.1, ...)
+CVE-2011-0364
 	NOT-FOR-US: Cisco Security Agent Management
 CVE-2011-0363
 	RESERVED
@@ -13299,35 +13299,35 @@ CVE-2011-0357
 	RESERVED
 CVE-2011-0356
 	RESERVED
-CVE-2011-0355 (Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through ...)
+CVE-2011-0355
 	NOT-FOR-US: Cisco
-CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints, and ...)
+CVE-2011-0354
 	NOT-FOR-US: Cisco
 CVE-2011-0353
 	RESERVED
-CVE-2011-0352 (Buffer overflow in the web-based management interface on the Cisco ...)
+CVE-2011-0352
 	NOT-FOR-US: Linksys router
 CVE-2011-0351
 	RESERVED
-CVE-2011-0350 (Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 ...)
+CVE-2011-0350
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0349 (Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 ...)
+CVE-2011-0349
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0348 (Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before ...)
+CVE-2011-0348
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0347 (Microsoft Internet Explorer on Windows XP allows remote attackers to ...)
+CVE-2011-0347
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0346 (Use-after-free vulnerability in the ReleaseInterface function in ...)
+CVE-2011-0346
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0345 (Directory traversal vulnerability in the NMS server in Alcatel-Lucent ...)
+CVE-2011-0345
 	NOT-FOR-US: Alcatel-Lucent OmniVista
-CVE-2011-0344 (Multiple stack-based buffer overflows in unspecified CGI programs in ...)
+CVE-2011-0344
 	NOT-FOR-US: Unified Maintenance Tool
-CVE-2011-0342 (Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ...)
+CVE-2011-0342
 	NOT-FOR-US: InduSoft ISSymbol ActiveX
-CVE-2011-0341 (Stack-based buffer overflow in the pdfmoz_onmouse function in ...)
+CVE-2011-0341
 	NOT-FOR-US: MuPDF plug-in for Firefox
-CVE-2011-0340 (Multiple buffer overflows in the ISSymbol ActiveX control in ...)
+CVE-2011-0340
 	NOT-FOR-US: ISSymbol.ocx
 CVE-2011-0339
 	RESERVED
@@ -13337,19 +13337,19 @@ CVE-2011-0337
 	RESERVED
 CVE-2011-0336
 	RESERVED
-CVE-2011-0335 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-0335
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0334 (Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent ...)
+CVE-2011-0334
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-0333 (Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf ...)
+CVE-2011-0333
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-0332 (Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom ...)
+CVE-2011-0332
 	NOT-FOR-US: Foxit Reader
-CVE-2011-0331 (Use-after-free vulnerability in the addOSPLext method in the Honeywell ...)
+CVE-2011-0331
 	NOT-FOR-US: Honeywell ScanServer
-CVE-2011-0330 (The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx ...)
+CVE-2011-0330
 	NOT-FOR-US: Dell System Lite
-CVE-2011-0329 (Directory traversal vulnerability in the GetData method in the Dell ...)
+CVE-2011-0329
 	NOT-FOR-US: Dell System Lite
 CVE-2011-0328
 	RESERVED
@@ -13359,35 +13359,35 @@ CVE-2011-0326
 	RESERVED
 CVE-2011-0325
 	RESERVED
-CVE-2011-0324 (Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ...)
+CVE-2011-0324
 	NOT-FOR-US: Topaz Systems SigPlus
-CVE-2011-0323 (Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other ...)
+CVE-2011-0323
 	NOT-FOR-US: Topaz Systems SigPlus
-CVE-2011-0322 (Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, ...)
+CVE-2011-0322
 	NOT-FOR-US: EMC RSA Access Manager Server
-CVE-2011-0321 (librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before ...)
+CVE-2011-0321
 	NOT-FOR-US: EMC NetWorker
-CVE-2011-0320 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-0320
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0319 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-0319
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0318 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-0318
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0317 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows ...)
+CVE-2011-0317
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0316 (The Administrative Console component in IBM WebSphere Application ...)
+CVE-2011-0316
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-0315 (Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web ...)
+CVE-2011-0315
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-0314 (Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and ...)
+CVE-2011-0314
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2011-0313
 	RESERVED
 CVE-2011-0312
 	RESERVED
-CVE-2011-0311 (The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in ...)
+CVE-2011-0311
 	NOT-FOR-US: IBM Java
-CVE-2011-0310 (Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote ...)
+CVE-2011-0310
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2011-0309
 	RESERVED
@@ -13425,17 +13425,17 @@ CVE-2011-0293
 	RESERVED
 CVE-2011-0292
 	RESERVED
-CVE-2011-0291 (The BlackBerry PlayBook service on the Research In Motion (RIM) ...)
+CVE-2011-0291
 	NOT-FOR-US: BlackBarry PlayBook
-CVE-2011-0290 (The BlackBerry Collaboration Service in Research In Motion (RIM) ...)
+CVE-2011-0290
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2011-0289
 	RESERVED
 CVE-2011-0288
 	RESERVED
-CVE-2011-0287 (Unspecified vulnerability in the BlackBerry Administration API in ...)
+CVE-2011-0287
 	NOT-FOR-US: BlackBerry products
-CVE-2011-0286 (Cross-site scripting (XSS) vulnerability in webdesktop/app in the ...)
+CVE-2011-0286
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2011-XXXX
 	- xdigger <removed> (bug #609096)
@@ -13450,10 +13450,10 @@ CVE-2011-XXXX [Crash with long HOME environment variable]
 CVE-2011-XXXX [Crash with long GGI_DISPLAY environment variable]
 	- libggi <removed> (bug #608981)
 	[squeeze] - libggi <no-dsa> (Minor issue)
-CVE-2011-0343 (Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on ...)
+CVE-2011-0343
 	- syslog-ng 3.1.3-2 (bug #608491)
 	[lenny] - syslog-ng <not-affected> (2.0 not affected, also Freebsd-specific, which is not supported in Lenny anyway)
-CVE-2011-0285 (The process_chpw_request function in schpw.c in the password-changing ...)
+CVE-2011-0285
 	- krb5 1.9.1+dfsg-1 (bug #622681)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <not-affected> (see below)
@@ -13464,371 +13464,371 @@ CVE-2011-0285 (The process_chpw_request function in schpw.c in the password-chan
 	NOTE: Those later releases add support for password changing over TCP, and
 	NOTE: the error path in the TCP handling code is what frees the
 	NOTE: uninitialized pointer. (Clarification by Tom Yu)
-CVE-2011-0284 (Double free vulnerability in the prepare_error_as function in ...)
+CVE-2011-0284
 	- krb5 1.8.3+dfsg-6 (low; bug #618517)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <no-dsa> (Will be fixed through a point update)
-CVE-2011-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 ...)
+CVE-2011-0283
 	- krb5 <not-affected> (Only affects 1.9.x)
 	[squeeze] - krb5 <no-dsa> (minor issue)
 	[lenny] - krb5 <no-dsa> (minor issue)
-CVE-2011-0282 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x ...)
+CVE-2011-0282
 	- krb5 1.8.3+dfsg-5
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <no-dsa> (Will be fixed in a point update)
-CVE-2011-0281 (The unparse implementation in the Key Distribution Center (KDC) in MIT ...)
+CVE-2011-0281
 	- krb5 1.8.3+dfsg-5
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <no-dsa> (Will be fixed in a point update)
-CVE-2011-0280 (Multiple cross-site scripting (XSS) vulnerabilities in HP Power ...)
+CVE-2011-0280
 	NOT-FOR-US: HP Power Manager
-CVE-2011-0279 (HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) ...)
+CVE-2011-0279
 	NOT-FOR-US: HP Multifunction Peripheral
-CVE-2011-0278 (Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 ...)
+CVE-2011-0278
 	NOT-FOR-US: HP Web Jetadmin
-CVE-2011-0277 (Cross-site request forgery (CSRF) vulnerability in HP Power Manager ...)
+CVE-2011-0277
 	NOT-FOR-US: HP Power Manager
-CVE-2011-0276 (HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 ...)
+CVE-2011-0276
 	NOT-FOR-US: HP OpenView Performance Insight Server
-CVE-2011-0275 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, ...)
+CVE-2011-0275
 	NOT-FOR-US: HP OpenView
-CVE-2011-0274 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
+CVE-2011-0274
 	NOT-FOR-US: HP Business Availability
-CVE-2011-0273 (Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell ...)
+CVE-2011-0273
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-0272 (Unspecified vulnerability in HP LoadRunner 9.52 allows remote ...)
+CVE-2011-0272
 	NOT-FOR-US: HP LoadRunner
-CVE-2011-0271 (The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and ...)
+CVE-2011-0271
 	NOT-FOR-US: HP OpenView
-CVE-2011-0270 (Format string vulnerability in nnmRptConfig.exe in HP OpenView Network ...)
+CVE-2011-0270
 	NOT-FOR-US: HP OpenView
-CVE-2011-0269 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+CVE-2011-0269
 	NOT-FOR-US: HP OpenView
-CVE-2011-0268 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+CVE-2011-0268
 	NOT-FOR-US: HP OpenView
-CVE-2011-0267 (Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network ...)
+CVE-2011-0267
 	NOT-FOR-US: HP OpenView
-CVE-2011-0266 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+CVE-2011-0266
 	NOT-FOR-US: HP OpenView
-CVE-2011-0265 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+CVE-2011-0265
 	NOT-FOR-US: HP OpenView
-CVE-2011-0264 (Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node ...)
+CVE-2011-0264
 	NOT-FOR-US: HP OpenView
-CVE-2011-0263 (Multiple stack-based buffer overflows in ovas.exe in the OVAS service ...)
+CVE-2011-0263
 	NOT-FOR-US: HP OpenView
-CVE-2011-0262 (Buffer overflow in the stringToSeconds function in ovutil.dll in ...)
+CVE-2011-0262
 	NOT-FOR-US: HP OpenView
-CVE-2011-0261 (Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView ...)
+CVE-2011-0261
 	NOT-FOR-US: HP OpenView
-CVE-2011-0260 (The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does ...)
+CVE-2011-0260
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0259 (CoreFoundation, as used in Apple iTunes before 10.5, does not properly ...)
+CVE-2011-0259
 	NOT-FOR-US: Apple iTunes
-CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to ...)
+CVE-2011-0258
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote ...)
+CVE-2011-0257
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0256 (Integer overflow in Apple QuickTime before 7.7 allows remote attackers ...)
+CVE-2011-0256
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0255 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0255
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0254 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0254
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0253 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0253
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0252 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
+CVE-2011-0252
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0251 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
+CVE-2011-0251
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0250 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
+CVE-2011-0250
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0249 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
+CVE-2011-0249
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0248 (Stack-based buffer overflow in the QuickTime ActiveX control in Apple ...)
+CVE-2011-0248
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0247 (Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on ...)
+CVE-2011-0247
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0246 (Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows ...)
+CVE-2011-0246
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0245 (Buffer overflow in Apple QuickTime before 7.7 allows remote attackers ...)
+CVE-2011-0245
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0244 (WebKit in Apple Safari before 5.0.6 allows user-assisted remote ...)
+CVE-2011-0244
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0243
 	RESERVED
-CVE-2011-0242 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2011-0242
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0241 (Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 ...)
+CVE-2011-0241
 	NOT-FOR-US: Apple Safari
-CVE-2011-0240 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0240
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0239
 	RESERVED
-CVE-2011-0238 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0238
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0237 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0237
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0236
 	RESERVED
-CVE-2011-0235 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0235
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0234 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0234
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0233 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0233
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0232 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0232
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0231 (CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an ...)
+CVE-2011-0231
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0230 (Buffer overflow in the ATSFontDeactivate API in Apple Type Services ...)
+CVE-2011-0230
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0229 (Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not ...)
+CVE-2011-0229
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x ...)
+CVE-2011-0228
 	NOT-FOR-US: Apple iOS
-CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS before ...)
+CVE-2011-0227
 	NOT-FOR-US: Apple iOS
-CVE-2011-0226 (Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...)
+CVE-2011-0226
 	{DSA-2294-1}
 	- freetype 2.4.6-1 (bug #635871)
-CVE-2011-0225 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0225
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0224 (CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to ...)
+CVE-2011-0224
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0223 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0223
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0222 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0222
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0221 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0221
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0220
 	RESERVED
-CVE-2011-0219 (Apple Safari before 5.0.6 allows remote attackers to bypass the Same ...)
+CVE-2011-0219
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0218 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...)
+CVE-2011-0218
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0217 (Apple Safari before 5.0.6 provides AutoFill information to scripts ...)
+CVE-2011-0217
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0216 (Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote ...)
+CVE-2011-0216
 	{DSA-2394-1}
 	- libxml2 2.7.8.dfsg-5.1 (bug #652352)
-CVE-2011-0215 (ImageIO in Apple Safari before 5.0.6 on Windows does not properly ...)
+CVE-2011-0215
 	NOT-FOR-US: ImageIO in Apple Safari
-CVE-2011-0214 (CFNetwork in Apple Safari before 5.0.6 on Windows does not properly ...)
+CVE-2011-0214
 	NOT-FOR-US: CFNetwork in Apple Safari
-CVE-2011-0213 (Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows ...)
+CVE-2011-0213
 	NOT-FOR-US: QuickTime in Apple Mac OS
-CVE-2011-0212 (servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to ...)
+CVE-2011-0212
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0211 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows ...)
+CVE-2011-0211
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0210 (QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to ...)
+CVE-2011-0210
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0209 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows ...)
+CVE-2011-0209
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0208 (QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers ...)
+CVE-2011-0208
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0207 (The MobileMe component in Apple Mac OS X before 10.6.8 uses a ...)
+CVE-2011-0207
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0206 (Buffer overflow in International Components for Unicode (ICU) in Apple ...)
+CVE-2011-0206
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0205 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 ...)
+CVE-2011-0205
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0204 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 ...)
+CVE-2011-0204
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0203 (Absolute path traversal vulnerability in xftpd in the FTP Server ...)
+CVE-2011-0203
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0202 (Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 ...)
+CVE-2011-0202
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0201 (Off-by-one error in the CoreFoundation framework in Apple Mac OS X ...)
+CVE-2011-0201
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0200 (Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows ...)
+CVE-2011-0200
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0199 (The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 ...)
+CVE-2011-0199
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0198 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+CVE-2011-0198
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0197 (App Store in Apple Mac OS X before 10.6.8 creates a log entry ...)
+CVE-2011-0197
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0196 (AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a ...)
+CVE-2011-0196
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0195 (The generate-id XPath function in libxslt in Apple iOS 4.3.x before ...)
+CVE-2011-0195
 	NOT-FOR-US: Apple iOS
-CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 ...)
+CVE-2011-0194
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 ...)
+CVE-2011-0193
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other ...)
+CVE-2011-0192
 	{DSA-2210-1}
 	- tiff 3.9.4-7
 	- tiff3 <not-affected> (fixed before initial upload)
-CVE-2011-0191 (Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used ...)
+CVE-2011-0191
 	{DSA-2210-1}
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed before initial upload)
 	NOTE: This might've been fixed earlier even
-CVE-2011-0190 (Install Helper in Installer in Apple Mac OS X before 10.6.7 does not ...)
+CVE-2011-0190
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6 before ...)
+CVE-2011-0189
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0188 (The VpMemAlloc function in bigdecimal.c in the BigDecimal class in ...)
+CVE-2011-0188
 	{DLA-235-1 DLA-88-1}
 	- ruby1.8 1.8.7.352-1 (bug #628452)
 	- ruby1.9 <removed> (bug #628451)
 	- ruby1.9.1 1.9.2.290-1 (bug #628450)
-CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote ...)
+CVE-2011-0187
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to ...)
+CVE-2011-0186
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0185 (Format string vulnerability in the debug-logging feature in ...)
+CVE-2011-0185
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0184 (QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...)
+CVE-2011-0184
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0183 (Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an ...)
+CVE-2011-0183
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0182 (The i386_set_ldt system call in the kernel in Apple Mac OS X before ...)
+CVE-2011-0182
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0181 (Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows ...)
+CVE-2011-0181
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0180 (Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local ...)
+CVE-2011-0180
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0179 (CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to ...)
+CVE-2011-0179
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0178 (The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 ...)
+CVE-2011-0178
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0177 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+CVE-2011-0177
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0176 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+CVE-2011-0176
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0175 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+CVE-2011-0175
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0174 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+CVE-2011-0174
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0173 (Multiple format string vulnerabilities in AppleScript in Apple Mac OS ...)
+CVE-2011-0173
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0172 (AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...)
+CVE-2011-0172
 	NOT-FOR-US: Apple Mac OS
 CVE-2011-0171
 	RESERVED
-CVE-2011-0170 (Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes ...)
+CVE-2011-0170
 	NOT-FOR-US: Apple iTunes
-CVE-2011-0169 (WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, ...)
+CVE-2011-0169
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0168 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0168
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0167 (The windows functionality in WebKit in Apple Safari before 5.0.4 ...)
+CVE-2011-0167
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0166 (The HTML5 drag and drop functionality in WebKit in Apple Safari before ...)
+CVE-2011-0166
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0165 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0165
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0164 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0164
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0163 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does ...)
+CVE-2011-0163
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0162 (Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not ...)
+CVE-2011-0162
 	NOT-FOR-US: Apple iOS
-CVE-2011-0161 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does ...)
+CVE-2011-0161
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0160 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does ...)
+CVE-2011-0160
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0159 (The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does ...)
+CVE-2011-0159
 	NOT-FOR-US: Safari in Apple iOS
-CVE-2011-0158 (MobileSafari in Apple iOS before 4.3 does not properly implement ...)
+CVE-2011-0158
 	NOT-FOR-US: MobileSafari in Apple iOS
-CVE-2011-0157 (WebKit, as used in Apple iOS before 4.3, allows remote attackers to ...)
+CVE-2011-0157
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0156 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0156
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0155 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0155
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0154 (WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, ...)
+CVE-2011-0154
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0153 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0153
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0152 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0152
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0151 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0151
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0150 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0150
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0149 (WebKit, as used in Apple iTunes before 10.2 on Windows, does not ...)
+CVE-2011-0149
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0148 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0148
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0147 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0147
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0146 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0146
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0145 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0145
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0144 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0144
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0143 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0143
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0142 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0142
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0141 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0141
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0140 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0140
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0139 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0139
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0138 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0138
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0137 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0137
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0136 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0136
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0135 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0135
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0134 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0134
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0133 (WebKit, as used in Apple iTunes before 10.2 on Windows, does not ...)
+CVE-2011-0133
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0132 (Use-after-free vulnerability in the Runin box functionality in the ...)
+CVE-2011-0132
 	NOT-FOR-US: Apple
-CVE-2011-0131 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0131
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0130 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0130
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0129 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0129
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0128 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0128
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0127 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0127
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0126 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0126
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0125 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0125
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0124 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0124
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0123 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0123
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0122 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0122
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0121 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0121
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0120 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0120
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0119 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0119
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0118 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0118
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0117 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0117
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0116 (Use-after-free vulnerability in the setOuterText method in the ...)
+CVE-2011-0116
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0115 (The DOM level 2 implementation in WebKit, as used in Apple iTunes ...)
+CVE-2011-0115
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0114 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0114
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0113 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0113
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0112 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0112
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0111 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+CVE-2011-0111
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0110
 	REJECTED
@@ -13836,51 +13836,51 @@ CVE-2011-0109
 	REJECTED
 CVE-2011-0108
 	REJECTED
-CVE-2011-0107 (Untrusted search path vulnerability in Microsoft Office XP SP3, Office ...)
+CVE-2011-0107
 	NOT-FOR-US: Microsoft Office
 CVE-2011-0106
 	REJECTED
-CVE-2011-0105 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+CVE-2011-0105
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0104 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+CVE-2011-0104
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0103 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+CVE-2011-0103
 	NOT-FOR-US: Microsoft Excel
 CVE-2011-0102
 	REJECTED
-CVE-2011-0101 (Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary ...)
+CVE-2011-0101
 	NOT-FOR-US: Microsoft Excel
 CVE-2011-0100
 	REJECTED
 CVE-2011-0099
 	REJECTED
-CVE-2011-0098 (Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 ...)
+CVE-2011-0098
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0097 (Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and ...)
+CVE-2011-0097
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0096 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2011-0096
 	NOT-FOR-US: Microsoft mhtml
 CVE-2011-0095
 	REJECTED
-CVE-2011-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 ...)
+CVE-2011-0094
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does ...)
+CVE-2011-0093
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-0092 (The LZW stream decompression functionality in ORMELEMS.DLL in ...)
+CVE-2011-0092
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-0091 (Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not ...)
+CVE-2011-0091
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0090 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-0090
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0089 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-0089
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0088 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-0088
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0087 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-0087
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2011-0086
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0085 (Use-after-free vulnerability in the nsXULCommandDispatcher function in ...)
+CVE-2011-0085
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -13891,7 +13891,7 @@ CVE-2011-0085 (Use-after-free vulnerability in the nsXULCommandDispatcher functi
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0084 (The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox ...)
+CVE-2011-0084
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.6)
@@ -13900,7 +13900,7 @@ CVE-2011-0084 (The SVGTextElement.getCharNumAtPosition function in Mozilla Firef
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-0083 (Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem ...)
+CVE-2011-0083
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -13911,15 +13911,15 @@ CVE-2011-0083 (Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0082 (The X.509 certificate validation functionality in Mozilla Firefox ...)
+CVE-2011-0082
 	- xulrunner <removed> (unimportant)
 	- iceweasel <removed> (unimportant; bug #627552)
 	NOTE: Negligible impact
-CVE-2011-0081 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0081
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <not-affected> (Only affects Firefox 4.0/3.6, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0/3.6, not yet in unstable)
-CVE-2011-0080 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-0080
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13929,10 +13929,10 @@ CVE-2011-0080 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0079 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-0079
 	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
-CVE-2011-0078 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0078
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13942,7 +13942,7 @@ CVE-2011-0078 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0077 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0077
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13952,10 +13952,10 @@ CVE-2011-0077 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0076 (Unspecified vulnerability in the Java Embedding Plugin (JEP) in ...)
+CVE-2011-0076
 	- xulrunner <not-affected> (Only affects MacOS X)
 	- iceweasel <not-affected> (Only affects MacOS X)
-CVE-2011-0075 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0075
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13965,7 +13965,7 @@ CVE-2011-0075 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0074 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0074
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13975,7 +13975,7 @@ CVE-2011-0074 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0073 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey ...)
+CVE-2011-0073
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13983,7 +13983,7 @@ CVE-2011-0073 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMon
 	- iceape 2.0.14-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0072 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0072
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13993,7 +13993,7 @@ CVE-2011-0072 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0071 (Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and ...)
+CVE-2011-0071
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14003,7 +14003,7 @@ CVE-2011-0071 (Directory traversal vulnerability in Mozilla Firefox before 3.5.1
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0070 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0070
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14013,7 +14013,7 @@ CVE-2011-0070 (Unspecified vulnerability in the browser engine in Mozilla Firefo
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0069 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2011-0069
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 3.5.19-1
@@ -14026,7 +14026,7 @@ CVE-2011-0068
 	RESERVED
 	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
-CVE-2011-0067 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey ...)
+CVE-2011-0067
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14034,7 +14034,7 @@ CVE-2011-0067 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMon
 	- iceape 2.0.14-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0066 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and ...)
+CVE-2011-0066
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14043,7 +14043,7 @@ CVE-2011-0066 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.15-1+b1
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0065 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and ...)
+CVE-2011-0065
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14052,22 +14052,22 @@ CVE-2011-0065 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.15-1+b1
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in ...)
+CVE-2011-0064
 	{DSA-2178-1}
 	- pango1.0 1.28.3-2~sid1
 	[wheezy] - pango1.0 1.28.3-1+squeeze2
 	[lenny] - pango1.0 <not-affected> (introduced in code cleanup)
-CVE-2011-0063 (The _list_file_get function in lib/Majordomo.pm in Majordomo 2 ...)
+CVE-2011-0063
 	NOT-FOR-US: Majordomo
-CVE-2011-0062 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-0062
 	- xulrunner <not-affected> (Only affects Firefox 3.6, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, not yet in unstable)
-CVE-2011-0061 (Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird ...)
+CVE-2011-0061
 	- xulrunner <not-affected> (Only affects Firefox 3.6, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, not yet in unstable)
 CVE-2011-0060
 	REJECTED
-CVE-2011-0059 (Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox ...)
+CVE-2011-0059
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14078,11 +14078,11 @@ CVE-2011-0059 (Cross-site request forgery (CSRF) vulnerability in Mozilla Firefo
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0058 (Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before ...)
+CVE-2011-0058
 	- icedove <not-affected> (Windows-specific)
 	- xulrunner <not-affected> (Windows-specific)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2011-0057 (Use-after-free vulnerability in the Web Workers implementation in ...)
+CVE-2011-0057
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14091,7 +14091,7 @@ CVE-2011-0057 (Use-after-free vulnerability in the Web Workers implementation in
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-0056 (Buffer overflow in the JavaScript engine in Mozilla Firefox before ...)
+CVE-2011-0056
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14102,7 +14102,7 @@ CVE-2011-0056 (Buffer overflow in the JavaScript engine in Mozilla Firefox befor
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0055 (Use-after-free vulnerability in the JSON.stringify method in ...)
+CVE-2011-0055
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14111,7 +14111,7 @@ CVE-2011-0055 (Use-after-free vulnerability in the JSON.stringify method in ...)
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-0054 (Buffer overflow in the JavaScript engine in Mozilla Firefox before ...)
+CVE-2011-0054
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14120,7 +14120,7 @@ CVE-2011-0054 (Buffer overflow in the JavaScript engine in Mozilla Firefox befor
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-0053 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2011-0053
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14133,7 +14133,7 @@ CVE-2011-0053 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	NOTE: xulrunner in wheezy is not covered by security support
 CVE-2011-0052
 	RESERVED
-CVE-2011-0051 (Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey ...)
+CVE-2011-0051
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14144,150 +14144,150 @@ CVE-2011-0051 (Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMon
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0050 (Cross-site scripting (XSS) vulnerability in the nonjs interface ...)
+CVE-2011-0050
 	{DSA-2158-1}
 	- cgiirc 0.5.9-3.1 (bug #612671)
-CVE-2011-0049 (Directory traversal vulnerability in the _list_file_get function in ...)
+CVE-2011-0049
 	NOT-FOR-US: Majordomo
-CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
+CVE-2011-0048
 	{DSA-2322-1}
 	- bugzilla <removed> (bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2011-0047 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 ...)
+CVE-2011-0047
 	- mediawiki 1:1.15.5-3 (low; bug #611787)
 	[lenny] - mediawiki 1:1.12.0-2lenny8 (low; bug #611787)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze1 (low; bug #611787)
-CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
+CVE-2011-0046
 	{DSA-2322-1}
 	- bugzilla <removed> (bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2011-0045 (The Trace Events functionality in the kernel in Microsoft Windows XP ...)
+CVE-2011-0045
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0044
 	REJECTED
-CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 ...)
+CVE-2011-0043
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0042 (SBE.dll in the Stream Buffer Engine in Windows Media Player and ...)
+CVE-2011-0042
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0041 (Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 ...)
+CVE-2011-0041
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003 SP2 ...)
+CVE-2011-0040
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in Microsoft ...)
+CVE-2011-0039
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet Explorer 8 ...)
+CVE-2011-0038
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0037 (Microsoft Malware Protection Engine before 1.1.6603.0, as used in ...)
+CVE-2011-0037
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+CVE-2011-0036
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+CVE-2011-0035
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0034 (Stack-based buffer overflow in the OpenType Compact Font Format (aka ...)
+CVE-2011-0034
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP ...)
+CVE-2011-0033
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0032 (Untrusted search path vulnerability in DirectShow in Microsoft Windows ...)
+CVE-2011-0032
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0031 (The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in ...)
+CVE-2011-0031
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP ...)
+CVE-2011-0030
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0029 (Untrusted search path vulnerability in the client in Microsoft Remote ...)
+CVE-2011-0029
 	NOT-FOR-US: Microsoft
-CVE-2011-0028 (WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does ...)
+CVE-2011-0028
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows ...)
+CVE-2011-0027
 	NOT-FOR-US: Microsoft Data Access Components
-CVE-2011-0026 (Integer signedness error in the SQLConnectW function in an ODBC API ...)
+CVE-2011-0026
 	NOT-FOR-US: Microsoft Data Access Components
 CVE-2011-XXXX [remote DoS when case of the characters of a nickname is modified]
 	- bip 0.8.7-1
 	[squeeze] - bip 0.8.2-1squeeze3
 	[lenny] - bip <not-affected> (Vulnerable code not present)
-CVE-2011-0025 (IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does ...)
+CVE-2011-0025
 	{DSA-2224-1}
 	- openjdk-6 6b18-1.8.5-1
 	[squeeze] - openjdk-6 <no-dsa> (bug #614151)
 	[lenny] - openjdk-6 <no-dsa> (bug #614151)
-CVE-2011-0024 (Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 ...)
+CVE-2011-0024
 	- wireshark 1.2-0-1
 CVE-2011-0023
 	RESERVED
-CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory ...)
+CVE-2011-0022
 	NOT-FOR-US: 389 LDAP server
-CVE-2011-0522 (The StripTags function in (1) the USF decoder ...)
+CVE-2011-0522
 	- vlc 1.1.3-1squeeze2
 	[lenny] - vlc 0.8.6.h-4+lenny3
-CVE-2011-0021 (Multiple heap-based buffer overflows in cdg.c in the CDG decoder in ...)
+CVE-2011-0021
 	- vlc 1.1.3-1squeeze2
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=f9b664eac0e1a7bceed9d7b5854fd9fc351b4aab
-CVE-2011-0020 (Heap-based buffer overflow in the pango_ft2_font_render_box_glyph ...)
+CVE-2011-0020
 	- pango1.0 1.28.3-1+squeeze1 (bug #610792)
-CVE-2011-0019 (slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat ...)
+CVE-2011-0019
 	NOT-FOR-US: 389 LDAP server
-CVE-2011-0018 (The email function in manage_sql.c in OpenVAS Manager 1.0.x through ...)
+CVE-2011-0018
 	NOT-FOR-US: OpenVAS Manager
-CVE-2011-0017 (The open_log function in log.c in Exim 4.72 and earlier does not check ...)
+CVE-2011-0017
 	{DSA-2154-1}
 	- exim4 4.72-4
-CVE-2011-0016 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ...)
+CVE-2011-0016
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0015 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ...)
+CVE-2011-0015
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0014 (ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ...)
+CVE-2011-0014
 	{DSA-2162-1}
 	- openssl 0.9.8o-5 (low)
 	[lenny] - openssl <not-affected> (Only 0.9.8h through 0.9.8q are affected)
-CVE-2011-0013 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML ...)
+CVE-2011-0013
 	{DSA-2160-1}
 	- tomcat5.5 <removed> (low)
 	[lenny] - tomcat5.5 <no-dsa> (Minor issue)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2011-0012 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly ...)
+CVE-2011-0012
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2011-0011 (qemu-kvm before 0.11.0 disables VNC authentication when the password ...)
+CVE-2011-0011
 	{DSA-2230-1}
 	- qemu-kvm 0.14.0+dfsg-1~tls (low; bug #611134)
 	- kvm <not-affected> (Vulnerable code not present)
 	NOTE: Harmless implementation bug, see discussion in #611134
-CVE-2011-0010 (check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is ...)
+CVE-2011-0010
 	- sudo 1.7.4p4-6 (bug #609641)
 	[lenny] - sudo <not-affected> (Only affects 1.7.x)
 	[squeeze] - sudo 1.7.4p4-2.squeeze.1
 	NOTE: http://www.sudo.ws/sudo/alerts/runas_group_pw.html
-CVE-2011-0009 (Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before ...)
+CVE-2011-0009
 	{DSA-2150-1}
 	- request-tracker3.8 3.8.8-7
-CVE-2011-0008 (A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on ...)
+CVE-2011-0008
 	- sudo <not-affected> (Fedora-specific issue)
-CVE-2011-0007 (pimd 2.1.5 and possibly earlier versions allows user-assisted local ...)
+CVE-2011-0007
 	{DSA-2147-1}
 	- pimd 2.1.6-1 (unimportant; bug #609304)
 	[squeeze] - pimd 2.1.1-1.1 (unimportant; bug #609304)
-CVE-2011-0006 (The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c ...)
+CVE-2011-0006
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2011-0005 (Cross-site scripting (XSS) vulnerability in the com_search module for ...)
+CVE-2011-0005
 	NOT-FOR-US: Joomla!
-CVE-2011-0004 (Multiple cross-site scripting (XSS) vulnerabilities in Piwik before ...)
+CVE-2011-0004
 	- piwik <itp> (bug #506933)
-CVE-2011-0003 (MediaWiki before 1.16.1, when user or site JavaScript or CSS is ...)
+CVE-2011-0003
 	{DTSA-207-1}
 	- mediawiki 1:1.15.5-2
 	[lenny] - mediawiki 1:1.12.0-2lenny7
-CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or (2) x ...)
+CVE-2011-0002
 	- libuser 1:0.56.9.dfsg.1-1.1 (bug #610034)
-CVE-2011-0001 (Double free vulnerability in the iscsi_rx_handler function ...)
+CVE-2011-0001
 	{DSA-2209-1}
 	- tgt 1:1.0.4-3
-CVE-2011-1072 (The installer in PEAR before 1.9.2 allows local users to overwrite ...)
+CVE-2011-1072
 	{DSA-2408-1}
 	- php5 5.3.6-1 (low; bug #546164)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index b19a9acfa5..eadc5798e0 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -1,6 +1,6 @@
-CVE-2012-6710 (ext_find_user in eXtplorer through 2.1.2 allows remote attackers to ...)
+CVE-2012-6710
 	- extplorer <removed>
-CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate ...)
+CVE-2012-6709
 	[experimental] - elinks 0.13~20190125-1
 	- elinks 0.13~20190125-3 (low; bug #891575)
 	[stretch] - elinks <ignored> (Minor issue)
@@ -11,7 +11,7 @@ CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate
 	NOTE: tested links2 against badssl.com, no apparent issue back in wheezy
 	NOTE: src:links2/2.6-1 adds verify-ssl-certs-510417.diff to verify SSL certs.
 	NOTE: src:links2 upstream in 2.11 adds support for verifying SSL certificates.
-CVE-2012-6708 (jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) ...)
+CVE-2012-6708
 	- jquery 1.11.3+dfsg-1
 	[jessie] - jquery <ignored> (Too intrusive to backport)
 	[wheezy] - jquery <ignored> (Too invasive to fix)
@@ -19,7 +19,7 @@ CVE-2012-6708 (jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) .
 	NOTE: https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d
 	NOTE: https://snyk.io/vuln/npm:jquery:20120206
 	NOTE: 1.9 release introduced backwards incompatible changes to fix this, so may be too invasive to fix
-CVE-2012-6707 (WordPress through 4.8.2 uses a weak MD5-based password hashing ...)
+CVE-2012-6707
 	- wordpress <unfixed> (bug #880868)
 	[buster] - wordpress <postponed> (Minor issue, can be revisited with upstream has picked a new hashing solution)
 	[stretch] - wordpress <postponed> (Minor issue, can be revisited with upstream has picked a new hashing solution)
@@ -28,7 +28,7 @@ CVE-2012-6707 (WordPress through 4.8.2 uses a weak MD5-based password hashing ..
 	NOTE: https://core.trac.wordpress.org/ticket/21022
 	NOTE: Proposed patch (but not merged): https://core.trac.wordpress.org/attachment/ticket/21022/21022.3.diff
 	NOTE: Cf. https://core.trac.wordpress.org/ticket/21022#comment:80 and following.
-CVE-2012-6706 (A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as ...)
+CVE-2012-6706
 	{DLA-1014-1 DLA-1003-1}
 	- unrar-nonfree 1:5.5.5-1 (bug #865461)
 	[stretch] - unrar-nonfree 1:5.3.2-1+deb9u1
@@ -39,7 +39,7 @@ CVE-2012-6706 (A VMSF_DELTA memory corruption was discovered in unrar before 5.5
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/9
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/d4699442bce76574573dc564e7f2177d679b88bd
-CVE-2012-6705 (Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the ...)
+CVE-2012-6705
 	NOT-FOR-US: Jamroom
 CVE-2012-XXXX [Option -localhost seems to fail to restrict ipv6 access]
 	- x11vnc <unfixed> (low; bug #672435)
@@ -47,53 +47,53 @@ CVE-2012-XXXX [Option -localhost seems to fail to restrict ipv6 access]
 	[stretch] - x11vnc <ignored> (Minor issue; workaround exits)
 	[jessie] - x11vnc <ignored> (Minor issue; workaround exits)
 	[wheezy] - x11vnc <ignored> (Minor issue; workaround exits)
-CVE-2012-6704 (The sock_setsockopt function in net/core/sock.c in the Linux kernel ...)
+CVE-2012-6704
 	{DLA-772-1}
 	- linux 3.8.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/82981930125abfd39d7c8378a9cfdf5e1be2002b (v3.5-rc1)
-CVE-2012-6703 (Integer overflow in the snd_compr_allocate_buffer function in ...)
+CVE-2012-6703
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b35cc8225845112a616e3a2266d2fde5ab13d3ab (3.7-rc1)
-CVE-2012-6702 (Expat, when used in a parser that has not called XML_SetHashSalt or ...)
+CVE-2012-6702
 	{DSA-3597-1 DLA-508-1}
 	- expat 2.1.1-3
-CVE-2012-6701 (Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows ...)
+CVE-2012-6701
 	- linux <not-affected> (Fixed in v3.2.19; which was before src:linux rename)
 	- linux-2.6 3.2.19-1
 	NOTE: https://git.kernel.org/linus/a70b52ec1aaeaf60f4739edb1b422827cb6f3893 (v3.5-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=07343eab681bf8c22a2b31d978569a5f65253171 (v3.2.19)
-CVE-2012-6700 (The decode_search function in dhcp.c in dhcpcd 3.x does not properly ...)
+CVE-2012-6700
 	{DSA-3534-1 DLA-362-1}
 	- dhcpcd <removed>
 	NOTE: https://launchpadlibrarian.net/228152582/dhcp.c.patch
 	NOTE: original ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
-CVE-2012-6699 (The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP ...)
+CVE-2012-6699
 	{DSA-3534-1}
 	- dhcpcd <removed>
 	NOTE: https://launchpadlibrarian.net/228152582/dhcp.c.patch
 	NOTE: original ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
-CVE-2012-6698 (The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP ...)
+CVE-2012-6698
 	{DSA-3534-1 DLA-362-1}
 	- dhcpcd <removed>
 	NOTE: https://launchpadlibrarian.net/228152582/dhcp.c.patch
 	NOTE: original ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
-CVE-2012-6695 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password ...)
+CVE-2012-6695
 	NOT-FOR-US: GE Healthcare Centricity PACS Workstation
-CVE-2012-6694 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server ...)
+CVE-2012-6694
 	NOT-FOR-US: GE Healthcare Centricity PACS Workstation
-CVE-2012-6693 (GE Healthcare Centricity PACS 4.0 Server has a default password of (1) ...)
+CVE-2012-6693
 	NOT-FOR-US: GE Healthcare Centricity PACS
-CVE-2012-6692 (Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in ...)
+CVE-2012-6692
 	NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2012-6691 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-6691
 	NOT-FOR-US: osCMax
-CVE-2012-6696 (inspircd in Debian before 2.0.7 does not properly handle unsigned ...)
+CVE-2012-6696
 	{DSA-3226-1 DLA-276-1}
 	- inspircd 2.0.16-1 (bug #780880)
 	NOTE: Correct fix: https://github.com/inspircd/inspircd/commit/ed28c1ba666b39581adb860bf51cdde43c84cc89
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/29/5
-CVE-2012-6697 (InspIRCd before 2.0.7 allows remote attackers to cause a denial of ...)
+CVE-2012-6697
 	{DSA-3226-1 DLA-276-1}
 	- inspircd 2.0.16-1 (bug #780880)
 	NOTE: https://github.com/inspircd/inspircd/commit/58c893e834ff20495d007709220881a3ff13f423
@@ -102,7 +102,7 @@ CVE-2012-6690
 	RESERVED
 CVE-2012-6688
 	RESERVED
-CVE-2012-6689 (The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux ...)
+CVE-2012-6689
 	{DLA-246-1}
 	- linux 3.6.4-1
 	[wheezy] - linux 3.2.30-1
@@ -110,7 +110,7 @@ CVE-2012-6689 (The netlink_sendmsg function in net/netlink/af_netlink.c in the L
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=848949
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/13
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef (v3.6-rc5)
-CVE-2012-6687 (FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause ...)
+CVE-2012-6687
 	{DLA-431-1 DLA-430-1}
 	- libfcgi 2.4.0-8.3 (bug #681591)
 	[wheezy] - libfcgi 2.4.0-8.1+deb7u1
@@ -132,14 +132,14 @@ CVE-2012-6685 [ruby-nokogiri XXE]
 	- libnokogiri-ruby <removed>
 	NOTE: https://github.com/sparklemotion/nokogiri/issues/693
 	NOTE: Full fix requires fixing CVE-2014-0191 in libxml2 too.
-CVE-2012-6684 (Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 ...)
+CVE-2012-6684
 	{DSA-3168-1 DLA-167-1}
 	- ruby-redcloth 4.2.9-4 (bug #774748)
 	- redcloth <removed>
 	NOTE: http://co3k.org/blog/redcloth-unfixed-xss-en
 CVE-2012-6683
 	RESERVED
-CVE-2012-6682 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-6682
 	NOT-FOR-US: DragonByte Technologies vBDownloads module for vBulletin
 CVE-2012-6681
 	RESERVED
@@ -161,49 +161,49 @@ CVE-2012-6673
 	RESERVED
 CVE-2012-6672
 	RESERVED
-CVE-2012-6671 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-6671
 	NOT-FOR-US: DragonByte Technologies Forumon RPG module for vBulletin
-CVE-2012-6670 (Multiple cross-site scripting (XSS) vulnerabilities in the DragonByte ...)
+CVE-2012-6670
 	NOT-FOR-US: DragonByte Technologies vbActivity module for vBulletin
 CVE-2012-6669
 	RESERVED
-CVE-2012-6668 (Multiple cross-site scripting (XSS) vulnerabilities in the Shout ...)
+CVE-2012-6668
 	NOT-FOR-US: DragonByte Technologies vBShout module for vBulletin
-CVE-2012-6667 (Cross-site scripting (XSS) vulnerability in vbshout.php in DragonByte ...)
+CVE-2012-6667
 	NOT-FOR-US: DragonByte Technologies vBShout module for vBulletin
 CVE-2012-6666
 	RESERVED
-CVE-2012-6665 (Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 ...)
+CVE-2012-6665
 	NOT-FOR-US: phpMoneyBooks
 CVE-2012-6664
 	RESERVED
 CVE-2012-6663
 	RESERVED
-CVE-2012-6662 (Cross-site scripting (XSS) vulnerability in the default content option ...)
+CVE-2012-6662
 	- jqueryui 1.10.1+dfsg-1
 	[wheezy] - jqueryui <not-affected> (ui.tooltip not yet present)
 	[squeeze] - jqueryui <not-affected> (code not present)
 	NOTE: http://bugs.jqueryui.com/ticket/8861
 	NOTE: https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde
-CVE-2012-6661 (Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta ...)
+CVE-2012-6661
 	- zope2.12 2.12.26-1
 	- zope2.13 <not-affected> (Fixed before initial upload in upstream version 2.13.19)
 	NOTE: CVE SPLIT from CVE-2012-5508
-CVE-2012-6660 (GE Healthcare Precision MPi has a password of (1) orion for the ...)
+CVE-2012-6660
 	NOT-FOR-US: GE Healthcare Precision MPi
-CVE-2012-6659 (Cross-site scripting (XSS) vulnerability in the admin interface in ...)
+CVE-2012-6659
 	NOT-FOR-US: Phorum
-CVE-2012-6658 (Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks ...)
+CVE-2012-6658
 	NOT-FOR-US: SpiceWorks
-CVE-2012-6657 (The sock_setsockopt function in net/core/sock.c in the Linux kernel ...)
+CVE-2012-6657
 	{DLA-103-1}
 	- linux 3.6.4-1
 	[wheezy] - linux 3.2.32-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/linus/3e10986d1d698140747fcfc2761ec9cb64c1d582 (v3.6)
-CVE-2012-6654 (Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier ...)
+CVE-2012-6654
 	NOT-FOR-US: ZPanel
-CVE-2012-6656 (iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows ...)
+CVE-2012-6656
 	{DSA-3142-1 DLA-97-1}
 	- glibc 2.17-1
 	- eglibc <removed>
@@ -218,38 +218,38 @@ CVE-2012-6655 [passes (encrypted) passwords as commandline arguments]
 	[jessie] - accountsservice <ignored> (Minor issue)
 	[wheezy] - accountsservice <ignored> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=55000
-CVE-2012-6653 (Unspecified vulnerability in the All Video Gallery (all-video-gallery) ...)
+CVE-2012-6653
 	NOT-FOR-US: WordPress plugin all-video-gallery
 CVE-2012-6652
 	RESERVED
 	NOT-FOR-US: WordPress plugin wppageflip
-CVE-2012-6651 (Multiple directory traversal vulnerabilities in the Vitamin plugin ...)
+CVE-2012-6651
 	NOT-FOR-US: WordPress plugin vitamin
 CVE-2012-6650
 	RESERVED
 CVE-2012-6649
 	RESERVED
-CVE-2012-6648 (gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as ...)
+CVE-2012-6648
 	NOT-FOR-US: gdm-guest-session (Ubuntu-specific)
-CVE-2012-6647 (The futex_wait_requeue_pi function in kernel/futex.c in the Linux ...)
+CVE-2012-6647
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
 	NOTE: Upstream fix: https://git.kernel.org/linus/6f7b0a2a5c0fb03be7c25bd1745baa50582348ef
 	NOTE: Introduced in https://git.kernel.org/linus/52400ba946759af28442dee6265c5c0180ac7122
-CVE-2012-6646 (F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security ...)
+CVE-2012-6646
 	NOT-FOR-US: F-Secure
-CVE-2012-6645 (Cross-site scripting (XSS) vulnerability in the autocomplete ...)
+CVE-2012-6645
 	NOT-FOR-US: Drupal module Finder
-CVE-2012-6644 (Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 ...)
+CVE-2012-6644
 	NOT-FOR-US: Drupal module ClipBucket
-CVE-2012-6643 (Multiple SQL injection vulnerabilities in the update_counter function ...)
+CVE-2012-6643
 	NOT-FOR-US: Drupal module ClipBucket
-CVE-2012-6642 (Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows ...)
+CVE-2012-6642
 	NOT-FOR-US: Drupal module ClipBucket
-CVE-2012-6641 (Cross-site scripting (XSS) vulnerability in redirect.php in the ...)
+CVE-2012-6641
 	NOT-FOR-US: PrestaShop
-CVE-2012-6640 (Cross-site scripting (XSS) vulnerability in Horde Internet Mail ...)
+CVE-2012-6640
 	- php-horde-imp 5.0.22
 	- horde3 <removed> (low)
 	[squeeze] - horde3 <no-dsa> (Minor issue)
@@ -257,58 +257,58 @@ CVE-2012-6639
 	RESERVED
 	- cloud-init 0.7.1-1
 	NOTE: http://article.gmane.org/gmane.comp.security.oss.general/12299
-CVE-2012-6638 (The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the ...)
+CVE-2012-6638
 	- linux 3.2.29-1
 	- linux-2.6  <removed>
 	[squeeze] - linux-2.6 2.6.32-47
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdf5af0daf8019cec2396cdef8fb042d80fe71fa
-CVE-2012-6637 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier ...)
+CVE-2012-6637
 	NOT-FOR-US: Apache Cordova
-CVE-2012-6636 (The Android API before 17 does not properly restrict the ...)
+CVE-2012-6636
 	NOT-FOR-US: Android
-CVE-2012-6635 (wp-admin/includes/class-wp-posts-list-table.php in WordPress before ...)
+CVE-2012-6635
 	- wordpress 3.4+dfsg-1
-CVE-2012-6634 (wp-admin/media-upload.php in WordPress before 3.3.3 allows remote ...)
+CVE-2012-6634
 	- wordpress 3.4+dfsg-1
-CVE-2012-6633 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-6633
 	- wordpress 3.4+dfsg-1
-CVE-2012-6621 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS ...)
+CVE-2012-6621
 	NOT-FOR-US: GetSimple CMS
-CVE-2012-6620 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) tasks ...)
+CVE-2012-6620
 	- php-horde-kronolith 4.0.2-1
 	- kronolith2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/horde/horde/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
 	NOTE: fixed upstream in 3.0.17
-CVE-2012-6619 (The default configuration for MongoDB before 2.3.2 does not validate ...)
+CVE-2012-6619
 	- mongodb 1:2.4.1-1
 	[wheezy] - mongodb <no-dsa> (Workaround exists, intrusive change)
 	[squeeze] - mongodb <no-dsa> (Workaround exists, intrusive change)
 	NOTE: http://article.gmane.org/gmane.comp.security.oss.general/11822
 	NOTE: https://jira.mongodb.org/browse/SERVER-7769
-CVE-2012-6618 (The av_probe_input_buffer function in libavformat/utils.c in FFmpeg ...)
+CVE-2012-6618
 	{DSA-2947-1}
 	- libav 6:9.11-1
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=2115a3597457231a6e5c0527fe0ff8550f64b733
-CVE-2012-6617 (The prepare_sdp_description function in ffserver.c in FFmpeg before ...)
+CVE-2012-6617
 	- libav 6:9.11-1
 	[wheezy] - libav <not-affected> (Introduced in 0.9 with d77f4afa9814b0433be6fdbfd7d8a113592ba680)
 	- ffmpeg <not-affected> (Introduced in 0.9 with d77f4afa9814b0433be6fdbfd7d8a113592ba680)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9929991da7b843e7d80154fcacc4e80579b86a2d
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=82b9799bb211ecd117171115e4a8b832c4942314
-CVE-2012-6616 (The mov_text_decode_frame function in libavcodec/movtextdec.c in ...)
+CVE-2012-6616
 	- libav <not-affected> (Vulnerable code not present in libav)
 	- ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
-CVE-2012-6615 (The ff_ass_split_override_codes function in libavcodec/ass_split.c in ...)
+CVE-2012-6615
 	- libav <not-affected> (Vulnerable code not present in libav)
 	- ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
 CVE-2012-6614
 	RESERVED
 CVE-2012-6613
 	RESERVED
-CVE-2012-6612 (The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in ...)
+CVE-2012-6612
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 CVE-2012-6611
@@ -317,213 +317,213 @@ CVE-2012-6610
 	RESERVED
 CVE-2012-6609
 	RESERVED
-CVE-2012-6608 (Cross-site scripting (XSS) vulnerability in xmlservices/E_book.php in ...)
+CVE-2012-6608
 	NOT-FOR-US: Elastix
-CVE-2012-6607 (The transform_save function in transform.c in Augeas before 1.0.0 ...)
+CVE-2012-6607
 	- augeas 1.0.0-1 (low)
 	[squeeze] - augeas <no-dsa> (Minor issue)
 	[wheezy] - augeas <no-dsa> (Minor issue)
-CVE-2012-6632 (Multiple cross-site scripting (XSS) vulnerabilities in Vessio NetBill ...)
+CVE-2012-6632
 	NOT-FOR-US: Vessio NetBill
-CVE-2012-6631 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-6631
 	NOT-FOR-US: Vessio NetBill
-CVE-2012-6630 (Multiple cross-site scripting (XSS) vulnerabilities in the Media ...)
+CVE-2012-6630
 	NOT-FOR-US: WordPress plugin Media Library Categories
-CVE-2012-6629 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-6629
 	NOT-FOR-US: WordPress plugin Newsletter Manager
-CVE-2012-6628 (Multiple cross-site scripting (XSS) vulnerabilities in the Newsletter ...)
+CVE-2012-6628
 	NOT-FOR-US: WordPress plugin Newsletter Manager
-CVE-2012-6627 (Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the ...)
+CVE-2012-6627
 	NOT-FOR-US: WordPress plugin Newsletter Manager
-CVE-2012-6626 (SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows ...)
+CVE-2012-6626
 	NOT-FOR-US: b2ePMS
-CVE-2012-6625 (SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress ...)
+CVE-2012-6625
 	NOT-FOR-US: WordPress plugin WP Forum Server
-CVE-2012-6624 (Cross-site scripting (XSS) vulnerability in the SoundCloud Is Gold ...)
+CVE-2012-6624
 	NOT-FOR-US: WordPress plugin SoundCloud Is Gold
-CVE-2012-6623 (Cross-site scripting (XSS) vulnerability in fs-admin/wpf-add-forum.php ...)
+CVE-2012-6623
 	NOT-FOR-US: WordPress plugin ForumPress WP Forum Server
-CVE-2012-6622 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-6622
 	NOT-FOR-US: WordPress plugin ForumPress WP Forum Server
-CVE-2012-6606 (Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does ...)
+CVE-2012-6606
 	NOT-FOR-US: alo Alto Networks GlobalProtect
-CVE-2012-6605 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6605
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6604 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6604
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6603 (The web management UI in Palo Alto Networks PAN-OS before 3.1.12, ...)
+CVE-2012-6603
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6602 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6602
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6601 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6601
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6600 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6600
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6599 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6599
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6598 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6598
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6597 (Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows ...)
+CVE-2012-6597
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6596 (Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 ...)
+CVE-2012-6596
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6595 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6595
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6594 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6594
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6593 (Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows ...)
+CVE-2012-6593
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6592 (Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows ...)
+CVE-2012-6592
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6591 (The device-management command-line interface in Palo Alto Networks ...)
+CVE-2012-6591
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6590 (The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before ...)
+CVE-2012-6590
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6589 (Cross-site scripting (XSS) vulnerability in search.php in MYRE ...)
+CVE-2012-6589
 	NOT-FOR-US: MYRE Business Directory
-CVE-2012-6588 (SQL injection vulnerability in links.php in MYRE Business Directory ...)
+CVE-2012-6588
 	NOT-FOR-US: MYRE Business Directory
-CVE-2012-6587 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-6587
 	NOT-FOR-US: MYRE Vacation Rental
-CVE-2012-6586 (Multiple SQL injection vulnerabilities in MYRE Vacation Rental ...)
+CVE-2012-6586
 	NOT-FOR-US: MYRE Vacation Rental
-CVE-2012-6585 (Cross-site scripting (XSS) vulnerability in search.php in MYRE Realty ...)
+CVE-2012-6585
 	NOT-FOR-US: MYRE Realty Manager
-CVE-2012-6584 (Multiple SQL injection vulnerabilities in MYRE Realty Manager allow ...)
+CVE-2012-6584
 	NOT-FOR-US: MYRE Realty Manager
-CVE-2012-6583 (Cross-site scripting (XSS) vulnerability in the Imagemenu module ...)
+CVE-2012-6583
 	NOT-FOR-US: Imagemenu Drupal contributed module
-CVE-2012-6582 (Cross-site scripting (XSS) vulnerability in the Spambot module 6.x-3.x ...)
+CVE-2012-6582
 	NOT-FOR-US: Spambot Drupal contributed module
-CVE-2012-6581 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before ...)
+CVE-2012-6581
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6580 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before ...)
+CVE-2012-6580
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6579 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before ...)
+CVE-2012-6579
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6578 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before ...)
+CVE-2012-6578
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6577 (SQL injection vulnerability in the Formhandler extension before 1.4.1 ...)
+CVE-2012-6577
 	NOT-FOR-US: Formhandler TYPO3 extension
-CVE-2012-6576 (Cross-site scripting (XSS) vulnerability in the PRH Search module ...)
+CVE-2012-6576
 	NOT-FOR-US: Drupal module PRH Search
-CVE-2012-6575 (Cross-site scripting (XSS) vulnerability in the Exposed Filter Data ...)
+CVE-2012-6575
 	NOT-FOR-US: Drupal module Exposed Filter Data
-CVE-2012-6574 (Cross-site scripting (XSS) vulnerability in the Fonecta verify module ...)
+CVE-2012-6574
 	NOT-FOR-US: Drupal module Fonecta verify
-CVE-2012-6572 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2012-6572
 	NOT-FOR-US: Inf08 theme for Drupal
-CVE-2012-6571 (The HTTP module in the (1) Branch Intelligent Management System (BIMS) ...)
+CVE-2012-6571
 	NOT-FOR-US: Branch Intelligent Management System, Huawei routers
-CVE-2012-6570 (The HTTP module in the (1) Branch Intelligent Management System (BIMS) ...)
+CVE-2012-6570
 	NOT-FOR-US: Branch Intelligent Management System, Huawei routers
-CVE-2012-6569 (Stack-based buffer overflow in the HTTP module in the (1) Branch ...)
+CVE-2012-6569
 	NOT-FOR-US: Branch Intelligent Management System, Huawei routers
-CVE-2012-6568 (Buffer overflow in the back-end component in Huawei UTPS 1.0 allows ...)
+CVE-2012-6568
 	NOT-FOR-US: Huawei UTPS
-CVE-2012-6567 (REDCap before 4.14.0 allows remote authenticated users to execute ...)
+CVE-2012-6567
 	NOT-FOR-US: REDCap
-CVE-2012-6566 (Cross-site scripting (XSS) vulnerability in REDCap before 4.14.2 ...)
+CVE-2012-6566
 	NOT-FOR-US: REDCap
-CVE-2012-6565 (Cross-site scripting (XSS) vulnerability in REDCap before 4.14.3 ...)
+CVE-2012-6565
 	NOT-FOR-US: REDCap
-CVE-2012-6564 (Cross-site scripting (XSS) vulnerability in REDCap before 4.14.5 ...)
+CVE-2012-6564
 	NOT-FOR-US: REDCap
-CVE-2012-6563 (engine/lib/access.php in Elgg before 1.8.5 does not properly clear ...)
+CVE-2012-6563
 	- elgg <itp> (bug #526197)
-CVE-2012-6562 (engine/lib/users.php in Elgg before 1.8.5 does not properly specify ...)
+CVE-2012-6562
 	- elgg <itp> (bug #526197)
-CVE-2012-6561 (Cross-site scripting (XSS) vulnerability in engine/lib/views.php in ...)
+CVE-2012-6561
 	- elgg <itp> (bug #526197)
-CVE-2012-6560 (SQL injection vulnerability in deviceadd.php in FreeNAC 3.02 allows ...)
+CVE-2012-6560
 	NOT-FOR-US: FreeNAC
-CVE-2012-6559 (Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 ...)
+CVE-2012-6559
 	NOT-FOR-US: FreeNAC
-CVE-2012-6558 (Heap-based buffer overflow in HeavenTools PE Explorer 1.99 R6 allows ...)
+CVE-2012-6558
 	NOT-FOR-US: HeavenTools PE Explorer
-CVE-2012-6557 (Multiple cross-site scripting (XSS) vulnerabilities in the AboutMe ...)
+CVE-2012-6557
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-6556 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-6556
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-6555 (Cross-site scripting (XSS) vulnerability in the LatestComment plugin ...)
+CVE-2012-6555
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-6554 (functions/html_to_text.php in the Chat module before 1.5.2 for ...)
+CVE-2012-6554
 	NOT-FOR-US: activeCollab
-CVE-2012-6553 (Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote ...)
+CVE-2012-6553
 	NOT-FOR-US: Resource Hacker
-CVE-2012-6552 (Unspecified vulnerability in admin/action.php in phpVMS 2.1.x before ...)
+CVE-2012-6552
 	NOT-FOR-US: phpVMS
-CVE-2012-6551 (The default configuration of Apache ActiveMQ before 5.8.0 enables a ...)
+CVE-2012-6551
 	- activemq <not-affected> (Example code not shipped in .deb)
-CVE-2012-6573 (Cross-site scripting (XSS) vulnerability in the Apache Solr ...)
+CVE-2012-6573
 	NOT-FOR-US: DRUPAL-SA-CONTRIB-2012-136
-CVE-2012-6550 (Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 ...)
+CVE-2012-6550
 	- db4o <unfixed> (unimportant)
 	NOTE: in doc package only
-CVE-2012-6549 (The isofs_export_encode_fh function in fs/isofs/export.c in the Linux ...)
+CVE-2012-6549
 	{DSA-2668-1}
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6548 (The udf_encode_fh function in fs/udf/namei.c in the Linux kernel ...)
+CVE-2012-6548
 	{DSA-2668-1}
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6547 (The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel ...)
+CVE-2012-6547
 	- linux 3.2.29-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2012-6546 (The ATM implementation in the Linux kernel before 3.6 does not ...)
+CVE-2012-6546
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6545 (The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 ...)
+CVE-2012-6545
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6544 (The Bluetooth protocol stack in the Linux kernel before 3.6 does not ...)
+CVE-2012-6544
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6543 (The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux ...)
+CVE-2012-6543
 	- linux <not-affected> (Affected code introduced in 3.5)
 	- linux-2.6 <not-affected> (Affected code introduced in 3.5)
-CVE-2012-6542 (The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel ...)
+CVE-2012-6542
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6541 (The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the ...)
+CVE-2012-6541
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.37)
-CVE-2012-6540 (The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the ...)
+CVE-2012-6540
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6539 (The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 ...)
+CVE-2012-6539
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6538 (The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux ...)
+CVE-2012-6538
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
-CVE-2012-6537 (net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not ...)
+CVE-2012-6537
 	{DSA-2668-1}
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6536 (net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify ...)
+CVE-2012-6536
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
@@ -532,111 +532,111 @@ CVE-2012-XXXX [null pointer dereference]
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://seclists.org/fulldisclosure/2013/Mar/134
 	NOTE: full disclosure post dosn't make it clear if a CVE was assigned for this or not, but it is fixed in the above version
-CVE-2012-6535 (DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, ...)
+CVE-2012-6535
 	{DSA-2844-1}
 	- djvulibre 3.5.25.3-1
 	NOTE: http://sourceforge.net/p/djvu/djvulibre-git/ci/d4f0f6d37fe6a1fb427cfa33a64ead1eff32d28e/
 	NOTE: evince doesnt use an embedded version of this
-CVE-2012-6534 (Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to ...)
+CVE-2012-6534
 	NOT-FOR-US: Novell Sentinel Log Manager
-CVE-2012-6533 (Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and ...)
+CVE-2012-6533
 	NOT-FOR-US: Symantec PGP Desktop
-CVE-2012-6532 ((1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in ...)
+CVE-2012-6532
 	{DLA-251-1}
 	- zendframework 1.11.13-1
-CVE-2012-6531 ((1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x ...)
+CVE-2012-6531
 	{DLA-251-1}
 	- zendframework 1.11.13-1
-CVE-2012-6530 (Stack-based buffer overflow in Sysax Multi Server before 5.52, when ...)
+CVE-2012-6530
 	NOT-FOR-US: Sysax Multi Server
-CVE-2012-6529 (Multiple SQL injection vulnerabilities in Marinet CMS allow remote ...)
+CVE-2012-6529
 	NOT-FOR-US: Marinet CMS
-CVE-2012-6528 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor before ...)
+CVE-2012-6528
 	NOT-FOR-US: ATutor
-CVE-2012-6527 (Cross-site scripting (XSS) vulnerability in the My Calendar plugin ...)
+CVE-2012-6527
 	NOT-FOR-US: WordPress plugin My Calendar
-CVE-2012-6526 (SQL injection vulnerability in show_code.php in Vastal I-Tech ...)
+CVE-2012-6526
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2012-6525 (SQL injection vulnerability in members.php in PHPBridges allows remote ...)
+CVE-2012-6525
 	NOT-FOR-US: PHPBridges
-CVE-2012-6524 (SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote ...)
+CVE-2012-6524
 	NOT-FOR-US: pGB
-CVE-2012-6523 (Multiple cross-site scripting (XSS) vulnerabilities in w-CMS 2.01 ...)
+CVE-2012-6523
 	NOT-FOR-US: w-CMS 2.01
-CVE-2012-6522 (Directory traversal vulnerability in the getContent function in ...)
+CVE-2012-6522
 	NOT-FOR-US: w-CMS 2.01
-CVE-2012-6521 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-6521
 	NOT-FOR-US: Elefant CMS
-CVE-2012-6520 (Multiple SQL injection vulnerabilities in the advanced search in ...)
+CVE-2012-6520
 	NOT-FOR-US: Wikidforum
-CVE-2012-6519 (SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 ...)
+CVE-2012-6519
 	NOT-FOR-US: DIY-CMS
-CVE-2012-6518 (Cross-site request forgery (CSRF) vulnerability in mod.php in DiY-CMS ...)
+CVE-2012-6518
 	NOT-FOR-US: DiY-CMS
-CVE-2012-6517 (Multiple cross-site scripting (XSS) vulnerabilities in DiY-CMS 1.0 ...)
+CVE-2012-6517
 	NOT-FOR-US: DiY-CMS
-CVE-2012-6516 (SQL injection vulnerability in PHP Ticket System Beta 1 allows remote ...)
+CVE-2012-6516
 	NOT-FOR-US: PHP Ticket System Beta
-CVE-2012-6515 (eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers ...)
+CVE-2012-6515
 	NOT-FOR-US: eFront
-CVE-2012-6514 (Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) ...)
+CVE-2012-6514
 	NOT-FOR-US: nBill for Joomla!
-CVE-2012-6513 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-6513
 	NOT-FOR-US: gpEasy CMS
-CVE-2012-6512 (The Organizer plugin 1.2.1 for WordPress allows remote attackers to ...)
+CVE-2012-6512
 	NOT-FOR-US: Organizer wordpress plugin not in Debian
-CVE-2012-6511 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-6511
 	NOT-FOR-US: Organizer wordpress plugin not in Debian
-CVE-2012-6510 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media ...)
+CVE-2012-6510
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2012-6509 (Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 ...)
+CVE-2012-6509
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2012-6508 (Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt ...)
+CVE-2012-6508
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2012-6507 (Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 ...)
+CVE-2012-6507
 	NOT-FOR-US: ChurchCMS
-CVE-2012-6506 (Multiple cross-site scripting (XSS) vulnerabilities in the Zingiri Web ...)
+CVE-2012-6506
 	NOT-FOR-US: Zingiri Web Shop wordpress plugin not in Debian
-CVE-2012-6505 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-6505
 	NOT-FOR-US: PHP Volunteer Management not in Debian
-CVE-2012-6504 (SQL injection vulnerability in mods/hours/data/get_hours.php in PHP ...)
+CVE-2012-6504
 	NOT-FOR-US: PHP Volunteer Management not in Debian
-CVE-2012-6503 (Unspecified vulnerability in the NinjaXplorer component before 1.0.7 ...)
+CVE-2012-6503
 	NOT-FOR-US: NinjaXplorer for Joomla!
-CVE-2012-6502 (Microsoft Internet Explorer before 10 allows remote attackers to ...)
+CVE-2012-6502
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-6110 (bcron-exec in bcron before 0.10 does not close file descriptors ...)
+CVE-2012-6110
 	- bcron 0.09-13 (low; bug #686650)
 	[squeeze] - bcron 0.09-11+squeeze1
-CVE-2012-6501 (The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) ...)
+CVE-2012-6501
 	NOT-FOR-US: HP PKI ActiveX
-CVE-2012-6500 (Directory traversal vulnerability in download.lib.php in Pragyan CMS ...)
+CVE-2012-6500
 	NOT-FOR-US: Pragyan CMS
-CVE-2012-6499 (Open redirect vulnerability in age-verification.php in the Age ...)
+CVE-2012-6499
 	NOT-FOR-US: Age Verification plugin for WordPress
 CVE-2012-0722
 	REJECTED
-CVE-2012-6498 (Unrestricted file upload vulnerability in index.php in Atomymaxsite ...)
+CVE-2012-6498
 	NOT-FOR-US: Atomymaxsite
-CVE-2012-6497 (The Authlogic gem for Ruby on Rails, when used with certain versions ...)
+CVE-2012-6497
 	{DSA-2597-1}
 	- ruby-activerecord-3.2 3.2.6-3
 	- ruby-activerecord-2.3 2.3.14-3
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-6496 (SQL injection vulnerability in the Active Record component in Ruby on ...)
+CVE-2012-6496
 	{DSA-2597-1}
 	- ruby-activerecord-3.2 3.2.6-3
 	- ruby-activerecord-2.3 2.3.14-3
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-6495 (Multiple directory traversal vulnerabilities in the (1) twikidraw ...)
+CVE-2012-6495
 	{DSA-2593-1}
 	- moin 1.9.5-3
 	[wheezy] - moin 1.9.4-8+deb7u1
 CVE-2012-6494
 	RESERVED
-CVE-2012-6493 (Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose ...)
+CVE-2012-6493
 	NOT-FOR-US: Rapid7 Nexpose Security Console
 CVE-2012-6492
 	RESERVED
@@ -678,37 +678,37 @@ CVE-2012-6474
 	RESERVED
 CVE-2012-6473
 	RESERVED
-CVE-2012-6472 (Opera before 12.12 on UNIX uses weak permissions for the profile ...)
+CVE-2012-6472
 	NOT-FOR-US: Opera
-CVE-2012-6471 (Opera before 12.12 allows remote attackers to spoof the address field ...)
+CVE-2012-6471
 	NOT-FOR-US: Opera
-CVE-2012-6470 (Opera before 12.12 does not properly allocate memory for GIF images, ...)
+CVE-2012-6470
 	NOT-FOR-US: Opera
-CVE-2012-6469 (Opera before 12.11 allows remote attackers to determine the existence ...)
+CVE-2012-6469
 	NOT-FOR-US: Opera
-CVE-2012-6468 (Heap-based buffer overflow in Opera before 12.11 allows remote ...)
+CVE-2012-6468
 	NOT-FOR-US: Opera
-CVE-2012-6467 (Opera before 12.10 follows Internet shortcuts that are referenced by a ...)
+CVE-2012-6467
 	NOT-FOR-US: Opera
-CVE-2012-6466 (Opera before 12.10 does not properly handle incorrect size data in a ...)
+CVE-2012-6466
 	NOT-FOR-US: Opera
-CVE-2012-6465 (Opera before 12.10 allows remote attackers to execute arbitrary code ...)
+CVE-2012-6465
 	NOT-FOR-US: Opera
-CVE-2012-6464 (Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows ...)
+CVE-2012-6464
 	NOT-FOR-US: Opera
-CVE-2012-6463 (Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows ...)
+CVE-2012-6463
 	NOT-FOR-US: Opera
-CVE-2012-6462 (Opera before 12.10 does not properly implement the Cross-Origin ...)
+CVE-2012-6462
 	NOT-FOR-US: Opera
-CVE-2012-6461 (The X.509 certificate-validation functionality in the https ...)
+CVE-2012-6461
 	NOT-FOR-US: Opera
-CVE-2012-6460 (Opera before 11.67 and 12.x before 12.02 allows remote attackers to ...)
+CVE-2012-6460
 	NOT-FOR-US: Opera
-CVE-2012-6459 (ConnMan 1.3 on Tizen continues to list the bluetooth service after ...)
+CVE-2012-6459
 	- connman 1.0-1.1 (bug #697580)
 	[wheezy] - connman 1.0-1.1+wheezy1
 	[squeeze] - connman <no-dsa> (Minor issue)
-CVE-2012-6458 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-6458
 	- silverstripe <itp> (bug #528461)
 CVE-2012-6457
 	RESERVED
@@ -718,7 +718,7 @@ CVE-2012-6455
 	RESERVED
 CVE-2012-6454
 	RESERVED
-CVE-2012-6452 (Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway ...)
+CVE-2012-6452
 	NOT-FOR-US: Axway Secure Messenger
 CVE-2012-6451
 	RESERVED
@@ -728,7 +728,7 @@ CVE-2012-6449
 	RESERVED
 CVE-2012-6448
 	RESERVED
-CVE-2012-6447 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 5.0.0 ...)
+CVE-2012-6447
 	NOT-FOR-US: Splunk
 CVE-2012-6446
 	RESERVED
@@ -738,42 +738,42 @@ CVE-2012-6444
 	RESERVED
 CVE-2012-6443
 	RESERVED
-CVE-2012-6453 (Cross-site scripting (XSS) vulnerability in the RSS Reader extension ...)
+CVE-2012-6453
 	{DSA-2596-1}
 	- mediawiki-extensions 2.11 (bug #696179)
-CVE-2012-6442 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+CVE-2012-6442
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6441 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+CVE-2012-6441
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6440 (The web-server password-authentication functionality in Rockwell ...)
+CVE-2012-6440
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6439 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+CVE-2012-6439
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6438 (Buffer overflow in Rockwell Automation EtherNet/IP products; ...)
+CVE-2012-6438
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6437 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+CVE-2012-6437
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6436 (Buffer overflow in Rockwell Automation EtherNet/IP products; ...)
+CVE-2012-6436
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6435 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+CVE-2012-6435
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6434 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-6434
 	NOT-FOR-US: e107
-CVE-2012-6433 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-6433
 	NOT-FOR-US: e107
-CVE-2012-6432 (Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the ...)
+CVE-2012-6432
 	NOT-FOR-US: Symfony
-CVE-2012-6431 (Symfony 2.0.x before 2.0.20 does not process URL encoded data ...)
+CVE-2012-6431
 	NOT-FOR-US: Symfony
-CVE-2012-6430 (Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms ...)
+CVE-2012-6430
 	NOT-FOR-US: Open Solution Quick.Cart and Quick.Cms
-CVE-2012-6429 (Buffer overflow in the PrepareSync method in the SyncService.dll ...)
+CVE-2012-6429
 	NOT-FOR-US: Samsung Kies
-CVE-2012-6428 (Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 ...)
+CVE-2012-6428
 	NOT-FOR-US: Carlo Gavazzi EOS-Box
-CVE-2012-6427 (Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with ...)
+CVE-2012-6427
 	NOT-FOR-US: Carlo Gavazzi EOS-Box
-CVE-2012-6426 (LemonLDAP::NG before 1.2.3 does not use the signature-verification ...)
+CVE-2012-6426
 	- lemonldap-ng 1.2.2-3 (bug #696329)
 	[wheezy] - lemonldap-ng 1.1.2-5+deb7u1
 	[squeeze] - lemonldap-ng <not-affected> (SAML code not present)
@@ -783,7 +783,7 @@ CVE-2012-6424
 	RESERVED
 CVE-2012-6423
 	RESERVED
-CVE-2012-6422 (The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly ...)
+CVE-2012-6422
 	NOT-FOR-US: Android kernel
 CVE-2012-6421
 	REJECTED
@@ -829,21 +829,21 @@ CVE-2012-6401
 	REJECTED
 CVE-2012-6400
 	RESERVED
-CVE-2012-6399 (Cisco WebEx 4.1 on iOS does not verify that the server hostname ...)
+CVE-2012-6399
 	NOT-FOR-US: Cisco
 CVE-2012-6398
 	RESERVED
-CVE-2012-6397 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Social ...)
+CVE-2012-6397
 	NOT-FOR-US: Cisco WebEx Social
-CVE-2012-6396 (Cisco NX-OS on Nexus 7000 series switches does not properly handle ...)
+CVE-2012-6396
 	NOT-FOR-US: Cisco NX-OS
-CVE-2012-6395 (Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do ...)
+CVE-2012-6395
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-6394
 	RESERVED
 CVE-2012-6393
 	RESERVED
-CVE-2012-6392 (Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux ...)
+CVE-2012-6392
 	NOT-FOR-US: Cisco Prime LMS
 CVE-2012-6391
 	RESERVED
@@ -885,11 +885,11 @@ CVE-2012-6373
 	RESERVED
 CVE-2012-6372
 	RESERVED
-CVE-2012-6371 (The WPA2 implementation on the Belkin N900 F9K1104v1 router ...)
+CVE-2012-6371
 	NOT-FOR-US: Belkin router
 CVE-2012-6370
 	RESERVED
-CVE-2012-6369 (Cross-site scripting (XSS) vulnerability in the Troubleshooting ...)
+CVE-2012-6369
 	NOT-FOR-US: AgileBits 1Password
 CVE-2012-6368
 	REJECTED
@@ -907,35 +907,35 @@ CVE-2012-6362
 	REJECTED
 CVE-2012-6361
 	RESERVED
-CVE-2012-6360 (Cross-site scripting (XSS) vulnerability in IBM Intelligent Operations ...)
+CVE-2012-6360
 	NOT-FOR-US: IBM Intelligent Operations Center
-CVE-2012-6359 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, ...)
+CVE-2012-6359
 	NOT-FOR-US: IBM Tivoli
 CVE-2012-6358
 	RESERVED
-CVE-2012-6357 (IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials ...)
+CVE-2012-6357
 	NOT-FOR-US: IBM
-CVE-2012-6356 (IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials ...)
+CVE-2012-6356
 	NOT-FOR-US: IBM
-CVE-2012-6355 (IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management ...)
+CVE-2012-6355
 	NOT-FOR-US: IBM
-CVE-2012-6354 (The management GUI on the IBM SAN Volume Controller and Storwize V7000 ...)
+CVE-2012-6354
 	NOT-FOR-US: IBM
 CVE-2012-6353
 	RESERVED
-CVE-2012-6352 (The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on ...)
+CVE-2012-6352
 	NOT-FOR-US: IBM Sterling Connect:Direct
 CVE-2012-6351
 	RESERVED
-CVE-2012-6350 (Cross-site scripting (XSS) vulnerability in the Web component in IBM ...)
+CVE-2012-6350
 	NOT-FOR-US: IBM Cognos TM1
-CVE-2012-6349 (Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used ...)
+CVE-2012-6349
 	NOT-FOR-US: IBM Notes
-CVE-2012-6348 (Centrify Deployment Manager 2.1.0.283, as distributed in Centrify ...)
+CVE-2012-6348
 	NOT-FOR-US: Centrify
-CVE-2012-6347 (Multiple cross-site scripting (XSS) vulnerabilities in Java number ...)
+CVE-2012-6347
 	NOT-FOR-US: FortiGate
-CVE-2012-6346 (Multiple cross-site scripting (XSS) vulnerabilities in FortiWeb before ...)
+CVE-2012-6346
 	NOT-FOR-US: FortiWeb
 CVE-2012-6345
 	RESERVED
@@ -945,34 +945,34 @@ CVE-2012-6344
 	NOT-FOR-US: CyberArk Vault
 CVE-2012-6343
 	RESERVED
-CVE-2012-6342 (Cross-site request forgery (CSRF) vulnerability in logout.action in ...)
+CVE-2012-6342
 	NOT-FOR-US: Atlassian Confluence
 CVE-2012-6341
 	RESERVED
 CVE-2012-6340
 	RESERVED
-CVE-2012-6339 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-6339
 	NOT-FOR-US: Cerberus FTP Server
 CVE-2012-6338
 	RESERVED
-CVE-2012-6337 (The Track My Mobile feature in the SamsungDive subsystem for Android ...)
+CVE-2012-6337
 	NOT-FOR-US: SamsungDive on Samsung Galaxy
-CVE-2012-6336 (The Missing Device feature in Lookout allows physically proximate ...)
+CVE-2012-6336
 	NOT-FOR-US: Lookout
-CVE-2012-6335 (The Anti-theft service in AVG AntiVirus for Android allows physically ...)
+CVE-2012-6335
 	NOT-FOR-US: AVG AntiVirus for Android
-CVE-2012-6334 (The Track My Mobile feature in the SamsungDive subsystem for Android ...)
+CVE-2012-6334
 	NOT-FOR-US: SamsungDive subsystem for Android
-CVE-2012-6333 (Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM ...)
+CVE-2012-6333
 	{DSA-2636-1}
 	- xen 4.1.3-8
 CVE-2012-6332
 	RESERVED
 CVE-2012-6331
 	RESERVED
-CVE-2012-6330 (The localization functionality in TWiki before 5.1.3, and Foswiki ...)
+CVE-2012-6330
 	- foswiki <itp> (bug #509864)
-CVE-2012-6329 (The _compile function in Maketext.pm in the Locale::Maketext ...)
+CVE-2012-6329
 	- perl 5.14.2-16 (bug #695224)
 	[squeeze] - perl 5.10.1-17squeeze5
 	- foswiki <itp> (bug #509864)
@@ -980,11 +980,11 @@ CVE-2012-6328
 	REJECTED
 CVE-2012-6327
 	REJECTED
-CVE-2012-6326 (VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and ...)
+CVE-2012-6326
 	NOT-FOR-US: vCenter
-CVE-2012-6325 (VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not ...)
+CVE-2012-6325
 	NOT-FOR-US: VMware vCenter Server Appliance
-CVE-2012-6324 (Directory traversal vulnerability in VMware vCenter Server Appliance ...)
+CVE-2012-6324
 	NOT-FOR-US: VMware vCenter Server Appliance
 CVE-2012-6323
 	RESERVED
@@ -1000,15 +1000,15 @@ CVE-2012-6318
 	RESERVED
 CVE-2012-6317
 	RESERVED
-CVE-2012-6316 (Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK ...)
+CVE-2012-6316
 	NOT-FOR-US: TP-LINK
 CVE-2012-6315
 	REJECTED
-CVE-2012-6314 (Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, ...)
+CVE-2012-6314
 	NOT-FOR-US: Citrix XenDesktop
-CVE-2012-6313 (simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 ...)
+CVE-2012-6313
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-6312 (Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin ...)
+CVE-2012-6312
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-6311
 	RESERVED
@@ -1026,7 +1026,7 @@ CVE-2012-6305
 	RESERVED
 CVE-2012-6304
 	RESERVED
-CVE-2012-6303 (Heap-based buffer overflow in the GetWavHeader function in ...)
+CVE-2012-6303
 	- snack 2.2.10-dfsg1-12.1 (low; bug #695614)
 	[squeeze] - snack 2.2.10-dfsg1-9+squeeze1
 	- wavesurfer <not-affected> (originally reported in wavesurfer, but actually a bug in libsnack, see bug #695615)
@@ -1034,13 +1034,13 @@ CVE-2012-6303 (Heap-based buffer overflow in the GetWavHeader function in ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/10/2
 CVE-2012-6302
 	RESERVED
-CVE-2012-6301 (The Browser application in Android 4.0.3 allows remote attackers to ...)
+CVE-2012-6301
 	NOT-FOR-US: Android browser
 CVE-2012-6300
 	RESERVED
-CVE-2012-6299 (Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, ...)
+CVE-2012-6299
 	NOT-FOR-US: CA IdentityMinder
-CVE-2012-6298 (Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, ...)
+CVE-2012-6298
 	NOT-FOR-US: CA IdentityMinder
 CVE-2012-6297
 	RESERVED
@@ -1056,7 +1056,7 @@ CVE-2012-6292
 	RESERVED
 CVE-2012-6291
 	RESERVED
-CVE-2012-6290 (SQL injection vulnerability in ImageCMS before 4.2 allows remote ...)
+CVE-2012-6290
 	NOT-FOR-US: ImageCMS
 CVE-2012-6289
 	REJECTED
@@ -1084,19 +1084,19 @@ CVE-2012-6278
 	REJECTED
 CVE-2012-6277
 	RESERVED
-CVE-2012-6276 (Directory traversal vulnerability in the web-based management ...)
+CVE-2012-6276
 	NOT-FOR-US: TP-LINK TL-WR841N
-CVE-2012-6275 (Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft ...)
+CVE-2012-6275
 	NOT-FOR-US: BigAnt IM Server
-CVE-2012-6274 (BigAntSoft BigAnt IM Message Server does not require authentication ...)
+CVE-2012-6274
 	NOT-FOR-US: BigAnt IM Server
-CVE-2012-6273 (SQL injection vulnerability in BigAntSoft BigAnt IM Message Server ...)
+CVE-2012-6273
 	NOT-FOR-US: BigAnt IM Server
-CVE-2012-6272 (Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage ...)
+CVE-2012-6272
 	NOT-FOR-US: Dell OpenManage Server Administrator
-CVE-2012-6271 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to ...)
+CVE-2012-6271
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-6270 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to ...)
+CVE-2012-6270
 	NOT-FOR-US: Adobe Shockwave
 CVE-2012-6269
 	REJECTED
@@ -1330,20 +1330,20 @@ CVE-2012-6155
 	RESERVED
 CVE-2012-6154
 	RESERVED
-CVE-2012-6153 (http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient ...)
+CVE-2012-6153
 	{DLA-222-1}
 	- commons-httpclient 3.1-10.2 (bug #692442)
 	NOTE: References to upstream patches for 4.x can be found in https://issues.apache.org/jira/browse/HTTPCLIENT-1549
-CVE-2012-6152 (The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does ...)
+CVE-2012-6152
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2012-6151 (Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB ...)
+CVE-2012-6151
 	- net-snmp 5.7.2.1~dfsg-3 (low; bug #731625)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8+deb7u1
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/net-snmp/bugs/2411/
 	NOTE: Upstream patch: http://sourceforge.net/p/net-snmp/code/ci/793d596838ff7cb48a73b675d62897c56c9e62df/
-CVE-2012-6150 (The winbind_name_list_to_sid_string_list function in ...)
+CVE-2012-6150
 	- samba 2:4.0.13+dfsg-1 (low)
 	[wheezy] - samba 2:3.6.6-6+deb7u3
 	[squeeze] - samba <no-dsa> (Can be fixed along in a future DSA)
@@ -1351,49 +1351,49 @@ CVE-2012-6150 (The winbind_name_list_to_sid_string_list function in ...)
 	NOTE: introduced http://git.samba.org/?p=samba.git;a=commit;h=31f1a36901b5b8959dc51401c09c114829b50392
 	NOTE: fixed by http://git.samba.org/?p=samba.git;a=commitdiff;h=f62683956a3b182f6a61cc7a2b4ada2e74cde243
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=10300
-CVE-2012-6149 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-6149
 	NOT-FOR-US: Red Hat Satellite
-CVE-2012-6148 (Cross-site scripting (XSS) vulnerability in the function menu API in ...)
+CVE-2012-6148
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	[squeeze] - typo3-src <not-affected> (Vulnerable code not present)
 	NOTE: https://review.typo3.org/16300
-CVE-2012-6147 (Cross-site scripting (XSS) vulnerability in the tree render API ...)
+CVE-2012-6147
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16305
-CVE-2012-6146 (The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before ...)
+CVE-2012-6146
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16304
-CVE-2012-6145 (Cross-site scripting (XSS) vulnerability in the Backend History module ...)
+CVE-2012-6145
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16304
-CVE-2012-6144 (SQL injection vulnerability in the Backend History module in TYPO3 ...)
+CVE-2012-6144
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16304
-CVE-2012-6143 (Spoon::Cookie in the Spoon module 0.24 for Perl does not properly use ...)
+CVE-2012-6143
 	- libspoon-perl <removed> (bug #715371; low)
 	[squeeze] - libspoon-perl <no-dsa> (Minor issue)
 	[wheezy] - libspoon-perl <no-dsa> (Minor issue)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=85217
-CVE-2012-6142 (Session::Cookie in the HTML::EP module 0.2011 for Perl does not ...)
+CVE-2012-6142
 	NOT-FOR-US: HTML-EP CPAN module
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=85216
-CVE-2012-6141 (The App::Context module 0.01 through 0.968 for Perl does not properly ...)
+CVE-2012-6141
 	NOT-FOR-US: App-Context CPAN module
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=85215
-CVE-2012-6140 (pam_google_authenticator.c in the PAM module in Google Authenticator ...)
+CVE-2012-6140
 	- google-authenticator 20130529-1 (bug #666129)
-CVE-2012-6139 (libxslt before 1.1.28 allows remote attackers to cause a denial of ...)
+CVE-2012-6139
 	{DSA-2654-1}
 	- libxslt 1.1.26-14.1 (bug #703933)
 	NOTE: http://git.gnome.org/browse/libxslt/commit/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833
 	NOTE: http://git.gnome.org/browse/libxslt/commit/?id=dc11b6b379a882418093ecc8adf11f6166682e8d
 CVE-2012-6138
 	REJECTED
-CVE-2012-6137 (rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does ...)
+CVE-2012-6137
 	NOT-FOR-US: Red Hat subscription-manager
 CVE-2012-6136
 	RESERVED
@@ -1402,28 +1402,28 @@ CVE-2012-6135
 	RESERVED
 	- ruby-passenger <not-affected> (Vulnerable code not present; bug #702219)
 	NOTE: 4.0.0 betas only
-CVE-2012-6134 (Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 ...)
+CVE-2012-6134
 	- ruby-omniauth-oauth2 <not-affected> (Fixed in the first version uploaded to Debian)
 CVE-2012-6133 [XSS flaws in ok and error messages]
 	RESERVED
 	{DLA-298-1}
 	- roundup 1.4.20-1
 	NOTE: http://issues.roundup-tracker.org/issue2550724
-CVE-2012-6132 (Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 ...)
+CVE-2012-6132
 	{DLA-298-1}
 	- roundup 1.4.20-1
-CVE-2012-6131 (Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup ...)
+CVE-2012-6131
 	{DLA-298-1}
 	- roundup 1.4.20-1
 	NOTE: http://issues.roundup-tracker.org/issue2550711
-CVE-2012-6130 (Cross-site scripting (XSS) vulnerability in the history display in ...)
+CVE-2012-6130
 	{DLA-298-1}
 	- roundup 1.4.20-1
 	NOTE: http://issues.roundup-tracker.org/issue2550684
-CVE-2012-6129 (Stack-based buffer overflow in utp.cpp in libutp, as used in ...)
+CVE-2012-6129
 	- transmission 2.52-3+nmu1 (bug #700234)
 	[squeeze] - transmission <not-affected> (UTP code not present)
-CVE-2012-6128 (Multiple stack-based buffer overflows in http.c in OpenConnect before ...)
+CVE-2012-6128
 	{DSA-2623-1}
 	- openconnect 3.20-3 (bug #700794)
 	NOTE: http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/26f752c3dbf69227679fc6bebb4ae071aecec491
@@ -1452,37 +1452,37 @@ CVE-2012-6122
 	- chicken 4.8.0.3-1 (low; bug #702410)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
-CVE-2012-6121 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before ...)
+CVE-2012-6121
 	- roundcube <not-affected> (vulnerable code not in stable or testing)
 	NOTE: http://trac.roundcube.net/ticket/1488850
 	NOTE: Upstream patch: https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba
-CVE-2012-6120 (Red Hat OpenStack Essex and Folsom creates the /var/log/puppet ...)
+CVE-2012-6120
 	{DLA-29-1}
 	- puppet 2.6.4-2
 	[squeeze] - puppet <no-dsa> (Minor issue)
 	NOTE: puppet-common postinst in unstable sets dpkg-statoverride --update --add puppet puppet 0750 /var/log/puppet
 	NOTE: After starting puppetmaster permissions on directory are restricted
-CVE-2012-6119 (Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager ...)
+CVE-2012-6119
 	NOTE: Candlepin
-CVE-2012-6118 (The Administer tab in Aeolus Conductor allows remote authenticated ...)
+CVE-2012-6118
 	NOT-FOR-US: Aeolus Cloud Configuration tool (not the pipe organ simulator in Debian)
-CVE-2012-6117 (Aeolus Configuration Server, as used in Red Hat CloudForms Cloud ...)
+CVE-2012-6117
 	NOT-FOR-US: Aeolus Cloud Configuration tool (not the pipe organ simulator in Debian)
-CVE-2012-6116 (modules/certs/manifests/config.pp in katello-configure before ...)
+CVE-2012-6116
 	NOTE: Candlepin
-CVE-2012-6115 (The domain management tool (rhevm-manage-domains) in Red Hat ...)
+CVE-2012-6115
 	NOTE: RHEV management tool
 CVE-2012-6114 [temp file vulnerability in git-extras]
 	RESERVED
 	- git-extras 1.7.0-1.2 (bug #698490)
-CVE-2012-6113 (The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 ...)
+CVE-2012-6113
 	- php5 5.4.0~beta2-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.9)
 	NOTE: Introduced in http://git.php.net/?p=php-src.git;a=commitdiff;h=095cbc48a8f0090f3b0abc6155f2b61943c9eafb
 	NOTE: Fixed in 5.3.14 http://git.php.net/?p=php-src.git;a=commitdiff;h=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793
 	NOTE: https://bugs.php.net/bug.php?id=61413
-CVE-2012-6112 (classes/GoogleSpell.php in the PHP Spellchecker (aka Google ...)
+CVE-2012-6112
 	- tinymce <not-affected> (TinyMCE Google spellchecker plugin)
 	- wordpress 3.5.1+dfsg-2
 	- moodle 2.5-1 (bug #702387)
@@ -1499,102 +1499,102 @@ CVE-2012-6111 [gnome-keyring does not discard stored secrets in some cases]
 	[squeeze] - gnome-keyring <no-dsa> (Minor issue)
 	[wheezy] - gnome-keyring <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/11/5
-CVE-2012-6109 (lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x ...)
+CVE-2012-6109
 	- ruby-rack 1.4.1-2.1 (bug #698440)
 	- librack-ruby <removed>
 	[squeeze] - librack-ruby <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/rack/rack/commit/4fc44671b3cad569421f4f8b775c0590b86f575e
 	NOTE: https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
-CVE-2012-6108 (HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses ...)
+CVE-2012-6108
 	- hplip <not-affected> (permissions are 755 on wheezy, sid and experimental)
-CVE-2012-6107 (Apache Axis2/C does not verify that the server hostname matches a ...)
+CVE-2012-6107
 	- axis2c <removed> (bug #697974)
 	[squeeze] - axis2c <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.apache.org/jira/browse/AXIS2C-1619
-CVE-2012-6106 (calendar/managesubscriptions.php in the Manage Subscriptions ...)
+CVE-2012-6106
 	- moodle <not-affected> (Only affects 2.4)
-CVE-2012-6105 (blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, ...)
+CVE-2012-6105
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6104 (blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and ...)
+CVE-2012-6104
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6103 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-6103
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6102 (lib.php in the Submission comments plugin in the Assignment module in ...)
+CVE-2012-6102
 	- moodle <not-affected> (Only affects 2.3 and above)
-CVE-2012-6101 (Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, ...)
+CVE-2012-6101
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6100 (report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before ...)
+CVE-2012-6100
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6099 (The moodle1 backup converter in backup/converter/moodle1/lib.php in ...)
+CVE-2012-6099
 	- moodle 2.5-1
 	[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6098 (grade/edit/outcome/edit_form.php in Moodle 1.9.x through 1.9.19, 2.1.x ...)
+CVE-2012-6098
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6097 (File descriptor leak in cronie 1.4.8, when running in certain ...)
+CVE-2012-6097
 	[experimental] - cronie <unfixed> (low; bug #697811)
 	NOTE: Only present in experimental
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=786096
-CVE-2012-6096 (Multiple stack-based buffer overflows in the get_history function in ...)
+CVE-2012-6096
 	{DSA-2653-1 DSA-2616-1}
 	- icinga 1.7.1-5 (bug #697931)
 	- nagios3 3.4.1-3 (bug #697930)
-CVE-2012-6095 (ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows ...)
+CVE-2012-6095
 	{DSA-2606-1}
 	- proftpd-dfsg 1.3.4a-3 (bug #697524)
 CVE-2012-6094
 	RESERVED
 	- cups <not-affected> (systemd patch not applied in Debian, see bug #697584)
-CVE-2012-6093 (The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before ...)
+CVE-2012-6093
 	- qt4-x11 <not-affected> (Only affects environments where a different OpenSSL is used, doesn't apply to Debian; bug #697582)
 	NOTE: http://lists.qt-project.org/pipermail/announce/2013-January/000020.html
 	NOTE: https://codereview.qt-project.org/#change,42461
 	NOTE: Fixed in 4:4.8.2+dfsg-10
-CVE-2012-6092 (Multiple cross-site scripting (XSS) vulnerabilities in the web demos ...)
+CVE-2012-6092
 	- activemq <not-affected> (Example code not shipped in .deb)
 CVE-2012-6091
 	RESERVED
-CVE-2012-6090 (Multiple stack-based buffer overflows in the expand function in ...)
+CVE-2012-6090
 	- swi-prolog 5.10.4-5 (low; bug #697416)
 	[squeeze] - swi-prolog 5.10.1-1+squeeze1
 	NOTE: http://web.archive.org/web/20130309013536/http://web.archive.org/web/20130309013536/https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
 	NOTE: http://www.swi-prolog.org/git/pl.git/commitdiff/b2c88972e7515ada025e97e7d3ce3e34f81cf33e
-CVE-2012-6089 (Multiple stack-based buffer overflows in the canoniseFileName function ...)
+CVE-2012-6089
 	- swi-prolog 5.10.4-5 (low; bug #697416)
 	[squeeze] - swi-prolog 5.10.1-1+squeeze1
 	NOTE: http://web.archive.org/web/20130309013536/http://web.archive.org/web/20130309013536/https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
 	NOTE: http://www.swi-prolog.org/git/pl.git/commitdiff/a9a6fc8a2a9cf3b9154b490a4b1ffaa8be4d723c
-CVE-2012-6088 (The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 ...)
+CVE-2012-6088
 	- rpm 4.10.1-2.1 (bug #697375)
 	[squeeze] - rpm <not-affected> (Introduced in rpm 4.10.0)
 	[wheezy] - rpm 4.10.0-5+deb7u1
-CVE-2012-6087 (repository/s3/S3.php in the Amazon S3 library in Moodle through ...)
+CVE-2012-6087
 	- moodle 2.2.7.dfsg-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
 	NOTE: https://github.com/tpyo/amazon-s3-php-class/pull/36
 	NOTE: https://tracker.moodle.org/browse/MDL-40615
-CVE-2012-6086 (libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x ...)
+CVE-2012-6086
 	- zabbix 1:2.0.7+dfsg-1 (bug #697443)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
 	NOTE: https://support.zabbix.com/browse/ZBX-5924
-CVE-2012-6085 (The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 ...)
+CVE-2012-6085
 	{DSA-2601-1}
 	- gnupg 1.4.12-7 (bug #697108)
 	- gnupg2 2.0.19-2 (bug #697251)
-CVE-2012-6084 (modules/m_capab.c in (1) ircd-ratbox before 3.0.8 and (2) Charybdis ...)
+CVE-2012-6084
 	{DSA-2612-1}
 	- charybdis 3.3.0-7.1 (bug #697092)
 	- ircd-ratbox 3.0.7.dfsg-3 (bug #697093)
@@ -1605,17 +1605,17 @@ CVE-2012-6083
 	- freeciv 2.3.4-1 (low; bug #696306)
 	[squeeze] - freeciv <no-dsa> (Minor issue)
 	[wheezy] - freeciv 2.3.2-1+deb7u1
-CVE-2012-6082 (Cross-site scripting (XSS) vulnerability in the rsslink function in ...)
+CVE-2012-6082
 	{DSA-2593-1}
 	- moin 1.9.5-2
 	[wheezy] - moin 1.9.4-8+deb7u1
 	NOTE: Fix http://hg.moinmo.in/moin/1.9/rev/c98ec456e493
-CVE-2012-6081 (Multiple unrestricted file upload vulnerabilities in the (1) twikidraw ...)
+CVE-2012-6081
 	{DSA-2593-1}
 	[wheezy] - moin 1.9.4-8+deb7u1
 	- moin 1.9.5-3 (bug #696948)
 	NOTE: Fix http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f
-CVE-2012-6080 (Directory traversal vulnerability in the _do_attachment_move function ...)
+CVE-2012-6080
 	{DSA-2593-1}
 	[wheezy] - moin 1.9.4-8+deb7u1
 	- moin 1.9.5-4 (bug #696949)
@@ -1632,26 +1632,26 @@ CVE-2012-6077
 	RESERVED
 	NOT-FOR-US: W3 Total Cache
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/30/3
-CVE-2012-6076 (Inkscape before 0.48.4 reads .eps files from /tmp instead of the ...)
+CVE-2012-6076
 	- inkscape 0.48.3.1-1.3 (low; bug #654341)
 	[squeeze] - inkscape <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/inkscape/+bug/911146
-CVE-2012-6075 (Buffer overflow in the e1000_receive function in the e1000 device ...)
+CVE-2012-6075
 	{DSA-2619-1 DSA-2608-1 DSA-2607-1}
 	- qemu 1.1.2+dfsg-4 (bug #696051)
 	- qemu-kvm 1.1.2+dfsg-4 (bug #696051)
 	- xen 4.1.3-8
 	[squeeze] - xen <not-affected> (In Squeeze the code is in the package xen-qemu-dm-4.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/30/1
-CVE-2012-6074 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.491, ...)
+CVE-2012-6074
 	- jenkins 1.447.2+dfsg-3 (bug #696816)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/28/1
-CVE-2012-6073 (Open redirect vulnerability in Jenkins before 1.491, Jenkins LTS ...)
+CVE-2012-6073
 	- jenkins 1.447.2+dfsg-3 (bug #696816)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/28/1
-CVE-2012-6072 (CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS ...)
+CVE-2012-6072
 	- jenkins 1.447.2+dfsg-3 (bug #696816)
 	- jenkins-winstone 0.9.10-jenkins-37+dfsg-2 (bug #696974)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
@@ -1663,143 +1663,143 @@ CVE-2012-6071 [libnusoap-php: Curl insecure usage]
 CVE-2012-6070 [falconpl: Curl insecure usage]
 	RESERVED
 	- falconpl 0.9.6.9-git20120606-2 (bug #696681)
-CVE-2012-6069 (Directory traversal vulnerability in the Runtime Toolkit in CODESYS ...)
+CVE-2012-6069
 	NOT-FOR-US: CODESYS Runtime System
-CVE-2012-6068 (The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not ...)
+CVE-2012-6068
 	NOT-FOR-US: CODESYS Runtime System
-CVE-2012-6067 (freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to ...)
+CVE-2012-6067
 	NOT-FOR-US: freeFTPd
-CVE-2012-6066 (freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to ...)
+CVE-2012-6066
 	NOT-FOR-US: freeFTPd
-CVE-2012-6065 (The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the ...)
+CVE-2012-6065
 	NOT-FOR-US: Drupal plugin
-CVE-2012-6064 (Directory traversal vulnerability in ...)
+CVE-2012-6064
 	NOT-FOR-US: CMS Made Simple
-CVE-2012-6063 (Double free vulnerability in the sftp_mkdir function in sftp.c in ...)
+CVE-2012-6063
 	{DSA-2577-1}
 	- libssh 0.5.3-1
 	[squeeze] - libssh 0.4.5-3+squeeze1
 	NOTE: Fix included in CVE-2012-4559 patch
 	NOTE: https://red.libssh.org/issues/84
 	NOTE: http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=4d8420f3282ed07fc99fc5e930c17df27ef1e9b2
-CVE-2012-6062 (The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the ...)
+CVE-2012-6062
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6061 (The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the ...)
+CVE-2012-6061
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6060 (Integer overflow in the dissect_iscsi_pdu function in ...)
+CVE-2012-6060
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6059 (The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ...)
+CVE-2012-6059
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6058 (Integer overflow in the dissect_icmpv6 function in ...)
+CVE-2012-6058
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6057 (The dissect_eigrp_metric_comm function in ...)
+CVE-2012-6057
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6056 (Integer overflow in the dissect_sack_chunk function in ...)
+CVE-2012-6056
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6055 (epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in ...)
+CVE-2012-6055
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6054 (The dissect_sflow_245_address_type function in ...)
+CVE-2012-6054
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6053 (epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x ...)
+CVE-2012-6053
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6052 (Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain ...)
+CVE-2012-6052
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45511
-CVE-2012-6051 (Google CityHash computes hash values without properly restricting the ...)
+CVE-2012-6051
 	- cityhash <removed> (bug #694999)
-CVE-2012-6050 (The winbox service in MikroTik RouterOS 5.15 and earlier allows remote ...)
+CVE-2012-6050
 	NOT-FOR-US: MikroTik RouterOS
-CVE-2012-6049 (Open Solution Quick.Cart 5.0 allows remote attackers to obtain ...)
+CVE-2012-6049
 	NOT-FOR-US: Open Solution Quick.Cart 5.0
-CVE-2012-6048 (Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of ...)
+CVE-2012-6048
 	NOT-FOR-US: Guitar Pro 6.1.1
-CVE-2012-6047 (Cross-site request forgery (CSRF) vulnerability in X7 Chat 2.0.5.1 and ...)
+CVE-2012-6047
 	NOT-FOR-US: X7 Chat 2.0.5.1
-CVE-2012-6046 (Static code injection vulnerability in admin/banners.php in PHP Enter ...)
+CVE-2012-6046
 	NOT-FOR-US: PHP Enter
-CVE-2012-6045 (Cross-site scripting (XSS) vulnerability in gb/user/index.php in Ramui ...)
+CVE-2012-6045
 	NOT-FOR-US: Ramui Forum
-CVE-2012-6044 (M-Player 0.4 allows remote attackers to cause a denial of service ...)
+CVE-2012-6044
 	NOT-FOR-US: M-Player (different from mplayer in the archive)
-CVE-2012-6043 (Cross-site scripting (XSS) vulnerability in downloads.php in ...)
+CVE-2012-6043
 	NOT-FOR-US: phpFusion
-CVE-2012-6042 (GPSMapEdit 1.1.73.2 allows user-assisted remote attackers to cause a ...)
+CVE-2012-6042
 	NOT-FOR-US: GPSMapEdit
-CVE-2012-6041 (Double free vulnerability in GreenBrowser before 6.0.1002, when the ...)
+CVE-2012-6041
 	NOT-FOR-US: GreenBrowser
-CVE-2012-6040 (Cross-site scripting (XSS) vulnerability in users.php in File King ...)
+CVE-2012-6040
 	NOT-FOR-US: File King Advanced File Management 1.4
-CVE-2012-6039 (SQL injection vulnerability in view_comments.php in YABSoft Advanced ...)
+CVE-2012-6039
 	NOT-FOR-US: YABSoft Advanced Image Hosting
-CVE-2012-6038 (admin/core/admin_func.php in razorCMS before 1.2.1 does not properly ...)
+CVE-2012-6038
 	NOT-FOR-US: razorCMS
-CVE-2012-6037 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x ...)
+CVE-2012-6037
 	{DSA-2591-1}
 	- mahara 1.5.1-3
-CVE-2012-6036 (The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) ...)
+CVE-2012-6036
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6035 (The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in ...)
+CVE-2012-6035
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6034 (The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv ...)
+CVE-2012-6034
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6033 (The do_tmem_control function in the Transcendent Memory (TMEM) in Xen ...)
+CVE-2012-6033
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6032 (Multiple integer overflows in the (1) tmh_copy_from_client and (2) ...)
+CVE-2012-6032
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6031 (The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, ...)
+CVE-2012-6031
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6030 (The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, ...)
+CVE-2012-6030
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6029 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-6029
 	NOT-FOR-US: Cisco NAC Appliance
 CVE-2012-6028
 	RESERVED
 CVE-2012-6027
 	RESERVED
-CVE-2012-6026 (The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 ...)
+CVE-2012-6026
 	NOT-FOR-US: Cisco Aironet Access Point
 CVE-2012-6025
 	RESERVED
@@ -1837,7 +1837,7 @@ CVE-2012-6009
 	RESERVED
 CVE-2012-6008
 	RESERVED
-CVE-2012-6007 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-6007
 	NOT-FOR-US: Cisco
 CVE-2012-6006
 	RESERVED
@@ -1867,11 +1867,11 @@ CVE-2012-5994
 	RESERVED
 CVE-2012-5993
 	RESERVED
-CVE-2012-5992 (Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco ...)
+CVE-2012-5992
 	NOT-FOR-US: Cisco
-CVE-2012-5991 (screens/base/web_auth_custom.html on Cisco Wireless LAN Controller ...)
+CVE-2012-5991
 	NOT-FOR-US: Cisco
-CVE-2012-5990 (Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor ...)
+CVE-2012-5990
 	NOT-FOR-US: Cisco
 CVE-2012-5989
 	RESERVED
@@ -1893,111 +1893,111 @@ CVE-2012-5981
 	RESERVED
 CVE-2012-5980
 	RESERVED
-CVE-2012-5978 (Multiple directory traversal vulnerabilities in the (1) View ...)
+CVE-2012-5978
 	NOT-FOR-US: VMware View
-CVE-2012-5977 (Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and ...)
+CVE-2012-5977
 	{DSA-2605-1}
 	- asterisk 1:1.8.13.1~dfsg-2 (bug #697230)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2012-015.pdf
-CVE-2012-5976 (Multiple stack consumption vulnerabilities in Asterisk Open Source ...)
+CVE-2012-5976
 	{DSA-2605-1}
 	- asterisk 1:1.8.13.1~dfsg-2 (bug #697230)
 	NOTE: http://downloads.digium.com/pub/security/AST-2012-014.pdf
-CVE-2012-5975 (The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 ...)
+CVE-2012-5975
 	NOT-FOR-US: Tectia SSH
 CVE-2012-5974
 	RESERVED
-CVE-2012-5973 (CA XCOM Data Transport r11.0 and r11.5 on UNIX and Linux allows remote ...)
+CVE-2012-5973
 	NOT-FOR-US: CA XCOM Data Transport
-CVE-2012-5972 (Directory traversal vulnerability in the web server in SpecView 2.5 ...)
+CVE-2012-5972
 	NOT-FOR-US: SpecView 2.5
 CVE-2012-5971
 	RESERVED
-CVE-2012-5970 (The Huawei E585 device allows remote attackers to cause a denial of ...)
+CVE-2012-5970
 	NOT-FOR-US: Huawei device
-CVE-2012-5969 (Multiple directory traversal vulnerabilities on the Huawei E585 device ...)
+CVE-2012-5969
 	NOT-FOR-US: Huawei device
-CVE-2012-5968 (The Huawei E585 device does not validate the status of admin sessions, ...)
+CVE-2012-5968
 	NOT-FOR-US: Huawei device
-CVE-2012-5967 (SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through ...)
+CVE-2012-5967
 	NOT-FOR-US: Centreon
-CVE-2012-5966 (The restricted telnet shell on the D-Link DSL2730U router allows ...)
+CVE-2012-5966
 	NOT-FOR-US: D-Link DSL2730U router
-CVE-2012-5965 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5965
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5964 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5964
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5963 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5963
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5962 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5962
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5961 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5961
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5960 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5960
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5959 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5959
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5958 (Stack-based buffer overflow in the unique_service_name function in ...)
+CVE-2012-5958
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
 CVE-2012-5957
 	RESERVED
-CVE-2012-5956 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2012-5956
 	NOT-FOR-US: ManageEngine AssetExplorer 5.6
-CVE-2012-5955 (Unspecified vulnerability in the IBM HTTP Server component 5.3 in IBM ...)
+CVE-2012-5955
 	NOT-FOR-US: WebSphere
-CVE-2012-5954 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space ...)
+CVE-2012-5954
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2012-5953 (IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, ...)
+CVE-2012-5953
 	NOT-FOR-US: IBM
-CVE-2012-5952 (IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, ...)
+CVE-2012-5952
 	NOT-FOR-US: IBM
-CVE-2012-5951 (Unspecified vulnerability in IBM Tivoli NetView 1.4, 5.1 through 5.4, ...)
+CVE-2012-5951
 	NOT-FOR-US: IBM Tivoli NetView
-CVE-2012-5950 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM ...)
+CVE-2012-5950
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2012-5949 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA ...)
+CVE-2012-5949
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2012-5948 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA ...)
+CVE-2012-5948
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2012-5947 (Buffer overflow in the vsflex7l ActiveX control in IBM SPSS ...)
+CVE-2012-5947
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2012-5946 (Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM ...)
+CVE-2012-5946
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2012-5945 (Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS ...)
+CVE-2012-5945
 	NOT-FOR-US: IBM SPSS SamplePower
 CVE-2012-5944
 	RESERVED
-CVE-2012-5943 (Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before ...)
+CVE-2012-5943
 	NOT-FOR-US: IBM iNotes
-CVE-2012-5942 (Cross-site scripting (XSS) vulnerability in the Data Management Portal ...)
+CVE-2012-5942
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2012-5941 (Cross-site scripting (XSS) vulnerability in the WebAdmin application ...)
+CVE-2012-5941
 	NOT-FOR-US: IBM
-CVE-2012-5940 (The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM ...)
+CVE-2012-5940
 	NOT-FOR-US: IBM
-CVE-2012-5939 (Cross-site scripting (XSS) vulnerability in Welcome.do in the Data ...)
+CVE-2012-5939
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2012-5938 (The installation process in IBM InfoSphere Information Server 8.1, ...)
+CVE-2012-5938
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-5937 (Unspecified vulnerability in the CLA2 server in IBM Gentran ...)
+CVE-2012-5937
 	NOT-FOR-US: IBM Gentran Integration
-CVE-2012-5936 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2012-5936
 	NOT-FOR-US: IBM
 CVE-2012-5935
 	RESERVED
@@ -2005,11 +2005,11 @@ CVE-2012-5934
 	RESERVED
 CVE-2012-5933
 	RESERVED
-CVE-2012-5932 (Eval injection vulnerability in the ldapagnt_eval function in ...)
+CVE-2012-5932
 	NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
-CVE-2012-5931 (Directory traversal vulnerability in the set_log_config function in ...)
+CVE-2012-5931
 	NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
-CVE-2012-5930 (The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ ...)
+CVE-2012-5930
 	NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
 CVE-2012-5929
 	RESERVED
@@ -2029,120 +2029,120 @@ CVE-2012-5922
 	RESERVED
 CVE-2012-5921
 	RESERVED
-CVE-2012-5920 (Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) ...)
+CVE-2012-5920
 	- gwt <removed> (bug #691900)
 	[squeeze] - gwt <not-affected> (Vulnerable code not present)
-CVE-2012-5919 (Multiple cross-site scripting (XSS) vulnerabilities in Havalite 1.0.4 ...)
+CVE-2012-5919
 	NOT-FOR-US: havalite
-CVE-2012-5918 (razorCMS 1.2 allows remote authenticated users to access administrator ...)
+CVE-2012-5918
 	NOT-FOR-US: razorCMS
-CVE-2012-5917 (SnackAmp 3.1.3 allows remote attackers to cause a denial of service ...)
+CVE-2012-5917
 	NOT-FOR-US: SnackAmp
-CVE-2012-5916 (Neocrome Seditio build 161 allows remote attackers to obtain sensitive ...)
+CVE-2012-5916
 	NOT-FOR-US: Neocrome Seditio
-CVE-2012-5915 (Neocrome Seditio build 161 and earlier allows remote attackers to ...)
+CVE-2012-5915
 	NOT-FOR-US: Neocrome Seditio
-CVE-2012-5914 (Multiple cross-site scripting (XSS) vulnerabilities in the sed_import ...)
+CVE-2012-5914
 	NOT-FOR-US: Neocrome Seditio
-CVE-2012-5913 (Cross-site scripting (XSS) vulnerability in wp-integrator.php in the ...)
+CVE-2012-5913
 	NOT-FOR-US: Wordpress Integrator plugin
-CVE-2012-5912 (Multiple SQL injection vulnerabilities in PicoPublisher 2.0 allow ...)
+CVE-2012-5912
 	NOT-FOR-US: PicoPublisher
-CVE-2012-5911 (Cross-site scripting (XSS) vulnerability in blogs/blog1.php in ...)
+CVE-2012-5911
 	NOT-FOR-US: b2evolution
-CVE-2012-5910 (SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution ...)
+CVE-2012-5910
 	NOT-FOR-US: b2evolution
-CVE-2012-5909 (SQL injection vulnerability in admin/modules/user/users.php in MyBB ...)
+CVE-2012-5909
 	NOT-FOR-US: MyBB
-CVE-2012-5908 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-5908
 	NOT-FOR-US: MyBB
-CVE-2012-5907 (Directory traversal vulnerability in json.php in TomatoCart 1.2.0 ...)
+CVE-2012-5907
 	NOT-FOR-US: TomatoCart
-CVE-2012-5906 (Multiple cross-site scripting (XSS) vulnerabilities in GreenBrowser ...)
+CVE-2012-5906
 	NOT-FOR-US: GreenBrowser
-CVE-2012-5905 (Buffer overflow in KnFTPd 1.0.0 allows remote authenticated users to ...)
+CVE-2012-5905
 	NOT-FOR-US: KnFTPd
-CVE-2012-5904 (Heap-based buffer overflow in IrfanView before 4.33 allows remote ...)
+CVE-2012-5904
 	NOT-FOR-US: IrfanView
-CVE-2012-5903 (Cross-site scripting (XSS) vulnerability in Simple Machines Forum ...)
+CVE-2012-5903
 	NOT-FOR-US: Simple Machine Forum
-CVE-2012-5902 (Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php ...)
+CVE-2012-5902
 	NOT-FOR-US: DFLabs PTK
-CVE-2012-5901 (DFLabs PTK 1.0.5 stores data files with predictable names under the ...)
+CVE-2012-5901
 	NOT-FOR-US: DFLabs PTK
-CVE-2012-5900 (Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow ...)
+CVE-2012-5900
 	NOT-FOR-US: SAMEDIA LandShop
-CVE-2012-5899 (Cross-site scripting (XSS) vulnerability in admin/action/objects.php ...)
+CVE-2012-5899
 	NOT-FOR-US: SAMEDIA LandShop
-CVE-2012-5898 (Cross-site request forgery (CSRF) vulnerability in SAMEDIA LandShop ...)
+CVE-2012-5898
 	NOT-FOR-US: SAMEDIA LandShop
-CVE-2012-5897 (The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX ...)
+CVE-2012-5897
 	NOT-FOR-US: Quest in Trust
-CVE-2012-5896 (The Annotation Objects Extension ActiveX control in AnnotateX.dll in ...)
+CVE-2012-5896
 	NOT-FOR-US: Quest in Trust
-CVE-2012-5895 (Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown ...)
+CVE-2012-5895
 	NOT-FOR-US: iRODS
-CVE-2012-5894 (SQL injection vulnerability in hava_post.php in Havalite CMS 1.1.0 and ...)
+CVE-2012-5894
 	NOT-FOR-US: Havalite CMS
-CVE-2012-5893 (Unrestricted file upload vulnerability in hava_upload.php in Havalite ...)
+CVE-2012-5893
 	NOT-FOR-US: Havalite CMS
-CVE-2012-5892 (Havalite CMS 1.1.0 and earlier stores sensitive information under the ...)
+CVE-2012-5892
 	NOT-FOR-US: Havalite CMS
-CVE-2012-5891 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-5891
 	NOT-FOR-US: Dalbum
-CVE-2012-5890 (The Front End User Registration (sr_feuser_register) extension before ...)
+CVE-2012-5890
 	NOT-FOR-US: Typo3 extension (sr_feuser_register)
-CVE-2012-5889 (Cross-site scripting (XSS) vulnerability in the powermail extension ...)
+CVE-2012-5889
 	NOT-FOR-US: Typo3 extension (powermail)
-CVE-2012-5888 (Cross-site scripting (XSS) vulnerability in Basic SEO Features ...)
+CVE-2012-5888
 	NOT-FOR-US: Typo3 extension (seo_basics)
-CVE-2012-5887 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
+CVE-2012-5887
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
-CVE-2012-5886 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
+CVE-2012-5886
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
-CVE-2012-5885 (The replay-countermeasure functionality in the HTTP Digest Access ...)
+CVE-2012-5885
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
-CVE-2012-5884 (The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 ...)
+CVE-2012-5884
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <not-affected> (vulnerable code not present in 3.x)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-5883 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+CVE-2012-5883
 	- yui3 <not-affected>
 	- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
 	[squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
 	- icinga-web 1.7.1+dfsg2-6 (bug #694641)
-CVE-2012-5882 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+CVE-2012-5882
 	- yui3 <not-affected>
 	- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
 	[squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
 	- icinga-web 1.7.1+dfsg2-6 (bug #694641)
-CVE-2012-5881 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+CVE-2012-5881
 	- yui3 <not-affected>
 	- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
 	[squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
 	- icinga-web 1.7.1+dfsg2-6 (bug #694641)
 CVE-2012-5880
 	RESERVED
-CVE-2012-5879 (An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician ...)
+CVE-2012-5879
 	NOT-FOR-US: McAfee Virtual Technician
 CVE-2012-5878
 	RESERVED
-CVE-2012-5877 (Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a ...)
+CVE-2012-5877
 	NOT-FOR-US: Nero MediaHome
-CVE-2012-5876 (Multiple off-by-one errors in NMMediaServerService.dll in Nero ...)
+CVE-2012-5876
 	NOT-FOR-US: Nero MediaHome
-CVE-2012-5875 (Firefly Media Server 1.0.0.1359 allows remote attackers to cause a ...)
+CVE-2012-5875
 	NOT-FOR-US: Firefly Media Server
-CVE-2012-5874 (Multiple SQL injection vulnerabilities in the (1) ...)
+CVE-2012-5874
 	NOT-FOR-US: Elite Bulletin Board
 CVE-2012-5873
 	RESERVED
@@ -2154,50 +2154,50 @@ CVE-2012-5870
 	RESERVED
 CVE-2012-5869
 	RESERVED
-CVE-2012-5868 (WordPress 3.4.2 does not invalidate a wordpress_sec session cookie ...)
+CVE-2012-5868
 	- wordpress <unfixed> (unimportant; bug #696868)
 	NOTE: non-issue, see https://wordpress.org/support/topic/old-bug-cve-2012-5868
 CVE-2012-5867
 	RESERVED
-CVE-2012-5866 (Cross-site scripting (XSS) vulnerability in include.php in Achievo ...)
+CVE-2012-5866
 	NOT-FOR-US: Achievo
-CVE-2012-5865 (SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows ...)
+CVE-2012-5865
 	NOT-FOR-US: Achievo
-CVE-2012-5864 (The management web pages on the Sinapsi eSolar Light Photovoltaic ...)
+CVE-2012-5864
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5863 (ping.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka ...)
+CVE-2012-5863
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5862 (login.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka ...)
+CVE-2012-5862
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5861 (Multiple SQL injection vulnerabilities on the Sinapsi eSolar Light ...)
+CVE-2012-5861
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5860 (Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 ...)
+CVE-2012-5860
 	NOT-FOR-US: ID-One COSMO
-CVE-2012-5859 (Samsung Kies Air 2.1.207051 and 2.1.210161 allows remote attackers to ...)
+CVE-2012-5859
 	NOT-FOR-US: Samsung Kies Air
-CVE-2012-5858 (Samsung Kies Air 2.1.207051 and 2.1.210161 relies on the IP address ...)
+CVE-2012-5858
 	NOT-FOR-US: Samsung Kies Air
 CVE-2012-5857
 	RESERVED
-CVE-2012-5856 (Cross-site scripting (XSS) vulnerability in the Uk Cookie (aka ...)
+CVE-2012-5856
 	NOT-FOR-US: Wordpress plugin (uk cookie)
-CVE-2012-5855 (The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and ...)
+CVE-2012-5855
 	- vlc <not-affected> (Windows only issue)
 	NOTE: Harmless crasher without security relevance
-CVE-2012-5853 (SQL injection vulnerability in the &quot;the_search_function&quot; function in ...)
+CVE-2012-5853
 	NOT-FOR-US: "the_search_function" function in cardoza_ajax_search.php in the AJAX Post Search (cardoza-ajax-search) plugin for WordPress
 CVE-2012-5852
 	RESERVED
-CVE-2012-5851 (html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google ...)
+CVE-2012-5851
 	- chromium-browser <unfixed> (unimportant)
 	- webkit <unfixed> (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=92692
 	NOTE: Incomplete mitigation feature, not a security vulnerability per se
 CVE-2012-5850
 	RESERVED
-CVE-2012-5849 (Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 ...)
+CVE-2012-5849
 	NOT-FOR-US: ClipBucket
-CVE-2012-5854 (Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9 allows ...)
+CVE-2012-5854
 	- weechat 0.3.9.1-1 (bug #693026)
 	[wheezy] - weechat 0.3.8-1+deb7u1
 	[squeeze] - weechat <not-affected> (Vulnerable code not present)
@@ -2211,47 +2211,47 @@ CVE-2012-5845
 	REJECTED
 CVE-2012-5844
 	REJECTED
-CVE-2012-5843 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-5843
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5842 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-5842
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
-CVE-2012-5841 (Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, ...)
+CVE-2012-5841
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5840 (Use-after-free vulnerability in the nsTextEditorState::PrepareEditor ...)
+CVE-2012-5840
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5839 (Heap-based buffer overflow in the ...)
+CVE-2012-5839
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5838 (The copyTexImage2D implementation in the WebGL subsystem in Mozilla ...)
+CVE-2012-5838
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5837 (The Web Developer Toolbar in Mozilla Firefox before 17.0 executes ...)
+CVE-2012-5837
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5836 (Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey ...)
+CVE-2012-5836
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5835 (Integer overflow in the WebGL subsystem in Mozilla Firefox before ...)
+CVE-2012-5835
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -2260,7 +2260,7 @@ CVE-2012-5835 (Integer overflow in the WebGL subsystem in Mozilla Firefox before
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-5834
 	REJECTED
-CVE-2012-5833 (The texImage2D implementation in the WebGL subsystem in Mozilla ...)
+CVE-2012-5833
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -2271,131 +2271,131 @@ CVE-2012-5832
 	REJECTED
 CVE-2012-5831
 	REJECTED
-CVE-2012-5830 (Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ...)
+CVE-2012-5830
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5829 (Heap-based buffer overflow in the nsWindow::OnExposeEvent function in ...)
+CVE-2012-5829
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 CVE-2012-5828
 	RESERVED
-CVE-2012-5827 (Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote ...)
+CVE-2012-5827
 	NOT-FOR-US: Joomla!
 CVE-2012-5826
 	RESERVED
-CVE-2012-5825 (Tweepy does not verify that the server hostname matches a domain name ...)
+CVE-2012-5825
 	- tweepy 3.1.0-2 (low; bug #692444)
 	[jessie] - tweepy <no-dsa> (Minor issue)
 	[wheezy] - tweepy <no-dsa> (Minor issue)
-CVE-2012-5824 (Trillian 5.1.0.19 does not verify that the server hostname matches a ...)
+CVE-2012-5824
 	NOT-FOR-US: Trillian
-CVE-2012-5823 (Open Source Classifieds does not verify that the server hostname ...)
+CVE-2012-5823
 	NOT-FOR-US: Open Source Classifieds
-CVE-2012-5822 (The contribution feature in Zamboni does not verify that the server ...)
+CVE-2012-5822
 	NOT-FOR-US: Zamboni
-CVE-2012-5821 (Lynx does not verify that the server's certificate is signed by a ...)
+CVE-2012-5821
 	- lynx-cur 2.8.8dev.15-1 (low; bug #692443)
 	[squeeze] - lynx-cur <no-dsa> (Minor issue)
 	[wheezy] - lynx-cur <no-dsa> (Minor issue)
-CVE-2012-5820 (The developer-account sample code in Google AdMob does not verify that ...)
+CVE-2012-5820
 	NOT-FOR-US: Google AdMob
-CVE-2012-5819 (FilesAnywhere does not verify that the server hostname matches a ...)
+CVE-2012-5819
 	NOT-FOR-US: FilesAnywhere
-CVE-2012-5818 (ElephantDrive does not verify that the server hostname matches a ...)
+CVE-2012-5818
 	NOT-FOR-US: ElephantDrive
-CVE-2012-5817 (Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools ...)
+CVE-2012-5817
 	NOT-FOR-US: Codehaus XFire
-CVE-2012-5816 (AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the server ...)
+CVE-2012-5816
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2012-5815 (The Rackspace app 2.1.5 for iOS does not verify that the server ...)
+CVE-2012-5815
 	NOT-FOR-US: Rackspace app for iOS
-CVE-2012-5814 (Weberknecht, as used in GitHub Gaug.es and other products, does not ...)
+CVE-2012-5814
 	NOT-FOR-US: Weberknecht
-CVE-2012-5813 (The Android_Pusher library for Android does not verify that the server ...)
+CVE-2012-5813
 	NOT-FOR-US: Android app/lib
-CVE-2012-5812 (The ACRA library for Android does not verify that the server hostname ...)
+CVE-2012-5812
 	NOT-FOR-US: Android app/lib
-CVE-2012-5811 (The Breezy application for Android does not verify that the server ...)
+CVE-2012-5811
 	NOT-FOR-US: Android app/lib
-CVE-2012-5810 (The Chase mobile banking application for Android does not verify that ...)
+CVE-2012-5810
 	NOT-FOR-US: Android app/lib
-CVE-2012-5809 (The Groupon Redemptions application for Android does not verify that ...)
+CVE-2012-5809
 	NOT-FOR-US: Android app/lib
-CVE-2012-5808 (The LinkPoint module in Zen Cart does not verify that the server ...)
+CVE-2012-5808
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5807 (The Authorize.Net eCheck module in Zen Cart does not verify that the ...)
+CVE-2012-5807
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5806 (The PayPal Payments Pro module in Zen Cart does not verify that the ...)
+CVE-2012-5806
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5805 (The PayPal IPN functionality in Zen Cart does not verify that the ...)
+CVE-2012-5805
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5804 (The CyberSource module in Ubercart does not verify that the server ...)
+CVE-2012-5804
 	NOT-FOR-US: Ubercart module
-CVE-2012-5803 (The Authorize.Net module in Ubercart does not verify that the server ...)
+CVE-2012-5803
 	NOT-FOR-US: Ubercart module
-CVE-2012-5802 (The PayPal module in Ubercart does not verify that the server hostname ...)
+CVE-2012-5802
 	NOT-FOR-US: Ubercart module
-CVE-2012-5801 (The PayPal module in PrestaShop does not verify that the server ...)
+CVE-2012-5801
 	NOT-FOR-US: PrestaShop module
-CVE-2012-5800 (The eBay module in PrestaShop does not verify that the server hostname ...)
+CVE-2012-5800
 	NOT-FOR-US: PrestaShop module
-CVE-2012-5799 (The Canada Post (aka CanadaPost) module in PrestaShop does not verify ...)
+CVE-2012-5799
 	NOT-FOR-US: PrestaShop module
-CVE-2012-5798 (The PayPal Pro PayFlow EC module in osCommerce does not verify that ...)
+CVE-2012-5798
 	NOT-FOR-US: osCommerce module
-CVE-2012-5797 (The PayPal Pro PayFlow module in osCommerce does not verify that the ...)
+CVE-2012-5797
 	NOT-FOR-US: osCommerce module
-CVE-2012-5796 (The PayPal Pro module in osCommerce does not verify that the server ...)
+CVE-2012-5796
 	NOT-FOR-US: osCommerce module
-CVE-2012-5795 (The PayPal Express module in osCommerce does not verify that the ...)
+CVE-2012-5795
 	NOT-FOR-US: osCommerce module
-CVE-2012-5794 (The MoneyBookers module in osCommerce does not verify that the server ...)
+CVE-2012-5794
 	NOT-FOR-US: osCommerce module
-CVE-2012-5793 (The Authorize.Net module in osCommerce does not verify that the server ...)
+CVE-2012-5793
 	NOT-FOR-US: osCommerce module
-CVE-2012-5792 (The Sage Pay Direct module in osCommerce does not verify that the ...)
+CVE-2012-5792
 	NOT-FOR-US: osCommerce module
-CVE-2012-5791 (PayPal Invoicing does not verify that the server hostname matches a ...)
+CVE-2012-5791
 	NOT-FOR-US: PayPal Invoicing
-CVE-2012-5790 (PayPal Payments Standard PHP Library 20120427 does not verify that the ...)
+CVE-2012-5790
 	NOT-FOR-US: PayPal Payments Standard PHP Library
-CVE-2012-5789 (PayPal Payments Standard PHP Library before 20120427 does not verify ...)
+CVE-2012-5789
 	NOT-FOR-US: PayPal Payments Standard PHP Library
-CVE-2012-5788 (The PayPal IPN utility does not verify that the server hostname ...)
+CVE-2012-5788
 	NOT-FOR-US: The PayPal IPN utility
-CVE-2012-5787 (The PayPal merchant SDK does not verify that the server hostname ...)
+CVE-2012-5787
 	NOT-FOR-US: The PayPal merchant SDK
-CVE-2012-5786 (The wsdl_first_https sample code in ...)
+CVE-2012-5786
 	NOT-FOR-US: Apache CXF
-CVE-2012-5785 (Apache Axis2/Java 1.6.2 and earlier does not verify that the server ...)
+CVE-2012-5785
 	NOT-FOR-US: Axis2/Java
 	NOTE: Axis2/C is packaged as axis2c, but this is a different software.
-CVE-2012-5784 (Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal ...)
+CVE-2012-5784
 	{DLA-169-1}
 	- axis 1.4-16.1 (low; bug #692650)
 	[squeeze] - axis <no-dsa> (Minor issue)
-CVE-2012-5783 (Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments ...)
+CVE-2012-5783
 	{DLA-222-1}
 	- commons-httpclient 3.1-10.1 (bug #692442)
 	[wheezy] - commons-httpclient <no-dsa> (Minor issue)
 	[squeeze] - commons-httpclient <no-dsa> (Minor issue)
-CVE-2012-5782 (Amazon Flexible Payments Service (FPS) PHP Library does not verify ...)
+CVE-2012-5782
 	NOT-FOR-US: Amazon Flexible Payments Service
-CVE-2012-5781 (Amazon Elastic Load Balancing API Tools does not verify that the ...)
+CVE-2012-5781
 	NOT-FOR-US: Amazon Elastic Load Balancing API Tools
-CVE-2012-5780 (The Amazon merchant SDK does not verify that the server hostname ...)
+CVE-2012-5780
 	NOT-FOR-US: The Amazon merchant SDK
 CVE-2012-5779
 	RESERVED
 CVE-2012-5778
 	RESERVED
-CVE-2012-5777 (Eval injection vulnerability in the ReplaceListVars function in the ...)
+CVE-2012-5777
 	NOT-FOR-US: EmpireCMS
 CVE-2012-5776
 	RESERVED
@@ -2409,35 +2409,35 @@ CVE-2012-5772
 	REJECTED
 CVE-2012-5771
 	REJECTED
-CVE-2012-5770 (The SSL configuration in IBM Tivoli Application Dependency Discovery ...)
+CVE-2012-5770
 	NOT-FOR-US: IBM
-CVE-2012-5769 (IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 ...)
+CVE-2012-5769
 	NOT-FOR-US: IBM SPSS Modeler
 CVE-2012-5768
 	RESERVED
-CVE-2012-5767 (Unspecified vulnerability in the web interface on the IBM TS3500 Tape ...)
+CVE-2012-5767
 	NOT-FOR-US: IBM TS3500 Tape Library
-CVE-2012-5766 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator ...)
+CVE-2012-5766
 	NOT-FOR-US: IBM
-CVE-2012-5765 (The Web Client (aka CQ Web) in IBM Rational ClearQuest 7.1.2.x before ...)
+CVE-2012-5765
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2012-5764
 	RESERVED
-CVE-2012-5763 (Cross-site request forgery (CSRF) vulnerability in the WebAdmin ...)
+CVE-2012-5763
 	NOT-FOR-US: IBM
-CVE-2012-5762 (Cross-site scripting (XSS) vulnerability in the WebAdmin application ...)
+CVE-2012-5762
 	NOT-FOR-US: IBM
-CVE-2012-5761 (Cross-site scripting (XSS) vulnerability in the WebAdmin application ...)
+CVE-2012-5761
 	NOT-FOR-US: IBM
-CVE-2012-5760 (SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, ...)
+CVE-2012-5760
 	NOT-FOR-US: IBM
-CVE-2012-5759 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
+CVE-2012-5759
 	NOT-FOR-US: Websphere
-CVE-2012-5758 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
+CVE-2012-5758
 	NOT-FOR-US: Websphere
-CVE-2012-5757 (Cross-site scripting (XSS) vulnerability in the Web Client in IBM ...)
+CVE-2012-5757
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-5756 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
+CVE-2012-5756
 	NOT-FOR-US: Websphere
 CVE-2012-5755
 	RESERVED
@@ -2461,7 +2461,7 @@ CVE-2012-5746
 	RESERVED
 CVE-2012-5745
 	RESERVED
-CVE-2012-5744 (Multiple cross-site scripting (XSS) vulnerabilities in the guest ...)
+CVE-2012-5744
 	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2012-5743
 	RESERVED
@@ -2503,7 +2503,7 @@ CVE-2012-5725
 	RESERVED
 CVE-2012-5724
 	RESERVED
-CVE-2012-5723 (Cisco ASR 1000 devices with software before 3.8S, when BDI routing is ...)
+CVE-2012-5723
 	NOT-FOR-US: Cisco devices
 CVE-2012-5722
 	RESERVED
@@ -2515,7 +2515,7 @@ CVE-2012-5719
 	RESERVED
 CVE-2012-5718
 	RESERVED
-CVE-2012-5717 (Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x ...)
+CVE-2012-5717
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-5716
 	RESERVED
@@ -2539,17 +2539,17 @@ CVE-2012-5707
 	RESERVED
 CVE-2012-5706
 	RESERVED
-CVE-2012-5705 (Cross-site scripting (XSS) vulnerability in the settings page ...)
+CVE-2012-5705
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-5704 (The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote ...)
+CVE-2012-5704
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-5703 (The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers ...)
+CVE-2012-5703
 	NOT-FOR-US: VMware ESXi
-CVE-2012-5702 (Multiple cross-site scripting (XSS) vulnerabilities in dotProject ...)
+CVE-2012-5702
 	NOT-FOR-US: dotProject
-CVE-2012-5701 (Multiple SQL injection vulnerabilities in dotProject before 2.1.7 ...)
+CVE-2012-5701
 	NOT-FOR-US: dotProject
-CVE-2012-5700 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko ...)
+CVE-2012-5700
 	NOT-FOR-US: Baby Gekko
 CVE-2012-5699
 	RESERVED
@@ -2557,88 +2557,88 @@ CVE-2012-5698
 	RESERVED
 CVE-2012-5979
 	REJECTED
-CVE-2012-5697 (The btinstall installation script in Bulb Security Smartphone Pentest ...)
+CVE-2012-5697
 	NOT-FOR-US: Smartphone Pentest Framework
-CVE-2012-5696 (Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not ...)
+CVE-2012-5696
 	NOT-FOR-US: Smartphone Pentest Framework
-CVE-2012-5695 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb ...)
+CVE-2012-5695
 	NOT-FOR-US: Smartphone Pentest Framework
-CVE-2012-5694 (Multiple SQL injection vulnerabilities in Bulb Security Smartphone ...)
+CVE-2012-5694
 	NOT-FOR-US: Smartphone Pentest Framework
 CVE-2012-5693
 	RESERVED
-CVE-2012-5692 (Unspecified vulnerability in admin/sources/base/core.php in Invision ...)
+CVE-2012-5692
 	NOT-FOR-US: Invision Power Board
-CVE-2012-5691 (Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and ...)
+CVE-2012-5691
 	NOT-FOR-US: RealPlayer
-CVE-2012-5690 (RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 ...)
+CVE-2012-5690
 	NOT-FOR-US: RealPlayer
-CVE-2012-5689 (ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain ...)
+CVE-2012-5689
 	- bind9 1:9.8.4.dfsg.P1-6+nmu1 (bug #699145)
 	[squeeze] - bind9 <not-affected> (Only affects Bind 9.8 and 9.9)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
-CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 ...)
+CVE-2012-5688
 	- bind9 1:9.8.4.dfsg.P1-1 (bug #695192)
 	[squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
-CVE-2012-5687 (Directory traversal vulnerability in the web-based management feature ...)
+CVE-2012-5687
 	NOT-FOR-US: TP-LINK TL-WR841N router
 CVE-2012-5686
 	RESERVED
-CVE-2012-5685 (SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote ...)
+CVE-2012-5685
 	NOT-FOR-US: ZPanel
-CVE-2012-5684 (Cross-site scripting (XSS) vulnerability in ZPanel 10.0.1 and earlier ...)
+CVE-2012-5684
 	NOT-FOR-US: ZPanel
-CVE-2012-5683 (Multiple cross-site request forgery (CSRF) vulnerabilities in ZPanel ...)
+CVE-2012-5683
 	NOT-FOR-US: ZPanel
 CVE-2012-5682
 	REJECTED
 CVE-2012-5681
 	REJECTED
-CVE-2012-5680 (Buffer overflow in Adobe Photoshop Camera Raw before 7.3 allows ...)
+CVE-2012-5680
 	NOT-FOR-US: Adobe Photoshop Camera Raw
-CVE-2012-5679 (Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows ...)
+CVE-2012-5679
 	NOT-FOR-US: Adobe Photoshop Camera Raw
-CVE-2012-5678 (Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on ...)
+CVE-2012-5678
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5677 (Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x ...)
+CVE-2012-5677
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5676 (Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x ...)
+CVE-2012-5676
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5675 (Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to ...)
+CVE-2012-5675
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-5674 (Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when ...)
+CVE-2012-5674
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-5673 (Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and ...)
+CVE-2012-5673
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5672 (Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office ...)
+CVE-2012-5672
 	NOT-FOR-US: Microsoft Office
-CVE-2012-5671 (Heap-based buffer overflow in the dkim_exim_query_dns_txt function in ...)
+CVE-2012-5671
 	{DSA-2566-1}
 	- exim4 4.80-5.1 (medium)
-CVE-2012-5670 (The _bdf_parse_glyphs function in FreeType before 2.4.11 allows ...)
+CVE-2012-5670
 	- freetype 2.4.9-1.1 (bug #696691)
 	[squeeze] - freetype <not-affected> (Version in Squeeze doesn't parse alternative encoding format yet)
 	NOTE: https://savannah.nongnu.org/bugs/?37907
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8
-CVE-2012-5669 (The _bdf_parse_glyphs function in FreeType before 2.4.11 allows ...)
+CVE-2012-5669
 	- freetype 2.4.9-1.1 (unimportant; bug #696691)
 	NOTE: https://savannah.nongnu.org/bugs/?37906
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d
-CVE-2012-5668 (FreeType before 2.4.11 allows context-dependent attackers to cause a ...)
+CVE-2012-5668
 	- freetype 2.4.9-1.1 (unimportant; bug #696691)
 	NOTE: https://savannah.nongnu.org/bugs/?37905
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a
-CVE-2012-5667 (Multiple integer overflows in GNU Grep before 2.11 might allow ...)
+CVE-2012-5667
 	- grep 2.11-1 (low; bug #701897)
 	[squeeze] - grep 2.6.3-3+squeeze1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473
 	NOTE: patch http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/22/1
-CVE-2012-5666 (Cross-site scripting (XSS) vulnerability in bookmarks/js/bookmarks.js ...)
+CVE-2012-5666
 	- owncloud 4.0.8debian-1.3 (bug #696574)
 	[wheezy] - owncloud 4.0.4debian2-3.2
-CVE-2012-5665 (ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly ...)
+CVE-2012-5665
 	- owncloud 4.0.8debian-1.3 (bug #696574)
 	[wheezy] - owncloud 4.0.4debian2-3.2
 CVE-2012-5664
@@ -2647,57 +2647,57 @@ CVE-2012-5663
 	RESERVED
 	NOT-FOR-US: Isearch
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/21/1
-CVE-2012-5662 (x3270 before 3.3.12ga12 does not verify that the server hostname ...)
+CVE-2012-5662
 	- ibm-3270 3.3.14ga11-1 (bug #706547)
 	[wheezy] - ibm-3270 <no-dsa> (Non-free not supported)
 	[squeeze] - ibm-3270 <no-dsa> (Non-free not supported)
 CVE-2012-5661
 	REJECTED
-CVE-2012-5660 (abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) ...)
+CVE-2012-5660
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2012-5659 (Untrusted search path vulnerability in ...)
+CVE-2012-5659
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2012-5658 (rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug ...)
+CVE-2012-5658
 	NOT-FOR-US: OpenShift
-CVE-2012-5657 (The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in ...)
+CVE-2012-5657
 	{DSA-2602-1}
 	- zendframework 1.11.13-1.1 (bug #696483)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/20/2
 	NOTE: http://framework.zend.com/security/advisory/ZF2012-05
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=889037
 	NOTE: http://secunia.com/advisories/51583
-CVE-2012-5656 (The rasterization process in Inkscape before 0.48.4 allows local users ...)
+CVE-2012-5656
 	- inkscape 0.48.3.1-1.2 (bug #696485)
 	[squeeze] - inkscape <no-dsa> (Minor issue)
-CVE-2012-5655 (The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before ...)
+CVE-2012-5655
 	NOT-FOR-US: Context module for Drupal
-CVE-2012-5654 (The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when ...)
+CVE-2012-5654
 	NOT-FOR-US: Nodewords: D6 Meta Tags module for Drupal
-CVE-2012-5653 (The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 ...)
+CVE-2012-5653
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #696343)
 	- drupal7 7.14-1.2 (bug #696342)
 	NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5652 (Drupal 6.x before 6.27 allows remote attackers to obtain sensitive ...)
+CVE-2012-5652
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #696343)
 	NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5651 (Drupal 6.x before 6.27 and 7.x before 7.18 displays information for ...)
+CVE-2012-5651
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #696343)
 	- drupal7 7.14-1.2 (bug #696342)
 	NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5650 (Cross-site scripting (XSS) vulnerability in the Futon UI in Apache ...)
+CVE-2012-5650
 	- couchdb 1.2.0-5 (bug #698439)
 	[squeeze] - couchdb <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-5649 (Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before ...)
+CVE-2012-5649
 	- couchdb 1.2.0-5 (bug #698439)
 	[squeeze] - couchdb <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-5648 (Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow ...)
+CVE-2012-5648
 	- foreman <itp> (bug #663101)
-CVE-2012-5647 (Open redirect vulnerability in node-util/www/html/restorer.php in Red ...)
+CVE-2012-5647
 	NOT-FOR-US: OpenShift
-CVE-2012-5646 (node-util/www/html/restorer.php in the Red Hat OpenShift Origin before ...)
+CVE-2012-5646
 	NOT-FOR-US: OpenShift
 CVE-2012-5645
 	RESERVED
@@ -2710,16 +2710,16 @@ CVE-2012-5644 [(Complete) Information disclosure when moving user's home directo
 	[wheezy] - libuser <no-dsa> (Minor issue)
 	[squeeze] - libuser <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=885724#c7
-CVE-2012-5643 (Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid ...)
+CVE-2012-5643
 	{DSA-2631-1}
 	- squid 2.7.STABLE9-2
 	NOTE: squid-cgi was removed in 2.7.STABLE9-2
 	- squid3 3.1.20-2.1 (bug #696187)
 	NOTE: possible regression, see #701123
-CVE-2012-5642 (server/action.py in Fail2ban before 0.8.8 does not properly handle the ...)
+CVE-2012-5642
 	- fail2ban 0.8.6-3wheezy1 (low; bug #696184)
 	[squeeze] - fail2ban <not-affected> (Introduced in 0.8.6, see #696187)
-CVE-2012-5641 (Directory traversal vulnerability in the partition2 function in ...)
+CVE-2012-5641
 	- couchdb <not-affected> (Only affects CouchDB on Windows)
 CVE-2012-5640 [thttpd: Local DoS vulnerability]
 	RESERVED
@@ -2734,21 +2734,21 @@ CVE-2012-5639
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=58295
 	NOTE: Additional hardening/UI improvement, not a direct vulnerability
 	NOTE: For 4.2: http://whatofhow.wordpress.com/2013/12/02/stealth-mode/
-CVE-2012-5638 (The setup_logging function in log.h in SANLock uses world-writable ...)
+CVE-2012-5638
 	- sanlock 2.2-2 (bug #696424)
 CVE-2012-5637
 	REJECTED
-CVE-2012-5636 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
+CVE-2012-5636
 	NOT-FOR-US: Apache Wicket
-CVE-2012-5635 (The GlusterFS functionality in Red Hat Storage Management Console 2.0, ...)
+CVE-2012-5635
 	- glusterfs 3.5.0-1 (unimportant; bug #704944)
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=b8d5fd2b88db7e18a10e57a0edf1a41eda4f5314 (v3.4.0qa8)
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=11bb1fc5849a557d1a26e59bd651fbd0d07a1b8d (v3.5.0qa1)
 	NOTE: Neutralised by kernel hardening
-CVE-2012-5634 (Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, ...)
+CVE-2012-5634
 	{DSA-2636-1}
 	- xen 4.1.3-8 (low)
-CVE-2012-5633 (The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before ...)
+CVE-2012-5633
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2012-5632
 	RESERVED
@@ -2761,11 +2761,11 @@ CVE-2012-5630 [TOCTOU race conditions by copying and removing directory trees]
 	[wheezy] - libuser <no-dsa> (Minor issue)
 	[squeeze] - libuser <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=884685#c31
-CVE-2012-5629 (The default configuration of the (1) LdapLoginModule and (2) ...)
+CVE-2012-5629
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-5628 (gofer before 0.68 uses world-writable permissions for ...)
+CVE-2012-5628
 	NOT-FOR-US: gofer component of PULP project
-CVE-2012-5627 (Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and ...)
+CVE-2012-5627
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mysql-5.1 <unfixed> (unimportant)
 	- mysql-5.5 <removed> (unimportant)
@@ -2774,24 +2774,24 @@ CVE-2012-5627 (Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12
 CVE-2012-5626
 	RESERVED
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-5625 (OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when ...)
+CVE-2012-5625
 	- nova <not-affected> (Only affects OpenStack Folsom, bug #695830)
-CVE-2012-5624 (The XMLHttpRequest object in Qt before 4.8.4 enables http redirection ...)
+CVE-2012-5624
 	- qt4-x11 4:4.8.2+dfsg-7 (bug #695156)
 	[squeeze] - qt4-x11 <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.qt-project.org/pipermail/announce/2012-November/000014.html
 CVE-2012-5623
 	RESERVED
 	NOT-FOR-US: change_passwd plugin for Squirrelmail
-CVE-2012-5622 (Cross-site request forgery (CSRF) vulnerability in the management ...)
+CVE-2012-5622
 	NOT-FOR-US: OpenShift
-CVE-2012-5621 (lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows ...)
+CVE-2012-5621
 	- ekiga 3.2.7-6 (bug #702282; low)
 	[squeeze] - ekiga <no-dsa> (Minor issue)
 CVE-2012-5620
 	RESERVED
 	NOT-FOR-US: Docecot non-issue, see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695138#15
-CVE-2012-5619 (The Sleuth Kit (TSK) 4.0.1 does not properly handle &quot;.&quot; (dotfile) file ...)
+CVE-2012-5619
 	- sleuthkit 4.1.2-1 (unimportant; bug #695097)
 CVE-2012-5618
 	RESERVED
@@ -2801,9 +2801,9 @@ CVE-2012-5617 [privilege escalation due to improper authentication settings in p
 	- gksu-polkit <removed> (bug #695807)
 	[squeeze] - gksu-polkit <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/12/8
-CVE-2012-5616 (Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly ...)
+CVE-2012-5616
 	NOT-FOR-US: CloudStack
-CVE-2012-5615 (Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB ...)
+CVE-2012-5615
 	{DSA-3054-1}
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mysql-5.1 <removed> (low; bug #695001)
@@ -2812,7 +2812,7 @@ CVE-2012-5615 (Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB
 	NOTE: http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4676
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-3909
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/9
-CVE-2012-5614 (Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB ...)
+CVE-2012-5614
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mysql-5.5 <not-affected> (The affected versions were only in experimental)
 	- mysql-5.1 <removed> (low)
@@ -2820,45 +2820,45 @@ CVE-2012-5614 (Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and Maria
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-3910
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/7
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/28/10
-CVE-2012-5613 (** DISPUTED ** ...)
+CVE-2012-5613
 	- mysql-5.1 <unfixed> (unimportant; bug #695001)
 	- mysql-5.5 <removed> (unimportant; bug #695001)
 	NOTE: Disputed as incorrect configuration
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/6
-CVE-2012-5612 (Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions ...)
+CVE-2012-5612
 	- mysql-5.1 <not-affected> (MDL was introduced in 5.5)
 	- mysql-5.5 5.5.29+dfsg-1 (bug #695001)
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-3908
-CVE-2012-5611 (Stack-based buffer overflow in the acl_get function in Oracle MySQL ...)
+CVE-2012-5611
 	{DSA-2581-1}
 	- mysql-5.1 <unfixed> (bug #695001)
 	- mysql-5.5 5.5.29+dfsg-1 (bug #695001)
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/4
-CVE-2012-5610 (Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud ...)
+CVE-2012-5610
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5609 (Incomplete blacklist vulnerability in lib/migrate.php in ownCloud ...)
+CVE-2012-5609
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5608 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-5608
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5607 (The &quot;Lost Password&quot; reset functionality in ownCloud before 4.0.9 and ...)
+CVE-2012-5607
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5606 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2012-5606
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5605 (Grinder in Red Hat CloudForms before 1.1 uses world-writable ...)
+CVE-2012-5605
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-5604 (The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when ...)
+CVE-2012-5604
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-5603 (proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does ...)
+CVE-2012-5603
 	NOT-FOR-US: Red Hat CloudForms
 CVE-2012-5602
 	REJECTED
@@ -2882,23 +2882,23 @@ CVE-2012-5593
 	REJECTED
 CVE-2012-5592
 	REJECTED
-CVE-2012-5591 (Cross-site scripting (XSS) vulnerability in the Zero Point module ...)
+CVE-2012-5591
 	NOT-FOR-US: Drupal Zero Point module
-CVE-2012-5590 (SQL injection vulnerability in the Webmail Plus module for Drupal ...)
+CVE-2012-5590
 	NOT-FOR-US: Drupal Webmail Plus module
-CVE-2012-5589 (The MultiLink module 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7 ...)
+CVE-2012-5589
 	NOT-FOR-US: Drupal MultiLink module
-CVE-2012-5588 (The Email Field module 6.x-1.x before 6.x-1.3 for Drupal, when using a ...)
+CVE-2012-5588
 	NOT-FOR-US: Drupal Email Field module
-CVE-2012-5587 (Cross-site scripting (XSS) vulnerability in the Email Field module ...)
+CVE-2012-5587
 	NOT-FOR-US: Drupal Email Field module
-CVE-2012-5586 (The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 ...)
+CVE-2012-5586
 	NOT-FOR-US: Drupal Services module
-CVE-2012-5585 (Cross-site scripting (XSS) vulnerability in the Mixpanel module ...)
+CVE-2012-5585
 	NOT-FOR-US: Drupal Mixpanel module
-CVE-2012-5584 (The Table of Contents module 6.x-3.x before 6.x-3.8 for Drupal does ...)
+CVE-2012-5584
 	NOT-FOR-US: Drupal Table of Contents module
-CVE-2012-5583 (phpCAS before 1.3.2 does not verify that the server hostname matches a ...)
+CVE-2012-5583
 	- php-cas 1.3.1-2
 	- moodle 2.2.7.dfsg-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
@@ -2908,13 +2908,13 @@ CVE-2012-5582 [opendnssec curl usage]
 	RESERVED
 	- opendnssec <not-affected> (eppclient not built in Debian package)
 	NOTE: http://lists.opendnssec.org/pipermail/opendnssec-user/2012-November/002296.html
-CVE-2012-5581 (Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 ...)
+CVE-2012-5581
 	{DSA-2589-1}
 	- tiff 4.0.2-1 (bug #694693)
 	- tiff3 3.9.6-10
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/28/1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=867235
-CVE-2012-5580 (Format string vulnerability in the print_proxies function in ...)
+CVE-2012-5580
 	- libproxy 0.3.1-4 (low)
 	[squeeze] - libproxy <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=791086
@@ -2931,127 +2931,127 @@ CVE-2012-5577 [Python keyring insecure permissions on migrated files]
 	- python-keyring 0.9.2-1.1 (bug #696736)
 	[wheezy] - python-keyring 0.7.1-1+deb7u1
 	[squeeze] - python-keyring <no-dsa> (Minor issue)
-CVE-2012-5576 (Multiple stack-based buffer overflows in file-xwd.c in the X Window ...)
+CVE-2012-5576
 	- gimp 2.8.2-2 (bug #693977)
 	[squeeze] - gimp 2.6.10-1+squeeze4
 	NOTE: Upstream fix http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=687392
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/21/2
-CVE-2012-5575 (Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x ...)
+CVE-2012-5575
 	NOT-FOR-US: Apache CXF
-CVE-2012-5574 (lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote ...)
+CVE-2012-5574
 	NOT-FOR-US: Symfony
-CVE-2012-5573 (The connection_edge_process_relay_cell function in or/relay.c in Tor ...)
+CVE-2012-5573
 	{DLA-17-1}
 	- tor 0.2.3.25-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2012-5572 (CRLF injection vulnerability in the cookie method ...)
+CVE-2012-5572
 	- libdancer-perl 1.3114+dfsg-1 (low; bug #694279)
 	[wheezy] - libdancer-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/PerlDancer/Dancer/issues/859
-CVE-2012-5571 (OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not ...)
+CVE-2012-5571
 	- keystone 2012.1.1-11 (bug #694433)
 CVE-2012-5570
 	RESERVED
-CVE-2012-5569 (Multiple cross-site scripting (XSS) vulnerabilities in the Basic ...)
+CVE-2012-5569
 	NOT-FOR-US: Drupal Webmail module
-CVE-2012-5568 (Apache Tomcat through 7.0.x allows remote attackers to cause a denial ...)
+CVE-2012-5568
 	- tomcat6 6.0.41-3 (unimportant)
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	- tomcat7 <unfixed> (unimportant)
 	NOTE: No fix planned, can be mitigated by config changes:
 	NOTE: http://mail-archives.apache.org/mod_mbox/tomcat-users/200906.mbox/%3C4A3D0884.5080309@apache.org%3E
-CVE-2012-5567 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
+CVE-2012-5567
 	- kronolith2 <not-affected> (Vulnerable code not present in 2.x codebase and later versions not yet packaged in sid)
-CVE-2012-5566 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
+CVE-2012-5566
 	- kronolith2 <not-affected> (Vulnerable code not present in 2.x codebase and later versions not yet packaged in sid)
-CVE-2012-5565 (Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in ...)
+CVE-2012-5565
 	- php-horde-imp <not-affected> (This doesn't seem to be packaged in sid's Horde and the imp3 and dimp1 packages from stable do not include the affected code)
-CVE-2012-5564 (android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users ...)
+CVE-2012-5564
 	- android-tools <unfixed> (unimportant; bug #688280)
 	NOTE: Since android-tools/5.1.1.r38-1 the android-tools-adb binary package
 	NOTE: is not built anymore which used to contain /usr/bin/adb.
 	NOTE: Package still affected source-wise
 	- android-platform-system-core <unfixed> (unimportant; bug #823792)
 	NOTE: Neutralised by kernel hardening
-CVE-2012-5563 (OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not ...)
+CVE-2012-5563
 	- keystone <not-affected> (Folsom branch not packaged yet)
 CVE-2012-5562
 	RESERVED
 	NOT-FOR-US: Red Hat Satellite
-CVE-2012-5561 (script/katello-generate-passphrase in Katello 1.1 uses world-readable ...)
+CVE-2012-5561
 	NOT-FOR-US: Katello
-CVE-2012-5560 (The default configuration in mate-settings-daemon 1.5.3 allows local ...)
+CVE-2012-5560
 	- mate-settings-daemon <not-affected> (Fixed before initial release)
 	NOTE: https://github.com/mate-desktop/mate-settings-daemon/commit/c7d634acd12814a1fe298118e65f1c688b3a9f74#diff-52ccb9f1be1c09e2f24b64d37b56c2f4
-CVE-2012-5559 (Cross-site scripting (XSS) vulnerability in the page manager node view ...)
+CVE-2012-5559
 	NOT-FOR-US: Drupal chaos tool addon
 CVE-2012-5558
 	RESERVED
-CVE-2012-5557 (The User Read-Only module 6.x-1.x before 6.x-1.4 and 7.x-1.x before ...)
+CVE-2012-5557
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5556 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-5556
 	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5555
 	RESERVED
-CVE-2012-5554 (The default configuration for the Webform CiviCRM Integration module ...)
+CVE-2012-5554
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5553 (Multiple cross-site scripting (XSS) vulnerabilities in the OM Maximenu ...)
+CVE-2012-5553
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5552 (The Password policy module 6.x-1.x before 6.x-1.5 and 7.x-1.x before ...)
+CVE-2012-5552
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5551 (Multiple cross-site scripting (XSS) vulnerabilities in the MailChimp ...)
+CVE-2012-5551
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5550 (SQL injection vulnerability in the Time Spent module 6.x and 7.x for ...)
+CVE-2012-5550
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5549 (Cross-site request forgery (CSRF) vulnerability in the Time Spent ...)
+CVE-2012-5549
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5548 (Cross-site scripting (XSS) vulnerability in the Time Spent module 6.x ...)
+CVE-2012-5548
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5547 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-5547
 	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5546
 	REJECTED
-CVE-2012-5545 (Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis ...)
+CVE-2012-5545
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5544 (The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote ...)
+CVE-2012-5544
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5543 (The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a ...)
+CVE-2012-5543
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5542 (Cross-site request forgery (CSRF) vulnerability in the Commerce Extra ...)
+CVE-2012-5542
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5541 (Cross-site scripting (XSS) vulnerability in the Twitter Pull module ...)
+CVE-2012-5541
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5540 (Multiple cross-site scripting (XSS) vulnerabilities in the Hostip ...)
+CVE-2012-5540
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5539 (The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does ...)
+CVE-2012-5539
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5538 (Cross-site scripting (XSS) vulnerability in the FileField Sources ...)
+CVE-2012-5538
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5537 (The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal ...)
+CVE-2012-5537
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5536 (A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat ...)
+CVE-2012-5536
 	NOT-FOR-US: Red Hat-specific packaging flaw
 CVE-2012-5535
 	RESERVED
 	- gnome-system-log <not-affected> (Fedora-specific issue)
-CVE-2012-5534 (The hook_process function in the plugin API for WeeChat 0.3.0 through ...)
+CVE-2012-5534
 	{DSA-2598-1}
 	- weechat 0.3.9.2-1
 	[wheezy] - weechat 0.3.8-1+deb7u1
-CVE-2012-5533 (The http_request_split_value function in request.c in lighttpd before ...)
+CVE-2012-5533
 	- lighttpd 1.4.31-2
 	[squeeze] - lighttpd <not-affected> (Introduced in 1.4.31)
-CVE-2012-5532 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as ...)
+CVE-2012-5532
 	- linux-tools <not-affected> (userspace daemon not built until later)
 	- linux-2.6 <not-affected> (userspace daemon not yet present)
-CVE-2012-5531 (Multiple cross-site scripting (XSS) vulnerabilities in the GateIn ...)
+CVE-2012-5531
 	NOT-FOR-US: GateIn Portal
-CVE-2012-5530 (The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot ...)
+CVE-2012-5530
 	- pcp 3.7.1 (bug #698735; low)
 	NOTE: first package in unstable is 3.7.1 (package has no debian revision)
 	[squeeze] - pcp 3.3.3-squeeze3
-CVE-2012-5529 (TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, ...)
+CVE-2012-5529
 	{DSA-2648-1}
 	- firebird2.5 2.5.2~svn+54698.ds4-2 (low; bug #693210)
 	- firebird2.1 <not-affected> (Only affects 2.5.x)
@@ -3061,24 +3061,24 @@ CVE-2012-5527
 	RESERVED
 	- claws-mail-extra-plugins 3.8.1-2 (unimportant; bug #693391)
 	NOTE: More of a plain bug than a security vulnerability
-CVE-2012-5526 (CGI.pm module before 3.63 for Perl does not properly escape newlines ...)
+CVE-2012-5526
 	{DSA-2587-1 DSA-2586-1}
 	- perl 5.14.2-16 (bug #693420)
 	- libcgi-pm-perl 3.61-2 (bug #693421)
 	NOTE: http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changes
 	NOTE: https://github.com/markstos/CGI.pm/pull/23
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=877015
-CVE-2012-5525 (The get_page_from_gfn hypercall function in Xen 4.2 allows local PV ...)
+CVE-2012-5525
 	- xen <not-affected> (Only affects Xen 4.2 and xen-unstable)
-CVE-2012-5524 (The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 ...)
+CVE-2012-5524
 	- gajim 0.15.4-1 (low; bug #693282)
 	[wheezy] - gajim 0.15.1-4.1
 	[squeeze] - gajim <no-dsa> (Minor issue)
-CVE-2012-5523 (core/email_api.php in MantisBT before 1.2.12 does not properly manage ...)
+CVE-2012-5523
 	- mantis 1.2.11-1.2 (bug #693283)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=14704
-CVE-2012-5522 (MantisBT before 1.2.12 does not use an expected default value during ...)
+CVE-2012-5522
 	- mantis 1.2.11-1.2 (bug #693283)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=14496
@@ -3086,116 +3086,116 @@ CVE-2012-5521
 	RESERVED
 	- quagga <unfixed> (unimportant; bug #693102)
 	NOTE: Not reproducible so far
-CVE-2012-5520 (The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x ...)
+CVE-2012-5520
 	NOT-FOR-US: OpenVAS Manager
-CVE-2012-5519 (CUPS 1.4.4, when running in certain Linux distributions such as Debian ...)
+CVE-2012-5519
 	{DSA-2600-1}
 	- cups 1.5.3-2.7 (bug #692791)
 	NOTE: http://seclists.org/oss-sec/2012/q4/253
 CVE-2012-5518
 	RESERVED
 	NOT-FOR-US: ovirt / vsdm
-CVE-2012-5517 (The online_pages function in mm/memory_hotplug.c in the Linux kernel ...)
+CVE-2012-5517
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-5516 (Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when ...)
+CVE-2012-5516
 	NOT-FOR-US: Red Hat Enterprise Virtualisation Manager
-CVE-2012-5515 (The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and ...)
+CVE-2012-5515
 	{DSA-2582-1}
 	- xen 4.1.3-5
-CVE-2012-5514 (The guest_physmap_mark_populate_on_demand function in Xen 4.2 and ...)
+CVE-2012-5514
 	{DSA-2582-1}
 	- xen 4.1.3-6
-CVE-2012-5513 (The XENMEM_exchange handler in Xen 4.2 and earlier does not properly ...)
+CVE-2012-5513
 	{DSA-2582-1}
 	- xen 4.1.3-5
-CVE-2012-5512 (Array index error in the HVMOP_set_mem_access handler in Xen 4.1 ...)
+CVE-2012-5512
 	- xen 4.1.3-5
 	[squeeze] - xen <not-affected> (Only affects Xen 4.1)
-CVE-2012-5511 (Stack-based buffer overflow in the dirty video RAM tracking ...)
+CVE-2012-5511
 	{DSA-2636-1}
 	- xen 4.1.3-5
-CVE-2012-5510 (Xen 4.x, when downgrading the grant table version, does not properly ...)
+CVE-2012-5510
 	{DSA-2582-1}
 	- xen 4.1.3-5
-CVE-2012-5509 (aeolus-configserver-setup in the Aeolas Configuration Server, as used ...)
+CVE-2012-5509
 	NOT-FOR-US: Aeolus Cloud Configuration tool (not the pipe organ simulator in Debian)
-CVE-2012-5508 (The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow ...)
+CVE-2012-5508
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/24
-CVE-2012-5507 (AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone ...)
+CVE-2012-5507
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/23
-CVE-2012-5506 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5506
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5505 (atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote ...)
+CVE-2012-5505
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/21
-CVE-2012-5504 (Cross-site scripting (XSS) vulnerability in widget_traversal.py in ...)
+CVE-2012-5504
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5503 (ftp.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote ...)
+CVE-2012-5503
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5502 (Cross-site scripting (XSS) vulnerability in safe_html.py in Plone ...)
+CVE-2012-5502
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5501 (at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5501
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5500 (The batch id change script (renameObjectsByPaths.py) in Plone before ...)
+CVE-2012-5500
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5499 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5499
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5498 (queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5498
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5497 (membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5497
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5496 (kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers ...)
+CVE-2012-5496
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5495 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5495
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5494 (Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone ...)
+CVE-2012-5494
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5493 (gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote ...)
+CVE-2012-5493
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5492 (uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5492
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5491 (z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows ...)
+CVE-2012-5491
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5490 (Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone ...)
+CVE-2012-5490
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5489 (The App.Undo.UndoSupport.get_request_var_or_attr function in Zope ...)
+CVE-2012-5489
 	- zope2.12 <unfixed> (bug #692899)
 	[wheezy] - zope2.12 <no-dsa> (Minor issue)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/05
-CVE-2012-5488 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows ...)
+CVE-2012-5488
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5487 (The sandbox whitelisting function (allowmodule.py) in Plone before ...)
+CVE-2012-5487
 	- zope2.12 <unfixed> (unimportant; bug #692899)
 	NOTE: Non-issue, see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692899#20
-CVE-2012-5486 (ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used ...)
+CVE-2012-5486
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/02
-CVE-2012-5485 (registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 ...)
+CVE-2012-5485
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/01
-CVE-2012-5484 (The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly ...)
+CVE-2012-5484
 	NOT-FOR-US: FreeIPA
-CVE-2012-5483 (tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to ...)
+CVE-2012-5483
 	- keystone <not-affected> (Debian packaging enforces correct permissions)
-CVE-2012-5482 (The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex ...)
+CVE-2012-5482
 	- glance 2012.1.1-3 (bug #692641)
-CVE-2012-5481 (Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass ...)
+CVE-2012-5481
 	- moodle <not-affected> (Doesn't affect 1.9 or 2.2)
-CVE-2012-5480 (The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x ...)
+CVE-2012-5480
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5479 (The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, ...)
+CVE-2012-5479
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5478 (The AuthorizationInterceptor in JBoss Enterprise Application Platform ...)
+CVE-2012-5478
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-5477 (The smart proxy in Foreman before 1.1 uses a umask set to 0, which ...)
+CVE-2012-5477
 	- foreman <itp> (bug #663101)
 CVE-2012-5476
 	RESERVED
@@ -3205,25 +3205,25 @@ CVE-2012-5475 [YUI 2.x security issue regarding embedded SWF files]
 CVE-2012-5474
 	RESERVED
 	- horizon 2012.1.1-7
-CVE-2012-5473 (The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x ...)
+CVE-2012-5473
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5472 (lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 ...)
+CVE-2012-5472
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5471 (The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x ...)
+CVE-2012-5471
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5470 (libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote ...)
+CVE-2012-5470
 	- vlc 2.0.4-1 (bug #692130)
 	[wheezy] - vlc 2.0.3-4
 	[squeeze] - vlc <no-dsa> (Minor issue)
-CVE-2012-5469 (The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows ...)
+CVE-2012-5469
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-5468 (Heap-based buffer overflow in iconvert.c in the bogolexer component in ...)
+CVE-2012-5468
 	{DSA-2585-1}
 	- bogofilter 1.2.2+dfsg1-2 (bug #695139)
 CVE-2012-5467
@@ -3240,27 +3240,27 @@ CVE-2012-5462
 	RESERVED
 CVE-2012-5461
 	RESERVED
-CVE-2012-5460 (Cross-site scripting (XSS) vulnerability in the help page in Juniper ...)
+CVE-2012-5460
 	NOT-FOR-US: Juniper IVE OS
-CVE-2012-5459 (Untrusted search path vulnerability in VMware Workstation 8.x before ...)
+CVE-2012-5459
 	NOT-FOR-US: VMware
-CVE-2012-5458 (VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 ...)
+CVE-2012-5458
 	NOT-FOR-US: VMware
 CVE-2012-5457
 	RESERVED
-CVE-2012-5456 (The Zoner AntiVirus Free application for Android does not verify that ...)
+CVE-2012-5456
 	NOT-FOR-US: Zoner AntiVirus Free
-CVE-2012-5455 (Cross-site scripting (XSS) vulnerability in the language search ...)
+CVE-2012-5455
 	NOT-FOR-US: Joomla! component
-CVE-2012-5454 (user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not ...)
+CVE-2012-5454
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5453 (SQL injection vulnerability in user/index_inline_editor_submit.php in ...)
+CVE-2012-5453
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5452 (Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS ...)
+CVE-2012-5452
 	NOT-FOR-US: Subrion CMS
-CVE-2012-5451 (Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi ...)
+CVE-2012-5451
 	NOT-FOR-US: TVMOBiLi
-CVE-2012-5450 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-5450
 	NOT-FOR-US: CMS Made Simple
 CVE-2012-5449
 	RESERVED
@@ -3270,9 +3270,9 @@ CVE-2012-5447
 	RESERVED
 CVE-2012-5446
 	RESERVED
-CVE-2012-5445 (The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 ...)
+CVE-2012-5445
 	NOT-FOR-US: Cisco Native Unix
-CVE-2012-5444 (Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not ...)
+CVE-2012-5444
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
 CVE-2012-5443
 	RESERVED
@@ -3302,35 +3302,35 @@ CVE-2012-5431
 	RESERVED
 CVE-2012-5430
 	RESERVED
-CVE-2012-5429 (The VPN driver in Cisco VPN Client on Windows does not properly ...)
+CVE-2012-5429
 	NOT-FOR-US: Cisco VPN Client
 CVE-2012-5428
 	RESERVED
-CVE-2012-5427 (Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T ...)
+CVE-2012-5427
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5426
 	RESERVED
 CVE-2012-5425
 	RESERVED
-CVE-2012-5424 (Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and ...)
+CVE-2012-5424
 	NOT-FOR-US: Cisco
 CVE-2012-5423
 	RESERVED
-CVE-2012-5422 (Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 ...)
+CVE-2012-5422
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5421
 	RESERVED
 CVE-2012-5420
 	RESERVED
-CVE-2012-5419 (Cisco Adaptive Security Appliance (ASA) software 8.7.1 and 8.7.1.1 for ...)
+CVE-2012-5419
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2012-5418
 	RESERVED
-CVE-2012-5417 (Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not ...)
+CVE-2012-5417
 	NOT-FOR-US: Cisco
-CVE-2012-5416 (Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before ...)
+CVE-2012-5416
 	NOT-FOR-US: Cisco
-CVE-2012-5415 (Race condition on Cisco Adaptive Security Appliances (ASA) devices ...)
+CVE-2012-5415
 	NOT-FOR-US: Cisco
 CVE-2012-5414
 	RESERVED
@@ -3342,7 +3342,7 @@ CVE-2012-5411
 	RESERVED
 CVE-2012-5410
 	RESERVED
-CVE-2012-5409 (AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and ...)
+CVE-2012-5409
 	NOT-FOR-US: Siemens SiPass
 CVE-2012-5408
 	RESERVED
@@ -3370,64 +3370,64 @@ CVE-2012-5397
 	RESERVED
 CVE-2012-5396
 	RESERVED
-CVE-2012-5395 (Session fixation vulnerability in the CentralAuth extension for ...)
+CVE-2012-5395
 	NOT-FOR-US: Mediawiki extension CentralAuth
-CVE-2012-5394 (Cross-site request forgery (CSRF) vulnerability in the CentralAuth ...)
+CVE-2012-5394
 	NOT-FOR-US: mediawiki extension CentralAuth
 CVE-2012-5393
 	RESERVED
 CVE-2012-5392
 	RESERVED
-CVE-2012-5391 (Session fixation vulnerability in Special:UserLogin in MediaWiki ...)
+CVE-2012-5391
 	- mediawiki 1:1.19.3-1 (bug #694998)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze5
-CVE-2012-5390 (The standard universe shadow (condor_shadow.std) component in Condor ...)
+CVE-2012-5390
 	- condor <not-affected> (standard universe is disabled in the Debian package, see bug #697936)
 	NOTE: http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
 CVE-2012-5389
 	RESERVED
-CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the ...)
+CVE-2012-5388
 	NOT-FOR-US: White Label CMS
-CVE-2012-5387 (Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in ...)
+CVE-2012-5387
 	NOT-FOR-US: WordPress plugin White Label CMS
-CVE-2012-5386 (Directory traversal vulnerability in index.php in phpPaleo 4.8b180 ...)
+CVE-2012-5386
 	NOT-FOR-US: phpPaleo
-CVE-2012-5385 (install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows ...)
+CVE-2012-5385
 	- webcalendar <removed>
-CVE-2012-5384 (Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen ...)
+CVE-2012-5384
 	- webcalendar <removed>
-CVE-2012-5376 (The Inter-process Communication (IPC) implementation in Google Chrome ...)
+CVE-2012-5376
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5375 (The CRC32C feature in the Btrfs implementation in the Linux kernel ...)
+CVE-2012-5375
 	- linux 3.8-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: btrfs support in Squeeze/Wheezy is not ready for production use
-CVE-2012-5374 (The CRC32C feature in the Btrfs implementation in the Linux kernel ...)
+CVE-2012-5374
 	- linux 3.8-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: btrfs support in Squeeze/Wheezy is not ready for production use
-CVE-2012-5373 (Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash ...)
+CVE-2012-5373
 	- openjdk-6 <removed> (low)
 	[wheezy] - openjdk-6 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
 	[squeeze] - openjdk-6 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
 	- openjdk-7 <removed> (low)
 	[jessie] - openjdk-7 <ignored> (Minor issue, no icedtea fix, too complex to backport)
 	[wheezy] - openjdk-7 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
-CVE-2012-5372 (Rubinius computes hash values without properly restricting the ability ...)
+CVE-2012-5372
 	- rubinius  <itp> (bug #591817)
-CVE-2012-5371 (Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes ...)
+CVE-2012-5371
 	{DLA-263-1}
 	- ruby1.8 <not-affected> (Only affects 1.9.x)
 	- ruby1.9.1 1.9.3.194-4 (bug #693024)
-CVE-2012-5370 (JRuby computes hash values without properly restricting the ability to ...)
+CVE-2012-5370
 	{DLA-209-1}
 	- jruby 1.5.6-5 (bug #694694)
 CVE-2012-5369
 	RESERVED
-CVE-2012-5368 (phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained ...)
+CVE-2012-5368
 	- phpmyadmin <not-affected> (Only affects 3.5.x, not packaged yet, see #691728)
-CVE-2012-5367 (Multiple SQL injection vulnerabilities in OrangeHRM 2.7.1 RC 1 allow ...)
+CVE-2012-5367
 	NOT-FOR-US: OrangeHRM
 CVE-2012-5366
 	RESERVED
@@ -3454,194 +3454,194 @@ CVE-2012-5363
 CVE-2012-5362
 	RESERVED
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-5361 (Libavcodec in FFmpeg before 0.11 allows remote attackers to execute ...)
+CVE-2012-5361
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
 	NOTE: upstream needs a proper sample to reproduce the issue
-CVE-2012-5360 (Libavcodec in FFmpeg before 0.11 allows remote attackers to execute ...)
+CVE-2012-5360
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
 	NOTE: upstream needs a proper sample to reproduce the issue
-CVE-2012-5359 (Libavcodec in FFmpeg before 0.11 allows remote attackers to execute ...)
+CVE-2012-5359
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
 	NOTE: upstream needs a proper sample to reproduce the issue
-CVE-2012-5358 (The XSLTCompiledTransform function in Ektron Content Management System ...)
+CVE-2012-5358
 	NOT-FOR-US: Ektron Content Management System
-CVE-2012-5357 (Ektron Content Management System (CMS) before 8.02 SP5 uses the ...)
+CVE-2012-5357
 	NOT-FOR-US: Ektron Content Management System
-CVE-2012-5356 (The apt-add-repository tool in Ubuntu Software Properties 0.75.x ...)
+CVE-2012-5356
 	NOT-FOR-US: apt-add-repository
-CVE-2012-5355 (welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to ...)
+CVE-2012-5355
 	NOT-FOR-US: xdiagnose
-CVE-2012-5354 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey ...)
+CVE-2012-5354
 	- iceape <not-affected> (Only affects 16.x release from experimental)
 	- iceweasel <not-affected> (Only affects 16.x release from experimental)
 	- icedove <not-affected> (Only affects 16.x release from experimental)
-CVE-2012-5383 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
+CVE-2012-5383
 	- mysql-5.1 <not-affected> (Windows issue only)
 	- mysql-5.5 <not-affected> (Windows issue only)
-CVE-2012-5382 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
+CVE-2012-5382
 	NOT-FOR-US: Zend Server
-CVE-2012-5381 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
+CVE-2012-5381
 	- php5 <not-affected> (Windows issue only)
-CVE-2012-5380 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
+CVE-2012-5380
 	- ruby1.8 <not-affected> (Windows issue only)
 	- ruby1.9.1 <not-affected> (Windows issue only)
-CVE-2012-5379 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
+CVE-2012-5379
 	NOT-FOR-US: ActivePython
-CVE-2012-5378 (Untrusted search path vulnerability in the installation functionality ...)
+CVE-2012-5378
 	NOT-FOR-US: ActiveTcl
-CVE-2012-5377 (Untrusted search path vulnerability in the installation functionality ...)
+CVE-2012-5377
 	NOT-FOR-US: ActivePerl
-CVE-2012-5353 (Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge ...)
+CVE-2012-5353
 	NOT-FOR-US: Eduserv
-CVE-2012-5352 (Java Open Single Sign-On Project Home (JOSSO) allows remote attackers ...)
+CVE-2012-5352
 	NOT-FOR-US: josso
-CVE-2012-5351 (Apache Axis2 allows remote attackers to forge messages and bypass ...)
+CVE-2012-5351
 	- axis2c <removed> (low; bug #690421)
 	[squeeze] - axis2c <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.apache.org/jira/browse/AXIS2C-1607
-CVE-2012-5350 (SQL injection vulnerability in the Pay With Tweet plugin before 1.2 ...)
+CVE-2012-5350
 	NOT-FOR-US: wp Pay With Tweet plugin
-CVE-2012-5349 (Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the ...)
+CVE-2012-5349
 	NOT-FOR-US: wp Pay With Tweet plugin
-CVE-2012-5348 (SQL injection vulnerability in MangosWeb Enhanced 3.0.3 allows remote ...)
+CVE-2012-5348
 	NOT-FOR-US: MangosWeb
-CVE-2012-5347 (TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code ...)
+CVE-2012-5347
 	NOT-FOR-US: TinyWebGallery
-CVE-2012-5346 (Cross-site scripting (XSS) vulnerability in wp-live.php in the WP ...)
+CVE-2012-5346
 	NOT-FOR-US: WP live plugin
-CVE-2012-5345 (Buffer overflow in the Remote command server (Rcmd.bat) in IpTools ...)
+CVE-2012-5345
 	NOT-FOR-US: batch file
-CVE-2012-5344 (Directory traversal vulnerability in the WebServer (Thttpd.bat) in ...)
+CVE-2012-5344
 	NOT-FOR-US: batch file
-CVE-2012-5343 (Cross-site scripting (XSS) vulnerability in admin/login.php in Limny ...)
+CVE-2012-5343
 	NOT-FOR-US: Limny
-CVE-2012-5342 (Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS ...)
+CVE-2012-5342
 	NOT-FOR-US: SenseSites CommonSense
-CVE-2012-5341 (Multiple cross-site scripting (XSS) vulnerabilities in statistik.php ...)
+CVE-2012-5341
 	NOT-FOR-US: Otterware StatIt
 CVE-2012-5340
 	RESERVED
-CVE-2012-5339 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2012-5339
 	- phpmyadmin <not-affected> (Only affects 3.5.x, not packaged yet, see #691728)
-CVE-2012-5338 (Open redirect vulnerability in JForum 2.1.9 allows remote attackers to ...)
+CVE-2012-5338
 	NOT-FOR-US: JForum
-CVE-2012-5337 (Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in ...)
+CVE-2012-5337
 	NOT-FOR-US: jForum
-CVE-2012-5336 (lib/base.php in ownCloud before 4.0.8 does not properly validate the ...)
+CVE-2012-5336
 	- owncloud 4.0.8debian-1
-CVE-2012-5335 (Directory traversal vulnerability in Tiny Server 1.1.5 allows remote ...)
+CVE-2012-5335
 	NOT-FOR-US: Tiny Server
-CVE-2012-5334 (SQL injection vulnerability in product_desc.php in Pre Printing Press ...)
+CVE-2012-5334
 	NOT-FOR-US: Pre Printing Press
-CVE-2012-5333 (SQL injection vulnerability in page.php in Pre Printing Press allows ...)
+CVE-2012-5333
 	NOT-FOR-US: Pre Printing Press
-CVE-2012-5332 (at32 Reverse Proxy 1.060.310 allows remote attackers to cause a denial ...)
+CVE-2012-5332
 	NOT-FOR-US: at32 Reverse Proxy
-CVE-2012-5331 (Directory traversal vulnerability in asaanCart 0.9 allows remote ...)
+CVE-2012-5331
 	NOT-FOR-US: asaanCart
-CVE-2012-5330 (Multiple cross-site scripting (XSS) vulnerabilities in asaanCart 0.9 ...)
+CVE-2012-5330
 	NOT-FOR-US: asaanCart
-CVE-2012-5329 (Buffer overflow in TYPSoft FTP Server 1.1 allows remote authenticated ...)
+CVE-2012-5329
 	NOT-FOR-US: TYPSoft FTP
-CVE-2012-5328 (Multiple SQL injection vulnerabilities in the Mingle Forum plugin ...)
+CVE-2012-5328
 	NOT-FOR-US: WP Mingle Forum
-CVE-2012-5327 (Multiple SQL injection vulnerabilities in fs-admin/fs-admin.php in the ...)
+CVE-2012-5327
 	NOT-FOR-US: WP Mingle Forum
-CVE-2012-5326 (Cross-site request forgery (CSRF) vulnerability in admin/function.php ...)
+CVE-2012-5326
 	NOT-FOR-US: IDevSpot iSupport
-CVE-2012-5325 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-5325
 	NOT-FOR-US: WP Shortcode
-CVE-2012-5324 (Multiple buffer overflows in the Pdf Printer Preferences ActiveX ...)
+CVE-2012-5324
 	NOT-FOR-US: PDF-XChange
-CVE-2012-5323 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-5323
 	NOT-FOR-US: Xavi ADSL router
-CVE-2012-5322 (Multiple cross-site scripting (XSS) vulnerabilities in Xavi X7968 ...)
+CVE-2012-5322
 	NOT-FOR-US: Xavi ADSL router
-CVE-2012-5321 (tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote ...)
+CVE-2012-5321
 	- tikiwiki <removed>
-CVE-2012-5320 (Cross-site request forgery (CSRF) vulnerability in password.cgi in ...)
+CVE-2012-5320
 	NOT-FOR-US: Sagem
-CVE-2012-5319 (Cross-site request forgery (CSRF) vulnerability in setup/security.cgi ...)
+CVE-2012-5319
 	NOT-FOR-US: D-link
-CVE-2012-5318 (Unrestricted file upload vulnerability in ...)
+CVE-2012-5318
 	NOT-FOR-US: WP Kish
-CVE-2012-5317 (SQL injection vulnerability in main_bigware_43.php in Bigware Shop ...)
+CVE-2012-5317
 	NOT-FOR-US: Bigware Shop
-CVE-2012-5316 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda Spam ...)
+CVE-2012-5316
 	NOT-FOR-US: Barracuda
-CVE-2012-5315 (Multiple cross-site scripting (XSS) vulnerabilities in php ireport 1.0 ...)
+CVE-2012-5315
 	NOT-FOR-US: iReport
-CVE-2012-5314 (Cross-site scripting (XSS) vulnerability in ViewGit 0.0.6 and earlier ...)
+CVE-2012-5314
 	NOT-FOR-US: ViewGit
-CVE-2012-5313 (SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows ...)
+CVE-2012-5313
 	NOT-FOR-US: Snitz Forums
-CVE-2012-5312 (SQL injection vulnerability in Tribiq CMS allows remote attackers to ...)
+CVE-2012-5312
 	NOT-FOR-US: Tribiq CMS
 CVE-2012-5311
 	REJECTED
-CVE-2012-5310 (SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 ...)
+CVE-2012-5310
 	NOT-FOR-US: WP e-Commerce plugin
-CVE-2012-5309 (servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim ...)
+CVE-2012-5309
 	NOT-FOR-US: Lotus Notes
-CVE-2012-5308 (Cross-site request forgery (CSRF) vulnerability in servlet/traveler in ...)
+CVE-2012-5308
 	NOT-FOR-US: Lotus Notes
-CVE-2012-5307 (Cross-site scripting (XSS) vulnerability in servlet/traveler in IBM ...)
+CVE-2012-5307
 	NOT-FOR-US: Lotus Notes
-CVE-2012-5306 (Stack-based buffer overflow in the SelectDirectory method in ...)
+CVE-2012-5306
 	NOT-FOR-US: D-Link
-CVE-2012-5305 (Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC ...)
+CVE-2012-5305
 	NOT-FOR-US: DirectAdmin
-CVE-2012-5304 (Static code injection vulnerability in administration/install.php in ...)
+CVE-2012-5304
 	NOT-FOR-US: YVS
-CVE-2012-5303 (Monkey HTTP Daemon 0.9.3 might allow local users to overwrite ...)
+CVE-2012-5303
 	- monkey <removed> (unimportant)
-CVE-2012-5302 (The server in TIBCO Formvine 3.1.x and 3.2.x before 3.2.1 does not ...)
+CVE-2012-5302
 	NOT-FOR-US: TIBCO Formvine
-CVE-2012-5301 (The default configuration of Cerberus FTP Server before 5.0.4.0 ...)
+CVE-2012-5301
 	NOT-FOR-US: Cerberus
-CVE-2012-5300 (SQL injection vulnerability in art_catalogo.php in MyStore Xpress ...)
+CVE-2012-5300
 	NOT-FOR-US: MyStore Xpress
-CVE-2012-5299 (Mavili Guestbook, as released in November 2007, allows remote attackers to ...)
+CVE-2012-5299
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5298 (Mavili Guestbook, as released in November 2007, stores guestbook.mdb under ...)
+CVE-2012-5298
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5297 (SQL injection vulnerability in edit.asp in Mavili Guestbook, as ...)
+CVE-2012-5297
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5296 (Multiple cross-site scripting (XSS) vulnerabilities in Mavili ...)
+CVE-2012-5296
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5295 (Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk ...)
+CVE-2012-5295
 	NOT-FOR-US: FuseTalk
-CVE-2012-5294 (SQL injection vulnerability in art_detalle.php in MyStore Xpress ...)
+CVE-2012-5294
 	NOT-FOR-US: MyStore Xpress
-CVE-2012-5293 (Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 ...)
+CVE-2012-5293
 	NOT-FOR-US: SAPID CMS
-CVE-2012-5292 (Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow ...)
+CVE-2012-5292
 	NOT-FOR-US: Atar2b
-CVE-2012-5291 (SQL injection vulnerability in team.php in Posse Softball Director CMS ...)
+CVE-2012-5291
 	NOT-FOR-US: Posse Softball Director
-CVE-2012-5290 (Multiple SQL injection vulnerabilities in EasyWebRealEstate allow ...)
+CVE-2012-5290
 	NOT-FOR-US: EasyWebRealEstate
-CVE-2012-5289 (Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote ...)
+CVE-2012-5289
 	NOT-FOR-US: Plogger
-CVE-2012-5288 (SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows ...)
+CVE-2012-5288
 	NOT-FOR-US: phpMyDirectory
 CVE-2012-XXXX [gunicorn fails to drop supplemental groups]
 	- gunicorn 0.14.5-3 (low)
 	[squeeze] - gunicorn <no-dsa> (Minor issue)
-CVE-2012-5287 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5287
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5286 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5286
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5285 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5285
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-5284
 	REJECTED
@@ -3651,71 +3651,71 @@ CVE-2012-5282
 	REJECTED
 CVE-2012-5281
 	REJECTED
-CVE-2012-5280 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x ...)
+CVE-2012-5280
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5279 (Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on ...)
+CVE-2012-5279
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5278 (Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on ...)
+CVE-2012-5278
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5277 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x ...)
+CVE-2012-5277
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5276 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x ...)
+CVE-2012-5276
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5275 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x ...)
+CVE-2012-5275
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5274 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x ...)
+CVE-2012-5274
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5273 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows ...)
+CVE-2012-5273
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-5272 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5272
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5271 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5271
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5270 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5270
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5269 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5269
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5268 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5268
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5267 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5267
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5266 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5266
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5265 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5265
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5264 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5264
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5263 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5263
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5262 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5262
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5261 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5261
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5260 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5260
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5259 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5259
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5258 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5258
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5257 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5257
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5256 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5256
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5255 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5255
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5254 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5254
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5253 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5253
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5252 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on ...)
+CVE-2012-5252
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5251 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5251
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5250 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5250
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5249 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5249
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5248 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x ...)
+CVE-2012-5248
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-5247
 	RESERVED
@@ -3723,24 +3723,24 @@ CVE-2012-5246
 	RESERVED
 CVE-2012-5245
 	RESERVED
-CVE-2012-5244 (Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and ...)
+CVE-2012-5244
 	NOT-FOR-US: Banana Dance
-CVE-2012-5243 (functions/suggest.php in Banana Dance B.2.6 and earlier allows remote ...)
+CVE-2012-5243
 	NOT-FOR-US: Banana Dance
-CVE-2012-5242 (Directory traversal vulnerability in functions/suggest.php in Banana ...)
+CVE-2012-5242
 	NOT-FOR-US: Banana Dance
 CVE-2012-5241
 	RESERVED
 	NOT-FOR-US: PEAR module for Twitter
-CVE-2012-5240 (Buffer overflow in the dissect_tlv function in ...)
+CVE-2012-5240
 	- wireshark 1.8.2-2 (bug #689972)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 CVE-2012-5239
 	REJECTED
-CVE-2012-5238 (epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x ...)
+CVE-2012-5238
 	- wireshark 1.8.2-2 (bug #689972)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-5237 (The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP ...)
+CVE-2012-5237
 	- wireshark 1.8.2-2 (bug #689972)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 CVE-2012-5236 [Admin can decrypt user files]
@@ -3750,94 +3750,94 @@ CVE-2012-5236 [Admin can decrypt user files]
 	NOTE: http://owncloud.org/about/security/advisories/CVE-2012-5236/
 CVE-2012-5235
 	RESERVED
-CVE-2012-5234 (Open redirect vulnerability in index.php in ocPortal before 7.1.6 ...)
+CVE-2012-5234
 	- ocportal <itp> (bug #625865)
-CVE-2012-5233 (Cross-site scripting (XSS) vulnerability in the stickynote module ...)
+CVE-2012-5233
 	NOT-FOR-US: Drupal stickynote
-CVE-2012-5232 (Cross-site scripting (XSS) vulnerability in the Quickl Form component ...)
+CVE-2012-5232
 	NOT-FOR-US: Joomla component
-CVE-2012-5231 (miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP ...)
+CVE-2012-5231
 	NOT-FOR-US: miniCMS
-CVE-2012-5230 (Unspecified vulnerability in the JE Story Submit (com_jesubmit) ...)
+CVE-2012-5230
 	NOT-FOR-US: Joomla jesusmit
-CVE-2012-5229 (Cross-site scripting (XSS) vulnerability in css/gallery-css.php in the ...)
+CVE-2012-5229
 	NOT-FOR-US: WP Gallery2
-CVE-2012-5228 (Cross-site scripting (XSS) vulnerability in admin/index.php in phplist ...)
+CVE-2012-5228
 	NOT-FOR-US: phplist
-CVE-2012-5227 (SQL injection vulnerability in administrer/tva.php in Peel SHOPPING ...)
+CVE-2012-5227
 	NOT-FOR-US: Peel Shopping
-CVE-2012-5226 (Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING ...)
+CVE-2012-5226
 	NOT-FOR-US: Peel Shopping
-CVE-2012-5225 (Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart ...)
+CVE-2012-5225
 	NOT-FOR-US: xClick
-CVE-2012-5224 (PHP remote file inclusion vulnerability in ...)
+CVE-2012-5224
 	NOT-FOR-US: vbadvanced CMPS
-CVE-2012-5223 (The proc_deutf function in includes/functions_vbseocp_abstract.php in ...)
+CVE-2012-5223
 	NOT-FOR-US: vBSEO
-CVE-2012-5222 (HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote ...)
+CVE-2012-5222
 	NOT-FOR-US: HP Service Manager
-CVE-2012-5221 (Directory traversal vulnerability in the PostScript Interpreter, as ...)
+CVE-2012-5221
 	NOT-FOR-US: HP LaserJet
-CVE-2012-5220 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2012-5220
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2012-5219 (Cross-site scripting (XSS) vulnerability in HP Managed Printing ...)
+CVE-2012-5219
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2012-5218 (HP ElitePad 900 PCs with BIOS F.0x before F.01 Update 1.0.0.8 do not ...)
+CVE-2012-5218
 	NOT-FOR-US: HP ElitePad 900
-CVE-2012-5217 (HP System Management Homepage (SMH) before 7.2.1 allows remote ...)
+CVE-2012-5217
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-5216 (Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 ...)
+CVE-2012-5216
 	NOT-FOR-US: HP ProCurve
-CVE-2012-5215 (Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, ...)
+CVE-2012-5215
 	NOT-FOR-US: HP LaserJet Pro
-CVE-2012-5214 (Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 ...)
+CVE-2012-5214
 	NOT-FOR-US: HP ServiceCenter
-CVE-2012-5213 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5213
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5212 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5212
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5211 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5211
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5210 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5210
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5209 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5209
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5208 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5208
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5207 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5207
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5206 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5206
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5205 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5205
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5204 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5204
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5203 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5203
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5202 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5202
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5201 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2012-5201
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5200 (Cross-site scripting (XSS) vulnerability in HP Intelligent Management ...)
+CVE-2012-5200
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5199 (Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and ...)
+CVE-2012-5199
 	NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2012-5198 (Unspecified vulnerability in HP ArcSight Connector Appliance before ...)
+CVE-2012-5198
 	NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2012-5197 (Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and ...)
+CVE-2012-5197
 	- condor 7.8.2~dfsg.1-1+deb7u1 (unimportant)
 	NOTE: Not exploitable according to upstream
-CVE-2012-5196 (Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x ...)
+CVE-2012-5196
 	- condor 7.8.2~dfsg.1-1+deb7u1 (unimportant)
 	NOTE: Not exploitable according to upstream
-CVE-2012-5195 (Heap-based buffer overflow in the Perl_repeatcpy function in util.c in ...)
+CVE-2012-5195
 	{DSA-2586-1}
 	- perl 5.14.2-14 (bug #689314)
 CVE-2012-5194
 	RESERVED
 CVE-2012-5193
 	RESERVED
-CVE-2012-5192 (Directory traversal vulnerability in gmap/view_overlay.php in ...)
+CVE-2012-5192
 	NOT-FOR-US: Bitweaver
 CVE-2012-5191
 	RESERVED
@@ -3845,361 +3845,361 @@ CVE-2012-5190
 	RESERVED
 CVE-2012-5189
 	REJECTED
-CVE-2012-5188 (Untrusted search path vulnerability in mora Downloader before 1.0.0.1 ...)
+CVE-2012-5188
 	NOT-FOR-US: mora Downloader
-CVE-2012-5187 (The Weathernews Touch application 2.3.2 and earlier for Android allows ...)
+CVE-2012-5187
 	NOT-FOR-US: Android
-CVE-2012-5186 (Cross-site scripting (XSS) vulnerability in FLUGELz netmania myu-s and ...)
+CVE-2012-5186
 	NOT-FOR-US: FLUGELz netmania myu-s, PHP WeblogSystem
-CVE-2012-5185 (Directory traversal vulnerability in the Olive Toast Documents Pro ...)
+CVE-2012-5185
 	NOT-FOR-US: Olive Toast Documents Pro File Viewer
-CVE-2012-5184 (Cross-site scripting (XSS) vulnerability in the Olive Toast Documents ...)
+CVE-2012-5184
 	NOT-FOR-US: Olive Toast Documents Pro File Viewer
-CVE-2012-5183 (The Loctouch application 3.4.6 and earlier for Android allows ...)
+CVE-2012-5183
 	NOT-FOR-US: Loctouch application for Android
-CVE-2012-5182 (The Loctouch application 3.4.6 and earlier for Android does not ...)
+CVE-2012-5182
 	NOT-FOR-US: Loctouch application for Android
-CVE-2012-5181 (Cross-site scripting (XSS) vulnerability in concrete5 Japanese 5.5.1 ...)
+CVE-2012-5181
 	NOT-FOR-US: concrete5
-CVE-2012-5180 (The Opera Mobile application before 12.1 and Opera Mini application ...)
+CVE-2012-5180
 	NOT-FOR-US: Opera Mobile application for Android
-CVE-2012-5179 (The Boat Browser application before 4.2 and Boat Browser Mini ...)
+CVE-2012-5179
 	NOT-FOR-US: Boat Browser application for Android
-CVE-2012-5178 (Cross-site request forgery (CSRF) vulnerability in the Welcart plugin ...)
+CVE-2012-5178
 	NOT-FOR-US: WordPress Welcart plugin
-CVE-2012-5177 (Cross-site scripting (XSS) vulnerability in the Welcart plugin before ...)
+CVE-2012-5177
 	NOT-FOR-US: WordPress Welcart plugin
-CVE-2012-5176 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT ...)
+CVE-2012-5176
 	NOT-FOR-US: KENT-WEB ACCESS REPORT
-CVE-2012-5175 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 ...)
+CVE-2012-5175
 	NOT-FOR-US: KENT-WEB ACCESS REPORT
-CVE-2012-5174 (The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and WX320KR ...)
+CVE-2012-5174
 	NOT-FOR-US: KYOCERA
-CVE-2012-5173 (Session fixation vulnerability in BIGACE before 2.7.8 allows remote ...)
+CVE-2012-5173
 	NOT-FOR-US: BIGACE
-CVE-2012-5172 (The Asial Monaca Debugger application before 1.4.2 for Android allows ...)
+CVE-2012-5172
 	NOT-FOR-US: Asial Monaca Debugger
-CVE-2012-5171 (Directory traversal vulnerability in Be Graph BeZIP before 3.10 allows ...)
+CVE-2012-5171
 	NOT-FOR-US: Be Graph's BeZIP
-CVE-2012-5170 (Open redirect vulnerability in Pebble before 2.6.4 allows remote ...)
+CVE-2012-5170
 	NOT-FOR-US: Pebble blog
-CVE-2012-5169 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-5169
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5168 (ATutor AContent before 1.2-1 allows remote attackers to modify ...)
+CVE-2012-5168
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5167 (Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 ...)
+CVE-2012-5167
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5166 (ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before ...)
+CVE-2012-5166
 	{DSA-2560-1}
 	- bind9 1:9.8.1.dfsg.P1-4.3 (bug #690118)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
 CVE-2012-5165
 	RESERVED
-CVE-2012-5164 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
+CVE-2012-5164
 	NOT-FOR-US: Fork CMS
-CVE-2012-5163 (Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in ...)
+CVE-2012-5163
 	NOT-FOR-US: OSClass not in Debian
-CVE-2012-5162 (Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in ...)
+CVE-2012-5162
 	NOT-FOR-US: OSClass not in Debian
-CVE-2012-5161 (The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 ...)
+CVE-2012-5161
 	NOT-FOR-US: Citrix XenApp
 CVE-2012-5160
 	RESERVED
-CVE-2012-5158 (Puppet Enterprise (PE) before 2.6.1 does not properly invalidate ...)
+CVE-2012-5158
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2012-5157 (Google Chrome before 24.0.1312.52 does not properly handle image data ...)
+CVE-2012-5157
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
-CVE-2012-5156 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
+CVE-2012-5156
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
-CVE-2012-5155 (Google Chrome before 24.0.1312.52 on Mac OS X does not use an ...)
+CVE-2012-5155
 	- chromium-browser <not-affected> (Only affects MacOS X)
-CVE-2012-5154 (Integer overflow in Google Chrome before 24.0.1312.52 on Windows ...)
+CVE-2012-5154
 	- chromium-browser <not-affected> (Only affects Windows)
-CVE-2012-5153 (Google V8 before 3.14.5.3, as used in Google Chrome before ...)
+CVE-2012-5153
 	- libv8 <not-affected> (bug #702261; kMinFixedIndex and kMaxFixedIndex are hard-coded to the correct values in 3.8.9.20, a later commit introduced a caclulation that produced incorrect values)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5152 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
+CVE-2012-5152
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 24.0.1312.68-1
-CVE-2012-5151 (Integer overflow in Google Chrome before 24.0.1312.52 allows remote ...)
+CVE-2012-5151
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
-CVE-2012-5150 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
+CVE-2012-5150
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1
-CVE-2012-5149 (Integer overflow in the audio IPC layer in Google Chrome before ...)
+CVE-2012-5149
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5148 (The hyphenation functionality in Google Chrome before 24.0.1312.52 ...)
+CVE-2012-5148
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5147 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
+CVE-2012-5147
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5146 (Google Chrome before 24.0.1312.52 allows remote attackers to bypass ...)
+CVE-2012-5146
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5145 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
+CVE-2012-5145
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5144 (Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and ...)
+CVE-2012-5144
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commitdiff;h=6d5b0092678b2a95dfe209a207550bd2fe9ef646
-CVE-2012-5143 (Integer overflow in Google Chrome before 23.0.1271.97 allows remote ...)
+CVE-2012-5143
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5142 (Google Chrome before 23.0.1271.97 does not properly handle history ...)
+CVE-2012-5142
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5141 (Google Chrome before 23.0.1271.97 does not properly restrict ...)
+CVE-2012-5141
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5140 (Use-after-free vulnerability in Google Chrome before 23.0.1271.97 ...)
+CVE-2012-5140
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5139 (Use-after-free vulnerability in Google Chrome before 23.0.1271.97 ...)
+CVE-2012-5139
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5138 (Google Chrome before 23.0.1271.95 does not properly handle file paths, ...)
+CVE-2012-5138
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5137 (Use-after-free vulnerability in Google Chrome before 23.0.1271.95 ...)
+CVE-2012-5137
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5136 (Google Chrome before 23.0.1271.91 does not properly perform a cast of ...)
+CVE-2012-5136
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5135 (Use-after-free vulnerability in Google Chrome before 23.0.1271.91 ...)
+CVE-2012-5135
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5134 (Heap-based buffer underflow in the xmlParseAttValueComplex function in ...)
+CVE-2012-5134
 	{DSA-2580-1}
 	- libxml2 2.8.0+dfsg1-7 (bug #694521)
-CVE-2012-5133 (Use-after-free vulnerability in Google Chrome before 23.0.1271.91 ...)
+CVE-2012-5133
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5132 (Google Chrome before 23.0.1271.91 allows remote attackers to cause a ...)
+CVE-2012-5132
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5131 (Google Chrome before 23.0.1271.91 on Mac OS X does not properly ...)
+CVE-2012-5131
 	- chromium-browser <not-affected> (MacOS-specific)
-CVE-2012-5130 (Skia, as used in Google Chrome before 23.0.1271.91, allows remote ...)
+CVE-2012-5130
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5129 (Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS ...)
+CVE-2012-5129
 	- mesa 8.0.5-3 (bug #695248)
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
-CVE-2012-5128 (Google V8 before 3.13.7.5, as used in Google Chrome before ...)
+CVE-2012-5128
 	- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
-CVE-2012-5127 (Integer overflow in Google Chrome before 23.0.1271.64 allows remote ...)
+CVE-2012-5127
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libwebp 0.1.3-3+nmu1 (bug #704573)
 	NOTE: fixed in experimental version 0.2.1-1
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=442152
 	NOTE: Upstream announce: https://groups.google.com/a/webmproject.org/forum/?fromgroups=#!topic/webp-discuss/QTtgi8YfgkE
-CVE-2012-5126 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
+CVE-2012-5126
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5125 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
+CVE-2012-5125
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5124 (Google Chrome before 23.0.1271.64 does not properly handle textures, ...)
+CVE-2012-5124
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5123 (Skia, as used in Google Chrome before 23.0.1271.64, allows remote ...)
+CVE-2012-5123
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5122 (Google Chrome before 23.0.1271.64 does not properly perform a cast of ...)
+CVE-2012-5122
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5121 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
+CVE-2012-5121
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5120 (Google V8 before 3.13.7.5, as used in Google Chrome before ...)
+CVE-2012-5120
 	- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
-CVE-2012-5119 (Race condition in Pepper, as used in Google Chrome before ...)
+CVE-2012-5119
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5118 (Google Chrome before 23.0.1271.64 on Mac OS X does not properly ...)
+CVE-2012-5118
 	- chromium-browser <not-affected> (MacOS-specific)
-CVE-2012-5117 (Google Chrome before 23.0.1271.64 does not properly restrict the ...)
+CVE-2012-5117
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5116 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
+CVE-2012-5116
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5115 (Google Chrome before 23.0.1271.64 on Mac OS X does not properly ...)
+CVE-2012-5115
 	- chromium-browser <not-affected> (MacOS-specific)
 CVE-2012-5114
 	RESERVED
 CVE-2012-5113
 	RESERVED
-CVE-2012-5112 (Use-after-free vulnerability in the SVG implementation in WebKit, as ...)
+CVE-2012-5112
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5111 (Google Chrome before 22.0.1229.92 does not monitor for crashes of ...)
+CVE-2012-5111
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5110 (The compositor in Google Chrome before 22.0.1229.92 allows remote ...)
+CVE-2012-5110
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5109 (The International Components for Unicode (ICU) functionality in Google ...)
+CVE-2012-5109
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5108 (Race condition in Google Chrome before 22.0.1229.92 allows remote ...)
+CVE-2012-5108
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2012-5107
 	RESERVED
-CVE-2012-5106 (Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote ...)
+CVE-2012-5106
 	NOT-FOR-US: FreeFloat FTP Server
-CVE-2012-5159 (phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror ...)
+CVE-2012-5159
 	- phpmyadmin <not-affected>
-CVE-2012-5105 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager ...)
+CVE-2012-5105
 	NOT-FOR-US: SQLiteManager
-CVE-2012-5104 (Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in ...)
+CVE-2012-5104
 	NOT-FOR-US: UBB.threads
-CVE-2012-5103 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-5103
 	NOT-FOR-US: Ggb guestbook
-CVE-2012-5102 (Cross-site scripting (XSS) vulnerability in inc/extensions.php in ...)
+CVE-2012-5102
 	NOT-FOR-US: VertigoServ
-CVE-2012-5101 (SQL injection vulnerability in the JExtensions JE Poll component ...)
+CVE-2012-5101
 	NOT-FOR-US: Joomla! extension
-CVE-2012-5100 (Directory traversal vulnerability in HServer 0.1.1 allows remote ...)
+CVE-2012-5100
 	NOT-FOR-US: HServer
-CVE-2012-5099 (Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and ...)
+CVE-2012-5099
 	NOT-FOR-US: PHPB2B
-CVE-2012-5098 (Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, ...)
+CVE-2012-5098
 	NOT-FOR-US: PHP-X-Links
-CVE-2012-5097 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2012-5097
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-5096 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2012-5096
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-5095 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2012-5095
 	NOT-FOR-US: Oracle Sun Solaris 10
-CVE-2012-5094 (Unspecified vulnerability in the Oracle Agile PLM for Process ...)
+CVE-2012-5094
 	NOT-FOR-US: Oracle Agile PLM
-CVE-2012-5093 (Unspecified vulnerability in the Oracle Agile PLM for Process ...)
+CVE-2012-5093
 	NOT-FOR-US: Oracle Agile PLM
-CVE-2012-5092 (Unspecified vulnerability in the Oracle Agile PLM for Process ...)
+CVE-2012-5092
 	NOT-FOR-US: Oracle Agile PLM
-CVE-2012-5091 (Unspecified vulnerability in the Oracle Agile Product Supplier ...)
+CVE-2012-5091
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2012-5090 (Unspecified vulnerability in the Oracle Agile PLM for Process ...)
+CVE-2012-5090
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2012-5089 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5089
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5088 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5088
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5087 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5087
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5086 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5086
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
-CVE-2012-5085 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5085
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5084 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5084
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5083 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5083
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-5082 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2012-5082
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2012-5081 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5081
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
 	NOTE: https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
 	NOTE: https://robotattack.org/
-CVE-2012-5080 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2012-5080
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2012-5079 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5079
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5078 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2012-5078
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2012-5077 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5077
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5076 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5076
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5075 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5075
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5074 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5074
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5073 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5073
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5072 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5072
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5071 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5071
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5070 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5070
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5069 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5069
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5068 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5068
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5067 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-5067
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-5066 (Unspecified vulnerability in the Oracle Central Designer component in ...)
+CVE-2012-5066
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-5065 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2012-5065
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-5064 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-5064
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-5063 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-5063
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-5062 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-5062
 	NOT-FOR-US: Oracle
-CVE-2012-5061 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-5061
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-5060 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2012-5060
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-5059 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2012-5059
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-5058 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2012-5058
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-5057 (CRLF injection vulnerability in ownCloud Server before 4.0.8 allows ...)
+CVE-2012-5057
 	- owncloud 4.0.8debian-1
-CVE-2012-5056 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server ...)
+CVE-2012-5056
 	- owncloud 4.0.8debian-1
-CVE-2012-5055 (DaoAuthenticationProvider in VMware SpringSource Spring Security ...)
+CVE-2012-5055
 	NOT-FOR-US: VMware
-CVE-2012-5054 (Integer overflow in the copyRawDataTo method in the Matrix3D class in ...)
+CVE-2012-5054
 	NOT-FOR-US: Adobe Flash player
-CVE-2012-5053 (Cross-site scripting (XSS) vulnerability in the Receiver Web User ...)
+CVE-2012-5053
 	NOT-FOR-US: Trimble Infrastructure GNSS Series Receivers
 CVE-2012-5052
 	RESERVED
-CVE-2012-5051 (Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows ...)
+CVE-2012-5051
 	NOT-FOR-US: VMware
-CVE-2012-5050 (Cross-site scripting (XSS) vulnerability in the server in VMware ...)
+CVE-2012-5050
 	NOT-FOR-US: VMware
-CVE-2012-5049 (APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote ...)
+CVE-2012-5049
 	NOT-FOR-US: Optimalog Optima PLC
-CVE-2012-5048 (APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote ...)
+CVE-2012-5048
 	NOT-FOR-US: Optimalog Optima PLC
 CVE-2012-5047
 	RESERVED
@@ -4207,7 +4207,7 @@ CVE-2012-5046
 	RESERVED
 CVE-2012-5045
 	RESERVED
-CVE-2012-5044 (Cisco IOS before 15.3(1)T, when media flow-around is not used, allows ...)
+CVE-2012-5044
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5043
 	RESERVED
@@ -4217,13 +4217,13 @@ CVE-2012-5041
 	RESERVED
 CVE-2012-5040
 	RESERVED
-CVE-2012-5039 (The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote ...)
+CVE-2012-5039
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5038
 	RESERVED
-CVE-2012-5037 (The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 ...)
+CVE-2012-5037
 	NOT-FOR-US: Cisco IOS
-CVE-2012-5036 (Cisco IOS before 12.2(50)SY1 allows remote authenticated users to ...)
+CVE-2012-5036
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5035
 	RESERVED
@@ -4231,11 +4231,11 @@ CVE-2012-5034
 	RESERVED
 CVE-2012-5033
 	RESERVED
-CVE-2012-5032 (The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation ...)
+CVE-2012-5032
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5031
 	RESERVED
-CVE-2012-5030 (Cisco IOS before 15.2(4)S6 does not initialize an unspecified ...)
+CVE-2012-5030
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5029
 	RESERVED
@@ -4261,13 +4261,13 @@ CVE-2012-5019
 	RESERVED
 CVE-2012-5018
 	RESERVED
-CVE-2012-5017 (Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause ...)
+CVE-2012-5017
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5016
 	RESERVED
 CVE-2012-5015
 	RESERVED
-CVE-2012-5014 (Cisco IOS before 15.1(2)SY allows remote authenticated users to cause ...)
+CVE-2012-5014
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5013
 	RESERVED
@@ -4275,63 +4275,63 @@ CVE-2012-5012
 	RESERVED
 CVE-2012-5011
 	RESERVED
-CVE-2012-5010 (ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance ...)
+CVE-2012-5010
 	NOT-FOR-US: Adaptive Security Appliance Adaptive Security Appliance (ASA)
 CVE-2012-5009
 	RESERVED
 CVE-2012-5008
 	RESERVED
-CVE-2012-5007 (The Fill PDF module 7.x-1.x before 7.x-1.2 for Drupal allows remote ...)
+CVE-2012-5007
 	NOT-FOR-US: Drupal addon Fill PDF
-CVE-2012-5006 (Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser ...)
+CVE-2012-5006
 	NOT-FOR-US: Caminova DjVu Browser
-CVE-2012-5005 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-5005
 	NOT-FOR-US: VR GPub
-CVE-2012-5004 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-5004
 	NOT-FOR-US: Parallels H-Sphere
-CVE-2012-5003 (nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not ...)
+CVE-2012-5003
 	NOT-FOR-US: No Machine NX Web Companion
-CVE-2012-5002 (Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in ...)
+CVE-2012-5002
 	NOT-FOR-US: SR10 FTP server in Ricoh DC Software
-CVE-2012-5001 (Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node ...)
+CVE-2012-5001
 	NOT-FOR-US: Hitachi JP1/Cm2/Network Node Manager
-CVE-2012-5000 (SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 ...)
+CVE-2012-5000
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2012-4999 (Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote ...)
+CVE-2012-4999
 	NOT-FOR-US: Mercury MR804 Router
-CVE-2012-4998 (Cross-site scripting (XSS) vulnerability in index.php in starCMS ...)
+CVE-2012-4998
 	NOT-FOR-US: starCMS
-CVE-2012-4997 (Directory traversal vulnerability in acp/index.php in AneCMS allows ...)
+CVE-2012-4997
 	NOT-FOR-US: AneCMS
-CVE-2012-4996 (Multiple SQL injection vulnerabilities in RivetTracker 1.03 and ...)
+CVE-2012-4996
 	NOT-FOR-US: RivetTracker
-CVE-2012-4995 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-4995
 	- limesurvey <itp> (bug #472802)
-CVE-2012-4994 (SQL injection vulnerability in admin/admin.php in LimeSurvey before ...)
+CVE-2012-4994
 	- limesurvey <itp> (bug #472802)
-CVE-2012-4993 (torrent_functions.php in RivetTracker 1.03 and earlier does not ...)
+CVE-2012-4993
 	NOT-FOR-US: RivetTracker
-CVE-2012-4992 (Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote ...)
+CVE-2012-4992
 	NOT-FOR-US: FlashFXP
-CVE-2012-4991 (Multiple directory traversal vulnerabilities in Axway SecureTransport ...)
+CVE-2012-4991
 	NOT-FOR-US: Axway SecureTransport
-CVE-2012-4990 (SQL injection vulnerability in admin/campaign-zone-link.php in OpenX ...)
+CVE-2012-4990
 	NOT-FOR-US: OpenX
-CVE-2012-4989 (Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in ...)
+CVE-2012-4989
 	NOT-FOR-US: OpenX
-CVE-2012-4988 (Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or ...)
+CVE-2012-4988
 	NOT-FOR-US: XnView
-CVE-2012-4987 (Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 ...)
+CVE-2012-4987
 	NOT-FOR-US: RealPlayer
 CVE-2012-4986
 	RESERVED
-CVE-2012-4985 (The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ...)
+CVE-2012-4985
 	NOT-FOR-US: Forescout device
 CVE-2012-4984
 	RESERVED
-CVE-2012-4983 (Multiple cross-site scripting (XSS) vulnerabilities on the Forescout ...)
+CVE-2012-4983
 	NOT-FOR-US: Forescout device
-CVE-2012-4982 (Open redirect vulnerability in assets/login on the Forescout ...)
+CVE-2012-4982
 	NOT-FOR-US: Forescout device
 CVE-2012-4981
 	RESERVED
@@ -4341,25 +4341,25 @@ CVE-2012-4979
 	RESERVED
 CVE-2012-4978
 	RESERVED
-CVE-2012-4977 (Layton Helpbox 4.4.0 allows remote attackers to discover cleartext ...)
+CVE-2012-4977
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4976 (selectawasset.asp in Layton Helpbox 4.4.0 allows remote attackers to ...)
+CVE-2012-4976
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4975 (editrequestuser.asp in Layton Helpbox 4.4.0 allows remote ...)
+CVE-2012-4975
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4974 (Layton Helpbox 4.4.0 allows remote authenticated users to change the ...)
+CVE-2012-4974
 	NOT-FOR-US: Layton Helpbox
 CVE-2012-4973
 	RESERVED
-CVE-2012-4972 (Multiple cross-site scripting (XSS) vulnerabilities in Layton Helpbox ...)
+CVE-2012-4972
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4971 (Multiple SQL injection vulnerabilities in Layton Helpbox 4.4.0 allow ...)
+CVE-2012-4971
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4970 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2012-4970
 	NOT-FOR-US: Polycom HDX Video End Points
-CVE-2012-4969 (Use-after-free vulnerability in the CMshtmlEd::Exec function in ...)
+CVE-2012-4969
 	NOT-FOR-US: Internet Explorer
-CVE-2012-4968 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
+CVE-2012-4968
 	- silverstripe <itp> (bug #528461)
 CVE-2012-4967
 	REJECTED
@@ -4367,7 +4367,7 @@ CVE-2012-4966
 	REJECTED
 CVE-2012-4965
 	REJECTED
-CVE-2012-4964 (The Samsung printer firmware before 20121031 has a hardcoded ...)
+CVE-2012-4964
 	NOT-FOR-US: Samsung printer firmware
 CVE-2012-4963
 	RESERVED
@@ -4375,72 +4375,72 @@ CVE-2012-4962
 	RESERVED
 CVE-2012-4961
 	RESERVED
-CVE-2012-4960 (The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, ...)
+CVE-2012-4960
 	NOT-FOR-US: Huawei devices
-CVE-2012-4959 (Directory traversal vulnerability in NFRAgent.exe in Novell File ...)
+CVE-2012-4959
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4958 (Directory traversal vulnerability in NFRAgent.exe in Novell File ...)
+CVE-2012-4958
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4957 (Absolute path traversal vulnerability in NFRAgent.exe in Novell File ...)
+CVE-2012-4957
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4956 (Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter ...)
+CVE-2012-4956
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4955 (Cross-site scripting (XSS) vulnerability in Dell OpenManage Server ...)
+CVE-2012-4955
 	NOT-FOR-US: Dell OpenManage SA
-CVE-2012-4954 (The edit-profile page in Vanilla Forums before 2.1a32 allows remote ...)
+CVE-2012-4954
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-4953 (The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, ...)
+CVE-2012-4953
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-4952 (Henry Schein Dentrix G5 before 15.1.294 has a single internal-database ...)
+CVE-2012-4952
 	NOT-FOR-US: Dentrix
-CVE-2012-4951 (Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in ...)
+CVE-2012-4951
 	NOT-FOR-US: VeriFone VeriCentre Web Console
-CVE-2012-4950 (Cross-site scripting (XSS) vulnerability in the Keyword Search page in ...)
+CVE-2012-4950
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4949 (SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote ...)
+CVE-2012-4949
 	NOT-FOR-US: ESRI ArcGIS
-CVE-2012-4948 (The default configuration of Fortinet Fortigate UTM appliances uses ...)
+CVE-2012-4948
 	NOT-FOR-US: Fortinet Fortigate UTM applianced
-CVE-2012-4947 (Agile FleetCommander and FleetCommander Kiosk before 4.08 store ...)
+CVE-2012-4947
 	NOT-FOR-US: FleetCommander
-CVE-2012-4946 (Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR ...)
+CVE-2012-4946
 	NOT-FOR-US: FleetCommander
-CVE-2012-4945 (Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote ...)
+CVE-2012-4945
 	NOT-FOR-US: FleetCommander
-CVE-2012-4944 (Multiple unrestricted file upload vulnerabilities in Agile ...)
+CVE-2012-4944
 	NOT-FOR-US: FleetCommander
-CVE-2012-4943 (Multiple cross-site request forgery (CSRF) vulnerabilities in Agile ...)
+CVE-2012-4943
 	NOT-FOR-US: FleetCommander
-CVE-2012-4942 (Multiple cross-site scripting (XSS) vulnerabilities in Agile ...)
+CVE-2012-4942
 	NOT-FOR-US: FleetCommander
-CVE-2012-4941 (Multiple SQL injection vulnerabilities in Agile FleetCommander and ...)
+CVE-2012-4941
 	NOT-FOR-US: FleetCommander
-CVE-2012-4940 (Multiple directory traversal vulnerabilities in the View Log Files ...)
+CVE-2012-4940
 	NOT-FOR-US: Axigen Free Mail Server
-CVE-2012-4939 (Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in ...)
+CVE-2012-4939
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-4938 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+CVE-2012-4938
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4937 (Session fixation vulnerability in the web interface in Pattern Insight ...)
+CVE-2012-4937
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4936 (The web interface in Pattern Insight 2.3 allows remote attackers to ...)
+CVE-2012-4936
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4935 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
+CVE-2012-4935
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4934 (TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled ...)
+CVE-2012-4934
 	NOT-FOR-US: TomatoCart
-CVE-2012-4933 (The rtrlet web application in the Web Console in Novell ZENworks Asset ...)
+CVE-2012-4933
 	NOT-FOR-US: Novell ZENworks
-CVE-2012-4932 (Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices ...)
+CVE-2012-4932
 	NOT-FOR-US: SimpleInvoices
 CVE-2012-4931
 	RESERVED
-CVE-2012-4930 (The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google ...)
+CVE-2012-4930
 	- iceweasel <not-affected> (Firefox ESV not support SDPY)
 	- chromium-browser 21.0.1180.57~r148591-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://www.imperialviolet.org/2012/09/21/crime.html
-CVE-2012-4929 (The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google ...)
+CVE-2012-4929
 	{DSA-3253-1 DSA-2627-1 DSA-2626-1 DSA-2579-1 DLA-400-1 DLA-0008-1}
 	- iceweasel <not-affected> (Firefox ESV not use TLS/SSL compression)
 	- chromium-browser 22.0.1229.94~r161065-1
@@ -4457,239 +4457,239 @@ CVE-2012-4929 (The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Goo
 	NOTE: openssl redhat announcement https://rhn.redhat.com/errata/RHSA-2013-0587.html
 	NOTE: openssl disables compression by default since dc5744cb78da6f2bcafeeefe22c604a51b52dfc5
 	- pound 2.6-3 (bug #727197)
-CVE-2012-4928 (Cross-site scripting (XSS) vulnerability in ow_updates/index.php in ...)
+CVE-2012-4928
 	NOT-FOR-US: Oxwall 1.1.1
-CVE-2012-4927 (SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before ...)
+CVE-2012-4927
 	- limesurvey <itp> (bug #472802)
-CVE-2012-4926 (approve.php in Img Pals Photo Host 1.0 does not authenticate requests, ...)
+CVE-2012-4926
 	NOT-FOR-US: Img Pals Photo Host 1.0
-CVE-2012-4925 (Multiple SQL injection vulnerabilities in approve.php in Img Pals ...)
+CVE-2012-4925
 	NOT-FOR-US: Img Pals Photo Host 1.0
-CVE-2012-4924 (Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX ...)
+CVE-2012-4924
 	NOT-FOR-US: ASUS Net4Switch
-CVE-2012-4923 (Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall ...)
+CVE-2012-4923
 	NOT-FOR-US: Endian Firewall 2.4
-CVE-2012-4922 (The tor_timegm function in common/util.c in Tor before 0.2.2.39, and ...)
+CVE-2012-4922
 	{DSA-2548-1}
 	- tor 0.2.3.22-rc-1
-CVE-2012-4921 (Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS ...)
+CVE-2012-4921
 	NOT-FOR-US: WordPress plugin DVS Custom Notification
-CVE-2012-4920 (Directory traversal vulnerability in the zing_forum_output function in ...)
+CVE-2012-4920
 	NOT-FOR-US: Wordpress plugin Zingiri Forum
 CVE-2012-4919
 	RESERVED
-CVE-2012-4918 (Call of Duty Elite for iOS 2.0.1 does not properly validate the server ...)
+CVE-2012-4918
 	NOT-FOR-US: Call of Duty Elite for iOS
-CVE-2012-4917 (The TripAdvisor app 6.6 for iOS sends cleartext credentials, which ...)
+CVE-2012-4917
 	NOT-FOR-US: The TripAdvisor app 6.6 for iOS
 CVE-2012-4916
 	RESERVED
-CVE-2012-4915 (Directory traversal vulnerability in the Google Doc Embedder plugin ...)
+CVE-2012-4915
 	NOT-FOR-US: WordPress plugin Google Doc Embedder
-CVE-2012-4914 (Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows ...)
+CVE-2012-4914
 	NOT-FOR-US: CoolPDF
 CVE-2012-4913
 	RESERVED
-CVE-2012-4912 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
+CVE-2012-4912
 	NOT-FOR-US: Novell GroupWise
 CVE-2012-4911
 	REJECTED
 CVE-2012-4910
 	REJECTED
-CVE-2012-4909 (Google Chrome before 18.0.1025308 on Android allows remote attackers ...)
+CVE-2012-4909
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4908 (Google Chrome before 18.0.1025308 on Android allows remote attackers ...)
+CVE-2012-4908
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4907 (Google Chrome before 18.0.1025308 on Android does not properly ...)
+CVE-2012-4907
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4906 (Google Chrome before 18.0.1025308 on Android does not properly ...)
+CVE-2012-4906
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4905 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+CVE-2012-4905
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4904 (Cross-application scripting vulnerability in Google Chrome before ...)
+CVE-2012-4904
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4903 (Google Chrome before 18.0.1025308 on Android does not properly ...)
+CVE-2012-4903
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4902 (Multiple cross-site request forgery (CSRF) vulnerabilities in Template ...)
+CVE-2012-4902
 	NOT-FOR-US: Template CMS (http://template-cms.ru)
-CVE-2012-4901 (Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and ...)
+CVE-2012-4901
 	NOT-FOR-US: Template CMS (http://template-cms.ru)
 CVE-2012-4900
 	RESERVED
-CVE-2012-4899 (WellinTech KingView 6.5.3 and earlier uses a weak password-hashing ...)
+CVE-2012-4899
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-4898 (Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a ...)
+CVE-2012-4898
 	NOT-FOR-US: Mesh OS
-CVE-2012-4897 (Untrusted search path vulnerability in the installer in VMware Movie ...)
+CVE-2012-4897
 	NOT-FOR-US: VMware
-CVE-2012-4896 (Heap-based buffer overflow in SumatraPDF before 2.1 allows remote ...)
+CVE-2012-4896
 	NOT-FOR-US: SumatraPDF
-CVE-2012-4895 (Heap-based buffer overflow in SumatraPDF before 2.1 allows remote ...)
+CVE-2012-4895
 	NOT-FOR-US: SumatraPDF
-CVE-2012-4894 (Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows ...)
+CVE-2012-4894
 	NOT-FOR-US: Google SketchUp
-CVE-2012-4893 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-4893
 	NOT-FOR-US: Webmin
-CVE-2012-4892 (Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS ...)
+CVE-2012-4892
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4891 (Cross-site scripting (XSS) vulnerability in fw/index2.do in ...)
+CVE-2012-4891
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2012-4890 (Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS ...)
+CVE-2012-4890
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4889 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2012-4889
 	NOT-FOR-US: ManageEngine Firewall Analyzer
 CVE-2012-4888
 	RESERVED
 CVE-2012-4887
 	RESERVED
-CVE-2012-4886 (Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 ...)
+CVE-2012-4886
 	NOT-FOR-US: WPS Office
-CVE-2012-4885 (The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x ...)
+CVE-2012-4885
 	- mediawiki 1:1.19.0-1 (low)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2012-4884 (Argument injection vulnerability in Request Tracker (RT) 3.8.x before ...)
+CVE-2012-4884
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4883 (Multiple untrusted search path vulnerabilities in 3DVIA Composer ...)
+CVE-2012-4883
 	NOT-FOR-US: 3DVIA Composer V6R2012
-CVE-2012-4882 (Multiple untrusted search path vulnerabilities in 3D XML Player ...)
+CVE-2012-4882
 	NOT-FOR-US: 3D XML Player
-CVE-2012-4881 (Untrusted search path vulnerability in moviEZ HD 1.0 Build ...)
+CVE-2012-4881
 	NOT-FOR-US: moviEZ
-CVE-2012-4880 (Multiple untrusted search path vulnerabilities in DVD Architect Pro ...)
+CVE-2012-4880
 	NOT-FOR-US: DVD Architect Pro
-CVE-2012-4879 (The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, ...)
+CVE-2012-4879
 	NOT-FOR-US: WAGO I/O System 758
-CVE-2012-4878 (Absolute path traversal vulnerability in controlcenter.php in FlatnuX ...)
+CVE-2012-4878
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4877 (Cross-site request forgery (CSRF) vulnerability in controlcenter.php ...)
+CVE-2012-4877
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4876 (Stack-based buffer overflow in the UltraMJCam ActiveX Control in ...)
+CVE-2012-4876
 	NOT-FOR-US: TRENDnet SecurView TV-IP121WN Wireless Internet Camera
-CVE-2012-4875 (** DISPUTED ** ...)
+CVE-2012-4875
 	- ghostscript <not-affected> (Even if it's genuine, it's Windows-code)
-CVE-2012-4874 (Unspecified vulnerability in the Another WordPress Classifieds Plugin ...)
+CVE-2012-4874
 	NOT-FOR-US: Another WordPress Classifieds Plugin for Wordpress
-CVE-2012-4873 (Cross-site scripting (XSS) vulnerability in the file_download function ...)
+CVE-2012-4873
 	NOT-FOR-US: GNUBoard
-CVE-2012-4872 (Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako ...)
+CVE-2012-4872
 	NOT-FOR-US: Kayako Fusion
-CVE-2012-4871 (Cross-site scripting (XSS) vulnerability in service/graph_html.php in ...)
+CVE-2012-4871
 	NOT-FOR-US: LiteSpeed Web Server
-CVE-2012-4870 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and ...)
+CVE-2012-4870
 	NOT-FOR-US: FreePBX
-CVE-2012-4869 (The callme_startcall function in recordings/misc/callme_page.php in ...)
+CVE-2012-4869
 	NOT-FOR-US: FreePBX
-CVE-2012-4868 (SQL injection vulnerability in news.php in the Kunena component 1.7.2 ...)
+CVE-2012-4868
 	NOT-FOR-US: Kunena component for Joomla!
-CVE-2012-4867 (Directory traversal vulnerability in ...)
+CVE-2012-4867
 	NOT-FOR-US: vtiger CRM
-CVE-2012-4866 (Untrusted search path vulnerability in Xtreme RAT 3.5 allows local ...)
+CVE-2012-4866
 	NOT-FOR-US: Xtreme RAT
-CVE-2012-4865 (Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to ...)
+CVE-2012-4865
 	NOT-FOR-US: Oreans Themida
-CVE-2012-4864 (Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of ...)
+CVE-2012-4864
 	NOT-FOR-US: Oreans WinLicense
 CVE-2012-4863
 	RESERVED
-CVE-2012-4862 (The Host Connect emulator in IBM Rational Developer for System z 7.1 ...)
+CVE-2012-4862
 	NOT-FOR-US: IBM Rational
-CVE-2012-4861 (The web server in InfoSphere Data Replication Dashboard in IBM ...)
+CVE-2012-4861
 	NOT-FOR-US: IBM InfoSphere
 CVE-2012-4860
 	RESERVED
-CVE-2012-4859 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space ...)
+CVE-2012-4859
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2012-4858 (IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before ...)
+CVE-2012-4858
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4857 (Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 ...)
+CVE-2012-4857
 	NOT-FOR-US: IBM Informix
-CVE-2012-4856 (The Service Processor in the IBM Power 5 91##-### and 940#-### before ...)
+CVE-2012-4856
 	NOT-FOR-US: IBM Power 5
-CVE-2012-4855 (Unspecified vulnerability in the web services framework in IBM ...)
+CVE-2012-4855
 	NOT-FOR-US: IBM WebSphere Commerce
 CVE-2012-4854
 	RESERVED
-CVE-2012-4853 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
+CVE-2012-4853
 	NOT-FOR-US: Websphere
 CVE-2012-4852
 	RESERVED
-CVE-2012-4851 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
+CVE-2012-4851
 	NOT-FOR-US: Websphere
-CVE-2012-4850 (IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, ...)
+CVE-2012-4850
 	NOT-FOR-US: Websphere
 CVE-2012-4849
 	RESERVED
-CVE-2012-4848 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
+CVE-2012-4848
 	NOT-FOR-US: IBM Lotus Foundations Start
-CVE-2012-4847 (IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote ...)
+CVE-2012-4847
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4846 (IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly ...)
+CVE-2012-4846
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2012-4845 (The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, ...)
+CVE-2012-4845
 	NOT-FOR-US: AIX
-CVE-2012-4844 (Cross-site scripting (XSS) vulnerability in the web server in IBM ...)
+CVE-2012-4844
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2012-4843
 	RESERVED
-CVE-2012-4842 (Open redirect vulnerability in the web server in IBM Lotus Domino ...)
+CVE-2012-4842
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2012-4841 (Unspecified vulnerability in Tivoli Endpoint Manager for Remote ...)
+CVE-2012-4841
 	NOT-FOR-US: Tivoli
-CVE-2012-4840 (IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before ...)
+CVE-2012-4840
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4839 (The OSLC interface in the Web Client (aka CQ Web) in IBM Rational ...)
+CVE-2012-4839
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-4838 (IBM Flex System Chassis Management Module (CMM) and Integrated ...)
+CVE-2012-4838
 	NOT-FOR-US: IBM Flex
-CVE-2012-4837 (IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before ...)
+CVE-2012-4837
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4836 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business ...)
+CVE-2012-4836
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4835 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business ...)
+CVE-2012-4835
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4834 (Directory traversal vulnerability in LayerLoader.jsp in the theme ...)
+CVE-2012-4834
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2012-4833 (fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not ...)
+CVE-2012-4833
 	NOT-FOR-US: AIX
-CVE-2012-4832 (Information Services Framework (ISF) in IBM InfoSphere Information ...)
+CVE-2012-4832
 	NOT-FOR-US: IBM InfoSphere
 CVE-2012-4831
 	RESERVED
-CVE-2012-4830 (Unspecified vulnerability in IBM WebSphere Commerce 6.0 through ...)
+CVE-2012-4830
 	NOT-FOR-US: WebSphere
-CVE-2012-4829 (IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 ...)
+CVE-2012-4829
 	NOT-FOR-US: IBM
 CVE-2012-4828
 	RESERVED
 CVE-2012-4827
 	RESERVED
-CVE-2012-4826 (Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored ...)
+CVE-2012-4826
 	NOT-FOR-US: IBM DB2
-CVE-2012-4825 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-4825
 	NOT-FOR-US: Lotus Notes
-CVE-2012-4824 (Open redirect vulnerability in servlet/traveler in IBM Lotus Notes ...)
+CVE-2012-4824
 	NOT-FOR-US: Lotus Notes
-CVE-2012-4823 (Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and ...)
+CVE-2012-4823
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4822 (Multiple unspecified vulnerabilities in the JRE component in IBM Java ...)
+CVE-2012-4822
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4821 (Multiple unspecified vulnerabilities in the JRE component in IBM Java ...)
+CVE-2012-4821
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4820 (Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and ...)
+CVE-2012-4820
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4819 (Cross-site scripting (XSS) vulnerability in InfoSphere Business ...)
+CVE-2012-4819
 	NOT-FOR-US: IBM InfoSphere
 CVE-2012-4818
 	RESERVED
-CVE-2012-4817 (The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS ...)
+CVE-2012-4817
 	NOT-FOR-US: IBM AIX, VIOS
-CVE-2012-4816 (IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows ...)
+CVE-2012-4816
 	NOT-FOR-US: IBM Rational Automation Framework
 CVE-2012-4815
 	RESERVED
@@ -4737,9 +4737,9 @@ CVE-2012-4794
 	REJECTED
 CVE-2012-4793
 	REJECTED
-CVE-2012-4792 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2012-4792
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-4791 (Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote ...)
+CVE-2012-4791
 	NOT-FOR-US: Microsoft Exchange Server
 CVE-2012-4790
 	REJECTED
@@ -4747,9 +4747,9 @@ CVE-2012-4789
 	REJECTED
 CVE-2012-4788
 	REJECTED
-CVE-2012-4787 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 ...)
+CVE-2012-4787
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-4786 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2012-4786
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-4785
 	REJECTED
@@ -4757,9 +4757,9 @@ CVE-2012-4784
 	REJECTED
 CVE-2012-4783
 	REJECTED
-CVE-2012-4782 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 ...)
+CVE-2012-4782
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-4781 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2012-4781
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-4780
 	REJECTED
@@ -4767,25 +4767,25 @@ CVE-2012-4779
 	REJECTED
 CVE-2012-4778
 	REJECTED
-CVE-2012-4777 (The code-optimization feature in the reflection implementation in ...)
+CVE-2012-4777
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-4776 (The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET ...)
+CVE-2012-4776
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-4775 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2012-4775
 	NOT-FOR-US: Internet Explorer
-CVE-2012-4774 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows ...)
+CVE-2012-4774
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-4773 (Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion ...)
+CVE-2012-4773
 	NOT-FOR-US: Subrion CMS
-CVE-2012-4772 (SQL injection vulnerability in register/ in Subrion CMS before 2.2.3 ...)
+CVE-2012-4772
 	NOT-FOR-US: Subrion CMS
-CVE-2012-4771 (Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS ...)
+CVE-2012-4771
 	NOT-FOR-US: Subrion CMS
 CVE-2012-4770
 	RESERVED
 CVE-2012-4769
 	RESERVED
-CVE-2012-4768 (Cross-site scripting (XSS) vulnerability in the Download Monitor ...)
+CVE-2012-4768
 	NOT-FOR-US: Download Monitor plugin for WordPress
 CVE-2012-4767
 	RESERVED
@@ -4803,28 +4803,28 @@ CVE-2012-4761
 	RESERVED
 CVE-2012-4760
 	RESERVED
-CVE-2012-4759 (Untrusted search path vulnerability in facebook_plugin.fpi in the ...)
+CVE-2012-4759
 	NOT-FOR-US: Foxit Reader
-CVE-2012-4758 (Multiple untrusted search path vulnerabilities in CyberLink ...)
+CVE-2012-4758
 	NOT-FOR-US: CyberLink PowerProducer
-CVE-2012-4757 (Multiple untrusted search path vulnerabilities in CyberLink ...)
+CVE-2012-4757
 	NOT-FOR-US: CyberLink StreamAuthor
-CVE-2012-4756 (Multiple untrusted search path vulnerabilities in CyberLink LabelPrint ...)
+CVE-2012-4756
 	NOT-FOR-US: CyberLink LabelPrint
-CVE-2012-4755 (Untrusted search path vulnerability in SciTools Understand before 2.6 ...)
+CVE-2012-4755
 	NOT-FOR-US: SciTools Unterstand
-CVE-2012-4754 (Multiple untrusted search path vulnerabilities in MindManager 2012 ...)
+CVE-2012-4754
 	NOT-FOR-US: MindManager
 CVE-2012-4410
 	REJECTED
-CVE-2012-4753 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
+CVE-2012-4753
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/05/17
 	NOTE: False assignment, will be rejected, see #688123
-CVE-2012-4752 (appconfig.php in ownCloud before 4.0.6 does not properly restrict ...)
+CVE-2012-4752
 	- owncloud 4.0.7debian-1
 	[wheezy] - owncloud 4.0.4debian2-2
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/05/17
-CVE-2012-4751 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
+CVE-2012-4751
 	- otrs2 3.1.7+dfsg1-6
 	[squeeze] - otrs2 2.4.9+dfsg1-3+squeeze4
 	NOTE: DSA-2733-1
@@ -4834,50 +4834,50 @@ CVE-2012-4749
 	RESERVED
 CVE-2012-4748
 	RESERVED
-CVE-2012-4746 (Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi ...)
+CVE-2012-4746
 	NOT-FOR-US: ZTE ZXDSL
-CVE-2012-4745 (Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity ...)
+CVE-2012-4745
 	NOT-FOR-US: Acuity CMS
-CVE-2012-4744 (Cross-site scripting (XSS) vulnerability in ssearch.php in the Siche ...)
+CVE-2012-4744
 	NOT-FOR-US: Zeroboard
-CVE-2012-4743 (Multiple SQL injection vulnerabilities in ssearch.php in Siche search ...)
+CVE-2012-4743
 	NOT-FOR-US: Zeroboard
-CVE-2012-4742 (The web_node_register function in web.pm in PacketFence before 3.0.2 ...)
+CVE-2012-4742
 	NOT-FOR-US: PacketFence
-CVE-2012-4741 (The RADIUS extension in PacketFence before 3.3.0 uses a different user ...)
+CVE-2012-4741
 	NOT-FOR-US: PacketFence
-CVE-2012-4740 (Cross-site scripting (XSS) vulnerability in the captive portal in ...)
+CVE-2012-4740
 	NOT-FOR-US: PacketFence
-CVE-2012-4739 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL ...)
+CVE-2012-4739
 	NOT-FOR-US: Barracuda SSL VPN
 CVE-2012-4738
 	RESERVED
-CVE-2012-4736 (The Device Encryption Client component in Sophos SafeGuard Enterprise ...)
+CVE-2012-4736
 	NOT-FOR-US: Sophos SafeGuard Enterprise
 CVE-2012-4735
 	REJECTED
-CVE-2012-4734 (Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows ...)
+CVE-2012-4734
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4733 (Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the ...)
+CVE-2012-4733
 	{DSA-2671-1}
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2012-4732 (Cross-site request forgery (CSRF) vulnerability in Request Tracker ...)
+CVE-2012-4732
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4731 (FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly ...)
+CVE-2012-4731
 	{DSA-2568-1}
 	- rtfm <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4730 (Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows ...)
+CVE-2012-4730
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4729 (Wing FTP Server before 4.1.1 allows remote authenticated users to ...)
+CVE-2012-4729
 	NOT-FOR-US: Wing FTP Server
-CVE-2012-4728 (The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in ...)
+CVE-2012-4728
 	NOT-FOR-US: Corel Quattro Pro
 CVE-2012-4727
 	RESERVED
@@ -4901,108 +4901,108 @@ CVE-2012-4718
 	REJECTED
 CVE-2012-4717
 	REJECTED
-CVE-2012-4716 (N-Tron 702-W Industrial Wireless Access Point devices use the same (1) ...)
+CVE-2012-4716
 	NOT-FOR-US: N-Tron 702-W Industrial Wireless Access Point
-CVE-2012-4715 (Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx ...)
+CVE-2012-4715
 	NOT-FOR-US: Rockwell Automation RSLinx Enterprise
-CVE-2012-4714 (Integer overflow in RNADiagnostics.dll in Rockwell Automation ...)
+CVE-2012-4714
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2012-4713 (Integer signedness error in RNADiagnostics.dll in Rockwell Automation ...)
+CVE-2012-4713
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2012-4712 (Moxa EDR-G903 series routers with firmware before 2.11 have a ...)
+CVE-2012-4712
 	NOT-FOR-US: Moxa EDR-G903
-CVE-2012-4711 (Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech ...)
+CVE-2012-4711
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-4710 (Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote ...)
+CVE-2012-4710
 	NOT-FOR-US: Invensys Wonderware Win-XML Exporter
-CVE-2012-4709 (Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote ...)
+CVE-2012-4709
 	NOT-FOR-US: Invensys
-CVE-2012-4708 (Stack-based buffer overflow in 3S CODESYS Gateway-Server before ...)
+CVE-2012-4708
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4707 (3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to ...)
+CVE-2012-4707
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4706 (Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 ...)
+CVE-2012-4706
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4705 (Directory traversal vulnerability in 3S CODESYS Gateway-Server before ...)
+CVE-2012-4705
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4704 (Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows ...)
+CVE-2012-4704
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4703 (The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 ...)
+CVE-2012-4703
 	NOT-FOR-US: Emerson DeltaV
-CVE-2012-4702 (360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a ...)
+CVE-2012-4702
 	NOT-FOR-US: 360 Systems Maxx, Image Server Maxx, and Image Server
-CVE-2012-4701 (Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and ...)
+CVE-2012-4701
 	NOT-FOR-US: Tridium Niagara
-CVE-2012-4700 (Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in ...)
+CVE-2012-4700
 	NOT-FOR-US: IntegraXor SCADA Server
 CVE-2012-4699
 	REJECTED
-CVE-2012-4698 (Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS ...)
+CVE-2012-4698
 	NOT-FOR-US: Siemens RuggedCom Rugged Operating System
-CVE-2012-4697 (TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have ...)
+CVE-2012-4697
 	NOT-FOR-US: TURCK Programmable Gateway
-CVE-2012-4696 (Buffer overflow in Beijer ADP 6.5.0-180_R1967 and 6.5.1-186_R2942, and ...)
+CVE-2012-4696
 	NOT-FOR-US: Beijer
-CVE-2012-4695 (LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, ...)
+CVE-2012-4695
 	NOT-FOR-US: Rockwell Automation RSLinx Enterprise
-CVE-2012-4694 (Moxa EDR-G903 series routers with firmware before 2.11 do not use a ...)
+CVE-2012-4694
 	NOT-FOR-US: Moxa EDR-G903
-CVE-2012-4693 (Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ...)
+CVE-2012-4693
 	NOT-FOR-US: Invensys Wonderware InTouch
 CVE-2012-4692
 	REJECTED
-CVE-2012-4691 (Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x ...)
+CVE-2012-4691
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2012-4690 (Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, ...)
+CVE-2012-4690
 	NOT-FOR-US: Rockwell
-CVE-2012-4689 (Integer overflow in CimWebServer.exe in GE Intelligent Platforms ...)
+CVE-2012-4689
 	NOT-FOR-US: Proficy
-CVE-2012-4688 (The Central application in i-GEN opLYNX before 2.01.9 allows remote ...)
+CVE-2012-4688
 	NOT-FOR-US: Central application in i-GEN opLYNX
-CVE-2012-4687 (Post Oak AWAM Bluetooth Reader Traffic System does not use a ...)
+CVE-2012-4687
 	NOT-FOR-US: Post Oak
-CVE-2012-4686 (SQL injection vulnerability in announcement.php in vBulletin 4.1.10 ...)
+CVE-2012-4686
 	NOT-FOR-US: vBulletin
-CVE-2012-4685 (Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP ...)
+CVE-2012-4685
 	NOT-FOR-US: Arbor Networks Peakflow SP
-CVE-2012-4684 (The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 ...)
+CVE-2012-4684
 	- bitcoin 0.7.2-1
-CVE-2012-4683 (Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers ...)
+CVE-2012-4683
 	- bitcoin 0.7.2-1 (bug #688813)
-CVE-2012-4682 (Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers ...)
+CVE-2012-4682
 	- bitcoin 0.7.2-1 (bug #688813)
-CVE-2012-4737 (channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and ...)
+CVE-2012-4737
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1 (bug #680470)
 CVE-2012-XXXX
 	- juju 0.5.1-2 (bug #685728)
-CVE-2012-4681 (Multiple vulnerabilities in the Java Runtime Environment (JRE) ...)
+CVE-2012-4681
 	- openjdk-7 7u3-2.1.2-1
 	- openjdk-6 <not-affected>
-CVE-2012-4680 (Directory traversal vulnerability in the XML Server in IOServer before ...)
+CVE-2012-4680
 	NOT-FOR-US: IOServer
-CVE-2012-4679 (Cross-site scripting (XSS) vulnerability in admin/login.php in ...)
+CVE-2012-4679
 	- newscoop <itp> (bug #604113)
-CVE-2012-4678 (munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, ...)
+CVE-2012-4678
 	- munin 2.0~rc6-1 (low; bug #668667)
 	[squeeze] - munin <not-affected> (Only affects 2.x branch)
-CVE-2012-4677 (Tunnelblick 3.3beta20 and earlier allows local users to gain ...)
+CVE-2012-4677
 	NOT-FOR-US: Tunnelblick
-CVE-2012-4676 (The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and ...)
+CVE-2012-4676
 	NOT-FOR-US: Tunnelblick
-CVE-2012-4675 (Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote ...)
+CVE-2012-4675
 	NOT-FOR-US: PluXml
-CVE-2012-4674 (PluXml before 5.1.6 allows remote attackers to obtain the installation ...)
+CVE-2012-4674
 	NOT-FOR-US: PluXml
-CVE-2012-4673 (SQL injection vulnerability in application/controllers/invoice.php in ...)
+CVE-2012-4673
 	NOT-FOR-US: Neoinvoice
-CVE-2012-4672 (Apple iChat Server does not verify that a request was made for an XMPP ...)
+CVE-2012-4672
 	NOT-FOR-US: Apple iChat Server
-CVE-2012-4671 (psyced before 20120821 does not verify that a request was made for an ...)
+CVE-2012-4671
 	NOT-FOR-US: psyced
-CVE-2012-4670 (Tigase XMPP Server before 5.1.0 does not verify that a request was ...)
+CVE-2012-4670
 	NOT-FOR-US: Tigase
-CVE-2012-4669 (M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify ...)
+CVE-2012-4669
 	NOT-FOR-US: M-Link
 CVE-2012-4666
 	RESERVED
@@ -5010,23 +5010,23 @@ CVE-2012-4665
 	RESERVED
 CVE-2012-4664
 	RESERVED
-CVE-2012-4663 (The DCERPC inspection engine on Cisco Adaptive Security Appliances ...)
+CVE-2012-4663
 	NOT-FOR-US: Cisco
-CVE-2012-4662 (The DCERPC inspection engine on Cisco Adaptive Security Appliances ...)
+CVE-2012-4662
 	NOT-FOR-US: Cisco
-CVE-2012-4661 (Stack-based buffer overflow in the DCERPC inspection engine on Cisco ...)
+CVE-2012-4661
 	NOT-FOR-US: Cisco
-CVE-2012-4660 (The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2012-4660
 	NOT-FOR-US: Cisco
-CVE-2012-4659 (The AAA functionality in the IPv4 SSL VPN implementations on Cisco ...)
+CVE-2012-4659
 	NOT-FOR-US: Cisco
-CVE-2012-4658 (The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows ...)
+CVE-2012-4658
 	NOT-FOR-US: Cisco IOS
 CVE-2012-4657
 	RESERVED
 CVE-2012-4656
 	RESERVED
-CVE-2012-4655 (The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not ...)
+CVE-2012-4655
 	NOT-FOR-US: Cisco Secure Desktop
 CVE-2012-4654
 	RESERVED
@@ -5034,7 +5034,7 @@ CVE-2012-4653
 	RESERVED
 CVE-2012-4652
 	RESERVED
-CVE-2012-4651 (Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote ...)
+CVE-2012-4651
 	NOT-FOR-US: Cisco IOS
 CVE-2012-4650
 	RESERVED
@@ -5050,7 +5050,7 @@ CVE-2012-4645
 	RESERVED
 CVE-2012-4644
 	RESERVED
-CVE-2012-4643 (The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 ...)
+CVE-2012-4643
 	NOT-FOR-US: Cisco
 CVE-2012-4642
 	RESERVED
@@ -5060,7 +5060,7 @@ CVE-2012-4640
 	RESERVED
 CVE-2012-4639
 	RESERVED
-CVE-2012-4638 (Cisco IOS before 15.1(1)SY allows local users to cause a denial of ...)
+CVE-2012-4638
 	NOT-FOR-US: Cisco IOS
 CVE-2012-4637
 	RESERVED
@@ -5078,7 +5078,7 @@ CVE-2012-4631
 	RESERVED
 CVE-2012-4630
 	RESERVED
-CVE-2012-4629 (The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for ...)
+CVE-2012-4629
 	NOT-FOR-US: Cisco ASA
 CVE-2012-4628
 	RESERVED
@@ -5090,104 +5090,104 @@ CVE-2012-4625
 	RESERVED
 CVE-2012-4624
 	RESERVED
-CVE-2012-4623 (The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 ...)
+CVE-2012-4623
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4622 (Cisco IOS XE 03.02.00.XO.15.0(2)XO on Catalyst 4500E series switches, ...)
+CVE-2012-4622
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4621 (The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote ...)
+CVE-2012-4621
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4620 (Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, ...)
+CVE-2012-4620
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4619 (The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 ...)
+CVE-2012-4619
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4618 (The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, ...)
+CVE-2012-4618
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4617 (The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, ...)
+CVE-2012-4617
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4616 (Directory traversal vulnerability in the Web UI in EMC Data Protection ...)
+CVE-2012-4616
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2012-4615 (EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a ...)
+CVE-2012-4615
 	NOT-FOR-US: EMC
-CVE-2012-4614 (The default configuration of EMC Smarts Network Configuration Manager ...)
+CVE-2012-4614
 	NOT-FOR-US: EMC
-CVE-2012-4613 (EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 ...)
+CVE-2012-4613
 	NOT-FOR-US: EMC RSA Data Protection Manager Appliance
-CVE-2012-4612 (Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection ...)
+CVE-2012-4612
 	NOT-FOR-US: EMC RSA Data Protection Manager Appliance
-CVE-2012-4611 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA ...)
+CVE-2012-4611
 	NOT-FOR-US: EMC
-CVE-2012-4610 (EMC Avamar Client for VMware 6.1 stores the cleartext server root ...)
+CVE-2012-4610
 	NOT-FOR-US: VMware
-CVE-2012-4609 (The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows ...)
+CVE-2012-4609
 	NOT-FOR-US: EMC RSA NetWitness Informer
-CVE-2012-4608 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
+CVE-2012-4608
 	NOT-FOR-US: EMC RSA NetWitness Informer
-CVE-2012-4607 (Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before ...)
+CVE-2012-4607
 	NOT-FOR-US: EMC NetWorker
-CVE-2012-4667 (Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x ...)
+CVE-2012-4667
 	- squidclamav <removed> (bug #685398)
 CVE-2012-4606
 	RESERVED
-CVE-2012-4605 (The default configuration of the SMTP component in Websense Email ...)
+CVE-2012-4605
 	NOT-FOR-US: Websense Email Security
-CVE-2012-4604 (The TRITON management console in Websense Web Security before 7.6 ...)
+CVE-2012-4604
 	NOT-FOR-US: Websense Web Security
 CVE-2012-4603
 	RESERVED
-CVE-2012-4602 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-4602
 	NOT-FOR-US: Nicola Asuni TCExam
-CVE-2012-4601 (Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before ...)
+CVE-2012-4601
 	NOT-FOR-US: Nicola Asuni TCExam
-CVE-2012-4600 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
+CVE-2012-4600
 	{DSA-2536-1}
 	- otrs2 3.1.7+dfsg1-5
-CVE-2012-4599 (McAfee SmartFilter Administration, and SmartFilter Administration Bess ...)
+CVE-2012-4599
 	NOT-FOR-US: McAfee SmartFilter Administration
-CVE-2012-4598 (An unspecified ActiveX control in McAfee Virtual Technician (MVT) ...)
+CVE-2012-4598
 	NOT-FOR-US: McAfee Virtual Technician
-CVE-2012-4597 (Cross-site scripting (XSS) vulnerability in McAfee Email and Web ...)
+CVE-2012-4597
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4596 (Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 ...)
+CVE-2012-4596
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2012-4595 (McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 ...)
+CVE-2012-4595
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4594 (McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote ...)
+CVE-2012-4594
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2012-4593 (McAfee Application Control and Change Control 5.1.x and 6.0.0 do not ...)
+CVE-2012-4593
 	NOT-FOR-US: McAfee Application Control and Change Control
-CVE-2012-4592 (The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 ...)
+CVE-2012-4592
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4591 (About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) ...)
+CVE-2012-4591
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4590 (Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in ...)
+CVE-2012-4590
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4589 (Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) ...)
+CVE-2012-4589
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4588 (McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server ...)
+CVE-2012-4588
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4587 (McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server ...)
+CVE-2012-4587
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4586 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 ...)
+CVE-2012-4586
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4585 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 ...)
+CVE-2012-4585
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4584 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 ...)
+CVE-2012-4584
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4583 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 ...)
+CVE-2012-4583
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4582 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 ...)
+CVE-2012-4582
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4581 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 ...)
+CVE-2012-4581
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4580 (Cross-site scripting (XSS) vulnerability in McAfee Email and Web ...)
+CVE-2012-4580
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4579 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2012-4579
 	- phpmyadmin 4:3.4.11.1-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2012-4578 (The geli encryption provider 7 before r239184 on FreeBSD 10 uses a ...)
+CVE-2012-4578
 	- freebsd-utils <not-affected> (only affects dev version of 10)
 	NOTE: not sure if the bug is in the userland tool or in the kernel device
-CVE-2012-4577 (The Linux firmware image on (1) Korenix Jetport 5600 series ...)
+CVE-2012-4577
 	NOT-FOR-US: Korenix Jetport 5600
 CVE-2012-4576 [freebsd privilege escalation]
 	RESERVED
@@ -5195,144 +5195,144 @@ CVE-2012-4576 [freebsd privilege escalation]
 	- kfreebsd-9 9.0-9 (bug #694097)
 	- kfreebsd-10 10.0~svn252032-1 (bug #694098)
 	[squeeze] - kfreebsd-8 8.1+dfsg-8+squeeze4
-CVE-2012-4575 (The add_database function in objects.c in the pgbouncer pooler 1.5.2 ...)
+CVE-2012-4575
 	- pgbouncer 1.5.2-4
 	[squeeze] - pgbouncer <no-dsa> (Minor issue)
-CVE-2012-4574 (Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions ...)
+CVE-2012-4574
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-4573 (The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex ...)
+CVE-2012-4573
 	- glance 2012.1.1-2 (bug #692641)
-CVE-2012-4572 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and ...)
+CVE-2012-4572
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-4571 (Python Keyring 0.9.1 does not securely initialize the cipher when ...)
+CVE-2012-4571
 	- python-keyring 0.9.2-1 (bug #675379)
 	[wheezy] - python-keyring 0.7.1-1+deb7u1
 	[squeeze] - python-keyring <no-dsa> (Minor issue)
-CVE-2012-4570 (SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in ...)
+CVE-2012-4570
 	- php-letodms-core 3.3.8-1
-CVE-2012-4569 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-4569
 	- letodms 3.3.9+dfsg-1
-CVE-2012-4568 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS ...)
+CVE-2012-4568
 	- letodms 3.3.9+dfsg-1
-CVE-2012-4567 (Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS ...)
+CVE-2012-4567
 	- letodms 3.3.9+dfsg-1
-CVE-2012-4566 (The DTLS support in radsecproxy before 1.6.2 does not properly verify ...)
+CVE-2012-4566
 	{DSA-2573-1}
 	- radsecproxy 1.6.2-1
-CVE-2012-4565 (The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux ...)
+CVE-2012-4565
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4564 (ppm2tiff does not check the return value of the TIFFScanlineSize ...)
+CVE-2012-4564
 	{DSA-2575-1}
 	- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
 	- tiff 4.0.2-5 (bug #692345)
-CVE-2012-4563 (Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) ...)
+CVE-2012-4563
 	- gwt <removed> (bug #691900)
 	[squeeze] - gwt <not-affected> (Vulnerable code not present)
-CVE-2012-4562 (Multiple integer overflows in libssh before 0.5.3 allow remote ...)
+CVE-2012-4562
 	{DSA-2577-1}
 	- libssh 0.5.3-1
-CVE-2012-4561 (The (1) publickey_make_dss, (2) publickey_make_rsa, (3) ...)
+CVE-2012-4561
 	{DSA-2577-1}
 	- libssh 0.5.3-1
-CVE-2012-4560 (Multiple buffer overflows in libssh before 0.5.3 allow remote ...)
+CVE-2012-4560
 	- libssh 0.5.3-1
 	[squeeze] - libssh <not-affected> (Vulnerable code not present)
-CVE-2012-4559 (Multiple double free vulnerabilities in the (1) agent_sign_data ...)
+CVE-2012-4559
 	{DSA-2577-1}
 	- libssh 0.5.3-1
-CVE-2012-4558 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-4558
 	{DSA-2637-1}
 	- apache2 2.2.22-13 (low)
-CVE-2012-4557 (The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through ...)
+CVE-2012-4557
 	{DSA-2579-1}
 	- apache2 2.2.22-1
-CVE-2012-4556 (The token processing system (pki-tps) in Red Hat Certificate System ...)
+CVE-2012-4556
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-4555 (The token processing system (pki-tps) in Red Hat Certificate System ...)
+CVE-2012-4555
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-4554 (The OpenID module in Drupal 7.x before 7.16 allows remote OpenID ...)
+CVE-2012-4554
 	- drupal7 7.14-1.1 (bug #690817)
 	- drupal6 <not-affected> (according to upstream)
 	NOTE: http://drupal.org/node/1815912
-CVE-2012-4553 (Drupal 7.x before 7.16 allows remote attackers to obtain sensitive ...)
+CVE-2012-4553
 	- drupal7 7.14-1.1 (bug #690817)
 	- drupal6 <not-affected> (according to upstream)
 	NOTE: http://drupal.org/node/1815912
-CVE-2012-4552 (Stack-based buffer overflow in the error function in ssg/ssgParser.cxx ...)
+CVE-2012-4552
 	- plib 1.8.5-6 (low; bug #694810)
 	[squeeze] - plib <no-dsa> (Minor issue)
-CVE-2012-4551 (Use-after-free vulnerability in libunity-webapps before 2.4.1 allows ...)
+CVE-2012-4551
 	NOT-FOR-US: libunity-webapps
-CVE-2012-4550 (JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before ...)
+CVE-2012-4550
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-4549 (The processInvocation function in ...)
+CVE-2012-4549
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-4548 (Argument injection vulnerability in syntax-highlighting.sh in cgit ...)
+CVE-2012-4548
 	- cgit <not-affected> (Fixed before the initial upload into the archive)
-CVE-2012-4547 (Unspecified vulnerability in awredir.pl in AWStats before 7.1 has ...)
+CVE-2012-4547
 	- awstats <not-affected>
 	NOTE: awredir.pl is not installed into the binary package
-CVE-2012-4546 (The default configuration for IPA servers in Red Hat Enterprise Linux ...)
+CVE-2012-4546
 	NOT-FOR-US: FreeIPA
-CVE-2012-4545 (The http_negotiate_create_context function in ...)
+CVE-2012-4545
 	{DSA-2592-1}
 	- elinks 0.12~pre5-9
-CVE-2012-4544 (The PV domain builder in Xen 4.2 and earlier does not validate the ...)
+CVE-2012-4544
 	{DSA-2636-1}
 	- xen 4.1.3-4 (low; bug #688125)
-CVE-2012-4543 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat ...)
+CVE-2012-4543
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-4542 (block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly ...)
+CVE-2012-4542
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	NOTE: No upstream fix seems to be planned/treated as non-issue. Marking as unimportant
-CVE-2012-4541 (Cross-site scripting (XSS) vulnerability in Piwik before 1.9 allows ...)
+CVE-2012-4541
 	- piwik <itp> (bug #506933)
-CVE-2012-4540 (Off-by-one error in the invoke function in ...)
+CVE-2012-4540
 	{DSA-2768-1}
 	- icedtea-web 1.3.1-1 (bug #692608)
 	NOTE: http://seclists.org/oss-sec/2012/q4/237
-CVE-2012-4539 (Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit ...)
+CVE-2012-4539
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4538 (The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not ...)
+CVE-2012-4538
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4537 (Xen 3.4 through 4.2, and possibly earlier versions, does not properly ...)
+CVE-2012-4537
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4536 (The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in ...)
+CVE-2012-4536
 	- xen 4.1.3-4
 	[squeeze] - xen <not-affected> (Only affects 4.1.x)
-CVE-2012-4535 (Xen 3.4 through 4.2, and possibly earlier versions, allows local guest ...)
+CVE-2012-4535
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4534 (org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x ...)
+CVE-2012-4534
 	- tomcat7 7.0.28-1 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
-CVE-2012-4533 (Cross-site scripting (XSS) vulnerability in the &quot;extra&quot; details in the ...)
+CVE-2012-4533
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.4 (low; bug #691062)
-CVE-2012-4532 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-4532
 	NOT-FOR-US: Joomla addon
-CVE-2012-4531 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 ...)
+CVE-2012-4531
 	NOT-FOR-US: Joomla!
-CVE-2012-4530 (The load_script function in fs/binfmt_script.c in the Linux kernel ...)
+CVE-2012-4530
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4529 (The org.apache.catalina.connector.Response.encodeURL method in Red Hat ...)
+CVE-2012-4529
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-4528 (The mod_security2 module before 2.7.0 for the Apache HTTP Server ...)
+CVE-2012-4528
 	- modsecurity-apache 2.6.6-5 (bug #691146)
 	- libapache-mod-security <removed>
 	[squeeze] - libapache-mod-security <no-dsa> (Minor issue)
-CVE-2012-4527 (Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows ...)
+CVE-2012-4527
 	- mcrypt 2.6.8-1.3 (unimportant; bug #690924)
 	NOTE: patch proposed by submitter at RH bugzilla is incorrect
 	NOTE: Only occurs in cmdline parsing, no priv escalation. Only a security issue in constructed setups
@@ -5347,38 +5347,38 @@ CVE-2012-4525 [XSS in password.php]
 CVE-2012-4524 [xlockmore bypass]
 	RESERVED
 	- xlockmore <removed> (low)
-CVE-2012-4523 (radsecproxy before 1.6.1 does not properly verify certificates when ...)
+CVE-2012-4523
 	{DSA-2573-1}
 	- radsecproxy 1.6.2-1
-CVE-2012-4522 (The rb_get_path_check function in file.c in Ruby 1.9.3 before ...)
+CVE-2012-4522
 	{DLA-235-1}
 	- ruby1.8 <not-affected> (Only affects 1.9.x, see bug #690670)
 	- ruby1.9.1 1.9.3.194-3 (bug #690670)
 CVE-2012-4521 [rejected dupe assignment]
 	REJECTED
-CVE-2012-4520 (The django.http.HttpRequest.get_host function in Django 1.3.x before ...)
+CVE-2012-4520
 	{DSA-2634-1}
 	- python-django 1.4.2-1 (bug #691145)
 CVE-2012-4519
 	RESERVED
 	NOT-FOR-US: Zenphoto
-CVE-2012-4518 (ibacm 1.0.7 creates files with world-writable permissions, which ...)
+CVE-2012-4518
 	NOT-FOR-US: ibacm
-CVE-2012-4517 (ibacm before 1.0.6 does not properly manage reference counts for ...)
+CVE-2012-4517
 	NOT-FOR-US: ibacm
-CVE-2012-4516 (librdmacm 1.0.16, when ibacm.port is not specified, connects to port ...)
+CVE-2012-4516
 	- librdmacm 1.0.16-1 (bug #690672)
 	[squeeze] - librdmacm <not-affected> (Introduced in 1.0.12)
 	[wheezy] - librdmacm 1.0.15-1+deb7u1
-CVE-2012-4515 (Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in ...)
+CVE-2012-4515
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
-CVE-2012-4514 (rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows ...)
+CVE-2012-4514
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
-CVE-2012-4513 (khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows ...)
+CVE-2012-4513
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
@@ -5387,190 +5387,190 @@ CVE-2012-4512
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
-CVE-2012-4511 (services/flickr/flickr.c in libsocialweb before 0.25.21 automatically ...)
+CVE-2012-4511
 	- libsocialweb 0.25.20-3.1 (low; bug #690675)
 	[wheezy] - libsocialweb 0.25.20-2.1
-CVE-2012-4510 (cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile ...)
+CVE-2012-4510
 	{DSA-2562-1}
 	- cups-pk-helper 0.2.3-1
 CVE-2012-4509
 	RESERVED
-CVE-2012-4508 (Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 ...)
+CVE-2012-4508
 	{DSA-2668-1}
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
-CVE-2012-4507 (The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 ...)
+CVE-2012-4507
 	- claws-mail 3.8.1-2 (low; bug #690151)
 	[squeeze] - claws-mail 3.7.6-4+squeeze1
 	NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743
 	NOTE: www.thewildbeast.co.uk/claws-mail/bugzilla/attachment.cgi?id=1165
-CVE-2012-4506 (Directory traversal vulnerability in gitolite 3.x before 3.1, when ...)
+CVE-2012-4506
 	- gitolite <not-affected> (Only affects 3.x releases)
 	NOTE: https://groups.google.com/forum/#!topic/gitolite/K9SnQNhCQ-0/discussion
 	NOTE: https://github.com/sitaramc/gitolite/commit/f636ce3ba3e340569b26d1e47b9d9b62dd8a3bf2
-CVE-2012-4505 (Heap-based buffer overflow in the px_pac_reload function in lib/pac.c ...)
+CVE-2012-4505
 	{DSA-2571-1}
 	- libproxy 0.3.1-5.1 (bug #690376)
-CVE-2012-4504 (Stack-based buffer overflow in the url::get_pac function in url.cpp in ...)
+CVE-2012-4504
 	- libproxy <not-affected> (Vulnerable code not present)
 	NOTE: 0.4-only issue, fixed in newest upstream 0.4.9
-CVE-2012-4503 (cmdmon.c in Chrony before 1.29 allows remote attackers to obtain ...)
+CVE-2012-4503
 	{DSA-2760-1}
 	- chrony 1.29-1 (bug #719203)
-CVE-2012-4502 (Multiple integer overflows in pktlength.c in Chrony before 1.29 allow ...)
+CVE-2012-4502
 	{DSA-2760-1}
 	- chrony 1.29-1 (bug #719203)
-CVE-2012-4501 (Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows ...)
+CVE-2012-4501
 	NOT-FOR-US: CloudStack
-CVE-2012-4500 (The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows ...)
+CVE-2012-4500
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4499 (The contact formatter page in the Email Field module 6.x-1.x before ...)
+CVE-2012-4499
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4498 (The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not ...)
+CVE-2012-4498
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4497 (Cross-site scripting (XSS) vulnerability in the &quot;3 slide gallery&quot; in ...)
+CVE-2012-4497
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4496 (Cross-site scripting (XSS) vulnerability in the Custom Publishing ...)
+CVE-2012-4496
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4495 (The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not ...)
+CVE-2012-4495
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4494 (The Shibboleth authentication module 7.x-4.0 for Drupal does not ...)
+CVE-2012-4494
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4493 (Cross-site scripting (XSS) vulnerability in the administrative ...)
+CVE-2012-4493
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4492 (Multiple cross-site scripting (XSS) vulnerabilities in the Shorten ...)
+CVE-2012-4492
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4491 (The Monthly Archive by Node Type module 6.x for Drupal does not ...)
+CVE-2012-4491
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4490 (Multiple cross-site scripting (XSS) vulnerabilities in the Excluded ...)
+CVE-2012-4490
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4489 (Open redirect vulnerability in the securelogin_secure_redirect ...)
+CVE-2012-4489
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4488 (The Location module 6.x before 6.x-3.2 and 7.x before 7.x-3.0-alpha1 ...)
+CVE-2012-4488
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4487 (The Subuser module before 6.x-1.8 for Drupal does not properly check ...)
+CVE-2012-4487
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4486 (Cross-site request forgery (CSRF) vulnerability in the Subuser module ...)
+CVE-2012-4486
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4485 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-4485
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4484 (Cross-site scripting (XSS) vulnerability in the administrative ...)
+CVE-2012-4484
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4483 (The commons_discussion_views_default_views function in ...)
+CVE-2012-4483
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4482 (The Ubercart SecureTrading Payment Method module 6.x for Drupal does ...)
+CVE-2012-4482
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4481 (The safe-level feature in Ruby 1.8.7 allows context-dependent ...)
+CVE-2012-4481
 	- ruby1.8 1.8.7.358-5 (bug #689945)
 	[squeeze] - ruby1.8 <not-affected> (problematic code not present)
 CVE-2012-4480
 	RESERVED
 	NOT-FOR-US: mom
-CVE-2012-4479 (SQL injection vulnerability in the Drag &amp; Drop Gallery module 6.x for ...)
+CVE-2012-4479
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4478 (Cross-site request forgery (CSRF) vulnerability in the Drag &amp; Drop ...)
+CVE-2012-4478
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4477 (Unspecified vulnerability in the Drag &amp; Drop Gallery module 6.x for ...)
+CVE-2012-4477
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4476 (Cross-site scripting (XSS) vulnerability in the Drag &amp; Drop Gallery ...)
+CVE-2012-4476
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4475 (The Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and ...)
+CVE-2012-4475
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4474 (Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox ...)
+CVE-2012-4474
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4473 (The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal ...)
+CVE-2012-4473
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4472 (Unrestricted file upload vulnerability in upload.php in the Drag &amp; ...)
+CVE-2012-4472
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4471 (The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does ...)
+CVE-2012-4471
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4470 (The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not ...)
+CVE-2012-4470
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4469 (Cross-site scripting (XSS) vulnerability in the Hashcash module ...)
+CVE-2012-4469
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4468 (Cross-site scripting (XSS) vulnerability in the Privatemsg module ...)
+CVE-2012-4468
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4467 (The (1) do_siocgstamp and (2) do_siocgstampns functions in ...)
+CVE-2012-4467
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.3)
 	- linux <not-affected> (Vulnerable code introduced in 3.3)
-CVE-2012-4466 (Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 ...)
+CVE-2012-4466
 	- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
 	[squeeze] - ruby1.9.1 <not-affected> (Minor issue, please recheck)
-CVE-2012-4465 (Heap-based buffer overflow in the substr function in parsing.c in cgit ...)
+CVE-2012-4465
 	- cgit <not-affected> (Fixed before the initial upload into the archive)
-CVE-2012-4464 (Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows ...)
+CVE-2012-4464
 	- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
 	[squeeze] - ruby1.9.1 <not-affected> (Introduced in 1.9.3)
-CVE-2012-4463 (Midnight Commander (mc) 4.8.5 does not properly handle the (1) ...)
+CVE-2012-4463
 	- mc 3:4.8.8-1 (low; bug #689571)
 	[wheezy] - mc <no-dsa> (Minor issue)
 	[squeeze] - mc <no-dsa> (Minor issue)
-CVE-2012-4462 (aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, ...)
+CVE-2012-4462
 	- condor <not-affected> (This bug only affects the Aviary contrib module, which isn't built in the Debian condor package, #690556)
-CVE-2012-4461 (The KVM subsystem in the Linux kernel before 3.6.9, when running on ...)
+CVE-2012-4461
 	{DSA-2668-1}
 	- linux-2.6 <removed>
 	- linux 3.2.35-1
-CVE-2012-4460 (The serializing/deserializing functions in the qpid::framing::Buffer ...)
+CVE-2012-4460
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4459 (Integer overflow in the qpid::framing::Buffer::checkAvailable function ...)
+CVE-2012-4459
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4458 (The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote ...)
+CVE-2012-4458
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4457 (OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 ...)
+CVE-2012-4457
 	- keystone 2012.1.1-9 (bug #689210)
-CVE-2012-4456 (The (1) OS-KSADM/services and (2) tenant APIs in OpenStack Keystone ...)
+CVE-2012-4456
 	- keystone 2012.1.1-9 (bug #689210)
-CVE-2012-4455 (openCryptoki 2.4.1 allows local users to create or set world-writable ...)
+CVE-2012-4455
 	- opencryptoki 3.4.1+dfsg-1 (low; bug #689417)
 	[jessie] - opencryptoki <no-dsa> (Minor issue)
 	[squeeze] - opencryptoki <no-dsa> (Minor issue)
 	[wheezy] - opencryptoki <no-dsa> (Minor issue)
-CVE-2012-4454 (openCryptoki before 2.4.1, when using spinlocks, allows local users to ...)
+CVE-2012-4454
 	- opencryptoki 3.4.1+dfsg-1 (low; bug #689417)
 	[jessie] - opencryptoki <no-dsa> (Minor issue)
 	[squeeze] - opencryptoki <no-dsa> (Minor issue)
 	[wheezy] - opencryptoki <no-dsa> (Minor issue)
-CVE-2012-4453 (dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 ...)
+CVE-2012-4453
 	- dracut 020-1.1 (low; bug #688956)
 	[squeeze] - dracut <no-dsa> (Minor issue)
-CVE-2012-4452 (MySQL 5.0.88, and possibly other versions and platforms, allows local ...)
+CVE-2012-4452
 	- mysql-dfsg-5.0 <not-affected> (Debian never included that 5.0.88 release)
 CVE-2012-4451 [php-ZendFramework: XSS vectors in multiple Zend Framework components ZF2012-03]
 	RESERVED
 	- zendframework <not-affected> (Vulnerable code introduced in 2.x, #688946)
-CVE-2012-4450 (389 Directory Server 1.2.10 does not properly update the ACL when a DN ...)
+CVE-2012-4450
 	- 389-ds-base 1.2.11.15-1 (bug #688942)
 	NOTE: Upstream ticket https://fedorahosted.org/389/ticket/340
 	NOTE: Upstream patch http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09
-CVE-2012-4449 (Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 ...)
+CVE-2012-4449
 	- hadoop <itp> (bug #793644)
-CVE-2012-4448 (Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php ...)
+CVE-2012-4448
 	- wordpress 3.5.1+dfsg-2 (low; bug #689031)
 	[squeeze] - wordpress <no-dsa> (Minor issue)
 	[wheezy] - wordpress <no-dsa> (Minor issue)
-CVE-2012-4447 (Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 ...)
+CVE-2012-4447
 	{DSA-2561-1}
 	- tiff 4.0.2-4 (bug #688944)
 	- tiff3 3.9.6-9 (bug #688944)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=860198
-CVE-2012-4446 (The default configuration for Apache Qpid 0.20 and earlier, when the ...)
+CVE-2012-4446
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4445 (Heap-based buffer overflow in the eap_server_tls_process_fragment ...)
+CVE-2012-4445
 	{DSA-2557-1}
 	- hostapd <removed>
 	- wpa 1.0-3 (bug #689990)
-CVE-2012-4444 (The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux ...)
+CVE-2012-4444
 	- linux 2.6.36-1~experimental.1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4443 (Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of ...)
+CVE-2012-4443
 	- monkey <removed> (unimportant; bug #688008)
-CVE-2012-4442 (Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the ...)
+CVE-2012-4442
 	- monkey <removed> (unimportant; bug #688007)
 CVE-2012-4441 [jenkins XSS in CI game plugin]
 	RESERVED
@@ -5588,7 +5588,7 @@ CVE-2012-4438 [jenkins remote code execution]
 	RESERVED
 	- jenkins 1.447.2+dfsg-2 (bug #688298)
 	NOTE: http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
-CVE-2012-4437 (Cross-site scripting (XSS) vulnerability in the SmartyException class ...)
+CVE-2012-4437
 	- smarty3 3.1.10-2 (bug #688153)
 	- smarty <removed> (bug #702710)
 	[squeeze] - smarty 2.6.26-0.2+squeeze1
@@ -5598,13 +5598,13 @@ CVE-2012-4437 (Cross-site scripting (XSS) vulnerability in the SmartyException c
 	NOTE: http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt
 	NOTE: http://code.google.com/p/smarty-php/source/detail?r=4658
 	NOTE: https://code.google.com/p/smarty-php/source/detail?r=4660
-CVE-2012-4436 (Buffer overflow in the run_last_args function in client/fwknop.c in ...)
+CVE-2012-4436
 	- fwknop 2.0.3-1 (bug #688151)
 	[squeeze] - fwknop <not-affected> (Vulnerable code not present)
 	[wheezy] - fwknop 2.0.0rc2-2+deb7u1
 	NOTE: http://seclists.org/oss-sec/2012/q3/509
 	NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=a60f05ad44e824f6230b22f8976399340cb535dc
-CVE-2012-4435 (fwknop before 2.0.3 does not properly validate IP addresses, which ...)
+CVE-2012-4435
 	- fwknop 2.0.3-1 (bug #688151)
 	[squeeze] - fwknop <not-affected> (Vulnerable code not present)
 	[wheezy] - fwknop 2.0.0rc2-2+deb7u1
@@ -5617,23 +5617,23 @@ CVE-2012-4434 [fwknop 2.0.3: multiple DoS / code execution flaw]
 	[wheezy] - fwknop 2.0.0rc2-2+deb7u1
 	NOTE: http://seclists.org/oss-sec/2012/q3/509
 	NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=d46ba1c027a11e45821ba897a4928819bccc8f22
-CVE-2012-4433 (Multiple integer overflows in operations/external/ppm-load.c in GEGL ...)
+CVE-2012-4433
 	- gegl 0.2.0-2+nmu1 (bug #692435)
 	[squeeze] - gegl <not-affected> (PPM code not yet present)
 	NOTE: http://seclists.org/oss-sec/2012/q4/215
-CVE-2012-4432 (Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x ...)
+CVE-2012-4432
 	- optipng <not-affected> (Introduced in 0.7, bug #687998)
-CVE-2012-4431 (org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat ...)
+CVE-2012-4431
 	- tomcat7 7.0.28-4 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
-CVE-2012-4430 (The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 ...)
+CVE-2012-4430
 	{DSA-2558-1}
 	- bacula 5.2.6+dfsg-4 (bug #687923)
 	[wheezy] - bacula 5.2.6+dfsg-2.1
 	NOTE: http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905
-CVE-2012-4429 (Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read ...)
+CVE-2012-4429
 	- vino 3.8.1-1 (bug #687596; low)
 	[squeeze] - vino <no-dsa> (Minor issue)
 	[wheezy] - vino <no-dsa> (Minor issue)
@@ -5643,142 +5643,142 @@ CVE-2012-4428
 	- openslp-dfsg 1.2.1-10 (bug #687597; low)
 	[squeeze] - openslp-dfsg <no-dsa> (Minor issue)
 	[wheezy] - openslp-dfsg <no-dsa> (Minor issue)
-CVE-2012-4427 (The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force ...)
+CVE-2012-4427
 	- gnome-shell <unfixed> (unimportant)
 	NOTE: I don't see much of a problem here, if you install from a repo, you need to trust it
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=684215
 	NOTE: As far as I can see there is still a yes/no prompt for the user. I suggest unfixed unimportant. -- helmut
-CVE-2012-4426 (Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier ...)
+CVE-2012-4426
 	- mcrypt 2.6.8-1.1
 	[squeeze] - mcrypt <no-dsa> (minor issue, it doesn't affect libmcrypt)
-CVE-2012-4425 (libgio, when used in setuid or other privileged programs in spice-gtk ...)
+CVE-2012-4425
 	- spice-gtk 0.12-5 (bug #689155)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/18
-CVE-2012-4424 (Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library ...)
+CVE-2012-4424
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-94 (low; bug #689423)
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2012-4423 (The virNetServerProgramDispatchCall function in libvirt before 0.10.2 ...)
+CVE-2012-4423
 	- libvirt 0.9.12-5 (bug #687598)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=857133
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/11
-CVE-2012-4422 (wp-admin/plugins.php in WordPress before 3.4.2, when the multisite ...)
+CVE-2012-4422
 	- wordpress 3.4.2+dfsg-1
-CVE-2012-4421 (The create_post function in wp-includes/class-wp-atom-server.php in ...)
+CVE-2012-4421
 	- wordpress 3.4.2+dfsg-1
 CVE-2012-4420 [Duplicate of CVE-2012-4416]
 	RESERVED
 	NOT-FOR-US: Duplicate of CVE-2012-4416
-CVE-2012-4419 (The compare_tor_addr_to_addr_policy function in or/policies.c in Tor ...)
+CVE-2012-4419
 	{DSA-2548-1}
 	- tor 0.2.3.22-rc-1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/5
 	NOTE: https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes
 	NOTE: https://gitweb.torproject.org/tor.git/commitdiff/973c18bf0e84d14d8006a9ae97fde7f7fb97e404
 	NOTE: https://gitweb.torproject.org/tor.git/commitdiff/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5
-CVE-2012-4418 (Apache Axis2 allows remote attackers to forge messages and bypass ...)
+CVE-2012-4418
 	NOT-FOR-US: We only provide Axis 1(Java) and the C-version of Axis
-CVE-2012-4417 (GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local ...)
+CVE-2012-4417
 	- glusterfs 3.2.7-5 (low; bug #693112)
 	[wheezy] - glusterfs <no-dsa> (Minor issue)
 	[squeeze] - glusterfs <no-dsa> (Minor issue)
-CVE-2012-4416 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-4416
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
-CVE-2012-4415 (Stack-based buffer overflow in the guac_client_plugin_open function in ...)
+CVE-2012-4415
 	- libguac 0.6.0-2 (medium)
 	NOTE: maintainer contacted us, working on update
 	NOTE: http://guac-dev.org/trac/changeset/7dcefa744b4a38825619c00ae8b47e5bae6e38c0/libguac
-CVE-2012-4414 (Multiple SQL injection vulnerabilities in the replication code in ...)
+CVE-2012-4414
 	- mysql-5.1 5.1.72-1 (low; bug #687484)
 	[squeeze] - mysql-5.1 <no-dsa> (Minor issue, currently not fixed in MySQL, can be included once fixed in 5.1.x)
 	- mysql-5.5 5.5.30+dfsg-1 (bug #687485)
-CVE-2012-4413 (OpenStack Keystone 2012.1.3 does not invalidate existing tokens when ...)
+CVE-2012-4413
 	- keystone 2012.1.1-6 (bug #687428)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/7
-CVE-2012-4412 (Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc ...)
+CVE-2012-4412
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-94 (low; bug #687530)
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2012-4411 (The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest ...)
+CVE-2012-4411
 	{DSA-2543-1}
 	- xen 4.1.3-2
 	- xen-qemu-dm-4.0 <removed>
 	[squeeze] - xen <not-affected> (In Squeeze the code is in the package xen-qemu-dm-4.0)
-CVE-2012-4409 (Stack-based buffer overflow in the check_file_head function in extra.c ...)
+CVE-2012-4409
 	- mcrypt 2.6.8-1.1
 	[squeeze] - mcrypt <no-dsa> (minor issue, it doesn't affect libmcrypt)
 	NOTE: http://packetstormsecurity.org/files/116268/mcrypt-2.6.8-Buffer-Overflow-Proof-Of-Concept.html
-CVE-2012-4408 (course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and ...)
+CVE-2012-4408
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-4407 (lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and ...)
+CVE-2012-4407
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-4406 (OpenStack Object Storage (swift) before 1.7.0 uses the loads function ...)
+CVE-2012-4406
 	- swift 1.4.8-2 (bug #686812)
-CVE-2012-4405 (Multiple integer underflows in the icmLut_allocate function in ...)
+CVE-2012-4405
 	{DSA-2595-1}
 	- argyll 1.4.0-7 (bug #687275)
 	[squeeze] - argyll <no-dsa> (Only standalone binary in squeeze, minor impact)
 	- ghostscript 9.05~dfsg-6.1 (bug #687274)
-CVE-2012-4404 (security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly ...)
+CVE-2012-4404
 	{DSA-2538-1}
 	- moin 1.9.4-8
 	NOTE: http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16
-CVE-2012-4403 (theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly ...)
+CVE-2012-4403
 	- moodle <not-affected> (Only affects >= 2.3)
-CVE-2012-4402 (webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, ...)
+CVE-2012-4402
 	- moodle 2.2.3.dfsg-2.3 (bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-4401 (Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote ...)
+CVE-2012-4401
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-4400 (repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x ...)
+CVE-2012-4400
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-4399 (The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 ...)
+CVE-2012-4399
 	- cakephp <not-affected> (Does not affect 1.3)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/101
 	NOTE: http://web.archive.org/web/20140822011643/http://bakery.cakephp.org:80/articles/markstory/2012/07/14/security_release_-_cakephp_2_1_5_2_2_1
-CVE-2012-4398 (The __request_module function in kernel/kmod.c in the Linux kernel ...)
+CVE-2012-4398
 	- linux 3.2.35-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4397 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2012-4397
 	- owncloud 4.0.1debian-1
-CVE-2012-4396 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2012-4396
 	- owncloud 4.0.2debian-1
-CVE-2012-4395 (Cross-site scripting (XSS) vulnerability in index.php in ownCloud ...)
+CVE-2012-4395
 	- owncloud 4.0.3debian-1
-CVE-2012-4394 (Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js ...)
+CVE-2012-4394
 	- owncloud 4.0.5debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4393 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
+CVE-2012-4393
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4392 (index.php in ownCloud 4.0.7 does not properly validate the oc_token ...)
+CVE-2012-4392
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4391 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-4391
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4390 ((1) apps/calendar/appinfo/remote.php and (2) ...)
+CVE-2012-4390
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4389 (Incomplete blacklist vulnerability in lib/migrate.php in ownCloud ...)
+CVE-2012-4389
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4388 (The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through ...)
+CVE-2012-4388
 	- php5 5.4.1~rc1-1
 	[squeeze] - php5 <not-affected> (CVE-2011-1398 was never fixed in squeeze)
-CVE-2012-4387 (Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a ...)
+CVE-2012-4387
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 	NOTE: http://struts.apache.org/2.x/docs/s2-011.html
-CVE-2012-4386 (The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does ...)
+CVE-2012-4386
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 	NOTE: http://struts.apache.org/2.x/docs/s2-010.html
 CVE-2012-4385 [letodms CSRF]
@@ -5790,7 +5790,7 @@ CVE-2012-4384 [letodms XSS]
 CVE-2012-4383
 	RESERVED
 	NOT-FOR-US: Contao
-CVE-2012-4382 (MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly ...)
+CVE-2012-4382
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39823
@@ -5801,22 +5801,22 @@ CVE-2012-4381 [Passwords were stored in local DB even if auth systems like LDAP
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39184
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4380 (MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote ...)
+CVE-2012-4380
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39824
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4379 (MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a ...)
+CVE-2012-4379
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39180
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4378 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki ...)
+CVE-2012-4378
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=37587
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4377 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 ...)
+CVE-2012-4377
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <not-affected> (Introduced in 1.16)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39700
@@ -5841,93 +5841,93 @@ CVE-2012-4368
 	RESERVED
 CVE-2012-4367
 	RESERVED
-CVE-2012-4366 (Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model ...)
+CVE-2012-4366
 	NOT-FOR-US: Belkin wireless routers
 CVE-2012-4365
 	RESERVED
 CVE-2012-4364
 	RESERVED
-CVE-2012-4363 (Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 ...)
+CVE-2012-4363
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4362 (hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has ...)
+CVE-2012-4362
 	NOT-FOR-US: HP Virtual SAN Appliance
-CVE-2012-4361 (lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN ...)
+CVE-2012-4361
 	NOT-FOR-US: HP Virtual SAN Appliance
-CVE-2012-4360 (Cross-site scripting (XSS) vulnerability in the mod_pagespeed module ...)
+CVE-2012-4360
 	NOT-FOR-US: mod_pagespeed
-CVE-2012-4359 (Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA ...)
+CVE-2012-4359
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4358 (Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA ...)
+CVE-2012-4358
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4357 (Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 ...)
+CVE-2012-4357
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4356 (Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog ...)
+CVE-2012-4356
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4355 (TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and ...)
+CVE-2012-4355
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4354 (TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and ...)
+CVE-2012-4354
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4353 (Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog ...)
+CVE-2012-4353
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4352 (Multiple cross-site scripting (XSS) vulnerabilities in Stoneware ...)
+CVE-2012-4352
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-4351 (Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and ...)
+CVE-2012-4351
 	NOT-FOR-US: Symantec
-CVE-2012-4350 (Multiple unquoted Windows search path vulnerabilities in the (1) ...)
+CVE-2012-4350
 	NOT-FOR-US: Symantec Enterprise Security Manager
-CVE-2012-4349 (Unquoted Windows search path vulnerability in Symantec Network Access ...)
+CVE-2012-4349
 	NOT-FOR-US: Symantec Network Access Control
-CVE-2012-4348 (The management console in Symantec Endpoint Protection (SEP) 11.0 ...)
+CVE-2012-4348
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-4347 (Multiple directory traversal vulnerabilities in the management console ...)
+CVE-2012-4347
 	NOT-FOR-US: Symantec
 CVE-2012-4346
 	RESERVED
-CVE-2012-4345 (Multiple cross-site scripting (XSS) vulnerabilities in the Database ...)
+CVE-2012-4345
 	- phpmyadmin 4:3.4.11.1-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2012-4344 (Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold ...)
+CVE-2012-4344
 	NOT-FOR-US: Ipswitch
-CVE-2012-4343 (Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow ...)
+CVE-2012-4343
 	- gallery3 <itp> (bug #511715)
-CVE-2012-4342 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 ...)
+CVE-2012-4342
 	- gallery3 <itp> (bug #511715)
-CVE-2012-4341 (Multiple stack-based buffer overflows in msg_server.exe in SAP ...)
+CVE-2012-4341
 	NOT-FOR-US: SAP NetWeaver ABAP
-CVE-2012-4340 (Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 ...)
+CVE-2012-4340
 	NOT-FOR-US: Sybase
 CVE-2012-4339
 	RESERVED
 CVE-2012-4338
 	RESERVED
-CVE-2012-4337 (Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote ...)
+CVE-2012-4337
 	NOT-FOR-US: Foxit Reader
-CVE-2012-4336 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2012-4336
 	NOT-FOR-US: Flogr 2.5.6
-CVE-2012-4335 (Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a ...)
+CVE-2012-4335
 	NOT-FOR-US: Samsung NET-i
-CVE-2012-4334 (The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) ...)
+CVE-2012-4334
 	NOT-FOR-US: Samsung NET-i
-CVE-2012-4333 (Multiple stack-based buffer overflows in the BackupToAvi method in the ...)
+CVE-2012-4333
 	NOT-FOR-US: Samsung NET-i
-CVE-2012-4332 (The ShareYourCart plugin 1.7.1 for WordPress allows remote attackers ...)
+CVE-2012-4332
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-4331 (Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x ...)
+CVE-2012-4331
 	{DSA-2461-1}
 	- spip 2.1.13-1
-CVE-2012-4330 (The Samsung D6000 TV and possibly other products allows remote ...)
+CVE-2012-4330
 	NOT-FOR-US: Samsung D6000 TV
-CVE-2012-4329 (The Samsung D6000 TV and possibly other products allow remote ...)
+CVE-2012-4329
 	NOT-FOR-US: Samsung D6000 TV
-CVE-2012-4328 (Unspecified vulnerability in the MAPI in vBulletin Suite 4.1.2 through ...)
+CVE-2012-4328
 	NOT-FOR-US: vBulletin
-CVE-2012-4327 (Unspecified vulnerability in the Image News slider plugin before 3.3 ...)
+CVE-2012-4327
 	NOT-FOR-US: Image News slider plugin for WordPress
-CVE-2012-4326 (Cross-site request forgery (CSRF) vulnerability in commonsettings.php ...)
+CVE-2012-4326
 	NOT-FOR-US: AlstraSoft Site Uptime Enterprise
-CVE-2012-4325 (Cross-site request forgery (CSRF) vulnerability in upload/users.php in ...)
+CVE-2012-4325
 	NOT-FOR-US: Utopia News Pro
-CVE-2012-4324 (Cross-site request forgery (CSRF) vulnerability in PHPJabbers Vacation ...)
+CVE-2012-4324
 	NOT-FOR-US: PHPJabbers Vacation Rental Script
 CVE-2012-4323
 	RESERVED
@@ -5965,184 +5965,184 @@ CVE-2012-4307
 	RESERVED
 CVE-2012-4306
 	RESERVED
-CVE-2012-4305 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2012-4305
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2012-4304
 	RESERVED
-CVE-2012-4303 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2012-4303
 	NOT-FOR-US: Oracle Fusion
 CVE-2012-4302
 	RESERVED
-CVE-2012-4301 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2012-4301
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2012-4300
 	RESERVED
 CVE-2012-4299
 	RESERVED
-CVE-2012-4298 (Integer signedness error in the vwr_read_rec_data_ethernet function in ...)
+CVE-2012-4298
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4297 (Buffer overflow in the dissect_gsm_rlcmac_downlink function in ...)
+CVE-2012-4297
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.6.x and 1.8.x)
-CVE-2012-4296 (Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 ...)
+CVE-2012-4296
 	{DSA-2590-1}
 	- wireshark 1.8.2-1
-CVE-2012-4295 (Array index error in the channelised_fill_sdh_g707_format function in ...)
+CVE-2012-4295
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4294 (Buffer overflow in the channelised_fill_sdh_g707_format function in ...)
+CVE-2012-4294
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4293 (plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in ...)
+CVE-2012-4293
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4292 (The dissect_stun_message function in epan/dissectors/packet-stun.c in ...)
+CVE-2012-4292
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4291 (The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...)
+CVE-2012-4291
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4290 (The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...)
+CVE-2012-4290
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4289 (epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x ...)
+CVE-2012-4289
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4288 (Integer overflow in the dissect_xtp_ecntl function in ...)
+CVE-2012-4288
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4287 (epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark ...)
+CVE-2012-4287
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4286 (The pcapng_read_packet_block function in wiretap/pcapng.c in the ...)
+CVE-2012-4286
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4285 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the ...)
+CVE-2012-4285
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
 CVE-2012-4284
 	RESERVED
-CVE-2012-4283 (Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin ...)
+CVE-2012-4283
 	NOT-FOR-US: Login With Ajax plugin for Wordpress
-CVE-2012-4282 (SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows ...)
+CVE-2012-4282
 	NOT-FOR-US: Trombinoscope 3.5
-CVE-2012-4281 (Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow ...)
+CVE-2012-4281
 	NOT-FOR-US: Travelon Express 6.2.2
-CVE-2012-4280 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-4280
 	NOT-FOR-US: Free Realty 3.1-0.6
-CVE-2012-4279 (Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow ...)
+CVE-2012-4279
 	NOT-FOR-US: Free Realty 3.1-0.6
-CVE-2012-4278 (Multiple cross-site scripting (XSS) vulnerabilities in Free Realty ...)
+CVE-2012-4278
 	NOT-FOR-US: Free Realty
-CVE-2012-4277 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2012-4277
 	- smarty3 3.1.10-1
 	- smarty <removed> (low)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-4276 (Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 ...)
+CVE-2012-4276
 	NOT-FOR-US: Hitachi IT Operations Director
-CVE-2012-4275 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations ...)
+CVE-2012-4275
 	NOT-FOR-US: Hitachi IT Operations Director
-CVE-2012-4274 (Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 ...)
+CVE-2012-4274
 	NOT-FOR-US: Hitachi Cobol GUI Option
-CVE-2012-4273 (Cross-site scripting (XSS) vulnerability in libs/xing.php in the 2 ...)
+CVE-2012-4273
 	NOT-FOR-US: 2 Click Social Media Buttons plugin for Wordpress
-CVE-2012-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the 2 Click ...)
+CVE-2012-4272
 	NOT-FOR-US: 2 Click Social Media Buttons plugin for WordPress
-CVE-2012-4271 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-4271
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-4270 (Cross-site scripting (XSS) vulnerability in eFront 3.6.11 allows ...)
+CVE-2012-4270
 	NOT-FOR-US: eFront
-CVE-2012-4269 (Unrestricted file upload vulnerability in eFront 3.6.11 allows remote ...)
+CVE-2012-4269
 	NOT-FOR-US: eFront
-CVE-2012-4268 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-4268
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2012-4267 (Cross-site scripting (XSS) vulnerability in user/register in Sockso ...)
+CVE-2012-4267
 	NOT-FOR-US: Sockso
-CVE-2012-4266 (Cross-site scripting (XSS) vulnerability in client_details.php in ...)
+CVE-2012-4266
 	NOT-FOR-US: Proman Xpress
-CVE-2012-4265 (SQL injection vulnerability in category_edit.php in Proman Xpress ...)
+CVE-2012-4265
 	NOT-FOR-US: Proman Xpress
-CVE-2012-4264 (Multiple cross-site scripting (XSS) vulnerabilities in the Better WP ...)
+CVE-2012-4264
 	NOT-FOR-US: Better WP Security plugin for WordPress
-CVE-2012-4263 (Cross-site scripting (XSS) vulnerability in inc/admin/content.php in ...)
+CVE-2012-4263
 	NOT-FOR-US: Better WP Security plugin for Wordpress
-CVE-2012-4262 (Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow ...)
+CVE-2012-4262
 	NOT-FOR-US: myCare2x
-CVE-2012-4261 (SQL injection vulnerability in modules/patient/mycare2x_pat_info.php ...)
+CVE-2012-4261
 	NOT-FOR-US: myCare2x
-CVE-2012-4260 (Multiple SQL injection vulnerabilities in myCare2x allow remote ...)
+CVE-2012-4260
 	NOT-FOR-US: myCare2x
-CVE-2012-4259 (Cross-site scripting (XSS) vulnerability in the contacts in (1) XPhone ...)
+CVE-2012-4259
 	NOT-FOR-US: XPhone Virtual Directory
-CVE-2012-4258 (Multiple SQL injection vulnerabilities in MYRE Real Estate Software ...)
+CVE-2012-4258
 	NOT-FOR-US: MYRE Real Estate Software
-CVE-2012-4257 (Yaqas (Yet Another Question &amp; Answer System) 1.0 Alpha 1 allows remote ...)
+CVE-2012-4257
 	NOT-FOR-US: Yaqas
-CVE-2012-4256 (The jNews (com_jnews) component 7.5.1 for Joomla! allows remote ...)
+CVE-2012-4256
 	NOT-FOR-US: jNews for Joomla!
-CVE-2012-4255 (MySQLDumper 1.24.4 allows remote attackers to obtain sensitive ...)
+CVE-2012-4255
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4254 (MySQLDumper 1.24.4 allows remote attackers to obtain sensitive ...)
+CVE-2012-4254
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4253 (Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 ...)
+CVE-2012-4253
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4252 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-4252
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4251 (Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper ...)
+CVE-2012-4251
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4250 (Stack-based buffer overflow in the RequestScreenOptimization function ...)
+CVE-2012-4250
 	NOT-FOR-US: Samsung NET-i viewer
-CVE-2012-4249 (The Amazon Lab126 com.lab126.system sendEvent implementation on the ...)
+CVE-2012-4249
 	NOT-FOR-US: Kindle Touch
-CVE-2012-4248 (The Amazon Kindle Touch before 5.1.2 does not properly restrict access ...)
+CVE-2012-4248
 	NOT-FOR-US: Kindle Touch
-CVE-2012-4247 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-4247
 	NOT-FOR-US: phplist
-CVE-2012-4246 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-4246
 	NOT-FOR-US: phplist
-CVE-2012-4245 (The scriptfu network server in GIMP 2.6 does not require ...)
+CVE-2012-4245
 	- gimp <unfixed> (unimportant)
 	NOTE: The interface isn't designed or advertised to be secure, this is hardly a security issue in practice
-CVE-2012-4244 (ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before ...)
+CVE-2012-4244
 	{DSA-2547-1}
 	- bind9 1:9.8.4.dfsg-1 (bug #693015)
 	[wheezy] - bind9 1:9.8.1.dfsg.P1-4.4
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
 CVE-2012-4243
 	RESERVED
-CVE-2012-4242 (Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin ...)
+CVE-2012-4242
 	NOT-FOR-US: MF Gig Calendar
-CVE-2012-4241 (Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 ...)
+CVE-2012-4241
 	NOT-FOR-US: Microcart
-CVE-2012-4240 (SQL injection vulnerability in modules/calendar/json.php in ...)
+CVE-2012-4240
 	NOT-FOR-US: Group-Office
 CVE-2012-4239
 	RESERVED
-CVE-2012-4238 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-4238
 	NOT-FOR-US: TCExam
-CVE-2012-4237 (Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow ...)
+CVE-2012-4237
 	NOT-FOR-US: TCExam
-CVE-2012-4236 (Cross-site scripting (XSS) vulnerability in the refresh_page function ...)
+CVE-2012-4236
 	NOT-FOR-US: Total Shop UK eCommerce
-CVE-2012-4235 (The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! ...)
+CVE-2012-4235
 	NOT-FOR-US: Joomla addon
-CVE-2012-4234 (Cross-site scripting (XSS) vulnerability in the group moderation ...)
+CVE-2012-4234
 	NOT-FOR-US: Phorum
-CVE-2012-4233 (LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and ...)
+CVE-2012-4233
 	{DSA-2570-1}
 	- libreoffice 1:3.5.4+dfsg-3 (low)
 	- openoffice.org 1:3.3.0-1 (low)
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
 	NOTE: https://www.htbridge.com/advisory/HTB23106
-CVE-2012-4232 (SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 ...)
+CVE-2012-4232
 	NOT-FOR-US: jCore
-CVE-2012-4231 (Cross-site scripting (XSS) vulnerability in admin/index.php in jCore ...)
+CVE-2012-4231
 	NOT-FOR-US: jCore
-CVE-2012-4230 (The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the ...)
+CVE-2012-4230
 	- tinymce <unfixed> (low; bug #796117)
 	[buster] - tinymce <no-dsa> (Minor issue)
 	[stretch] - tinymce <no-dsa> (Minor issue)
@@ -6155,9 +6155,9 @@ CVE-2012-4228
 	RESERVED
 CVE-2012-4227
 	RESERVED
-CVE-2012-4226 (Multiple cross-site scripting (XSS) vulnerabilities in Quick Post ...)
+CVE-2012-4226
 	NOT-FOR-US: WordPress plugin Quick Post Widget
-CVE-2012-4225 (NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows ...)
+CVE-2012-4225
 	- nvidia-graphics-drivers 304.37-1 (bug #684781)
 	- nvidia-graphics-drivers-legacy-173xx 173.14.35-3
 	[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze2
@@ -6168,283 +6168,283 @@ CVE-2012-4224
 	REJECTED
 CVE-2012-4223
 	REJECTED
-CVE-2012-4222 (drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) ...)
+CVE-2012-4222
 	- linux <not-affected> (Android-specific drivers)
 	- linux-2.6 <not-affected> (Android-specific drivers)
-CVE-2012-4221 (Integer overflow in diagchar_core.c in the Qualcomm Innovation Center ...)
+CVE-2012-4221
 	- linux <not-affected> (Android-specific drivers)
 	- linux-2.6 <not-affected> (Android-specific drivers)
-CVE-2012-4220 (diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics ...)
+CVE-2012-4220
 	- linux <not-affected> (Android-specific drivers)
 	- linux-2.6 <not-affected> (Android-specific drivers)
-CVE-2012-4219 (show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows ...)
+CVE-2012-4219
 	- phpmyadmin 4:4.0.1-1 (unimportant)
 	NOTE: Path disclosure irrelevant in Debian
-CVE-2012-4218 (Use-after-free vulnerability in the ...)
+CVE-2012-4218
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4217 (Use-after-free vulnerability in the ...)
+CVE-2012-4217
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4216 (Use-after-free vulnerability in the gfxFont::GetFontEntry function in ...)
+CVE-2012-4216
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
-CVE-2012-4215 (Use-after-free vulnerability in the ...)
+CVE-2012-4215
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4214 (Use-after-free vulnerability in the nsTextEditorState::PrepareEditor ...)
+CVE-2012-4214
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4213 (Use-after-free vulnerability in the nsEditor::FindNextLeafNode ...)
+CVE-2012-4213
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4212 (Use-after-free vulnerability in the XPCWrappedNative::Mark function in ...)
+CVE-2012-4212
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2012-4211
 	REJECTED
-CVE-2012-4210 (The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR ...)
+CVE-2012-4210
 	- iceweasel 10.0.11esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4209 (Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, ...)
+CVE-2012-4209
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4208 (The XrayWrapper implementation in Mozilla Firefox before 17.0, ...)
+CVE-2012-4208
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4207 (The HZ-GB-2312 character-set implementation in Mozilla Firefox before ...)
+CVE-2012-4207
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
-CVE-2012-4206 (Untrusted search path vulnerability in the installer in Mozilla ...)
+CVE-2012-4206
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2012-4205 (Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey ...)
+CVE-2012-4205
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4204 (The str_unescape function in the JavaScript engine in Mozilla Firefox ...)
+CVE-2012-4204
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4203 (The New Tab page in Mozilla Firefox before 17.0 uses a privileged ...)
+CVE-2012-4203
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4202 (Heap-based buffer overflow in the image::RasterImage::DrawFrameTo ...)
+CVE-2012-4202
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4201 (The evalInSandbox implementation in Mozilla Firefox before 17.0, ...)
+CVE-2012-4201
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 CVE-2012-4200
 	RESERVED
-CVE-2012-4199 (template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before ...)
+CVE-2012-4199
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4198 (The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x ...)
+CVE-2012-4198
 	- bugzilla <not-affected> (Only affects 3.7 onwards)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4197 (Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x ...)
+CVE-2012-4197
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4196 (Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, ...)
+CVE-2012-4196
 	- iceweasel 10.0.10esr-1
 	- icedove 10.0.10-1
 	- iceape 2.7.10-1
 	[squeeze] - iceape <not-affected> (vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
 	[squeeze] - icedove <not-affected> (vulnerable code not present)
-CVE-2012-4195 (The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, ...)
+CVE-2012-4195
 	- iceape <not-affected> (Only affects 16.x release from experimental)
 	- iceweasel <not-affected> (Only affects 16.x release from experimental)
 	- icedove <not-affected> (Only affects 16.x release from experimental)
-CVE-2012-4194 (Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, ...)
+CVE-2012-4194
 	- iceape 2.7.10-1
 	- icedove 10.0.10-1
 	- iceweasel 10.0.10esr-1
 	[squeeze] - iceape <not-affected> (vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
 	[squeeze] - icedove <not-affected> (vulnerable code not present)
-CVE-2012-4193 (Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, ...)
+CVE-2012-4193
 	- iceweasel 10.0.9esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
 	[squeeze] - icedove <not-affected> (vulnerable code not present)
-CVE-2012-4192 (Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow ...)
+CVE-2012-4192
 	- iceweasel 10.0.9esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Regression not present in Squeeze)
 	[squeeze] - iceweasel <not-affected> (Regression not present in Squeeze)
 	[squeeze] - icedove <not-affected> (Regression not present in Squeeze)
-CVE-2012-4191 (The mozilla::net::FailDelayManager::Lookup function in the WebSockets ...)
+CVE-2012-4191
 	- iceweasel <not-affected> (Doesn't affect ESR series)
-CVE-2012-4190 (The FT2FontEntry::CreateFontEntry function in FreeType, as used in the ...)
+CVE-2012-4190
 	- iceweasel <not-affected> (Only affects Firefox Mobile)
-CVE-2012-4189 (Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x ...)
+CVE-2012-4189
 	- bugzilla <not-affected> (Only affects 4.1 onwards)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4188 (Heap-based buffer overflow in the Convolve3x3 function in Mozilla ...)
+CVE-2012-4188
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4187 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
+CVE-2012-4187
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4186 (Heap-based buffer overflow in the nsWaveReader::DecodeAudioData ...)
+CVE-2012-4186
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4185 (Buffer overflow in the nsCharTraits::length function in Mozilla ...)
+CVE-2012-4185
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4184 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+CVE-2012-4184
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4183 (Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures ...)
+CVE-2012-4183
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4182 (Use-after-free vulnerability in the nsTextEditRules::WillInsert ...)
+CVE-2012-4182
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4181 (Use-after-free vulnerability in the ...)
+CVE-2012-4181
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4180 (Heap-based buffer overflow in the ...)
+CVE-2012-4180
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4179 (Use-after-free vulnerability in the ...)
+CVE-2012-4179
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4178 (SQL injection vulnerability in spywall/includes/deptUploads_data.php ...)
+CVE-2012-4178
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-4177 (The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote ...)
+CVE-2012-4177
 	NOT-FOR-US: Ubisoft Uplay PC
-CVE-2012-4176 (Array index error in Adobe Shockwave Player before 11.6.8.638 allows ...)
+CVE-2012-4176
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4175 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows ...)
+CVE-2012-4175
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4174 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows ...)
+CVE-2012-4174
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4173 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows ...)
+CVE-2012-4173
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4172 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows ...)
+CVE-2012-4172
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4171 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on ...)
+CVE-2012-4171
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4170 (Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows ...)
+CVE-2012-4170
 	NOT-FOR-US: Adobe Photoshop CS6
 CVE-2012-4169
 	REJECTED
-CVE-2012-4168 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on ...)
+CVE-2012-4168
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4167 (Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x ...)
+CVE-2012-4167
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-4166
 	REJECTED
-CVE-2012-4165 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on ...)
+CVE-2012-4165
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4164 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on ...)
+CVE-2012-4164
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4163 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on ...)
+CVE-2012-4163
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4162 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4162
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4161 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4161
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4160 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4160
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4159 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4159
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4158 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4158
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4157 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4157
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4156 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4156
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4155 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4155
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4154 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4154
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4153 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4153
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4152 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4152
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4151 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4151
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4150 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4150
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4149 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4149
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4148 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4148
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4147 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-4147
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4146 (Opera before 12.01 allows remote attackers to cause a denial of ...)
+CVE-2012-4146
 	NOT-FOR-US: Opera
-CVE-2012-4145 (Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, ...)
+CVE-2012-4145
 	NOT-FOR-US: Opera
-CVE-2012-4144 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...)
+CVE-2012-4144
 	NOT-FOR-US: Opera
-CVE-2012-4143 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...)
+CVE-2012-4143
 	NOT-FOR-US: Opera
-CVE-2012-4142 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...)
+CVE-2012-4142
 	NOT-FOR-US: Opera
 CVE-2012-XXXX [redeclipse code execution through map files]
 	- redeclipse 1.2-3 (bug #684143)
@@ -6454,7 +6454,7 @@ CVE-2012-XXXX [base name disclosure]
 CVE-2012-XXXX [insecure default configuration / authentication bypass]
 	- munin 2.0.5-1 (bug #682869)
 	[squeeze] - munin <no-dsa> (Minor issue)
-CVE-2012-4141 (Directory traversal vulnerability in the CLI parser in Cisco NX-OS ...)
+CVE-2012-4141
 	NOT-FOR-US: Cisco
 CVE-2012-4140
 	REJECTED
@@ -6464,9 +6464,9 @@ CVE-2012-4138
 	REJECTED
 CVE-2012-4137
 	REJECTED
-CVE-2012-4136 (The high-availability service in the Fabric Interconnect component in ...)
+CVE-2012-4136
 	NOT-FOR-US: Cisco
-CVE-2012-4135 (Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and ...)
+CVE-2012-4135
 	NOT-FOR-US: Cisco
 CVE-2012-4134
 	REJECTED
@@ -6474,7 +6474,7 @@ CVE-2012-4133
 	REJECTED
 CVE-2012-4132
 	REJECTED
-CVE-2012-4131 (Directory traversal vulnerability in tar in Cisco NX-OS allows local ...)
+CVE-2012-4131
 	NOT-FOR-US: Cisco
 CVE-2012-4130
 	REJECTED
@@ -6492,9 +6492,9 @@ CVE-2012-4124
 	REJECTED
 CVE-2012-4123
 	REJECTED
-CVE-2012-4122 (The CLI parser in Cisco NX-OS allows local users to bypass intended ...)
+CVE-2012-4122
 	NOT-FOR-US: Cisco
-CVE-2012-4121 (Cisco NX-OS allows local users to gain privileges, and read or modify ...)
+CVE-2012-4121
 	NOT-FOR-US: Cisco
 CVE-2012-4120
 	REJECTED
@@ -6502,151 +6502,151 @@ CVE-2012-4119
 	REJECTED
 CVE-2012-4118
 	REJECTED
-CVE-2012-4117 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4117
 	NOT-FOR-US: Cisco
-CVE-2012-4116 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4116
 	NOT-FOR-US: Cisco
-CVE-2012-4115 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4115
 	NOT-FOR-US: Cisco
-CVE-2012-4114 (The fabric-interconnect KVM module in Cisco Unified Computing System ...)
+CVE-2012-4114
 	NOT-FOR-US: Cisco
-CVE-2012-4113 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4113
 	NOT-FOR-US: Cisco
-CVE-2012-4112 (The Baseboard Management Controller (BMC) in Cisco Unified Computing ...)
+CVE-2012-4112
 	NOT-FOR-US: Cisco
-CVE-2012-4111 (The create certreq command in the fabric-interconnect component in ...)
+CVE-2012-4111
 	NOT-FOR-US: Cisco
-CVE-2012-4110 (run-script in the fabric-interconnect component in Cisco Unified ...)
+CVE-2012-4110
 	NOT-FOR-US: Cisco
-CVE-2012-4109 (The clear sshkey command in the fabric-interconnect component in Cisco ...)
+CVE-2012-4109
 	NOT-FOR-US: Cisco
-CVE-2012-4108 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4108
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4107 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4107
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4106 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4106
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4105 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2012-4105
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4104 (Absolute path traversal vulnerability in the image-download process in ...)
+CVE-2012-4104
 	NOT-FOR-US: Cisco
-CVE-2012-4103 (ethanalyzer in the fabric-interconnect component in Cisco Unified ...)
+CVE-2012-4103
 	NOT-FOR-US: Cisco
-CVE-2012-4102 (The activate firmware command in the fabric-interconnect component in ...)
+CVE-2012-4102
 	NOT-FOR-US: Cisco
 CVE-2012-4101
 	REJECTED
 CVE-2012-4100
 	REJECTED
-CVE-2012-4099 (The BGP implementation in Cisco NX-OS does not properly filter AS ...)
+CVE-2012-4099
 	NOT-FOR-US: Cisco
-CVE-2012-4098 (The BGP implementation in Cisco NX-OS does not properly filter AS ...)
+CVE-2012-4098
 	NOT-FOR-US: Cisco
-CVE-2012-4097 (The BGP implementation in Cisco NX-OS does not properly filter segment ...)
+CVE-2012-4097
 	NOT-FOR-US: Cisco
-CVE-2012-4096 (The local file editor in the Baseboard Management Controller (BMC) in ...)
+CVE-2012-4096
 	NOT-FOR-US: Cisco
-CVE-2012-4095 (The local file editor in the fabric-interconnect component in Cisco ...)
+CVE-2012-4095
 	NOT-FOR-US: Cisco
-CVE-2012-4094 (Buffer overflow in the Smart Call Home feature in the fabric ...)
+CVE-2012-4094
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4093 (The Manager component in Cisco Unified Computing System (UCS) allows ...)
+CVE-2012-4093
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4092 (The management interface in the Central Software component in Cisco ...)
+CVE-2012-4092
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4091 (The RIP service engine in Cisco NX-OS allows remote attackers to cause ...)
+CVE-2012-4091
 	NOT-FOR-US: Cisco
-CVE-2012-4090 (The management interface in Cisco NX-OS on Nexus 7000 devices allows ...)
+CVE-2012-4090
 	NOT-FOR-US: Cisco
-CVE-2012-4089 (MCTOOLS in the fabric interconnect in Cisco Unified Computing System ...)
+CVE-2012-4089
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4088 (The FTP server in Cisco Unified Computing System (UCS) has a hardcoded ...)
+CVE-2012-4088
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4087 (A cluster setup script for fabric interconnect devices in Cisco ...)
+CVE-2012-4087
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4086 (A setup script for fabric interconnect devices in Cisco Unified ...)
+CVE-2012-4086
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4085 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
+CVE-2012-4085
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4084 (Cross-site request forgery (CSRF) vulnerability in the web-management ...)
+CVE-2012-4084
 	NOT-FOR-US: Cisco
-CVE-2012-4083 (Multiple buffer overflows in the administrative web interface in Cisco ...)
+CVE-2012-4083
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4082 (MCTools in the Cisco Management Controller in Cisco Unified Computing ...)
+CVE-2012-4082
 	NOT-FOR-US: Cisco
-CVE-2012-4081 (MCServer in the Cisco Management Controller in Cisco Unified Computing ...)
+CVE-2012-4081
 	NOT-FOR-US: Cisco
 CVE-2012-4080
 	REJECTED
-CVE-2012-4079 (The XML API service in the Fabric Interconnect component in Cisco ...)
+CVE-2012-4079
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4078 (The Baseboard Management Controller (BMC) in Cisco Unified Computing ...)
+CVE-2012-4078
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4077 (Cisco NX-OS allows local users to gain privileges and execute ...)
+CVE-2012-4077
 	NOT-FOR-US: Cisco
-CVE-2012-4076 (Cisco NX-OS allows local users to gain privileges and execute ...)
+CVE-2012-4076
 	NOT-FOR-US: Cisco NX-OS
-CVE-2012-4075 (Cisco NX-OS allows local users to gain privileges and execute ...)
+CVE-2012-4075
 	NOT-FOR-US: Cisco
-CVE-2012-4074 (The Board Management Controller (BMC) in the Serial over LAN (SoL) ...)
+CVE-2012-4074
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4073 (The KVM subsystem in the client in Cisco Unified Computing System ...)
+CVE-2012-4073
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4072 (The KVM subsystem in Cisco Unified Computing System (UCS) relies on a ...)
+CVE-2012-4072
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4071 (Cross-site scripting (XSS) vulnerability in the comments module in the ...)
+CVE-2012-4071
 	NOT-FOR-US: Joomla addon
-CVE-2012-4070 (SQL injection vulnerability in system/src/dispatcher.php in Dir2web ...)
+CVE-2012-4070
 	NOT-FOR-US: Dir2Web
-CVE-2012-4069 (Dir2web 3.0 stores sensitive information under the web root with ...)
+CVE-2012-4069
 	NOT-FOR-US: Dir2Web
-CVE-2012-4068 (Heap-based buffer overflow in the SoapServer service in Citrix ...)
+CVE-2012-4068
 	NOT-FOR-US: Citrix
-CVE-2012-4067 (Walrus in Eucalyptus before 3.2.2 allows remote attackers to cause a ...)
+CVE-2012-4067
 	- eucalyptus <removed> (bug #707592)
 	NOTE: https://github.com/eucalyptus/eucalyptus/commit/e958e60
 	NOTE: https://eucalyptus.atlassian.net/browse/EUCA-5277
-CVE-2012-4066 (The internal message protocol for Walrus in Eucalyptus 3.2.0 and ...)
+CVE-2012-4066
 	- eucalyptus <removed> (bug #702388)
-CVE-2012-4065 (Eucalyptus before 3.1.1 does not properly restrict the binding of ...)
+CVE-2012-4065
 	- eucalyptus 3.1.0-9 (bug #689599)
-CVE-2012-4064 (Eucalyptus before 3.1.1 does not properly restrict the binding of ...)
+CVE-2012-4064
 	- eucalyptus 3.1.0-9 (bug #689599)
-CVE-2012-4063 (The Apache Santuario configuration in Eucalyptus before 3.1.1 does not ...)
+CVE-2012-4063
 	- eucalyptus 3.1.0-9 (bug #689599)
 CVE-2012-4062
 	RESERVED
-CVE-2012-4061 (Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow ...)
+CVE-2012-4061
 	NOT-FOR-US: ASP-DEv XM Diary
-CVE-2012-4060 (Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow ...)
+CVE-2012-4060
 	NOT-FOR-US: ASP-DEv XM Diary
-CVE-2012-4059 (Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php ...)
+CVE-2012-4059
 	NOT-FOR-US: Socketmail not in Debian
-CVE-2012-4058 (Cross-site scripting (XSS) vulnerability in SocketMail Pro 2.2.9 ...)
+CVE-2012-4058
 	NOT-FOR-US: Socketmail not in Debian
-CVE-2012-4057 (Buffer overflow in the Player in Remote-Anything 5.60.15 allows remote ...)
+CVE-2012-4057
 	NOT-FOR-US: Remote-Anything not in Debian
-CVE-2012-4056 (SQL injection vulnerability in index2.php in Uiga Personal Portal ...)
+CVE-2012-4056
 	NOT-FOR-US: Uiga personal portal
-CVE-2012-4055 (SQL injection vulnerability in index2.php in Uiga Fan Club allows ...)
+CVE-2012-4055
 	NOT-FOR-US: Uiga Fan Club
-CVE-2012-4054 (Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 ...)
+CVE-2012-4054
 	NOT-FOR-US: CPE17 Autorun Killer not in Debian
-CVE-2012-4053 (Cross-site request forgery (CSRF) vulnerability in eZOE flash player ...)
+CVE-2012-4053
 	NOT-FOR-US: eZOE flash player not in Debian
-CVE-2012-4052 (Multiple cross-site scripting (XSS) vulnerabilities in Jease before ...)
+CVE-2012-4052
 	NOT-FOR-US: Jease
-CVE-2012-4051 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-4051
 	NOT-FOR-US: JAMF Casper suite
 CVE-2012-4047
 	RESERVED
-CVE-2012-4046 (The D-Link DCS-932L camera with firmware 1.02 allows remote attackers ...)
+CVE-2012-4046
 	NOT-FOR-US: D-Link DCS-932L camera
-CVE-2012-4045 (Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 ...)
+CVE-2012-4045
 	NOT-FOR-US: Winamp
 CVE-2012-4044
 	RESERVED
-CVE-2012-4043 (Cross-site scripting (XSS) vulnerability in global-protect/login.esp ...)
+CVE-2012-4043
 	NOT-FOR-US: Palo Alto Networks software
 CVE-2012-4042
 	RESERVED
@@ -6658,186 +6658,186 @@ CVE-2012-4039
 	RESERVED
 CVE-2012-4038
 	RESERVED
-CVE-2012-4037 (Multiple cross-site scripting (XSS) vulnerabilities in the web client ...)
+CVE-2012-4037
 	- transmission 2.52-3 (bug #683380)
 	[squeeze] - transmission <not-affected> (Version in Stable not affected)
-CVE-2012-4036 (Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 ...)
+CVE-2012-4036
 	NOT-FOR-US: PBBoard
-CVE-2012-4035 (The new_password page in PBBoard 2.1.4 allows remote attackers to ...)
+CVE-2012-4035
 	NOT-FOR-US: PBBoard
-CVE-2012-4034 (Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote ...)
+CVE-2012-4034
 	NOT-FOR-US: PBBoard
-CVE-2012-4050 (Multiple unspecified vulnerabilities in Google Chrome OS before ...)
+CVE-2012-4050
 	NOT-FOR-US: Google Chrome OS
-CVE-2012-4049 (epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x ...)
+CVE-2012-4049
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2012-12.html
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
-CVE-2012-4048 (The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before ...)
+CVE-2012-4048
 	{DSA-2590-1}
 	- wireshark 1.8.2-1 (bug #680056)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2012-11.html
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
-CVE-2012-4033 (Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin ...)
+CVE-2012-4033
 	NOT-FOR-US: Zingiri not in Debian
-CVE-2012-4032 (Open redirect vulnerability in the login page in WebsitePanel before ...)
+CVE-2012-4032
 	NOT-FOR-US: WebsitePanel not in Debian
-CVE-2012-4031 (Multiple directory traversal vulnerabilities in src/acloglogin.php in ...)
+CVE-2012-4031
 	NOT-FOR-US: Wangkongbao not in Debian
 CVE-2012-4030
 	RESERVED
 CVE-2012-4029
 	RESERVED
-CVE-2012-4028 (Tridium Niagara AX Framework does not properly store credential data, ...)
+CVE-2012-4028
 	NOT-FOR-US: Tridium Niagara AX Framework
-CVE-2012-4027 (Directory traversal vulnerability in Tridium Niagara AX Framework ...)
+CVE-2012-4027
 	NOT-FOR-US: Tridium Niagara AX Framework
-CVE-2012-4026 (The Johnson Controls Pegasys P2000 server with software before 3.11 ...)
+CVE-2012-4026
 	NOT-FOR-US: The Johnson Controls Pegasys P2000
-CVE-2012-4025 (Integer overflow in the queue_init function in unsquashfs.c in ...)
+CVE-2012-4025
 	- squashfs-tools 1:4.2+20121212-1 (low; bug #683371)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2012-4024 (Stack-based buffer overflow in the get_component function in ...)
+CVE-2012-4024
 	- squashfs-tools 1:4.2+20121212-1 (low; bug #683371)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2012-4023 (CRLF injection vulnerability in Pebble before 2.6.4 allows remote ...)
+CVE-2012-4023
 	NOT-FOR-US: Pebble blog
-CVE-2012-4022 (Pebble before 2.6.4 allows remote attackers to trigger loss of ...)
+CVE-2012-4022
 	NOT-FOR-US: Pebble blog
-CVE-2012-4021 (MosP kintai kanri before 4.1.0 does not properly perform ...)
+CVE-2012-4021
 	NOT-FOR-US: MosP kintai kanri
-CVE-2012-4020 (MosP kintai kanri before 4.1.0 does not enforce privilege ...)
+CVE-2012-4020
 	NOT-FOR-US: MosP kintai kanri
-CVE-2012-4019 (Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on ...)
+CVE-2012-4019
 	NOT-FOR-US: Come on Girls Interface (CGI) Tokyo BBS
-CVE-2012-4018 (Cross-site scripting (XSS) vulnerability in Final Beta Laboratory ...)
+CVE-2012-4018
 	NOT-FOR-US: Final Beta Laboratory MyWebSearch
-CVE-2012-4017 (The jigbrowser+ application before 1.5.0 for Android does not properly ...)
+CVE-2012-4017
 	NOT-FOR-US: Android application
-CVE-2012-4016 (The ATOK application before 1.0.4 for Android allows remote attackers ...)
+CVE-2012-4016
 	NOT-FOR-US: Android application
-CVE-2012-4015 (Cross-site scripting (XSS) vulnerability in the management screen in ...)
+CVE-2012-4015
 	NOT-FOR-US: My Little tool / My little admin SQL server 2000
-CVE-2012-4014 (Unspecified vulnerability in McAfee Email Anti-virus (formerly ...)
+CVE-2012-4014
 	NOT-FOR-US: McAfee Email Anti-virus
-CVE-2012-4013 (The WebView class in the Cybozu KUNAI Browser for Remote Service ...)
+CVE-2012-4013
 	NOT-FOR-US: Cybozu KUNAI Browser
-CVE-2012-4012 (The WebView class in the Cybozu KUNAI application before 2.0.6 for ...)
+CVE-2012-4012
 	NOT-FOR-US: Cybozu KUNAI
-CVE-2012-4011 (The Cybozu KUNAI application before 2.0.6 for Android allows remote ...)
+CVE-2012-4011
 	NOT-FOR-US: Cybozu KUNAI
-CVE-2012-4010 (Opera before 11.60 allows remote attackers to spoof the address bar ...)
+CVE-2012-4010
 	NOT-FOR-US: Opera
-CVE-2012-4009 (The WebView class in the Cybozu Live application 1.0.4 and earlier for ...)
+CVE-2012-4009
 	NOT-FOR-US: Cybozu Live
-CVE-2012-4008 (The Cybozu Live application 1.0.4 and earlier for Android allows ...)
+CVE-2012-4008
 	NOT-FOR-US: Cybozu Live
-CVE-2012-4007 (The mixi application before 4.3.0 for Android allows remote attackers ...)
+CVE-2012-4007
 	NOT-FOR-US: mixi application for Android
-CVE-2012-4006 (The GREE application before 1.4.0, GREE Tanken Dorirando application ...)
+CVE-2012-4006
 	NOT-FOR-US: GREE application for Android
-CVE-2012-4005 (The NHN Japan NAVER LINE application before 2.5.5 for Android does not ...)
+CVE-2012-4005
 	NOT-FOR-US: NHN Japan NAVER LINE
-CVE-2012-4004 (Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile ...)
+CVE-2012-4004
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2012-4003 (Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT ...)
+CVE-2012-4003
 	- glpi 0.83.31-1 (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: https://forge.indepnet.net/projects/glpi/versions/771
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/13/1
-CVE-2012-4002 (Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI ...)
+CVE-2012-4002
 	- glpi 0.83.31-1 (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: https://forge.indepnet.net/projects/glpi/versions/771
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/13/1
-CVE-2012-4001 (The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server ...)
+CVE-2012-4001
 	NOT-FOR-US: mod_pagespeed
-CVE-2012-4000 (Cross-site scripting (XSS) vulnerability in the print_textinputs_var ...)
+CVE-2012-4000
 	{DSA-2522-1}
 	- fckeditor 1:2.6.6-3 (bug #683418)
 	NOTE: http://disse.cting.org/2012/06/22/fckeditor-reflected-xss-vulnerability/
-CVE-2012-3999 (Cross-site scripting (XSS) vulnerability in admin/login.php in Sticky ...)
+CVE-2012-3999
 	NOT-FOR-US: Sticky Notes
-CVE-2012-3998 (Multiple SQL injection vulnerabilities in Sticky Notes before ...)
+CVE-2012-3998
 	NOT-FOR-US: Sticky Notes
-CVE-2012-3997 (Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes ...)
+CVE-2012-3997
 	NOT-FOR-US: Sticky Notes
-CVE-2012-3996 (TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to ...)
+CVE-2012-3996
 	- tikiwiki <removed>
-CVE-2012-3995 (The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, ...)
+CVE-2012-3995
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3994 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
+CVE-2012-3994
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3993 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+CVE-2012-3993
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3992 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
+CVE-2012-3992
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3991 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
+CVE-2012-3991
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-3990 (Use-after-free vulnerability in the IME State Manager implementation ...)
+CVE-2012-3990
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-3989 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey ...)
+CVE-2012-3989
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3988 (Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ...)
+CVE-2012-3988
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3987 (Mozilla Firefox before 16.0 on Android assigns chrome privileges to ...)
+CVE-2012-3987
 	- iceweasel <not-affected> (Android-specific)
-CVE-2012-3986 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
+CVE-2012-3986
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-3985 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey ...)
+CVE-2012-3985
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3984 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey ...)
+CVE-2012-3984
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3983 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-3983
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3982 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-3982
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
@@ -6845,150 +6845,150 @@ CVE-2012-3982 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4747 (Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, ...)
+CVE-2012-4747
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=785522
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=785511
-CVE-2012-3981 (Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and ...)
+CVE-2012-3981
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-3980 (The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x ...)
+CVE-2012-3980
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3979 (Mozilla Firefox before 15.0 on Android does not properly implement ...)
+CVE-2012-3979
 	- iceweasel <not-affected> (Only affects Firefox for Android)
-CVE-2012-3978 (The nsLocation::CheckURL function in Mozilla Firefox before 15.0, ...)
+CVE-2012-3978
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-3977
 	REJECTED
-CVE-2012-3976 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and ...)
+CVE-2012-3976
 	- iceweasel 10.0.7esr-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3975 (The DOMParser component in Mozilla Firefox before 15.0, Thunderbird ...)
+CVE-2012-3975
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3974 (Untrusted search path vulnerability in the installer in Mozilla ...)
+CVE-2012-3974
 	- iceweasel <not-affected> (Only affects Firefox for Windows)
-CVE-2012-3973 (The debugger in the developer-tools subsystem in Mozilla Firefox ...)
+CVE-2012-3973
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3972 (The format-number functionality in the XSLT implementation in Mozilla ...)
+CVE-2012-3972
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3971 (Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla ...)
+CVE-2012-3971
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3970 (Use-after-free vulnerability in the nsTArray_base::Length function in ...)
+CVE-2012-3970
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3969 (Integer overflow in the nsSVGFEMorphologyElement::Filter function in ...)
+CVE-2012-3969
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3968 (Use-after-free vulnerability in the WebGL implementation in Mozilla ...)
+CVE-2012-3968
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3967 (The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR ...)
+CVE-2012-3967
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3966 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, ...)
+CVE-2012-3966
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3965 (Mozilla Firefox before 15.0 does not properly restrict navigation to ...)
+CVE-2012-3965
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3964 (Use-after-free vulnerability in the gfxTextRun::GetUserData function ...)
+CVE-2012-3964
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3963 (Use-after-free vulnerability in the js::gc::MapAllocToTraceKind ...)
+CVE-2012-3963
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3962 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, ...)
+CVE-2012-3962
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3961 (Use-after-free vulnerability in the RangeData implementation in ...)
+CVE-2012-3961
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3960 (Use-after-free vulnerability in the ...)
+CVE-2012-3960
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3959 (Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode ...)
+CVE-2012-3959
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3958 (Use-after-free vulnerability in the ...)
+CVE-2012-3958
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3957 (Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function ...)
+CVE-2012-3957
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3956 (Use-after-free vulnerability in the ...)
+CVE-2012-3956
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3955 (ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows ...)
+CVE-2012-3955
 	{DSA-2551-1}
 	- isc-dhcp 4.2.4-2
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3954 (Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and ...)
+CVE-2012-3954
 	{DSA-2519-2 DSA-2519-1 DSA-2516-1}
 	- isc-dhcp 4.2.4-2 (bug #686174)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3953 (SQL injection vulnerability in admin/index.php in phpList before ...)
+CVE-2012-3953
 	NOT-FOR-US: phplist
-CVE-2012-3952 (Cross-site scripting (XSS) vulnerability in admin/index.php in phpList ...)
+CVE-2012-3952
 	NOT-FOR-US: phplist
-CVE-2012-3951 (The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL ...)
+CVE-2012-3951
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-3950 (The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 ...)
+CVE-2012-3950
 	NOT-FOR-US: Cisco IOS
-CVE-2012-3949 (The SIP implementation in Cisco Unified Communications Manager (CUCM) ...)
+CVE-2012-3949
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2012-3948
 	RESERVED
 CVE-2012-3947
 	RESERVED
-CVE-2012-3946 (Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ...)
+CVE-2012-3946
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3945
 	RESERVED
@@ -6998,19 +6998,19 @@ CVE-2012-3943
 	RESERVED
 CVE-2012-3942
 	RESERVED
-CVE-2012-3941 (Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2012-3941
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3940 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+CVE-2012-3940
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3939 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+CVE-2012-3939
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3938 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+CVE-2012-3938
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3937 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+CVE-2012-3937
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3936 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+CVE-2012-3936
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3935 (Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible ...)
+CVE-2012-3935
 	NOT-FOR-US: Cisco Unified Presence, Jabber Extensible Communications Platform
 CVE-2012-3934
 	RESERVED
@@ -7032,9 +7032,9 @@ CVE-2012-3926
 	RESERVED
 CVE-2012-3925
 	RESERVED
-CVE-2012-3924 (The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is ...)
+CVE-2012-3924
 	NOT-FOR-US: Cisco IOS
-CVE-2012-3923 (The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, ...)
+CVE-2012-3923
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3922
 	RESERVED
@@ -7042,19 +7042,19 @@ CVE-2012-3921
 	RESERVED
 CVE-2012-3920
 	RESERVED
-CVE-2012-3919 (The Cisco Application Control Engine (ACE) module 3.0 for Cisco ...)
+CVE-2012-3919
 	NOT-FOR-US: Cisco Application Control Engine
-CVE-2012-3918 (Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a ...)
+CVE-2012-3918
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3917
 	RESERVED
 CVE-2012-3916
 	RESERVED
-CVE-2012-3915 (The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote ...)
+CVE-2012-3915
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3914
 	RESERVED
-CVE-2012-3913 (The Cisco VC220 and VC240 cameras allow remote attackers to cause a ...)
+CVE-2012-3913
 	NOT-FOR-US: Cisco
 CVE-2012-3912
 	RESERVED
@@ -7064,7 +7064,7 @@ CVE-2012-3910
 	RESERVED
 CVE-2012-3909
 	RESERVED
-CVE-2012-3908 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE ...)
+CVE-2012-3908
 	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2012-3907
 	RESERVED
@@ -7078,11 +7078,11 @@ CVE-2012-3903
 	RESERVED
 CVE-2012-3902
 	RESERVED
-CVE-2012-3901 (The updateTime function in sensorApp on Cisco IPS 4200 series sensors ...)
+CVE-2012-3901
 	NOT-FOR-US: Cisco IPS 4200
 CVE-2012-3900
 	RESERVED
-CVE-2012-3899 (sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not ...)
+CVE-2012-3899
 	NOT-FOR-US: Cisco IPS 4200
 CVE-2012-3898
 	RESERVED
@@ -7090,35 +7090,35 @@ CVE-2012-3897
 	RESERVED
 CVE-2012-3896
 	RESERVED
-CVE-2012-3895 (Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause ...)
+CVE-2012-3895
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3894
 	RESERVED
-CVE-2012-3893 (The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote ...)
+CVE-2012-3893
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3892
 	RESERVED
 CVE-2012-3891
 	RESERVED
-CVE-2012-3890 (The in_mod plugin in Winamp before 5.63 allows remote attackers to ...)
+CVE-2012-3890
 	NOT-FOR-US: Winamp
-CVE-2012-3889 (The in_mod plugin in Winamp before 5.63 allows remote attackers to ...)
+CVE-2012-3889
 	NOT-FOR-US: Winamp
-CVE-2012-3888 (The login implementation in AirDroid 1.0.4 beta allows remote ...)
+CVE-2012-3888
 	NOT-FOR-US: AirDroid
-CVE-2012-3887 (AirDroid before 1.0.7 beta uses a cleartext base64 format for data ...)
+CVE-2012-3887
 	NOT-FOR-US: AirDroid
-CVE-2012-3886 (AirDroid 1.0.4 beta uses the MD5 algorithm for values in the ...)
+CVE-2012-3886
 	NOT-FOR-US: AirDroid
-CVE-2012-3885 (The default configuration of AirDroid 1.0.4 beta uses a four-character ...)
+CVE-2012-3885
 	NOT-FOR-US: AirDroid
-CVE-2012-3884 (AirDroid 1.0.4 beta implements authentication through direct ...)
+CVE-2012-3884
 	NOT-FOR-US: AirDroid
 CVE-2012-3883
 	RESERVED
 CVE-2012-3882
 	RESERVED
-CVE-2012-3881 (Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 ...)
+CVE-2012-3881
 	NOT-FOR-US: RTG, RTG2
 CVE-2012-3880
 	RESERVED
@@ -7134,30 +7134,30 @@ CVE-2012-3875
 	RESERVED
 CVE-2012-3874
 	RESERVED
-CVE-2012-3873 (Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 ...)
+CVE-2012-3873
 	NOT-FOR-US: Open Constructor
-CVE-2012-3872 (Multiple cross-site scripting (XSS) vulnerabilities in Open ...)
+CVE-2012-3872
 	NOT-FOR-US: Open Constructor
-CVE-2012-3871 (Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php ...)
+CVE-2012-3871
 	NOT-FOR-US: Open Constructor
-CVE-2012-3870 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-3870
 	NOT-FOR-US: Open Constructor
-CVE-2012-3869 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-3869
 	NOT-FOR-US: REDAXO
-CVE-2012-3868 (Race condition in the ns_client structure management in ISC BIND 9.9.x ...)
+CVE-2012-3868
 	NOTE: https://kb.isc.org/article/AA-00730
 	- bind9 <not-affected> (Vulnerable code not present, only affects 9.9.x)
 	- isc-dhcp <not-affected> (embeds bind 9.8.x; this issue only affects 9.9.x)
-CVE-2012-3867 (lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and ...)
+CVE-2012-3867
 	{DSA-2511-1}
 	- puppet 2.7.18-1
-CVE-2012-3866 (lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet ...)
+CVE-2012-3866
 	{DSA-2511-1}
 	- puppet 2.7.18-1
-CVE-2012-3865 (Directory traversal vulnerability in lib/puppet/reports/store.rb in ...)
+CVE-2012-3865
 	{DSA-2511-1}
 	- puppet 2.7.18-1
-CVE-2012-3864 (Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise ...)
+CVE-2012-3864
 	{DSA-2511-1}
 	- puppet 2.7.18-1
 CVE-2012-3862
@@ -7166,7 +7166,7 @@ CVE-2012-3861
 	RESERVED
 CVE-2012-3860
 	RESERVED
-CVE-2012-3859 (Unspecified vulnerability in the WebAdmin Portal in Netsweeper has ...)
+CVE-2012-3859
 	NOT-FOR-US: Netsweeper WebAdmin Portal
 CVE-2012-3858
 	RESERVED
@@ -7188,60 +7188,60 @@ CVE-2012-3850
 	RESERVED
 CVE-2012-3849
 	RESERVED
-CVE-2012-3848 (Multiple cross-site scripting (XSS) vulnerabilities in the web console ...)
+CVE-2012-3848
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-3863 (channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and ...)
+CVE-2012-3863
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1
-CVE-2012-3847 (slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 ...)
+CVE-2012-3847
 	NOT-FOR-US: Windows utility
-CVE-2012-3846 (Cross-site scripting (XSS) vulnerability in index.php in PHP-pastebin ...)
+CVE-2012-3846
 	NOT-FOR-US: php-pastebin not in Debian
-CVE-2012-3845 (Buffer overflow in LAN Messenger 1.2.28 and earlier allows remote ...)
+CVE-2012-3845
 	NOT-FOR-US: LAN Messenger not in Debian
-CVE-2012-3844 (Cross-site scripting (XSS) vulnerability in vBulletin 4.1.12 allows ...)
+CVE-2012-3844
 	NOT-FOR-US: vBulletin not in Debian
-CVE-2012-3843 (Cross-site scripting (XSS) vulnerability in the registration page in ...)
+CVE-2012-3843
 	NOT-FOR-US: e107 not in Debian
-CVE-2012-3842 (Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in ...)
+CVE-2012-3842
 	NOT-FOR-US: DirectAdmin not in Debian
-CVE-2012-3841 (Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local ...)
+CVE-2012-3841
 	NOT-FOR-US: KMPlayer not in Debian (not the KDE interface to mplayer)
-CVE-2012-3840 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-3840
 	NOT-FOR-US: MyClientBase not in Debian
-CVE-2012-3839 (Multiple SQL injection vulnerabilities in ...)
+CVE-2012-3839
 	NOT-FOR-US: MyClientBase not in Debian
-CVE-2012-3838 (Gekko before 1.2.0 allows remote attackers to obtain the installation ...)
+CVE-2012-3838
 	NOT-FOR-US: Baby Gekko not in Debian
-CVE-2012-3837 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-3837
 	NOT-FOR-US: Baby Gekko not in Debian
-CVE-2012-3836 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko ...)
+CVE-2012-3836
 	NOT-FOR-US: Baby Gekko not in Debian
-CVE-2012-3835 (Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open ...)
+CVE-2012-3835
 	NOT-FOR-US: OSSIM not in Debian (different from Open Source Software Image Map)
-CVE-2012-3834 (SQL injection vulnerability in forensics/base_qry_main.php in ...)
+CVE-2012-3834
 	NOT-FOR-US: OSSIM not in Debian (different from Open Source Software Image Map)
-CVE-2012-3833 (Cross-site scripting (XSS) vulnerability in the default index page in ...)
+CVE-2012-3833
 	NOT-FOR-US: Quick.CMS not in Debian
-CVE-2012-3832 (Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in ...)
+CVE-2012-3832
 	NOT-FOR-US: Decoda not in Debian
-CVE-2012-3831 (Cross-site scripting (XSS) vulnerability in decoda/templates/video.php ...)
+CVE-2012-3831
 	NOT-FOR-US: Decoda not in Debian
-CVE-2012-3830 (Cross-site scripting (XSS) vulnerability in decoda/templates/video.php ...)
+CVE-2012-3830
 	NOT-FOR-US: Decoda not in Debian
-CVE-2012-3829 (Joomla! 2.5.3 allows remote attackers to obtain the installation path ...)
+CVE-2012-3829
 	NOT-FOR-US: Joomla!
-CVE-2012-3828 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows ...)
+CVE-2012-3828
 	NOT-FOR-US: Joomla!
 CVE-2012-3827
 	RESERVED
-CVE-2012-3826 (Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x ...)
+CVE-2012-3826
 	- wireshark 1.6.8-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (vulnerable code appeared in 1.4/1.6)
 	NOTE: not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125
 	NOTE: leftover of CVE-2012-2392
-CVE-2012-3825 (Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x ...)
+CVE-2012-3825
 	- wireshark 1.6.8-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (vulnerable code appeared in 1.4/1.6)
 	NOTE: not suitable for code injection
@@ -7255,36 +7255,36 @@ CVE-2012-3822
 	RESERVED
 CVE-2012-3821
 	RESERVED
-CVE-2012-3820 (Multiple SQL injection vulnerabilities in Campaign11.exe in Arial ...)
+CVE-2012-3820
 	NOT-FOR-US: Arial Software Campaign Enterprise
-CVE-2012-3819 (Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, ...)
+CVE-2012-3819
 	NOT-FOR-US: dartwebserver.dll
-CVE-2012-3818 (The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the ...)
+CVE-2012-3818
 	- revelation 0.4.13-1.2 (bug #680059)
 	[squeeze] - revelation <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3818
 	NOTE: http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html
 	NOTE: http://als.regnet.cz/fpm2/feedback/2
-CVE-2012-3817 (ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before ...)
+CVE-2012-3817
 	{DSA-2517-1}
 	- bind9 1:9.8.1.dfsg.P1-4.2 (bug #683259)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
 	NOTE: https://kb.isc.org/article/AA-00729
 CVE-2012-XXXX [packagekit insecure temp file]
 	- packagekit 0.7.6-1 (bug #678189)
-CVE-2012-3816 (WinRadius Server 2009 allows remote attackers to cause a denial of ...)
+CVE-2012-3816
 	NOT-FOR-US: WinRadius
-CVE-2012-3815 (Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA ...)
+CVE-2012-3815
 	NOT-FOR-US: Sielco Sistemi Winlog
-CVE-2012-3814 (Unrestricted file upload vulnerability in font-upload.php in the Font ...)
+CVE-2012-3814
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-3813
 	RESERVED
-CVE-2012-3812 (Double free vulnerability in apps/app_voicemail.c in Asterisk Open ...)
+CVE-2012-3812
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1 (bug #680470)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2012-3811 (Unrestricted file upload vulnerability in ImageUpload.ashx in the ...)
+CVE-2012-3811
 	NOT-FOR-US: Avaya IP Office Customer Call Reporter
 CVE-2012-3810
 	RESERVED
@@ -7296,39 +7296,39 @@ CVE-2012-3807
 	RESERVED
 CVE-2012-3806
 	RESERVED
-CVE-2012-3805 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-3805
 	NOT-FOR-US: Kajona
 CVE-2012-3804
 	RESERVED
 CVE-2012-3803
 	RESERVED
-CVE-2012-3802 (Unspecified vulnerability in the Post Affiliate Pro (PAP) module for ...)
+CVE-2012-3802
 	NOT-FOR-US: Drupal module
 CVE-2012-3801
 	REJECTED
-CVE-2012-3800 (Cross-site scripting (XSS) vulnerability in og.js in the Organic ...)
+CVE-2012-3800
 	NOT-FOR-US: Drupal module
-CVE-2012-3799 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-3799
 	NOT-FOR-US: Drupal module
-CVE-2012-3798 (The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when ...)
+CVE-2012-3798
 	NOT-FOR-US: Drupal module
-CVE-2012-3797 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
+CVE-2012-3797
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3796 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
+CVE-2012-3796
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3795 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
+CVE-2012-3795
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3794 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
+CVE-2012-3794
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3793 (Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ...)
+CVE-2012-3793
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3792 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
+CVE-2012-3792
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3791 (Multiple SQL injection vulnerabilities in Simple Web Content ...)
+CVE-2012-3791
 	NOT-FOR-US: Simple Web Content Management System
-CVE-2012-3790 (Cross-site scripting (XSS) vulnerability in index.php in Adiscon ...)
+CVE-2012-3790
 	NOT-FOR-US: Adiscon LogAnalyzer
-CVE-2012-3789 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, ...)
+CVE-2012-3789
 	- bitcoin 0.5.0~rc1-1
 CVE-2012-3788
 	RESERVED
@@ -7390,451 +7390,451 @@ CVE-2012-3760
 	RESERVED
 CVE-2012-3759
 	RESERVED
-CVE-2012-3758 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote ...)
+CVE-2012-3758
 	NOT-FOR-US: QuickTime
-CVE-2012-3757 (Apple QuickTime before 7.7.3 allows remote attackers to execute ...)
+CVE-2012-3757
 	NOT-FOR-US: QuickTime
-CVE-2012-3756 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote ...)
+CVE-2012-3756
 	NOT-FOR-US: QuickTime
-CVE-2012-3755 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote ...)
+CVE-2012-3755
 	NOT-FOR-US: QuickTime
-CVE-2012-3754 (Use-after-free vulnerability in the Clear method in the ActiveX ...)
+CVE-2012-3754
 	NOT-FOR-US: QuickTime
-CVE-2012-3753 (Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows ...)
+CVE-2012-3753
 	NOT-FOR-US: QuickTime
-CVE-2012-3752 (Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote ...)
+CVE-2012-3752
 	NOT-FOR-US: QuickTime
-CVE-2012-3751 (Use-after-free vulnerability in the plugin in Apple QuickTime before ...)
+CVE-2012-3751
 	NOT-FOR-US: QuickTime
-CVE-2012-3750 (The Passcode Lock implementation in Apple iOS before 6.0.1 does not ...)
+CVE-2012-3750
 	NOT-FOR-US: iOS
-CVE-2012-3749 (The extensions APIs in the kernel in Apple iOS before 6.0.1 provide ...)
+CVE-2012-3749
 	NOT-FOR-US: iOS
-CVE-2012-3748 (Race condition in WebKit in Apple iOS before 6.0.1 and Safari before ...)
+CVE-2012-3748
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3747 (WebKit, as used in Apple iOS before 6, allows remote attackers to ...)
+CVE-2012-3747
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3746 (UIWebView in UIKit in Apple iOS before 6 does not properly use the ...)
+CVE-2012-3746
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3745 (Off-by-one error in Telephony in Apple iOS before 6 allows remote ...)
+CVE-2012-3745
 	NOT-FOR-US: Telephony in Apple iOS
-CVE-2012-3744 (Telephony in Apple iOS before 6 uses an SMS message's return address ...)
+CVE-2012-3744
 	NOT-FOR-US: Telephony in Apple iOS
-CVE-2012-3743 (The System Logs implementation in Apple iOS before 6 does not restrict ...)
+CVE-2012-3743
 	NOT-FOR-US: Apple iOS
-CVE-2012-3742 (Safari in Apple iOS before 6 does not properly restrict use of an ...)
+CVE-2012-3742
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3741 (The Restrictions (aka Parental Controls) implementation in Apple iOS ...)
+CVE-2012-3741
 	NOT-FOR-US: Apple iOS
-CVE-2012-3740 (The Passcode Lock implementation in Apple iOS before 6 does not ...)
+CVE-2012-3740
 	NOT-FOR-US: Apple iOS
-CVE-2012-3739 (The Passcode Lock implementation in Apple iOS before 6 allows ...)
+CVE-2012-3739
 	NOT-FOR-US: Apple iOS
-CVE-2012-3738 (The Emergency Dialer screen in the Passcode Lock implementation in ...)
+CVE-2012-3738
 	NOT-FOR-US: Apple iOS
-CVE-2012-3737 (The Passcode Lock implementation in Apple iOS before 6 does not ...)
+CVE-2012-3737
 	NOT-FOR-US: Apple iOS
-CVE-2012-3736 (The Passcode Lock implementation in Apple iOS before 6 allows ...)
+CVE-2012-3736
 	NOT-FOR-US: Apple iOS
-CVE-2012-3735 (The Passcode Lock implementation in Apple iOS before 6 does not ...)
+CVE-2012-3735
 	NOT-FOR-US: Apple iOS
-CVE-2012-3734 (Office Viewer in Apple iOS before 6 writes cleartext document data to ...)
+CVE-2012-3734
 	NOT-FOR-US: Apple iOS
-CVE-2012-3733 (Messages in Apple iOS before 6, when multiple iMessage e-mail ...)
+CVE-2012-3733
 	NOT-FOR-US: Apple iOS
-CVE-2012-3732 (Mail in Apple iOS before 6 uses an S/MIME message's From address as ...)
+CVE-2012-3732
 	NOT-FOR-US: Apple iOS
-CVE-2012-3731 (Mail in Apple iOS before 6 does not properly implement the Data ...)
+CVE-2012-3731
 	NOT-FOR-US: Apple iOS
-CVE-2012-3730 (Mail in Apple iOS before 6 does not properly handle reuse of ...)
+CVE-2012-3730
 	NOT-FOR-US: Apple iOS
-CVE-2012-3729 (The Berkeley Packet Filter (BPF) interpreter implementation in the ...)
+CVE-2012-3729
 	NOT-FOR-US: Apple iOS
-CVE-2012-3728 (The kernel in Apple iOS before 6 dereferences invalid pointers during ...)
+CVE-2012-3728
 	NOT-FOR-US: Apple iOS
-CVE-2012-3727 (Buffer overflow in the IPsec component in Apple iOS before 6 allows ...)
+CVE-2012-3727
 	NOT-FOR-US: Apple iOS
-CVE-2012-3726 (Double free vulnerability in ImageIO in Apple iOS before 6 allows ...)
+CVE-2012-3726
 	NOT-FOR-US: Apple iOS
-CVE-2012-3725 (The DNAv4 protocol implementation in the DHCP component in Apple iOS ...)
+CVE-2012-3725
 	NOT-FOR-US: Apple iOS
-CVE-2012-3724 (CFNetwork in Apple iOS before 6 does not properly identify the host ...)
+CVE-2012-3724
 	NOT-FOR-US: Apple iOS
-CVE-2012-3723 (Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts ...)
+CVE-2012-3723
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3722 (The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and ...)
+CVE-2012-3722
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2012-3721 (Profile Manager in Apple Mac OS X before 10.7.5 does not properly ...)
+CVE-2012-3721
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3720 (Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before ...)
+CVE-2012-3720
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3719 (Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded ...)
+CVE-2012-3719
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3718 (Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local ...)
+CVE-2012-3718
 	NOT-FOR-US: Apple Mac OS X
 CVE-2012-3717
 	RESERVED
-CVE-2012-3716 (CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote ...)
+CVE-2012-3716
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3715 (Apple Safari before 6.0.1 makes http requests for https URIs in ...)
+CVE-2012-3715
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3714 (The Form Autofill feature in Apple Safari before 6.0.1 does not ...)
+CVE-2012-3714
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3713 (Apple Safari before 6.0.1 does not properly handle the Quarantine ...)
+CVE-2012-3713
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3712 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3712
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3711 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3711
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3710 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3710
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3709 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3709
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3708 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3708
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3707 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3707
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3706 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3706
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3705 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3705
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3704 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3704
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3703 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3703
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3702 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3702
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3701 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3701
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3700 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3700
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3699 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3699
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3698 (Apple Xcode before 4.4 does not properly compose a designated ...)
+CVE-2012-3698
 	NOT-FOR-US: Apple Xcode
-CVE-2012-3697 (WebKit in Apple Safari before 6.0 does not properly handle file: URLs, ...)
+CVE-2012-3697
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3696 (CRLF injection vulnerability in WebKit in Apple Safari before 6.0 ...)
+CVE-2012-3696
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2012-3695
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3694 (WebKit in Apple Safari before 6.0 does not properly handle ...)
+CVE-2012-3694
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3693 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...)
+CVE-2012-3693
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3692 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3692
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3691 (WebKit in Apple Safari before 6.0 does not properly handle Cascading ...)
+CVE-2012-3691
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3690 (WebKit in Apple Safari before 6.0 does not properly handle ...)
+CVE-2012-3690
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3689 (WebKit in Apple Safari before 6.0 does not properly handle ...)
+CVE-2012-3689
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3688 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3688
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3687 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3687
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3686 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3686
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3685 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3685
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3684 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3684
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3683 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3683
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3682 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3682
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3681 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3681
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3680 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3680
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3679 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3679
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3678 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3678
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3677 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3677
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3676 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3676
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3675 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3675
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3674 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3674
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3673 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3673
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3672 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3672
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3671 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3671
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3670 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3670
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3669 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3669
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3668 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3668
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3667 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3667
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3666 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3666
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3665 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3665
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3664 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3664
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3663 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3663
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3662
 	RESERVED
-CVE-2012-3661 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3661
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3660 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3660
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3659 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3659
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3658 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3658
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3657 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3657
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3656 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3656
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3655 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3655
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3654 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3654
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3653 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3653
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3652 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3652
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3651 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3651
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3650 (WebKit in Apple Safari before 6.0 accesses uninitialized memory ...)
+CVE-2012-3650
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3649 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3649
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3648 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3648
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3647 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3647
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3646 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3646
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3645 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3645
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3644 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3644
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3643 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3643
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3642 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3642
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3641 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3641
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3640 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3640
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3639 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3639
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3638 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3638
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3637 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3637
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3636 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3636
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3635 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3635
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3634 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3634
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3633 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3633
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3632 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3632
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3631 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3631
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3630 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3630
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3629 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3629
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3628 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3628
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3627 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3627
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3626 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3626
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3625 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3625
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3624 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3624
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3623 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3623
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3622 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3622
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3621 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3621
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3620 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3620
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3619
 	RESERVED
-CVE-2012-3618 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3618
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3617 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3617
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3616 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3616
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3615 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3615
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3614 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3614
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3613 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3613
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3612 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3612
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3611 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3611
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3610 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3610
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3609 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3609
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3608 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3608
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3607 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3607
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3606 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3606
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3605 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3605
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3604 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3604
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3603 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3603
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3602 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3602
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3601 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3601
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3600 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3600
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3599 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3599
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3598 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
+CVE-2012-3598
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3597 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3597
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3596 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3596
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3595 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3595
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3594 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3594
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3593 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3593
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3592 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3592
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3591 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3591
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3590 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3590
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3589 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-3589
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3588 (Directory traversal vulnerability in preview.php in the Plugin ...)
+CVE-2012-3588
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3587 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the ...)
+CVE-2012-3587
 	- apt 0.7.25 (unimportant)
 	NOTE: net-update is disabled by default on Debian
 CVE-2012-3586
 	RESERVED
-CVE-2012-3585 (Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) ...)
+CVE-2012-3585
 	NOT-FOR-US: IrfanView PlugIns
 CVE-2012-3584
 	RESERVED
 CVE-2012-3583
 	REJECTED
-CVE-2012-3582 (Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly ...)
+CVE-2012-3582
 	NOT-FOR-US: Symantec PGP Universal Server
-CVE-2012-3581 (Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers ...)
+CVE-2012-3581
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-3580 (Symantec Messaging Gateway (SMG) before 10.0 allows remote ...)
+CVE-2012-3580
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-3579 (Symantec Messaging Gateway (SMG) before 10.0 has a default password ...)
+CVE-2012-3579
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-3578 (Unrestricted file upload vulnerability in html/Upload.php in the ...)
+CVE-2012-3578
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3577 (Unrestricted file upload vulnerability in doupload.php in the Nmedia ...)
+CVE-2012-3577
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3576 (Unrestricted file upload vulnerability in php/upload.php in the ...)
+CVE-2012-3576
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3575 (Unrestricted file upload vulnerability in uploader.php in the RBX ...)
+CVE-2012-3575
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3574 (Unrestricted file upload vulnerability in ...)
+CVE-2012-3574
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-3573
 	REJECTED
-CVE-2012-3572 (Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and ...)
+CVE-2012-3572
 	NOT-FOR-US: Open Source Competency Center (OSCC) MyMeeting
-CVE-2012-3571 (ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows ...)
+CVE-2012-3571
 	{DSA-2519-2 DSA-2519-1 DSA-2516-1}
 	- isc-dhcp 4.2.4-2 (bug #686174)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3570 (Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is ...)
+CVE-2012-3570
 	- isc-dhcp 4.2.4-2 (bug #686174)
 	[squeeze] - isc-dhcp <not-affected> (Vulnerable code not present)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3569 (Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used ...)
+CVE-2012-3569
 	NOT-FOR-US: VMware OVF Tool
-CVE-2012-3568 (Opera before 12.00 Beta allows remote attackers to cause a denial of ...)
+CVE-2012-3568
 	NOT-FOR-US: Opera
-CVE-2012-3567 (Opera before 12.00 Beta allows remote attackers to cause a denial of ...)
+CVE-2012-3567
 	NOT-FOR-US: Opera
-CVE-2012-3566 (Opera before 12.00 Beta allows user-assisted remote attackers to cause ...)
+CVE-2012-3566
 	NOT-FOR-US: Opera
-CVE-2012-3565 (Opera before 12.00 Beta allows remote attackers to cause a denial of ...)
+CVE-2012-3565
 	NOT-FOR-US: Opera
-CVE-2012-3564 (Opera before 12.00 Beta allows remote attackers to cause a denial of ...)
+CVE-2012-3564
 	NOT-FOR-US: Opera
-CVE-2012-3563 (Opera before 12.00 Beta allows remote attackers to cause a denial of ...)
+CVE-2012-3563
 	NOT-FOR-US: Opera
-CVE-2012-3562 (Opera before 12.00 Beta allows user-assisted remote attackers to cause ...)
+CVE-2012-3562
 	NOT-FOR-US: Opera
-CVE-2012-3561 (Opera before 11.64 does not properly allocate memory for URL strings, ...)
+CVE-2012-3561
 	NOT-FOR-US: Opera
-CVE-2012-3560 (Opera before 11.65 does not ensure that the address field corresponds ...)
+CVE-2012-3560
 	NOT-FOR-US: Opera
-CVE-2012-3559 (Unspecified vulnerability in Opera before 12.00 on Mac OS X has ...)
+CVE-2012-3559
 	NOT-FOR-US: Opera
-CVE-2012-3558 (Opera before 11.65 does not ensure that the address field corresponds ...)
+CVE-2012-3558
 	NOT-FOR-US: Opera
-CVE-2012-3557 (Opera before 11.65 does not properly restrict the reading of JSON ...)
+CVE-2012-3557
 	NOT-FOR-US: Opera
-CVE-2012-3556 (Opera before 11.65 does not properly restrict the opening of a pop-up ...)
+CVE-2012-3556
 	NOT-FOR-US: Opera
-CVE-2012-3555 (Opera before 11.65 does not ensure that keyboard sequences are ...)
+CVE-2012-3555
 	NOT-FOR-US: Opera
-CVE-2012-3554 (SQL injection vulnerability in the RSGallery2 (com_rsgallery2) ...)
+CVE-2012-3554
 	NOT-FOR-US: Joomla addon
-CVE-2012-3552 (Race condition in the IP implementation in the Linux kernel before 3.0 ...)
+CVE-2012-3552
 	{DSA-2668-1}
 	- linux 3.0-1
 	- linux-2.6 <removed>
-CVE-2012-3551 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-3551
 	NOT-FOR-US: Crowbar
 CVE-2012-3550
 	REJECTED
-CVE-2012-3549 (The SCTP implementation in FreeBSD 8.2 allows remote attackers to ...)
+CVE-2012-3549
 	- kfreebsd-8 8.3-5 (bug #686961)
 	[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
 	- kfreebsd-9 9.0-7 (bug #686962)
 	- kfreebsd-10 10.0~svn242489-1 (bug #686963)
 	NOTE: http://www.exploit-db.com/exploits/20226/
-CVE-2012-3548 (The dissect_drda function in epan/dissectors/packet-drda.c in ...)
+CVE-2012-3548
 	- wireshark 1.8.2-2 (unimportant; bug #686225)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: Doesn't allow code injection
 	NOTE: debian changelog contains CVE-2012-5239, but this was rejected in favour of CVE-2012-3548
-CVE-2012-3547 (Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS ...)
+CVE-2012-3547
 	{DSA-2546-1}
 	- freeradius 2.1.12+dfsg-1.1 (medium; bug #687175)
-CVE-2012-3546 (org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before ...)
+CVE-2012-3546
 	- tomcat7 7.0.28-4 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 CVE-2012-3545
 	REJECTED
-CVE-2012-3544 (Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not ...)
+CVE-2012-3544
 	{DSA-2897-1 DSA-2725-1}
 	- tomcat6 6.0.37
 	- tomcat7 7.0.30
@@ -7842,52 +7842,52 @@ CVE-2012-3543
 	RESERVED
 	- mono 2.10.8.1-7 (bug #686562)
 	[squeeze] - mono <no-dsa> (Minor issue)
-CVE-2012-3542 (OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and ...)
+CVE-2012-3542
 	- keystone 2012.1.1-5
 CVE-2012-3541
 	REJECTED
-CVE-2012-3540 (Open redirect vulnerability in views/auth_forms.py in OpenStack ...)
+CVE-2012-3540
 	- horizon 2012.1.1-4 (bug #686050)
 CVE-2012-3539
 	REJECTED
-CVE-2012-3538 (Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in ...)
+CVE-2012-3538
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-3537 (The Crowbar Ohai plugin ...)
+CVE-2012-3537
 	NOT-FOR-US: crowbar ohai plugin
 	NOTE: https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
-CVE-2012-3536 (Two XSS vulnerabilities were fixed in message list and view in the ...)
+CVE-2012-3536
 	NOT-FOR-US: Apache James
-CVE-2012-3535 (Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote ...)
+CVE-2012-3535
 	{DSA-2629-1}
 	- openjpeg 1.3+dfsg-4.6 (bug #685970)
-CVE-2012-3534 (GNU Gatekeeper before 3.1 does not limit the number of connections to ...)
+CVE-2012-3534
 	- gnugk 2:3.0.2-3 (low; bug #685969)
 	[squeeze] - gnugk <no-dsa> (Minor issue)
-CVE-2012-3533 (The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 ...)
+CVE-2012-3533
 	NOT-FOR-US: ovirt
-CVE-2012-3532 (Cross-site request forgery (CSRF) vulnerability in the GateIn Portal ...)
+CVE-2012-3532
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-3531 (Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 ...)
+CVE-2012-3531
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3530 (Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API ...)
+CVE-2012-3530
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3529 (The configuration module in the backend in TYPO3 4.5.x before 4.5.19, ...)
+CVE-2012-3529
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3528 (Multiple cross-site scripting (XSS) vulnerabilities in the backend in ...)
+CVE-2012-3528
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3527 (view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, ...)
+CVE-2012-3527
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3526 (The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the ...)
+CVE-2012-3526
 	{DSA-2532-1}
 	- libapache2-mod-rpaf 0.6-1 (bug #683984)
-CVE-2012-3525 (s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a ...)
+CVE-2012-3525
 	- jabberd2 2.2.17-1 (bug #685666)
-CVE-2012-3524 (libdbus 1.5.x and earlier, when used in setuid or other privileged ...)
+CVE-2012-3524
 	- dbus 1.6.8-1 (bug #689070)
 	[squeeze] - dbus 1.2.24-4+squeeze2
 	- glib2.0 2.33.12+really2.32.4-2
@@ -7896,366 +7896,366 @@ CVE-2012-3524 (libdbus 1.5.x and earlier, when used in setuid or other privilege
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/6
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=697105
 	NOTE: http://stealth.openwall.net/null/dzug.c
-CVE-2012-3523 (The STARTTLS implementation in nnrpd in INN before 2.5.3 does not ...)
+CVE-2012-3523
 	- inn <not-affected> (STARTTLS was introduced in 2.3, see bug #685581)
 	- inn2 2.5.3-1 (low; bug #685581)
 	[squeeze] - inn2 <no-dsa> (Minor issue)
-CVE-2012-3522 (Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in ...)
+CVE-2012-3522
 	- geshi <not-affected> (Vulnerable code not present, see bug #685323)
 	[squeeze] - geshi <no-dsa> (shipped as example/.gz)
-CVE-2012-3521 (Multiple directory traversal vulnerabilities in the cssgen contrib ...)
+CVE-2012-3521
 	- geshi 1.0.8.4-2 (bug #685324)
 	[squeeze] - geshi 1.0.8.4-1+squeeze1
-CVE-2012-3520 (The Netlink implementation in the Linux kernel before 3.2.30 does not ...)
+CVE-2012-3520
 	- linux 3.2.29-1
 	- linux-2.6 <not-affected> (Introduced in 3.1)
-CVE-2012-3519 (routerlist.c in Tor before 0.2.2.38 uses a different amount of time ...)
+CVE-2012-3519
 	{DSA-2548-1}
 	- tor 0.2.3.20-rc-1 (low)
-CVE-2012-3518 (The networkstatus_parse_vote_from_string function in routerparse.c in ...)
+CVE-2012-3518
 	{DSA-2548-1}
 	- tor 0.2.3.20-rc-1 (low)
-CVE-2012-3517 (Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might ...)
+CVE-2012-3517
 	{DLA-17-1}
 	- tor 0.2.3.20-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2012-3516 (The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall ...)
+CVE-2012-3516
 	- xen <not-affected> (Only affects >= 4.2)
-CVE-2012-3515 (Qemu, as used in Xen 4.0, 4.1 and possibly other products, when ...)
+CVE-2012-3515
 	{DSA-2545-1 DSA-2543-1 DSA-2542-1}
 	- xen 4.1.3-2 (bug #686764)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
 	- xen-qemu-dm-4.0 <removed>
 	- qemu 1.1.2+dfsg-1
 	- qemu-kvm 1.1.2+dfsg-1
-CVE-2012-3514 (OCaml Xml-Light Library before r234 computes hash values without ...)
+CVE-2012-3514
 	- xml-light 2.2-15 (low; bug #685584)
 	[squeeze] - xml-light <no-dsa> (Minor issue)
-CVE-2012-3513 (munin-cgi-graph in Munin before 2.0.6, when running as a CGI module ...)
+CVE-2012-3513
 	- munin 2.0.6-1 (bug #684076)
 	[squeeze] - munin <not-affected> (vulnerable code introduced in 2.x)
 	NOTE: http://www.munin-monitoring.org/ticket/1238
-CVE-2012-3512 (Munin before 2.0.6 stores plugin state files that run as root in the ...)
+CVE-2012-3512
 	{DLA-20-1}
 	- munin 2.0.6-1 (bug #684075)
 	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://www.munin-monitoring.org/ticket/1234
-CVE-2012-3511 (Multiple race conditions in the madvise_remove function in ...)
+CVE-2012-3511
 	- linux 3.2.23-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2012-3510 (Use-after-free vulnerability in the xacct_add_tsk function in ...)
+CVE-2012-3510
 	- linux 2.6.20-1
 	- linux-2.6 2.6.20-1
-CVE-2012-3509 (Multiple integer overflows in the (1) _objalloc_alloc function in ...)
+CVE-2012-3509
 	{DLA-324-1}
 	- binutils 2.22-8 (low; bug #688951)
-CVE-2012-4668 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 ...)
+CVE-2012-4668
 	- roundcube 0.7.2-4 (bug #685475)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.roundcube.net/ticket/1488613
-CVE-2012-3508 (Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in ...)
+CVE-2012-3508
 	- roundcube 0.7.2-4 (bug #685475)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.roundcube.net/ticket/1488613
-CVE-2012-3507 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-3507
 	- roundcube <not-affected> (only affects rc versions of 0.8)
 	NOTE: http://trac.roundcube.net/ticket/1488519
-CVE-2012-3506 (Unspecified vulnerability in the Apache Open For Business Project (aka ...)
+CVE-2012-3506
 	NOT-FOR-US: OFBiz
-CVE-2012-3505 (Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial ...)
+CVE-2012-3505
 	{DSA-2564-1}
 	- tinyproxy 1.8.3-3 (bug #685281)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/tinyproxy/+bug/1036985
-CVE-2012-3504 (The nssconfigFound function in genkey.pl in crypto-utils 2.4.1-34 ...)
+CVE-2012-3504
 	NOT-FOR-US: genkey script from Red Hat, not present in Debian
-CVE-2012-3503 (The installation script in Katello 1.0 and earlier does not properly ...)
+CVE-2012-3503
 	NOT-FOR-US: Katello
-CVE-2012-3502 (The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp ...)
+CVE-2012-3502
 	- apache2 <not-affected> (Only affects 2.4 from experimental)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=53727
-CVE-2012-3501 (The squidclamav_check_preview_handler function in squidclamav.c in ...)
+CVE-2012-3501
 	- squidclamav <removed> (bug #685398)
-CVE-2012-3500 (scripts/annotate-output.sh in devscripts before 2.12.2, as used in ...)
+CVE-2012-3500
 	{DSA-2549-1}
 	- devscripts 2.12.2
-CVE-2012-3499 (Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP ...)
+CVE-2012-3499
 	{DSA-2637-1}
 	- apache2 2.2.22-13 (low)
-CVE-2012-3498 (PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and ...)
+CVE-2012-3498
 	- xen 4.1.3-2 (bug #686764)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2012-3497 ((1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) ...)
+CVE-2012-3497
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-3496 (XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer ...)
+CVE-2012-3496
 	{DSA-2544-1}
 	- xen 4.1.3-2 (bug #686764)
-CVE-2012-3495 (The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x ...)
+CVE-2012-3495
 	- xen 4.1.3-2 (bug #686764)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2012-3494 (The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, ...)
+CVE-2012-3494
 	{DSA-2544-1}
 	- xen 4.1.3-2 (bug #686764)
-CVE-2012-3493 (The command_give_request_ad function in condor_startd.V6/command.cpp ...)
+CVE-2012-3493
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
-CVE-2012-3492 (The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor ...)
+CVE-2012-3492
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
-CVE-2012-3491 (src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and ...)
+CVE-2012-3491
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
 CVE-2012-3490
 	RESERVED
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
-CVE-2012-3489 (The xml_parse function in the libxml2 support in the core server ...)
+CVE-2012-3489
 	{DSA-2534-1}
 	- postgresql-9.1 9.1.5-1
 	- postgresql-8.4 8.4.12-2
-CVE-2012-3488 (The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, ...)
+CVE-2012-3488
 	{DSA-2534-1}
 	- postgresql-9.1 9.1.5-1
 	- postgresql-8.4 8.4.12-2
-CVE-2012-3487 (Race condition in Tunnelblick 3.3beta20 and earlier allows local users ...)
+CVE-2012-3487
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3486 (Tunnelblick 3.3beta20 and earlier allows local users to gain ...)
+CVE-2012-3486
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3485 (Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the ...)
+CVE-2012-3485
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3484 (Tunnelblick 3.3beta20 and earlier relies on a test for specific ...)
+CVE-2012-3484
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3483 (Race condition in the runScript function in Tunnelblick 3.3beta20 and ...)
+CVE-2012-3483
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3482 (Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in ...)
+CVE-2012-3482
 	- fetchmail 6.3.22-1 (low)
 	[wheezy] - fetchmail <no-dsa> (Minor issue)
 	[squeeze] - fetchmail <no-dsa> (Minor issue)
-CVE-2012-3481 (Integer overflow in the ReadImage function in ...)
+CVE-2012-3481
 	- gimp 2.8.2-1 (bug #685397)
 	[squeeze] - gimp 2.6.10-1+squeeze4
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/8
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=776572
-CVE-2012-3480 (Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, ...)
+CVE-2012-3480
 	{DLA-165-1}
 	- eglibc 2.13-36 (bug #684889)
 	- glibc 2.13-36
-CVE-2012-3479 (lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically ...)
+CVE-2012-3479
 	{DSA-2603-1}
 	- emacs23 23.4+1-4 (bug #684695)
 	- emacs24 24.2+1-1 (bug #684694)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/13/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/13/2
-CVE-2012-3478 (rssh 2.3.3 and earlier allows local users to bypass intended ...)
+CVE-2012-3478
 	{DSA-2530-1}
 	- rssh 2.3.3-5
-CVE-2012-3477 (SQL injection vulnerability in signup_check.php in NeoInvoice allows ...)
+CVE-2012-3477
 	NOT-FOR-US: Neoinvoice
-CVE-2012-3476 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2012-3476
 	NOT-FOR-US: Ushahidi
-CVE-2012-3475 (The installer in the Ushahidi Platform before 2.5 omits certain calls ...)
+CVE-2012-3475
 	NOT-FOR-US: Ushahidi
-CVE-2012-3474 (The comments API in ...)
+CVE-2012-3474
 	NOT-FOR-US: Ushahidi
-CVE-2012-3473 (The (1) reports API and (2) administration feature in the comments API ...)
+CVE-2012-3473
 	NOT-FOR-US: Ushahidi
-CVE-2012-3472 (The email API in application/libraries/api/MY_Email_Api_Object.php in ...)
+CVE-2012-3472
 	NOT-FOR-US: Ushahidi
-CVE-2012-3471 (Multiple SQL injection vulnerabilities in the edit functions in (1) ...)
+CVE-2012-3471
 	NOT-FOR-US: Ushahidi
-CVE-2012-3470 (Multiple SQL injection vulnerabilities in ...)
+CVE-2012-3470
 	NOT-FOR-US: Ushahidi
-CVE-2012-3469 (Multiple SQL injection vulnerabilities in the Ushahidi Platform before ...)
+CVE-2012-3469
 	NOT-FOR-US: Ushahidi
-CVE-2012-3468 (Multiple SQL injection vulnerabilities in the Ushahidi Platform before ...)
+CVE-2012-3468
 	NOT-FOR-US: Ushahidi
-CVE-2012-3467 (Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism ...)
+CVE-2012-3467
 	- qpid-cpp 0.16-7 (bug #684456)
 	[wheezy] - qpid-cpp 0.16-6+deb7u1
-CVE-2012-3466 (GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set ...)
+CVE-2012-3466
 	- gnome-keyring 3.4.1-5 (bug #683655)
 	[squeeze] - gnome-keyring <not-affected> (Only affects gnome-keyring 3.4.x)
-CVE-2012-3465 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-3465
 	{DSA-2655-1}
 	- rails 2.3.14.1 (low)
 	- ruby-actionpack-3.2 3.2.6-4 (bug #684454)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-3464 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-3464
 	{DSA-2655-1}
 	- rails 2.3.14.1 (low)
 	- ruby-actionpack-3.2 3.2.6-4 (bug #684454)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-3463 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-3463
 	- rails <not-affected> (Only affects RoR 3.x)
 	- ruby-actionpack-3.2 3.2.6-4 (bug #684454)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/09/8
 CVE-2012-3462
 	RESERVED
-CVE-2012-3461 (The (1) otrl_base64_otr_decode function in src/b64.c; (2) ...)
+CVE-2012-3461
 	{DSA-2526-1}
 	- libotr 3.2.1-1 (medium; bug #684121)
 CVE-2012-3460
 	RESERVED
 	NOT-FOR-US: Cumin
-CVE-2012-3459 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, ...)
+CVE-2012-3459
 	NOT-FOR-US: Cumin
-CVE-2012-3458 (Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES ...)
+CVE-2012-3458
 	{DSA-2541-1}
 	- beaker 1.6.3-1.1 (bug #684890)
-CVE-2012-3457 (PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for ...)
+CVE-2012-3457
 	- pnp4nagios <unfixed> (unimportant; bug #683879)
 	NOTE: The permissions of this file are under the control of the admin
-CVE-2012-3456 (Heap-based buffer overflow in the read function in ...)
+CVE-2012-3456
 	- calligra 1:2.4.3-2 (bug #684004)
 	- wv2 0.4.2.dfsg.1-9.1 (low)
 	[squeeze] - wv2 <no-dsa> (Minor issue)
-CVE-2012-3455 (Heap-based buffer overflow in the read function in ...)
+CVE-2012-3455
 	- koffice <removed> (low)
 	[squeeze] - koffice <no-dsa> (Minor issue)
-CVE-2012-3454 (eXtplorer 2.1.0b6 uses world writable permissions for the ...)
+CVE-2012-3454
 	- extplorer 2.1.0b6+dfsg.3-4 (low; bug #683649)
 	[squeeze] - extplorer <no-dsa> (Minor issue)
-CVE-2012-3453 (logol 1.5.0 uses world writable permissions for the ...)
+CVE-2012-3453
 	- logol 1.5.0-4 (bug #683647)
-CVE-2012-3452 (gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when ...)
+CVE-2012-3452
 	- gnome-screensaver <not-affected> (vulnerable code not present)
-CVE-2012-3451 (Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 ...)
+CVE-2012-3451
 	NOT-FOR-US: Apache CXF
-CVE-2012-3450 (pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x ...)
+CVE-2012-3450
 	{DSA-2527-1}
 	- php5 5.4.4-1 (bug #683694)
 	NOTE: http://seclists.org/bugtraq/2012/Jun/60
 	NOTE: https://bugs.php.net/bug.php?id=61755
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/02/3
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/02/7
-CVE-2012-3449 (Open vSwitch 1.4.2 uses world writable permissions for (1) ...)
+CVE-2012-3449
 	- openvswitch 1.4.2+git20120612-8 (bug #683665)
-CVE-2012-3448 (Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote ...)
+CVE-2012-3448
 	{DSA-2610-1}
 	- ganglia 3.3.8-1 (bug #683584)
-CVE-2012-3447 (virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 ...)
+CVE-2012-3447
 	- nova 2012.1.1-6 (bug #684256)
-CVE-2012-3446 (Apache Libcloud before 0.11.1 uses an incorrect regular expression ...)
+CVE-2012-3446
 	- libcloud 0.5.0-1.1 (bug #683927)
-CVE-2012-3445 (The virTypedParameterArrayClear function in libvirt 0.9.13 does not ...)
+CVE-2012-3445
 	- libvirt 0.9.12-4 (bug #683483)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: https://www.redhat.com/archives/libvir-list/2012-July/msg01650.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=844734
-CVE-2012-3444 (The get_image_dimensions function in the image-handling functionality ...)
+CVE-2012-3444
 	{DSA-2529-1}
 	- python-django 1.4.1-1 (bug #683364)
 	NOTE: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/2
-CVE-2012-3443 (The django.forms.ImageField class in the form system in Django before ...)
+CVE-2012-3443
 	{DSA-2529-1}
 	- python-django 1.4.1-1 (bug #683364)
 	NOTE: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/2
-CVE-2012-3442 (The (1) django.http.HttpResponseRedirect and (2) ...)
+CVE-2012-3442
 	{DSA-2529-1}
 	- python-django 1.4.1-1 (bug #683364)
 	NOTE: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/2
-CVE-2012-3441 (The database creation script ...)
+CVE-2012-3441
 	- icinga <not-affected> (Debian uses dbconfig, which does the right thing, bug #683320)
-CVE-2012-3440 (A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux ...)
+CVE-2012-3440
 	- sudo <not-affected> (Red Hat-specific postinst script)
 CVE-2012-3439
 	REJECTED
-CVE-2012-3438 (The Magick_png_malloc function in coders/png.c in GraphicsMagick ...)
+CVE-2012-3438
 	- graphicsmagick 1.3.16-1.1 (low; bug #683284)
 	[squeeze] - graphicsmagick <no-dsa> (Minor issue)
-CVE-2012-3437 (The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 ...)
+CVE-2012-3437
 	{DLA-242-1}
 	- imagemagick 8:6.7.7.10-3 (low; bug #683285)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
-CVE-2012-3436 (OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to ...)
+CVE-2012-3436
 	{DSA-2524-1}
 	- openttd 1.2.1-2 (low; bug #683258)
-CVE-2012-3435 (SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix ...)
+CVE-2012-3435
 	{DSA-2539-1}
 	- zabbix 1:2.0.2+dfsg-1 (bug #683273)
 	NOTE: http://seclists.org/oss-sec/2012/q3/127
-CVE-2012-3434 (Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php ...)
+CVE-2012-3434
 	NOT-FOR-US: WordPress plugin Count Per Day
-CVE-2012-3433 (Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of ...)
+CVE-2012-3433
 	{DSA-2531-1}
 	- xen 4.1.3-1 (bug #683279)
-CVE-2012-3432 (The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations ...)
+CVE-2012-3432
 	{DSA-2531-1}
 	- xen 4.1.3-1 (bug #683279)
-CVE-2012-3431 (The Teiid Java Database Connectivity (JDBC) socket, as used in JBoss ...)
+CVE-2012-3431
 	NOT-FOR-US: Teeid
-CVE-2012-3430 (The rds_recvmsg function in net/rds/recv.c in the Linux kernel before ...)
+CVE-2012-3430
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/26/3
-CVE-2012-3429 (The dns_to_ldap_dn_escape function in src/ldap_convert.c in ...)
+CVE-2012-3429
 	NOT-FOR-US: Dynamic LDAP backend plugin for BIND
-CVE-2012-3428 (The IronJacamar container before 1.0.12.Final for JBoss Application ...)
+CVE-2012-3428
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-3427 (EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application ...)
+CVE-2012-3427
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-3426 (OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before ...)
+CVE-2012-3426
 	- keystone 2012.1.1-1
-CVE-2012-3425 (The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before ...)
+CVE-2012-3425
 	{DLA-375-1}
 	- libpng 1.2.49-1 (low; bug #668082)
-CVE-2012-3424 (The decode_credentials method in ...)
+CVE-2012-3424
 	- rails <not-affected> (Only affects RoR 3.x)
 	- ruby-actionpack-3.2 3.2.6-3 (bug #683370)
-CVE-2012-3423 (The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant ...)
+CVE-2012-3423
 	- icedtea-web 1.3-1
-CVE-2012-3422 (The getFirstInTableInstance function in the IcedTea-Web plugin before ...)
+CVE-2012-3422
 	- icedtea-web 1.3-1
-CVE-2012-3421 (The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) ...)
+CVE-2012-3421
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3420 (Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow ...)
+CVE-2012-3420
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3419 (Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file ...)
+CVE-2012-3419
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3418 (libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote ...)
+CVE-2012-3418
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3417 (The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota ...)
+CVE-2012-3417
 	- quota 4.00~pre1-1
 	NOTE: this is at least fixed in 4.00, I could not trace this back to an exact version
-CVE-2012-3416 (Condor before 7.8.2 allows remote attackers to bypass host-based ...)
+CVE-2012-3416
 	- condor 7.8.2~dfsg.1-1 (bug #685366)
 CVE-2012-3415
 	REJECTED
-CVE-2012-3414 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload ...)
+CVE-2012-3414
 	- libjs-swfupload 2.2.0.1+ds1-2 (low; bug #681323)
 	- wordpress 3.5.1+dfsg-1 (bug #698934)
 	NOTE: https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/
-CVE-2012-3413 (The HTMLQuoteColorer::process function in ...)
+CVE-2012-3413
 	- kdepim <not-affected> (Only affects kdepim >= 4.6)
 	NOTE: CVE-request http://www.openwall.com/lists/oss-security/2012/07/13/3
 	NOTE: https://projects.kde.org/projects/kde/kdepim/repository/revisions/dbb2f72f4745e00f53031965a9c10b2d6862bd54
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1022690
-CVE-2012-3412 (The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before ...)
+CVE-2012-3412
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2012-3411 (Dnsmasq before 2.63test1, when used with certain libvirt ...)
+CVE-2012-3411
 	- dnsmasq 2.63-1 (low; bug #683372)
 	[wheezy] - dnsmasq <no-dsa> (Minor issue)
 	[squeeze] - dnsmasq <no-dsa> (Minor issue)
 	NOTE: Please see CVE-2013-0198
-CVE-2012-3410 (Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 ...)
+CVE-2012-3410
 	- bash 4.2-4 (low; bug #681278)
 	[squeeze] - bash <no-dsa> (Minor issue)
 CVE-2012-3409
 	RESERVED
 	- ecryptfs-utils 99-1 (bug #682220)
 	[squeeze] - ecryptfs-utils <not-affected> (home src/dest mountpoints hardcoded in that version)
-CVE-2012-3408 (lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet ...)
+CVE-2012-3408
 	- puppet 2.7.18-1 (low)
 	[squeeze] - puppet <no-dsa> (Minor issue)
 	NOTE: http://puppetlabs.com/security/cve/cve-2012-3408/
@@ -8266,7 +8266,7 @@ CVE-2012-3407
 	NOT-FOR-US: plow
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/16
-CVE-2012-3406 (The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka ...)
+CVE-2012-3406
 	{DSA-3169-1 DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.19-14 (low; bug #681888)
@@ -8274,7 +8274,7 @@ CVE-2012-3406 (The vfprintf function in stdio-common/vfprintf.c in GNU C Library
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=826943
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
-CVE-2012-3405 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C ...)
+CVE-2012-3405
 	{DLA-165-1}
 	- glibc 2.13-35 (low; bug #681473)
 	- eglibc 2.13-35 (low; bug #681473)
@@ -8284,7 +8284,7 @@ CVE-2012-3405 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1d498daa95384e5c9ad5bcb35e7a996e5869ac39
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
-CVE-2012-3404 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C ...)
+CVE-2012-3404
 	- glibc 2.13-35 (low; bug #681473)
 	- eglibc 2.13-35 (low; bug #681473)
 	[squeeze] - eglibc 2.11.3-1
@@ -8293,59 +8293,59 @@ CVE-2012-3404 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=833703
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
-CVE-2012-3403 (Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP ...)
+CVE-2012-3403
 	- gimp 2.8.2-1 (bug #685397)
 	[squeeze] - gimp 2.6.10-1+squeeze4
-CVE-2012-3402 (Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD ...)
+CVE-2012-3402
 	- gimp 2.4.0~rc1-1
 	NOTE: Only affects 2.2 series
-CVE-2012-3401 (The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in ...)
+CVE-2012-3401
 	{DSA-2552-1}
 	- tiff 4.0.2-2 (bug #682115)
 	- tiff3 3.9.6-7 (bug #682195)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=837577
-CVE-2012-3400 (Heap-based buffer overflow in the udf_load_logicalvol function in ...)
+CVE-2012-3400
 	- linux 3.2.23-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2012-3399 (Config/diff.php in Basilic 1.5.14 allows remote attackers to execute ...)
+CVE-2012-3399
 	NOT-FOR-US: Basilic
-CVE-2012-3398 (Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, ...)
+CVE-2012-3398
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2012-3397 (lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, ...)
+CVE-2012-3397
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
-CVE-2012-3396 (Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in ...)
+CVE-2012-3396
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
-CVE-2012-3395 (SQL injection vulnerability in mod/feedback/complete.php in Moodle ...)
+CVE-2012-3395
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
-CVE-2012-3394 (auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x ...)
+CVE-2012-3394
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3393 (Cross-site scripting (XSS) vulnerability in repository/lib.php in ...)
+CVE-2012-3393
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3392 (mod/forum/unsubscribeall.php in Moodle 2.1.x before 2.1.7 and 2.2.x ...)
+CVE-2012-3392
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3391 (mod/forum/rsslib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before ...)
+CVE-2012-3391
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3390 (lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 ...)
+CVE-2012-3390
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3389 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-3389
 	- moodle 2.2.3.dfsg-2.2 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-3388 (The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before ...)
+CVE-2012-3388
 	- moodle 2.2.3.dfsg-2.2 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-3387 (Moodle 2.3.x before 2.3.1 uses only a client-side check for whether ...)
+CVE-2012-3387
 	- moodle <not-affected> (Only affects 2.3)
-CVE-2012-3386 (The &quot;make distcheck&quot; rule in GNU Automake before 1.11.6 and 1.12.x ...)
+CVE-2012-3386
 	- automake 1:1.4-p6-13.1
 	- automake1.10 1:1.10.3-3
 	[squeeze] - automake1.10 1:1.10.3-1+squeeze1
@@ -8355,108 +8355,108 @@ CVE-2012-3386 (The &quot;make distcheck&quot; rule in GNU Automake before 1.11.6
 	[squeeze] - automake1.7 1.7.9-9.1+squeeze1
 	- automake1.9 1.9.6+nogfdl-4
 	[squeeze] - automake1.9 1.9.6+nogfdl-3.1+squeeze1
-CVE-2012-3385 (WordPress before 3.4.1 does not properly restrict access to post ...)
+CVE-2012-3385
 	- wordpress 3.4.1+dfsg-1 (bug #680721)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/02/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/08/1
-CVE-2012-3384 (Cross-site request forgery (CSRF) vulnerability in the customizer in ...)
+CVE-2012-3384
 	- wordpress 3.4.1+dfsg-1 (bug #680721)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/02/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/08/1
-CVE-2012-3383 (The map_meta_cap function in wp-includes/capabilities.php in WordPress ...)
+CVE-2012-3383
 	- wordpress 3.4.1+dfsg-1 (bug #680721)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/02/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/08/1
-CVE-2012-3382 (Cross-site scripting (XSS) vulnerability in the ProcessRequest ...)
+CVE-2012-3382
 	{DSA-2512-1}
 	- mono 2.10.8.1-5 (bug #681095)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=769799
 	NOTE: https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2
-CVE-2012-3381 (sfcb in sblim-sfcb places a zero-length directory name in the ...)
+CVE-2012-3381
 	NOT-FOR-US: sblim-sfcb
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=770234
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=838160
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/06/7
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/06/8
-CVE-2012-3380 (Directory traversal vulnerability in naxsi-ui/nx_extract.py in the ...)
+CVE-2012-3380
 	- nginx 1.2.1-2
 	[squeeze] - nginx <not-affected> (naxsi package was introduced in 1.1.18-1)
 CVE-2012-3379 [as31: insecure file creation in /tmp]
 	REJECTED
-CVE-2012-3378 (The register_application function in atk-adaptor/bridge.c in GNOME ...)
+CVE-2012-3378
 	- at-spi2-atk 2.5.3-1 (bug #678026)
-CVE-2012-3377 (Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG ...)
+CVE-2012-3377
 	- vlc 2.0.2-1 (bug #680665)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=16e9e126333fb7acb47d363366fee3deadc8331e
 	NOTE: http://securitytracker.com/id/1027224
-CVE-2012-3376 (DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens ...)
+CVE-2012-3376
 	- hadoop <itp> (bug #535861)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/48
-CVE-2012-3375 (The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before ...)
+CVE-2012-3375
 	- linux 3.2.23-1
 	- linux-2.6 <not-affected> (Introduced in 3.2)
-CVE-2012-3374 (Buffer overflow in markup.c in the MXit protocol plugin in libpurple ...)
+CVE-2012-3374
 	{DSA-2509-1}
 	- pidgin 2.10.6-1 (bug #680661)
 	[squeeze] - pidgin 2.7.3-1+squeeze3
 	NOTE: http://www.pidgin.im/news/security/index.php?id=64
 	NOTE: http://hg.pidgin.im/pidgin/main/rev/ded93865ef42
-CVE-2012-3373 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
+CVE-2012-3373
 	NOT-FOR-US: Apache Wicket
-CVE-2012-3372 (** DISPUTED ** The default configuration of Cyberoam UTM appliances ...)
+CVE-2012-3372
 	NOT-FOR-US: Cyberoam DPI devices
 	NOTE: https://blog.torproject.org/blog/security-vulnerability-found-cyberoam-dpi-devices-cve-2012-3372
 	NOTE: http://seclists.org/bugtraq/2012/Jul/20
-CVE-2012-3371 (The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and ...)
+CVE-2012-3371
 	- nova 2012.1.1-5 (bug #681301)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/13
 	NOTE: https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d
 	NOTE: https://github.com/openstack/nova/commit/25f5bd31805bd21d7b7e3583c775252aa8f737e9
 	NOTE: https://bugs.launchpad.net/nova/+bug/1017795
-CVE-2012-3370 (The SecurityAssociation.getCredential method in JBoss Enterprise ...)
+CVE-2012-3370
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-3369 (The CallerIdentityLoginModule in JBoss Enterprise Application Platform ...)
+CVE-2012-3369
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-3368 (Integer signedness error in attach.c in dtach 0.8 allows remote ...)
+CVE-2012-3368
 	- dtach 0.8-2.1 (low; bug #625302)
 	[squeeze] - dtach 0.8-2+squeeze1
 	NOTE: http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357
 	NOTE: http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=812551
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835849
-CVE-2012-3367 (Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate ...)
+CVE-2012-3367
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-3366 (The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers ...)
+CVE-2012-3366
 	{DSA-2503-1}
 	- bcfg2 1.2.2-2 (bug #679272)
-CVE-2012-3365 (The SQLite functionality in PHP before 5.3.15 allows remote attackers ...)
+CVE-2012-3365
 	- php5 <removed> (unimportant)
 	NOTE: open_basedir not supported
-CVE-2012-3364 (Multiple stack-based buffer overflows in the Near Field Communication ...)
+CVE-2012-3364
 	- linux 3.2.23-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-3363 (Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before ...)
+CVE-2012-3363
 	{DSA-2505-1}
 	- zendframework 1.11.12-1 (bug #679215)
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2012-3362 (Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 ...)
+CVE-2012-3362
 	{DSA-2510-1}
 	- extplorer 2.1.0b6+dfsg.3-3 (bug #678737)
-CVE-2012-3361 (virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex ...)
+CVE-2012-3361
 	- nova 2012.1.1-2 (bug #680110)
-CVE-2012-3360 (Directory traversal vulnerability in virt/disk/api.py in OpenStack ...)
+CVE-2012-3360
 	- nova 2012.1.1-2 (bug #680110)
-CVE-2012-3359 (Luci in Red Hat Conga stores the user's username and password in a ...)
+CVE-2012-3359
 	NOT-FOR-US: Red Hat Conga
-CVE-2012-3358 (Multiple heap-based buffer overflows in the j2k_read_sot function in ...)
+CVE-2012-3358
 	{DSA-2629-1}
 	- openjpeg 1.3+dfsg-4.4 (bug #681075)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/1
 	NOTE: Upstream patch: http://code.google.com/p/openjpeg/source/detail?r=1727
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835767
-CVE-2012-3357 (The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before ...)
+CVE-2012-3357
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.3 (bug #679069)
 	NOTE: http://viewvc.tigris.org/issues/show_bug.cgi?id=353
@@ -8465,45 +8465,45 @@ CVE-2012-3357 (The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC befo
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2757
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2759
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2760
-CVE-2012-3356 (The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC ...)
+CVE-2012-3356
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.3 (bug #679069)
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2758
-CVE-2012-3355 ((1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) ...)
+CVE-2012-3355
 	- rhythmbox 2.97-2.1 (low; bug #616673)
 	[squeeze] - rhythmbox <no-dsa> (Minor issue)
 	NOTE: Upstream bug report https://bugzilla.gnome.org/show_bug.cgi?id=678661
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835076
-CVE-2012-3354 (doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain ...)
+CVE-2012-3354
 	- dokuwiki 0.0.20130510a-1 (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/24/2
-CVE-2012-3353 (The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling ...)
+CVE-2012-3353
 	NOT-FOR-US: Apache Sling
-CVE-2012-3553 (chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open ...)
+CVE-2012-3553
 	- asterisk <not-affected> (Only affects Asterisk 10)
 CVE-2012-3352
 	RESERVED
 CVE-2012-3351
 	RESERVED
-CVE-2012-3350 (SQL injection vulnerability in index.php in Webmatic 3.1.1 allows ...)
+CVE-2012-3350
 	NOT-FOR-US: WebMatic
 	NOTE: http://seclists.org/bugtraq/2012/Jul/25
 CVE-2012-3349
 	RESERVED
 CVE-2012-3348
 	RESERVED
-CVE-2012-3347 (AutoFORM PDM Archive before 7.0 implements user accounts in a way that ...)
+CVE-2012-3347
 	NOT-FOR-US: AutoFORM PDM Archive
 CVE-2012-3346
 	RESERVED
-CVE-2012-3345 (ioquake3 before r2253 allows local users to overwrite arbitrary files ...)
+CVE-2012-3345
 	- ioquake3 1.36+svn2224-4
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/15/3
 CVE-2012-3344
 	RESERVED
-CVE-2012-3343 (Cross-site request forgery (CSRF) vulnerability in Microdasys before ...)
+CVE-2012-3343
 	NOT-FOR-US: Microdasys
-CVE-2012-3342 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-3342
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2012-3341
@@ -8520,183 +8520,183 @@ CVE-2012-3336
 	RESERVED
 CVE-2012-3335
 	RESERVED
-CVE-2012-3334 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 ...)
+CVE-2012-3334
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2012-3333 (CRLF injection vulnerability in IBM Maximo Asset Management 7.x before ...)
+CVE-2012-3333
 	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2012-3332
 	RESERVED
-CVE-2012-3331 (IBM Sametime allows remote attackers to obtain sensitive information ...)
+CVE-2012-3331
 	NOT-FOR-US: IBM Sametime
-CVE-2012-3330 (The proxy server in IBM WebSphere Application Server 7.0 before ...)
+CVE-2012-3330
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3329 (IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 ...)
+CVE-2012-3329
 	NOT-FOR-US: IBM Advanced Settings Utility, Bootable Media Creator
-CVE-2012-3328 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2012-3328
 	NOT-FOR-US: IBM
-CVE-2012-3327 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2012-3327
 	NOT-FOR-US: IBM
-CVE-2012-3326 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2012-3326
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-3325 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x ...)
+CVE-2012-3325
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3324 (Directory traversal vulnerability in the UTL_FILE module in IBM DB2 ...)
+CVE-2012-3324
 	NOT-FOR-US: IBM DB2
-CVE-2012-3323 (IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and ...)
+CVE-2012-3323
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-3322 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2012-3322
 	NOT-FOR-US: IBM
-CVE-2012-3321 (IBM SmartCloud Control Desk 7.5 allows remote authenticated users to ...)
+CVE-2012-3321
 	NOT-FOR-US: IBM
 CVE-2012-3320
 	RESERVED
-CVE-2012-3319 (IBM Rational Business Developer 8.x before 8.0.1.4 allows remote ...)
+CVE-2012-3319
 	NOT-FOR-US: IBM Rational Business Developer
 CVE-2012-3318
 	RESERVED
-CVE-2012-3317 (IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, ...)
+CVE-2012-3317
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-3316 (Cross-site scripting (XSS) vulnerability in the Tivoli Process ...)
+CVE-2012-3316
 	NOT-FOR-US: IBM
-CVE-2012-3315 (The Java servlets in the management console in IBM Tivoli Federated ...)
+CVE-2012-3315
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3314 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated ...)
+CVE-2012-3314
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3313 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2012-3313
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-3312 (The datasource definition editor in IBM InfoSphere Guardium 8.2 and ...)
+CVE-2012-3312
 	NOT-FOR-US: IBM InfoSphere Guardium
-CVE-2012-3311 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before ...)
+CVE-2012-3311
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3310 (IBM Tivoli Federated Identity Manager (TFIM) before 6.1.1.14, 6.2.0 ...)
+CVE-2012-3310
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3309 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2012-3309
 	NOT-FOR-US: IBM InfoSphere Guardium
-CVE-2012-3308 (Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through ...)
+CVE-2012-3308
 	NOT-FOR-US: IBM Sametime
 CVE-2012-3307
 	RESERVED
-CVE-2012-3306 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before ...)
+CVE-2012-3306
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3305 (Directory traversal vulnerability in IBM WebSphere Application Server ...)
+CVE-2012-3305
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3304 (The Administrative Console in IBM WebSphere Application Server (WAS) ...)
+CVE-2012-3304
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2012-3303
 	RESERVED
-CVE-2012-3302 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
+CVE-2012-3302
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2012-3301 (Multiple CRLF injection vulnerabilities in the HTTP server in IBM ...)
+CVE-2012-3301
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2012-3300 (IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions ...)
+CVE-2012-3300
 	NOT-FOR-US: IBM WebSphere Commerce
 CVE-2012-3299
 	RESERVED
-CVE-2012-3298 (Unspecified vulnerability in the REST services framework in IBM ...)
+CVE-2012-3298
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2012-3297 (Cross-site scripting (XSS) vulnerability in the embedded HTTP server ...)
+CVE-2012-3297
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3296 (Cross-site scripting (XSS) vulnerability in the Help link in the login ...)
+CVE-2012-3296
 	NOT-FOR-US: IBM Power Hardware Management Console
-CVE-2012-3295 (IBM WebSphere MQ 7.1, when an SVRCONN channel is used, allows remote ...)
+CVE-2012-3295
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2012-3294 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Web ...)
+CVE-2012-3294
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-3293 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
+CVE-2012-3293
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-3292 (The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf ...)
+CVE-2012-3292
 	{DSA-2523-1}
 	- globus-gridftp-server 6.5-1
-CVE-2012-3291 (Heap-based buffer overflow in OpenConnect 3.18 allows remote servers ...)
+CVE-2012-3291
 	{DSA-2495-1}
 	- openconnect 3.18-1 (bug #677594)
-CVE-2012-3290 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2012-3290
 	NOT-FOR-US: Chrome books
-CVE-2012-3289 (VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, ...)
+CVE-2012-3289
 	NOT-FOR-US: VMware
-CVE-2012-3288 (VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware ...)
+CVE-2012-3288
 	NOT-FOR-US: VMware
-CVE-2012-3287 (Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and ...)
+CVE-2012-3287
 	NOT-FOR-US: md5crypt
-CVE-2012-3286 (Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and ...)
+CVE-2012-3286
 	NOT-FOR-US: HP ArcSight appliance
-CVE-2012-3285 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
+CVE-2012-3285
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3284 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
+CVE-2012-3284
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3283 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
+CVE-2012-3283
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3282 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
+CVE-2012-3282
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3281 (Unspecified vulnerability in Device Manager in HP XP P9000 Command ...)
+CVE-2012-3281
 	NOT-FOR-US: HP XP P9000 Command View
-CVE-2012-3280 (Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and ...)
+CVE-2012-3280
 	NOT-FOR-US: HP NonStop Servers
-CVE-2012-3279 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
+CVE-2012-3279
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2012-3278 (Stack-based buffer overflow in magentservice.exe in HP Diagnostics ...)
+CVE-2012-3278
 	NOT-FOR-US: HP Diagnostics Server
-CVE-2012-3277 (HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, ...)
+CVE-2012-3277
 	NOT-FOR-US: HP OpenVMS
-CVE-2012-3276 (HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, ...)
+CVE-2012-3276
 	NOT-FOR-US: HP OpenVMS
-CVE-2012-3275 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and ...)
+CVE-2012-3275
 	NOT-FOR-US: HP Network Node Manager
-CVE-2012-3274 (Stack-based buffer overflow in uam.exe in the User Access Manager ...)
+CVE-2012-3274
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-3273 (Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP ...)
+CVE-2012-3273
 	NOT-FOR-US: HP LaserJet
-CVE-2012-3272 (Cross-site scripting (XSS) vulnerability on the HP Color LaserJet ...)
+CVE-2012-3272
 	NOT-FOR-US: HP LaserJet
-CVE-2012-3271 (Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) ...)
+CVE-2012-3271
 	NOT-FOR-US: HP ILO
-CVE-2012-3270 (Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and ...)
+CVE-2012-3270
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-3269 (Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and ...)
+CVE-2012-3269
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-3268 (Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, ...)
+CVE-2012-3268
 	NOT-FOR-US: HP network devices
-CVE-2012-3267 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 ...)
+CVE-2012-3267
 	NOT-FOR-US: HP NNMi
-CVE-2012-3266 (Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX ...)
+CVE-2012-3266
 	NOT-FOR-US: HP IBRIX
 CVE-2012-3265
 	REJECTED
-CVE-2012-3264 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 ...)
+CVE-2012-3264
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3263 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 ...)
+CVE-2012-3263
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3262 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 ...)
+CVE-2012-3262
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3261 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 ...)
+CVE-2012-3261
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3260 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 ...)
+CVE-2012-3260
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3259 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 ...)
+CVE-2012-3259
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3258 (Unspecified vulnerability in HP Operations Orchestration 9.0 before ...)
+CVE-2012-3258
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2012-3257 (HP Business Availability Center (BAC) 8.07 allows remote authenticated ...)
+CVE-2012-3257
 	NOT-FOR-US: HP Business Availability Center
-CVE-2012-3256 (Cross-site request forgery (CSRF) vulnerability in HP Business ...)
+CVE-2012-3256
 	NOT-FOR-US: HP Business Availability Center
-CVE-2012-3255 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
+CVE-2012-3255
 	NOT-FOR-US: HP Business Availability Center
-CVE-2012-3254 (Multiple unspecified vulnerabilities in HP iNode Management Center ...)
+CVE-2012-3254
 	NOT-FOR-US: HP iNode Management Center
-CVE-2012-3253 (Multiple unspecified vulnerabilities in HP Intelligent Management ...)
+CVE-2012-3253
 	NOT-FOR-US: HP Intelligent Management
-CVE-2012-3252 (Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 ...)
+CVE-2012-3252
 	NOT-FOR-US: HP Serviceguard
-CVE-2012-3251 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web ...)
+CVE-2012-3251
 	NOT-FOR-US: HP Service Manager
-CVE-2012-3250 (Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and ...)
+CVE-2012-3250
 	NOT-FOR-US: HP Service Manager
-CVE-2012-3249 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows ...)
+CVE-2012-3249
 	NOT-FOR-US: HP Fortify Software Security Center
-CVE-2012-3248 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows ...)
+CVE-2012-3248
 	NOT-FOR-US: HP Fortify Software Security Center
-CVE-2012-3247 (Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c ...)
+CVE-2012-3247
 	NOT-FOR-US: HP Integrity Server
 CVE-2012-3246
 	RESERVED
@@ -8704,321 +8704,321 @@ CVE-2012-3245
 	RESERVED
 CVE-2012-3244
 	RESERVED
-CVE-2012-3243 (Cross-site scripting (XSS) vulnerability in the SEOgento plugin for ...)
+CVE-2012-3243
 	NOT-FOR-US: SEOgento plugin for Magento
 CVE-2012-3242
 	RESERVED
-CVE-2012-3241 (The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not ...)
+CVE-2012-3241
 	- eucalyptus <not-affected> (Fixed before initial release)
-CVE-2012-3240 (The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows ...)
+CVE-2012-3240
 	- eucalyptus <not-affected> (Fixed before initial release)
 CVE-2012-3239
 	RESERVED
-CVE-2012-3238 (Cross-site scripting (XSS) vulnerability in the Backup/Restore ...)
+CVE-2012-3238
 	NOT-FOR-US: Astaro appliance
 CVE-2012-3237
 	RESERVED
-CVE-2012-3236 (fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a ...)
+CVE-2012-3236
 	- gimp 2.8.2-1 (unimportant)
 	NOTE: Harmless crasher w/o security impact
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=676804
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=0474376d234bc3d0901fd5e86f89d778a6473dd8 (GIMP_2_8_2)
 CVE-2012-3235
 	RESERVED
-CVE-2012-3234 (RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through ...)
+CVE-2012-3234
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-3233 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-3233
 	NOT-FOR-US: Kayako Fusion 4.40.1148
-CVE-2012-3232 (Cross-site scripting (XSS) vulnerability in search.php in web@all 2.0, ...)
+CVE-2012-3232
 	NOT-FOR-US: web@all
-CVE-2012-3231 (Multiple cross-site request forgery (CSRF) vulnerabilities in web@all ...)
+CVE-2012-3231
 	NOT-FOR-US: web@all
-CVE-2012-3230 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2012-3230
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3229 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2012-3229
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3228 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-3228
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3227 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-3227
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3226 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-3226
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3225 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-3225
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3224 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-3224
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3223 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-3223
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3222 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
+CVE-2012-3222
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3221 (Unspecified vulnerability in the Oracle VM Virtual Box component in ...)
+CVE-2012-3221
 	{DSA-2594-1}
 	- virtualbox 4.1.18-dfsg-1.1 (bug #690777)
 	- virtualbox-ose <removed>
 	NOTE: http://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/
-CVE-2012-3220 (Unspecified vulnerability in the Spatial component in Oracle Database ...)
+CVE-2012-3220
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3219 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-3219
 	NOT-FOR-US: Oracle
-CVE-2012-3218 (Unspecified vulnerability in the Human Resources component in Oracle ...)
+CVE-2012-3218
 	NOT-FOR-US: Oracle
-CVE-2012-3217 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-3217
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3216 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-3216
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-3215 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when ...)
+CVE-2012-3215
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3214 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-3214
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3213 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-3213
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-3212 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when ...)
+CVE-2012-3212
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3211 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2012-3211
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3210 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2012-3210
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3209 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when ...)
+CVE-2012-3209
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3208 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2012-3208
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3207 (Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows ...)
+CVE-2012-3207
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3206 (Unspecified vulnerability in the Integrated Lights Out Manager CLI in ...)
+CVE-2012-3206
 	NOT-FOR-US: Oracle Sun Products Suite SysFW
-CVE-2012-3205 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2012-3205
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3204 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2012-3204
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3203 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2012-3203
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3202 (Multiple unspecified vulnerabilities in the Oracle JRockit component ...)
+CVE-2012-3202
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3201 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
+CVE-2012-3201
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3200 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2012-3200
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3199 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2012-3199
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3198 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3198
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3197 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3197
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3196 (Unspecified vulnerability in the Oracle Human Resources component in ...)
+CVE-2012-3196
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3195 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3195
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3194 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2012-3194
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3193 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2012-3193
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3192 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2012-3192
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3191 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3191
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3190 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
+CVE-2012-3190
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3189 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2012-3189
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3188 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3188
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3187 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2012-3187
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3186 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2012-3186
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3185 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2012-3185
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3184 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2012-3184
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3183 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2012-3183
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3182 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3182
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3181 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3181
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3180 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3180
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3179 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3179
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3178 (Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 ...)
+CVE-2012-3178
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3177 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3177
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3176 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3176
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3175 (Unspecified vulnerability in the Oracle Application Server Single ...)
+CVE-2012-3175
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3174 (Unspecified vulnerability in Oracle Java 7 before Update 11 allows ...)
+CVE-2012-3174
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u3-2.1.4-1
-CVE-2012-3173 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3173
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3172 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2012-3172
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3171 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2012-3171
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3170 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2012-3170
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3169 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2012-3169
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3168 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2012-3168
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3167 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3167
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3166 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3166
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3165 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2012-3165
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3164 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2012-3164
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3163 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3163
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3162 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2012-3162
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3161 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2012-3161
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3160 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3160
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3159 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-3159
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-3158 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3158
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3157 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-3157
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3156 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3156
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3155 (Unspecified vulnerability in the CORBA ORB component in Sun GlassFish ...)
+CVE-2012-3155
 	- glassfish <removed> (bug #692035)
 	[stretch] - glassfish <ignored> (Only used a build dep, specific details withheld)
 	[jessie] - glassfish <end-of-life>
 	[wheezy] - glassfish <end-of-life>
 	NOTE: Oracle doesn't provide any useful public information to fix the package without importing a new upstream version.
-CVE-2012-3154 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2012-3154
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3153 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
+CVE-2012-3153
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3152 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
+CVE-2012-3152
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3151 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2012-3151
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3150 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3150
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3149 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3149
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3148 (Unspecified vulnerability in the Oracle Field Service component in ...)
+CVE-2012-3148
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3147 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3147
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3146 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2012-3146
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3145 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-3145
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3144 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-3144
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3143 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-3143
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-3142 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-3142
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3141 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-3141
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3140 (Unspecified vulnerability in the Oracle Agile PLM For Process ...)
+CVE-2012-3140
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3139 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-3139
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3138 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2012-3138
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3137 (The authentication protocol in Oracle Database Server 10.2.0.3, ...)
+CVE-2012-3137
 	NOT-FOR-US: Oracle Database
-CVE-2012-3136 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-3136
 	- openjdk-7 7u3-2.1.2-1
 	- openjdk-6 <not-affected>
-CVE-2012-3135 (Unspecified vulnerability in the Oracle JRockit component in Oracle ...)
+CVE-2012-3135
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-3134 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2012-3134
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3133 (Buffer overflow in the DataDirect ODBC driver, as used in Oracle ...)
+CVE-2012-3133
 	NOT-FOR-US: Oracle
-CVE-2012-3132 (SQL injection vulnerability in Oracle Database Server 10.2.0.3, ...)
+CVE-2012-3132
 	NOT-FOR-US: Oracle Database
-CVE-2012-3131 (Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows ...)
+CVE-2012-3131
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3130 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2012-3130
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3129 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+CVE-2012-3129
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3128 (Unspecified vulnerability in Oracle SPARC T-Series Servers running ...)
+CVE-2012-3128
 	NOT-FOR-US: ILO firmware
-CVE-2012-3127 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+CVE-2012-3127
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3126 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2012-3126
 	NOT-FOR-US: Solaris Cluster
-CVE-2012-3125 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
+CVE-2012-3125
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3124 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+CVE-2012-3124
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3123 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+CVE-2012-3123
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3122 (Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local ...)
+CVE-2012-3122
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3121 (Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote ...)
+CVE-2012-3121
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3120 (Unspecified vulnerability in Oracle Sun Solaris 8 allows remote ...)
+CVE-2012-3120
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3119 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2012-3119
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise HRMS)
-CVE-2012-3118 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3118
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise PeopleTools)
-CVE-2012-3117 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2012-3117
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3116 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2012-3116
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3115 (Unspecified vulnerability in the Oracle MapViewer component in Oracle ...)
+CVE-2012-3115
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3114 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2012-3114
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3113 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2012-3113
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise HRMS)
-CVE-2012-3112 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+CVE-2012-3112
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3111 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-3111
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise HRMS)
-CVE-2012-3110 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-3110
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3109 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-3109
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3108 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-3108
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3107 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-3107
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3106 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-3106
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3105 (The glBufferData function in the WebGL implementation in Mozilla ...)
+CVE-2012-3105
 	- iceweasel 10.0.5esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3104
@@ -9037,11 +9037,11 @@ CVE-2012-3098
 	RESERVED
 CVE-2012-3097
 	RESERVED
-CVE-2012-3096 (Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote ...)
+CVE-2012-3096
 	NOT-FOR-US: Cisco Unity Connection
 CVE-2012-3095
 	RESERVED
-CVE-2012-3094 (The VPN downloader in the download_install component in Cisco ...)
+CVE-2012-3094
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
 CVE-2012-3093
 	RESERVED
@@ -9053,7 +9053,7 @@ CVE-2012-3090
 	RESERVED
 CVE-2012-3089
 	RESERVED
-CVE-2012-3088 (Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and ...)
+CVE-2012-3088
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
 CVE-2012-3087
 	RESERVED
@@ -9071,19 +9071,19 @@ CVE-2012-3081
 	RESERVED
 CVE-2012-3080
 	RESERVED
-CVE-2012-3079 (Cisco IOS 12.2 allows remote attackers to cause a denial of service ...)
+CVE-2012-3079
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3078
 	RESERVED
 CVE-2012-3077
 	RESERVED
-CVE-2012-3076 (The administrative web interface on Cisco TelePresence Recording ...)
+CVE-2012-3076
 	NOT-FOR-US: Cisco Telepresence
-CVE-2012-3075 (The administrative web interface on Cisco TelePresence Immersive ...)
+CVE-2012-3075
 	NOT-FOR-US: Cisco Telepresence
-CVE-2012-3074 (An unspecified API on Cisco TelePresence Immersive Endpoint Devices ...)
+CVE-2012-3074
 	NOT-FOR-US: Cisco Telepresence
-CVE-2012-3073 (The IP implementation on Cisco TelePresence Multipoint Switch before ...)
+CVE-2012-3073
 	NOT-FOR-US: Cisco Telepresence
 CVE-2012-3072
 	RESERVED
@@ -9103,31 +9103,31 @@ CVE-2012-3065
 	RESERVED
 CVE-2012-3064
 	RESERVED
-CVE-2012-3063 (Cisco Application Control Engine (ACE) before A4(2.3) and A5 before ...)
+CVE-2012-3063
 	NOT-FOR-US: Cisco
-CVE-2012-3062 (Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) ...)
+CVE-2012-3062
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3061
 	RESERVED
-CVE-2012-3060 (Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers ...)
+CVE-2012-3060
 	NOT-FOR-US: Cisco Unity Connection
 CVE-2012-3059
 	RESERVED
-CVE-2012-3058 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2012-3058
 	NOT-FOR-US: Cisco
-CVE-2012-3057 (Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2012-3057
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3056 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
+CVE-2012-3056
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3055 (Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2012-3055
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3054 (Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) ...)
+CVE-2012-3054
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3053 (Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) ...)
+CVE-2012-3053
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3052 (Untrusted search path vulnerability in Cisco VPN Client 5.0 allows ...)
+CVE-2012-3052
 	NOT-FOR-US: Cisco VPN Client
-CVE-2012-3051 (Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote ...)
+CVE-2012-3051
 	NOT-FOR-US: Cisco NX-OS
 CVE-2012-3050
 	RESERVED
@@ -9135,7 +9135,7 @@ CVE-2012-3049
 	RESERVED
 CVE-2012-3048
 	RESERVED
-CVE-2012-3047 (Cross-site scripting (XSS) vulnerability in the web-wizard setup page ...)
+CVE-2012-3047
 	NOT-FOR-US: Cisco
 CVE-2012-3046
 	RESERVED
@@ -9149,107 +9149,107 @@ CVE-2012-3042
 	REJECTED
 CVE-2012-3041
 	RESERVED
-CVE-2012-3040 (Cross-site scripting (XSS) vulnerability in the web server on Siemens ...)
+CVE-2012-3040
 	NOT-FOR-US: Siemens
-CVE-2012-3039 (Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with ...)
+CVE-2012-3039
 	NOT-FOR-US: Moxa OnCell Gateway
 CVE-2012-3038
 	RESERVED
-CVE-2012-3037 (The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the ...)
+CVE-2012-3037
 	NOT-FOR-US: Siemens SIMATIC PLC
 CVE-2012-3036
 	REJECTED
-CVE-2012-3035 (Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows ...)
+CVE-2012-3035
 	NOT-FOR-US: Emerson DeltaV
-CVE-2012-3034 (WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC ...)
+CVE-2012-3034
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-3033
 	REJECTED
-CVE-2012-3032 (SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 ...)
+CVE-2012-3032
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-3031 (Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in ...)
+CVE-2012-3031
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-3030 (WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC ...)
+CVE-2012-3030
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-3029
 	REJECTED
-CVE-2012-3028 (Cross-site request forgery (CSRF) vulnerability in WebNavigator in ...)
+CVE-2012-3028
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-3027
 	REJECTED
-CVE-2012-3026 (rifsrvd.exe in the Remote Interface Service in GE Intelligent ...)
+CVE-2012-3026
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-3025 (The default configuration of Tridium Niagara AX Framework through 3.6 ...)
+CVE-2012-3025
 	NOT-FOR-US: Tridium Niagara AX Framework
-CVE-2012-3024 (Tridium Niagara AX Framework through 3.6 uses predictable values for ...)
+CVE-2012-3024
 	NOT-FOR-US: Tridium Niagara AX Framework
 CVE-2012-3023
 	RESERVED
-CVE-2012-3022 (The SaveToFile method in a certain ActiveX control in TrendDisplay.dll ...)
+CVE-2012-3022
 	NOT-FOR-US: Canary Labs TrendLink
-CVE-2012-3021 (rifsrvd.exe in the Remote Interface Service in GE Intelligent ...)
+CVE-2012-3021
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-3020 (The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and ...)
+CVE-2012-3020
 	NOT-FOR-US: Siemens Synco OZW Web Server
 CVE-2012-3019
 	RESERVED
-CVE-2012-3018 (The lockout-recovery feature in the Security Configurator component in ...)
+CVE-2012-3018
 	NOT-FOR-US: ICONICS GENESIS32
-CVE-2012-3017 (Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote ...)
+CVE-2012-3017
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2012-3016 (Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 ...)
+CVE-2012-3016
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2012-3015 (Untrusted search path vulnerability in Siemens SIMATIC STEP7 before ...)
+CVE-2012-3015
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2012-3014 (The Management Software application in GarrettCom Magnum MNS-6K before ...)
+CVE-2012-3014
 	NOT-FOR-US: GarrettCom Magnum MNS-6K
-CVE-2012-3013 (WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 ...)
+CVE-2012-3013
 	NOT-FOR-US: WAGO I/O System 758
-CVE-2012-3012 (The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 ...)
+CVE-2012-3012
 	NOT-FOR-US: Arbiter Power Sentinel 1133A
-CVE-2012-3011 (Directory traversal vulnerability in the web server in Fultek WinTr ...)
+CVE-2012-3011
 	NOT-FOR-US: Fultek WinTr Scada web server
-CVE-2012-3010 (rifsrvd.exe in the Remote Interface Service in GE Intelligent ...)
+CVE-2012-3010
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-3009 (Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, ...)
+CVE-2012-3009
 	NOT-FOR-US: Siemens COMOS
-CVE-2012-3008 (Stack-based buffer overflow in OSIsoft PI OPC DA Interface before ...)
+CVE-2012-3008
 	NOT-FOR-US: OSIsoft PI OPC DA Interface
-CVE-2012-3007 (Stack-based buffer overflow in slssvc.exe before 58.x in Invensys ...)
+CVE-2012-3007
 	NOT-FOR-US: Invensys Wonderware SuiteLink
-CVE-2012-3006 (The Innominate mGuard Smart HW before HW-101130 and BD before ...)
+CVE-2012-3006
 	NOT-FOR-US: Innominate mGuard Smart
-CVE-2012-3005 (Untrusted search path vulnerability in Invensys Wonderware InTouch ...)
+CVE-2012-3005
 	NOT-FOR-US: Wonderwar
-CVE-2012-3004 (Multiple untrusted search path vulnerabilities in RealFlex RealWin ...)
+CVE-2012-3004
 	NOT-FOR-US: RealFlex RealWin
-CVE-2012-3003 (Open redirect vulnerability in an unspecified web application in ...)
+CVE-2012-3003
 	NOT-FOR-US: WinCC
-CVE-2012-3002 (The web interface on (1) Foscam and (2) Wansview IP cameras allows ...)
+CVE-2012-3002
 	NOT-FOR-US: Foscam, Wansview IP cameras
-CVE-2012-3001 (Mutiny Standard before 4.5-1.12 allows remote attackers to execute ...)
+CVE-2012-3001
 	NOT-FOR-US: Mutiny Standard
-CVE-2012-3000 (Multiple SQL injection vulnerabilities in ...)
+CVE-2012-3000
 	NOT-FOR-US: F5 BIG-IP
-CVE-2012-2999 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2012-2999
 	NOT-FOR-US: Cerberus FTP
-CVE-2012-2998 (SQL injection vulnerability in the ad hoc query module in Trend Micro ...)
+CVE-2012-2998
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2012-2997 (XML External Entity (XXE) vulnerability in ...)
+CVE-2012-2997
 	NOT-FOR-US: F5 BIG-IP
-CVE-2012-2996 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-2996
 	NOT-FOR-US: Trend Micro
-CVE-2012-2995 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ...)
+CVE-2012-2995
 	NOT-FOR-US: Trend Micro
-CVE-2012-2994 (The CoSoSys Endpoint Protector 4 appliance establishes an EPProot ...)
+CVE-2012-2994
 	NOT-FOR-US: CoSoSys Endpoint Protector
-CVE-2012-2993 (Microsoft Windows Phone 7 does not verify the domain name in the ...)
+CVE-2012-2993
 	NOT-FOR-US: Microsoft Windows Phone
 CVE-2012-2992
 	RESERVED
-CVE-2012-2991 (The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in ...)
+CVE-2012-2991
 	NOT-FOR-US: PayPal module in osCommerce Online Merchant
-CVE-2012-2990 (The MASetupCaller ActiveX control before 1.4.2012.508 in ...)
+CVE-2012-2990
 	NOT-FOR-US: MarkAny ContentSAFER
 CVE-2012-2989
 	RESERVED
@@ -9257,88 +9257,88 @@ CVE-2012-2988
 	RESERVED
 CVE-2012-2987
 	RESERVED
-CVE-2012-2986 (lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN ...)
+CVE-2012-2986
 	NOT-FOR-US: HP Virtual SAN Appliance
-CVE-2012-2985 (Cross-site scripting (XSS) vulnerability in InsertDocument.aspx in ...)
+CVE-2012-2985
 	NOT-FOR-US: CuteSoft Cute Editor
-CVE-2012-2984 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-2984
 	NOT-FOR-US: Websense
-CVE-2012-2983 (file/edit_html.cgi in Webmin 1.590 and earlier does not perform an ...)
+CVE-2012-2983
 	NOT-FOR-US: Webmin
-CVE-2012-2982 (file/show.cgi in Webmin 1.590 and earlier allows remote authenticated ...)
+CVE-2012-2982
 	NOT-FOR-US: Webmin
-CVE-2012-2981 (Webmin 1.590 and earlier allows remote authenticated users to execute ...)
+CVE-2012-2981
 	NOT-FOR-US: Webmin
-CVE-2012-2980 (The Samsung and HTC onTouchEvent method implementation for Android on ...)
+CVE-2012-2980
 	NOT-FOR-US: Samsung and HTC Android
 CVE-2012-2979 [VU#517036: NSD 3.2.13 emergency release]
 	RESERVED
 	- nsd3 <not-affected> (Debian version not affected)
-CVE-2012-2978 (query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x ...)
+CVE-2012-2978
 	{DSA-2515-1}
 	- nsd3 3.2.12-1
-CVE-2012-2977 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 ...)
+CVE-2012-2977
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2976 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 ...)
+CVE-2012-2976
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2975 (Cross-site scripting (XSS) vulnerability in the traffic overview page ...)
+CVE-2012-2975
 	NOT-FOR-US: F5 ASM
-CVE-2012-2974 (The web interface on the SMC SMC8024L2 switch allows remote attackers ...)
+CVE-2012-2974
 	NOT-FOR-US: SMC SMC8024L2 switch
 CVE-2012-2973
 	RESERVED
-CVE-2012-2972 (The (1) server and (2) agent components in CA ARCserve Backup r12.5, ...)
+CVE-2012-2972
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2012-2971 (The server in CA ARCserve Backup r12.5, r15, and r16 on Windows does ...)
+CVE-2012-2971
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2012-2970 (The Synel SY-780/A Time &amp; Attendance terminal allows remote attackers ...)
+CVE-2012-2970
 	NOT-FOR-US: Synel terminal
-CVE-2012-2969 (Caucho Quercus, as distributed in Resin before 4.0.29, allows remote ...)
+CVE-2012-2969
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2968 (Directory traversal vulnerability in Caucho Quercus, as distributed in ...)
+CVE-2012-2968
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2967 (Caucho Quercus, as distributed in Resin before 4.0.29, does not ...)
+CVE-2012-2967
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2966 (Caucho Quercus, as distributed in Resin before 4.0.29, overwrites ...)
+CVE-2012-2966
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2965 (Caucho Quercus, as distributed in Resin before 4.0.29, does not ...)
+CVE-2012-2965
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2964 (The BreakingPoint Storm appliance before 3.0 requires cleartext ...)
+CVE-2012-2964
 	NOT-FOR-US: BreakingPoint Storm appliance
-CVE-2012-2963 (The administrative interface in the embedded web server on the ...)
+CVE-2012-2963
 	NOT-FOR-US: BreakingPoint Storm appliance
-CVE-2012-2962 (SQL injection vulnerability in d4d/statusFilter.php in Plixer ...)
+CVE-2012-2962
 	NOT-FOR-US: Dell SonicWALL Scrutinizer
-CVE-2012-2961 (SQL injection vulnerability in the management console in Symantec Web ...)
+CVE-2012-2961
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2960 (Cross-site scripting (XSS) vulnerability in the import functionality ...)
+CVE-2012-2960
 	NOT-FOR-US: HP ArcSight Connector, ArcSight Logger
-CVE-2012-2959 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-2959
 	NOT-FOR-US: BMC
 CVE-2012-2958
 	RESERVED
-CVE-2012-2957 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 ...)
+CVE-2012-2957
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2956 (SQL injection vulnerability in SpiceWorks 5.3.75941 allows remote ...)
+CVE-2012-2956
 	NOT-FOR-US: SpiceWorks
-CVE-2012-2955 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-2955
 	NOT-FOR-US: IBM Lotus Protector, IBM ISS Proventia Network Mail Security
 CVE-2012-2954
 	RESERVED
-CVE-2012-2953 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 ...)
+CVE-2012-2953
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2952 (SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier ...)
+CVE-2012-2952
 	NOT-FOR-US: Jaow
 CVE-2012-2951
 	REJECTED
 CVE-2012-2950
 	RESERVED
-CVE-2012-2949 (The ZTE sync_agent program for Android 2.3.4 on the Score M device ...)
+CVE-2012-2949
 	NOT-FOR-US: Android
-CVE-2012-2948 (chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified ...)
+CVE-2012-2948
 	{DSA-2493-1}
 	- asterisk 1:1.8.13.0~dfsg-1 (bug #675210)
-CVE-2012-2947 (chan_iax2.c in the IAX2 channel driver in Certified Asterisk ...)
+CVE-2012-2947
 	{DSA-2493-1}
 	- asterisk 1:1.8.13.0~dfsg-1 (bug #675204)
 CVE-2012-2946
@@ -9346,283 +9346,283 @@ CVE-2012-2946
 CVE-2012-2945
 	RESERVED
 	- hadoop <itp> (bug #535861)
-CVE-2012-2944 (Buffer overflow in the addchar function in common/parseconf.c in upsd ...)
+CVE-2012-2944
 	{DSA-2484-1}
 	- nut 2.6.4-1
 	NOTE: https://alioth.debian.org/tracker/index.php?func=detail&aid=313636&group_id=30602&atid=411542
-CVE-2012-2943 (CRLF injection vulnerability in cryptographp.inc.php in Cryptographp ...)
+CVE-2012-2943
 	NOT-FOR-US: Cryptographp
-CVE-2012-2942 (Buffer overflow in the trash buffer in the header capture ...)
+CVE-2012-2942
 	{DSA-2711-1}
 	- haproxy 1.4.23-1 (bug #674447)
 	NOTE: According to upstream information this only was fixed in 1.4.21
 	NOTE: only a issue if using non-default value for global.tune.bufsize configuration option
 	NOTE: Reported as duplicate with CVE-2012-2391 http://seclists.org/oss-sec/2012/q2/417
-CVE-2012-2941 (Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server ...)
+CVE-2012-2941
 	NOT-FOR-US: Yandex.Server 2010 9.0 Enterprise
-CVE-2012-2940 (MediaChance Real-DRAW PRO 5.2.4 allows remote attackers to cause a ...)
+CVE-2012-2940
 	NOT-FOR-US: MediaChance Real-DRAW PRO
-CVE-2012-2939 (Multiple unrestricted file upload vulnerabilities in Travelon Express ...)
+CVE-2012-2939
 	NOT-FOR-US: Travelon Express
-CVE-2012-2938 (Multiple cross-site scripting (XSS) vulnerabilities in Travelon ...)
+CVE-2012-2938
 	NOT-FOR-US: Travelon Express
-CVE-2012-2937 (Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow ...)
+CVE-2012-2937
 	NOT-FOR-US: Pligg
-CVE-2012-2936 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS ...)
+CVE-2012-2936
 	NOT-FOR-US: Pligg
-CVE-2012-2935 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-2935
 	NOT-FOR-US: OSCommerce Online Merchant
-CVE-2012-2934 (Xen 4.0, and 4.1, when running a 64-bit PV guest on &quot;older&quot; AMD CPUs, ...)
+CVE-2012-2934
 	{DSA-2501-1}
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
 CVE-2012-2933
 	RESERVED
-CVE-2012-2932 (Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery ...)
+CVE-2012-2932
 	NOT-FOR-US: TinyWebGallery
 CVE-2012-2931
 	RESERVED
-CVE-2012-2930 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-2930
 	NOT-FOR-US: TinyWebGallery
 CVE-2012-2929
 	RESERVED
-CVE-2012-2928 (The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for ...)
+CVE-2012-2928
 	NOT-FOR-US: JIRA plugin
-CVE-2012-2927 (The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and ...)
+CVE-2012-2927
 	NOT-FOR-US: Atlassian JIRA
-CVE-2012-2926 (Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before ...)
+CVE-2012-2926
 	NOT-FOR-US: Atlassian JIRA
-CVE-2012-2925 (SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 ...)
+CVE-2012-2925
 	NOT-FOR-US: Simple PHP Agenda
-CVE-2012-2924 (PHP remote file inclusion vulnerability in admin/setup.inc.php in ...)
+CVE-2012-2924
 	NOT-FOR-US: Hypermethod eLearning Server 4G
-CVE-2012-2923 (SQL injection vulnerability in news.php4 in Hypermethod eLearning ...)
+CVE-2012-2923
 	NOT-FOR-US: Hypermethod eLearning Server 4G
-CVE-2012-2922 (The request_path function in includes/bootstrap.inc in Drupal 7.14 and ...)
+CVE-2012-2922
 	- drupal7 7.22-1 (unimportant)
 	NOTE: Path disclosure irrelevant for Debian
-CVE-2012-2921 (Universal Feed Parser (aka feedparser or python-feedparser) before ...)
+CVE-2012-2921
 	- feedparser 5.1.2-1 (low; bug #674167)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
-CVE-2012-2920 (Cross-site scripting (XSS) vulnerability in the userphoto_options_page ...)
+CVE-2012-2920
 	NOT-FOR-US: WordPress User Photo plugin
-CVE-2012-2919 (Directory traversal vulnerability in Upload/engine.php in Chevereto ...)
+CVE-2012-2919
 	NOT-FOR-US: Chevereto
-CVE-2012-2918 (Cross-site scripting (XSS) vulnerability in Upload/engine.php in ...)
+CVE-2012-2918
 	NOT-FOR-US: Chevereto
-CVE-2012-2917 (Cross-site scripting (XSS) vulnerability in the Share and Follow ...)
+CVE-2012-2917
 	NOT-FOR-US: WordPress Share and Follow plugin
-CVE-2012-2916 (Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in ...)
+CVE-2012-2916
 	NOT-FOR-US: WordPress SABRE plugin
-CVE-2012-2915 (Stack-based buffer overflow in Lattice Semiconductor PAC-Designer ...)
+CVE-2012-2915
 	NOT-FOR-US: Lattice Semiconductor PAC-Designer
-CVE-2012-2914 (Cross-site scripting (XSS) vulnerability in captchademo.php in ...)
+CVE-2012-2914
 	NOT-FOR-US: Unijimpe Captcha
-CVE-2012-2913 (Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet ...)
+CVE-2012-2913
 	NOT-FOR-US: WordPress Leaflet plugin
-CVE-2012-2912 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-2912
 	NOT-FOR-US: WordPress LeagueManager plugin
-CVE-2012-2911 (Cross-site scripting (XSS) vulnerability in backupDB.php in ...)
+CVE-2012-2911
 	NOT-FOR-US: SiliSoftware backupDB
-CVE-2012-2910 (Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware ...)
+CVE-2012-2910
 	NOT-FOR-US: SiliSoftware phpThumb
-CVE-2012-2909 (Multiple cross-site scripting (XSS) vulnerabilities in Viscacha ...)
+CVE-2012-2909
 	NOT-FOR-US: Viscacha
-CVE-2012-2908 (Multiple SQL injection vulnerabilities in admin/bbcodes.php in ...)
+CVE-2012-2908
 	NOT-FOR-US: Viscacha
-CVE-2012-2907 (Cross-site scripting (XSS) vulnerability in the aberdeen_breadcrumb ...)
+CVE-2012-2907
 	NOT-FOR-US: Drupal Aberdeen theme
-CVE-2012-2906 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-2906
 	NOT-FOR-US: Artiphp CMS 5.5.0 Neo
-CVE-2012-2905 (Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable ...)
+CVE-2012-2905
 	NOT-FOR-US: Artiphp CMS
-CVE-2012-2904 (player.swf in LongTail JW Player 5.9 allows remote attackers to ...)
+CVE-2012-2904
 	NOT-FOR-US: LongTail JW Player
-CVE-2012-2903 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Address ...)
+CVE-2012-2903
 	NOT-FOR-US: PHP Address Book
-CVE-2012-2902 (Unrestricted file upload vulnerability in ...)
+CVE-2012-2902
 	NOT-FOR-US: Joomla JCE
-CVE-2012-2901 (Cross-site scripting (XSS) vulnerability in the Profile List in the ...)
+CVE-2012-2901
 	NOT-FOR-US: Joomla JCE
-CVE-2012-2900 (Skia, as used in Google Chrome before 22.0.1229.92, does not properly ...)
+CVE-2012-2900
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2899 (Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls ...)
+CVE-2012-2899
 	- chromium-browser <not-affected> (iOS-specific)
-CVE-2012-2898 (Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote ...)
+CVE-2012-2898
 	- chromium-browser <not-affected> (iOS-specific)
-CVE-2012-2897 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2012-2897
 	- chromium-browser <not-affected> (Windows-specific)
-CVE-2012-2896 (Integer overflow in the WebGL implementation in Google Chrome before ...)
+CVE-2012-2896
 	- chromium-browser <not-affected> (MacOS X-specific)
-CVE-2012-2895 (The PDF functionality in Google Chrome before 22.0.1229.79 allows ...)
+CVE-2012-2895
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
-CVE-2012-2894 (Google Chrome before 22.0.1229.79 does not properly handle ...)
+CVE-2012-2894
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2893 (Double free vulnerability in libxslt, as used in Google Chrome before ...)
+CVE-2012-2893
 	{DSA-2555-1}
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt 1.1.26-14 (bug #689422)
-CVE-2012-2892 (Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows ...)
+CVE-2012-2892
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2891 (The IPC implementation in Google Chrome before 22.0.1229.79 allows ...)
+CVE-2012-2891
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2890 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
+CVE-2012-2890
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
-CVE-2012-2889 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+CVE-2012-2889
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2888 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 ...)
+CVE-2012-2888
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2887 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 ...)
+CVE-2012-2887
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2886 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+CVE-2012-2886
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2885 (Double free vulnerability in Google Chrome before 22.0.1229.79 allows ...)
+CVE-2012-2885
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2884 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote ...)
+CVE-2012-2884
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2883 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote ...)
+CVE-2012-2883
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2882 (FFmpeg, as used in Google Chrome before 22.0.1229.79, does not ...)
+CVE-2012-2882
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libav 6:0.8.5-1 (bug #694483)
 	- ffmpeg <not-affected> (vulnerable code not present)
 	NOTE: https://chromiumcodereview.appspot.com/10829204
 	NOTE: fixed with http://git.libav.org/?p=libav.git;a=commitdiff;h=7751e4693dd10ec98c20fbd9887233b575034272
-CVE-2012-2881 (Google Chrome before 22.0.1229.79 does not properly handle plug-ins, ...)
+CVE-2012-2881
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2880 (Race condition in Google Chrome before 22.0.1229.79 allows remote ...)
+CVE-2012-2880
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2879 (Google Chrome before 22.0.1229.79 allows remote attackers to cause a ...)
+CVE-2012-2879
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2878 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 ...)
+CVE-2012-2878
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2877 (The extension system in Google Chrome before 22.0.1229.79 does not ...)
+CVE-2012-2877
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2876 (Buffer overflow in the SSE2 optimization functionality in Google ...)
+CVE-2012-2876
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2875 (Multiple unspecified vulnerabilities in the PDF functionality in ...)
+CVE-2012-2875
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2874 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote ...)
+CVE-2012-2874
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 22.0.1229.94~r161065-1
 CVE-2012-2873
 	RESERVED
-CVE-2012-2872 (Cross-site scripting (XSS) vulnerability in an SSL interstitial page ...)
+CVE-2012-2872
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2871 (libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before ...)
+CVE-2012-2871
 	{DSA-2555-1}
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt 1.1.26-14 (bug #689422)
-CVE-2012-2870 (libxslt 1.1.26 and earlier, as used in Google Chrome before ...)
+CVE-2012-2870
 	{DSA-2555-1}
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt 1.1.26-14 (bug #689422)
-CVE-2012-2869 (Google Chrome before 21.0.1180.89 does not properly load URLs, which ...)
+CVE-2012-2869
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2868 (Race condition in Google Chrome before 21.0.1180.89 allows remote ...)
+CVE-2012-2868
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2867 (The SPDY implementation in Google Chrome before 21.0.1180.89 allows ...)
+CVE-2012-2867
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2866 (Google Chrome before 21.0.1180.89 does not properly perform a cast of ...)
+CVE-2012-2866
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2865 (Google Chrome before 21.0.1180.89 does not properly perform line ...)
+CVE-2012-2865
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2864 (Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, ...)
+CVE-2012-2864
 	- mesa 8.0.4-2 (bug #685667)
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
-CVE-2012-2863 (The PDF functionality in Google Chrome before 21.0.1180.75 allows ...)
+CVE-2012-2863
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2862 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
+CVE-2012-2862
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2861
 	RESERVED
-CVE-2012-2860 (The date-picker implementation in Google Chrome before 21.0.1180.57 on ...)
+CVE-2012-2860
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/122918
-CVE-2012-2859 (Google Chrome before 21.0.1180.57 on Linux does not properly handle ...)
+CVE-2012-2859
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2858 (Buffer overflow in the WebP decoder in Google Chrome before ...)
+CVE-2012-2858
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2857 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM ...)
+CVE-2012-2857
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2856 (The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X ...)
+CVE-2012-2856
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2855 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
+CVE-2012-2855
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2854 (Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before ...)
+CVE-2012-2854
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2853 (The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X ...)
+CVE-2012-2853
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2852 (The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X ...)
+CVE-2012-2852
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2851 (Multiple integer overflows in the PDF functionality in Google Chrome ...)
+CVE-2012-2851
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2850 (Multiple unspecified vulnerabilities in the PDF functionality in ...)
+CVE-2012-2850
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2849 (Off-by-one error in the GIF decoder in Google Chrome before ...)
+CVE-2012-2849
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2848 (The drag-and-drop implementation in Google Chrome before 21.0.1180.57 ...)
+CVE-2012-2848
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2847 (Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before ...)
+CVE-2012-2847
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2846 (Google Chrome before 21.0.1180.57 on Linux does not properly isolate ...)
+CVE-2012-2846
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2845 (Integer overflow in the jpeg_data_load_data function in jpeg-data.c in ...)
+CVE-2012-2845
 	- exif 0.6.20-2 (low; bug #681465)
 	[squeeze] - exif <no-dsa> (Minor crasher)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2844 (The PDF functionality in Google Chrome before 20.0.1132.57 does not ...)
+CVE-2012-2844
 	- chromium-browser <not-affected>
-CVE-2012-2843 (Use-after-free vulnerability in Google Chrome before 20.0.1132.57 ...)
+CVE-2012-2843
 	- chromium-browser 20.0.1132.57~r145807-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2842 (Use-after-free vulnerability in Google Chrome before 20.0.1132.57 ...)
+CVE-2012-2842
 	- chromium-browser 20.0.1132.57~r145807-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2841 (Integer underflow in the exif_entry_get_value function in exif-entry.c ...)
+CVE-2012-2841
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2840 (Off-by-one error in the exif_convert_utf16_to_utf8 function in ...)
+CVE-2012-2840
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
@@ -9631,83 +9631,83 @@ CVE-2012-2839
 	RESERVED
 CVE-2012-2838
 	RESERVED
-CVE-2012-2837 (The mnote_olympus_entry_get_value function in ...)
+CVE-2012-2837
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2836 (The exif_data_load_data function in exif-data.c in the EXIF Tag ...)
+CVE-2012-2836
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2835
 	RESERVED
-CVE-2012-2834 (Integer overflow in Google Chrome before 20.0.1132.43 allows remote ...)
+CVE-2012-2834
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2833 (Buffer overflow in the JS API in the PDF functionality in Google ...)
+CVE-2012-2833
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2832 (The image-codec implementation in the PDF functionality in Google ...)
+CVE-2012-2832
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2831 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
+CVE-2012-2831
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2830 (Google Chrome before 20.0.1132.43 does not properly set array values, ...)
+CVE-2012-2830
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2829 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2012-2829
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2828 (Multiple integer overflows in the PDF functionality in Google Chrome ...)
+CVE-2012-2828
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2827 (Use-after-free vulnerability in the UI in Google Chrome before ...)
+CVE-2012-2827
 	- chromium-browser <not-affected> (MacOS specific)
-CVE-2012-2826 (Google Chrome before 20.0.1132.43 does not properly implement texture ...)
+CVE-2012-2826
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows ...)
+CVE-2012-2825
 	- libxslt 1.1.26-13 (low; bug #679283)
 	[squeeze] - libxslt 1.1.26-6+squeeze1
-CVE-2012-2824 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
+CVE-2012-2824
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2823 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
+CVE-2012-2823
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2822 (The PDF functionality in Google Chrome before 20.0.1132.43 allows ...)
+CVE-2012-2822
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2821 (The autofill implementation in Google Chrome before 20.0.1132.43 does ...)
+CVE-2012-2821
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2820 (Google Chrome before 20.0.1132.43 does not properly implement SVG ...)
+CVE-2012-2820
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2819 (The texSubImage2D implementation in the WebGL subsystem in Google ...)
+CVE-2012-2819
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2818 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
+CVE-2012-2818
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2817 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
+CVE-2012-2817
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2816 (Google Chrome before 20.0.1132.43 on Windows does not properly isolate ...)
+CVE-2012-2816
 	- chromium-browser <not-affected> (windows-only)
-CVE-2012-2815 (Google Chrome before 20.0.1132.43 allows remote attackers to obtain ...)
+CVE-2012-2815
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2814 (Buffer overflow in the exif_entry_format_value function in ...)
+CVE-2012-2814
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2813 (The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF ...)
+CVE-2012-2813
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2812 (The exif_entry_get_value function in exif-entry.c in the EXIF Tag ...)
+CVE-2012-2812
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
@@ -9718,139 +9718,139 @@ CVE-2012-2810
 	RESERVED
 CVE-2012-2809
 	RESERVED
-CVE-2012-2808 (The PRNG implementation in the DNS resolver in Bionic in Android ...)
+CVE-2012-2808
 	- iceweasel <not-affected> (Only affects 37.x; only on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
-CVE-2012-2807 (Multiple integer overflows in libxml2, as used in Google Chrome before ...)
+CVE-2012-2807
 	{DSA-2521-1}
 	- libxml2 2.8.0+dfsg1-5 (bug #679280)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=459eeb9dc752d5185f57ff6b135027f11981a626
-CVE-2012-2806 (Heap-based buffer overflow in the get_sos function in jdmarker.c in ...)
+CVE-2012-2806
 	- libjpeg-turbo <not-affected> (Fixed before initial release)
-CVE-2012-2805 (Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to ...)
+CVE-2012-2805
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2804 (Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 ...)
+CVE-2012-2804
 	- ffmpeg 7:2.4.1-1
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg <not-affected> (vulnerable code not present)
-CVE-2012-2803 (Double free vulnerability in the mpeg_decode_frame function in ...)
+CVE-2012-2803
 	{DSA-2624-1}
 	- ffmpeg 7:2.4.1-1
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-2802 (Unspecified vulnerability in the ac3_decode_frame function in ...)
+CVE-2012-2802
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2801 (Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, ...)
+CVE-2012-2801
 	{DSA-2624-1}
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-2800 (Unspecified vulnerability in the ff_ivi_process_empty_tile function in ...)
+CVE-2012-2800
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2799 (Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg ...)
+CVE-2012-2799
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2798 (Unspecified vulnerability in the decode_dds1 function in ...)
+CVE-2012-2798
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2797 (Unspecified vulnerability in the decode_frame_mp3on4 function in ...)
+CVE-2012-2797
 	- ffmpeg 7:2.4.1-1
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg <not-affected> (vulnerable code not present)
 	NOTE: patch proposed: http://patches.libav.org/patch/32642/
-CVE-2012-2796 (Unspecified vulnerability in the vc1_decode_frame function in ...)
+CVE-2012-2796
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2795 (Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in ...)
+CVE-2012-2795
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2794 (Unspecified vulnerability in the decode_mb_info function in ...)
+CVE-2012-2794
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2793 (Unspecified vulnerability in the lag_decode_zero_run_line function in ...)
+CVE-2012-2793
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2792 (Unspecified vulnerability in the decode_init function in ...)
+CVE-2012-2792
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2791 (Multiple unspecified vulnerabilities in the (1) decode_band_hdr ...)
+CVE-2012-2791
 	- libav 6:0.8.5-1 (bug #688847)
-CVE-2012-2790 (Unspecified vulnerability in the read_var_block_data function in ...)
+CVE-2012-2790
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2789 (Unspecified vulnerability in the avi_read_packet function in ...)
+CVE-2012-2789
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	NOTE: contrary to the description, this issue is about the decode_subframe in libavcodec/wmaprodec.c
-CVE-2012-2788 (Unspecified vulnerability in the avi_read_packet function in ...)
+CVE-2012-2788
 	{DSA-2624-1}
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2787 (Unspecified vulnerability in the decode_frame function in ...)
+CVE-2012-2787
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2786 (Unspecified vulnerability in the decode_wdlt function in ...)
+CVE-2012-2786
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2785 (Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in ...)
+CVE-2012-2785
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2784 (Unspecified vulnerability in the decode_pic function in ...)
+CVE-2012-2784
 	{DSA-2624-1}
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
 	NOTE: duplicate of CVE-2012-2777
-CVE-2012-2783 (Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, ...)
+CVE-2012-2783
 	{DSA-2624-1}
 	- ffmpeg 7:2.4.1-1 (bug #688849)
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-2782 (Unspecified vulnerability in the decode_slice_header function in ...)
+CVE-2012-2782
 	- libav <not-affected> (Doesn't affect libav)
-CVE-2012-2781 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact ...)
+CVE-2012-2781
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2780 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact ...)
+CVE-2012-2780
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2779 (Unspecified vulnerability in the decode_frame function in ...)
+CVE-2012-2779
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2778 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact ...)
+CVE-2012-2778
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2777 (Unspecified vulnerability in the decode_pic function in ...)
+CVE-2012-2777
 	{DSA-2624-1}
 	[squeeze] - ffmpeg 4:0.5.9-1 (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2776 (Unspecified vulnerability in the decode_cell_data function in ...)
+CVE-2012-2776
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2775 (Unspecified vulnerability in the read_var_block_data function in ...)
+CVE-2012-2775
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2774 (The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg ...)
+CVE-2012-2774
 	- ffmpeg <not-affected> (there is no crash, just a couple uninitialized reads, harmless according to Janne)
 	- libav <not-affected> (there is no crash, just a couple uninitialized reads, harmless according to Janne)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=59a4b73531428d2f420b4dad545172c8483ced0f
 	NOTE: patch proposed: http://patches.libav.org/patch/32644/
-CVE-2012-2773 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact ...)
+CVE-2012-2773
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2772 (Unspecified vulnerability in the ff_rv34_decode_frame function in ...)
+CVE-2012-2772
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2771 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact ...)
+CVE-2012-2771
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2770 (The Authen::ExternalAuth extension before 0.11 for Best Practical ...)
+CVE-2012-2770
 	- rt-authen-externalauth 0.10-2 (bug #683288)
-CVE-2012-2769 (Multiple cross-site scripting (XSS) vulnerabilities in the topic ...)
+CVE-2012-2769
 	- request-tracker4 4.0.6-1
 	NOTE: bundled in RT4
-CVE-2012-2768 (Multiple cross-site scripting (XSS) vulnerabilities in the topic ...)
+CVE-2012-2768
 	{DSA-2535-1}
 	- rtfm <removed> (bug #683290)
 	- request-tracker4 4.0.6-1
@@ -9861,22 +9861,22 @@ CVE-2012-2766
 	RESERVED
 CVE-2012-2765
 	RESERVED
-CVE-2012-2764 (Untrusted search path vulnerability in Google Chrome before ...)
+CVE-2012-2764
 	- chromium-browser <not-affected> (Windows specific)
-CVE-2012-2763 (Buffer overflow in the readstr_upto function in ...)
+CVE-2012-2763
 	- gimp 2.8.0-1 (unimportant)
 	NOTE: Only exploitable in rare/theoretical setups
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/31/1
 	NOTE: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
 	NOTE: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfubof.c
-CVE-2012-2762 (SQL injection vulnerability in include/functions_trackbacks.inc.php in ...)
+CVE-2012-2762
 	- serendipity <not-affected> (vulnerable code not present in 1.5.1, see bug #678139)
 CVE-2012-2761
 	RESERVED
-CVE-2012-2760 (mod_auth_openid before 0.7 for Apache uses world-readable permissions ...)
+CVE-2012-2760
 	- libapache2-mod-auth-openid 0.7-0.1 (low; bug #674165)
 	[squeeze] - libapache2-mod-auth-openid <no-dsa> (Minor issue)
-CVE-2012-2759 (Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the ...)
+CVE-2012-2759
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-2758
 	RESERVED
@@ -9888,53 +9888,53 @@ CVE-2012-2755
 	RESERVED
 CVE-2012-2754
 	RESERVED
-CVE-2012-2753 (Untrusted search path vulnerability in TrGUI.exe in the Endpoint ...)
+CVE-2012-2753
 	NOT-FOR-US: Endpoint Connect
-CVE-2012-2752 (Untrusted search path vulnerability in VMware vMA 4.x and 5.x before ...)
+CVE-2012-2752
 	NOT-FOR-US: VMware
-CVE-2012-2751 (ModSecurity before 2.6.6, when used with PHP, does not properly handle ...)
+CVE-2012-2751
 	{DSA-2506-1}
 	- modsecurity-apache 2.6.6-1 (bug #678527)
 	- libapache-mod-security <removed> (bug #678529)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/2
-CVE-2012-2750 (Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown ...)
+CVE-2012-2750
 	{DSA-2780-1}
 	- mysql-5.5 5.5.23-1
 	- mysql-5.1 <unfixed>
 	NOTE: http://bugs.mysql.com/bug.php?id=59533
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2012-2749 (MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote ...)
+CVE-2012-2749
 	{DSA-2496-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.24+dfsg-1
-CVE-2012-2748 (Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote ...)
+CVE-2012-2748
 	NOT-FOR-US: Joomla!
-CVE-2012-2747 (Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote ...)
+CVE-2012-2747
 	NOT-FOR-US: Joomla!
-CVE-2012-2746 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server ...)
+CVE-2012-2746
 	- 389-ds-base <not-affected> (Fixed before initial upload)
-CVE-2012-2745 (The copy_creds function in kernel/cred.c in the Linux kernel before ...)
+CVE-2012-2745
 	- linux 3.2.15-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2744 (net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before ...)
+CVE-2012-2744
 	- linux 2.6.34-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2012-2743 (Revelation 0.4.13-2 and earlier does not iterate through SHA hashing ...)
+CVE-2012-2743
 	- revelation 0.4.11-10 (low; bug #633088)
 	[squeeze] - revelation <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/18/1
-CVE-2012-2742 (Revelation 0.4.13-2 and earlier uses only the first 32 characters of a ...)
+CVE-2012-2742
 	- revelation 0.4.11-10 (bug #633088)
 	[squeeze] - revelation <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/18/1
-CVE-2012-2741 (Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ ...)
+CVE-2012-2741
 	NOT-FOR-US: phplist
-CVE-2012-2740 (SQL injection vulnerability in public_html/lists/admin in phpList ...)
+CVE-2012-2740
 	NOT-FOR-US: phplist
-CVE-2012-2739 (Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 ...)
+CVE-2012-2739
 	- openjdk-6 <removed> (unimportant)
 	- openjdk-7 <removed> (unimportant)
 	NOTE: Upstream disputes this and states it needs to be fixed in Java apps itself
@@ -9942,11 +9942,11 @@ CVE-2012-2739 (Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build
 	NOTE: http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/15/12
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/17/1
-CVE-2012-2738 (The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote ...)
+CVE-2012-2738
 	- vte 1:0.28.2-5 (bug #677717)
 	- vte3 1:0.32.2-1
 	[squeeze] - vte 1:0.24.3-4
-CVE-2012-2737 (The user_change_icon_file_authorized_cb function in ...)
+CVE-2012-2737
 	- accountsservice 0.6.21-6 (bug #679429)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/28/9
 	NOTE: http://cgit.freedesktop.org/accountsservice/commit/?id=69b526a6cd4c078732068de2ba393cf9242a404b
@@ -9955,78 +9955,78 @@ CVE-2012-2736 [NetworkManager: creating new WPA-secured wireless network results
 	RESERVED
 	- network-manager 0.9.4.0-1 (low; bug #655972)
 	[squeeze] - network-manager 0.8.1-6+squeeze2
-CVE-2012-2735 (Session fixation vulnerability in Cumin before 0.1.5444, as used in ...)
+CVE-2012-2735
 	NOT-FOR-US: Cumin
-CVE-2012-2734 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin ...)
+CVE-2012-2734
 	NOT-FOR-US: Cumin
-CVE-2012-2733 (java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP ...)
+CVE-2012-2733
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-1 (bug #692440)
 CVE-2012-2732
 	REJECTED
-CVE-2012-2731 (The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the ...)
+CVE-2012-2731
 	NOT-FOR-US: Drupal module
-CVE-2012-2730 (The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not ...)
+CVE-2012-2730
 	NOT-FOR-US: Drupal module
-CVE-2012-2729 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-2729
 	NOT-FOR-US: Drupal module
-CVE-2012-2728 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Node ...)
+CVE-2012-2728
 	NOT-FOR-US: Drupal module
-CVE-2012-2727 (Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and ...)
+CVE-2012-2727
 	NOT-FOR-US: Drupal module
-CVE-2012-2726 (Cross-site scripting (XSS) vulnerability in the Protest module 6.x-1.x ...)
+CVE-2012-2726
 	NOT-FOR-US: Drupal module
-CVE-2012-2725 (classes/Filter/WhitelistedExternalFilter.php in the Authoring HTML ...)
+CVE-2012-2725
 	NOT-FOR-US: Drupal module
 CVE-2012-2724
 	RESERVED
 	NOT-FOR-US: Drupal module
-CVE-2012-2723 (Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x ...)
+CVE-2012-2723
 	NOT-FOR-US: Drupal module
-CVE-2012-2722 (The node selection interface in the WYSIWYG editor (CKEditor) in the ...)
+CVE-2012-2722
 	NOT-FOR-US: Drupal module
-CVE-2012-2721 (The default views in the Organic Groups (OG) module 6.x-2.x before ...)
+CVE-2012-2721
 	NOT-FOR-US: Drupal module
-CVE-2012-2720 (The Token Authentication (tokenauth) module 6.x-1.x before 6.x-1.7 for ...)
+CVE-2012-2720
 	NOT-FOR-US: Drupal module
-CVE-2012-2719 (The filedepot module 6.x-1.x before 6.x-1.3 for Drupal, when accessed ...)
+CVE-2012-2719
 	NOT-FOR-US: Drupal module
-CVE-2012-2718 (SQL injection vulnerability in the Counter module for Drupal allows ...)
+CVE-2012-2718
 	NOT-FOR-US: Drupal module
-CVE-2012-2717 (Multiple cross-site scripting (XSS) vulnerabilities in the Mobile ...)
+CVE-2012-2717
 	NOT-FOR-US: Drupal module
-CVE-2012-2716 (Cross-site request forgery (CSRF) vulnerability in the Comment ...)
+CVE-2012-2716
 	NOT-FOR-US: Drupal module
-CVE-2012-2715 (Cross-site scripting (XSS) vulnerability in the themes_links function ...)
+CVE-2012-2715
 	NOT-FOR-US: Drupal module
 CVE-2012-2714
 	RESERVED
 	NOT-FOR-US: Drupal module
-CVE-2012-2713 (Cross-site request forgery (CSRF) vulnerability in the BrowserID ...)
+CVE-2012-2713
 	NOT-FOR-US: Drupal module
-CVE-2012-2712 (Multiple cross-site scripting (XSS) vulnerabilities in the Search API ...)
+CVE-2012-2712
 	NOT-FOR-US: Drupal module
-CVE-2012-2711 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy ...)
+CVE-2012-2711
 	NOT-FOR-US: Drupal module
-CVE-2012-2710 (Cross-site scripting (XSS) vulnerability in the Zen module 6.x-1.x ...)
+CVE-2012-2710
 	NOT-FOR-US: Drupal module
 CVE-2012-2709
 	REJECTED
-CVE-2012-2708 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2012-2708
 	NOT-FOR-US: Drupal module
-CVE-2012-2707 (The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does ...)
+CVE-2012-2707
 	NOT-FOR-US: Drupal module
-CVE-2012-2706 (Cross-site scripting (XSS) vulnerability in the Post Affiliate Pro ...)
+CVE-2012-2706
 	NOT-FOR-US: Drupal module
-CVE-2012-2705 (The filter_titles function in the Smart Breadcrumb module 6.x-1.x ...)
+CVE-2012-2705
 	NOT-FOR-US: Drupal module
-CVE-2012-2704 (The Advertisement module 6.x-2.x before 6.x-2.3 for Drupal does not ...)
+CVE-2012-2704
 	NOT-FOR-US: Drupal Module
-CVE-2012-2703 (Cross-site scripting (XSS) vulnerability in the Advertisement module ...)
+CVE-2012-2703
 	NOT-FOR-US: Drupal module
-CVE-2012-2702 (The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal ...)
+CVE-2012-2702
 	NOT-FOR-US: Drupal module
 CVE-2012-2701
 	REJECTED
@@ -10034,28 +10034,28 @@ CVE-2012-2700
 	REJECTED
 CVE-2012-2699
 	REJECTED
-CVE-2012-2698 (Cross-site scripting (XSS) vulnerability in the outputPage function in ...)
+CVE-2012-2698
 	[squeeze] - mediawiki <not-affected> (bug #677895; only affects experimental version 1.9.0)
 	- mediawiki 1:1.19.1-1
-CVE-2012-2697 (Unspecified vulnerability in autofs, as used in Red Hat Enterprise ...)
+CVE-2012-2697
 	- autofs 5.0.6-1
 	NOTE: Fixed upstream with "fix paged ldap map read"
-CVE-2012-2696 (The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) ...)
+CVE-2012-2696
 	NOT-FOR-US: Red Hat Enterprise Virtualisation
-CVE-2012-2695 (The Active Record component in Ruby on Rails before 3.0.14, 3.1.x ...)
+CVE-2012-2695
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
-CVE-2012-2694 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
+CVE-2012-2694
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
-CVE-2012-2693 (libvirt, possibly before 0.9.12, does not properly assign USB devices ...)
+CVE-2012-2693
 	- libvirt 0.9.12-1 (bug #677496)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-2692 (MantisBT before 1.2.11 does not check the delete_attachments_threshold ...)
+CVE-2012-2692
 	{DSA-2500-1}
 	- mantis 1.2.11-1 (bug #676783)
-CVE-2012-2691 (The mc_issue_note_update function in the SOAP API in MantisBT before ...)
+CVE-2012-2691
 	- mantis 1.2.11-1 (bug #676783)
 	[squeeze] - mantis <not-affected> (according to maintainer)
-CVE-2012-2690 (virt-edit in libguestfs before 1.18.0 does not preserve the ...)
+CVE-2012-2690
 	- libguestfs 1:1.18.0-1
 	NOTE: Upstream patch https://www.redhat.com/archives/libguestfs/2012-February/msg00034.html
 	NOTE: https://www.redhat.com/archives/libguestfs/2012-February/msg00033.html
@@ -10064,67 +10064,67 @@ CVE-2012-2690 (virt-edit in libguestfs before 1.18.0 does not preserve the ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/11/5
 CVE-2012-2689
 	RESERVED
-CVE-2012-2688 (Unspecified vulnerability in the _php_stream_scandir function in the ...)
+CVE-2012-2688
 	{DSA-2527-1}
 	- php5 5.4.4-4 (low; bug #683274)
-CVE-2012-2687 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-2687
 	- apache2 2.2.22-8 (low)
 	[squeeze] - apache2 2.2.16-6+squeeze8
-CVE-2012-2686 (crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the ...)
+CVE-2012-2686
 	- openssl 1.0.1e-1 (bug #699889)
 	[squeeze] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: DoS in specific protocol + cpu type combination
-CVE-2012-2685 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, ...)
+CVE-2012-2685
 	NOT-FOR-US: Cumin
-CVE-2012-2684 (Multiple SQL injection vulnerabilities in the ...)
+CVE-2012-2684
 	NOT-FOR-US: Cumin
-CVE-2012-2683 (Multiple cross-site scripting (XSS) vulnerabilities in Cumin before ...)
+CVE-2012-2683
 	NOT-FOR-US: Cumin
-CVE-2012-2682 (Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG ...)
+CVE-2012-2682
 	NOT-FOR-US: Cumin
-CVE-2012-2681 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, ...)
+CVE-2012-2681
 	NOT-FOR-US: Cumin
-CVE-2012-2680 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, ...)
+CVE-2012-2680
 	NOT-FOR-US: Cumin
-CVE-2012-2679 (Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg ...)
+CVE-2012-2679
 	NOT-FOR-US: Red Hat Network configuration client
-CVE-2012-2678 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server ...)
+CVE-2012-2678
 	- 389-ds-base <not-affected> (Fixed before initial upload)
-CVE-2012-2677 (Integer overflow in the ordered_malloc function in boost/pool/pool.hpp ...)
+CVE-2012-2677
 	- boost1.42 <removed> (low; bug #688331)
 	[squeeze] - boost1.42 <no-dsa> (Minor issue)
 	- boost1.49 1.49.0-3.1 (low; bug #677197)
-CVE-2012-2676 (Multiple integer overflows in the (1) malloc and (2) calloc functions ...)
+CVE-2012-2676
 	NOT-FOR-US: Hoard memory allocator
-CVE-2012-2675 (Multiple integer overflows in the (1) CallMalloc (malloc) and (2) ...)
+CVE-2012-2675
 	NOT-FOR-US: nedmalloc
-CVE-2012-2674 (Multiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and ...)
+CVE-2012-2674
 	NOT-FOR-US: Android libc
-CVE-2012-2673 (Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc ...)
+CVE-2012-2673
 	- libgc 1:7.1-9 (bug #677195)
 	[squeeze] - libgc 1:6.8-2
-CVE-2012-2672 (Oracle Mojarra 2.1.7 does not properly &quot;clean up&quot; the FacesContext ...)
+CVE-2012-2672
 	- mojarra 2.2.8-1 (bug #677194)
 	[wheezy] - mojarra <not-affected> (Only affected in combination with EAP6/AS7 application servers, not shipped in Debian)
 	[squeeze] - mojarra <not-affected> (Only affected in combination with EAP6/AS7 application servers, not shipped in Debian)
-CVE-2012-2671 (The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other ...)
+CVE-2012-2671
 	NOTE: https://github.com/rtomayko/rack-cache/blob/master/CHANGES
 	- ruby-rack-cache 1.2-1
-CVE-2012-2670 (manageuser.php in Collabtive before 0.7.6 allows remote authenticated ...)
+CVE-2012-2670
 	- collabtive 0.7.6-1 (bug #676311)
 	NOTE: http://www.securityfocus.com/archive/1/522973/30/0/threaded
 	NOTE: http://xync.org/2012/06/04/Arbitrary-File-Upload-in-Collabtive.html
 	NOTE: http://www.collabtive.o-dyn.de/blog/?p=426
-CVE-2012-2669 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as ...)
+CVE-2012-2669
 	- linux 3.2.23-1
 	[squeeze] - linux-2.6 <not-affected> (userspace daemon not yet present)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=761200
-CVE-2012-2668 (libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, ...)
+CVE-2012-2668
 	- openldap <not-affected> (OpenLDAP in Debian uses GNUTLS instead of Mozilla NSS)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=825875
 	NOTE: http://www.openldap.org/its/index.cgi?findid=7285
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=2c2bb2e
-CVE-2012-2667 (Session fixation vulnerability in ...)
+CVE-2012-2667
 	NOT-FOR-US: Symfony
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=418427
 	NOTE: http://symfony.com/blog/security-release-symfony-1-4-18-released
@@ -10132,46 +10132,46 @@ CVE-2012-2667 (Session fixation vulnerability in ...)
 	NOTE: http://trac.symfony-project.org/changeset/33466?format=diff&new=33466
 CVE-2012-2666
 	RESERVED
-CVE-2012-2665 (Multiple heap-based buffer overflows in the XML manifest encryption ...)
+CVE-2012-2665
 	{DSA-2520-1}
 	- libreoffice 1:3.5.4-7
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
-CVE-2012-2664 (The sosreport utility in the Red Hat sos package before 2.2-29 does ...)
+CVE-2012-2664
 	NOT-FOR-US: sosreport (Red Hat tool)
-CVE-2012-2663 (extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP ...)
+CVE-2012-2663
 	- iptables <unfixed> (unimportant; bug #675445)
-CVE-2012-2662 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat ...)
+CVE-2012-2662
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-2661 (The Active Record component in Ruby on Rails 3.0.x before 3.0.13, ...)
+CVE-2012-2661
 	- rails <not-affected> (Doesn't affects RoR in Squeeze)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675396; bug #675429)
 	NOTE: http://seclists.org/oss-sec/2012/q2/448
-CVE-2012-2660 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
+CVE-2012-2660
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
 	NOTE: http://seclists.org/oss-sec/2012/q2/449
 CVE-2012-2659
 	RESERVED
-CVE-2012-2658 (** DISPUTED ** ...)
+CVE-2012-2658
 	- unixodbc 2.3.6-0.1 (unimportant; bug #675058)
 	NOTE: Only triggerable by trusted input, not a security issue
-CVE-2012-2657 (** DISPUTED ** ...)
+CVE-2012-2657
 	- unixodbc 2.3.6-0.1 (unimportant; bug #675058)
 	NOTE: Only triggerable by trusted input, not a security issue
 CVE-2012-2656 [XXE vulnerability in Restlet]
 	RESERVED
 	- restlet <itp> (bug #596472)
-CVE-2012-2655 (PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before ...)
+CVE-2012-2655
 	{DSA-2491-1}
 	- postgresql-9.1 9.1.4-1
 	- postgresql-8.4 8.4.12-1
-CVE-2012-2654 (The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom ...)
+CVE-2012-2654
 	- nova 2012.1-6 (bug #676465)
-CVE-2012-2653 (arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly ...)
+CVE-2012-2653
 	{DSA-2481-1}
 	- arpwatch 2.1a15-1.2 (bug #674715)
 	NOTE: Debian build includes the vulnerable patch (in .diff.gz)
-CVE-2012-2652 (The bdrv_open function in Qemu 1.0 does not properly handle the ...)
+CVE-2012-2652
 	{DSA-2545-1 DSA-2542-1}
 	- qemu 1.1.0+dfsg-1 (bug #678280)
 	- qemu-kvm 1.1.0+dfsg-1
@@ -10179,64 +10179,64 @@ CVE-2012-2651
 	RESERVED
 CVE-2012-2650
 	RESERVED
-CVE-2012-2649 (The Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile ...)
+CVE-2012-2649
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2012-2648 (Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 ...)
+CVE-2012-2648
 	NOT-FOR-US: GoodReader
-CVE-2012-2647 (Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote ...)
+CVE-2012-2647
 	NOT-FOR-US: Yahoo! Toolbar
-CVE-2012-2646 (The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black ...)
+CVE-2012-2646
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2012-2645 (The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier for ...)
+CVE-2012-2645
 	NOT-FOR-US: The Yahoo! Japan Yahoo! Browser application
-CVE-2012-2644 (Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 ...)
+CVE-2012-2644
 	NOT-FOR-US: Movable Type MT4i plugin
-CVE-2012-2643 (Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before ...)
+CVE-2012-2643
 	NOT-FOR-US: KENT-WEB YY-BOARD
-CVE-2012-2642 (Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 ...)
+CVE-2012-2642
 	NOT-FOR-US: Movable Type MT4i plugin
-CVE-2012-2641 (Cross-site scripting (XSS) vulnerability in Zenphoto before 1.4.3 ...)
+CVE-2012-2641
 	NOT-FOR-US: Zenphoto
-CVE-2012-2640 (The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for ...)
+CVE-2012-2640
 	NOT-FOR-US: The NEC BIGLOBE Yome Collection
 CVE-2012-2639
 	REJECTED
-CVE-2012-2638 (Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT ...)
+CVE-2012-2638
 	NOT-FOR-US: SmallPICT
-CVE-2012-2637 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 ...)
+CVE-2012-2637
 	NOT-FOR-US: KENT-WEB WEB PATIO
-CVE-2012-2636 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 ...)
+CVE-2012-2636
 	NOT-FOR-US: KENT-WEB WEB PATIO
-CVE-2012-2635 (The Dolphin Browser HD application before 7.6 and Dolphin for Pad ...)
+CVE-2012-2635
 	NOT-FOR-US: Dolphin
-CVE-2012-2634 (Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0, when ...)
+CVE-2012-2634
 	NOT-FOR-US: FeedDemon
-CVE-2012-2633 (Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp ...)
+CVE-2012-2633
 	NOT-FOR-US: WassUp
-CVE-2012-2632 (SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 ...)
+CVE-2012-2632
 	NOT-FOR-US: SEIL routers
-CVE-2012-2631 (Cross-site scripting (XSS) vulnerability in WEBLOGIC @WEB ShoppingCart ...)
+CVE-2012-2631
 	NOT-FOR-US: WEBLOGIC
-CVE-2012-2630 (The Puella Magi Madoka Magica iP application 1.05 and earlier for ...)
+CVE-2012-2630
 	NOT-FOR-US: Puella Magi Madoka Magica iP (Android application)
 CVE-2012-2629
 	RESERVED
 CVE-2012-2628
 	RESERVED
-CVE-2012-2627 (d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell ...)
+CVE-2012-2627
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-2626 (cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell ...)
+CVE-2012-2626
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-2625 (The PyGrub boot loader in Xen unstable before changeset ...)
+CVE-2012-2625
 	{DSA-2636-1}
 	- xen 4.1.3-4 (low; bug #688125)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625
-CVE-2012-2624 (Stack-based buffer overflow in Logica HotScan allows remote attackers ...)
+CVE-2012-2624
 	NOT-FOR-US: Logica HotScan
 CVE-2012-XXXX [two XSS]
 	- spip 2.1.14-1 (low; bug #672961)
 	[squeeze] - spip 2.1.1-3squeeze4
-CVE-2012-1675 (The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, ...)
+CVE-2012-1675
 	NOT-FOR-US: Oracle Database
 CVE-2012-2623
 	RESERVED
@@ -10246,7 +10246,7 @@ CVE-2012-2621
 	RESERVED
 CVE-2012-2620
 	RESERVED
-CVE-2012-2619 (The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, ...)
+CVE-2012-2619
 	- firmware-nonfree <not-affected> (Affects different chipset combination, see bug #694716)
 CVE-2012-2618
 	RESERVED
@@ -10256,13 +10256,13 @@ CVE-2012-2616
 	RESERVED
 CVE-2012-2615
 	REJECTED
-CVE-2012-2614 (Buffer overflow in programmer.exe in Lattice Diamond Programmer 1.4.2 ...)
+CVE-2012-2614
 	NOT-FOR-US: Lattice Diamond Programmer
 CVE-2012-2613
 	RESERVED
-CVE-2012-2612 (The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and ...)
+CVE-2012-2612
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2611 (The DiagTraceR3Info function in the Dialog processor in disp+work.exe ...)
+CVE-2012-2611
 	NOT-FOR-US: SAP NetWeaver
 CVE-2012-2610
 	RESERVED
@@ -10270,136 +10270,136 @@ CVE-2012-2609
 	RESERVED
 CVE-2012-2608
 	RESERVED
-CVE-2012-2607 (The Johnson Controls CK721-A controller with firmware before ...)
+CVE-2012-2607
 	NOT-FOR-US: The Johnson Controls CK721-A
-CVE-2012-2606 (The agent in Bradford Network Sentry before 5.3.3 does not require ...)
+CVE-2012-2606
 	NOT-FOR-US: Bradford Network Sentry
-CVE-2012-2605 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-2605
 	NOT-FOR-US: Bradford Network Sentry
-CVE-2012-2604 (Multiple cross-site scripting (XSS) vulnerabilities in GuestAccess.jsp ...)
+CVE-2012-2604
 	NOT-FOR-US: Bradford Network Sentry
-CVE-2012-2603 (The server in CollabNet ScrumWorks Pro before 6.0 allows remote ...)
+CVE-2012-2603
 	NOT-FOR-US: CollabNet ScrumWorks Pro
-CVE-2012-2602 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-2602
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-2601 (SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch ...)
+CVE-2012-2601
 	NOT-FOR-US: Ipswitch WhatsUp Gold
 CVE-2012-2600
 	RESERVED
 CVE-2012-2599
 	RESERVED
-CVE-2012-2598 (Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 ...)
+CVE-2012-2598
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-2597 (Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 ...)
+CVE-2012-2597
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-2596 (The XPath functionality in unspecified web applications in Siemens ...)
+CVE-2012-2596
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-2595 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified web ...)
+CVE-2012-2595
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-2594
 	RESERVED
 CVE-2012-2593
 	RESERVED
-CVE-2012-2592 (Cross-site scripting (XSS) vulnerability in Axigen Mail Server 8.0.1 ...)
+CVE-2012-2592
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2012-2591 (Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect ...)
+CVE-2012-2591
 	NOT-FOR-US: EmailArchitect
-CVE-2012-2590 (Multiple cross-site scripting (XSS) vulnerabilities in ESCON ...)
+CVE-2012-2590
 	NOT-FOR-US: ESCON SupportPortal Professional Edition
 CVE-2012-2589
 	REJECTED
-CVE-2012-2588 (Multiple cross-site scripting (XSS) vulnerabilities in MailEnable ...)
+CVE-2012-2588
 	NOT-FOR-US: MailEnable Enterprise
-CVE-2012-2587 (Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic ...)
+CVE-2012-2587
 	NOT-FOR-US: AfterLogic MailSuite Pro
-CVE-2012-2586 (Multiple cross-site scripting (XSS) vulnerabilities in Mailtraq ...)
+CVE-2012-2586
 	NOT-FOR-US: Mailtraq
-CVE-2012-2585 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2012-2585
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2012-2584 (Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon ...)
+CVE-2012-2584
 	NOT-FOR-US: Alt-N MDaemon Free
-CVE-2012-2583 (Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget ...)
+CVE-2012-2583
 	NOT-FOR-US: WordPress plugin Mini Mail Dashboard Widget
-CVE-2012-2582 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
+CVE-2012-2582
 	{DSA-2536-1}
 	- otrs2 3.1.7+dfsg1-4
 CVE-2012-2581
 	RESERVED
-CVE-2012-2580 (Cross-site scripting (XSS) vulnerability in the Postie plugin 1.4.3, ...)
+CVE-2012-2580
 	NOT-FOR-US: WordPress plugin Postie
-CVE-2012-2579 (Multiple cross-site scripting (XSS) vulnerabilities in the WP ...)
+CVE-2012-2579
 	NOT-FOR-US: WordPress plugin SimpleMail
-CVE-2012-2578 (Multiple cross-site scripting (XSS) vulnerabilities in SmarterMail 9.2 ...)
+CVE-2012-2578
 	NOT-FOR-US: SmarterMail
-CVE-2012-2577 (Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds ...)
+CVE-2012-2577
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-2576 (SQL injection vulnerability in the LoginServlet page in SolarWinds ...)
+CVE-2012-2576
 	NOT-FOR-US: SolarWinds
-CVE-2012-2575 (Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 ...)
+CVE-2012-2575
 	NOT-FOR-US: NetWin SurgeMail
-CVE-2012-2574 (SQL injection vulnerability in the management console in Symantec Web ...)
+CVE-2012-2574
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2573 (Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail ...)
+CVE-2012-2573
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2572 (Cross-site scripting (XSS) vulnerability in the ThreeWP Email ...)
+CVE-2012-2572
 	NOT-FOR-US: WordPress plugin ThreeWP Email Reflector
-CVE-2012-2571 (Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail ...)
+CVE-2012-2571
 	NOT-FOR-US: WinWebMail
-CVE-2012-2570 (Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart ...)
+CVE-2012-2570
 	NOT-FOR-US: X-Cart Gold
-CVE-2012-2569 (Cross-site scripting (XSS) vulnerability in Synametrics Technologies ...)
+CVE-2012-2569
 	NOT-FOR-US: Synametrics Technologies Xeams
-CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web server on ...)
+CVE-2012-2568
 	NOT-FOR-US: Seagate BlackArmor
-CVE-2012-2567 (The Xelex MobileTrack application 2.3.7 and earlier for Android uses ...)
+CVE-2012-2567
 	NOT-FOR-US: Xelex MobileTrack application
-CVE-2012-2566 (Bloxx Web Filtering before 5.0.14 does not properly interpret ...)
+CVE-2012-2566
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2565 (Bloxx Web Filtering before 5.0.14 does not use a salt during ...)
+CVE-2012-2565
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2564 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-2564
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2563 (Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web ...)
+CVE-2012-2563
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2562 (The Xelex MobileTrack application 2.3.7 and earlier for Android does ...)
+CVE-2012-2562
 	NOT-FOR-US: Xelex MobileTrack application
-CVE-2012-2561 (HP Business Service Management (BSM) 9.12 does not properly restrict ...)
+CVE-2012-2561
 	NOT-FOR-US: HP Business Service Management
-CVE-2012-2560 (Directory traversal vulnerability in WellinTech KingView 6.53 allows ...)
+CVE-2012-2560
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-2559 (WellinTech KingHistorian 3.0 allows remote attackers to execute ...)
+CVE-2012-2559
 	NOT-FOR-US: WellinTech KingHistorian
 CVE-2012-2558
 	RESERVED
-CVE-2012-2557 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2012-2557
 	NOT-FOR-US: Internet Explorer
-CVE-2012-2556 (The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft ...)
+CVE-2012-2556
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-2555
 	REJECTED
 CVE-2012-2554
 	REJECTED
-CVE-2012-2553 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2012-2553
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2552 (Cross-site scripting (XSS) vulnerability in the SQL Server Report ...)
+CVE-2012-2552
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2012-2551 (The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, ...)
+CVE-2012-2551
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2012-2550 (Microsoft Works 9 allows remote attackers to execute arbitrary code or ...)
+CVE-2012-2550
 	NOT-FOR-US: Microsoft Works
-CVE-2012-2549 (The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server ...)
+CVE-2012-2549
 	NOT-FOR-US: Windows Server
-CVE-2012-2548 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2012-2548
 	NOT-FOR-US: Internet Explorer
 CVE-2012-2547
 	REJECTED
-CVE-2012-2546 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2012-2546
 	NOT-FOR-US: Internet Explorer
 CVE-2012-2545
 	REJECTED
 CVE-2012-2544
 	REJECTED
-CVE-2012-2543 (Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and ...)
+CVE-2012-2543
 	NOT-FOR-US: Microsoft Excel
 CVE-2012-2542
 	REJECTED
@@ -10407,13 +10407,13 @@ CVE-2012-2541
 	REJECTED
 CVE-2012-2540
 	REJECTED
-CVE-2012-2539 (Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; ...)
+CVE-2012-2539
 	NOT-FOR-US: Microsoft Office
 CVE-2012-2538
 	REJECTED
 CVE-2012-2537
 	REJECTED
-CVE-2012-2536 (Cross-site scripting (XSS) vulnerability in Microsoft Systems ...)
+CVE-2012-2536
 	NOT-FOR-US: Microsoft Systems Management Server
 CVE-2012-2535
 	REJECTED
@@ -10421,49 +10421,49 @@ CVE-2012-2534
 	REJECTED
 CVE-2012-2533
 	REJECTED
-CVE-2012-2532 (Microsoft FTP Service 7.0 and 7.5 for Internet Information Services ...)
+CVE-2012-2532
 	NOT-FOR-US: Microsoft FTP Service
-CVE-2012-2531 (Microsoft Internet Information Services (IIS) 7.5 uses weak ...)
+CVE-2012-2531
 	NOT-FOR-US: Microsoft IIS
-CVE-2012-2530 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2012-2530
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2529 (Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2012-2529
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2528 (Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and ...)
+CVE-2012-2528
 	NOT-FOR-US: Microsoft Word
-CVE-2012-2527 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2012-2527
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2526 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2012-2526
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-2525
 	REJECTED
-CVE-2012-2524 (Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers ...)
+CVE-2012-2524
 	NOT-FOR-US: Microsoft Office
-CVE-2012-2523 (Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, ...)
+CVE-2012-2523
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-2522 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-2522
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-2521 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-2521
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-2520 (Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 ...)
+CVE-2012-2520
 	NOT-FOR-US: Microsoft Infopath
-CVE-2012-2519 (Untrusted search path vulnerability in Entity Framework in ADO.NET in ...)
+CVE-2012-2519
 	NOT-FOR-US: Microsoft .NET framework
 CVE-2012-2518
 	REJECTED
 CVE-2012-2517
 	RESERVED
-CVE-2012-2516 (An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the ...)
+CVE-2012-2516
 	NOT-FOR-US: KeyWorks not in Debian
-CVE-2012-2515 (Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX ...)
+CVE-2012-2515
 	NOT-FOR-US: KeyWorks not in Debian
-CVE-2012-2514 (The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and ...)
+CVE-2012-2514
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2513 (The Diaginput function in disp+work.exe 7010.29.15.58313 and ...)
+CVE-2012-2513
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2512 (The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and ...)
+CVE-2012-2512
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2511 (The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and ...)
+CVE-2012-2511
 	NOT-FOR-US: SAP NetWeaver
 CVE-2012-2510
 	RESERVED
@@ -10485,35 +10485,35 @@ CVE-2012-2502
 	RESERVED
 CVE-2012-2501
 	RESERVED
-CVE-2012-2500 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not ...)
+CVE-2012-2500
 	NOT-FOR-US: Cisco
-CVE-2012-2499 (The IPsec implementation in Cisco AnyConnect Secure Mobility Client ...)
+CVE-2012-2499
 	NOT-FOR-US: Cisco
-CVE-2012-2498 (Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ...)
+CVE-2012-2498
 	NOT-FOR-US: Cisco
 CVE-2012-2497
 	REJECTED
-CVE-2012-2496 (A certain Java applet in the VPN downloader implementation in the ...)
+CVE-2012-2496
 	NOT-FOR-US: Cisco
-CVE-2012-2495 (The HostScan downloader implementation in Cisco AnyConnect Secure ...)
+CVE-2012-2495
 	NOT-FOR-US: Cisco
-CVE-2012-2494 (The VPN downloader implementation in the WebLaunch feature in Cisco ...)
+CVE-2012-2494
 	NOT-FOR-US: Cisco
-CVE-2012-2493 (The VPN downloader implementation in the WebLaunch feature in Cisco ...)
+CVE-2012-2493
 	NOT-FOR-US: Cisco
 CVE-2012-2492
 	RESERVED
 CVE-2012-2491
 	RESERVED
-CVE-2012-2490 (Cisco IP Communicator 8.6 allows man-in-the-middle attackers to modify ...)
+CVE-2012-2490
 	NOT-FOR-US: Cisco
 CVE-2012-2489
 	RESERVED
-CVE-2012-2488 (Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series ...)
+CVE-2012-2488
 	NOT-FOR-US: Cisco IOS
 CVE-2012-2487
 	RESERVED
-CVE-2012-2486 (The Cisco Discovery Protocol (CDP) implementation on Cisco ...)
+CVE-2012-2486
 	NOT-FOR-US: Cisco Telepresence
 CVE-2012-2485
 	RESERVED
@@ -10537,17 +10537,17 @@ CVE-2012-2476
 	RESERVED
 CVE-2012-2475
 	RESERVED
-CVE-2012-2474 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series ...)
+CVE-2012-2474
 	NOT-FOR-US: Cisco
 CVE-2012-2473
 	RESERVED
-CVE-2012-2472 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2012-2472
 	NOT-FOR-US: Cisco
 CVE-2012-2471
 	RESERVED
 CVE-2012-2470
 	RESERVED
-CVE-2012-2469 (Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when ...)
+CVE-2012-2469
 	NOT-FOR-US: Cisco
 CVE-2012-2468
 	RESERVED
@@ -10567,7 +10567,7 @@ CVE-2012-2461
 	RESERVED
 CVE-2012-2460
 	RESERVED
-CVE-2012-2459 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.6, ...)
+CVE-2012-2459
 	- bitcoin 0.6.2.1-1
 	NOTE: https://bitcointalk.org/index.php?topic=81749.0
 CVE-2012-2458
@@ -10576,7 +10576,7 @@ CVE-2012-2457
 	RESERVED
 CVE-2012-2456
 	REJECTED
-CVE-2012-2455 (Advanced Productivity Software DTE Axiom before 12.3.3 does not ...)
+CVE-2012-2455
 	NOT-FOR-US: Advanced Productivity Software DTE Axiom
 CVE-2012-2454
 	RESERVED
@@ -10584,17 +10584,17 @@ CVE-2012-2453
 	RESERVED
 CVE-2012-2452
 	RESERVED
-CVE-2012-2450 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, ...)
+CVE-2012-2450
 	NOT-FOR-US: VMware
-CVE-2012-2449 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, ...)
+CVE-2012-2449
 	NOT-FOR-US: VMware
-CVE-2012-2448 (VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote ...)
+CVE-2012-2448
 	NOT-FOR-US: VMware
-CVE-2012-2447 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-2447
 	NOT-FOR-US: Netsweeper WebAdmin Portal
-CVE-2012-2446 (Cross-site scripting (XSS) vulnerability in tools/local_lookup.php in ...)
+CVE-2012-2446
 	NOT-FOR-US: Netsweeper WebAdmin Portal
-CVE-2012-2451 (The Config::IniFiles module before 2.71 for Perl creates temporary ...)
+CVE-2012-2451
 	- libconfig-inifiles-perl 2.72-1 (bug #671255; low)
 	[squeeze] - libconfig-inifiles-perl 2.52-1+squeeze1
 	NOTE: https://bitbucket.org/shlomif/perl-config-inifiles/changeset/a08fa26f4f59
@@ -10605,21 +10605,21 @@ CVE-2012-2444
 	RESERVED
 CVE-2012-2443
 	RESERVED
-CVE-2012-2442 (Buffer overflow in the Video Manager in Nokia PC Suite 7.1.180.64 and ...)
+CVE-2012-2442
 	NOT-FOR-US: Nokia PC Suite
-CVE-2012-2441 (RuggedCom Rugged Operating System (ROS) before 3.3 has a factory ...)
+CVE-2012-2441
 	NOT-FOR-US: RuggedCom Rugged Operating System
-CVE-2012-2440 (The default configuration of the TP-Link 8840T router enables ...)
+CVE-2012-2440
 	NOT-FOR-US: TP-Link router
-CVE-2012-2439 (The default configuration of the NETGEAR ProSafe FVS318N firewall ...)
+CVE-2012-2439
 	NOT-FOR-US: NETGEAR appliance
-CVE-2012-2438 (ar web content manager (AWCM) 2.2 does not restrict the number of ...)
+CVE-2012-2438
 	NOT-FOR-US: ar web content manager
-CVE-2012-2437 (cookie_gen.php in ar web content manager (AWCM) 2.2 does not require ...)
+CVE-2012-2437
 	NOT-FOR-US: ar web content manager
-CVE-2012-2436 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS ...)
+CVE-2012-2436
 	NOT-FOR-US: Pligg
-CVE-2012-2435 (Directory traversal vulnerability in the captcha module in Pligg CMS ...)
+CVE-2012-2435
 	NOT-FOR-US: Pligg
 CVE-2012-2434
 	RESERVED
@@ -10631,100 +10631,100 @@ CVE-2012-2431
 	RESERVED
 CVE-2012-2430
 	RESERVED
-CVE-2012-2429 (The server in xArrow before 3.4.1 performs an invalid read operation, ...)
+CVE-2012-2429
 	NOT-FOR-US: xArrow
-CVE-2012-2428 (Integer overflow in the server in xArrow before 3.4.1 allows remote ...)
+CVE-2012-2428
 	NOT-FOR-US: xArrow
-CVE-2012-2427 (Heap-based buffer overflow in the server in xArrow before 3.4.1 allows ...)
+CVE-2012-2427
 	NOT-FOR-US: xArrow
-CVE-2012-2426 (The server in xArrow before 3.4.1 does not properly allocate memory, ...)
+CVE-2012-2426
 	NOT-FOR-US: xArrow
-CVE-2012-2425 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) ...)
+CVE-2012-2425
 	NOT-FOR-US: Intuit
-CVE-2012-2424 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) ...)
+CVE-2012-2424
 	NOT-FOR-US: Intuit
-CVE-2012-2423 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) ...)
+CVE-2012-2423
 	NOT-FOR-US: Intuit
-CVE-2012-2422 (Intuit QuickBooks 2009 through 2012 might allow remote attackers to ...)
+CVE-2012-2422
 	NOT-FOR-US: Intuit
-CVE-2012-2421 (Absolute path traversal vulnerability in the intu-help-qb (aka Intuit ...)
+CVE-2012-2421
 	NOT-FOR-US: Intuit
-CVE-2012-2420 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) ...)
+CVE-2012-2420
 	NOT-FOR-US: Intuit
-CVE-2012-2419 (Memory leak in the intu-help-qb (aka Intuit Help System Async ...)
+CVE-2012-2419
 	NOT-FOR-US: Intuit
-CVE-2012-2418 (Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System ...)
+CVE-2012-2418
 	NOT-FOR-US: Intuit
-CVE-2012-2417 (PyCrypto before 2.6 does not produce appropriate prime numbers when ...)
+CVE-2012-2417
 	{DSA-2502-1}
 	- python-crypto 2.6-1
 	NOTE: https://bugs.launchpad.net/pycrypto/+bug/985164
-CVE-2012-2413 (Cross-site scripting (XSS) vulnerability in the ja_purity template for ...)
+CVE-2012-2413
 	NOT-FOR-US: Joomla template
 CVE-2012-2412
 	RESERVED
-CVE-2012-2411 (Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and ...)
+CVE-2012-2411
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2410 (Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, ...)
+CVE-2012-2410
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2409 (Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, ...)
+CVE-2012-2409
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2408 (The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP ...)
+CVE-2012-2408
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2407 (Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, ...)
+CVE-2012-2407
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2406 (RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 ...)
+CVE-2012-2406
 	NOT-FOR-US: RealPlayer
-CVE-2012-2405 (Gallery 2 before 2.3.2 and 3 before 3.0.3 does not properly implement ...)
+CVE-2012-2405
 	- gallery2 <removed>
-CVE-2012-2404 (wp-comments-post.php in WordPress before 3.3.2 supports offsite ...)
+CVE-2012-2404
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2403 (wp-includes/formatting.php in WordPress before 3.3.2 attempts to ...)
+CVE-2012-2403
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2402 (wp-admin/plugins.php in WordPress before 3.3.2 allows remote ...)
+CVE-2012-2402
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2401 (Plupload before 1.5.4, as used in wp-includes/js/plupload/ in ...)
+CVE-2012-2401
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2400 (Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress ...)
+CVE-2012-2400
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2399 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload ...)
+CVE-2012-2399
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2416 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x ...)
+CVE-2012-2416
 	- asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2012-2415 (Heap-based buffer overflow in chan_skinny.c in the Skinny channel ...)
+CVE-2012-2415
 	{DSA-2460-1}
 	- asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
-CVE-2012-2414 (main/manager.c in the Manager Interface in Asterisk Open Source ...)
+CVE-2012-2414
 	{DSA-2460-1}
 	- asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
-CVE-2012-2398 (Cross-site scripting (XSS) vulnerability in files/ajax/download.php in ...)
+CVE-2012-2398
 	- owncloud 3.0.3-1
-CVE-2012-2397 (Cross-site request forgery (CSRF) vulnerability in ownCloud before ...)
+CVE-2012-2397
 	- owncloud 3.0.3-1
-CVE-2012-2396 (VideoLAN VLC media player 2.0.1 allows remote attackers to cause a ...)
+CVE-2012-2396
 	- vlc <not-affected> (Not used, see bug #671727)
 	- taglib 1.7.2-1 (unimportant)
-CVE-2012-2395 (Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 ...)
+CVE-2012-2395
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2012-2394 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and ...)
+CVE-2012-2394
 	- wireshark 1.6.8-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7221
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824419
-CVE-2012-2393 (epan/dissectors/packet-diameter.c in the DIAMETER dissector in ...)
+CVE-2012-2393
 	- wireshark 1.6.8-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2012-09.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7133
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824413
-CVE-2012-2392 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote ...)
+CVE-2012-2392
 	- wireshark 1.6.8-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 Squeeze: vulnerable code not present
@@ -10738,122 +10738,122 @@ CVE-2012-2392 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remot
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824411
 CVE-2012-2391
 	REJECTED
-CVE-2012-2390 (Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows ...)
+CVE-2012-2390
 	- linux 3.2.19-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2389 (hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 ...)
+CVE-2012-2389
 	- hostapd <not-affected> (Debian package provides no default config file)
 	- wpa <not-affected> (Debian package provides no default config file)
-CVE-2012-2388 (The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote ...)
+CVE-2012-2388
 	{DSA-2483-1}
 	- strongswan 4.5.2-1.4
-CVE-2012-2387 (devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random ...)
+CVE-2012-2387
 	- devotee <itp> (bug #470995)
-CVE-2012-2386 (Integer overflow in the phar_parse_tarfile function in tar.c in the ...)
+CVE-2012-2386
 	{DSA-2492-1}
 	- php5 5.4.4~rc1-1
-CVE-2012-2385 (The terminal dispatcher in mosh before 1.2.1 allows remote ...)
+CVE-2012-2385
 	- mosh 1.2.1-1 (low; bug #673871)
 	[squeeze] - mosh 1.2.1-1 (low; bug #673871)
 	NOTE: https://github.com/keithw/mosh/issues/271
 	NOTE: https://github.com/keithw/mosh/commit/9791768705528e911bfca6c4d8aa88139035060e
-CVE-2012-2384 (Integer overflow in the i915_gem_do_execbuffer function in ...)
+CVE-2012-2384
 	- linux-2.6 3.2.17-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-2383 (Integer overflow in the i915_gem_execbuffer2 function in ...)
+CVE-2012-2383
 	- linux-2.6 3.2.17-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2012-2382
 	REJECTED
-CVE-2012-2381 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller ...)
+CVE-2012-2381
 	NOT-FOR-US: Apache Roller
-CVE-2012-2380 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2012-2380
 	NOT-FOR-US: Apache Roller
-CVE-2012-2379 (Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before ...)
+CVE-2012-2379
 	NOT-FOR-US: Apache CXF
-CVE-2012-2378 (Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before ...)
+CVE-2012-2378
 	NOT-FOR-US: Apache CXF
-CVE-2012-2377 (JGroups diagnostics service in JBoss Enterprise Portal Platform before ...)
+CVE-2012-2377
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-2376 (Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and ...)
+CVE-2012-2376
 	- php5 <not-affected> (Windows-specific vulnerability)
-CVE-2012-2375 (The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 ...)
+CVE-2012-2375
 	- linux 3.2.19-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Incomplete patch was not released)
-CVE-2012-2374 (CRLF injection vulnerability in the ...)
+CVE-2012-2374
 	- python-tornado 2.1.0-3 (low; bug #673987)
 	[squeeze] - python-tornado <not-affected> (Vulnerable code not present)
-CVE-2012-2373 (The Linux kernel before 3.4.5 on the x86 platform, when Physical ...)
+CVE-2012-2373
 	- linux-2.6 3.2.19-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-2372 (The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram ...)
+CVE-2012-2372
 	- linux 3.11.10-1 (unimportant)
 	[wheezy] - linux 3.2.53-1
 	NOTE: rds is not included in distributed kernel images, only marked as "experimental"
-CVE-2012-2371 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
+CVE-2012-2371
 	NOT-FOR-US: WP-FaceThumb plugin for WordPress
-CVE-2012-2370 (Multiple integer overflows in the read_bitmap_file_data function in ...)
+CVE-2012-2370
 	- gdk-pixbuf 2.26.1-1 (low)
-CVE-2012-2369 (Format string vulnerability in the log_message_cb function in ...)
+CVE-2012-2369
 	{DSA-2476-1}
 	- pidgin-otr 3.2.1-1 (medium; bug #673154)
 	NOTE: libotr not affected
-CVE-2012-2368 (Bytemark Symbiosis before Revision 1322 does not properly validate ...)
+CVE-2012-2368
 	NOT-FOR-US: Bytemark Symbiosis
-CVE-2012-2367 (Moodle 1.9.x before 1.9.18, 2.0.x before 2.0.9, 2.1.x before 2.1.6, ...)
+CVE-2012-2367
 	- moodle 2.2.3.dfsg-1 (low; bug #674163)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
-CVE-2012-2366 (mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before ...)
+CVE-2012-2366
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2365 (Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, ...)
+CVE-2012-2365
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2364 (Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle ...)
+CVE-2012-2364
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2363 (SQL injection vulnerability in calendar/event.php in the calendar ...)
+CVE-2012-2363
 	- moodle 2.0-1 (bug #674163)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
 	NOTE: Only affects Moodle 1.9.x
-CVE-2012-2362 (Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog ...)
+CVE-2012-2362
 	- moodle 2.0-1 (bug #674163)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
 	NOTE: Only affects Moodle 1.9.x
-CVE-2012-2361 (Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php ...)
+CVE-2012-2361
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2360 (Cross-site scripting (XSS) vulnerability in the Wiki subsystem in ...)
+CVE-2012-2360
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2359 (admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before ...)
+CVE-2012-2359
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2358 (Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 ...)
+CVE-2012-2358
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2357 (The Multi-Authentication feature in the Central Authentication Service ...)
+CVE-2012-2357
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2356 (The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x ...)
+CVE-2012-2356
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2355 (Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote ...)
+CVE-2012-2355
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2354 (Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote ...)
+CVE-2012-2354
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2353 (Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote ...)
+CVE-2012-2353
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2352 (The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in ...)
+CVE-2012-2352
 	{DSA-2477-1}
 	- sympa 6.1.11~dfsg-1 (bug #672893; high)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/12/8
-CVE-2012-2351 (The default configuration of the auth/saml plugin in Mahara before ...)
+CVE-2012-2351
 	{DSA-2467-1}
 	- mahara 1.4.2-1
 CVE-2012-2350 [pam_shield default configuration does not take any action]
@@ -10876,205 +10876,205 @@ CVE-2012-2343
 	REJECTED
 CVE-2012-2342
 	REJECTED
-CVE-2012-2341 (Cross-site request forgery (CSRF) vulnerability in the Take Control ...)
+CVE-2012-2341
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
 	NOT-FOR-US: Drupal Take Control
-CVE-2012-2340 (The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not ...)
+CVE-2012-2340
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
 	NOT-FOR-US: Drupal Contact Forms
-CVE-2012-2339 (Cross-site scripting (XSS) vulnerability in the Glossary module ...)
+CVE-2012-2339
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
 	NOT-FOR-US: Drupal Glossary
-CVE-2012-2338 (SQL injection vulnerability in includes/picture.class.php in Galette ...)
+CVE-2012-2338
 	NOT-FOR-US: Galette
 	NOTE: http://redmine.ulysses.fr/issues/250
 	NOTE: http://redmine.ulysses.fr/projects/galette/repository/revisions/8c13ec159ba
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/1
-CVE-2012-2337 (sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does ...)
+CVE-2012-2337
 	{DSA-2478-1}
 	- sudo 1.8.3p2-1.1 (bug #673766)
-CVE-2012-2336 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when ...)
+CVE-2012-2336
 	- php5 5.4.3 (unimportant)
 	NOTE: Rather harmless bug
-CVE-2012-2335 (php-wrapper.fcgi does not properly handle command-line arguments, ...)
+CVE-2012-2335
 	NOT-FOR-US: Incomplete wrapper provided by PHP as workaround for CVE-2012-1823/CVE-2012-2311
-CVE-2012-2334 (Integer overflow in filter/source/msfilter/msdffimp.cxx in ...)
+CVE-2012-2334
 	{DSA-2487-1}
 	- libreoffice 1:3.5.2~rc2-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
-CVE-2012-2333 (Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and ...)
+CVE-2012-2333
 	{DSA-2475-1}
 	- openssl 1.0.1c-1 (bug #672452)
 	NOTE: http://seclists.org/oss-sec/2012/q2/299
 	NOTE: http://www.openssl.org/news/secadv/20120510.txt
-CVE-2012-2332 (SQL injection vulnerability in serendipity/serendipity_admin.php in ...)
+CVE-2012-2332
 	- serendipity <removed> (bug #671937; low)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120527103654/http://www.koramis.com:80/advisories/2012/KORAMIS-ADV2012-001.txt
 	NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
 	NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
-CVE-2012-2331 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-2331
 	- serendipity <removed> (bug #671937; low)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120527103654/http://www.koramis.com:80/advisories/2012/KORAMIS-ADV2012-001.txt
 	NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
 	NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
-CVE-2012-2330 (The Update method in src/node_http_parser.cc in Node.js before 0.6.17 ...)
+CVE-2012-2330
 	- nodejs 0.6.17~dfsg1-1
 	NOTE: http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/
 	NOTE: https://github.com/joyent/node/commit/c9a231d
-CVE-2012-2329 (Buffer overflow in the apache_request_headers function in ...)
+CVE-2012-2329
 	- php5 5.4.3-1
 	[squeeze] - php5 <not-affected> (Vulnerable code not present)
 	NOTE: 5.4.x only
-CVE-2012-2328 (internal/cimxml/sax/NodeFactory.java in Standards-Based Linux ...)
+CVE-2012-2328
 	NOT-FOR-US: sblim
-CVE-2012-2327 (MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to ...)
+CVE-2012-2327
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 	NOTE: http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/07/14
-CVE-2012-2326 (Cross-site scripting (XSS) vulnerability in the Admin Control Panel ...)
+CVE-2012-2326
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 	NOTE: http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/07/14
-CVE-2012-2325 (SQL injection vulnerability in the User Inline Moderation feature in ...)
+CVE-2012-2325
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 	NOTE: http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/07/14
-CVE-2012-2324 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
+CVE-2012-2324
 	NOT-FOR-US: MyBB
 CVE-2012-2323
 	REJECTED
-CVE-2012-2322 (Integer overflow in the dhcpv6_get_option function in gdhcp/client.c ...)
+CVE-2012-2322
 	- connman 1.0-1 (bug #672989)
 	[squeeze] - connman <not-affected> (Vulnerable code not present)
-CVE-2012-2321 (The loopback plug-in in ConnMan before 0.85 allows remote attackers to ...)
+CVE-2012-2321
 	- connman 1.0-1 (low; bug #672989)
 	[squeeze] - connman <no-dsa> (Minor issue)
-CVE-2012-2320 (ConnMan before 0.85 does not ensure that netlink messages originate ...)
+CVE-2012-2320
 	- connman 1.0-1 (low; bug #672989)
 	[squeeze] - connman <no-dsa> (Minor issue)
-CVE-2012-2319 (Multiple buffer overflows in the hfsplus filesystem implementation in ...)
+CVE-2012-2319
 	- linux 3.2.17-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2318 (msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 ...)
+CVE-2012-2318
 	- pidgin 2.10.4-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2012-2317 (The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in ...)
+CVE-2012-2317
 	- php5 5.3.6-1 (bug #581170)
 	[squeeze] - php5 5.3.3-7+squeeze4
-CVE-2012-2316 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-2316
 	NOT-FOR-US: OpenKM
-CVE-2012-2315 (admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not ...)
+CVE-2012-2315
 	NOT-FOR-US: OpenKM
-CVE-2012-2314 (The bootloader configuration module (pyanaconda/bootloader.py) in ...)
+CVE-2012-2314
 	NOT-FOR-US: The anaconda installer
-CVE-2012-2313 (The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the ...)
+CVE-2012-2313
 	- linux 3.2.19-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
 CVE-2012-2312
 	RESERVED
 	- jbossas4 <not-affected> (Only affects JBoss 7)
-CVE-2012-2311 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when ...)
+CVE-2012-2311
 	{DSA-2465-1}
 	- php5 5.4.3-1 (bug #671880)
 	NOTE: This CVE ID is for the initial incomplete fix for CVE-2012-1823
 	NOTE: http://www.kb.cert.org/vuls/id/520827
-CVE-2012-2310 (Cross-site scripting (XSS) vulnerability in the cctags module for ...)
+CVE-2012-2310
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2309 (Cross-site scripting (XSS) vulnerability in the Glossify Internal ...)
+CVE-2012-2309
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2308 (Cross-site scripting (XSS) vulnerability in the Taxonomy Grid : ...)
+CVE-2012-2308
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2307 (Cross-site request forgery (CSRF) vulnerability in the Addressbook ...)
+CVE-2012-2307
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2306 (SQL injection vulnerability in the Addressbook module for Drupal ...)
+CVE-2012-2306
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2305 (Cross-site request forgery (CSRF) vulnerability in the Node Gallery ...)
+CVE-2012-2305
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2304 (The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an ...)
+CVE-2012-2304
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2303 (The Spaces module 6.x-3.x before 6.x-3.4 for Drupal does not enforce ...)
+CVE-2012-2303
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2302 (Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 ...)
+CVE-2012-2302
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2301 (The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote ...)
+CVE-2012-2301
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2300 (Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart ...)
+CVE-2012-2300
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2299 (The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 ...)
+CVE-2012-2299
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2298 (Multiple cross-site scripting (XSS) vulnerabilities in the RealName ...)
+CVE-2012-2298
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2297 (Multiple cross-site scripting (XSS) vulnerabilities in the Creative ...)
+CVE-2012-2297
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2296 (The Janrain Engage (formerly RPX) module for Drupal 6.x-1.x. 6.x-2.x ...)
+CVE-2012-2296
 	NOT-FOR-US: Drupal addon not packaged
 CVE-2012-2295
 	REJECTED
-CVE-2012-2294 (EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before ...)
+CVE-2012-2294
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-2293 (Directory traversal vulnerability in EMC RSA Archer SmartSuite ...)
+CVE-2012-2293
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-2292 (The Silverlight cross-domain policy in EMC RSA Archer SmartSuite ...)
+CVE-2012-2292
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-2291 (EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC ...)
+CVE-2012-2291
 	NOT-FOR-US: EMC Avamar
-CVE-2012-2290 (The client in EMC NetWorker Module for Microsoft Applications (NMM) ...)
+CVE-2012-2290
 	NOT-FOR-US: EMC NetWorker Module for Microsoft Applications
-CVE-2012-2289 (EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender ...)
+CVE-2012-2289
 	NOT-FOR-US: EMC
-CVE-2012-2288 (Format string vulnerability in the nsrd RPC service in EMC NetWorker ...)
+CVE-2012-2288
 	NOT-FOR-US: EMC NetWorker
-CVE-2012-2287 (The authentication functionality in EMC RSA Authentication Agent 7.1 ...)
+CVE-2012-2287
 	NOT-FOR-US: EMC RSA Authentication agent
-CVE-2012-2286 (Unspecified vulnerability in EMC RSA Adaptive Authentication ...)
+CVE-2012-2286
 	NOT-FOR-US: EMC RSA Authentication agent
-CVE-2012-2285 (EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, ...)
+CVE-2012-2285
 	NOT-FOR-US: EMC Cloud Tiering Appliance
-CVE-2012-2284 (The (1) install and (2) upgrade processes in EMC NetWorker Module for ...)
+CVE-2012-2284
 	NOT-FOR-US: EMC NetWorker Module for Microsoft Applications
-CVE-2012-2283 (The Iomega Home Media Network Hard Drive with EMC Lifeline firmware ...)
+CVE-2012-2283
 	NOT-FOR-US: Iomega Home Media Network Hard Drive
-CVE-2012-2282 (EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before ...)
+CVE-2012-2282
 	NOT-FOR-US: EMC Celerra/VNX/VNXe
-CVE-2012-2281 (EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access ...)
+CVE-2012-2281
 	NOT-FOR-US: RSA Access Manager
 	NOTE: http://seclists.org/bugtraq/2012/Jul/36
-CVE-2012-2280 (EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID ...)
+CVE-2012-2280
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2012-2279 (Open redirect vulnerability in the Security Console in EMC RSA ...)
+CVE-2012-2279
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2012-2278 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2012-2278
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2012-2277 (The IRM Server in EMC Documentum Information Rights Management 4.x ...)
+CVE-2012-2277
 	NOT-FOR-US: EMC Documentum Information Rights Management
-CVE-2012-2276 (The IRM Server in EMC Documentum Information Rights Management 4.x ...)
+CVE-2012-2276
 	NOT-FOR-US: EMC Documentum Information Rights Management
-CVE-2012-2275 (Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink ...)
+CVE-2012-2275
 	NOT-FOR-US: TestLink
-CVE-2012-2274 (Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in ...)
+CVE-2012-2274
 	NOT-FOR-US: PivotX
-CVE-2012-2273 (Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 ...)
+CVE-2012-2273
 	NOT-FOR-US: Comodo Internet Security
 CVE-2012-2272
 	RESERVED
-CVE-2012-2271 (Buffer overflow in the InitLicenKeys function in a certain ActiveX ...)
+CVE-2012-2271
 	NOT-FOR-US: SkinCrafter
-CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page) in ...)
+CVE-2012-2270
 	- owncloud 3.0.3-1
-CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2012-2269
 	- owncloud 3.0.2-1
-CVE-2012-2268 (master.exe in the SNMP Master Agent in RealNetworks Helix Server and ...)
+CVE-2012-2268
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-2267 (master.exe in the SNMP Master Agent in RealNetworks Helix Server and ...)
+CVE-2012-2267
 	NOT-FOR-US: RealNetworks Helix
 CVE-2012-2266
 	REJECTED
@@ -11102,20 +11102,20 @@ CVE-2012-2255
 	REJECTED
 CVE-2012-2254
 	REJECTED
-CVE-2012-2253 (Cross-site scripting (XSS) vulnerability in group/members.php in ...)
+CVE-2012-2253
 	{DSA-2591-1}
 	- mahara 1.5.1-3.1 (bug #695789)
-CVE-2012-2252 (Incomplete blacklist vulnerability in rssh before 2.3.4, when the ...)
+CVE-2012-2252
 	{DSA-2578-1}
 	- rssh 2.3.3-6
-CVE-2012-2251 (rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync ...)
+CVE-2012-2251
 	{DSA-2578-1}
 	- rssh 2.3.3-6
-CVE-2012-2250 (Tor before 0.2.3.24-rc allows remote attackers to cause a denial of ...)
+CVE-2012-2250
 	{DLA-17-1}
 	- tor 0.2.3.24-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2012-2249 (Tor before 0.2.3.23-rc allows remote attackers to cause a denial of ...)
+CVE-2012-2249
 	{DLA-17-1}
 	- tor 0.2.3.23-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
@@ -11125,39 +11125,39 @@ CVE-2012-2248 [build-influenced PATH set in dhclient]
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u2
 	[squeeze] - isc-dhcp <not-affected> (CLIENT_PATH is not correctly defined)
 	NOTE: Debian-specific
-CVE-2012-2247 (Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 ...)
+CVE-2012-2247
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4938
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1061980
-CVE-2012-2246 (Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote ...)
+CVE-2012-2246
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=493
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1057240
 CVE-2012-2245
 	REJECTED
-CVE-2012-2244 (Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote ...)
+CVE-2012-2244
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4936
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1057238
-CVE-2012-2243 (Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 ...)
+CVE-2012-2243
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4937
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1055232
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1063480
-CVE-2012-2242 (scripts/dget.pl in devscripts before 2.10.73 allows remote attackers ...)
+CVE-2012-2242
 	{DSA-2549-1}
 	- devscripts 2.12.3
-CVE-2012-2241 (scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to ...)
+CVE-2012-2241
 	{DSA-2549-1}
 	- devscripts 2.12.3
-CVE-2012-2240 (scripts/dscverify.pl in devscripts before 2.12.3 allows remote ...)
+CVE-2012-2240
 	{DSA-2549-1}
 	- devscripts 2.12.3
-CVE-2012-2239 (Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote ...)
+CVE-2012-2239
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 CVE-2012-2238
@@ -11167,11 +11167,11 @@ CVE-2012-2237
 	RESERVED
 	{DSA-2540-1}
 	- mahara 1.5.1-2
-CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 ...)
+CVE-2012-2236
 	NOT-FOR-US: PHP Gift Registry
-CVE-2012-2235 (Cross-site scripting (XSS) vulnerability in Support Incident Tracker ...)
+CVE-2012-2235
 	NOT-FOR-US: Support Incident Tracker
-CVE-2012-2234 (Cross-site scripting (XSS) vulnerability in sources/users.queries.php ...)
+CVE-2012-2234
 	NOT-FOR-US: TeamPass.net
 CVE-2012-2233
 	RESERVED
@@ -11179,21 +11179,21 @@ CVE-2012-2232
 	RESERVED
 CVE-2012-2231
 	RESERVED
-CVE-2012-2230 (Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration ...)
+CVE-2012-2230
 	NOT-FOR-US: Cloudera Manager
 CVE-2012-2229
 	RESERVED
 CVE-2012-2228
 	RESERVED
-CVE-2012-2227 (Directory traversal vulnerability in update/index.php in PluXml before ...)
+CVE-2012-2227
 	NOT-FOR-US: PluXml
 CVE-2012-2226
 	RESERVED
-CVE-2012-2225 (360zip 1.93beta allows remote attackers to execute arbitrary code via ...)
+CVE-2012-2225
 	NOT-FOR-US: 360zip
-CVE-2012-2224 (Xunlei Thunder before 7.2.6 allows remote attackers to execute ...)
+CVE-2012-2224
 	NOT-FOR-US: Xunlei Thunder
-CVE-2012-2223 (The xplat agent in Novell ZENworks Configuration Management (ZCM) ...)
+CVE-2012-2223
 	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2012-2222
 	RESERVED
@@ -11205,161 +11205,161 @@ CVE-2012-2219
 	RESERVED
 CVE-2012-2218
 	RESERVED
-CVE-2012-2217 (The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, ...)
+CVE-2012-2217
 	NOT-FOR-US: Android
 CVE-2012-2216
 	RESERVED
-CVE-2012-2095 (The SetWiredProperty function in the D-Bus interface in WICD before ...)
+CVE-2012-2095
 	- wicd 1.7.2.4-1 (low; bug #668397)
 	[squeeze] - wicd 1.7.0+ds1-5+squeeze2
-CVE-2012-2215 (Directory traversal vulnerability in the Preboot Service in Novell ...)
+CVE-2012-2215
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2012-2214 (proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle ...)
+CVE-2012-2214
 	- pidgin 2.10.4-1
 	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 	NOTE: http://www.pidgin.im/news/security/?id=62
-CVE-2012-2213 (** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the ...)
+CVE-2012-2213
 	NOT-FOR-US: Disputed Squid access bypass, probably user error and minor impact anyway
-CVE-2012-2212 (** DISPUTED ** McAfee Web Gateway 7.0 allows remote attackers to ...)
+CVE-2012-2212
 	NOT-FOR-US: McAfee Web Gateway
-CVE-2012-2211 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-2211
 	- egroupware <removed>
-CVE-2012-2210 (The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a ...)
+CVE-2012-2210
 	NOT-FOR-US: Sony Bravia
-CVE-2012-2209 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...)
+CVE-2012-2209
 	- piwigo <removed> (bug #685364)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2012-2208 (Directory traversal vulnerability in upgrade.php in Piwigo before ...)
+CVE-2012-2208
 	- piwigo <removed> (bug #685364)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 CVE-2012-2207
 	RESERVED
-CVE-2012-2206 (The Web Gateway component in IBM WebSphere MQ File Transfer Edition ...)
+CVE-2012-2206
 	NOT-FOR-US: IBM WebSphere MQ File Transfer Edition
-CVE-2012-2205 (Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest ...)
+CVE-2012-2205
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2012-2204
 	RESERVED
-CVE-2012-2203 (IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM ...)
+CVE-2012-2203
 	NOT-FOR-US: IBM Global Security Kit
-CVE-2012-2202 (Directory traversal vulnerability in javatester_init.php in IBM Lotus ...)
+CVE-2012-2202
 	NOT-FOR-US: IBM Lotus Protector, IBM ISS Proventia Network Mail Security System
 CVE-2012-2201
 	RESERVED
-CVE-2012-2200 (The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS ...)
+CVE-2012-2200
 	NOT-FOR-US: sendmail configuration in AIX
-CVE-2012-2199 (The server message channel agent in the queue manager in the server in ...)
+CVE-2012-2199
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2012-2198
 	RESERVED
-CVE-2012-2197 (Stack-based buffer overflow in the Java Stored Procedure ...)
+CVE-2012-2197
 	NOT-FOR-US: IBM DB2
-CVE-2012-2196 (IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through ...)
+CVE-2012-2196
 	NOT-FOR-US: IBM DB2
 CVE-2012-2195
 	RESERVED
-CVE-2012-2194 (Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored ...)
+CVE-2012-2194
 	NOT-FOR-US: IBM DB2
-CVE-2012-2193 (Cross-site scripting (XSS) vulnerability in Query Studio in IBM Cognos ...)
+CVE-2012-2193
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-2192 (The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS ...)
+CVE-2012-2192
 	NOT-FOR-US: AIX
-CVE-2012-2191 (IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM ...)
+CVE-2012-2191
 	NOT-FOR-US: IBM Global Security Kit
-CVE-2012-2190 (IBM Global Security Kit (aka GSKit), as used in IBM HTTP Server in IBM ...)
+CVE-2012-2190
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2012-2189
 	RESERVED
-CVE-2012-2188 (IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, ...)
+CVE-2012-2188
 	NOT-FOR-US: IBM Power Hardware Management Console
-CVE-2012-2187 (IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, ...)
+CVE-2012-2187
 	NOT-FOR-US: IBM Remote Supervisor Adapter
-CVE-2012-2186 (Incomplete blacklist vulnerability in main/manager.c in Asterisk Open ...)
+CVE-2012-2186
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1 (bug #680470)
-CVE-2012-2185 (IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud ...)
+CVE-2012-2185
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-2184 (Session fixation vulnerability in IBM Maximo Asset Management 7.1 ...)
+CVE-2012-2184
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-2183 (Session fixation vulnerability in IBM Maximo Asset Management 6.2 ...)
+CVE-2012-2183
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2012-2182
 	RESERVED
-CVE-2012-2181 (Directory traversal vulnerability in the Dojo module in IBM WebSphere ...)
+CVE-2012-2181
 	NOT-FOR-US: IBM WebSphere not in Debian
-CVE-2012-2180 (The chaining functionality in the Distributed Relational Database ...)
+CVE-2012-2180
 	NOT-FOR-US: IBM DB2
-CVE-2012-2179 (libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite ...)
+CVE-2012-2179
 	NOT-FOR-US: AIX
 CVE-2012-2178
 	RESERVED
-CVE-2012-2177 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business ...)
+CVE-2012-2177
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-2176 (Multiple stack-based buffer overflows in a certain ActiveX control in ...)
+CVE-2012-2176
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2012-2175 (Buffer overflow in the Attachment_Times method in a certain ActiveX ...)
+CVE-2012-2175
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2012-2174 (The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote ...)
+CVE-2012-2174
 	NOT-FOR-US: Notes
-CVE-2012-2173 (The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 ...)
+CVE-2012-2173
 	NOT-FOR-US: AppScan
-CVE-2012-2172 (Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in ...)
+CVE-2012-2172
 	NOT-FOR-US: IBM System Storage DS Storage Manager
-CVE-2012-2171 (SQL injection vulnerability in ModuleServlet.do in the Storage Manager ...)
+CVE-2012-2171
 	NOT-FOR-US: IBM System Storage DS Storage Manager
-CVE-2012-2170 (The Application Snoop Servlet in IBM WebSphere Application Server 7.0 ...)
+CVE-2012-2170
 	NOT-FOR-US: WebSphere
-CVE-2012-2169 (Cross-site scripting (XSS) vulnerability in the file-upload ...)
+CVE-2012-2169
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2168 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 ...)
+CVE-2012-2168
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2167 (The IBM XIV Storage System Gen3 before 11.1.0.a allows remote ...)
+CVE-2012-2167
 	NOT-FOR-US: IBM XIV Storage System Gen3
-CVE-2012-2166 (IBM XIV Storage System 2810-A14 and 2812-A14 devices before level ...)
+CVE-2012-2166
 	NOT-FOR-US: IBM XIV Storage System
-CVE-2012-2165 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, ...)
+CVE-2012-2165
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2164 (The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x ...)
+CVE-2012-2164
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2163 (IBM Scale Out Network Attached Storage (SONAS) 1.1 through 1.3.1 ...)
+CVE-2012-2163
 	NOT-FOR-US: IBM Scale Out Network Attached Storage
-CVE-2012-2162 (The Web Server Plug-in in IBM WebSphere Application Server (WAS) 8.0 ...)
+CVE-2012-2162
 	NOT-FOR-US: WebSphere
-CVE-2012-2161 (Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM ...)
+CVE-2012-2161
 	NOT-FOR-US: IBM Security AppScan Source
 CVE-2012-2160
 	RESERVED
-CVE-2012-2159 (Open redirect vulnerability in IBM Eclipse Help System (IEHS), as used ...)
+CVE-2012-2159
 	NOT-FOR-US: IBM Eclipse Help System
 CVE-2012-2158
 	RESERVED
 CVE-2012-2157
 	RESERVED
-CVE-2012-2156 (Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 ...)
+CVE-2012-2156
 	NOT-FOR-US: Plume CMS
-CVE-2012-2155 (Cross-site request forgery (CSRF) vulnerability in the CDN2 Video ...)
+CVE-2012-2155
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2154 (Cross-site scripting (XSS) vulnerability in the CDN2 Video module 6.x ...)
+CVE-2012-2154
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2153 (Drupal 7.x before 7.14 does not properly restrict access to nodes in a ...)
+CVE-2012-2153
 	- drupal7 7.14-1
-CVE-2012-2152 (Stack-based buffer overflow in the get_packet method in socket.c in ...)
+CVE-2012-2152
 	{DSA-2498-1}
 	- dhcpcd 1:3.2.3-11 (bug #671265)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/02/4
-CVE-2012-2151 (Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x ...)
+CVE-2012-2151
 	{DSA-2461-1}
 	- spip 2.1.13-1 (low; bug #671264)
-CVE-2012-2150 (xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file ...)
+CVE-2012-2150
 	- xfsprogs 3.2.4-1 (low; bug #793495)
 	[jessie] - xfsprogs <no-dsa> (Minor issue, too intrusive to backport)
 	[wheezy] - xfsprogs <no-dsa> (Minor issue)
 	[squeeze] - xfsprogs <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=817696
 	NOTE: http://oss.sgi.com/pipermail/xfs/2015-July/042726.html
-CVE-2012-2149 (The WPXContentListener::_closeTableRow function in ...)
+CVE-2012-2149
 	- libwpd 0.8.14-1
 	NOTE: http://permalink.gmane.org/gmane.comp.security.full-disclosure/85789
 	NOTE: http://sourceforge.net/p/libwpd/code/ci/437bf6702164e30761a10771f95dd1c796f474b7
@@ -11367,19 +11367,19 @@ CVE-2012-2149 (The WPXContentListener::_closeTableRow function in ...)
 CVE-2012-2148
 	RESERVED
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-2147 (munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a ...)
+CVE-2012-2147
 	- munin 2.0~rc6-1 (bug #670811)
 	[squeeze] - munin <not-affected> (Vulnerable code not present)
-CVE-2012-2146 (Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique ...)
+CVE-2012-2146
 	- elixir 0.7.1-4 (low; bug #670919)
 	[jessie] - elixir <no-dsa> (Minor issue)
 	[squeeze] - elixir <no-dsa> (Minor issue)
 	[wheezy] - elixir <no-dsa> (Minor issue)
-CVE-2012-2145 (Apache Qpid 0.17 and earlier does not properly restrict incoming ...)
+CVE-2012-2145
 	- qpid-cpp 0.16-1 (bug #672124)
-CVE-2012-2144 (Session fixation vulnerability in OpenStack Dashboard (Horizon) ...)
+CVE-2012-2144
 	- horizon 2012.1-4 (bug #671604)
-CVE-2012-2143 (The crypt_des (aka DES-based crypt) function in FreeBSD before ...)
+CVE-2012-2143
 	{DSA-2491-1}
 	- postgresql-9.1 9.1.4-1
 	- postgresql-8.4 8.4.12-1
@@ -11390,38 +11390,38 @@ CVE-2012-2142 [Insufficient sanitization of escape sequences in the error messag
 	- xpdf <not-affected> (uses poppler's Error.cc)
 	- poppler 0.18.4-7  (unimportant; bug #487773)
 	NOTE: poppler upstream patch http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40
-CVE-2012-2141 (Array index error in the handle_nsExtendOutput2Table function in ...)
+CVE-2012-2141
 	- net-snmp 5.4.3~dfsg-2.5 (low; bug #672492)
 	[squeeze] - net-snmp 5.4.3~dfsg-2+squeeze1
 	NOTE: Red Hat patch: https://bugzilla.redhat.com/attachment.cgi?id=580443&action=diff
-CVE-2012-2140 (The Mail gem before 2.4.3 for Ruby allows remote attackers to execute ...)
+CVE-2012-2140
 	- ruby-mail 2.4.4-1
-CVE-2012-2139 (Directory traversal vulnerability in ...)
+CVE-2012-2139
 	- ruby-mail 2.4.4-1
-CVE-2012-2138 (The @CopyFrom operation in the POST servlet in the ...)
+CVE-2012-2138
 	NOT-FOR-US: Apache Sling
-CVE-2012-2137 (Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the ...)
+CVE-2012-2137
 	- linux 3.2.20-1
-CVE-2012-2136 (The sock_alloc_send_pskb function in net/core/sock.c in the Linux ...)
+CVE-2012-2136
 	- linux 3.2.20-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2135 (The utf-16 decoder in Python 3.1 through 3.3 does not update the ...)
+CVE-2012-2135
 	- python3.1 <unfixed> (bug #670389)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 3.2.3-1 (bug #670389)
 	- python3.3 3.3.1-1
 	NOTE: http://bugs.python.org/issue14579
-CVE-2012-2134 (The handle_connection_error function in ldap_helper.c in ...)
+CVE-2012-2134
 	NOT-FOR-US: Dynamic LDAP backend plugin for BIND
-CVE-2012-2133 (Use-after-free vulnerability in the Linux kernel before 3.3.6, when ...)
+CVE-2012-2133
 	{DSA-2469-1}
 	- linux-2.6 3.2.19-1
-CVE-2012-2132 (libsoup 2.32.2 and earlier does not validate certificates or clear the ...)
+CVE-2012-2132
 	- midori <unfixed> (unimportant; bug #672880)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=758431
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=817692
-CVE-2012-2131 (Multiple integer signedness errors in crypto/buffer/buffer.c in ...)
+CVE-2012-2131
 	{DSA-2454-2}
 	- openssl <not-affected> (only affected patch against 0.9.8)
 	NOTE: http://marc.info/?l=openssl-dev&m=133525318514423&w=2
@@ -11429,26 +11429,26 @@ CVE-2012-2130
 	RESERVED
 	- polarssl 1.1.2-1
 	[squeeze] - polarssl <not-affected> (Introduced in 0.99-pre4)
-CVE-2012-2129 (Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki ...)
+CVE-2012-2129
 	- dokuwiki 0.0.20120125a-1 (low; bug #670917)
 	[squeeze] - dokuwiki <not-affected>
 	NOTE: http://secunia.com/advisories/48848/
-CVE-2012-2128 (** DISPUTED ** ...)
+CVE-2012-2128
 	- dokuwiki 0.0.20120125a-1 (unimportant)
 	NOTE: http://bugs.dokuwiki.org/index.php?do=details&task_id=2488
-CVE-2012-2127 (fs/proc/root.c in the procfs implementation in the Linux kernel before ...)
+CVE-2012-2127
 	- linux-2.6 3.2-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 3.1)
-CVE-2012-2126 (RubyGems before 1.8.23 does not verify an SSL certificate, which ...)
+CVE-2012-2126
 	- rubygems 1.8.24-1 (bug #670228)
-CVE-2012-2125 (RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which ...)
+CVE-2012-2125
 	- rubygems 1.8.24-1 (bug #670228)
-CVE-2012-2124 (functions/imap_general.php in SquirrelMail, as used in Red Hat ...)
+CVE-2012-2124
 	- squirrelmail <not-affected> (Incorrect RedHat security update)
-CVE-2012-2123 (The cap_bprm_set_creds function in security/commoncap.c in the Linux ...)
+CVE-2012-2123
 	{DSA-2469-1}
 	- linux-2.6 3.2.16-1
-CVE-2012-2122 (sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before ...)
+CVE-2012-2122
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #677018)
 	- mysql-5.5 5.5.24+dfsg-1
@@ -11456,126 +11456,126 @@ CVE-2012-2122 (sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before
 	NOTE: http://seclists.org/oss-sec/2012/q2/493
 	NOTE: Issue only triggered with specific optimisation in glibc enabled; no builds in Debian known to be affected.
 	NOTE: Fixed versions indicate application of upstream patch which prevents issue regardless of opt.settings.
-CVE-2012-2121 (The KVM implementation in the Linux kernel before 3.3.4 does not ...)
+CVE-2012-2121
 	{DSA-2668-1}
 	- linux-2.6 3.2.17-1
-CVE-2012-2120 (latex2man in texlive-extra-utils 2011.20120322, and possibly other ...)
+CVE-2012-2120
 	- texlive-extra 2012.20130315-1 (low; bug #668779)
 	[wheezy] - texlive-extra <no-dsa> (Minor issue)
 	[squeeze] - texlive-extra 2009-10+squeeze1
-CVE-2012-2119 (Buffer overflow in the macvtap device driver in the Linux kernel ...)
+CVE-2012-2119
 	- linux 3.2.20-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present, was added in 3.1)
-CVE-2012-2118 (Format string vulnerability in the LogVHdrMessageVerb function in ...)
+CVE-2012-2118
 	- xorg-server 2:1.12.1.902-1 (bug #673148)
 	[squeeze] - xorg-server <not-affected> (Introduced in 1.10)
 	NOTE: http://lists.x.org/pipermail/xorg-devel/2012-May/031411.html
-CVE-2012-2117 (Cross-site scripting (XSS) vulnerability in the Gigya - Social ...)
+CVE-2012-2117
 	NOT-FOR-US: Drupal plugin (Gigya - Social Optimization) not in Debian
-CVE-2012-2116 (Cross-site request forgery (CSRF) vulnerability in the Commerce ...)
+CVE-2012-2116
 	NOT-FOR-US: Drupal plugin (Commerce Reorder) not in Debian
-CVE-2012-2115 (SQL injection vulnerability in interface/login/validateUser.php in ...)
+CVE-2012-2115
 	NOT-FOR-US: OpenEMR
-CVE-2012-2114 (Stack-based buffer overflow in fprintf in musl before 0.8.8 and ...)
+CVE-2012-2114
 	NOT-FOR-US: musl libc not in Debian
-CVE-2012-2113 (Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow ...)
+CVE-2012-2113
 	{DSA-2552-1}
 	- tiff 4.0.2-1 (bug #678140)
 	- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
-CVE-2012-2112 (Cross-site scripting (XSS) vulnerability in the Exception Handler in ...)
+CVE-2012-2112
 	{DSA-2455-1}
 	- typo3-src 4.5.15+dfsg1-1 (bug #669158)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
-CVE-2012-2111 (The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) ...)
+CVE-2012-2111
 	{DSA-2463-1}
 	- samba 2:3.6.5-1
 	NOTE: http://www.samba.org/samba/history/samba-3.6.5.html
 	NOTE: According to the release notes Samba 3.4.x to 3.6.4 are affected
-CVE-2012-2110 (The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL ...)
+CVE-2012-2110
 	{DSA-2454-1}
 	- openssl 1.0.1a-1
 	NOTE: http://www.openssl.org/news/secadv/20120419.txt
-CVE-2012-2109 (SQL injection vulnerability in wp-load.php in the BuddyPress plugin ...)
+CVE-2012-2109
 	NOT-FOR-US: wordpress buddypress plugin
-CVE-2012-2108 (Stack-based buffer overflow in the main function in util/lpci_main.c ...)
+CVE-2012-2108
 	- csound 1:5.17.6~dfsg-1 (low; bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
-CVE-2012-2107 (Integer overflow in the main function in util/lpci_main.c in Csound ...)
+CVE-2012-2107
 	- csound 1:5.17.6~dfsg-1 (bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
-CVE-2012-2106 (Integer overflow in the pv_import function in util/pv_import.c in ...)
+CVE-2012-2106
 	- csound 1:5.17.6~dfsg-1 (bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
-CVE-2012-2105 (Multiple SQL injection vulnerabilities in login.php in Timesheet Next ...)
+CVE-2012-2105
 	NOT-FOR-US: tsheetx
-CVE-2012-2104 (cgi-bin/munin-cgi-graph in Munin 2.x writes data to a log file without ...)
+CVE-2012-2104
 	- munin 2.0~rc6-1 (bug #668666)
 	[squeeze] - munin <not-affected> (Vulnerable code not present)
 	[lenny] - munin <not-affected> (Vulnerable code not present)
-CVE-2012-2103 (The qmailscan plugin for Munin 1.4.5 allows local users to overwrite ...)
+CVE-2012-2103
 	- munin 2.0~rc6-1 (bug #668778)
 	[squeeze] - munin <not-affected> (Vulnerable code not present)
 	[lenny] - munin <not-affected> (Vulnerable code not present)
-CVE-2012-2102 (MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote ...)
+CVE-2012-2102
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (low; bug #670636)
 	- mysql-5.5 5.5.24+dfsg-1 (low)
-CVE-2012-2101 (Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the ...)
+CVE-2012-2101
 	- nova 2012.1-2 (bug #670637)
-CVE-2012-2100 (The ext4_fill_flex_info function in fs/ext4/super.c in the Linux ...)
+CVE-2012-2100
 	- linux-2.6 3.2.2-1
 	[squeeze] - linux-2.6 2.6.32-41squeeze1
 	NOTE: incomplete fix of CVE-2009-4307, introducing another issue:
 	NOTE: https://lkml.org/lkml/2012/2/20/422
-CVE-2012-2099 (Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 ...)
+CVE-2012-2099
 	NOT-FOR-US: Wikidforum
-CVE-2012-2098 (Algorithmic complexity vulnerability in the sorting algorithms in ...)
+CVE-2012-2098
 	- libcommons-compress-java 1.4.1-1 (low; bug #674448)
 	[squeeze] - libcommons-compress-java <no-dsa> (Minor issue)
-CVE-2012-2097 (Cross-site request forgery (CSRF) vulnerability in the Autosave module ...)
+CVE-2012-2097
 	NOT-FOR-US: Drupal module Autosave
-CVE-2012-2096 (The Fivestar module 6.x-1.x before 6.x-1.20 for Drupal does not ...)
+CVE-2012-2096
 	NOT-FOR-US: Drupal module Fivestar
-CVE-2012-2094 (Cross-site scripting (XSS) vulnerability in the refresh mechanism in ...)
+CVE-2012-2094
 	- horizon 2012.1-3
-CVE-2012-2093 (src/common/latex.py in Gajim 0.15 allows local users to overwrite ...)
+CVE-2012-2093
 	{DSA-2453-2 DSA-2453-1}
 	- gajim 0.15-1.1 (low; bug #668710)
 CVE-2012-2092
 	RESERVED
 	- cobbler <not-affected> (Ubuntu specific cobbler-ubuntu-import script not present)
-CVE-2012-2091 (Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear ...)
+CVE-2012-2091
 	- simgear 2.10.0-3 (unimportant; bug #669024)
 	- flightgear 2.6.0-1.1 (unimportant; bug #669025)
 	NOTE: Negligible security impact, very obscure attack vector
-CVE-2012-2090 (Multiple format string vulnerabilities in FlightGear 2.6 and earlier ...)
+CVE-2012-2090
 	- simgear 2.10.0-2 (unimportant; bug #669024)
 	- flightgear 2.6.0-1.1 (unimportant; bug #669025)
 	NOTE: Negligible security impact, very obscure attack vector
-CVE-2012-2089 (Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module ...)
+CVE-2012-2089
 	- nginx 1.1.19-1
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
-CVE-2012-2088 (Integer signedness error in the TIFFReadDirectory function in ...)
+CVE-2012-2088
 	{DSA-2552-1}
 	- tiff 4.0-1 (bug #678140)
 	- tiff3 3.9.6-6
 CVE-2012-2087
 	RESERVED
-CVE-2012-2086 (SQL injection vulnerability in the get_last_conversation_lines ...)
+CVE-2012-2086
 	{DSA-2453-2 DSA-2453-1}
 	- gajim 0.15-1 (low; bug #668038)
-CVE-2012-2085 (The exec_command function in common/helpers.py in Gajim before 0.15 ...)
+CVE-2012-2085
 	{DSA-2453-2 DSA-2453-1}
 	- gajim 0.15-1 (medium; bug #668038)
-CVE-2012-2084 (Cross-site scripting (XSS) vulnerability in the Printer, email and PDF ...)
+CVE-2012-2084
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2083 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2012-2083
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2082 (Cross-site scripting (XSS) vulnerability in the Chaos tool suite (aka ...)
+CVE-2012-2082
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2081 (The Organic Groups (OG) module 6.x-2.x before 6.x-2.3 for Drupal does ...)
+CVE-2012-2081
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2080 (Cross-site request forgery (CSRF) vulnerability in the Node Limit ...)
+CVE-2012-2080
 	NOT-FOR-US: Drupal addon module not packaged in Debian
 CVE-2012-2079
 	RESERVED
@@ -11583,450 +11583,450 @@ CVE-2012-2079
 CVE-2012-2078
 	RESERVED
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2077 (Cross-site request forgery (CSRF) vulnerability in the ShareThis ...)
+CVE-2012-2077
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2076 (Cross-site scripting (XSS) vulnerability in the administration forms ...)
+CVE-2012-2076
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2075 (Cross-site scripting (XSS) vulnerability in the Contact Save module ...)
+CVE-2012-2075
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2074 (Unspecified vulnerability in certain default views in the Ubercart ...)
+CVE-2012-2074
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2073 (The Bundle copy module 7.x-1.x before 7.x-1.1 for Drupal does not ...)
+CVE-2012-2073
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2072 (Cross-site scripting (XSS) vulnerability in the Share Buttons ...)
+CVE-2012-2072
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2071 (Cross-site scripting (XSS) vulnerability in the Contact Forms module ...)
+CVE-2012-2071
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2070 (Cross-site scripting (XSS) vulnerability in the MultiBlock module ...)
+CVE-2012-2070
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2069 (Cross-site request forgery (CSRF) vulnerability in the Wishlist module ...)
+CVE-2012-2069
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2068 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-2068
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2067 (Unspecified vulnerability in the CKeditor module 6.x-2.x before ...)
+CVE-2012-2067
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2066 (Cross-site scripting (XSS) vulnerability in the FCKeditor module ...)
+CVE-2012-2066
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2065 (Cross-site scripting (XSS) vulnerability in the Language Icons module ...)
+CVE-2012-2065
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2064 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-2064
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2063 (The Slidebox module before 7.x-1.4 for Drupal does not properly check ...)
+CVE-2012-2063
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2062 (Open redirect vulnerability in the Redirecting click bouncer module ...)
+CVE-2012-2062
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2061 (Cross-site request forgery (CSRF) vulnerability in the Admin tools ...)
+CVE-2012-2061
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2060 (Cross-site scripting (XSS) vulnerability in the Admin tools module for ...)
+CVE-2012-2060
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2059 (Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker ...)
+CVE-2012-2059
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2058 (The Ubercart Payflow module for Drupal does not use a secure token, ...)
+CVE-2012-2058
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2057 (Cross-site request forgery (CSRF) vulnerability in the Ubercart Bulk ...)
+CVE-2012-2057
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2056 (Cross-site request forgery (CSRF) vulnerability in the Content Lock ...)
+CVE-2012-2056
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2055 (GitHub Enterprise before 20120304 does not properly restrict the use ...)
+CVE-2012-2055
 	NOT-FOR-US: GitHub Enterprise
-CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a hash to ...)
+CVE-2012-2054
 	- redmine 1.3.2+dfsg1-1
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	NOTE: http://www.redmine.org/issues/10390
 	NOTE: git mirror patch would be 5141f1e..177ff05
-CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 FirePass ...)
+CVE-2012-2053
 	NOT-FOR-US: F5 Firepass
-CVE-2012-2052 (Stack-based buffer overflow in the U3D.8BI library plugin in Adobe ...)
+CVE-2012-2052
 	NOT-FOR-US: Adobe Photoshop plugin U3D.8BI library
-CVE-2012-2051 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on ...)
+CVE-2012-2051
 	NOT-FOR-US: Adobe Reader
-CVE-2012-2050 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x ...)
+CVE-2012-2050
 	NOT-FOR-US: Adobe Reader
-CVE-2012-2049 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
+CVE-2012-2049
 	NOT-FOR-US: Adobe Reader
-CVE-2012-2048 (Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows ...)
+CVE-2012-2048
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-2047 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute ...)
+CVE-2012-2047
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2046 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute ...)
+CVE-2012-2046
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2045 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute ...)
+CVE-2012-2045
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2044 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute ...)
+CVE-2012-2044
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2043 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute ...)
+CVE-2012-2043
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2042 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
+CVE-2012-2042
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2041 (CRLF injection vulnerability in the Component Browser in Adobe ...)
+CVE-2012-2041
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-2040 (Untrusted search path vulnerability in the installer in Adobe Flash ...)
+CVE-2012-2040
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2039 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
+CVE-2012-2039
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2038 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
+CVE-2012-2038
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2037 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
+CVE-2012-2037
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2036 (Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x ...)
+CVE-2012-2036
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2035 (Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 ...)
+CVE-2012-2035
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2034 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
+CVE-2012-2034
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2033 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute ...)
+CVE-2012-2033
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2032 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute ...)
+CVE-2012-2032
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2031 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute ...)
+CVE-2012-2031
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2030 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute ...)
+CVE-2012-2030
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2029 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute ...)
+CVE-2012-2029
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2028 (Buffer overflow in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 ...)
+CVE-2012-2028
 	NOT-FOR-US: Adobe Photoshop
-CVE-2012-2027 (Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 ...)
+CVE-2012-2027
 	NOT-FOR-US: Adobe Photoshop
-CVE-2012-2026 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
+CVE-2012-2026
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2025 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
+CVE-2012-2025
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2024 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
+CVE-2012-2024
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2023 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
+CVE-2012-2023
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2022 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
+CVE-2012-2022
 	NOT-FOR-US: HP Network Node Manager
-CVE-2012-2021 (Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager ...)
+CVE-2012-2021
 	NOT-FOR-US: HP AssetManager
-CVE-2012-2020 (Unspecified vulnerability in HP Operations Agent before 11.03.12 ...)
+CVE-2012-2020
 	NOT-FOR-US: HP Operations Agent
-CVE-2012-2019 (Unspecified vulnerability in HP Operations Agent before 11.03.12 ...)
+CVE-2012-2019
 	NOT-FOR-US: HP Operations Agent
-CVE-2012-2018 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i ...)
+CVE-2012-2018
 	NOT-FOR-US: HP Network Node Manager
-CVE-2012-2017 (Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, ...)
+CVE-2012-2017
 	NOT-FOR-US: HP Photosmart Wireless e-All-in-One
-CVE-2012-2016 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2012-2016
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2015 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2012-2015
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2014 (HP System Management Homepage (SMH) before 7.1.1 does not properly ...)
+CVE-2012-2014
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2013 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2012-2013
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2012 (HP System Management Homepage (SMH) before 7.1.1 does not have an off ...)
+CVE-2012-2012
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2011 (Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin ...)
+CVE-2012-2011
 	NOT-FOR-US: HP Web Jetadmin
-CVE-2012-2010 (The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha ...)
+CVE-2012-2010
 	NOT-FOR-US: OpenVMS
-CVE-2012-2009 (Unspecified vulnerability in HP Performance Insight for Networks ...)
+CVE-2012-2009
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-2008 (Cross-site scripting (XSS) vulnerability in HP Performance Insight for ...)
+CVE-2012-2008
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-2007 (SQL injection vulnerability in HP Performance Insight for Networks ...)
+CVE-2012-2007
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-2006 (Unspecified vulnerability in HP Insight Management Agents before ...)
+CVE-2012-2006
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2005 (Cross-site scripting (XSS) vulnerability in HP Insight Management ...)
+CVE-2012-2005
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2004 (Open redirect vulnerability in HP Insight Management Agents before ...)
+CVE-2012-2004
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2003 (Cross-site request forgery (CSRF) vulnerability in HP Insight ...)
+CVE-2012-2003
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2002 (Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 ...)
+CVE-2012-2002
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2001 (Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux ...)
+CVE-2012-2001
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2000 (Multiple unspecified vulnerabilities in HP System Health Application ...)
+CVE-2012-2000
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-1999 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2012-1999
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1998 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2012-1998
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1997 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2012-1997
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1996 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2012-1996
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1995 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2012-1995
 	NOT-FOR-US: HP Systems Insight Manager
 CVE-2012-1994
 	RESERVED
-CVE-2012-1993 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2012-1993
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-1992 (Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS ...)
+CVE-2012-1992
 	NOT-FOR-US: CMD Made Simple
 CVE-2012-1991
 	RESERVED
-CVE-2012-1990 (Multiple cross-site scripting (XSS) vulnerabilities in Schneider ...)
+CVE-2012-1990
 	NOT-FOR-US: Schneider Electric Kerweb
-CVE-2012-1989 (telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) ...)
+CVE-2012-1989
 	- puppet 2.7.13-1
 	[squeeze] - puppet <not-affected> (Only affects 2.7.x)
-CVE-2012-1988 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet ...)
+CVE-2012-1988
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1987 (Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x ...)
+CVE-2012-1987
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1986 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet ...)
+CVE-2012-1986
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1985 (Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix ...)
+CVE-2012-1985
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-1984 (Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks ...)
+CVE-2012-1984
 	NOT-FOR-US: RealNetworks Helix
 CVE-2012-1983
 	RESERVED
-CVE-2012-1982 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1982
 	NOT-FOR-US: SocialCMS
 CVE-2012-1981
 	RESERVED
 CVE-2012-1980
 	RESERVED
-CVE-2012-1979 (Cross-site scripting (XSS) vulnerability in starnet/index.php in ...)
+CVE-2012-1979
 	NOT-FOR-US: SyndeoCMS
-CVE-2012-1978 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simple ...)
+CVE-2012-1978
 	NOT-FOR-US: Simple PHP Agenda
-CVE-2012-1977 (WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of ...)
+CVE-2012-1977
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2012-1976 (Use-after-free vulnerability in the ...)
+CVE-2012-1976
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1975 (Use-after-free vulnerability in the PresShell::CompleteMove function ...)
+CVE-2012-1975
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1974 (Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore ...)
+CVE-2012-1974
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1973 (Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject ...)
+CVE-2012-1973
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1972 (Use-after-free vulnerability in the ...)
+CVE-2012-1972
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1971 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-1971
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
-CVE-2012-1970 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-1970
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- iceape 2.7.7-1
 	- icedove 10.0.7-1
-CVE-2012-1969 (The get_attachment_link function in Template.pm in Bugzilla 2.x and ...)
+CVE-2012-1969
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-1968 (Bugzilla 4.1.x and 4.2.x before 4.2.2 and 4.3.x before 4.3.2 uses ...)
+CVE-2012-1968
 	- bugzilla <not-affected> (Only affects 4.1 to 4.3)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-1967 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, ...)
+CVE-2012-1967
 	{DSA-2528-1 DSA-2514-1 DSA-2513-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
-CVE-2012-1966 (Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do ...)
+CVE-2012-1966
 	{DSA-2514-1}
 	- iceweasel 10.0.6esr-1
-CVE-2012-1965 (Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do ...)
+CVE-2012-1965
 	- iceweasel 10.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
-CVE-2012-1964 (The certificate-warning functionality in ...)
+CVE-2012-1964
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1963 (The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x ...)
+CVE-2012-1963
 	- iceweasel 10.0.6esr-1
 	[squeeze] - iceweasel <not-affected> (CSP not yet available)
 	- icedove 10.0.6-1
 	[squeeze] - icedove <not-affected> (CSP not yet available)
 	- iceape 2.7.6-1
 	[squeeze] - iceape <not-affected> (CSP not yet available)
-CVE-2012-1962 (Use-after-free vulnerability in the JSDependentString::undepend ...)
+CVE-2012-1962
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1961 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, ...)
+CVE-2012-1961
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1960 (The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS ...)
+CVE-2012-1960
 	- iceweasel <not-affected> (Only affects Firefox > 10)
-CVE-2012-1959 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, ...)
+CVE-2012-1959
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1958 (Use-after-free vulnerability in the nsGlobalWindow::PageHidden ...)
+CVE-2012-1958
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1957 (An unspecified parser-utility class in Mozilla Firefox 4.x through ...)
+CVE-2012-1957
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1956 (Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey ...)
+CVE-2012-1956
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-1955 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, ...)
+CVE-2012-1955
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1954 (Use-after-free vulnerability in the nsDocument::AdoptNode function in ...)
+CVE-2012-1954
 	{DSA-2528-1 DSA-2514-1 DSA-2513-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
-CVE-2012-1953 (The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox ...)
+CVE-2012-1953
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1952 (The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through ...)
+CVE-2012-1952
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1951 (Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased ...)
+CVE-2012-1951
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1950 (The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 ...)
+CVE-2012-1950
 	{DSA-2528-1 DSA-2514-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
-CVE-2012-1949 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-1949
 	- iceweasel <not-affected> (Only affects Firefox 13)
-CVE-2012-1948 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-1948
 	{DSA-2528-1 DSA-2514-1 DSA-2513-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
-CVE-2012-1947 (Heap-based buffer overflow in the utf16_to_isolatin1 function in ...)
+CVE-2012-1947
 	{DSA-2499-1 DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1946 (Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore ...)
+CVE-2012-1946
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1945 (Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, ...)
+CVE-2012-1945
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1944 (The Content Security Policy (CSP) implementation in Mozilla Firefox ...)
+CVE-2012-1944
 	- iceweasel 10.0.5esr-1
 	[squeeze] - iceweasel <not-affected> (CSP not yet available)
 	- icedove 10.0.5-1
 	[squeeze] - icedove <not-affected> (CSP not yet available)
-CVE-2012-1943 (Untrusted search path vulnerability in Updater.exe in the Windows ...)
+CVE-2012-1943
 	- iceweasel <not-affected> (windows-specific)
-CVE-2012-1942 (The Mozilla Updater and Windows Updater Service in Mozilla Firefox ...)
+CVE-2012-1942
 	- iceweasel <not-affected> (windows-specific)
-CVE-2012-1941 (Heap-based buffer overflow in the ...)
+CVE-2012-1941
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1940 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
+CVE-2012-1940
 	{DSA-2499-1 DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
-CVE-2012-1939 (jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ...)
+CVE-2012-1939
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1938 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-1938
 	- iceweasel <not-affected> (Only affects iceweasel from experimental)
-CVE-2012-1937 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-1937
 	{DSA-2499-1 DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
-CVE-2012-1936 (** DISPUTED ** The wp_create_nonce function in ...)
+CVE-2012-1936
 	NOT-FOR-US: Disputed Wordpress issue
-CVE-2012-1935 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x ...)
+CVE-2012-1935
 	- newscoop <itp> (bug #604113)
-CVE-2012-1934 (SQL injection vulnerability in admin/country/edit.php in Newscoop ...)
+CVE-2012-1934
 	- newscoop <itp> (bug #604113)
-CVE-2012-1933 (Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x ...)
+CVE-2012-1933
 	- newscoop <itp> (bug #604113)
 CVE-2012-1932
 	RESERVED
-CVE-2012-1931 (Opera before 11.62 on UNIX, when used in conjunction with an ...)
+CVE-2012-1931
 	NOT-FOR-US: Opera
-CVE-2012-1930 (Opera before 11.62 on UNIX uses world-readable permissions for ...)
+CVE-2012-1930
 	NOT-FOR-US: Opera
-CVE-2012-1929 (Opera before 11.62 on Mac OS X allows remote attackers to spoof the ...)
+CVE-2012-1929
 	NOT-FOR-US: Opera
-CVE-2012-1928 (Opera before 11.62 allows remote attackers to spoof the address field ...)
+CVE-2012-1928
 	NOT-FOR-US: Opera
-CVE-2012-1927 (Opera before 11.62 allows remote attackers to spoof the address field ...)
+CVE-2012-1927
 	NOT-FOR-US: Opera
-CVE-2012-1926 (Opera before 11.62 allows remote attackers to bypass the Same Origin ...)
+CVE-2012-1926
 	NOT-FOR-US: Opera
-CVE-2012-1925 (Opera before 11.62 does not ensure that a dialog window is placed on ...)
+CVE-2012-1925
 	NOT-FOR-US: Opera
-CVE-2012-1924 (Opera before 11.62 allows user-assisted remote attackers to trick ...)
+CVE-2012-1924
 	NOT-FOR-US: Opera
-CVE-2012-1923 (RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x ...)
+CVE-2012-1923
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-1922 (Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom ...)
+CVE-2012-1922
 	NOT-FOR-US: Sitecom WLM-2501
-CVE-2012-1921 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-1921
 	NOT-FOR-US: Sitecom
-CVE-2012-1920 (@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows ...)
+CVE-2012-1920
 	- atmailopen <removed>
-CVE-2012-1919 (CRLF injection vulnerability in mime.php in @Mail WebMail Client in ...)
+CVE-2012-1919
 	- atmailopen <removed>
-CVE-2012-1918 (Multiple directory traversal vulnerabilities in (1) compose.php and ...)
+CVE-2012-1918
 	- atmailopen <removed>
-CVE-2012-1917 (compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 ...)
+CVE-2012-1917
 	- atmailopen <removed>
-CVE-2012-1916 (@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote ...)
+CVE-2012-1916
 	- atmailopen <removed>
 CVE-2012-1915
 	RESERVED
@@ -12034,193 +12034,193 @@ CVE-2012-1914
 	RESERVED
 CVE-2012-1913
 	REJECTED
-CVE-2012-1912 (Cross-site scripting (XSS) vulnerability in preferences.php in PHP ...)
+CVE-2012-1912
 	NOT-FOR-US: PHP Address Book
-CVE-2012-1911 (Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and ...)
+CVE-2012-1911
 	NOT-FOR-US: PHP Address Book
-CVE-2012-1910 (Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x ...)
+CVE-2012-1910
 	- bitcoin <not-affected> (windows-only, qt gui not built)
-CVE-2012-1909 (The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, ...)
+CVE-2012-1909
 	- bitcoin 0.6.0-1
-CVE-2012-1908 (Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 ...)
+CVE-2012-1908
 	NOT-FOR-US: Splunk
-CVE-2012-1907 (The scanner engine in PrivaWall Antivirus 5.6 and earlier does not ...)
+CVE-2012-1907
 	NOT-FOR-US: PrivaWall Antivirus
-CVE-2012-1906 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet ...)
+CVE-2012-1906
 	{DSA-2451-1}
 	- puppet 2.7.13-1
 CVE-2012-1905
 	RESERVED
-CVE-2012-1904 (mp4fformat.dll in the QuickTime File Format plugin in RealNetworks ...)
+CVE-2012-1904
 	NOT-FOR-US: RealPlayer
 CVE-2012-1903
 	RESERVED
-CVE-2012-1902 (show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a ...)
+CVE-2012-1902
 	- phpmyadmin 4:3.4.10.2-1 (unimportant)
-CVE-2012-1901 (Multiple cross-site request forgery (CSRF) vulnerabilities in FlexCMS ...)
+CVE-2012-1901
 	NOT-FOR-US: FlexCMS
-CVE-2012-1900 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
+CVE-2012-1900
 	NOT-FOR-US: RazorCMS
-CVE-2012-1899 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1899
 	NOT-FOR-US: Webfolio CMS
-CVE-2012-1898 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1898
 	NOT-FOR-US: Wolf CMS
-CVE-2012-1897 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS ...)
+CVE-2012-1897
 	NOT-FOR-US: Wolf CMS
-CVE-2012-1586 (mount.cifs in cifs-utils 2.6 allows local users to determine the ...)
+CVE-2012-1586
 	- cifs-utils 2:5.3-2 (unimportant; bug #665923)
 	NOTE: Harmless information leak, if a user can perform arbitrary CIFS mounts they probably
 	NOTE: can do a lot more with this
-CVE-2012-1896 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider ...)
+CVE-2012-1896
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-1895 (The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 ...)
+CVE-2012-1895
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-1894 (Microsoft Office for Mac 2011 uses world-writable permissions for the ...)
+CVE-2012-1894
 	NOT-FOR-US: Microsoft Office
-CVE-2012-1893 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-1893
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1892 (Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio ...)
+CVE-2012-1892
 	NOT-FOR-US: Microsoft Visual Studio Team Foundation Server
-CVE-2012-1891 (Heap-based buffer overflow in Microsoft Data Access Components (MDAC) ...)
+CVE-2012-1891
 	NOT-FOR-US: Microsoft Data Access Components
-CVE-2012-1890 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-1890
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1889 (Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses ...)
+CVE-2012-1889
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2012-1888 (Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 ...)
+CVE-2012-1888
 	NOT-FOR-US: Microsoft Visio
-CVE-2012-1887 (Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and ...)
+CVE-2012-1887
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-1886 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel ...)
+CVE-2012-1886
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-1885 (Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and ...)
+CVE-2012-1885
 	NOT-FOR-US: Microsoft Excel
 CVE-2012-1884
 	REJECTED
 CVE-2012-1883
 	REJECTED
-CVE-2012-1882 (Microsoft Internet Explorer 6 through 9 does not block cross-domain ...)
+CVE-2012-1882
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1881 (Microsoft Internet Explorer 8 and 9 does not properly handle objects ...)
+CVE-2012-1881
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1880 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-1880
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1879 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-1879
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1878 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-1878
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1877 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-1877
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1876 (Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does ...)
+CVE-2012-1876
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1875 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2012-1875
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1874 (Microsoft Internet Explorer 8 and 9 does not properly handle objects ...)
+CVE-2012-1874
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1873 (Microsoft Internet Explorer 7 through 9 does not properly create and ...)
+CVE-2012-1873
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1872 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2012-1872
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-1871
 	REJECTED
-CVE-2012-1870 (The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 ...)
+CVE-2012-1870
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2012-1869
 	REJECTED
-CVE-2012-1868 (Race condition in the thread-creation implementation in win32k.sys in ...)
+CVE-2012-1868
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2012-1867 (Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2012-1867
 	NOT-FOR-US: Windows Windows
-CVE-2012-1866 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-1866
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1865 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-1865
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1864 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-1864
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1863 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
+CVE-2012-1863
 	NOT-FOR-US: Microsoft Office
-CVE-2012-1862 (Open redirect vulnerability in Microsoft Office SharePoint Server 2007 ...)
+CVE-2012-1862
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1861 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2012-1861
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1860 (Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server ...)
+CVE-2012-1860
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1859 (Cross-site scripting (XSS) vulnerability in scriptresx.ashx in ...)
+CVE-2012-1859
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1858 (The toStaticHTML API (aka the SafeHTML component) in Microsoft ...)
+CVE-2012-1858
 	NOT-FOR-US: MicrosoftInternet Explorer, Communicator, Lync
-CVE-2012-1857 (Cross-site scripting (XSS) vulnerability in the Enterprise Portal ...)
+CVE-2012-1857
 	NOT-FOR-US: Microsoft Dynamics AX
-CVE-2012-1856 (The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in ...)
+CVE-2012-1856
 	NOT-FOR-US: Microsoft
-CVE-2012-1855 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not ...)
+CVE-2012-1855
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-1854 (Untrusted search path vulnerability in VBE6.dll in Microsoft Office ...)
+CVE-2012-1854
 	NOT-FOR-US: Microsoft Office
-CVE-2012-1853 (Stack-based buffer overflow in the Remote Administration Protocol ...)
+CVE-2012-1853
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2012-1852 (Heap-based buffer overflow in the Remote Administration Protocol (RAP) ...)
+CVE-2012-1852
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2012-1851 (Format string vulnerability in the Print Spooler service in Microsoft ...)
+CVE-2012-1851
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1850 (The Remote Administration Protocol (RAP) implementation in the ...)
+CVE-2012-1850
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1849 (Untrusted search path vulnerability in Microsoft Lync 2010, 2010 ...)
+CVE-2012-1849
 	NOT-FOR-US: Microsoft Lync, Attendee,, Attendant
-CVE-2012-1848 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-1848
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1847 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; ...)
+CVE-2012-1847
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-1846 (Google Chrome 17.0.963.66 and earlier allows remote attackers to ...)
+CVE-2012-1846
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-1845 (Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier ...)
+CVE-2012-1845
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-1844 (The Quantum Scalar i500 tape library with firmware before i7.0.3 ...)
+CVE-2012-1844
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1843 (Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on ...)
+CVE-2012-1843
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1842 (Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the ...)
+CVE-2012-1842
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1841 (Absolute path traversal vulnerability in logShow.htm on the Quantum ...)
+CVE-2012-1841
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1840 (AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 does not properly ...)
+CVE-2012-1840
 	- ajaxplorer <itp> (bug #668381)
-CVE-2012-1839 (Multiple directory traversal vulnerabilities in the Get Template ...)
+CVE-2012-1839
 	- ajaxplorer <itp> (bug #668381)
-CVE-2012-1838 (The web management interface on the LG-Nortel ELO GS24M switch allows ...)
+CVE-2012-1838
 	NOT-FOR-US: Nortel switch
-CVE-2012-1837 (The (1) webreports, (2) post/create-role, and (3) post/update-role ...)
+CVE-2012-1837
 	NOT-FOR-US: Tivoli
-CVE-2012-1836 (Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow ...)
+CVE-2012-1836
 	{DSA-2448-1}
 	- inspircd 2.0.5-0.1 (bug #667914)
-CVE-2012-1835 (Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One ...)
+CVE-2012-1835
 	NOT-FOR-US: All-in-One Event Calendar plugin for WordPress
-CVE-2012-1834 (Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head ...)
+CVE-2012-1834
 	NOT-FOR-US: WordPress plugin CMS Tree Page View
-CVE-2012-1833 (VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does ...)
+CVE-2012-1833
 	NOT-FOR-US: Grails
-CVE-2012-1832 (WellinTech KingView 6.53 allows remote attackers to execute arbitrary ...)
+CVE-2012-1832
 	NOT-FOR-US: WellinTech KingView not in Debian
-CVE-2012-1831 (Heap-based buffer overflow in WellinTech KingView 6.53 allows remote ...)
+CVE-2012-1831
 	NOT-FOR-US: WellinTech KingView not in Debian
-CVE-2012-1830 (Stack-based buffer overflow in WellinTech KingView 6.53 allows remote ...)
+CVE-2012-1830
 	NOT-FOR-US: WellinTech KingView not in Debian
-CVE-2012-1829 (Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM ...)
+CVE-2012-1829
 	NOT-FOR-US: AutoFORM PDM Archive
-CVE-2012-1828 (The administrative functions in AutoFORM PDM Archive before 7.1 do not ...)
+CVE-2012-1828
 	NOT-FOR-US: AutoFORM PDM Archive
-CVE-2012-1827 (The web service in AutoFORM PDM Archive before 7.1 does not have ...)
+CVE-2012-1827
 	NOT-FOR-US: AutoFORM PDM Archive
-CVE-2012-1826 (dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute ...)
+CVE-2012-1826
 	NOT-FOR-US: dotCMS not in Debian
-CVE-2012-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the status ...)
+CVE-2012-1825
 	NOT-FOR-US: ForeScout CounterACT
-CVE-2012-1824 (Untrusted search path vulnerability in Measuresoft ScadaPro Client ...)
+CVE-2012-1824
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when ...)
+CVE-2012-1823
 	{DSA-2465-1}
 	- php5 5.4.3-1
 	NOTE: http://ompldr.org/vZGxxaQ
@@ -12228,461 +12228,461 @@ CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2,
 	NOTE: 5.4.2-1 'fixed' this, but fix is incomplete: CVE-2012-2311
 CVE-2012-1822
 	RESERVED
-CVE-2012-1821 (The Network Threat Protection module in the Manager component in ...)
+CVE-2012-1821
 	NOT-FOR-US: Symantec Endpoint Protection on Windows Server 2003
-CVE-2012-1820 (The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and ...)
+CVE-2012-1820
 	{DSA-2497-1}
 	- quagga 0.99.21-3 (bug #676510)
-CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53 allows ...)
+CVE-2012-1819
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-1818 (An unspecified ActiveX control in Emerson DeltaV and DeltaV ...)
+CVE-2012-1818
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1817 (Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, ...)
+CVE-2012-1817
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1816 (PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, ...)
+CVE-2012-1816
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1815 (SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations ...)
+CVE-2012-1815
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1814 (Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV ...)
+CVE-2012-1814
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1813 (eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows ...)
+CVE-2012-1813
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1812 (eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows ...)
+CVE-2012-1812
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1811 (EOSDataServer.exe in C3-ilex EOScada before 11.0.19.2 allows remote ...)
+CVE-2012-1811
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1810 (EOSCoreScada.exe in C3-ilex EOScada before 11.0.19.2 allows remote ...)
+CVE-2012-1810
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1809 (The web server in the ECOM Ethernet module in Koyo H0-ECOM, ...)
+CVE-2012-1809
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1808 (The web server in the ECOM Ethernet module in Koyo H0-ECOM, ...)
+CVE-2012-1808
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1807 (Cross-site scripting (XSS) vulnerability in the web server in the ECOM ...)
+CVE-2012-1807
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1806 (The ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, ...)
+CVE-2012-1806
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1805 (Buffer overflow in the ECOM Ethernet module in Koyo H0-ECOM, ...)
+CVE-2012-1805
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1804 (The OPC server in Progea Movicon before 11.3 allows remote attackers ...)
+CVE-2012-1804
 	NOT-FOR-US: Progea Movicon
-CVE-2012-1803 (RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a ...)
+CVE-2012-1803
 	NOT-FOR-US: RuggedCom Rugged Operating System
-CVE-2012-1802 (Buffer overflow in the embedded web server on the Siemens Scalance X ...)
+CVE-2012-1802
 	NOT-FOR-US: Siemens Scalance X
-CVE-2012-1801 (Multiple stack-based buffer overflows in (1) COM and (2) ActiveX ...)
+CVE-2012-1801
 	NOT-FOR-US: ABB WebWare
-CVE-2012-1800 (Stack-based buffer overflow in the Profinet DCP protocol ...)
+CVE-2012-1800
 	NOT-FOR-US: Siemens Scalance S
-CVE-2012-1799 (The web server on the Siemens Scalance S Security Module firewall S602 ...)
+CVE-2012-1799
 	NOT-FOR-US: Siemens Scalance S
-CVE-2012-1798 (The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick ...)
+CVE-2012-1798
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
-CVE-2012-1797 (IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has ...)
+CVE-2012-1797
 	NOT-FOR-US: IBM DB2
-CVE-2012-1796 (Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as ...)
+CVE-2012-1796
 	NOT-FOR-US: Tivoli
-CVE-2012-1795 (webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to ...)
+CVE-2012-1795
 	NOT-FOR-US: Webglimpse
 CVE-2012-1794
 	RESERVED
 CVE-2012-1793
 	RESERVED
-CVE-2012-1792 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1792
 	NOT-FOR-US: OSCommerce Online Merchant
 CVE-2012-1791
 	RESERVED
-CVE-2012-1777 (SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 ...)
+CVE-2012-1777
 	NOT-FOR-US: F5 Firepass
-CVE-2012-1776 (Multiple heap-based buffer overflows in VideoLAN VLC media player ...)
+CVE-2012-1776
 	- vlc 2.0.1-1 (low)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-1775 (Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 ...)
+CVE-2012-1775
 	- vlc 2.0.1-1 (low)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-1790 (Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows ...)
+CVE-2012-1790
 	NOT-FOR-US: Webgrind
-CVE-2012-1789 (Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 ...)
+CVE-2012-1789
 	NOT-FOR-US: Kongreg8
-CVE-2012-1788 (Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi ...)
+CVE-2012-1788
 	NOT-FOR-US: WonderDesk SQL
-CVE-2012-1787 (Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in ...)
+CVE-2012-1787
 	NOT-FOR-US: Webglimpse
-CVE-2012-1786 (The Media Upload form in the Video Embed &amp; Thumbnail Generator plugin ...)
+CVE-2012-1786
 	NOT-FOR-US: Media Upload form in the Video Embed & Thumbnail Generator plugin for WordPress
-CVE-2012-1785 (kg_callffmpeg.php in the Video Embed &amp; Thumbnail Generator plugin ...)
+CVE-2012-1785
 	NOT-FOR-US: Video Embed & Thumbnail Generator plugin for WordPress
-CVE-2012-1784 (SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers ...)
+CVE-2012-1784
 	NOT-FOR-US: MyJobList
-CVE-2012-1783 (Tiny Server 1.1.9 and earlier allows remote attackers to cause a ...)
+CVE-2012-1783
 	NOT-FOR-US: Tiny Server
-CVE-2012-1782 (Multiple cross-site scripting (XSS) vulnerabilities in questions/ask ...)
+CVE-2012-1782
 	NOT-FOR-US: OSQA
-CVE-2012-1781 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1781
 	NOT-FOR-US: SocialCMS
-CVE-2012-1780 (SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows ...)
+CVE-2012-1780
 	NOT-FOR-US: SocialCMS
-CVE-2012-1779 (Cross-site scripting (XSS) vulnerability in IDevSpot ...)
+CVE-2012-1779
 	NOT-FOR-US: IDevSpot idev-BusinessDirectory
-CVE-2012-1778 (SQL injection vulnerability in artykul_print.php in CreateVision CMS ...)
+CVE-2012-1778
 	NOT-FOR-US: CreateVision CMS
-CVE-2012-1774 (Unspecified vulnerability in the Open URL feature in Gretech GOM Media ...)
+CVE-2012-1774
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2012-1773 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1773
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1772 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1772
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1771 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1771
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1770 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1770
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1769 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1769
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1768 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1768
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1767 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1767
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1766 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1766
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1765 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2012-1765
 	NOT-FOR-US: Oracle Sun Solaris 10
-CVE-2012-1764 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-1764
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1763 (Unspecified vulnerability in the Oracle Clinical/Remote Data Capture ...)
+CVE-2012-1763
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-1762 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-1762
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1761 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows ...)
+CVE-2012-1761
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1760 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows ...)
+CVE-2012-1760
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1759 (Unspecified vulnerability in the Oracle AutoVue component in Oracle ...)
+CVE-2012-1759
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-1758 (Unspecified vulnerability in the Oracle AutoVue component in Oracle ...)
+CVE-2012-1758
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-1757 (Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier ...)
+CVE-2012-1757
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1756 (Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier ...)
+CVE-2012-1756
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1755 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2012-1755
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1754 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows ...)
+CVE-2012-1754
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1753 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-1753
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1752 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2012-1752
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2012-1751 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2012-1751
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1750 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2012-1750
 	NOT-FOR-US: Oracle Sun Solaris 8, 9, 10, and 11
-CVE-2012-1749 (Unspecified vulnerability in the Oracle MapViewer component in Oracle ...)
+CVE-2012-1749
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1748 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2012-1748
 	NOT-FOR-US: Oracle PeopleSoft Products 9.1
-CVE-2012-1747 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+CVE-2012-1747
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1746 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+CVE-2012-1746
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1745 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+CVE-2012-1745
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1744 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-1744
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1743 (Unspecified vulnerability in the Oracle Clinical Remote Data Capture ...)
+CVE-2012-1743
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-1742 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows ...)
+CVE-2012-1742
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1741 (Unspecified vulnerability in the Enterprise Manager for Fusion ...)
+CVE-2012-1741
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1740 (Unspecified vulnerability in the Oracle Application Express Listener ...)
+CVE-2012-1740
 	NOT-FOR-US: Oracle Application Express Listener
-CVE-2012-1739 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2012-1739
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1738 (Unspecified vulnerability in the Oracle iPlanet Web Server component ...)
+CVE-2012-1738
 	NOT-FOR-US: Oracle Sun Products Suite, iPlanet Web Server
-CVE-2012-1737 (Unspecified vulnerability in the Enterprise Manager for Oracle ...)
+CVE-2012-1737
 	NOT-FOR-US: Oracle
-CVE-2012-1736 (Unspecified vulnerability in the Oracle MapViewer component in Oracle ...)
+CVE-2012-1736
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1735 (Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier ...)
+CVE-2012-1735
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1734 (Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, ...)
+CVE-2012-1734
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #682212)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1733 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-1733
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1732 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows ...)
+CVE-2012-1732
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1731 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows ...)
+CVE-2012-1731
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1730 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-1730
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1729 (Unspecified vulnerability in the Hyperion BI+ component in Oracle ...)
+CVE-2012-1729
 	NOT-FOR-US: Oracle Hyperion
-CVE-2012-1728 (Unspecified vulnerability in the Oracle Siebel CRM 8.1.1 and 8.2.2 ...)
+CVE-2012-1728
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1727 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-1727
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1726 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1726
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1725 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1725
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1724 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1724
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1723 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1723
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1722 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1722
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
-CVE-2012-1721 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1721
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
-CVE-2012-1720 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1720
 	- openjdk-6 <not-affected> (Only affects Java on Solaris)
 	- openjdk-7 <not-affected> (Only affects Java on Solaris)
-CVE-2012-1719 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1719
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1718 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1718
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1717 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1717
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1716 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1716
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1715 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-1715
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1714 (Unspecified vulnerability in a TList 6 ActiveX control in Oracle ...)
+CVE-2012-1714
 	NOT-FOR-US: Oracle Hyperion Financial Management
-CVE-2012-1713 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1713
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1712 (Directory traversal vulnerability in the Liferay component in Oracle ...)
+CVE-2012-1712
 	NOT-FOR-US: Oracle Sun GlassFish Web Space Server
-CVE-2012-1711 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1711
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1710 (Unspecified vulnerability in the Oracle WebCenter Forms Recognition ...)
+CVE-2012-1710
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-1709 (Unspecified vulnerability in the Oracle WebCenter Forms Recognition ...)
+CVE-2012-1709
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-1708 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2012-1708
 	NOT-FOR-US: Oracle Database
-CVE-2012-1707 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-1707
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-1706 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-1706
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-1705 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2012-1705
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-1704 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-1704
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-1703 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-1703
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1702 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2012-1702
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-1701 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2012-1701
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1700 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2012-1700
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1699 (The ProcSetEventMask function in difs/events.c in the xfs font server ...)
+CVE-2012-1699
 	- xfs 1:1.0.1-1
-CVE-2012-1698 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2012-1698
 	NOT-FOR-US: Solaris
-CVE-2012-1697 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-1697
 	- mysql-5.5 5.5.23-1
-CVE-2012-1696 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-1696
 	- mysql-5.5 5.5.23-1
-CVE-2012-1695 (Unspecified vulnerability in the Oracle JRockit component in Oracle ...)
+CVE-2012-1695
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-1694 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+CVE-2012-1694
 	NOT-FOR-US: Solaris
-CVE-2012-1693 (Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers ...)
+CVE-2012-1693
 	NOT-FOR-US: Oracle SPARC Enterprise M Series Servers
-CVE-2012-1692 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2012-1692
 	NOT-FOR-US: Solaris
-CVE-2012-1691 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2012-1691
 	NOT-FOR-US: Solaris
-CVE-2012-1690 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-1690
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1689 (Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, ...)
+CVE-2012-1689
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #682212)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1688 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-1688
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1687 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows local ...)
+CVE-2012-1687
 	NOT-FOR-US: Oracle Solaris 10 and 11
-CVE-2012-1686 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2012-1686
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1685 (Unspecified vulnerability in the Secure Global Desktop component in ...)
+CVE-2012-1685
 	NOT-FOR-US: Oracle Virtualization
-CVE-2012-1684 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2012-1684
 	NOT-FOR-US: Solaris
-CVE-2012-1683 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2012-1683
 	NOT-FOR-US: Solaris
-CVE-2012-1682 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1682
 	- openjdk-7 7u3-2.1.2-1
-CVE-2012-1681 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2012-1681
 	NOT-FOR-US: Solaris
-CVE-2012-1680 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2012-1680
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1679 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-1679
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2012-1678 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2012-1678
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2012-1677 (Unspecified vulnerability in the Oracle Application Server Single ...)
+CVE-2012-1677
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1676 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-1676
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2012-1674 (Unspecified vulnerability in the Siebel Clinical component in Oracle ...)
+CVE-2012-1674
 	NOT-FOR-US: Oracle Siebel
-CVE-2012-1673 (SQL injection vulnerability in loginscript.php in e-ticketing allows ...)
+CVE-2012-1673
 	NOT-FOR-US: e-ticketing
-CVE-2012-1672 (SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 ...)
+CVE-2012-1672
 	NOT-FOR-US: Hotel Booking Portal
-CVE-2012-1671 (Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and ...)
+CVE-2012-1671
 	NOT-FOR-US: phpPaleo
-CVE-2012-1670 (admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote ...)
+CVE-2012-1670
 	NOT-FOR-US: PHP Grade Book
-CVE-2012-1669 (Directory traversal vulnerability in index.php in phpMoneyBooks before ...)
+CVE-2012-1669
 	NOT-FOR-US: phpMoneyBooks
 CVE-2012-1668
 	RESERVED
-CVE-2012-1667 (ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before ...)
+CVE-2012-1667
 	{DSA-2486-1}
 	- bind9 1:9.8.1.dfsg.P1-4.1
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
-CVE-2012-1666 (Untrusted search path vulnerability in VMware Tools in VMware ...)
+CVE-2012-1666
 	NOT-FOR-US: VMware Tools
-CVE-2012-1665 (Multiple SQL injection vulnerabilities in the admin panel in osCMax ...)
+CVE-2012-1665
 	NOT-FOR-US: osCMax
-CVE-2012-1664 (Multiple cross-site scripting (XSS) vulnerabilities in the admin panel ...)
+CVE-2012-1664
 	NOT-FOR-US: osCMax
-CVE-2012-1663 (Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows ...)
+CVE-2012-1663
 	- gnutls28 3.0.14-1
 	- gnutls26 <not-affected> (only GNUTLS 3.0 is affected)
-CVE-2012-1662 (CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through ...)
+CVE-2012-1662
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2012-1661 (ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly ...)
+CVE-2012-1661
 	NOT-FOR-US: ESRI ArcMap, ArcGIS
-CVE-2012-1660 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1660
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1659 (Cross-site scripting (XSS) vulnerability in the Node Recommendation ...)
+CVE-2012-1659
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1658 (Cross-site scripting (XSS) vulnerability in the Read More Link module ...)
+CVE-2012-1658
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1657 (Cross-site scripting (XSS) vulnerability in block_class.module in the ...)
+CVE-2012-1657
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1656 (SQL injection vulnerability in the Multisite Search module 6.x-2.2 for ...)
+CVE-2012-1656
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1655 (Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment ...)
+CVE-2012-1655
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1654 (Multiple cross-site scripting (XSS) vulnerabilities in the Data module ...)
+CVE-2012-1654
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1653 (Cross-site scripting (XSS) vulnerability in the Taxonomy Views ...)
+CVE-2012-1653
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1652 (Cross-site scripting (XSS) vulnerability in the Hierarchical Select ...)
+CVE-2012-1652
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1651 (Cross-site scripting (XSS) vulnerability in the Submenu Tree module ...)
+CVE-2012-1651
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1650 (The ZipCart module 6.x before 6.x-1.4 for Drupal checks the &quot;access ...)
+CVE-2012-1650
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1649 (Cool Aid module before 6.x-1.9 for Drupal does not enforce access ...)
+CVE-2012-1649
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1648 (Cross-site scripting (XSS) vulnerability in the Cool Aid module before ...)
+CVE-2012-1648
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1647 (Multiple cross-site scripting (XSS) vulnerabilities in the &quot;stand ...)
+CVE-2012-1647
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1646 (Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module ...)
+CVE-2012-1646
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1645 (The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin ...)
+CVE-2012-1645
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1644 (The Organic Groups (OG) Vocabulary module 6.x-1.x before 6.x-1.2 for ...)
+CVE-2012-1644
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1643 (The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does ...)
+CVE-2012-1643
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1642 (includes/linkchecker.pages.inc in the Link checker module 6.x-2.x ...)
+CVE-2012-1642
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1641 (The finder_import function in the Finder module 6.x-1.x before ...)
+CVE-2012-1641
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1640 (Multiple cross-site scripting (XSS) vulnerabilities in the Managesite ...)
+CVE-2012-1640
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1639 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1639
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1638 (SQL injection vulnerability in the Search Autocomplete module before ...)
+CVE-2012-1638
 	NOT-FOR-US: Drupal addon module not packaged in Debian
 CVE-2012-1637
 	RESERVED
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1636 (Cross-site request forgery (CSRF) vulnerability in the stickynote ...)
+CVE-2012-1636
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1635 (The hook_node_access function in the revisioning module 7.x-1.x before ...)
+CVE-2012-1635
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1634 (Cross-site scripting (XSS) vulnerability in video_filter.codecs.inc in ...)
+CVE-2012-1634
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1633 (Cross-site request forgery (CSRF) vulnerability in the Password Policy ...)
+CVE-2012-1633
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1632 (Cross-site scripting (XSS) vulnerability in password_policy.admin.inc ...)
+CVE-2012-1632
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1631 (Cross-site request forgery (CSRF) vulnerability in the Admin:hover ...)
+CVE-2012-1631
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1630 (Cross-site scripting (XSS) vulnerability in the Taxonomy Navigator ...)
+CVE-2012-1630
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1629 (Cross-site scripting (XSS) vulnerability in the Taxotouch module for ...)
+CVE-2012-1629
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1628 (Cross-site scripting (XSS) vulnerability in the SuperCron module for ...)
+CVE-2012-1628
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1627 (Cross-site scripting (XSS) vulnerability in vud_term.module in the ...)
+CVE-2012-1627
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1626 (SQL injection vulnerability in the conversion form for Events in the ...)
+CVE-2012-1626
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1625 (Eval injection vulnerability in the fillpdf_form_export_decode ...)
+CVE-2012-1625
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1624 (Multiple cross-site scripting (XSS) vulnerabilities in the Lingotek ...)
+CVE-2012-1624
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1623 (The Registration Codes module before 6.x-2.4 for Drupal does not ...)
+CVE-2012-1623
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1622 (Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to ...)
+CVE-2012-1622
 	NOT-FOR-US: Apache OFBiz
-CVE-2012-1621 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Open For ...)
+CVE-2012-1621
 	NOT-FOR-US: Apache OFBiz
-CVE-2012-1620 (slock 0.9 does not properly handle the XRaiseWindow event when the ...)
+CVE-2012-1620
 	- suckless-tools 39-1 (unimportant; bug #667796)
 CVE-2012-1619
 	REJECTED
-CVE-2012-1618 (Interaction error in the PostgreSQL JDBC driver before 8.2, when used ...)
+CVE-2012-1618
 	- libpgjava <not-affected> (Even the version in oldstable had 8.2)
-CVE-2012-1617 (Directory traversal vulnerability in combine.php in OSClass before ...)
+CVE-2012-1617
 	NOT-FOR-US: OSClass not in Debian
-CVE-2012-1616 (Use-after-free vulnerability in icclib before 2.13, as used by Argyll ...)
+CVE-2012-1616
 	- argyll 1.4.0-1
 	[squeeze] - argyll <no-dsa> (Only standalone binary in squeeze, minor impact)
 	NOTE: Starting with 1.4.0 argyll includes icclib 2.13, but it's hard to identify the
@@ -12690,119 +12690,119 @@ CVE-2012-1616 (Use-after-free vulnerability in icclib before 2.13, as used by Ar
 CVE-2012-1615 [sectool dbus priv escalation]
 	RESERVED
 	NOT-FOR-US: sectool
-CVE-2012-1614 (Coppermine Photo Gallery before 1.5.20 allows remote attackers to ...)
+CVE-2012-1614
 	NOT-FOR-US: Coppermine
-CVE-2012-1613 (Cross-site scripting (XSS) vulnerability in edit_one_pic.php in ...)
+CVE-2012-1613
 	NOT-FOR-US: Coppermine
-CVE-2012-1612 (Cross-site scripting (XSS) vulnerability in the update manager in ...)
+CVE-2012-1612
 	NOT-FOR-US: Joomla!
-CVE-2012-1611 (Joomla! 2.5.x before 2.5.4 does not properly check permissions, which ...)
+CVE-2012-1611
 	NOT-FOR-US: Joomla!
-CVE-2012-1610 (Integer overflow in the GetEXIFProperty function in magick/property.c ...)
+CVE-2012-1610
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
 CVE-2012-1609
 	RESERVED
-CVE-2012-1608 (The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, ...)
+CVE-2012-1608
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1607 (The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, ...)
+CVE-2012-1607
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1606 (Multiple cross-site scripting (XSS) vulnerabilities in the Backend ...)
+CVE-2012-1606
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1605 (The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 ...)
+CVE-2012-1605
 	- typo3-src <not-affected> (vulnerable code not yet present)
-CVE-2012-1604 (Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote ...)
+CVE-2012-1604
 	NOT-FOR-US: NextBBS
-CVE-2012-1603 (Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS ...)
+CVE-2012-1603
 	NOT-FOR-US: NextBBS
-CVE-2012-1602 (user.php in NextBBS 0.6 allows remote attackers to bypass ...)
+CVE-2012-1602
 	NOT-FOR-US: NextBBS
-CVE-2012-1601 (The KVM implementation in the Linux kernel before 3.3.6 allows host OS ...)
+CVE-2012-1601
 	{DSA-2469-1}
 	- linux-2.6 3.2.17-1 (low)
-CVE-2012-1600 (Multiple cross-site scripting (XSS) vulnerabilities in functions.php ...)
+CVE-2012-1600
 	- phppgadmin 5.0.4-1
 	[squeeze] - phppgadmin <no-dsa> (Minor issue, will be fixed through a point update)
-CVE-2012-1599 (Joomla! 1.5.x before 1.5.26 does not properly check permissions, which ...)
+CVE-2012-1599
 	NOT-FOR-US: Joomla!
-CVE-2012-1598 (Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors ...)
+CVE-2012-1598
 	NOT-FOR-US: Joomla!
-CVE-2012-1597 (Cross-site scripting (XSS) vulnerability in the textEncode function in ...)
+CVE-2012-1597
 	NOT-FOR-US: eZ Publish
-CVE-2012-1596 (The mp2t_process_fragmented_payload function in ...)
+CVE-2012-1596
 	- wireshark 1.6.6-1 (unimportant; bug #666058)
 	NOTE: Not suitable for code injection
-CVE-2012-1595 (The pcap_process_pseudo_header function in wiretap/pcap-common.c in ...)
+CVE-2012-1595
 	- wireshark 1.6.6-1 (bug #666058)
 	[squeeze] - wireshark 1.2.11-6+squeeze7
-CVE-2012-1594 (epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in ...)
+CVE-2012-1594
 	- wireshark 1.6.6-1 (unimportant; bug #666058)
 	NOTE: Not suitable for code injection
-CVE-2012-1593 (epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark ...)
+CVE-2012-1593
 	- wireshark 1.6.6-1 (unimportant; bug #666058)
 	[squeeze] - wireshark 1.2.11-6+squeeze7
 	NOTE: Not suitable for code injection
 CVE-2012-1592
 	RESERVED
 	- libstruts1.2-java <not-affected> (Only applies to Struts 2, see bug #657870)
-CVE-2012-1591 (The image module in Drupal 7.x before 7.14 does not properly check ...)
+CVE-2012-1591
 	- drupal7 7.14-1 (bug #671402)
-CVE-2012-1590 (The forum list in Drupal 7.x before 7.14 does not properly check user ...)
+CVE-2012-1590
 	- drupal7 7.14-1 (bug #671402)
-CVE-2012-1589 (Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 ...)
+CVE-2012-1589
 	- drupal7 7.14-1 (bug #671402)
-CVE-2012-1588 (Algorithmic complexity vulnerability in the _filter_url function in ...)
+CVE-2012-1588
 	- drupal7 7.14-1 (bug #671402)
 CVE-2012-1587
 	REJECTED
-CVE-2012-1585 (OpenStack Compute (Nova) Essex before 2011.3 allows remote ...)
+CVE-2012-1585
 	- nova 2012-1~rc3-1 (bug #666888)
-CVE-2012-1584 (Integer overflow in the mid function in toolkit/tbytevector.cpp in ...)
+CVE-2012-1584
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1583 (Double free vulnerability in the xfrm6_tunnel_rcv function in ...)
+CVE-2012-1583
 	- linux-2.6 2.6.22-1
-CVE-2012-1582 (Cross-site scripting (XSS) vulnerability in the wikitext parser in ...)
+CVE-2012-1582
 	- mediawiki 1:1.15.5-9 (bug #666269)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2012-1581 (MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak ...)
+CVE-2012-1581
 	- mediawiki 1:1.15.5-9 (bug #666269)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2012-1580 (Cross-site request forgery (CSRF) vulnerability in Special:Upload in ...)
+CVE-2012-1580
 	- mediawiki <not-affected> (Vulnerable code not present, see bug #666269)
-CVE-2012-1579 (The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x ...)
+CVE-2012-1579
 	- mediawiki <not-affected> (Vulnerable code not present, see bug #666269)
-CVE-2012-1578 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-1578
 	- mediawiki <not-affected> (Vulnerable code not present, see bug #666269)
 CVE-2012-1577
 	RESERVED
 	- dietlibc 0.33~cvs20120325-1 (unimportant)
-CVE-2012-1576 (The myuser_delete function in libathemecore/account.c in Atheme 5.x ...)
+CVE-2012-1576
 	NOT-FOR-US: atheme
-CVE-2012-1575 (Multiple cross-site scripting (XSS) vulnerabilities in Cumin before ...)
+CVE-2012-1575
 	NOT-FOR-US: cumin
-CVE-2012-1574 (The Kerberos/MapReduce security functionality in Apache Hadoop ...)
+CVE-2012-1574
 	- hadoop <itp> (bug #535861)
-CVE-2012-1573 (gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before ...)
+CVE-2012-1573
 	{DSA-2441-1}
 	- gnutls26 2.12.18-1 (high)
 	- gnutls28 3.0.17-2 (high)
 CVE-2012-1572
 	RESERVED
 	- keystone 2012.1~rc2-1
-CVE-2012-1571 (file before 5.11 and libmagic allow remote attackers to cause a denial ...)
+CVE-2012-1571
 	{DSA-2422-1}
 	- file 5.11-1 (low; bug #664263)
-CVE-2012-1570 (The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 ...)
+CVE-2012-1570
 	- maradns 1.4.12-1 (bug #665012)
 	[squeeze] - maradns 1.4.03-1.1+squeeze1
-CVE-2012-1569 (The asn1_get_length_der function in decoding.c in GNU Libtasn1 before ...)
+CVE-2012-1569
 	{DSA-2440-1}
 	- libtasn1-3 2.12-1 (high)
-CVE-2012-1568 (The ExecShield feature in a certain Red Hat patch for the Linux kernel ...)
+CVE-2012-1568
 	- linux-2.6 <not-affected> (execshield issue)
 CVE-2012-1567
 	RESERVED
@@ -12810,9 +12810,9 @@ CVE-2012-1567
 CVE-2012-1566
 	RESERVED
 	NOT-FOR-US: LinuxMint
-CVE-2012-1565 (Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and ...)
+CVE-2012-1565
 	NOT-FOR-US: eZ Publish
-CVE-2012-1564 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1564
 	NOT-FOR-US: YVS
 CVE-2012-1563
 	RESERVED
@@ -12820,18 +12820,18 @@ CVE-2012-1563
 CVE-2012-1562
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2012-1561 (Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x ...)
+CVE-2012-1561
 	NOT-FOR-US: Drupal Finder
 CVE-2012-1560
 	RESERVED
 CVE-2012-1559
 	RESERVED
-CVE-2012-1558 (yaSSL CyaSSL before 2.0.8 allows remote attackers to cause a denial of ...)
+CVE-2012-1558
 	- cyassl <not-affected> (Fixed before initial upload)
 	NOTE: https://github.com/cyassl/cyassl/commit/6b77c8967aa34f2a0bae85e90a469c4170cb2bb1
-CVE-2012-1557 (SQL injection vulnerability in admin/plib/api-rpc/Agent.php in ...)
+CVE-2012-1557
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2012-1556 (Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 ...)
+CVE-2012-1556
 	NOT-FOR-US: Synology DiskStation Manager extension
 CVE-2012-1555
 	RESERVED
@@ -12853,111 +12853,111 @@ CVE-2012-1547
 	RESERVED
 CVE-2012-1546
 	RESERVED
-CVE-2012-1545 (Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, ...)
+CVE-2012-1545
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-1544
 	REJECTED
-CVE-2012-1543 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2012-1543
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2012-1542
 	RESERVED
-CVE-2012-1541 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1541
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2012-1540
 	RESERVED
-CVE-2012-1539 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2012-1539
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1538 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2012-1538
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1537 (Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 ...)
+CVE-2012-1537
 	NOT-FOR-US: DirectX 9.0 in Microsoft Windows
 CVE-2012-1536
 	RESERVED
-CVE-2012-1535 (Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on ...)
+CVE-2012-1535
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-1534
 	REJECTED
-CVE-2012-1533 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1533
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-1532 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1532
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-1531 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-1531
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-1530 (Heap-based buffer overflow in the XSLT engine in Adobe Reader and ...)
+CVE-2012-1530
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2012-1529 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 ...)
+CVE-2012-1529
 	NOT-FOR-US: Internet Explorer
-CVE-2012-1528 (Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2012-1528
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1527 (Integer underflow in Windows Shell in Microsoft Windows XP SP2 and ...)
+CVE-2012-1527
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1526 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
+CVE-2012-1526
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1525 (Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
+CVE-2012-1525
 	NOT-FOR-US: Adobe Reader
-CVE-2012-1524 (Microsoft Internet Explorer 9 does not properly handle objects in ...)
+CVE-2012-1524
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1523 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+CVE-2012-1523
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1522 (Microsoft Internet Explorer 9 does not properly handle objects in ...)
+CVE-2012-1522
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1521 (Use-after-free vulnerability in the XML parser in Google Chrome before ...)
+CVE-2012-1521
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-1520 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-1520
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-1519
 	RESERVED
-CVE-2012-1518 (VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, ...)
+CVE-2012-1518
 	NOT-FOR-US: VMware
-CVE-2012-1517 (The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly ...)
+CVE-2012-1517
 	NOT-FOR-US: VMware
-CVE-2012-1516 (The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 ...)
+CVE-2012-1516
 	NOT-FOR-US: VMware
-CVE-2012-1515 (VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not ...)
+CVE-2012-1515
 	NOT-FOR-US: VMware ESXi
-CVE-2012-1514 (Cross-site request forgery (CSRF) vulnerability in VMware vShield ...)
+CVE-2012-1514
 	NOT-FOR-US: VMware vShield Manager
-CVE-2012-1513 (The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 ...)
+CVE-2012-1513
 	NOT-FOR-US: VMware vCenter Orchestrator
-CVE-2012-1512 (Cross-site scripting (XSS) vulnerability in the internal browser in ...)
+CVE-2012-1512
 	NOT-FOR-US: VMware vSphere
-CVE-2012-1511 (Cross-site scripting (XSS) vulnerability in View Manager Portal in ...)
+CVE-2012-1511
 	NOT-FOR-US: VMware View
-CVE-2012-1510 (Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, ...)
+CVE-2012-1510
 	NOT-FOR-US: VMware ESXi
-CVE-2012-1509 (Buffer overflow in the XPDM display driver in VMware View before 4.6.1 ...)
+CVE-2012-1509
 	NOT-FOR-US: VMware View
-CVE-2012-1508 (The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX ...)
+CVE-2012-1508
 	NOT-FOR-US: VMware ESXi
-CVE-2012-1507 (Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM ...)
+CVE-2012-1507
 	NOT-FOR-US: OrangeHRM
-CVE-2012-1506 (SQL injection vulnerability in the updateStatus function in ...)
+CVE-2012-1506
 	NOT-FOR-US: OrangeHRM
 CVE-2012-1505
 	RESERVED
 CVE-2012-1504
 	RESERVED
-CVE-2012-1503 (Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six ...)
+CVE-2012-1503
 	NOT-FOR-US: Six Apart
-CVE-2012-1502 (Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam ...)
+CVE-2012-1502
 	{DSA-2430-1}
 	- python-pam 0.4.2-13
 CVE-2012-1501
 	REJECTED
 CVE-2012-1500
 	RESERVED
-CVE-2012-1499 (The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote ...)
+CVE-2012-1499
 	- openjpeg <not-affected> (vulnerable code introduced after 1.3)
-CVE-2012-1498 (Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio ...)
+CVE-2012-1498
 	NOT-FOR-US: Webfolio CMS
-CVE-2012-1497 (The default configuration of Movable Type before 4.38, 5.0x before ...)
+CVE-2012-1497
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
 CVE-2012-1496
@@ -12970,7 +12970,7 @@ CVE-2012-1102 [XML::Atom Perl module XML entity expansion]
 	- libxml-atom-perl 0.39-1 (medium)
 CVE-2012-1494
 	RESERVED
-CVE-2012-1493 (F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x ...)
+CVE-2012-1493
 	NOT-FOR-US: F5 BIG-IP appliances
 CVE-2012-1492
 	RESERVED
@@ -12986,225 +12986,225 @@ CVE-2012-1487
 	RESERVED
 CVE-2012-1486
 	RESERVED
-CVE-2012-1485 (Unspecified vulnerability in the NetFront Life Browser ...)
+CVE-2012-1485
 	NOT-FOR-US: NetFront Life Browser for Android
-CVE-2012-1484 (Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) ...)
+CVE-2012-1484
 	NOT-FOR-US: WaliSMS CN (cn.com.wali.walisms) application
-CVE-2012-1483 (Unspecified vulnerability in the Message Forwarder ...)
+CVE-2012-1483
 	NOT-FOR-US: Message Forwarder for Android
-CVE-2012-1482 (Unspecified vulnerability in the TouchPal Contacts ...)
+CVE-2012-1482
 	NOT-FOR-US: TouchPal Contacts for Android
-CVE-2012-1481 (Unspecified vulnerability in the Textdroid (com.app.android.textdroid) ...)
+CVE-2012-1481
 	NOT-FOR-US: Textdroid for Android
-CVE-2012-1480 (Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application ...)
+CVE-2012-1480
 	NOT-FOR-US: Pansi SMS
-CVE-2012-1479 (Unspecified vulnerability in the AContact (com.movester.quickcontact) ...)
+CVE-2012-1479
 	NOT-FOR-US: AContact
-CVE-2012-1478 (Unspecified vulnerability in the UCMobile BloveStorm (com.blovestorm) ...)
+CVE-2012-1478
 	NOT-FOR-US: UCMobile BloveStorm
-CVE-2012-1477 (Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 ...)
+CVE-2012-1477
 	NOT-FOR-US: Cnectd
-CVE-2012-1476 (Unspecified vulnerability in the KKtalk (com.kkliaotian.android) ...)
+CVE-2012-1476
 	NOT-FOR-US: KKtalk
-CVE-2012-1475 (Unspecified vulnerability in the YagattaTalk Messenger ...)
+CVE-2012-1475
 	NOT-FOR-US: YagattaTalk Messenge
-CVE-2012-1474 (Unspecified vulnerability in the Youni SMS (com.snda.youni) ...)
+CVE-2012-1474
 	NOT-FOR-US: Youni SMS
 CVE-2012-1473
 	RESERVED
-CVE-2012-1472 (VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not ...)
+CVE-2012-1472
 	NOT-FOR-US: VMware vCenter Chargeback Manager
-CVE-2012-1471 (Directory traversal vulnerability in catalogue_file.php in ocPortal ...)
+CVE-2012-1471
 	- ocportal <itp> (bug #625865)
-CVE-2012-1470 (Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php ...)
+CVE-2012-1470
 	- ocportal <itp> (bug #625865)
-CVE-2012-1469 (Multiple cross-site scripting (XSS) vulnerabilities in Open Journal ...)
+CVE-2012-1469
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2012-1468 (Incomplete blacklist vulnerability in Open Journal Systems before ...)
+CVE-2012-1468
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2012-1467 (Multiple directory traversal vulnerabilities in the iBrowser plugin ...)
+CVE-2012-1467
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2012-1466 (The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 ...)
+CVE-2012-1466
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2012-1465 (Stack-based buffer overflow in the HTTP Server in NetMechanica ...)
+CVE-2012-1465
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2012-1464 (Dashboard Server for NetMechanica NetDecision before 4.6.1 allows ...)
+CVE-2012-1464
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2012-1463 (The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, ...)
+CVE-2012-1463
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1462 (The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG ...)
+CVE-2012-1462
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1461 (The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, ...)
+CVE-2012-1461
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1460 (The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka ...)
+CVE-2012-1460
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1459 (The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, ...)
+CVE-2012-1459
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1458 (The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus ...)
+CVE-2012-1458
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1457 (The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK ...)
+CVE-2012-1457
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1456 (The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat ...)
+CVE-2012-1456
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1455 (The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus ...)
+CVE-2012-1455
 	NOT-FOR-US: NOD32 Antivirus, Rising Antivirus
-CVE-2012-1454 (The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee ...)
+CVE-2012-1454
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1453 (The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall ...)
+CVE-2012-1453
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1452 (The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus ...)
+CVE-2012-1452
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1451 (The CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus ...)
+CVE-2012-1451
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1450 (The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos ...)
+CVE-2012-1450
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1449 (The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus ...)
+CVE-2012-1449
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1448 (The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend ...)
+CVE-2012-1448
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1447 (The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, ...)
+CVE-2012-1447
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1446 (The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee ...)
+CVE-2012-1446
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1445 (The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, ...)
+CVE-2012-1445
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1444 (The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus ...)
+CVE-2012-1444
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1443 (The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, ...)
+CVE-2012-1443
 	NOTE: clamav, but upstream evaluated it as invalid (#668273)
-CVE-2012-1442 (The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee ...)
+CVE-2012-1442
 	NOT-FOR-US: Multiple Antivirus applications
-CVE-2012-1441 (The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows ...)
+CVE-2012-1441
 	NOT-FOR-US: eSafe, Prevx
-CVE-2012-1440 (The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA ...)
+CVE-2012-1440
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1439 (The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, ...)
+CVE-2012-1439
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1438 (The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos ...)
+CVE-2012-1438
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1437 (The Microsoft Office file parser in Comodo Antivirus 7425 allows ...)
+CVE-2012-1437
 	NOT-FOR-US: Comodo Antivirus 7425
-CVE-2012-1436 (The Microsoft EXE file parser in AhnLab V3 Internet Security ...)
+CVE-2012-1436
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1435 (The Microsoft EXE file parser in AhnLab V3 Internet Security ...)
+CVE-2012-1435
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1434 (The Microsoft EXE file parser in AhnLab V3 Internet Security ...)
+CVE-2012-1434
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1433 (The Microsoft EXE file parser in AhnLab V3 Internet Security ...)
+CVE-2012-1433
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1432 (The Microsoft EXE file parser in Emsisoft Anti-Malware 5.1.0.1, eSafe ...)
+CVE-2012-1432
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1431 (The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, ...)
+CVE-2012-1431
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1430 (The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe ...)
+CVE-2012-1430
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1429 (The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, ...)
+CVE-2012-1429
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1428 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman ...)
+CVE-2012-1428
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1427 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman ...)
+CVE-2012-1427
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1426 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command ...)
+CVE-2012-1426
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1425 (The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK ...)
+CVE-2012-1425
 	NOT-FOR-US: Multiple Antivirus applications
-CVE-2012-1424 (The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat ...)
+CVE-2012-1424
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1423 (The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft ...)
+CVE-2012-1423
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1422 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 ...)
+CVE-2012-1422
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1421 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman ...)
+CVE-2012-1421
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1420 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command ...)
+CVE-2012-1420
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1419 (The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat ...)
+CVE-2012-1419
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1418 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2012-1418
 	NOT-FOR-US: Chrome books
-CVE-2012-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Local Phone ...)
+CVE-2012-1417
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2012-1416 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-1416
 	NOT-FOR-US: SocialCMS
-CVE-2012-1415 (Cross-site request forgery (CSRF) vulnerability in lib/logout.php in ...)
+CVE-2012-1415
 	NOT-FOR-US: DFLabs PTK
-CVE-2012-1414 (Cross-site request forgery (CSRF) vulnerability in manager/news.php in ...)
+CVE-2012-1414
 	NOT-FOR-US: Plume CMS
-CVE-2012-1413 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1413
 	NOT-FOR-US: Zen Cart
 CVE-2012-1412
 	RESERVED
 CVE-2012-1411
 	RESERVED
-CVE-2012-1410 (Multiple cross-site scripting (XSS) vulnerabilities in the History ...)
+CVE-2012-1410
 	- kadu 0.11.0-1
 	[squeeze] - kadu <not-affected> (Only affects >= 0.9)
-CVE-2012-1409 (Unspecified vulnerability in the Tiny Password ...)
+CVE-2012-1409
 	NOT-FOR-US: Tiny Password
-CVE-2012-1408 (Unspecified vulnerability in the App Lock (com.cc.applock) application ...)
+CVE-2012-1408
 	NOT-FOR-US: App Lock
-CVE-2012-1407 (Unspecified vulnerability in the GO Message Widget ...)
+CVE-2012-1407
 	NOT-FOR-US: GO Message Widget
-CVE-2012-1406 (Unspecified vulnerability in the GO Bookmark Widget ...)
+CVE-2012-1406
 	NOT-FOR-US: GO Bookmark Widget
-CVE-2012-1405 (Unspecified vulnerability in the GO Note Widget ...)
+CVE-2012-1405
 	NOT-FOR-US: GO Note Widget
-CVE-2012-1404 (Unspecified vulnerability in the Dolphin Browser Mini ...)
+CVE-2012-1404
 	NOT-FOR-US: Dolphin Browser Mini
-CVE-2012-1403 (Unspecified vulnerability in the Dolphin Browser CN ...)
+CVE-2012-1403
 	NOT-FOR-US: Dolphin Browser CN
-CVE-2012-1402 (Unspecified vulnerability in the QianXun YingShi (com.qianxun.yingshi) ...)
+CVE-2012-1402
 	NOT-FOR-US: QianXun YingShi
-CVE-2012-1401 (Unspecified vulnerability in the CamScanner (com.intsig.camscanner) ...)
+CVE-2012-1401
 	NOT-FOR-US: CamScanner
-CVE-2012-1400 (Unspecified vulnerability in the U+Box 2.0 Pad (lg.uplusbox.pad) ...)
+CVE-2012-1400
 	NOT-FOR-US: U+Box
-CVE-2012-1399 (Unspecified vulnerability in the U+Box 2.0 (lg.uplusbox) application ...)
+CVE-2012-1399
 	NOT-FOR-US: U+Box
-CVE-2012-1398 (Unspecified vulnerability in the GO WeiboWidget ...)
+CVE-2012-1398
 	NOT-FOR-US: GO WeiboWidget
-CVE-2012-1397 (Unspecified vulnerability in the GO QQWeiboWidget ...)
+CVE-2012-1397
 	NOT-FOR-US: GO QQWeiboWidget
-CVE-2012-1396 (Unspecified vulnerability in the GO FBWidget ...)
+CVE-2012-1396
 	NOT-FOR-US: GO FBWidget
-CVE-2012-1395 (Unspecified vulnerability in the GO TwiWidget ...)
+CVE-2012-1395
 	NOT-FOR-US: GO TwiWidget
-CVE-2012-1394 (Unspecified vulnerability in the GO Email Widget ...)
+CVE-2012-1394
 	NOT-FOR-US: GO Email Widget
-CVE-2012-1393 (Unspecified vulnerability in the GO SMS Pro (com.jb.gosms) application ...)
+CVE-2012-1393
 	NOT-FOR-US: GO SMS Pro
-CVE-2012-1392 (Unspecified vulnerability in the Dolphin Browser HD ...)
+CVE-2012-1392
 	NOT-FOR-US: Dolphin Browser HD
-CVE-2012-1391 (Unspecified vulnerability in the mOffice - Outlook sync ...)
+CVE-2012-1391
 	NOT-FOR-US: mOffice - Outlook sync
-CVE-2012-1390 (Unspecified vulnerability in the Miso (com.bazaarlabs.miso) ...)
+CVE-2012-1390
 	NOT-FOR-US: Miso
-CVE-2012-1389 (Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) ...)
+CVE-2012-1389
 	NOT-FOR-US: Di Long Weibo
-CVE-2012-1388 (Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) ...)
+CVE-2012-1388
 	NOT-FOR-US: XiXunTianTian
-CVE-2012-1387 (Unspecified vulnerability in the RealTalk (com.tmsmanager.tms) ...)
+CVE-2012-1387
 	NOT-FOR-US: RealTalk
-CVE-2012-1386 (Unspecified vulnerability in the YouMail Visual Voicemail Plus ...)
+CVE-2012-1386
 	NOT-FOR-US: YouMail Visual Voicemail Plus
-CVE-2012-1385 (Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) ...)
+CVE-2012-1385
 	NOT-FOR-US: NetEase WeiboHD
-CVE-2012-1384 (Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) ...)
+CVE-2012-1384
 	NOT-FOR-US: NetEase Pmail
-CVE-2012-1383 (Unspecified vulnerability in the NetEase Reader (com.netease.pris) ...)
+CVE-2012-1383
 	NOT-FOR-US: NetEase Reader
-CVE-2012-1382 (Unspecified vulnerability in the Youdao Dictionary (com.youdao.dict) ...)
+CVE-2012-1382
 	NOT-FOR-US: Youdao Dictionary
-CVE-2012-1381 (Unspecified vulnerability in the NetEase CloudAlbum ...)
+CVE-2012-1381
 	NOT-FOR-US: NetEase CloudAlbum
-CVE-2012-1380 (Unspecified vulnerability in the NetEaseWeibo (com.netease.wb) ...)
+CVE-2012-1380
 	NOT-FOR-US: NetEaseWeibo
 CVE-2012-1379
 	RESERVED
@@ -13224,25 +13224,25 @@ CVE-2012-1372
 	RESERVED
 CVE-2012-1371
 	RESERVED
-CVE-2012-1370 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows ...)
+CVE-2012-1370
 	NOT-FOR-US: Cisco
 CVE-2012-1369
 	RESERVED
 CVE-2012-1368
 	RESERVED
-CVE-2012-1367 (The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and ...)
+CVE-2012-1367
 	NOT-FOR-US: Cisco
-CVE-2012-1366 (Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast ...)
+CVE-2012-1366
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1365 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote ...)
+CVE-2012-1365
 	NOT-FOR-US: Cisco
-CVE-2012-1364 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote ...)
+CVE-2012-1364
 	NOT-FOR-US: Cisco
 CVE-2012-1363
 	RESERVED
 CVE-2012-1362
 	RESERVED
-CVE-2012-1361 (Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) ...)
+CVE-2012-1361
 	NOT-FOR-US: Cisco
 CVE-2012-1360
 	RESERVED
@@ -13250,7 +13250,7 @@ CVE-2012-1359
 	RESERVED
 CVE-2012-1358
 	RESERVED
-CVE-2012-1357 (The igmp_snoop_orib_fill_source_update function in the IGMP process in ...)
+CVE-2012-1357
 	NOT-FOR-US: NX-OS
 CVE-2012-1356
 	RESERVED
@@ -13264,37 +13264,37 @@ CVE-2012-1352
 	RESERVED
 CVE-2012-1351
 	RESERVED
-CVE-2012-1350 (Cisco IOS 12.3 and 12.4 on Aironet access points allows remote ...)
+CVE-2012-1350
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1349
 	RESERVED
-CVE-2012-1348 (Cisco Wide Area Application Services (WAAS) appliances with software ...)
+CVE-2012-1348
 	NOT-FOR-US: Cisco Wide Area Application Services
 CVE-2012-1347
 	RESERVED
-CVE-2012-1346 (Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause ...)
+CVE-2012-1346
 	NOT-FOR-US: Cisco Emergency Responder
 CVE-2012-1345
 	RESERVED
-CVE-2012-1344 (Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, ...)
+CVE-2012-1344
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1343
 	RESERVED
-CVE-2012-1342 (Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote ...)
+CVE-2012-1342
 	NOT-FOR-US: Cisco Carrier Routing System
 CVE-2012-1341
 	RESERVED
-CVE-2012-1340 (The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 ...)
+CVE-2012-1340
 	NOT-FOR-US: Cisco MDS NX-OS
-CVE-2012-1339 (The Fabric Interconnect component in Cisco Unified Computing System ...)
+CVE-2012-1339
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-1338 (Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches ...)
+CVE-2012-1338
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1337 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
+CVE-2012-1337
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-1336 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
+CVE-2012-1336
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-1335 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
+CVE-2012-1335
 	NOT-FOR-US: Cisco WebEx
 CVE-2012-1334
 	RESERVED
@@ -13308,15 +13308,15 @@ CVE-2012-1330
 	RESERVED
 CVE-2012-1329
 	RESERVED
-CVE-2012-1328 (Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 ...)
+CVE-2012-1328
 	NOT-FOR-US: Cisco IP Phone
-CVE-2012-1327 (dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 ...)
+CVE-2012-1327
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1326
 	RESERVED
 CVE-2012-1325
 	RESERVED
-CVE-2012-1324 (Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, ...)
+CVE-2012-1324
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1323
 	RESERVED
@@ -13330,25 +13330,25 @@ CVE-2012-1319
 	RESERVED
 CVE-2012-1318
 	RESERVED
-CVE-2012-1317 (The multicast implementation in Cisco IOS before 15.1(1)SY allows ...)
+CVE-2012-1317
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1316
 	RESERVED
-CVE-2012-1315 (Memory leak in the SIP inspection feature in the Zone-Based Firewall ...)
+CVE-2012-1315
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1314 (The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote ...)
+CVE-2012-1314
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1313 (The remote debug shell on the PALO adapter card in Cisco Unified ...)
+CVE-2012-1313
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-1312 (The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to ...)
+CVE-2012-1312
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1311 (The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through ...)
+CVE-2012-1311
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1310 (Memory leak in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, ...)
+CVE-2012-1310
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1309
 	RESERVED
-CVE-2012-1308 (Cross-site request forgery (CSRF) vulnerability in redpass.cgi in ...)
+CVE-2012-1308
 	NOT-FOR-US: D-Link
 CVE-2012-1307
 	RESERVED
@@ -13358,11 +13358,11 @@ CVE-2012-1305
 	RESERVED
 CVE-2012-1304
 	RESERVED
-CVE-2012-1303 (Multiple cross-site scripting (XSS) vulnerabilities in amCharts Flash ...)
+CVE-2012-1303
 	NOT-FOR-US: amCharts Flash
-CVE-2012-1302 (Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 ...)
+CVE-2012-1302
 	NOT-FOR-US: amMap
-CVE-2012-1301 (The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to ...)
+CVE-2012-1301
 	NOT-FOR-US: Umbraco
 CVE-2012-1300
 	RESERVED
@@ -13370,26 +13370,26 @@ CVE-2012-1299
 	RESERVED
 CVE-2012-1298
 	RESERVED
-CVE-2012-1297 (Multiple cross-site request forgery (CSRF) vulnerabilities in main.php ...)
+CVE-2012-1297
 	NOT-FOR-US: Contao
-CVE-2012-1296 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1296
 	NOT-FOR-US: Elefant CMS
 CVE-2012-1295
 	RESERVED
-CVE-2012-1294 (SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote ...)
+CVE-2012-1294
 	NOT-FOR-US: CONTIMEX Impulsio CMS
-CVE-2012-1292 (Unspecified vulnerability in the MessagingSystem servlet in SAP ...)
+CVE-2012-1292
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1291 (Unspecified vulnerability in the ...)
+CVE-2012-1291
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1290 (Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp ...)
+CVE-2012-1290
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1289 (Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 ...)
+CVE-2012-1289
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1293 (Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' ...)
+CVE-2012-1293
 	{DSA-2414-1}
 	- fex 20120215-1 (low; bug #660621)
-CVE-2012-1288 (The UTC Fire &amp; Security GE-MC100-NTP/GPS-ZB Master Clock device uses ...)
+CVE-2012-1288
 	NOT-FOR-US: UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock
 CVE-2012-1287
 	RESERVED
@@ -13437,11 +13437,11 @@ CVE-2012-1266
 	RESERVED
 CVE-2012-1265
 	RESERVED
-CVE-2012-1264 (Unspecified vulnerability in Gretech GOM Media Player before ...)
+CVE-2012-1264
 	NOT-FOR-US: Gretech GOM Media Player
 CVE-2012-1263
 	RESERVED
-CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi ...)
+CVE-2012-1262
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
 CVE-2012-1261
@@ -13456,52 +13456,52 @@ CVE-2012-1257
 	RESERVED
 	- pidgin <unfixed> (unimportant)
 	NOTE: Negligible local information disclosure
-CVE-2012-1256 (The single sign-on (SSO) implementation in EasyVista before ...)
+CVE-2012-1256
 	NOT-FOR-US: EasyVista
-CVE-2012-1255 (SQL injection vulnerability in Segue 2.2.10.2 and earlier allows ...)
+CVE-2012-1255
 	NOT-FOR-US: Segue (CMS)
-CVE-2012-1254 (Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier ...)
+CVE-2012-1254
 	NOT-FOR-US: Segue (CMS)
-CVE-2012-1253 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before ...)
+CVE-2012-1253
 	- roundcube 0.7-1 (low)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
-CVE-2012-1252 (Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows ...)
+CVE-2012-1252
 	- rssowl <itp> (bug #346541)
-CVE-2012-1251 (Opera before 9.63 does not properly verify X.509 certificates from SSL ...)
+CVE-2012-1251
 	NOT-FOR-US: Opera
-CVE-2012-1250 (Logitec LAN-W300N/R routers with firmware before 2.27 do not properly ...)
+CVE-2012-1250
 	NOT-FOR-US: Logitec LAN-W300N/R device
-CVE-2012-1249 (The iLunascape application 1.0.4.0 and earlier for Android does not ...)
+CVE-2012-1249
 	NOT-FOR-US: iLunascape
-CVE-2012-1248 (app/config/core.php in baserCMS 1.6.15 and earlier does not properly ...)
+CVE-2012-1248
 	NOT-FOR-US: BaserCMS
-CVE-2012-1247 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and ...)
+CVE-2012-1247
 	NOT-FOR-US: KENT-WEB WEB MART
-CVE-2012-1246 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and ...)
+CVE-2012-1246
 	NOT-FOR-US: KENT-WEB WEB MART
-CVE-2012-1245 (Cross-site scripting (XSS) vulnerability in the cleanup_urls function ...)
+CVE-2012-1245
 	NOT-FOR-US: OSQA
-CVE-2012-1244 (The NTT DOCOMO sp mode mail application 5400 and earlier for Android ...)
+CVE-2012-1244
 	NOT-FOR-US: Android app
-CVE-2012-1243 (The TwitRocker2 application before 1.0.23 for Android does not ...)
+CVE-2012-1243
 	NOT-FOR-US: Android app
-CVE-2012-1242 (Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, ...)
+CVE-2012-1242
 	NOT-FOR-US: various Ichitaro products
-CVE-2012-1241 (GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 ...)
+CVE-2012-1241
 	NOT-FOR-US: ActiveScriptRuby
-CVE-2012-1240 (Cross-site scripting (XSS) vulnerability in the RECRUIT Dokodemo ...)
+CVE-2012-1240
 	NOT-FOR-US: RECRUIT Dokodemo
-CVE-2012-1239 (The TopAccess web-based management interface on TOSHIBA TEC e-Studio ...)
+CVE-2012-1239
 	NOT-FOR-US: TOSHIBA TEC e-Studio
-CVE-2012-1238 (Session fixation vulnerability in SENCHA SNS before 1.0.2 allows ...)
+CVE-2012-1238
 	NOT-FOR-US: SENCHA SNS
-CVE-2012-1237 (Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before ...)
+CVE-2012-1237
 	NOT-FOR-US: SENCHA SNS
-CVE-2012-1236 (Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter ...)
+CVE-2012-1236
 	NOT-FOR-US: Janetter
-CVE-2012-1235 (Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin ...)
+CVE-2012-1235
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-1234 (SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows ...)
+CVE-2012-1234
 	NOT-FOR-US: Advantech/BroadWin WebAccess
 CVE-2012-1233
 	RESERVED
@@ -13515,155 +13515,155 @@ CVE-2012-1229
 	RESERVED
 CVE-2012-1228
 	RESERVED
-CVE-2012-1227 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-1227
 	NOT-FOR-US: pluck
-CVE-2012-1226 (Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 ...)
+CVE-2012-1226
 	- dolibarr 3.3.4-1
-CVE-2012-1225 (Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and ...)
+CVE-2012-1225
 	- dolibarr 3.3.4-1
-CVE-2012-1224 (Cross-site scripting (XSS) vulnerability in system/classes/login.php ...)
+CVE-2012-1224
 	NOT-FOR-US: ContentLion Alpha
-CVE-2012-1223 (RabidHamster R2/Extreme 1.65 and earlier uses a small search space of ...)
+CVE-2012-1223
 	NOT-FOR-US: RabidHamster
-CVE-2012-1222 (Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and ...)
+CVE-2012-1222
 	NOT-FOR-US: RabidHamster
-CVE-2012-1221 (Directory traversal vulnerability in the telnet server in RabidHamster ...)
+CVE-2012-1221
 	NOT-FOR-US: RabidHamster
-CVE-2012-1220 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-1220
 	NOT-FOR-US: GAzie
-CVE-2012-1219 (Multiple cross-site scripting (XSS) vulnerabilities in freelancerKit ...)
+CVE-2012-1219
 	NOT-FOR-US: freelancerKit
-CVE-2012-1218 (Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow ...)
+CVE-2012-1218
 	NOT-FOR-US: freelancerKit
-CVE-2012-1217 (Multiple cross-site scripting (XSS) vulnerabilities in STHS v2 Web ...)
+CVE-2012-1217
 	NOT-FOR-US: STHS
-CVE-2012-1216 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-1216
 	NOT-FOR-US: PBBoard
-CVE-2012-1215 (Cross-site scripting (XSS) vulnerability in the Add friends module in ...)
+CVE-2012-1215
 	NOT-FOR-US: Yoono extension
-CVE-2012-1214 (Cross-site scripting (XSS) vulnerability in the Add friends module in ...)
+CVE-2012-1214
 	NOT-FOR-US: Yoono Desktop Application
-CVE-2012-1213 (Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in ...)
+CVE-2012-1213
 	NOT-FOR-US: Zimbra Web Client
-CVE-2012-1212 (Cross-site scripting (XSS) vulnerability in the smwfOnSfSetTargetName ...)
+CVE-2012-1212
 	NOT-FOR-US: Semantic Enterprise Wiki
-CVE-2012-1211 (Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in ...)
+CVE-2012-1211
 	NOT-FOR-US: Powie pFile
-CVE-2012-1210 (SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 ...)
+CVE-2012-1210
 	NOT-FOR-US: Powie pFile
-CVE-2012-1209 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1209
 	NOT-FOR-US: Fork CMS
-CVE-2012-1208 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1208
 	NOT-FOR-US: Fork CMS
-CVE-2012-1207 (Directory traversal vulnerability in ...)
+CVE-2012-1207
 	NOT-FOR-US: Fork CMS
-CVE-2012-1206 (Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote ...)
+CVE-2012-1206
 	NOT-FOR-US: Hancom Office
-CVE-2012-1205 (PHP remote file inclusion vulnerability in relocate-upload.php in ...)
+CVE-2012-1205
 	NOT-FOR-US: Relocate Upload plugin
 CVE-2012-1204
 	RESERVED
-CVE-2012-1203 (Cross-site request forgery (CSRF) vulnerability in starnet/index.php ...)
+CVE-2012-1203
 	NOT-FOR-US: SyndeoCMS
 CVE-2012-1202
 	RESERVED
 CVE-2012-1201
 	RESERVED
-CVE-2012-1200 (Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow ...)
+CVE-2012-1200
 	NOT-FOR-US: Nova CMS
-CVE-2012-1199 (Multiple PHP remote file inclusion vulnerabilities in Basic Analysis ...)
+CVE-2012-1199
 	- acidbase <removed> (unimportant)
 	NOTE: requires register_globals to be on
-CVE-2012-1198 (base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 ...)
+CVE-2012-1198
 	- acidbase <removed> (unimportant; bug #661020)
 	NOTE: unreproducible issue, extremely low on details in original report
-CVE-2012-1197 (Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build ...)
+CVE-2012-1197
 	NOT-FOR-US: ACDSee
-CVE-2012-1196 (Directory traversal vulnerability in the VulCore web service ...)
+CVE-2012-1196
 	NOT-FOR-US: Lenovo ThinkManagement Console
-CVE-2012-1195 (Unrestricted file upload vulnerability in ...)
+CVE-2012-1195
 	NOT-FOR-US: Lenovo ThinkManagement Console
-CVE-2012-1194 (The resolver in the DNS Server service in Microsoft Windows Server ...)
+CVE-2012-1194
 	NOTE: DNS protocol flaw
-CVE-2012-1193 (The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites ...)
+CVE-2012-1193
 	NOTE: DNS protocol flaw
-CVE-2012-1192 (The resolver in Unbound before 1.4.11 overwrites cached server names ...)
+CVE-2012-1192
 	NOTE: DNS protocol flaw
-CVE-2012-1191 (The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites ...)
+CVE-2012-1191
 	- djbdns <removed>
 	NOTE: DNS protocol flaw
 	NOTE: RH made an update: https://bugzilla.redhat.com/show_bug.cgi?id=838761
-CVE-2012-0869 (Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File ...)
+CVE-2012-0869
 	{DSA-2414-1}
 	- fex 20120215-1 (low; bug #660621)
-CVE-2012-1190 (Cross-site scripting (XSS) vulnerability in the replication-setup ...)
+CVE-2012-1190
 	- phpmyadmin 4:3.4.10.1-1 (unimportant)
 	[lenny] - phpmyadmin <not-affected>
 	[squeeze] - phpmyadmin <not-affected>
 	NOTE: hypothetical issue
-CVE-2012-1189 (Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in ...)
+CVE-2012-1189
 	- torcs 1.3.3-1 (low; bug #660555)
 	[squeeze] - torcs <no-dsa> (Minor issue)
 	- speed-dreams <itp> (bug #599884)
-CVE-2012-1188 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
+CVE-2012-1188
 	NOT-FOR-US: Fork CMS
 CVE-2012-1187
 	RESERVED
 	- bitlbee 3.0.4+bzr855-1 (low)
 	[squeeze] - bitlbee <no-dsa> (Minor issue)
-CVE-2012-1186 (Integer overflow in the SyncImageProfiles function in profile.c in ...)
+CVE-2012-1186
 	{DSA-2462-1}
 	- imagemagick 8:6.6.9.7-7 (bug #665007)
-CVE-2012-1185 (Multiple integer overflows in (1) magick/profile.c or (2) ...)
+CVE-2012-1185
 	{DSA-2462-1}
 	- imagemagick 8:6.6.9.7-7 (bug #665007)
-CVE-2012-1184 (Stack-based buffer overflow in the ast_parse_digest function in ...)
+CVE-2012-1184
 	- asterisk 1:1.8.10.0~dfsg-1 (bug #664411)
 	[squeeze] - asterisk <not-affected> (HTTP digest authentication code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/16/10
-CVE-2012-1183 (Stack-based buffer overflow in the milliwatt_generate function in the ...)
+CVE-2012-1183
 	{DSA-2460-1}
 	- asterisk 1:1.8.10.0~dfsg-1 (bug #664411)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/16/10
-CVE-2012-1182 (The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before ...)
+CVE-2012-1182
 	{DSA-2450-1}
 	- samba 2:3.6.4-1 (bug #668309)
 	- samba4 4.0.0~alpha19+dfsg1-1 (bug #668309)
-CVE-2012-1181 (fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP ...)
+CVE-2012-1181
 	{DSA-2436-1}
 	- libapache2-mod-fcgid 1:2.3.6-1.1 (bug #615814)
-CVE-2012-1180 (Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before ...)
+CVE-2012-1180
 	{DSA-2434-1}
 	- nginx 1.1.17-1 (bug #664137)
 	NOTE: http://seclists.org/oss-sec/2012/q1/644
-CVE-2012-1179 (The Linux kernel before 3.3.1, when KVM is used, allows guest OS users ...)
+CVE-2012-1179
 	- linux-2.6 3.2.14-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-1178 (The msn_oim_report_to_user function in oim.c in the MSN protocol ...)
+CVE-2012-1178
 	- pidgin 2.10.2-1 (low; bug #664030)
 	[squeeze] - pidgin <no-dsa> (Only exploitable by malicious server)
 	NOTE: http://pidgin.im/news/security/?id=61
-CVE-2012-1177 (libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL ...)
+CVE-2012-1177
 	{DSA-2482-1}
 	- libgdata 0.10.2-1 (bug #664032)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/3
-CVE-2012-1176 (Buffer overflow in the fribidi_utf8_to_unicode function in PyFriBidi ...)
+CVE-2012-1176
 	- pyfribidi 0.11.0-1 (bug #663189)
 	[squeeze] - pyfribidi <no-dsa> (Minor issue)
-CVE-2012-1175 (Integer overflow in the GnashImage::size method in ...)
+CVE-2012-1175
 	{DSA-2435-1}
 	- gnash 0.8.10-5 (bug #664023)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/5
-CVE-2012-1174 (The rm_rf_children function in util.c in the systemd-logind login ...)
+CVE-2012-1174
 	- systemd 44-1 (bug #664364)
-CVE-2012-1173 (Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow ...)
+CVE-2012-1173
 	{DSA-2447-1}
 	- tiff3 3.9.6-2
 	- tiff 4.0.1-2
-CVE-2012-1172 (The file-upload implementation in rfc1867.c in PHP before 5.4.0 does ...)
+CVE-2012-1172
 	{DSA-2465-1}
 	- php5 5.4.0-1 (bug #663760)
-CVE-2012-1171 (The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to ...)
+CVE-2012-1171
 	- php5 <removed> (unimportant)
 	NOTE: according to php's security statement, safemode bypass issues are not treated as security-relevant
 CVE-2012-1170
@@ -13675,25 +13675,25 @@ CVE-2012-1169
 CVE-2012-1168
 	RESERVED
 	- moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-1167 (The JBoss Server in JBoss Enterprise Application Platform 5.1.x before ...)
+CVE-2012-1167
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-1166 (The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x ...)
+CVE-2012-1166
 	- ldm  2:2.2.7-1 (bug #663645)
 	[squeeze] - ldm <not-affected> (Introduced in 2.2)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ldm/+bug/953340
-CVE-2012-1165 (The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL ...)
+CVE-2012-1165
 	{DSA-2454-1}
 	- openssl 1.0.0h-1 (low; bug #663642)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/12/3
-CVE-2012-1164 (slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a ...)
+CVE-2012-1164
 	{DLA-203-1}
 	- openldap 2.4.31-1 (low; bug #663644)
 	[squeeze] - openldap <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/12/4
-CVE-2012-1163 (Integer overflow in the _zip_readcdir function in zip_open.c in libzip ...)
+CVE-2012-1163
 	- libzip 0.10.1-1 (bug #664990)
 	[squeeze] - libzip <not-affected> (Only affects 0.10.x)
-CVE-2012-1162 (Heap-based buffer overflow in the _zip_readcdir function in zip_open.c ...)
+CVE-2012-1162
 	- libzip 0.10.1-1 (bug #664990)
 	[squeeze] - libzip <not-affected> (Only affects 0.10.x)
 CVE-2012-1161
@@ -13718,17 +13718,17 @@ CVE-2012-1155
 	RESERVED
 	- moodle 1.9.9.dfsg2-6 (low; bug #668411)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
-CVE-2012-1154 (mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used ...)
+CVE-2012-1154
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2012-1153 (Unrestricted file upload vulnerability in ...)
+CVE-2012-1153
 	NOT-FOR-US: AppRain CMS
-CVE-2012-1152 (Multiple format string vulnerabilities in the error reporting ...)
+CVE-2012-1152
 	{DSA-2432-1}
 	- libyaml-libyaml-perl 0.38-2 (bug #661548)
-CVE-2012-1151 (Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka ...)
+CVE-2012-1151
 	{DSA-2431-1}
 	- libdbd-pg-perl 2.19.0-1 (bug #661536)
-CVE-2012-1150 (Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x ...)
+CVE-2012-1150
 	{DLA-25-1}
 	- python2.5 <removed> (low)
 	- python2.6 2.6.8-0.1 (low)
@@ -13737,106 +13737,106 @@ CVE-2012-1150 (Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.
 	- python3.1 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
-CVE-2012-1149 (Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, ...)
+CVE-2012-1149
 	{DSA-2487-1 DSA-2473-1}
 	- libreoffice 1:3.4.5-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
-CVE-2012-1148 (Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat ...)
+CVE-2012-1148
 	{DSA-2525-1}
 	- xmlrpc-c 1.16.33-3.2 (low; bug #687672)
 	[squeeze] - xmlrpc-c <no-dsa> (Minor issue)
 	- expat 2.1.0~beta3-1 (bug #663579)
-CVE-2012-1147 (readfilemap.c in expat before 2.1.0 allows context-dependent attackers ...)
+CVE-2012-1147
 	- expat <not-affected> (readfilemap.c is not used in *IX)
-CVE-2012-1146 (The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in ...)
+CVE-2012-1146
 	- linux-2.6 3.2.10-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-1145 (spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat ...)
+CVE-2012-1145
 	NOT-FOR-US: RHN Satellite
-CVE-2012-1144 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1144
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1143 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1143
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1142 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1142
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1141 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1141
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1140 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1140
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1139 (Array index error in FreeType before 2.4.9, as used in Mozilla Firefox ...)
+CVE-2012-1139
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1138 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1138
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1137 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1137
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1136 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1136
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1135 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1135
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1134 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1134
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1133 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1133
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1132 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1132
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1131 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1131
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1130 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1130
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1129 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1129
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1128 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1128
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1127 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1127
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1126 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
+CVE-2012-1126
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1125 (Unrestricted file upload vulnerability in ...)
+CVE-2012-1125
 	NOT-FOR-US: Kish Guest Posting Plugin for WordPress (not in Debian)
 CVE-2012-1124
 	RESERVED
 	NOT-FOR-US: phxEventManager not in Debian
-CVE-2012-1123 (The mci_check_login function in api/soap/mc_api.php in the SOAP API in ...)
+CVE-2012-1123
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (bug #662858)
-CVE-2012-1122 (bug_actiongroup.php in MantisBT before 1.2.9 does not properly check ...)
+CVE-2012-1122
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669927)
-CVE-2012-1121 (MantisBT before 1.2.9 does not properly check permissions, which ...)
+CVE-2012-1121
 	- mantis 1.2.10-1 (low; bug #669926)
 	[squeeze] - mantis <not-affected> (according to maintainer)
-CVE-2012-1120 (The SOAP API in MantisBT before 1.2.9 does not properly enforce the ...)
+CVE-2012-1120
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669925)
-CVE-2012-1119 (MantisBT before 1.2.9 does not audit when users copy or clone a bug ...)
+CVE-2012-1119
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669928)
-CVE-2012-1118 (The access_has_bug_level function in core/access_api.php in MantisBT ...)
+CVE-2012-1118
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669924)
-CVE-2012-1117 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 ...)
+CVE-2012-1117
 	NOT-FOR-US: Joomla!
-CVE-2012-1116 (SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 ...)
+CVE-2012-1116
 	NOT-FOR-US: Joomla!
 CVE-2012-1115
 	RESERVED
@@ -13850,25 +13850,25 @@ CVE-2012-1114
 	[squeeze] - phpldapadmin <no-dsa> (Minor issue)
 	- ldap-account-manager 3.6-2 (low; bug #661904)
 	[squeeze] - ldap-account-manager <no-dsa> (Minor issue)
-CVE-2012-1113 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2012-1113
 	- gallery2 2.3.2.dfsg-1 (low)
 	[squeeze] - gallery2 <no-dsa> (Minor issue)
-CVE-2012-1112 (Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier ...)
+CVE-2012-1112
 	NOT-FOR-US: OpenRealty CMS not in Debian
-CVE-2012-1111 (lightdm before 1.0.9 does not properly close file descriptors before ...)
+CVE-2012-1111
 	- lightdm 1.0.9-1 (bug #658678)
-CVE-2012-1110 (Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and ...)
+CVE-2012-1110
 	NOT-FOR-US: etano not in Debian
 CVE-2012-1109
 	RESERVED
 	NOT-FOR-US: mwlib not in Debian
-CVE-2012-1108 (The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier ...)
+CVE-2012-1108
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1107 (The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and ...)
+CVE-2012-1107
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1106 (The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly ...)
+CVE-2012-1106
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2012-1105
 	RESERVED
@@ -13882,25 +13882,25 @@ CVE-2012-1104
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	- glpi 0.80.7-2 (unimportant; bug #662944)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2012-1103 (emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs ...)
+CVE-2012-1103
 	{DSA-2416-1}
 	- notmuch 0.11.1-1
 CVE-2012-1101
 	RESERVED
 	- systemd 43-1 (bug #662029)
-CVE-2012-1100 (Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and ...)
+CVE-2012-1100
 	NOT-FOR-US: JBoss Operations Network
-CVE-2012-1099 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1099
 	{DSA-2466-1}
 	- ruby-actionpack-2.3 2.3.14-3 (bug #668607)
 	- rails 2.3.14
 	NOTE: (code lives within ruby-actionpack in unstable)
-CVE-2012-1098 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before ...)
+CVE-2012-1098
 	- ruby-actionpack-2.3 2.3.14-3 (bug #668977)
 	- rails 2.3.14
 	[squeeze] - rails <not-affected> (Vulnerable code not present)
 	NOTE: (code lives within ruby-actionpack in unstable)
-CVE-2012-1097 (The regset (aka register set) feature in the Linux kernel before ...)
+CVE-2012-1097
 	{DSA-2443-1}
 	- linux-2.6 3.2.10-1 (low)
 CVE-2012-1096
@@ -13912,7 +13912,7 @@ CVE-2012-1096
 	[wheezy] - network-manager <ignored> (Minor issue)
 	[squeeze] - network-manager <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=793329
-CVE-2012-1095 (osc before 0.134 might allow remote OBS repository servers or package ...)
+CVE-2012-1095
 	- osc <unfixed> (unimportant)
 	NOTE: This is ultimately a bug in the respectice terminal emulations and not a vulnerability in osc
 CVE-2012-1094
@@ -13926,102 +13926,102 @@ CVE-2012-1092
 	REJECTED
 CVE-2012-1091
 	REJECTED
-CVE-2012-1090 (The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before ...)
+CVE-2012-1090
 	{DSA-2443-1}
 	- linux-2.6 3.2.10-1
-CVE-2012-1089 (Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 ...)
+CVE-2012-1089
 	NOT-FOR-US: Apache Wicket
-CVE-2012-1088 (iproute2 before 3.3.0 allows local users to overwrite arbitrary files ...)
+CVE-2012-1088
 	- iproute 20120319-1 (unimportant)
 	NOTE: 1st issue only exploitable at build time / 2nd issue just example script in iproute-doc
-CVE-2012-1087 (Cross-site scripting (XSS) vulnerability in the Post data records to ...)
+CVE-2012-1087
 	NOT-FOR-US: bc_post2facebook extension for TYPO3
-CVE-2012-1086 (Cross-site scripting (XSS) vulnerability in the UrlTool (aeurltool) ...)
+CVE-2012-1086
 	NOT-FOR-US: aeurltool extension for TYPO3
-CVE-2012-1085 (Unspecified vulnerability in the BE User Switch (beuserswitch) ...)
+CVE-2012-1085
 	NOT-FOR-US: beuserswitch for TYPO3
-CVE-2012-1084 (Cross-site scripting (XSS) vulnerability in the BE User Switch ...)
+CVE-2012-1084
 	NOT-FOR-US: beuserswitch for TYPO3
-CVE-2012-1083 (Cross-site request forgery (CSRF) vulnerability in the Terminal PHP ...)
+CVE-2012-1083
 	NOT-FOR-US: terminal extension TYPO3
-CVE-2012-1082 (Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell ...)
+CVE-2012-1082
 	NOT-FOR-US: terminal extension TYPO3
-CVE-2012-1081 (Cross-site scripting (XSS) vulnerability in the Yet another Google ...)
+CVE-2012-1081
 	NOT-FOR-US: ya_googlesearch extension for TYPO3
-CVE-2012-1080 (Cross-site scripting (XSS) vulnerability in the Euro Calculator ...)
+CVE-2012-1080
 	NOT-FOR-US: skt_eurocalc extension for TYPO3
-CVE-2012-1079 (Unspecified vulnerability in the Webservices for TYPO3 ...)
+CVE-2012-1079
 	NOT-FOR-US: typo3_webservice extension for TYPO3
-CVE-2012-1078 (The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3 ...)
+CVE-2012-1078
 	NOT-FOR-US: sysutils extension for TYPO3
-CVE-2012-1077 (SQL injection vulnerability in the Post data records to facebook ...)
+CVE-2012-1077
 	NOT-FOR-US: bc_post2facebook extension for TYPO3
-CVE-2012-1076 (Cross-site scripting (XSS) vulnerability in the Documents download ...)
+CVE-2012-1076
 	NOT-FOR-US: rtg_files extension for TYPO3
-CVE-2012-1075 (SQL injection vulnerability in the Documents download (rtg_files) ...)
+CVE-2012-1075
 	NOT-FOR-US: rtg_files extension for TYPO3
-CVE-2012-1074 (SQL injection vulnerability in the White Papers (mm_whtppr) extension ...)
+CVE-2012-1074
 	NOT-FOR-US: mm_whtppr extension for TYPO3
-CVE-2012-1073 (Cross-site scripting (XSS) vulnerability in the Category-System ...)
+CVE-2012-1073
 	NOT-FOR-US: toi_category extension for TYPO3
-CVE-2012-1072 (SQL injection vulnerability in the Category-System (toi_category) ...)
+CVE-2012-1072
 	NOT-FOR-US: toi_category extension for TYPO3
-CVE-2012-1071 (SQL injection vulnerability in the Kitchen recipe (mv_cooking) ...)
+CVE-2012-1071
 	NOT-FOR-US: mv_cooking extension for TYPO3
-CVE-2012-1070 (Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) ...)
+CVE-2012-1070
 	NOT-FOR-US: irfaq extension for TYPO3
-CVE-2012-1069 (Cross-site scripting (XSS) vulnerability in module/kb/search_word in ...)
+CVE-2012-1069
 	NOT-FOR-US: lknSupport
-CVE-2012-1068 (Cross-site scripting (XSS) vulnerability in the rc_ajax function in ...)
+CVE-2012-1068
 	NOT-FOR-US: WP-RecentComments plugin for WordPress
-CVE-2012-1067 (SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for ...)
+CVE-2012-1067
 	NOT-FOR-US: WP-RecentComments plugin for WordPress
-CVE-2012-1066 (Cross-site scripting (XSS) vulnerability in the template module in ...)
+CVE-2012-1066
 	NOT-FOR-US: SmartyCMS
-CVE-2012-1065 (Insecure method vulnerability in TuxScripting.dll in the TuxSystem ...)
+CVE-2012-1065
 	NOT-FOR-US: TuxSystem
-CVE-2012-1064 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer ...)
+CVE-2012-1064
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-1063 (Multiple SQL injection vulnerabilities in ManageEngine Applications ...)
+CVE-2012-1063
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2012-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2012-1062
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2012-1061 (SQL injection vulnerability in GForge Advanced Server 6.0.0 and other ...)
+CVE-2012-1061
 	NOT-FOR-US: GForge Advanced Server
-CVE-2012-1060 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-1060
 	NOT-FOR-US: Taxonomy module for Drupal
-CVE-2012-1059 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1059
 	NOT-FOR-US: shirt module in OSCommerce
-CVE-2012-1058 (Cross-site request forgery (CSRF) vulnerability in Flyspray 0.9.9.6 ...)
+CVE-2012-1058
 	NOT-FOR-US: Flyspray
-CVE-2012-1057 (Cross-site request forgery (CSRF) vulnerability in the clickthrough ...)
+CVE-2012-1057
 	NOT-FOR-US: Forward module for Drupal
-CVE-2012-1056 (The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 ...)
+CVE-2012-1056
 	NOT-FOR-US: Forward module for Drupal
-CVE-2012-1055 (Heap-based buffer overflow in PhotoLine 17.01 and possibly other ...)
+CVE-2012-1055
 	NOT-FOR-US: PhotoLine
-CVE-2012-1054 (Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet ...)
+CVE-2012-1054
 	{DSA-2419-1}
 	- puppet 2.7.11-1
-CVE-2012-1053 (The change_user method in the SUIDManager ...)
+CVE-2012-1053
 	{DSA-2419-1}
 	- puppet 2.7.11-1
-CVE-2012-1052 (Buffer overflow in IvanView 1.2.15 allows remote attackers to execute ...)
+CVE-2012-1052
 	NOT-FOR-US: IvanView
-CVE-2012-1051 (Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in ...)
+CVE-2012-1051
 	NOT-FOR-US: XnView
-CVE-2012-1050 (Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before ...)
+CVE-2012-1050
 	- mathopd <removed> (low; bug #660627)
 	[lenny] - mathopd <no-dsa> (Minor issue, configuration specific)
 	[squeeze] - mathopd <no-dsa> (Minor issue, configuration specific)
 	NOTE: this is only an issue in specific configurations but not in the Debian configuration
-CVE-2012-1049 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
+CVE-2012-1049
 	NOT-FOR-US: ManageEngine ADManager Plus
-CVE-2012-1048 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-1048
 	NOT-FOR-US: eFront Community++
-CVE-2012-1047 (Directory traversal vulnerability in the WWWHELP Service ...)
+CVE-2012-1047
 	NOT-FOR-US: Cyberoam Central Console
-CVE-2012-1046 (Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 ...)
+CVE-2012-1046
 	NOT-FOR-US: IBM Cognos
 CVE-2012-1045
 	RESERVED
@@ -14035,153 +14035,153 @@ CVE-2012-1041
 	RESERVED
 CVE-2012-1040
 	RESERVED
-CVE-2012-1039 (Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before ...)
+CVE-2012-1039
 	- dotclear 2.4.2+dfsg-1
-CVE-2012-1038 (Cross-site scripting (XSS) vulnerability in the WebAAA login ...)
+CVE-2012-1038
 	NOT-FOR-US: Juniper
-CVE-2012-1037 (PHP remote file inclusion vulnerability in front/popup.php in GLPI ...)
+CVE-2012-1037
 	- glpi 0.80.7-1 (bug #659383; unimportant)
 	[squeeze] - glpi <not-affected> (Introduced in 0.78)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2012-1036 (Cross-site scripting (XSS) vulnerability in the telerik HTML editor in ...)
+CVE-2012-1036
 	NOT-FOR-US: telerik
-CVE-2012-1035 (AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for ...)
+CVE-2012-1035
 	NOT-FOR-US: AdaCore Ada Web Services
-CVE-2012-1034 (Multiple cross-site scripting (XSS) vulnerabilities in the admin ...)
+CVE-2012-1034
 	NOT-FOR-US: EPiServer CMS
-CVE-2012-1033 (The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server ...)
+CVE-2012-1033
 	- bind9 1:9.8.1.dfsg.P1-4.1 (low)
 	[squeeze] - bind9 <no-dsa> (low-severity dns protocol design flaw)
-CVE-2012-1032 (Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker ...)
+CVE-2012-1032
 	NOT-FOR-US: EPiServer CMS module Euroling SiteSeeker
-CVE-2012-1031 (Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in ...)
+CVE-2012-1031
 	NOT-FOR-US: EPiServer CMS
-CVE-2012-1030 (Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x through ...)
+CVE-2012-1030
 	NOT-FOR-US: DotNetNuke
-CVE-2012-1029 (SQL injection vulnerability in mobile/search/index.php in Tube Ace ...)
+CVE-2012-1029
 	NOT-FOR-US: Tube Ace
-CVE-2012-1028 (Cross-site scripting (XSS) vulnerability in bin/index.php in ...)
+CVE-2012-1028
 	NOT-FOR-US: SimpleGroupWare
-CVE-2012-1027 (Cross-site scripting (XSS) vulnerability in account-closed.tcl in ...)
+CVE-2012-1027
 	NOT-FOR-US: project-open
-CVE-2012-1026 (Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 ...)
+CVE-2012-1026
 	NOT-FOR-US: XRay CMS
-CVE-2012-1025 (Absolute path traversal vulnerability in file in Enigma2 Webinterface ...)
+CVE-2012-1025
 	NOT-FOR-US: Enigma2
-CVE-2012-1024 (Directory traversal vulnerability in file in Enigma2 Webinterface ...)
+CVE-2012-1024
 	NOT-FOR-US: Enigma2
-CVE-2012-1023 (Open redirect vulnerability in admin/index.php in 4images 1.7.10 ...)
+CVE-2012-1023
 	NOT-FOR-US: 4images
-CVE-2012-1022 (SQL injection vulnerability in admin/categories.php in 4images 1.7.10 ...)
+CVE-2012-1022
 	NOT-FOR-US: 4images
-CVE-2012-1021 (Cross-site scripting (XSS) vulnerability in admin/categories.php in ...)
+CVE-2012-1021
 	NOT-FOR-US: 4images
-CVE-2012-1020 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+CVE-2012-1020
 	NOT-FOR-US: NexorONE Online Banking
-CVE-2012-1019 (Multiple cross-site scripting (XSS) vulnerabilities in XWiki ...)
+CVE-2012-1019
 	NOT-FOR-US: Xwiki Enterprise
-CVE-2012-1018 (Cross-site scripting (XSS) vulnerability in includes/convert.php in ...)
+CVE-2012-1018
 	NOT-FOR-US: Joomla addon
-CVE-2012-1017 (Multiple SQL injection vulnerabilities in base_qry_main.php in Basic ...)
+CVE-2012-1017
 	- acidbase <removed> (low; bug #659287)
 	[squeeze] - acidbase <no-dsa> (Minor issue)
-CVE-2012-1016 (The pkinit_server_return_padata function in ...)
+CVE-2012-1016
 	- krb5 1.10.1+dfsg-4+nmu1 (bug #702633)
 	[squeeze] - krb5 <not-affected> (introduced upstream with 3725d22140c23a376dd79b69d130be8e2b91005f, not affecting 1.8.x)
-CVE-2012-1015 (The kdc_handle_protected_negotiation function in the Key Distribution ...)
+CVE-2012-1015
 	{DSA-2518-1}
 	- krb5 1.10.1+dfsg-2 (bug #683429)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/171
-CVE-2012-1014 (The process_as_req function in the Key Distribution Center (KDC) in ...)
+CVE-2012-1014
 	{DSA-2518-1}
 	- krb5 1.10.1+dfsg-2 (bug #683429)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/171
-CVE-2012-1013 (The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in ...)
+CVE-2012-1013
 	- krb5 1.10.1+dfsg-3 (low; bug #687647)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: DoS only triggered by clients with admin permissions
-CVE-2012-1012 (server/server_stubs.c in the kadmin protocol implementation in MIT ...)
+CVE-2012-1012
 	- krb5 1.10.1+dfsg-1 (bug #670918)
 	[squeeze] - krb5 <not-affected> (vulnerable code not present)
 	NOTE: bug was introduced in krb5 1.10
-CVE-2012-1011 (actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows ...)
+CVE-2012-1011
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-1010 (Unrestricted file upload vulnerability in actions.php in the ...)
+CVE-2012-1010
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-1009 (NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build ...)
+CVE-2012-1009
 	NOT-FOR-US: NetSarang
-CVE-2012-1008 (OfficeSIP Server 3.1 allows remote attackers to cause a denial of ...)
+CVE-2012-1008
 	NOT-FOR-US: OfficeSIP Server
-CVE-2012-1007 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts ...)
+CVE-2012-1007
 	- libstruts1.2-java <removed> (unimportant; bug #657870)
 	NOTE: Just examples
-CVE-2012-1006 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts ...)
+CVE-2012-1006
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2012-1005 (Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software ...)
+CVE-2012-1005
 	NOT-FOR-US: Sphinx Software Mobile Web Server
-CVE-2012-1004 (Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm ...)
+CVE-2012-1004
 	- foswiki <itp> (bug #509864)
-CVE-2012-1003 (Multiple integer overflows in Opera 11.60 and earlier allow remote ...)
+CVE-2012-1003
 	NOT-FOR-US: Opera
-CVE-2012-1002 (SQL injection vulnerability in author/edit.php in OpenConf 4.x before ...)
+CVE-2012-1002
 	NOT-FOR-US: OpenConf
 CVE-2012-1001
 	RESERVED
-CVE-2012-1000 (Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 ...)
+CVE-2012-1000
 	NOT-FOR-US: LEPTON
-CVE-2012-0999 (SQL injection vulnerability in modules/news/rss.php in LEPTON before ...)
+CVE-2012-0999
 	NOT-FOR-US: LEPTON
-CVE-2012-0998 (Directory traversal vulnerability in account/preferences.php in LEPTON ...)
+CVE-2012-0998
 	NOT-FOR-US: LEPTON
-CVE-2012-0997 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
+CVE-2012-0997
 	NOT-FOR-US: 11in1
-CVE-2012-0996 (Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable ...)
+CVE-2012-0996
 	NOT-FOR-US: 11in1
-CVE-2012-0995 (Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 ...)
+CVE-2012-0995
 	NOT-FOR-US: ZENphoto
-CVE-2012-0994 (SQL injection vulnerability in the Manage Albums feature in ...)
+CVE-2012-0994
 	NOT-FOR-US: ZENphoto
-CVE-2012-0993 (Eval injection vulnerability in ...)
+CVE-2012-0993
 	NOT-FOR-US: ZENphoto
-CVE-2012-0992 (interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote ...)
+CVE-2012-0992
 	NOT-FOR-US: OpenEMR
-CVE-2012-0991 (Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow ...)
+CVE-2012-0991
 	NOT-FOR-US: OpenEMR
-CVE-2012-0990 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2012-0990
 	NOT-FOR-US: DClassifieds
-CVE-2012-0989 (Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial ...)
+CVE-2012-0989
 	NOT-FOR-US: OneOrZero AIMS
-CVE-2012-0988 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-0988
 	NOT-FOR-US: KnowledgeTree
-CVE-2012-0987 (Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x ...)
+CVE-2012-0987
 	NOT-FOR-US: ImpressCMS
-CVE-2012-0986 (Multiple cross-site scripting (XSS) vulnerabilities in ImpressCMS ...)
+CVE-2012-0986
 	NOT-FOR-US: ImpressCMS
-CVE-2012-0985 (Multiple buffer overflows in the Wireless Manager ActiveX control ...)
+CVE-2012-0985
 	NOT-FOR-US: Sony VAIO wireless LAN management ActiveX
-CVE-2012-0984 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before ...)
+CVE-2012-0984
 	NOT-FOR-US: Xoops
-CVE-2012-0983 (SQL injection vulnerability in Scriptsez.net Ez Album allows remote ...)
+CVE-2012-0983
 	NOT-FOR-US: Ez Album
-CVE-2012-0982 (SQL injection vulnerability in search.php in Vastal I-Tech Agent Zone ...)
+CVE-2012-0982
 	NOT-FOR-US: Vastal I-Tech Agent Zone
-CVE-2012-0981 (Directory traversal vulnerability in phpShowtime 2.0 allows remote ...)
+CVE-2012-0981
 	NOT-FOR-US: phpShowtime
-CVE-2012-0980 (SQL injection vulnerability in download.php in phux Download Manager ...)
+CVE-2012-0980
 	NOT-FOR-US: phux.org Download Manager
-CVE-2012-0979 (Cross-site scripting (XSS) vulnerability in TWiki allows remote ...)
+CVE-2012-0979
 	- twiki <removed>
-CVE-2012-0978 (Stack-based buffer overflow in npjp2.dll in LuraWave JP2 Browser ...)
+CVE-2012-0978
 	NOT-FOR-US: LuraWave JP2 Browser Plug-In
-CVE-2012-0977 (Stack-based buffer overflow in jp2_x.dll in LuraWave JP2 ActiveX ...)
+CVE-2012-0977
 	NOT-FOR-US: LuraWave JP2 ActiveX Control
-CVE-2012-0976 (Cross-site scripting (XSS) vulnerability in admin/EditForm in ...)
+CVE-2012-0976
 	- silverstripe <itp> (bug #528461)
-CVE-2012-0975 (Cross-site scripting (XSS) vulnerability in misc.php in Image Hosting ...)
+CVE-2012-0975
 	NOT-FOR-US: Image Hosting Script DPI
-CVE-2012-0974 (Multiple cross-site scripting (XSS) vulnerabilities in the getParam ...)
+CVE-2012-0974
 	NOT-FOR-US: OSClass
-CVE-2012-0973 (Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow ...)
+CVE-2012-0973
 	NOT-FOR-US: OSClass
 CVE-2012-0972
 	REJECTED
@@ -14203,29 +14203,29 @@ CVE-2012-0964
 	REJECTED
 CVE-2012-0963
 	REJECTED
-CVE-2012-0962 (Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when ...)
+CVE-2012-0962
 	- aptdaemon 0.45-2 (low)
 	[squeeze] - aptdaemon <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/software-center-agent/+bug/1052789
-CVE-2012-0961 (Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, ...)
+CVE-2012-0961
 	- apt 0.9.7.7 (bug #695832)
 	[squeeze] - apt <not-affected> (Logged as 0600 in Squeeze)
-CVE-2012-0960 (Unity integration extension (unity-firefox-extension) before 2.4.1 for ...)
+CVE-2012-0960
 	NOT-FOR-US: Ubuntu Unity extension
-CVE-2012-0959 (Remote Login Service (RLS) 1.0.0 does not properly clear account ...)
+CVE-2012-0959
 	NOT-FOR-US: Ubuntu remote login service
-CVE-2012-0958 (content/unity-api.js in the unity-firefox-extension extension 2.4.1 ...)
+CVE-2012-0958
 	NOT-FOR-US: Firefox unity-firefox extension
-CVE-2012-0957 (The override_release function in kernel/sys.c in the Linux kernel ...)
+CVE-2012-0957
 	- linux 3.2.32-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: https://lkml.org/lkml/2012/10/9/550
-CVE-2012-0956 (ubiquity-slideshow-ubuntu before 58.2, during installation, allows ...)
+CVE-2012-0956
 	NOT-FOR-US: ubiquity-slideshow-ubuntu
 CVE-2012-0955
 	RESERVED
-CVE-2012-0954 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the ...)
+CVE-2012-0954
 	- apt 0.7.25 (unimportant)
 	NOTE: net-update is not enabled by default in Debian
 CVE-2012-0953
@@ -14234,125 +14234,125 @@ CVE-2012-0952
 	RESERVED
 CVE-2012-0951
 	RESERVED
-CVE-2012-0950 (The Apport hook (DistUpgradeApport.py) in Update Manager, as used by ...)
+CVE-2012-0950
 	- update-manager <not-affected> (Ubuntu-specific)
-CVE-2012-0949 (The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, ...)
+CVE-2012-0949
 	- update-manager <not-affected> (Ubuntu-specific)
-CVE-2012-0948 (DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu ...)
+CVE-2012-0948
 	- update-manager <not-affected> (Ubuntu-specific)
-CVE-2012-0947 (Heap-based buffer overflow in the vqa_decode_chunk function in the VQA ...)
+CVE-2012-0947
 	{DSA-2471-1}
 	- libav 6:0.8.2-1
 	- ffmpeg 7:2.4.1-1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
-CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to access ...)
+CVE-2012-0946
 	- nvidia-graphics-drivers 295.40-1
 	[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
 CVE-2012-0945
 	RESERVED
-CVE-2012-0944 (Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does ...)
+CVE-2012-0944
 	- aptdaemon 0.43+bzr790-1
 	[squeeze] - aptdaemon <not-affected> (Vulnerable code not present)
-CVE-2012-0943 (debian/guest-account in Light Display Manager (lightdm) 1.0.x before ...)
+CVE-2012-0943
 	- lightdm <not-affected> (Ubuntu-specific script)
-CVE-2012-0942 (Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix ...)
+CVE-2012-0942
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-0941 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet ...)
+CVE-2012-0941
 	NOT-FOR-US: Fortinet
 CVE-2012-0940
 	RESERVED
-CVE-2012-0939 (Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier ...)
+CVE-2012-0939
 	NOT-FOR-US: TestLink
-CVE-2012-0938 (Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and ...)
+CVE-2012-0938
 	NOT-FOR-US: TestLink
-CVE-2012-0937 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
+CVE-2012-0937
 	- wordpress <unfixed> (unimportant)
-CVE-2012-0936 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-0936
 	- opennms <itp> (bug #450615)
-CVE-2012-0935 (SQL injection vulnerability in Default.aspx in Aryadad CMS allows ...)
+CVE-2012-0935
 	NOT-FOR-US: Aryadad CMS
-CVE-2012-0934 (PHP remote file inclusion vulnerability in ajax/savetag.php in the ...)
+CVE-2012-0934
 	NOT-FOR-US: Wordpress plug-in
-CVE-2012-0933 (Multiple cross-site scripting (XSS) vulnerabilities in Acidcat CMS ...)
+CVE-2012-0933
 	NOT-FOR-US: Acidcat CMS
-CVE-2012-0932 (Cross-site scripting (XSS) vulnerability in admin/login.php in Lead ...)
+CVE-2012-0932
 	NOT-FOR-US: Lead Capture Page System
-CVE-2012-0931 (Schneider Electric Modicon Quantum PLC does not perform authentication ...)
+CVE-2012-0931
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
-CVE-2012-0930 (Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon ...)
+CVE-2012-0930
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
-CVE-2012-0929 (Multiple buffer overflows in Schneider Electric Modicon Quantum PLC ...)
+CVE-2012-0929
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
-CVE-2012-0928 (The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through ...)
+CVE-2012-0928
 	NOT-FOR-US: RealPlayer
-CVE-2012-0927 (Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and ...)
+CVE-2012-0927
 	NOT-FOR-US: RealPlayer
-CVE-2012-0926 (The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before ...)
+CVE-2012-0926
 	NOT-FOR-US: RealPlayer
-CVE-2012-0925 (Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer ...)
+CVE-2012-0925
 	NOT-FOR-US: RealPlayer
-CVE-2012-0924 (RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and ...)
+CVE-2012-0924
 	NOT-FOR-US: RealPlayer
-CVE-2012-0923 (The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before ...)
+CVE-2012-0923
 	NOT-FOR-US: RealPlayer
-CVE-2012-0922 (rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before ...)
+CVE-2012-0922
 	NOT-FOR-US: RealPlayer
 CVE-2012-0921
 	RESERVED
-CVE-2012-0920 (Use-after-free vulnerability in Dropbear SSH Server 0.52 through ...)
+CVE-2012-0920
 	{DSA-2456-1}
 	- dropbear 2012.55-1 (low; bug #661150)
 	NOTE: this is limited to authenticated users with enforced command restrictions
-CVE-2012-0919 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations ...)
+CVE-2012-0919
 	NOT-FOR-US: Hitachi IT Operations Director
-CVE-2012-0918 (Unspecified vulnerability in Hitachi COBOL2002 Net Developer, Net ...)
+CVE-2012-0918
 	NOT-FOR-US: Hitachi
-CVE-2012-0917 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations ...)
+CVE-2012-0917
 	NOT-FOR-US: Hitachi IT Operations Analyzer
-CVE-2012-0916 (Heap-based buffer overflow in RenRen Talk 2.9 allows remote attackers ...)
+CVE-2012-0916
 	NOT-FOR-US: RenRen Talk
-CVE-2012-0915 (Integer signedness error in RenRen Talk 2.9 allows remote attackers to ...)
+CVE-2012-0915
 	NOT-FOR-US: RenRen Talk
-CVE-2012-0914 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-0914
 	NOT-FOR-US: admin view in the Panels module for Drupal
-CVE-2012-0913 (SQL injection vulnerability in checklogin.aspx in ICloudCenter ...)
+CVE-2012-0913
 	NOT-FOR-US: ICloudCenter ICTimeAttendance
-CVE-2012-0912 (SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 ...)
+CVE-2012-0912
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-0911 (TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote ...)
+CVE-2012-0911
 	- tikiwiki <removed>
 	NOTE: http://seclists.org/bugtraq/2012/Jul/19
 CVE-2012-0910
 	RESERVED
-CVE-2012-0909 (Cross-site scripting (XSS) vulnerability in Horde_Form in Horde ...)
+CVE-2012-0909
 	- horde3 3.3.12+debian0-2.2 (low)
 	[squeeze] - horde3 <no-dsa> (Minor issue)
-CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis NeoAxis ...)
+CVE-2012-0907
 	NOT-FOR-US: NeoAxis NeoAxis web player
-CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for deV!L'z ...)
+CVE-2012-0906
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2012-0905 (SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase ...)
+CVE-2012-0905
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2012-0904 (VLC media player 1.1.11 allows remote attackers to cause a denial of ...)
+CVE-2012-0904
 	- vlc <not-affected> (not reproducible, no public fix from the vlc team either)
-CVE-2012-0903 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop ...)
+CVE-2012-0903
 	NOT-FOR-US: Zimbra Desktop
-CVE-2012-0902 (AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of ...)
+CVE-2012-0902
 	NOT-FOR-US: AirTies Air
-CVE-2012-0901 (Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo ...)
+CVE-2012-0901
 	NOT-FOR-US: YouSayToo auto-publishing plugin for WordPress
-CVE-2012-0900 (Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum ...)
+CVE-2012-0900
 	NOT-FOR-US: Beehive Forum
-CVE-2012-0899 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-0899
 	NOT-FOR-US: Annuaire PHP
-CVE-2012-0898 (Directory traversal vulnerability in meb_download.php in the ...)
+CVE-2012-0898
 	NOT-FOR-US: myEASYbackup plugin for WordPress
-CVE-2012-0897 (Stack-based buffer overflow in the JPEG2000 plugin in IrfanView ...)
+CVE-2012-0897
 	NOT-FOR-US: IrfanView PlugIns
-CVE-2012-0896 (Absolute path traversal vulnerability in download.php in the Count Per ...)
+CVE-2012-0896
 	NOT-FOR-US: Count Per Day module for WordPress
-CVE-2012-0895 (Cross-site scripting (XSS) vulnerability in map/map.php in the Count ...)
+CVE-2012-0895
 	NOT-FOR-US: Count Per Day module for WordPress
 CVE-2012-0894
 	RESERVED
@@ -14360,7 +14360,7 @@ CVE-2012-0893
 	RESERVED
 CVE-2012-0892
 	RESERVED
-CVE-2012-0891 (Multiple cross-site scripting (XSS) vulnerabilities in Puppet ...)
+CVE-2012-0891
 	NOT-FOR-US: puppet-dashboard
 CVE-2012-0890
 	RESERVED
@@ -14372,134 +14372,134 @@ CVE-2012-0887
 	RESERVED
 CVE-2012-0886
 	RESERVED
-CVE-2012-0908 (Cross-site scripting (XSS) vulnerability in logout.php in ...)
+CVE-2012-0908
 	{DSA-2387-1}
 	- simplesamlphp 1.8.2-1
 	NOTE: http://code.google.com/p/simplesamlphp/issues/detail?id=468
-CVE-2012-0884 (The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 ...)
+CVE-2012-0884
 	{DSA-2454-1}
 	- openssl 1.0.0h-1 (low)
 	NOTE: "If a Linux distribution picks up the fix for CVE-2012-0884 then they will want to pick up change 22161 at the same time" -- http://www.openwall.com/lists/oss-security/2012/03/23/12
-CVE-2012-0883 (envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 ...)
+CVE-2012-0883
 	- apache2 <not-affected> (LD_LIBRARY_PATH not set in debian package)
-CVE-2012-0882 (Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other ...)
+CVE-2012-0882
 	- mysql-5.5 5.5.22 (bug #675872)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: limited information about issue, only a video of exploit taking place
-CVE-2012-0881 (Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to ...)
+CVE-2012-0881
 	- libxerces2-java <unfixed> (unimportant)
 	NOTE: Negligible impact for Xerces
-CVE-2012-0880 (Apache Xerces-C++ allows remote attackers to cause a denial of service ...)
+CVE-2012-0880
 	- xerces-c <unfixed> (unimportant)
 	NOTE: Negligible impact for Xerces
-CVE-2012-0879 (The I/O implementation for block devices in the Linux kernel before ...)
+CVE-2012-0879
 	{DSA-2469-1}
 	- linux-2.6 2.6.33-1
-CVE-2012-0878 (Paste Script 1.7.5 and earlier does not properly set group memberships ...)
+CVE-2012-0878
 	- pastescript 1.7.5-2 (low; bug #661061)
 	[squeeze] - pastescript <no-dsa> (Minor issue)
 	NOTE: https://groups.google.com/d/topic/paste-users/KqZRujMcJHE/discussion
 CVE-2012-0877 [hash table collisions CPU usage DoS]
 	RESERVED
 	- python-xml <removed>
-CVE-2012-0876 (The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values ...)
+CVE-2012-0876
 	{DSA-2525-1}
 	- expat 2.1.0~beta3-1 (bug #663579)
 	- xmlrpc-c 1.16.33-3.2 (low; bug #687672)
 	[squeeze] - xmlrpc-c <no-dsa> (Minor issue)
 	- python2.6 <not-affected> (configured with --with-system-expat since 2.6.6-4)
-CVE-2012-0875 (SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged ...)
+CVE-2012-0875
 	- systemtap 1.7-1 (low; bug #660929; bug #660886)
 	[squeeze] - systemtap <not-affected> (Vulnerable code not present)
 	[lenny] - systemtap <not-affected> (Vulnerable code not present)
-CVE-2012-0874 (The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker ...)
+CVE-2012-0874
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-0873 (Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin ...)
+CVE-2012-0873
 	NOT-FOR-US: Boonex Dolphin
-CVE-2012-0872 (Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 ...)
+CVE-2012-0872
 	NOT-FOR-US: OxWall
-CVE-2012-0871 (The session_link_x11_socket function in login/logind-session.c in ...)
+CVE-2012-0871
 	- systemd 43-1
-CVE-2012-0870 (Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used ...)
+CVE-2012-0870
 	- samba 2:3.4.0~pre1-1
 	[lenny] - samba <not-affected> (pre-release issue)
 	[squeeze] - samba <not-affected> (pre-release issue)
-CVE-2012-0868 (CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before ...)
+CVE-2012-0868
 	{DSA-2418-1}
 	- postgresql-9.1 9.1.3-1
 	- postgresql-8.4 8.4.11-1
-CVE-2012-0867 (PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before ...)
+CVE-2012-0867
 	{DSA-2418-1}
 	- postgresql-9.1 9.1.3-1
 	- postgresql-8.4 8.4.11-1
-CVE-2012-0866 (CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, ...)
+CVE-2012-0866
 	{DSA-2418-1}
 	- postgresql-9.1 9.1.3-1
 	- postgresql-8.4 8.4.11-1
-CVE-2012-0865 (Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier ...)
+CVE-2012-0865
 	NOT-FOR-US: CubeCart
-CVE-2012-0864 (Integer overflow in the vfprintf function in stdio-common/vfprintf.c ...)
+CVE-2012-0864
 	- eglibc 2.13-31 (low; bug #660611)
 	[squeeze] - eglibc 2.11.3-4
-CVE-2012-0863 (Mumble 1.2.3 and earlier uses world-readable permissions for ...)
+CVE-2012-0863
 	{DSA-2411-1}
 	- mumble 1.2.3-3 (bug #659039)
-CVE-2012-0862 (builtins.c in Xinetd before 2.3.15 does not check the service type ...)
+CVE-2012-0862
 	- xinetd 1:2.3.14-7.1 (bug #672381)
 	[squeeze] - xinetd <no-dsa> (Minor issue)
-CVE-2012-0861 (The vds_installer in Red Hat Enterprise Virtualization Manager ...)
+CVE-2012-0861
 	NOT-FOR-US: Red Hat Enterprise Virtualisation
-CVE-2012-0860 (Multiple untrusted search path vulnerabilities in Red Hat Enterprise ...)
+CVE-2012-0860
 	NOT-FOR-US: Red Hat Enterprise Virtualisation
-CVE-2012-0859 (The render_line function in the vorbis codec (vorbis.c) in libavcodec ...)
+CVE-2012-0859
 	{DSA-2471-1}
 	- libav 6:0.8.3-1
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-0858 (The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before ...)
+CVE-2012-0858
 	{DSA-2624-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.2.1-1
 	[squeeze] - ffmpeg 4:0.5.9-1
-CVE-2012-0857 (Multiple buffer overflows in the get_qcx function in the J2K decoder ...)
+CVE-2012-0857
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0856 (Heap-based buffer overflow in the MPV_frame_start function in ...)
+CVE-2012-0856
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0855 (Heap-based buffer overflow in the get_sot function in the J2K decoder ...)
+CVE-2012-0855
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0854 (The dpcm_decode_frame function in libavcodec/dpcm.c in FFmpeg before ...)
+CVE-2012-0854
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0853 (The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in ...)
+CVE-2012-0853
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2012-0852 (The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg ...)
+CVE-2012-0852
 	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2012-0851 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in ...)
+CVE-2012-0851
 	{DSA-2494-1}
 	- libav 6:0.8.3-1
 	- ffmpeg 7:2.4.1-1
-CVE-2012-0850 (The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before ...)
+CVE-2012-0850
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0849 (Integer overflow in the ff_j2k_dwt_init function in ...)
+CVE-2012-0849
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0848 (Heap-based buffer overflow in the ws_snd_decode_frame function in ...)
+CVE-2012-0848
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Code in 0.5 not affected per upstream)
-CVE-2012-0847 (Heap-based buffer overflow in the avfilter_filter_samples function in ...)
+CVE-2012-0847
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0846 (Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar ...)
+CVE-2012-0846
 	- webcalendar <removed>
-CVE-2012-0845 (SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, ...)
+CVE-2012-0845
 	{DLA-25-1}
 	- python3.1 <removed> (low)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
@@ -14518,52 +14518,52 @@ CVE-2012-0843
 CVE-2012-0842 [surf info leak]
 	RESERVED
 	- surf 0.4.1-6 (bug #659296)
-CVE-2012-0841 (libxml2 before 2.8.0 computes hash values without restricting the ...)
+CVE-2012-0841
 	{DSA-2417-1}
 	- libxml2 2.7.8.dfsg-8 (bug #660846)
-CVE-2012-0840 (tables/apr_hash.c in the Apache Portable Runtime (APR) library through ...)
+CVE-2012-0840
 	- apr 1.4.6-1 (low; bug #655435)
 	[squeeze] - apr <no-dsa> (exploitability in httpd extremely limited, not known to be exploitable in svn)
 	NOTE: Commit http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD@eris.apache.org%3E seems to cause regressions
-CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without restricting the ...)
+CVE-2012-0839
 	- ocaml 4.00.0~beta2-1 (low; bug #659149)
 	[wheezy] - ocaml <no-dsa> (Minor issue)
 	[squeeze] - ocaml <no-dsa> (Minor issue)
-CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL ...)
+CVE-2012-0838
 	- libstruts1.2-java <not-affected> (struts 2 issue)
-CVE-2012-0837 (Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to ...)
+CVE-2012-0837
 	NOT-FOR-US: Joomla!
-CVE-2012-0836 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows ...)
+CVE-2012-0836
 	NOT-FOR-US: Joomla!
-CVE-2012-0835 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x ...)
+CVE-2012-0835
 	NOT-FOR-US: Joomla!
-CVE-2012-0834 (Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in ...)
+CVE-2012-0834
 	- phpldapadmin 1.2.2-1 (low; bug #658907)
 	[squeeze] - phpldapadmin <no-dsa> (Minor issue)
-CVE-2012-0833 (The acllas__handle_group_entry function in ...)
+CVE-2012-0833
 	- 389-ds-base <not-affected> (Fixed before initial upload)
 CVE-2012-0832
 	RESERVED
-CVE-2012-0831 (PHP before 5.3.10 does not properly perform a temporary change to the ...)
+CVE-2012-0831
 	{DSA-2408-1}
 	- php5 5.3.10-1
-CVE-2012-0830 (The php_register_variable_ex function in php_variables.c in PHP 5.3.9 ...)
+CVE-2012-0830
 	{DSA-2403-1}
 	- php5 5.3.10-1
 	NOTE: http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/
-CVE-2012-0829 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew ...)
+CVE-2012-0829
 	NOT-FOR-US: Mibew Messenger
 CVE-2012-0828
 	RESERVED
 	- xchat <not-affected> (Only affects Xchat on Windows and Maemo)
-CVE-2012-0827 (The File module in Drupal 7.x before 7.11, when using unspecified ...)
+CVE-2012-0827
 	- drupal7 7.11-1
 	- drupal6 <not-affected>
-CVE-2012-0826 (Cross-site request forgery (CSRF) vulnerability in the Aggregator ...)
+CVE-2012-0826
 	{DSA-2776-1}
 	- drupal7 7.11-1
 	- drupal6 6.26-1
-CVE-2012-0825 (Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that ...)
+CVE-2012-0825
 	{DSA-2776-1}
 	- drupal7 7.11-1
 	- drupal6 6.26-1
@@ -14571,42 +14571,42 @@ CVE-2012-0824
 	RESERVED
 	- gnusound <removed> (low; bug #654270)
 	[squeeze] - gnusound 0.7.5-3+squeeze1
-CVE-2012-0823 (VP8 Codec SDK (libvpx) before 1.0.0 &quot;Duclair&quot; allows remote attackers ...)
+CVE-2012-0823
 	- libvpx 1.0.0-1
 	[squeeze] - libvpx <not-affected> (Introduced in 0.9.7)
 	NOTE: http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html
-CVE-2012-0822 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x ...)
+CVE-2012-0822
 	NOT-FOR-US: Joomla!
-CVE-2012-0821 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 ...)
+CVE-2012-0821
 	NOT-FOR-US: Joomla!
-CVE-2012-0820 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x ...)
+CVE-2012-0820
 	NOT-FOR-US: Joomla!
-CVE-2012-0819 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 ...)
+CVE-2012-0819
 	NOT-FOR-US: Joomla!
-CVE-2012-0818 (RESTEasy before 2.3.1 allows remote attackers to read arbitrary files ...)
+CVE-2012-0818
 	NOT-FOR-US: RESTEasy framework for JBoss
-CVE-2012-0817 (Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote ...)
+CVE-2012-0817
 	- samba 2:3.6.3-1 (low)
 	- samba4 4.0.0~alpha18.dfsg1-1
 	[squeeze] - samba <not-affected> (Only affects 3.6.x)
 	[lenny] - samba <not-affected> (Only affects 3.6.x)
 CVE-2012-0816
 	RESERVED
-CVE-2012-0815 (The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 ...)
+CVE-2012-0815
 	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
-CVE-2012-0814 (The auth_parse_options function in auth-options.c in sshd in OpenSSH ...)
+CVE-2012-0814
 	- openssh 1:5.6p1-1 (low; bug #657445)
 	[squeeze] - openssh 1:5.5p1-6+squeeze2
-CVE-2012-0813 (Wicd before 1.7.1 saves sensitive information in log files in ...)
+CVE-2012-0813
 	- wicd 1.7.1~b3-4 (unimportant; bug #652417)
 	NOTE: Not a security issue per se, logfile only accessible by root:adm
 CVE-2012-0812 [PostfixAdmin 2.3.4 multiple XSS vulnerabilities]
 	RESERVED
 	- postfixadmin 2.3.5-1
 	NOTE: http://seclists.org/oss-sec/2012/q1/285
-CVE-2012-0811 (Multiple SQL injection vulnerabilities in Postfix Admin (aka ...)
+CVE-2012-0811
 	- postfixadmin 2.3.5-1
 	NOTE: http://seclists.org/oss-sec/2012/q1/285
 CVE-2012-0810
@@ -14614,77 +14614,77 @@ CVE-2012-0810
 	- linux-2.6 3.2.16-1 (bug #672660)
 	[squeeze] - linux-2.6 <not-affected> (rt patchset not yet present)
 	NOTE: Ben Hutchings said it was fixed in 3.2.9-1, I checked it for 3.2.16-1
-CVE-2012-0809 (Format string vulnerability in the sudo_debug function in Sudo 1.8.0 ...)
+CVE-2012-0809
 	- sudo 1.8.3p2-1 (bug #657985)
 	[squeeze] - sudo <not-affected> (Vulnerable code not present)
 	[lenny] - sudo <not-affected> (Vulnerable code not present)
-CVE-2012-0808 (as31 2.3.1-4 does not seed the random number generator and generates ...)
+CVE-2012-0808
 	- as31 2.3.1-5 (bug #655496)
 	[squeeze] - as31 <no-dsa> (The maintainer consider it a minor issue. Check comments in the bug report)
-CVE-2012-0807 (Stack-based buffer overflow in the suhosin_encrypt_single_cookie ...)
+CVE-2012-0807
 	- php-suhosin 0.9.33-1 (low; bug #657190)
 	[squeeze] - php-suhosin <no-dsa> (Exploitable in rare setups)
 	NOTE: https://github.com/stefanesser/suhosin/commit/73b1968ee30f6d9d2dae497544b910e68e114bfa
-CVE-2012-0806 (Buffer overflow in Bip 0.8.8 and earlier might allow remote ...)
+CVE-2012-0806
 	{DSA-2393-1}
 	- bip 0.8.8-2 (bug #657217)
 	[lenny] - bip <not-affected> (Maintainer reports vulnerable code not present)
-CVE-2012-0805 (Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, ...)
+CVE-2012-0805
 	{DSA-2449-1}
 	- sqlalchemy 0.6.7-1
-CVE-2012-0804 (Heap-based buffer overflow in the proxy_connect function in ...)
+CVE-2012-0804
 	{DSA-2407-1}
 	- cvs 2:1.12.13+real-7
-CVE-2012-0803 (The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows ...)
+CVE-2012-0803
 	NOT-FOR-US: Apache CXF
-CVE-2012-0802 (Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote ...)
+CVE-2012-0802
 	NOT-FOR-US: spamdyke
-CVE-2012-0801 (lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 ...)
+CVE-2012-0801
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0800 (The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, ...)
+CVE-2012-0800
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0799 (Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous ...)
+CVE-2012-0799
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0798 (The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and ...)
+CVE-2012-0798
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0797 (The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x ...)
+CVE-2012-0797
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0796 (class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x ...)
+CVE-2012-0796
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0795 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, ...)
+CVE-2012-0795
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0794 (The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before ...)
+CVE-2012-0794
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0793 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, ...)
+CVE-2012-0793
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0792 (mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote ...)
+CVE-2012-0792
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0791 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP ...)
+CVE-2012-0791
 	{DSA-2485-1}
 	- imp4 4.3.10+debian0-1.1 (bug #659392)
-CVE-2012-0790 (Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping ...)
+CVE-2012-0790
 	{DSA-2651-1}
 	- smokeping 2.6.8-2 (bug #659899)
-CVE-2012-0789 (Memory leak in the timezone functionality in PHP before 5.3.9 allows ...)
+CVE-2012-0789
 	- php5 5.3.9-1 (low)
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
-CVE-2012-0788 (The PDORow implementation in PHP before 5.3.9 does not properly ...)
+CVE-2012-0788
 	{DSA-2408-1}
 	- php5 5.3.9-1
-CVE-2012-0787 (The clone_file function in transfer.c in Augeas before 1.0.0, when ...)
+CVE-2012-0787
 	{DLA-28-1}
 	- augeas 1.0.0-1 (low; bug #731132)
 	[wheezy] - augeas <no-dsa> (Minor issue)
-CVE-2012-0786 (The transform_save function in transform.c in Augeas before 1.0.0 ...)
+CVE-2012-0786
 	{DLA-28-1}
 	- augeas 1.0.0-1 (low; bug #731132)
 	[wheezy] - augeas <no-dsa> (Minor issue)
-CVE-2012-0885 (chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x ...)
+CVE-2012-0885
 	- asterisk 1:1.8.8.2~dfsg-1 (bug #656596)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
@@ -14693,666 +14693,666 @@ CVE-2012-0784
 	RESERVED
 CVE-2012-0783
 	RESERVED
-CVE-2012-0782 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2012-0782
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
-CVE-2012-0781 (The tidy_diagnose function in PHP 5.3.8 might allow remote attackers ...)
+CVE-2012-0781
 	{DSA-2408-1}
 	- php5 5.3.9-1 (low)
-CVE-2012-0780 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
+CVE-2012-0780
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-0779 (Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on ...)
+CVE-2012-0779
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0778 (Buffer overflow in Adobe Flash Professional before CS6 allows ...)
+CVE-2012-0778
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0777 (The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and ...)
+CVE-2012-0777
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0776 (The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 ...)
+CVE-2012-0776
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0775 (The JavaScript implementation in Adobe Reader and Acrobat 9.x before ...)
+CVE-2012-0775
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0774 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x ...)
+CVE-2012-0774
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0773 (The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x ...)
+CVE-2012-0773
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0772 (An unspecified ActiveX control in Adobe Flash Player before ...)
+CVE-2012-0772
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0771 (Adobe Shockwave Player before 11.6.4.634 allows attackers to execute ...)
+CVE-2012-0771
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0770 (Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for ...)
+CVE-2012-0770
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-0769 (Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on ...)
+CVE-2012-0769
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0768 (The Matrix3D component in Adobe Flash Player before 10.3.183.16 and ...)
+CVE-2012-0768
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0767 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2012-0767
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0766 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+CVE-2012-0766
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0765 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp ...)
+CVE-2012-0765
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0764 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+CVE-2012-0764
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0763 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+CVE-2012-0763
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0762 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+CVE-2012-0762
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0761 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+CVE-2012-0761
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0760 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+CVE-2012-0760
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0759 (Adobe Shockwave Player before 11.6.4.634 allows attackers to execute ...)
+CVE-2012-0759
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0758 (Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 ...)
+CVE-2012-0758
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0757 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+CVE-2012-0757
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0756 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on ...)
+CVE-2012-0756
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0755 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on ...)
+CVE-2012-0755
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0754 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on ...)
+CVE-2012-0754
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0753 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on ...)
+CVE-2012-0753
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0752 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on ...)
+CVE-2012-0752
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0751 (The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x ...)
+CVE-2012-0751
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-0750
 	RESERVED
 CVE-2012-0749
 	RESERVED
-CVE-2012-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-0748
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2012-0747 (SQL injection vulnerability in IBM Maximo Asset Management 6.2 through ...)
+CVE-2012-0747
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0746 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2012-0746
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0745 (The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 ...)
+CVE-2012-0745
 	NOT-FOR-US: IBM AIX
-CVE-2012-0744 (IBM Rational ClearQuest 7.1.x through 7.1.2.7 and 8.x through 8.0.0.3 ...)
+CVE-2012-0744
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-0743 (IBM Tivoli Directory Server (TDS) 6.3 and earlier allows remote ...)
+CVE-2012-0743
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2012-0742 (IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and ...)
+CVE-2012-0742
 	NOT-FOR-US: IBM Tivoli Event Pump
-CVE-2012-0741 (IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy ...)
+CVE-2012-0741
 	NOT-FOR-US: (IBM Security AppScan Enterprise
-CVE-2012-0740 (Cross-site scripting (XSS) vulnerability in the Web Admin Tool in IBM ...)
+CVE-2012-0740
 	NOT-FOR-US: IBM Tivoli Directory Server
 CVE-2012-0739
 	RESERVED
-CVE-2012-0738 (IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy ...)
+CVE-2012-0738
 	NOT-FOR-US: (IBM Security AppScan Enterprise
-CVE-2012-0737 (Cross-site scripting (XSS) vulnerability in IBM Rational AppScan ...)
+CVE-2012-0737
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0736 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
+CVE-2012-0736
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0735 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
+CVE-2012-0735
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0734 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
+CVE-2012-0734
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0733 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when ...)
+CVE-2012-0733
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0732 (The Enterprise Console client in IBM Rational AppScan Enterprise 5.x ...)
+CVE-2012-0732
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0731 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
+CVE-2012-0731
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0730 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM ...)
+CVE-2012-0730
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0729 (Unrestricted file upload vulnerability in IBM Rational AppScan ...)
+CVE-2012-0729
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0728 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 through ...)
+CVE-2012-0728
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0727 (SQL injection vulnerability in IBM Maximo Asset Management 7.5, as ...)
+CVE-2012-0727
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0726 (The default configuration of TLS in IBM Tivoli Directory Server (TDS) ...)
+CVE-2012-0726
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2012-0725 (Adobe Flash Player before 11.2.202.229 in Google Chrome before ...)
+CVE-2012-0725
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0724 (Adobe Flash Player before 11.2.202.229 in Google Chrome before ...)
+CVE-2012-0724
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0723 (The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, ...)
+CVE-2012-0723
 	NOT-FOR-US: IBM AIX, VIOS
 CVE-2012-0721
 	REJECTED
-CVE-2012-0720 (Cross-site scripting (XSS) vulnerability in the Integration Solution ...)
+CVE-2012-0720
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2012-0719 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint ...)
+CVE-2012-0719
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2012-0718
 	RESERVED
-CVE-2012-0717 (IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain ...)
+CVE-2012-0717
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-0716 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2012-0716
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-0715 (Cross-site scripting (XSS) vulnerability in the Gantt applet viewer in ...)
+CVE-2012-0715
 	NOT-FOR-US: IBM Tivoli Change and Configuration Management Database
-CVE-2012-0714 (Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset ...)
+CVE-2012-0714
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0713 (Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 ...)
+CVE-2012-0713
 	NOT-FOR-US: IBM DB2
-CVE-2012-0712 (The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 ...)
+CVE-2012-0712
 	NOT-FOR-US: IBM DB2
-CVE-2012-0711 (Integer signedness error in the db2dasrrm process in the DB2 ...)
+CVE-2012-0711
 	NOT-FOR-US: IBM DB2
-CVE-2012-0710 (IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 ...)
+CVE-2012-0710
 	NOT-FOR-US: IBM DB2
-CVE-2012-0709 (IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not ...)
+CVE-2012-0709
 	NOT-FOR-US: IBM DB2
-CVE-2012-0708 (Heap-based buffer overflow in the Ole API in the CQOle ActiveX control ...)
+CVE-2012-0708
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-0707 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Lombardi ...)
+CVE-2012-0707
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-0706 (IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 ...)
+CVE-2012-0706
 	NOT-FOR-US: IBM Scale Out network Attached Storage (SONAS)
-CVE-2012-0705 (InfoSphere Import Export Manager in InfoSphere Information Server ...)
+CVE-2012-0705
 	NOT-FOR-US: InfoSphere Information Server
 CVE-2012-0704
 	RESERVED
-CVE-2012-0703 (Open redirect vulnerability in Information Services Framework (ISF) in ...)
+CVE-2012-0703
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0702 (Information Services Framework (ISF) in IBM InfoSphere Information ...)
+CVE-2012-0702
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0701 (The client applications in the DataStage Administrator client in ...)
+CVE-2012-0701
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0700 (The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere ...)
+CVE-2012-0700
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0699 (Multiple cross-site request forgery (CSRF) vulnerabilities in Family ...)
+CVE-2012-0699
 	NOT-FOR-US: Family Connections CMS
-CVE-2012-0698 (tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a ...)
+CVE-2012-0698
 	{DSA-2576-1}
 	- trousers 0.3.9-1 (low; bug #692649)
-CVE-2012-0697 (HP StorageWorks P2000 G3 MSA array systems have a default account, ...)
+CVE-2012-0697
 	NOT-FOR-US: HP StorageWorks
-CVE-2012-0696 (Multiple cross-site scripting (XSS) vulnerabilities in the Executive ...)
+CVE-2012-0696
 	NOT-FOR-US: IBM Cognos
-CVE-2012-0695 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2012-0695
 	NOT-FOR-US: Google Chrome books
 CVE-2012-0694 [SugarCRM CE unserialize PHP code execution in multiple files]
 	RESERVED
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
 	NOTE: http://seclists.org/bugtraq/2012/Jun/165
-CVE-2012-0693 (** DISPUTED ** submitticket.php in WHMCompleteSolution (WHMCS) 5.03 ...)
+CVE-2012-0693
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2012-0692 (CA License (aka CA Licensing) before 1.90.03 allows local users to ...)
+CVE-2012-0692
 	NOT-FOR-US: CA License
-CVE-2012-0691 (CA License (aka CA Licensing) before 1.90.03 does not properly ...)
+CVE-2012-0691
 	NOT-FOR-US: CA License
-CVE-2012-0690 (TIBCO Spotfire Web Application, Web Player Application, Automation ...)
+CVE-2012-0690
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2012-0689 (The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ...)
+CVE-2012-0689
 	NOT-FOR-US: TIBCO ActiveMatrix
-CVE-2012-0688 (Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix ...)
+CVE-2012-0688
 	NOT-FOR-US: TIBCO ActiveMatrix
-CVE-2012-0687 (TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus ...)
+CVE-2012-0687
 	NOT-FOR-US: TIBCO ActiveMatrix
 CVE-2012-0686
 	RESERVED
-CVE-2012-0685 (Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote ...)
+CVE-2012-0685
 	NOT-FOR-US: XnView
-CVE-2012-0684 (Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote ...)
+CVE-2012-0684
 	NOT-FOR-US: XnView
-CVE-2012-0683 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-0683
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0682 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
+CVE-2012-0682
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0681 (Apple Remote Desktop before 3.6.1 does not recognize the &quot;Encrypt all ...)
+CVE-2012-0681
 	NOT-FOR-US: Apple Remote Desktop
-CVE-2012-0680 (Apple Safari before 6.0 does not properly handle the autocomplete ...)
+CVE-2012-0680
 	NOT-FOR-US: Apple Safari
-CVE-2012-0679 (Apple Safari before 6.0 allows remote attackers to read arbitrary ...)
+CVE-2012-0679
 	NOT-FOR-US: Apple Safari
-CVE-2012-0678 (Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 ...)
+CVE-2012-0678
 	NOT-FOR-US: Apple Safari
-CVE-2012-0677 (Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote ...)
+CVE-2012-0677
 	NOT-FOR-US: Apple iTunes
-CVE-2012-0676 (WebKit in Apple Safari before 5.1.7 does not properly track state ...)
+CVE-2012-0676
 	NOT-FOR-US: Apple Safari
-CVE-2012-0675 (Time Machine in Apple Mac OS X before 10.7.4 does not require ...)
+CVE-2012-0675
 	NOT-FOR-US: Time Machine
-CVE-2012-0674 (Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the ...)
+CVE-2012-0674
 	NOT-FOR-US: Apple Safari
 CVE-2012-0673
 	RESERVED
-CVE-2012-0672 (WebKit in Apple iOS before 5.1.1 allows remote attackers to execute ...)
+CVE-2012-0672
 	NOTE: http://dl.packetstormsecurity.net/1205-advisories/APPLE-SA-2012-05-09-2.txt
-CVE-2012-0671 (Apple QuickTime before 7.7.2 allows remote attackers to execute ...)
+CVE-2012-0671
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0670 (Integer overflow in Apple QuickTime before 7.7.2 allows remote ...)
+CVE-2012-0670
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0669 (Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows ...)
+CVE-2012-0669
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0668 (Buffer overflow in Apple QuickTime before 7.7.2 allows remote ...)
+CVE-2012-0668
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0667 (Integer signedness error in Apple QuickTime before 7.7.2 on Windows ...)
+CVE-2012-0667
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0666 (Stack-based buffer overflow in the plugin in Apple QuickTime before ...)
+CVE-2012-0666
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0665 (Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows ...)
+CVE-2012-0665
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0664 (Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows ...)
+CVE-2012-0664
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0663 (Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 ...)
+CVE-2012-0663
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0662 (Integer overflow in the Security Framework in Apple Mac OS X before ...)
+CVE-2012-0662
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0661 (Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x ...)
+CVE-2012-0661
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0660 (Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows ...)
+CVE-2012-0660
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0659 (Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows ...)
+CVE-2012-0659
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0658 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows ...)
+CVE-2012-0658
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0657 (Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS ...)
+CVE-2012-0657
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0656 (Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before ...)
+CVE-2012-0656
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0655 (libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict ...)
+CVE-2012-0655
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0654 (libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized ...)
+CVE-2012-0654
 	NOT-FOR-US: Apple Mac OS X
 CVE-2012-0653
 	RESERVED
-CVE-2012-0652 (Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or ...)
+CVE-2012-0652
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0651 (The directory server in Directory Service in Apple Mac OS X 10.6.8 ...)
+CVE-2012-0651
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0650 (Buffer overflow in the DirectoryService Proxy in DirectoryService in ...)
+CVE-2012-0650
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0649 (Race condition in the initialization routine in blued in Bluetooth in ...)
+CVE-2012-0649
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0648 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
+CVE-2012-0648
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0647 (WebKit in Apple Safari before 5.1.4 does not properly handle redirects ...)
+CVE-2012-0647
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0646 (Format string vulnerability in VPN in Apple iOS before 5.1 allows ...)
+CVE-2012-0646
 	NOT-FOR-US: VPN in Apple iOS
-CVE-2012-0645 (Siri in Apple iOS before 5.1 does not properly restrict the ability of ...)
+CVE-2012-0645
 	NOT-FOR-US: Siri
-CVE-2012-0644 (Race condition in the Passcode Lock feature in Apple iOS before 5.1 ...)
+CVE-2012-0644
 	NOT-FOR-US: Passcode Lock in Apple iOS
-CVE-2012-0643 (The kernel in Apple iOS before 5.1 does not properly handle debug ...)
+CVE-2012-0643
 	NOT-FOR-US: kernel in Apple iOS
-CVE-2012-0642 (Integer underflow in Apple iOS before 5.1 allows remote attackers to ...)
+CVE-2012-0642
 	NOT-FOR-US: Apple iOS
-CVE-2012-0641 (CFNetwork in Apple iOS before 5.1 does not properly construct request ...)
+CVE-2012-0641
 	NOT-FOR-US: Apple iOS
-CVE-2012-0640 (WebKit in Apple Safari before 5.1.4 does not properly implement &quot;From ...)
+CVE-2012-0640
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0639 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
+CVE-2012-0639
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0638 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
+CVE-2012-0638
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0637 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
+CVE-2012-0637
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0636 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
+CVE-2012-0636
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0635 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0635
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0634 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
+CVE-2012-0634
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0633 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0633
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0632 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0632
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0631 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0631
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0630 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0630
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0629 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0629
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0628 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0628
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0627 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0627
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0626 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0626
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0625 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0625
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0624 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0624
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0623 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0623
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0622 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0622
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0621 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0621
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0620 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0620
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0619 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0619
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0618 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0618
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0617 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0617
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0616 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0616
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0615 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0615
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0614 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0614
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0613 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0613
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0612 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0612
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0611 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0611
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0610 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0610
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0609 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0609
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0608 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0608
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0607 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0607
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0606 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0606
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0605 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0605
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0604 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0604
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0603 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0603
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0602 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0602
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0601 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0601
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0600 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0600
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0599 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0599
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0598 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0598
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0597 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0597
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0596 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0596
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0595 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0595
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0594 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0594
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0593 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0593
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0592 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0592
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0591 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+CVE-2012-0591
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0590 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
+CVE-2012-0590
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0589 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
+CVE-2012-0589
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0588 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
+CVE-2012-0588
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0587 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
+CVE-2012-0587
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0586 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
+CVE-2012-0586
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0585 (The Private Browsing feature in Safari in Apple iOS before 5.1 allows ...)
+CVE-2012-0585
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0584 (The Internationalized Domain Name (IDN) feature in Apple Safari before ...)
+CVE-2012-0584
 	NOT-FOR-US: Apple Safari
-CVE-2012-0583 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0583
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-0582 (Unspecified vulnerability in the Siebel Clinical component in Oracle ...)
+CVE-2012-0582
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-0581 (Unspecified vulnerability in the Oracle Agile component in Oracle ...)
+CVE-2012-0581
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0580 (Unspecified vulnerability in the Oracle Agile PLM for Process ...)
+CVE-2012-0580
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0579 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0579
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0578 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2012-0578
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-0577 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0577
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0576 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-0576
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0575 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0575
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0574 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2012-0574
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-0573 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0573
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0572 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2012-0572
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-0571 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0571
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0570 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2012-0570
 	NOT-FOR-US: Solaris
-CVE-2012-0569 (Unspecified vulnerability Oracle Sun Solaris 10 allows local users to ...)
+CVE-2012-0569
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-0568 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
+CVE-2012-0568
 	NOT-FOR-US: Solaris
-CVE-2012-0567 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0567
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0566 (Unspecified vulnerability in the Oracle Agile component in Oracle ...)
+CVE-2012-0566
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0565 (Unspecified vulnerability in the Oracle Agile component in Oracle ...)
+CVE-2012-0565
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0564 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-0564
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0563 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local ...)
+CVE-2012-0563
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0562 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2012-0562
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0561 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-0561
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0560 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-0560
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0559 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...)
+CVE-2012-0559
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0558 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2012-0558
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2012-0557 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-0557
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0556 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-0556
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0555 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-0555
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0554 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-0554
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0553 (Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and ...)
+CVE-2012-0553
 	{DSA-2780-1}
 	- mysql-5.1 <removed> (bug #712059)
 	- mysql-5.5 5.5.28+dfsg-1
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: https://blogs.oracle.com/sunsecurity/entry/cve_2012_0553_buffer_overflow
-CVE-2012-0552 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+CVE-2012-0552
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0551 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+CVE-2012-0551
 	- glassfish <not-affected> (Debian only builds some core libs, not the full application stack)
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
-CVE-2012-0550 (Unspecified vulnerability in the GlassFish Enterprise Server component ...)
+CVE-2012-0550
 	- glassfish <not-affected> (Debian only builds some core libs, not the full application stack)
-CVE-2012-0549 (Unspecified vulnerability in the Oracle AutoVue Office component in ...)
+CVE-2012-0549
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0548 (Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers ...)
+CVE-2012-0548
 	NOT-FOR-US: Oracle SPARC Enterprise M Series Servers XCP 1110
-CVE-2012-0547 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0547
 	- openjdk-7 7u3-2.1.2-1 (low)
 	- openjdk-6 6b24-1.11.4-1 (low)
-CVE-2012-0546 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0546
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0545 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0545
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0544 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2012-0544
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0543 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
+CVE-2012-0543
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0542 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2012-0542
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0541 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-0541
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0540 (Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier ...)
+CVE-2012-0540
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #682212)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-0539 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
+CVE-2012-0539
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-0538 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-0538
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0537 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-0537
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0536 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2012-0536
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0535 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-0535
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0534 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
+CVE-2012-0534
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0533 (Unspecified vulnerability in the PeopleSoft Enterprise FCSM component ...)
+CVE-2012-0533
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0532 (Unspecified vulnerability in the Identity Manager component in Oracle ...)
+CVE-2012-0532
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0531 (Unspecified vulnerability in the PeopleSoft Enterprise Portal ...)
+CVE-2012-0531
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0530 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...)
+CVE-2012-0530
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0529 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-0529
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0528 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-0528
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0527 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-0527
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0526 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-0526
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0525 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-0525
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0524 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-0524
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0523 (Unspecified vulnerability in the Oracle Grid Engine component in ...)
+CVE-2012-0523
 	- gridengine 6.2u5-7.1
 	[squeeze] - gridengine <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.securityfocus.com/bid/53132
 	NOTE: http://gridscheduler.sourceforge.net/security.html
-CVE-2012-0522 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2012-0522
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2012-0521
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0520 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-0520
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0519 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2012-0519
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0518 (Unspecified vulnerability in the Oracle Application Server Single ...)
+CVE-2012-0518
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0517 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2012-0517
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0516 (Unspecified vulnerability in the Oracle iPlanet Web Server component ...)
+CVE-2012-0516
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2012-0515 (Unspecified vulnerability in the Identity Manager Connector component ...)
+CVE-2012-0515
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0514 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
+CVE-2012-0514
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0513 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-0513
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0512 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2012-0512
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0511 (Unspecified vulnerability in the OCI component in Oracle Database ...)
+CVE-2012-0511
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0510 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2012-0510
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0509 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2012-0509
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0508 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2012-0508
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0507 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0507
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: Replacement for misused CVE-2011-3571.
-CVE-2012-0506 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0506
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0505 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0505
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
-CVE-2012-0504 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0504
 	- openjdk-6 <not-affected> (Only applies to the Windows-specific update tool)
 	- openjdk-7 <not-affected> (Only applies to the Windows-specific update tool)
 	- sun-java6 <not-affected> (Only applies to the Windows-specific update tool)
-CVE-2012-0503 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0503
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0502 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0502
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0501 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0501
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0500 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0500
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: OpenJDK browser plugin is a different code base.
-CVE-2012-0499 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0499
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: According to the Red Hat bug tracker, this vulnerability does not affect Iced Tea/OpenJDK.
-CVE-2012-0498 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0498
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: According to the Red Hat bug tracker, this vulnerability does not affect Iced Tea/OpenJDK.
-CVE-2012-0497 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2012-0497
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0496 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0496
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0495 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0495
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0494 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0494
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0493 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0493
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0492 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0492
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0491 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0491
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0490 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0490
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0489 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0489
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0488 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0488
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0487 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0487
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0486 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0486
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0485 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0485
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0484 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0484
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
 CVE-2012-0483
@@ -15363,7 +15363,7 @@ CVE-2012-0481
 	RESERVED
 CVE-2012-0480
 	RESERVED
-CVE-2012-0479 (Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, ...)
+CVE-2012-0479
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15371,14 +15371,14 @@ CVE-2012-0479 (Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4,
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0478 (The texImage2D implementation in the WebGL subsystem in Mozilla ...)
+CVE-2012-0478
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0477 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
+CVE-2012-0477
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15388,7 +15388,7 @@ CVE-2012-0477 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Fi
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0476
 	RESERVED
-CVE-2012-0475 (Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and ...)
+CVE-2012-0475
 	- icedove 10.0.4-1
 	[wheezy] - icedove <no-dsa> (Minor issue, also not fixed in ESV branch)
 	[squeeze] - icedove <no-dsa> (Minor issue, also not fixed in ESV branch)
@@ -15399,25 +15399,25 @@ CVE-2012-0475 (Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, a
 	[squeeze] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	[wheezy] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	NOTE: Fixed in Thunderbird 12 and Seamonkey 2.9
-CVE-2012-0474 (Cross-site scripting (XSS) vulnerability in the docshell ...)
+CVE-2012-0474
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0473 (The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x ...)
+CVE-2012-0473
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0472 (The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, ...)
+CVE-2012-0472
 	- icedove <not-affected> (Windows-specific)
 	- iceweasel <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2012-0471 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x ...)
+CVE-2012-0471
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15425,7 +15425,7 @@ CVE-2012-0471 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x .
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0470 (Heap-based buffer overflow in the ...)
+CVE-2012-0470
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15433,18 +15433,18 @@ CVE-2012-0470 (Heap-based buffer overflow in the ...)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0469 (Use-after-free vulnerability in the ...)
+CVE-2012-0469
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0468 (The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird ...)
+CVE-2012-0468
 	- icedove <not-affected> (Only affects Firefox 11 and above)
 	- iceweasel <not-affected> (Only affects Firefox 11 and above)
 	- iceape <not-affected> (Only affects Firefox 11 and above)
-CVE-2012-0467 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-0467
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15452,90 +15452,90 @@ CVE-2012-0467 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0466 (template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before ...)
+CVE-2012-0466
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0465 (Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, ...)
+CVE-2012-0465
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0464 (Use-after-free vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2012-0464
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0463 (The nsWindow implementation in the browser engine in Mozilla Firefox ...)
+CVE-2012-0463
 	- iceweasel <not-affected> (Only affects Firefox Mobile on Android)
-CVE-2012-0462 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-0462
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0461 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-0461
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0460 (Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, ...)
+CVE-2012-0460
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0459 (The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x ...)
+CVE-2012-0459
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0458 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x ...)
+CVE-2012-0458
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0457 (Use-after-free vulnerability in the ...)
+CVE-2012-0457
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0456 (The SVG Filters implementation in Mozilla Firefox before 3.6.28 and ...)
+CVE-2012-0456
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0455 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x ...)
+CVE-2012-0455
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0454 (Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, ...)
+CVE-2012-0454
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
-CVE-2012-0453 (Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in ...)
+CVE-2012-0453
 	- bugzilla <removed>
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0452 (Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, ...)
+CVE-2012-0452
 	- icedove <not-affected> (Introduced in Thunderbird 10)
 	- iceweasel 10.0.1-1
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Vulnerable version never uploaded to the archive)
-CVE-2012-0451 (CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, ...)
+CVE-2012-0451
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (CSP introduced in Thunderbird 3.3)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (CSP introduced in Firefox 4)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (CSP introduced in Seamonkey 2.1)
-CVE-2012-0450 (Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and ...)
+CVE-2012-0450
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15543,7 +15543,7 @@ CVE-2012-0450 (Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0449 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before ...)
+CVE-2012-0449
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove 10.0.3-1
 	[lenny] - icedove <end-of-life>
@@ -15553,11 +15553,11 @@ CVE-2012-0449 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird be
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2012-0448 (Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, ...)
+CVE-2012-0448
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0447 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and ...)
+CVE-2012-0447
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15565,7 +15565,7 @@ CVE-2012-0447 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0446 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
+CVE-2012-0446
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15573,7 +15573,7 @@ CVE-2012-0446 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Fi
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0445 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and ...)
+CVE-2012-0445
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15581,7 +15581,7 @@ CVE-2012-0445 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0444 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before ...)
+CVE-2012-0444
 	{DSA-2412-1 DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -15593,13 +15593,13 @@ CVE-2012-0444 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird be
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2012-0443 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-0443
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0442 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2012-0442
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove 10.0.3-1
 	[lenny] - icedove <end-of-life>
@@ -15609,14 +15609,14 @@ CVE-2012-0442 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2012-0441 (The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security ...)
+CVE-2012-0441
 	{DSA-2490-1}
 	- nss 3.13.4-1
-CVE-2012-0440 (Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in ...)
+CVE-2012-0440
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0439 (An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 ...)
+CVE-2012-0439
 	NOT-FOR-US: GroupWise
 CVE-2012-0438
 	RESERVED
@@ -15624,27 +15624,27 @@ CVE-2012-0437
 	RESERVED
 CVE-2012-0436
 	RESERVED
-CVE-2012-0435 (SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify ...)
+CVE-2012-0435
 	NOT-FOR-US: YAST
-CVE-2012-0434 (The server in Crowbar, as used in SUSE Cloud 1.0, uses weak ...)
+CVE-2012-0434
 	NOT-FOR-US: Crowbar
-CVE-2012-0433 (The install-chef-suse.sh script shipped with crowbar before 2012-10-02 ...)
+CVE-2012-0433
 	NOT-FOR-US: crowbar
-CVE-2012-0432 (Stack-based buffer overflow in the Novell NCP implementation in NetIQ ...)
+CVE-2012-0432
 	NOT-FOR-US: NetIQ eDirectory
 CVE-2012-0431
 	RESERVED
-CVE-2012-0430 (Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 ...)
+CVE-2012-0430
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0429 (dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before ...)
+CVE-2012-0429
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0428 (Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x ...)
+CVE-2012-0428
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0427 (yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before ...)
+CVE-2012-0427
 	NOT-FOR-US: inst-source-utils
-CVE-2012-0426 (Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in ...)
+CVE-2012-0426
 	NOT-FOR-US: SUSE Linux Enterprise for SAP Applications
-CVE-2012-0425 (LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE ...)
+CVE-2012-0425
 	NOT-FOR-US: SUSE YaST
 CVE-2012-0424
 	RESERVED
@@ -15652,98 +15652,98 @@ CVE-2012-0423
 	RESERVED
 CVE-2012-0422
 	RESERVED
-CVE-2012-0421 (The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager ...)
+CVE-2012-0421
 	NOT-FOR-US: SUSE Audit Log Keeper daemon
-CVE-2012-0420 (zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before ...)
+CVE-2012-0420
 	NOT-FOR-US: SUSE Zypper
-CVE-2012-0419 (Directory traversal vulnerability in the agent HTTP interfaces in ...)
+CVE-2012-0419
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0418 (Unspecified vulnerability in the client in Novell GroupWise 8.0 before ...)
+CVE-2012-0418
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0417 (Integer overflow in GroupWise Internet Agent (GWIA) in Novell ...)
+CVE-2012-0417
 	NOT-FOR-US: Novell GroupWise
 CVE-2012-0416
 	RESERVED
 CVE-2012-0415
 	RESERVED
-CVE-2012-0414 (Cross-site scripting (XSS) vulnerability in the Spacewalk service in ...)
+CVE-2012-0414
 	NOT-FOR-US: SuSE extension to Spacewalk
 CVE-2012-0413
 	RESERVED
 CVE-2012-0412
 	RESERVED
-CVE-2012-0411 (Unspecified vulnerability in Novell iPrint Client before 5.82 allows ...)
+CVE-2012-0411
 	NOT-FOR-US: Novell iPrint Client
-CVE-2012-0410 (Directory traversal vulnerability in WebAccess in Novell GroupWise ...)
+CVE-2012-0410
 	NOT-FOR-US: Groupwise
-CVE-2012-0409 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before ...)
+CVE-2012-0409
 	NOT-FOR-US: EMC
 CVE-2012-0408
 	REJECTED
-CVE-2012-0407 (Integer overflow in the DPA_Utilities library in EMC Data Protection ...)
+CVE-2012-0407
 	NOT-FOR-US: emc.com Data Protection Advisor
-CVE-2012-0406 (The DPA_Utilities.cProcessAuthenticationData function in EMC Data ...)
+CVE-2012-0406
 	NOT-FOR-US: emc.com Data Protection Advisor
 CVE-2012-0405
 	REJECTED
-CVE-2012-0404 (Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom ...)
+CVE-2012-0404
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2012-0403 (Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 ...)
+CVE-2012-0403
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0402 (EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded ...)
+CVE-2012-0402
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0401 (Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before ...)
+CVE-2012-0401
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0400 (EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the ...)
+CVE-2012-0400
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0399 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA ...)
+CVE-2012-0399
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0398 (EMC Documentum eRoom before 7.4.4 does not properly validate session ...)
+CVE-2012-0398
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2012-0397 (Buffer overflow in EMC RSA SecurID Software Token Converter before ...)
+CVE-2012-0397
 	NOT-FOR-US: EMC RSA SecurID Software Token Converter
-CVE-2012-0396 (EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly ...)
+CVE-2012-0396
 	NOT-FOR-US: EMC
-CVE-2012-0395 (Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before ...)
+CVE-2012-0395
 	NOT-FOR-US: EMC
-CVE-2012-0394 (** DISPUTED ** The DebuggingInterceptor component in Apache Struts ...)
+CVE-2012-0394
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0393 (The ParameterInterceptor component in Apache Struts before 2.3.1.1 ...)
+CVE-2012-0393
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0392 (The CookieInterceptor component in Apache Struts before 2.3.1.1 does ...)
+CVE-2012-0392
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0391 (The ExceptionDelegator component in Apache Struts before 2.2.3.1 ...)
+CVE-2012-0391
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0390 (The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain ...)
+CVE-2012-0390
 	- gnutls28 3.0.11-1
 	- gnutls26 <not-affected> (lacks DTLS support and is not affected)
-CVE-2012-0389 (Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in ...)
+CVE-2012-0389
 	NOT-FOR-US: MailEnable Professional
-CVE-2012-0388 (Memory leak in the H.323 inspection feature in the Zone-Based Firewall ...)
+CVE-2012-0388
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0387 (Memory leak in the HTTP Inspection Engine feature in the Zone-Based ...)
+CVE-2012-0387
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0386 (The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 ...)
+CVE-2012-0386
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0385 (The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 ...)
+CVE-2012-0385
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0384 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x ...)
+CVE-2012-0384
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0383 (Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 ...)
+CVE-2012-0383
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0382 (The Multicast Source Discovery Protocol (MSDP) implementation in Cisco ...)
+CVE-2012-0382
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0381 (The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 ...)
+CVE-2012-0381
 	NOT-FOR-US: Cisco IOS
 CVE-2012-0380
 	RESERVED
 CVE-2012-0379
 	RESERVED
-CVE-2012-0378 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2012-0378
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-0377
 	RESERVED
-CVE-2012-0376 (The voice-sipstack component in Cisco Unified Communications Manager ...)
+CVE-2012-0376
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2012-0375
 	RESERVED
@@ -15753,45 +15753,45 @@ CVE-2012-0373
 	RESERVED
 CVE-2012-0372
 	RESERVED
-CVE-2012-0371 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, ...)
+CVE-2012-0371
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0370 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, ...)
+CVE-2012-0370
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0369 (Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 ...)
+CVE-2012-0369
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0368 (The administrative management interface on Cisco Wireless LAN ...)
+CVE-2012-0368
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0367 (Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before ...)
+CVE-2012-0367
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2012-0366 (Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated ...)
+CVE-2012-0366
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2012-0365 (Directory traversal vulnerability in the Local TFTP file-upload ...)
+CVE-2012-0365
 	NOT-FOR-US: Cisco SRP 520 series devices
-CVE-2012-0364 (Cisco SRP 520 series devices with firmware before 1.1.26 and SRP ...)
+CVE-2012-0364
 	NOT-FOR-US: Cisco SRP devices
-CVE-2012-0363 (The web interface on Cisco SRP 520 series devices with firmware before ...)
+CVE-2012-0363
 	NOT-FOR-US: Cisco SRP devices
-CVE-2012-0362 (The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE ...)
+CVE-2012-0362
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0361 (The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 ...)
+CVE-2012-0361
 	NOT-FOR-US: Cisco
-CVE-2012-0360 (Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is ...)
+CVE-2012-0360
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0359 (The Cisco Cius with software before 9.2(1) SR2 allows remote attackers ...)
+CVE-2012-0359
 	NOT-FOR-US: Cisco Cius
-CVE-2012-0358 (Buffer overflow in the Cisco Port Forwarder ActiveX control in ...)
+CVE-2012-0358
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-0357
 	RESERVED
-CVE-2012-0356 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2012-0356
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0355 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+CVE-2012-0355
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0354 (The Threat Detection feature on Cisco Adaptive Security Appliances ...)
+CVE-2012-0354
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0353 (The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2012-0353
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0352 (Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series ...)
+CVE-2012-0352
 	NOT-FOR-US: Cisco NX-OS
 CVE-2012-0351
 	RESERVED
@@ -15815,277 +15815,277 @@ CVE-2012-0342
 	RESERVED
 CVE-2012-0341
 	RESERVED
-CVE-2012-0340 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2012-0340
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2012-0339 (Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also ...)
+CVE-2012-0339
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0338 (Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also ...)
+CVE-2012-0338
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0337 (SQL injection vulnerability in the web component in Cisco Unified ...)
+CVE-2012-0337
 	NOT-FOR-US: Cisco
 CVE-2012-0336
 	RESERVED
-CVE-2012-0335 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+CVE-2012-0335
 	NOT-FOR-US: Cisco
 CVE-2012-0334
 	RESERVED
-CVE-2012-0333 (Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and ...)
+CVE-2012-0333
 	NOT-FOR-US: Cisco
 CVE-2012-0332
 	RESERVED
-CVE-2012-0331 (Cisco TelePresence Video Communication Server with software before ...)
+CVE-2012-0331
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2012-0330 (Cisco TelePresence Video Communication Server with software before ...)
+CVE-2012-0330
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2012-0329 (Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows ...)
+CVE-2012-0329
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2012-0328 (Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to obtain ...)
+CVE-2012-0328
 	NOT-FOR-US: Janetter
-CVE-2012-0327 (Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 ...)
+CVE-2012-0327
 	- redmine 1.3.2+dfsg1-1
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	NOTE: http://jvn.jp/en/jp/JVN93406632/
 	NOTE: patch unclear: difficult to find the patch in 1.3.2 release
-CVE-2012-0326 (The twicca application 0.7.0 through 0.9.30 for Android does not ...)
+CVE-2012-0326
 	NOT-FOR-US: twicca application for Android
-CVE-2012-0325 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, ...)
+CVE-2012-0325
 	- jenkins 1.424.6+dfsg-1
-CVE-2012-0324 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, ...)
+CVE-2012-0324
 	- jenkins 1.424.6+dfsg-1
-CVE-2012-0323 (Cross-site scripting (XSS) vulnerability in the Autocomplete plugin ...)
+CVE-2012-0323
 	NOT-FOR-US: Autocomplete plugin for SquirrelMail
-CVE-2012-0322 (The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for ...)
+CVE-2012-0322
 	NOT-FOR-US: EStrongs ES File Explorer
-CVE-2012-0321 (Unspecified vulnerability in the device driver in Kingsoft Internet ...)
+CVE-2012-0321
 	NOT-FOR-US: Kingsoft Internet Security 2011
-CVE-2012-0320 (Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 ...)
+CVE-2012-0320
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0319 (The file-management system in Movable Type before 4.38, 5.0x before ...)
+CVE-2012-0319
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0318 (Multiple cross-site scripting (XSS) vulnerabilities in Movable Type ...)
+CVE-2012-0318
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0317 (Multiple cross-site request forgery (CSRF) vulnerabilities in Movable ...)
+CVE-2012-0317
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0316 (The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier ...)
+CVE-2012-0316
 	NOT-FOR-US: Cookpad
-CVE-2012-0315 (Untrusted search path vulnerability in ALFTP before 5.31 allows local ...)
+CVE-2012-0315
 	NOT-FOR-US: ALFTP
-CVE-2012-0314 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2012-0314
 	NOT-FOR-US: eAccess Pocket WiFi
-CVE-2012-0313 (Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 ...)
+CVE-2012-0313
 	NOT-FOR-US: glucose
-CVE-2012-0312 (Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before ...)
+CVE-2012-0312
 	NOT-FOR-US: osCommerce
-CVE-2012-0311 (Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before ...)
+CVE-2012-0311
 	NOT-FOR-US: osCommerce
-CVE-2012-0310 (CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, ...)
+CVE-2012-0310
 	NOT-FOR-US: Cogent DataHub
-CVE-2012-0309 (Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and ...)
+CVE-2012-0309
 	NOT-FOR-US: Cogent DataHub
-CVE-2012-0308 (Cross-site request forgery (CSRF) vulnerability in Symantec Messaging ...)
+CVE-2012-0308
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-0307 (Multiple cross-site scripting (XSS) vulnerabilities in Symantec ...)
+CVE-2012-0307
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-0306 (Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote ...)
+CVE-2012-0306
 	NOT-FOR-US: Symantec Ghost Solution Suite
-CVE-2012-0305 (Untrusted search path vulnerability in Symantec System Recovery 2011 ...)
+CVE-2012-0305
 	NOT-FOR-US: Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5
-CVE-2012-0304 (Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions ...)
+CVE-2012-0304
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2012-0303 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2012-0303
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0302 (Cross-site scripting (XSS) vulnerability in Brightmail Control Center ...)
+CVE-2012-0302
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0301 (Session fixation vulnerability in Brightmail Control Center in ...)
+CVE-2012-0301
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0300 (Brightmail Control Center in Symantec Message Filter 6.3 does not ...)
+CVE-2012-0300
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0299 (The file-management scripts in the management GUI in Symantec Web ...)
+CVE-2012-0299
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0298 (The file-management scripts in the management GUI in Symantec Web ...)
+CVE-2012-0298
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0297 (The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not ...)
+CVE-2012-0297
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0296 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2012-0296
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0295 (The Manager service in the management console in Symantec Endpoint ...)
+CVE-2012-0295
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-0294 (Directory traversal vulnerability in the Manager service in the ...)
+CVE-2012-0294
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-0293 (Multiple SQL injection vulnerabilities in Symantec Altiris WISE ...)
+CVE-2012-0293
 	NOT-FOR-US: Symantec Altiris WISE Package Studio
-CVE-2012-0292 (The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT ...)
+CVE-2012-0292
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2012-0291 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite ...)
+CVE-2012-0291
 	NOT-FOR-US: pcAnywhere
-CVE-2012-0290 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite ...)
+CVE-2012-0290
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2012-0289 (Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x ...)
+CVE-2012-0289
 	NOT-FOR-US: Symantec Network Access Control
 CVE-2012-0288
 	RESERVED
-CVE-2012-0287 (Cross-site scripting (XSS) vulnerability in wp-comments-post.php in ...)
+CVE-2012-0287
 	- wordpress 3.3.1+dfsg-1
 	[squeeze] - wordpress <not-affected> (only 3.3.x vulnerable)
 	[lenny] - wordpress <not-affected> (only 3.3.x vulnerable)
-CVE-2012-0286 (Cross-site request forgery (CSRF) vulnerability in Stoneware ...)
+CVE-2012-0286
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-0285 (Multiple cross-site scripting (XSS) vulnerabilities in Stoneware ...)
+CVE-2012-0285
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-0284 (Stack-based buffer overflow in the SetSource method in the Cisco ...)
+CVE-2012-0284
 	NOT-FOR-US: Cisco
-CVE-2012-0283 (Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList ...)
+CVE-2012-0283
 	- dokuwiki 0.0.20120125b-1 (low; bug #683378)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable functionality not present, see #683378)
-CVE-2012-0282 (Heap-based buffer overflow in XnView before 1.99 allows remote ...)
+CVE-2012-0282
 	NOT-FOR-US: XnView
 CVE-2012-0281
 	RESERVED
 CVE-2012-0280
 	RESERVED
-CVE-2012-0279 (Quest Toad for Data Analysts 3.0.1 uses weak permissions (Everyone: ...)
+CVE-2012-0279
 	NOT-FOR-US: Quest (quest.com) Toad
-CVE-2012-0278 (Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for ...)
+CVE-2012-0278
 	NOT-FOR-US: IrfanView
-CVE-2012-0277 (Heap-based buffer overflow in XnView before 1.99 allows remote ...)
+CVE-2012-0277
 	NOT-FOR-US: XnView
-CVE-2012-0276 (Multiple heap-based buffer overflows in XnView before 1.99 allow ...)
+CVE-2012-0276
 	NOT-FOR-US: XnView
-CVE-2012-0275 (Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 ...)
+CVE-2012-0275
 	NOT-FOR-US: Adobe Photoshop CS5
 CVE-2012-0274
 	RESERVED
-CVE-2012-0273 (Multiple stack-based buffer overflows in MinaliC 2.0.0 allow remote ...)
+CVE-2012-0273
 	NOT-FOR-US: MinaliC (Webserver)
-CVE-2012-0272 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
+CVE-2012-0272
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0271 (Integer overflow in the WebConsole component in gwia.exe in GroupWise ...)
+CVE-2012-0271
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0270 (Multiple stack-based buffer overflows in Csound before 5.16.6 allow ...)
+CVE-2012-0270
 	- csound 1:5.16.6~dfsg-1 (low; bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
 	NOTE: http://secunia.com/secunia_research/2012-3/
 	NOTE: http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=commitdiff;h=7d617a9551fb6c552ba16874b71266fcd90f3a6f
-CVE-2012-0269 (Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 ...)
+CVE-2012-0269
 	NOT-FOR-US: various Ichitaro products
-CVE-2012-0268 (Integer overflow in the CYImage::LoadJPG method in YImage.dll in ...)
+CVE-2012-0268
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2012-0267 (The StopModule method in the NTR ActiveX control before 2.0.4.8 allows ...)
+CVE-2012-0267
 	NOT-FOR-US: NTR ActiveX control
-CVE-2012-0266 (Multiple stack-based buffer overflows in the NTR ActiveX control ...)
+CVE-2012-0266
 	NOT-FOR-US: NTR ActiveX control
-CVE-2012-0265 (Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows ...)
+CVE-2012-0265
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0264 (op5 Monitor and op5 Appliance before 5.5.0 do not properly manage ...)
+CVE-2012-0264
 	NOT-FOR-US: op5
-CVE-2012-0263 (monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows ...)
+CVE-2012-0263
 	NOT-FOR-US: op5
-CVE-2012-0262 (op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and ...)
+CVE-2012-0262
 	NOT-FOR-US: op5
-CVE-2012-0261 (license.php in system-portal before 1.6.2 in op5 Monitor and op5 ...)
+CVE-2012-0261
 	NOT-FOR-US: op5
-CVE-2012-0260 (The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before ...)
+CVE-2012-0260
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
-CVE-2012-0259 (The GetEXIFProperty function in magick/property.c in ImageMagick ...)
+CVE-2012-0259
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
-CVE-2012-0258 (Heap-based buffer overflow in the WWCabFile ActiveX component in the ...)
+CVE-2012-0258
 	NOT-FOR-US: Invensys Wonderware Application Server
-CVE-2012-0257 (Heap-based buffer overflow in the WWCabFile ActiveX component in the ...)
+CVE-2012-0257
 	NOT-FOR-US: Invensys Wonderware Application Server
-CVE-2012-0256 (Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before ...)
+CVE-2012-0256
 	- trafficserver 3.0.4-1
-CVE-2012-0255 (The BGP implementation in bgpd in Quagga before 0.99.20.1 does not ...)
+CVE-2012-0255
 	{DSA-2459-1}
 	- quagga 0.99.20.1-1
-CVE-2012-0254 (Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ...)
+CVE-2012-0254
 	NOT-FOR-US: Honeywell
-CVE-2012-0253 (Multiple cross-site scripting (XSS) vulnerabilities in Demand Media ...)
+CVE-2012-0253
 	NOT-FOR-US: Demand Media Pluck SiteLife
 CVE-2012-0252
 	RESERVED
 CVE-2012-0251
 	RESERVED
-CVE-2012-0250 (Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before ...)
+CVE-2012-0250
 	{DSA-2459-1}
 	- quagga 0.99.20.1-1
-CVE-2012-0249 (Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c ...)
+CVE-2012-0249
 	{DSA-2459-1}
 	- quagga 0.99.20.1-1
-CVE-2012-0248 (ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a ...)
+CVE-2012-0248
 	{DSA-2427-1}
 	- imagemagick 8:6.6.9.7-6 (low; bug #659339)
-CVE-2012-0247 (ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a ...)
+CVE-2012-0247
 	{DSA-2427-1}
 	- imagemagick 8:6.6.9.7-6 (bug #659339)
-CVE-2012-0246 (Directory traversal vulnerability in an unspecified ActiveX control in ...)
+CVE-2012-0246
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2012-0245 (Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB ...)
+CVE-2012-0245
 	NOT-FOR-US: ABB Robot Communications Runtime
-CVE-2012-0244 (Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess ...)
+CVE-2012-0244
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0243 (Buffer overflow in an ActiveX control in bwocxrun.ocx in ...)
+CVE-2012-0243
 	NOT-FOR-US: ActiveX
-CVE-2012-0242 (Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
+CVE-2012-0242
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0241 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to ...)
+CVE-2012-0241
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0240 (GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not ...)
+CVE-2012-0240
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0239 (uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not ...)
+CVE-2012-0239
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0238 (Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin ...)
+CVE-2012-0238
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0237 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) ...)
+CVE-2012-0237
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0236 (Advantech/BroadWin WebAccess 7.0 and earlier allows remote attackers ...)
+CVE-2012-0236
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0235 (Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin ...)
+CVE-2012-0235
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0234 (SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
+CVE-2012-0234
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0233 (Cross-site scripting (XSS) vulnerability in Advantech/BroadWin ...)
+CVE-2012-0233
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0232 (Directory traversal vulnerability in rifsrvd.exe in the Remote ...)
+CVE-2012-0232
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-0231 (PRLicenseMgr.exe in the Proficy Server License Manager in GE ...)
+CVE-2012-0231
 	NOT-FOR-US: GE Intelligent Platforms Proficy Plant Applications
-CVE-2012-0230 (PRRDS.exe in the Proficy Remote Data Service in GE Intelligent ...)
+CVE-2012-0230
 	NOT-FOR-US: GE Intelligent Platforms Proficy Plant Applications
-CVE-2012-0229 (The Data Archiver service in GE Intelligent Platforms Proficy ...)
+CVE-2012-0229
 	NOT-FOR-US: GE Intelligent Platforms Proficy Historian
-CVE-2012-0228 (Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not ...)
+CVE-2012-0228
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2012-0227 (Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ...)
+CVE-2012-0227
 	NOT-FOR-US: Open Automation Software OPC Systems.NET
-CVE-2012-0226 (SQL injection vulnerability in Invensys Wonderware Information Server ...)
+CVE-2012-0226
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2012-0225 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware ...)
+CVE-2012-0225
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2012-0224 (Untrusted search path vulnerability in 7-Technologies (7T) AQUIS 1.5 ...)
+CVE-2012-0224
 	NOT-FOR-US: 7-Technologies (7T) AQUIS
-CVE-2012-0223 (Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 ...)
+CVE-2012-0223
 	NOT-FOR-US: TERMIS
-CVE-2012-0222 (The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation ...)
+CVE-2012-0222
 	NOT-FOR-US: Rockwell Automation Allen-Bradley FactoryTalk
-CVE-2012-0221 (The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation ...)
+CVE-2012-0221
 	NOT-FOR-US: Rockwell Automation Allen-Bradley FactoryTalk
-CVE-2012-0220 (Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin ...)
+CVE-2012-0220
 	{DSA-2474-1}
 	- ikiwiki 3.20120516
-CVE-2012-0219 (Heap-based buffer overflow in the xioscan_readline function in ...)
+CVE-2012-0219
 	- socat 1.7.1.3-1.3 (low; bug #672994)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	NOTE: http://www.dest-unreach.org/socat/contrib/socat-secadv3.html
-CVE-2012-0218 (Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler ...)
+CVE-2012-0218
 	{DSA-2501-1}
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
-CVE-2012-0217 (The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, ...)
+CVE-2012-0217
 	{DSA-2508-1 DSA-2501-1}
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
 	- kfreebsd-8 8.3-4 (bug #677297)
@@ -16095,327 +16095,327 @@ CVE-2012-0217 (The x86-64 kernel system-call functionality in Xen 4.1.2 and earl
 	NOTE: microsoft windows, which is also a part of this id assignment (and a
 	NOTE: bit strangely the only os currently called out in the mitre description).
 	NOTE: also affected the linux kernel, and was fixed 6 years earlier as CVE-2006-0744.
-CVE-2012-0216 (The default configuration of the apache2 package in Debian GNU/Linux ...)
+CVE-2012-0216
 	{DSA-2452-1}
 	- apache2 2.2.22-4 (low)
-CVE-2012-0215 (model/modelstorage.py in the Tryton application framework (trytond) ...)
+CVE-2012-0215
 	{DSA-2444-1}
 	- tryton-server 2.2.2-1 (medium)
-CVE-2012-0214 (The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in ...)
+CVE-2012-0214
 	- apt 0.8.15.10
 	[squeeze] - apt <not-affected> (Vulnerable code not present)
 	[lenny] - apt <not-affected> (Vulnerable code not present)
-CVE-2012-0213 (The UnhandledDataStructure function in ...)
+CVE-2012-0213
 	{DSA-2468-1}
 	- libjakarta-poi-java <removed>
-CVE-2012-0212 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before ...)
+CVE-2012-0212
 	{DSA-2409-1}
 	- devscripts 2.11.4
-CVE-2012-0211 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before ...)
+CVE-2012-0211
 	{DSA-2409-1}
 	- devscripts 2.11.4
-CVE-2012-0210 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before ...)
+CVE-2012-0210
 	{DSA-2409-1}
 	- devscripts 2.11.4
-CVE-2012-0209 (Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail ...)
+CVE-2012-0209
 	- horde3 3.3.12+debian0-2 (bug #660077)
 	[squeeze] - horde3 <not-affected> (Introduced in 3.3.12)
 	[lenny] - horde3 <not-affected> (Introduced in 3.3.12)
-CVE-2012-0208 (Unspecified vulnerability in the Oracle Grid Engine component in ...)
+CVE-2012-0208
 	{DSA-2472-1}
 	- gridengine 6.2u5-6
 	NOTE: http://www.securityfocus.com/bid/53123/info
 	NOTE: http://gridscheduler.sourceforge.net/security.html
-CVE-2012-0207 (The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel ...)
+CVE-2012-0207
 	- linux-2.6 3.1.8-2 (bug #654876)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
-CVE-2012-0206 (common_startup.cc in PowerDNS (aka pdns) Authoritative Server before ...)
+CVE-2012-0206
 	{DSA-2385-1}
 	- pdns 3.0-1.1 (high)
-CVE-2012-0205 (InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere ...)
+CVE-2012-0205
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0204 (Untrusted search path vulnerability in InfoSphere Import Export ...)
+CVE-2012-0204
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0203 (Cross-site scripting (XSS) vulnerability in InfoSphere Metadata ...)
+CVE-2012-0203
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0202 (Multiple stack-based buffer overflows in tm1admsd.exe in the Admin ...)
+CVE-2012-0202
 	NOT-FOR-US: Admin Server in IBM Cognos TM1
-CVE-2012-0201 (Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM ...)
+CVE-2012-0201
 	NOT-FOR-US: IBM Personal Communications
-CVE-2012-0200 (The server in IBM solidDB 6.5 before Interim Fix 6 does not properly ...)
+CVE-2012-0200
 	NOT-FOR-US: IBM solidDB
-CVE-2012-0199 (Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning ...)
+CVE-2012-0199
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
-CVE-2012-0198 (Stack-based buffer overflow in the RunAndUploadFile method in the ...)
+CVE-2012-0198
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
 CVE-2012-0197
 	RESERVED
 CVE-2012-0196
 	RESERVED
-CVE-2012-0195 (Cross-site scripting (XSS) vulnerability in the Start Center Layout ...)
+CVE-2012-0195
 	NOT-FOR-US: IBM Maximo Asset Management and others
-CVE-2012-0194 (The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large ...)
+CVE-2012-0194
 	NOT-FOR-US: AIX
-CVE-2012-0193 (IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 ...)
+CVE-2012-0193
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-0192 (Multiple integer overflows in vclmi.dll in the visual class library ...)
+CVE-2012-0192
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2012-0191 (The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 ...)
+CVE-2012-0191
 	NOT-FOR-US: IBM Lotus Expeditor
-CVE-2012-0190 (Unspecified vulnerability in the Render method in the ExportHTML.ocx ...)
+CVE-2012-0190
 	NOT-FOR-US: IBM SPSS Dimensions
-CVE-2012-0189 (Multiple unspecified vulnerabilities in the (1) PrintFile and (2) ...)
+CVE-2012-0189
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2012-0188 (Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX ...)
+CVE-2012-0188
 	NOT-FOR-US: IBM SPSS Dimensions
-CVE-2012-0187 (Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and ...)
+CVE-2012-0187
 	NOT-FOR-US: IBM Lotus Expeditor
-CVE-2012-0186 (Directory traversal vulnerability in the Eclipse Help component in IBM ...)
+CVE-2012-0186
 	NOT-FOR-US: IBM Lotus Expeditor
-CVE-2012-0185 (Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and ...)
+CVE-2012-0185
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-0184 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; ...)
+CVE-2012-0184
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-0183 (Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for ...)
+CVE-2012-0183
 	NOT-FOR-US: Microsoft Word
-CVE-2012-0182 (Microsoft Word 2007 SP2 and SP3 does not properly handle memory during ...)
+CVE-2012-0182
 	NOT-FOR-US: Microsoft Word
-CVE-2012-0181 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-0181
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0180 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-0180
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0179 (Double free vulnerability in tcpip.sys in Microsoft Windows Server ...)
+CVE-2012-0179
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0178 (Race condition in partmgr.sys in Windows Partition Manager in ...)
+CVE-2012-0178
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0177 (Heap-based buffer overflow in the Office Works File Converter in ...)
+CVE-2012-0177
 	NOT-FOR-US: Microsoft
-CVE-2012-0176 (Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 ...)
+CVE-2012-0176
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2012-0175 (The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 ...)
+CVE-2012-0175
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0174 (Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows ...)
+CVE-2012-0174
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0173 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2012-0173
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0172 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+CVE-2012-0172
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0171 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-0171
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0170 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
+CVE-2012-0170
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0169 (Microsoft Internet Explorer 9 does not properly handle objects in ...)
+CVE-2012-0169
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0168 (Microsoft Internet Explorer 6 through 9 allows user-assisted remote ...)
+CVE-2012-0168
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0167 (Heap-based buffer overflow in the Office GDI+ library in Microsoft ...)
+CVE-2012-0167
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-0166
 	REJECTED
-CVE-2012-0165 (GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office ...)
+CVE-2012-0165
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0164 (Microsoft .NET Framework 4 does not properly compare index values, ...)
+CVE-2012-0164
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0163 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and ...)
+CVE-2012-0163
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0162 (Microsoft .NET Framework 4 does not properly allocate buffers, which ...)
+CVE-2012-0162
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0161 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, ...)
+CVE-2012-0161
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0160 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, ...)
+CVE-2012-0160
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0159 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows ...)
+CVE-2012-0159
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0158 (The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ...)
+CVE-2012-0158
 	NOT-FOR-US: Microsoft
-CVE-2012-0157 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2012-0157
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0156 (DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, ...)
+CVE-2012-0156
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0155 (Microsoft Internet Explorer 9 does not properly handle objects in ...)
+CVE-2012-0155
 	NOT-FOR-US: Microsoft
-CVE-2012-0154 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2012-0154
 	NOT-FOR-US: Microsoft
 CVE-2012-0153
 	REJECTED
-CVE-2012-0152 (The Remote Desktop Protocol (RDP) service in Microsoft Windows Server ...)
+CVE-2012-0152
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0151 (The Authenticode Signature Verification function in Microsoft Windows ...)
+CVE-2012-0151
 	NOT-FOR-US: Microsoft
-CVE-2012-0150 (Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows ...)
+CVE-2012-0150
 	NOT-FOR-US: Microsoft
-CVE-2012-0149 (afd.sys in the Ancillary Function Driver in Microsoft Windows Server ...)
+CVE-2012-0149
 	NOT-FOR-US: Microsoft
-CVE-2012-0148 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, ...)
+CVE-2012-0148
 	NOT-FOR-US: Microsoft
-CVE-2012-0147 (Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 ...)
+CVE-2012-0147
 	NOT-FOR-US: Microsoft
-CVE-2012-0146 (Open redirect vulnerability in Microsoft Forefront Unified Access ...)
+CVE-2012-0146
 	NOT-FOR-US: Microsoft
-CVE-2012-0145 (Cross-site scripting (XSS) vulnerability in wizardlist.aspx in ...)
+CVE-2012-0145
 	NOT-FOR-US: Microsoft
-CVE-2012-0144 (Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft ...)
+CVE-2012-0144
 	NOT-FOR-US: Microsoft
-CVE-2012-0143 (Microsoft Excel 2003 SP3 and Office 2008 for Mac do not properly ...)
+CVE-2012-0143
 	NOT-FOR-US: Microsoft
-CVE-2012-0142 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; ...)
+CVE-2012-0142
 	NOT-FOR-US: Microsoft
-CVE-2012-0141 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; ...)
+CVE-2012-0141
 	NOT-FOR-US: Microsoft
 CVE-2012-0140
 	REJECTED
 CVE-2012-0139
 	REJECTED
-CVE-2012-0138 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+CVE-2012-0138
 	NOT-FOR-US: Microsoft
-CVE-2012-0137 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+CVE-2012-0137
 	NOT-FOR-US: Microsoft
-CVE-2012-0136 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+CVE-2012-0136
 	NOT-FOR-US: Microsoft
-CVE-2012-0135 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2012-0135
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-0134 (Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, ...)
+CVE-2012-0134
 	NOT-FOR-US: HP OpenVMS
-CVE-2012-0133 (HP ProCurve 5400 zl switches with certain serial numbers include a ...)
+CVE-2012-0133
 	NOT-FOR-US: HP ProCurve
-CVE-2012-0132 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
+CVE-2012-0132
 	NOT-FOR-US: HP Business Availability
-CVE-2012-0131 (Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX ...)
+CVE-2012-0131
 	NOT-FOR-US: HP HP-UX
-CVE-2012-0130 (HP Onboard Administrator (OA) before 3.50 allows remote attackers to ...)
+CVE-2012-0130
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2012-0129 (HP Onboard Administrator (OA) before 3.50 allows remote attackers to ...)
+CVE-2012-0129
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2012-0128 (HP Onboard Administrator (OA) before 3.50 allows remote attackers to ...)
+CVE-2012-0128
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2012-0127 (Unspecified vulnerability in HP Performance Manager 9.00 allows remote ...)
+CVE-2012-0127
 	NOT-FOR-US: HP Performance Manager
-CVE-2012-0126 (Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 ...)
+CVE-2012-0126
 	NOT-FOR-US: HP HP-UX
-CVE-2012-0125 (Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 ...)
+CVE-2012-0125
 	NOT-FOR-US: HP HP-UX
-CVE-2012-0124 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
+CVE-2012-0124
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0123 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
+CVE-2012-0123
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0122 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
+CVE-2012-0122
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0121 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
+CVE-2012-0121
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0120 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0120
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0119 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0119
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0118 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0118
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0117 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0117
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0116 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0116
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0115 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0115
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0114 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0114
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0113 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0113
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0112 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0112
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0111 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2012-0111
 	- virtualbox 4.1.8-dfsg-1 (bug #659950)
 	[squeeze] - virtualbox <not-affected> (Vulnerable code not present, see #659950)
-CVE-2012-0110 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2012-0110
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0109 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2012-0109
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0108 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0108
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0107 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0107
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0106 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0106
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0105 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2012-0105
 	- virtualbox-guest-additions-iso 4.1.8-1 (bug #659951)
 	[squeeze] - virtualbox-guest-additions-iso <not-affected> (Vulnerable code not present, see #659950)
-CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...)
+CVE-2012-0104
 	- glassfish <not-affected> (Debian package only builds a few API elements)
-CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+CVE-2012-0103
 	NOT-FOR-US: Oracle Solaris Kernel
-CVE-2012-0102 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0102
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0101 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0101
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0100 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...)
+CVE-2012-0100
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0099 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...)
+CVE-2012-0099
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0098 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2012-0098
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0097 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+CVE-2012-0097
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0096 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+CVE-2012-0096
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0095 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0095
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0094 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...)
+CVE-2012-0094
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0093 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0093
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0092 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0092
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0091 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2012-0091
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0090 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0090
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0089 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2012-0089
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0088 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2012-0088
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0087 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0087
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0086 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0086
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0085 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2012-0085
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0084 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2012-0084
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0083 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2012-0083
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0082 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2012-0082
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0081 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1 ...)
+CVE-2012-0081
 	- glassfish <not-affected> (Debian package only builds a few API elements)
-CVE-2012-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2012-0080
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0079 (Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote ...)
+CVE-2012-0079
 	NOT-FOR-US: Oracle OpenSSO
-CVE-2012-0078 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2012-0078
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0077 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2012-0077
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2012-0076 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2012-0076
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0075 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2012-0075
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0074 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
+CVE-2012-0074
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0073 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
+CVE-2012-0073
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0072 (Unspecified vulnerability in the Listener component in Oracle Database ...)
+CVE-2012-0072
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0071 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
+CVE-2012-0071
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2012-0785 [Jenkins and hash collision attack]
 	RESERVED
@@ -16425,29 +16425,29 @@ CVE-2012-0785 [Jenkins and hash collision attack]
 CVE-2012-0070
 	RESERVED
 	NOT-FOR-US: spamdyke not in Debian
-CVE-2012-0069 (SQL injection vulnerability in ajax.php in Batavi before 1.2.1 allows ...)
+CVE-2012-0069
 	NOT-FOR-US: batavi not in Debian
-CVE-2012-0068 (The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x ...)
+CVE-2012-0068
 	{DSA-2395-1}
 	- wireshark 1.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6670
-CVE-2012-0067 (wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before ...)
+CVE-2012-0067
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6668
-CVE-2012-0066 (Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote ...)
+CVE-2012-0066
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6666
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6667
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6669
-CVE-2012-0065 (Heap-based buffer overflow in the receive_packet function in ...)
+CVE-2012-0065
 	- usbmuxd 1.0.7-2 (medium; bug #656581)
 	[lenny] - usbmuxd <not-affected> (introduced in 1.0.7)
 	[squeeze] - usbmuxd <not-affected> (introduced in 1.0.7)
-CVE-2012-0064 (xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB ...)
+CVE-2012-0064
 	- xorg-server 2:1.11.3.901-2 (high; bug #656410)
 	[squeeze] - xorg-server <not-affected> (introduced in 1.11)
 	[lenny] - xorg-server <not-affected> (introduced in 1.11)
@@ -16456,27 +16456,27 @@ CVE-2012-0063
 	RESERVED
 	- tucan <unfixed> (bug #656388)
 	[squeeze] - tucan <no-dsa> (Minor issue)
-CVE-2012-0062 (Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before ...)
+CVE-2012-0062
 	NOT-FOR-US: JBoss Operations Network
-CVE-2012-0061 (The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not ...)
+CVE-2012-0061
 	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
-CVE-2012-0060 (RPM before 4.9.1.3 does not properly validate region tags, which ...)
+CVE-2012-0060
 	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
-CVE-2012-0059 (Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 ...)
+CVE-2012-0059
 	NOT-FOR-US: RHN Satellite
-CVE-2012-0058 (The kiocb_batch_free function in fs/aio.c in the Linux kernel before ...)
+CVE-2012-0058
 	- linux-2.6 3.2.2-1
 	[wheezy] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
 	[squeeze] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
 	[lenny] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
-CVE-2012-0057 (PHP before 5.3.9 has improper libxslt security settings, which allows ...)
+CVE-2012-0057
 	{DSA-2399-1}
 	- php5 5.3.9-1 (bug #656308)
-CVE-2012-0056 (The mem_write function in the Linux kernel before 3.2.2, when ASLR is ...)
+CVE-2012-0056
 	- linux-2.6 3.2.1-2
 	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.39)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.39)
@@ -16484,17 +16484,17 @@ CVE-2012-0056 (The mem_write function in the Linux kernel before 3.2.2, when ASL
 CVE-2012-0055
 	RESERVED
 	NOT-FOR-US: overlayfs is not (yet) in the Debian kernel
-CVE-2012-0054 (libs/updater.py in GoLismero 0.6.3, and other versions before Git ...)
+CVE-2012-0054
 	NOT-FOR-US: golismero not in Debian
-CVE-2012-0053 (protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not ...)
+CVE-2012-0053
 	{DSA-2405-1}
 	- apache2 2.2.22-1 (low)
-CVE-2012-0052 (Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before ...)
+CVE-2012-0052
 	NOT-FOR-US: JBoss Operations Network
 CVE-2012-0051
 	RESERVED
 	- tahoe-lafs <not-affected> (Only affects 1.9.0, not uploaded to the archive)
-CVE-2012-0050 (OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, ...)
+CVE-2012-0050
 	{DSA-2392-1}
 	- openssl 1.0.0g-1
 	NOTE: http://www.openssl.org/news/secadv/20120118.txt
@@ -16504,139 +16504,139 @@ CVE-2012-0049
 	- openttd 1.1.5-1 (low)
 	NOTE: http://vcs.openttd.org/svn/changeset/23764
 	NOTE: http://security.openttd.org/en/CVE-2012-0049
-CVE-2012-0048 (OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial ...)
+CVE-2012-0048
 	NOTE: contacted MITRE, will be rejected
-CVE-2012-0047 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
+CVE-2012-0047
 	NOT-FOR-US: Apache Wicket
 CVE-2012-0046 [mediawiki info leak]
 	RESERVED
 	- mediawiki 1:1.15.5-6 (low; bug #655694)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze3
 	[lenny] - mediawiki <not-affected> (Vulnerable code not present)
-CVE-2012-0045 (The em_syscall function in arch/x86/kvm/emulate.c in the KVM ...)
+CVE-2012-0045
 	{DSA-2443-1}
 	- linux-2.6 3.2.2-1
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-0044 (Integer overflow in the drm_mode_dirtyfb_ioctl function in ...)
+CVE-2012-0044
 	- linux-2.6 3.1.5-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2012-0043 (Buffer overflow in the reassemble_message function in ...)
+CVE-2012-0043
 	- wireshark 1.6.5-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
-CVE-2012-0042 (Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly ...)
+CVE-2012-0042
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2012-0041 (The dissect_packet function in epan/packet.c in Wireshark 1.4.x before ...)
+CVE-2012-0041
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6663
-CVE-2012-0040 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2012-0040
 	{DSA-2387-1}
 	- simplesamlphp 1.8.2-1
 	NOTE: http://groups.google.com/group/simplesamlphp-announce/browse_thread/thread/cb96723ee3c6751e
-CVE-2012-0039 (** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function ...)
+CVE-2012-0039
 	- glib2.0 <unfixed> (unimportant; bug #655044)
-CVE-2012-0038 (Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c ...)
+CVE-2012-0038
 	- linux-2.6 3.2.1-1
 	[squeeze] - linux-2.6 2.6.32-41
-CVE-2012-0037 (Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 ...)
+CVE-2012-0037
 	{DSA-2438-1}
 	- raptor 1.4.21-7.1 (bug #677427)
-CVE-2012-0036 (curl and libcurl 7.2x before 7.24.0 do not properly consider special ...)
+CVE-2012-0036
 	{DSA-2398-1}
 	- curl 7.24.0-1
 	[lenny] - curl <not-affected> (Only affects 7.20.0 to 7.23.1)
 	NOTE: http://curl.haxx.se/docs/adv_20120124.html
-CVE-2012-0035 (Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as ...)
+CVE-2012-0035
 	- cedet <removed> (low; bug #655299)
 	[squeeze] - cedet <no-dsa> (Minor issue)
 	- emacs23 23.3+1-5 (low; bug #655300)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
-CVE-2012-0034 (The NonManagedConnectionFactory in JBoss Enterprise Application ...)
+CVE-2012-0034
 	NOT-FOR-US: JBoss Enterprise Application Platform
-CVE-2012-0033 (The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the ...)
+CVE-2012-0033
 	- znc 0.202-2
 	[squeeze] - znc <not-affected> (Only affects 0.200 and 0.202)
 	[lenny] - znc <not-affected> (Only affects 0.200 and 0.202)
-CVE-2012-0032 (Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 ...)
+CVE-2012-0032
 	NOT-FOR-US: JBoss Operations Network
-CVE-2012-0031 (scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow ...)
+CVE-2012-0031
 	{DSA-2405-1}
 	- apache2 2.2.22-1 (low)
-CVE-2012-0030 (Nova 2011.3 and Essex, when using the OpenStack API, allows remote ...)
+CVE-2012-0030
 	- nova 2012.1~rc1-1
-CVE-2012-0029 (Heap-based buffer overflow in the process_tx_desc function in the ...)
+CVE-2012-0029
 	{DSA-2404-1 DSA-2396-1}
 	- qemu-kvm 1.0+dfsg-5
 	- xen-qemu-dm-4.0 <removed>
 	[squeeze] - xen <not-affected> (vulnerable code not present)
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1 (medium)
-CVE-2012-0028 (The robust futex implementation in the Linux kernel before 2.6.28 does ...)
+CVE-2012-0028
 	- linux-2.6 2.6.32-1
-CVE-2012-0027 (The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle ...)
+CVE-2012-0027
 	- openssl 1.0.0f-1
 	[lenny] - openssl <not-affected> (no GOST support)
 	[squeeze] - openssl <not-affected> (no GOST support)
 CVE-2012-0026
 	REJECTED
-CVE-2012-0025 (Double free vulnerability in the Free_All_Memory function in ...)
+CVE-2012-0025
 	NOT-FOR-US: libfpx
-CVE-2012-0024 (MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values ...)
+CVE-2012-0024
 	- maradns 1.4.09-1
 	[squeeze] - maradns <no-dsa> (Minor issue)
 	[lenny] - maradns <no-dsa> (Minor issue)
 	NOTE: a DoS that requires being able to do recursive queries. Allowing recursive queries to the general public is already a security issue to begin with, so this issue can better be addressed in a point update.
-CVE-2012-0023 (Double free vulnerability in the get_chunk_header function in ...)
+CVE-2012-0023
 	- vlc 1.1.13-1
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-0022 (Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before ...)
+CVE-2012-0022
 	{DSA-2401-1}
 	- tomcat5 <removed>
 	- tomcat6 6.0.35-1
 	- tomcat7 7.0.23-1
-CVE-2012-0021 (The log_cookie function in mod_log_config.c in the mod_log_config ...)
+CVE-2012-0021
 	- apache2 2.2.22-1
 	[squeeze] - apache2 <not-affected> (Introduced in 2.2.17)
 	[lenny] - apache2 <not-affected> (Introduced in 2.2.17)
-CVE-2012-0020 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+CVE-2012-0020
 	NOT-FOR-US: Microsoft
-CVE-2012-0019 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+CVE-2012-0019
 	NOT-FOR-US: Microsoft
-CVE-2012-0018 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate ...)
+CVE-2012-0018
 	NOT-FOR-US: Microsoft Visio
-CVE-2012-0017 (Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft ...)
+CVE-2012-0017
 	NOT-FOR-US: Microsoft
-CVE-2012-0016 (Untrusted search path vulnerability in Microsoft Expression Design; ...)
+CVE-2012-0016
 	NOT-FOR-US: Microsoft Expression Design
-CVE-2012-0015 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate ...)
+CVE-2012-0015
 	NOT-FOR-US: Microsoft
-CVE-2012-0014 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 ...)
+CVE-2012-0014
 	NOT-FOR-US: Microsoft
-CVE-2012-0013 (Incomplete blacklist vulnerability in the Windows Packager ...)
+CVE-2012-0013
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0012 (Microsoft Internet Explorer 9 does not properly handle the creation ...)
+CVE-2012-0012
 	NOT-FOR-US: Microsoft
-CVE-2012-0011 (Microsoft Internet Explorer 7 through 9 does not properly handle ...)
+CVE-2012-0011
 	NOT-FOR-US: Microsoft
-CVE-2012-0010 (Microsoft Internet Explorer 6 through 9 does not properly perform ...)
+CVE-2012-0010
 	NOT-FOR-US: Microsoft
-CVE-2012-0009 (Untrusted search path vulnerability in the Windows Object Packager ...)
+CVE-2012-0009
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0008 (Untrusted search path vulnerability in Microsoft Visual Studio 2008 ...)
+CVE-2012-0008
 	NOT-FOR-US: Microsoft Visual Studio 2008
-CVE-2012-0007 (The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 ...)
+CVE-2012-0007
 	NOT-FOR-US: Microsoft Anti-Cross Site Scripting Library
-CVE-2012-0006 (The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 ...)
+CVE-2012-0006
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0005 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 ...)
+CVE-2012-0005
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0004 (Unspecified vulnerability in DirectShow in DirectX in Microsoft ...)
+CVE-2012-0004
 	NOT-FOR-US: DirectX
-CVE-2012-0003 (Unspecified vulnerability in winmm.dll in Windows Multimedia Library ...)
+CVE-2012-0003
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0002 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2012-0002
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0001 (The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, ...)
+CVE-2012-0001
 	NOT-FOR-US: Microsoft Windows
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index f056dca703..e8ee279b64 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -1,29 +1,29 @@
-CVE-2013-7469 (Seafile through 6.2.11 always uses the same Initialization Vector (IV) ...)
+CVE-2013-7469
 	- seafile <unfixed> (bug #923009)
 	[buster] - seafile <ignored> (Minor issue)
 	NOTE: https://github.com/haiwen/seafile/issues/350
-CVE-2013-7468 (Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the ...)
+CVE-2013-7468
 	NOT-FOR-US: Simple Machines Forum (SMF)
-CVE-2013-7467 (Simple Machines Forum (SMF) 2.0.4 allows XSS via the ...)
+CVE-2013-7467
 	NOT-FOR-US: Simple Machines Forum (SMF)
-CVE-2013-7466 (Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with ...)
+CVE-2013-7466
 	NOT-FOR-US: Simple Machines Forum (SMF)
-CVE-2013-7465 (Ice Cold Apps Servers Ultimate 6.0.2(12) does not require ...)
+CVE-2013-7465
 	NOT-FOR-US: Ice Cold Apps Servers Ultimate
-CVE-2013-7464 (In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not ...)
+CVE-2013-7464
 	- zoneminder <not-affected> (Vulnerable code never in a embedded copy version for zoneminder)
 	- cacti <not-affected> (Vulnerable code never in any release inclusing embedded copy, i.e. pre 1.0.4)
 	NOTE: Issue is in embedded csrf-magic
 	NOTE: http://repo.or.cz/csrf-magic.git/commit/9d2537f70d58b16aeba89779aaf1573b8d618e11 (v1.0.4)
-CVE-2013-7463 (The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use ...)
+CVE-2013-7463
 	NOT-FOR-US: aescrypt gem for Ruby
-CVE-2013-7462 (A directory traversal vulnerability in the web application in McAfee ...)
+CVE-2013-7462
 	NOT-FOR-US: Intel antivirus
-CVE-2013-7461 (A write protection and execution bypass vulnerability in McAfee (now ...)
+CVE-2013-7461
 	NOT-FOR-US: Intel antivirus
-CVE-2013-7460 (A write protection and execution bypass vulnerability in McAfee (now ...)
+CVE-2013-7460
 	NOT-FOR-US: Intel antivirus
-CVE-2013-7459 (Heap-based buffer overflow in the ALGnew function in block_templace.c ...)
+CVE-2013-7459
 	{DLA-773-1}
 	- python-crypto 2.6.1-7 (bug #849495)
 	[jessie] - python-crypto 2.6.1-5+deb8u1
@@ -32,13 +32,13 @@ CVE-2013-7459 (Heap-based buffer overflow in the ALGnew function in block_templa
 	NOTE: All users of pycrypto's AES module in Debian that allow the mode
 	NOTE: of operation to be specified from outside check for ECB explicitly
 	NOTE: and  create the objects without specifying an IV.
-CVE-2013-7458 (linenoise, as used in Redis before 3.2.3, uses world-readable ...)
+CVE-2013-7458
 	{DSA-3634-1 DLA-577-1}
 	- redis 2:3.2.1-4 (bug #832460)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/1
-CVE-2013-7457 (Unspecified vulnerability in the Qualcomm components in Android before ...)
+CVE-2013-7457
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2013-7456 (gd_interpolation.c in the GD Graphics Library (aka libgd) before ...)
+CVE-2013-7456
 	{DSA-3602-1 DSA-3587-1}
 	- libgd2 2.1.1-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -49,27 +49,27 @@ CVE-2013-7456 (gd_interpolation.c in the GD Graphics Library (aka libgd) before
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72227
 	NOTE: Fixed in 7.0.7, 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2013-7455 (Double free vulnerability in the DefaultICCintents function in ...)
+CVE-2013-7455
 	- lcms2 2.6-1
 	[wheezy] - lcms2 <not-affected> (vulnerable code not present, no cmsPipelineFree(Lut); in Error:-part)
 	NOTE: https://www.kb.cert.org/vuls/id/369800
 	NOTE: https://github.com/mm2/Little-CMS/commit/fefaaa43c382eee632ea3ad0cfa915335140e1db#diff-189a94f0a7a47efdd43f5567e27a973b
-CVE-2013-7454 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+CVE-2013-7454
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7453 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+CVE-2013-7453
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7452 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+CVE-2013-7452
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7451 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+CVE-2013-7451
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7450 (Pulp before 2.3.0 uses the same the same certificate authority key and ...)
+CVE-2013-7450
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2013-7448 (Directory traversal vulnerability in wiki.c in didiwiki allows remote ...)
+CVE-2013-7448
 	{DSA-3485-1 DLA-424-1}
 	- didiwiki 0.5-12 (bug #815111)
 	NOTE: https://github.com/OpenedHand/didiwiki/pull/1/files
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/19/4
-CVE-2013-7447 (Integer overflow in the gdk_cairo_set_source_pixbuf function in ...)
+CVE-2013-7447
 	{DLA-419-1}
 	- gtk+2.0 2.24.30-1.1 (bug #799275)
 	[jessie] - gtk+2.0 2.24.25-3+deb8u1
@@ -78,7 +78,7 @@ CVE-2013-7447 (Integer overflow in the gdk_cairo_set_source_pixbuf function in .
 	[wheezy] - gtk+3.0 3.4.2-7+deb7u1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=703220
 	NOTE: Fixed by: https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
-CVE-2013-7446 (Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel ...)
+CVE-2013-7446
 	{DSA-3426-1 DLA-360-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -87,7 +87,7 @@ CVE-2013-7446 (Use-after-free vulnerability in net/unix/af_unix.c in the Linux k
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/18/9
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ec0d215f9420564fc8286dcf93d2d068bb53a07e (v2.6.26-rc9)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c (v4.4-rc4)
-CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux kernel ...)
+CVE-2013-7445
 	- linux <unfixed>
 	[stretch] - linux <ignored> (Minor issue, requires invasive changes)
 	[jessie] - linux <ignored> (Minor issue, requires invasive changes)
@@ -95,13 +95,13 @@ CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux kernel
 	[jessie] - linux-4.9 <ignored> (Minor issue, requires invasive changes)
 	- linux-2.6 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=60533
-CVE-2013-7444 (The Special:Contributions page in MediaWiki before 1.22.0 allows ...)
+CVE-2013-7444
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T106893
 	NOTE: https://github.com/wikimedia/mediawiki/commit/dc2966bd05b69321300c63fd0bd78e7c78ecea6e
-CVE-2013-7443 (Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows ...)
+CVE-2013-7443
 	- sqlite3 3.8.3-1
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
 	[squeeze] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
@@ -109,9 +109,9 @@ CVE-2013-7443 (Buffer overflow in the skip-scan optimization in SQLite 3.8.2 all
 	NOTE: Introduced by: https://www.sqlite.org/src/info/b0bb975c0986fe01
 	NOTE: https://www.sqlite.org/src/info/520070ec7fbaac
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/5
-CVE-2013-7442 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password ...)
+CVE-2013-7442
 	NOT-FOR-US: GE Healthcare Centricity PACS Workstation
-CVE-2013-7440 (The ssl.match_hostname function in CPython (aka Python) before 2.7.9 ...)
+CVE-2013-7440
 	- python3.4 3.4~b1-4
 	- python3.3 3.3.3-1
 	- python3.2 <removed>
@@ -128,7 +128,7 @@ CVE-2013-7440 (The ssl.match_hostname function in CPython (aka Python) before 2.
 	NOTE: https://bugs.python.org/issue17997#msg194950
 	NOTE: https://hg.python.org/cpython/rev/10d0edadbcdd
 	NOTE: The CVE is only about refusing multiple wildcards. Backporting that part only is not so difficult.
-CVE-2013-7439 (Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen ...)
+CVE-2013-7439
 	{DSA-3224-1 DLA-199-1}
 	- libx11 2:1.6.0-1
 	NOTE: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=39547d600a13713e15429f49768e54c3173c828d
@@ -149,33 +149,33 @@ CVE-2013-7439 (Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLe
 	NOTE: open-vm-tools (TBD / 8.4.2-261024-1+build1)
 	NOTE: wine-gecko-1.4 (wheezy)
 	NOTE: list completed by analyzing http://codesearch.debian.net/results/SetReqLen and http://codesearch.debian.net/results/MakeBigReq
-CVE-2013-7438 (Multiple buffer overflows in pbm212030 allow remote attackers to cause ...)
+CVE-2013-7438
 	NOT-FOR-US: pbm2l2030
 	NOTE: http://www.openprinting.org/driver/pbm2l2030/ (typo in the official CVE description)
-CVE-2013-7441 (The modern style negotiation in Network Block Device (nbd-server) ...)
+CVE-2013-7441
 	{DSA-3271-1}
 	- nbd 1:3.4-1 (bug #781547)
 	[squeeze] - nbd <not-affected> (Named export introduced in 2.9.17)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/19/6
-CVE-2013-7435 (The open-ils.pcrud endpoint in Evergreen before 2.5.9, 2.6.x before ...)
+CVE-2013-7435
 	NOT-FOR-US: Evergreen library
 CVE-2013-7434
 	RESERVED
-CVE-2013-7433 (Cross-site scripting (XSS) vulnerability in the Googlemaps plugin ...)
+CVE-2013-7433
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7432 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers ...)
+CVE-2013-7432
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7431 (Full path disclosure in the Googlemaps plugin before 3.1 for Joomla!. ...)
+CVE-2013-7431
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7430 (Cross-site scripting (XSS) vulnerability in the Googlemaps plugin ...)
+CVE-2013-7430
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7429 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers ...)
+CVE-2013-7429
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7428 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers ...)
+CVE-2013-7428
 	NOT-FOR-US: Googlemaps plugin for Joomla!
 CVE-2013-7427
 	RESERVED
-CVE-2013-7436 (noVNC before 0.5 does not set the secure flag for a cookie in an https ...)
+CVE-2013-7436
 	- novnc 1:0.4+dfsg+1+20131010+gitf68af8af3d-4 (bug #778618)
 	[wheezy] - novnc <not-affected> (Only an issue in combination with later OpenStack components)
 	NOTE: https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd
@@ -188,13 +188,13 @@ CVE-2013-XXXX [TOCTOU race when expanding JAR files]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=959433
 	NOTE: libbluray is only in wheezy and later and the issue is neutered by the kernel hardening for /tmp
 	NOTE: Affected code removed in 0.7.0-1
-CVE-2013-7437 (Multiple integer overflows in potrace 1.11 allow remote attackers to ...)
+CVE-2013-7437
 	{DLA-675-1}
 	- potrace 1.12-1 (bug #778646)
 	[squeeze] - potrace <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=955808
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/12
-CVE-2013-7449 (The ssl_do_connect function in common/server.c in HexChat before ...)
+CVE-2013-7449
 	- xchat 2.8.8-10 (bug #776609)
 	[jessie] - xchat <no-dsa> (Minor issue)
 	[wheezy] - xchat <no-dsa> (Minor issue)
@@ -207,16 +207,16 @@ CVE-2013-7449 (The ssl_do_connect function in common/server.c in HexChat before
 	NOTE: https://github.com/hexchat/hexchat/issues/524
 	NOTE: https://github.com/hexchat/hexchat/commit/c9b63f7f9be01692b03fa15275135a4910a7e02d (v2.12.0)
 	NOTE: https://github.com/hexchat/hexchat/commit/c99f2ba645d1f4d01d6d2bb0cc1238825e15c604 (v2.10.2)
-CVE-2013-7426 (Insecure Temporary file vulnerability in /tmp/kamailio_fifo in ...)
+CVE-2013-7426
 	- kamailio 4.0.2-1 (bug #712083)
-CVE-2013-7424 (The getaddrinfo function in glibc before 2.15, when compiled with ...)
+CVE-2013-7424
 	{DSA-3169-1 DLA-165-1}
 	- glibc 2.15-1
 	- eglibc 2.15-1
 	NOTE: http://seclists.org/oss-sec/2015/q1/306
 	NOTE: Upstream fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2e96f1c7
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=981942
-CVE-2013-7423 (The send_dg function in resolv/res_send.c in GNU C Library (aka glibc ...)
+CVE-2013-7423
 	{DLA-165-1}
 	- glibc 2.19-1 (bug #722075)
 	[wheezy] - eglibc 2.13-38+deb7u5
@@ -224,7 +224,7 @@ CVE-2013-7423 (The send_dg function in resolv/res_send.c in GNU C Library (aka g
 	NOTE: Fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f9d2d03254a58d92635a311a42253eeed5a40a47
 	NOTE: Upstream report: https://sourceware.org/bugzilla/show_bug.cgi?id=15946
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/28/16
-CVE-2013-7421 (The Crypto API in the Linux kernel before 3.18.5 allows local users to ...)
+CVE-2013-7421
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-2
 	- linux-2.6 <removed>
@@ -232,7 +232,7 @@ CVE-2013-7421 (The Crypto API in the Linux kernel before 3.18.5 allows local use
 	NOTE: https://lkml.org/lkml/2013/3/4/70
 	NOTE: https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d26a105b5a7 (v3.19-rc1)
-CVE-2013-7422 (Integer underflow in regcomp.c in Perl before 5.20, as used in Apple ...)
+CVE-2013-7422
 	- perl 5.20.0-1 (bug #776046)
 	[wheezy] - perl <no-dsa> (Minor issue)
 	[squeeze] - perl <no-dsa> (Minor issue)
@@ -241,15 +241,15 @@ CVE-2013-7422 (Integer underflow in regcomp.c in Perl before 5.20, as used in Ap
 CVE-2013-XXXX [lhasa: several directory traversal vulnerabilities]
 	- lhasa 0.2.0-1
 	[wheezy] - lhasa <no-dsa> (Minor issue)
-CVE-2013-7420 (Buffer overflow in Hancom Office 2010 SE allows remote attackers to ...)
+CVE-2013-7420
 	NOT-FOR-US: Hancom Office 2010 SE
-CVE-2013-7419 (Cross-site scripting (XSS) vulnerability in includes/refreshDate.php ...)
+CVE-2013-7419
 	NOT-FOR-US: Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin for WordPress
-CVE-2013-7418 (cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 ...)
+CVE-2013-7418
 	NOT-FOR-US: IPCop
-CVE-2013-7417 (Cross-site scripting (XSS) vulnerability in cgi-bin/ipinfo.cgi in ...)
+CVE-2013-7417
 	NOT-FOR-US: IPCop
-CVE-2013-7416 (canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote ...)
+CVE-2013-7416
 	- canto <removed> (bug #731582)
 	[wheezy] - canto <not-affected> (Vulnerable code not present)
 	[squeeze] - canto <not-affected> (Vulnerable code not present)
@@ -265,102 +265,102 @@ CVE-2013-7411
 	RESERVED
 CVE-2013-7410
 	RESERVED
-CVE-2013-7409 (Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote ...)
+CVE-2013-7409
 	NOT-FOR-US: ALLPlayer
-CVE-2013-7408 (F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session ...)
+CVE-2013-7408
 	NOT-FOR-US: F5 BIG-IP Analytics
-CVE-2013-7407 (Cross-site request forgery (CSRF) vulnerability in the MRBS module for ...)
+CVE-2013-7407
 	NOT-FOR-US: Drupal module MRBS
-CVE-2013-7406 (SQL injection vulnerability in the MRBS module for Drupal allows ...)
+CVE-2013-7406
 	NOT-FOR-US: Drupal module MRBS
-CVE-2013-7405 (The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a ...)
+CVE-2013-7405
 	NOT-FOR-US: GE Healthcare Centricity DMS
-CVE-2013-7404 (GE Healthcare Discovery NM 750b has a password of 2getin for the ...)
+CVE-2013-7404
 	NOT-FOR-US: GE Healthcare Discovery NM 750b
 CVE-2013-7403
 	RESERVED
 	NOT-FOR-US: WordPress plugin wp-video-commando
-CVE-2013-7400 (The Direct Mail (direct_mail) extension before 3.1.2 for TYPO3 allows ...)
+CVE-2013-7400
 	NOT-FOR-US: TYPO3 extension direct_mail
 CVE-2013-7399
 	RESERVED
-CVE-2013-7402 (Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x ...)
+CVE-2013-7402
 	{DSA-3101-1}
 	- c-icap 1:0.3.1-1
 	NOTE: http://sourceforge.net/p/c-icap/code/1018/
 	NOTE: http://sourceforge.net/p/c-icap/code/1021
-CVE-2013-7401 (The parse_request function in request.c in c-icap 0.2.x allows remote ...)
+CVE-2013-7401
 	{DSA-3101-1}
 	- c-icap 1:0.3.1-1
 	NOTE: http://sourceforge.net/p/c-icap/bugs/59/
 	NOTE: http://sourceforge.net/p/c-icap/code/1018/
-CVE-2013-7398 (main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async ...)
+CVE-2013-7398
 	- async-http-client <not-affected> (Vulnerable code not present, bug #773364)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/197
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/commit/3c9152e2c75f7e8b654beec40383748a14c6b51b
-CVE-2013-7397 (Async Http Client (aka AHC or async-http-client) before 1.9.0 skips ...)
+CVE-2013-7397
 	- async-http-client 1.6.5-3
 	[wheezy] - async-http-client <no-dsa> (Minor issue)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/352
 CVE-2013-7396
 	RESERVED
-CVE-2013-7395 (ZOLL Defibrillator / Monitor X Series has a default (1) supervisor ...)
+CVE-2013-7395
 	NOT-FOR-US: ZOLL Defibrillator / Monitor X Series
-CVE-2013-7394 (The &quot;runshellscript echo.sh&quot; script in Splunk before 5.0.5 allows ...)
+CVE-2013-7394
 	NOT-FOR-US: Splunk
-CVE-2013-7393 (The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local ...)
+CVE-2013-7393
 	- subversion 1.8.5-1 (unimportant)
 	NOTE: Optional admin-side utilities in Subversion 1.8.x
 	NOTE: split form CVE-2013-4262
-CVE-2013-7392 (Gitlist allows remote attackers to execute arbitrary commands via ...)
+CVE-2013-7392
 	- gitlist <itp> (bug #750368)
-CVE-2013-7391 (The Entity API module 7.x-1.x before 7.x-1.2 for Drupal, when using ...)
+CVE-2013-7391
 	NOT-FOR-US: Drupal contributed module Entity API
 CVE-2013-7390
 	RESERVED
-CVE-2013-7389 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 ...)
+CVE-2013-7389
 	NOT-FOR-US: D-Link router
-CVE-2013-7388 (Heap-based buffer overflow in paintlib, as used in Trimble SketchUp ...)
+CVE-2013-7388
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-7387 (Session fixation vulnerability in DataLife Engine (DLE) 9.7 and ...)
+CVE-2013-7387
 	NOT-FOR-US: DataLife Engine
-CVE-2013-7386 (Format string vulnerability in the PROJECT::write_account_file ...)
+CVE-2013-7386
 	- boinc 7.1.10+dfsg-1 (low)
 	[squeeze] - boinc <no-dsa> (Minor issue)
 	[wheezy] - boinc <no-dsa> (Minor issue)
-CVE-2013-7385 (LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator ...)
+CVE-2013-7385
 	NOT-FOR-US: LiveZilla
-CVE-2013-7384 (UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a ...)
+CVE-2013-7384
 	- unrealircd <itp> (bug #515130)
-CVE-2013-7382 (VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and ...)
+CVE-2013-7382
 	NOT-FOR-US: VICIDIAL
 CVE-2013-7381
 	RESERVED
 CVE-2013-7380
 	RESERVED
-CVE-2013-7379 (The admin API in the tomato module before 0.0.6 for Node.js does not ...)
+CVE-2013-7379
 	NOT-FOR-US: tomato module for Node.js
 CVE-2013-7378
 	RESERVED
-CVE-2013-7377 (The codem-transcode module before 0.5.0 for Node.js, when ffprobe is ...)
+CVE-2013-7377
 	NOT-FOR-US: codem-transcode Node module
-CVE-2013-7376 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX ...)
+CVE-2013-7376
 	NOT-FOR-US: OpenX
-CVE-2013-7383 (x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before ...)
+CVE-2013-7383
 	- x2goserver <not-affected> (Fixed with first upload to Debian)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=5a2aa0c36ef7a57d87e3bb6f7c6b2558ed5430f7 (4.0.1.10)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=b03665513ab1969b069c1351fe17cbb8b5fca256 (4.0.0.8)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=8347d3fef0e5cbabe4aa48f503612fa7b9d078f8 (4.0.0.8)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=bf44925ecccda436caa1cfc34f89eced9c1bd104 (4.0.0.8)
-CVE-2013-7375 (SQL injection vulnerability in includes/classes/Authenticate.class.php ...)
+CVE-2013-7375
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-7373 (Android before 4.4 does not properly arrange for seeding of the ...)
+CVE-2013-7373
 	NOT-FOR-US: Android
-CVE-2013-7372 (The engineNextBytes function in ...)
+CVE-2013-7372
 	NOT-FOR-US: Android
-CVE-2013-7369 (SQL injection vulnerability in an unspecified DLL in the FSDBCom ...)
+CVE-2013-7369
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2013-7374 (The Ubuntu Date and Time Indicator (aka indicator-datetime) ...)
+CVE-2013-7374
 	NOT-FOR-US: indicator-datetime
 CVE-2013-7371 [XSS in the Sencha Labs Connect middleware]
 	RESERVED
@@ -369,102 +369,102 @@ CVE-2013-7371 [XSS in the Sencha Labs Connect middleware]
 CVE-2013-7370 [XSS in the Sencha Labs Connect middleware]
 	RESERVED
 	- node-connect 3.0.0-1 (bug #744374)
-CVE-2013-7368 (Multiple cross-site scripting (XSS) vulnerabilities in Gnew 2013.1 ...)
+CVE-2013-7368
 	NOT-FOR-US: Gnew
-CVE-2013-7367 (SAP Enterprise Portal does not properly restrict access to the ...)
+CVE-2013-7367
 	NOT-FOR-US: SAP
-CVE-2013-7366 (The SAP Software Deployment Manager (SDM), in certain unspecified ...)
+CVE-2013-7366
 	NOT-FOR-US: SAP
-CVE-2013-7365 (Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal ...)
+CVE-2013-7365
 	NOT-FOR-US: SAP
-CVE-2013-7364 (An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver ...)
+CVE-2013-7364
 	NOT-FOR-US: SAP
-CVE-2013-7363 (Unspecified vulnerability in the Diagnostics (SMD) agent in SAP ...)
+CVE-2013-7363
 	NOT-FOR-US: SAP
-CVE-2013-7362 (An unspecified RFC function in SAP CCMS Agent allows remote attackers ...)
+CVE-2013-7362
 	NOT-FOR-US: SAP
-CVE-2013-7361 (Directory traversal vulnerability in SAP CMS and CM Services allows ...)
+CVE-2013-7361
 	NOT-FOR-US: SAP
-CVE-2013-7360 (Unspecified vulnerability in SAP adminadapter allows remote attackers ...)
+CVE-2013-7360
 	NOT-FOR-US: SAP
-CVE-2013-7359 (Unspecified vulnerability in SAP Mobile Infrastructure allows remote ...)
+CVE-2013-7359
 	NOT-FOR-US: SAP
-CVE-2013-7358 (Unspecified vulnerability in SAP Guided Procedures Archive Monitor ...)
+CVE-2013-7358
 	NOT-FOR-US: SAP
-CVE-2013-7357 (Unspecified vulnerability in the configuration service in SAP J2EE ...)
+CVE-2013-7357
 	NOT-FOR-US: SAP
-CVE-2013-7356 (Unspecified vulnerability in the SAP CCMS / Database Monitors for ...)
+CVE-2013-7356
 	NOT-FOR-US: SAP
-CVE-2013-7355 (SQL injection vulnerability in SAP BI Universal Data Integration ...)
+CVE-2013-7355
 	NOT-FOR-US: SAP
-CVE-2013-7354 (Multiple integer overflows in libpng before 1.5.14rc03 allow remote ...)
+CVE-2013-7354
 	- libpng <not-affected> (Only affects 1.5 and later)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/32215052/
 	NOTE: http://sourceforge.net/p/libpng/bugs/199/
 	- libpng1.6 1.6.10-1
-CVE-2013-7353 (Integer overflow in the png_set_unknown_chunks function in ...)
+CVE-2013-7353
 	- libpng <not-affected> (Only affects 1.5 and later)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/32215052/
 	NOTE: http://sourceforge.net/p/libpng/bugs/199/
 	- libpng1.6 1.6.10-1
-CVE-2013-7352 (Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in ...)
+CVE-2013-7352
 	NOT-FOR-US: b2evolution
-CVE-2013-7350 (Multiple unspecified vulnerabilities in Check Point Security Gateway ...)
+CVE-2013-7350
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2013-7349 (Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote ...)
+CVE-2013-7349
 	NOT-FOR-US: Gnew
-CVE-2013-7346 (Cross-site request forgery (CSRF) vulnerability in Symphony CMS before ...)
+CVE-2013-7346
 	NOT-FOR-US: Symphony CMS
 CVE-2013-7351 [several XSS]
 	RESERVED
 	- shaarli 0.0.41~beta~dfsg2-4 (bug #743252)
 	NOTE: https://github.com/sebsauvage/Shaarli/commit/53da201749f8f362323ef278bf338f1d9f7a925a
-CVE-2013-7348 (Double free vulnerability in the ioctx_alloc function in fs/aio.c in ...)
+CVE-2013-7348
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (Introduced and fixed in 3.13 series)
 	- linux-2.6 <not-affected> (Introduced and fixed in 3.13 series)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d558023207e008a4476a3b7bb8706b2a2bf5d84f
-CVE-2013-7347 (Luci in Red Hat Conga does not properly enforce the user session ...)
+CVE-2013-7347
 	NOT-FOR-US: Red Hat Conga
-CVE-2013-7344 (Unspecified vulnerability in core/settings.php in ownCloud before ...)
+CVE-2013-7344
 	- owncloud 5.0.3+dfsg-1
-CVE-2013-7343 (Cross-site scripting (XSS) vulnerability in flowplayer.swf in the ...)
+CVE-2013-7343
 	NOT-FOR-US: Flowplayer
 	NOTE: Present in the source in some Moodle packages, see #736800
-CVE-2013-7342 (Cross-site scripting (XSS) vulnerability in flowplayer.swf in the ...)
+CVE-2013-7342
 	NOT-FOR-US: Flowplayer
 	NOTE: Present in the source in some Moodle packages, see #736800
-CVE-2013-7340 (VideoLAN VLC Media Player before 2.0.7 allows remote attackers to ...)
+CVE-2013-7340
 	- vlc 2.2.0~rc2-1 (unimportant)
 	NOTE: No security impact
 	NOTE: Might be fixed earlier than 2.2.0~rc2, but only that version was checked
 CVE-2013-7337
 	RESERVED
-CVE-2013-7341 (Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer ...)
+CVE-2013-7341
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-7339 (The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel ...)
+CVE-2013-7339
 	{DSA-2906-1}
 	- linux 3.13-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2349758acf1874e4c2b93fe41d072336f1a31d0
-CVE-2013-7336 (The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in ...)
+CVE-2013-7336
 	- libvirt 1.1.4-1
 	[wheezy] - libvirt <not-affected> (Vulnerable code not present)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: http://www.redhat.com/archives/libvir-list/2013-September/msg01208.html
-CVE-2013-7335 (Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x ...)
+CVE-2013-7335
 	NOT-FOR-US: DotNetNuke
-CVE-2013-7334 (Cross-site request forgery (CSRF) vulnerability in ImageCMS before 4.2 ...)
+CVE-2013-7334
 	NOT-FOR-US: ImageCMS
 CVE-2013-7333
 	RESERVED
-CVE-2013-7332 (The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and ...)
+CVE-2013-7332
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-7331 (The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and ...)
+CVE-2013-7331
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-7345 (The BEGIN regular expression in the awk script detector in ...)
+CVE-2013-7345
 	{DSA-3064-1 DSA-2873-1}
 	- file 1:5.17-0.1 (bug #703993)
 	NOTE: http://bugs.gw.com/view.php?id=164
@@ -479,22 +479,22 @@ CVE-2013-7345 (The BEGIN regular expression in the awk script detector in ...)
 	NOTE: create_data_file.php /usr/share/file/magic.mgc > data_info.c" once
 	NOTE: you have a fixed libmagic1 installed.
 	NOTE: fixed by php5 5.4.27 so DSA 3064-1 also fixed it in Wheezy
-CVE-2013-7330 (Jenkins before 1.502 allows remote authenticated users to configure an ...)
+CVE-2013-7330
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/36342d71e29e0620f803a7470ce96c61761648d8
-CVE-2013-7328 (Multiple integer signedness errors in the gdImageCrop function in ...)
+CVE-2013-7328
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
-CVE-2013-7327 (The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does ...)
+CVE-2013-7327
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
-CVE-2013-7326 (Cross-site scripting (XSS) vulnerability in vTiger CRM 5.4.0 allows ...)
+CVE-2013-7326
 	NOT-FOR-US: vTiger CRM
 CVE-2013-7324
 	RESERVED
-CVE-2013-7329 (The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when ...)
+CVE-2013-7329
 	- libcgi-application-perl 4.50-2 (bug #739505)
 	[wheezy] - libcgi-application-perl <no-dsa> (Minor issue)
 	[squeeze] - libcgi-application-perl <no-dsa> (Minor issue)
@@ -504,17 +504,17 @@ CVE-2013-7325
 	{DSA-2836-1}
 	- devscripts 2.13.9
 	[squeeze] - devscripts <no-dsa> (Minor issue)
-CVE-2013-7321 (Cross-site scripting (XSS) vulnerability in D-Link DAP-2253 Access ...)
+CVE-2013-7321
 	NOT-FOR-US: D-Link hardware
-CVE-2013-7320 (Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 ...)
+CVE-2013-7320
 	NOT-FOR-US: D-Link hardware
-CVE-2013-7319 (Cross-site scripting (XSS) vulnerability in the Download Manager ...)
+CVE-2013-7319
 	NOT-FOR-US: WordPress plugin Download Manager
-CVE-2013-7322 (usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly ...)
+CVE-2013-7322
 	- oath-toolkit 2.4.1-1 (low; bug #738515)
 	[wheezy] - oath-toolkit <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00000.html
-CVE-2013-7338 (Python before 3.3.4 RC1 allows remote attackers to cause a denial of ...)
+CVE-2013-7338
 	- python2.5 <not-affected> (Only affects 3.x)
 	- python2.6 <not-affected> (Only affects 3.x)
 	- python2.7 <not-affected> (Only affects 3.x)
@@ -545,113 +545,113 @@ CVE-2013-XXXX [autopostgresqlbackup code injection]
 CVE-2013-XXXX [buffer overflow in commandline parsing]
 	- swath 0.4.3-3 (low; bug #698189)
 	[squeeze] - swath 0.4.0-4+squeeze1
-CVE-2013-7323 (python-gnupg before 0.3.5 allows context-dependent attackers to ...)
+CVE-2013-7323
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
-CVE-2013-7318 (Cross-site scripting (XSS) vulnerability in BusinessFlow/login in ...)
+CVE-2013-7318
 	NOT-FOR-US: AlgoSec Firewall Analyzer
-CVE-2013-7317 (Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before ...)
+CVE-2013-7317
 	NOT-FOR-US: CS-Cart
-CVE-2013-7316 (Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other ...)
+CVE-2013-7316
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-7315 (The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through ...)
+CVE-2013-7315
 	{DSA-2842-1}
 	- libspring-java 3.0.6.RELEASE-10 (low; bug #720902)
-CVE-2013-7314 (The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 ...)
+CVE-2013-7314
 	NOT-FOR-US: NEC routers
-CVE-2013-7313 (The OSPF implementation in Juniper Junos through 13.x, JunosE, and ...)
+CVE-2013-7313
 	NOT-FOR-US: Juniper Junos
-CVE-2013-7312 (The OSPF implementation on Enterasys switches and routers does not ...)
+CVE-2013-7312
 	NOT-FOR-US: Enterasys switches and routers
-CVE-2013-7311 (The OSPF implementation in Check Point Gaia OS R75.X and R76 and IPSO ...)
+CVE-2013-7311
 	NOT-FOR-US: Check Point Gaia OS
-CVE-2013-7310 (The OSPF implementation on Yamaha routers does not consider the ...)
+CVE-2013-7310
 	NOT-FOR-US: Yamaha routers
-CVE-2013-7309 (The OSPF implementation in Extreme Networks EXOS does not consider the ...)
+CVE-2013-7309
 	NOT-FOR-US: Extreme Networks EXOS
-CVE-2013-7308 (The OSPF implementation on the D-Link DES-3810-28 switch with firmware ...)
+CVE-2013-7308
 	NOT-FOR-US: D-Link DES-3810-28 switch
-CVE-2013-7307 (The OSPF implementation on the Brocade Vyatta vRouter with software ...)
+CVE-2013-7307
 	NOT-FOR-US: Brocade Vyatta vRouter
-CVE-2013-7306 (The OSPF implementation on Brocade routers does not consider the ...)
+CVE-2013-7306
 	NOT-FOR-US: Brocade routers
-CVE-2013-7305 (fpw.php in e107 through 1.0.4 does not check the user_ban field, which ...)
+CVE-2013-7305
 	NOT-FOR-US: e107
-CVE-2013-7304 (Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does ...)
+CVE-2013-7304
 	NOT-FOR-US: Check Point Endpoint Security MI Server
 CVE-2013-7297
 	RESERVED
-CVE-2013-7295 (Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a ...)
+CVE-2013-7295
 	- tor 0.2.4.20-1 (low)
 	[wheezy] - tor <no-dsa> (Minor issue)
 	[squeeze] - tor <not-affected> (OpenSSL in oldstable not affected)
-CVE-2013-7303 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2013-7303
 	- spip 3.0.13-1 (bug #736170)
 	[wheezy] - spip 2.1.17-1+deb7u3
 	[squeeze] - spip <end-of-life> (Not supported in Squeeze LTS)
-CVE-2013-7302 (Session fixation vulnerability in the Ubercart module 6.x-2.x before ...)
+CVE-2013-7302
 	NOT-FOR-US: Drupal contrib
-CVE-2013-7301 (Cantata before 1.2.2 does not restrict access to files in the play ...)
+CVE-2013-7301
 	- cantata <not-affected> (Vulnerable code introduced with 1.2.0; bug #736154)
 	NOTE: https://code.google.com/p/cantata/issues/detail?id=356
-CVE-2013-7300 (Absolute path traversal vulnerability in cantata before 1.2.2 allows ...)
+CVE-2013-7300
 	- cantata <not-affected> (Vulnerable code introduced with 1.2.0; bug #736154)
 	NOTE: https://code.google.com/p/cantata/issues/detail?id=356
-CVE-2013-7299 (framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows ...)
+CVE-2013-7299
 	- tntnet 2.2.1-1 (low; bug #735881)
 	[wheezy] - tntnet <no-dsa> (Minor issue)
 	[squeeze] - tntnet <no-dsa> (Minor issue)
-CVE-2013-7298 (query_params.cpp in cxxtools before 2.2.1 allows remote attackers to ...)
+CVE-2013-7298
 	- cxxtools 2.2.1-1 (low; bug #735880)
 	[wheezy] - cxxtools <not-affected> (Issue not present, introduced in v2.2)
 	[squeeze] - cxxtools <not-affected> (Issue not present, introduced in v2.2)
-CVE-2013-7296 (The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler ...)
+CVE-2013-7296
 	- poppler <not-affected> (Introduced in a3cee0e7e9dd292c70fe1fa19a92e70bbc1e1b41)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=328511
-CVE-2013-7294 (The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in ...)
+CVE-2013-7294
 	NOT-FOR-US: libreswan, strongSwan not affected (pluto never supported ikev2)
-CVE-2013-7293 (The ASUS WL-330NUL router has a configuration process that relies on ...)
+CVE-2013-7293
 	NOT-FOR-US: ASUS router
-CVE-2013-7292 (VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote ...)
+CVE-2013-7292
 	NOT-FOR-US: VASCO IAS
-CVE-2013-7291 (memcached before 1.4.17, when running in verbose mode, allows remote ...)
+CVE-2013-7291
 	{DLA-701-1}
 	- memcached 1.4.20-1 (low; bug #735314)
 	[squeeze] - memcached <no-dsa> (Minor issue)
 	NOTE: https://github.com/memcached/memcached/commit/fbe823d9a61b5149cd6e3b5e17bd28dd3b8dd760
-CVE-2013-7290 (The do_item_get function in items.c in memcached 1.4.4 and other ...)
+CVE-2013-7290
 	- memcached 1.4.13-0.2
 	[squeeze] - memcached 1.4.5-1+deb6u1
 	NOTE: https://github.com/memcached/memcached/commit/fbe823d9a61b5149cd6e3b5e17bd28dd3b8dd760
 	NOTE: actual patch should be adjusted in case there is a further memcached upload accoring to upstream commit
-CVE-2013-7289 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
+CVE-2013-7289
 	NOT-FOR-US: Andy's PHP Knowledgebase (Aphpkb)
 CVE-2013-7287
 	RESERVED
 CVE-2013-7286
 	RESERVED
-CVE-2013-7283 (Race condition in the libreswan.spec files for Red Hat Enterprise ...)
+CVE-2013-7283
 	- libreswan <not-affected> (Fixed before initial upload in Debian; /tmp-race in libreswan.spec for rpm based systems)
-CVE-2013-7282 (The management web interface on the Nisuta NS-WIR150NE router with ...)
+CVE-2013-7282
 	NOT-FOR-US: Nisuta NS-WIR150NE router
-CVE-2013-7280 (Buffer overflow in HansoTools Hanso Player 2.1.0, 2.5.0, and earlier ...)
+CVE-2013-7280
 	NOT-FOR-US: HansoTools Hanso Player
-CVE-2013-7279 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-7279
 	NOT-FOR-US: WordPress plugin S3 Video
-CVE-2013-7278 (SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote ...)
+CVE-2013-7278
 	NOT-FOR-US: Naxtech CMS Afroditi
-CVE-2013-7277 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP ...)
+CVE-2013-7277
 	NOT-FOR-US: Andy's PHP Knowledgebase (Aphpkb)
-CVE-2013-7276 (Cross-site scripting (XSS) vulnerability in inc/raf_form.php in the ...)
+CVE-2013-7276
 	NOT-FOR-US: WordPress plugin Recommend to a friend
-CVE-2013-7275 (Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka ...)
+CVE-2013-7275
 	NOT-FOR-US: MyBB
-CVE-2013-7274 (Cross-site scripting (XSS) vulnerability in Wallpaper Script 3.5.0082 ...)
+CVE-2013-7274
 	NOT-FOR-US: Wallpaper Script
 CVE-2013-7272
 	RESERVED
-CVE-2013-7288 (Cross-site scripting (XSS) vulnerability in the mycode_parse_video ...)
+CVE-2013-7288
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2013-7285 [remote code execution via deserialization in XStream]
 	RESERVED
@@ -661,50 +661,50 @@ CVE-2013-7285 [remote code execution via deserialization in XStream]
 	NOTE: http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html
 	NOTE: http://markmail.org/message/kfqoqdfj5fnup5co?q=list:org.codehaus.xstream.dev&page=3
 	NOTE: initial patch: https://fisheye.codehaus.org/changelog/xstream?cs=2210
-CVE-2013-7284 (The PlRPC module, possibly 0.2020 and earlier, for Perl uses the ...)
+CVE-2013-7284
 	- libplrpc-perl <removed> (high; bug #734789)
 	[squeeze] - libplrpc-perl <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream appears dead.
-CVE-2013-7273 (GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list ...)
+CVE-2013-7273
 	- gdm3 3.8.3-1 (low; bug #683338)
 	[wheezy] - gdm3 <no-dsa> (Minor issue)
 	[squeeze] - gdm3 <not-affected> (Vulnerable code not present)
-CVE-2013-7271 (The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel ...)
+CVE-2013-7271
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7270 (The packet_recvmsg function in net/packet/af_packet.c in the Linux ...)
+CVE-2013-7270
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7269 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel ...)
+CVE-2013-7269
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7268 (The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel ...)
+CVE-2013-7268
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7267 (The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel ...)
+CVE-2013-7267
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7266 (The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the ...)
+CVE-2013-7266
 	{DLA-103-1}
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
@@ -712,82 +712,82 @@ CVE-2013-7266 (The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7262 (SQL injection vulnerability in the msPostGISLayerSetTimeFilter ...)
+CVE-2013-7262
 	- mapserver 6.4.1-1 (low; bug #734565)
 	[wheezy] - mapserver 6.0.1-3.2+deb7u2
 	[squeeze] - mapserver 5.6.5-2+squeeze3
 	NOTE: https://github.com/mapserver/mapserver/issues/4834
 CVE-2013-7261
 	RESERVED
-CVE-2013-7260 (Multiple stack-based buffer overflows in RealNetworks RealPlayer ...)
+CVE-2013-7260
 	NOT-FOR-US: RealPlayer
-CVE-2013-7281 (The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux ...)
+CVE-2013-7281
 	- linux-2.6 <not-affected> (Introduced in 3.10)
 	- linux 3.12.6-1 (low)
 	[wheezy] - linux <not-affected> (Introduced in 3.10)
-CVE-2013-7265 (The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel ...)
+CVE-2013-7265
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.54-1
 	- linux 3.12.6-1 (low)
-CVE-2013-7264 (The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel ...)
+CVE-2013-7264
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.54-1
 	- linux 3.12.6-1 (low)
-CVE-2013-7263 (The Linux kernel before 3.12.4 updates certain length values before ...)
+CVE-2013-7263
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.12.6-1 (low)
 	[wheezy] - linux 3.2.54-1 (low)
-CVE-2013-7251 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2013-7251
 	NOT-FOR-US: ProjectForge
-CVE-2013-7250 (Cross-site scripting (XSS) vulnerability in the JsonBuilder ...)
+CVE-2013-7250
 	NOT-FOR-US: ProjectForge
-CVE-2013-7248 (Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other ...)
+CVE-2013-7248
 	NOT-FOR-US: Franklin Fueling Systems TS-550
-CVE-2013-7247 (cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware ...)
+CVE-2013-7247
 	NOT-FOR-US: Franklin Fueling Systems TS-550
-CVE-2013-7246 (Buffer overflow in the IconCreate method in an ActiveX control in the ...)
+CVE-2013-7246
 	NOT-FOR-US: DaumGame ActiveX plugin
-CVE-2013-7245 (The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows ...)
+CVE-2013-7245
 	NOT-FOR-US: SAP Sybase ASE
 CVE-2013-7244
 	RESERVED
-CVE-2013-7243 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS ...)
+CVE-2013-7243
 	NOT-FOR-US: GetSimple CMS
 CVE-2013-7238
 	RESERVED
 CVE-2013-7237
 	RESERVED
-CVE-2013-7259 (Multiple cross-site request forgery (CSRF) vulnerabilities in Neo4J ...)
+CVE-2013-7259
 	- neo4j-community <itp> (bug #685615)
 	NOTE: http://blog.diniscruz.com/2013/08/neo4j-csrf-payload-to-start-processes.html
-CVE-2013-7258 (Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before ...)
+CVE-2013-7258
 	- web2ldap <removed> (low; bug #734107)
-CVE-2013-7257 (Cross-site scripting (XSS) vulnerability in Codiad 2.0.7 allows remote ...)
+CVE-2013-7257
 	NOT-FOR-US: Codiad
-CVE-2013-7256 (Cross-site request forgery (CSRF) vulnerability in Opsview before ...)
+CVE-2013-7256
 	NOT-FOR-US: Ops View
-CVE-2013-7255 (Open redirect vulnerability in Opsview before 4.4.2 allows remote ...)
+CVE-2013-7255
 	NOT-FOR-US: Ops View
-CVE-2013-7254 (Cross-site scripting (XSS) vulnerability in Opsview before 4.4.2 ...)
+CVE-2013-7254
 	NOT-FOR-US: Ops View
 CVE-2013-7253
 	RESERVED
-CVE-2013-7252 (kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ...)
+CVE-2013-7252
 	- kde-runtime 4:4.12.2-1
 	[wheezy] - kde-runtime <no-dsa> (4.12 introduces a GnuPG backend, no backport planned)
 	- kdebase-runtime <removed>
 	[squeeze] - kdebase-runtime <no-dsa> (4.12 introduces a GnuPG backend, no backport planned)
 	NOTE: http://gaganpreet.in/blog/2013/07/24/kwallet-security-analysis/
 	NOTE: Upstream advisory: https://www.kde.org/info/security/advisory-20150109-1.txt
-CVE-2013-7233 (Cross-site request forgery (CSRF) vulnerability in the retrospam ...)
+CVE-2013-7233
 	- wordpress <unfixed> (unimportant)
 	NOTE: issue only allows comments from posts to be moved to "needs moderation" list
-CVE-2013-7232 (SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 ...)
+CVE-2013-7232
 	NOT-FOR-US: ESRI ArcGIS
-CVE-2013-7231 (Cross-site scripting (XSS) vulnerability in the Mobile Content Server ...)
+CVE-2013-7231
 	NOT-FOR-US: ESRI ArcGIS
 CVE-2013-7230
 	RESERVED
@@ -797,19 +797,19 @@ CVE-2013-7228
 	RESERVED
 CVE-2013-7227
 	RESERVED
-CVE-2013-7226 (Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP ...)
+CVE-2013-7226
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	NOTE: https://bugs.php.net/bug.php?id=66356
 	NOTE: http://www.php.net/manual/en/function.imagecrop.php
-CVE-2013-7219 (SQL injection vulnerability in vote.php in the 2Glux Sexy Polling ...)
+CVE-2013-7219
 	NOT-FOR-US: Joomla component com_sexypolling
 CVE-2013-7218
 	RESERVED
-CVE-2013-7217 (Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and ...)
+CVE-2013-7217
 	NOT-FOR-US: Zimbra
-CVE-2013-7216 (Multiple SQL injection vulnerabilities in Classifieds Creator 2.0 ...)
+CVE-2013-7216
 	NOT-FOR-US: Classifieds Creator
 CVE-2013-7215
 	RESERVED
@@ -823,7 +823,7 @@ CVE-2013-7211
 	RESERVED
 CVE-2013-7210
 	RESERVED
-CVE-2013-7209 (Cross-site request forgery (CSRF) vulnerability in admBase/login.page ...)
+CVE-2013-7209
 	NOT-FOR-US: jForum
 CVE-2013-7208
 	RESERVED
@@ -831,11 +831,11 @@ CVE-2013-7207
 	RESERVED
 CVE-2013-7206
 	RESERVED
-CVE-2013-7204 (Cross-site request forgery (CSRF) vulnerability in set_users.cgi in ...)
+CVE-2013-7204
 	NOT-FOR-US: Conceptronic CIPCAMPTIWL Camera
-CVE-2013-7202 (The WebHybridClient class in PayPal 5.3 and earlier for Android allows ...)
+CVE-2013-7202
 	NOT-FOR-US: Paypal for Android
-CVE-2013-7201 (WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL ...)
+CVE-2013-7201
 	NOT-FOR-US: Paypal for Android
 CVE-2013-7200
 	RESERVED
@@ -845,48 +845,48 @@ CVE-2013-7198
 	RESERVED
 CVE-2013-7197
 	RESERVED
-CVE-2013-7196 (static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote ...)
+CVE-2013-7196
 	NOT-FOR-US: PHPFox
-CVE-2013-7195 (PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass ...)
+CVE-2013-7195
 	NOT-FOR-US: PHPFox
-CVE-2013-7194 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-7194
 	NOT-FOR-US: eFront
-CVE-2013-7193 (Multiple SQL injection vulnerabilities in C2C Forward Auction Creator ...)
+CVE-2013-7193
 	NOT-FOR-US: C2C Forward Auction Creator
-CVE-2013-7192 (Multiple SQL injection vulnerabilities in Dynamic Biz Website Builder ...)
+CVE-2013-7192
 	NOT-FOR-US: Dynamic Biz Website Builder
-CVE-2013-7190 (Multiple directory traversal vulnerabilities in iScripts AutoHoster, ...)
+CVE-2013-7190
 	NOT-FOR-US: iScripts AutoHoster
-CVE-2013-7186 (Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows ...)
+CVE-2013-7186
 	NOT-FOR-US: Steinberg MyMp3PRO
 CVE-2013-7185
 	RESERVED
-CVE-2013-7184 (Gretech GOM Media Player 2.2.56.5158 and earlier allows remote ...)
+CVE-2013-7184
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2013-7183 (cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote ...)
+CVE-2013-7183
 	NOT-FOR-US: Seowon Intech SWC-9100
-CVE-2013-7182 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-7182
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2013-7181 (Cross-site scripting (XSS) vulnerability in user/ldap_user/add in ...)
+CVE-2013-7181
 	NOT-FOR-US: FortiWeb
-CVE-2013-7180 (Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; ...)
+CVE-2013-7180
 	NOT-FOR-US: Cobham
-CVE-2013-7179 (The ping functionality in cgi-bin/diagnostic.cgi on Seowon Intech ...)
+CVE-2013-7179
 	NOT-FOR-US: Seowon Intech SWC-9100 routers
 CVE-2013-7178
 	RESERVED
-CVE-2013-7177 (config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban ...)
+CVE-2013-7177
 	{DSA-2979-1 DLA-0021-1}
 	- fail2ban 0.8.11-1
 	[squeeze] - fail2ban 0.8.4-3+squeeze3
 	NOTE: https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087
-CVE-2013-7176 (config/filter.d/postfix.conf in the postfix filter in Fail2ban before ...)
+CVE-2013-7176
 	{DSA-2979-1 DLA-0021-1}
 	- fail2ban 0.8.11-1
 	[squeeze] - fail2ban 0.8.4-3+squeeze3
-CVE-2013-7175 (Multiple SQL injection vulnerabilities in Avanset Visual CertExam ...)
+CVE-2013-7175
 	NOT-FOR-US: Avanset Visual CertExam Manager
-CVE-2013-7174 (Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS ...)
+CVE-2013-7174
 	NOT-FOR-US: QNAP QTS
 CVE-2013-7173
 	RESERVED
@@ -944,46 +944,46 @@ CVE-2013-7151
 	RESERVED
 CVE-2013-7150
 	RESERVED
-CVE-2013-7249 (Fat Free CRM before 0.12.1 does not restrict XML serialization, which ...)
+CVE-2013-7249
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7242 (SQL injection vulnerability in ...)
+CVE-2013-7242
 	NOT-FOR-US: Zenphoto
-CVE-2013-7241 (Cross-site scripting (XSS) vulnerability in the export function in ...)
+CVE-2013-7241
 	NOT-FOR-US: Zenphoto
-CVE-2013-7240 (Directory traversal vulnerability in download-file.php in the Advanced ...)
+CVE-2013-7240
 	NOT-FOR-US: Dewplayer
-CVE-2013-7239 (memcached before 1.4.17 allows remote attackers to bypass ...)
+CVE-2013-7239
 	{DSA-2832-1}
 	- memcached 1.4.13-0.3 (bug #733643)
 	[squeeze] - memcached <not-affected> (vulnerable code present, but SASL authentication support not enabled)
 	NOTE: https://code.google.com/p/memcached/wiki/ReleaseNotes1417
 	NOTE: https://code.google.com/p/memcached/issues/detail?id=316
 	NOTE: https://github.com/memcached/memcached/commit/87c1cf0f20be20608d3becf854e9cf0910f4ad32
-CVE-2013-7236 (Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote ...)
+CVE-2013-7236
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-7235 (Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows ...)
+CVE-2013-7235
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-7234 (Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows ...)
+CVE-2013-7234
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-7225 (Multiple SQL injection vulnerabilities in ...)
+CVE-2013-7225
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7224 (Fat Free CRM before 0.12.1 does not restrict JSON serialization, which ...)
+CVE-2013-7224
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7223 (Multiple cross-site request forgery (CSRF) vulnerabilities in Fat Free ...)
+CVE-2013-7223
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7222 (config/initializers/secret_token.rb in Fat Free CRM before 0.12.1 has ...)
+CVE-2013-7222
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7221 (The automatic screen lock functionality in GNOME Shell (aka ...)
+CVE-2013-7221
 	- gnome-shell 3.10.1-1
 	[wheezy] - gnome-shell <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=708313
 	NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/main.js?id=efdf1ff755943fba1f8a9aaeff77daa3ed338088
-CVE-2013-7220 (js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 ...)
+CVE-2013-7220
 	- gnome-shell 3.8.4-1
 	[wheezy] - gnome-shell <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=686740
 	NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/screenShield.js?id=209014b083dbe86ed0e0860a6016735571b56f94
-CVE-2013-7205 (Off-by-one error in the process_cgivars function in ...)
+CVE-2013-7205
 	{DLA-1615-1}
 	- nagios3 <removed> (low; bug #771466)
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
@@ -991,18 +991,18 @@ CVE-2013-7205 (Off-by-one error in the process_cgivars function in ...)
 	NOTE: additional changed files for nagios3, cf. CVE-2013-7108
 	NOTE: Fixed by https://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/
 	NOTE: See also https://github.com/Icinga/icinga-core/issues/1399
-CVE-2013-7203 (gitolite before commit fa06a34 might allow local users to read ...)
+CVE-2013-7203
 	- gitolite3 3.5.3.1-1
 	NOTE: http://marc.info/?l=oss-security&m=138783069700756&w=2
-CVE-2013-7191 (Cross-site scripting (XSS) vulnerability in Tenmiles Helpdesk Pilot ...)
+CVE-2013-7191
 	NOT-FOR-US: Tenmiles Helpdesk Pilot
-CVE-2013-7189 (Multiple SQL injection vulnerabilities in iScripts AutoHoster, ...)
+CVE-2013-7189
 	NOT-FOR-US: iScripts AutoHoster
-CVE-2013-7188 (Cross-site scripting (XSS) vulnerability in KBKP Software HostBill ...)
+CVE-2013-7188
 	NOT-FOR-US: HostBill
-CVE-2013-7187 (SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 ...)
+CVE-2013-7187
 	NOT-FOR-US: WordPress plugin FormCraft
-CVE-2013-7149 (SQL injection vulnerability in www/delivery/axmlrpc.php (aka the ...)
+CVE-2013-7149
 	NOT-FOR-US: Revive Adserver
 CVE-2013-7148
 	REJECTED
@@ -1012,30 +1012,30 @@ CVE-2013-7146
 	REJECTED
 CVE-2013-7145
 	REJECTED
-CVE-2013-7144 (LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X ...)
+CVE-2013-7144
 	NOT-FOR-US: LINE
-CVE-2013-7143 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
+CVE-2013-7143
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7142 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
+CVE-2013-7142
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7141 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
+CVE-2013-7141
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7140 (XML External Entity (XXE) vulnerability in the CalDAV interface in ...)
+CVE-2013-7140
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7139 (SQL injection vulnerability in download.php in Horizon Quick Content ...)
+CVE-2013-7139
 	NOT-FOR-US: Horizon CMS
-CVE-2013-7138 (Directory traversal vulnerability in lib/functions/d-load.php in ...)
+CVE-2013-7138
 	NOT-FOR-US: Horizon CMS
-CVE-2013-7137 (The &quot;remember me&quot; functionality in login.php in Burden before 1.8.1 ...)
+CVE-2013-7137
 	NOT-FOR-US: Burden
-CVE-2013-7136 (The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does not have ...)
+CVE-2013-7136
 	NOT-FOR-US: Cisco
-CVE-2013-7135 (The Proc::Daemon module 0.14 for Perl uses world-writable permissions ...)
+CVE-2013-7135
 	- libproc-daemon-perl 0.14-2 (low; bug #732283)
 	[wheezy] - libproc-daemon-perl <no-dsa> (Minor issue)
 	[squeeze] - libproc-daemon-perl <not-affected> (does not have pid_file option)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=91450
-CVE-2013-7134 (Juvia uses the same secret key for all installations, which allows ...)
+CVE-2013-7134
 	NOT-FOR-US: Juvia
 CVE-2013-7133
 	RESERVED
@@ -1043,15 +1043,15 @@ CVE-2013-7132
 	RESERVED
 CVE-2013-7131
 	RESERVED
-CVE-2013-7130 (The i_create_images_and_backing (aka create_images_and_backing) method ...)
+CVE-2013-7130
 	- nova 2013.2.2 (low; bug #736465)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1251590
-CVE-2013-7129 (Cross-site scripting (XSS) vulnerability in ThemeBeans Blooog theme ...)
+CVE-2013-7129
 	NOT-FOR-US: WordPress theme
-CVE-2013-7128 (Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in ...)
+CVE-2013-7128
 	NOT-FOR-US: SteamOS
-CVE-2013-7127 (Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext ...)
+CVE-2013-7127
 	NOT-FOR-US: Apple Safari
 CVE-2013-7126
 	REJECTED
@@ -1079,17 +1079,17 @@ CVE-2013-7115
 	REJECTED
 CVE-2013-7109
 	RESERVED
-CVE-2013-7105 (Buffer overflow in the Interstage HTTP Server log functionality, as ...)
+CVE-2013-7105
 	NOT-FOR-US: Fujitsu Interstage HTTP Server
-CVE-2013-7104 (McAfee Email Gateway 7.6 allows remote authenticated administrators to ...)
+CVE-2013-7104
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-7103 (McAfee Email Gateway 7.6 allows remote authenticated administrators to ...)
+CVE-2013-7103
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-7102 (Multiple unrestricted file upload vulnerabilities in (1) ...)
+CVE-2013-7102
 	NOT-FOR-US: WordPress theme OptimizePress
 CVE-2013-7101
 	RESERVED
-CVE-2013-7100 (Buffer overflow in the unpacksms16 function in apps/app_sms.c in ...)
+CVE-2013-7100
 	{DSA-2835-1}
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2013-006.html
 	- asterisk 1:11.7.0~dfsg-1 (bug #732355)
@@ -1097,50 +1097,50 @@ CVE-2013-7099
 	RESERVED
 CVE-2013-7098
 	RESERVED
-CVE-2013-7097 (Directory traversal vulnerability in 7 Media Web Solutions eduTrac ...)
+CVE-2013-7097
 	NOT-FOR-US: eduTrac
-CVE-2013-7096 (Multiple SQL injection vulnerabilities in SAP EMR Unwired allow remote ...)
+CVE-2013-7096
 	NOT-FOR-US: Sap EMR
-CVE-2013-7095 (The XML parser (crm_flex_data) in SAP Customer Relationship Management ...)
+CVE-2013-7095
 	NOT-FOR-US: Sap CRM
-CVE-2013-7094 (SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in ...)
+CVE-2013-7094
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-7093 (SAP Network Interface Router (SAProuter) 39.3 SP4 allows remote ...)
+CVE-2013-7093
 	NOT-FOR-US: SAP Network Interface Router
-CVE-2013-7092 (Multiple SQL injection vulnerabilities in ...)
+CVE-2013-7092
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-7091 (Directory traversal vulnerability in ...)
+CVE-2013-7091
 	NOT-FOR-US: Zimbra
 CVE-2013-7090
 	RESERVED
 CVE-2013-7084
 	RESERVED
-CVE-2013-7114 (Multiple buffer overflows in the create_ntlmssp_v2_key function in ...)
+CVE-2013-7114
 	{DSA-2825-1}
 	- wireshark 1.10.4-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-68.html
-CVE-2013-7113 (epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark ...)
+CVE-2013-7113
 	{DSA-2825-1}
 	- wireshark 1.10.4-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-67.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9488
-CVE-2013-7112 (The dissect_sip_common function in epan/dissectors/packet-sip.c in the ...)
+CVE-2013-7112
 	{DLA-497-1}
 	- wireshark 1.10.4-1 (unimportant)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-66.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9388
 	NOTE: Not suitable for code injection
-CVE-2013-7111 (The put_call function in the API client (api/api_client.rb) in the ...)
+CVE-2013-7111
 	NOT-FOR-US: Bio Basespace SDK Ruby Gem
-CVE-2013-7110 (Transifex command-line client before 0.10 does not validate X.509 ...)
+CVE-2013-7110
 	- transifex-client 0.10-1
 	[wheezy] - transifex-client <not-affected> (Incomplete patch was never released)
 	NOTE: fix for CVE-2013-2073 was incorrect/incomplete
 	NOTE: https://github.com/transifex/transifex-client/issues/42
 	NOTE: https://github.com/transifex/transifex-client/commit/6d69d61
-CVE-2013-7108 (Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, ...)
+CVE-2013-7108
 	{DSA-2956-1 DLA-1615-1 DLA-60-1}
 	- icinga 1.10.2-1 (low)
 	- nagios3 <removed> (low; bug #771466)
@@ -1149,7 +1149,7 @@ CVE-2013-7108 (Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earli
 	NOTE: https://dev.icinga.org/issues/5251
 	NOTE: separate CVE requested for nagios, http://www.openwall.com/lists/oss-security/2013/12/23/4
 	NOTE: Fixed by https://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/
-CVE-2013-7107 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga ...)
+CVE-2013-7107
 	{DSA-2956-1}
 	- icinga 1.10.2-1 (low)
 	[squeeze] - icinga <no-dsa> (Minor issue)
@@ -1158,30 +1158,30 @@ CVE-2013-7107 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Ici
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	NOTE: https://dev.icinga.org/issues/5346
-CVE-2013-7106 (Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 ...)
+CVE-2013-7106
 	{DSA-2956-1}
 	- icinga 1.10.2-1
 	[squeeze] - icinga <not-affected> (Vulnerable code not present)
 	NOTE: https://dev.icinga.org/issues/5250
 CVE-2013-7083
 	RESERVED
-CVE-2013-7068 (The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal ...)
+CVE-2013-7068
 	NOT-FOR-US: Drupal module
-CVE-2013-7067 (The OG Features module 6.x-1.x before 6.x-1.4 for Drupal does not ...)
+CVE-2013-7067
 	NOT-FOR-US: Drupal module
-CVE-2013-7066 (The Entity reference module 7.x-1.x before 7.x-1.1-rc1 for Drupal ...)
+CVE-2013-7066
 	NOT-FOR-US: Drupal module
-CVE-2013-7065 (The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal ...)
+CVE-2013-7065
 	NOT-FOR-US: Drupal module
-CVE-2013-7064 (Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance ...)
+CVE-2013-7064
 	NOT-FOR-US: Drupal module
-CVE-2013-7063 (The Invitation module 7.x-2.x for Drupal does not properly check ...)
+CVE-2013-7063
 	NOT-FOR-US: Drupal module
 CVE-2013-7059
 	RESERVED
 CVE-2013-7058
 	RESERVED
-CVE-2013-7057 (Cross-site request forgery (CSRF) vulnerability in Axway ...)
+CVE-2013-7057
 	NOT-FOR-US: Axway SecureTransport
 CVE-2013-7056
 	RESERVED
@@ -1208,9 +1208,9 @@ CVE-2013-7045
 	RESERVED
 CVE-2013-7044
 	RESERVED
-CVE-2013-7043 (Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco ...)
+CVE-2013-7043
 	NOT-FOR-US: Cisco
-CVE-2013-7042 (SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses ...)
+CVE-2013-7042
 	NOT-FOR-US: SUSE Lifecycle Management Server
 CVE-2013-7037
 	RESERVED
@@ -1218,26 +1218,26 @@ CVE-2013-7036
 	RESERVED
 CVE-2013-7035
 	RESERVED
-CVE-2013-7034 (The setCookieValue function in _lib/functions.global.inc.php in ...)
+CVE-2013-7034
 	NOT-FOR-US: LiveZilla
-CVE-2013-7033 (LiveZilla before 5.1.2.1 includes the operator password in plaintext ...)
+CVE-2013-7033
 	NOT-FOR-US: LiveZilla
-CVE-2013-7032 (Multiple cross-site scripting (XSS) vulnerabilities in the web based ...)
+CVE-2013-7032
 	NOT-FOR-US: LiveZilla
 CVE-2013-7031
 	RESERVED
-CVE-2013-7030 (** DISPUTED ** The TFTP service in Cisco Unified Communications ...)
+CVE-2013-7030
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-7029
 	RESERVED
 CVE-2013-7028
 	RESERVED
-CVE-2013-7027 (The ieee80211_radiotap_iterator_init function in ...)
+CVE-2013-7027
 	- linux 3.11.7-1 (unimportant)
 	[wheezy] - linux 3.2.53-1
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Non-issue: https://bugzilla.redhat.com/show_bug.cgi?id=1040010#c1
-CVE-2013-7026 (Multiple race conditions in ipc/shm.c in the Linux kernel before ...)
+CVE-2013-7026
 	- linux 3.12.5-1
 	[wheezy] - linux <not-affected> (Introduced in 8b8d52ac382b)
 	- linux-2.6 <not-affected> (Introduced in 8b8d52ac382b)
@@ -1255,49 +1255,49 @@ CVE-2013-7087 [[clamav: WWPack corrupt heap memory]
 	- clamav 0.97.7+dfsg-1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/71990820d01c246e4e61408a3659dd9d92949b38
 	NOTE: from https://github.com/vrtadmin/clamav-devel/commits/master/libclamav/wwunpack.c
-CVE-2013-7086 (The message function in lib/webbynode/notify.rb in the Webbynode gem ...)
+CVE-2013-7086
 	NOT-FOR-US: Ruby Gem Webbynode
-CVE-2013-7085 (Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows ...)
+CVE-2013-7085
 	- devscripts 2.13.9 (bug #732006)
 	[wheezy] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
 	[squeeze] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
-CVE-2013-7082 (Cross-site scripting (XSS) vulnerability in the errorAction method in ...)
+CVE-2013-7082
 	NOT-FOR-US: Typo3 Flow
 	NOTE: https://review.typo3.org/#/c/26176/
 	NOTE: CVE assigned for Typo3 Flow, correspond to CVE-2013-7078
-CVE-2013-7081 (The (old) Form Content Element component in TYPO3 4.5.0 through ...)
+CVE-2013-7081
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26182/
-CVE-2013-7080 (The creating record functionality in Extension table administration ...)
+CVE-2013-7080
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26178/
-CVE-2013-7079 (Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 ...)
+CVE-2013-7079
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26179/
-CVE-2013-7078 (Cross-site scripting (XSS) vulnerability in the errorAction method in ...)
+CVE-2013-7078
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26176/
-CVE-2013-7077 (Cross-site scripting (XSS) vulnerability in the Backend User ...)
+CVE-2013-7077
 	- typo3-src <not-affected> (Affects versions 6.0.0 to 6.0.11, 6.1.0 to 6.1.6)
-CVE-2013-7076 (Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 ...)
+CVE-2013-7076
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26181/
-CVE-2013-7075 (The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, ...)
+CVE-2013-7075
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26175/
-CVE-2013-7074 (Multiple cross-site scripting (XSS) vulnerabilities in Content Editing ...)
+CVE-2013-7074
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26184/
 	NOTE: https://review.typo3.org/#/c/26183/
 	NOTE: https://review.typo3.org/#/c/26177/
-CVE-2013-7073 (The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, ...)
+CVE-2013-7073
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26180/
@@ -1314,45 +1314,45 @@ CVE-2013-7062 [XSS]
 	- zope2.12 <removed> (low)
 	[wheezy] - zope2.12 <no-dsa> (Minor issue)
 	- zope2.13 <not-affected> (Vulnerable code not present)
-CVE-2013-7061 (Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows ...)
+CVE-2013-7061
 	NOT-FOR-US: Plone
-CVE-2013-7060 (Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows ...)
+CVE-2013-7060
 	NOT-FOR-US: Plone
-CVE-2013-7049 (Stack-based buffer overflow in fish.cpp in the Fish plugin for ZNC, as ...)
+CVE-2013-7049
 	NOTE: vulnerable code not found in Debian
 	NOTE: http://www.openwall.com/lists/oss-security/2013/12/11/14
 	NOT-FOR-US: FiSH Plugin for ZNC IRC Bouncer
-CVE-2013-7048 (OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and ...)
+CVE-2013-7048
 	- nova 2013.2.2 (bug #732022)
 	[wheezy] - nova <not-affected> (Support for live snapshots added later)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1227027
-CVE-2013-7050 (The get_main_source_dir function in scripts/uscan.pl in devscripts ...)
+CVE-2013-7050
 	- devscripts 2.13.8 (bug #731849)
 	[wheezy] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
 	[squeeze] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
 	NOTE: http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=91f05b5
-CVE-2013-7069 (ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary ...)
+CVE-2013-7069
 	- ack-grep 2.12-1 (bug #731848)
 	[wheezy] - ack-grep <not-affected> (don't support per-project .ackrc files)
 	[squeeze] - ack-grep <not-affected> (don't support per-project .ackrc files)
 	NOTE: https://github.com/petdance/ack2/issues/399
-CVE-2013-7025 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-7025
 	NOT-FOR-US: Dell SonicWALL Global Management System
 CVE-2013-7007
 	RESERVED
 CVE-2013-7006
 	RESERVED
-CVE-2013-7005 (D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware ...)
+CVE-2013-7005
 	NOT-FOR-US: D-Link DSR-150
-CVE-2013-7004 (D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware ...)
+CVE-2013-7004
 	NOT-FOR-US: D-Link DSR-150
-CVE-2013-7003 (Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla ...)
+CVE-2013-7003
 	NOT-FOR-US: LiveZilla
-CVE-2013-7041 (The pam_userdb module for Pam uses a case-insensitive method to ...)
+CVE-2013-7041
 	- pam 1.1.8-3.1 (low; bug #731368)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[wheezy] - pam <no-dsa> (Minor issue)
-CVE-2013-7040 (Python 2.7 before 3.4 only uses the last eight bits of the prefix to ...)
+CVE-2013-7040
 	- python2.5 <removed> (unimportant)
 	- python2.6 <removed> (unimportant)
 	- python2.7 <unfixed> (unimportant)
@@ -1361,68 +1361,68 @@ CVE-2013-7040 (Python 2.7 before 3.4 only uses the last eight bits of the prefix
 	- python3.3 <removed> (unimportant)
 	- python3.4 3.4.0-1 (unimportant)
 	NOTE: upstream tagged this as wontfix for versions older than 3.4
-CVE-2013-7039 (Stack-based buffer overflow in the MHD_digest_auth_check function in ...)
+CVE-2013-7039
 	- libmicrohttpd 0.9.32-1 (low; bug #731933)
 	[wheezy] - libmicrohttpd 0.9.20-1+deb7u1
 	[squeeze] - libmicrohttpd <no-dsa> (Minor issue, only expoitable in corner cases)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039390
-CVE-2013-7038 (The MHD_http_unescape function in libmicrohttpd before 0.9.32 might ...)
+CVE-2013-7038
 	- libmicrohttpd 0.9.32-1 (low; bug #731933)
 	[squeeze] - libmicrohttpd <no-dsa> (Minor issue)
 	[wheezy] - libmicrohttpd <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039384
-CVE-2013-7024 (The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in ...)
+CVE-2013-7024
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/fe448cd28d674c3eff3072552eae366d0b659ce9
 	NOTE: https://trac.ffmpeg.org/ticket/2921
 	NOTE: Only present in libav trunk
-CVE-2013-7023 (The ff_combine_frame function in libavcodec/parser.c in FFmpeg before ...)
+CVE-2013-7023
 	- ffmpeg <not-affected> (max_alloc not present in old ffmpeg/libav)
 	- libav <not-affected> (max_alloc not present in old ffmpeg/libav)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
 	NOTE: https://trac.ffmpeg.org/ticket/2982
-CVE-2013-7022 (The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before ...)
+CVE-2013-7022
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e07ac727c1cc9eed39e7f9117c97006f719864bd
 	NOTE: https://trac.ffmpeg.org/ticket/2971
 	NOTE: Only present in libav trunk
-CVE-2013-7021 (The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 ...)
+CVE-2013-7021
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cdd5df8189ff1537f7abe8defe971f80602cc2d2
 	NOTE: https://trac.ffmpeg.org/ticket/2905
-CVE-2013-7020 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 ...)
+CVE-2013-7020
 	{DSA-3027-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
-CVE-2013-7019 (The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 ...)
+CVE-2013-7019
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/a1b9004b768bef606ee98d417bceb9392ceb788d
 	NOTE: https://trac.ffmpeg.org/ticket/2898
 	NOTE: Only present in libav trunk
-CVE-2013-7018 (libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use ...)
+CVE-2013-7018
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9a271a9368eaabf99e6c2046103acb33957e63b7
 	NOTE: https://trac.ffmpeg.org/ticket/2895
 	NOTE: Only present in libav trunk
-CVE-2013-7017 (libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to ...)
+CVE-2013-7017
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/912ce9dd2080c5837285a471d750fa311e09b555
 	NOTE: Only present in libav trunk
-CVE-2013-7016 (The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 ...)
+CVE-2013-7016
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/8bb11c3ca77b52e05a9ed1496a65f8a76e6e2d8f
 	NOTE: https://trac.ffmpeg.org/ticket/2848
 	NOTE: Only present in libav trunk
-CVE-2013-7015 (The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg ...)
+CVE-2013-7015
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -1430,192 +1430,192 @@ CVE-2013-7015 (The flashsv_decode_frame function in libavcodec/flashsv.c in FFmp
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/880c73cd76109697447fbfbaa8e5ee5683309446
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=57070b1468edc6ac8cb3696c817f3c943975d4c1
 	NOTE: https://trac.ffmpeg.org/ticket/2844
-CVE-2013-7014 (Integer signedness error in the add_bytes_l2_c function in ...)
+CVE-2013-7014
 	{DSA-2855-1}
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:9.11-1
 	NOTE: https://trac.ffmpeg.org/ticket/2919
 	NOTE: Fix in ffmpeg: https://github.com/FFmpeg/FFmpeg/commit/86736f59d6a527d8bc807d09b93f971c0fe0bb07
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=d1916d13e28b87f4b1b214231149e12e1d536b4b
-CVE-2013-7013 (The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before ...)
+CVE-2013-7013
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/821a5938d100458f4d09d634041b05c860554ce0
 	NOTE: https://trac.ffmpeg.org/ticket/2922
 	NOTE: Only present in libav trunk
-CVE-2013-7012 (The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 ...)
+CVE-2013-7012
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/780669ef7c23c00836a24921fcc6b03be2b8ca4a
 	NOTE: https://trac.ffmpeg.org/ticket/3080
 	NOTE: Only present in libav trunk
-CVE-2013-7011 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 ...)
+CVE-2013-7011
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Reproducer fails on libav 0.8.9 and 9.11)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/547d690d676064069d44703a1917e0dab7e33445
 	NOTE: https://trac.ffmpeg.org/ticket/2906
-CVE-2013-7010 (Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg ...)
+CVE-2013-7010
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.11-1
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=d1916d13e28b87f4b1b214231149e12e1d536b4b
-CVE-2013-7009 (The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before ...)
+CVE-2013-7009
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Not reproducible with 0.8.9)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3819db745da2ac7fb3faacb116788c32f4753f34
 	NOTE: https://trac.ffmpeg.org/ticket/2850
-CVE-2013-7008 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
+CVE-2013-7008
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Crash not reproducable, libav code is different)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/29ffeef5e73b8f41ff3a3f2242d356759c66f91f
 	NOTE: https://trac.ffmpeg.org/ticket/2927
-CVE-2013-7002 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-7002
 	NOT-FOR-US: LiveZilla
-CVE-2013-7001 (The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS &amp; MMS Gateway ...)
+CVE-2013-7001
 	NOT-FOR-US: NowSMS
-CVE-2013-7000 (The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS &amp; MMS Gateway ...)
+CVE-2013-7000
 	NOT-FOR-US: NowSMS
-CVE-2013-6999 (** DISPUTED ** The IsHandleEntrySecure function in win32k.sys in the ...)
+CVE-2013-6999
 	NOT-FOR-US: Microsoft Windows Server 2008 SP2
 CVE-2013-6998
 	REJECTED
-CVE-2013-6997 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+CVE-2013-6997
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6996
 	RESERVED
 CVE-2013-6995
 	REJECTED
-CVE-2013-6994 (OpenText Exceed OnDemand (EoD) 8 transmits the session ID in ...)
+CVE-2013-6994
 	NOT-FOR-US: OpenText Exceed OnDemand
-CVE-2013-6993 (Cross-site scripting (XSS) vulnerability in the Ad-minister plugin 0.6 ...)
+CVE-2013-6993
 	NOT-FOR-US: WordPress plugin Ad-minister
-CVE-2013-6992 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-6992
 	NOT-FOR-US: WordPress plugin AskApache Firefox Adsense
-CVE-2013-6991 (Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard ...)
+CVE-2013-6991
 	NOT-FOR-US: WordPress plugin WP-Cron Dashboard
-CVE-2013-6990 (FortiGuard FortiAuthenticator before 3.0 allows remote administrators ...)
+CVE-2013-6990
 	NOT-FOR-US: FortiGuard FortiAuthenticator
 CVE-2013-6989
 	RESERVED
 CVE-2013-6988
 	RESERVED
-CVE-2013-6987 (Multiple directory traversal vulnerabilities in the FileBrowser ...)
+CVE-2013-6987
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2013-6986 (The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in ...)
+CVE-2013-6986
 	NOT-FOR-US: ZippyYum
 CVE-2013-6984
 	RESERVED
-CVE-2013-6983 (SQL injection vulnerability in the web interface in Cisco Unified ...)
+CVE-2013-6983
 	NOT-FOR-US: Cisco Unified Presence Server
-CVE-2013-6982 (The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not ...)
+CVE-2013-6982
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-6981 (Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a ...)
+CVE-2013-6981
 	NOT-FOR-US: Cisco IOS XE
 CVE-2013-6980
 	RESERVED
-CVE-2013-6979 (The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and ...)
+CVE-2013-6979
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-6978 (The disaster recovery system (DRS) component in Cisco Unified ...)
+CVE-2013-6978
 	NOT-FOR-US: Cisco
 CVE-2013-6977
 	RESERVED
-CVE-2013-6976 (Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup ...)
+CVE-2013-6976
 	NOT-FOR-US: Cisco
-CVE-2013-6975 (Directory traversal vulnerability in the command-line interface in ...)
+CVE-2013-6975
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-6974 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
+CVE-2013-6974
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-6973 (Cisco WebEx Training Center allows remote attackers to discover ...)
+CVE-2013-6973
 	NOT-FOR-US: Cisco
-CVE-2013-6972 (Cisco WebEx Training Center allows remote attackers to discover ...)
+CVE-2013-6972
 	NOT-FOR-US: Cisco
-CVE-2013-6971 (Open redirect vulnerability in Cisco WebEx Training Center allows ...)
+CVE-2013-6971
 	NOT-FOR-US: Cisco
-CVE-2013-6970 (Cisco WebEx Meeting Center allows remote attackers to obtain sensitive ...)
+CVE-2013-6970
 	NOT-FOR-US: Cisco
-CVE-2013-6969 (The training-registration page in Cisco WebEx Training Center allows ...)
+CVE-2013-6969
 	NOT-FOR-US: Cisco
-CVE-2013-6968 (Cisco WebEx Training Center provides different error messages for ...)
+CVE-2013-6968
 	NOT-FOR-US: Cisco
-CVE-2013-6967 (Open redirect vulnerability in the mobile-browser subsystem in Cisco ...)
+CVE-2013-6967
 	NOT-FOR-US: Cisco
-CVE-2013-6966 (Open redirect vulnerability in Cisco WebEx Training Center allows ...)
+CVE-2013-6966
 	NOT-FOR-US: Cisco
-CVE-2013-6965 (The registration component in Cisco WebEx Training Center provides the ...)
+CVE-2013-6965
 	NOT-FOR-US: Cisco
-CVE-2013-6964 (Cisco WebEx Meeting Center allows remote authenticated users to bypass ...)
+CVE-2013-6964
 	NOT-FOR-US: Cisco
-CVE-2013-6963 (Cross-site scripting (XSS) vulnerability in the registration component ...)
+CVE-2013-6963
 	NOT-FOR-US: Cisco
-CVE-2013-6962 (Cross-site scripting (XSS) vulnerability in the mobile-browser ...)
+CVE-2013-6962
 	NOT-FOR-US: Cisco
-CVE-2013-6961 (Cross-site scripting (XSS) vulnerability in the Collaboration Partner ...)
+CVE-2013-6961
 	NOT-FOR-US: Cisco
-CVE-2013-6960 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx ...)
+CVE-2013-6960
 	NOT-FOR-US: Cisco
-CVE-2013-6959 (Open redirect vulnerability in Cisco WebEx Sales Center allows remote ...)
+CVE-2013-6959
 	NOT-FOR-US: Cisco
-CVE-2013-6958 (Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the ...)
+CVE-2013-6958
 	NOT-FOR-US: Juniper NetScreen Firewall
-CVE-2013-6957 (Cross-site scripting (XSS) vulnerability in the web administrative ...)
+CVE-2013-6957
 	NOT-FOR-US: Juniper
-CVE-2013-6956 (Cross-site scripting (XSS) vulnerability in the Secure Access Service ...)
+CVE-2013-6956
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2013-6955 (webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 ...)
+CVE-2013-6955
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2013-6954 (The png_do_expand_palette function in libpng before 1.6.8 allows ...)
+CVE-2013-6954
 	{DSA-2923-1}
 	- libpng <not-affected> (Vulnerable code introduced in 1.6.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1045561
 	NOTE: http://sourceforge.net/mailarchive/message.php?msg_id=31751422
-CVE-2013-6953 (BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read ...)
+CVE-2013-6953
 	NOT-FOR-US: BlogEngine.NET
-CVE-2013-6952 (The Belkin WeMo Home Automation firmware before 3949 has a hardcoded ...)
+CVE-2013-6952
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6951 (The Belkin WeMo Home Automation firmware before 3949 does not maintain ...)
+CVE-2013-6951
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6950 (The Belkin WeMo Home Automation firmware before 3949 does not use SSL ...)
+CVE-2013-6950
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6949 (The Belkin WeMo Home Automation firmware before 3949 does not properly ...)
+CVE-2013-6949
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6948 (The peerAddresses API in the Belkin WeMo Home Automation firmware ...)
+CVE-2013-6948
 	NOT-FOR-US: Belkin WeMo
 CVE-2013-6947
 	RESERVED
 CVE-2013-6946
 	RESERVED
-CVE-2013-6945 (The M2M Broker in OSEHRA VistA, as distributed before September 30, ...)
+CVE-2013-6945
 	- vista <itp> (bug #541242)
-CVE-2013-6944 (Cross-site scripting (XSS) vulnerability in the user interface in the ...)
+CVE-2013-6944
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6943 (Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before ...)
+CVE-2013-6943
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6942 (Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler ...)
+CVE-2013-6942
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6941 (Unspecified vulnerability in Citrix NetScaler Application Delivery ...)
+CVE-2013-6941
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6940 (Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before ...)
+CVE-2013-6940
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6939 (Unspecified vulnerability in Citrix NetScaler Application Delivery ...)
+CVE-2013-6939
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6938 (Unspecified vulnerability in the Service VM in Citrix NetScaler SDX ...)
+CVE-2013-6938
 	NOT-FOR-US: Citrix NetScaler SDX
-CVE-2013-6937 (Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows ...)
+CVE-2013-6937
 	NOT-FOR-US: VideoCharge
-CVE-2013-6936 (Multiple SQL injection vulnerabilities in ajaxfs.php in the Ajax forum ...)
+CVE-2013-6936
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2013-6935 (Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows ...)
+CVE-2013-6935
 	NOT-FOR-US: VideoCharge
-CVE-2013-6934 (The parseRTSPRequestString function in Live Networks Live555 Streaming ...)
+CVE-2013-6934
 	- liblivemedia <not-affected> (incomplete patch never applied)
 	- vlc <not-affected> (never built against liblivemedia with incomplete patch)
 	- mplayer <not-affected> (never built against liblivemedia with incomplete patch)
 	- mplayer2 <not-affected> (b-d's on liblivemedia but doesn't actually build the support for it)
-CVE-2013-6933 (The parseRTSPRequestString function in Live Networks Live555 Streaming ...)
+CVE-2013-6933
 	{DSA-3156-1}
 	- liblivemedia 2014.01.13-1
 	[squeeze] - liblivemedia <not-affected> (vuln. code introduced in 2011.08.13)
@@ -1627,73 +1627,73 @@ CVE-2013-6933 (The parseRTSPRequestString function in Live Networks Live555 Stre
 	- mplayer2 <not-affected> (b-d's on liblivemedia but doesn't actually build the support for it)
 	NOTE: vlc fixed by binNMU 2.1.2-2+b1, but since binNMUs are not visible to the security tracker, the subsequent sid upload is tracked
 	NOTE: for wheezy the version present at release of DSA 3156 is used (2.0.3-5+deb7u2), although strictly speaking it's 2.0.3-5+deb7u2+b1
-CVE-2013-6932 (Buffer overflow in IrfanView before 4.37, when a multibyte-character ...)
+CVE-2013-6932
 	NOT-FOR-US: IrfanView
-CVE-2013-6931 (SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before ...)
+CVE-2013-6931
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6930 (SQL injection vulnerability in the page-navigation implementation in ...)
+CVE-2013-6930
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6929 (SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier ...)
+CVE-2013-6929
 	NOT-FOR-US: Cybozu Garoon
 CVE-2013-6928
 	RESERVED
 CVE-2013-6927
 	RESERVED
-CVE-2013-6926 (The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 ...)
+CVE-2013-6926
 	NOT-FOR-US: Siemens
-CVE-2013-6925 (The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 ...)
+CVE-2013-6925
 	NOT-FOR-US: Siemens
-CVE-2013-6924 (Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow ...)
+CVE-2013-6924
 	NOT-FOR-US: Seagate BlackArmor NAS devices
-CVE-2013-6923 (Multiple cross-site scripting (XSS) vulnerabilities in Seagate ...)
+CVE-2013-6923
 	NOT-FOR-US: Seagate BlackArmor NAS 220 devices
-CVE-2013-6922 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2013-6922
 	NOT-FOR-US: Seagate BlackArmor NAS 220
 CVE-2013-6921
 	RESERVED
-CVE-2013-6985 (SQL injection vulnerability in m_worklog/log_searchday.jsp in Enorth ...)
+CVE-2013-6985
 	NOT-FOR-US: Enorth Webpublisher CMS
-CVE-2013-6920 (Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not ...)
+CVE-2013-6920
 	NOT-FOR-US: Siemens
-CVE-2013-6919 (The default configuration of phpThumb before 1.7.12 has a false value ...)
+CVE-2013-6919
 	NOT-FOR-US: phpThumb
 CVE-2013-6917
 	RESERVED
-CVE-2013-6916 (Cross-site scripting (XSS) vulnerability in the Yahoo! User Interface ...)
+CVE-2013-6916
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6915 (Cross-site scripting (XSS) vulnerability in the system-administration ...)
+CVE-2013-6915
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6914 (Cross-site scripting (XSS) vulnerability in a calendar component in ...)
+CVE-2013-6914
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6913 (Cross-site scripting (XSS) vulnerability in a search component in ...)
+CVE-2013-6913
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6912 (Cross-site scripting (XSS) vulnerability in a calendar component in ...)
+CVE-2013-6912
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6911 (Cross-site scripting (XSS) vulnerability in the bulletin-board ...)
+CVE-2013-6911
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6910 (Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu ...)
+CVE-2013-6910
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6909 (Cross-site scripting (XSS) vulnerability in a report component in ...)
+CVE-2013-6909
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6908 (Cross-site scripting (XSS) vulnerability in a mail component in Cybozu ...)
+CVE-2013-6908
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6907 (Cross-site scripting (XSS) vulnerability in a mail component in Cybozu ...)
+CVE-2013-6907
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6906 (Cross-site scripting (XSS) vulnerability in a mail component in Cybozu ...)
+CVE-2013-6906
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6905 (Cross-site scripting (XSS) vulnerability in a phone component in ...)
+CVE-2013-6905
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6904 (Cross-site scripting (XSS) vulnerability in a note component in Cybozu ...)
+CVE-2013-6904
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6903 (Cross-site scripting (XSS) vulnerability in a schedule component in ...)
+CVE-2013-6903
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6902 (Cross-site scripting (XSS) vulnerability in the Space function in ...)
+CVE-2013-6902
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6901 (Cross-site scripting (XSS) vulnerability in the Space function in ...)
+CVE-2013-6901
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6900 (Cross-site scripting (XSS) vulnerability in the system-administration ...)
+CVE-2013-6900
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6918 (The web interface on the Satechi travel router 1.5, when Wi-Fi is used ...)
+CVE-2013-6918
 	NOT-FOR-US: Satechi travel router
 CVE-2013-6899
 	RESERVED
@@ -1709,37 +1709,37 @@ CVE-2013-6894
 	RESERVED
 CVE-2013-6893
 	RESERVED
-CVE-2013-6892 (WebSVN 2.3.3 allows remote authenticated users to read arbitrary files ...)
+CVE-2013-6892
 	{DSA-3137-1 DLA-136-1}
 	- websvn 2.3.3-1.2 (bug #775682)
-CVE-2013-6891 (lppasswd in CUPS before 1.7.1, when running with setuid privileges, ...)
+CVE-2013-6891
 	- cups 1.7.1-1
 	[wheezy] - cups <not-affected> (Vulnerable code introduced with 1.6.4)
 	[squeeze] - cups <not-affected> (Vulnerable code introduced with 1.6.4)
 	NOTE: https://www.cups.org/str.php?L4319
-CVE-2013-6890 (denyhosts 2.6 uses an incorrect regular expression when analyzing ...)
+CVE-2013-6890
 	{DSA-2826-1}
 	- denyhosts 2.6-10.1
-CVE-2013-6889 (GNU Rush 1.7 does not properly drop privileges, which allows local ...)
+CVE-2013-6889
 	- rush 1.7+dfsg-4 (bug #733505)
 	[wheezy] - rush 1.7+dfsg-1+deb7u1
-CVE-2013-6888 (Uscan in devscripts before 2.13.9 allows remote attackers to execute ...)
+CVE-2013-6888
 	{DSA-2836-1}
 	- devscripts 2.13.9
 	[squeeze] - devscripts <no-dsa> (Minor issue)
-CVE-2013-6887 (OpenJPEG 1.5.1 allows remote attackers to cause a denial of service ...)
+CVE-2013-6887
 	- openjpeg 1.5.2-1 (bug #731237)
 	[wheezy] - openjpeg <not-affected> (Only affects 1.5)
 	[squeeze] - openjpeg <not-affected> (Only affects 1.5)
-CVE-2013-6886 (RealVNC VNC 5.0.6 on Mac OS X, Linux, and UNIX allows local users to ...)
+CVE-2013-6886
 	- vnc4 <not-affected> (Only affects 5.0.6, binaries in Debian version are not setuid root)
-CVE-2013-6884 (The write-blocker in CRU Ditto Forensic FieldStation with firmware ...)
+CVE-2013-6884
 	NOT-FOR-US: Ditto Forensic FieldStation
-CVE-2013-6883 (Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic ...)
+CVE-2013-6883
 	NOT-FOR-US: Ditto Forensic FieldStation
-CVE-2013-6882 (Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto ...)
+CVE-2013-6882
 	NOT-FOR-US: Ditto Forensic FieldStation
-CVE-2013-6881 (CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows ...)
+CVE-2013-6881
 	NOT-FOR-US: Ditto Forensic FieldStation
 CVE-2013-6880
 	RESERVED
@@ -1750,26 +1750,26 @@ CVE-2013-6879
 CVE-2013-6878
 	RESERVED
 	NOT-FOR-US: MijoSearch
-CVE-2013-6877 (Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 ...)
+CVE-2013-6877
 	NOT-FOR-US: RealPlayer
-CVE-2013-6876 (The (1) pty_init_terminal and (2) pipe_init_terminal functions in ...)
+CVE-2013-6876
 	- s3d 0.2.2-9 (unimportant)
 	NOTE: http://hmarco.org/bugs/s3dvt_0.2.2-root-shell.html
 	NOTE: Not running with elevated privileges in Debian packaging
-CVE-2013-6875 (SQL injection vulnerability in functions/prepend_adm.php in Nagios ...)
+CVE-2013-6875
 	NOT-FOR-US: Nagios XI
-CVE-2013-6874 (Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows ...)
+CVE-2013-6874
 	NOT-FOR-US: Vortex Light Alloy
-CVE-2013-6873 (SQL injection vulnerability in Testa Online Test Management System ...)
+CVE-2013-6873
 	NOT-FOR-US: Testa Online Test Management System
-CVE-2013-6872 (SQL injection vulnerability in managetimetracker.php in Collabtive ...)
+CVE-2013-6872
 	- collabtive 1.2-1 (low)
 	[wheezy] - collabtive <no-dsa> (Minor issue)
 CVE-2013-6871
 	RESERVED
-CVE-2013-6870 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2013-6870
 	NOT-FOR-US: Splunk Web
-CVE-2013-6885 (The microcode on AMD 16h 00h through 0Fh processors does not properly ...)
+CVE-2013-6885
 	{DSA-3128-1 DLA-155-1}
 	- linux 3.14.2-1
 	- linux-2.6 <removed>
@@ -1785,9 +1785,9 @@ CVE-2013-6855
 	RESERVED
 CVE-2013-6854
 	RESERVED
-CVE-2013-6853 (Cross-site scripting (XSS) vulnerability in clickstream.js in Y! ...)
+CVE-2013-6853
 	NOT-FOR-US: Y! Toolbar plugin
-CVE-2013-6852 (Cross-site request forgery (CSRF) vulnerability in html/json.html on ...)
+CVE-2013-6852
 	NOT-FOR-US: Hewlett-Packard network equipment
 CVE-2013-6851
 	RESERVED
@@ -1811,161 +1811,161 @@ CVE-2013-6842
 	RESERVED
 CVE-2013-6841
 	RESERVED
-CVE-2013-6840 (Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 ...)
+CVE-2013-6840
 	NOT-FOR-US: Siemens COMOS
-CVE-2013-6839 (SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and ...)
+CVE-2013-6839
 	NOT-FOR-US: InstantCMS
-CVE-2013-6838 (An unspecified Enghouse Interactive Professional Services &quot;addon ...)
+CVE-2013-6838
 	NOT-FOR-US: IVR Pro/Contact Center (VIP2000)
-CVE-2013-6837 (Cross-site scripting (XSS) vulnerability in the setTimeout function in ...)
+CVE-2013-6837
 	- web2py <removed> (unimportant)
 	NOTE: python-web2py contains /usr/share/web2py/applications/examples/static/js/jquery.prettyPhoto.js
 	NOTE: Only an example code
-CVE-2013-6836 (Heap-based buffer overflow in the ms_escher_get_data function in ...)
+CVE-2013-6836
 	- gnumeric 1.12.9-1 (low)
 	[wheezy] - gnumeric <no-dsa> (Minor issue)
 	[squeeze] - gnumeric <no-dsa> (Minor issue)
 	NOTE: https://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.9.shtml
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=712772
-CVE-2013-6835 (TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, ...)
+CVE-2013-6835
 	NOT-FOR-US: iOS
-CVE-2013-6834 (The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in ...)
+CVE-2013-6834
 	- kfreebsd-9 <not-affected> (Only affects 10.x)
 	- kfreebsd-8 <not-affected> (Only affects 10.x)
 	- kfreebsd-10 10.0~svn258623-1 (bug #730519)
-CVE-2013-6833 (The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in ...)
+CVE-2013-6833
 	- kfreebsd-9 <not-affected> (Only affects 10.x)
 	- kfreebsd-8 <not-affected> (Only affects 10.x)
 	- kfreebsd-10 10.0~svn258623-1 (bug #730519)
-CVE-2013-6832 (The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver ...)
+CVE-2013-6832
 	- kfreebsd-9 <not-affected> (Only affects 10.x)
 	- kfreebsd-8 <not-affected> (Only affects 10.x)
 	- kfreebsd-10 10.0~svn258623-1 (bug #730518)
-CVE-2013-6831 (PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms ...)
+CVE-2013-6831
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6830 (admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on ...)
+CVE-2013-6830
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6829 (admin/confnetworking.html in PineApp Mail-SeCure allows remote ...)
+CVE-2013-6829
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6828 (admin/management.html in PineApp Mail-SeCure allows remote attackers ...)
+CVE-2013-6828
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6827 (Absolute path traversal vulnerability in admin/viewmsg.php in PineApp ...)
+CVE-2013-6827
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6826 (cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet ...)
+CVE-2013-6826
 	NOT-FOR-US: Fortinet FortiAnalyzer
-CVE-2013-6825 ((1) movescu.cc and (2) storescp.cc in dcmnet/apps/, (3) ...)
+CVE-2013-6825
 	- dcmtk <unfixed> (unimportant)
 	NOTE: http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
 	NOTE: Not running with elevated privileges in Debian packaging
 	NOTE: http://git.dcmtk.org/web?p=dcmtk.git;a=commitdiff;h=beaf5a5c24101daeeafa48c375120b16197c9e95;hp=5349794c4c458c76609b7aeb53d0ca28cf9fe9f0
-CVE-2013-6824 (Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 ...)
+CVE-2013-6824
 	- zabbix 1:2.2.0+dfsg-6 (low)
 	[squeeze] - zabbix <no-dsa> (Minor issue)
 	[wheezy] - zabbix <no-dsa> (Minor issue)
 	NOTE: https://support.zabbix.com/browse/ZBX-7479
-CVE-2013-6823 (GRMGApp in SAP NetWeaver allows remote attackers to bypass intended ...)
+CVE-2013-6823
 	NOT-FOR-US: SAP
-CVE-2013-6822 (GRMGApp in SAP NetWeaver allows remote attackers to have unspecified ...)
+CVE-2013-6822
 	NOT-FOR-US: SAP
-CVE-2013-6821 (Directory traversal vulnerability in the Exportability Check Service ...)
+CVE-2013-6821
 	NOT-FOR-US: SAP
-CVE-2013-6820 (Unrestricted file upload vulnerability in the SAP NetWeaver ...)
+CVE-2013-6820
 	NOT-FOR-US: SAP
-CVE-2013-6819 (Cross-site scripting (XSS) vulnerability in Performance Provider in ...)
+CVE-2013-6819
 	NOT-FOR-US: SAP
-CVE-2013-6818 (SAP NetWeaver Logviewer 6.30, when running on Windows, allows remote ...)
+CVE-2013-6818
 	NOT-FOR-US: SAP
-CVE-2013-6817 (Heap-based buffer overflow in SAP Network Interface Router (SAProuter) ...)
+CVE-2013-6817
 	NOT-FOR-US: SAP
-CVE-2013-6816 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2013-6816
 	NOT-FOR-US: SAP
-CVE-2013-6815 (The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ...)
+CVE-2013-6815
 	NOT-FOR-US: SAP
-CVE-2013-6814 (The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote ...)
+CVE-2013-6814
 	NOT-FOR-US: SAP
 CVE-2013-6813
 	RESERVED
-CVE-2013-6812 (The ONEDC app before 1.7 for iOS does not properly verify X.509 ...)
+CVE-2013-6812
 	NOT-FOR-US: ONEDC app
 CVE-2013-6811
 	RESERVED
-CVE-2013-6810 (The server in Brocade Network Advisor before 12.1.0, as used in EMC ...)
+CVE-2013-6810
 	NOT-FOR-US: EMC Connectrix Manager Converged Network Edition
-CVE-2013-6809 (Format string vulnerability in the client in Tftpd32 before 4.50 ...)
+CVE-2013-6809
 	NOT-FOR-US: Tftpd32
-CVE-2013-6808 (Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ...)
+CVE-2013-6808
 	NOT-FOR-US: ZendTo
-CVE-2013-6869 (SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC ...)
+CVE-2013-6869
 	NOT-FOR-US: Sap NetWeaver
-CVE-2013-6868 (SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ...)
+CVE-2013-6868
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6867 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...)
+CVE-2013-6867
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6866 (SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, ...)
+CVE-2013-6866
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6865 (SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ...)
+CVE-2013-6865
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6864 (Directory traversal vulnerability in SAP Sybase Adaptive Server ...)
+CVE-2013-6864
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6863 (SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ...)
+CVE-2013-6863
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6862 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...)
+CVE-2013-6862
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6861 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...)
+CVE-2013-6861
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6860 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...)
+CVE-2013-6860
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6859 (SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. ...)
+CVE-2013-6859
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6858 (Multiple cross-site scripting (XSS) vulnerabilities in OpenStack ...)
+CVE-2013-6858
 	- horizon 2013.2-2 (bug #730752)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/openstack/horizon/commit/6179f70290783e55b10bbd4b3b7ee74db3f8ef70
-CVE-2013-6807 (The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ...)
+CVE-2013-6807
 	NOT-FOR-US: OpenText Exceed OnDemand
-CVE-2013-6806 (OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to ...)
+CVE-2013-6806
 	NOT-FOR-US: OpenText Exceed onDemand
-CVE-2013-6805 (OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, ...)
+CVE-2013-6805
 	NOT-FOR-US: OpenText Exceed OnDemand
-CVE-2013-6804 (Cross-site scripting (XSS) vulnerability in the Search module before ...)
+CVE-2013-6804
 	NOT-FOR-US: Jamroom Search module
 CVE-2013-6803
 	RESERVED
-CVE-2013-6802 (Google Chrome before 31.0.1650.57 allows remote attackers to bypass ...)
+CVE-2013-6802
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6801 (Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote ...)
+CVE-2013-6801
 	NOT-FOR-US: Microsoft
-CVE-2013-6800 (An unspecified third-party database module for the Key Distribution ...)
+CVE-2013-6800
 	NOTE: Pointless split from CVE-2013-1418
-CVE-2013-6799 (Apple Mac OS X 10.9 allows local users to cause a denial of service ...)
+CVE-2013-6799
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-6798 (BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 ...)
+CVE-2013-6798
 	NOT-FOR-US: BlackBerry Link
-CVE-2013-6797 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-6797
 	NOT-FOR-US: Wordpress plugin
-CVE-2013-6796 (The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to ...)
+CVE-2013-6796
 	NOT-FOR-US: DeepOfix
-CVE-2013-6795 (The Updater in Rackspace Openstack Windows Guest Agent for XenServer ...)
+CVE-2013-6795
 	NOT-FOR-US: Rackspace Windows Agent and Updater
-CVE-2013-6794 (Cross-site scripting (XSS) vulnerability in the Calendar module in ...)
+CVE-2013-6794
 	NOT-FOR-US: Olat
-CVE-2013-6793 (Multiple cross-site scripting (XSS) vulnerabilities in the Calendar ...)
+CVE-2013-6793
 	NOT-FOR-US: Olat
 CVE-2013-6792
 	RESERVED
-CVE-2013-6791 (Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 ...)
+CVE-2013-6791
 	NOT-FOR-US: Microsoft Enhanced Mitigation Experience Toolkit
 CVE-2013-6790
 	RESERVED
-CVE-2013-6789 (security/MemberLoginForm.php in SilverStripe 3.0.3 supports ...)
+CVE-2013-6789
 	- silverstripe <itp> (bug #528461)
-CVE-2013-6788 (The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses ...)
+CVE-2013-6788
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2013-6787 (SQL injection vulnerability in the check_user_password function in ...)
+CVE-2013-6787
 	NOT-FOR-US: Chamilo LMS
-CVE-2013-6786 (Cross-site scripting (XSS) vulnerability in Allegro RomPager before ...)
+CVE-2013-6786
 	NOT-FOR-US: Allegro RomPager
 CVE-2013-6785
 	RESERVED
@@ -1977,7 +1977,7 @@ CVE-2013-6782
 	RESERVED
 CVE-2013-6781
 	RESERVED
-CVE-2013-6780 (Cross-site scripting (XSS) vulnerability in uploader.swf in the ...)
+CVE-2013-6780
 	- yui <removed> (low; bug #730104)
 	[squeeze] - yui <no-dsa> (Not backportable, doesn't build from source in oldstable/stable)
 	[wheezy] - yui <no-dsa> (Not backportable, doesn't build from source in oldstable/stable)
@@ -1992,27 +1992,27 @@ CVE-2013-6777
 	RESERVED
 CVE-2013-6776
 	RESERVED
-CVE-2013-6775 (The Chainfire SuperSU package before 1.69 for Android allows attackers ...)
+CVE-2013-6775
 	NOT-FOR-US: Chainfire SuperSU package
-CVE-2013-6774 (Untrusted search path vulnerability in the ChainsDD Superuser package ...)
+CVE-2013-6774
 	NOT-FOR-US: Chainfire SuperSU package
 CVE-2013-6773
 	RESERVED
 CVE-2013-6772
 	RESERVED
-CVE-2013-6771 (Directory traversal vulnerability in the collect script in Splunk ...)
+CVE-2013-6771
 	NOT-FOR-US: Splunk
-CVE-2013-6770 (The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for ...)
+CVE-2013-6770
 	NOT-FOR-US: CyanogenMod/ClockWorkMod/Koush
-CVE-2013-6769 (The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for ...)
+CVE-2013-6769
 	NOT-FOR-US: CyanogenMod/ClockWorkMod/Koush
-CVE-2013-6768 (Untrusted search path vulnerability in the ...)
+CVE-2013-6768
 	NOT-FOR-US: CyanogenMod/ClockWorkMod/Koush
-CVE-2013-6767 (Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro ...)
+CVE-2013-6767
 	NOT-FOR-US: QuickHeal AntiVirus
 CVE-2013-6764
 	REJECTED
-CVE-2013-6763 (The uio_mmap_physical function in drivers/uio/uio.c in the Linux ...)
+CVE-2013-6763
 	NOTE: Red Hat consider this as a non-issue:
 	NOTE: http://seclists.org/oss-sec/2013/q4/282
 CVE-2013-6762
@@ -2041,143 +2041,143 @@ CVE-2013-6751
 	REJECTED
 CVE-2013-6750
 	RESERVED
-CVE-2013-6749 (Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr ...)
+CVE-2013-6749
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2013-6748 (Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr ...)
+CVE-2013-6748
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2013-6747 (IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM ...)
+CVE-2013-6747
 	NOT-FOR-US: IBM GSKit
-CVE-2013-6746 (Cross-site scripting (XSS) vulnerability in FileNet P8 Platform ...)
+CVE-2013-6746
 	NOT-FOR-US: IBM FileNet Business Process Manager
-CVE-2013-6745 (Cross-site scripting (XSS) vulnerability in the IMS server before Ifix ...)
+CVE-2013-6745
 	NOT-FOR-US: IBM
-CVE-2013-6744 (The Stored Procedure infrastructure in IBM DB2 9.5, 9.7 before FP9a, ...)
+CVE-2013-6744
 	NOT-FOR-US: IBM DB2
-CVE-2013-6743 (Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM ...)
+CVE-2013-6743
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6742 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x ...)
+CVE-2013-6742
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6741 (IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and ...)
+CVE-2013-6741
 	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2013-6740
 	RESERVED
-CVE-2013-6739 (IBM SPSS Modeler before 16 on UNIX allows remote authenticated users ...)
+CVE-2013-6739
 	NOT-FOR-US: IBM
-CVE-2013-6738 (Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics ...)
+CVE-2013-6738
 	NOT-FOR-US: IBM
-CVE-2013-6737 (IBM System Storage Storwize V7000 Unified 1.3.x and 1.4.x before ...)
+CVE-2013-6737
 	NOT-FOR-US: IBM Storwize V7000 Unified
 CVE-2013-6736
 	RESERVED
-CVE-2013-6735 (IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, ...)
+CVE-2013-6735
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6734 (IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not ...)
+CVE-2013-6734
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-6733 (Cross-site scripting (XSS) vulnerability in the Web Application in the ...)
+CVE-2013-6733
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6732 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos ...)
+CVE-2013-6732
 	NOT-FOR-US: IBM Cognos
-CVE-2013-6731 (IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote ...)
+CVE-2013-6731
 	NOT-FOR-US: IBM Netezza
-CVE-2013-6730 (IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through ...)
+CVE-2013-6730
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6729 (Cross-site scripting (XSS) vulnerability in IBM QuickFile 1.0.0.0 ...)
+CVE-2013-6729
 	NOT-FOR-US: IBM QuickFile
-CVE-2013-6728 (The charting component in IBM WebSphere Dashboard Framework (WDF) ...)
+CVE-2013-6728
 	NOT-FOR-US: IBM WebSphere Dashboard Framework
-CVE-2013-6727 (The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 ...)
+CVE-2013-6727
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6726 (Multiple cross-site scripting (XSS) vulnerabilities in WebProcess.srv ...)
+CVE-2013-6726
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2013-6725 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
+CVE-2013-6725
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-6724 (Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS ...)
+CVE-2013-6724
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2013-6723 (IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle ...)
+CVE-2013-6723
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6722 (Unrestricted file upload vulnerability in the Registration/Edit My ...)
+CVE-2013-6722
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6721 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Service ...)
+CVE-2013-6721
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2013-6720 (Directory traversal vulnerability in download.php in the Passive ...)
+CVE-2013-6720
 	NOT-FOR-US: IBM Tealeaf
-CVE-2013-6719 (delivery.php in the Passive Capture Application (PCA) web console in ...)
+CVE-2013-6719
 	NOT-FOR-US: IBM Tealeaf CX
-CVE-2013-6718 (The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and ...)
+CVE-2013-6718
 	NOT-FOR-US: IBM firmware
-CVE-2013-6717 (The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8 ...)
+CVE-2013-6717
 	NOT-FOR-US: IBM
 CVE-2013-6716
 	REJECTED
 CVE-2013-6715
 	RESERVED
-CVE-2013-6714 (The FlashCopy Manager for VMware component in IBM Tivoli Storage ...)
+CVE-2013-6714
 	NOT-FOR-US: IBM Tivoli Storage FlashCopy Manager
-CVE-2013-6713 (The Data Protection for VMware component in IBM Tivoli Storage Manager ...)
+CVE-2013-6713
 	NOT-FOR-US: IBM Tivoli Storage Manager for Virtual Environments
-CVE-2013-6712 (The scan function in ext/date/lib/parse_iso_intervals.c in PHP through ...)
+CVE-2013-6712
 	{DSA-2816-1}
 	- php5 5.5.6+dfsg-2 (bug #731112)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=12fe4e90be7bfa2a763197079f68f5568a14e071
-CVE-2013-6711 (Cross-site scripting (XSS) vulnerability in the product-creation ...)
+CVE-2013-6711
 	NOT-FOR-US: Cisco
-CVE-2013-6710 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
+CVE-2013-6710
 	NOT-FOR-US: Cisco
-CVE-2013-6709 (The registration component in Cisco WebEx Training Center provides the ...)
+CVE-2013-6709
 	NOT-FOR-US: Cisco
-CVE-2013-6708 (Cisco Cloud Portal 9.4 allows remote attackers to read files of ...)
+CVE-2013-6708
 	NOT-FOR-US: Cisco
-CVE-2013-6707 (Memory leak in the connection-manager implementation in Cisco Adaptive ...)
+CVE-2013-6707
 	NOT-FOR-US: Cisco
-CVE-2013-6706 (The Cisco Express Forwarding processing module in Cisco IOS XE allows ...)
+CVE-2013-6706
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-6705 (The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows ...)
+CVE-2013-6705
 	NOT-FOR-US: Cisco
-CVE-2013-6704 (Cisco IOS XE does not properly manage memory for TFTP UDP flows, which ...)
+CVE-2013-6704
 	NOT-FOR-US: Cisco
-CVE-2013-6703 (The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote ...)
+CVE-2013-6703
 	NOT-FOR-US: Cisco
-CVE-2013-6702 (The management implementation on Cisco ONS 15454 controller cards with ...)
+CVE-2013-6702
 	NOT-FOR-US: Cisco
-CVE-2013-6701 (The tNetTaskLimit process on the Transport Node Controller (TNC) on ...)
+CVE-2013-6701
 	NOT-FOR-US: Cisco
-CVE-2013-6700 (The SNMP module in Cisco IOS XR allows remote attackers to cause a ...)
+CVE-2013-6700
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-6699 (The Control and Provisioning of Wireless Access Points (CAPWAP) ...)
+CVE-2013-6699
 	NOT-FOR-US: Cisco
-CVE-2013-6698 (The web interface on Cisco Wireless LAN Controller (WLC) devices does ...)
+CVE-2013-6698
 	NOT-FOR-US: Cisco
 CVE-2013-6697
 	RESERVED
-CVE-2013-6696 (Cisco Adaptive Security Appliance (ASA) Software does not properly ...)
+CVE-2013-6696
 	NOT-FOR-US: Cisco
-CVE-2013-6695 (The RBAC implementation in Cisco Secure Access Control System (ACS) ...)
+CVE-2013-6695
 	NOT-FOR-US: Cisco
-CVE-2013-6694 (The IPSec implementation in Cisco IOS allows remote attackers to cause ...)
+CVE-2013-6694
 	NOT-FOR-US: Cisco
-CVE-2013-6693 (The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 ...)
+CVE-2013-6693
 	NOT-FOR-US: Cisco
-CVE-2013-6692 (Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool ...)
+CVE-2013-6692
 	NOT-FOR-US: Cisco
-CVE-2013-6691 (The WebVPN CIFS implementation in Cisco Adaptive Security Appliance ...)
+CVE-2013-6691
 	NOT-FOR-US: Cisco ASA
-CVE-2013-6690 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2013-6690
 	NOT-FOR-US: Cisco
-CVE-2013-6689 (Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier ...)
+CVE-2013-6689
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-6688 (Directory traversal vulnerability in the license-upload interface in ...)
+CVE-2013-6688
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-6687 (The web portal in the Enterprise License Manager component in Cisco ...)
+CVE-2013-6687
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2013-6686 (The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows ...)
+CVE-2013-6686
 	NOT-FOR-US: Cisco IOS
-CVE-2013-6685 (The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak ...)
+CVE-2013-6685
 	NOT-FOR-US: Cisco Unified IP phones
-CVE-2013-6684 (The web framework on Cisco Wireless LAN Controller (WLC) devices does ...)
+CVE-2013-6684
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-6683 (The IPv6 implementation in Cisco NX-OS does not properly handle ...)
+CVE-2013-6683
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-6682 (The phone-proxy implementation in Cisco Adaptive Security Appliance ...)
+CVE-2013-6682
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2013-6681
 	RESERVED
@@ -2193,11 +2193,11 @@ CVE-2013-6676
 	REJECTED
 CVE-2013-6675
 	REJECTED
-CVE-2013-6674 (Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x ...)
+CVE-2013-6674
 	- icedove 24.2.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-14.html
-CVE-2013-6673 (Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird ...)
+CVE-2013-6673
 	- iceweasel 24.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 24.2.0-1
@@ -2205,10 +2205,10 @@ CVE-2013-6673 (Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunde
 	- iceape <removed>
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-6672 (Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow ...)
+CVE-2013-6672
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
-CVE-2013-6671 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before ...)
+CVE-2013-6671
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -2220,7 +2220,7 @@ CVE-2013-6670
 	RESERVED
 CVE-2013-6669
 	RESERVED
-CVE-2013-6668 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, ...)
+CVE-2013-6668
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2229,69 +2229,69 @@ CVE-2013-6668 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-6667 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-6667
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6666 (The PepperFlashRendererHost::OnNavigate function in ...)
+CVE-2013-6666
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6665 (Heap-based buffer overflow in the ResourceProvider::InitializeSoftware ...)
+CVE-2013-6665
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6664 (Use-after-free vulnerability in the ...)
+CVE-2013-6664
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6663 (Use-after-free vulnerability in the SVGImage::setContainerSize ...)
+CVE-2013-6663
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6662 (Google Chrome caches TLS sessions before certificate validation ...)
+CVE-2013-6662
 	NOTE: Chrome issue fixed end of 2013, not really worth figuring out in which version
-CVE-2013-6661 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-6661
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6660 (The drag-and-drop implementation in Google Chrome before 33.0.1750.117 ...)
+CVE-2013-6660
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6659 (The SSLClientSocketNSS::Core::OwnAuthCertHandler function in ...)
+CVE-2013-6659
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6658 (Multiple use-after-free vulnerabilities in the layout implementation ...)
+CVE-2013-6658
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6657 (core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used ...)
+CVE-2013-6657
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6656 (The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in ...)
+CVE-2013-6656
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6655 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
+CVE-2013-6655
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6654 (The SVGAnimateElement::calculateAnimatedValue function in ...)
+CVE-2013-6654
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6653 (Use-after-free vulnerability in the web contents implementation in ...)
+CVE-2013-6653
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6652 (Directory traversal vulnerability in ...)
+CVE-2013-6652
 	- chromium-browser <not-affected> (Windows-specific)
 CVE-2013-6651
 	RESERVED
-CVE-2013-6650 (The StoreBuffer::ExemptPopularPages function in store-buffer.cc in ...)
+CVE-2013-6650
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2300,7 +2300,7 @@ CVE-2013-6650 (The StoreBuffer::ExemptPopularPages function in store-buffer.cc i
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-6649 (Use-after-free vulnerability in the RenderSVGImage::paint function in ...)
+CVE-2013-6649
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2309,33 +2309,33 @@ CVE-2013-6649 (Use-after-free vulnerability in the RenderSVGImage::paint functio
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-6648 (SkRegion::setPath in Skia allows remote attackers to cause a denial of ...)
+CVE-2013-6648
 	- skia <itp> (bug #818180)
-CVE-2013-6647 (A use-after-free in AnimationController::endAnimationUpdate in Google ...)
+CVE-2013-6647
 	- chromium-browser <not-affected> (According to upstream bug only affected interim version, not a stable release)
-CVE-2013-6646 (Use-after-free vulnerability in the Web Workers implementation in ...)
+CVE-2013-6646
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6645 (Use-after-free vulnerability in the OnWindowRemovingFromRootWindow ...)
+CVE-2013-6645
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6644 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-6644
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6643 (The OneClickSigninBubbleView::WindowClosing function in ...)
+CVE-2013-6643
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6642 (Google Chrome through 32.0.1700.23 on Android allows remote attackers ...)
+CVE-2013-6642
 	- chromium-browser <not-affected> (only affects google chrome on android)
-CVE-2013-6641 (Use-after-free vulnerability in the ...)
+CVE-2013-6641
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6640 (The DehoistArrayIndex function in hydrogen-dehoist.cc (aka ...)
+CVE-2013-6640
 	{DSA-2811-1}
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -2343,7 +2343,7 @@ CVE-2013-6640 (The DehoistArrayIndex function in hydrogen-dehoist.cc (aka ...)
 	- libv8-3.14 3.14.5.8-5
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6639 (The DehoistArrayIndex function in hydrogen-dehoist.cc (aka ...)
+CVE-2013-6639
 	{DSA-2811-1}
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -2351,7 +2351,7 @@ CVE-2013-6639 (The DehoistArrayIndex function in hydrogen-dehoist.cc (aka ...)
 	- libv8-3.14 3.14.5.8-5
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6638 (Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, ...)
+CVE-2013-6638
 	{DSA-2811-1}
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -2360,19 +2360,19 @@ CVE-2013-6638 (Multiple buffer overflows in runtime.cc in Google V8 before 3.22.
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2013-6637 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-6637
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6636 (The FrameLoader::notifyIfInitialDocumentAccessed function in ...)
+CVE-2013-6636
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6635 (Use-after-free vulnerability in the editing implementation in Blink, ...)
+CVE-2013-6635
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6634 (The OneClickSigninHelper::ShowInfoBarIfPossible function in ...)
+CVE-2013-6634
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2382,23 +2382,23 @@ CVE-2013-6620
 	RESERVED
 CVE-2013-6619
 	RESERVED
-CVE-2013-6618 (jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 ...)
+CVE-2013-6618
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6617 (The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not ...)
+CVE-2013-6617
 	- salt 0.17.1+dfsg-1
-CVE-2013-6766 (OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows ...)
+CVE-2013-6766
 	NOT-FOR-US: OpenVAS Administrator (only uploaded to exp 2.5 years ago)
-CVE-2013-6765 (OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote ...)
+CVE-2013-6765
 	NOT-FOR-US: OpenVAS Manager (only uploaded to experimental 2.5 years ago)
-CVE-2013-6632 (Integer overflow in Google Chrome before 31.0.1650.57 allows remote ...)
+CVE-2013-6632
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6631 (Use-after-free vulnerability in the Channel::SendRTCPPacket function ...)
+CVE-2013-6631
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6630 (The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as ...)
+CVE-2013-6630
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2417,7 +2417,7 @@ CVE-2013-6630 (The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
 	NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
-CVE-2013-6629 (The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) ...)
+CVE-2013-6629
 	{DSA-2923-1 DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2436,35 +2436,35 @@ CVE-2013-6629 (The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) ...)
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
 	NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
-CVE-2013-6628 (net/socket/ssl_client_socket_nss.cc in the TLS implementation in ...)
+CVE-2013-6628
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6627 (net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 ...)
+CVE-2013-6627
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6626 (The WebContentsImpl::AttachInterstitialPage function in ...)
+CVE-2013-6626
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6625 (Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, ...)
+CVE-2013-6625
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6624 (Use-after-free vulnerability in Google Chrome before 31.0.1650.48 ...)
+CVE-2013-6624
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6623 (The SVG implementation in Blink, as used in Google Chrome before ...)
+CVE-2013-6623
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6622 (Use-after-free vulnerability in the ...)
+CVE-2013-6622
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6621 (Use-after-free vulnerability in Google Chrome before 31.0.1650.48 ...)
+CVE-2013-6621
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2698,7 +2698,7 @@ CVE-2013-6503
 	RESERVED
 CVE-2013-6502
 	RESERVED
-CVE-2013-6501 (The default soap.wsdl_cache_dir setting in (1) php.ini-production and ...)
+CVE-2013-6501
 	- php5 <removed> (unimportant)
 	NOTE: Rendererd unexpoitable by kernel level hardening for tmp races
 CVE-2013-6500
@@ -2713,128 +2713,128 @@ CVE-2013-6499 [loading a module relative to the cwd]
 	NOTE: by src:perl not having '.' in INC since 5.22.2-4 by default.
 CVE-2013-6498
 	RESERVED
-CVE-2013-6497 (clamscan in ClamAV before 0.98.5, when using -a option, allows remote ...)
+CVE-2013-6497
 	{DLA-95-1}
 	- clamav 0.98.5+dfsg-1
 	[wheezy] - clamav 0.98.5+dfsg-0+deb7u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11088
-CVE-2013-6496 (Red Hat Conga 0.12.2 allows remote attackers to obtain sensitive ...)
+CVE-2013-6496
 	NOT-FOR-US: Red Hat Conga
 CVE-2013-6495
 	RESERVED
 	NOT-FOR-US: JBossWeb Bayeux
-CVE-2013-6494 (fedup 0.9.0 in Fedora 19, 20, and 21 uses a temporary directory with a ...)
+CVE-2013-6494
 	NOT-FOR-US: fedup (Fedora specific)
-CVE-2013-6493 (The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc ...)
+CVE-2013-6493
 	- icedtea-web 1.4.2-1 (low)
 	[wheezy] - icedtea-web <no-dsa> (Minor issue)
-CVE-2013-6492 (The Piranha Configuration Tool in Piranha 0.8.6 does not properly ...)
+CVE-2013-6492
 	NOT-FOR-US: Pirhana
-CVE-2013-6491 (The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo ...)
+CVE-2013-6491
 	- nova 2013.2.3-1
 	[wheezy] - nova <no-dsa> (Minor issue)
-CVE-2013-6490 (The SIMPLE protocol functionality in Pidgin before 2.10.8 allows ...)
+CVE-2013-6490
 	{DSA-2859-2 DSA-2859-1}
 	- pidgin 2.10.8-1
-CVE-2013-6489 (Integer signedness error in the MXit functionality in Pidgin before ...)
+CVE-2013-6489
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
 CVE-2013-6488
 	REJECTED
-CVE-2013-6487 (Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu ...)
+CVE-2013-6487
 	{DSA-2859-1 DSA-2852-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
 	- libgadu 1:1.11.3-1
-CVE-2013-6486 (gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted ...)
+CVE-2013-6486
 	- pidgin <not-affected> (Windows-specific)
-CVE-2013-6485 (Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows ...)
+CVE-2013-6485
 	{DSA-2859-2 DSA-2859-1}
 	- pidgin 2.10.8-1
-CVE-2013-6484 (The STUN protocol implementation in libpurple in Pidgin before 2.10.8 ...)
+CVE-2013-6484
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6483 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not ...)
+CVE-2013-6483
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2013-6482 (Pidgin before 2.10.8 allows remote MSN servers to cause a denial of ...)
+CVE-2013-6482
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6481 (libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows ...)
+CVE-2013-6481
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6480 (Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter ...)
+CVE-2013-6480
 	- libcloud <not-affected> (affects 0.12.3 to 0.13.3)
 	NOTE: version prior to 0.12.3 don't include a DigitalOcean driver
-CVE-2013-6479 (util.c in libpurple in Pidgin before 2.10.8 does not properly allocate ...)
+CVE-2013-6479
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2013-6478 (gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with ...)
+CVE-2013-6478
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6477 (Multiple integer signedness errors in libpurple in Pidgin before ...)
+CVE-2013-6477
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2013-6476 (The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the ...)
+CVE-2013-6476
 	{DSA-2876-1 DSA-2875-1}
 	- cups-filters 1.0.47-1 (bug #741318)
 	- cups 1.5.0-16 (bug #741333)
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: in oldstable present in debian/local/filters/pdf-filters/pdftoopvp
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176
-CVE-2013-6475 (Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) ...)
+CVE-2013-6475
 	{DSA-2876-1 DSA-2875-1}
 	- cups-filters 1.0.47-1 (bug #741318)
 	- cups 1.5.0-16 (bug #741333)
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: in oldstable present in debian/local/filters/pdf-filters/pdftoopvp
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176
-CVE-2013-6474 (Heap-based buffer overflow in the pdftoopvp filter in CUPS and ...)
+CVE-2013-6474
 	{DSA-2876-1 DSA-2875-1}
 	- cups-filters 1.0.47-1 (bug #741318)
 	- cups 1.5.0-16 (bug #741333)
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: in oldstable present in debian/local/filters/pdf-filters/pdftoopvp
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176
-CVE-2013-6473 (Multiple heap-based buffer overflows in the urftopdf filter in ...)
+CVE-2013-6473
 	- cups-filters 1.0.47-1 (bug #741318)
 	[wheezy] - cups-filters <not-affected> (does not contain urftopdf filter)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7175
-CVE-2013-6472 (MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 ...)
+CVE-2013-6472
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58699
 CVE-2013-6471
 	RESERVED
-CVE-2013-6470 (The default configuration in the standalone controller quickstack ...)
+CVE-2013-6470
 	NOT-FOR-US: openstack foreman-installer
-CVE-2013-6469 (JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows ...)
+CVE-2013-6469
 	NOT-FOR-US: JBoss SOA RTgov
-CVE-2013-6468 (JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM ...)
+CVE-2013-6468
 	NOT-FOR-US: JBoss Drolls
-CVE-2013-6467 (Libreswan 3.7 and earlier allows remote attackers to cause a denial of ...)
+CVE-2013-6467
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt
-CVE-2013-6466 (Openswan 2.6.39 and earlier allows remote attackers to cause a denial ...)
+CVE-2013-6466
 	{DSA-2893-1}
 	- openswan <removed> (bug #737406)
 	NOTE: https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt
-CVE-2013-6465 (Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE ...)
+CVE-2013-6465
 	NOT-FOR-US: JBPM KIE Workbench
 CVE-2013-6464
 	RESERVED
 CVE-2013-6463
 	REJECTED
-CVE-2013-6462 (Stack-based buffer overflow in the bdfReadCharacters function in ...)
+CVE-2013-6462
 	{DSA-2838-1}
 	- libxfont 1:1.4.7-1
 CVE-2013-6461 [DoS while parsing XML entities]
@@ -2847,43 +2847,43 @@ CVE-2013-6460 [DoS while parsing XML documents]
 	- ruby-nokogiri <not-affected> (jruby implementation not shiped)
 	- libnokogiri-ruby <not-affected> (1.4 and earlier not affected)
 	NOTE: https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA
-CVE-2013-6459 (Cross-site scripting (XSS) vulnerability in the will_paginate gem ...)
+CVE-2013-6459
 	- ruby-will-paginate 3.0.5-1 (low; bug #733209)
 	[wheezy] - ruby-will-paginate <no-dsa> (Minor issue)
 	- libwill-paginate-ruby <removed>
 	[squeeze] - libwill-paginate-ruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mislav/will_paginate/releases/tag/v3.0.5
-CVE-2013-6458 (Multiple race conditions in the (1) virDomainBlockStats, (2) ...)
+CVE-2013-6458
 	{DSA-2846-1}
 	- libvirt 1.2.1-1 (bug #734556)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.redhat.com/archives/libvir-list/2013-December/msg01202.html
 	NOTE: upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad
-CVE-2013-6457 (The libxlDomainGetNumaParameters function in the libxl driver ...)
+CVE-2013-6457
 	- libvirt 1.2.1-1
 	[wheezy] - libvirt <not-affected> (Vulnerable code not present)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: https://www.redhat.com/archives/libvir-list/2013-December/msg01258.html
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=f9ee91d35510ccbc6fc42cef8864b291b2d220f4
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commit;h=261c4f5fb93c5e23b8002f2760d4a7937cdb7f63
-CVE-2013-6456 (The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 ...)
+CVE-2013-6456
 	- libvirt 1.2.3-1 (bug #732394)
 	[wheezy] - libvirt <not-affected> (Vulnerable code not present, introduced in v1.0.1)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present, introduced in v1.0.1)
 CVE-2013-6455
 	RESERVED
 	NOT-FOR-US: Mediawiki CentralAuth extension
-CVE-2013-6454 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, ...)
+CVE-2013-6454
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58472
-CVE-2013-6453 (MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 ...)
+CVE-2013-6453
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58553
-CVE-2013-6452 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, ...)
+CVE-2013-6452
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
@@ -2894,81 +2894,81 @@ CVE-2013-6451
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58088
 	NOTE: Introduced by the fix for CVE-2013-4568
-CVE-2013-6450 (The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l ...)
+CVE-2013-6450
 	{DSA-2833-1}
 	- openssl 1.0.1e-5 (low)
 	[squeeze] - openssl <not-affected> (Versions earlier than 1.0.0 are not affected)
-CVE-2013-6449 (The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before ...)
+CVE-2013-6449
 	{DSA-2833-1}
 	- openssl 1.0.1e-5 (bug #732754)
 	[squeeze] - openssl <not-affected> (TLS 1.2 support introduced in 1.0.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1045363
 	NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ca98926
 	NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0294b2b
-CVE-2013-6448 (The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 ...)
+CVE-2013-6448
 	NOT-FOR-US: JBoss Seam
-CVE-2013-6447 (Multiple XML External Entity (XXE) vulnerabilities in the (1) ...)
+CVE-2013-6447
 	NOT-FOR-US: JBoss Seam
-CVE-2013-6446 (The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before ...)
+CVE-2013-6446
 	NOT-FOR-US: Cloudera
-CVE-2013-6445 (Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG ...)
+CVE-2013-6445
 	NOT-FOR-US: Cumin
-CVE-2013-6444 (PyWBEM 0.7 and earlier does not verify that the server hostname ...)
+CVE-2013-6444
 	- pywbem 0.8.0~dev650-1 (bug #732594)
 	[squeeze] - pywbem <no-dsa> (Minor issue)
 	[wheezy] - pywbem <no-dsa> (Minor issue)
 	NOTE: Fix: https://bugzilla.redhat.com/attachment.cgi?id=851357
-CVE-2013-6443 (CloudForms 3.0 Management Engine before 5.2.1.6 allows remote ...)
+CVE-2013-6443
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2013-6442 (The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before ...)
+CVE-2013-6442
 	- samba 2:4.1.6+dfsg-1 (low)
 	[squeeze] - samba <not-affected> (Only affects 4.x and later)
 	[wheezy] - samba <not-affected> (Only affects 4.x and later)
 	- samba4 <removed>
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 	NOTE: http://www.samba.org/samba/security/CVE-2013-6442
-CVE-2013-6441 (The lxc-sshd template (templates/lxc-sshd.in) in LXC before ...)
+CVE-2013-6441
 	{DLA-442-1}
 	- lxc 1.0.0-1 (unimportant)
 	NOTE: getting root on host, if not using unprivileged containers or
 	NOTE: restricting the containers with apparmor or selinux.
 	NOTE: CVE is kept as no official documentation explicitly document this fact
 	NOTE: https://github.com/lxc/lxc/commit/f4d5cc8e1f39d132b61e110674528cac727ae0e2 (lxc-1.0.0.beta2)
-CVE-2013-6440 (The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, ...)
+CVE-2013-6440
 	- opensaml2 <not-affected> (Debian provides the C-based Shibboleth implementation)
 	NOTE: http://shibboleth.net/community/advisories/secadv_20131213.txt
 	NOTE: http://blog.sendsafely.com/post/69590974866/web-based-single-sign-on-and-the-dangers-of-saml-xml
-CVE-2013-6439 (Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a ...)
+CVE-2013-6439
 	NOT-FOR-US: Candlepin
-CVE-2013-6438 (The dav_xml_get_cdata function in main/util.c in the mod_dav module in ...)
+CVE-2013-6438
 	{DLA-66-1}
 	- apache2 2.4.9-1
 	[wheezy] - apache2 2.2.22-13+deb7u2
-CVE-2013-6437 (The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and ...)
+CVE-2013-6437
 	- nova 2013.2.2
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
-CVE-2013-6436 (The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt ...)
+CVE-2013-6436
 	- libvirt 1.2.0-1
 	[squeeze] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
 	[wheezy] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
-CVE-2013-6435 (Race condition in RPM 4.11.1 and earlier allows remote attackers to ...)
+CVE-2013-6435
 	{DSA-3129-1 DLA-140-1}
 	- rpm 4.11.3-1.1 (bug #773101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039811
-CVE-2013-6434 (The remote-viewer in Red Hat Enterprise Virtualization Manager ...)
+CVE-2013-6434
 	NOT-FOR-US: RHEV Manager
-CVE-2013-6433 (The default configuration in the Red Hat openstack-neutron package ...)
+CVE-2013-6433
 	- quantum <removed>
 	[wheezy] - quantum <no-dsa> (Minor issue)
 	- neutron 2014.1-1
 	NOTE: Likely fixed even earlier than 2014.1-1, but that was the oldest version checked
-CVE-2013-6432 (The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel ...)
+CVE-2013-6432
 	- linux 3.12.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.11)
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.11)
 	NOTE: Introduced by https://git.kernel.org/linus/6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67
 	NOTE: fixed by https://git.kernel.org/linus/cf970c002d270c36202bd5b9c2804d3097a52da0
-CVE-2013-6431 (The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before ...)
+CVE-2013-6431
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -2977,24 +2977,24 @@ CVE-2013-6430
 	RESERVED
 	{DSA-2857-1}
 	- libspring-java 3.0.6.RELEASE-11 (bug #735420)
-CVE-2013-6429 (The SourceHttpMessageConverter in Spring MVC in Spring Framework ...)
+CVE-2013-6429
 	{DSA-2857-1}
 	- libspring-java 3.0.6.RELEASE-11 (bug #735420)
-CVE-2013-6428 (The ReST API in OpenStack Orchestration API (Heat) before Havana ...)
+CVE-2013-6428
 	- heat 2013.2.1-1 (bug #732033)
 	NOTE: https://launchpad.net/bugs/1256983
-CVE-2013-6427 (upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing ...)
+CVE-2013-6427
 	{DSA-2829-1}
 	- hplip 3.13.11-2 (bug #731480)
 	[squeeze] - hplip <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=853405
-CVE-2013-6426 (The cloudformation-compatible API in OpenStack Orchestration API ...)
+CVE-2013-6426
 	- heat 2013.2.1-1 (bug #732033)
 	NOTE: https://launchpad.net/bugs/1256049
-CVE-2013-6425 (Integer underflow in the pixman_trapezoid_valid macro in pixman.h in ...)
+CVE-2013-6425
 	{DSA-2823-1}
 	- pixman 0.30.2-2
-CVE-2013-6424 (Integer underflow in the xTrapezoidValid macro in render/picture.h in ...)
+CVE-2013-6424
 	{DSA-2822-1}
 	- xorg-server 2:1.14.2.901-1 (low; bug #742922)
 	NOTE: Band-aid fix in Wheezy not applicable to upstream code, fixed post-Wheezy
@@ -3002,27 +3002,27 @@ CVE-2013-6424 (Integer underflow in the xTrapezoidValid macro in render/picture.
 	NOTE: Mark the first post-wheezy xorg-server as a pseudo fixed version
 CVE-2013-6423
 	RESERVED
-CVE-2013-6422 (The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling ...)
+CVE-2013-6422
 	{DSA-2824-1}
 	- curl 7.34.0-1
 	[squeeze] - curl <not-affected> (issue introduced with 59cf93cc, 7.21.4)
-CVE-2013-6421 (The unpack_zip function in archive_unpacker.rb in the sprout gem ...)
+CVE-2013-6421
 	NOT-FOR-US: Ruby Gem sprout
-CVE-2013-6420 (The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP ...)
+CVE-2013-6420
 	{DSA-2816-1}
 	- php5 5.5.6+dfsg-2 (bug #731895)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415
-CVE-2013-6419 (Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 ...)
+CVE-2013-6419
 	- neutron 2013.2.1-1
 	- nova 2013.2.1-1
 	[wheezy] - nova <not-affected> (Only exploitable in combination in neutron, not in Wheezy)
 	NOTE: https://launchpad.net/bugs/1235450
-CVE-2013-6418 (PyWBEM 0.7 and earlier uses a separate connection to validate X.509 ...)
+CVE-2013-6418
 	- pywbem 0.8.0~dev650-1 (low; bug #732594)
 	[squeeze] - pywbem <no-dsa> (Minor issue)
 	[wheezy] - pywbem <no-dsa> (Minor issue)
 	NOTE: fix: https://bugzilla.redhat.com/attachment.cgi?id=851357
-CVE-2013-6417 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
+CVE-2013-6417
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -3031,13 +3031,13 @@ CVE-2013-6417 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails b
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: CVE for incomplete fix for CVE-2013-0155
-CVE-2013-6416 (Cross-site scripting (XSS) vulnerability in the simple_format helper ...)
+CVE-2013-6416
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- ruby-actionpack-3.2 <not-affected> (vulnerable code not present)
 	- ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-6415 (Cross-site scripting (XSS) vulnerability in the number_to_currency ...)
+CVE-2013-6415
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -3046,7 +3046,7 @@ CVE-2013-6415 (Cross-site scripting (XSS) vulnerability in the number_to_currenc
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-6414 (actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on ...)
+CVE-2013-6414
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -3054,32 +3054,32 @@ CVE-2013-6414 (actionpack/lib/action_view/lookup_context.rb in Action View in Ru
 	- ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-6413 (Use-after-free vulnerability in UnrealIRCd 3.2.10 before 3.2.10.2 ...)
+CVE-2013-6413
 	- unrealircd <itp> (bug #515130)
 	NOTE: http://forums.unrealircd.com/viewtopic.php?f=2&t=8221
-CVE-2013-6412 (The transform_save function in transform.c in Augeas 1.0.0 through ...)
+CVE-2013-6412
 	{DLA-28-1}
 	- augeas 1.2.0-0.1 (bug #731111)
 	[wheezy] - augeas <not-affected> (Affected patch not present/applied)
 	[squeeze] - augeas <not-affected> (Affected patch not present/applied)
 	NOTE: only if applied original patch for CVE-2012-0786
-CVE-2013-6411 (The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD ...)
+CVE-2013-6411
 	- openttd 1.3.3-1 (low)
 	[squeeze] - openttd 1.0.4-7
 	[wheezy] - openttd 1.2.1-3
 	NOTE: http://bugs.openttd.org/task/5820
-CVE-2013-6410 (nbd-server in Network Block Device (nbd) before 3.5 does not properly ...)
+CVE-2013-6410
 	{DSA-2806-1}
 	- nbd 1:3.5-1
 	NOTE: http://anonscm.debian.org/gitweb/?p=users/wouter/nbd.git;a=commitdiff;h=0e9bd98c44dd94d9ede92655a36849fbc8cbf5b9
-CVE-2013-6409 (Debian adequate before 0.8.1, when run by root with the --user option, ...)
+CVE-2013-6409
 	- adequate 0.8.1 (bug #730691)
 	NOTE: https://bitbucket.org/jwilk/adequate/commits/94e5fc5d810057bffb673501ed809f7c2dabd9ee
-CVE-2013-6408 (The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does ...)
+CVE-2013-6408
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-4881
-CVE-2013-6407 (The UpdateRequestHandler for XML in Apache Solr before 4.1 allows ...)
+CVE-2013-6407
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-3895
@@ -3087,41 +3087,41 @@ CVE-2013-6406
 	REJECTED
 CVE-2013-6405
 	REJECTED
-CVE-2013-6404 (Quassel core (server daemon) in Quassel IRC before 0.9.2 does not ...)
+CVE-2013-6404
 	- quassel 0.9.2-1 (low)
 	[wheezy] - quassel 0.8.0-1+deb7u1
 	[squeeze] - quassel <no-dsa> (Minor issue)
 	NOTE: https://github.com/quassel/quassel/commit/a1a24da
-CVE-2013-6403 (The admin page in ownCloud before 5.0.13 allows remote attackers to ...)
+CVE-2013-6403
 	- owncloud 5.0.13+dfsg-1
-CVE-2013-6402 (base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 ...)
+CVE-2013-6402
 	{DSA-2829-1}
 	- hplip 3.13.11-2.1 (bug #725876)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=852368
-CVE-2013-6401 (Jansson, possibly 2.4 and earlier, does not restrict the ability to ...)
+CVE-2013-6401
 	- jansson 2.6-1 (bug #738647)
 	[wheezy] - jansson <no-dsa> (Minor issue)
-CVE-2013-6400 (Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been ...)
+CVE-2013-6400
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (4.2.x and later are vulnerable)
 	[squeeze] - xen <not-affected> (4.2.x and later are vulnerable)
-CVE-2013-6399 (Array index error in the virtio_load function in hw/virtio/virtio.c in ...)
+CVE-2013-6399
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-6398 (The virtual router in Apache CloudStack before 4.2.1 does not preserve ...)
+CVE-2013-6398
 	NOT-FOR-US: Apache CloudStack
-CVE-2013-6397 (Directory traversal vulnerability in SolrResourceLoader in Apache Solr ...)
+CVE-2013-6397
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-4882
-CVE-2013-6396 (The OpenStack Python client library for Swift (python-swiftclient) 1.0 ...)
+CVE-2013-6396
 	- python-swiftclient 1:2.0.2-1 (bug #730626)
 	NOTE: https://bugs.launchpad.net/python-swiftclient/+bug/1199783
-CVE-2013-6395 (Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web ...)
+CVE-2013-6395
 	- ganglia-web <unfixed> (unimportant; bug #730507)
 	[squeeze] - ganglia <not-affected> (Vulnerable code not present)
 	NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone, #702776
@@ -3130,61 +3130,61 @@ CVE-2013-6395 (Cross-site scripting (XSS) vulnerability in header.php in Ganglia
 	NOTE: ganglia-web and ganglia are now two separate source packages
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: https://github.com/ganglia/ganglia-web/issues/218
-CVE-2013-6394 (Percona XtraBackup before 2.1.6 uses a constant string for the ...)
+CVE-2013-6394
 	- percona-xtrabackup 2.1.6-2 (bug #730544)
-CVE-2013-6393 (The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before ...)
+CVE-2013-6393
 	{DSA-2870-1 DSA-2850-1}
 	- libyaml 0.1.4-3 (bug #737076)
 	- libyaml-libyaml-perl 0.41-4
-CVE-2013-6392 (The genlock_dev_ioctl function in genlock.c in the Genlock driver for ...)
+CVE-2013-6392
 	- linux-2.6 <not-affected> (Android-specific)
 	- linux <not-affected> (Android-specific)
 	NOTE: https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625&h=jb_3.2.3
-CVE-2013-6391 (The ec2tokens API in OpenStack Identity (Keystone) before Havana ...)
+CVE-2013-6391
 	- keystone 2013.2.1-1 (bug #731981)
 	[wheezy] - keystone <not-affected> (vulnerable code not present)
 	NOTE: https://launchpad.net/bugs/1242597
 CVE-2013-6390
 	RESERVED
-CVE-2013-6389 (Open redirect vulnerability in the Overlay module in Drupal 7.x before ...)
+CVE-2013-6389
 	{DSA-2804-1}
 	- drupal7 7.24-1
-CVE-2013-6388 (Cross-site scripting (XSS) vulnerability in the Color module in Drupal ...)
+CVE-2013-6388
 	{DSA-2804-1}
 	- drupal7 7.24-1
-CVE-2013-6387 (Cross-site scripting (XSS) vulnerability in the Image module in Drupal ...)
+CVE-2013-6387
 	{DSA-2804-1}
 	- drupal7 7.24-1
-CVE-2013-6386 (Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand ...)
+CVE-2013-6386
 	{DSA-2828-1 DSA-2804-1}
 	- drupal6 <removed>
 	- drupal7 7.24-1
 	NOTE: https://drupal.org/SA-CORE-2013-003
-CVE-2013-6385 (The form API in Drupal 6.x before 6.29 and 7.x before 7.24, when used ...)
+CVE-2013-6385
 	{DSA-2828-1 DSA-2804-1}
 	- drupal6 <removed>
 	- drupal7 7.24-1
 	NOTE: https://drupal.org/SA-CORE-2013-003
-CVE-2013-6384 ((1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 ...)
+CVE-2013-6384
 	- ceilometer 2013.2-4 (bug #730227)
-CVE-2013-6383 (The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the ...)
+CVE-2013-6383
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.53-1
 	- linux 3.11.8-1
 	NOTE: https://git.kernel.org/linus/f856567b930dfcdbc3323261bf77240ccdde01f5
-CVE-2013-6382 (Multiple buffer underflows in the XFS implementation in the Linux ...)
+CVE-2013-6382
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.10-1 (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-6381 (Buffer overflow in the qeth_snmp_command function in ...)
+CVE-2013-6381
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.10-1 (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/linus/6fb392b1a63ae36c31f62bc3fc8630b49d602b62
-CVE-2013-6380 (The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in ...)
+CVE-2013-6380
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.10-1
@@ -3192,7 +3192,7 @@ CVE-2013-6380 (The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c
 	NOTE: https://git.kernel.org/linus/b4789b8e6be3151a955ade74872822f30e8cd914
 CVE-2013-6379
 	REJECTED
-CVE-2013-6378 (The lbs_debugfs_write function in ...)
+CVE-2013-6378
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.10-1 (low)
@@ -3200,39 +3200,39 @@ CVE-2013-6378 (The lbs_debugfs_write function in ...)
 	NOTE: https://git.kernel.org/linus/a497e47d4aec37aaf8f13509f3ef3d1f6a717d88
 CVE-2013-6377
 	REJECTED
-CVE-2013-6376 (The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM ...)
+CVE-2013-6376
 	- linux 3.12.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
-CVE-2013-6375 (Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does ...)
+CVE-2013-6375
 	- xen 4.4.0-1 (bug #730254)
 	[squeeze] - xen <not-affected> (Only affects >= 4.2)
 	[wheezy] - xen <not-affected> (Only affects >= 4.2)
-CVE-2013-6374 (Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer ...)
+CVE-2013-6374
 	- jenkins <not-affected> (Affected plugins are not shipped in Debian, bug #730457)
-CVE-2013-6373 (The Exclusion plugin before 0.9 for Jenkins does not properly prevent ...)
+CVE-2013-6373
 	- jenkins <not-affected> (Affected plugins are not shipped in Debian, bug #730457)
-CVE-2013-6372 (The Subversion plugin before 1.54 for Jenkins stores credentials using ...)
+CVE-2013-6372
 	- jenkins <not-affected> (Affected plugins are not shipped in Debian, bug #730457)
-CVE-2013-6371 (The hash functionality in json-c before 0.12 allows context-dependent ...)
+CVE-2013-6371
 	- json-c 0.11-4 (bug #744008)
 	[wheezy] - json-c <no-dsa> (Minor issue)
 	[squeeze] - json-c <no-dsa> (Minor issue)
 	NOTE: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
-CVE-2013-6370 (Buffer overflow in the printbuf APIs in json-c before 0.12 allows ...)
+CVE-2013-6370
 	- json-c 0.11-4 (bug #744008)
 	[wheezy] - json-c <no-dsa> (Minor issue)
 	[squeeze] - json-c <no-dsa> (Minor issue)
 	NOTE: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
-CVE-2013-6369 (Stack-based buffer overflow in the jbg_dec_in function in ...)
+CVE-2013-6369
 	{DSA-2900-1}
 	- jbigkit 2.0-2.1 (bug #743960)
-CVE-2013-6368 (The KVM subsystem in the Linux kernel through 3.12.5 allows local ...)
+CVE-2013-6368
 	- linux 3.12.5-1
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, KVM server not supported in squeeze-lts)
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.54-1
-CVE-2013-6367 (The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM ...)
+CVE-2013-6367
 	{DSA-2906-1}
 	- linux 3.12.5-1
 	- linux-2.6 <removed>
@@ -3245,14 +3245,14 @@ CVE-2013-6361
 	RESERVED
 CVE-2013-6360
 	RESERVED
-CVE-2013-6359 (Munin::Master::Node in Munin before 2.0.18 allows remote attackers to ...)
+CVE-2013-6359
 	{DSA-2815-1 DLA-20-1}
 	- munin 2.0.18-1
 	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://munin-monitoring.org/ticket/1397
 CVE-2013-6358
 	RESERVED
-CVE-2013-6357 (** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2013-6357
 	NOT-FOR-US: Disputed non-issue in Tomcat
 CVE-2013-6356
 	REJECTED
@@ -3268,26 +3268,26 @@ CVE-2013-6351
 	RESERVED
 CVE-2013-6350
 	RESERVED
-CVE-2013-6349 (McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before 7.5.1 ...)
+CVE-2013-6349
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-6348 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts ...)
+CVE-2013-6348
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.3)
 	NOTE: https://issues.apache.org/jira/browse/WW-4213
-CVE-2013-6347 (Session fixation vulnerability in Novell ZENworks Configuration ...)
+CVE-2013-6347
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6346 (Cross-site request forgery (CSRF) vulnerability in the ZCC page in ...)
+CVE-2013-6346
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6345 (Unspecified vulnerability in the ZCC page in Novell ZENworks ...)
+CVE-2013-6345
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6344 (The ZCC page in Novell ZENworks Configuration Management (ZCM) before ...)
+CVE-2013-6344
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6343 (Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and ...)
+CVE-2013-6343
 	NOT-FOR-US: ASUS Router
-CVE-2013-6342 (Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin ...)
+CVE-2013-6342
 	NOT-FOR-US: Tweet Blender plugin for WP
-CVE-2013-6341 (SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows ...)
+CVE-2013-6341
 	NOT-FOR-US: Dokeos
-CVE-2013-6366 (The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote ...)
+CVE-2013-6366
 	NOT-FOR-US: VMware Hyperic HQ
 CVE-2013-6365 [CSRF edit.php]
 	RESERVED
@@ -3304,103 +3304,103 @@ CVE-2013-6364 [XSS and CSRF search.php]
 	- turba2 <removed>
 	[squeeze] - turba2 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/horde/horde/commit/74f9add4ad86c29b608270e33b17426163b3c8cf
-CVE-2013-6340 (epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x ...)
+CVE-2013-6340
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9263
-CVE-2013-6339 (The dissect_openwire_type function in ...)
+CVE-2013-6339
 	{DLA-497-1}
 	- wireshark 1.10.3-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (OpenWire dissector introduced in 1.8.0)
 	NOTE: Not suitable for code injection
-CVE-2013-6338 (The dissect_sip_common function in epan/dissectors/packet-sip.c in the ...)
+CVE-2013-6338
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9228
-CVE-2013-6337 (Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x ...)
+CVE-2013-6337
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9168 not accessible
-CVE-2013-6336 (The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c ...)
+CVE-2013-6336
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	[squeeze] - wireshark <not-affected> (code introduced in 1.6.0)
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=52036
-CVE-2013-6335 (The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for ...)
+CVE-2013-6335
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2013-6334 (IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, ...)
+CVE-2013-6334
 	NOT-FOR-US: IBM
-CVE-2013-6333 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in ...)
+CVE-2013-6333
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6332 (Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 ...)
+CVE-2013-6332
 	NOT-FOR-US: IBM Algo One UDS
-CVE-2013-6331 (SQL injection vulnerability in IBM Algo One, as used in MetaData ...)
+CVE-2013-6331
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6330 (IBM WebSphere Application Server 7.x before 7.0.0.31, when ...)
+CVE-2013-6330
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-6329 (IBM Global Security Kit (aka GSKit), as used in Content Manager ...)
+CVE-2013-6329
 	NOT-FOR-US: IBM Global Security Kit
-CVE-2013-6328 (Cross-site scripting (XSS) vulnerability in the Web Content Manager ...)
+CVE-2013-6328
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6327 (Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM ...)
+CVE-2013-6327
 	NOT-FOR-US: IBM
 CVE-2013-6326
 	RESERVED
-CVE-2013-6325 (IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before ...)
+CVE-2013-6325
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-6324
 	RESERVED
-CVE-2013-6323 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2013-6323
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-6322 (Cross-site scripting (XSS) vulnerability in Sterling Order Management ...)
+CVE-2013-6322
 	NOT-FOR-US: IBM Sterling Selling and Fulfillment Suite
-CVE-2013-6321 (SQL injection vulnerability in IBM Atlas eDiscovery Process Management ...)
+CVE-2013-6321
 	NOT-FOR-US: IBM Atlas eDiscovery Process Management
-CVE-2013-6320 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in ...)
+CVE-2013-6320
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6319 (IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 ...)
+CVE-2013-6319
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6318 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in ...)
+CVE-2013-6318
 	NOT-FOR-US: IBM Algo One
 CVE-2013-6317
 	RESERVED
-CVE-2013-6316 (IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before ...)
+CVE-2013-6316
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6315 (IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and ...)
+CVE-2013-6315
 	NOT-FOR-US: IBM InfoSphere Enterprise Records
-CVE-2013-6314 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise ...)
+CVE-2013-6314
 	NOT-FOR-US: IBM InfoSphere Enterprise Records
 CVE-2013-6313
 	RESERVED
-CVE-2013-6312 (Unspecified vulnerability in IBM Rational Service Tester 8.3.x and ...)
+CVE-2013-6312
 	NOT-FOR-US: IBM
-CVE-2013-6311 (SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 ...)
+CVE-2013-6311
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6310 (Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 ...)
+CVE-2013-6310
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6309 (IBM Marketing Platform 9.1 before FP2 allows remote authenticated ...)
+CVE-2013-6309
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6308 (IBM Marketing Platform 9.1 before FP2 allows remote authenticated ...)
+CVE-2013-6308
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6307 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+CVE-2013-6307
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2013-6306 (Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 ...)
+CVE-2013-6306
 	NOT-FOR-US: IBM Power 7
-CVE-2013-6305 (IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build ...)
+CVE-2013-6305
 	NOT-FOR-US: IBM Platform Symphony
-CVE-2013-6304 (Multiple directory traversal vulnerabilities in Algo Risk Application ...)
+CVE-2013-6304
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6303 (Directory traversal vulnerability in IBM Algo One, as used in MetaData ...)
+CVE-2013-6303
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6302 (SQL injection vulnerability in IBM Algo One, as used in MetaData ...)
+CVE-2013-6302
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6301 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in ...)
+CVE-2013-6301
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6300 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in ...)
+CVE-2013-6300
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6299 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in ...)
+CVE-2013-6299
 	NOT-FOR-US: IBM Algo One
 CVE-2013-6298
 	RESERVED
@@ -3424,21 +3424,21 @@ CVE-2013-6287
 	RESERVED
 CVE-2013-6286
 	RESERVED
-CVE-2013-6284 (Unspecified vulnerability in the Statutory Reporting for Insurance ...)
+CVE-2013-6284
 	NOT-FOR-US: Financial Services module for SAP ERP Central Component
-CVE-2013-6283 (VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to ...)
+CVE-2013-6283
 	- vlc 2.1.0-2 (unimportant)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: User-assisted DoS for X session (freezes window manager) in 2.0.3-5
-CVE-2013-6282 (The (1) get_user and (2) put_user API functions in the Linux kernel ...)
+CVE-2013-6282
 	- linux 3.6.4-1~experimental.1
 	- linux-2.6 <not-affected> (Introduced in 2.6.38)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://www.codeaurora.org/projects/security-advisories/missing-access-checks-putusergetuser-kernel-api-cve-2013-6282
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/arm/include/asm/uaccess.h?id=8404663f81d212918ff85f493649a7991209fa04
-CVE-2013-6281 (Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php ...)
+CVE-2013-6281
 	NOT-FOR-US: Wordpress plugin
-CVE-2013-6280 (Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit ...)
+CVE-2013-6280
 	NOT-FOR-US: Wordpress plugin
 CVE-2013-6279
 	RESERVED
@@ -3452,9 +3452,9 @@ CVE-2013-6274
 	RESERVED
 CVE-2013-6273
 	RESERVED
-CVE-2013-6272 (The NotificationBroadcastReceiver class in the com.android.phone ...)
+CVE-2013-6272
 	NOT-FOR-US: Android
-CVE-2013-6271 (Android 4.0 through 4.3 allows attackers to bypass intended access ...)
+CVE-2013-6271
 	NOT-FOR-US: Android
 CVE-2013-6270
 	RESERVED
@@ -3462,7 +3462,7 @@ CVE-2013-6269
 	RESERVED
 CVE-2013-6268
 	RESERVED
-CVE-2013-6267 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...)
+CVE-2013-6267
 	NOT-FOR-US: Claroline
 CVE-2013-6266
 	REJECTED
@@ -3504,17 +3504,17 @@ CVE-2013-6248
 	REJECTED
 CVE-2013-6247
 	REJECTED
-CVE-2013-6246 (The Dell Quest One Password Manager, possibly 5.0, allows remote ...)
+CVE-2013-6246
 	NOT-FOR-US: Dell Quest One Password Manager
-CVE-2013-6245 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...)
+CVE-2013-6245
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6244 (The Live Update webdynpro application ...)
+CVE-2013-6244
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-6289 (Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 ...)
+CVE-2013-6289
 	NOT-FOR-US: TYPO3 extension Apache Solr
-CVE-2013-6288 (Unspecified vulnerability in the Apache Solr for TYPO3 (solr) ...)
+CVE-2013-6288
 	NOT-FOR-US: TYPO3 extension Apache Solr
-CVE-2013-6285 (The search component in the Treasurer application in Tyler ...)
+CVE-2013-6285
 	NOT-FOR-US: Tyler Technologies TaxWeb
 CVE-2013-6275 [CSRF]
 	RESERVED
@@ -3523,7 +3523,7 @@ CVE-2013-6275 [CSRF]
 CVE-2013-6242
 	RESERVED
 	NOT-FOR-US: Open-Xchange
-CVE-2013-6241 (The Birthday widget in the backend in Open-Xchange (OX) AppSuite 7.2.x ...)
+CVE-2013-6241
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6240
 	RESERVED
@@ -3531,110 +3531,110 @@ CVE-2013-6239
 	RESERVED
 CVE-2013-6238
 	RESERVED
-CVE-2013-6237 (The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 ...)
+CVE-2013-6237
 	NOT-FOR-US: ISL Light
 CVE-2013-6236
 	RESERVED
 	NOT-FOR-US: Stem Innovations IZON
-CVE-2013-6235 (Multiple cross-site scripting (XSS) vulnerabilities in JAMon (Java ...)
+CVE-2013-6235
 	- libjamon-java <not-affected> (jamon.war/JAMon web apps gets excluded by debian/orig-tar.sh)
 	NOTE: http://seclists.org/bugtraq/2014/Jan/92
 CVE-2013-6234
 	RESERVED
 	NOT-FOR-US: SpagoBI
-CVE-2013-6233 (Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows ...)
+CVE-2013-6233
 	NOT-FOR-US: SpagoBI
-CVE-2013-6232 (Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows ...)
+CVE-2013-6232
 	NOT-FOR-US: SpagoBI
 CVE-2013-6231
 	RESERVED
 	NOT-FOR-US: SpagoBI
-CVE-2013-6230 (The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ...)
+CVE-2013-6230
 	- bind9 <not-affected> (Affects only Windows systems)
 	NOTE: https://kb.isc.org/article/AA-01062
-CVE-2013-6229 (Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail ...)
+CVE-2013-6229
 	- atmailopen <removed>
 CVE-2013-6228
 	RESERVED
-CVE-2013-6227 (Unrestricted file upload vulnerability in ...)
+CVE-2013-6227
 	NOT-FOR-US: Zoho plugin in Pydio (AjaXplorer)
-CVE-2013-6226 (Directory traversal vulnerability in ...)
+CVE-2013-6226
 	NOT-FOR-US: Pydio (AjaXplorer) Zoho Editor plugin
 CVE-2013-6225
 	RESERVED
-CVE-2013-6224 (Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla ...)
+CVE-2013-6224
 	NOT-FOR-US: Livezilla
-CVE-2013-6223 (LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and ...)
+CVE-2013-6223
 	NOT-FOR-US: Livezilla
-CVE-2013-6222 (Cross-site scripting (XSS) vulnerability in the Mobility Web Client ...)
+CVE-2013-6222
 	NOT-FOR-US: HP Service Manager
-CVE-2013-6221 (Directory traversal vulnerability in CommunicationServlet in HP ...)
+CVE-2013-6221
 	NOT-FOR-US: HP Service Virtualization
-CVE-2013-6220 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i ...)
+CVE-2013-6220
 	NOT-FOR-US: HP
-CVE-2013-6219 (Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before ...)
+CVE-2013-6219
 	NOT-FOR-US: HP-UX
-CVE-2013-6218 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, ...)
+CVE-2013-6218
 	NOT-FOR-US: HP
 CVE-2013-6217
 	REJECTED
-CVE-2013-6216 (Unspecified vulnerability in HP Array Configuration Utility, Array ...)
+CVE-2013-6216
 	NOT-FOR-US: HP
-CVE-2013-6215 (Unspecified vulnerability in the Integration Service in HP Universal ...)
+CVE-2013-6215
 	NOT-FOR-US: HP Universal Configuration Management Database Integration Service
-CVE-2013-6214 (Unspecified vulnerability in the Integration Service in HP Universal ...)
+CVE-2013-6214
 	NOT-FOR-US: HP
-CVE-2013-6213 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner ...)
+CVE-2013-6213
 	NOT-FOR-US: HP
-CVE-2013-6212 (Unspecified vulnerability in HP Database and Middleware Automation ...)
+CVE-2013-6212
 	NOT-FOR-US: HP
-CVE-2013-6211 (Unspecified vulnerability in HP StoreOnce Virtual Storage Appliance ...)
+CVE-2013-6211
 	NOT-FOR-US: HP StoreOnce
-CVE-2013-6210 (Unspecified vulnerability in HP Unified Functional Testing before 12.0 ...)
+CVE-2013-6210
 	NOT-FOR-US: HP Unified Functional Testing
-CVE-2013-6209 (Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP ...)
+CVE-2013-6209
 	NOT-FOR-US: NFS subsystem in HP HP-UX
-CVE-2013-6208 (Unspecified vulnerability in HP Smart Update Manager 5.3.5 before ...)
+CVE-2013-6208
 	NOT-FOR-US: HP Smart Update Manager
-CVE-2013-6207 (Unspecified vulnerability in the loadFileContents function in the SOAP ...)
+CVE-2013-6207
 	NOT-FOR-US: HP SiteScope
-CVE-2013-6206 (Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and ...)
+CVE-2013-6206
 	NOT-FOR-US: HP
-CVE-2013-6205 (Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and ...)
+CVE-2013-6205
 	NOT-FOR-US: HP
-CVE-2013-6204 (The Web Console in HP Application Information Optimizer (formerly HP ...)
+CVE-2013-6204
 	NOT-FOR-US: HP Application Information Optimizer
-CVE-2013-6203 (The Web Console in HP Application Information Optimizer (formerly HP ...)
+CVE-2013-6203
 	NOT-FOR-US: HP Application Information Optimizer
-CVE-2013-6202 (Multiple cross-site request forgery (CSRF) vulnerabilities in HP ...)
+CVE-2013-6202
 	NOT-FOR-US: HP Service Manager
-CVE-2013-6201 (Unspecified vulnerability in HP Security Management System 3.3.0, ...)
+CVE-2013-6201
 	NOT-FOR-US: HP Security Management System
-CVE-2013-6200 (Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows ...)
+CVE-2013-6200
 	NOT-FOR-US: HP-UX
 CVE-2013-6199
 	REJECTED
-CVE-2013-6198 (Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier ...)
+CVE-2013-6198
 	NOT-FOR-US: HP Service Manager WebTier and Windows Client
-CVE-2013-6197 (Unspecified vulnerability in HP Service Manager WebTier and Windows ...)
+CVE-2013-6197
 	NOT-FOR-US: HP Service Manager WebTier and Windows Client
-CVE-2013-6196 (Cross-site scripting (XSS) vulnerability in HP Autonomy Ultraseek 5 ...)
+CVE-2013-6196
 	NOT-FOR-US: HP Autonomy Ultraseek
-CVE-2013-6195 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-6195
 	NOT-FOR-US: HP Data Protector
-CVE-2013-6194 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-6194
 	NOT-FOR-US: HP Data Protector
-CVE-2013-6193 (Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet ...)
+CVE-2013-6193
 	NOT-FOR-US: HP Printers
-CVE-2013-6192 (Cross-site request forgery (CSRF) vulnerability in HP Operations ...)
+CVE-2013-6192
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2013-6191 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
+CVE-2013-6191
 	NOT-FOR-US: HP Operations Orchestration
 CVE-2013-6190
 	REJECTED
-CVE-2013-6189 (Unspecified vulnerability in the Archive Query Server in HP ...)
+CVE-2013-6189
 	NOT-FOR-US: HP Application Information Optimizer
-CVE-2013-6188 (Cross-site request forgery (CSRF) vulnerability in HP System ...)
+CVE-2013-6188
 	NOT-FOR-US: HP System Management Homepage
 CVE-2013-6187
 	REJECTED
@@ -3646,50 +3646,50 @@ CVE-2013-6184
 	REJECTED
 CVE-2013-6183
 	REJECTED
-CVE-2013-6182 (Unquoted Windows search path vulnerability in EMC Replication Manager ...)
+CVE-2013-6182
 	NOT-FOR-US: EMC Replication Manager
-CVE-2013-6181 (EMC Watch4Net before 6.3 stores cleartext polled-device passwords in ...)
+CVE-2013-6181
 	NOT-FOR-US: EMC Watch4net
-CVE-2013-6180 (EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness ...)
+CVE-2013-6180
 	NOT-FOR-US: RSA Security Analytics
 CVE-2013-6179
 	REJECTED
-CVE-2013-6178 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer ...)
+CVE-2013-6178
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2013-6177 (Directory traversal vulnerability in EMC Document Sciences xPression ...)
+CVE-2013-6177
 	NOT-FOR-US: EMC
-CVE-2013-6176 (Multiple SQL injection vulnerabilities in EMC Document Sciences ...)
+CVE-2013-6176
 	NOT-FOR-US: EMC
-CVE-2013-6175 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Document ...)
+CVE-2013-6175
 	NOT-FOR-US: EMC
-CVE-2013-6174 (Multiple open redirect vulnerabilities in xAdmin in EMC Document ...)
+CVE-2013-6174
 	NOT-FOR-US: EMC
-CVE-2013-6173 (Multiple cross-site request forgery (CSRF) vulnerabilities in EMC ...)
+CVE-2013-6173
 	NOT-FOR-US: EMC
-CVE-2013-6172 (steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x ...)
+CVE-2013-6172
 	{DSA-2787-1}
 	- roundcube 0.9.4-1.1 (bug #727668)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://web.archive.org/web/20160304042345/http://roundcube.net/news/2013/10/21/security-updates-095-and-087/
 	NOTE: http://trac.roundcube.net/ticket/1489382
-CVE-2013-6171 (checkpassword-reply in Dovecot before 2.2.7 performs setuid operations ...)
+CVE-2013-6171
 	- dovecot 1:2.2.9-1 (low; bug #729063)
 	[wheezy] - dovecot <no-dsa> (Minor issue)
 	[squeeze] - dovecot <no-dsa> (Minor issue)
-CVE-2013-6170 (Juniper Junos 10.0 before 10.0S28, 10.4 before 10.4R7, 11.1 before ...)
+CVE-2013-6170
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6169 (The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) ...)
+CVE-2013-6169
 	{DSA-2775-1}
 	- ejabberd 2.1.11-1 (bug #722105)
-CVE-2013-6168 (Cross-site scripting (XSS) vulnerability in Zikula Application ...)
+CVE-2013-6168
 	NOT-FOR-US: Zikula
 CVE-2013-6165
 	RESERVED
-CVE-2013-6164 (SQL injection vulnerability in view/objectDetail.php in Project'Or RIA ...)
+CVE-2013-6164
 	NOT-FOR-US: Project'Or RIA
-CVE-2013-6163 (Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr ...)
+CVE-2013-6163
 	NOT-FOR-US: Project'Or RIA
-CVE-2013-6162 (Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail ...)
+CVE-2013-6162
 	NOT-FOR-US: Code-Crafters Ability Mail Server
 CVE-2013-6161
 	REJECTED
@@ -3727,11 +3727,11 @@ CVE-2013-6145
 	REJECTED
 CVE-2013-6144
 	REJECTED
-CVE-2013-6143 (The Schneider Electric Telvent SAGE 3030 RTU with firmware ...)
+CVE-2013-6143
 	NOT-FOR-US: Schneider Electric Telvent SAGE 3030 RTU
-CVE-2013-6142 (DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA ...)
+CVE-2013-6142
 	NOT-FOR-US: Schneider Electric ClearSCADA
-CVE-2013-6141 (Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers ...)
+CVE-2013-6141
 	NOT-FOR-US: op5
 CVE-2013-6140
 	RESERVED
@@ -3755,19 +3755,19 @@ CVE-2013-6131
 	RESERVED
 CVE-2013-6130
 	RESERVED
-CVE-2013-6128 (The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before ...)
+CVE-2013-6128
 	NOT-FOR-US: WellinTech KingView
-CVE-2013-6127 (The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before ...)
+CVE-2013-6127
 	NOT-FOR-US: WellinTech KingView
 CVE-2013-6126
 	REJECTED
 CVE-2013-6125
 	REJECTED
-CVE-2013-6124 (The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora ...)
+CVE-2013-6124
 	NOT-FOR-US: Qualcomm (Android)
-CVE-2013-6123 (Multiple array index errors in ...)
+CVE-2013-6123
 	NOT-FOR-US: Android Linux kernel
-CVE-2013-6122 (goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux ...)
+CVE-2013-6122
 	NOT-FOR-US: Goodix gt915 Android touchscreen driver
 CVE-2013-6121
 	RESERVED
@@ -3777,19 +3777,19 @@ CVE-2013-6119
 	RESERVED
 CVE-2013-6118
 	RESERVED
-CVE-2013-6117 (Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to ...)
+CVE-2013-6117
 	NOT-FOR-US: Dahua DVR
 CVE-2013-6116
 	RESERVED
 CVE-2013-6115
 	RESERVED
-CVE-2013-6114 (Integer overflow in the OZDocument::parseElement function in Apple ...)
+CVE-2013-6114
 	NOT-FOR-US: Apple Motion
 CVE-2013-6113
 	RESERVED
 CVE-2013-6112
 	RESERVED
-CVE-2013-6111 (Cross-site scripting (XSS) vulnerability in the mod_pagespeed module ...)
+CVE-2013-6111
 	NOT-FOR-US: mod_pagespeed
 CVE-2013-6110
 	RESERVED
@@ -3853,20 +3853,20 @@ CVE-2013-6081
 	REJECTED
 CVE-2013-6080
 	REJECTED
-CVE-2013-6079 (Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 ...)
+CVE-2013-6079
 	NOT-FOR-US: MostGear Soft Easy LAN Folder Share
-CVE-2013-6078 (The default configuration of EMC RSA BSAFE Toolkits and RSA Data ...)
+CVE-2013-6078
 	NOT-FOR-US: EMC RSA
-CVE-2013-6077 (Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not ...)
+CVE-2013-6077
 	NOT-FOR-US: Citrix XenDesktop
-CVE-2013-6076 (strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a ...)
+CVE-2013-6076
 	- strongswan 5.1.0-3
 	[squeeze] - strongswan <not-affected> (Vulnerable Code not present, introduced by upstream commit 30216000d3752026127c2f91470ce165ab3d3926)
 	[wheezy] - strongswan <not-affected> (Vulnerable Code not present, introduced by upstream commit 30216000d3752026127c2f91470ce165ab3d3926)
-CVE-2013-6075 (The compare_dn function in utils/identification.c in strongSwan 4.3.3 ...)
+CVE-2013-6075
 	{DSA-2789-1}
 	- strongswan 5.1.0-3
-CVE-2013-6074 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
+CVE-2013-6074
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6073
 	RESERVED
@@ -3888,16 +3888,16 @@ CVE-2013-6065
 	RESERVED
 CVE-2013-6064
 	RESERVED
-CVE-2013-6243 (SQL injection vulnerability in the Landing Pages plugin 1.2.3, before ...)
+CVE-2013-6243
 	NOT-FOR-US: WordPress Landing Pages Plugin
-CVE-2013-6167 (Mozilla Firefox through 27 sends HTTP Cookie headers without first ...)
+CVE-2013-6167
 	- iceweasel <removed> (unimportant)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=858215
-CVE-2013-6166 (Google Chrome before 29 sends HTTP Cookie headers without first ...)
+CVE-2013-6166
 	- chromium-browser 31.0.1650.57-1 (low)
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=238041
-CVE-2013-6129 (The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote ...)
+CVE-2013-6129
 	NOT-FOR-US: VBulletin
 CVE-2013-6063
 	RESERVED
@@ -3909,7 +3909,7 @@ CVE-2013-6060
 	RESERVED
 CVE-2013-6059
 	RESERVED
-CVE-2013-6058 (SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows ...)
+CVE-2013-6058
 	NOT-FOR-US: appRain CMS
 CVE-2013-6057
 	RESERVED
@@ -3917,167 +3917,167 @@ CVE-2013-6056
 	RESERVED
 CVE-2013-6055
 	REJECTED
-CVE-2013-6054 (Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and ...)
+CVE-2013-6054
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
-CVE-2013-6053 (OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information ...)
+CVE-2013-6053
 	- openjpeg 1.5.2-1 (bug #731237)
 	[wheezy] - openjpeg <not-affected> (Only affects 1.5)
 	[squeeze] - openjpeg <not-affected> (Only affects 1.5)
-CVE-2013-6052 (OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2013-6052
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
-CVE-2013-6051 (The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not ...)
+CVE-2013-6051
 	{DSA-2803-1}
 	- quagga 0.99.22.4-1 (bug #730513)
 	[squeeze] - quagga <not-affected> (Only affects 0.99.21)
-CVE-2013-6050 (Integer overflow in Links before 2.8 allows remote attackers to cause ...)
+CVE-2013-6050
 	{DSA-2807-1}
 	- links2 2.8-1
-CVE-2013-6049 (apt-listbugs before 0.1.10 creates temporary files insecurely, which ...)
+CVE-2013-6049
 	- apt-listbugs 0.1.10 (low)
 	[squeeze] - apt-listbugs <no-dsa> (Minor issue)
 	[wheezy] - apt-listbugs 0.1.8+deb7u1
-CVE-2013-6048 (The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin ...)
+CVE-2013-6048
 	{DSA-2815-1 DLA-20-1}
 	- munin 2.0.18-1
 	[squeeze] - munin 1.4.5-3+deb6u1
-CVE-2013-6047 (Multiple cross-site scripting (XSS) vulnerabilities in the site ...)
+CVE-2013-6047
 	- ikiwiki-hosting 0.20131025
 	[wheezy] - ikiwiki-hosting <no-dsa> (Minor XSS)
 CVE-2013-6046
 	RESERVED
-CVE-2013-6045 (Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might ...)
+CVE-2013-6045
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
-CVE-2013-6044 (The is_safe_url function in utils/http.py in Django 1.4.x before ...)
+CVE-2013-6044
 	{DSA-2740-1}
 	- python-django 1.5.2-1
-CVE-2013-6043 (The login function in Softaculous Webuzo before 2.1.4 provides ...)
+CVE-2013-6043
 	NOT-FOR-US: Softaculous Webuzo
-CVE-2013-6042 (Cross-site scripting (XSS) vulnerability in filemanager/login.php in ...)
+CVE-2013-6042
 	NOT-FOR-US: Softaculous Webuzo
-CVE-2013-6041 (index.php in Softaculous Webuzo before 2.1.4 allows remote attackers ...)
+CVE-2013-6041
 	NOT-FOR-US: Softaculous Webuzo
-CVE-2013-6040 (Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and ...)
+CVE-2013-6040
 	NOT-FOR-US: MW6 Technologies
-CVE-2013-6039 (Multiple cross-site scripting (XSS) vulnerabilities in NagiosQL 3.2 ...)
+CVE-2013-6039
 	NOT-FOR-US: NagiosQL
-CVE-2013-6038 (Stack-based buffer overflow in Trimble SketchUp Viewer 13.0.4124 ...)
+CVE-2013-6038
 	NOT-FOR-US: Trimble SketchUp Viewer
-CVE-2013-6037 (Cross-site scripting (XSS) vulnerability in index.php in Aker Secure ...)
+CVE-2013-6037
 	NOT-FOR-US: Aker Secure Mail Gateway
 CVE-2013-6036
 	RESERVED
-CVE-2013-6035 (The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN ...)
+CVE-2013-6035
 	NOT-FOR-US: Inmarsat broadband satellite terminals
-CVE-2013-6034 (The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN ...)
+CVE-2013-6034
 	NOT-FOR-US: Inmarsat broadband satellite terminals
-CVE-2013-6033 (Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 ...)
+CVE-2013-6033
 	NOT-FOR-US: Lexmark
-CVE-2013-6032 (cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x ...)
+CVE-2013-6032
 	NOT-FOR-US: Lexmark
-CVE-2013-6031 (The Huawei E355 adapter with firmware 21.157.37.01.910 does not ...)
+CVE-2013-6031
 	NOT-FOR-US: Huawei E355 adapter
-CVE-2013-6030 (Directory traversal vulnerability on the Emerson Network Power Avocent ...)
+CVE-2013-6030
 	NOT-FOR-US: Emerson Network Power
-CVE-2013-6029 (Stack-based buffer overflow in the AT&amp;T Connect Participant ...)
+CVE-2013-6029
 	NOT-FOR-US: AT&T Connect Participant Application
-CVE-2013-6028 (Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail ...)
+CVE-2013-6028
 	NOT-FOR-US: Atmail Webmail Server
-CVE-2013-6027 (Stack-based buffer overflow in the RuntimeDiagnosticPing function in ...)
+CVE-2013-6027
 	NOT-FOR-US: D-Link
-CVE-2013-6026 (The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, ...)
+CVE-2013-6026
 	NOT-FOR-US: D-Link
-CVE-2013-6025 (The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) ...)
+CVE-2013-6025
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6024 (The Edge Client components in F5 BIG-IP APM 10.x through 10.2.4 and ...)
+CVE-2013-6024
 	NOT-FOR-US: F5 BIG-IP
-CVE-2013-6023 (Directory traversal vulnerability in the TVT TD-2308SS-B DVR with ...)
+CVE-2013-6023
 	NOT-FOR-US: TVT TD-2308SS-B DVR
 CVE-2013-6022
 	RESERVED
-CVE-2013-6021 (Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 ...)
+CVE-2013-6021
 	NOT-FOR-US: WatchGuard WSM and Fireware
-CVE-2013-6020 (passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends ...)
+CVE-2013-6020
 	NOT-FOR-US: Tyler Technologies TaxWeb
-CVE-2013-6019 (Cross-site scripting (XSS) vulnerability in Tyler Technologies TaxWeb ...)
+CVE-2013-6019
 	NOT-FOR-US: Tyler Technologies TaxWeb
-CVE-2013-6018 (Cross-site request forgery (CSRF) vulnerability in login.jsp in Tyler ...)
+CVE-2013-6018
 	NOT-FOR-US: Tyler Technologies TaxWeb
-CVE-2013-6017 (Cross-site scripting (XSS) vulnerability in Atmail Webmail Server ...)
+CVE-2013-6017
 	NOT-FOR-US: Atmail Webmail Server
-CVE-2013-6016 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, ...)
+CVE-2013-6016
 	NOT-FOR-US: F5
-CVE-2013-6015 (Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before ...)
+CVE-2013-6015
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6014 (Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before ...)
+CVE-2013-6014
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6013 (Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 ...)
+CVE-2013-6013
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6012 (Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before ...)
+CVE-2013-6012
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6011 (Citrix NetScaler Application Delivery Controller (ADC) 10.0 before ...)
+CVE-2013-6011
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6010 (Cross-site scripting (XSS) vulnerability in the Comment Attachment ...)
+CVE-2013-6010
 	NOT-FOR-US: Wordpress Comment-Attachment plugin
-CVE-2013-6009 (CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, ...)
+CVE-2013-6009
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6008
 	REJECTED
 CVE-2013-6007
 	REJECTED
-CVE-2013-6006 (Cybozu Garoon 3.5 through 3.7 SP2 allows remote attackers to bypass ...)
+CVE-2013-6006
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6005 (Cross-site scripting (XSS) vulnerability in Cybozu Dezie before 8.1.0 ...)
+CVE-2013-6005
 	NOT-FOR-US: Cybozu Dezie
-CVE-2013-6004 (Session fixation vulnerability in Cybozu Garoon before 3.7.2 allows ...)
+CVE-2013-6004
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6003 (CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, ...)
+CVE-2013-6003
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6002 (The server in Cybozu Garoon before 3.7 SP1 allows remote attackers to ...)
+CVE-2013-6002
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6001 (SQL injection vulnerability in the Space function in Cybozu Garoon ...)
+CVE-2013-6001
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6000 (Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 ...)
+CVE-2013-6000
 	NOT-FOR-US: Tattyan HP TOWN
-CVE-2013-5999 (Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify ...)
+CVE-2013-5999
 	NOT-FOR-US: Kingsoft KDrive Personal
-CVE-2013-5998 (Unspecified vulnerability in the Web manager implementation on D-Link ...)
+CVE-2013-5998
 	NOT-FOR-US: D-Link
-CVE-2013-5997 (Unspecified vulnerability in the SSH implementation on D-Link Japan ...)
+CVE-2013-5997
 	NOT-FOR-US: D-Link
-CVE-2013-5996 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-5996
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5995 (data/class/helper/SC_Helper_Address.php in the front-features ...)
+CVE-2013-5995
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5994 (data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON ...)
+CVE-2013-5994
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5993 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE ...)
+CVE-2013-5993
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5992 (Cross-site scripting (XSS) vulnerability in the displaySystemError ...)
+CVE-2013-5992
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5991 (The displaySystemError function in html/handle_error.php in LOCKON ...)
+CVE-2013-5991
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5990 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; ...)
+CVE-2013-5990
 	NOT-FOR-US: JustSystems Ichitaro
 CVE-2013-5989
 	RESERVED
 CVE-2013-5988
 	RESERVED
-CVE-2013-5987 (Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, ...)
+CVE-2013-5987
 	- nvidia-graphics-drivers 304.117-1 (bug #735271)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/3377
-CVE-2013-5986 (Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, ...)
+CVE-2013-5986
 	- nvidia-graphics-drivers 304.117-1 (bug #735271)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/3377
 CVE-2013-5985
 	RESERVED
-CVE-2013-5984 (Directory traversal vulnerability in ...)
+CVE-2013-5984
 	NOT-FOR-US: Microweber
-CVE-2013-5983 (Multiple cross-site scripting (XSS) vulnerabilities in GuppY before ...)
+CVE-2013-5983
 	NOT-FOR-US: GuppY
 CVE-2013-5982
 	RESERVED
@@ -4085,61 +4085,61 @@ CVE-2013-5981
 	RESERVED
 CVE-2013-5980
 	RESERVED
-CVE-2013-5979 (Directory traversal vulnerability in Spring Signage Xibo 1.2.x before ...)
+CVE-2013-5979
 	NOT-FOR-US: Xibo
 CVE-2013-5978
 	RESERVED
-CVE-2013-5977 (Cross-site request forgery (CSRF) vulnerability in Cart66Product.php ...)
+CVE-2013-5977
 	NOT-FOR-US: Cart66 Lite plugin for WordPress
-CVE-2013-5976 (Cross-site scripting (XSS) vulnerability in the access policy logout ...)
+CVE-2013-5976
 	NOT-FOR-US: F5 BIG-IP APM
-CVE-2013-5975 (The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 ...)
+CVE-2013-5975
 	NOT-FOR-US: F5 BIG-IP APM
 CVE-2013-5974
 	REJECTED
-CVE-2013-5973 (VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to ...)
+CVE-2013-5973
 	NOT-FOR-US: VMware ESXi and ESX
-CVE-2013-5972 (VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 ...)
+CVE-2013-5972
 	NOT-FOR-US: VMware
-CVE-2013-5971 (Session fixation vulnerability in the vSphere Web Client Server in ...)
+CVE-2013-5971
 	NOT-FOR-US: VMware vSphere
-CVE-2013-5970 (hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 ...)
+CVE-2013-5970
 	NOT-FOR-US: VMware ESXi and ESX
 CVE-2013-5969
 	RESERVED
-CVE-2013-5968 (Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through ...)
+CVE-2013-5968
 	NOT-FOR-US: CA SiteMinder
-CVE-2013-5967 (Multiple SQL injection vulnerabilities in AlienVault Open Source ...)
+CVE-2013-5967
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2013-5966 (Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 ...)
+CVE-2013-5966
 	NOT-FOR-US: ZK Framework
-CVE-2013-5965 (The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal ...)
+CVE-2013-5965
 	NOT-FOR-US: Drupal addon
-CVE-2013-5964 (Cross-site scripting (XSS) vulnerability in the administration page in ...)
+CVE-2013-5964
 	NOT-FOR-US: Drupal addon
-CVE-2013-5963 (Unrestricted file upload vulnerability in multi.php in Simple Dropbox ...)
+CVE-2013-5963
 	NOT-FOR-US: WordPress plugin Simple Dropbox Upload
-CVE-2013-5962 (Unrestricted file upload vulnerability in frames/upload-images.php in ...)
+CVE-2013-5962
 	NOT-FOR-US: Complete Gallery Manager plugin for Wordpress
-CVE-2013-5961 (Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO ...)
+CVE-2013-5961
 	NOT-FOR-US: WordPress plugin Lazy SEO
-CVE-2013-5960 (The authenticated-encryption feature in the symmetric-encryption ...)
+CVE-2013-5960
 	NOT-FOR-US: OWASP Enterprise Security API for Java
-CVE-2013-5958 (The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before ...)
+CVE-2013-5958
 	NOT-FOR-US: Symfony
-CVE-2013-5957 (Multiple SQL injection vulnerabilities in ...)
+CVE-2013-5957
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-5956 (Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php ...)
+CVE-2013-5956
 	NOT-FOR-US: Joomla plugin
-CVE-2013-5955 (Cross-site scripting (XSS) vulnerability in manage.php in the ...)
+CVE-2013-5955
 	NOT-FOR-US: Joomla plugin
-CVE-2013-5954 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX ...)
+CVE-2013-5954
 	NOT-FOR-US: OpenX
-CVE-2013-5953 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-5953
 	NOT-FOR-US: Joomla component multi calendar
-CVE-2013-5952 (Multiple cross-site scripting (XSS) vulnerabilities in the Freichat ...)
+CVE-2013-5952
 	NOT-FOR-US: Joomla component Freichat
-CVE-2013-5951 (Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer ...)
+CVE-2013-5951
 	{DSA-2882-1}
 	- extplorer <removed> (bug #741908)
 	NOTE: http://seclists.org/fulldisclosure/2014/Mar/273
@@ -4147,45 +4147,45 @@ CVE-2013-5950
 	RESERVED
 CVE-2013-5949
 	RESERVED
-CVE-2013-5948 (The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS ...)
+CVE-2013-5948
 	NOT-FOR-US: ASUS router
 CVE-2013-5947
 	RESERVED
-CVE-2013-5946 (The runShellCmd function in systemCheck.htm in D-Link DSR-150 with ...)
+CVE-2013-5946
 	NOT-FOR-US: D-Link
 CVE-2013-5945
 	RESERVED
-CVE-2013-5944 (The integrated web server on Siemens SCALANCE X-200 switches with ...)
+CVE-2013-5944
 	NOT-FOR-US: web server on Siemens switches
-CVE-2013-5959 (Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 ...)
+CVE-2013-5959
 	NOT-FOR-US: Blue Coat ProxySG
-CVE-2013-5943 (Multiple cross-site scripting (XSS) vulnerabilities in Graphite before ...)
+CVE-2013-5943
 	- graphite-web 0.9.12+debian-1
-CVE-2013-5942 (Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, ...)
+CVE-2013-5942
 	- graphite-web 0.9.12+debian-1
 CVE-2013-5941
 	RESERVED
 CVE-2013-5940
 	RESERVED
-CVE-2013-5939 (Multiple cross-site scripting (XSS) vulnerabilities in the Guestbook ...)
+CVE-2013-5939
 	NOT-FOR-US: PHPCMS
-CVE-2013-5938 (Cross-site scripting (XSS) vulnerability in the Click2Sell Suite ...)
+CVE-2013-5938
 	NOT-FOR-US: Click2Sell Suite Drupal contributed module
-CVE-2013-5937 (Cross-site request forgery (CSRF) vulnerability in the Click2Sell ...)
+CVE-2013-5937
 	NOT-FOR-US: Click2Sell Suite Drupal contributed module
-CVE-2013-5936 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before ...)
+CVE-2013-5936
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5935 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before ...)
+CVE-2013-5935
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5934 (Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before ...)
+CVE-2013-5934
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5933 (Stack-based buffer overflow in the sub_E110 function in init in a ...)
+CVE-2013-5933
 	NOT-FOR-US: Motorola
-CVE-2013-5932 (Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro ...)
+CVE-2013-5932
 	NOT-FOR-US: Sophos UTM
-CVE-2013-5931 (SQL injection vulnerability in property_listings_detail.php in Real ...)
+CVE-2013-5931
 	NOT-FOR-US: Real Estate PHP Script
-CVE-2013-5930 (Cross-site scripting (XSS) vulnerability in search_residential.php in ...)
+CVE-2013-5930
 	NOT-FOR-US: Real Estate PHP Script
 CVE-2013-5929
 	RESERVED
@@ -4207,470 +4207,470 @@ CVE-2013-5921
 	RESERVED
 CVE-2013-5920
 	RESERVED
-CVE-2013-5919 (Suricata before 1.4.6 allows remote attackers to cause a denial of ...)
+CVE-2013-5919
 	- suricata 2.0-1 (bug #751658)
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	[squeeze] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/commit/cd80dcbfd4616582daa39fa56960208ee8e23262
-CVE-2013-5918 (Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in ...)
+CVE-2013-5918
 	NOT-FOR-US: Platinum SEO plugin for WordPress
-CVE-2013-5917 (SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI ...)
+CVE-2013-5917
 	NOT-FOR-US: NOSpam PTIa plugin for Wordpress
-CVE-2013-5916 (Cross-site scripting (XSS) vulnerability in falha.php in the Bradesco ...)
+CVE-2013-5916
 	NOT-FOR-US: WordPress plugin wp-e-commerce
-CVE-2013-5915 (The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly ...)
+CVE-2013-5915
 	{DSA-2782-1}
 	- polarssl 1.3.1-1 (bug #725359)
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-05
-CVE-2013-5914 (Buffer overflow in the ssl_read_record function in ssl_tls.c in ...)
+CVE-2013-5914
 	{DSA-2782-1}
 	- polarssl 1.2.0-1 (bug #725359)
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-04
-CVE-2013-5913 (Cross-site scripting (XSS) vulnerability in the getRecommSearch ...)
+CVE-2013-5913
 	NOT-FOR-US: OXID eShop
-CVE-2013-5912 (VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server ...)
+CVE-2013-5912
 	NOT-FOR-US: Thomson Reuters Velocity Analytics Vhayu Analytic Server
-CVE-2013-5911 (Cross-site scripting (XSS) vulnerability in devform.php in Tenable ...)
+CVE-2013-5911
 	NOT-FOR-US: Tenable SecurityCenter
-CVE-2013-5910 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE ...)
+CVE-2013-5910
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5909 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2013-5909
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5908 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5908
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2013-5907 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2013-5907
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5906 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 ...)
+CVE-2013-5906
 	- openjdk-6 <not-affected> (Installation performed differently for Linux distros)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-5905 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 ...)
+CVE-2013-5905
 	- openjdk-6 <not-affected> (Installation performed differently for Linux distros)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-5904 (Unspecified vulnerability in Oracle Java SE 7u45 allows remote ...)
+CVE-2013-5904
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-5903
 	REJECTED
-CVE-2013-5902 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2013-5902
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5901 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2013-5901
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5900 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2013-5900
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5899 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2013-5899
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5898 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2013-5898
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5897 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
+CVE-2013-5897
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5896 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2013-5896
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5895 (Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 ...)
+CVE-2013-5895
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5894 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5894
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5893 (Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded ...)
+CVE-2013-5893
 	- openjdk-6 <not-affected> (Only affects OpenJDK 7)
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5892 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2013-5892
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2013-5891 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5891
 	{DSA-2848-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2013-5890 (Unspecified vulnerability in the Oracle Payroll component in Oracle ...)
+CVE-2013-5890
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-5889 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2013-5889
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5888 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when ...)
+CVE-2013-5888
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5887 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2013-5887
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5886 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2013-5886
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5885 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
+CVE-2013-5885
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5884 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2013-5884
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5883 (Unspecified vulnerability in Oracle Solaris 8 allows local users to ...)
+CVE-2013-5883
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5882 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5882
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5881 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5881
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5880 (Unspecified vulnerability in the Oracle Demantra Demand Management ...)
+CVE-2013-5880
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5879 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-5879
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5878 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE ...)
+CVE-2013-5878
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5877 (Unspecified vulnerability in the Oracle Demantra Demand Management ...)
+CVE-2013-5877
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5876 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local ...)
+CVE-2013-5876
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5875 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
+CVE-2013-5875
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5874 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2013-5874
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-5873 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-5873
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5872 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local ...)
+CVE-2013-5872
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5871 (Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical ...)
+CVE-2013-5871
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2013-5870 (Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 ...)
+CVE-2013-5870
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5869 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+CVE-2013-5869
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5868 (Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical ...)
+CVE-2013-5868
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2013-5867 (Unspecified vulnerability in the Siebel Core - Server Infrastructure ...)
+CVE-2013-5867
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5866 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
+CVE-2013-5866
 	NOT-FOR-US: Solaris
-CVE-2013-5865 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
+CVE-2013-5865
 	NOT-FOR-US: Solaris
-CVE-2013-5864 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local ...)
+CVE-2013-5864
 	NOT-FOR-US: Solaris
-CVE-2013-5863 (Unspecified vulnerability in Oracle Solaris 11.1 allows remote ...)
+CVE-2013-5863
 	NOT-FOR-US: Solaris
-CVE-2013-5862 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local ...)
+CVE-2013-5862
 	NOT-FOR-US: Solaris
-CVE-2013-5861 (Unspecified vulnerability in Oracle Solaris 11.1 allows remote ...)
+CVE-2013-5861
 	NOT-FOR-US: Solaris
-CVE-2013-5860 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5860
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5859 (Unspecified vulnerability in the Instantis EnterpriseTrack component ...)
+CVE-2013-5859
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2013-5858 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2013-5858
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5857 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
+CVE-2013-5857
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-5856 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
+CVE-2013-5856
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-5855 (Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not ...)
+CVE-2013-5855
 	- mojarra 2.2.8-1 (low; bug #740586)
 	[squeeze] - mojarra <no-dsa> (Minor issue)
 	[wheezy] - mojarra <no-dsa> (Minor issue)
 	NOTE: https://java.net/jira/browse/JAVASERVERFACES-3150
 	NOTE: https://java.net/projects/mojarra/sources/svn/revision/12793
-CVE-2013-5854 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and ...)
+CVE-2013-5854
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5853 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2013-5853
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5852 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5852
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5851 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java ...)
+CVE-2013-5851
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5850 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5850
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5849 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5849
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5848 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5848
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5847 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS ...)
+CVE-2013-5847
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5846 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and ...)
+CVE-2013-5846
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5845 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
+CVE-2013-5845
 	NOT-FOR-US: Oracle iLearning
-CVE-2013-5844 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and ...)
+CVE-2013-5844
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5843 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5843
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-5842 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5842
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5841 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-5841
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5840 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5840
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5839 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
+CVE-2013-5839
 	NOT-FOR-US: Solaris
-CVE-2013-5838 (Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java ...)
+CVE-2013-5838
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5837 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
+CVE-2013-5837
 	NOT-FOR-US: Solaris
-CVE-2013-5836 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-5836
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5835 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2013-5835
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5834 (Unspecified vulnerability in Oracle Solaris 8 allows local users to ...)
+CVE-2013-5834
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5833 (Unspecified vulnerability in Oracle Solaris 8 and 9 allows local users ...)
+CVE-2013-5833
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5832 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5832
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-5831 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5831
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5830 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5830
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5829 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5829
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5828 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-5828
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-5827 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-5827
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-5826 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2013-5826
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5825 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5825
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5824 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5824
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5823 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5823
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/a7758faab30d
-CVE-2013-5822 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
+CVE-2013-5822
 	NOT-FOR-US: Oracle iLearning
-CVE-2013-5821 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11.1 allows ...)
+CVE-2013-5821
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5820 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5820
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5819 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5819
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5818 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5818
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5817 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5817
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5816 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2013-5816
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2013-5815 (Unspecified vulnerability in the Oracle Identity Analytics component ...)
+CVE-2013-5815
 	NOT-FOR-US: Oracle Fusion Middleware Oracle Identity Analytics
-CVE-2013-5814 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5814
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5813 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2013-5813
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5812 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5812
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5811 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
+CVE-2013-5811
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-5810 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and ...)
+CVE-2013-5810
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5809 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5809
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5808 (Unspecified vulnerability in the Oracle iPlanet Web Proxy Server ...)
+CVE-2013-5808
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5807 (Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 ...)
+CVE-2013-5807
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5 and 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5806 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java ...)
+CVE-2013-5806
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: openjdk-7 package mentioned this CVE, specifc to Mac OS X?
-CVE-2013-5805 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java ...)
+CVE-2013-5805
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: openjdk-7 package mentioned this CVE, specific to MacOS X?
-CVE-2013-5804 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5804
 	- openjdk-6 6b27-1.12.7-1 (unimportant)
 	- openjdk-7 7u45-2.4.3-1 (unimportant)
 	NOTE: Javadoc comments can contain arbitrary HTML
-CVE-2013-5803 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5803
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/0b84d3b434c2
-CVE-2013-5802 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5802
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5801 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5801
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-5800 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java ...)
+CVE-2013-5800
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5799 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2013-5799
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5798 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2013-5798
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5797 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5797
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5796 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2013-5796
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5795 (Unspecified vulnerability in the Oracle Demantra Demand Management ...)
+CVE-2013-5795
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5794 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-5794
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5793 (Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier ...)
+CVE-2013-5793
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5792 (Unspecified vulnerability in the Techstack component in Oracle ...)
+CVE-2013-5792
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-5791 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-5791
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5790 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5790
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5789 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5789
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5788 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java ...)
+CVE-2013-5788
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5787 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5787
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5786 (Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier ...)
+CVE-2013-5786
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5785 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
+CVE-2013-5785
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5784 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5784
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5783 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5783
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/2790e9ace697
-CVE-2013-5782 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5782
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5781 (Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running ...)
+CVE-2013-5781
 	NOT-FOR-US: Oracle PARC Enterprise
-CVE-2013-5780 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
+CVE-2013-5780
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5779 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-5779
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5778 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and ...)
+CVE-2013-5778
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5777 (Unspecified vulnerability in the Java SE and JavaFX components in ...)
+CVE-2013-5777
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5776 (Unspecified vulnerability in the Java SE and Java SE Embedded ...)
+CVE-2013-5776
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5775 (Unspecified vulnerability in the Java SE and JavaFX components in ...)
+CVE-2013-5775
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5774 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and ...)
+CVE-2013-5774
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5773 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2013-5773
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5772 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+CVE-2013-5772
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5771 (Unspecified vulnerability in the XML Parser component in Oracle ...)
+CVE-2013-5771
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5770 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5770
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5769 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2013-5769
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5768 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2013-5768
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5767 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-5767
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5766 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-5766
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-5765 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-5765
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5764 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2013-5764
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5763 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-5763
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5762 (Unspecified vulnerability in the Oracle Siebel CTMS component in ...)
+CVE-2013-5762
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-5761 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script ...)
+CVE-2013-5761
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-5760 (QNAP Photo Station before firmware 4.0.3 build0912 allows remote ...)
+CVE-2013-5760
 	NOT-FOR-US: QNAP firmware
 CVE-2013-5759
 	REJECTED
-CVE-2013-5758 (cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote ...)
+CVE-2013-5758
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2013-5757 (Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G ...)
+CVE-2013-5757
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2013-5756 (Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G ...)
+CVE-2013-5756
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2013-5755 (config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password ...)
+CVE-2013-5755
 	NOT-FOR-US: Yealink IP Phone
-CVE-2013-5754 (The authorization implementation on Dahua DVR appliances accepts a ...)
+CVE-2013-5754
 	NOT-FOR-US: Dahua DVR
 CVE-2013-5753
 	RESERVED
 CVE-2013-5752
 	RESERVED
-CVE-2013-5751 (Directory traversal vulnerability in SAP NetWeaver 7.x allows remote ...)
+CVE-2013-5751
 	NOT-FOR-US: SAP NetWeaver 7.x
-CVE-2013-5750 (The login form in the FriendsOfSymfony FOSUserBundle bundle before ...)
+CVE-2013-5750
 	NOT-FOR-US: FriendsOfSymfony FOSUserBundle
-CVE-2013-5749 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5749
 	NOT-FOR-US: SimpleRisk
-CVE-2013-5748 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-5748
 	NOT-FOR-US: SimpleRisk
 CVE-2013-5747
 	RESERVED
 CVE-2013-5746
 	RESERVED
-CVE-2013-5744 (Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and ...)
+CVE-2013-5744
 	NOT-FOR-US: Feng Office
 CVE-2013-5743
 	RESERVED
@@ -4678,19 +4678,19 @@ CVE-2013-5743
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
 CVE-2013-5742
 	RESERVED
-CVE-2013-5741 (Triangle Research International (aka Tri) Nano-10 PLC devices with ...)
+CVE-2013-5741
 	NOT-FOR-US: Triangle Research International Nano-10 PLC
-CVE-2013-5745 (The vino_server_client_data_pending function in vino-server.c in GNOME ...)
+CVE-2013-5745
 	- vino 3.10.1-1 (low; bug #724545)
 	[wheezy] - vino <no-dsa> (Minor issue)
 	[squeeze] - vino <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2013/Sep/105
-CVE-2013-5740 (Unspecified vulnerability in the Intel Trusted Execution Technology ...)
+CVE-2013-5740
 	NOT-FOR-US: Intel Trusted Execution Technology
-CVE-2013-5739 (The default configuration of WordPress before 3.6.1 does not prevent ...)
+CVE-2013-5739
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1
-CVE-2013-5738 (The get_allowed_mime_types function in wp-includes/functions.php in ...)
+CVE-2013-5738
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1
 CVE-2013-5737
@@ -4707,7 +4707,7 @@ CVE-2013-5732
 	RESERVED
 CVE-2013-5731
 	RESERVED
-CVE-2013-5730 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
+CVE-2013-5730
 	NOT-FOR-US: D-Link
 CVE-2013-5729
 	RESERVED
@@ -4715,114 +4715,114 @@ CVE-2013-5728
 	RESERVED
 CVE-2013-5727
 	RESERVED
-CVE-2013-5726 (Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not ...)
+CVE-2013-5726
 	NOT-FOR-US: Tweetbot for iOS and Mac
-CVE-2013-5725 (The Metaclassy Byword app 2.x before 2.1 for iOS does not require ...)
+CVE-2013-5725
 	NOT-FOR-US: Byword for iOS
-CVE-2013-5724 (Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable ...)
+CVE-2013-5724
 	{DSA-2752-1}
 	- phpbb3 3.0.11-4 (bug #711172)
-CVE-2013-5723 (SQL injection vulnerability in SAP NetWeaver 7.30 allows remote ...)
+CVE-2013-5723
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-5716 (Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows ...)
+CVE-2013-5716
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2013-5715 (Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has ...)
+CVE-2013-5715
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2013-5714 (Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php ...)
+CVE-2013-5714
 	NOT-FOR-US: WordPress plugin videowhisper-live-streaming-integration
 CVE-2013-5713
 	RESERVED
 CVE-2013-5712
 	RESERVED
-CVE-2013-5711 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5711
 	NOT-FOR-US: Design-approval-system Plugin for WordPress
-CVE-2013-5722 (Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x ...)
+CVE-2013-5722
 	{DSA-2756-1}
 	- wireshark 1.10.2-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-59.html
-CVE-2013-5721 (The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ ...)
+CVE-2013-5721
 	{DLA-497-1}
 	- wireshark 1.10.2-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-58.html
-CVE-2013-5720 (Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 ...)
+CVE-2013-5720
 	{DSA-2756-1}
 	- wireshark 1.10.2-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-57.html
-CVE-2013-5719 (epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark ...)
+CVE-2013-5719
 	{DLA-497-1}
 	- wireshark 1.10.2-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-56.html
-CVE-2013-5718 (The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in ...)
+CVE-2013-5718
 	{DSA-2756-1}
 	- wireshark 1.10.2-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-55.html
-CVE-2013-5717 (The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does ...)
+CVE-2013-5717
 	- wireshark 1.10.2-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-54.html
-CVE-2013-5710 (The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel ...)
+CVE-2013-5710
 	{DSA-2769-1}
 	- kfreebsd-9 9.2~svn255465-1 (bug #722337)
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
-CVE-2013-5709 (The authentication implementation in the web server on Siemens ...)
+CVE-2013-5709
 	NOT-FOR-US: Siemens SCALANCE X-200
-CVE-2013-5708 (Coursemill Learning Management System (LMS) 6.8 constructs secret ...)
+CVE-2013-5708
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-5707 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
+CVE-2013-5707
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-5706 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
+CVE-2013-5706
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-5705 (apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote ...)
+CVE-2013-5705
 	{DSA-2991-1 DLA-34-1}
 	- modsecurity-apache 2.7.7-1
 	- libapache-mod-security <removed>
 	[squeeze] - libapache-mod-security 2.5.12-1+squeeze4
 	NOTE: Upstream commit: https://github.com/SpiderLabs/ModSecurity/commit/f8d441cd25172fdfe5b613442fedfc0da3cc333d
 	NOTE: http://martin.swende.se/blog/HTTPChunked.html
-CVE-2013-5704 (The mod_headers module in the Apache HTTP Server 2.2.22 allows remote ...)
+CVE-2013-5704
 	{DLA-71-1}
 	- apache2 2.4.10-2 (medium)
 	[wheezy] - apache2 2.2.22-13+deb7u4
 	NOTE: http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2
-CVE-2013-5703 (The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute ...)
+CVE-2013-5703
 	NOT-FOR-US: DrayTek Vigor 2700 router
-CVE-2013-5702 (Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in ...)
+CVE-2013-5702
 	NOT-FOR-US: Watchguard Server Center
-CVE-2013-5701 (Multiple untrusted search path vulnerabilities in (1) Watchguard Log ...)
+CVE-2013-5701
 	NOT-FOR-US: Watchguard Server Center
-CVE-2013-5700 (The Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x ...)
+CVE-2013-5700
 	- bitcoin 0.8.4-1
 	NOTE: https://bitcointalk.org/index.php?topic=287351.0
 CVE-2013-5699
 	RESERVED
-CVE-2013-5698 (Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and ...)
+CVE-2013-5698
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5697 (SQL injection vulnerability in mod_accounting.c in the mod_accounting ...)
+CVE-2013-5697
 	- libapache-mod-acct <removed>
-CVE-2013-5696 (inc/central.class.php in GLPI before 0.84.2 does not attempt to make ...)
+CVE-2013-5696
 	- glpi 0.84.2-1 (unimportant; bug #723837)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-5695 (Multiple cross-site scripting (XSS) vulnerabilities in Opsview before ...)
+CVE-2013-5695
 	NOT-FOR-US: Ops View
-CVE-2013-5694 (SQL injection vulnerability in status/service/acknowledge in Opsview ...)
+CVE-2013-5694
 	NOT-FOR-US: Ops View
-CVE-2013-5693 (Cross-site scripting (XSS) vulnerability in X2Engine X2CRM before 3.5 ...)
+CVE-2013-5693
 	NOT-FOR-US: X2CRM
-CVE-2013-5692 (Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows ...)
+CVE-2013-5692
 	NOT-FOR-US: X2CRM
-CVE-2013-5691 (The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in ...)
+CVE-2013-5691
 	{DSA-2769-1}
 	- kfreebsd-9 9.2~svn255465-1 (bug #722338)
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
-CVE-2013-5690 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+CVE-2013-5690
 	NOT-FOR-US: Open-Xchange
 CVE-2013-5687
 	RESERVED
@@ -4838,34 +4838,34 @@ CVE-2013-5682
 	RESERVED
 CVE-2013-5681
 	RESERVED
-CVE-2013-5680 (Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, ...)
+CVE-2013-5680
 	- hylafax <not-affected> (Not built with LDAP support)
 	NOTE: http://www.securityfocus.com/archive/1/528943/30/0/threaded
-CVE-2013-5679 (The authenticated-encryption feature in the symmetric-encryption ...)
+CVE-2013-5679
 	NOT-FOR-US: OWASP Enterprise Security API for Java
 CVE-2013-5678
 	RESERVED
 CVE-2013-5677
 	RESERVED
-CVE-2013-5676 (The Jenkins Plugin for SonarQube 3.7 and earlier allows remote ...)
+CVE-2013-5676
 	NOT-FOR-US: SonarQube Jenkins plugin
-CVE-2013-5674 (badges/external.php in Moodle 2.5.x before 2.5.2 does not properly ...)
+CVE-2013-5674
 	- moodle 2.5.2-1
 	[squeeze] - moodle <not-affected> (Only affects 2.5.x)
-CVE-2013-5669 (The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext ...)
+CVE-2013-5669
 	NOT-FOR-US: Thecus NAS server N8800
-CVE-2013-5668 (The ADS/NT Support page on the Thecus NAS server N8800 with firmware ...)
+CVE-2013-5668
 	NOT-FOR-US: Thecus NAS server N8800
-CVE-2013-5667 (The Thecus NAS server N8800 with firmware 5.03.01 allows remote ...)
+CVE-2013-5667
 	NOT-FOR-US: Thecus NAS server N8800
-CVE-2013-5666 (The sendfile system-call implementation in sys/kern/uipc_syscalls.c in ...)
+CVE-2013-5666
 	- kfreebsd-9 9.2~svn255465-1 (bug #722336)
 	[wheezy] - kfreebsd-9 <not-affected> (Only affects 9.2.x)
 CVE-2013-5665
 	RESERVED
-CVE-2013-5664 (Cross-site scripting (XSS) vulnerability in the web-based ...)
+CVE-2013-5664
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2013-5663 (The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, ...)
+CVE-2013-5663
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2013-5662
 	RESERVED
@@ -4874,7 +4874,7 @@ CVE-2013-5661 [DNS response rate limiting can simplify cache poisoning attacks]
 	NOTE: DNS protocol flaw
 	NOTE: http://www.certa.ssi.gouv.fr/site/CERTA-2013-AVI-506/index.html
 	NOTE: https://www.isc.org/blogs/cache-poisoning-gets-a-second-wind-from-rrl-probably-not/
-CVE-2013-5660 (Buffer overflow in Power Software WinArchiver 3.2 allows remote ...)
+CVE-2013-5660
 	NOT-FOR-US: Power Software WinArchiver
 CVE-2013-5659
 	RESERVED
@@ -4886,48 +4886,48 @@ CVE-2013-5656
 	RESERVED
 CVE-2013-5689 [Arbitrary File Upload]
 	REJECTED
-CVE-2013-5688 (Multiple directory traversal vulnerabilities in index.php in ...)
+CVE-2013-5688
 	- ajaxplorer <itp> (bug #668381)
 CVE-2013-5675
 	RESERVED
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-4298 (The ReadGIFImage function in coders/gif.c in ImageMagick before ...)
+CVE-2013-4298
 	{DSA-2750-1}
 	- imagemagick 8:6.7.7.10-6 (bug #721273)
 	[squeeze] - imagemagick <not-affected> (Code not vulnerable)
-CVE-2013-5673 (SQL injection vulnerability in testimonial.php in the IndiaNIC ...)
+CVE-2013-5673
 	NOT-FOR-US: IndiaNIC Testimonial plugin 2.2 for WordPress
-CVE-2013-5672 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2013-5672
 	NOT-FOR-US: IndiaNIC Testimonial plugin 2.2 for WordPress
-CVE-2013-5671 (lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for ...)
+CVE-2013-5671
 	NOT-FOR-US: fog-dragonfly Ruby Gem
-CVE-2013-5670 (Cross-site scripting (XSS) vulnerability in spell-check-savedicts.php ...)
+CVE-2013-5670
 	- serendipity <not-affected> (Spellcheck plugin not included in 1.5.x)
-CVE-2013-5653 (The getenv and filenameforall functions in Ghostscript 9.10 ignore the ...)
+CVE-2013-5653
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (low; bug #839118)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=694724
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8
 CVE-2013-5652
 	RESERVED
-CVE-2013-5650 (Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before ...)
+CVE-2013-5650
 	NOT-FOR-US: Junos Pulse Secure Access Service
-CVE-2013-5649 (Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos ...)
+CVE-2013-5649
 	NOT-FOR-US: Juniper
-CVE-2013-5655 (Directory traversal vulnerability in the FTP server in YingZhi Python ...)
+CVE-2013-5655
 	NOT-FOR-US: YingZhi Python for iOS
-CVE-2013-5654 (Vulnerability in YingZhi Python Programming Language v1.9 allows ...)
+CVE-2013-5654
 	NOT-FOR-US: YingZhi Python for iOS
-CVE-2013-5651 (The virBitmapParse function in util/virbitmap.c in libvirt before ...)
+CVE-2013-5651
 	- libvirt 1.1.2~rc1-1
 	[jessie] - libvirt <not-affected> (vulnerable code not introduced, introduced in v0.10.2-rc1)
 	[wheezy] - libvirt <not-affected> (vulnerable code not introduced, introduced in v0.10.2-rc1)
 	[squeeze] - libvirt <not-affected> (vulnerable code not introduced, introduced in v0.10.2-rc1)
 	NOTE: introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0fc89098a68f0f6962de8be4fc03ddd960ffbf08
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=47b9127e883677a0d60d767030a147450e919a25
-CVE-2013-5646 (Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git ...)
+CVE-2013-5646
 	- roundcube <not-affected> (Unclear, 0.9.2 reported not affected, all other issues covered by CVE-2013-5645)
-CVE-2013-5645 (Multiple cross-site scripting (XSS) vulnerabilities in Roundcube ...)
+CVE-2013-5645
 	- roundcube 0.9.4-1 (bug #721592)
 	[wheezy] - roundcube <no-dsa> (Minor issue)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
@@ -4938,19 +4938,19 @@ CVE-2013-5644
 	RESERVED
 CVE-2013-5643
 	REJECTED
-CVE-2013-5640 (Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote ...)
+CVE-2013-5640
 	NOT-FOR-US: Gnew
-CVE-2013-5639 (Directory traversal vulnerability in users/login.php in Gnew 2013.1 ...)
+CVE-2013-5639
 	NOT-FOR-US: Gnew
-CVE-2013-5648 (Absolute path traversal vulnerability in the handleStartDataFile ...)
+CVE-2013-5648
 	- libdigidoc <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-5647 (lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote ...)
+CVE-2013-5647
 	NOT-FOR-US: Sounder Ruby Gem
-CVE-2013-5642 (The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source ...)
+CVE-2013-5642
 	{DSA-2749-1}
 	- asterisk 1:11.5.1~dfsg-1 (bug #721220)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2013-005.html
-CVE-2013-5641 (The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source ...)
+CVE-2013-5641
 	{DSA-2749-1}
 	- asterisk 1:11.5.1~dfsg-1 (bug #721220)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2013-004.html
@@ -4958,9 +4958,9 @@ CVE-2013-5638
 	RESERVED
 CVE-2013-5637
 	RESERVED
-CVE-2013-5636 (Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint ...)
+CVE-2013-5636
 	NOT-FOR-US: Check Point Endpoint Security
-CVE-2013-5635 (Media Encryption EPM Explorer in Check Point Endpoint Security through ...)
+CVE-2013-5635
 	NOT-FOR-US: Check Point Endpoint Security
 CVE-2013-5633
 	REJECTED
@@ -4990,10 +4990,10 @@ CVE-2013-5621
 	REJECTED
 CVE-2013-5620
 	REJECTED
-CVE-2013-5619 (Multiple integer overflows in the binary-search implementation in ...)
+CVE-2013-5619
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
-CVE-2013-5618 (Use-after-free vulnerability in the nsNodeUtils::LastRelease function ...)
+CVE-2013-5618
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5003,7 +5003,7 @@ CVE-2013-5618 (Use-after-free vulnerability in the nsNodeUtils::LastRelease func
 	[squeeze] - iceape <end-of-life>
 CVE-2013-5617
 	RESERVED
-CVE-2013-5616 (Use-after-free vulnerability in the ...)
+CVE-2013-5616
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5011,7 +5011,7 @@ CVE-2013-5616 (Use-after-free vulnerability in the ...)
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5615 (The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ...)
+CVE-2013-5615
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5019,9 +5019,9 @@ CVE-2013-5615 (The JavaScript implementation in Mozilla Firefox before 26.0, Fir
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5614 (Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly ...)
+CVE-2013-5614
 	- iceweasel <not-affected> (Only affects Firefox 25)
-CVE-2013-5613 (Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove ...)
+CVE-2013-5613
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5029,15 +5029,15 @@ CVE-2013-5613 (Use-after-free vulnerability in the PresShell::DispatchSynthMouse
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5612 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+CVE-2013-5612
 	- iceweasel <not-affected> (Only affects Firefox 25)
-CVE-2013-5611 (Mozilla Firefox before 26.0 does not properly remove the Application ...)
+CVE-2013-5611
 	- iceweasel <not-affected> (Only affects Firefox 25)
-CVE-2013-5610 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-5610
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
 	- icedove <not-affected> (Only affects Firefox 25)
-CVE-2013-5609 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-5609
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5047,17 +5047,17 @@ CVE-2013-5609 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[squeeze] - iceape <end-of-life>
 CVE-2013-5608
 	RESERVED
-CVE-2013-5607 (Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape ...)
+CVE-2013-5607
 	{DSA-2820-1}
 	- nspr 2:4.10.2-1
-CVE-2013-5606 (The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla ...)
+CVE-2013-5606
 	{DSA-2994-1 DLA-23-1}
 	- nss 2:3.15.3-1 (bug #735105)
 	[squeeze] - nss 3.12.8-1+squeeze8
-CVE-2013-5605 (Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 ...)
+CVE-2013-5605
 	{DSA-2800-1}
 	- nss 2:3.15.3-1
-CVE-2013-5604 (The txXPathNodeUtils::getBaseURI function in the XSLT processor in ...)
+CVE-2013-5604
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5066,13 +5066,13 @@ CVE-2013-5604 (The txXPathNodeUtils::getBaseURI function in the XSLT processor i
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - iceape <end-of-life>
 	- iceape <removed>
-CVE-2013-5603 (Use-after-free vulnerability in the ...)
+CVE-2013-5603
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5602 (The Worker::SetEventListener function in the Web workers ...)
+CVE-2013-5602
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5081,7 +5081,7 @@ CVE-2013-5602 (The Worker::SetEventListener function in the Web workers ...)
 	[wheezy] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5601 (Use-after-free vulnerability in the ...)
+CVE-2013-5601
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5090,7 +5090,7 @@ CVE-2013-5601 (Use-after-free vulnerability in the ...)
 	- iceape <removed>
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5600 (Use-after-free vulnerability in the ...)
+CVE-2013-5600
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5099,7 +5099,7 @@ CVE-2013-5600 (Use-after-free vulnerability in the ...)
 	[squeeze] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5599 (Use-after-free vulnerability in the nsIPresShell::GetPresContext ...)
+CVE-2013-5599
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5108,13 +5108,13 @@ CVE-2013-5599 (Use-after-free vulnerability in the nsIPresShell::GetPresContext
 	[squeeze] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5598 (PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 ...)
+CVE-2013-5598
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox >=24)
 	- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5597 (Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad ...)
+CVE-2013-5597
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5123,13 +5123,13 @@ CVE-2013-5597 (Use-after-free vulnerability in the nsDocLoader::doStopDocumentLo
 	[squeeze] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5596 (The cycle collection (CC) implementation in Mozilla Firefox before ...)
+CVE-2013-5596
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5595 (The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x ...)
+CVE-2013-5595
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5140,25 +5140,25 @@ CVE-2013-5595 (The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR
 	- iceape <removed>
 CVE-2013-5594
 	RESERVED
-CVE-2013-5593 (The SELECT element implementation in Mozilla Firefox before 25.0, ...)
+CVE-2013-5593
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5592 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-5592
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox >=24)
 	- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5591 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2013-5591
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox >=24)
 	- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5590 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-5590
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5167,17 +5167,17 @@ CVE-2013-5590 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[wheezy] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5634 (arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM ...)
+CVE-2013-5634
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (KVM for arm introduced in 3.9)
 	- linux-2.6 <not-affected> (KVM for arm introduced in 3.9)
-CVE-2013-5586 (Cross-site scripting (XSS) vulnerability in wikka.php in WikkaWiki ...)
+CVE-2013-5586
 	NOT-FOR-US: WikkaWiki
 CVE-2013-5585
 	RESERVED
 CVE-2013-5584
 	RESERVED
-CVE-2013-5583 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5583
 	NOT-FOR-US: Joomla!
 CVE-2013-5582
 	RESERVED
@@ -5187,32 +5187,32 @@ CVE-2013-5581
 	NOT-FOR-US: Ammyy Admin
 CVE-2013-5579
 	RESERVED
-CVE-2013-5578 (Buffer overflow in the ToDot method in the WINGRAPHVIZLib.NEATO ...)
+CVE-2013-5578
 	NOT-FOR-US: StarUML
 CVE-2013-5577
 	RESERVED
 CVE-2013-5574
 	RESERVED
-CVE-2013-5573 (Cross-site scripting (XSS) vulnerability in the default markup ...)
+CVE-2013-5573
 	- jenkins 1.565.2-1 (bug #732708)
 	NOTE: http://seclists.org/fulldisclosure/2013/Dec/159
-CVE-2013-5572 (Zabbix 2.0.5 allows remote authenticated users to discover the LDAP ...)
+CVE-2013-5572
 	- zabbix 1:2.2.2+dfsg-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2013/Sep/151
 	NOTE: Non-issue
 CVE-2013-5571
 	RESERVED
-CVE-2013-5570 (Cross-site scripting (XSS) vulnerability in the Javascript and CSS ...)
+CVE-2013-5570
 	NOT-FOR-US: TYPO3 extension (js_css_optimizer)
-CVE-2013-5569 (SQL injection vulnerability in the Slideshare extension 0.1.0 for ...)
+CVE-2013-5569
 	NOT-FOR-US: TYPO3 extension
-CVE-2013-5589 (SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and ...)
+CVE-2013-5589
 	{DSA-2747-1}
 	- cacti 0.8.8b+dfsg-3
-CVE-2013-5588 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b ...)
+CVE-2013-5588
 	{DSA-2747-1}
 	- cacti 0.8.8b+dfsg-3
-CVE-2013-5587 (Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x ...)
+CVE-2013-5587
 	{DSA-2671-1}
 	- request-tracker3.8 <not-affected> (only covers the issues in 4.x)
 	- request-tracker4 4.0.12-2 (bug #709836)
@@ -5222,274 +5222,274 @@ CVE-2013-5587 (Cross-site scripting (XSS) vulnerability in Request Tracker (RT)
 	NOTE: patch for 4.0.13: https://github.com/bestpractical/rt/compare/rt-4.0.12...rt-4.0.13
 	NOTE: still not clear why the split was done, but confirmed by upstream that this issue
 	NOTE: is covered by the fixes applied for CVE-2013-3371
-CVE-2013-5580 (The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in ...)
+CVE-2013-5580
 	- ngircd <not-affected> (only affects 20, 20.1, and 20.2)
 	NOTE: http://arthur.barton.de/pipermail/ngircd-ml/2013-August/000652.html
-CVE-2013-5576 (administrator/components/com_media/helpers/media.php in the media ...)
+CVE-2013-5576
 	NOT-FOR-US: Joomla!
 CVE-2013-5575
 	REJECTED
-CVE-2013-5568 (The auto-update implementation in Cisco Adaptive Security Appliance ...)
+CVE-2013-5568
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5567 (Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, ...)
+CVE-2013-5567
 	NOT-FOR-US: Cisco ASA
-CVE-2013-5566 (Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote ...)
+CVE-2013-5566
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-5565 (The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers ...)
+CVE-2013-5565
 	NOT-FOR-US: Cisco
-CVE-2013-5564 (The Java process in the Impact server in Cisco Prime Central for ...)
+CVE-2013-5564
 	NOT-FOR-US: Cisco Prime Central for Hosted Collaboration Solution
-CVE-2013-5563 (Cross-site scripting (XSS) vulnerability in Query/NewQueryResult.jsp ...)
+CVE-2013-5563
 	NOT-FOR-US: Cisco CS-MARS
-CVE-2013-5562 (The ITM web server in Cisco Prime Central for Hosted Collaboration ...)
+CVE-2013-5562
 	NOT-FOR-US: Cisco
-CVE-2013-5561 (The Safe Search enforcement feature in Cisco Adaptive Security ...)
+CVE-2013-5561
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5560 (The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2013-5560
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5559 (Buffer overflow in the Active Template Library (ATL) framework in the ...)
+CVE-2013-5559
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
-CVE-2013-5558 (The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 ...)
+CVE-2013-5558
 	NOT-FOR-US: Cisco
-CVE-2013-5557 (The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in ...)
+CVE-2013-5557
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5556 (The license-installation module on the Cisco Nexus 1000V switch ...)
+CVE-2013-5556
 	NOT-FOR-US: Cisco
-CVE-2013-5555 (Cisco Unified Communications Manager (aka CUCM or Unified CM) allows ...)
+CVE-2013-5555
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-5554 (Directory traversal vulnerability in the web-management interface in ...)
+CVE-2013-5554
 	NOT-FOR-US: Cisco Wide Area Application Services
-CVE-2013-5553 (Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote ...)
+CVE-2013-5553
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5552 (Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) ...)
+CVE-2013-5552
 	NOT-FOR-US: Cisco
-CVE-2013-5551 (Cisco Adaptive Security Appliance (ASA) Software, when certain ...)
+CVE-2013-5551
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5550 (The fabric-interconnect component in Cisco Unified Computing System ...)
+CVE-2013-5550
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-5549 (Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented ...)
+CVE-2013-5549
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-5548 (The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is ...)
+CVE-2013-5548
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5547 (Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote ...)
+CVE-2013-5547
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5546 (The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 ...)
+CVE-2013-5546
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5545 (The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ...)
+CVE-2013-5545
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5544 (The VPN authentication functionality in Cisco Adaptive Security ...)
+CVE-2013-5544
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5543 (Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR ...)
+CVE-2013-5543
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5542 (Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), ...)
+CVE-2013-5542
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5541 (Cross-site scripting (XSS) vulnerability in the file-upload interface ...)
+CVE-2013-5541
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5540 (The file-upload feature in Cisco Identity Services Engine (ISE) allows ...)
+CVE-2013-5540
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5539 (The upload-dialog implementation in Cisco Identity Services Engine ...)
+CVE-2013-5539
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5538 (The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak ...)
+CVE-2013-5538
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5537 (The web framework on Cisco Web Security Appliance (WSA), Email ...)
+CVE-2013-5537
 	NOT-FOR-US: Cisco
-CVE-2013-5536 (Cisco Secure Access Control System (ACS) does not properly implement ...)
+CVE-2013-5536
 	NOT-FOR-US: Cisco
-CVE-2013-5535 (The analytics page on Cisco Video Surveillance 4000 IP cameras has ...)
+CVE-2013-5535
 	NOT-FOR-US: Cisco Video Surveillance 4000 IP cameras
-CVE-2013-5534 (Directory traversal vulnerability in the attachment service in the ...)
+CVE-2013-5534
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2013-5533 (The image-upgrade functionality on Cisco 9900 Unified IP phones allows ...)
+CVE-2013-5533
 	NOT-FOR-US: Cisco
-CVE-2013-5532 (Buffer overflow in the web-application interface on Cisco 9900 IP ...)
+CVE-2013-5532
 	NOT-FOR-US: Cisco
-CVE-2013-5531 (Cisco Identity Services Engine (ISE) 1.x before 1.1.1 allows remote ...)
+CVE-2013-5531
 	NOT-FOR-US: Cisco
-CVE-2013-5530 (The web framework in Cisco Identity Services Engine (ISE) 1.0 and ...)
+CVE-2013-5530
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5529 (The deployment module in the server in Cisco WebEx Meeting Center does ...)
+CVE-2013-5529
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2013-5528 (Directory traversal vulnerability in the Tomcat administrative web ...)
+CVE-2013-5528
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-5527 (The OSPF functionality in Cisco IOS and IOS XE allows remote attackers ...)
+CVE-2013-5527
 	NOT-FOR-US: Cisco
-CVE-2013-5526 (Cisco 9900 fourth-generation IP phones do not properly perform SDP ...)
+CVE-2013-5526
 	NOT-FOR-US: Cisco
-CVE-2013-5525 (SQL injection vulnerability in the web framework in Cisco Identity ...)
+CVE-2013-5525
 	NOT-FOR-US: Cisco
-CVE-2013-5524 (Cross-site scripting (XSS) vulnerability in the troubleshooting page ...)
+CVE-2013-5524
 	NOT-FOR-US: Cisco
-CVE-2013-5523 (The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and ...)
+CVE-2013-5523
 	NOT-FOR-US: Cisco
-CVE-2013-5522 (Cisco IOS on Catalyst 3750X switches has default Service Module ...)
+CVE-2013-5522
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5521 (Cisco Identity Services Engine does not properly restrict the creation ...)
+CVE-2013-5521
 	NOT-FOR-US: Cisco
 CVE-2013-5520
 	RESERVED
-CVE-2013-5519 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2013-5519
 	NOT-FOR-US: Cisco
 CVE-2013-5518
 	RESERVED
-CVE-2013-5517 (SQL injection vulnerability in the web framework in Cisco Unified ...)
+CVE-2013-5517
 	NOT-FOR-US: Cisco
-CVE-2013-5516 (The Media Snapshot implementation on Cisco TelePresence Multipoint ...)
+CVE-2013-5516
 	NOT-FOR-US: Cisco
-CVE-2013-5515 (The Clientless SSL VPN feature in Cisco Adaptive Security Appliance ...)
+CVE-2013-5515
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2013-5514
 	RESERVED
-CVE-2013-5513 (Cisco Adaptive Security Appliance (ASA) Software 8.2.x before ...)
+CVE-2013-5513
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5512 (Race condition in the HTTP Deep Packet Inspection (DPI) feature in ...)
+CVE-2013-5512
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5511 (The Adaptive Security Device Management (ASDM) remote-management ...)
+CVE-2013-5511
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5510 (The remote-access VPN implementation in Cisco Adaptive Security ...)
+CVE-2013-5510
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5509 (The SSL implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2013-5509
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5508 (The SQL*Net inspection engine in Cisco Adaptive Security Appliance ...)
+CVE-2013-5508
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5507 (The IPsec implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2013-5507
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5506 (The authorization functionality in Cisco Firewall Services Module ...)
+CVE-2013-5506
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2013-5505 (Cross-site scripting (XSS) vulnerability in an administration page in ...)
+CVE-2013-5505
 	NOT-FOR-US: Cisco
-CVE-2013-5504 (Cross-site scripting (XSS) vulnerability in the Mobile Device ...)
+CVE-2013-5504
 	NOT-FOR-US: Cisco
-CVE-2013-5503 (The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon ...)
+CVE-2013-5503
 	NOT-FOR-US: Cisco
-CVE-2013-5502 (The web interface in Cisco MediaSense does not properly protect the ...)
+CVE-2013-5502
 	NOT-FOR-US: Cisco MediaSense
-CVE-2013-5501 (Cross-site scripting (XSS) vulnerability in the oraservice page in ...)
+CVE-2013-5501
 	NOT-FOR-US: Cisco MediaSense
-CVE-2013-5500 (Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin ...)
+CVE-2013-5500
 	NOT-FOR-US: Cisco MediaSense
-CVE-2013-5499 (The remember feature in the DHCP server in Cisco IOS allows remote ...)
+CVE-2013-5499
 	NOT-FOR-US: Cisco
-CVE-2013-5498 (The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ...)
+CVE-2013-5498
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-5497 (The authentication manager process in the web framework in Cisco ...)
+CVE-2013-5497
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2013-5496 (Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote ...)
+CVE-2013-5496
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-5495 (Cross-site scripting (XSS) vulnerability in the web framework in the ...)
+CVE-2013-5495
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2013-5494 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2013-5494
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2013-5493 (The diagnostic module in the firmware on Cisco Virtualization ...)
+CVE-2013-5493
 	NOT-FOR-US: Cisco
-CVE-2013-5492 (administration.jsp in Cisco SocialMiner allows remote attackers to ...)
+CVE-2013-5492
 	NOT-FOR-US: Cisco
 CVE-2013-5491
 	RESERVED
-CVE-2013-5490 (Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows ...)
+CVE-2013-5490
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
-CVE-2013-5489 (The gadget implementation in Cisco SocialMiner does not properly ...)
+CVE-2013-5489
 	NOT-FOR-US: Cisco
-CVE-2013-5488 (Cisco Common Services, as used in Cisco Prime LAN Management Solution ...)
+CVE-2013-5488
 	NOT-FOR-US: Cisco
-CVE-2013-5487 (DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) ...)
+CVE-2013-5487
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
-CVE-2013-5486 (Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN ...)
+CVE-2013-5486
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
 CVE-2013-5485
 	RESERVED
 CVE-2013-5484
 	RESERVED
-CVE-2013-5483 (Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco ...)
+CVE-2013-5483
 	NOT-FOR-US: Cisco
-CVE-2013-5482 (Cisco Prime LAN Management Solution (LMS) does not properly restrict ...)
+CVE-2013-5482
 	NOT-FOR-US: Cisco
-CVE-2013-5481 (The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when ...)
+CVE-2013-5481
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5480 (The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through ...)
+CVE-2013-5480
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5479 (The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through ...)
+CVE-2013-5479
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5478 (Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF ...)
+CVE-2013-5478
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5477 (The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 ...)
+CVE-2013-5477
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5476 (The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2, ...)
+CVE-2013-5476
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5475 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 ...)
+CVE-2013-5475
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5474 (Race condition in the IPv6 virtual fragmentation reassembly (VFR) ...)
+CVE-2013-5474
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5473 (Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through ...)
+CVE-2013-5473
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5472 (The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through ...)
+CVE-2013-5472
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5471 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2013-5471
 	NOT-FOR-US: Cisco Global Site Selector
-CVE-2013-5470 (Cisco Secure Access Control System (ACS) does not properly handle ...)
+CVE-2013-5470
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-5469 (The TCP implementation in Cisco IOS does not properly implement the ...)
+CVE-2013-5469
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5468 (IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 ...)
+CVE-2013-5468
 	NOT-FOR-US: IBM Algo One
-CVE-2013-5467 (Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, ...)
+CVE-2013-5467
 	NOT-FOR-US: IBM Tivoli Monitoring
-CVE-2013-5466 (The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the ...)
+CVE-2013-5466
 	NOT-FOR-US: IBM DB2 and DB2 Connect
-CVE-2013-5465 (IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, ...)
+CVE-2013-5465
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5464 (IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 ...)
+CVE-2013-5464
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5463 (The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 ...)
+CVE-2013-5463
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2013-5462 (IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM ...)
+CVE-2013-5462
 	NOT-FOR-US: IBM
-CVE-2013-5461 (IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli ...)
+CVE-2013-5461
 	NOT-FOR-US: IBM
-CVE-2013-5460 (IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control ...)
+CVE-2013-5460
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5459 (Unspecified vulnerability in IBM Rational Software Architect (RSA) ...)
+CVE-2013-5459
 	NOT-FOR-US: IBM
-CVE-2013-5458 (Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows ...)
+CVE-2013-5458
 	NOT-FOR-US: IBM JDK
-CVE-2013-5457 (Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 ...)
+CVE-2013-5457
 	NOT-FOR-US: IBM JDK
-CVE-2013-5456 (The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 ...)
+CVE-2013-5456
 	NOT-FOR-US: IBM JDK
-CVE-2013-5455 (IBM SmartCloud Provisioning 2.1 before FP3 IF0001 allows remote ...)
+CVE-2013-5455
 	NOT-FOR-US: IBM SmartCloud Provisioning
-CVE-2013-5454 (IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, ...)
+CVE-2013-5454
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5453 (IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote ...)
+CVE-2013-5453
 	NOT-FOR-US: IBM
-CVE-2013-5452 (IBM FileNet Business Process Framework 4.1.0 allows remote ...)
+CVE-2013-5452
 	NOT-FOR-US: IBM FileNet Business Process Framework
 CVE-2013-5451
 	RESERVED
-CVE-2013-5450 (IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz ...)
+CVE-2013-5450
 	NOT-FOR-US: IBM
-CVE-2013-5449 (Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM ...)
+CVE-2013-5449
 	NOT-FOR-US: IBM
-CVE-2013-5448 (Cross-site scripting (XSS) vulnerability in the Right Click Plugin ...)
+CVE-2013-5448
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2013-5447 (Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and ...)
+CVE-2013-5447
 	NOT-FOR-US: IBM Forms Viewer
-CVE-2013-5446 (The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 ...)
+CVE-2013-5446
 	NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
-CVE-2013-5445 (IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before ...)
+CVE-2013-5445
 	NOT-FOR-US: IBM Cognos
-CVE-2013-5444 (The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, ...)
+CVE-2013-5444
 	NOT-FOR-US: IBM Cognos
-CVE-2013-5443 (Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express ...)
+CVE-2013-5443
 	NOT-FOR-US: IBM Cognos
-CVE-2013-5442 (Cross-site scripting (XSS) vulnerability in the Local Management ...)
+CVE-2013-5442
 	NOT-FOR-US: IBM
 CVE-2013-5441
 	RESERVED
-CVE-2013-5440 (IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows ...)
+CVE-2013-5440
 	NOT-FOR-US: IBM InfoSphere Information Server
 CVE-2013-5439
 	RESERVED
-CVE-2013-5438 (Cross-site scripting (XSS) vulnerability in the web server in IBM Flex ...)
+CVE-2013-5438
 	NOT-FOR-US: IBM Flex System Manager
 CVE-2013-5437
 	RESERVED
@@ -5499,135 +5499,135 @@ CVE-2013-5435
 	RESERVED
 CVE-2013-5434
 	RESERVED
-CVE-2013-5433 (The Data Growth Solution for JD Edwards EnterpriseOne in IBM ...)
+CVE-2013-5433
 	NOT-FOR-US: IBM
 CVE-2013-5432
 	RESERVED
-CVE-2013-5431 (Open redirect vulnerability in IBM Tivoli Federated Identity Manager ...)
+CVE-2013-5431
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2013-5430 (The Jazz Team Server component in IBM Security AppScan Enterprise 8.x ...)
+CVE-2013-5430
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-5429 (The Risk Based Access functionality in IBM Tivoli Federated Identity ...)
+CVE-2013-5429
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2013-5428 (IBM WebSphere DataPower XC10 appliances 2.5.0 do not require ...)
+CVE-2013-5428
 	NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
-CVE-2013-5427 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere ...)
+CVE-2013-5427
 	NOT-FOR-US: IBM InfoSphere Master Data Management
-CVE-2013-5426 (Session fixation vulnerability in IBM InfoSphere Master Data ...)
+CVE-2013-5426
 	NOT-FOR-US: IBM
-CVE-2013-5425 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+CVE-2013-5425
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5424 (IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass ...)
+CVE-2013-5424
 	NOT-FOR-US: IBM Flex System Manager
-CVE-2013-5423 (IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows ...)
+CVE-2013-5423
 	NOT-FOR-US: IBM Flex System Manager
-CVE-2013-5422 (The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12, ...)
+CVE-2013-5422
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2013-5421 (Cross-site scripting (XSS) vulnerability in the IMS server before Ifix ...)
+CVE-2013-5421
 	NOT-FOR-US: IBM
-CVE-2013-5420 (The IMS server before Ifix 6 in IBM Security Access Manager for ...)
+CVE-2013-5420
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2013-5419 (Multiple buffer overflows in (1) mkque and (2) mkquedev in ...)
+CVE-2013-5419
 	NOT-FOR-US: IBM AIX
-CVE-2013-5418 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-5418
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5417 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
+CVE-2013-5417
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-5416 (Unspecified vulnerability in IBM Rational ClearCase through 7.1.2.12, ...)
+CVE-2013-5416
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2013-5415 (Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x ...)
+CVE-2013-5415
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2013-5414 (The migration functionality in IBM WebSphere Application Server (WAS) ...)
+CVE-2013-5414
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-5413 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not ...)
+CVE-2013-5413
 	NOT-FOR-US: IBM
 CVE-2013-5412
 	RESERVED
-CVE-2013-5411 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow ...)
+CVE-2013-5411
 	NOT-FOR-US: IBM
 CVE-2013-5410
 	RESERVED
-CVE-2013-5409 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator ...)
+CVE-2013-5409
 	NOT-FOR-US: IBM
 CVE-2013-5408
 	RESERVED
-CVE-2013-5407 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not ...)
+CVE-2013-5407
 	NOT-FOR-US: IBM
-CVE-2013-5406 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling ...)
+CVE-2013-5406
 	NOT-FOR-US: IBM
-CVE-2013-5405 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling ...)
+CVE-2013-5405
 	NOT-FOR-US: IBM
-CVE-2013-5404 (Cross-site scripting (XSS) vulnerability in the search implementation ...)
+CVE-2013-5404
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2013-5403 (Unspecified vulnerability on the IBM WebSphere DataPower XC10 ...)
+CVE-2013-5403
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5402 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2013-5402
 	NOT-FOR-US: IBM
-CVE-2013-5401 (The command-port listener in IBM WebSphere MQ Internet Pass-Thru ...)
+CVE-2013-5401
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2013-5400 (An unspecified servlet in IBM Platform Symphony Developer Edition (DE) ...)
+CVE-2013-5400
 	NOT-FOR-US: IBM Platform Symphony Developer Edition
 CVE-2013-5399
 	RESERVED
-CVE-2013-5398 (Unspecified vulnerability in the Webservice Axis Gateway in IBM ...)
+CVE-2013-5398
 	NOT-FOR-US: IBM
-CVE-2013-5397 (Unspecified vulnerability in the Webservice Axis Gateway in IBM ...)
+CVE-2013-5397
 	NOT-FOR-US: IBM
 CVE-2013-5396
 	RESERVED
-CVE-2013-5395 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...)
+CVE-2013-5395
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5394 (The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, ...)
+CVE-2013-5394
 	NOT-FOR-US: IBM WebSphere eXtreme Scale
-CVE-2013-5393 (The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, ...)
+CVE-2013-5393
 	NOT-FOR-US: IBM WebSphere eXtreme Scale
 CVE-2013-5392
 	RESERVED
-CVE-2013-5391 (IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix ...)
+CVE-2013-5391
 	NOT-FOR-US: IBM
-CVE-2013-5390 (Cross-site scripting (XSS) vulnerability in the monitoring console in ...)
+CVE-2013-5390
 	NOT-FOR-US: IBM WebSphere eXtreme Scale
-CVE-2013-5389 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 ...)
+CVE-2013-5389
 	NOT-FOR-US: IBM Domino
-CVE-2013-5388 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 ...)
+CVE-2013-5388
 	NOT-FOR-US: IBM Domino
-CVE-2013-5387 (Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows ...)
+CVE-2013-5387
 	NOT-FOR-US: IBM
 CVE-2013-5386
 	RESERVED
-CVE-2013-5385 (The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries ...)
+CVE-2013-5385
 	NOT-FOR-US: IBM
 CVE-2013-5384
 	RESERVED
-CVE-2013-5383 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...)
+CVE-2013-5383
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5382 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...)
+CVE-2013-5382
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5381 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...)
+CVE-2013-5381
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5380 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...)
+CVE-2013-5380
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5379 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x ...)
+CVE-2013-5379
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-5378 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x ...)
+CVE-2013-5378
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2013-5377
 	RESERVED
-CVE-2013-5376 (Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified ...)
+CVE-2013-5376
 	NOT-FOR-US: IBM Storwize V7000 Unified
-CVE-2013-5375 (Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 ...)
+CVE-2013-5375
 	NOT-FOR-US: IBM JDK
 CVE-2013-5374
 	RESERVED
-CVE-2013-5373 (The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through ...)
+CVE-2013-5373
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2013-5372 (The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, ...)
+CVE-2013-5372
 	NOT-FOR-US: IBM
-CVE-2013-5371 (The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on ...)
+CVE-2013-5371
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2013-5370 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment ...)
+CVE-2013-5370
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-5369 (IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before ...)
+CVE-2013-5369
 	NOT-FOR-US: IBM SPSS Analytical Decision Management
 CVE-2013-5368
 	RESERVED
@@ -5635,9 +5635,9 @@ CVE-2013-5367
 	RESERVED
 CVE-2013-5366
 	RESERVED
-CVE-2013-5365 (Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, ...)
+CVE-2013-5365
 	NOT-FOR-US: Autodesk SketchBook
-CVE-2013-5364 (Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and ...)
+CVE-2013-5364
 	NOT-FOR-US: Secunia CSI Agent
 CVE-2013-5363
 	RESERVED
@@ -5647,27 +5647,27 @@ CVE-2013-5361
 	RESERVED
 CVE-2013-5360
 	RESERVED
-CVE-2013-5359 (Stack-based buffer overflow in Picasa3.exe in Google Picasa before ...)
+CVE-2013-5359
 	NOT-FOR-US: Google Picasa
-CVE-2013-5358 (Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote ...)
+CVE-2013-5358
 	NOT-FOR-US: Google Picasa
-CVE-2013-5357 (Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build ...)
+CVE-2013-5357
 	NOT-FOR-US: Google Picasa
-CVE-2013-5356 (Sharetronix 3.1.1.3, 3.1.1, and earlier does not properly restrict ...)
+CVE-2013-5356
 	NOT-FOR-US: Sharetronix
-CVE-2013-5355 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2013-5355
 	NOT-FOR-US: Sharetronix
-CVE-2013-5354 (Multiple SQL injection vulnerabilities in Sharetronix 3.1.1 allow ...)
+CVE-2013-5354
 	NOT-FOR-US: Sharetronix
-CVE-2013-5353 (Unrestricted file upload vulnerability in ...)
+CVE-2013-5353
 	NOT-FOR-US: Sharetronix
-CVE-2013-5352 (Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to ...)
+CVE-2013-5352
 	NOT-FOR-US: Sharetronix
-CVE-2013-5351 (Heap-based buffer overflow in IrfanView before 4.37 allows remote ...)
+CVE-2013-5351
 	NOT-FOR-US: IrfanView
-CVE-2013-5350 (The &quot;Remember me&quot; feature in the ...)
+CVE-2013-5350
 	NOT-FOR-US: OpenPNE
-CVE-2013-5349 (Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build ...)
+CVE-2013-5349
 	NOT-FOR-US: Google Picasa
 CVE-2013-5348
 	REJECTED
@@ -5697,76 +5697,76 @@ CVE-2013-5336
 	REJECTED
 CVE-2013-5335
 	REJECTED
-CVE-2013-5334 (Adobe Shockwave Player before 12.0.7.148 allows attackers to execute ...)
+CVE-2013-5334
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-5333 (Adobe Shockwave Player before 12.0.7.148 allows attackers to execute ...)
+CVE-2013-5333
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-5332 (Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before ...)
+CVE-2013-5332
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5331 (Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before ...)
+CVE-2013-5331
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5330 (Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before ...)
+CVE-2013-5330
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5329 (Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before ...)
+CVE-2013-5329
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5328 (Adobe ColdFusion 10 before Update 12 allows remote attackers to read ...)
+CVE-2013-5328
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-5327 (MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary ...)
+CVE-2013-5327
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2013-5326 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 ...)
+CVE-2013-5326
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-5325 (Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote ...)
+CVE-2013-5325
 	NOT-FOR-US: Adobe
-CVE-2013-5324 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 ...)
+CVE-2013-5324
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5323 (Cross-site scripting (XSS) vulnerability in the Static Info Tables ...)
+CVE-2013-5323
 	NOT-FOR-US: TYPO3 extension (Static Info Tables)
-CVE-2013-5322 (SQL injection vulnerability in the CoolURI extension before 1.0.30 for ...)
+CVE-2013-5322
 	NOT-FOR-US: TYPO3 extension (CoolURI)
-CVE-2013-5321 (Multiple SQL injection vulnerabilities in AlienVault Open Source ...)
+CVE-2013-5321
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2013-5320 (Cross-site scripting (XSS) vulnerability in Forums/EditPost.aspx in ...)
+CVE-2013-5320
 	NOT-FOR-US: mojoPortal
-CVE-2013-5319 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5319
 	NOT-FOR-US: Atlassian JIRA
-CVE-2013-5318 (SQL injection vulnerability in Ginkgo CMS 5.0 allows remote attackers ...)
+CVE-2013-5318
 	NOT-FOR-US: Ginkgo CMS
-CVE-2013-5317 (Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows ...)
+CVE-2013-5317
 	NOT-FOR-US: RiteCMS
-CVE-2013-5316 (Cross-site request forgery (CSRF) vulnerability in RiteCMS 1.0.0 ...)
+CVE-2013-5316
 	NOT-FOR-US: RiteCMS
-CVE-2013-5313 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-5313
 	NOT-FOR-US: BigTree CMS
-CVE-2013-5312 (Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech ...)
+CVE-2013-5312
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2013-5311 (Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 ...)
+CVE-2013-5311
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2013-5315 (Cross-site scripting (XSS) vulnerability in the Resource Manager in ...)
+CVE-2013-5315
 	NOT-FOR-US: Drupal module
-CVE-2013-5314 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5314
 	- serendipity <removed>
 	[squeeze] - serendipity <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-5310 (SQL injection vulnerability in the DB Integration (wfqbe) extension ...)
+CVE-2013-5310
 	NOT-FOR-US: TYPO3 extension
-CVE-2013-5309 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5309
 	NOT-FOR-US: FUDforum
-CVE-2013-5308 (Cross-site scripting (XSS) vulnerability in the RealURL Management ...)
+CVE-2013-5308
 	NOT-FOR-US: TYPO3 extension
-CVE-2013-5307 (Cross-site scripting (XSS) vulnerability in the Faceted Search ...)
+CVE-2013-5307
 	NOT-FOR-US: Faceted Search Typo3 extension
-CVE-2013-5306 (SQL injection vulnerability in the Browser - TYPO3 without PHP ...)
+CVE-2013-5306
 	NOT-FOR-US: TYPO3 Extension
-CVE-2013-5305 (Cross-site scripting (XSS) vulnerability in the Store Locator ...)
+CVE-2013-5305
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2013-5304 (SQL injection vulnerability in the Store Locator (locator) extension ...)
+CVE-2013-5304
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2013-5303 (Unspecified vulnerability in the Store Locator (locator) extension ...)
+CVE-2013-5303
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2013-5302 (SQL injection vulnerability in the Faceted Search (ke_search) ...)
+CVE-2013-5302
 	NOT-FOR-US: Faceted Search Typo3 extension
-CVE-2013-5301 (Directory traversal vulnerability in help.php in Trustport Webfilter ...)
+CVE-2013-5301
 	NOT-FOR-US: Trustport Webfilter
-CVE-2013-5300 (Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open ...)
+CVE-2013-5300
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2013-5299
 	RESERVED
@@ -5908,33 +5908,33 @@ CVE-2013-5231
 	RESERVED
 CVE-2013-5230
 	RESERVED
-CVE-2013-5229 (The Remote Desktop full-screen feature in Apple OS X before 10.9 and ...)
+CVE-2013-5229
 	NOT-FOR-US: Apple
-CVE-2013-5228 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
+CVE-2013-5228
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5227 (Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers ...)
+CVE-2013-5227
 	NOT-FOR-US: Safari
 CVE-2013-5226
 	RESERVED
-CVE-2013-5225 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
+CVE-2013-5225
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-5224
 	RESERVED
-CVE-2013-5223 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link ...)
+CVE-2013-5223
 	NOT-FOR-US: D-Link DSL-2760U Gateway
-CVE-2013-5222 (Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for ...)
+CVE-2013-5222
 	NOT-FOR-US: ESRI ArcGIS
-CVE-2013-5221 (The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 ...)
+CVE-2013-5221
 	NOT-FOR-US: Esri ArcGIS
-CVE-2013-5220 (goform/login on the HOT HOTBOX router with software 2.1.11 allows ...)
+CVE-2013-5220
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5219 (Directory traversal vulnerability on the HOT HOTBOX router with ...)
+CVE-2013-5219
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5218 (Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with ...)
+CVE-2013-5218
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5216 (Directory traversal vulnerability in logreader/uploadreader.jsp in ...)
+CVE-2013-5216
 	NOT-FOR-US: Performance Guard
-CVE-2013-5215 (Cross-site scripting (XSS) vulnerability in the web interface &quot;WiFi ...)
+CVE-2013-5215
 	NOT-FOR-US: FOSCAM Wireless IP Camera
 CVE-2013-5214
 	RESERVED
@@ -5943,7 +5943,7 @@ CVE-2013-5213
 CVE-2013-5212
 	RESERVED
 	NOT-FOR-US: easyXDM
-CVE-2013-5211 (The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 ...)
+CVE-2013-5211
 	- ntp 1:4.2.8p3+dfsg-1 (low; bug #733940)
 	[jessie] - ntp <no-dsa> (No backportable code fix exists, default configuration is safe, tiny subsection of affected users can run a backport)
 	[wheezy] - ntp <no-dsa> (No backportable code fix exists, default configuration is safe, tiny subsection of affected users can run a backport)
@@ -5951,16 +5951,16 @@ CVE-2013-5211 (The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=1532
 	NOTE: mitigated if noquery used. Only a problem for (public) ntp servers allowing
 	NOTE: querying ntpd status, so allowing monlist
-CVE-2013-5210 (Cross-site scripting (XSS) vulnerability in the GUI login page in ...)
+CVE-2013-5210
 	NOT-FOR-US: Adtran Netvanta
-CVE-2013-5209 (The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in ...)
+CVE-2013-5209
 	{DSA-2743-1}
 	- kfreebsd-8 <removed> (bug #720476)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 9.2~svn254368-2 (bug #720475)
 	- kfreebsd-10 10.0~svn254663-1 (bug #720478)
-CVE-2013-5208 (HR Systems Strategies info:HR HRIS 7.9 does not properly protect the ...)
+CVE-2013-5208
 	NOT-FOR-US: HR Systems Strategies
 CVE-2013-5207
 	RESERVED
@@ -5976,157 +5976,157 @@ CVE-2013-5202
 	RESERVED
 CVE-2013-5201
 	RESERVED
-CVE-2013-5200 (The (1) REST and (2) memcache interfaces in the Hazelcast cluster API ...)
+CVE-2013-5200
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5199 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
+CVE-2013-5199
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5198 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
+CVE-2013-5198
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5197 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
+CVE-2013-5197
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5196 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
+CVE-2013-5196
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5195 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
+CVE-2013-5195
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-5194
 	RESERVED
-CVE-2013-5193 (The App Store component in Apple iOS before 7.0.4 does not properly ...)
+CVE-2013-5193
 	NOT-FOR-US: Apple
-CVE-2013-5192 (The USB hub controller in Apple Mac OS X before 10.9 allows local ...)
+CVE-2013-5192
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5191 (The syslog implementation in Apple Mac OS X before 10.9 allows local ...)
+CVE-2013-5191
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5190 (Smart Card Services in Apple Mac OS X before 10.9 does not properly ...)
+CVE-2013-5190
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5189 (Apple Mac OS X before 10.9 does not preserve a certain administrative ...)
+CVE-2013-5189
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5188 (The Screen Lock implementation in Apple Mac OS X before 10.9, when ...)
+CVE-2013-5188
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5187 (The Screen Lock implementation in Apple Mac OS X before 10.9 does not ...)
+CVE-2013-5187
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5186 (Power Management in Apple Mac OS X before 10.9 does not properly ...)
+CVE-2013-5186
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5185 (The ldapsearch command-line program in OpenLDAP in Apple Mac OS X ...)
+CVE-2013-5185
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5184 (The kernel in Apple Mac OS X before 10.9 does not properly check for ...)
+CVE-2013-5184
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5183 (Mail in Apple Mac OS X before 10.9, when Kerberos authentication is ...)
+CVE-2013-5183
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5182 (Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof ...)
+CVE-2013-5182
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5181 (The auto-configuration feature in Mail in Apple Mac OS X before 10.9 ...)
+CVE-2013-5181
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5180 (The srandomdev function in Libc in Apple Mac OS X before 10.9, when ...)
+CVE-2013-5180
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5179 (App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass ...)
+CVE-2013-5179
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5178 (LaunchServices in Apple Mac OS X before 10.9 does not properly ...)
+CVE-2013-5178
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5177 (The kernel in Apple Mac OS X before 10.9 allows local users to cause a ...)
+CVE-2013-5177
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5176 (The kernel in Apple Mac OS X before 10.9 does not properly handle ...)
+CVE-2013-5176
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5175 (The kernel in Apple Mac OS X before 10.9 allows local users to obtain ...)
+CVE-2013-5175
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5174 (Integer signedness error in the kernel in Apple Mac OS X before 10.9 ...)
+CVE-2013-5174
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5173 (The random-number generator in the kernel in Apple Mac OS X before ...)
+CVE-2013-5173
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5172 (The kernel in Apple Mac OS X before 10.9 does not properly determine ...)
+CVE-2013-5172
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5171 (CoreGraphics in Apple Mac OS X before 10.9 allows local users to ...)
+CVE-2013-5171
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5170 (Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows ...)
+CVE-2013-5170
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5169 (CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is ...)
+CVE-2013-5169
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5168 (Console in Apple Mac OS X before 10.9 allows user-assisted remote ...)
+CVE-2013-5168
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5167 (CFNetwork in Apple Mac OS X before 10.9 does not properly support ...)
+CVE-2013-5167
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5166 (The Bluetooth USB host controller in Apple Mac OS X before 10.9 ...)
+CVE-2013-5166
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5165 (socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 ...)
+CVE-2013-5165
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5164 (Multiple race conditions in the Phone app in Apple iOS before 7.0.3 ...)
+CVE-2013-5164
 	NOT-FOR-US: Apple iOS
-CVE-2013-5163 (Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update ...)
+CVE-2013-5163
 	NOT-FOR-US: Apple OS X
-CVE-2013-5162 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows ...)
+CVE-2013-5162
 	NOT-FOR-US: Apple iOS
-CVE-2013-5161 (Passcode Lock in Apple iOS before 7.0.2 does not properly manage the ...)
+CVE-2013-5161
 	NOT-FOR-US: Apple iOS
-CVE-2013-5160 (Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows ...)
+CVE-2013-5160
 	NOT-FOR-US: Apple iOS
-CVE-2013-5159 (WebKit in Apple iOS before 7 allows remote attackers to bypass the ...)
+CVE-2013-5159
 	NOT-FOR-US: Apple iOS
-CVE-2013-5158 (The Social subsystem in Apple iOS before 7 does not properly restrict ...)
+CVE-2013-5158
 	NOT-FOR-US: Apple iOS
-CVE-2013-5157 (The Twitter subsystem in Apple iOS before 7 does not require API ...)
+CVE-2013-5157
 	NOT-FOR-US: Apple iOS
-CVE-2013-5156 (The Telephony subsystem in Apple iOS before 7 does not require API ...)
+CVE-2013-5156
 	NOT-FOR-US: Apple iOS
-CVE-2013-5155 (The Sandbox subsystem in Apple iOS before 7 allows attackers to cause ...)
+CVE-2013-5155
 	NOT-FOR-US: Apple iOS
-CVE-2013-5154 (The Sandbox subsystem in Apple iOS before 7 determines the sandboxing ...)
+CVE-2013-5154
 	NOT-FOR-US: Apple iOS
-CVE-2013-5153 (Springboard in Apple iOS before 7 does not properly manage the lock ...)
+CVE-2013-5153
 	NOT-FOR-US: Apple iOS
-CVE-2013-5152 (Mobile Safari in Apple iOS before 7 allows remote attackers to spoof ...)
+CVE-2013-5152
 	NOT-FOR-US: Apple iOS
-CVE-2013-5151 (Mobile Safari in Apple iOS before 7 does not prevent HTML ...)
+CVE-2013-5151
 	NOT-FOR-US: Apple iOS
-CVE-2013-5150 (The history-clearing feature in Safari in Apple iOS before 7 does not ...)
+CVE-2013-5150
 	NOT-FOR-US: Apple iOS
-CVE-2013-5149 (The Push Notifications subsystem in Apple iOS before 7 provides the ...)
+CVE-2013-5149
 	NOT-FOR-US: Apple iOS
-CVE-2013-5148 (Apple Keynote before 6.0 does not properly handle the interaction ...)
+CVE-2013-5148
 	NOT-FOR-US: Apple Keynote
-CVE-2013-5147 (Passcode Lock in Apple iOS before 7 does not properly manage the lock ...)
+CVE-2013-5147
 	NOT-FOR-US: Apple iOS
 CVE-2013-5146
 	RESERVED
-CVE-2013-5145 (kextd in Kext Management in Apple iOS before 7 does not properly ...)
+CVE-2013-5145
 	NOT-FOR-US: Apple iOS
-CVE-2013-5144 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows ...)
+CVE-2013-5144
 	NOT-FOR-US: Apple iOS
-CVE-2013-5143 (The RADIUS service in Server App in Apple OS X Server before 3.0 ...)
+CVE-2013-5143
 	NOT-FOR-US: Apple OS X Server
-CVE-2013-5142 (The kernel in Apple iOS before 7 does not initialize unspecified ...)
+CVE-2013-5142
 	NOT-FOR-US: Apple iOS
-CVE-2013-5141 (The kernel in Apple iOS before 7 uses an incorrect data size for a ...)
+CVE-2013-5141
 	NOT-FOR-US: Apple iOS
-CVE-2013-5140 (The kernel in Apple iOS before 7 allows remote attackers to cause a ...)
+CVE-2013-5140
 	NOT-FOR-US: Apple iOS
-CVE-2013-5139 (The IOSerialFamily driver in Apple iOS before 7 allows attackers to ...)
+CVE-2013-5139
 	NOT-FOR-US: Apple iOS
-CVE-2013-5138 (IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to ...)
+CVE-2013-5138
 	NOT-FOR-US: Apple iOS
-CVE-2013-5137 (IOKit in Apple iOS before 7 allows attackers to send user-interface ...)
+CVE-2013-5137
 	NOT-FOR-US: Apple iOS
-CVE-2013-5136 (Apple Remote Desktop before 3.7 does not properly use server ...)
+CVE-2013-5136
 	NOT-FOR-US: Apple Remote Desktop
-CVE-2013-5135 (Format string vulnerability in Screen Sharing Server in Apple Mac OS X ...)
+CVE-2013-5135
 	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5134
 	REJECTED
-CVE-2013-5133 (Backup in Apple iOS before 7.1 does not properly restrict symlinks, ...)
+CVE-2013-5133
 	NOT-FOR-US: Apple
-CVE-2013-5132 (Apple AirPort Base Station Firmware before 7.6.4 does not properly ...)
+CVE-2013-5132
 	NOT-FOR-US: Apple AirPort
-CVE-2013-5131 (Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before ...)
+CVE-2013-5131
 	NOT-FOR-US: Apple iOS
-CVE-2013-5130 (WebKit in Apple Safari before 6.1 disables the Private Browsing ...)
+CVE-2013-5130
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5129 (Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple ...)
+CVE-2013-5129
 	NOT-FOR-US: Apple iOS
-CVE-2013-5128 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-5128
 	NOT-FOR-US: Apple iOS
-CVE-2013-5127 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-5127
 	NOT-FOR-US: Apple iOS
-CVE-2013-5126 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-5126
 	NOT-FOR-US: Apple iOS
-CVE-2013-5125 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-5125
 	NOT-FOR-US: Apple iOS
 CVE-2013-5124
 	RESERVED
@@ -6139,15 +6139,15 @@ CVE-2013-5123 [insecure mirroring]
 CVE-2013-5122
 	RESERVED
 	NOT-FOR-US: Linksys
-CVE-2013-5121 (SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows ...)
+CVE-2013-5121
 	NOT-FOR-US: PHPFox
-CVE-2013-5120 (SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows ...)
+CVE-2013-5120
 	NOT-FOR-US: PHPFox
-CVE-2013-5119 (Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows ...)
+CVE-2013-5119
 	NOT-FOR-US: Zimbra Collaboration Suite
-CVE-2013-5118 (Cross-site scripting (XSS) vulnerability in the Good for Enterprise ...)
+CVE-2013-5118
 	NOT-FOR-US: Good for Enterprise app for iOS
-CVE-2013-5117 (SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in ...)
+CVE-2013-5117
 	NOT-FOR-US: DotNetNuke
 CVE-2013-5116
 	RESERVED
@@ -6165,9 +6165,9 @@ CVE-2013-5110
 	RESERVED
 CVE-2013-5109
 	RESERVED
-CVE-2013-5108 (Multiple cross-site scripting (XSS) vulnerabilities in the xn function ...)
+CVE-2013-5108
 	- rockmongo <itp> (bug #702961)
-CVE-2013-5107 (Directory traversal vulnerability in RockMongo 1.1.5 and earlier ...)
+CVE-2013-5107
 	- rockmongo <itp> (bug #702961)
 CVE-2013-5106
 	RESERVED
@@ -6181,26 +6181,26 @@ CVE-2013-5102
 	RESERVED
 CVE-2013-5101
 	RESERVED
-CVE-2013-5100 (Cross-site scripting (XSS) vulnerability in the Static Methods since ...)
+CVE-2013-5100
 	NOT-FOR-US: TYPO3 extension Static Methods
-CVE-2013-5099 (Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS ...)
+CVE-2013-5099
 	NOT-FOR-US: Anchor CMS
-CVE-2013-5098 (Cross-site scripting (XSS) vulnerability in admin/admin.php in the ...)
+CVE-2013-5098
 	NOT-FOR-US: WordPress plugin download-monitor
-CVE-2013-5097 (Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance ...)
+CVE-2013-5097
 	NOT-FOR-US: Juniper Junos Space
-CVE-2013-5096 (Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance ...)
+CVE-2013-5096
 	NOT-FOR-US: Juniper Junos Space
-CVE-2013-5095 (Cross-site scripting (XSS) vulnerability in the web-based interface in ...)
+CVE-2013-5095
 	NOT-FOR-US: Juniper Junos Space
-CVE-2013-5094 (Cross-site scripting (XSS) vulnerability in index.exp in McAfee ...)
+CVE-2013-5094
 	NOT-FOR-US: McAfee Vulnerability Manager
-CVE-2013-5093 (The renderLocalView function in render/views.py in graphite-web in ...)
+CVE-2013-5093
 	- graphite-web 0.9.12+debian-1 (bug #720454)
 	NOTE: http://ceriksen.com/2013/08/20/graphite-remote-code-execution-vulnerability-advisory/
-CVE-2013-5092 (Cross-site scripting (XSS) vulnerability in afa/php/Login.php in ...)
+CVE-2013-5092
 	NOT-FOR-US: AlgoSec Firewall Analyzer
-CVE-2013-5091 (SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 ...)
+CVE-2013-5091
 	NOT-FOR-US: vTiger CRM
 CVE-2013-5090
 	REJECTED
@@ -6238,7 +6238,7 @@ CVE-2013-5074
 	REJECTED
 CVE-2013-5073
 	REJECTED
-CVE-2013-5072 (Cross-site scripting (XSS) vulnerability in Outlook Web Access in ...)
+CVE-2013-5072
 	NOT-FOR-US: Microsoft Exchange Server OWA
 CVE-2013-5071
 	REJECTED
@@ -6252,7 +6252,7 @@ CVE-2013-5067
 	REJECTED
 CVE-2013-5066
 	REJECTED
-CVE-2013-5065 (NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and ...)
+CVE-2013-5065
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-5064
 	REJECTED
@@ -6264,119 +6264,119 @@ CVE-2013-5061
 	REJECTED
 CVE-2013-5060
 	REJECTED
-CVE-2013-5059 (Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web ...)
+CVE-2013-5059
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-5058 (Integer overflow in the kernel-mode drivers in Microsoft Windows XP ...)
+CVE-2013-5058
 	NOT-FOR-US: Microsoft Windows Kernel
-CVE-2013-5057 (hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not ...)
+CVE-2013-5057
 	NOT-FOR-US: Microsoft Windows Kernel
-CVE-2013-5056 (Use-after-free vulnerability in the Scripting Runtime Object Library ...)
+CVE-2013-5056
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-5055
 	REJECTED
-CVE-2013-5054 (Microsoft Office 2013 and 2013 RT allows remote attackers to discover ...)
+CVE-2013-5054
 	NOT-FOR-US: Microsoft Office
 CVE-2013-5053
 	REJECTED
-CVE-2013-5052 (Microsoft Internet Explorer 7 allows remote attackers to execute ...)
+CVE-2013-5052
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5051 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2013-5051
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-5050
 	REJECTED
-CVE-2013-5049 (Microsoft Internet Explorer 6 through 9 allows remote attackers to ...)
+CVE-2013-5049
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5048 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2013-5048
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5047 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2013-5047
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5046 (Microsoft Internet Explorer 7 through 11 allows local users to bypass ...)
+CVE-2013-5046
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5045 (Microsoft Internet Explorer 10 and 11 allows local users to bypass the ...)
+CVE-2013-5045
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-5044
 	REJECTED
 CVE-2013-5043
 	REJECTED
-CVE-2013-5042 (Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR ...)
+CVE-2013-5042
 	NOT-FOR-US: Microsoft ASP.NET SignalR
 CVE-2013-5041
 	REJECTED
 CVE-2013-5040
 	RESERVED
-CVE-2013-5039 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-5039
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5038 (The HOT HOTBOX router with software 2.1.11 allows remote attackers to ...)
+CVE-2013-5038
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5037 (The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of ...)
+CVE-2013-5037
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5036 (The Square Squash allows remote attackers to execute arbitrary code ...)
+CVE-2013-5036
 	NOT-FOR-US: Square Squash
-CVE-2013-5035 (Multiple race conditions in HtmlCleaner before 2.6, as used in ...)
+CVE-2013-5035
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5034 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before ...)
+CVE-2013-5034
 	NOT-FOR-US: Atmail
-CVE-2013-5033 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before ...)
+CVE-2013-5033
 	NOT-FOR-US: Atmail
-CVE-2013-5032 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before ...)
+CVE-2013-5032
 	NOT-FOR-US: Atmail
-CVE-2013-5031 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before ...)
+CVE-2013-5031
 	NOT-FOR-US: Atmail
-CVE-2013-5030 (Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow ...)
+CVE-2013-5030
 	NOT-FOR-US: Ruckus Wireless Zoneflex
-CVE-2013-5029 (phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to ...)
+CVE-2013-5029
 	- phpmyadmin 4:4.0.5-1
 	[squeeze] - phpmyadmin <no-dsa> (Backport not feasible and X-Frame-Options protection enough on any modern browser)
 	[wheezy] - phpmyadmin <no-dsa> (Backport not feasible and X-Frame-Options protection enough on any modern browser)
-CVE-2013-5028 (SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok ...)
+CVE-2013-5028
 	NOT-FOR-US: Kwok Information Server
 CVE-2013-5027
 	RESERVED
-CVE-2013-5026 (An ActiveX control in lookout650.ocx, lookout660.ocx, and ...)
+CVE-2013-5026
 	NOT-FOR-US: National Instruments Lookout
-CVE-2013-5025 (An ActiveX control in exlauncher.dll in the Help subsystem in National ...)
+CVE-2013-5025
 	NOT-FOR-US: National Instruments
-CVE-2013-5024 (An ActiveX control in NationalInstruments.Help2.dll in National ...)
+CVE-2013-5024
 	NOT-FOR-US: National Instruments
-CVE-2013-5023 (The ActiveX controls in the HelpAsst component in NI Help Links in ...)
+CVE-2013-5023
 	NOT-FOR-US: National Instruments
-CVE-2013-5022 (Absolute path traversal vulnerability in the 3D Graph ActiveX control ...)
+CVE-2013-5022
 	NOT-FOR-US: National Instruments
-CVE-2013-5021 (Multiple absolute path traversal vulnerabilities in National ...)
+CVE-2013-5021
 	NOT-FOR-US: National Instruments
-CVE-2013-5020 (Multiple cross-site scripting (XSS) vulnerabilities in bb_admin.php in ...)
+CVE-2013-5020
 	NOT-FOR-US: miniBB
-CVE-2013-5019 (Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote ...)
+CVE-2013-5019
 	NOT-FOR-US: Ultra Mini HTTPD
-CVE-2013-5018 (The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not ...)
+CVE-2013-5018
 	- strongswan <not-affected> (Only affects 5.0.4 from experimental)
 	NOTE: The PEM aspect is under control of the administrator, so not a security issue
 	NOTE: The XAuth / EAP Issue only affects 5.0.3/5.0.4
-CVE-2013-5017 (SNMPConfig.php in the management console in Symantec Web Gateway (SWG) ...)
+CVE-2013-5017
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2013-5016 (Symantec Critical System Protection (SCSP) before 5.2.9, when ...)
+CVE-2013-5016
 	NOT-FOR-US: Symantec
-CVE-2013-5015 (SQL injection vulnerability in the management console in Symantec ...)
+CVE-2013-5015
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5014 (The management console in Symantec Endpoint Protection Manager (SEPM) ...)
+CVE-2013-5014
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5013 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2013-5013
 	NOT-FOR-US: Symantec WEB Gateway
-CVE-2013-5012 (Multiple SQL injection vulnerabilities in the management console on ...)
+CVE-2013-5012
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2013-5011 (Unquoted Windows search path vulnerability in the client in Symantec ...)
+CVE-2013-5011
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5010 (The Application/Device Control (ADC) component in the client in ...)
+CVE-2013-5010
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5009 (The Management Console in Symantec Endpoint Protection (SEP) 11.x ...)
+CVE-2013-5009
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5008 (The agent and task-agent components in Symantec Management Platform ...)
+CVE-2013-5008
 	NOT-FOR-US: Symantec
 CVE-2013-5007
 	RESERVED
-CVE-2013-5006 (main_internet.php on the Western Digital My Net N600 and N750 with ...)
+CVE-2013-5006
 	NOT-FOR-US: Western Digital Router
-CVE-2013-5005 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-5005
 	NOT-FOR-US: Tripwire Enterprise
 CVE-2013-5004
 	RESERVED
@@ -6392,217 +6392,217 @@ CVE-2013-4990
 	RESERVED
 CVE-2013-4989
 	RESERVED
-CVE-2013-4988 (Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote ...)
+CVE-2013-4988
 	NOT-FOR-US: IcoFX
-CVE-2013-4987 (PineApp Mail-SeCure before 3.70 allows remote authenticated users to ...)
+CVE-2013-4987
 	NOT-FOR-US: PinApp
-CVE-2013-4986 (Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 ...)
+CVE-2013-4986
 	NOT-FOR-US: PDFCool
 CVE-2013-4985
 	RESERVED
 	NOT-FOR-US: Vivotek IP Cameras
-CVE-2013-4984 (The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos ...)
+CVE-2013-4984
 	NOT-FOR-US: Sophos Web Protection Appliance
-CVE-2013-4983 (The get_referers function in /opt/ws/bin/sblistpack in Sophos Web ...)
+CVE-2013-4983
 	NOT-FOR-US: Sophos Web Protection Appliance
 CVE-2013-4982
 	RESERVED
 	NOT-FOR-US: AVTECH DVR
-CVE-2013-4981 (Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with ...)
+CVE-2013-4981
 	NOT-FOR-US: AVTECH DVR
-CVE-2013-4980 (Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with ...)
+CVE-2013-4980
 	NOT-FOR-US: AVTECH DVR
-CVE-2013-4979 (Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and ...)
+CVE-2013-4979
 	NOT-FOR-US: EPS Viewer
-CVE-2013-4978 (Stack-based buffer overflow in AloahaPDFViewer 5.0.0.7 and earlier in ...)
+CVE-2013-4978
 	NOT-FOR-US: Aloaha PDF Suite
-CVE-2013-4977 (Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E ...)
+CVE-2013-4977
 	NOT-FOR-US: Hikvision IP camera
 CVE-2013-4976
 	RESERVED
 CVE-2013-4975
 	RESERVED
-CVE-2013-4974 (RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 ...)
+CVE-2013-4974
 	NOT-FOR-US: RealPlayer
-CVE-2013-4973 (Stack-based buffer overflow in RealNetworks RealPlayer before ...)
+CVE-2013-4973
 	NOT-FOR-US: RealPlayer
 CVE-2013-4972
 	RESERVED
-CVE-2013-4971 (Puppet Enterprise before 3.2.0 does not properly restrict access to ...)
+CVE-2013-4971
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4970
 	RESERVED
-CVE-2013-4969 (Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) ...)
+CVE-2013-4969
 	{DSA-2831-1}
 	- puppet 3.4.1-1
 	NOTE: http://puppetlabs.com/security/cve/cve-2013-4969
 CVE-2013-4968
 	RESERVED
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4967 (Puppet Enterprise before 3.0.1 allows remote attackers to obtain the ...)
+CVE-2013-4967
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4966 (The master external node classification script in Puppet Enterprise ...)
+CVE-2013-4966
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4965 (Puppet Enterprise before 3.1.0 does not properly restrict the number ...)
+CVE-2013-4965
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4964 (Puppet Enterprise before 3.0.1 does not set the secure flag for the ...)
+CVE-2013-4964
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4963 (Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet ...)
+CVE-2013-4963
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4962 (The reset password page in Puppet Enterprise before 3.0.1 does not ...)
+CVE-2013-4962
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4961 (Puppet Enterprise before 3.0.1 includes version information for the ...)
+CVE-2013-4961
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4960
 	RESERVED
-CVE-2013-4959 (Puppet Enterprise before 3.0.1 uses HTTP responses that contain ...)
+CVE-2013-4959
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4958 (Puppet Enterprise before 3.0.1 does not use a session timeout, which ...)
+CVE-2013-4958
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4957 (The dashboard report in Puppet Enterprise before 3.0.1 allows ...)
+CVE-2013-4957
 	NOT-FOR-US: puppet-dashboard
-CVE-2013-4956 (Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and ...)
+CVE-2013-4956
 	{DSA-2761-1}
 	- puppet 3.2.4-1
 	[squeeze] - puppet <not-affected> (puppet module not yet present)
-CVE-2013-4955 (Open redirect vulnerability in the login page in Puppet Enterprise ...)
+CVE-2013-4955
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4954 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
+CVE-2013-4954
 	NOT-FOR-US: Genetech Solutions Pie-Register
-CVE-2013-4953 (SQL injection vulnerability in play.php in Top Games Script 1.2 allows ...)
+CVE-2013-4953
 	NOT-FOR-US: Top Games Script
-CVE-2013-4952 (SQL injection vulnerability in functions/global.php in Elemata CMS RC ...)
+CVE-2013-4952
 	NOT-FOR-US: Elemata CMS
-CVE-2013-4951 (Multiple cross-site scripting (XSS) vulnerabilities in Mintboard 0.3 ...)
+CVE-2013-4951
 	NOT-FOR-US: Mintboard
-CVE-2013-4950 (Cross-site scripting (XSS) vulnerability in view.php in Machform 2 ...)
+CVE-2013-4950
 	NOT-FOR-US: Machform
-CVE-2013-4949 (Unrestricted file upload vulnerability in view.php in Machform 2 ...)
+CVE-2013-4949
 	NOT-FOR-US: Machform
-CVE-2013-4948 (SQL injection vulnerability in view.php in Machform 2 allows remote ...)
+CVE-2013-4948
 	NOT-FOR-US: Machform
-CVE-2013-4947 (Unspecified vulnerability in the update and build database page in ...)
+CVE-2013-4947
 	NOT-FOR-US: Sawmill
-CVE-2013-4946 (Multiple cross-site scripting (XSS) vulnerabilities in BMC Service ...)
+CVE-2013-4946
 	NOT-FOR-US: BMC Service Desk Express
-CVE-2013-4945 (Multiple SQL injection vulnerabilities in BMC Service Desk Express ...)
+CVE-2013-4945
 	NOT-FOR-US: BMC Service Desk Express
-CVE-2013-4944 (Cross-site scripting (XSS) vulnerability in the BuddyPress Extended ...)
+CVE-2013-4944
 	NOT-FOR-US: BuddyPress
-CVE-2013-4943 (The client application in Siemens COMOS before 9.1 Update 458, 9.2 ...)
+CVE-2013-4943
 	NOT-FOR-US: Siemens COMOS
-CVE-2013-4942 (Cross-site scripting (XSS) vulnerability in flashuploader.swf in the ...)
+CVE-2013-4942
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4941 (Cross-site scripting (XSS) vulnerability in uploader.swf in the ...)
+CVE-2013-4941
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not installed in package)
-CVE-2013-4940 (Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility ...)
+CVE-2013-4940
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4939 (Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility ...)
+CVE-2013-4939
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4938 (The LTI (aka IMS-LTI) mod_form implementation in Moodle through ...)
+CVE-2013-4938
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4995 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before ...)
+CVE-2013-4995
 	{DSA-2975-1 DLA-0014-1}
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin 4:3.3.7-8
-CVE-2013-4996 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2013-4996
 	{DSA-2975-1 DLA-0014-1}
 	- phpmyadmin 4:4.0.4.2-1
 	[squeeze] - phpmyadmin 4:3.3.7-8
-CVE-2013-4997 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2013-4997
 	- phpmyadmin 4:4.0.4.2-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-4998 (phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote ...)
+CVE-2013-4998
 	- phpmyadmin 4:4.0.4.2-1 (unimportant)
 	NOTE: Full path disclosure irrelevant in Debian packages
-CVE-2013-4999 (phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain ...)
+CVE-2013-4999
 	- phpmyadmin 4:4.0.4.2-1 (unimportant)
 	NOTE: Full path disclosure irrelevant in Debian packages
-CVE-2013-5000 (phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain ...)
+CVE-2013-5000
 	- phpmyadmin 4:4.0.4.2-1 (unimportant)
 	NOTE: Full path disclosure irrelevant in Debian packages
-CVE-2013-5001 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5001
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-5002 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-5002
 	{DSA-2975-1}
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-5003 (Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before ...)
+CVE-2013-5003
 	{DSA-2975-1 DLA-0014-1}
 	- phpmyadmin 4:4.0.4.2-1
 	[squeeze] - phpmyadmin 4:3.3.7-8
-CVE-2013-4937 (Multiple unspecified vulnerabilities in the AiCloud feature on the ...)
+CVE-2013-4937
 	NOT-FOR-US: Asus firmware
-CVE-2013-4936 (The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the ...)
+CVE-2013-4936
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4935 (The dissect_per_length_determinant function in ...)
+CVE-2013-4935
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4934 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
+CVE-2013-4934
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4933 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
+CVE-2013-4933
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4932 (Multiple array index errors in epan/dissectors/packet-gsm_a_common.c ...)
+CVE-2013-4932
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4931 (epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 ...)
+CVE-2013-4931
 	{DLA-497-1}
 	- wireshark 1.10.1-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-4930 (The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c ...)
+CVE-2013-4930
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
 	[squeeze] - wireshark <not-affected> (Affected dissector not yet present)
-CVE-2013-4929 (The parseFields function in epan/dissectors/packet-dis-pdus.c in the ...)
+CVE-2013-4929
 	{DLA-497-1}
 	- wireshark 1.10.1-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-4928 (Integer signedness error in the dissect_headers function in ...)
+CVE-2013-4928
 	- wireshark 1.10.1-1 (unimportant)
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
 	NOTE: Not suitable for code injection
-CVE-2013-4927 (Integer signedness error in the get_type_length function in ...)
+CVE-2013-4927
 	{DLA-497-1}
 	- wireshark 1.10.1-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-4926 (epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator ...)
+CVE-2013-4926
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4925 (Integer signedness error in epan/dissectors/packet-dcom-sysact.c in ...)
+CVE-2013-4925
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4924 (epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator ...)
+CVE-2013-4924
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4923 (Memory leak in the dissect_dcom_ActivationProperties function in ...)
+CVE-2013-4923
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4922 (Double free vulnerability in the dissect_dcom_ActivationProperties ...)
+CVE-2013-4922
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4921 (Off-by-one error in the dissect_radiotap function in ...)
+CVE-2013-4921
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4920 (The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly ...)
+CVE-2013-4920
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
@@ -6620,9 +6620,9 @@ CVE-2013-4914
 	RESERVED
 CVE-2013-4913
 	RESERVED
-CVE-2013-4912 (Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 ...)
+CVE-2013-4912
 	NOT-FOR-US: Siemens
-CVE-2013-4911 (Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA ...)
+CVE-2013-4911
 	NOT-FOR-US: Siemens
 CVE-2013-4910
 	RESERVED
@@ -6644,11 +6644,11 @@ CVE-2013-4902
 	RESERVED
 CVE-2013-4901
 	RESERVED
-CVE-2013-4900 (Directory traversal vulnerability in DeWeS web server 0.4.2 and ...)
+CVE-2013-4900
 	NOT-FOR-US: DeWeS web server (Twilight CMS)
-CVE-2013-4899 (Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and ...)
+CVE-2013-4899
 	NOT-FOR-US: Twilight CMS
-CVE-2013-4898 (Unrestricted file upload vulnerability in the user profile page ...)
+CVE-2013-4898
 	NOT-FOR-US: Timeline Plugin for SocialEngine
 CVE-2013-4897
 	REJECTED
@@ -6662,61 +6662,61 @@ CVE-2013-4893
 	RESERVED
 CVE-2013-4892
 	RESERVED
-CVE-2013-4891 (The xss_clean function in CodeIgniter before 2.1.4 might allow remote ...)
+CVE-2013-4891
 	- codeigniter <itp> (bug #471583)
-CVE-2013-4889 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2013-4889
 	NOT-FOR-US: Digital Signage Xibo
-CVE-2013-4888 (Cross-site scripting (XSS) vulnerability in index.php in Digital ...)
+CVE-2013-4888
 	NOT-FOR-US: Digital Signage Xibo
-CVE-2013-4887 (SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 ...)
+CVE-2013-4887
 	NOT-FOR-US: Digital Signage Xibo
 CVE-2013-4886
 	RESERVED
-CVE-2013-4885 (The http-domino-enum-passwords.nse script in NMap before 6.40, when ...)
+CVE-2013-4885
 	- nmap 6.40-0.1 (low; bug #719289)
 	[squeeze] - nmap <not-affected> (Vulnerable code not present)
 	[wheezy] - nmap 6.00-0.3+deb7u1
-CVE-2013-4884 (Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 ...)
+CVE-2013-4884
 	NOT-FOR-US: McAfee SuperScan
 CVE-2013-5217
 	REJECTED
-CVE-2013-4890 (The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote ...)
+CVE-2013-4890
 	NOT-FOR-US: Samsung TV
-CVE-2013-4883 (Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy ...)
+CVE-2013-4883
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-4882 (Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator ...)
+CVE-2013-4882
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-4881 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-4881
 	NOT-FOR-US: BigTree CMS
-CVE-2013-4880 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-4880
 	NOT-FOR-US: BigTree CMS
-CVE-2013-4879 (SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS ...)
+CVE-2013-4879
 	NOT-FOR-US: BigTree CMS
-CVE-2013-4878 (The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on ...)
+CVE-2013-4878
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2013-4877 (The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not ...)
+CVE-2013-4877
 	NOT-FOR-US: Verizon Wireless Network Extender
-CVE-2013-4876 (The Verizon Wireless Network Extender SCS-2U01 has a hardcoded ...)
+CVE-2013-4876
 	NOT-FOR-US: Verizon Wireless Network Extender
-CVE-2013-4875 (The Uboot bootloader on the Verizon Wireless Network Extender SCS-2U01 ...)
+CVE-2013-4875
 	NOT-FOR-US: Verizon Wireless Network Extender SCS-2U01
-CVE-2013-4874 (The Uboot bootloader on the Verizon Wireless Network Extender ...)
+CVE-2013-4874
 	NOT-FOR-US: Verizon Wireless Network Extender
-CVE-2013-4873 (The Yahoo! Tumblr app before 3.4.1 for iOS sends cleartext ...)
+CVE-2013-4873
 	NOT-FOR-US: iOS app
-CVE-2013-4872 (Google Glass before XE6 does not properly restrict the processing of ...)
+CVE-2013-4872
 	NOT-FOR-US: Google Glass
-CVE-2013-4871 (Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO ...)
+CVE-2013-4871
 	NOT-FOR-US: TYPO3 extension tq_seo
-CVE-2013-4870 (SQL injection vulnerability in the News Search (news_search) extension ...)
+CVE-2013-4870
 	NOT-FOR-US: TYPO3 extension news_search
-CVE-2013-4869 (Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and ...)
+CVE-2013-4869
 	NOT-FOR-US: Cisco
 CVE-2013-4868
 	RESERVED
 CVE-2013-4867
 	RESERVED
-CVE-2013-4866 (The LIXIL Corporation My SATIS Genius Toilet application for Android ...)
+CVE-2013-4866
 	NOT-FOR-US: LIXIL Corporation My SATIS Genius Toilet application for Android
 CVE-2013-4865
 	RESERVED
@@ -6728,11 +6728,11 @@ CVE-2013-4862
 	RESERVED
 CVE-2013-4861
 	RESERVED
-CVE-2013-4860 (Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does ...)
+CVE-2013-4860
 	NOT-FOR-US: Radio Thermostat
 CVE-2013-4859
 	RESERVED
-CVE-2013-4858 (Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows ...)
+CVE-2013-4858
 	NOT-FOR-US: Microsoft Windows Movie Maker
 CVE-2013-4857
 	RESERVED
@@ -6740,13 +6740,13 @@ CVE-2013-4856
 	RESERVED
 CVE-2013-4855
 	RESERVED
-CVE-2013-4854 (The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x ...)
+CVE-2013-4854
 	{DSA-2728-1}
 	- bind9 1:9.8.4.dfsg.P1-6+nmu3 (bug #717936)
 	NOTE: https://kb.isc.org/article/AA-01015/0
 CVE-2013-4853
 	RESERVED
-CVE-2013-4852 (Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and ...)
+CVE-2013-4852
 	{DSA-2736-1}
 	- putty 0.63-1 (bug #718779)
 	- filezilla 3.7.3-1 (low; bug #718800)
@@ -6754,7 +6754,7 @@ CVE-2013-4852 (Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6,
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.securityfocus.com/archive/1/527763/30/0
 	NOTE: http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896
-CVE-2013-4851 (The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS ...)
+CVE-2013-4851
 	{DSA-2743-1}
 	- kfreebsd-9 9.1-4 (bug #717958)
 	- kfreebsd-8 8.3-7 (bug #717959)
@@ -6768,171 +6768,171 @@ CVE-2013-4848
 	RESERVED
 CVE-2013-4847
 	RESERVED
-CVE-2013-4846 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2013-4846
 	NOT-FOR-US: HP System Management Homepage
-CVE-2013-4845 (Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka ...)
+CVE-2013-4845
 	NOT-FOR-US: HP Officejet Pro
-CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, ...)
+CVE-2013-4844
 	NOT-FOR-US: HP Service Manager and ServiceCenter
-CVE-2013-4843 (Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with ...)
+CVE-2013-4843
 	NOT-FOR-US: HP iLO
-CVE-2013-4842 (Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 ...)
+CVE-2013-4842
 	NOT-FOR-US: HP iLO
-CVE-2013-4841 (Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in ...)
+CVE-2013-4841
 	NOT-FOR-US: HP StoreVirtual
-CVE-2013-4840 (Unspecified vulnerability in HP and H3C VPN Firewall Module products ...)
+CVE-2013-4840
 	NOT-FOR-US: HP and H3C VPN Firewall Module
-CVE-2013-4839 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner ...)
+CVE-2013-4839
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4838 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner ...)
+CVE-2013-4838
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4837 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner ...)
+CVE-2013-4837
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4836 (Unspecified vulnerability in the GossipService SOAP Request ...)
+CVE-2013-4836
 	NOT-FOR-US: HP Application LifeCycle Management
-CVE-2013-4835 (The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x ...)
+CVE-2013-4835
 	NOT-FOR-US: HP SiteScope
-CVE-2013-4834 (Unspecified vulnerability in the client component in HP Application ...)
+CVE-2013-4834
 	NOT-FOR-US: HP Application LifeCycle Management
-CVE-2013-4833 (Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 ...)
+CVE-2013-4833
 	NOT-FOR-US: HP
-CVE-2013-4832 (HP Service Manager 9.30 through 9.32 allows remote authenticated users ...)
+CVE-2013-4832
 	NOT-FOR-US: HP
-CVE-2013-4831 (HP Service Manager 9.30 through 9.32 does not properly manage ...)
+CVE-2013-4831
 	NOT-FOR-US: HP
-CVE-2013-4830 (HP Service Manager 9.30 through 9.32 allows remote attackers to ...)
+CVE-2013-4830
 	NOT-FOR-US: HP
-CVE-2013-4829 (HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet ...)
+CVE-2013-4829
 	NOT-FOR-US: HP
-CVE-2013-4828 (HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet ...)
+CVE-2013-4828
 	NOT-FOR-US: HP
-CVE-2013-4827 (SQL injection vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2013-4827
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4826 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2013-4826
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4825 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2013-4825
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4824 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2013-4824
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4823 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2013-4823
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4822 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2013-4822
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4821 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2013-4821
 	NOT-FOR-US: HP System Management Homepage
-CVE-2013-4820 (Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall ...)
+CVE-2013-4820
 	NOT-FOR-US: HP
-CVE-2013-4819 (Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through ...)
+CVE-2013-4819
 	NOT-FOR-US: HP
-CVE-2013-4818 (Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall ...)
+CVE-2013-4818
 	NOT-FOR-US: HP
-CVE-2013-4817 (Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through ...)
+CVE-2013-4817
 	NOT-FOR-US: HP
 CVE-2013-4816
 	REJECTED
-CVE-2013-4815 (Cross-site scripting (XSS) vulnerability in the web interface in HP ...)
+CVE-2013-4815
 	NOT-FOR-US: HP
-CVE-2013-4814 (Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View ...)
+CVE-2013-4814
 	NOT-FOR-US: HP
-CVE-2013-4813 (The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) ...)
+CVE-2013-4813
 	NOT-FOR-US: HP
-CVE-2013-4812 (UpdateCertificatesServlet in the SNAC registration server in HP ...)
+CVE-2013-4812
 	NOT-FOR-US: HP
-CVE-2013-4811 (UpdateDomainControllerServlet in the SNAC registration server in HP ...)
+CVE-2013-4811
 	NOT-FOR-US: HP
-CVE-2013-4810 (HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity ...)
+CVE-2013-4810
 	NOT-FOR-US: HP
-CVE-2013-4809 (Multiple SQL injection vulnerabilities in GetEventsServlet in HP ...)
+CVE-2013-4809
 	NOT-FOR-US: HP
-CVE-2013-4808 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and ...)
+CVE-2013-4808
 	NOT-FOR-US: HP
-CVE-2013-4807 (Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, ...)
+CVE-2013-4807
 	NOT-FOR-US: HP
-CVE-2013-4806 (The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, ...)
+CVE-2013-4806
 	NOT-FOR-US: HP routers
-CVE-2013-4805 (Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) ...)
+CVE-2013-4805
 	NOT-FOR-US: HP Integrated Lights-Out firmware
-CVE-2013-4804 (Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch ...)
+CVE-2013-4804
 	NOT-FOR-US: HP Business Process Monitor
 CVE-2013-4803
 	REJECTED
-CVE-2013-4802 (Cross-site scripting (XSS) vulnerability in HP Application Lifecycle ...)
+CVE-2013-4802
 	NOT-FOR-US: HP
-CVE-2013-4801 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-4801
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4800 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-4800
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4799 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-4799
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4798 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-4798
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4797 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-4797
 	NOT-FOR-US: HP LoadRunner
 CVE-2013-4796
 	RESERVED
-CVE-2013-4795 (Cross-site scripting (XSS) vulnerability in the Submitters list in ...)
+CVE-2013-4795
 	- reviewboard <itp> (bug #653113)
 CVE-2013-4794
 	RESERVED
-CVE-2013-4793 (The update function in ...)
+CVE-2013-4793
 	NOT-FOR-US: Umbraco
 CVE-2013-4792
 	RESERVED
 CVE-2013-4791
 	RESERVED
-CVE-2013-4790 (Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 ...)
+CVE-2013-4790
 	NOT-FOR-US: Open-Xchange
-CVE-2013-4789 (SQL injection vulnerability in modules/rss/rss.php in Cotonti before ...)
+CVE-2013-4789
 	NOT-FOR-US: Cotonti
-CVE-2013-4788 (The PTR_MANGLE implementation in the GNU C Library (aka glibc or ...)
+CVE-2013-4788
 	{DLA-165-1}
 	- glibc 2.17-94 (low; bug #717178)
 	- eglibc <removed>
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2013-4787 (Android 1.6 Donut through 4.2 Jelly Bean does not properly check ...)
+CVE-2013-4787
 	NOT-FOR-US: Android
-CVE-2013-4786 (The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange ...)
+CVE-2013-4786
 	NOTE: Design flaw in the IPMI 2.0 specification. Any correctly implemented device is vulnerable.
 	NOTE: Contacted relevant maintainers: Since few to no devices do mutual authentication, tools shipped by Debian are generally not affected. At best, the tools can print a warning for vulnerable devices.
-CVE-2013-4784 (The HP Integrated Lights-Out (iLO) BMC implementation allows remote ...)
+CVE-2013-4784
 	NOT-FOR-US: HP IPMI device
-CVE-2013-4781 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance ...)
+CVE-2013-4781
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4780 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance ...)
+CVE-2013-4780
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4779 (Cross-site scripting (XSS) vulnerability in core/handleTw.php on the ...)
+CVE-2013-4779
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4778 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance ...)
+CVE-2013-4778
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4777 (A certain configuration of Android 2.3.7 on the Motorola Defy XT phone ...)
+CVE-2013-4777
 	NOT-FOR-US: Motorola
-CVE-2013-4776 (NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and ...)
+CVE-2013-4776
 	NOT-FOR-US: NETGEAR
-CVE-2013-4775 (NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and ...)
+CVE-2013-4775
 	NOT-FOR-US: NETGEAR
-CVE-2013-4785 (The web interface on the Dell iDRAC6 with firmware before 1.95 allows ...)
+CVE-2013-4785
 	NOT-FOR-US: Dell
-CVE-2013-4783 (The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before ...)
+CVE-2013-4783
 	NOT-FOR-US: Dell
-CVE-2013-4782 (The Supermicro BMC implementation allows remote attackers to bypass ...)
+CVE-2013-4782
 	NOT-FOR-US: Supermicro
 CVE-2013-4774
 	RESERVED
 CVE-2013-4773
 	RESERVED
-CVE-2013-4772 (D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless ...)
+CVE-2013-4772
 	NOT-FOR-US: D-Link
 CVE-2013-4771
 	RESERVED
 CVE-2013-4770
 	RESERVED
-CVE-2013-4769 (The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x ...)
+CVE-2013-4769
 	- eucalyptus <removed>
-CVE-2013-4768 (The web services APIs in Eucalyptus 2.0 through 3.4.1 allow remote ...)
+CVE-2013-4768
 	- eucalyptus <removed>
-CVE-2013-4767 (Unspecified vulnerability in Eucalyptus before 3.3.2 has unknown ...)
+CVE-2013-4767
 	- eucalyptus <removed>
-CVE-2013-4766 (The gather log service in Eucalyptus before 3.3.1 allows remote ...)
+CVE-2013-4766
 	- eucalyptus <removed>
 CVE-2013-4765
 	RESERVED
@@ -6940,21 +6940,21 @@ CVE-2013-4764
 	RESERVED
 CVE-2013-4763
 	RESERVED
-CVE-2013-4762 (Puppet Enterprise before 3.0.1 does not sufficiently invalidate a ...)
+CVE-2013-4762
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4761 (Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x ...)
+CVE-2013-4761
 	{DSA-2761-1}
 	- puppet 3.2.4-1 (low)
 	[squeeze] - puppet <no-dsa> (non-standard config and attacker requires local access to master)
 CVE-2013-4760
 	RESERVED
-CVE-2013-4759 (Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia ...)
+CVE-2013-4759
 	NOT-FOR-US: Magnolia CMS
 CVE-2013-4757
 	RESERVED
 CVE-2013-4756
 	RESERVED
-CVE-2013-4758 (Double free vulnerability in the writeDataError function in the ...)
+CVE-2013-4758
 	- rsyslog <not-affected> (omelasticsearch plugin not enabled; see #715009)
 	[squeeze] - rsyslog <not-affected> (omelasticsearch plugin not yet present)
 	[wheezy] - rsyslog <not-affected> (omelasticsearch plugin not yet present)
@@ -6962,9 +6962,9 @@ CVE-2013-4758 (Double free vulnerability in the writeDataError function in the .
 	NOTE: http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=80f88242982c9c6ad6ce8628fc5b94ea74051cf4
 CVE-2013-4755
 	RESERVED
-CVE-2013-4754 (Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet ...)
+CVE-2013-4754
 	NOT-FOR-US: Owl Intranet Knowledgebase
-CVE-2013-4753 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...)
+CVE-2013-4753
 	NOT-FOR-US: Claroline
 CVE-2013-4752
 	RESERVED
@@ -6974,72 +6974,72 @@ CVE-2013-4751
 	NOT-FOR-US: Symfony Validator component
 CVE-2013-4750
 	RESERVED
-CVE-2013-4749 (Cross-site scripting (XSS) vulnerability in the UserTask Center, ...)
+CVE-2013-4749
 	NOT-FOR-US: sys_messages TYPO3 extension
-CVE-2013-4748 (SQL injection vulnerability in the News system (news) extension before ...)
+CVE-2013-4748
 	NOT-FOR-US: News system TYPO3 extension
-CVE-2013-4747 (Cross-site scripting (XSS) vulnerability in the Accessible browse ...)
+CVE-2013-4747
 	NOT-FOR-US: Accessible browse results TYPO3 extension
-CVE-2013-4746 (Cross-site scripting (XSS) vulnerability in the My quiz and poll ...)
+CVE-2013-4746
 	NOT-FOR-US: My quiz and poll TYPO3 extension
-CVE-2013-4745 (SQL injection vulnerability in the My quiz and poll (myquizpoll) ...)
+CVE-2013-4745
 	NOT-FOR-US: My quiz and poll TYPO3 extension
-CVE-2013-4744 (Cross-site scripting (XSS) vulnerability in the PHPUnit extension ...)
+CVE-2013-4744
 	NOT-FOR-US: PHPUnit TYPO3 extension
 CVE-2013-4743
 	RESERVED
-CVE-2013-4742 (Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers ...)
+CVE-2013-4742
 	NOT-FOR-US: SurgeFTP
 CVE-2013-4741
 	RESERVED
-CVE-2013-4740 (goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux ...)
+CVE-2013-4740
 	NOT-FOR-US: Goodix gt915 Android touchscreen driver
-CVE-2013-4739 (The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm ...)
+CVE-2013-4739
 	- linux <not-affected> (Android-specific camera drivers)
-CVE-2013-4738 (Multiple stack-based buffer overflows in the MSM camera driver for the ...)
+CVE-2013-4738
 	- linux <not-affected> (Android-specific camera drivers)
-CVE-2013-4737 (The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, ...)
+CVE-2013-4737
 	- linux <not-affected> (Affected code not in mainline kernel)
 	- linux-2.6 <not-affected> (Affected code not in mainline kernel)
 	NOTE: https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=4256415b296348ff16cd17a5b8f8dce4dea37328
-CVE-2013-4736 (Multiple integer overflows in the JPEG engine drivers in the MSM ...)
+CVE-2013-4736
 	NOTE: https://www.codeaurora.org/projects/security-advisories/integer-overflow-and-signedness-issue-camera-jpeg-engines-cve-2013-4736
 	NOT-FOR-US: camera JPEG engines on Android Linux kernels
-CVE-2013-4735 (The Digital Alert Systems DASDEC EAS device before 2.0-2 and the ...)
+CVE-2013-4735
 	NOT-FOR-US: Digital Alert Systems and Monroe Electronics
-CVE-2013-4734 (dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before ...)
+CVE-2013-4734
 	NOT-FOR-US: Alert Systems and Monroe Electronics
-CVE-2013-4733 (The web server on the Digital Alert Systems DASDEC EAS device before ...)
+CVE-2013-4733
 	NOT-FOR-US: Alert Systems and Monroe Electronics
-CVE-2013-4732 (** DISPUTED ** The administrative web server on the Digital Alert ...)
+CVE-2013-4732
 	NOT-FOR-US: Alert Systems and Monroe Electronics
-CVE-2013-4731 (ajax.cgi in the web interface on the Choice Wireless Green Packet ...)
+CVE-2013-4731
 	NOT-FOR-US: Choice Wireless Green Packet modem
-CVE-2013-4730 (Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to ...)
+CVE-2013-4730
 	NOT-FOR-US: PCMan FTP Server
-CVE-2013-4729 (import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict ...)
+CVE-2013-4729
 	- phpmyadmin 4:4.0.4.1-1
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
-CVE-2013-4728 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, ...)
+CVE-2013-4728
 	NOT-FOR-US: Acora CMS
-CVE-2013-4727 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, ...)
+CVE-2013-4727
 	NOT-FOR-US: Acora CMS
-CVE-2013-4726 (Cross-site request forgery (CSRF) vulnerability in DDSN Interactive ...)
+CVE-2013-4726
 	NOT-FOR-US: Acora CMS
-CVE-2013-4725 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, ...)
+CVE-2013-4725
 	NOT-FOR-US: Acora CMS
-CVE-2013-4724 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, ...)
+CVE-2013-4724
 	NOT-FOR-US: Acora CMS
-CVE-2013-4723 (Open redirect vulnerability in DDSN Interactive cm3 Acora CMS ...)
+CVE-2013-4723
 	NOT-FOR-US: Acora CMS
-CVE-2013-4722 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-4722
 	NOT-FOR-US: Acora CMS
-CVE-2013-4721 (SQL injection vulnerability in the RSS feed from records extension ...)
+CVE-2013-4721
 	NOT-FOR-US: records extension for TYPO3
-CVE-2013-4720 (SQL injection vulnerability in the WEC Discussion Forum extension ...)
+CVE-2013-4720
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2013-4719 (SQL injection vulnerability in the SEO Pack for tt_news extension ...)
+CVE-2013-4719
 	NOT-FOR-US: SEO Pack for tt_news extension for TYPO3
 CVE-2013-4718 [XSS]
 	RESERVED
@@ -7049,51 +7049,51 @@ CVE-2013-4717 [SQL injection]
 	{DSA-2733-1}
 	- otrs2 3.2.9-1
 	NOTE: http://web.archive.org/web/20131023033811/http://www.otrs.com:80/en/open-source/community-news/security-advisories/security-advisory-2013-05/
-CVE-2013-4716 (Cross-site scripting (XSS) vulnerability in Tattyan HP TOWN 5_9_3 and ...)
+CVE-2013-4716
 	NOT-FOR-US: Tattyan HP TOWN
-CVE-2013-4715 (SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before ...)
+CVE-2013-4715
 	NOT-FOR-US: Tiki Wiki
-CVE-2013-4714 (Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6 ...)
+CVE-2013-4714
 	NOT-FOR-US: Tiki Wiki
-CVE-2013-4713 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk ...)
+CVE-2013-4713
 	NOT-FOR-US: I-O DATA DEVICE RockDisk
-CVE-2013-4712 (I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and ...)
+CVE-2013-4712
 	NOT-FOR-US: I-O DATA DEVICE HDL-A and HDL2-A devices
-CVE-2013-4711 (Cross-site scripting (XSS) vulnerability in Accela BizSearch 3.2 on ...)
+CVE-2013-4711
 	NOT-FOR-US: Accela Bizsearch
-CVE-2013-4710 (Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, ...)
+CVE-2013-4710
 	NOT-FOR-US: Android
-CVE-2013-4709 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 ...)
+CVE-2013-4709
 	NOT-FOR-US: PPP Access Concentrator
-CVE-2013-4708 (The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. ...)
+CVE-2013-4708
 	NOT-FOR-US: Internet Initiative Japan Inc
-CVE-2013-4707 (The SSH implementation on D-Link Japan DES-3810 devices with firmware ...)
+CVE-2013-4707
 	NOT-FOR-US: D-Link
-CVE-2013-4706 (The SSH implementation on the D-Link Japan DWL-2100AP with firmware ...)
+CVE-2013-4706
 	NOT-FOR-US: D-Link
-CVE-2013-4705 (Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows ...)
+CVE-2013-4705
 	NOT-FOR-US: Opera
-CVE-2013-4704 (Cross-site scripting (XSS) vulnerability in ChamaNet ChamaCargo 7.0000 ...)
+CVE-2013-4704
 	NOT-FOR-US: ChamaNet ChamaCargo
-CVE-2013-4703 (Cross-site scripting (XSS) vulnerability in the top-page customization ...)
+CVE-2013-4703
 	NOT-FOR-US: Cybozu Office
-CVE-2013-4702 (Multiple directory traversal vulnerabilities in the doApiAction ...)
+CVE-2013-4702
 	NOT-FOR-US: EC-CUBE
-CVE-2013-4701 (Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows ...)
+CVE-2013-4701
 	- php-openid 2.2.2-1.2 (low; bug #721221)
 	[wheezy] - php-openid <no-dsa> (Minor issue)
 	[squeeze] - php-openid <no-dsa> (Minor issue)
-CVE-2013-4700 (The Yahoo! Japan Shopping application 1.4 and earlier for Android does ...)
+CVE-2013-4700
 	NOT-FOR-US: Yahoo shopping app
-CVE-2013-4699 (The Yahoo! Japan Yafuoku! application 4.3.0 and earlier for iOS and ...)
+CVE-2013-4699
 	NOT-FOR-US: Yahoo shopping app
-CVE-2013-4698 (Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to ...)
+CVE-2013-4698
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2013-4697 (Multiple unspecified vulnerabilities in Hitachi JP1/IT Desktop ...)
+CVE-2013-4697
 	NOT-FOR-US: Hitachi
 CVE-2013-4695
 	RESERVED
-CVE-2013-4694 (Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 ...)
+CVE-2013-4694
 	NOT-FOR-US: Winamp
 CVE-2013-4693
 	RESERVED
@@ -7101,49 +7101,49 @@ CVE-2013-4692
 	RESERVED
 CVE-2013-4691
 	RESERVED
-CVE-2013-4690 (Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before ...)
+CVE-2013-4690
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4689 (J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R ...)
+CVE-2013-4689
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4688 (flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the ...)
+CVE-2013-4688
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4687 (flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before ...)
+CVE-2013-4687
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4686 (The kernel in Juniper Junos 10.4 before 10.4R14, 11.4 before 11.4R8, ...)
+CVE-2013-4686
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4685 (Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 ...)
+CVE-2013-4685
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4684 (flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 ...)
+CVE-2013-4684
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4683 (SQL injection vulnerability in the meta_feedit extension 0.1.10 and ...)
+CVE-2013-4683
 	NOT-FOR-US: meta_feedit extension for TYPO3
-CVE-2013-4682 (SQL injection vulnerability in the Multishop extension before 2.0.39 ...)
+CVE-2013-4682
 	NOT-FOR-US: Multishop extension for TYPO3
-CVE-2013-4681 (SQL injection vulnerability in the sofortueberweisung2commerce ...)
+CVE-2013-4681
 	NOT-FOR-US: sofortueberweisung2commerce extension TYPO3
-CVE-2013-4680 (Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and ...)
+CVE-2013-4680
 	NOT-FOR-US: meta_feedit extension for TYPO3
-CVE-2013-4679 (Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a ...)
+CVE-2013-4679
 	NOT-FOR-US: Symantec Workspace Virtualization
-CVE-2013-4678 (The NDMP protocol implementation in Symantec Backup Exec 2010 R3 ...)
+CVE-2013-4678
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2013-4677 (Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 ...)
+CVE-2013-4677
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2013-4676 (Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup ...)
+CVE-2013-4676
 	NOT-FOR-US: Symantec Backup Exec
 CVE-2013-4675
 	RESERVED
-CVE-2013-4674 (Cross-site scripting (XSS) vulnerability in the Web Email Protection ...)
+CVE-2013-4674
 	NOT-FOR-US: Symantec
-CVE-2013-4673 (The management console on the Symantec Web Gateway (SWG) appliance ...)
+CVE-2013-4673
 	NOT-FOR-US: Symantec
-CVE-2013-4672 (The management console on the Symantec Web Gateway (SWG) appliance ...)
+CVE-2013-4672
 	NOT-FOR-US: Symantec
-CVE-2013-4671 (Cross-site request forgery (CSRF) vulnerability in the management ...)
+CVE-2013-4671
 	NOT-FOR-US: Symantec
-CVE-2013-4670 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2013-4670
 	NOT-FOR-US: Symantec
-CVE-2013-4668 (Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, ...)
+CVE-2013-4668
 	- file-roller 3.8.3-1
 	[squeeze] - file-roller <not-affected> (Doesn't use libarchive)
 	[wheezy] - file-roller <not-affected> (Doesn't use libarchive)
@@ -7156,15 +7156,15 @@ CVE-2013-4665
 	RESERVED
 CVE-2013-4664
 	RESERVED
-CVE-2013-4663 (git_http_controller.rb in the redmine_git_hosting plugin for Redmine ...)
+CVE-2013-4663
 	NOT-FOR-US: Redmine plugin redmine_git_hosting
-CVE-2013-4662 (The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through ...)
+CVE-2013-4662
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-4661 (CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly ...)
+CVE-2013-4661
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-4660 (The JS-YAML module before 2.0.5 for Node.js parses input without ...)
+CVE-2013-4660
 	NOT-FOR-US: js-yaml
-CVE-2013-4659 (Buffer overflow in Broadcom ACSD allows remote attackers to execute ...)
+CVE-2013-4659
 	NOT-FOR-US: Broadcom ACSD
 CVE-2013-4658
 	RESERVED
@@ -7176,17 +7176,17 @@ CVE-2013-4655
 	RESERVED
 CVE-2013-4654
 	RESERVED
-CVE-2013-4653 (Multiple cross-site scripting (XSS) vulnerabilities in the signin ...)
+CVE-2013-4653
 	NOT-FOR-US: Alcatel-Lucent Omnitouch
-CVE-2013-4652 (Unspecified vulnerability in the command-line management interface on ...)
+CVE-2013-4652
 	NOT-FOR-US: Siemens
-CVE-2013-4651 (Siemens Scalance W7xx devices with firmware before 4.5.4 use the same ...)
+CVE-2013-4651
 	NOT-FOR-US: Siemens
-CVE-2013-4650 (MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote ...)
+CVE-2013-4650
 	- mongodb 1:2.4.5-1 (bug #715007)
 	[squeeze] - mongodb <not-affected> (Only affects 2.4.x)
 	[wheezy] - mongodb <not-affected> (Only affects 2.4.x)
-CVE-2013-4649 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before ...)
+CVE-2013-4649
 	NOT-FOR-US: DotNetNuke
 CVE-2013-4648
 	RESERVED
@@ -7212,71 +7212,71 @@ CVE-2013-4638
 	RESERVED
 CVE-2013-4637
 	RESERVED
-CVE-2013-4669 (FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, ...)
+CVE-2013-4669
 	NOT-FOR-US: FortiClient
-CVE-2013-4636 (The mget function in libmagic/softmagic.c in the Fileinfo component in ...)
+CVE-2013-4636
 	- php5 5.5.0+dfsg-1
 	[squeeze] - php5 <not-affected> (Introduced with 10367fa7c6a4a2cf9bee02d8905e284185428f09)
 	[wheezy] - php5 <not-affected> (Introduced with 10367fa7c6a4a2cf9bee02d8905e284185428f09)
 	- file <not-affected> (bug in code modified for PHP)
 	NOTE: Tested with the squeeze and wheezy versions
-CVE-2013-4635 (Integer overflow in the SdnToJewish function in jewish.c in the ...)
+CVE-2013-4635
 	- php5 5.5.0+dfsg-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2013-4634 (SQL injection vulnerability in the jQuery autocomplete for ...)
+CVE-2013-4634
 	NOT-FOR-US: rzautocomplete extension for Typo3
-CVE-2013-4633 (Huawei Seco Versatile Security Manager (VSM) before V200R002C00SPC300 ...)
+CVE-2013-4633
 	NOT-FOR-US: Huawei Seco Versatile Security Manager
-CVE-2013-4632 (The Huawei Access Router (AR) before V200R002SPC003 allows remote ...)
+CVE-2013-4632
 	NOT-FOR-US: The Huawei Access Router
-CVE-2013-4631 (Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 is ...)
+CVE-2013-4631
 	NOT-FOR-US: Huawei AR 150, 200, 1200, 2200, and 3200 routers,
-CVE-2013-4630 (Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and ...)
+CVE-2013-4630
 	NOT-FOR-US: Huawei routers
-CVE-2013-4629 (The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video ...)
+CVE-2013-4629
 	NOT-FOR-US: Huawei viewpoint
-CVE-2013-4628 (The firewall module on the Huawei Quidway Service Process Unit (SPU) ...)
+CVE-2013-4628
 	NOT-FOR-US: Huawei Quidway Service Process Unit
-CVE-2013-4627 (Unspecified vulnerability in bitcoind and Bitcoin-Qt 0.8.x allows ...)
+CVE-2013-4627
 	- bitcoin 0.8.3-1
-CVE-2013-4626 (Cross-site scripting (XSS) vulnerability in the BackWPup plugin before ...)
+CVE-2013-4626
 	NOT-FOR-US: WordPress plugin BackWPup
-CVE-2013-4625 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-4625
 	NOT-FOR-US: WordPress plugin Duplicator
-CVE-2013-4624 (Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM ...)
+CVE-2013-4624
 	NOT-FOR-US: Jahia xCM
-CVE-2013-4623 (The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 ...)
+CVE-2013-4623
 	{DSA-2782-1}
 	- polarssl 1.2.8-1 (low; bug #719954)
-CVE-2013-4622 (The 3G Mobile Hotspot feature on the HTC Droid Incredible has a ...)
+CVE-2013-4622
 	NOT-FOR-US: HTC Droid Incredible
 CVE-2013-4621
 	RESERVED
-CVE-2013-4620 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-4620
 	NOT-FOR-US: OpenEMR
-CVE-2013-4619 (Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote ...)
+CVE-2013-4619
 	NOT-FOR-US: OpenEMR
 CVE-2013-4618
 	RESERVED
-CVE-2013-4617 (Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a ...)
+CVE-2013-4617
 	NOT-FOR-US: Jahia xCM
-CVE-2013-4616 (The WifiPasswordController generateDefaultPassword method in ...)
+CVE-2013-4616
 	NOT-FOR-US: Apple iOS
-CVE-2013-4615 (The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, ...)
+CVE-2013-4615
 	NOT-FOR-US: EMC Smarts Network Configuration Manager
-CVE-2013-4614 (English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, ...)
+CVE-2013-4614
 	NOT-FOR-US: EMC Smarts Network Configuration Manager
-CVE-2013-4613 (The default configuration of the administrative interface on the Canon ...)
+CVE-2013-4613
 	NOT-FOR-US: EMC RSA Data Protection Manager Appliance
-CVE-2013-4612 (Multiple cross-site scripting (XSS) vulnerabilities in REDCap before ...)
+CVE-2013-4612
 	NOT-FOR-US: REDCap
-CVE-2013-4611 (Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow ...)
+CVE-2013-4611
 	NOT-FOR-US: REDCap
-CVE-2013-4610 (Unspecified vulnerability in the Data Search utility in data-entry ...)
+CVE-2013-4610
 	NOT-FOR-US: REDCap
-CVE-2013-4609 (REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain ...)
+CVE-2013-4609
 	NOT-FOR-US: REDCap
-CVE-2013-4608 (Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows ...)
+CVE-2013-4608
 	NOT-FOR-US: REDCap
 CVE-2013-4607
 	RESERVED
@@ -7284,7 +7284,7 @@ CVE-2013-4606
 	RESERVED
 CVE-2013-4605
 	RESERVED
-CVE-2013-4604 (Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly ...)
+CVE-2013-4604
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2013-4603
 	RESERVED
@@ -7292,53 +7292,53 @@ CVE-2013-4602
 	RESERVED
 CVE-2013-4601
 	RESERVED
-CVE-2013-4600 (Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms ...)
+CVE-2013-4600
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2013-4599 (The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 ...)
+CVE-2013-4599
 	NOT-FOR-US: Drupal module misery
-CVE-2013-4598 (The Groups, Communities and Co (GCC) module 7.x-1.x before 7.x-1.1 for ...)
+CVE-2013-4598
 	NOT-FOR-US: Drupal module GCC
-CVE-2013-4597 (The Revisioning module 7.x-1.x before 7.x-1.6 for Drupal does not ...)
+CVE-2013-4597
 	NOT-FOR-US: Drupal module Revisioning
-CVE-2013-4596 (The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not ...)
+CVE-2013-4596
 	NOT-FOR-US: Drupal module Node Access Keys
-CVE-2013-4595 (The Secure Pages module 6.x-2.x before 6.x-2.0 for Drupal does not ...)
+CVE-2013-4595
 	NOT-FOR-US: Drupal module Secure Pages
-CVE-2013-4594 (The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does ...)
+CVE-2013-4594
 	NOT-FOR-US: Drupal module Payment for Webform
 CVE-2013-4593
 	RESERVED
 	- ruby-omniauth-facebook <not-affected> (Fixed before initial release)
-CVE-2013-4592 (Memory leak in the __kvm_set_memory_region function in ...)
+CVE-2013-4592
 	- linux 3.8-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, KVM server not supported in squeeze-lts)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4591 (Buffer overflow in the __nfs4_get_acl_uncached function in ...)
+CVE-2013-4591
 	- linux 3.8-1
 	[wheezy] - linux <not-affected> (Introduced in 3.6)
 	- linux-2.6 <not-affected> (Introduced in 3.6)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12d6e7538e2d418c08f082b1b44ffa5fb7270ed8
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e40f193f5bb022e927a57a4f5d5194e4f12ddb74
-CVE-2013-4590 (Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before ...)
+CVE-2013-4590
 	{DSA-3530-1 DLA-91-1}
 	- tomcat6 6.0.39 (low)
 	[squeeze] - tomcat6 <no-dsa> (Minor issue)
 	- tomcat7 7.0.50 (low)
 	[wheezy] - tomcat7 <no-dsa> (Minor issue)
 	- tomcat8 8.0.0
-CVE-2013-4589 (The ExportAlphaQuantumType function in export.c in GraphicsMagick ...)
+CVE-2013-4589
 	- graphicsmagick 1.3.18-1 (low; bug #729661)
 	[squeeze] - graphicsmagick <no-dsa> (Minor issue)
 	[wheezy] - graphicsmagick <no-dsa> (Minor issue)
-CVE-2013-4588 (Multiple stack-based buffer overflows in ...)
+CVE-2013-4588
 	{DSA-2906-1}
 	- linux <not-affected> (fixed in 2.6.33)
 	- linux-2.6 2.6.37-1
 	NOTE: 2.6.37-1 first version including 2.6.33 in unstable for linux-2.6
 	NOTE: https://git.kernel.org/linus/04bcef2a83f40c6db24222b27a52892cba39dffb
 	NOTE: http://seclists.org/fulldisclosure/2013/Nov/77
-CVE-2013-4587 (Array index error in the kvm_vm_ioctl_create_vcpu function in ...)
+CVE-2013-4587
 	{DSA-2906-1}
 	- linux 3.12.5-1
 	- linux-2.6 <removed>
@@ -7358,30 +7358,30 @@ CVE-2013-4583
 CVE-2013-4582 [Local file inclusion vulnerability]
 	RESERVED
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4581 (GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise ...)
+CVE-2013-4581
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4580 (GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise ...)
+CVE-2013-4580
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4579 (The ath9k_htc_set_bssid_mask function in ...)
+CVE-2013-4579
 	- linux-2.6 <not-affected> (ath9k not yet present)
 	- linux 3.12.8-1 (bug #729573)
 	[wheezy] - linux 3.2.54-1
 	NOTE: http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html
-CVE-2013-4578 (jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote ...)
+CVE-2013-4578
 	- openjdk-7 7u51-2.4.4-1
 	- openjdk-6 6b30-1.13.1-1
-CVE-2013-4577 (A certain Debian patch for GNU GRUB uses world-readable permissions ...)
+CVE-2013-4577
 	- grub2 2.00-20 (unimportant; bug #632598)
 	NOTE: Additional hardening for rare setups, not a vulnerability
-CVE-2013-4576 (GnuPG 1.x before 1.4.16 generates RSA keys using sequences of ...)
+CVE-2013-4576
 	{DSA-2821-1}
 	- gnupg 1.4.15-3
-CVE-2013-4575 (Heap-based buffer overflow in the utility program in the Linux agent ...)
+CVE-2013-4575
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2013-4574 (Cross-site scripting (XSS) vulnerability in the TimeMediaHandler ...)
+CVE-2013-4574
 	NOT-FOR-US: TimedMediaHandler mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=56699
-CVE-2013-4573 (Cross-site scripting (XSS) vulnerability in the ZeroRatedMobileAccess ...)
+CVE-2013-4573
 	NOT-FOR-US: mediawiki extension ZeroRatedMobileAccess
 CVE-2013-4572
 	RESERVED
@@ -7389,106 +7389,106 @@ CVE-2013-4572
 	- mediawiki 1:1.19.8+dfsg-2.2 (bug #729629)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=53032
-CVE-2013-4571 (Buffer overflow in php-luasandbox in the Scribuntu extension for ...)
+CVE-2013-4571
 	NOT-FOR-US: php-luasandbox / Scribunto mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49705
-CVE-2013-4570 (The zend_inline_hash_func function in php-luasandbox in the Scribuntu ...)
+CVE-2013-4570
 	NOT-FOR-US: php-luasandbox / Scribunto mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=54527
-CVE-2013-4569 (The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before ...)
+CVE-2013-4569
 	NOT-FOR-US: mediawiki extension CleanChanges
-CVE-2013-4568 (Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki ...)
+CVE-2013-4568
 	{DSA-2891-1}
 	- mediawiki 1:1.19.8+dfsg-2.2 (bug #729629)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=55332
-CVE-2013-4567 (Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki ...)
+CVE-2013-4567
 	{DSA-2891-1}
 	- mediawiki 1:1.19.8+dfsg-2.2 (bug #729629)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=55332
-CVE-2013-4566 (mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the ...)
+CVE-2013-4566
 	- libapache2-mod-nss 1.0.8-4 (low; bug #731627)
 	[wheezy] - libapache2-mod-nss <no-dsa> (Minor issue)
-CVE-2013-4565 (Heap-based buffer overflow in the __OLEdecode function in ppthtml ...)
+CVE-2013-4565
 	- xlhtml <removed> (low; bug #729279)
 	[wheezy] - xlhtml <no-dsa> (Minor issue)
 	[squeeze] - xlhtml <no-dsa> (Minor issue)
-CVE-2013-4564 (Libreswan 3.6 allows remote attackers to cause a denial of service ...)
+CVE-2013-4564
 	- libreswan <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2013-4564/CVE-2013-4564.txt.asc
 	NOTE: https://github.com/libreswan/libreswan/commit/9b31deafbdbf0c2206358dfbf2d4e343e365f23f
-CVE-2013-4563 (The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux ...)
+CVE-2013-4563
 	- linux-2.6 <not-affected> (Introduced in v3.10-rc5)
 	- linux 3.11.10-1
 	[wheezy] - linux <not-affected> (Introduced in v3.10-rc5)
 	NOTE: Introduced: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e2bd517c108816220f262d7954b697af03b5f9c
 	NOTE: fixed in: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e033e0
-CVE-2013-4562 (The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store ...)
+CVE-2013-4562
 	- ruby-omniauth-facebook <not-affected> (Fixed before initial release)
 	NOTE: https://github.com/mkdynamic/omniauth-facebook/commit/ccfcc26fe7e34acbd75ad4a095fd01ce5ff48ee7
 CVE-2013-4561
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-4560 (Use-after-free vulnerability in lighttpd before 1.4.33 allows remote ...)
+CVE-2013-4560
 	{DSA-2795-1}
 	- lighttpd 1.4.33-1+nmu1 (bug #729453)
-CVE-2013-4559 (lighttpd before 1.4.33 does not check the return value of the (1) ...)
+CVE-2013-4559
 	{DSA-2795-1}
 	- lighttpd 1.4.33-1+nmu1 (bug #729453)
-CVE-2013-4558 (The get_parent_resource function in repos.c in mod_dav_svn Apache ...)
+CVE-2013-4558
 	- subversion 1.7.14-1
 	[squeeze] - subversion <not-affected> (Only affects 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4)
 	[wheezy] - subversion <not-affected> (Only affects 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4)
 	NOTE: http://subversion.apache.org/security/CVE-2013-4558-advisory.txt
-CVE-2013-4557 (The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 ...)
+CVE-2013-4557
 	{DSA-2794-1}
 	- spip 2.1.24-1 (bug #729172)
-CVE-2013-4556 (Cross-site scripting (XSS) vulnerability in the author page ...)
+CVE-2013-4556
 	{DSA-2794-1}
 	- spip 2.1.24-1 (bug #729172)
-CVE-2013-4555 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-4555
 	{DSA-2794-1}
 	- spip 2.1.24-1 (bug #729172)
-CVE-2013-4554 (Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), ...)
+CVE-2013-4554
 	- xen <not-affected> (Doesn't affect Linux)
-CVE-2013-4553 (The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x ...)
+CVE-2013-4553
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4552 (lib/Auth/Source/External.php in the drupalauth module before 1.2.2 for ...)
+CVE-2013-4552
 	NOT-FOR-US: drupalauth module for simpleSAMLphp
-CVE-2013-4551 (Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not ...)
+CVE-2013-4551
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Only affects 4.2.x and later)
 	[squeeze] - xen <not-affected> (Only affects 4.2.x and later)
-CVE-2013-4550 (Bip before 0.8.9, when running as a daemon, writes SSL handshake ...)
+CVE-2013-4550
 	- bip 0.8.9-1 (low)
 	[wheezy] - bip <no-dsa> (Minor issue)
 	[squeeze] - bip <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://projects.duckcorp.org/projects/bip/repository/revisions/df45c4c2d6f892e3e1dec23ce0ed2575b53a7d8c
 	NOTE: https://projects.duckcorp.org/issues/261
 	NOTE: Difference between CVE-2011-5268 and CVE-2013-4550: http://www.openwall.com/lists/oss-security/2014/01/02/9
-CVE-2013-4549 (QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers ...)
+CVE-2013-4549
 	- qtbase-opensource-src 5.1.1+dfsg-6
 	- qt4-x11 4:4.8.5+git192-g085f851+dfsg-1 (low; bug #750141)
 	[wheezy] - qt4-x11 <no-dsa> (Minor issue)
 	[squeeze] - qt4-x11 <no-dsa> (Minor issue)
 	NOTE: https://codereview.qt-project.org/#change,70708
-CVE-2013-4548 (The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH ...)
+CVE-2013-4548
 	- openssh 1:6.4p1-1 (bug #729029)
 	[wheezy] - openssh <not-affected> (AES-GCM support introduced in 6.2)
 	[squeeze] - openssh <not-affected> (AES-GCM support introduced in 6.2)
-CVE-2013-4547 (nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote ...)
+CVE-2013-4547
 	{DSA-2802-1}
 	- nginx 1.4.4-1 (bug #730012)
 	[squeeze] - nginx <not-affected> (Only applies to 0.8.41 - 1.5.6)
-CVE-2013-4546 (The repository import feature in gitlab-shell before 1.7.4, as used in ...)
+CVE-2013-4546
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4545 (cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, ...)
+CVE-2013-4545
 	{DSA-2798-1}
 	- curl 7.33.0-1
-CVE-2013-4544 (hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local ...)
+CVE-2013-4544
 	- qemu 2.0.0+dfsg-1
 	[wheezy] - qemu <not-affected> (Introduced in 1.4)
 	[squeeze] - qemu <not-affected> (Introduced in 1.4)
@@ -7496,7 +7496,7 @@ CVE-2013-4544 (hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows loc
 	NOTE: see BTS bug #744213
 CVE-2013-4543
 	REJECTED
-CVE-2013-4542 (The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU ...)
+CVE-2013-4542
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7504,35 +7504,35 @@ CVE-2013-4542 (The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QE
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	NOTE: virtio-scsi support introduced in v1.1: http://wiki.qemu.org/ChangeLog/1.1
-CVE-2013-4541 (The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 ...)
+CVE-2013-4541
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4540 (Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 ...)
+CVE-2013-4540
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4539 (Multiple buffer overflows in the tsc210x_load function in ...)
+CVE-2013-4539
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4538 (Multiple buffer overflows in the ssd0323_load function in ...)
+CVE-2013-4538
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4537 (The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 ...)
+CVE-2013-4537
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7555,14 +7555,14 @@ CVE-2013-4535
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4534 (Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows ...)
+CVE-2013-4534
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4533 (Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in ...)
+CVE-2013-4533
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7577,21 +7577,21 @@ CVE-2013-4532
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4531 (Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows ...)
+CVE-2013-4531
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4530 (Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote ...)
+CVE-2013-4530
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed>
-CVE-2013-4529 (Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows ...)
+CVE-2013-4529
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7600,88 +7600,88 @@ CVE-2013-4529 (Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 CVE-2013-4528
 	REJECTED
-CVE-2013-4527 (Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow ...)
+CVE-2013-4527
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4526 (Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote ...)
+CVE-2013-4526
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4525 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-4525
 	- moodle 2.5.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4524 (Directory traversal vulnerability in repository/filesystem/lib.php in ...)
+CVE-2013-4524
 	- moodle 2.5.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4523 (Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle ...)
+CVE-2013-4523
 	- moodle 2.5.3-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4522 (lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x ...)
+CVE-2013-4522
 	- moodle 2.5.3-1 (low)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2013-4521
 	RESERVED
 	NOT-FOR-US: Nuxeo
-CVE-2013-4520 (xslt.c in libxslt before 1.1.25 allows context-dependent attackers to ...)
+CVE-2013-4520
 	- libxslt <not-affected> (The versions in wheezy and squeeze contain the full patch)
-CVE-2013-4519 (Multiple cross-site scripting (XSS) vulnerabilities in Review Board ...)
+CVE-2013-4519
 	- reviewboard <itp> (bug #653113)
 CVE-2013-4518
 	RESERVED
 	NOT-FOR-US: Red Hat Update Infrastructure
-CVE-2013-4517 (Apache Santuario XML Security for Java before 1.5.6, when applying ...)
+CVE-2013-4517
 	- libxml-security-java 1.5.6-1 (bug #733938)
 	[squeeze] - libxml-security-java <no-dsa> (Minor issue, too intrusive to backport)
 	[wheezy] - libxml-security-java <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: http://santuario.apache.org/secadv.data/cve-2013-4517.txt.asc
-CVE-2013-4516 (The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the ...)
+CVE-2013-4516
 	- linux 3.12-1 (unimportant)
 	[wheezy] - linux <not-affected> (Affected code not present yet)
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a8b33654b1e3b0c74d4a1fed041c9aae50b3c427
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4515 (The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the ...)
+CVE-2013-4515
 	- linux 3.12-1 (unimportant)
 	NOTE: bcm driver not built
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d1e72250c847fa96498ec029891de4dc638a5ba
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4514 (Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in ...)
+CVE-2013-4514
 	- linux 3.12-1 (unimportant)
 	NOTE: wlags49_h2 driver not built
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5e2f339865fb443107e5b10603e53bbc92dc054
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4513 (Buffer overflow in the oz_cdev_write function in ...)
+CVE-2013-4513
 	- linux 3.12-1 (unimportant)
 	[wheezy] - linux <not-affected> (Affected code not present yet)
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2c65cd2e14ada6de44cb527e7f1990bede24e15
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4512 (Buffer overflow in the exitcode_proc_write function in ...)
+CVE-2013-4512
 	{DSA-2906-1}
 	- linux 3.11.8-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=201f99f170df14ba52ea4c52847779042b7a623b
-CVE-2013-4511 (Multiple integer overflows in Alchemy LCD frame-buffer drivers in the ...)
+CVE-2013-4511
 	{DSA-2906-1}
 	- linux 3.11.8-1
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7314e613d
-CVE-2013-4510 (Directory traversal vulnerability in the client in Tryton 3.0.0, as ...)
+CVE-2013-4510
 	{DSA-2791-1}
 	- tryton-client 2.8.4-1
 	NOTE: https://bugs.tryton.org/issue3446
-CVE-2013-4509 (The default configuration of IBUS 1.5.4, and possibly 1.5.2 and ...)
+CVE-2013-4509
 	- mozc 1.12.1599.102-1 (low; bug #729065)
 	[wheezy] - mozc <not-affected> (Only in combination with Ibus 1.5.4, which is not in stable)
 	- ibus-anthy 1.5.4-1 (low; bug #729065)
@@ -7697,61 +7697,61 @@ CVE-2013-4509 (The default configuration of IBUS 1.5.4, and possibly 1.5.2 and .
 	NOTE: This is rather a bug in the various IBus engines not in ibus itself, asked maintainers to investigate affected engines,
 	NOTE: can be assigned to affected engines once more info is available
 	NOTE: Introduced in 1.5, so stable/oldstable not affected
-CVE-2013-4508 (lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ...)
+CVE-2013-4508
 	{DSA-2795-1}
 	- lighttpd 1.4.33-1+nmu1 (bug #729453)
 	NOTE: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt
 	NOTE: http://redmine.lighttpd.net/issues/2525
-CVE-2013-4507 (Cross-site scripting (XSS) vulnerability in CollectiveAccess ...)
+CVE-2013-4507
 	NOT-FOR-US: CollectiveAccess
 CVE-2013-4506
 	RESERVED
-CVE-2013-4505 (The is_this_legal function in mod_dontdothat for Apache Subversion ...)
+CVE-2013-4505
 	- subversion 1.7.14-1 (bug #730541; unimportant)
 	NOTE: Not built in the binary packages
-CVE-2013-4504 (The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote ...)
+CVE-2013-4504
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4503 (Cross-site scripting (XSS) vulnerability in the Feed Element Mapper ...)
+CVE-2013-4503
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4502 (The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before ...)
+CVE-2013-4502
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4501 (The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal ...)
+CVE-2013-4501
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4500 (The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote ...)
+CVE-2013-4500
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4499 (Cross-site scripting (XSS) vulnerability in the Bean module 7.x-1.x ...)
+CVE-2013-4499
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4498 (The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 ...)
+CVE-2013-4498
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4497 (The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and ...)
+CVE-2013-4497
 	- nova 2013.2-1
 	[wheezy] - nova <not-affected> (OpenStack Essex is not affected)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1073306
 	NOTE: https://github.com/openstack/nova/commit/ba0d007fb78bd1182c3c0b808dbd7ccc84640e80
 	NOTE: https://bugs.launchpad.net/nova/+bug/1202266
 	NOTE: https://github.com/openstack/nova/commit/5cced7a6dd32d231c606e25dbf762d199bf9cca7
-CVE-2013-4496 (Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 ...)
+CVE-2013-4496
 	- samba 2:4.1.6+dfsg-1 (low)
 	[wheezy] - samba 2:3.6.6-6+deb7u3
 	[squeeze] - samba <no-dsa> (Minor issue)
 	- samba4 <removed>
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 	NOTE: http://www.samba.org/samba/security/CVE-2013-4496
-CVE-2013-4495 (The send_the_mail function in server/svr_mail.c in Terascale ...)
+CVE-2013-4495
 	{DSA-2796-1}
 	- torque 2.4.16+dfsg-1.3 (bug #729333)
-CVE-2013-4494 (Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock ...)
+CVE-2013-4494
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2013-4493
 	RESERVED
-CVE-2013-4492 (Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n ...)
+CVE-2013-4492
 	{DSA-2830-1}
 	- ruby-i18n 0.6.9-1
 	- libi18n-ruby <removed>
 	[squeeze] - libi18n-ruby <not-affected> (vulnerable code not present)
-CVE-2013-4491 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-4491
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -7759,146 +7759,146 @@ CVE-2013-4491 (Cross-site scripting (XSS) vulnerability in ...)
 	- ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
 	- rails <not-affected> (Vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-4490 (The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ...)
+CVE-2013-4490
 	- gitlab <not-affected> (Fixed before initial release to Debian)
-CVE-2013-4489 (The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x ...)
+CVE-2013-4489
 	- gitlab <not-affected> (Fixed before initial release to Debian)
-CVE-2013-4488 (libgadu before 1.12.0 does not verify X.509 certificates from SSL ...)
+CVE-2013-4488
 	- libgadu <unfixed> (unimportant)
 	NOTE: Intentional design decision
-CVE-2013-4487 (Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in ...)
+CVE-2013-4487
 	- gnutls28 <not-affected> (libdane is not built; original patch for CVE-2013-4466 not applied)
 	- gnutls26 <not-affected> (only 3.1.x and 3.2.x)
 	NOTE: off-by one issue in original fix for CVE-2013-4466
 CVE-2013-4486
 	RESERVED
 	NOT-FOR-US: Zanata
-CVE-2013-4485 (389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before ...)
+CVE-2013-4485
 	- 389-ds-base 1.3.2.9-1 (bug #730115)
-CVE-2013-4484 (Varnish before 3.0.5 allows remote attackers to cause a denial of ...)
+CVE-2013-4484
 	{DSA-2814-1}
 	- varnish 3.0.5-1 (medium; bug #728989)
 	NOTE: https://www.varnish-cache.org/trac/ticket/1367
-CVE-2013-4483 (The ipc_rcu_putref function in ipc/util.c in the Linux kernel before ...)
+CVE-2013-4483
 	- linux 3.11.8-1 (low)
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6062a8
-CVE-2013-4482 (Untrusted search path vulnerability in python-paste-script (aka ...)
+CVE-2013-4482
 	NOT-FOR-US: LuCi
-CVE-2013-4481 (Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with ...)
+CVE-2013-4481
 	NOT-FOR-US: LuCi
-CVE-2013-4480 (Red Hat Satellite 5.6 and earlier does not disable the web interface ...)
+CVE-2013-4480
 	NOT-FOR-US: Red Hat Satellite
-CVE-2013-4479 (lib/sup/message_chunks.rb in Sup before 0.13.2.1 and 0.14.x before ...)
+CVE-2013-4479
 	{DSA-2805-1}
 	- sup-mail 0.12.1+git20120407.aaa852f-1+deb7u1 (bug #728232)
 	NOTE: https://github.com/sup-heliotrope/sup/commit/ca0302e0c716682d2de22e9136400c704cc93e42
-CVE-2013-4478 (Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers ...)
+CVE-2013-4478
 	{DSA-2805-1}
 	- sup-mail 0.12.1+git20120407.aaa852f-1+deb7u1 (bug #728232)
 	NOTE: http://rubyforge.org/pipermail/sup-talk/2013-October/004996.html
 	NOTE: https://github.com/sup-heliotrope/sup/commit/8b46cdbfc14e07ca07d403aa28b0e7bc1c544785
-CVE-2013-4477 (The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, ...)
+CVE-2013-4477
 	- keystone 2013.2-2 (bug #728233)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1242855
-CVE-2013-4476 (Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is ...)
+CVE-2013-4476
 	- samba 2:4.0.11+dfsg-1 (low)
 	[wheezy] - samba <not-affected> (Doesn't provide AD functionality)
 	[squeeze] - samba <not-affected> (Doesn't provide AD functionality)
 	- samba4 <removed> (low)
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4475 (Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and ...)
+CVE-2013-4475
 	{DSA-2812-1}
 	- samba 2:4.0.11+dfsg-1 (low)
 	- samba4 <removed> (low)
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4474 (Format string vulnerability in the extractPages function in ...)
+CVE-2013-4474
 	{DLA-1074-1}
 	- poppler 0.18.4-9 (low; bug #729064)
 	[squeeze] - poppler <not-affected> (pdfseparate not yet present)
-CVE-2013-4473 (Stack-based buffer overflow in the extractPages function in ...)
+CVE-2013-4473
 	{DLA-1074-1}
 	- poppler 0.18.4-9 (low; bug #729064)
 	[squeeze] - poppler <not-affected> (pdfseparate not yet present)
-CVE-2013-4472 (The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 ...)
+CVE-2013-4472
 	- poppler <unfixed> (unimportant)
 	- xpdf <unfixed> (unimportant)
 	NOTE: specific to non-*NIX systems
-CVE-2013-4471 (The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 ...)
+CVE-2013-4471
 	- horizon 2013.2-1
 	[wheezy] - horizon <not-affected> (v3 API introduced in Grizzly)
 	NOTE: https://bugs.launchpad.net/horizon/+bug/1237989
-CVE-2013-4470 (The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is ...)
+CVE-2013-4470
 	{DLA-0015-1}
 	- linux 3.11.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4469 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when ...)
+CVE-2013-4469
 	- nova 2013.2-3 (low; bug #728605)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: CVE for incomplete fix of CVE-2013-2096
-CVE-2013-4468 (VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and ...)
+CVE-2013-4468
 	NOT-FOR-US: VICIDIAL
-CVE-2013-4467 (Multiple SQL injection vulnerabilities in the agent interface (agc/) ...)
+CVE-2013-4467
 	NOT-FOR-US: VICIDIAL
-CVE-2013-4466 (Buffer overflow in the dane_query_tlsa function in the DANE library ...)
+CVE-2013-4466
 	- gnutls26 <not-affected> (only 3.1.x and 3.2.x)
 	- gnutls28 <not-affected> (libdane is not built)
 	NOTE: http://www.gnutls.org/security.html#GNUTLS-SA-2013-3
 	NOTE: Upstream commit for 3.2.x: https://gitlab.com/gnutls/gnutls/commit/ed51e5e53cfbab3103d6b7b85b7ba4515e4f30c3
-CVE-2013-4465 (Unrestricted file upload vulnerability in the avatar upload ...)
+CVE-2013-4465
 	NOT-FOR-US: Simple Machines Forum
 CVE-2013-4464
 	RESERVED
-CVE-2013-4463 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly ...)
+CVE-2013-4463
 	- nova 2013.2-3 (low; bug #728605)
 	[wheezy] - nova <no-dsa> (Minor issue)
 CVE-2013-4462
 	RESERVED
 	NOT-FOR-US: WordPress plugin
-CVE-2013-4461 (SQL injection vulnerability in the web interface for cumin in Red Hat ...)
+CVE-2013-4461
 	NOT-FOR-US: Cumin
-CVE-2013-4460 (Cross-site scripting (XSS) vulnerability in account_sponsor_page.php ...)
+CVE-2013-4460
 	{DSA-3120-1}
 	- mantis <removed> (low; bug #727180)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=16513
-CVE-2013-4459 (LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the ...)
+CVE-2013-4459
 	- lightdm <not-affected> (Only in combination with guest profile, apparmor and 1.8.x branch)
-CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in ...)
+CVE-2013-4458
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.18-1 (low; bug #727181)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	NOTE: https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16072
-CVE-2013-4457 (The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent ...)
+CVE-2013-4457
 	NOT-FOR-US: Cocaine rubygem
 CVE-2013-4456
 	RESERVED
-CVE-2013-4455 (Katello Installer before 0.0.18 uses world-readable permissions for ...)
+CVE-2013-4455
 	NOT-FOR-US: Katello
 CVE-2013-4454
 	RESERVED
 	NOT-FOR-US: WordPress plugin
-CVE-2013-4453 (Cross-site scripting (XSS) vulnerability in templates/login.php in ...)
+CVE-2013-4453
 	- ldap-account-manager 4.4-1 (medium; bug #726976)
 	[wheezy] - ldap-account-manager <no-dsa> (Minor issue)
 	[squeeze] - ldap-account-manager <no-dsa> (Minor issue)
-CVE-2013-4452 (Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions ...)
+CVE-2013-4452
 	NOT-FOR-US: JBoss Operation Network
-CVE-2013-4451 (gitolite commit fa06a34 through 3.5.3 might allow attackers to have ...)
+CVE-2013-4451
 	- gitolite <not-affected> (vulnerable code introduced for v3.5.3)
 	- gitolite3 <not-affected> (vulnerable code introduced for v3.5.3)
-CVE-2013-4450 (The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before ...)
+CVE-2013-4450
 	- nodejs 0.10.21~dfsg1-1 (medium)
 	NOTE: https://github.com/joyent/node/commit/085dd30e93da67362f044ad1b3b6b2d997064692
 	NOTE: http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/
-CVE-2013-4449 (The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not ...)
+CVE-2013-4449
 	{DSA-3209-1 DLA-203-1}
 	- openldap 2.4.39-1.1 (low; bug #729367)
 	[wheezy] - openldap <no-dsa> (Minor issue)
@@ -7907,19 +7907,19 @@ CVE-2013-4449 (The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1019490
 CVE-2013-4448
 	RESERVED
-CVE-2013-4447 (Cross-site scripting (XSS) vulnerability in the API in the Simplenews ...)
+CVE-2013-4447
 	NOT-FOR-US: Simplenews Drupal contributed module
-CVE-2013-4446 (The _json_decode function in plugins/context_reaction_block.inc in the ...)
+CVE-2013-4446
 	NOT-FOR-US: Context Drupal contributed module
-CVE-2013-4445 (The json rendering functionality in the Context module 6.x-2.x before ...)
+CVE-2013-4445
 	NOT-FOR-US: Context Drupal contributed module
-CVE-2013-4444 (Unrestricted file upload vulnerability in Apache Tomcat 7.x before ...)
+CVE-2013-4444
 	- tomcat7 7.0.40-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u3
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1470435
 CVE-2013-4443
 	REJECTED
-CVE-2013-4442 (Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated ...)
+CVE-2013-4442
 	- pwgen 2.07-1 (unimportant; bug #767008)
 	NOTE: /dev/random is universally available, if an attacker can create an environment
 	NOTE: where it's not available that opens a far bigger can of worms
@@ -7927,62 +7927,62 @@ CVE-2013-4441 [Phonemes mode has heavy bias and is enabled by default]
 	RESERVED
 	- pwgen <unfixed> (unimportant; bug #726578)
 	NOTE: pwgen is documented to generate memorable passwords, so this is by design
-CVE-2013-4440 (Password Generator (aka Pwgen) before 2.07 generates weak non-tty ...)
+CVE-2013-4440
 	- pwgen 2.07-1 (unimportant; bug #725507)
 	NOTE: Documented shortcoming
-CVE-2013-4439 (Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote ...)
+CVE-2013-4439
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4438 (Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute ...)
+CVE-2013-4438
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4437 (Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 ...)
+CVE-2013-4437
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4436 (The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 ...)
+CVE-2013-4436
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4435 (Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated ...)
+CVE-2013-4435
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4434 (Dropbear SSH Server before 2013.59 generates error messages for a ...)
+CVE-2013-4434
 	- dropbear 2012.55-1.4 (low; bug #726118)
 	[squeeze] - dropbear <no-dsa> (Minor issue)
 	[wheezy] - dropbear <no-dsa> (Minor issue)
-CVE-2013-4433 (Cross-site scripting (XSS) vulnerability in XHProf before 0.9.4 allows ...)
+CVE-2013-4433
 	- xhprof 0.9.4-1 (bug #726284)
-CVE-2013-4432 (Mahara before 1.5.13, 1.6.x before 1.6.8, and 1.7.x before 1.7.4 does ...)
+CVE-2013-4432
 	- mahara <removed> (low; bug #727539)
 	[squeeze] - mahara <no-dsa> (Minor issue)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5831
 	NOTE: https://gitorious.org/mahara/mahara/commit/0b4952e063f50c001e4c2dfc5749f55258bff952
-CVE-2013-4431 (Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does ...)
+CVE-2013-4431
 	- mahara <removed> (low; bug #727552)
 	[squeeze] - mahara <no-dsa> (Minor issue)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5832
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.5_STABLE/revision/5542
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1233500
-CVE-2013-4430 (Cross-site scripting (XSS) vulnerability in Mahara before 1.5.12, ...)
+CVE-2013-4430
 	- mahara <removed> (unimportant; bug #727548)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5830
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1175446
 	NOTE: Only exploitable during installation
-CVE-2013-4429 (Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does ...)
+CVE-2013-4429
 	- mahara <removed> (low; bug #727545)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5833
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.5_STABLE/revision/5543
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1211758
 	[squeeze] - mahara <no-dsa> (Minor issue)
-CVE-2013-4428 (OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly ...)
+CVE-2013-4428
 	- glance 2013.2-1 (bug #726478)
 	[wheezy] - glance <not-affected> (does not have the download_image)
-CVE-2013-4427 (pyxtrlock before 0.2 does not properly check the return values of the ...)
+CVE-2013-4427
 	NOT-FOR-US: pyxtrlock
-CVE-2013-4426 (pyxtrlock before 0.1 uses an incorrect variable name, which allows ...)
+CVE-2013-4426
 	NOT-FOR-US: pyxtrlock
-CVE-2013-4425 (The DICOM listener in OsiriX before 5.8 and before 2.5-MD, when ...)
+CVE-2013-4425
 	NOT-FOR-US: Osirix
-CVE-2013-4424 (Multiple cross-site scripting (XSS) vulnerabilities in the GateIn ...)
+CVE-2013-4424
 	NOT-FOR-US: GateIn
 CVE-2013-4423
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2013-4422 (SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 ...)
+CVE-2013-4422
 	- quassel 0.9.1-1
 	[wheezy] - quassel <no-dsa> (Issue only relevant if the Qt 4.8.5 fix would be backported)
 	[squeeze] - quassel <not-affected> (qt4-x11 is too old)
@@ -7993,28 +7993,28 @@ CVE-2013-4422 (SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt
 	NOTE: Caused by a change in Qt's postgres driver:
 	NOTE: https://bugreports.qt-project.org/browse/QTBUG-30076
 	NOTE: https://qt.gitorious.org/qt/qtbase/commit/e3c5351d06ce8a12f035cd0627356bc64d8c334a
-CVE-2013-4421 (The buf_decompress function in packet.c in Dropbear SSH Server before ...)
+CVE-2013-4421
 	- dropbear 2012.55-1.4 (low; bug #726019)
 	[squeeze] - dropbear <no-dsa> (Minor issue)
 	[wheezy] - dropbear <no-dsa> (Minor issue)
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f
-CVE-2013-4420 (Multiple directory traversal vulnerabilities in the (1) ...)
+CVE-2013-4420
 	{DSA-2863-1}
 	- libtar 1.2.20-2 (bug #731860)
-CVE-2013-4419 (The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when ...)
+CVE-2013-4419
 	- libguestfs 1:1.22.7-1
 	[wheezy] - libguestfs 1:1.18.1-1+deb7u3
 CVE-2013-4418
 	REJECTED
 CVE-2013-4417
 	REJECTED
-CVE-2013-4416 (The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, ...)
+CVE-2013-4416
 	- xen <not-affected> (ocaml version of the xenstore daemon not used in Debian)
-CVE-2013-4415 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and ...)
+CVE-2013-4415
 	NOT-FOR-US: Red Hat Satellite
-CVE-2013-4414 (Cross-site scripting (XSS) vulnerability in the web interface for ...)
+CVE-2013-4414
 	NOT-FOR-US: Cumin
-CVE-2013-4413 (Directory traversal vulnerability in ...)
+CVE-2013-4413
 	NOT-FOR-US: Wicked Ruby Gem
 CVE-2013-4412 [NULL ptr dereference]
 	RESERVED
@@ -8034,123 +8034,123 @@ CVE-2013-4409 [unsanitized eval() vulnerability]
 	- python-django-djblets <removed> (low)
 	[squeeze] - python-django-djblets <no-dsa> (Minor issue)
 	NOTE: Fix: https://github.com/djblets/djblets/commit/36cd15763742652ca990f913b44e91c69c707269
-CVE-2013-4408 (Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done ...)
+CVE-2013-4408
 	{DSA-2812-1}
 	- samba 2:4.0.13+dfsg-1
 	- samba4 <removed>
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4407 (HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module ...)
+CVE-2013-4407
 	{DSA-2801-1}
 	- libhttp-body-perl 1.17-2 (bug #721634)
 	[squeeze] - libhttp-body-perl <not-affected> (Vulnerable code introduced in 1.08)
-CVE-2013-4406 (The Quick Tabs module 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.2, ...)
+CVE-2013-4406
 	NOT-FOR-US: Quick Tabs Drupal contributed module
-CVE-2013-4405 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2013-4405
 	NOT-FOR-US: Cumin
-CVE-2013-4404 (cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce ...)
+CVE-2013-4404
 	NOT-FOR-US: Cumin
 CVE-2013-4403
 	REJECTED
-CVE-2013-4402 (The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x ...)
+CVE-2013-4402
 	{DSA-2774-1 DSA-2773-1}
 	- gnupg2 2.0.22-1 (bug #725433)
 	- gnupg 1.4.15-1 (bug #725439)
-CVE-2013-4401 (The virConnectDomainXMLToNative API function in libvirt 1.1.0 through ...)
+CVE-2013-4401
 	- libvirt 1.1.4-1 (bug #727101)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c
-CVE-2013-4400 (virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to ...)
+CVE-2013-4400
 	- libvirt 1.1.4-1 (bug #727101)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1015228#c3
-CVE-2013-4399 (The remoteClientFreeFunc function in daemon/remote.c in libvirt before ...)
+CVE-2013-4399
 	- libvirt 1.1.4-1
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.0)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.0)
 CVE-2013-4398
 	REJECTED
-CVE-2013-4397 (Multiple integer overflows in the th_read function in lib/block.c in ...)
+CVE-2013-4397
 	{DSA-2817-1}
 	- libtar 1.2.20-1 (bug #725938)
-CVE-2013-4396 (Use-after-free vulnerability in the doImageText function in ...)
+CVE-2013-4396
 	{DSA-2784-1}
 	- xorg-server 2:1.14.3-4
 CVE-2013-4395
 	RESERVED
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-4394 (The SetX11Keyboard function in systemd, when PolicyKit Local Authority ...)
+CVE-2013-4394
 	{DSA-2777-1}
 	- systemd 204-5 (bug #725357)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=862324
 	NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=0b507b17a760b21e33fc52ff377db6aa5086c680
-CVE-2013-4393 (journald in systemd, when the origin of native messages is set to ...)
+CVE-2013-4393
 	- systemd 204-5 (bug #725357)
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859104
 	NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=1dfa7e79a60de680086b1d93fcc3629b463f58bd
-CVE-2013-4392 (systemd, when updating file permissions, allows local users to change ...)
+CVE-2013-4392
 	- systemd <unfixed> (unimportant; bug #725357)
 	[wheezy] - systemd <not-affected> (/etc/tmpfiles.d not supported in Wheezy)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859060
 	NOTE: only relevant to systems running systemd along with selinux
-CVE-2013-4391 (Integer overflow in the valid_user_field function in ...)
+CVE-2013-4391
 	{DSA-2777-1}
 	- systemd 204-5 (bug #725357)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859051
 	NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e
-CVE-2013-4390 (Open redirect vulnerability in the AbstractAuthenticationFormServlet ...)
+CVE-2013-4390
 	NOT-FOR-US: Apache Sling
-CVE-2013-4389 (Multiple format string vulnerabilities in log_subscriber.rb files in ...)
+CVE-2013-4389
 	{DSA-2888-1 DSA-2887-1}
 	- rails-4.0 <not-affected> (Only affects 3.x)
 	- ruby-actionmailer-3.2 3.2.16-1 (bug #726576)
 	- ruby-actionmailer-2.3 <not-affected> (Only affects 3.x)
 	- rails <not-affected> (Only affects 3.x)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-4388 (Buffer overflow in the mp4a packetizer ...)
+CVE-2013-4388
 	{DSA-2973-1}
 	- vlc 2.1.0-1 (bug #726528)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
-CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not ...)
+CVE-2013-4387
 	{DLA-0015-1}
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	- linux 3.11.5-1
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4386 (Multiple SQL injection vulnerabilities in ...)
+CVE-2013-4386
 	- foreman <itp> (bug #663101)
-CVE-2013-4385 (Buffer overflow in the &quot;read-string!&quot; procedure in the &quot;extras&quot; unit ...)
+CVE-2013-4385
 	- chicken 4.8.0.5-1 (bug #724740; low)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	NOTE: http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=cd1b9775005ebe220ba11265dbf5396142e65f26
-CVE-2013-4384 (Cross-site scripting (XSS) vulnerability in Google Site Search module ...)
+CVE-2013-4384
 	NOT-FOR-US: Drupal module
-CVE-2013-4383 (Cross-site scripting (XSS) vulnerability in the jQuery Countdown ...)
+CVE-2013-4383
 	NOT-FOR-US: Drupal module
 CVE-2013-4382
 	REJECTED
 CVE-2013-4381
 	REJECTED
-CVE-2013-4380 (Cross-site scripting (XSS) vulnerability in the MediaFront module ...)
+CVE-2013-4380
 	NOT-FOR-US: Drupal module
-CVE-2013-4379 (The Make Meeting Scheduler module 6.x-1.x before 6.x-1.3 for Drupal ...)
+CVE-2013-4379
 	NOT-FOR-US: Drupal module
-CVE-2013-4378 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-4378
 	NOT-FOR-US: Javamelody
-CVE-2013-4377 (Use-after-free vulnerability in the virtio-pci implementation in Qemu ...)
+CVE-2013-4377
 	- qemu 1.7.0+dfsg-4
 	[wheezy] - qemu <not-affected> (Introduced in 1.4)
 	[squeeze] - qemu <not-affected> (Introduced in 1.4)
 	- qemu-kvm <not-affected> (Introduced in 1.4)
 	NOTE: patches: http://thread.gmane.org/gmane.comp.emulators.qemu/234440
-CVE-2013-4376 (The setgid wrapper libx2go-server-db-sqlite3-wrapper.c in X2Go Server ...)
+CVE-2013-4376
 	- x2goserver <not-affected> (Fixed with first upload to Debian)
 	NOTE: Fixed by: https://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=42264c88d7885474ebe3763b2991681ddfcfa69a
-CVE-2013-4375 (The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before ...)
+CVE-2013-4375
 	- xen 4.2
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
@@ -8167,58 +8167,58 @@ CVE-2013-4375 (The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x befo
 CVE-2013-4374
 	RESERVED
 	NOT-FOR-US: RHQ MondoDB Drift Server
-CVE-2013-4373 (The storeFiles method in JPADriftServerBean in Red Hat JBoss ...)
+CVE-2013-4373
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2013-4372 (Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management ...)
+CVE-2013-4372
 	NOT-FOR-US: JBoss Fuse
-CVE-2013-4371 (Use-after-free vulnerability in the libxl_list_cpupool function in the ...)
+CVE-2013-4371
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
-CVE-2013-4370 (The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x ...)
+CVE-2013-4370
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
-CVE-2013-4369 (The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and ...)
+CVE-2013-4369
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
-CVE-2013-4368 (The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and ...)
+CVE-2013-4368
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2013-4367
 	RESERVED
 	NOT-FOR-US: ovirt
-CVE-2013-4366 (http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x ...)
+CVE-2013-4366
 	- httpcomponents-client 4.3.2-1
 	[wheezy] - httpcomponents-client <not-affected> (vulnerable code not present)
 	NOTE: http://svn.apache.org/r1528614
-CVE-2013-4365 (Heap-based buffer overflow in the fcgid_header_bucket_read function in ...)
+CVE-2013-4365
 	{DSA-2778-1}
 	- libapache2-mod-fcgid 1:2.3.9-1 (bug #725942)
-CVE-2013-4364 ((1) oo-analytics-export and (2) oo-analytics-import in the ...)
+CVE-2013-4364
 	NOT-FOR-US: OpenShift
-CVE-2013-4363 (Algorithmic complexity vulnerability in ...)
+CVE-2013-4363
 	- rubygems <removed> (unimportant; bug #722361)
 	- libgems-ruby <removed> (unimportant; bug #722361)
 	NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing
 	NOTE: it a potential elevated CPU consumption doesn't add any extra harm
 	NOTE: CVE for incomplete fix for CVE-2013-4287
-CVE-2013-4362 (WEB-DAV Linux File System (davfs2) 1.4.6 and 1.4.7 allow local users ...)
+CVE-2013-4362
 	{DSA-2765-1}
 	- davfs2 1.4.7-3 (bug #723034)
 	NOTE: http://savannah.nongnu.org/bugs/?40034
-CVE-2013-4361 (The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use ...)
+CVE-2013-4361
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2013-4360
 	REJECTED
-CVE-2013-4359 (Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 ...)
+CVE-2013-4359
 	{DSA-2767-1}
 	- proftpd-dfsg 1.3.5~rc3-2.1 (bug #723179)
-CVE-2013-4358 (libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to ...)
+CVE-2013-4358
 	- libav 6:9.1-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
@@ -8234,31 +8234,31 @@ CVE-2013-4357 [getaddrinfo(), glob_in_dir stack overflow]
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=34a9094f49241ebb72084c536cf468fd51ebe3ec
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=c8fc0c91695b1c7003c7170861274161f9224817
 	NOTE: Fixed upstream in 2.14
-CVE-2013-4356 (Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when ...)
+CVE-2013-4356
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Only affects 4.3+)
 	[squeeze] - xen <not-affected> (Only affects 4.3+)
-CVE-2013-4355 (Xen 4.3.x and earlier does not properly handle certain errors, which ...)
+CVE-2013-4355
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4354 (The API before 2.1 in OpenStack Image Registry and Delivery Service ...)
+CVE-2013-4354
 	- glance <unfixed> (unimportant)
 	NOTE: https://bugs.launchpad.net/glance/+bug/1226078
 	NOTE: according to upstream bug there will probably not be a patch for this issue
-CVE-2013-4353 (The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before ...)
+CVE-2013-4353
 	{DSA-2837-1}
 	- openssl 1.0.1f-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.1 to 1.0.1e)
-CVE-2013-4352 (The cache_invalidate function in modules/cache/cache_storage.c in the ...)
+CVE-2013-4352
 	- apache2 2.4.7-1 (low)
 	[wheezy] - apache2 <not-affected> (Only affects 2.4.[56])
 	[squeeze] - apache2 <not-affected> (Only affects 2.4.[56])
-CVE-2013-4351 (GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all ...)
+CVE-2013-4351
 	{DSA-2774-1 DSA-2773-1}
 	- gnupg 1.4.15-1 (low; bug #722722)
 	- gnupg2 2.0.22-1 (low; bug #722724)
-CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel ...)
+CVE-2013-4350
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.11.5-1
 	[wheezy] - linux 3.2.53-1
@@ -8266,26 +8266,26 @@ CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kern
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
 CVE-2013-4349
 	REJECTED
-CVE-2013-4348 (The skb_flow_dissect function in net/core/flow_dissector.c in the ...)
+CVE-2013-4348
 	- linux 3.11.6-2
 	- linux-2.6 <not-affected> (Introduced in 3.2)
 	[wheezy] - linux 3.2.53-2
-CVE-2013-4347 (The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier ...)
+CVE-2013-4347
 	- python-oauth2 <removed> (low; bug #722657)
 	[wheezy] - python-oauth2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/12/5
 	NOTE: https://github.com/simplegeo/python-oauth2/issues/9
-CVE-2013-4346 (The Server.verify_request function in SimpleGeo python-oauth2 does not ...)
+CVE-2013-4346
 	- python-oauth2 <removed> (low; bug #722656)
 	[wheezy] - python-oauth2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/12/5
 	NOTE: https://github.com/simplegeo/python-oauth2/issues/129
-CVE-2013-4345 (Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c ...)
+CVE-2013-4345
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.5-1
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4344 (Buffer overflow in the SCSI implementation in QEMU, as used in Xen, ...)
+CVE-2013-4344
 	{DSA-2933-1 DSA-2932-1}
 	- xen 4.2-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present in the bundled 0.10 qemu)
@@ -8298,27 +8298,27 @@ CVE-2013-4344 (Buffer overflow in the SCSI implementation in QEMU, as used in Xe
 	NOTE: Xen in Squeeze uses a separate source package: xen-qemu-dm-4.0
 	NOTE: Xen in Wheezy includes qemu
 	NOTE: Xen after Wheezy uses qemu-system-x86 from qemu, marking 4.2 as pseudo fixed
-CVE-2013-4343 (Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel ...)
+CVE-2013-4343
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-4342 (xinetd does not enforce the user and group configuration directives ...)
+CVE-2013-4342
 	- xinetd 1:2.3.15-2 (bug #324678)
 	[wheezy] - xinetd 1:2.3.14-7.1+deb7u1
 	[squeeze] - xinetd <no-dsa> (Minor issue)
-CVE-2013-4341 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle through ...)
+CVE-2013-4341
 	- moodle 2.5.2-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4340 (wp-admin/includes/post.php in WordPress before 3.6.1 allows remote ...)
+CVE-2013-4340
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1 (bug #722537)
 	NOTE: http://core.trac.wordpress.org/changeset/25321
-CVE-2013-4339 (WordPress before 3.6.1 does not properly validate URLs before use in ...)
+CVE-2013-4339
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1 (bug #722537)
 	NOTE: http://core.trac.wordpress.org/changeset/25323
 	NOTE: http://core.trac.wordpress.org/changeset/25324
-CVE-2013-4338 (wp-includes/functions.php in WordPress before 3.6.1 does not properly ...)
+CVE-2013-4338
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1 (bug #722537)
 	NOTE: http://core.trac.wordpress.org/changeset/25325
@@ -8335,47 +8335,47 @@ CVE-2013-4334
 CVE-2013-4333
 	RESERVED
 	NOT-FOR-US: OpenPNE
-CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C Library ...)
+CVE-2013-4332
 	{DLA-165-1}
 	- glibc 2.17-93 (bug #722536)
 	- eglibc <removed>
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2013-4331 (Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before ...)
+CVE-2013-4331
 	- lightdm 1.6.2-1 (bug #721744)
 	[wheezy] - lightdm <not-affected> (Introduced in 1.4)
-CVE-2013-4330 (Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, ...)
+CVE-2013-4330
 	NOT-FOR-US: Apache Camel
-CVE-2013-4329 (The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is ...)
+CVE-2013-4329
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <not-affected> (libxl not packaged in squeeze)
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-09/msg00001.html
 CVE-2013-4328
 	REJECTED
-CVE-2013-4327 (systemd does not properly use D-Bus for communication with a polkit ...)
+CVE-2013-4327
 	{DSA-2777-1}
 	- systemd 204-5 (bug #723713)
-CVE-2013-4326 (RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for ...)
+CVE-2013-4326
 	- rtkit 0.10-3 (bug #723714)
 	[wheezy] - rtkit 0.10-2+wheezy1
-CVE-2013-4325 (The check_permission_v1 function in base/pkit.py in HP Linux Imaging ...)
+CVE-2013-4325
 	{DSA-2829-1}
 	- hplip 3.13.9-1 (bug #723716)
-CVE-2013-4324 (spice-gtk 0.14, and possibly other versions, invokes the polkit ...)
+CVE-2013-4324
 	- spice-gtk 0.21-0nocelt1 (low)
 	[wheezy] - spice-gtk <no-dsa> (Minor issue)
 CVE-2013-4323
 	RESERVED
-CVE-2013-4322 (Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before ...)
+CVE-2013-4322
 	{DSA-3530-1 DSA-2897-1 DLA-91-1}
 	- tomcat6 6.0.39
 	- tomcat7 7.0.50
 	- tomcat8 8.0.0
-CVE-2013-4321 (The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x ...)
+CVE-2013-4321
 	- typo3-src <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-4320 (The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x ...)
+CVE-2013-4320
 	- typo3-src <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-4319 (pbs_mom in Terascale Open-Source Resource and Queue Manager (aka ...)
+CVE-2013-4319
 	{DSA-2770-1}
 	- torque 2.4.16+dfsg-1.1 (bug #722306)
 	NOTE: http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html
@@ -8383,27 +8383,27 @@ CVE-2013-4318
 	RESERVED
 	NOT-FOR-US: Ruby gem Features
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/09/9
-CVE-2013-4317 (In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API ...)
+CVE-2013-4317
 	NOT-FOR-US: CloudStack
-CVE-2013-4316 (Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation ...)
+CVE-2013-4316
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.1)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-019.html
-CVE-2013-4315 (Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x ...)
+CVE-2013-4315
 	{DSA-2755-1}
 	- python-django 1.5.3-1 (bug #722605)
-CVE-2013-4314 (The X509Extension in pyOpenSSL before 0.13.1 does not properly handle ...)
+CVE-2013-4314
 	{DSA-2763-1}
 	- pyopenssl 0.13-2.1 (bug #722055)
-CVE-2013-4313 (Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and ...)
+CVE-2013-4313
 	- moodle 2.5.2-1
 	[squeeze] - moodle <not-affected>
-CVE-2013-4312 (The Linux kernel before 4.4.1 allows local users to bypass ...)
+CVE-2013-4312
 	{DSA-3503-1 DSA-3448-1}
 	- linux 4.3.3-6
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/linus/712f4aad406bb1ed67f3f98d04c044191f0ff593 (v4.5-rc1)
 	NOTE: First patch for mitigation in 4.3.3-6, 4.3.5-1 adds a second bit required, that is CVE-2016-2847
-CVE-2013-4311 (libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x ...)
+CVE-2013-4311
 	- libvirt 1.1.3~rc1-1 (unimportant)
 	NOTE: polkit support not activated in Debian build prior to 1.2.9.
 	NOTE: sourcewise support for 3-arg pkcheck syntax in libvirt is included
@@ -8411,22 +8411,22 @@ CVE-2013-4311 (libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9
 	NOTE: to wait for the pu in #726558 for policykit-1/0.105-3+deb7u1 and have a rebuild
 	NOTE: of libvirt then.
 	NOTE: Needs a build dependency on libpolkit-gobject-1-dev
-CVE-2013-4310 (Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass ...)
+CVE-2013-4310
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.1)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-018.html
 CVE-2013-4309
 	RESERVED
-CVE-2013-4308 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-4308
 	NOT-FOR-US: Mediawiki LiquidThreads extension
-CVE-2013-4307 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-4307
 	NOT-FOR-US: Mediawiki Wikibase
-CVE-2013-4306 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-4306
 	NOT-FOR-US: Mediawiki CheckUser extension
-CVE-2013-4305 (Cross-site scripting (XSS) vulnerability in contrib/example.php in the ...)
+CVE-2013-4305
 	- mediawiki-extensions <removed> (unimportant)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49070
 	NOTE: Just an example file
-CVE-2013-4304 (The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x ...)
+CVE-2013-4304
 	NOT-FOR-US: Mediawiki CentralAuth extension
 CVE-2013-4303 [mediawiki XSS with IE6]
 	RESERVED
@@ -8434,85 +8434,85 @@ CVE-2013-4303 [mediawiki XSS with IE6]
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=52746
 	NOTE: IE6 lacks so many security features that this doesn't matter
-CVE-2013-4302 ((1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ...)
+CVE-2013-4302
 	{DSA-2753-1}
 	- mediawiki 1:1.19.8+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49090
-CVE-2013-4301 (includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x ...)
+CVE-2013-4301
 	- mediawiki 1:1.19.8+dfsg-1 (unimportant)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: Full path disclosure irrelevant in Debian
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=46332
-CVE-2013-4300 (The scm_check_creds function in net/core/scm.c in the Linux kernel ...)
+CVE-2013-4300
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users in 3.2)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users in 2.6.32)
-CVE-2013-4299 (Interpretation conflict in drivers/md/dm-snap-persistent.c in the ...)
+CVE-2013-4299
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.6-2
 	[wheezy] - linux 3.2.53-1
 	NOTE: upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca
-CVE-2013-4297 (The virFileNBDDeviceAssociate function in util/virfile.c in libvirt ...)
+CVE-2013-4297
 	- libvirt 1.1.2-2
 	[jessie] - libvirt <not-affected> (Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a)
 	[wheezy] - libvirt <not-affected> (Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a)
 	[squeeze] - libvirt <not-affected> (Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=2dba0323ff0cec31bdcea9dd3b2428af297401f2
 	NOTE: Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a, 1.0.6
-CVE-2013-4296 (The remoteDispatchDomainMemoryStats function in daemon/remote.c in ...)
+CVE-2013-4296
 	{DSA-2764-1}
 	- libvirt 1.1.4-1
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present, introduced by commit 158ba8730e44b7dd07a21ab90499996c5dec080a)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=158ba8730e44b7dd07a21ab90499996c5dec080a
 	NOTE: Fix: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=e7f400a110e2e3673b96518170bfea0855dd82c0
-CVE-2013-4295 (The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote ...)
+CVE-2013-4295
 	NOT-FOR-US: Apache Shindig
-CVE-2013-4294 (The (1) mamcache and (2) KVS token backends in OpenStack Identity ...)
+CVE-2013-4294
 	- keystone 2013.1.3-2 (bug #722505)
 	[wheezy] - keystone <not-affected> (only affects Folsom release and above)
-CVE-2013-4293 (The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs ...)
+CVE-2013-4293
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2013-4292 (libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of ...)
+CVE-2013-4292
 	- libvirt 1.1.2~rc2-1 (bug #721325)
 	[jessie] - libvirt <not-affected> (Introduced with 1.1.0)
 	[wheezy] - libvirt <not-affected> (Introduced with 1.1.0)
 	[squeeze] - libvirt <not-affected> (Introduced with 1.1.0)
-CVE-2013-4291 (The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, ...)
+CVE-2013-4291
 	- libvirt 1.1.2-2
 	[jessie] - libvirt <not-affected> (vulnerable code not introduced, introduced in 1.1.1)
 	[wheezy] - libvirt <not-affected> (vulnerable code not introduced, introduced in 1.1.1)
 	[squeeze] - libvirt <not-affected> (vulnerable code not introduced, introduced in 1.1.1)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=745aa55fbf3e076c4288d5ec3239f5a5d43508a6
-CVE-2013-4290 (Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote ...)
+CVE-2013-4290
 	- openjpeg <removed> (unimportant; bug #722540)
 	NOTE: JP3D code not built in the binary package, see #722540
-CVE-2013-4289 (Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before ...)
+CVE-2013-4289
 	- openjpeg <removed> (unimportant; bug #722540)
 	NOTE: JP3D code not built in the binary package, see #722540
-CVE-2013-4288 (Race condition in PolicyKit (aka polkit) allows local users to bypass ...)
+CVE-2013-4288
 	- policykit-1 0.105-3+nmu1 (low; bug #723717)
 	[squeeze] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API)
 	[wheezy] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API)
-CVE-2013-4287 (Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN ...)
+CVE-2013-4287
 	- rubygems <removed> (unimportant; bug #722361)
 	- libgems-ruby <removed> (unimportant; bug #722361)
 	NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing
 	NOTE: it a potential elevated CPU consumption doesn't add any extra harm
-CVE-2013-4286 (Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before ...)
+CVE-2013-4286
 	{DSA-3530-1 DSA-2897-1 DLA-91-1}
 	- tomcat6 6.0.39
 	- tomcat7 7.0.47
 	- tomcat8 8.0.0
-CVE-2013-4285 (A certain Gentoo patch for the PAM S/Key module does not properly ...)
+CVE-2013-4285
 	NOT-FOR-US: pam_skey
-CVE-2013-4284 (Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers ...)
+CVE-2013-4284
 	NOT-FOR-US: Cumin
-CVE-2013-4283 (ns-slapd in 389 Directory Server before 1.3.0.8 allows remote ...)
+CVE-2013-4283
 	- 389-ds-base 1.3.2.9-1 (bug #721222)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=999634
-CVE-2013-4282 (Stack-based buffer overflow in the reds_handle_ticket function in ...)
+CVE-2013-4282
 	{DSA-2839-1}
 	- spice 0.12.4-0nocelt2 (bug #728314)
 	NOTE: http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2
@@ -8521,18 +8521,18 @@ CVE-2013-4281
 CVE-2013-4280
 	RESERVED
 	- vdsm <itp> (bug #668538)
-CVE-2013-4279 (imapsync 1.564 and earlier performs a release check by default, which ...)
+CVE-2013-4279
 	- imapsync <removed>
-CVE-2013-4278 (The &quot;create an instance&quot; API in OpenStack Compute (Nova) Folsom, ...)
+CVE-2013-4278
 	- nova 2013.1.3-1 (bug #720602)
 	[wheezy] - nova <not-affected> (Affected code not present)
 	NOTE: incomplete fix for CVE-2013-2256
-CVE-2013-4277 (Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through ...)
+CVE-2013-4277
 	- subversion 1.7.13-1 (low; bug #721542)
 	[squeeze] - subversion <no-dsa> (Minor issue, PID file not created by default)
 	[wheezy] - subversion <no-dsa> (Minor issue, PID file not created by default)
 	NOTE: http://subversion.apache.org/security/CVE-2013-4277-advisory.txt
-CVE-2013-4276 (Multiple stack-based buffer overflows in LittleCMS (aka lcms or ...)
+CVE-2013-4276
 	- lcms 1.19.dfsg1-1.3 (low; bug #718682)
 	[squeeze] - lcms <no-dsa> (Minor issue)
 	[wheezy] - lcms 1.19.dfsg2-1.2+deb7u1
@@ -8540,15 +8540,15 @@ CVE-2013-4276 (Multiple stack-based buffer overflows in LittleCMS (aka lcms or .
 CVE-2013-4275
 	RESERVED
 	NOT-FOR-US: Drupal contributed module Zen
-CVE-2013-4274 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2013-4274
 	NOT-FOR-US: Drupal addon
-CVE-2013-4273 (The Entity API module 7.x-1.x before 7.x-1.2 for Drupal does not ...)
+CVE-2013-4273
 	NOT-FOR-US: Drupal contributed module Entity API
-CVE-2013-4272 (The BOTCHA Spam Prevention module 7.x-1.x before 7.x-1.6, 7.x-2.x ...)
+CVE-2013-4272
 	NOT-FOR-US: Drupal addon
-CVE-2013-4271 (The default configuration of the ObjectRepresentation class in Restlet ...)
+CVE-2013-4271
 	- restlet <itp> (bug #596472)
-CVE-2013-4270 (The net_ctl_permissions function in net/sysctl_net.c in the Linux ...)
+CVE-2013-4270
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
@@ -8565,44 +8565,44 @@ CVE-2013-4267
 	- ajaxplorer <itp> (bug #668381)
 CVE-2013-4266
 	REJECTED
-CVE-2013-4265 (The av_reallocp_array function in libavutil/mem.c in FFmpeg before ...)
+CVE-2013-4265
 	- ffmpeg <not-affected> (Affected function codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected function not present in libav)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c94f9e854228e0ea00e1de8769d8d3f7cab84a55
-CVE-2013-4264 (The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before ...)
+CVE-2013-4264
 	- ffmpeg <not-affected> (g2meet codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (g2meet codec not present in libav)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2960576378d17d71cc8dccc926352ce568b5eec1
-CVE-2013-4263 (libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote ...)
+CVE-2013-4263
 	- ffmpeg <not-affected> (Affected video filters not present in ffmpeg 0.5)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e43a0a232dbf6d3c161823c2e07c52e76227a1bc
 	NOTE: [Anton] the report and the fix appear completely bogus, likely working around bugs from completely different parts of the code; most probably not present in any libav release
-CVE-2013-4262 (svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile ...)
+CVE-2013-4262
 	- subversion 1.8.5-1 (unimportant)
 	NOTE: Optional admin-side utilities in Subversion 1.8.x
-CVE-2013-4261 (OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using ...)
+CVE-2013-4261
 	- nova 2013.2-1 (low)
 	[wheezy] - nova <no-dsa> (Will be fixed in a point update)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1215091/comments/10 (relevant question for other components)
 	NOTE: probably does not affect Essex/2012.1, see https://bugs.launchpad.net/nova/+bug/1215091/comments/6
-CVE-2013-4260 (lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when ...)
+CVE-2013-4260
 	- ansible <not-affected> (affected code introduced with ansible 1.2)
-CVE-2013-4259 (runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ...)
+CVE-2013-4259
 	- ansible 1.3.4+dfsg-1 (bug #721766)
 	NOTE: upstream commit: https://github.com/ansible/ansible/commit/6bf5d195065bc23b5fc72ba690d7ed45f228aaf0
-CVE-2013-4258 (Format string vulnerability in the osLogMsg function in ...)
+CVE-2013-4258
 	{DSA-2771-1}
 	- nas 1.9.3-6 (bug #720287)
 CVE-2013-4257 [Heap Overflow]
 	REJECTED
-CVE-2013-4256 (Multiple stack-based and heap-based buffer overflows in Network Audio ...)
+CVE-2013-4256
 	{DSA-2771-1}
 	- nas 1.9.3-6 (bug #720287)
-CVE-2013-4255 (The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier ...)
+CVE-2013-4255
 	- condor 8.0.5~dfsg.1-1 (bug #721693)
 	[wheezy] - condor <no-dsa> (Minor issue)
-CVE-2013-4254 (The validate_event function in arch/arm/kernel/perf_event.c in the ...)
+CVE-2013-4254
 	- linux 3.10.11-1
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (No perf support on arm)
@@ -8617,53 +8617,53 @@ CVE-2013-4251 [weave /tmp and current directory issues]
 	[wheezy] - python-scipy <no-dsa> (Minor issue)
 	[squeeze] - python-scipy 0.7.2+dfsg1-1+deb6u1
 	NOTE: https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973
-CVE-2013-4250 (The (1) file upload component and (2) File Abstraction Layer (FAL) in ...)
+CVE-2013-4250
 	- typo3-src <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-4249 (Cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget ...)
+CVE-2013-4249
 	- python-django 1.5.2-1
 	[wheezy] - python-django <not-affected> (1.4.x not affected)
 	[squeeze] - python-django <not-affected> (1.2.x not affected)
 	NOTE: problem introduced with https://github.com/django/django/commit/ac2052ebc84c45709ab5f0f25e685bf656ce79bc
-CVE-2013-4248 (The openssl_x509_parse function in openssl.c in the OpenSSL module in ...)
+CVE-2013-4248
 	{DSA-2742-1}
 	- php5 5.5.3+dfsg-1 (bug #719765)
 	NOTE: fix in 5.5.2 incomplete, see http://php.net/ChangeLog-5.php
-CVE-2013-4247 (Off-by-one error in the build_unc_path_to_root function in ...)
+CVE-2013-4247
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 	- linux 3.9.6-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
-CVE-2013-4246 (libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might ...)
+CVE-2013-4246
 	- subversion <not-affected> (only affects 1.8.0 and 1.8.1)
 CVE-2013-4245 [Arbitrary code execution due to insecure CWD Python module load]
 	RESERVED
 	- gnome-orca <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2013-4244 (The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier ...)
+CVE-2013-4244
 	{DSA-2744-1}
 	- tiff 4.0.3-3
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
-CVE-2013-4243 (Heap-based buffer overflow in the readgifimage function in the ...)
+CVE-2013-4243
 	{DSA-2965-1 DLA-0013-1}
 	- tiff 4.0.3-9 (low; bug #742917)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	[squeeze] - tiff 3.9.4-5+squeeze11
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2451
-CVE-2013-4242 (GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x ...)
+CVE-2013-4242
 	{DSA-2731-1 DSA-2730-1}
 	- gnupg 1.4.14-1 (bug #717880)
 	- libgcrypt11 1.5.3-1
 CVE-2013-4241
 	RESERVED
 	NOT-FOR-US: WordPress plugin HMS Testimonials
-CVE-2013-4240 (Multiple cross-site request forgery (CSRF) vulnerabilities in the HMS ...)
+CVE-2013-4240
 	NOT-FOR-US: WordPress plugin HMS Testimonials
-CVE-2013-4239 (The xenDaemonListDefinedDomains function in xen/xend_internal.c in ...)
+CVE-2013-4239
 	- libvirt 1.1.2~rc1-1 (bug #719533)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.1)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.1)
 	NOTE: Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=632180d1
 	NOTE: Fixed by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0e671a16
-CVE-2013-4238 (The ssl.match_hostname function in the SSL module in Python 2.6 ...)
+CVE-2013-4238
 	{DSA-2880-1 DLA-25-1}
 	- python2.5 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
@@ -8677,35 +8677,35 @@ CVE-2013-4238 (The ssl.match_hostname function in the SSL module in Python 2.6 .
 	- python3.3 3.3.2-6 (low; bug #719567)
 	NOTE: http://bugs.python.org/issue18709
 	NOTE: https://bugs.mageia.org/show_bug.cgi?id=10989
-CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) ...)
+CVE-2013-4237
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-94 (bug #719558)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=14699
 	NOTE: http://sourceware.org/ml/libc-alpha/2013-05/msg00445.html
-CVE-2013-4236 (VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged ...)
+CVE-2013-4236
 	- vdsm <itp> (bug #668538)
 CVE-2013-4235 [TOCTOU race conditions by copying and removing directory trees]
 	RESERVED
 	- shadow <unfixed> (unimportant; bug #778950)
-CVE-2013-4234 (Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) ...)
+CVE-2013-4234
 	{DSA-2751-1}
 	- libmodplug 1:0.8.8.4-4 (bug #719462)
-CVE-2013-4233 (Integer overflow in the abc_set_parts function in load_abc.cpp in ...)
+CVE-2013-4233
 	{DSA-2751-1}
 	- libmodplug 1:0.8.8.4-4 (bug #719462)
-CVE-2013-4232 (Use-after-free vulnerability in the t2p_readwrite_pdf_image function ...)
+CVE-2013-4232
 	{DSA-2744-1}
 	- tiff 4.0.3-2 (bug #719303)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
-CVE-2013-4231 (Multiple buffer overflows in libtiff before 4.0.3 allow remote ...)
+CVE-2013-4231
 	{DSA-2744-1}
 	- tiff 4.0.3-2 (bug #719303)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
-CVE-2013-4230 (The mm_webform submodule in the Monster Menus module 6.x-6.x before ...)
+CVE-2013-4230
 	NOT-FOR-US: Monster Menus Drupal contributed module
-CVE-2013-4229 (Cross-site scripting (XSS) vulnerability in the Monster Menus module ...)
+CVE-2013-4229
 	NOT-FOR-US: Monster Menus Drupal contributed module
 CVE-2013-4228
 	RESERVED
@@ -8722,120 +8722,120 @@ CVE-2013-4225
 CVE-2013-4224
 	RESERVED
 	NOTE: Dublicate of CVE-2013-4187, thus rejected
-CVE-2013-4223 (The Gentoo Nullmailer package before 1.11-r2 uses world-readable ...)
+CVE-2013-4223
 	- nullmailer 1:1.11-2 (low; bug #684619)
 	[squeeze] - nullmailer <no-dsa> (Minor issue)
 	NOTE: CVE originally for /etc/nullmailer/remotes permissions in gentoo, but Debian
 	NOTE: had the same problem until 1:1.11-2
-CVE-2013-4222 (OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, ...)
+CVE-2013-4222
 	- keystone 2013.1.3-1 (bug #719290)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present in Openstack Essex)
 	NOTE: http://lists.openstack.org/pipermail/openstack-security/2013-August/000263.html
-CVE-2013-4221 (The default configuration of the ObjectRepresentation class in Restlet ...)
+CVE-2013-4221
 	- restlet <itp> (bug #596472)
 	NOTE: http://blog.diniscruz.com/2013/08/using-xmldecoder-to-execute-server-side.html
 	NOTE: https://github.com/o2platform/DefCon_RESTing
-CVE-2013-4220 (The bad_mode function in arch/arm64/kernel/traps.c in the Linux kernel ...)
+CVE-2013-4220
 	- linux-2.6 <not-affected> (ARM64 not supported)
 	- linux <not-affected> (ARM64 not yet supported)
-CVE-2013-4219 (Multiple integer overflows in the Intel WiMAX Network Service through ...)
+CVE-2013-4219
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4218 (The InitMethodAndPassword function in ...)
+CVE-2013-4218
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4217 (The OSAL_Crypt_SetEncryptedPassword function in ...)
+CVE-2013-4217
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4216 (The Trace_OpenLogFile function in ...)
+CVE-2013-4216
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4215 (The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins ...)
+CVE-2013-4215
 	- nagios-plugins 1.4.16+git20130902-1 (unimportant)
 	NOTE: vulnerable code present, but check_ipxping is neither built nor installed
 	- monitoring-plugins <not-affected> (Fixed before initial upload to Debian)
 	NOTE: contrib/check_ipxping removed from src:monitoring-pluging before the
 	NOTE: initial upload to Debian after the source package rename.
-CVE-2013-4214 (rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when ...)
+CVE-2013-4214
 	- nagios3 3.5.1-1 (low; bug #719056)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	[squeeze] - nagios3 <not-affected> (html/rss-newsfeed.php not present)
 	NOTE: fixed by removing html/rss-newsfeed.php completely
 	NOTE: http://anonscm.debian.org/gitweb/?p=pkg-nagios/pkg-nagios3.git;a=commit;h=c88bef82308c99601732bb9517a1af5bc6928282
-CVE-2013-4213 (Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not ...)
+CVE-2013-4213
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-4212 (Certain getText methods in the ActionSupport controller in Apache ...)
+CVE-2013-4212
 	NOT-FOR-US: Apache Roller
 CVE-2013-4211
 	RESERVED
 	NOT-FOR-US: OpenX
-CVE-2013-4210 (The org.jboss.remoting.transport.socket.ServerThread class in Red Hat ...)
+CVE-2013-4210
 	NOT-FOR-US: JBoss Remoting
-CVE-2013-4209 (Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to ...)
+CVE-2013-4209
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2013-4208 (The rsa_verify function in PuTTY before 0.63 (1) does not clear ...)
+CVE-2013-4208
 	{DSA-2736-1}
 	- putty 0.63-1
 	- filezilla 3.7.3-1 (low; bug #719070)
 	[squeeze] - filezilla <no-dsa> (Minor issue)
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html
-CVE-2013-4207 (Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH ...)
+CVE-2013-4207
 	{DSA-2736-1}
 	- putty 0.63-1
 	- filezilla 3.7.3-1 (low; bug #719070)
 	[squeeze] - filezilla <no-dsa> (Minor issue)
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html
-CVE-2013-4206 (Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY ...)
+CVE-2013-4206
 	{DSA-2736-1}
 	- putty 0.63-1
 	- filezilla 3.7.3-1 (low; bug #719070)
 	[squeeze] - filezilla <no-dsa> (Minor issue)
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
-CVE-2013-4205 (Memory leak in the unshare_userns function in kernel/user_namespace.c ...)
+CVE-2013-4205
 	- linux 3.10.7-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-4204 (Multiple cross-site scripting (XSS) vulnerabilities in the JUnit files ...)
+CVE-2013-4204
 	- gwt <removed> (low)
 	[squeeze] - gwt <no-dsa> (Minor issue)
 	NOTE: http://www.gwtproject.org/release-notes.html#Release_Notes_2_5_1_RC1
-CVE-2013-4203 (The self.run_gpg function in lib/rgpg/gpg_helper.rb in the rgpg gem ...)
+CVE-2013-4203
 	NOT-FOR-US: Ruby Rgpg Gem
-CVE-2013-4202 (The (1) backup (api/contrib/backups.py) and (2) volume transfer ...)
+CVE-2013-4202
 	- cinder 2013.1.2-4 (bug #719118)
-CVE-2013-4201 (Katello allows remote authenticated users to call the &quot;system ...)
+CVE-2013-4201
 	NOT-FOR-US: Katello
-CVE-2013-4200 (The isURLInPortal method in the URLTool class in in_portal.py in Plone ...)
+CVE-2013-4200
 	NOT-FOR-US: Plone
-CVE-2013-4199 ((1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, ...)
+CVE-2013-4199
 	NOT-FOR-US: Plone
-CVE-2013-4198 (mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and ...)
+CVE-2013-4198
 	NOT-FOR-US: Plone
-CVE-2013-4197 (member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and ...)
+CVE-2013-4197
 	NOT-FOR-US: Plone
-CVE-2013-4196 (The object manager implementation (objectmanager.py) in Plone 2.1 ...)
+CVE-2013-4196
 	NOT-FOR-US: Plone
-CVE-2013-4195 (Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) ...)
+CVE-2013-4195
 	NOT-FOR-US: Plone
-CVE-2013-4194 (The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x ...)
+CVE-2013-4194
 	NOT-FOR-US: Plone
-CVE-2013-4193 (typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and ...)
+CVE-2013-4193
 	NOT-FOR-US: Plone
-CVE-2013-4192 (sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x ...)
+CVE-2013-4192
 	NOT-FOR-US: Plone
-CVE-2013-4191 (zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x ...)
+CVE-2013-4191
 	NOT-FOR-US: Plone
-CVE-2013-4190 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2013-4190
 	NOT-FOR-US: Plone
-CVE-2013-4189 (Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, ...)
+CVE-2013-4189
 	NOT-FOR-US: Plone
-CVE-2013-4188 (traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x ...)
+CVE-2013-4188
 	NOT-FOR-US: Plone
 CVE-2013-4187 [Access Bypass]
 	RESERVED
 	NOT-FOR-US: Flippy Contributed Drupal module
 CVE-2013-4186
 	REJECTED
-CVE-2013-4185 (Algorithmic complexity vulnerability in OpenStack Compute (Nova) ...)
+CVE-2013-4185
 	- nova 2013.1.2-3 (low; bug #718907)
 	[wheezy] - nova <no-dsa> (Minor issue)
 CVE-2013-4184 [symlink attacks]
@@ -8843,21 +8843,21 @@ CVE-2013-4184 [symlink attacks]
 	- libdata-uuid-perl <unfixed> (unimportant; bug #718949)
 	NOTE: https://github.com/rjbs/Data-UUID/issues/5
 	NOTE: Neutralised by kernel temp hardening
-CVE-2013-4183 (The clear_volume function in LVMVolumeDriver driver in OpenStack ...)
+CVE-2013-4183
 	- cinder 2013.1.2-4 (bug #719010)
-CVE-2013-4182 (app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 ...)
+CVE-2013-4182
 	- foreman <itp> (bug #663101)
-CVE-2013-4181 (Cross-site scripting (XSS) vulnerability in the addAlert function in ...)
+CVE-2013-4181
 	NOT-FOR-US: ovirt
-CVE-2013-4180 (The (1) power and (2) ipmi_boot actions in the HostController in ...)
+CVE-2013-4180
 	- foreman <itp> (bug #663101)
-CVE-2013-4179 (The security group extension in OpenStack Compute (Nova) Grizzly ...)
+CVE-2013-4179
 	- nova 2013.1.3-1
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	NOTE: CVE for incomplete fix applied for CVE-2013-1664
-CVE-2013-4178 (The Google Authenticator login module 6.x-1.x before 6.x-1.2 and ...)
+CVE-2013-4178
 	NOT-FOR-US: GA Login Drupal contributed module
-CVE-2013-4177 (The Google Authenticator login module 6.x-1.x before 6.x-1.2 and ...)
+CVE-2013-4177
 	NOT-FOR-US: GA Login Drupal contributed module
 CVE-2013-4176 [information disclosure]
 	RESERVED
@@ -8865,19 +8865,19 @@ CVE-2013-4176 [information disclosure]
 CVE-2013-4175 [local denial of service]
 	RESERVED
 	NOT-FOR-US: MySecureShell
-CVE-2013-4174 (Multiple cross-site scripting (XSS) vulnerabilities in the Scald ...)
+CVE-2013-4174
 	NOT-FOR-US: Scald Drupal contributed module
-CVE-2013-4173 (Directory traversal vulnerability in the trend-data daemon ...)
+CVE-2013-4173
 	- xymon 4.3.17-2 (bug #717895)
 	[wheezy] - xymon <no-dsa> (Not remotely exploitable in Debian default config)
 	[squeeze] - xymon <no-dsa> (Not remotely exploitable in Debian default config)
-CVE-2013-4172 (The Red Hat CloudForms Management Engine 5.1 allow remote ...)
+CVE-2013-4172
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2013-4171 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller ...)
+CVE-2013-4171
 	NOT-FOR-US: Apache Roller
 CVE-2013-4170
 	RESERVED
-CVE-2013-4169 (GNOME Display Manager (gdm) before 2.21.1 allows local users to change ...)
+CVE-2013-4169
 	- gdm <removed> (unimportant)
 	- gdm3 <not-affected> (Only affected older gdm < 2.21.1)
 	NOTE: In Debian /tmp/.X11-unix is created by  /etc/init.d/x11-common
@@ -8887,33 +8887,33 @@ CVE-2013-4168 [start and end time fields not filtered]
 	- smokeping 2.6.8-2 (low)
 	[squeeze] - smokeping <no-dsa> (Minor issue)
 	NOTE: https://github.com/oetiker/SmokePing/commit/bad9f9c28f0939b269f90072aa4cf41f20f15563
-CVE-2013-4167 (Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) ...)
+CVE-2013-4167
 	- cmsms <itp> (bug #608888)
 CVE-2013-4166 [problem in GPG key selection when encrypting mail]
 	RESERVED
 	- evolution <unfixed> (unimportant)
 	NOTE: Regular UI bug, not a security issue.
-CVE-2013-4165 (The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 ...)
+CVE-2013-4165
 	- bitcoin 0.8.4-1 (bug #717828)
 	NOTE: https://github.com/bitcoin/bitcoin/issues/2838
-CVE-2013-4164 (Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 ...)
+CVE-2013-4164
 	{DSA-2810-1 DSA-2809-1}
 	- ruby1.8 1.8.7.358-9 (bug #730189)
 	- ruby1.9.1 1.9.3.484-1 (bug #730178)
 	- ruby2.0 2.0.0.353-1 (bug #730190)
 	NOTE: https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
-CVE-2013-4163 (The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 ...)
+CVE-2013-4163
 	{DSA-2745-1}
 	- linux 3.10.5-1
 	- linux-2.6 <not-affected> (Introduced in 3.5)
-CVE-2013-4162 (The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 ...)
+CVE-2013-4162
 	{DSA-2906-1 DSA-2745-1}
 	- linux 3.10.5-1 (low)
 	- linux-2.6 <removed> (low)
 CVE-2013-4161
 	RESERVED
 	- gksu-polkit <not-affected> (CVE for improperly applied fix for CVE-2012-5617 on Red Hat)
-CVE-2013-4160 (Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other ...)
+CVE-2013-4160
 	- lcms 1.19.dfsg1-1.3 (low; bug #728208)
 	[squeeze] - lcms <no-dsa> (Minor issue)
 	[wheezy] - lcms 1.19.dfsg2-1.2+deb7u1
@@ -8921,7 +8921,7 @@ CVE-2013-4160 (Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly
 	[wheezy] - lcms2 2.2+git20110628-2.2+deb7u1
 	NOTE: https://github.com/mm2/Little-CMS/commit/91c2db7f2559be504211b283bc3a2c631d6f06d9
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=826097#c9
-CVE-2013-4159 (ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary ...)
+CVE-2013-4159
 	- ctdb 2.5.1+debian0-1 (bug #749840)
 	[wheezy] - ctdb <no-dsa> (Minor issue)
 	[squeeze] - ctdb <no-dsa> (Minor issue)
@@ -8930,59 +8930,59 @@ CVE-2013-4158
 	- smokeping <not-affected> (fix for CVE-2012-0790/DSA-2651-1 uses regexp from 2.6.9 upstream release)
 	NOTE: CVE is for incomplete fix for CVE-2012-0790
 	NOTE: Debian package applied already the more complete fix, see #659899
-CVE-2013-4157 (Red Hat Storage 2.0 allows local users to overwrite arbitrary files ...)
+CVE-2013-4157
 	NOT-FOR-US: Red Hat Storage Server
-CVE-2013-4156 (Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to ...)
+CVE-2013-4156
 	- libreoffice 1:4.1.0-1 (unimportant)
 	[wheezy] - libreoffice <ignored> (Minor issue)
 	- openoffice.org <removed> (unimportant)
 	NOTE: Harmless crash
-CVE-2013-4155 (OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows ...)
+CVE-2013-4155
 	{DSA-2737-1}
 	- swift 1.8.0-7 (bug #719008)
-CVE-2013-4154 (The qemuAgentCommand function in libvirt before 1.1.1, when a guest ...)
+CVE-2013-4154
 	- libvirt 1.1.0-4 (low; bug #717355)
 	[squeeze] - libvirt <not-affected> (only affects >= 1.1.0)
 	[wheezy] - libvirt <not-affected> (only affects >= 1.1.0)
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=d47eff88fe50e43a36671f6d8d0eeda52835d5e0 (v1.1.0)
 	NOTE: http://openwall.com/lists/oss-security/2013/07/19/12
-CVE-2013-4153 (Double free vulnerability in the qemuAgentGetVCPUs function in ...)
+CVE-2013-4153
 	- libvirt 1.1.0-4 (bug #717354)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.0.6)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.0.6)
 	NOTE: http://openwall.com/lists/oss-security/2013/07/19/11
-CVE-2013-4152 (The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, ...)
+CVE-2013-4152
 	{DSA-2842-1}
 	- libspring-java 3.0.6.RELEASE-10 (low; bug #720902)
-CVE-2013-4151 (The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 ...)
+CVE-2013-4151
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4150 (The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 ...)
+CVE-2013-4150
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4149 (Buffer overflow in virtio_net_load function in net/virtio-net.c in ...)
+CVE-2013-4149
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4148 (Integer signedness error in the virtio_net_load function in ...)
+CVE-2013-4148
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4147 (Multiple format string vulnerabilities in Yet Another Radius Daemon ...)
+CVE-2013-4147
 	- yardradius <removed> (low; bug #714612)
 	[squeeze] - yardradius <no-dsa> (Minor issue)
 	[wheezy] - yardradius <no-dsa> (Minor issue)
@@ -8992,30 +8992,30 @@ CVE-2013-4145
 	REJECTED
 CVE-2013-4144
 	RESERVED
-CVE-2013-4143 (The (1) checkPasswd and (2) checkGroupXlockPasswds functions in ...)
+CVE-2013-4143
 	- xlockmore <removed>
 	NOTE: http://openwall.com/lists/oss-security/2013/07/16/8
 CVE-2013-4142
 	REJECTED
 CVE-2013-4141
 	REJECTED
-CVE-2013-4140 (Cross-site scripting (XSS) vulnerability in the TinyBox (Simple ...)
+CVE-2013-4140
 	NOT-FOR-US: TinyBox Drupal contributed module
-CVE-2013-4139 (The Stage File Proxy module 7.x-1.x before 7.x-1.4 for Drupal allows ...)
+CVE-2013-4139
 	NOT-FOR-US: Stage File Proxy Drupal contributed module
-CVE-2013-4138 (Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x ...)
+CVE-2013-4138
 	NOT-FOR-US: Hatch Drupal contributed module
-CVE-2013-4137 (Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 ...)
+CVE-2013-4137
 	- statusnet <itp> (bug #491723)
-CVE-2013-4136 (ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 ...)
+CVE-2013-4136
 	- passenger 3.0.13debian-1.2
 	- ruby-passenger 3.0.13debian-1.2 (low; bug #717176)
 	[squeeze] - passenger <no-dsa> (minor, local, issue)
 	[wheezy] - ruby-passenger 3.0.13debian-1+deb7u1
-CVE-2013-4135 (The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt ...)
+CVE-2013-4135
 	{DSA-2729-1}
 	- openafs 1.6.5-1
-CVE-2013-4134 (OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 ...)
+CVE-2013-4134
 	{DSA-2729-1}
 	- openafs 1.6.5-1
 CVE-2013-4133 [memory leak]
@@ -9023,37 +9023,37 @@ CVE-2013-4133 [memory leak]
 	- kde-workspace 4:4.10.5-3 (unimportant; bug #717180)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=314919
 	NOTE: Plain bug, security implication rather far-fetched
-CVE-2013-4132 (KDE-Workspace 4.10.5 and earlier does not properly handle the return ...)
+CVE-2013-4132
 	- kde-workspace 4:4.10.5-3 (bug #717180)
 	[wheezy] - kde-workspace <not-affected> (Only exploitable with glibc 2.17)
 	- kdebase-workspace <not-affected> (Only exploitable with glibc 2.17)
 	NOTE: https://git.reviewboard.kde.org/r/111261/
 	NOTE: https://projects.kde.org/projects/kde/kde-workspace/repository/revisions/45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7
 	NOTE: only relevant with eglibc >= 2.17.
-CVE-2013-4131 (The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through ...)
+CVE-2013-4131
 	- subversion 1.7.13-1 (bug #717794)
 	[squeeze] - subversion <not-affected> (Only affects >= 1.7)
 	[wheezy] - subversion <not-affected> (Only affects >= 1.7)
-CVE-2013-4130 (The (1) red_channel_pipes_add_type and (2) ...)
+CVE-2013-4130
 	{DSA-2839-1}
 	- spice 0.12.4-0nocelt1 (low; bug #717030)
 	[wheezy] - spice <no-dsa> (Minor issue)
-CVE-2013-4129 (The bridge multicast implementation in the Linux kernel through 3.10.3 ...)
+CVE-2013-4129
 	- linux <not-affected> (Introduced in 3.11-rc1)
 	- linux-2.6 <not-affected> (Introduced in 3.11-rc1)
-CVE-2013-4128 (Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not ...)
+CVE-2013-4128
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-4127 (Use-after-free vulnerability in the vhost_net_set_backend function in ...)
+CVE-2013-4127
 	- linux 3.10.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 CVE-2013-4126
 	RESERVED
-CVE-2013-4125 (The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack ...)
+CVE-2013-4125
 	- linux 3.10.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
-CVE-2013-4124 (Integer overflow in the read_nttrans_ea_list function in nttrans.c in ...)
+CVE-2013-4124
 	- samba 2:3.6.17-1 (low)
 	[wheezy] - samba 2:3.6.6-6+deb7u1
 	[squeeze] - samba 2:3.5.6~dfsg-3squeeze10
@@ -9062,13 +9062,13 @@ CVE-2013-4124 (Integer overflow in the read_nttrans_ea_list function in nttrans.
 	NOTE: https://www.samba.org/samba/security/CVE-2013-4124
 	NOTE: samba as per 2:4.0.9+dfsg-2 is the first upload of the unified samba 4.x package to unstable.
 	NOTE: Issue also fixed in 4.0.8 upstream, thus the fix still contained in 4.x in unstable
-CVE-2013-4123 (client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before ...)
+CVE-2013-4123
 	- squid <not-affected> (Only affects 3.2 onwards)
 	- squid3 3.3.8-1 (bug #716743)
 	[wheezy] - squid3 <not-affected> (Only affects 3.2 onwards)
 	[squeeze] - squid3 <not-affected> (Only affects 3.2 onwards)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2013_3.txt
-CVE-2013-4122 (Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a ...)
+CVE-2013-4122
 	{DSA-3368-1}
 	- cyrus-sasl2 2.1.26.dfsg1-14 (bug #716835; bug #784112)
 	[wheezy] - cyrus-sasl2 <not-affected> (Only exploitable with eglibc 2.17 and later)
@@ -9083,40 +9083,40 @@ CVE-2013-4121
 CVE-2013-4120
 	RESERVED
 	NOT-FOR-US: Katello
-CVE-2013-4119 (FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause ...)
+CVE-2013-4119
 	- freerdp <not-affected> (The server part is not build)
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/0773bb9303d24473fe1185d85a424dfe159aff53
 	NOTE: Server disabled: option(WITH_SERVER "Build server binaries" OFF) in CMakeLists.txt
-CVE-2013-4118 (FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial ...)
+CVE-2013-4118
 	- freerdp <not-affected> (The server part is not build)
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/7d58aac24fe20ffaad7bd9b40c9ddf457c1b06e7
 	NOTE: Server disabled: option(WITH_SERVER "Build server binaries" OFF) in CMakeLists.txt
-CVE-2013-4117 (Cross-site scripting (XSS) vulnerability in includes/CatGridPost.php ...)
+CVE-2013-4117
 	NOT-FOR-US: WordPress plugin category-grid-view-gallery
-CVE-2013-4116 (lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local ...)
+CVE-2013-4116
 	- npm 1.3.10~dfsg-1 (bug #715325)
 	NOTE: Upstream fix https://github.com/isaacs/npm/commit/f4d31693
 	NOTE: https://github.com/isaacs/npm/issues/3635
-CVE-2013-4115 (Buffer overflow in the idnsALookup function in dns_internal.cc in ...)
+CVE-2013-4115
 	- squid <not-affected> (Only affects 3.2 onwards)
 	- squid3 3.3.8-1 (bug #716743)
 	[wheezy] - squid3 <not-affected> (Only affects 3.2 onwards)
 	[squeeze] - squid3 <not-affected> (Only affects 3.2 onwards)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2013_2.txt
-CVE-2013-4114 (The automatic update request in Nagstamont before 0.9.10 uses a ...)
+CVE-2013-4114
 	- nagstamon 0.9.9-2 (low; bug #716718)
 	[wheezy] - nagstamon <no-dsa> (Minor issue)
 	[squeeze] - nagstamon <no-dsa> (Minor issue)
 	NOTE: update checks are disabled in Debian by default, see debian/patches/check-for-new-version.patch
-CVE-2013-4113 (ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing ...)
+CVE-2013-4113
 	{DSA-2723-1}
 	- php5 5.5.0+dfsg-15 (bug #717139)
-CVE-2013-4112 (The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and ...)
+CVE-2013-4112
 	- libjgroups-java 2.12.2.Final-4 (bug #717031)
 	[wheezy] - libjgroups-java <no-dsa> (Minor issue)
 	[squeeze] - libjgroups-java <no-dsa> (Minor issue)
 	NOTE: libjgroups-java/2.12.2.Final-4 disables diagnostic probing by default
-CVE-2013-4111 (The Python client library for Glance (python-glanceclient) before ...)
+CVE-2013-4111
 	- python-glanceclient 1:0.9.0-2 (bug #718282)
 CVE-2013-4110
 	RESERVED
@@ -9151,23 +9151,23 @@ CVE-2013-4101
 CVE-2013-4100
 	RESERVED
 	NOT-FOR-US: Cryptocat
-CVE-2013-4099 (Multiple unspecified vulnerabilities in OpenAL32.dll in JOAL 2.0-rc11, ...)
+CVE-2013-4099
 	NOT-FOR-US: JOGAMP
-CVE-2013-4098 (ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote ...)
+CVE-2013-4098
 	NOT-FOR-US: DS3 Authentication Server
-CVE-2013-4097 (ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows ...)
+CVE-2013-4097
 	NOT-FOR-US: DS3 Authentication Server
-CVE-2013-4096 (ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server ...)
+CVE-2013-4096
 	NOT-FOR-US: DS3 Authentication Server
-CVE-2013-4095 (plain/actionsets.html in the SecureSphere Operations Manager (SOM) ...)
+CVE-2013-4095
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4094 (The Key Management feature in the SecureSphere Operations Manager ...)
+CVE-2013-4094
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4093 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
+CVE-2013-4093
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4092 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
+CVE-2013-4092
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4091 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
+CVE-2013-4091
 	NOT-FOR-US: Imperva SecureSphere
 CVE-2013-4090
 	RESERVED
@@ -9188,62 +9188,62 @@ CVE-2013-4085
 	RESERVED
 CVE-2013-4084
 	RESERVED
-CVE-2013-4083 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the ...)
+CVE-2013-4083
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark 1.2.11-6+squeeze11
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8717
-CVE-2013-4082 (The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file ...)
+CVE-2013-4082
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8760
-CVE-2013-4081 (The http_payload_subdissector function in ...)
+CVE-2013-4081
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (unimportant; bug #711918)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733
 	NOTE: Not suitable for code injection
-CVE-2013-4080 (The dissect_r3_upstreamcommand_queryconfig function in ...)
+CVE-2013-4080
 	{DLA-497-1}
 	- wireshark 1.10.0-1 (unimportant; bug #711918)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8764
-CVE-2013-4079 (The dissect_schedule_message function in ...)
+CVE-2013-4079
 	{DLA-497-1}
 	- wireshark 1.10.0-1 (unimportant; bug #711918)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730
-CVE-2013-4078 (epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x ...)
+CVE-2013-4078
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7862
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8729
-CVE-2013-4077 (Array index error in the NBAP dissector in Wireshark 1.8.x before ...)
+CVE-2013-4077
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8697
-CVE-2013-4076 (Buffer overflow in the dissect_iphc_crtp_fh function in ...)
+CVE-2013-4076
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7880
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8727
-CVE-2013-4075 (epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in ...)
+CVE-2013-4075
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7664
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8726
-CVE-2013-4074 (The dissect_capwap_data function in epan/dissectors/packet-capwap.c in ...)
+CVE-2013-4074
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8725
-CVE-2013-4073 (The OpenSSL::SSL.verify_certificate_identity function in ...)
+CVE-2013-4073
 	{DSA-2809-1 DSA-2738-1}
 	- ruby1.8 1.8.7.358-7.1 (bug #714541)
 	- ruby1.9.1 1.9.3.194-8.2 (bug #714543)
@@ -9257,125 +9257,125 @@ CVE-2013-4072
 	RESERVED
 CVE-2013-4071
 	RESERVED
-CVE-2013-4070 (The Portal application in IBM SPSS Collaboration and Deployment ...)
+CVE-2013-4070
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4069 (The Portal application in IBM SPSS Collaboration and Deployment ...)
+CVE-2013-4069
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4068 (Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 ...)
+CVE-2013-4068
 	NOT-FOR-US: IBM
-CVE-2013-4067 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and ...)
+CVE-2013-4067
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-4066 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and ...)
+CVE-2013-4066
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-4065 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
+CVE-2013-4065
 	NOT-FOR-US: iNotes in IBM Domino
-CVE-2013-4064 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
+CVE-2013-4064
 	NOT-FOR-US: iNotes in IBM Domino
-CVE-2013-4063 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
+CVE-2013-4063
 	NOT-FOR-US: iNotes in IBM Domino
-CVE-2013-4062 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 ...)
+CVE-2013-4062
 	NOT-FOR-US: IBM
-CVE-2013-4061 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check ...)
+CVE-2013-4061
 	NOT-FOR-US: IBM
 CVE-2013-4060
 	RESERVED
-CVE-2013-4059 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere ...)
+CVE-2013-4059
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-4058 (Multiple SQL injection vulnerabilities in IBM InfoSphere Information ...)
+CVE-2013-4058
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-4057 (Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM ...)
+CVE-2013-4057
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-4056 (Cross-site request forgery (CSRF) vulnerability in the Data Quality ...)
+CVE-2013-4056
 	NOT-FOR-US: IBM
-CVE-2013-4055 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web ...)
+CVE-2013-4055
 	NOT-FOR-US: IBM Domino
-CVE-2013-4054 (Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ ...)
+CVE-2013-4054
 	NOT-FOR-US: WebSphere
-CVE-2013-4053 (The WS-Security implementation in IBM WebSphere Application Server ...)
+CVE-2013-4053
 	NOT-FOR-US: WebSphere
-CVE-2013-4052 (Cross-site scripting (XSS) vulnerability in the UDDI Administrative ...)
+CVE-2013-4052
 	NOT-FOR-US: WebSphere
-CVE-2013-4051 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web ...)
+CVE-2013-4051
 	NOT-FOR-US: IBM Domino
-CVE-2013-4050 (Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in ...)
+CVE-2013-4050
 	NOT-FOR-US: IBM Domino
-CVE-2013-4049 (Unrestricted file upload vulnerability in IBM SPSS Analytical Decision ...)
+CVE-2013-4049
 	NOT-FOR-US: IBM SPSS
-CVE-2013-4048 (Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical ...)
+CVE-2013-4048
 	NOT-FOR-US: IBM SPSS
-CVE-2013-4047 (Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical ...)
+CVE-2013-4047
 	NOT-FOR-US: IBM SPSS
-CVE-2013-4046 (Open redirect vulnerability in IBM SPSS Collaboration and Deployment ...)
+CVE-2013-4046
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4045 (Cross-site scripting (XSS) vulnerability in the Portal application in ...)
+CVE-2013-4045
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4044 (IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 ...)
+CVE-2013-4044
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4043 (The server in IBM SPSS Collaboration and Deployment Services 4.x ...)
+CVE-2013-4043
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4042 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment ...)
+CVE-2013-4042
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4041 (Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 ...)
+CVE-2013-4041
 	NOT-FOR-US: IBM JDK
-CVE-2013-4040 (IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x ...)
+CVE-2013-4040
 	NOT-FOR-US: IBM Tivoli Application Dependency Discovery Manager
-CVE-2013-4039 (IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3 ...)
+CVE-2013-4039
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-4038 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
+CVE-2013-4038
 	NOT-FOR-US: IBM BladeCenter
-CVE-2013-4037 (The RAKP protocol support in the Intelligent Platform Management ...)
+CVE-2013-4037
 	NOT-FOR-US: IBM BladeCenter
-CVE-2013-4036 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
+CVE-2013-4036
 	NOT-FOR-US: IBM
-CVE-2013-4035 (IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, ...)
+CVE-2013-4035
 	NOT-FOR-US: IBM Sterling
-CVE-2013-4034 (IBM Cognos Business Intelligence 8.4.1 before IF3, 10.1.0 before IF4, ...)
+CVE-2013-4034
 	NOT-FOR-US: IBM
-CVE-2013-4033 (IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through ...)
+CVE-2013-4033
 	NOT-FOR-US: IBM DB2
-CVE-2013-4032 (The Fast Communications Manager (FCM) in IBM DB2 Enterprise Server ...)
+CVE-2013-4032
 	NOT-FOR-US: IBM
-CVE-2013-4031 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
+CVE-2013-4031
 	NOT-FOR-US: IBM BladeCenter
-CVE-2013-4030 (Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X ...)
+CVE-2013-4030
 	NOT-FOR-US: IBM System X and Flex System
 CVE-2013-4029
 	RESERVED
 CVE-2013-4028
 	RESERVED
-CVE-2013-4027 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...)
+CVE-2013-4027
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2013-4026
 	RESERVED
-CVE-2013-4025 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...)
+CVE-2013-4025
 	NOT-FOR-US: IBM
-CVE-2013-4024 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...)
+CVE-2013-4024
 	NOT-FOR-US: IBM
 CVE-2013-4023
 	RESERVED
-CVE-2013-4022 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...)
+CVE-2013-4022
 	NOT-FOR-US: IBM
-CVE-2013-4021 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...)
+CVE-2013-4021
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4020 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...)
+CVE-2013-4020
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4019 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2013-4019
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4018 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...)
+CVE-2013-4018
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4017 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 before ...)
+CVE-2013-4017
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4016 (SQL injection vulnerability in IBM Maximo Asset Management 7.x before ...)
+CVE-2013-4016
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4015 (Microsoft Internet Explorer 6 through 10 allows local users to bypass ...)
+CVE-2013-4015
 	NOT-FOR-US: MS IE
-CVE-2013-4014 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2013-4014
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4013 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...)
+CVE-2013-4013
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4012 (IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content ...)
+CVE-2013-4012
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-4011 (Multiple unspecified vulnerabilities in the InfiniBand subsystem in ...)
+CVE-2013-4011
 	NOT-FOR-US: IBM AIX
 CVE-2013-4010
 	RESERVED
@@ -9383,84 +9383,84 @@ CVE-2013-4009
 	RESERVED
 CVE-2013-4008
 	RESERVED
-CVE-2013-4007 (Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced ...)
+CVE-2013-4007
 	NOT-FOR-US: IBM
-CVE-2013-4006 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before ...)
+CVE-2013-4006
 	NOT-FOR-US: IBM
-CVE-2013-4005 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-4005
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-4004 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-4004
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-4003 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA ...)
+CVE-2013-4003
 	NOT-FOR-US: IBM TRIRIGA
-CVE-2013-4002 (XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used ...)
+CVE-2013-4002
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-4001 (Session fixation vulnerability in IBM Cognos Command Center before ...)
+CVE-2013-4001
 	NOT-FOR-US: IBM Cognos Command Center
-CVE-2013-4000 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM ...)
+CVE-2013-4000
 	NOT-FOR-US: IBM Cognos Command Center
-CVE-2013-3999 (Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics ...)
+CVE-2013-3999
 	NOT-FOR-US: IBM Social Media Analytics
-CVE-2013-3998 (CRLF injection vulnerability in the Web Application Enterprise Console ...)
+CVE-2013-3998
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-3997 (Open redirect vulnerability in the Web Application Enterprise Console ...)
+CVE-2013-3997
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-3996 (IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle ...)
+CVE-2013-3996
 	NOT-FOR-US: IBM
-CVE-2013-3995 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights ...)
+CVE-2013-3995
 	NOT-FOR-US: IBM
 CVE-2013-3994
 	RESERVED
-CVE-2013-3993 (IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated ...)
+CVE-2013-3993
 	NOT-FOR-US: IBM InfoSphere BigInsights
-CVE-2013-3992 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere ...)
+CVE-2013-3992
 	NOT-FOR-US: IBM
 CVE-2013-3991
 	RESERVED
-CVE-2013-3990 (Cross-site scripting (XSS) vulnerability in the MIME e-mail ...)
+CVE-2013-3990
 	NOT-FOR-US: IBM
-CVE-2013-3989 (IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext ...)
+CVE-2013-3989
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-3988 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x ...)
+CVE-2013-3988
 	NOT-FOR-US: IBM Sametime
 CVE-2013-3987
 	RESERVED
-CVE-2013-3986 (IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause ...)
+CVE-2013-3986
 	NOT-FOR-US: IBM
-CVE-2013-3985 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 ...)
+CVE-2013-3985
 	NOT-FOR-US: IBM
-CVE-2013-3984 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2013-3984
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3983 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x ...)
+CVE-2013-3983
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3982 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2013-3982
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3981 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2013-3981
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3980 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2013-3980
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3979 (Multiple cross-site scripting (XSS) vulnerabilities in the help pages ...)
+CVE-2013-3979
 	NOT-FOR-US: IBM Cognos Command Center
-CVE-2013-3978 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x ...)
+CVE-2013-3978
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3977 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2013-3977
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3976 (The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and ...)
+CVE-2013-3976
 	NOT-FOR-US: IBM Tivoli
-CVE-2013-3975 (Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x ...)
+CVE-2013-3975
 	NOT-FOR-US: IBM Sametime
 CVE-2013-3974
 	RESERVED
-CVE-2013-3973 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 before ...)
+CVE-2013-3973
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3972 (IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 ...)
+CVE-2013-3972
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3971 (IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before ...)
+CVE-2013-3971
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3970 (Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS ...)
+CVE-2013-3970
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2013-3969 (The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through ...)
+CVE-2013-3969
 	- mongodb 1:2.4.5-1 (bug #715007; bug #717173)
 	[squeeze] - mongodb <not-affected> (Only affects 2.4.x)
 	[wheezy] - mongodb <not-affected> (Only affects 2.4.x)
@@ -9473,41 +9473,41 @@ CVE-2013-3966
 	RESERVED
 CVE-2013-3965
 	RESERVED
-CVE-2013-3964 (Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, ...)
+CVE-2013-3964
 	NOT-FOR-US: Samsung
-CVE-2013-3963 (Cross-site request forgery (CSRF) vulnerability in goform/usermanage ...)
+CVE-2013-3963
 	NOT-FOR-US: Grandstream
-CVE-2013-3962 (Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, ...)
+CVE-2013-3962
 	NOT-FOR-US: Grandstream
-CVE-2013-3961 (SQL injection vulnerability in edit_event.php in Simple PHP Agenda ...)
+CVE-2013-3961
 	NOT-FOR-US: Simple PHP Agenda
 CVE-2013-3960
 	RESERVED
-CVE-2013-3959 (The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in ...)
+CVE-2013-3959
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-3958 (The login implementation in the Web Navigator in Siemens WinCC before ...)
+CVE-2013-3958
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-3957 (SQL injection vulnerability in the login screen in the Web Navigator ...)
+CVE-2013-3957
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-3956 (The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on ...)
+CVE-2013-3956
 	NOT-FOR-US: Novell Client on Windows
-CVE-2013-3955 (The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x ...)
+CVE-2013-3955
 	NOT-FOR-US: Apple iOS
-CVE-2013-3954 (The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x ...)
+CVE-2013-3954
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3953 (The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU ...)
+CVE-2013-3953
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3952 (The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in ...)
+CVE-2013-3952
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3951 (sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X ...)
+CVE-2013-3951
 	NOT-FOR-US: Apple iOS
-CVE-2013-3950 (Stack-based buffer overflow in the openSharedCacheFile function in ...)
+CVE-2013-3950
 	NOT-FOR-US: Apple iOS
-CVE-2013-3949 (The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x ...)
+CVE-2013-3949
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3948 (Apple iOS 6.1.3 does not follow redirects during determination of the ...)
+CVE-2013-3948
 	NOT-FOR-US: Apple iOS
-CVE-2013-3947 (Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 ...)
+CVE-2013-3947
 	NOT-FOR-US: AhnLab V3 Internet Security
 CVE-2013-3946
 	RESERVED
@@ -9515,17 +9515,17 @@ CVE-2013-3945
 	RESERVED
 CVE-2013-3944
 	RESERVED
-CVE-2013-3943 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before ...)
+CVE-2013-3943
 	NOT-FOR-US: DotNetNukeDot
 CVE-2013-3942
 	RESERVED
 CVE-2013-3941
 	RESERVED
-CVE-2013-3940 (Integer overflow in the Graphics Device Interface (GDI) in Microsoft ...)
+CVE-2013-3940
 	NOT-FOR-US: Microsoft
 CVE-2013-3939
 	RESERVED
-CVE-2013-3938 (Integer overflow in xnview.exe in XnView 2.13 allows remote attackers ...)
+CVE-2013-3938
 	NOT-FOR-US: XnView
 CVE-2013-3937
 	RESERVED
@@ -9533,347 +9533,347 @@ CVE-2013-3936
 	RESERVED
 CVE-2013-3935
 	RESERVED
-CVE-2013-3934 (Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as ...)
+CVE-2013-3934
 	NOT-FOR-US: Kingsoft Office 2013
-CVE-2013-3933 (Cross-site scripting (XSS) vulnerability in the JoomShopping ...)
+CVE-2013-3933
 	NOT-FOR-US: Joomla component com_joomshopping
 CVE-2013-3932
 	RESERVED
 CVE-2013-3931
 	RESERVED
-CVE-2013-3930 (Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows ...)
+CVE-2013-3930
 	NOT-FOR-US: Core FTP (client)
-CVE-2013-3929 (Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS ...)
+CVE-2013-3929
 	NOT-FOR-US: CMS Made Simple
-CVE-2013-3928 (Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in ...)
+CVE-2013-3928
 	NOT-FOR-US: Chasys Draw IES
-CVE-2013-3927 (Unspecified vulnerability in the client library in Siemens COMOS 9.2 ...)
+CVE-2013-3927
 	NOT-FOR-US: Siemens COMOS
-CVE-2013-3926 (** DISPUTED ** Atlassian Crowd 2.6.3 allows remote attackers to ...)
+CVE-2013-3926
 	NOT-FOR-US: Atlassian Crowd
-CVE-2013-3925 (Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and ...)
+CVE-2013-3925
 	NOT-FOR-US: Atlassian Crowd
 CVE-2013-3924
 	RESERVED
-CVE-2013-3923 (Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 ...)
+CVE-2013-3923
 	NOT-FOR-US: SavySoda WiFi HD Free
-CVE-2013-3922 (Directory traversal vulnerability in Gummy Bear Studios FTP Drive + ...)
+CVE-2013-3922
 	NOT-FOR-US: Gummy Bear Studios FTP Drive + HTTP Server
-CVE-2013-3921 (Directory traversal vulnerability in Easytime Studio Easy File Manager ...)
+CVE-2013-3921
 	NOT-FOR-US: Easytime Studio Easy File Manager
-CVE-2013-3920 (Cross-site scripting (XSS) vulnerability in Jahia xCM before 6.6.2 ...)
+CVE-2013-3920
 	NOT-FOR-US: Jahia xCM
-CVE-2013-3918 (The InformationCardSigninHelper Class ActiveX control in icardie.dll ...)
+CVE-2013-3918
 	NOT-FOR-US: Microsoft
-CVE-2013-3917 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2013-3917
 	NOT-FOR-US: Microsoft
-CVE-2013-3916 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2013-3916
 	NOT-FOR-US: Microsoft
-CVE-2013-3915 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2013-3915
 	NOT-FOR-US: Microsoft
-CVE-2013-3914 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2013-3914
 	NOT-FOR-US: Microsoft
 CVE-2013-3913
 	REJECTED
-CVE-2013-3912 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2013-3912
 	NOT-FOR-US: Microsoft
-CVE-2013-3911 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3911
 	NOT-FOR-US: Microsoft
-CVE-2013-3910 (Microsoft Internet Explorer 6 through 9 allows remote attackers to ...)
+CVE-2013-3910
 	NOT-FOR-US: Microsoft
-CVE-2013-3909 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2013-3909
 	NOT-FOR-US: Microsoft
-CVE-2013-3908 (Microsoft Internet Explorer 6 through 10 allows user-assisted remote ...)
+CVE-2013-3908
 	NOT-FOR-US: Microsoft
-CVE-2013-3907 (portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
+CVE-2013-3907
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2013-3906 (GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 ...)
+CVE-2013-3906
 	NOT-FOR-US: Microsoft
-CVE-2013-3905 (Microsoft Outlook 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT does ...)
+CVE-2013-3905
 	NOT-FOR-US: Microsoft
 CVE-2013-3904
 	REJECTED
-CVE-2013-3903 (Array index error in win32k.sys in the kernel-mode drivers in ...)
+CVE-2013-3903
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3902 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2013-3902
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-3901
 	REJECTED
-CVE-2013-3900 (The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2013-3900
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3899 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-3899
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3898 (Microsoft Windows 8 and Windows Server 2012, when Hyper-V is used, ...)
+CVE-2013-3898
 	NOT-FOR-US: Microsoft
-CVE-2013-3897 (Use-after-free vulnerability in the CDisplayPointer class in ...)
+CVE-2013-3897
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3896 (Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate ...)
+CVE-2013-3896
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2013-3895 (Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows ...)
+CVE-2013-3895
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-3894 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2013-3894
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3893 (Use-after-free vulnerability in the SetMouseCapture implementation in ...)
+CVE-2013-3893
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3892 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...)
+CVE-2013-3892
 	NOT-FOR-US: Microsoft Word
-CVE-2013-3891 (Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary ...)
+CVE-2013-3891
 	NOT-FOR-US: Microsoft Word
-CVE-2013-3890 (Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack ...)
+CVE-2013-3890
 	NOT-FOR-US: Microsoft
-CVE-2013-3889 (Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office ...)
+CVE-2013-3889
 	NOT-FOR-US: Microsoft
-CVE-2013-3888 (dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
+CVE-2013-3888
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3887 (The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode ...)
+CVE-2013-3887
 	NOT-FOR-US: Microsoft
-CVE-2013-3886 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3886
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3885 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3885
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3884
 	REJECTED
 CVE-2013-3883
 	REJECTED
-CVE-2013-3882 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3882
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3881 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and ...)
+CVE-2013-3881
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3880 (The App Container feature in the kernel-mode drivers in Microsoft ...)
+CVE-2013-3880
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3879 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+CVE-2013-3879
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3878 (Stack-based buffer overflow in the LRPC client in Microsoft Windows XP ...)
+CVE-2013-3878
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-3877
 	REJECTED
-CVE-2013-3876 (DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 ...)
+CVE-2013-3876
 	NOT-FOR-US: Microsoft
-CVE-2013-3875 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2013-3875
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3874 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2013-3874
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3873 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3873
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3872 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3872
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3871 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3871
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3870 (Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 ...)
+CVE-2013-3870
 	NOT-FOR-US: Microsoft Outlook
-CVE-2013-3869 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows ...)
+CVE-2013-3869
 	NOT-FOR-US: Microsoft
-CVE-2013-3868 (Microsoft Active Directory Lightweight Directory Service (AD LDS) on ...)
+CVE-2013-3868
 	NOT-FOR-US: Microsoft
 CVE-2013-3867
 	REJECTED
-CVE-2013-3866 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-3866
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3865 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-3865
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3864 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-3864
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3863 (Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote ...)
+CVE-2013-3863
 	NOT-FOR-US: Microsoft
-CVE-2013-3862 (Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 ...)
+CVE-2013-3862
 	NOT-FOR-US: Microsoft
-CVE-2013-3861 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 ...)
+CVE-2013-3861
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3860 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does ...)
+CVE-2013-3860
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3859 (Microsoft Pinyin IME 2010, when used in conjunction with Microsoft ...)
+CVE-2013-3859
 	NOT-FOR-US: Microsoft Pinyin IME
-CVE-2013-3858 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
+CVE-2013-3858
 	NOT-FOR-US: Microsoft
-CVE-2013-3857 (Microsoft Word Automation Services in SharePoint Server 2010 SP1 and ...)
+CVE-2013-3857
 	NOT-FOR-US: Microsoft
-CVE-2013-3856 (Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to ...)
+CVE-2013-3856
 	NOT-FOR-US: Microsoft
-CVE-2013-3855 (Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, ...)
+CVE-2013-3855
 	NOT-FOR-US: Microsoft
-CVE-2013-3854 (Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to ...)
+CVE-2013-3854
 	NOT-FOR-US: Microsoft
-CVE-2013-3853 (Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to ...)
+CVE-2013-3853
 	NOT-FOR-US: Microsoft
-CVE-2013-3852 (Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility ...)
+CVE-2013-3852
 	NOT-FOR-US: Microsoft
-CVE-2013-3851 (Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, ...)
+CVE-2013-3851
 	NOT-FOR-US: Microsoft
-CVE-2013-3850 (Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office ...)
+CVE-2013-3850
 	NOT-FOR-US: Microsoft Word
-CVE-2013-3849 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
+CVE-2013-3849
 	NOT-FOR-US: Microsoft
-CVE-2013-3848 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
+CVE-2013-3848
 	NOT-FOR-US: Microsoft
-CVE-2013-3847 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
+CVE-2013-3847
 	NOT-FOR-US: Microsoft
-CVE-2013-3846 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 ...)
+CVE-2013-3846
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3845 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2013-3845
 	NOT-FOR-US: Microsoft
 CVE-2013-3844
 	REJECTED
-CVE-2013-3842 (Unspecified vulnerability Oracle Solaris 10 allows local users to ...)
+CVE-2013-3842
 	NOT-FOR-US: Solaris
-CVE-2013-3841 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2013-3841
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-3840 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2013-3840
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-3839 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3839
 	{DSA-2818-1 DSA-2780-1}
 	- mysql-5.5 5.5.33
 	- mysql-5.1 <removed>
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-3838 (Unspecified vulnerability in Oracle SPARC Enterprise T &amp; M Series ...)
+CVE-2013-3838
 	NOT-FOR-US: Oracle SPARC Enterprise
-CVE-2013-3837 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote ...)
+CVE-2013-3837
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3836 (Unspecified vulnerability in the Oracle Web Cache component in Oracle ...)
+CVE-2013-3836
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3835 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3835
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3834 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2013-3834
 	NOT-FOR-US: Oracle Secure Global Desktop
-CVE-2013-3833 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2013-3833
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3832 (Unspecified vulnerability in the Siebel Server Remote component in ...)
+CVE-2013-3832
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-3831 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2013-3831
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3830 (Unspecified vulnerability in the Hyperion Strategic Finance component ...)
+CVE-2013-3830
 	NOT-FOR-US: Oracle Hyperion
-CVE-2013-3829 (Unspecified vulnerability in the Java SE, Java SE Embedded component ...)
+CVE-2013-3829
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-3828 (Unspecified vulnerability in the Oracle Web Services component in ...)
+CVE-2013-3828
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3827 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2013-3827
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2013-3826 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2013-3826
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3825 (Unspecified vulnerability in the Oracle Agile Product Collaboration ...)
+CVE-2013-3825
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3824 (Unspecified vulnerability in the Oracle Agile Collaboration Framework ...)
+CVE-2013-3824
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3823 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2013-3823
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3822 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2013-3822
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3821 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3821
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3820 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3820
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3819 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3819
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3818 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3818
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2013-3817
 	REJECTED
-CVE-2013-3816 (Unspecified vulnerability in the Oracle Policy Automation component in ...)
+CVE-2013-3816
 	NOT-FOR-US: Oracle Industry Applications
 CVE-2013-3815
 	REJECTED
-CVE-2013-3814 (Unspecified vulnerability in the Oracle Retail Invoice Matching ...)
+CVE-2013-3814
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-3813 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
+CVE-2013-3813
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3812 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3812
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3811 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3811
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3810 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3810
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3809 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3809
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3808 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3808
 	{DSA-2780-1}
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <removed>
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3807 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3807
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3806 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3806
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3805 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3805
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5 and 5.6)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3804 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3804
 	{DSA-2818-1 DSA-2780-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3803 (Unspecified vulnerability in the Hyperion BI+ component in Oracle ...)
+CVE-2013-3803
 	NOT-FOR-US: Oracle Hyperion
-CVE-2013-3802 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3802
 	{DSA-2818-1 DSA-2780-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3801 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3801
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3800 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3800
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3799 (Unspecified vulnerability in Oracle Solaris 10 and 11, when running on ...)
+CVE-2013-3799
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3798 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3798
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3797 (Unspecified vulnerability in Oracle Solaris 11 allows local users to ...)
+CVE-2013-3797
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3796 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3796
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3795 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3795
 	- mysql-5.5 <not-affected> (Only affects 5.5 and 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3794 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3794
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3793 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3793
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3792 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2013-3792
 	{DLA-313-1}
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Minor issue)
@@ -9881,109 +9881,109 @@ CVE-2013-3792 (Unspecified vulnerability in the Oracle VM VirtualBox component i
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	NOTE: https://www.virtualbox.org/ticket/11863
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-3791 (Unspecified vulnerability in Enterprise Manager (EM) Base Platform ...)
+CVE-2013-3791
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-3790 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2013-3790
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3789 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2013-3789
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3788 (Unspecified vulnerability in the Oracle iSupplier Portal component in ...)
+CVE-2013-3788
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3787 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote ...)
+CVE-2013-3787
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3786 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local ...)
+CVE-2013-3786
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3785 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2013-3785
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3784 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2013-3784
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3783 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2013-3783
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3782 (Unspecified vulnerability in the Secure Global Desktop component in ...)
+CVE-2013-3782
 	NOT-FOR-US: Oracle Virtualization
-CVE-2013-3781 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-3781
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3780 (Unspecified vulnerability in the PeopleSoft Enterprise Portal ...)
+CVE-2013-3780
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3779 (Unspecified vulnerability in the Secure Global Desktop component in ...)
+CVE-2013-3779
 	NOT-FOR-US: Oracle Virtualization
-CVE-2013-3778 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2013-3778
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3777 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2013-3777
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3776 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-3776
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3775 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
+CVE-2013-3775
 	NOT-FOR-US: Oracle iLearning
-CVE-2013-3774 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+CVE-2013-3774
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3773 (Unspecified vulnerability in the SPARC Enterprise M Series Servers ...)
+CVE-2013-3773
 	NOT-FOR-US: Oracle and Sun Systems Products Suite
-CVE-2013-3772 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2013-3772
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3771 (Unspecified vulnerability in the Oracle executable component in Oracle ...)
+CVE-2013-3771
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3770 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2013-3770
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3769 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2013-3769
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3768 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3768
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3767 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2013-3767
 	NOT-FOR-US: Oracle E-Business Suite Access Gate
-CVE-2013-3766 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2013-3766
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2013-3765 (Unspecified vulnerability in Oracle Solaris 11 allows local users to ...)
+CVE-2013-3765
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3764 (Unspecified vulnerability in the Oracle Endeca Server component in ...)
+CVE-2013-3764
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3763 (Unspecified vulnerability in the Oracle Endeca Server component in ...)
+CVE-2013-3763
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3762 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-3762
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-3761 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3761
 	NOT-FOR-US: Oracle PeopleSoft Products Portal
-CVE-2013-3760 (Unspecified vulnerability in the Oracle executable component in Oracle ...)
+CVE-2013-3760
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3759 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-3759
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3758 (Unspecified vulnerability in the Enterprise Manager (EM) Base Platform ...)
+CVE-2013-3758
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-3757 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows ...)
+CVE-2013-3757
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3756 (Unspecified vulnerability in the Oracle Landed Cost Management ...)
+CVE-2013-3756
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3755 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2013-3755
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3754 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2013-3754
 	NOT-FOR-US: Solaris
-CVE-2013-3753 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
+CVE-2013-3753
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3752 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
+CVE-2013-3752
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3751 (Unspecified vulnerability in the XML Parser component in Oracle ...)
+CVE-2013-3751
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3750 (Unspecified vulnerability in Oracle Solaris 11 allows local users to ...)
+CVE-2013-3750
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3749 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2013-3749
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3748 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
+CVE-2013-3748
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3747 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2013-3747
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3746 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2013-3746
 	NOT-FOR-US: Solaris
-CVE-2013-3745 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows ...)
+CVE-2013-3745
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3744 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-3744
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-3743 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-3743
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
 	- openjdk-7 <not-affected> (Only affects Java 5 and Java 6)
@@ -9991,28 +9991,28 @@ CVE-2013-3741
 	RESERVED
 CVE-2013-3740
 	RESERVED
-CVE-2013-3739 (Directory traversal vulnerability in editor.php in Network Weathermap ...)
+CVE-2013-3739
 	NOT-FOR-US: Network Weathermap
 CVE-2013-3738
 	RESERVED
-CVE-2013-3843 (Stack-based buffer overflow in the mk_request_header_process function ...)
+CVE-2013-3843
 	- monkey <removed>
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-3919 (resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, ...)
+CVE-2013-3919
 	- bind9 <not-affected> (vulnerable code not present)
 	NOTE: https://kb.isc.org/article/AA-00967
-CVE-2013-3742 (Cross-site scripting (XSS) vulnerability in view_create.php (aka the ...)
+CVE-2013-3742
 	- phpmyadmin 4:4.0.1-3 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-3737 (The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in ...)
+CVE-2013-3737
 	NOT-FOR-US: Request Tracker extension MobileUI
-CVE-2013-3736 (Cross-site scripting (XSS) vulnerability in the MobileUI (aka ...)
+CVE-2013-3736
 	NOT-FOR-US: Request Tracker extension MobileUI
-CVE-2013-3735 (** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 ...)
+CVE-2013-3735
 	- php5 <removed> (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2013-3734 (** DISPUTED ** The Embedded Jopr component in JBoss Application Server ...)
+CVE-2013-3734
 	NOT-FOR-US: Embedded Jopr
 CVE-2013-3733
 	RESERVED
@@ -10022,28 +10022,28 @@ CVE-2013-3731
 	RESERVED
 CVE-2013-3730
 	RESERVED
-CVE-2013-3729 (Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler ...)
+CVE-2013-3729
 	NOT-FOR-US: Kasseler CMS
-CVE-2013-3728 (Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 ...)
+CVE-2013-3728
 	NOT-FOR-US: Kasseler CMS
-CVE-2013-3727 (SQL injection vulnerability in Kasseler CMS before 2 r1232 allows ...)
+CVE-2013-3727
 	NOT-FOR-US: Kasseler CMS
 CVE-2013-3726
 	REJECTED
 CVE-2013-3725
 	RESERVED
-CVE-2013-3724 (The mk_request_header_process function in mk_request.c in Monkey 1.1.1 ...)
+CVE-2013-3724
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 CVE-2013-3723
 	RESERVED
 CVE-2013-3722
 	RESERVED
-CVE-2013-3721 (SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows ...)
+CVE-2013-3721
 	NOT-FOR-US: PsychoStats
-CVE-2013-3720 (Cross-site scripting (XSS) vulnerability in widget_remove.php in the ...)
+CVE-2013-3720
 	NOT-FOR-US: Wordpress plugin Feedweb
-CVE-2013-3719 (Cross-site scripting (XSS) vulnerability in the aiContactSafe ...)
+CVE-2013-3719
 	NOT-FOR-US: Joomla!
 CVE-2013-3718 [evince missing check on number of pages]
 	RESERVED
@@ -10059,27 +10059,27 @@ CVE-2013-3715
 	RESERVED
 CVE-2013-3714
 	RESERVED
-CVE-2013-3713 (The image creation configuration in aaa_base before 16.26.1 for ...)
+CVE-2013-3713
 	NOT-FOR-US: openSUSE live installer
-CVE-2013-3712 (SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for ...)
+CVE-2013-3712
 	NOT-FOR-US: SUSE Studio Onsite
 CVE-2013-3711
 	RESERVED
-CVE-2013-3710 (SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate ...)
+CVE-2013-3710
 	NOT-FOR-US: SUSE Lifecycle Management Server
-CVE-2013-3709 (WebYaST 1.3 uses weak permissions for ...)
+CVE-2013-3709
 	NOT-FOR-US: WebYast
-CVE-2013-3708 (The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 ...)
+CVE-2013-3708
 	NOT-FOR-US: Novell iPrint Client
-CVE-2013-3707 (The HTTPSTK service in the novell-nrm package before ...)
+CVE-2013-3707
 	NOT-FOR-US: Novell Open Enterprise Server 2
-CVE-2013-3706 (Directory traversal vulnerability in the PreBoot service in Novell ...)
+CVE-2013-3706
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-3705 (The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on ...)
+CVE-2013-3705
 	NOT-FOR-US: Novell Client
-CVE-2013-3704 (The RPM GPG key import and handling feature in libzypp 12.15.0 and ...)
+CVE-2013-3704
 	- libzypp <not-affected> (Fixed before initial upload)
-CVE-2013-3703 (The controller of the Open Build Service API prior to version 2.4.4 is ...)
+CVE-2013-3703
 	NOT-FOR-US: Open Build Service
 CVE-2013-3702
 	REJECTED
@@ -10091,29 +10091,29 @@ CVE-2013-3699
 	REJECTED
 CVE-2013-3698
 	REJECTED
-CVE-2013-3697 (Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell ...)
+CVE-2013-3697
 	NOT-FOR-US: Novell Client on Windows
 CVE-2013-3696
 	RESERVED
 CVE-2013-3695
 	RESERVED
-CVE-2013-3694 (BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 ...)
+CVE-2013-3694
 	NOT-FOR-US: BlackBerry Link
-CVE-2013-3693 (The BlackBerry Universal Device Service in BlackBerry Enterprise ...)
+CVE-2013-3693
 	NOT-FOR-US: BlackBerry
-CVE-2013-3692 (BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses ...)
+CVE-2013-3692
 	NOT-FOR-US: Blackberry OS
 CVE-2013-3691
 	RESERVED
-CVE-2013-3690 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi ...)
+CVE-2013-3690
 	NOT-FOR-US: Brickcom
-CVE-2013-3689 (Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, ...)
+CVE-2013-3689
 	NOT-FOR-US: Brickcom
-CVE-2013-3688 (The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, ...)
+CVE-2013-3688
 	NOT-FOR-US: TP-Link
-CVE-2013-3687 (AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, ...)
+CVE-2013-3687
 	NOT-FOR-US: AirLive cameras
-CVE-2013-3686 (cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera ...)
+CVE-2013-3686
 	NOT-FOR-US: AirLive
 CVE-2013-3685
 	RESERVED
@@ -10130,35 +10130,35 @@ CVE-2013-3680
 	RESERVED
 CVE-2013-3679
 	RESERVED
-CVE-2013-3678 (Multiple unspecified vulnerabilities in SAP Governance, Risk, and ...)
+CVE-2013-3678
 	NOT-FOR-US: SAP
 CVE-2013-3677
 	RESERVED
 CVE-2013-3676
 	RESERVED
-CVE-2013-3675 (The process_frame_obj function in sanm.c in libavcodec in FFmpeg ...)
+CVE-2013-3675
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-3674 (The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg ...)
+CVE-2013-3674
 	{DSA-3003-1}
 	- ffmpeg <not-affected> (CD Graphics Video Decoder not present in 0.5 ffmpeg)
 	- libav 6:10.4-1
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ef2dbd2392e3e4d430e0173e1e5c4df9f18b6dd
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a1599f3f7ea8478d1f6a95e59e3bc6bc86d5f812
-CVE-2013-3673 (The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg ...)
+CVE-2013-3673
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
-CVE-2013-3672 (The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg ...)
+CVE-2013-3672
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7fa6db2545643efb4fe2e0bb501fa50af35a6330
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=70cd3b8e659c3522eea5c16a65d14b8658894a94
-CVE-2013-3671 (The format_line function in log.c in libavutil in FFmpeg before 1.2.1 ...)
+CVE-2013-3671
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
-CVE-2013-3670 (The rle_unpack function in vmdav.c in libavcodec in FFmpeg git ...)
+CVE-2013-3670
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10-1
@@ -10169,63 +10169,63 @@ CVE-2013-3669
 	RESERVED
 CVE-2013-3668
 	RESERVED
-CVE-2013-3667 (The software update mechanism as used in Bare Bones Software Yojimbo ...)
+CVE-2013-3667
 	NOT-FOR-US: Various proprietary software updaters
-CVE-2013-3666 (The LG Hidden Menu component for Android on the LG Optimus G E973 ...)
+CVE-2013-3666
 	NOT-FOR-US: LG Hidden Menu
-CVE-2013-3665 (Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT ...)
+CVE-2013-3665
 	NOT-FOR-US: AutoCAD
-CVE-2013-3664 (Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) ...)
+CVE-2013-3664
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-3663 (Heap-based buffer overflow in paintlib, as used in Trimble SketchUp ...)
+CVE-2013-3663
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-3662 (Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 ...)
+CVE-2013-3662
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-3661 (The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP ...)
+CVE-2013-3661
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3660 (The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode ...)
+CVE-2013-3660
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3659 (The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for ...)
+CVE-2013-3659
 	NOT-FOR-US: Android application NTT DOCOMO
-CVE-2013-3658 (Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ...)
+CVE-2013-3658
 	NOT-FOR-US: VMware
-CVE-2013-3657 (Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, ...)
+CVE-2013-3657
 	NOT-FOR-US: VMware
-CVE-2013-3656 (Cybozu Office 9.1.0 and earlier does not properly manage sessions, ...)
+CVE-2013-3656
 	NOT-FOR-US: Cybozu Office
-CVE-2013-3655 (The Sharp AQUOS PhotoPlayer HN-PP150 with firmware before 1.04.00.04 ...)
+CVE-2013-3655
 	NOT-FOR-US: Sharp AQUOS PhotoPlayer
-CVE-2013-3654 (Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through ...)
+CVE-2013-3654
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3653 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2013-3653
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3652 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-3652
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3651 (LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to ...)
+CVE-2013-3651
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3650 (Directory traversal vulnerability in the lfCheckFileName function in ...)
+CVE-2013-3650
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3649 (Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before ...)
+CVE-2013-3649
 	NOT-FOR-US: KENT-WEB CLIP-MAIL
-CVE-2013-3648 (Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before ...)
+CVE-2013-3648
 	NOT-FOR-US: KENT-WEB POST-MAIL
-CVE-2013-3647 (The WebView class in the Cybozu Live application before 2.0.1 for ...)
+CVE-2013-3647
 	NOT-FOR-US: Cybozu Live for Android
-CVE-2013-3646 (The Cybozu Live application before 2.0.1 for Android allows remote ...)
+CVE-2013-3646
 	NOT-FOR-US: Cybozu Live for Android
-CVE-2013-3645 (Cross-site scripting (XSS) vulnerability in the Orchard.Comments ...)
+CVE-2013-3645
 	NOT-FOR-US: Orchard
-CVE-2013-3644 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; ...)
+CVE-2013-3644
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2013-3643 (The Galapagos Browser application for Android does not properly ...)
+CVE-2013-3643
 	NOT-FOR-US: Galapagos Browser application for Android
-CVE-2013-3642 (The Angel Browser application 1.47b and earlier for Android 1.6 ...)
+CVE-2013-3642
 	NOT-FOR-US: Angel Browser application
-CVE-2013-3641 (The Pizza Hut Japan Official Order application before 1.1.1.a for ...)
+CVE-2013-3641
 	NOT-FOR-US: The Pizza Hut Japan Official Order for Android
-CVE-2013-3640 (Cross-site scripting (XSS) vulnerability in the Instant Web Publish ...)
+CVE-2013-3640
 	NOT-FOR-US: FileMaker Pro
-CVE-2013-3639 (Multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4.0-b1 ...)
+CVE-2013-3639
 	NOT-FOR-US: Xaraya
 CVE-2013-3638
 	RESERVED
@@ -10235,15 +10235,15 @@ CVE-2013-3636
 	RESERVED
 CVE-2013-3635
 	RESERVED
-CVE-2013-3634 (The SNMPv3 functionality on Siemens Scalance X200 IRT switches with ...)
+CVE-2013-3634
 	NOT-FOR-US: Siemens switches
-CVE-2013-3633 (The web interface on Siemens Scalance X200 IRT switches with firmware ...)
+CVE-2013-3633
 	NOT-FOR-US: Siemens
-CVE-2013-3632 (The Cron service in rpc.php in OpenMediaVault allows remote ...)
+CVE-2013-3632
 	NOT-FOR-US: OpenMediaVault
-CVE-2013-3631 (NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to ...)
+CVE-2013-3631
 	NOT-FOR-US: NAS4Free
-CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators to ...)
+CVE-2013-3630
 	NOTE: For Moodle: Not a securiy issue according to upstream, only applicable to administrators, see bug #775842
 	NOTE: https://tracker.moodle.org/browse/MDL-41449
 	NOTE: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
@@ -10251,17 +10251,17 @@ CVE-2013-3629
 	RESERVED
 CVE-2013-3628
 	RESERVED
-CVE-2013-3627 (FrameworkService.exe in McAfee Framework Service in McAfee Managed ...)
+CVE-2013-3627
 	NOT-FOR-US: McAfee
-CVE-2013-3626 (Directory traversal vulnerability in the Session Server in Attachmate ...)
+CVE-2013-3626
 	NOT-FOR-US: Attachmate Verastream Host Integrator
-CVE-2013-3625 (An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 ...)
+CVE-2013-3625
 	NOT-FOR-US: Baramundi Management Suite
-CVE-2013-3624 (The OS deployment feature in Baramundi Management Suite 7.5 through ...)
+CVE-2013-3624
 	NOT-FOR-US: Baramundi Management Suite
-CVE-2013-3623 (Multiple stack-based buffer overflows in cgi/close_window.cgi in the ...)
+CVE-2013-3623
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3622 (Buffer overflow in logout.cgi in the Intelligent Platform Management ...)
+CVE-2013-3622
 	NOT-FOR-US: Intelligent Platform Management Interface
 CVE-2013-3621
 	RESERVED
@@ -10271,65 +10271,65 @@ CVE-2013-3619
 	RESERVED
 CVE-2013-3618
 	RESERVED
-CVE-2013-3617 (The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote ...)
+CVE-2013-3617
 	NOT-FOR-US: Openbravo ERP
-CVE-2013-3616 (Cross-site scripting (XSS) vulnerability in the KnowledgeView ...)
+CVE-2013-3616
 	NOT-FOR-US: KnowledgeView Editorial and Management application
-CVE-2013-3615 (Dahua DVR appliances use a password-hash algorithm with a short hash ...)
+CVE-2013-3615
 	NOT-FOR-US: Dahua DVR
-CVE-2013-3614 (Dahua DVR appliances have a small value for the maximum password ...)
+CVE-2013-3614
 	NOT-FOR-US: Dahua DVR
-CVE-2013-3613 (Dahua DVR appliances do not properly restrict UPnP requests, which ...)
+CVE-2013-3613
 	NOT-FOR-US: Dahua DVR
-CVE-2013-3612 (Dahua DVR appliances have a hardcoded password for (1) the root ...)
+CVE-2013-3612
 	NOT-FOR-US: Dahua DVR
 CVE-2013-3611
 	REJECTED
-CVE-2013-3610 (qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before ...)
+CVE-2013-3610
 	NOT-FOR-US: ASUS router
-CVE-2013-3609 (The web interface in the Intelligent Platform Management Interface ...)
+CVE-2013-3609
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3608 (The web interface in the Intelligent Platform Management Interface ...)
+CVE-2013-3608
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3607 (Multiple stack-based buffer overflows in the web interface in the ...)
+CVE-2013-3607
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3606 (The login page in the GoAhead web server on Dell PowerConnect 3348 ...)
+CVE-2013-3606
 	NOT-FOR-US: GoAhead web server on Dell PowerConnect
-CVE-2013-3605 (Cross-site request forgery (CSRF) vulnerability in Coursemill Learning ...)
+CVE-2013-3605
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3604 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
+CVE-2013-3604
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3603 (Cross-site scripting (XSS) vulnerability in Coursemill Learning ...)
+CVE-2013-3603
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3602 (SQL injection vulnerability in admindocumentworker.jsp in Coursemill ...)
+CVE-2013-3602
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3601 (Coursemill Learning Management System (LMS) 6.6 does not properly ...)
+CVE-2013-3601
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3600 (Coursemill Learning Management System (LMS) 6.6 allows remote ...)
+CVE-2013-3600
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3599 (userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and ...)
+CVE-2013-3599
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3598 (Directory traversal vulnerability in servlet/CreateTemplateServlet in ...)
+CVE-2013-3598
 	NOT-FOR-US: SearchBlox
-CVE-2013-3597 (servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows ...)
+CVE-2013-3597
 	NOT-FOR-US: SearchBlox
-CVE-2013-3596 (AdvancePro Advanceware allows remote authenticated users to obtain ...)
+CVE-2013-3596
 	NOT-FOR-US: AdvancePro Advanceware
-CVE-2013-3595 (The OpenManage web application 2.5 build 1.19 on Dell PowerConnect ...)
+CVE-2013-3595
 	NOT-FOR-US: Dell PowerConnect
-CVE-2013-3594 (The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and ...)
+CVE-2013-3594
 	NOT-FOR-US: Dell PowerConnect
-CVE-2013-3593 (Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1) ...)
+CVE-2013-3593
 	NOT-FOR-US: Baramundi Management Suite
 CVE-2013-3592
 	RESERVED
 CVE-2013-3591
 	RESERVED
-CVE-2013-3590 (Unrestricted file upload vulnerability in admin/uploadImage.html in ...)
+CVE-2013-3590
 	NOT-FOR-US: SearchBlox
-CVE-2013-3589 (Cross-site scripting (XSS) vulnerability in the login page in the ...)
+CVE-2013-3589
 	NOT-FOR-US: Dell iDRAC6
-CVE-2013-3588 (The web management interface on Zyxel P660 devices allows remote ...)
+CVE-2013-3588
 	NOT-FOR-US: Zyxel
 CVE-2013-3587 [BREACH attack against HTTP compression]
 	RESERVED
@@ -10339,37 +10339,37 @@ CVE-2013-3587 [BREACH attack against HTTP compression]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=995168
 	NOTE: https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/
 	NOTE: https://www.mail-archive.com/dev@httpd.apache.org/msg57592.html
-CVE-2013-3586 (Samsung Web Viewer for Samsung DVR devices allows remote attackers to ...)
+CVE-2013-3586
 	NOT-FOR-US: Samsung DVR devices
-CVE-2013-3585 (Samsung Web Viewer for Samsung DVR devices stores credentials in ...)
+CVE-2013-3585
 	NOT-FOR-US: Samsung DVR devices
-CVE-2013-3584 (Cross-site scripting (XSS) vulnerability in Corporater EPM Suite ...)
+CVE-2013-3584
 	NOT-FOR-US: Corporater EPM Suite
-CVE-2013-3583 (Cross-site request forgery (CSRF) vulnerability in saveProperties.html ...)
+CVE-2013-3583
 	NOT-FOR-US: Corporater EPM Suite
-CVE-2013-3582 (Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and ...)
+CVE-2013-3582
 	NOT-FOR-US: Dell
-CVE-2013-3581 (ajax.cgi in the web interface on the Choice Wireless Green Packet ...)
+CVE-2013-3581
 	NOT-FOR-US: Choice Wireless Green Packet WIXFMR-111 4G WiMax modem
-CVE-2013-3580 (The TrustGo Antivirus &amp; Mobile Security application before 1.3.6 for ...)
+CVE-2013-3580
 	NOT-FOR-US: TrustGo
-CVE-2013-3579 (The Lookout Mobile Security application before 8.17-8a39d3f for ...)
+CVE-2013-3579
 	NOT-FOR-US: Lookout Mobile Security application for Android
-CVE-2013-3578 (SQL injection vulnerability in the Help Desk application in Wave ...)
+CVE-2013-3578
 	NOT-FOR-US: ERAS
-CVE-2013-3577 (SQL injection vulnerability in the Help Desk application in Wave ...)
+CVE-2013-3577
 	NOT-FOR-US: ERAS
-CVE-2013-3576 (ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote ...)
+CVE-2013-3576
 	NOT-FOR-US: HP System Management Homepage
-CVE-2013-3575 (hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics ...)
+CVE-2013-3575
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2013-3574 (Absolute path traversal vulnerability in ...)
+CVE-2013-3574
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2013-3573 (HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct ...)
+CVE-2013-3573
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2013-3572 (Cross-site scripting (XSS) vulnerability in the administer interface ...)
+CVE-2013-3572
 	NOT-FOR-US: Ubiquiti Networks UniFi
-CVE-2013-3571 (socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used ...)
+CVE-2013-3571
 	- socat 1.7.1.3-1.5 (low; bug #709931)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	[wheezy] - socat <no-dsa> (Minor issue)
@@ -10380,7 +10380,7 @@ CVE-2013-3569
 	RESERVED
 CVE-2013-3568
 	RESERVED
-CVE-2013-3567 (Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet ...)
+CVE-2013-3567
 	{DSA-2715-1}
 	- puppet 3.2.2-1 (bug #712745)
 CVE-2013-3566
@@ -10391,50 +10391,50 @@ CVE-2013-3565 [XSS in HTTP Interface]
 	NOTE: Negligible impact
 CVE-2013-3564
 	RESERVED
-CVE-2013-3563 (Stack-based buffer overflow in db_netserver in Lianja SQL Server ...)
+CVE-2013-3563
 	NOT-FOR-US: Lianja SQL Server
-CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function in ...)
+CVE-2013-3562
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
-CVE-2013-3561 (Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow ...)
+CVE-2013-3561
 	- wireshark <not-affected> (This CVE ID is for the Wireshark trunk, the fix 1.8 is CVE-2013-3562)
-CVE-2013-3560 (The dissect_dsmcc_un_download function in ...)
+CVE-2013-3560
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
 	NOTE: Not suitable for code injection
-CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in ...)
+CVE-2013-3559
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
-CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c ...)
+CVE-2013-3558
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
-CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ...)
+CVE-2013-3557
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	[squeeze] - wireshark 1.2.11-6+squeeze11
 	NOTE: Not suitable for code injection
-CVE-2013-3556 (The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 ...)
+CVE-2013-3556
 	- wireshark <not-affected> (Only affected the dev trunk)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
-CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark ...)
+CVE-2013-3555
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
 CVE-2013-3554
 	RESERVED
-CVE-2013-3553 (Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier ...)
+CVE-2013-3553
 	NOT-FOR-US: Nitro Pro
-CVE-2013-3552 (Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier ...)
+CVE-2013-3552
 	NOT-FOR-US: Nitro Pro
 CVE-2013-3551
 	RESERVED
@@ -10455,55 +10455,55 @@ CVE-2013-3545
 	RESERVED
 CVE-2013-3544
 	REJECTED
-CVE-2013-3543 (The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) ...)
+CVE-2013-3543
 	NOT-FOR-US: AXIS Media Control
 CVE-2013-3542
 	RESERVED
-CVE-2013-3541 (Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive ...)
+CVE-2013-3541
 	NOT-FOR-US: AirLive
-CVE-2013-3540 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-3540
 	NOT-FOR-US: AirLive
-CVE-2013-3539 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2013-3539
 	NOT-FOR-US: Sony
-CVE-2013-3538 (Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php ...)
+CVE-2013-3538
 	NOT-FOR-US: Todoo Forum
-CVE-2013-3537 (Multiple SQL injection vulnerabilities in todooforum.php in Todoo ...)
+CVE-2013-3537
 	NOT-FOR-US: Todoo Forum
-CVE-2013-3536 (SQL injection vulnerability in the gp_LoadUserFromHash function in ...)
+CVE-2013-3536
 	NOT-FOR-US: grouppay plugin
-CVE-2013-3535 (Multiple cross-site scripting (XSS) vulnerabilities in CMSLogik 1.2.0 ...)
+CVE-2013-3535
 	NOT-FOR-US: CMSLogik
-CVE-2013-3534 (Cross-site scripting (XSS) vulnerability in the aiContactSafe ...)
+CVE-2013-3534
 	NOT-FOR-US: aiContactSafe
-CVE-2013-3533 (Multiple SQL injection vulnerabilities in Virtual Access Monitor ...)
+CVE-2013-3533
 	NOT-FOR-US: Virtual Access Monitor
-CVE-2013-3532 (SQL injection vulnerability in settings.php in the Web Dorado Spider ...)
+CVE-2013-3532
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3531 (SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows ...)
+CVE-2013-3531
 	NOT-FOR-US: RadioCMS
-CVE-2013-3530 (SQL injection vulnerability in playlist.php in the Spiffy XSPF Player ...)
+CVE-2013-3530
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3529 (Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php ...)
+CVE-2013-3529
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3528 (Unspecified vulnerability in the update check in Vanilla Forums before ...)
+CVE-2013-3528
 	NOT-FOR-US: Vanilla Forums
-CVE-2013-3527 (Multiple SQL injection vulnerabilities in Vanilla Forums before ...)
+CVE-2013-3527
 	NOT-FOR-US: Vanilla Forums
-CVE-2013-3526 (Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the ...)
+CVE-2013-3526
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3525 (** DISPUTED ** ...)
+CVE-2013-3525
 	NOTE: http://web.archive.org/web/20151225141212/http://blog.bestpractical.com/2013/04/on-our-security-policies.html
-CVE-2013-3524 (SQL injection vulnerability in popupnewsitem/ in the Pop Up News ...)
+CVE-2013-3524
 	NOT-FOR-US: phpVMS
-CVE-2013-3523 (SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 ...)
+CVE-2013-3523
 	NOT-FOR-US: This HTML Is Simple
-CVE-2013-3522 (SQL injection vulnerability in index.php/ajax/api/reputation/vote in ...)
+CVE-2013-3522
 	NOT-FOR-US: vBulletin
 CVE-2013-3521
 	REJECTED
-CVE-2013-3520 (VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not ...)
+CVE-2013-3520
 	NOT-FOR-US: VMware vCenter Chargeback Manager
-CVE-2013-3519 (lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x ...)
+CVE-2013-3519
 	NOT-FOR-US: VMware
 CVE-2013-3518
 	RESERVED
@@ -10511,47 +10511,47 @@ CVE-2013-3517
 	RESERVED
 CVE-2013-3516
 	RESERVED
-CVE-2013-3515 (Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source ...)
+CVE-2013-3515
 	NOT-FOR-US: OpenX
-CVE-2013-3514 (Multiple directory traversal vulnerabilities in OpenX before 2.8.10 ...)
+CVE-2013-3514
 	NOT-FOR-US: OpenX
-CVE-2013-3513 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma ...)
+CVE-2013-3513
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3512 (The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not ...)
+CVE-2013-3512
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3511 (Open redirect vulnerability in the NeDi component in GroundWork ...)
+CVE-2013-3511
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3510 (Multiple SQL injection vulnerabilities in GroundWork Monitor ...)
+CVE-2013-3510
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3509 (html/System-NeDi.php in the NeDi component in GroundWork Monitor ...)
+CVE-2013-3509
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3508 (html/System-Files.php in the System File Overview feature in the NeDi ...)
+CVE-2013-3508
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3507 (The NeDi component in GroundWork Monitor Enterprise 6.7.0 allows ...)
+CVE-2013-3507
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3506 (cgi-bin/performance/perfchart.cgi in the Performance component in ...)
+CVE-2013-3506
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3505 (The Nagios-App component in GroundWork Monitor Enterprise 6.7.0 allows ...)
+CVE-2013-3505
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3504 (Directory traversal vulnerability in monarch.cgi in the MONARCH ...)
+CVE-2013-3504
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3503 (The Profile Importer feature in monarch.cgi in the MONARCH component ...)
+CVE-2013-3503
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3502 (monarch_scan.cgi in the MONARCH component in GroundWork Monitor ...)
+CVE-2013-3502
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3501 (Multiple cross-site scripting (XSS) vulnerabilities in GroundWork ...)
+CVE-2013-3501
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3500 (The Foundation webapp admin interface in GroundWork Monitor Enterprise ...)
+CVE-2013-3500
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3499 (GroundWork Monitor Enterprise 6.7.0 performs authentication on the ...)
+CVE-2013-3499
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3498 (Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN ...)
+CVE-2013-3498
 	NOT-FOR-US: Juniper
-CVE-2013-3497 (Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance ...)
+CVE-2013-3497
 	NOT-FOR-US: Juniper
-CVE-2013-3496 (Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator ...)
+CVE-2013-3496
 	NOT-FOR-US: Infotecs ViPNet Client
-CVE-2013-3495 (The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x ...)
+CVE-2013-3495
 	- xen 4.4.1-3 (unimportant)
 	NOTE: Hardware design flaw, no software solution
 CVE-2013-3494
@@ -10560,7 +10560,7 @@ CVE-2013-3493
 	RESERVED
 CVE-2013-3492
 	RESERVED
-CVE-2013-3491 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2013-3491
 	NOT-FOR-US: WordPress plugin sharebar
 CVE-2013-3490
 	RESERVED
@@ -10568,257 +10568,257 @@ CVE-2013-3489
 	RESERVED
 CVE-2013-3488
 	RESERVED
-CVE-2013-3487 (Multiple cross-site scripting (XSS) vulnerabilities in the security ...)
+CVE-2013-3487
 	NOT-FOR-US: BulletProof Security plugin for WordPress
 CVE-2013-3486
 	RESERVED
-CVE-2013-3485 (Multiple untrusted search path vulnerabilities in Soda PDF ...)
+CVE-2013-3485
 	NOT-FOR-US: Soda PDF
-CVE-2013-3484 (Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before ...)
+CVE-2013-3484
 	NOT-FOR-US: dotCMS
-CVE-2013-3483 (Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER ...)
+CVE-2013-3483
 	NOT-FOR-US: ERADAS ER Viewer
-CVE-2013-3482 (Stack-based buffer overflow in the rf_report_error function in ...)
+CVE-2013-3482
 	NOT-FOR-US: ERADAS ER Viewer
-CVE-2013-3481 (Stack-based buffer overflow in Artweaver Plus and Free before 3.1.5 ...)
+CVE-2013-3481
 	NOT-FOR-US: Artweaver
-CVE-2013-3480 (Integer overflow in Sagelight 4.4 and earlier allows remote attackers ...)
+CVE-2013-3480
 	NOT-FOR-US: Sagelight
-CVE-2013-3479 (Cross-site request forgery (CSRF) vulnerability in the ShareThis ...)
+CVE-2013-3479
 	NOT-FOR-US: WordPress plugin ShareThis
-CVE-2013-3478 (SQL injection vulnerability in Apptha WordPress Video Gallery 2.0, ...)
+CVE-2013-3478
 	NOT-FOR-US: Apptha WordPress Video Gallery
-CVE-2013-3477 (Cross-site request forgery (CSRF) vulnerability in the Related Posts ...)
+CVE-2013-3477
 	NOT-FOR-US: WordPress plugin related-posts-by-zemanta
-CVE-2013-3476 (Cross-site request forgery (CSRF) vulnerability in the WordPress ...)
+CVE-2013-3476
 	NOT-FOR-US: WordPress plugin wordpress-23-related-posts-plugin
-CVE-2013-3475 (Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 ...)
+CVE-2013-3475
 	NOT-FOR-US: IBM
-CVE-2013-3474 (The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) ...)
+CVE-2013-3474
 	NOT-FOR-US: Cisco
-CVE-2013-3473 (The web framework in Cisco Prime Central for Hosted Collaboration ...)
+CVE-2013-3473
 	NOT-FOR-US: Cisco
-CVE-2013-3472 (Cross-site request forgery (CSRF) vulnerability in the Enterprise ...)
+CVE-2013-3472
 	NOT-FOR-US: Cisco
-CVE-2013-3471 (The captive portal application in Cisco Identity Services Engine (ISE) ...)
+CVE-2013-3471
 	NOT-FOR-US: Cisco
-CVE-2013-3470 (The RIP process in Cisco IOS XR allows remote attackers to cause a ...)
+CVE-2013-3470
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-3469 (Cisco Mobility Services Engine does not properly set up the Oracle SSL ...)
+CVE-2013-3469
 	NOT-FOR-US: Cisco
-CVE-2013-3468 (The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote ...)
+CVE-2013-3468
 	NOT-FOR-US: Cisco
-CVE-2013-3467 (Memory leak in the CLI component on Cisco Unified Computing System ...)
+CVE-2013-3467
 	NOT-FOR-US: Cisco
-CVE-2013-3466 (The EAP-FAST authentication module in Cisco Secure Access Control ...)
+CVE-2013-3466
 	NOT-FOR-US: Cisco
 CVE-2013-3465
 	RESERVED
-CVE-2013-3464 (Cisco IOS XR allows local users to cause a denial of service (Silicon ...)
+CVE-2013-3464
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-3463 (The protocol-inspection feature on Cisco Adaptive Security Appliances ...)
+CVE-2013-3463
 	NOT-FOR-US: Cisco
-CVE-2013-3462 (Buffer overflow in Cisco Unified Communications Manager (Unified CM) ...)
+CVE-2013-3462
 	NOT-FOR-US: Cisco
-CVE-2013-3461 (Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) ...)
+CVE-2013-3461
 	NOT-FOR-US: Cisco
-CVE-2013-3460 (Memory leak in Cisco Unified Communications Manager (Unified CM) ...)
+CVE-2013-3460
 	NOT-FOR-US: Cisco
-CVE-2013-3459 (Cisco Unified Communications Manager (Unified CM) 7.1(x) before ...)
+CVE-2013-3459
 	NOT-FOR-US: Cisco
-CVE-2013-3458 (Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do ...)
+CVE-2013-3458
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-3457 (Absolute path traversal vulnerability in the web interface in Cisco ...)
+CVE-2013-3457
 	NOT-FOR-US: Cisco Finesse
 CVE-2013-3456
 	RESERVED
-CVE-2013-3455 (Cisco Finesse allows remote attackers to obtain sensitive information ...)
+CVE-2013-3455
 	NOT-FOR-US: Cisco
-CVE-2013-3454 (Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, ...)
+CVE-2013-3454
 	NOT-FOR-US: Cisco
-CVE-2013-3453 (Memory leak in Cisco Unified Communications Manager IM and Presence ...)
+CVE-2013-3453
 	NOT-FOR-US: Cisco
 CVE-2013-3452
 	RESERVED
-CVE-2013-3451 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco ...)
+CVE-2013-3451
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-3450 (Cross-site request forgery (CSRF) vulnerability in the User WebDialer ...)
+CVE-2013-3450
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-3449
 	RESERVED
-CVE-2013-3448 (Cisco WebEx Meetings Server does not check whether a user account is ...)
+CVE-2013-3448
 	NOT-FOR-US: Cisco
 CVE-2013-3447
 	RESERVED
-CVE-2013-3446 (Open redirect vulnerability in the login page in Cisco Digital Media ...)
+CVE-2013-3446
 	NOT-FOR-US: Cisco
-CVE-2013-3445 (The firewall subsystem in Cisco Identity Services Engine has an ...)
+CVE-2013-3445
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-3444 (The web framework in Cisco WAAS Software before 4.x and 5.x before ...)
+CVE-2013-3444
 	NOT-FOR-US: Cisco
-CVE-2013-3443 (The web service framework in Cisco WAAS Software 4.x and 5.x before ...)
+CVE-2013-3443
 	NOT-FOR-US: Cisco
-CVE-2013-3442 (The web portal in Cisco Unified Communications Manager (Unified CM) ...)
+CVE-2013-3442
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-3441 (Cisco Aironet 3600 access points allow remote attackers to cause a ...)
+CVE-2013-3441
 	NOT-FOR-US: Cisco
-CVE-2013-3440 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2013-3440
 	NOT-FOR-US: Cisco
-CVE-2013-3439 (Cross-site scripting (XSS) vulnerability in Cisco Unified Operations ...)
+CVE-2013-3439
 	NOT-FOR-US: Cisco
-CVE-2013-3438 (The web framework in the server in Cisco Unified MeetingPlace Web ...)
+CVE-2013-3438
 	NOT-FOR-US: Cisco
-CVE-2013-3437 (SQL injection vulnerability in the management application in Cisco ...)
+CVE-2013-3437
 	NOT-FOR-US: Cisco
-CVE-2013-3436 (The default configuration of the Group Encrypted Transport VPN (GET ...)
+CVE-2013-3436
 	NOT-FOR-US: Cisco IOS
-CVE-2013-3435 (The Cisco Unified IP Conference Station 7937G allows remote attackers ...)
+CVE-2013-3435
 	NOT-FOR-US: Cisco
-CVE-2013-3434 (Untrusted search path vulnerability in Cisco Unified Communications ...)
+CVE-2013-3434
 	NOT-FOR-US: Cisco
-CVE-2013-3433 (Untrusted search path vulnerability in Cisco Unified Communications ...)
+CVE-2013-3433
 	NOT-FOR-US: Cisco
 CVE-2013-3432
 	RESERVED
-CVE-2013-3431 (Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require ...)
+CVE-2013-3431
 	NOT-FOR-US: Cisco
-CVE-2013-3430 (Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote ...)
+CVE-2013-3430
 	NOT-FOR-US: Cisco
-CVE-2013-3429 (Multiple directory traversal vulnerabilities in Cisco Video ...)
+CVE-2013-3429
 	NOT-FOR-US: Cisco
-CVE-2013-3428 (The web interface in Cisco Secure Access Control System (ACS) does not ...)
+CVE-2013-3428
 	NOT-FOR-US: Cisco
 CVE-2013-3427
 	RESERVED
-CVE-2013-3426 (The Serviceability servlet on Cisco 9900 IP phones does not properly ...)
+CVE-2013-3426
 	NOT-FOR-US: Cisco
-CVE-2013-3425 (The Meeting Center component in Cisco WebEx 11 generates different ...)
+CVE-2013-3425
 	NOT-FOR-US: Cisco WebEx 11
-CVE-2013-3424 (Cross-site request forgery (CSRF) vulnerability in Administration and ...)
+CVE-2013-3424
 	NOT-FOR-US: Cisco
-CVE-2013-3423 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
+CVE-2013-3423
 	NOT-FOR-US: Cisco
-CVE-2013-3422 (Cross-site scripting (XSS) vulnerability in Administration pages in ...)
+CVE-2013-3422
 	NOT-FOR-US: Cisco
-CVE-2013-3421 (Cross-site scripting (XSS) vulnerability in the Help index page in ...)
+CVE-2013-3421
 	NOT-FOR-US: Cisco
-CVE-2013-3420 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2013-3420
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-3419 (Cross-site scripting (XSS) vulnerability in Cisco Unified MeetingPlace ...)
+CVE-2013-3419
 	NOT-FOR-US: Cisco
-CVE-2013-3418 (Cisco Unified Communications Domain Manager does not properly allocate ...)
+CVE-2013-3418
 	NOT-FOR-US: Cisco
-CVE-2013-3417 (The administrative web interface in Cisco Video Surveillance ...)
+CVE-2013-3417
 	NOT-FOR-US: Cisco
-CVE-2013-3416 (Cross-site scripting (XSS) vulnerability in the web framework in the ...)
+CVE-2013-3416
 	NOT-FOR-US: Cisco
-CVE-2013-3415 (Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) ...)
+CVE-2013-3415
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-3414 (Cross-site scripting (XSS) vulnerability in the WebVPN portal login ...)
+CVE-2013-3414
 	NOT-FOR-US: Cisco
-CVE-2013-3413 (Cross-site scripting (XSS) vulnerability in the search form in the ...)
+CVE-2013-3413
 	NOT-FOR-US: Cisco
-CVE-2013-3412 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+CVE-2013-3412
 	NOT-FOR-US: Cisco
-CVE-2013-3411 (The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software ...)
+CVE-2013-3411
 	NOT-FOR-US: Cisco
-CVE-2013-3410 (Cisco Intrusion Prevention System (IPS) Software on IPS NME devices ...)
+CVE-2013-3410
 	NOT-FOR-US: Cisco
-CVE-2013-3409 (The portal in Cisco Prime Central for Hosted Collaboration Solution ...)
+CVE-2013-3409
 	NOT-FOR-US: Cisco
-CVE-2013-3408 (The firmware on Cisco Virtualization Experience Client 6000 devices ...)
+CVE-2013-3408
 	NOT-FOR-US: Cisco
-CVE-2013-3407 (The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 ...)
+CVE-2013-3407
 	NOT-FOR-US: Cisco
-CVE-2013-3406 (The &quot;Files Available for Download&quot; implementation in the Cisco ...)
+CVE-2013-3406
 	NOT-FOR-US: Cisco
-CVE-2013-3405 (The web portal in TC software on Cisco TelePresence endpoints does not ...)
+CVE-2013-3405
 	NOT-FOR-US: Cisco
-CVE-2013-3404 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+CVE-2013-3404
 	NOT-FOR-US: Cisco
-CVE-2013-3403 (Multiple untrusted search path vulnerabilities in Cisco Unified ...)
+CVE-2013-3403
 	NOT-FOR-US: Cisco
-CVE-2013-3402 (An unspecified function in Cisco Unified Communications Manager (CUCM) ...)
+CVE-2013-3402
 	NOT-FOR-US: Cisco
-CVE-2013-3401 (The SIP implementation in Cisco TelePresence TC Software allows remote ...)
+CVE-2013-3401
 	NOT-FOR-US: Cisco
-CVE-2013-3400 (The license-installation module in Cisco NX-OS on Nexus 1000V devices ...)
+CVE-2013-3400
 	NOT-FOR-US: Cisco
-CVE-2013-3399 (Buffer overflow in an unspecified Android API on the Cisco Desktop ...)
+CVE-2013-3399
 	NOT-FOR-US: Cisco
-CVE-2013-3398 (The web framework in Cisco Prime Central for Hosted Collaboration ...)
+CVE-2013-3398
 	NOT-FOR-US: Cisco
-CVE-2013-3397 (Cross-site request forgery (CSRF) vulnerability in the Unified ...)
+CVE-2013-3397
 	NOT-FOR-US: Cisco
-CVE-2013-3396 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2013-3396
 	NOT-FOR-US: Cisco
-CVE-2013-3395 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2013-3395
 	NOT-FOR-US: Cisco IronPort Web Security Appliance
-CVE-2013-3394 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
+CVE-2013-3394
 	NOT-FOR-US: Cisco
-CVE-2013-3393 (The Precision Video Engine component in Cisco Jabber for Windows and ...)
+CVE-2013-3393
 	NOT-FOR-US: Cisco
-CVE-2013-3392 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco ...)
+CVE-2013-3392
 	NOT-FOR-US: Cisco WebEx Social
 CVE-2013-3391
 	RESERVED
-CVE-2013-3390 (Memory leak in Cisco Prime Central for Hosted Collaboration Solution ...)
+CVE-2013-3390
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3389 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance ...)
+CVE-2013-3389
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3388 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance ...)
+CVE-2013-3388
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3387 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance ...)
+CVE-2013-3387
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3386 (The IronPort Spam Quarantine (ISQ) component in the web framework in ...)
+CVE-2013-3386
 	NOT-FOR-US: Cisco
-CVE-2013-3385 (The management GUI in the web framework in IronPort AsyncOS on Cisco ...)
+CVE-2013-3385
 	NOT-FOR-US: Cisco
-CVE-2013-3384 (The web framework in IronPort AsyncOS on Cisco Web Security Appliance ...)
+CVE-2013-3384
 	NOT-FOR-US: Cisco
-CVE-2013-3383 (The web framework in IronPort AsyncOS on Cisco Web Security Appliance ...)
+CVE-2013-3383
 	NOT-FOR-US: Cisco
-CVE-2013-3382 (The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware ...)
+CVE-2013-3382
 	NOT-FOR-US: Cisco ASA
-CVE-2013-3381 (Cisco Hosted Collaboration Mediation allows remote attackers to cause ...)
+CVE-2013-3381
 	NOT-FOR-US: Cisco Hosted Collaboration Mediation
-CVE-2013-3380 (The administrative web interface in the Access Control Server in Cisco ...)
+CVE-2013-3380
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-3379 (The firewall subsystem in Cisco TelePresence TC Software before 4.2 ...)
+CVE-2013-3379
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2013-3378 (Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 ...)
+CVE-2013-3378
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2013-3377 (Cisco TelePresence TC Software before 5.1.7 and TE Software before ...)
+CVE-2013-3377
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2013-3376 (Open redirect vulnerability in the help page in Cisco Video ...)
+CVE-2013-3376
 	NOT-FOR-US: Cisco
-CVE-2013-3375 (Cross-site scripting (XSS) vulnerability in the portal page in Cisco ...)
+CVE-2013-3375
 	NOT-FOR-US: Cisco
-CVE-2013-3374 (Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 ...)
+CVE-2013-3374
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3373 (CRLF injection vulnerability in Request Tracker (RT) 3.8.x before ...)
+CVE-2013-3373
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3372 (Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 ...)
+CVE-2013-3372
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3371 (Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 ...)
+CVE-2013-3371
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3370 (Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does ...)
+CVE-2013-3370
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3369 (Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 ...)
+CVE-2013-3369
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3368 (bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before ...)
+CVE-2013-3368
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
@@ -10826,89 +10826,89 @@ CVE-2013-3367
 	RESERVED
 CVE-2013-3366
 	RESERVED
-CVE-2013-3365 (TRENDnet TEW-812DRU router allows remote authenticated users to ...)
+CVE-2013-3365
 	NOT-FOR-US: TRENDnet TEW-812DRU router
 CVE-2013-3364
 	RESERVED
-CVE-2013-3363 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 ...)
+CVE-2013-3363
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3362 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 ...)
+CVE-2013-3362
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3361 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 ...)
+CVE-2013-3361
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3360 (Adobe Shockwave Player before 12.0.4.144 allows attackers to execute ...)
+CVE-2013-3360
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-3359 (Adobe Shockwave Player before 12.0.4.144 allows attackers to execute ...)
+CVE-2013-3359
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-3358 (Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x ...)
+CVE-2013-3358
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3357 (Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x ...)
+CVE-2013-3357
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3356 (Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x ...)
+CVE-2013-3356
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3355 (Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on ...)
+CVE-2013-3355
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3354 (Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on ...)
+CVE-2013-3354
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3353 (Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x ...)
+CVE-2013-3353
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3352 (Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on ...)
+CVE-2013-3352
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3351 (Multiple stack-based buffer overflows in Adobe Reader and Acrobat ...)
+CVE-2013-3351
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3350 (Adobe ColdFusion 10 before Update 11 allows remote attackers to call ...)
+CVE-2013-3350
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-3349 (Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when ...)
+CVE-2013-3349
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-3348 (Adobe Shockwave Player before 12.0.3.133 allows attackers to execute ...)
+CVE-2013-3348
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-3347 (Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x ...)
+CVE-2013-3347
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3346 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-3346
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3345 (Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 ...)
+CVE-2013-3345
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3344 (Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 ...)
+CVE-2013-3344
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3343 (Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on ...)
+CVE-2013-3343
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3342 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-3342
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3341 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-3341
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3340 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-3340
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3339 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-3339
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3338 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-3338
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3337 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-3337
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3336 (Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and ...)
+CVE-2013-3336
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-3335 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3335
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3334 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3334
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3333 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3333
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3332 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3332
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3331 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3331
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3330 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3330
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3329 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3329
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3328 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3328
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3327 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3327
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3326 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3326
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3325 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3325
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3324 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-3324
 	NOT-FOR-US: Adobe Flash Player
 CVE-2013-3323
 	RESERVED
@@ -10918,7 +10918,7 @@ CVE-2013-3321
 	RESERVED
 CVE-2013-3320
 	RESERVED
-CVE-2013-3319 (The GetComputerSystem method in the HostControl service in SAP ...)
+CVE-2013-3319
 	NOT-FOR-US: SAP Netweaver
 CVE-2013-3318
 	REJECTED
@@ -10926,7 +10926,7 @@ CVE-2013-3317
 	RESERVED
 CVE-2013-3316
 	RESERVED
-CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify ...)
+CVE-2013-3315
 	NOT-FOR-US: TIBCO
 CVE-2013-3314
 	RESERVED
@@ -10948,13 +10948,13 @@ CVE-2013-3306
 	RESERVED
 CVE-2013-3305
 	RESERVED
-CVE-2013-3304 (Directory traversal vulnerability in Dell EqualLogic PS4000 with ...)
+CVE-2013-3304
 	NOT-FOR-US: Dell EqualLogic PS4000
 CVE-2013-3303
 	RESERVED
-CVE-2013-3300 (The JsonParser class in json/JsonParser.scala in Lift before 2.5 ...)
+CVE-2013-3300
 	NOT-FOR-US: Lift Framework
-CVE-2013-3299 (RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers ...)
+CVE-2013-3299
 	NOT-FOR-US: RealPlayer
 CVE-2013-3298
 	RESERVED
@@ -10962,9 +10962,9 @@ CVE-2013-3297
 	RESERVED
 CVE-2013-3296
 	RESERVED
-CVE-2013-3295 (Directory traversal vulnerability in install/popup.php in Exponent CMS ...)
+CVE-2013-3295
 	NOT-FOR-US: Exponent CMS
-CVE-2013-3294 (Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 ...)
+CVE-2013-3294
 	NOT-FOR-US: Exponent CMS
 CVE-2013-3293
 	RESERVED
@@ -10976,13 +10976,13 @@ CVE-2013-3290
 	RESERVED
 CVE-2013-3289
 	REJECTED
-CVE-2013-3288 (Cross-site scripting (XSS) vulnerability on the EMC RSA Data ...)
+CVE-2013-3288
 	NOT-FOR-US: EMC
-CVE-2013-3287 (EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level ...)
+CVE-2013-3287
 	NOT-FOR-US: EMC Unisphere for VMAX
-CVE-2013-3286 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum ...)
+CVE-2013-3286
 	NOT-FOR-US: EMC Documentum
-CVE-2013-3285 (The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before ...)
+CVE-2013-3285
 	NOT-FOR-US: EMC NetWorker
 CVE-2013-3284
 	REJECTED
@@ -10990,47 +10990,47 @@ CVE-2013-3283
 	REJECTED
 CVE-2013-3282
 	REJECTED
-CVE-2013-3281 (Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop ...)
+CVE-2013-3281
 	NOT-FOR-US: EMC Documentum
-CVE-2013-3280 (EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet ...)
+CVE-2013-3280
 	NOT-FOR-US: RSA Authentication Agent for Web for Internet Information Services
-CVE-2013-3279 (EMC Atmos before 2.1.4 has a blank password for the PostgreSQL ...)
+CVE-2013-3279
 	NOT-FOR-US: EMC
-CVE-2013-3278 (EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage ...)
+CVE-2013-3278
 	NOT-FOR-US: EMC
-CVE-2013-3277 (Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 ...)
+CVE-2013-3277
 	NOT-FOR-US: EMC
-CVE-2013-3276 (EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to ...)
+CVE-2013-3276
 	NOT-FOR-US: EMC
-CVE-2013-3275 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store ...)
+CVE-2013-3275
 	NOT-FOR-US: EMC
-CVE-2013-3274 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store ...)
+CVE-2013-3274
 	NOT-FOR-US: EMC
-CVE-2013-3273 (EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, ...)
+CVE-2013-3273
 	NOT-FOR-US: EMC
-CVE-2013-3272 (EMC Replication Manager (RM) before 5.4.4 places encoded passwords in ...)
+CVE-2013-3272
 	NOT-FOR-US: EMC
-CVE-2013-3271 (EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the ...)
+CVE-2013-3271
 	NOT-FOR-US: EMC
-CVE-2013-3270 (EMC VNX Control Station before 7.1.70.2 and Celerra Control Station ...)
+CVE-2013-3270
 	NOT-FOR-US: EMC
-CVE-2013-3302 (Race condition in the smb_send_rqst function in fs/cifs/transport.c in ...)
+CVE-2013-3302
 	- linux-2.6 <not-affected> (Introduced in 3.7)
 	- linux 3.8-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
-CVE-2013-3301 (The ftrace implementation in the Linux kernel before 3.8.8 allows ...)
+CVE-2013-3301
 	{DSA-2669-1}
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.8.11-1 (low)
 	NOTE: https://git.kernel.org/linus/6a76f8c0ab19f215af2a3442870eeb5f0e81998d
 	NOTE: Not enabled in default kernels
-CVE-2013-3269 (Cross-site request forgery (CSRF) vulnerability in Cybozu Office ...)
+CVE-2013-3269
 	NOT-FOR-US: Cybozu Office
-CVE-2013-3268 (Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after ...)
+CVE-2013-3268
 	NOT-FOR-US: Novell iManager
-CVE-2013-3267 (Cross-site scripting (XSS) vulnerability in the highlighter plugin in ...)
+CVE-2013-3267
 	NOT-FOR-US: Joomla!
-CVE-2013-3266 (The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the ...)
+CVE-2013-3266
 	{DSA-2672-1}
 	- kfreebsd-9 9.0-11 (bug #706414)
 	- kfreebsd-8 <removed> (bug #706418)
@@ -11039,131 +11039,131 @@ CVE-2013-3266 (The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in
 	NOTE: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:05.nfsserver.asc
 CVE-2013-3265
 	RESERVED
-CVE-2013-3264 (The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for ...)
+CVE-2013-3264
 	NOT-FOR-US: WP Ultimate Email Marketer
-CVE-2013-3263 (Multiple cross-site scripting (XSS) vulnerabilities in the WP Ultimate ...)
+CVE-2013-3263
 	NOT-FOR-US: WP Ultimate Email Marketer
-CVE-2013-3262 (Cross-site scripting (XSS) vulnerability in admin/admin.php in the ...)
+CVE-2013-3262
 	NOT-FOR-US: WordPress plugin download-monitor
-CVE-2013-3261 (Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the ...)
+CVE-2013-3261
 	NOT-FOR-US: WordPress plugin flash-album-gallery
-CVE-2013-3260 (Heap-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 ...)
+CVE-2013-3260
 	NOT-FOR-US: INMATRIX Zoom Player
-CVE-2013-3259 (Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 ...)
+CVE-2013-3259
 	NOT-FOR-US: INMATRIX Zoom Player
-CVE-2013-3258 (Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin ...)
+CVE-2013-3258
 	NOT-FOR-US: WordPress plugin digg-digg
-CVE-2013-3257 (Cross-site request forgery (CSRF) vulnerability in the Related Posts ...)
+CVE-2013-3257
 	NOT-FOR-US: WordPress plugin related-posts
-CVE-2013-3256 (Cross-site request forgery (CSRF) vulnerability in the Shareaholic ...)
+CVE-2013-3256
 	NOT-FOR-US: WordPress plugin sexybookmarks
 CVE-2013-3255
 	RESERVED
-CVE-2013-3254 (Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the ...)
+CVE-2013-3254
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3253 (Cross-site request forgery (CSRF) vulnerability in admin/setting.php ...)
+CVE-2013-3253
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3252 (Cross-site request forgery (CSRF) vulnerability in the options admin ...)
+CVE-2013-3252
 	NOT-FOR-US: WordPress plugin WP-PostViews
-CVE-2013-3251 (Cross-site request forgery (CSRF) vulnerability in the qTranslate ...)
+CVE-2013-3251
 	NOT-FOR-US: WordPress plugin qTranslate
-CVE-2013-3250 (Cross-site request forgery (CSRF) vulnerability in the WP Maintenance ...)
+CVE-2013-3250
 	NOT-FOR-US: WP Maintenance Mode plugin for Wordpress
-CVE-2013-3249 (Stack-based buffer overflow in the &quot;Add from text file&quot; feature in the ...)
+CVE-2013-3249
 	NOT-FOR-US: DameWare Remote Support
-CVE-2013-3248 (Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows ...)
+CVE-2013-3248
 	NOT-FOR-US: Corel PDF Fusion
 CVE-2013-3247
 	RESERVED
 CVE-2013-3246
 	RESERVED
-CVE-2013-3245 (** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media ...)
+CVE-2013-3245
 	- vlc 2.0.7-1 (unimportant)
 	NOTE: Harmless crasher
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=59c9e8309d5b435a2d85c2c9eaae979ba56ccdd9
 	NOTE: http://secunia.com/blog/372/
 	NOTE: http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia
-CVE-2013-3244 (Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB ...)
+CVE-2013-3244
 	NOT-FOR-US: SAP ERP Central Component
-CVE-2013-3243 (Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver ...)
+CVE-2013-3243
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-3242 (plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 ...)
+CVE-2013-3242
 	NOT-FOR-US: Joomla!
-CVE-2013-3241 (export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 ...)
+CVE-2013-3241
 	- phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-3240 (Directory traversal vulnerability in the Export feature in phpMyAdmin ...)
+CVE-2013-3240
 	- phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-3239 (phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir ...)
+CVE-2013-3239
 	{DLA-0014-1}
 	- phpmyadmin 4:3.4.11.1-2
 	[squeeze] - phpmyadmin 4:3.3.7-8
 	NOTE: Requires non-default option saveDir to be enabled, an authenticated untrusted user and Apache mod_mime
-CVE-2013-3238 (phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote ...)
+CVE-2013-3238
 	- phpmyadmin <not-affected> (exploitable PHP on Windows only)
 	NOTE: code patched in 4:3.4.11.1-2 nonetheless
-CVE-2013-3237 (The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the ...)
+CVE-2013-3237
 	- linux-2.6 <not-affected> ((net/vmw_vsock/af_vsock.c not present)
 	- linux <not-affected> (net/vmw_vsock/af_vsock.c not present)
 	- open-vm-tools 2:9.2.2-893683-8 (low; bug #706557)
 	[wheezy] - open-vm-tools <no-dsa> (Minor information leak)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported, minor information leak)
-CVE-2013-3236 (The vmci_transport_dgram_dequeue function in ...)
+CVE-2013-3236
 	- linux-2.6 <not-affected> (VM Sockets only introduced in 3.9-rc1)
 	- linux <not-affected> (VM Sockets introduced in 3.9-rc1)
-CVE-2013-3235 (net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not ...)
+CVE-2013-3235
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3234 (The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel ...)
+CVE-2013-3234
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3233 (The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux ...)
+CVE-2013-3233
 	- linux-2.6 <not-affected> (net/nfc/llcp/sock.c not present, introduced in 3.3)
 	- linux <not-affected> (net/nfc/llcp/sock.c not present, introduced in 3.3)
-CVE-2013-3232 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel ...)
+CVE-2013-3232
 	- linux-2.6 <not-affected> (Introduced and fixed during 3.9 cycle)
 	- linux <not-affected> (Introduced and fixed during 3.9 cycle)
-CVE-2013-3231 (The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel ...)
+CVE-2013-3231
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3230 (The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux ...)
+CVE-2013-3230
 	- linux-2.6 <not-affected> (net/l2tp/l2tp_ip6.c not present)
 	- linux <not-affected> (net/l2tp/l2tp_ip6.c introduced in 3.5)
-CVE-2013-3229 (The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux ...)
+CVE-2013-3229
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3228 (The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux ...)
+CVE-2013-3228
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3227 (The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the ...)
+CVE-2013-3227
 	{DSA-2669-1}
 	- linux-2.6 <not-affected> (net/caif/caif_socket.c introduced in v2.6.35)
 	- linux 3.8.11-1 (low)
-CVE-2013-3226 (The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux ...)
+CVE-2013-3226
 	- linux-2.6 <not-affected> (Vulnerable code not yet present)
 	- linux <not-affected> (Vulnerable code not yet present)
 	NOTE: sco_sock_recvmsg only introduced with v3.8, bt_sock_recvmsg has its own CVE ID
-CVE-2013-3225 (The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the ...)
+CVE-2013-3225
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3224 (The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the ...)
+CVE-2013-3224
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3223 (The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel ...)
+CVE-2013-3223
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3222 (The vcc_recvmsg function in net/atm/common.c in the Linux kernel ...)
+CVE-2013-3222
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3221 (The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and ...)
+CVE-2013-3221
 	- rails-3.2 <unfixed> (unimportant)
 	- ruby-activerecord-3.2 <unfixed> (unimportant)
 	- ruby-activerecord-2.3 <unfixed> (unimportant)
@@ -11171,9 +11171,9 @@ CVE-2013-3221 (The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x,
 	- rails 2.3.14.1 (unimportant)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: This is a general design problem and only mitigated by documented best practices
-CVE-2013-3220 (bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x ...)
+CVE-2013-3220
 	- bitcoin 0.8.1-1
-CVE-2013-3219 (bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain ...)
+CVE-2013-3219
 	- bitcoin 0.8.1-1
 CVE-2013-3218
 	RESERVED
@@ -11185,91 +11185,91 @@ CVE-2013-3215
 	RESERVED
 CVE-2013-3214
 	RESERVED
-CVE-2013-3213 (Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through ...)
+CVE-2013-3213
 	NOT-FOR-US: vTiger CRM
 CVE-2013-3212
 	RESERVED
-CVE-2013-3211 (Unspecified vulnerability in Opera before 12.15 has unknown impact and ...)
+CVE-2013-3211
 	NOT-FOR-US: Opera
-CVE-2013-3210 (Opera before 12.15 does not properly block top-level domains in ...)
+CVE-2013-3210
 	NOT-FOR-US: Opera
-CVE-2013-3209 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3209
 	NOT-FOR-US: Microsoft
-CVE-2013-3208 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2013-3208
 	NOT-FOR-US: Microsoft
-CVE-2013-3207 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3207
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3206 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3206
 	NOT-FOR-US: Microsoft
-CVE-2013-3205 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2013-3205
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3204 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ...)
+CVE-2013-3204
 	NOT-FOR-US: Microsoft
-CVE-2013-3203 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3203
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3202 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3202
 	NOT-FOR-US: Microsoft
-CVE-2013-3201 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3201
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3200 (The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 ...)
+CVE-2013-3200
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3199 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3199
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3198 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in ...)
+CVE-2013-3198
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3197 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in ...)
+CVE-2013-3197
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3196 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in ...)
+CVE-2013-3196
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3195 (The DSA_InsertItem function in Comctl32.dll in the Windows common ...)
+CVE-2013-3195
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3194 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2013-3194
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3193 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3193
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3192 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2013-3192
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3191 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3191
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3190 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2013-3190
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3189 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2013-3189
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3188 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2013-3188
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3187 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3187
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3186 (The Protected Mode feature in Microsoft Internet Explorer 7 through 10 ...)
+CVE-2013-3186
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3185 (Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 ...)
+CVE-2013-3185
 	NOT-FOR-US: Microsoft Active Directory Federation Services
-CVE-2013-3184 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ...)
+CVE-2013-3184
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3183 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows ...)
+CVE-2013-3183
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3182 (The Windows NAT Driver (aka winnat) service in Microsoft Windows ...)
+CVE-2013-3182
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3181 (usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 ...)
+CVE-2013-3181
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3180 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2013-3180
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-3179 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2013-3179
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-3178 (Microsoft Silverlight 5 before 5.1.20513.0 does not properly ...)
+CVE-2013-3178
 	NOT-FOR-US: Microsoft Silverlight
 CVE-2013-3177
 	REJECTED
 CVE-2013-3176
 	REJECTED
-CVE-2013-3175 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows ...)
+CVE-2013-3175
 	NOT-FOR-US: Microsoft
-CVE-2013-3174 (DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 ...)
+CVE-2013-3174
 	NOT-FOR-US: Microsoft
-CVE-2013-3173 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-3173
 	NOT-FOR-US: Microsoft
-CVE-2013-3172 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-3172
 	NOT-FOR-US: Microsoft
-CVE-2013-3171 (The serialization functionality in Microsoft .NET Framework 2.0 SP2, ...)
+CVE-2013-3171
 	NOT-FOR-US: Microsoft
 CVE-2013-3170
 	REJECTED
@@ -11277,129 +11277,129 @@ CVE-2013-3169
 	REJECTED
 CVE-2013-3168
 	REJECTED
-CVE-2013-3167 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-3167
 	NOT-FOR-US: Microsoft
-CVE-2013-3166 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2013-3166
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3165
 	REJECTED
-CVE-2013-3164 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2013-3164
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3163 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2013-3163
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3162 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ...)
+CVE-2013-3162
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3161 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3161
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3160 (Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, ...)
+CVE-2013-3160
 	NOT-FOR-US: Microsoft Office
-CVE-2013-3159 (Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel ...)
+CVE-2013-3159
 	NOT-FOR-US: Microsoft Excel
-CVE-2013-3158 (Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to ...)
+CVE-2013-3158
 	NOT-FOR-US: Microsoft Excel
-CVE-2013-3157 (Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft ...)
+CVE-2013-3157
 	NOT-FOR-US: Microsoft
-CVE-2013-3156 (Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft ...)
+CVE-2013-3156
 	NOT-FOR-US: Microsoft Access
-CVE-2013-3155 (Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft ...)
+CVE-2013-3155
 	NOT-FOR-US: Microsoft
-CVE-2013-3154 (The signature-update functionality in Windows Defender on Microsoft ...)
+CVE-2013-3154
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3153 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3153
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3152 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3152
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3151 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2013-3151
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3150 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2013-3150
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3149 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
+CVE-2013-3149
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3148 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3148
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3147 (Microsoft Internet Explorer 6 through 9 allows remote attackers to ...)
+CVE-2013-3147
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3146 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3146
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3145 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2013-3145
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3144 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2013-3144
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3143 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3143
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3142 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3142
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3141 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2013-3141
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3140 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2013-3140
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3139 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3139
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3138 (Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows ...)
+CVE-2013-3138
 	NOT-FOR-US: Microsoft
-CVE-2013-3137 (Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which ...)
+CVE-2013-3137
 	NOT-FOR-US: Microsoft FrontPage
-CVE-2013-3136 (The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, ...)
+CVE-2013-3136
 	NOT-FOR-US: Microsoft
 CVE-2013-3135
 	REJECTED
-CVE-2013-3134 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, ...)
+CVE-2013-3134
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3133 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not ...)
+CVE-2013-3133
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3132 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and ...)
+CVE-2013-3132
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3131 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and ...)
+CVE-2013-3131
 	NOT-FOR-US: Microsoft
 CVE-2013-3130
 	REJECTED
-CVE-2013-3129 (Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight ...)
+CVE-2013-3129
 	NOT-FOR-US: Microsoft
-CVE-2013-3128 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2013-3128
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3127 (The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows ...)
+CVE-2013-3127
 	NOT-FOR-US: Microsoft
-CVE-2013-3126 (Microsoft Internet Explorer 9 and 10, when script debugging is ...)
+CVE-2013-3126
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3125 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3125
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3124 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2013-3124
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3123 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2013-3123
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3122 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2013-3122
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3121 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3121
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3120 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3120
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3119 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3119
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3118 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2013-3118
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3117 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2013-3117
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3116 (Microsoft Internet Explorer 7 through 9 allows remote attackers to ...)
+CVE-2013-3116
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3115 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ...)
+CVE-2013-3115
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3114 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2013-3114
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3113 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3113
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3112 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2013-3112
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3111 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2013-3111
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3110 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2013-3110
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3109
 	RESERVED
 CVE-2013-3108
 	RESERVED
-CVE-2013-3107 (VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding ...)
+CVE-2013-3107
 	NOT-FOR-US: vCenter
-CVE-2013-3106 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+CVE-2013-3106
 	NOT-FOR-US: Open-Xchange
 CVE-2013-3105
 	RESERVED
@@ -11415,60 +11415,60 @@ CVE-2013-3100
 	RESERVED
 CVE-2013-3099
 	RESERVED
-CVE-2013-3098 (Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet ...)
+CVE-2013-3098
 	NOT-FOR-US: TRENDnet TEW-812DRU router
 CVE-2013-3097
 	RESERVED
 CVE-2013-3096
 	RESERVED
-CVE-2013-3095 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
+CVE-2013-3095
 	NOT-FOR-US: D-Link
 CVE-2013-3094
 	RESERVED
 CVE-2013-3093
 	RESERVED
-CVE-2013-3092 (The Belkin N300 (F7D7301v1) router allows remote attackers to bypass ...)
+CVE-2013-3092
 	NOT-FOR-US: Belkin router
 CVE-2013-3091
 	RESERVED
-CVE-2013-3090 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 ...)
+CVE-2013-3090
 	NOT-FOR-US: Belkin N300 router
-CVE-2013-3089 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin ...)
+CVE-2013-3089
 	NOT-FOR-US: Belkin N300
 CVE-2013-3088
 	RESERVED
-CVE-2013-3087 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin N900 ...)
+CVE-2013-3087
 	NOT-FOR-US: Belkin N900 router
-CVE-2013-3086 (Cross-site request forgery (CSRF) vulnerability in util_system.html in ...)
+CVE-2013-3086
 	NOT-FOR-US: Belkin N900
 CVE-2013-3085
 	RESERVED
-CVE-2013-3084 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin Model ...)
+CVE-2013-3084
 	NOT-FOR-US: Belkin router
-CVE-2013-3083 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-3083
 	NOT-FOR-US: Belkin
-CVE-2013-3082 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-3082
 	NOT-FOR-US: Jojo CMS
-CVE-2013-3081 (SQL injection vulnerability in the checkEmailFormat function in ...)
+CVE-2013-3081
 	NOT-FOR-US: Jojo CMS
-CVE-2013-3080 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows ...)
+CVE-2013-3080
 	NOT-FOR-US: vCenter
-CVE-2013-3079 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows ...)
+CVE-2013-3079
 	NOT-FOR-US: vCenter
 CVE-2013-3078
 	RESERVED
-CVE-2013-3077 (Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER ...)
+CVE-2013-3077
 	{DSA-2743-1}
 	- kfreebsd-8 <removed> (bug #720470)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 9.2~svn254368-2 (bug #720468)
 	- kfreebsd-10 10.0~svn254663-1 (bug #720471)
-CVE-2013-3076 (The crypto API in the Linux kernel through 3.9-rc8 does not initialize ...)
+CVE-2013-3076
 	{DSA-2669-1}
 	- linux 3.8.11-1 (low)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-3075 (Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX ...)
+CVE-2013-3075
 	NOT-FOR-US: Mitsubishi MX Component 3
 CVE-2013-3074
 	RESERVED
@@ -11480,35 +11480,35 @@ CVE-2013-3071
 	RESERVED
 CVE-2013-3070
 	RESERVED
-CVE-2013-3069 (Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR ...)
+CVE-2013-3069
 	NOT-FOR-US: NETGEAR devices
-CVE-2013-3068 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in ...)
+CVE-2013-3068
 	NOT-FOR-US: Linksys
 CVE-2013-3067
 	RESERVED
-CVE-2013-3066 (Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict ...)
+CVE-2013-3066
 	NOT-FOR-US: Linksys
-CVE-2013-3065 (Cross-site scripting (XSS) vulnerability in the Parental Controls ...)
+CVE-2013-3065
 	NOT-FOR-US: Linksys
-CVE-2013-3064 (Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys ...)
+CVE-2013-3064
 	NOT-FOR-US: Linksys
-CVE-2013-3063 (SAP BASIS Communication Services 4.6B through 7.30 allows remote ...)
+CVE-2013-3063
 	NOT-FOR-US: SAP BASIS Communication Services
-CVE-2013-3062 (The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering ...)
+CVE-2013-3062
 	NOT-FOR-US: SAP
-CVE-2013-3061 (The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H ...)
+CVE-2013-3061
 	NOT-FOR-US: SAP
-CVE-2013-3060 (The web console in Apache ActiveMQ before 5.8.0 does not require ...)
+CVE-2013-3060
 	- activemq <not-affected> (Web console not provided in Debian package, see #702670)
-CVE-2013-3059 (Cross-site scripting (XSS) vulnerability in the Voting plugin in ...)
+CVE-2013-3059
 	NOT-FOR-US: Joomla!
-CVE-2013-3058 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before ...)
+CVE-2013-3058
 	NOT-FOR-US: Joomla!
-CVE-2013-3057 (Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote ...)
+CVE-2013-3057
 	NOT-FOR-US: Joomla!
-CVE-2013-3056 (Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote ...)
+CVE-2013-3056
 	NOT-FOR-US: Joomla!
-CVE-2013-3055 (Lexmark Markvision Enterprise before 1.8 provides a diagnostic ...)
+CVE-2013-3055
 	NOT-FOR-US: Lexmark Markvision Enterprise
 CVE-2013-3054
 	RESERVED
@@ -11516,77 +11516,77 @@ CVE-2013-3053
 	RESERVED
 CVE-2013-3052
 	RESERVED
-CVE-2013-3051 (The TrustZone kernel, when used in conjunction with a certain Motorola ...)
+CVE-2013-3051
 	NOT-FOR-US: TrustZone kernel
-CVE-2013-3050 (SQL injection vulnerability in ZAPms 1.41 and earlier allows remote ...)
+CVE-2013-3050
 	NOT-FOR-US: ZAPms
-CVE-2013-3049 (IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before ...)
+CVE-2013-3049
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3048 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2013-3048
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3047 (IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 ...)
+CVE-2013-3047
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3046 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2013-3046
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3045 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 ...)
+CVE-2013-3045
 	NOT-FOR-US: IBM
-CVE-2013-3044 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 ...)
+CVE-2013-3044
 	NOT-FOR-US: IBM
-CVE-2013-3043 (Directory traversal vulnerability in the client in IBM Rational ...)
+CVE-2013-3043
 	NOT-FOR-US: IBM
-CVE-2013-3042 (Directory traversal vulnerability in the server in IBM Rational ...)
+CVE-2013-3042
 	NOT-FOR-US: IBM
-CVE-2013-3041 (The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 ...)
+CVE-2013-3041
 	NOT-FOR-US: IBM
-CVE-2013-3040 (IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, ...)
+CVE-2013-3040
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-3039 (IBM Rational Requirements Composer before 4.0.4 does not properly ...)
+CVE-2013-3039
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3038 (Unspecified vulnerability in IBM Rational Requirements Composer before ...)
+CVE-2013-3038
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3037 (Unspecified vulnerability in IBM Rational Requirements Composer before ...)
+CVE-2013-3037
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3036 (Open redirect vulnerability in IBM Rational Requirements Composer ...)
+CVE-2013-3036
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3035 (The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, ...)
+CVE-2013-3035
 	NOT-FOR-US: IBM AIX
-CVE-2013-3034 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information ...)
+CVE-2013-3034
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-3033 (SQL injection vulnerability in the server component in IBM Tivoli ...)
+CVE-2013-3033
 	NOT-FOR-US: IBM Tivoli Remote Control
-CVE-2013-3032 (Cross-site scripting (XSS) vulnerability in the MIME e-mail ...)
+CVE-2013-3032
 	NOT-FOR-US: IBM Domino
-CVE-2013-3031 (A SQL stored procedure in the Universal Cache component in IBM solidDB ...)
+CVE-2013-3031
 	NOT-FOR-US: IBM
-CVE-2013-3030 (The servlet gateway in IBM Cognos Business Intelligence 8.4.1 before ...)
+CVE-2013-3030
 	NOT-FOR-US: IBM
-CVE-2013-3029 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
+CVE-2013-3029
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-3028 (Multiple buffer overflows in mqm programs in IBM WebSphere MQ 7.0.x ...)
+CVE-2013-3028
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-3027 (Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino ...)
+CVE-2013-3027
 	NOT-FOR-US: IBM Domino
-CVE-2013-3026 (Buffer overflow in the Lotus Quickr for Domino ActiveX control in ...)
+CVE-2013-3026
 	NOT-FOR-US: Lotus Quickr for Domino ActiveX
-CVE-2013-3025 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational ...)
+CVE-2013-3025
 	NOT-FOR-US: IBM
-CVE-2013-3024 (IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX ...)
+CVE-2013-3024
 	NOT-FOR-US: IBM
-CVE-2013-3023 (IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and ...)
+CVE-2013-3023
 	NOT-FOR-US: IBM
 CVE-2013-3022
 	REJECTED
 CVE-2013-3021
 	RESERVED
-CVE-2013-3020 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-3020
 	NOT-FOR-US: IBM
 CVE-2013-3019
 	RESERVED
-CVE-2013-3018 (The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application ...)
+CVE-2013-3018
 	NOT-FOR-US: IBM
-CVE-2013-3017 (IBM Tivoli Application Dependency Discovery Manager (TADDM) before ...)
+CVE-2013-3017
 	NOT-FOR-US: IBM
-CVE-2013-3016 (IBM WebSphere Portal 6.1, 7.0, and 8.0 allows remote attackers to ...)
+CVE-2013-3016
 	NOT-FOR-US: IBM WebSphere
 CVE-2013-3015
 	RESERVED
@@ -11594,131 +11594,131 @@ CVE-2013-3014
 	RESERVED
 CVE-2013-3013
 	RESERVED
-CVE-2013-3012 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
+CVE-2013-3012
 	NOT-FOR-US: IBM JDK
-CVE-2013-3011 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
+CVE-2013-3011
 	NOT-FOR-US: IBM JDK
-CVE-2013-3010 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
+CVE-2013-3010
 	NOT-FOR-US: IBM JDK
-CVE-2013-3009 (The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before ...)
+CVE-2013-3009
 	NOT-FOR-US: IBM JDK
-CVE-2013-3008 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
+CVE-2013-3008
 	NOT-FOR-US: IBM JDK
-CVE-2013-3007 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
+CVE-2013-3007
 	NOT-FOR-US: IBM JDK
-CVE-2013-3006 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
+CVE-2013-3006
 	NOT-FOR-US: IBM JDK
-CVE-2013-3005 (The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, ...)
+CVE-2013-3005
 	NOT-FOR-US: TFTP client in IBM AIX
-CVE-2013-3004 (Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli ...)
+CVE-2013-3004
 	NOT-FOR-US: IBM Tivoli Application Dependency Discovery Manager
-CVE-2013-3003 (Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite ...)
+CVE-2013-3003
 	NOT-FOR-US: IBM
 CVE-2013-3002
 	RESERVED
-CVE-2013-3001 (Directory traversal vulnerability in IBM InfoSphere Data Replication ...)
+CVE-2013-3001
 	NOT-FOR-US: IBM
-CVE-2013-3000 (SQL injection vulnerability in IBM InfoSphere Data Replication ...)
+CVE-2013-3000
 	NOT-FOR-US: IBM
-CVE-2013-2999 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data ...)
+CVE-2013-2999
 	NOT-FOR-US: IBM
-CVE-2013-2998 (frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 ...)
+CVE-2013-2998
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-2997 (IBM Security AppScan Enterprise before 8.7 does not invalidate the ...)
+CVE-2013-2997
 	NOT-FOR-US: IBM
 CVE-2013-2996
 	RESERVED
 CVE-2013-2995
 	RESERVED
-CVE-2013-2994 (IBM WebSphere Commerce 7.0 Feature Pack 4 and Feature Pack 5 ...)
+CVE-2013-2994
 	NOT-FOR-US: IBM
-CVE-2013-2993 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.7 ...)
+CVE-2013-2993
 	NOT-FOR-US: IBM
-CVE-2013-2992 (The Search component in IBM WebSphere Commerce 7.0 FP4 through FP6, in ...)
+CVE-2013-2992
 	NOT-FOR-US: IBM
 CVE-2013-2991
 	REJECTED
 CVE-2013-2990
 	REJECTED
-CVE-2013-2989 (The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, ...)
+CVE-2013-2989
 	NOT-FOR-US: IBM
-CVE-2013-2988 (Absolute path traversal vulnerability in the server in IBM Cognos ...)
+CVE-2013-2988
 	NOT-FOR-US: IBM Cognos
-CVE-2013-2987 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-2987
 	NOT-FOR-US: IBM
 CVE-2013-2986
 	REJECTED
-CVE-2013-2985 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-2985
 	NOT-FOR-US: IBM
-CVE-2013-2984 (Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 ...)
+CVE-2013-2984
 	NOT-FOR-US: IBM
-CVE-2013-2983 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling ...)
+CVE-2013-2983
 	NOT-FOR-US: IBM
-CVE-2013-2982 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-2982
 	NOT-FOR-US: IBM
-CVE-2013-2981 (Directory traversal vulnerability in the Web Console in IBM Data ...)
+CVE-2013-2981
 	NOT-FOR-US: IBM Data Studio
-CVE-2013-2980 (Cross-site request forgery (CSRF) vulnerability in the Web Console in ...)
+CVE-2013-2980
 	NOT-FOR-US: IBM Data Studio
-CVE-2013-2979 (Directory traversal vulnerability in IBM Optim Performance Manager ...)
+CVE-2013-2979
 	NOT-FOR-US: IBM
-CVE-2013-2978 (Absolute path traversal vulnerability in the server in IBM Cognos ...)
+CVE-2013-2978
 	NOT-FOR-US: IBM Cognos
-CVE-2013-2977 (Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and ...)
+CVE-2013-2977
 	NOT-FOR-US: IBM Notes
-CVE-2013-2976 (The Administrative console in IBM WebSphere Application Server (WAS) ...)
+CVE-2013-2976
 	NOT-FOR-US: IBM
 CVE-2013-2975
 	RESERVED
-CVE-2013-2974 (The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager ...)
+CVE-2013-2974
 	NOT-FOR-US: IBM Tivoli Application Dependency Discovery Manager
 CVE-2013-2973
 	REJECTED
-CVE-2013-2972 (IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended ...)
+CVE-2013-2972
 	NOT-FOR-US: IBM
 CVE-2013-2971
 	REJECTED
-CVE-2013-2970 (Unspecified vulnerability in IBM QRadar Security Information and Event ...)
+CVE-2013-2970
 	NOT-FOR-US: IBM
-CVE-2013-2969 (Cross-site scripting (XSS) vulnerability in IBM Sterling Control ...)
+CVE-2013-2969
 	NOT-FOR-US: IBM Sterling Control Center
-CVE-2013-2968 (An unspecified buffer-read method in IBM Sterling Control Center (SCC) ...)
+CVE-2013-2968
 	NOT-FOR-US: IBM Sterling Control Center
-CVE-2013-2967 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-2967
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-2966
 	RESERVED
 CVE-2013-2965
 	RESERVED
-CVE-2013-2964 (Buffer overflow in dsmtca in IBM Tivoli Storage Manager (TSM) through ...)
+CVE-2013-2964
 	NOT-FOR-US: IBM Tivoli Storage Manager
 CVE-2013-2963
 	RESERVED
-CVE-2013-2962 (Buffer overflow in the Launcher in IBM WebSphere Transformation ...)
+CVE-2013-2962
 	NOT-FOR-US: IBM WebSphere Transformation Extender
-CVE-2013-2961 (The internal web server in the Basic Services component in IBM Tivoli ...)
+CVE-2013-2961
 	NOT-FOR-US: IBM Tivoli
-CVE-2013-2960 (Buffer overflow in KDSMAIN in the Basic Services component in IBM ...)
+CVE-2013-2960
 	NOT-FOR-US: IBM Tivoli
-CVE-2013-2959 (The Console in IBM InfoSphere Optim Data Growth for Oracle E-Business ...)
+CVE-2013-2959
 	NOT-FOR-US: IBM
 CVE-2013-2958
 	RESERVED
-CVE-2013-2957 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data ...)
+CVE-2013-2957
 	NOT-FOR-US: IBM
-CVE-2013-2956 (SQL injection vulnerability in the Console in IBM InfoSphere Optim ...)
+CVE-2013-2956
 	NOT-FOR-US: IBM
-CVE-2013-2955 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data ...)
+CVE-2013-2955
 	NOT-FOR-US: IBM
-CVE-2013-2954 (The login page in the Console in IBM InfoSphere Optim Data Growth for ...)
+CVE-2013-2954
 	NOT-FOR-US: IBM
-CVE-2013-2953 (IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, ...)
+CVE-2013-2953
 	NOT-FOR-US: IBM
 CVE-2013-2952
 	RESERVED
-CVE-2013-2951 (IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace ...)
+CVE-2013-2951
 	NOT-FOR-US: IBM
-CVE-2013-2950 (CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before ...)
+CVE-2013-2950
 	NOT-FOR-US: IBM WebSphere
 CVE-2013-2949
 	RESERVED
@@ -11728,9 +11728,9 @@ CVE-2013-2947
 	RESERVED
 CVE-2013-2946
 	RESERVED
-CVE-2013-2945 (SQL injection vulnerability in blogs/admin.php in b2evolution before ...)
+CVE-2013-2945
 	NOT-FOR-US: b2evolution
-CVE-2013-2944 (strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ...)
+CVE-2013-2944
 	{DSA-2665-1}
 	- strongswan 4.6.4-7
 CVE-2013-2943
@@ -11739,76 +11739,76 @@ CVE-2013-2942
 	RESERVED
 CVE-2013-2941
 	RESERVED
-CVE-2013-2940 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka ...)
+CVE-2013-2940
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2939 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka ...)
+CVE-2013-2939
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2938 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka ...)
+CVE-2013-2938
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2937 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka ...)
+CVE-2013-2937
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2936 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka ...)
+CVE-2013-2936
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2935 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka ...)
+CVE-2013-2935
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2934 (Citrix CloudPortal Services Manager (aka Cortex) 10.0 before ...)
+CVE-2013-2934
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2933 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka ...)
+CVE-2013-2933
 	NOT-FOR-US: Citrix CloudPortal Services Manager
 CVE-2013-2932
 	RESERVED
-CVE-2013-2931 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2931
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2930 (The perf_trace_event_perm function in kernel/trace/trace_event_perf.c ...)
+CVE-2013-2930
 	- linux-2.6 <not-affected> (Introduced in v3.4)
 	[wheezy] - linux <not-affected> (Introduced in v3.4)
 	- linux 3.11.8-1
 	NOTE: Introduced by ced39002f5ea
-CVE-2013-2929 (The Linux kernel before 3.12.2 does not properly use the get_dumpable ...)
+CVE-2013-2929
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.10-1
 	[wheezy] - linux 3.2.53-2
-CVE-2013-2928 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2928
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2927 (Use-after-free vulnerability in the ...)
+CVE-2013-2927
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2926 (Use-after-free vulnerability in the ...)
+CVE-2013-2926
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2925 (Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, ...)
+CVE-2013-2925
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2924 (Use-after-free vulnerability in International Components for Unicode ...)
+CVE-2013-2924
 	{DSA-2786-1 DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 4.8.1.1-13+nmu1 (bug #726477)
-CVE-2013-2923 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2923
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2922 (Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in ...)
+CVE-2013-2922
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2921 (Double free vulnerability in the ResourceFetcher::didLoadResource ...)
+CVE-2013-2921
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2920 (The DoResolveRelativeHost function in url/url_canon_relative.cc in ...)
+CVE-2013-2920
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2919 (Google V8, as used in Google Chrome before 30.0.1599.66, allows remote ...)
+CVE-2013-2919
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -11817,153 +11817,153 @@ CVE-2013-2919 (Google V8, as used in Google Chrome before 30.0.1599.66, allows r
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-2918 (Use-after-free vulnerability in the ...)
+CVE-2013-2918
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2917 (The ReverbConvolverStage::ReverbConvolverStage function in ...)
+CVE-2013-2917
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2916 (Blink, as used in Google Chrome before 30.0.1599.66, allows remote ...)
+CVE-2013-2916
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2915 (Google Chrome before 30.0.1599.66 preserves pending NavigationEntry ...)
+CVE-2013-2915
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2914 (Use-after-free vulnerability in the color-chooser dialog in Google ...)
+CVE-2013-2914
 	- chromium-browser <not-affected> (windows-specific issue)
-CVE-2013-2913 (Use-after-free vulnerability in the XMLDocumentParser::append function ...)
+CVE-2013-2913
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2912 (Use-after-free vulnerability in the PepperInProcessRouter::SendToHost ...)
+CVE-2013-2912
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2911 (Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet ...)
+CVE-2013-2911
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2910 (Use-after-free vulnerability in ...)
+CVE-2013-2910
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2909 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
+CVE-2013-2909
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2908 (Google Chrome before 30.0.1599.66 uses incorrect function calls to ...)
+CVE-2013-2908
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2907 (The Window.prototype object implementation in Google Chrome before ...)
+CVE-2013-2907
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2906 (Multiple race conditions in the Web Audio implementation in Blink, as ...)
+CVE-2013-2906
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2905 (The SharedMemory::Create function in memory/shared_memory_posix.cc in ...)
+CVE-2013-2905
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2904 (Use-after-free vulnerability in the Document::finishedParsing function ...)
+CVE-2013-2904
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2903 (Use-after-free vulnerability in the ...)
+CVE-2013-2903
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2902 (Use-after-free vulnerability in the XSLT ProcessingInstruction ...)
+CVE-2013-2902
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt <not-affected> (according to https://chromiumcodereview.appspot.com/20856002 this is an issue on chromium's side of xslt handling)
-CVE-2013-2901 (Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and ...)
+CVE-2013-2901
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2900 (The FilePath::ReferencesParent function in files/file_path.cc in ...)
+CVE-2013-2900
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2899 (drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) ...)
+CVE-2013-2899
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (driver introduced in 2.6.35)
-CVE-2013-2898 (drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) ...)
+CVE-2013-2898
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux <not-affected> (driver introduced in 3.7)
 	- linux-2.6 <not-affected> (driver introduced in 3.7)
-CVE-2013-2897 (Multiple array index errors in drivers/hid/hid-multitouch.c in the ...)
+CVE-2013-2897
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <not-affected> (driver introduced in 2.6.38)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2896 (drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem ...)
+CVE-2013-2896
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (Vulnerable feature probing code not present)
-CVE-2013-2895 (drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) ...)
+CVE-2013-2895
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <not-affected> (driver introduced in 3.2)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2894 (drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) ...)
+CVE-2013-2894
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (driver introduced in 3.6)
 	- linux-2.6 <not-affected> (driver introduced in 3.6)
-CVE-2013-2893 (The Human Interface Device (HID) subsystem in the Linux kernel through ...)
+CVE-2013-2893
 	{DSA-2906-1}
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2892 (drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in ...)
+CVE-2013-2892
 	{DSA-2766-1}
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <removed> (low)
-CVE-2013-2891 (drivers/hid/hid-steelseries.c in the Human Interface Device (HID) ...)
+CVE-2013-2891
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (steelseries driver introduced in 3.9)
 	- linux-2.6 <not-affected> (steelseries driver introduced in 3.9)
-CVE-2013-2890 (drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem ...)
+CVE-2013-2890
 	- linux <not-affected> (buzz driver introduced in 3.11 cycle, only in experimental)
 	- linux-2.6 <not-affected> (buzz driver introduced in 3.11 cycle)
-CVE-2013-2889 (drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem ...)
+CVE-2013-2889
 	{DSA-2906-1}
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2888 (Multiple array index errors in drivers/hid/hid-core.c in the Human ...)
+CVE-2013-2888
 	{DSA-2766-1}
 	- linux 3.10.11-1
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.51-1
-CVE-2013-2887 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2887
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2886 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2886
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2885 (Use-after-free vulnerability in Google Chrome before 28.0.1500.95 ...)
+CVE-2013-2885
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2884 (Use-after-free vulnerability in the DOM implementation in Google ...)
+CVE-2013-2884
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2883 (Use-after-free vulnerability in Google Chrome before 28.0.1500.95 ...)
+CVE-2013-2883
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2882 (Google V8, as used in Google Chrome before 28.0.1500.95, allows remote ...)
+CVE-2013-2882
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -11972,171 +11972,171 @@ CVE-2013-2882 (Google V8, as used in Google Chrome before 28.0.1500.95, allows r
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-2881 (Google Chrome before 28.0.1500.95 does not properly handle frames, ...)
+CVE-2013-2881
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2880 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2880
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2879 (Google Chrome before 28.0.1500.71 does not properly determine the ...)
+CVE-2013-2879
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2878 (Google Chrome before 28.0.1500.71 allows remote attackers to cause a ...)
+CVE-2013-2878
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2877 (parser.c in libxml2 before 2.9.0, as used in Google Chrome before ...)
+CVE-2013-2877
 	{DSA-2779-1 DSA-2724-1}
 	- libxml2 2.9.1+dfsg1-1 (bug #715531)
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2876 (browser/extensions/api/tabs/tabs_api.cc in Google Chrome before ...)
+CVE-2013-2876
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2875 (core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in ...)
+CVE-2013-2875
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2874 (Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is ...)
+CVE-2013-2874
 	- chromium-browser <not-affected> (Windows-specific)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2873 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 ...)
+CVE-2013-2873
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2872 (Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a ...)
+CVE-2013-2872
 	- chromium-browser <not-affected> (MacOS specific)
-CVE-2013-2871 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 ...)
+CVE-2013-2871
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2870 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 ...)
+CVE-2013-2870
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2869 (Google Chrome before 28.0.1500.71 allows remote attackers to cause a ...)
+CVE-2013-2869
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2868 (common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 ...)
+CVE-2013-2868
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2867 (Google Chrome before 28.0.1500.71 does not properly prevent pop-under ...)
+CVE-2013-2867
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2866 (The Flash plug-in in Google Chrome before 27.0.1453.116, as used on ...)
+CVE-2013-2866
 	- chromium-browser <not-affected> (Flash plugin not included in Chromium)
-CVE-2013-2865 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2865
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2864 (The PDF functionality in Google Chrome before 27.0.1453.110 allows ...)
+CVE-2013-2864
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
-CVE-2013-2863 (Google Chrome before 27.0.1453.110 does not properly handle SSL ...)
+CVE-2013-2863
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2862 (Skia, as used in Google Chrome before 27.0.1453.110, does not properly ...)
+CVE-2013-2862
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2861 (Use-after-free vulnerability in the SVG implementation in Google ...)
+CVE-2013-2861
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2860 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 ...)
+CVE-2013-2860
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2859 (Google Chrome before 27.0.1453.110 allows remote attackers to bypass ...)
+CVE-2013-2859
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2858 (Use-after-free vulnerability in the HTML5 Audio implementation in ...)
+CVE-2013-2858
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2857 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 ...)
+CVE-2013-2857
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2856 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 ...)
+CVE-2013-2856
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2855 (The Developer Tools API in Google Chrome before 27.0.1453.110 allows ...)
+CVE-2013-2855
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2854 (Google Chrome before 27.0.1453.110 on Windows provides an incorrect ...)
+CVE-2013-2854
 	- chromium-browser <not-affected> (Windows-specific)
-CVE-2013-2853 (The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ...)
+CVE-2013-2853
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2852 (Format string vulnerability in the b43_request_firmware function in ...)
+CVE-2013-2852
 	{DSA-2766-1 DSA-2745-1}
 	- linux 3.9.8-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-2851 (Format string vulnerability in the register_disk function in ...)
+CVE-2013-2851
 	{DSA-2766-1 DSA-2745-1}
 	- linux 3.9.8-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-2850 (Heap-based buffer overflow in the iscsi_add_notunderstood_response ...)
+CVE-2013-2850
 	- linux 3.9.4-1
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 	[wheezy] - linux 3.2.46-1
-CVE-2013-2849 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome ...)
+CVE-2013-2849
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2848 (The XSS Auditor in Google Chrome before 27.0.1453.93 might allow ...)
+CVE-2013-2848
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2847 (Race condition in the workers implementation in Google Chrome before ...)
+CVE-2013-2847
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2846 (Use-after-free vulnerability in the media loader in Google Chrome ...)
+CVE-2013-2846
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2845 (The Web Audio implementation in Google Chrome before 27.0.1453.93 ...)
+CVE-2013-2845
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2844 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
+CVE-2013-2844
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2843 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 ...)
+CVE-2013-2843
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2842 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 ...)
+CVE-2013-2842
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2841 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 ...)
+CVE-2013-2841
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2840 (Use-after-free vulnerability in the media loader in Google Chrome ...)
+CVE-2013-2840
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2839 (Google Chrome before 27.0.1453.93 does not properly perform a cast of ...)
+CVE-2013-2839
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2838 (Google V8, as used in Google Chrome before 27.0.1453.93, allows remote ...)
+CVE-2013-2838
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -12145,68 +12145,68 @@ CVE-2013-2838 (Google V8, as used in Google Chrome before 27.0.1453.93, allows r
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-2837 (Use-after-free vulnerability in the SVG implementation in Google ...)
+CVE-2013-2837
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2836 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2013-2836
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2835 (Google Chrome OS before 26.0.1410.57 does not properly enforce origin ...)
+CVE-2013-2835
 	NOT-FOR-US: Google Chrome OS
-CVE-2013-2834 (Google Chrome OS before 26.0.1410.57 does not properly enforce origin ...)
+CVE-2013-2834
 	NOT-FOR-US: Google Chrome OS
-CVE-2013-2833 (Use-after-free vulnerability in the O3D plug-in in Google Chrome OS ...)
+CVE-2013-2833
 	NOT-FOR-US: Google Chrome OS
-CVE-2013-2832 (The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in ...)
+CVE-2013-2832
 	NOT-FOR-US: Google Chrome OS
 CVE-2013-2831
 	RESERVED
-CVE-2013-2830 (Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 ...)
+CVE-2013-2830
 	NOT-FOR-US: SumatraPDF Reader
-CVE-2013-2829 (MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote ...)
+CVE-2013-2829
 	NOT-FOR-US: MatrikonOPC SCADA DNP3 OPC Server
-CVE-2013-2828 (The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for ...)
+CVE-2013-2828
 	NOT-FOR-US: OSIsoft PI Interface
-CVE-2013-2827 (An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, ...)
+CVE-2013-2827
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2013-2826 (WellinTech KingSCADA before 3.1.2, KingAlarm&amp;Event before 3.1, and ...)
+CVE-2013-2826
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2013-2825 (The DNP3 service in the Outstation component on Elecsys Director ...)
+CVE-2013-2825
 	NOT-FOR-US: Elecsys Director Gateway
-CVE-2013-2824 (Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo ...)
+CVE-2013-2824
 	NOT-FOR-US: Schneider Electric StruxureWare SCADA Expert Vijeo Citect
-CVE-2013-2823 (The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE ...)
+CVE-2013-2823
 	NOT-FOR-US: Catapult DNP3 I/O driver
-CVE-2013-2822 (NovaTech Orion Substation Automation Platform OrionLX DNP Master ...)
+CVE-2013-2822
 	NOT-FOR-US: NovaTech
-CVE-2013-2821 (NovaTech Orion Substation Automation Platform OrionLX DNP Master ...)
+CVE-2013-2821
 	NOT-FOR-US: NovaTech
-CVE-2013-2820 (The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and ...)
+CVE-2013-2820
 	NOT-FOR-US: Sierra Wireless AirLink Raven X EV-DO gateways
-CVE-2013-2819 (The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and ...)
+CVE-2013-2819
 	NOT-FOR-US: Sierra Wireless AirLink Raven X EV-DO gateways
-CVE-2013-2818 (The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 ...)
+CVE-2013-2818
 	NOT-FOR-US: e-terracontrol
-CVE-2013-2817 (An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation ...)
+CVE-2013-2817
 	NOT-FOR-US: Mitsubishi Electric Automation MC-WorX Suite
-CVE-2013-2816 (The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 ...)
+CVE-2013-2816
 	NOT-FOR-US: Cooper Power Systems
 CVE-2013-2815
 	REJECTED
-CVE-2013-2814 (Cooper Power Systems Cybectec DNP3 Master OPC Server allows remote ...)
+CVE-2013-2814
 	NOT-FOR-US: Cooper Power Systems
-CVE-2013-2813 (The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 ...)
+CVE-2013-2813
 	NOT-FOR-US: Cooper Power Systems
 CVE-2013-2812
 	RESERVED
-CVE-2013-2811 (The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE ...)
+CVE-2013-2811
 	NOT-FOR-US: Catapult DNP3 I/O driver
-CVE-2013-2810 (Emerson Process Management ROC800 RTU with software 3.50 and earlier, ...)
+CVE-2013-2810
 	NOT-FOR-US: Emerson
-CVE-2013-2809 (The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for ...)
+CVE-2013-2809
 	NOT-FOR-US: OSIsoft PI Interface
-CVE-2013-2808 (Heap-based buffer overflow in Xper in Philips Xper Information ...)
+CVE-2013-2808
 	NOT-FOR-US: Xper
 CVE-2013-2807
 	RESERVED
@@ -12214,64 +12214,64 @@ CVE-2013-2806
 	RESERVED
 CVE-2013-2805
 	RESERVED
-CVE-2013-2804 (The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 ...)
+CVE-2013-2804
 	NOT-FOR-US: TOP Server OPC Server
-CVE-2013-2803 (ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG ...)
+CVE-2013-2803
 	NOT-FOR-US: ProSoft RadioLinx ControlScape
-CVE-2013-2802 (The universal protocol implementation in Sixnet UDR before 2.0 and RTU ...)
+CVE-2013-2802
 	NOT-FOR-US: Sixnet
-CVE-2013-2801 (The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows ...)
+CVE-2013-2801
 	NOT-FOR-US: OSIsoft PI Interface
-CVE-2013-2800 (The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows ...)
+CVE-2013-2800
 	NOT-FOR-US: OSIsoft PI Interface
 CVE-2013-2799
 	REJECTED
-CVE-2013-2798 (Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and ...)
+CVE-2013-2798
 	NOT-FOR-US: Schweitzer Engineering Laboratories
 CVE-2013-2797
 	RESERVED
-CVE-2013-2796 (Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and ...)
+CVE-2013-2796
 	NOT-FOR-US: Schneider Electric Vijeo Citect
 CVE-2013-2795
 	REJECTED
-CVE-2013-2794 (Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, ...)
+CVE-2013-2794
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2013-2793 (Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, ...)
+CVE-2013-2793
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2013-2792 (Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and ...)
+CVE-2013-2792
 	NOT-FOR-US: Schweitzer Engineering Laboratories
-CVE-2013-2791 (MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to ...)
+CVE-2013-2791
 	NOT-FOR-US: MatrikonOPC
-CVE-2013-2790 (The master-station DNP3 driver before driver19.exe, and Beta2041.exe, ...)
+CVE-2013-2790
 	NOT-FOR-US: IOServer
-CVE-2013-2789 (The Kepware DNP Master Driver for the KEPServerEX Communications ...)
+CVE-2013-2789
 	NOT-FOR-US: Kepware
-CVE-2013-2788 (The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 ...)
+CVE-2013-2788
 	NOT-FOR-US: SUBNET Solutions SubSTATION Server
-CVE-2013-2787 (Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to ...)
+CVE-2013-2787
 	NOT-FOR-US: Alstom e-terracontrol
-CVE-2013-2786 (Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 ...)
+CVE-2013-2786
 	NOT-FOR-US: Alstom Grid MiCOM S1
-CVE-2013-2785 (Multiple buffer overflows in CimWebServer.exe in the WebView component ...)
+CVE-2013-2785
 	NOT-FOR-US: GE Intelligent Platforms
-CVE-2013-2784 (Triangle Research International (aka Tri) Nano-10 PLC devices with ...)
+CVE-2013-2784
 	NOT-FOR-US: Triangle Research International
-CVE-2013-2783 (The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers ...)
+CVE-2013-2783
 	NOT-FOR-US: IOServer DNP3 drivers
-CVE-2013-2782 (Schneider Electric Trio J-Series License Free Ethernet Radio with ...)
+CVE-2013-2782
 	NOT-FOR-US: Schneider Electric
-CVE-2013-2781 (Use-after-free vulnerability in the server application in 3S CODESYS ...)
+CVE-2013-2781
 	NOT-FOR-US: 3S CODESYS Gateway
-CVE-2013-2780 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to ...)
+CVE-2013-2780
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2013-2779 (Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on ...)
+CVE-2013-2779
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-2778 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-2778
 	NOT-FOR-US: PHP Address Book
-CVE-2013-2777 (sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets ...)
+CVE-2013-2777
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701839)
-CVE-2013-2776 (sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on ...)
+CVE-2013-2776
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701839)
 CVE-2013-2775
@@ -12284,17 +12284,17 @@ CVE-2013-2772
 	RESERVED
 CVE-2013-2771
 	RESERVED
-CVE-2013-2770 (The installation functionality in the Novell Kanaka component before ...)
+CVE-2013-2770
 	NOT-FOR-US: Novell Open Enterprise Server (OES) on Mac OS X
 CVE-2013-2769
 	RESERVED
 CVE-2013-2768
 	RESERVED
-CVE-2013-2767 (Unspecified vulnerability in Citrix NetScaler Access Gateway ...)
+CVE-2013-2767
 	NOT-FOR-US: Citrix NetScaler Access Gateway
-CVE-2013-2766 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 ...)
+CVE-2013-2766
 	NOT-FOR-US: Splunk
-CVE-2013-2765 (The ModSecurity module before 2.7.4 for the Apache HTTP Server allows ...)
+CVE-2013-2765
 	- modsecurity-apache 2.6.6-9 (bug #710217)
 	- libapache-mod-security <removed> (bug #710217)
 	[wheezy] - modsecurity-apache 2.6.6-6+deb7u1
@@ -12304,39 +12304,39 @@ CVE-2013-2765 (The ModSecurity module before 2.7.4 for the Apache HTTP Server al
 CVE-2013-2764
 	RESERVED
 	NOT-FOR-US: Secure Entry Server
-CVE-2013-2763 (** DISPUTED ** The Schneider Electric M340 PLC modules allow remote ...)
+CVE-2013-2763
 	NOT-FOR-US: Schneider Electric M340 modules
-CVE-2013-2762 (The Schneider Electric Magelis XBT HMI controller has a default ...)
+CVE-2013-2762
 	NOT-FOR-US: Schneider Electric
-CVE-2013-2761 (The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules ...)
+CVE-2013-2761
 	NOT-FOR-US: Schneider Electric
-CVE-2013-2760 (Buffer overflow in Groovy Media Player 3.2.0 allows remote attackers ...)
+CVE-2013-2760
 	NOT-FOR-US: Groovy Media Player
 CVE-2013-2759
 	RESERVED
-CVE-2013-2758 (Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform ...)
+CVE-2013-2758
 	NOT-FOR-US: CloudStack
-CVE-2013-2757 (Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 ...)
+CVE-2013-2757
 	NOT-FOR-US: Citrix
-CVE-2013-2756 (Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform ...)
+CVE-2013-2756
 	NOT-FOR-US: CloudStack
 CVE-2013-2755
 	RESERVED
-CVE-2013-2754 (Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS ...)
+CVE-2013-2754
 	NOT-FOR-US: Umisoft UMI.CMS
 CVE-2013-2753
 	RESERVED
-CVE-2013-2752 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-2752
 	NOT-FOR-US: NETGEAR ReadyNAS RAIDiator
-CVE-2013-2751 (Eval injection vulnerability in frontview/lib/np_handler.pl in the ...)
+CVE-2013-2751
 	NOT-FOR-US: NETGEAR ReadyNAS RAIDiator
-CVE-2013-2750 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-2750
 	NOT-FOR-US: e107
 CVE-2013-2749
 	REJECTED
 CVE-2013-2748
 	RESERVED
-CVE-2013-2747 (The password reset feature in Courion Access Risk Management Suite ...)
+CVE-2013-2747
 	NOT-FOR-US: Courion Access Risk Management Suite
 CVE-2013-2746
 	RESERVED
@@ -12345,13 +12345,13 @@ CVE-2013-2745 [SQL Injection]
 	- minidlna 1.1.2+dfsg-1 (low; bug #717131)
 	[wheezy] - minidlna <no-dsa> (Minor issue, DLNA only used in a trusted context)
 	NOTE: http://www.securityfocus.com/archive/1/527299/30/0
-CVE-2013-2744 (importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows ...)
+CVE-2013-2744
 	NOT-FOR-US: BackupBuddy plugin for WordPress
-CVE-2013-2743 (importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, ...)
+CVE-2013-2743
 	NOT-FOR-US: BackupBuddy plugin for WordPress
-CVE-2013-2742 (importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, ...)
+CVE-2013-2742
 	NOT-FOR-US: BackupBuddy plugin for WordPress
-CVE-2013-2741 (importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, ...)
+CVE-2013-2741
 	NOT-FOR-US: BackupBuddy plugin for WordPress
 CVE-2013-2740
 	RESERVED
@@ -12365,113 +12365,113 @@ CVE-2013-2738 [SQL Injection]
 	- minidlna 1.1.2+dfsg-1 (low; bug #717131)
 	NOTE: http://www.securityfocus.com/archive/1/527299/30/0
 	[wheezy] - minidlna <no-dsa> (Minor issue, DLNA only used in a trusted context)
-CVE-2013-2737 (A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
+CVE-2013-2737
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2736 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2736
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2735 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2735
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2734 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2734
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2733 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
+CVE-2013-2733
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2732 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2732
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2731 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2731
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2730 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
+CVE-2013-2730
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2729 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
+CVE-2013-2729
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2728 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+CVE-2013-2728
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-2727 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
+CVE-2013-2727
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2726 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2726
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2725 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2725
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2724 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
+CVE-2013-2724
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2723 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2723
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2722 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2722
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2721 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2721
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2720 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2720
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2719 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2719
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2718 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
+CVE-2013-2718
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2717 (Multiple unspecified vulnerabilities in the System Management (aka ...)
+CVE-2013-2717
 	NOT-FOR-US: EMC
-CVE-2013-2716 (Puppet Labs Puppet Enterprise before 2.8.0 does not use a &quot;randomized ...)
+CVE-2013-2716
 	NOT-FOR-US: Puppet Labs Puppet Enterprise
-CVE-2013-2715 (Cross-site scripting (XSS) vulnerability in the admin view in the ...)
+CVE-2013-2715
 	NOT-FOR-US: Drupal module search_api
 CVE-2013-2714
 	RESERVED
-CVE-2013-2713 (Cross-site request forgery (CSRF) vulnerability in users_maint.html in ...)
+CVE-2013-2713
 	NOT-FOR-US: KrisonAV
-CVE-2013-2712 (Cross-site scripting (XSS) vulnerability in services/get_article.php ...)
+CVE-2013-2712
 	NOT-FOR-US: KrisonAV
 CVE-2013-2711
 	RESERVED
-CVE-2013-2710 (Cross-site request forgery (CSRF) vulnerability in the Contextual ...)
+CVE-2013-2710
 	NOT-FOR-US: WordPress plugin Contextual Related Posts
-CVE-2013-2709 (Cross-site request forgery (CSRF) vulnerability in the FourSquare ...)
+CVE-2013-2709
 	NOT-FOR-US: WordPress plugin FourSquare Checkins
-CVE-2013-2708 (Cross-site request forgery (CSRF) vulnerability in the Content Slide ...)
+CVE-2013-2708
 	NOT-FOR-US: WordPress plugin Content Slide
-CVE-2013-2707 (Cross-site request forgery (CSRF) vulnerability in the Login With Ajax ...)
+CVE-2013-2707
 	NOT-FOR-US: WordPress plugin
-CVE-2013-2706 (Cross-site request forgery (CSRF) vulnerability in the Stream Video ...)
+CVE-2013-2706
 	NOT-FOR-US: WordPress plugin Stream Video Player
-CVE-2013-2705 (Cross-site request forgery (CSRF) vulnerability in the WordPress ...)
+CVE-2013-2705
 	NOT-FOR-US: WordPress plugin Simple Paypal Shopping Cart
-CVE-2013-2704 (Cross-site request forgery (CSRF) vulnerability in the Dropdown Menu ...)
+CVE-2013-2704
 	NOT-FOR-US: WordPress plugin Dropdown Menu Widget
-CVE-2013-2703 (Cross-site request forgery (CSRF) vulnerability in the Facebook ...)
+CVE-2013-2703
 	NOT-FOR-US: Facebook Members plugin for WordPres
-CVE-2013-2702 (Cross-site request forgery (CSRF) vulnerability in the Easy AdSense ...)
+CVE-2013-2702
 	NOT-FOR-US: Easy AdSense Lite plugin for WordPress
-CVE-2013-2701 (Cross-site request forgery (CSRF) vulnerability in the Social Sharing ...)
+CVE-2013-2701
 	NOT-FOR-US: social sharing toolkit plugin for wp
-CVE-2013-2700 (Cross-site request forgery (CSRF) vulnerability in the Add/Edit page ...)
+CVE-2013-2700
 	NOT-FOR-US: WordPress plugin WP125
-CVE-2013-2699 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2013-2699
 	NOT-FOR-US: WordPress plugin underConstruction
-CVE-2013-2698 (Cross-site request forgery (CSRF) vulnerability in the Calendar plugin ...)
+CVE-2013-2698
 	NOT-FOR-US: WordPress plugin calendar
-CVE-2013-2697 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2013-2697
 	NOT-FOR-US: Wordpress plugin Downloadmanager
-CVE-2013-2696 (Cross-site request forgery (CSRF) vulnerability in the All in One ...)
+CVE-2013-2696
 	NOT-FOR-US: WordPress plugin All in One Webmaster
-CVE-2013-2695 (Cross-site scripting (XSS) vulnerability in invite.php in the WP ...)
+CVE-2013-2695
 	NOT-FOR-US: WordPress plugin wp-symposium
-CVE-2013-2694 (Open redirect vulnerability in invite.php in the WP Symposium plugin ...)
+CVE-2013-2694
 	NOT-FOR-US: WordPress plugin wp-symposium
-CVE-2013-2693 (Cross-site request forgery (CSRF) vulnerability in the Options in the ...)
+CVE-2013-2693
 	NOT-FOR-US: WordPress plugin WP-Print
-CVE-2013-2692 (Cross-site request forgery (CSRF) vulnerability in the Admin web ...)
+CVE-2013-2692
 	NOT-FOR-US: OpenVPN Access Server
-CVE-2013-2691 (Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 ...)
+CVE-2013-2691
 	NOT-FOR-US: jetAudio
-CVE-2013-2690 (SQL injection vulnerability in index.php in Synchroweb Technology ...)
+CVE-2013-2690
 	NOT-FOR-US: Synchroweb Technology SynConnect 2.0
 CVE-2013-2689
 	RESERVED
-CVE-2013-2688 (Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through ...)
+CVE-2013-2688
 	NOT-FOR-US: QNX Software Development Platform
-CVE-2013-2687 (Stack-based buffer overflow in the bpe_decompress function in (1) ...)
+CVE-2013-2687
 	NOT-FOR-US: QNX
-CVE-2013-2686 (main/http.c in the HTTP server in Asterisk Open Source 1.8.x before ...)
+CVE-2013-2686
 	- asterisk 1:1.8.13.1~dfsg-2 (bug #704114)
 	[squeeze] - asterisk <not-affected> (httpd code does not read HTTP POST variables)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20967
-CVE-2013-2685 (Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk ...)
+CVE-2013-2685
 	- asterisk <not-affected> (H264 code not yet present)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20901
 CVE-2013-2684
@@ -12500,9 +12500,9 @@ CVE-2013-2673
 	RESERVED
 CVE-2013-2672
 	RESERVED
-CVE-2013-2671 (Multiple cross-site scripting (XSS) vulnerabilities in the Brother ...)
+CVE-2013-2671
 	NOT-FOR-US: Brother printer
-CVE-2013-2670 (Cross-site scripting (XSS) vulnerability in the Brother MFC-9970CDW ...)
+CVE-2013-2670
 	NOT-FOR-US: Brother printer
 CVE-2013-2669
 	RESERVED
@@ -12536,11 +12536,11 @@ CVE-2013-2655
 	RESERVED
 CVE-2013-2654
 	RESERVED
-CVE-2013-2653 (security/MemberLoginForm.php in SilverStripe 3.0.3 supports login ...)
+CVE-2013-2653
 	- silverstripe <itp> (bug #528461)
-CVE-2013-2652 (CRLF injection vulnerability in help/help_language.php in WebCollab ...)
+CVE-2013-2652
 	NOT-FOR-US: WebCollab
-CVE-2013-2651 (Multiple cross-site scripting (XSS) vulnerabilities in BoltWire 3.5 ...)
+CVE-2013-2651
 	NOT-FOR-US: Boltwire
 CVE-2013-2650
 	RESERVED
@@ -12552,38 +12552,38 @@ CVE-2013-2647
 	RESERVED
 CVE-2013-2646
 	RESERVED
-CVE-2013-2645 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2013-2645
 	NOT-FOR-US: TP-LINK Router
 CVE-2013-2644
 	REJECTED
-CVE-2013-2643 (Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web ...)
+CVE-2013-2643
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2013-2642 (Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to ...)
+CVE-2013-2642
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2013-2641 (Directory traversal vulnerability in patience.cgi in Sophos Web ...)
+CVE-2013-2641
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2013-2640 (ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress ...)
+CVE-2013-2640
 	NOT-FOR-US: MailUp plugin for Wordpress
-CVE-2013-2639 (Cross-site scripting (XSS) vulnerability in CTERA Cloud Storage OS ...)
+CVE-2013-2639
 	NOT-FOR-US: CTERA Cloud Storage OS
 CVE-2013-2638
 	RESERVED
 CVE-2013-2637
 	RESERVED
-CVE-2013-2636 (net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not ...)
+CVE-2013-2636
 	- linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-2635 (The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux ...)
+CVE-2013-2635
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
-CVE-2013-2634 (net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize ...)
+CVE-2013-2634
 	{DSA-2668-1}
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
-CVE-2013-2633 (Piwik before 1.11 accepts input from a POST request instead of a GET ...)
+CVE-2013-2633
 	- piwik <itp> (bug #506933)
-CVE-2013-2632 (Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, ...)
+CVE-2013-2632
 	- libv8 <removed>
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -12591,13 +12591,13 @@ CVE-2013-2632 (Google V8 before 3.17.13, as used in Google Chrome before 27.0.14
 	NOTE: libv8 not covered by security support
 CVE-2013-2631
 	RESERVED
-CVE-2013-2630 (Cross-site scripting (XSS) vulnerability in CA Service Desk Manager ...)
+CVE-2013-2630
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2013-2629 (Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers ...)
+CVE-2013-2629
 	NOT-FOR-US: Leed
-CVE-2013-2628 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2013-2628
 	NOT-FOR-US: Leed
-CVE-2013-2627 (SQL injection vulnerability in action.php in Leed (Light Feed), ...)
+CVE-2013-2627
 	NOT-FOR-US: Leed
 CVE-2013-2626
 	RESERVED
@@ -12620,15 +12620,15 @@ CVE-2013-2621
 	NOT-FOR-US: Uebimiau Webmail
 CVE-2013-2620
 	RESERVED
-CVE-2013-2619 (Directory traversal vulnerability in Aspen before 0.22 allows remote ...)
+CVE-2013-2619
 	NOT-FOR-US: Aspen
-CVE-2013-2618 (Cross-site scripting (XSS) vulnerability in editor.php in Network ...)
+CVE-2013-2618
 	NOT-FOR-US: Network Weathermap
-CVE-2013-2617 (lib/curl.rb in the Curl Gem for Ruby allows remote attackers to ...)
+CVE-2013-2617
 	NOT-FOR-US: Ruby Curl gem
-CVE-2013-2616 (lib/mini_magick.rb in the MiniMagick Gem 1.3.1 for Ruby allows remote ...)
+CVE-2013-2616
 	NOT-FOR-US: Ruby MiniMagick gem
-CVE-2013-2615 (lib/entry_controller.rb in the fastreader Gem 1.0.8 for Ruby allows ...)
+CVE-2013-2615
 	NOT-FOR-US: Ruby fastreader gem
 CVE-2013-2614
 	RESERVED
@@ -12650,33 +12650,33 @@ CVE-2013-2606
 	RESERVED
 CVE-2013-2605
 	RESERVED
-CVE-2013-2604 (RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game ...)
+CVE-2013-2604
 	NOT-FOR-US: RealNetworks GameHouse RealArcade Installer
-CVE-2013-2603 (The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in ...)
+CVE-2013-2603
 	NOT-FOR-US: RealNetworks GameHouse RealArcade Installer
-CVE-2013-2602 (Multiple array index errors in the MyHeritage SEQueryObject ActiveX ...)
+CVE-2013-2602
 	NOT-FOR-US: MyHeritage SEQueryObject ActiveX control
-CVE-2013-2601 (The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 ...)
+CVE-2013-2601
 	NOT-FOR-US: Citrix XenClient XT
 CVE-2013-2600 [MiniUPnPd information disclosure]
 	RESERVED
 	- miniupnpd 1.8.20130730-1 (bug #716936)
-CVE-2013-2599 (A certain Qualcomm Innovation Center (QuIC) patch to the ...)
+CVE-2013-2599
 	NOT-FOR-US: Qualcomm (Android)
-CVE-2013-2598 (app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed ...)
+CVE-2013-2598
 	NOT-FOR-US: Little Kernel (bootloader)
-CVE-2013-2597 (Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c ...)
+CVE-2013-2597
 	NOT-FOR-US: Android Linux kernel (affects {sound/soc/,arch/arm/mach-}msm/qdsp6v2)
 	NOTE: https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597
-CVE-2013-2596 (Integer overflow in the fb_mmap function in drivers/video/fbmem.c in ...)
+CVE-2013-2596
 	- linux 3.9-1
 	[wheezy] - linux 3.2.46-1
 	NOTE: the issue comes from fbmem code from linux mainline, the exploit was just targetting motorola
 	NOTE: phones that ship code that is based on the original linux code, but both are affected.
 	NOTE: an exploit needs access to /dev/fb0 which is not world readable/writable on Debian
-CVE-2013-2595 (The device-initialization functionality in the MSM camera driver for ...)
+CVE-2013-2595
 	NOT-FOR-US: Qualcomm MSM Camera driver
-CVE-2013-2594 (SQL injection vulnerability in reports/calldiary.php in Hornbill ...)
+CVE-2013-2594
 	NOT-FOR-US: Supportworks ITSM
 CVE-2013-2593
 	RESERVED
@@ -12692,27 +12692,27 @@ CVE-2013-2588
 	RESERVED
 CVE-2013-2587
 	RESERVED
-CVE-2013-2586 (XAMPP 1.8.1 does not properly restrict access to xampp/lang.php, which ...)
+CVE-2013-2586
 	NOT-FOR-US: XAMPPP
-CVE-2013-2585 (Cross-site scripting (XSS) vulnerability in Atmail Webmail Server ...)
+CVE-2013-2585
 	- atmailopen <removed>
 CVE-2013-2584
 	RESERVED
-CVE-2013-2583 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+CVE-2013-2583
 	NOT-FOR-US: Open-Xchange
-CVE-2013-2582 (CRLF injection vulnerability in the redirect servlet in Open-Xchange ...)
+CVE-2013-2582
 	NOT-FOR-US: Open-Xchange
-CVE-2013-2581 (cgi-bin/firmwareupgrade in TP-Link IP Cameras TL-SC3130, TL-SC3130G, ...)
+CVE-2013-2581
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2580 (Unrestricted file upload vulnerability in cgi-bin/uploadfile in ...)
+CVE-2013-2580
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2579 (TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and ...)
+CVE-2013-2579
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2578 (cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, ...)
+CVE-2013-2578
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2577 (Buffer overflow in XnView before 2.04 allows remote attackers to ...)
+CVE-2013-2577
 	NOT-FOR-US: XnView
-CVE-2013-2576 (Buffer overflow in Artweaver before 3.1.6 allows remote attackers to ...)
+CVE-2013-2576
 	NOT-FOR-US: Artweaver
 CVE-2013-2575
 	RESERVED
@@ -12733,51 +12733,51 @@ CVE-2013-2568
 	RESERVED
 CVE-2013-2567
 	RESERVED
-CVE-2013-2566 (The RC4 algorithm, as used in the TLS protocol and SSL protocol, has ...)
+CVE-2013-2566
 	NOTE: Generic protocol flaw in RC4
-CVE-2013-2565 (A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, ...)
+CVE-2013-2565
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2564 (Mambo CMS 4.6.5 allows remote attackers to cause a denial of service ...)
+CVE-2013-2564
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2563 (Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, ...)
+CVE-2013-2563
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2562 (Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the ...)
+CVE-2013-2562
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2561 (OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary ...)
+CVE-2013-2561
 	- ibutils 1.5.7-2 (low; bug #704063)
 	[squeeze] - ibutils <no-dsa> (Minor issue)
 	[wheezy] - ibutils <no-dsa> (Minor issue)
-CVE-2013-2560 (Directory traversal vulnerability in the web interface on Foscam ...)
+CVE-2013-2560
 	NOT-FOR-US: Foscam
-CVE-2013-2559 (SQL injection vulnerability in Symphony CMS before 2.3.2 allows remote ...)
+CVE-2013-2559
 	NOT-FOR-US: Symphony CMS
-CVE-2013-2558 (Unspecified vulnerability in Microsoft Windows 8 allows remote ...)
+CVE-2013-2558
 	NOT-FOR-US: Windows 8
-CVE-2013-2557 (The sandbox protection mechanism in Microsoft Internet Explorer 9 ...)
+CVE-2013-2557
 	NOT-FOR-US: Internet Explorer
-CVE-2013-2556 (Unspecified vulnerability in Microsoft Windows Vista SP2, Windows ...)
+CVE-2013-2556
 	NOT-FOR-US: Windows 7
-CVE-2013-2555 (Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x ...)
+CVE-2013-2555
 	NOT-FOR-US: Adobe Flash plugin
-CVE-2013-2554 (Unspecified vulnerability in Microsoft Windows 7 allows attackers to ...)
+CVE-2013-2554
 	NOT-FOR-US: Windows 7
-CVE-2013-2553 (Unspecified vulnerability in the kernel in Microsoft Windows 7 allows ...)
+CVE-2013-2553
 	NOT-FOR-US: Windows 7
-CVE-2013-2552 (Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows ...)
+CVE-2013-2552
 	NOT-FOR-US: Internet Explorer
-CVE-2013-2551 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-2551
 	NOT-FOR-US: Internet Explorer
-CVE-2013-2550 (Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to ...)
+CVE-2013-2550
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2549 (Unspecified vulnerability in Adobe Reader 11.0.02 allows remote ...)
+CVE-2013-2549
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2548 (The crypto_report_one function in crypto/crypto_user.c in the report ...)
+CVE-2013-2548
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.2)
-CVE-2013-2547 (The crypto_report_one function in crypto/crypto_user.c in the report ...)
+CVE-2013-2547
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.2)
-CVE-2013-2546 (The report API in the crypto user configuration API in the Linux ...)
+CVE-2013-2546
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.2)
 CVE-2013-2545
@@ -12838,7 +12838,7 @@ CVE-2013-2518
 	REJECTED
 CVE-2013-2517
 	REJECTED
-CVE-2013-2516 (Vulnerability in FileUtils v0.7, Ruby Gem Fileutils &lt;= v0.7 Command ...)
+CVE-2013-2516
 	- ruby-fileutils <itp> (bug #900515)
 CVE-2013-2515
 	RESERVED
@@ -12856,15 +12856,15 @@ CVE-2013-2509
 	RESERVED
 CVE-2013-2508
 	RESERVED
-CVE-2013-2507 (Multiple cross-site scripting (XSS) vulnerabilities in the Brother ...)
+CVE-2013-2507
 	NOT-FOR-US: Brother
-CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before ...)
+CVE-2013-2506
 	NOT-FOR-US: Spree
 CVE-2013-2505
 	RESERVED
-CVE-2013-2504 (Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in ...)
+CVE-2013-2504
 	NOT-FOR-US: Matrix42 Service Store
-CVE-2013-2503 (Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and ...)
+CVE-2013-2503
 	- privoxy 3.0.21-1 (low; bug #702896)
 	[wheezy] - privoxy <no-dsa> (Minor issue)
 	[squeeze] - privoxy <no-dsa> (Minor issue)
@@ -12872,31 +12872,31 @@ CVE-2013-2503 (Privoxy before 3.0.21 does not properly handle Proxy-Authenticate
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.188&view=markup
 CVE-2013-2502
 	RESERVED
-CVE-2013-2501 (Cross-site scripting (XSS) vulnerability in the Terillion Reviews ...)
+CVE-2013-2501
 	NOT-FOR-US: Terillion Reviews plugin for Wordpress
 CVE-2013-2500
 	RESERVED
 CVE-2013-2499
 	RESERVED
-CVE-2013-2498 (SQL injection vulnerability in the login page in ...)
+CVE-2013-2498
 	NOT-FOR-US: SimpleHRM
 CVE-2013-2497
 	RESERVED
-CVE-2013-2496 (The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in ...)
+CVE-2013-2496
 	- libav 6:0.8.6-1 (bug #703200)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
-CVE-2013-2495 (The iff_read_header function in iff.c in libavformat in FFmpeg through ...)
+CVE-2013-2495
 	- libav 6:0.8.6-1 (bug #703200)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
-CVE-2013-2494 (libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to ...)
+CVE-2013-2494
 	- isc-dhcp 4.2.4-6 (low; bug #704426)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u6
 	[squeeze] - isc-dhcp <not-affected> (Only affects 4.2.x)
-CVE-2013-2493 (The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in ...)
+CVE-2013-2493
 	NOT-FOR-US: Google Chrome Frame plugin for Internet Explorer
-CVE-2013-2492 (Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before ...)
+CVE-2013-2492
 	{DSA-2648-1 DSA-2647-1}
 	- firebird2.1 <unfixed> (bug #702735)
 	- firebird2.5 2.5.2~svn+54698.ds4-2 (bug #702736)
@@ -12907,14 +12907,14 @@ CVE-2013-2490
 	RESERVED
 CVE-2013-2489
 	RESERVED
-CVE-2013-2488 (The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
+CVE-2013-2488
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-22.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
 	NOTE: Versions affected: 1.8.0 to 1.8.X, 1.6.0 to 1.6.X
-CVE-2013-2487 (epan/dissectors/packet-reload.c in the REsource LOcation And Discovery ...)
+CVE-2013-2487
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only 1.8.x series)
@@ -12922,7 +12922,7 @@ CVE-2013-2487 (epan/dissectors/packet-reload.c in the REsource LOcation And Disc
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2486 (The dissect_diagnosticrequest function in ...)
+CVE-2013-2486
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only 1.8.x series)
@@ -12930,21 +12930,21 @@ CVE-2013-2486 (The dissect_diagnosticrequest function in ...)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2485 (The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
+CVE-2013-2485
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-20.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8359
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2484 (The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
+CVE-2013-2484
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-19.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8346
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-CVE-2013-2483 (The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ...)
+CVE-2013-2483
 	{DSA-2644-1}
 	- wireshark 1.8.2-5 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy1
@@ -12952,14 +12952,14 @@ CVE-2013-2483 (The acn_add_dmp_data function in epan/dissectors/packet-acn.c in
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2482 (The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
+CVE-2013-2482
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-17.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8337
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2481 (Integer signedness error in the dissect_mount_dirpath_call function in ...)
+CVE-2013-2481
 	{DSA-2644-1}
 	- wireshark 1.8.2-5 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy1
@@ -12967,14 +12967,14 @@ CVE-2013-2481 (Integer signedness error in the dissect_mount_dirpath_call functi
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2480 (The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and ...)
+CVE-2013-2480
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-15.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8332
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-CVE-2013-2479 (The dissect_mpls_echo_tlv_dd_map function in ...)
+CVE-2013-2479
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
@@ -12982,21 +12982,21 @@ CVE-2013-2479 (The dissect_mpls_echo_tlv_dd_map function in ...)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8039
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2478 (The dissect_server_info function in epan/dissectors/packet-ms-mms.c in ...)
+CVE-2013-2478
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-13.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382
 	NOTE: announce mentions: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-CVE-2013-2477 (The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly ...)
+CVE-2013-2477
 	- wireshark 1.8.2-5
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-12.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8383
 	NOTE: Versions affected: 1.8.0 to 1.8.5
-CVE-2013-2476 (The dissect_hartip function in epan/dissectors/packet-hartip.c in the ...)
+CVE-2013-2476
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
@@ -13004,7 +13004,7 @@ CVE-2013-2476 (The dissect_hartip function in epan/dissectors/packet-hartip.c in
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8360
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2475 (The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote ...)
+CVE-2013-2475
 	- wireshark 1.8.2-5
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
 	[wheezy] - wireshark 1.8.2-5wheezy1
@@ -13013,490 +13013,490 @@ CVE-2013-2475 (The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote .
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 CVE-2013-2474
 	RESERVED
-CVE-2013-2473 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2473
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2472 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2472
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2471 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2471
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2470 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2470
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2469 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2469
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2468 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2468
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2467 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2467
 	- openjdk-6 <not-affected> (Only affects Java 5)
 	- openjdk-7 <not-affected> (Only affects Java 5)
-CVE-2013-2466 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2466
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2465 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2465
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2464 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2464
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2463 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2463
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2462 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2462
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2461 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2461
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2460 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2460
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2459 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2459
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2458 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2458
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2457 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2457
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 <not-affected> (Only applies to Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2456 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2456
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2455 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2455
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2454 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2454
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2453 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2453
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-7 7u25-2.3.10-1
 	- openjdk-6 6b27-1.12.6-1
-CVE-2013-2452 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2452
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2451 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2451
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2450 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2450
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2449 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2449
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2448 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2448
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2447 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2447
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2446 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2446
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2445 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2445
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2444 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2444
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2443 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2443
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-7 7u25-2.3.10-1
 	- openjdk-6 6b27-1.12.6-1
-CVE-2013-2442 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2442
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2441 (Unspecified vulnerability in the Agile EDM component in Oracle Supply ...)
+CVE-2013-2441
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-2440 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2440
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2439 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2439
 	- openjdk-6 <not-affected> (Installation performed differently for Linux distros)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-2438 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2438
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2437 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2437
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2436 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2436
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-2435 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2435
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2434 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2434
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2433 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2433
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2432 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2432
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2431 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2431
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-2430 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2430
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2429 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2429
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2428 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2428
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2427 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2427
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2426 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2426
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java 7)
-CVE-2013-2425 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2425
 	- openjdk-6 <not-affected> (Only applies to Java 7)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-2424 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2424
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2423 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2423
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only applies to Java 7)
-CVE-2013-2422 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2422
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2421 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2421
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java 7)
-CVE-2013-2420 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2420
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2419 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2419
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-2418 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2418
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2417 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2417
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2416 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2416
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2415 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2415
 	- openjdk-6 <not-affected> (Only affects Java 7)
-CVE-2013-2414 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2414
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2413 (Unspecified vulnerability in the Siebel Enterprise Application ...)
+CVE-2013-2413
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2412 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2412
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-7 7u25-2.3.10-1
 	- openjdk-6 6b27-1.12.6-1
-CVE-2013-2411 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2013-2411
 	NOT-FOR-US: Oracle Primavera Products
-CVE-2013-2410 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2013-2410
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2409 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-2409
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2408 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-2408
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2407 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2407
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2406 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-2406
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2405 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2013-2405
 	NOT-FOR-US: Oracle Primavera Products
-CVE-2013-2404 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-2404
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2403 (Unspecified vulnerability in the Siebel Enterprise Application ...)
+CVE-2013-2403
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-2402
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2401 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-2401
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2400 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2400
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2399 (Unspecified vulnerability in the Siebel Call Center component in ...)
+CVE-2013-2399
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2398 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2013-2398
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2397 (Unspecified vulnerability in the Oracle Retail Central Office ...)
+CVE-2013-2397
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-2396 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2013-2396
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-2395 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
+CVE-2013-2395
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-2394 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2394
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2393 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-2393
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-2392 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
+CVE-2013-2392
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2391 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
+CVE-2013-2391
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2390 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2013-2390
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-2389 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
+CVE-2013-2389
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
-CVE-2013-2388 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2013-2388
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-2387 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-2387
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2386 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-2386
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2385 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-2385
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2384 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2384
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-2383 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-2383
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-2382 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-2382
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2381 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
+CVE-2013-2381
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-2380 (Unspecified vulnerability in the Oracle JRockit component in Oracle ...)
+CVE-2013-2380
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-2379 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-2379
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2378 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 ...)
+CVE-2013-2378
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2377 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-2377
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2376 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and ...)
+CVE-2013-2376
 	{DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2375 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
+CVE-2013-2375
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2374 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-2374
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2373 (The Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x ...)
+CVE-2013-2373
 	NOT-FOR-US: TIBCO Spotfire Web Player
-CVE-2013-2372 (Cross-site scripting (XSS) vulnerability in the Engine in TIBCO ...)
+CVE-2013-2372
 	NOT-FOR-US: TIBCO Spotfire Web Player
-CVE-2013-2371 (The Web API in the Statistics Server in TIBCO Spotfire Statistics ...)
+CVE-2013-2371
 	NOT-FOR-US: TIBCO Spotfire Statistics
-CVE-2013-2370 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-2370
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-2369 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-2369
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-2368 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote ...)
+CVE-2013-2368
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-2367 (Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, ...)
+CVE-2013-2367
 	NOT-FOR-US: HP SiteScope
-CVE-2013-2366 (Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch ...)
+CVE-2013-2366
 	NOT-FOR-US: HP Business Process Monitor
-CVE-2013-2365 (HP Database and Middleware Automation (DMA) 10.x before 10.10, when ...)
+CVE-2013-2365
 	NOT-FOR-US: HP DMA
-CVE-2013-2364 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2013-2364
 	NOT-FOR-US: HP SMH
-CVE-2013-2363 (HP System Management Homepage (SMH) before 7.2.1 allows remote ...)
+CVE-2013-2363
 	NOT-FOR-US: HP SMH
-CVE-2013-2362 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2013-2362
 	NOT-FOR-US: HP SMH
-CVE-2013-2361 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2013-2361
 	NOT-FOR-US: HP SMH
-CVE-2013-2360 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2013-2360
 	NOT-FOR-US: HP SMH
-CVE-2013-2359 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2013-2359
 	NOT-FOR-US: HP SMH
-CVE-2013-2358 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2013-2358
 	NOT-FOR-US: HP SMH
-CVE-2013-2357 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+CVE-2013-2357
 	NOT-FOR-US: HP SMH
-CVE-2013-2356 (HP System Management Homepage (SMH) before 7.2.1 allows remote ...)
+CVE-2013-2356
 	NOT-FOR-US: HP SMH
-CVE-2013-2355 (HP System Management Homepage (SMH) before 7.2.1 allows remote ...)
+CVE-2013-2355
 	NOT-FOR-US: HP SMH
 CVE-2013-2354
 	REJECTED
-CVE-2013-2353 (Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before ...)
+CVE-2013-2353
 	NOT-FOR-US: HP
-CVE-2013-2352 (LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage ...)
+CVE-2013-2352
 	NOT-FOR-US: HP
-CVE-2013-2351 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, ...)
+CVE-2013-2351
 	NOT-FOR-US: HP Network Node Manager
-CVE-2013-2350 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-2350
 	NOT-FOR-US: Data Protector
-CVE-2013-2349 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-2349
 	NOT-FOR-US: Data Protector
-CVE-2013-2348 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-2348
 	NOT-FOR-US: Data Protector
-CVE-2013-2347 (The Backup Client Service (OmniInet.exe) in HP Storage Data Protector ...)
+CVE-2013-2347
 	NOT-FOR-US: Data Protector
-CVE-2013-2346 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-2346
 	NOT-FOR-US: Data Protector
-CVE-2013-2345 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-2345
 	NOT-FOR-US: Data Protector
-CVE-2013-2344 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
+CVE-2013-2344
 	NOT-FOR-US: Data Protector
-CVE-2013-2343 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
+CVE-2013-2343
 	NOT-FOR-US: HP
-CVE-2013-2342 (The HP StoreOnce D2D backup system with software before 3.0.0 has a ...)
+CVE-2013-2342
 	NOT-FOR-US: HP StoreOnce D2D backup system
-CVE-2013-2341 (Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, ...)
+CVE-2013-2341
 	NOT-FOR-US: HP
-CVE-2013-2340 (Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, ...)
+CVE-2013-2340
 	NOT-FOR-US: HP
-CVE-2013-2339 (HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero ...)
+CVE-2013-2339
 	NOT-FOR-US: HP Smart Zero Client
-CVE-2013-2338 (Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) ...)
+CVE-2013-2338
 	NOT-FOR-US: HP Integrated Lights-Out
-CVE-2013-2337 (Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, ...)
+CVE-2013-2337
 	NOT-FOR-US: HP Service Manager
-CVE-2013-2336 (HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter ...)
+CVE-2013-2336
 	NOT-FOR-US: HP Service Manager
-CVE-2013-2335 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2335
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2334 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2334
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2333 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2333
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2332 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2332
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2331 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2331
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2330 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2330
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2329 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2329
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2328 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2328
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2327 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2327
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2326 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2326
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2325 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2325
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2324 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
+CVE-2013-2324
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2323 (HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP Objects are ...)
+CVE-2013-2323
 	NOT-FOR-US: HP
-CVE-2013-2322 (HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are ...)
+CVE-2013-2322
 	NOT-FOR-US: HP
-CVE-2013-2321 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web ...)
+CVE-2013-2321
 	NOT-FOR-US: HP Service Manager
 CVE-2013-2320
 	RESERVED
-CVE-2013-2319 (FileMaker Pro before 12 and Pro Advanced before 12 does not verify ...)
+CVE-2013-2319
 	NOT-FOR-US: FileMaker Pro
-CVE-2013-2318 (The Content Provider in the MovatwiTouch application before 1.793 and ...)
+CVE-2013-2318
 	NOT-FOR-US: MovatwiTouch
-CVE-2013-2317 (The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile ...)
+CVE-2013-2317
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2013-2316 (The Yahoo! Browser application 1.4.4 and earlier for Android allows ...)
+CVE-2013-2316
 	NOT-FOR-US: Yahoo! Browser application for Android
-CVE-2013-2315 (data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 ...)
+CVE-2013-2315
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2314 (Cross-site scripting (XSS) vulnerability in the adminAuthorization ...)
+CVE-2013-2314
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2313 (Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through ...)
+CVE-2013-2313
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2312 (Cross-site scripting (XSS) vulnerability in the shopping-cart screen ...)
+CVE-2013-2312
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2311 (Cross-site scripting (XSS) vulnerability in static/js/share.js (aka ...)
+CVE-2013-2311
 	- web2py <not-affected> (Vulnerable code not present)
-CVE-2013-2310 (SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP ...)
+CVE-2013-2310
 	NOT-FOR-US: SoftBank Wi-Fi Spot Configuration Software
-CVE-2013-2309 (Cross-site scripting (XSS) vulnerability in the management screen in ...)
+CVE-2013-2309
 	NOT-FOR-US: OpenPNE
-CVE-2013-2308 (The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online ...)
+CVE-2013-2308
 	NOT-FOR-US: SoftBank Online Service Gate
-CVE-2013-2307 (The Yahoo! Browser application before 1.4.3 for Android allows remote ...)
+CVE-2013-2307
 	NOT-FOR-US: Yahoo! Browser application for Android
-CVE-2013-2306 (The jigbrowser+ application before 1.6.4 for Android does not properly ...)
+CVE-2013-2306
 	NOT-FOR-US: jigbrowser+ application for Android
-CVE-2013-2305 (Cross-site request forgery (CSRF) vulnerability in Cybozu Office ...)
+CVE-2013-2305
 	NOT-FOR-US: Cybozu
-CVE-2013-2304 (The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile ...)
+CVE-2013-2304
 	NOT-FOR-US: Sleipnir
-CVE-2013-2303 (Sleipnir 4.0.0.4000 and earlier on Windows allows remote attackers to ...)
+CVE-2013-2303
 	NOT-FOR-US: Sleipnir
-CVE-2013-2302 (TransWARE Active! mail 6, when an external public interface is used, ...)
+CVE-2013-2302
 	NOT-FOR-US: TransWARE Active! mail
-CVE-2013-2301 (The OMRON OpenWnn application before 1.3.6 for Android uses weak ...)
+CVE-2013-2301
 	NOT-FOR-US: OpenWnn application
-CVE-2013-2300 (The FlickWnn (aka OpenWnn/Flick support) application 2.02 and earlier ...)
+CVE-2013-2300
 	NOT-FOR-US: FlickWnn Android App
-CVE-2013-2299 (Cross-site scripting (XSS) vulnerability in Advantech WebAccess ...)
+CVE-2013-2299
 	NOT-FOR-US: Advantech WebAccess
-CVE-2013-2298 (Multiple stack-based buffer overflows in the XML parser in BOINC 7.x ...)
+CVE-2013-2298
 	- boinc 7.0.65+dfsg-1 (low)
 	[wheezy] - boinc <no-dsa> (Minor issue, only exploitable by a rogue BOINC server)
 	[squeeze] - boinc <no-dsa> (Minor issue, only exploitable by a rogue BOINC server)
 	NOTE: http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commitdiff;h=2fea03824925cbcb976f4191f4d8321e41a4d95b
-CVE-2013-2297 (Eucalyptus EuStore sets a blank root password in the default ...)
+CVE-2013-2297
 	- eucalyptus <removed>
-CVE-2013-2296 (Walrus in Eucalyptus before 3.2.2 does not verify authorization for ...)
+CVE-2013-2296
 	- eucalyptus <removed> (bug #707592)
 	NOTE: commit: https://github.com/eucalyptus/eucalyptus/commit/da7bb8b7c15d453e62df38eff5c12d0998e6eab1
 	NOTE: https://eucalyptus.atlassian.net/browse/EUCA-3074
@@ -13505,19 +13505,19 @@ CVE-2013-2295
 CVE-2013-2294
 	RESERVED
 	NOT-FOR-US: ViewGit
-CVE-2013-2293 (The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before ...)
+CVE-2013-2293
 	- bitcoin 0.8.1-2 (bug #705265)
-CVE-2013-2292 (bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to ...)
+CVE-2013-2292
 	- bitcoin 0.8.1-1
 CVE-2013-2291
 	RESERVED
-CVE-2013-2290 (Cross-site scripting (XSS) vulnerability in the dashboard of the ...)
+CVE-2013-2290
 	NOT-FOR-US: Aruba Networks ArubaOS
-CVE-2013-2289 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-2289
 	NOT-FOR-US: Batavi
 CVE-2013-2288
 	RESERVED
-CVE-2013-2287 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-2287
 	NOT-FOR-US: WordPress plugin Uploader
 CVE-2013-2286
 	RESERVED
@@ -13533,50 +13533,50 @@ CVE-2013-2281
 	RESERVED
 CVE-2013-2280
 	RESERVED
-CVE-2013-2279 (CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation ...)
+CVE-2013-2279
 	NOT-FOR-US: CA SiteMinder
-CVE-2013-2278 (Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when ...)
+CVE-2013-2278
 	NOT-FOR-US: War FTP Daemon
-CVE-2013-2277 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in ...)
+CVE-2013-2277
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1 (bug #703200)
-CVE-2013-2276 (The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg ...)
+CVE-2013-2276
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
-CVE-2013-2275 (The default configuration for puppet masters 0.25.0 and later in ...)
+CVE-2013-2275
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-2274 (Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 ...)
+CVE-2013-2274
 	{DSA-2643-1}
 	- puppet 2.7-1
 	NOTE: Only affects puppet 2.6.x
-CVE-2013-2273 (bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 ...)
+CVE-2013-2273
 	- bitcoin 0.8.1-1
-CVE-2013-2272 (The penny-flooding protection mechanism in the CTxMemPool::accept ...)
+CVE-2013-2272
 	- bitcoin 0.8.1-2 (bug #705266)
-CVE-2013-2271 (The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active ...)
+CVE-2013-2271
 	NOT-FOR-US: D-Link DSL-2740B Gateway
-CVE-2013-2270 (Cross-site scripting (XSS) vulnerability in the administration page in ...)
+CVE-2013-2270
 	NOT-FOR-US: Airvana
-CVE-2013-2269 (The Sponsorship Confirmation functionality in Aruba Networks ClearPass ...)
+CVE-2013-2269
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2013-2268 (Unspecified vulnerability in the MathML implementation in WebKit in ...)
+CVE-2013-2268
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <not-affected> (Vulnerable code not present)
 	NOTE: MathML added in chromium 24.x, disabled again in 25.x
 CVE-2013-2267
 	RESERVED
-CVE-2013-2266 (libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before ...)
+CVE-2013-2266
 	{DSA-2656-1}
 	- bind9 1:9.8.4.dfsg.P1-6+nmu1 (bug #704174)
 CVE-2013-2265
 	RESERVED
-CVE-2013-2264 (The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, ...)
+CVE-2013-2264
 	- asterisk 1:1.8.13.1~dfsg-2 (low; bug #704114)
 	[squeeze] - asterisk <no-dsa> (Minor information leak)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-21013
-CVE-2013-2263 (Unspecified vulnerability in Citrix Access Gateway Standard Edition ...)
+CVE-2013-2263
 	NOT-FOR-US: Citrix Access Gateway
 CVE-2013-2262
 	RESERVED
@@ -13596,7 +13596,7 @@ CVE-2013-2258
 CVE-2013-2257
 	RESERVED
 	NOT-FOR-US: Cryptocat
-CVE-2013-2256 (OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 ...)
+CVE-2013-2256
 	- nova 2013.1.2-3 (bug #718905)
 	[wheezy] - nova <not-affected> (Affected code not present)
 CVE-2013-2255 [Inconsistent and non-validating HTTPS client]
@@ -13605,78 +13605,78 @@ CVE-2013-2255 [Inconsistent and non-validating HTTPS client]
 	[wheezy] - keystone <no-dsa> (Minor issue)
 	- swift <not-affected> (See https://bugs.launchpad.net/keystone/+bug/1188189/comments/5)
 	NOTE: Fixes for keystone: https://review.openstack.org/#/c/76476/
-CVE-2013-2254 (The deepGetOrCreateNode function in ...)
+CVE-2013-2254
 	NOT-FOR-US: Apache Sling
 CVE-2013-2253
 	RESERVED
 CVE-2013-2252
 	RESERVED
-CVE-2013-2251 (Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute ...)
+CVE-2013-2251
 	- libstruts1.2-java <not-affected> (Only affect 2.x)
-CVE-2013-2250 (Apache Open For Business Project (aka OFBiz) 10.04.01 through ...)
+CVE-2013-2250
 	NOT-FOR-US: Apache OFBiz
-CVE-2013-2249 (mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP ...)
+CVE-2013-2249
 	- apache2 2.4.6-1
 	[wheezy] - apache2 <not-affected> (mod_session_dbd available apache 2.3 and later only)
 	[squeeze] - apache2 <not-affected> (mod_session_dbd available apache 2.3 and later only)
-CVE-2013-2248 (Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through ...)
+CVE-2013-2248
 	- libstruts1.2-java <not-affected> (Only affect 2.x)
-CVE-2013-2247 (The Fast Permissions Administration module 6.x-2.x before 6.x-2.5 and ...)
+CVE-2013-2247
 	NOT-FOR-US: Fast Permissions Administration Drupal contributed module
-CVE-2013-2246 (mod/feedback/lib.php in Moodle through 2.1.10, 2.2.x before 2.2.11, ...)
+CVE-2013-2246
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232503
-CVE-2013-2245 (rss/file.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x ...)
+CVE-2013-2245
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232502
-CVE-2013-2244 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-2244
 	- moodle <not-affected> (Only affects 2.4.x and 2.5.x)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232501
-CVE-2013-2243 (mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x ...)
+CVE-2013-2243
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232500
-CVE-2013-2242 (mod/chat/gui_sockets/index.php in Moodle through 2.1.10, 2.2.x before ...)
+CVE-2013-2242
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232498
-CVE-2013-2241 (modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows ...)
+CVE-2013-2241
 	- gallery3 <itp> (bug #511715)
-CVE-2013-2240 (lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly ...)
+CVE-2013-2240
 	- gallery3 <itp> (bug #511715)
-CVE-2013-2239 (vzkernel before 042stab080.2 in the OpenVZ modification for the Linux ...)
+CVE-2013-2239
 	{DSA-2766-1}
 	- linux-2.6 <removed> (low)
 	- linux <not-affected> (openvz flavour no longer included after Squeeze)
-CVE-2013-2238 (Multiple buffer overflows in the switch_perform_substitution function ...)
+CVE-2013-2238
 	- freeswitch <itp> (bug #389591)
-CVE-2013-2237 (The key_notify_policy_flush function in net/key/af_key.c in the Linux ...)
+CVE-2013-2237
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.9.4-1 (low)
 	NOTE: https://github.com/torvalds/linux/commit/85dfb745ee40232876663ae206cba35f24ab2a40
-CVE-2013-2236 (Stack-based buffer overflow in the new_msg_lsa_change_notify function ...)
+CVE-2013-2236
 	{DSA-2803-1}
 	- quagga 0.99.22.4-1 (bug #726724)
 	NOTE: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010621.html
 CVE-2013-2235
 	RESERVED
-CVE-2013-2234 (The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions ...)
+CVE-2013-2234
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed>
 	- linux 3.10.1-1
-CVE-2013-2233 (Ansible before 1.2.1 makes it easier for remote attackers to conduct ...)
+CVE-2013-2233
 	- ansible 1.3.4+dfsg-1 (bug #714822)
 	NOTE: https://github.com/ansible/ansible/issues/857
-CVE-2013-2232 (The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux ...)
+CVE-2013-2232
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed>
 	- linux 3.10.1-1
-CVE-2013-2231 (Unquoted Windows search path vulnerability in the QEMU Guest Agent ...)
+CVE-2013-2231
 	- qemu <not-affected> (Only affects win32 build)
-CVE-2013-2230 (The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows ...)
+CVE-2013-2230
 	- libvirt 1.1.0-3 (bug #715559)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced in with commit abf75aea)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced in with commit abf75aea)
@@ -13691,41 +13691,41 @@ CVE-2013-2227 [local file inclusion]
 	RESERVED
 	- glpi 0.83.91-1 (bug #714720; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-2226 (Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow ...)
+CVE-2013-2226
 	- glpi 0.83.91-1 (bug #714720; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-2225 (inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote ...)
+CVE-2013-2225
 	- glpi 0.83.91-1 (bug #714720; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-2224 (A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat ...)
+CVE-2013-2224
 	- linux-2.6 <not-affected> (Caused by RHEL backport)
 	- linux <not-affected> (Caused by RHEL backport)
-CVE-2013-2223 (GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive ...)
+CVE-2013-2223
 	- libzrtpcpp 2.3.4-1 (bug #714650)
 	[squeeze] - libzrtpcpp <no-dsa> (Minor issue)
 	[wheezy] - libzrtpcpp <no-dsa> (Minor issue)
-CVE-2013-2222 (Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 ...)
+CVE-2013-2222
 	- libzrtpcpp 2.3.4-1 (bug #714650)
 	[squeeze] - libzrtpcpp <no-dsa> (Minor issue)
 	[wheezy] - libzrtpcpp <no-dsa> (Minor issue)
-CVE-2013-2221 (Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ...)
+CVE-2013-2221
 	- libzrtpcpp 2.3.4-1 (bug #714650)
 	[squeeze] - libzrtpcpp <no-dsa> (Minor issue)
 	[wheezy] - libzrtpcpp <no-dsa> (Minor issue)
-CVE-2013-2220 (Buffer overflow in the radius_get_vendor_attr function in the Radius ...)
+CVE-2013-2220
 	{DSA-2726-1}
 	- php-radius 1.2.5-2.4 (bug #714362)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/06/28/2
-CVE-2013-2219 (The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server ...)
+CVE-2013-2219
 	- 389-ds-base 1.3.2.9-1 (bug #718325)
-CVE-2013-2218 (Double free vulnerability in the virConnectListAllInterfaces method in ...)
+CVE-2013-2218
 	- libvirt 1.1.0-1 (bug #714699)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced in 1.0.6)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced in 1.0.6)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced in 1.0.6)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11
 	NOTE: Vulnerable code introduced in http://libvirt.org/git/?p=libvirt.git;a=commit;h=7ac2c4fe624f30f2c8270116513fa2ddab07631f
-CVE-2013-2217 (cache.py in Suds 0.4, when tempdir is set to None, allows local users ...)
+CVE-2013-2217
 	- suds 0.4.1-8 (low; bug #714340)
 	[squeeze] - suds 0.3.9-1+deb6u1
 	[wheezy] - suds 0.4.1-5+deb7u1
@@ -13733,7 +13733,7 @@ CVE-2013-2216
 	RESERVED
 CVE-2013-2215
 	REJECTED
-CVE-2013-2214 (status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does ...)
+CVE-2013-2214
 	- nagios3 3.4.1-4 (low)
 	[wheezy] - nagios3 3.4.1-3+deb7u1
 	[squeeze] - nagios3 <no-dsa> (disputed, minor issue)
@@ -13741,107 +13741,107 @@ CVE-2013-2214 (status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 do
 CVE-2013-2213 [KRandom::random() Small Space of Random Values]
 	RESERVED
 	- kdeplasma-addons <not-affected> (only affects if incomplete patch for CVE-2013-2120 is applied)
-CVE-2013-2212 (The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling ...)
+CVE-2013-2212
 	- xen 4.3.0-1 (unimportant)
 	NOTE: Hardware design flaw, no software solution
 	NOTE: http://xenbits.xen.org/xsa/advisory-60.html
-CVE-2013-2211 (The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and ...)
+CVE-2013-2211
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <not-affected> (libxl not packaged in squeeze)
-CVE-2013-2210 (Heap-based buffer overflow in the XML Signature Reference ...)
+CVE-2013-2210
 	{DSA-2717-1}
 	- xml-security-c 1.6.1-7 (bug #714241)
 	NOTE: http://santuario.apache.org/secadv.data/CVE-2013-2210.txt
-CVE-2013-2209 (Cross-site scripting (XSS) vulnerability in the auto-complete widget ...)
+CVE-2013-2209
 	NOT-FOR-US: Reviewboard (this was once in experimental, but removed later on)
-CVE-2013-2208 (tpp 1.3.1 allows remote attackers to execute arbitrary commands via a ...)
+CVE-2013-2208
 	- tpp 1.3.1-3 (low; bug #706644)
 	[squeeze] - tpp <no-dsa> (Minor issue)
 	[wheezy] - tpp <no-dsa> (Minor issue)
-CVE-2013-2207 (pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not ...)
+CVE-2013-2207
 	- eglibc <removed>
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	- glibc 2.21-1 (low; bug #717544)
 	[jessie] - glibc 2.19-18+deb8u4
 	NOTE: Patch: https://sourceware.org/git/?p=glibc.git;a=commit;h=e4608715e6e1dd2adc91982fd151d5ba4f761d69
-CVE-2013-2206 (The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in ...)
+CVE-2013-2206
 	{DSA-2766-1}
 	- linux-2.6 <removed>
 	- linux 3.9.4-1
 	[wheezy] - linux 3.2.46-1
-CVE-2013-2205 (The default configuration of SWFUpload in WordPress before 3.5.2 has ...)
+CVE-2013-2205
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2204 (moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media ...)
+CVE-2013-2204
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2203 (WordPress before 3.5.2, when the uploads directory forbids write ...)
+CVE-2013-2203
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2202 (WordPress before 3.5.2 allows remote attackers to read arbitrary files ...)
+CVE-2013-2202
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2201 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress ...)
+CVE-2013-2201
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2200 (WordPress before 3.5.2 does not properly check the capabilities of ...)
+CVE-2013-2200
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2199 (The HTTP API in WordPress before 3.5.2 allows remote attackers to send ...)
+CVE-2013-2199
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2198
 	RESERVED
 	NOT-FOR-US: Login Security Drupal contributed module
-CVE-2013-2197 (The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before ...)
+CVE-2013-2197
 	NOT-FOR-US: Login Security Drupal contributed module
-CVE-2013-2196 (Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen ...)
+CVE-2013-2196
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-2195 (The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest ...)
+CVE-2013-2195
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-2194 (Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and ...)
+CVE-2013-2194
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-2193 (Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the ...)
+CVE-2013-2193
 	NOT-FOR-US: Apache HBase
 	NOTE: There was the package in unstable, but never in a release, see #630821
-CVE-2013-2192 (The RPC protocol implementation in Apache Hadoop 2.x before ...)
+CVE-2013-2192
 	NOT-FOR-US: Apache Hadoop
 	NOTE: There was the package in unstable, but never in a release, see 630820
-CVE-2013-2191 (python-bugzilla before 0.9.0 does not validate X.509 certificates, ...)
+CVE-2013-2191
 	NOT-FOR-US: python-bugzilla
-CVE-2013-2190 (The translate_hierarchy_event function in ...)
+CVE-2013-2190
 	- clutter-1.0 1.14.4-3 (low; bug #714264)
 	[squeeze] - clutter-1.0 <no-dsa> (Minor issue)
 	[wheezy] - clutter-1.0 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=701974
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=954054
-CVE-2013-2189 (Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to ...)
+CVE-2013-2189
 	- libreoffice 1:3.4.3-1 (unimportant)
 	- openoffice.org 1:3.3.0-1 (unimportant)
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
 	NOTE: Plain crasher, not treated as security issue
-CVE-2013-2188 (A certain Red Hat patch to the do_filp_open function in fs/namei.c in ...)
+CVE-2013-2188
 	- linux-2.6 <not-affected> (RHEL-specific issue)
 	- linux <not-affected> (RHEL-specific issue)
-CVE-2013-2187 (Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through ...)
+CVE-2013-2187
 	NOT-FOR-US: Apache Archiva
-CVE-2013-2186 (The DiskFileItem class in Apache Commons FileUpload, as used in Red ...)
+CVE-2013-2186
 	{DSA-2827-1}
 	- libcommons-fileupload-java 1.3-2.1 (bug #726601)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2013-2185 (** DISPUTED ** The readObject method in the DiskFileItem class in ...)
+CVE-2013-2185
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=974813
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/05/4
-CVE-2013-2184 (Movable Type before 5.2.6 does not properly use the Storable::thaw ...)
+CVE-2013-2184
 	{DSA-3183-1}
 	- movabletype-opensource 5.2.7+dfsg-1 (bug #712602)
 	[squeeze] - movabletype-opensource <no-dsa> (Minor issue)
@@ -13851,41 +13851,41 @@ CVE-2013-2183
 	RESERVED
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2182 (The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before ...)
+CVE-2013-2182
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2181 (Cross-site scripting (XSS) vulnerability in the Directory Listing ...)
+CVE-2013-2181
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 CVE-2013-2180
 	RESERVED
 	NOT-FOR-US: uk-cookie Wordpress plugin
-CVE-2013-2179 (X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing ...)
+CVE-2013-2179
 	- xdm <not-affected> (Not affected when PAM is used)
 	[squeeze] - xdm <not-affected> (same as above and glibc too old)
 	[wheezy] - xdm <not-affected> (same as above and glibc too old)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/06/11/5
-CVE-2013-2178 (The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and ...)
+CVE-2013-2178
 	{DSA-2708-1}
 	- fail2ban 0.8.10-1
-CVE-2013-2177 (Cross-site scripting (XSS) vulnerability in the Display Suite module ...)
+CVE-2013-2177
 	NOT-FOR-US: third party drupal module (Display Suite)
-CVE-2013-2176 (Unquoted Windows search path vulnerability in the Red Hat Enterprise ...)
+CVE-2013-2176
 	NOT-FOR-US: Red Hat Enterprise Virtualization Apt service
-CVE-2013-2175 (HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to ...)
+CVE-2013-2175
 	{DSA-2711-1}
 	- haproxy 1.4.24-1
-CVE-2013-2174 (Heap-based buffer overflow in the curl_easy_unescape function in ...)
+CVE-2013-2174
 	{DSA-2713-1}
 	- curl 7.31.0-1
-CVE-2013-2173 (wp-includes/class-phpass.php in WordPress 3.5.1, when a ...)
+CVE-2013-2173
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2172 (jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache ...)
+CVE-2013-2172
 	{DSA-3065-1 DLA-85-1}
 	- libxml-security-java 1.5.5-2 (bug #720375)
 	NOTE: http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc
-CVE-2013-2171 (The vm_map_lookup function in sys/vm/vm_map.c in the mmap ...)
+CVE-2013-2171
 	{DSA-2714-1}
 	- kfreebsd-9 9.0-12 (bug #712664)
 	- kfreebsd-8 <not-affected> (Only affects 9.x)
@@ -13893,7 +13893,7 @@ CVE-2013-2170
 	REJECTED
 CVE-2013-2169
 	REJECTED
-CVE-2013-2168 (The _dbus_printf_string_upper_bound function in ...)
+CVE-2013-2168
 	{DSA-2707-1}
 	- dbus 1.6.12-1
 	[squeeze] - dbus <not-affected> (Introduced in 1.4.16)
@@ -13905,133 +13905,133 @@ CVE-2013-2166 [middleware memcache encryption bypass]
 	RESERVED
 	- python-keystoneclient 1:0.2.5-2 (bug #713819)
 	[wheezy] - python-keystoneclient <not-affected> (Vulnerable code not present)
-CVE-2013-2165 (ResourceBuilderImpl.java in the RichFaces 3.x through 5.x ...)
+CVE-2013-2165
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-2164 (The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the ...)
+CVE-2013-2164
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.9.8-1 (low)
-CVE-2013-2163 (Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to ...)
+CVE-2013-2163
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2162 (Race condition in the post-installation script ...)
+CVE-2013-2162
 	{DSA-2818-1 DLA-75-1}
 	- mysql-5.5 5.5.35+dfsg-1 (low; bug #711600)
 	- mysql-5.1 <removed> (low)
 	[squeeze] - mysql-5.1 <no-dsa> (Minor issue, can be included in a future DSA)
-CVE-2013-2161 (XML injection vulnerability in account/utils.py in OpenStack Swift ...)
+CVE-2013-2161
 	{DSA-2737-1}
 	- swift 1.8.0-6 (low; bug #712202)
 	[wheezy] - swift 1.4.8-2+deb7u1
-CVE-2013-2160 (The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x ...)
+CVE-2013-2160
 	NOT-FOR-US: Apache CXF
 CVE-2013-2159 [monkey broken authentication]
 	RESERVED
 	- monkey <removed>
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2158 (Cross-site request forgery (CSRF) vulnerability in the Services module ...)
+CVE-2013-2158
 	NOT-FOR-US: Services Drupal contributed modules
-CVE-2013-2157 (OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when ...)
+CVE-2013-2157
 	- keystone 2013.1.2-1 (bug #712160)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
-CVE-2013-2156 (Heap-based buffer overflow in the Exclusive Canonicalization ...)
+CVE-2013-2156
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2155 (Apache Santuario XML Security for C++ (aka xml-security-c) before ...)
+CVE-2013-2155
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2154 (Stack-based buffer overflow in the XML Signature Reference ...)
+CVE-2013-2154
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2153 (The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) ...)
+CVE-2013-2153
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2152 (Unquoted Windows search path vulnerability in the SPICE service, as ...)
+CVE-2013-2152
 	NOT-FOR-US: Spice service for Windows
-CVE-2013-2151 (Unquoted Windows search path vulnerability in Red Hat Enterprise ...)
+CVE-2013-2151
 	NOT-FOR-US: RHEV Agent for Windows
-CVE-2013-2150 (Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ...)
+CVE-2013-2150
 	- owncloud <not-affected> (affects only experimental version)
-CVE-2013-2149 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2013-2149
 	- owncloud 4.0.16debian-1 (bug #711517)
-CVE-2013-2148 (The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c ...)
+CVE-2013-2148
 	{DSA-2745-1}
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (fanotify introduced in 2.6.36)
 	- linux 3.9.8-1 (low)
-CVE-2013-2147 (The HP Smart Array controller disk-array driver and Compaq SMART2 ...)
+CVE-2013-2147
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2146 (arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before ...)
+CVE-2013-2146
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 	- linux 3.9.4-1
 	[wheezy] - linux 3.2.46-1
-CVE-2013-2145 (The cpansign verify functionality in the Module::Signature module ...)
+CVE-2013-2145
 	- libmodule-signature-perl 0.73-1 (bug #711239)
 	[wheezy] - libmodule-signature-perl 0.68-1+deb7u1
 	[squeeze] - libmodule-signature-perl 0.63-1+squeeze1
-CVE-2013-2144 (Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not ...)
+CVE-2013-2144
 	NOT-FOR-US: RHEV Manager
-CVE-2013-2143 (The users controller in Katello 1.5.0-14 and earlier, and Red Hat ...)
+CVE-2013-2143
 	NOT-FOR-US: Katello
-CVE-2013-2142 (userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME ...)
+CVE-2013-2142
 	- libimobiledevice 1.1.5-0.1 (low; bug #710885)
 	[squeeze] - libimobiledevice <not-affected> (Vulnerable code was introduced later)
 	[wheezy] - libimobiledevice <not-affected> (Vulnerable code was introduced later)
-CVE-2013-2141 (The do_tkill function in kernel/signal.c in the Linux kernel before ...)
+CVE-2013-2141
 	{DSA-2766-1 DSA-2669-1}
 	- linux-2.6 <removed>
 	- linux 3.9.4-1
-CVE-2013-2140 (The dispatch_discard_io function in ...)
+CVE-2013-2140
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.10.1-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2013-2139 (Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows ...)
+CVE-2013-2139
 	{DSA-2840-1}
 	- srtp 1.4.5~20130609~dfsg-1 (bug #711163)
-CVE-2013-2138 (The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before ...)
+CVE-2013-2138
 	- gallery <not-affected> (Old 1.5 version not affected)
-CVE-2013-2137 (Cross-site scripting (XSS) vulnerability in the &quot;View Log&quot; screen in ...)
+CVE-2013-2137
 	NOT-FOR-US: Apache OFBiz
-CVE-2013-2136 (Multiple cross-site scripting (XSS) vulnerabilities in Apache ...)
+CVE-2013-2136
 	NOT-FOR-US: Apache CloudStack
-CVE-2013-2135 (Apache Struts 2 before 2.3.14.3 allows remote attackers to execute ...)
+CVE-2013-2135
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-015.html
-CVE-2013-2134 (Apache Struts 2 before 2.3.14.3 allows remote attackers to execute ...)
+CVE-2013-2134
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-015.html
-CVE-2013-2133 (The EJB invocation handler implementation in Red Hat JBossWS, as used ...)
+CVE-2013-2133
 	NOT-FOR-US: JBoss WS
-CVE-2013-2132 (bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before ...)
+CVE-2013-2132
 	{DSA-2705-1}
 	- pymongo 2.5.2-1 (bug #710597)
 	[squeeze] - pymongo <not-affected> (bson module not present)
 	NOTE: https://jira.mongodb.org/browse/PYTHON-532
 	NOTE: https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2
-CVE-2013-2131 (Format string vulnerability in the rrdtool module 1.4.7 for Python, as ...)
+CVE-2013-2131
 	- rrdtool 1.4.8-1 (unimportant; bug #708866)
 	NOTE: Non-issue, calling application need to perform sanitising
-CVE-2013-2130 (ZNC 1.0 allows remote authenticated users to cause a denial of service ...)
+CVE-2013-2130
 	- znc 1.0-5 (bug #720632)
 	[squeeze] - znc <not-affected> (Vulnerable code not present)
 	[wheezy] - znc <not-affected> (Vulnerable code not present)
-CVE-2013-2129 (Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x ...)
+CVE-2013-2129
 	NOT-FOR-US: Webform Drupal contributed module
-CVE-2013-2128 (The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel ...)
+CVE-2013-2128
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-24
 	- linux 2.6.35-1~experimental.1
 	NOTE: https://git.kernel.org/linus/baff42ab1494528907bf4d5870359e31711746ae
-CVE-2013-2127 (Buffer overflow in the exposure correction code in LibRaw before ...)
+CVE-2013-2127
 	- libraw <not-affected> (Only affects 0.15, 0.15 was only in experimental)
 	- libkdcraw <not-affected> (embeds libraw 0.14)
 	- darktable <not-affected> (embeds libraw 0.14)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
 	NOTE: https://github.com/LibRaw/LibRaw/commit/2f912f5b33582961b1cdbd9fd828589f8b78f21d
-CVE-2013-2126 (Multiple double free vulnerabilities in the LibRaw::unpack function in ...)
+CVE-2013-2126
 	- libraw 0.15.3-1 (low; bug #710353)
 	[wheezy] - libraw <no-dsa> (Not suitable for code injection, minor issue)
 	[squeeze] - libraw <not-affected> (Vulnerable code not present)
@@ -14043,18 +14043,18 @@ CVE-2013-2126 (Multiple double free vulnerabilities in the LibRaw::unpack functi
 	[squeeze] - kdegraphics <not-affected> (embedded version of kdcraw+libraw too old)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
 	NOTE: https://github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6
-CVE-2013-2125 (OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which ...)
+CVE-2013-2125
 	- opensmtpd 5.3.3p1-1
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/18/8
-CVE-2013-2124 (Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before ...)
+CVE-2013-2124
 	- libguestfs 1:1.20.8-1 (bug #710290)
 	[wheezy] - libguestfs <not-affected> (Vulnerable code not present)
 	NOTE: Introduced with commit https://github.com/libguestfs/libguestfs/commit/5a3da366268825b26b470cde35658b67c1d11cd4
-CVE-2013-2123 (The Node access user reference module 6.x-3.x before 6.x-3.5 and ...)
+CVE-2013-2123
 	NOT-FOR-US: Node access user reference Drupal contributed module
-CVE-2013-2122 (The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not ...)
+CVE-2013-2122
 	NOT-FOR-US: Edit Limit Drupal contributed module
-CVE-2013-2121 (Eval injection vulnerability in the create method in the Bookmarks ...)
+CVE-2013-2121
 	- foreman <itp> (bug #663101)
 CVE-2013-2120 [weak generated passwords]
 	RESERVED
@@ -14063,34 +14063,34 @@ CVE-2013-2120 [weak generated passwords]
 	[wheezy] - kdeplasma-addons <no-dsa> (Minor issue)
 	[squeeze] - kdeplasma-addons <no-dsa> (Minor issue)
 	NOTE: Original fix https://projects.kde.org/projects/kde/kdeplasma-addons/repository/revisions/36a1fe49cb70f717c4a6e9eeee2c9186503a8dce not sufficient
-CVE-2013-2119 (Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby ...)
+CVE-2013-2119
 	- ruby-passenger 3.0.13debian-1.1 (low; bug #710351)
 	[wheezy] - ruby-passenger 3.0.13debian-1+deb7u1
-CVE-2013-2118 (SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 ...)
+CVE-2013-2118
 	{DSA-2694-1}
 	- spip 2.1.22-1 (bug #709674)
-CVE-2013-2117 (Directory traversal vulnerability in the cgit_parse_readme function in ...)
+CVE-2013-2117
 	- cgit <not-affected> (Fixed before the initial upload into the archive)
-CVE-2013-2116 (The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in ...)
+CVE-2013-2116
 	{DSA-2697-1}
 	- gnutls26 2.12.23-5 (bug #709301)
 	[squeeze] - gnutls26 <not-affected> (vulnerable code not backported)
-CVE-2013-2115 (Apache Struts 2 before 2.3.14.2 allows remote attackers to execute ...)
+CVE-2013-2115
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2013-2114 (Unrestricted file upload vulnerability in the chunk upload API in ...)
+CVE-2013-2114
 	- mediawiki 1:1.19.7+dfsg-1
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present)
-CVE-2013-2113 (The create method in app/controllers/users_controller.rb in Foreman ...)
+CVE-2013-2113
 	- foreman <itp> (bug #663101)
-CVE-2013-2112 (The svnserve server in Subversion before 1.6.23 and 1.7.x before ...)
+CVE-2013-2112
 	{DSA-2703-1}
 	- subversion 1.7.9-1+nmu2 (bug #711033)
 	NOTE: http://subversion.apache.org/security/CVE-2013-2112-advisory.txt
-CVE-2013-2111 (The IMAP functionality in Dovecot before 2.2.2 allows remote attackers ...)
+CVE-2013-2111
 	- dovecot <not-affected> (vulnerable code appeared in 2.2)
 	[squeeze] - dovecot <not-affected> (vulnerable code appeared in 2.2)
 	[wheezy] - dovecot  <not-affected> (vulnerable code appeared in 2.2)
-CVE-2013-2110 (Heap-based buffer overflow in the php_quot_print_encode function in ...)
+CVE-2013-2110
 	- php5 5.5.0~rc3+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code not present)
 	[squeeze] - php5 <not-affected> (Vulnerable code not present)
@@ -14102,14 +14102,14 @@ CVE-2013-2109
 CVE-2013-2108
 	RESERVED
 	NOT-FOR-US: WordPress plugin wp-cleanfix
-CVE-2013-2107 (Cross-site request forgery (CSRF) vulnerability in the Mail On Update ...)
+CVE-2013-2107
 	NOT-FOR-US: WordPress plugin mail-on-update
 CVE-2013-2106 [Authentication credential disclosure]
 	RESERVED
 	- webauth <not-affected> (vulnerable code only in 4.4.1 up to 4.5.2)
-CVE-2013-2105 (The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local ...)
+CVE-2013-2105
 	NOT-FOR-US: Show In Browser Ruby Gem
-CVE-2013-2104 (python-keystoneclient before 0.2.4, as used in OpenStack Keystone ...)
+CVE-2013-2104
 	- keystone <not-affected> (Vulnerable code only in experimental versions of keystone)
 	[wheezy] - keystone <not-affected> (PKI token support not yet present)
 	- python-keystoneclient 1:0.2.5-1
@@ -14120,14 +14120,14 @@ CVE-2013-2104 (python-keystoneclient before 0.2.4, as used in OpenStack Keystone
 CVE-2013-2103
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-2102 (The default configuration of Red Hat JBoss Portal before 6.1.0 enables ...)
+CVE-2013-2102
 	NOT-FOR-US: GateIn Portal
 CVE-2013-2101
 	RESERVED
 	NOT-FOR-US: Katello
-CVE-2013-2100 (The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage ...)
+CVE-2013-2100
 	NOT-FOR-US: Gentoo Portage binary package installer
-CVE-2013-2099 (Algorithmic complexity vulnerability in the ssl.match_hostname ...)
+CVE-2013-2099
 	{DLA-1107-1}
 	- python2.7 2.7.5-5 (low; bug #709066)
 	[wheezy] - python2.7 <not-affected> (Backport was introduced in 2.7.3-11)
@@ -14157,13 +14157,13 @@ CVE-2013-2098
 CVE-2013-2097 [zPanel themes remote command execution as root]
 	RESERVED
 	NOT-FOR-US: zPanel
-CVE-2013-2096 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify ...)
+CVE-2013-2096
 	- nova 2013.1.2-2 (low; bug #710157)
 	[wheezy] - nova <no-dsa> (Minor issue)
 CVE-2013-2095
 	RESERVED
 	NOT-FOR-US: openshift-origin-controller Ruby Gem
-CVE-2013-2094 (The perf_swevent_init function in kernel/events/core.c in the Linux ...)
+CVE-2013-2094
 	{DSA-2669-1}
 	- linux 3.8.11-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -14176,52 +14176,52 @@ CVE-2013-2092
 CVE-2013-2091
 	RESERVED
 	- dolibarr 3.3.4-1
-CVE-2013-2090 (The set_meta_data function in lib/cremefraiche.rb in the Creme Fraiche ...)
+CVE-2013-2090
 	NOT-FOR-US: Creme Fraiche Ruby Gem
-CVE-2013-2089 (Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows ...)
+CVE-2013-2089
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2088 (contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 ...)
+CVE-2013-2088
 	- subversion 1.7.5-1 (unimportant)
 	NOTE: 1.7.5 upstream does not ship anymore the contrib/ directory
 	NOTE: both affected tools not installed into the binary packages
-CVE-2013-2087 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 ...)
+CVE-2013-2087
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2013-2086 (The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote ...)
+CVE-2013-2086
 	- owncloud <not-affected> (Only owncloud 5.0.x)
-CVE-2013-2085 (Directory traversal vulnerability in apps/files_trashbin/index.php in ...)
+CVE-2013-2085
 	- owncloud <not-affected> (Only affects 5.0.x)
 CVE-2013-2084
 	RESERVED
-CVE-2013-2083 (The MoodleQuickForm class in lib/formslib.php in Moodle through ...)
+CVE-2013-2083
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38885
-CVE-2013-2082 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and ...)
+CVE-2013-2082
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245
-CVE-2013-2081 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and ...)
+CVE-2013-2081
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
-CVE-2013-2080 (The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, ...)
+CVE-2013-2080
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
-CVE-2013-2079 (mod/assign/locallib.php in the assignment module in Moodle 2.3.x ...)
+CVE-2013-2079
 	- moodle <not-affected> (Only affects 2.3 and later)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38443
-CVE-2013-2078 (Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users ...)
+CVE-2013-2078
 	{DSA-3006-1}
 	- xen 4.2.2-1
 	[squeeze] - xen <not-affected> (No PVSAVE support in squeeze)
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-06/msg00000.html
-CVE-2013-2077 (Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of ...)
+CVE-2013-2077
 	{DSA-3006-1}
 	- xen 4.2.2-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-06/msg00001.html
-CVE-2013-2076 (Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only ...)
+CVE-2013-2076
 	{DSA-3006-1}
 	- xen 4.2.2-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
@@ -14229,59 +14229,59 @@ CVE-2013-2076 (Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, on
 CVE-2013-2075
 	RESERVED
 	- chicken <not-affected> (Incomplete fix was never applied)
-CVE-2013-2074 (kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows ...)
+CVE-2013-2074
 	{DLA-952-1}
 	- kde4libs 4:4.10.5-1 (low; bug #707776)
 	[squeeze] - kde4libs <no-dsa> (Minor issue)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=319428
 	NOTE: https://cgit.kde.org/kdelibs.git/commit/?h=KDE/4.14&id=65d736dab592bced4410ccfa4699de89f78c96ca
 	NOTE: https://cgit.kde.org/kdelibs.git/commit/?h=KDE/4.14&id=898135a59d91184692ed1bcee8bb4c6d80d6f7b9
-CVE-2013-2073 (Transifex command-line client before 0.9 does not validate X.509 ...)
+CVE-2013-2073
 	- transifex-client 0.9-1 (low)
 	[wheezy] - transifex-client <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2013/q2/394
-CVE-2013-2072 (Buffer overflow in the Python bindings for the xc_vcpu_setaffinity ...)
+CVE-2013-2072
 	{DSA-3041-1}
 	- xen 4.2.2-1 (low)
 	[squeeze] - xen <no-dsa> (Minor issue, can be postponed to the next Xen DSA)
 	[wheezy] - xen <no-dsa> (Minor issue, can be postponed to the next Xen DSA)
-CVE-2013-2071 (java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat ...)
+CVE-2013-2071
 	{DSA-2897-1}
 	- tomcat7 7.0.40-1 (bug #707704)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=54178
-CVE-2013-2070 (http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and ...)
+CVE-2013-2070
 	{DSA-2721-1}
 	- nginx 1.4.1-1 (bug #708164)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
-CVE-2013-2069 (Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before ...)
+CVE-2013-2069
 	NOT-FOR-US: Red Hat livecd-tools
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/23/2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=964299
-CVE-2013-2068 (Multiple directory traversal vulnerabilities in the AgentController in ...)
+CVE-2013-2068
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2013-2067 (java/org/apache/catalina/authenticator/FormAuthenticator.java in the ...)
+CVE-2013-2067
 	{DSA-2897-1 DSA-2725-1}
 	- tomcat7 7.0.33
 	- tomcat6 6.0.37
-CVE-2013-2066 (Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to ...)
+CVE-2013-2066
 	{DSA-2674-1}
 	- libxv 2:1.0.7-1+deb7u1
-CVE-2013-2065 ((1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 ...)
+CVE-2013-2065
 	{DLA-235-1}
 	- ruby1.9.1 1.9.3.448-1 (low)
 	[wheezy] - ruby1.9.1 1.9.3.194-8.1+deb7u1
 	- ruby1.8 <not-affected> (Only affects 1.9 and 2.x)
 	NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=40732
-CVE-2013-2064 (Integer overflow in X.org libxcb 1.9 and earlier allows X servers to ...)
+CVE-2013-2064
 	{DSA-2686-1}
 	- libxcb 1.8.1-2+deb7u1
-CVE-2013-2063 (Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers ...)
+CVE-2013-2063
 	{DSA-2689-1}
 	- libxtst 2:1.2.1-1+deb7u1
-CVE-2013-2062 (Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X ...)
+CVE-2013-2062
 	{DSA-2685-1}
 	- libxp 1:1.0.1-2+deb7u1
-CVE-2013-2061 (The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, ...)
+CVE-2013-2061
 	- openvpn 2.3.1-1 (low; bug #707329)
 	[squeeze] - openvpn 2.1.3-2+squeeze2
 	[wheezy] - openvpn 2.2.1-8+deb7u1
@@ -14289,11 +14289,11 @@ CVE-2013-2061 (The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and ear
 CVE-2013-2060
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-2059 (OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly ...)
+CVE-2013-2059
 	- keystone 2013.1.1-2 (bug #707598)
 	[wheezy] - keystone 2012.1.1-13+wheezy1
 	NOTE: http://lists.openstack.org/pipermail/openstack-announce/2013-May/000099.html
-CVE-2013-2058 (The host_start function in drivers/usb/chipidea/host.c in the Linux ...)
+CVE-2013-2058
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.8-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -14301,84 +14301,84 @@ CVE-2013-2058 (The host_start function in drivers/usb/chipidea/host.c in the Lin
 CVE-2013-2057
 	RESERVED
 	NOT-FOR-US: YaBB
-CVE-2013-2056 (The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) ...)
+CVE-2013-2056
 	NOT-FOR-US: RHN Satellite
-CVE-2013-2055 (Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x ...)
+CVE-2013-2055
 	NOT-FOR-US: Apache Wicket
-CVE-2013-2054 (Buffer overflow in the atodn function in strongSwan 2.0.0 through ...)
+CVE-2013-2054
 	- strongswan 4.3.4-1
 	NOTE: http://download.strongswan.org/patches/11_pluto_atodn_patch/CVE-2013-2054.txt
-CVE-2013-2053 (Buffer overflow in the atodn function in Openswan before 2.6.39, when ...)
+CVE-2013-2053
 	{DSA-2893-1}
 	- openswan <removed> (low; bug #709144)
-CVE-2013-2052 (Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when ...)
+CVE-2013-2052
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2013-2052/CVE-2013-2052.txt
-CVE-2013-2051 (The Tomcat 6 DIGEST authentication functionality as used in Red Hat ...)
+CVE-2013-2051
 	- tomcat6 <not-affected> (RedHat-specific issue)
 	- tomcat7 <not-affected> (RedHat-specific issue)
-CVE-2013-2050 (SQL injection vulnerability in the miq_policy controller in Red Hat ...)
+CVE-2013-2050
 	NOT-FOR-US: CloudForms Management Engine
-CVE-2013-2049 (Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers ...)
+CVE-2013-2049
 	NOT-FOR-US: CloudForms Management Engine
-CVE-2013-2048 (ownCloud before 5.0.6 does not properly check permissions, which ...)
+CVE-2013-2048
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2047 (The login page (aka index.php) in ownCloud before 5.0.6 does not ...)
+CVE-2013-2047
 	- owncloud <not-affected> (Only 5.0.x)
-CVE-2013-2046 (SQL injection vulnerability in lib/bookmarks.php in ownCloud Server ...)
+CVE-2013-2046
 	- owncloud <not-affected> (Only affects 4.5.x)
-CVE-2013-2045 (SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x ...)
+CVE-2013-2045
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2044 (Open redirect vulnerability in the Login Page (index.php) in ownCloud ...)
+CVE-2013-2044
 	- owncloud <not-affected> (Only 5.0.x)
-CVE-2013-2043 (apps/calendar/ajax/events.php in ownCloud before 4.5.11 and 5.x before ...)
+CVE-2013-2043
 	- owncloud <not-affected> (Only 5.0.x and 4.5.x)
-CVE-2013-2042 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2013-2042
 	- owncloud 4.0.15debian-1
-CVE-2013-2041 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x ...)
+CVE-2013-2041
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2040 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2013-2040
 	- owncloud 4.0.15debian-1
-CVE-2013-2039 (Directory traversal vulnerability in lib/files/view.php in ownCloud ...)
+CVE-2013-2039
 	- owncloud 4.0.15debian-1
-CVE-2013-2038 (The NMEA0183 driver in gpsd before 3.9 allows remote attackers to ...)
+CVE-2013-2038
 	- gpsd 3.6-5 (bug #706665)
 	[wheezy] - gpsd 3.6-4+deb7u1
 	[squeeze] - gpsd <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/gpsd-dev/2013-05/msg00000.html
-CVE-2013-2037 (httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, ...)
+CVE-2013-2037
 	- python-httplib2 0.8-2 (low; bug #706602)
 	[squeeze] - python-httplib2 <no-dsa> (Minor issue)
 	[wheezy] - python-httplib2 0.7.4-2+deb7u1
 	NOTE: http://openwall.com/lists/oss-security/2013/05/01/5
-CVE-2013-2036 (Cross-site scripting (XSS) vulnerability in the Filebrowser module ...)
+CVE-2013-2036
 	NOT-FOR-US: Drupal module Filebrowser
-CVE-2013-2035 (Race condition in ...)
+CVE-2013-2035
 	- hawtjni 1.10-1 (low; bug #708293)
 	[wheezy] - hawtjni 1.0~+git0c502e20c4-3+deb7u1
-CVE-2013-2034 (Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins ...)
+CVE-2013-2034
 	- jenkins 1.509.2+dfsg-1 (bug #706725)
-CVE-2013-2033 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS ...)
+CVE-2013-2033
 	- jenkins 1.509.2+dfsg-1 (bug #706725)
-CVE-2013-2032 (MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow ...)
+CVE-2013-2032
 	{DSA-2891-1}
 	- mediawiki 1:1.19.6-1 (low; bug #706601)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=46590
-CVE-2013-2031 (MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote ...)
+CVE-2013-2031
 	{DSA-2891-1}
 	- mediawiki 1:1.19.6-1 (bug #706601)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=47304
-CVE-2013-2030 (keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, ...)
+CVE-2013-2030
 	- nova <not-affected> (Option not present in nova/2012.1.1)
 	NOTE: http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html
-CVE-2013-2029 (nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others ...)
+CVE-2013-2029
 	- nagios3 <not-affected> (Affected file nagios.upgrade_to_v3.sh not in Debian)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/30/8
-CVE-2013-2028 (The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx ...)
+CVE-2013-2028
 	- nginx <not-affected> (Vulnerable code not present)
-CVE-2013-2027 (Jython 2.2.1 uses the current umask to set the privileges of the class ...)
+CVE-2013-2027
 	[experimental] - jython 2.7.0+repack-1
 	- jython 2.7.1+repack-1 (low; bug #777079)
 	[stretch] - jython <ignored> (Minor issue)
@@ -14391,7 +14391,7 @@ CVE-2013-2027 (Jython 2.2.1 uses the current umask to set the privileges of the
 	NOTE: which should not be in /usr beeing a cachedir.
 CVE-2013-2026
 	REJECTED
-CVE-2013-2025 (Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x ...)
+CVE-2013-2025
 	NOT-FOR-US: Ushahidi
 CVE-2013-2024 [OS command injection vulnerability in Chicken Scheme]
 	RESERVED
@@ -14399,22 +14399,22 @@ CVE-2013-2024 [OS command injection vulnerability in Chicken Scheme]
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2013-04/msg00000.html
-CVE-2013-2023 (Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in ...)
+CVE-2013-2023
 	- jquery-jplayer 2.1.0-2
 	NOTE: used for jPlayer 2.2.23 XSS
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/05/3
-CVE-2013-2022 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-2022
 	- jquery-jplayer 2.1.0-2
 	NOTE: https://github.com/happyworm/jPlayer/commit/c5fe17bb4459164bd59153b57248cf94b8867373
 	NOTE: used for jPlayer 2.2.20 XSS
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/05/3
-CVE-2013-2021 (pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause ...)
+CVE-2013-2021
 	- clamav 0.97.8+dfsg-1
 	[squeeze] - clamav 0.97.8+dfsg-1~squeeze1
-CVE-2013-2020 (Integer underflow in the cli_scanpe function in pe.c in ClamAV before ...)
+CVE-2013-2020
 	- clamav 0.97.8+dfsg-1
 	[squeeze] - clamav 0.97.8+dfsg-1~squeeze1
-CVE-2013-2019 (Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote ...)
+CVE-2013-2019
 	- boinc 6.13.6+dfsg-1 (low)
 	[squeeze] - boinc <no-dsa> (Minor issue)
 	NOTE: http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commitdiff;h=9a4140ae30a72e5175f3f31646d91f2d58df7156
@@ -14424,7 +14424,7 @@ CVE-2013-2018 [SQL injections in the server-side scheduler code]
 	[squeeze] - boinc <not-affected> (Vulnerable code not present)
 	[wheezy] - boinc <no-dsa> (Minor issue)
 	NOTE: server-maker not shipped in squeeze
-CVE-2013-2017 (The veth (aka virtual Ethernet) driver in the Linux kernel before ...)
+CVE-2013-2017
 	- linux 2.6.34-1
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
@@ -14441,14 +14441,14 @@ CVE-2013-2016 [qemu: virtio: out-of-bounds config space access]
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2013-04/msg05254.html
 	NOTE: http://marc.info/?l=oss-security&m=136722323931507&w=2
 	NOTE: Only pratically affects virtio-rng according to oss-reference (and if mmap_min_addr = 0)
-CVE-2013-2015 (The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel ...)
+CVE-2013-2015
 	{DSA-2669-1 DSA-2668-1}
 	- linux 3.8-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-2014 (OpenStack Identity (Keystone) before 2013.1 allows remote attackers to ...)
+CVE-2013-2014
 	- keystone 2013.1.1-2 (bug #708515)
 	[wheezy] - keystone <no-dsa> (Minor issue)
-CVE-2013-2013 (The user-password-update command in python-keystoneclient before 0.2.4 ...)
+CVE-2013-2013
 	- python-keystoneclient 1:0.2.5-1 (bug #709535)
 	[wheezy] - python-keystoneclient 2012.1-3+deb7u1
 	NOTE: https://bugs.launchpad.net/python-keystoneclient/+bug/938315
@@ -14471,174 +14471,174 @@ CVE-2013-2009
 CVE-2013-2008
 	RESERVED
 	NOT-FOR-US: WP Super Cache
-CVE-2013-2007 (The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when ...)
+CVE-2013-2007
 	- qemu <not-affected> (qemu guest agent introduced in 1.4, vulnerable versions were only in experimental)
 	- qemu-kvm <not-affected> (qemu guest agent introduced in 1.4)
-CVE-2013-2006 (OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode ...)
+CVE-2013-2006
 	- keystone 2013.1.1-2
 	[wheezy] - keystone <no-dsa> (Minor issue)
 	NOTE: https://review.openstack.org/#/c/26826/2/keystone/common/config.py
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1172195
-CVE-2013-2005 (X.org libXt 1.1.3 and earlier does not check the return value of the ...)
+CVE-2013-2005
 	{DSA-2680-1}
 	- libxt 1:1.1.3-1+deb7u1
-CVE-2013-2004 (The (1) GetDatabase and (2) _XimParseStringFile functions in X.org ...)
+CVE-2013-2004
 	{DSA-2693-1}
 	- libx11 2:1.5.0-1+deb7u1
-CVE-2013-2003 (Integer overflow in X.org libXcursor 1.1.13 and earlier allows X ...)
+CVE-2013-2003
 	{DSA-2681-1}
 	- libxcursor 1:1.1.13-1+deb7u1
-CVE-2013-2002 (Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to ...)
+CVE-2013-2002
 	{DSA-2680-1}
 	- libxt 1:1.1.3-1+deb7u1
-CVE-2013-2001 (Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers ...)
+CVE-2013-2001
 	{DSA-2692-1}
 	- libxxf86vm 1:1.1.2-1+deb7u1
-CVE-2013-2000 (Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow ...)
+CVE-2013-2000
 	{DSA-2690-1}
 	- libxxf86dga 2:1.1.3-2+deb7u1
-CVE-2013-1999 (Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to ...)
+CVE-2013-1999
 	{DSA-2675-1}
 	- libxvmc 2:1.0.8-1
-CVE-2013-1998 (Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X ...)
+CVE-2013-1998
 	{DSA-2683-1}
 	- libxi 2:1.6.1-1+deb7u1
-CVE-2013-1997 (Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and ...)
+CVE-2013-1997
 	{DSA-2693-1}
 	- libx11 2:1.5.0-1+deb7u1
-CVE-2013-1996 (X.org libFS 1.0.4 and earlier allows X servers to trigger allocation ...)
+CVE-2013-1996
 	{DSA-2687-1}
 	- libfs 2:1.0.4-1+deb7u1
-CVE-2013-1995 (X.org libXi 1.7.1 and earlier allows X servers to trigger allocation ...)
+CVE-2013-1995
 	{DSA-2683-1}
 	- libxi 2:1.6.1-1+deb7u1
-CVE-2013-1994 (Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro ...)
+CVE-2013-1994
 	{DSA-2679-1}
 	- xserver-xorg-video-openchrome 1:0.2.906-2+deb7u1
-CVE-2013-1993 (Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier ...)
+CVE-2013-1993
 	{DSA-2678-1}
 	- mesa 8.0.5-6
-CVE-2013-1992 (Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X ...)
+CVE-2013-1992
 	{DSA-2673-1}
 	- libdmx 1:1.1.2-1+deb7u1
-CVE-2013-1991 (Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier ...)
+CVE-2013-1991
 	{DSA-2690-1}
 	- libxxf86dga 2:1.1.3-2+deb7u1
-CVE-2013-1990 (Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X ...)
+CVE-2013-1990
 	{DSA-2675-1}
 	- libxvmc 2:1.0.8-1
-CVE-2013-1989 (Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X ...)
+CVE-2013-1989
 	{DSA-2674-1}
 	- libxv 2:1.0.7-1+deb7u1
-CVE-2013-1988 (Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X ...)
+CVE-2013-1988
 	{DSA-2688-1}
 	- libxres 2:1.0.6-1+deb7u1
-CVE-2013-1987 (Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow ...)
+CVE-2013-1987
 	{DSA-2677-1}
 	- libxrender 1:0.9.7-1+deb7u1
-CVE-2013-1986 (Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow ...)
+CVE-2013-1986
 	{DSA-2684-1}
 	- libxrandr 2:1.3.2-2+deb7u1
-CVE-2013-1985 (Integer overflow in X.org libXinerama 1.1.2 and earlier allows X ...)
+CVE-2013-1985
 	{DSA-2691-1}
 	- libxinerama 2:1.1.2-1+deb7u1
-CVE-2013-1984 (Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X ...)
+CVE-2013-1984
 	{DSA-2683-1}
 	- libxi 2:1.6.1-1+deb7u1
-CVE-2013-1983 (Integer overflow in X.org libXfixes 5.0 and earlier allows X servers ...)
+CVE-2013-1983
 	{DSA-2676-1}
 	- libxfixes 1:5.0-4+deb7u1
-CVE-2013-1982 (Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X ...)
+CVE-2013-1982
 	{DSA-2682-1}
 	- libxext 2:1.3.1-2+deb7u1
-CVE-2013-1981 (Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and ...)
+CVE-2013-1981
 	{DSA-2693-1}
 	- libx11 2:1.5.0-1+deb7u1
-CVE-2013-1980 (Buffer overflow in the get_dsmp function in loaders/masi_load.c in ...)
+CVE-2013-1980
 	- xmp 3.4.0-3 (low; bug #706667)
 	[wheezy] - xmp <no-dsa> (Minor issue)
 	[squeeze] - xmp <no-dsa> (Minor issue)
-CVE-2013-1979 (The scm_set_cred function in include/net/scm.h in the Linux kernel ...)
+CVE-2013-1979
 	{DSA-2669-1}
 	- linux 3.8.11-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.36)
-CVE-2013-1978 (Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c ...)
+CVE-2013-1978
 	{DSA-2813-1}
 	- gimp 2.8.10-0.1 (bug #731305)
-CVE-2013-1977 (OpenStack devstack uses world-readable permissions for keystone.conf, ...)
+CVE-2013-1977
 	- keystone <not-affected> (permissions to /etc/keystone/keystone.conf restricted in postinst)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/19/2
-CVE-2013-1976 (The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in ...)
+CVE-2013-1976
 	- tomcat6 <not-affected> (RedHat-specific issue)
 	- tomcat7 <not-affected> (RedHat-specific issue)
 CVE-2013-1975
 	RESERVED
 CVE-2013-1974
 	RESERVED
-CVE-2013-1973 (The autocomplete callback in Autocomplete Widgets for Text and Number ...)
+CVE-2013-1973
 	NOT-FOR-US: Drupal contributed module
-CVE-2013-1972 (Cross-site request forgery (CSRF) vulnerability in the elFinder file ...)
+CVE-2013-1972
 	NOT-FOR-US: Drupal contributed module
-CVE-2013-1971 (Cross-site scripting (XSS) vulnerability in the MP3 Player module for ...)
+CVE-2013-1971
 	NOT-FOR-US: Drupal contributed module
 CVE-2013-1970
 	REJECTED
-CVE-2013-1969 (Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly ...)
+CVE-2013-1969
 	- libxml2 <not-affected> (Affecting only 2.9.x, see bug #705722)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
-CVE-2013-1968 (Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote ...)
+CVE-2013-1968
 	{DSA-2703-1}
 	- subversion 1.7.9-1+nmu2 (bug #711033)
 	NOTE: https://subversion.apache.org/security/CVE-2013-1968-advisory.txt
-CVE-2013-1967 (Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in ...)
+CVE-2013-1967
 	- owncloud <not-affected> (Vulnerable code not present)
 	NOTE: oC >= 4.5 only
-CVE-2013-1966 (Apache Struts 2 before 2.3.14.1 allows remote attackers to execute ...)
+CVE-2013-1966
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2013-1965 (Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 ...)
+CVE-2013-1965
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2013-1964 (Xen 4.0.x and 4.1.x incorrectly releases a grant reference when ...)
+CVE-2013-1964
 	{DSA-2666-1}
 	- xen 4.1.4-3
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html
-CVE-2013-1963 (The contacts application in ownCloud before 4.5.10 and 5.x before ...)
+CVE-2013-1963
 	- owncloud <not-affected> (Vulnerable code not present)
 	NOTE: oC >= 4.5 only
-CVE-2013-1962 (The remoteDispatchStoragePoolListAllVolumes function in the storage ...)
+CVE-2013-1962
 	- libvirt <not-affected> (Vulnerable code not present)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=ca697e90d5bd6a6dfb94bfb6d4438bdf9a44b739
-CVE-2013-1961 (Stack-based buffer overflow in the t2p_write_pdf_page function in ...)
+CVE-2013-1961
 	{DSA-2698-1 DLA-610-1}
 	- tiff 4.0.2-6+nmu1 (bug #706674)
 	- tiff3 3.9.7-1 (bug #712840)
-CVE-2013-1960 (Heap-based buffer overflow in the t2p_process_jpeg_strip function in ...)
+CVE-2013-1960
 	{DSA-2698-1}
 	- tiff 4.0.2-6+nmu1 (bug #706675)
 	- tiff3 <not-affected> (tiff command line tools not build in tiff3)
-CVE-2013-1959 (kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have ...)
+CVE-2013-1959
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
-CVE-2013-1958 (The scm_check_creds function in net/core/scm.c in the Linux kernel ...)
+CVE-2013-1958
 	- linux 3.8.13-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
-CVE-2013-1957 (The clone_mnt function in fs/namespace.c in the Linux kernel before ...)
+CVE-2013-1957
 	- linux 3.8.13-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
-CVE-2013-1956 (The create_user_ns function in kernel/user_namespace.c in the Linux ...)
+CVE-2013-1956
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
-CVE-2013-1955 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php ...)
+CVE-2013-1955
 	NOT-FOR-US: Easy PHP Calendar
-CVE-2013-1954 (The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player ...)
+CVE-2013-1954
 	{DSA-2973-1}
 	- vlc 2.0.6-1 (bug #705136)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.videolan.org/security/sa1302.html
-CVE-2013-1953 (Integer underflow in the input_bmp_reader function in input-bmp.c in ...)
+CVE-2013-1953
 	- autotrace 0.31.1-16+nmu1 (low; bug #742873)
 	[wheezy] - autotrace <no-dsa> (Minor issue)
 	[squeeze] - autotrace <no-dsa> (Minor issue)
@@ -14648,62 +14648,62 @@ CVE-2013-1953 (Integer underflow in the input_bmp_reader function in input-bmp.c
 	NOTE: and fixed with 57f805a159874107c6c98065f9aa648c3634b8fd
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=d9c6f88141aecf956c5d7
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=57f805a159874107c6c98
-CVE-2013-1952 (Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, ...)
+CVE-2013-1952
 	{DSA-2666-1}
 	- xen 4.1.4-4
 CVE-2013-1951
 	RESERVED
 	- mediawiki 1:1.19.5-1
 	[squeeze] - mediawiki <end-of-life>
-CVE-2013-1950 (The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows ...)
+CVE-2013-1950
 	- libtirpc <not-affected> (regression code not present)
 	NOTE: Regression introduced with 82cc2e6129c872c8be09381055f2fb5641c5e6fe
 	NOTE: Regression fixed with a9f437119d79a438cb12e510f3cadd4060102c9f
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/22/9
-CVE-2013-1949 (Social Media Widget (social-media-widget) plugin 4.0 for WordPress ...)
+CVE-2013-1949
 	NOT-FOR-US: Wordpress Social Media Widget
-CVE-2013-1948 (converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent ...)
+CVE-2013-1948
 	NOT-FOR-US: Ruby gem md2pdf
-CVE-2013-1947 (kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers ...)
+CVE-2013-1947
 	NOT-FOR-US: Ruby Gem kelredd-pruview
-CVE-2013-1946 (The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and ...)
+CVE-2013-1946
 	NOT-FOR-US: RESTful Web Services (RESTWS) Drupal cotributed module
 CVE-2013-1945
 	RESERVED
 	NOT-FOR-US: Red Hat specific packaging flaw of Ruby in Red Hat OpenShift Enterprise
-CVE-2013-1944 (The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 ...)
+CVE-2013-1944
 	{DSA-2660-1}
 	- curl 7.29.0-2.1 (bug #705274)
 	[wheezy] - curl 7.26.0-1+wheezy2
 	NOTE: http://curl.haxx.se/docs/adv_20130412.html
-CVE-2013-1943 (The KVM subsystem in the Linux kernel before 3.0 does not check ...)
+CVE-2013-1943
 	- linux <not-affected> (RHEL-specific backport regression)
 	- linux-2.6 <not-affected> (RHEL-specific backport regression)
-CVE-2013-1942 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-1942
 	- owncloud <not-affected> (Depends on libjs-jquery-jplayer)
 	- jquery-jplayer 2.1.0-2
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-014/
 	NOTE: https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d
-CVE-2013-1941 (The installation routine in ownCloud Server before 4.0.14, 4.5.x ...)
+CVE-2013-1941
 	- owncloud 5.0.4~rc1+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-015/
-CVE-2013-1940 (X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly ...)
+CVE-2013-1940
 	{DSA-2661-1}
 	- xorg-server 2:1.12.4-6
-CVE-2013-1939 (The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, ...)
+CVE-2013-1939
 	- owncloud <not-affected> (Windows version only)
 	- php-sabredav <not-affected> (running in Windows hosts)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-016/
 CVE-2013-1938
 	RESERVED
 	NOT-FOR-US: Zimbra
-CVE-2013-1937 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-1937
 	- phpmyadmin <not-affected> (Affected are versions 3.5.0 to 3.5.7, older versions not vulnerable)
 	NOTE: http://seclists.org/fulldisclosure/2013/Apr/100
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a
 CVE-2013-1936
 	REJECTED
-CVE-2013-1935 (A certain Red Hat patch to the KVM subsystem in the kernel package ...)
+CVE-2013-1935
 	- linux <not-affected> (RHEL-specific backport regression)
 	- linux-2.6 <not-affected> (RHEL-specific backport regression)
 CVE-2013-1934 [mantis: XSS issue in adm_config_report.php when displaying complex value]
@@ -14711,7 +14711,7 @@ CVE-2013-1934 [mantis: XSS issue in adm_config_report.php when displaying comple
 	{DSA-3120-1}
 	- mantis <removed> (low; bug #717482)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-1933 (The extract_from_ocr function in lib/docsplit/text_extractor.rb in the ...)
+CVE-2013-1933
 	NOT-FOR-US: Karteek Docsplit Ruby Gem
 CVE-2013-1932 [mantis: XSS vulnerability on Configuration Report page]
 	RESERVED
@@ -14725,114 +14725,114 @@ CVE-2013-1930 [mantis: Close button available to users despite workflow restrict
 	RESERVED
 	- mantis <not-affected> (affects only Mantis 1.2.12 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/04/8
-CVE-2013-1929 (Heap-based buffer overflow in the tg3_read_vpd function in ...)
+CVE-2013-1929
 	{DSA-2669-1 DSA-2668-1}
 	- linux 3.8.11-1
 	- linux-2.6 <removed>
-CVE-2013-1928 (The do_video_set_spu_palette function in fs/compat_ioctl.c in the ...)
+CVE-2013-1928
 	{DSA-2668-1}
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
-CVE-2013-1927 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows ...)
+CVE-2013-1927
 	- icedtea-web 1.3.2-1
-CVE-2013-1926 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the ...)
+CVE-2013-1926
 	- icedtea-web 1.3.2-1
-CVE-2013-1925 (The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal ...)
+CVE-2013-1925
 	NOT-FOR-US: CTools module for Drupal
 CVE-2013-1924
 	RESERVED
 	NOT-FOR-US: Commerce Skrill Drupal module
-CVE-2013-1923 (rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for ...)
+CVE-2013-1923
 	- nfs-utils 1:1.2.8-1 (low; bug #707401)
 	[squeeze] - nfs-utils <no-dsa> (Minor issue)
 	[wheezy] - nfs-utils 1:1.2.6-4
-CVE-2013-1922 (qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw ...)
+CVE-2013-1922
 	- xen <not-affected> (qemu-nbd-xen built, but not installed into the binary packages)
 	- qemu 1.5.0+dfsg-1 (low; bug #705544)
 	[squeeze] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- xen-qemu-dm-4.0 <not-affected> (qemu-nbd not installed by the binary package)
-CVE-2013-1921 (PicketBox, as used in Red Hat JBoss Enterprise Application Platform ...)
+CVE-2013-1921
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform (Debian's jboss only provides some classes)
-CVE-2013-1920 (Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running &quot;under ...)
+CVE-2013-1920
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not build with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2013-1919 (Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which ...)
+CVE-2013-1919
 	{DSA-2662-1}
 	- xen 4.1.4-3
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00003.html
-CVE-2013-1918 (Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and ...)
+CVE-2013-1918
 	{DSA-2666-1}
 	- xen 4.1.4-4
-CVE-2013-1917 (Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not ...)
+CVE-2013-1917
 	{DSA-2662-1}
 	- xen 4.1.4-3
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html
 CVE-2013-1916
 	RESERVED
 	NOT-FOR-US: WordPress plugin
-CVE-2013-1915 (ModSecurity before 2.7.3 allows remote attackers to read arbitrary ...)
+CVE-2013-1915
 	{DSA-2659-1}
 	- modsecurity-apache 2.6.6-6 (bug #704625)
 	- libapache-mod-security <removed>
 	NOTE: https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe
 	NOTE: http://marc.info/?l=oss-security&m=136499182131283&w=2
-CVE-2013-1914 (Stack-based buffer overflow in the getaddrinfo function in ...)
+CVE-2013-1914
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-2 (low; bug #704623)
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2013-1913 (Integer overflow in the load_image function in file-xwd.c in the X ...)
+CVE-2013-1913
 	{DSA-2813-1}
 	- gimp 2.8.10-0.1 (bug #731305)
-CVE-2013-1912 (Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through ...)
+CVE-2013-1912
 	{DSA-2711-1}
 	- haproxy 1.4.23-1 (bug #704611)
 	NOTE: http://git.1wt.eu/web?p=haproxy-1.4.git;a=commitdiff;h=dc80672211
-CVE-2013-1911 (lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote ...)
+CVE-2013-1911
 	NOT-FOR-US: ldoce ruby gem
 CVE-2013-1910 [Not removing bad metadata and using it in next run]
 	RESERVED
 	- yum <unfixed> (unimportant)
 	NOTE: http://yum.baseurl.org/gitweb?p=yum.git;a=commitdiff;h=c148eb10b798270b3d15087433c8efb2a79a69d0
 	NOTE: Only used for bootstraps of chroots, see README.Debian
-CVE-2013-1909 (The Python client in Apache Qpid before 2.2 does not verify that the ...)
+CVE-2013-1909
 	- qpid-python 0.22-1 (low; bug #714133)
 	[wheezy] - qpid-python <no-dsa> (Minor issue)
-CVE-2013-1908 (The Commons Wikis module before 7.x-3.1 for Drupal, as used in the ...)
+CVE-2013-1908
 	NOT-FOR-US: Drupal module
-CVE-2013-1907 (The Commons Group module before 7.x-3.1 for Drupal, as used in the ...)
+CVE-2013-1907
 	NOT-FOR-US: Drupal module
-CVE-2013-1906 (Cross-site scripting (XSS) vulnerability in the Rules module 7.x-2.x ...)
+CVE-2013-1906
 	NOT-FOR-US: Drupal module Rules
-CVE-2013-1905 (Cross-site scripting (XSS) vulnerability in the Zero Point theme ...)
+CVE-2013-1905
 	NOT-FOR-US: Drupal theme Zero Point
-CVE-2013-1904 (Absolute path traversal vulnerability in steps/mail/sendmail.inc in ...)
+CVE-2013-1904
 	- roundcube 0.7.2-9
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
-CVE-2013-1903 (PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x ...)
+CVE-2013-1903
 	- postgresql-9.1 <not-affected> (installer related)
 	- postgresql-8.4 <not-affected> (installer related)
-CVE-2013-1902 (PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before ...)
+CVE-2013-1902
 	- postgresql-9.1 <not-affected> (installer related)
 	- postgresql-8.4 <not-affected> (installer related)
-CVE-2013-1901 (PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly ...)
+CVE-2013-1901
 	{DSA-2658-1}
 	- postgresql-9.1 9.1.9-1
-CVE-2013-1900 (PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before ...)
+CVE-2013-1900
 	{DSA-2658-1 DSA-2657-1}
 	- postgresql-9.1 9.1.9-1
 	- postgresql-8.4 8.4.17-1
-CVE-2013-1899 (Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, ...)
+CVE-2013-1899
 	{DSA-2658-1}
 	- postgresql-9.1 9.1.9-1 (bug #704479)
-CVE-2013-1898 (lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows ...)
+CVE-2013-1898
 	NOT-FOR-US: Ruby gem Thumbshooter
-CVE-2013-1897 (The do_search function in ldap/servers/slapd/search.c in 389 Directory ...)
+CVE-2013-1897
 	- 389-ds-base 1.3.2.9-1 (bug #704421)
 	NOTE: http://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286
 	NOTE: https://fedorahosted.org/389/ticket/47308
-CVE-2013-1896 (mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly ...)
+CVE-2013-1896
 	- apache2 2.4.6-1 (low; bug #717272)
 	[wheezy] - apache2 2.2.22-13+deb7u1
 	[squeeze] - apache2 2.2.16-6+squeeze12
@@ -14844,53 +14844,53 @@ CVE-2013-1895 [concurrency issue leading to auth bypass]
 	NOTE: https://code.google.com/p/py-bcrypt/source/detail?r=b03cc5246ea21a839fd027da5616d8d470247558
 CVE-2013-1894
 	REJECTED
-CVE-2013-1893 (SQL injection vulnerability in addressbookprovider.php in ownCloud ...)
+CVE-2013-1893
 	- owncloud <not-affected> (only affecting 5.0 branch)
-CVE-2013-1892 (MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate ...)
+CVE-2013-1892
 	- mongodb 1:2.4.1-1 (bug #704042)
 	[wheezy] - mongodb 1:2.0.6-1.1
 	[squeeze] - mongodb <no-dsa> (Minor isue, Spidermonkey in Lenny is EOLed)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/25/7
 CVE-2013-1891
 	RESERVED
-CVE-2013-1890 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server ...)
+CVE-2013-1890
 	- owncloud <not-affected> (only affecting 5.0 branch)
 CVE-2013-1889
 	RESERVED
 	- libapache2-mod-ruid2 0.9.8-1 (low; bug #704066)
 	[wheezy] - libapache2-mod-ruid2 <no-dsa> (Minor issue)
 	NOTE: Fix: https://github.com/mind04/mod-ruid2/commit/1fed9dda70cd44d54301df19730a29ae0989e0a2
-CVE-2013-1888 (pip before 1.3 allows local users to overwrite arbitrary files via a ...)
+CVE-2013-1888
 	- python-pip <not-affected>
 	[squeeze] - python-pip <not-affected>
 	NOTE: https://github.com/pypa/pip/pull/780/files
 	NOTE: Not-affected as vulnerable code only in 1.3, and 1.3.1-1 fixed the issue.
-CVE-2013-1887 (Multiple cross-site scripting (XSS) vulnerabilities in the Views ...)
+CVE-2013-1887
 	- drupal6 <not-affected> (only affects 7.x-3.x to 7.x-3.6)
 	- drupal7 <not-affected> (views module not packaged)
-CVE-2013-1886 (Format string vulnerability in the token processing system (pki-tps) ...)
+CVE-2013-1886
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2013-1885 (Multiple cross-site scripting (XSS) vulnerabilities in the token ...)
+CVE-2013-1885
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2013-1884 (The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through ...)
+CVE-2013-1884
 	- subversion 1.7.9-1 (bug #704940)
 	[wheezy] - subversion <not-affected> (Subversion HTTPD servers 1.7.0 through 1.7.8 (inclusive))
 	[squeeze] - subversion <not-affected> (Subversion HTTPD servers 1.7.0 through 1.7.8 (inclusive))
 	NOTE: http://bugs.debian.org/704940#32
 	NOTE: http://subversion.apache.org/security/CVE-2013-1884-advisory.txt
-CVE-2013-1883 (Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote ...)
+CVE-2013-1883
 	- mantis <not-affected> (only affects 1.2.12 to 1.2.14)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/21/3
 CVE-2013-1882
 	RESERVED
-CVE-2013-1881 (GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary ...)
+CVE-2013-1881
 	- librsvg 2.40.0-1 (bug #724741)
 	[wheezy] - librsvg 2.36.1-2
 	[squeeze] - librsvg 2.26.3-1+deb6u2
-CVE-2013-1880 (Cross-site scripting (XSS) vulnerability in the Portfolio publisher ...)
+CVE-2013-1880
 	- activemq <not-affected> (portfolio demo app not shipped in Debian package)
 	NOTE: https://issues.apache.org/jira/browse/AMQ-4398
-CVE-2013-1879 (Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ...)
+CVE-2013-1879
 	- activemq <not-affected> (scheduler not shipped in Debian package)
 	NOTE: https://issues.apache.org/jira/browse/AMQ-4397
 CVE-2013-1878
@@ -14899,26 +14899,26 @@ CVE-2013-1877
 	REJECTED
 CVE-2013-1876
 	REJECTED
-CVE-2013-1875 (command_wrap.rb in the command_wrap Gem for Ruby allows remote ...)
+CVE-2013-1875
 	NOT-FOR-US: ruby gem command_wrap
-CVE-2013-1874 (Untrusted search path vulnerability in csi in Chicken before 4.8.2 ...)
+CVE-2013-1874
 	- chicken 4.8.0.3-1 (low; bug #702410)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/19/11
 CVE-2013-1873 [linux kernel kernel stack memory disclosure]
 	REJECTED
-CVE-2013-1872 (The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent ...)
+CVE-2013-1872
 	{DSA-2704-1}
 	- mesa 8.0.5-7
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
-CVE-2013-1871 (Cross-site scripting (XSS) vulnerability in account/EditAddress.do in ...)
+CVE-2013-1871
 	NOT-FOR-US: Red Hat Satellite
 CVE-2013-1870
 	REJECTED
-CVE-2013-1869 (CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and ...)
+CVE-2013-1869
 	NOT-FOR-US: Red Hat Satellite
-CVE-2013-1868 (Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and ...)
+CVE-2013-1868
 	{DSA-2973-1}
 	- vlc 2.0.5-1
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
@@ -14928,116 +14928,116 @@ CVE-2013-1867
 	RESERVED
 CVE-2013-1866
 	RESERVED
-CVE-2013-1865 (OpenStack Keystone Folsom (2012.2) does not properly perform ...)
+CVE-2013-1865
 	- keystone <not-affected> (only affects folsom)
 	NOTE: fixed in experimental with keystone/2012.2.3-2
-CVE-2013-1864 (The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga ...)
+CVE-2013-1864
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/15/6
 	- ekiga 4.0.1-1 (low; bug #704133)
 	[wheezy] - ekiga <no-dsa> (Minor issue)
 	[squeeze] - ekiga <no-dsa> (Minor issue)
-CVE-2013-1863 (Samba 4.x before 4.0.4, when configured as an Active Directory domain ...)
+CVE-2013-1863
 	- samba4 <not-affected> (Debian package only uses ntvfs, see #679678)
 	NOTE: http://www.samba.org/samba/history/samba-4.0.4.html
 	NOTE: http://www.samba.org/samba/security/CVE-2013-1863
-CVE-2013-1862 (mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server ...)
+CVE-2013-1862
 	- apache2 2.4.1-1 (unimportant)
 	[wheezy] - apache2 2.2.22-13+deb7u1
 	[squeeze] - apache2 2.2.16-6+squeeze12
 	NOTE: Such injection issues are not treated as security issues
-CVE-2013-1861 (MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, ...)
+CVE-2013-1861
 	{DSA-2818-1 DSA-2780-1}
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.33+dfsg-1 (low; bug #706715)
 	- mysql-5.1 <removed> (low; bug #706715)
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-4252
-CVE-2013-1860 (Heap-based buffer overflow in the wdm_in_callback function in ...)
+CVE-2013-1860
 	{DSA-2668-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
-CVE-2013-1859 (The Node Parameter Control module 6.x-1.x for Drupal does not properly ...)
+CVE-2013-1859
 	NOT-FOR-US: Drupal module Node Parameter Control
-CVE-2013-1858 (The clone system-call implementation in the Linux kernel before 3.8.3 ...)
+CVE-2013-1858
 	- linux <not-affected> (Only exploitable starting with 3.7)
 	- linux-2.6 <not-affected> (Only exploitable starting with 3.7)
 	NOTE: http://stealth.openwall.net/xSports/clown-newuser.c
-CVE-2013-1857 (The sanitize helper in ...)
+CVE-2013-1857
 	{DSA-2655-1}
 	- ruby-actionpack-3.2 3.2.6-6 (bug #703349)
 	- ruby-actionpack-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1856 (The ActiveSupport::XmlMini_JDOM backend in ...)
+CVE-2013-1856
 	- ruby-activesupport-2.3 <not-affected> (Only affects 3.x and later)
 	- ruby-activesupport-3.2 3.2.6-6 (bug #703350)
 	- rails <not-affected> (Only affects 3.x and later)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1855 (The sanitize_css method in ...)
+CVE-2013-1855
 	{DSA-2655-1}
 	- ruby-actionpack-3.2 3.2.6-6 (bug #703349)
 	- ruby-actionpack-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1854 (The Active Record component in Ruby on Rails 2.3.x before 2.3.18, ...)
+CVE-2013-1854
 	{DSA-2655-1}
 	- ruby-activerecord-3.2 3.2.6-5 (bug #703348)
 	- ruby-activerecord-2.3 2.3.14-6
 	- ruby-activesupport-2.3 2.3.14-7
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1853 (Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when ...)
+CVE-2013-1853
 	- almanah 0.9.1-1 (bug #702905)
 	[squeeze] - almanah <not-affected> (Only affect Almanah used in combination with glib 2.32)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=695117
-CVE-2013-1852 (SQL injection vulnerability in leaguemanager.php in the LeagueManager ...)
+CVE-2013-1852
 	NOT-FOR-US: WordPress plugin LeagueManager
-CVE-2013-1851 (Incomplete blacklist vulnerability in lib/migrate.php in ownCloud ...)
+CVE-2013-1851
 	- owncloud 4.0.8debian-1.6 (bug #703094)
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-010/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
-CVE-2013-1850 (Multiple incomplete blacklist vulnerabilities in (1) import.php and ...)
+CVE-2013-1850
 	- owncloud 4.0.8debian-1.6 (bug #703094)
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-009/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
-CVE-2013-1849 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through ...)
+CVE-2013-1849
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://seclists.org/fulldisclosure/2013/Mar/56
-CVE-2013-1848 (fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect ...)
+CVE-2013-1848
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/8
-CVE-2013-1847 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through ...)
+CVE-2013-1847
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://subversion.apache.org/security/CVE-2013-1847-advisory.txt
-CVE-2013-1846 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before ...)
+CVE-2013-1846
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://subversion.apache.org/security/CVE-2013-1846-advisory.txt
-CVE-2013-1845 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before ...)
+CVE-2013-1845
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://subversion.apache.org/security/CVE-2013-1845-advisory.txt
-CVE-2013-1844 (Cross-site scripting (XSS) vulnerability in Piwik before 1.11 allows ...)
+CVE-2013-1844
 	- piwik <itp> (bug #506933)
-CVE-2013-1843 (Open redirect vulnerability in the Access tracking mechanism in TYPO3 ...)
+CVE-2013-1843
 	{DSA-2646-1}
 	- typo3-src 4.5.19+dfsg1-5 (bug #702574)
-CVE-2013-1842 (SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x ...)
+CVE-2013-1842
 	{DSA-2646-1}
 	- typo3-src 4.5.19+dfsg1-5 (bug #702574)
-CVE-2013-1841 (Net-Server, when the reverse-lookups option is enabled, does not check ...)
+CVE-2013-1841
 	- libnet-server-perl <unfixed> (low; bug #702914)
 	[buster] - libnet-server-perl <ignored> (Minor issue)
 	[stretch] - libnet-server-perl <ignored> (Minor issue)
@@ -15045,65 +15045,65 @@ CVE-2013-1841 (Net-Server, when the reverse-lookups option is enabled, does not
 	[wheezy] - libnet-server-perl <ignored> (Minor issue)
 	[squeeze] - libnet-server-perl <no-dsa> (Minor issue)
 	NOTE: https://rt.cpan.org/Ticket/Display.html?id=83909
-CVE-2013-1840 (The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and ...)
+CVE-2013-1840
 	- glance 2012.1.1-5 (bug #703063)
-CVE-2013-1839 (The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x ...)
+CVE-2013-1839
 	- squid3 <not-affected> (the errors were introduced in trunk rev.11496 in 3.2.0.9)
 	NOTE: According to http://seclists.org/bugtraq/2013/Mar/68 not affecting 3.1?
 	NOTE: http://bazaar.launchpad.net/~squid/squid/3.2/revision/11796
-CVE-2013-1838 (OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...)
+CVE-2013-1838
 	- nova 2012.1.1-15 (bug #703064)
 CVE-2013-1837
 	RESERVED
-CVE-2013-1836 (Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and ...)
+CVE-2013-1836
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1835 (Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and ...)
+CVE-2013-1835
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1834 (notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, ...)
+CVE-2013-1834
 	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2013-1833 (Multiple cross-site scripting (XSS) vulnerabilities in the File Picker ...)
+CVE-2013-1833
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1832 (repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before ...)
+CVE-2013-1832
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1831 (lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x ...)
+CVE-2013-1831
 	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2013-1830 (user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x ...)
+CVE-2013-1830
 	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2013-1829 (calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not ...)
+CVE-2013-1829
 	- moodle <not-affected> (Only in 2.4 to 2.4.1)
-CVE-2013-1828 (The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the ...)
+CVE-2013-1828
 	- linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-1827 (net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to ...)
+CVE-2013-1827
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2013-1826 (The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux ...)
+CVE-2013-1826
 	{DSA-2668-1}
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
 	NOTE: Probably gone since 3.2.32-1, but I checked 3.2.41-2
 CVE-2013-1825
 	REJECTED
-CVE-2013-1824 (The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows ...)
+CVE-2013-1824
 	{DSA-2639-1}
 	- php5 5.4.4-14
 	NOTE: See CVE-2013-1643
 	NOTE: http://git.php.net/?p=web/php.git;a=commitdiff;h=e8432b34ee7a196a14a6e0191a00fe73b5a095e7
-CVE-2013-1823 (Cross-site scripting (XSS) vulnerability in the Notifications form in ...)
+CVE-2013-1823
 	NOT-FOR-US: Katello
-CVE-2013-1822 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x ...)
+CVE-2013-1822
 	- owncloud <not-affected> (owncloud stable4 (4.0.x) is not affected)
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-008/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
-CVE-2013-1821 (lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows ...)
+CVE-2013-1821
 	{DSA-2809-1 DSA-2738-1}
 	- ruby1.9.1 1.9.3.194-8.1 (bug #702525)
 	- ruby1.8 1.8.7.358-7 (bug #702526)
@@ -15111,12 +15111,12 @@ CVE-2013-1821 (lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 a
 CVE-2013-1820
 	RESERVED
 	- tuned <not-affected> (Fixed before initial release to Debian)
-CVE-2013-1819 (The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel ...)
+CVE-2013-1819
 	- linux 3.8-1
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <no-dsa> (Too risky to backport, minor impact)
 	[wheezy] - linux <no-dsa> (Too risky to backport, minor impact)
-CVE-2013-1818 (maintenance/mwdoc-filter.php in MediaWiki before 1.20.3 allows remote ...)
+CVE-2013-1818
 	- mediawiki <not-affected> (mwdoc-filter.php introduced in 1.20)
 	NOTE: register_globals is not supported in Debian anyway, see PHP's README.Debian.security
 CVE-2013-1817 [mediawiki information disclosure in unblock API]
@@ -15127,15 +15127,15 @@ CVE-2013-1816 [mediawiki insecure curl usage]
 	RESERVED
 	- mediawiki 1:1.19.4-1
 	[squeeze] - mediawiki <end-of-life>
-CVE-2013-1815 (PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create ...)
+CVE-2013-1815
 	NOT-FOR-US: OpenStack PackStack
-CVE-2013-1814 (The users/get program in the User RPC API in Apache Rave 0.11 through ...)
+CVE-2013-1814
 	NOT-FOR-US: Apache Rave
-CVE-2013-1813 (util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for ...)
+CVE-2013-1813
 	- busybox 1:1.20.0-8 (low; bug #701965)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	[squeeze] - busybox <no-dsa> (Minor issue)
-CVE-2013-1812 (The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID ...)
+CVE-2013-1812
 	- ruby-openid 2.1.8debian-6 (bug #702217)
 	- libopenid-ruby <removed> (bug #702217)
 	[squeeze] - libopenid-ruby 2.1.8debian-1+squeeze1
@@ -15144,7 +15144,7 @@ CVE-2013-1811 [Reporter can change issue status to 'new']
 	{DSA-3120-1}
 	- mantis <removed> (low; bug #698481)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-1810 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-1810
 	- mantis <not-affected> (only affects MantisBT 1.2.12)
 CVE-2013-1809 [Gambas creates hijackable directory in /tmp]
 	RESERVED
@@ -15153,106 +15153,106 @@ CVE-2013-1809 [Gambas creates hijackable directory in /tmp]
 	[wheezy] - gambas3 <no-dsa> (Minor issue)
 	[squeeze] - gambas2 <no-dsa> (Minor issue)
 	NOTE: https://code.google.com/p/gambas/issues/detail?id=365
-CVE-2013-1808 (Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ...)
+CVE-2013-1808
 	- db4o <unfixed> (unimportant)
 	- jenkins 1.509.2+dfsg-1 (bug #706725)
-CVE-2013-1807 (PHP-Fusion before 7.02.06 stores backup files with predictable ...)
+CVE-2013-1807
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-1806 (Multiple directory traversal vulnerabilities in PHP-Fusion before ...)
+CVE-2013-1806
 	NOT-FOR-US: PHP-Fusion
 CVE-2013-1805
 	REJECTED
-CVE-2013-1804 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion ...)
+CVE-2013-1804
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-1803 (Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 ...)
+CVE-2013-1803
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-1802 (The extlib gem 0.9.15 and earlier for Ruby does not properly restrict ...)
+CVE-2013-1802
 	{DLA-172-1}
 	- ruby-extlib 0.9.15-3 (bug #697895)
 	- libextlib-ruby <removed> (bug #697895)
-CVE-2013-1801 (The httparty gem 0.9.0 and earlier for Ruby does not properly restrict ...)
+CVE-2013-1801
 	NOT-FOR-US: httparty Ruby gem
-CVE-2013-1800 (The crack gem 0.3.1 and earlier for Ruby does not properly restrict ...)
+CVE-2013-1800
 	- ruby-crack 0.3.2-1
-CVE-2013-1799 (Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before ...)
+CVE-2013-1799
 	- gnome-online-accounts <not-affected> (Incomplete patch wasn't applied in Debian)
-CVE-2013-1798 (The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux ...)
+CVE-2013-1798
 	{DSA-2668-1}
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
-CVE-2013-1797 (Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel ...)
+CVE-2013-1797
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, KVM server not supported in squeeze-lts)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
-CVE-2013-1796 (The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux ...)
+CVE-2013-1796
 	{DSA-2669-1 DSA-2668-1}
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
-CVE-2013-1795 (Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote ...)
+CVE-2013-1795
 	{DSA-2638-1}
 	- openafs 1.6.1-3
-CVE-2013-1794 (Buffer overflow in certain client utilities in OpenAFS before 1.6.2 ...)
+CVE-2013-1794
 	{DSA-2638-1}
 	- openafs 1.6.1-3
 CVE-2013-1793
 	RESERVED
 	NOT-FOR-US: openstack-utils
-CVE-2013-1792 (Race condition in the install_user_keyrings function in ...)
+CVE-2013-1792
 	{DSA-2668-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
 CVE-2013-1791
 	RESERVED
-CVE-2013-1790 (poppler/Stream.cc in poppler before 0.22.1 allows context-dependent ...)
+CVE-2013-1790
 	{DSA-2719-1}
 	- poppler 0.18.4-6 (low; bug #702071)
-CVE-2013-1789 (splash/Splash.cc in poppler before 0.22.1 allows context-dependent ...)
+CVE-2013-1789
 	- poppler <not-affected> (vulnerable code introduced in a later version)
-CVE-2013-1788 (poppler before 0.22.1 allows context-dependent attackers to cause a ...)
+CVE-2013-1788
 	{DSA-2719-1}
 	- poppler 0.18.4-6 (low; bug #702071)
-CVE-2013-1787 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
+CVE-2013-1787
 	NOT-FOR-US: Drupal addon
-CVE-2013-1786 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
+CVE-2013-1786
 	NOT-FOR-US: Drupal addon
-CVE-2013-1785 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
+CVE-2013-1785
 	NOT-FOR-US: Drupal addon
-CVE-2013-1784 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
+CVE-2013-1784
 	NOT-FOR-US: Drupal addon
-CVE-2013-1783 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in ...)
+CVE-2013-1783
 	NOT-FOR-US: Drupal addon
-CVE-2013-1782 (Cross-site scripting (XSS) vulnerability in the Responsive Blog Theme ...)
+CVE-2013-1782
 	NOT-FOR-US: Drupal addon
-CVE-2013-1781 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
+CVE-2013-1781
 	NOT-FOR-US: Drupal addon
-CVE-2013-1780 (Cross-site scripting (XSS) vulnerability in the Best Responsive Theme ...)
+CVE-2013-1780
 	NOT-FOR-US: Drupal addon
-CVE-2013-1779 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
+CVE-2013-1779
 	NOT-FOR-US: Drupal addon
-CVE-2013-1778 (Cross-site scripting (XSS) vulnerability in the Creative Theme 7.x-1.x ...)
+CVE-2013-1778
 	NOT-FOR-US: Drupal addon
-CVE-2013-1777 (The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as ...)
+CVE-2013-1777
 	NOT-FOR-US: JMX componenent of Apache Geronimo is not packaged
-CVE-2013-1776 (sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the ...)
+CVE-2013-1776
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701839)
-CVE-2013-1775 (sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows ...)
+CVE-2013-1775
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701838)
 	NOTE: severity depends a lot on the environment
-CVE-2013-1774 (The chase_port function in drivers/usb/serial/io_ti.c in the Linux ...)
+CVE-2013-1774
 	{DSA-2668-1}
 	- linux 3.2.38-1
 	- linux-2.6 <removed>
-CVE-2013-1773 (Buffer overflow in the VFAT filesystem implementation in the Linux ...)
+CVE-2013-1773
 	{DSA-2668-1}
 	- linux 3.2.15-1
 	- linux-2.6 <removed>
 	NOTE: Probably gone since 3.2.15-1, but I checked 3.2.41-2
-CVE-2013-1772 (The log_prefix function in kernel/printk.c in the Linux kernel 3.x ...)
+CVE-2013-1772
 	- linux 3.2.39-1
 	- linux-2.6 <not-affected> (Vulnerability exposed since 3.0)
 CVE-2013-1771 [monkey: world-readable logdir]
@@ -15260,48 +15260,48 @@ CVE-2013-1771 [monkey: world-readable logdir]
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/24/5
-CVE-2013-1770 (Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia ...)
+CVE-2013-1770
 	- ganglia 3.6.0-1 (low; bug #700158)
 	[squeeze] - ganglia <no-dsa> (Minor issue)
 	[wheezy] - ganglia <no-dsa> (Minor issue)
 	- ganglia-web 3.5.8-3 (bug #700159)
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: Upstream non-verified fix https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6
-CVE-2013-1769 (A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 ...)
+CVE-2013-1769
 	- telepathy-gabble 0.16.5-1 (low; bug #702252)
 	[squeeze] - telepathy-gabble <no-dsa> (Minor issue)
-CVE-2013-1768 (The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and ...)
+CVE-2013-1768
 	- openjpa 2.2.2-1 (bug #716937)
 	[squeeze] - openjpa <no-dsa> (Minor issue)
 	[wheezy] - openjpa <no-dsa> (Minor issue)
-CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in ...)
+CVE-2013-1767
 	{DSA-2668-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
-CVE-2013-1766 (libvirt 1.0.2 and earlier sets the group owner to kvm for device ...)
+CVE-2013-1766
 	{DSA-2650-1}
 	- libvirt 0.9.12-8 (bug #701649)
-CVE-2013-1765 (Multiple cross-site scripting (XSS) vulnerabilities in jwplayer.swf in ...)
+CVE-2013-1765
 	NOT-FOR-US: WordPress plugin smart-flv
-CVE-2013-1764 (The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local ...)
+CVE-2013-1764
 	- packagekit <not-affected> (Zypp backend specific to SuSE)
-CVE-2013-1763 (Array index error in the __sock_diag_rcv_msg function in ...)
+CVE-2013-1763
 	- linux <not-affected> (Introduced in 3.3)
 	NOTE: 3.6.9 and 3.7.8 in experimental are affected, 3.8 will be fixed.
-CVE-2013-1762 (stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM ...)
+CVE-2013-1762
 	{DSA-2664-1}
 	- stunnel4 3:4.53-1.1 (bug #702267)
 CVE-2013-1761
 	RESERVED
 CVE-2013-1760
 	RESERVED
-CVE-2013-1759 (Cross-site scripting (XSS) vulnerability in the Responsive Logo ...)
+CVE-2013-1759
 	NOT-FOR-US: WordPress plugin responsive-logo-slideshow
-CVE-2013-1758 (Cross-site scripting (XSS) vulnerability in the Marekkis Watermark ...)
+CVE-2013-1758
 	NOT-FOR-US: WordPress plugin marekkis-watermark
 CVE-2013-1757
 	RESERVED
-CVE-2013-1756 (The Dragonfly gem 0.7 before 0.8.6 and 0.9.x before 0.9.13 for Ruby, ...)
+CVE-2013-1756
 	NOT-FOR-US: Dragonfly Ruby gem
 CVE-2013-1755
 	RESERVED
@@ -15348,13 +15348,13 @@ CVE-2013-1751
 	RESERVED
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2013-1751
-CVE-2013-1750 (Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 ...)
+CVE-2013-1750
 	NOT-FOR-US: RealPlayer
-CVE-2013-1749 (Cross-site scripting (XSS) vulnerability in edit.php in PHP Address ...)
+CVE-2013-1749
 	NOT-FOR-US: PHP Address Book
-CVE-2013-1748 (Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow ...)
+CVE-2013-1748
 	NOT-FOR-US: PHP Address Book
-CVE-2013-1747 (channel.c in ngIRCd 20 and 20.1 allows remote attackers to cause a ...)
+CVE-2013-1747
 	- ngircd <not-affected> (Vulnerable version was only in experimental, introduced in 20.1-1~exp1 and fixed in 20.2-1~exp1)
 CVE-2013-1746
 	RESERVED
@@ -15362,44 +15362,44 @@ CVE-2013-1745
 	RESERVED
 CVE-2013-1744
 	RESERVED
-CVE-2013-1743 (Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in ...)
+CVE-2013-1743
 	- bugzilla <not-affected> (Only affects 4.1 to 4.4)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924932
-CVE-2013-1742 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-1742
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924802
-CVE-2013-1741 (Integer overflow in Mozilla Network Security Services (NSS) 3.15 ...)
+CVE-2013-1741
 	{DSA-2994-1 DLA-23-1}
 	- nss 2:3.15.3-1 (bug #735105)
 	[squeeze] - nss 3.12.8-1+squeeze8
 	NOTE: https://hg.mozilla.org/projects/nss/rev/612d7d1eb9e7
-CVE-2013-1740 (The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla ...)
+CVE-2013-1740
 	- nss 2:3.15.4-1
 	[squeeze] - nss <no-dsa> (false start disabled by default, needs to be enabled by clients)
 	[wheezy] - nss <no-dsa> (false start disabled by default, needs to be enabled by clients)
 	NOTE: false start must be enabled by the client (mainly browsers)
-CVE-2013-1739 (Mozilla Network Security Services (NSS) before 3.15.2 does not ensure ...)
+CVE-2013-1739
 	{DSA-2790-1}
 	- nss 2:3.15.2-1 (bug #726473)
 	[squeeze] - nss <not-affected> (Introduced in 3.14.3)
 	NOTE: https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_notes
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1012656
-CVE-2013-1738 (Use-after-free vulnerability in the JS_GetGlobalForScopeChain function ...)
+CVE-2013-1738
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1737 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
+CVE-2013-1737
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 17.0.9-1
 	[squeeze] - icedove <end-of-life>
-CVE-2013-1736 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before ...)
+CVE-2013-1736
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15408,7 +15408,7 @@ CVE-2013-1736 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox befo
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1735 (Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity ...)
+CVE-2013-1735
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15417,16 +15417,16 @@ CVE-2013-1735 (Use-after-free vulnerability in the mozilla::layout::ScrollbarAct
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1734 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...)
+CVE-2013-1734
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=913904
-CVE-2013-1733 (Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in ...)
+CVE-2013-1733
 	- bugzilla <not-affected> (Only affects 4.4)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=911593
-CVE-2013-1732 (Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla ...)
+CVE-2013-1732
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15435,11 +15435,11 @@ CVE-2013-1732 (Buffer overflow in the nsFloatManager::GetFlowArea function in Mo
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1731 (Untrusted search path vulnerability in the GL tracing functionality in ...)
+CVE-2013-1731
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
 	- iceape <not-affected> (Android-specific)
-CVE-2013-1730 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
+CVE-2013-1730
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15448,25 +15448,25 @@ CVE-2013-1730 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1729 (The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA ...)
+CVE-2013-1729
 	- iceweasel <not-affected> (MacOS-specific)
 	- icedove <not-affected> (MacOS-specific)
 	- iceape <not-affected> (MacOS-specific)
-CVE-2013-1728 (The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, ...)
+CVE-2013-1728
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1727 (Mozilla Firefox before 24.0 on Android allows attackers to bypass the ...)
+CVE-2013-1727
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
 	- iceape <not-affected> (Android-specific)
-CVE-2013-1726 (Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x ...)
+CVE-2013-1726
 	- iceweasel <not-affected> (Updater not used in Debian)
 	- icedove <not-affected> (Updater not used in Debian)
 	- iceape <not-affected> (Updater not used in Debian)
-CVE-2013-1725 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
+CVE-2013-1725
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15475,19 +15475,19 @@ CVE-2013-1725 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1724 (Use-after-free vulnerability in the ...)
+CVE-2013-1724
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1723 (The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird ...)
+CVE-2013-1723
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1722 (Use-after-free vulnerability in the ...)
+CVE-2013-1722
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15496,24 +15496,24 @@ CVE-2013-1722 (Use-after-free vulnerability in the ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1721 (Integer overflow in the drawLineLoop function in the libGLESv2 library ...)
+CVE-2013-1721
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1720 (The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 ...)
+CVE-2013-1720
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1719 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-1719
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1718 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-1718
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15522,7 +15522,7 @@ CVE-2013-1718 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1717 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
+CVE-2013-1717
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15533,9 +15533,9 @@ CVE-2013-1717 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
 	[wheezy] - iceape <end-of-life>
 CVE-2013-1716
 	RESERVED
-CVE-2013-1715 (Multiple untrusted search path vulnerabilities in the (1) full ...)
+CVE-2013-1715
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2013-1714 (The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ...)
+CVE-2013-1714
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15544,7 +15544,7 @@ CVE-2013-1714 (The Web Workers implementation in Mozilla Firefox before 23.0, Fi
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1713 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
+CVE-2013-1713
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15553,14 +15553,14 @@ CVE-2013-1713 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1712 (Multiple untrusted search path vulnerabilities in updater.exe in ...)
+CVE-2013-1712
 	- iceweasel <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2013-1711 (The XrayWrapper implementation in Mozilla Firefox before 23.0 and ...)
+CVE-2013-1711
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1710 (The crypto.generateCRMFRequest function in Mozilla Firefox before ...)
+CVE-2013-1710
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15569,7 +15569,7 @@ CVE-2013-1710 (The crypto.generateCRMFRequest function in Mozilla Firefox before
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1709 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
+CVE-2013-1709
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15578,32 +15578,32 @@ CVE-2013-1709 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1708 (Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote ...)
+CVE-2013-1708
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1707 (Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox ...)
+CVE-2013-1707
 	- iceweasel <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2013-1706 (Stack-based buffer overflow in maintenanceservice.exe in the Mozilla ...)
+CVE-2013-1706
 	- iceweasel <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2013-1705 (Heap-based buffer underflow in the cryptojs_interpret_key_gen_type ...)
+CVE-2013-1705
 	- iceweasel 23.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1704 (Use-after-free vulnerability in the nsINode::GetParentNode function in ...)
+CVE-2013-1704
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
 CVE-2013-1703
 	RESERVED
-CVE-2013-1702 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-1702
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1701 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-1701
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15612,13 +15612,13 @@ CVE-2013-1701 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1700 (The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on ...)
+CVE-2013-1700
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1699 (The Internationalized Domain Name (IDN) display algorithm in Mozilla ...)
+CVE-2013-1699
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1698 (The getUserMedia permission implementation in Mozilla Firefox before ...)
+CVE-2013-1698
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1697 (The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ...)
+CVE-2013-1697
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15627,11 +15627,11 @@ CVE-2013-1697 (The XrayWrapper implementation in Mozilla Firefox before 22.0, Fi
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1696 (Mozilla Firefox before 22.0 does not properly enforce the ...)
+CVE-2013-1696
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1695 (Mozilla Firefox before 22.0 does not properly implement certain ...)
+CVE-2013-1695
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1694 (The PreserveWrapper implementation in Mozilla Firefox before 22.0, ...)
+CVE-2013-1694
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15640,7 +15640,7 @@ CVE-2013-1694 (The PreserveWrapper implementation in Mozilla Firefox before 22.0
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1693 (The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ...)
+CVE-2013-1693
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15649,7 +15649,7 @@ CVE-2013-1693 (The SVG filter implementation in Mozilla Firefox before 22.0, Fir
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1692 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, ...)
+CVE-2013-1692
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15660,7 +15660,7 @@ CVE-2013-1692 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, ...)
 	[wheezy] - iceape <end-of-life>
 CVE-2013-1691
 	RESERVED
-CVE-2013-1690 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, ...)
+CVE-2013-1690
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15672,9 +15672,9 @@ CVE-2013-1690 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, ...)
 CVE-2013-1689
 	RESERVED
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1688 (The Profiler implementation in Mozilla Firefox before 22.0 parses ...)
+CVE-2013-1688
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1687 (The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) ...)
+CVE-2013-1687
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15683,7 +15683,7 @@ CVE-2013-1687 (The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) ...
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1686 (Use-after-free vulnerability in the mozilla::ResetDir function in ...)
+CVE-2013-1686
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15692,7 +15692,7 @@ CVE-2013-1686 (Use-after-free vulnerability in the mozilla::ResetDir function in
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1685 (Use-after-free vulnerability in the nsIDocument::GetRootElement ...)
+CVE-2013-1685
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15701,7 +15701,7 @@ CVE-2013-1685 (Use-after-free vulnerability in the nsIDocument::GetRootElement .
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1684 (Use-after-free vulnerability in the ...)
+CVE-2013-1684
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15710,11 +15710,11 @@ CVE-2013-1684 (Use-after-free vulnerability in the ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1683 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-1683
 	- iceweasel <not-affected> (Only affects Firefox 21)
 	- icedove <not-affected> (Only affects Firefox 21)
 	- iceape <not-affected> (Only affects Firefox 21)
-CVE-2013-1682 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-1682
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15723,7 +15723,7 @@ CVE-2013-1682 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1681 (Use-after-free vulnerability in the ...)
+CVE-2013-1681
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15732,7 +15732,7 @@ CVE-2013-1681 (Use-after-free vulnerability in the ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
+CVE-2013-1680
 	{DSA-2720-1 DSA-2699-1}
 	[squeeze] - iceweasel <end-of-life>
 	- iceweasel 17.0.6esr-1
@@ -15741,7 +15741,7 @@ CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild funct
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1679 (Use-after-free vulnerability in the ...)
+CVE-2013-1679
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15750,7 +15750,7 @@ CVE-2013-1679 (Use-after-free vulnerability in the ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
+CVE-2013-1678
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15759,7 +15759,7 @@ CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox bef
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
+CVE-2013-1677
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15768,7 +15768,7 @@ CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
+CVE-2013-1676
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15777,7 +15777,7 @@ CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
+CVE-2013-1675
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15786,7 +15786,7 @@ CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
+CVE-2013-1674
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15795,15 +15795,15 @@ CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Fire
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1673 (The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not ...)
+CVE-2013-1673
 	- iceweasel <not-affected> (Windows build only)
-CVE-2013-1672 (The Mozilla Maintenance Service in Mozilla Firefox before 21.0, ...)
+CVE-2013-1672
 	- iceweasel <not-affected> (Windows build only)
 	- icedove <not-affected> (Windows build only)
 	- iceape <not-affected> (Windows build only)
-CVE-2013-1671 (Mozilla Firefox before 21.0 does not properly implement the INPUT ...)
+CVE-2013-1671
 	- iceweasel <not-affected> (Doesn't affect ESR 17 series, only later versions in experimental)
-CVE-2013-1670 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+CVE-2013-1670
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15812,108 +15812,108 @@ CVE-2013-1670 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1669 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-1669
 	- iceweasel <not-affected> (Only affects Firefox 20)
 	- icedove <not-affected> (Only affects Firefox 20)
 	- iceape <not-affected> (Only affects Firefox 20)
-CVE-2013-1668 (The uploadFile function in upload/index.php in CosCMS before 1.822 ...)
+CVE-2013-1668
 	NOT-FOR-US: CosCMS
-CVE-2013-1667 (The rehash mechanism in Perl 5.8.2 through 5.16.x allows ...)
+CVE-2013-1667
 	{DSA-2641-1}
 	- perl 5.14.2-19 (bug #702296)
 	NOTE: http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html
 CVE-2013-1666
 	RESERVED
 	- foswiki <itp> (bug #509864)
-CVE-2013-1665 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...)
+CVE-2013-1665
 	{DSA-2634-1}
 	- keystone 2012.1.1-13 (bug #700948)
 	- python-django 1.4.4-1
-CVE-2013-1664 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...)
+CVE-2013-1664
 	- keystone 2012.1.1-13 (bug #700948)
 	- nova 2012.1.1-13 (bug #700949)
 	- cinder 2012.2.3-1 (bug #700950)
 CVE-2013-1663
 	RESERVED
-CVE-2013-1662 (vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x ...)
+CVE-2013-1662
 	NOT-FOR-US: VMware
-CVE-2013-1661 (VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly ...)
+CVE-2013-1661
 	NOT-FOR-US: VMware ESXi
 CVE-2013-1660
 	REJECTED
-CVE-2013-1659 (VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and ...)
+CVE-2013-1659
 	NOT-FOR-US: vCenter
 CVE-2013-1658
 	RESERVED
 CVE-2013-1657
 	RESERVED
-CVE-2013-1656 (Spree Commerce 1.0.x through 1.3.2 allows remote authenticated ...)
+CVE-2013-1656
 	NOT-FOR-US: Spree
-CVE-2013-1655 (Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby ...)
+CVE-2013-1655
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1654 (Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet ...)
+CVE-2013-1654
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1653 (Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and ...)
+CVE-2013-1653
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1652 (Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and ...)
+CVE-2013-1652
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1651 (OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before ...)
+CVE-2013-1651
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1650 (Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and ...)
+CVE-2013-1650
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1649 (Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and ...)
+CVE-2013-1649
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1648 (The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, ...)
+CVE-2013-1648
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1647 (Multiple CRLF injection vulnerabilities in Open-Xchange Server before ...)
+CVE-2013-1647
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1646 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+CVE-2013-1646
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1645 (Directory traversal vulnerability in Open-Xchange Server before 6.20.7 ...)
+CVE-2013-1645
 	NOT-FOR-US: Open-Xchange
 CVE-2013-1644
 	RESERVED
-CVE-2013-1643 (The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows ...)
+CVE-2013-1643
 	{DSA-2639-1}
 	- php5 5.4.4-14 (bug #702221)
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c737b89473df9dba6742b8fc8fbf6d009bf05c36
 CVE-2013-1642
 	RESERVED
-CVE-2013-1641 (Directory traversal vulnerability in the zip download functionality in ...)
+CVE-2013-1641
 	NOT-FOR-US: QuiXplorer
-CVE-2013-1640 (The (1) template and (2) inline_template functions in the master ...)
+CVE-2013-1640
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1639 (Opera before 12.13 does not send CORS preflight requests in all ...)
+CVE-2013-1639
 	NOT-FOR-US: Opera
-CVE-2013-1638 (Opera before 12.13 allows remote attackers to execute arbitrary code ...)
+CVE-2013-1638
 	NOT-FOR-US: Opera
-CVE-2013-1637 (Opera before 12.13 allows remote attackers to execute arbitrary code ...)
+CVE-2013-1637
 	NOT-FOR-US: Opera
-CVE-2013-1636 (Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in ...)
+CVE-2013-1636
 	- biomaj-watcher 1.2.2-1 (low; bug #742859)
 	[wheezy] - biomaj-watcher <no-dsa> (Minor issue)
-CVE-2013-1635 (ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not ...)
+CVE-2013-1635
 	{DSA-2639-1}
 	- php5 5.4.4-14 (unimportant; bug #702221)
 	NOTE: open_basedir not supported
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74
 CVE-2013-1634
 	RESERVED
-CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packages ...)
+CVE-2013-1633
 	- distribute <unfixed> (unimportant)
 	NOTE: Lack of a security feature, not a vulnerability
 CVE-2013-1632
 	RESERVED
 CVE-2013-1631
 	RESERVED
-CVE-2013-1630 (pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI ...)
+CVE-2013-1630
 	NOT-FOR-US: pyshop
-CVE-2013-1629 (pip before 1.3 uses HTTP to retrieve packages from the PyPI ...)
+CVE-2013-1629
 	- python-pip 1.3.1-1 (low; bug #710163)
 	[wheezy] - python-pip <no-dsa> (Minor issue)
 	[squeeze] - python-pip <no-dsa> (Minor issue)
@@ -15922,17 +15922,17 @@ CVE-2013-1629 (pip before 1.3 uses HTTP to retrieve packages from the PyPI ...)
 	[squeeze] - python-virtualenv <no-dsa> (Minor issue)
 CVE-2013-1628
 	REJECTED
-CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in Indusoft ...)
+CVE-2013-1627
 	NOT-FOR-US: Indusoft Studio, Advantech Studio
 CVE-2013-1626
 	RESERVED
 CVE-2013-1625
 	RESERVED
-CVE-2013-1624 (The TLS implementation in the Bouncy Castle Java library before 1.48 ...)
+CVE-2013-1624
 	- bouncycastle 1.48+dfsg-2 (low; bug #699885)
 	[squeeze] - bouncycastle <no-dsa> (Minor issue)
 	[wheezy] - bouncycastle <no-dsa> (Minor issue)
-CVE-2013-1623 (The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not ...)
+CVE-2013-1623
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.30+dfsg-1.1 (bug #699886)
@@ -15940,45 +15940,45 @@ CVE-2013-1623 (The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 d
 	NOTE: cyassl: fixed upstream in 2.5.0
 CVE-2013-1622
 	REJECTED
-CVE-2013-1621 (Array index error in the SSL module in PolarSSL before 1.2.5 might ...)
+CVE-2013-1621
 	{DSA-2622-1}
 	- polarssl 1.1.4-2 (bug #699887)
-CVE-2013-1620 (The TLS implementation in Mozilla Network Security Services (NSS) does ...)
+CVE-2013-1620
 	- nss 2:3.14.3-1 (low; bug #699888)
 	[squeeze] - nss <no-dsa> (Minor issue)
-CVE-2013-1619 (The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, ...)
+CVE-2013-1619
 	- gnutls26 2.12.20-4
 	[squeeze] - gnutls26 <no-dsa> (Too intrusive to backport)
 	- gnutls28 3.0.22-3
-CVE-2013-1618 (The TLS implementation in Opera before 12.13 does not properly ...)
+CVE-2013-1618
 	NOT-FOR-US: Opera
-CVE-2013-1617 (Multiple SQL injection vulnerabilities in the management console on ...)
+CVE-2013-1617
 	NOT-FOR-US: Symantec
-CVE-2013-1616 (The management console on the Symantec Web Gateway (SWG) appliance ...)
+CVE-2013-1616
 	NOT-FOR-US: Symantec
-CVE-2013-1615 (The management console (aka Java console) on the Symantec Security ...)
+CVE-2013-1615
 	NOT-FOR-US: Symantec
-CVE-2013-1614 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2013-1614
 	NOT-FOR-US: Symantec
-CVE-2013-1613 (SQL injection vulnerability in the management console (aka Java ...)
+CVE-2013-1613
 	NOT-FOR-US: Symantec
-CVE-2013-1612 (Buffer overflow in secars.dll in the management console in Symantec ...)
+CVE-2013-1612
 	NOT-FOR-US: Symantec
-CVE-2013-1611 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-1611
 	NOT-FOR-US: Symantec Brightmail Gateway
-CVE-2013-1610 (Unquoted Windows search path vulnerability in RDDService in Symantec ...)
+CVE-2013-1610
 	NOT-FOR-US: Symantec
-CVE-2013-1609 (Multiple unquoted Windows search path vulnerabilities in the (1) File ...)
+CVE-2013-1609
 	NOT-FOR-US: Symantec
-CVE-2013-1608 (Directory traversal vulnerability in the Management Console on the ...)
+CVE-2013-1608
 	NOT-FOR-US: Symantec
 CVE-2013-1607
 	RESERVED
-CVE-2013-1606 (Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT ...)
+CVE-2013-1606
 	NOT-FOR-US: Ubiquiti UBNT AirCam
-CVE-2013-1605 (Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 ...)
+CVE-2013-1605
 	NOT-FOR-US: MayGion IP Cameras
-CVE-2013-1604 (Directory traversal vulnerability in MayGion IP Cameras with firmware ...)
+CVE-2013-1604
 	NOT-FOR-US: MayGion IP Cameras
 CVE-2013-1603
 	RESERVED
@@ -16004,425 +16004,425 @@ CVE-2013-1593
 	RESERVED
 CVE-2013-1592
 	RESERVED
-CVE-2013-1591 (Stack-based buffer overflow in libpixman, as used in Pale Moon before ...)
+CVE-2013-1591
 	- pixman 0.26.0-4 (bug #700308)
 	[squeeze] - pixman <not-affected> (Vulnerable code not present)
-CVE-2013-1590 (Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before ...)
+CVE-2013-1590
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
-CVE-2013-1589 (Double free vulnerability in epan/proto.c in the dissection engine in ...)
+CVE-2013-1589
 	- wireshark 1.8.6-1 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Not suitable for code injection
-CVE-2013-1588 (Multiple buffer overflows in the dissect_pft_fec_detailed function in ...)
+CVE-2013-1588
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47098
-CVE-2013-1587 (The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c ...)
+CVE-2013-1587
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7679
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44700
-CVE-2013-1586 (The fragment_set_tot_len function in epan/reassemble.c in Wireshark ...)
+CVE-2013-1586
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8111
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46999
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47000
-CVE-2013-1585 (epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 ...)
+CVE-2013-1585
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8112
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46705
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46678
-CVE-2013-1584 (The dissect_version_5_and_6_primary_header function in ...)
+CVE-2013-1584
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579
-CVE-2013-1583 (The dissect_version_4_primary_header function in ...)
+CVE-2013-1583
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46577
-CVE-2013-1582 (The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP ...)
+CVE-2013-1582
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7871
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45646
-CVE-2013-1571 (Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 ...)
+CVE-2013-1571
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-1570 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
+CVE-2013-1570
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-1569 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1569
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-1568 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1568
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1567 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
+CVE-2013-1567
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-1566 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
+CVE-2013-1566
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-1565 (Unspecified vulnerability in the Oracle GoldenGate Veridata component ...)
+CVE-2013-1565
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1564 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1564
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1563 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1563
 	- openjdk-6 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
 	- openjdk-7 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
-CVE-2013-1562 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1562
 	NOT-FOR-US: Oracle Financial Services
-CVE-2013-1561 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1561
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1560 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1560
 	NOT-FOR-US: Oracle Financial Services
-CVE-2013-1559 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2013-1559
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1558 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1558
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1557 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1557
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1556 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1556
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1555 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and ...)
+CVE-2013-1555
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1554 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+CVE-2013-1554
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1553 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
+CVE-2013-1553
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1552 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and ...)
+CVE-2013-1552
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1551 (Unspecified vulnerability in the Siebel Enterprise Application ...)
+CVE-2013-1551
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-1550 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-1550
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-1549 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1549
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1548 (Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows ...)
+CVE-2013-1548
 	{DSA-2780-1}
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.1)
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1547 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1547
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1546 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1546
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1545 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2013-1545
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1544 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
+CVE-2013-1544
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1543 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2013-1543
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-1542 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2013-1542
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1541 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1541
 	NOT-FOR-US: Oracle Finacial Services
-CVE-2013-1540 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1540
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1539 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1539
 	NOT-FOR-US: Oracle Financial Services
-CVE-2013-1538 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+CVE-2013-1538
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1537 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1537
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1536 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2013-1536
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2013-1535 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1535
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1534 (Unspecified vulnerability in the Workload Manager component in Oracle ...)
+CVE-2013-1534
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1533 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1533
 	NOT-FOR-US: Oracle financial Services Software
-CVE-2013-1532 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
+CVE-2013-1532
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1531 (Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and ...)
+CVE-2013-1531
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1530 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2013-1530
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-1529 (Unspecified vulnerability in the Oracle WebCenter Interaction ...)
+CVE-2013-1529
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1528 (Unspecified vulnerability in the Oracle HRMS component in Oracle ...)
+CVE-2013-1528
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1527 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-1527
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-1526 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows ...)
+CVE-2013-1526
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1525 (Unspecified vulnerability in the Oracle Retail Integration Bus ...)
+CVE-2013-1525
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-1524 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2013-1524
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1523 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and ...)
+CVE-2013-1523
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1522 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2013-1522
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1521 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and ...)
+CVE-2013-1521
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1520 (Unspecified vulnerability in the Oracle Clinical Remote Data Capture ...)
+CVE-2013-1520
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-1519 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2013-1519
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1518 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1518
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1517 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2013-1517
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1516 (Unspecified vulnerability in the Oracle WebCenter Capture component in ...)
+CVE-2013-1516
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1515 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2013-1515
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2013-1514 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2013-1514
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1513 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2013-1513
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-1512 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows ...)
+CVE-2013-1512
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1511 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and ...)
+CVE-2013-1511
 	{DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1510 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2013-1510
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-1509 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2013-1509
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1508 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2013-1508
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2013-1507 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2013-1507
 	NOT-FOR-US: Solaris
-CVE-2013-1506 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 ...)
+CVE-2013-1506
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1505 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2013-1505
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2013-1504 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2013-1504
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1503 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2013-1503
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1502 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 ...)
+CVE-2013-1502
 	{DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1501 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2013-1501
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1500 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1500
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-1499 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2013-1499
 	NOT-FOR-US: Solaris
-CVE-2013-1498 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2013-1498
 	NOT-FOR-US: Solaris
-CVE-2013-1497 (Unspecified vulnerability in the Oracle COREid Access component in ...)
+CVE-2013-1497
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1496 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2013-1496
 	NOT-FOR-US: Solaris
-CVE-2013-1495 (asr in Oracle Auto Service Request in Oracle Support Tools before ...)
+CVE-2013-1495
 	NOT-FOR-US: Oracle Auto Service Request
-CVE-2013-1494 (Unspecified vulnerability in Oracle Sun Solaris 10, when running on ...)
+CVE-2013-1494
 	NOT-FOR-US: Solaris
-CVE-2013-1493 (The color management (CMM) functionality in the 2D component in Oracle ...)
+CVE-2013-1493
 	- openjdk-6 6b27-1.12.4-1
 	- openjdk-7 7u3-2.1.7-1
-CVE-2013-1492 (Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and ...)
+CVE-2013-1492
 	{DSA-2780-1}
 	- mysql-5.1 <removed> (bug #712059)
 	- mysql-5.5 5.5.30+dfsg-1
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow
-CVE-2013-1491 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 ...)
+CVE-2013-1491
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-1490 (Unspecified vulnerability in Oracle Java SE 7 Update 11 (JRE ...)
+CVE-2013-1490
 	- openjdk-6 <not-affected> (Not exploitable in OpenJDK6)
 	- openjdk-7 <not-affected> (Icedtea 2.3 not affected)
-CVE-2013-1489 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1489
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1488 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 ...)
+CVE-2013-1488
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-1487 (Unspecified vulnerability in the Java Runtime Environment component in ...)
+CVE-2013-1487
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1486 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1486
 	- openjdk-7 7u3-2.1.6-1
 	- openjdk-6 6b27-1.12.3-1
-CVE-2013-1485 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1485
 	- openjdk-7 7u3-2.1.6-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-1484 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1484
 	- openjdk-7 7u3-2.1.6-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-1483 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-1483
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1482 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-1482
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1481 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1481
 	- openjdk-6 <not-affected> (Icedtea uses a different sound implementation than Oracle Java)
 	- openjdk-7 <not-affected> (Icedtea uses a different sound implementation than Oracle Java)
-CVE-2013-1480 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1480
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1479 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1479
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1478 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1478
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1477 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-1477
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1476 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1476
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1475 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1475
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1474 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-1474
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1473 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-1473
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1472 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-1472
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1471 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-1471
 	NOT-FOR-US: Fortinet FortiMail
-CVE-2013-1581 (The dissect_pft_fec_detailed function in ...)
+CVE-2013-1581
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1580 (The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c ...)
+CVE-2013-1580
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1579 (The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in ...)
+CVE-2013-1579
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1578 (The dissect_pw_eth_heuristic function in ...)
+CVE-2013-1578
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1577 (The dissect_sip_p_charging_func_addresses function in ...)
+CVE-2013-1577
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1576 (The dissect_sdp_media_attribute function in ...)
+CVE-2013-1576
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1575 (The dissect_r3_cmd_alarmconfigure function in ...)
+CVE-2013-1575
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1574 (The dissect_bthci_eir_ad_data function in ...)
+CVE-2013-1574
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1573 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in ...)
+CVE-2013-1573
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1572 (The dissect_oampdu_event_notification function in ...)
+CVE-2013-1572
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1470 (Cross-site scripting (XSS) vulnerability in calendar/index.php in the ...)
+CVE-2013-1470
 	NOTE: There was a RFP long time ago, bug #203818
 	NOTE: https://www.htbridge.com/advisory/HTB23143
 	NOT-FOR-US: Geeklog
-CVE-2013-1469 (Directory traversal vulnerability in install.php in Piwigo before ...)
+CVE-2013-1469
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 	NOTE: https://www.htbridge.com/advisory/HTB23144
-CVE-2013-1468 (Cross-site request forgery (CSRF) vulnerability in the LocalFiles ...)
+CVE-2013-1468
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 	NOTE: https://www.htbridge.com/advisory/HTB23144
 CVE-2013-1467
 	RESERVED
-CVE-2013-1466 (Multiple cross-site scripting (XSS) vulnerabilities in glFusion before ...)
+CVE-2013-1466
 	NOT-FOR-US: glFusion
-CVE-2013-1465 (The Cubecart::_basket method in classes/cubecart.class.php in CubeCart ...)
+CVE-2013-1465
 	NOT-FOR-US: CubeCart
-CVE-2013-1464 (Cross-site scripting (XSS) vulnerability in assets/player.swf in the ...)
+CVE-2013-1464
 	{DSA-2772-1}
 	- typo3-src 4.5.29+dfsg1-1
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-1463 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2013-1463
 	NOT-FOR-US: WordPress plugin
-CVE-2013-1462 (Integer signedness error in the ExecuteSoapAction function in the ...)
+CVE-2013-1462
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
-CVE-2013-1461 (The ExecuteSoapAction function in the SOAPAction handler in the HTTP ...)
+CVE-2013-1461
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
 CVE-2013-1460
 	RESERVED
@@ -16434,51 +16434,51 @@ CVE-2013-1457
 	RESERVED
 CVE-2013-1456
 	RESERVED
-CVE-2013-1455 (Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive ...)
+CVE-2013-1455
 	NOT-FOR-US: Joomla!
-CVE-2013-1454 (Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive ...)
+CVE-2013-1454
 	NOT-FOR-US: Joomla!
-CVE-2013-1453 (plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 ...)
+CVE-2013-1453
 	NOT-FOR-US: Joomla!
 CVE-2013-1452
 	RESERVED
 CVE-2013-4696
 	REJECTED
-CVE-2013-1451 (Microsoft Internet Explorer 8 and 9, when the Proxy Settings ...)
+CVE-2013-1451
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1450 (Microsoft Internet Explorer 8 and 9, when the Proxy Settings ...)
+CVE-2013-1450
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-1449
 	RESERVED
 CVE-2013-1448
 	RESERVED
-CVE-2013-1447 (OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of ...)
+CVE-2013-1447
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
 CVE-2013-1446
 	RESERVED
-CVE-2013-1445 (The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not ...)
+CVE-2013-1445
 	{DSA-2781-1}
 	- python-crypto 2.6.1-1
-CVE-2013-1444 (A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, ...)
+CVE-2013-1444
 	- txt2man 1.5.5-4.1 (bug #724614)
 	[wheezy] - txt2man <no-dsa> (Minor issue)
 	[squeeze] - txt2man <no-dsa> (Minor issue)
-CVE-2013-1443 (The authentication framework (django.contrib.auth) in Django 1.4.x ...)
+CVE-2013-1443
 	{DSA-2758-1}
 	- python-django 1.5.4-1 (bug #723043)
-CVE-2013-1442 (Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not ...)
+CVE-2013-1442
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: advisory say: In Xen 4.0.2 through 4.0.4 as well as in Xen 4.1.x XSAVE support is disabled by default
-CVE-2013-1441 (econvert in ExactImage 0.8.9 and earlier does not properly initialize ...)
+CVE-2013-1441
 	{DSA-2754-1}
 	- exactimage 0.8.9-2
 	NOTE: a different issue than CVE-2013-1438
 CVE-2013-1440
 	RESERVED
-CVE-2013-1439 (The &quot;faster LJPEG decoder&quot; in libraw 0.13.x, 0.14.x, and 0.15.x before ...)
+CVE-2013-1439
 	- libraw 0.15.4-1 (bug #721338)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	[squeeze] - libraw <no-dsa> (Minor issue)
@@ -16486,7 +16486,7 @@ CVE-2013-1439 (The &quot;faster LJPEG decoder&quot; in libraw 0.13.x, 0.14.x, an
 	[wheezy] - libkdcraw <no-dsa> (Minor issue)
 	- darktable 1.2.2-2 (bug #721339)
 	[wheezy] - darktable 1.0.4-1+deb7u2
-CVE-2013-1438 (Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in ...)
+CVE-2013-1438
 	{DSA-2748-1}
 	- libraw 0.15.4-1 (bug #721231)
 	[wheezy] - libraw <no-dsa> (Minor issue)
@@ -16514,30 +16514,30 @@ CVE-2013-1437 [Code execution when gathering version metadata]
 	NOTE: this is by 'design', but previous to version Module::Metadata 1.000015
 	NOTE: the statement was This module provides a standard way to gather metadata
 	NOTE: about a .pm file *without* executing unsafe code.
-CVE-2013-1436 (The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 ...)
+CVE-2013-1436
 	- xmonad-contrib 0.11.2-1 (low)
 	[squeeze] - xmonad-contrib <no-dsa> (Minor issue)
 	[wheezy] - xmonad-contrib 0.10-4~deb7u1
-CVE-2013-1435 ((1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote ...)
+CVE-2013-1435
 	{DSA-2739-1}
 	- cacti 0.8.8b+dfsg-1
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7392
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7393
-CVE-2013-1434 (Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) ...)
+CVE-2013-1434
 	{DSA-2739-1}
 	- cacti 0.8.8b+dfsg-1
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7394
 CVE-2013-1433
 	REJECTED
-CVE-2013-1432 (Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not ...)
+CVE-2013-1432
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: All Xen versions having the XSA-45/CVE-2013-1918 fixes applied are vulnerable
-CVE-2013-1431 (The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before ...)
+CVE-2013-1431
 	{DSA-2702-1}
 	- telepathy-gabble 0.16.6-1
-CVE-2013-1430 (An issue was discovered in xrdp before 0.9.1. When successfully logging ...)
+CVE-2013-1430
 	- xrdp 0.9.1~2016121126+git5171fa7-1
 	[jessie] - xrdp <no-dsa> (Minor issue)
 	[wheezy] - xrdp <no-dsa> (Minor issue)
@@ -16549,10 +16549,10 @@ CVE-2013-1430 (An issue was discovered in xrdp before 0.9.1. When successfully l
 CVE-2013-1429 [Lintian unsafe symlinks]
 	RESERVED
 	- lintian 2.5.10.5 (bug #705553; unimportant)
-CVE-2013-1428 (Stack-based buffer overflow in the receive_tcppacket function in ...)
+CVE-2013-1428
 	{DSA-2663-1}
 	- tinc 1.0.19-3
-CVE-2013-1427 (The configuration file for the FastCGI PHP support for lighttpd before ...)
+CVE-2013-1427
 	{DSA-2649-1}
 	- lighttpd 1.4.31-4
 CVE-2013-1426 [mahara: stored XSS in tinyMCE editor]
@@ -16569,61 +16569,61 @@ CVE-2013-1424 [matplotlib buffer overrun]
 	- matplotlib 1.4.2-3.1 (low; bug #775691)
 	[wheezy] - matplotlib <no-dsa> (Minor issue)
 	[squeeze] - matplotlib <no-dsa> (Minor issue)
-CVE-2013-1423 ((1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) ...)
+CVE-2013-1423
 	{DSA-2633-1}
 	- fusionforge 5.2.1+20130227-1
 CVE-2013-1422
 	RESERVED
-CVE-2013-1421 (Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar ...)
+CVE-2013-1421
 	- webcalendar <removed>
 CVE-2013-1420
 	RESERVED
 CVE-2013-1419
 	RESERVED
-CVE-2013-1418 (The setup_server_realm function in main.c in the Key Distribution ...)
+CVE-2013-1418
 	{DLA-1265-1}
 	- krb5 1.11.3+dfsg-3+nmu1 (low; bug #728845)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757
 	NOTE: https://github.com/krb5/krb5/commit/5d2d9a1abe46a2c1a8614d4672d08d9d30a5f8bf
-CVE-2013-1417 (do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 ...)
+CVE-2013-1417
 	- krb5 1.11.3+dfsg-3+nmu1 (low; bug #730085)
 	[squeeze] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
 	[wheezy] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
 	NOTE: https://github.com/krb5/krb5/commit/4c023ba43c16396f0d199e2df1cfa59b88b62acc
-CVE-2013-1416 (The prep_reprocess_req function in do_tgs_req.c in the Key ...)
+CVE-2013-1416
 	- krb5 1.10.1+dfsg-5 (low; bug #704775)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
-CVE-2013-1415 (The pkinit_check_kdc_pkid function in ...)
+CVE-2013-1415
 	- krb5 1.10.1+dfsg-4 (low)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: https://github.com/krb5/krb5/commit/c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed
 	NOTE: https://github.com/krb5/krb5/commit/b71f8c4aacea8849ceaf31a2fa95e143f3943097
-CVE-2013-1414 (Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet ...)
+CVE-2013-1414
 	NOT-FOR-US: Fortinet FortiOS on FortiGate firewall devices
-CVE-2013-1413 (Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit ...)
+CVE-2013-1413
 	NOT-FOR-US: synetics i-doit
-CVE-2013-1412 (DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary ...)
+CVE-2013-1412
 	NOT-FOR-US: DataLife Engine
 CVE-2013-1411
 	RESERVED
 CVE-2013-1410
 	RESERVED
-CVE-2013-1409 (Cross-site scripting (XSS) vulnerability in the CommentLuv plugin ...)
+CVE-2013-1409
 	NOT-FOR-US: CommentLuv plugin for Wordpress
-CVE-2013-1408 (Multiple SQL injection vulnerabilities in the Wysija Newsletters ...)
+CVE-2013-1408
 	NOT-FOR-US: WordPress plugin wysija-newsletters
-CVE-2013-1407 (Multiple cross-site scripting (XSS) vulnerabilities in the Events ...)
+CVE-2013-1407
 	NOT-FOR-US: WordPress plugin Events Master Pro
-CVE-2013-1406 (The Virtual Machine Communication Interface (VMCI) implementation in ...)
+CVE-2013-1406
 	NOT-FOR-US: VMware Workstation, Fusion, View, ESXi, ESX
-CVE-2013-1405 (VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, ...)
+CVE-2013-1405
 	NOT-FOR-US: VMware
 CVE-2013-1404
 	RESERVED
 CVE-2013-1403
 	RESERVED
-CVE-2013-1402 (DigiLIBE 3.4 and possibly other versions sends a redirect but does not ...)
+CVE-2013-1402
 	NOT-FOR-US: DigiLIBE
 CVE-2013-1401
 	RESERVED
@@ -16632,11 +16632,11 @@ CVE-2013-1400
 CVE-2013-0243 [Basic constraints vulnerability]
 	RESERVED
 	- haskell-tls-extra 0.4.6.1-1 (bug #698545)
-CVE-2013-1399 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
+CVE-2013-1399
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-1398 (The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does ...)
+CVE-2013-1398
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-1397 (Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote ...)
+CVE-2013-1397
 	- php-symfony2-yaml <not-affected> (Only affects versions 2.0, 2.1, 2.2)
 CVE-2013-1396
 	RESERVED
@@ -16644,7 +16644,7 @@ CVE-2013-1395
 	RESERVED
 CVE-2013-1394
 	RESERVED
-CVE-2013-1393 (Cross-site scripting (XSS) vulnerability in the CurvyCorners module ...)
+CVE-2013-1393
 	NOT-FOR-US: Drupal module CurvyCorners
 CVE-2013-1392
 	RESERVED
@@ -16652,66 +16652,66 @@ CVE-2013-1391
 	RESERVED
 CVE-2013-1390
 	RESERVED
-CVE-2013-1389 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, ...)
+CVE-2013-1389
 	NOT-FOR-US: Adobe ColdFusion 9.0
-CVE-2013-1388 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, ...)
+CVE-2013-1388
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-1387 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, ...)
+CVE-2013-1387
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-1386 (Adobe Shockwave Player before 12.0.2.122 allows attackers to execute ...)
+CVE-2013-1386
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-1385 (Adobe Shockwave Player before 12.0.2.122 does not prevent access to ...)
+CVE-2013-1385
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-1384 (Adobe Shockwave Player before 12.0.2.122 allows attackers to execute ...)
+CVE-2013-1384
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-1383 (Buffer overflow in Adobe Shockwave Player before 12.0.2.122 allows ...)
+CVE-2013-1383
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2013-1382
 	REJECTED
 CVE-2013-1381
 	REJECTED
-CVE-2013-1380 (Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on ...)
+CVE-2013-1380
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1379 (Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on ...)
+CVE-2013-1379
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1378 (Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on ...)
+CVE-2013-1378
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1377 (Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute ...)
+CVE-2013-1377
 	NOT-FOR-US: Adobe Digital Editions
-CVE-2013-1376 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-1376
 	NOT-FOR-US: Adobe Reader
-CVE-2013-1375 (Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 ...)
+CVE-2013-1375
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1374 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 ...)
+CVE-2013-1374
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1373 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1373
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1372 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1372
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1371 (Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on ...)
+CVE-2013-1371
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1370 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1370
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1369 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1369
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1368 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1368
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1367 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1367
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1366 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1366
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1365 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-1365
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1364 (The user.login function in Zabbix before 1.8.16 and 2.x before ...)
+CVE-2013-1364
 	- zabbix 1:2.0.4+dfsg-2 (bug #698541)
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: patches in https://support.zabbix.com/browse/ZBX-6097
 CVE-2013-1363
 	RESERVED
-CVE-2013-1362 (Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In ...)
+CVE-2013-1362
 	- nagios-nrpe 2.13-3 (low; bug #701227)
 	[squeeze] - nagios-nrpe <no-dsa> (Minor issue)
-CVE-2013-1361 (Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with ...)
+CVE-2013-1361
 	NOT-FOR-US: Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software
 CVE-2013-1360
 	RESERVED
@@ -16735,225 +16735,225 @@ CVE-2013-1351
 	RESERVED
 CVE-2013-1350
 	RESERVED
-CVE-2013-1349 (Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 ...)
+CVE-2013-1349
 	NOT-FOR-US: openSIS
-CVE-2013-1348 (The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote ...)
+CVE-2013-1348
 	- php-symfony2-yaml <not-affected> (Only affects version 2.0)
-CVE-2013-1347 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+CVE-2013-1347
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1346 (mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 ...)
+CVE-2013-1346
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2013-1345 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1345
 	NOT-FOR-US: Microsoft
-CVE-2013-1344 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1344
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1343 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1343
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1342 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1342
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1341 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1341
 	NOT-FOR-US: Microsoft
-CVE-2013-1340 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1340
 	NOT-FOR-US: Microsoft
-CVE-2013-1339 (The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2013-1339
 	NOT-FOR-US: Microsoft
-CVE-2013-1338 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-1338
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1337 (Microsoft .NET Framework 4.5 does not properly create policy ...)
+CVE-2013-1337
 	NOT-FOR-US: Microsoft .NET Framework 4.5
-CVE-2013-1336 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, ...)
+CVE-2013-1336
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-1335 (Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to ...)
+CVE-2013-1335
 	NOT-FOR-US: Microsoft Word
-CVE-2013-1334 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1334
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1333 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1333
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1332 (dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the ...)
+CVE-2013-1332
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1331 (Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac ...)
+CVE-2013-1331
 	NOT-FOR-US: Microsoft
-CVE-2013-1330 (The default configuration of Microsoft SharePoint Portal Server 2003 ...)
+CVE-2013-1330
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-1329 (Integer signedness error in Microsoft Publisher 2003 SP3 allows remote ...)
+CVE-2013-1329
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1328 (Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote ...)
+CVE-2013-1328
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1327 (Integer signedness error in Microsoft Publisher 2003 SP3 allows remote ...)
+CVE-2013-1327
 	NOT-FOR-US: Microsoft Publisher
 CVE-2013-1326
 	REJECTED
-CVE-2013-1325 (Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 ...)
+CVE-2013-1325
 	NOT-FOR-US: Microsoft
-CVE-2013-1324 (Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, ...)
+CVE-2013-1324
 	NOT-FOR-US: Microsoft
-CVE-2013-1323 (Microsoft Publisher 2003 SP3 does not properly handle NULL values for ...)
+CVE-2013-1323
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1322 (Microsoft Publisher 2003 SP3 does not properly check table range data, ...)
+CVE-2013-1322
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1321 (Microsoft Publisher 2003 SP3 does not properly check the data type of ...)
+CVE-2013-1321
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1320 (Buffer overflow in Microsoft Publisher 2003 SP3 allows remote ...)
+CVE-2013-1320
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1319 (Microsoft Publisher 2003 SP3 does not properly check the return value ...)
+CVE-2013-1319
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1318 (Microsoft Publisher 2003 SP3 allows remote attackers to execute ...)
+CVE-2013-1318
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1317 (Integer overflow in Microsoft Publisher 2003 SP3 allows remote ...)
+CVE-2013-1317
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1316 (Microsoft Publisher 2003 SP3 does not properly validate the size of an ...)
+CVE-2013-1316
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1315 (Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; ...)
+CVE-2013-1315
 	NOT-FOR-US: Microsoft
 CVE-2013-1314
 	REJECTED
-CVE-2013-1313 (Object Linking and Embedding (OLE) Automation in Microsoft Windows XP ...)
+CVE-2013-1313
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2013-1312 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 ...)
+CVE-2013-1312
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1311 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows ...)
+CVE-2013-1311
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1310 (Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 ...)
+CVE-2013-1310
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1309 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-1309
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1308 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-1308
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1307 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 ...)
+CVE-2013-1307
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1306 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2013-1306
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1305 (HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT ...)
+CVE-2013-1305
 	NOT-FOR-US: Microsoft
-CVE-2013-1304 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-1304
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1303 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-1303
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1302 (Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and ...)
+CVE-2013-1302
 	NOT-FOR-US: Microsoft
-CVE-2013-1301 (Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote ...)
+CVE-2013-1301
 	NOT-FOR-US: Microsoft Visio
-CVE-2013-1300 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2013-1300
 	NOT-FOR-US: Microsoft
-CVE-2013-1299 (Microsoft Windows Modern Mail allows remote attackers to spoof link ...)
+CVE-2013-1299
 	NOT-FOR-US: Microsoft Windows Modern Mail
 CVE-2013-1298
 	REJECTED
-CVE-2013-1297 (Microsoft Internet Explorer 6 through 8 does not properly restrict ...)
+CVE-2013-1297
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1296 (The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote ...)
+CVE-2013-1296
 	NOT-FOR-US: Microsoft Remote Desktop Connection Client
-CVE-2013-1295 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP ...)
+CVE-2013-1295
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1294 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2013-1294
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1293 (The NTFS kernel-mode driver in Microsoft Windows Vista SP2, Windows ...)
+CVE-2013-1293
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1292 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1292
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1291 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, ...)
+CVE-2013-1291
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1290 (Microsoft SharePoint Server 2013, in certain configurations involving ...)
+CVE-2013-1290
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-1289 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2013-1289
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-1288 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows ...)
+CVE-2013-1288
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1287 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2013-1287
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1286 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2013-1286
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1285 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2013-1285
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1284 (Race condition in the kernel in Microsoft Windows 8, Windows Server ...)
+CVE-2013-1284
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1283 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1283
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1282 (The LDAP service in Microsoft Active Directory, Active Directory ...)
+CVE-2013-1282
 	NOT-FOR-US: Microsoft
-CVE-2013-1281 (The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and ...)
+CVE-2013-1281
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1280 (The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 ...)
+CVE-2013-1280
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1279 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2013-1279
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1278 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, ...)
+CVE-2013-1278
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1277 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1277
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1276 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1276
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1275 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1275
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1274 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1274
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1273 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1273
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1272 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1272
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1271 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1271
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1270 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1270
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1269 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1269
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1268 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1268
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1267 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1267
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1266 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1266
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1265 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1265
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1264 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1264
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1263 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1263
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1262 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1262
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1261 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1261
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1260 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1260
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1259 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1259
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1258 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1258
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1257 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1257
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1256 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1256
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1255 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1255
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1254 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1254
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1253 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1253
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1252 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1252
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1251 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1251
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1250 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1250
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1249 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1249
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1248 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2013-1248
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1247 (Cross-site scripting (XSS) vulnerability in the wireless configuration ...)
+CVE-2013-1247
 	NOT-FOR-US: Cisco
-CVE-2013-1246 (Cisco TelePresence System Software does not properly handle inactive ...)
+CVE-2013-1246
 	NOT-FOR-US: Cisco
-CVE-2013-1245 (The user-management page in Cisco WebEx Social relies on client-side ...)
+CVE-2013-1245
 	NOT-FOR-US: Cisco WebEx Social
-CVE-2013-1244 (Cross-site scripting (XSS) vulnerability in the portal module in Cisco ...)
+CVE-2013-1244
 	NOT-FOR-US: Cisco WebEx Social
-CVE-2013-1243 (The IP stack in Cisco Intrusion Prevention System (IPS) Software in ...)
+CVE-2013-1243
 	NOT-FOR-US: Cisco
-CVE-2013-1242 (Memory leak in the web framework in the server in Cisco Unified ...)
+CVE-2013-1242
 	NOT-FOR-US: Cisco
-CVE-2013-1241 (The ISM module in Cisco IOS on ISR G2 routers does not properly handle ...)
+CVE-2013-1241
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1240 (The command-line interface in Cisco Unified Communications Manager ...)
+CVE-2013-1240
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-1239
 	RESERVED
@@ -16961,322 +16961,322 @@ CVE-2013-1238
 	RESERVED
 CVE-2013-1237
 	RESERVED
-CVE-2013-1236 (Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote ...)
+CVE-2013-1236
 	NOT-FOR-US: Cisco TelePresence Supervisor
-CVE-2013-1235 (Cisco Wireless LAN Controller (WLC) devices do not properly address ...)
+CVE-2013-1235
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1234 (The SNMP module in Cisco IOS XR allows remote authenticated users to ...)
+CVE-2013-1234
 	NOT-FOR-US: Cisco IOS XR
 CVE-2013-1233
 	REJECTED
-CVE-2013-1232 (The HTTP implementation in Cisco WebEx Node for MCS, WebEx Meetings ...)
+CVE-2013-1232
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1231 (The HTTP implementation in Cisco WebEx Node for MCS and WebEx Meetings ...)
+CVE-2013-1231
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1230 (Cisco Unified Communications Domain Manager allows remote attackers to ...)
+CVE-2013-1230
 	NOT-FOR-US: Cisco
-CVE-2013-1229 (TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence ...)
+CVE-2013-1229
 	NOT-FOR-US: Cisco
-CVE-2013-1228 (Cisco Jabber on Windows does not verify X.509 certificates from SSL ...)
+CVE-2013-1228
 	NOT-FOR-US: Cisco Jabber
-CVE-2013-1227 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2013-1227
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2013-1226 (The Ethernet frame-forwarding implementation in Cisco NX-OS on Nexus ...)
+CVE-2013-1226
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1225 (Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 ...)
+CVE-2013-1225
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1224 (Directory traversal vulnerability in the Resource Manager in Cisco ...)
+CVE-2013-1224
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1223 (The log viewer in Cisco Unified Customer Voice Portal (CVP) Software ...)
+CVE-2013-1223
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1222 (The Tomcat Web Management feature in Cisco Unified Customer Voice ...)
+CVE-2013-1222
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1221 (The Tomcat Web Management feature in Cisco Unified Customer Voice ...)
+CVE-2013-1221
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1220 (The CallServer component in Cisco Unified Customer Voice Portal (CVP) ...)
+CVE-2013-1220
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1219 (SensorApp in Cisco Intrusion Prevention System (IPS) allows local ...)
+CVE-2013-1219
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2013-1218 (Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP ...)
+CVE-2013-1218
 	NOT-FOR-US: Cisco
-CVE-2013-1217 (The generic input/output control implementation in Cisco IOS does not ...)
+CVE-2013-1217
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1216 (Memory leak in the SNMP module in Cisco IOS XR allows remote ...)
+CVE-2013-1216
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-1215 (The vpnclient program in the Easy VPN component on Cisco Adaptive ...)
+CVE-2013-1215
 	NOT-FOR-US: Cisco
-CVE-2013-1214 (The scripts editor in Cisco Unified Contact Center Express (aka ...)
+CVE-2013-1214
 	NOT-FOR-US: Cisco Unified Contact Center Express
-CVE-2013-1213 (Cisco NX-OS on the Nexus 1000V does not assign the proper priority to ...)
+CVE-2013-1213
 	NOT-FOR-US: Cisco
-CVE-2013-1212 (The SSL functionality in Cisco NX-OS on the Nexus 1000V does not ...)
+CVE-2013-1212
 	NOT-FOR-US: Cisco
-CVE-2013-1211 (Cisco NX-OS on the Nexus 1000V does not properly handle authentication ...)
+CVE-2013-1211
 	NOT-FOR-US: Cisco
-CVE-2013-1210 (Array index error in the Virtual Ethernet Module (VEM) kernel driver ...)
+CVE-2013-1210
 	NOT-FOR-US: Cisco
-CVE-2013-1209 (The encryption functionality in the Virtual Supervisor Module (VSM) to ...)
+CVE-2013-1209
 	NOT-FOR-US: Cisco
-CVE-2013-1208 (The encryption functionality in Cisco NX-OS on the Nexus 1000V does ...)
+CVE-2013-1208
 	NOT-FOR-US: Cisco
 CVE-2013-1207
 	RESERVED
 CVE-2013-1206
 	RESERVED
-CVE-2013-1205 (The Event Center module in Cisco WebEx Meetings Server does not ...)
+CVE-2013-1205
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2013-1204 (Memory leak in the SNMP process in Cisco IOS XR allows remote ...)
+CVE-2013-1204
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-1203 (Cisco ASA CX Context-Aware Security Software allows remote attackers ...)
+CVE-2013-1203
 	NOT-FOR-US: Cisco ASA
 CVE-2013-1202
 	RESERVED
 CVE-2013-1201
 	RESERVED
-CVE-2013-1200 (Session fixation vulnerability in Cisco Secure Access Control System ...)
+CVE-2013-1200
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-1199 (Race condition in the CIFS implementation in the rewriter module in ...)
+CVE-2013-1199
 	NOT-FOR-US: Cisco
-CVE-2013-1198 (Cross-site scripting (XSS) vulnerability in a Flash component in Cisco ...)
+CVE-2013-1198
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1197 (The XML parser in the server in Cisco Unified Presence (CUP) allows ...)
+CVE-2013-1197
 	NOT-FOR-US: Cisco Unified Presence
-CVE-2013-1196 (The command-line interface in Cisco Secure Access Control System ...)
+CVE-2013-1196
 	NOT-FOR-US: Cisco
-CVE-2013-1195 (The time-based ACL implementation on Cisco Adaptive Security ...)
+CVE-2013-1195
 	NOT-FOR-US: isco Adaptive Security Appliances
-CVE-2013-1194 (The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) ...)
+CVE-2013-1194
 	NOT-FOR-US: Cisco
-CVE-2013-1193 (The Secure Shell (SSH) implementation on Cisco Adaptive Security ...)
+CVE-2013-1193
 	NOT-FOR-US: Cisco
-CVE-2013-1192 (The JAR files on Cisco Device Manager for Cisco MDS 9000 devices ...)
+CVE-2013-1192
 	NOT-FOR-US: Cisco Device Manager
-CVE-2013-1191 (Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local ...)
+CVE-2013-1191
 	NOT-FOR-US: Cisco
-CVE-2013-1190 (The C-Series Rack Server component 1.4 in Cisco Unified Computing ...)
+CVE-2013-1190
 	NOT-FOR-US: Cisco
-CVE-2013-1189 (Cisco Universal Broadband (aka uBR) 10000 series routers, when an ...)
+CVE-2013-1189
 	NOT-FOR-US: Cisco Universal Broadband 10000 series routers
-CVE-2013-1188 (Cisco Unified Communications Manager (CUCM) does not properly limit ...)
+CVE-2013-1188
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-1187 (The Connection Manager in Cisco Jabber Extensible Communications ...)
+CVE-2013-1187
 	NOT-FOR-US: Cisco
-CVE-2013-1186 (Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before ...)
+CVE-2013-1186
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1185 (The web interface in the Manager component in Cisco Unified Computing ...)
+CVE-2013-1185
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1184 (The management API in the XML API management service in the Manager ...)
+CVE-2013-1184
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1183 (Buffer overflow in the Intelligent Platform Management Interface ...)
+CVE-2013-1183
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1182 (The login page in the Web Console in the Manager component in Cisco ...)
+CVE-2013-1182
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1181 (Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), ...)
+CVE-2013-1181
 	NOT-FOR-US: Cisco
-CVE-2013-1180 (Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus ...)
+CVE-2013-1180
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1179 (Multiple buffer overflows in the (1) SNMP and (2) License Manager ...)
+CVE-2013-1179
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1178 (Multiple buffer overflows in the Cisco Discovery Protocol (CDP) ...)
+CVE-2013-1178
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1177 (SQL injection vulnerability in Cisco Network Admission Control (NAC) ...)
+CVE-2013-1177
 	NOT-FOR-US: Cisco Network Admission Control Manager
-CVE-2013-1176 (The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before ...)
+CVE-2013-1176
 	NOT-FOR-US: Cisco
 CVE-2013-1175
 	REJECTED
-CVE-2013-1174 (Cisco Tivoli Business Service Manager (TBSM) in Hosted Collaboration ...)
+CVE-2013-1174
 	NOT-FOR-US: Cisco Tivoli Business Service Manager
-CVE-2013-1173 (Heap-based buffer overflow in ciscod.exe in the Cisco Security Service ...)
+CVE-2013-1173
 	NOT-FOR-US: Cisco AnyConnect
-CVE-2013-1172 (The Cisco Security Service in Cisco AnyConnect Secure Mobility Client ...)
+CVE-2013-1172
 	NOT-FOR-US: Cisco AnyConnect
-CVE-2013-1171 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2013-1171
 	NOT-FOR-US: Cisco Connected Grid Network Management System (CG-NMS)
-CVE-2013-1170 (The Cisco Prime Network Control System (NCS) appliance with software ...)
+CVE-2013-1170
 	NOT-FOR-US: Cisco Prime Network Control System
-CVE-2013-1169 (Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 ...)
+CVE-2013-1169
 	NOT-FOR-US: Cisco Unified MeetingPlace Web Conferencing Server
-CVE-2013-1168 (The web server in Cisco Unified MeetingPlace Application Server 7.x ...)
+CVE-2013-1168
 	NOT-FOR-US: Cisco Unified MeetingPlace Application Server
-CVE-2013-1167 (Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series ...)
+CVE-2013-1167
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1166 (Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before ...)
+CVE-2013-1166
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1165 (Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before ...)
+CVE-2013-1165
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1164 (Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series ...)
+CVE-2013-1164
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1163 (Multiple SQL injection vulnerabilities in the device-management ...)
+CVE-2013-1163
 	NOT-FOR-US: Cisco
-CVE-2013-1162 (The traffic engineering (TE) processing subsystem in Cisco IOS XR ...)
+CVE-2013-1162
 	NOT-FOR-US: Cisco
-CVE-2013-1161 (The XML parser in the Cisco Jabber IM application for Android allows ...)
+CVE-2013-1161
 	NOT-FOR-US: Cisco
-CVE-2013-1160 (Cross-site scripting (XSS) vulnerability in the OpenView web menus in ...)
+CVE-2013-1160
 	NOT-FOR-US: Cisco
-CVE-2013-1159 (Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) ...)
+CVE-2013-1159
 	NOT-FOR-US: Cisco
-CVE-2013-1158 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring ...)
+CVE-2013-1158
 	NOT-FOR-US: IBM
-CVE-2013-1157 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring ...)
+CVE-2013-1157
 	NOT-FOR-US: IBM
-CVE-2013-1156 (Directory traversal vulnerability in Cisco Prime Central for Hosted ...)
+CVE-2013-1156
 	NOT-FOR-US: Cisco
-CVE-2013-1155 (The auth-proxy functionality in Cisco Firewall Services Module (FWSM) ...)
+CVE-2013-1155
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2013-1154 (The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, ...)
+CVE-2013-1154
 	NOT-FOR-US: Cisco Small Business switches
-CVE-2013-1153 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
+CVE-2013-1153
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2013-1152 (Cisco Adaptive Security Appliances (ASA) devices with software 9.0 ...)
+CVE-2013-1152
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1151 (Cisco Adaptive Security Appliances (ASA) devices with software 7.x ...)
+CVE-2013-1151
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1150 (The authentication-proxy implementation on Cisco Adaptive Security ...)
+CVE-2013-1150
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1149 (Cisco Adaptive Security Appliances (ASA) devices with software 7.x ...)
+CVE-2013-1149
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1148 (The General Responder implementation in the IP Service Level Agreement ...)
+CVE-2013-1148
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1147 (The Protocol Translation (PT) functionality in Cisco IOS 12.3 through ...)
+CVE-2013-1147
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1146 (The Smart Install client functionality in Cisco IOS 12.2 and 15.0 ...)
+CVE-2013-1146
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1145 (Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based ...)
+CVE-2013-1145
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1144 (Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows ...)
+CVE-2013-1144
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1143 (The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through ...)
+CVE-2013-1143
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1142 (Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through ...)
+CVE-2013-1142
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1141 (The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) ...)
+CVE-2013-1141
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1140 (The XML parser in Cisco Security Monitoring, Analysis, and Response ...)
+CVE-2013-1140
 	NOT-FOR-US: Cisco Security MARS
-CVE-2013-1139 (The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 ...)
+CVE-2013-1139
 	NOT-FOR-US: Cisco Cloud Portal
-CVE-2013-1138 (The NAT process on Cisco Adaptive Security Appliances (ASA) devices ...)
+CVE-2013-1138
 	NOT-FOR-US: Cisco
-CVE-2013-1137 (Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 ...)
+CVE-2013-1137
 	NOT-FOR-US: Cisco Unified Presence Server
-CVE-2013-1136 (The crypto engine process in Cisco IOS on Aggregation Services Router ...)
+CVE-2013-1136
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1135 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance ...)
+CVE-2013-1135
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-1134 (The Location Bandwidth Manager (LBM) Intracluster-communication ...)
+CVE-2013-1134
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-1133 (Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 ...)
+CVE-2013-1133
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-1132 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
+CVE-2013-1132
 	NOT-FOR-US: Cisco
-CVE-2013-1131 (Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, ...)
+CVE-2013-1131
 	NOT-FOR-US: Cisco Small Business Wireless Access Points
-CVE-2013-1130 (Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak ...)
+CVE-2013-1130
 	NOT-FOR-US: Cisco
-CVE-2013-1129 (Memory leak in Cisco Unity Connection 9.x allows remote attackers to ...)
+CVE-2013-1129
 	NOT-FOR-US: Cisco
-CVE-2013-1128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2013-1128
 	NOT-FOR-US: Cisco Unified MeetingPlace
 CVE-2013-1127
 	RESERVED
 CVE-2013-1126
 	RESERVED
-CVE-2013-1125 (The command-line interface in Cisco Identity Services Engine Software, ...)
+CVE-2013-1125
 	NOT-FOR-US: Cisco
-CVE-2013-1124 (The Cisco Network Admission Control (NAC) agent on Mac OS X does not ...)
+CVE-2013-1124
 	NOT-FOR-US: Cisco Network Admission Control
-CVE-2013-1123 (Multiple cross-site scripting (XSS) vulnerabilities in the server in ...)
+CVE-2013-1123
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2013-1122 (Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport ...)
+CVE-2013-1122
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1121 (The regex engine in the BGP implementation in Cisco NX-OS, when a ...)
+CVE-2013-1121
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1120 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2013-1120
 	NOT-FOR-US: Cisco Unity Express
-CVE-2013-1119 (Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD ...)
+CVE-2013-1119
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1118 (Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) ...)
+CVE-2013-1118
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1117 (Buffer overflow in the exception handler in Cisco WebEx Recording ...)
+CVE-2013-1117
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1116 (Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player ...)
+CVE-2013-1116
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1115 (Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player ...)
+CVE-2013-1115
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1114 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity ...)
+CVE-2013-1114
 	NOT-FOR-US: Cisco Unity Express
-CVE-2013-1113 (Cross-site scripting (XSS) vulnerability in Cisco Unified ...)
+CVE-2013-1113
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2013-1112 (Cisco Carrier Routing System (CRS) allows remote attackers to cause a ...)
+CVE-2013-1112
 	NOT-FOR-US: Cisco Carrier Routing System
-CVE-2013-1111 (The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and ...)
+CVE-2013-1111
 	NOT-FOR-US: Cisco ATA 187 Analog Telephone Adaptor
-CVE-2013-1110 (Cisco WebEx Training Center allow remote authenticated users to bypass ...)
+CVE-2013-1110
 	NOT-FOR-US: Cisco WebEx Training Center
-CVE-2013-1109 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-1109
 	NOT-FOR-US: Cisco WebEx Training Center
-CVE-2013-1108 (Cisco WebEx Training Center allows remote authenticated users to ...)
+CVE-2013-1108
 	NOT-FOR-US: Cisco WebEx Training Center
-CVE-2013-1107 (The search function in Cisco Webex Social (formerly Cisco Quad) allows ...)
+CVE-2013-1107
 	NOT-FOR-US: Cisco Webex Social
 CVE-2013-1106
 	RESERVED
-CVE-2013-1105 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before ...)
+CVE-2013-1105
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1104 (The HTTP Profiling functionality on Cisco Wireless LAN Controller ...)
+CVE-2013-1104
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1103 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before ...)
+CVE-2013-1103
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1102 (The Wireless Intrusion Prevention System (wIPS) component on Cisco ...)
+CVE-2013-1102
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2013-1101
 	RESERVED
-CVE-2013-1100 (The HTTP server in Cisco IOS on Catalyst switches does not properly ...)
+CVE-2013-1100
 	NOT-FOR-US: Cisco IOS
 CVE-2013-1099
 	REJECTED
 CVE-2013-1098
 	RESERVED
-CVE-2013-1097 (Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in ...)
+CVE-2013-1097
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1096 (Cross-site scripting (XSS) vulnerability in the Roles Based ...)
+CVE-2013-1096
 	NOT-FOR-US: Novell Identity Manager
-CVE-2013-1095 (Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in ...)
+CVE-2013-1095
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1094 (Cross-site scripting (XSS) vulnerability in a ZCC page in ...)
+CVE-2013-1094
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1093 (Open redirect vulnerability in the fwdToURL function in the ZCC login ...)
+CVE-2013-1093
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1092 (Multiple unquoted Windows search path vulnerabilities in Novell ...)
+CVE-2013-1092
 	NOT-FOR-US: Novell ZENworks Desktop Management
-CVE-2013-1091 (Stack-based buffer overflow in Novell iPrint Client before 5.90 allows ...)
+CVE-2013-1091
 	NOT-FOR-US: Novell iPrint Client
-CVE-2013-1090 (The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership ...)
+CVE-2013-1090
 	- php-horde <not-affected> (SuSE specific packaging flaw)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=811369
 CVE-2013-1089
 	RESERVED
-CVE-2013-1088 (Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 ...)
+CVE-2013-1088
 	NOT-FOR-US: Novell iManager
-CVE-2013-1087 (Cross-site scripting (XSS) vulnerability in the client in Novell ...)
+CVE-2013-1087
 	NOT-FOR-US: Novell GroupWise
-CVE-2013-1086 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
+CVE-2013-1086
 	NOT-FOR-US: Novell GroupWise
-CVE-2013-1085 (Stack-based buffer overflow in the nim: protocol handler in Novell ...)
+CVE-2013-1085
 	NOT-FOR-US: Novell Messenger
-CVE-2013-1084 (Directory traversal vulnerability in the GetFle method in the umaninv ...)
+CVE-2013-1084
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1083 (Unspecified vulnerability in the login functionality in the Reporting ...)
+CVE-2013-1083
 	NOT-FOR-US: Novell Identity Manager
-CVE-2013-1082 (Directory traversal vulnerability in DUSAP.php in Novell ZENworks ...)
+CVE-2013-1082
 	NOT-FOR-US: Novell ZENworks
-CVE-2013-1081 (Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile ...)
+CVE-2013-1081
 	NOT-FOR-US: Novell ZENworks
-CVE-2013-1080 (The web server in Novell ZENworks Configuration Management (ZCM) 10.3 ...)
+CVE-2013-1080
 	NOT-FOR-US: Novell ZENworks
-CVE-2013-1079 (Directory traversal vulnerability in the ISCreateObject method in an ...)
+CVE-2013-1079
 	NOT-FOR-US: Novell ZENworks
 CVE-2013-1078
 	RESERVED
@@ -17294,48 +17294,48 @@ CVE-2013-1072
 	REJECTED
 CVE-2013-1071
 	REJECTED
-CVE-2013-1070 (Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as ...)
+CVE-2013-1070
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1069 (Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable ...)
+CVE-2013-1069
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1068 (The OpenStack Nova (python-nova) package 1:2013.2.3-0 before ...)
+CVE-2013-1068
 	- nova 2014.1.1-4 (bug #753579)
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	- cinder 2014.1.1-3 (bug #753585)
 	[wheezy] - cinder <not-affected> (Vulnerable code not present)
 	NOTE: Requires includedir to be defined in /etc/sudoers file
-CVE-2013-1067 (Apport 2.12.5 and earlier uses weak permissions for core dump files ...)
+CVE-2013-1067
 	[experimental] - apport 2.12.6-1 (bug #727661)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
-CVE-2013-1066 (language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and ...)
+CVE-2013-1066
 	NOT-FOR-US: language-selector
-CVE-2013-1065 (backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use ...)
+CVE-2013-1065
 	NOT-FOR-US: jockey
-CVE-2013-1064 (apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and ...)
+CVE-2013-1064
 	- apt-xapian-index 0.47 (low; bug #724837)
 	[wheezy] - apt-xapian-index <no-dsa> (Minor issue, only allows a possibly prohibited update of the Xapian package index)
 	[squeeze] - apt-xapian-index <no-dsa> (Minor issue, only allows a possibly prohibited update of the Xapian package index)
-CVE-2013-1063 (usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and ...)
+CVE-2013-1063
 	NOT-FOR-US: usb-creator
-CVE-2013-1062 (ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and ...)
+CVE-2013-1062
 	NOT-FOR-US: ubuntu-system-service
-CVE-2013-1061 (dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before ...)
+CVE-2013-1061
 	- software-properties 0.92.18 (low)
 	[wheezy] - software-properties <no-dsa> (Minor issue)
 	[squeeze] - software-properties <not-affected> (Vulnerable code not present)
-CVE-2013-1060 (A certain Ubuntu build procedure for perf, as distributed in the Linux ...)
+CVE-2013-1060
 	NOT-FOR-US: Ubuntu packaging specific
-CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote ...)
+CVE-2013-1059
 	{DSA-2745-1}
 	- linux 3.10.1-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (CEPH was introduced in 2.6.34)
-CVE-2013-1058 (maas-import-pxe-files in MAAS before 13.10 does not verify the ...)
+CVE-2013-1058
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1057 (Untrusted search path vulnerability in maas-import-pxe-files in MAAS ...)
+CVE-2013-1057
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1056 (X.org X server 1.13.3 and earlier, when not run as root, allows local ...)
+CVE-2013-1056
 	- xorg-server <not-affected> (Ubuntu-specific patch, see http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1056.html)
 CVE-2013-1055
 	RESERVED
@@ -17343,501 +17343,501 @@ CVE-2013-1054
 	RESERVED
 CVE-2013-1053
 	RESERVED
-CVE-2013-1052 (pam-xdg-support, as used in Ubuntu 12.10, does not properly handle the ...)
+CVE-2013-1052
 	NOT-FOR-US: pam-xdg-support (Ubuntu-specific package)
-CVE-2013-1051 (apt 0.8.16, 0.9.7, and possibly other versions does not properly ...)
+CVE-2013-1051
 	- apt 0.9.7.8
 	[squeeze] - apt <not-affected> (InRelease support not used)
-CVE-2013-1050 (The default configuration in gnome-screensaver 3.5.4 through 3.6.0 ...)
+CVE-2013-1050
 	- gnome-screensaver <not-affected> (Ubuntu-specific Unity patch)
-CVE-2013-1049 (Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 ...)
+CVE-2013-1049
 	{DSA-2635-1}
 	- cfingerd 1.4.3-3.1 (bug #700098)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425
-CVE-2013-1048 (The Debian apache2ctl script in the apache2 package squeeze before ...)
+CVE-2013-1048
 	{DSA-2637-1}
 	- apache2 2.2.22-13
-CVE-2013-1047 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1047
 	NOT-FOR-US: Apple iOS
-CVE-2013-1046 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1046
 	NOT-FOR-US: Apple iOS
-CVE-2013-1045 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1045
 	NOT-FOR-US: Apple iOS
-CVE-2013-1044 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1044
 	NOT-FOR-US: Apple iOS
-CVE-2013-1043 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1043
 	NOT-FOR-US: Apple iOS
-CVE-2013-1042 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1042
 	NOT-FOR-US: Apple iOS
-CVE-2013-1041 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1041
 	NOT-FOR-US: Apple iOS
-CVE-2013-1040 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1040
 	NOT-FOR-US: Apple iOS
-CVE-2013-1039 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1039
 	NOT-FOR-US: Apple iOS
-CVE-2013-1038 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1038
 	NOT-FOR-US: Apple iOS
-CVE-2013-1037 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...)
+CVE-2013-1037
 	NOT-FOR-US: Apple iOS
-CVE-2013-1036 (Safari in Apple iOS before 7 allows remote attackers to execute ...)
+CVE-2013-1036
 	NOT-FOR-US: Apple iOS
-CVE-2013-1035 (The iTunes ActiveX control in Apple iTunes before 11.1 allows remote ...)
+CVE-2013-1035
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1034 (Multiple cross-site scripting (XSS) vulnerabilities in Wiki Server in ...)
+CVE-2013-1034
 	NOT-FOR-US: Apple Mac OS X Server
-CVE-2013-1033 (Screen Lock in Apple Mac OS X before 10.8.5 does not properly track ...)
+CVE-2013-1033
 	NOT-FOR-US: Screen Lock in Apple Mac OS X
-CVE-2013-1032 (QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to ...)
+CVE-2013-1032
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2013-1031 (Power Management in Apple Mac OS X before 10.8.5 does not properly ...)
+CVE-2013-1031
 	NOT-FOR-US: Power Management in Apple Mac OS X
-CVE-2013-1030 (mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 ...)
+CVE-2013-1030
 	NOT-FOR-US: Mobile Device Management in Apple Mac OS X
-CVE-2013-1029 (The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to ...)
+CVE-2013-1029
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1028 (The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid ...)
+CVE-2013-1028
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1027 (Installer in Apple Mac OS X before 10.8.5 provides an option to ...)
+CVE-2013-1027
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1026 (Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows ...)
+CVE-2013-1026
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1025 (Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows ...)
+CVE-2013-1025
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1024 (CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly ...)
+CVE-2013-1024
 	NOT-FOR-US: CoreMedia Playback
-CVE-2013-1023 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers ...)
+CVE-2013-1023
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1022 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-1022
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1021 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-1021
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1020 (Apple QuickTime before 7.7.4 allows remote attackers to execute ...)
+CVE-2013-1020
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1019 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-1019
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1018 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-1018
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1017 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-1017
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1016 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-1016
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1015 (Apple QuickTime before 7.7.4 allows remote attackers to execute ...)
+CVE-2013-1015
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1014 (Apple iTunes before 11.0.3 does not properly verify X.509 ...)
+CVE-2013-1014
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1013 (XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly ...)
+CVE-2013-1013
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1012 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+CVE-2013-1012
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1011 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1011
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1010 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1010
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1009 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers ...)
+CVE-2013-1009
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1008 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1008
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1007 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1007
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1006 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1006
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1005 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1005
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1004 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1004
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1003 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1003
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1002 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1002
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1001 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1001
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1000 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-1000
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0999 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0999
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0998 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0998
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0997 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0997
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0996 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0996
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0995 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0995
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0994 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0994
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0993 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0993
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0992 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0992
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0991 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
+CVE-2013-0991
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0990 (SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, ...)
+CVE-2013-0990
 	NOT-FOR-US: Apple
-CVE-2013-0989 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-0989
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0988 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-0988
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0987 (Apple QuickTime before 7.7.4 allows remote attackers to execute ...)
+CVE-2013-0987
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0986 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
+CVE-2013-0986
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0985 (Disk Management in Apple Mac OS X before 10.8.4 does not properly ...)
+CVE-2013-0985
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0984 (Directory Service in Apple Mac OS X through 10.6.8 allows remote ...)
+CVE-2013-0984
 	NOT-FOR-US: Mac OS Server
-CVE-2013-0983 (Stack consumption vulnerability in CoreAnimation in Apple Mac OS X ...)
+CVE-2013-0983
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0982 (The Private Browsing feature in CFNetwork in Apple Mac OS X before ...)
+CVE-2013-0982
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0981 (The IOUSBDeviceFamily driver in the USB implementation in the kernel ...)
+CVE-2013-0981
 	NOT-FOR-US: Apple iOS
-CVE-2013-0980 (The Passcode Lock implementation in Apple iOS before 6.1.3 does not ...)
+CVE-2013-0980
 	NOT-FOR-US: Apple iOS
-CVE-2013-0979 (lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly ...)
+CVE-2013-0979
 	NOT-FOR-US: Apple iOS
-CVE-2013-0978 (The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 ...)
+CVE-2013-0978
 	NOT-FOR-US: Apple iOS
-CVE-2013-0977 (dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ...)
+CVE-2013-0977
 	NOT-FOR-US: Apple iOS
-CVE-2013-0976 (IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote ...)
+CVE-2013-0976
 	NOT-FOR-US: Mac OS X
-CVE-2013-0975 (Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 ...)
+CVE-2013-0975
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0974 (StoreKit in Apple iOS before 6.1 does not properly handle the ...)
+CVE-2013-0974
 	NOT-FOR-US: Apple StoreKit
-CVE-2013-0973 (Software Update in Apple Mac OS X through 10.7.5 does not prevent ...)
+CVE-2013-0973
 	NOT-FOR-US: Mac OS X
 CVE-2013-0972
 	RESERVED
-CVE-2013-0971 (Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 ...)
+CVE-2013-0971
 	NOT-FOR-US: Mac OS X
-CVE-2013-0970 (Messages in Apple Mac OS X before 10.8.3 allows remote attackers to ...)
+CVE-2013-0970
 	NOT-FOR-US: Mac OS X
-CVE-2013-0969 (Login Window in Apple Mac OS X before 10.8.3 does not prevent ...)
+CVE-2013-0969
 	NOT-FOR-US: Mac OS X
-CVE-2013-0968 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0968
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0967 (CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the ...)
+CVE-2013-0967
 	NOT-FOR-US: Mac OS X
-CVE-2013-0966 (The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac ...)
+CVE-2013-0966
 	NOT-FOR-US: Apple mod_hfs_apple
 CVE-2013-0965
 	RESERVED
-CVE-2013-0964 (The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not ...)
+CVE-2013-0964
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0963 (Identity Services in Apple iOS before 6.1 does not properly handle ...)
+CVE-2013-0963
 	NOT-FOR-US: Identity Services in Apple iOS
-CVE-2013-0962 (Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before ...)
+CVE-2013-0962
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0961 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
+CVE-2013-0961
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0960 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
+CVE-2013-0960
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0959 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0959
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0958 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0958
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0957 (Data Protection in Apple iOS before 7 allows attackers to bypass ...)
+CVE-2013-0957
 	NOT-FOR-US: Apple iOS
-CVE-2013-0956 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0956
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0955 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0955
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0954 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0954
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0953 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0953
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0952 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0952
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0951 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0951
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0950 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0950
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0949 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0949
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0948 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
+CVE-2013-0948
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0947 (EMC RSA Authentication Manager 8.0 before P1 allows local users to ...)
+CVE-2013-0947
 	NOT-FOR-US: EMC
-CVE-2013-0946 (Buffer overflow in the Library Control Program (LCP) in EMC AlphaStor ...)
+CVE-2013-0946
 	NOT-FOR-US: EMC
-CVE-2013-0945 (EMC Avamar Client before 6.1.101-89 does not verify that the server ...)
+CVE-2013-0945
 	NOT-FOR-US: EMC Avamar
-CVE-2013-0944 (The web-based file-restore interface in EMC Avamar Server before 6.1.0 ...)
+CVE-2013-0944
 	NOT-FOR-US: EMC Avamar
-CVE-2013-0943 (EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain ...)
+CVE-2013-0943
 	NOT-FOR-US: EMC
-CVE-2013-0942 (Cross-site scripting (XSS) vulnerability in EMC RSA Authentication ...)
+CVE-2013-0942
 	NOT-FOR-US: EMC RSA Authentication Agent
-CVE-2013-0941 (EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 ...)
+CVE-2013-0941
 	NOT-FOR-US: EMC
-CVE-2013-0940 (The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and ...)
+CVE-2013-0940
 	NOT-FOR-US: EMC NetWorker
-CVE-2013-0939 (EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, ...)
+CVE-2013-0939
 	NOT-FOR-US: EMC
-CVE-2013-0938 (Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop ...)
+CVE-2013-0938
 	NOT-FOR-US: EMC
-CVE-2013-0937 (Session fixation vulnerability in EMC Documentum Webtop before 6.7 ...)
+CVE-2013-0937
 	NOT-FOR-US: EMC
-CVE-2013-0936 (Cross-site scripting (XSS) vulnerability in EMC Smarts IP Manager, ...)
+CVE-2013-0936
 	NOT-FOR-US: EMC
-CVE-2013-0935 (EMC Smarts Network Configuration Manager (NCM) before 9.2 does not ...)
+CVE-2013-0935
 	NOT-FOR-US: EMC
-CVE-2013-0934 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework ...)
+CVE-2013-0934
 	NOT-FOR-US: EMC
-CVE-2013-0933 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer ...)
+CVE-2013-0933
 	NOT-FOR-US: EMC
-CVE-2013-0932 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework ...)
+CVE-2013-0932
 	NOT-FOR-US: EMC
-CVE-2013-0931 (EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not ...)
+CVE-2013-0931
 	NOT-FOR-US: EMC RSA
-CVE-2013-0930 (Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 ...)
+CVE-2013-0930
 	NOT-FOR-US: EMC AlphaStor
-CVE-2013-0929 (Format string vulnerability in the _vsnsprintf function in rrobotd.exe ...)
+CVE-2013-0929
 	NOT-FOR-US: EMC AlphaStor
-CVE-2013-0928 (The NetWorker command processor in rrobotd.exe in the Device Manager ...)
+CVE-2013-0928
 	NOT-FOR-US: EMC AlphaStor
-CVE-2013-0927 (Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c ...)
+CVE-2013-0927
 	NOT-FOR-US: Chrome OS
-CVE-2013-0926 (Google Chrome before 26.0.1410.43 does not properly handle active ...)
+CVE-2013-0926
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0925 (Google Chrome before 26.0.1410.43 does not ensure that an extension ...)
+CVE-2013-0925
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0924 (The extension functionality in Google Chrome before 26.0.1410.43 does ...)
+CVE-2013-0924
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0923 (The USB Apps API in Google Chrome before 26.0.1410.43 allows remote ...)
+CVE-2013-0923
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0922 (Google Chrome before 26.0.1410.43 does not properly restrict ...)
+CVE-2013-0922
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0921 (The Isolated Sites feature in Google Chrome before 26.0.1410.43 does ...)
+CVE-2013-0921
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0920 (Use-after-free vulnerability in the extension bookmarks API in Google ...)
+CVE-2013-0920
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0919 (Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on ...)
+CVE-2013-0919
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0918 (Google Chrome before 26.0.1410.43 does not prevent navigation to ...)
+CVE-2013-0918
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0917 (The URL loader in Google Chrome before 26.0.1410.43 allows remote ...)
+CVE-2013-0917
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0916 (Use-after-free vulnerability in the Web Audio implementation in Google ...)
+CVE-2013-0916
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0915 (The GPU process in Google Chrome OS before 25.0.1364.173 allows ...)
+CVE-2013-0915
 	NOT-FOR-US: Overflow in Chrome-specific libs
-CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux ...)
+CVE-2013-0914
 	{DSA-2668-1}
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-0913 (Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the ...)
+CVE-2013-0913
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code was introduced later)
-CVE-2013-0912 (WebKit in Google Chrome before 25.0.1364.160 allows remote attackers ...)
+CVE-2013-0912
 	- chromium-browser 25.0.1364.160-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0911 (Directory traversal vulnerability in Google Chrome before ...)
+CVE-2013-0911
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0910 (Google Chrome before 25.0.1364.152 does not properly manage the ...)
+CVE-2013-0910
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0909 (The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote ...)
+CVE-2013-0909
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0908 (Google Chrome before 25.0.1364.152 does not properly manage bindings ...)
+CVE-2013-0908
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0907 (Race condition in Google Chrome before 25.0.1364.152 allows remote ...)
+CVE-2013-0907
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0906 (The IndexedDB implementation in Google Chrome before 25.0.1364.152 ...)
+CVE-2013-0906
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0905 (Use-after-free vulnerability in Google Chrome before 25.0.1364.152 ...)
+CVE-2013-0905
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0904 (The Web Audio implementation in Google Chrome before 25.0.1364.152 ...)
+CVE-2013-0904
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0903 (Use-after-free vulnerability in Google Chrome before 25.0.1364.152 ...)
+CVE-2013-0903
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0902 (Use-after-free vulnerability in the frame-loader implementation in ...)
+CVE-2013-0902
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2013-0901
 	RESERVED
-CVE-2013-0900 (Race condition in the International Components for Unicode (ICU) ...)
+CVE-2013-0900
 	{DSA-2786-1}
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 4.8.1.1-12 (low; bug #702346)
 	[squeeze] - icu <no-dsa> (Minor issue for standalone ICU outside of browser context)
-CVE-2013-0899 (Integer overflow in the padding implementation in the ...)
+CVE-2013-0899
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
 	- opus 0.9.14+20120615-1+nmu1 (bug #704870)
-CVE-2013-0898 (Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on ...)
+CVE-2013-0898
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0897 (Off-by-one error in the PDF functionality in Google Chrome before ...)
+CVE-2013-0897
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0896 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before ...)
+CVE-2013-0896
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0895 (Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on ...)
+CVE-2013-0895
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0894 (Buffer overflow in the vorbis_parse_setup_hdr_floors function in the ...)
+CVE-2013-0894
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1 (bug #703200)
-CVE-2013-0893 (Race condition in Google Chrome before 25.0.1364.97 on Windows and ...)
+CVE-2013-0893
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0892 (Multiple unspecified vulnerabilities in the IPC layer in Google Chrome ...)
+CVE-2013-0892
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0891 (Integer overflow in Google Chrome before 25.0.1364.97 on Windows and ...)
+CVE-2013-0891
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0890 (Multiple unspecified vulnerabilities in the IPC layer in Google Chrome ...)
+CVE-2013-0890
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0889 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before ...)
+CVE-2013-0889
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0888 (Skia, as used in Google Chrome before 25.0.1364.97 on Windows and ...)
+CVE-2013-0888
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0887 (The developer-tools process in Google Chrome before 25.0.1364.97 on ...)
+CVE-2013-0887
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0886 (Google Chrome before 25.0.1364.99 on Mac OS X does not properly ...)
+CVE-2013-0886
 	- chromium-browser <not-affected> (Mac OS X only)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0885 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before ...)
+CVE-2013-0885
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0884 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before ...)
+CVE-2013-0884
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0883 (Skia, as used in Google Chrome before 25.0.1364.97 on Windows and ...)
+CVE-2013-0883
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0882 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before ...)
+CVE-2013-0882
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0881 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before ...)
+CVE-2013-0881
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0880 (Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on ...)
+CVE-2013-0880
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0879 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before ...)
+CVE-2013-0879
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0878 (The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 ...)
+CVE-2013-0878
 	- ffmpeg <not-affected> (Affected code not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected code not present in libav)
-CVE-2013-0877 (The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 ...)
+CVE-2013-0877
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0876 (Multiple integer overflows in the (1) old_codec37 and (2) old_codec47 ...)
+CVE-2013-0876
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0875 (The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in ...)
+CVE-2013-0875
 	- ffmpeg <not-affected> (Affected code not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected code not present in libav)
-CVE-2013-0874 (The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff.c ...)
+CVE-2013-0874
 	- ffmpeg <not-affected> (Affected code not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected code not present in libav)
-CVE-2013-0873 (The read_header function in libavcodec/shorten.c in FFmpeg before ...)
+CVE-2013-0873
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1 (bug #717009)
 	NOTE: Commit in libav trunk http://git.libav.org/?p=libav.git;a=commit;h=c10da30d8426a1f681d99a780b6e311f7fb4e5c5
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4f1279154ee9baf2078241bf5619774970d18b25
 	NOTE: Fix needed for ffmpeg 0.5
-CVE-2013-0872 (The swr_init function in libswresample/swresample.c in FFmpeg before ...)
+CVE-2013-0872
 	- ffmpeg <not-affected> (libswresample not yet present in ffmpeg/0.5)
 	- libav <not-affected> (libswresample not present in libav, linavresamle not affected)
-CVE-2013-0871 (Race condition in the ptrace functionality in the Linux kernel before ...)
+CVE-2013-0871
 	{DSA-2632-1}
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
-CVE-2013-0870 (The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check ...)
+CVE-2013-0870
 	- ffmpeg <not-affected> (No threading support in vp3 from ffmpeg 0.5)
 	- libav <not-affected> (Vulnerable code added in ffmpeg post-merge)
-CVE-2013-0869 (The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 ...)
+CVE-2013-0869
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=706acb558a38eba633056773280155d66c2f4b24
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=695af8eed642ff0104834495652d1ee784a4c14d
 	NOTE: Fix needed in ffmpeg 0.5
-CVE-2013-0868 (libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers ...)
+CVE-2013-0868
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.3-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f67a0d115254461649470452058fa3c28c0df294
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
-CVE-2013-0867 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
+CVE-2013-0867
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Code in libav is different/not affect as per libav h264 maintainer)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=11c99c78bafa77f679a1a3ba06ad00984b9a4cae
-CVE-2013-0866 (The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before ...)
+CVE-2013-0866
 	{DSA-2793-1}
 	- ffmpeg <not-affected> (Code in 0.5 is different/not affected)
 	- libav 6:0.8.7-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=96f452ac647dae33c53c242ef3266b65a9beafb6
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a943a132f36f4df8fe2f749744677b71984abce7
-CVE-2013-0865 (The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg ...)
+CVE-2013-0865
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.8-1 (bug #717009)
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=f7d18deb73d1dd1b27b2c7062c9a10d168a6c62a
-CVE-2013-0864 (The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before ...)
+CVE-2013-0864
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
 	- libav <not-affected> ((These changes are specific to ffmpeg and don't affect libav)
-CVE-2013-0863 (Buffer overflow in the rle_decode function in libavcodec/sanm.c in ...)
+CVE-2013-0863
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0862 (Multiple integer overflows in the process_frame_obj function in ...)
+CVE-2013-0862
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0861 (The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg ...)
+CVE-2013-0861
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
 	- libav <not-affected> (Affected code not present in libav 0.8.x)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d270c3202539e8364c46410e15f7570800e33343
 	NOTE: Affects the libav version in experimental
-CVE-2013-0860 (The ff_er_frame_end function in libavcodec/error_resilience.c in ...)
+CVE-2013-0860
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.1-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=23318a57358358e7a4dc551e830e4503f0638cfe
 	NOTE: [Vittorio] not present in master and 10, fix pushed to 9 and 0.8
-CVE-2013-0859 (The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg ...)
+CVE-2013-0859
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
 	- libav <not-affected> ((These changes are specific to ffmpeg and don't affect libav)
-CVE-2013-0858 (The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg ...)
+CVE-2013-0858
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -17845,45 +17845,45 @@ CVE-2013-0858 (The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=13451f5520ce6b0afde861b2285dda659f8d4fb4
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=50cf5a7fb78846fc39b3ecdaa896a10bcd74da2a
 	NOTE: Fixed in 0.8.9
-CVE-2013-0857 (The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before ...)
+CVE-2013-0857
 	{DSA-2793-1}
 	- ffmpeg <not-affected> (IFF PBM/ILBM bitmap decoder not present in 0.5 ffmpeg)
 	- libav 6:9.9-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2fbb37b51bbea891392ad357baf8f3dff00bac05
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=7d65e960c72f36b73ae7fe84f8e427d758e61da9
 	NOTE: Fixed in 0.8.9
-CVE-2013-0856 (The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 ...)
+CVE-2013-0856
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.10-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fd4f4923cce6a2cbf4f48640b4ac706e614a1594
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=78aa2ed620178044a227fbbe48f749c0dc86023f
-CVE-2013-0855 (Integer overflow in the alac_decode_close function in ...)
+CVE-2013-0855
 	- ffmpeg <not-affected> (0.5 series not affected)
 	- libav 6:9.9-1 (bug #717009)
 	[wheezy] - libav <not-affected> (0.8 series not affected)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3920d1387834e2bc334aff9f518f4beb24e470bd
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=f7c5883126f9440547933eefcf000aa78af4821c
-CVE-2013-0854 (The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c ...)
+CVE-2013-0854
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.8-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1f41cffe1e3e79620f587545bdfcbd7e6e68ed29
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=cfbd98abe82cfcb9984a18d08697251b72b110c8
-CVE-2013-0853 (The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg ...)
+CVE-2013-0853
 	{DSA-2793-1}
 	- ffmpeg <not-affected> (Vulnerability introduced later)
 	- libav 6:0.8.8-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=be818df547c3b0ae4fadb50fd210139a8636706a
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=ed50673066956d6f2201a57c3254569f2ab08d9d
-CVE-2013-0852 (The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg ...)
+CVE-2013-0852
 	{DSA-3003-1}
 	- ffmpeg <not-affected> (PGS subtitle decoder not present)
 	- libav 6:10.3-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c0d68be555f5858703383040e04fcd6529777061
-CVE-2013-0851 (The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 ...)
+CVE-2013-0851
 	{DSA-3003-1}
 	- ffmpeg <not-affected> (Electronic Arts Madcow Video decoder not present in ffmpeg 0.5)
 	- libav 6:10.3-1
@@ -17891,32 +17891,32 @@ CVE-2013-0851 (The decode_frame function in libavcodec/eamad.c in FFmpeg before
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f9204ec56a4cf73843d1e5b8563d3584c2c05b47 (v10)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e8ff7972064631afbdf240ec6bfd9dec30cf2ce8 (v9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=187cfd3c13a1deb47661486824a5b8f41e158a7a (v0.8)
-CVE-2013-0850 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
+CVE-2013-0850
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.7-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6c184880ee2e09fd68c0ae217173832cee5afc1
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6e5cdf26281945ddea3aaf5eca4d127791f23ca8
-CVE-2013-0849 (The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg ...)
+CVE-2013-0849
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.3-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3ae610451170cd5a28b33950006ff0bd23036845
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=488f87be873506abb01d67708a67c10a4dd29283
-CVE-2013-0848 (The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 ...)
+CVE-2013-0848
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a7153444df9040bf6ae103e0bbf6104b66f974cb
-CVE-2013-0847 (The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before ...)
+CVE-2013-0847
 	- ffmpeg <not-affected> (Affected code not present in ffmpeg 0.5)
 	- libav <not-affected> (Code in libav is different, read_ttag)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=10416a4d56fa8a89784e4fb62099c3cab17a9952
-CVE-2013-0846 (Array index error in the qdm2_decode_super_block function in ...)
+CVE-2013-0846
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -17924,7 +17924,7 @@ CVE-2013-0846 (Array index error in the qdm2_decode_super_block function in ...)
 	NOTE: ffmpeg commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=39bec05ed42e505d17877b0c23f16322f9b5883b
 	NOTE: Needed for ffmpeg 0.5
-CVE-2013-0845 (libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to ...)
+CVE-2013-0845
 	{DSA-2855-1}
 	- ffmpeg <not-affected> (MPEG-4 ALS decoder not present in ffmpeg/0.5)
 	- libav 6:9.11-1
@@ -17932,7 +17932,7 @@ CVE-2013-0845 (libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attacker
 	NOTE: Fixed in revisions: v9-2748-g2a0fb72, v9.10-7-g3f7d890
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=2a0fb72
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=3f7d890
-CVE-2013-0844 (Off-by-one error in the adpcm_decode_frame function in ...)
+CVE-2013-0844
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -17940,53 +17940,53 @@ CVE-2013-0844 (Off-by-one error in the adpcm_decode_frame function in ...)
 	NOTE: ffmpeg commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f18c873ab5ee3c78d00fdcc2582b39c133faecb4
 	NOTE: libav commit: https://git.libav.org/?p=libav.git;a=commitdiff;h=12576afe206d35231ccd61f9033c5fdab6a11e
 	NOTE: Fixed in 0.8.9
-CVE-2013-0843 (content/renderer/media/webrtc_audio_renderer.cc in Google Chrome ...)
+CVE-2013-0843
 	- chromium-browser <not-affected> (MacOS-specific)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0842 (Google Chrome before 24.0.1312.56 does not properly handle %00 ...)
+CVE-2013-0842
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0841 (Array index error in the content-blocking functionality in Google ...)
+CVE-2013-0841
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0840 (Google Chrome before 24.0.1312.56 does not validate URLs during the ...)
+CVE-2013-0840
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0839 (Use-after-free vulnerability in Google Chrome before 24.0.1312.56 ...)
+CVE-2013-0839
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0838 (Google Chrome before 24.0.1312.52 on Linux uses weak permissions for ...)
+CVE-2013-0838
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0837 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
+CVE-2013-0837
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0836 (Google V8 before 3.14.5.3, as used in Google Chrome before ...)
+CVE-2013-0836
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8 <not-affected> (bug #702261; vulnerablility was fixed by reverting to old implementation as found in version 3.8.9.20)
-CVE-2013-0835 (Unspecified vulnerability in the Geolocation implementation in Google ...)
+CVE-2013-0835
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0834 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
+CVE-2013-0834
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0833 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
+CVE-2013-0833
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0832 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
+CVE-2013-0832
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0831 (Directory traversal vulnerability in Google Chrome before 24.0.1312.52 ...)
+CVE-2013-0831
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0830 (The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a ...)
+CVE-2013-0830
 	- chromium-browser <not-affected> (Only affects Windows)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0829 (Google Chrome before 24.0.1312.52 does not properly maintain database ...)
+CVE-2013-0829
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0828 (The PDF functionality in Google Chrome before 24.0.1312.52 does not ...)
+CVE-2013-0828
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2013-0827
@@ -18021,28 +18021,28 @@ CVE-2013-0813
 	RESERVED
 CVE-2013-0812
 	RESERVED
-CVE-2013-0811 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 ...)
+CVE-2013-0811
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0810 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows ...)
+CVE-2013-0810
 	NOT-FOR-US: Microsoft
-CVE-2013-0809 (Unspecified vulnerability in the 2D component in the Java Runtime ...)
+CVE-2013-0809
 	- openjdk-6 6b27-1.12.4-1
 	- openjdk-7 7u3-2.1.7-1
 CVE-2013-0808
 	RESERVED
-CVE-2013-0807 (Cross-site scripting (XSS) vulnerability in the NewSectionPrompt ...)
+CVE-2013-0807
 	NOT-FOR-US: gpEasy CMS
 CVE-2013-0806
 	RESERVED
-CVE-2013-0805 (Multiple cross-site scripting (XSS) vulnerabilities in the search ...)
+CVE-2013-0805
 	NOT-FOR-US: IT Operations Portal
-CVE-2013-0804 (The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before ...)
+CVE-2013-0804
 	NOT-FOR-US: GroupWise
 CVE-2013-0803
 	RESERVED
 CVE-2013-0802
 	RESERVED
-CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0801
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18051,7 +18051,7 @@ CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
+CVE-2013-0800
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18064,13 +18064,13 @@ CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
 	NOTE: The description is misleading: Firefox embeds a copy of Cairo, the interdiff
 	NOTE: shows the respective change at mozilla-esr17/gfx/cairo/cairo/src/cairo-image-surface.c
 	NOTE: Apparently the forked copy has changed, the code isn't present in vanilla Cairo
-CVE-2013-0799 (Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox ...)
+CVE-2013-0799
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
-CVE-2013-0798 (Mozilla Firefox before 20.0 on Android uses world-writable and ...)
+CVE-2013-0798
 	- iceweasel <not-affected> (Only affects Firefox on Android)
-CVE-2013-0797 (Untrusted search path vulnerability in the Mozilla Updater in Mozilla ...)
+CVE-2013-0797
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
-CVE-2013-0796 (The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x ...)
+CVE-2013-0796
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18079,7 +18079,7 @@ CVE-2013-0796 (The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 1
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
+CVE-2013-0795
 	{DSA-2720-1 DSA-2699-1}
 	- icedove 17.0.7-1
 	[squeeze] - icedove <end-of-life>
@@ -18088,13 +18088,13 @@ CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox b
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent ...)
+CVE-2013-0794
 	- iceweasel 17.0.5esr-1 (low)
 	[squeeze] - iceweasel <end-of-life>
 	- iceape <removed> (low)
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
+CVE-2013-0793
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18103,22 +18103,22 @@ CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0792 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when ...)
+CVE-2013-0792
 	- iceweasel 17.0.5esr-1 (low)
 	[squeeze] - iceweasel <end-of-life>
 	- iceape <removed> (low)
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0791 (The CERT_DecodeCertPackage function in Mozilla Network Security ...)
+CVE-2013-0791
 	- nss 2:3.14.3-1 (unimportant)
 	NOTE: client crash only
-CVE-2013-0790 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2013-0790
 	- iceweasel <not-affected> (Only affects Firefox on Android)
-CVE-2013-0789 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0789
 	- iceweasel <not-affected> (Only affects Firefox 19)
 	- icedove <not-affected> (Only affects Firefox 19)
 	- iceape <not-affected> (Only affects Firefox 19)
-CVE-2013-0788 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0788
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18127,7 +18127,7 @@ CVE-2013-0788 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- icedove 17.0.5-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
+CVE-2013-0787
 	{DSA-2699-1}
 	[squeeze] - iceweasel <end-of-life>
 	- iceweasel 17.0.5esr-1
@@ -18136,19 +18136,19 @@ CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted func
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0786 (The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x ...)
+CVE-2013-0786
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2013-0785 (Cross-site scripting (XSS) vulnerability in show_bug.cgi in Bugzilla ...)
+CVE-2013-0785
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2013-0784 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0784
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0783
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18157,7 +18157,7 @@ CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
+CVE-2013-0782
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18166,11 +18166,11 @@ CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConve
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0781 (Use-after-free vulnerability in the nsPrintEngine::CommonPrint ...)
+CVE-2013-0781
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0780 (Use-after-free vulnerability in the ...)
+CVE-2013-0780
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18179,19 +18179,19 @@ CVE-2013-0780 (Use-after-free vulnerability in the ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0779 (The nsCodingStateMachine::NextState function in Mozilla Firefox before ...)
+CVE-2013-0779
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0778 (The ClusterIterator::NextCluster function in Mozilla Firefox before ...)
+CVE-2013-0778
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0777 (Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint ...)
+CVE-2013-0777
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
+CVE-2013-0776
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18200,7 +18200,7 @@ CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0775 (Use-after-free vulnerability in the ...)
+CVE-2013-0775
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18209,11 +18209,11 @@ CVE-2013-0775 (Use-after-free vulnerability in the ...)
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0774 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
+CVE-2013-0774
 	- iceape <not-affected> (Introduced in Firefox 15)
 	- iceweasel <not-affected> (Introduced in Firefox 15)
 	- icedove <not-affected> (Introduced in Firefox 15)
-CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) ...)
+CVE-2013-0773
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18222,152 +18222,152 @@ CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) ...
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0772 (The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, ...)
+CVE-2013-0772
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0771 (Heap-based buffer overflow in the ...)
+CVE-2013-0771
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0770 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0770
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0769 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0769
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 10.0.12-1
 	[squeeze] - icedove <end-of-life>
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0768 (Stack-based buffer overflow in the Canvas implementation in Mozilla ...)
+CVE-2013-0768
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0767 (The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox ...)
+CVE-2013-0767
 	[squeeze] - iceweasel <end-of-life>
 	- iceweasel 10.0.12esr-1
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0766 (Use-after-free vulnerability in the ~nsHTMLEditRules implementation in ...)
+CVE-2013-0766
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0765 (Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey ...)
+CVE-2013-0765
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0764 (The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox ...)
+CVE-2013-0764
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0763 (Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ...)
+CVE-2013-0763
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0762 (Use-after-free vulnerability in the imgRequest::OnStopFrame function ...)
+CVE-2013-0762
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0761 (Use-after-free vulnerability in the ...)
+CVE-2013-0761
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0760 (Buffer overflow in the CharDistributionAnalysis::HandleOneChar ...)
+CVE-2013-0760
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0759 (Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x ...)
+CVE-2013-0759
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0758 (Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x ...)
+CVE-2013-0758
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0757 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+CVE-2013-0757
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0756 (Use-after-free vulnerability in the obj_toSource function in Mozilla ...)
+CVE-2013-0756
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0755 (Use-after-free vulnerability in the mozVibrate implementation in the ...)
+CVE-2013-0755
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0754 (Use-after-free vulnerability in the ListenerManager implementation in ...)
+CVE-2013-0754
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0753 (Use-after-free vulnerability in the serializeToStream implementation ...)
+CVE-2013-0753
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 10.0.12-1
 	[squeeze] - icedove <end-of-life>
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0752 (Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, ...)
+CVE-2013-0752
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0751 (Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do ...)
+CVE-2013-0751
 	- iceape <not-affected> (Android-specific)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
-CVE-2013-0750 (Integer overflow in the JavaScript implementation in Mozilla Firefox ...)
+CVE-2013-0750
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0749 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2013-0749
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0748 (The XBL.__proto__.toString implementation in Mozilla Firefox before ...)
+CVE-2013-0748
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0747 (The gPluginHandler.handleEvent function in the plugin handler in ...)
+CVE-2013-0747
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0746 (Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x ...)
+CVE-2013-0746
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0745 (The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ...)
+CVE-2013-0745
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0744 (Use-after-free vulnerability in the ...)
+CVE-2013-0744
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 10.0.12-1
@@ -18376,11 +18376,11 @@ CVE-2013-0744 (Use-after-free vulnerability in the ...)
 	[squeeze] - iceape <end-of-life>
 CVE-2013-0743
 	REJECTED
-CVE-2013-0742 (Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote ...)
+CVE-2013-0742
 	NOT-FOR-US: Corel PDF Fusion
-CVE-2013-0741 (Cross-site scripting (XSS) vulnerability in imagegen.ashx in ...)
+CVE-2013-0741
 	NOT-FOR-US: Percipient Studios ImageGen
-CVE-2013-0740 (Open redirect vulnerability in Dell OpenManage Server Administrator ...)
+CVE-2013-0740
 	NOT-FOR-US: Dell OpenManage Server Administrator
 CVE-2013-0739
 	RESERVED
@@ -18388,86 +18388,86 @@ CVE-2013-0738
 	RESERVED
 CVE-2013-0737
 	RESERVED
-CVE-2013-0736 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2013-0736
 	NOT-FOR-US: mingle forum plugin for wp
-CVE-2013-0735 (Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle ...)
+CVE-2013-0735
 	NOT-FOR-US: Mingle Forum Wordpress plugin
-CVE-2013-0734 (Multiple cross-site scripting (XSS) vulnerabilities in the Mingle ...)
+CVE-2013-0734
 	NOT-FOR-US: Mingle Forum Wordpress plugin
-CVE-2013-0733 (Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 ...)
+CVE-2013-0733
 	NOT-FOR-US: Corel PaintShop Pro
-CVE-2013-0732 (Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before ...)
+CVE-2013-0732
 	NOT-FOR-US: Nuance PDF Reader
-CVE-2013-0731 (ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress ...)
+CVE-2013-0731
 	NOT-FOR-US: MailUp plugin for Wordpress
-CVE-2013-0730 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x ...)
+CVE-2013-0730
 	NOT-FOR-US: Newscoop
-CVE-2013-0729 (Heap-based buffer overflow in Tracker Software PDF-XChange before ...)
+CVE-2013-0729
 	NOT-FOR-US: Tracker Software PDF-XChange
-CVE-2013-0728 (Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS ...)
+CVE-2013-0728
 	NOT-FOR-US: ERDAS ECWP Browser Plugin
-CVE-2013-0727 (Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 ...)
+CVE-2013-0727
 	NOT-FOR-US: Global Mapper
-CVE-2013-0726 (Stack-based buffer overflow in the ERM_convert_to_correct_webpath ...)
+CVE-2013-0726
 	NOT-FOR-US: ERDAS ER Viewer
 CVE-2013-0725
 	RESERVED
-CVE-2013-0724 (PHP remote file inclusion vulnerability in includes/generate-pdf.php ...)
+CVE-2013-0724
 	NOT-FOR-US: Wordpress plugin ecommerce Shop Styling
-CVE-2013-0723 (Multiple heap-based buffer overflows in etxrw.dll in Kingsoft ...)
+CVE-2013-0723
 	NOT-FOR-US: Kingsoft Spreadsheets
-CVE-2013-0722 (Stack-based buffer overflow in the scan_load_hosts function in ...)
+CVE-2013-0722
 	- ettercap 1:0.7.5.1-2 (low; bug #697987)
 	[squeeze] - ettercap 1:0.7.3-2.1+squeeze1
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/10/2
 	NOTE: http://www.exploit-db.com/exploits/23945/
 	NOTE: https://secunia.com/advisories/51731/
 	NOTE: Proposed patch http://www.securation.com/files/2013/01/ec.patch
-CVE-2013-0721 (wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress ...)
+CVE-2013-0721
 	NOT-FOR-US: WordPress plugin
-CVE-2013-0720 (The COBIME application before 0.9.4 for Android uses weak permissions ...)
+CVE-2013-0720
 	NOT-FOR-US: COBIME
-CVE-2013-0719 (The ArtIME Japanese Input application 1.1.2 and earlier for Android ...)
+CVE-2013-0719
 	NOT-FOR-US: ArtIME Japanese Input application
-CVE-2013-0718 (The Simeji application 4.8.1 and earlier for Android uses weak ...)
+CVE-2013-0718
 	NOT-FOR-US: Simeji
-CVE-2013-0717 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2013-0717
 	NOT-FOR-US: NEC Aterm routers
-CVE-2013-0716 (The web server in Wind River VxWorks 5.5 through 6.9 allows remote ...)
+CVE-2013-0716
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0715 (The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows ...)
+CVE-2013-0715
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0714 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
+CVE-2013-0714
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0713 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
+CVE-2013-0713
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0712 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
+CVE-2013-0712
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0711 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
+CVE-2013-0711
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0710 (Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows ...)
+CVE-2013-0710
 	NOT-FOR-US: Kingsoft Writer
-CVE-2013-0709 (Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows ...)
+CVE-2013-0709
 	NOT-FOR-US: Bayashi dopvSTAR
-CVE-2013-0708 (Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows ...)
+CVE-2013-0708
 	NOT-FOR-US: Bayashi dopvCOMET
-CVE-2013-0707 (Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, ...)
+CVE-2013-0707
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2013-0706 (NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and ...)
+CVE-2013-0706
 	NOT-FOR-US: NEC Universal RAID Utility
-CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) ...)
+CVE-2013-0705
 	NOT-FOR-US: LSI 3ware Disk Manager
-CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
+CVE-2013-0704
 	NOT-FOR-US: GREE Android app
-CVE-2013-0703 (Cross-site scripting (XSS) vulnerability in imgboard.com imgboard ...)
+CVE-2013-0703
 	NOT-FOR-US: imgboard
-CVE-2013-0702 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...)
+CVE-2013-0702
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-0701 (SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 ...)
+CVE-2013-0701
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-0700 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to ...)
+CVE-2013-0700
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2013-0699 (The Galil RIO-47100 Pocket PLC allows remote attackers to cause a ...)
+CVE-2013-0699
 	NOT-FOR-US: Galil RIO-47100
 CVE-2013-0698
 	REJECTED
@@ -18477,243 +18477,243 @@ CVE-2013-0696
 	REJECTED
 CVE-2013-0695
 	REJECTED
-CVE-2013-0694 (The Emerson Process Management ROC800 RTU with software 3.50 and ...)
+CVE-2013-0694
 	NOT-FOR-US: Emerson Process Management
-CVE-2013-0693 (The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU ...)
+CVE-2013-0693
 	NOT-FOR-US: Emerson Process Management
-CVE-2013-0692 (The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU ...)
+CVE-2013-0692
 	NOT-FOR-US: Emerson Process Management
 CVE-2013-0691
 	REJECTED
 CVE-2013-0690
 	REJECTED
-CVE-2013-0689 (The TFTP server on the Emerson Process Management ROC800 RTU with ...)
+CVE-2013-0689
 	NOT-FOR-US: Emerson Process Management
-CVE-2013-0688 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware ...)
+CVE-2013-0688
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0687 (The installer routine in Schneider Electric MiCOM S1 Studio uses ...)
+CVE-2013-0687
 	NOT-FOR-US: Schneider Electric
-CVE-2013-0686 (Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, ...)
+CVE-2013-0686
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0685 (Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, ...)
+CVE-2013-0685
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0684 (SQL injection vulnerability in Invensys Wonderware Information Server ...)
+CVE-2013-0684
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0683 (The DataSim and DataPid demonstration clients in Cogent Real-Time ...)
+CVE-2013-0683
 	NOT-FOR-US: DataSim and DataPid demonstration clients
-CVE-2013-0682 (Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub ...)
+CVE-2013-0682
 	NOT-FOR-US: Cogent DataHub
-CVE-2013-0681 (Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub ...)
+CVE-2013-0681
 	NOT-FOR-US: Cogent DataHub
-CVE-2013-0680 (Stack-based buffer overflow in the web server in Cogent Real-Time ...)
+CVE-2013-0680
 	NOT-FOR-US: Cogent DataHub
-CVE-2013-0679 (Directory traversal vulnerability in the web server in Siemens WinCC ...)
+CVE-2013-0679
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0678 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and ...)
+CVE-2013-0678
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0677 (The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 ...)
+CVE-2013-0677
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0676 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and ...)
+CVE-2013-0676
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0675 (Buffer overflow in CCEServer (aka the central communications ...)
+CVE-2013-0675
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0674 (Buffer overflow in the RegReader ActiveX control in Siemens WinCC ...)
+CVE-2013-0674
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0673 (Directory traversal vulnerability in the web interface in the Health ...)
+CVE-2013-0673
 	NOT-FOR-US: MatrikonOPC
-CVE-2013-0672 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
+CVE-2013-0672
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0671 (Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 ...)
+CVE-2013-0671
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0670 (CRLF injection vulnerability in the HMI web application in Siemens ...)
+CVE-2013-0670
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0669 (The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote ...)
+CVE-2013-0669
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0668 (Multiple cross-site scripting (XSS) vulnerabilities in the HMI web ...)
+CVE-2013-0668
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0667 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
+CVE-2013-0667
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0666 (The configuration utility in MatrikonOPC Security Gateway 1.0 allows ...)
+CVE-2013-0666
 	NOT-FOR-US: MatrikonOPC
-CVE-2013-0665 (Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before ...)
+CVE-2013-0665
 	NOT-FOR-US: Schweitzer Engineering Laboratories AcSELerator QuickSet
-CVE-2013-0664 (The FactoryCast service on the Schneider Electric Quantum 140NOE77111 ...)
+CVE-2013-0664
 	NOT-FOR-US: Schneider Electric Quantum modules
-CVE-2013-0663 (Cross-site request forgery (CSRF) vulnerability on the Schneider ...)
+CVE-2013-0663
 	NOT-FOR-US: Schneider Electric Quantum modules
-CVE-2013-0662 (Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider ...)
+CVE-2013-0662
 	NOT-FOR-US: Schneider Electric
 CVE-2013-0661
 	RESERVED
 CVE-2013-0660
 	RESERVED
-CVE-2013-0659 (The debugging feature on the Siemens CP 1604 and CP 1616 interface ...)
+CVE-2013-0659
 	NOT-FOR-US: Siemens Interface Card
-CVE-2013-0658 (Heap-based buffer overflow in RFManagerService.exe in Schneider ...)
+CVE-2013-0658
 	NOT-FOR-US: Schneider Electric Accutech Manager
-CVE-2013-0657 (Stack-based buffer overflow in Schneider Electric Interactive ...)
+CVE-2013-0657
 	NOT-FOR-US: Schneider Electric IGSS
-CVE-2013-0656 (Buffer overflow in a third-party ActiveX component in Siemens SIMATIC ...)
+CVE-2013-0656
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2013-0655 (The client in Schneider Electric Software Update (SESU) Utility 1.0.x ...)
+CVE-2013-0655
 	NOT-FOR-US: Schneider Electric SESU
-CVE-2013-0654 (CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - ...)
+CVE-2013-0654
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0653 (Directory traversal vulnerability in substitute.bcl in the WebView ...)
+CVE-2013-0653
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0652 (GE Intelligent Platforms Proficy Real-Time Information Portal does not ...)
+CVE-2013-0652
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0651 (The Portal installation process in GE Intelligent Platforms Proficy ...)
+CVE-2013-0651
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0650 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 ...)
+CVE-2013-0650
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0649 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 ...)
+CVE-2013-0649
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0648 (Unspecified vulnerability in the ExternalInterface ActionScript ...)
+CVE-2013-0648
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0647 (Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on ...)
+CVE-2013-0647
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0646 (Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x ...)
+CVE-2013-0646
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0645 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-0645
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0644 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 ...)
+CVE-2013-0644
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0643 (The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x ...)
+CVE-2013-0643
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0642 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-0642
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0641 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x ...)
+CVE-2013-0641
 	NOT-FOR-US: Adobe Reader
-CVE-2013-0640 (Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and ...)
+CVE-2013-0640
 	NOT-FOR-US: Adobe Reader
-CVE-2013-0639 (Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
+CVE-2013-0639
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0638 (Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on ...)
+CVE-2013-0638
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0637 (Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on ...)
+CVE-2013-0637
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0636 (Stack-based buffer overflow in Adobe Shockwave Player before ...)
+CVE-2013-0636
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-0635 (Adobe Shockwave Player before 12.0.0.112 allows attackers to execute ...)
+CVE-2013-0635
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-0634 (Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on ...)
+CVE-2013-0634
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0633 (Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x ...)
+CVE-2013-0633
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0632 (administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows ...)
+CVE-2013-0632
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-0631 (Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain ...)
+CVE-2013-0631
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-0630 (Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x ...)
+CVE-2013-0630
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-0629 (Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not ...)
+CVE-2013-0629
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2013-0628
 	REJECTED
-CVE-2013-0627 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before ...)
+CVE-2013-0627
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0626 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
+CVE-2013-0626
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0625 (Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not ...)
+CVE-2013-0625
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-0624 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0624
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0623 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0623
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0622 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0622
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0621 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-0621
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0620 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0620
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0619 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0619
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0618 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0618
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0617 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-0617
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0616 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0616
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0615 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-0615
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0614 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0614
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0613 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-0613
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0612 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-0612
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0611 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0611
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0610 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
+CVE-2013-0610
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0609 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-0609
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0608 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0608
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0607 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0607
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0606 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x ...)
+CVE-2013-0606
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0605 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0605
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0604 (Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
+CVE-2013-0604
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0603 (Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
+CVE-2013-0603
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0602 (Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before ...)
+CVE-2013-0602
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0601 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and ...)
+CVE-2013-0601
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0600 (Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance ...)
+CVE-2013-0600
 	NOT-FOR-US: IBM WebSphere DataPower XC10 Appliance devices
-CVE-2013-0599 (IBM Eclipse Help System (IEHS), as used in IBM Rational Directory ...)
+CVE-2013-0599
 	NOT-FOR-US: IBM
-CVE-2013-0598 (Cross-site request forgery (CSRF) vulnerability in the Web Client in ...)
+CVE-2013-0598
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2013-0597 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
+CVE-2013-0597
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0596 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-0596
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0595 (Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in ...)
+CVE-2013-0595
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2013-0594 (Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and ...)
+CVE-2013-0594
 	NOT-FOR-US: IBM
-CVE-2013-0593 (Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS ...)
+CVE-2013-0593
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2013-0592 (Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 ...)
+CVE-2013-0592
 	NOT-FOR-US: IBM
-CVE-2013-0591 (Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus ...)
+CVE-2013-0591
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2013-0590 (Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus ...)
+CVE-2013-0590
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2013-0589 (IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote ...)
+CVE-2013-0589
 	NOT-FOR-US: IBM
 CVE-2013-0588
 	RESERVED
-CVE-2013-0587 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere ...)
+CVE-2013-0587
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-0586 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos ...)
+CVE-2013-0586
 	NOT-FOR-US: IBM Cognos
-CVE-2013-0585 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere ...)
+CVE-2013-0585
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-0584 (The Data Replication Dashboard component in IBM InfoSphere Replication ...)
+CVE-2013-0584
 	NOT-FOR-US: IBM InfoSphere Replication Server
 CVE-2013-0583
 	RESERVED
-CVE-2013-0582 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated ...)
+CVE-2013-0582
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2013-0581 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Business ...)
+CVE-2013-0581
 	NOT-FOR-US: IBM
-CVE-2013-0580 (Cross-site request forgery (CSRF) vulnerability in the Optim ...)
+CVE-2013-0580
 	NOT-FOR-US: IBM
-CVE-2013-0579 (The Optim E-Business Console in IBM Data Growth Solution for Oracle ...)
+CVE-2013-0579
 	NOT-FOR-US: IBM
-CVE-2013-0578 (The Sterling Order Management APIs in IBM Sterling Multi-Channel ...)
+CVE-2013-0578
 	NOT-FOR-US: IBM
-CVE-2013-0577 (The Optim E-Business Console in IBM Data Growth Solution for Oracle ...)
+CVE-2013-0577
 	NOT-FOR-US: IBM
-CVE-2013-0576 (Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise ...)
+CVE-2013-0576
 	NOT-FOR-US: IBM Tivoli Monitoring
 CVE-2013-0575
 	RESERVED
@@ -18721,21 +18721,21 @@ CVE-2013-0574
 	RESERVED
 CVE-2013-0573
 	RESERVED
-CVE-2013-0572 (Cross-site scripting (XSS) vulnerability in IBM Document Connect for ...)
+CVE-2013-0572
 	NOT-FOR-US: IBM Document Connect for Application Support Facility
-CVE-2013-0571 (Cross-site scripting (XSS) vulnerability in IBM Document Connect for ...)
+CVE-2013-0571
 	NOT-FOR-US: IBM Document Connect for Application Support Facility
-CVE-2013-0570 (The Fibre Channel over Ethernet (FCoE) feature in IBM System ...)
+CVE-2013-0570
 	NOT-FOR-US: IBM
-CVE-2013-0569 (Cross-site scripting (XSS) vulnerability in the Communities component ...)
+CVE-2013-0569
 	NOT-FOR-US: IBM Connections
-CVE-2013-0568 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0568
 	NOT-FOR-US: IBM
-CVE-2013-0567 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0567
 	NOT-FOR-US: IBM
-CVE-2013-0566 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2013-0566
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2013-0565 (Cross-site scripting (XSS) vulnerability in the RPC adapter for the ...)
+CVE-2013-0565
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-0564
 	RESERVED
@@ -18745,11 +18745,11 @@ CVE-2013-0562
 	RESERVED
 CVE-2013-0561
 	RESERVED
-CVE-2013-0560 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator ...)
+CVE-2013-0560
 	NOT-FOR-US: IBM
-CVE-2013-0559 (Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 ...)
+CVE-2013-0559
 	NOT-FOR-US: IBM
-CVE-2013-0558 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0558
 	NOT-FOR-US: IBM
 CVE-2013-0557
 	RESERVED
@@ -18759,17 +18759,17 @@ CVE-2013-0555
 	RESERVED
 CVE-2013-0554
 	RESERVED
-CVE-2013-0553 (The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as ...)
+CVE-2013-0553
 	NOT-FOR-US: IBM Sametime
 CVE-2013-0552
 	RESERVED
-CVE-2013-0551 (The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 ...)
+CVE-2013-0551
 	NOT-FOR-US: IBM Tivoli Monitoring
 CVE-2013-0550
 	REJECTED
-CVE-2013-0549 (Cross-site scripting (XSS) vulnerability in the Web Content Manager - ...)
+CVE-2013-0549
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-0548 (Multiple cross-site scripting (XSS) vulnerabilities in the Basic ...)
+CVE-2013-0548
 	NOT-FOR-US: IBM Tivoli
 CVE-2013-0547
 	RESERVED
@@ -18777,59 +18777,59 @@ CVE-2013-0546
 	RESERVED
 CVE-2013-0545
 	RESERVED
-CVE-2013-0544 (Directory traversal vulnerability in the Administrative Console in IBM ...)
+CVE-2013-0544
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0543 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before ...)
+CVE-2013-0543
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0542 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-0542
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0541 (Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before ...)
+CVE-2013-0541
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0540 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before ...)
+CVE-2013-0540
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0539 (An unspecified third-party component in IBM Sterling B2B Integrator ...)
+CVE-2013-0539
 	NOT-FOR-US: IBM
-CVE-2013-0538 (Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before ...)
+CVE-2013-0538
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2013-0537 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 ...)
+CVE-2013-0537
 	NOT-FOR-US: IBM
-CVE-2013-0536 (ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes ...)
+CVE-2013-0536
 	NOT-FOR-US: IBM Notes
-CVE-2013-0535 (Multiple cross-site scripting (XSS) vulnerabilities in the Classic ...)
+CVE-2013-0535
 	NOT-FOR-US: IBM Sametime
-CVE-2013-0534 (The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and ...)
+CVE-2013-0534
 	NOT-FOR-US: IBM Sametime
-CVE-2013-0533 (Cross-site scripting (XSS) vulnerability in the Sametime Links server ...)
+CVE-2013-0533
 	NOT-FOR-US: IBM Sametime
-CVE-2013-0532 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...)
+CVE-2013-0532
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0531 (The SSL implementation in IBM Security AppScan Enterprise before ...)
+CVE-2013-0531
 	NOT-FOR-US: IBM
 CVE-2013-0530
 	RESERVED
-CVE-2013-0529 (The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 ...)
+CVE-2013-0529
 	NOT-FOR-US: IBM Sterling Connect:Direct
 CVE-2013-0528
 	REJECTED
-CVE-2013-0527 (The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 ...)
+CVE-2013-0527
 	NOT-FOR-US: IBM Sterling Connect:Direct
-CVE-2013-0526 (ping.php in Global Console Manager 16 (GCM16) and Global Console ...)
+CVE-2013-0526
 	NOT-FOR-US: IBM GCM16
-CVE-2013-0525 (Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes ...)
+CVE-2013-0525
 	NOT-FOR-US: IBM Domino
 CVE-2013-0524
 	RESERVED
-CVE-2013-0523 (IBM WebSphere Commerce Enterprise 5.6.x through 5.6.1.5, 6.0.x through ...)
+CVE-2013-0523
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-0522 (The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, ...)
+CVE-2013-0522
 	NOT-FOR-US: IBM
 CVE-2013-0521
 	RESERVED
-CVE-2013-0520 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim ...)
+CVE-2013-0520
 	NOT-FOR-US: IBM
-CVE-2013-0519 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim ...)
+CVE-2013-0519
 	NOT-FOR-US: IBM
-CVE-2013-0518 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim ...)
+CVE-2013-0518
 	NOT-FOR-US: IBM
 CVE-2013-0517
 	RESERVED
@@ -18839,35 +18839,35 @@ CVE-2013-0515
 	RESERVED
 CVE-2013-0514
 	RESERVED
-CVE-2013-0513 (IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM ...)
+CVE-2013-0513
 	NOT-FOR-US: IBM Security AppScan Enterprise, Rational Policy Tester
-CVE-2013-0512 (Stack-based buffer overflow in the Manual Explore browser plug-in for ...)
+CVE-2013-0512
 	NOT-FOR-US: IBM Security AppScan Enterprise, Rational Policy Tester
-CVE-2013-0511 (Multiple SQL injection vulnerabilities in IBM Security AppScan ...)
+CVE-2013-0511
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0510 (IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a ...)
+CVE-2013-0510
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0509 (Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool ...)
+CVE-2013-0509
 	NOT-FOR-US: IBM
-CVE-2013-0508 (Multiple buffer overflows in IBM Tivoli Netcool System Service ...)
+CVE-2013-0508
 	NOT-FOR-US: IBM
 CVE-2013-0507
 	RESERVED
-CVE-2013-0506 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order ...)
+CVE-2013-0506
 	NOT-FOR-US: IBM Sterling Order Management
-CVE-2013-0505 (IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 ...)
+CVE-2013-0505
 	NOT-FOR-US: IBM Sterling Order Management
-CVE-2013-0504 (Buffer overflow in the broker service in Adobe Flash Player before ...)
+CVE-2013-0504
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0503 (Cross-site scripting (XSS) vulnerability in the Bookmarks component in ...)
+CVE-2013-0503
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2013-0502 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information ...)
+CVE-2013-0502
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-0501 (The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in ...)
+CVE-2013-0501
 	NOT-FOR-US: IBM Cognos Disclosure Management
-CVE-2013-0500 (IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not ...)
+CVE-2013-0500
 	NOT-FOR-US: IBM Storwize V7000 Unified
-CVE-2013-0499 (Cross-site scripting (XSS) vulnerability in the echo functionality on ...)
+CVE-2013-0499
 	NOT-FOR-US: IBM
 CVE-2013-0498
 	RESERVED
@@ -18877,375 +18877,375 @@ CVE-2013-0496
 	RESERVED
 CVE-2013-0495
 	RESERVED
-CVE-2013-0494 (IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to ...)
+CVE-2013-0494
 	NOT-FOR-US: IBM Sterling Integrator
 CVE-2013-0493
 	RESERVED
-CVE-2013-0492 (Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin ...)
+CVE-2013-0492
 	NOT-FOR-US: IBM Informix
 CVE-2013-0491
 	RESERVED
-CVE-2013-0490 (Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 ...)
+CVE-2013-0490
 	NOT-FOR-US: IBM InfoSphere Guardium
-CVE-2013-0489 (Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka ...)
+CVE-2013-0489
 	NOT-FOR-US: IBM Domino
-CVE-2013-0488 (Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web ...)
+CVE-2013-0488
 	NOT-FOR-US: IBM Domino
-CVE-2013-0487 (The Java Console in IBM Domino 8.5.x allows remote authenticated users ...)
+CVE-2013-0487
 	NOT-FOR-US: IBM Domino
-CVE-2013-0486 (Memory leak in the HTTP server in IBM Domino 8.5.x allows remote ...)
+CVE-2013-0486
 	NOT-FOR-US: IBM Domino
-CVE-2013-0485 (Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before ...)
+CVE-2013-0485
 	NOT-FOR-US: IBM Java SDK
-CVE-2013-0484 (The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows ...)
+CVE-2013-0484
 	NOT-FOR-US: IBM Cognos TM1
-CVE-2013-0483 (The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, ...)
+CVE-2013-0483
 	NOT-FOR-US: IBM IMS Enterprise Suite
-CVE-2013-0482 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before ...)
+CVE-2013-0482
 	NOT-FOR-US: IBM
-CVE-2013-0481 (The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling ...)
+CVE-2013-0481
 	NOT-FOR-US: IBM
 CVE-2013-0480
 	RESERVED
-CVE-2013-0479 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0479
 	NOT-FOR-US: IBM
-CVE-2013-0478 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
+CVE-2013-0478
 	NOT-FOR-US: IBM
-CVE-2013-0477 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere ...)
+CVE-2013-0477
 	NOT-FOR-US: IBM
-CVE-2013-0476 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0476
 	NOT-FOR-US: IBM
-CVE-2013-0475 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0475
 	NOT-FOR-US: IBM
-CVE-2013-0474 (The Manual Explore browser plug-in in IBM Security AppScan Enterprise ...)
+CVE-2013-0474
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0473 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Security ...)
+CVE-2013-0473
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0472 (The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 ...)
+CVE-2013-0472
 	NOT-FOR-US: IBM
-CVE-2013-0471 (The traditional scheduler in the client in IBM Tivoli Storage Manager ...)
+CVE-2013-0471
 	NOT-FOR-US: IBM
-CVE-2013-0470 (HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote ...)
+CVE-2013-0470
 	NOT-FOR-US: IBM
 CVE-2013-0469
 	RESERVED
-CVE-2013-0468 (Cross-site scripting (XSS) vulnerability in IBM Sterling B2B ...)
+CVE-2013-0468
 	NOT-FOR-US: IBM
-CVE-2013-0467 (IBM Eclipse Help System (IEHS), as used in IBM Data Studio 3.1 and ...)
+CVE-2013-0467
 	NOT-FOR-US: IBM
-CVE-2013-0466 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Message ...)
+CVE-2013-0466
 	NOT-FOR-US: IBM
-CVE-2013-0465 (Unspecified vulnerability in the IBM WebSphere Cast Iron physical and ...)
+CVE-2013-0465
 	NOT-FOR-US: IBM
-CVE-2013-0464 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Eclipse ...)
+CVE-2013-0464
 	NOT-FOR-US: IBM
-CVE-2013-0463 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0463
 	NOT-FOR-US: IBM
-CVE-2013-0462 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2013-0462
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0461 (Cross-site scripting (XSS) vulnerability in the virtual member manager ...)
+CVE-2013-0461
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0460 (Cross-site request forgery (CSRF) vulnerability in the portlet ...)
+CVE-2013-0460
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0459 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-0459
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0458 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+CVE-2013-0458
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0457 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2013-0457
 	NOT-FOR-US: IBM
-CVE-2013-0456 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2013-0456
 	NOT-FOR-US: IBM
-CVE-2013-0455 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling ...)
+CVE-2013-0455
 	NOT-FOR-US: IBM
-CVE-2013-0454 (The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the ...)
+CVE-2013-0454
 	- samba 2:3.6.6-1
 	[squeeze] - samba <not-affected> (only Samba 3.6.0 - 3.6.5 (inclusive) affected)
 	NOTE: https://www.samba.org/samba/security/CVE-2013-0454
-CVE-2013-0453 (Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli ...)
+CVE-2013-0453
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2013-0452 (Cross-site request forgery (CSRF) vulnerability in the Software Use ...)
+CVE-2013-0452
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2013-0451 (SQL injection vulnerability in IBM Maximo Asset Management 6.2 through ...)
+CVE-2013-0451
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-0450 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0450
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0449 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0449
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0448 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0448
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-0447 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-0447
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0446 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0446
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0445 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0445
 	- openjdk-6 6b27-1.12.1-1
 	- openjdk-7 7u17-2.3.8-1
 	NOTE: icedtea fix: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69
 	NOTE: openjdk-7 fixed in experimental: 7u13-2.3.6-1
-CVE-2013-0444 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0444
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 7u3-2.1.6-1
 	NOTE: IcedTea commit: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/ce04db4aba39
-CVE-2013-0443 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0443
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0442 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0442
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
 	NOTE: icedtea fix: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69
-CVE-2013-0441 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0441
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0440 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0440
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0439 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-0439
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0438 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0438
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0437 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0437
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0436 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
+CVE-2013-0436
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0435 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0435
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0434 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0434
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0433 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0433
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0432 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0432
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0431 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0431
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 7u3-2.1.6-1
 	NOTE: IcedTea commit: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/b09c28ff798f
-CVE-2013-0430 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0430
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0429 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0429
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0428 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0428
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0427 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0427
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0426 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0426
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0425 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0425
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0424 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0424
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0423 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0423
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0422 (Multiple vulnerabilities in Oracle Java 7 before Update 11 allow ...)
+CVE-2013-0422
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u3-2.1.4-1
 	NOTE: Exploitable on Linux http://www.openwall.com/lists/oss-security/2013/01/11/1
 CVE-2013-0421
 	REJECTED
-CVE-2013-0420 (Unspecified vulnerability in the VirtualBox component in Oracle ...)
+CVE-2013-0420
 	- virtualbox 4.1.18-dfsg-2 (bug #698292)
 	- virtualbox-ose <not-affected> (Vulnerable code not present)
-CVE-2013-0419 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0419
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0418 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-0418
 	NOT-FOR-US: Oracle Outside In
-CVE-2013-0417 (Unspecified vulnerability in the Sun Storage Common Array Manager ...)
+CVE-2013-0417
 	NOT-FOR-US: Sun Storage Common Array Manager
-CVE-2013-0416 (Unspecified vulnerability in the Siebel Enterprise Application ...)
+CVE-2013-0416
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-0415 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2013-0415
 	NOT-FOR-US: Solaris
-CVE-2013-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2013-0414
 	NOT-FOR-US: Solaris
-CVE-2013-0413 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2013-0413
 	NOT-FOR-US: Solaris
-CVE-2013-0412 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2013-0412
 	NOT-FOR-US: Solaris
-CVE-2013-0411 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
+CVE-2013-0411
 	NOT-FOR-US: Solaris
-CVE-2013-0410 (Unspecified vulnerability in the Agile EDM component in Oracle Supply ...)
+CVE-2013-0410
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2013-0409 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0409
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-0408 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2013-0408
 	NOT-FOR-US: Solaris
-CVE-2013-0407 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2013-0407
 	NOT-FOR-US: Solaris
-CVE-2013-0406 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+CVE-2013-0406
 	NOT-FOR-US: Solaris
-CVE-2013-0405 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2013-0405
 	NOT-FOR-US: Solaris
-CVE-2013-0404 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2013-0404
 	NOT-FOR-US: Solaris
-CVE-2013-0403 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+CVE-2013-0403
 	NOT-FOR-US: Solaris
-CVE-2013-0402 (Heap-based buffer overflow in the Java Runtime Environment (JRE) ...)
+CVE-2013-0402
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0401 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 ...)
+CVE-2013-0401
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-0400 (Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local ...)
+CVE-2013-0400
 	NOT-FOR-US: Solaris
-CVE-2013-0399 (Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local ...)
+CVE-2013-0399
 	NOT-FOR-US: Solaris
-CVE-2013-0398 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows ...)
+CVE-2013-0398
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-0397 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2013-0397
 	NOT-FOR-US: Oracle Applications Framework
-CVE-2013-0396 (Unspecified vulnerability in the Application Performance Management ...)
+CVE-2013-0396
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0395 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2013-0395
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0394 (Unspecified vulnerability in the PeopleSoft HRMS component in Oracle ...)
+CVE-2013-0394
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0393 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2013-0393
 	NOT-FOR-US: Oracle Outside In
-CVE-2013-0392 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2013-0392
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0391 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2013-0391
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0390 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2013-0390
 	NOT-FOR-US: Oracle Applications Framework
-CVE-2013-0389 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0389
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0388 (Unspecified vulnerability in the PeopleSoft HRMS component in Oracle ...)
+CVE-2013-0388
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0387 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2013-0387
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0386 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0386
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0385 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0385
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0384 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0384
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0383 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0383
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0382 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2013-0382
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0381 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2013-0381
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0380 (Unspecified vulnerability in the Oracle Payroll component in Oracle ...)
+CVE-2013-0380
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0379 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2013-0379
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-0378 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2013-0378
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-0377 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2013-0377
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0376 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2013-0376
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0375 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0375
 	{DSA-2780-1}
 	- mysql-5.1 5.1.67
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0374 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0374
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-0373 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0373
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-0372 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0372
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-0371 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0371
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0370 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2013-0370
 	NOT-FOR-US: Oracle Supply Chain product suite
-CVE-2013-0369 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2013-0369
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0368 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0368
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0367 (Unspecified vulnerability in the Server component in Oracle MySQL ...)
+CVE-2013-0367
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0366 (Unspecified vulnerability in the Mobile Server component in Oracle ...)
+CVE-2013-0366
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0365 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
+CVE-2013-0365
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-0364 (Unspecified vulnerability in the Mobile Server component in Oracle ...)
+CVE-2013-0364
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0363 (Unspecified vulnerability in the Mobile Server component in Oracle ...)
+CVE-2013-0363
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0362 (Unspecified vulnerability in the Mobile Server component in Oracle ...)
+CVE-2013-0362
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0361 (Unspecified vulnerability in the Mobile Server component in Oracle ...)
+CVE-2013-0361
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0360 (Unspecified vulnerability in the Application Performance Management ...)
+CVE-2013-0360
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0359 (Unspecified vulnerability in the APM - Application Performance ...)
+CVE-2013-0359
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0358 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0358
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0357 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2013-0357
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0356 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+CVE-2013-0356
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0355 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0355
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0354 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0354
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0353 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0353
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0352 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2013-0352
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0351 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
+CVE-2013-0351
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0350 (tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary ...)
+CVE-2013-0350
 	- pktstat 1.8.5-3 (bug #701211)
 	[squeeze] - pktstat <not-affected> (Vulnerable code not present)
-CVE-2013-0349 (The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux ...)
+CVE-2013-0349
 	{DSA-2668-1}
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
-CVE-2013-0348 (thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use ...)
+CVE-2013-0348
 	- thttpd <removed> (low)
 	[squeeze] - thttpd <no-dsa> (Minor issue)
 	NOTE: http://blogs.gentoo.org/blueness/2014/10/03/sthttpd-a-very-tiny-and-very-fast-http-server-with-a-mature-codebase/
-CVE-2013-0347 (The Gentoo init script for webfs uses world-readable permissions for ...)
+CVE-2013-0347
 	- webfs 1.21+ds1-9 (low; bug #701638)
 	[wheezy] - webfs <no-dsa> (Minor issue)
 	[squeeze] - webfs <no-dsa> (Minor issue)
-CVE-2013-0346 (** DISPUTED ** Apache Tomcat 7.x uses world-readable permissions for ...)
+CVE-2013-0346
 	- tomcat6 <not-affected> (Log files are owned by tomcat:tomcat)
-CVE-2013-0345 (varnish 3.0.3 uses world-readable permissions for the ...)
+CVE-2013-0345
 	- varnish <not-affected> (Logfiles are owned by varnishlog:varnishlog)
 CVE-2013-0344
 	RESERVED
-CVE-2013-0343 (The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux ...)
+CVE-2013-0343
 	{DSA-2906-1}
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
@@ -19261,17 +19261,17 @@ CVE-2013-0342 [CreateID() creates serialized packet IDs for RADIUS]
 	NOTE: this is initially related to #700669
 CVE-2013-0341 [external entity expansion]
 	REJECTED
-CVE-2013-0340 (expat 2.1.0 and earlier does not properly handle entities expansion ...)
+CVE-2013-0340
 	- expat <unfixed> (unimportant)
 	NOTE: Expat provides API to mitigate expansion attacks, ultimately under control of the app using Expat
 	NOTE: https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-0340.html
-CVE-2013-0339 (libxml2 through 2.9.1 does not properly handle external entities ...)
+CVE-2013-0339
 	{DSA-2652-1}
 	- libxml2 2.8.0+dfsg1-7+nmu1 (bug #702260)
-CVE-2013-0338 (libxml2 2.9.0 and earlier allows context-dependent attackers to cause ...)
+CVE-2013-0338
 	{DSA-2652-1}
 	- libxml2 2.8.0+dfsg1-7+nmu1 (bug #702260)
-CVE-2013-0337 (The default configuration of nginx, possibly 1.3.13 and earlier, uses ...)
+CVE-2013-0337
 	- nginx <unfixed> (low; bug #701112)
 	[buster] - nginx <ignored> (Minor issue)
 	[stretch] - nginx <ignored> (Minor issue)
@@ -19281,113 +19281,113 @@ CVE-2013-0337 (The default configuration of nginx, possibly 1.3.13 and earlier,
 	NOTE: Can only be fixed properly once https://trac.nginx.org/nginx/ticket/376
 	NOTE: resolved upstream.
 	NOTE: Originally fixed in 1.4.4-2 but reintroduced with DSA-3701-1 fixes.
-CVE-2013-0336 (The ipapwd_chpwop function in ...)
+CVE-2013-0336
 	- 389-ds-base 1.3.2.9-1 (bug #704077)
-CVE-2013-0335 (OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...)
+CVE-2013-0335
 	- nova 2012.1.1-14 (bug #701773)
-CVE-2013-0334 (Bundler before 1.7, when multiple top-level source lines are used, ...)
+CVE-2013-0334
 	- bundler 1.7.2-1 (low; bug #762739)
 	[wheezy] - bundler <no-dsa> (Minor issue)
-CVE-2013-0333 (lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before ...)
+CVE-2013-0333
 	{DSA-2613-1}
 	- rails 2.3.14.1 (bug #699226)
 	- ruby-activesupport-2.3 2.3.14-6 (bug #699249)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo
-CVE-2013-0332 (Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x ...)
+CVE-2013-0332
 	{DSA-2640-1}
 	- zoneminder 1.25.0-1 (bug #700912)
-CVE-2013-0331 (Jenkins before 1.502 and LTS before 1.480.3 allows remote ...)
+CVE-2013-0331
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0330 (Unspecified vulnerability in Jenkins before 1.502 and LTS before ...)
+CVE-2013-0330
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0329 (Unspecified vulnerability in Jenkins before 1.502 and LTS before ...)
+CVE-2013-0329
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0328 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and ...)
+CVE-2013-0328
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0327 (Cross-site request forgery (CSRF) vulnerability in Jenkins master in ...)
+CVE-2013-0327
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
 CVE-2013-0326 [_base images permissions world readable]
 	RESERVED
 	- nova <unfixed> (unimportant)
 	NOTE: Unfixed upstream, typical installation not multi-user anyway
-CVE-2013-0325 (Multiple cross-site scripting (XSS) vulnerabilities in the Varnish ...)
+CVE-2013-0325
 	NOT-FOR-US: Drupal addon
-CVE-2013-0324 (Cross-site scripting (XSS) vulnerability in the Rendered links ...)
+CVE-2013-0324
 	NOT-FOR-US: Drupal addon
-CVE-2013-0323 (Cross-site scripting (XSS) vulnerability in the Display Suite module ...)
+CVE-2013-0323
 	NOT-FOR-US: Drupal addon
-CVE-2013-0322 (Cross-site scripting (XSS) vulnerability in Views in the Ubercart ...)
+CVE-2013-0322
 	NOT-FOR-US: Drupal addon
-CVE-2013-0321 (Cross-site scripting (XSS) vulnerability in Views in the Ubercart ...)
+CVE-2013-0321
 	NOT-FOR-US: Drupal addon
-CVE-2013-0320 (Cross-site request forgery (CSRF) vulnerability in the Taxonomy ...)
+CVE-2013-0320
 	NOT-FOR-US: Drupal addon
-CVE-2013-0319 (Cross-site scripting (XSS) vulnerability in the Yandex.Metrics module ...)
+CVE-2013-0319
 	NOT-FOR-US: Drupal addon
-CVE-2013-0318 (The admin page in the Banckle Chat module for Drupal does not properly ...)
+CVE-2013-0318
 	NOT-FOR-US: Drupal addon
-CVE-2013-0317 (Cross-site scripting (XSS) vulnerability in the Manager Change for ...)
+CVE-2013-0317
 	NOT-FOR-US: Drupal addon
-CVE-2013-0316 (The Image module in Drupal 7.x before 7.20 allows remote attackers to ...)
+CVE-2013-0316
 	- drupal7 7.14-2 (bug #701165)
 	- drupal6 <not-affected> (Only affects Drupal 7)
-CVE-2013-0315 (The GateIn Portal export/import gadget in JBoss Enterprise Portal ...)
+CVE-2013-0315
 	NOT-FOR-US: GateIn Portal
-CVE-2013-0314 (The GateIn Portal export/import gadget in JBoss Enterprise Portal ...)
+CVE-2013-0314
 	NOT-FOR-US: GateIn Portal
-CVE-2013-0313 (The evm_update_evmxattr function in ...)
+CVE-2013-0313
 	- linux 3.2.39-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0312 (389 Directory Server before 1.3.0.4 allows remote attackers to cause a ...)
+CVE-2013-0312
 	- 389-ds-base 1.3.0.3-1
-CVE-2013-0311 (The translate_desc function in drivers/vhost/vhost.c in the Linux ...)
+CVE-2013-0311
 	- linux 3.2.41-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0310 (The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux ...)
+CVE-2013-0310
 	- linux 3.2.29-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0309 (arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when ...)
+CVE-2013-0309
 	- linux 3.2.32-1
 	- linux-2.6 <not-affected> (THP not in Squeeze)
 	NOTE: Probably gone since 3.2.32, but I checked 3.2.41-2
-CVE-2013-0308 (The imap-send command in GIT before 1.8.1.4 does not verify that the ...)
+CVE-2013-0308
 	- git <not-affected> (OpenSSL support is not enabled in Debian, see bug #701586)
 	NOTE: http://marc.info/?l=git&m=136134619013145&w=2
 	NOTE: Further reference about SSL support in imap-send #434599 needs to be adressed first
-CVE-2013-0307 (Cross-site scripting (XSS) vulnerability in settings.php in ownCloud ...)
+CVE-2013-0307
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
-CVE-2013-0306 (The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and ...)
+CVE-2013-0306
 	{DSA-2634-1}
 	- python-django 1.4.4-1 (bug #701186)
-CVE-2013-0305 (The administrative interface for Django 1.3.x before 1.3.6, 1.4.x ...)
+CVE-2013-0305
 	{DSA-2634-1}
 	- python-django 1.4.4-1 (bug #701186)
 	NOTE: https://www.djangoproject.com/weblog/2013/feb/19/security/
-CVE-2013-0304 (ownCloud Server before 4.5.7 does not properly check ownership of ...)
+CVE-2013-0304
 	- owncloud 5.0.3+dfsg-1
-CVE-2013-0303 (Unspecified vulnerability in core/ajax/translations.php in ownCloud ...)
+CVE-2013-0303
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-006/
-CVE-2013-0302 (Unspecified vulnerability in ownCloud Server before 4.0.12 allows ...)
+CVE-2013-0302
 	- owncloud 5.0.3+dfsg-1
-CVE-2013-0301 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-0301
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
-CVE-2013-0300 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
+CVE-2013-0300
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
-CVE-2013-0299 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
+CVE-2013-0299
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
-CVE-2013-0298 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x ...)
+CVE-2013-0298
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
-CVE-2013-0297 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2013-0297
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
-CVE-2013-0296 (Race condition in pigz before 2.2.5 uses permissions derived from the ...)
+CVE-2013-0296
 	- pigz 2.2.4-2 (low; bug #700608)
 	[squeeze] - pigz 2.1.6-1+squeeze1
 CVE-2013-0295 [CreateID() creates serialized packet IDs for RADIUS]
@@ -19400,36 +19400,36 @@ CVE-2013-0294 [potentially predictable password hashing]
 CVE-2013-0293 [Lock screen accepts F2 to drop to shell]
 	RESERVED
 	- ovirt-node <itp> (bug #502024)
-CVE-2013-0292 (The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib ...)
+CVE-2013-0292
 	- dbus-glib 0.100.1-1 (bug #700638; high)
 	[squeeze] - dbus-glib 0.88-2.1+squeeze1
 CVE-2013-0291
 	RESERVED
-CVE-2013-0290 (The __skb_recv_datagram function in net/core/datagram.c in the Linux ...)
+CVE-2013-0290
 	- linux <not-affected> (Introduced in 3.4, fixed in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.4)
-CVE-2013-0289 (Isync 0.4 before 1.0.6, does not verify that the server hostname ...)
+CVE-2013-0289
 	- isync 1.0.4-2.2 (low; bug #701052)
 	[squeeze] - isync <no-dsa> (Minor issue)
 	NOTE: http://isync.git.sourceforge.net/git/gitweb.cgi?p=isync/isync;a=patch;h=914ede18664980925628a9ed2a73ad05f85aeedb
-CVE-2013-0288 (nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows ...)
+CVE-2013-0288
 	{DSA-2628-1}
 	- nss-pam-ldapd 0.8.10-3 (bug #690319)
-CVE-2013-0287 (The Simple Access Provider in System Security Services Daemon (SSSD) ...)
+CVE-2013-0287
 	- sssd <not-affected> (Introduced in 1.9.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/12
 CVE-2013-0286
 	RESERVED
-CVE-2013-0285 (The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before ...)
+CVE-2013-0285
 	NOT-FOR-US: nori Ruby gem
-CVE-2013-0284 (Ruby agent 3.2.0 through 3.5.2 serializes sensitive data when ...)
+CVE-2013-0284
 	NOT-FOR-US: newrelic_rpm Ruby gem
 CVE-2013-0283
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2013-0282 (OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, ...)
+CVE-2013-0282
 	- keystone 2012.1.1-13 (bug #700947)
-CVE-2013-0281 (Pacemaker 1.1.10, when remote Cluster Information Base (CIB) ...)
+CVE-2013-0281
 	- pacemaker 1.1.10-1 (low; bug #700923)
 	[squeeze] - pacemaker <no-dsa> (Minor issue)
 	[wheezy] - pacemaker <no-dsa> (Minor issue)
@@ -19440,19 +19440,19 @@ CVE-2013-0279
 	REJECTED
 CVE-2013-0278
 	REJECTED
-CVE-2013-0277 (ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 ...)
+CVE-2013-0277
 	{DSA-2620-1}
 	- ruby-activerecord-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-0276 (ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and ...)
+CVE-2013-0276
 	{DSA-2620-1}
 	- ruby-activemodel-3.2 3.2.6-3
 	- ruby-activerecord-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: The fix for 3.2 is present in ruby-activemodel-3.2, not ruby-activerecord-3.2
-CVE-2013-0275 (Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web ...)
+CVE-2013-0275
 	- ganglia 3.6.0-1 (low; bug #700158)
 	[squeeze] - ganglia <no-dsa> (Minor issue)
 	[wheezy] - ganglia <no-dsa> (Minor issue)
@@ -19460,233 +19460,233 @@ CVE-2013-0275 (Multiple cross-site scripting (XSS) vulnerabilities in Ganglia We
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: https://github.com/ganglia/ganglia-web/commit/31d348947419058c43b8dfcd062e2988abd5058e
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=892823
-CVE-2013-0274 (upnp.c in libpurple in Pidgin before 2.10.7 does not properly ...)
+CVE-2013-0274
 	- pidgin 2.10.6-3
 	NOTE: http://www.pidgin.im/news/security/?id=68
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-0273 (sametime.c in the Sametime protocol plugin in libpurple in Pidgin ...)
+CVE-2013-0273
 	- pidgin 2.10.6-3
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
 	NOTE: http://pidgin.im/news/security/?id=67
-CVE-2013-0272 (Buffer overflow in http.c in the MXit protocol plugin in libpurple in ...)
+CVE-2013-0272
 	- pidgin 2.10.6-3
 	NOTE: http://pidgin.im/news/security/?id=66
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-0271 (The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might ...)
+CVE-2013-0271
 	- pidgin 2.10.6-3
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
 	NOTE: http://pidgin.im/news/security/?id=65
-CVE-2013-0270 (OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier ...)
+CVE-2013-0270
 	- keystone 2013.1.1-2
 	[wheezy] - keystone <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1099025
 	NOTE: See notes on ubuntu security tracker, change too intrusive to be backported
-CVE-2013-0269 (The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 ...)
+CVE-2013-0269
 	{DLA-263-1 DLA-215-1}
 	- ruby-json 1.7.3-3 (bug #700436)
 	- libjson-ruby <removed>
 	- ruby1.9.1 1.9.3.194-7 (bug #700471)
 	- ruby1.8 <not-affected> (json ext not present in 1.8)
-CVE-2013-0268 (The msr_open function in arch/x86/kernel/msr.c in the Linux kernel ...)
+CVE-2013-0268
 	- linux 3.2.39-1
 	- linux-2.6 2.6.32-48squeeze1
-CVE-2013-0267 (The Privileges portion of the web GUI and the XMLRPC API in Apache VCL ...)
+CVE-2013-0267
 	NOT-FOR-US: Apache VCL
-CVE-2013-0266 (manifests/base.pp in the puppetlabs-cinder module, as used in ...)
+CVE-2013-0266
 	NOT-FOR-US: Openstack Packstack
-CVE-2013-0265 (The redirect_stderr function in xnbd_common.c in xnbd-server and ...)
+CVE-2013-0265
 	- xnbd 0.1.0-pre-hg20-e75b93a47722-3 (low)
 	NOTE: http://seclists.org/oss-sec/2013/q1/248
 CVE-2013-0264
 	RESERVED
 	NOT-FOR-US: Cumin
-CVE-2013-0263 (Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, ...)
+CVE-2013-0263
 	{DSA-2783-1}
 	- ruby-rack 1.4.1-2.1 (bug #700226)
 	- librack-ruby <removed> (bug #700226)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=802794
 	NOTE: Patches in git, commits 0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07 and 9a81b961457805f6d1a5c275d053068440421e11
-CVE-2013-0262 (rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before ...)
+CVE-2013-0262
 	- ruby-rack 1.4.1-2.1 (bug #700173)
 	- librack-ruby <not-affected> (Introduced in 1.4.0, see #700226)
 	NOTE: Patches in git, commit 6f237e4c9fab649d3750482514f0fde76c56ab30
-CVE-2013-0261 ((1) installer/basedefs.py and (2) modules/ospluginutils.py in ...)
+CVE-2013-0261
 	NOT-FOR-US: Openstack Packstack
-CVE-2013-0260 (Unspecified vulnerability in the Drush Debian Packaging module for ...)
+CVE-2013-0260
 	NOT-FOR-US: Drupal module debuild
 	NOTE: This is a different thing from the drush package.
-CVE-2013-0259 (Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x ...)
+CVE-2013-0259
 	NOT-FOR-US: Drupal module Boxes
-CVE-2013-0258 (The Google Authenticator login (ga_login) module 7.x before 7.x-1.3 ...)
+CVE-2013-0258
 	NOT-FOR-US: Drupal module ga_login
-CVE-2013-0257 (The email2image module 6.x-1.x and 6.x-2.x for Drupal does not ...)
+CVE-2013-0257
 	NOT-FOR-US: Drupal module email2image
-CVE-2013-0256 (darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before ...)
+CVE-2013-0256
 	{DLA-235-1}
 	- ruby1.9.1 1.9.3.194-6 (low; bug #699929)
 	- ruby1.8 <not-affected> (Only affects 1.9 and 2.0)
 	NOTE: http://marc.info/?l=oss-security&m=136021623726440&w=2
 	NOTE: https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60
-CVE-2013-0255 (PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before ...)
+CVE-2013-0255
 	{DSA-2630-1}
 	- postgresql-9.1 9.1.8-1
 	- postgresql-8.4 8.4.16-1
-CVE-2013-0254 (The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before ...)
+CVE-2013-0254
 	{DLA-210-1}
 	- qt4-x11 4:4.8.2+dfsg-11 (bug #699870)
 	NOTE: possible follow-up problem if patch is applied: http://bugs.debian.org/700530
 	NOTE: but bug in xorg server, needs checking
-CVE-2013-0253 (The default configuration of Apache Maven 3.0.4, when using Maven ...)
+CVE-2013-0253
 	- wagon2 2.2-3+nmu1 (bug #701991)
-CVE-2013-0252 (boost::locale::utf::utf_traits in the Boost.Locale library in Boost ...)
+CVE-2013-0252
 	- boost1.50 <removed> (bug #699650)
 	- boost1.49 1.49.0-3.2 (bug #699649)
 	- boost1.42 <not-affected> (Boost.Locale was not part of boost until 1.48.0, bug #699719)
-CVE-2013-0251 (Stack-based buffer overflow in llogincircuit.cc in latd 1.25 through ...)
+CVE-2013-0251
 	- latd 1.31 (low; bug #699625)
 	[squeeze] - latd <no-dsa> (Minor issue)
-CVE-2013-0250 (The init_nss_hash function in exec/totemcrypto.c in Corosync 2.0 ...)
+CVE-2013-0250
 	- corosync <not-affected> (Introduced in v1.99.8-2-ge925f42; bug #699615)
 	NOTE: https://github.com/corosync/corosync/commit/4378915a33ab7fbbb5874f79dd7cd71b014ef44e#L0R407
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/01/1
-CVE-2013-0249 (Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message ...)
+CVE-2013-0249
 	- curl 7.29.0-1 (bug #700002)
 	[squeeze] - curl <not-affected> (Only affects 7.26.0 to 7.28.1)
 	[wheezy] - curl 7.26.0-1+wheezy1
-CVE-2013-0248 (The default configuration of javax.servlet.context.tempdir in Apache ...)
+CVE-2013-0248
 	- libcommons-fileupload-java 1.3-1 (unimportant)
 	NOTE: Only affects example code
-CVE-2013-0247 (OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and ...)
+CVE-2013-0247
 	- keystone 2012.1.1-12 (bug #699835)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1098307
-CVE-2013-0246 (The Image module in Drupal 7.x before 7.19, when a private file system ...)
+CVE-2013-0246
 	- drupal7 7.14-1.3 (bug #698334)
 	NOTE: https://drupal.org/SA-CORE-2013-001
-CVE-2013-0245 (The printer friendly version functionality in the Book module in ...)
+CVE-2013-0245
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #698333)
 	- drupal7 7.14-1.3 (bug #698334)
 	NOTE: https://drupal.org/SA-CORE-2013-001
-CVE-2013-0244 (Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and ...)
+CVE-2013-0244
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #698333)
 	- drupal7 7.14-1.3 (bug #698334)
 	NOTE: https://drupal.org/SA-CORE-2013-001
-CVE-2013-0242 (Buffer overflow in the extend_buffers function in the regular ...)
+CVE-2013-0242
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-2 (low; bug #699399)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	NOTE: http://seclists.org/oss-sec/2013/q1/202
-CVE-2013-0241 (The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to ...)
+CVE-2013-0241
 	- xserver-xorg-video-qxl 0.0.17-1 (bug #699396)
 	[squeeze] - xserver-xorg-video-qxl <no-dsa> (minor denial of service issue)
 	NOTE: squeeze is affected since it could be a guest of an affected qemu-kvm version
-CVE-2013-0240 (Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x ...)
+CVE-2013-0240
 	- gnome-online-accounts 3.4.2-2 (bug #699825)
-CVE-2013-0239 (Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, ...)
+CVE-2013-0239
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-0238 (The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before ...)
+CVE-2013-0238
 	{DSA-2618-1}
 	- ircd-hybrid 1:7.2.2.dfsg.2-10 (bug #699267; high)
 	[squeeze] - ircd-hybrid 7.2.2.dfsg.2-6.2+squeeze1
 	- oftc-hybrid <unfixed>
-CVE-2013-0237 (Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode ...)
+CVE-2013-0237
 	- wordpress 3.5.1+dfsg-1 (bug #698929)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0236 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress ...)
+CVE-2013-0236
 	- wordpress 3.5.1+dfsg-1 (bug #698927)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0235 (The XMLRPC API in WordPress before 3.5.1 allows remote attackers to ...)
+CVE-2013-0235
 	- wordpress 3.5.1+dfsg-1 (bug #698916)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0234 (Cross-site scripting (XSS) vulnerability in the Twitter widget in Elgg ...)
+CVE-2013-0234
 	- elgg <itp> (bug #526197)
-CVE-2013-0233 (Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, ...)
+CVE-2013-0233
 	- ruby-devise 3.4.1-1
-CVE-2013-0232 (includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and ...)
+CVE-2013-0232
 	{DSA-2640-1}
 	- zoneminder 1.25.0-4 (bug #698910)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=904103
 	NOTE: Upstream forum post: http://www.zoneminder.com/forums/viewtopic.php?f=29&t=20771
-CVE-2013-0231 (The pciback_enable_msi function in the PCI backend driver ...)
+CVE-2013-0231
 	{DSA-2632-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
-CVE-2013-0230 (Stack-based buffer overflow in the ExecuteSoapAction function in the ...)
+CVE-2013-0230
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
-CVE-2013-0229 (The ProcessSSDPRequest function in minissdp.c in the SSDP handler in ...)
+CVE-2013-0229
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
-CVE-2013-0228 (The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel ...)
+CVE-2013-0228
 	{DLA-103-1}
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
 	NOTE: was actually fixed in 2.6.32-46squeeze1 but upload was done and no DSA was released for that version.
-CVE-2013-0227 (Cross-site scripting (XSS) vulnerability in the Search API Sorts ...)
+CVE-2013-0227
 	NOT-FOR-US: Drupal addon
-CVE-2013-0226 (The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal ...)
+CVE-2013-0226
 	NOT-FOR-US: Drupal addon
-CVE-2013-0225 (Cross-site scripting (XSS) vulnerability in the User Relationships ...)
+CVE-2013-0225
 	NOT-FOR-US: Drupal addon
-CVE-2013-0224 (The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the ...)
+CVE-2013-0224
 	NOT-FOR-US: Drupal addon
-CVE-2013-0223 (The SUSE coreutils-i18n.patch for GNU coreutils allows ...)
+CVE-2013-0223
 	- coreutils <not-affected> (Affected patch not added to Debian package)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/21/14
-CVE-2013-0222 (The SUSE coreutils-i18n.patch for GNU coreutils allows ...)
+CVE-2013-0222
 	- coreutils <not-affected> (Affected patch not added to Debian package)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/21/14
-CVE-2013-0221 (The SUSE coreutils-i18n.patch for GNU coreutils allows ...)
+CVE-2013-0221
 	- coreutils <not-affected> (Affected patch not added to Debian package)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/21/14
-CVE-2013-0220 (The (1) sss_autofs_cmd_getautomntent and (2) ...)
+CVE-2013-0220
 	- sssd 1.8.4-2 (low; bug #698871)
 	[squeeze] - sssd <not-affected> (autofs and ssh responders not yet present)
-CVE-2013-0219 (System Security Services Daemon (SSSD) before 1.9.4, when (1) ...)
+CVE-2013-0219
 	- sssd 1.8.4-2 (low; bug #698871)
 	[squeeze] - sssd <no-dsa> (Minor issue)
-CVE-2013-0218 (The GUI installer in JBoss Enterprise Application Platform (EAP) and ...)
+CVE-2013-0218
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-0217 (Memory leak in drivers/net/xen-netback/netback.c in the Xen netback ...)
+CVE-2013-0217
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2013-0216 (The Xen netback functionality in the Linux kernel before 3.7.8 allows ...)
+CVE-2013-0216
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2013-0215 (oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly ...)
+CVE-2013-0215
 	- xen <not-affected> (ocaml version of the xenstore daemon not used in Debian)
-CVE-2013-0214 (Cross-site request forgery (CSRF) vulnerability in the Samba Web ...)
+CVE-2013-0214
 	{DSA-2617-1}
 	- samba 2:3.6.6-5
-CVE-2013-0213 (The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, ...)
+CVE-2013-0213
 	{DSA-2617-1}
 	- samba 2:3.6.6-5
-CVE-2013-0212 (store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) ...)
+CVE-2013-0212
 	- glance 2012.1.1-4
-CVE-2013-0211 (Integer signedness error in the archive_write_zip_data function in ...)
+CVE-2013-0211
 	- libarchive 3.0.4-3 (bug #703957)
 	[squeeze] - libarchive <not-affected> (Vulnerable code not present)
-CVE-2013-0210 (The smart proxy Puppet run API in Foreman before 1.2.0 allows remote ...)
+CVE-2013-0210
 	- foreman <itp> (bug #663101)
-CVE-2013-0209 (lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x ...)
+CVE-2013-0209
 	{DSA-2611-1}
 	- movabletype-opensource 5.1.2+dfsg-1 (bug #697666)
 	NOTE: Versions 5.0 or higher not affected
-CVE-2013-0208 (The boot-from-volume feature in OpenStack Compute (Nova) Folsom and ...)
+CVE-2013-0208
 	- nova 2012.1.1-12
-CVE-2013-0207 (Cross-site request forgery (CSRF) vulnerability in the Mark Complete ...)
+CVE-2013-0207
 	NOT-FOR-US: module for Drupal
-CVE-2013-0206 (Unrestricted file upload vulnerability in the Live CSS module 6.x-2.x ...)
+CVE-2013-0206
 	NOT-FOR-US: module for Drupal
-CVE-2013-0205 (Cross-site request forgery (CSRF) vulnerability in the RESTful Web ...)
+CVE-2013-0205
 	NOT-FOR-US: module for Drupal
-CVE-2013-0204 (settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote ...)
+CVE-2013-0204
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-002/
 CVE-2013-0203 [XSS vulnerabilities]
@@ -19699,22 +19699,22 @@ CVE-2013-0202 [XSS vulnerabilities]
 	- owncloud 4.0.8debian-1.4 (bug #698737)
 	[wheezy] - owncloud 4.0.4debian2-3.3
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-001/
-CVE-2013-0201 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, ...)
+CVE-2013-0201
 	- owncloud 4.0.8debian-1.4 (bug #698737)
 	[wheezy] - owncloud 4.0.4debian2-3.3
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-001/
-CVE-2013-0200 (HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local ...)
+CVE-2013-0200
 	{DSA-2829-1}
 	- hplip 3.12.6-3.1 (low; bug #701185)
 	[squeeze] - hplip <no-dsa> (Minor issue)
-CVE-2013-0199 (The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict ...)
+CVE-2013-0199
 	NOT-FOR-US: FreeIPA
-CVE-2013-0198 (Dnsmasq before 2.66test2, when used with certain libvirt ...)
+CVE-2013-0198
 	- dnsmasq 2.66-1 (low)
 	[wheezy] - dnsmasq <no-dsa> (Minor issue)
 	[squeeze] - dnsmasq <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/18/2
-CVE-2013-0197 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2013-0197
 	- mantis <not-affected> (This only affects the 1.2.12 version, which isn't present in Debian, bug #698481)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=15373
 CVE-2013-0196
@@ -19737,46 +19737,46 @@ CVE-2013-0192
 	NOT-FOR-US: Simple Machines Forum
 CVE-2013-0188
 	REJECTED
-CVE-2013-0190 (The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 ...)
+CVE-2013-0190
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2013-0189 (cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and ...)
+CVE-2013-0189
 	{DSA-2631-1}
 	- squid 2.7.STABLE9-2
 	NOTE: squid-cgi was removed in 2.7.STABLE9-2
 	- squid3 3.1.20-2.1 (bug #696187)
 	NOTE: possible regression, see #701123
-CVE-2013-0191 (libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value ...)
+CVE-2013-0191
 	- pam-pgsql 0.7.3.1-4 (bug #698241)
 	[squeeze] - pam-pgsql 0.7.1-4+squeeze2
 	NOTE: patch: https://sourceforge.net/u/lvella/pam-pgsql/ci/9361f5970e5dd90a747319995b67c2f73b91448c/
 	NOTE: bugreport: https://sourceforge.net/p/pam-pgsql/bugs/13/
-CVE-2013-0187 (Foreman before 1.1 allows remote authenticated users to gain ...)
+CVE-2013-0187
 	- foreman <itp> (bug #663101)
 CVE-2013-0186
 	RESERVED
 	NOT-FOR-US: ManageIQ EVM (CloudForms)
-CVE-2013-0185 (Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise ...)
+CVE-2013-0185
 	NOT-FOR-US: ManageIQ EVM (CloudForms)
-CVE-2013-0184 (Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x ...)
+CVE-2013-0184
 	{DSA-2783-1}
 	- ruby-rack 1.4.1-2.1 (bug #698440)
 	- librack-ruby <removed>
-CVE-2013-0183 (multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 ...)
+CVE-2013-0183
 	{DSA-2783-1}
 	- ruby-rack 1.4.1-2.1 (bug #698440)
 	- librack-ruby <removed>
 	NOTE: commit 24d512531bd88f2d6ce94b3a3d9798fde8fbb713 refactored the multipart module
 	NOTE: and introduced the fast_forward_to_first_boundry function.
 	NOTE: https://github.com/rack/rack/commit/24d512531bd88f2d6ce94b3a3d9798fde8fbb713
-CVE-2013-0182 (The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly ...)
+CVE-2013-0182
 	NOT-FOR-US: Drupal module Payment
-CVE-2013-0181 (Cross-site scripting (XSS) vulnerability in Views in the Search API ...)
+CVE-2013-0181
 	NOT-FOR-US: Drupal module search_api
 CVE-2013-0180
 	RESERVED
-CVE-2013-0179 (The process_bin_delete function in memcached.c in memcached 1.4.4 and ...)
+CVE-2013-0179
 	- memcached 1.4.13-0.2 (low; bug #698231)
 	[squeeze] - memcached 1.4.5-1+deb6u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=895054
@@ -19788,32 +19788,32 @@ CVE-2013-0178 [redis 2.4: Insecure temporary flaw use for redis service's vm swa
 	[squeeze] - redis <no-dsa> (Minor issue)
 	[wheezy] - redis <no-dsa> (Minor issue)
 	NOTE: RedHat bugreport mentions 2.4 is affected, but not 2.6
-CVE-2013-0177 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2013-0177
 	NOT-FOR-US: OFBiz
-CVE-2013-0176 (The publickey_from_privatekey function in libssh before 0.5.4, when no ...)
+CVE-2013-0176
 	- libssh 0.5.4-1 (low; bug #698963)
 	[squeeze] - libssh <no-dsa> (Minor issue)
 	NOTE: http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/
 	NOTE: http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=55b09f426417406bb25c0b9c474fbab1398b0dc8
-CVE-2013-0175 (multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and ...)
+CVE-2013-0175
 	- ruby-multi-xml <not-affected> (Vulnerable version never in the archive)
 	NOTE: fixed in https://rubygems.org/gems/multi_xml/versions/0.5.2
-CVE-2013-0174 (The external node classifier (ENC) API in Foreman before 1.1 allows ...)
+CVE-2013-0174
 	- foreman <itp> (bug #663101)
-CVE-2013-0173 (Foreman before 1.1 uses a salt of &quot;foreman&quot; to hash root passwords, ...)
+CVE-2013-0173
 	- foreman <itp> (bug #663101)
-CVE-2013-0172 (Samba 4.0.x before 4.0.1, in certain Active Directory ...)
+CVE-2013-0172
 	- samba4 4.0.0~beta2+dfsg1-3.1 (high; bug #699188)
 	- samba <not-affected> (Only affects Active Directory functionality)
 	NOTE: https://lists.samba.org/archive/samba-technical/2013-January/089911.html
-CVE-2013-0171 (Foreman before 1.1 allows remote attackers to execute arbitrary code ...)
+CVE-2013-0171
 	- foreman <itp> (bug #663101)
-CVE-2013-0170 (Use-after-free vulnerability in the virNetMessageFree function in ...)
+CVE-2013-0170
 	- libvirt 0.9.12-6 (bug #699224)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present, see bug #699224)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=893450
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=46532e3e8ed5f5a736a02f67d6c805492f9ca720
-CVE-2013-0169 (The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as ...)
+CVE-2013-0169
 	{DSA-2622-1 DSA-2621-1}
 	- openssl 1.0.1e-1 (bug #699889)
 	- bouncycastle 1.48+dfsg-2 (low; bug #699885)
@@ -19835,42 +19835,42 @@ CVE-2013-0169 (The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, a
 	- tlslite <removed>
 	[wheezy] - tlslite <no-dsa> (Minor issue)
 	NOTE: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
-CVE-2013-0168 (The MoveDisk command in Red Hat Enterprise Virtualization Manager ...)
+CVE-2013-0168
 	NOTE: RHEV management tool
-CVE-2013-0167 (VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged ...)
+CVE-2013-0167
 	- vdsm <itp> (bug #668538)
-CVE-2013-0166 (OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d ...)
+CVE-2013-0166
 	{DSA-2621-1}
 	- openssl 1.0.1e-1 (bug #699889)
 CVE-2013-0165
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-0164 (The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in ...)
+CVE-2013-0164
 	NOT-FOR-US: OpenShift
 CVE-2013-0163
 	RESERVED
 	NOT-FOR-US: OpenShift haproxy cartridge
-CVE-2013-0162 (The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser ...)
+CVE-2013-0162
 	- ruby-parser 2.3.1-2 (bug #701637)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/22/5
 CVE-2013-0161
 	RESERVED
 	NOT-FOR-US: Havalite CMS
-CVE-2013-0160 (The Linux kernel through 3.7.9 allows local users to obtain sensitive ...)
+CVE-2013-0160
 	{DSA-2669-1}
 	- linux 3.8.12-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Minor information leak, rather a missing hardening feature than a security vulnerability.
-CVE-2013-0159 (The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 ...)
+CVE-2013-0159
 	NOT-FOR-US: Fedora build script
-CVE-2013-0158 (Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before ...)
+CVE-2013-0158
 	- jenkins 1.480.2+dfsg-1~exp1 (bug #697617)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
-CVE-2013-0157 ((a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably ...)
+CVE-2013-0157
 	- util-linux 2.20.1-5.5 (bug #697464; low)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
 	[wheezy] - util-linux <no-dsa> (Minor issue)
-CVE-2013-0156 (active_support/core_ext/hash/conversions.rb in Ruby on Rails before ...)
+CVE-2013-0156
 	{DSA-2604-1}
 	- rails 2.3.14.1 (bug #697722; high)
 	- ruby-activesupport-2.3 2.3.14-5 (bug #697789)
@@ -19879,7 +19879,7 @@ CVE-2013-0156 (active_support/core_ext/hash/conversions.rb in Ruby on Rails befo
 	NOTE: http://www.insinuator.net/2013/01/rails-yaml/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/08/14
 	NOTE: experimental has 3.2.8-1 and should be affected too
-CVE-2013-0155 (Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x ...)
+CVE-2013-0155
 	{DSA-2609-1}
 	- ruby-activerecord-3.2 3.2.6-4 (bug #697744)
 	- ruby-activerecord-2.3 2.3.14-4
@@ -19887,84 +19887,84 @@ CVE-2013-0155 (Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/08/13
-CVE-2013-0154 (The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when ...)
+CVE-2013-0154
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
-CVE-2013-0153 (The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, ...)
+CVE-2013-0153
 	{DSA-2636-1}
 	- xen 4.1.4-2
-CVE-2013-0152 (Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a ...)
+CVE-2013-0152
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
-CVE-2013-0151 (The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the ...)
+CVE-2013-0151
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
-CVE-2013-0150 (Directory traversal vulnerability in an unspecified signed Java applet ...)
+CVE-2013-0150
 	NOT-FOR-US: F5 BIG-IP APM, FirePass and other F5 products
-CVE-2013-0149 (The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 ...)
+CVE-2013-0149
 	- quagga <not-affected>
 	NOTE: OSPF protocol vulnerability, quagga implementation not affected
-CVE-2013-0148 (The Data Camouflage (aka FairCom Standard Encryption) algorithm in ...)
+CVE-2013-0148
 	NOT-FOR-US: FairCom c-treeACE
 CVE-2013-0147
 	RESERVED
 CVE-2013-0146
 	RESERVED
-CVE-2013-0145 (Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote ...)
+CVE-2013-0145
 	NOT-FOR-US: Serva32
-CVE-2013-0144 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2013-0144
 	NOT-FOR-US: QNAP
-CVE-2013-0143 (cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, ...)
+CVE-2013-0143
 	NOT-FOR-US: QNAP
-CVE-2013-0142 (QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance ...)
+CVE-2013-0142
 	NOT-FOR-US: QNAP
-CVE-2013-0141 (Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) ...)
+CVE-2013-0141
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-0140 (SQL injection vulnerability in the Agent-Handler component in McAfee ...)
+CVE-2013-0140
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-0139 (The Arecont Vision AV1355DN MegaDome camera allows remote attackers to ...)
+CVE-2013-0139
 	NOT-FOR-US: Arecont Vision
-CVE-2013-0138 (BitZipper 2013 before Update 1 allows remote attackers to execute ...)
+CVE-2013-0138
 	NOT-FOR-US: BitZipper
-CVE-2013-0137 (The default configuration of the Digital Alert Systems DASDEC EAS ...)
+CVE-2013-0137
 	NOT-FOR-US: Digital Alert Systems and Monroe Electronics
-CVE-2013-0136 (Multiple directory traversal vulnerabilities in the EditDocument ...)
+CVE-2013-0136
 	NOT-FOR-US: Mutiny
-CVE-2013-0135 (Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow ...)
+CVE-2013-0135
 	NOT-FOR-US: PHP Address Book
-CVE-2013-0134 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+CVE-2013-0134
 	NOT-FOR-US: AirDroid
-CVE-2013-0133 (Untrusted search path vulnerability in ...)
+CVE-2013-0133
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2013-0132 (The suexec implementation in Parallels Plesk Panel 11.0.9 contains a ...)
+CVE-2013-0132
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2013-0131 (Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before ...)
+CVE-2013-0131
 	- nvidia-graphics-drivers 304.88-1 (bug #704547)
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/3290
-CVE-2013-0130 (Multiple buffer overflows in Core FTP before 2.2 build 1769 allow ...)
+CVE-2013-0130
 	NOT-FOR-US: Core FTP
-CVE-2013-0129 (Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before ...)
+CVE-2013-0129
 	NOT-FOR-US: pd-admin
-CVE-2013-0128 (The Contact Customer Support feature in the TigerText Free Private ...)
+CVE-2013-0128
 	NOT-FOR-US: TigerText
-CVE-2013-0127 (IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before ...)
+CVE-2013-0127
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2013-0126 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2013-0126
 	NOT-FOR-US: Verizon router
-CVE-2013-0125 (Cross-site scripting (XSS) vulnerability in fileview.asp in C2 ...)
+CVE-2013-0125
 	NOT-FOR-US: C2 WebResource
-CVE-2013-0124 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2013-0124
 	NOT-FOR-US: ASKIA
-CVE-2013-0123 (Multiple SQL injection vulnerabilities in the administration interface ...)
+CVE-2013-0123
 	NOT-FOR-US: ASKIA
-CVE-2013-0122 (The avast! Mobile Security application before 2.0.4400 for Android ...)
+CVE-2013-0122
 	NOT-FOR-US: avast! Mobile Security application
 CVE-2013-0121
 	RESERVED
-CVE-2013-0120 (The web interface on Dell PowerConnect 6248P switches allows remote ...)
+CVE-2013-0120
 	NOT-FOR-US: Dell Switches
 CVE-2013-0119
 	RESERVED
-CVE-2013-0118 (CS-Cart before 3.0.6, when PayPal Standard Payments is configured, ...)
+CVE-2013-0118
 	NOT-FOR-US: CS-Cart
 CVE-2013-0117
 	RESERVED
@@ -19974,19 +19974,19 @@ CVE-2013-0115
 	RESERVED
 CVE-2013-0114
 	RESERVED
-CVE-2013-0113 (Nuance PDF Reader 7.0 and PDF Viewer Plus 7.1 allow remote attackers ...)
+CVE-2013-0113
 	NOT-FOR-US: Nuance PDF Reader
 CVE-2013-0112
 	RESERVED
-CVE-2013-0111 (daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed ...)
+CVE-2013-0111
 	NOT-FOR-US: NVIDIA Update Service Daemon
-CVE-2013-0110 (nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as ...)
+CVE-2013-0110
 	NOT-FOR-US: NVIDIA Stereoscopic 3D Driver service
-CVE-2013-0109 (The NVIDIA driver before 307.78, and Release 310 before 311.00, in the ...)
+CVE-2013-0109
 	NOT-FOR-US: NVIDIA Display Driver service on Windows
-CVE-2013-0108 (An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise ...)
+CVE-2013-0108
 	NOT-FOR-US: Honeywell
-CVE-2013-0107 (Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 ...)
+CVE-2013-0107
 	NOT-FOR-US: Foxit Advanced PDF Editor
 CVE-2013-0106
 	RESERVED
@@ -20008,53 +20008,53 @@ CVE-2013-0098
 	REJECTED
 CVE-2013-0097
 	REJECTED
-CVE-2013-0096 (Writer in Microsoft Windows Essentials 2011 and 2012 allows remote ...)
+CVE-2013-0096
 	NOT-FOR-US: Microsoft
-CVE-2013-0095 (Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for ...)
+CVE-2013-0095
 	NOT-FOR-US: Outlook in Microsoft Office for Mac
-CVE-2013-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0094
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0093 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0093
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0092 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0092
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0091 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows ...)
+CVE-2013-0091
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0090 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0090
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0089 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0089
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0088 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0088
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0087 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0087
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0086 (Microsoft OneNote 2010 SP1 does not properly determine buffer sizes ...)
+CVE-2013-0086
 	NOT-FOR-US: Microsoft OneNote
-CVE-2013-0085 (Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint ...)
+CVE-2013-0085
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0084 (Directory traversal vulnerability in Microsoft SharePoint Server 2010 ...)
+CVE-2013-0084
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0083 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2013-0083
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0082 (Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to ...)
+CVE-2013-0082
 	NOT-FOR-US: Microsoft
-CVE-2013-0081 (Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 ...)
+CVE-2013-0081
 	NOT-FOR-US: Microsoft
-CVE-2013-0080 (Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 ...)
+CVE-2013-0080
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0079 (Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute ...)
+CVE-2013-0079
 	NOT-FOR-US: Microsoft Visio Viewer
-CVE-2013-0078 (The Microsoft Antimalware Client in Windows Defender on Windows 8 and ...)
+CVE-2013-0078
 	NOT-FOR-US: Microsoft Antimalware Client
-CVE-2013-0077 (Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server ...)
+CVE-2013-0077
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0076 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows ...)
+CVE-2013-0076
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0075 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows ...)
+CVE-2013-0075
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0074 (Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 ...)
+CVE-2013-0074
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2013-0073 (The Windows Forms (aka WinForms) component in Microsoft .NET Framework ...)
+CVE-2013-0073
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2013-0072
 	REJECTED
@@ -20142,63 +20142,63 @@ CVE-2013-0032
 	REJECTED
 CVE-2013-0031
 	REJECTED
-CVE-2013-0030 (The Vector Markup Language (VML) implementation in Microsoft Internet ...)
+CVE-2013-0030
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0029 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0029
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0028 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0028
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0027 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0027
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0026 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2013-0026
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0025 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows ...)
+CVE-2013-0025
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0024 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 ...)
+CVE-2013-0024
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0023 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 ...)
+CVE-2013-0023
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0022 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2013-0022
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0021 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0021
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0020 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2013-0020
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0019 (Use-after-free vulnerability in Microsoft Internet Explorer 7 through ...)
+CVE-2013-0019
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0018 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2013-0018
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-0017
 	REJECTED
 CVE-2013-0016
 	REJECTED
-CVE-2013-0015 (Microsoft Internet Explorer 6 through 9 does not properly perform ...)
+CVE-2013-0015
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-0014
 	REJECTED
-CVE-2013-0013 (The SSL provider component in Microsoft Windows Vista SP2, Windows ...)
+CVE-2013-0013
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-0012
 	REJECTED
-CVE-2013-0011 (The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and ...)
+CVE-2013-0011
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0010 (Cross-site scripting (XSS) vulnerability in Microsoft System Center ...)
+CVE-2013-0010
 	NOT-FOR-US: Microsoft System Center Opera Manager
-CVE-2013-0009 (Cross-site scripting (XSS) vulnerability in Microsoft System Center ...)
+CVE-2013-0009
 	NOT-FOR-US: Microsoft System Center Opera Manager
-CVE-2013-0008 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
+CVE-2013-0008
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0007 (Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not ...)
+CVE-2013-0007
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2013-0006 (Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not ...)
+CVE-2013-0006
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2013-0005 (The WCF Replace function in the Open Data (aka OData) protocol ...)
+CVE-2013-0005
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0004 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, ...)
+CVE-2013-0004
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0003 (Buffer overflow in a System.DirectoryServices.Protocols (S.DS.P) ...)
+CVE-2013-0003
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0002 (Buffer overflow in the Windows Forms (aka WinForms) component in ...)
+CVE-2013-0002
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0001 (The Windows Forms (aka WinForms) component in Microsoft .NET Framework ...)
+CVE-2013-0001
 	NOT-FOR-US: Microsoft .NET Framework
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 095d35fe0e..00b7200226 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -1,126 +1,126 @@
-CVE-2014-10079 (In Vembu StoreGrid 4.4.x, the front page of the server web interface ...)
+CVE-2014-10079
 	NOT-FOR-US: Vembu StoreGrid
-CVE-2014-10078 (Vembu StoreGrid 4.4.x has XSS in ...)
+CVE-2014-10078
 	NOT-FOR-US: Vembu StoreGrid
 CVE-2014-1000000
 	REJECTED
-CVE-2014-10077 (Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 ...)
+CVE-2014-10077
 	{DLA-1584-1}
 	- ruby-i18n 0.7.0-3 (bug #913093)
 	[stretch] - ruby-i18n <no-dsa> (Minor issue)
 	NOTE: https://github.com/svenfuchs/i18n/pull/289
 	NOTE: https://github.com/svenfuchs/i18n/commit/24e71a9a4901ed18c9cab5c53109fd9bf2416bcb
-CVE-2014-10076 (The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character ...)
+CVE-2014-10076
 	NOT-FOR-US: wp-db-backup plugin WordPress
-CVE-2014-10075 (The karo gem 2.3.8 for Ruby allows Remote command injection via the ...)
+CVE-2014-10075
 	NOT-FOR-US: karo gem
-CVE-2014-10074 (Umbraco before 7.2.0 has a remote PHP code execution vulnerability ...)
+CVE-2014-10074
 	NOT-FOR-US: Umbraco
-CVE-2014-10073 (The create_response function in server/server.c in Psensor before 1.1.4 ...)
+CVE-2014-10073
 	{DLA-1361-1}
 	- psensor 1.1.5-1 (low; bug #896195)
 	[jessie] - psensor 1.1.3-2+deb8u1
 	NOTE: http://git.wpitchoune.net/gitweb/?p=psensor.git;a=commitdiff;h=8b10426dcc0246c1712a99460dd470dcb1cc4d9c
-CVE-2014-10072 (In utils.c in zsh before 5.0.6, there is a buffer overflow when ...)
+CVE-2014-10072
 	{DLA-1304-1}
 	- zsh 5.0.6-1
 	NOTE: https://sourceforge.net/p/zsh/code/ci/3e06aeabd8a9e8384ebaa8b08996cd1f64737210
-CVE-2014-10071 (In exec.c in zsh before 5.0.7, there is a buffer overflow for very long ...)
+CVE-2014-10071
 	{DLA-1304-1}
 	- zsh 5.0.7-3
 	NOTE: https://sourceforge.net/p/zsh/code/ci/49a3086bb67575435251c70ee598e2fd406ef055
 	NOTE: Debian needed to add cherry-pick-9982ab6f-missing-changelog-entry
-CVE-2014-10070 (zsh before 5.0.7 allows evaluation of the initial values of integer ...)
+CVE-2014-10070
 	{DLA-1304-1}
 	- zsh 5.0.7-3
 	NOTE: https://sourceforge.net/p/zsh/code/ci/546203a770cec329e73781c3c8ab1078390aee72
-CVE-2014-10069 (Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared ...)
+CVE-2014-10069
 	NOT-FOR-US: Hitron CVE-30360 devices
-CVE-2014-10068 (The inert directory handler in inert node module before 1.1.1 always ...)
+CVE-2014-10068
 	NOT-FOR-US: inert
-CVE-2014-10067 (paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by ...)
+CVE-2014-10067
 	NOT-FOR-US: paypal-ipn
-CVE-2014-10066 (Versions less than 0.1.4 of the static file server module fancy-server ...)
+CVE-2014-10066
 	NOT-FOR-US: fancy-server
-CVE-2014-10065 (Certain input when passed into remarkable before 1.4.1 will bypass the ...)
+CVE-2014-10065
 	NOT-FOR-US: remarkable
-CVE-2014-10064 (The qs module before 1.0.0 does not have an option or default for ...)
+CVE-2014-10064
 	- node-qs 2.2.4-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/28
 	NOTE: nodejs not security by security support
-CVE-2014-9998 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9998
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9997 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9997
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9996 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9996
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9995 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9995
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9994 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9994
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9993 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9993
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9992
 	RESERVED
-CVE-2014-9991 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9991
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9990 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9990
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9989 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9989
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9988 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9988
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9987 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9987
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9986 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9986
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9985 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-9985
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10063 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10063
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10062 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10062
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-10061
 	RESERVED
 CVE-2014-10060
 	RESERVED
-CVE-2014-10059 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10059
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10058 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10058
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10057 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10057
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10056 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10056
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10055 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10055
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10054 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10054
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10053 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10053
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10052 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10052
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10051 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10051
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10050 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10050
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-10049
 	RESERVED
-CVE-2014-10048 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10048
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10047 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10047
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10046 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10046
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10045 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10045
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10044 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10044
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10043 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10043
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10039 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2014-10039
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does ...)
+CVE-2014-9984
 	- glibc 2.19-14
 	- eglibc <removed>
 	[wheezy] - eglibc <not-affected> (Vulnerable code not present)
@@ -128,139 +128,139 @@ CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version 2.2
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=c44496df2f090a56d3bf75df930592dac6bba46f
 CVE-2014-9982
 	RESERVED
-CVE-2014-9981 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9981
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9980 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9980
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9979 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9979
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9978 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9978
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9977 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9977
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9976 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9976
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9975 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9975
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9974 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9974
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9973 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9973
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9972 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9972
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9971 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9971
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9970 (jasypt before 1.9.2 allows a timing attack against the password hash ...)
+CVE-2014-9970
 	- jasypt 1.9.2-1
 	[jessie] - jasypt <no-dsa> (Minor issue)
 	[wheezy] - jasypt <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/jasypt/code/668/
-CVE-2014-9969 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9969
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9968 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9968
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9967 (In all Android releases from CAF using the Linux kernel, an untrusted ...)
+CVE-2014-9967
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9966 (In all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9966
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9965 (In all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9965
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9964 (In all Android releases from CAF using the Linux kernel, an integer ...)
+CVE-2014-9964
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9963 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2014-9963
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9962 (In all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9962
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9961 (In all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9961
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9960 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2014-9960
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9959 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2014-9959
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9958 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2014-9958
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9957 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2014-9957
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9956 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2014-9956
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9955 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2014-9955
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9954 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2014-9954
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9953 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2014-9953
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9952 (In the Secure File System in all Android releases from CAF using the ...)
+CVE-2014-9952
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9951 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2014-9951
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9950 (In Core Kernel in all Android releases from CAF using the Linux ...)
+CVE-2014-9950
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9949 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2014-9949
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9948 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2014-9948
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9947 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2014-9947
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9946 (In Core Kernel in all Android releases from CAF using the Linux ...)
+CVE-2014-9946
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9945 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2014-9945
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9944 (In the Secure File System in all Android releases from CAF using the ...)
+CVE-2014-9944
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9943 (In Core Kernel in all Android releases from CAF using the Linux ...)
+CVE-2014-9943
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9942 (In Boot in all Android releases from CAF using the Linux kernel, a Use ...)
+CVE-2014-9942
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9941 (In the Embedded File System in all Android releases from CAF using the ...)
+CVE-2014-9941
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9940 (The regulator_ena_gpio_free function in drivers/regulator/core.c in ...)
+CVE-2014-9940
 	{DSA-3945-1}
 	- linux 4.0.2-1 (low)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2014-9938 (contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize ...)
+CVE-2014-9938
 	- git 1:2.0.0~rc2-1
 	[wheezy] - git <not-affected> (Vulnerable code introduced in 1.8.1-rc0)
 	NOTE: https://github.com/git/git/commit/8976500cbbb13270398d3b3e07a17b8cc7bff43f
 	NOTE: https://github.com/njhartwell/pw3nage
 	NOTE: Vulnerability likely introduced by the "pc_mode" in https://github.com/git/git/commit/1bfc51ac814125de03ddf1900245e42d6ce0d250
-CVE-2014-9937 (In TrustZone a buffer overflow vulnerability can potentially occur in ...)
+CVE-2014-9937
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9936 (In TrustZone a time-of-check time-of-use race condition could ...)
+CVE-2014-9936
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9935 (In TrustZone an integer overflow vulnerability leading to a buffer ...)
+CVE-2014-9935
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9934 (A PKCS#1 v1.5 signature verification routine in all Android releases ...)
+CVE-2014-9934
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9933 (Due to missing input validation in all Android releases from CAF using ...)
+CVE-2014-9933
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9932 (In TrustZone, an integer overflow vulnerability can potentially occur ...)
+CVE-2014-9932
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9931 (A buffer overflow vulnerability in all Android releases from CAF using ...)
+CVE-2014-9931
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9930 (In WCDMA in all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9930
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9929 (In WCDMA in all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9929
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9928 (In GERAN in all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9928
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9927 (In UIM in all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9927
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9926 (In GNSS in all Android releases from CAF using the Linux kernel, a Use ...)
+CVE-2014-9926
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9925 (In HDR in all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9925
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9924 (In 1x in all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9924
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9923 (In NAS in all Android releases from CAF using the Linux kernel, a ...)
+CVE-2014-9923
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9922 (The eCryptfs subsystem in the Linux kernel before 3.18 allows local ...)
+CVE-2014-9922
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux 3.2.82-1
 	NOTE: Fixed by: https://git.kernel.org/linus/69c433ed2ecd2d3264efd7afec4439524b319121 (v3.18-rc2)
-CVE-2014-9921 (Information disclosure vulnerability in McAfee (now Intel Security) ...)
+CVE-2014-9921
 	NOT-FOR-US: Intel antivirus
-CVE-2014-9920 (Unauthorized execution of binary vulnerability in McAfee (now Intel ...)
+CVE-2014-9920
 	NOT-FOR-US: Intel antivirus
 CVE-2014-9919
 	RESERVED
@@ -268,12 +268,12 @@ CVE-2014-9918
 	RESERVED
 CVE-2014-9917
 	RESERVED
-CVE-2014-9916 (Multiple cross-site scripting (XSS) vulnerabilities in Bilboplanet 2.0 ...)
+CVE-2014-9916
 	NOT-FOR-US: Bilboplanet
-CVE-2014-9914 (Race condition in the ip4_datagram_release_cb function in ...)
+CVE-2014-9914
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
-CVE-2014-9913 (Buffer overflow in the list_files function in list.c in Info-Zip UnZip ...)
+CVE-2014-9913
 	{DLA-741-1}
 	- unzip 6.0-21 (bug #847485)
 	[jessie] - unzip 6.0-16+deb8u3
@@ -282,40 +282,40 @@ CVE-2014-9913 (Buffer overflow in the list_files function in list.c in Info-Zip
 	NOTE: can be used to verify a fix (which trigger the issue in unzip -l but crash
 	NOTE: in different areas of the unzip codebase)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/11/03/5
-CVE-2014-9912 (The get_icu_disp_value_src_php function in ...)
+CVE-2014-9912
 	- php5 5.6.0+dfsg-1
 	[wheezy] - php5 5.4.34-0+deb7u1
 	NOTE: Fixed in 5.6.0, 5.5.14, 5.4.30, 5.3.29
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=67397
 	NOTE: Upstream patch: https://bugs.php.net/patch-display.php?bug_id=67397&patch=bug67397-patch&revision=latest
 	NOTE: PHP workaround for CVE-2014-9911 in icu
-CVE-2014-9911 (Stack-based buffer overflow in the ures_getByKeyWithFallback function ...)
+CVE-2014-9911
 	{DSA-3725-1 DLA-744-1}
 	- icu 55.1-3
 	NOTE: http://bugs.icu-project.org/trac/ticket/10891
 	NOTE: Fixed by: http://bugs.icu-project.org/trac/changeset/35699
 	NOTE: The patch addressing CVE-2014-9911 is applied in 54.1 , but the
 	NOTE: first fixed package version uploaded to unstable is 55.1-3 .
-CVE-2014-9910 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2014-9910
 	NOT-FOR-US: Android Broadcom driver
-CVE-2014-9909 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2014-9909
 	NOT-FOR-US: Android Broadcom driver
 CVE-2014-9908
 	RESERVED
-CVE-2014-9907 (coders/dds.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2014-9907
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832942)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2014-9906 (Use-after-free vulnerability in DBD::mysql before 4.029 allows ...)
+CVE-2014-9906
 	{DSA-3635-1 DLA-576-1}
 	- libdbd-mysql-perl 4.033-1
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=97625
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/pull/27
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc
-CVE-2014-9905 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ...)
+CVE-2014-9905
 	- sogo 2.2.5-1
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9 (SOGo-2.2.0)
@@ -323,101 +323,101 @@ CVE-2014-9905 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ..
 	NOTE: https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501 (SOGo-2.2.0)
 	NOTE: https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625 (SOGo-2.2.0)
 	NOTE: https://sogo.nu/bugs/view.php?id=2598
-CVE-2014-9904 (The snd_compress_check_input function in sound/core/compress_offload.c ...)
+CVE-2014-9904
 	{DSA-3616-1}
 	- linux 4.0.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: 4.0.2-1 the first version in unstable after 3.17-rc1
 	NOTE: Fixed by: https://git.kernel.org/linus/6217e5ede23285ddfee10d2e4ba0cc2d4c046205 (3.17-rc1)
 	NOTE: Introduced by: https://git.kernel.org/linus/b35cc8225845112a616e3a2266d2fde5ab13d3ab (3.7-rc1)
-CVE-2014-9903 (The sched_read_attr function in kernel/sched/core.c in the Linux ...)
+CVE-2014-9903
 	- linux <not-affected>
 	NOTE: vulnerable code between 3.14-rc1 and 3.14-rc4
-CVE-2014-9902 (Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the ...)
+CVE-2014-9902
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9901 (The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 ...)
+CVE-2014-9901
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9900 (The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel ...)
+CVE-2014-9900
 	- linux <unfixed> (unimportant)
-CVE-2014-9899 (drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android ...)
+CVE-2014-9899
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9898 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components ...)
+CVE-2014-9898
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9897 (sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in ...)
+CVE-2014-9897
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9896 (drivers/char/adsprpc.c in the Qualcomm components in Android before ...)
+CVE-2014-9896
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9895 (drivers/media/media-device.c in the Linux kernel before 3.11, as used ...)
+CVE-2014-9895
 	{DLA-833-1}
 	- linux 3.11.5-1
-CVE-2014-9894 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
+CVE-2014-9894
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9893 (drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in ...)
+CVE-2014-9893
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9892 (The snd_compr_tstamp function in sound/core/compress_offload.c in the ...)
+CVE-2014-9892
 	- linux <unfixed> (unimportant)
 	NOTE: Not considered a security issue/invalid issue by the Debian kernel team
-CVE-2014-9891 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
+CVE-2014-9891
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9890 (Off-by-one error in ...)
+CVE-2014-9890
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9889 (drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the ...)
+CVE-2014-9889
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9888 (arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM ...)
+CVE-2014-9888
 	{DLA-833-1}
 	- linux 3.13.4-1
-CVE-2014-9887 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
+CVE-2014-9887
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9886 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components ...)
+CVE-2014-9886
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9885 (Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the ...)
+CVE-2014-9885
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9884 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
+CVE-2014-9884
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9883 (Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm ...)
+CVE-2014-9883
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9882 (Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm ...)
+CVE-2014-9882
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9881 (drivers/media/radio/radio-iris.c in the Qualcomm components in Android ...)
+CVE-2014-9881
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9880 (drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in ...)
+CVE-2014-9880
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9879 (The mdss mdp3 driver in the Qualcomm components in Android before ...)
+CVE-2014-9879
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9878 (drivers/mmc/card/mmc_block_test.c in the Qualcomm components in ...)
+CVE-2014-9878
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9877 (drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in ...)
+CVE-2014-9877
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9876 (drivers/char/diag/diagfwd.c in the Qualcomm components in Android ...)
+CVE-2014-9876
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9875 (drivers/char/diag/diag_dci.c in the Qualcomm components in Android ...)
+CVE-2014-9875
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9874 (Buffer overflow in the Qualcomm components in Android before ...)
+CVE-2014-9874
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9873 (Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm ...)
+CVE-2014-9873
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9872 (The diag driver in the Qualcomm components in Android before ...)
+CVE-2014-9872
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9871 (Multiple buffer overflows in ...)
+CVE-2014-9871
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9870 (The Linux kernel before 3.11 on ARM platforms, as used in Android ...)
+CVE-2014-9870
 	- linux 3.11.5-1
 	[wheezy] - linux <no-dsa> (Minor issue, hardly a security impact, cf. kernel-sec)
-CVE-2014-9869 (drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the ...)
+CVE-2014-9869
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9868 (drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the ...)
+CVE-2014-9868
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9867 (drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the ...)
+CVE-2014-9867
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9866 (drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the ...)
+CVE-2014-9866
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9865 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
+CVE-2014-9865
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9864 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
+CVE-2014-9864
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9863 (Integer underflow in the diag driver in the Qualcomm components in ...)
+CVE-2014-9863
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9862 (Integer signedness error in bspatch.c in bspatch in bsdiff, as used in ...)
+CVE-2014-9862
 	{DLA-697-1}
 	- bsdiff 4.3-17
 	[jessie] - bsdiff <no-dsa> (Minor issue; can be fixed via point release)
@@ -436,217 +436,217 @@ CVE-2014-9856
 	RESERVED
 CVE-2014-9855
 	RESERVED
-CVE-2014-9803 (arch/arm64/include/asm/pgtable.h in the Linux kernel before ...)
+CVE-2014-9803
 	- linux <not-affected> (Vulnerable code never present, introduced and fixed in 3.16 development cycle)
 	NOTE: Introduced by: https://git.kernel.org/linus/bc07c2c6e9ed125d362af0214b6313dca180cb08 (v3.16-rc1)
 	NOTE: Fixed by (revert of commit): https://git.kernel.org/linus/5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830 (v3.16-rc1)
-CVE-2014-9804 (vision.c in ImageMagick allows remote attackers to cause a denial of ...)
+CVE-2014-9804
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code introduced later)
-CVE-2014-9805 (ImageMagick allows remote attackers to cause a denial of service ...)
+CVE-2014-9805
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9806 (ImageMagick allows remote attackers to cause a denial of service (file ...)
+CVE-2014-9806
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9807 (The pdb coder in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2014-9807
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9808 (ImageMagick allows remote attackers to cause a denial of service ...)
+CVE-2014-9808
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9809 (ImageMagick allows remote attackers to cause a denial of service ...)
+CVE-2014-9809
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9810 (The dpx file handler in ImageMagick allows remote attackers to cause a ...)
+CVE-2014-9810
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9811 (The xwd file handler in ImageMagick allows remote attackers to cause a ...)
+CVE-2014-9811
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9812 (ImageMagick allows remote attackers to cause a denial of service (NULL ...)
+CVE-2014-9812
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9813 (ImageMagick allows remote attackers to cause a denial of service ...)
+CVE-2014-9813
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9814 (ImageMagick allows remote attackers to cause a denial of service (NULL ...)
+CVE-2014-9814
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9815 (ImageMagick allows remote attackers to cause a denial of service ...)
+CVE-2014-9815
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9816 (ImageMagick allows remote attackers to cause a denial of service ...)
+CVE-2014-9816
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9817 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9817
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9818 (ImageMagick allows remote attackers to cause a denial of service ...)
+CVE-2014-9818
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9819 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9819
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9820 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9820
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
-CVE-2014-9821 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9821
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9822 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9822
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9823 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9823
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9824 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9824
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9825 (Heap-based buffer overflow in ImageMagick allows remote attackers to ...)
+CVE-2014-9825
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
-CVE-2014-9826 (ImageMagick allows remote attackers to have unspecified impact via ...)
+CVE-2014-9826
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <no-dsa> (No apparent security impact)
-CVE-2014-9827 (coders/xpm.c in ImageMagick allows remote attackers to have ...)
+CVE-2014-9827
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
-CVE-2014-9828 (coders/psd.c in ImageMagick allows remote attackers to have ...)
+CVE-2014-9828
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9829 (coders/sun.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2014-9829
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9830 (coders/sun.c in ImageMagick allows remote attackers to have ...)
+CVE-2014-9830
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9831 (coders/wpg.c in ImageMagick allows remote attackers to have ...)
+CVE-2014-9831
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9832 (Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. ...)
+CVE-2014-9832
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9833 (Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. ...)
+CVE-2014-9833
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9834 (Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. ...)
+CVE-2014-9834
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9835 (Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. ...)
+CVE-2014-9835
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9836 (ImageMagick 6.8.9-9 allows remote attackers to cause a denial of ...)
+CVE-2014-9836
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9837 (coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote ...)
+CVE-2014-9837
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9838 (magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause ...)
+CVE-2014-9838
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9839 (magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote ...)
+CVE-2014-9839
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9840 (ImageMagick 6.8.9-9 allows remote attackers to cause a denial of ...)
+CVE-2014-9840
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9841 (The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 ...)
+CVE-2014-9841
 	{DLA-960-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9842 (Memory leak in the ReadPSDLayers function in coders/psd.c in ...)
+CVE-2014-9842
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Leak in a code path that does not exist in this version)
-CVE-2014-9843 (The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 ...)
+CVE-2014-9843
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9844 (The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 ...)
+CVE-2014-9844
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9845 (The ReadDIBImage function in coders/dib.c in ImageMagick allows remote ...)
+CVE-2014-9845
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9846 (Buffer overflow in the ReadRLEImage function in coders/rle.c in ...)
+CVE-2014-9846
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9847 (The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have ...)
+CVE-2014-9847
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9848 (Memory leak in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2014-9848
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9849 (The png coder in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2014-9849
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9850 (Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a ...)
+CVE-2014-9850
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Affected section of code not present in wheezy; examine diff introduced by commit 2257d1eadd02d89d225fce21013a1219d221dc7d with context of 20)
 	NOTE: patch supposed to be https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/patch/?id=2257d1eadd02d89d225fce21013a1219d221dc7d
-CVE-2014-9851 (ImageMagick 6.8.9.9 allows remote attackers to cause a denial of ...)
+CVE-2014-9851
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/patch/?id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471
-CVE-2014-9852 (distribute-cache.c in ImageMagick re-uses objects after they have been ...)
+CVE-2014-9852
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (distribute-cache.c does not exist in 6.7.7.10)
-CVE-2014-9853 (Memory leak in coders/rle.c in ImageMagick allows remote attackers to ...)
+CVE-2014-9853
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9854 (coders/tiff.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2014-9854
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9802 (Multiple integer overflows in lib/libfdt/fdt.c in the Qualcomm ...)
+CVE-2014-9802
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9801 (Multiple integer overflows in lib/libfdt/fdt_rw.c in the Qualcomm ...)
+CVE-2014-9801
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9800 (Integer overflow in lib/heap/heap.c in the Qualcomm components in ...)
+CVE-2014-9800
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9799 (The makefile in the Qualcomm components in Android before 2016-07-05 ...)
+CVE-2014-9799
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9798 (platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android ...)
+CVE-2014-9798
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9797
 	REJECTED
-CVE-2014-9796 (app/aboot/aboot.c in the Qualcomm components in Android before ...)
+CVE-2014-9796
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9795 (app/aboot/aboot.c in the Qualcomm components in Android before ...)
+CVE-2014-9795
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9794
 	REJECTED
-CVE-2014-9793 (platform/msm_shared/mmc.c in the Qualcomm components in Android before ...)
+CVE-2014-9793
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9792 (arch/arm/mach-msm/ipc_router.c in the Qualcomm components in Android ...)
+CVE-2014-9792
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9791
 	REJECTED
-CVE-2014-9790 (drivers/mmc/core/debugfs.c in the Qualcomm components in Android ...)
+CVE-2014-9790
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9789 (The (1) alloc and (2) free APIs in ...)
+CVE-2014-9789
 	- linux <not-affected> (Android-specific)
-CVE-2014-9788 (Multiple buffer overflows in the voice drivers in the Qualcomm ...)
+CVE-2014-9788
 	- linux <not-affected> (Android-specific)
-CVE-2014-9787 (Integer overflow in drivers/misc/qseecom.c in the Qualcomm components ...)
+CVE-2014-9787
 	- linux <not-affected> (Android-specific)
-CVE-2014-9786 (Heap-based buffer overflow in ...)
+CVE-2014-9786
 	- linux <not-affected> (Android-specific)
-CVE-2014-9785 (drivers/misc/qseecom.c in the Qualcomm components in Android before ...)
+CVE-2014-9785
 	- linux <not-affected> (Android-specific)
-CVE-2014-9784 (Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the ...)
+CVE-2014-9784
 	- linux <not-affected> (Android-specific)
-CVE-2014-9783 (drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the ...)
+CVE-2014-9783
 	- linux <not-affected> (Android-specific)
-CVE-2014-9782 (drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in ...)
+CVE-2014-9782
 	- linux <not-affected> (Android-specific)
-CVE-2014-9781 (Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components ...)
+CVE-2014-9781
 	- linux <not-affected> (Android-specific)
-CVE-2014-9780 (drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in ...)
+CVE-2014-9780
 	- linux <not-affected> (Android-specific)
-CVE-2014-9779 (arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components ...)
+CVE-2014-9779
 	- linux <not-affected> (Android-specific)
-CVE-2014-9778 (The vid_dec_set_h264_mv_buffers function in ...)
+CVE-2014-9778
 	- linux <not-affected> (Android-specific)
-CVE-2014-9777 (The vid_dec_set_meta_buffers function in ...)
+CVE-2014-9777
 	- linux <not-affected> (Android-specific)
 CVE-2014-9776
 	RESERVED
@@ -654,37 +654,37 @@ CVE-2014-9775
 	RESERVED
 CVE-2014-9774
 	RESERVED
-CVE-2014-9773 (modules/chanserv/flags.c in Atheme before 7.2.7 allows remote ...)
+CVE-2014-9773
 	- atheme-services 7.0.7-2
 	[jessie] - atheme-services <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/atheme/atheme/issues/397
 	NOTE: Fixed by: https://github.com/atheme/atheme/commit/c597156adc60a45b5f827793cd420945f47bc03b
 	NOTE: Introduced in: https://github.com/atheme/atheme/commit/5c734f28068cf47b9b450af4dcf37195734b15be
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
-CVE-2014-9772 (The validator package before 2.0.0 for Node.js allows remote attackers ...)
+CVE-2014-9772
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2014-9771 (Integer overflow in imlib2 before 1.4.7 allows remote attackers to ...)
+CVE-2014-9771
 	{DSA-3555-1}
 	- imlib2 1.4.7-1 (bug #820206)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1324774
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/3
-CVE-2014-9770 (tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions ...)
+CVE-2014-9770
 	- systemd 215-1
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972612
 	NOTE: Introduced by: https://github.com/systemd/systemd/commit/a606871da508995f5ede113a8fc6538afd98966c (v213)
 	NOTE: Fixed by (for volatile journals): https://github.com/systemd/systemd/commit/176f2acf8dee45fee832fd2ab07243f63783a238 (v214)
-CVE-2014-9769 (pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to ...)
+CVE-2014-9769
 	- pcre3 2:8.38-1 (bug #819050)
 	[jessie] - pcre3 2:8.35-3.3+deb8u4
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1475 (8.36)
 	NOTE: Introduced in: http://vcs.pcre.org/pcre?view=revision&revision=1434 (8.35)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/26/1
-CVE-2014-9768 (** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows remote ...)
+CVE-2014-9768
 	NOT-FOR-US: Tivoli
-CVE-2014-9767 (Directory traversal vulnerability in the ZipArchive::extractTo ...)
+CVE-2014-9767
 	- hhvm 3.12.1+dfsg-1
 	- php5 5.6.13+dfsg-1
 	[jessie] - php5 5.6.13+dfsg-0+deb8u1
@@ -692,29 +692,29 @@ CVE-2014-9767 (Directory traversal vulnerability in the ZipArchive::extractTo ..
 	NOTE: https://bugs.php.net/bug.php?id=70350
 	NOTE: https://bugs.php.net/bug.php?id=67996
 	NOTE: https://github.com/facebook/hhvm/commit/65c95a01541dd2fbc9c978ac53bed235b5376686
-CVE-2014-9766 (Integer overflow in the create_bits function in pixman-bits-image.c in ...)
+CVE-2014-9766
 	{DSA-3525-1 DLA-429-1}
 	- pixman 0.32.6-1
 	NOTE: https://lists.freedesktop.org/archives/pixman/2014-April/003244.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=972647
-CVE-2014-9765 (Buffer overflow in the main_get_appheader function in xdelta3-main.h ...)
+CVE-2014-9765
 	{DSA-3484-1 DLA-417-1}
 	- xdelta3 3.0.8-dfsg-1.1 (bug #814067)
 	NOTE: https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/08/1
-CVE-2014-9764 (imlib2 before 1.4.7 allows remote attackers to cause a denial of ...)
+CVE-2014-9764
 	{DSA-3537-1 DLA-401-1}
 	- imlib2 1.4.7-1
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=1f9b0b32728803a1578e658cd0955df773e34f49
-CVE-2014-9763 (imlib2 before 1.4.7 allows remote attackers to cause a denial of ...)
+CVE-2014-9763
 	{DSA-3537-1 DLA-401-1}
 	- imlib2 1.4.7-1
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=c21beaf1780cf3ca291735ae7d58a3dde63277a2
-CVE-2014-9762 (imlib2 before 1.4.7 allows remote attackers to cause a denial of ...)
+CVE-2014-9762
 	{DSA-3537-1 DLA-401-1}
 	- imlib2 1.4.7-1
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56
-CVE-2014-9761 (Multiple stack-based buffer overflows in the GNU C Library (aka glibc ...)
+CVE-2014-9761
 	{DLA-411-1}
 	- glibc 2.23-1 (bug #813187)
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -724,44 +724,44 @@ CVE-2014-9761 (Multiple stack-based buffer overflows in the GNU C Library (aka g
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e02cabecf0d025ec4f4ddee290bdf7aadb873bb3
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8f5e8b01a1da2a207228f2072c934fa5918554b8
 	NOTE: Fixed for 2.23 upstream
-CVE-2014-9760 (Cross-site scripting (XSS) vulnerability in the displayLogin function ...)
+CVE-2014-9760
 	- gosa 2.7.4+reloaded1-5
 	[wheezy] - gosa 2.7.4-4.3~deb7u2
 	[squeeze] - gosa 2.6.11-3+squeeze4
 	NOTE: Fixed in 2.7.4+reloaded1-3 with follow-up fix in 2.7.4+reloaded1-5
 	NOTE: https://github.com/gosa-project/gosa-core/commit/e35b990464a2c2cf64d6833a217ed944876e7732
-CVE-2014-9759 (Incomplete blacklist vulnerability in the config_is_private function ...)
+CVE-2014-9759
 	- mantis <not-affected> (Affects >= 1.3.0-beta.1)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/7927c275
 	NOTE: https://sourceforge.net/p/mantisbt/mailman/message/32948048/
 	NOTE: https://mantisbt.org/bugs/view.php?id=20277
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/02/1
-CVE-2014-9758 (Cross-site scripting (XSS) vulnerability in Magento E-Commerce ...)
+CVE-2014-9758
 	NOT-FOR-US: Magento
-CVE-2014-9757 (The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before ...)
+CVE-2014-9757
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2014-9755 (The hardware VPN client in Viprinet MultichannelVPN Router 300 version ...)
+CVE-2014-9755
 	NOT-FOR-US: Viprinet
-CVE-2014-9754 (The hardware VPN client in Viprinet MultichannelVPN Router 300 version ...)
+CVE-2014-9754
 	NOT-FOR-US: Viprinet
-CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attackers to ...)
+CVE-2014-9756
 	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804447)
 	[jessie] - libsndfile 1.0.25-9.1+deb8u1
 	NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6
 CVE-2014-9753
 	RESERVED
-CVE-2014-9752 (Unrestricted file upload vulnerability in ...)
+CVE-2014-9752
 	NOT-FOR-US: ATutor
-CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...)
+CVE-2014-9751
 	{DSA-3154-1 DLA-149-1}
 	- ntp 1:4.2.6.p5+dfsg-4
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2672 (not yet public)
-CVE-2014-9750 (ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey ...)
+CVE-2014-9750
 	{DSA-3154-2 DSA-3154-1 DLA-149-1}
 	- ntp 1:4.2.6.p5+dfsg-5
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2671
-CVE-2014-9749 (Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest ...)
+CVE-2014-9749
 	- squid <not-affected> (related code not present in 2.7.X)
 	- squid3 3.4.8-6 (bug #776464)
 	[wheezy] - squid3 <no-dsa> (Minor issue)
@@ -774,7 +774,7 @@ CVE-2014-9748
 	- libuv 1.7.4-1 (unimportant)
 	- nodejs 4.0.0~dfsg-1 (unimportant)
 	NOTE: Only affects Windows
-CVE-2014-9745 (The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 ...)
+CVE-2014-9745
 	{DSA-3370-1 DLA-319-1}
 	- freetype 2.6-1 (bug #798620)
 	NOTE: https://launchpad.net/bugs/1492124
@@ -782,7 +782,7 @@ CVE-2014-9745 (The parse_encoding function in type1/t1load.c in FreeType before
 	NOTE: https://savannah.nongnu.org/bugs/?41590
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75 (VER-2-5-3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
-CVE-2014-9746 (The (1) t1_parse_font_matrix function in type1/t1load.c, (2) ...)
+CVE-2014-9746
 	{DSA-3370-1 DLA-319-1}
 	- freetype 2.6-1 (bug #798619)
 	NOTE: https://launchpad.net/bugs/1449225
@@ -790,7 +790,7 @@ CVE-2014-9746 (The (1) t1_parse_font_matrix function in type1/t1load.c, (2) ...)
 	NOTE: https://savannah.nongnu.org/bugs/?41309
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 (VER-2-5-3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
-CVE-2014-9747 (The t42_parse_encoding function in type42/t42parse.c in FreeType ...)
+CVE-2014-9747
 	{DSA-3370-1 DLA-319-1}
 	- freetype 2.6-1 (bug #798619)
 	NOTE: https://launchpad.net/bugs/1449225
@@ -798,20 +798,20 @@ CVE-2014-9747 (The t42_parse_encoding function in type42/t42parse.c in FreeType
 	NOTE: https://savannah.nongnu.org/bugs/?41309
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 (VER-2-5-3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
-CVE-2014-9744 (Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause ...)
+CVE-2014-9744
 	- polarssl 1.3.9-1
 	[wheezy] - polarssl <not-affected> (Affects only 1.3.x series)
 	[squeeze] - polarssl <not-affected> (Affects only 1.3.x series)
-CVE-2014-9743 (Cross-site scripting (XSS) vulnerability in the httpd_HtmlError ...)
+CVE-2014-9743
 	- vlc 2.2.0~rc2-1
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - vlc <end-of-life> (Unsupported in wheezy-lts)
-CVE-2014-9742 (The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x ...)
+CVE-2014-9742
 	{DLA-449-1}
 	- botan1.10 1.10.8-1
 	NOTE: Introduced in 1.8.3, fixed in 1.10.8 and 1.11.9
 	NOTE: http://botan.randombit.net/security.html
-CVE-2014-9939 (ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow ...)
+CVE-2014-9939
 	{DLA-552-1 DLA-324-1}
 	- binutils 2.25.90.20151125-1
 	[jessie] - binutils <ignored> (Minor issue)
@@ -819,55 +819,55 @@ CVE-2014-9939 (ihex.c in GNU Binutils before 2.26 contains a stack buffer overfl
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/31/6
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18750
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=7e27a9d5f22f9f7ead11738b1546d0b5c737266b
-CVE-2014-8878 (KDE KMail does not encrypt attachments in emails when &quot;automatic ...)
+CVE-2014-8878
 	- kdepim 4:4.14.5-1 (bug #791800)
 	[jessie] - kdepim <no-dsa> (Minor issue)
 	[wheezy] - kdepim <no-dsa> (Minor issue)
 	[squeeze] - kdepim <not-affected> (Bogus condition not present)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=340312
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/15/5
-CVE-2014-9741 (Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for ...)
+CVE-2014-9741
 	NOT-FOR-US: ArcGIS
-CVE-2014-9740 (Cross-site scripting (XSS) vulnerability in the Rules Link module ...)
+CVE-2014-9740
 	NOT-FOR-US: Rules Link module for Drupal
-CVE-2014-9739 (Cross-site scripting (XSS) vulnerability in the Node Field module ...)
+CVE-2014-9739
 	NOT-FOR-US: Node Field module for Drupal
-CVE-2014-9738 (Multiple cross-site scripting (XSS) vulnerabilities in the Tournament ...)
+CVE-2014-9738
 	NOT-FOR-US: Tournament module for Drupal
-CVE-2014-9737 (Open redirect vulnerability in the Language Switcher Dropdown module ...)
+CVE-2014-9737
 	NOT-FOR-US: Language Switcher Dropdown module for Drupal
-CVE-2014-9736 (GE Healthcare Centricity Clinical Archive Audit Trail Repository has a ...)
+CVE-2014-9736
 	NOT-FOR-US: GE Healthcare Centricity Clinical Archive Audit Trail Repository
-CVE-2014-9735 (The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for ...)
+CVE-2014-9735
 	NOT-FOR-US: WordPress plugins ThemePunch Slider Revolution (revslider) and Showbiz Pro
-CVE-2014-9734 (Directory traversal vulnerability in the Slider Revolution (revslider) ...)
+CVE-2014-9734
 	NOT-FOR-US: Slider Revolution (revslider) plugin for WordPress
-CVE-2014-9733 (nw.js before 0.11.5 can simulate user input events in a normal frame, ...)
+CVE-2014-9733
 	NOT-FOR-US: nw.js
-CVE-2014-9727 (AVM Fritz!Box allows remote attackers to execute arbitrary commands ...)
+CVE-2014-9727
 	NOT-FOR-US: AVM Fritz!Box
-CVE-2014-9731 (The UDF filesystem implementation in the Linux kernel before 3.18.2 ...)
+CVE-2014-9731
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14 (v3.19-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/03/4
-CVE-2014-9730 (The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel ...)
+CVE-2014-9730
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9 (v3.19-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/7
-CVE-2014-9729 (The udf_read_inode function in fs/udf/inode.c in the Linux kernel ...)
+CVE-2014-9729
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58 (v3.19-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/7
-CVE-2014-9728 (The UDF filesystem implementation in the Linux kernel before 3.18.2 ...)
+CVE-2014-9728
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
@@ -895,13 +895,13 @@ CVE-2014-9720
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1222816
 CVE-2014-9719
 	RESERVED
-CVE-2014-9721 (libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to ...)
+CVE-2014-9721
 	{DSA-3255-1}
 	- zeromq3 4.0.5+dfsg-3 (bug #784366)
 	NOTE: https://github.com/zeromq/libzmq/issues/1273
 	NOTE: https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/8
-CVE-2014-9717 (fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH ...)
+CVE-2014-9717
 	- linux 4.0.2-1 (low)
 	[jessie] - linux <ignored> (Too intrusive to backport)
 	[wheezy] - linux <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
@@ -910,11 +910,11 @@ CVE-2014-9717 (fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DET
 	NOTE: Proposed fixes: http://www.spinics.net/lists/linux-containers/msg30786.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/17/4
 	NOTE: CVE assignement for issue in http://marc.info/?l=linux-kernel&m=141271552117745&w=2
-CVE-2014-9716 (Cross-site scripting (XSS) vulnerability in WebODF before 0.5.4 allows ...)
+CVE-2014-9716
 	- owncloud <not-affected> (embedded partial copy doesn't contain the related code)
 	- owncloud-documents <not-affected> (embedded partial copy doesn't contain the related code)
 	- webodf <itp> (bug #727529)
-CVE-2014-9715 (include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem ...)
+CVE-2014-9715
 	{DSA-3237-1}
 	- linux 3.14.5-1 (bug #741667)
 	- linux-2.6 <not-affected> (Introduced in 3.6)
@@ -923,28 +923,28 @@ CVE-2014-9715 (include/net/netfilter/nf_conntrack_extend.h in the netfilter subs
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5b423f6a40a0327f9d40bc8b97ce9be266f74368 (v3.6-rc5)
 	NOTE: Introduced in 3.2.x in https://git.kernel.org/cgit/linux/kernel/git/bwh/linux-3.2.y.git/commit/?id=cc1b75d796ad050c83c95733c4220aaa04fa1304 (v3.2.33)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/08/1
-CVE-2014-9714 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2014-9714
 	- hhvm 3.11.0+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/324701c9fd31beb4f070f1b7ef78b115fbdfec34
-CVE-2014-9712 (Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 ...)
+CVE-2014-9712
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2014-9713 (The default slapd configuration in the Debian openldap package ...)
+CVE-2014-9713
 	{DSA-3209-1 DLA-203-1}
 	- openldap 2.4.40-2 (bug #761406)
-CVE-2014-9711 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-9711
 	NOT-FOR-US: Websense
-CVE-2014-9708 (Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote ...)
+CVE-2014-9708
 	NOT-FOR-US: Appweb Web Server
-CVE-2014-9707 (EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path ...)
+CVE-2014-9707
 	NOT-FOR-US: GoAhead Web Server
-CVE-2014-9710 (The Btrfs implementation in the Linux kernel before 3.19 does not ...)
+CVE-2014-9710
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <no-dsa> (btrfs in 3.2 is just a tech preview and not usable for production)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (btrfs in 2.6.32 is just a tech preview and not usable for production)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339 (v3.19-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/24/11
-CVE-2014-9718 (The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in ...)
+CVE-2014-9718
 	{DSA-3259-1}
 	- qemu 1:2.3+dfsg-1 (unimportant; bug #781250)
 	[wheezy] - qemu <postponed> (Can be fixed along in later update)
@@ -957,7 +957,7 @@ CVE-2014-9718 (The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionalit
 	NOTE: mitigated using some kind of resource limits in security-sensitive environments,
 	NOTE: and looping can trivially be done inside the virtual machine just fine, achieving
 	NOTE: the same effect
-CVE-2014-9706 (The build_index_from_tree function in index.py in Dulwich before 0.9.9 ...)
+CVE-2014-9706
 	{DSA-3206-1}
 	- dulwich 0.10.1-1 (bug #780989)
 	[jessie] - dulwich 0.9.7-3
@@ -976,7 +976,7 @@ CVE-2014-9699
 	RESERVED
 CVE-2014-9698
 	RESERVED
-CVE-2014-9709 (The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used ...)
+CVE-2014-9709
 	{DSA-3215-1 DLA-189-1}
 	- libgd2 2.1.0-5
 	- php5 5.6.5+dfsg-1 (unimportant)
@@ -988,60 +988,60 @@ CVE-2014-9709 (The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd, the embedded copy was fixed upstream in 5.6.5
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/469990b43c294692493f15f8400560fe5d966a02
-CVE-2014-9701 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and ...)
+CVE-2014-9701
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Fixed by https://github.com/mantisbt/mantisbt/commit/d95f070d (1.2.x)
 	NOTE: http://article.gmane.org/gmane.comp.security.oss.general/15022
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=19493
-CVE-2014-9697 (Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote ...)
+CVE-2014-9697
 	NOT-FOR-US: Huawei
-CVE-2014-9696 (The Hyper Module Management (HMM) software of Huawei Tecal E9000 ...)
+CVE-2014-9696
 	NOT-FOR-US: Huawei
-CVE-2014-9695 (The Hyper Module Management (HMM) software of Huawei Tecal E9000 ...)
+CVE-2014-9695
 	NOT-FOR-US: Huawei
-CVE-2014-9694 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal ...)
+CVE-2014-9694
 	NOT-FOR-US: Huawei
-CVE-2014-9693 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal ...)
+CVE-2014-9693
 	NOT-FOR-US: Huawei
-CVE-2014-9692 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal ...)
+CVE-2014-9692
 	NOT-FOR-US: Huawei
-CVE-2014-9691 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal ...)
+CVE-2014-9691
 	NOT-FOR-US: Huawei
-CVE-2014-9690 (Huawei home gateways WS318 with software V100R001C01B022 and earlier ...)
+CVE-2014-9690
 	NOT-FOR-US: Huawei
-CVE-2014-9705 (Heap-based buffer overflow in the enchant_broker_request_dict function ...)
+CVE-2014-9705
 	{DSA-3195-1 DLA-212-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68552
 	NOTE: http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/6
-CVE-2014-9689 (content/renderer/device_sensors/device_orientation_event_pump.cc in ...)
+CVE-2014-9689
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-9688 (Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for ...)
+CVE-2014-9688
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2014-9687 (eCryptfs 104 and earlier uses a default salt to encrypt the mount ...)
+CVE-2014-9687
 	- ecryptfs-utils 103-4 (bug #780385)
 	[wheezy] - ecryptfs-utils <no-dsa> (Minor issue)
 	[squeeze] - ecryptfs-utils <no-dsa> (Minor issue)
 	NOTE: http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/839
-CVE-2014-9686 (The Googlemaps plugin 3.2 and earlier for Joomla! allows remote ...)
+CVE-2014-9686
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2014-9685 (Multiple cross-site scripting (XSS) vulnerabilities in Vanilla Forums ...)
+CVE-2014-9685
 	NOT-FOR-US: Vanilla Forums
-CVE-2014-9684 (OpenStack Image Registry and Delivery Service (Glance) 2014.2 through ...)
+CVE-2014-9684
 	- glance <not-affected> (Only affects 2014.2.x releases, only present in experimental)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: https://review.openstack.org/#/c/122427/
-CVE-2014-9683 (Off-by-one error in the ecryptfs_decode_from_filename function in ...)
+CVE-2014-9683
 	{DSA-3170-1 DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=942080643bce061c3dd9d5718d3b745dcb39a8bc (v3.19-rc1)
-CVE-2014-9682 (The dns-sync module before 0.1.1 for node.js allows context-dependent ...)
+CVE-2014-9682
 	NOT-FOR-US: node-dns-sync
 CVE-2014-XXXX [more to CVE-2014-6585]
 	[experimental] - icu 55.1-1
@@ -1051,11 +1051,11 @@ CVE-2014-XXXX [more to CVE-2014-6585]
 	[squeeze] - icu <not-affected> (All relevant changes already applied)
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37086
 	NOTE: icu_4.4.1-8+squeeze3 already has the full patch except for the changes in source/layout/ContextualSubstSubtables.cpp which are commented out anyway... and the remaining if test is probably only meaningful when the backtrackClassArray call is uncommented.
-CVE-2014-9678 (FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers ...)
+CVE-2014-9678
 	NOT-FOR-US: FlexPaper
-CVE-2014-9677 (Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in ...)
+CVE-2014-9677
 	NOT-FOR-US: FlexPaper
-CVE-2014-9676 (The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 ...)
+CVE-2014-9676
 	{DLA-464-1}
 	- ffmpeg <not-affected> (Vulnerable code not present in a ffmpeg version in the archive)
 	- libav 6:11.2-1
@@ -1063,59 +1063,59 @@ CVE-2014-9676 (The seg_write_packet function in libavformat/segment.c in ffmpeg
 	NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=169065fbfb3da1ab776379c333aebc54bb1f1bc4
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=b3f04657368a32a9903406395f865e230b1de348
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/04/10
-CVE-2014-9675 (bdf/bdflib.c in FreeType before 2.5.4 identifies property names by ...)
+CVE-2014-9675
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=151
-CVE-2014-9674 (The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType ...)
+CVE-2014-9674
 	{DSA-3461-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=153
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e
-CVE-2014-9673 (Integer signedness error in the Mac_Read_POST_Resource function in ...)
+CVE-2014-9673
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=154
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415
-CVE-2014-9672 (Array index error in the parse_fond function in base/ftmac.c in ...)
+CVE-2014-9672
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=155
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c
-CVE-2014-9671 (Off-by-one error in the pcf_get_properties function in pcf/pcfread.c ...)
+CVE-2014-9671
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=157
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3
-CVE-2014-9670 (Multiple integer signedness errors in the pcf_get_encodings function ...)
+CVE-2014-9670
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=158
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6
-CVE-2014-9669 (Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 ...)
+CVE-2014-9669
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=163
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565
-CVE-2014-9668 (The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 ...)
+CVE-2014-9668
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (Vulnerable code not present)
 	[squeeze] - freetype <not-affected> (Vulnerable code not present)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=164
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538
-CVE-2014-9667 (sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length ...)
+CVE-2014-9667
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=166
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891
-CVE-2014-9666 (The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before ...)
+CVE-2014-9666
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=167
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439
-CVE-2014-9665 (The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 ...)
+CVE-2014-9665
 	{DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (Vulnerable code not present)
@@ -1123,57 +1123,57 @@ CVE-2014-9665 (The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=168
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727
-CVE-2014-9664 (FreeType before 2.5.4 does not check for the end of the data during ...)
+CVE-2014-9664
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=183
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd
-CVE-2014-9663 (The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before ...)
+CVE-2014-9663
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=184
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1
-CVE-2014-9662 (cff/cf2ft.c in FreeType before 2.5.4 does not validate the return ...)
+CVE-2014-9662
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (Vulnerable code not present)
 	[squeeze] - freetype <not-affected> (Vulnerable code not present)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=185
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2
-CVE-2014-9661 (type42/t42parse.c in FreeType before 2.5.4 does not consider that ...)
+CVE-2014-9661
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=187
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669
-CVE-2014-9660 (The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before ...)
+CVE-2014-9660
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=188
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab
-CVE-2014-9659 (cff/cf2intrp.c in the CFF CharString interpreter in FreeType before ...)
+CVE-2014-9659
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (vulnerable code not present and thus incomplete fix not applied as well)
 	[squeeze] - freetype <not-affected> (vulnerable code not present and thus incomplete fix not applied as well)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=190
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8
 	NOTE: CVE due to incomplete fix for CVE-2014-2240
-CVE-2014-9658 (The tt_face_load_kern function in sfnt/ttkern.c in FreeType before ...)
+CVE-2014-9658
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=194
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c
-CVE-2014-9657 (The tt_face_load_hdmx function in truetype/ttpload.c in FreeType ...)
+CVE-2014-9657
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=195
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55
-CVE-2014-9656 (The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType ...)
+CVE-2014-9656
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=196
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a
-CVE-2014-9679 (Integer underflow in the cupsRasterReadPixels function in ...)
+CVE-2014-9679
 	{DSA-3172-1 DLA-159-1}
 	[experimental] - cups 2.0.2-1
 	- cups 1.7.5-11 (bug #778387)
@@ -1183,7 +1183,7 @@ CVE-2014-9679 (Integer underflow in the cupsRasterReadPixels function in ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/10/15
 CVE-2014-9681
 	REJECTED
-CVE-2014-9680 (sudo before 1.8.12 does not ensure that the TZ environment variable is ...)
+CVE-2014-9680
 	{DSA-3167-1 DLA-160-1}
 	- sudo 1.8.12-1 (bug #772707)
 	[jessie] - sudo 1.8.10p3-1+deb8u2
@@ -1195,56 +1195,56 @@ CVE-2014-9680 (sudo before 1.8.12 does not ensure that the TZ environment variab
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/12
 CVE-2014-XXXX [RPATH set to untrusted directory]
 	[experimental] - noise <unfixed> (bug #759868)
-CVE-2014-9655 (The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) ...)
+CVE-2014-9655
 	{DSA-3273-1 DLA-610-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #777390)
 	- tiff3 <removed>
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-1.tif
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-2.tif
-CVE-2014-9654 (The Regular Expressions package in International Components for ...)
+CVE-2014-9654
 	{DSA-3187-1 DLA-219-1}
 	- icu 52.1-7.1 (bug #776719)
 	NOTE: https://ssl.icu-project.org/trac/changeset/36801
 	NOTE: https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5
-CVE-2014-9653 (readelf.c in file before 5.22, as used in the Fileinfo component in ...)
+CVE-2014-9653
 	{DSA-3196-1 DLA-204-1}
 	- file 1:5.22+15-1 (bug #777585)
 	- php5 <not-affected> (readelf.c not used and even removed in 5.4.36-0+deb7u3)
 	NOTE: http://bugs.gw.com/view.php?id=409
 	NOTE: http://mx.gw.com/pipermail/file/2014/001649.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/04/13
-CVE-2014-9983 (Directory Traversal exists in RAR 4.x and 5.x because an unpack ...)
+CVE-2014-9983
 	- rar 2:5.3.b2-1 (bug #774172)
 	[jessie] - rar <no-dsa> (Non-free not supported)
 	[wheezy] - rar <no-dsa> (Non-free not supported)
 	[squeeze] - rar <no-dsa> (Not fixed upstream and license does not allow modification)
 	NOTE: Version 5.21 upstream changes behaviour: by default rar skips symbolic links
 	NOTE: symbolic links with absolute paths in link target when extracting.
-CVE-2014-9648 (components/navigation_interception/intercept_navigation_resource_throttle.cc ...)
+CVE-2014-9648
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2014-9647 (Use-after-free vulnerability in PDFium, as used in Google Chrome ...)
+CVE-2014-9647
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-9646 (Unquoted Windows search path vulnerability in the ...)
+CVE-2014-9646
 	- chromium-browser <not-affected> (Windows specific problem for chromium-browser)
-CVE-2014-9643 (K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and ...)
+CVE-2014-9643
 	NOT-FOR-US: K7 components for Windows
-CVE-2014-9642 (bdagent.sys in BullGuard Antivirus, Internet Security, Premium ...)
+CVE-2014-9642
 	NOT-FOR-US: BullGuard components
-CVE-2014-9641 (The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, ...)
+CVE-2014-9641
 	NOT-FOR-US: Trend Micro
-CVE-2014-9633 (The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote ...)
+CVE-2014-9633
 	NOT-FOR-US: COMODO Backup
-CVE-2014-9632 (The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 ...)
+CVE-2014-9632
 	NOT-FOR-US: AVG
-CVE-2014-9644 (The Crypto API in the Linux kernel before 3.18.5 allows local users to ...)
+CVE-2014-9644
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in v2.6.38-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4943ba16bbc2 (v3.19-rc1)
-CVE-2014-9645 (The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 ...)
+CVE-2014-9645
 	{DLA-1445-1}
 	- busybox 1:1.22.0-15 (low; bug #776186)
 	[wheezy] - busybox <no-dsa> (Minor issue)
@@ -1253,7 +1253,7 @@ CVE-2014-9645 (The add_probe function in modutils/modprobe.c in BusyBox before 1
 	NOTE: http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b
 CVE-2014-9631
 	RESERVED
-CVE-2014-9638 (oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial ...)
+CVE-2014-9638
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-7 (unimportant; bug #776086)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
@@ -1262,7 +1262,7 @@ CVE-2014-9638 (oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a d
 	NOTE: Fixed by: https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e
 	NOTE: No security impact
 	NOTE: proposed patch: http://lists.xiph.org/pipermail/vorbis-dev/2015-February/020423.html
-CVE-2014-9639 (Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote ...)
+CVE-2014-9639
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-7 (low; bug #776086)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
@@ -1273,20 +1273,20 @@ CVE-2014-9639 (Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote ..
 	NOTE: https://trac.xiph.org/ticket/2136
 	NOTE: Fixed by: https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e
 	NOTE: proposed patch: http://lists.xiph.org/pipermail/vorbis-dev/2015-February/020423.html
-CVE-2014-9640 (oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause ...)
+CVE-2014-9640
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-6 (bug #771363)
 	[squeeze] - vorbis-tools <no-dsa> (Minor issue)
 	NOTE: https://trac.xiph.org/ticket/2009
 	NOTE: Upstream fix: https://trac.xiph.org/changeset/19117
-CVE-2014-9649 (Cross-site scripting (XSS) vulnerability in the management plugin in ...)
+CVE-2014-9649
 	- rabbitmq-server 3.4.1-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
 	[squeeze] - rabbitmq-server <not-affected> (Management web UI not available in version 1.8.1)
 	NOTE: https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/21/13
-CVE-2014-9650 (CRLF injection vulnerability in the management plugin in RabbitMQ ...)
+CVE-2014-9650
 	- rabbitmq-server 3.4.1-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
@@ -1294,10 +1294,10 @@ CVE-2014-9650 (CRLF injection vulnerability in the management plugin in RabbitMQ
 	NOTE: https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
 	NOTE: Fixed by: https://github.com/rabbitmq/rabbitmq-management/commit/b5a5fc31bd49ad821a655ea9e2fe920d670a62ad
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/21/13
-CVE-2014-9732 (The cabd_extract function in cabd.c in libmspack before 0.5 does not ...)
+CVE-2014-9732
 	- libmspack 0.5-1 (bug #774665)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2014-9637 (GNU patch 2.7.2 and earlier allows remote attackers to cause a denial ...)
+CVE-2014-9637
 	- patch 2.7.1-7
 	[wheezy] - patch <not-affected> (Vulnerability introduced later)
 	[squeeze] - patch <not-affected> (Vulnerability introduced later)
@@ -1343,17 +1343,17 @@ CVE-2014-9625 [Buffer overflow in updater]
 	- vlc <not-affected> (Update mechanism not enabled in the Debian package)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
-CVE-2014-9623 (OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier ...)
+CVE-2014-9623
 	- glance 2014.1.3-12 (bug #776580)
 	[wheezy] - glance <no-dsa> (Minor issue)
 	NOTE: Versions: up to 2014.1.3 and 2014.2 version up to 2014.2.1
-CVE-2014-9619 (Unrestricted file upload vulnerability in ...)
+CVE-2014-9619
 	NOT-FOR-US: Netsweeper
-CVE-2014-9618 (The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x ...)
+CVE-2014-9618
 	NOT-FOR-US: Netsweeper
 CVE-2014-9617
 	RESERVED
-CVE-2014-9616 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 ...)
+CVE-2014-9616
 	NOT-FOR-US: Netsweeper
 CVE-2014-9615
 	RESERVED
@@ -1363,9 +1363,9 @@ CVE-2014-9613
 	RESERVED
 CVE-2014-9612
 	RESERVED
-CVE-2014-9611 (Netsweeper before 4.0.5 allows remote attackers to bypass ...)
+CVE-2014-9611
 	NOT-FOR-US: Netsweeper
-CVE-2014-9610 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 ...)
+CVE-2014-9610
 	NOT-FOR-US: Netsweeper
 CVE-2014-9609
 	RESERVED
@@ -1375,9 +1375,9 @@ CVE-2014-9607
 	RESERVED
 CVE-2014-9606
 	RESERVED
-CVE-2014-9605 (WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x ...)
+CVE-2014-9605
 	NOT-FOR-US: Netsweeper
-CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a ...)
+CVE-2014-9604
 	{DSA-3189-1}
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -1385,47 +1385,47 @@ CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for
 	NOTE: Applies to 0.8, but in different file (utvideo.c)
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=0ce3a0f9d9523a9bcad4c6d451ca5bbd7a4f420d
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f
-CVE-2014-9603 (The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before ...)
+CVE-2014-9603
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3030fb7e0d41836f8add6399e9a7c7b740b48bfd
-CVE-2014-9602 (libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits ...)
+CVE-2014-9602
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
-CVE-2014-9601 (Pillow before 2.7.0 allows remote attackers to cause a denial of ...)
+CVE-2014-9601
 	- pillow 2.6.1-2 (bug #776303)
 	- python-imaging <removed>
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	NOTE: https://github.com/python-pillow/Pillow/commit/b3e09122e527ae554eb590741bbd7611d5710e40
 	NOTE: http://web.archive.org/web/20150921104441/http://pillow.readthedocs.org:80/releasenotes/2.7.0.html#png-text-chunk-size-limits
-CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 ...)
+CVE-2014-9600
 	NOT-FOR-US: Macroplant iExplorer
-CVE-2014-9599 (Cross-site scripting (XSS) vulnerability in the filemanager in ...)
+CVE-2014-9599
 	- b2evolution <removed>
-CVE-2014-9598 (The picture_Release function in misc/picture.c in VideoLAN VLC media ...)
+CVE-2014-9598
 	NOTE: https://trac.videolan.org/vlc/ticket/13390
 	NOTE: http://seclists.org/fulldisclosure/2015/Jan/72
 	NOTE: This was originally reported for VLC; but upstream states that it is in libavcodec
 	NOTE: This seems to be Windows-specific issue, the reported error couldn't be reproduced
 	NOTE: with any ffmpeg release and libav/0.8.
-CVE-2014-9597 (The picture_pool_Delete function in misc/picture_pool.c in VideoLAN ...)
+CVE-2014-9597
 	NOTE: https://trac.videolan.org/vlc/ticket/13389
 	NOTE: http://seclists.org/fulldisclosure/2015/Jan/72
 	NOTE: This was originally reported for VLC; but upstream states that it is in libavcodec
 	NOTE: This seems to be Windows-specific issue, the reported error couldn't be reproduced
 	NOTE: with any ffmpeg release and libav/0.8.
-CVE-2014-9596 (Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 ...)
+CVE-2014-9596
 	NOT-FOR-US: Panasonic Arbitrator Back-End Server
-CVE-2014-9595 (Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 ...)
+CVE-2014-9595
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-9594 (Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 ...)
+CVE-2014-9594
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-9593 (Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote ...)
+CVE-2014-9593
 	NOT-FOR-US: Apache CloudStack
-CVE-2014-9624 (CAPTCHA bypass vulnerability in MantisBT before 1.2.19. ...)
+CVE-2014-9624
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -1436,15 +1436,15 @@ CVE-2014-XXXX [TYPO3-CORE-SA-2014-002: Multiple Vulnerabilities in TYPO3 CMS]
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/
-CVE-2014-9636 (unzip 6.0 allows remote attackers to cause a denial of service ...)
+CVE-2014-9636
 	{DSA-3152-1 DLA-150-1}
 	- unzip 6.0-15 (bug #776589)
 	NOTE: http://seclists.org/oss-sec/2014/q4/489
 	NOTE: http://seclists.org/oss-sec/2014/q4/507
 	NOTE: http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=450
-CVE-2014-9635 (Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie ...)
+CVE-2014-9635
 	- jenkins 1.565.3-3 (bug #769682)
-CVE-2014-9634 (Jenkins before 1.586 does not set the secure flag on session cookies ...)
+CVE-2014-9634
 	- jenkins 1.565.3-3 (bug #769682)
 CVE-2014-999999
 	REJECTED
@@ -1485,165 +1485,165 @@ CVE-2014-10041
 	RESERVED
 CVE-2014-10040
 	RESERVED
-CVE-2014-10038 (SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and ...)
+CVE-2014-10038
 	NOT-FOR-US: DomPHP
-CVE-2014-10037 (Directory traversal vulnerability in DomPHP 0.83 and earlier allows ...)
+CVE-2014-10037
 	NOT-FOR-US: DomPHP
-CVE-2014-10036 (Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before ...)
+CVE-2014-10036
 	NOT-FOR-US: JetBrains TeamCity
-CVE-2014-10035 (Multiple cross-site scripting (XSS) vulnerabilities in the admin area ...)
+CVE-2014-10035
 	NOT-FOR-US: couponPHP
-CVE-2014-10034 (Multiple SQL injection vulnerabilities in the admin area in couponPHP ...)
+CVE-2014-10034
 	NOT-FOR-US: couponPHP
-CVE-2014-10033 (SQL injection vulnerability in the update_zone function in ...)
+CVE-2014-10033
 	NOT-FOR-US: osCommerce Online Merchant
-CVE-2014-10032 (SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 ...)
+CVE-2014-10032
 	NOT-FOR-US: Taboada MacroNews
-CVE-2014-10031 (Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail ...)
+CVE-2014-10031
 	NOT-FOR-US: Qualcomm Eudora WorldMail
-CVE-2014-10030 (Open redirect vulnerability in forums/login.php in FluxBB before ...)
+CVE-2014-10030
 	NOT-FOR-US: FluxBB
-CVE-2014-10029 (SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and ...)
+CVE-2014-10029
 	NOT-FOR-US: FluxBB
-CVE-2014-10028 (Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router ...)
+CVE-2014-10028
 	NOT-FOR-US: D-Link DAP-1360 router
-CVE-2014-10027 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
+CVE-2014-10027
 	NOT-FOR-US: D-Link DAP-1360
-CVE-2014-10026 (index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows ...)
+CVE-2014-10026
 	NOT-FOR-US: D-Link DAP-1360
-CVE-2014-10025 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
+CVE-2014-10025
 	NOT-FOR-US: D-Link DAP-1360
-CVE-2014-10024 (Multiple integer signedness errors in DirectShowDemuxFilter, as used ...)
+CVE-2014-10024
 	NOT-FOR-US: Divx Web Player, Divx Player and Divx plugins
-CVE-2014-10023 (Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 ...)
+CVE-2014-10023
 	NOT-FOR-US: TopicsViewer
-CVE-2014-10021 (Unrestricted file upload vulnerability in UploadHandler.php in the WP ...)
+CVE-2014-10021
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2014-10020 (SQL injection vulnerability in login.php in Simple e-document 1.31 ...)
+CVE-2014-10020
 	NOT-FOR-US: Simple e-document
-CVE-2014-10019 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-10019
 	NOT-FOR-US: Teracom T2-B-Gawv1.4U10Y-BI modem
-CVE-2014-10018 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-10018
 	NOT-FOR-US: Teracom T2-B-Gawv1.4U10Y-BI modem
-CVE-2014-10017 (Multiple SQL injection vulnerabilities in the Welcart e-Commerce ...)
+CVE-2014-10017
 	NOT-FOR-US: Welcart e-Commerce plugin for WordPress
-CVE-2014-10016 (Multiple cross-site scripting (XSS) vulnerabilities in the Welcart ...)
+CVE-2014-10016
 	NOT-FOR-US: Welcart e-Commerce plugin for WordPress
-CVE-2014-10015 (SQL injection vulnerability in load-calendar.php in PHPJabbers Event ...)
+CVE-2014-10015
 	NOT-FOR-US: PHPJabbers Event Booking Calendar
-CVE-2014-10014 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-10014
 	NOT-FOR-US: PHPJabbers Event Booking Calendar
-CVE-2014-10013 (SQL injection vulnerability in the Another WordPress Classifieds ...)
+CVE-2014-10013
 	NOT-FOR-US: Another WordPress Classifieds Plugin plugin for WordPress
-CVE-2014-10012 (Cross-site scripting (XSS) vulnerability in the Another WordPress ...)
+CVE-2014-10012
 	NOT-FOR-US: Another WordPress Classifieds Plugin plugin for WordPress
-CVE-2014-10011 (Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX ...)
+CVE-2014-10011
 	NOT-FOR-US: TRENDnet SecurView camera TV-IP422WN
-CVE-2014-10010 (Directory traversal vulnerability in PHPJabbers Appointment Scheduler ...)
+CVE-2014-10010
 	NOT-FOR-US: PHPJabbers Appointment Scheduler
-CVE-2014-10009 (Multiple cross-site scripting (XSS) vulnerabilities in Stark CRM 1.0 ...)
+CVE-2014-10009
 	NOT-FOR-US: Stark CRM
-CVE-2014-10008 (Multiple cross-site request forgery (CSRF) vulnerabilities in Stark ...)
+CVE-2014-10008
 	NOT-FOR-US: Stark CRM
-CVE-2014-10007 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog ...)
+CVE-2014-10007
 	NOT-FOR-US: Maian Weblog
-CVE-2014-10006 (Multiple cross-site request forgery (CSRF) vulnerabilities in Maian ...)
+CVE-2014-10006
 	NOT-FOR-US: Maian Uploader
-CVE-2014-10005 (Maian Uploader 4.0 allows remote attackers to obtain sensitive ...)
+CVE-2014-10005
 	NOT-FOR-US: Maian Uploader
 CVE-2014-100040
 	RESERVED
-CVE-2014-10004 (SQL injection vulnerability in admin/data_files/move.php in Maian ...)
+CVE-2014-10004
 	NOT-FOR-US: Maian Uploader
-CVE-2014-100039 (mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local ...)
+CVE-2014-100039
 	NOT-FOR-US: Malwarebytes Anti-Exploit
-CVE-2014-100038 (Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and ...)
+CVE-2014-100038
 	NOT-FOR-US: Storytlr
-CVE-2014-100037 (Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and ...)
+CVE-2014-100037
 	NOT-FOR-US: Storytlr
-CVE-2014-100036 (Cross-site scripting (XSS) vulnerability in FlatPress 1.0.2 allows ...)
+CVE-2014-100036
 	- flatpress <itp> (bug #466297)
-CVE-2014-100035 (SQL injection vulnerability in the ticket grid in the admin interface ...)
+CVE-2014-100035
 	NOT-FOR-US: LicensePal ArcticDesk
-CVE-2014-100034 (Cross-site scripting (XSS) vulnerability in the frontend interface in ...)
+CVE-2014-100034
 	NOT-FOR-US: LicensePal ArcticDesk
-CVE-2014-100033 (Directory traversal vulnerability in LicensePal ArcticDesk before ...)
+CVE-2014-100033
 	NOT-FOR-US: LicensePal ArcticDesk
-CVE-2014-100032 (Cross-site scripting (XSS) vulnerability in top.html in the Airties ...)
+CVE-2014-100032
 	NOT-FOR-US: Airties Air 6372 modem
-CVE-2014-100031 (Multiple SQL injection vulnerabilities in Ganesha Digital Library ...)
+CVE-2014-100031
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2014-100030 (Cross-site scripting (XSS) vulnerability in module/search/function.php ...)
+CVE-2014-100030
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2014-10003 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader ...)
+CVE-2014-10003
 	NOT-FOR-US: Maian Uploader
-CVE-2014-100029 (Multiple directory traversal vulnerabilities in class/session.php in ...)
+CVE-2014-100029
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2014-100028 (Cross-site scripting (XSS) vulnerability in /signup in WEBCrafted ...)
+CVE-2014-100028
 	NOT-FOR-US: WEBCrafted
-CVE-2014-100027 (Cross-site scripting (XSS) vulnerability in the WP SlimStat plugin ...)
+CVE-2014-100027
 	NOT-FOR-US: WP SlimStat plugin for WordPress
-CVE-2014-100026 (Cross-site scripting (XSS) vulnerability in readme.php in the April's ...)
+CVE-2014-100026
 	NOT-FOR-US: April's Super Functions Pack plugin for WordPress
-CVE-2014-100025 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2014-100025
 	NOT-FOR-US: Savsoft Quiz
-CVE-2014-100024 (Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 ...)
+CVE-2014-100024
 	NOT-FOR-US: Seo Panel
-CVE-2014-100023 (Multiple cross-site scripting (XSS) vulnerabilities in question.php in ...)
+CVE-2014-100023
 	NOT-FOR-US: mTouch Quiz
-CVE-2014-100022 (SQL injection vulnerability in question.php in the mTouch Quiz before ...)
+CVE-2014-100022
 	NOT-FOR-US: mTouch Quiz
-CVE-2014-100021 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-100021
 	NOT-FOR-US: OrangeHRM
-CVE-2014-100020 (SQL injection vulnerability in ChangeEmail.php in iTechClassifieds ...)
+CVE-2014-100020
 	NOT-FOR-US: iTechClassifieds
-CVE-2014-10002 (Unspecified vulnerability in JetBrains TeamCity before 8.1 allows ...)
+CVE-2014-10002
 	NOT-FOR-US: JetBrains TeamCity
-CVE-2014-100019 (SQL injection vulnerability in the LTree converter in Pomm before ...)
+CVE-2014-100019
 	NOT-FOR-US: LTree converter in Pomm
-CVE-2014-100018 (Cross-site scripting (XSS) vulnerability in the Unconfirmed plugin ...)
+CVE-2014-100018
 	NOT-FOR-US: Unconfirmed plugin for WordPress
-CVE-2014-100017 (Cross-site scripting (XSS) vulnerability in canned_opr.php in ...)
+CVE-2014-100017
 	NOT-FOR-US: PhpOnlineChat
-CVE-2014-100016 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-100016
 	NOT-FOR-US: Photocrati theme for WordPress
-CVE-2014-100015 (Directory traversal vulnerability in pdmwService.exe in SolidWorks ...)
+CVE-2014-100015
 	NOT-FOR-US: SolidWorks Workgroup PDM
-CVE-2014-100014 (Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks ...)
+CVE-2014-100014
 	NOT-FOR-US: SolidWorks Workgroup PDM
-CVE-2014-100013 (Multiple cross-site scripting (XSS) vulnerabilities in clientResponse ...)
+CVE-2014-100013
 	NOT-FOR-US: clientResponse
-CVE-2014-100012 (SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote ...)
+CVE-2014-100012
 	NOT-FOR-US: Sendy
-CVE-2014-100011 (SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote ...)
+CVE-2014-100011
 	NOT-FOR-US: Sendy
-CVE-2014-100010 (Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows ...)
+CVE-2014-100010
 	NOT-FOR-US: ClanSphere
-CVE-2014-10001 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-10001
 	NOT-FOR-US: PHPJabbers Appointment Scheduler
-CVE-2014-100009 (The Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) ...)
+CVE-2014-100009
 	NOT-FOR-US: JS MultiHotel
-CVE-2014-100008 (Cross-site scripting (XSS) vulnerability in includes/delete_img.php in ...)
+CVE-2014-100008
 	NOT-FOR-US: JS MultiHotel
-CVE-2014-100007 (Cross-site scripting (XSS) vulnerability in the HK Exif Tags plugin ...)
+CVE-2014-100007
 	NOT-FOR-US: HK Exif Tags plugin for WordPress
-CVE-2014-100006 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-100006
 	NOT-FOR-US: webtrees
-CVE-2014-100005 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
+CVE-2014-100005
 	NOT-FOR-US: D-Link DIR-600 router
-CVE-2014-100004 (Cross-site scripting (XSS) vulnerability in Sitecore CMS before 7.0 ...)
+CVE-2014-100004
 	NOT-FOR-US: Sitecore CMS
-CVE-2014-100003 (SQL injection vulnerability in ...)
+CVE-2014-100003
 	NOT-FOR-US: Code Futures YourMembers plugin for WordPress
-CVE-2014-100002 (Directory traversal vulnerability in ManageEngine SupportCenter Plus ...)
+CVE-2014-100002
 	NOT-FOR-US: ManageEngine SupportCenter Plus
-CVE-2014-100001 (Cross-site request forgery (CSRF) vulnerability in the SEO Plugin ...)
+CVE-2014-100001
 	NOT-FOR-US: SEO Plugin LiveOptim
 CVE-2014-100000
 	REJECTED
 CVE-2014-10000
 	REJECTED
-CVE-2014-9651 (Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, ...)
+CVE-2014-9651
 	- chicken 4.10.0-1 (bug #775346)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
@@ -1656,77 +1656,77 @@ CVE-2014-1137
 	REJECTED
 CVE-2014-1004
 	REJECTED
-CVE-2014-9585 (The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel ...)
+CVE-2014-9585
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=fbe1bf140671619508dfa575d74a185ae53c5dbb
 	NOTE: http://marc.info/?l=linux-kernel&m=141911002822659&w=2
-CVE-2014-9583 (common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, ...)
+CVE-2014-9583
 	NOT-FOR-US: infosvr in ASUS WRT firmware
-CVE-2014-9582 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-9582
 	NOT-FOR-US: Codiad
-CVE-2014-9581 (Directory traversal vulnerability in ...)
+CVE-2014-9581
 	NOT-FOR-US: Codiad
-CVE-2014-9580 (Cross-site scripting (XSS) vulnerability in ProjectSend (formerly ...)
+CVE-2014-9580
 	NOT-FOR-US: ProjectSend
-CVE-2014-9579 (VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator ...)
+CVE-2014-9579
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9578 (VDG Security SENSE (formerly DIVA) 2.3.13 performs authentication with ...)
+CVE-2014-9578
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9577 (VDG Security SENSE (formerly DIVA) 2.3.13 sends the user database when ...)
+CVE-2014-9577
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9576 (VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password of ...)
+CVE-2014-9576
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9575 (VDG Security SENSE (formerly DIVA) before 2.3.15 allows remote ...)
+CVE-2014-9575
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9574 (Directory traversal vulnerability in install.php in FluxBB before ...)
+CVE-2014-9574
 	NOT-FOR-US: FluxBB
-CVE-2014-9573 (SQL injection vulnerability in manage_user_page.php in MantisBT before ...)
+CVE-2014-9573
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream patch: http://github.com/mantisbt/mantisbt/commit/69c2d28d (1.2.x)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17940
-CVE-2014-9572 (MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly ...)
+CVE-2014-9572
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream patch: http://github.com/mantisbt/mantisbt/commit/5571bcf9 (1.2.x)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17939
-CVE-2014-9571 (Cross-site scripting (XSS) vulnerability in admin/install.php in ...)
+CVE-2014-9571
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream patch: http://github.com/mantisbt/mantisbt/commit/6d47c047 (1.2.x)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17938
-CVE-2014-9570 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-9570
 	NOT-FOR-US: WordPress plugin MyWebsiteAdvisor Simple Security
-CVE-2014-9569 (Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver ...)
+CVE-2014-9569
 	NOT-FOR-US: SAP NetWeaver Business Client
-CVE-2014-9568 (puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie ...)
+CVE-2014-9568
 	NOT-FOR-US: Puppet module rabbitmq
-CVE-2014-9567 (Unrestricted file upload vulnerability in process-upload.php in ...)
+CVE-2014-9567
 	NOT-FOR-US: ProjectSend
-CVE-2014-9566 (Multiple SQL injection vulnerabilities in the Manage Accounts page in ...)
+CVE-2014-9566
 	NOT-FOR-US: SolarWinds
-CVE-2014-9565 (Cross-site request forgery (CSRF) vulnerability in IBM Flex System ...)
+CVE-2014-9565
 	NOT-FOR-US: IBM
-CVE-2014-9564 (CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet ...)
+CVE-2014-9564
 	NOT-FOR-US: IBM
-CVE-2014-9563 (CRLF injection vulnerability in the web-based management (WBM) ...)
+CVE-2014-9563
 	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
-CVE-2014-9562 (Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 ...)
+CVE-2014-9562
 	NOT-FOR-US: M2 OptimalSite
-CVE-2014-9561 (Cross-site scripting (XSS) vulnerability in redir_last_post_list.php ...)
+CVE-2014-9561
 	NOT-FOR-US: SoftBB
-CVE-2014-9560 (SQL injection vulnerability in redir_last_post_list.php in SoftBB ...)
+CVE-2014-9560
 	NOT-FOR-US: SoftBB
-CVE-2014-9559 (Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, ...)
+CVE-2014-9559
 	NOT-FOR-US: SnipSnap
-CVE-2014-9558 (Multiple SQL injection vulnerabilities in SmartCMS v.2. ...)
+CVE-2014-9558
 	NOT-FOR-US: SmartCMS
-CVE-2014-9557 (Multiple cross-site scripting (XSS) vulnerabilities in SmartCMS v.2. ...)
+CVE-2014-9557
 	NOT-FOR-US: SmartCMS
 CVE-2014-9555
 	RESERVED
@@ -1780,185 +1780,185 @@ CVE-2014-9531
 	RESERVED
 CVE-2014-9530
 	RESERVED
-CVE-2014-9528 (SQL injection vulnerability in the actionIndex function in ...)
+CVE-2014-9528
 	NOT-FOR-US: HumHub
-CVE-2014-9527 (HSLFSlideShow in Apache POI before 3.11 allows remote attackers to ...)
+CVE-2014-9527
 	- libapache-poi-java 3.10.1-2 (low; bug #775171)
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
-CVE-2014-9587 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-9587
 	{DLA-613-1}
 	- roundcube 1.1.1+dfsg.1-2 (bug #775576)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
 	[wheezy] - roundcube <no-dsa> (Minor issue)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/376cbfd4f2dfcf455717409b70d9d056cbeb08b1
-CVE-2014-9526 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
+CVE-2014-9526
 	NOT-FOR-US: concrete5
-CVE-2014-9525 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9525
 	NOT-FOR-US: Timed Popup (wp-timed-popup) plugin for WordPress
-CVE-2014-9524 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9524
 	NOT-FOR-US: Facebook Like Box (cardoza-facebook-like-box) plugin for WordPress
-CVE-2014-9523 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Our ...)
+CVE-2014-9523
 	NOT-FOR-US: Our Team Showcase (our-team-enhanced) plugin for WordPress
-CVE-2014-9522 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Papoo Light ...)
+CVE-2014-9522
 	NOT-FOR-US: CMS Papoo Light
-CVE-2014-9521 (Unrestricted file upload vulnerability in uploadScript.php in ...)
+CVE-2014-9521
 	NOT-FOR-US: InfiniteWP Admin Panel
-CVE-2014-9520 (SQL injection vulnerability in execute.php in InfiniteWP Admin Panel ...)
+CVE-2014-9520
 	NOT-FOR-US: InfiniteWP Admin Panel
-CVE-2014-9519 (SQL injection vulnerability in login.php in InfiniteWP Admin Panel ...)
+CVE-2014-9519
 	NOT-FOR-US: InfiniteWP Admin Panel
-CVE-2014-9518 (Cross-site scripting (XSS) vulnerability in login.cgi in D-Link router ...)
+CVE-2014-9518
 	NOT-FOR-US: login.cgi in D-Link router DIR-655 (rev Bx) with firmware before 2.12b01
-CVE-2014-9517 (Cross-site scripting (XSS) vulnerability in D-link IP camera DCS-2103 ...)
+CVE-2014-9517
 	NOT-FOR-US: D-link IP camera DCS-2103
-CVE-2014-9516 (Cross-site scripting (XSS) vulnerability in Social Microblogging PRO ...)
+CVE-2014-9516
 	NOT-FOR-US: Social Microblogging PRO
-CVE-2014-9515 (Dozer improperly uses a reflection-based approach to type conversion, ...)
+CVE-2014-9515
 	NOT-FOR-US: Dozer
-CVE-2014-9514 (Cross-site scripting (XSS) vulnerability in BMC Footprints Service ...)
+CVE-2014-9514
 	NOT-FOR-US: BMC
-CVE-2014-9512 (rsync 3.1.1 allows remote attackers to write to arbitrary files via a ...)
+CVE-2014-9512
 	- rsync 3.1.1-3 (low; bug #778333)
 	[wheezy] - rsync <not-affected> (Affected sanitising functionality not yet present)
 	[squeeze] - rsync <not-affected> (Affected sanitising functionality not yet present)
 	NOTE: http://xteam.baidu.com/?p=169
 CVE-2014-9511
 	RESERVED
-CVE-2014-9510 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
+CVE-2014-9510
 	NOT-FOR-US: TP-Link TL-WR840N router
-CVE-2014-9509 (The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x ...)
+CVE-2014-9509
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Solution is to remove he configuration options config.prefixLocalAnchors
 	NOTE: (and optionally also config.baseUrl) in favor of config.absRefPrefix
-CVE-2014-9508 (The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x ...)
+CVE-2014-9508
 	- typo3-src 4.5.40+dfsg1-1 (bug #775105)
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://review.typo3.org/#/c/35222/
 	NOTE: https://review.typo3.org/gitweb?p=Packages/TYPO3.CMS.git;a=commitdiff;h=63ae7ddd11d284a121f23ce86282e3149bc16f96
-CVE-2014-9505 (Cross-site scripting (XSS) vulnerability in the School Administration ...)
+CVE-2014-9505
 	NOT-FOR-US: School Administration module for Drupal
-CVE-2014-9504 (The OG Subgroups module, when used with the Open Atrium module 7.x-2.x ...)
+CVE-2014-9504
 	NOT-FOR-US: Open Atrium module for Drupal
-CVE-2014-9503 (The Discussions sub module in the Open Atrium module 7.x-2.x before ...)
+CVE-2014-9503
 	NOT-FOR-US: Open Atrium module for Drupal
-CVE-2014-9502 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-9502
 	NOT-FOR-US: Open Atrium module for Drupal
-CVE-2014-9501 (Cross-site scripting (XSS) vulnerability in the Poll Chart Block ...)
+CVE-2014-9501
 	NOT-FOR-US: Poll Chart Block module for Drupal
-CVE-2014-9500 (Cross-site scripting (XSS) vulnerability in the Moip module 7.x-1.x ...)
+CVE-2014-9500
 	NOT-FOR-US: Moip module for Drupal
-CVE-2014-9499 (Cross-site scripting (XSS) vulnerability in the Godwin's Law module ...)
+CVE-2014-9499
 	NOT-FOR-US: Godwin's Law for Drupal
-CVE-2014-9498 (Cross-site scripting (XSS) vulnerability in the Webform Invitation ...)
+CVE-2014-9498
 	NOT-FOR-US: Webform Invitation module for Drupal
 CVE-2014-9492
 	REJECTED
-CVE-2014-9491 (The devzvol_readdir function in illumos does not check the return ...)
+CVE-2014-9491
 	NOT-FOR-US: illumos
-CVE-2014-9490 (The numtok function in lib/raven/okjson.rb in the raven-ruby gem ...)
+CVE-2014-9490
 	NOT-FOR-US: raven ruby gem
-CVE-2014-9488 (The is_utf8_well_formed function in GNU less before 475 allows remote ...)
+CVE-2014-9488
 	- less 481-1 (unimportant; bug #780247)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/14
 	NOTE: https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html
 CVE-2014-9484
 	RESERVED
-CVE-2014-9473 (Unrestricted file upload vulnerability in lib_nonajax.php in the ...)
+CVE-2014-9473
 	NOT-FOR-US: formsII plugin for WordPress
-CVE-2014-9472 (The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before ...)
+CVE-2014-9472
 	{DSA-3176-1 DLA-158-1}
 	- request-tracker4 4.2.8-3
 	- request-tracker3.8 <removed> (unimportant)
 CVE-2014-9470
 	RESERVED
-CVE-2014-9469 (Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, ...)
+CVE-2014-9469
 	NOT-FOR-US: vBulletin
-CVE-2014-9468 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP ...)
+CVE-2014-9468
 	NOT-FOR-US: InstantASP InstantForum.NET
 CVE-2014-9467
 	RESERVED
-CVE-2014-9466 (Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before ...)
+CVE-2014-9466
 	NOT-FOR-US: Open-Xchange
-CVE-2014-9464 (SQL injection vulnerability in Category.php in Microweber CMS 0.95 ...)
+CVE-2014-9464
 	NOT-FOR-US: Microweber CMS
-CVE-2014-9463 (functions_vbseo_hook.php in the VBSEO module for vBulletin allows ...)
+CVE-2014-9463
 	NOT-FOR-US: vBulletin
-CVE-2014-9462 (The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows ...)
+CVE-2014-9462
 	{DSA-3257-1 DLA-237-1}
 	- mercurial 3.4-1 (bug #783237)
 	NOTE: http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html
 	NOTE: http://selenic.com/hg/rev/e3f30068d2eb
-CVE-2014-9461 (Directory traversal vulnerability in models/Cart66.php in the Cart66 ...)
+CVE-2014-9461
 	NOT-FOR-US: Cart66 Lite plugin for WordPress
-CVE-2014-9460 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9460
 	NOT-FOR-US: WP-ViperGB plugin for WordPress
-CVE-2014-9459 (Cross-site request forgery (CSRF) vulnerability in the AdminObserver ...)
+CVE-2014-9459
 	NOT-FOR-US: e107
-CVE-2014-9458 (Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA ...)
+CVE-2014-9458
 	NOT-FOR-US: Hex-Rays IDA Pro
-CVE-2014-9457 (SQL injection vulnerability in classes/mono_display.class.php in PMB ...)
+CVE-2014-9457
 	NOT-FOR-US: PMB
-CVE-2014-9456 (Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have ...)
+CVE-2014-9456
 	NOT-FOR-US: NotePad++
-CVE-2014-9455 (SQL injection vulnerability in showads.php in CTS Projects &amp; Software ...)
+CVE-2014-9455
 	NOT-FOR-US: CTS Projects & Software ClassAd
-CVE-2014-9454 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9454
 	NOT-FOR-US: Simple Sticky Footer plugin for WordPress
-CVE-2014-9453 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-9453
 	NOT-FOR-US: Simple visitor stat plugin for WordPress
-CVE-2014-9452 (Directory traversal vulnerability in VDG Security SENSE (formerly ...)
+CVE-2014-9452
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9451 (Multiple stack-based buffer overflows in the DIVA web service API ...)
+CVE-2014-9451
 	NOT-FOR-US: VDG Security SENS
-CVE-2014-9448 (Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 ...)
+CVE-2014-9448
 	NOT-FOR-US: Mini-stream RM-MP3 Converter
-CVE-2014-9445 (SQL injection vulnerability in incl/create.inc.php in Installatron GQ ...)
+CVE-2014-9445
 	NOT-FOR-US: GQ File Manager
-CVE-2014-9444 (Cross-site scripting (XSS) vulnerability in the Frontend Uploader ...)
+CVE-2014-9444
 	NOT-FOR-US: Frontend Uploader plugin for WordPress
-CVE-2014-9443 (Cross-site scripting (XSS) vulnerability in the Relevanssi plugin ...)
+CVE-2014-9443
 	NOT-FOR-US: Relevanssi plugin for WordPress
-CVE-2014-9442 (SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 ...)
+CVE-2014-9442
 	NOT-FOR-US: Cart66 Lite plugin for WordPress
-CVE-2014-9441 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9441
 	NOT-FOR-US: Lightbox Photo Gallery plugin for WordPress
-CVE-2014-9440 (SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows ...)
+CVE-2014-9440
 	NOT-FOR-US: phpMyRecipes
-CVE-2014-9439 (Cross-site scripting (XSS) vulnerability in Easy File Sharing Web ...)
+CVE-2014-9439
 	NOT-FOR-US: Easy File Sharing Web Server
-CVE-2014-9438 (Cross-site request forgery (CSRF) vulnerability in the Moderator ...)
+CVE-2014-9438
 	NOT-FOR-US: vBulletin
-CVE-2014-9437 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9437
 	NOT-FOR-US: Sliding Social Icons plugin for WordPress
-CVE-2014-9436 (Absolute path traversal vulnerability in SysAid On-Premise before ...)
+CVE-2014-9436
 	NOT-FOR-US: SysAid
-CVE-2014-9435 (Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow ...)
+CVE-2014-9435
 	NOT-FOR-US: Absolut Engine
-CVE-2014-9434 (Cross-site scripting (XSS) vulnerability in admin/managerrelated.php ...)
+CVE-2014-9434
 	NOT-FOR-US: Absolut Engine
-CVE-2014-9431 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-9431
 	NOT-FOR-US: Smoothwall
-CVE-2014-9430 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-9430
 	NOT-FOR-US: Smoothwall
-CVE-2014-9429 (Multiple cross-site scripting (XSS) vulnerabilities in Smoothwall ...)
+CVE-2014-9429
 	NOT-FOR-US: Smoothwall
-CVE-2014-9507 (MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when ...)
+CVE-2014-9507
 	- mediawiki <not-affected> (There is no content handler in REL1_19)
 	NOTE: Upstream bug https://phabricator.wikimedia.org/T72901
-CVE-2014-9506 (MantisBT before 1.2.18 does not properly check permissions when ...)
+CVE-2014-9506
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=9885
-CVE-2014-9584 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
+CVE-2014-9584
 	{DSA-3128-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/linus/4e2024624e678f0ebb916e6192bd23c1f9fdf696 (v3.19-rc3)
-CVE-2014-10022 (Apache Traffic Server before 5.1.2 allows remote attackers to cause a ...)
+CVE-2014-10022
 	- trafficserver 5.2.0-1 (bug #778895)
 	[wheezy] - trafficserver <not-affected> (Only affects 5.x)
 	NOTE: https://issues.apache.org/jira/browse/TS-3223 (fixed in 5.1.2)
@@ -1973,50 +1973,50 @@ CVE-2014-XXXX [insecure LUA default load path]
 	- libquvi 0.4.1-3 (low; bug #774555)
 	[wheezy] - libquvi <no-dsa> (Minor issue)
 	[squeeze] - libquvi <no-dsa> (Minor issue)
-CVE-2014-9489 (The gollum-grit_adapter Ruby gem dependency in gollum before 3.1.1 and ...)
+CVE-2014-9489
 	NOT-FOR-US: Gollum wiki
-CVE-2014-9487 (The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and ...)
+CVE-2014-9487
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
 CVE-2014-9481
 	RESERVED
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9480 (Cross-site scripting (XSS) vulnerability in the Hovercards extension ...)
+CVE-2014-9480
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9479 (Cross-site scripting (XSS) vulnerability in the preview in the ...)
+CVE-2014-9479
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9478 (Cross-site scripting (XSS) vulnerability in the preview in the ...)
+CVE-2014-9478
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9477 (Multiple cross-site scripting (XSS) vulnerabilities in the Listings ...)
+CVE-2014-9477
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9450 (Multiple SQL injection vulnerabilities in chart_bar.php in the ...)
+CVE-2014-9450
 	- zabbix 1:2.2.7+dfsg-2 (bug #774750)
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://support.zabbix.com/browse/ZBX-8582
 	NOTE: https://github.com/svn2github/zabbix/commit/984bd3bec2d6ca5a80104a5574d19b7f4d04f24b
-CVE-2014-9449 (Buffer overflow in the RiffVideo::infoTagsHandler function in ...)
+CVE-2014-9449
 	- exiv2 0.24-4.1 (bug #773846)
 	[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
 	[squeeze] - exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: http://dev.exiv2.org/issues/960
 	NOTE: http://dev.exiv2.org/projects/exiv2/repository/diff?rev=3264&rev_to=3263
-CVE-2014-9447 (Directory traversal vulnerability in the read_long_names function in ...)
+CVE-2014-9447
 	- elfutils 0.159-4.1 (bug #775536)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	[squeeze] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
-CVE-2014-9529 (Race condition in the key_gc_unused_keys function in ...)
+CVE-2014-9529
 	{DSA-3128-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: http://marc.info/?l=linux-kernel&m=141986398232547&w=2
 	NOTE: http://marc.info/?l=linux-kernel&m=142047362307894&w=2
-CVE-2014-9513 (Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows ...)
+CVE-2014-9513
 	- xbindkeys-config <unfixed> (unimportant; bug #772473)
 	[jessie] - xbindkeys-config <no-dsa> (Minor issue)
 	[wheezy] - xbindkeys-config <no-dsa> (Minor issue)
 	[squeeze] - xbindkeys-config <no-dsa> (Minor issue)
 	NOTE: Not exploitable with kernel hardening since jessie
-CVE-2014-9495 (Heap-based buffer overflow in the png_combine_row function in libpng ...)
+CVE-2014-9495
 	- libpng <not-affected> (Affects 1.5.x and 1.6.x series)
 	- texlive-bin 2014.20140926.35254-4 (bug #773824)
 	[squeeze] - texlive-bin <not-affected> (has a copy of libpng 1.2)
@@ -2025,13 +2025,13 @@ CVE-2014-9495 (Heap-based buffer overflow in the png_combine_row function in lib
 	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	- icedove <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/33173461/
-CVE-2014-9465 (senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in ...)
+CVE-2014-9465
 	- zarafa <itp> (bug #658433)
-CVE-2014-9446 (Multiple cross-site scripting (XSS) vulnerabilities in the Staff ...)
+CVE-2014-9446
 	- koha <itp> (bug #702134)
-CVE-2014-9433 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-9433
 	NOT-FOR-US: Contenido CMS
-CVE-2014-9432 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-9432
 	- serendipity <removed>
 CVE-2014-XXXX [denial of service with specific packets]
 	- libhtp 1:0.5.25-1 (bug #774897)
@@ -2040,35 +2040,35 @@ CVE-2014-XXXX [denial of service with specific packets]
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1272
 	NOTE: https://github.com/inliniac/libhtp/commit/4acebf251bb6c8343dd5f37f1b48cb38fec4fed4
 	NOTE: CVE Request: http://seclists.org/oss-sec/2014/q4/1035
-CVE-2014-9485 (Directory traversal vulnerability in the do_extract_currentfile ...)
+CVE-2014-9485
 	- minizip 1.1-5 (low; bug #774321)
-CVE-2014-9426 (** DISPUTED ** The apprentice_load function in libmagic/apprentice.c ...)
+CVE-2014-9426
 	NOTE: Disputed PHP issue to be rejected, code wasn't present in squeeze/wheezy or file (PHP-specific)
-CVE-2014-9423 (The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c ...)
+CVE-2014-9423
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-9422 (The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in ...)
+CVE-2014-9422
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-9421 (The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in ...)
+CVE-2014-9421
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-9418 (The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei ...)
+CVE-2014-9418
 	NOT-FOR-US: Huawei
-CVE-2014-9417 (The Meeting component in Huawei eSpace Desktop before V100R001C03 ...)
+CVE-2014-9417
 	NOT-FOR-US: Huawei
-CVE-2014-9416 (Multiple untrusted search path vulnerabilities in Huawei eSpace ...)
+CVE-2014-9416
 	NOT-FOR-US: Huawei
-CVE-2014-9415 (Huawei eSpace Desktop before V100R001C03 allows local users to ...)
+CVE-2014-9415
 	NOT-FOR-US: Huawei
-CVE-2014-9414 (The W3 Total Cache plugin before 0.9.4.1 for WordPress does not ...)
+CVE-2014-9414
 	NOT-FOR-US: WordPress plugin W3 Total Cache
-CVE-2014-9413 (Multiple cross-site request forgery (CSRF) vulnerabilities in the IP ...)
+CVE-2014-9413
 	NOT-FOR-US: IP Ban (simple-ip-ban) plugin for WordPress
-CVE-2014-9482 (Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through ...)
+CVE-2014-9482
 	- dwarfutils <not-affected> (Vulnerable code introduced later, see bug #774530)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/12/31/3
-CVE-2014-9427 (sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x ...)
+CVE-2014-9427
 	{DSA-3117-1}
 	- php5 5.6.5+dfsg-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.4.1)
@@ -2077,25 +2077,25 @@ CVE-2014-9427 (sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5
 CVE-2014-XXXX [CRAM-MD5 authentication bypass]
 	- dbmail <not-affected> (Only affects versions supporting cram-md5, so 3.0.0 and later)
 	NOTE: http://blog.gmane.org/gmane.mail.imap.dbmail/day=20141219
-CVE-2014-9483 (Emacs 24.4 allows remote attackers to bypass security restrictions. ...)
+CVE-2014-9483
 	- emacs24 24.5+1-1 (unimportant; bug #774090)
 	- emacs23 <not-affected> (Only affects Emacs 24)
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=18939
 	NOTE: Plain bug, security implications rather far-fetched
-CVE-2014-9556 (Integer overflow in the qtmd_decompress function in libmspack 0.4 ...)
+CVE-2014-9556
 	- libmspack 0.4-2 (bug #773041)
 	- cabextract 1.4-5 (bug #772891)
 	[wheezy] - cabextract <no-dsa> (Minor issue)
 	[squeeze] - cabextract <no-dsa> (Minor issue)
 	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
-CVE-2014-9428 (The batadv_frag_merge_packets function in ...)
+CVE-2014-9428
 	- linux 3.16.7-ckt4-1 (bug #774155)
 	[wheezy] - linux <not-affected> (Introduced in 3.13)
 	- linux-2.6 <not-affected> (Introduced in 3.13)
 	NOTE: http://thread.gmane.org/gmane.linux.network/343494
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=610bfc6bc99bc83680d190ebc69359a05fc7f605 (v3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5b6698b0e4a37053de35cc24ee695b98a7eb712b
-CVE-2014-9496 (The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows ...)
+CVE-2014-9496
 	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-9.1 (low; bug #774162)
 	[squeeze] - libsndfile <no-dsa> (Minor issue)
@@ -2103,68 +2103,68 @@ CVE-2014-XXXX [a2p: buffer overflow]
 	- perl 5.22.0~rc2-1 (unimportant; bug #769606)
 CVE-2014-9486
 	REJECTED
-CVE-2014-9497 (Buffer overflow in mpg123 before 1.18.0. ...)
+CVE-2014-9497
 	{DLA-655-1}
 	- mpg123 1.18.0-1
 	[squeeze] - mpg123 <not-affected> (Introduced in 1.14.1)
 	NOTE: http://sourceforge.net/p/mpg123/bugs/201/
-CVE-2014-9425 (Double free vulnerability in the zend_ts_hash_graceful_destroy ...)
+CVE-2014-9425
 	- php5 <removed> (unimportant; bug #774154)
 	NOTE: php5 binary packages not built with --with-maintainer-zts
-CVE-2014-9424 (Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext ...)
+CVE-2014-9424
 	- libressl <itp> (bug #754513)
-CVE-2014-9412 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access ...)
+CVE-2014-9412
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-9411 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2014-9411
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9410 (The vfe31_proc_general function in ...)
+CVE-2014-9410
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2014-9409
 	RESERVED
-CVE-2014-9408 (Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location ...)
+CVE-2014-9408
 	NOT-FOR-US: Ekahau Real-Time Location Tracking System
-CVE-2014-9407 (Multiple cross-site request forgery (CSRF) vulnerabilities in Revive ...)
+CVE-2014-9407
 	NOT-FOR-US: Revive Adserver
-CVE-2014-9406 (ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT ...)
+CVE-2014-9406
 	NOT-FOR-US: ARRIS Touchstone TG862G/CT Telephony Gateway
 CVE-2014-9405
 	RESERVED
 CVE-2014-9404
 	RESERVED
-CVE-2014-9401 (Cross-site request forgery (CSRF) vulnerability in the WP Limit Posts ...)
+CVE-2014-9401
 	NOT-FOR-US: WP Limit Posts Automatically plugin for WordPress
-CVE-2014-9400 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Wp ...)
+CVE-2014-9400
 	NOT-FOR-US: Wp Unique Article Header Image plugin for WordPress
-CVE-2014-9399 (Cross-site request forgery (CSRF) vulnerability in the TweetScribe ...)
+CVE-2014-9399
 	NOT-FOR-US: TweetScribe plugin for WordPress
-CVE-2014-9398 (Cross-site request forgery (CSRF) vulnerability in the Twitter ...)
+CVE-2014-9398
 	NOT-FOR-US: Twitter LiveBlog plugin for WordPress
-CVE-2014-9397 (Cross-site request forgery (CSRF) vulnerability in the twimp-wp plugin ...)
+CVE-2014-9397
 	NOT-FOR-US: twimp-wp plugin for WordPress
-CVE-2014-9396 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9396
 	NOT-FOR-US: SimpleFlickr plugin for WordPress
-CVE-2014-9395 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9395
 	NOT-FOR-US: Simplelife plugin for WordPress
-CVE-2014-9394 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9394
 	NOT-FOR-US: PWGRandom plugin for WordPress
-CVE-2014-9393 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Post ...)
+CVE-2014-9393
 	NOT-FOR-US: Post to Twitter plugin for WordPress
-CVE-2014-9392 (Cross-site request forgery (CSRF) vulnerability in the PictoBrowser ...)
+CVE-2014-9392
 	NOT-FOR-US: PictoBrowser plugin for WordPress
-CVE-2014-9391 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9391
 	NOT-FOR-US: gSlideShow plugin for WordPress
-CVE-2014-9389 (Directory traversal vulnerability in Sonatype Nexus OSS and Pro before ...)
+CVE-2014-9389
 	NOT-FOR-US: Sonatype Nexus OSS and Pro
-CVE-2014-9388 (bug_report.php in MantisBT before 1.2.18 allows remote attackers to ...)
+CVE-2014-9388
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17878
-CVE-2014-9387 (SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the ...)
+CVE-2014-9387
 	NOT-FOR-US: SAP BussinessObjects Edge
-CVE-2014-9386 (Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the ...)
+CVE-2014-9386
 	- zenoss <itp> (bug #361253)
-CVE-2014-9385 (Cross-site request forgery (CSRF) vulnerability in Zenoss Core through ...)
+CVE-2014-9385
 	- zenoss <itp> (bug #361253)
 CVE-2014-9384
 	RESERVED
@@ -2172,26 +2172,26 @@ CVE-2014-9383
 	RESERVED
 CVE-2014-9382
 	RESERVED
-CVE-2014-9375 (Directory traversal vulnerability in the LibraryFileUploadServlet ...)
+CVE-2014-9375
 	NOT-FOR-US: Lexmark
-CVE-2014-9373 (Directory traversal vulnerability in the CollectorConfInfoServlet ...)
+CVE-2014-9373
 	NOT-FOR-US: ManageEngine NetFlow Analyzer
-CVE-2014-9372 (Directory traversal vulnerability in the UploadAccountActivities ...)
+CVE-2014-9372
 	NOT-FOR-US: ManageEngine Password Manager Pro
-CVE-2014-9371 (The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 ...)
+CVE-2014-9371
 	NOT-FOR-US: ManageEngine Desktop Central MSP
 CVE-2014-9370
 	RESERVED
-CVE-2014-9369 (Siemens SPC controllers SPC4000, SPC5000, and SPC6000 before 3.6.0 ...)
+CVE-2014-9369
 	NOT-FOR-US: Siemens
-CVE-2014-9368 (Cross-site request forgery (CSRF) vulnerability in the twitterDash ...)
+CVE-2014-9368
 	NOT-FOR-US: WordPress plugin twitterDash
-CVE-2014-9367 (Incomplete blacklist vulnerability in the urlEncode function in ...)
+CVE-2014-9367
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-9367
 CVE-2014-9366
 	RESERVED
-CVE-2014-9493 (The V2 API in OpenStack Image Registry and Delivery Service (Glance) ...)
+CVE-2014-9493
 	- glance 2014.1.3-6 (bug #773836)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: up to 2014.1.3 and 2014.2 version up to 2014.2.1
@@ -2201,21 +2201,21 @@ CVE-2014-XXXX
 	[squeeze] - json-glib <not-affected> (Tool not yet present)
 	[wheezy] - json-glib <not-affected> (Tool not yet present)
 	NOTE: Negligible security impact
-CVE-2014-9475 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki ...)
+CVE-2014-9475
 	{DSA-3110-1}
 	- mediawiki 1:1.19.20+dfsg-2.2 (bug #773654)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://phabricator.wikimedia.org/T76686 (still not public)
-CVE-2014-9476 (MediaWiki 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before ...)
+CVE-2014-9476
 	- mediawiki <not-affected> (CORS support was added in 1.20)
 	NOTE: https://phabricator.wikimedia.org/T77028
-CVE-2014-9419 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux ...)
+CVE-2014-9419
 	{DSA-3128-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too risky to backport)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=f647d7c155f069c1a068030255c300663516420e (v3.19-rc1)
-CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux kernel ...)
+CVE-2014-9420
 	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
@@ -2239,33 +2239,33 @@ CVE-2014-9390 [arbitrary command execution vulnerability on case-insensitive fil
 	[jessie] - dulwich <no-dsa> (Minor issue)
 	[wheezy] - dulwich <no-dsa> (Minor issue)
 	[squeeze] - dulwich <no-dsa> (Minor issue)
-CVE-2014-9376 (Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a ...)
+CVE-2014-9376
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9377 (Heap-based buffer overflow in the nbns_spoof function in ...)
+CVE-2014-9377
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9378 (Ettercap 0.8.1 does not validate certain return values, which allows ...)
+CVE-2014-9378
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9379 (The radius_get_attribute function in dissectors/ec_radius.c in ...)
+CVE-2014-9379
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9380 (The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 ...)
+CVE-2014-9380
 	{DLA-126-1}
 	- ettercap 1:0.8.1-3 (bug #773416)
 	NOTE: Patch for squeeze in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20
-CVE-2014-9381 (Integer signedness error in the dissector_cvs function in ...)
+CVE-2014-9381
 	{DLA-126-1}
 	- ettercap 1:0.8.1-3 (bug #773416)
 	NOTE: Patch for squeeze in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20
-CVE-2014-9403 (The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC ...)
+CVE-2014-9403
 	- znc 1.2-4 (bug #744712)
 	[wheezy] - znc <no-dsa> (Minor issue)
 	[squeeze] - znc <no-dsa> (Minor issue)
 	NOTE: https://github.com/znc/znc/issues/528
 	NOTE: https://github.com/znc/znc/commit/8756be513ab6663dcd64087006b257ff34e8e487
-CVE-2014-9620 (The ELF parser in file 5.08 through 5.21 allows remote attackers to ...)
+CVE-2014-9620
 	{DSA-3121-1}
 	- file 1:5.21+15-1
 	[squeeze] - file <not-affected> (Introduced in 5.08)
@@ -2273,7 +2273,7 @@ CVE-2014-9620 (The ELF parser in file 5.08 through 5.21 allows remote attackers
 	NOTE: Report: http://mx.gw.com/pipermail/file/2014/001653.html
 	NOTE: Fix: https://github.com/file/file/commit/ce90e05774dd77d86cfc8dfa6da57b32816841c4
 	NOTE: Introduced by: https://github.com/file/file/commit/956a45ab1c54b11304b367056f41905e72a02380#diff-bc5c24ef9f39a5f4963ca28ecbc645b3L423
-CVE-2014-9621 (The ELF parser in file 5.16 through 5.21 allows remote attackers to ...)
+CVE-2014-9621
 	- file 1:5.21+15-1
 	[wheezy] - file <not-affected> (Introduced in 5.16)
 	[squeeze] - file <not-affected> (Introduced in 5.16)
@@ -2284,7 +2284,7 @@ CVE-2014-9621 (The ELF parser in file 5.16 through 5.21 allows remote attackers
 	NOTE: Fix: https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c
 	NOTE: Introduced by: https://github.com/file/file/commit/c8451af8ab0c2e2a93ce93b9c68257d31576cc85 (5.16)
 	NOTE: readelf.c has been removed in PHP in 5.6.5, see http://php.net/ChangeLog-5.php#5.6.5
-CVE-2014-9494 (RabbitMQ before 3.4.0 allows remote attackers to bypass the ...)
+CVE-2014-9494
 	- rabbitmq-server 3.4.1-1 (bug #773134)
 	[jessie] - rabbitmq-server 3.3.5-1.1
 	[wheezy] - rabbitmq-server <not-affected> (does not have this access control mechanism)
@@ -2292,7 +2292,7 @@ CVE-2014-9494 (RabbitMQ before 3.4.0 allows remote attackers to bypass the ...)
 	NOTE: http://hg.rabbitmq.com/rabbitmq-management/rev/c3c41177a11a
 	NOTE: http://hg.rabbitmq.com/rabbitmq-management/rev/35e916df027d
 	NOTE: http://www.rabbitmq.com/release-notes/README-3.4.0.txt
-CVE-2014-9652 (The mconvert function in softmagic.c in file before 5.21, as used in ...)
+CVE-2014-9652
 	{DSA-3126-1 DSA-3121-1 DLA-145-1}
 	- file 1:5.21+15-1
 	[squeeze] - file <not-affected> (The code was not vulnerable, confirmed with Valgrind on the test data submitted to upstream)
@@ -2302,7 +2302,7 @@ CVE-2014-9652 (The mconvert function in softmagic.c in file before 5.21, as used
 	NOTE: http://bugs.gw.com/view.php?id=398
 	NOTE: https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158
 	NOTE: https://bugs.php.net/bug.php?id=68735
-CVE-2014-9402 (The nss_dns implementation of getnetbyname in GNU C Library (aka ...)
+CVE-2014-9402
 	{DSA-3169-1 DLA-122-1}
 	- glibc 2.19-14 (bug #775572)
 	- eglibc <removed>
@@ -2312,99 +2312,99 @@ CVE-2014-XXXX [freetype: out of bounds write]
 	[wheezy] - freetype <not-affected> (introduced in freetype 2.5)
 	[squeeze] - freetype <not-affected> (introduced in freetype 2.5)
 	NOTE: The affected code isn't enabled in Debian, see #773084
-CVE-2014-9364 (Cross-site scripting (XSS) vulnerability in the Unified Login form in ...)
+CVE-2014-9364
 	NOT-FOR-US: LoginToboggan Drupal Module
-CVE-2014-9363 (Open redirect vulnerability in the path-based meta tag editing form in ...)
+CVE-2014-9363
 	NOT-FOR-US: Meta tags quick Drupal Module
-CVE-2014-9362 (Cross-site scripting (XSS) vulnerability in the path-based meta tag ...)
+CVE-2014-9362
 	NOT-FOR-US: Meta tags quick Drupal module
-CVE-2014-9361 (The LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal does not ...)
+CVE-2014-9361
 	NOT-FOR-US: LoginToboggan Drupal Module
-CVE-2014-9360 (XML external entity (XXE) vulnerability in Scalix Web Access ...)
+CVE-2014-9360
 	NOT-FOR-US: Scalix Web Access
 CVE-2014-9359
 	RESERVED
-CVE-2014-9358 (Docker before 1.3.3 does not properly validate image IDs, which allows ...)
+CVE-2014-9358
 	- docker.io 1.3.3~dfsg1-1 (bug #772909)
-CVE-2014-9357 (Docker 1.3.2 allows remote attackers to execute arbitrary code with ...)
+CVE-2014-9357
 	- docker.io 1.3.3~dfsg1-1 (bug #772909)
 CVE-2014-9356 [Path traversal during processing of absolute symlinks]
 	RESERVED
 	- docker.io 1.3.3~dfsg1-1 (bug #772909)
-CVE-2014-9355 (Puppet Enterprise before 3.7.1 allows remote authenticated users to ...)
+CVE-2014-9355
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2014-9354 (NetApp OnCommand Balance before 4.2P3 allows local users to obtain ...)
+CVE-2014-9354
 	NOT-FOR-US: NetApp OnCommand Balance
-CVE-2014-9353 (NetApp OnCommand Balance before 4.2P2 contains a &quot;default privileged ...)
+CVE-2014-9353
 	NOT-FOR-US: NetApp OnCommand Balance
-CVE-2014-9352 (Cross-site scripting (XSS) vulnerability in the mail administration ...)
+CVE-2014-9352
 	NOT-FOR-US: Scalix Web Access
-CVE-2014-9350 (TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build ...)
+CVE-2014-9350
 	NOT-FOR-US: TP-Link Router
-CVE-2014-9349 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-9349
 	NOT-FOR-US: RobotStats
-CVE-2014-9348 (SQL injection vulnerability in the formulaireRobot function in ...)
+CVE-2014-9348
 	NOT-FOR-US: RobotStats
-CVE-2014-9347 (SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 ...)
+CVE-2014-9347
 	NOT-FOR-US: phpMyRecipes
-CVE-2014-9346 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-9346
 	NOT-FOR-US: Hierarchical Select Drupal Module
-CVE-2014-9345 (SQL injection vulnerability in Guruperl.net Advertise With Pleasure! ...)
+CVE-2014-9345
 	NOT-FOR-US: AWP PRO
-CVE-2014-9344 (Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before ...)
+CVE-2014-9344
 	NOT-FOR-US: Snowfox CMS
-CVE-2014-9343 (Open redirect vulnerability in ...)
+CVE-2014-9343
 	NOT-FOR-US: Snowfox CMS
-CVE-2014-9342 (Cross-site scripting (XSS) vulnerability in the tree view ...)
+CVE-2014-9342
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-9341 (Multiple cross-site request forgery (CSRF) vulnerabilities in the yURL ...)
+CVE-2014-9341
 	NOT-FOR-US: WordPress plugin yURL ReTwitt
-CVE-2014-9340 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9340
 	NOT-FOR-US: WordPress plugin wpCommentTwit
-CVE-2014-9339 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9339
 	NOT-FOR-US: WordPress plugin SPNbabble
-CVE-2014-9338 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9338
 	NOT-FOR-US: WordPress plugin O2Tweet
-CVE-2014-9337 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9337
 	NOT-FOR-US: WordPress plugin Mikiurl Wordpress Eklentisi
-CVE-2014-9336 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9336
 	NOT-FOR-US: WordPress plugin iTwitter
-CVE-2014-9335 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9335
 	NOT-FOR-US: WordPress plugin DandyID Services
-CVE-2014-9334 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Bird ...)
+CVE-2014-9334
 	NOT-FOR-US: Bird Feeder plugin for WordPress
 CVE-2014-9333
 	RESERVED
 CVE-2014-9332
 	RESERVED
-CVE-2014-9331 (Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine ...)
+CVE-2014-9331
 	NOT-FOR-US: ZOHO ManageEngine Desktop Central
-CVE-2014-9330 (Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows ...)
+CVE-2014-9330
 	{DSA-3273-1 DLA-221-1}
 	- tiff 4.0.3-12 (bug #773987)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2494
 CVE-2014-9329
 	RESERVED
-CVE-2014-9328 (ClamAV before 0.98.6 allows remote attackers to have unspecified ...)
+CVE-2014-9328
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/5e1fbf3668bd167828d675830103b3c1ccdcb76d
 CVE-2014-9327
 	RESERVED
-CVE-2014-9326 (The automatic signature update functionality in the (1) Phone Home ...)
+CVE-2014-9326
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-9325 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 ...)
+CVE-2014-9325
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-9325
-CVE-2014-9324 (The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x ...)
+CVE-2014-9324
 	{DSA-3124-1}
 	- otrs2 3.3.9-3
 	[squeeze] - otrs2 <not-affected> (Problematic module got introduced later)
 	NOTE: https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/
 	NOTE: Fix for 3.1.x: https://github.com/OTRS/otrs/commit/3058438a372db0d1a11c365d48a5fc7b1db24e90
-CVE-2014-9322 (arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not ...)
+CVE-2014-9322
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux 3.2.63-2+deb7u2
 	- linux-2.6 <removed>
@@ -2414,23 +2414,23 @@ CVE-2014-9321
 CVE-2014-9320
 	RESERVED
 	NOT-FOR-US: SAP Business Objects
-CVE-2014-9319 (The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg ...)
+CVE-2014-9319
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ea38e5a6b75706477898eb1e6582d667dbb9946c
-CVE-2014-9318 (The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, ...)
+CVE-2014-9318
 	- libav <not-affected> (Vulnerable code not present, format not supported)
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1d3a3b9f8907625b361420d48fe05716859620ff
-CVE-2014-9317 (The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before ...)
+CVE-2014-9317
 	{DLA-1611-1}
 	- libav <removed>
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8
-CVE-2014-9316 (The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg ...)
+CVE-2014-9316
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -2441,41 +2441,41 @@ CVE-2014-9314
 	RESERVED
 CVE-2014-9313
 	RESERVED
-CVE-2014-9312 (Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. ...)
+CVE-2014-9312
 	NOT-FOR-US: Photo Gallery
-CVE-2014-9311 (Cross-site scripting (XSS) vulnerability in admin.php in the ...)
+CVE-2014-9311
 	NOT-FOR-US: Shareaholic plugin for WordPress
-CVE-2014-9310 (Cross-site scripting (XSS) vulnerability in the WordPress Backup to ...)
+CVE-2014-9310
 	NOT-FOR-US: WordPress Backup to Dropbox plugin for WordPress
 CVE-2014-9309
 	RESERVED
-CVE-2014-9308 (Unrestricted file upload vulnerability in ...)
+CVE-2014-9308
 	NOT-FOR-US: WordPress plugin WP EasyCart
 CVE-2014-9307
 	RESERVED
 CVE-2014-9306
 	RESERVED
-CVE-2014-9305 (SQL injection vulnerability in the shortcodeProductsTable function in ...)
+CVE-2014-9305
 	NOT-FOR-US: shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin for WordPress
-CVE-2014-9304 (Plex Media Server before 0.9.9.3 allows remote attackers to bypass the ...)
+CVE-2014-9304
 	NOT-FOR-US: Plex Media Server
-CVE-2014-9303 (EntryPass N5200 Active Network Control Panel allows remote attackers ...)
+CVE-2014-9303
 	NOT-FOR-US: EntryPass
-CVE-2014-9302 (Server-side request forgery (SSRF) vulnerability in the cmisbrowser ...)
+CVE-2014-9302
 	NOT-FOR-US: Alfresco Community Edition
-CVE-2014-9301 (Server-side request forgery (SSRF) vulnerability in the proxy servlet ...)
+CVE-2014-9301
 	NOT-FOR-US: Alfreso Community Edition
-CVE-2014-9300 (Cross-site request forgery (CSRF) vulnerability in the cmisbrowser ...)
+CVE-2014-9300
 	NOT-FOR-US: Alfreso Community Edition
 CVE-2014-9299
 	REJECTED
-CVE-2014-9374 (Double free vulnerability in the WebSocket Server (res_http_websocket ...)
+CVE-2014-9374
 	- asterisk 1:13.1.0~dfsg-1 (bug #773230)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[wheezy] - asterisk <not-affected> (Web socket code not yet present)
 	[squeeze] - asterisk <not-affected> (Web socket code not yet present)
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-019.html
-CVE-2014-9323 (The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x ...)
+CVE-2014-9323
 	{DSA-3109-1 DLA-130-1 DLA-123-1}
 	- firebird2.5 2.5.3.26778.ds4-5 (bug #772880)
 	- firebird2.1 <removed>
@@ -2485,25 +2485,25 @@ CVE-2014-9298
 	REJECTED
 CVE-2014-9297
 	REJECTED
-CVE-2014-9296 (The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 ...)
+CVE-2014-9296
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2670 (not yet open)
-CVE-2014-9295 (Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 ...)
+CVE-2014-9295
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2667 (not yet open)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2668 (not yet open)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2669 (not yet open)
-CVE-2014-9294 (util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak ...)
+CVE-2014-9294
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2666 (not yet open)
-CVE-2014-9293 (The config_auth function in ntpd in NTP before 4.2.7p11, when an auth ...)
+CVE-2014-9293
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2665 (not yet open)
-CVE-2014-9292 (Server-side request forgery (SSRF) vulnerability in proxy.php in the ...)
+CVE-2014-9292
 	NOT-FOR-US: jRSS WordPress Plugin
 CVE-2014-9291
 	REJECTED
@@ -2519,33 +2519,33 @@ CVE-2014-9286
 	REJECTED
 CVE-2014-9285
 	REJECTED
-CVE-2014-9284 (The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, ...)
+CVE-2014-9284
 	NOT-FOR-US: Buffalo routers
-CVE-2014-9283 (The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows ...)
+CVE-2014-9283
 	NOT-FOR-US: BestWebSoft plugin for WordPress
-CVE-2014-9282 (Directory traversal vulnerability in the Speed Root Explorer ...)
+CVE-2014-9282
 	NOT-FOR-US: Speed Root Explorer
-CVE-2014-9268 (The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) ...)
+CVE-2014-9268
 	NOT-FOR-US: Autodesk Design Review
-CVE-2014-9267 (Heap-based buffer overflow in the PTC IsoView ActiveX control allows ...)
+CVE-2014-9267
 	NOT-FOR-US: PTC IsoView
-CVE-2014-9266 (The STWConfig ActiveX control in Samsung SmartViewer does not properly ...)
+CVE-2014-9266
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2014-9265 (Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ...)
+CVE-2014-9265
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2014-9264 (Stack-based buffer overflow in the .NET Data Provider in SAP SQL ...)
+CVE-2014-9264
 	NOT-FOR-US: SAP SQL Anywhere
-CVE-2014-9263 (Multiple buffer overflows in the ...)
+CVE-2014-9263
 	NOT-FOR-US: 3S Pocketnet Tech VMS
-CVE-2014-9262 (The Duplicator plugin in Wordpress before 0.5.10 allows remote ...)
+CVE-2014-9262
 	NOT-FOR-US: Duplicator plugin in Wordpress
-CVE-2014-9261 (The sanitize function in Codoforum 2.5.1 does not properly implement ...)
+CVE-2014-9261
 	NOT-FOR-US: Codoforum
-CVE-2014-9260 (The basic_settings function in the download manager plugin for ...)
+CVE-2014-9260
 	NOT-FOR-US: download manager plugin for WordPress
 CVE-2014-9259
 	RESERVED
-CVE-2014-9258 (SQL injection vulnerability in ajax/getDropdownValue.php in GLPI ...)
+CVE-2014-9258
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2014-9257
@@ -2554,58 +2554,58 @@ CVE-2014-9256
 	RESERVED
 CVE-2014-9255
 	RESERVED
-CVE-2014-9254 (bb_func_unsub.php in MiniBB 3.1 before 20141127 uses an incorrect ...)
+CVE-2014-9254
 	NOT-FOR-US: MiniBB
-CVE-2014-9253 (The default file type whitelist configuration in conf/mime.conf in the ...)
+CVE-2014-9253
 	- dokuwiki 0.0.20140929.d-1 (bug #773429)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	[squeeze] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/778ddf6f2cd9ed38b9db2d73e823b8c21243a960
 	NOTE: Advisory: http://security.szurek.pl/dokuwiki-20140929a-xss.html
-CVE-2014-9252 (Zenoss Core through 5 Beta 3 stores cleartext passwords in the session ...)
+CVE-2014-9252
 	- zenoss <itp> (bug #361253)
-CVE-2014-9251 (Zenoss Core through 5 Beta 3 uses a weak algorithm to hash passwords, ...)
+CVE-2014-9251
 	- zenoss <itp> (bug #361253)
-CVE-2014-9250 (Zenoss Core through 5 Beta 3 does not include the HTTPOnly flag in a ...)
+CVE-2014-9250
 	- zenoss <itp> (bug #361253)
-CVE-2014-9249 (The default configuration of Zenoss Core before 5 allows remote ...)
+CVE-2014-9249
 	- zenoss <itp> (bug #361253)
-CVE-2014-9248 (Zenoss Core through 5 Beta 3 does not require complex passwords, which ...)
+CVE-2014-9248
 	- zenoss <itp> (bug #361253)
-CVE-2014-9247 (Zenoss Core through 5 Beta 3 allows remote authenticated users to ...)
+CVE-2014-9247
 	- zenoss <itp> (bug #361253)
 CVE-2014-9246
 	REJECTED
-CVE-2014-9245 (Zenoss Core through 5 Beta 3 allows remote attackers to obtain ...)
+CVE-2014-9245
 	- zenoss <itp> (bug #361253)
 CVE-2014-9244
 	REJECTED
-CVE-2014-9243 (Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker ...)
+CVE-2014-9243
 	NOT-FOR-US: WebsiteBaker
-CVE-2014-9242 (SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker ...)
+CVE-2014-9242
 	NOT-FOR-US: WebsiteBaker
-CVE-2014-9241 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...)
+CVE-2014-9241
 	NOT-FOR-US: MyBB
-CVE-2014-9240 (SQL injection vulnerability in member.php in MyBB (aka ...)
+CVE-2014-9240
 	NOT-FOR-US: MyBB
-CVE-2014-9239 (SQL injection vulnerability in the IPS Connect service ...)
+CVE-2014-9239
 	NOT-FOR-US: Invision Power Board
-CVE-2014-9238 (D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers ...)
+CVE-2014-9238
 	NOT-FOR-US: D-link DCS-2103
-CVE-2014-9237 (SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote ...)
+CVE-2014-9237
 	NOT-FOR-US: Proticaret E-Commerce
-CVE-2014-9236 (Cross-site scripting (XSS) vulnerability in php/edit_photos.php in ...)
+CVE-2014-9236
 	- zoph <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/Nov/45
 	NOTE: https://github.com/jeroenrnl/zoph/issues/59
 	NOTE: The SQL injection and XSS claims appear to be mostly unfounded.
-CVE-2014-9235 (Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes ...)
+CVE-2014-9235
 	- zoph <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/Nov/45
 	NOTE: https://github.com/jeroenrnl/zoph/issues/59
 	NOTE: The SQL injection and XSS claims appear to be mostly unfounded.
-CVE-2014-9234 (Directory traversal vulnerability in cgi-bin/sddownload.cgi in D-link ...)
+CVE-2014-9234
 	NOT-FOR-US: D-link DCS-2103
 CVE-2014-9233
 	REJECTED
@@ -2613,143 +2613,143 @@ CVE-2014-9232
 	REJECTED
 CVE-2014-9231
 	REJECTED
-CVE-2014-9230 (Cross-site scripting (XSS) vulnerability in the administration console ...)
+CVE-2014-9230
 	NOT-FOR-US: Enforce Server in Symantec Data Loss Prevention
-CVE-2014-9229 (Multiple SQL injection vulnerabilities in interface PHP scripts in the ...)
+CVE-2014-9229
 	NOT-FOR-US: Symantec
-CVE-2014-9228 (sysplant.sys in the Manager component in Symantec Endpoint Protection ...)
+CVE-2014-9228
 	NOT-FOR-US: Symantec
-CVE-2014-9227 (Multiple untrusted search path vulnerabilities in the Manager ...)
+CVE-2014-9227
 	NOT-FOR-US: Symantec
-CVE-2014-9226 (The management server in Symantec Critical System Protection (SCSP) ...)
+CVE-2014-9226
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-9225 (The ajaxswing webui in the management server in Symantec Critical ...)
+CVE-2014-9225
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-9224 (Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the ...)
+CVE-2014-9224
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-9223 (Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei ...)
+CVE-2014-9223
 	NOT-FOR-US: RomPager
 	NOTE: http://mis.fortunecook.ie/
-CVE-2014-9222 (AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway ...)
+CVE-2014-9222
 	NOT-FOR-US: RomPager
 	NOTE: http://mis.fortunecook.ie/
-CVE-2014-9221 (strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to ...)
+CVE-2014-9221
 	{DSA-3118-1}
 	- strongswan 5.2.1-5
 	[squeeze] - strongswan <not-affected> (MODP_CUSTOM Diffie-Hellman group not implemented in 4.4.1)
-CVE-2014-9217 (Graylog2 before 0.92 allows remote attackers to bypass LDAP ...)
+CVE-2014-9217
 	- graylog2 <itp> (bug #652273)
 CVE-2014-9216
 	RESERVED
-CVE-2014-9215 (SQL injection vulnerability in the CheckEmail function in ...)
+CVE-2014-9215
 	NOT-FOR-US: PBBoard
 CVE-2014-9214
 	RESERVED
 CVE-2014-9213
 	RESERVED
-CVE-2014-9212 (Multiple cross-site scripting (XSS) vulnerabilities in Altitude uAgent ...)
+CVE-2014-9212
 	NOT-FOR-US: Altitude uAgent
 CVE-2014-9211
 	RESERVED
 CVE-2014-9210
 	REJECTED
-CVE-2014-9209 (Untrusted search path vulnerability in the Clean Utility application ...)
+CVE-2014-9209
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2014-9208 (Multiple stack-based buffer overflows in unspecified DLL files in ...)
+CVE-2014-9208
 	NOT-FOR-US: Advantech
-CVE-2014-9207 (Untrusted search path vulnerability in CmnView.exe in CIMON CmnView ...)
+CVE-2014-9207
 	NOT-FOR-US: CIMON CmnView
-CVE-2014-9206 (Stack-based buffer overflow in Device Type Manager (DTM) 3.1.6 and ...)
+CVE-2014-9206
 	NOT-FOR-US: Schneider Electric Invensys
-CVE-2014-9205 (Stack-based buffer overflow in the PmBase64Decode function in an ...)
+CVE-2014-9205
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2014-9204 (Stack-based buffer overflow in OPCTest.exe in Rockwell Automation ...)
+CVE-2014-9204
 	NOT-FOR-US: OPCTest.exe in Rockwell Automation RSLinx Classic
-CVE-2014-9203 (Buffer overflow in the Field Device Tool (FDT) Frame application in ...)
+CVE-2014-9203
 	NOT-FOR-US: HART Device Type Manager (DTM) library
-CVE-2014-9202 (Multiple stack-based buffer overflows in an unspecified DLL file in ...)
+CVE-2014-9202
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-9201 (Beckwith Electric M-6200 Digital Voltage Regulator Control with ...)
+CVE-2014-9201
 	NOT-FOR-US: Beckwith Electric digital voltage regulators
-CVE-2014-9200 (Stack-based buffer overflow in an unspecified DLL file in a DTM ...)
+CVE-2014-9200
 	NOT-FOR-US: Schneider Electric
-CVE-2014-9199 (The Clorius Controls Java web client before 01.00.0009g allows remote ...)
+CVE-2014-9199
 	NOT-FOR-US: Clorius Controls Java web client
-CVE-2014-9198 (The FTP server on the Schneider Electric ETG3000 FactoryCast HMI ...)
+CVE-2014-9198
 	NOT-FOR-US: Schneider Electric
-CVE-2014-9197 (The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware ...)
+CVE-2014-9197
 	NOT-FOR-US: Schneider Electric
-CVE-2014-9196 (Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 ...)
+CVE-2014-9196
 	NOT-FOR-US: Eaton Cooper Power Systems
-CVE-2014-9195 (Phoenix Contact ProConOs and MultiProg do not require authentication, ...)
+CVE-2014-9195
 	NOT-FOR-US: Phoenix Contact ProConOs and MultiProg
-CVE-2014-9194 (Arbiter 1094B GPS Substation Clock allows remote attackers to cause a ...)
+CVE-2014-9194
 	NOT-FOR-US: Arbiter 1094B GPS Substation Clock
-CVE-2014-9193 (Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 ...)
+CVE-2014-9193
 	NOT-FOR-US: Innominate mGuard
-CVE-2014-9192 (Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 ...)
+CVE-2014-9192
 	NOT-FOR-US: Trihedral Engineering VTScada
-CVE-2014-9191 (The CodeWrights HART Device Type Manager (DTM) library in Emerson HART ...)
+CVE-2014-9191
 	NOT-FOR-US: Emerson HART DTM
-CVE-2014-9190 (Stack-based buffer overflow in Schneider Electric Wonderware InTouch ...)
+CVE-2014-9190
 	NOT-FOR-US: Schneider Electric
 CVE-2014-9189
 	RESERVED
-CVE-2014-9188 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider ...)
+CVE-2014-9188
 	NOT-FOR-US: Schneider Electric ProClima
 CVE-2014-9187
 	RESERVED
 CVE-2014-9186
 	RESERVED
-CVE-2014-9185 (Static code injection vulnerability in install.php in Morfy CMS 1.05 ...)
+CVE-2014-9185
 	NOT-FOR-US: Morfy CMS
-CVE-2014-9184 (ZTE ZXDSL 831CII allows remote attackers to bypass authentication via ...)
+CVE-2014-9184
 	NOT-FOR-US: ZTE ZXDSL Modem
-CVE-2014-9183 (ZTE ZXDSL 831CII has a default password of admin for the admin ...)
+CVE-2014-9183
 	NOT-FOR-US: ZTE ZDSL Modem
-CVE-2014-9182 (models/comment.php in Anchor CMS 0.9.2 and earlier allows remote ...)
+CVE-2014-9182
 	NOT-FOR-US: Anchor CMS
-CVE-2014-9181 (Multiple directory traversal vulnerabilities in Plex Media Server ...)
+CVE-2014-9181
 	NOT-FOR-US: Plex Media Server
-CVE-2014-9180 (Open redirect vulnerability in go.php in Eleanor CMS allows remote ...)
+CVE-2014-9180
 	NOT-FOR-US: Eleanor CMS
-CVE-2014-9179 (Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket ...)
+CVE-2014-9179
 	NOT-FOR-US: SupportEzzy Ticket System plugin for WordPress
-CVE-2014-9178 (Multiple SQL injection vulnerabilities in classes/ajax.php in the ...)
+CVE-2014-9178
 	NOT-FOR-US: Smarty Pants Plugin for WordPress
-CVE-2014-9177 (The HTML5 MP3 Player with Playlist Free plugin before 2.7 for ...)
+CVE-2014-9177
 	NOT-FOR-US: Playlist Free WordPress Plugin
-CVE-2014-9176 (Cross-site scripting (XSS) vulnerability in the InstaSqueeze Sexy ...)
+CVE-2014-9176
 	NOT-FOR-US: InstaSqueeze Sexy Squeeze Pages plugin for WordPress
-CVE-2014-9175 (SQL injection vulnerability in wpdatatables.php in the wpDataTables ...)
+CVE-2014-9175
 	NOT-FOR-US: wpDataTables WordPress Plugin
-CVE-2014-9174 (Cross-site scripting (XSS) vulnerability in the Google Analytics by ...)
+CVE-2014-9174
 	NOT-FOR-US: Google Analytics by Yoast (google-analytics-for-wordpress) plugin for WordPress
-CVE-2014-9173 (SQL injection vulnerability in view.php in the Google Doc Embedder ...)
+CVE-2014-9173
 	NOT-FOR-US: Google Doc Embedder plugin for WordPress
-CVE-2014-9474 (Buffer overflow in the mpfr_strtofr function in GNU MPFR before ...)
+CVE-2014-9474
 	- mpfr4 3.1.2-2 (low; bug #772008)
 	[squeeze] - mpfr4 <no-dsa> (Minor issue)
 	[wheezy] - mpfr4 <no-dsa> (Minor issue)
 	NOTE: https://gforge.inria.fr/scm/viewvc.php?view=rev&root=mpfr&revision=9243
-CVE-2014-9275 (UnRTF allows remote attackers to cause a denial of service ...)
+CVE-2014-9275
 	{DSA-3158-1 DLA-133-1}
 	- unrtf 0.21.5-2 (bug #772811)
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00000.html
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-12/msg00001.html
 	NOTE: Patch: https://bitbucket.org/medoc/unrtf-int/commits/1df886f2e65f7c512a6217588ae8d94d4bcbc63d
 	NOTE: Patch: https://bitbucket.org/medoc/unrtf-int/commits/3c7ff3f888de0f0d957fe67b6bd4bec9c0d475f3
-CVE-2014-9274 (UnRTF allows remote attackers to cause a denial of service (crash) and ...)
+CVE-2014-9274
 	{DSA-3158-1 DLA-133-1}
 	- unrtf 0.21.5-2 (bug #772811)
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-12/msg00000.html
 	NOTE: Patch: https://bitbucket.org/medoc/unrtf-int/commits/b0cef89a170a66bc48f8dd288ce562ea8ca91f7a
-CVE-2014-9278 (The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 ...)
+CVE-2014-9278
 	- openssh <not-affected> (patch not applied to Debian)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1169843
 	NOTE: Patch https://bugzilla.mindrot.org/show_bug.cgi?id=1867 from not applied in Debian
-CVE-2014-9277 (The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki ...)
+CVE-2014-9277
 	{DSA-3100-1}
 	- mediawiki 1:1.19.20+dfsg-2.1 (bug #772764)
 	[squeeze] - mediawiki <end-of-life>
@@ -2757,19 +2757,19 @@ CVE-2014-9277 (The wfMangleFlashPolicy function in OutputHandler.php in MediaWik
 	NOTE: backported patches for 1.19:
 	NOTE: https://gerrit.wikimedia.org/r/#/c/175725/
 	NOTE: https://gerrit.wikimedia.org/r/#/c/175960/
-CVE-2014-9276 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2014-9276
 	- mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=71111
 	NOTE: No special expand templates before 1.23.x but available as extension.
-CVE-2014-9220 (SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x ...)
+CVE-2014-9220
 	NOT-FOR-US: OpenVAS Manager
-CVE-2014-9219 (Cross-site scripting (XSS) vulnerability in the redirection feature in ...)
+CVE-2014-9219
 	- phpmyadmin 4:4.2.12-2 (bug #774194)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
-CVE-2014-9218 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x ...)
+CVE-2014-9218
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.2.12-2 (low; bug #774194)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1ac863c7573d12012374d5d41e5c7dc5505ea6e1 (master)
@@ -2786,65 +2786,65 @@ CVE-2014-9168
 	REJECTED
 CVE-2014-9167
 	REJECTED
-CVE-2014-9166 (Adobe ColdFusion 10 before Update 15 and 11 before Update 3 allows ...)
+CVE-2014-9166
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-9165 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-9165
 	NOT-FOR-US: Adobe Reader
-CVE-2014-9164 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before ...)
+CVE-2014-9164
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-9163 (Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 ...)
+CVE-2014-9163
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-9162 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before ...)
+CVE-2014-9162
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-9161 (CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x ...)
+CVE-2014-9161
 	NOT-FOR-US: Adobe
-CVE-2014-9160 (Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x ...)
+CVE-2014-9160
 	NOT-FOR-US: Adobe
-CVE-2014-9159 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-9159
 	NOT-FOR-US: Adobe Reader
-CVE-2014-9158 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-9158
 	NOT-FOR-US: Adobe Reader
-CVE-2014-9155 (Directory traversal vulnerability in the Avatar Uploader module ...)
+CVE-2014-9155
 	NOT-FOR-US: Avatar Uploader module for Drupal
-CVE-2014-9154 (The Notify module 7.x-1.x before 7.x-1.1 for Drupal does not properly ...)
+CVE-2014-9154
 	NOT-FOR-US: Notify module for Drupal
-CVE-2014-9153 (Cross-site scripting (XSS) vulnerability in the Services module ...)
+CVE-2014-9153
 	NOT-FOR-US: Services module for Drupal
-CVE-2014-9152 (The _user_resource_create function in the Services module 7.x-3.x ...)
+CVE-2014-9152
 	NOT-FOR-US: Services module for Drupal
-CVE-2014-9151 (The Services module 7.x-3.x before 7.x-3.10 for Drupal does not ...)
+CVE-2014-9151
 	NOT-FOR-US: Services module for Drupal
-CVE-2014-9150 (Race condition in the MoveFileEx call hook feature in Adobe Reader and ...)
+CVE-2014-9150
 	NOT-FOR-US: Adobe
 CVE-2014-9149
 	RESERVED
-CVE-2014-9148 (Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access ...)
+CVE-2014-9148
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9147 (Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive ...)
+CVE-2014-9147
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9146 (Multiple cross-site scripting (XSS) vulnerabilities in Fiyo CMS ...)
+CVE-2014-9146
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9145 (Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow ...)
+CVE-2014-9145
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9144 (Technicolor Router TD5130 with firmware 2.05.C29GV allows remote ...)
+CVE-2014-9144
 	NOT-FOR-US: Technicolor routers
-CVE-2014-9143 (Open redirect vulnerability in Technicolor Router TD5130 with firmware ...)
+CVE-2014-9143
 	NOT-FOR-US: Technicolor routers
-CVE-2014-9142 (Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 ...)
+CVE-2014-9142
 	NOT-FOR-US: Technicolor routers
-CVE-2014-9141 (The installer in Thomson Reuters Fixed Assets CS 13.1.4 and earlier ...)
+CVE-2014-9141
 	NOT-FOR-US: Thomson Reuters Fixed Assets
 CVE-2014-9139
 	RESERVED
 CVE-2014-9138
 	RESERVED
-CVE-2014-9137 (Huawei USG9500 with software V200R001C01SPC800 and earlier versions, ...)
+CVE-2014-9137
 	NOT-FOR-US: Huawei
-CVE-2014-9136 (Huawei FusionManager with software V100R002C03 and V100R003C00 could ...)
+CVE-2014-9136
 	NOT-FOR-US: Huawei
-CVE-2014-9135 (The PackageInstaller module in Huawei P7-L10 smartphones before ...)
+CVE-2014-9135
 	NOT-FOR-US: PackageInstaller module in Huawei P7-L10
-CVE-2014-9134 (Unrestricted file upload vulnerability in Huawei Honor Cube Wireless ...)
+CVE-2014-9134
 	NOT-FOR-US: Huawei Wireless Router
 CVE-2014-9133
 	RESERVED
@@ -2868,17 +2868,17 @@ CVE-2014-9122
 	RESERVED
 CVE-2014-9121
 	RESERVED
-CVE-2014-9120 (Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 ...)
+CVE-2014-9120
 	NOT-FOR-US: Subrion CMS
-CVE-2014-9119 (Directory traversal vulnerability in download.php in the DB Backup ...)
+CVE-2014-9119
 	NOT-FOR-US: WordPress plugin db-backup
-CVE-2014-9118 (The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 ...)
+CVE-2014-9118
 	NOT-FOR-US: ZHONE Router
-CVE-2014-9115 (SQL injection vulnerability in the rate_picture function in ...)
+CVE-2014-9115
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-9113 (CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 ...)
+CVE-2014-9113
 	NOT-FOR-US: PFX Engagement
 CVE-2014-9111
 	RESERVED
@@ -2894,27 +2894,27 @@ CVE-2014-9106
 	RESERVED
 CVE-2014-9105
 	RESERVED
-CVE-2014-9104 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-9104
 	NOT-FOR-US: Desktop Client in OpenVPN Access Server
-CVE-2014-9103 (Multiple cross-site scripting (XSS) vulnerabilities in the Kunena ...)
+CVE-2014-9103
 	NOT-FOR-US: Kunena component for Joomla!
-CVE-2014-9102 (Multiple SQL injection vulnerabilities in the Kunena component before ...)
+CVE-2014-9102
 	NOT-FOR-US: Kunena component for Joomla!
-CVE-2014-9101 (Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1.7.0 ...)
+CVE-2014-9101
 	NOT-FOR-US: Oxwall and SkaDate Lite
-CVE-2014-9100 (Cross-site scripting (XSS) vulnerability in the WhyDoWork AdSense ...)
+CVE-2014-9100
 	NOT-FOR-US: WhyDoWork AdSense plugin for WordPress
-CVE-2014-9099 (Cross-site request forgery (CSRF) vulnerability in the WhyDoWork ...)
+CVE-2014-9099
 	NOT-FOR-US: WhyDoWork AdSense plugin for WordPress
-CVE-2014-9098 (Multiple cross-site scripting (XSS) vulnerabilities in the Apptha ...)
+CVE-2014-9098
 	NOT-FOR-US: Apptha WordPress Plugin
-CVE-2014-9097 (Multiple SQL injection vulnerabilities in the Apptha WordPress Video ...)
+CVE-2014-9097
 	NOT-FOR-US: Apptha WordPress Plugin
-CVE-2014-9096 (Multiple SQL injection vulnerabilities in recover.php in Pligg CMS ...)
+CVE-2014-9096
 	NOT-FOR-US: Pligg
-CVE-2014-9095 (Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and ...)
+CVE-2014-9095
 	NOT-FOR-US: Raritan Power IQ
-CVE-2014-9094 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-9094
 	NOT-FOR-US: Digital Zoom Studio (DZS) Video Gallery plugin for WordPress
 CVE-2014-9088
 	RESERVED
@@ -2958,10 +2958,10 @@ CVE-2014-9068
 	RESERVED
 CVE-2014-9067
 	RESERVED
-CVE-2014-9066 (Xen 4.4.x and earlier, when using a large number of VCPUs, does not ...)
+CVE-2014-9066
 	- xen <unfixed> (unimportant)
 	NOTE: Architectual/design limitation, not treated as a security issue
-CVE-2014-9065 (common/spinlock.c in Xen 4.4.x and earlier does not properly handle ...)
+CVE-2014-9065
 	- xen 4.4.1-6
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
@@ -2973,14 +2973,14 @@ CVE-2014-9062
 	RESERVED
 CVE-2014-9061
 	RESERVED
-CVE-2014-9060 (The LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x ...)
+CVE-2014-9060
 	- moodle 2.7.5+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47927
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=275165
 CVE-2014-9058
 	RESERVED
-CVE-2014-9057 (SQL injection vulnerability in the XML-RPC interface in Movable Type ...)
+CVE-2014-9057
 	{DSA-3183-1}
 	- movabletype-opensource <removed> (bug #774192)
 	[squeeze] - movabletype-opensource <end-of-life> (Not supported in Squeeze LTS)
@@ -2998,120 +2998,120 @@ CVE-2014-9052
 	RESERVED
 CVE-2014-9051
 	RESERVED
-CVE-2014-9049 (The documents application in ownCloud Server 6.x before 6.0.6 and 7.x ...)
+CVE-2014-9049
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-025
-CVE-2014-9048 (The documents application in ownCloud Server 6.x before 6.0.6 and 7.x ...)
+CVE-2014-9048
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-024
-CVE-2014-9047 (Multiple unspecified vulnerabilities in the preview system in ownCloud ...)
+CVE-2014-9047
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-026
-CVE-2014-9046 (The OC_Util::getUrlContent function in ownCloud Server before 5.0.18, ...)
+CVE-2014-9046
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-023
-CVE-2014-9045 (The FTP backend in user_external in ownCloud Server before 5.0.18 and ...)
+CVE-2014-9045
 	- owncloud 7~20140504+dfsg-1
 	NOTE: Only affects 5.x and 6.x, so marking first 7 release as fixed
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-022
-CVE-2014-9044 (Asset Pipeline in ownCloud 7.x before 7.0.3 uses an MD5 hash of the ...)
+CVE-2014-9044
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-021
-CVE-2014-9043 (The user_ldap (aka LDAP user and group backend) application in ...)
+CVE-2014-9043
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-020
-CVE-2014-9042 (Cross-site scripting (XSS) vulnerability in the import functionality ...)
+CVE-2014-9042
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-028
-CVE-2014-9041 (The import functionality in the bookmarks application in ownCloud ...)
+CVE-2014-9041
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-019
 CVE-2014-9040
 	RESERVED
-CVE-2014-9029 (Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) ...)
+CVE-2014-9029
 	{DSA-3089-1 DLA-101-1}
 	- jasper 1.900.1-debian1-2.2 (bug #772036)
-CVE-2014-9027 (Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ...)
+CVE-2014-9027
 	NOT-FOR-US: ZTE ZXDSL 831CII
-CVE-2014-9026 (The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not ...)
+CVE-2014-9026
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2014-9025 (The default checkout completion rule in the commerce_order module in ...)
+CVE-2014-9025
 	NOT-FOR-US: Drupal Commerce module for Drupal
-CVE-2014-9024 (The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows ...)
+CVE-2014-9024
 	NOT-FOR-US: Protected Pages module for Drupal
-CVE-2014-9023 (The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly ...)
+CVE-2014-9023
 	NOT-FOR-US: Twilio module for Drupal
-CVE-2014-9022 (The Webform Component Roles module 6.x-1.x before 6.x-1.8 and 7.x-1.x ...)
+CVE-2014-9022
 	NOT-FOR-US: Webform Component Roles module for Drupal
-CVE-2014-9021 (Multiple cross-site scripting (XSS) vulnerabilities in ZTE ZXDSL 831 ...)
+CVE-2014-9021
 	NOT-FOR-US: ZTE ZXDSL 831
-CVE-2014-9020 (Cross-site scripting (XSS) vulnerability in the Quick Stats page ...)
+CVE-2014-9020
 	NOT-FOR-US: ZTE ZXDSL 831 and 831CII
-CVE-2014-9019 (Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ...)
+CVE-2014-9019
 	NOT-FOR-US: ZTE ZXDSL 831CII
-CVE-2014-9017 (Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 ...)
+CVE-2014-9017
 	NOT-FOR-US: OpenKM
-CVE-2014-9156 (The FileField module 6.x-3.x before 6.x-3.13 for Drupal does not ...)
+CVE-2014-9156
 	NOT-FOR-US: Drupal module FileField
-CVE-2014-9129 (Cross-site request forgery (CSRF) vulnerability in the CreativeMinds ...)
+CVE-2014-9129
 	NOT-FOR-US: WordPress plugin cm-download-manager
-CVE-2014-8123 (Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 ...)
+CVE-2014-8123
 	- antiword 0.37-5 (bug #771768)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/12/01/4
 	NOTE: This actually was fixed long time ago in https://bugs.debian.org/407015
-CVE-2014-8104 (OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before ...)
+CVE-2014-8104
 	{DSA-3084-1 DLA-98-1}
 	- openvpn 2.3.4-5
 	NOTE: https://github.com/OpenVPN/openvpn/commit/c5590a6821e37f3b29735f55eb0c2b9c0924138c
 	NOTE: http://web.archive.org/web/20150514123219/https://forums.openvpn.net/topic17625.html
-CVE-2014-9272 (The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x ...)
+CVE-2014-9272
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/05378e00
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17297
-CVE-2014-9281 (Cross-site scripting (XSS) vulnerability in admin/copy_field.php in ...)
+CVE-2014-9281
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/e5fc835a
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17876
-CVE-2014-9271 (Cross-site scripting (XSS) vulnerability in file_download.php in ...)
+CVE-2014-9271
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17874
 	NOTE: http://github.com/mantisbt/mantisbt/commit/9fb8cf36f
-CVE-2014-9270 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2014-9270
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/0bff06ec
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17583
-CVE-2014-9269 (Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT ...)
+CVE-2014-9269
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/511564cc
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17890
-CVE-2014-9280 (The current_user_get_bug_filter function in core/current_user_api.php ...)
+CVE-2014-9280
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/599364b2
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17875
-CVE-2014-9279 (The print_test_result function in admin/upgrade_unattended.php in ...)
+CVE-2014-9279
 	- mantis <removed> (unimportant)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/0826cef8
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17877
 	NOTE: unimportant, source affected but unrelevant for Debian, upgrade_unattended.php removed also in binary package
-CVE-2014-9140 (Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump ...)
+CVE-2014-9140
 	{DSA-3086-1 DLA-102-1}
 	- tcpdump 4.6.2-3
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda
 	NOTE: http://seclists.org/tcpdump/2014/q4/72
-CVE-2014-9130 (scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka ...)
+CVE-2014-9130
 	{DSA-3115-1 DSA-3103-1 DSA-3102-1 DLA-127-1 DLA-110-1 DLA-109-1}
 	- libyaml 0.1.6-3 (bug #771366)
 	- libyaml-libyaml-perl 0.41-6 (bug #771365)
@@ -3120,24 +3120,24 @@ CVE-2014-9130 (scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML
 	NOTE: https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
 	NOTE: for pyyaml: might be need to be removed here (no-CVE assigned) or separate CVE
 	NOTE: for pyyaml: https://bitbucket.org/xi/pyyaml/commits/ddf211a41bb231c365fece5599b7e484e6dc33fc/raw/
-CVE-2014-9117 (MantisBT before 1.2.18 uses the public_key parameter value as the key ...)
+CVE-2014-9117
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/7bb78e4581ff1092c811ea96582fe602624cdcdd
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17811
-CVE-2014-9116 (The write_one_header function in mutt 1.5.23 does not properly handle ...)
+CVE-2014-9116
 	{DSA-3083-1 DLA-100-1}
 	- mutt 1.5.23-2 (bug #771125)
 	NOTE: Detailed analysis in https://bugzilla.redhat.com/show_bug.cgi?id=1168463#c4
 	NOTE: Upstream bugreport: http://dev.mutt.org/trac/ticket/3716
-CVE-2014-9114 (Blkid in util-linux before 2.26rc-1 allows local users to execute ...)
+CVE-2014-9114
 	- util-linux 2.25.2-4 (bug #771274)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
 	[wheezy] - util-linux <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/11/26/13
 	NOTE: https://github.com/karelzak/util-linux/commit/89e90ae7b2826110ea28c1c0eb8e7c56c3907bdc
-CVE-2014-9112 (Heap-based buffer overflow in the process_copy_in function in GNU Cpio ...)
+CVE-2014-9112
 	{DSA-3111-1 DLA-111-1}
 	- cpio 2.11+dfsg-4 (bug #772793)
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/lesspipe-cpio-bad-write.cpio
@@ -3147,37 +3147,37 @@ CVE-2014-9112 (Heap-based buffer overflow in the process_copy_in function in GNU
 	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=58df4f1b (fixup of former commit)
 	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=fd262d11 (fix null deref)
 	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=f6a8a2cb (fix test suite in former commit)
-CVE-2014-9089 (Multiple SQL injection vulnerabilities in view_all_bug_page.php in ...)
+CVE-2014-9089
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17841
 	NOTE: http://github.com/mantisbt/mantisbt/commit/b0021673
-CVE-2014-9273 (lib/handle.c in Hivex before 1.3.11 allows local users to execute ...)
+CVE-2014-9273
 	- hivex 1.3.11-1 (low)
 	[jessie] - hivex 1.3.10-2+deb8u1
 	[wheezy] - hivex <no-dsa> (Minor issue)
 	[squeeze] - hivex <no-dsa> (Minor issue)
 	NOTE: https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb
 	NOTE: https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705
-CVE-2014-9087 (Integer underflow in the ksba_oid_to_str function in Libksba before ...)
+CVE-2014-9087
 	{DSA-3078-1 DLA-141-1}
 	- libksba 1.3.2-1 (bug #770972)
 	- gnupg2 <not-affected> (Fixed before entering unstable; affected only 2.1 and betas)
 	NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html
 	NOTE: Upstream commit: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f715b9e156dfa99ae829fc694e5a0abd23ef97d7
-CVE-2014-9157 (Format string vulnerability in the yyerror function in ...)
+CVE-2014-9157
 	{DSA-3098-1 DLA-105-1}
 	- graphviz 2.38.0-7 (bug #772648)
 	NOTE: https://github.com/ellson/graphviz/commit/99eda421f7ddc27b14e4ac1d2126e5fe41719081
-CVE-2014-9471 (The parse_datetime function in GNU coreutils allows remote attackers ...)
+CVE-2014-9471
 	- coreutils 8.23-1 (low)
 	[wheezy] - coreutils <no-dsa> (Minor issue)
 	[squeeze] - coreutils <no-dsa> (Minor issue)
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16872
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?msg=11;filename=date-tz-crash.patch;att=1;bug=16872
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?msg=19;filename=coreutils-date-crash.patch;att=1;bug=16872
-CVE-2014-9365 (The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) ...)
+CVE-2014-9365
 	- python2.5 <removed>
 	[squeeze] - python2.5 <no-dsa> (Too intrusive to backport)
 	- python2.6 <removed>
@@ -3193,78 +3193,78 @@ CVE-2014-9365 (The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and
 	- python3.4 3.4.2-2
 	[jessie] - python3.4 <no-dsa> (Backporting to stable would break existing applications)
 	NOTE: http://bugs.python.org/issue22417
-CVE-2014-9351 (engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote ...)
+CVE-2014-9351
 	- teeworlds 0.6.2+dfsg-2 (bug #770514)
 	[wheezy] - teeworlds <no-dsa> (Minor issue)
 	[squeeze] - teeworlds <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/teeworlds/teeworlds/commit/a766cb44bcffcdb0b88e776d01c5ee1323d44f85
 	NOTE: https://www.teeworlds.com/?page=news&id=11200
-CVE-2014-9093 (LibreOffice before 4.3.5 allows remote attackers to cause a denial of ...)
+CVE-2014-9093
 	{DSA-3163-1}
 	- libreoffice 1:4.3.3-2 (bug #771163)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=86449
 	NOTE: http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-4-3&id=b4840d3632e4404bee4bd192a7db916cbad3a401
 	NOTE: fixed in experimental with 1:4.4.0~beta1-1
-CVE-2014-9092 (libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial ...)
+CVE-2014-9092
 	- libjpeg-turbo 1:1.3.1-11 (bug #768369)
-CVE-2014-9090 (The do_double_fault function in arch/x86/kernel/traps.c in the Linux ...)
+CVE-2014-9090
 	{DSA-3093-1 DLA-103-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6f442be2fb22be02cafa606f1769fa1e6f894441 (v3.18-rc6)
-CVE-2014-9059 (lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x ...)
+CVE-2014-9059
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47966
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=275146
-CVE-2014-9050 (Heap-based buffer overflow in the cli_scanpe function in ...)
+CVE-2014-9050
 	{DLA-95-1}
 	- clamav 0.98.5+dfsg-1 (bug #770985)
 	[wheezy] - clamav 0.98.5+dfsg-0+deb7u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11155
 	NOTE: Upstream commit: https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e
-CVE-2014-9039 (wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x ...)
+CVE-2014-9039
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30431
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9038 (wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, ...)
+CVE-2014-9038
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
 	NOTE: Upstream patch: https://core.trac.wordpress.org/changeset/30444
-CVE-2014-9037 (WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and ...)
+CVE-2014-9037
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9036 (Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, ...)
+CVE-2014-9036
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9035 (Cross-site scripting (XSS) vulnerability in Press This in WordPress ...)
+CVE-2014-9035
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9034 (wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before ...)
+CVE-2014-9034
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
 	NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30467
-CVE-2014-9033 (Cross-site request forgery (CSRF) vulnerability in wp-login.php in ...)
+CVE-2014-9033
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
 	NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30418
-CVE-2014-9032 (Cross-site scripting (XSS) vulnerability in the media-playlists ...)
+CVE-2014-9032
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	[wheezy] - wordpress <not-affected> (Affects 3.9, 3.9.1, 3.9.2, 4.0 only)
 	[squeeze] - wordpress <not-affected> (Affects 3.9, 3.9.1, 3.9.2, 4.0 only)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9031 (Cross-site scripting (XSS) vulnerability in the wptexturize function ...)
+CVE-2014-9031
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9028 (Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 ...)
+CVE-2014-9028
 	{DSA-3082-1 DLA-99-1}
 	- flac 1.3.0-3 (bug #770918)
 	NOTE: Upstream patches:
@@ -3286,68 +3286,68 @@ CVE-2014-9008
 	RESERVED
 CVE-2014-9007
 	RESERVED
-CVE-2014-9006 (Monstra 3.0.1 and earlier uses a cookie to track how many login ...)
+CVE-2014-9006
 	NOT-FOR-US: Monstra
-CVE-2014-9005 (Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 ...)
+CVE-2014-9005
 	NOT-FOR-US: vldPersonals
-CVE-2014-9004 (Cross-site scripting (XSS) vulnerability in vldPersonals before 2.7.1 ...)
+CVE-2014-9004
 	NOT-FOR-US: vldPersonals
-CVE-2014-9003 (Cross-site request forgery (CSRF) vulnerability in Lantronix ...)
+CVE-2014-9003
 	NOT-FOR-US: Lantronix xPrintServer
-CVE-2014-9002 (Lantronix xPrintServer does not properly restrict access to ips/, ...)
+CVE-2014-9002
 	NOT-FOR-US: Lantronix xPrintServer
-CVE-2014-9001 (reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote ...)
+CVE-2014-9001
 	NOT-FOR-US: Incredible PBX
-CVE-2014-9000 (Mule Enterprise Management Console (MMC) does not properly restrict ...)
+CVE-2014-9000
 	NOT-FOR-US: Mule Enterprise Management Console
-CVE-2014-8999 (SQL injection vulnerability in htdocs/modules/system/admin.php in ...)
+CVE-2014-8999
 	NOT-FOR-US: XOOPS
-CVE-2014-8998 (lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote ...)
+CVE-2014-8998
 	NOT-FOR-US: X7 Chat
-CVE-2014-8997 (Unrestricted file upload vulnerability in the Photo functionality in ...)
+CVE-2014-8997
 	NOT-FOR-US: DigitalVidhya Digi Online Examination System
-CVE-2014-8996 (Multiple cross-site scripting (XSS) vulnerabilities in Nibbleblog ...)
+CVE-2014-8996
 	NOT-FOR-US: Nibbleblog
-CVE-2014-8995 (SQL injection vulnerability in Maarch LetterBox 2.8 allows remote ...)
+CVE-2014-8995
 	NOT-FOR-US: Maarch LetterBox
-CVE-2014-8993 (Cross-site scripting (XSS) vulnerability in the backend in ...)
+CVE-2014-8993
 	NOT-FOR-US: Open-Xchange
-CVE-2014-8992 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-8992
 	NOT-FOR-US: MODX Revolution
-CVE-2014-9030 (The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x ...)
+CVE-2014-9030
 	{DSA-3140-1}
 	- xen 4.4.1-4 (low; bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-9015 (Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to ...)
+CVE-2014-9015
 	{DSA-3075-1}
 	- drupal7 7.32-1+deb8u1 (bug #770469)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2014-006
-CVE-2014-9016 (The password hashing API in Drupal 7.x before 7.34 and the Secure ...)
+CVE-2014-9016
 	{DSA-3075-1}
 	- drupal7 7.32-1+deb8u1 (bug #770469)
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2014-006
-CVE-2014-9018 (Icecast before 2.4.1 transmits the output of the on-connect script, ...)
+CVE-2014-9018
 	- icecast2 2.4.0-1.1 (bug #770222)
 	[wheezy] - icecast2 <no-dsa> (Minor issue)
 	[squeeze] - icecast2 <no-dsa> (Minor issue)
 	NOTE: https://trac.xiph.org/ticket/2089
-CVE-2014-8994 (The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows ...)
+CVE-2014-8994
 	NOT-FOR-US: check_diskio nagios/icinga plugin
-CVE-2014-8989 (The Linux kernel through 3.17.4 does not properly restrict dropping of ...)
+CVE-2014-8989
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: http://thread.gmane.org/gmane.linux.man/7385/
-CVE-2014-8986 (Cross-site scripting (XSS) vulnerability in the selection list in the ...)
+CVE-2014-8986
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/cabacdc291c251bfde0dc2a2c945c02cef41bf40
 	NOTE: https://github.com/mantisbt/mantisbt/commit/e326b73a (1.2.x)
-CVE-2014-8985 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-8985
 	NOT-FOR-US: Microsoft
 CVE-2014-8984
 	REJECTED
@@ -3383,13 +3383,13 @@ CVE-2014-8969
 	REJECTED
 CVE-2014-8968
 	REJECTED
-CVE-2014-8967 (Use-after-free vulnerability in Microsoft Internet Explorer allows ...)
+CVE-2014-8967
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-8966 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-8966
 	NOT-FOR-US: Internet Explorer
 CVE-2014-8965
 	RESERVED
-CVE-2014-8964 (Heap-based buffer overflow in PCRE 8.36 and earlier allows remote ...)
+CVE-2014-8964
 	- pcre3 2:8.35-3.3 (bug #770478)
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
@@ -3397,52 +3397,52 @@ CVE-2014-8964 (Heap-based buffer overflow in PCRE 8.36 and earlier allows remote
 	NOTE: http://www.exim.org/viewvc/pcre2?revision=154&view=revision
 CVE-2014-8963
 	RESERVED
-CVE-2014-8962 (Stack-based buffer overflow in stream_decoder.c in libFLAC before ...)
+CVE-2014-8962
 	{DSA-3082-1 DLA-99-1}
 	- flac 1.3.0-3 (bug #770918)
 	NOTE: https://git.xiph.org/?p=flac.git;a=patch;h=5b3033a2b355068c11fe637e14ac742d273f076e
 	NOTE: http://lists.xiph.org/pipermail/flac-dev/2014-November/005185.html
-CVE-2014-8961 (Directory traversal vulnerability in libraries/error_report.lib.php in ...)
+CVE-2014-8961
 	- phpmyadmin 4:4.2.12-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php
-CVE-2014-8960 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-8960
 	- phpmyadmin 4:4.2.12-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php
-CVE-2014-8959 (Directory traversal vulnerability in ...)
+CVE-2014-8959
 	- phpmyadmin 4:4.2.12-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php
-CVE-2014-8958 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2014-8958
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.2.12-1 (low)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/42b64e12b5f596366f94ef72365fd69a019ba820 and
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c7685e5acd3f8e722f4f374c6fa821590865b68d need
 	NOTE: to be backported to 3.4
-CVE-2014-8957 (Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 ...)
+CVE-2014-8957
 	NOT-FOR-US: OpenKM
-CVE-2014-8956 (Stack-based buffer overflow in the K7Sentry.sys kernel mode driver ...)
+CVE-2014-8956
 	NOT-FOR-US: K7 Computing
-CVE-2014-8955 (Cross-site scripting (XSS) vulnerability in the Contact Form Clean and ...)
+CVE-2014-8955
 	NOT-FOR-US: WordPress plugin clean-and-simple-contact-form-by-meg-nicholas
-CVE-2014-8954 (Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 ...)
+CVE-2014-8954
 	NOT-FOR-US: phpSound
-CVE-2014-8953 (Multiple cross-site request forgery (CSRF) vulnerabilities in Php ...)
+CVE-2014-8953
 	NOT-FOR-US: Php Scriptlerim Who's Who
-CVE-2014-8952 (Multiple unspecified vulnerabilities in Check Point Security Gateway ...)
+CVE-2014-8952
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2014-8951 (Unspecified vulnerability in Check Point Security Gateway R75, R76, ...)
+CVE-2014-8951
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2014-8950 (Unspecified vulnerability in Check Point Security Gateway R77 and ...)
+CVE-2014-8950
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2014-8949 (The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows ...)
+CVE-2014-8949
 	NOT-FOR-US: WordPress plugin iMember360
-CVE-2014-8948 (Cross-site request forgery (CSRF) vulnerability in the iMember360 ...)
+CVE-2014-8948
 	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-8947
 	RESERVED
@@ -3484,43 +3484,43 @@ CVE-2014-8929
 	REJECTED
 CVE-2014-8928
 	REJECTED
-CVE-2014-8927 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License ...)
+CVE-2014-8927
 	NOT-FOR-US: IBM
-CVE-2014-8926 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License ...)
+CVE-2014-8926
 	NOT-FOR-US: IBM
-CVE-2014-8925 (Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in ...)
+CVE-2014-8925
 	NOT-FOR-US: IBM
-CVE-2014-8924 (The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before ...)
+CVE-2014-8924
 	NOT-FOR-US: IBM
-CVE-2014-8923 (The (1) IBM Tivoli Identity Manager Active Directory adapter before ...)
+CVE-2014-8923
 	NOT-FOR-US: IBM
 CVE-2014-8922
 	RESERVED
-CVE-2014-8921 (The IBM Notes Traveler Companion application 1.0 and 1.1 before ...)
+CVE-2014-8921
 	NOT-FOR-US: IBM Notes Traveler Companion
-CVE-2014-8920 (Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 ...)
+CVE-2014-8920
 	NOT-FOR-US: IBM
 CVE-2014-8919
 	RESERVED
-CVE-2014-8918 (IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not ...)
+CVE-2014-8918
 	NOT-FOR-US: IBM
-CVE-2014-8917 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2014-8917
 	NOT-FOR-US: IBM
-CVE-2014-8916 (Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform ...)
+CVE-2014-8916
 	NOT-FOR-US: IBM
 CVE-2014-8915
 	RESERVED
-CVE-2014-8914 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM ...)
+CVE-2014-8914
 	NOT-FOR-US: IBM
-CVE-2014-8913 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM ...)
+CVE-2014-8913
 	NOT-FOR-US: IBM
-CVE-2014-8912 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-8912
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-8911 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator ...)
+CVE-2014-8911
 	NOT-FOR-US: IBM Content Navigator
-CVE-2014-8910 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 ...)
+CVE-2014-8910
 	NOT-FOR-US: IBM DB2
-CVE-2014-8909 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
+CVE-2014-8909
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2014-8908
 	RESERVED
@@ -3530,43 +3530,43 @@ CVE-2014-8906
 	RESERVED
 CVE-2014-8905
 	RESERVED
-CVE-2014-8904 (lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows ...)
+CVE-2014-8904
 	NOT-FOR-US: IBM AIX, VIOS
-CVE-2014-8903 (IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before ...)
+CVE-2014-8903
 	NOT-FOR-US: IBM
-CVE-2014-8902 (Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM ...)
+CVE-2014-8902
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-8901 (IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 ...)
+CVE-2014-8901
 	NOT-FOR-US: IBM
-CVE-2014-8900 (Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode ...)
+CVE-2014-8900
 	NOT-FOR-US: IBM
-CVE-2014-8899 (Cross-site scripting (XSS) vulnerability in the Collaboration Server ...)
+CVE-2014-8899
 	NOT-FOR-US: IBM
-CVE-2014-8898 (Cross-site scripting (XSS) vulnerability in the Collaboration Server ...)
+CVE-2014-8898
 	NOT-FOR-US: IBM
-CVE-2014-8897 (Cross-site scripting (XSS) vulnerability in the Collaboration Server ...)
+CVE-2014-8897
 	NOT-FOR-US: IBM
-CVE-2014-8896 (The Collaboration Server in IBM InfoSphere Master Data Management ...)
+CVE-2014-8896
 	NOT-FOR-US: IBM
-CVE-2014-8895 (IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and ...)
+CVE-2014-8895
 	NOT-FOR-US: IBM
-CVE-2014-8894 (Open redirect vulnerability in IBM TRIRIGA Application Platform ...)
+CVE-2014-8894
 	NOT-FOR-US: IBM
-CVE-2014-8893 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2014-8893
 	NOT-FOR-US: IBM
-CVE-2014-8892 (Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM ...)
+CVE-2014-8892
 	NOT-FOR-US: IBM Java
-CVE-2014-8891 (Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM ...)
+CVE-2014-8891
 	NOT-FOR-US: IBM Java
-CVE-2014-8890 (IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 ...)
+CVE-2014-8890
 	NOT-FOR-US: IBM
-CVE-2014-8889 (Dropbox SDK for Android before 1.6.2 might allow remote attackers to ...)
+CVE-2014-8889
 	NOT-FOR-US: Dropbox SDK for Android
-CVE-2014-8888 (The remote administration interface in D-Link DIR-815 devices with ...)
+CVE-2014-8888
 	NOT-FOR-US: D-Link
-CVE-2014-8887 (IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before ...)
+CVE-2014-8887
 	NOT-FOR-US: IBM Marketing Operations
-CVE-2014-8886 (AVM FRITZ!OS before 6.30 extracts the contents of firmware updates ...)
+CVE-2014-8886
 	NOT-FOR-US: AVM FRITZ!OS
 CVE-2014-8885
 	RESERVED
@@ -3580,15 +3580,15 @@ CVE-2014-8880
 	RESERVED
 CVE-2014-8879
 	RESERVED
-CVE-2014-8877 (The alterSearchQuery function in ...)
+CVE-2014-8877
 	NOT-FOR-US: CreativeMinds CM Downloads Manager plugin for WordPress
 CVE-2014-8876
 	RESERVED
-CVE-2014-8875 (The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver ...)
+CVE-2014-8875
 	NOT-FOR-US: Revive Adserver
-CVE-2014-8874 (The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses ...)
+CVE-2014-8874
 	NOT-FOR-US: TYPO3 Extension ke_questionnaire
-CVE-2014-8873 (A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 ...)
+CVE-2014-8873
 	{DSA-3316-1 DSA-3235-1}
 	- openjdk-8 8u45-b14-1 (high)
 	- openjdk-7 7u79-2.5.5-1 (high)
@@ -3600,21 +3600,21 @@ CVE-2014-8873 (A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8
 	NOTE: Starting with mime-support 3.53, MimeType entries in desktop
 	NOTE: files end up in /etc/mailcap, which introduces the user-initiated
 	NOTE: code execution.
-CVE-2014-8872 (Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 ...)
+CVE-2014-8872
 	NOT-FOR-US: AVM FRITZ!Box
-CVE-2014-8871 (Directory traversal vulnerability in hybris Commerce software suite ...)
+CVE-2014-8871
 	NOT-FOR-US: hybris Commerce
-CVE-2014-8870 (Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the ...)
+CVE-2014-8870
 	NOT-FOR-US: Woltlab Burning Board plugin Tapatalk
-CVE-2014-8869 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-8869
 	NOT-FOR-US: Woltlab Burning Board plugin Tapatalk
-CVE-2014-8868 (EntryPass N5200 Active Network Control Panel does not properly ...)
+CVE-2014-8868
 	NOT-FOR-US: EntryPass N5200
-CVE-2014-8867 (The acceleration support for the &quot;REP MOVS&quot; instruction in Xen 4.4.x, ...)
+CVE-2014-8867
 	{DSA-3140-1}
 	- xen 4.4.1-5 (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-8866 (The compatibility mode hypercall argument translation in Xen 3.3.x ...)
+CVE-2014-8866
 	{DSA-3140-1}
 	- xen 4.4.1-5 (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
@@ -3668,55 +3668,55 @@ CVE-2014-8842
 	RESERVED
 CVE-2014-8841
 	RESERVED
-CVE-2014-8840 (The iTunes Store component in Apple iOS before 8.1.3 allows remote ...)
+CVE-2014-8840
 	NOT-FOR-US: Apple
-CVE-2014-8839 (Spotlight in Apple OS X before 10.10.2 does not enforce the Mail &quot;Load ...)
+CVE-2014-8839
 	NOT-FOR-US: Apple
-CVE-2014-8838 (The Security component in Apple OS X before 10.10.2 does not properly ...)
+CVE-2014-8838
 	NOT-FOR-US: Apple
-CVE-2014-8837 (Multiple unspecified vulnerabilities in the Bluetooth driver in Apple ...)
+CVE-2014-8837
 	NOT-FOR-US: Apple
-CVE-2014-8836 (The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to ...)
+CVE-2014-8836
 	NOT-FOR-US: Apple
-CVE-2014-8835 (The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 ...)
+CVE-2014-8835
 	NOT-FOR-US: Apple
-CVE-2014-8834 (UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF ...)
+CVE-2014-8834
 	NOT-FOR-US: Apple
-CVE-2014-8833 (SpotlightIndex in Apple OS X before 10.10.2 does not properly perform ...)
+CVE-2014-8833
 	NOT-FOR-US: Apple
-CVE-2014-8832 (The indexing functionality in Spotlight in Apple OS X before 10.10.2 ...)
+CVE-2014-8832
 	NOT-FOR-US: Apple
-CVE-2014-8831 (security_taskgate in Apple OS X before 10.10.2 allows attackers to ...)
+CVE-2014-8831
 	NOT-FOR-US: Apple
-CVE-2014-8830 (Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 ...)
+CVE-2014-8830
 	NOT-FOR-US: Apple
-CVE-2014-8829 (SceneKit in Apple OS X before 10.10.2 allows attackers to execute ...)
+CVE-2014-8829
 	NOT-FOR-US: Apple
-CVE-2014-8828 (Sandbox in Apple OS X before 10.10 allows attackers to write to the ...)
+CVE-2014-8828
 	NOT-FOR-US: Apple
-CVE-2014-8827 (LoginWindow in Apple OS X before 10.10.2 does not transition to the ...)
+CVE-2014-8827
 	NOT-FOR-US: Apple
-CVE-2014-8826 (LaunchServices in Apple OS X before 10.10.2 does not properly handle ...)
+CVE-2014-8826
 	NOT-FOR-US: Apple
-CVE-2014-8825 (The kernel in Apple OS X before 10.10.2 does not properly perform ...)
+CVE-2014-8825
 	NOT-FOR-US: Apple
-CVE-2014-8824 (The kernel in Apple OS X before 10.10.2 does not properly validate ...)
+CVE-2014-8824
 	NOT-FOR-US: Apple
-CVE-2014-8823 (The IOUSBControllerUserClient::ReadRegister function in the IOUSB ...)
+CVE-2014-8823
 	NOT-FOR-US: Apple
-CVE-2014-8822 (IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute ...)
+CVE-2014-8822
 	NOT-FOR-US: Apple
-CVE-2014-8821 (The Intel Graphics Driver in Apple OS X before 10.10.2 allows local ...)
+CVE-2014-8821
 	NOT-FOR-US: Apple
-CVE-2014-8820 (The Intel Graphics Driver in Apple OS X before 10.10.2 allows local ...)
+CVE-2014-8820
 	NOT-FOR-US: Apple
-CVE-2014-8819 (The Intel Graphics Driver in Apple OS X before 10.10.2 allows local ...)
+CVE-2014-8819
 	NOT-FOR-US: Apple
 CVE-2014-8818
 	REJECTED
-CVE-2014-8817 (coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 ...)
+CVE-2014-8817
 	NOT-FOR-US: Apple
-CVE-2014-8816 (CoreGraphics in Apple OS X before 10.10 allows remote attackers to ...)
+CVE-2014-8816
 	NOT-FOR-US: Apple
 CVE-2014-8815
 	RESERVED
@@ -3728,9 +3728,9 @@ CVE-2014-8812
 	RESERVED
 CVE-2014-8811
 	RESERVED
-CVE-2014-8810 (SQL injection vulnerability in ajax/mail_functions.php in the WP ...)
+CVE-2014-8810
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2014-8809 (Multiple cross-site scripting (XSS) vulnerabilities in the WP ...)
+CVE-2014-8809
 	NOT-FOR-US: WP Symposium plugin for WordPress
 CVE-2014-8808
 	RESERVED
@@ -3744,13 +3744,13 @@ CVE-2014-8804
 	RESERVED
 CVE-2014-8803
 	RESERVED
-CVE-2014-8802 (The Pie Register plugin before 2.0.14 for WordPress does not properly ...)
+CVE-2014-8802
 	NOT-FOR-US: WordPress plugin Pie Register
-CVE-2014-8801 (Directory traversal vulnerability in services/getfile.php in the Paid ...)
+CVE-2014-8801
 	NOT-FOR-US: Paid Memberships Pro plugin for WordPress
-CVE-2014-8800 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-8800
 	NOT-FOR-US: Nextend Facebook Connect plugin for WordPress
-CVE-2014-8799 (Directory traversal vulnerability in the dp_img_resize function in ...)
+CVE-2014-8799
 	NOT-FOR-US: dp_img_resize function in php/dp-functions.php in the DukaPress plugin for WordPress
 CVE-2014-8798
 	RESERVED
@@ -3762,17 +3762,17 @@ CVE-2014-8795
 	RESERVED
 CVE-2014-8794
 	RESERVED
-CVE-2014-8793 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-8793
 	NOT-FOR-US: Revive Adserver
 CVE-2014-8792
 	RESERVED
-CVE-2014-8791 (project/register.php in Tuleap before 7.7, when ...)
+CVE-2014-8791
 	NOT-FOR-US: Enalean Tuleap
-CVE-2014-8790 (XML external entity (XXE) vulnerability in admin/api.php in GetSimple ...)
+CVE-2014-8790
 	NOT-FOR-US: GetSimple CMS
-CVE-2014-8789 (GleamTech FileVista before 6.1 allows remote authenticated users to ...)
+CVE-2014-8789
 	NOT-FOR-US: GleamTech FileVista
-CVE-2014-8788 (GleamTech FileVista before 6.1 allows remote authenticated users to ...)
+CVE-2014-8788
 	NOT-FOR-US: GleamTech FileVista
 CVE-2014-8787
 	RESERVED
@@ -3788,63 +3788,63 @@ CVE-2014-8782
 	RESERVED
 CVE-2014-8781
 	RESERVED
-CVE-2014-8780 (Cross-site scripting (XSS) vulnerability in Jease 2.11 allows remote ...)
+CVE-2014-8780
 	NOT-FOR-US: Jease
-CVE-2014-8779 (Pexip Infinity before 8 uses the same SSH host keys across different ...)
+CVE-2014-8779
 	NOT-FOR-US: Pexip Infinity
-CVE-2014-8778 (Checkmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote ...)
+CVE-2014-8778
 	NOT-FOR-US: Checkmarx
 CVE-2014-8777
 	RESERVED
 CVE-2014-8776
 	RESERVED
-CVE-2014-8775 (MODX Revolution 2.x before 2.2.15 does not include the HTTPOnly flag ...)
+CVE-2014-8775
 	NOT-FOR-US: MODx Revolution
-CVE-2014-8774 (Cross-site scripting (XSS) vulnerability in manager/index.php in MODX ...)
+CVE-2014-8774
 	NOT-FOR-US: MODx Revolution
-CVE-2014-8773 (MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass ...)
+CVE-2014-8773
 	NOT-FOR-US: MODx Revolution
-CVE-2014-8772 (Cross-site scripting (XSS) vulnerability in the search_controller in ...)
+CVE-2014-8772
 	NOT-FOR-US: X3 CMS
-CVE-2014-8771 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-8771
 	NOT-FOR-US: X3 CMS
-CVE-2014-8770 (Unrestricted file upload vulnerability in magmi/web/magmi.php in the ...)
+CVE-2014-8770
 	NOT-FOR-US: Magento
-CVE-2014-8988 (MantisBT before 1.2.18 allows remote authenticated users to bypass the ...)
+CVE-2014-8988
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/5f0b150b
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17742
-CVE-2014-9622 (Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported ...)
+CVE-2014-9622
 	{DSA-3131-1 DLA-217-1}
 	- xdg-utils 1.1.0~rc1+git20111210-7.3 (bug #773085)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=66670
-CVE-2014-8991 (pip 1.3 through 1.5.6 allows local users to cause a denial of service ...)
+CVE-2014-8991
 	- python-pip 1.5.6-4 (bug #725847)
 	[wheezy] - python-pip <not-affected> (Vulnerable code only in >= 1.3)
 	[squeeze] - python-pip <not-affected> (Vulnerable code only in >= 1.3)
 	NOTE: https://github.com/pypa/pip/pull/2122
-CVE-2014-8987 (Cross-site scripting (XSS) vulnerability in the &quot;set configuration&quot; ...)
+CVE-2014-8987
 	- mantis <not-affected> (Vulnerable code introduced later)
 	NOTE: Affected upstream versions >= 1.2.13, <= 1.2.17
 	NOTE: https://github.com/mantisbt/mantisbt/commit/49c3d089
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17870
-CVE-2014-8884 (Stack-based buffer overflow in the ...)
+CVE-2014-8884
 	{DSA-3093-1 DLA-118-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f2e323ec96077642d397bb1c355def536d489d16 (v3.18-rc1)
-CVE-2014-8769 (tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain ...)
+CVE-2014-8769
 	{DSA-3086-1 DLA-102-1}
 	- tcpdump 4.6.2-2 (bug #770424)
 	NOTE: http://www.securityfocus.com/archive/1/534009/30/0/threaded
-CVE-2014-8768 (Multiple Integer underflows in the geonet_print function in tcpdump ...)
+CVE-2014-8768
 	- tcpdump 4.6.2-2 (bug #770415)
 	[wheezy] - tcpdump <not-affected> (Vulnerable code added in 4.5.0)
 	[squeeze] - tcpdump <not-affected> (Vulnerable code added in 4.5.0)
 	NOTE: http://www.securityfocus.com/archive/1/534010/30/0/threaded
-CVE-2014-8767 (Integer underflow in the olsr_print function in tcpdump 3.9.6 through ...)
+CVE-2014-8767
 	{DSA-3086-1 DLA-102-1}
 	- tcpdump 4.6.2-2 (bug #770434)
 	NOTE: http://www.securityfocus.com/archive/1/534011/30/0/threaded
@@ -3856,31 +3856,31 @@ CVE-2014-8740
 	RESERVED
 CVE-2014-8739
 	RESERVED
-CVE-2014-8736 (The Open Atrium Core module for Drupal before 7.x-2.22 allows remote ...)
+CVE-2014-8736
 	NOT-FOR-US: Drupal module Open Atrium Core
-CVE-2014-8735 (The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before ...)
+CVE-2014-8735
 	NOT-FOR-US: Drupal module Bad Behavior
-CVE-2014-8734 (The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal ...)
+CVE-2014-8734
 	NOT-FOR-US: Drupal module Organic Groups Menu
-CVE-2014-8733 (Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password ...)
+CVE-2014-8733
 	NOT-FOR-US: Cloudera Manager
-CVE-2014-8730 (The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 ...)
+CVE-2014-8730
 	NOT-FOR-US: SSL/TLS implementation error in F5 products (and historic NSS releases)
 CVE-2014-8729
 	RESERVED
-CVE-2014-8728 (SQL injection vulnerability in the login page (login/login) in Subex ...)
+CVE-2014-8728
 	NOT-FOR-US: Subex
-CVE-2014-8727 (Multiple directory traversal vulnerabilities in F5 BIG-IP before ...)
+CVE-2014-8727
 	NOT-FOR-US: F5 BIG-IP
 CVE-2014-8726
 	RESERVED
 CVE-2014-8725
 	RESERVED
-CVE-2014-8724 (Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin ...)
+CVE-2014-8724
 	NOT-FOR-US: W3 Total Cache plugin for WordPress
-CVE-2014-8723 (GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive ...)
+CVE-2014-8723
 	NOT-FOR-US: GetSimple CMS
-CVE-2014-8722 (GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive ...)
+CVE-2014-8722
 	NOT-FOR-US: GetSimple CMS
 CVE-2014-8721
 	RESERVED
@@ -3894,21 +3894,21 @@ CVE-2014-8717
 	RESERVED
 CVE-2014-8715
 	RESERVED
-CVE-2014-8708 (Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via ...)
+CVE-2014-8708
 	NOT-FOR-US: Pluck CMS
-CVE-2014-8707 (Cross-site scripting (XSS) vulnerability in TinyMCE in Pluck CMS 4.7.2 ...)
+CVE-2014-8707
 	NOT-FOR-US: Pluck CMS
-CVE-2014-8706 (Pluck CMS 4.7.2 allows remote attackers to obtain sensitive ...)
+CVE-2014-8706
 	NOT-FOR-US: Pluck CMS
-CVE-2014-8705 (PHP remote file inclusion vulnerability in editInplace.php in Wonder ...)
+CVE-2014-8705
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8704 (Directory traversal vulnerability in index.php in Wonder CMS 2014 ...)
+CVE-2014-8704
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8703 (Cross-site scripting (XSS) vulnerability in Wonder CMS 2014 allows ...)
+CVE-2014-8703
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8702 (Wonder CMS 2014 allows remote attackers to obtain sensitive ...)
+CVE-2014-8702
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8701 (Wonder CMS 2014 allows remote attackers to obtain sensitive ...)
+CVE-2014-8701
 	NOT-FOR-US: Wonder CMS
 CVE-2014-8700
 	RESERVED
@@ -3930,84 +3930,84 @@ CVE-2014-8692
 	RESERVED
 CVE-2014-8691
 	RESERVED
-CVE-2014-8690 (Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS ...)
+CVE-2014-8690
 	NOT-FOR-US: Exponent CMS
 CVE-2014-8689
 	RESERVED
-CVE-2014-8688 (An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for ...)
+CVE-2014-8688
 	NOT-FOR-US: Telegram Messenger
-CVE-2014-8687 (Seagate Business NAS devices with firmware before 2015.00322 allow ...)
+CVE-2014-8687
 	NOT-FOR-US: Seagate Business NAS devices
-CVE-2014-8686 (CodeIgniter before 2.2.0 makes it easier for attackers to decode ...)
+CVE-2014-8686
 	- codeigniter <itp> (bug #471583)
 CVE-2014-8685
 	RESERVED
-CVE-2014-8684 (CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through ...)
+CVE-2014-8684
 	- codeigniter <itp> (bug #471583)
-CVE-2014-8683 (Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs ...)
+CVE-2014-8683
 	NOT-FOR-US: Go Git Service
-CVE-2014-8682 (Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) ...)
+CVE-2014-8682
 	NOT-FOR-US: Go Git Service
-CVE-2014-8681 (SQL injection vulnerability in the GetIssues function in ...)
+CVE-2014-8681
 	NOT-FOR-US: Go Git Service
-CVE-2014-8680 (The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows ...)
+CVE-2014-8680
 	- bind9 <not-affected> (Only affects 9.10 to 9.11)
 	NOTE: https://kb.isc.org/article/AA-01217/0
 CVE-2014-8679
 	RESERVED
-CVE-2014-8678 (The ConfigSaveServlet servlet in ManageEngine OpUtils before build ...)
+CVE-2014-8678
 	NOT-FOR-US: ManageEngine OpUtils
-CVE-2014-8677 (The installation process for SOPlanning 1.32 and earlier allows remote ...)
+CVE-2014-8677
 	NOT-FOR-US: SOPlanning
-CVE-2014-8676 (Directory traversal vulnerability in the file_get_contents function in ...)
+CVE-2014-8676
 	NOT-FOR-US: SOPlanning
-CVE-2014-8675 (Soplanning 1.32 and earlier generates static links for sharing ICAL ...)
+CVE-2014-8675
 	NOT-FOR-US: SOPlanning
 CVE-2014-8674
 	RESERVED
 CVE-2014-8673
 	RESERVED
-CVE-2014-8672 (Cross-site scripting (XSS) vulnerability in the RewardingYourself ...)
+CVE-2014-8672
 	NOT-FOR-US: RewardingYourself application for Android and BlackBerry
-CVE-2014-8671 (Cross-site scripting (XSS) vulnerability in the GWT Mobile PhoneGap ...)
+CVE-2014-8671
 	NOT-FOR-US: GWT Mobile PhoneGap Showcase application for Android
-CVE-2014-8670 (Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote ...)
+CVE-2014-8670
 	NOT-FOR-US: vBulletin
-CVE-2014-8669 (The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM ...)
+CVE-2014-8669
 	NOT-FOR-US: SAP
-CVE-2014-8668 (SQL injection vulnerability in SAP Contract Accounting allows remote ...)
+CVE-2014-8668
 	NOT-FOR-US: SAP
-CVE-2014-8667 (Cross-site scripting (XSS) vulnerability in SAP HANA Web-based ...)
+CVE-2014-8667
 	NOT-FOR-US: SAP
-CVE-2014-8666 (The User &amp; Server configuration, InfoView refresh, user rights ...)
+CVE-2014-8666
 	NOT-FOR-US: SAP
-CVE-2014-8665 (The SAP Business Intelligence Development Workbench allows remote ...)
+CVE-2014-8665
 	NOT-FOR-US: SAP
-CVE-2014-8664 (SQL injection vulnerability in Product Safety (EHS-SAF) component in ...)
+CVE-2014-8664
 	NOT-FOR-US: SAP
-CVE-2014-8663 (SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP ...)
+CVE-2014-8663
 	NOT-FOR-US: SAP
-CVE-2014-8662 (Unspecified vulnerability in SAP Payroll Process allows remote ...)
+CVE-2014-8662
 	NOT-FOR-US: SAP
-CVE-2014-8661 (The SAP CRM Internet Sales module allows remote attackers to execute ...)
+CVE-2014-8661
 	NOT-FOR-US: SAP
-CVE-2014-8660 (SAP Document Management Services allows local users to execute ...)
+CVE-2014-8660
 	NOT-FOR-US: SAP
-CVE-2014-8659 (Directory traversal vulnerability in SAP Environment, Health, and ...)
+CVE-2014-8659
 	NOT-FOR-US: SAP
-CVE-2014-8658 (Cross-site scripting (XSS) vulnerability in RefinedWiki Original Theme ...)
+CVE-2014-8658
 	NOT-FOR-US: Atlassian Confluence theme
-CVE-2014-8657 (The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless ...)
+CVE-2014-8657
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8656 (The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless ...)
+CVE-2014-8656
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8655 (The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless ...)
+CVE-2014-8655
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8654 (Multiple cross-site request forgery (CSRF) vulnerabilities in Compal ...)
+CVE-2014-8654
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8653 (Cross-site scripting (XSS) vulnerability in Compal Broadband Networks ...)
+CVE-2014-8653
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8652 (Elipse E3 3.x and earlier allows remote attackers to cause a denial of ...)
+CVE-2014-8652
 	NOT-FOR-US: Elipse E3
 CVE-2014-8649
 	REJECTED
@@ -4021,43 +4021,43 @@ CVE-2014-8645
 	REJECTED
 CVE-2014-8644
 	RESERVED
-CVE-2014-8643 (Mozilla Firefox before 35.0 on Windows allows remote attackers to ...)
+CVE-2014-8643
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-07.html
-CVE-2014-8642 (Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider ...)
+CVE-2014-8642
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-08.html
-CVE-2014-8641 (Use-after-free vulnerability in the WebRTC implementation in Mozilla ...)
+CVE-2014-8641
 	{DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-06.html
-CVE-2014-8640 (The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in ...)
+CVE-2014-8640
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-05.html
-CVE-2014-8639 (Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird ...)
+CVE-2014-8639
 	{DSA-3132-1 DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-04.html
-CVE-2014-8638 (The navigator.sendBeacon implementation in Mozilla Firefox before ...)
+CVE-2014-8638
 	{DSA-3132-1 DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-03.html
-CVE-2014-8637 (Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly ...)
+CVE-2014-8637
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-02.html
-CVE-2014-8636 (The XrayWrapper implementation in Mozilla Firefox before 35.0 and ...)
+CVE-2014-8636
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-09.html
-CVE-2014-8635 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-8635
 	- iceweasel <not-affected> (Only affects versions > 31.x)
-CVE-2014-8634 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-8634
 	{DSA-3132-1 DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -4066,40 +4066,40 @@ CVE-2014-8634 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-01.html
 CVE-2014-8633
 	RESERVED
-CVE-2014-8632 (The structured-clone implementation in Mozilla Firefox before 34.0 and ...)
+CVE-2014-8632
 	- iceweasel <not-affected> (Only affects Firefox 33)
-CVE-2014-8631 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+CVE-2014-8631
 	- iceweasel <not-affected> (Only affects Firefox 33)
-CVE-2014-8630 (Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x ...)
+CVE-2014-8630
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1079065
-CVE-2014-8629 (Cross-site scripting (XSS) vulnerability in the Page visualization ...)
+CVE-2014-8629
 	NOT-FOR-US: Pandora FMS
 CVE-2014-8624
 	RESERVED
 CVE-2014-8623
 	RESERVED
-CVE-2014-8622 (Cross-site scripting (XSS) vulnerability in compfight-search.php in ...)
+CVE-2014-8622
 	NOT-FOR-US: Compfight plugin for WordPress
-CVE-2014-8621 (SQL injection vulnerability in the Store Locator plugin 2.3 through ...)
+CVE-2014-8621
 	NOT-FOR-US: Wordpress plugin
 CVE-2014-8620
 	RESERVED
-CVE-2014-8619 (Cross-site scripting (XSS) vulnerability in the autolearn ...)
+CVE-2014-8619
 	NOT-FOR-US: Fortinet FortiWeb
-CVE-2014-8618 (Cross-site scripting (XSS) vulnerability in the theme login page in ...)
+CVE-2014-8618
 	NOT-FOR-US: Fortinet FortiADC
-CVE-2014-8617 (Cross-site scripting (XSS) vulnerability in the Web Action Quarantine ...)
+CVE-2014-8617
 	NOT-FOR-US: FortiMail
-CVE-2014-8616 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet ...)
+CVE-2014-8616
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2014-8615
 	REJECTED
 CVE-2014-8614
 	REJECTED
-CVE-2014-8613 (The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before ...)
+CVE-2014-8613
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-2 (bug #776416)
 	- kfreebsd-9 <removed>
@@ -4109,7 +4109,7 @@ CVE-2014-8613 (The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 b
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 	NOTE: https://security.freebsd.org/advisories/FreeBSD-SA-15:03.sctp.asc
-CVE-2014-8612 (Multiple array index errors in the Stream Control Transmission ...)
+CVE-2014-8612
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-2 (bug #776415)
 	- kfreebsd-9 <removed>
@@ -4119,34 +4119,34 @@ CVE-2014-8612 (Multiple array index errors in the Stream Control Transmission ..
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc
-CVE-2014-8611 (The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and ...)
+CVE-2014-8611
 	NOT-FOR-US: Apple
-CVE-2014-8610 (AndroidManifest.xml in Android before 5.0.0 does not require the ...)
+CVE-2014-8610
 	NOT-FOR-US: Android
-CVE-2014-8609 (The addAccount method in ...)
+CVE-2014-8609
 	NOT-FOR-US: Android
-CVE-2014-8608 (The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) ...)
+CVE-2014-8608
 	NOT-FOR-US: K7 Computing
-CVE-2014-8607 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides ...)
+CVE-2014-8607
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8606 (Directory traversal vulnerability in the XCloner plugin 3.1.1 for ...)
+CVE-2014-8606
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8605 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores ...)
+CVE-2014-8605
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8604 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns ...)
+CVE-2014-8604
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8603 (cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and ...)
+CVE-2014-8603
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8602 (iterator.c in NLnet Labs Unbound before 1.5.1 does not limit ...)
+CVE-2014-8602
 	{DSA-3097-1 DLA-107-1}
 	- unbound 1.4.22-3 (bug #772622)
 	NOTE: http://www.unbound.net/pipermail/unbound-users/2014-December/003662.html
-CVE-2014-8601 (PowerDNS Recursor before 3.6.2 does not limit delegation chaining, ...)
+CVE-2014-8601
 	{DSA-3096-1 DLA-104-1}
 	- pdns-recursor 3.6.2-1
 	NOTE: http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/
 	NOTE: Backported patches available at https://downloads.powerdns.com/patches/2014-02/
-CVE-2014-8600 (Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime ...)
+CVE-2014-8600
 	- kde-runtime 4:4.14.2-2 (bug #769632)
 	[wheezy] - kde-runtime <no-dsa> (Minor issue)
 	[squeeze] - kdebase-runtime <no-dsa> (Minor issue)
@@ -4159,74 +4159,74 @@ CVE-2014-8599
 	RESERVED
 CVE-2014-8597
 	RESERVED
-CVE-2014-8596 (Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow ...)
+CVE-2014-8596
 	NOT-FOR-US: PHP-Fusion
-CVE-2014-8595 (arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not ...)
+CVE-2014-8595
 	{DSA-3140-1}
 	- xen 4.4.1-4 (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-8594 (The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x ...)
+CVE-2014-8594
 	{DSA-3140-1}
 	- xen 4.4.1-4 (low; bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-8593 (Multiple cross-site scripting (XSS) vulnerabilities in Allomani ...)
+CVE-2014-8593
 	NOT-FOR-US: Allomani Weblinks
-CVE-2014-8587 (SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before ...)
+CVE-2014-8587
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-8586 (SQL injection vulnerability in the CP Multi View Event Calendar plugin ...)
+CVE-2014-8586
 	NOT-FOR-US: WordPress plugin CP Multi View Event Calendar
-CVE-2014-8585 (Directory traversal vulnerability in the WordPress Download Manager ...)
+CVE-2014-8585
 	NOT-FOR-US: WordPress plugin WordPress Download Manager
 	NOTE: To be REJECTED
-CVE-2014-8584 (Cross-site scripting (XSS) vulnerability in the Web Dorado Spider ...)
+CVE-2014-8584
 	NOT-FOR-US: WordPress plugin Web Dorado Spider Video Player (aka WordPress Video Player)
-CVE-2014-8738 (The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU ...)
+CVE-2014-8738
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141124-1
 	- binutils-mingw-w64 5.2
 	NOTE: Upstream tracker: https://sourceware.org/bugzilla/show_bug.cgi?id=17533
 	NOTE: Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f
-CVE-2014-8737 (Multiple directory traversal vulnerabilities in GNU binutils 2.24 and ...)
+CVE-2014-8737
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141124-1
 	- binutils-mingw-w64 5.2
 	NOTE: Upstream tracker: https://sourceware.org/bugzilla/show_bug.cgi?id=17552
 	NOTE: Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd9b91de2149ee81d47f708e7b0bbf57da10ad42
-CVE-2014-8732 (Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 ...)
+CVE-2014-8732
 	NOT-FOR-US: phpMemcachedAdmin
-CVE-2014-8731 (PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute ...)
+CVE-2014-8731
 	NOT-FOR-US: phpMemcachedAdmin
-CVE-2014-8716 (The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to ...)
+CVE-2014-8716
 	{DLA-960-1 DLA-90-1}
 	- imagemagick 8:6.8.9.9-3 (bug #768494)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456
-CVE-2014-8714 (The dissect_write_structured_field function in ...)
+CVE-2014-8714
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-23.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8713 (Stack-based buffer overflow in the build_expert_data function in ...)
+CVE-2014-8713
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-22.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8712 (The build_expert_data function in epan/dissectors/packet-ncp2222.inc ...)
+CVE-2014-8712
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-22.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8711 (Multiple integer overflows in epan/dissectors/packet-amqp.c in the ...)
+CVE-2014-8711
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-21.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8710 (The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the ...)
+CVE-2014-8710
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-20.html
 	NOTE: Versions 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8709 (The ieee80211_fragment function in net/mac80211/tx.c in the Linux ...)
+CVE-2014-8709
 	{DLA-118-1}
 	- linux 3.14.2-1
 	[wheezy] - linux 3.2.57-1
@@ -4238,54 +4238,54 @@ CVE-2014-8650 [does not handle mutual authentication]
 	- python-requests-kerberos 0.5-2 (bug #768408)
 	NOTE: https://github.com/requests/requests-kerberos/pull/36
 	NOTE: request adding https://github.com/mkomitee/requests-kerberos/commit/9c1e08cc17bb6950455a85d33d391ecd2bce6eb6
-CVE-2014-8628 (Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows ...)
+CVE-2014-8628
 	{DSA-3116-1 DLA-129-1}
 	- polarssl 1.3.9-1
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1159845#c5 and following.
 	NOTE: Patch for 1.2.x: https://github.com/polarssl/polarssl/commit/6b440389136afbcb0d831f880176c830bd3e0c7c
 	NOTE: Version 1.2.11 also brings other security-relevant fixes. Maybe update to new upstream version?
-CVE-2014-8627 (PolarSSL 1.3.8 does not properly negotiate the signature algorithm to ...)
+CVE-2014-8627
 	- polarssl 1.3.9-1
 	[wheezy] - polarssl <not-affected> (Problem introduced in 1.3.8)
 	[squeeze] - polarssl <not-affected> (Problem introduced in 1.3.8)
-CVE-2014-8626 (Stack-based buffer overflow in the date_from_ISO8601 function in ...)
+CVE-2014-8626
 	- php5 5.2.9.dfsg.1-1
 	NOTE: https://bugs.php.net/bug.php?id=45226
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c818d0d01341907fee82bdb81cab07b7d93bb9db
-CVE-2014-8625 (Multiple format string vulnerabilities in the parse_error_msg function ...)
+CVE-2014-8625
 	- dpkg 1.17.22 (unimportant; bug #768485)
 	[wheezy] - dpkg 1.16.16
 	[squeeze] - dpkg <not-affected> (Regression introduced in 1.16.2)
 	NOTE: Rendered non-exploitable by toolchain hardening
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1389135
 	NOTE: Regression introduced with https://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/?id=0b8652b226a7601dfd71471797d15168a7337242 (1.16.2)
-CVE-2014-8598 (The XML Import/Export plugin in MantisBT 1.2.x does not restrict ...)
+CVE-2014-8598
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/80a15487
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17780
-CVE-2014-8592 (Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver ...)
+CVE-2014-8592
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-8591 (Unspecified vulnerability in SAP Internet Communication Manager (ICM), ...)
+CVE-2014-8591
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-8590 (XML external entity (XXE) vulnerability in the Web Service Navigator ...)
+CVE-2014-8590
 	NOT-FOR-US: SAP NetWeaver Application Server
-CVE-2014-8589 (Integer overflow in SAP Network Interface Router (SAProuter) 40.4 ...)
+CVE-2014-8589
 	NOT-FOR-US: SAP Network Interface Router
-CVE-2014-8588 (SQL injection vulnerability in metadata.xsjs in SAP HANA ...)
+CVE-2014-8588
 	NOT-FOR-US: SAP HANA
 CVE-2014-8581
 	RESERVED
-CVE-2014-8580 (Citrix NetScaler Application Delivery Controller and NetScaler Gateway ...)
+CVE-2014-8580
 	NOT-FOR-US: Citrix Netscaler
-CVE-2014-8579 (TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a ...)
+CVE-2014-8579
 	NOT-FOR-US: TRENDnet TEW-823DRU devices
-CVE-2014-8578 (Cross-site scripting (XSS) vulnerability in the Groups panel in ...)
+CVE-2014-8578
 	- horizon 2014.1.1-3
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: this was split from CVE-2014-3475 by MITRE
-CVE-2014-8577 (Multiple cross-site scripting (XSS) vulnerabilities in Croogo before ...)
+CVE-2014-8577
 	NOT-FOR-US: Croogo
 CVE-2014-8576
 	REJECTED
@@ -4295,11 +4295,11 @@ CVE-2014-8574
 	REJECTED
 CVE-2014-8573
 	REJECTED
-CVE-2014-8572 (Huawei AC6605 with software V200R001C00; AC6605 with software ...)
+CVE-2014-8572
 	NOT-FOR-US: Huawei
-CVE-2014-8571 (Apps on Huawei Ascend P6 mobile phones with software EDGE-U00 ...)
+CVE-2014-8571
 	NOT-FOR-US: Huawei
-CVE-2014-8570 (Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, ...)
+CVE-2014-8570
 	NOT-FOR-US: Huawei
 CVE-2014-8569
 	RESERVED
@@ -4307,7 +4307,7 @@ CVE-2014-8568
 	RESERVED
 CVE-2014-8565
 	REJECTED
-CVE-2014-8564 (The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS ...)
+CVE-2014-8564
 	- gnutls28 3.3.8-4 (bug #769154)
 	- gnutls26 <not-affected> (Vulnerable code not present; no support for ECC)
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/e821e1908686657a45c1b735f6d077b7a8493e2b (3.3.x branch)
@@ -4317,72 +4317,72 @@ CVE-2014-8563
 	RESERVED
 CVE-2014-8560
 	RESERVED
-CVE-2014-8558 (JExperts Channel Platform 5.0.33_CCB allows remote authenticated users ...)
+CVE-2014-8558
 	NOT-FOR-US: JExperts Tecnologia Channel Software
-CVE-2014-8557 (Multiple cross-site scripting (XSS) vulnerabilities in JExperts ...)
+CVE-2014-8557
 	NOT-FOR-US: JExperts Tecnologia Channel Software
 CVE-2014-8556
 	RESERVED
-CVE-2014-8555 (Directory traversal vulnerability in report/reportViewAction.jsp in ...)
+CVE-2014-8555
 	NOT-FOR-US: Progress Software OpenEdge
-CVE-2014-8553 (The mci_account_get_array_by_id function in ...)
+CVE-2014-8553
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17243 (currently private)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/f779e3d4394a0638d822849863c4098421d911c5
-CVE-2014-8552 (The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before ...)
+CVE-2014-8552
 	NOT-FOR-US: Siemens
-CVE-2014-8551 (The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before ...)
+CVE-2014-8551
 	NOT-FOR-US: Siemens
 CVE-2014-8550
 	RESERVED
-CVE-2014-8549 (libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the ...)
+CVE-2014-8549
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:11.2-1 (bug #773626)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=550f3e9df3410b3dd975e590042c0d83e20a8da3
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=cee4490b521fd0d02476d46aa2598af24fb8d686
-CVE-2014-8548 (Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows ...)
+CVE-2014-8548
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c727401aa9d62335e89d118a5b4e202edf39d905
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=d423dd72be451462c6fb1cbbe313bed0194001ab
-CVE-2014-8547 (libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute ...)
+CVE-2014-8547
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f1457864be8fb9653643519dea1c6492f1dde57
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=0b39ac6f54505a538c21fe49a626de94c518c903
-CVE-2014-8546 (Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 ...)
+CVE-2014-8546
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e7e5114c506957f40aafd794e06de1a7e341e9d5
-CVE-2014-8545 (libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the ...)
+CVE-2014-8545
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
-CVE-2014-8544 (libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate ...)
+CVE-2014-8544
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.3-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=ae5e1f3d663a8c9a532d89e588cbc61f171c9186
-CVE-2014-8543 (libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all ...)
+CVE-2014-8543
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=17ba719d9ba30c970f65747f42d5fbb1e447ca28
-CVE-2014-8542 (libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID ...)
+CVE-2014-8542
 	{DLA-1654-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -4390,107 +4390,107 @@ CVE-2014-8542 (libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec I
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=105654e376a736d243aef4a1d121abebce912e6b
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=88626e5af8d006e67189bf10b96b982502a7e8ad
-CVE-2014-8541 (libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension ...)
+CVE-2014-8541
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5c378d6a6df8243f06c87962b873bd563e58cd39
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=809c3023b699c54c90511913d3b6140dd2436550
-CVE-2014-8539 (Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 ...)
+CVE-2014-8539
 	NOT-FOR-US: Simple Email
-CVE-2014-8651 (The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and ...)
+CVE-2014-8651
 	- kde-workspace 4:4.11.13-2 (unimportant)
 	NOTE: https://projects.kde.org/projects/kde/kde-workspace/repository/diff?rev=54d0bfb5effff9c8cf60da890b7728cbe36a454e&rev_to=fd2aa9deed44fad6107625ad7360157fea7296f6
 	NOTE: On Debian changing the clock requires authentication, so it's not exploitable
 	NOTE: in the standard setup
-CVE-2014-8583 (mod_wsgi before 4.2.4 for Apache, when creating a daemon process ...)
+CVE-2014-8583
 	- mod-wsgi 4.2.7-1
 	[wheezy] - mod-wsgi <no-dsa> (Minor issue)
 	[squeeze] - mod-wsgi <no-dsa> (Minor issue)
 	NOTE: https://github.com/GrahamDumpleton/mod_wsgi/commit/545354a80b9cc20d8b6916ca30542eab36c3b8bd
-CVE-2014-8582 (FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point ...)
+CVE-2014-8582
 	NOT-FOR-US: FortiNet FortiADC-E
-CVE-2014-8567 (The mod_auth_mellon module before 0.8.1 allows remote attackers to ...)
+CVE-2014-8567
 	- libapache2-mod-auth-mellon 0.9.0
-CVE-2014-8566 (The mod_auth_mellon module before 0.8.1 allows remote attackers to ...)
+CVE-2014-8566
 	- libapache2-mod-auth-mellon 0.9.1
-CVE-2014-8554 (SQL injection vulnerability in the mc_project_get_attachments function ...)
+CVE-2014-8554
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17812
 	NOTE: http://github.com/mantisbt/mantisbt/commit/99ffb0af (1.2.x branch)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/5faf97ab (master)
-CVE-2014-8540 (The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote ...)
+CVE-2014-8540
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2014-8538 (The Hijab Modern (aka com.Aisyaidea.HijabModern) application 1.0 for ...)
+CVE-2014-8538
 	NOT-FOR-US: Hijab Modern (aka com.Aisyaidea.HijabModern) application for Android
-CVE-2014-8537 (McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local ...)
+CVE-2014-8537
 	NOT-FOR-US: McAfee
-CVE-2014-8536 (McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local ...)
+CVE-2014-8536
 	NOT-FOR-US: McAfee
-CVE-2014-8535 (McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local ...)
+CVE-2014-8535
 	NOT-FOR-US: McAfee
-CVE-2014-8534 (Unspecified vulnerability in the login form in McAfee Network Data ...)
+CVE-2014-8534
 	NOT-FOR-US: McAfee
-CVE-2014-8533 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote ...)
+CVE-2014-8533
 	NOT-FOR-US: McAfee
-CVE-2014-8532 (Unspecified vulnerability in McAfee Network Data Loss Prevention ...)
+CVE-2014-8532
 	NOT-FOR-US: McAfee
-CVE-2014-8531 (The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) ...)
+CVE-2014-8531
 	NOT-FOR-US: McAfee
-CVE-2014-8530 (Unspecified vulnerability in McAfee Network Data Loss Prevention ...)
+CVE-2014-8530
 	NOT-FOR-US: McAfee
-CVE-2014-8529 (McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH ...)
+CVE-2014-8529
 	NOT-FOR-US: McAfee
-CVE-2014-8528 (McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session ...)
+CVE-2014-8528
 	NOT-FOR-US: McAfee
-CVE-2014-8527 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local ...)
+CVE-2014-8527
 	NOT-FOR-US: McAfee
-CVE-2014-8526 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local ...)
+CVE-2014-8526
 	NOT-FOR-US: McAfee
-CVE-2014-8525 (McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include ...)
+CVE-2014-8525
 	NOT-FOR-US: McAfee
-CVE-2014-8524 (McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable ...)
+CVE-2014-8524
 	NOT-FOR-US: McAfee
-CVE-2014-8523 (Cross-site request forgery (CSRF) vulnerability in McAfee Network Data ...)
+CVE-2014-8523
 	NOT-FOR-US: McAfee
-CVE-2014-8522 (The MySQL database in McAfee Network Data Loss Prevention (NDLP) ...)
+CVE-2014-8522
 	NOT-FOR-US: McAfee
-CVE-2014-8521 (Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss ...)
+CVE-2014-8521
 	NOT-FOR-US: McAfee
-CVE-2014-8520 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote ...)
+CVE-2014-8520
 	NOT-FOR-US: McAfee
-CVE-2014-8519 (Unspecified vulnerability in McAfee Network Data Loss Prevention ...)
+CVE-2014-8519
 	NOT-FOR-US: McAfee
-CVE-2014-8518 (The (1) Removable Media and (2) CD and DVD encryption offsite access ...)
+CVE-2014-8518
 	NOT-FOR-US: McAfee
 CVE-2014-8516
 	RESERVED
-CVE-2014-8515 (The web interface in BitTorrent allows remote attackers to execute ...)
+CVE-2014-8515
 	NOT-FOR-US: uTorrent
-CVE-2014-8514 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider ...)
+CVE-2014-8514
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8513 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider ...)
+CVE-2014-8513
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8512 (Buffer overflow in an ActiveX control in Atx45.ocx in Schneider ...)
+CVE-2014-8512
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8511 (Buffer overflow in an ActiveX control in Atx45.ocx in Schneider ...)
+CVE-2014-8511
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8510 (The AdminUI in Trend Micro InterScan Web Security Virtual Appliance ...)
+CVE-2014-8510
 	NOT-FOR-US: Trend Micro InterScan Web Security Virtual Appliance
-CVE-2014-8509 (The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) ...)
+CVE-2014-8509
 	NOT-FOR-US: BitTorrent bootstrap-dht (aka Bootstrap)
-CVE-2014-8508 (Cross-site scripting (XSS) vulnerability in s_network.asp in the Denon ...)
+CVE-2014-8508
 	NOT-FOR-US: Denon devices
-CVE-2014-8507 (Multiple SQL injection vulnerabilities in the queryLastApp method in ...)
+CVE-2014-8507
 	NOT-FOR-US: Android
-CVE-2014-8506 (Multiple SQL injection vulnerabilities in Etiko CMS allow remote ...)
+CVE-2014-8506
 	NOT-FOR-US: Etiko CMS
-CVE-2014-8505 (Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow ...)
+CVE-2014-8505
 	NOT-FOR-US: Etiko CMS
-CVE-2014-8504 (Stack-based buffer overflow in the srec_scan function in bfd/srec.c in ...)
+CVE-2014-8504
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
@@ -4499,50 +4499,50 @@ CVE-2014-8504 (Stack-based buffer overflow in the srec_scan function in bfd/srec
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c7
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c8
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=708d7d0d11f0f2d776171979aa3479e8e12a38a0
-CVE-2014-8503 (Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in ...)
+CVE-2014-8503
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c33
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c34
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0102ea8cec5fc509bba6c91df61b7ce23a799d32
-CVE-2014-8502 (Heap-based buffer overflow in the pe_print_edata function in ...)
+CVE-2014-8502
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: See https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c17
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5a4b0ccc20ba30caef53b01bee2c0aaa5b855339
-CVE-2014-8501 (The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU ...)
+CVE-2014-8501
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	- gdb <unfixed> (unimportant)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e1e19887abd24aeb15066b141cdff5541e0ec8e
-CVE-2014-8500 (ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through ...)
+CVE-2014-8500
 	{DSA-3094-1 DLA-112-1}
 	- bind9 1:9.9.5.dfsg-7 (bug #772610)
 	NOTE: https://kb.isc.org/article/AA-01216/0
-CVE-2014-8499 (Multiple SQL injection vulnerabilities in ManageEngine Password ...)
+CVE-2014-8499
 	NOT-FOR-US: ManageEngine Password Manager Pro (PMP)
-CVE-2014-8498 (SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine ...)
+CVE-2014-8498
 	NOT-FOR-US: ManageEngine Password Manager Pro (PMP)
 CVE-2014-8497
 	RESERVED
-CVE-2014-8496 (Digicom DG-5514T ADSL router with firmware 3.2 generates predictable ...)
+CVE-2014-8496
 	NOT-FOR-US: Digicom Router
-CVE-2014-8495 (Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 ...)
+CVE-2014-8495
 	NOT-FOR-US: Citrix XenMobile MDX Toolkit
-CVE-2014-8494 (ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) ...)
+CVE-2014-8494
 	NOT-FOR-US: ESTsoft ALUpdate
-CVE-2014-8493 (ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to ...)
+CVE-2014-8493
 	NOT-FOR-US: ZTE ZXHN H108L
-CVE-2014-8492 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-8492
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-8491 (The Grand Flagallery plugin before 4.25 for WordPress allows remote ...)
+CVE-2014-8491
 	NOT-FOR-US: Grand Flagallery plugin for WordPress
 CVE-2014-8490
 	RESERVED
-CVE-2014-8990 (default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote ...)
+CVE-2014-8990
 	{DSA-3130-1}
 	- lsyncd 2.1.5-2 (low; bug #767227)
 	[squeeze] - lsyncd <no-dsa> (Minor issue)
@@ -4550,24 +4550,24 @@ CVE-2014-8990 (default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote ..
 	NOTE: Upstream commit: https://github.com/creshal/lsyncd/commit/18f02ad013b41a72753912155ae2ba72f2a53e52
 	NOTE: also required: https://github.com/axkibe/lsyncd/commit/e9ffda07f0145f50f2756f8ee3fb0775b455122b
 	NOTE: the initial commit would be an incomplete fix and needs additional changes
-CVE-2014-8559 (The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 ...)
+CVE-2014-8559
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.38)
 	NOTE: References in http://www.openwall.com/lists/oss-security/2014/10/30/7
 	NOTE: Upstream fix: https://git.kernel.org/linus/ca5358ef75fc69fee5322a38a340f5739d997c10 (v3.19-rc1)
 	NOTE: Upstream fix: https://git.kernel.org/linus/946e51f2bf37f1656916eb75bd0742ba33983c28 (v3.19-rc1)
-CVE-2014-8517 (The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in ...)
+CVE-2014-8517
 	- tnftp 20130505-2 (low; bug #767171)
 	[wheezy] - tnftp <no-dsa> (Minor issue)
 	[squeeze] - tnftp <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/10/28/4
-CVE-2014-9915 (Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers ...)
+CVE-2014-9915
 	- imagemagick 8:6.8.9.9-1 (bug #767240)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	[squeeze] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2014-8355 (PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers ...)
+CVE-2014-8355
 	{DLA-960-1 DLA-242-1}
 	- imagemagick 8:6.8.9.9-1 (bug #767240)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
@@ -4576,11 +4576,11 @@ CVE-2014-8355 (PCX parser code in ImageMagick before 6.8.9-9 allows remote attac
 	[wheezy] - graphicsmagick <no-dsa> (Minor issue)
 	[squeeze] - graphicsmagick <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/graphicsmagick/code/ci/4426024497f9ed26cbadc5af5a5de55ac84796ff/ (graphicsmagick)
-CVE-2014-8562 (DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to ...)
+CVE-2014-8562
 	{DLA-960-1 DLA-242-1}
 	- imagemagick 8:6.8.9.9-1 (bug #767240)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
-CVE-2014-8354 (The HorizontalFilter function in resize.c in ImageMagick before ...)
+CVE-2014-8354
 	{DLA-960-1 DLA-242-1}
 	- imagemagick 8:6.8.9.9-1
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
@@ -4590,23 +4590,23 @@ CVE-2014-8561 [Remotely DOS: convert +profile regression enters infinite loop ex
 	- imagemagick 8:6.8.9.9-1 (bug #764872)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code introduced later; regression)
 	[squeeze] - imagemagick <not-affected> (Vulnerable code introduced later; regression)
-CVE-2014-8489 (Open redirect vulnerability in startSSO.ping in the SP Endpoints in ...)
+CVE-2014-8489
 	NOT-FOR-US: PingFederate SP Endpoints
-CVE-2014-8488 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
+CVE-2014-8488
 	NOT-FOR-US: yourls
-CVE-2014-8487 (Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and ...)
+CVE-2014-8487
 	NOT-FOR-US: Kony Management
 CVE-2014-8486
 	REJECTED
 CVE-2014-8482
 	RESERVED
-CVE-2014-8479 (The FTP server on Siemens SCALANCE X-300 switches with firmware before ...)
+CVE-2014-8479
 	NOT-FOR-US: FTP server on Siemens SCALANCE X-300 switches
-CVE-2014-8478 (The web server on Siemens SCALANCE X-300 switches with firmware before ...)
+CVE-2014-8478
 	NOT-FOR-US: web server on Siemens SCALANCE X-300 switches
 CVE-2014-8477
 	RESERVED
-CVE-2014-8476 (The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not ...)
+CVE-2014-8476
 	{DSA-3070-1}
 	[experimental] - kfreebsd-11 11.0~svn284956-1 (bug #768109)
 	- kfreebsd-10 10.1~svn274115-1 (bug #768108)
@@ -4615,23 +4615,23 @@ CVE-2014-8476 (The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not ..
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://security.FreeBSD.org/advisories/FreeBSD-SA-14:25.setlogin.asc
-CVE-2014-8475 (FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos ...)
+CVE-2014-8475
 	- openssh <not-affected> (freebsd-specific build system issue)
-CVE-2014-8474 (CA Cloud Service Management (CSM) before Summer 2014 allows remote ...)
+CVE-2014-8474
 	NOT-FOR-US: CA Cloud Service Management
-CVE-2014-8473 (Cross-site request forgery (CSRF) vulnerability in CA Cloud Service ...)
+CVE-2014-8473
 	NOT-FOR-US: CA Cloud Service Management
-CVE-2014-8472 (CA Cloud Service Management (CSM) before Summer 2014 does not properly ...)
+CVE-2014-8472
 	NOT-FOR-US: CA Cloud Service Management
-CVE-2014-8471 (CA Cloud Service Management (CSM) before Summer 2014 allows remote ...)
+CVE-2014-8471
 	NOT-FOR-US: CA Cloud Service Management
 CVE-2014-8470
 	RESERVED
-CVE-2014-8469 (Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in ...)
+CVE-2014-8469
 	NOT-FOR-US: PHPFox
 CVE-2014-7401
 	REJECTED
-CVE-2014-8483 (The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 ...)
+CVE-2014-8483
 	{DSA-3068-1 DSA-3063-1 DLA-168-1}
 	- quassel 0.10.0-2.1 (bug #766962)
 	[squeeze] - quassel <not-affected> (Problematic code does not exist in 0.6.3-2+squeeze2)
@@ -4639,23 +4639,23 @@ CVE-2014-8483 (The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0
 	NOTE: http://bugs.quassel-irc.org/issues/1314
 	- konversation 1.5-2 (bug #768191)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=210792
-CVE-2014-8481 (The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem ...)
+CVE-2014-8481
 	- linux <not-affected> (Present in 3.17 with incomplete fix)
 	- linux-2.6 <not-affected> (Present in 3.17 with incomplete fix)
 	NOTE: Fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=a430c9166312e1aa3d80bce32374233bdbfeba32
-CVE-2014-8480 (The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem ...)
+CVE-2014-8480
 	- linux <not-affected> (Introduced in 3.17)
 	- linux-2.6 <not-affected> (Introduced in 3.17)
 	NOTE: The NULL pointer dereference was introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=41061cdb98a0bec464278b4db8e894a3121671f5 (v3.17-rc1)
 	NOTE: Fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=3f6f1480d86bf9fc16c160d803ab1d006e3058d5
-CVE-2014-8485 (The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 ...)
+CVE-2014-8485
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: http://lcamtuf.blogspot.com.au/2014/10/psa-dont-run-strings-on-untrusted-files.html
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=493a33860c71cac998f1a56d6d87d6faa801fbaa
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510
-CVE-2014-8484 (The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before ...)
+CVE-2014-8484
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.51.20140903-1
 	- binutils-mingw-w64 5.2
@@ -4676,55 +4676,55 @@ CVE-2014-8463
 	RESERVED
 CVE-2014-8462
 	RESERVED
-CVE-2014-8461 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8461
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8460 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-8460
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8459 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8459
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8458 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8458
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8457 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-8457
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8456 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8456
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8455 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-8455
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8454 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-8454
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8453 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8453
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8452 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8452
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8451 (An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-8451
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8450 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2014-8450
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-8449 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and ...)
+CVE-2014-8449
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8448 (An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-8448
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8447 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8447
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8446 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8446
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8445 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 ...)
+CVE-2014-8445
 	NOT-FOR-US: Adobe Reader
 CVE-2014-8444
 	REJECTED
-CVE-2014-8443 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 ...)
+CVE-2014-8443
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8442 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-8442
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8441 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-8441
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8440 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-8440
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8439 (Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before ...)
+CVE-2014-8439
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8438 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 ...)
+CVE-2014-8438
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8437 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-8437
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-8436
 	RESERVED
@@ -4740,71 +4740,71 @@ CVE-2014-8431
 	RESERVED
 CVE-2014-8430
 	RESERVED
-CVE-2014-8429 (Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats ...)
+CVE-2014-8429
 	NOT-FOR-US: xEpan CMS
-CVE-2014-8428 (Privilege escalation vulnerability in Barracuda Load Balancer ...)
+CVE-2014-8428
 	NOT-FOR-US: Barracuda
 CVE-2014-8427
 	RESERVED
-CVE-2014-8426 (Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015. ...)
+CVE-2014-8426
 	NOT-FOR-US: Barracuda
-CVE-2014-8425 (The management portal in ARRIS VAP2500 before FW08.41 allows remote ...)
+CVE-2014-8425
 	NOT-FOR-US: Management portal in ARRIS VAP2500
-CVE-2014-8424 (ARRIS VAP2500 before FW08.41 does not properly validate passwords, ...)
+CVE-2014-8424
 	NOT-FOR-US: ARRIS VAP2500
-CVE-2014-8423 (Unspecified vulnerability in the management portal in ARRIS VAP2500 ...)
+CVE-2014-8423
 	NOT-FOR-US: ARRIS VAP2500
-CVE-2014-8422 (The web-based management (WBM) interface in Unify (former Siemens) ...)
+CVE-2014-8422
 	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
-CVE-2014-8421 (Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 ...)
+CVE-2014-8421
 	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
-CVE-2014-8420 (The ViewPoint web application in Dell SonicWALL Global Management ...)
+CVE-2014-8420
 	NOT-FOR-US: Dell SonicWALL
-CVE-2014-8419 (Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read ...)
+CVE-2014-8419
 	NOT-FOR-US: Wibu-Systems CodeMeter Runtime
-CVE-2014-8418 (The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, ...)
+CVE-2014-8418
 	{DLA-455-1}
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24534
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-018.html
-CVE-2014-8417 (ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and ...)
+CVE-2014-8417
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[wheezy] - asterisk <not-affected> (Only affects 11.x, 12.x and 13.x)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24490
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-017.html
-CVE-2014-8416 (Use-after-free vulnerability in the PJSIP channel driver in Asterisk ...)
+CVE-2014-8416
 	- asterisk 1:13.1.0~dfsg-1
 	[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
 	[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
 	[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24471
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-016.html
-CVE-2014-8415 (Race condition in the chan_pjsip channel driver in Asterisk Open ...)
+CVE-2014-8415
 	- asterisk 1:13.1.0~dfsg-1
 	[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
 	[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
 	[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24471
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-015.html
-CVE-2014-8414 (ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 ...)
+CVE-2014-8414
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[wheezy] - asterisk <not-affected> (Only affects 11.x)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24440
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-014.html
-CVE-2014-8413 (The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 ...)
+CVE-2014-8413
 	- asterisk 1:13.1.0~dfsg-1
 	[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
 	[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
 	[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24531
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-013.html
-CVE-2014-8412 (The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager ...)
+CVE-2014-8412
 	{DLA-455-1}
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
@@ -4835,115 +4835,115 @@ CVE-2014-8401
 	RESERVED
 CVE-2014-8400
 	RESERVED
-CVE-2014-8398 (Multiple untrusted search path vulnerabilities in Corel FastFlick ...)
+CVE-2014-8398
 	NOT-FOR-US: Corel FastFlick
-CVE-2014-8397 (Untrusted search path vulnerability in Corel VideoStudio PRO X7 or ...)
+CVE-2014-8397
 	NOT-FOR-US: Corel
-CVE-2014-8396 (Untrusted search path vulnerability in Corel PDF Fusion allows local ...)
+CVE-2014-8396
 	NOT-FOR-US: Corel PDF Fusion
-CVE-2014-8395 (Untrusted search path vulnerability in Corel Painter 2015 allows local ...)
+CVE-2014-8395
 	NOT-FOR-US: Corel Painter
-CVE-2014-8394 (Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow ...)
+CVE-2014-8394
 	NOT-FOR-US: Corel CAD
-CVE-2014-8393 (DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, ...)
+CVE-2014-8393
 	NOT-FOR-US: Corel
 CVE-2014-8392
 	RESERVED
-CVE-2014-8391 (The Web interface in Sendio before 7.2.4 does not properly handle ...)
+CVE-2014-8391
 	NOT-FOR-US: Sendio
-CVE-2014-8390 (Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 ...)
+CVE-2014-8390
 	NOT-FOR-US: Schneider Electric
-CVE-2014-8389 (cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 ...)
+CVE-2014-8389
 	NOT-FOR-US: AirLive
-CVE-2014-8388 (Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin ...)
+CVE-2014-8388
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-8387 (cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point ...)
+CVE-2014-8387
 	NOT-FOR-US: Advantech EKI-6340
-CVE-2014-8386 (Multiple stack-based buffer overflows in Advantech AdamView 4.3 and ...)
+CVE-2014-8386
 	NOT-FOR-US: Advantech AdamView
-CVE-2014-8385 (Buffer overflow on Advantech EKI-1200 gateways with firmware before ...)
+CVE-2014-8385
 	NOT-FOR-US: Advantech EKI-1200 gateways
-CVE-2014-8384 (The InFocus IN3128HD projector with firmware 0.26 does not restrict ...)
+CVE-2014-8384
 	NOT-FOR-US: InFocus IN3128HD projector
-CVE-2014-8383 (The InFocus IN3128HD projector with firmware 0.26 allows remote ...)
+CVE-2014-8383
 	NOT-FOR-US: InFocus IN3128HD projector
 CVE-2014-8382
 	RESERVED
-CVE-2014-8381 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-8381
 	NOT-FOR-US: Megapolis.Portal Manager
-CVE-2014-8380 (Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote ...)
+CVE-2014-8380
 	NOT-FOR-US: Splunk
-CVE-2014-8379 (Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA ...)
+CVE-2014-8379
 	NOT-FOR-US: Drupal module Marketo MA
-CVE-2014-8378 (Cross-site scripting (XSS) vulnerability in the TableField module ...)
+CVE-2014-8378
 	NOT-FOR-US: Drupal module TableField
-CVE-2014-8377 (Cross-site scripting (XSS) vulnerability in Webasyst Shop-Script ...)
+CVE-2014-8377
 	NOT-FOR-US: Webasyst Shop-Script
-CVE-2014-8376 (Cross-site scripting (XSS) vulnerability in the context administration ...)
+CVE-2014-8376
 	NOT-FOR-US: Drupal module Site Banner
-CVE-2014-8375 (SQL injection vulnerability in GBgallery.php in the GB Gallery ...)
+CVE-2014-8375
 	NOT-FOR-US: WordPress plugin GB Gallery Slideshow
 CVE-2014-8374
 	REJECTED
-CVE-2014-8373 (The VMware Remote Console (VMRC) function in VMware vCloud Automation ...)
+CVE-2014-8373
 	NOT-FOR-US: VMware vCloud Automation Center
-CVE-2014-8372 (AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 (FP3) allows remote ...)
+CVE-2014-8372
 	NOT-FOR-US: VMware AirWatch
-CVE-2014-8371 (VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before ...)
+CVE-2014-8371
 	NOT-FOR-US: VMware vSphere
-CVE-2014-8370 (VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, ...)
+CVE-2014-8370
 	NOT-FOR-US: VMware
-CVE-2014-8369 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux ...)
+CVE-2014-8369
 	{DSA-3093-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <not-affected> (Incomplete fix for CVE-2014-3601 was not applied)
 	NOTE: Introduced by http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
 	NOTE: Fixed by: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=3d32e4dbe71374a6780eaf51d719d76f9a9bf22f
-CVE-2014-8368 (The web interface in Aruba Networks AirWave before 7.7.14 and 8.x ...)
+CVE-2014-8368
 	NOT-FOR-US: Aruba Networks AirWave
-CVE-2014-8367 (SQL injection vulnerability in Aruba Networks ClearPass Policy Manager ...)
+CVE-2014-8367
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2014-8366 (SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote ...)
+CVE-2014-8366
 	NOT-FOR-US: openSIS
-CVE-2014-8365 (Multiple cross-site scripting (XSS) vulnerabilities in Xornic Contact ...)
+CVE-2014-8365
 	NOT-FOR-US: Xornic Contact Us Form
-CVE-2014-8364 (Cross-site scripting (XSS) vulnerability in ss_handler.php in the ...)
+CVE-2014-8364
 	NOT-FOR-US: WordPress plugin wpSS
-CVE-2014-8363 (SQL injection vulnerability in ss_handler.php in the WordPress ...)
+CVE-2014-8363
 	NOT-FOR-US: WordPress plugin wpSS
-CVE-2014-8362 (Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable ...)
+CVE-2014-8362
 	NOT-FOR-US: Vivint Sky Control Panel
-CVE-2014-8361 (The miniigd SOAP service in Realtek SDK allows remote attackers to ...)
+CVE-2014-8361
 	NOT-FOR-US: Realtek SDK
-CVE-2014-8360 (Directory traversal vulnerability in inc/autoload.function.php in GLPI ...)
+CVE-2014-8360
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: original bug: https://forge.indepnet.net/issues/5101
 	NOTE: followup: https://forge.indepnet.net/issues/5113
 	NOTE: appears to be a generic autoloading abuse; possibly with
 	NOTE: some use of simplepie being the attack vector
-CVE-2014-8359 (Untrusted search path vulnerability in Huawei Mobile Partner for ...)
+CVE-2014-8359
 	NOT-FOR-US: Huawei Mobile Partner for Windows
-CVE-2014-8358 (Huawei EC156, EC176, and EC177 USB Modem products with software before ...)
+CVE-2014-8358
 	NOT-FOR-US: Huawei
-CVE-2014-8357 (backupsettings.html in the web administrative portal in Zhone zNID ...)
+CVE-2014-8357
 	NOT-FOR-US: ZHONE Router
 CVE-2014-8356
 	RESERVED
 	NOT-FOR-US: ZHONE Router
 CVE-2014-8353
 	RESERVED
-CVE-2014-8352 (Cross-site scripting (XSS) vulnerability in json.php in French ...)
+CVE-2014-8352
 	NOT-FOR-US: CookieViz
-CVE-2014-8351 (SQL injection vulnerability in info.php in French National Commission ...)
+CVE-2014-8351
 	NOT-FOR-US: CookieViz
-CVE-2014-8349 (Cross-site scripting (XSS) vulnerability in Liferay Portal Enterprise ...)
+CVE-2014-8349
 	NOT-FOR-US: Liferay Portal
 CVE-2014-8348
 	RESERVED
 CVE-2014-8347
 	RESERVED
-CVE-2014-8346 (The Remote Controls feature on Samsung mobile devices does not ...)
+CVE-2014-8346
 	NOT-FOR-US: Samsung mobile devices
 CVE-2014-8345
 	RESERVED
@@ -4955,33 +4955,33 @@ CVE-2014-8342
 	RESERVED
 CVE-2014-8341
 	RESERVED
-CVE-2014-8340 (SQL injection vulnerability in Php/Functions/log_function.php in ...)
+CVE-2014-8340
 	NOT-FOR-US: phpTrafficA
-CVE-2014-8339 (SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ...)
+CVE-2014-8339
 	NOT-FOR-US: Nuevolabs Nuevoplayer for clipshare
 CVE-2014-8338
 	RESERVED
 CVE-2014-8337
 	RESERVED
-CVE-2014-8336 (The &quot;Sql Run Query&quot; panel in WP-DBManager (aka Database Manager) ...)
+CVE-2014-8336
 	NOT-FOR-US: WP-DBManager plugin for WordPress
-CVE-2014-8335 ((1) wp-dbmanager.php and (2) database-manage.php in the WP-DBManager ...)
+CVE-2014-8335
 	NOT-FOR-US: WP-DBManager (aka Database Manager) plugin for WordPress
-CVE-2014-8334 (The WP-DBManager (aka Database Manager) plugin before 2.7.2 for ...)
+CVE-2014-8334
 	NOT-FOR-US: WordPress plugin wp-dbmanager
 CVE-2014-8332
 	RESERVED
-CVE-2014-8331 (Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei ...)
+CVE-2014-8331
 	NOT-FOR-US: Huawei HiLink
-CVE-2014-8330 (Cross-site scripting (XSS) vulnerability in EspoCRM allows remote ...)
+CVE-2014-8330
 	NOT-FOR-US: EspoCRM
-CVE-2014-8329 (Schrack Technik microControl with firmware before 1.7.0 (937) stores ...)
+CVE-2014-8329
 	NOT-FOR-US: Schrack Technik microControl
-CVE-2014-8324 (network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to ...)
+CVE-2014-8324
 	- aircrack-ng 1:1.2-0~beta3-2 (bug #767979)
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/pull/16
-CVE-2014-8323 (buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to ...)
+CVE-2014-8323
 	- aircrack-ng 1:1.2-0~beta3-2 (bug #767979)
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/pull/15
@@ -4995,25 +4995,25 @@ CVE-2014-8321 [GPS stack overflow]
 	- aircrack-ng 1:1.2-0~beta3-2 (bug #767979)
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/pull/13
-CVE-2014-8320 (Cross-site scripting (XSS) vulnerability in the Custom Search module ...)
+CVE-2014-8320
 	NOT-FOR-US: Drupal module Custom Search
-CVE-2014-8319 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2014-8319
 	NOT-FOR-US: Drupal module Easy Social
-CVE-2014-8318 (Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x ...)
+CVE-2014-8318
 	NOT-FOR-US: Drupal module Webform
-CVE-2014-8317 (Cross-site scripting (XSS) vulnerability in the Webform Validation ...)
+CVE-2014-8317
 	NOT-FOR-US: Drupal module Webform Validation
-CVE-2014-8350 (Smarty before 3.1.21 allows remote attackers to bypass the secure mode ...)
+CVE-2014-8350
 	{DLA-452-1}
 	- smarty3 3.1.21-1 (bug #765920)
 	- smarty <not-affected> (Only affects 3.x series)
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/smarty-php/smarty/commit/279bdbd3521cd717cae6a3ba48f1c3c6823f439d.patch
-CVE-2014-8399 (The default configuration in systemd-shim 8 enables the Abandon ...)
+CVE-2014-8399
 	- systemd-shim 8-4
 	NOTE: Fixed by: https://github.com/desrt/systemd-shim/commit/d2e91c118f6128875274a638007702d1cc665893
 	NOTE: with version 8-4 systemd-shim does not ship anymore a dbus policy, see https://bugs.debian.org/765101
-CVE-2014-8333 (The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows ...)
+CVE-2014-8333
 	- nova 2014.1.3-7
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	NOTE: versions affected up to to 2014.1.3
@@ -5022,52 +5022,52 @@ CVE-2014-8333 (The VMware driver in OpenStack Compute (Nova) before 2014.1.4 all
 CVE-2014-8328
 	RESERVED
 	NOT-FOR-US: TYPO3 extension dce
-CVE-2014-8327 (The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions ...)
+CVE-2014-8327
 	NOT-FOR-US: TYPO3 extension fal_sftp
-CVE-2014-8326 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2014-8326
 	- phpmyadmin 4:4.2.10.1-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
-CVE-2014-8325 (The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 ...)
+CVE-2014-8325
 	NOT-FOR-US: TYPO3 extension cal
-CVE-2014-8316 (XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP ...)
+CVE-2014-8316
 	NOT-FOR-US: SAP BusinessObjects Explorer
-CVE-2014-8315 (polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 ...)
+CVE-2014-8315
 	NOT-FOR-US: SAP BusinessObjects Explorer
-CVE-2014-8314 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA ...)
+CVE-2014-8314
 	NOT-FOR-US: SAP HANA
-CVE-2014-8313 (Eval injection in ide/core/base/server/net.xsjs in the Developer ...)
+CVE-2014-8313
 	NOT-FOR-US: SAP HANA
-CVE-2014-8312 (Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote ...)
+CVE-2014-8312
 	NOT-FOR-US: SAP Netweaver AS ABAP
-CVE-2014-8311 (SAP BusinessObjects Edge 4.0 allows remote attackers to obtain ...)
+CVE-2014-8311
 	NOT-FOR-US: SAP BusinessObjects Edge
-CVE-2014-8310 (The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows ...)
+CVE-2014-8310
 	NOT-FOR-US: SAP BusinessObjects BI Edge
-CVE-2014-8309 (SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 ...)
+CVE-2014-8309
 	NOT-FOR-US: SAP
-CVE-2014-8308 (Cross-site scripting (XSS) vulnerability in the Send to Inbox ...)
+CVE-2014-8308
 	NOT-FOR-US: SAP BusinessObjects BI EDGE
-CVE-2014-8307 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-8307
 	NOT-FOR-US: C97net Cart Engine
-CVE-2014-8306 (SQL injection vulnerability in the sql_query function in cart.php in ...)
+CVE-2014-8306
 	NOT-FOR-US: C97net Cart Engine
-CVE-2014-8305 (Open redirect vulnerability in the redir function in ...)
+CVE-2014-8305
 	NOT-FOR-US: C97net Cart Engine
-CVE-2014-8304 (Cross-site scripting (XSS) vulnerability in In-Portal CMS 5.2.0 and ...)
+CVE-2014-8304
 	NOT-FOR-US: In-Portal
-CVE-2014-8303 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2014-8303
 	NOT-FOR-US: Splunk Web
-CVE-2014-8302 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2014-8302
 	NOT-FOR-US: Splunk Web
-CVE-2014-8301 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2014-8301
 	NOT-FOR-US: Splunk Web
 CVE-2014-8300
 	RESERVED
 CVE-2014-8299
 	RESERVED
-CVE-2014-8298 (The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before ...)
+CVE-2014-8298
 	- nvidia-graphics-drivers 340.65-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -5080,38 +5080,38 @@ CVE-2014-8298 (The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x bef
 	[squeeze] - nvidia-graphics-drivers-legacy-96xx <no-dsa> (Non-free not supported)
 CVE-2014-8297
 	RESERVED
-CVE-2014-8296 (Cross-site scripting (XSS) vulnerability in the Modal Frame API module ...)
+CVE-2014-8296
 	NOT-FOR-US: Drupal module Modal Frame API
 CVE-2014-XXXX [freecad downloads and executes code]
 	- freecad 0.14.3702+dfsg-3 (bug #764814)
 	[squeeze] - freecad <not-affected> (Problematic code not present)
 	NOTE: http://freecadweb.org/tracker/view.php?id=1785
-CVE-2014-8295 (SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows ...)
+CVE-2014-8295
 	NOT-FOR-US: Bacula-Web
 	NOTE: Bacula-Web is not part of bacula itself and not ITP #656891
-CVE-2014-8294 (Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests ...)
+CVE-2014-8294
 	NOT-FOR-US: Voice Of Web AllMyGuests
-CVE-2014-8293 (Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests ...)
+CVE-2014-8293
 	NOT-FOR-US: Voice Of Web AllMyGuests
-CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP ...)
+CVE-2014-8764
 	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	[jessie] - dokuwiki <not-affected> (PHP 5.6 in jessie fixes this on the PHP level, see #766545)
 	NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
-CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP ...)
+CVE-2014-8763
 	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	[jessie] - dokuwiki <not-affected> (PHP 5.6 in jessie fixes this on the PHP level, see #766545)
 	NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
-CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows ...)
+CVE-2014-8762
 	{DSA-3059-1}
 	- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
-CVE-2014-8761 (inc/template.php in DokuWiki before 2014-05-05a only checks for access ...)
+CVE-2014-8761
 	{DSA-3059-1}
 	- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
-CVE-2014-8760 (ejabberd before 2.1.13 does not enforce the starttls_required setting ...)
+CVE-2014-8760
 	{DLA-881-1}
 	- ejabberd 14.07-3 (low; bug #767535)
 	[squeeze] - ejabberd <no-dsa> (Minor issue)
@@ -5119,35 +5119,35 @@ CVE-2014-8760 (ejabberd before 2.1.13 does not enforce the starttls_required set
 	NOTE: Patch https://github.com/processone/ejabberd/commit/7bdc1151b
 CVE-2014-8759
 	RESERVED
-CVE-2014-8758 (Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin ...)
+CVE-2014-8758
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-8757 (LG On-Screen Phone (OSP) before 4.3.010 allows remote attackers to ...)
+CVE-2014-8757
 	NOT-FOR-US: LG On-Screen Phone
-CVE-2014-8756 (The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder ...)
+CVE-2014-8756
 	NOT-FOR-US: Panasonic Network Camera
-CVE-2014-8755 (Panasonic Network Camera View 3 and 4 allows remote attackers to ...)
+CVE-2014-8755
 	NOT-FOR-US: Panasonic Network Camera
-CVE-2014-8754 (Open redirect vulnerability in track-click.php in the Ad-Manager ...)
+CVE-2014-8754
 	NOT-FOR-US: WordPress plugin ad-manager-for-wp
-CVE-2014-8753 (Multiple cross-site scripting (XSS) vulnerabilities in Cit-e-Net ...)
+CVE-2014-8753
 	NOT-FOR-US: Cit-e-Net
-CVE-2014-8752 (Multiple cross-site scripting (XSS) vulnerabilities in view.php in ...)
+CVE-2014-8752
 	NOT-FOR-US: JCE-Tech PHP Video Script
-CVE-2014-8751 (Multiple cross-site scripting (XSS) vulnerabilities in goYWP WebPress ...)
+CVE-2014-8751
 	NOT-FOR-US: goYWP WebPress
-CVE-2014-8749 (Server-side request forgery (SSRF) vulnerability in ...)
+CVE-2014-8749
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2014-8748 (Cross-site scripting (XSS) vulnerability in the Google Doubleclick for ...)
+CVE-2014-8748
 	NOT-FOR-US: Drupal module Google Doubleclick for Publishers
-CVE-2014-8747 (Cross-site scripting (XSS) vulnerability in the Drupal Commons module ...)
+CVE-2014-8747
 	NOT-FOR-US: Drupal module Drupal Commons
-CVE-2014-8746 (Cross-site scripting (XSS) vulnerability in the Skeleton theme 7.x-1.2 ...)
+CVE-2014-8746
 	NOT-FOR-US: Drupal theme Skeleton
-CVE-2014-8745 (Cross-site scripting (XSS) vulnerability in the Custom Search module ...)
+CVE-2014-8745
 	NOT-FOR-US: Drupal module Custom Search
-CVE-2014-8744 (Cross-site scripting (XSS) vulnerability in the Nivo Slider module ...)
+CVE-2014-8744
 	NOT-FOR-US: Drupal module Nivo Slider
-CVE-2014-8743 (Multiple cross-site scripting (XSS) vulnerabilities in the Maestro ...)
+CVE-2014-8743
 	NOT-FOR-US: Drupal module Maestro
 CVE-2014-8292
 	REJECTED
@@ -5183,7 +5183,7 @@ CVE-2014-8277
 	REJECTED
 CVE-2014-8276
 	REJECTED
-CVE-2014-8275 (OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k ...)
+CVE-2014-8275
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=86edf13b1c97526c0cf63c37342aaa01f5442688
@@ -5194,20 +5194,20 @@ CVE-2014-8274
 	RESERVED
 CVE-2014-8273
 	RESERVED
-CVE-2014-8272 (The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 ...)
+CVE-2014-8272
 	NOT-FOR-US: Dell iDRAC6
 CVE-2014-8271
 	RESERVED
 	NOT-FOR-US: uefi
-CVE-2014-8270 (BMC Track-It! 11.3 allows remote attackers to gain privileges and ...)
+CVE-2014-8270
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-8269 (Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) ...)
+CVE-2014-8269
 	NOT-FOR-US: Honeywell OPOS Suite
-CVE-2014-8268 (QPR Portal before 2012.2.1 allows remote attackers to modify or delete ...)
+CVE-2014-8268
 	NOT-FOR-US: QPR Portal
-CVE-2014-8267 (Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and ...)
+CVE-2014-8267
 	NOT-FOR-US: QPR Portal
-CVE-2014-8266 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-8266
 	NOT-FOR-US: QPR Portal
 CVE-2014-8265
 	RESERVED
@@ -5243,17 +5243,17 @@ CVE-2014-8250
 	RESERVED
 CVE-2014-8249
 	RESERVED
-CVE-2014-8248 (SQL injection vulnerability in CA Release Automation (formerly iTKO ...)
+CVE-2014-8248
 	NOT-FOR-US: CA Release Automation
-CVE-2014-8247 (Cross-site scripting (XSS) vulnerability in CA Release Automation ...)
+CVE-2014-8247
 	NOT-FOR-US: CA Release Automation
-CVE-2014-8246 (Cross-site request forgery (CSRF) vulnerability in CA Release ...)
+CVE-2014-8246
 	NOT-FOR-US: CA Release Automation
 CVE-2014-8245
 	RESERVED
-CVE-2014-8244 (Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before ...)
+CVE-2014-8244
 	NOT-FOR-US: Linksys SMART WiFi
-CVE-2014-8243 (Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before ...)
+CVE-2014-8243
 	NOT-FOR-US: Linksys SMART WiFi
 CVE-2014-8239
 	REJECTED
@@ -5389,7 +5389,7 @@ CVE-2014-8182 [crash in ldap_domain2hostlist when processing SRV records]
 CVE-2014-8181 [scsi: do not fill dirty page content in the SG_IO buffer]
 	RESERVED
 	- linux <not-affected> (Specific to RHEL 7)
-CVE-2014-8180 (MongoDB on Red Hat Satellite 6 allows local users to bypass ...)
+CVE-2014-8180
 	NOT-FOR-US: Red Hat Satellite
 CVE-2014-8179
 	RESERVED
@@ -5397,58 +5397,58 @@ CVE-2014-8179
 CVE-2014-8178
 	RESERVED
 	- docker.io 1.8.3~ds1-1
-CVE-2014-8177 (The Red Hat gluster-swift package, as used in Red Hat Gluster Storage ...)
+CVE-2014-8177
 	NOT-FOR-US: gluster-swift
-CVE-2014-8176 (The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before ...)
+CVE-2014-8176
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.1h-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2014-8175 (Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to ...)
+CVE-2014-8175
 	NOT-FOR-US: JBoss Fuse
-CVE-2014-8174 (eDeploy makes it easier for remote attackers to execute arbitrary code ...)
+CVE-2014-8174
 	- edeploy <itp> (bug #717664)
-CVE-2014-8173 (The pmd_none_or_trans_huge_or_clear_bad function in ...)
+CVE-2014-8173
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (Introduced in 3.10 with 1998cc048901)
 	- linux-2.6 <not-affected> (Introduced in 3.10 with 1998cc048901)
 	NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee53664bda169f519ce3c6a22d378f0b946c8178 (v3.13-rc5)
-CVE-2014-8172 (The filesystem implementation in the Linux kernel before 3.13 performs ...)
+CVE-2014-8172
 	- linux 3.13.4-1
 	[wheezy] - linux <no-dsa> (Too intrusive to backport)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eee5cc2702929fd41cce28058dc6d6717f723f87 (v3.13-rc1)
-CVE-2014-8171 (The memory resource controller (aka memcg) in the Linux kernel allows ...)
+CVE-2014-8171
 	- linux 3.12.6-1
 	[wheezy] - linux <no-dsa> (Too difficult and risky to backport)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too difficult and risky to backport)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3812c8c8f3953921ef18544110dafc3505c1ac62 (v3.12-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4942642080ea82d99ab5b653abb9a12b7ba31f4a (v3.12-rc6)
-CVE-2014-8170 (ovirt_safe_delete_config in ovirtfunctions.py and other unspecified ...)
+CVE-2014-8170
 	- ovirt-node <itp> (bug #502024)
-CVE-2014-8169 (automount 5.0.8, when a program map uses certain interpreted ...)
+CVE-2014-8169
 	- autofs 5.0.8-2 (bug #779591)
 	[wheezy] - autofs <not-affected> (Vulnerable code introduced in 5.0.8)
 	- autofs5 <not-affected> (Vulnerable code introduced in 5.0.8)
-CVE-2014-8168 (Red Hat Satellite 6 allows local users to access mongod and delete ...)
+CVE-2014-8168
 	NOT-FOR-US: Red Hat Satellite
 CVE-2014-8167
 	RESERVED
 	NOT-FOR-US: Red Hat vdms and vdsclient
-CVE-2014-8166 (The browsing feature in the server in CUPS does not filter ANSI escape ...)
+CVE-2014-8166
 	- cups <unfixed> (unimportant)
 	NOTE: Patch: https://bugzilla.redhat.com/attachment.cgi?id=916761
 	NOTE: Terminal emulators need to perform proper escaping
-CVE-2014-8165 (scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the ...)
+CVE-2014-8165
 	- powerpc-utils <not-affected> (Vulnerable code not present)
 	NOTE: http://sourceforge.net/p/powerpc-utils/mailman/message/32884230
 CVE-2014-8164
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2014-8163 (Directory traversal vulnerability in the XMLRPC interface in Red Hat ...)
+CVE-2014-8163
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-8162 (XML external entity (XXE) in the RPC interface in Spacewalk and Red ...)
+CVE-2014-8162
 	NOT-FOR-US: Red Hat Satellite
 CVE-2014-8161
 	RESERVED
@@ -5457,25 +5457,25 @@ CVE-2014-8161
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
-CVE-2014-8160 (net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before ...)
+CVE-2014-8160
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db29a9508a9246e77087c5531e45b2c88ec6988b (v3.18-rc1)
 	NOTE: http://www.spinics.net/lists/netfilter-devel/msg33430.html
-CVE-2014-8159 (The InfiniBand (IB) implementation in the Linux kernel package before ...)
+CVE-2014-8159
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
-CVE-2014-8158 (Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 ...)
+CVE-2014-8158
 	{DSA-3138-1 DLA-138-1}
 	- jasper 1.900.1-debian1-2.4 (bug #775970)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-001.html
-CVE-2014-8157 (Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 ...)
+CVE-2014-8157
 	{DSA-3138-1 DLA-138-1}
 	- jasper 1.900.1-debian1-2.4 (bug #775970)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-001.html
-CVE-2014-8156 (The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in ...)
+CVE-2014-8156
 	- fso-deviced 0.12.0-5
 	[wheezy] - fso-deviced <no-dsa> (Minor issue)
 	- fso-datad 0.12.0-3
@@ -5491,12 +5491,12 @@ CVE-2014-8156 (The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in
 	- phonefsod 0.1+git20121018-2
 	[wheezy] - phonefsod <no-dsa> (Minor issue)
 	[squeeze] - phonefsod <no-dsa> (Minor issue)
-CVE-2014-8155 (GnuTLS before 2.9.10 does not verify the activation and expiration ...)
+CVE-2014-8155
 	{DLA-180-1}
 	- gnutls26 2.9.10-1
 	- gnutls28 <not-affected> (Initial version 3.0.0-1 already contained the check based on 2.9.10)
 	NOTE: Fixed by: https://gitlab.com/gnutls/gnutls/commit/897cbce62c0263a498088ac3e465aa5f05f8719c
-CVE-2014-8154 (The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect ...)
+CVE-2014-8154
 	- vala-0.26 0.26.1-1.1 (bug #775913)
 	- vala-0.16 <not-affected> (MapInfo not yet present)
 	- vala-0.14 <not-affected> (MapInfo not yet present)
@@ -5505,24 +5505,24 @@ CVE-2014-8154 (The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorr
 	NOTE: https://git.gnome.org/browse/vala/commit/?id=3092537db65887e24a3d3e87a27caf9c5295e4f7
 	NOTE: Binaries with buggy bindings package that use Gst.MapInfo() function
 	NOTE: are affected as well and need to be rebuilt, shotwell, rygel, ...
-CVE-2014-8153 (The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using ...)
+CVE-2014-8153
 	- neutron <not-affected> (Affects neutron 2014.2 up to 2014.2.1)
-CVE-2014-8152 (Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows ...)
+CVE-2014-8152
 	- libxml-security-java <not-affected> (streaming XML Signature support introduced in 2.0.0)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1634334
 	NOTE: http://santuario.apache.org/secadv.data/CVE-2014-8152.txt.asc
-CVE-2014-8151 (The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in ...)
+CVE-2014-8151
 	- curl <not-affected> (Only relevant when building with darwinssl/Mac OS X)
 	NOTE: http://curl.haxx.se/docs/adv_20150108A.html
-CVE-2014-8150 (CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, ...)
+CVE-2014-8150
 	{DSA-3122-1 DLA-134-1}
 	- curl 7.38.0-4
 	NOTE: http://curl.haxx.se/docs/adv_20150108B.html
-CVE-2014-8149 (OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated ...)
+CVE-2014-8149
 	NOT-FOR-US: OpenDaylight
-CVE-2014-8148 (The default D-Bus access control rule in Midgard2 10.05.7.1 allows ...)
+CVE-2014-8148
 	- midgard2-core <removed> (bug #774630)
-CVE-2014-8147 (The resolveImplicitLevels function in common/ubidi.c in the Unicode ...)
+CVE-2014-8147
 	{DSA-3323-1}
 	- icu 52.1-9 (bug #784773)
 	[wheezy] - icu <not-affected> (Vulnerable code not present)
@@ -5532,7 +5532,7 @@ CVE-2014-8147 (The resolveImplicitLevels function in common/ubidi.c in the Unico
 	[wheezy] - chromium-browser <not-affected> (Vulnerable code not present)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37080
-CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unicode ...)
+CVE-2014-8146
 	{DSA-3323-1}
 	- icu 52.1-9 (bug #784773)
 	[wheezy] - icu <not-affected> (Vulnerable code not present)
@@ -5542,22 +5542,22 @@ CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unico
 	[wheezy] - chromium-browser <not-affected> (Vulnerable code not present)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37162
-CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...)
+CVE-2014-8145
 	{DSA-3112-1 DLA-1687-1 DLA-128-1}
 	- sox 14.4.2-2 (bug #773720)
 	[stretch] - sox 14.4.1-5+deb9u1
 	NOTE: The two needed patches were added in 14.4.1-5 but not to the series file
 	NOTE: so the patches got not applied during build.
-CVE-2014-8144 (Cross-site request forgery (CSRF) vulnerability in doorkeeper before ...)
+CVE-2014-8144
 	NOT-FOR-US: doorkeeper OAuth provider
-CVE-2014-8143 (Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before ...)
+CVE-2014-8143
 	- samba 2:4.1.17+dfsg-1 (bug #776993)
 	[wheezy] - samba <not-affected> (Only affects 4.0 and later)
 	[squeeze] - samba <not-affected> (Only affects 4.0 and later)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2014-8143
-CVE-2014-8142 (Use-after-free vulnerability in the process_nested_data function in ...)
+CVE-2014-8142
 	{DSA-3117-1}
 	- php5 5.6.5+dfsg-1 (unimportant)
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9
@@ -5575,42 +5575,42 @@ CVE-2014-8139 [CRC32 heap overflow]
 	RESERVED
 	{DSA-3113-1 DLA-150-1 DLA-124-1}
 	- unzip 6.0-16 (bug #773722)
-CVE-2014-8138 (Heap-based buffer overflow in the jp2_decode function in JasPer ...)
+CVE-2014-8138
 	{DSA-3106-1 DLA-121-1}
 	- jasper 1.900.1-debian1-2.3 (bug #773463)
-CVE-2014-8137 (Double free vulnerability in the jas_iccattrval_destroy function in ...)
+CVE-2014-8137
 	{DSA-3106-1 DLA-121-1}
 	- jasper 1.900.1-debian1-2.3 (bug #773463)
-CVE-2014-8136 (The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 ...)
+CVE-2014-8136
 	- libvirt 1.2.9-7 (bug #773856)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream commit: http://libvirt.org/git/?p=libvirt.git;a=commit;h=2bdcd29c713dfedd813c89f56ae98f6f3898313d (v1.2.11-rc2)
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=abf75aea247e (v1.1.0-rc1)
-CVE-2014-8135 (The storageVolUpload function in storage/storage_driver.c in libvirt ...)
+CVE-2014-8135
 	- libvirt 1.2.9-7 (bug #773855)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=87b9437f8951f9d24f9a85c6bbfff0e54df8c984 (v1.2.11-rc1)
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=4a85bf3e2fa703fdc14e8c49d5017ef04832a1d7 (v1.2.8-rc1)
-CVE-2014-8134 (The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux ...)
+CVE-2014-8134
 	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
 	NOTE: http://www.spinics.net/lists/kvm/msg111458.html
-CVE-2014-8133 (arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation ...)
+CVE-2014-8133
 	{DSA-3128-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
-CVE-2014-8132 (Double free vulnerability in the ssh_packet_kexinit function in kex.c ...)
+CVE-2014-8132
 	- libssh 0.6.3-4 (bug #773577)
 	[wheezy] - libssh 0.5.4-1+deb7u3
 	[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
 	NOTE: http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
 	NOTE: Upstream patch: http://git.libssh.org/projects/libssh.git/commit/?id=c2aed4ca78030d9014a890cb4370e6dc8264823f
-CVE-2014-8131 (The qemu implementation of virConnectGetAllDomainStats in libvirt ...)
+CVE-2014-8131
 	- libvirt 1.2.9-7 (bug #773858)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -5618,13 +5618,13 @@ CVE-2014-8131 (The qemu implementation of virConnectGetAllDomainStats in libvirt
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commit;h=1f4831ee (v1.2.9-rc1)
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-December/msg00551.html
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-December/msg00600.html
-CVE-2014-8130 (The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not ...)
+CVE-2014-8130
 	- tiff <unfixed> (unimportant; bug #776185)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2483
 	NOTE: Crash in a frontend tool w/o potential for code injection, marked as unimportant
-CVE-2014-8129 (LibTIFF 4.0.3 allows remote attackers to cause a denial of service ...)
+CVE-2014-8129
 	{DSA-3273-1 DLA-610-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #776185)
 	- tiff3 <removed>
@@ -5647,7 +5647,7 @@ CVE-2014-8128 [out-of-bounds write]
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2499 (thumbnail and tiffcmp) [not fixed yet in CVS HEAD]
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2501 (tiffdither)
 	NOTE: The tiff3 source package doesn't build the TIFF tools, but most of these bugs are in the library
-CVE-2014-8127 (LibTIFF 4.0.3 allows remote attackers to cause a denial of service ...)
+CVE-2014-8127
 	{DSA-3273-1}
 	- tiff 4.0.6-3 (unimportant; bug #776185)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
@@ -5670,16 +5670,16 @@ CVE-2014-8126 [mailx invocation enables code execution as condor user]
 	NOTE: https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=41878
 	NOTE: https://github.com/htcondor/htcondor/commit/e891cea9970496aac74caf72604475a2b7e6a0ca.patch
 	NOTE: https://github.com/htcondor/htcondor/commit/aebc6b0492acdc8b21b39ba22e33661752c2c37d.patch
-CVE-2014-8125 (XML external entity (XXE) vulnerability in Drools and jBPM before ...)
+CVE-2014-8125
 	NOT-FOR-US: jBPM
-CVE-2014-8124 (OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before ...)
+CVE-2014-8124
 	- horizon 2014.1.3-6 (bug #772710)
 	[wheezy] - horizon <no-dsa> (Minor issue)
 	- python-django-openstack-auth 1.1.6-5 (bug #772712)
 	NOTE: up to 2014.1.3 and 2014.2 version up to 2014.2.1
-CVE-2014-8122 (Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 ...)
+CVE-2014-8122
 	NOT-FOR-US: JBoss Weld
-CVE-2014-8121 (DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in ...)
+CVE-2014-8121
 	{DSA-3480-1 DLA-316-1}
 	- glibc 2.21-1 (low; bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
@@ -5687,9 +5687,9 @@ CVE-2014-8121 (DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NS
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	NOTE: Patch: https://sourceware.org/git/?p=glibc.git;a=commit;h=03d2730b44cc2236318fd978afa2651753666c55
-CVE-2014-8120 (The agent in Thermostat before 1.0.6, when using unspecified ...)
+CVE-2014-8120
 	NOT-FOR-US: Thermostat Hotspot instrumentation
-CVE-2014-8119 (The find_ifcfg_path function in netcf before 0.2.7 might allow ...)
+CVE-2014-8119
 	- netcf <not-affected> (suse and redhat driver are not built on Debian)
 	NOTE: Issue is in the way the netcf's find_ifcfg_path() function processed
 	NOTE: certain XPath expressions according to Red Hat bugzilla.
@@ -5699,18 +5699,18 @@ CVE-2014-8119 (The find_ifcfg_path function in netcf before 0.2.7 might allow ..
 	NOTE: https://www.redhat.com/archives/augeas-devel/2014-December/msg00000.html
 	NOTE: The affected code is only in drv_redhat.c and drv_suse.c and the Debian
 	NOTE: build not affected.
-CVE-2014-8118 (Integer overflow in RPM 4.12 and earlier allows remote attackers to ...)
+CVE-2014-8118
 	{DSA-3129-1 DLA-140-1}
 	- rpm 4.11.3-1.1 (bug #773101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1168715
-CVE-2014-8117 (softmagic.c in file before 5.21 does not properly limit recursion, ...)
+CVE-2014-8117
 	{DSA-3121-1 DSA-2868-1 DLA-145-1 DLA-131-1}
 	- file 1:5.21+15-1 (low; bug #773148)
 	- php5 5.6.4+dfsg-2
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
 	NOTE: https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c
 	NOTE: Other commits needed as well: http://www.openwall.com/lists/oss-security/2014/12/16/2
-CVE-2014-8116 (The ELF parser (readelf.c) in file before 5.21 allows remote attackers ...)
+CVE-2014-8116
 	{DSA-3121-1 DLA-131-1}
 	- file 1:5.21+15-1 (low; bug #773148)
 	- php5 5.6.4+dfsg-2
@@ -5720,82 +5720,82 @@ CVE-2014-8116 (The ELF parser (readelf.c) in file before 5.21 allows remote atta
 	NOTE: https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b
 	NOTE: https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6
 	NOTE: Other commits needed as well: http://www.openwall.com/lists/oss-security/2014/12/16/2
-CVE-2014-8115 (The default authorization constrains in KIE Workbench 6.0.x allows ...)
+CVE-2014-8115
 	NOT-FOR-US: KIE Workbench
-CVE-2014-8114 (The UberFire Framework 0.3.x does not properly restrict paths, which ...)
+CVE-2014-8114
 	NOT-FOR-US: UberFire Framework
 CVE-2014-8113
 	RESERVED
-CVE-2014-8112 (389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x ...)
+CVE-2014-8112
 	- 389-ds-base 1.3.3.5-4 (bug #779909)
-CVE-2014-8111 (Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount ...)
+CVE-2014-8111
 	{DSA-3278-1 DLA-240-1}
 	- libapache-mod-jk 1:1.2.40+svn150520-1 (bug #783233)
 	NOTE: Fix: http://svn.apache.org/r1647017
-CVE-2014-8110 (Multiple cross-site scripting (XSS) vulnerabilities in the web based ...)
+CVE-2014-8110
 	- activemq <not-affected> (Admin console not enabled in the Debian package, see #702670)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt
-CVE-2014-8109 (mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and ...)
+CVE-2014-8109
 	- apache2 2.4.10-9
 	[wheezy] - apache2 <not-affected> (mod_lua only in 2.4)
 	[squeeze] - apache2 <not-affected> (mod_lua only in 2.4)
-CVE-2014-8108 (The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x ...)
+CVE-2014-8108
 	- subversion 1.8.10-5 (bug #773315)
 	[wheezy] - subversion <not-affected> (Introduced in 1.7.0)
 	[squeeze] - subversion <not-affected> (Introduced in 1.7.0)
 	NOTE: http://subversion.apache.org/security/CVE-2014-8108-advisory.txt
 CVE-2014-8107
 	REJECTED
-CVE-2014-8106 (Heap-based buffer overflow in the Cirrus VGA emulator ...)
+CVE-2014-8106
 	{DSA-3088-1 DSA-3087-1}
 	- qemu 2.1+dfsg-9 (bug #772025)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2014-12/msg00508.html
-CVE-2014-8105 (389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does ...)
+CVE-2014-8105
 	- 389-ds-base 1.3.3.5-4 (bug #779909)
-CVE-2014-8103 (X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x ...)
+CVE-2014-8103
 	- xorg-server 2:1.16.2.901-1
 	[wheezy] - xorg-server <not-affected> (Introduced in 1.15.0)
 	[squeeze] - xorg-server <not-affected> (Introduced in 1.15.0)
-CVE-2014-8102 (The SProcXFixesSelectSelectionInput function in the XFixes extension ...)
+CVE-2014-8102
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8101 (The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 ...)
+CVE-2014-8101
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8100 (The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 ...)
+CVE-2014-8100
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8099 (The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 ...)
+CVE-2014-8099
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8098 (The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) ...)
+CVE-2014-8098
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8097 (The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and ...)
+CVE-2014-8097
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8096 (The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X ...)
+CVE-2014-8096
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8095 (The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and ...)
+CVE-2014-8095
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8094 (Integer overflow in the ProcDRI2GetBuffers function in the DRI2 ...)
+CVE-2014-8094
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8093 (Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org ...)
+CVE-2014-8093
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8092 (Multiple integer overflows in X.Org X Window System (aka X11 or X) ...)
+CVE-2014-8092
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8091 (X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka ...)
+CVE-2014-8091
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8090 (The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x ...)
+CVE-2014-8090
 	{DSA-3159-1 DSA-3157-1 DLA-200-1 DLA-88-1}
 	- ruby1.8 <not-affected> (Incomplete fix never relesed for 1.9)
 	- ruby1.9.1 <not-affected> (Incomplete fix never relesed for 1.9)
@@ -5803,19 +5803,19 @@ CVE-2014-8090 (The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x
 	- ruby2.1 2.1.5-1 (bug #770932)
 	NOTE: For the incomplete fix for CVE-2014-8080
 	NOTE: https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
-CVE-2014-8087 (Cross-site scripting (XSS) vulnerability in the post highlights plugin ...)
+CVE-2014-8087
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-8085 (Unrestricted file upload vulnerability in the CWebContact::doModel ...)
+CVE-2014-8085
 	NOT-FOR-US: OsClass
-CVE-2014-8084 (Directory traversal vulnerability in ...)
+CVE-2014-8084
 	NOT-FOR-US: OsClass
-CVE-2014-8083 (SQL injection vulnerability in the Search::setJsonAlert method in ...)
+CVE-2014-8083
 	NOT-FOR-US: OsClass
-CVE-2014-8082 (lib/functions/database.class.php in TestLink before 1.9.13 allows ...)
+CVE-2014-8082
 	NOT-FOR-US: TestLink
-CVE-2014-8081 (lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote ...)
+CVE-2014-8081
 	NOT-FOR-US: TestLink
-CVE-2014-8080 (The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before ...)
+CVE-2014-8080
 	{DSA-3159-1 DSA-3157-1 DLA-200-1 DLA-88-1}
 	- ruby1.8 <removed>
 	- ruby1.9.1 <removed>
@@ -5823,21 +5823,21 @@ CVE-2014-8080 (The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before ..
 	- ruby2.1 2.1.4-1
 	NOTE: https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080/
 	NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/?pathrev=48161
-CVE-2014-8079 (Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x ...)
+CVE-2014-8079
 	NOT-FOR-US: Drupal theme MAYO
-CVE-2014-8078 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, ...)
+CVE-2014-8078
 	NOT-FOR-US: Drupal module Print
-CVE-2014-8077 (Cross-site scripting (XSS) vulnerability in the NewsFlash theme ...)
+CVE-2014-8077
 	NOT-FOR-US: Drupal theme NewsFlash
-CVE-2014-8076 (Cross-site scripting (XSS) vulnerability in the Professional theme 7.x ...)
+CVE-2014-8076
 	NOT-FOR-US: Drupal theme Professional
-CVE-2014-8075 (Cross-site scripting (XSS) vulnerability in the Tribune module 6.x-1.x ...)
+CVE-2014-8075
 	NOT-FOR-US: Drupal theme Tribune
-CVE-2014-8766 (Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow ...)
+CVE-2014-8766
 	NOT-FOR-US: Allomani Weblinks
-CVE-2014-8765 (Multiple cross-site scripting (XSS) vulnerabilities in the Project ...)
+CVE-2014-8765
 	NOT-FOR-US: Drupal module Project Issue File Review
-CVE-2014-8750 (Race condition in the VMware driver in OpenStack Compute (Nova) before ...)
+CVE-2014-8750
 	- nova <not-affected> (ESX driver not enabled in libvirt)
 	NOTE: https://launchpad.net/bugs/1357372
 CVE-2014-XXXX [rsync collision attack]
@@ -5849,7 +5849,7 @@ CVE-2014-XXXX [rsync collision attack]
 	NOTE: https://github.com/therealmik/rsync-collision
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=eac858085e3ac94ec0ab5061d11f52652c90a869
 	NOTE: https://lists.samba.org/archive/rsync/2015-May/030123.html
-CVE-2014-8242 (librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, ...)
+CVE-2014-8242
 	[experimental] - librsync 1.0.0-1~exp1
 	- librsync <unfixed> (low; bug #776246)
 	[buster] - librsync <no-dsa> (Minor issue, too instrusive to backport)
@@ -5857,15 +5857,15 @@ CVE-2014-8242 (librsync before 1.0.0 uses a truncated MD4 checksum to match bloc
 	[jessie] - librsync <no-dsa> (Minor issue, too instrusive to backport)
 	[wheezy] - librsync <no-dsa> (Minor issue, too instrusive to backport)
 	[squeeze] - librsync <no-dsa> (Minor issue, too instrusive to backport)
-CVE-2014-8241 (XRegion in TigerVNC allows remote VNC servers to cause a denial of ...)
+CVE-2014-8241
 	- tigervnc 1.7.0-2 (bug #849478)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151312
 	NOTE: Patch applied in Red Hat https://bugzilla.redhat.com/attachment.cgi?id=946490
-CVE-2014-8240 (Integer overflow in TigerVNC allows remote VNC servers to cause a ...)
+CVE-2014-8240
 	- tigervnc 1.7.0-1 (bug #849479)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151307
 	NOTE: Patch https://bugzilla.redhat.com/attachment.cgi?id=947578 is not applied
-CVE-2014-8086 (Race condition in the ext4_file_write_iter function in fs/ext4/file.c ...)
+CVE-2014-8086
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
@@ -5875,23 +5875,23 @@ CVE-2014-8089 [ZF2014-06: SQL injection vector when manually quoting values for
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.9+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-06
-CVE-2014-8088 (The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap ...)
+CVE-2014-8088
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.9+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-05
-CVE-2014-8074 (Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 ...)
+CVE-2014-8074
 	NOT-FOR-US: Foxit PDF SDK
-CVE-2014-8073 (Cross-site request forgery (CSRF) vulnerability in OpenMRS 2.1 ...)
+CVE-2014-8073
 	NOT-FOR-US: OpenMRS
-CVE-2014-8072 (The administration module in OpenMRS 2.1 Standalone Edition allows ...)
+CVE-2014-8072
 	NOT-FOR-US: OpenMRS
-CVE-2014-8071 (Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 ...)
+CVE-2014-8071
 	NOT-FOR-US: OpenMRS
-CVE-2014-8070 (Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows ...)
+CVE-2014-8070
 	NOT-FOR-US: YOOtheme Pagekit CMS
-CVE-2014-8069 (Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme ...)
+CVE-2014-8069
 	NOT-FOR-US: YOOtheme Pagekit CMS
-CVE-2014-8068 (Adobe Digital Editions (DE) 4 does not use encryption for transmission ...)
+CVE-2014-8068
 	NOT-FOR-US: Adobe Digital Editions
 CVE-2014-8067
 	REJECTED
@@ -5955,123 +5955,123 @@ CVE-2014-8038
 	REJECTED
 CVE-2014-8037
 	RESERVED
-CVE-2014-8036 (The outlookpa component in Cisco WebEx Meetings Server does not ...)
+CVE-2014-8036
 	NOT-FOR-US: Cisco
-CVE-2014-8035 (The web framework in Cisco WebEx Meetings Server produces different ...)
+CVE-2014-8035
 	NOT-FOR-US: Cisco
-CVE-2014-8034 (Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge ...)
+CVE-2014-8034
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-8033 (The play/modules component in Cisco WebEx Meetings Server allows ...)
+CVE-2014-8033
 	NOT-FOR-US: Cisco
-CVE-2014-8032 (The OutlookAction LI in Cisco WebEx Meetings Server allows remote ...)
+CVE-2014-8032
 	NOT-FOR-US: Cisco
-CVE-2014-8031 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
+CVE-2014-8031
 	NOT-FOR-US: Cisco
-CVE-2014-8030 (Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco ...)
+CVE-2014-8030
 	NOT-FOR-US: Cisco
-CVE-2014-8029 (Open redirect vulnerability in the web interface in Cisco Secure ...)
+CVE-2014-8029
 	NOT-FOR-US: Cisco
-CVE-2014-8028 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2014-8028
 	NOT-FOR-US: Cisco
-CVE-2014-8027 (The RBAC component in Cisco Secure Access Control System (ACS) allows ...)
+CVE-2014-8027
 	NOT-FOR-US: Cisco
-CVE-2014-8026 (Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco ...)
+CVE-2014-8026
 	NOT-FOR-US: Cisco
-CVE-2014-8025 (The API in the Guest Server in Cisco Jabber, when HTML5 is used, ...)
+CVE-2014-8025
 	NOT-FOR-US: Cisco
-CVE-2014-8024 (The API in the Guest Server in Cisco Jabber, when the HTML5 CORS ...)
+CVE-2014-8024
 	NOT-FOR-US: Cisco
-CVE-2014-8023 (Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, ...)
+CVE-2014-8023
 	NOT-FOR-US: Cisco
-CVE-2014-8022 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Identity ...)
+CVE-2014-8022
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-8021 (Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure ...)
+CVE-2014-8021
 	NOT-FOR-US: Cisco
-CVE-2014-8020 (Cisco Unified Communication Domain Manager Platform Software allows ...)
+CVE-2014-8020
 	NOT-FOR-US: Cisco
-CVE-2014-8019 (Directory traversal vulnerability in Cisco Enterprise Content Delivery ...)
+CVE-2014-8019
 	NOT-FOR-US: Cisco
-CVE-2014-8018 (Multiple cross-site scripting (XSS) vulnerabilities in Business Voice ...)
+CVE-2014-8018
 	NOT-FOR-US: Cisco
-CVE-2014-8017 (The periodic-backup feature in Cisco Identity Services Engine (ISE) ...)
+CVE-2014-8017
 	NOT-FOR-US: Cisco
-CVE-2014-8016 (The Cisco IronPort Email Security Appliance (ESA) allows remote ...)
+CVE-2014-8016
 	NOT-FOR-US: Cisco
-CVE-2014-8015 (The Sponsor Portal in Cisco Identity Services Engine (ISE) allows ...)
+CVE-2014-8015
 	NOT-FOR-US: Cisco
-CVE-2014-8014 (Cisco IOS XR allows remote attackers to cause a denial of service ...)
+CVE-2014-8014
 	NOT-FOR-US: Cisco
-CVE-2014-8013 (The TACACS+ command-authorization implementation in Cisco NX-OS allows ...)
+CVE-2014-8013
 	NOT-FOR-US: Cisco
-CVE-2014-8012 (Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login ...)
+CVE-2014-8012
 	NOT-FOR-US: Cisco
 CVE-2014-8011
 	RESERVED
-CVE-2014-8010 (The web framework in Cisco Unified Communications Domain Manager 8 ...)
+CVE-2014-8010
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-8009 (The Management subsystem in Cisco Unified Computing System 2.1(3f) and ...)
+CVE-2014-8009
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-8008 (Absolute path traversal vulnerability in the Real-Time Monitoring Tool ...)
+CVE-2014-8008
 	NOT-FOR-US: Cisco
-CVE-2014-8007 (Cisco Prime Infrastructure allows remote authenticated users to read ...)
+CVE-2014-8007
 	NOT-FOR-US: Cisco
-CVE-2014-8006 (The Disaster Recovery (DRA) feature on the Cisco ISB8320-E ...)
+CVE-2014-8006
 	NOT-FOR-US: Cisco
-CVE-2014-8005 (Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier ...)
+CVE-2014-8005
 	NOT-FOR-US: Cisco
-CVE-2014-8004 (Cisco IOS XR allows remote attackers to cause a denial of service ...)
+CVE-2014-8004
 	NOT-FOR-US: Cisco
-CVE-2014-8003 (Cisco Integrated Management Controller in Cisco Unified Computing ...)
+CVE-2014-8003
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-8002 (Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 ...)
+CVE-2014-8002
 	NOT-FOR-US: Cisco
-CVE-2014-8001 (Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier ...)
+CVE-2014-8001
 	NOT-FOR-US: Cisco
-CVE-2014-8000 (Cisco Unified Communications Manager IM and Presence Service 9.1(1) ...)
+CVE-2014-8000
 	NOT-FOR-US: Cisco
-CVE-2014-7999 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 ...)
+CVE-2014-7999
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7998 (Cisco IOS on Aironet access points, when &quot;dot11 aaa authenticator&quot; ...)
+CVE-2014-7998
 	NOT-FOR-US: Cisco IOS
-CVE-2014-7997 (The DHCP implementation in Cisco IOS on Aironet access points does not ...)
+CVE-2014-7997
 	NOT-FOR-US: Cisco IOS
-CVE-2014-7996 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2014-7996
 	NOT-FOR-US: Cisco
-CVE-2014-7995 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 ...)
+CVE-2014-7995
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7994 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 ...)
+CVE-2014-7994
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7993 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 ...)
+CVE-2014-7993
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7992 (The DLSw implementation in Cisco IOS does not initialize packet ...)
+CVE-2014-7992
 	NOT-FOR-US: Cisco IOS
-CVE-2014-7991 (The Remote Mobile Access Subsystem in Cisco Unified Communications ...)
+CVE-2014-7991
 	NOT-FOR-US: Cisco
-CVE-2014-7990 (Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 ...)
+CVE-2014-7990
 	NOT-FOR-US: Cisco
-CVE-2014-7989 (Cisco Unified Computing System on B-Series blade servers allows local ...)
+CVE-2014-7989
 	NOT-FOR-US: Cisco
-CVE-2014-7988 (The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and ...)
+CVE-2014-7988
 	NOT-FOR-US: Cisco
-CVE-2014-7987 (Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 ...)
+CVE-2014-7987
 	NOT-FOR-US: EspoCRM
-CVE-2014-7986 (install/index.php in EspoCRM before 2.6.0 allows remote attackers to ...)
+CVE-2014-7986
 	NOT-FOR-US: EspoCRM
-CVE-2014-7985 (Directory traversal vulnerability in EspoCRM before 2.6.0 allows ...)
+CVE-2014-7985
 	NOT-FOR-US: EspoCRM
-CVE-2014-7984 (Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote ...)
+CVE-2014-7984
 	NOT-FOR-US: Joomla!
-CVE-2014-7983 (Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS ...)
+CVE-2014-7983
 	NOT-FOR-US: Joomla component com_contact
-CVE-2014-7982 (Cross-site scripting (XSS) vulnerability in Joomla! CMS 2.5.x before ...)
+CVE-2014-7982
 	NOT-FOR-US: Joomla!
-CVE-2014-7981 (SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before ...)
+CVE-2014-7981
 	NOT-FOR-US: Joomla!
-CVE-2014-7980 (Multiple cross-site scripting (XSS) vulnerabilities in template.php in ...)
+CVE-2014-7980
 	NOT-FOR-US: Drupal theme Zen
-CVE-2014-7979 (Cross-site scripting (XSS) vulnerability in the SimpleCorp theme ...)
+CVE-2014-7979
 	NOT-FOR-US: Drupal theme SimpleCorp
-CVE-2014-7978 (Cross-site scripting (XSS) vulnerability in the BlueMasters theme ...)
+CVE-2014-7978
 	NOT-FOR-US: Drupal theme BlueMasters
 CVE-2014-7977
 	RESERVED
@@ -6099,21 +6099,21 @@ CVE-2014-7962
 	RESERVED
 CVE-2014-7961
 	RESERVED
-CVE-2014-7959 (SQL injection vulnerability in admin/htaccess/bpsunlock.php in the ...)
+CVE-2014-7959
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2014-7958 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-7958
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2014-7957 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods ...)
+CVE-2014-7957
 	NOT-FOR-US: WordPress plugin Pods
-CVE-2014-7956 (Cross-site scripting (XSS) vulnerability in the Pods plugin before 2.5 ...)
+CVE-2014-7956
 	NOT-FOR-US: WordPress plugin Pods
 CVE-2014-7955
 	RESERVED
-CVE-2014-7954 (Directory traversal vulnerability in the doSendObjectInfo method in ...)
+CVE-2014-7954
 	NOT-FOR-US: MtpServer class in Android
-CVE-2014-7953 (Race condition in the bindBackupAgent method in the ...)
+CVE-2014-7953
 	NOT-FOR-US: Android
-CVE-2014-7952 (The backup mechanism in the adb tool in Android might allow attackers ...)
+CVE-2014-7952
 	- android-platform-system-core <undetermined>
 CVE-2014-7951
 	RESERVED
@@ -6121,11 +6121,11 @@ CVE-2014-7950
 	RESERVED
 CVE-2014-7949
 	RESERVED
-CVE-2014-7948 (The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in ...)
+CVE-2014-7948
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7947 (OpenJPEG before r2944, as used in PDFium in Google Chrome before ...)
+CVE-2014-7947
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -6133,47 +6133,47 @@ CVE-2014-7947 (OpenJPEG before r2944, as used in PDFium in Google Chrome before
 	[jessie] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: If backported to jessie, https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c needs to be included
 	- openjpeg <not-affected> (Vulnerable code not present)
-CVE-2014-7946 (The RenderTable::simplifiedNormalFlowLayout function in ...)
+CVE-2014-7946
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7945 (OpenJPEG before r2908, as used in PDFium in Google Chrome before ...)
+CVE-2014-7945
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7944 (The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in ...)
+CVE-2014-7944
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7943 (Skia, as used in Google Chrome before 40.0.2214.91, allows remote ...)
+CVE-2014-7943
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7942 (The Fonts implementation in Google Chrome before 40.0.2214.91 does not ...)
+CVE-2014-7942
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7941 (The SelectionOwner::ProcessTarget function in ...)
+CVE-2014-7941
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7940 (The collator implementation in i18n/ucol.cpp in International ...)
+CVE-2014-7940
 	{DSA-3187-1 DLA-219-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 52.1-7.1 (bug #776265)
-CVE-2014-7939 (Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 ...)
+CVE-2014-7939
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7938 (The Fonts implementation in Google Chrome before 40.0.2214.91 allows ...)
+CVE-2014-7938
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7937 (Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before ...)
+CVE-2014-7937
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -6183,19 +6183,19 @@ CVE-2014-7937 (Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg be
 	[jessie] - libav <not-affected> (Can't reproduce the issue)
 	[wheezy] - libav <not-affected> (Can't reproduce the issue)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c50704ebf1777bee76772c4835d9760b3721057
-CVE-2014-7936 (Use-after-free vulnerability in the ZoomBubbleView::Close function in ...)
+CVE-2014-7936
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7935 (Use-after-free vulnerability in browser/speech/tts_message_filter.cc ...)
+CVE-2014-7935
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7934 (Use-after-free vulnerability in the DOM implementation in Blink, as ...)
+CVE-2014-7934
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7933 (Use-after-free vulnerability in the matroska_read_seek function in ...)
+CVE-2014-7933
 	{DSA-3189-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -6205,235 +6205,235 @@ CVE-2014-7933 (Use-after-free vulnerability in the matroska_read_seek function i
 	- libav 6:11.3-1
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
-CVE-2014-7932 (Use-after-free vulnerability in the Element::detach function in ...)
+CVE-2014-7932
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7931 (factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, ...)
+CVE-2014-7931
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7930 (Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp ...)
+CVE-2014-7930
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7929 (Use-after-free vulnerability in the ...)
+CVE-2014-7929
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7928 (hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, ...)
+CVE-2014-7928
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7927 (The SimplifiedLowering::DoLoadBuffer function in ...)
+CVE-2014-7927
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7926 (The Regular Expressions package in International Components for ...)
+CVE-2014-7926
 	{DSA-3187-1 DLA-219-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 52.1-7.1 (bug #776265)
-CVE-2014-7925 (Use-after-free vulnerability in the WebAudio implementation in Blink, ...)
+CVE-2014-7925
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7924 (Use-after-free vulnerability in the IndexedDB implementation in Google ...)
+CVE-2014-7924
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7923 (The Regular Expressions package in International Components for ...)
+CVE-2014-7923
 	{DSA-3187-1 DLA-219-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 52.1-7.1 (bug #776265)
-CVE-2014-7922 (The GoogleAuthUtil.getToken method in the Google Play services SDK ...)
+CVE-2014-7922
 	NOT-FOR-US: Google Play
-CVE-2014-7921 (mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers ...)
+CVE-2014-7921
 	NOT-FOR-US: Android MediaServer
-CVE-2014-7920 (mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to ...)
+CVE-2014-7920
 	NOT-FOR-US: Android MediaServer
-CVE-2014-7919 (b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger ...)
+CVE-2014-7919
 	NOT-FOR-US: Android
 CVE-2014-7918
 	RESERVED
-CVE-2014-7917 (Integer overflow in SampleTable.cpp in libstagefright in Android ...)
+CVE-2014-7917
 	NOT-FOR-US: libstagefright in Android
-CVE-2014-7916 (Integer overflow in SampleTable.cpp in libstagefright in Android ...)
+CVE-2014-7916
 	NOT-FOR-US: libstagefright in Android
-CVE-2014-7915 (Integer overflow in SampleTable.cpp in libstagefright in Android ...)
+CVE-2014-7915
 	NOT-FOR-US: libstagefright in Android
 CVE-2014-7914
 	RESERVED
-CVE-2014-7913 (The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as ...)
+CVE-2014-7913
 	{DLA-506-1}
 	- dhcpcd5 7.0.8-0.1 (unimportant; bug #846938)
 	NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=93f3066bb0bc0974eab1943543205312a6b512ad
 	NOTE: Not exploitable according to upstream, possibly limited to Bionic
-CVE-2014-7912 (The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in ...)
+CVE-2014-7912
 	{DLA-506-1}
 	- dhcpcd5 6.9.1-1
 	[jessie] - dhcpcd5 <no-dsa> (Minor issue)
 	NOTE: https://dev.marples.name/rDHCc204b018d1cfe740fb3179532070ae10fe34aaf3
-CVE-2014-7911 (luni/src/main/java/java/io/ObjectInputStream.java in the ...)
+CVE-2014-7911
 	NOT-FOR-US: Android
-CVE-2014-7910 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-7910
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=433500 (private)
-CVE-2014-7909 (effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before ...)
+CVE-2014-7909
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=391001 (private)
-CVE-2014-7908 (Multiple integer overflows in the CheckMov function in ...)
+CVE-2014-7908
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=425980 (private)
-CVE-2014-7907 (Multiple use-after-free vulnerabilities in ...)
+CVE-2014-7907
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=424453 (private)
-CVE-2014-7906 (Use-after-free vulnerability in the Pepper plugins in Google Chrome ...)
+CVE-2014-7906
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=423030 (private)
-CVE-2014-7905 (Google Chrome before 39.0.2171.65 on Android does not prevent ...)
+CVE-2014-7905
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=421817 (private)
-CVE-2014-7904 (Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, ...)
+CVE-2014-7904
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=418161 (private)
-CVE-2014-7903 (Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google ...)
+CVE-2014-7903
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7902 (Use-after-free vulnerability in PDFium, as used in Google Chrome ...)
+CVE-2014-7902
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7901 (Integer overflow in the opj_t2_read_packet_data function in ...)
+CVE-2014-7901
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7900 (Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile ...)
+CVE-2014-7900
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7899 (Google Chrome before 38.0.2125.101 allows remote attackers to spoof ...)
+CVE-2014-7899
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
 	NOTE: https://chromium.googlesource.com/chromium/src/+/5cfbddc9cc972f5133f26664dbf5810bb569cd04
-CVE-2014-7898 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7898
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7897 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7897
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7896 (Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 ...)
+CVE-2014-7896
 	NOT-FOR-US: HP
-CVE-2014-7895 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7895
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7894 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7894
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7893 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7893
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7892 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7892
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7891 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7891
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7890 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7890
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7889 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7889
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7888 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of ...)
+CVE-2014-7888
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
 CVE-2014-7887
 	REJECTED
 CVE-2014-7886
 	RESERVED
 	NOT-FOR-US: HP Network Automation
-CVE-2014-7885 (Multiple unspecified vulnerabilities in HP ArcSight Enterprise ...)
+CVE-2014-7885
 	NOT-FOR-US: HP ArcSight
-CVE-2014-7884 (Multiple unspecified vulnerabilities in HP ArcSight Logger before ...)
+CVE-2014-7884
 	NOT-FOR-US: HP ArcSight
-CVE-2014-7883 (HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the ...)
+CVE-2014-7883
 	NOT-FOR-US: HP
-CVE-2014-7882 (Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows ...)
+CVE-2014-7882
 	NOT-FOR-US: HP SiteScope
-CVE-2014-7881 (Cross-site scripting (XSS) vulnerability in the server in HP Insight ...)
+CVE-2014-7881
 	NOT-FOR-US: HP Insight Control
-CVE-2014-7880 (Multiple unspecified vulnerabilities in the POP implementation in HP ...)
+CVE-2014-7880
 	NOT-FOR-US: HP OpenVMS TCP/IP
-CVE-2014-7879 (HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration ...)
+CVE-2014-7879
 	NOT-FOR-US: HP-UX
-CVE-2014-7878 (The Application Lifecycle Service (ALS) in HP Helion Cloud Development ...)
+CVE-2014-7878
 	NOT-FOR-US: HP Helion Cloud Development Platform
-CVE-2014-7877 (Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows ...)
+CVE-2014-7877
 	NOT-FOR-US: HP-UX
-CVE-2014-7876 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 ...)
+CVE-2014-7876
 	NOT-FOR-US: HP Integrated Lights-Out
-CVE-2014-7875 (Unspecified vulnerability on the HP LaserJet CM3530 Multifunction ...)
+CVE-2014-7875
 	NOT-FOR-US: HP Color LaserJet Printers
-CVE-2014-7874 (Cross-site request forgery (CSRF) vulnerability in HP System ...)
+CVE-2014-7874
 	NOT-FOR-US: HP-UX running System Management Homepage
 CVE-2014-7873
 	RESERVED
-CVE-2014-7872 (Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC ...)
+CVE-2014-7872
 	NOT-FOR-US: Comodo GeekBuddy
-CVE-2014-7871 (SQL injection vulnerability in Open-Xchange (OX) AppSuite before ...)
+CVE-2014-7871
 	NOT-FOR-US: Open-Xchange
-CVE-2014-7870 (Cross-site scripting (XSS) vulnerability in the Custom Search module ...)
+CVE-2014-7870
 	NOT-FOR-US: Drupal module Custom Search
-CVE-2014-7869 (Cross-site scripting (XSS) vulnerability in the configuration UI in ...)
+CVE-2014-7869
 	NOT-FOR-US: Drupal module Context Form Alteration
-CVE-2014-7868 (Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager ...)
+CVE-2014-7868
 	NOT-FOR-US: ZOHO
-CVE-2014-7867 (SQL injection vulnerability in the ...)
+CVE-2014-7867
 	NOT-FOR-US: ZOHO
-CVE-2014-7866 (Multiple directory traversal vulnerabilities in ZOHO ManageEngine ...)
+CVE-2014-7866
 	NOT-FOR-US: ZOHO
 CVE-2014-7865
 	REJECTED
-CVE-2014-7864 (Multiple SQL injection vulnerabilities in the FailOverHelperServlet ...)
+CVE-2014-7864
 	NOT-FOR-US: ZOHO ManageEngine OpManager
 CVE-2014-7863
 	RESERVED
-CVE-2014-7862 (The DCPluginServelet servlet in ManageEngine Desktop Central and ...)
+CVE-2014-7862
 	NOT-FOR-US: ManageEngine
-CVE-2014-7861 (The IOHIDSecurePromptClient function in Apple OS X does not properly ...)
+CVE-2014-7861
 	NOT-FOR-US: Apple OS X
-CVE-2014-7975 (The do_umount function in fs/namespace.c in the Linux kernel through ...)
+CVE-2014-7975
 	- linux 3.16.7-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: http://thread.gmane.org/gmane.linux.kernel.stable/109312
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5 (v3.18-rc1)
-CVE-2014-7970 (The pivot_root implementation in fs/namespace.c in the Linux kernel ...)
+CVE-2014-7970
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	- linux 3.16.7-1
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d0826019e529f21c84687521d03f60cd241ca7d
-CVE-2014-7968 (VDSM allows remote attackers to cause a denial of service (connection ...)
+CVE-2014-7968
 	- vdsm <itp> (bug #668538)
-CVE-2014-7967 (Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, ...)
+CVE-2014-7967
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
@@ -6442,17 +6442,17 @@ CVE-2014-7967 (Multiple unspecified vulnerabilities in Google V8 before 3.28.71.
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2014-7960 (OpenStack Object Storage (Swift) before 2.2.0 allows remote ...)
+CVE-2014-7960
 	- swift 2.2.0-1
 	[wheezy] - swift <no-dsa> (Minor issue)
 	NOTE: affected version: all up to 2.1.0
-CVE-2014-7860 (The web/web_file/fb_publish.php script in D-Link DNS-320L before ...)
+CVE-2014-7860
 	NOT-FOR-US: D-Link
-CVE-2014-7859 (Stack-based buffer overflow in login_mgr.cgi in D-Link firmware ...)
+CVE-2014-7859
 	NOT-FOR-US: D-Link
-CVE-2014-7858 (The check_login function in D-Link DNR-326 before 2.10 build 03 allows ...)
+CVE-2014-7858
 	NOT-FOR-US: D-Link
-CVE-2014-7857 (D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 ...)
+CVE-2014-7857
 	NOT-FOR-US: D-Link
 CVE-2014-7856
 	RESERVED
@@ -6460,31 +6460,31 @@ CVE-2014-7855
 	RESERVED
 CVE-2014-7854
 	RESERVED
-CVE-2014-7853 (The JBoss Application Server (WildFly) JacORB subsystem in Red Hat ...)
+CVE-2014-7853
 	NOT-FOR-US: JBoss AS/WildFly Domain Management
-CVE-2014-7852 (Cross-site scripting (XSS) vulnerability in JBoss RichFaces, as used ...)
+CVE-2014-7852
 	NOT-FOR-US: RichFaces
-CVE-2014-7851 (oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session ...)
+CVE-2014-7851
 	NOT-FOR-US: ovirt-engine-webadmin
-CVE-2014-7850 (Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x ...)
+CVE-2014-7850
 	- freeipa 4.3.1-1 (unimportant)
 	NOTE: https://fedorahosted.org/freeipa/ticket/4742
 	NOTE: Upstream commit: https://pagure.io/freeipa/c/af9fd4dfe2c18e52127480c959c35ad37b566095
-CVE-2014-7849 (The Role Based Access Control (RBAC) implementation in JBoss ...)
+CVE-2014-7849
 	NOT-FOR-US: JBoss AS/WildFly Domain Management
-CVE-2014-7848 (lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x ...)
+CVE-2014-7848
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47287
-CVE-2014-7847 (iplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x ...)
+CVE-2014-7847
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47321
-CVE-2014-7846 (tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, ...)
+CVE-2014-7846
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47965
-CVE-2014-7845 (The generate_password function in Moodle through 2.4.11, 2.5.x before ...)
+CVE-2014-7845
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47050
@@ -6493,24 +6493,24 @@ CVE-2014-7844
 	{DSA-3105-1 DSA-3104-1 DLA-114-1 DLA-113-1}
 	- bsd-mailx 8.1.2-0.20141216cvs-1
 	- heirloom-mailx 12.5-3.1 (bug #773417)
-CVE-2014-7843 (The __clear_user function in arch/arm64/lib/clear_user.S in the Linux ...)
+CVE-2014-7843
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (arm64 support introduced in 3.7)
 	- linux-2.6 <not-affected> (arm64 support introduced in 3.7)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1163744
 	NOTE: Upstream patch proposal: https://lkml.org/lkml/2014/11/12/584
-CVE-2014-7842 (Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 ...)
+CVE-2014-7842
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2b9e6c1a35a (v3.18-rc1)
-CVE-2014-7841 (The sctp_process_param function in net/sctp/sm_make_chunk.c in the ...)
+CVE-2014-7841
 	{DSA-3093-1 DLA-118-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e40607cbe270a9e8360907cb1e62ddf0736e4864 (v3.18-rc5)
-CVE-2014-7840 (The host_from_stream_offset function in arch_init.c in QEMU, when ...)
+CVE-2014-7840
 	- qemu 2.1+dfsg-8 (low; bug #769451)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -6518,46 +6518,46 @@ CVE-2014-7840 (The host_from_stream_offset function in arch_init.c in QEMU, when
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	NOTE: http://thread.gmane.org/gmane.comp.emulators.qemu/306117
-CVE-2014-7839 (DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the ...)
+CVE-2014-7839
 	- resteasy 3.0.6-2 (bug #770544)
 	NOTE: https://issues.jboss.org/browse/RESTEASY-1130
-CVE-2014-7838 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-7838
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924
-CVE-2014-7837 (mod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x ...)
+CVE-2014-7837
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47949
-CVE-2014-7836 (Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI ...)
+CVE-2014-7836
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924
-CVE-2014-7835 (webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before ...)
+CVE-2014-7835
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868
-CVE-2014-7834 (mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x ...)
+CVE-2014-7834
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303
-CVE-2014-7833 (mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x ...)
+CVE-2014-7833
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47697
-CVE-2014-7832 (mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x ...)
+CVE-2014-7832
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47921
-CVE-2014-7831 (lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not ...)
+CVE-2014-7831
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47766
-CVE-2014-7830 (Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php ...)
+CVE-2014-7830
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47865
-CVE-2014-7829 (Directory traversal vulnerability in ...)
+CVE-2014-7829
 	- rails 2:4.1.8-1 (bug #770934)
 	[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
 	[squeeze] - rails <not-affected> (Only affects >= 3)
@@ -6565,50 +6565,50 @@ CVE-2014-7829 (Directory traversal vulnerability in ...)
 	- ruby-actionpack-3.2 <removed>
 	[wheezy] - ruby-actionpack-3.2 <no-dsa> (Minor issue)
 	- ruby-actionpack-2.3 <not-affected> (Only affects >= 3)
-CVE-2014-7828 (FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is ...)
+CVE-2014-7828
 	- freeipa 4.0.5-1 (bug #768294)
 	NOTE: https://fedorahosted.org/freeipa/ticket/4690
-CVE-2014-7827 (The org.jboss.security.plugins.mapping.JBossMappingManager ...)
+CVE-2014-7827
 	NOT-FOR-US: JBoss Security
-CVE-2014-7826 (kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does ...)
+CVE-2014-7826
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
 	NOTE: Support for SOFT_DISABLE to syscall events was added in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d562aff93bfb530b0992141500a402d17081189d (v3.13-rc1)
-CVE-2014-7825 (kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does ...)
+CVE-2014-7825
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (Affected feature not enabled)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Affected feature not enabled)
 	NOTE: CONFIG_FTRACE_SYSCALL not enabled in squeeze
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
-CVE-2014-7824 (D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and ...)
+CVE-2014-7824
 	{DSA-3099-1}
 	- dbus 1.8.10-1
 	[squeeze] - dbus <not-affected> (dbus 1.2.x does not support FD passing)
 	NOTE: Since this CVE is only a complement for the fix to CVE-2014-3636, versions not affected by CVE-2014-3636 do not need the patch provided for this CVE.
-CVE-2014-7823 (The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote ...)
+CVE-2014-7823
 	- libvirt 1.2.9-4 (bug #769149)
 	[wheezy] - libvirt <not-affected> (Introduced in v1.0.0)
 	[squeeze] - libvirt <not-affected> (Introduced in v1.0.0)
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commit;h=28f8dfdcccd4c0f69063ef741545b37d8a7f7935 (v1.0.0)
 	NOTE: Fixed by http://libvirt.org/git/?p=libvirt.git;a=commit;h=b1674ad5a97441b7e1bd5f5ebaff498ef2fbb11b
-CVE-2014-7822 (The implementation of certain splice_write file operations in the ...)
+CVE-2014-7822
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fixes: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d0207652cbe27d1f962050737848e5ad4671958 (v3.16-rc1)
-CVE-2014-7821 (OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows ...)
+CVE-2014-7821
 	- neutron 2014.1.3-6 (bug #770431)
 	NOTE: Versions up to 2014.1.3 and 2014.2
 	NOTE: https://launchpad.net/bugs/1378450
 CVE-2014-7820
 	RESERVED
-CVE-2014-7819 (Multiple directory traversal vulnerabilities in server.rb in Sprockets ...)
+CVE-2014-7819
 	- ruby-sprockets 2.12.3-1
 	[wheezy] - ruby-sprockets <no-dsa> (Minor issue)
-CVE-2014-7818 (Directory traversal vulnerability in ...)
+CVE-2014-7818
 	- rails 2:4.1.8-1 (bug #770934)
 	[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
 	[squeeze] - rails <not-affected> (Only affects >= 3)
@@ -6616,31 +6616,31 @@ CVE-2014-7818 (Directory traversal vulnerability in ...)
 	- ruby-actionpack-3.2 <removed>
 	[wheezy] - ruby-actionpack-3.2 <no-dsa> (Minor issue)
 	- ruby-actionpack-2.3 <not-affected> (Only affects >= 3)
-CVE-2014-7817 (The wordexp function in GNU C Library (aka glibc) 2.21 does not ...)
+CVE-2014-7817
 	{DSA-3142-1 DLA-97-1}
 	- glibc 2.19-14 (bug #775572)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Will be fixed through a point update)
 	NOTE: https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html
 	NOTE: Git commit: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c
-CVE-2014-7816 (Directory traversal vulnerability in JBoss Undertow 1.0.x before ...)
+CVE-2014-7816
 	- undertow <not-affected> (only when running on Windows)
-CVE-2014-7815 (The set_pixel_format function in ui/vnc.c in QEMU allows remote ...)
+CVE-2014-7815
 	{DSA-3067-1 DSA-3066-1}
 	- qemu 2.1+dfsg-7
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e6908bfe8e07f2b452e78e677da1b45b1c0f6829
-CVE-2014-7814 (SQL injection vulnerability in Red Hat CloudForms 3.1 Management ...)
+CVE-2014-7814
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-7813 (Red Hat CloudForms 3 Management Engine (CFME) allows remote ...)
+CVE-2014-7813
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-7812 (Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat ...)
+CVE-2014-7812
 	NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2014-7811 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and ...)
+CVE-2014-7811
 	NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2014-7810 (The Expression Language (EL) implementation in Apache Tomcat 6.x ...)
+CVE-2014-7810
 	{DSA-3530-1 DSA-3447-1 DSA-3428-1 DLA-232-1}
 	- tomcat6 6.0.41-3 (bug #787010)
 	NOTE: Marked as fixed in 6.0.41-3 which only builds the libservlet2.5-java and libservlet2.5-java-doc packages
@@ -6650,263 +6650,263 @@ CVE-2014-7810 (The Expression Language (EL) implementation in Apache Tomcat 6.x
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1659538 (6.x)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1644019 (7.x)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1645644 (7.x)
-CVE-2014-7809 (Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable ...)
+CVE-2014-7809
 	- libstruts1.2-java <not-affected> (Struts 2.0.0 through to Struts 2.3.16.3)
-CVE-2014-7808 (Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before ...)
+CVE-2014-7808
 	NOT-FOR-US: Apache Wicket
-CVE-2014-7807 (Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows ...)
+CVE-2014-7807
 	NOT-FOR-US: Apache CloudStack
 CVE-2014-7806
 	REJECTED
 CVE-2014-7805
 	REJECTED
-CVE-2014-7804 (The Gangsta Auto Thief III (aka com.apptreestudios.gdup3) application ...)
+CVE-2014-7804
 	NOT-FOR-US: Gangsta Auto Thief III (aka com.apptreestudios.gdup3) application for Android
-CVE-2014-7803 (The Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) ...)
+CVE-2014-7803
 	NOT-FOR-US: Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) application for Android
-CVE-2014-7802 (The Top Roller Coasters Europe 2 (aka ...)
+CVE-2014-7802
 	NOT-FOR-US: Top Roller Coasters Europe 2 (aka com.appaapps.top10tallesteuropeanrollercoasters2) application for Android
 CVE-2014-7801
 	REJECTED
-CVE-2014-7800 (The Daily Green (aka it.opentt.blog.dailygreen) application 2014.07 ...)
+CVE-2014-7800
 	NOT-FOR-US: Daily Green (aka it.opentt.blog.dailygreen) application for Android
-CVE-2014-7799 (The Squishy birds (aka com.tatmob.squishybirds) application 1.0.1 for ...)
+CVE-2014-7799
 	NOT-FOR-US: Squishy birds (aka com.tatmob.squishybirds) application for Android
-CVE-2014-7798 (The Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) ...)
+CVE-2014-7798
 	NOT-FOR-US: Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) application for Android
-CVE-2014-7797 (The Thai food (aka com.foods.thaifood) application 1.0 for Android ...)
+CVE-2014-7797
 	NOT-FOR-US: Thai food (aka com.foods.thaifood) application for Android
-CVE-2014-7796 (The House365 Radio (aka com.nobexinc.wls_27853803.rc) application ...)
+CVE-2014-7796
 	NOT-FOR-US: House365 Radio (aka com.nobexinc.wls_27853803.rc) application for Android
-CVE-2014-7795 (The Harpers Bazaar Art (aka com.itp.harpersart) application @7F080181 ...)
+CVE-2014-7795
 	NOT-FOR-US: Harpers Bazaar Art (aka com.itp.harpersart) application for Android
-CVE-2014-7794 (The Knights of the Void (aka ...)
+CVE-2014-7794
 	NOT-FOR-US: Knights of the Void (aka me.narr8.android.serial.knights_of_the_void) application for Android
-CVE-2014-7793 (The CB - Calciatori Brutti (aka com.calciatori.brutti) application 1.0 ...)
+CVE-2014-7793
 	NOT-FOR-US: CB - Calciatori Brutti (aka com.calciatori.brutti) application for Android
 CVE-2014-7792
 	REJECTED
-CVE-2014-7791 (The Backyard Wrestling (aka com.wBackyardWrestling) application 0.1 ...)
+CVE-2014-7791
 	NOT-FOR-US: Backyard Wrestling (aka com.wBackyardWrestling) application for Android
 CVE-2014-7790
 	REJECTED
-CVE-2014-7789 (The Zillion Muslims (aka com.zillionmuslims.src) application 1.1 for ...)
+CVE-2014-7789
 	NOT-FOR-US: Zillion Muslims (aka com.zillionmuslims.src) application for Android
-CVE-2014-7788 (The Best Free Giveaways (aka com.wIphone5GiveAways) application 0.1 ...)
+CVE-2014-7788
 	NOT-FOR-US: Best Free Giveaways (aka com.wIphone5GiveAways) application for Android
-CVE-2014-7787 (The iShuttle (aka com.synapse.ishuttle_user) application 1.0 for ...)
+CVE-2014-7787
 	NOT-FOR-US: iShuttle (aka com.synapse.ishuttle_user) application for Android
-CVE-2014-7786 (The English Football Magazine (aka com.magzter.englishfootball) ...)
+CVE-2014-7786
 	NOT-FOR-US: English Football Magazine (aka com.magzter.englishfootball) application for Android
-CVE-2014-7785 (The AAAA Discount Bail (aka ...)
+CVE-2014-7785
 	NOT-FOR-US: AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroid) application for Android
-CVE-2014-7784 (The Schon! Magazine (aka com.magzter.schonmagazine) application 3.0 ...)
+CVE-2014-7784
 	NOT-FOR-US: Schon! Magazine (aka com.magzter.schonmagazine) application for Android
-CVE-2014-7783 (The Bill G. Bennett (aka com.billgbennett) application 1.0 for Android ...)
+CVE-2014-7783
 	NOT-FOR-US: Bill G. Bennett (aka com.billgbennett) application for Android
-CVE-2014-7782 (The Macedonia Hacienda Hotel (aka ...)
+CVE-2014-7782
 	NOT-FOR-US: Macedonia Hacienda Hotel (aka appinventor.ai_orolimpio999.HotelMacedonia) application for Android
-CVE-2014-7781 (The Marijuana Handbook Lite - Weed (aka ...)
+CVE-2014-7781
 	NOT-FOR-US: Marijuana Handbook Lite - Weed (aka com.fallacystudios.marijuanahandbooklite) application for Android
-CVE-2014-7780 (The Pakistan Cricket News (aka ...)
+CVE-2014-7780
 	NOT-FOR-US: Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application for Android
-CVE-2014-7779 (The Kuran'in Bilimsel Mucizeleri (aka com.wKurannBilimselMucizeleri) ...)
+CVE-2014-7779
 	NOT-FOR-US: Kuran'in Bilimsel Mucizeleri (aka com.wKurannBilimselMucizeleri) application for Android
-CVE-2014-7778 (The Epc World (aka com.magzter.epcworld) application 3.1 for Android ...)
+CVE-2014-7778
 	NOT-FOR-US: Epc World (aka com.magzter.epcworld) application for Android
-CVE-2014-7777 (The Slingshot Forum (aka com.tapatalk.theslingshotforumcom) ...)
+CVE-2014-7777
 	NOT-FOR-US: Slingshot Forum (aka com.tapatalk.theslingshotforumcom) application for Android
-CVE-2014-7776 (The Kavita KS (aka com.snaplion.kavitaks) application 2.4 for Android ...)
+CVE-2014-7776
 	NOT-FOR-US: Kavita KS (aka com.snaplion.kavitaks) application for Android
-CVE-2014-7775 (The Champak - Hindi (aka com.magzter.champakhindi) application 3.0.1 ...)
+CVE-2014-7775
 	NOT-FOR-US: Champak - Hindi (aka com.magzter.champakhindi) application for Android
-CVE-2014-7774 (The Herbs &amp; Flowers Dictionary (aka com.wHerbsNFlowersDictionary) ...)
+CVE-2014-7774
 	NOT-FOR-US: Herbs & Flowers Dictionary (aka com.wHerbsNFlowersDictionary) application for Android
-CVE-2014-7773 (The Cleveland Football STREAM (aka ...)
+CVE-2014-7773
 	NOT-FOR-US: Cleveland Football STREAM (aka com.appstronautme.clevelandfootballstream) application for Android
-CVE-2014-7772 (The MB Tickets (aka com.xcr.android.mbtickets) application 3.0.1 for ...)
+CVE-2014-7772
 	NOT-FOR-US: MB Tickets (aka com.xcr.android.mbtickets) application for Android
-CVE-2014-7771 (The World Tamil Bayan (aka com.wWorldTamilBayan) application 0.1 for ...)
+CVE-2014-7771
 	NOT-FOR-US: World Tamil Bayan (aka com.wWorldTamilBayan) application for Android
-CVE-2014-7770 (The Lagu POP Indonesia (aka com.lagu.pop.indonesia.xygwphqpuomclljvaa) ...)
+CVE-2014-7770
 	NOT-FOR-US: Lagu POP Indonesia (aka com.lagu.pop.indonesia.xygwphqpuomclljvaa) application for Android
-CVE-2014-7769 (The Accurate Lending (aka com.soln.S7B193908AEA1937C7CBB4E889A46D3C0) ...)
+CVE-2014-7769
 	NOT-FOR-US: Accurate Lending (aka com.soln.S7B193908AEA1937C7CBB4E889A46D3C0) application for Android
-CVE-2014-7768 (The Analects of Confucius (aka com.azbc88881.lunyu) application 8.0 ...)
+CVE-2014-7768
 	NOT-FOR-US: Analects of Confucius (aka com.azbc88881.lunyu) application for Android
-CVE-2014-7767 (The A+ (aka cn.xrzcm) application 1.0.1 for Android does not verify ...)
+CVE-2014-7767
 	NOT-FOR-US: A+ (aka cn.xrzcm) application for Android
-CVE-2014-7766 (The 7 Habits Personal Development (aka ...)
+CVE-2014-7766
 	NOT-FOR-US: 7 Habits Personal Development (aka appinventor.ai_ingka_d_jiw.TheCompleteGuideToApplyingThe7HabitsInHolisticPersonalDevelopment) application for Android
-CVE-2014-7765 (The Hundred Thousands Kid Book (aka it.tinytap.attsa.thousands) ...)
+CVE-2014-7765
 	NOT-FOR-US: Hundred Thousands Kid Book (aka it.tinytap.attsa.thousands) application for Android
-CVE-2014-7764 (The Semper Invicta Fitness (aka com.semper.invicta.fitness) ...)
+CVE-2014-7764
 	NOT-FOR-US: Semper Invicta Fitness (aka com.semper.invicta.fitness) application for Android
-CVE-2014-7763 (The Listen up! mirucho (aka jp.ameba.kiiteyo.android) application ...)
+CVE-2014-7763
 	NOT-FOR-US: Listen up! mirucho (aka jp.ameba.kiiteyo.android) application for Android
-CVE-2014-7762 (The Bite it! (aka com.ASA1Touch.Bite_it) application 1.1.8 for Android ...)
+CVE-2014-7762
 	NOT-FOR-US: Bite it! (aka com.ASA1Touch.Bite_it) application for Android
-CVE-2014-7761 (The Ink Cards (aka com.sincerely.android.ink) application 2.0.4 for ...)
+CVE-2014-7761
 	NOT-FOR-US: Ink Cards (aka com.sincerely.android.ink) application for Android
-CVE-2014-7760 (The Health assistance service (aka net.nttcloud.ft.karada) application ...)
+CVE-2014-7760
 	NOT-FOR-US: Health assistance service (aka net.nttcloud.ft.karada) application for Android
-CVE-2014-7759 (The Jazz Lovers Radio (aka com.nobexinc.wls_99273254.rc) application ...)
+CVE-2014-7759
 	NOT-FOR-US: Jazz Lovers Radio (aka com.nobexinc.wls_99273254.rc) application for Android
-CVE-2014-7758 (The AMKAMAL Science Portfolio (aka com.wAMKAMALSciencePortfolio) ...)
+CVE-2014-7758
 	NOT-FOR-US: AMKAMAL Science Portfolio (aka com.wAMKAMALSciencePortfolio) application for Android
-CVE-2014-7757 (The Awful Ninja Game (aka ...)
+CVE-2014-7757
 	NOT-FOR-US: Awful Ninja Game (aka com.absolutelyawfulapplications.awfulninjagame) application for Android
-CVE-2014-7756 (The Radiohead fan (aka nl.jborsje.android.bandnews.radiohead) ...)
+CVE-2014-7756
 	NOT-FOR-US: Radiohead fan (aka nl.jborsje.android.bandnews.radiohead) application for Android
-CVE-2014-7755 (The eTopUpOnline (aka com.moremagic.etopup.client.android) application ...)
+CVE-2014-7755
 	NOT-FOR-US: eTopUpOnline (aka com.moremagic.etopup.client.android) application for Android
-CVE-2014-7754 (The Condor S.E. (aka com.app_condorsoutheast.layout) application 1.399 ...)
+CVE-2014-7754
 	NOT-FOR-US: Condor S.E. (aka com.app_condorsoutheast.layout) application for Android
-CVE-2014-7753 (The Circa News (aka cir.ca) application 2.1.3 for Android does not ...)
+CVE-2014-7753
 	NOT-FOR-US: Circa News (aka cir.ca) application for Android
-CVE-2014-7752 (The NASIOC (aka net.endoftime.android.forumrunner.nasioc) application ...)
+CVE-2014-7752
 	NOT-FOR-US: NASIOC (aka net.endoftime.android.forumrunner.nasioc) application for Android
-CVE-2014-7751 (The Recetas de Tragos (aka com.wRecetasdeTragos) application 0.1 for ...)
+CVE-2014-7751
 	NOT-FOR-US: Recetas de Tragos (aka com.wRecetasdeTragos) application for Android
-CVE-2014-7750 (The Taster Magazine (aka com.magazinecloner.taster) application ...)
+CVE-2014-7750
 	NOT-FOR-US: Taster Magazine (aka com.magazinecloner.taster) application for Android
-CVE-2014-7749 (The CamDictionary (aka com.intsig.camdict) application 2.3.0.20131118 ...)
+CVE-2014-7749
 	NOT-FOR-US: CamDictionary (aka com.intsig.camdict) application for Android
-CVE-2014-7748 (The Garip Ve Ilginc Olaylar (aka com.wGaripveeIlgincOlay) application ...)
+CVE-2014-7748
 	NOT-FOR-US: Garip Ve Ilginc Olaylar (aka com.wGaripveeIlgincOlay) application for Android
 CVE-2014-7747
 	REJECTED
-CVE-2014-7746 (The Fusion Flowers - Weddings (aka com.triactivemedia.fusionweddings) ...)
+CVE-2014-7746
 	NOT-FOR-US: Fusion Flowers - Weddings (aka com.triactivemedia.fusionweddings) application for Android
-CVE-2014-7745 (The Flight Manager (aka com.flightmanager.view) application 4.0 for ...)
+CVE-2014-7745
 	NOT-FOR-US: Flight Manager (aka com.flightmanager.view) application for Android
-CVE-2014-7744 (The Musulmanin.com (aka com.wSalyafiyailimurdjiya) application 0.1 for ...)
+CVE-2014-7744
 	NOT-FOR-US: Musulmanin.com (aka com.wSalyafiyailimurdjiya) application for Android
-CVE-2014-7743 (The Humor Ironias y Realidades (aka com.wHumork) application ...)
+CVE-2014-7743
 	NOT-FOR-US: Humor Ironias y Realidades (aka com.wHumork) application for Android
-CVE-2014-7742 (The Noticias del Vaticano (aka com.wNoticiasdelVaticano) application ...)
+CVE-2014-7742
 	NOT-FOR-US: Noticias del Vaticano (aka com.wNoticiasdelVaticano) application for Android
-CVE-2014-7741 (The Healing Bookstore (aka com.wHealingBookstore) application 0.1 for ...)
+CVE-2014-7741
 	NOT-FOR-US: Healing Bookstore (aka com.wHealingBookstore) application for Android
-CVE-2014-7740 (The Pony Magazine (aka com.triactivemedia.ponymagazine) application ...)
+CVE-2014-7740
 	NOT-FOR-US: Pony Magazine (aka com.triactivemedia.ponymagazine) application for Android
-CVE-2014-7739 (The Anahi A Adopter FR (aka com.wAnahiAAdopterFR) application 0.1 for ...)
+CVE-2014-7739
 	NOT-FOR-US: Anahi A Adopter FR (aka com.wAnahiAAdopterFR) application for Android
 CVE-2014-7738
 	REJECTED
-CVE-2014-7737 (The FMAC : Federation Culinaire (aka com.fmac) application 1.0 for ...)
+CVE-2014-7737
 	NOT-FOR-US: FMAC : Federation Culinaire (aka com.fmac) application for Android
 CVE-2014-7736
 	REJECTED
-CVE-2014-7735 (The Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) ...)
+CVE-2014-7735
 	NOT-FOR-US: Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) application for Android
-CVE-2014-7734 (The Reds Anytime Bail (aka com.onesolutionapps.redsanytimebailandroid) ...)
+CVE-2014-7734
 	NOT-FOR-US: Reds Anytime Bail (aka com.onesolutionapps.redsanytimebailandroid) application for Android
-CVE-2014-7733 (The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for ...)
+CVE-2014-7733
 	NOT-FOR-US: Karaf Magazin (aka com.magzter.karafmagazin) application for Android
 CVE-2014-7732
 	REJECTED
-CVE-2014-7731 (The Radio de la Cato (aka com.radio.de.la.cato) application 2.0 for ...)
+CVE-2014-7731
 	NOT-FOR-US: Radio de la Cato (aka com.radio.de.la.cato) application for Android
 CVE-2014-7730
 	REJECTED
 CVE-2014-7729
 	REJECTED
-CVE-2014-7728 (The Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) ...)
+CVE-2014-7728
 	NOT-FOR-US: Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) application for Android
-CVE-2014-7727 (The Dj Brad H (aka com.dreamstep.wDjBradH) application 0.90 for ...)
+CVE-2014-7727
 	NOT-FOR-US: Dj Brad H (aka com.dreamstep.wDjBradH) application for Android
-CVE-2014-7726 (The Golosinas Simpson1 (aka com.wGolosinasSimpson1) application 0.1 ...)
+CVE-2014-7726
 	NOT-FOR-US: Golosinas Simpson1 (aka com.wGolosinasSimpson1) application for Android
-CVE-2014-7725 (The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) ...)
+CVE-2014-7725
 	NOT-FOR-US: Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application for Android
-CVE-2014-7724 (The Chemssou Blink (aka com.chemssou.blink) application 1.0 for ...)
+CVE-2014-7724
 	NOT-FOR-US: Chemssou Blink (aka com.chemssou.blink) application for Android
-CVE-2014-7723 (The Carnegie Mellon Silicon Valley (aka edu.cmu.sv.mobile) application ...)
+CVE-2014-7723
 	NOT-FOR-US: Carnegie Mellon Silicon Valley (aka edu.cmu.sv.mobile) application for Android
-CVE-2014-7722 (The Indian Jeweller (aka com.magzter.indianjeweller) application 3.0 ...)
+CVE-2014-7722
 	NOT-FOR-US: Indian Jeweller (aka com.magzter.indianjeweller) application for Android
-CVE-2014-7721 (The President Clicker (aka com.flexymind.pclicker) application 1.0.4 ...)
+CVE-2014-7721
 	NOT-FOR-US: President Clicker (aka com.flexymind.pclicker) application for Android
-CVE-2014-7720 (The Better Homes and Gardens Aus (aka ...)
+CVE-2014-7720
 	NOT-FOR-US: Better Homes and Gardens Aus (aka com.pacificmagazines.betterhomesandgardens) application for Android
-CVE-2014-7719 (The BASEBALL MANAGER K (aka com.cjenm.yagamkgoogle) application 1.13 ...)
+CVE-2014-7719
 	NOT-FOR-US: BASEBALL MANAGER K (aka com.cjenm.yagamkgoogle) application for Android
-CVE-2014-7718 (The Travel+Leisure (aka com.magzter.travelleisure) application 3.0 for ...)
+CVE-2014-7718
 	NOT-FOR-US: Travel+Leisure (aka com.magzter.travelleisure) application for Android
-CVE-2014-7717 (The Mills-Hazel Property Mgmt (aka ...)
+CVE-2014-7717
 	NOT-FOR-US: Mills-Hazel Property Mgmt (aka com.appexpress.millshazelpropertymanagement) application for Android
-CVE-2014-7716 (The Ultimate Christian Radios (aka com.ngg.ultimatechristianradios) ...)
+CVE-2014-7716
 	NOT-FOR-US: Ultimate Christian Radios (aka com.ngg.ultimatechristianradios) application for Android
-CVE-2014-7715 (The GIGA HOBBY (aka com.innopage.store.gigahobby) application 1.0.6 ...)
+CVE-2014-7715
 	NOT-FOR-US: GIGA HOBBY (aka com.innopage.store.gigahobby) application for Android
-CVE-2014-7714 (The ibon (aka tw.net.pic.mobi) application 3.2.1 for Android does not ...)
+CVE-2014-7714
 	NOT-FOR-US: ibon (aka tw.net.pic.mobi) application for Android
-CVE-2014-7713 (The Skin&amp;Ink Magazine (aka com.triactivemedia.skinandink) application ...)
+CVE-2014-7713
 	NOT-FOR-US: Skin&Ink Magazine (aka com.triactivemedia.skinandink) application for Android
-CVE-2014-7712 (The Tiket.com Hotel &amp; Flight (aka com.tiket.gits) application 1.1.2 ...)
+CVE-2014-7712
 	NOT-FOR-US: Tiket.com Hotel & Flight (aka com.tiket.gits) application for Android
 CVE-2014-7711
 	REJECTED
-CVE-2014-7710 (The India Today Telugu (aka com.magzter.indiatoday.telugu) application ...)
+CVE-2014-7710
 	NOT-FOR-US: India Today Telugu (aka com.magzter.indiatoday.telugu) application for Android
 CVE-2014-7709
 	REJECTED
-CVE-2014-7708 (The Raven - The Culture Lover (aka com.booksbyraven) application 1.60 ...)
+CVE-2014-7708
 	NOT-FOR-US: Raven - The Culture Lover (aka com.booksbyraven) application for Android
-CVE-2014-7707 (The Outdoor Design And Living (aka ...)
+CVE-2014-7707
 	NOT-FOR-US: Outdoor Design And Living (aka com.pocketmagsau.outdoordesignandliving) application for Android
 CVE-2014-7706
 	REJECTED
-CVE-2014-7705 (The Atkins Diet Free Shopping List (aka ...)
+CVE-2014-7705
 	NOT-FOR-US: Atkins Diet Free Shopping List (aka com.wAtkinsDietFreeShoppingList) application for Android
 CVE-2014-7704
 	REJECTED
-CVE-2014-7703 (The Terrorizer Magazine (aka com.triactivemedia.terrorizer) ...)
+CVE-2014-7703
 	NOT-FOR-US: Terrorizer Magazine (aka com.triactivemedia.terrorizer) application for Android
-CVE-2014-7702 (The ahtty (aka com.crevation.babylon.ahtty) application 1.97.16 for ...)
+CVE-2014-7702
 	NOT-FOR-US: ahtty (aka com.crevation.babylon.ahtty) application for Android
-CVE-2014-7701 (The DoNotTrackMe - Mobile Privacy (aka com.abine.dnt) application ...)
+CVE-2014-7701
 	NOT-FOR-US: DoNotTrackMe - Mobile Privacy (aka com.abine.dnt) application for Android
-CVE-2014-7700 (The Flying Fox (aka com.chillingo.slyfoxfree.android.aja) application ...)
+CVE-2014-7700
 	NOT-FOR-US: Flying Fox (aka com.chillingo.slyfoxfree.android.aja) application for Android
 CVE-2014-7699
 	REJECTED
-CVE-2014-7698 (The Xinhua International (aka org.xinhua.xnews_international) ...)
+CVE-2014-7698
 	NOT-FOR-US: Xinhua International (aka org.xinhua.xnews_international) application for Android
-CVE-2014-7697 (The Eyvah! Bosandim ozgurum (aka com.wEyvahBosandimBlog) application ...)
+CVE-2014-7697
 	NOT-FOR-US: Eyvah! Bosandim ozgurum (aka com.wEyvahBosandimBlog) application for Android
-CVE-2014-7696 (The Halftime Magazine (aka com.magzter.halftimemagazine) application ...)
+CVE-2014-7696
 	NOT-FOR-US: Halftime Magazine (aka com.magzter.halftimemagazine) application for Android
-CVE-2014-7695 (The easaa Baoneng (aka com.easaa.baoneng) application 1.0 for Android ...)
+CVE-2014-7695
 	NOT-FOR-US: easaa Baoneng (aka com.easaa.baoneng) application for Android
-CVE-2014-7694 (The Corvette Museum (aka com.app_corvettemuseum.layout) application ...)
+CVE-2014-7694
 	NOT-FOR-US: Corvette Museum (aka com.app_corvettemuseum.layout) application for Android
-CVE-2014-7693 (The JusApp! (aka com.tapatalk.jusappcombrforum) application 3.7.5 for ...)
+CVE-2014-7693
 	NOT-FOR-US: JusApp! (aka com.tapatalk.jusappcombrforum) application for Android
-CVE-2014-7692 (The Lent Experience (aka com.wLentExperience) application 0.1 for ...)
+CVE-2014-7692
 	NOT-FOR-US: Lent Experience (aka com.wLentExperience) application for Android
-CVE-2014-7691 (The Life Story of Sheikh Mujib (aka com.wbongobondho) application 0.1 ...)
+CVE-2014-7691
 	NOT-FOR-US: Life Story of Sheikh Mujib (aka com.wbongobondho) application for Android
-CVE-2014-7690 (The myfone Shopping (aka com.twm.pt.eccart) application 2.1.01.00.040 ...)
+CVE-2014-7690
 	NOT-FOR-US: myfone Shopping (aka com.twm.pt.eccart) application for Android
-CVE-2014-7689 (The GzoneRC - The RC Hobby Hub (aka com.wGzoneRC) application 0.1 for ...)
+CVE-2014-7689
 	NOT-FOR-US: GzoneRC - The RC Hobby Hub (aka com.wGzoneRC) application for Android
-CVE-2014-7688 (The Home Improvement (aka com.whomeimprovementapp) application 0.1 for ...)
+CVE-2014-7688
 	NOT-FOR-US: Home Improvement (aka com.whomeimprovementapp) application for Android
 CVE-2014-7687
 	REJECTED
-CVE-2014-7686 (The So. Co. Business Partnership (aka com.ChamberMe.SCBPSOUTHERNCO) ...)
+CVE-2014-7686
 	NOT-FOR-US: So. Co. Business Partnership (aka com.ChamberMe.SCBPSOUTHERNCO) application for Android
-CVE-2014-7685 (The Razer Comms - Gaming Messenger (aka com.razerzone.comms) ...)
+CVE-2014-7685
 	NOT-FOR-US: Razer Comms - Gaming Messenger (aka com.razerzone.comms) application for Android
 CVE-2014-7684
 	REJECTED
-CVE-2014-7683 (The Free Canadian Author Previews (aka ...)
+CVE-2014-7683
 	NOT-FOR-US: Free Canadian Author Previews (aka com.booksellerscanada.authorpreview) application for Android
-CVE-2014-7682 (The GR8! TV (aka com.magzter.greighttv) application 3.0 for Android ...)
+CVE-2014-7682
 	NOT-FOR-US: GR8! TV (aka com.magzter.greighttv) application for Android
-CVE-2014-7681 (The VMware vForums 2014 (aka ...)
+CVE-2014-7681
 	NOT-FOR-US: VMware vForums 2014 (aka com.coreapps.android.followme.vmwarevforums) application for Android
 CVE-2014-7680
 	REJECTED
@@ -6914,157 +6914,157 @@ CVE-2014-7679
 	REJECTED
 CVE-2014-7678
 	REJECTED
-CVE-2014-7677 (The Scudetto (aka com.scudetto) application 2.7 for Android does not ...)
+CVE-2014-7677
 	NOT-FOR-US: Scudetto (aka com.scudetto) application for Android
-CVE-2014-7676 (The Home Made Air Freshener (aka com.wHomeMadeAirFreshener) ...)
+CVE-2014-7676
 	NOT-FOR-US: Home Made Air Freshener (aka com.wHomeMadeAirFreshener) application for Android
 CVE-2014-7675
 	REJECTED
-CVE-2014-7674 (The TicketOne.it (aka it.ticketone.mobile.app.Android) application 2.2 ...)
+CVE-2014-7674
 	NOT-FOR-US: TicketOne.it (aka it.ticketone.mobile.app.Android) application for Android
 CVE-2014-7673
 	REJECTED
 CVE-2014-7672
 	REJECTED
-CVE-2014-7671 (The Tekno Apsis (aka com.teknoapsis) application 2.4 for Android does ...)
+CVE-2014-7671
 	NOT-FOR-US: Tekno Apsis (aka com.teknoapsis) application for Android
-CVE-2014-7670 (The Motor Town: Machine Soul Free (aka com.alawar.motortownfree) ...)
+CVE-2014-7670
 	NOT-FOR-US: Motor Town: Machine Soul Free (aka com.alawar.motortownfree) application for Android
 CVE-2014-7669
 	REJECTED
-CVE-2014-7668 (The Ads Free. Cz advert (aka cz.inzeratyzdarma.cz) application 1.4 for ...)
+CVE-2014-7668
 	NOT-FOR-US: Ads Free. Cz advert (aka cz.inzeratyzdarma.cz) application for Android
-CVE-2014-7667 (The Coca-Cola FM Honduras (aka com.enyetech.radio.coca_cola.fm_hn) ...)
+CVE-2014-7667
 	NOT-FOR-US: Coca-Cola FM Honduras (aka com.enyetech.radio.coca_cola.fm_hn) application for Android
-CVE-2014-7666 (The American Waterfowler (aka com.magazinecloner.americanwaterfowler) ...)
+CVE-2014-7666
 	NOT-FOR-US: American Waterfowler (aka com.magazinecloner.americanwaterfowler) application for Android
 CVE-2014-7665
 	REJECTED
-CVE-2014-7664 (The Bilingual Magic Ball Relajo (aka com.wBilingualMagicBallRelajo) ...)
+CVE-2014-7664
 	NOT-FOR-US: Bilingual Magic Ball Relajo (aka com.wBilingualMagicBallRelajo) application for Android
-CVE-2014-7663 (The Right to the Nitty Gritty (aka com.wGoNittyGritty) application 0.1 ...)
+CVE-2014-7663
 	NOT-FOR-US: Right to the Nitty Gritty (aka com.wGoNittyGritty) application for Android
 CVE-2014-7662
 	REJECTED
-CVE-2014-7661 (The Masquito Blogger (aka com.wmasquito) application 0.1 for Android ...)
+CVE-2014-7661
 	NOT-FOR-US: Masquito Blogger (aka com.wmasquito) application for Android
-CVE-2014-7660 (The Gent Magazine (aka com.magzter.thegentmagazine) application 3.0 ...)
+CVE-2014-7660
 	NOT-FOR-US: Gent Magazine (aka com.magzter.thegentmagazine) application for Android
-CVE-2014-7659 (The ExpeditersOnline.com Forum (aka com.quoord.tapatalkeo.activity) ...)
+CVE-2014-7659
 	NOT-FOR-US: ExpeditersOnline.com Forum (aka com.quoord.tapatalkeo.activity) application for Android
 CVE-2014-7658
 	REJECTED
 CVE-2014-7657
 	REJECTED
-CVE-2014-7656 (The Indian Management (aka com.magzter.indianmanagement) application ...)
+CVE-2014-7656
 	NOT-FOR-US: Indian Management (aka com.magzter.indianmanagement) application for Android
-CVE-2014-7655 (The Dresden Transport Museum (aka de.appack.project.vmd) application ...)
+CVE-2014-7655
 	NOT-FOR-US: Dresden Transport Museum (aka de.appack.project.vmd) application for Android
 CVE-2014-7654
 	REJECTED
 CVE-2014-7653
 	REJECTED
-CVE-2014-7652 (The Magicam Photo Magic Editor (aka mobi.magicam.editor) application ...)
+CVE-2014-7652
 	NOT-FOR-US: Magicam Photo Magic Editor (aka mobi.magicam.editor) application for Android
 CVE-2014-7651
 	REJECTED
-CVE-2014-7650 (The JJA- Juvenile Justice Act 1986 (aka com.felix.jja) application 1.0 ...)
+CVE-2014-7650
 	NOT-FOR-US: JJA- Juvenile Justice Act 1986 (aka com.felix.jja) application for Android
-CVE-2014-7649 (The Classic Car Buyer (aka com.magazinecloner.carbuyer) application ...)
+CVE-2014-7649
 	NOT-FOR-US: Classic Car Buyer (aka com.magazinecloner.carbuyer) application for Android
-CVE-2014-7648 (The SMARTalk (aka jp.co.fusioncom.smartalk.android) application 1.1 ...)
+CVE-2014-7648
 	NOT-FOR-US: SMARTalk (aka jp.co.fusioncom.smartalk.android) application for Android
-CVE-2014-7647 (The BOOKING DISCOUNT (aka com.wmygoodhotelscom) application 0.1 for ...)
+CVE-2014-7647
 	NOT-FOR-US: BOOKING DISCOUNT (aka com.wmygoodhotelscom) application for Android
-CVE-2014-7646 (The EMT-Paramedic Lite (aka com.wEMTparamedicLite) application 0.1 for ...)
+CVE-2014-7646
 	NOT-FOR-US: EMT-Paramedic Lite (aka com.wEMTparamedicLite) application for Android
 CVE-2014-7645
 	REJECTED
-CVE-2014-7644 (The Go MSX MLS (aka ...)
+CVE-2014-7644
 	NOT-FOR-US: Go MSX MLS (aka com.doapps.android.realestate.RE_16b9c09c4d5b0e174208f35e7c49f9a0) application for Android
-CVE-2014-7643 (The C.R. Group (aka com.c.r.group) application 1.0 for Android does ...)
+CVE-2014-7643
 	NOT-FOR-US: C.R. Group (aka com.c.r.group) application for Android
-CVE-2014-7642 (The Pegasus Airlines (aka com.wPegasusAirlines) application ...)
+CVE-2014-7642
 	NOT-FOR-US: Pegasus Airlines (aka com.wPegasusAirlines) application for Android
 CVE-2014-7641
 	REJECTED
-CVE-2014-7640 (The Hotel Room (aka com.wHotelRoom) application 0.1 for Android does ...)
+CVE-2014-7640
 	NOT-FOR-US: Hotel Room (aka com.wHotelRoom) application for Android
 CVE-2014-7639
 	REJECTED
-CVE-2014-7638 (The Fabuestereo 88.1 FM (aka com.nobexinc.wls_27892411.rc) application ...)
+CVE-2014-7638
 	NOT-FOR-US: Fabuestereo 88.1 FM (aka com.nobexinc.wls_27892411.rc) application for Android
 CVE-2014-7637
 	REJECTED
-CVE-2014-7636 (The United Hawk Nation (aka com.united12thman) application 2.1 for ...)
+CVE-2014-7636
 	NOT-FOR-US: United Hawk Nation (aka com.united12thman) application for Android
 CVE-2014-7635
 	REJECTED
-CVE-2014-7634 (The Adopt O Pet (aka com.wFindAPet) application 0.1 for Android does ...)
+CVE-2014-7634
 	NOT-FOR-US: Adopt O Pet (aka com.wFindAPet) application for Android
-CVE-2014-7633 (The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for ...)
+CVE-2014-7633
 	NOT-FOR-US: Dino Zoo (aka com.tappocket.dinozoostar) application for Android
-CVE-2014-7632 (The news revolution - bahrain (aka com.news.revolution.BH) application ...)
+CVE-2014-7632
 	NOT-FOR-US: news revolution - bahrain (aka com.news.revolution.BH) application for Android
-CVE-2014-7631 (The Villa Antonia (aka com.appbuilder.u7p5019) application 1 for ...)
+CVE-2014-7631
 	NOT-FOR-US: Villa Antonia (aka com.appbuilder.u7p5019) application for Android
-CVE-2014-7630 (The Fling Gold (aka com.mbgames.fling.gold) application 1.1.3 for ...)
+CVE-2014-7630
 	NOT-FOR-US: Fling Gold (aka com.mbgames.fling.gold) application for Android
-CVE-2014-7629 (The Yulman Stadium (aka com.dub.app.tulanestadium) application 1.4.25 ...)
+CVE-2014-7629
 	NOT-FOR-US: Yulman Stadium (aka com.dub.app.tulanestadium) application for Android
-CVE-2014-7628 (The Acorn Comms (aka com.acorncomms.app) application 3.0 for Android ...)
+CVE-2014-7628
 	NOT-FOR-US: Acorn Comms (aka com.acorncomms.app) application for Android
 CVE-2014-7627
 	REJECTED
-CVE-2014-7626 (The Atme (aka com.bedigital.atme) application 1.0.10 for Android does ...)
+CVE-2014-7626
 	NOT-FOR-US: Atme (aka com.bedigital.atme) application for Android
 CVE-2014-7625
 	REJECTED
-CVE-2014-7624 (The Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) ...)
+CVE-2014-7624
 	NOT-FOR-US: Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) application for Android
 CVE-2014-7623
 	REJECTED
-CVE-2014-7622 (The Affinity Mobile ATM Locator (aka ...)
+CVE-2014-7622
 	NOT-FOR-US: Affinity Mobile ATM Locator (aka com.collegemobile.affinity.locator) application for Android
-CVE-2014-7621 (The EIN Lookup (aka appinventor.ai_siwanuth.EINLookup) application 1.1 ...)
+CVE-2014-7621
 	NOT-FOR-US: EIN Lookup (aka appinventor.ai_siwanuth.EINLookup) application for Android
-CVE-2014-7620 (The Authors On Tour - Live! (aka com.appmakr.app122286) application 4 ...)
+CVE-2014-7620
 	NOT-FOR-US: Authors On Tour - Live! (aka com.appmakr.app122286) application for Android
 CVE-2014-7619
 	REJECTED
-CVE-2014-7618 (The Interior Design (aka com.interior.design.mcreda) application 1.0 ...)
+CVE-2014-7618
 	NOT-FOR-US: Interior Design (aka com.interior.design.mcreda) application for Android
-CVE-2014-7617 (The www.roads365.com (aka ydx.android) application 1.0.1 for Android ...)
+CVE-2014-7617
 	NOT-FOR-US: www.roads365.com (aka ydx.android) application for Android
-CVE-2014-7616 (The Physics Forums (aka com.tapatalk.physicsforumscom) application ...)
+CVE-2014-7616
 	NOT-FOR-US: Physics Forums (aka com.tapatalk.physicsforumscom) application for Android
 CVE-2014-7615
 	REJECTED
-CVE-2014-7614 (The Warrior Beach Retreat (aka com.wWarriorBeachRetreat) application ...)
+CVE-2014-7614
 	NOT-FOR-US: Warrior Beach Retreat (aka com.wWarriorBeachRetreat) application for Android
-CVE-2014-7613 (The WASPS Official Programmes (aka com.triactivemedia.wasps) ...)
+CVE-2014-7613
 	NOT-FOR-US: WASPS Official Programmes (aka com.triactivemedia.wasps) application for Android
-CVE-2014-7612 (The e-Kiosk (aka com.ekioskreader.android.pdfviewer) application 1.74 ...)
+CVE-2014-7612
 	NOT-FOR-US: e-Kiosk (aka com.ekioskreader.android.pdfviewer) application for Android
-CVE-2014-7611 (The Lost Temple (aka com.crazy.game.good.mengchenglu.templeI) ...)
+CVE-2014-7611
 	NOT-FOR-US: Lost Temple (aka com.crazy.game.good.mengchenglu.templeI) application for Android
-CVE-2014-7610 (The Kadinlar Kulubu KKMobileApp (aka com.tapatalk.kadinlarkulubucom) ...)
+CVE-2014-7610
 	NOT-FOR-US: Kadinlar Kulubu KKMobileApp (aka com.tapatalk.kadinlarkulubucom) application for Android
-CVE-2014-7609 (The iStunt 2 (aka com.miniclip.istunt2) application 1.1.2 for Android ...)
+CVE-2014-7609
 	NOT-FOR-US: iStunt 2 (aka com.miniclip.istunt2) application for Android
-CVE-2014-7608 (The Carrier Enterprise HVAC Assist (aka com.es.CE) application 4.0 for ...)
+CVE-2014-7608
 	NOT-FOR-US: Carrier Enterprise HVAC Assist (aka com.es.CE) application for Android
-CVE-2014-7607 (The Swamiji.tv (aka org.yidl.SwamijiTV) application 2.0 for Android ...)
+CVE-2014-7607
 	NOT-FOR-US: Swamiji.tv (aka org.yidl.SwamijiTV) application for Android
-CVE-2014-7606 (The Concursive (aka com.concursive.app) application 2.1 for Android ...)
+CVE-2014-7606
 	NOT-FOR-US: Concursive (aka com.concursive.app) application for Android
-CVE-2014-7605 (The Actors Key (aka ...)
+CVE-2014-7605
 	NOT-FOR-US: Actors Key (aka com.conduit.app_f83daeb6861b401bb103c33ea4210029.app) application for Android
-CVE-2014-7604 (The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) ...)
+CVE-2014-7604
 	NOT-FOR-US: Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application for Android
-CVE-2014-7603 (The Gravey Design (aka com.dreamstep.wGraveyDesign) application ...)
+CVE-2014-7603
 	NOT-FOR-US: Gravey Design (aka com.dreamstep.wGraveyDesign) application for Android
-CVE-2014-7602 (The FRONT (aka com.magazinecloner.front) application @7F08017A for ...)
+CVE-2014-7602
 	NOT-FOR-US: FRONT (aka com.magazinecloner.front) application for Android
 CVE-2014-7601
 	REJECTED
@@ -7072,586 +7072,586 @@ CVE-2014-7600
 	REJECTED
 CVE-2014-7599
 	REJECTED
-CVE-2014-7598 (The Poker Puzzle (aka com.sharpiq.pokerpuzzle) application 1.0.0 for ...)
+CVE-2014-7598
 	NOT-FOR-US: Poker Puzzle (aka com.sharpiq.pokerpuzzle) application for Android
-CVE-2014-7597 (The Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) ...)
+CVE-2014-7597
 	NOT-FOR-US: Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) application for Android
-CVE-2014-7596 (The Paramore (aka uk.co.pixelkicks.paramore) application 2.3.4 for ...)
+CVE-2014-7596
 	NOT-FOR-US: Paramore (aka uk.co.pixelkicks.paramore) application for Android
-CVE-2014-7595 (The devada.co.uk (aka com.wdevadacouk) application 1.2 for Android ...)
+CVE-2014-7595
 	NOT-FOR-US: devada.co.uk (aka com.wdevadacouk) application for Android
 CVE-2014-7594
 	REJECTED
-CVE-2014-7593 (The Mr Whippet - Yorkshire Ice (aka com.appytimes.ice) application 1.1 ...)
+CVE-2014-7593
 	NOT-FOR-US: Mr Whippet - Yorkshire Ice (aka com.appytimes.ice) application for Android
-CVE-2014-7592 (The FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) ...)
+CVE-2014-7592
 	NOT-FOR-US: FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) application for Android
-CVE-2014-7591 (The Demon (aka com.ireadercity.c24) application 3.0.2 for Android does ...)
+CVE-2014-7591
 	NOT-FOR-US: Demon (aka com.ireadercity.c24) application for Android
-CVE-2014-7590 (The WebPromoExperts (aka ua.com.webpromoexperts) application 1.8 for ...)
+CVE-2014-7590
 	NOT-FOR-US: WebPromoExperts (aka ua.com.webpromoexperts) application for Android
-CVE-2014-7589 (The Industrial and Commercial Bank of China (ICBC) Banking (aka ...)
+CVE-2014-7589
 	NOT-FOR-US: Industrial and Commercial Bank of China (ICBC) Banking (aka com.icbc.android) application for Android
 CVE-2014-7588
 	REJECTED
-CVE-2014-7587 (The Blocked in Free (aka com.blueup.blocked) application 1.0 for ...)
+CVE-2014-7587
 	NOT-FOR-US: Blocked in Free (aka com.blueup.blocked) application for Android
 CVE-2014-7586
 	REJECTED
-CVE-2014-7585 (The Biplane Forum (aka com.gcspublishing.biplaneforum) application ...)
+CVE-2014-7585
 	NOT-FOR-US: Biplane Forum (aka com.gcspublishing.biplaneforum) application for Android
-CVE-2014-7584 (The ACN2GO (aka com.dataparadigm.acnmobile) application 1.7 for ...)
+CVE-2014-7584
 	NOT-FOR-US: ACN2GO (aka com.dataparadigm.acnmobile) application for Android
 CVE-2014-7583
 	REJECTED
-CVE-2014-7582 (The Water Lateral Sizer (aka com.wWaterLateralSizer) application 1.2 ...)
+CVE-2014-7582
 	NOT-FOR-US: Water Lateral Sizer (aka com.wWaterLateralSizer) application for Android
-CVE-2014-7581 (The Quotes of Travis Barker (aka com.celebrity_quotes.travisbarker) ...)
+CVE-2014-7581
 	NOT-FOR-US: Quotes of Travis Barker (aka com.celebrity_quotes.travisbarker) application for Android
-CVE-2014-7580 (The Thailand Investor News (aka nudecreative.thaistock.set) ...)
+CVE-2014-7580
 	NOT-FOR-US: Thailand Investor News (aka nudecreative.thaistock.set) application for Android
 CVE-2014-7579
 	REJECTED
-CVE-2014-7578 (The Bieber News Now (aka com.jbnews) application 12.0.5 for Android ...)
+CVE-2014-7578
 	NOT-FOR-US: Bieber News Now (aka com.jbnews) application for Android
-CVE-2014-7577 (The B&amp;H Photo Video Pro Audio (aka com.bhphoto) application 2.5.1 for ...)
+CVE-2014-7577
 	NOT-FOR-US: B&H Photo Video Pro Audio (aka com.bhphoto) application for Android
-CVE-2014-7576 (The Chien Binh Bakugan 2 LongTieng (aka ...)
+CVE-2014-7576
 	NOT-FOR-US: Chien Binh Bakugan 2 LongTieng (aka com.htv.chien.binh.bakugan.ii.hanh.trinh.moi.long.tieng) application for Android
-CVE-2014-7575 (The eBiblio Andalucia (aka com.bqreaders.reader.ebiblioandalucia) ...)
+CVE-2014-7575
 	NOT-FOR-US: eBiblio Andalucia (aka com.bqreaders.reader.ebiblioandalucia) application for Android
 CVE-2014-7574
 	REJECTED
-CVE-2014-7573 (The droid Survey Offline Forms (aka com.contact.droidSURVEY) ...)
+CVE-2014-7573
 	NOT-FOR-US: droid Survey Offline Forms (aka com.contact.droidSURVEY) application for Android
-CVE-2014-7572 (The Stoner's Handbook L- Bud Guide (aka ...)
+CVE-2014-7572
 	NOT-FOR-US: Stoner's Handbook L- Bud Guide (aka fallacystudios.stonershandbooklite) application for Android
-CVE-2014-7571 (The Grey's Anatomy Fan (aka nl.jborsje.android.tvfan.greysanatomy) ...)
+CVE-2014-7571
 	NOT-FOR-US: Grey's Anatomy Fan (aka nl.jborsje.android.tvfan.greysanatomy) application for Android
-CVE-2014-7570 (The Fire Equipments Screen lock (aka ...)
+CVE-2014-7570
 	NOT-FOR-US: Fire Equipments Screen lock (aka com.locktheworld.screen.lock.theme.FireEquipments) application for Android
-CVE-2014-7569 (The Best Greatness Quotes (aka best.free.greatness.quotes.android.app) ...)
+CVE-2014-7569
 	NOT-FOR-US: Best Greatness Quotes (aka best.free.greatness.quotes.android.app) application for Android
-CVE-2014-7568 (The Marcus Butler Unofficial (aka com.automon.ay.marcus.butler) ...)
+CVE-2014-7568
 	NOT-FOR-US: Marcus Butler Unofficial (aka com.automon.ay.marcus.butler) application for Android
-CVE-2014-7567 (The iMig 2012 (aka com.webges.imig) application 1.0.0 for Android does ...)
+CVE-2014-7567
 	NOT-FOR-US: iMig 2012 (aka com.webges.imig) application for Android
-CVE-2014-7566 (The Stift Neuburg (aka de.appack.project.neuburg) application 1.1 for ...)
+CVE-2014-7566
 	NOT-FOR-US: Stift Neuburg (aka de.appack.project.neuburg) application for Android
-CVE-2014-7565 (The Rando Noeux (aka com.gmteditions.NoeuxLesMinesDistrib) application ...)
+CVE-2014-7565
 	NOT-FOR-US: Rando Noeux (aka com.gmteditions.NoeuxLesMinesDistrib) application for Android
-CVE-2014-7564 (The Simple Car Care Tip and Advice (aka ...)
+CVE-2014-7564
 	NOT-FOR-US: Simple Car Care Tip and Advice (aka com.a1481542198504ee106f182c8a.a40350826a) application for Android
-CVE-2014-7563 (The Tactical Force LLC (aka ...)
+CVE-2014-7563
 	NOT-FOR-US: Tactical Force LLC (aka com.conduit.app_69f61a8852b046f2846054b30c4032a7.app) application for Android
-CVE-2014-7562 (The Health Advocate SmartHelp (aka com.healthadvocate.ui) application ...)
+CVE-2014-7562
 	NOT-FOR-US: Health Advocate SmartHelp (aka com.healthadvocate.ui) application for Android
 CVE-2014-7561
 	REJECTED
-CVE-2014-7560 (The Fabasoft Cloud (aka com.fabasoft.android.cmis.folio_cloud) ...)
+CVE-2014-7560
 	NOT-FOR-US: Fabasoft Cloud (aka com.fabasoft.android.cmis.folio_cloud) application for Android
-CVE-2014-7559 (The InstaTalks (aka com.natrobit.instatalks) application 1.3.1 for ...)
+CVE-2014-7559
 	NOT-FOR-US: InstaTalks (aka com.natrobit.instatalks) application for Android
-CVE-2014-7558 (The Everest Poker (aka com.wEverestPoker) application 0.1 for Android ...)
+CVE-2014-7558
 	NOT-FOR-US: Everest Poker (aka com.wEverestPoker) application for Android
-CVE-2014-7557 (The zroadster.com (aka com.tapatalk.zroadstercomforum) application ...)
+CVE-2014-7557
 	NOT-FOR-US: zroadster.com (aka com.tapatalk.zroadstercomforum) application for Android
 CVE-2014-7556
 	REJECTED
-CVE-2014-7555 (The Apparound BLEND (aka com.apparound.mobile.catalogo) application ...)
+CVE-2014-7555
 	NOT-FOR-US: Apparound BLEND (aka com.apparound.mobile.catalogo) application for Android
-CVE-2014-7554 (The Bouqs - Flowers Simplified (aka com.bouqs.activity) application ...)
+CVE-2014-7554
 	NOT-FOR-US: Bouqs - Flowers Simplified (aka com.bouqs.activity) application for Android
-CVE-2014-7553 (The GET NYCE Lightworks (aka com.wGETNYCE) application ...)
+CVE-2014-7553
 	NOT-FOR-US: GET NYCE Lightworks (aka com.wGETNYCE) application for Android
-CVE-2014-7552 (The Zombie Diary (aka com.ezjoy.feelingtouch.zombiediary) application ...)
+CVE-2014-7552
 	NOT-FOR-US: Zombie Diary (aka com.ezjoy.feelingtouch.zombiediary) application for Android
-CVE-2014-7551 (The Noticias Bebes Beybies (aka com.beybies) application 1.0 for ...)
+CVE-2014-7551
 	NOT-FOR-US: Noticias Bebes Beybies (aka com.beybies) application for Android
-CVE-2014-7550 (The basketball news &amp; videos (aka com.basketbal.news.caesar) ...)
+CVE-2014-7550
 	NOT-FOR-US: basketball news & videos (aka com.basketbal.news.caesar) application for Android
 CVE-2014-7549
 	REJECTED
 CVE-2014-7548
 	REJECTED
-CVE-2014-7547 (The Texas Poker Unlimited Hold'em (aka ...)
+CVE-2014-7547
 	NOT-FOR-US: Texas Poker Unlimited Hold'em (aka com.fpinternet.texaspokerunlimitedholdem) application for Android
-CVE-2014-7546 (The Buddhist Prayer (aka com.buddhist.prayer.mantra.sutra) application ...)
+CVE-2014-7546
 	NOT-FOR-US: Buddhist Prayer (aka com.buddhist.prayer.mantra.sutra) application for Android
 CVE-2014-7545
 	REJECTED
-CVE-2014-7544 (The Secret City - Motion Comic (aka ...)
+CVE-2014-7544
 	NOT-FOR-US: Secret City - Motion Comic (aka me.narr8.android.serial.the_secret_city) application for Android
-CVE-2014-7543 (The Blood (aka com.sheridan.ash) application 2.1 for Android does not ...)
+CVE-2014-7543
 	NOT-FOR-US: Blood (aka com.sheridan.ash) application for Android
-CVE-2014-7542 (The l'Informatiu (aka com.linformatiu.spm) application 2.0 for Android ...)
+CVE-2014-7542
 	NOT-FOR-US: l'Informatiu (aka com.linformatiu.spm) application for Android
 CVE-2014-7541
 	REJECTED
 CVE-2014-7540
 	REJECTED
-CVE-2014-7539 (The Zhang Zhijun Taiwan Visit 2014-06-25 (aka com.zizizzi) application ...)
+CVE-2014-7539
 	NOT-FOR-US: Zhang Zhijun Taiwan Visit 2014-06-25 (aka com.zizizzi) application for Android
-CVE-2014-7538 (The Headlines news India (aka com.dreamstep.wHEADLINESNEWSINDIA) ...)
+CVE-2014-7538
 	NOT-FOR-US: Headlines news India (aka com.dreamstep.wHEADLINESNEWSINDIA) application for Android
 CVE-2014-7537
 	REJECTED
-CVE-2014-7536 (The Service Academy Forums (aka com.tapatalk.serviceacademyforumscom) ...)
+CVE-2014-7536
 	NOT-FOR-US: Service Academy Forums (aka com.tapatalk.serviceacademyforumscom) application for Android
-CVE-2014-7535 (The Classic Racer (aka com.triactivemedia.classicracer) application ...)
+CVE-2014-7535
 	NOT-FOR-US: Classic Racer (aka com.triactivemedia.classicracer) application for Android
-CVE-2014-7534 (The Funny &amp; Interesting Things (aka com.wFunnyandInterestingThings) ...)
+CVE-2014-7534
 	NOT-FOR-US: Funny & Interesting Things (aka com.wFunnyandInterestingThings) application for Android
-CVE-2014-7533 (The NotreDame Seguradora (aka br.com.notredame.mobile.NotreDame) ...)
+CVE-2014-7533
 	NOT-FOR-US: NotreDame Seguradora (aka br.com.notredame.mobile.NotreDame) application for Android
-CVE-2014-7532 (The GES Agri Connect (aka com.wAgriConnect) application 0.1 for ...)
+CVE-2014-7532
 	NOT-FOR-US: GES Agri Connect (aka com.wAgriConnect) application for Android
 CVE-2014-7531
 	REJECTED
-CVE-2014-7530 (The PRIX IMPORT (aka com.myapphone.android.myapppriximport) ...)
+CVE-2014-7530
 	NOT-FOR-US: PRIX IMPORT (aka com.myapphone.android.myapppriximport) application for Android
-CVE-2014-7529 (The Bodyguard for Hire (aka com.dreamstep.wBodyGuardforHire) ...)
+CVE-2014-7529
 	NOT-FOR-US: Bodyguard for Hire (aka com.dreamstep.wBodyGuardforHire) application for Android
-CVE-2014-7528 (The Horsepower (aka com.apptive.android.apps.horsepower) application ...)
+CVE-2014-7528
 	NOT-FOR-US: Horsepower (aka com.apptive.android.apps.horsepower) application for Android
-CVE-2014-7527 (The Savage Nation Mobile Web (aka com.wSavageNation) application ...)
+CVE-2014-7527
 	NOT-FOR-US: Savage Nation Mobile Web (aka com.wSavageNation) application for Android
-CVE-2014-7526 (The Immunize Canada (aka ca.ohri.immunizeapp) application 1.0.1 for ...)
+CVE-2014-7526
 	NOT-FOR-US: Immunize Canada (aka ca.ohri.immunizeapp) application for Android
-CVE-2014-7525 (The Domain Name Search &amp; Web Host (aka ...)
+CVE-2014-7525
 	NOT-FOR-US: Domain Name Search & Web Host (aka com.wDomainNameSearchandRegistration) application for Android
-CVE-2014-7524 (The Bed and Breakfast (aka com.wbedandbreakfastapp) application 0.1 ...)
+CVE-2014-7524
 	NOT-FOR-US: Bed and Breakfast (aka com.wbedandbreakfastapp) application for Android
-CVE-2014-7523 (The Radio Bethlehem RB2000 (aka com.Abuhadbah.rbl2000v2) application ...)
+CVE-2014-7523
 	NOT-FOR-US: Radio Bethlehem RB2000 (aka com.Abuhadbah.rbl2000v2) application for Android
-CVE-2014-7522 (The Maccabi Pakal (aka com.ideomobile.pakalmaccabi) application 1.2 ...)
+CVE-2014-7522
 	NOT-FOR-US: Maccabi Pakal (aka com.ideomobile.pakalmaccabi) application for Android
-CVE-2014-7521 (The Anderson Musaamil (aka com.app_andersonmusaamil.layout) ...)
+CVE-2014-7521
 	NOT-FOR-US: Anderson Musaamil (aka com.app_andersonmusaamil.layout) application for Android
-CVE-2014-7520 (The Nova 92.1 FM (aka com.wNova921FM) application 1.0 for Android does ...)
+CVE-2014-7520
 	NOT-FOR-US: Nova 92.1 FM (aka com.wNova921FM) application for Android
-CVE-2014-7519 (The Cycling Manager Game Cff (aka com.CyclingManagerGame) application ...)
+CVE-2014-7519
 	NOT-FOR-US: Cycling Manager Game Cff (aka com.CyclingManagerGame) application for Android
-CVE-2014-7518 (The Bowl Expo 2014 (aka com.coreapps.android.followme.bowlexpo14) ...)
+CVE-2014-7518
 	NOT-FOR-US: Bowl Expo 2014 (aka com.coreapps.android.followme.bowlexpo14) application for Android
-CVE-2014-7517 (The Myanmar Movies HD (aka com.wmyanmarmoviesHD) application 0.1 for ...)
+CVE-2014-7517
 	NOT-FOR-US: Myanmar Movies HD (aka com.wmyanmarmoviesHD) application for Android
-CVE-2014-7516 (The Central East LHIN News (aka com.wCentralEastLHINNews) application ...)
+CVE-2014-7516
 	NOT-FOR-US: Central East LHIN News (aka com.wCentralEastLHINNews) application for Android
-CVE-2014-7515 (The Bail Bonds (aka com.onesolutionapps.chadlewisbailbondsandroid) ...)
+CVE-2014-7515
 	NOT-FOR-US: Bail Bonds (aka com.onesolutionapps.chadlewisbailbondsandroid) application for Android
 CVE-2014-7514
 	REJECTED
-CVE-2014-7513 (The Top Hangover Cures (aka com.TopHangoverCures) application 1.2 for ...)
+CVE-2014-7513
 	NOT-FOR-US: Top Hangover Cures (aka com.TopHangoverCures) application for Android
 CVE-2014-7512
 	REJECTED
 CVE-2014-7511
 	REJECTED
-CVE-2014-7510 (The Graffit It (aka com.presenttechnologies.graffitit) application ...)
+CVE-2014-7510
 	NOT-FOR-US: Graffit It (aka com.presenttechnologies.graffitit) application for Android
-CVE-2014-7509 (The A Very Short History of Japan (aka com.ireadercity.c51) ...)
+CVE-2014-7509
 	NOT-FOR-US: A Very Short History of Japan (aka com.ireadercity.c51) application for Android
-CVE-2014-7508 (The Help For Doc (aka com.childrens.physician.relations) application ...)
+CVE-2014-7508
 	NOT-FOR-US: Help For Doc (aka com.childrens.physician.relations) application for Android
-CVE-2014-7507 (The Hector Leal (aka ad.hector.leal.com) application 13/08/14 for ...)
+CVE-2014-7507
 	NOT-FOR-US: Hector Leal (aka ad.hector.leal.com) application for Android
-CVE-2014-7506 (The Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) ...)
+CVE-2014-7506
 	NOT-FOR-US: Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) application for Android
-CVE-2014-7505 (The AppTalk (aka com.chatatami.apptalk) application 1.4.8 for Android ...)
+CVE-2014-7505
 	NOT-FOR-US: AppTalk (aka com.chatatami.apptalk) application for Android
 CVE-2014-7504
 	REJECTED
 CVE-2014-7503
 	REJECTED
-CVE-2014-7502 (The Escucha elDiario.es (aka es.lacabradev.escuchaeldiario) ...)
+CVE-2014-7502
 	NOT-FOR-US: Escucha elDiario.es (aka es.lacabradev.escuchaeldiario) application for Android
-CVE-2014-7501 (The Translation Widget (aka com.wTranslationGadget) application 0.1 ...)
+CVE-2014-7501
 	NOT-FOR-US: Translation Widget (aka com.wTranslationGadget) application for Android
 CVE-2014-7500
 	REJECTED
-CVE-2014-7499 (The Sword (aka com.ireadercity.c25) application 3.0.2 for Android does ...)
+CVE-2014-7499
 	NOT-FOR-US: Sword (aka com.ireadercity.c25) application for Android
-CVE-2014-7498 (The Space Cinema (aka it.thespacecinema.android) application 2.0.6 for ...)
+CVE-2014-7498
 	NOT-FOR-US: Space Cinema (aka it.thespacecinema.android) application for Android
-CVE-2014-7497 (The Portfolium (aka com.wPortfolium) application 0.1 for Android does ...)
+CVE-2014-7497
 	NOT-FOR-US: Portfolium (aka com.wPortfolium) application for Android
 CVE-2014-7496
 	REJECTED
-CVE-2014-7495 (The LogosQuest - Beginnings (aka com.wLogosQuest) application 1.0 for ...)
+CVE-2014-7495
 	NOT-FOR-US: LogosQuest - Beginnings (aka com.wLogosQuest) application for Android
-CVE-2014-7494 (The Kontan Kiosk (aka com.appsfoundry.scoopwl.id.kontankiosk) ...)
+CVE-2014-7494
 	NOT-FOR-US: Kontan Kiosk (aka com.appsfoundry.scoopwl.id.kontankiosk) application for Android
-CVE-2014-7493 (The 100 Books (aka com.ireadercity.c20) application 3.0.2 for Android ...)
+CVE-2014-7493
 	NOT-FOR-US: 100 Books (aka com.ireadercity.c20) application for Android
-CVE-2014-7492 (The Secretos de belleza (aka ...)
+CVE-2014-7492
 	NOT-FOR-US: Secretos de belleza (aka com.rareartifact.secretosdebelleza83A55CB8) application for Android
-CVE-2014-7491 (The Short Stories (aka com.ireadercity.c48) application 3.0.2 for ...)
+CVE-2014-7491
 	NOT-FOR-US: Short Stories (aka com.ireadercity.c48) application for Android
-CVE-2014-7490 (The Menaka - Marathi (aka com.magzter.menakamarathi) application 3.0 ...)
+CVE-2014-7490
 	NOT-FOR-US: Menaka - Marathi (aka com.magzter.menakamarathi) application for Android
 CVE-2014-7489
 	REJECTED
-CVE-2014-7488 (The Vineyard All In (aka com.wVineyardAllIn) application 0.1 for ...)
+CVE-2014-7488
 	NOT-FOR-US: Vineyard All In (aka com.wVineyardAllIn) application for Android
-CVE-2014-7487 (The ADT Aesthetic Dentistry Today (aka ...)
+CVE-2014-7487
 	NOT-FOR-US: ADT Aesthetic Dentistry Today (aka com.magazinecloner.aestheticdentistry) application for Android
-CVE-2014-7486 (The Mitsubishi Road Assist (aka com.agero.mitsubishi) application 1.0 ...)
+CVE-2014-7486
 	NOT-FOR-US: Mitsubishi Road Assist (aka com.agero.mitsubishi) application for Android
-CVE-2014-7485 (The Not Lost Just Somewhere Else (aka it.tinytap.attsa.notlost) ...)
+CVE-2014-7485
 	NOT-FOR-US: Not Lost Just Somewhere Else (aka it.tinytap.attsa.notlost) application for Android
-CVE-2014-7484 (The Coca-Cola FM Guatemala (aka com.enyetech.radio.coca_cola.fm_gu) ...)
+CVE-2014-7484
 	NOT-FOR-US: Coca-Cola FM Guatemala (aka com.enyetech.radio.coca_cola.fm_gu) application for Android
-CVE-2014-7483 (The Desire2Learn FUSION 2014 (aka com.desire2learn.fusion2012) ...)
+CVE-2014-7483
 	NOT-FOR-US: Desire2Learn FUSION 2014 (aka com.desire2learn.fusion2012) application for Android
 CVE-2014-7482
 	REJECTED
-CVE-2014-7481 (The ETG Hosting (aka com.etg.web.hosting) application 2.0 for Android ...)
+CVE-2014-7481
 	NOT-FOR-US: ETG Hosting (aka com.etg.web.hosting) application for Android
 CVE-2014-7480
 	REJECTED
 CVE-2014-7479
 	REJECTED
-CVE-2014-7478 (The nashaplaneta.su (aka com.wNashaPlaneta) application 1.02 for ...)
+CVE-2014-7478
 	NOT-FOR-US: nashaplaneta.su (aka com.wNashaPlaneta) application for Android
 CVE-2014-7477
 	REJECTED
-CVE-2014-7476 (The Healthy Lunch Diet Recipes (aka com.best.lunchdietrecipes) ...)
+CVE-2014-7476
 	NOT-FOR-US: Healthy Lunch Diet Recipes (aka com.best.lunchdietrecipes) application for Android
-CVE-2014-7475 (The Ionic View (aka com.ionic.viewapp) application 0.0.2 for Android ...)
+CVE-2014-7475
 	NOT-FOR-US: Ionic View (aka com.ionic.viewapp) application for Android
 CVE-2014-7474
 	REJECTED
 CVE-2014-7473
 	REJECTED
-CVE-2014-7472 (The CSApp - Colegio San Agustin (aka com.goodbarber.csapp) application ...)
+CVE-2014-7472
 	NOT-FOR-US: CSApp - Colegio San Agustin (aka com.goodbarber.csapp) application for Android
-CVE-2014-7471 (The international-arbitration-attorney.com (aka ...)
+CVE-2014-7471
 	NOT-FOR-US: international-arbitration-attorney.com (aka com.w0f1d79a1010d819acbee876007d0bebc) application for Android
-CVE-2014-7470 (The I Know the Movie (aka com.guilardi.jesaislefilm2) application ...)
+CVE-2014-7470
 	NOT-FOR-US: I Know the Movie (aka com.guilardi.jesaislefilm2) application for Android
-CVE-2014-7469 (The Best Beginning (aka com.bbbeta) application 2.0 for Android does ...)
+CVE-2014-7469
 	NOT-FOR-US: Best Beginning (aka com.bbbeta) application for Android
-CVE-2014-7468 (The AG Klettern Odenwald (aka de.appack.project.agko) application 1.2 ...)
+CVE-2014-7468
 	NOT-FOR-US: AG Klettern Odenwald (aka de.appack.project.agko) application for Android
-CVE-2014-7467 (The HoneyBee Mag (aka com.magzter.honeybeemag) application 3.0 for ...)
+CVE-2014-7467
 	NOT-FOR-US: HoneyBee Mag (aka com.magzter.honeybeemag) application for Android
-CVE-2014-7466 (The Live TV Browser (aka com.wHDSmartBrowser) application 2.0 for ...)
+CVE-2014-7466
 	NOT-FOR-US: Live TV Browser (aka com.wHDSmartBrowser) application for Android
-CVE-2014-7465 (The PC Advisor (aka com.triactivemedia.pcadvisor) application ...)
+CVE-2014-7465
 	NOT-FOR-US: PC Advisor (aka com.triactivemedia.pcadvisor) application for Android
-CVE-2014-7464 (The Magic Stamp (aka vn.avagame.apotatem) application 2.8 for Android ...)
+CVE-2014-7464
 	NOT-FOR-US: Magic Stamp (aka vn.avagame.apotatem) application for Android
-CVE-2014-7463 (The IM5 Fans Planet (aka uk.co.pixelkicks.im5) application 2.3.1 for ...)
+CVE-2014-7463
 	NOT-FOR-US: IM5 Fans Planet (aka uk.co.pixelkicks.im5) application for Android
-CVE-2014-7462 (The Fashion Story: Neon 90's (aka com.teamlava.fashionstory39) ...)
+CVE-2014-7462
 	NOT-FOR-US: Fashion Story: Neon 90's (aka com.teamlava.fashionstory39) application for Android
-CVE-2014-7461 (The A King Sperm by Dr. Seema Rao (aka com.wKingSperm) application ...)
+CVE-2014-7461
 	NOT-FOR-US: A King Sperm by Dr. Seema Rao (aka com.wKingSperm) application for Android
-CVE-2014-7460 (The Slots Heaven:FREE Slot Machine (aka com.twelvegigs.heaven.slots) ...)
+CVE-2014-7460
 	NOT-FOR-US: Slots Heaven:FREE Slot Machine (aka com.twelvegigs.heaven.slots) application for Android
-CVE-2014-7459 (The Press-Leader (aka com.soln.S95309F65AD59F99CFC2C710A517B0B7E) ...)
+CVE-2014-7459
 	NOT-FOR-US: Press-Leader (aka com.soln.S95309F65AD59F99CFC2C710A517B0B7E) application for Android
-CVE-2014-7458 (The BloomYou Valentine (aka com.bloomyouteam.bloomyou.valentine) ...)
+CVE-2014-7458
 	NOT-FOR-US: BloomYou Valentine (aka com.bloomyouteam.bloomyou.valentine) application for Android
-CVE-2014-7457 (The Electronics For You (aka com.magzter.electronicsforyou) ...)
+CVE-2014-7457
 	NOT-FOR-US: Electronics For You (aka com.magzter.electronicsforyou) application for Android
-CVE-2014-7456 (The Digit Magazine (aka com.magzter.digitmagazine) application 3.01 ...)
+CVE-2014-7456
 	NOT-FOR-US: Digit Magazine (aka com.magzter.digitmagazine) application for Android
-CVE-2014-7455 (The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5 ...)
+CVE-2014-7455
 	NOT-FOR-US: Zoella Unofficial (aka com.automon.ay.zoella) application for Android
-CVE-2014-7454 (The Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) ...)
+CVE-2014-7454
 	NOT-FOR-US: Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) application for Android
 CVE-2014-7453
 	REJECTED
-CVE-2014-7452 (The Shaklee Product Catalog (aka com.wProductCatalog) application 2.0 ...)
+CVE-2014-7452
 	NOT-FOR-US: Shaklee Product Catalog (aka com.wProductCatalog) application for Android
 CVE-2014-7451
 	REJECTED
-CVE-2014-7450 (The allnurses (aka com.tapatalk.allnursescom) application 3.4.10 for ...)
+CVE-2014-7450
 	NOT-FOR-US: allnurses (aka com.tapatalk.allnursescom) application for Android
-CVE-2014-7449 (The My NGEMC Account (aka com.ngemc.smartapps) application 1.153.0034 ...)
+CVE-2014-7449
 	NOT-FOR-US: My NGEMC Account (aka com.ngemc.smartapps) application for Android
-CVE-2014-7448 (The DealSide Institutional (aka com.magzter.dealsideinstitutional) ...)
+CVE-2014-7448
 	NOT-FOR-US: DealSide Institutional (aka com.magzter.dealsideinstitutional) application for Android
-CVE-2014-7447 (The Dattch - The Lesbian App (aka com.dattch.dattch.app) application ...)
+CVE-2014-7447
 	NOT-FOR-US: Dattch - The Lesbian App (aka com.dattch.dattch.app) application for Android
-CVE-2014-7446 (The Bilingual Magic Ball (aka com.wBilingualMagicBall) application 0.1 ...)
+CVE-2014-7446
 	NOT-FOR-US: Bilingual Magic Ball (aka com.wBilingualMagicBall) application for Android
-CVE-2014-7445 (The LEGEND OF TRANCE (aka com.legendoftrance) application 1.0 for ...)
+CVE-2014-7445
 	NOT-FOR-US: LEGEND OF TRANCE (aka com.legendoftrance) application for Android
-CVE-2014-7444 (The Baidu Navigation (aka com.baidu.navi) application 3.5.0 for ...)
+CVE-2014-7444
 	NOT-FOR-US: Baidu Navigation (aka com.baidu.navi) application for Android
-CVE-2014-7443 (The Face Fun Photo Collage Maker 2 (aka ...)
+CVE-2014-7443
 	NOT-FOR-US: Face Fun Photo Collage Maker 2 (aka com.kauf.facefunphotocollagemaker2) application for Android
 CVE-2014-7442
 	REJECTED
-CVE-2014-7441 (The Pakan Ken Tube (aka com.PakanKen) application 0.1 for Android does ...)
+CVE-2014-7441
 	NOT-FOR-US: Pakan Ken Tube (aka com.PakanKen) application for Android
 CVE-2014-7440
 	REJECTED
-CVE-2014-7439 (The bene+ odmeny a slevy (aka cz.gemoney.bene.android) application ...)
+CVE-2014-7439
 	NOT-FOR-US: bene+ odmeny a slevy (aka cz.gemoney.bene.android) application for Android
 CVE-2014-7438
 	REJECTED
 	NOT-FOR-US: pbm2l2030 printer driver
-CVE-2014-7437 (The Love Horoscope Guide (aka com.charl.charlylovehoroscopes) ...)
+CVE-2014-7437
 	NOT-FOR-US: Love Horoscope Guide (aka com.charl.charlylovehoroscopes) application for Android
-CVE-2014-7436 (The SOS recette (aka com.sos.recette) application 1.0 for Android does ...)
+CVE-2014-7436
 	NOT-FOR-US: SOS recette (aka com.sos.recette) application for Android
-CVE-2014-7435 (The AJD Bail Bonds (aka com.onesolutionapps.ajdbailbondsandroid) ...)
+CVE-2014-7435
 	NOT-FOR-US: AJD Bail Bonds (aka com.onesolutionapps.ajdbailbondsandroid) application for Android
-CVE-2014-7434 (The RTSinfo (aka ch.rts.rtsinfo) application 1.4.8 for Android does ...)
+CVE-2014-7434
 	NOT-FOR-US: RTSinfo (aka ch.rts.rtsinfo) application for Android
-CVE-2014-7433 (The Student ID (aka com.computas.studentbevis) application 1.2 for ...)
+CVE-2014-7433
 	NOT-FOR-US: Student ID (aka com.computas.studentbevis) application for Android
-CVE-2014-7432 (The CalculatorApp (aka com.intuit.alm.testandroidapp) application 4.0 ...)
+CVE-2014-7432
 	NOT-FOR-US: CalculatorApp (aka com.intuit.alm.testandroidapp) application for Android
-CVE-2014-7431 (The Breeze Jersey (aka com.sc.breezeje.banking) application 1.0 for ...)
+CVE-2014-7431
 	NOT-FOR-US: Breeze Jersey (aka com.sc.breezeje.banking) application for Android
-CVE-2014-7430 (The Flood-It (aka com.appspot.eoltek.flood) application 4.2 for ...)
+CVE-2014-7430
 	NOT-FOR-US: Flood-It (aka com.appspot.eoltek.flood) application for Android
 CVE-2014-7429
 	REJECTED
-CVE-2014-7428 (The 7725.com Three Kingdoms (aka com.platform7725.youai.jiejian) ...)
+CVE-2014-7428
 	NOT-FOR-US: 7725.com Three Kingdoms (aka com.platform7725.youai.jiejian) application for Android
-CVE-2014-7427 (The Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) ...)
+CVE-2014-7427
 	NOT-FOR-US: Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) application for Android
 CVE-2014-7426
 	REJECTED
-CVE-2014-7425 (The Doodle Devil Free (aka com.joybits.doodledevil_free) application ...)
+CVE-2014-7425
 	NOT-FOR-US: Doodle Devil Free (aka com.joybits.doodledevil_free) application for Android
-CVE-2014-7424 (The Quran Abu Bakr AshShatiri Free (aka com.wQuranAbuBakrFREE) ...)
+CVE-2014-7424
 	NOT-FOR-US: Quran Abu Bakr AshShatiri Free (aka com.wQuranAbuBakrFREE) application for Android
-CVE-2014-7423 (The Youth Incorporated (aka com.magzter.youthincorporated) application ...)
+CVE-2014-7423
 	NOT-FOR-US: Youth Incorporated (aka com.magzter.youthincorporated) application for Android
-CVE-2014-7422 (The HEA Mobile (aka com.homerelectric.smartapps) application ...)
+CVE-2014-7422
 	NOT-FOR-US: HEA Mobile (aka com.homerelectric.smartapps) application for Android
-CVE-2014-7421 (The Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) ...)
+CVE-2014-7421
 	NOT-FOR-US: Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) application for Android
-CVE-2014-7420 (The Just Bureaucracy (aka com.magzter.justbureaucracy) application ...)
+CVE-2014-7420
 	NOT-FOR-US: Just Bureaucracy (aka com.magzter.justbureaucracy) application for Android
-CVE-2014-7419 (The PokeCreator Lite (aka com.pokecreator.builderlite) application 1.1 ...)
+CVE-2014-7419
 	NOT-FOR-US: PokeCreator Lite (aka com.pokecreator.builderlite) application for Android
-CVE-2014-7418 (The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application ...)
+CVE-2014-7418
 	NOT-FOR-US: BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application for Android
-CVE-2014-7417 (The Real Academia de Bellas Artes (aka ...)
+CVE-2014-7417
 	NOT-FOR-US: Real Academia de Bellas Artes (aka com.adianteventures.adianteapps.real_academia_de_bellas_artes) application for Android
-CVE-2014-7416 (The Craft Stamper Magazine (aka com.triactivemedia.craftstamper) ...)
+CVE-2014-7416
 	NOT-FOR-US: Craft Stamper Magazine (aka com.triactivemedia.craftstamper) application for Android
-CVE-2014-7415 (The Asylum! (aka com.nobexinc.wls_96362255.rc) application 3.3.10 for ...)
+CVE-2014-7415
 	NOT-FOR-US: Asylum! (aka com.nobexinc.wls_96362255.rc) application for Android
-CVE-2014-7414 (The CLEO Malaysia (aka com.magzter.cleomalaysia) application 3.01 for ...)
+CVE-2014-7414
 	NOT-FOR-US: CLEO Malaysia (aka com.magzter.cleomalaysia) application for Android
-CVE-2014-7413 (The Rajendra Suriji (aka com.rajendrasuriji.nakodabhairav.com) ...)
+CVE-2014-7413
 	NOT-FOR-US: Rajendra Suriji (aka com.rajendrasuriji.nakodabhairav.com) application for Android
 CVE-2014-7412
 	REJECTED
 CVE-2014-7411
 	REJECTED
-CVE-2014-7410 (The Aptallik Testi (aka com.wAptallikTesti) application 4.0 for ...)
+CVE-2014-7410
 	NOT-FOR-US: Aptallik Testi (aka com.wAptallikTesti) application for Android
-CVE-2014-7409 (The Liburan Hemat (aka com.liburan.bro) application 1.0 for Android ...)
+CVE-2014-7409
 	NOT-FOR-US: Liburan Hemat (aka com.liburan.bro) application for Android
-CVE-2014-7408 (The Gary Johnson for President '12 (aka com.GaryJohnson2012) ...)
+CVE-2014-7408
 	NOT-FOR-US: Gary Johnson for President '12 (aka com.GaryJohnson2012) application for Android
-CVE-2014-7407 (The Game Day Tix (aka com.xcr.android.mygamedaytickets) application ...)
+CVE-2014-7407
 	NOT-FOR-US: Game Day Tix (aka com.xcr.android.mygamedaytickets) application for Android
-CVE-2014-7406 (The Deakin University (aka ...)
+CVE-2014-7406
 	NOT-FOR-US: Deakin University (aka com.desire2learn.campuslife.deakin.edu.au.directory) application for Android
-CVE-2014-7405 (The Belaire Family Orthodontics (aka com.app_bf.layout) application ...)
+CVE-2014-7405
 	NOT-FOR-US: Belaire Family Orthodontics (aka com.app_bf.layout) application for Android
 CVE-2014-7404
 	REJECTED
-CVE-2014-7403 (The NZHondas.com (aka com.tapatalk.nzhondascom) application 3.6.14 for ...)
+CVE-2014-7403
 	NOT-FOR-US: NZHondas.com (aka com.tapatalk.nzhondascom) application for Android
 CVE-2014-7400
 	REJECTED
-CVE-2014-7399 (The Suzanne Glathar (aka com.app_sglathar.layout) application 1.399 ...)
+CVE-2014-7399
 	NOT-FOR-US: Suzanne Glathar (aka com.app_sglathar.layout) application for Android
-CVE-2014-7398 (The Dil Bilgisi Kurallari (aka com.buronya.dilbilgisi) application 1.0 ...)
+CVE-2014-7398
 	NOT-FOR-US: Dil Bilgisi Kurallari (aka com.buronya.dilbilgisi) application for Android
-CVE-2014-7397 (The ileri Gazetesi - Yozgat (aka com.byfes.ilerigazetesi) application ...)
+CVE-2014-7397
 	NOT-FOR-US: ileri Gazetesi - Yozgat (aka com.byfes.ilerigazetesi) application for Android
-CVE-2014-7396 (The PocketKnife Bravo Super (aka com.wPocketKnifeBravo) application ...)
+CVE-2014-7396
 	NOT-FOR-US: PocketKnife Bravo Super (aka com.wPocketKnifeBravo) application for Android
-CVE-2014-7395 (The USF BCM (aka com.appmakr.app193115) application 252847 for Android ...)
+CVE-2014-7395
 	NOT-FOR-US: USF BCM (aka com.appmakr.app193115) application for Android
-CVE-2014-7394 (The www.alaaliwat.com (aka com.alaliwat.marsa) application 4.9 for ...)
+CVE-2014-7394
 	NOT-FOR-US: www.alaaliwat.com (aka com.alaliwat.marsa) application for Android
-CVE-2014-7393 (The 100 Beauty Tips (aka com.ww100BeautyTipsApp) application 1.1 for ...)
+CVE-2014-7393
 	NOT-FOR-US: 100 Beauty Tips (aka com.ww100BeautyTipsApp) application for Android
-CVE-2014-7392 (The Russian Federation Traffic Rules (aka com.russia.pdd) application ...)
+CVE-2014-7392
 	NOT-FOR-US: Russian Federation Traffic Rules (aka com.russia.pdd) application for Android
-CVE-2014-7391 (The Synx addictive puzzle game (aka us.synx.mobile.play) application ...)
+CVE-2014-7391
 	NOT-FOR-US: Synx addictive puzzle game (aka us.synx.mobile.play) application for Android
-CVE-2014-7390 (The Enchanted Fashion Crush (aka com.tabtale.springcrushbundleint) ...)
+CVE-2014-7390
 	NOT-FOR-US: Enchanted Fashion Crush (aka com.tabtale.springcrushbundleint) application for Android
-CVE-2014-7389 (The Amnesia Groove (aka com.nobexinc.wls_88552576.rc) application ...)
+CVE-2014-7389
 	NOT-FOR-US: Amnesia Groove (aka com.nobexinc.wls_88552576.rc) application for Android
-CVE-2014-7388 (The Sunday Indian Oriya (aka com.magzter.thesundayindianoriya) ...)
+CVE-2014-7388
 	NOT-FOR-US: Sunday Indian Oriya (aka com.magzter.thesundayindianoriya) application for Android
-CVE-2014-7387 (The ACC Advocacy Action (aka com.acc.app.android.ui) application 2.0 ...)
+CVE-2014-7387
 	NOT-FOR-US: ACC Advocacy Action (aka com.acc.app.android.ui) application for Android
 CVE-2014-7386
 	REJECTED
-CVE-2014-7385 (The Aperture Mobile Media (aka com.app_aperturemobilemedia.layout) ...)
+CVE-2014-7385
 	NOT-FOR-US: Aperture Mobile Media (aka com.app_aperturemobilemedia.layout) application for Android
-CVE-2014-7384 (The Joe's Lawn Service (aka com.appexpress.joeslawnservice) ...)
+CVE-2014-7384
 	NOT-FOR-US: Joe's Lawn Service (aka com.appexpress.joeslawnservice) application for Android
 CVE-2014-7383
 	REJECTED
-CVE-2014-7382 (The Alternative Connection (aka com.wAlternativeConnection) ...)
+CVE-2014-7382
 	NOT-FOR-US: Alternative Connection (aka com.wAlternativeConnection) application for Android
 CVE-2014-7381
 	REJECTED
-CVE-2014-7380 (The Cedar Kiosk (aka com.apps2you.cedarkiosk) application 1.1 for ...)
+CVE-2014-7380
 	NOT-FOR-US: Cedar Kiosk (aka com.apps2you.cedarkiosk) application for Android
-CVE-2014-7379 (The Kiddie Kinderschoenen (aka nl.eigenwinkelapp.kiddiekinderschoenen) ...)
+CVE-2014-7379
 	NOT-FOR-US: Kiddie Kinderschoenen (aka nl.eigenwinkelapp.kiddiekinderschoenen) application for Android
-CVE-2014-7378 (The Jobranco (aka com.jobranco) application 1.1 for Android does not ...)
+CVE-2014-7378
 	NOT-FOR-US: Jobranco (aka com.jobranco) application for Android
 CVE-2014-7377
 	REJECTED
-CVE-2014-7376 (The Facebook Profits on Steroids (aka com.wFacebookProfitsonSteroids) ...)
+CVE-2014-7376
 	NOT-FOR-US: Facebook Profits on Steroids (aka com.wFacebookProfitsonSteroids) application for Android
-CVE-2014-7375 (The Childcare (aka com.app_macchildcare.layout) application 1.399 for ...)
+CVE-2014-7375
 	NOT-FOR-US: Childcare (aka com.app_macchildcare.layout) application for Android
-CVE-2014-7374 (The SPIN - Motion Comic (aka me.narr8.android.serial.spin) application ...)
+CVE-2014-7374
 	NOT-FOR-US: SPIN - Motion Comic (aka me.narr8.android.serial.spin) application for Android
-CVE-2014-7373 (The Inspire Weddings (aka com.magzter.inspireweddings) application 3.0 ...)
+CVE-2014-7373
 	NOT-FOR-US: Inspire Weddings (aka com.magzter.inspireweddings) application for Android
-CVE-2014-7372 (The Mr.Sausage (aka com.app_mrsausage.layout) application 1.301 for ...)
+CVE-2014-7372
 	NOT-FOR-US: Mr.Sausage (aka com.app_mrsausage.layout) application for Android
-CVE-2014-7371 (The Magic Balloonman Marty Boone (aka com.app_martyboone.layout) ...)
+CVE-2014-7371
 	NOT-FOR-US: Magic Balloonman Marty Boone (aka com.app_martyboone.layout) application for Android
-CVE-2014-7370 (The Job MoBleeps (aka com.wJobMoBleeps) application 0.1 for Android ...)
+CVE-2014-7370
 	NOT-FOR-US: Job MoBleeps (aka com.wJobMoBleeps) application for Android
-CVE-2014-7369 (The Il Brillo Parlante (aka com.wIlBrilloParlante) application 0.1 for ...)
+CVE-2014-7369
 	NOT-FOR-US: Il Brillo Parlante (aka com.wIlBrilloParlante) application for Android
-CVE-2014-7368 (The Compassion Satisfaction (aka ...)
+CVE-2014-7368
 	NOT-FOR-US: Compassion Satisfaction (aka com.wCompassionSatisfactionWorkshopPresentation) application for Android
-CVE-2014-7367 (The TuS 1947 Radis (aka com.tus1947radis) application 1.0 for Android ...)
+CVE-2014-7367
 	NOT-FOR-US: TuS 1947 Radis (aka com.tus1947radis) application for Android
-CVE-2014-7366 (The Identity (aka com.magzter.identity) application 3.01 for Android ...)
+CVE-2014-7366
 	NOT-FOR-US: Identity (aka com.magzter.identity) application for Android
 CVE-2014-7365
 	REJECTED
-CVE-2014-7364 (The Promotional Items (aka com.wPromotionalItems) application 0.1 for ...)
+CVE-2014-7364
 	NOT-FOR-US: Promotional Items (aka com.wPromotionalItems) application for Android
 CVE-2014-7363
 	REJECTED
-CVE-2014-7362 (The Naranjas Con Tocados (aka com.NaranjasConTocados.com) application ...)
+CVE-2014-7362
 	NOT-FOR-US: Naranjas Con Tocados (aka com.NaranjasConTocados.com) application for Android
-CVE-2014-7361 (The Harry's Pub (aka com.emunching.harryspub) application 1.0.0 for ...)
+CVE-2014-7361
 	NOT-FOR-US: Harry's Pub (aka com.emunching.harryspub) application for Android
-CVE-2014-7360 (The How To Boil Eggs (aka com.appmakr.app842173) application 251333 ...)
+CVE-2014-7360
 	NOT-FOR-US: How To Boil Eggs (aka com.appmakr.app842173) application for Android
-CVE-2014-7359 (The MAPA DA MINA (aka com.wMAPADAMINA) application 0.1 for Android ...)
+CVE-2014-7359
 	NOT-FOR-US: MAPA DA MINA (aka com.wMAPADAMINA) application for Android
-CVE-2014-7358 (The Vermont Powder (aka com.concursive.vermontpowder) application 4.1 ...)
+CVE-2014-7358
 	NOT-FOR-US: Vermont Powder (aka com.concursive.vermontpowder) application for Android
-CVE-2014-7357 (The Grandparenting is Great (aka com.app_gig.layout) application 1.400 ...)
+CVE-2014-7357
 	NOT-FOR-US: Grandparenting is Great (aka com.app_gig.layout) application for Android
 CVE-2014-7356
 	REJECTED
 CVE-2014-7355
 	REJECTED
-CVE-2014-7354 (The Penumbra eMag (aka com.magzter.penumbraemag) application 3.0 for ...)
+CVE-2014-7354
 	NOT-FOR-US: Penumbra eMag (aka com.magzter.penumbraemag) application for Android
-CVE-2014-7353 (The JAZAN 24 (aka com.jazan24.Mcreda) application 1.0 for Android does ...)
+CVE-2014-7353
 	NOT-FOR-US: JAZAN 24 (aka com.jazan24.Mcreda) application for Android
-CVE-2014-7352 (The India's Anthem (aka appinventor.ai_opalfoxy83.India_Anthem) ...)
+CVE-2014-7352
 	NOT-FOR-US: India's Anthem (aka appinventor.ai_opalfoxy83.India_Anthem) application for Android
-CVE-2014-7351 (The GLOBAL MOVIE MAGAZINE (aka com.magzter.globalmoviemagazine) ...)
+CVE-2014-7351
 	NOT-FOR-US: GLOBAL MOVIE MAGAZINE (aka com.magzter.globalmoviemagazine) application for Android
 CVE-2014-7350
 	REJECTED
 CVE-2014-7349
 	REJECTED
-CVE-2014-7348 (The HOT CARS (aka com.magzter.hotcars) application 3.0 for Android ...)
+CVE-2014-7348
 	NOT-FOR-US: HOT CARS (aka com.magzter.hotcars) application for Android
 CVE-2014-7347
 	REJECTED
-CVE-2014-7346 (The Bespoke (aka com.magzter.bespoke) application 3.0 for Android does ...)
+CVE-2014-7346
 	NOT-FOR-US: Bespoke (aka com.magzter.bespoke) application for Android
-CVE-2014-7345 (The DIYChatroom (aka com.tapatalk.diychatroomcom) application 3.4.0 ...)
+CVE-2014-7345
 	NOT-FOR-US: DIYChatroom (aka com.tapatalk.diychatroomcom) application for Android
-CVE-2014-7344 (The Classic Arms &amp; Militaria (aka com.magazinecloner.classicarmsandm) ...)
+CVE-2014-7344
 	NOT-FOR-US: Classic Arms & Militaria (aka com.magazinecloner.classicarmsandm) application for Android
 CVE-2014-7343
 	REJECTED
-CVE-2014-7342 (The Echo News (aka com.solo.report) 1.10 application (beta) for ...)
+CVE-2014-7342
 	NOT-FOR-US: Echo News (aka com.solo.report) 1.10 application for Android
-CVE-2014-7341 (The SAsync (aka com.sasync.sasyncmap) application 1.2.0 for Android ...)
+CVE-2014-7341
 	NOT-FOR-US: SAsync (aka com.sasync.sasyncmap) application for Android
-CVE-2014-7340 (The Old Bike Mart (aka com.magazinecloner.oldbike) application ...)
+CVE-2014-7340
 	NOT-FOR-US: Old Bike Mart (aka com.magazinecloner.oldbike) application for Android
-CVE-2014-7339 (The Cuanto Conoces A un Amigo (aka ...)
+CVE-2014-7339
 	NOT-FOR-US: Cuanto Conoces A un Amigo (aka com.makeitpossible.CuantoConocesAunAmigo) application for Android
-CVE-2014-7338 (The faailkhair (aka com.faailkhair.app) application 1.0 for Android ...)
+CVE-2014-7338
 	NOT-FOR-US: faailkhair (aka com.faailkhair.app) application for Android
-CVE-2014-7337 (The Acorn Estate Agents (aka com.acorn.ea) application 3.1 for Android ...)
+CVE-2014-7337
 	NOT-FOR-US: Acorn Estate Agents (aka com.acorn.ea) application for Android
-CVE-2014-7336 (The Taking Your Company Public (aka ...)
+CVE-2014-7336
 	NOT-FOR-US: Taking Your Company Public (aka biz.app4mobile.app_016e43d03ee54d1facd6c9532a00e724.app) application for Android
-CVE-2014-7335 (The Liver Health - Hepatitis C (aka gov.nyc.dohmh.HepC) application ...)
+CVE-2014-7335
 	NOT-FOR-US: Liver Health - Hepatitis C (aka gov.nyc.dohmh.HepC) application for Android
-CVE-2014-7334 (The Where Dallas (aka com.magzter.wheredallas) application 3.0.2 for ...)
+CVE-2014-7334
 	NOT-FOR-US: Where Dallas (aka com.magzter.wheredallas) application for Android
-CVE-2014-7333 (The Aloha Guide (aka com.aloha.guide.japnese) application 1.3 for ...)
+CVE-2014-7333
 	NOT-FOR-US: Aloha Guide (aka com.aloha.guide.japnese) application for Android
 CVE-2014-7332
 	REJECTED
-CVE-2014-7331 (The TodaysSeniorsNetwork (aka com.wTodaysSeniorsNetwork) application ...)
+CVE-2014-7331
 	NOT-FOR-US: TodaysSeniorsNetwork (aka com.wTodaysSeniorsNetwork) application for Android
-CVE-2014-7330 (The XtendCU Mobile (aka com.metova.cuae.xtend) application 1.0.28 for ...)
+CVE-2014-7330
 	NOT-FOR-US: XtendCU Mobile (aka com.metova.cuae.xtend) application for Android
-CVE-2014-7329 (The Motoring Classics (aka com.aptusi.android.motoring) application ...)
+CVE-2014-7329
 	NOT-FOR-US: Motoring Classics (aka com.aptusi.android.motoring) application for Android
-CVE-2014-7328 (The brain abundance info (aka com.wbrainabundance) application 0.1 for ...)
+CVE-2014-7328
 	NOT-FOR-US: brain abundance info (aka com.wbrainabundance) application for Android
-CVE-2014-7327 (The Macau Business (aka com.magzter.macaubusiness) application 3.0 for ...)
+CVE-2014-7327
 	NOT-FOR-US: Macau Business (aka com.magzter.macaubusiness) application for Android
-CVE-2014-7326 (The ETA Mobile (aka com.en2grate.etamobile) application 1.6.6 for ...)
+CVE-2014-7326
 	NOT-FOR-US: ETA Mobile (aka com.en2grate.etamobile) application for Android
-CVE-2014-7325 (The Business Intelligence (aka com.magzter.businessintelligence) ...)
+CVE-2014-7325
 	NOT-FOR-US: Business Intelligence (aka com.magzter.businessintelligence) application for Android
 CVE-2014-7324
 	REJECTED
-CVE-2014-7323 (The Dignity Dialogue (aka com.magzter.dignitydialogue) application 3.0 ...)
+CVE-2014-7323
 	NOT-FOR-US: Dignity Dialogue (aka com.magzter.dignitydialogue) application for Android
 CVE-2014-7322
 	REJECTED
-CVE-2014-7321 (The Firenze map (aka com.wFirenzemap) application 0.1 for Android does ...)
+CVE-2014-7321
 	NOT-FOR-US: Firenze map (aka com.wFirenzemap) application for Android
-CVE-2014-7320 (The SHIRAKABA (aka com.SHIRAKABA) application 1.0 for Android does not ...)
+CVE-2014-7320
 	NOT-FOR-US: SHIRAKABA (aka com.SHIRAKABA) application for Android
 CVE-2014-7319
 	REJECTED
 CVE-2014-7318
 	REJECTED
-CVE-2014-7317 (The Aloha Bail Bonds (aka com.onesolutionapps.alohabailbondsandroid) ...)
+CVE-2014-7317
 	NOT-FOR-US: Aloha Bail Bonds (aka com.onesolutionapps.alohabailbondsandroid) application for Android
-CVE-2014-7316 (The Safe Arrival (aka com.synrevoice.safearrival) application 1.2 for ...)
+CVE-2014-7316
 	NOT-FOR-US: Safe Arrival (aka com.synrevoice.safearrival) application for Android
-CVE-2014-7315 (The Where Atlanta (aka com.magzter.whereatlanta) application 3.0.2 for ...)
+CVE-2014-7315
 	NOT-FOR-US: Where Atlanta (aka com.magzter.whereatlanta) application for Android
-CVE-2014-7314 (The Intelligent SME (aka com.magzter.intelligentsme) application 3.0 ...)
+CVE-2014-7314
 	NOT-FOR-US: Intelligent SME (aka com.magzter.intelligentsme) application for Android
-CVE-2014-7313 (The One You Fitness (aka com.app_oneyou.layout) application 1.399 for ...)
+CVE-2014-7313
 	NOT-FOR-US: One You Fitness (aka com.app_oneyou.layout) application for Android
 CVE-2014-7312
 	REJECTED
 CVE-2014-7311
 	REJECTED
-CVE-2014-7310 (The Ali Visual (aka com.ali.visual) application 1.0 for Android does ...)
+CVE-2014-7310
 	NOT-FOR-US: Ali Visual (aka com.ali.visual) application for Android
-CVE-2014-7309 (The Where2Stop-Cardlocks-Free (aka ...)
+CVE-2014-7309
 	NOT-FOR-US: Where2Stop-Cardlocks-Free (aka appinventor.ai_kidatheart99.Where2Stop_Cardlocks) application for Android
 CVE-2014-7308
 	REJECTED
-CVE-2014-7307 (The ForoSocuellamos (aka com.forosocuellamos.tlcttbeukajwpeqreg) ...)
+CVE-2014-7307
 	NOT-FOR-US: ForoSocuellamos (aka com.forosocuellamos.tlcttbeukajwpeqreg) application for Android
 CVE-2014-7306
 	RESERVED
@@ -7665,179 +7665,179 @@ CVE-2014-7302
 	RESERVED
 CVE-2014-7301
 	RESERVED
-CVE-2014-7299 (Unspecified vulnerability in administrative interfaces in ArubaOS ...)
+CVE-2014-7299
 	NOT-FOR-US: Aruba ArubaOS
-CVE-2014-7298 (adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify ...)
+CVE-2014-7298
 	NOT-FOR-US: Centrify
-CVE-2014-7297 (Unspecified vulnerability in the folder framework in the Enfold theme ...)
+CVE-2014-7297
 	NOT-FOR-US: folder framework in the Enfold theme for WordPress
-CVE-2014-7296 (The default configuration in the accessibility engine in SpagoBI 5.0.0 ...)
+CVE-2014-7296
 	NOT-FOR-US: Spago
-CVE-2014-7294 (Open redirect vulnerability in the logon page in NYU OpenSSO ...)
+CVE-2014-7294
 	NOT-FOR-US: Ex Libris Patron Directory Services
-CVE-2014-7293 (Cross-site scripting (XSS) vulnerability in the logon page in NYU ...)
+CVE-2014-7293
 	NOT-FOR-US: NYU OpenSSO Integration for Ex Libris Patron Directory Services
-CVE-2014-7292 (Open redirect vulnerability in the Click-Through feature in ...)
+CVE-2014-7292
 	NOT-FOR-US: Newtelligence dasBlog
-CVE-2014-7291 (Multiple cross-site scripting (XSS) vulnerabilities in api_events.php ...)
+CVE-2014-7291
 	NOT-FOR-US: Springshare LibCal
-CVE-2014-7290 (Multiple cross-site scripting (XSS) vulnerabilities in Atlas Systems ...)
+CVE-2014-7290
 	NOT-FOR-US: Atlas Systems Aeon
-CVE-2014-7289 (SQL injection vulnerability in the management server in Symantec ...)
+CVE-2014-7289
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-7288 (Symantec PGP Universal Server and Encryption Management Server before ...)
+CVE-2014-7288
 	NOT-FOR-US: Symantec Encryption Management Server
-CVE-2014-7287 (The key-management component in Symantec PGP Universal Server and ...)
+CVE-2014-7287
 	NOT-FOR-US: Symantec
-CVE-2014-7286 (Buffer overflow in AClient in Symantec Deployment Solution 6.9 and ...)
+CVE-2014-7286
 	NOT-FOR-US: Symantec Deployment Solution
-CVE-2014-7285 (The management console on the Symantec Web Gateway (SWG) appliance ...)
+CVE-2014-7285
 	NOT-FOR-US: Symantec Web Gateway
 CVE-2014-7282
 	RESERVED
-CVE-2014-7281 (Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda ...)
+CVE-2014-7281
 	NOT-FOR-US: Tenda A32 Router
-CVE-2014-7280 (Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 ...)
+CVE-2014-7280
 	NOT-FOR-US: Nessus Web UI
-CVE-2014-7279 (The Konke Smart Plug K does not require authentication for TELNET ...)
+CVE-2014-7279
 	NOT-FOR-US: Konke Smart Plug K
-CVE-2014-7284 (The net_get_random_once implementation in net/core/utils.c in the ...)
+CVE-2014-7284
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13)
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.13)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4405226d27b3a215e4d03cfa51f536244e5de7 (v3.15-rc7)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a48e42920ff38bc90bbf75143fff4555723d4540
 	NOTE: http://secondlookforensics.com/ngro-linux-kernel-bug/
-CVE-2014-7283 (The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs ...)
+CVE-2014-7283
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.10 upstream)
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.10 upstream)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c88547a8119e3b581318ab65e9b72f27f23e641d (v3.15-rc1)
 	NOTE: http://marc.info/?l=linux-xfs&m=139590613002926&w=2
 	NOTE: Reproducer: http://oss.sgi.com/cgi-bin/gitweb.cgi?p=xfs/cmds/xfstests.git;a=commitdiff;h=947ee8bd4b59770534297572b14c695e9c6e001e
-CVE-2014-7295 (The (1) Special:Preferences and (2) Special:UserLogin pages in ...)
+CVE-2014-7295
 	{DSA-3046-1}
 	- mediawiki 1:1.19.20+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=70672
-CVE-2014-7278 (The login page on the ZyXEL SBG-3300 Security Gateway with firmware ...)
+CVE-2014-7278
 	NOT-FOR-US: ZyXEL
-CVE-2014-7277 (Cross-site scripting (XSS) vulnerability in the login page on the ...)
+CVE-2014-7277
 	NOT-FOR-US: ZyXEL
 CVE-2014-7276
 	RESERVED
-CVE-2014-7275 (The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does ...)
+CVE-2014-7275
 	{DSA-3091-1 DLA-106-1}
 	- getmail4 4.46.0-1 (bug #766670)
-CVE-2014-7274 (The IMAP-over-SSL implementation in getmail 4.44.0 does not verify ...)
+CVE-2014-7274
 	{DSA-3091-1 DLA-106-1}
 	- getmail4 4.46.0-1 (bug #766670)
-CVE-2014-7273 (The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does ...)
+CVE-2014-7273
 	{DSA-3091-1 DLA-106-1}
 	- getmail4 4.44.0-1 (bug #766670)
-CVE-2014-7272 (Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users ...)
+CVE-2014-7272
 	[experimental] - sddm 0.11.0-1
 	- sddm 0.11.0-2
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=897788
-CVE-2014-7271 (Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users ...)
+CVE-2014-7271
 	[experimental] - sddm 0.11.0-1
 	- sddm 0.11.0-2
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=897788
-CVE-2014-7270 (Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U ...)
+CVE-2014-7270
 	NOT-FOR-US: ASUS routers
-CVE-2014-7269 (ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and ...)
+CVE-2014-7269
 	NOT-FOR-US: ASUS routers
-CVE-2014-7268 (Cross-site scripting (XSS) vulnerability in the data-export feature in ...)
+CVE-2014-7268
 	NOT-FOR-US: Ricksoft WBS Gantt-Chart add-on for JIRA
-CVE-2014-7267 (Cross-site scripting (XSS) vulnerability in the output-page generator ...)
+CVE-2014-7267
 	NOT-FOR-US: Ricksoft WBS Gantt-Chart add-on for JIRA
-CVE-2014-7266 (Algorithmic complexity vulnerability in Cybozu Remote Service Manager ...)
+CVE-2014-7266
 	NOT-FOR-US: Cybozu Remote Service Manager
-CVE-2014-7265 (Cross-site scripting (XSS) vulnerability in LinPHA allows remote ...)
+CVE-2014-7265
 	NOT-FOR-US: LinPHA
-CVE-2014-7264 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-7264
 	- chyrp <itp> (bug #664739)
-CVE-2014-7263 (Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows ...)
+CVE-2014-7263
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7262 (Cross-site scripting (XSS) vulnerability in the Omake BBS component in ...)
+CVE-2014-7262
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7261 (Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows ...)
+CVE-2014-7261
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7260 (The Server Side Includes (SSI) implementation in the File Upload BBS ...)
+CVE-2014-7260
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7259 (SQUARE ENIX Co., Ltd. Kaku-San-Sei Million Arthur before 2.25 for ...)
+CVE-2014-7259
 	NOT-FOR-US: SQUARE ENIX
-CVE-2014-7258 (Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 ...)
+CVE-2014-7258
 	NOT-FOR-US: KENT-WEB CLip Board
 CVE-2014-7257
 	RESERVED
-CVE-2014-7256 (The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking ...)
+CVE-2014-7256
 	NOT-FOR-US: SEIL Routers
-CVE-2014-7255 (Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 ...)
+CVE-2014-7255
 	NOT-FOR-US: SEIL Routers
-CVE-2014-7254 (Unspecified vulnerability in ARROWS Me F-11D allows physically ...)
+CVE-2014-7254
 	NOT-FOR-US: Arrows Me
-CVE-2014-7253 (FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA ...)
+CVE-2014-7253
 	NOT-FOR-US: ARROWS
-CVE-2014-7252 (Multiple unspecified vulnerabilities in the Syslink driver for Texas ...)
+CVE-2014-7252
 	NOT-FOR-US: ARROWS
-CVE-2014-7251 (XML external entity (XXE) vulnerability in the WebHMI server in ...)
+CVE-2014-7251
 	NOT-FOR-US: Yokogawa
-CVE-2014-7250 (The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ...)
+CVE-2014-7250
 	- kfreebsd-8 <undetermined>
 	[wheezy] - kfreebsd-8 <end-of-life> (Not supported in wheezy LTS)
 	- kfreebsd-9 <undetermined>
 	[wheezy] - kfreebsd-9 <end-of-life> (Not supported in wheezy LTS)
 	- kfreebsd-10 <undetermined> (bug #778367)
 	[jessie] - kfreebsd-10 <end-of-life> (Not supported in Jessie LTS)
-CVE-2014-7249 (Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, ...)
+CVE-2014-7249
 	NOT-FOR-US: Allied Telesis
-CVE-2014-7248 (Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows ...)
+CVE-2014-7248
 	NOT-FOR-US: IPA iLogScanner
-CVE-2014-7247 (Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; ...)
+CVE-2014-7247
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2014-7246 (The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, ...)
+CVE-2014-7246
 	NOT-FOR-US: OpenAM (SSO Server)
 	NOTE: This is not the openam answering machine.
 CVE-2014-7245
 	REJECTED
 CVE-2014-7244
 	REJECTED
-CVE-2014-7243 (LG Electronics Mobile WiFi router L-09C, L-03E, and L-04D does not ...)
+CVE-2014-7243
 	NOT-FOR-US: LG Routers
-CVE-2014-7242 (The SumaHo application 3.0.0 and earlier for Android and the SumaHo ...)
+CVE-2014-7242
 	NOT-FOR-US: SumaHo (applications for Android)
-CVE-2014-7241 (The TSUTAYA application 5.3 and earlier for Android allows remote ...)
+CVE-2014-7241
 	NOT-FOR-US: TSUTAYA application for Android
-CVE-2014-7240 (Cross-site scripting (XSS) vulnerability in the Easy Contact Form ...)
+CVE-2014-7240
 	NOT-FOR-US: Wordpress plugin
 CVE-2014-7239
 	RESERVED
 CVE-2014-7238
 	RESERVED
-CVE-2014-7237 (lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on ...)
+CVE-2014-7237
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7237
 CVE-2014-7236
 	RESERVED
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236
-CVE-2014-7235 (htdocs_ari/includes/login.php in the ARI Framework module/Asterisk ...)
+CVE-2014-7235
 	NOT-FOR-US: FreePBX
 CVE-2014-7234
 	REJECTED
-CVE-2014-7233 (GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 ...)
+CVE-2014-7233
 	NOT-FOR-US: GE Healthcare Precision THUNIS-800+
-CVE-2014-7232 (GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) ...)
+CVE-2014-7232
 	NOT-FOR-US: GE Healthcare Discovery XR656 and XR656 G2
-CVE-2014-7229 (Unspecified vulnerability in Joomla! before 2.5.4 before 2.5.26, 3.x ...)
+CVE-2014-7229
 	NOT-FOR-US: Joomla!
-CVE-2014-7228 (Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, ...)
+CVE-2014-7228
 	NOT-FOR-US: Joomla!
 CVE-2014-7227
 	REJECTED
-CVE-2014-7226 (The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and ...)
+CVE-2014-7226
 	NOT-FOR-US: Rejetto HTTP File Server
 CVE-2014-7225
 	RESERVED
@@ -7846,10 +7846,10 @@ CVE-2014-7224
 	NOT-FOR-US: Android addJavascriptInterface
 CVE-2014-7223
 	RESERVED
-CVE-2014-7222 (Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote ...)
+CVE-2014-7222
 	- teamspeak-client <removed>
 	[wheezy] - teamspeak-client <end-of-life> (non-free is not supported)
-CVE-2014-7221 (TeamSpeak Client 3.0.14 and earlier allows remote authenticated users ...)
+CVE-2014-7221
 	- teamspeak-client <removed>
 	[wheezy] - teamspeak-client <end-of-life> (non-free is not supported)
 CVE-2014-7220
@@ -7858,12 +7858,12 @@ CVE-2014-7219
 	RESERVED
 CVE-2014-7218
 	RESERVED
-CVE-2014-7217 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2014-7217
 	- phpmyadmin 4:4.2.9.1-1 (low)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-7216 (Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 ...)
+CVE-2014-7216
 	NOT-FOR-US: Yahoo
 CVE-2014-7215
 	REJECTED
@@ -7881,14 +7881,14 @@ CVE-2014-7210 [pdns in Debian creates too privileged MySQL user]
 	- pdns 3.3.1-1
 	[squeeze] - pdns <not-affected> (Vulnerabile code not present)
 	NOTE: Debian packaging specific.
-CVE-2014-7209 (run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 ...)
+CVE-2014-7209
 	{DSA-3114-1 DLA-125-1}
 	- mime-support 3.58
-CVE-2014-7208 (GParted before 0.15.0 allows local users to execute arbitrary commands ...)
+CVE-2014-7208
 	- gparted 0.16.1-1
 	[wheezy] - gparted <no-dsa> (Minor issue)
 	[squeeze] - gparted <no-dsa> (Minor issue)
-CVE-2014-7207 (A certain Debian patch to the IPv6 implementation in the Linux kernel ...)
+CVE-2014-7207
 	{DSA-3060-1}
 	- linux <not-affected> (Issue specific to 3.2.x)
 	NOTE: In 3.2.x introduced with https://git.kernel.org/cgit/linux/kernel/git/bwh/linux-3.2.y.git/commit/?h=linux-3.2.y&id=64b5c251d5b2cee4a0f697bfb90d79263f6dd517
@@ -7897,12 +7897,12 @@ CVE-2014-7207 (A certain Debian patch to the IPv6 implementation in the Linux ke
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=916e4cf46d0204806c062c8c6c4d1f633852c5b6 (v3.14-rc6)
 	NOTE: http://bugs.debian.org/766195
 	- linux-2.6 <not-affected> (Issue specific to 3.2.x)
-CVE-2014-7206 (The changelog command in Apt before 1.0.9.2 allows local users to ...)
+CVE-2014-7206
 	{DSA-3048-1}
 	- apt 1.0.9.2 (bug #763780)
 	[squeeze] - apt <not-affected> (apt changelog command and vulnerable code not present)
 	NOTE: mitigated by Linux kernel features in wheezy and up
-CVE-2014-7300 (GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is ...)
+CVE-2014-7300
 	- gnome-shell 3.14.1-1 (low)
 	[wheezy] - gnome-shell <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=737456
@@ -7912,22 +7912,22 @@ CVE-2014-7300 (GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is
 	NOTE: oom-killer allows authentication bypass for command execution.
 	NOTE: Therefore, the product must limit the aggregate memory consumption of
 	NOTE: all active requests, and the lack of this limit is a vulnerability.
-CVE-2014-7231 (The strutils.mask_password function in the OpenStack Oslo utility ...)
+CVE-2014-7231
 	- python-oslo.utils 0.2.0-1
 	NOTE: https://launchpad.net/bugs/1345233
 	NOTE: https://review.openstack.org/gitweb?p=openstack%2Foslo.utils.git;a=commitdiff;h=e0425691d90bce0bbe847a9ff49468ce0fab5486
-CVE-2014-7230 (The processutils.execute function in OpenStack oslo-incubator, Cinder, ...)
+CVE-2014-7230
 	- cinder 2014.1.3-4 (low; bug #765704)
 	- nova 2014.1.3-5 (low; bug #765714)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	- openstack-trove 2014.1.3-1 (low)
 	NOTE: https://launchpad.net/bugs/1343604
-CVE-2014-7205 (Eval injection vulnerability in the internals.batch function in ...)
+CVE-2014-7205
 	NOTE: https://nodesecurity.io/advisories/bassmaster_js_injection
 	NOT-FOR-US: node.js package bassmaster
-CVE-2014-7201 (Multiple SQL injection vulnerabilities in the search function in ...)
+CVE-2014-7201
 	NOT-FOR-US: JobControl extension for TYPO3
-CVE-2014-7200 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-7200
 	NOT-FOR-US: JobControl extension for TYPO3
 CVE-2014-7198
 	RESERVED
@@ -7935,43 +7935,43 @@ CVE-2014-7197
 	RESERVED
 CVE-2014-7196
 	REJECTED
-CVE-2014-7195 (Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before ...)
+CVE-2014-7195
 	NOT-FOR-US: Spotfire Web Player
-CVE-2014-7194 (TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File ...)
+CVE-2014-7194
 	NOT-FOR-US: TIBCO
-CVE-2014-7193 (The Crumb plugin before 3.0.0 for Node.js does not properly restrict ...)
+CVE-2014-7193
 	NOT-FOR-US: Crumb
-CVE-2014-7192 (Eval injection vulnerability in index.js in the syntax-error package ...)
+CVE-2014-7192
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773623)
 	NOTE: libv8 not covered by security support
-CVE-2014-7191 (The qs module before 1.0.0 in Node.js does not call the compact ...)
+CVE-2014-7191
 	- node-qs 2.2.4-1
 	NOTE: https://github.com/raymondfeng/node-querystring/commit/43a604b7847e56bba49d0ce3e222fe89569354d8
 	NOTE: https://nodesecurity.io/advisories/qs_dos_memory_exhaustion
-CVE-2014-7188 (The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 ...)
+CVE-2014-7188
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
 CVE-2014-7184
 	RESERVED
-CVE-2014-7183 (Multiple cross-site scripting (XSS) vulnerabilities in the search.php ...)
+CVE-2014-7183
 	NOT-FOR-US: LifeCart
-CVE-2014-7182 (Multiple cross-site scripting (XSS) vulnerabilities in the WP Google ...)
+CVE-2014-7182
 	NOT-FOR-US: WP Google Maps plugin for WordPress
-CVE-2014-7181 (Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons ...)
+CVE-2014-7181
 	NOT-FOR-US: Max Foundry MaxButtons plugin for WordPress
-CVE-2014-7180 (Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 ...)
+CVE-2014-7180
 	NOT-FOR-US: ElectricCommander
 CVE-2014-7179
 	RESERVED
-CVE-2014-7178 (Enalean Tuleap before 7.5.99.6 allows remote attackers to execute ...)
+CVE-2014-7178
 	NOT-FOR-US: Enalean Tuleap
-CVE-2014-7177 (XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier ...)
+CVE-2014-7177
 	NOT-FOR-US: Enalean Tuleap
-CVE-2014-7176 (SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote ...)
+CVE-2014-7176
 	NOT-FOR-US: Enalean Tuleap
 CVE-2014-7175
 	RESERVED
@@ -7983,34 +7983,34 @@ CVE-2014-7172
 	RESERVED
 CVE-2014-7171
 	RESERVED
-CVE-2014-7170 (Race condition in Puppet Server 0.2.0 allows local users to obtain ...)
+CVE-2014-7170
 	NOT-FOR-US: Puppet Server (replacement for puppetmaster)
-CVE-2014-7204 (jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a ...)
+CVE-2014-7204
 	{DSA-3042-1 DLA-69-1}
 	- exuberant-ctags 1:5.9~svn20110310-8 (bug #742605)
 	NOTE: http://sourceforge.net/p/ctags/code/791/
-CVE-2014-7203 (libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces ...)
+CVE-2014-7203
 	- zeromq <not-affected> (Vulnerable code not present, only zmq 4.x onwards)
 	- zeromq3 4.0.5+dfsg-1
 	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1191
-CVE-2014-7202 (stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 ...)
+CVE-2014-7202
 	- zeromq <not-affected> (Vulnerable code not present, only zmq 4.x onwards)
 	- zeromq3 4.0.5+dfsg-1
 	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1190
-CVE-2014-7190 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-7190
 	NOT-FOR-US: Openfiler
-CVE-2014-7189 (crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is ...)
+CVE-2014-7189
 	- golang 2:1.3.2-1
 	[wheezy] - golang <not-affected> (Vulnerable code not present, only Go 1.1 onwards)
 	NOTE: https://groups.google.com/forum/#!msg/golang-nuts/eeOHNw_shwU/OHALUmroA5kJ
 	NOTE: https://code.google.com/p/go/source/detail?r=eae0457c101512f59296538f0162749eba325892&name=release-branch.go1.3
-CVE-2014-7187 (Off-by-one error in the read_token_word function in parse.y in GNU ...)
+CVE-2014-7187
 	{DSA-3035-1 DLA-63-1}
 	- bash 4.3-9.2
-CVE-2014-7186 (The redirection implementation in parse.y in GNU Bash through 4.3 ...)
+CVE-2014-7186
 	{DSA-3035-1 DLA-63-1}
 	- bash 4.3-9.2
-CVE-2014-7185 (Integer overflow in bufferobject.c in Python before 2.7.8 allows ...)
+CVE-2014-7185
 	- python2.5 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
 	- python2.6 <removed> (low)
@@ -8040,11 +8040,11 @@ CVE-2014-7160
 	RESERVED
 CVE-2014-7159
 	RESERVED
-CVE-2014-7158 (Cross-site request forgery (CSRF) vulnerability in Exinda WAN ...)
+CVE-2014-7158
 	NOT-FOR-US: Exinda WAN Optimization Suite
-CVE-2014-7157 (Cross-site scripting (XSS) vulnerability in Exinda WAN Optimization ...)
+CVE-2014-7157
 	NOT-FOR-US: Exinda WAN Optimization Suite
-CVE-2014-7153 (SQL injection vulnerability in the editgallery function in ...)
+CVE-2014-7153
 	NOT-FOR-US: WordPress plugin Huge-IT Image Gallery
 CVE-2014-XXXX [cyassl: RSA Padding check vulnerability]
 	- cyassl <removed>
@@ -8053,28 +8053,28 @@ CVE-2014-XXXX [cyassl: RSA Padding check vulnerability]
 	NOTE: http://www.yassl.com/yaSSL/Blog/Entries/2014/9/12_CyaSSL_3.2.0_Released.html
 	NOTE: http://www.intelsecurity.com/advanced-threat-research/#
 	NOTE: similar to CVE-2014-1568 in nss
-CVE-2014-7199 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.19, ...)
+CVE-2014-7199
 	{DSA-3036-1}
 	- mediawiki 1:1.19.19+dfsg-1 (bug #762754)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2014-7169 (GNU Bash through 4.3 bash43-025 processes trailing strings after ...)
+CVE-2014-7169
 	{DSA-3035-1 DLA-63-1}
 	- bash 4.3-9.2 (bug #762760)
-CVE-2014-7156 (The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen ...)
+CVE-2014-7156
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
-CVE-2014-7155 (The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen ...)
+CVE-2014-7155
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
-CVE-2014-7154 (Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x ...)
+CVE-2014-7154
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
-CVE-2014-7152 (Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms ...)
+CVE-2014-7152
 	NOT-FOR-US: WordPress plugin Easy MailChimp Forms
-CVE-2014-7151 (Multiple cross-site scripting (XSS) vulnerabilities in the NEX-Forms ...)
+CVE-2014-7151
 	NOT-FOR-US: NEX-Forms Lite plugin for WordPress
 CVE-2014-7150
 	RESERVED
@@ -8084,98 +8084,98 @@ CVE-2014-7148
 	RESERVED
 CVE-2014-7147
 	RESERVED
-CVE-2014-7146 (The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows ...)
+CVE-2014-7146
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17725
 	NOTE: https://github.com/mantisbt/mantisbt/commit/bed19db9 (1.2.x branch)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/84017535 (master)
-CVE-2014-7140 (Unspecified vulnerability in the management interface in Citrix ...)
+CVE-2014-7140
 	NOT-FOR-US: Citrix NetScaler
-CVE-2014-7139 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact ...)
+CVE-2014-7139
 	NOT-FOR-US: WordPress plugin Contact Form DB
-CVE-2014-7138 (Cross-site scripting (XSS) vulnerability in the Google Calendar Events ...)
+CVE-2014-7138
 	NOT-FOR-US: WordPress plugin Google Calendar Events
-CVE-2014-7137 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before ...)
+CVE-2014-7137
 	- dolibarr 3.5.5+dfsg1-1 (bug #770313)
-CVE-2014-7136 (Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka ...)
+CVE-2014-7136
 	NOT-FOR-US: K7 Computing
-CVE-2014-7135 (The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for ...)
+CVE-2014-7135
 	NOT-FOR-US: Ayuntamiento de Coana (aka com.wInfoCoa) application for Android
-CVE-2014-7134 (The PROF. USMAN ALI AWHEELA (aka com.wPROFUAAWHEELA) application 2.1 ...)
+CVE-2014-7134
 	NOT-FOR-US: PROF. USMAN ALI AWHEELA (aka com.wPROFUAAWHEELA) application for Android
 CVE-2014-7133
 	REJECTED
-CVE-2014-7132 (The Jambatan PBB Semporna (aka com.wJAMBATANPBBSEMPORNA) application ...)
+CVE-2014-7132
 	NOT-FOR-US: Jambatan PBB Semporna (aka com.wJAMBATANPBBSEMPORNA) application for Android
-CVE-2014-7131 (The Digital Content NewFronts 2014 (aka ...)
+CVE-2014-7131
 	NOT-FOR-US: Digital Content NewFronts 2014 (aka com.coreapps.android.followme.newfronts2014) application for Android
 CVE-2014-7130
 	REJECTED
-CVE-2014-7129 (The Argus Leader Print Edition (aka com.argusleader.android.prod) ...)
+CVE-2014-7129
 	NOT-FOR-US: Argus Leader Print Edition (aka com.argusleader.android.prod) application for Android
-CVE-2014-7128 (The Toyota OC (aka com.tapatalk.toyotaownersclubcomforums) application ...)
+CVE-2014-7128
 	NOT-FOR-US: Toyota OC (aka com.tapatalk.toyotaownersclubcomforums) application for Android
-CVE-2014-7127 (The Football Espana magazine (aka com.triactivemedia.footballespana) ...)
+CVE-2014-7127
 	NOT-FOR-US: Football Espana magazine (aka com.triactivemedia.footballespana) application for Android
 CVE-2014-7126
 	REJECTED
-CVE-2014-7125 (The Motor (aka com.magzter.motorhwpublishing) application 3.0 for ...)
+CVE-2014-7125
 	NOT-FOR-US: Motor (aka com.magzter.motorhwpublishing) application for Android
-CVE-2014-7124 (The IP Alarm (aka com.cosesy.gadget.alarm) application 1.4 for Android ...)
+CVE-2014-7124
 	NOT-FOR-US: IP Alarm (aka com.cosesy.gadget.alarm) application for Android
-CVE-2014-7123 (The Brevir Harian V2 (aka com.brevir.harian.v) application 2.0 for ...)
+CVE-2014-7123
 	NOT-FOR-US: Brevir Harian V2 (aka com.brevir.harian.v) application for Android
-CVE-2014-7122 (The Lansing State Journal Print (aka com.lansingjournal.android.prod) ...)
+CVE-2014-7122
 	NOT-FOR-US: Lansing State Journal Print (aka com.lansingjournal.android.prod) application for Android
-CVE-2014-7121 (The Dhanam (aka com.magzter.dhanam) application 3.1 for Android does ...)
+CVE-2014-7121
 	NOT-FOR-US: Dhanam (aka com.magzter.dhanam) application for Android
-CVE-2014-7120 (The Model Laboratory (aka com.magazinecloner.modellaboratory) ...)
+CVE-2014-7120
 	NOT-FOR-US: Model Laboratory (aka com.magazinecloner.modellaboratory) application for Android
-CVE-2014-7119 (The GNAM 2013 (aka com.beepeers.gndam) application 1.0 for Android ...)
+CVE-2014-7119
 	NOT-FOR-US: GNAM 2013 (aka com.beepeers.gndam) application for Android
-CVE-2014-7118 (The Itography Item Hunt (aka com.itography.application) application ...)
+CVE-2014-7118
 	NOT-FOR-US: Itography Item Hunt (aka com.itography.application) application for Android
-CVE-2014-7117 (The Forest Area FCU Mobile (aka com.metova.cuae.fafcu) application ...)
+CVE-2014-7117
 	NOT-FOR-US: Forest Area FCU Mobile (aka com.metova.cuae.fafcu) application for Android
-CVE-2014-7116 (The NRA Journal (aka ...)
+CVE-2014-7116
 	NOT-FOR-US: NRA Journal (aka com.magazinecloner.nationalrifleassociationjournal) application for Android
-CVE-2014-7115 (The Letters to God - soc. network (aka com.wPismakBoguLetterstoGod) ...)
+CVE-2014-7115
 	NOT-FOR-US: Letters to God - soc. network (aka com.wPismakBoguLetterstoGod) application for Android
 CVE-2014-7114
 	REJECTED
-CVE-2014-7113 (The NASA Universe Wallpapers Xeus (aka com.xeusNASA) application 1.0 ...)
+CVE-2014-7113
 	NOT-FOR-US: NASA Universe Wallpapers Xeus (aka com.xeusNASA) application for Android
 CVE-2014-7112
 	REJECTED
-CVE-2014-7111 (The Android Excellence (aka an.exc.ap) application 1.4.1 for Android ...)
+CVE-2014-7111
 	NOT-FOR-US: Android Excellence (aka an.exc.ap) application for Android
 CVE-2014-7110
 	REJECTED
-CVE-2014-7109 (The Nesvarnik (aka cz.dtest.nesvarnik) application 1.0 for Android ...)
+CVE-2014-7109
 	NOT-FOR-US: Nesvarnik (aka cz.dtest.nesvarnik) application for Android
-CVE-2014-7108 (The Stop Headaches and Migraines (aka com.StopHeadachesandMigraines) ...)
+CVE-2014-7108
 	NOT-FOR-US: Stop Headaches and Migraines (aka com.StopHeadachesandMigraines) application for Android
-CVE-2014-7107 (The Human Factor (aka com.magzter.thehumanfactor) application 3.01 for ...)
+CVE-2014-7107
 	NOT-FOR-US: The Human Factor (aka com.magzter.thehumanfactor) application for Android
-CVE-2014-7106 (The Orakel-Ball (aka com.wOrakelball) application 0.2 for Android does ...)
+CVE-2014-7106
 	NOT-FOR-US: Orakel-Ball (aka com.wOrakelball) application for Android
 CVE-2014-7105
 	REJECTED
-CVE-2014-7104 (The gymnoOVP (iOVP) (aka com.johtru.gymnoOVP) application 1.2 for ...)
+CVE-2014-7104
 	NOT-FOR-US: gymnoOVP (iOVP) (aka com.johtru.gymnoOVP) application for Android
-CVE-2014-7103 (The Oskarshamnsliv (aka appinventor.ai_stadslivsguiden.Oskarshamnsliv) ...)
+CVE-2014-7103
 	NOT-FOR-US: Oskarshamnsliv (aka appinventor.ai_stadslivsguiden.Oskarshamnsliv) application for Android
-CVE-2014-7102 (The Car Insurance Quote Comparison (aka com.seopa.quotezone) ...)
+CVE-2014-7102
 	NOT-FOR-US: Car Insurance Quote Comparison (aka com.seopa.quotezone) application for Android
-CVE-2014-7101 (The Talk Radio Europe (aka com.nobexinc.wls_31251464.rc) application ...)
+CVE-2014-7101
 	NOT-FOR-US: Talk Radio Europe (aka com.nobexinc.wls_31251464.rc) application for Android
-CVE-2014-7100 (The www.sm3ny.com (aka sm3ny.com) application 1.0 for Android does not ...)
+CVE-2014-7100
 	NOT-FOR-US: www.sm3ny.com (aka sm3ny.com) application for Android
-CVE-2014-7099 (The Woodcraft Magazine (aka com.magzter.woodcraftmagazine) application ...)
+CVE-2014-7099
 	NOT-FOR-US: Woodcraft Magazine (aka com.magzter.woodcraftmagazine) application for Android
-CVE-2014-7098 (The Fylet Secure Large File Sender (aka ...)
+CVE-2014-7098
 	NOT-FOR-US: Fylet Secure Large File Sender (aka com.application.fyletFileSender) application for Android
 CVE-2014-7097
 	REJECTED
@@ -8185,963 +8185,963 @@ CVE-2014-7095
 	REJECTED
 CVE-2014-7094
 	REJECTED
-CVE-2014-7093 (The Superbike Magazine (aka com.triactivemedia.superbike) application ...)
+CVE-2014-7093
 	NOT-FOR-US: Superbike Magazine (aka com.triactivemedia.superbike) application for Android
-CVE-2014-7092 (The Ubooly (aka com.ubooly.ubooly) application 4.3.0 for Android does ...)
+CVE-2014-7092
 	NOT-FOR-US: Ubooly (aka com.ubooly.ubooly) application for Android
-CVE-2014-7091 (The Sacramento Kings (aka com.tibco.gse.sports) application 6.0.8 for ...)
+CVE-2014-7091
 	NOT-FOR-US: Sacramento Kings (aka com.tibco.gse.sports) application for Android
-CVE-2014-7090 (The MyVCCCD (aka com.dub.app.ventura) application 1.4.14 for Android ...)
+CVE-2014-7090
 	NOT-FOR-US: MyVCCCD (aka com.dub.app.ventura) application for Android
-CVE-2014-7089 (The COMPETITION INFORMATION (aka com.ear.bilgiyarismasi) application ...)
+CVE-2014-7089
 	NOT-FOR-US: COMPETITION INFORMATION (aka com.ear.bilgiyarismasi) application for Android
-CVE-2014-7088 (The JDM Lifestyle (aka com.hondatech) application 6.4 for Android does ...)
+CVE-2014-7088
 	NOT-FOR-US: JDM Lifestyle (aka com.hondatech) application for Android
-CVE-2014-7087 (The Top Roller Coasters Europe 1 (aka ...)
+CVE-2014-7087
 	NOT-FOR-US: Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropeanrollercoasters1) application for Android
-CVE-2014-7086 (The Killer Screen lock (aka com.cc.theme.shashou) application 0.5 for ...)
+CVE-2014-7086
 	NOT-FOR-US: Killer Screen lock (aka com.cc.theme.shashou) application for Android
-CVE-2014-7085 (The i Newspaper (aka com.independent.thei) application @7F080184 for ...)
+CVE-2014-7085
 	NOT-FOR-US: i Newspaper (aka com.independent.thei) application for Android
-CVE-2014-7084 (The Hesheng 80 (aka com.ireadercity.c29) application 3.0.2 for Android ...)
+CVE-2014-7084
 	NOT-FOR-US: Hesheng 80 (aka com.ireadercity.c29) application for Android
-CVE-2014-7083 (The Jiu Jik (aka com.scmp.jiujik) application 1.4.0 for Android does ...)
+CVE-2014-7083
 	NOT-FOR-US: Jiu Jik (aka com.scmp.jiujik) application for Android
-CVE-2014-7082 (The No Disturb (aka com.blogspot.imapp.imnodisturb) application 3.3 ...)
+CVE-2014-7082
 	NOT-FOR-US: No Disturb (aka com.blogspot.imapp.imnodisturb) application for Android
 CVE-2014-7081
 	REJECTED
-CVE-2014-7080 (The Sigong ebook (aka com.sigongsa.sigonggenre) application 1.0.0 for ...)
+CVE-2014-7080
 	NOT-FOR-US: Sigong ebook (aka com.sigongsa.sigonggenre) application for Android
-CVE-2014-7079 (The Romeo and Juliet (aka jp.co.cybird.appli.android.rjs) application ...)
+CVE-2014-7079
 	NOT-FOR-US: Romeo and Juliet (aka jp.co.cybird.appli.android.rjs) application for Android
-CVE-2014-7078 (The Payoneer Sign Up (aka com.wPayoneerSignUp) application 0.1 for ...)
+CVE-2014-7078
 	NOT-FOR-US: Payoneer Sign Up (aka com.wPayoneerSignUp) application for Android
-CVE-2014-7077 (The Gulf Coast Educators FCU (aka com.metova.cuae.gcefcu) application ...)
+CVE-2014-7077
 	NOT-FOR-US: Gulf Coast Educators FCU (aka com.metova.cuae.gcefcu) application for Android
-CVE-2014-7076 (The Sanctuary Asia (aka com.magzter.sanctuaryasia) application 3.0 for ...)
+CVE-2014-7076
 	NOT-FOR-US: Sanctuary Asia (aka com.magzter.sanctuaryasia) application for Android
-CVE-2014-7075 (The HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application 2.0 for ...)
+CVE-2014-7075
 	NOT-FOR-US: HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application for Android
 CVE-2014-7074
 	REJECTED
-CVE-2014-7073 (The Andrew Magdy Kamal's Network (aka com.wAndSocialREWApps) ...)
+CVE-2014-7073
 	NOT-FOR-US: Andrew Magdy Kamal's Network (aka com.wAndSocialREWApps) application for Android
-CVE-2014-7072 (The Venezia map (aka com.wVeneziamap) application 0.1 for Android does ...)
+CVE-2014-7072
 	NOT-FOR-US: Venezia map (aka com.wVeneziamap) application for Android
-CVE-2014-7071 (The Autocar India (aka com.magzter.autocarindia) application 3.03 for ...)
+CVE-2014-7071
 	NOT-FOR-US: Autocar India (aka com.magzter.autocarindia) application for Android
-CVE-2014-7070 (The Air War Hero (aka com.dev.airwar) application 3.0 for Android does ...)
+CVE-2014-7070
 	NOT-FOR-US: Air War Hero (aka com.dev.airwar) application for Android
-CVE-2014-7069 (The Aventino Brand (aka com.AventinoBrand) application 2.2 for Android ...)
+CVE-2014-7069
 	NOT-FOR-US: Aventino Brand (aka com.AventinoBrand) application for Android
-CVE-2014-7068 (The Neumann Student Activities (aka com.appmakr.app153856) application ...)
+CVE-2014-7068
 	NOT-FOR-US: Neumann Student Activities (aka com.appmakr.app153856) application for Android
-CVE-2014-7067 (The BTD5 Videos (aka com.wxTYILIEIRBTD5Videos) application 0.1 for ...)
+CVE-2014-7067
 	NOT-FOR-US: BTD5 Videos (aka com.wxTYILIEIRBTD5Videos) application for Android
-CVE-2014-7066 (The LegalEra (aka com.magzter.legalera) application 3.0 for Android ...)
+CVE-2014-7066
 	NOT-FOR-US: LegalEra (aka com.magzter.legalera) application for Android
-CVE-2014-7065 (The Nigerias Business Directory (aka com.wNigeriasBusinessDirectory) ...)
+CVE-2014-7065
 	NOT-FOR-US: Nigerias Business Directory (aka com.wNigeriasBusinessDirectory) application for Android
-CVE-2014-7064 (The ben10 omniverse walkthrough (aka com.wben10omniverse2walkthrough) ...)
+CVE-2014-7064
 	NOT-FOR-US: ben10 omniverse walkthrough (aka com.wben10omniverse2walkthrough) application for Android
-CVE-2014-7063 (The Bikers Romagna (aka com.bikers.romagna) application 1.0 for ...)
+CVE-2014-7063
 	NOT-FOR-US: Bikers Romagna (aka com.bikers.romagna) application for Android
-CVE-2014-7062 (The Association Min Ajlik (aka com.association.min.ajlik) application ...)
+CVE-2014-7062
 	NOT-FOR-US: Association Min Ajlik (aka com.association.min.ajlik) application for Android
-CVE-2014-7061 (The MODSIM World 2014 (aka com.concursive.modsimworld) application ...)
+CVE-2014-7061
 	NOT-FOR-US: MODSIM World 2014 (aka com.concursive.modsimworld) application for Android
-CVE-2014-7060 (The Your Tango (aka com.your.tango) application 1.0 for Android does ...)
+CVE-2014-7060
 	NOT-FOR-US: Your Tango (aka com.your.tango) application for Android
-CVE-2014-7059 (The TheDevildogGamer (aka com.wTheDevildogGamer) application 1.0 for ...)
+CVE-2014-7059
 	NOT-FOR-US: TheDevildogGamer (aka com.wTheDevildogGamer) applicationfor Android
-CVE-2014-7058 (The Efendimizin Sunnetleri (aka com.wEfendimizinSunnetleri) ...)
+CVE-2014-7058
 	NOT-FOR-US: Efendimizin Sunnetleri (aka com.wEfendimizinSunnetleri) application for Android
-CVE-2014-7057 (The Hong Kong Tatler Society (aka com.magzter.hongkongtatlersociety) ...)
+CVE-2014-7057
 	NOT-FOR-US: Hong Kong Tatler Society (aka com.magzter.hongkongtatlersociety) application for Android
-CVE-2014-7056 (The Yeast Infection (aka com.wyeastinfectionapp) application 0.1 for ...)
+CVE-2014-7056
 	NOT-FOR-US: Yeast Infection (aka com.wyeastinfectionapp) application for Android
-CVE-2014-7055 (The NCCI's Annual Issues Symposium (aka com.quickmobile.ais14) ...)
+CVE-2014-7055
 	NOT-FOR-US: NCCI's Annual Issues Symposium (aka com.quickmobile.ais14) application for Android
-CVE-2014-7054 (The musica de barrios sonideros (aka com.nobexinc.wls_93155702.rc) ...)
+CVE-2014-7054
 	NOT-FOR-US: musica de barrios sonideros (aka com.nobexinc.wls_93155702.rc) application for Android
-CVE-2014-7053 (The City Star ME (aka com.citystarme) application 1.0 for Android does ...)
+CVE-2014-7053
 	NOT-FOR-US: City Star ME (aka com.citystarme) application for Android
-CVE-2014-7052 (The sahab-alkher.com (aka com.tapatalk.sahabalkhercomvb) application ...)
+CVE-2014-7052
 	NOT-FOR-US: sahab-alkher.com (aka com.tapatalk.sahabalkhercomvb) application for Android
 CVE-2014-7051
 	REJECTED
-CVE-2014-7050 (The givenu give (aka com.givenu.give) application 1.5.3 for Android ...)
+CVE-2014-7050
 	NOT-FOR-US: givenu give (aka com.givenu.give) application for Android
-CVE-2014-7049 (The SomTodo - Task/To-do widget (aka com.somcloud.somtodo) application ...)
+CVE-2014-7049
 	NOT-FOR-US: SomTodo - Task/To-do widget (aka com.somcloud.somtodo) application for Android
-CVE-2014-7048 (The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android ...)
+CVE-2014-7048
 	NOT-FOR-US: Bear ID Lock (aka com.wBearIDLock) application for Android
-CVE-2014-7047 (The Ocean Avenue Mobile Pro (aka com.oceanavenue.mobile) application ...)
+CVE-2014-7047
 	NOT-FOR-US: Ocean Avenue Mobile Pro (aka com.oceanavenue.mobile) application for Android
-CVE-2014-7046 (The George Wassouf (aka com.devkhr32.georgewassouf) application 1.0 ...)
+CVE-2014-7046
 	NOT-FOR-US: George Wassouf (aka com.devkhr32.georgewassouf) application for Android
-CVE-2014-7045 (The Bust Out Bail (aka com.onesolutionapps.bustoutbailandroid) ...)
+CVE-2014-7045
 	NOT-FOR-US: Bust Out Bail (aka com.onesolutionapps.bustoutbailandroid) application for Android
-CVE-2014-7044 (The Street Walker (aka kt.road.StreetWalker) application 0.0.1 for ...)
+CVE-2014-7044
 	NOT-FOR-US: Street Walker (aka kt.road.StreetWalker) application for Android
-CVE-2014-7043 (The Cadpage (aka net.anei.cadpage) application 1.7.44 for Android does ...)
+CVE-2014-7043
 	NOT-FOR-US: Cadpage (aka net.anei.cadpage) application for Android
-CVE-2014-7042 (** DISPUTED ** The My nTelos (aka com.telespree.ntelospostpay) ...)
+CVE-2014-7042
 	NOT-FOR-US: My nTelos (aka com.telespree.ntelospostpay) application for Android
-CVE-2014-7041 (The SimGene (aka com.japanbioinformatics.simgene) application 1.3 for ...)
+CVE-2014-7041
 	NOT-FOR-US: SimGene (aka com.japanbioinformatics.simgene) application for Android
-CVE-2014-7040 (The UniCredit Investors (aka eu.unicreditgroup.brand.ucinvestors) ...)
+CVE-2014-7040
 	NOT-FOR-US: UniCredit Investors (aka eu.unicreditgroup.brand.ucinvestors) application for Android
-CVE-2014-7039 (The Wild Women United (aka com.wildwomenunited) application 1.0 for ...)
+CVE-2014-7039
 	NOT-FOR-US: Wild Women United (aka com.wildwomenunited) application for Android
-CVE-2014-7038 (The Al Jazeera (aka com.Al.Jazeera.net) application 6.0 for Android ...)
+CVE-2014-7038
 	NOT-FOR-US: Al Jazeera (aka com.Al.Jazeera.net) application for Android
-CVE-2014-7037 (The Noble Sticker &quot;FREE&quot; (aka com.kuronecostudio.kizokustamp.free) ...)
+CVE-2014-7037
 	NOT-FOR-US: Noble Sticker "FREE" (aka com.kuronecostudio.kizokustamp.free) application for Android
-CVE-2014-7036 (The Quest Federal CU Mobile (aka com.metova.cuae.questfcu) application ...)
+CVE-2014-7036
 	NOT-FOR-US: Quest Federal CU Mobile (aka com.metova.cuae.questfcu) application for Android
-CVE-2014-7035 (The Harmonizers Planet (aka uk.co.pixelkicks.fifthharmony) application ...)
+CVE-2014-7035
 	NOT-FOR-US: Harmonizers Planet (aka uk.co.pixelkicks.fifthharmony) application for Android
-CVE-2014-7034 (The Senator Inn &amp; Spa (aka ...)
+CVE-2014-7034
 	NOT-FOR-US: Senator Inn & Spa (aka com.conduit.app_cc06e8e9659c4cf7b361ad0b7717f3a4.app) application for Android
-CVE-2014-7033 (The Cure Viewer (aka com.livedoor.android.cureviewer) application 1.03 ...)
+CVE-2014-7033
 	NOT-FOR-US: Cure Viewer (aka com.livedoor.android.cureviewer) application for Android
-CVE-2014-7032 (The MYHABIT (aka com.amazon.myhabit) application @7F080041 for Android ...)
+CVE-2014-7032
 	NOT-FOR-US: MYHABIT (aka com.amazon.myhabit) application for Android
-CVE-2014-7031 (The RedAtoms Three (aka com.redatoms.mojodroid.tw.gp) application 2.5 ...)
+CVE-2014-7031
 	NOT-FOR-US: RedAtoms Three (aka com.redatoms.mojodroid.tw.gp) application for Android
-CVE-2014-7030 (The Dieta Dukan passo a passo (aka ...)
+CVE-2014-7030
 	NOT-FOR-US: Dieta Dukan passo a passo (aka com.rareartifact.dukanpasoapaso82BE0897) application for Android
-CVE-2014-7029 (The Bultmonster Registret (aka com.bultmonster.registret) application ...)
+CVE-2014-7029
 	NOT-FOR-US: Bultmonster Registret (aka com.bultmonster.registret) application for Android
-CVE-2014-7028 (The Ibis pau centre (aka com.myapphone.android.myappibispaucentre) ...)
+CVE-2014-7028
 	NOT-FOR-US: Ibis pau centre (aka com.myapphone.android.myappibispaucentre) application for Android
-CVE-2014-7027 (The Esercizi per le donne (aka ...)
+CVE-2014-7027
 	NOT-FOR-US: Esercizi per le donne (aka com.rareartifact.eserciziperledonne6D5578C6) application for Android
-CVE-2014-7026 (The LIFE TIME FITNESS (aka com.lifetimefitness.ltfmobile) application ...)
+CVE-2014-7026
 	NOT-FOR-US: LIFE TIME FITNESS (aka com.lifetimefitness.ltfmobile) application for Android
-CVE-2014-7025 (The Who-is-it? Lite name caller time limited free (aka ...)
+CVE-2014-7025
 	NOT-FOR-US: Who-is-it? Lite name caller time limited free (aka de.profiler.android.whoisit) application for Android
-CVE-2014-7024 (The Hardest Game Collection (aka com.lotfun.abuse) application 1.5.0 ...)
+CVE-2014-7024
 	NOT-FOR-US: Hardest Game Collection (aka com.lotfun.abuse) application for Android
-CVE-2014-7023 (The Find Color (aka com.chudong.color) application 1.1.1 for Android ...)
+CVE-2014-7023
 	NOT-FOR-US: Find Color (aka com.chudong.color) application for Android
-CVE-2014-7022 (The Modelisme.com forum/portail (aka com.tapatalk.modelismecomforum) ...)
+CVE-2014-7022
 	NOT-FOR-US: Modelisme.com forum/portail (aka com.tapatalk.modelismecomforum) application for Android
-CVE-2014-7021 (The Leg Surgery - Kids Games (aka com.harriskerioe.legsurgery) ...)
+CVE-2014-7021
 	NOT-FOR-US: Leg Surgery - Kids Games (aka com.harriskerioe.legsurgery) application for Android
-CVE-2014-7020 (The Diabetes Forum (aka com.tapatalk.diabetescoukdiabetesforum) ...)
+CVE-2014-7020
 	NOT-FOR-US: Diabetes Forum (aka com.tapatalk.diabetescoukdiabetesforum) application for Android
-CVE-2014-7019 (The Clarks Inn (aka com.ClarksInn) application 3.3.0 for Android does ...)
+CVE-2014-7019
 	NOT-FOR-US: Clarks Inn (aka com.ClarksInn) application for Android
-CVE-2014-7018 (The LOVE DANCE (aka com.efunfun.ddianle.lovedance) application ...)
+CVE-2014-7018
 	NOT-FOR-US: LOVE DANCE (aka com.efunfun.ddianle.lovedance) application for Android
-CVE-2014-7017 (The Tim Ban Bon Phuong (aka com.entertaiment.timbanbonphuong) ...)
+CVE-2014-7017
 	NOT-FOR-US: Tim Ban Bon Phuong (aka com.entertaiment.timbanbonphuong) application for Android
-CVE-2014-7016 (The Mahasna Batik (aka com.batik.mahasna) application 1.0 for Android ...)
+CVE-2014-7016
 	NOT-FOR-US: Mahasna Batik (aka com.batik.mahasna) application for Android
-CVE-2014-7015 (The JJ Texas Hold'em Poker (aka cn.jj.poker) application 1.13.23.HD ...)
+CVE-2014-7015
 	NOT-FOR-US: JJ Texas Hold'em Poker (aka cn.jj.poker) application for Android
 CVE-2014-7014
 	REJECTED
-CVE-2014-7013 (The Funny Photo Color Editor (aka com.doirdeditor.funcloreditor) ...)
+CVE-2014-7013
 	NOT-FOR-US: Funny Photo Color Editor (aka com.doirdeditor.funcloreditor) application for Android
-CVE-2014-7012 (The Coffee Inn (aka lt.lemonlabs.android.coffeeinn) application 2.0.1 ...)
+CVE-2014-7012
 	NOT-FOR-US: Coffee Inn (aka lt.lemonlabs.android.coffeeinn) application for Android
-CVE-2014-7011 (The NWTC Mobile (aka com.dub.app.nwtc) application 1.4.17 for Android ...)
+CVE-2014-7011
 	NOT-FOR-US: NWTC Mobile (aka com.dub.app.nwtc) application for Android
-CVE-2014-7010 (The UTSA Mobile (aka com.dub.app.utsa) application 1.4.21 for Android ...)
+CVE-2014-7010
 	NOT-FOR-US: UTSA Mobile (aka com.dub.app.utsa) application for Android
-CVE-2014-7009 (The HKBN My Account (aka com.hkbn.myaccount) application @7F070015 for ...)
+CVE-2014-7009
 	NOT-FOR-US: HKBN My Account (aka com.hkbn.myaccount) application for Android
-CVE-2014-7008 (The Forum FrAndroid beta (aka com.tapatalk.forumfrandroidcom) ...)
+CVE-2014-7008
 	NOT-FOR-US: Forum FrAndroid beta (aka com.tapatalk.forumfrandroidcom) application for Android
-CVE-2014-7007 (The Master Mix (aka com.nobexinc.wls_24832536.rc) application 3.3.5 ...)
+CVE-2014-7007
 	NOT-FOR-US: Master Mix (aka com.nobexinc.wls_24832536.rc) application for Android
-CVE-2014-7006 (The HydFM (aka com.apheliontechnologies.hydfm) application 1.1.9 for ...)
+CVE-2014-7006
 	NOT-FOR-US: HydFM (aka com.apheliontechnologies.hydfm) application for Android
-CVE-2014-7005 (The Foconet (aka suporte.com.foconet) application 1.0 for Android does ...)
+CVE-2014-7005
 	NOT-FOR-US: Foconet (aka suporte.com.foconet) application for Android
-CVE-2014-7004 (The PETA (aka com.peta.android) application 1.1 for Android does not ...)
+CVE-2014-7004
 	NOT-FOR-US: PETA (aka com.peta.android) application for Android
-CVE-2014-7003 (The Goodwin (aka com.goodwin.Goodwin) application 1.15 for Android ...)
+CVE-2014-7003
 	NOT-FOR-US: Goodwin (aka com.goodwin.Goodwin) application for Android
-CVE-2014-7002 (The Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) ...)
+CVE-2014-7002
 	NOT-FOR-US: Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) application for Android
-CVE-2014-7001 (The Jian Ren (aka cn.sh.scustom.janren) application 1.5.1 for Android ...)
+CVE-2014-7001
 	NOT-FOR-US: Jian Ren (aka cn.sh.scustom.janren) application for Android
-CVE-2014-7000 (The Paul Alexander Campaign (aka hr.apps.n51261427) application 4.5.8 ...)
+CVE-2014-7000
 	NOT-FOR-US: Paul Alexander Campaign (aka hr.apps.n51261427) application for Android
-CVE-2014-6999 (The Questoes OAB (aka com.pedefeijao.questoesoab) application ...)
+CVE-2014-6999
 	NOT-FOR-US: Questoes OAB (aka com.pedefeijao.questoesoab) application for Android
-CVE-2014-6998 (The PinkFong TV (aka kr.co.smartstudy.pinkfongtv_android_googlemarket) ...)
+CVE-2014-6998
 	NOT-FOR-US: PinkFong TV (aka kr.co.smartstudy.pinkfongtv_android_googlemarket) application for Android
-CVE-2014-6997 (The Dino Village (aka com.tappocket.dinovillage) application 1.6 for ...)
+CVE-2014-6997
 	NOT-FOR-US: Dino Village (aka com.tappocket.dinovillage) application for Android
-CVE-2014-6996 (The Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application ...)
+CVE-2014-6996
 	NOT-FOR-US: Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application for Android
-CVE-2014-6995 (The adidas eyewear (aka com.adidasep.eyewear) application 1.2 for ...)
+CVE-2014-6995
 	NOT-FOR-US: adidas eyewear (aka com.adidasep.eyewear) application for Android
-CVE-2014-6994 (The Atecea (aka com.atecea) application 1.2 for Android does not ...)
+CVE-2014-6994
 	NOT-FOR-US: Atecea (aka com.atecea) application for Android
-CVE-2014-6993 (The Codeeta Coupons (aka com.codeeta.promos) application 1.0.5 for ...)
+CVE-2014-6993
 	NOT-FOR-US: Codeeta Coupons (aka com.codeeta.promos) application for Android
-CVE-2014-6992 (The Timeless Black (aka com.apptive.android.apps.timeless) application ...)
+CVE-2014-6992
 	NOT-FOR-US: Timeless Black (aka com.apptive.android.apps.timeless) application for Android
-CVE-2014-6991 (The LiveAuctions.tv (aka air.LiveAndroidMaxx) application 2.005 for ...)
+CVE-2014-6991
 	NOT-FOR-US: LiveAuctions.tv (aka air.LiveAndroidMaxx) application for Android
-CVE-2014-6990 (The Albasit artes y danza (aka ...)
+CVE-2014-6990
 	NOT-FOR-US: Albasit artes y danza (aka com.adianteventures.adianteapps.albasit_artes_y_danza) application for Android
-CVE-2014-6989 (The Germanwings (aka com.germanwings.android) application 2.1.13 for ...)
+CVE-2014-6989
 	NOT-FOR-US: Germanwings (aka com.germanwings.android) application for Android
-CVE-2014-6988 (The Quotes in Images (aka pt.lumberapps.imagensfrases) application ...)
+CVE-2014-6988
 	NOT-FOR-US: Quotes in Images (aka pt.lumberapps.imagensfrases) application for Android
-CVE-2014-6987 (The Mass Gaming TV (aka net.massgamers) application 1.0 for Android ...)
+CVE-2014-6987
 	NOT-FOR-US: Mass Gaming TV (aka net.massgamers) application for Android
-CVE-2014-6986 (The Pregnancy Tips (aka com.rareartifact.tipsforpregnant71C80129) ...)
+CVE-2014-6986
 	NOT-FOR-US: Pregnancy Tips (aka com.rareartifact.tipsforpregnant71C80129) application for Android
-CVE-2014-6985 (The Georgia Packing (aka com.tapatalk.georgiapackingorg) application ...)
+CVE-2014-6985
 	NOT-FOR-US: Georgia Packing (aka com.tapatalk.georgiapackingorg) application for Android
-CVE-2014-6984 (The Shots (aka com.shots.android) application 1.0.8 for Android does ...)
+CVE-2014-6984
 	NOT-FOR-US: Shots (aka com.shots.android) application for Android
-CVE-2014-6983 (The NBE (aka com.nbe.app) application 1.1 for Android does not verify ...)
+CVE-2014-6983
 	NOT-FOR-US: NBE (aka com.nbe.app) application for Android
-CVE-2014-6982 (The Arabic Troll Football (aka com.hamoosh.ArabicTrollFootball) ...)
+CVE-2014-6982
 	NOT-FOR-US: Arabic Troll Football (aka com.hamoosh.ArabicTrollFootball) application for Android
-CVE-2014-6981 (The Taiwan Business Bank (aka com.mitake.TBB) application 2.04 for ...)
+CVE-2014-6981
 	NOT-FOR-US: Taiwan Business Bank (aka com.mitake.TBB) application for Android
-CVE-2014-6980 (The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for ...)
+CVE-2014-6980
 	NOT-FOR-US: LINE PLAY (aka jp.naver.lineplay.android) application for Android
-CVE-2014-6979 (The MiWay Insurance Ltd (aka com.MiWay.MD) application 1.2 for Android ...)
+CVE-2014-6979
 	NOT-FOR-US: MiWay Insurance Ltd (aka com.MiWay.MD) application for Android
-CVE-2014-6978 (The Karim Rahal Essoulami (aka ...)
+CVE-2014-6978
 	NOT-FOR-US: Karim Rahal Essoulami (aka com.karim.rahal.essoulami.lcxogeyuizteegxvnq) application for Android
-CVE-2014-6977 (The eLearn (aka ...)
+CVE-2014-6977
 	NOT-FOR-US: eLearn (aka com.desire2learn.campuslife.chattanoogastate.edu.directory) application for Android
-CVE-2014-6976 (The Aeroexpress (aka ru.lynx.aero) application 2.6.2 for Android does ...)
+CVE-2014-6976
 	NOT-FOR-US: Aeroexpress (aka ru.lynx.aero) application for Android
-CVE-2014-6975 (The Twin Lin (aka com.twinlin.twmo) application 5 for Android does not ...)
+CVE-2014-6975
 	NOT-FOR-US: Twin Lin (aka com.twinlin.twmo) application for Android
-CVE-2014-6974 (The MifaShow Hairstyles (aka com.mifashow) application 3.7 for Android ...)
+CVE-2014-6974
 	NOT-FOR-US: MifaShow Hairstyles (aka com.mifashow) application for Android
-CVE-2014-6973 (The Care4Kids (aka com.codetherapy.care4kids) application 1.03 for ...)
+CVE-2014-6973
 	NOT-FOR-US: Care4Kids (aka com.codetherapy.care4kids) application for Android
-CVE-2014-6972 (The Kazakhstan Radio (aka com.wordbox.kazakhstanRadio) application 2.5 ...)
+CVE-2014-6972
 	NOT-FOR-US: Kazakhstan Radio (aka com.wordbox.kazakhstanRadio) application for Android
-CVE-2014-6971 (The Easy Video Downloader (aka com.simon.padillar.EasyVideo) ...)
+CVE-2014-6971
 	NOT-FOR-US: Easy Video Downloader (aka com.simon.padillar.EasyVideo) application for Android
-CVE-2014-6970 (The North American Ismaili Games (aka hr.apps.n166983741) application ...)
+CVE-2014-6970
 	NOT-FOR-US: North American Ismaili Games (aka hr.apps.n166983741) application for Android
-CVE-2014-6969 (The Deltin Suites (aka com.DeltinSuites) application 3.4.1 for Android ...)
+CVE-2014-6969
 	NOT-FOR-US: Deltin Suites (aka com.DeltinSuites) application for Android
-CVE-2014-6968 (The Grandma's Grotto (aka com.mobileappsuite.grandmasgrotto) ...)
+CVE-2014-6968
 	NOT-FOR-US: Grandma's Grotto (aka com.mobileappsuite.grandmasgrotto) application for Android
-CVE-2014-6967 (The Albion College (aka com.vivomobile.albioncollege) application ...)
+CVE-2014-6967
 	NOT-FOR-US: Albion College (aka com.vivomobile.albioncollege) application for Android
-CVE-2014-6966 (The West Bend School District (aka net.parentlink.westbend) ...)
+CVE-2014-6966
 	NOT-FOR-US: West Bend School District (aka net.parentlink.westbend) application for Android
-CVE-2014-6965 (The FAZ.NET (aka net.faz.FAZ) application 1.0.1 for Android does not ...)
+CVE-2014-6965
 	NOT-FOR-US: FAZ.NET (aka net.faz.FAZ) application for Android
-CVE-2014-6964 (The Hanyang University Admissions (aka kr.ac.hanyang.planner) ...)
+CVE-2014-6964
 	NOT-FOR-US: Hanyang University Admissions (aka kr.ac.hanyang.planner) application for Android
-CVE-2014-6963 (The feiron (aka es.sw.feironmobile.app) application 1.1 for Android ...)
+CVE-2014-6963
 	NOT-FOR-US: feiron (aka es.sw.feironmobile.app) application for Android
-CVE-2014-6962 (The Elk Grove PublicStuff (aka com.wassabi.elkgrove) application 3.2 ...)
+CVE-2014-6962
 	NOT-FOR-US: Elk Grove PublicStuff (aka com.wassabi.elkgrove) application for Android
-CVE-2014-6961 (The SudaniNet (aka com.sudaninet.wtwqiqbegq_btwlda) application 2.0 ...)
+CVE-2014-6961
 	NOT-FOR-US: SudaniNet (aka com.sudaninet.wtwqiqbegq_btwlda) application for Android
-CVE-2014-6960 (The Multitrac (aka com.multitrac) application 1.04 for Android does ...)
+CVE-2014-6960
 	NOT-FOR-US: Multitrac (aka com.multitrac) application for Android
-CVE-2014-6959 (The QinCard (aka com.haowan.qincard) application 2.0 for Android does ...)
+CVE-2014-6959
 	NOT-FOR-US: QinCard (aka com.haowan.qincard) application for Android
-CVE-2014-6958 (The ISMRM-ESMRMB 2014 (aka ...)
+CVE-2014-6958
 	NOT-FOR-US: ISMRM-ESMRMB 2014 (aka com.coreapps.android.followme.ismrm_esmrmb14) application for Android
-CVE-2014-6957 (The scottcolibmn (aka com.bredir.boopsie.scottlib) application 4.5.110 ...)
+CVE-2014-6957
 	NOT-FOR-US: scottcolibmn (aka com.bredir.boopsie.scottlib) application for Android
-CVE-2014-6956 (The Hydrogen Water (aka com.appzone628) application 1.0 for Android ...)
+CVE-2014-6956
 	NOT-FOR-US: Hydrogen Water (aka com.appzone628) application for Android
-CVE-2014-6955 (The Le Grand Bleu (aka com.appzone468) application 1.0 for Android ...)
+CVE-2014-6955
 	NOT-FOR-US: Le Grand Bleu (aka com.appzone468) application for Android
-CVE-2014-6954 (The Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) ...)
+CVE-2014-6954
 	NOT-FOR-US: Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) application for Android
-CVE-2014-6953 (The AFTERLIFE WITH ARCHIE (aka ...)
+CVE-2014-6953
 	NOT-FOR-US: AFTERLIFE WITH ARCHIE (aka com.afterlifewitharchie.afterlifewitharchie) application for Android
-CVE-2014-6952 (The Manga Facts (aka app.mangafacts.ar) application 1.0 for Android ...)
+CVE-2014-6952
 	NOT-FOR-US: Manga Facts (aka app.mangafacts.ar) application for Android
-CVE-2014-6951 (The OneFile Ignite (aka uk.co.onefile.ignite) application 1.19 for ...)
+CVE-2014-6951
 	NOT-FOR-US: OneFile Ignite (aka uk.co.onefile.ignite) application for Android
-CVE-2014-6950 (The Mt. Airy News (aka com.soln.SBE4A803AD6430A6E9DBA5688AA644148) ...)
+CVE-2014-6950
 	NOT-FOR-US: Mt. Airy News (aka com.soln.SBE4A803AD6430A6E9DBA5688AA644148) application for Android
-CVE-2014-6949 (The Akne Ernahrung (aka com.rareartifact.akneernahrung72010074) ...)
+CVE-2014-6949
 	NOT-FOR-US: Akne Ernahrung (aka com.rareartifact.akneernahrung72010074) application for Android
-CVE-2014-6948 (The TH3 professional Al Mohtarif (aka com.th3professional.almohtarif) ...)
+CVE-2014-6948
 	NOT-FOR-US: TH3 professional Al Mohtarif (aka com.th3professional.almohtarif) application for Android
-CVE-2014-6947 (The Archie Comics (aka com.iversecomics.archie.android) application ...)
+CVE-2014-6947
 	NOT-FOR-US: Archie Comics (aka com.iversecomics.archie.android) application for Android
-CVE-2014-6946 (The Re:kyu (aka com.appzone619) application 1.0 for Android does not ...)
+CVE-2014-6946
 	NOT-FOR-US: Re:kyu (aka com.appzone619) application for Android
-CVE-2014-6945 (The Neeku Naaku Dash Dash (aka com.dakshaa.nndd) application 1.0 for ...)
+CVE-2014-6945
 	NOT-FOR-US: Neeku Naaku Dash Dash (aka com.dakshaa.nndd) application for Android
-CVE-2014-6944 (The mitfahrgelegenheit.at (aka com.carpooling.android.at) application ...)
+CVE-2014-6944
 	NOT-FOR-US: mitfahrgelegenheit.at (aka com.carpooling.android.at) application for Android
-CVE-2014-6943 (The Konigsleiten (aka com.knigsleiten) application 1.0 for Android ...)
+CVE-2014-6943
 	NOT-FOR-US: Konigsleiten (aka com.knigsleiten) application for Android
-CVE-2014-6942 (The Alisha Marie (Unofficial) (aka com.automon.ay.alisha.marie) ...)
+CVE-2014-6942
 	NOT-FOR-US: Alisha Marie (Unofficial) (aka com.automon.ay.alisha.marie) application for Android
-CVE-2014-6941 (The NOS Alive (aka pt.optimus.optimusalive2011) application 5.1 for ...)
+CVE-2014-6941
 	NOT-FOR-US: NOS Alive (aka pt.optimus.optimusalive2011) application for Android
-CVE-2014-6940 (The Absolute Lending Solutions (aka ...)
+CVE-2014-6940
 	NOT-FOR-US: Absolute Lending Solutions (aka com.soln.S008F6C05EC0B63264B429F6D76286562) application for Android
-CVE-2014-6939 (The Sketch W Friends FREE -Tablets (aka ...)
+CVE-2014-6939
 	NOT-FOR-US: Sketch W Friends FREE -Tablets (aka air.com.xlabz.SketchWFriendsFree) application for Android
-CVE-2014-6938 (The Apostilas musicais (aka com.apostilas) application 1.0 for Android ...)
+CVE-2014-6938
 	NOT-FOR-US: Apostilas musicais (aka com.apostilas) application for Android
-CVE-2014-6937 (The China CITIC Bank Credit Card (aka com.citiccard.mobilebank) ...)
+CVE-2014-6937
 	NOT-FOR-US: China CITIC Bank Credit Card (aka com.citiccard.mobilebank) application for Android
-CVE-2014-6936 (The IDS 2013 (aka de.mobileeventguide.ids2013) application 1.21 for ...)
+CVE-2014-6936
 	NOT-FOR-US: IDS 2013 (aka de.mobileeventguide.ids2013) application for Android
-CVE-2014-6935 (The ColorMania - Color Quiz Game (aka com.ColormaniaColoringGames) ...)
+CVE-2014-6935
 	NOT-FOR-US: ColorMania - Color Quiz Game (aka com.ColormaniaColoringGames) application for Android
-CVE-2014-6934 (The Physics Chemistry Biology Quiz (aka com.pdevsmcqs.pcbmcqseries) ...)
+CVE-2014-6934
 	NOT-FOR-US: Physics Chemistry Biology Quiz (aka com.pdevsmcqs.pcbmcqseries) application for Android
-CVE-2014-6933 (The Toraware Takojyou (aka ltd.pte.wavea.torawaretakojyou) application ...)
+CVE-2014-6933
 	NOT-FOR-US: Toraware Takojyou (aka ltd.pte.wavea.torawaretakojyou) application for Android
-CVE-2014-6932 (The All Navalny (aka com.all.navalny) application 1.10 for Android ...)
+CVE-2014-6932
 	NOT-FOR-US: All Navalny (aka com.all.navalny) application for Android
-CVE-2014-6931 (The Treves Dance Center (aka ...)
+CVE-2014-6931
 	NOT-FOR-US: Treves Dance Center (aka com.myapphone.android.myapptrvesdancecenter) application for Android
-CVE-2014-6930 (The Abram Radio Groove! (aka com.nobexinc.wls_79226887.rc) application ...)
+CVE-2014-6930
 	NOT-FOR-US: Abram Radio Groove! (aka com.nobexinc.wls_79226887.rc) application for Android
-CVE-2014-6929 (The AIHce 2014 (aka com.coreapps.android.followme.aihce2014) ...)
+CVE-2014-6929
 	NOT-FOR-US: AIHce 2014 (aka com.coreapps.android.followme.aihce2014) application for Android
-CVE-2014-6928 (The Rastreador de Celulares (aka com.mobincube.android.sc_9KTH8) ...)
+CVE-2014-6928
 	NOT-FOR-US: Rastreador de Celulares (aka com.mobincube.android.sc_9KTH8) application for Android
-CVE-2014-6927 (The Myanmar Housing : mmHome (aka com.mmhome3) application 1.3 for ...)
+CVE-2014-6927
 	NOT-FOR-US: Myanmar Housing : mmHome (aka com.mmhome3) application for Android
-CVE-2014-6926 (The Allt om Brollop (aka com.paperton.wl.alltombrollop) application ...)
+CVE-2014-6926
 	NOT-FOR-US: Allt om Brollop (aka com.paperton.wl.alltombrollop) application for Android
-CVE-2014-6925 (The Steyr Forum (aka com.tapatalk.steyrclubcomvb) application 3.9.12 ...)
+CVE-2014-6925
 	NOT-FOR-US: Steyr Forum (aka com.tapatalk.steyrclubcomvb) application for Android
-CVE-2014-6924 (The Metro News (aka com.netpia.ha.metro) application 1.6.5 for Android ...)
+CVE-2014-6924
 	NOT-FOR-US: Metro News (aka com.netpia.ha.metro) application for Android
-CVE-2014-6923 (The Dubrovnik Guided Walking Tours (aka com.mytoursapp.android.app351) ...)
+CVE-2014-6923
 	NOT-FOR-US: Dubrovnik Guided Walking Tours (aka com.mytoursapp.android.app351) application for Android
-CVE-2014-6922 (The KFAI Community Radio (aka com.skyblue.pra.kfai) application 2.0.4 ...)
+CVE-2014-6922
 	NOT-FOR-US: KFAI Community Radio (aka com.skyblue.pra.kfai) application for Android
-CVE-2014-6921 (The Buckhorn Grill (aka com.orderingapps.buckhorn) application 2.8 for ...)
+CVE-2014-6921
 	NOT-FOR-US: Buckhorn Grill (aka com.orderingapps.buckhorn) application for Android
-CVE-2014-6920 (The Canal 44 (aka com.canal.canal44) application 1.0 for Android does ...)
+CVE-2014-6920
 	NOT-FOR-US: Canal 44 (aka com.canal.canal44) application for Android
-CVE-2014-6919 (The Metalcasting Newsstand (aka air.com.yudu.ReaderAIR3017071) ...)
+CVE-2014-6919
 	NOT-FOR-US: Metalcasting Newsstand (aka air.com.yudu.ReaderAIR3017071) application for Android
-CVE-2014-6918 (The Bikers Underground (aka hr.ap.n66871172) application 4.5.10 for ...)
+CVE-2014-6918
 	NOT-FOR-US: Bikers Underground (aka hr.ap.n66871172) application for Android
-CVE-2014-6917 (The www.knote.kr Smart (aka kr.or.knote.android) application 1.0.3 for ...)
+CVE-2014-6917
 	NOT-FOR-US: www.knote.kr Smart (aka kr.or.knote.android) application for Android
-CVE-2014-6916 (The mama.cn (aka cn.ziipin.mama.ui) application 1.02 for Android does ...)
+CVE-2014-6916
 	NOT-FOR-US: mama.cn (aka cn.ziipin.mama.ui) application for Android
 CVE-2014-6915
 	REJECTED
-CVE-2014-6914 (The Houcine El Jasmi (aka com.devkhr31.houcineeljasmi) application 1.0 ...)
+CVE-2014-6914
 	NOT-FOR-US: Houcine El Jasmi (aka com.devkhr31.houcineeljasmi) application for Android
-CVE-2014-6913 (The Dive The World (aka com.paperton.wl.divetheworld) application 1.53 ...)
+CVE-2014-6913
 	NOT-FOR-US: Dive The World (aka com.paperton.wl.divetheworld) application for Android
-CVE-2014-6912 (The IRA's 59th Annual Conference (aka ...)
+CVE-2014-6912
 	NOT-FOR-US: IRA's 59th Annual Conference (aka com.coreapps.android.followme.ira_14) application for Android
-CVE-2014-6911 (The diziturky HD 2015 (aka com.adv.diziturky) application 2014 for ...)
+CVE-2014-6911
 	NOT-FOR-US: diziturky HD 2015 (aka com.adv.diziturky) application for Android
-CVE-2014-6910 (The MemorizeIt! (aka com.kshinenterprises.kshinent.memorizeit) ...)
+CVE-2014-6910
 	NOT-FOR-US: MemorizeIt! (aka com.kshinenterprises.kshinent.memorizeit) application for Android
-CVE-2014-6909 (The Coca-Cola FM Peru (aka com.enyetech.radio.coca_cola.fm_pe) ...)
+CVE-2014-6909
 	NOT-FOR-US: Coca-Cola FM Peru (aka com.enyetech.radio.coca_cola.fm_pe) application for Android
-CVE-2014-6908 (The Forum IC (aka com.tapatalk.forumimmigrercom) application 3.3.12 ...)
+CVE-2014-6908
 	NOT-FOR-US: Forum IC (aka com.tapatalk.forumimmigrercom) application for Android
-CVE-2014-6907 (The Rakuten Install (aka co.jp.rakuten.installapp) application 1.5.0 ...)
+CVE-2014-6907
 	NOT-FOR-US: Rakuten Install (aka co.jp.rakuten.installapp) application for Android
-CVE-2014-6906 (The Loli Chocolate Cake (aka com.alison.kang.chocolatecake) ...)
+CVE-2014-6906
 	NOT-FOR-US: Loli Chocolate Cake (aka com.alison.kang.chocolatecake) application for Android
-CVE-2014-6905 (The H2O Human Harmony Organization (aka com.netpia.ha.theh2o) ...)
+CVE-2014-6905
 	NOT-FOR-US: H2O Human Harmony Organization (aka com.netpia.ha.theh2o) application for Android
-CVE-2014-6904 (The Safe Browser - The Web Filter (aka com.cloudacl) application 1.2.5 ...)
+CVE-2014-6904
 	NOT-FOR-US: Safe Browser - The Web Filter (aka com.cloudacl) application for Android
-CVE-2014-6903 (The Gulf Power Mobile Bill Pay (aka com.tionetworks.gulf) application ...)
+CVE-2014-6903
 	NOT-FOR-US: Gulf Power Mobile Bill Pay (aka com.tionetworks.gulf) application for Android
-CVE-2014-6902 (The Anjuke (aka com.anjuke.android.app) application 7.1.7 for Android ...)
+CVE-2014-6902
 	NOT-FOR-US: Anjuke (aka com.anjuke.android.app) application for Android
-CVE-2014-6901 (The RADIOS DEL ECUADOR (aka com.nobexinc.wls_87612622.rc) application ...)
+CVE-2014-6901
 	NOT-FOR-US: RADIOS DEL ECUADOR (aka com.nobexinc.wls_87612622.rc) application for Android
-CVE-2014-6900 (The EAGE Amsterdam 2014 (aka com.coreapps.android.followme.eage_2014) ...)
+CVE-2014-6900
 	NOT-FOR-US: EAGE Amsterdam 2014 (aka com.coreapps.android.followme.eage_2014) application for Android
-CVE-2014-6899 (The Jazeera Airways (aka com.winit.jazeeraairways) application 2.7 for ...)
+CVE-2014-6899
 	NOT-FOR-US: Jazeera Airways (aka com.winit.jazeeraairways) application for Android
-CVE-2014-6898 (The Boopsie MyLibrary (aka com.bredir.boopsie.mylibrary) application ...)
+CVE-2014-6898
 	NOT-FOR-US: Boopsie MyLibrary (aka com.bredir.boopsie.mylibrary) application for Android
-CVE-2014-6897 (The Skyrim Map (aka com.neko.skyrimmap) application 2.1 for Android ...)
+CVE-2014-6897
 	NOT-FOR-US: Skyrim Map (aka com.neko.skyrimmap) application for Android
-CVE-2014-6896 (The Yik Yak (aka com.yik.yak) application 2.0.002 for Android does not ...)
+CVE-2014-6896
 	NOT-FOR-US: Yik Yak (aka com.yik.yak) application for Android
-CVE-2014-6895 (The Throne Rush (aka com.progrestar.bft) application 2.3.10 for ...)
+CVE-2014-6895
 	NOT-FOR-US: Throne Rush (aka com.progrestar.bft) application for Android
-CVE-2014-6894 (The Lucktastic (aka com.lucktastic.scratch) application 1.2.6 for ...)
+CVE-2014-6894
 	NOT-FOR-US: Lucktastic (aka com.lucktastic.scratch) application for Android
-CVE-2014-6893 (The Pushpins Grocery Coupons (aka com.pushpinsapp.pushpins) ...)
+CVE-2014-6893
 	NOT-FOR-US: Pushpins Grocery Coupons (aka com.pushpinsapp.pushpins) application for Android
-CVE-2014-6892 (The kalahari.com Shopping (aka com.kalahari.shop) application 1.4.2.1 ...)
+CVE-2014-6892
 	NOT-FOR-US: kalahari.com Shopping (aka com.kalahari.shop) application for Android
-CVE-2014-6891 (The Vodafone Avantaj Cepte (aka com.vodafone.avantajcepte.main) ...)
+CVE-2014-6891
 	NOT-FOR-US: Vodafone Avantaj Cepte (aka com.vodafone.avantajcepte.main) application for Android
-CVE-2014-6890 (The CouponCabin - Coupons &amp; Deals (aka com.couponcabin) application ...)
+CVE-2014-6890
 	NOT-FOR-US: CouponCabin - Coupons & Deals (aka com.couponcabin) application for Android
-CVE-2014-6889 (The GunBroker.com (aka com.gunbroker.android) application 1.1.2 for ...)
+CVE-2014-6889
 	NOT-FOR-US: GunBroker.com (aka com.gunbroker.android) application for Android
-CVE-2014-6888 (The PennyTalk Mobile (aka net.idt.pennytalk.android) application ...)
+CVE-2014-6888
 	NOT-FOR-US: PennyTalk Mobile (aka net.idt.pennytalk.android) application for Android
-CVE-2014-6887 (The EXPRESS (aka com.gpshopper.express.android) application 2.5.3 for ...)
+CVE-2014-6887
 	NOT-FOR-US: EXPRESS (aka com.gpshopper.express.android) application for Android
-CVE-2014-6886 (The WePhone - phone calls vs skype (aka com.wephoneapp) application ...)
+CVE-2014-6886
 	NOT-FOR-US: WePhone - phone calls vs skype (aka com.wephoneapp) application for Android
-CVE-2014-6885 (The Academy Sports + Outdoors Visa (aka ...)
+CVE-2014-6885
 	NOT-FOR-US: Academy Sports + Outdoors Visa (aka com.usbank.icsmobile.academysports) application for Android
-CVE-2014-6884 (The Ford Credit Account Manager (aka com.fordcredit.accountmanager) ...)
+CVE-2014-6884
 	NOT-FOR-US: Ford Credit Account Manager (aka com.fordcredit.accountmanager) application for Android
-CVE-2014-6883 (The CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application ...)
+CVE-2014-6883
 	NOT-FOR-US: CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application for Android
-CVE-2014-6882 (The Western Federal Credit Union (aka com.kerrata.pulse.western) ...)
+CVE-2014-6882
 	NOT-FOR-US: Western Federal Credit Union (aka com.kerrata.pulse.western) application for Android
-CVE-2014-6881 (The PNC Virtual Wallet (aka com.pnc.ecommerce.mobile.vw.android) ...)
+CVE-2014-6881
 	NOT-FOR-US: PNC Virtual Wallet (aka com.pnc.ecommerce.mobile.vw.android) application for Android
-CVE-2014-6880 (The TradeHero (aka com.tradehero.th) application 2.2.5 for Android ...)
+CVE-2014-6880
 	NOT-FOR-US: TradeHero (aka com.tradehero.th) application for Android
-CVE-2014-6879 (The Equifax Mobile (aka com.equifax) application 1.5 for Android does ...)
+CVE-2014-6879
 	NOT-FOR-US: Equifax Mobile (aka com.equifax) application for Android
-CVE-2014-6878 (The RBFCU Mobile (aka com.Vertifi.DeposZip.P314089681) application 3.1 ...)
+CVE-2014-6878
 	NOT-FOR-US: RBFCU Mobile (aka com.Vertifi.DeposZip.P314089681) application for Android
-CVE-2014-6877 (The Santander Personal Banking (aka com.sovereign.santander) ...)
+CVE-2014-6877
 	NOT-FOR-US: Santander Personal Banking (aka com.sovereign.santander) application for Android
-CVE-2014-6876 (The American Express Serve (aka com.serve.mobile) application ...)
+CVE-2014-6876
 	NOT-FOR-US: American Express Serve (aka com.serve.mobile) application for Android
-CVE-2014-6875 (The Woodforest Mobile Banking (aka com.woodforest) application 3.1 for ...)
+CVE-2014-6875
 	NOT-FOR-US: Woodforest Mobile Banking (aka com.woodforest) application for Android
-CVE-2014-6874 (The ModSim Connected (aka com.concursive.modsim) application 2.0 for ...)
+CVE-2014-6874
 	NOT-FOR-US: ModSim Connected (aka com.concursive.modsim) application for Android
-CVE-2014-6873 (The AMGC (aka com.amec.uae) application 6.0 for Android does not ...)
+CVE-2014-6873
 	NOT-FOR-US: AMGC (aka com.amec.uae) application for Android
-CVE-2014-6872 (The TTNET Muzik (aka com.ttnet.muzik) application 3.2 for Android does ...)
+CVE-2014-6872
 	NOT-FOR-US: TTNET Muzik (aka com.ttnet.muzik) application for Android
-CVE-2014-6871 (The Hogs Fly Crazy (aka com.pedrojayme.hogsflycrazy) application 1.0.0 ...)
+CVE-2014-6871
 	NOT-FOR-US: Hogs Fly Crazy (aka com.pedrojayme.hogsflycrazy) application for Android
-CVE-2014-6870 (The BGEnergy (aka com.bluegrass.smartapps) application 1.153.0034 for ...)
+CVE-2014-6870
 	NOT-FOR-US: BGEnergy (aka com.bluegrass.smartapps) application for Android
-CVE-2014-6869 (The barcode scanner (aka tw.com.books.android.plus) application 2.3.0 ...)
+CVE-2014-6869
 	NOT-FOR-US: barcode scanner (aka tw.com.books.android.plus) application for Android
-CVE-2014-6868 (The DS audio (aka com.synology.DSaudio) application 3.4 for Android ...)
+CVE-2014-6868
 	NOT-FOR-US: DS audio (aka com.synology.DSaudio) application for Android
-CVE-2014-6867 (The Sortir en Alsace (aka com.axessweb.sortirenalsace) application ...)
+CVE-2014-6867
 	NOT-FOR-US: Sortir en Alsace (aka com.axessweb.sortirenalsace) application for Android
-CVE-2014-6866 (The HomeAdvisor Mobile (aka com.servicemagic.consumer) application ...)
+CVE-2014-6866
 	NOT-FOR-US: HomeAdvisor Mobile (aka com.servicemagic.consumer) application for Android
-CVE-2014-6865 (The Jamal Bates Show (aka ...)
+CVE-2014-6865
 	NOT-FOR-US: Jamal Bates Show (aka com.conduit.app_3a95e13827c54c4da9056fafb33ecc8d.app) application for Android
-CVE-2014-6864 (The Forest River Forums (aka com.socialknowledge.forestriverforums) ...)
+CVE-2014-6864
 	NOT-FOR-US: Forest River Forums (aka com.socialknowledge.forestriverforums) application for Android
-CVE-2014-6863 (The Mootorratturid &amp; biker.ee (aka ee.digitalfruit.mootorratturid) ...)
+CVE-2014-6863
 	NOT-FOR-US: Mootorratturid & biker.ee (aka ee.digitalfruit.mootorratturid) application for Android
-CVE-2014-6862 (The ArtAcces (aka cat.gencat.mobi.artacces) application 1.0 for ...)
+CVE-2014-6862
 	NOT-FOR-US: ArtAcces (aka cat.gencat.mobi.artacces) application for Android
-CVE-2014-6861 (The Terrarienbilder.com Forum (aka com.tapatalk.terrarienbildercomvb) ...)
+CVE-2014-6861
 	NOT-FOR-US: Terrarienbilder.com Forum (aka com.tapatalk.terrarienbildercomvb) application for Android
-CVE-2014-6860 (The Trial Tracker (aka com.etcweb.android.trial_tracker) application ...)
+CVE-2014-6860
 	NOT-FOR-US: Trial Tracker (aka com.etcweb.android.trial_tracker) application for Android
-CVE-2014-6859 (The Daum Maps - Subway (aka net.daum.android.map) application 3.9.1 ...)
+CVE-2014-6859
 	NOT-FOR-US: Daum Maps - Subway (aka net.daum.android.map) application for Android
-CVE-2014-6858 (The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0 ...)
+CVE-2014-6858
 	NOT-FOR-US: Mostafa Shemeas (aka com.mostafa.shemeas.website) application for Android
-CVE-2014-6857 (The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 ...)
+CVE-2014-6857
 	NOT-FOR-US: Car Wallpapers HD (aka com.arab4x4.gallery.app) application for Android
-CVE-2014-6856 (The AHRAH (aka com.vet2pet.aid219426) application 219426 for Android ...)
+CVE-2014-6856
 	NOT-FOR-US: AHRAH (aka com.vet2pet.aid219426) application for Android
-CVE-2014-6855 (The Long (aka com.imop.longjiang.android) application 1.0.4 for ...)
+CVE-2014-6855
 	NOT-FOR-US: Long (aka com.imop.longjiang.android) application for Android
-CVE-2014-6854 (The EyeXam (aka com.globaleyeventures.eyexam) application 1.4 for ...)
+CVE-2014-6854
 	NOT-FOR-US: EyeXam (aka com.globaleyeventures.eyexam) application for Android
-CVE-2014-6853 (The Foxit MobilePDF - PDF Reader (aka com.foxit.mobile.pdf.lite) ...)
+CVE-2014-6853
 	NOT-FOR-US: Foxit MobilePDF - PDF Reader (aka com.foxit.mobile.pdf.lite) application for Android
-CVE-2014-6852 (The LedLine.gr Official (aka com.automon.ledline.gr) application ...)
+CVE-2014-6852
 	NOT-FOR-US: LedLine.gr Official (aka com.automon.ledline.gr) application for Android
-CVE-2014-6851 (The New Beginnings CFC (aka com.goodbarber.nbcfc) application 1.1 for ...)
+CVE-2014-6851
 	NOT-FOR-US: New Beginnings CFC (aka com.goodbarber.nbcfc) application for Android
-CVE-2014-6850 (The SED Account (aka com.starkville.smartapps) application 1.153.0034 ...)
+CVE-2014-6850
 	NOT-FOR-US: SED Account (aka com.starkville.smartapps) application for Android
 CVE-2014-6849
 	REJECTED
-CVE-2014-6848 (The DS file (aka com.synology.DSfile) application 4.1.1 for Android ...)
+CVE-2014-6848
 	NOT-FOR-US: DS file (aka com.synology.DSfile) application for Android
-CVE-2014-6847 (The Horoscopes and Dreams (aka com.horoscopesanddreams) application ...)
+CVE-2014-6847
 	NOT-FOR-US: Horoscopes and Dreams (aka com.horoscopesanddreams) application for Android
-CVE-2014-6846 (The Four Seasons Beverly Hills (aka ...)
+CVE-2014-6846
 	NOT-FOR-US: Four Seasons Beverly Hills (aka com.intelitycorp.FourSeasons.android.ice) application for Android
-CVE-2014-6845 (The MediaFire (aka com.mediafire.android) application 1.1.1 for ...)
+CVE-2014-6845
 	NOT-FOR-US: MediaFire (aka com.mediafire.android) application for Android
-CVE-2014-6844 (The ABC Song (aka com.tabtale.abcsingalong) application 1.0.0 for ...)
+CVE-2014-6844
 	NOT-FOR-US: ABC Song (aka com.tabtale.abcsingalong) application for Android
-CVE-2014-6843 (The Sweatshop (aka com.orderingapps.sweatshop) application 2.96 for ...)
+CVE-2014-6843
 	NOT-FOR-US: Sweatshop (aka com.orderingapps.sweatshop) application for Android
-CVE-2014-6842 (The Daily Advertiser Print (aka com.lafayettedailyadv.android.prod) ...)
+CVE-2014-6842
 	NOT-FOR-US: Daily Advertiser Print (aka com.lafayettedailyadv.android.prod) application for Android
-CVE-2014-6841 (The RTI INDIA (aka com.vbulletin.build_890) application 3.8.21 for ...)
+CVE-2014-6841
 	NOT-FOR-US: RTI INDIA (aka com.vbulletin.build_890) application for Android
-CVE-2014-6840 (The My Wedding Planner (aka app.wedding) application 1.5 for Android ...)
+CVE-2014-6840
 	NOT-FOR-US: My Wedding Planner (aka app.wedding) application for Android
-CVE-2014-6839 (The Alma Corinthiana (aka com.alma.corinthiana) application 1.0 for ...)
+CVE-2014-6839
 	NOT-FOR-US: Alma Corinthiana (aka com.alma.corinthiana) application for Android
-CVE-2014-6838 (The Groupama toujours la (aka com.groupama.toujoursla) application ...)
+CVE-2014-6838
 	NOT-FOR-US: Groupama toujours la (aka com.groupama.toujoursla) application for Android
-CVE-2014-6837 (The Hillside (aka com.hillside.hermanus) application 1.1 for Android ...)
+CVE-2014-6837
 	NOT-FOR-US: Hillside (aka com.hillside.hermanus) application for Android
-CVE-2014-6836 (The DS photo+ (aka com.synology.dsphoto) application 3.3 for Android ...)
+CVE-2014-6836
 	NOT-FOR-US: DS photo+ (aka com.synology.dsphoto) application for Android
-CVE-2014-6835 (The Herbal Guide (aka com.pocket.herbal.guide) application 1.0 for ...)
+CVE-2014-6835
 	NOT-FOR-US: Herbal Guide (aka com.pocket.herbal.guide) application for Android
-CVE-2014-6834 (The Instaroid - Instagram Viewer (aka net.muik.instaroid) application ...)
+CVE-2014-6834
 	NOT-FOR-US: Instaroid - Instagram Viewer (aka net.muik.instaroid) application for Android
-CVE-2014-6833 (The AuctionTrac Dealer (aka com.adesa.dealer.phone) application 2.0.3 ...)
+CVE-2014-6833
 	NOT-FOR-US: AuctionTrac Dealer (aka com.adesa.dealer.phone) application for Android
-CVE-2014-6832 (The Bersa Forum (aka com.gcspublishing.bersaforum) application 3.9.16 ...)
+CVE-2014-6832
 	NOT-FOR-US: Bersa Forum (aka com.gcspublishing.bersaforum) application for Android
-CVE-2014-6831 (The Hippo Studio (aka com.appgreen.hippostudio) application 1.0 for ...)
+CVE-2014-6831
 	NOT-FOR-US: Hippo Studio (aka com.appgreen.hippostudio) application for Android
-CVE-2014-6830 (The Covet Fashion - Shopping Game (aka com.crowdstar.covetfashion) ...)
+CVE-2014-6830
 	NOT-FOR-US: Covet Fashion - Shopping Game (aka com.crowdstar.covetfashion) application for Android
-CVE-2014-6829 (The Hook (aka com.hook.android) application 0.9.3 for Android does not ...)
+CVE-2014-6829
 	NOT-FOR-US: Hook (aka com.hook.android) application for Android
-CVE-2014-6828 (The Gulf Credit Union (aka Fi_Mobile.Gulf) application 1.1 for Android ...)
+CVE-2014-6828
 	NOT-FOR-US: Gulf Credit Union (aka Fi_Mobile.Gulf) application for Android
-CVE-2014-6827 (The DK ONLINE Beta (aka com.sgmobile.dkonline) application 1.0.2 for ...)
+CVE-2014-6827
 	NOT-FOR-US: DK ONLINE Beta (aka com.sgmobile.dkonline) application for Android
-CVE-2014-6826 (The Tic-Tac To The MAX FREE (aka com.tothemax) application 1.2 for ...)
+CVE-2014-6826
 	NOT-FOR-US: Tic-Tac To The MAX FREE (aka com.tothemax) application for Android
-CVE-2014-6825 (The Teatro Franco Parenti (aka com.mintlab.mx.teatroparenti) ...)
+CVE-2014-6825
 	NOT-FOR-US: Teatro Franco Parenti (aka com.mintlab.mx.teatroparenti) application for Android
-CVE-2014-6824 (The kamkomesan (aka com.anek.kamkomesan) application 1.0 for Android ...)
+CVE-2014-6824
 	NOT-FOR-US: kamkomesan (aka com.anek.kamkomesan) application for Android
-CVE-2014-6823 (The kuailecaidengmi (aka com.licai.kuailecaidengmi) application ...)
+CVE-2014-6823
 	NOT-FOR-US: kuailecaidengmi (aka com.licai.kuailecaidengmi) application for Android
-CVE-2014-6822 (The Nerdico (aka com.nerdico.danielepais) application 1.9 Stable for ...)
+CVE-2014-6822
 	NOT-FOR-US: Nerdico (aka com.nerdico.danielepais) application for Android
-CVE-2014-6821 (The voetbal (aka nl.jborsje.android.voetbal.az) application 4.7.2 for ...)
+CVE-2014-6821
 	NOT-FOR-US: voetbal (aka nl.jborsje.android.voetbal.az) application for Android
-CVE-2014-6820 (The Amebra Ameba (aka jp.honeytrap15.amebra) application 1.0.0 for ...)
+CVE-2014-6820
 	NOT-FOR-US: Amebra Ameba (aka jp.honeytrap15.amebra) application for Android
-CVE-2014-6819 (The Lapp Group Catalogue (aka com.prinovis.LappKabel) application 1.4 ...)
+CVE-2014-6819
 	NOT-FOR-US: Lapp Group Catalogue (aka com.prinovis.LappKabel) application for Android
-CVE-2014-6818 (The OHBM 20th Annual Meeting (aka ...)
+CVE-2014-6818
 	NOT-FOR-US: OHBM 20th Annual Meeting (aka com.coreapps.android.followme.ohbm2014) application for Android
-CVE-2014-6817 (The Cove (aka org.covechurch.app) application 1.0.2 for Android does ...)
+CVE-2014-6817
 	NOT-FOR-US: Cove (aka org.covechurch.app) application for Android
-CVE-2014-6816 (The WISDOM (aka lvtu99.com.nescmxiaoniuniu) application 2.1 for ...)
+CVE-2014-6816
 	NOT-FOR-US: WISDOM (aka lvtu99.com.nescmxiaoniuniu) application for Android
-CVE-2014-6815 (The Vouch! (aka com.voucherry.voucherry) application 2.1.6 for Android ...)
+CVE-2014-6815
 	NOT-FOR-US: Vouch! (aka com.voucherry.voucherry) application for Android
-CVE-2014-6814 (The Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) ...)
+CVE-2014-6814
 	NOT-FOR-US: Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) application for Android
-CVE-2014-6813 (The klassens (aka com.mcreda.klassens.apps) application 1.0 for ...)
+CVE-2014-6813
 	NOT-FOR-US: klassens (aka com.mcreda.klassens.apps) application for Android
-CVE-2014-6812 (The Aloha Guide (aka com.aloha.guide.english) application 1.5 for ...)
+CVE-2014-6812
 	NOT-FOR-US: Aloha Guide (aka com.aloha.guide.english) application for Android
 CVE-2014-6811
 	REJECTED
-CVE-2014-6810 (The RIMS 2014 Annual Conference (aka ...)
+CVE-2014-6810
 	NOT-FOR-US: RIMS 2014 Annual Conference (aka com.coreapps.android.followme.rims2014) application for Android
 CVE-2014-6809
 	REJECTED
-CVE-2014-6808 (The Active 24 (aka com.zentity.app.active24) application 1.0.1 for ...)
+CVE-2014-6808
 	NOT-FOR-US: Active 24 (aka com.zentity.app.active24) application for Android
-CVE-2014-6807 (The OLA School (aka ...)
+CVE-2014-6807
 	NOT-FOR-US: OLA School (aka com.conduit.app_00f9890a4f0145f2aae9d714e20b273a.app) application for Android
-CVE-2014-6806 (The Thanodi - Setswana Translator (aka com.thanodi.thanodi) ...)
+CVE-2014-6806
 	NOT-FOR-US: Thanodi - Setswana Translator (aka com.thanodi.thanodi) application for Android
-CVE-2014-6805 (The weibo (aka magic.weibo) application 1.2 for Android does not ...)
+CVE-2014-6805
 	NOT-FOR-US: weibo (aka magic.weibo) application for Android
-CVE-2014-6804 (The Deschutes Public MobileLibrary (aka com.bredir.boopsie.deschutes) ...)
+CVE-2014-6804
 	NOT-FOR-US: Deschutes Public MobileLibrary (aka com.bredir.boopsie.deschutes) application for Android
-CVE-2014-6803 (The Bank of Moscow EIRTS Rent (aka ru.bm.rbs.android) application ...)
+CVE-2014-6803
 	NOT-FOR-US: Bank of Moscow EIRTS Rent (aka ru.bm.rbs.android) application for Android
-CVE-2014-6802 (The First Assembly NLR (aka ...)
+CVE-2014-6802
 	NOT-FOR-US: First Assembly NLR (aka com.subsplash.thechurchapp.firstassemblynlr) application for Android
-CVE-2014-6801 (The frank matano (aka com.frank.matano) application 1.0 for Android ...)
+CVE-2014-6801
 	NOT-FOR-US: frank matano (aka com.frank.matano) application for Android
-CVE-2014-6800 (The Bloom Township 206 (aka net.parentlink.bloom) application 4.0.500 ...)
+CVE-2014-6800
 	NOT-FOR-US: Bloom Township 206 (aka net.parentlink.bloom) application for Android
-CVE-2014-6799 (The Investigation Tool (aka gov.ca.post.lp.itool) application 1.0.0 ...)
+CVE-2014-6799
 	NOT-FOR-US: Investigation Tool (aka gov.ca.post.lp.itool) application for Android
-CVE-2014-6798 (The McMaster Marauders (aka com.weever.marauders) application 1.0.1 ...)
+CVE-2014-6798
 	NOT-FOR-US: McMaster Marauders (aka com.weever.marauders) application for Android
-CVE-2014-6797 (The Abu Ali Anasheeds (aka com.faapps.abuali_anasheeds) application ...)
+CVE-2014-6797
 	NOT-FOR-US: Abu Ali Anasheeds (aka com.faapps.abuali_anasheeds) application for Android
-CVE-2014-6796 (The LocalSense (aka com.LocalSense) application 1.2.1 for Android does ...)
+CVE-2014-6796
 	NOT-FOR-US: LocalSense (aka com.LocalSense) application for Android
-CVE-2014-6795 (The Beekeeping Forum (aka com.tapatalk.supporttapatalkcomxxxxx) ...)
+CVE-2014-6795
 	NOT-FOR-US: Beekeeping Forum (aka com.tapatalk.supporttapatalkcomxxxxx) application for Android
-CVE-2014-6794 (The AAPLD (aka com.bredir.boopsie.aapld) application 4.5.110 for ...)
+CVE-2014-6794
 	NOT-FOR-US: AAPLD (aka com.bredir.boopsie.aapld) application for Android
-CVE-2014-6793 (The Arch Friend (aka com.xyproto.archfriend) application 0.4.2 for ...)
+CVE-2014-6793
 	NOT-FOR-US: Arch Friend (aka com.xyproto.archfriend) application for Android
-CVE-2014-6792 (The Suriname Radio (aka com.wordbox.surinameRadio) application 1.5 for ...)
+CVE-2014-6792
 	NOT-FOR-US: Suriname Radio (aka com.wordbox.surinameRadio) application for Android
-CVE-2014-6791 (The Angel Reigns (aka ...)
+CVE-2014-6791
 	NOT-FOR-US: Angel Reigns (aka com.conduit.app_dab60e7bd60d4f23a14b3fb7357f9dcd.app) application for Android
-CVE-2014-6790 (The INVEX (aka com.mobilatolye.keyinternet) application 1.0.2 for ...)
+CVE-2014-6790
 	NOT-FOR-US: INVEX (aka com.mobilatolye.keyinternet) application for Android
-CVE-2014-6789 (The Anaheim Library 2Go! (aka com.bredir.boopsie.anaheim) application ...)
+CVE-2014-6789
 	NOT-FOR-US: Anaheim Library 2Go! (aka com.bredir.boopsie.anaheim) application for Android
-CVE-2014-6788 (The Oman News (aka com.oman.news.rmtzlnbuooordciw) application 1.0 for ...)
+CVE-2014-6788
 	NOT-FOR-US: Oman News (aka com.oman.news.rmtzlnbuooordciw) application for Android
-CVE-2014-6787 (The Counter Intuition (aka com.counter.intuition) application 1.2 for ...)
+CVE-2014-6787
 	NOT-FOR-US: Counter Intuition (aka com.counter.intuition) application for Android
-CVE-2014-6786 (The Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) ...)
+CVE-2014-6786
 	NOT-FOR-US: Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) application for Android
-CVE-2014-6785 (The Renny McLean Ministries (aka com.subsplash.thechurchapp.s_GJQX72) ...)
+CVE-2014-6785
 	NOT-FOR-US: Renny McLean Ministries (aka com.subsplash.thechurchapp.s_GJQX72) application for Android
-CVE-2014-6784 (The Fermononrespiri Mobile (aka com.tapatalk.rmonlineitforums) ...)
+CVE-2014-6784
 	NOT-FOR-US: Fermononrespiri Mobile (aka com.tapatalk.rmonlineitforums) application for Android
-CVE-2014-6783 (The Campus Link - Campus TV HKUSU (aka com.campus.tv.hkusu) ...)
+CVE-2014-6783
 	NOT-FOR-US: Campus Link - Campus TV HKUSU (aka com.campus.tv.hkusu) application for Android
-CVE-2014-6782 (The Abraham Tours (aka com.mytoursapp.android.app432) application ...)
+CVE-2014-6782
 	NOT-FOR-US: Abraham Tours (aka com.mytoursapp.android.app432) application for Android
-CVE-2014-6781 (The Aloha Stadium - Hawaii (aka com.stadium.aloha) application 1.2 for ...)
+CVE-2014-6781
 	NOT-FOR-US: Aloha Stadium - Hawaii (aka com.stadium.aloha) application for Android
-CVE-2014-6780 (The MeiTalk (aka com.playjia.meitalk) application @7F060012 for ...)
+CVE-2014-6780
 	NOT-FOR-US: MeiTalk (aka com.playjia.meitalk) application for Android
-CVE-2014-6779 (The Cart App (aka com.virtecha.mobilewallet) application 1.5 for ...)
+CVE-2014-6779
 	NOT-FOR-US: Cart App (aka com.virtecha.mobilewallet) application for Android
-CVE-2014-6778 (The Goat Forum (aka com.gcspublishing.goatspot) application 3.9.15 for ...)
+CVE-2014-6778
 	NOT-FOR-US: Goat Forum (aka com.gcspublishing.goatspot) application for Android
-CVE-2014-6777 (The blueeleph (aka eg.film.blueeleph) application 1.0 for Android does ...)
+CVE-2014-6777
 	NOT-FOR-US: blueeleph (aka eg.film.blueeleph) application for Android
-CVE-2014-6776 (The United Advantage NW Federal Cr (aka com.myappengine.uanwfcu) ...)
+CVE-2014-6776
 	NOT-FOR-US: United Advantage NW Federal Cr (aka com.myappengine.uanwfcu) application for Android
-CVE-2014-6775 (The Light for Pets (aka com.helenwoodward.light4pets) application 1.0 ...)
+CVE-2014-6775
 	NOT-FOR-US: Light for Pets (aka com.helenwoodward.light4pets) application for Android
-CVE-2014-6774 (The USEK (aka com.university.usek) application 1.0.8 for Android does ...)
+CVE-2014-6774
 	NOT-FOR-US: USEK (aka com.university.usek) application for Android
-CVE-2014-6773 (The CIH Quiz game (aka com.bowenehs.cihquizgameapp) application 1.3 ...)
+CVE-2014-6773
 	NOT-FOR-US: CIH Quiz game (aka com.bowenehs.cihquizgameapp) application for Android
-CVE-2014-6772 (The United Educational CU (aka com.metova.cuae.uecu) application ...)
+CVE-2014-6772
 	NOT-FOR-US: United Educational CU (aka com.metova.cuae.uecu) application for Android
-CVE-2014-6771 (The United Heritage Mobile (aka Fi_Mobile.UHCU) application 1.1 for ...)
+CVE-2014-6771
 	NOT-FOR-US: United Heritage Mobile (aka Fi_Mobile.UHCU) application for Android
-CVE-2014-6770 (The Aerospace Jobs (aka com.app_aerospacejobs.layout) application ...)
+CVE-2014-6770
 	NOT-FOR-US: Aerospace Jobs (aka com.app_aerospacejobs.layout) application for Android
-CVE-2014-6769 (The Meteo Belgique (aka com.mobilesoft.belgiumweather) application 3.2 ...)
+CVE-2014-6769
 	NOT-FOR-US: Meteo Belgique (aka com.mobilesoft.belgiumweather) application for Android
-CVE-2014-6768 (The Anywhere Anytime Yoga Workout (aka com.bayart.yoga) application ...)
+CVE-2014-6768
 	NOT-FOR-US: Anywhere Anytime Yoga Workout (aka com.bayart.yoga) application for Android
-CVE-2014-6767 (The Juggle! FREE (aka com.jakyl.juggleforfree) application 3.0.0 for ...)
+CVE-2014-6767
 	NOT-FOR-US: Juggle! FREE (aka com.jakyl.juggleforfree) application for Android
-CVE-2014-6766 (The Afro-Beat (aka com.zero.themelock.tambourine) application 0.2 for ...)
+CVE-2014-6766
 	NOT-FOR-US: Afro-Beat (aka com.zero.themelock.tambourine) application for Android
-CVE-2014-6765 (The No Fuss Home Loans (aka ...)
+CVE-2014-6765
 	NOT-FOR-US: No Fuss Home Loans (aka com.soln.SA2CAA74BBC3AFEFE7C8BE3F3AAC499E7) application for Android
-CVE-2014-6764 (The Assyrian (aka com.b2.assyrian.activity) application 2.2 for ...)
+CVE-2014-6764
 	NOT-FOR-US: Assyrian (aka com.b2.assyrian.activity) application for Android
-CVE-2014-6763 (The Codename Birdgame (aka ...)
+CVE-2014-6763
 	NOT-FOR-US: Codename Birdgame (aka com.devsecondfictioncom.devsecondfictioncom.birdadhoc) application for Android
-CVE-2014-6762 (The bongomovie (aka com.mbwasi.bongomovie) application 1.0 for Android ...)
+CVE-2014-6762
 	NOT-FOR-US: bongomovie (aka com.mbwasi.bongomovie) application for Android
-CVE-2014-6761 (The Aprende a Meditar (aka com.rareartifact.aprendeameditar544CB0A2) ...)
+CVE-2014-6761
 	NOT-FOR-US: Aprende a Meditar (aka com.rareartifact.aprendeameditar544CB0A2) application for Android
-CVE-2014-6760 (The Harem Thief Dating (aka com.haremthief.haremthief) application ...)
+CVE-2014-6760
 	NOT-FOR-US: Harem Thief Dating (aka com.haremthief.haremthief) application for Android
-CVE-2014-6759 (The Downton Abbey Fan Portal (aka com.downton.abbey.fan.portal) ...)
+CVE-2014-6759
 	NOT-FOR-US: Downton Abbey Fan Portal (aka com.downton.abbey.fan.portal) application for Android
-CVE-2014-6758 (The Qin Story (aka com.kongzhong.tjmammoth.android.cqqslengp) ...)
+CVE-2014-6758
 	NOT-FOR-US: Qin Story (aka com.kongzhong.tjmammoth.android.cqqslengp) application for Android
-CVE-2014-6757 (The Koran - AlqoranVideos (aka com.alqoran.videos.example) application ...)
+CVE-2014-6757
 	NOT-FOR-US: Koran - AlqoranVideos (aka com.alqoran.videos.example) application for Android
-CVE-2014-6756 (The Reddit Aww (aka org.biais.redditawww) application 1.2.1 for ...)
+CVE-2014-6756
 	NOT-FOR-US: Reddit Aww (aka org.biais.redditawww) application for Android
-CVE-2014-6755 (The SDN Forum (TapaTalk) (aka com.tapatalk.forumshiftdeletenet) ...)
+CVE-2014-6755
 	NOT-FOR-US: SDN Forum (TapaTalk) (aka com.tapatalk.forumshiftdeletenet) application for Android
-CVE-2014-6754 (The Vector Outage Manager (aka nz.co.vector.outagemanager) application ...)
+CVE-2014-6754
 	NOT-FOR-US: Vector Outage Manager (aka nz.co.vector.outagemanager) application for Android
-CVE-2014-6753 (The sunnat e rasool (aka com.imsoft.sunnat_e_rasool) application 2.0 ...)
+CVE-2014-6753
 	NOT-FOR-US: sunnat e rasool (aka com.imsoft.sunnat_e_rasool) application for Android
-CVE-2014-6752 (The Mindless Behavior Fan Base (aka com.mindless.behavior.fan.base) ...)
+CVE-2014-6752
 	NOT-FOR-US: Mindless Behavior Fan Base (aka com.mindless.behavior.fan.base) application for Android
-CVE-2014-6751 (The Grasshopper Beta (aka com.grasshopper.dialer) application 2.1 for ...)
+CVE-2014-6751
 	NOT-FOR-US: Grasshopper Beta (aka com.grasshopper.dialer) application for Android
-CVE-2014-6750 (The $0.99 Kindle Books (aka com.kindle.books.for99) application 6.0 ...)
+CVE-2014-6750
 	NOT-FOR-US: $0.99 Kindle Books (aka com.kindle.books.for99) application for Android
-CVE-2014-6749 (The American Nurses Association (aka com.dub.poweredbydub.assoc.ana) ...)
+CVE-2014-6749
 	NOT-FOR-US: American Nurses Association (aka com.dub.poweredbydub.assoc.ana) application for Android
-CVE-2014-6748 (The GEMAIRE's HVAC Assist (aka com.es.Gemaire) application 5.0 for ...)
+CVE-2014-6748
 	NOT-FOR-US: GEMAIRE's HVAC Assist (aka com.es.Gemaire) application for Android
-CVE-2014-6747 (The SeeOn (aka com.seeon) application 4.0.7 for Android does not ...)
+CVE-2014-6747
 	NOT-FOR-US: SeeOn (aka com.seeon) application for Android
-CVE-2014-6746 (The Infiniti Roadside Assistance (aka com.ccas.rsa.common.infiniti) ...)
+CVE-2014-6746
 	NOT-FOR-US: Infiniti Roadside Assistance (aka com.ccas.rsa.common.infiniti) application for Android
-CVE-2014-6745 (The Family Location (aka com.sosocome.family) application 3.4 ...)
+CVE-2014-6745
 	NOT-FOR-US: Family Location (aka com.sosocome.family) application for Android
-CVE-2014-6744 (The Al-Ahsa News (aka com.alahsa.news) application 2.0 for Android ...)
+CVE-2014-6744
 	NOT-FOR-US: Al-Ahsa News (aka com.alahsa.news) application for Android
-CVE-2014-6743 (The Hearsay: A Social Party Game (aka air.com.lip.per) application ...)
+CVE-2014-6743
 	NOT-FOR-US: Hearsay: A Social Party Game (aka air.com.lip.per) application for Android
-CVE-2014-6742 (The All around Cyprus (aka com.cyprus.newspapers) application 2.11 for ...)
+CVE-2014-6742
 	NOT-FOR-US: All around Cyprus (aka com.cyprus.newspapers) application for Android
-CVE-2014-6741 (The John MacArthur (aka com.john.macarthur) application 1.0.26 for ...)
+CVE-2014-6741
 	NOT-FOR-US: John MacArthur (aka com.john.macarthur) application for Android
-CVE-2014-6740 (The XD Forum (aka com.tapatalk.xdforumcomforum) application 3.9.17 for ...)
+CVE-2014-6740
 	NOT-FOR-US: XD Forum (aka com.tapatalk.xdforumcomforum) application for Android
-CVE-2014-6739 (The Well-Being Connect Mobile (aka com.healthways.wellbeinggo) ...)
+CVE-2014-6739
 	NOT-FOR-US: Well-Being Connect Mobile (aka com.healthways.wellbeinggo) application for Android
-CVE-2014-6738 (The Maccabi Tel Aviv (aka com.monkeytech.maccabi) application 1.0 for ...)
+CVE-2014-6738
 	NOT-FOR-US: Maccabi Tel Aviv (aka com.monkeytech.maccabi) application for Android
-CVE-2014-6737 (The Ultimate Target-Armored Sniper (aka air.wood.liame.ultimatetarget) ...)
+CVE-2014-6737
 	NOT-FOR-US: Ultimate Target-Armored Sniper (aka air.wood.liame.ultimatetarget) application for Android
-CVE-2014-6736 (The EPL Hat Trick (aka com.hat.trick.goal) application 1.0 for Android ...)
+CVE-2014-6736
 	NOT-FOR-US: EPL Hat Trick (aka com.hat.trick.goal) application for Android
-CVE-2014-6735 (The imagine Next bmobile (aka ...)
+CVE-2014-6735
 	NOT-FOR-US: imagine Next bmobile (aka com.conduit.app_51c3c19581af465092327dd25591b224.app) application for Android
-CVE-2014-6734 (The Wine Making (aka com.gcspublishing.winemakingtalk) application ...)
+CVE-2014-6734
 	NOT-FOR-US: Wine Making (aka com.gcspublishing.winemakingtalk) application for Android
-CVE-2014-6733 (The My T-Mobile (aka at.tmobile.android.myt) application @7F0C0030 for ...)
+CVE-2014-6733
 	NOT-FOR-US: My T-Mobile (aka at.tmobile.android.myt) application for Android
-CVE-2014-6732 (The Westpac Mobile Banking (aka org.westpac.bank) application 5.21 for ...)
+CVE-2014-6732
 	NOT-FOR-US: Westpac Mobile Banking (aka org.westpac.bank) application for Android
-CVE-2014-6731 (The Alfa-Bank (aka ru.alfabank.mobile.android) application 5.5.1.1 for ...)
+CVE-2014-6731
 	NOT-FOR-US: Alfa-Bank (aka ru.alfabank.mobile.android) application for Android
-CVE-2014-6730 (The Melodigram (aka com.minusdegree.melodigramandroid) application 1.1 ...)
+CVE-2014-6730
 	NOT-FOR-US: Melodigram (aka com.minusdegree.melodigramandroid) application for Android
-CVE-2014-6729 (The Grilling with Rich (aka com.grilling.with.rich) application 1.0 ...)
+CVE-2014-6729
 	NOT-FOR-US: Grilling with Rich (aka com.grilling.with.rich) application for Android
-CVE-2014-6728 (The ThinkPal (aka com.mythinkpalapp) application 1.6.3 for Android ...)
+CVE-2014-6728
 	NOT-FOR-US: ThinkPal (aka com.mythinkpalapp) application for Android
-CVE-2014-6727 (The Mikeius (Official App) (aka com.automon.mikeius) application ...)
+CVE-2014-6727
 	NOT-FOR-US: Mikeius (Official App) (aka com.automon.mikeius) application for Android
-CVE-2014-6726 (The 30A (aka com.app30a) application 5.26.2 for Android does not ...)
+CVE-2014-6726
 	NOT-FOR-US: 30A (aka com.app30a) application for Android
-CVE-2014-6725 (The SchoolXM (aka apprentice.schoolxm) application 1.2 for Android ...)
+CVE-2014-6725
 	NOT-FOR-US: SchoolXM (aka apprentice.schoolxm) application for Android
-CVE-2014-6724 (The Soap Making (aka com.tapatalk.soapmakingforumcom) application ...)
+CVE-2014-6724
 	NOT-FOR-US: Soap Making (aka com.tapatalk.soapmakingforumcom) application for Android
-CVE-2014-6723 (The Comics Plus (aka com.iversecomics.comicsplus.android) application ...)
+CVE-2014-6723
 	NOT-FOR-US: Comics Plus (aka com.iversecomics.comicsplus.android) application for Android
-CVE-2014-6722 (The Pescuit Crap Lite (aka ro.aventurilapescui.pescuitcrap.lite) ...)
+CVE-2014-6722
 	NOT-FOR-US: Pescuit Crap Lite (aka ro.aventurilapescui.pescuitcrap.lite) application for Android
-CVE-2014-6721 (The Pharmaguideline (aka com.pharmaguideline) application 1.2.0 for ...)
+CVE-2014-6721
 	NOT-FOR-US: Pharmaguideline (aka com.pharmaguideline) application for Android
-CVE-2014-6720 (The Pesca de Carpa Lite (aka com.clearfishing.pescadecarpa.lite) ...)
+CVE-2014-6720
 	NOT-FOR-US: Pesca de Carpa Lite (aka com.clearfishing.pescadecarpa.lite) application for Android
-CVE-2014-6719 (The Kayak Angler Magazine (aka air.com.yudu.ReaderAIR1360155) ...)
+CVE-2014-6719
 	NOT-FOR-US: Kayak Angler Magazine (aka air.com.yudu.ReaderAIR1360155) application for Android
-CVE-2014-6718 (The My Mobile Day (aka com.mymobileday) application 1.3 for Android ...)
+CVE-2014-6718
 	NOT-FOR-US: My Mobile Day (aka com.mymobileday) application for Android
-CVE-2014-6717 (The iTriage Health (aka com.healthagen.iTriage) application 5.29 for ...)
+CVE-2014-6717
 	NOT-FOR-US: iTriage Health (aka com.healthagen.iTriage) application for Android
-CVE-2014-6716 (The fastin (aka moda.azyae.fastin.net) application 1.0 for Android ...)
+CVE-2014-6716
 	NOT-FOR-US: fastin (aka moda.azyae.fastin.net) application for Android
-CVE-2014-6715 (The SlotMachine (aka com.popoinnovation.SlotMachine) application 1.03 ...)
+CVE-2014-6715
 	NOT-FOR-US: SlotMachine (aka com.popoinnovation.SlotMachine) application for Android
-CVE-2014-6714 (The WebMD (aka com.webmd.android) application 3.5 for Android does not ...)
+CVE-2014-6714
 	NOT-FOR-US: WebMD (aka com.webmd.android) application for Android
-CVE-2014-6713 (The MedQuiz: Medical Chat and MCQs (aka com.pdevsmedd.med) application ...)
+CVE-2014-6713
 	NOT-FOR-US: MedQuiz: Medical Chat and MCQs (aka com.pdevsmedd.med) application for Android
-CVE-2014-6712 (The Airlines International (aka org.iata.IAMagazine) application 1.0 ...)
+CVE-2014-6712
 	NOT-FOR-US: Airlines International (aka org.iata.IAMagazine) application for Android
-CVE-2014-6711 (The ABC Lounge Webradio (aka com.nobexinc.wls_66087017.rc) application ...)
+CVE-2014-6711
 	NOT-FOR-US: ABC Lounge Webradio (aka com.nobexinc.wls_66087017.rc) application for Android
-CVE-2014-6710 (The Chifro Kids Coloring Game (aka com.chifro.kids_coloring_game) ...)
+CVE-2014-6710
 	NOT-FOR-US: Chifro Kids Coloring Game (aka com.chifro.kids_coloring_game) application for Android
-CVE-2014-6709 (The TechRadar News (aka com.techradar.news) application 1.0 for ...)
+CVE-2014-6709
 	NOT-FOR-US: TechRadar News (aka com.techradar.news) application for Android
-CVE-2014-6708 (The Sporting Club Uphoria (aka com.sportinginnovations.skc) ...)
+CVE-2014-6708
 	NOT-FOR-US: Sporting Club Uphoria (aka com.sportinginnovations.skc) application for Android
-CVE-2014-6707 (The 7Sage LSAT Prep - Proctor (aka com.sevensage.lsat) application ...)
+CVE-2014-6707
 	NOT-FOR-US: 7Sage LSAT Prep - Proctor (aka com.sevensage.lsat) application for Android
-CVE-2014-6706 (The Embry-Riddle (aka com.dub.app.erau) application 1.4.04 for Android ...)
+CVE-2014-6706
 	NOT-FOR-US: Embry-Riddle (aka com.dub.app.erau) application for Android
-CVE-2014-6705 (The Maher Zain (aka com.vanagas.app.maher_zain) application 1.1 for ...)
+CVE-2014-6705
 	NOT-FOR-US: Maher Zain (aka com.vanagas.app.maher_zain) application for Android
-CVE-2014-6704 (The Utah Jazz (aka com.sportinginnovations.jazz) application 2.0.0 for ...)
+CVE-2014-6704
 	NOT-FOR-US: Utah Jazz (aka com.sportinginnovations.jazz) application for Android
-CVE-2014-6703 (The phonearabs4 (aka com.phonearabs4.myapps) application 1.4 for ...)
+CVE-2014-6703
 	NOT-FOR-US: phonearabs4 (aka com.phonearabs4.myapps) application for Android
-CVE-2014-6702 (The StarSat International (aka ...)
+CVE-2014-6702
 	NOT-FOR-US: StarSat International (aka com.conduit.app_b15a1814d2d840198e70e3c235af5e8b.app) application for Android
-CVE-2014-6701 (The Vendormate Mobile (aka com.vendormate.mobile) application 3.0 for ...)
+CVE-2014-6701
 	NOT-FOR-US: Vendormate Mobile (aka com.vendormate.mobile) application for Android
-CVE-2014-6700 (The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) ...)
+CVE-2014-6700
 	NOT-FOR-US: NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application for Android
-CVE-2014-6699 (The Weather Channel (aka com.weather.Weather) application 5.2.0 for ...)
+CVE-2014-6699
 	NOT-FOR-US: Weather Channel (aka com.weather.Weather) application for Android
-CVE-2014-6698 (The Galaxy Online 2 (aka air.com.igg.galaxyAPhone) application 1.2.3 ...)
+CVE-2014-6698
 	NOT-FOR-US: Galaxy Online 2 (aka air.com.igg.galaxyAPhone) application for Android
-CVE-2014-6697 (The Morocco Weather (aka com.mobilesoft.meteomaroc) application 3.1 ...)
+CVE-2014-6697
 	NOT-FOR-US: Morocco Weather (aka com.mobilesoft.meteomaroc) application for Android
-CVE-2014-6696 (The Candy Girl Party Makeover (aka ...)
+CVE-2014-6696
 	NOT-FOR-US: Candy Girl Party Makeover (aka com.bearhugmedia.android_candygirlparty) application for Android
-CVE-2014-6695 (The Wedding Photo Frames-Love Pics (aka ...)
+CVE-2014-6695
 	NOT-FOR-US: Wedding Photo Frames-Love Pics (aka com.WeddingPhotoFramesLovePics) application for Android
-CVE-2014-6694 (The 5SOS Family Planet (aka uk.co.pixelkicks.fivesos) application ...)
+CVE-2014-6694
 	NOT-FOR-US: 5SOS Family Planet (aka uk.co.pixelkicks.fivesos) application for Android
-CVE-2014-6693 (The Juiker (aka org.itri) application 3.2.0829.1 for Android does not ...)
+CVE-2014-6693
 	NOT-FOR-US: Juiker (aka org.itri) application for Android
-CVE-2014-6692 (The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 ...)
+CVE-2014-6692
 	NOT-FOR-US: Kingsoft Clip (Office Tool) (aka cn.wps.clip) application for Android
-CVE-2014-6691 (The UC Browser HD (aka com.uc.browser.hd) application 3.3.1.469 for ...)
+CVE-2014-6691
 	NOT-FOR-US: UC Browser HD (aka com.uc.browser.hd) application for Android
-CVE-2014-6690 (The InstaMessage - Instagram Chat (aka ...)
+CVE-2014-6690
 	NOT-FOR-US: InstaMessage - Instagram Chat (aka com.futurebits.instamessage.free) application for Android
-CVE-2014-6689 (The JW Cards (aka com.jingwei.card) application 3.8.0 for Android does ...)
+CVE-2014-6689
 	NOT-FOR-US: JW Cards (aka com.jingwei.card) application for Android
-CVE-2014-6688 (The Voices.com (aka com.voices.voices) application 1.5 for Android ...)
+CVE-2014-6688
 	NOT-FOR-US: Voices.com (aka com.voices.voices) application for Android
-CVE-2014-6687 (The wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application 0.1 ...)
+CVE-2014-6687
 	NOT-FOR-US: wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application for Android
-CVE-2014-6686 (The Zoho Books - Accounting App (aka com.zoho.books) application 3.1.9 ...)
+CVE-2014-6686
 	NOT-FOR-US: Zoho Books - Accounting App (aka com.zoho.books) application for Android
-CVE-2014-6685 (The Tsushima Travel Guide (aka com.netjapan.ntsushima) application 1.9 ...)
+CVE-2014-6685
 	NOT-FOR-US: Tsushima Travel Guide (aka com.netjapan.ntsushima) application for Android
-CVE-2014-6684 (The MOL bringaPONT (aka hu.mol.bringapont) application 1.1 for Android ...)
+CVE-2014-6684
 	NOT-FOR-US: MOL bringaPONT (aka hu.mol.bringapont) application for Android
-CVE-2014-6683 (The Open Electrical Webser (aka com.wOpenElectricalWeb) application ...)
+CVE-2014-6683
 	NOT-FOR-US: Open Electrical Webser (aka com.wOpenElectricalWeb) application for Android
-CVE-2014-6682 (The w88235ff7bdc2fb574f1789750ea99ed6 (aka ...)
+CVE-2014-6682
 	NOT-FOR-US: w88235ff7bdc2fb574f1789750ea99ed6 (aka com.w88235ff7bdc2fb574f1789750ea99ed6) application for Android
-CVE-2014-6681 (The Mahabharata Audiocast (aka com.wordbox.mahabharataAudiocast) ...)
+CVE-2014-6681
 	NOT-FOR-US: Mahabharata Audiocast (aka com.wordbox.mahabharataAudiocast) application for Android
-CVE-2014-6680 (The superheroquiz (aka com.davidhey.superheroquiz) application 1.0 for ...)
+CVE-2014-6680
 	NOT-FOR-US: superheroquiz (aka com.davidhey.superheroquiz) application for Android
-CVE-2014-6679 (The wEPISDParentPortal (aka com.dreamstep.wEPISDParentPortal) ...)
+CVE-2014-6679
 	NOT-FOR-US: wEPISDParentPortal (aka com.dreamstep.wEPISDParentPortal) application for Android
-CVE-2014-6678 (The Algeria Radio (aka com.wordbox.algeriaRadio) application 2.5 for ...)
+CVE-2014-6678
 	NOT-FOR-US: Algeria Radio (aka com.wordbox.algeriaRadio) application for Android
-CVE-2014-6677 (The Ticket Round Up (aka com.xcr.android.ticketroundupapp) application ...)
+CVE-2014-6677
 	NOT-FOR-US: Ticket Round Up (aka com.xcr.android.ticketroundupapp) application for Android
-CVE-2014-6676 (The Exercitii pentru abdomen (aka ...)
+CVE-2014-6676
 	NOT-FOR-US: Exercitii pentru abdomen (aka com.rareartifact.exercitiipentruabdomen41E29322) application for Android
-CVE-2014-6675 (The Ruta Exacta (aka com.rutaexacta.m) application 1.0 for Android ...)
+CVE-2014-6675
 	NOT-FOR-US: Ruta Exacta (aka com.rutaexacta.m) application for Android
-CVE-2014-6674 (The Amazighmusic (aka nl.appsandroo.Amazighmusic) application 1.0 for ...)
+CVE-2014-6674
 	NOT-FOR-US: Amazighmusic (aka nl.appsandroo.Amazighmusic) application for Android
-CVE-2014-6673 (The ChallengerTX (aka com.zhtiantian.ChallengerTX) application ...)
+CVE-2014-6673
 	NOT-FOR-US: ChallengerTX (aka com.zhtiantian.ChallengerTX) application for Android
-CVE-2014-6672 (The Friendcaster (aka uk.co.senab.blueNotifyFree) application 5.4.5 ...)
+CVE-2014-6672
 	NOT-FOR-US: Friendcaster (aka uk.co.senab.blueNotifyFree) application for Android
-CVE-2014-6671 (The World Cup 2014 Brazil - Xem TV (aka vn.letshare.football.worldcup) ...)
+CVE-2014-6671
 	NOT-FOR-US: World Cup 2014 Brazil - Xem TV (aka vn.letshare.football.worldcup) application for Android
-CVE-2014-6670 (The SingaporeMotherhood Forum (aka ...)
+CVE-2014-6670
 	NOT-FOR-US: SingaporeMotherhood Forum (aka com.tapatalk.singaporemotherhoodcomforum) application for Android
-CVE-2014-6669 (The Inside Crochet (aka com.magazinecloner.insidecrochet) application ...)
+CVE-2014-6669
 	NOT-FOR-US: Inside Crochet (aka com.magazinecloner.insidecrochet) application for Android
-CVE-2014-6668 (The African Radios Live (aka com.nana.africanradioslive) application ...)
+CVE-2014-6668
 	NOT-FOR-US: African Radios Live (aka com.nana.africanradioslive) application for Android
-CVE-2014-6667 (The racemotocross (aka com.bossappsmk.racemotocross) application 1.2 ...)
+CVE-2014-6667
 	NOT-FOR-US: racemotocross (aka com.bossappsmk.racemotocross) application for Android
-CVE-2014-6666 (The Baglamukhi (aka com.wshribaglamukhiblog) application 0.1 for ...)
+CVE-2014-6666
 	NOT-FOR-US: Baglamukhi (aka com.wshribaglamukhiblog) application for Android
-CVE-2014-6665 (The Ahmed Bukhatir Nasheeds TV (aka com.wAhmedBukhatirApp) application ...)
+CVE-2014-6665
 	NOT-FOR-US: Ahmed Bukhatir Nasheeds TV (aka com.wAhmedBukhatirApp) application for Android
-CVE-2014-6664 (The Latin Angels Music HD (aka com.applizards.lafreetj) application ...)
+CVE-2014-6664
 	NOT-FOR-US: Latin Angels Music HD (aka com.applizards.lafreetj) application for Android
-CVE-2014-6663 (The Addis Gag Funny Amharic Pic (aka com.wAmharicFunnyPicture) ...)
+CVE-2014-6663
 	NOT-FOR-US: Addis Gag Funny Amharic Pic (aka com.wAmharicFunnyPicture) application for Android
-CVE-2014-6662 (The Forum Krstarice (aka com.tapatalk.forumkrstaricacom) application ...)
+CVE-2014-6662
 	NOT-FOR-US: Forum Krstarice (aka com.tapatalk.forumkrstaricacom) application for Android
-CVE-2014-6661 (The netease movie (aka com.netease.movie) application 4.7.2 for ...)
+CVE-2014-6661
 	NOT-FOR-US: netease movie (aka com.netease.movie) application for Android
-CVE-2014-6660 (The Koleksi Hadis Nabi SAW (aka com.wKoleksiHadisNabiSAW) application ...)
+CVE-2014-6660
 	NOT-FOR-US: Koleksi Hadis Nabi SAW (aka com.wKoleksiHadisNabiSAW) application for Android
-CVE-2014-6659 (The Defence.pk (aka com.tapatalk.defencepkforums) application 2.4.13.1 ...)
+CVE-2014-6659
 	NOT-FOR-US: Defence.pk (aka com.tapatalk.defencepkforums) application for Android
-CVE-2014-6658 (The Apploi Job Search- Find Jobs (aka com.apploi) application 4.19 for ...)
+CVE-2014-6658
 	NOT-FOR-US: Apploi Job Search- Find Jobs (aka com.apploi) application for Android
-CVE-2014-6657 (The Leadership Newspapers (aka com.LeadershipNewspapers) application ...)
+CVE-2014-6657
 	NOT-FOR-US: Leadership Newspapers (aka com.LeadershipNewspapers) application for Android
-CVE-2014-6656 (The drareym (aka com.drareym) application 0.1 for Android does not ...)
+CVE-2014-6656
 	NOT-FOR-US: drareym (aka com.drareym) application for Android
-CVE-2014-6655 (The Tortoise Forum (aka org.tortoiseforum.android.forumrunner) ...)
+CVE-2014-6655
 	NOT-FOR-US: Tortoise Forum (aka org.tortoiseforum.android.forumrunner) application for Android
-CVE-2014-6654 (The wTrootrooTvIzle (aka com.wTrootrooTvIzle) application 0.1 for ...)
+CVE-2014-6654
 	NOT-FOR-US: wTrootrooTvIzle (aka com.wTrootrooTvIzle) application for Android
-CVE-2014-6653 (The Afghan Radio (aka com.wordbox.afghanRadio) application 2.5 for ...)
+CVE-2014-6653
 	NOT-FOR-US: Afghan Radio (aka com.wordbox.afghanRadio) application for Android
-CVE-2014-6652 (The Wizaz Forum (aka com.tapatalk.wizazplforum) application 3.6.4 for ...)
+CVE-2014-6652
 	NOT-FOR-US: Wizaz Forum (aka com.tapatalk.wizazplforum) application for Android
-CVE-2014-6651 (The Planet of the Vapes Forum (aka ...)
+CVE-2014-6651
 	NOT-FOR-US: Planet of the Vapes Forum (aka com.tapatalk.planetofthevapescoukforums) application for Android
-CVE-2014-6650 (The NextGenUpdate (aka com.tapatalk.nextgenupdatecomforums) ...)
+CVE-2014-6650
 	NOT-FOR-US: NextGenUpdate (aka com.tapatalk.nextgenupdatecomforums) application for Android
-CVE-2014-6649 (The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) ...)
+CVE-2014-6649
 	NOT-FOR-US: MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application for Android
-CVE-2014-6648 (The iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application 3.3.20 ...)
+CVE-2014-6648
 	NOT-FOR-US: iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application for Android
-CVE-2014-6647 (The ElForro.com (aka com.tapatalk.elforrocom) application 2.4.3.10 for ...)
+CVE-2014-6647
 	NOT-FOR-US: ElForro.com (aka com.tapatalk.elforrocom) application for Android
-CVE-2014-6646 (The bellyhoodcom (aka com.tapatalk.bellyhoodcom) application 3.4.23 ...)
+CVE-2014-6646
 	NOT-FOR-US: bellyhoodcom (aka com.tapatalk.bellyhoodcom) application for Android
-CVE-2014-6645 (The Batch library for Android does not verify X.509 certificates from ...)
+CVE-2014-6645
 	NOT-FOR-US: Batch library for Android
 CVE-2014-6644
 	REJECTED
-CVE-2014-6643 (The FIAT Forum (aka com.tapatalk.fiatforumcom) application 3.8.41 for ...)
+CVE-2014-6643
 	NOT-FOR-US: FIAT Forum (aka com.tapatalk.fiatforumcom) application for Android
-CVE-2014-6642 (The Mark's Daily Apple Forum (aka ...)
+CVE-2014-6642
 	NOT-FOR-US: Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum) application for Android
-CVE-2014-6641 (The Homesteading Today (aka com.tapatalk.homesteadingtodaycom) ...)
+CVE-2014-6641
 	NOT-FOR-US: Homesteading Today (aka com.tapatalk.homesteadingtodaycom) application for Android
-CVE-2014-6640 (The DNB Trade (aka lt.dnb.mobiletrade) application 1 for Android does ...)
+CVE-2014-6640
 	NOT-FOR-US: DNB Trade (aka lt.dnb.mobiletrade) application for Android
-CVE-2014-6639 (The TIO MobilePay - Bill Payments (aka ...)
+CVE-2014-6639
 	NOT-FOR-US: TIO MobilePay - Bill Payments (aka com.tionetworks.mobile.android.tioclient) application for Android
-CVE-2014-6638 (The wTMDesktop (aka com.wTMDesktop) application 1 for Android does not ...)
+CVE-2014-6638
 	NOT-FOR-US: wTMDesktop (aka com.wTMDesktop) application for Android
-CVE-2014-6637 (The Facebook Facts (aka com.wFacebookFacts) application 0.1 for ...)
+CVE-2014-6637
 	NOT-FOR-US: Facebook Facts (aka com.wFacebookFacts) application for Android
-CVE-2014-6636 (The LG Telepresence (aka com.rsupport.rtc.lge) application 2.0.12 ...)
+CVE-2014-6636
 	NOT-FOR-US: LG Telepresence (aka com.rsupport.rtc.lge) application for Android
-CVE-2014-6635 (Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.0 allows ...)
+CVE-2014-6635
 	NOT-FOR-US: Exponent CMS
 CVE-2014-6634
 	RESERVED
-CVE-2014-6633 (The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x ...)
+CVE-2014-6633
 	{DSA-3043-1 DLA-70-1}
 	- tryton-server 3.2.3-1
 	NOTE: https://bugs.tryton.org/issue4155
-CVE-2014-6632 (Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 ...)
+CVE-2014-6632
 	NOT-FOR-US: Joomla!
-CVE-2014-6631 (Cross-site scripting (XSS) vulnerability in com_media in Joomla! 3.2.x ...)
+CVE-2014-6631
 	NOT-FOR-US: Joomla!
 CVE-2014-6630
 	RESERVED
 CVE-2014-6629
 	RESERVED
-CVE-2014-6628 (Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows ...)
+CVE-2014-6628
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6627 (Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows ...)
+CVE-2014-6627
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6626 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not ...)
+CVE-2014-6626
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6625 (The Policy Manager in Aruba Networks ClearPass before 6.3.6 and 6.4.x ...)
+CVE-2014-6625
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6624 (The Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x ...)
+CVE-2014-6624
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6623 (Cross-site request forgery (CSRF) vulnerability in the Insight module ...)
+CVE-2014-6623
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6622 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows ...)
+CVE-2014-6622
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6621 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not ...)
+CVE-2014-6621
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6620 (Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass ...)
+CVE-2014-6620
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6619 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-6619
 	NOT-FOR-US: PizzaInn_Project Restaurant Script
-CVE-2014-6618 (Cross-site scripting (XSS) vulnerability in Your Online Shop allows ...)
+CVE-2014-6618
 	NOT-FOR-US: Your Online Shop
-CVE-2014-6617 (Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 ...)
+CVE-2014-6617
 	NOT-FOR-US: Softing FG-100
-CVE-2014-6616 (Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS ...)
+CVE-2014-6616
 	NOT-FOR-US: Softing FG-100
 CVE-2014-6615
 	RESERVED
@@ -9151,9 +9151,9 @@ CVE-2014-6613
 	RESERVED
 CVE-2014-6612
 	RESERVED
-CVE-2014-6611 (The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, ...)
+CVE-2014-6611
 	NOT-FOR-US: BlackBerry
-CVE-2014-6609 (The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 ...)
+CVE-2014-6609
 	- asterisk <not-affected> (only affects 12.x series)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-009.html
 CVE-2014-6608
@@ -9162,15 +9162,15 @@ CVE-2014-6606
 	RESERVED
 CVE-2014-6605
 	RESERVED
-CVE-2014-6604 (Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in ...)
+CVE-2014-6604
 	NOT-FOR-US: Subscribe2 plugin for WordPress
-CVE-2014-6603 (The SSHParseBanner function in SSH parser (app-layer-ssh.c) in ...)
+CVE-2014-6603
 	[squeeze] - suricata <not-affected> (Vulnerable code not yet present)
 	[wheezy] - suricata <not-affected> (Vulnerable code not yet present)
 	- suricata 2.0.4-1 (bug #762828)
-CVE-2014-6602 (Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 ...)
+CVE-2014-6602
 	NOT-FOR-US: Microsoft Asha OS
-CVE-2014-7144 (OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x ...)
+CVE-2014-7144
 	- python-keystonemiddleware 1.0.0-3 (bug #762748)
 	- python-keystoneclient 1:0.10.1-2 (bug #762749)
 	[wheezy] - python-keystoneclient <no-dsa> (Minor issue)
@@ -9179,317 +9179,317 @@ CVE-2014-7143 [twisted: trustRoot not respected in HTTP client]
 	- twisted 14.0.2-1 (bug #761983)
 	[wheezy] - twisted <not-affected> (Only affects 14.0 series)
 	[squeeze] - twisted <not-affected> (Only affects 14.0 series)
-CVE-2014-6610 (Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and ...)
+CVE-2014-6610
 	{DLA-455-1}
 	- asterisk 1:11.12.1~dfsg-1 (medium; bug #762164)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010.html
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010-11.diff applies on 1:1.8.13.1~dfsg1-3+deb7u3
 	NOTE: Squeeze version doesn't have res/res_fax_spandsp.c with the problem.
-CVE-2014-6607 (M/Monit 3.3.2 and earlier does not verify the original password before ...)
+CVE-2014-6607
 	NOT-FOR-US: M/Monit
-CVE-2014-6601 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+CVE-2014-6601
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2014-6600 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-6600
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-6599 (Unspecified vulnerability in the Siebel Core - Common Components ...)
+CVE-2014-6599
 	NOT-FOR-US: Oracle
-CVE-2014-6598 (Unspecified vulnerability in the Oracle Communications Diameter ...)
+CVE-2014-6598
 	NOT-FOR-US: Oracle
-CVE-2014-6597 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-6597
 	NOT-FOR-US: Oracle
-CVE-2014-6596 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2014-6596
 	NOT-FOR-US: Oracle
-CVE-2014-6595 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-6595
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6594 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
+CVE-2014-6594
 	NOT-FOR-US: Oracle iLearning
-CVE-2014-6593 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+CVE-2014-6593
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2014-6592 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2014-6592
 	NOT-FOR-US: Oracle
-CVE-2014-6591 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+CVE-2014-6591
 	{DSA-3187-1 DSA-3147-1 DSA-3144-1 DLA-219-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
 	- icu 52.1-7 (bug #775884)
-CVE-2014-6590 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-6590
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6589 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-6589
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6588 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-6588
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6587 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+CVE-2014-6587
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2014-6586 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2014-6586
 	NOT-FOR-US: Oracle
-CVE-2014-6585 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+CVE-2014-6585
 	{DSA-3187-1 DSA-3147-1 DSA-3144-1 DLA-219-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
 	- icu 52.1-7.1 (bug #776264)
-CVE-2014-6584 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
+CVE-2014-6584
 	NOT-FOR-US: Oracle Sun Systems Products Suite ILOM
-CVE-2014-6583 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2014-6583
 	NOT-FOR-US: Oracle
-CVE-2014-6582 (Unspecified vulnerability in the Oracle HCM Configuration Workbench ...)
+CVE-2014-6582
 	NOT-FOR-US: Oracle
-CVE-2014-6581 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
+CVE-2014-6581
 	NOT-FOR-US: Oracle
-CVE-2014-6580 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
+CVE-2014-6580
 	NOT-FOR-US: Oracle
-CVE-2014-6579 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-6579
 	NOT-FOR-US: Oracle
-CVE-2014-6578 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2014-6578
 	NOT-FOR-US: Oracle
-CVE-2014-6577 (Unspecified vulnerability in the XML Developer's Kit for C component ...)
+CVE-2014-6577
 	NOT-FOR-US: Oracle
-CVE-2014-6576 (Unspecified vulnerability in the Oracle Adaptive Access Manager ...)
+CVE-2014-6576
 	NOT-FOR-US: Oracle
-CVE-2014-6575 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows ...)
+CVE-2014-6575
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-6574 (Unspecified vulnerability in the Oracle Agile PLM for Process ...)
+CVE-2014-6574
 	NOT-FOR-US: Oracle
-CVE-2014-6573 (Unspecified vulnerability in the Enterprise Manager Ops Center ...)
+CVE-2014-6573
 	NOT-FOR-US: Oracle
-CVE-2014-6572 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2014-6572
 	NOT-FOR-US: Oracle
-CVE-2014-6571 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2014-6571
 	NOT-FOR-US: Oracle
-CVE-2014-6570 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-6570
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-6569 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-6569
 	NOT-FOR-US: Oracle
-CVE-2014-6568 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, ...)
+CVE-2014-6568
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2014-6567 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2014-6567
 	NOT-FOR-US: Oracle
-CVE-2014-6566 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-6566
 	NOT-FOR-US: Oracle
-CVE-2014-6565 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2014-6565
 	NOT-FOR-US: Oracle
-CVE-2014-6564 (Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier ...)
+CVE-2014-6564
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
-CVE-2014-6563 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-6563
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6562 (Unspecified vulnerability in Oracle Java SE 8u20 allows remote ...)
+CVE-2014-6562
 	- openjdk-8 8u40~b09-1
-CVE-2014-6561 (Unspecified vulnerability in the Oracle Payments component in Oracle ...)
+CVE-2014-6561
 	NOT-FOR-US: Oracle
-CVE-2014-6560 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-6560
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6559 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ...)
+CVE-2014-6559
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6558 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and ...)
+CVE-2014-6558
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6557 (Unspecified vulnerability in the Application Performance Management ...)
+CVE-2014-6557
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2014-6556 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2014-6556
 	NOT-FOR-US: Oracle
-CVE-2014-6555 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ...)
+CVE-2014-6555
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6554 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2014-6554
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6553 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2014-6553
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6552 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2014-6552
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6551 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ...)
+CVE-2014-6551
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6550 (Unspecified vulnerability in the Oracle Applications Object Library ...)
+CVE-2014-6550
 	NOT-FOR-US: Oracle
-CVE-2014-6549 (Unspecified vulnerability in Oracle Java SE 8u25 allows remote ...)
+CVE-2014-6549
 	- openjdk-8 8u40~b22-1
-CVE-2014-6548 (Unspecified vulnerability in the Oracle SOA Suite component in Oracle ...)
+CVE-2014-6548
 	NOT-FOR-US: Oracle
-CVE-2014-6547 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-6547
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6546 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-6546
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6545 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-6545
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6544 (Unspecified vulnerability in the JDBC component in Oracle Database ...)
+CVE-2014-6544
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6543 (Unspecified vulnerability in the Agile PLM component in Oracle Supply ...)
+CVE-2014-6543
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6542 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
+CVE-2014-6542
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6541 (Unspecified vulnerability in the Recovery component in Oracle Database ...)
+CVE-2014-6541
 	NOT-FOR-US: Oracle
-CVE-2014-6540 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-6540
 	- virtualbox-guest-additions <removed>
 	- virtualbox-guest-additions-iso 4.3.14-1
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
-CVE-2014-6539 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2014-6539
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6538 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-6538
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6537 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-6537
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6536 (Unspecified vulnerability in the Agile PLM component in Oracle Supply ...)
+CVE-2014-6536
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6535 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-6535
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6534 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-6534
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6533 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-6533
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6532 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 ...)
+CVE-2014-6532
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6531 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and ...)
+CVE-2014-6531
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6530 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
+CVE-2014-6530
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6529 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2014-6529
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6528 (Unspecified vulnerability in the Siebel Core - System Management ...)
+CVE-2014-6528
 	NOT-FOR-US: Oracle
-CVE-2014-6527 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows ...)
+CVE-2014-6527
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6526 (Unspecified vulnerability in the Oracle Directory Server Enterprise ...)
+CVE-2014-6526
 	NOT-FOR-US: Oracle
-CVE-2014-6525 (Unspecified vulnerability in the Oracle Web Applications Desktop ...)
+CVE-2014-6525
 	NOT-FOR-US: Oracle
-CVE-2014-6524 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2014-6524
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6523 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2014-6523
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6522 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2014-6522
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6521 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2014-6521
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6520 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ...)
+CVE-2014-6520
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 series)
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6519 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE ...)
+CVE-2014-6519
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6518 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows local ...)
+CVE-2014-6518
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6517 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java ...)
+CVE-2014-6517
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6516 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2014-6516
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2014-6515 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 ...)
+CVE-2014-6515
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6514 (Unspecified vulnerability in the PL/SQL component in Oracle Database ...)
+CVE-2014-6514
 	NOT-FOR-US: Oracle
-CVE-2014-6513 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and ...)
+CVE-2014-6513
 	- openjdk-6 <not-affected> (Windows-specific)
 	- openjdk-7 <not-affected> (Windows-specific)
 	- openjdk-8 <not-affected> (Windows-specific)
-CVE-2014-6512 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and ...)
+CVE-2014-6512
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
 	NOTE: Upstream OpenJDK commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/0798607dd425
-CVE-2014-6511 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and ...)
+CVE-2014-6511
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6510 (Unspecified vulnerability in Oracle Solaris 11 allows local users to ...)
+CVE-2014-6510
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6509 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+CVE-2014-6509
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6508 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows ...)
+CVE-2014-6508
 	NOT-FOR-US: Oracle Sun Solaris 10 and 11
-CVE-2014-6507 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ...)
+CVE-2014-6507
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6506 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and ...)
+CVE-2014-6506
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6505 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
+CVE-2014-6505
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6504 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, ...)
+CVE-2014-6504
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6503 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 ...)
+CVE-2014-6503
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6502 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and ...)
+CVE-2014-6502
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6501 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-6501
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6500 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ...)
+CVE-2014-6500
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9497,13 +9497,13 @@ CVE-2014-6500 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6499 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-6499
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6498 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-6498
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6497 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-6497
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6496 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ...)
+CVE-2014-6496
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9511,7 +9511,7 @@ CVE-2014-6496 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6495 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
+CVE-2014-6495
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
@@ -9519,7 +9519,7 @@ CVE-2014-6495 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6494 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ...)
+CVE-2014-6494
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9527,15 +9527,15 @@ CVE-2014-6494 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6493 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 ...)
+CVE-2014-6493
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6492 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when ...)
+CVE-2014-6492
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6491 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ...)
+CVE-2014-6491
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9543,37 +9543,37 @@ CVE-2014-6491 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6490 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2014-6490
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6489 (Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier ...)
+CVE-2014-6489
 	- mysql-5.5 <not-affected> (Only MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
-CVE-2014-6488 (Unspecified vulnerability in the Enterprise Manager for Oracle ...)
+CVE-2014-6488
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control EM Base Plattform
-CVE-2014-6487 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2014-6487
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6486 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2014-6486
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6485 (Unspecified vulnerability in Oracle Java SE 8u20 and JavaFX 2.2.65 ...)
+CVE-2014-6485
 	- openjdk-8 8u40~b09-1
-CVE-2014-6484 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
+CVE-2014-6484
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6483 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2014-6483
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6482 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-6482
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6481 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote ...)
+CVE-2014-6481
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6480 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2014-6480
 	NOT-FOR-US: Oracle
-CVE-2014-6479 (Unspecified vulnerability in the Oracle Applications Technology ...)
+CVE-2014-6479
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6478 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
+CVE-2014-6478
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
@@ -9581,97 +9581,97 @@ CVE-2014-6478 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed>
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6477 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-6477
 	NOT-FOR-US: Oracle Database
-CVE-2014-6476 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows ...)
+CVE-2014-6476
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6475 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-6475
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6474 (Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier ...)
+CVE-2014-6474
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
-CVE-2014-6473 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2014-6473
 	NOT-FOR-US: Oracle Sun Solaris 10 and 11
-CVE-2014-6472 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2014-6472
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6471 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2014-6471
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6470 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-6470
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6469 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ...)
+CVE-2014-6469
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6468 (Unspecified vulnerability in Oracle Java SE 8u20 allows local users to ...)
+CVE-2014-6468
 	- openjdk-8 8u40~b09-1
-CVE-2014-6467 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-6467
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6466 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when ...)
+CVE-2014-6466
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6465 (Unspecified vulnerability in the Oracle Communications Session Border ...)
+CVE-2014-6465
 	NOT-FOR-US: Oracle Communications Applications
-CVE-2014-6464 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ...)
+CVE-2014-6464
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6463 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ...)
+CVE-2014-6463
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6462 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2014-6462
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6461 (Unspecified vulnerability in the Agile PLM component in Oracle Supply ...)
+CVE-2014-6461
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6460 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-6460
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6459 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2014-6459
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-6458 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 ...)
+CVE-2014-6458
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6457 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and ...)
+CVE-2014-6457
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6456 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows ...)
+CVE-2014-6456
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6455 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
+CVE-2014-6455
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6454 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
+CVE-2014-6454
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6453 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-6453
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6452 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
+CVE-2014-6452
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6451 (J-Web in Juniper vSRX virtual firewalls with Junos OS before ...)
+CVE-2014-6451
 	NOT-FOR-US: Juniper
-CVE-2014-6450 (Juniper Junos OS before 11.4R12-S4, 12.1X44 before 12.1X44-D41, ...)
+CVE-2014-6450
 	NOT-FOR-US: Juniper Junos OS
-CVE-2014-6449 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, ...)
+CVE-2014-6449
 	NOT-FOR-US: Juniper Junos OS
 CVE-2014-6448
 	RESERVED
 CVE-2014-6447
 	RESERVED
-CVE-2014-6446 (The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for ...)
+CVE-2014-6446
 	NOT-FOR-US: WordPress plugin Infusionsoft Gravity Forms
-CVE-2014-6445 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-6445
 	NOT-FOR-US: WordPress plugin Contact Form 7 Integrations
-CVE-2014-6444 (Multiple cross-site scripting (XSS) vulnerabilities in the Titan ...)
+CVE-2014-6444
 	NOT-FOR-US: Titan Framework plugin for WordPress
 CVE-2014-6443
 	RESERVED
@@ -9679,13 +9679,13 @@ CVE-2014-6442
 	RESERVED
 CVE-2014-6441
 	RESERVED
-CVE-2014-6440 (VideoLAN VLC media player before 2.1.5 allows remote attackers to ...)
+CVE-2014-6440
 	- vlc 2.1.5-1 (low)
 	[wheezy] - vlc <not-affected> (Introduced in 2.1)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-6439 (Cross-site scripting (XSS) vulnerability in the CORS functionality in ...)
+CVE-2014-6439
 	- elasticsearch 1.0.3+dfsg-4 (bug #763958; low)
-CVE-2014-6438 (The URI.decode_www_form_component method in Ruby before 1.9.2-p330 ...)
+CVE-2014-6438
 	{DLA-275-1}
 	- ruby1.9.1 1.9.3.0-1
 	- ruby1.8 <not-affected> (Vulnerable code not present)
@@ -9694,15 +9694,15 @@ CVE-2014-6438 (The URI.decode_www_form_component method in Ruby before 1.9.2-p33
 	NOTE: https://github.com/ruby/ruby/commit/5082e91876502a2f3dde862406a0efe9f85afcdb
 	NOTE: https://github.com/ruby/ruby/commit/7b9354af8805c02ed968765abe300162e0fcc943
 	NOTE: CVE assignment is specific to ruby 1.9.x series?
-CVE-2014-6437 (Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow ...)
+CVE-2014-6437
 	NOT-FOR-US: Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices
-CVE-2014-6436 (Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly ...)
+CVE-2014-6436
 	NOT-FOR-US: Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices
-CVE-2014-6435 (cgi-bin/AZ_Retrain.cgi in Aztech ADSL DSL5018EN (1T1R), DSL705E, and ...)
+CVE-2014-6435
 	NOT-FOR-US: Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices
-CVE-2014-6434 (gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary ...)
+CVE-2014-6434
 	NOT-FOR-US: GoPro
-CVE-2014-6433 (gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary ...)
+CVE-2014-6433
 	NOT-FOR-US: GoPro
 CVE-2014-6420
 	RESERVED
@@ -9712,15 +9712,15 @@ CVE-2014-6415
 	RESERVED
 CVE-2014-6413
 	RESERVED
-CVE-2014-6412 (WordPress before 4.4 makes it easier for remote attackers to predict ...)
+CVE-2014-6412
 	- wordpress <not-affected> (Affects only Wordpress on Windows systems)
 CVE-2014-6411
 	RESERVED
-CVE-2014-6409 (Cross-site request forgery (CSRF) vulnerability in M/Monit 3.3.2 and ...)
+CVE-2014-6409
 	NOT-FOR-US: M/Monit
-CVE-2014-6408 (Docker 1.3.0 through 1.3.1 allows remote attackers to modify the ...)
+CVE-2014-6408
 	- docker.io 1.3.2~dfsg1-1
-CVE-2014-6407 (Docker before 1.3.2 allows remote attackers to write to arbitrary ...)
+CVE-2014-6407
 	- docker.io 1.3.2~dfsg1-1
 CVE-2014-6406
 	RESERVED
@@ -9742,146 +9742,146 @@ CVE-2014-6398
 	RESERVED
 CVE-2014-6397
 	RESERVED
-CVE-2014-6396 (The dissector_postgresql function in dissectors/ec_postgresql.c in ...)
+CVE-2014-6396
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-6395 (Heap-based buffer overflow in the dissector_postgresql function in ...)
+CVE-2014-6395
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-6394 (visionmedia send before 0.8.4 for Node.js uses a partial comparison ...)
+CVE-2014-6394
 	- node-send 0.9.4-1
 	NOTE: https://nodesecurity.io/advisories/send-directory-traversal
-CVE-2014-6393 (The Express web framework before 3.11 and 4.x before 4.5 for Node.js ...)
+CVE-2014-6393
 	- node-express <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
-CVE-2014-6392 (** DISPUTED ** Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2014-6392
 	NOT-FOR-US: Facebook app and Facebook Messenger app for iOS
 CVE-2014-6391
 	RESERVED
 CVE-2014-6390
 	RESERVED
-CVE-2014-6389 (backup.php in PHPCompta/NOALYSS before 6.7.2 allows remote attackers ...)
+CVE-2014-6389
 	NOT-FOR-US: PhpCompta
 CVE-2014-6388
 	REJECTED
-CVE-2014-7145 (The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before ...)
+CVE-2014-7145
 	- linux 3.16.3-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
 	NOTE: upstream fix: https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce (v3.17-rc2)
-CVE-2014-6432 (The SnifferDecompress function in wiretap/ngsniffer.c in the DOS ...)
+CVE-2014-6432
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6431 (Buffer overflow in the SnifferDecompress function in ...)
+CVE-2014-6431
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6430 (The SnifferDecompress function in wiretap/ngsniffer.c in the DOS ...)
+CVE-2014-6430
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6429 (The SnifferDecompress function in wiretap/ngsniffer.c in the DOS ...)
+CVE-2014-6429
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6428 (The dissect_spdu function in epan/dissectors/packet-ses.c in the SES ...)
+CVE-2014-6428
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-18.html
-CVE-2014-6427 (Off-by-one error in the is_rtsp_request_or_reply function in ...)
+CVE-2014-6427
 	{DSA-3049-1}
 	- wireshark 1.12.1+g01b65bf-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-17.html
-CVE-2014-6426 (The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the ...)
+CVE-2014-6426
 	- wireshark 1.12.1+g01b65bf-1
 	[wheezy] - wireshark <not-affected> (Only applies to 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only applies to 1.12.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-16.html
-CVE-2014-6425 (The (1) get_quoted_string and (2) get_unquoted_string functions in ...)
+CVE-2014-6425
 	- wireshark 1.12.1+g01b65bf-1
 	[wheezy] - wireshark <not-affected> (Only applies to 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only applies to 1.12.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-15.html
-CVE-2014-6424 (The dissect_v9_v10_pdu_data function in ...)
+CVE-2014-6424
 	{DSA-3049-1}
 	- wireshark 1.12.1+g01b65bf-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-14.html
-CVE-2014-6423 (The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in ...)
+CVE-2014-6423
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-13.html
-CVE-2014-6422 (The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate ...)
+CVE-2014-6422
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-12.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=04c05a21e34cec326f1aff2f5f8a6e74e1ced984 (v1.11.3)
-CVE-2014-6421 (Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x ...)
+CVE-2014-6421
 	- wireshark 1.12.0~rc1-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-12.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=81c4eee84b6ee19fd27929856fa1465b1af148c6 (v1.10.10)
-CVE-2014-6418 (net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, ...)
+CVE-2014-6418
 	- linux 3.16.3-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
-CVE-2014-6417 (net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, ...)
+CVE-2014-6417
 	- linux 3.16.3-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
-CVE-2014-6416 (Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux ...)
+CVE-2014-6416
 	- linux 3.16.3-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
-CVE-2014-6414 (OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows ...)
+CVE-2014-6414
 	- neutron 2014.1.3-1
 	NOTE: vulnerable versions up to 2013.2.4 and 2014.1 versions up to 2014.1.2
-CVE-2014-6410 (The __udf_read_inode function in fs/udf/inode.c in the Linux kernel ...)
+CVE-2014-6410
 	{DLA-118-1}
 	- linux 3.16.5-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c03aa9f6e1f938618e6db2e23afef0574efeeb65 (v3.17-rc5)
-CVE-2014-6386 (Juniper Junos 11.4 before 11.4R8, 12.1X44 before 12.1X44-D35, 12.1X45 ...)
+CVE-2014-6386
 	NOT-FOR-US: Juniper
-CVE-2014-6385 (Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 ...)
+CVE-2014-6385
 	NOT-FOR-US: Juniper
-CVE-2014-6384 (Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25, ...)
+CVE-2014-6384
 	NOT-FOR-US: Juniper
-CVE-2014-6383 (The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, ...)
+CVE-2014-6383
 	NOT-FOR-US: Juniper
-CVE-2014-6382 (The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before ...)
+CVE-2014-6382
 	NOT-FOR-US: Juniper
-CVE-2014-6381 (Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, ...)
+CVE-2014-6381
 	NOT-FOR-US: Juniper
-CVE-2014-6380 (Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, ...)
+CVE-2014-6380
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6379 (Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, ...)
+CVE-2014-6379
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6378 (Juniper Junos 11.4 before R12-S4, 12.1X44 before D35, 12.1X45 before ...)
+CVE-2014-6378
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6377 (Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before ...)
+CVE-2014-6377
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6376 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-6376
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6375 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-6375
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6374 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-6374
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6373 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2014-6373
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-6372
 	REJECTED
@@ -9889,113 +9889,113 @@ CVE-2014-6371
 	REJECTED
 CVE-2014-6370
 	REJECTED
-CVE-2014-6369 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-6369
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6368 (Microsoft Internet Explorer 11 allows remote attackers to bypass the ...)
+CVE-2014-6368
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-6367
 	REJECTED
-CVE-2014-6366 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2014-6366
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6365 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-6365
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6364 (Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; ...)
+CVE-2014-6364
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6363 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with ...)
+CVE-2014-6363
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6362 (Use-after-free vulnerability in Microsoft Office 2007 SP3, 2010 SP2, ...)
+CVE-2014-6362
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6361 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, ...)
+CVE-2014-6361
 	NOT-FOR-US: Microsoft Excel
-CVE-2014-6360 (Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility ...)
+CVE-2014-6360
 	NOT-FOR-US: Microsoft Excel
 CVE-2014-6359
 	REJECTED
 CVE-2014-6358
 	REJECTED
-CVE-2014-6357 (Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 ...)
+CVE-2014-6357
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6356 (Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and ...)
+CVE-2014-6356
 	NOT-FOR-US: Microsoft Word
-CVE-2014-6355 (The Graphics Component in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2014-6355
 	NOT-FOR-US: Microsft Windows
-CVE-2014-6354 (Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, ...)
+CVE-2014-6354
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6353 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2014-6353
 	NOT-FOR-US: Microsoft
-CVE-2014-6352 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2014-6352
 	NOT-FOR-US: Microsoft
-CVE-2014-6351 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-6351
 	NOT-FOR-US: Microsoft
-CVE-2014-6350 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain ...)
+CVE-2014-6350
 	NOT-FOR-US: Microsoft
-CVE-2014-6349 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain ...)
+CVE-2014-6349
 	NOT-FOR-US: Microsoft
-CVE-2014-6348 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-6348
 	NOT-FOR-US: Microsoft
-CVE-2014-6347 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-6347
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6346 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-6346
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6345 (Microsoft Internet Explorer 9 and 10 allows remote attackers to read ...)
+CVE-2014-6345
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6344 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2014-6344
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6343 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-6343
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6342 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-6342
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6341 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-6341
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6340 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-6340
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6339 (Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass ...)
+CVE-2014-6339
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-6338
 	REJECTED
-CVE-2014-6337 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-6337
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6336 (Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and ...)
+CVE-2014-6336
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6335 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack ...)
+CVE-2014-6335
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6334 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack ...)
+CVE-2014-6334
 	NOT-FOR-US: Microsoft
-CVE-2014-6333 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack ...)
+CVE-2014-6333
 	NOT-FOR-US: Microsoft
-CVE-2014-6332 (OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2014-6332
 	NOT-FOR-US: Microsoft
-CVE-2014-6331 (Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and ...)
+CVE-2014-6331
 	NOT-FOR-US: Microsoft
-CVE-2014-6330 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-6330
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6329 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-6329
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6328 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-6328
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6327 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-6327
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6326 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server ...)
+CVE-2014-6326
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6325 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server ...)
+CVE-2014-6325
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6324 (The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server ...)
+CVE-2014-6324
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-6323 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2014-6323
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6322 (The Windows Audio service in Microsoft Windows Vista SP2, Windows ...)
+CVE-2014-6322
 	NOT-FOR-US: Microsoft
-CVE-2014-6321 (Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, ...)
+CVE-2014-6321
 	NOT-FOR-US: Microsoft
 CVE-2014-6320
 	REJECTED
-CVE-2014-6319 (Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, ...)
+CVE-2014-6319
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6318 (The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft ...)
+CVE-2014-6318
 	NOT-FOR-US: Microsoft
-CVE-2014-6317 (Array index error in win32k.sys in the kernel-mode drivers in ...)
+CVE-2014-6317
 	NOT-FOR-US: Microsoft
-CVE-2014-6316 (core/string_api.php in MantisBT before 1.2.18 does not properly ...)
+CVE-2014-6316
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -10004,17 +10004,17 @@ CVE-2014-6316 (core/string_api.php in MantisBT before 1.2.18 does not properly .
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17362
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17698
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17811
-CVE-2014-6315 (Multiple cross-site scripting (XSS) vulnerabilities in the Web-Dorado ...)
+CVE-2014-6315
 	NOT-FOR-US: WordPress plugin Photo Gallery
 CVE-2014-6314
 	RESERVED
-CVE-2014-6313 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
+CVE-2014-6313
 	NOT-FOR-US: WordPress plugin WooCommerce
-CVE-2014-6312 (Cross-site request forgery (CSRF) vulnerability in the Login Widget ...)
+CVE-2014-6312
 	NOT-FOR-US: Login Widget With Shortcode (login-sidebar-widget) plugin for WordPress
-CVE-2014-6309 (The HTTP and WebSocket engine components in the server in Kaazing ...)
+CVE-2014-6309
 	NOT-FOR-US: Kaazing Gateway
-CVE-2014-6308 (Directory traversal vulnerability in OSClass before 3.4.2 allows ...)
+CVE-2014-6308
 	NOT-FOR-US: OsClass
 CVE-2014-6307
 	RESERVED
@@ -10022,62 +10022,62 @@ CVE-2014-6306
 	RESERVED
 CVE-2014-6305
 	RESERVED
-CVE-2014-6304 (The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 ...)
+CVE-2014-6304
 	NOT-FOR-US: PNMsoft
-CVE-2014-6303 (The Monitoring Administration pages in PNMsoft Sequence Kinetics ...)
+CVE-2014-6303
 	NOT-FOR-US: PNMsoft
-CVE-2014-6302 (The Monitoring Administration pages in PNMsoft Sequence Kinetics ...)
+CVE-2014-6302
 	NOT-FOR-US: PNMsoft
-CVE-2014-6301 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-6301
 	NOT-FOR-US: PNMsoft
-CVE-2014-6300 (Cross-site scripting (XSS) vulnerability in the micro history ...)
+CVE-2014-6300
 	- phpmyadmin 4:4.2.8.1-1
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-6299 (Cross-site request forgery (CSRF) vulnerability in the mm_forum ...)
+CVE-2014-6299
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6298 (Unrestricted file upload vulnerability in the mm_forum extension ...)
+CVE-2014-6298
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6297 (Cross-site scripting (XSS) vulnerability in the mm_forum extension ...)
+CVE-2014-6297
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6296 (Cross-site scripting (XSS) vulnerability in the WEC Map (wec_map) ...)
+CVE-2014-6296
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6295 (SQL injection vulnerability in the WEC Map (wec_map) extension before ...)
+CVE-2014-6295
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6294 (Cross-site scripting (XSS) vulnerability in the External links click ...)
+CVE-2014-6294
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6293 (SQL injection vulnerability in the Statistics (ke_stats) extension ...)
+CVE-2014-6293
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6292 (The femanager extension before 1.0.9 for TYPO3 allows remote frontend ...)
+CVE-2014-6292
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6291 (Cross-site scripting (XSS) vulnerability in the Alphabetic Sitemap ...)
+CVE-2014-6291
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6290 (The News (tt_news) extension before 3.5.2 for TYPO3 allows remote ...)
+CVE-2014-6290
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6289 (The Ajax dispatcher for Extbase in the Yet Another Gallery (yag) ...)
+CVE-2014-6289
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6288 (The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers ...)
+CVE-2014-6288
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6287 (The findMacroMarker function in parserLib.pas in Rejetto HTTP File ...)
+CVE-2014-6287
 	NOT-FOR-US: Rejetto HTTP File Server
 CVE-2014-6286
 	RESERVED
 CVE-2014-6285
 	RESERVED
-CVE-2014-6284 (SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before ...)
+CVE-2014-6284
 	NOT-FOR-US: SAP Adaptive Server Enterprise
-CVE-2014-6283 (SAP Adaptive Server Enterprise (ASE) 15.7 before SP122 or SP63, 15.5 ...)
+CVE-2014-6283
 	NOT-FOR-US: SAP Adaptive Server Enterprise
 CVE-2014-6282
 	RESERVED
 CVE-2014-6281
 	RESERVED
-CVE-2014-6280 (Multiple cross-site scripting (XSS) vulnerabilities in OSClass before ...)
+CVE-2014-6280
 	NOT-FOR-US: OsClass
 CVE-2014-6279
 	RESERVED
-CVE-2014-6278 (GNU Bash through 4.3 bash43-026 does not properly parse function ...)
+CVE-2014-6278
 	- bash 4.3-9.2 (high)
 	[wheezy] - bash 4.2+dfsg-0.1+deb7u3 (high)
 	[squeeze] - bash 4.1-3+deb6u2 (high)
@@ -10085,7 +10085,7 @@ CVE-2014-6278 (GNU Bash through 4.3 bash43-026 does not properly parse function
 	NOTE: exploitation of this issue by making bash only use environment variables
 	NOTE: with specific names (BASH_FUNC_*()) to define functions from its
 	NOTE: environment.
-CVE-2014-6277 (GNU Bash through 4.3 bash43-026 does not properly parse function ...)
+CVE-2014-6277
 	- bash 4.3-9.2
 	[wheezy] - bash 4.2+dfsg-0.1+deb7u3
 	[squeeze] - bash 4.1-3+deb6u2
@@ -10093,7 +10093,7 @@ CVE-2014-6277 (GNU Bash through 4.3 bash43-026 does not properly parse function
 	NOTE: exploitation of this issue by making bash only use environment variables
 	NOTE: with specific names (BASH_FUNC_*()) to define functions from its
 	NOTE: environment.
-CVE-2014-6276 (schema.py in Roundup before 1.5.1 does not properly limit attributes ...)
+CVE-2014-6276
 	{DSA-3502-1}
 	- roundup <removed> (bug #816780)
 	NOTE: http://hg.code.sf.net/p/roundup/code/rev/a403c29ffaf9
@@ -10107,13 +10107,13 @@ CVE-2014-6274 [S3 and Glacier remotes creds embedded in the git repo were not en
 	- git-annex 5.20140919
 	[wheezy] - git-annex <not-affected> (Vulnerable code introduced in 3.20121126)
 	NOTE: https://git-annex.branchable.com/upgrades/insecure_embedded_creds/
-CVE-2014-6273 (Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and ...)
+CVE-2014-6273
 	{DSA-3031-1 DLA-58-1}
 	- apt 1.0.3
-CVE-2014-6272 (Multiple integer overflows in the evbuffer API in Libevent 1.4.x ...)
+CVE-2014-6272
 	{DSA-3119-1 DLA-137-1}
 	- libevent 2.0.21-stable-2 (bug #774645)
-CVE-2014-6271 (GNU Bash through 4.3 processes trailing strings after function ...)
+CVE-2014-6271
 	{DSA-3032-1 DLA-59-1}
 	- bash 4.3-9.1
 CVE-2014-6267
@@ -10128,25 +10128,25 @@ CVE-2014-6263
 	RESERVED
 CVE-2014-6262
 	RESERVED
-CVE-2014-6261 (Zenoss Core through 5 Beta 3 does not properly implement the Check For ...)
+CVE-2014-6261
 	- zenoss <itp> (bug #361253)
-CVE-2014-6260 (Zenoss Core through 5 Beta 3 does not require a password for modifying ...)
+CVE-2014-6260
 	- zenoss <itp> (bug #361253)
-CVE-2014-6259 (Zenoss Core through 5 Beta 3 does not properly detect recursion during ...)
+CVE-2014-6259
 	- zenoss <itp> (bug #361253)
-CVE-2014-6258 (An unspecified endpoint in Zenoss Core through 5 Beta 3 allows remote ...)
+CVE-2014-6258
 	- zenoss <itp> (bug #361253)
-CVE-2014-6257 (Zenoss Core through 5 Beta 3 allows remote attackers to bypass ...)
+CVE-2014-6257
 	- zenoss <itp> (bug #361253)
-CVE-2014-6256 (Zenoss Core through 5 Beta 3 allows remote attackers to bypass ...)
+CVE-2014-6256
 	- zenoss <itp> (bug #361253)
-CVE-2014-6255 (Open redirect vulnerability in the login form in Zenoss Core before ...)
+CVE-2014-6255
 	- zenoss <itp> (bug #361253)
-CVE-2014-6254 (Multiple cross-site scripting (XSS) vulnerabilities in Zenoss Core ...)
+CVE-2014-6254
 	- zenoss <itp> (bug #361253)
-CVE-2014-6253 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss ...)
+CVE-2014-6253
 	- zenoss <itp> (bug #361253)
-CVE-2014-6387 (gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to ...)
+CVE-2014-6387
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -10160,7 +10160,7 @@ CVE-2014-XXXX [install-sh: insecure use of /tmp]
 	- automake-1.15 1:1.15-3 (unimportant; bug #760455)
 	NOTE: http://seclists.org/oss-sec/2014/q3/588
 	NOTE: Neutralised by kernel hardening
-CVE-2014-6252 (Buffer overflow in disp+work.exe 7000.52.12.34966 and ...)
+CVE-2014-6252
 	NOT-FOR-US: SAP NetWeaver
 CVE-2014-6311 [/tmp file vulnerability in generate_doxygen.pl]
 	RESERVED
@@ -10169,7 +10169,7 @@ CVE-2014-6311 [/tmp file vulnerability in generate_doxygen.pl]
 CVE-2014-6310
 	RESERVED
 	- chicken <not-affected> (Affects only CHICKEN Scheme on the Android platform)
-CVE-2014-6270 (Off-by-one error in the snmpHandleUdp function in snmp_core.cc in ...)
+CVE-2014-6270
 	- squid <removed> (unimportant)
 	NOTE: SNMP not built in squid 2
 	- squid3 3.4.8-1 (low; bug #761002)
@@ -10179,7 +10179,7 @@ CVE-2014-6270 (Off-by-one error in the snmpHandleUdp function in snmp_core.cc in
 	NOTE: Upstream commits: http://bazaar.launchpad.net/~squid/squid/trunk/revision/13574
 	NOTE: http://bazaar.launchpad.net/~squid/squid/trunk/revision/13582
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_3.txt
-CVE-2014-7142 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain ...)
+CVE-2014-7142
 	- squid 4.1-1
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
@@ -10188,7 +10188,7 @@ CVE-2014-7142 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to o
 	[wheezy] - squid3 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=891268
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_4.txt
-CVE-2014-7141 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain ...)
+CVE-2014-7141
 	- squid 4.1-1
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
@@ -10197,11 +10197,11 @@ CVE-2014-7141 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to o
 	[wheezy] - squid3 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=891268
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_4.txt
-CVE-2014-6268 (The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest ...)
+CVE-2014-6268
 	- xen 4.4.1-3
 	[wheezy] - xen <not-affected> (Affects only Xen 4.4 onwards)
 	[squeeze] - xen <not-affected> (Affects only Xen 4.4 onwards)
-CVE-2014-6251 (Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote ...)
+CVE-2014-6251
 	NOT-FOR-US: CPUMiner, related to cgminer according to #773624
 CVE-2014-6250
 	RESERVED
@@ -10217,41 +10217,41 @@ CVE-2014-6245
 	RESERVED
 CVE-2014-6244
 	RESERVED
-CVE-2014-6243 (Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer ...)
+CVE-2014-6243
 	NOT-FOR-US: WordPress plugin EWWW Image Optimizer
-CVE-2014-6242 (Multiple SQL injection vulnerabilities in the All In One WP Security &amp; ...)
+CVE-2014-6242
 	NOT-FOR-US: WordPress plugin All In One WP Security
-CVE-2014-6230 (WP-Ban plugin before 1.6.4 for WordPress, when running in certain ...)
+CVE-2014-6230
 	NOT-FOR-US: WordPress plugin WP-Ban
-CVE-2014-6229 (The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook ...)
+CVE-2014-6229
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-6228 (Integer overflow in the string_chunk_split function in ...)
+CVE-2014-6228
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-3618 (Heap-based buffer overflow in formisc.c in formail in procmail 3.22 ...)
+CVE-2014-3618
 	{DSA-3019-1 DLA-46-1}
 	- procmail 3.22-22 (bug #760443)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/09/03/8
-CVE-2014-6241 (SQL injection vulnerability in the wt_directory extension before 1.4.1 ...)
+CVE-2014-6241
 	NOT-FOR-US: Typo3 extension wt_directory
-CVE-2014-6240 (Cross-site scripting (XSS) vulnerability in the Google Sitemap ...)
+CVE-2014-6240
 	NOT-FOR-US: Typo3 extension weeaar_googlesitemap
-CVE-2014-6239 (SQL injection vulnerability in the Address visualization with Google ...)
+CVE-2014-6239
 	NOT-FOR-US: Typo3 extension st_address_map
-CVE-2014-6238 (Cross-site scripting (XSS) vulnerability in the Akronymmanager (aka SB ...)
+CVE-2014-6238
 	NOT-FOR-US: Typo3 extension Akronymmanager
-CVE-2014-6237 (Cross-site scripting (XSS) vulnerability in the News Pack extension ...)
+CVE-2014-6237
 	NOT-FOR-US: Typo3 extension News Pack
-CVE-2014-6236 (Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) ...)
+CVE-2014-6236
 	NOT-FOR-US: Typo3 extension lumophpinclude
-CVE-2014-6235 (Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for ...)
+CVE-2014-6235
 	NOT-FOR-US: Typo3 extension DomPDF
-CVE-2014-6234 (Cross-site scripting (XSS) vulnerability in the Open Graph protocol ...)
+CVE-2014-6234
 	NOT-FOR-US: Typo3 extension jh_opengraphprotocol
-CVE-2014-6233 (SQL injection vulnerability in the Flat Manager (flatmgr) extension ...)
+CVE-2014-6233
 	NOT-FOR-US: Typo3 extension flatmgr
-CVE-2014-6232 (Unspecified vulnerability in the LDAP (eu_ldap) extension before ...)
+CVE-2014-6232
 	NOT-FOR-US: Typo3 extension eu_ldap
-CVE-2014-6231 (Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) ...)
+CVE-2014-6231
 	NOT-FOR-US: Typo3 extension cwt_feedit
 	NOTE: This is different from the feedit extension in typo3-src.
 CVE-2014-6227
@@ -10264,9 +10264,9 @@ CVE-2014-6224
 	RESERVED
 CVE-2014-6223
 	RESERVED
-CVE-2014-6222 (Directory traversal vulnerability in IBM Marketing Operations 7.x and ...)
+CVE-2014-6222
 	NOT-FOR-US: IBM Marketing Operations
-CVE-2014-6221 (The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational ...)
+CVE-2014-6221
 	NOT-FOR-US: IBM Rational ClearCase
 CVE-2014-6220
 	RESERVED
@@ -10278,19 +10278,19 @@ CVE-2014-6217
 	RESERVED
 CVE-2014-6216
 	RESERVED
-CVE-2014-6215 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
+CVE-2014-6215
 	NOT-FOR-US: IBM
-CVE-2014-6214 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
+CVE-2014-6214
 	NOT-FOR-US: IBM
 CVE-2014-6213
 	RESERVED
-CVE-2014-6212 (The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 ...)
+CVE-2014-6212
 	NOT-FOR-US: IBM
-CVE-2014-6211 (The command-line scripts in IBM WebSphere Commerce 6.0 through ...)
+CVE-2014-6211
 	NOT-FOR-US: IBM
-CVE-2014-6210 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 ...)
+CVE-2014-6210
 	NOT-FOR-US: IBM
-CVE-2014-6209 (IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 ...)
+CVE-2014-6209
 	NOT-FOR-US: IBM
 CVE-2014-6208
 	RESERVED
@@ -10310,264 +10310,264 @@ CVE-2014-6201
 	RESERVED
 CVE-2014-6200
 	RESERVED
-CVE-2014-6199 (The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x ...)
+CVE-2014-6199
 	NOT-FOR-US: IBM
-CVE-2014-6198 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...)
+CVE-2014-6198
 	NOT-FOR-US: IBM
-CVE-2014-6197 (IBM Security Network Protection 5.1.x and 5.2.x before 5.2.0.0 FP5 and ...)
+CVE-2014-6197
 	NOT-FOR-US: IBM
-CVE-2014-6196 (Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory ...)
+CVE-2014-6196
 	NOT-FOR-US: IBM WEF
-CVE-2014-6195 (The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage ...)
+CVE-2014-6195
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6194 (Directory traversal vulnerability in an unspecified web form in IBM ...)
+CVE-2014-6194
 	NOT-FOR-US: IBM Maximo
-CVE-2014-6193 (IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, ...)
+CVE-2014-6193
 	NOT-FOR-US: IBM
-CVE-2014-6192 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
+CVE-2014-6192
 	NOT-FOR-US: IBM
-CVE-2014-6191 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
+CVE-2014-6191
 	NOT-FOR-US: IBM
-CVE-2014-6190 (The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows ...)
+CVE-2014-6190
 	NOT-FOR-US: IBM
-CVE-2014-6189 (Cross-site scripting (XSS) vulnerability in IBM Security Network ...)
+CVE-2014-6189
 	NOT-FOR-US: IBM
-CVE-2014-6188 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere ...)
+CVE-2014-6188
 	NOT-FOR-US: IBM
-CVE-2014-6187 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM ...)
+CVE-2014-6187
 	NOT-FOR-US: IBM
-CVE-2014-6186 (IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before ...)
+CVE-2014-6186
 	NOT-FOR-US: IBM
-CVE-2014-6185 (dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before ...)
+CVE-2014-6185
 	NOT-FOR-US: IBM
 	NOTE: https://www-01.ibm.com/support/docview.wss?uid=swg21695715
-CVE-2014-6184 (Stack-based buffer overflow in dsmtca in the client in IBM Tivoli ...)
+CVE-2014-6184
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6183 (IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before ...)
+CVE-2014-6183
 	NOT-FOR-US: IBM Security Network Protection
-CVE-2014-6182 (Directory traversal vulnerability in an export function in the Process ...)
+CVE-2014-6182
 	NOT-FOR-US: IBM
-CVE-2014-6181 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before ...)
+CVE-2014-6181
 	NOT-FOR-US: IBM
-CVE-2014-6180 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2014-6180
 	NOT-FOR-US: IBM
-CVE-2014-6179 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2014-6179
 	NOT-FOR-US: IBM
-CVE-2014-6178 (Cross-site scripting (XSS) vulnerability in the widgets in IBM ...)
+CVE-2014-6178
 	NOT-FOR-US: IBM
-CVE-2014-6177 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before ...)
+CVE-2014-6177
 	NOT-FOR-US: IBM
-CVE-2014-6176 (IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus ...)
+CVE-2014-6176
 	NOT-FOR-US: IBM
-CVE-2014-6175 (Cross-site scripting (XSS) vulnerability in IBM Marketing Operations ...)
+CVE-2014-6175
 	NOT-FOR-US: IBM Marketing Operations
-CVE-2014-6174 (IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before ...)
+CVE-2014-6174
 	NOT-FOR-US: IBM
-CVE-2014-6173 (Cross-site scripting (XSS) vulnerability in the Process Inspector in ...)
+CVE-2014-6173
 	NOT-FOR-US: IBM
-CVE-2014-6172 (IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to ...)
+CVE-2014-6172
 	NOT-FOR-US: IBM
-CVE-2014-6171 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
+CVE-2014-6171
 	NOT-FOR-US: IBM
-CVE-2014-6170 (The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 ...)
+CVE-2014-6170
 	NOT-FOR-US: IBM
-CVE-2014-6169 (Cross-site scripting (XSS) vulnerability in IBM Forms Experience ...)
+CVE-2014-6169
 	NOT-FOR-US: IBM Forms Experience Builder
-CVE-2014-6168 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...)
+CVE-2014-6168
 	NOT-FOR-US: IBM
-CVE-2014-6167 (Cross-site scripting (XSS) vulnerability in the URL rewriting feature ...)
+CVE-2014-6167
 	NOT-FOR-US: IBM
-CVE-2014-6166 (The Communications Enabled Applications (CEA) service in IBM WebSphere ...)
+CVE-2014-6166
 	NOT-FOR-US: IBM
 CVE-2014-6165
 	RESERVED
-CVE-2014-6164 (IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x ...)
+CVE-2014-6164
 	NOT-FOR-US: IBM
-CVE-2014-6163 (Cross-site scripting (XSS) vulnerability on the IBM WebSphere ...)
+CVE-2014-6163
 	NOT-FOR-US: IBM
 CVE-2014-6162
 	RESERVED
-CVE-2014-6161 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact ...)
+CVE-2014-6161
 	NOT-FOR-US: IBM
-CVE-2014-6160 (IBM WebSphere Service Registry and Repository (WSRR) 8.5 before ...)
+CVE-2014-6160
 	NOT-FOR-US: IBM
-CVE-2014-6159 (IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 ...)
+CVE-2014-6159
 	NOT-FOR-US: IBM
-CVE-2014-6158 (Multiple directory traversal vulnerabilities in the file-upload ...)
+CVE-2014-6158
 	NOT-FOR-US: IBM
 CVE-2014-6157
 	RESERVED
 CVE-2014-6156
 	RESERVED
-CVE-2014-6155 (Multiple directory traversal vulnerabilities in the ServiceRegistry UI ...)
+CVE-2014-6155
 	NOT-FOR-US: IBM
-CVE-2014-6154 (Directory traversal vulnerability in IBM Optim Performance Manager for ...)
+CVE-2014-6154
 	NOT-FOR-US: IBM Optim
-CVE-2014-6153 (The Web UI in IBM WebSphere Service Registry and Repository (WSRR) ...)
+CVE-2014-6153
 	NOT-FOR-US: IBM
-CVE-2014-6152 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli ...)
+CVE-2014-6152
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6151 (CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) ...)
+CVE-2014-6151
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6150 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Application ...)
+CVE-2014-6150
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2014-6149 (Directory traversal vulnerability in BIRT-viewer in IBM Tivoli ...)
+CVE-2014-6149
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2014-6148 (IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 ...)
+CVE-2014-6148
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2014-6147 (IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, ...)
+CVE-2014-6147
 	NOT-FOR-US: IBM FSM
-CVE-2014-6146 (IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the ...)
+CVE-2014-6146
 	NOT-FOR-US: IBM
-CVE-2014-6145 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos ...)
+CVE-2014-6145
 	NOT-FOR-US: IBM
-CVE-2014-6144 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
+CVE-2014-6144
 	NOT-FOR-US: IBM
-CVE-2014-6143 (The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 ...)
+CVE-2014-6143
 	NOT-FOR-US: IBM
 CVE-2014-6142
 	RESERVED
-CVE-2014-6141 (IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, ...)
+CVE-2014-6141
 	NOT-FOR-US: IBM
-CVE-2014-6140 (IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before ...)
+CVE-2014-6140
 	NOT-FOR-US: IBM Endpoint Manager Mobile Device Management Components
-CVE-2014-6139 (The Search REST API in IBM Business Process Manager 8.0.1.3, 8.5.0.1, ...)
+CVE-2014-6139
 	NOT-FOR-US: IBM BPM
-CVE-2014-6138 (The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 ...)
+CVE-2014-6138
 	NOT-FOR-US: IBM
-CVE-2014-6137 (Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page ...)
+CVE-2014-6137
 	NOT-FOR-US: IBM Endpoint Manager
-CVE-2014-6136 (IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports ...)
+CVE-2014-6136
 	NOT-FOR-US: IBM
-CVE-2014-6135 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before ...)
+CVE-2014-6135
 	NOT-FOR-US: IBM
-CVE-2014-6134 (IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, ...)
+CVE-2014-6134
 	NOT-FOR-US: IBM
-CVE-2014-6133 (IBM API Management 3.x before 3.0.1.0 allows local users to obtain ...)
+CVE-2014-6133
 	NOT-FOR-US: IBM API Management
-CVE-2014-6132 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2014-6132
 	NOT-FOR-US: IBM
-CVE-2014-6131 (IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative ...)
+CVE-2014-6131
 	NOT-FOR-US: IBM
-CVE-2014-6130 (The IBM Notes Traveler application before 9.0.1.3 for Android lacks a ...)
+CVE-2014-6130
 	NOT-FOR-US: IBM Notes Traveler application for Android
-CVE-2014-6129 (IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative ...)
+CVE-2014-6129
 	NOT-FOR-US: IBM
 CVE-2014-6128
 	RESERVED
 CVE-2014-6127
 	RESERVED
-CVE-2014-6126 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 ...)
+CVE-2014-6126
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-6125 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
+CVE-2014-6125
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2014-6124
 	RESERVED
-CVE-2014-6123 (IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through ...)
+CVE-2014-6123
 	NOT-FOR-US: IBM
-CVE-2014-6122 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before ...)
+CVE-2014-6122
 	NOT-FOR-US: IBM
-CVE-2014-6121 (Cross-site scripting (XSS) vulnerability in IBM Security AppScan ...)
+CVE-2014-6121
 	NOT-FOR-US: IBM
-CVE-2014-6120 (IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through ...)
+CVE-2014-6120
 	NOT-FOR-US: IBM Rational AppScan Source
-CVE-2014-6119 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before ...)
+CVE-2014-6119
 	NOT-FOR-US: IBM
 CVE-2014-6118
 	RESERVED
 CVE-2014-6117
 	RESERVED
-CVE-2014-6116 (The Telemetry Component in WebSphere MQ 8.0.0.1 before ...)
+CVE-2014-6116
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-6115 (IBM Rational Insight 1.1.1.5 allows remote attackers to bypass ...)
+CVE-2014-6115
 	NOT-FOR-US: IBM Rational Insight
-CVE-2014-6114 (The Hosted Transparent Decision Service in the Rule Execution Server ...)
+CVE-2014-6114
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-6113 (Cross-site scripting (XSS) vulnerability in the Web Reports component ...)
+CVE-2014-6113
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6112 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and ...)
+CVE-2014-6112
 	NOT-FOR-US: IBM
-CVE-2014-6111 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and ...)
+CVE-2014-6111
 	NOT-FOR-US: IBM
-CVE-2014-6110 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not ...)
+CVE-2014-6110
 	NOT-FOR-US: IBM
-CVE-2014-6109 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and ...)
+CVE-2014-6109
 	NOT-FOR-US: IBM
-CVE-2014-6108 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and ...)
+CVE-2014-6108
 	NOT-FOR-US: IBM
-CVE-2014-6107 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote ...)
+CVE-2014-6107
 	NOT-FOR-US: IBM
-CVE-2014-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...)
+CVE-2014-6106
 	NOT-FOR-US: IBM
-CVE-2014-6105 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote ...)
+CVE-2014-6105
 	NOT-FOR-US: IBM
 CVE-2014-6104
 	RESERVED
 CVE-2014-6103
 	RESERVED
-CVE-2014-6102 (IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before ...)
+CVE-2014-6102
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-6101 (Cross-site scripting (XSS) vulnerability in the redirect-login feature ...)
+CVE-2014-6101
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2014-6100 (Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli ...)
+CVE-2014-6100
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2014-6099 (The Change Password feature in IBM Sterling B2B Integrator 5.2.x ...)
+CVE-2014-6099
 	NOT-FOR-US: IBM Sterling
-CVE-2014-6098 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote ...)
+CVE-2014-6098
 	NOT-FOR-US: IBM
-CVE-2014-6097 (IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and ...)
+CVE-2014-6097
 	NOT-FOR-US: IBM
-CVE-2014-6096 (Cross-site scripting (XSS) vulnerability in IBM Security Identity ...)
+CVE-2014-6096
 	NOT-FOR-US: IBM
-CVE-2014-6095 (Directory traversal vulnerability in IBM Security Identity Manager 6.x ...)
+CVE-2014-6095
 	NOT-FOR-US: IBM
 CVE-2014-6094
 	RESERVED
-CVE-2014-6093 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x ...)
+CVE-2014-6093
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-6092 (IBM Curam Social Program Management (SPM) 5.2 before SP6 EP6, 6.0 SP2 ...)
+CVE-2014-6092
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-6091 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
+CVE-2014-6091
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-6090 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
+CVE-2014-6090
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-6089 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6089
 	NOT-FOR-US: IBM
-CVE-2014-6088 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6088
 	NOT-FOR-US: IBM
-CVE-2014-6087 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6087
 	NOT-FOR-US: IBM
-CVE-2014-6086 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6086
 	NOT-FOR-US: IBM
 CVE-2014-6085
 	RESERVED
-CVE-2014-6084 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6084
 	NOT-FOR-US: IBM
-CVE-2014-6083 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6083
 	NOT-FOR-US: IBM
-CVE-2014-6082 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6082
 	NOT-FOR-US: IBM
 CVE-2014-6081
 	RESERVED
-CVE-2014-6080 (SQL injection vulnerability in IBM Security Access Manager for Mobile ...)
+CVE-2014-6080
 	NOT-FOR-US: IBM
-CVE-2014-6079 (Cross-site scripting (XSS) vulnerability in the Local Management ...)
+CVE-2014-6079
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-6078 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6078
 	NOT-FOR-US: IBM
-CVE-2014-6077 (Cross-site request forgery (CSRF) vulnerability in IBM Security Access ...)
+CVE-2014-6077
 	NOT-FOR-US: IBM
-CVE-2014-6076 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security ...)
+CVE-2014-6076
 	NOT-FOR-US: IBM
-CVE-2014-6075 (IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch ...)
+CVE-2014-6075
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-6074 (IBM UrbanCode Deploy 6.1.0.2 before IF1 allows remote authenticated ...)
+CVE-2014-6074
 	NOT-FOR-US: IBM UrbanCode Deploy
 CVE-2014-6073
 	RESERVED
 CVE-2014-6072
 	RESERVED
-CVE-2014-6071 (jQuery 1.4.2 allows remote attackers to conduct cross-site scripting ...)
+CVE-2014-6071
 	- jquery 1.6.1-1
 	[squeeze] - jquery <no-dsa> (Only exploitable when following anti-patterns)
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=1136683#c2
@@ -10581,7 +10581,7 @@ CVE-2014-6066
 	RESERVED
 CVE-2014-6065
 	RESERVED
-CVE-2014-6064 (The Accounts tab in the administrative user interface in McAfee Web ...)
+CVE-2014-6064
 	NOT-FOR-US: McAfee Web Gateway
 CVE-2014-6063
 	RESERVED
@@ -10597,14 +10597,14 @@ CVE-2014-6057
 	RESERVED
 CVE-2014-6056
 	RESERVED
-CVE-2014-6055 (Multiple stack-based buffer overflows in the File Transfer feature in ...)
+CVE-2014-6055
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e
 	NOTE: https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677
 	NOTE: https://github.com/newsoft/libvncserver/commit/256964b884c980038cd8b2f0d180fbb295b1c748 (improvement)
 	NOTE: check for possible ABI break: https://bugzilla.redhat.com/show_bug.cgi?id=1144293#c2
-CVE-2014-6054 (The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c ...)
+CVE-2014-6054
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/05a9bd41a8ec0a9d580a8f420f41718bdd235446
@@ -10612,37 +10612,37 @@ CVE-2014-6054 (The rfbProcessClientNormalMessage function in libvncserver/rfbser
 	NOTE: https://github.com/newsoft/libvncserver/commit/5dee1cbcd83920370a487c4fd2718aa4d3eba548 (required for sparc)
 	NOTE: https://github.com/newsoft/libvncserver/commit/819481c5e2003cd36d002336c248de8c75de362e (hardening)
 	NOTE: https://github.com/newsoft/libvncserver/commit/e5d9b6a07257c12bf3b6242ddea79ea1c95353a8 (hardening)
-CVE-2014-6053 (The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c ...)
+CVE-2014-6053
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28
-CVE-2014-6052 (The HandleRFBServerMessage function in libvncclient/rfbproto.c in ...)
+CVE-2014-6052
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/85a778c0e45e87e35ee7199f1f25020648e8b812
-CVE-2014-6051 (Integer overflow in the MallocFrameBuffer function in vncviewer.c in ...)
+CVE-2014-6051
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273
-CVE-2014-6050 (phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA ...)
+CVE-2014-6050
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6049 (phpMyFAQ before 2.8.13 allows remote authenticated users with admin ...)
+CVE-2014-6049
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6048 (phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary ...)
+CVE-2014-6048
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6047 (phpMyFAQ before 2.8.13 allows remote authenticated users with certain ...)
+CVE-2014-6047
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6046 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ ...)
+CVE-2014-6046
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6045 (SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote ...)
+CVE-2014-6045
 	NOT-FOR-US: phpMyFAQ
 CVE-2014-6044
 	RESERVED
-CVE-2014-6043 (ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 ...)
+CVE-2014-6043
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
 CVE-2014-6042
 	RESERVED
-CVE-2014-6041 (The Android WebView in Android before 4.4 allows remote attackers to ...)
+CVE-2014-6041
 	NOT-FOR-US: Android Browser application
 CVE-2014-6039
 	RESERVED
@@ -10650,1031 +10650,1031 @@ CVE-2014-6039
 CVE-2014-6038
 	RESERVED
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2014-6037 (Directory traversal vulnerability in the agentUpload servlet in ZOHO ...)
+CVE-2014-6037
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
-CVE-2014-6036 (Directory traversal vulnerability in the multipartRequest servlet in ...)
+CVE-2014-6036
 	NOT-FOR-US: ZOHO
-CVE-2014-6035 (Directory traversal vulnerability in the FileCollector servlet in ZOHO ...)
+CVE-2014-6035
 	NOT-FOR-US: ZOHO
-CVE-2014-6034 (Directory traversal vulnerability in the ...)
+CVE-2014-6034
 	NOT-FOR-US: ZOHO
 CVE-2014-6033
 	REJECTED
-CVE-2014-6032 (Multiple XML External Entity (XXE) vulnerabilities in the ...)
+CVE-2014-6032
 	NOT-FOR-US: F5 Networks Big-IP
-CVE-2014-6031 (Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before ...)
+CVE-2014-6031
 	NOT-FOR-US: F5 BIG-IP systems
-CVE-2014-6030 (Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET ...)
+CVE-2014-6030
 	NOT-FOR-US: ClassApps SelectSurvey.NET
 CVE-2014-6026
 	RESERVED
-CVE-2014-6025 (The Chartboost library before 2.0.2 for Android does not verify X.509 ...)
+CVE-2014-6025
 	NOT-FOR-US: Chartboost library for Android
-CVE-2014-6024 (The Flurry library before 3.4.0 for Android does not verify X.509 ...)
+CVE-2014-6024
 	NOT-FOR-US: Flurry library for Android
-CVE-2014-6023 (The s-peek credit rating report (aka com.rhomobile.speek) application ...)
+CVE-2014-6023
 	NOT-FOR-US: s-peek credit rating report (aka com.rhomobile.speek) application for Android
-CVE-2014-6022 (The Versent Books (aka com.versentbooks) application 1.1.99 for ...)
+CVE-2014-6022
 	NOT-FOR-US: Versent Books (aka com.versentbooks) application for Android
-CVE-2014-6021 (The Harley-Davidson Visa (aka com.usbank.icsmobile.harleydavidson) ...)
+CVE-2014-6021
 	NOT-FOR-US: Harley-Davidson Visa (aka com.usbank.icsmobile.harleydavidson) application for Android
-CVE-2014-6020 (The Fuel Rewards Network (aka com.excentus.frn) application 1 for ...)
+CVE-2014-6020
 	NOT-FOR-US: Fuel Rewards Network (aka com.excentus.frn) application for Android
-CVE-2014-6019 (The psychology (aka com.alek.psychology) application 1.0.2 for Android ...)
+CVE-2014-6019
 	NOT-FOR-US: psychology (aka com.alek.psychology) application for Android
-CVE-2014-6018 (The global beauty research (aka com.appems.topgirl) application 1.6 ...)
+CVE-2014-6018
 	NOT-FOR-US: global beauty research (aka com.appems.topgirl) application for Android
-CVE-2014-6017 (The Doodle Drop (aka net.lazyer.DoodleDrop) application 1 for Android ...)
+CVE-2014-6017
 	NOT-FOR-US: Doodle Drop (aka net.lazyer.DoodleDrop) application for Android
-CVE-2014-6016 (The Celluloid (aka com.eurisko.celluloid) application 1.3 for Android ...)
+CVE-2014-6016
 	NOT-FOR-US: Celluloid (aka com.eurisko.celluloid) application for Android
-CVE-2014-6015 (The TuCarro (aka com.tucarro) application 2.0.5 for Android does not ...)
+CVE-2014-6015
 	NOT-FOR-US: TuCarro (aka com.tucarro) application for Android
-CVE-2014-6014 (The Conquest Of Fantasia (aka air.com.ingen.studios.cof.sg) ...)
+CVE-2014-6014
 	NOT-FOR-US: Conquest Of Fantasia (aka air.com.ingen.studios.cof.sg) application for Android
-CVE-2014-6013 (The nuSquare (aka tw.com.nuphoto.nusquare) application 1.0.78 for ...)
+CVE-2014-6013
 	NOT-FOR-US: nuSquare (aka tw.com.nuphoto.nusquare) application for Android
-CVE-2014-6012 (The Gravity Bounce (aka net.toddm.gb) application 1.1 for Android does ...)
+CVE-2014-6012
 	NOT-FOR-US: Gravity Bounce (aka net.toddm.gb) application for Android
-CVE-2014-6011 (The cutprice (aka kr.co.wedoit.cutprice) application 1.0.4 for Android ...)
+CVE-2014-6011
 	NOT-FOR-US: cutprice (aka kr.co.wedoit.cutprice) application for Android
-CVE-2014-6010 (The Rasta Weed Widgets HD (aka aw.awesomewidgets.rastaweed) ...)
+CVE-2014-6010
 	NOT-FOR-US: Rasta Weed Widgets HD (aka aw.awesomewidgets.rastaweed) application for Android
-CVE-2014-6009 (The Zombie Detector (aka com.jimmybolstad.zombiedetector) application ...)
+CVE-2014-6009
 	NOT-FOR-US: Zombie Detector (aka com.jimmybolstad.zombiedetector) application for Android
-CVE-2014-6008 (The Blitz Bingo (aka com.appMobi.sbbingo.app) application 2.3 for ...)
+CVE-2014-6008
 	NOT-FOR-US: Blitz Bingo (aka com.appMobi.sbbingo.app) application for Android
-CVE-2014-6007 (The LikeHero Get Instagram Likes (aka com.fraoula.likehero) ...)
+CVE-2014-6007
 	NOT-FOR-US: LikeHero Get Instagram Likes (aka com.fraoula.likehero) application for Android
-CVE-2014-6006 (The Gratta &amp; Vinci? (aka com.dreamstep.wGrattaevinci) application ...)
+CVE-2014-6006
 	NOT-FOR-US: Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application for Android
-CVE-2014-6005 (The Survey.com Mobile (aka com.survey.android) application 3.2.16 for ...)
+CVE-2014-6005
 	NOT-FOR-US: Survey.com Mobile (aka com.survey.android) application for Android
-CVE-2014-6004 (The Pocket Cam Photo Editor (aka mobi.pocketcam.editor) application 3 ...)
+CVE-2014-6004
 	NOT-FOR-US: Pocket Cam Photo Editor (aka mobi.pocketcam.editor) application for Android
-CVE-2014-6003 (The Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application ...)
+CVE-2014-6003
 	NOT-FOR-US: Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application for Android
-CVE-2014-6002 (The DTE Energy (aka com.dteenergy.mydte) application 3.0.3 for Android ...)
+CVE-2014-6002
 	NOT-FOR-US: DTE Energy (aka com.dteenergy.mydte) application for Android
-CVE-2014-6001 (The gewara (aka com.gewara) application 5.2.3 for Android does not ...)
+CVE-2014-6001
 	NOT-FOR-US: gewara (aka com.gewara) application for Android
-CVE-2014-6000 (The FreshDirect (aka com.freshdirect.android) application 2.7.1 for ...)
+CVE-2014-6000
 	NOT-FOR-US: FreshDirect (aka com.freshdirect.android) application for Android
-CVE-2014-5999 (The autonavi (aka com.telenav.doudouyou.android.autonavi) application ...)
+CVE-2014-5999
 	NOT-FOR-US: autonavi (aka com.telenav.doudouyou.android.autonavi) application for Android
-CVE-2014-5998 (The SkyDrive Assistant (aka com.dhh.sky) application 2.1 for Android ...)
+CVE-2014-5998
 	NOT-FOR-US: SkyDrive Assistant (aka com.dhh.sky) application for Android
-CVE-2014-5997 (The Auto Trader (aka za.co.autotrader.android.app) application 2 for ...)
+CVE-2014-5997
 	NOT-FOR-US: Auto Trader (aka za.co.autotrader.android.app) application for Android
-CVE-2014-5996 (The DEKRA Used Car Report (aka com.dekra.maengelreport) application ...)
+CVE-2014-5996
 	NOT-FOR-US: DEKRA Used Car Report (aka com.dekra.maengelreport) application for Android
-CVE-2014-5995 (The eWUS mobile (aka pl.dreryk.ewustest) application 1.4.5 for Android ...)
+CVE-2014-5995
 	NOT-FOR-US: eWUS mobile (aka pl.dreryk.ewustest) application for Android
-CVE-2014-5994 (The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application ...)
+CVE-2014-5994
 	NOT-FOR-US: ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application for Android
-CVE-2014-5993 (The MLB Preplay (aka com.preplay.android.mlb) application 5.4.2 for ...)
+CVE-2014-5993
 	NOT-FOR-US: MLB Preplay (aka com.preplay.android.mlb) application for Android
-CVE-2014-5992 (The successsecrets (aka com.alek.successsecrets) application 1.2.3 for ...)
+CVE-2014-5992
 	NOT-FOR-US: successsecrets (aka com.alek.successsecrets) application for Android
-CVE-2014-5991 (The Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) ...)
+CVE-2014-5991
 	NOT-FOR-US: Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) application for Android
-CVE-2014-5990 (The cookbible (aka net.bookjam.cookbible) application 1.0.0 for ...)
+CVE-2014-5990
 	NOT-FOR-US: cookbible (aka net.bookjam.cookbible) application for Android
-CVE-2014-5989 (The baby days (aka jp.co.cyberagent.babydays) application 1.5.8 for ...)
+CVE-2014-5989
 	NOT-FOR-US: baby days (aka jp.co.cyberagent.babydays) application for Android
-CVE-2014-5988 (The Azkend Gold (aka com.the10tons.azkend.gold) application 1.2.6 for ...)
+CVE-2014-5988
 	NOT-FOR-US: Azkend Gold (aka com.the10tons.azkend.gold) application for Android
-CVE-2014-5987 (The My3 - by 3HK (aka com.my3) application @7F0A0001 for Android does ...)
+CVE-2014-5987
 	NOT-FOR-US: My3 - by 3HK (aka com.my3) application for Android
-CVE-2014-5986 (The Educational Puzzles - Letters (aka com.EducationalPuzzlesLetters) ...)
+CVE-2014-5986
 	NOT-FOR-US: Educational Puzzles - Letters (aka com.EducationalPuzzlesLetters) application for Android
-CVE-2014-5985 (The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application ...)
+CVE-2014-5985
 	NOT-FOR-US: Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application for Android
-CVE-2014-5984 (The Little Dragons (aka com.playcomo.dragongame) application 1.0.256 ...)
+CVE-2014-5984
 	NOT-FOR-US: Little Dragons (aka com.playcomo.dragongame) application for Android
-CVE-2014-5983 (The Threadflip : Buy, Sell Fashion (aka com.threadflip.android) ...)
+CVE-2014-5983
 	NOT-FOR-US: Threadflip : Buy, Sell Fashion (aka com.threadflip.android) application for Android
-CVE-2014-5982 (The RunKeeper - GPS Track Run Walk (aka ...)
+CVE-2014-5982
 	NOT-FOR-US: RunKeeper - GPS Track Run Walk (aka com.fitnesskeeper.runkeeper.pro) application for Android
-CVE-2014-5981 (The MoWeather (aka com.moji.moweather) application 1.40.05 for Android ...)
+CVE-2014-5981
 	NOT-FOR-US: MoWeather (aka com.moji.moweather) application for Android
-CVE-2014-5980 (The Genertel (aka com.genertel) application 2.6.0 for Android does not ...)
+CVE-2014-5980
 	NOT-FOR-US: Genertel (aka com.genertel) application for Android
-CVE-2014-5979 (The TV Bengali Open Directory (aka com.TVBengali) application 1.4 for ...)
+CVE-2014-5979
 	NOT-FOR-US: TV Bengali Open Directory (aka com.TVBengali) application for Android
-CVE-2014-5978 (The memetan (aka memetan.android.com.activity) application 1.1.0 for ...)
+CVE-2014-5978
 	NOT-FOR-US: memetan (aka memetan.android.com.activity) application for Android
-CVE-2014-5977 (The Mobile Face (aka com.wFacemobile) application 0.74.13432.91159 for ...)
+CVE-2014-5977
 	NOT-FOR-US: Mobile Face (aka com.wFacemobile) application for Android
-CVE-2014-5976 (The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android ...)
+CVE-2014-5976
 	NOT-FOR-US: alibaba (aka com.alibaba.wireless) application for Android
-CVE-2014-5975 (The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android ...)
+CVE-2014-5975
 	NOT-FOR-US: eponyms (aka com.anddeveloper.eponyms) application for Android
-CVE-2014-5974 (The PSECU Mobile+ (aka com.Vertifi.Mobile.P231381116) application 2.2 ...)
+CVE-2014-5974
 	NOT-FOR-US: PSECU Mobile+ (aka com.Vertifi.Mobile.P231381116) application for Android
-CVE-2014-5973 (The Aquarium Advice (aka com.socialknowledge.aquariumadvice) ...)
+CVE-2014-5973
 	NOT-FOR-US: Aquarium Advice (aka com.socialknowledge.aquariumadvice) application for Android
-CVE-2014-5972 (The Loving - Couple Essential (aka com.xiaoenai.app) application 4.0.1 ...)
+CVE-2014-5972
 	NOT-FOR-US: Loving - Couple Essential (aka com.xiaoenai.app) application for Android
-CVE-2014-5971 (The Fiksu library for Android does not verify X.509 certificates from ...)
+CVE-2014-5971
 	NOT-FOR-US: Fiksu library for Android
-CVE-2014-5970 (The BabyBus (aka com.sinyee.babybus.concert.ru) application 3.91 for ...)
+CVE-2014-5970
 	NOT-FOR-US: BabyBus (aka com.sinyee.babybus.concert.ru) application for Android
-CVE-2014-5969 (The healthylifestyle (aka com.alek.healthylifestyle) application 1.2.2 ...)
+CVE-2014-5969
 	NOT-FOR-US: healthylifestyle (aka com.alek.healthylifestyle) application for Android
-CVE-2014-5968 (The iGolf - Golf GPS (aka com.igolf) application 20 for Android does ...)
+CVE-2014-5968
 	NOT-FOR-US: iGolf - Golf GPS (aka com.igolf) application for Android
-CVE-2014-5967 (The Designs Nail Arts (aka com.decoracionesnailart.flickr) application ...)
+CVE-2014-5967
 	NOT-FOR-US: Designs Nail Arts (aka com.decoracionesnailart.flickr) application for Android
-CVE-2014-5966 (The Dreamland Super Theme GO Gold (aka ...)
+CVE-2014-5966
 	NOT-FOR-US: Designs Nail Arts (aka com.decoracionesnailart.flickr) application for Android
-CVE-2014-5965 (The GrooveMusic (aka com.mobincube.android.sc_2HKFF) application 2.0.0 ...)
+CVE-2014-5965
 	NOT-FOR-US: GrooveMusic (aka com.mobincube.android.sc_2HKFF) application for Android
-CVE-2014-5964 (The MegaBank (aka com.megabank.mobilebank) application 2.0 for Android ...)
+CVE-2014-5964
 	NOT-FOR-US: MegaBank (aka com.megabank.mobilebank) application for Android
-CVE-2014-5963 (The Halieutics (aka com.corn.Halieutics) application 21.40.5 for ...)
+CVE-2014-5963
 	NOT-FOR-US: Halieutics (aka com.corn.Halieutics) application for Android
-CVE-2014-5962 (The Guess The Actor (aka com.gamelikeinc.actors) application 1.1 for ...)
+CVE-2014-5962
 	NOT-FOR-US: Guess The Actor (aka com.gamelikeinc.actors) application for Android
-CVE-2014-5961 (The russiananime (aka com.rareartifact.russiananime68A5CCFE) ...)
+CVE-2014-5961
 	NOT-FOR-US: russiananime (aka com.rareartifact.russiananime68A5CCFE) application for Android
-CVE-2014-5960 (The BundesArztsuche (aka de.kbv.bas) application 1.0.1 for Android ...)
+CVE-2014-5960
 	NOT-FOR-US: BundesArztsuche (aka de.kbv.bas) application for Android
-CVE-2014-5959 (The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android ...)
+CVE-2014-5959
 	NOT-FOR-US: tx Smart (aka com.wooriwm.txsmart) application for Android
-CVE-2014-5958 (The ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) ...)
+CVE-2014-5958
 	NOT-FOR-US: ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) application for Android
-CVE-2014-5957 (The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for ...)
+CVE-2014-5957
 	NOT-FOR-US: Alien War Survivors (aka com.ly.a13.gp) application for Android
-CVE-2014-5956 (The VPlayer Video Player (aka me.abitno.vplayer.t) application 3.2.6 ...)
+CVE-2014-5956
 	NOT-FOR-US: VPlayer Video Player (aka me.abitno.vplayer.t) application for Android
-CVE-2014-5955 (The Atomic Fusion (aka com.bytesized.fusion) application 1.7 for ...)
+CVE-2014-5955
 	NOT-FOR-US: Atomic Fusion (aka com.bytesized.fusion) application for Android
-CVE-2014-5954 (The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 ...)
+CVE-2014-5954
 	NOT-FOR-US: State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application for Android
-CVE-2014-5953 (The KASKUS (aka com.kaskus.android) application 2.13.0 for Android ...)
+CVE-2014-5953
 	NOT-FOR-US: KASKUS (aka com.kaskus.android) application for Android
-CVE-2014-5952 (The E-Dziennik (aka com.librus.dziennik) application 0.5.2 for Android ...)
+CVE-2014-5952
 	NOT-FOR-US: E-Dziennik (aka com.librus.dziennik) application for Android
-CVE-2014-5951 (The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for ...)
+CVE-2014-5951
 	NOT-FOR-US: SinoPac (aka com.sionpac.app.SinoPac) application for Android
-CVE-2014-5950 (The NOW (aka com.smtown.smtownnow.androidapp) application 0.9.8 for ...)
+CVE-2014-5950
 	NOT-FOR-US: NOW (aka com.smtown.smtownnow.androidapp) application for Android
-CVE-2014-5949 (The TICKET APP - Concerts &amp; Sports (aka com.xcr.android.ticketapp) ...)
+CVE-2014-5949
 	NOT-FOR-US: TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application for Android
-CVE-2014-5948 (The Obama for America (aka com.barackobama.ofa) application 1.02 for ...)
+CVE-2014-5948
 	NOT-FOR-US: Obama for America (aka com.barackobama.ofa) application for Android
-CVE-2014-5947 (The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for ...)
+CVE-2014-5947
 	NOT-FOR-US: psicofxp (aka com.tapatalk.psicofxpcom) application for Android
-CVE-2014-5946 (The forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) ...)
+CVE-2014-5946
 	NOT-FOR-US: forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) application for Android
-CVE-2014-5945 (The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 ...)
+CVE-2014-5945
 	NOT-FOR-US: Edline Mobile (aka com.wEdlineFree) application for Android
-CVE-2014-5944 (The Soccer Blitz (aka soccer.blitz) application 1.06 for Android does ...)
+CVE-2014-5944
 	NOT-FOR-US: Soccer Blitz (aka soccer.blitz) application for Android
-CVE-2014-5943 (The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta ...)
+CVE-2014-5943
 	NOT-FOR-US: LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application for Android
-CVE-2014-5942 (The Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) ...)
+CVE-2014-5942
 	NOT-FOR-US: Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) application for Android
-CVE-2014-5941 (The Armpit Spa &amp; Girl Games (aka com.freegames.spamakeover) ...)
+CVE-2014-5941
 	NOT-FOR-US: Armpit Spa & Girl Games (aka com.freegames.spamakeover) application for Android
-CVE-2014-5940 (The PocketPC.ch (aka com.tapatalk.pocketpcch) application 3.9.51 for ...)
+CVE-2014-5940
 	NOT-FOR-US: PocketPC.ch (aka com.tapatalk.pocketpcch) application for Android
-CVE-2014-5939 (The travelzadcomvb (aka com.tapatalk.travelzadcomvb) application ...)
+CVE-2014-5939
 	NOT-FOR-US: travelzadcomvb (aka com.tapatalk.travelzadcomvb) application for Android
-CVE-2014-5938 (The AllDealsAsia All Deals ADA app (aka com.ada.deals) application ...)
+CVE-2014-5938
 	NOT-FOR-US: AllDealsAsia All Deals ADA app (aka com.ada.deals) application for Android
-CVE-2014-5937 (The Social Networking (aka com.wSocialNetworkingSites) application ...)
+CVE-2014-5937
 	NOT-FOR-US: Social Networking (aka com.wSocialNetworkingSites) application for Android
-CVE-2014-5936 (The INCOgnito Private Browser (aka com.SL.InCoBrowser) application ...)
+CVE-2014-5936
 	NOT-FOR-US: INCOgnito Private Browser (aka com.SL.InCoBrowser) application for Android
-CVE-2014-5935 (The Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) ...)
+CVE-2014-5935
 	NOT-FOR-US: Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) application for Android
-CVE-2014-5934 (The Flurv Chat (aka com.flurv.android) application 4.3.3 for Android ...)
+CVE-2014-5934
 	NOT-FOR-US: Flurv Chat (aka com.flurv.android) application for Android
-CVE-2014-5933 (The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for ...)
+CVE-2014-5933
 	NOT-FOR-US: Coke Studio 7 (aka com.cokeshare.pakistan) application for Android
-CVE-2014-5932 (The Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) ...)
+CVE-2014-5932
 	NOT-FOR-US: Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) application for Android
-CVE-2014-5931 (The Stop &amp; Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) ...)
+CVE-2014-5931
 	NOT-FOR-US: Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) application for Android
-CVE-2014-5930 (The Store and Share (aka sg.com.singnet.mystorage.android) application ...)
+CVE-2014-5930
 	NOT-FOR-US: Store and Share (aka sg.com.singnet.mystorage.android) application for Android
-CVE-2014-5929 (The emartmall (aka kr.co.emart.emartmall) application 1.3.3 for ...)
+CVE-2014-5929
 	NOT-FOR-US: emartmall (aka kr.co.emart.emartmall) application for Android
-CVE-2014-5928 (The Steganos Online Shield VPN (aka com.steganos.onlineshield) ...)
+CVE-2014-5928
 	NOT-FOR-US: Steganos Online Shield VPN (aka com.steganos.onlineshield) application for Android
-CVE-2014-5927 (The FastCustomer -- Fast Customer (aka www.fastcustomer.com) ...)
+CVE-2014-5927
 	NOT-FOR-US: FastCustomer -- Fast Customer (aka www.fastcustomer.com) application for Android
-CVE-2014-5926 (The DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application ...)
+CVE-2014-5926
 	NOT-FOR-US: DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application for Android
-CVE-2014-5925 (The 10000 Kindle Books Downloads (aka ...)
+CVE-2014-5925
 	NOT-FOR-US: 10000 Kindle Books Downloads (aka com.ww10000KindleBooksLatestnBestSellers) application for Android
-CVE-2014-5924 (The Monster Makeup (aka com.bearhugmedia.android_monster) application ...)
+CVE-2014-5924
 	NOT-FOR-US: Monster Makeup (aka com.bearhugmedia.android_monster) application for Android
-CVE-2014-5923 (The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 ...)
+CVE-2014-5923
 	NOT-FOR-US: Facebook Status Via (aka com.StatusViaAdvanced) application for Android
-CVE-2014-5922 (The ga6748 (aka com.g.ga6748) application 1 for Android does not ...)
+CVE-2014-5922
 	NOT-FOR-US: ga6748 (aka com.g.ga6748) application for Android
-CVE-2014-5921 (The Need for Speed Network (aka com.ea.nfsautolog.bv) application ...)
+CVE-2014-5921
 	NOT-FOR-US: Need for Speed Network (aka com.ea.nfsautolog.bv) application for Android
-CVE-2014-5920 (The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for ...)
+CVE-2014-5920
 	NOT-FOR-US: VK Amberfog (aka com.amberfog.vkfree) application for Android
-CVE-2014-5919 (The SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application ...)
+CVE-2014-5919
 	NOT-FOR-US: SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application for Android
-CVE-2014-5918 (The Secret Circle - talk freely (aka com.easyxapp.secret) application ...)
+CVE-2014-5918
 	NOT-FOR-US: Secret Circle - talk freely (aka com.easyxapp.secret) application for Android
-CVE-2014-5917 (The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does ...)
+CVE-2014-5917
 	NOT-FOR-US: Slideshow 365 (aka com.Slideshow) application for Android
-CVE-2014-5916 (The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for ...)
+CVE-2014-5916
 	NOT-FOR-US: Minha Oi (aka br.com.mobicare.minhaoi) application for Android
-CVE-2014-5915 (The Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) ...)
+CVE-2014-5915
 	NOT-FOR-US: Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) application for Android
-CVE-2014-5914 (The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) ...)
+CVE-2014-5914
 	NOT-FOR-US: Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) application for Android
-CVE-2014-5913 (The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android ...)
+CVE-2014-5913
 	NOT-FOR-US: Allies in War (aka com.gamelion.aiw) application for Android
-CVE-2014-5912 (The InNote (aka com.intsig.notes) application 1.0.3.20131119 for ...)
+CVE-2014-5912
 	NOT-FOR-US: InNote (aka com.intsig.notes) application for Android
-CVE-2014-5911 (The Free App Icons &amp; Icon Packs (aka com.jellytap.cooliconfinder) ...)
+CVE-2014-5911
 	NOT-FOR-US: Free App Icons & Icon Packs (aka com.jellytap.cooliconfinder) application for Android
-CVE-2014-5910 (The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application ...)
+CVE-2014-5910
 	NOT-FOR-US: Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application for Android
-CVE-2014-5909 (The watcha (aka com.frograms.watcha) application 2.0.2 for Android ...)
+CVE-2014-5909
 	NOT-FOR-US: watcha (aka com.frograms.watcha) application for Android
-CVE-2014-5908 (The Kmart (aka com.kmart.android) application @7F0C00EF for Android ...)
+CVE-2014-5908
 	NOT-FOR-US: Kmart (aka com.kmart.android) application for Android
-CVE-2014-5907 (The Pet Salon (aka com.libiitech.petsalon) application 1.0.1 for ...)
+CVE-2014-5907
 	NOT-FOR-US: Pet Salon (aka com.libiitech.petsalon) application for Android
-CVE-2014-5906 (The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) ...)
+CVE-2014-5906
 	NOT-FOR-US: Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) application for Android
-CVE-2014-5905 (The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 ...)
+CVE-2014-5905
 	NOT-FOR-US: Grocery List - Tomatoes (aka com.meucarrinho) application for Android
-CVE-2014-5904 (The MiniInTheBox Online Shopping (aka com.miniinthebox.android) ...)
+CVE-2014-5904
 	NOT-FOR-US: MiniInTheBox Online Shopping (aka com.miniinthebox.android) application for Android
-CVE-2014-5903 (The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for ...)
+CVE-2014-5903
 	NOT-FOR-US: Mobile@Work (aka com.mobileiron) application for Android
-CVE-2014-5902 (The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) ...)
+CVE-2014-5902
 	NOT-FOR-US: UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application for Android
-CVE-2014-5901 (The Beauty Bible - App for Girls (aka com.my.beauty.bible) application ...)
+CVE-2014-5901
 	NOT-FOR-US: Beauty Bible - App for Girls (aka com.my.beauty.bible) application for Android
-CVE-2014-5900 (The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 ...)
+CVE-2014-5900
 	NOT-FOR-US: myHomework Student Planner (aka com.myhomeowork) application for Android
-CVE-2014-5899 (The Nespresso (aka com.nespresso.activities) application 2.4.1 for ...)
+CVE-2014-5899
 	NOT-FOR-US: Nespresso (aka com.nespresso.activities) application for Android
-CVE-2014-5898 (The Heavy Duty Truck Driver Simulator 3D (aka ...)
+CVE-2014-5898
 	NOT-FOR-US: Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application for Android
-CVE-2014-5897 (The Parallel Mafia MMORPG (aka com.perblue.pm.client) application ...)
+CVE-2014-5897
 	NOT-FOR-US: Parallel Mafia MMORPG (aka com.perblue.pm.client) application for Android
-CVE-2014-5896 (The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) ...)
+CVE-2014-5896
 	NOT-FOR-US: GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application for Android
-CVE-2014-5895 (The ShopYourWay (aka com.sears.shopyourway) application 1.9 for ...)
+CVE-2014-5895
 	NOT-FOR-US: ShopYourWay (aka com.sears.shopyourway) application for Android
-CVE-2014-5894 (The AireTalk: Text, Call, &amp; More! (aka com.pingshow.amper) application ...)
+CVE-2014-5894
 	NOT-FOR-US: AireTalk: Text, Call, & More! (aka com.pingshow.amper) application for Android
-CVE-2014-5893 (The froyo (aka com.shinsegae.mobile.froyo) application 5.1.3 for ...)
+CVE-2014-5893
 	NOT-FOR-US: froyo (aka com.shinsegae.mobile.froyo) application for Android
-CVE-2014-5892 (The greenbill (aka com.show.greenbill_G) application 2.0.3 for Android ...)
+CVE-2014-5892
 	NOT-FOR-US: greenbill (aka com.show.greenbill_G) application for Android
-CVE-2014-5891 (The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application ...)
+CVE-2014-5891
 	NOT-FOR-US: SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application for Android
-CVE-2014-5890 (The KBO sports2i 2014 (aka com.sports2i) application 5.1.00 for ...)
+CVE-2014-5890
 	NOT-FOR-US: KBO sports2i 2014 (aka com.sports2i) application for Android
-CVE-2014-5889 (The Android Forums (aka com.tapatalk.androidforumscom) application ...)
+CVE-2014-5889
 	NOT-FOR-US: Android Forums (aka com.tapatalk.androidforumscom) application for Android
-CVE-2014-5888 (The SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) ...)
+CVE-2014-5888
 	NOT-FOR-US: SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) application for Android
-CVE-2014-5887 (The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for ...)
+CVE-2014-5887
 	NOT-FOR-US: Yell Local Search (aka com.yell.launcher2) application for Android
-CVE-2014-5886 (The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 ...)
+CVE-2014-5886
 	NOT-FOR-US: iVysilani ceske televize (aka cz.motion.ivysilani) application for Android
-CVE-2014-5885 (The Disaster Alert (aka disasterAlert.PDC) application 3.2 for Android ...)
+CVE-2014-5885
 	NOT-FOR-US: Disaster Alert (aka disasterAlert.PDC) application for Android
-CVE-2014-5884 (The 1&amp;1 Online Storage (aka de.einsundeins.smartdrive) application ...)
+CVE-2014-5884
 	NOT-FOR-US: 1&1 Online Storage (aka de.einsundeins.smartdrive) application for Android
-CVE-2014-5883 (The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does ...)
+CVE-2014-5883
 	NOT-FOR-US: 7-ELEVEN (aka ecowork.seven) application for Android
-CVE-2014-5882 (The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does ...)
+CVE-2014-5882
 	NOT-FOR-US: Homoo Ijiri (aka jp.co.applica) application for Android
-CVE-2014-5881 (The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 ...)
+CVE-2014-5881
 	NOT-FOR-US: Yahoo! ybox application for android
-CVE-2014-5879 (The tvguide (aka kenneth.tvguide) application 1.9.14 for Android does ...)
+CVE-2014-5879
 	NOT-FOR-US: tvguide application for Android
-CVE-2014-5878 (The ium (aka net.ium.mobile.android) application 3.3.4 for Android ...)
+CVE-2014-5878
 	NOT-FOR-US: ium application for Android
-CVE-2014-5877 (The TV Guide (aka net.micene.minigroup.palimpsests.lite) application ...)
+CVE-2014-5877
 	NOT-FOR-US: TV Guide application for Android
-CVE-2014-5876 (The WD My Cloud (aka com.wdc.wd2go) application 4.0.0 for Android does ...)
+CVE-2014-5876
 	NOT-FOR-US: WD My Cloud application for Android
-CVE-2014-5875 (The Sylphone (aka com.sylpheo.prospectosyl) application 5.3.8 for ...)
+CVE-2014-5875
 	NOT-FOR-US: Sylphone application for Android
-CVE-2014-5874 (The SplashID (aka com.splashidandroid) application 7.2.2 for Android ...)
+CVE-2014-5874
 	NOT-FOR-US: SplashID application for Android
-CVE-2014-5873 (The Sears (aka com.sears.android) application 6.2.8 for Android does ...)
+CVE-2014-5873
 	NOT-FOR-US: Sears application for Android
-CVE-2014-5872 (The SafeNetMobile Pass (aka ...)
+CVE-2014-5872
 	NOT-FOR-US: SafeNetMobile Pass application for Android
-CVE-2014-5871 (The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for ...)
+CVE-2014-5871
 	NOT-FOR-US: Piwik Mobile 2 application for Android
-CVE-2014-5870 (The Kmart (aka com.kmart.android) application 6.2.8 for Android does ...)
+CVE-2014-5870
 	NOT-FOR-US: Kmart application for Android
-CVE-2014-5869 (The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for ...)
+CVE-2014-5869
 	NOT-FOR-US: CNNMoney Portfolio application for Android
-CVE-2014-5868 (The Cisco Technical Support (aka com.cisco.swtg_android) application ...)
+CVE-2014-5868
 	NOT-FOR-US: Cisco Technical Support application for Android
-CVE-2014-5867 (The Capital One Spark Pay (aka com.capitalone.sparkpay) application ...)
+CVE-2014-5867
 	NOT-FOR-US: Capital One Spark Pay application for Android
-CVE-2014-5866 (The CA DMV (aka gov.ca.dmv) application 2 for Android does not verify ...)
+CVE-2014-5866
 	NOT-FOR-US: CA DMV application for Android
-CVE-2014-5865 (The Ask.com (aka com.ask.android) application 2.2.5 for Android does ...)
+CVE-2014-5865
 	NOT-FOR-US: Ask.com application for Android
-CVE-2014-5864 (The Swish payments (aka se.bankgirot.swish) application 2 for Android ...)
+CVE-2014-5864
 	NOT-FOR-US: Swish payments application for Android
-CVE-2014-5863 (The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for ...)
+CVE-2014-5863
 	NOT-FOR-US: mpang.gp application for Android
-CVE-2014-5862 (The ecalendar2 (aka cn.etouch.ecalendar2) application 4.5.3 for ...)
+CVE-2014-5862
 	NOT-FOR-US: ecalendar2 application for Android
-CVE-2014-5861 (The BoyAhoy - Gay Chat (aka com.boyahoy.android) application 4.3.6 for ...)
+CVE-2014-5861
 	NOT-FOR-US: BoyAhoy application for Android
-CVE-2014-5860 (The Slide Show Creator (aka com.amem) application 4.4.3 for Android ...)
+CVE-2014-5860
 	NOT-FOR-US: Slide Show Creator application for Android
-CVE-2014-5859 (The Star Girl: Colors of Spring (aka ...)
+CVE-2014-5859
 	NOT-FOR-US: Star Girl application for Android
-CVE-2014-5858 (The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for ...)
+CVE-2014-5858
 	NOT-FOR-US: Candy Blast application for Android
-CVE-2014-5857 (The White &amp; Yellow Pages (aka com.avantar.wny) application 5.1.1 for ...)
+CVE-2014-5857
 	NOT-FOR-US: White & Yellow Pages application for Android
-CVE-2014-5856 (The Selfie Camera -Facial Beauty- (aka com.cfinc.cunpic) application ...)
+CVE-2014-5856
 	NOT-FOR-US: Selfie Camera application for Android
-CVE-2014-5855 (The CJmall (aka com.cjoshppingphone) application 4.1.8 for Android ...)
+CVE-2014-5855
 	NOT-FOR-US: CJmall application for Android
-CVE-2014-5854 (The Windows Live Hotmail PUSH mail (aka com.clearhub.wl) application ...)
+CVE-2014-5854
 	NOT-FOR-US: Windows Live Hotmail PUSH mail application for Android
-CVE-2014-5853 (The Knights N Squires (aka ...)
+CVE-2014-5853
 	NOT-FOR-US: Knights N Squires application for Android
-CVE-2014-5852 (The Kakao (aka ...)
+CVE-2014-5852
 	NOT-FOR-US: Kakao application for Android
-CVE-2014-5851 (The Dark Summoner (aka com.darksummoner) application 1.03.39 for ...)
+CVE-2014-5851
 	NOT-FOR-US: Dark Summoner application for Android
-CVE-2014-5850 (The Kaave Fali (aka com.didilabs.kaavefali) application 1.5.1 for ...)
+CVE-2014-5850
 	NOT-FOR-US: Kaave Fali application for Android
-CVE-2014-5849 (The Maleficent Free Fall (aka com.disney.maleficent_goo) application ...)
+CVE-2014-5849
 	NOT-FOR-US: Maleficent Free Fall application for Android
-CVE-2014-5848 (The Dubstep Hero (aka com.electricpunch.dubstephero) application 1.9 ...)
+CVE-2014-5848
 	NOT-FOR-US: Dubstep Hero application for Android
-CVE-2014-5847 (The Big Win Slots - Slot Machines (aka com.gosub60.BigWinSlots) ...)
+CVE-2014-5847
 	NOT-FOR-US: Big Win Slot application for Android
-CVE-2014-5846 (The Fairy Princess Makeover Salon (aka ...)
+CVE-2014-5846
 	NOT-FOR-US: Fairy Princess Makeover Salon application for Android
-CVE-2014-5845 (The Strike Fighters Israel (aka ...)
+CVE-2014-5845
 	NOT-FOR-US: Strike Fighers Israel application for Android
-CVE-2014-5844 (The Alsunna (aka com.wAlsunna) application 0.1 for Android does not ...)
+CVE-2014-5844
 	NOT-FOR-US: Alsunna application for Android
-CVE-2014-5843 (The ADP AGENCY Immobiliare (aka com.wAdpagencyAndroid) application 0.1 ...)
+CVE-2014-5843
 	NOT-FOR-US: ADP AGENCY Immobiliare application for Android
-CVE-2014-5842 (The 2G Live Tv (aka com.ww2GLiveTv) application 0.9 for Android does ...)
+CVE-2014-5842
 	NOT-FOR-US: 2G Live TV application for Android
-CVE-2014-5841 (The Girls Calendar Period&amp;Weight (aka jp.co.cybird.apps.lifestyle.cal) ...)
+CVE-2014-5841
 	NOT-FOR-US: Girls Calendar Period&Weight application for Android
-CVE-2014-5840 (The forfone: Free Calls &amp; Messages (aka com.forfone.sip) forfone ...)
+CVE-2014-5840
 	NOT-FOR-US: forfone application for Android
-CVE-2014-5839 (The Acces Compte (aka ...)
+CVE-2014-5839
 	NOT-FOR-US: Acces Compte application for Android
-CVE-2014-5838 (The Girls Games - Shoes Maker (aka com.g6677.android.shoemaker) ...)
+CVE-2014-5838
 	NOT-FOR-US: Girls Games application for Android
-CVE-2014-5837 (The My Railway (aka com.gameinsight.myrailway) application 1.1.33 for ...)
+CVE-2014-5837
 	NOT-FOR-US: My Railway application for Android
-CVE-2014-5836 (The GittiGidiyor (aka com.gittigidiyormobil) application 1.4.1 for ...)
+CVE-2014-5836
 	NOT-FOR-US: GittiGidiyor application for Android
-CVE-2014-5835 (The Club Personal (aka com.globant.clubpersonal) application 2.6 for ...)
+CVE-2014-5835
 	NOT-FOR-US: Club Personal application for Android
-CVE-2014-5834 (The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for ...)
+CVE-2014-5834
 	NOT-FOR-US: Solitaire Deluxe application for Android
-CVE-2014-5833 (The FriendCaster Chat (aka com.handmark.friendcaster.chat) application ...)
+CVE-2014-5833
 	NOT-FOR-US: Friendaster Chat application for Android
-CVE-2014-5832 (The hananbank (aka com.hanabank.ebk.channel.android.hananbank) ...)
+CVE-2014-5832
 	NOT-FOR-US: hananbank application for Android
-CVE-2014-5831 (The Hotel Story: Resort Simulation (aka com.happylabs.hotelstory) ...)
+CVE-2014-5831
 	NOT-FOR-US: Hotel Story application for Android
-CVE-2014-5830 (The Farm Frenzy Gold (aka com.herocraft.game.farmfrenzy.gold) ...)
+CVE-2014-5830
 	NOT-FOR-US: Farm Frenzy Gold application for Android
-CVE-2014-5829 (The Hobby Lobby Stores (aka com.hobbylobbystores.android) application ...)
+CVE-2014-5829
 	NOT-FOR-US: Hobby Lobby Stores application for Android
-CVE-2014-5828 (The 3Kundenzone (aka com.hutchison3g.at.android.selfcare) application ...)
+CVE-2014-5828
 	NOT-FOR-US: 3Kundenzone application for Android
-CVE-2014-5827 (The Ibotta - Better than Coupons. (aka com.ibotta.android) application ...)
+CVE-2014-5827
 	NOT-FOR-US: Ibotta application for Android
-CVE-2014-5826 (The Rix GO Locker Theme (aka ...)
+CVE-2014-5826
 	NOT-FOR-US: Rix GO Locker Theme application for Android
-CVE-2014-5825 (The Guess The Movie (aka com.june.guessthemovie) application 2.982 for ...)
+CVE-2014-5825
 	NOT-FOR-US: Guess The Movie application for Android
-CVE-2014-5824 (The longjiang (aka com.longjiang.kr) application 2.0.6 for Android ...)
+CVE-2014-5824
 	NOT-FOR-US: longjiang application for Android
-CVE-2014-5823 (The The Cleaner - Speed up &amp; Clean (aka com.liquidum.thecleaner) ...)
+CVE-2014-5823
 	NOT-FOR-US: The Cleaner application for Android
-CVE-2014-5822 (The VK Kate Mobile (aka com.perm.kate) application 9.6.1 for Android ...)
+CVE-2014-5822
 	NOT-FOR-US: VK Kate Mobile application for Android
-CVE-2014-5821 (The Guitar Tuner Free - GuitarTuna (aka com.ovelin.guitartuna) ...)
+CVE-2014-5821
 	NOT-FOR-US: Guitar Tuner Free application for Android
-CVE-2014-5820 (The OkCupid Dating (com.okcupid.okcupid) application 3.4.6 for Android ...)
+CVE-2014-5820
 	NOT-FOR-US: OkCupid Dating application for Android
-CVE-2014-5819 (The PHONE for Google Voice &amp; GTalk (aka com.moplus.gvphone) ...)
+CVE-2014-5819
 	NOT-FOR-US: PHONE for Google Voice & GTalk application for Android
-CVE-2014-5818 (The Tiny Tower (aka com.mobage.ww.a560.tinytower_android) application ...)
+CVE-2014-5818
 	NOT-FOR-US: Tiny Tower application for Android
-CVE-2014-5817 (The Mini Pets (aka com.miniclip.animalshelter) application 2.0.3 for ...)
+CVE-2014-5817
 	NOT-FOR-US: Mini Pets application for Android
-CVE-2014-5816 (The MeiPai (aka com.meitu.meipaimv) application 1.2.0 for Android does ...)
+CVE-2014-5816
 	NOT-FOR-US: MeiPai application for Android
-CVE-2014-5815 (The Solitaire Arena (aka com.mavenhut.solitaire) application 1.0.15 ...)
+CVE-2014-5815
 	NOT-FOR-US: Solitaire Arena application for Android
 CVE-2014-5814
 	REJECTED
-CVE-2014-5813 (The lostword (aka zozo.android.lostword) application 5.9 for Android ...)
+CVE-2014-5813
 	NOT-FOR-US: lostword application for Android
-CVE-2014-5812 (The VDM Officiel (aka vdm.activities) application 5 for Android does ...)
+CVE-2014-5812
 	NOT-FOR-US: VDM Officiel application for Android
-CVE-2014-5811 (The ZOOM Cloud Meetings (aka us.zoom.videomeetings) application ...)
+CVE-2014-5811
 	NOT-FOR-US: ZOOM cloud Meetings application for Android
-CVE-2014-5810 (The SGK Hizmet Dokumu 4a (aka tr.gov.sgk.hizmetDokumu4a) application ...)
+CVE-2014-5810
 	NOT-FOR-US: SGK Hizmet Dokumu 4a application for Android
-CVE-2014-5809 (The Smart Browser (aka smartbrowser.geniuscloud) application 2.0 for ...)
+CVE-2014-5809
 	NOT-FOR-US: Smart Browser (aka smartbrowser.geniuscloud) application for Android
-CVE-2014-5808 (The Whisper (aka sh.whisper) application 4.0.6 for Android does not ...)
+CVE-2014-5808
 	NOT-FOR-US: Whisper application for Android
-CVE-2014-5807 (The Safari Browser (aka safari.safaribrowser.internetexplorer) ...)
+CVE-2014-5807
 	NOT-FOR-US: Safari Browser application for Android
-CVE-2014-5806 (The World of Tanks Assistant (aka ru.worldoftanks.mobile) application ...)
+CVE-2014-5806
 	NOT-FOR-US: World of Tanks Assistant application for Android
-CVE-2014-5805 (The Dating for everyone - Mamba! (aka ru.mamba.client) application 3.5 ...)
+CVE-2014-5805
 	NOT-FOR-US: Dating for everyone - Mamba! application for Android
-CVE-2014-5804 (The Mail.Ru Dating (aka ru.mail.love) application 3 for Android does ...)
+CVE-2014-5804
 	NOT-FOR-US: Mail.Ru Dating application for Android
-CVE-2014-5803 (The Towers N' Trolls (aka project.android.ftdjni) application 1.6.4 ...)
+CVE-2014-5803
 	NOT-FOR-US: Towers N' Trolls application for Android
-CVE-2014-5802 (The PlayScape (aka playscape.mominis.gameconsole.com) application ...)
+CVE-2014-5802
 	NOT-FOR-US: PlayScape application for Android
-CVE-2014-5801 (The DataGard VPN + AV (aka ocshield.com) application @7F050013 for ...)
+CVE-2014-5801
 	NOT-FOR-US: DataGard VPN + AV application for Android
-CVE-2014-5800 (The smart.nhibzbanking (aka nh.smart.nhibzbanking) application 2.1 for ...)
+CVE-2014-5800
 	NOT-FOR-US: smart.nhibzbanking application for Android
-CVE-2014-5799 (The smart.card (aka nh.smart.card) application 3.2 for Android does ...)
+CVE-2014-5799
 	NOT-FOR-US: smart.card application for Android
-CVE-2014-5798 (The smart.calculator (aka nh.smart.calculator) application 2 for ...)
+CVE-2014-5798
 	NOT-FOR-US: smart.calculator application for Android
-CVE-2014-5797 (The smart (aka nh.smart) application 3.0.5 for Android does not verify ...)
+CVE-2014-5797
 	NOT-FOR-US: smart application for Android
-CVE-2014-5796 (The Chest Workout (aka net.p4p.chest) application 2.0.8 for Android ...)
+CVE-2014-5796
 	NOT-FOR-US: Chest workout application for Android
-CVE-2014-5794 (The 8 Minutes Abs Workout (aka net.p4p.absen) application 2.0.9 for ...)
+CVE-2014-5794
 	NOT-FOR-US: 8 Minutes Abs Workout application for Android
-CVE-2014-5793 (The Bilgi Yarisi (aka net.mobilecraft.bilgiyarisi) application 1.8 for ...)
+CVE-2014-5793
 	NOT-FOR-US: Bilgi Yarisi application for Android
-CVE-2014-5792 (The Reign of Dragons: Build-Battle (aka ...)
+CVE-2014-5792
 	NOT-FOR-US: Reign of Dragons application for Android
-CVE-2014-5791 (The Daum Cloud (aka net.daum.android.cloud) application 1.6.18 for ...)
+CVE-2014-5791
 	NOT-FOR-US: Daum cloud application for Android
-CVE-2014-5790 (The Pets Fun House (aka mominis.Generic_Android.Pets_Fun_House) ...)
+CVE-2014-5790
 	NOT-FOR-US: Pets Fun House application for Android
-CVE-2014-5789 (The Ninja Chicken Ooga Booga (aka ...)
+CVE-2014-5789
 	NOT-FOR-US: Nija Chicken Ooga Booga application for Android
-CVE-2014-5788 (The Ninja Chicken Adventure Island (aka ...)
+CVE-2014-5788
 	NOT-FOR-US: Ninja Chicken Adventure Island application for Android
-CVE-2014-5787 (The Ninja Chicken (aka mominis.Generic_Android.Ninja_Chicken) ...)
+CVE-2014-5787
 	NOT-FOR-US: Ninja Chicken application for Android
-CVE-2014-5786 (The Jewels &amp; Diamonds (aka ...)
+CVE-2014-5786
 	NOT-FOR-US: Jewels & Diamonds application for Android
-CVE-2014-5785 (The Bouncy Bill World-Cup (aka ...)
+CVE-2014-5785
 	NOT-FOR-US: Bouncy Bill World-Cup application for Android
-CVE-2014-5784 (The Bouncy Bill Seasons (aka ...)
+CVE-2014-5784
 	NOT-FOR-US: Bouncy Bill Seasons application for Android
-CVE-2014-5783 (The Bouncy Bill Monster Smasher ed (aka ...)
+CVE-2014-5783
 	NOT-FOR-US: Bouncy Bill Monster Smasher ed application for Android
-CVE-2014-5782 (The Bouncy Bill Halloween (aka ...)
+CVE-2014-5782
 	NOT-FOR-US: Bouncy Bill Halloween application for Android
-CVE-2014-5781 (The Bouncy Bill Easter Tales (aka ...)
+CVE-2014-5781
 	NOT-FOR-US: Bouncy Bill Easter Tales application for Android
-CVE-2014-5780 (The Bouncy Bill (aka mominis.Generic_Android.Bouncy_Bill) application ...)
+CVE-2014-5780
 	NOT-FOR-US: Bouncy Bill application for Android
-CVE-2014-5779 (The Jack'd - Gay Chat &amp; Dating (aka mobi.jackd.android) application ...)
+CVE-2014-5779
 	NOT-FOR-US: Jack'd - Gay Chat & Dating (aka mobi.jackd.android) application for Android
-CVE-2014-5778 (The Pou (aka me.pou.app) application 1.4.53 for Android does not ...)
+CVE-2014-5778
 	NOT-FOR-US: Pou (aka me.pou.app) application for Android
-CVE-2014-5777 (The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) ...)
+CVE-2014-5777
 	NOT-FOR-US: icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application for Android
-CVE-2014-5776 (The PlayMemories Online (aka jp.co.sony.tablet.PersonalSpace) ...)
+CVE-2014-5776
 	NOT-FOR-US: PlayMemories Online (aka jp.co.sony.tablet.PersonalSpace) application for Android
-CVE-2014-5775 (The Super Fast Browser (aka iron.web.jalepano.browser) application ...)
+CVE-2014-5775
 	NOT-FOR-US: Super Fast Browser (aka iron.web.jalepano.browser) application for Android
-CVE-2014-5774 (The Web Browser &amp; Explorer (aka internetexplorer.browser.webexplorer) ...)
+CVE-2014-5774
 	NOT-FOR-US: Web Browser & Explorer (aka internetexplorer.browser.webexplorer) application for Android
-CVE-2014-5773 (The RegisteredAssistant (aka Icr.RegisteredAssistant) application ...)
+CVE-2014-5773
 	NOT-FOR-US: RegisteredAssistant (aka Icr.RegisteredAssistant) application for Android
-CVE-2014-5772 (The Government Bookstore (aka hksarg.isd.sop.govbookstore) application ...)
+CVE-2014-5772
 	NOT-FOR-US: Government Bookstore (aka hksarg.isd.sop.govbookstore) application for Android
-CVE-2014-5771 (The Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application 1.1 ...)
+CVE-2014-5771
 	NOT-FOR-US: Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application for Android
-CVE-2014-5770 (The Web Browser for Android (aka explore.web.browser) application 1.2 ...)
+CVE-2014-5770
 	NOT-FOR-US: Web Browser for Android (aka explore.web.browser) application for Android
-CVE-2014-5769 (The Mobiscope Local (aka ehs.mobiscope.kernel) application 1.05 for ...)
+CVE-2014-5769
 	NOT-FOR-US: Mobiscope Local (aka ehs.mobiscope.kernel) application for Android
-CVE-2014-5768 (The Food Planner (aka dk.boggie.madplan.android) application ...)
+CVE-2014-5768
 	NOT-FOR-US: Food Planner (aka dk.boggie.madplan.android) application for Android
-CVE-2014-5767 (The IM+ (aka de.shapeservices.impluslite) application 6.6.2 for ...)
+CVE-2014-5767
 	NOT-FOR-US: IM+ (aka de.shapeservices.impluslite) application for Android
-CVE-2014-5766 (The Uber B2B (aka de.mobileeventguide.uberb2b) application 1.9 for ...)
+CVE-2014-5766
 	NOT-FOR-US: Uber B2B (aka de.mobileeventguide.uberb2b) application for Android
-CVE-2014-5765 (The Paint for Friends (aka de.lotumlabs.buddypainting) application ...)
+CVE-2014-5765
 	NOT-FOR-US: Paint for Friends (aka de.lotumlabs.buddypainting) application for Android
-CVE-2014-5764 (The Antivirus Free (aka com.zrgiu.antivirus) application 7.2.16.02 for ...)
+CVE-2014-5764
 	NOT-FOR-US: Antivirus Free (aka com.zrgiu.antivirus) application for Android
-CVE-2014-5763 (The Kid Mode: Free Games + Lock (aka com.zoodles.kidmode) application ...)
+CVE-2014-5763
 	NOT-FOR-US: Kid Mode: Free Games + Lock (aka com.zoodles.kidmode) application for Android
-CVE-2014-5762 (The Cut the Rope: Time Travel (aka ...)
+CVE-2014-5762
 	NOT-FOR-US: Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application for Android
-CVE-2014-5761 (The Zipcar (aka com.zc.android) application 3.4.2 for Android does not ...)
+CVE-2014-5761
 	NOT-FOR-US: Zipcar (aka com.zc.android) application for Android
-CVE-2014-5760 (The Pizza Hut (aka com.yum.pizzahut) application 2.0.5 for Android ...)
+CVE-2014-5760
 	NOT-FOR-US: Pizza Hut (aka com.yum.pizzahut) application for Android
-CVE-2014-5759 (The Awesome Antivirus 2014 (aka com.yoursite.top5antivirus2014) ...)
+CVE-2014-5759
 	NOT-FOR-US: Awesome Antivirus 2014 (aka com.yoursite.top5antivirus2014) application for Android
-CVE-2014-5758 (The Yellow Pages Local Search (aka com.yellowbook.android2) ...)
+CVE-2014-5758
 	NOT-FOR-US: Yellow Pages Local Search (aka com.yellowbook.android2) application for Android
-CVE-2014-5757 (The Buy Tickets (aka com.xcr.android.buytickets) application 2.3 for ...)
+CVE-2014-5757
 	NOT-FOR-US: Buy Tickets (aka com.xcr.android.buytickets) application for Android
-CVE-2014-5756 (The Buy 99 Cents Only Products (aka com.ww99CentsOnlyStores) ...)
+CVE-2014-5756
 	NOT-FOR-US: Buy 99 Cents Only Products (aka com.ww99CentsOnlyStores) application for Android
-CVE-2014-5755 (The verizon (aka com.wverizonwirelessbill) application 0.1 for Android ...)
+CVE-2014-5755
 	NOT-FOR-US: verizon (aka com.wverizonwirelessbill) application for Android
-CVE-2014-5754 (The Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) ...)
+CVE-2014-5754
 	NOT-FOR-US: Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) application for Android
-CVE-2014-5753 (The Twitter No Background (aka com.wTwitternobackground) application ...)
+CVE-2014-5753
 	NOT-FOR-US: Twitter No Background (aka com.wTwitternobackground) application for Android
-CVE-2014-5752 (The wTradersActivity (aka com.wTradersActivity) application 0.1 for ...)
+CVE-2014-5752
 	NOT-FOR-US: wTradersActivity (aka com.wTradersActivity) application for Android
-CVE-2014-5751 (The Tor Browser the Short Guide (aka com.wTorShortUserManual) ...)
+CVE-2014-5751
 	NOT-FOR-US: Tor Browser the Short Guide (aka com.wTorShortUserManual) application for Android
-CVE-2014-5750 (The Pro Bet Tips (aka com.wProBetTips) application 0.2 for Android ...)
+CVE-2014-5750
 	NOT-FOR-US: Pro Bet Tips (aka com.wProBetTips) application for Android
-CVE-2014-5749 (The Jelly Splash (aka com.wooga.jelly_splash) application 1.11.3 for ...)
+CVE-2014-5749
 	NOT-FOR-US: Jelly Splash (aka com.wooga.jelly_splash) application for Android
-CVE-2014-5748 (The wK12olslogin (aka com.wK12olslogin) application 0.1 for Android ...)
+CVE-2014-5748
 	NOT-FOR-US: wK12olslogin (aka com.wK12olslogin) application for Android
-CVE-2014-5747 (The XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) ...)
+CVE-2014-5747
 	NOT-FOR-US: XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) application for Android
-CVE-2014-5746 (The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 ...)
+CVE-2014-5746
 	NOT-FOR-US: Government Best Jobs (aka com.wGovernmentBestJobs) application for Android
-CVE-2014-5745 (The FREE Pageplus Activation (aka com.wFREEPageplusActivations) ...)
+CVE-2014-5745
 	NOT-FOR-US: FREE Pageplus Activation (aka com.wFREEPageplusActivations) application for Android
-CVE-2014-5744 (The RE-VOLT 2 : MULTIPLAYER (aka com.wegoi.revolt2multiplayer) ...)
+CVE-2014-5744
 	NOT-FOR-US: RE-VOLT 2 : MULTIPLAYER (aka com.wegoi.revolt2multiplayer) application for Android
-CVE-2014-5743 (The RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) ...)
+CVE-2014-5743
 	NOT-FOR-US: RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) application for Android
-CVE-2014-5742 (The Eversnap Private Photo Album (aka com.weddingsnap.android) ...)
+CVE-2014-5742
 	NOT-FOR-US: Eversnap Private Photo Album (aka com.weddingsnap.android) application for Android
-CVE-2014-5741 (The Security - Complete (aka com.webroot.security.complete) ...)
+CVE-2014-5741
 	NOT-FOR-US: Security - Complete (aka com.webroot.security.complete) application for Android
-CVE-2014-5740 (The Security - Free (aka com.webroot.security) application 3.6.0.6610 ...)
+CVE-2014-5740
 	NOT-FOR-US: Security - Free (aka com.webroot.security) application for Android
-CVE-2014-5739 (The Garfield's Diner (aka com.webprancer.google.GarfieldsDiner) ...)
+CVE-2014-5739
 	NOT-FOR-US: Garfield's Diner (aka com.webprancer.google.GarfieldsDiner) application for Android
-CVE-2014-5738 (The Garfield's Defense (aka com.webprancer.google.garfieldDefense) ...)
+CVE-2014-5738
 	NOT-FOR-US: Garfield's Defense (aka com.webprancer.google.garfieldDefense) application for Android
-CVE-2014-5737 (The CDsoft (aka com.wCDSOFT) application 0.2 for Android does not ...)
+CVE-2014-5737
 	NOT-FOR-US: CDsoft (aka com.wCDSOFT) application for Android
-CVE-2014-5736 (The Buy Coins (aka com.wBuyCoins) application 0.62.13364.24150 for ...)
+CVE-2014-5736
 	NOT-FOR-US: Buy Coins (aka com.wBuyCoins) application for Android
-CVE-2014-5735 (The Buy A Gift (aka com.wBuyAGift) application 13529.90084 for Android ...)
+CVE-2014-5735
 	NOT-FOR-US: Buy A Gift (aka com.wBuyAGift) application for Android
-CVE-2014-5734 (The Buy Books (aka com.wBooksForSale) application 0.1 for Android does ...)
+CVE-2014-5734
 	NOT-FOR-US: Buy Books (aka com.wBooksForSale) application for Android
-CVE-2014-5733 (The Shop Love (aka com.waterwish.shoplove) application 1.05 for ...)
+CVE-2014-5733
 	NOT-FOR-US: Shop Love (aka com.waterwish.shoplove) application for Android
-CVE-2014-5732 (The Wamba - meet women and men (aka com.wamba.client) application 3 ...)
+CVE-2014-5732
 	NOT-FOR-US: Wamba - meet women and men (aka com.wamba.client) application for Android
-CVE-2014-5731 (The Word Search (aka com.virtuesoft.wordsearch) application 2.3.0 for ...)
+CVE-2014-5731
 	NOT-FOR-US: Word Search (aka com.virtuesoft.wordsearch) application for Android
-CVE-2014-5730 (The russkoe TB HD (aka com.videotelecom.russkoeHD) application 3.6 for ...)
+CVE-2014-5730
 	NOT-FOR-US: russkoe TB HD (aka com.videotelecom.russkoeHD) application for Android
-CVE-2014-5729 (The Viddy (aka com.viddy.Viddy) application 1.3.9 for Android does not ...)
+CVE-2014-5729
 	NOT-FOR-US: Viddy (aka com.viddy.Viddy) application for Android
-CVE-2014-5728 (The Vevo - Watch HD Music Videos (aka com.vevo) application 2.0.27 for ...)
+CVE-2014-5728
 	NOT-FOR-US: Vevo - Watch HD Music Videos (aka com.vevo) application for Android
-CVE-2014-5727 (The uTorrent Remote (aka com.utorrent.web) application 1.0.20110929 ...)
+CVE-2014-5727
 	NOT-FOR-US: uTorrent Remote (aka com.utorrent.web) application for Android
-CVE-2014-5726 (The Security Service myBranch App (aka com.tyfone.ssfcu.mbanking) ...)
+CVE-2014-5726
 	NOT-FOR-US: Security Service myBranch App (aka com.tyfone.ssfcu.mbanking) application for Android
-CVE-2014-5725 (The Truecaller - Caller ID &amp; Block (aka com.truecaller) application ...)
+CVE-2014-5725
 	NOT-FOR-US: Truecaller - Caller ID & Block (aka com.truecaller) application for Android
-CVE-2014-5724 (The Gambling Insider Magazine (aka com.triactivemedia.gambling) ...)
+CVE-2014-5724
 	NOT-FOR-US: Gambling Insider Magazine (aka com.triactivemedia.gambling) application for Android
-CVE-2014-5723 (The Trapster (aka com.trapster.android) application 4.3.2 for Android ...)
+CVE-2014-5723
 	NOT-FOR-US: Trapster (aka com.trapster.android) application for Android
-CVE-2014-5722 (The SwiftKey Keyboard + Emoji (aka com.touchtype.swiftkey) application ...)
+CVE-2014-5722
 	NOT-FOR-US: SwiftKey Keyboard + Emoji (aka com.touchtype.swiftkey) application for Android
-CVE-2014-5721 (The Touchnote Postcards (aka com.touchnote.android) application 4.2.7 ...)
+CVE-2014-5721
 	NOT-FOR-US: Touchnote Postcards (aka com.touchnote.android) application for Android
-CVE-2014-5720 (The Bike Race Free - Top Free Game (aka ...)
+CVE-2014-5720
 	NOT-FOR-US: Bike Race Free - Top Free Game (aka com.topfreegames.bikeracefreeworld) application for Android
-CVE-2014-5719 (The BIKE RACING 2014 (aka com.timuzsolutions.bikeracing2014) ...)
+CVE-2014-5719
 	NOT-FOR-US: BIKE RACING 2014 (aka com.timuzsolutions.bikeracing2014) application for Android
 CVE-2014-5718
 	REJECTED
-CVE-2014-5717 (The Fashion Style (aka com.thirtysixyougames.google.starGirlSingapore) ...)
+CVE-2014-5717
 	NOT-FOR-US: Fashion Style (aka com.thirtysixyougames.google.starGirlSingapore) application for Android
-CVE-2014-5716 (The GUNSHIP BATTLE : Helicopter 3D (aka com.theonegames.gunshipbattle) ...)
+CVE-2014-5716
 	NOT-FOR-US: GUNSHIP BATTLE : Helicopter 3D (aka com.theonegames.gunshipbattle) application for Android
-CVE-2014-5715 (The Street Racing (aka com.tgb.streetracing.lite5pp) application 4.0.4 ...)
+CVE-2014-5715
 	NOT-FOR-US: Street Racing (aka com.tgb.streetracing.lite5pp) application for Android
-CVE-2014-5714 (The Text Me! Free Texting &amp; Call (aka com.textmeinc.textme) ...)
+CVE-2014-5714
 	NOT-FOR-US: Text Me! Free Texting & Call (aka com.textmeinc.textme) application for Android
-CVE-2014-5713 (The Telly - Watch the good stuff (aka com.telly) application 2.5.1 for ...)
+CVE-2014-5713
 	NOT-FOR-US: Telly - Watch the good stuff (aka com.telly) application for Android
-CVE-2014-5712 (The Turbo River Racing Free (aka com.tektite.androidgames.trrfree) ...)
+CVE-2014-5712
 	NOT-FOR-US: Turbo River Racing Free (aka com.tektite.androidgames.trrfree) application for Android
-CVE-2014-5711 (The Microsoft Tech Companion (aka com.technet) application 1.0.6 for ...)
+CVE-2014-5711
 	NOT-FOR-US: Microsoft Tech Companion (aka com.technet) application for Android
-CVE-2014-5710 (The Cisco Class Locator Fast Lane (aka ...)
+CVE-2014-5710
 	NOT-FOR-US: Cisco Class Locator Fast Lane (aka com.tabletkings.mycompany.fastlane.cisco) application for Android
-CVE-2014-5709 (The Donut Maker (aka com.sunstorm.android.donut) application 1.27 for ...)
+CVE-2014-5709
 	NOT-FOR-US: Donut Maker (aka com.sunstorm.android.donut) application for Android
-CVE-2014-5708 (The Best Racing/moto Games Ranking (aka com.subapp.android.racing) ...)
+CVE-2014-5708
 	NOT-FOR-US: Best Racing/moto Games Ranking (aka com.subapp.android.racing) application for Android
-CVE-2014-5707 (The Bunny Run (aka com.stargirlgames.google.bunnyrun) application ...)
+CVE-2014-5707
 	NOT-FOR-US: Bunny Run (aka com.stargirlgames.google.bunnyrun) application for Android
-CVE-2014-5706 (The SomNote - Journal/Memo (aka com.somcloud.somnote) application ...)
+CVE-2014-5706
 	NOT-FOR-US: SomNote - Journal/Memo (aka com.somcloud.somnote) application for Android
-CVE-2014-5705 (The Sonic CD Lite (aka com.soa.sega.soniccdlite) application 1.0.4 for ...)
+CVE-2014-5705
 	NOT-FOR-US: Sonic CD Lite (aka com.soa.sega.soniccdlite) application for Android
-CVE-2014-5704 (The DISH Anywhere (aka com.sm.SlingGuide.Dish) application 3.5.10 for ...)
+CVE-2014-5704
 	NOT-FOR-US: DISH Anywhere (aka com.sm.SlingGuide.Dish) application for Android
-CVE-2014-5703 (The Slingo Lottery Challenge (aka com.slingo.slingolotterychallenge) ...)
+CVE-2014-5703
 	NOT-FOR-US: Slingo Lottery Challenge (aka com.slingo.slingolotterychallenge) application for Android
-CVE-2014-5702 (The Penguin Run (aka com.skyboard.google.penguinRun) application 1.1 ...)
+CVE-2014-5702
 	NOT-FOR-US: Penguin Run (aka com.skyboard.google.penguinRun) application for Android
-CVE-2014-5701 (The Skout: Chats. Friends. Fun. (aka com.skout.android) application ...)
+CVE-2014-5701
 	NOT-FOR-US: Skout: Chats. Friends. Fun. (aka com.skout.android) application for Android
-CVE-2014-5700 (The Brain lab - brain age games IQ (aka com.sixdead.brainlab) ...)
+CVE-2014-5700
 	NOT-FOR-US: Brain lab - brain age games IQ (aka com.sixdead.brainlab) application for Android
-CVE-2014-5699 (The Parallel Kingdom MMO (aka com.silvermoon.client) application ...)
+CVE-2014-5699
 	NOT-FOR-US: Parallel Kingdom MMO (aka com.silvermoon.client) application for Android
-CVE-2014-5698 (The Furdiburb (aka com.sheado.lite.pet) application 1.1.2 for Android ...)
+CVE-2014-5698
 	NOT-FOR-US: Furdiburb (aka com.sheado.lite.pet) application for Android
-CVE-2014-5697 (The Dress Up! Girl Party (aka com.sgn.DressUp.GirlParty) application 2 ...)
+CVE-2014-5697
 	NOT-FOR-US: Dress Up! Girl Party (aka com.sgn.DressUp.GirlParty) application for Android
-CVE-2014-5696 (The Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application ...)
+CVE-2014-5696
 	NOT-FOR-US: Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application for Android
-CVE-2014-5695 (The Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application ...)
+CVE-2014-5695
 	NOT-FOR-US: Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application for Android
-CVE-2014-5694 (The Scoutmob local deals &amp; events (aka com.scoutmob.ile) application ...)
+CVE-2014-5694
 	NOT-FOR-US: Scoutmob local deals & events (aka com.scoutmob.ile) application for Android
-CVE-2014-5693 (The Slots Vacation - FREE Slots (aka com.scopely.slotsvacation) ...)
+CVE-2014-5693
 	NOT-FOR-US: Slots Vacation - FREE Slots (aka com.scopely.slotsvacation) application for Android
-CVE-2014-5692 (The Safeway (aka com.safeway.client.android.safeway) application 4.1.0 ...)
+CVE-2014-5692
 	NOT-FOR-US: Safeway (aka com.safeway.client.android.safeway) application for Android
-CVE-2014-5691 (The Best Phone Security (aka com.rvappstudios.phonesecurity) ...)
+CVE-2014-5691
 	NOT-FOR-US: Best Phone Security (aka com.rvappstudios.phonesecurity) application for Android
-CVE-2014-5690 (The Runtastic Timer (aka com.runtastic.android.timer) application ...)
+CVE-2014-5690
 	NOT-FOR-US: Runtastic Timer (aka com.runtastic.android.timer) application for Android
-CVE-2014-5689 (The Runtastic Road Bike (aka com.runtastic.android.roadbike.lite) ...)
+CVE-2014-5689
 	NOT-FOR-US: Runtastic Road Bike (aka com.runtastic.android.roadbike.lite) application for Android
-CVE-2014-5688 (The Runtastic Pedometer (aka com.runtastic.android.pedometer.lite) ...)
+CVE-2014-5688
 	NOT-FOR-US: Runtastic Pedometer (aka com.runtastic.android.pedometer.lite) application for Android
-CVE-2014-5687 (The Runtastic Mountain Bike (aka ...)
+CVE-2014-5687
 	NOT-FOR-US: Runtastic Mountain Bike (aka com.runtastic.android.mountainbike.lite) application for Android
-CVE-2014-5686 (The Runtastic Me (aka com.runtastic.android.me.lite) application 1.0.2 ...)
+CVE-2014-5686
 	NOT-FOR-US: Runtastic Me (aka com.runtastic.android.me.lite) application for Android
-CVE-2014-5685 (The Runtastic Heart Rate (aka com.runtastic.android.heartrate.lite) ...)
+CVE-2014-5685
 	NOT-FOR-US: Runtastic Heart Rate (aka com.runtastic.android.heartrate.lite) application for Android
-CVE-2014-5684 (The Runtastic Running &amp; Fitness (aka com.runtastic.android) ...)
+CVE-2014-5684
 	NOT-FOR-US: Runtastic Running & Fitness (aka com.runtastic.android) application for Android
-CVE-2014-5683 (The Piano Teacher (aka com.rubycell.pianisthd) application 20140730 ...)
+CVE-2014-5683
 	NOT-FOR-US: Piano Teacher (aka com.rubycell.pianisthd) application for Android
-CVE-2014-5682 (The Retale - Weekly Ads &amp; Deals (aka com.retale.android) application ...)
+CVE-2014-5682
 	NOT-FOR-US: Retale - Weekly Ads & Deals (aka com.retale.android) application for Android
-CVE-2014-5681 (The XDA-Developers (aka com.quoord.tapatalkxda.activity) application ...)
+CVE-2014-5681
 	NOT-FOR-US: XDA-Developers (aka com.quoord.tapatalkxda.activity) application for Android
-CVE-2014-5680 (The Tapatalk (aka com.quoord.tapatalkpro.activity) application 4.8.0 ...)
+CVE-2014-5680
 	NOT-FOR-US: Tapatalk (aka com.quoord.tapatalkpro.activity) application for Android
-CVE-2014-5679 (The PopU 2: Get Likes on Instagram (aka com.popuapp.popu) application ...)
+CVE-2014-5679
 	NOT-FOR-US: PopU 2: Get Likes on Instagram (aka com.popuapp.popu) application for Android
-CVE-2014-5678 (The IQ Test (aka com.pophub.androidiqtest.free) application 3.3 for ...)
+CVE-2014-5678
 	NOT-FOR-US: IQ Test (aka com.pophub.androidiqtest.free) application for Android
-CVE-2014-5677 (The Point Inside Shopping &amp; Travel (aka com.pointinside.android.app) ...)
+CVE-2014-5677
 	NOT-FOR-US: Point Inside Shopping & Travel (aka com.pointinside.android.app) application for Android
-CVE-2014-5676 (The Township (aka com.playrix.township) application 1.5.1 for Android ...)
+CVE-2014-5676
 	NOT-FOR-US: Township (aka com.playrix.township) application for Android
-CVE-2014-5675 (The Phonegram - Instagram Download (aka com.pinssible.padgram) ...)
+CVE-2014-5675
 	NOT-FOR-US: Phonegram - Instagram Download (aka com.pinssible.padgram) application for Android
-CVE-2014-5674 (The PicsArt - Photo Studio (aka com.picsart.studio) application 4.5.5 ...)
+CVE-2014-5674
 	NOT-FOR-US: PicsArt - Photo Studio (aka com.picsart.studio) application for Android
-CVE-2014-5673 (The Easy Finder &amp; Anti-Theft (aka com.nqmobile.easyfinder) application ...)
+CVE-2014-5673
 	NOT-FOR-US: Easy Finder & Anti-Theft (aka com.nqmobile.easyfinder) application for Android
-CVE-2014-5672 (The NQ Mobile Security &amp; Antivirus (aka com.nqmobile.antivirus20) ...)
+CVE-2014-5672
 	NOT-FOR-US: NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application for Android
-CVE-2014-5671 (The Super Stickman Golf (aka com.noodlecake.ssg) application 2.2 for ...)
+CVE-2014-5671
 	NOT-FOR-US: Super Stickman Golf (aka com.noodlecake.ssg) application for Android
-CVE-2014-5670 (The SAS: Zombie Assault 3 (aka com.ninjakiwi.sas3zombieassault) ...)
+CVE-2014-5670
 	NOT-FOR-US: SAS: Zombie Assault 3 (aka com.ninjakiwi.sas3zombieassault) application for Android
-CVE-2014-5669 (The 9GAG - Funny pics and videos (aka com.ninegag.android.app) ...)
+CVE-2014-5669
 	NOT-FOR-US: 9GAG - Funny pics and videos (aka com.ninegag.android.app) application for Android
-CVE-2014-5668 (The BAND -Group sharing &amp; planning (aka com.nhn.android.band) ...)
+CVE-2014-5668
 	NOT-FOR-US: BAND -Group sharing & planning (aka com.nhn.android.band) application for Android
-CVE-2014-5667 (The Vault-Hide SMS, Pics &amp; Videos (aka com.netqin.ps) application ...)
+CVE-2014-5667
 	NOT-FOR-US: Vault-Hide SMS, Pics & Videos (aka com.netqin.ps) application for Android
-CVE-2014-5666 (The AVD Download Video (aka com.myboyfriendisageek.videocatcher.demo) ...)
+CVE-2014-5666
 	NOT-FOR-US: AVD Download Video (aka com.myboyfriendisageek.videocatcher.demo) application for Android
-CVE-2014-5665 (The Mzone Login (aka com.mr384.MzoneLogin) application 1.2.0 for ...)
+CVE-2014-5665
 	NOT-FOR-US: Mzone Login (aka com.mr384.MzoneLogin) application for Android
-CVE-2014-5664 (The Spider Solitaire (aka com.mobilityware.spider) application 3.0.0 ...)
+CVE-2014-5664
 	NOT-FOR-US: Spider Solitaire (aka com.mobilityware.spider) application for Android
-CVE-2014-5663 (The FreeCell Solitaire (aka com.mobilityware.freecell) application ...)
+CVE-2014-5663
 	NOT-FOR-US: FreeCell Solitaire (aka com.mobilityware.freecell) application for Android
-CVE-2014-5662 (The Rail Rush (aka com.miniclip.railrush) application 1.9.0 for ...)
+CVE-2014-5662
 	NOT-FOR-US: Rail Rush (aka com.miniclip.railrush) application for Android
-CVE-2014-5661 (The Anger of Stick 3 (aka com.miniclip.angerofstick3) application ...)
+CVE-2014-5661
 	NOT-FOR-US: Anger of Stick 3 (aka com.miniclip.angerofstick3) application for Android
-CVE-2014-5660 (The TN Members 1st FCU-RDC (aka com.metova.cuae.tmffcu) application ...)
+CVE-2014-5660
 	NOT-FOR-US: TN Members 1st FCU-RDC (aka com.metova.cuae.tmffcu) application for Android
-CVE-2014-5659 (The ASTRO File Manager with Cloud (aka com.metago.astro) application ...)
+CVE-2014-5659
 	NOT-FOR-US: ASTRO File Manager with Cloud (aka com.metago.astro) application for Android
-CVE-2014-5658 (The MercadoLibre (aka com.mercadolibre) application 3.8.7 for Android ...)
+CVE-2014-5658
 	NOT-FOR-US: MercadoLibre (aka com.mercadolibre) application for Android
-CVE-2014-5657 (The CA Lottery Results (aka com.matcho0.calotto) application 2.1 for ...)
+CVE-2014-5657
 	NOT-FOR-US: CA Lottery Results (aka com.matcho0.calotto) application for Android
-CVE-2014-5656 (The TRA Auctions for Buyers (aka com.manheim.tra) application 2.6 for ...)
+CVE-2014-5656
 	NOT-FOR-US: TRA Auctions for Buyers (aka com.manheim.tra) application for Android
-CVE-2014-5655 (The CM Browser - Fast &amp; Secure (aka com.ksmobile.cb) application ...)
+CVE-2014-5655
 	NOT-FOR-US: CM Browser - Fast & Secure (aka com.ksmobile.cb) application for Android
-CVE-2014-5654 (The Kaspersky Internet Security (aka com.kms.free) application ...)
+CVE-2014-5654
 	NOT-FOR-US: Kaspersky Internet Security (aka com.kms.free) application for Android
-CVE-2014-5653 (The Unblock Me FREE (aka com.kiragames.unblockmefree) application ...)
+CVE-2014-5653
 	NOT-FOR-US: Unblock Me FREE (aka com.kiragames.unblockmefree) application for Android
-CVE-2014-5652 (The Kicksend Photo Prints (aka com.kicksend.android.print) application ...)
+CVE-2014-5652
 	NOT-FOR-US: Kicksend Photo Prints (aka com.kicksend.android.print) application for Android
-CVE-2014-5651 (The Kicksend: Share &amp; Print Photos (aka com.kicksend.android) ...)
+CVE-2014-5651
 	NOT-FOR-US: Kicksend: Share & Print Photos (aka com.kicksend.android) application for Android
-CVE-2014-5650 (The Traffic Jam Free (aka com.jiuzhangtech.rushhour) application 1.7.7 ...)
+CVE-2014-5650
 	NOT-FOR-US: Traffic Jam Free (aka com.jiuzhangtech.rushhour) application for Android
-CVE-2014-5649 (The iLove - Free Dating &amp; Chat App (aka ...)
+CVE-2014-5649
 	NOT-FOR-US: iLove - Free Dating & Chat App (aka com.jestadigital.android.ilove) application for Android
-CVE-2014-5648 (The Chat, Flirt &amp; Dating Heart JAUMO (aka com.jaumo) application 2.7.5 ...)
+CVE-2014-5648
 	NOT-FOR-US: Chat, Flirt & Dating Heart JAUMO (aka com.jaumo) application for Android
-CVE-2014-5647 (The ISL Light Remote Desktop (aka ...)
+CVE-2014-5647
 	NOT-FOR-US: ISL Light Remote Desktop (aka com.islonline.isllight.mobile.android) application for Android
-CVE-2014-5646 (The AMC Security- Antivirus, Clean (aka com.iobit.mobilecare) ...)
+CVE-2014-5646
 	NOT-FOR-US: AMC Security- Antivirus, Clean (aka com.iobit.mobilecare) application for Android
-CVE-2014-5645 (The CamScanner -Phone PDF Creator (aka com.intsig.camscanner) ...)
+CVE-2014-5645
 	NOT-FOR-US: CamScanner -Phone PDF Creator (aka com.intsig.camscanner) application for Android
-CVE-2014-5644 (The Brightest LED Flashlight (aka ...)
+CVE-2014-5644
 	NOT-FOR-US: Brightest LED Flashlight (aka com.intellectualflame.ledflashlight.washer) application for Android
-CVE-2014-5643 (The Instachat -Instagram Messenger (aka com.instachat.android) ...)
+CVE-2014-5643
 	NOT-FOR-US: Instachat -Instagram Messenger (aka com.instachat.android) application for Android
-CVE-2014-5642 (The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android ...)
+CVE-2014-5642
 	NOT-FOR-US: IMPI Mobile Security (aka com.impi) application for Android
-CVE-2014-5641 (The Cloud Manager (aka com.ileaf.cloud_manager) application 1.6 for ...)
+CVE-2014-5641
 	NOT-FOR-US: Cloud Manager (aka com.ileaf.cloud_manager) application for Android
-CVE-2014-5640 (The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) ...)
+CVE-2014-5640
 	NOT-FOR-US: CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application for Android
-CVE-2014-5639 (The ADT Taxis (aka com.icabbi.adttaxisApp) application 6 for Android ...)
+CVE-2014-5639
 	NOT-FOR-US: ADT Taxis (aka com.icabbi.adttaxisApp) application for Android
-CVE-2014-5638 (The Huntington Mobile (aka com.huntington.m) application 2.1.222 for ...)
+CVE-2014-5638
 	NOT-FOR-US: Huntington Mobile (aka com.huntington.m) application for Android
-CVE-2014-5637 (The Eu Sei (aka com.guilardi.eusei) application eusei_android_5.5 for ...)
+CVE-2014-5637
 	NOT-FOR-US: Eu Sei (aka com.guilardi.eusei) application for Android
-CVE-2014-5636 (The Cloud Browser (aka com.granitamalta.cloudbrowser) application ...)
+CVE-2014-5636
 	NOT-FOR-US: Cloud Browser (aka com.granitamalta.cloudbrowser) application for Android
-CVE-2014-5635 (The Buy Yorkshire Conference (aka com.gotfocus.buyyorkshire) ...)
+CVE-2014-5635
 	NOT-FOR-US: Buy Yorkshire Conference (aka com.gotfocus.buyyorkshire) application for Android
-CVE-2014-5634 (The Madipass Martinique (aka com.goodbarber.madipassmartinique) ...)
+CVE-2014-5634
 	NOT-FOR-US: Madipass Martinique (aka com.goodbarber.madipassmartinique) application for Android
-CVE-2014-5633 (The Kiss Kiss Office (aka com.girlsgames123.kisskissoffice) ...)
+CVE-2014-5633
 	NOT-FOR-US: Kiss Kiss Office (aka com.girlsgames123.kisskissoffice) application for Android
-CVE-2014-5632 (The Mega Jump (aka com.getsetgames.megajump) application @7F080002 for ...)
+CVE-2014-5632
 	NOT-FOR-US: Mega Jump (aka com.getsetgames.megajump) application for Android
-CVE-2014-5631 (The Video Poker Casino (aka com.geaxgame.videopoker) application 1.0.5 ...)
+CVE-2014-5631
 	NOT-FOR-US: Video Poker Casino (aka com.geaxgame.videopoker) application for Android
-CVE-2014-5630 (The Home Repair (aka com.gcspublishing.houserepairtalk) application ...)
+CVE-2014-5630
 	NOT-FOR-US: Home Repair (aka com.gcspublishing.houserepairtalk) application for Android
-CVE-2014-5629 (The Stupid Zombies (aka com.gameresort.stupidzombies) application 1.12 ...)
+CVE-2014-5629
 	NOT-FOR-US: Stupid Zombies (aka com.gameresort.stupidzombies) application for Android
-CVE-2014-5628 (The Wonder Zoo - Animal rescue ! (aka ...)
+CVE-2014-5628
 	NOT-FOR-US: Wonder Zoo - Animal rescue ! (aka com.gameloft.android.ANMP.GloftZRHM) application for Android
-CVE-2014-5627 (The Ice Age Village (aka com.gameloft.android.ANMP.GloftIAHM) ...)
+CVE-2014-5627
 	NOT-FOR-US: Ice Age Village (aka com.gameloft.android.ANMP.GloftIAHM) application for Android
-CVE-2014-5626 (The Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) ...)
+CVE-2014-5626
 	NOT-FOR-US: Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) application for Android
-CVE-2014-5625 (The Perfect Kick (aka com.gamegou.PerfectKick.google) application ...)
+CVE-2014-5625
 	NOT-FOR-US: Perfect Kick (aka com.gamegou.PerfectKick.google) application for Android
-CVE-2014-5624 (The Sniper Shooter Free - Fun Game (aka ...)
+CVE-2014-5624
 	NOT-FOR-US: Sniper Shooter Free - Fun Game (aka com.fungamesforfree.snipershooter.free) application for Android
-CVE-2014-5623 (The penguinchefshop (aka com.freegames.penguinchefshop) application ...)
+CVE-2014-5623
 	NOT-FOR-US: penguinchefshop (aka com.freegames.penguinchefshop) application for Android
-CVE-2014-5622 (The Follow Mania for Instagram (aka com.followmania) application 1.2.1 ...)
+CVE-2014-5622
 	NOT-FOR-US: Follow Mania for Instagram (aka com.followmania) application for Android
-CVE-2014-5621 (The Office Zombie (aka com.fluik.OfficeZombieGoogleFree) application ...)
+CVE-2014-5621
 	NOT-FOR-US: Office Zombie (aka com.fluik.OfficeZombieGoogleFree) application for Android
-CVE-2014-5620 (The Office Jerk Free (aka com.fluik.OfficeJerkFree) application 1.7.13 ...)
+CVE-2014-5620
 	NOT-FOR-US: Office Jerk Free (aka com.fluik.OfficeJerkFree) application for Android
 CVE-2014-5619
 	REJECTED
-CVE-2014-5618 (The Cartoon Camera (aka com.fingersoft.cartooncamera) application ...)
+CVE-2014-5618
 	NOT-FOR-US: Cartoon Camera (aka com.fingersoft.cartooncamera) application for Android
-CVE-2014-5617 (The Exsoul Web Browser (aka com.exsoul) application 3.3.3 for Android ...)
+CVE-2014-5617
 	NOT-FOR-US: Exsoul Web Browser (aka com.exsoul) application for Android
-CVE-2014-5616 (The Web Browser &amp; Explorer (aka com.explore.web.browser) application ...)
+CVE-2014-5616
 	NOT-FOR-US: Web Browser & Explorer (aka com.explore.web.browser) application for Android
-CVE-2014-5615 (The Snap Secure (aka com.exclaim.snapsecure.app) application 9.5 for ...)
+CVE-2014-5615
 	NOT-FOR-US: Snap Secure (aka com.exclaim.snapsecure.app) application for Android
-CVE-2014-5614 (The Love Collage - Photo Editor (aka com.etoolkit.lovecollage) ...)
+CVE-2014-5614
 	NOT-FOR-US: Love Collage - Photo Editor (aka com.etoolkit.lovecollage) application for Android
-CVE-2014-5613 (The Able Remote (aka com.entertailion.android.remote) application ...)
+CVE-2014-5613
 	NOT-FOR-US: Able Remote (aka com.entertailion.android.remote) application for Android
-CVE-2014-5612 (The Gmarket (aka com.ebay.kr.gmarket) application 5.1.3 for Android ...)
+CVE-2014-5612
 	NOT-FOR-US: Gmarket (aka com.ebay.kr.gmarket) application for Android
-CVE-2014-5611 (The eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) ...)
+CVE-2014-5611
 	NOT-FOR-US: eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) application for Android
-CVE-2014-5610 (The ce4arab market (aka com.dreamstep.wce4arabmarket) application ...)
+CVE-2014-5610
 	NOT-FOR-US: ce4arab market (aka com.dreamstep.wce4arabmarket) application for Android
-CVE-2014-5609 (The Stickman Ski Racer (aka com.djinnworks.StickmanSkiRacer.free) ...)
+CVE-2014-5609
 	NOT-FOR-US: Stickman Ski Racer (aka com.djinnworks.StickmanSkiRacer.free) application for Android
-CVE-2014-5608 (The Line Runner (Free) (aka com.djinnworks.linerunnerfree) application ...)
+CVE-2014-5608
 	NOT-FOR-US: Line Runner (Free) (aka com.djinnworks.linerunnerfree) application for Android
-CVE-2014-5607 (The Where's My Water? Free (aka com.disney.WMWLite) application 1.9.1 ...)
+CVE-2014-5607
 	NOT-FOR-US: Where's My Water? Free (aka com.disney.WMWLite) application for Android
-CVE-2014-5606 (The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1 ...)
+CVE-2014-5606
 	NOT-FOR-US: Where's My Perry? Free (aka com.disney.WMPLite) application for Android
-CVE-2014-5605 (The QQ Copy (aka com.digimobistudio.qqcopy) application 1 for Android ...)
+CVE-2014-5605
 	NOT-FOR-US: QQ Copy (aka com.digimobistudio.qqcopy) application for Android
-CVE-2014-5604 (The Akinator the Genie FREE (aka ...)
+CVE-2014-5604
 	NOT-FOR-US: Akinator the Genie FREE (aka com.digidust.elokence.akinator.freemium) application for Android
-CVE-2014-5603 (The DeskRoll Remote Desktop (aka com.deskroll.client1) application 0.6 ...)
+CVE-2014-5603
 	NOT-FOR-US: DeskRoll Remote Desktop (aka com.deskroll.client1) application for Android
-CVE-2014-5602 (The Magzter -Magazine &amp; Book Store (aka com.dci.magzter) application ...)
+CVE-2014-5602
 	NOT-FOR-US: Magzter -Magazine & Book Store (aka com.dci.magzter) application for Android
-CVE-2014-5601 (The 1800CONTACTS App (aka com.contacts1800.ecomapp) application 2.7.0 ...)
+CVE-2014-5601
 	NOT-FOR-US: 1800CONTACTS App (aka com.contacts1800.ecomapp) application for Android
-CVE-2014-5600 (The familyconnect (aka com.comcast.plaxo.familyconnect.app) ...)
+CVE-2014-5600
 	NOT-FOR-US: familyconnect (aka com.comcast.plaxo.familyconnect.app) application for Android
-CVE-2014-5599 (The Tiny Farm (aka ...)
+CVE-2014-5599
 	NOT-FOR-US: Tiny Farm (aka com.com2us.tinyfarm.normal.freefull.google.global.android.common) application for Android
-CVE-2014-5598 (The Puzzle Family (aka ...)
+CVE-2014-5598
 	NOT-FOR-US: Puzzle Family (aka com.com2us.puzzlefamily.up.freefull.google.global.android.common) application for Android
-CVE-2014-5597 (The 9 Innings: 2014 Pro Baseball (aka ...)
+CVE-2014-5597
 	NOT-FOR-US: 9 Innings: 2014 Pro Baseball (aka com.com2us.nipb2013.normal.freefull.google.global.android.common) application for Android
-CVE-2014-5596 (The Homerun Battle 2 (aka ...)
+CVE-2014-5596
 	NOT-FOR-US: Homerun Battle 2 (aka com.com2us.homerunbattle2.normal.freefull.google.global.android.common) application for Android
-CVE-2014-5595 (The actionpuzzlefamily for Kakao (aka ...)
+CVE-2014-5595
 	NOT-FOR-US: actionpuzzlefamily for Kakao (aka com.com2us.actionpuzzlefamily.kakao.freefull.google.global.android.common) application for Android
-CVE-2014-5594 (The CIBC Mobile Banking (aka com.cibc.android.mobi) application 3.2 ...)
+CVE-2014-5594
 	NOT-FOR-US: CIBC Mobile Banking (aka com.cibc.android.mobi) application for Android
-CVE-2014-5593 (The Christian Dating Cafe (aka com.christiancafe.mobile.android) ...)
+CVE-2014-5593
 	NOT-FOR-US: Christian Dating Cafe (aka com.christiancafe.mobile.android) application for Android
-CVE-2014-5592 (The Free Dating Heart COL (aka com.choiceoflove.dating) application ...)
+CVE-2014-5592
 	NOT-FOR-US: Free Dating Heart COL (aka com.choiceoflove.dating) application for Android
-CVE-2014-5591 (The Frankly Chat (aka com.chatfrankly.android) application 3.0.1 for ...)
+CVE-2014-5591
 	NOT-FOR-US: Frankly Chat (aka com.chatfrankly.android) application for Android
-CVE-2014-5590 (The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for ...)
+CVE-2014-5590
 	NOT-FOR-US: Snake Evolution (aka com.btwgames.snake) application for Android
-CVE-2014-5589 (The Now Browser (Material) (aka com.browser.nowbasic) 2.8.1 ...)
+CVE-2014-5589
 	NOT-FOR-US: Now Browser (Material) (aka com.browser.nowbasic) 2.8.1 application for Android
-CVE-2014-5588 (The Free eBooks (aka com.bmfapps.freekindlebooks) application 14 for ...)
+CVE-2014-5588
 	NOT-FOR-US: Free eBooks (aka com.bmfapps.freekindlebooks) application for Android
-CVE-2014-5587 (The brokenscreencrank (aka com.biggame.brokenscreencrank) application ...)
+CVE-2014-5587
 	NOT-FOR-US: brokenscreencrank (aka com.biggame.brokenscreencrank) application for Android
-CVE-2014-5586 (The BIATNET (aka com.biatnet.mobile) application 1.1 for Android does ...)
+CVE-2014-5586
 	NOT-FOR-US: BIATNET (aka com.biatnet.mobile) application for Android
-CVE-2014-5585 (The Like4Like: Get Instagram Likes (aka com.bepop.bepop) application ...)
+CVE-2014-5585
 	NOT-FOR-US: Like4Like: Get Instagram Likes (aka com.bepop.bepop) application for Android
-CVE-2014-5584 (The Background Check BeenVerified (aka com.beenverified.android) ...)
+CVE-2014-5584
 	NOT-FOR-US: Background Check BeenVerified (aka com.beenverified.android) application for Android
-CVE-2014-5583 (The Most Popular Ringtones (aka com.bbs.mostpopularringtones) ...)
+CVE-2014-5583
 	NOT-FOR-US: Most Popular Ringtones (aka com.bbs.mostpopularringtones) application for Android
-CVE-2014-5582 (The Ingress Intel Helper (aka com.bb.ingressintel) application 1.2 for ...)
+CVE-2014-5582
 	NOT-FOR-US: Ingress Intel Helper (aka com.bb.ingressintel) application for Android
-CVE-2014-5581 (The mirror photo shape (aka com.baiwang.styleinstamirror) application ...)
+CVE-2014-5581
 	NOT-FOR-US: mirror photo shape (aka com.baiwang.styleinstamirror) application for Android
-CVE-2014-5580 (The BackgroundCheckProTool (aka com.BackgroundCheckProTool) ...)
+CVE-2014-5580
 	NOT-FOR-US: BackgroundCheckProTool (aka com.BackgroundCheckProTool) application for Android
-CVE-2014-5579 (The Anywhere Pad-Meet, Collaborate (aka com.azeus.anywherepad) ...)
+CVE-2014-5579
 	NOT-FOR-US: Anywhere Pad-Meet, Collaborate (aka com.azeus.anywherepad) application for Android
-CVE-2014-5578 (The Trading 212 FOREX (aka com.avuscapital.trading212) application ...)
+CVE-2014-5578
 	NOT-FOR-US: Trading 212 FOREX (aka com.avuscapital.trading212) application for Android
-CVE-2014-5577 (The AVON Buy &amp; Sell (aka com.AVONBeautyntheRep) application 0.3 for ...)
+CVE-2014-5577
 	NOT-FOR-US: AVON Buy & Sell (aka com.AVONBeautyntheRep) application for Android
-CVE-2014-5576 (The Avira Secure Backup (aka com.avira.avirabackup) application 1.2.3 ...)
+CVE-2014-5576
 	NOT-FOR-US: Avira Secure Backup (aka com.avira.avirabackup) application for Android
 CVE-2014-5575
 	REJECTED
-CVE-2014-5574 (The Ask.fm - Social Q&amp;A Network (aka com.askfm) application 1.2.4 for ...)
+CVE-2014-5574
 	NOT-FOR-US: Ask.fm - Social Q&A Network (aka com.askfm) application for Android
-CVE-2014-5573 (The Appstros - FREE Gift Cards! (aka com.appstros.main) application ...)
+CVE-2014-5573
 	NOT-FOR-US: Appstros - FREE Gift Cards! (aka com.appstros.main) application for Android
-CVE-2014-5572 (The Jazzpodium De Tor (aka com.appmakr.app273713) application 206160 ...)
+CVE-2014-5572
 	NOT-FOR-US: Jazzpodium De Tor (aka com.appmakr.app273713) application for Android
-CVE-2014-5571 (The Appeak Poker (aka com.appeak.poker) application 2.4.5 for Android ...)
+CVE-2014-5571
 	NOT-FOR-US: Appeak Poker (aka com.appeak.poker) application for Android
-CVE-2014-5570 (The DailyFinance - Stocks &amp; News (aka com.aol.mobile.dailyFinance) ...)
+CVE-2014-5570
 	NOT-FOR-US: DailyFinance - Stocks & News (aka com.aol.mobile.dailyFinance) application for Android
-CVE-2014-5569 (The Star Girl (aka com.animoca.google.starGirl) application 3.4.1 for ...)
+CVE-2014-5569
 	NOT-FOR-US: Star Girl (aka com.animoca.google.starGirl) application for Android
-CVE-2014-5568 (The Las Vegas Lottery Scratch Off (aka com.androkera.lottery) ...)
+CVE-2014-5568
 	NOT-FOR-US: Las Vegas Lottery Scratch Off (aka com.androkera.lottery) application for Android
-CVE-2014-5567 (The hasb_e_haal (aka com.anawaz.hasb_e_haal) application 1.0.9 for ...)
+CVE-2014-5567
 	NOT-FOR-US: hasb_e_haal (aka com.anawaz.hasb_e_haal) application for Android
-CVE-2014-5566 (The Selfshot - Front Flash Camera (aka com.americos.selfshot) ...)
+CVE-2014-5566
 	NOT-FOR-US: Selfshot - Front Flash Camera (aka com.americos.selfshot) application for Android
-CVE-2014-5565 (The GadgetTrak Mobile Security (aka com.activetrak.android.app) ...)
+CVE-2014-5565
 	NOT-FOR-US: GadgetTrak Mobile Security (aka com.activetrak.android.app) application for Android
-CVE-2014-5564 (The Angry Gran Toss (aka com.aceviral.angrygrantoss) application 1.1.1 ...)
+CVE-2014-5564
 	NOT-FOR-US: Angry Gran Toss (aka com.aceviral.angrygrantoss) application for Android
-CVE-2014-5563 (The Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application 1.4.6 ...)
+CVE-2014-5563
 	NOT-FOR-US: Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application for Android
-CVE-2014-5562 (The Coles Credit Card App (aka au.com.colesfinancialservices.mobile) ...)
+CVE-2014-5562
 	NOT-FOR-US: Coles Credit Card App (aka au.com.colesfinancialservices.mobile) application for Android
-CVE-2014-5561 (The Word Search Free (aka air.wordSearchFree) application 4.9 for ...)
+CVE-2014-5561
 	NOT-FOR-US: Word Search Free (aka air.wordSearchFree) application for Android
-CVE-2014-5560 (The Popscene (Music Industry Sim) (aka air.Popscene) application 1.04 ...)
+CVE-2014-5560
 	NOT-FOR-US: Popscene (Music Industry Sim) (aka air.Popscene) application for Android
-CVE-2014-5559 (The Kids GoldFish Care (aka air.josiane.sauveterre.kidsgoldfishcare) ...)
+CVE-2014-5559
 	NOT-FOR-US: Kids GoldFish Care (aka air.josiane.sauveterre.kidsgoldfishcare) application for Android
-CVE-2014-5558 (The Hard Time (Prison Sim) (aka air.HardTime) application 1.111 for ...)
+CVE-2014-5558
 	NOT-FOR-US: Hard Time (Prison Sim) (aka air.HardTime) application for Android
-CVE-2014-5557 (The America's Economy for Phone (aka ...)
+CVE-2014-5557
 	NOT-FOR-US: America's Economy for Phone (aka air.gov.census.mobile.phone.americaseconomy) application for Android
-CVE-2014-5556 (The Fly Fishing &amp; Fly Tying (aka air.com.yudu.ReaderAIR3209899) ...)
+CVE-2014-5556
 	NOT-FOR-US: Fly Fishing & Fly Tying (aka air.com.yudu.ReaderAIR3209899) application for Android
-CVE-2014-5555 (The Counting &amp; Addition Kids Games (aka ...)
+CVE-2014-5555
 	NOT-FOR-US: Counting & Addition Kids Games (aka air.com.tribalnova.ilearnwith.ipad.PokoAddEn) application for Android
-CVE-2014-5554 (The Fun Preschool Creativity Game (aka ...)
+CVE-2014-5554
 	NOT-FOR-US: Fun Preschool Creativity Game (aka air.com.tribalnova.ilearnwith.ipad.MotherAppEn) application for Android
-CVE-2014-5553 (The Kids Preschool Learning Games (aka ...)
+CVE-2014-5553
 	NOT-FOR-US: Kids Preschool Learning Games (aka air.com.tribalnova.ilearnwith.ipad.App3En) application for Android
-CVE-2014-5552 (The Numbers &amp; Addition! Math games (aka ...)
+CVE-2014-5552
 	NOT-FOR-US: Numbers & Addition! Math games (aka air.com.tribalnova.ilearnwith.ipad.App2En) application for Android
-CVE-2014-5551 (The Alphabet &amp; Spelling Kids Games (aka ...)
+CVE-2014-5551
 	NOT-FOR-US: Alphabet & Spelling Kids Games (aka air.com.tribalnova.ilearnwith.ipad.App1En) application for Android
-CVE-2014-5550 (The Animals! Kids Preschool Games (aka air.com.tribalnova.Animals) ...)
+CVE-2014-5550
 	NOT-FOR-US: Animals! Kids Preschool Games (aka air.com.tribalnova.Animals) application for Android
-CVE-2014-5549 (The Puppy Slots (aka air.com.starluxstudios.PuppySlotsFree) ...)
+CVE-2014-5549
 	NOT-FOR-US: Puppy Slots (aka air.com.starluxstudios.PuppySlotsFree) application for Android
-CVE-2014-5548 (The Christmas Words (aka air.com.sevenBulls.summerWords) application ...)
+CVE-2014-5548
 	NOT-FOR-US: Christmas Words (aka air.com.sevenBulls.summerWords) application for Android
-CVE-2014-5547 (The Mahjong Galaxy Space Lite (aka air.com.permadi.mahjongIris) ...)
+CVE-2014-5547
 	NOT-FOR-US: Mahjong Galaxy Space Lite (aka air.com.permadi.mahjongIris) application for Android
-CVE-2014-5546 (The Africa Memory (aka air.com.klon4enabor4e.AfricaMemory) application ...)
+CVE-2014-5546
 	NOT-FOR-US: Africa Memory (aka air.com.klon4enabor4e.AfricaMemory) application for Android
-CVE-2014-5545 (The Sprint jump (aka air.com.ilaz.appilas) application 1 for Android ...)
+CVE-2014-5545
 	NOT-FOR-US: Sprint jump (aka air.com.ilaz.appilas) application for Android
-CVE-2014-5544 (The SongPop (aka air.com.freshplanet.games.WaM) application 1.21.2 for ...)
+CVE-2014-5544
 	NOT-FOR-US: SongPop (aka air.com.freshplanet.games.WaM) application for Android
-CVE-2014-5543 (The Hidden Object - Alice Free (aka ...)
+CVE-2014-5543
 	NOT-FOR-US: Hidden Object - Alice Free (aka air.com.differencegames.hovisionsofalicefree) application for Android
-CVE-2014-5542 (The Hidden Object Mystery (aka ...)
+CVE-2014-5542
 	NOT-FOR-US: Hidden Object Mystery (aka air.com.differencegames.hodetectivemysteryfree) application for Android
-CVE-2014-5541 (The Hidden Memory - Aladdin FREE! (aka ...)
+CVE-2014-5541
 	NOT-FOR-US: Hidden Memory - Aladdin FREE! (aka air.com.differencegames.hmaladdinfree) application for Android
-CVE-2014-5540 (The Flick a Trade (aka air.com.cygnecode.fat) application 3.3 for ...)
+CVE-2014-5540
 	NOT-FOR-US: Flick a Trade (aka air.com.cygnecode.fat) application for Android
-CVE-2014-5539 (The Michael Baker FCU (aka air.com.creditunionhomebanking.mb155) ...)
+CVE-2014-5539
 	NOT-FOR-US: Michael Baker FCU (aka air.com.creditunionhomebanking.mb155) application for Android
-CVE-2014-5538 (The Westmoreland Water FCU (aka air.com.creditunionhomebanking.mb115) ...)
+CVE-2014-5538
 	NOT-FOR-US: Westmoreland Water FCU (aka air.com.creditunionhomebanking.mb115) application for Android
-CVE-2014-5537 (The Abduction Stacker Free (aka air.com.chewygames.abductionstacker2) ...)
+CVE-2014-5537
 	NOT-FOR-US: Abduction Stacker Free (aka air.com.chewygames.abductionstacker2) application for Android
-CVE-2014-5536 (The Bingo Bash - Free Bingo Casino (aka air.com.bitrhymes.bingo) ...)
+CVE-2014-5536
 	NOT-FOR-US: Bingo Bash - Free Bingo Casino (aka air.com.bitrhymes.bingo) application for Android
-CVE-2014-5535 (The Baby Get Up - Kids Care (aka air.brown.jordansa.getup) application ...)
+CVE-2014-5535
 	NOT-FOR-US: Baby Get Up - Kids Care (aka air.brown.jordansa.getup) application for Android
-CVE-2014-5534 (The Princess Shopping (aka air.android.PrincessShopping) application 2 ...)
+CVE-2014-5534
 	NOT-FOR-US: Princess Shopping (aka air.android.PrincessShopping) application for Android
 CVE-2014-5533
 	REJECTED
-CVE-2014-5532 (The Honolulu (aka adidas.jp.android.running.honolulu) application 2 ...)
+CVE-2014-5532
 	NOT-FOR-US: Honolulu (aka adidas.jp.android.running.honolulu) application for Android
-CVE-2014-5531 (The Abode (aka abode.webview) application 1.7 for Android does not ...)
+CVE-2014-5531
 	NOT-FOR-US: Abode (aka abode.webview) application for Android
 CVE-2014-5530
 	REJECTED
-CVE-2014-5529 (The Gameloft library for Android does not verify X.509 certificates ...)
+CVE-2014-5529
 	NOT-FOR-US: Gameloft library for Android
-CVE-2014-5528 (The Appsflyer library for Android does not verify X.509 certificates ...)
+CVE-2014-5528
 	NOT-FOR-US: Appsflyer library for Android
-CVE-2014-5527 (The Tapjoy library for Android does not verify X.509 certificates from ...)
+CVE-2014-5527
 	NOT-FOR-US: Tapjoy library for Android
-CVE-2014-5526 (The Inmobi library for Android does not verify X.509 certificates from ...)
+CVE-2014-5526
 	NOT-FOR-US: Inmobi library for Android
-CVE-2014-5525 (The MoMinis library for Android does not verify X.509 certificates ...)
+CVE-2014-5525
 	NOT-FOR-US: MoMinis library for Android
-CVE-2014-5524 (The Adcolony library for Android does not verify X.509 certificates ...)
+CVE-2014-5524
 	NOT-FOR-US: Adcolony library for Android
 CVE-2014-5523
 	REJECTED
 CVE-2014-5522
 	REJECTED
-CVE-2014-5521 (plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows ...)
+CVE-2014-5521
 	NOT-FOR-US: XRMS CRM
-CVE-2014-5520 (SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows ...)
+CVE-2014-5520
 	NOT-FOR-US: XRMS CRM
 CVE-2014-5518
 	RESERVED
@@ -11700,21 +11700,21 @@ CVE-2014-5511
 	- ntopng 1.2.1+dfsg1-1 (bug #760990)
 CVE-2014-5510
 	RESERVED
-CVE-2014-5508 (Multiple integer overflows in the HelpServ module (mod-helpserv.c) in ...)
+CVE-2014-5508
 	NOT-FOR-US: srvx (irc services)
-CVE-2014-5507 (iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full ...)
+CVE-2014-5507
 	NOT-FOR-US: iBackup
-CVE-2014-5506 (Double free vulnerability in SAP Crystal Reports allows remote ...)
+CVE-2014-5506
 	NOT-FOR-US: SAP Crystal Reports
-CVE-2014-5505 (Stack-based buffer overflow in SAP Crystal Reports allows remote ...)
+CVE-2014-5505
 	NOT-FOR-US: SAP Crystal Reports
-CVE-2014-5504 (SolarWinds Log and Event Manager before 6.0 uses &quot;static&quot; credentials, ...)
+CVE-2014-5504
 	NOT-FOR-US: SolarWinds
-CVE-2014-5503 (SQL injection vulnerability in the Guest Login Portal in the Sophos ...)
+CVE-2014-5503
 	NOT-FOR-US: Sophos Cyberoam CyberoamOS
-CVE-2014-5502 (The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows ...)
+CVE-2014-5502
 	NOT-FOR-US: Sophos Cyberoam CyberoamOS
-CVE-2014-5501 (Stack-based buffer overflow in the diagnose service in the Sophos ...)
+CVE-2014-5501
 	NOT-FOR-US: Sophos Cyberoam CyberoamOS
 CVE-2014-5500
 	RESERVED
@@ -11780,81 +11780,81 @@ CVE-2014-5468
 	RESERVED
 CVE-2014-5467
 	RESERVED
-CVE-2014-5466 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk ...)
+CVE-2014-5466
 	NOT-FOR-US: Splunk
-CVE-2014-5465 (Directory traversal vulnerability in force-download.php in the ...)
+CVE-2014-5465
 	NOT-FOR-US: WordPress plugin Download Shortcode
 CVE-2014-5463
 	RESERVED
-CVE-2014-5462 (Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and ...)
+CVE-2014-5462
 	NOT-FOR-US: OpenEMR
-CVE-2014-5460 (Unrestricted file upload vulnerability in the Tribulant Slideshow ...)
+CVE-2014-5460
 	NOT-FOR-US: Tribulant Slideshow Gallery plugin for WordPress
-CVE-2014-6269 (Multiple integer overflows in the http_request_forward_body function ...)
+CVE-2014-6269
 	- haproxy 1.5.4-1
 	[squeeze] - haproxy <not-affected> (Vulnerable code not present)
 	NOTE: http://article.gmane.org/gmane.comp.web.haproxy/17726
 	NOTE: http://article.gmane.org/gmane.comp.web.haproxy/18097
 	NOTE: http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c
-CVE-2014-5256 (Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider ...)
+CVE-2014-5256
 	- nodejs <unfixed> (unimportant; bug #760385)
 	NOTE: libv8 is not covered by security support
-CVE-2014-7402 (The SK encar (aka com.encardirect.app) application @7F050000 for ...)
+CVE-2014-7402
 	NOT-FOR-US: SK encar (aka com.encardirect.app) application for Android
-CVE-2014-6070 (Multiple cross-site scripting (XSS) vulnerabilities in Adiscon ...)
+CVE-2014-6070
 	- loganalyzer 3.6.6+dfsg-1 (bug #760372)
-CVE-2014-6029 (TorrentFlux 2.4 allows remote authenticated users to delete or modify ...)
+CVE-2014-6029
 	- torrentflux <removed> (bug #759573)
 	[wheezy] - torrentflux <no-dsa> (Minor issue)
 	[squeeze] - torrentflux <no-dsa> (Minor issue)
-CVE-2014-6028 (TorrentFlux 2.4 allows remote authenticated users to obtain other ...)
+CVE-2014-6028
 	- torrentflux <removed> (bug #759573)
 	[wheezy] - torrentflux <no-dsa> (Minor issue)
 	[squeeze] - torrentflux <no-dsa> (Minor issue)
-CVE-2014-6027 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 ...)
+CVE-2014-6027
 	- torrentflux <removed> (bug #759574)
 	[wheezy] - torrentflux <no-dsa> (Minor issue)
 	[squeeze] - torrentflux <no-dsa> (Minor issue)
-CVE-2014-6040 (GNU C Library (aka glibc) before 2.20 allows context-dependent ...)
+CVE-2014-6040
 	{DSA-3142-1 DLA-97-1}
 	- glibc 2.19-12
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Will be fixed in a point update)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17325
 	NOTE: https://sourceware.org/ml/libc-alpha/2014-08/msg00473.html
-CVE-2014-5519 (The Ploticus module in PhpWiki 1.5.0 allows remote attackers to ...)
+CVE-2014-5519
 	- phpwiki <removed>
-CVE-2014-5509 (clipedit in the Clipboard module for Perl allows local users to delete ...)
+CVE-2014-5509
 	- libclipboard-perl <not-affected> (Fixed with initial upload to Debian)
-CVE-2014-5458 (SQL injection vulnerability in sqrl_verify.php in php-sqrl allows ...)
+CVE-2014-5458
 	NOT-FOR-US: php-sqrl
-CVE-2014-5457 (QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, ...)
+CVE-2014-5457
 	NOT-FOR-US: QNAP
-CVE-2014-5456 (Cross-site scripting (XSS) vulnerability in the Social Stats module ...)
+CVE-2014-5456
 	NOT-FOR-US: Drupal Social Stats module
-CVE-2014-5455 (Unquoted Windows search path vulnerability in the ptservice service in ...)
+CVE-2014-5455
 	NOT-FOR-US: PrivateTunnel as bundled in OpenVPN
-CVE-2014-5454 (Unrestricted file upload vulnerability in the image upload module in ...)
+CVE-2014-5454
 	NOT-FOR-US: SAS Visual Analytics
-CVE-2014-5453 (Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: ...)
+CVE-2014-5453
 	NOT-FOR-US: Ubisoft Uplay PC
-CVE-2014-5452 (CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the ...)
+CVE-2014-5452
 	NOT-FOR-US: HL7 C-CDA
-CVE-2014-5451 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-5451
 	NOT-FOR-US: MODX Revolution
-CVE-2014-5446 (Directory traversal vulnerability in the DisplayChartPDF servlet in ...)
+CVE-2014-5446
 	NOT-FOR-US: ZOHO
-CVE-2014-5445 (Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine ...)
+CVE-2014-5445
 	NOT-FOR-US: ZOHO
-CVE-2014-5444 (Geary before 0.6.3 does not present the user with a warning when a TLS ...)
+CVE-2014-5444
 	- geary 0.6.3-1
 	NOTE: Upstream bugreport: https://bugzilla.gnome.org/show_bug.cgi?id=713247
 	NOTE: Upstream fix: https://git.gnome.org/browse/geary/commit/?h=geary-0.6&id=55f06a7bdcedb7efde6a516bde626ea28793ca7e
 CVE-2014-5442
 	RESERVED
-CVE-2014-5441 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-5441
 	NOT-FOR-US: Fat Free CRM
-CVE-2014-5440 (SQL injection vulnerability in Login.aspx in MPEX Business Solutions ...)
+CVE-2014-5440
 	NOT-FOR-US: MX-SmartTimer
 CVE-2014-5439
 	RESERVED
@@ -11862,9 +11862,9 @@ CVE-2014-5439
 	- sniffit 0.3.7.beta-20 (bug #845122)
 	[jessie] - sniffit 0.3.7.beta-17+deb8u1
 	NOTE: http://hmarco.org/bugs/CVE-2014-5439-sniffit_0.3.7-stack-buffer-overflow.html
-CVE-2014-5438 (Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT ...)
+CVE-2014-5438
 	NOT-FOR-US: Arris Touchstone
-CVE-2014-5437 (Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS ...)
+CVE-2014-5437
 	NOT-FOR-US: Arris Touchstone
 CVE-2014-5436
 	RESERVED
@@ -11878,101 +11878,101 @@ CVE-2014-5432
 	RESERVED
 CVE-2014-5431
 	RESERVED
-CVE-2014-5430 (Untrusted search path vulnerability in ABB RobotStudio 5.6x before ...)
+CVE-2014-5430
 	NOT-FOR-US: ABB RobotStudio
-CVE-2014-5429 (DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and ...)
+CVE-2014-5429
 	NOT-FOR-US: Elipse SCADA
-CVE-2014-5428 (Unrestricted file upload vulnerability in unspecified web services in ...)
+CVE-2014-5428
 	NOT-FOR-US: Johnson Controls Metasys
-CVE-2014-5427 (Johnson Controls Metasys 4.1 through 6.5, as used in Application and ...)
+CVE-2014-5427
 	NOT-FOR-US: Johnson Controls Metasys
-CVE-2014-5426 (MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote ...)
+CVE-2014-5426
 	NOT-FOR-US: MatrikonOPC
-CVE-2014-5425 (IOServer before Beta2112.exe allows remote attackers to cause a denial ...)
+CVE-2014-5425
 	NOT-FOR-US: IOServer
-CVE-2014-5424 (Rockwell Automation Connected Components Workbench (CCW) before ...)
+CVE-2014-5424
 	NOT-FOR-US: Rockwell Automation Connected Components Workbench
-CVE-2014-5423 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool before ...)
+CVE-2014-5423
 	NOT-FOR-US: CareFusion
-CVE-2014-5422 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool before ...)
+CVE-2014-5422
 	NOT-FOR-US: CareFusion
-CVE-2014-5421 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and ...)
+CVE-2014-5421
 	NOT-FOR-US: CareFusion
-CVE-2014-5420 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool before ...)
+CVE-2014-5420
 	NOT-FOR-US: CareFusion
-CVE-2014-5419 (GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware ...)
+CVE-2014-5419
 	NOT-FOR-US: GE Multilink
-CVE-2014-5418 (GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware ...)
+CVE-2014-5418
 	NOT-FOR-US: GE Multilink
-CVE-2014-5417 (Cross-site scripting (XSS) vulnerability in Meinberg NTP Server ...)
+CVE-2014-5417
 	NOT-FOR-US: Meinberg NTP Server firmware on LANTIME M-Series devices
 CVE-2014-5416
 	REJECTED
-CVE-2014-5415 (Beckhoff Embedded PC images before 2014-10-22 and Automation Device ...)
+CVE-2014-5415
 	NOT-FOR-US: Beckhoff Embedded PC image
-CVE-2014-5414 (Beckhoff Embedded PC images before 2014-10-22 and Automation Device ...)
+CVE-2014-5414
 	NOT-FOR-US: Beckhoff Embedded PC image
-CVE-2014-5413 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...)
+CVE-2014-5413
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5412 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...)
+CVE-2014-5412
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5411 (Multiple cross-site scripting (XSS) vulnerabilities in Schneider ...)
+CVE-2014-5411
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5410 (The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 ...)
+CVE-2014-5410
 	NOT-FOR-US: MicroLogix controller
-CVE-2014-5409 (The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE ...)
+CVE-2014-5409
 	NOT-FOR-US: GE Digital Energy Hydran
-CVE-2014-5408 (Cross-site scripting (XSS) vulnerability in the login script in the ...)
+CVE-2014-5408
 	NOT-FOR-US: Nordex Control 2
-CVE-2014-5407 (Multiple stack-based buffer overflows in Schneider Electric VAMPSET ...)
+CVE-2014-5407
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5406 (The Hospira LifeCare PCA Infusion System before 7.0 does not validate ...)
+CVE-2014-5406
 	NOT-FOR-US: Hospira LifeCare
-CVE-2014-5405 (Hospira MedNet before 6.1 uses a hardcoded cleartext password to ...)
+CVE-2014-5405
 	NOT-FOR-US: Hospira MedNet
 CVE-2014-5404
 	REJECTED
-CVE-2014-5403 (Hospira MedNet before 6.1 uses hardcoded cryptographic keys for ...)
+CVE-2014-5403
 	NOT-FOR-US: Hospira MedNet
 CVE-2014-5402
 	REJECTED
 CVE-2014-5401
 	RESERVED
-CVE-2014-5400 (The installation component in Hospira MedNet before 6.1 places ...)
+CVE-2014-5400
 	NOT-FOR-US: Hospira MedNet
-CVE-2014-5399 (SQL injection vulnerability in Schneider Electric Wonderware ...)
+CVE-2014-5399
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5398 (Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 ...)
+CVE-2014-5398
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5397 (Cross-site scripting (XSS) vulnerability in Schneider Electric ...)
+CVE-2014-5397
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5396 (The web interface in Schrack Technik microControl with firmware before ...)
+CVE-2014-5396
 	NOT-FOR-US: Schrack Technik microControl
-CVE-2014-5395 (Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei ...)
+CVE-2014-5395
 	NOT-FOR-US: Huawei Routers
-CVE-2014-5394 (Multiple Huawei Campus switches allow remote attackers to enumerate ...)
+CVE-2014-5394
 	NOT-FOR-US: Huawei
-CVE-2014-5393 (Directory traversal vulnerability in the JobScheduler Operations ...)
+CVE-2014-5393
 	NOT-FOR-US: JobScheduler
-CVE-2014-5392 (XML External Entity (XXE) vulnerability in JobScheduler before ...)
+CVE-2014-5392
 	NOT-FOR-US: JobScheduler
-CVE-2014-5391 (Cross-site scripting (XSS) vulnerability in the JobScheduler ...)
+CVE-2014-5391
 	NOT-FOR-US: JobScheduler
 CVE-2014-5390
 	RESERVED
-CVE-2014-5389 (SQL injection vulnerability in content-audit-schedule.php in the ...)
+CVE-2014-5389
 	NOT-FOR-US: WordPress plugin Content Audit
-CVE-2014-5387 (Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine ...)
+CVE-2014-5387
 	NOT-FOR-US: EllisLab ExpressionEngine Core
-CVE-2014-5386 (The mcrypt_create_iv function in ...)
+CVE-2014-5386
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-5385 (com/salesmanager/central/profile/ProfileAction.java in Shopizer 1.1.5 ...)
+CVE-2014-5385
 	NOT-FOR-US: Shopizer
-CVE-2014-5384 (The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 ...)
+CVE-2014-5384
 	NOT-FOR-US: iconv system library of FreeBSD and NetBSD
-CVE-2014-5383 (SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows ...)
+CVE-2014-5383
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-5472 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
+CVE-2014-5472
 	{DLA-103-1}
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
@@ -11980,7 +11980,7 @@ CVE-2014-5472 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c i
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=88
 	NOTE: https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
 	NOTE: commit contained first in v3.17-rc2
-CVE-2014-5471 (Stack consumption vulnerability in the parse_rock_ridge_inode_internal ...)
+CVE-2014-5471
 	{DLA-103-1}
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
@@ -11988,25 +11988,25 @@ CVE-2014-5471 (Stack consumption vulnerability in the parse_rock_ridge_inode_int
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=88
 	NOTE: https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
 	NOTE: commit contained first in v3.17-rc2
-CVE-2014-5464 (Cross-site scripting (XSS) vulnerability in the nDPI traffic ...)
+CVE-2014-5464
 	- ntopng 1.2.1+dfsg1-1 (bug #760990)
 	NOTE: http://seclists.org/fulldisclosure/2014/Aug/65
-CVE-2014-5459 (The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows ...)
+CVE-2014-5459
 	- php5 <removed> (unimportant; bug #682157; bug #759282)
 	NOTE: Although #682157 and #759282 got closed the issues with unsafe use of
 	NOTE: /tmp are not yet resolved, cf. https://bugs.debian.org/682157#36
 	NOTE: Neutralised by kernel hardening
-CVE-2014-5450 (Zarafa Collaboration Platform 4.1 uses world-readable permissions for ...)
+CVE-2014-5450
 	- zarafa <itp> (bug #658433)
-CVE-2014-5449 (Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for ...)
+CVE-2014-5449
 	- zarafa <itp> (bug #658433)
-CVE-2014-5448 (Zarafa 5.00 uses world-readable permissions for the files in the log ...)
+CVE-2014-5448
 	- zarafa <itp> (bug #658433)
-CVE-2014-5447 (Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions ...)
+CVE-2014-5447
 	- zarafa <itp> (bug #658433)
-CVE-2014-5443 (Seafile Server before 3.1.2 and Server Professional Edition before ...)
+CVE-2014-5443
 	- seafile <not-affected> (Fixed before initial upload to the archive)
-CVE-2014-5388 (Off-by-one error in the pci_read function in the ACPI PCI hotplug ...)
+CVE-2014-5388
 	- qemu 2.1+dfsg-5
 	[squeeze] - qemu <not-affected> (Introduced in 1.7)
 	[wheezy] - qemu <not-affected> (Introduced in 1.7)
@@ -12015,7 +12015,7 @@ CVE-2014-5388 (Off-by-one error in the pci_read function in the ACPI PCI hotplug
 	[wheezy] - qemu-kvm <not-affected> (Introduced in 1.7)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html
 	NOTE: Introduced in  http://git.qemu.org/?p=qemu.git;a=commit;h=db4728e6fec0364b866d3106125974eedc00e091
-CVE-2014-5382 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2014-5382
 	NOT-FOR-US: Schrack Technik microControl
 CVE-2014-5381
 	RESERVED
@@ -12025,11 +12025,11 @@ CVE-2014-5379
 	RESERVED
 CVE-2014-5378
 	RESERVED
-CVE-2014-5377 (ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 ...)
+CVE-2014-5377
 	NOT-FOR-US: ManageEngine DeviceExpert
-CVE-2014-5376 (Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0, when a ...)
+CVE-2014-5376
 	NOT-FOR-US: Adaptive Computing Moab
-CVE-2014-5375 (The server in Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 ...)
+CVE-2014-5375
 	NOT-FOR-US: Adaptive Computing Moab
 CVE-2014-5374
 	RESERVED
@@ -12039,9 +12039,9 @@ CVE-2014-5372
 	RESERVED
 CVE-2014-5371
 	RESERVED
-CVE-2014-5370 (Directory traversal vulnerability in the CFChart servlet ...)
+CVE-2014-5370
 	NOT-FOR-US: New Atlanta BlueDragon
-CVE-2014-5369 (Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption ...)
+CVE-2014-5369
 	- enigmail 2:1.7.2-1
 	[wheezy] - enigmail <not-affected> (Introduced in 1.7)
 	[squeeze] - enigmail <not-affected> (Introduced in 1.7)
@@ -12058,141 +12058,141 @@ CVE-2014-5364
 	RESERVED
 CVE-2014-5363
 	RESERVED
-CVE-2014-5362 (The admin interface in Landesk Management Suite 9.6 and earlier allows ...)
+CVE-2014-5362
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2014-5361 (Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk ...)
+CVE-2014-5361
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2014-5360 (Cross-site scripting (XSS) vulnerability in the admin interface in ...)
+CVE-2014-5360
 	NOT-FOR-US: LANDESK Management Suite
-CVE-2014-5359 (Directory traversal vulnerability in SafeNet Authentication Service ...)
+CVE-2014-5359
 	NOT-FOR-US: SafeNet Authentication Service
 CVE-2014-5358
 	RESERVED
 CVE-2014-5357
 	RESERVED
-CVE-2014-5355 (MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a ...)
+CVE-2014-5355
 	{DLA-1265-1}
 	- krb5 1.12.1+dfsg-18 (bug #778647)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/102bb6ebf20f9174130c85c3b052ae104e5073ec
-CVE-2014-5354 (plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka ...)
+CVE-2014-5354
 	- krb5 1.12.1+dfsg-16 (bug #773228)
 	[wheezy] - krb5 <not-affected> (do not expose a way for principal entries to have no long-term key material)
 	[squeeze] - krb5 <not-affected> (do not expose a way for principal entries to have no long-term key material)
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16
-CVE-2014-5353 (The krb5_ldap_get_password_policy_from_dn function in ...)
+CVE-2014-5353
 	{DLA-1265-1}
 	- krb5 1.12.1+dfsg-16 (bug #773226)
 	[squeeze] - krb5 <no-dsa> (Minor issue, needs elevated privileges to trigger crash)
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/d1f707024f1d0af6e54a18885322d70fa15ec4d3
-CVE-2014-5352 (The krb5_gss_process_context_token function in ...)
+CVE-2014-5352
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-5351 (The kadm5_randkey_principal_3 function in ...)
+CVE-2014-5351
 	{DLA-1265-1}
 	- krb5 1.12.1+dfsg-10 (bug #762479)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/af0ed4df4dfae762ab5fb605f5a0c8f59cb4f6ca
-CVE-2014-5350 (Multiple directory traversal vulnerabilities in Bitdefender ...)
+CVE-2014-5350
 	NOT-FOR-US: Bitdefender GravityZone
-CVE-2014-5349 (Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 ...)
+CVE-2014-5349
 	NOT-FOR-US: Baidu Spark Browser
-CVE-2014-5348 (Cross-site scripting (XSS) vulnerability in apps/zxtm/locallog.cgi in ...)
+CVE-2014-5348
 	NOT-FOR-US: Riverbed Stingray Traffic Manager Virtual Appliance
-CVE-2014-5347 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-5347
 	NOT-FOR-US: Disqus Comment System plugin for WordPress
-CVE-2014-5346 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-5346
 	NOT-FOR-US: Disqus Comment System plugin for WordPress
-CVE-2014-5345 (Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus ...)
+CVE-2014-5345
 	NOT-FOR-US: Disqus Comment System plugin for WordPress
-CVE-2014-5344 (Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud ...)
+CVE-2014-5344
 	NOT-FOR-US: Mobiloud (mobiloud-mobile-app-plugin) plugin for WordPress
-CVE-2014-5343 (Cross-site scripting (XSS) vulnerability in Feng Office allows remote ...)
+CVE-2014-5343
 	NOT-FOR-US: Feng Office
-CVE-2014-5342 (Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows ...)
+CVE-2014-5342
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-5341 (The SFTP external storage driver (files_external) in ownCloud Server ...)
+CVE-2014-5341
 	- owncloud 7~20140504+dfsg-1
 	NOTE: Only affects 5.x and 6.x, so marking first 7 release as fixed
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-019
-CVE-2014-5340 (The wato component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 ...)
+CVE-2014-5340
 	- check-mk 1.2.6p4-1 (bug #758883)
 	[wheezy] - check-mk <not-affected> (does not use pickle, vulnerable code not present)
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=192d41525502dc8de10ac99f57bd988450c17566
 	NOTE: introduces incompatible changes to older versions, see https://bugzilla.redhat.com/show_bug.cgi?id=1132337#c2
-CVE-2014-5339 (Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote ...)
+CVE-2014-5339
 	- check-mk 1.2.6p4-1 (bug #758883)
 	[wheezy] - check-mk <not-affected>  (Vulnerable code not present)
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7998aa4d53d2fef7302c0761b9c8f47e2f626e18
-CVE-2014-5338 (Multiple cross-site scripting (XSS) vulnerabilities in the multisite ...)
+CVE-2014-5338
 	- check-mk 1.2.6p4-1 (bug #758883)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=076468b10e660abdeaaaa6c459a4aa3ce8e07
-CVE-2014-5337 (The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not ...)
+CVE-2014-5337
 	NOT-FOR-US: WordPress plugin Mobile Pack
-CVE-2014-5335 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-5335
 	NOT-FOR-US: innovaphone PBX
-CVE-2014-5334 (FreeNAS before 9.3-M3 has a blank admin password, which allows remote ...)
+CVE-2014-5334
 	NOT-FOR-US: FreeNAS
-CVE-2014-5332 (Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local ...)
+CVE-2014-5332
 	- linux <not-affected> (drivers/video/tegra not present)
 	NOTE: http://googleprojectzero.blogspot.de/2015/01/exploiting-nvmap-to-escape-chrome.html
-CVE-2014-5331 (Cross-site scripting (XSS) vulnerability in Aflax allows remote ...)
+CVE-2014-5331
 	NOT-FOR-US: Aflax
-CVE-2014-5330 (Cross-site scripting (XSS) vulnerability in BirdBlog allows remote ...)
+CVE-2014-5330
 	NOT-FOR-US: BirdBlog
 CVE-2014-5329
 	RESERVED
-CVE-2014-5328 (Buffer overflow in the Webserver component on the Huawei E5332 router ...)
+CVE-2014-5328
 	NOT-FOR-US: Huawei router
-CVE-2014-5327 (Buffer overflow in the Webserver component on the Huawei E5332 router ...)
+CVE-2014-5327
 	NOT-FOR-US: Huawei router
-CVE-2014-5326 (Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) ...)
+CVE-2014-5326
 	- dwr <itp> (bug #601517)
-CVE-2014-5325 (The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) ...)
+CVE-2014-5325
 	- dwr <itp> (bug #601517)
-CVE-2014-5324 (Unrestricted file upload vulnerability in the N-Media file uploader ...)
+CVE-2014-5324
 	NOT-FOR-US: N-Media file uploader plugin for WordPress
-CVE-2014-5323 (The Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) ...)
+CVE-2014-5323
 	NOT-FOR-US: Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) application for Android
-CVE-2014-5322 (Cross-site scripting (XSS) vulnerability in the Instant Web Publish ...)
+CVE-2014-5322
 	NOT-FOR-US: FileMaker Pro
-CVE-2014-5321 (FileMaker Pro before 13 and Pro Advanced before 13 does not verify ...)
+CVE-2014-5321
 	NOT-FOR-US: FileMaker Pro
-CVE-2014-5320 (The Bump application for Android does not properly handle implicit ...)
+CVE-2014-5320
 	NOT-FOR-US: Bump application for Android
-CVE-2014-5319 (Directory traversal vulnerability in the S-Link SLFileManager ...)
+CVE-2014-5319
 	NOT-FOR-US: S-Link SLFileManager application for Android
-CVE-2014-5318 (The jigbrowser+ application 1.8.1 and earlier for iOS allows remote ...)
+CVE-2014-5318
 	NOT-FOR-US: jigbrowser+ application for iOS
-CVE-2014-5317 (Cross-site scripting (XSS) vulnerability in php365.com 365 Links 3.11 ...)
+CVE-2014-5317
 	NOT-FOR-US: php365.com components
-CVE-2014-5316 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.6.4 ...)
+CVE-2014-5316
 	- dotclear 2.6.4+dfsg-1
-CVE-2014-5315 (Cross-site scripting (XSS) vulnerability in the Help page in Adobe ...)
+CVE-2014-5315
 	NOT-FOR-US: Adobe
-CVE-2014-5314 (Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 ...)
+CVE-2014-5314
 	NOT-FOR-US: Cybozu Office
-CVE-2014-5313 (Cross-site scripting (XSS) vulnerability in the management page in Six ...)
+CVE-2014-5313
 	- movabletype-opensource <removed>
 	[wheezy] - movabletype-opensource <end-of-life> (Not supported in Wheezy)
-CVE-2014-5461 (Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through ...)
+CVE-2014-5461
 	{DSA-3016-1 DSA-3015-1 DLA-47-1}
 	- lua5.1 5.1.5-7
 	- lua5.2 5.2.3-1
 	NOTE: http://www.lua.org/bugs.html#5.2.2-1
 	NOTE: fixed in 5.2.3, see https://bugzilla.redhat.com/show_bug.cgi?id=1132304#c7
-CVE-2014-5368 (Directory traversal vulnerability in the file_get_contents function in ...)
+CVE-2014-5368
 	NOT-FOR-US: WordPress plugin wp-source-control
-CVE-2014-5333 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on ...)
+CVE-2014-5333
 	NOT-FOR-US: Adobe Flash Player
 	NOTE: assignment not from Adobe, see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-5333
-CVE-2014-5356 (OpenStack Image Registry and Delivery Service (Glance) before ...)
+CVE-2014-5356
 	- glance 2014.1.3-1
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: Versions: up to 2013.2.3 and 2014.1 to 2014.1.2
-CVE-2014-5336 (Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) ...)
+CVE-2014-5336
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 CVE-2014-5312
@@ -12203,9 +12203,9 @@ CVE-2014-5310
 	RESERVED
 CVE-2014-5309
 	RESERVED
-CVE-2014-5308 (Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote ...)
+CVE-2014-5308
 	NOT-FOR-US: TestLink
-CVE-2014-5307 (Heap-based buffer overflow in the PavTPK.sys kernel mode driver of ...)
+CVE-2014-5307
 	NOT-FOR-US: Panda Security
 CVE-2014-5306
 	RESERVED
@@ -12215,17 +12215,17 @@ CVE-2014-5304
 	RESERVED
 CVE-2014-5303
 	RESERVED
-CVE-2014-5302 (Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5 ...)
+CVE-2014-5302
 	NOT-FOR-US: ManageEngine components
-CVE-2014-5301 (Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 ...)
+CVE-2014-5301
 	NOT-FOR-US: ManageEngine components
-CVE-2014-5300 (Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote ...)
+CVE-2014-5300
 	NOT-FOR-US: Adaptive Computing Moab
 CVE-2014-5299
 	RESERVED
-CVE-2014-5298 (FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on ...)
+CVE-2014-5298
 	NOT-FOR-US: X2Engine
-CVE-2014-5297 (The actionSendErrorReport method in ...)
+CVE-2014-5297
 	NOT-FOR-US: X2Engine
 CVE-2014-5296
 	RESERVED
@@ -12247,102 +12247,102 @@ CVE-2014-5288
 	RESERVED
 CVE-2014-5287
 	RESERVED
-CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO ...)
+CVE-2014-5286
 	NOT-FOR-US: TIBCO
-CVE-2014-5285 (Unspecified vulnerability in the Authentication Module in TIBCO ...)
+CVE-2014-5285
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2014-5284 (host-deny.sh in OSSEC before 2.8.1 writes to temporary files with ...)
+CVE-2014-5284
 	- ossec-hids <itp> (bug #361954)
 CVE-2014-5283
 	RESERVED
-CVE-2014-5282 (Docker before 1.3 does not properly validate image IDs, which allows ...)
+CVE-2014-5282
 	- docker.io 1.3.0~dfsg1-1
 CVE-2014-5281
 	RESERVED
-CVE-2014-5280 (boot2docker 1.2 and earlier allows attackers to conduct cross-site ...)
+CVE-2014-5280
 	NOT-FOR-US: boot2docker
-CVE-2014-5279 (The Docker daemon managed by boot2docker 1.2 and earlier improperly ...)
+CVE-2014-5279
 	NOT-FOR-US: boot2docker
 CVE-2014-5278
 	RESERVED
-CVE-2014-5277 (Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when ...)
+CVE-2014-5277
 	- docker.io 1.3.1~dfsg1-1
 	NOTE: https://groups.google.com/d/topic/docker-user/oYm0i3xShJU/discussion
-CVE-2014-5276 (Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms ...)
+CVE-2014-5276
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2014-5275 (Multiple SQL injection vulnerabilities in includes/functions.php in ...)
+CVE-2014-5275
 	NOT-FOR-US: Pro Chat Rooms
 CVE-2014-5264
 	RESERVED
-CVE-2014-5259 (Cross-site scripting (XSS) vulnerability in cattranslate.php in the ...)
+CVE-2014-5259
 	NOT-FOR-US: BlackCat CMS
-CVE-2014-5258 (Directory traversal vulnerability in showTempFile.php in webEdition ...)
+CVE-2014-5258
 	NOT-FOR-US: webEdition CMS
-CVE-2014-5257 (Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms ...)
+CVE-2014-5257
 	NOT-FOR-US: Forma Lms
-CVE-2014-5248 (Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows ...)
+CVE-2014-5248
 	NOT-FOR-US: MyBB
-CVE-2014-5246 (The Shenzhen Tenda Technology Tenda A5s router with firmware ...)
+CVE-2014-5246
 	NOT-FOR-US: Shenzhen Tenda Technology Tenda A5s router
 CVE-2014-5245
 	RESERVED
 CVE-2014-5244
 	RESERVED
-CVE-2014-5239 (The Microsoft Outlook.com application before 7.8.2.12.49.7090 for ...)
+CVE-2014-5239
 	NOT-FOR-US: Microsoft
 CVE-2014-5238
 	RESERVED
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5237 (Server-side request forgery (SSRF) vulnerability in the ...)
+CVE-2014-5237
 	NOT-FOR-US: Open-Xchange
 CVE-2014-5236
 	RESERVED
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5235 (Cross-site scripting (XSS) vulnerability in the frontend in ...)
+CVE-2014-5235
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5234 (Cross-site scripting (XSS) vulnerability in the backend in ...)
+CVE-2014-5234
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5274 (Cross-site scripting (XSS) vulnerability in the view operations page ...)
+CVE-2014-5274
 	- phpmyadmin 4:4.2.7.1-1 (low; bug #758536)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
 	NOTE: Version 3.x uses the browser-provided confirmation window and not custom HTML.
-CVE-2014-5273 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2014-5273
 	- phpmyadmin 4:4.2.7.1-1 (low; bug #758536)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php
 	NOTE: Most of the affected Javascript files do not exist on version 3.3 and 3.4.
 	NOTE: Those that do do not contain the problematic code.
-CVE-2014-5268 (The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote ...)
+CVE-2014-5268
 	NOT-FOR-US: Drupal addon
-CVE-2014-5250 (Unspecified vulnerability in the AJAX autocompletion callback in the ...)
+CVE-2014-5250
 	NOT-FOR-US: Drupal addon
-CVE-2014-5249 (SQL injection vulnerability in the &quot;Biblio self autocomplete&quot; ...)
+CVE-2014-5249
 	NOT-FOR-US: Drupal addon
-CVE-2014-5272 (libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x ...)
+CVE-2014-5272
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3539d6c63a16e1b2874bb037a86f317449c58770
 	NOTE: <lu_zero> Does not apply to Libav at all.
-CVE-2014-5271 (Heap-based buffer overflow in the encode_slice function in ...)
+CVE-2014-5271
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:11-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=52b81ff4635c077b2bc8b8d3637d933b6629d803
 	NOTE: new ffmpeg now in experimental, CVE fixed in 7:2.4-1
 	NOTE: https://git.libav.org/?p=libav.git;a=commitdiff;h=45ce880a9b3e50cfa088f111dffaf8685bd7bc6b
-CVE-2014-5262 (SQL injection vulnerability in the graph settings script ...)
+CVE-2014-5262
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-8
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7454
-CVE-2014-5261 (The graph settings script (graph_settings.php) in Cacti 0.8.8b and ...)
+CVE-2014-5261
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-8
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7454
-CVE-2014-4274 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ...)
+CVE-2014-4274
 	{DSA-3054-1 DLA-75-1}
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
@@ -12351,17 +12351,17 @@ CVE-2014-4274 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: Fix MySQL: https://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4638
 	NOTE: Fix MariaDB: https://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/4261?sort=date#storage/myisam/ha_myisam.cc
-CVE-2014-5270 (Libgcrypt before 1.5.4, as used in GnuPG and other products, does not ...)
+CVE-2014-5270
 	{DSA-3073-1 DSA-3024-1 DLA-93-1 DLA-54-1}
 	- gnupg 1.4.16-1
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=cad8216f9a0b33c9dc84ecc4f385b00045e7b496
 	- libgcrypt11 1.5.4-1
 	- libgcrypt20 1.6.0-2
 	NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html
-CVE-2014-5267 (modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 ...)
+CVE-2014-5267
 	{DSA-2999-1}
 	- drupal7 7.31-1
-CVE-2014-5266 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 ...)
+CVE-2014-5266
 	{DSA-3001-1 DSA-2999-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
@@ -12369,7 +12369,7 @@ CVE-2014-5266 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2014-004
-CVE-2014-5265 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 ...)
+CVE-2014-5265
 	{DSA-3001-1 DSA-2999-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
@@ -12377,28 +12377,28 @@ CVE-2014-5265 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2014-004
-CVE-2014-5253 (OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno ...)
+CVE-2014-5253
 	- keystone 2014.1.2.1-1
 	[wheezy] - keystone <not-affected> (Affects 2014.1 versions up to 2014.1.1)
 	NOTE: https://launchpad.net/bugs/1349597
 	NOTE: https://git.openstack.org/cgit/openstack/keystone/commit/?id=317f9d34b4da20c21edd5b851889298b67c843e1
-CVE-2014-5252 (The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 ...)
+CVE-2014-5252
 	- keystone 2014.1.2.1-1
 	[wheezy] - keystone <not-affected> (Affects 2014.1 versions up to 2014.1.1)
 	NOTE: https://launchpad.net/bugs/1348820
 	NOTE: https://git.openstack.org/cgit/openstack/keystone/commit/?id=bdb88c662ac2035f9b0d8a229a5db5f60f5f16ae
-CVE-2014-5251 (The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x ...)
+CVE-2014-5251
 	- keystone 2014.1.2.1-1
 	[wheezy] - keystone <not-affected> (Affects 2014.1 versions up to 2014.1.1)
 	NOTE: https://launchpad.net/bugs/1347961
 	NOTE: https://git.openstack.org/cgit/openstack/keystone/commit/?id=6cbf835542d62e6e5db4b4aef7141b1731cad9dc
-CVE-2014-5263 (vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not ...)
+CVE-2014-5263
 	- qemu 2.1+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in v1.6.0)
 	[squeeze] - qemu <not-affected> (Vulnerable code introduced in v1.6.0)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: patch http://git.qemu.org/?p=qemu.git;a=commit;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56
-CVE-2014-5269 (Plack::App::File in Plack before 1.0031 removes trailing slash ...)
+CVE-2014-5269
 	{DLA-61-1}
 	- libplack-perl 1.0031-1
 	[wheezy] - libplack-perl 0.9989-1+deb7u1
@@ -12418,34 +12418,34 @@ CVE-2014-XXXX [Enforce use of HTTPS for MathJax in IPython]
 	NOTE: https://github.com/ipython/ipython/issues/6246
 	NOTE: patch: https://github.com/ipython/ipython/commit/f58dabb277d0cdfb603d46cd01fcf29819ae7613
 	NOTE: in Debian patch to use mathjax from system was added right away in version 0.12
-CVE-2014-5260 (The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow ...)
+CVE-2014-5260
 	- libxml-dt-perl 0.66-1 (bug #756566)
 	[wheezy] - libxml-dt-perl <no-dsa> (Minor issue)
 	[squeeze] - libxml-dt-perl <not-affected> (Vulnerable code introduced later)
-CVE-2014-6060 (The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 ...)
+CVE-2014-6060
 	- dhcpcd5 6.0.5-2 (low; bug #770043)
 	[wheezy] - dhcpcd5 5.5.6-1+deb7u1
 	- dhcpcd <not-affected> (Affects dhcpcd 4.0.0 to 6.4.2)
 	NOTE: http://roy.marples.name/projects/dhcpcd/ci/1d2b93aa5ce25a8a710082fe2d36a6bf7f5794d5?sbs=0
-CVE-2014-5243 (MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and ...)
+CVE-2014-5243
 	{DSA-3011-1}
 	- mediawiki 1:1.19.18+dfsg-0.1 (bug #758510)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=65778
-CVE-2014-5242 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-5242
 	- mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=66608
 	NOTE: Introduced in 1.22wmf14, https://bugzilla.wikimedia.org/show_bug.cgi?id=66608#c18
-CVE-2014-5241 (The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki ...)
+CVE-2014-5241
 	{DSA-3011-1}
 	- mediawiki 1:1.19.18+dfsg-0.1 (bug #758510)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=68187
-CVE-2014-5233 (The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows ...)
+CVE-2014-5233
 	NOT-FOR-US: Siemens SIMATIC WinCC Sm@rtClient
-CVE-2014-5232 (The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows ...)
+CVE-2014-5232
 	NOT-FOR-US: Siemens SIMATIC WinCC Sm@rtClient
-CVE-2014-5231 (The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows ...)
+CVE-2014-5231
 	NOT-FOR-US: Siemens SIMATIC WinCC Sm@rtClient
 CVE-2014-5230
 	REJECTED
@@ -12467,7 +12467,7 @@ CVE-2014-5222
 	REJECTED
 CVE-2014-5221
 	REJECTED
-CVE-2014-5220 (The mdcheck script of the mdadm package for openSUSE 13.2 prior to ...)
+CVE-2014-5220
 	- mdadm 3.3.4-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=910500
 	NOTE: https://github.com/mapcollab/mdadm/commit/979b1feb093b1c2e0f8b58716329f2da092741d4
@@ -12476,89 +12476,89 @@ CVE-2014-5219
 	RESERVED
 CVE-2014-5218
 	RESERVED
-CVE-2014-5217 (Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc ...)
+CVE-2014-5217
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5216 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access ...)
+CVE-2014-5216
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5215 (NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote ...)
+CVE-2014-5215
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5214 (nps/servlet/webacc in iManager in the Administration Console server in ...)
+CVE-2014-5214
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5213 (nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in ...)
+CVE-2014-5213
 	NOT-FOR-US: Novell eDirectory
-CVE-2014-5212 (Cross-site scripting (XSS) vulnerability in nds/search/data in ...)
+CVE-2014-5212
 	NOT-FOR-US: Novell eDirectory
-CVE-2014-5211 (Stack-based buffer overflow in the Attachmate Reflection FTP Client ...)
+CVE-2014-5211
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-5210 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows ...)
+CVE-2014-5210
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2014-5209
 	RESERVED
-CVE-2014-5208 (BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS ...)
+CVE-2014-5208
 	NOT-FOR-US: Batch Management Packages in Yokogawa and Exaopc
-CVE-2014-5202 (Cross-site scripting (XSS) vulnerability in compfight-search.php in ...)
+CVE-2014-5202
 	NOT-FOR-US: WordPress plugin compfight
-CVE-2014-5201 (SQL injection vulnerability in the Gallery Objects plugin 0.4 for ...)
+CVE-2014-5201
 	NOT-FOR-US: WordPress plugin gallery-objects
-CVE-2014-5200 (SQL injection vulnerability in game_play.php in the FB Gorilla plugin ...)
+CVE-2014-5200
 	NOT-FOR-US: WordPress plugin fbgorilla
-CVE-2014-5199 (Cross-site request forgery (CSRF) vulnerability in the WordPress File ...)
+CVE-2014-5199
 	NOT-FOR-US: WordPress plugin wp-file-upload
-CVE-2014-5198 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2014-5198
 	NOT-FOR-US: Splunk
-CVE-2014-5197 (Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd ...)
+CVE-2014-5197
 	NOT-FOR-US: Splunk
-CVE-2014-5196 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2014-5196
 	NOT-FOR-US: WordPress plugin improved-user-search-in-backend
-CVE-2014-5195 (Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not ...)
+CVE-2014-5195
 	- unity <itp> (bug #609278)
-CVE-2014-5194 (Static code injection vulnerability in admin/admin.php in Sphider ...)
+CVE-2014-5194
 	NOT-FOR-US: Sphider
-CVE-2014-5193 (Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider ...)
+CVE-2014-5193
 	NOT-FOR-US: Sphider
-CVE-2014-5192 (SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows ...)
+CVE-2014-5192
 	NOT-FOR-US: Sphider
-CVE-2014-5191 (Cross-site scripting (XSS) vulnerability in the Preview plugin before ...)
+CVE-2014-5191
 	- ckeditor 4.4.4+dfsg1-1 (bug #760736)
 	[wheezy] - ckeditor <not-affected> (Preview plugin not yet present)
 	[squeeze] - ckeditor <not-affected> (Preview plugin not yet present)
-CVE-2014-5190 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-5190
 	NOT-FOR-US: WordPress plugin SI CAPTCHA Anti-Spam
-CVE-2014-5189 (SQL injection vulnerability in lib/optin/optin_page.php in the Lead ...)
+CVE-2014-5189
 	NOT-FOR-US: WordPress plugin Lead-Octopus-Power
-CVE-2014-5188 (Cross-site scripting (XSS) vulnerability in doemailpassword.tml in ...)
+CVE-2014-5188
 	NOT-FOR-US: Lyris ListManager
-CVE-2014-5187 (Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin ...)
+CVE-2014-5187
 	NOT-FOR-US: WordPress plugin tom-m8te
-CVE-2014-5186 (SQL injection vulnerability in the All Video Gallery ...)
+CVE-2014-5186
 	NOT-FOR-US: WordPress plugin all-video-gallery
-CVE-2014-5185 (SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress ...)
+CVE-2014-5185
 	NOT-FOR-US: WordPress plugin quartz
-CVE-2014-5184 (SQL injection vulnerability in the stripshow-storylines page in the ...)
+CVE-2014-5184
 	NOT-FOR-US: WordPress plugin stripshow
-CVE-2014-5183 (SQL injection vulnerability in includes/mode-edit.php in the Simple ...)
+CVE-2014-5183
 	NOT-FOR-US: WordPress plugin simple-retail-menus
-CVE-2014-5182 (Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for ...)
+CVE-2014-5182
 	NOT-FOR-US: WordPress plugin yawpp
-CVE-2014-5181 (Directory traversal vulnerability in lastfm-proxy.php in the Last.fm ...)
+CVE-2014-5181
 	NOT-FOR-US: WordPress plugin lastfm-rotation
-CVE-2014-5180 (SQL injection vulnerability in the videos page in the HDW Player ...)
+CVE-2014-5180
 	NOT-FOR-US: WordPress plugin hdw-player-video-player-video-gallery
-CVE-2014-5178 (Multiple cross-site scripting (XSS) vulnerabilities in Easy File ...)
+CVE-2014-5178
 	NOT-FOR-US: Easy File Sharing
-CVE-2014-5176 (SAP FI Manager Self-Service has a hard-coded user name, which makes it ...)
+CVE-2014-5176
 	NOT-FOR-US: SAP
-CVE-2014-5175 (The License Measurement servlet in SAP Solution Manager 7.1 allows ...)
+CVE-2014-5175
 	NOT-FOR-US: SAP
-CVE-2014-5174 (The SAP Netweaver Business Warehouse component does not properly ...)
+CVE-2014-5174
 	NOT-FOR-US: SAP
-CVE-2014-5173 (SAP HANA Extend Application Services (XS) allows remote attackers to ...)
+CVE-2014-5173
 	NOT-FOR-US: SAP
-CVE-2014-5172 (Multiple cross-site scripting (XSS) vulnerabilities in the XS ...)
+CVE-2014-5172
 	NOT-FOR-US: SAP
-CVE-2014-5171 (SAP HANA Extend Application Services (XS) does not encrypt ...)
+CVE-2014-5171
 	NOT-FOR-US: SAP
-CVE-2014-5207 (fs/namespace.c in the Linux kernel through 3.16.1 does not properly ...)
+CVE-2014-5207
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
@@ -12566,49 +12566,49 @@ CVE-2014-5207 (fs/namespace.c in the Linux kernel through 3.16.1 does not proper
 	NOTE: and: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ffbc6f0ead47fa5a1dc9642b0331cb75c20a640e (v3.17-rc1)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0c55cfc4166d9a0f38de779bd4d75a90afbe7734 (v3.8)
 	NOTE: Thread starting at http://www.openwall.com/lists/oss-security/2014/08/12/6
-CVE-2014-5206 (The do_remount function in fs/namespace.c in the Linux kernel through ...)
+CVE-2014-5206
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130
 	NOTE: Thread starting at http://www.openwall.com/lists/oss-security/2014/08/12/6
-CVE-2014-5247 (The _UpgradeBeforeConfigurationChange function in ...)
+CVE-2014-5247
 	- ganeti 2.11.5-1
 	[wheezy] - ganeti <not-affected> (Vulnerable code not present)
 	[squeeze] - ganeti <not-affected> (Vulnerable code not present)
 	NOTE: http://www.ocert.org/advisories/ocert-2014-006.html
-CVE-2014-5240 (Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php ...)
+CVE-2014-5240
 	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29398
-CVE-2014-5205 (wp-includes/pluggable.php in WordPress before 3.9.2 does not use ...)
+CVE-2014-5205
 	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29408
-CVE-2014-5204 (wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid ...)
+CVE-2014-5204
 	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29384
-CVE-2014-5203 (wp-includes/class-wp-customize-widgets.php in the widget ...)
+CVE-2014-5203
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	[squeeze] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/29389
-CVE-2014-3528 (Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before ...)
+CVE-2014-3528
 	- subversion 1.8.10-1 (low)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion <no-dsa> (Minor issue)
 	NOTE: http://mail-archives.apache.org/mod_mbox/subversion-dev/201407.mbox/%3C53DAB4A7.8030004%40reser.org%3E
-CVE-2014-5179 (The freelinking module for Drupal, as used in the Freelinking for Case ...)
+CVE-2014-5179
 	NOT-FOR-US: drupal6-freelinking module
-CVE-2014-5177 (libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access ...)
+CVE-2014-5177
 	- libvirt 1.2.4-1 (low)
 	[wheezy] - libvirt <not-affected> (Not exploitable in that version)
 	[squeeze] - libvirt <not-affected> (Not exploitable in that version)
 	NOTE: http://security.libvirt.org/2014/0003.html
-CVE-2014-5170 (The Storage API module 7.x before 7.x-1.6 for Drupal might allow ...)
+CVE-2014-5170
 	NOT-FOR-US: Storage API module for Drupal
-CVE-2014-5169 (Cross-site scripting (XSS) vulnerability in the Date module before ...)
+CVE-2014-5169
 	NOT-FOR-US: Drupal module Date
 CVE-2014-5168
 	RESERVED
@@ -12616,36 +12616,36 @@ CVE-2014-5167
 	RESERVED
 CVE-2014-5166
 	RESERVED
-CVE-2014-5165 (The dissect_ber_constrained_bitstring function in ...)
+CVE-2014-5165
 	{DSA-3002-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-11.html
-CVE-2014-5164 (The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC ...)
+CVE-2014-5164
 	{DSA-3002-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-10.html
-CVE-2014-5163 (The APN decode functionality in (1) epan/dissectors/packet-gtp.c and ...)
+CVE-2014-5163
 	{DSA-3002-1 DLA-38-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-09.html
-CVE-2014-5162 (The read_new_line function in wiretap/catapult_dct2000.c in the ...)
+CVE-2014-5162
 	{DSA-3002-1 DLA-38-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
-CVE-2014-5161 (The dissect_log function in plugins/irda/packet-irda.c in the IrDA ...)
+CVE-2014-5161
 	{DSA-3002-1 DLA-38-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
-CVE-2014-5160 (** DISPUTED ** Multiple directory traversal vulnerabilities in crs.exe ...)
+CVE-2014-5160
 	NOT-FOR-US: HP Data Protector
-CVE-2014-5159 (SQL injection vulnerability in the ossim-framework service in ...)
+CVE-2014-5159
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-5158 (The (1) av-centerd SOAP service and (2) backup command in the ...)
+CVE-2014-5158
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2014-5157
 	REJECTED
@@ -12663,25 +12663,25 @@ CVE-2014-5151
 	RESERVED
 CVE-2014-5150
 	RESERVED
-CVE-2014-5149 (Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when ...)
+CVE-2014-5149
 	- xen 4.4.1-4 (low; bug #770230)
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-5148 (Xen 4.4.x, when running on an ARM system and &quot;handling an unknown ...)
+CVE-2014-5148
 	- xen 4.4.1-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2014-5147 (Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not ...)
+CVE-2014-5147
 	- xen 4.4.1-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2014-5146 (Certain MMU virtualization operations in Xen 4.2.x through 4.4.x ...)
+CVE-2014-5146
 	- xen 4.4.1-4 (low; bug #770230)
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-5145
 	RESERVED
-CVE-2014-5144 (Cross-site scripting (XSS) vulnerability in Telescope before 0.9.3 ...)
+CVE-2014-5144
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2014-5143
 	RESERVED
@@ -12691,16 +12691,16 @@ CVE-2014-5141
 	RESERVED
 CVE-2014-5140
 	RESERVED
-CVE-2014-5139 (The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 ...)
+CVE-2014-5139
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
 CVE-2014-5138
 	RESERVED
 	NOT-FOR-US: Sierra Library Services Platform
-CVE-2014-5137 (Innovative Interfaces Sierra Library Services Platform 1.2_3 provides ...)
+CVE-2014-5137
 	NOT-FOR-US: Sierra Library Services Platform
-CVE-2014-5136 (Cross-site scripting (XSS) vulnerability in Innovative Interfaces ...)
+CVE-2014-5136
 	NOT-FOR-US: Sierra Library Services Platform
 CVE-2014-5135
 	RESERVED
@@ -12708,17 +12708,17 @@ CVE-2014-5134
 	RESERVED
 CVE-2014-5133
 	RESERVED
-CVE-2014-5132 (Avolve Software ProjectDox 8.1 allows remote attackers to enumerate ...)
+CVE-2014-5132
 	NOT-FOR-US: ProjectDox
-CVE-2014-5131 (Avolve Software ProjectDox 8.1 makes it easier for remote ...)
+CVE-2014-5131
 	NOT-FOR-US: ProjectDox
-CVE-2014-5130 (Avolve Software ProjectDox 8.1 allows remote authenticated users to ...)
+CVE-2014-5130
 	NOT-FOR-US: ProjectDox
-CVE-2014-5129 (Cross-site scripting (XSS) vulnerability in Avolve Software ProjectDox ...)
+CVE-2014-5129
 	NOT-FOR-US: ProjectDox
-CVE-2014-5128 (Innovative Interfaces Encore Discovery Solution 4.3 places a session ...)
+CVE-2014-5128
 	NOT-FOR-US: Innovative Interfaces Encore Discovery Solution
-CVE-2014-5127 (Open redirect vulnerability in Innovative Interfaces Encore Discovery ...)
+CVE-2014-5127
 	NOT-FOR-US: Innovative Interfaces Encore Discovery Solution
 CVE-2014-5126
 	RESERVED
@@ -12728,11 +12728,11 @@ CVE-2014-5124
 	RESERVED
 CVE-2014-5123
 	RESERVED
-CVE-2014-5122 (Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows ...)
+CVE-2014-5122
 	NOT-FOR-US: ArcGIS
-CVE-2014-5121 (Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for ...)
+CVE-2014-5121
 	NOT-FOR-US: ArcGIS
-CVE-2014-5120 (gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x ...)
+CVE-2014-5120
 	- php5 5.4.0-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.4)
 	- libgd2 <not-affected> (Specific to integration of gd in PHP)
@@ -12740,49 +12740,49 @@ CVE-2014-5120 (gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x
 	NOTE: https://bugs.php.net/patch-display.php?bug_id=67730&patch=gd-null-injection&revision=latest
 	NOTE: For the PHP5 5.4 branch this issue is fixed in version 5.4.32
 	NOTE: fixed in Debian with the gdIOCtx.patch patch
-CVE-2014-5115 (Absolute path traversal vulnerability in DirPHP 1.0 allows remote ...)
+CVE-2014-5115
 	NOT-FOR-US: DirPHP
-CVE-2014-5114 (WeBid 1.1.1 allows remote attackers to conduct an LDAP injection ...)
+CVE-2014-5114
 	NOT-FOR-US: WeBid Auction Script
-CVE-2014-5113 (Multiple cross-site scripting (XSS) vulnerabilities in test.php in ...)
+CVE-2014-5113
 	NOT-FOR-US: Visualwave MyConnection Server
-CVE-2014-5112 (maint/modules/home/index.php in Fonality trixbox allows remote ...)
+CVE-2014-5112
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5111 (Multiple directory traversal vulnerabilities in Fonality trixbox allow ...)
+CVE-2014-5111
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5110 (Cross-site scripting (XSS) vulnerability in user/help/html/index.php ...)
+CVE-2014-5110
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5109 (SQL injection vulnerability in ...)
+CVE-2014-5109
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5108 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-5108
 	NOT-FOR-US: concrete5
-CVE-2014-5107 (concrete5 before 5.6.3 allows remote attackers to obtain the ...)
+CVE-2014-5107
 	NOT-FOR-US: concrete5
-CVE-2014-5106 (Cross-site scripting (XSS) vulnerability in Invision Power IP.Board ...)
+CVE-2014-5106
 	NOT-FOR-US: Invision Power IP.Board
-CVE-2014-5105 (Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce ...)
+CVE-2014-5105
 	NOT-FOR-US: ol-commerce
-CVE-2014-5104 (Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow ...)
+CVE-2014-5104
 	NOT-FOR-US: ol-commerce
-CVE-2014-5103 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog ...)
+CVE-2014-5103
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
-CVE-2014-5102 (SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 ...)
+CVE-2014-5102
 	NOT-FOR-US: vBulletin
-CVE-2014-5101 (Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 ...)
+CVE-2014-5101
 	NOT-FOR-US: WeBid Auction Script
-CVE-2014-5100 (Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka ...)
+CVE-2014-5100
 	NOT-FOR-US: Omeka
 CVE-2014-5099
 	RESERVED
-CVE-2014-5098 (Cross-site scripting (XSS) vulnerability in the Search module before ...)
+CVE-2014-5098
 	NOT-FOR-US: Jamroom Search module
-CVE-2014-5097 (Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR ...)
+CVE-2014-5097
 	NOT-FOR-US: ArticleFR
 CVE-2014-5096
 	RESERVED
 CVE-2014-5095
 	RESERVED
-CVE-2014-5094 (Status2k allows remote attackers to obtain configuration information ...)
+CVE-2014-5094
 	NOT-FOR-US: Status2k
 CVE-2014-5093
 	RESERVED
@@ -12790,11 +12790,11 @@ CVE-2014-5092
 	RESERVED
 CVE-2014-5091
 	RESERVED
-CVE-2014-5090 (admin/options/logs.php in Status2k allows remote authenticated ...)
+CVE-2014-5090
 	NOT-FOR-US: Status2k
-CVE-2014-5089 (SQL injection vulnerability in admin/options/logs.php in Status2k ...)
+CVE-2014-5089
 	NOT-FOR-US: Status2k
-CVE-2014-5088 (Cross-site scripting (XSS) vulnerability in Status2k allows remote ...)
+CVE-2014-5088
 	NOT-FOR-US: Status2k
 CVE-2014-5087
 	RESERVED
@@ -12806,7 +12806,7 @@ CVE-2014-5084
 	RESERVED
 CVE-2014-5083
 	RESERVED
-CVE-2014-5082 (Multiple SQL injection vulnerabilities in admin/admin.php in Sphider ...)
+CVE-2014-5082
 	NOT-FOR-US: Sphider
 CVE-2014-5081
 	RESERVED
@@ -12816,23 +12816,23 @@ CVE-2014-5079
 	RESERVED
 CVE-2014-5078
 	RESERVED
-CVE-2014-5076 (The La Banque Postale application before 3.2.6 for Android does not ...)
+CVE-2014-5076
 	NOT-FOR-US: La Banque Postale application
-CVE-2014-5075 (The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x ...)
+CVE-2014-5075
 	- libsmack-java <itp> (bug #640873)
-CVE-2014-5074 (Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow ...)
+CVE-2014-5074
 	NOT-FOR-US: Siemens SIMATIC S7-1500 CPU devices
-CVE-2014-5073 (vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 ...)
+CVE-2014-5073
 	NOT-FOR-US: VMTurbo Operations Manager
-CVE-2014-5072 (Cross-site request forgery (CSRF) vulnerability in WP Security Audit ...)
+CVE-2014-5072
 	NOT-FOR-US: WP Security Audit Log plugin for WordPress
-CVE-2014-5071 (SQL injection vulnerability in the checkPassword function in ...)
+CVE-2014-5071
 	NOT-FOR-US: Symmetricom
-CVE-2014-5070 (Symmetricom s350i 2.70.15 allows remote authenticated users to gain ...)
+CVE-2014-5070
 	NOT-FOR-US: Symmetricom
-CVE-2014-5069 (Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 ...)
+CVE-2014-5069
 	NOT-FOR-US: Symmetricom
-CVE-2014-5068 (Directory traversal vulnerability in the web application in ...)
+CVE-2014-5068
 	NOT-FOR-US: Symmetricom
 CVE-2014-5067
 	RESERVED
@@ -12881,13 +12881,13 @@ CVE-2014-5046
 CVE-2014-5118
 	RESERVED
 	NOT-FOR-US: tboot
-CVE-2014-5117 (Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit ...)
+CVE-2014-5117
 	{DSA-2993-1 DLA-17-1}
 	- tor 0.2.4.23-1
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2014-5116 (The cairo_image_surface_get_data function in Cairo 1.10.2, as used in ...)
+CVE-2014-5116
 	NOTE: This is non-security bug in Wireshark, not in Cairo
-CVE-2014-5077 (The sctp_assoc_update function in net/sctp/associola.c in the Linux ...)
+CVE-2014-5077
 	{DLA-103-1}
 	- linux 3.14.15-1
 	[wheezy] - linux 3.2.63-1
@@ -12899,29 +12899,29 @@ CVE-2014-5042
 	RESERVED
 CVE-2014-5041
 	RESERVED
-CVE-2014-5040 (HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus ...)
+CVE-2014-5040
 	- eucalyptus <removed>
 CVE-2014-5039
 	RESERVED
-CVE-2014-5038 (Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or ...)
+CVE-2014-5038
 	- eucalyptus <removed>
-CVE-2014-5037 (Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, ...)
+CVE-2014-5037
 	- eucalyptus <removed>
-CVE-2014-5036 (The Storage Controller (SC) component in Eucalyptus 3.4.2 through ...)
+CVE-2014-5036
 	- eucalyptus <removed>
-CVE-2014-5035 (The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers ...)
+CVE-2014-5035
 	NOT-FOR-US: Opendaylight
-CVE-2014-5034 (Cross-site request forgery (CSRF) vulnerability in the Brute Force ...)
+CVE-2014-5034
 	NOT-FOR-US: Brute Force Login Protection module for WordPress
-CVE-2014-5023 (Repository.php in Gitter, as used in Gitlist, allows remote attackers ...)
+CVE-2014-5023
 	- gitlist <itp> (bug #750368)
-CVE-2014-5018 (Incomplete blacklist vulnerability in the autoEscape function in ...)
+CVE-2014-5018
 	- limesurvey <itp> (bug #472802)
-CVE-2014-5017 (SQL injection vulnerability in CPDB in ...)
+CVE-2014-5017
 	- limesurvey <itp> (bug #472802)
-CVE-2014-5016 (Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey ...)
+CVE-2014-5016
 	- limesurvey <itp> (bug #472802)
-CVE-2014-5014 (The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows ...)
+CVE-2014-5014
 	NOT-FOR-US: WordPress Flash Uploader plugin for WordPress
 CVE-2014-5013 [Remote Code Execution (complement of CVE-2014-2383)]
 	RESERVED
@@ -12942,16 +12942,16 @@ CVE-2014-5010
 	RESERVED
 CVE-2014-5007
 	RESERVED
-CVE-2014-5006 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
+CVE-2014-5006
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2014-5005 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
+CVE-2014-5005
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2014-5045 (The mountpoint_last function in fs/namei.c in the Linux kernel before ...)
+CVE-2014-5045
 	- linux 3.14.15-1
 	[wheezy] - linux <not-affected> (Introduced in 3.12)
 	- linux-2.6 <not-affected> (Introduced in 3.12)
 	NOTE: https://lkml.org/lkml/2014/7/21/98
-CVE-2014-5044 (Multiple integer overflows in libgfortran might allow remote attackers ...)
+CVE-2014-5044
 	- gcc-4.9 4.9.1-4 (bug #756325)
 	- gcc-4.8 4.8.3-7 (bug #756325)
 	- gcc-4.7 <removed> (bug #756325)
@@ -12964,85 +12964,85 @@ CVE-2014-5044 (Multiple integer overflows in libgfortran might allow remote atta
 	- gcc-4.3 <removed>
 	[squeeze] - gcc-4.3 <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=211721
-CVE-2014-5033 (KDE kdelibs before 4.14 and kauth before 5.1 does not properly use ...)
+CVE-2014-5033
 	{DSA-3004-1 DLA-76-1}
 	- kde4libs 4:4.13.3-2 (bug #755814)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=864716
 	NOTE: http://quickgit.kde.org/?p=kdelibs.git&a=commit&h=e4e7b53b71e2659adaf52691d4accc3594203b23
-CVE-2014-5032 (GLPI before 0.84.7 does not properly restrict access to cost ...)
+CVE-2014-5032
 	- glpi <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/22/6
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2014-5031 (The web interface in CUPS before 2.0 does not check that files have ...)
+CVE-2014-5031
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
-CVE-2014-5030 (CUPS before 2.0 allows local users to read arbitrary files via a ...)
+CVE-2014-5030
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
-CVE-2014-5029 (The web interface in CUPS 1.7.4 allows local users in the lp group to ...)
+CVE-2014-5029
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
-CVE-2014-5028 (The Original File and Patched File resources in Review Board 1.7.x ...)
+CVE-2014-5028
 	- reviewboard <itp> (bug #653113)
-CVE-2014-5027 (Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before ...)
+CVE-2014-5027
 	- reviewboard <itp> (bug #653113)
-CVE-2014-5026 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b ...)
+CVE-2014-5026
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-7
 	NOTE: http://bugs.cacti.net/view.php?id=2456
-CVE-2014-5025 (Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti ...)
+CVE-2014-5025
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-7
 	NOTE: http://bugs.cacti.net/view.php?id=2456
-CVE-2014-5024 (Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell ...)
+CVE-2014-5024
 	NOT-FOR-US: DELL SonicWALL GMS
-CVE-2014-5015 (bozotic HTTP server (aka bozohttpd) before 20140708, as used in ...)
+CVE-2014-5015
 	{DLA-490-1}
 	- bozohttpd <removed> (bug #755197)
 	[squeeze] - bozohttpd <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/httpd/bozohttpd.c.diff?r1=1.52&r2=1.53&only_with_tag=MAIN
-CVE-2014-5009 (Snoopy allows remote attackers to execute arbitrary commands.  NOTE: ...)
+CVE-2014-5009
 	- libphp-snoopy <not-affected> (Incorrect fix not applied)
 	NOTE: This issue exists because of an incorrect fix for CVE-2014-5008.
 	NOTE: https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706
-CVE-2014-5008 (Snoopy allows remote attackers to execute arbitrary commands. ...)
+CVE-2014-5008
 	{DSA-3248-1 DLA-357-1}
 	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: http://mstrokin.com/sec/feed2js-magpierss-0day-vulnerability-not-really-it-is-actually-cve-2005-3330-cve-2008-4796/
 	NOTE: This issue exists because of an incorrect fix for CVE-2008-4796 (i.e., use of escapeshellcmd where escapeshellarg was required).
-CVE-2014-5004 (lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database ...)
+CVE-2014-5004
 	NOT-FOR-US: Ruby Gem brbackup
-CVE-2014-5003 (chef/travis-cookbooks/ci_environment/perlbrew/recipes/default.rb in ...)
+CVE-2014-5003
 	NOT-FOR-US: Ruby Gem ciborg
-CVE-2014-5002 (The lynx gem before 1.0.0 for Ruby places the configured password on ...)
+CVE-2014-5002
 	NOT-FOR-US: Ruby Gem lynx
-CVE-2014-5001 (lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database ...)
+CVE-2014-5001
 	NOT-FOR-US: Ruby Gem kcapifony
-CVE-2014-5000 (The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby ...)
+CVE-2014-5000
 	NOT-FOR-US: Ruby Gem lawn-login
-CVE-2014-4999 (vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem ...)
+CVE-2014-4999
 	NOT-FOR-US: Ruby Gem kajam
-CVE-2014-4998 (test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the ...)
+CVE-2014-4998
 	NOT-FOR-US: Ruby Gem lean-ruport
-CVE-2014-4997 (lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places ...)
+CVE-2014-4997
 	NOT-FOR-US: Ruby Gem point-cli
-CVE-2014-4996 (lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby ...)
+CVE-2014-4996
 	NOT-FOR-US: Ruby Gem VladTheEnterprising
-CVE-2014-4995 (Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem ...)
+CVE-2014-4995
 	NOT-FOR-US: Ruby Gem VladTheEnterprising
-CVE-2014-4994 (lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users ...)
+CVE-2014-4994
 	NOT-FOR-US: Ruby Gem gyazo
-CVE-2014-4993 ((1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and ...)
+CVE-2014-4993
 	NOT-FOR-US: Ruby Gems backup-agoddard and backup_checksum
-CVE-2014-4992 (lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places ...)
+CVE-2014-4992
 	NOT-FOR-US: Ruby Gem cap-strap
-CVE-2014-4991 ((1) lib/dataset/database/mysql.rb and (2) ...)
+CVE-2014-4991
 	NOT-FOR-US: Ruby Gem codders-dataset
 CVE-2014-4990
 	RESERVED
@@ -13050,12 +13050,12 @@ CVE-2014-4989
 	RESERVED
 CVE-2014-4988
 	RESERVED
-CVE-2014-4987 (server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x ...)
+CVE-2014-4987
 	- phpmyadmin 4:4.2.6-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php
-CVE-2014-4986 (Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js ...)
+CVE-2014-4986
 	- phpmyadmin 4:4.2.6-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -13070,37 +13070,37 @@ CVE-2014-4982
 	RESERVED
 CVE-2014-4981
 	RESERVED
-CVE-2014-4980 (The /server/properties resource in Tenable Web UI before 2.3.5 for ...)
+CVE-2014-4980
 	NOT-FOR-US: Tenable Web UI for Nessus
-CVE-2014-4979 (Apple QuickTime allows remote attackers to execute arbitrary code or ...)
+CVE-2014-4979
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-4977 (Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer ...)
+CVE-2014-4977
 	NOT-FOR-US: SonicWall
-CVE-2014-4976 (Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to ...)
+CVE-2014-4976
 	NOT-FOR-US: SonicWall
-CVE-2014-5022 (Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal ...)
+CVE-2014-5022
 	{DSA-2983-1}
 	- drupal6 <not-affected> (Only affects Drupal 7 core)
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-5021 (Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x ...)
+CVE-2014-5021
 	{DSA-2983-1}
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-5020 (The File module in Drupal 7.x before 7.29 does not properly check ...)
+CVE-2014-5020
 	{DSA-2983-1}
 	- drupal6 <not-affected> (Only affects Drupal 7 core)
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-5019 (The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 ...)
+CVE-2014-5019
 	{DSA-2983-1}
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-4975 (Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and ...)
+CVE-2014-4975
 	{DSA-3157-1 DLA-200-1}
 	- ruby1.8 <not-affected> (Vulnerable code not present in 1.8)
 	- ruby1.9.1 <removed> (low)
@@ -13108,13 +13108,13 @@ CVE-2014-4975 (Off-by-one error in the encodes function in pack.c in Ruby 1.9.3
 	- ruby2.0 <removed> (low)
 	- ruby2.1 2.1.3-1 (low)
 	NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778
-CVE-2014-4974 (The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode ...)
+CVE-2014-4974
 	NOT-FOR-US: ESET
-CVE-2014-4973 (The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the ...)
+CVE-2014-4973
 	NOT-FOR-US: ESET Personal Firewall
-CVE-2014-4972 (Unrestricted file upload vulnerability in the Gravity Upload Ajax ...)
+CVE-2014-4972
 	NOT-FOR-US: Gravity Upload Ajax plugin for WordPress
-CVE-2014-4971 (Microsoft Windows XP SP3 does not validate addresses in certain IRP ...)
+CVE-2014-4971
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2014-4970
 	RESERVED
@@ -13130,21 +13130,21 @@ CVE-2014-4966
 	RESERVED
 	- ansible 1.6.8+dfsg-1
 	NOTE: https://github.com/ansible/ansible/commit/84759faa0950146a6bae8452580b4a4cede6d871
-CVE-2014-4965 (Multiple cross-site scripting (XSS) vulnerabilities in Shopizer 1.1.5 ...)
+CVE-2014-4965
 	NOT-FOR-US: Shopizer
-CVE-2014-4964 (Multiple cross-site request forgery (CSRF) vulnerabilities in Shopizer ...)
+CVE-2014-4964
 	NOT-FOR-US: Shopizer
-CVE-2014-4963 (Shopizer 1.1.5 and earlier allows remote attackers to modify the ...)
+CVE-2014-4963
 	NOT-FOR-US: Shopizer
-CVE-2014-4962 (Shopizer 1.1.5 and earlier allows remote attackers to reduce the total ...)
+CVE-2014-4962
 	NOT-FOR-US: Shopizer
 CVE-2014-4961
 	RESERVED
-CVE-2014-4960 (Multiple SQL injection vulnerabilities in models\gallery.php in ...)
+CVE-2014-4960
 	NOT-FOR-US: Joomla! component
-CVE-2014-4959 (**DISPUTED** SQL injection vulnerability in SQLiteDatabase.java in the ...)
+CVE-2014-4959
 	NOT-FOR-US: Disputed Android issue
-CVE-2014-4958 (Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET ...)
+CVE-2014-4958
 	NOT-FOR-US: Telerik UI for ASP.NET AJAX RadEditor Control
 CVE-2014-4957
 	RESERVED
@@ -13154,11 +13154,11 @@ CVE-2014-4956
 	RESERVED
 	NOT-FOR-US: TR-069 Auto Configuration Servers
 	NOTE: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
-CVE-2014-4955 (Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList ...)
+CVE-2014-4955
 	- phpmyadmin 4:4.2.6-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-4954 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2014-4954
 	- phpmyadmin 4:4.2.6-1
 	[squeeze] - phpmyadmin <not-affected> (libraries/structure.lib.php not present)
 	[wheezy] - phpmyadmin <not-affected> (libraries/structure.lib.php not present)
@@ -13172,11 +13172,11 @@ CVE-2014-4950
 	REJECTED
 CVE-2014-4949
 	REJECTED
-CVE-2014-4948 (Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and ...)
+CVE-2014-4948
 	NOT-FOR-US: Citrix XenServer
-CVE-2014-4947 (Buffer overflow in the HVM graphics console support in Citrix ...)
+CVE-2014-4947
 	NOT-FOR-US: Citrix XenServer
-CVE-2014-4946 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet ...)
+CVE-2014-4946
 	- php-horde-imp 6.2.0-1
 	- horde3 <removed>
 	[squeeze] - horde3 <not-affected>
@@ -13184,32 +13184,32 @@ CVE-2014-4946 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Inte
 	NOTE: https://github.com/horde/horde/commit/578ff073724d9c179663098d8ff0076e8b361cfb
 	NOTE: https://github.com/horde/horde/commit/2f1f4b10dec90fb67797ea80be0e029ead90f168
 	NOTE: The bugs are in javascript files that do not exist in the version in Squeeze.
-CVE-2014-4945 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet ...)
+CVE-2014-4945
 	- php-horde-imp 6.2.0-1
 	- horde3 <removed>
 	[squeeze] - horde3 <not-affected>
 	NOTE: Upstream patch: https://github.com/horde/horde/commit/71633e649afc0704b72098a6e2530377dd67eb0c
 	NOTE: The bug is in PHP template file that does not exist in the version in Squeeze.
-CVE-2014-4944 (Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in ...)
+CVE-2014-4944
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4943 (The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel ...)
+CVE-2014-4943
 	{DSA-2992-1 DLA-103-1}
 	- linux 3.14.13-1
 	- linux-2.6 <removed>
 	NOTE: upstream commit: https://git.kernel.org/linus/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf
-CVE-2014-4942 (The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows ...)
+CVE-2014-4942
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4941 (Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) ...)
+CVE-2014-4941
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4940 (Multiple directory traversal vulnerabilities in Tera Charts ...)
+CVE-2014-4940
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4939 (SQL injection vulnerability in the ENL Newsletter (enl-newsletter) ...)
+CVE-2014-4939
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4938 (SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) ...)
+CVE-2014-4938
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4937 (Directory traversal vulnerability in includes/bookx_export.php BookX ...)
+CVE-2014-4937
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4936 (The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer ...)
+CVE-2014-4936
 	NOT-FOR-US: Malwarebytes
 CVE-2014-4935
 	RESERVED
@@ -13217,22 +13217,22 @@ CVE-2014-4934
 	RESERVED
 CVE-2014-4933
 	RESERVED
-CVE-2014-4932 (Cross-site scripting (XSS) vulnerability in the Wordfence Security ...)
+CVE-2014-4932
 	NOT-FOR-US: Wordfence Security plugin for WordPress
 CVE-2014-4931
 	RESERVED
-CVE-2014-4930 (Multiple cross-site scripting (XSS) vulnerabilities in event/index2.do ...)
+CVE-2014-4930
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2014-4929 (Directory traversal vulnerability in the routing component in ownCloud ...)
+CVE-2014-4929
 	- owncloud 6.0.4~beta1+dfsg-1
 	NOTE: https://github.com/owncloud/security-advisories/blob/master/server/oc-sa-2014-018.json
-CVE-2014-4928 (SQL injection vulnerability in Invision Power Board (aka IPB or ...)
+CVE-2014-4928
 	NOT-FOR-US: Invision Power Board
-CVE-2014-4927 (Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and ...)
+CVE-2014-4927
 	NOT-FOR-US: ACME micro_httpd
 CVE-2014-4926
 	RESERVED
-CVE-2014-4925 (Cross-site scripting (XSS) vulnerability in Good for Enterprise for ...)
+CVE-2014-4925
 	NOT-FOR-US: Good for Enterprise for Android
 CVE-2014-4924
 	RESERVED
@@ -13244,7 +13244,7 @@ CVE-2014-4921
 	RESERVED
 CVE-2014-4920
 	RESERVED
-CVE-2014-4919 (OXID eShop Professional Edition before 4.7.13 and 4.8.x before 4.8.7, ...)
+CVE-2014-4919
 	NOT-FOR-US: OXID eShop
 CVE-2014-4918
 	RESERVED
@@ -13260,102 +13260,102 @@ CVE-2014-4916
 	NOTE: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
 CVE-2014-4915
 	RESERVED
-CVE-2014-4912 (An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to ...)
+CVE-2014-4912
 	NOT-FOR-US: Frog CMS
-CVE-2014-4906 (The Brisbane &amp; Queensland Alert (aka com.queensland.alert) application ...)
+CVE-2014-4906
 	NOT-FOR-US: Brisbane & Queensland Alert (aka com.queensland.alert) application for Android
-CVE-2014-4905 (The Clean Internet Browser (aka com.cleantab.browsesecure) application ...)
+CVE-2014-4905
 	NOT-FOR-US: Clean Internet Browser (aka com.cleantab.browsesecure) application for Android
-CVE-2014-4904 (The Crossmo Calendar (aka com.crossmo.calendar) application 1.7.1 for ...)
+CVE-2014-4904
 	NOT-FOR-US: Crossmo Calendar (aka com.crossmo.calendar) application for Android
-CVE-2014-4903 (The Kakao Bingo Garden (aka com.mocoga.bingogarden) application 1.0.14 ...)
+CVE-2014-4903
 	NOT-FOR-US: Kakao Bingo Garden (aka com.mocoga.bingogarden) application for Android
 CVE-2014-4902
 	RESERVED
-CVE-2014-4901 (The Bond Trading (aka com.appmakr.app613309) application 197705 for ...)
+CVE-2014-4901
 	NOT-FOR-US: Bond Trading (aka com.appmakr.app613309) application for Android
-CVE-2014-4900 (The migme (aka com.projectgoth) application 4.03.002 for Android does ...)
+CVE-2014-4900
 	NOT-FOR-US: migme (aka com.projectgoth) application for Android
-CVE-2014-4899 (The Indian Cement Review (aka com.magzter.indiancementreview) ...)
+CVE-2014-4899
 	NOT-FOR-US: Indian Cement Review (aka com.magzter.indiancementreview) application for Android
-CVE-2014-4898 (The Harivijay (aka com.upasanhar.marathi.harivijay) application 4.0 ...)
+CVE-2014-4898
 	NOT-FOR-US: Harivijay (aka com.upasanhar.marathi.harivijay) application for Android
-CVE-2014-4897 (The Touriosity Travelmag (aka com.magzter.touriositytravelmag) ...)
+CVE-2014-4897
 	NOT-FOR-US: Touriosity Travelmag (aka com.magzter.touriositytravelmag) application for Android
-CVE-2014-4896 (The Parque Imperial (aka com.a792139893520606f84b2188a.a23428594a) ...)
+CVE-2014-4896
 	NOT-FOR-US: Parque Imperial (aka com.a792139893520606f84b2188a.a23428594a) application for Android
-CVE-2014-4895 (The Herpin Time Radio (aka com.herpin.time.radio) application 2.0 for ...)
+CVE-2014-4895
 	NOT-FOR-US: Herpin Time Radio (aka com.herpin.time.radio) application for Android
-CVE-2014-4894 (The MyMetro (aka com.myrippleapps.mymetro) application 2.4.7 for ...)
+CVE-2014-4894
 	NOT-FOR-US: MyMetro (aka com.myrippleapps.mymetro) application for Android
 CVE-2014-4893
 	RESERVED
-CVE-2014-4892 (The uControl Smart Home Automation (aka de.ucontrol) application 1.2 ...)
+CVE-2014-4892
 	NOT-FOR-US: uControl Smart Home Automation (aka de.ucontrol) application for Android
-CVE-2014-4891 (The CT iHub (aka com.concursive.ctihub) application 1 for Android does ...)
+CVE-2014-4891
 	NOT-FOR-US: CT iHub (aka com.concursive.ctihub) application for Android
-CVE-2014-4890 (The Nano Digest (aka com.magzter.nanodigest) application 3.0 for ...)
+CVE-2014-4890
 	NOT-FOR-US: Nano Digest (aka com.magzter.nanodigest) application for Android
-CVE-2014-4889 (The Diabetic Diet Guide (aka com.wDiabeticDietGuide) application 2.1 ...)
+CVE-2014-4889
 	NOT-FOR-US: Diabetic Diet Guide (aka com.wDiabeticDietGuide) application for Android
-CVE-2014-4888 (The BattleFriends at Sea GOLD (aka com.tequilamobile.warshipslivegold) ...)
+CVE-2014-4888
 	NOT-FOR-US: BattleFriends at Sea GOLD (aka com.tequilamobile.warshipslivegold) application for Android
-CVE-2014-4887 (The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application ...)
+CVE-2014-4887
 	NOT-FOR-US: Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application for Android
 CVE-2014-4886
 	RESERVED
-CVE-2014-4885 (The CPWORLD Close Protection World (aka ...)
+CVE-2014-4885
 	NOT-FOR-US: CPWORLD Close Protection World (aka com.tapatalk.closeprotectionworldcom) application for Android
-CVE-2014-4884 (The Conrad Hotel (aka com.wConradHotel) application 0.1 for Android ...)
+CVE-2014-4884
 	NOT-FOR-US: Conrad Hotel (aka com.wConradHotel) application for Android
-CVE-2014-4883 (resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in ...)
+CVE-2014-4883
 	- xen <not-affected> (LWIP DNS code not present in Xen Debian packages)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1169008
-CVE-2014-4882 (Aptexx Resident Anywhere does not require authentication, which allows ...)
+CVE-2014-4882
 	NOT-FOR-US: Aptexx Resident Anywhere
-CVE-2014-4881 (The PartyTrack library for Android does not verify X.509 certificates ...)
+CVE-2014-4881
 	NOT-FOR-US: PartyTrack library for Android
-CVE-2014-4880 (Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, ...)
+CVE-2014-4880
 	NOT-FOR-US: Hikvision DVR
 CVE-2014-4879
 	RESERVED
 CVE-2014-4878
 	RESERVED
-CVE-2014-4877 (Absolute path traversal vulnerability in GNU Wget before 1.16, when ...)
+CVE-2014-4877
 	{DSA-3062-1 DLA-82-1}
 	- wget 1.16-1 (bug #766981)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7
-CVE-2014-4876 (Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical ...)
+CVE-2014-4876
 	NOT-FOR-US: Toshiba
-CVE-2014-4875 (CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and ...)
+CVE-2014-4875
 	NOT-FOR-US: CreateBossCredentials.jar in Toshiba CHEC
-CVE-2014-4874 (BMC Track-It! 11.3.0.355 allows remote authenticated users to read ...)
+CVE-2014-4874
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-4873 (SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC ...)
+CVE-2014-4873
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-4872 (BMC Track-It! 11.3.0.355 does not require authentication on TCP port ...)
+CVE-2014-4872
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-4871 (Cross-site scripting (XSS) vulnerability in wlsecurity.html on ...)
+CVE-2014-4871
 	NOT-FOR-US: NetCommWireless NB604N routers
-CVE-2014-4870 (/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade ...)
+CVE-2014-4870
 	NOT-FOR-US: Brocade Vyatta
-CVE-2014-4869 (The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows ...)
+CVE-2014-4869
 	NOT-FOR-US: Brocade Vyatta
-CVE-2014-4868 (The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), ...)
+CVE-2014-4868
 	NOT-FOR-US: Brocade Vyatta
-CVE-2014-4867 (Cryoserver Security Appliance 7.3.x uses weak permissions for ...)
+CVE-2014-4867
 	NOT-FOR-US: Cryoserver
 CVE-2014-4866
 	RESERVED
-CVE-2014-4865 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2014-4865
 	NOT-FOR-US: CacheGuard-OS
-CVE-2014-4864 (The NETGEAR ProSafe Plus Configuration Utility creates configuration ...)
+CVE-2014-4864
 	NOT-FOR-US: NETGEAR ProSafe Plus Configuration Utility
-CVE-2014-4863 (The Arris Touchstone DG950A cable modem with software 7.10.131 has an ...)
+CVE-2014-4863
 	NOT-FOR-US: Arris Touchstone DG950A cable modem
-CVE-2014-4862 (The Netmaster CBW700N cable modem with software 81.447.392110.729.024 ...)
+CVE-2014-4862
 	NOT-FOR-US: Netmaster CBW700N cable modem
-CVE-2014-4861 (The Remote Desktop Launcher in Thycotic Secret Server before ...)
+CVE-2014-4861
 	NOT-FOR-US: Remote Desktop Launcher in Thycotic Secret Server
 CVE-2014-4860
 	RESERVED
@@ -13365,121 +13365,121 @@ CVE-2014-4859
 	RESERVED
 	- edk2 <not-affected> (No support for updates of hypervisor-supplied firmware from guests)
 	NOTE: https://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation-presentation.pdf
-CVE-2014-4858 (Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre ...)
+CVE-2014-4858
 	NOT-FOR-US: Sabre AirCenter Crew
-CVE-2014-4857 (Cross-site scripting (XSS) vulnerability in Gurock TestRail before ...)
+CVE-2014-4857
 	NOT-FOR-US: Gurock TestRail
-CVE-2014-4856 (Cross-site scripting (XSS) vulnerability in the Polldaddy Polls &amp; ...)
+CVE-2014-4856
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4855 (Cross-site scripting (XSS) vulnerability in the Polylang plugin before ...)
+CVE-2014-4855
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4854 (Cross-site scripting (XSS) vulnerability in the WP Construction Mode ...)
+CVE-2014-4854
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4853 (Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan ...)
+CVE-2014-4853
 	NOT-FOR-US: OpenDocMan
-CVE-2014-4852 (SQL injection vulnerability in admin/uploads.php in The Digital Craft ...)
+CVE-2014-4852
 	NOT-FOR-US: AtomCMS
-CVE-2014-4851 (Open redirect vulnerability in msg.php in FoeCMS allows remote ...)
+CVE-2014-4851
 	NOT-FOR-US: FoeCMS
-CVE-2014-4850 (SQL injection vulnerability in index.php in FoeCMS allows remote ...)
+CVE-2014-4850
 	NOT-FOR-US: FoeCMS
-CVE-2014-4849 (Multiple cross-site scripting (XSS) vulnerabilities in msg.php in ...)
+CVE-2014-4849
 	NOT-FOR-US: FoeCMS
-CVE-2014-4848 (Cross-site scripting (XSS) vulnerability in the Blogstand Banner ...)
+CVE-2014-4848
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4847 (Cross-site scripting (XSS) vulnerability in the Random Banner plugin ...)
+CVE-2014-4847
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4846 (Cross-site scripting (XSS) vulnerability in the Meta Slider ...)
+CVE-2014-4846
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4845 (Cross-site scripting (XSS) vulnerability in the BannerMan plugin 0.2.4 ...)
+CVE-2014-4845
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4844 (The import/export functionality in IBM Business Process Manager (BPM) ...)
+CVE-2014-4844
 	NOT-FOR-US: IBM
-CVE-2014-4843 (Curam Universal Access in IBM Curam Social Program Management (SPM) ...)
+CVE-2014-4843
 	NOT-FOR-US: IBM
 CVE-2014-4842
 	RESERVED
 CVE-2014-4841
 	RESERVED
-CVE-2014-4840 (IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 ...)
+CVE-2014-4840
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4839 (Cross-site request forgery (CSRF) vulnerability in birtviewer.query in ...)
+CVE-2014-4839
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4838 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4838
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4837 (Cross-site scripting (XSS) vulnerability in NewDocument.jsp in IBM ...)
+CVE-2014-4837
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4836 (Cross-site scripting (XSS) vulnerability in breakOutWithName.jsp in ...)
+CVE-2014-4836
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4835 (IBM ServerGuide before 9.63, UpdateXpress System Packs Installer ...)
+CVE-2014-4835
 	NOT-FOR-US: IBM
-CVE-2014-4834 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 ...)
+CVE-2014-4834
 	NOT-FOR-US: IBM
-CVE-2014-4833 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote ...)
+CVE-2014-4833
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4832 (IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch ...)
+CVE-2014-4832
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4831 (IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch ...)
+CVE-2014-4831
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4830 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not ...)
+CVE-2014-4830
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4829 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
+CVE-2014-4829
 	NOT-FOR-US: IBM Security QRadar
-CVE-2014-4828 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote ...)
+CVE-2014-4828
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4827 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+CVE-2014-4827
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4826 (IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 does not properly ...)
+CVE-2014-4826
 	NOT-FOR-US: IBM Security QRadar
-CVE-2014-4825 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not ...)
+CVE-2014-4825
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4824 (SQL injection vulnerability in IBM Security QRadar SIEM 7.2 before ...)
+CVE-2014-4824
 	NOT-FOR-US: IBM Security QRadar
-CVE-2014-4823 (The administration console in IBM Security Access Manager for Web 7.x ...)
+CVE-2014-4823
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-4822 (IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and ...)
+CVE-2014-4822
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2014-4821 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-4821
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4820 (Cross-site scripting (XSS) vulnerability in IBM Integration Bus ...)
+CVE-2014-4820
 	NOT-FOR-US: IBM
-CVE-2014-4819 (The web user interface in IBM WebSphere Message Broker 8.0 before ...)
+CVE-2014-4819
 	NOT-FOR-US: IBM
-CVE-2014-4818 (dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4.x, 5.5.x, ...)
+CVE-2014-4818
 	NOT-FOR-US: IBM
-CVE-2014-4817 (The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before ...)
+CVE-2014-4817
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2014-4816 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
+CVE-2014-4816
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4815 (Session fixation vulnerability in IBM Rational Lifecycle Integration ...)
+CVE-2014-4815
 	NOT-FOR-US: IBM
-CVE-2014-4814 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-4814
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4813 (Race condition in the client in IBM Tivoli Storage Manager (TSM) ...)
+CVE-2014-4813
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2014-4812 (The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 ...)
+CVE-2014-4812
 	NOT-FOR-US: IBM Security AppScan Source
-CVE-2014-4811 (IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume ...)
+CVE-2014-4811
 	NOT-FOR-US: IBM
-CVE-2014-4810 (IBM Cognos Mobile 10.1.1 before FP3 IF1, 10.2.0 before FP2 IF1, and ...)
+CVE-2014-4810
 	NOT-FOR-US: IBM
-CVE-2014-4809 (The WebSEAL component in IBM Security Access Manager for Web 7.x ...)
+CVE-2014-4809
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-4808 (Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through ...)
+CVE-2014-4808
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4807 (Sterling Order Management in IBM Sterling Selling and Fulfillment ...)
+CVE-2014-4807
 	NOT-FOR-US: IBM Sterling Selling
-CVE-2014-4806 (The installation process in IBM Security AppScan Enterprise 8.x before ...)
+CVE-2014-4806
 	NOT-FOR-US: IBM
-CVE-2014-4805 (IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files ...)
+CVE-2014-4805
 	NOT-FOR-US: IBM DB2
-CVE-2014-4804 (Curam Universal Access in IBM Curam Social Program Management 5.2 ...)
+CVE-2014-4804
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-4803 (CRLF injection vulnerability in the Universal Access implementation in ...)
+CVE-2014-4803
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-4802 (The Saved Search Admin component in the Process Admin Console in IBM ...)
+CVE-2014-4802
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2014-4801 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
+CVE-2014-4801
 	NOT-FOR-US: IBM
 CVE-2014-4800
 	RESERVED
@@ -13495,81 +13495,81 @@ CVE-2014-4795
 	RESERVED
 CVE-2014-4794
 	RESERVED
-CVE-2014-4793 (IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH ...)
+CVE-2014-4793
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-4792 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-4792
 	NOT-FOR-US: IBM
 CVE-2014-4791
 	RESERVED
-CVE-2014-4790 (IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before ...)
+CVE-2014-4790
 	NOT-FOR-US: IBM Emptoris Sourcing Portfolio
-CVE-2014-4789 (Session fixation vulnerability in IBM Initiate Master Data Service 9.5 ...)
+CVE-2014-4789
 	NOT-FOR-US: IBM
-CVE-2014-4788 (IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before ...)
+CVE-2014-4788
 	NOT-FOR-US: IBM
-CVE-2014-4787 (Cross-site scripting (XSS) vulnerability in IBM Initiate Master Data ...)
+CVE-2014-4787
 	NOT-FOR-US: IBM
-CVE-2014-4786 (IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before ...)
+CVE-2014-4786
 	NOT-FOR-US: IBM
-CVE-2014-4785 (Cross-site request forgery (CSRF) vulnerability in IBM Initiate Master ...)
+CVE-2014-4785
 	NOT-FOR-US: IBM
-CVE-2014-4784 (IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before ...)
+CVE-2014-4784
 	NOT-FOR-US: IBM
-CVE-2014-4783 (Cross-site request forgery (CSRF) vulnerability in IBM Initiate Master ...)
+CVE-2014-4783
 	NOT-FOR-US: IBM
-CVE-2014-4782 (IBM InfoSphere BigInsights 2.1.2 allows remote authenticated users to ...)
+CVE-2014-4782
 	NOT-FOR-US: IBM
-CVE-2014-4781 (The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before ...)
+CVE-2014-4781
 	NOT-FOR-US: IBM InfoSphere BigInsights
 CVE-2014-4780
 	RESERVED
 CVE-2014-4779
 	RESERVED
-CVE-2014-4778 (IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for ...)
+CVE-2014-4778
 	NOT-FOR-US: IBM
 CVE-2014-4777
 	RESERVED
-CVE-2014-4776 (IBM License Metric Tool 9 before 9.1.0.2 does not have an off ...)
+CVE-2014-4776
 	NOT-FOR-US: IBM
-CVE-2014-4775 (IBM InfoSphere Master Data Management - Collaborative Edition 10.x ...)
+CVE-2014-4775
 	NOT-FOR-US: IBM
-CVE-2014-4774 (Cross-site request forgery (CSRF) vulnerability in the login page in ...)
+CVE-2014-4774
 	NOT-FOR-US: IBM
 CVE-2014-4773
 	RESERVED
 CVE-2014-4772
 	RESERVED
-CVE-2014-4771 (IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before ...)
+CVE-2014-4771
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2014-4770 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
+CVE-2014-4770
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4769 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 ...)
+CVE-2014-4769
 	NOT-FOR-US: IBM
-CVE-2014-4768 (IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 ...)
+CVE-2014-4768
 	NOT-FOR-US: IBM
-CVE-2014-4767 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before ...)
+CVE-2014-4767
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4766 (IBM Sametime Classic Meeting Server 8.0.x and 8.5.x allows remote ...)
+CVE-2014-4766
 	NOT-FOR-US: IBM Sametime Classic Meeting Server
-CVE-2014-4765 (IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through ...)
+CVE-2014-4765
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-4764 (IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x ...)
+CVE-2014-4764
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4763 (Cross-site scripting (XSS) vulnerability in Content Navigator in ...)
+CVE-2014-4763
 	NOT-FOR-US: IBM
-CVE-2014-4762 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
+CVE-2014-4762
 	NOT-FOR-US: IBM
-CVE-2014-4761 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-4761
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4760 (Open redirect vulnerability in IBM WebSphere Portal 6.1.0.0 through ...)
+CVE-2014-4760
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-4759 (An unspecified Ajax service in the Content Management toolkit in IBM ...)
+CVE-2014-4759
 	NOT-FOR-US: IBM
-CVE-2014-4758 (IBM Business Process Manager (BPM) 7.5.x through 8.5.5 and WebSphere ...)
+CVE-2014-4758
 	NOT-FOR-US: IBM
-CVE-2014-4757 (The Outlook Extension in IBM Content Collector 4.0.0.x before ...)
+CVE-2014-4757
 	NOT-FOR-US: IBM Content Collector
-CVE-2014-4756 (The Administration and Reporting Tool in IBM Rational License Key ...)
+CVE-2014-4756
 	NOT-FOR-US: IBM
 CVE-2014-4755
 	RESERVED
@@ -13577,47 +13577,47 @@ CVE-2014-4754
 	RESERVED
 CVE-2014-4753
 	RESERVED
-CVE-2014-4752 (IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, ...)
+CVE-2014-4752
 	NOT-FOR-US: IBM
-CVE-2014-4751 (Cross-site scripting (XSS) vulnerability in IBM Security Access ...)
+CVE-2014-4751
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-4750 (IBM PowerVC Express Edition 1.2.0 before FixPack3 establishes an FTP ...)
+CVE-2014-4750
 	NOT-FOR-US: IBM
-CVE-2014-4749 (IBM PowerVC 1.2.0 before FixPack3 does not properly use the ...)
+CVE-2014-4749
 	NOT-FOR-US: IBM
-CVE-2014-4748 (Cross-site scripting (XSS) vulnerability in the Classic Meeting Server ...)
+CVE-2014-4748
 	NOT-FOR-US: IBM Sametime
-CVE-2014-4747 (The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows ...)
+CVE-2014-4747
 	NOT-FOR-US: IBM Sametime
-CVE-2014-4746 (IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 ...)
+CVE-2014-4746
 	NOT-FOR-US: IBM WebSphere
 CVE-2014-4745
 	RESERVED
-CVE-2014-4744 (Multiple cross-site scripting (XSS) vulnerabilities in osTicket before ...)
+CVE-2014-4744
 	NOT-FOR-US: osTicket
-CVE-2014-4743 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2014-4743
 	NOT-FOR-US: Kajona module
-CVE-2014-4742 (Cross-site scripting (XSS) vulnerability in system/class_link.php in ...)
+CVE-2014-4742
 	NOT-FOR-US: Kajona module
-CVE-2014-4741 (SQL injection vulnerability in demo/ads.php in Artifectx xClassified ...)
+CVE-2014-4741
 	NOT-FOR-US: Artifectx xClassified
 CVE-2014-4740
 	REJECTED
 CVE-2014-4739
 	RESERVED
-CVE-2014-4738 (Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard ...)
+CVE-2014-4738
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-4737 (Cross-site scripting (XSS) vulnerability in Textpattern CMS before ...)
+CVE-2014-4737
 	- textpattern <removed>
 	[squeeze] - textpattern <no-dsa> (Vulnerability is in setup.php, which becomes inaccessible after installation)
 	NOTE: https://github.com/textpattern/textpattern/commit/1206c7d84949a58cd0a2bc4a91ee53a0c8d4daf6
 	NOTE: is likely the commit fixing the issue. But it does more than the
 	NOTE: strict minimum.
-CVE-2014-4736 (SQL injection vulnerability in E2 before 2.4 (2845) allows remote ...)
+CVE-2014-4736
 	NOT-FOR-US: E2
-CVE-2014-4735 (Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier ...)
+CVE-2014-4735
 	NOT-FOR-US: MyWebSQL
-CVE-2014-4734 (Cross-site scripting (XSS) vulnerability in e107_admin/db.php in e107 ...)
+CVE-2014-4734
 	NOT-FOR-US: e107
 CVE-2014-4733
 	RESERVED
@@ -13629,38 +13629,38 @@ CVE-2014-4730
 	RESERVED
 CVE-2014-4729
 	RESERVED
-CVE-2014-4728 (The web server in the TP-LINK N750 Wireless Dual Band Gigabit Router ...)
+CVE-2014-4728
 	NOT-FOR-US: TP-Link
-CVE-2014-4727 (Cross-site scripting (XSS) vulnerability in the DHCP clients page in ...)
+CVE-2014-4727
 	NOT-FOR-US: TP-Link
-CVE-2014-4726 (Unspecified vulnerability in the MailPoet Newsletters ...)
+CVE-2014-4726
 	NOT-FOR-US: wysija-newsletters
-CVE-2014-4725 (The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for ...)
+CVE-2014-4725
 	NOT-FOR-US: wysija-newsletters
-CVE-2014-4978 (The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio ...)
+CVE-2014-4978
 	- rawstudio <removed> (low; bug #754899)
 	[wheezy] - rawstudio <no-dsa> (Minor issue)
 	[squeeze] - rawstudio <not-affected> (Vulnerable code not present)
-CVE-2014-5119 (Off-by-one error in the __gconv_translit_find function in ...)
+CVE-2014-5119
 	{DSA-3012-1 DLA-43-1}
 	- glibc 2.19-10 (medium)
 	- eglibc <removed> (medium)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/14/2
 	NOTE: http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
-CVE-2014-4909 (Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in ...)
+CVE-2014-4909
 	{DSA-2988-1}
 	- transmission 2.84-0.1 (bug #755985)
 	[squeeze] - transmission <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.transmissionbt.com/wiki/Changes#version-2.84
 	NOTE: PoC: http://web.archive.org/web/20140815000641/http://inertiawar.com:80/submission.go
-CVE-2014-4723 (Cross-site scripting (XSS) vulnerability in the Easy Banners plugin ...)
+CVE-2014-4723
 	NOT-FOR-US: WordPress plugin Easy Banners
-CVE-2014-4724 (Cross-site scripting (XSS) vulnerability in the Custom Banners plugin ...)
+CVE-2014-4724
 	NOT-FOR-US: WordPress plugin Custom Banners
-CVE-2014-4722 (Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports ...)
+CVE-2014-4722
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2014-4914 (The Zend_Db_Select::order function in Zend Framework before 1.12.7 ...)
+CVE-2014-4914
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.7-0.1 (bug #754201)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-04
@@ -13669,28 +13669,28 @@ CVE-2014-4913 [ZF2014-03: Potential XSS vector in multiple view helpers]
 	RESERVED
 	- zendframework <not-affected> (Vulnerable code not present, only affects ZF2)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-03
-CVE-2014-4911 (The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before ...)
+CVE-2014-4911
 	{DSA-2981-1 DLA-36-1}
 	- polarssl 1.3.7-2.1 (bug #754655)
 	[squeeze] - polarssl 1.2.9-1~deb6u2
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02
 	NOTE: commit for 1.3.x branch: https://github.com/polarssl/polarssl/commit/0bcc4e1df78fff6d15c3ecb521e3bd0bbee86e1c
 	NOTE: commit for 1.2.x branch: https://github.com/polarssl/polarssl/commit/5bad6afd8c72b2c3a6574dff01ca5f8f2f04800a
-CVE-2014-4910 (Directory traversal vulnerability in tools/backlight_helper.c in X.Org ...)
+CVE-2014-4910
 	- xserver-xorg-video-intel <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.x.org/archives/xorg-commit/2014-July/036840.html
 	NOTE: only experimental, and xf86-video-intel-backlight-helper not installed setuid in Debian
-CVE-2014-4720 (Email::Address module before 1.904 for Perl uses an inefficient ...)
+CVE-2014-4720
 	{DSA-2969-1}
 	- libemail-address-perl 1.905-1
 	[squeeze] - libemail-address-perl 1.889-2+deb6u1
-CVE-2014-4719 (Cross-site scripting (XSS) vulnerability in the login panel ...)
+CVE-2014-4719
 	NOT-FOR-US: User-Friendly SVN
-CVE-2014-4718 (Multiple cross-site request forgery (CSRF) vulnerabilities in Lunar ...)
+CVE-2014-4718
 	NOT-FOR-US: Lunar CMS
-CVE-2014-4717 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-4717
 	NOT-FOR-US: WordPress plugin simple-share-buttons-adder
-CVE-2014-4716 (Cross-site request forgery (CSRF) vulnerability in Thomson TWG87OUIR ...)
+CVE-2014-4716
 	NOT-FOR-US: Thomson TWG87OUIR
 CVE-2014-4714
 	REJECTED
@@ -13700,17 +13700,17 @@ CVE-2014-4712
 	RESERVED
 CVE-2014-4711
 	RESERVED
-CVE-2014-4710 (Cross-site scripting (XSS) vulnerability in zero_user_account.php in ...)
+CVE-2014-4710
 	NOT-FOR-US: ZeroCMS
 CVE-2014-4709
 	RESERVED
 CVE-2014-4708
 	RESERVED
-CVE-2014-4707 (Huawei Campus S7700 with software V200R001C00SPC300, ...)
+CVE-2014-4707
 	NOT-FOR-US: Huawei
-CVE-2014-4706 (Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 ...)
+CVE-2014-4706
 	NOT-FOR-US: Huawei
-CVE-2014-4705 (Multiple heap-based buffer overflows in the eSap software platform in ...)
+CVE-2014-4705
 	NOT-FOR-US: eSap
 CVE-2014-4704
 	RESERVED
@@ -13718,66 +13718,66 @@ CVE-2014-XXXX [Quassel: /var/lib/quassel/quasselCert.pem world-readable]
 	- quassel 0.10.0-2 (low)
 	[wheezy] - quassel 0.8.0-1+deb7u2
 	[squeeze] - quassel <no-dsa> (Minor issue)
-CVE-2014-4908 (Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios ...)
+CVE-2014-4908
 	- pnp4nagios 0.6.24+dfsg1-1 (low)
 	[wheezy] - pnp4nagios <no-dsa> (Minor issue)
 	NOTE: https://github.com/lingej/pnp4nagios/commit/cb925073edeeb97eb4ce61a86cdafccc9b87f9bb
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=516078
 	NOTE: https://github.com/lingej/pnp4nagios/commit/e4a19768a5c5e5b1276caf3dd5bb721a540ec014
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=516140
-CVE-2014-4907 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4907
 	- pnp4nagios 0.6.24+dfsg1-1 (low)
 	[wheezy] - pnp4nagios <no-dsa> (Minor issue)
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=51607
 	NOTE: http://sourceforge.net/p/pnp4nagios/code/ci/f846a6c9d007ca2bee05359af747619151195fc9/
-CVE-2014-4715 (Yann Collet LZ4 before r119, when used on certain 32-bit platforms ...)
+CVE-2014-4715
 	- lz4 0.0~r119-1
 	NOTE: https://code.google.com/p/lz4/issues/detail?id=134
 	NOTE: https://code.google.com/p/lz4/source/detail?r=119
-CVE-2014-4700 (Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups ...)
+CVE-2014-4700
 	NOT-FOR-US: Citrix XenDesktop
-CVE-2014-4699 (The Linux kernel before 3.15.4 on Intel processors does not properly ...)
+CVE-2014-4699
 	{DSA-2972-1 DLA-0015-1}
 	- linux 3.14.10-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a
-CVE-2014-4698 (Use-after-free vulnerability in ext/spl/spl_array.c in the SPL ...)
+CVE-2014-4698
 	- php5 5.6.0~rc3+dfsg-1 (unimportant)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=22882a9d89712ff2b6ebc20a689a89452bba4dcd
 	NOTE: https://bugs.php.net/bug.php?id=67539
 	NOTE: exploitable by malicious scripts only
 CVE-2014-4697
 	RESERVED
-CVE-2014-4696 (Multiple open redirect vulnerabilities in the Suricata package before ...)
+CVE-2014-4696
 	NOT-FOR-US: pfSense
-CVE-2014-4695 (Multiple open redirect vulnerabilities in the Snort package before ...)
+CVE-2014-4695
 	NOT-FOR-US: pfSense
-CVE-2014-4694 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4694
 	NOT-FOR-US: pfSense
-CVE-2014-4693 (Multiple cross-site scripting (XSS) vulnerabilities in the Snort ...)
+CVE-2014-4693
 	NOT-FOR-US: pfSense
-CVE-2014-4692 (pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly ...)
+CVE-2014-4692
 	NOT-FOR-US: pfSense
-CVE-2014-4691 (Session fixation vulnerability in pfSense before 2.1.4 allows remote ...)
+CVE-2014-4691
 	NOT-FOR-US: pfSense
-CVE-2014-4690 (Multiple directory traversal vulnerabilities in pfSense before 2.1.4 ...)
+CVE-2014-4690
 	NOT-FOR-US: pfSense
-CVE-2014-4689 (Absolute path traversal vulnerability in pkg_edit.php in pfSense ...)
+CVE-2014-4689
 	NOT-FOR-US: pfSense
-CVE-2014-4688 (pfSense before 2.1.4 allows remote authenticated users to execute ...)
+CVE-2014-4688
 	NOT-FOR-US: pfSense
-CVE-2014-4687 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense before ...)
+CVE-2014-4687
 	NOT-FOR-US: pfSense
-CVE-2014-4686 (The Project administration application in Siemens SIMATIC WinCC before ...)
+CVE-2014-4686
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4685 (Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, ...)
+CVE-2014-4685
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4684 (The database server in Siemens SIMATIC WinCC before 7.3, as used in ...)
+CVE-2014-4684
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4683 (The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used ...)
+CVE-2014-4683
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4682 (The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used ...)
+CVE-2014-4682
 	NOT-FOR-US: Siemens SIMATIC WinCC
 CVE-2014-4681
 	RESERVED
@@ -13785,7 +13785,7 @@ CVE-2014-4680
 	RESERVED
 CVE-2014-4679
 	RESERVED
-CVE-2014-4677 (The installPackage function in the installerHelper subcomponent in ...)
+CVE-2014-4677
 	NOT-FOR-US: Libmacgpg
 CVE-2014-4676
 	RESERVED
@@ -13795,80 +13795,80 @@ CVE-2014-4674
 	RESERVED
 CVE-2014-4673
 	RESERVED
-CVE-2014-4672 (The CDetailView widget in Yii PHP Framework 1.1.14 allows remote ...)
+CVE-2014-4672
 	- yii-framework-php <itp> (bug #683810)
-CVE-2014-4671 (Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on ...)
+CVE-2014-4671
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-4670 (Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL ...)
+CVE-2014-4670
 	{DSA-3008-1}
 	- php5 5.6.0~rc3+dfsg-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=df78c48354f376cf419d7a97f88ca07d572f00fb
 	NOTE: https://bugs.php.net/bug.php?id=67538
-CVE-2014-4669 (HP Enterprise Maps 1.00 allows remote authenticated users to read ...)
+CVE-2014-4669
 	NOT-FOR-US: HP Enterprise Maps
 CVE-2014-4666
 	RESERVED
 CVE-2014-4665
 	RESERVED
-CVE-2014-4664 (Cross-site scripting (XSS) vulnerability in the Wordfence Security ...)
+CVE-2014-4664
 	NOT-FOR-US: Wordfence Security plugin for WordPress
-CVE-2014-4663 (TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is ...)
+CVE-2014-4663
 	NOT-FOR-US: WordPress timthumb
 CVE-2014-4662
 	RESERVED
-CVE-2014-4661 (Cross-site scripting (XSS) vulnerability in HP Records Manager before ...)
+CVE-2014-4661
 	NOT-FOR-US: HP Records Manager
 CVE-2014-4651
 	RESERVED
 	NOT-FOR-US: JClouds
-CVE-2014-4647 (Stack-based buffer overflow in the loadExtensionFactory method in the ...)
+CVE-2014-4647
 	NOT-FOR-US: Embarcadero ER/Studio Data Architect
-CVE-2014-4646 (Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK ...)
+CVE-2014-4646
 	NOT-FOR-US: Foxit PDF SDK
-CVE-2014-4645 (Cross-site scripting (XSS) vulnerability in dhcpinfo.html in D-link ...)
+CVE-2014-4645
 	NOT-FOR-US: D-Link hardware
-CVE-2014-4644 (SQL injection vulnerability in superlinks.php in the superlinks plugin ...)
+CVE-2014-4644
 	NOT-FOR-US: Cacti plugin superlinks
-CVE-2014-4643 (Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 ...)
+CVE-2014-4643
 	NOT-FOR-US: Core FTP client
-CVE-2014-4721 (The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 ...)
+CVE-2014-4721
 	{DSA-2974-1 DLA-0018-1}
 	- php5 5.6.0~rc1+dfsg-2 (low)
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67498
 	NOTE: https://www.sektioneins.de/en/blog/14-07-04-phpinfo-infoleak.html
-CVE-2014-4668 (The cherokee_validator_ldap_check function in validator_ldap.c in ...)
+CVE-2014-4668
 	- cherokee <removed> (low)
 	[squeeze] - cherokee <no-dsa> (Minor issue)
-CVE-2014-4667 (The sctp_association_free function in net/sctp/associola.c in the ...)
+CVE-2014-4667
 	{DSA-2992-1 DLA-0015-1}
 	- linux 3.14.9-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3217b15a19a4779c39b212358a5c71d725822ee (v3.16-rc1)
-CVE-2014-4656 (Multiple integer overflows in sound/core/control.c in the ALSA control ...)
+CVE-2014-4656
 	{DLA-0015-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
-CVE-2014-4655 (The snd_ctl_elem_add function in sound/core/control.c in the ALSA ...)
+CVE-2014-4655
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
-CVE-2014-4654 (The snd_ctl_elem_add function in sound/core/control.c in the ALSA ...)
+CVE-2014-4654
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
-CVE-2014-4653 (sound/core/control.c in the ALSA control implementation in the Linux ...)
+CVE-2014-4653
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
-CVE-2014-4652 (Race condition in the tlv handler functionality in the ...)
+CVE-2014-4652
 	{DLA-0015-1}
 	- linux 3.14.9-1 (low)
 	[wheezy] - linux 3.2.60-1
@@ -13909,11 +13909,11 @@ CVE-2014-4650
 	- python3.3 <removed> (low)
 	- python3.4 3.4.1-8 (low)
 	NOTE: http://bugs.python.org/issue21766
-CVE-2014-4649 (SQL injection vulnerability in the photo-edit subsystem in Piwigo ...)
+CVE-2014-4649
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-4648 (Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact ...)
+CVE-2014-4648
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
@@ -13923,53 +13923,53 @@ CVE-2014-4641
 	REJECTED
 CVE-2014-4640
 	REJECTED
-CVE-2014-4639 (EMC Documentum Web Development Kit (WDK) before 6.8 does not properly ...)
+CVE-2014-4639
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4638 (EMC Documentum Web Development Kit (WDK) before 6.8 allows remote ...)
+CVE-2014-4638
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4637 (Open redirect vulnerability in EMC Documentum Web Development Kit ...)
+CVE-2014-4637
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4636 (Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web ...)
+CVE-2014-4636
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4635 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum ...)
+CVE-2014-4635
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4634 (Unquoted Windows search path vulnerability in EMC Replication Manager ...)
+CVE-2014-4634
 	NOT-FOR-US: EMC Replication Manager and EMC AppSync
-CVE-2014-4633 (Cross-site scripting (XSS) vulnerability in EMC RSA Archer GRC ...)
+CVE-2014-4633
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-4632 (VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 ...)
+CVE-2014-4632
 	NOT-FOR-US: EMC Avamar
-CVE-2014-4631 (RSA Adaptive Authentication (On-Premise) 6.0.2.1 through 7.1 P3, when ...)
+CVE-2014-4631
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2014-4630 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA ...)
+CVE-2014-4630
 	NOT-FOR-US: RSA BSAFE
-CVE-2014-4629 (EMC Documentum Content Server 7.0, 7.1 before 7.1 P10, and 6.7 before ...)
+CVE-2014-4629
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4628 (Cross-site scripting (XSS) vulnerability in EMC Isilon InsightIQ 2.x ...)
+CVE-2014-4628
 	NOT-FOR-US: EMC Isilon InsightIQ
-CVE-2014-4627 (SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before ...)
+CVE-2014-4627
 	NOT-FOR-US: EMC RSA Web Threat Detection
-CVE-2014-4626 (EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, ...)
+CVE-2014-4626
 	NOT-FOR-US: EMC Documentum Content Server
 CVE-2014-4625
 	RESERVED
-CVE-2014-4624 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and ...)
+CVE-2014-4624
 	NOT-FOR-US: EMC Avamar
-CVE-2014-4623 (EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) ...)
+CVE-2014-4623
 	NOT-FOR-US: EMC Avamar
-CVE-2014-4622 (EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and ...)
+CVE-2014-4622
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4621 (EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and ...)
+CVE-2014-4621
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4620 (The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 ...)
+CVE-2014-4620
 	NOT-FOR-US: EMC NetWorker
-CVE-2014-4619 (EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 ...)
+CVE-2014-4619
 	NOT-FOR-US: EMC RSA Identity Management and Governance
-CVE-2014-4618 (EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 ...)
+CVE-2014-4618
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4612 (Cross-site scripting (XSS) vulnerability in the keywords manager ...)
+CVE-2014-4612
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2014-4611 (Integer overflow in the LZ4 algorithm implementation, as used in Yann ...)
+CVE-2014-4611
 	- linux 3.14.9-1 (unimportant)
 	[wheezy] - linux <not-affected> (LZ4 support introduced in 3.11)
 	- linux-2.6 <not-affected> (LZ4 support introduced in 3.11)
@@ -13988,7 +13988,7 @@ CVE-2014-4609
 	{DSA-2977-1}
 	- libav 6:10.2-1
 	NOTE: http://git.libav.org/?p=libav.git;a=commit;h=ccda51b14c0fcae2fad73a24872dce75a7964996
-CVE-2014-4608 (** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe ...)
+CVE-2014-4608
 	- linux 3.14.9-1 (unimportant)
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed> (unimportant)
@@ -14004,213 +14004,213 @@ CVE-2014-4607
 	[jessie] - busybox 1:1.22.0-9+deb8u1
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	[squeeze] - busybox <no-dsa> (Minor issue)
-CVE-2014-4606 (Cross-site scripting (XSS) vulnerability in redirect_to_zeenshare.php ...)
+CVE-2014-4606
 	NOT-FOR-US: WordPress plugin ZeenShare
-CVE-2014-4605 (Cross-site scripting (XSS) vulnerability in cal/test.php in the ...)
+CVE-2014-4605
 	NOT-FOR-US: WordPress plugin ZdStatistics
-CVE-2014-4604 (Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in ...)
+CVE-2014-4604
 	NOT-FOR-US: WordPress plugin Your Text Manager
-CVE-2014-4603 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4603
 	NOT-FOR-US: WordPress plugin Yahoo Updates
-CVE-2014-4602 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4602
 	NOT-FOR-US: WordPress plugin XEN Carousel
-CVE-2014-4601 (Cross-site scripting (XSS) vulnerability in wu-ratepost.php in the ...)
+CVE-2014-4601
 	NOT-FOR-US: WordPress plugin Wu-Rating
-CVE-2014-4600 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4600
 	NOT-FOR-US: WordPress plugin WP Ultimate Email Marketer
-CVE-2014-4599 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4599
 	NOT-FOR-US: WordPress plugin WP-Business Directory
-CVE-2014-4598 (Cross-site scripting (XSS) vulnerability in wp-tmkm-amazon-search.php ...)
+CVE-2014-4598
 	NOT-FOR-US: WordPress plugin wp-tmkm-amazon
-CVE-2014-4597 (Cross-site scripting (XSS) vulnerability in test.php in the WP Social ...)
+CVE-2014-4597
 	NOT-FOR-US: WordPress plugin WP Social Invitations
-CVE-2014-4596 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4596
 	NOT-FOR-US: WordPress plugin SnapApp
-CVE-2014-4595 (Multiple cross-site scripting (XSS) vulnerabilities in the WP RESTful ...)
+CVE-2014-4595
 	NOT-FOR-US: WordPress plugin WP RESTful
-CVE-2014-4594 (Cross-site scripting (XSS) vulnerability in index.php in the WordPress ...)
+CVE-2014-4594
 	NOT-FOR-US: WordPress plugin Responsive Preview
-CVE-2014-4593 (Cross-site scripting (XSS) vulnerability in wp-plugins-net/index.php ...)
+CVE-2014-4593
 	NOT-FOR-US: WordPress plugin WP Plugin Manager
 CVE-2014-4592
 	RESERVED
-CVE-2014-4591 (Cross-site scripting (XSS) vulnerability in picasa_upload.php in the ...)
+CVE-2014-4591
 	NOT-FOR-US: WordPress plugin WP-Picasa-Image
-CVE-2014-4590 (Cross-site scripting (XSS) vulnerability in get.php in the WP ...)
+CVE-2014-4590
 	NOT-FOR-US: WordPress plugin WP Microblogs
-CVE-2014-4589 (Cross-site scripting (XSS) vulnerability in uploader.php in the WP ...)
+CVE-2014-4589
 	NOT-FOR-US: WordPress plugin wp-media-player
-CVE-2014-4588 (Cross-site scripting (XSS) vulnerability in tpls/editmedia.php in the ...)
+CVE-2014-4588
 	NOT-FOR-US: WordPress plugin wphotfiles
-CVE-2014-4587 (Multiple cross-site scripting (XSS) vulnerabilities in the WP GuestMap ...)
+CVE-2014-4587
 	NOT-FOR-US: WordPress plugin WP GuestMap
-CVE-2014-4586 (Multiple cross-site scripting (XSS) vulnerabilities in the wp-football ...)
+CVE-2014-4586
 	NOT-FOR-US: WordPress plugin wp-football
-CVE-2014-4585 (Cross-site scripting (XSS) vulnerability in the WP-FaceThumb plugin ...)
+CVE-2014-4585
 	NOT-FOR-US: WordPress plugin WP-FaceThumb
-CVE-2014-4584 (Cross-site scripting (XSS) vulnerability in admin/editFacility.php in ...)
+CVE-2014-4584
 	NOT-FOR-US: WordPress plugin wp-easybooking
-CVE-2014-4583 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4583
 	NOT-FOR-US: WordPress plugin WP-Contact
-CVE-2014-4582 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4582
 	NOT-FOR-US: WordPress plugin WP Consultant
-CVE-2014-4581 (Cross-site scripting (XSS) vulnerability in facture.php in the WPCB ...)
+CVE-2014-4581
 	NOT-FOR-US: WordPress plugin WPCB
-CVE-2014-4580 (Cross-site scripting (XSS) vulnerability in blipbot.ajax.php in the WP ...)
+CVE-2014-4580
 	NOT-FOR-US: WordPress plugin WP BlipBot
-CVE-2014-4579 (Cross-site scripting (XSS) vulnerability in js/test.php in the ...)
+CVE-2014-4579
 	NOT-FOR-US: WordPress plugin Appointments Scheduler
-CVE-2014-4578 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4578
 	NOT-FOR-US: WordPress plugin WP App Maker
-CVE-2014-4577 (Absolute path traversal vulnerability in reviews.php in the WP AmASIN ...)
+CVE-2014-4577
 	NOT-FOR-US: WordPress plugin WP AmASIN - The Amazon Affiliate Shop
-CVE-2014-4576 (Cross-site scripting (XSS) vulnerability in services/diagnostics.php ...)
+CVE-2014-4576
 	NOT-FOR-US: WordPress plugin WordPress Social Login
-CVE-2014-4575 (Cross-site scripting (XSS) vulnerability in js/window.php in the ...)
+CVE-2014-4575
 	NOT-FOR-US: WordPress plugin Wikipop
-CVE-2014-4574 (Cross-site scripting (XSS) vulnerability in resize.php in the ...)
+CVE-2014-4574
 	NOT-FOR-US: WordPress plugin WebEngage
-CVE-2014-4573 (Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php ...)
+CVE-2014-4573
 	NOT-FOR-US: WordPress plugin Walk Score
-CVE-2014-4572 (Cross-site scripting (XSS) vulnerability in bvc.php in the Votecount ...)
+CVE-2014-4572
 	NOT-FOR-US: WordPress plugin Votecount for Balatarin
-CVE-2014-4571 (Multiple cross-site scripting (XSS) vulnerabilities in vncal.js.php in ...)
+CVE-2014-4571
 	NOT-FOR-US: WordPress plugin VN-Calendar
-CVE-2014-4570 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-4570
 	NOT-FOR-US: WordPress plugin VideoWhisper Video Presentation
-CVE-2014-4569 (Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the ...)
+CVE-2014-4569
 	NOT-FOR-US: WordPress plugin VideoWhisper Live Streaming Integration
-CVE-2014-4568 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4568
 	NOT-FOR-US: WordPress plugin
 CVE-2014-4567
 	RESERVED
-CVE-2014-4566 (Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php ...)
+CVE-2014-4566
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4565 (Multiple cross-site scripting (XSS) vulnerabilities in vcc.js.php in ...)
+CVE-2014-4565
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4564 (Cross-site scripting (XSS) vulnerability in check.php in the Validated ...)
+CVE-2014-4564
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4563 (Cross-site scripting (XSS) vulnerability in go.php in the URL Cloak &amp; ...)
+CVE-2014-4563
 	NOT-FOR-US: WordPress plugin
 CVE-2014-4562
 	RESERVED
 CVE-2014-4561
 	RESERVED
-CVE-2014-4560 (Cross-site scripting (XSS) vulnerability in includes/getTipo.php in ...)
+CVE-2014-4560
 	NOT-FOR-US: WordPress plugin ToolPage
 CVE-2014-4559
 	RESERVED
 CVE-2014-4558
 	RESERVED
-CVE-2014-4557 (Cross-site scripting (XSS) vulnerability in test-plugin.php in the ...)
+CVE-2014-4557
 	NOT-FOR-US: WordPress plugin Swipe Checkout for Jigoshop
-CVE-2014-4556 (Cross-site scripting (XSS) vulnerability in test-plugin.php in the ...)
+CVE-2014-4556
 	NOT-FOR-US: WordPress plugin Switch Checkout for eShop
-CVE-2014-4555 (Cross-site scripting (XSS) vulnerability in fonts/font-form.php in the ...)
+CVE-2014-4555
 	NOT-FOR-US: WordPress plugin Style It
-CVE-2014-4554 (Cross-site scripting (XSS) vulnerability in templates/download.php in ...)
+CVE-2014-4554
 	NOT-FOR-US: WordPress plugin SS Downloads
 CVE-2014-4553
 	RESERVED
-CVE-2014-4552 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4552
 	NOT-FOR-US: WordPress plugin Spotlight
-CVE-2014-4551 (Cross-site scripting (XSS) vulnerability in diagnostics/test.php in ...)
+CVE-2014-4551
 	NOT-FOR-US: WordPress plugin Social Connect
 CVE-2014-4550
 	RESERVED
-CVE-2014-4549 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4549
 	NOT-FOR-US: WordPress plugin WooCommerce SagePay Direct Payment Gateway
 CVE-2014-4548
 	RESERVED
-CVE-2014-4547 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4547
 	NOT-FOR-US: WordPress plugin Rezgo Online Booking
-CVE-2014-4546 (Cross-site scripting (XSS) vulnerability in book_ajax.php in the Rezgo ...)
+CVE-2014-4546
 	NOT-FOR-US: WordPress plugin Rezgo
-CVE-2014-4545 (Multiple cross-site scripting (XSS) vulnerabilities in pq_dialog.php ...)
+CVE-2014-4545
 	NOT-FOR-US: WordPress plugin Pro Quoter
 CVE-2014-4544
 	RESERVED
-CVE-2014-4543 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4543
 	NOT-FOR-US: WordPress plugin Pay Per Media Player
-CVE-2014-4542 (Cross-site scripting (XSS) vulnerability in redirect.php in the Ooorl ...)
+CVE-2014-4542
 	NOT-FOR-US: WordPress plugin Ooorl
-CVE-2014-4541 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4541
 	NOT-FOR-US: WordPress plugin OMFG Mobile Pro
-CVE-2014-4540 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4540
 	NOT-FOR-US: WordPress plugin Oleggo LiveStream
 CVE-2014-4539
 	RESERVED
-CVE-2014-4538 (Cross-site scripting (XSS) vulnerability in process.php in the Malware ...)
+CVE-2014-4538
 	NOT-FOR-US: WordPress plugin Malware Finder
-CVE-2014-4537 (Cross-site scripting (XSS) vulnerability in inpage.tpl.php in the ...)
+CVE-2014-4537
 	NOT-FOR-US: WordPress plugin Keyword Strategy Internal Links
 CVE-2014-4536
 	RESERVED
 CVE-2014-4535
 	RESERVED
-CVE-2014-4534 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4534
 	NOT-FOR-US: WordPress plugin HTML5 Video Player with Playlist
-CVE-2014-4533 (Cross-site scripting (XSS) vulnerability in ajax_functions.php in the ...)
+CVE-2014-4533
 	NOT-FOR-US: WordPress plugin GEO Redirector
-CVE-2014-4532 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4532
 	NOT-FOR-US: WordPress plugin GarageSale
-CVE-2014-4531 (Cross-site scripting (XSS) vulnerability in main_page.php in the Game ...)
+CVE-2014-4531
 	NOT-FOR-US: WordPress plugin Game tabs
 CVE-2014-4530
 	RESERVED
-CVE-2014-4529 (Cross-site scripting (XSS) vulnerability in fpg_preview.php in the ...)
+CVE-2014-4529
 	NOT-FOR-US: WordPress plugin Flash Photo Gallery
-CVE-2014-4528 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4528
 	NOT-FOR-US: WordPress plugin fbpromotions
-CVE-2014-4527 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4527
 	NOT-FOR-US: WordPress plugin envialosimple-email-marketing-y-newsletters-gratis
-CVE-2014-4526 (Multiple cross-site scripting (XSS) vulnerabilities in callback.php in ...)
+CVE-2014-4526
 	NOT-FOR-US: WordPress plugin efence
 CVE-2014-4525
 	RESERVED
-CVE-2014-4524 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4524
 	NOT-FOR-US: WordPress plugin WP Easy Post Types
 CVE-2014-4523
 	RESERVED
-CVE-2014-4522 (Cross-site scripting (XSS) vulnerability in client-assist.php in the ...)
+CVE-2014-4522
 	NOT-FOR-US: WordPress plugin dsSearchAgent: WordPress Edition
-CVE-2014-4521 (Cross-site scripting (XSS) vulnerability in client-assist.php in the ...)
+CVE-2014-4521
 	NOT-FOR-US: WordPress plugin dsIDXpress IDX
-CVE-2014-4520 (Cross-site scripting (XSS) vulnerability in phprack.php in the DMCA ...)
+CVE-2014-4520
 	NOT-FOR-US: WordPress plugin DMCA WaterMarker
 CVE-2014-4519
 	RESERVED
-CVE-2014-4518 (Cross-site scripting (XSS) vulnerability in xd_resize.php in the ...)
+CVE-2014-4518
 	NOT-FOR-US: WordPress plugin Contact Form by ContactMe.com
-CVE-2014-4517 (Cross-site scripting (XSS) vulnerability in getNetworkSites.php in the ...)
+CVE-2014-4517
 	NOT-FOR-US: WordPress plugin CBI Referral Manager
-CVE-2014-4516 (Cross-site scripting (XSS) vulnerability in bicm-carousel-preview.php ...)
+CVE-2014-4516
 	NOT-FOR-US: WordPress plugin BIC Media Widget
-CVE-2014-4515 (Cross-site scripting (XSS) vulnerability in mce_anyfont/dialog.php in ...)
+CVE-2014-4515
 	NOT-FOR-US: WordPress plugin AnyFont
-CVE-2014-4514 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4514
 	NOT-FOR-US: WordPress plugin Alipay plugin
-CVE-2014-4513 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-4513
 	NOT-FOR-US: WordPress plugin ActiveHelper LiveHelp Live Chat
 CVE-2014-4512
 	RESERVED
-CVE-2014-4511 (Gitlist before 0.5.0 allows remote attackers to execute arbitrary ...)
+CVE-2014-4511
 	- gitlist <itp> (bug #750368)
-CVE-2014-4509 (The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out ...)
+CVE-2014-4509
 	NOT-FOR-US: Novell Identity Manager
-CVE-2014-4507 (Directory traversal vulnerability in Smart-Proxy in Foreman before ...)
+CVE-2014-4507
 	- foreman <itp> (bug #663101)
-CVE-2014-4506 (Cross-site scripting (XSS) vulnerability in the Custom Meta module ...)
+CVE-2014-4506
 	NOT-FOR-US: Drupal module Custom Meta
-CVE-2014-4505 (Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module ...)
+CVE-2014-4505
 	NOT-FOR-US: Drupal module Easy Breadcrumb
-CVE-2014-4617 (The do_uncompress function in g10/compress.c in GnuPG 1.x before ...)
+CVE-2014-4617
 	{DSA-2968-1 DSA-2967-1 DLA-51-1 DLA-0012-1}
 	- gnupg 1.4.16-1.2 (bug #752497)
 	[squeeze] - gnupg 1.4.10-4+squeeze5
 	- gnupg2 2.0.24-1 (bug #752498)
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=11fdfcf82bd8
-CVE-2014-4616 (Array index error in the scanstring function in the _json module in ...)
+CVE-2014-4616
 	- python2.5 <removed>
 	[squeeze] - python2.5 <no-dsa> (minor issue)
 	- python2.6 <removed>
@@ -14223,7 +14223,7 @@ CVE-2014-4616 (Array index error in the scanstring function in the _json module
 	- python3.3 <removed>
 	- python3.4 3.4.0+20140417-1
 	NOTE: http://bugs.python.org/issue21529
-CVE-2014-4615 (The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, ...)
+CVE-2014-4615
 	- neutron 2014.1.2-1
 	NOTE: upstream patch: https://git.openstack.org/cgit/openstack/neutron/commit/?id=0324965a0c2987e5cad6276f011682dec184205f (neutron)
 	- ceilometer 2014.1.2-1
@@ -14231,19 +14231,19 @@ CVE-2014-4615 (The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, ..
 	NOTE: Upstream patch: https://git.openstack.org/cgit/openstack/ceilometer/commit/?id=264f3b0d9640edeac743f339786e0a3b22c0f6c2 (ceilometer)
 	- python-pycadf 0.5.1-1
 	NOTE: Upstream patch: https://git.openstack.org/cgit/openstack/pycadf/commit/?id=966d4410a1a69e0a3af678442a1a965dae80d720 (pycadf)
-CVE-2014-4614 (Multiple cross-site request forgery (CSRF) vulnerabilities in Piwigo ...)
+CVE-2014-4614
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Minor issue)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-4613 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
+CVE-2014-4613
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Minor issue)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-4510 (Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng ...)
+CVE-2014-4510
 	- apt-cacher-ng 0.7.26-2
 	[wheezy] - apt-cacher-ng <no-dsa> (Minor issue)
 	[squeeze] - apt-cacher-ng <no-dsa> (Minor issue)
-CVE-2014-4508 (arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on ...)
+CVE-2014-4508
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
@@ -14252,291 +14252,291 @@ CVE-2014-4508 (arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=554086d85e71f30abe46fc014fea31929a7c6a8a
 CVE-2014-4504
 	RESERVED
-CVE-2014-4503 (The parse_notify function in util.c in sgminer before 4.2.2 and ...)
+CVE-2014-4503
 	- cgminer 4.2.3-1
-CVE-2014-4502 (Multiple heap-based buffer overflows in the parse_notify function in ...)
+CVE-2014-4502
 	- cgminer 4.4.2-1
-CVE-2014-4501 (Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer ...)
+CVE-2014-4501
 	- cgminer 4.4.2-1
 CVE-2014-4500
 	RESERVED
-CVE-2014-4499 (The App Store process in CommerceKit Framework in Apple OS X before ...)
+CVE-2014-4499
 	NOT-FOR-US: Apple
-CVE-2014-4498 (The CPU Software in Apple OS X before 10.10.2 allows physically ...)
+CVE-2014-4498
 	NOT-FOR-US: Apple
-CVE-2014-4497 (Integer signedness error in IOBluetoothFamily in the Bluetooth ...)
+CVE-2014-4497
 	NOT-FOR-US: Apple
-CVE-2014-4496 (The mach_port_kobject interface in the kernel in Apple iOS before ...)
+CVE-2014-4496
 	NOT-FOR-US: Apple
-CVE-2014-4495 (The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and ...)
+CVE-2014-4495
 	NOT-FOR-US: Apple
-CVE-2014-4494 (Springboard in Apple iOS before 8.1.3 does not properly validate ...)
+CVE-2014-4494
 	NOT-FOR-US: Apple
-CVE-2014-4493 (The app-installation functionality in MobileInstallation in Apple iOS ...)
+CVE-2014-4493
 	NOT-FOR-US: Apple
-CVE-2014-4492 (libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and ...)
+CVE-2014-4492
 	NOT-FOR-US: Apple
-CVE-2014-4491 (The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X ...)
+CVE-2014-4491
 	NOT-FOR-US: Apple
 CVE-2014-4490
 	REJECTED
-CVE-2014-4489 (IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and ...)
+CVE-2014-4489
 	NOT-FOR-US: Apple
-CVE-2014-4488 (IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and ...)
+CVE-2014-4488
 	NOT-FOR-US: Apple
-CVE-2014-4487 (Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X ...)
+CVE-2014-4487
 	NOT-FOR-US: Apple
-CVE-2014-4486 (IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before ...)
+CVE-2014-4486
 	NOT-FOR-US: Apple
-CVE-2014-4485 (Buffer overflow in the XML parser in Foundation in Apple iOS before ...)
+CVE-2014-4485
 	NOT-FOR-US: Apple
-CVE-2014-4484 (FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and ...)
+CVE-2014-4484
 	NOT-FOR-US: Apple
-CVE-2014-4483 (Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X ...)
+CVE-2014-4483
 	NOT-FOR-US: Apple
 CVE-2014-4482
 	REJECTED
-CVE-2014-4481 (Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X ...)
+CVE-2014-4481
 	NOT-FOR-US: Apple
-CVE-2014-4480 (Directory traversal vulnerability in afc in AppleFileConduit in Apple ...)
+CVE-2014-4480
 	NOT-FOR-US: Apple
-CVE-2014-4479 (WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, ...)
+CVE-2014-4479
 	NOT-FOR-US: Apple
 CVE-2014-4478
 	REJECTED
-CVE-2014-4477 (WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, ...)
+CVE-2014-4477
 	NOT-FOR-US: Apple
-CVE-2014-4476 (WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, ...)
+CVE-2014-4476
 	NOT-FOR-US: Apple
-CVE-2014-4475 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4475
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4474 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4474
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4473 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4473
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4472 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4472
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4471 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4471
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4470 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4470
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4469 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4469
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4468 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4468
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4467 (WebKit, as used in Apple iOS before 8.1.3, does not properly determine ...)
+CVE-2014-4467
 	NOT-FOR-US: Apple
-CVE-2014-4466 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and ...)
+CVE-2014-4466
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4465 (WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before ...)
+CVE-2014-4465
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-4464
 	REJECTED
-CVE-2014-4463 (Apple iOS before 8.1.1 allows physically proximate attackers to bypass ...)
+CVE-2014-4463
 	NOT-FOR-US: Apple
-CVE-2014-4462 (WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, ...)
+CVE-2014-4462
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4461 (The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does ...)
+CVE-2014-4461
 	NOT-FOR-US: Apple
-CVE-2014-4460 (CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not ...)
+CVE-2014-4460
 	NOT-FOR-US: Apple
-CVE-2014-4459 (Use-after-free vulnerability in WebKit, as used in Apple OS X before ...)
+CVE-2014-4459
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4458 (The &quot;System Profiler About This Mac&quot; component in Apple OS X before ...)
+CVE-2014-4458
 	NOT-FOR-US: Apple
-CVE-2014-4457 (The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not ...)
+CVE-2014-4457
 	NOT-FOR-US: Apple
 CVE-2014-4456
 	REJECTED
-CVE-2014-4455 (dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not ...)
+CVE-2014-4455
 	NOT-FOR-US: Apple
 CVE-2014-4454
 	REJECTED
-CVE-2014-4453 (Apple iOS before 8.1.1 and OS X before 10.10.1 include location data ...)
+CVE-2014-4453
 	NOT-FOR-US: Apple
-CVE-2014-4452 (WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, ...)
+CVE-2014-4452
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4451 (Apple iOS before 8.1.1 does not properly enforce the failed-passcode ...)
+CVE-2014-4451
 	NOT-FOR-US: Apple
-CVE-2014-4450 (The QuickType feature in the Keyboards subsystem in Apple iOS before ...)
+CVE-2014-4450
 	NOT-FOR-US: Apple iOS
-CVE-2014-4449 (iCloud Data Access in Apple iOS before 8.1 does not verify X.509 ...)
+CVE-2014-4449
 	NOT-FOR-US: Apple iOS
-CVE-2014-4448 (House Arrest in Apple iOS before 8.1 relies on the hardware UID for ...)
+CVE-2014-4448
 	NOT-FOR-US: Apple iOS
-CVE-2014-4447 (Profile Manager in Apple OS X Server before 4.0 allows local users to ...)
+CVE-2014-4447
 	NOT-FOR-US: Apple OS X
-CVE-2014-4446 (Mail Service in Apple OS X Server before 4.0 does not enforce SACL ...)
+CVE-2014-4446
 	NOT-FOR-US: Apple OS X
 CVE-2014-4445
 	REJECTED
-CVE-2014-4444 (SecurityAgent in Apple OS X before 10.10 does not ensure that a ...)
+CVE-2014-4444
 	NOT-FOR-US: Apple OS X
-CVE-2014-4443 (Apple OS X before 10.10 allows remote attackers to cause a denial of ...)
+CVE-2014-4443
 	NOT-FOR-US: Apple OS X
-CVE-2014-4442 (The kernel in Apple OS X before 10.10 allows local users to cause a ...)
+CVE-2014-4442
 	NOT-FOR-US: Apple OS X
-CVE-2014-4441 (NetFS Client Framework in Apple OS X before 10.10 does not ensure that ...)
+CVE-2014-4441
 	NOT-FOR-US: Apple OS X
-CVE-2014-4440 (The MCX Desktop Config Profiles implementation in Apple OS X before ...)
+CVE-2014-4440
 	NOT-FOR-US: Apple OS X
-CVE-2014-4439 (Mail in Apple OS X before 10.10 does not properly recognize the ...)
+CVE-2014-4439
 	NOT-FOR-US: Apple OS X
-CVE-2014-4438 (Race condition in LoginWindow in Apple OS X before 10.10 allows ...)
+CVE-2014-4438
 	NOT-FOR-US: Apple OS X
-CVE-2014-4437 (LaunchServices in Apple OS X before 10.10 allows attackers to bypass ...)
+CVE-2014-4437
 	NOT-FOR-US: Apple OS X
-CVE-2014-4436 (IOHIDFamily in Apple OS X before 10.10 allows attackers to cause ...)
+CVE-2014-4436
 	NOT-FOR-US: Apple OS X
-CVE-2014-4435 (The &quot;iCloud Find My Mac&quot; feature in Apple OS X before 10.10 does not ...)
+CVE-2014-4435
 	NOT-FOR-US: Apple OS X
-CVE-2014-4434 (The kernel in Apple OS X before 10.10 allows physically proximate ...)
+CVE-2014-4434
 	NOT-FOR-US: Apple OS X
-CVE-2014-4433 (Heap-based buffer overflow in the kernel in Apple OS X before 10.10 ...)
+CVE-2014-4433
 	NOT-FOR-US: Apple OS X
-CVE-2014-4432 (fdesetup in Apple OS X before 10.10 does not properly display the ...)
+CVE-2014-4432
 	NOT-FOR-US: Apple OS X
-CVE-2014-4431 (Dock in Apple OS X before 10.10 does not properly manage the ...)
+CVE-2014-4431
 	NOT-FOR-US: Apple OS X
-CVE-2014-4430 (CoreStorage in Apple OS X before 10.10 retains a volume's encryption ...)
+CVE-2014-4430
 	NOT-FOR-US: Apple OS X
 CVE-2014-4429
 	REJECTED
-CVE-2014-4428 (Bluetooth in Apple OS X before 10.10 does not require encryption for ...)
+CVE-2014-4428
 	NOT-FOR-US: Apple OS X
-CVE-2014-4427 (App Sandbox in Apple OS X before 10.10 allows attackers to bypass a ...)
+CVE-2014-4427
 	NOT-FOR-US: Apple OS X
-CVE-2014-4426 (AFP File Server in Apple OS X before 10.10 allows remote attackers to ...)
+CVE-2014-4426
 	NOT-FOR-US: Apple OS X
-CVE-2014-4425 (CFPreferences in Apple OS X before 10.10 does not properly enforce the ...)
+CVE-2014-4425
 	NOT-FOR-US: Apple OS X
-CVE-2014-4424 (SQL injection vulnerability in Wiki Server in CoreCollaboration in ...)
+CVE-2014-4424
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4423 (The Accounts subsystem in Apple iOS before 8 allows attackers to ...)
+CVE-2014-4423
 	NOT-FOR-US: Accounts subsystem in Apple iOS
-CVE-2014-4422 (The kernel in Apple iOS before 8 and Apple TV before 7 uses a ...)
+CVE-2014-4422
 	NOT-FOR-US: Apple
-CVE-2014-4421 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+CVE-2014-4421
 	NOT-FOR-US: Apple
-CVE-2014-4420 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+CVE-2014-4420
 	NOT-FOR-US: Apple
-CVE-2014-4419 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+CVE-2014-4419
 	NOT-FOR-US: Apple
-CVE-2014-4418 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
+CVE-2014-4418
 	NOT-FOR-US: Apple
-CVE-2014-4417 (Safari in Apple OS X before 10.10 allows remote attackers to cause a ...)
+CVE-2014-4417
 	NOT-FOR-US: Apple Safari
-CVE-2014-4416 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4416
 	NOT-FOR-US: Apples Mac OS X
-CVE-2014-4415 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+CVE-2014-4415
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4414 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+CVE-2014-4414
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4413 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+CVE-2014-4413
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4412 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+CVE-2014-4412
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4411 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+CVE-2014-4411
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4410 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
+CVE-2014-4410
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4409 (WebKit in Apple iOS before 8 makes it easier for remote attackers to ...)
+CVE-2014-4409
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4408 (The rt_setgate function in the kernel in Apple iOS before 8 and Apple ...)
+CVE-2014-4408
 	NOT-FOR-US: Apple
-CVE-2014-4407 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
+CVE-2014-4407
 	NOT-FOR-US: Apple
-CVE-2014-4406 (Cross-site scripting (XSS) vulnerability in Xcode Server in ...)
+CVE-2014-4406
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4405 (IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows ...)
+CVE-2014-4405
 	NOT-FOR-US: Apple
-CVE-2014-4404 (Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and ...)
+CVE-2014-4404
 	NOT-FOR-US: Apple
-CVE-2014-4403 (The kernel in Apple OS X before 10.9.5 allows local users to obtain ...)
+CVE-2014-4403
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4402 (An unspecified IOAcceleratorFamily function in Apple OS X before ...)
+CVE-2014-4402
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4401 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4401
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4400 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4400
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4399 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4399
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4398 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4398
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4397 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4397
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4396 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4396
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4395 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4395
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4394 (An unspecified integrated graphics driver routine in the Intel ...)
+CVE-2014-4394
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4393 (Buffer overflow in the shader compiler in the Intel Graphics Driver ...)
+CVE-2014-4393
 	NOT-FOR-US: Apple Mac OS X
 CVE-2014-4392
 	REJECTED
-CVE-2014-4391 (The Code Signing feature in Apple OS X before 10.10 does not properly ...)
+CVE-2014-4391
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4390 (Bluetooth in Apple OS X before 10.9.5 does not properly validate API ...)
+CVE-2014-4390
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4389 (Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 ...)
+CVE-2014-4389
 	NOT-FOR-US: Apple
-CVE-2014-4388 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
+CVE-2014-4388
 	NOT-FOR-US: Apple
 CVE-2014-4387
 	REJECTED
-CVE-2014-4386 (Race condition in the App Installation feature in Apple iOS before 8 ...)
+CVE-2014-4386
 	NOT-FOR-US: Apple
 CVE-2014-4385
 	REJECTED
-CVE-2014-4384 (Directory traversal vulnerability in the App Installation feature in ...)
+CVE-2014-4384
 	NOT-FOR-US: Apple
-CVE-2014-4383 (The Assets subsystem in Apple iOS before 8 and Apple TV before 7 ...)
+CVE-2014-4383
 	NOT-FOR-US: Apple
 CVE-2014-4382
 	REJECTED
-CVE-2014-4381 (Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper ...)
+CVE-2014-4381
 	NOT-FOR-US: Apple
-CVE-2014-4380 (The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV ...)
+CVE-2014-4380
 	NOT-FOR-US: Apple
-CVE-2014-4379 (An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV ...)
+CVE-2014-4379
 	NOT-FOR-US: Apple
-CVE-2014-4378 (CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote ...)
+CVE-2014-4378
 	NOT-FOR-US: Apple
-CVE-2014-4377 (Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV ...)
+CVE-2014-4377
 	NOT-FOR-US: Apple
-CVE-2014-4376 (IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows ...)
+CVE-2014-4376
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4375 (Double free vulnerability in Apple iOS before 8 and Apple TV before 7 ...)
+CVE-2014-4375
 	NOT-FOR-US: Apple
-CVE-2014-4374 (NSXMLParser in Foundation in Apple iOS before 8 allows attackers to ...)
+CVE-2014-4374
 	NOT-FOR-US: Apple
-CVE-2014-4373 (The IntelAccelerator driver in the IOAcceleratorFamily subsystem in ...)
+CVE-2014-4373
 	NOT-FOR-US: Apple
-CVE-2014-4372 (syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV ...)
+CVE-2014-4372
 	NOT-FOR-US: Apple
-CVE-2014-4371 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
+CVE-2014-4371
 	NOT-FOR-US: Apple
 CVE-2014-4370
 	REJECTED
-CVE-2014-4369 (The IOAcceleratorFamily API implementation in Apple iOS before 8 and ...)
+CVE-2014-4369
 	NOT-FOR-US: Apple
-CVE-2014-4368 (The Accessibility subsystem in Apple iOS before 8 allows attackers to ...)
+CVE-2014-4368
 	NOT-FOR-US: Apple
-CVE-2014-4367 (Apple iOS before 8 enables Voice Dial during all upgrade actions, ...)
+CVE-2014-4367
 	NOT-FOR-US: Apple
-CVE-2014-4366 (Mail in Apple iOS before 8 does not prevent sending a LOGIN command to ...)
+CVE-2014-4366
 	NOT-FOR-US: Apple
 CVE-2014-4365
 	REJECTED
-CVE-2014-4364 (The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does ...)
+CVE-2014-4364
 	NOT-FOR-US: Apple
-CVE-2014-4363 (Safari in Apple iOS before 8 does not properly restrict the ...)
+CVE-2014-4363
 	NOT-FOR-US: Safari in Apple iOS
-CVE-2014-4362 (The Sandbox Profiles implementation in Apple iOS before 8 does not ...)
+CVE-2014-4362
 	NOT-FOR-US: Apple
-CVE-2014-4361 (The Home &amp; Lock Screen subsystem in Apple iOS before 8 does not ...)
+CVE-2014-4361
 	NOT-FOR-US: Apple
 CVE-2014-4360
 	REJECTED
@@ -14544,56 +14544,56 @@ CVE-2014-4359
 	REJECTED
 CVE-2014-4358
 	REJECTED
-CVE-2014-4357 (Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows ...)
+CVE-2014-4357
 	NOT-FOR-US: Apple
-CVE-2014-4356 (Apple iOS before 8 does not follow the intended configuration setting ...)
+CVE-2014-4356
 	NOT-FOR-US: Apple
 CVE-2014-4355
 	REJECTED
-CVE-2014-4354 (Apple iOS before 8 enables Bluetooth during all upgrade actions, which ...)
+CVE-2014-4354
 	NOT-FOR-US: Apple
-CVE-2014-4353 (Race condition in iMessage in Apple iOS before 8 allows attackers to ...)
+CVE-2014-4353
 	NOT-FOR-US: Apple
-CVE-2014-4352 (Address Book in Apple iOS before 8 relies on the hardware UID for its ...)
+CVE-2014-4352
 	NOT-FOR-US: Apple
-CVE-2014-4351 (Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote ...)
+CVE-2014-4351
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-4350 (Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 ...)
+CVE-2014-4350
 	NOT-FOR-US: QT Media Foundation in Apple OS X
-CVE-2014-4349 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2014-4349
 	- phpmyadmin 4:4.2.5-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-4348 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2014-4348
 	- phpmyadmin 4:4.2.5-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-4347 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler ...)
+CVE-2014-4347
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2014-4346 (Cross-site scripting (XSS) vulnerability in administration user ...)
+CVE-2014-4346
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2014-4345 (Off-by-one error in the krb5_encode_krbsecretkey function in ...)
+CVE-2014-4345
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-7 (bug #757416)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/81c332e29f10887c6b9deb065f81ba259f4c7e03
 	NOTE: http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2014-001.txt
-CVE-2014-4344 (The acc_ctx_cont function in the SPNEGO acceptor in ...)
+CVE-2014-4344
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-5 (bug #755521)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b
-CVE-2014-4343 (Double free vulnerability in the init_ctx_reselect function in the ...)
+CVE-2014-4343
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-5 (bug #755520)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f
-CVE-2014-4342 (MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows ...)
+CVE-2014-4342
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-4 (bug #753625)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/fb99962cbd063ac04c9a9d2cc7c75eab73f3533d
-CVE-2014-4341 (MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to ...)
+CVE-2014-4341
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-4 (bug #753624)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
@@ -14602,37 +14602,37 @@ CVE-2014-4340
 	RESERVED
 CVE-2014-4339
 	RESERVED
-CVE-2014-4335 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive ...)
+CVE-2014-4335
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-4334 (Stack-based buffer overflow in Ubisoft Rayman Legends before ...)
+CVE-2014-4334
 	NOT-FOR-US: Ubisoft Rayman Legends
-CVE-2014-4333 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2014-4333
 	NOT-FOR-US: Dolphin (php thing)
 CVE-2014-4332
 	RESERVED
-CVE-2014-4331 (Cross-site scripting (XSS) vulnerability in admin/viewer.php in ...)
+CVE-2014-4331
 	NOT-FOR-US: OctavoCMS
-CVE-2014-4330 (The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 ...)
+CVE-2014-4330
 	- perl 5.20.1-1 (bug #762256)
 	[wheezy] - perl 5.14.2-21+deb7u2
 	[squeeze] - perl <no-dsa> (Minor issue)
 	NOTE: upstream commit: http://perl5.git.perl.org/perl.git/commitdiff/19be3be6968e2337bcdfe480693fff795ecd1304
-CVE-2014-4329 (Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ...)
+CVE-2014-4329
 	- ntopng 1.2.0+dfsg1-1 (bug #760990)
 	NOTE: https://svn.ntop.org/bugzilla/show_bug.cgi?id=379
 CVE-2014-4328
 	RESERVED
 CVE-2014-4327
 	RESERVED
-CVE-2014-4326 (Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote ...)
+CVE-2014-4326
 	- logstash <itp> (bug #664841)
-CVE-2014-4325 (The cmd_boot function in app/aboot/aboot.c in the Little Kernel (LK) ...)
+CVE-2014-4325
 	NOT-FOR-US: Little Kernel (bootloader)
 CVE-2014-4324
 	RESERVED
-CVE-2014-4323 (The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP ...)
+CVE-2014-4323
 	- linux <not-affected> (Vulnerable code drivers/video/msm not present)
-CVE-2014-4322 (drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, ...)
+CVE-2014-4322
 	- linux <not-affected> (Vulnerable code drivers/misc/qseecom.c not present)
 CVE-2014-4321
 	RESERVED
@@ -14650,61 +14650,61 @@ CVE-2014-4315
 	REJECTED
 CVE-2014-4314
 	REJECTED
-CVE-2014-4313 (SQL injection vulnerability in Epicor Procurement before 7.4 SP2 ...)
+CVE-2014-4313
 	NOT-FOR-US: Epicor
-CVE-2014-4312 (Multiple cross-site scripting (XSS) vulnerabilities in Epicor ...)
+CVE-2014-4312
 	NOT-FOR-US: Epicor
-CVE-2014-4311 (Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers ...)
+CVE-2014-4311
 	NOT-FOR-US: Epicor
-CVE-2014-4310 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-4310
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4309 (Multiple cross-site scripting (XSS) vulnerabilities in Openfiler 2.99 ...)
+CVE-2014-4309
 	NOT-FOR-US: Openfiler
-CVE-2014-4308 (Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording ...)
+CVE-2014-4308
 	NOT-FOR-US: NICE Recording eXpress
-CVE-2014-4307 (SQL injection vulnerability in categories-x.php in WebTitan before ...)
+CVE-2014-4307
 	NOT-FOR-US: WebTitan
-CVE-2014-4306 (Directory traversal vulnerability in logs-x.php in WebTitan before ...)
+CVE-2014-4306
 	NOT-FOR-US: WebTitan
-CVE-2014-4305 (Multiple SQL injection vulnerabilities in NICE Recording eXpress (aka ...)
+CVE-2014-4305
 	NOT-FOR-US: NICE Recording eXpress
-CVE-2014-4304 (Cross-site scripting (XSS) vulnerability in browse.php in SQL Buddy ...)
+CVE-2014-4304
 	NOT-FOR-US: SQL Buddy
-CVE-2014-4303 (Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme ...)
+CVE-2014-4303
 	NOT-FOR-US: Drupal Touch theme
-CVE-2014-4302 (Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D ...)
+CVE-2014-4302
 	NOT-FOR-US: HAM3D Shop Engine
-CVE-2014-4301 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-4301
 	NOT-FOR-US: Ajenti
-CVE-2014-4300 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
+CVE-2014-4300
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4299 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
+CVE-2014-4299
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4298 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
+CVE-2014-4298
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4297 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-4297
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4296 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-4296
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4295 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-4295
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4294 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2014-4294
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4293 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-4293
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4292 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-4292
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4291 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-4291
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4290 (Unspecified vulnerability in the JPublisher component in Oracle ...)
+CVE-2014-4290
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4289 (Unspecified vulnerability in the JDBC component in Oracle Database ...)
+CVE-2014-4289
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4288 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 ...)
+CVE-2014-4288
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4287 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ...)
+CVE-2014-4287
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
@@ -14712,119 +14712,119 @@ CVE-2014-4287 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earli
 	- percona-xtradb-cluster-5.5 <removed>
 CVE-2014-4286
 	REJECTED
-CVE-2014-4285 (Unspecified vulnerability in the Oracle Applications Technology ...)
+CVE-2014-4285
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-4284 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-4284
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4283 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2014-4283
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4282 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-4282
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4281 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2014-4281
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-4280 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-4280
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4279 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-4279
 	NOT-FOR-US: Oracle
-CVE-2014-4278 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2014-4278
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-4277 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2014-4277
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4276 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2014-4276
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4275 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2014-4275
 	NOT-FOR-US: Oracle Sun Solaris 11
 CVE-2014-4273
 	REJECTED
 CVE-2014-4272
 	REJECTED
-CVE-2014-4271 (Unspecified vulnerability in the Hyperion Essbase component in Oracle ...)
+CVE-2014-4271
 	NOT-FOR-US: Oracle
-CVE-2014-4270 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
+CVE-2014-4270
 	NOT-FOR-US: Oracle
-CVE-2014-4269 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
+CVE-2014-4269
 	NOT-FOR-US: Oracle
-CVE-2014-4268 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4268
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4267 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4267
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4266 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
+CVE-2014-4266
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	NOTE: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/de40a32a44f5
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/c58a25d48388
-CVE-2014-4265 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
+CVE-2014-4265
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4264 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
+CVE-2014-4264
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (Vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/c084492f9e3d
-CVE-2014-4263 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4263
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4262 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4262
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4261 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-4261
 	- virtualbox <not-affected> (Only applies if VBox is running on Windows)
 	- virtualbox-ose <not-affected> (Only applies if VBox is running on Windows)
-CVE-2014-4260 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4260
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-4259 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2014-4259
 	NOT-FOR-US: Oracle
-CVE-2014-4258 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4258
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-4257 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+CVE-2014-4257
 	NOT-FOR-US: Oracle WebCenter Portal
-CVE-2014-4256 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4256
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4255 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4255
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4254 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4254
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4253 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4253
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4252 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4252
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4251 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2014-4251
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-4250 (Unspecified vulnerability in the Siebel Core - Server OM Frwks ...)
+CVE-2014-4250
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-4249 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+CVE-2014-4249
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-4248 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2014-4248
 	NOT-FOR-US: Oracle
-CVE-2014-4247 (Unspecified vulnerability in Oracle Java SE 8u5 allows remote ...)
+CVE-2014-4247
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-4246 (Unspecified vulnerability in the Hyperion Analytic Provider Services ...)
+CVE-2014-4246
 	NOT-FOR-US: Oracle
-CVE-2014-4245 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
+CVE-2014-4245
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4244 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4244
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4243 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4243
 	- mysql-5.5 5.5.37-1
 	[wheezy] - mysql-5.5 5.5.37-0+wheezy1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
@@ -14832,145 +14832,145 @@ CVE-2014-4243 (Unspecified vulnerability in the MySQL Server component in Oracle
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: Unspecified, but according to Oracle only for 5.5.35 and earlier
-CVE-2014-4242 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4242
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4241 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4241
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4240 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4240
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4239 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 ...)
+CVE-2014-4239
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-4238 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4238
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4237 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
+CVE-2014-4237
 	NOT-FOR-US: Oracle
-CVE-2014-4236 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
+CVE-2014-4236
 	NOT-FOR-US: Oracle
-CVE-2014-4235 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2014-4235
 	NOT-FOR-US: Oracle
-CVE-2014-4234 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-4234
 	NOT-FOR-US: Oracle
-CVE-2014-4233 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4233
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4232 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) ...)
+CVE-2014-4232
 	NOT-FOR-US: Oracle
-CVE-2014-4231 (Unspecified vulnerability in the Siebel Travel &amp; Transportation ...)
+CVE-2014-4231
 	NOT-FOR-US: Oracle
-CVE-2014-4230 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2014-4230
 	NOT-FOR-US: Oracle
-CVE-2014-4229 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-4229
 	NOT-FOR-US: Oracle
-CVE-2014-4228 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-4228
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <not-affected> (Only affects 4.1 and later)
-CVE-2014-4227 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
+CVE-2014-4227
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4226 (Unspecified vulnerability in the PeopleSoft Enterprise FIN Install ...)
+CVE-2014-4226
 	NOT-FOR-US: Oracle
-CVE-2014-4225 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2014-4225
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-4224 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 ...)
+CVE-2014-4224
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-4223 (Unspecified vulnerability in Oracle Java SE 7u60 allows remote ...)
+CVE-2014-4223
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (Vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/84bce1b3d28a
-CVE-2014-4222 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2014-4222
 	NOT-FOR-US: Oracle
-CVE-2014-4221 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
+CVE-2014-4221
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (Vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/bac16c82c14a
-CVE-2014-4220 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
+CVE-2014-4220
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4219 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
+CVE-2014-4219
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4218 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4218
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4217 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4217
 	NOT-FOR-US: Oracle
-CVE-2014-4216 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4216
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4215 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local ...)
+CVE-2014-4215
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-4214 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4214
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4213 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2014-4213
 	NOT-FOR-US: Oracle
-CVE-2014-4212 (Unspecified vulnerability in the Oracle Fusion Middleware component in ...)
+CVE-2014-4212
 	NOT-FOR-US: Oracle
-CVE-2014-4211 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+CVE-2014-4211
 	NOT-FOR-US: Oracle
-CVE-2014-4210 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4210
 	NOT-FOR-US: Oracle
-CVE-2014-4209 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and ...)
+CVE-2014-4209
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4208 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+CVE-2014-4208
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4207 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-4207
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-4206 (Unspecified vulnerability in the Hyperion Enterprise Performance ...)
+CVE-2014-4206
 	NOT-FOR-US: Oracle
-CVE-2014-4205 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2014-4205
 	NOT-FOR-US: Oracle
-CVE-2014-4204 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-4204
 	NOT-FOR-US: Oracle
-CVE-2014-4203 (Unspecified vulnerability in the Hyperion Enterprise Performance ...)
+CVE-2014-4203
 	NOT-FOR-US: Oracle
-CVE-2014-4202 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4202
 	NOT-FOR-US: Oracle
-CVE-2014-4201 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-4201
 	NOT-FOR-US: Oracle
-CVE-2014-4200 (vm-support 0.88 in VMware Tools, as distributed with VMware ...)
+CVE-2014-4200
 	- open-vm-tools 2:9.4.6-1770165-1 (low; bug #770809)
 	[squeeze] - open-vm-tools <no-dsa> (Minor issue)
 	[wheezy] - open-vm-tools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2014/Aug/71
-CVE-2014-4199 (vm-support 0.88 in VMware Tools, as distributed with VMware ...)
+CVE-2014-4199
 	- open-vm-tools 2:9.4.6-1770165-7 (low; bug #770809)
 	[squeeze] - open-vm-tools <no-dsa> (Minor issue)
 	[wheezy] - open-vm-tools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2014/Aug/71
 CVE-2014-4198
 	RESERVED
-CVE-2014-4197 (Multiple SQL injection vulnerabilities in Bank Soft Systems (BSS) RBS ...)
+CVE-2014-4197
 	NOT-FOR-US: Bank Soft Systems
 CVE-2014-4196
 	RESERVED
-CVE-2014-4195 (Cross-site scripting (XSS) vulnerability in zero_view_article.php in ...)
+CVE-2014-4195
 	NOT-FOR-US: ZeroCMS
-CVE-2014-4194 (SQL injection vulnerability in zero_transact_article.php in ZeroCMS ...)
+CVE-2014-4194
 	NOT-FOR-US: ZeroCMS
 CVE-2014-XXXX [softhsm-keyconv creates security-sensibe file world-readable]
 	- softhsm 1.3.7-2 (low; bug #752092)
@@ -14979,19 +14979,19 @@ CVE-2014-XXXX [softhsm-keyconv creates security-sensibe file world-readable]
 	NOTE: Upstream fix: https://github.com/bellgrim/SoftHSMv2/commit/492447cd4a2be449e99fb9ad2519ea3277aaad28
 CVE-2014-XXXX [docker VMM breakout]
 	- docker.io 1.0.0~dfsg1-1
-CVE-2014-4193 (The TLS implementation in EMC RSA BSAFE-Java Toolkits (aka Share for ...)
+CVE-2014-4193
 	NOT-FOR-US: EMC RSA BSAFE-Java Toolkits
-CVE-2014-4192 (The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share ...)
+CVE-2014-4192
 	NOT-FOR-US: EMC RSA BSAFE-Java Toolkits
-CVE-2014-4191 (The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C ...)
+CVE-2014-4191
 	NOT-FOR-US: EMC RSA BSAFE-Java Toolkits
-CVE-2014-4190 (Multiple heap-based buffer overflows in Huawei Campus Series Switches ...)
+CVE-2014-4190
 	NOT-FOR-US: Huawei Campus Series Switches
-CVE-2014-4189 (Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager ...)
+CVE-2014-4189
 	NOT-FOR-US: Hitachi Tuning Manager
-CVE-2014-4188 (Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning ...)
+CVE-2014-4188
 	NOT-FOR-US: Hitachi Tuning Manager
-CVE-2014-4187 (Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket ...)
+CVE-2014-4187
 	NOT-FOR-US: ClipBucket
 CVE-2014-4186
 	RESERVED
@@ -15017,7 +15017,7 @@ CVE-2014-4176
 	RESERVED
 CVE-2014-4175
 	RESERVED
-CVE-2014-4174 (wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x ...)
+CVE-2014-4174
 	- wireshark 1.10.4-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
@@ -15031,7 +15031,7 @@ CVE-2014-4172 [php-cas unencoded tickets]
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46766
-CVE-2014-4171 (mm/shmem.c in the Linux kernel through 3.15.1 does not properly ...)
+CVE-2014-4171
 	- linux 3.14.15-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
@@ -15040,256 +15040,256 @@ CVE-2014-4170
 	RESERVED
 CVE-2014-4169
 	RESERVED
-CVE-2014-4166 (Cross-site scripting (XSS) vulnerability in the song history in ...)
+CVE-2014-4166
 	NOT-FOR-US: SHOUTcast DNAS
-CVE-2014-4165 (Cross-site scripting (XSS) vulnerability in ntop allows remote ...)
+CVE-2014-4165
 	- ntop <removed> (bug #751946)
 	[jessie] - ntop <no-dsa> (Minor issue)
 	[wheezy] - ntop <no-dsa> (Minor issue)
-CVE-2014-4164 (Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 ...)
+CVE-2014-4164
 	NOT-FOR-US: AlogoSec FireFlow
-CVE-2014-4163 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-4163
 	NOT-FOR-US: WordPress plugin Featured Comments
-CVE-2014-4162 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-4162
 	NOT-FOR-US: Zyxel P-660HW-T1 wireless
-CVE-2014-4161 (Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP ...)
+CVE-2014-4161
 	NOT-FOR-US: SAP Supplier Relationship Management
-CVE-2014-4160 (Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas ...)
+CVE-2014-4160
 	NOT-FOR-US: SAP NetWeaver Business Client
-CVE-2014-4159 (Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier  ...)
+CVE-2014-4159
 	NOT-FOR-US: SAP Supplier Relationship Management
-CVE-2014-4158 (Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to ...)
+CVE-2014-4158
 	NOT-FOR-US: Kolibri
 CVE-2014-4156
 	RESERVED
-CVE-2014-4155 (Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 ...)
+CVE-2014-4155
 	NOT-FOR-US: ZTE router
-CVE-2014-4154 (ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores ...)
+CVE-2014-4154
 	NOT-FOR-US: ZTE router
-CVE-2014-4153 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows ...)
+CVE-2014-4153
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-4152 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows ...)
+CVE-2014-4152
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-4151 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows ...)
+CVE-2014-4151
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-4149 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, ...)
+CVE-2014-4149
 	NOT-FOR-US: Microsoft
-CVE-2014-4148 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2014-4148
 	NOT-FOR-US: Microsoft
 CVE-2014-4147
 	REJECTED
 CVE-2014-4146
 	REJECTED
-CVE-2014-4145 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4145
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4144
 	REJECTED
-CVE-2014-4143 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4143
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4142
 	REJECTED
-CVE-2014-4141 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-4141
 	NOT-FOR-US: Microsoft
-CVE-2014-4140 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-4140
 	NOT-FOR-US: Microsoft
 CVE-2014-4139
 	REJECTED
-CVE-2014-4138 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4138
 	NOT-FOR-US: Microsoft
-CVE-2014-4137 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2014-4137
 	NOT-FOR-US: Microsoft
 CVE-2014-4136
 	REJECTED
 CVE-2014-4135
 	REJECTED
-CVE-2014-4134 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-4134
 	NOT-FOR-US: Microsoft
-CVE-2014-4133 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2014-4133
 	NOT-FOR-US: Microsoft
-CVE-2014-4132 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4132
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4131
 	REJECTED
-CVE-2014-4130 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4130
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4129 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-4129
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4128 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4128
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4127 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2014-4127
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4126 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4126
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4125
 	REJECTED
-CVE-2014-4124 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2014-4124
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4123 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2014-4123
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4122 (Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR ...)
+CVE-2014-4122
 	NOT-FOR-US: Microsoft
-CVE-2014-4121 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 ...)
+CVE-2014-4121
 	NOT-FOR-US: Microsoft
 CVE-2014-4120
 	REJECTED
 CVE-2014-4119
 	REJECTED
-CVE-2014-4118 (XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 ...)
+CVE-2014-4118
 	NOT-FOR-US: Microsoft
-CVE-2014-4117 (Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, ...)
+CVE-2014-4117
 	NOT-FOR-US: Microsoft
-CVE-2014-4116 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2014-4116
 	NOT-FOR-US: Microsoft
-CVE-2014-4115 (fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in ...)
+CVE-2014-4115
 	NOT-FOR-US: Microsoft
-CVE-2014-4114 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2014-4114
 	NOT-FOR-US: Microsoft
-CVE-2014-4113 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2014-4113
 	NOT-FOR-US: Microsoft
-CVE-2014-4112 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4112
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4111 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4111
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4110 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4110
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4109 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4109
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4108 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4108
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4107 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4107
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4106 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4106
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4105 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4105
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4104 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4104
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4103 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4103
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4102 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4102
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4101 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4101
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4100 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4100
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4099 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-4099
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4098 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-4098
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4097 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4097
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4096 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4096
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4095 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4095
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4094 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4094
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4093 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2014-4093
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4092 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-4092
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4091 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4091
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4090 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4090
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4089 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4089
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4088 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4088
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4087 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4087
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4086 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-4086
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4085 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4085
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4084 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2014-4084
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4083 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4083
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4082 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2014-4082
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4081 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4081
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4080 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4080
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4079 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4079
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4078 (The IP Security feature in Microsoft Internet Information Services ...)
+CVE-2014-4078
 	NOT-FOR-US: Microsoft
-CVE-2014-4077 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server ...)
+CVE-2014-4077
 	NOT-FOR-US: Microsoft
-CVE-2014-4076 (Microsoft Windows Server 2003 SP2 allows local users to gain ...)
+CVE-2014-4076
 	NOT-FOR-US: Microsoft
-CVE-2014-4075 (Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in ...)
+CVE-2014-4075
 	NOT-FOR-US: Microsoft
-CVE-2014-4074 (The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server ...)
+CVE-2014-4074
 	NOT-FOR-US: Microsoft
-CVE-2014-4073 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 ...)
+CVE-2014-4073
 	NOT-FOR-US: Microsoft
-CVE-2014-4072 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, ...)
+CVE-2014-4072
 	NOT-FOR-US: Microsoft
-CVE-2014-4071 (The Server in Microsoft Lync Server 2013 allows remote attackers to ...)
+CVE-2014-4071
 	NOT-FOR-US: Microsoft Lync Server
-CVE-2014-4070 (Cross-site scripting (XSS) vulnerability in the Web Components Server ...)
+CVE-2014-4070
 	NOT-FOR-US: Microsoft Lync Server
 CVE-2014-4069
 	REJECTED
-CVE-2014-4068 (The Response Group Service in Microsoft Lync Server 2010 and 2013 and ...)
+CVE-2014-4068
 	NOT-FOR-US: Microsoft Lync Server
-CVE-2014-4067 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4067
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4066 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4066
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4065 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4065
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4064 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2014-4064
 	NOT-FOR-US: Microsoft
-CVE-2014-4063 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4063
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4062 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 ...)
+CVE-2014-4062
 	NOT-FOR-US: Microsoft
-CVE-2014-4061 (Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not ...)
+CVE-2014-4061
 	NOT-FOR-US: Microsoft
-CVE-2014-4060 (Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows ...)
+CVE-2014-4060
 	NOT-FOR-US: Microsoft
-CVE-2014-4059 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-4059
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4058 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-4058
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4057 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-4057
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4056 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ...)
+CVE-2014-4056
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4055 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4055
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4054
 	REJECTED
 CVE-2014-4053
 	REJECTED
-CVE-2014-4052 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2014-4052
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4051 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-4051
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4050 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-4050
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4042
 	RESERVED
 CVE-2014-4041
 	RESERVED
-CVE-2014-4040 (snap in powerpc-utils 1.2.20 produces an archive with fstab and ...)
+CVE-2014-4040
 	- powerpc-utils 1.3.1-2 (unimportant)
 	NOTE: SuSE decided to put/display a warning about the possibility to of
 	NOTE: containing cleartext passwords in the produced archive containing fstab
 	NOTE: and yaboot.conf
 	NOTE: 1.3.1-2 upload removed /usr/sbin/snap from the installed binary package
-CVE-2014-4039 (ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does ...)
+CVE-2014-4039
 	- ppc64-diag 2.7.1-5
 	NOTE: SuSE Patch: https://bugzilla.novell.com/attachment.cgi?id=599147
-CVE-2014-4038 (ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a ...)
+CVE-2014-4038
 	- ppc64-diag 2.7.1-5
 	NOTE: Issue partially fixed in 2.7.1-1, but not all parts fixed
 	NOTE: SuSE Patch: https://bugzilla.novell.com/attachment.cgi?id=599147
-CVE-2014-4037 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4037
 	- fckeditor <removed> (low; bug #752873)
 	[wheezy] - fckeditor <no-dsa> (Minor issue)
 	[squeeze] - fckeditor <no-dsa> (Minor issue)
@@ -15298,19 +15298,19 @@ CVE-2014-4037 (Cross-site scripting (XSS) vulnerability in ...)
 	[squeeze] - docvert <no-dsa> (Minor issue)
 	- moin <not-affected> (unused emebdded copy)
 	- knowledgeroot <not-affected> (unused embedded copy)
-CVE-2014-4036 (Cross-site scripting (XSS) vulnerability in modules/system/admin.php ...)
+CVE-2014-4036
 	NOT-FOR-US: ImpressCMS
-CVE-2014-4035 (Cross-site scripting (XSS) vulnerability in booking_details.php in ...)
+CVE-2014-4035
 	NOT-FOR-US: Advance Hotel Booking System
-CVE-2014-4034 (SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 ...)
+CVE-2014-4034
 	NOT-FOR-US: ZeroCMS
-CVE-2014-4033 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4033
 	NOT-FOR-US: Epignosis eFront
-CVE-2014-4032 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-4032
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-4031 (The Policy Manager in Aruba Networks ClearPass 5.x, 6.0.x, 6.1.x ...)
+CVE-2014-4031
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-4030 (Cross-site request forgery (CSRF) vulnerability in the JW Player ...)
+CVE-2014-4030
 	NOT-FOR-US: WordPress plugin JW Player
 CVE-2014-4029
 	RESERVED
@@ -15320,102 +15320,102 @@ CVE-2014-4026
 	RESERVED
 CVE-2014-4025
 	RESERVED
-CVE-2014-4024 (SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x ...)
+CVE-2014-4024
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-4023 (Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in ...)
+CVE-2014-4023
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-4022 (The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, ...)
+CVE-2014-4022
 	- xen <not-affected> (Only 32- and 64-bit ARM systems from Xen 4.4 onwards)
 CVE-2014-4019
 	RESERVED
-CVE-2014-4018 (The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a ...)
+CVE-2014-4018
 	NOT-FOR-US: ZTE router
-CVE-2014-4168 ((1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote ...)
+CVE-2014-4168
 	{DSA-2964-1}
 	- iodine 0.6.0~rc1-19 (bug #751834)
 	[squeeze] - iodine 0.6.0~rc1-2+deb6u1
 	NOTE: https://github.com/yarrick/iodine/commit/b715be5cf3978fbe589b03b09c9398d0d791f850
-CVE-2014-4167 (The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before ...)
+CVE-2014-4167
 	- neutron 2014.1.1-1 (bug #752021)
 	NOTE: https://launchpad.net/bugs/1309195
-CVE-2014-4157 (arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 ...)
+CVE-2014-4157
 	{DLA-103-1}
 	- linux 3.14.7-1 (bug #751417)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <not-affected> (squeeze-lts only covers x86)
-CVE-2014-4049 (Heap-based buffer overflow in the php_parserr function in ...)
+CVE-2014-4049
 	{DSA-2961-1 DLA-0010-1}
 	- php5 5.6.0~beta4+dfsg-3 (bug #751364)
 	[squeeze] - php5 5.3.3-7+squeeze20
 	NOTE: https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468
-CVE-2014-4048 (The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows ...)
+CVE-2014-4048
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-008.html
-CVE-2014-4047 (Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and ...)
+CVE-2014-4047
 	- asterisk 1:11.10.2~dfsg-1 (low)
 	[wheezy] - asterisk 1:1.8.13.1~dfsg1-3+deb7u4
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-007.html
-CVE-2014-4046 (Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and ...)
+CVE-2014-4046
 	{DLA-455-1}
 	- asterisk 1:11.10.2~dfsg-1 (low)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-006.html
-CVE-2014-4045 (The Publish/Subscribe Framework in the PJSIP channel driver in ...)
+CVE-2014-4045
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-005.html
-CVE-2014-4044 (OpenAFS 1.6.8 does not properly clear the fields in the host structure, ...)
+CVE-2014-4044
 	- openafs 1.6.9-1
 	[wheezy] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
 	[squeeze] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
-CVE-2014-4043 (The posix_spawn_file_actions_addopen function in glibc before 2.20 ...)
+CVE-2014-4043
 	{DSA-3169-1 DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.19-2 (low; bug #751774)
-CVE-2014-4021 (Xen 3.2.x through 4.4.x does not properly clean memory pages recovered ...)
+CVE-2014-4021
 	{DSA-3006-1}
 	- xen 4.4.1-1 (bug #751894)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-4020 (The dissect_frame function in epan/dissectors/packet-frame.c in the ...)
+CVE-2014-4020
 	- wireshark 1.10.8-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.0 to 1.10.7)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.0 to 1.10.7)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-07.html
-CVE-2014-4017 (Cross-site scripting (XSS) vulnerability in the Conversion Ninja ...)
+CVE-2014-4017
 	NOT-FOR-US: WordPress plugin conversionninja
 CVE-2014-4016
 	RESERVED
 CVE-2014-4015
 	RESERVED
-CVE-2014-4013 (SQL injection vulnerability in the Policy Manager in Aruba Networks ...)
+CVE-2014-4013
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-4012 (SAP Open Hub Service has hardcoded credentials, which makes it easier ...)
+CVE-2014-4012
 	NOT-FOR-US: SAP
-CVE-2014-4011 (SAP Capacity Leveling has hardcoded credentials, which makes it easier ...)
+CVE-2014-4011
 	NOT-FOR-US: SAP
-CVE-2014-4010 (SAP Transaction Data Pool has hardcoded credentials, which makes it ...)
+CVE-2014-4010
 	NOT-FOR-US: SAP
-CVE-2014-4009 (SAP CCMS Monitoring (BC-CCM-MON) has hardcoded credentials, which ...)
+CVE-2014-4009
 	NOT-FOR-US: SAP
-CVE-2014-4008 (SAP Web Services Tool (CA-WUI-WST) has hardcoded credentials, which ...)
+CVE-2014-4008
 	NOT-FOR-US: SAP
-CVE-2014-4007 (The SAP Upgrade tools for ABAP has hardcoded credentials, which makes ...)
+CVE-2014-4007
 	NOT-FOR-US: SAP
-CVE-2014-4006 (The SAP Trader's and Scheduler's Workbench (TSW) for SAP Oil &amp; Gas has ...)
+CVE-2014-4006
 	NOT-FOR-US: SAP
-CVE-2014-4005 (SAP Brazil add-on has hardcoded credentials, which makes it easier for ...)
+CVE-2014-4005
 	NOT-FOR-US: SAP
-CVE-2014-4004 (The (1) Structures and (2) Project-Oriented Procurement components in ...)
+CVE-2014-4004
 	NOT-FOR-US: SAP
-CVE-2014-4003 (The System Landscape Directory (SLD) in SAP NetWeaver allows remote ...)
+CVE-2014-4003
 	NOT-FOR-US: SAP
-CVE-2014-4002 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b ...)
+CVE-2014-4002
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-6 (bug #752573)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #752573)
 CVE-2014-4001
 	RESERVED
-CVE-2014-4000 (Cacti before 1.0.0 allows remote authenticated users to conduct PHP ...)
+CVE-2014-4000
 	- cacti 0.8.8e+ds1-1 (low)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u2
 	[wheezy] - cacti 0.8.8a+dfsg-5+deb7u6
@@ -15425,82 +15425,82 @@ CVE-2014-4000 (Cacti before 1.0.0 allows remote authenticated users to conduct P
 	NOTE: This CVE was fixed by introduction of the function sanitize_unserialize_selected_items
 	NOTE: in version 0.8.8e and calling it instead of unserialize(stripslashes()).
 	NOTE: Affected files require authenticated users.
-CVE-2014-3999 (The Horde_Ldap library before 2.0.6 for Horde allows remote attackers ...)
+CVE-2014-3999
 	- php-horde-ldap 2.0.6-1
 CVE-2014-3998
 	RESERVED
-CVE-2014-3997 (SQL injection vulnerability in the MetadataServlet servlet in ...)
+CVE-2014-3997
 	NOT-FOR-US: Password Manager Pro
-CVE-2014-3996 (SQL injection vulnerability in the LinkViewFetchServlet servlet in ...)
+CVE-2014-3996
 	NOT-FOR-US: Password Manager Pro
 CVE-2014-3993
 	RESERVED
-CVE-2014-3992 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow ...)
+CVE-2014-3992
 	- dolibarr 3.5.4+dfsg2-1 (bug #755531)
-CVE-2014-3991 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
+CVE-2014-3991
 	- dolibarr 3.5.5+dfsg1-1
-CVE-2014-3990 (The Cart::getProducts method in system/library/cart.php in OpenCart ...)
+CVE-2014-3990
 	NOT-FOR-US: OpenCart
 CVE-2014-3989
 	RESERVED
-CVE-2014-3988 (Cross-site scripting (XSS) vulnerability in index.php in SunHater ...)
+CVE-2014-3988
 	NOT-FOR-US: SunHater KCFinder
 CVE-2014-3987
 	RESERVED
-CVE-2014-3984 (Multiple unspecified vulnerabilities in Libav before 0.8.12 allow ...)
+CVE-2014-3984
 	- libav 6:0.8.12-1
 	NOTE: Fairly pointless CVE assignment...
-CVE-2014-4150 (The scheme48-send-definition function in cmuscheme48.el in Scheme 48 ...)
+CVE-2014-4150
 	{DLA-0006-1}
 	- scheme48 1.9-4 (bug #748766)
 	[wheezy] - scheme48 1.8+dfsg-1+deb7u1
 	[squeeze] - scheme48 1.8+dfsg-1+deb6u1
-CVE-2014-4027 (The rd_build_device_space function in drivers/target/target_core_rd.c ...)
+CVE-2014-4027
 	- linux 3.14.2-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.38)
 	NOTE: upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
-CVE-2014-4014 (The capabilities implementation in the Linux kernel before 3.14.8 does ...)
+CVE-2014-4014
 	- linux 3.14.7-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: fixing commit https://git.kernel.org/linus/23adbe12ef7d3d4195e80800ab36b37bee28cd03
-CVE-2014-3986 (include/tests_webservers in Lynis before 1.5.5 allows local users to ...)
+CVE-2014-3986
 	- lynis 1.5.5-1 (bug #751083)
 	[squeeze] - lynis <no-dsa> (Minor issue)
 	[wheezy] - lynis <no-dsa> (Minor issue)
-CVE-2014-3995 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-3995
 	NOT-FOR-US: Djblets
-CVE-2014-3994 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-3994
 	NOT-FOR-US: Djblets
 CVE-2014-3983
 	RESERVED
-CVE-2014-3982 (include/tests_webservers in Lynis before 1.5.5 on AIX allows local ...)
+CVE-2014-3982
 	- lynis <not-affected> (Specific to AIX)
-CVE-2014-3981 (acinclude.m4, as used in the configure script in PHP 5.5.13 and ...)
+CVE-2014-3981
 	- php5 5.6.0~rc1+dfsg-1 (unimportant)
 	NOTE: Only exploitable during package build
 CVE-2014-3979
 	RESERVED
 	NOT-FOR-US: Bytemark Symbiosis
-CVE-2014-3978 (SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote ...)
+CVE-2014-3978
 	NOT-FOR-US: TomatoCart
-CVE-2014-3977 (libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to ...)
+CVE-2014-3977
 	NOT-FOR-US: IBM AIX
-CVE-2014-3976 (Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) ...)
+CVE-2014-3976
 	NOT-FOR-US: A10 Networks Advanced Core Operating System
-CVE-2014-3975 (Absolute path traversal vulnerability in filemanager.php in AuraCMS ...)
+CVE-2014-3975
 	NOT-FOR-US: AuraCMS
-CVE-2014-3974 (Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS ...)
+CVE-2014-3974
 	NOT-FOR-US: AuraCMS
-CVE-2014-3973 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before ...)
+CVE-2014-3973
 	- frontaccounting 2.3.21-1 (bug #751867)
 	[squeeze] - frontaccounting <no-dsa> (Minor issue)
 	[wheezy] - frontaccounting <no-dsa> (Minor issue)
-CVE-2014-3972 (Directory traversal vulnerability in Apexis APM-J601-WS cameras with ...)
+CVE-2014-3972
 	NOT-FOR-US: Apexis cameras
-CVE-2014-3971 (The CmdAuthenticate::_authenticateX509 function in ...)
+CVE-2014-3971
 	- mongodb <not-affected> (X.509 certifictate authentication introduced in 2.6.x)
 	NOTE: https://jira.mongodb.org/browse/SERVER-13753
 	NOTE: https://github.com/mongodb/mongo/commit/c151e0660b9736fe66b224f1129a16871165251b
@@ -15508,203 +15508,203 @@ CVE-2014-3965
 	RESERVED
 CVE-2014-3964
 	RESERVED
-CVE-2014-3963 (ownCloud Server before 6.0.1 does not properly check permissions, ...)
+CVE-2014-3963
 	- owncloud 6.0.1+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-009/
-CVE-2014-3962 (Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote ...)
+CVE-2014-3962
 	NOT-FOR-US: Videos Tube
-CVE-2014-3961 (SQL injection vulnerability in the Export CSV page in the Participants ...)
+CVE-2014-3961
 	NOT-FOR-US: WordPress plugin Participants Database
-CVE-2014-3960 (Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before ...)
+CVE-2014-3960
 	NOT-FOR-US: OpenNMS
-CVE-2014-3980 (libfep 0.0.5 before 0.1.0 does not properly use UNIX domain sockets in ...)
+CVE-2014-3980
 	- libfep <itp> (bug #658575)
-CVE-2014-3959 (Cross-site scripting (XSS) vulnerability in list.jsp in the ...)
+CVE-2014-3959
 	NOT-FOR-US: F5
 CVE-2014-3958
 	RESERVED
 CVE-2014-3957
 	RESERVED
-CVE-2014-3955 (routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to ...)
+CVE-2014-3955
 	NOT-FOR-US: FreeBSD routed
-CVE-2014-3954 (Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 ...)
+CVE-2014-3954
 	NOT-FOR-US: FreeBSD rtsold
-CVE-2014-3953 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 ...)
+CVE-2014-3953
 	{DSA-3070-1}
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 <removed> (bug #754237)
 	- kfreebsd-10 10.1~svn272463-1
-CVE-2014-3952 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 ...)
+CVE-2014-3952
 	{DSA-3070-1}
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	- kfreebsd-9 <removed> (bug #754236)
 	- kfreebsd-10 10.1~svn272463-1
-CVE-2014-3951 (The HZ module in the iconv implementation in FreeBSD 10.0 before p6 ...)
+CVE-2014-3951
 	NOT-FOR-US: iconv system library of FreeBSD and NetBSD
 CVE-2014-3950
 	RESERVED
-CVE-2014-3949 (Cross-site scripting (XSS) vulnerability in the layout wizard in the ...)
+CVE-2014-3949
 	NOT-FOR-US: TYPO3 extension gridelements
-CVE-2014-3948 (Cross-site scripting (XSS) vulnerability in the HTML export wizard in ...)
+CVE-2014-3948
 	NOT-FOR-US: TYPO3 extension powermail
-CVE-2014-3947 (Unrestricted file upload vulnerability in the powermail extension ...)
+CVE-2014-3947
 	NOT-FOR-US: TYPO3 extension powermail
-CVE-2014-3939 (Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 ...)
+CVE-2014-3939
 	NOT-FOR-US: Autodesk SketchBook Pro
-CVE-2014-3938 (Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote ...)
+CVE-2014-3938
 	NOT-FOR-US: Autodesk Sketchbook Pro
-CVE-2014-3937 (SQL injection vulnerability in the Contextual Related Posts plugin ...)
+CVE-2014-3937
 	NOT-FOR-US: WordPress plugin contextual-related-posts
-CVE-2014-3936 (Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi ...)
+CVE-2014-3936
 	NOT-FOR-US: D-Link
-CVE-2014-3935 (SQL injection vulnerability in glossaire-aff.php in the Glossaire ...)
+CVE-2014-3935
 	NOT-FOR-US: XOOPS module Glossaire
-CVE-2014-3934 (SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 ...)
+CVE-2014-3934
 	NOT-FOR-US: PHP-Nuke
-CVE-2014-3933 (Cross-site scripting (XSS) vulnerability in the address components ...)
+CVE-2014-3933
 	NOT-FOR-US: Drupal module AddressField Tokens
-CVE-2014-3932 (SQL injection vulnerability in the device registration component in ...)
+CVE-2014-3932
 	NOT-FOR-US: CoSoSys Endpoint Protector
-CVE-2014-3931 (fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 ...)
+CVE-2014-3931
 	NOT-FOR-US: Multi-Router Looking Glass
-CVE-2014-3930 (lg.pl in Cistron-LG 1.01 stores sensitive information under the web ...)
+CVE-2014-3930
 	NOT-FOR-US: Cistron-LG
-CVE-2014-3929 (The default configuration for Cougar-LG stores sensitive information ...)
+CVE-2014-3929
 	NOT-FOR-US: Cougar-LG
-CVE-2014-3928 (Cougar-LG stores sensitive information under the web root with ...)
+CVE-2014-3928
 	NOT-FOR-US: Cougar-LG
-CVE-2014-3927 (mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to ...)
+CVE-2014-3927
 	NOT-FOR-US: mrlg4php
-CVE-2014-3926 (Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 ...)
+CVE-2014-3926
 	NOT-FOR-US: Cougar LG
-CVE-2014-3924 (Multiple cross-site scripting (XSS) vulnerabilities in Webmin before ...)
+CVE-2014-3924
 	NOT-FOR-US: Webmin
-CVE-2014-3923 (Multiple cross-site scripting (XSS) vulnerabilities in the Digital ...)
+CVE-2014-3923
 	NOT-FOR-US: WordPress plugin Digital Zoom Studio Video Gallery
-CVE-2014-3922 (Cross-site scripting (XSS) vulnerability in Trend Micro InterScan ...)
+CVE-2014-3922
 	NOT-FOR-US: Trend Micro InterScan
-CVE-2014-3921 (Cross-site scripting (XSS) vulnerability in popup.php in the Simple ...)
+CVE-2014-3921
 	NOT-FOR-US: WordPress plugin Simple Popup Images
-CVE-2014-3969 (Xen 4.4.x, when running on an ARM system, does not properly check ...)
+CVE-2014-3969
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3970 (The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv ...)
+CVE-2014-3970
 	- pulseaudio 5.0-3 (low)
 	[squeeze] - pulseaudio <no-dsa> (Minor issue)
 	[wheezy] - pulseaudio <no-dsa> (Minor issue)
 	NOTE: http://lists.freedesktop.org/archives/pulseaudio-discuss/2014-May/020740.html
-CVE-2014-3968 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows ...)
+CVE-2014-3968
 	- xen 4.4.1-1 (bug #757724)
 	[wheezy] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
-CVE-2014-3967 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not ...)
+CVE-2014-3967
 	- xen 4.4.1-1 (bug #757724)
 	[wheezy] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
-CVE-2014-3966 (Cross-site scripting (XSS) vulnerability in Special:PasswordReset in ...)
+CVE-2014-3966
 	{DSA-2957-1}
 	- mediawiki 1:1.19.16+dfsg-1 (low; bug #750527)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=65501
-CVE-2014-3956 (The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has ...)
+CVE-2014-3956
 	- sendmail 8.14.4-6 (low; bug #750562)
 	[wheezy] - sendmail 8.14.4-4+deb7u1
 	[squeeze] - sendmail <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/06/03/1
-CVE-2014-3940 (The Linux kernel through 3.14.5 does not properly consider the ...)
+CVE-2014-3940
 	- linux 3.14.7-1 (low)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <not-affected> (Only exploitable in 3.12 and later)
-CVE-2014-3925 (sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux ...)
+CVE-2014-3925
 	- sosreport <not-affected> (RedHat-specific issue)
-CVE-2014-3920 (Cross-site request forgery (CSRF) vulnerability in Kanboard before ...)
+CVE-2014-3920
 	- kanboard <itp> (bug #790814)
 CVE-2014-3919
 	RESERVED
 CVE-2014-3918
 	RESERVED
-CVE-2014-3916 (The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 ...)
+CVE-2014-3916
 	- ruby2.1 <removed> (unimportant)
 	- ruby2.0 <removed> (unimportant)
 	- ruby1.9.1 <removed> (unimportant)
 	- ruby1.8 <removed> (unimportant)
 	NOTE: Only exploitable on Windows
-CVE-2014-3915 (The userRequest servlet in the Admin Center for Tivoli Storage Manager ...)
+CVE-2014-3915
 	NOT-FOR-US: Rocket Servergraph
-CVE-2014-3914 (Directory traversal vulnerability in the Admin Center for Tivoli ...)
+CVE-2014-3914
 	NOT-FOR-US: Rocket ServerGraph
-CVE-2014-3913 (Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow ...)
+CVE-2014-3913
 	NOT-FOR-US: Ericom AccessNow Server
-CVE-2014-3912 (Stack-based buffer overflow in the FindConfigChildeKeyList method in ...)
+CVE-2014-3912
 	NOT-FOR-US: Samsung iPOLiS Device Manager
-CVE-2014-3911 (Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to ...)
+CVE-2014-3911
 	NOT-FOR-US: Samsung iPOLiS Device Manager
-CVE-2014-3910 (Emurasoft EmFTP allows local users to gain privileges via a Trojan ...)
+CVE-2014-3910
 	NOT-FOR-US: Emurasoft EmFTP
-CVE-2014-3909 (Session fixation vulnerability in Falcon WisePoint 4.1.19.7 and ...)
+CVE-2014-3909
 	NOT-FOR-US: Falcon WisePoint
-CVE-2014-3908 (The Amazon.com Kindle application before 4.5.0 for Android does not ...)
+CVE-2014-3908
 	NOT-FOR-US: Amazon.com Kindle application
-CVE-2014-3907 (Cross-site request forgery (CSRF) vulnerability in the MailPoet ...)
+CVE-2014-3907
 	NOT-FOR-US: MailPoet Newsletters (wysija-newsletters) plugin for WordPress
-CVE-2014-3906 (SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and ...)
+CVE-2014-3906
 	NOT-FOR-US: OSK Advance-Flow
-CVE-2014-3905 (Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 ...)
+CVE-2014-3905
 	NOT-FOR-US: tenfourzero Shutter
-CVE-2014-3904 (SQL injection vulnerability in lib/admin.php in tenfourzero Shutter ...)
+CVE-2014-3904
 	NOT-FOR-US: tenfourzero Shutter
-CVE-2014-3903 (Cross-site scripting (XSS) vulnerability in the Cakifo theme 1.x ...)
+CVE-2014-3903
 	NOT-FOR-US: Cakifo theme for WordPress
-CVE-2014-3902 (The CyberAgent Ameba application 3.x and 4.x before 4.5.0 for Android ...)
+CVE-2014-3902
 	NOT-FOR-US: CyberAgent Ameba application
-CVE-2014-3901 (Raritan Japan Dominion KX2-101 switches before 2 allow remote ...)
+CVE-2014-3901
 	NOT-FOR-US: Raritan Japan Dominion KX2-101 switches
-CVE-2014-3900 (Cross-site scripting (XSS) vulnerability in admin/picture_modify.php ...)
+CVE-2014-3900
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-3899 (Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to ...)
+CVE-2014-3899
 	NOT-FOR-US: Gretech GOM Player
-CVE-2014-3898 (Cross-site scripting (XSS) vulnerability in Fujitsu ServerView ...)
+CVE-2014-3898
 	NOT-FOR-US: Fujitsu ServerView Operations Manager
-CVE-2014-3897 (Cross-site scripting (XSS) vulnerability in Homepage Decorator ...)
+CVE-2014-3897
 	NOT-FOR-US: Homepage Decorator PerlMailer
-CVE-2014-3896 (Multiple cross-site request forgery (CSRF) vulnerabilities in CGI ...)
+CVE-2014-3896
 	NOT-FOR-US: Seeds acmailer
-CVE-2014-3895 (The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, ...)
+CVE-2014-3895
 	NOT-FOR-US: I-O DATA camera firmware
-CVE-2014-3894 (Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional ...)
+CVE-2014-3894
 	NOT-FOR-US: PHP Kobo Multifunctional MailForm
 CVE-2014-3893
 	RESERVED
-CVE-2014-3892 (Cross-site scripting (XSS) vulnerability in Nexa Meridian before 2014 ...)
+CVE-2014-3892
 	NOT-FOR-US: Nexa Meridian
-CVE-2014-3891 (Buffer overflow in RimArts Becky! Internet Mail before 2.68 allows ...)
+CVE-2014-3891
 	NOT-FOR-US: RimArts Becky! Internet Mail
-CVE-2014-3890 (silex SX-2000WG devices with firmware before 1.5.4 allow remote ...)
+CVE-2014-3890
 	NOT-FOR-US: silex device
-CVE-2014-3889 (silex SX-2000WG devices with firmware before 1.5.4 allow remote ...)
+CVE-2014-3889
 	NOT-FOR-US: silex device
-CVE-2014-3888 (Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS ...)
+CVE-2014-3888
 	NOT-FOR-US: Yokogawa
-CVE-2014-3887 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk ...)
+CVE-2014-3887
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2014-3886 (Cross-site scripting (XSS) vulnerability in Webmin before 1.690, when ...)
+CVE-2014-3886
 	NOT-FOR-US: Webmin
-CVE-2014-3885 (Cross-site scripting (XSS) vulnerability in Webmin before 1.690 allows ...)
+CVE-2014-3885
 	NOT-FOR-US: Webmin
-CVE-2014-3884 (Cross-site scripting (XSS) vulnerability in Usermin before 1.600 ...)
+CVE-2014-3884
 	NOT-FOR-US: Usermin
-CVE-2014-3883 (Usermin before 1.600 allows remote attackers to execute arbitrary ...)
+CVE-2014-3883
 	NOT-FOR-US: Usermin
-CVE-2014-3882 (Cross-site request forgery (CSRF) vulnerability in the Login rebuilder ...)
+CVE-2014-3882
 	NOT-FOR-US: WordPress plugin login-rebuilder
-CVE-2014-3881 (Cross-site request forgery (CSRF) vulnerability in Intercom Web ...)
+CVE-2014-3881
 	NOT-FOR-US: Intercom Web Kyukincho
-CVE-2014-3880 (The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 ...)
+CVE-2014-3880
 	{DSA-2952-1}
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (Will be fixed in a point update)
@@ -15713,14 +15713,14 @@ CVE-2014-3880 (The (1) execve and (2) fexecve system calls in the FreeBSD kernel
 	- kfreebsd-10 10.0-6
 CVE-2014-3879
 	RESERVED
-CVE-2014-3878 (Multiple cross-site scripting (XSS) vulnerabilities in the web client ...)
+CVE-2014-3878
 	NOT-FOR-US: IPSwitch IMail
-CVE-2014-3877 (Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, ...)
+CVE-2014-3877
 	{DLA-68-1}
 	- fex 20140530-1
 	[wheezy] - fex <no-dsa> (non-free not supported)
 	NOTE: https://www.lsexperts.de/advisories/lse-2014-05-22.txt
-CVE-2014-3876 (Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast ...)
+CVE-2014-3876
 	{DLA-68-1}
 	- fex 20140530-1
 	[wheezy] - fex <no-dsa> (non-free not supported)
@@ -15733,36 +15733,36 @@ CVE-2014-3875
 	NOTE: https://www.lsexperts.de/advisories/lse-2014-05-22.txt
 CVE-2014-3874
 	RESERVED
-CVE-2014-3873 (The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before ...)
+CVE-2014-3873
 	- kfreebsd-8 <removed>
 	- kfreebsd-9 <removed> (bug #750493)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-9 <not-affected> (introduced by the merge of r237663)
 	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
-CVE-2014-3872 (Multiple SQL injection vulnerabilities in the administration login ...)
+CVE-2014-3872
 	NOT-FOR-US: D-Link firmware
-CVE-2014-3871 (Multiple SQL injection vulnerabilities in register.php in Geodesic ...)
+CVE-2014-3871
 	NOT-FOR-US: GeodesicSolutions
 CVE-2014-3869
 	RESERVED
 CVE-2014-3868
 	RESERVED
-CVE-2014-3867 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2014-3867
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3863 (Cross-site scripting (XSS) vulnerability in the JChatSocial component ...)
+CVE-2014-3863
 	NOT-FOR-US: Joomla! component JChatSocial
-CVE-2014-3862 (CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to ...)
+CVE-2014-3862
 	NOT-FOR-US: HL7 C-CDA
-CVE-2014-3861 (Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 ...)
+CVE-2014-3861
 	NOT-FOR-US: HL7 C-CDA
 CVE-2014-3860
 	RESERVED
-CVE-2014-3859 (libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS ...)
+CVE-2014-3859
 	- bind9 <not-affected> (Only affects 9.10.0, 9.10.0-P1)
 	NOTE: https://kb.isc.org/article/AA-01166
 CVE-2014-3858
 	RESERVED
-CVE-2014-3857 (Multiple SQL injection vulnerabilities in Kerio Control Statistics in ...)
+CVE-2014-3857
 	NOT-FOR-US: Kerio Control
 CVE-2014-3856
 	RESERVED
@@ -15770,213 +15770,213 @@ CVE-2014-3856
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
 	NOTE: https://github.com/fish-shell/fish-shell/issues/1437
-CVE-2014-3855 (Directory traversal vulnerability in download.py in Pyplate 0.08 ...)
+CVE-2014-3855
 	NOT-FOR-US: Pyplate
-CVE-2014-3854 (Cross-site request forgery (CSRF) vulnerability in admin/addScript.py ...)
+CVE-2014-3854
 	NOT-FOR-US: Pyplate
-CVE-2014-3853 (Pyplate 0.08 does not set the secure flag for the id cookie in an ...)
+CVE-2014-3853
 	NOT-FOR-US: Pyplate
-CVE-2014-3852 (Pyplate 0.08 does not include the HTTPOnly flag in a Set-Cookie header ...)
+CVE-2014-3852
 	NOT-FOR-US: Pyplate
-CVE-2014-3851 (usr/lib/cgi-bin/create_passwd_file.py in Pyplate 0.08 uses ...)
+CVE-2014-3851
 	NOT-FOR-US: Pyplate
-CVE-2014-3850 (Cross-site request forgery (CSRF) vulnerability in the Member Approval ...)
+CVE-2014-3850
 	NOT-FOR-US: WordPress plugin Member Approval 131109
-CVE-2014-3849 (The iMember360 plugin 3.8.012 through 3.9.001 for WordPress does not ...)
+CVE-2014-3849
 	NOT-FOR-US: WordPress plugin iMember360
-CVE-2014-3848 (The iMember360 plugin before 3.9.001 for WordPress does not properly ...)
+CVE-2014-3848
 	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-3847
 	RESERVED
-CVE-2014-3845 (Cross-site request forgery (CSRF) vulnerability in the TinyMCE Color ...)
+CVE-2014-3845
 	NOT-FOR-US: WordPress plugin TinyMCE Color Picker
-CVE-2014-3844 (The TinyMCE Color Picker plugin before 1.2 for WordPress does not ...)
+CVE-2014-3844
 	NOT-FOR-US: WordPress plugin TinyMCE Color Picker
-CVE-2014-3843 (Cross-site request forgery (CSRF) vulnerability in the Search ...)
+CVE-2014-3843
 	NOT-FOR-US: WordPress plugin Search Everything
-CVE-2014-3842 (Multiple cross-site scripting (XSS) vulnerabilities in the iMember360 ...)
+CVE-2014-3842
 	NOT-FOR-US: WordPress plugin iMember360
-CVE-2014-3841 (Cross-site scripting (XSS) vulnerability in the Contact Bank plugin ...)
+CVE-2014-3841
 	NOT-FOR-US: WordPress plugin Contact Bank
-CVE-2014-3946 (The query caching functionality in the Extbase Framework component in ...)
+CVE-2014-3946
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3945 (The Authentication component in TYPO3 before 6.2, when salting for ...)
+CVE-2014-3945
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3944 (The Authentication component in TYPO3 6.2.0 before 6.2.3 does not ...)
+CVE-2014-3944
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3943 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
+CVE-2014-3943
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3942 (The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 ...)
+CVE-2014-3942
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3941 (TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, ...)
+CVE-2014-3941
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3917 (kernel/auditsc.c in the Linux kernel through 3.14.5, when ...)
+CVE-2014-3917
 	{DLA-0015-1}
 	- linux 3.14.7-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: http://article.gmane.org/gmane.linux.kernel/1713179
-CVE-2014-3865 (Multiple directory traversal vulnerabilities in dpkg-source in ...)
+CVE-2014-3865
 	{DSA-2953-1}
 	- dpkg 1.17.10 (bug #749183)
-CVE-2014-3864 (Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 ...)
+CVE-2014-3864
 	{DSA-2953-1}
 	- dpkg 1.17.10 (bug #746498)
-CVE-2014-3870 (Cross-site scripting (XSS) vulnerability in the bib2html plugin 0.9.3 ...)
+CVE-2014-3870
 	NOT-FOR-US: WordPress plugin bib2html
-CVE-2014-3866 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-3866
 	NOT-FOR-US: userCake
-CVE-2014-3846 (Cross-site scripting (XSS) vulnerability in Flying Cart allows remote ...)
+CVE-2014-3846
 	NOT-FOR-US: Flying Cart
 CVE-2014-3839 [owncloud: Deserialization of Untrusted Data in core]
 	RESERVED
 	- owncloud 6.0.3+dfsg-1
-CVE-2014-3838 (ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not properly ...)
+CVE-2014-3838
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-016/
-CVE-2014-3837 (The document application in ownCloud Server before 6.0.3 uses ...)
+CVE-2014-3837
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-015/
-CVE-2014-3836 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
+CVE-2014-3836
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-014/
-CVE-2014-3835 (ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check ...)
+CVE-2014-3835
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-012/
-CVE-2014-3834 (ownCloud Server before 6.0.3 does not properly check permissions, ...)
+CVE-2014-3834
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-011/
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-013/
-CVE-2014-3833 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery ...)
+CVE-2014-3833
 	- owncloud 6.0.3+dfsg-2
-CVE-2014-3832 (Cross-site scripting (XSS) vulnerability in the Documents component in ...)
+CVE-2014-3832
 	- owncloud 6.0.3+dfsg-2
 CVE-2014-3831
 	REJECTED
-CVE-2014-3830 (Cross-site scripting (XSS) vulnerability in info.php in TomatoCart ...)
+CVE-2014-3830
 	NOT-FOR-US: TomatoCart
-CVE-2014-3829 (displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise ...)
+CVE-2014-3829
 	NOT-FOR-US: Centreon
-CVE-2014-3828 (Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon ...)
+CVE-2014-3828
 	NOT-FOR-US: Centreon
 CVE-2014-3827
 	RESERVED
 CVE-2014-3826
 	RESERVED
-CVE-2014-3825 (The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, ...)
+CVE-2014-3825
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3824 (Cross-site scripting (XSS) vulnerability in the web server in the ...)
+CVE-2014-3824
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2014-3823 (The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with ...)
+CVE-2014-3823
 	NOT-FOR-US: The Juniper Junos Pulse Secure Access Service
-CVE-2014-3822 (Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before ...)
+CVE-2014-3822
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3821 (Cross-site scripting (XSS) vulnerability in SRX Web Authentication ...)
+CVE-2014-3821
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3820 (Cross-site scripting (XSS) vulnerability in the SSL VPN/UAC web server ...)
+CVE-2014-3820
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2014-3819 (Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before ...)
+CVE-2014-3819
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3818 (Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, ...)
+CVE-2014-3818
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3817 (Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 ...)
+CVE-2014-3817
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3816 (Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before ...)
+CVE-2014-3816
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3815 (Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before ...)
+CVE-2014-3815
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3814 (The Juniper Networks NetScreen Firewall devices with ScreenOS before ...)
+CVE-2014-3814
 	NOT-FOR-US: Juniper Networks NetScreen Firewall
-CVE-2014-3813 (Unspecified vulnerability in the Juniper Networks NetScreen Firewall ...)
+CVE-2014-3813
 	NOT-FOR-US: Juniper Networks NetScreen Firewall
-CVE-2014-3812 (The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with ...)
+CVE-2014-3812
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2014-3811 (Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows ...)
+CVE-2014-3811
 	NOT-FOR-US: Junos Pulse Client
-CVE-2014-3810 (SQL injection vulnerability in administration/profiles.php in BoonEx ...)
+CVE-2014-3810
 	NOT-FOR-US: Dolphin (php thingy)
 CVE-2014-3809
 	RESERVED
 	NOT-FOR-US: Alcatel Lucent
-CVE-2014-3808 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive ...)
+CVE-2014-3808
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-3807 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive ...)
+CVE-2014-3807
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-3806 (Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo ...)
+CVE-2014-3806
 	NOT-FOR-US: VMTurbo Operations Manager
-CVE-2014-3805 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows ...)
+CVE-2014-3805
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-3804 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows ...)
+CVE-2014-3804
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-3803 (The SpeechInput feature in Blink, as used in Google Chrome before ...)
+CVE-2014-3803
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3802 (msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as ...)
+CVE-2014-3802
 	NOT-FOR-US: Microsoft Visual Studio
 CVE-2014-3799
 	REJECTED
 CVE-2014-3798
 	RESERVED
-CVE-2014-3797 (Cross-site scripting (XSS) vulnerability in VMware vCenter Server ...)
+CVE-2014-3797
 	NOT-FOR-US: VMware vSphere
-CVE-2014-3796 (VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) ...)
+CVE-2014-3796
 	NOT-FOR-US: VMware NSX and vCNS
 CVE-2014-3795
 	REJECTED
 CVE-2014-3794
 	REJECTED
-CVE-2014-3793 (VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player ...)
+CVE-2014-3793
 	NOT-FOR-US: VMware
-CVE-2014-3792 (Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 ...)
+CVE-2014-3792
 	NOT-FOR-US: Beetel Router
-CVE-2014-3791 (Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 ...)
+CVE-2014-3791
 	NOT-FOR-US: Easy File Sharing
-CVE-2014-3790 (Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows ...)
+CVE-2014-3790
 	NOT-FOR-US: VMware vCenter Server Appliance
-CVE-2014-3789 (GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before ...)
+CVE-2014-3789
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-3788 (Heap-based buffer overflow in the Web Server in Cogent Real-Time ...)
+CVE-2014-3788
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-3787 (SAP NetWeaver 7.20 and earlier allows remote attackers to read ...)
+CVE-2014-3787
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3840 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-3840
 	- mayan <itp> (bug #718580)
-CVE-2014-3801 (OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, ...)
+CVE-2014-3801
 	- heat 2014.1-4 (bug #748824)
 	NOTE: https://launchpad.net/bugs/1311223
-CVE-2014-3786 (Multiple cross-site scripting (XSS) vulnerabilities in the contact ...)
+CVE-2014-3786
 	NOT-FOR-US: Pixie CMS
 CVE-2014-3785
 	RESERVED
 CVE-2014-3784
 	RESERVED
-CVE-2014-3783 (SQL injection vulnerability in admin/categories.php in Dotclear before ...)
+CVE-2014-3783
 	- dotclear 2.6.3+dfsg-1
-CVE-2014-3782 (Multiple incomplete blacklist vulnerabilities in the ...)
+CVE-2014-3782
 	- dotclear 2.6.3+dfsg-1
-CVE-2014-3781 (The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in ...)
+CVE-2014-3781
 	- dotclear 2.6.3+dfsg-1
-CVE-2014-3780 (Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 ...)
+CVE-2014-3780
 	NOT-FOR-US: Citrix
-CVE-2014-3779 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ...)
+CVE-2014-3779
 	NOT-FOR-US: ZOHO
-CVE-2014-3778 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-3778
 	NOT-FOR-US: ARRIS modem
-CVE-2014-3777 (Directory traversal vulnerability in Reportico PHP Report Designer ...)
+CVE-2014-3777
 	NOT-FOR-US: Reportico PHP Report Designer
 CVE-2014-3770
 	RESERVED
@@ -15990,31 +15990,31 @@ CVE-2014-3766
 	RESERVED
 CVE-2014-3765
 	RESERVED
-CVE-2014-3764 (Cross-site scripting (XSS) vulnerability in the web-based device ...)
+CVE-2014-3764
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2014-3763
 	RESERVED
 CVE-2014-3762
 	RESERVED
-CVE-2014-3761 (Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with ...)
+CVE-2014-3761
 	NOT-FOR-US: D-Link DAP 1150
-CVE-2014-3760 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
+CVE-2014-3760
 	NOT-FOR-US: D-Link DAP 1150
-CVE-2014-3759 (Multiple SQL injection vulnerabilities in the BibTex Publications ...)
+CVE-2014-3759
 	NOT-FOR-US: TYPO3 extension si_bibtex
-CVE-2014-3758 (Cross-site scripting (XSS) vulnerability in the BibTex Publications ...)
+CVE-2014-3758
 	NOT-FOR-US: TYPO3 extension si_bibtex
-CVE-2014-3757 (SQL injection vulnerability in sorter.php in the phpManufaktur kitForm ...)
+CVE-2014-3757
 	NOT-FOR-US: phpManufaktur extension
 CVE-2014-3754
 	RESERVED
 CVE-2014-3753
 	RESERVED
-CVE-2014-3752 (The MiniIcpt.sys driver in G Data TotalProtection 2014 24.0.2.1 and ...)
+CVE-2014-3752
 	NOT-FOR-US: G Data TotalProtection
 CVE-2014-3751
 	RESERVED
-CVE-2014-3750 (The Bilyoner application before 2.3.1 for Android and before 4.6.2 for ...)
+CVE-2014-3750
 	NOT-FOR-US: Bilyoner for Android
 CVE-2014-3748
 	RESERVED
@@ -16024,22 +16024,22 @@ CVE-2014-3746
 	RESERVED
 CVE-2014-3745
 	RESERVED
-CVE-2014-3744 (Directory traversal vulnerability in the st module before 0.2.5 for ...)
+CVE-2014-3744
 	NOT-FOR-US: Node st module
 CVE-2014-3743
 	RESERVED
 	- node-marked 0.3.1+dfsg-1
-CVE-2014-3742 (The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js ...)
+CVE-2014-3742
 	NOT-FOR-US: hapi framework for Node.js
-CVE-2014-3741 (The printDirect function in lib/printer.js in the node-printer module ...)
+CVE-2014-3741
 	NOT-FOR-US: node-printer
-CVE-2014-3740 (Cross-site scripting (XSS) vulnerability in SpiceWorks before ...)
+CVE-2014-3740
 	NOT-FOR-US: SpiceWorks
-CVE-2014-3737 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-3737
 	NOT-FOR-US: Storesprite
 CVE-2014-3736
 	RESERVED
-CVE-2014-3735 (ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers ...)
+CVE-2014-3735
 	NOT-FOR-US: Intel Ideo Video
 CVE-2014-3734
 	RESERVED
@@ -16073,42 +16073,42 @@ CVE-2014-3718
 	RESERVED
 CVE-2014-3713
 	RESERVED
-CVE-2014-3712 (Katello allows remote attackers to cause a denial of service (memory ...)
+CVE-2014-3712
 	NOT-FOR-US: Katello
-CVE-2014-3711 (namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause ...)
+CVE-2014-3711
 	{DSA-3070-1}
 	- kfreebsd-9 <removed> (bug #766275)
 	- kfreebsd-10 10.1~svn273874-1 (bug #766278)
 	[experimental] - kfreebsd-11 11.0~svn284956-1 (bug #766279)
-CVE-2014-3710 (The donote function in readelf.c in file through 5.20, as used in the ...)
+CVE-2014-3710
 	{DSA-3074-1 DSA-3072-1 DLA-94-1 DLA-86-1}
 	- file 1:5.20-2 (bug #768806)
 	NOTE: Upstream fix: https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
 	- php5 5.6.3+dfsg-1 (bug #768807)
 	NOTE: https://bugs.php.net/bug.php?id=68283
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=1803228597e82218a8c105e67975bc50e6f5bf0d (PHP 5.4 branch)
-CVE-2014-3709 (The org.keycloak.services.resources.SocialResource.callback method in ...)
+CVE-2014-3709
 	NOT-FOR-US: JBoss KeyCloak
-CVE-2014-3708 (OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 ...)
+CVE-2014-3708
 	- nova 2014.1.3-6 (low)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: affected versions up to 2014.1.3, and 2014.2
-CVE-2014-3707 (The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, ...)
+CVE-2014-3707
 	{DSA-3069-1 DLA-84-1}
 	- curl 7.38.0-3
 	NOTE: http://curl.haxx.se/docs/adv_20141105.html
 	NOTE: Upstream commit: https://github.com/bagder/curl/commit/b3875606925536f82fc61f3114ac42f29eaf6945
-CVE-2014-3706 (ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle ...)
+CVE-2014-3706
 	NOT-FOR-US: ovirt-engine
 CVE-2014-3705
 	RESERVED
-CVE-2014-3704 (The expandArguments function in the database abstraction API in Drupal ...)
+CVE-2014-3704
 	{DSA-3051-1}
 	- drupal7 7.32-1 (bug #765507)
 	- drupal6 <not-affected> (Only affects Drupal 7)
-CVE-2014-3703 (OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic ...)
+CVE-2014-3703
 	NOT-FOR-US: Red Hat Openstack 4 Neutron
-CVE-2014-3702 (Directory traversal vulnerability in eNovance eDeploy allows remote ...)
+CVE-2014-3702
 	- edeploy <itp> (bug #717664)
 CVE-2014-3701
 	RESERVED
@@ -16119,39 +16119,39 @@ CVE-2014-3700
 CVE-2014-3699
 	RESERVED
 	- edeploy <itp> (bug #717664)
-CVE-2014-3698 (The jabber_idn_validate function in jutil.c in the Jabber protocol ...)
+CVE-2014-3698
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3697 (Absolute path traversal vulnerability in the untar_block function in ...)
+CVE-2014-3697
 	- pidgin <not-affected> (Windows specific)
-CVE-2014-3696 (nmevent.c in the Novell GroupWise protocol plugin in libpurple in ...)
+CVE-2014-3696
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3695 (markup.c in the MXit protocol plugin in libpurple in Pidgin before ...)
+CVE-2014-3695
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3694 (The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL ...)
+CVE-2014-3694
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3693 (Use-after-free vulnerability in the socket manager of Impress Remote ...)
+CVE-2014-3693
 	- libreoffice 1:4.3.3~rc2~git20141011-1
 	[wheezy] - libreoffice <not-affected> (Introduced in 4.0.0)
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/
-CVE-2014-3692 (The customization template in Red Hat CloudForms 3.1 Management Engine ...)
+CVE-2014-3692
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-3691 (Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before ...)
+CVE-2014-3691
 	NOT-FOR-US: Foreman Smart Proxy
-CVE-2014-3690 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before ...)
+CVE-2014-3690
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a (v3.18-rc1)
-CVE-2014-3689 (The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local ...)
+CVE-2014-3689
 	{DSA-3067-1 DSA-3066-1}
 	- qemu 2.1+dfsg-6 (bug #765496)
 	- qemu-kvm <removed>
@@ -16159,17 +16159,17 @@ CVE-2014-3689 (The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows lo
 	[squeeze] - qemu <end-of-life>
 	NOTE: Upstream's quick and easy stopgap for this issue: compile out the hardware acceleration functions which lack sanity checks.
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=83afa38eb20ca27e30683edc7729880e091387fc
-CVE-2014-3688 (The SCTP implementation in the Linux kernel before 3.17.4 allows ...)
+CVE-2014-3688
 	{DSA-3060-1 DLA-118-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=26b87c7881006311828bb0ab271a551a62dcceb4 (v3.18-rc1)
-CVE-2014-3687 (The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in ...)
+CVE-2014-3687
 	{DSA-3060-1 DLA-118-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b69040d8e39f20d5215a03502a8e8b4c6ab78395 (v3.18-rc1)
-CVE-2014-3686 (wpa_supplicant and hostapd 0.7.2 through 2.2, when running with ...)
+CVE-2014-3686
 	{DSA-3052-1 DLA-147-1}
 	- wpasupplicant <removed>
 	- hostapd <removed>
@@ -16177,43 +16177,43 @@ CVE-2014-3686 (wpa_supplicant and hostapd 0.7.2 through 2.2, when running with .
 	- wpa 2.3-1 (bug #765352; high)
 CVE-2014-3685
 	REJECTED
-CVE-2014-3684 (The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source ...)
+CVE-2014-3684
 	{DSA-3058-1 DLA-78-1}
 	- torque 2.4.16+dfsg-1.5 (bug #763922)
 	NOTE: https://github.com/adaptivecomputing/torque/commit/967cdc80150690459a47a35a658abeee0ca6e5cb
 	NOTE: https://github.com/adaptivecomputing/torque/commit/f2f4c950f3d461a249111c8826da3beaafccace9
 	NOTE: 2.4 is end-of-life upstream thus no patches available for that branch.
-CVE-2014-3683 (Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and ...)
+CVE-2014-3683
 	{DSA-3047-1 DLA-72-1}
 	- rsyslog 8.4.2-1
 	NOTE: http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/
-CVE-2014-3682 (XML external entity (XXE) vulnerability in the JBPMBpmn2ResourceImpl ...)
+CVE-2014-3682
 	NOT-FOR-US: jBPM Designer
-CVE-2014-3681 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and ...)
+CVE-2014-3681
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3680 (Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
+CVE-2014-3680
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3679 (The Monitoring plugin before 1.53.0 for Jenkins allows remote ...)
+CVE-2014-3679
 	NOT-FOR-US: Jenkins monitoring plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
-CVE-2014-3678 (Cross-site scripting (XSS) vulnerability in the Monitoring plugin ...)
+CVE-2014-3678
 	NOT-FOR-US: Jenkins monitoring plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
-CVE-2014-3677 (Unspecified vulnerability in Shim might allow attackers to execute ...)
+CVE-2014-3677
 	NOT-FOR-US: shim (the UEFI one, not the systemd)
-CVE-2014-3676 (Heap-based buffer overflow in Shim allows remote attackers to execute ...)
+CVE-2014-3676
 	NOT-FOR-US: shim (the UEFI one, not the systemd)
-CVE-2014-3675 (Shim allows remote attackers to cause a denial of service ...)
+CVE-2014-3675
 	NOT-FOR-US: shim (the UEFI one, not the systemd)
-CVE-2014-3674 (Red Hat OpenShift Enterprise before 2.2 does not properly restrict ...)
+CVE-2014-3674
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2014-3673 (The SCTP implementation in the Linux kernel through 3.17.2 allows ...)
+CVE-2014-3673
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze9
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9de7922bc709eee2f609cd01d98aaedc4cf5ea74 (v3.18-rc1)
-CVE-2014-3672 (The qemu implementation in libvirt before 1.3.0 and Xen allows local ...)
+CVE-2014-3672
 	{DLA-571-1}
 	- xen 4.4.0-1
 	NOTE: Xen switched to qemu-system in 4.4.0-1
@@ -16222,36 +16222,36 @@ CVE-2014-3672 (The qemu implementation in libvirt before 1.3.0 and Xen allows lo
 	NOTE: This is hardly a vulnerability in qemu per se, but rather a problem of integrating qemu
 CVE-2014-3671
 	REJECTED
-CVE-2014-3670 (The exif_ifd_make_value function in exif.c in the EXIF extension in ...)
+CVE-2014-3670
 	{DSA-3064-1 DLA-94-1}
 	- php5 5.6.2+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68113
-CVE-2014-3669 (Integer overflow in the object_custom function in ...)
+CVE-2014-3669
 	{DSA-3064-1 DLA-94-1}
 	- php5 5.6.2+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68044
-CVE-2014-3668 (Buffer overflow in the date_from_ISO8601 function in the mkgmtime ...)
+CVE-2014-3668
 	{DSA-3064-1 DLA-94-1}
 	- php5 5.6.2+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68027
-CVE-2014-3667 (Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent ...)
+CVE-2014-3667
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3666 (Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...)
+CVE-2014-3666
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3665 (Jenkins before 1.587 and LTS before 1.580.1 do not properly ensure ...)
+CVE-2014-3665
 	- jenkins <removed> (bug #767541)
 	[jessie] - jenkins <no-dsa> (Backport not feasible, insecure feature is documented as such)
 	NOTE: For jessie, the backport is too intrusive and since it's a cornercase, it's only documented,
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-30
-CVE-2014-3664 (Directory traversal vulnerability in Jenkins before 1.583 and LTS ...)
+CVE-2014-3664
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3663 (Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
+CVE-2014-3663
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3662 (Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...)
+CVE-2014-3662
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3661 (Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...)
+CVE-2014-3661
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3660 (parser.c in libxml2 before 2.9.2 does not properly prevent entity ...)
+CVE-2014-3660
 	{DSA-2978-2 DSA-3057-1 DLA-151-1 DLA-80-1}
 	[jessie] - libxml2 2.9.1+dfsg1-5
 	- libxml2 2.9.2+dfsg1-1 (bug #765722)
@@ -16264,7 +16264,7 @@ CVE-2014-3659
 	REJECTED
 CVE-2014-3658
 	RESERVED
-CVE-2014-3657 (The virDomainListPopulate function in conf/domain_conf.c in libvirt ...)
+CVE-2014-3657
 	- libvirt 1.2.9-1
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -16276,16 +16276,16 @@ CVE-2014-3656
 CVE-2014-3655
 	RESERVED
 	NOT-FOR-US: JBoss KeyCloak
-CVE-2014-3654 (Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java ...)
+CVE-2014-3654
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-3653 (Cross-site scripting (XSS) vulnerability in the template preview ...)
+CVE-2014-3653
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/7483
 	NOTE: https://github.com/sodabrew/foreman/issues/1
 CVE-2014-3652
 	RESERVED
 	NOT-FOR-US: JBoss KeyCloak
-CVE-2014-3651 (JBoss KeyCloak before 1.0.3.Final allows remote attackers to cause a ...)
+CVE-2014-3651
 	NOT-FOR-US: JBoss KeyCloak
 CVE-2014-3650
 	RESERVED
@@ -16295,19 +16295,19 @@ CVE-2014-3649
 	NOT-FOR-US: JBoss AeroGear
 CVE-2014-3648
 	RESERVED
-CVE-2014-3647 (arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel ...)
+CVE-2014-3647
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=234f3ce485d54017f15cf5e0699cff4100121601
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=d1442d85cc30ea75f7d399474ca738e0bc96f715
-CVE-2014-3646 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through ...)
+CVE-2014-3646
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=a642fc305053cc1c6e47e4f4df327895747ab485
-CVE-2014-3645 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before ...)
+CVE-2014-3645
 	{DSA-3060-1}
 	- linux 3.12.6-1
 	- linux-2.6 <removed>
@@ -16318,105 +16318,105 @@ CVE-2014-3644
 CVE-2014-3643
 	RESERVED
 	NOT-FOR-US: Jersey SAX parser
-CVE-2014-3642 (vmdb/app/controllers/application_controller/performance.rb in Red Hat ...)
+CVE-2014-3642
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-3641 (The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder ...)
+CVE-2014-3641
 	- cinder 2014.1.3-1
 	NOTE: Affects version up to 2014.1.2
-CVE-2014-3640 (The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local ...)
+CVE-2014-3640
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.1+dfsg-5 (bug #762532)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
 	[squeeze] - qemu <end-of-life>
 	NOTE: http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html
-CVE-2014-3639 (The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not ...)
+CVE-2014-3639
 	{DSA-3026-1 DLA-87-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80919
-CVE-2014-3638 (The bus_connections_check_reply function in config-parser.c in D-Bus ...)
+CVE-2014-3638
 	{DSA-3026-1 DLA-87-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=81053
-CVE-2014-3637 (D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does ...)
+CVE-2014-3637
 	{DSA-3026-1}
 	- dbus 1.8.8-1
 	[squeeze] - dbus <not-affected> (Version in squeeze does not support FD passing with SCM_RIGHTS)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80559
-CVE-2014-3636 (D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows ...)
+CVE-2014-3636
 	{DSA-3026-1}
 	- dbus 1.8.8-1
 	[squeeze] - dbus <not-affected> (Version in squeeze does not support FD passing with SCM_RIGHTS)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=82820
-CVE-2014-3635 (Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x ...)
+CVE-2014-3635
 	{DSA-3026-1}
 	- dbus 1.8.8-1
 	[squeeze] - dbus <not-affected> (Version in Squeeze does not support FD passing with SCM_RIGHTS)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=83622
-CVE-2014-3634 (rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier ...)
+CVE-2014-3634
 	{DSA-3040-1 DLA-72-1}
 	- rsyslog 8.4.1-1
 	- inetutils 2:1.9.2.39.3a460-1
 	[wheezy] - inetutils <no-dsa> (Minor issue)
 	[squeeze] - inetutils <no-dsa> (Minor issue)
-CVE-2014-3633 (The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt ...)
+CVE-2014-3633
 	{DSA-3038-1}
 	- libvirt 1.2.8-2 (bug #762203)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced in v0.9.8)
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=eca96694a7f992be633d48d5ca03cedc9bbc3c9a (v0.9.8)
 	NOTE: Upstream advisory: http://security.libvirt.org/2014/0004.html
-CVE-2014-3632 (The default configuration in a sudoers file in the Red Hat ...)
+CVE-2014-3632
 	- neutron <not-affected> (Red Hat-specific)
 	NOTE: Regression of fix for CVE-2013-6433, Red Hat specific in RedHat Enterprise Open Stack Platform 5.0
-CVE-2014-3631 (The assoc_array_gc function in the associative-array implementation in ...)
+CVE-2014-3631
 	- linux 3.16.3-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2a4df200d570b2c33a57e1ebfa5896e4bc81b69 (v3.13)
 	NOTE: Fixed by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95389b08d93d5c06ec63ab49bd732b0069b7c35e
-CVE-2014-3630 (XML external entity (XXE) vulnerability in the Java XML processing ...)
+CVE-2014-3630
 	NOT-FOR-US: Play framework
-CVE-2014-3629 (XML external entity (XXE) vulnerability in the XML Exchange module in ...)
+CVE-2014-3629
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/secure/attachment/12680198/QPID-6218.patch
-CVE-2014-3628 (Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / ...)
+CVE-2014-3628
 	- lucene-solr <not-affected> (Only affects later 4.x releases)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-6738
-CVE-2014-3627 (The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 ...)
+CVE-2014-3627
 	NOT-FOR-US: Apache Hadoop
-CVE-2014-3626 (The Grails Resource Plugin often has to exchange URIs for resources ...)
+CVE-2014-3626
 	NOT-FOR-US: Grails Resource Plugin
-CVE-2014-3625 (Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 ...)
+CVE-2014-3625
 	- libspring-java 3.2.13-1 (bug #769698)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
 	NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601 (3.2.x)
 	NOTE: https://jira.spring.io/browse/SPR-12354
 	NOTE: http://www.pivotal.io/security/cve-2014-3625
-CVE-2014-3624 (Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to ...)
+CVE-2014-3624
 	- trafficserver 5.0.0-1
 	[wheezy] - trafficserver <not-affected> (Only affects 4.0.2 to 4.1.2)
 	NOTE: https://issues.apache.org/jira/browse/TS-2677
-CVE-2014-3623 (Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF ...)
+CVE-2014-3623
 	NOT-FOR-US: Apache CXF
 CVE-2014-3622 [Posthandler Potential Illegal efree() vulnerability]
 	RESERVED
 	- php5 5.6.1+dfsg-1 (unimportant)
 	NOTE: Not exploitable
 	NOTE: https://bugs.php.net/bug.php?id=68088
-CVE-2014-3621 (The catalog url replacement in OpenStack Identity (Keystone) before ...)
+CVE-2014-3621
 	- keystone 2014.1.3-1
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: up to 2013.2.3 and 2014.1 versions up to 2014.1.2.1
-CVE-2014-3620 (cURL and libcurl before 7.38.0 allow remote attackers to bypass the ...)
+CVE-2014-3620
 	- curl 7.38.0-1
 	[wheezy] - curl <not-affected> (affects versions 7.31.0 and later)
 	[squeeze] - curl <not-affected> (affects versions 7.31.0 and later)
 	NOTE: http://curl.haxx.se/docs/adv_20140910B.html
 	NOTE: Introduced by https://github.com/bagder/curl/commit/85b9dc8023
-CVE-2014-3619 (The __socket_proto_state_machine function in GlusterFS 3.5 allows ...)
+CVE-2014-3619
 	[experimental] - glusterfs 3.6.2-1
 	- glusterfs 3.5.2-2 (bug #781018)
 	[wheezy] - glusterfs <not-affected> (Vulnerability introduced after 3.2 release)
@@ -16425,17 +16425,17 @@ CVE-2014-3619 (The __socket_proto_state_machine function in GlusterFS 3.5 allows
 	NOTE: http://review.gluster.org/#/c/8662/4 (master)
 	NOTE: GlusterFS after version 3.2 got changes in the RPC handling which seem to
 	NOTE: introduce the vulnerability. With 3.2.x issue is not reproducible.
-CVE-2014-3617 (The forum_print_latest_discussions function in mod/forum/lib.php in ...)
+CVE-2014-3617
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619
-CVE-2014-3616 (nginx 0.5.6 through 1.7.4, when using the same shared ...)
+CVE-2014-3616
 	{DSA-3029-1 DLA-55-1}
 	- nginx 1.6.2-1 (bug #761940)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
 	NOTE: Upstream patch: http://trac.nginx.org/nginx/changeset/1ee1db30c9b96e9e43e85ab0bfba42140af24966/nginx (stable-1.6 branch)
 	NOTE: See follow up on: http://mailman.nginx.org/pipermail/nginx-devel/2014-September/005948.html
-CVE-2014-3615 (The VGA emulator in QEMU allows local guest users to read host memory ...)
+CVE-2014-3615
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.1+dfsg-5
 	- qemu-kvm <removed>
@@ -16443,25 +16443,25 @@ CVE-2014-3615 (The VGA emulator in QEMU allows local guest users to read host me
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=c1b886c45dc70f247300f549dce9833f3fa2def5
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ab9509cceabef28071e41bdfa073083859c949a7
-CVE-2014-3614 (Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) ...)
+CVE-2014-3614
 	- pdns-recursor 3.6.1-1
 	[wheezy] - pdns-recursor <not-affected> (Only affects 3.6.0)
 	[squeeze] - pdns-recursor <not-affected> (Only affects 3.6.0)
-CVE-2014-3613 (cURL and libcurl before 7.38.0 does not properly handle IP addresses ...)
+CVE-2014-3613
 	{DSA-3022-1 DLA-64-1}
 	- curl 7.38.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20140910A.html
-CVE-2014-3612 (The LDAPLoginModule implementation in the Java Authentication and ...)
+CVE-2014-3612
 	- activemq 5.6.0+dfsg1-4 (low; bug #777196)
 	[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
-CVE-2014-3611 (Race condition in the __kvm_migrate_pit_timer function in ...)
+CVE-2014-3611
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=2febc839133280d5a5e8e1179c94ea674489dae2
-CVE-2014-3610 (The WRMSR processing functionality in the KVM subsystem in the Linux ...)
+CVE-2014-3610
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
@@ -16469,16 +16469,16 @@ CVE-2014-3610 (The WRMSR processing functionality in the KVM subsystem in the Li
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=854e8bb1aa06c578c2c9145fa6bfe3680ef63b23
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=8b3c3104c3f4f706e99365c3e0d2aa61b95f969f
 	NOTE: Enabling CONFIG_PARAVIRT when building the kernel mitigates this issue.
-CVE-2014-3609 (HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 ...)
+CVE-2014-3609
 	{DSA-3139-1 DSA-3014-1 DLA-216-1 DLA-45-1}
 	- squid 2.7.STABLE9-5 (bug #776194)
 	- squid3 3.3.8-1.2 (bug #759509)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_2.txt
-CVE-2014-3608 (The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows ...)
+CVE-2014-3608
 	- nova 2014.1.3-1
 	[wheezy] - nova <not-affected> (Vulnerable code in 2013.2 to 2013.2.2)
 	NOTE: Incomplete fix for CVE-2014-2573
-CVE-2014-3607 (DefaultHostnameVerifier in Ldaptive (formerly vt-ldap) does not ...)
+CVE-2014-3607
 	- libvt-ldap-java 3.3.8-1 (bug #763608)
 CVE-2014-3606
 	RESERVED
@@ -16487,7 +16487,7 @@ CVE-2014-3606
 	NOTE: not a security issue, see https://bugzilla.redhat.com/show_bug.cgi?id=1133306#c8
 CVE-2014-3605
 	REJECTED
-CVE-2014-3604 (Certificates.java in Not Yet Commons SSL before 0.3.15 does not ...)
+CVE-2014-3604
 	- not-yet-commons-ssl 0.3.15-1 (bug #759526)
 	NOTE: http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/2014-August/000832.html
 CVE-2014-3603 [HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification]
@@ -16495,42 +16495,42 @@ CVE-2014-3603 [HTTPS Connections Via HTTP Resources Do Not Perform Hostname Veri
 	- libopensaml2-java 2.6.2-1 (bug #759470)
 	NOTE: http://shibboleth.net/community/advisories/secadv_20140813.txt
 	NOTE: http://svn.shibboleth.net/view/java-opensaml2/branches/REL_2/src/main/java/org/opensaml/DefaultBootstrap.java?r1=1622&r2=1666&pathrev=1666
-CVE-2014-3602 (Red Hat OpenShift Enterprise before 2.2 allows local users to obtain ...)
+CVE-2014-3602
 	NOT-FOR-US: OpenShift
-CVE-2014-3601 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux ...)
+CVE-2014-3601
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
-CVE-2014-3600 (XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before ...)
+CVE-2014-3600
 	- activemq 5.6.0+dfsg1-4 (low; bug #777196)
 	[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt
 CVE-2014-3599
 	RESERVED
 	NOT-FOR-US: HornetQ
-CVE-2014-3598 (The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote ...)
+CVE-2014-3598
 	- pillow 2.5.3-1
 	- python-imaging <not-affected> (Vulnerable code not present)
-CVE-2014-3597 (Multiple buffer overflows in the php_parserr function in ...)
+CVE-2014-3597
 	{DSA-3008-1 DLA-67-1}
 	- php5 5.6.0+dfsg-1
 	NOTE: patch: https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05#diff-d41d8cd98f00b204e9800998ecf8427e
 	NOTE: https://bugs.php.net/bug.php?id=67717
 	NOTE: incomplete fix for CVE-2014-4049
-CVE-2014-3596 (The getCN function in Apache Axis 1.4 and earlier does not properly ...)
+CVE-2014-3596
 	{DLA-169-1}
 	- axis 1.4-21 (low; bug #762444)
 	[wheezy] - axis 1.4-16.2+deb7u1
 	[squeeze] - axis <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/secure/attachment/12662672/CVE-2014-3596.patch
-CVE-2014-3595 (Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, ...)
+CVE-2014-3595
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-3594 (Cross-site scripting (XSS) vulnerability in the Host Aggregates ...)
+CVE-2014-3594
 	- horizon 2014.1.2-3 (bug #758930)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: up to 2013.2.3, and 2014.1 versions up to 2014.1.2
-CVE-2014-3593 (Eval injection vulnerability in luci 0.26.0 allows remote ...)
+CVE-2014-3593
 	NOT-FOR-US: Luci
 CVE-2014-3592
 	RESERVED
@@ -16546,7 +16546,7 @@ CVE-2014-3591 [sidechannel attack on Elgamal]
 CVE-2014-3590
 	RESERVED
 	- foreman <itp> (bug #663101)
-CVE-2014-3589 (PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow ...)
+CVE-2014-3589
 	{DSA-3009-1 DLA-41-1}
 	- pillow 2.5.3-1 (bug #758772)
 	- python-imaging <removed>
@@ -16554,43 +16554,43 @@ CVE-2014-3589 (PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow
 	NOTE: https://github.com/python-pillow/Pillow/commit/205e056f8f9b06ed7b925cf8aa0874bc4aaf8a7d
 CVE-2014-3588
 	RESERVED
-CVE-2014-3587 (Integer overflow in the cdf_read_property_info function in cdf.c in ...)
+CVE-2014-3587
 	{DSA-3021-1 DSA-3008-1 DLA-67-1 DLA-50-1}
 	- php5 5.6.0+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=67716
 	NOTE: https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947
 	- file 1:5.19-2
-CVE-2014-3586 (The default configuration for the Command Line Interface in Red Hat ...)
+CVE-2014-3586
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2014-3585
 	RESERVED
 	NOT-FOR-US: redhat-upgrade-tool
-CVE-2014-3584 (The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before ...)
+CVE-2014-3584
 	NOT-FOR-US: Apache CXF
-CVE-2014-3583 (The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi ...)
+CVE-2014-3583
 	- apache2 2.4.10-8 (low)
 	[wheezy] - apache2 <not-affected> (no mod_proxy_fcgi in 2.2)
 	[squeeze] - apache2 <not-affected> (no mod_proxy_fcgi in 2.2)
 	NOTE: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c?r1=1618401&r2=1638818
 	NOTE: Only exploitable by a malicious fcgi script.
-CVE-2014-3582 (In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary ...)
+CVE-2014-3582
 	NOT-FOR-US: Apache Ambari
-CVE-2014-3581 (The cache_merge_headers_out function in modules/cache/cache_util.c in ...)
+CVE-2014-3581
 	{DLA-71-1}
 	- apache2 2.4.10-3
 	[wheezy] - apache2 <not-affected> (Only affects 2.4)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=56924#c6
-CVE-2014-3580 (The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x ...)
+CVE-2014-3580
 	{DSA-3107-1 DLA-119-1}
 	- subversion 1.8.10-5 (bug #773263)
 	NOTE: http://subversion.apache.org/security/CVE-2014-3580-advisory.txt
-CVE-2014-3579 (XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x ...)
+CVE-2014-3579
 	NOT-FOR-US: Apache ActiveMQ Apollo
-CVE-2014-3578 (Directory traversal vulnerability in Pivotal Spring Framework 3.x ...)
+CVE-2014-3578
 	- libspring-java 3.2.13-1 (low; bug #760733)
 	[jessie] - libspring-java <no-dsa> (minor issue)
 	[wheezy] - libspring-java <no-dsa> (minor issue)
-CVE-2014-3577 (org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents ...)
+CVE-2014-3577
 	{DLA-222-1}
 	- httpcomponents-client 4.3.5-1
 	[wheezy] - httpcomponents-client 4.1.1-2+deb7u1
@@ -16598,41 +16598,41 @@ CVE-2014-3577 (org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponent
 	- commons-httpclient 3.1-11 (bug #758086)
 	[wheezy] - commons-httpclient 3.1-10.2+deb7u1
 	NOTE: See https://bugs.debian.org/758086#59 for full details.
-CVE-2014-3576 (The processControlCommand function in broker/TransportConnection.java ...)
+CVE-2014-3576
 	{DSA-3330-1}
 	- activemq 5.6.0+dfsg1-4+deb8u1 (bug #792857)
-CVE-2014-3575 (The OLE preview generation in Apache OpenOffice before 4.1.1 and ...)
+CVE-2014-3575
 	NOT-FOR-US: OpenOffice on Windows
-CVE-2014-3574 (Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote ...)
+CVE-2014-3574
 	- libapache-poi-java 3.10.1-1
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=54764
-CVE-2014-3573 (The oVirt Engine backend module, as used in Red Hat Enterprise ...)
+CVE-2014-3573
 	NOT-FOR-US: oVirt Engine
-CVE-2014-3572 (The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before ...)
+CVE-2014-3572
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ef28c6d6767a6a30df5add36171894c96628fe98
-CVE-2014-3571 (OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k ...)
+CVE-2014-3571
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8d7aab986b499f34d9e1bc58fbfd77f05c38116e
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=45fe66b8ba026186aa5d8ef1e0e6010ea74d5c0b
-CVE-2014-3570 (The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before ...)
+CVE-2014-3570
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a7a44ba55cb4f884c6bc9ceac90072dea38e66d
-CVE-2014-3569 (The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, ...)
+CVE-2014-3569
 	{DSA-3125-1 DLA-81-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d
-CVE-2014-3568 (OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j ...)
+CVE-2014-3568
 	{DSA-3053-1 DLA-81-1}
 	- openssl 1.0.1j-1
-CVE-2014-3567 (Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL ...)
+CVE-2014-3567
 	{DSA-3053-1 DLA-81-1}
 	- openssl 1.0.1j-1
-CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...)
+CVE-2014-3566
 	{DSA-3489-1 DSA-3253-1 DSA-3147-1 DSA-3144-1 DSA-3092-1 DLA-400-1 DLA-282-1 DLA-157-1}
 	- arora <unfixed> (unimportant)
 	- bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
@@ -16693,29 +16693,29 @@ CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other
 	NOTE: This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
 	NOTE: Fix is to disable SSLv3 in library or application configurations
 	NOTE: Browsers based on webkit (with the exception of Chromium) or khtml are not covered by security support
-CVE-2014-3565 (snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is ...)
+CVE-2014-3565
 	- net-snmp 5.7.2.1~dfsg-7 (bug #760132)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8+deb7u1
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
-CVE-2014-3564 (Multiple heap-based buffer overflows in the status_handler function in ...)
+CVE-2014-3564
 	{DSA-3005-1 DLA-39-1}
 	- gpgme1.0 1.5.1-1 (bug #756651)
 	[squeeze] - gpgme1.0 1.2.0-1.2+deb6u1
 	NOTE: patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77
-CVE-2014-3563 (Multiple unspecified vulnerabilities in Salt (aka SaltStack) before ...)
+CVE-2014-3563
 	- salt 2014.1.10+ds-1
 	NOTE: http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html
-CVE-2014-3562 (Red Hat Directory Server 8 and 389 Directory Server, when debugging is ...)
+CVE-2014-3562
 	- 389-ds-base 1.3.2.21-1 (bug #757437)
-CVE-2014-3561 (The rhevm-log-collector package in Red Hat Enterprise Virtualization ...)
+CVE-2014-3561
 	NOT-FOR-US: rhevm-log-collector
-CVE-2014-3560 (NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and ...)
+CVE-2014-3560
 	- samba 2:4.1.11+dfsg-1 (bug #756759)
 	[squeeze] - samba <not-affected> (Only affects 4.x)
 	[wheezy] - samba <not-affected> (Only affects 4.x)
-CVE-2014-3559 (The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 ...)
+CVE-2014-3559
 	NOT-FOR-US: ovirt-engine-backend
-CVE-2014-3558 (ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in ...)
+CVE-2014-3558
 	- libhibernate-validator-java 4.2.1-2 (low; bug #762690)
 	[jessie] - libhibernate-validator-java <no-dsa> (Only used as a build dependency for libhibernate3-java)
 	[wheezy] - libhibernate-validator-java <no-dsa> (Only used as a build dependency for libhibernate3-java)
@@ -16726,68 +16726,68 @@ CVE-2014-3558 (ReflectionHelper (org.hibernate.validator.util.ReflectionHelper)
 	NOTE: Upstream ticket: https://hibernate.atlassian.net/browse/HV-912
 CVE-2014-3557
 	RESERVED
-CVE-2014-3556 (The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the ...)
+CVE-2014-3556
 	- nginx 1.6.1-1 (bug #757196)
 	[wheezy] - nginx <not-affected> (Affects 1.5.6 - 1.7.3)
 	[squeeze] - nginx <not-affected> (Affects 1.5.6 - 1.7.3)
 	NOTE: fixed in nginx 1.7.4, 1.6.1
-CVE-2014-3555 (OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno ...)
+CVE-2014-3555
 	- neutron 2014.1.1-3 (bug #755134)
-CVE-2014-3554 (Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp ...)
+CVE-2014-3554
 	- libndp 1.4-1 (bug #756389)
-CVE-2014-3553 (mod/forum/classes/post_form.php in Moodle through 2.3.11, 2.4.x before ...)
+CVE-2014-3553
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38990
-CVE-2014-3552 (The Shibboleth authentication plugin in auth/shibboleth/index.php in ...)
+CVE-2014-3552
 	- moodle 2.6.1-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_25_STABLE&st=commit&s=MDL-45485
-CVE-2014-3551 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-3551
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46223
-CVE-2014-3550 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-3550
 	- moodle <not-affected> (Only affects 2.7.x)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46227
-CVE-2014-3549 (Cross-site scripting (XSS) vulnerability in the get_description ...)
+CVE-2014-3549
 	- moodle <not-affected> (Only affects 2.7.x)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46201
-CVE-2014-3548 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle through ...)
+CVE-2014-3548
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45471
-CVE-2014-3547 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-3547
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46042
-CVE-2014-3546 (Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x ...)
+CVE-2014-3546
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760
-CVE-2014-3545 (Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x ...)
+CVE-2014-3545
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46148
-CVE-2014-3544 (Cross-site scripting (XSS) vulnerability in user/profile.php in Moodle ...)
+CVE-2014-3544
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683
-CVE-2014-3543 (mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, ...)
+CVE-2014-3543
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45417
-CVE-2014-3542 (mod/lti/service.php in Moodle through 2.3.11, 2.4.x before 2.4.11, ...)
+CVE-2014-3542
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45463
-CVE-2014-3541 (The Repositories component in Moodle through 2.3.11, 2.4.x before ...)
+CVE-2014-3541
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616
 CVE-2014-3540
 	REJECTED
-CVE-2014-3539 (base/oi/doa.py in the Rope library in CPython (aka Python) allows ...)
+CVE-2014-3539
 	- rope 0.10.3-1 (bug #777525)
 	[jessie] - rope <no-dsa> (Minor issue)
 	[squeeze] - rope <no-dsa> (Minor issue)
@@ -16797,13 +16797,13 @@ CVE-2014-3539 (base/oi/doa.py in the Rope library in CPython (aka Python) allows
 	NOTE: 0.10.3-1 only adds a mitigation for the issue, so not completely fixed.
 	NOTE: Still mark it as fixed in this version because patch limits socket
 	NOTE: connections to localhost only
-CVE-2014-3538 (file before 5.19 does not properly restrict the amount of data read ...)
+CVE-2014-3538
 	{DSA-3021-1 DSA-3008-1 DLA-67-1 DLA-50-1}
 	- file 1:5.19-1
 	NOTE: fix relies on the new feature that introduced regex/<length> syntax, might be too intrusive for backporting.
 	- php5 5.6.0~rc4+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=67705
-CVE-2014-3537 (The web interface in CUPS before 1.7.4 allows local users in the lp ...)
+CVE-2014-3537
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-1
 	[squeeze] - cups 1.4.4-7+squeeze6
@@ -16811,128 +16811,128 @@ CVE-2014-3537 (The web interface in CUPS before 1.7.4 allows local users in the
 CVE-2014-3536
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2014-3535 (include/linux/netdevice.h in the Linux kernel before 2.6.36 ...)
+CVE-2014-3535
 	- linux <not-affected> (RHEL-specific, incomplete backport)
 	- linux-2.6 <not-affected> (RHEL-specific, incomplete backport)
 	NOTE: Fix: https://git.kernel.org/linus/256df2f3879efdb2e9808bdb1b54b16fbb11fa38
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=896015#c8
-CVE-2014-3534 (arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the ...)
+CVE-2014-3534
 	{DSA-2992-1}
 	- linux 3.14.13-2 (bug #728705)
 	- linux-2.6 <not-affected> (Vulnerable code was introduced later)
-CVE-2014-3533 (dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to ...)
+CVE-2014-3533
 	{DSA-2971-1}
 	- dbus 1.8.6-1
 	[squeeze] - dbus <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80469
-CVE-2014-3532 (dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux ...)
+CVE-2014-3532
 	{DSA-2971-1}
 	- dbus 1.8.6-1
 	[squeeze] - dbus <not-affected> (Fix for other kernel version)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80163
-CVE-2014-3531 (Multiple cross-site scripting (XSS) vulnerabilities in Foreman before ...)
+CVE-2014-3531
 	- foreman <itp> (bug #663101)
-CVE-2014-3530 (The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory ...)
+CVE-2014-3530
 	NOT-FOR-US: PicketLink
-CVE-2014-3529 (The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers ...)
+CVE-2014-3529
 	- libapache-poi-java 3.10.1-1
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=56164
-CVE-2014-3527 (When using the CAS Proxy ticket authentication from Spring Security ...)
+CVE-2014-3527
 	- libspring-security-java <itp> (bug #582181)
-CVE-2014-3526 (Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before ...)
+CVE-2014-3526
 	NOT-FOR-US: Apache Wicket
-CVE-2014-3525 (Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, ...)
+CVE-2014-3525
 	- trafficserver 5.0.1-1 (low)
 	[wheezy] - trafficserver <no-dsa> (Minor issue)
-CVE-2014-3524 (Apache OpenOffice before 4.1.1 allows remote attackers to execute ...)
+CVE-2014-3524
 	NOT-FOR-US: OpenOffice for Windows
-CVE-2014-3523 (Memory leak in the winnt_accept function in server/mpm/winnt/child.c ...)
+CVE-2014-3523
 	- apache2 <not-affected> (Affects only Windows systems)
-CVE-2014-3522 (The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before ...)
+CVE-2014-3522
 	- subversion 1.8.10-1
 	[wheezy] - subversion <unfixed> (unimportant)
 	[squeeze] - subversion <unfixed> (unimportant)
 	NOTE: https://subversion.apache.org/security/CVE-2014-3522-advisory.txt
-CVE-2014-3521 (The component in (1) /luci/homebase and (2) /luci/cluster menu in Red ...)
+CVE-2014-3521
 	NOT-FOR-US: luci as included in conga
-CVE-2014-3520 (OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, ...)
+CVE-2014-3520
 	- keystone 2014.1.1-3 (bug #753511)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
-CVE-2014-3519 (The open_by_handle_at function in vzkernel before 042stab090.5 in the ...)
+CVE-2014-3519
 	- linux-2.6 <not-affected> (Vulnerable code not yet present)
 	- linux <not-affected> (Kernels after squeeze no longer contain the openvz flavour)
-CVE-2014-3518 (jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss ...)
+CVE-2014-3518
 	NOT-FOR-US: JBoss Application Server
-CVE-2014-3517 (api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, ...)
+CVE-2014-3517
 	- nova 2014.1.1-8 (bug #755042)
 	[wheezy] - nova <not-affected> (Only exploitable when used with neutron, which is not in stable)
 CVE-2014-3516
 	RESERVED
-CVE-2014-3515 (The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 ...)
+CVE-2014-3515
 	{DSA-2974-1 DLA-0018-1}
 	- php5 5.6.0~rc2+dfsg-1
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67492
-CVE-2014-3514 (activerecord/lib/active_record/relation/query_methods.rb in Active ...)
+CVE-2014-3514
 	- rails 2:4.1.5-1
 	[wheezy] - rails <not-affected> (Only affects 4.0.0 and all Later Versions)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	- rails-3.2 <not-affected> (Only affects 4.0.0 and all Later Versions)
 	- ruby-activerecord-2.3 <not-affected> (Only affects 4.0.0 and all Later Versions)
 	- ruby-activerecord-3.2 <not-affected> (Only affects 4.0.0 and all Later Versions)
-CVE-2014-3513 (Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 ...)
+CVE-2014-3513
 	{DSA-3053-1}
 	- openssl 1.0.1j-1
 	[squeeze] - openssl <not-affected> (DLTS SRTP introduced in 1.0.1)
-CVE-2014-3512 (Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP ...)
+CVE-2014-3512
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
-CVE-2014-3511 (The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 ...)
+CVE-2014-3511
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (Doesn't support TLS higher than 1.0)
-CVE-2014-3510 (The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL ...)
+CVE-2014-3510
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3509 (Race condition in the ssl_parse_serverhello_tlsext function in ...)
+CVE-2014-3509
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
-CVE-2014-3508 (The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 ...)
+CVE-2014-3508
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3507 (Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 ...)
+CVE-2014-3507
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3506 (d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, ...)
+CVE-2014-3506
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3505 (Double free vulnerability in d1_both.c in the DTLS implementation in ...)
+CVE-2014-3505
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3504 (The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) ...)
+CVE-2014-3504
 	- serf 1.3.7-1 (bug #757965)
 	[wheezy] - serf <no-dsa> (Minor issue)
 	[squeeze] - serf <no-dsa> (Minor issue)
-CVE-2014-3503 (Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate ...)
+CVE-2014-3503
 	NOT-FOR-US: Apache Syncope
-CVE-2014-3502 (Apache Cordova Android before 3.5.1 allows remote attackers to open ...)
+CVE-2014-3502
 	NOT-FOR-US: Apache Cordova
-CVE-2014-3501 (Apache Cordova Android before 3.5.1 allows remote attackers to bypass ...)
+CVE-2014-3501
 	NOT-FOR-US: Apache Cordova
-CVE-2014-3500 (Apache Cordova Android before 3.5.1 allows remote attackers to change ...)
+CVE-2014-3500
 	NOT-FOR-US: Apache Cordova
-CVE-2014-3499 (Docker 1.0.0 uses world-readable and world-writable permissions on the ...)
+CVE-2014-3499
 	- docker.io <not-affected> (RHEL specific, socket based activation not shipped)
-CVE-2014-3498 (The user module in ansible before 1.6.6 allows remote authenticated ...)
+CVE-2014-3498
 	- ansible 1.7.0+dfsg-1
 	NOTE: https://github.com/ansible/ansible/commit/8ed6350e65c82292a631f08845dfaacffe7f07f5 (v1.7.0)
-CVE-2014-3497 (Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 ...)
+CVE-2014-3497
 	- swift 1.13.1-1 (bug #752087)
 	[wheezy] - swift <not-affected> (Only affects 1.11.0 to 1.13.1)
-CVE-2014-3496 (cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 ...)
+CVE-2014-3496
 	NOT-FOR-US: OpenShift Origin
 CVE-2014-3495 [improper verification of SSL certificates]
 	RESERVED
@@ -16943,31 +16943,31 @@ CVE-2014-3495 [improper verification of SSL certificates]
 	NOTE: version outside of the packaged one in Debian. Mark 0.6.21-1 as fixing
 	NOTE: version since this is the first upload to unstable after python-boto
 	NOTE: 2.8.0-1 was uploaded.
-CVE-2014-3494 (kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs ...)
+CVE-2014-3494
 	- kde4libs 4:4.13.3-1 (bug #752052)
 	[wheezy] - kde4libs <not-affected> (Affects kdelibs 4.10.95 to 4.13.2)
 	[squeeze] - kde4libs <not-affected> (Affects kdelibs 4.10.95 to 4.13.2)
 	NOTE: http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d&hp=1ccdb43ed3b32a7798eec6d39bb3c83a6e40228f
-CVE-2014-3493 (The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x ...)
+CVE-2014-3493
 	{DSA-2966-1}
 	- samba 2:4.1.9+dfsg-1
 	[squeeze] - samba <not-affected> (Only affects 3.6 and later)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2014-3493
-CVE-2014-3492 (Multiple cross-site scripting (XSS) vulnerabilities in the host YAML ...)
+CVE-2014-3492
 	- foreman <itp> (bug #663101)
-CVE-2014-3491 (Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and ...)
+CVE-2014-3491
 	- foreman <itp> (bug #663101)
 	NOTE: Details not yet known as behind http://projects.theforeman.org/issues/5881
-CVE-2014-3490 (RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red ...)
+CVE-2014-3490
 	NOT-FOR-US: RESTEasy framework for JBoss
-CVE-2014-3489 (lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine ...)
+CVE-2014-3489
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-3488 (The SslHandler in Netty before 3.9.2 allows remote attackers to cause ...)
+CVE-2014-3488
 	- netty <not-affected> (Introduced in 3.9.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1107983 says only affects 3.9.0 and 3.9.1
-CVE-2014-3487 (The cdf_read_property_info function in file before 5.19, as used in ...)
+CVE-2014-3487
 	{DSA-3021-1 DSA-2974-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -16975,14 +16975,14 @@ CVE-2014-3487 (The cdf_read_property_info function in file before 5.19, as used
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=67413
-CVE-2014-3486 (The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) ...)
+CVE-2014-3486
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-3485 (The REST API in the ovirt-engine in oVirt, as used in Red Hat ...)
+CVE-2014-3485
 	NOT-FOR-US: ovirt-engine-api / RHEV
 CVE-2014-3484 [stack-based buffer overflow]
 	RESERVED
 	- musl 1.1.4-1 (bug #750815)
-CVE-2014-3483 (SQL injection vulnerability in ...)
+CVE-2014-3483
 	{DSA-2982-1}
 	- ruby-activerecord-2.3 <removed>
 	[wheezy] - ruby-activerecord-2.3 <end-of-life>
@@ -16992,7 +16992,7 @@ CVE-2014-3483 (SQL injection vulnerability in ...)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	- rails-3.2 3.2.19-1
 	- rails-4.0 <removed>
-CVE-2014-3482 (SQL injection vulnerability in ...)
+CVE-2014-3482
 	{DSA-2982-1}
 	- ruby-activerecord-2.3 <removed>
 	[wheezy] - ruby-activerecord-2.3 <end-of-life>
@@ -17002,9 +17002,9 @@ CVE-2014-3482 (SQL injection vulnerability in ...)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	- rails-3.2 3.2.19-1
 	- rails-4.0 <removed>
-CVE-2014-3481 (org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat ...)
+CVE-2014-3481
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2014-3480 (The cdf_count_chain function in cdf.c in file before 5.19, as used in ...)
+CVE-2014-3480
 	{DSA-3021-1 DSA-2974-1 DLA-27-1 DLA-0018-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -17012,7 +17012,7 @@ CVE-2014-3480 (The cdf_count_chain function in cdf.c in file before 5.19, as use
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: http://bugs.php.net/bug.php?id=67412
-CVE-2014-3479 (The cdf_check_stream_offset function in cdf.c in file before 5.19, as ...)
+CVE-2014-3479
 	{DSA-3021-1 DSA-2974-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -17020,7 +17020,7 @@ CVE-2014-3479 (The cdf_check_stream_offset function in cdf.c in file before 5.19
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=67411
-CVE-2014-3478 (Buffer overflow in the mconvert function in softmagic.c in file before ...)
+CVE-2014-3478
 	{DSA-3021-1 DSA-2974-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -17028,26 +17028,26 @@ CVE-2014-3478 (Buffer overflow in the mconvert function in softmagic.c in file b
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced later)
 	NOTE: http://bugs.php.net/bug.php?id=67410
-CVE-2014-3477 (The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and ...)
+CVE-2014-3477
 	{DSA-2971-1 DLA-87-1}
 	- dbus 1.8.4-1 (low)
 	[squeeze] - dbus <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=78979
-CVE-2014-3476 (OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, ...)
+CVE-2014-3476
 	- keystone 2014.1.1-2 (bug #751454)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
-CVE-2014-3475 (Cross-site scripting (XSS) vulnerability in the Users panel ...)
+CVE-2014-3475
 	- horizon 2014.1.1-3 (bug #754255)
 	[wheezy] - horizon <no-dsa> (Minor issue)
-CVE-2014-3474 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-3474
 	- horizon 2014.1.1-3 (bug #754255)
 	[wheezy] - horizon <no-dsa> (Minor issue)
-CVE-2014-3473 (Cross-site scripting (XSS) vulnerability in the Orchestration/Stack ...)
+CVE-2014-3473
 	- horizon 2014.1.1-3 (bug #754255)
 	[wheezy] - horizon <no-dsa> (Minor issue)
-CVE-2014-3472 (The isCallerInRole function in SimpleSecurityManager in JBoss ...)
+CVE-2014-3472
 	NOT-FOR-US: JBoss Enterprise Application Platform
-CVE-2014-3471 (Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick ...)
+CVE-2014-3471
 	- qemu 2.1+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
@@ -17057,70 +17057,70 @@ CVE-2014-3471 (Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-06/msg05283.html
 	NOTE: Upstream fix: http://git.qemu.org/?p=qemu.git;a=commit;h=554f802da3f8b09b16b9a84ad5847b2eb0e9ad2b (v2.1.0-rc0)
 	NOTE: PCIe support introduced in v1.3: http://wiki.qemu.org/ChangeLog/1.3
-CVE-2014-3470 (The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL ...)
+CVE-2014-3470
 	{DSA-2950-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
-CVE-2014-3469 (The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU ...)
+CVE-2014-3469
 	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
-CVE-2014-3468 (The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not ...)
+CVE-2014-3468
 	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
-CVE-2014-3467 (Multiple unspecified vulnerabilities in the DER decoder in GNU ...)
+CVE-2014-3467
 	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
-CVE-2014-3466 (Buffer overflow in the read_server_hello function in ...)
+CVE-2014-3466
 	{DSA-2944-1 DLA-0001-1}
 	- gnutls26 2.12.23-16
 	- gnutls28 3.2.15-1
 	[squeeze] - gnutls26 2.8.6-1+squeeze4
 	NOTE: http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/
-CVE-2014-3465 (The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS ...)
+CVE-2014-3465
 	- gnutls26 <not-affected> (Affected code was introduced in 3.0)
 	- gnutls28 3.2.10-1
-CVE-2014-3464 (The EJB invocation handler implementation in Red Hat JBossWS, as used ...)
+CVE-2014-3464
 	NOT-FOR-US: JBoss WS
 CVE-2014-3463
 	REJECTED
-CVE-2014-3800 (XBMC 13.0 uses world-readable permissions for ...)
+CVE-2014-3800
 	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
 	- xbmc 2:13.2+dfsg1-5 (low; bug #747428)
 	[jessie] - xbmc <no-dsa> (Minor issue)
 	[wheezy] - xbmc <no-dsa> (Minor issue)
 	NOTE: http://trac.xbmc.org/ticket/15198
-CVE-2014-3774 (Multiple cross-site scripting (XSS) vulnerabilities in items.php in ...)
+CVE-2014-3774
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de
-CVE-2014-3773 (Multiple SQL injection vulnerabilities in TeamPass before 2.1.20 allow ...)
+CVE-2014-3773
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de
-CVE-2014-3772 (TeamPass before 2.1.20 allows remote attackers to bypass access ...)
+CVE-2014-3772
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f
-CVE-2014-3771 (TeamPass before 2.1.20 allows remote attackers to bypass access ...)
+CVE-2014-3771
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f
-CVE-2014-4703 (lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain ...)
+CVE-2014-4703
 	- nagios-plugins <not-affected> (incomplete fix for CVE-2014-4701 not applied)
 	NOTE: check_dhcp is not installed with root suid permissions in Debian
 	NOTE: http://seclists.org/fulldisclosure/2014/Jun/141
 	NOTE: Introduced due to incomplete fix for CVE-2014-4701 in 2.0.2.
 	- monitoring-plugins <not-affected> (Vulnerable code not present, fix for CVE-2014-4701 adressed differently directly by dropping privileges)
-CVE-2014-4702 (The check_icmp plugin in Nagios Plugins before 2.0.2 allows local ...)
+CVE-2014-4702
 	- nagios-plugins <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/May/74
 	NOTE: Fixed in nagios-plugins 2.0.2
 	NOTE: check_imcp is not installed with root suid permissions in Debian
 	- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
 	NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
-CVE-2014-4701 (The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local ...)
+CVE-2014-4701
 	- nagios-plugins <removed> (unimportant)
 	NOTE: check_dhcp is not installed with root suid permissions in Debian
 	NOTE: http://seclists.org/fulldisclosure/2014/May/74
@@ -17128,44 +17128,44 @@ CVE-2014-4701 (The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local
 	NOTE: CVE-2014-4703) and thus include the fix from 2.0.3 upstream.
 	- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
 	NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
-CVE-2014-3776 (Buffer overflow in the &quot;read-u8vector!&quot; procedure in the srfi-4 unit ...)
+CVE-2014-3776
 	- chicken 4.9.0-1 (bug #748904)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.gnu.org/archive/html/chicken-announce/2014-05/msg00001.html
 	NOTE: http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e
-CVE-2014-3775 (libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin ...)
+CVE-2014-3775
 	{DSA-2935-1}
 	- libgadu 1:1.12.0~rc3-1
 	[squeeze] - libgadu <not-affected> (Vulnerable code not present)
-CVE-2014-3749 (SQL injection vulnerability in Construtiva CIS Manager allows remote ...)
+CVE-2014-3749
 	NOT-FOR-US: Construtiva CIS Manager CMS
 CVE-2014-3719
 	RESERVED
 	NOT-FOR-US: ALEPH500 Integrated library management system
-CVE-2014-3717 (Xen 4.4.x does not properly validate the load address for 64-bit ARM ...)
+CVE-2014-3717
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3716 (Xen 4.4.x does not properly check alignment, which allows local users ...)
+CVE-2014-3716
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3715 (Buffer overflow in Xen 4.4.x allows local users to read system memory ...)
+CVE-2014-3715
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3714 (The ARM image loading functionality in Xen 4.4.x does not properly ...)
+CVE-2014-3714
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3739 (Open redirect vulnerability in ...)
+CVE-2014-3739
 	- zenoss <itp> (bug #361253)
-CVE-2014-3738 (Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote ...)
+CVE-2014-3738
 	- zenoss <itp> (bug #361253)
-CVE-2014-3756 (The client in Mumble 1.2.x before 1.2.6 allows remote attackers to ...)
+CVE-2014-3756
 	- mumble 1.2.6-1 (bug #748189)
 	[squeeze] - mumble <no-dsa> (Minor issue)
 	[wheezy] - mumble 1.2.3-349-g315b5f5-2.2+deb7u2
 	NOTE: http://mumble.info/security/Mumble-SA-2014-006.txt
-CVE-2014-3755 (The QSvg module in Qt, as used in the Mumble client 1.2.x before ...)
+CVE-2014-3755
 	- mumble 1.2.6-1 (bug #748189)
 	[squeeze] - mumble <no-dsa> (Minor issue)
 	[wheezy] - mumble 1.2.3-349-g315b5f5-2.2+deb7u2
 	NOTE: http://mumble.info/security/Mumble-SA-2014-005.txt
-CVE-2014-3461 (hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute ...)
+CVE-2014-3461
 	- qemu 2.1+dfsg-1 (bug #739589)
 	- qemu-kvm <removed>
 	[wheezy] - qemu <no-dsa> (Too intrusive to backport, minor risk)
@@ -17173,25 +17173,25 @@ CVE-2014-3461 (hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute ...
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://article.gmane.org/gmane.comp.emulators.qemu/272322
-CVE-2014-3460 (Directory traversal vulnerability in the DumpToFile method in the ...)
+CVE-2014-3460
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2014-3459 (Heap-based buffer overflow in SolarWinds Network Configuration Manager ...)
+CVE-2014-3459
 	NOT-FOR-US: SolarWinds Network Configuration Manager
 CVE-2014-3458
 	RESERVED
 CVE-2014-3457
 	RESERVED
-CVE-2014-3456 (Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition ...)
+CVE-2014-3456
 	NOT-FOR-US: GitLab Enterprise Edition
-CVE-2014-3455 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
+CVE-2014-3455
 	NOT-FOR-US: MediaWiki extension SemanticForms
-CVE-2014-3454 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2014-3454
 	NOT-FOR-US: MediaWiki extension SemanticForms
-CVE-2014-3452 (Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier ...)
+CVE-2014-3452
 	NOT-FOR-US: K-lite Codec
-CVE-2014-3451 (OpenFire XMPP Server before 3.10 accepts self-signed certificates, ...)
+CVE-2014-3451
 	NOT-FOR-US: Openfire
-CVE-2014-3450 (Unspecified vulnerability in Panda Gold Protection and Global ...)
+CVE-2014-3450
 	NOT-FOR-US: Panda
 CVE-2014-3449
 	RESERVED
@@ -17202,18 +17202,18 @@ CVE-2014-3448
 CVE-2014-3447
 	RESERVED
 	NOT-FOR-US: BSS Continuity CMS
-CVE-2014-3446 (SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in ...)
+CVE-2014-3446
 	NOT-FOR-US: BSS Continuity CMS
 CVE-2014-3445
 	RESERVED
-CVE-2014-3730 (The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, ...)
+CVE-2014-3730
 	{DSA-2934-1}
 	- python-django 1.6.5-1
 	NOTE: https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/
 CVE-2014-XXXX [data leak during restore]
 	- obnam 1.8-1 (low; bug #745112)
 	[wheezy] - obnam <no-dsa> (Minor issue)
-CVE-2014-3462 (The &quot;.encfs6.xml&quot; configuration file in encfs before 1.7.5 allows ...)
+CVE-2014-3462
 	- encfs 1.8.1-1 (low; bug #736066)
 	[jessie] - encfs <no-dsa> (Minor issue)
 	[squeeze] - encfs <no-dsa> (Minor issue)
@@ -17221,367 +17221,367 @@ CVE-2014-3462 (The &quot;.encfs6.xml&quot; configuration file in encfs before 1.
 	NOTE: Shortcoming documented in 1.7.4-4
 	NOTE: https://defuse.ca/audits/encfs.htm
 	NOTE: Upstream issue: https://github.com/vgough/encfs/issues/14
-CVE-2014-3453 (Eval injection vulnerability in the flag_import_form_validate function ...)
+CVE-2014-3453
 	NOT-FOR-US: Drupal module
-CVE-2014-3444 (The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer ...)
+CVE-2014-3444
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2014-3443 (JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to ...)
+CVE-2014-3443
 	NOT-FOR-US: JetAudio
-CVE-2014-3442 (Winamp 5.666 and earlier allows remote attackers to cause a denial of ...)
+CVE-2014-3442
 	NOT-FOR-US: Winamp
-CVE-2014-3441 (codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows ...)
+CVE-2014-3441
 	- vlc <not-affected> (VLC in Debian uses the system version of libpng which handles the malformed file correctly as invalid)
 	NOTE: http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
-CVE-2014-3440 (The Agent Control Interface in the management server in Symantec ...)
+CVE-2014-3440
 	NOT-FOR-US: Symantec
-CVE-2014-3439 (ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 ...)
+CVE-2014-3439
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2014-3438 (Multiple cross-site scripting (XSS) vulnerabilities in console ...)
+CVE-2014-3438
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2014-3437 (The management console in Symantec Endpoint Protection Manager (SEPM) ...)
+CVE-2014-3437
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2014-3436 (Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP ...)
+CVE-2014-3436
 	NOT-FOR-US: Symantec
 CVE-2014-3435
 	REJECTED
-CVE-2014-3434 (Buffer overflow in the sysplant driver in Symantec Endpoint Protection ...)
+CVE-2014-3434
 	NOT-FOR-US: Symantec
-CVE-2014-3433 (Cross-site scripting (XSS) vulnerability in the management console in ...)
+CVE-2014-3433
 	NOT-FOR-US: Symantec
-CVE-2014-3432 (Cross-site scripting (XSS) vulnerability in the management console in ...)
+CVE-2014-3432
 	NOT-FOR-US: Symantec
-CVE-2014-3431 (Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x ...)
+CVE-2014-3431
 	NOT-FOR-US: Symantec PGP Desktop
-CVE-2014-3429 (IPython Notebook 0.12 through 1.x before 1.2 does not validate the ...)
+CVE-2014-3429
 	- ipython 1.2.0~rc1-1 (low)
 	[wheezy] - ipython 0.13.1-2+deb7u1
 	[squeeze] - ipython <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ipython/ipython/pull/4845
-CVE-2014-3428 (Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with ...)
+CVE-2014-3428
 	NOT-FOR-US: Yealink VoIP Phones
-CVE-2014-3427 (CRLF injection vulnerability in Yealink VoIP Phones with firmware ...)
+CVE-2014-3427
 	NOT-FOR-US: Yealink VoIP Phones
 CVE-2014-3420
 	RESERVED
-CVE-2014-3419 (Infoblox NetMRI before 6.8.5 has a default password of admin for the ...)
+CVE-2014-3419
 	NOT-FOR-US: Infoblox NetMRI
-CVE-2014-3418 (config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows ...)
+CVE-2014-3418
 	NOT-FOR-US: Infoblox NetMRI
-CVE-2014-3417 (uPortal before 4.0.13.1 does not properly check the CONFIG permission, ...)
+CVE-2014-3417
 	NOT-FOR-US: uPortal
-CVE-2014-3416 (uPortal before 4.0.13.1 does not properly check the MANAGE ...)
+CVE-2014-3416
 	NOT-FOR-US: uPortal
-CVE-2014-3415 (SQL injection vulnerability in Sharetronix before 3.4 allows remote ...)
+CVE-2014-3415
 	NOT-FOR-US: Sharetronix
-CVE-2014-3414 (Cross-site request forgery (CSRF) vulnerability in Sharetronix before ...)
+CVE-2014-3414
 	NOT-FOR-US: Sharetronix
-CVE-2014-3413 (The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has ...)
+CVE-2014-3413
 	NOT-FOR-US: Juniper
-CVE-2014-3412 (Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when ...)
+CVE-2014-3412
 	NOT-FOR-US: Juniper Junos Space
-CVE-2014-3411 (Unspecified vulnerability in the NSM XDB service in Juniper NSM before ...)
+CVE-2014-3411
 	NOT-FOR-US: Juniper NSM
-CVE-2014-3410 (The syslog-management subsystem in Cisco Adaptive Security Appliance ...)
+CVE-2014-3410
 	NOT-FOR-US: Cisco
-CVE-2014-3409 (The Ethernet Connectivity Fault Management (CFM) handling feature in ...)
+CVE-2014-3409
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3408 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2014-3408
 	NOT-FOR-US: Cisco Prime Optical
-CVE-2014-3407 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2014-3407
 	NOT-FOR-US: Cisco
-CVE-2014-3406 (Race condition in the IP logging feature in Cisco Intrusion Prevention ...)
+CVE-2014-3406
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2014-3405 (Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy ...)
+CVE-2014-3405
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3404 (The Autonomic Networking Infrastructure (ANI) component in Cisco IOS ...)
+CVE-2014-3404
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3403 (The Autonomic Networking Infrastructure (ANI) component in Cisco IOS ...)
+CVE-2014-3403
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3402 (The authentication-manager process in the web framework in Cisco ...)
+CVE-2014-3402
 	NOT-FOR-US: Cisco Intrusion Prevention System
 CVE-2014-3401
 	RESERVED
-CVE-2014-3400 (Cisco WebEx Meetings Server allows remote authenticated users to ...)
+CVE-2014-3400
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3399 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2014-3399
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-3398 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2014-3398
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-3397 (The network stack in Cisco TelePresence MCU Software before 4.3(2.30) ...)
+CVE-2014-3397
 	NOT-FOR-US: TelePresence MCU
-CVE-2014-3396 (Cisco IOS XR on ASR 9000 devices does not properly use compression for ...)
+CVE-2014-3396
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3395 (Cisco WebEx Meetings Server (WMS) 2.5 allows remote attackers to ...)
+CVE-2014-3395
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3394 (The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 ...)
+CVE-2014-3394
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3393 (The Clientless SSL VPN portal customization framework in Cisco ASA ...)
+CVE-2014-3393
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3392 (The Clientless SSL VPN portal in Cisco ASA Software 8.2 before ...)
+CVE-2014-3392
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3391 (Untrusted search path vulnerability in Cisco ASA Software 8.x before ...)
+CVE-2014-3391
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3390 (The Virtual Network Management Center (VNMC) policy implementation in ...)
+CVE-2014-3390
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3389 (The VPN implementation in Cisco ASA Software 7.2 before 7.2(5.15), 8.2 ...)
+CVE-2014-3389
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3388 (The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13), ...)
+CVE-2014-3388
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3387 (The SunRPC inspection engine in Cisco ASA Software 7.2 before ...)
+CVE-2014-3387
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3386 (The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA ...)
+CVE-2014-3386
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3385 (Race condition in the Health and Performance Monitoring (HPM) for ASDM ...)
+CVE-2014-3385
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3384 (The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), ...)
+CVE-2014-3384
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3383 (The IKE implementation in the VPN component in Cisco ASA Software 9.1 ...)
+CVE-2014-3383
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3382 (The SQL*Net inspection engine in Cisco ASA Software 7.2 before ...)
+CVE-2014-3382
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3381 (The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the ...)
+CVE-2014-3381
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2014-3380 (Cisco Unified Communications Domain Manager Platform Software 4.4(.3) ...)
+CVE-2014-3380
 	NOT-FOR-US: Cisco Unified Communications
-CVE-2014-3379 (Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 ...)
+CVE-2014-3379
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3378 (tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to ...)
+CVE-2014-3378
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3377 (snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated ...)
+CVE-2014-3377
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3376 (Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial ...)
+CVE-2014-3376
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3375 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service ...)
+CVE-2014-3375
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3374 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin ...)
+CVE-2014-3374
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3373 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed ...)
+CVE-2014-3373
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3372 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports ...)
+CVE-2014-3372
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2014-3371
 	REJECTED
-CVE-2014-3370 (Cisco TelePresence Video Communication Server (VCS) and Expressway ...)
+CVE-2014-3370
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3369 (The SIP IX implementation in Cisco TelePresence Video Communication ...)
+CVE-2014-3369
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3368 (Cisco TelePresence Video Communication Server (VCS) and Expressway ...)
+CVE-2014-3368
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3367 (Cross-site scripting (XSS) vulnerability in the vCloud Director ...)
+CVE-2014-3367
 	NOT-FOR-US: Cisco
-CVE-2014-3366 (SQL injection vulnerability in the administrative web interface in ...)
+CVE-2014-3366
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3365 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Prime ...)
+CVE-2014-3365
 	NOT-FOR-US: Cisco Prime Security Manager
-CVE-2014-3364 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2014-3364
 	NOT-FOR-US: Cisco
-CVE-2014-3363 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2014-3363
 	NOT-FOR-US: Cisco
-CVE-2014-3362 (Memory leak in Cisco TelePresence System Edge MXP Series Software ...)
+CVE-2014-3362
 	NOT-FOR-US: Cisco
-CVE-2014-3361 (The ALG module in Cisco IOS 15.0 through 15.4 does not properly ...)
+CVE-2014-3361
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3360 (Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, ...)
+CVE-2014-3360
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3359 (Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, ...)
+CVE-2014-3359
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3358 (Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE ...)
+CVE-2014-3358
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3357 (Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before ...)
+CVE-2014-3357
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3356 (The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE ...)
+CVE-2014-3356
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3355 (The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE ...)
+CVE-2014-3355
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3354 (Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x ...)
+CVE-2014-3354
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3353 (Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing ...)
+CVE-2014-3353
 	NOT-FOR-US: Cisco
-CVE-2014-3352 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) ...)
+CVE-2014-3352
 	NOT-FOR-US: Cisco
-CVE-2014-3351 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does ...)
+CVE-2014-3351
 	NOT-FOR-US: Cisco
-CVE-2014-3350 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does ...)
+CVE-2014-3350
 	NOT-FOR-US: Cisco
-CVE-2014-3349 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does ...)
+CVE-2014-3349
 	NOT-FOR-US: Cisco
-CVE-2014-3348 (The SSH module in the Integrated Management Controller (IMC) before ...)
+CVE-2014-3348
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-3347 (Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic ...)
+CVE-2014-3347
 	NOT-FOR-US: Cisco
-CVE-2014-3346 (The web framework in Cisco Transport Gateway for Smart Call Home (aka ...)
+CVE-2014-3346
 	NOT-FOR-US: Cisco
-CVE-2014-3345 (The web framework in Cisco Transport Gateway for Smart Call Home (aka ...)
+CVE-2014-3345
 	NOT-FOR-US: Cisco
-CVE-2014-3344 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2014-3344
 	NOT-FOR-US: Cisco
-CVE-2014-3343 (Cisco IOS XR 5.1 allows remote attackers to cause a denial of service ...)
+CVE-2014-3343
 	NOT-FOR-US: Cisco
-CVE-2014-3342 (The CLI in Cisco IOS XR allows remote authenticated users to obtain ...)
+CVE-2014-3342
 	NOT-FOR-US: Cisco
-CVE-2014-3341 (The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 ...)
+CVE-2014-3341
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-3340 (Directory traversal vulnerability in an unspecified PHP script in the ...)
+CVE-2014-3340
 	NOT-FOR-US: Cisco
-CVE-2014-3339 (Multiple SQL injection vulnerabilities in the administrative web ...)
+CVE-2014-3339
 	NOT-FOR-US: Cisco
-CVE-2014-3338 (The CTIManager module in Cisco Unified Communications Manager (CM) ...)
+CVE-2014-3338
 	NOT-FOR-US: Cisco
-CVE-2014-3337 (The SIP implementation in Cisco Unified Communications Manager (CM) ...)
+CVE-2014-3337
 	NOT-FOR-US: Cisco
-CVE-2014-3336 (SQL injection vulnerability in the web framework in Cisco Unity ...)
+CVE-2014-3336
 	NOT-FOR-US: Cisco
-CVE-2014-3335 (Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly ...)
+CVE-2014-3335
 	NOT-FOR-US: Cisco
 CVE-2014-3334
 	REJECTED
-CVE-2014-3333 (The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote ...)
+CVE-2014-3333
 	NOT-FOR-US: Cisco
-CVE-2014-3332 (Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an ...)
+CVE-2014-3332
 	NOT-FOR-US: Cisco
-CVE-2014-3331 (The Session Manager component in Packet Data Network Gateway (aka PGW) ...)
+CVE-2014-3331
 	NOT-FOR-US: Cisco
-CVE-2014-3330 (Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly ...)
+CVE-2014-3330
 	NOT-FOR-US: Cisco
-CVE-2014-3329 (Cross-site scripting (XSS) vulnerability in the web-server component ...)
+CVE-2014-3329
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
-CVE-2014-3328 (The Intercluster Sync Agent Service in Cisco Unified Presence Server ...)
+CVE-2014-3328
 	NOT-FOR-US: Cisco Unified Presence Server
-CVE-2014-3327 (The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 ...)
+CVE-2014-3327
 	NOT-FOR-US: Cisco
-CVE-2014-3326 (SQL injection vulnerability in the web framework in Cisco Security ...)
+CVE-2014-3326
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3325 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
+CVE-2014-3325
 	NOT-FOR-US: Cisco
-CVE-2014-3324 (Multiple cross-site scripting (XSS) vulnerabilities in the login page ...)
+CVE-2014-3324
 	NOT-FOR-US: Cisco TelePrecence Server
-CVE-2014-3323 (Directory traversal vulnerability in Cisco Unified Contact Center ...)
+CVE-2014-3323
 	NOT-FOR-US: Cisco
-CVE-2014-3322 (Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly ...)
+CVE-2014-3322
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3321 (Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group ...)
+CVE-2014-3321
 	NOT-FOR-US: Cisco
-CVE-2014-3320 (Multiple open redirect vulnerabilities in the admin web interface in ...)
+CVE-2014-3320
 	NOT-FOR-US: Cisco
-CVE-2014-3319 (Directory traversal vulnerability in the Real-Time Monitoring Tool ...)
+CVE-2014-3319
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3318 (Directory traversal vulnerability in dna/viewfilecontents.do in the ...)
+CVE-2014-3318
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3317 (Directory traversal vulnerability in the Multiple Analyzer in the ...)
+CVE-2014-3317
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3316 (The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in ...)
+CVE-2014-3316
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3315 (Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the ...)
+CVE-2014-3315
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3314 (Cisco AnyConnect on Android and OS X does not properly verify the host ...)
+CVE-2014-3314
 	NOT-FOR-US: Cisco AnyConnect
-CVE-2014-3313 (Cross-site scripting (XSS) vulnerability in the web user interface on ...)
+CVE-2014-3313
 	NOT-FOR-US: Cisco Small Business phones
-CVE-2014-3312 (The debug console interface on Cisco Small Business SPA300 and SPA500 ...)
+CVE-2014-3312
 	NOT-FOR-US: Cisco Small Business phones
-CVE-2014-3311 (Heap-based buffer overflow in the file-sharing feature in WebEx ...)
+CVE-2014-3311
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3310 (The File Transfer feature in WebEx Meetings Client in Cisco WebEx ...)
+CVE-2014-3310
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3309 (The NTP implementation in Cisco IOS and IOS XE does not properly ...)
+CVE-2014-3309
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3308 (Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static ...)
+CVE-2014-3308
 	NOT-FOR-US: Cisco IOS XR
-CVE-2014-3307 (The DHCP client implementation in Universal Small Cell firmware on ...)
+CVE-2014-3307
 	NOT-FOR-US: Cisco Small Cell
-CVE-2014-3306 (The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, ...)
+CVE-2014-3306
 	NOT-FOR-US: Cisco
-CVE-2014-3305 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2014-3305
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3304 (The OutlookAction Class in Cisco WebEx Meetings Server allows remote ...)
+CVE-2014-3304
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3303 (The web framework in Cisco WebEx Meetings Server does not properly ...)
+CVE-2014-3303
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3302 (user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does ...)
+CVE-2014-3302
 	NOT-FOR-US: Cisco
-CVE-2014-3301 (The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) ...)
+CVE-2014-3301
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3300 (The BVSMWeb portal in the web framework in Cisco Unified ...)
+CVE-2014-3300
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3299 (Cisco IOS allows remote authenticated users to cause a denial of ...)
+CVE-2014-3299
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3298 (Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco ...)
+CVE-2014-3298
 	NOT-FOR-US: Cisco
-CVE-2014-3297 (Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not ...)
+CVE-2014-3297
 	NOT-FOR-US: Cisco
-CVE-2014-3296 (The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server ...)
+CVE-2014-3296
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3295 (The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows ...)
+CVE-2014-3295
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-3294 (Cisco WebEx Meeting Server does not properly restrict the content of ...)
+CVE-2014-3294
 	NOT-FOR-US: Cisco WebEx Meeting Server
-CVE-2014-3293 (Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to ...)
+CVE-2014-3293
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3292 (The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified ...)
+CVE-2014-3292
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3291 (Cisco Wireless LAN Controller (WLC) devices allow remote attackers to ...)
+CVE-2014-3291
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-3290 (The mDNS implementation in Cisco IOS XE 3.12S does not properly ...)
+CVE-2014-3290
 	NOT-FOR-US: Cisco IOS XE
-CVE-2014-3289 (Cross-site scripting (XSS) vulnerability in the web management ...)
+CVE-2014-3289
 	NOT-FOR-US: Cisco
 CVE-2014-3288
 	RESERVED
-CVE-2014-3287 (SQL injection vulnerability in BulkViewFileContentsAction.java in the ...)
+CVE-2014-3287
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3286 (The web framework in Cisco WebEx Meeting Server does not properly ...)
+CVE-2014-3286
 	NOT-FOR-US: Cisco WebEx Meeting Server
-CVE-2014-3285 (Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when ...)
+CVE-2014-3285
 	NOT-FOR-US: Cisco Wide Area Application Services
-CVE-2014-3284 (Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, ...)
+CVE-2014-3284
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3283 (Open redirect vulnerability in Self-Care Client Portal applications in ...)
+CVE-2014-3283
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3282 (The Administration GUI in the web framework in VOSS in Cisco Unified ...)
+CVE-2014-3282
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3281 (The web framework in VOSS in Cisco Unified Communications Domain ...)
+CVE-2014-3281
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3280 (The web framework in VOSS in Cisco Unified Communications Domain ...)
+CVE-2014-3280
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3279 (The Administration GUI in the web framework in VOSS in Cisco Unified ...)
+CVE-2014-3279
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3278 (The web framework in VOSS in Cisco Unified Communications Domain ...)
+CVE-2014-3278
 	NOT-FOR-US: Cisco Unified Communications
-CVE-2014-3277 (The Administration GUI in the web framework in VOSS in Cisco Unified ...)
+CVE-2014-3277
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3276 (Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does ...)
+CVE-2014-3276
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-3275 (SQL injection vulnerability in the web framework in Cisco Identity ...)
+CVE-2014-3275
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-3274 (Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to ...)
+CVE-2014-3274
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3273 (The LLDP implementation in Cisco IOS allows remote attackers to cause ...)
+CVE-2014-3273
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3272 (The Agent in Cisco Tidal Enterprise Scheduler (TES) 6.1 and earlier ...)
+CVE-2014-3272
 	NOT-FOR-US: Cisco
-CVE-2014-3271 (The DHCPv6 implementation in Cisco IOS XR allows remote attackers to ...)
+CVE-2014-3271
 	NOT-FOR-US: Cisco IOS XR
-CVE-2014-3270 (The DHCPv6 implementation in Cisco IOS XR allows remote attackers to ...)
+CVE-2014-3270
 	NOT-FOR-US: Cisco IOS XR
-CVE-2014-3269 (The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users ...)
+CVE-2014-3269
 	NOT-FOR-US: Cisco IOS XE
-CVE-2014-3268 (Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices ...)
+CVE-2014-3268
 	NOT-FOR-US: Cisco Unified Border Element
-CVE-2014-3267 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2014-3267
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3266 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2014-3266
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3265 (Cross-site scripting (XSS) vulnerability in the Auto Update Server ...)
+CVE-2014-3265
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3264 (Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier ...)
+CVE-2014-3264
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-3263 (The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to ...)
+CVE-2014-3263
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3262 (The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS ...)
+CVE-2014-3262
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3261 (Buffer overflow in the Smart Call Home implementation in Cisco NX-OS ...)
+CVE-2014-3261
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-3260 (Pacom 1000 CCU and RTU GMS devices allow remote attackers to spoof the ...)
+CVE-2014-3260
 	NOT-FOR-US: Pacom
 CVE-2014-3259
 	RESERVED
@@ -17599,20 +17599,20 @@ CVE-2014-3253
 	RESERVED
 CVE-2014-3252
 	RESERVED
-CVE-2014-3251 (The MCollective aes_security plugin, as used in Puppet Enterprise ...)
+CVE-2014-3251
 	- mcollective 2.6.0+dfsg-1 (low; bug #758701)
 	[wheezy] - mcollective <no-dsa> (Minor issue)
 	NOTE: Mcollective are not configured to use the plugin and are not vulnerable by default.
 	NOTE: http://puppetlabs.com/security/cve/cve-2014-3251
-CVE-2014-3250 (The default vhost configuration file in Puppet before 3.6.2 does not ...)
+CVE-2014-3250
 	- puppet 3.7.0-1 (low)
 	[squeeze] - puppet <not-affected> (Only exploitable in combination with Apache 2.4)
 	[wheezy] - puppet <not-affected> (Only exploitable in combination with Apache 2.4)
 	NOTE: http://puppetlabs.com/security/cve/CVE-2014-3250
-CVE-2014-3249 (Puppet Enterprise 2.8.x before 2.8.7 allows remote attackers to obtain ...)
+CVE-2014-3249
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: http://puppetlabs.com/security/cve/cve-2014-3249
-CVE-2014-3248 (Untrusted search path vulnerability in Puppet Enterprise 2.8 before ...)
+CVE-2014-3248
 	- puppet 3.7.0-1 (low)
 	[wheezy] - puppet <no-dsa> (Minor issue)
 	[squeeze] - puppet <no-dsa> (Minor issue)
@@ -17626,15 +17626,15 @@ CVE-2014-3248 (Untrusted search path vulnerability in Puppet Enterprise 2.8 befo
 	[wheezy] - mcollective <no-dsa> (Minor issue)
 	NOTE: http://puppetlabs.com/security/cve/cve-2014-3248
 	NOTE: problem in combination with ruby <= 1.9.1
-CVE-2014-3247 (Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows ...)
+CVE-2014-3247
 	- collabtive 2.0+dfsg-1 (bug #748828)
 	[wheezy] - collabtive <no-dsa> (Minor issue)
-CVE-2014-3246 (SQL injection vulnerability in Collabtive 1.2 allows remote ...)
+CVE-2014-3246
 	- collabtive 1.2+dfsg-2 (bug #748828)
 	[wheezy] - collabtive <no-dsa> (Minor issue)
 CVE-2014-3245
 	RESERVED
-CVE-2014-3244 (XML external entity (XXE) vulnerability in the RSSDashlet dashlet in ...)
+CVE-2014-3244
 	NOT-FOR-US: SugarCRM
 CVE-2014-3241
 	RESERVED
@@ -17662,22 +17662,22 @@ CVE-2014-3229
 	RESERVED
 CVE-2014-3228
 	RESERVED
-CVE-2014-3227 (dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect ...)
+CVE-2014-3227
 	{DSA-2915-2}
 	- dpkg 1.17.9
 CVE-2014-3226
 	RESERVED
-CVE-2014-3224 (Huawei Quidway S9700 V200R003C00SPC500, Quidway S9300 ...)
+CVE-2014-3224
 	NOT-FOR-US: Huawei
-CVE-2014-3223 (Huawei S9300 with software before V100R006SPH013 and ...)
+CVE-2014-3223
 	NOT-FOR-US: Huawei
-CVE-2014-3222 (In Huawei eSpace Meeting with software V100R001C03SPC201 and the ...)
+CVE-2014-3222
 	NOT-FOR-US: Huawei
-CVE-2014-3221 (Huawei Eudemon8000E firewall with software V200R001C01SPC800 and ...)
+CVE-2014-3221
 	NOT-FOR-US: Huawei
-CVE-2014-3220 (F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote ...)
+CVE-2014-3220
 	NOT-FOR-US: F5 BIG-IQ
-CVE-2014-3145 (The BPF_S_ANC_NLATTR_NEST extension implementation in the ...)
+CVE-2014-3145
 	{DSA-2949-1 DLA-0015-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
@@ -17685,7 +17685,7 @@ CVE-2014-3145 (The BPF_S_ANC_NLATTR_NEST extension implementation in the ...)
 	NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
-CVE-2014-3144 (The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension ...)
+CVE-2014-3144
 	{DSA-2949-1 DLA-0015-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
@@ -17693,60 +17693,60 @@ CVE-2014-3144 (The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension
 	NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
-CVE-2014-3430 (Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x ...)
+CVE-2014-3430
 	{DSA-2954-1 DLA-0004-1}
 	- dovecot 1:2.2.13~rc1-1 (low; bug #747549)
 	[squeeze] - dovecot 1:1.2.15-7+deb6u1
 	NOTE: http://permalink.gmane.org/gmane.mail.imap.dovecot/77499
-CVE-2014-3426 (NCSA Mosaic 2.1 through 2.7b5 allows local users to cause a denial of ...)
+CVE-2014-3426
 	NOT-FOR-US: NCSA Mosaic
-CVE-2014-3425 (NCSA Mosaic 2.0 and earlier allows local users to cause a denial of ...)
+CVE-2014-3425
 	NOT-FOR-US: NCSA Mosaic
-CVE-2014-3424 (lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users ...)
+CVE-2014-3424
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	- xemacs21-packages <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html
-CVE-2014-3423 (lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local ...)
+CVE-2014-3423
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	- xemacs21-packages <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html
-CVE-2014-3422 (lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local ...)
+CVE-2014-3422
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	- xemacs21-packages <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html
-CVE-2014-3421 (lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users ...)
+CVE-2014-3421
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html
-CVE-2014-9091 (Icecast before 2.4.0 does not change the supplementary group ...)
+CVE-2014-9091
 	- icecast2 2.4.0-1 (low)
 	[squeeze] - icecast2 <no-dsa> (Minor issue)
 	[wheezy] - icecast2 <no-dsa> (Minor issue)
 	NOTE: https://trac.xiph.org/changeset/19137/
-CVE-2014-3243 (SOAPpy 0.12.5 does not properly detect recursion during entity ...)
+CVE-2014-3243
 	- python-soappy 0.12.22-1 (low; bug #747280)
 	[squeeze] - python-soappy <no-dsa> (Minor issue)
 	[wheezy] - python-soappy <no-dsa> (Minor issue)
 	NOTE: http://www.pnigos.com/?p=260
-CVE-2014-3242 (SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a ...)
+CVE-2014-3242
 	- python-soappy 0.12.22-1 (low; bug #747280)
 	[squeeze] - python-soappy <no-dsa> (Minor issue)
 	[wheezy] - python-soappy <no-dsa> (Minor issue)
 	NOTE: http://www.pnigos.com/?p=260
-CVE-2014-3225 (Absolute path traversal vulnerability in the web interface in Cobbler ...)
+CVE-2014-3225
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2014-3219 (fish before 2.1.1 allows local users to write to arbitrary files via a ...)
+CVE-2014-3219
 	- fish 2.1.1-1 (low; bug #746259)
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
@@ -17754,11 +17754,11 @@ CVE-2014-3218
 	RESERVED
 CVE-2014-3217
 	RESERVED
-CVE-2014-3216 (GOM Media Player 2.2.57.5189 and earlier allows remote attackers to ...)
+CVE-2014-3216
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2014-3215 (seunshare in policycoreutils 2.2.5 is owned by root with 4755 ...)
+CVE-2014-3215
 	- policycoreutils <not-affected> (seunshare not enabled/built in Debian)
-CVE-2014-3214 (The prefetch implementation in named in ISC BIND 9.10.0, when a ...)
+CVE-2014-3214
 	- bind9 <not-affected> (prefetch option introduced in BIND 9.10.0b1)
 	NOTE: https://kb.isc.org/article/AA-01161
 CVE-2014-3213
@@ -17767,29 +17767,29 @@ CVE-2014-3212
 	RESERVED
 CVE-2014-3211
 	RESERVED
-CVE-2014-3210 (SQL injection vulnerability in dopbs-backend-forms.php in the Booking ...)
+CVE-2014-3210
 	NOT-FOR-US: WordPress plugin Booking System
 CVE-2014-3208
 	RESERVED
-CVE-2014-3206 (Seagate BlackArmor NAS allows remote attackers to execute arbitrary ...)
+CVE-2014-3206
 	NOT-FOR-US: Seagate
-CVE-2014-3205 (backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a ...)
+CVE-2014-3205
 	NOT-FOR-US: Seagate
-CVE-2014-3204 (Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle ...)
+CVE-2014-3204
 	NOT-FOR-US: Unity
-CVE-2014-3203 (Unity before 7.2.1, as used in Ubuntu 14.04, does not properly ...)
+CVE-2014-3203
 	NOT-FOR-US: Unity
-CVE-2014-3202 (Unity before 7.2.1 does not properly handle entry activation, which ...)
+CVE-2014-3202
 	NOT-FOR-US: Unity
-CVE-2014-3201 (core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used ...)
+CVE-2014-3201
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3200 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-3200
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3199 (The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the ...)
+CVE-2014-3199
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
@@ -17798,17 +17798,17 @@ CVE-2014-3199 (The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2014-3198 (The Instance::HandleInputEvent function in pdf/instance.cc in the ...)
+CVE-2014-3198
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3197 (The NavigationScheduler::schedulePageBlock function in ...)
+CVE-2014-3197
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3196 (base/memory/shared_memory_win.cc in Google Chrome before 38.0.2125.101 ...)
+CVE-2014-3196
 	- chromium-browser <not-affected> (Only affects Windows)
-CVE-2014-3195 (Google V8, as used in Google Chrome before 38.0.2125.101, does not ...)
+CVE-2014-3195
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
@@ -17817,31 +17817,31 @@ CVE-2014-3195 (Google V8, as used in Google Chrome before 38.0.2125.101, does no
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2014-3194 (Use-after-free vulnerability in the Web Workers implementation in ...)
+CVE-2014-3194
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3193 (The SessionService::GetLastSession function in ...)
+CVE-2014-3193
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3192 (Use-after-free vulnerability in the ...)
+CVE-2014-3192
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3191 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
+CVE-2014-3191
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3190 (Use-after-free vulnerability in the Event::currentTarget function in ...)
+CVE-2014-3190
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3189 (The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium ...)
+CVE-2014-3189
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3188 (Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 ...)
+CVE-2014-3188
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -17850,41 +17850,41 @@ CVE-2014-3188 (Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-3187 (Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS ...)
+CVE-2014-3187
 	- chromium-browser <not-affected> (only affects versions supporting Apple's facetime)
-CVE-2014-3186 (Buffer overflow in the picolcd_raw_event function in ...)
+CVE-2014-3186
 	- linux 3.16.5-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=101
 	NOTE: Upstream fix: https://git.kernel.org/linus/844817e47eef14141cf59b8d5ac08dd11c0a9189 (v3.17-rc3)
-CVE-2014-3185 (Multiple buffer overflows in the command_port_read_callback function ...)
+CVE-2014-3185
 	{DLA-118-1}
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=98
 	NOTE: Upstream fix: https://git.kernel.org/linus/6817ae225cd650fb1c3295d769298c38b1eba818 (v3.17-rc3)
-CVE-2014-3184 (The report_fixup functions in the HID subsystem in the Linux kernel ...)
+CVE-2014-3184
 	{DLA-246-1}
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=91
 	NOTE: Upstream fix: https://git.kernel.org/linus/4ab25786c87eb20857bbb715c3ae34ec8fd6a214 (v3.17-rc2)
-CVE-2014-3183 (Heap-based buffer overflow in the logi_dj_ll_raw_request function in ...)
+CVE-2014-3183
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=90
 	NOTE: Upstream fix: https://git.kernel.org/linus/51217e69697fba92a06e07e16f55c9a52d8e8945 (v3.17-rc2)
-CVE-2014-3182 (Array index error in the logi_dj_raw_event function in ...)
+CVE-2014-3182
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable driver introduced later)
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=89
 	NOTE: Upstream fix: https://git.kernel.org/linus/ad3e14d7c5268c2e24477c6ef54bbdf88add5d36 (v3.17-rc2)
-CVE-2014-3181 (Multiple stack-based buffer overflows in the magicmouse_raw_event ...)
+CVE-2014-3181
 	- linux 3.16.5-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
@@ -17892,111 +17892,111 @@ CVE-2014-3181 (Multiple stack-based buffer overflows in the magicmouse_raw_event
 	NOTE: Upstream fix: https://git.kernel.org/linus/c54def7bd64d7c0b6993336abcffb8444795bf38 (v3.17-rc3)
 CVE-2014-3180
 	RESERVED
-CVE-2014-3179 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-3179
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3178 (Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in ...)
+CVE-2014-3178
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3177 (Google Chrome before 37.0.2062.94 does not properly handle the ...)
+CVE-2014-3177
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3176 (Google Chrome before 37.0.2062.94 does not properly handle the ...)
+CVE-2014-3176
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3175 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-3175
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3174 (modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API ...)
+CVE-2014-3174
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3173 (The WebGL implementation in Google Chrome before 37.0.2062.94 does not ...)
+CVE-2014-3173
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3172 (The Debugger extension API in ...)
+CVE-2014-3172
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3171 (Use-after-free vulnerability in the V8 bindings in Blink, as used in ...)
+CVE-2014-3171
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3170 (extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 ...)
+CVE-2014-3170
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3169 (Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM ...)
+CVE-2014-3169
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3168 (Use-after-free vulnerability in the SVG implementation in Blink, as ...)
+CVE-2014-3168
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3167 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-3167
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3166 (The Public Key Pinning (PKP) implementation in Google Chrome before ...)
+CVE-2014-3166
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3165 (Use-after-free vulnerability in ...)
+CVE-2014-3165
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3164 (cmds/servicemanager/service_manager.c in Android before commit ...)
+CVE-2014-3164
 	NOT-FOR-US: Android
 CVE-2014-3163
 	RESERVED
-CVE-2014-3162 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-3162
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3161 (The WebMediaPlayerAndroid::load function in ...)
+CVE-2014-3161
 	NOT-FOR-US: Android
-CVE-2014-3160 (The ResourceFetcher::canRequest function in ...)
+CVE-2014-3160
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3159 (The WebContentsDelegateAndroid::OpenURLFromTab function in ...)
+CVE-2014-3159
 	NOT-FOR-US: Android
-CVE-2014-3158 (Integer overflow in the getword function in options.c in pppd in ...)
+CVE-2014-3158
 	{DSA-3079-1 DLA-74-1}
 	- ppp 2.4.6-3 (medium; bug #762789)
 	NOTE: https://github.com/paulusmack/ppp/commit/7658e8257183f062dc01f87969c140707c7e52cb
 	NOTE: http://marc.info/?l=linux-ppp&m=140764978420764
 	NOTE: No known exploit yet but potential local privilege escalation to root for users in "dip" group
-CVE-2014-3157 (Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer ...)
+CVE-2014-3157
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3156 (Buffer overflow in the clipboard implementation in Google Chrome ...)
+CVE-2014-3156
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3155 (net/spdy/spdy_write_queue.cc in the SPDY implementation in Google ...)
+CVE-2014-3155
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3154 (Use-after-free vulnerability in the ChildThread::Shutdown function in ...)
+CVE-2014-3154
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3153 (The futex_requeue function in kernel/futex.c in the Linux kernel ...)
+CVE-2014-3153
 	{DSA-2949-1 DLA-0007-1}
 	- linux 3.14.5-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze7
 	NOTE: http://thread.gmane.org/gmane.linux.kernel.stable/92357
-CVE-2014-3152 (Integer underflow in the LCodeGen::PrepareKeyedOperand function in ...)
+CVE-2014-3152
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -18007,15 +18007,15 @@ CVE-2014-3152 (Integer underflow in the LCodeGen::PrepareKeyedOperand function i
 	NOTE: libv8 not covered by security support
 CVE-2014-3151
 	RESERVED
-CVE-2014-3150 (Livebox 1.1 allows remote authenticated users to upload arbitrary ...)
+CVE-2014-3150
 	NOT-FOR-US: Livebox
-CVE-2014-3149 (Cross-site scripting (XSS) vulnerability in Invision Power IP.Board ...)
+CVE-2014-3149
 	NOT-FOR-US: Invision Power IP.Board
-CVE-2014-3148 (Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid ...)
+CVE-2014-3148
 	NOT-FOR-US: OkCupid
-CVE-2014-3147 (Cross-site scripting (XSS) vulnerability in the auto-complete feature ...)
+CVE-2014-3147
 	NOT-FOR-US: Splunk
-CVE-2014-3146 (Incomplete blacklist vulnerability in the lxml.html.clean module in ...)
+CVE-2014-3146
 	{DSA-2941-1 DLA-0009-1}
 	- lxml 3.3.5-1 (bug #746812)
 	[squeeze] - lxml 2.2.8-2+deb6u1
@@ -18030,27 +18030,27 @@ CVE-2014-3141
 	RESERVED
 CVE-2014-3140
 	REJECTED
-CVE-2014-3139 (recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 ...)
+CVE-2014-3139
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2014-3138 (SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 ...)
+CVE-2014-3138
 	NOT-FOR-US: Xerox DocuShare
 CVE-2014-3136
 	RESERVED
-CVE-2014-3135 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 ...)
+CVE-2014-3135
 	NOT-FOR-US: vBulletin
-CVE-2014-3134 (Cross-site scripting (XSS) vulnerability in the InfoView application ...)
+CVE-2014-3134
 	NOT-FOR-US: SAP BusinessObjects
-CVE-2014-3133 (SAP Netweaver Java Application Server does not properly restrict ...)
+CVE-2014-3133
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3132 (SAP Background Processing does not properly restrict access, which ...)
+CVE-2014-3132
 	NOT-FOR-US: SAP Background Processing
-CVE-2014-3131 (SAP Profile Maintenance does not properly restrict access, which ...)
+CVE-2014-3131
 	NOT-FOR-US: SAP Solution Manager
-CVE-2014-3130 (The ABAP Help documentation and translation tools (BC-DOC-HLP) in ...)
+CVE-2014-3130
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3129 (The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP ...)
+CVE-2014-3129
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3209 (The ldns-keygen tool in ldns 1.6.x uses the current umask to set the ...)
+CVE-2014-3209
 	- ldns 1.6.17-4 (low; bug #746758)
 	[squeeze] - ldns <no-dsa> (Minor issue)
 	[wheezy] - ldns 1.6.13-1+deb7u1
@@ -18060,35 +18060,35 @@ CVE-2014-3230 [HTTPS_CA_DIR or HTTPS_CA_FILE disables peer certificate verificat
 	[wheezy] - liblwp-protocol-https-perl <not-affected> (Introduced by bcc46ce2dab53d2e2baa583f2243d6fc7d36dcc8 in 6.04)
 	NOTE: Introduced by https://github.com/dagolden/lwp-protocol-https/commit/bcc46ce2dab53d2e2baa583f2243d6fc7d36dcc8
 	NOTE: CVE assignment for https://github.com/libwww-perl/lwp-protocol-https/pull/14#issuecomment-42328818
-CVE-2014-3207 (Cross-site scripting (XSS) vulnerability in wserver.ml in SKS ...)
+CVE-2014-3207
 	- sks 1.1.5-1 (low; bug #746626)
 	[squeeze] - sks <no-dsa> (Minor issue)
 	[wheezy] - sks 1.1.3-2+deb7u1
 	NOTE: https://bitbucket.org/skskeyserver/sks-keyserver/issue/26/unfiltered-xss
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=952077
-CVE-2014-3137 (Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before ...)
+CVE-2014-3137
 	{DSA-2948-1}
 	- python-bottle 0.12.6-1 (bug #746322)
 	[squeeze] - python-bottle <not-affected> (bug affects versions 0.10.11-1 and 0.12.5-1)
 CVE-2014-3128
 	RESERVED
-CVE-2014-3127 (dpkg 1.15.9 on Debian squeeze introduces support for the &quot;C-style ...)
+CVE-2014-3127
 	{DSA-2915-2}
 	- dpkg 1.17.9
 CVE-2014-3126
 	RESERVED
-CVE-2014-3125 (Xen 4.4.x, when running on an ARM system, does not properly context ...)
+CVE-2014-3125
 	- xen <not-affected> (Only 32- and 64-bit ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3124 (The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local ...)
+CVE-2014-3124
 	{DSA-3006-1}
 	- xen 4.4.1-1 (bug #757724)
 	[squeeze] - xen <not-affected> (Xen versions from 4.1 onwards are vulnerable)
-CVE-2014-3123 (Cross-site scripting (XSS) vulnerability in admin/manage-images.php in ...)
+CVE-2014-3123
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-3121 (rxvt-unicode before 9.20 does not properly handle OSC escape ...)
+CVE-2014-3121
 	{DSA-2925-1}
 	- rxvt-unicode 9.20-1 (bug #746593)
-CVE-2014-3120 (The default configuration in Elasticsearch before 1.2 enables dynamic ...)
+CVE-2014-3120
 	- elasticsearch 1.0.3+dfsg-3 (bug #759736)
 	NOTE: https://github.com/elasticsearch/elasticsearch/commit/81e83cca
 	NOTE: https://github.com/elasticsearch/elasticsearch/issues/5853
@@ -18100,15 +18100,15 @@ CVE-2014-3117
 	RESERVED
 CVE-2014-3116
 	RESERVED
-CVE-2014-3115 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2014-3115
 	NOT-FOR-US: Fortinet Fortiweb
-CVE-2014-3114 (The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and ...)
+CVE-2014-3114
 	NOT-FOR-US: WordPress plugin ezpz-one-click-backup
-CVE-2014-3113 (Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8 ...)
+CVE-2014-3113
 	NOT-FOR-US: RealPlayer
 CVE-2014-3112
 	RESERVED
-CVE-2014-3110 (Multiple cross-site scripting (XSS) vulnerabilities on Honeywell ...)
+CVE-2014-3110
 	NOT-FOR-US: Honeywell FALCON XLWeb controllor
 CVE-2014-3109
 	RESERVED
@@ -18116,157 +18116,157 @@ CVE-2014-3108
 	RESERVED
 CVE-2014-3107
 	RESERVED
-CVE-2014-3106 (IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, ...)
+CVE-2014-3106
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3105 (The OSLC integration feature in the Web component in IBM Rational ...)
+CVE-2014-3105
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3104 (IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, ...)
+CVE-2014-3104
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3103 (The Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, ...)
+CVE-2014-3103
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3102 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.0 ...)
+CVE-2014-3102
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3101 (The login form in the Web component in IBM Rational ClearQuest 7.1 ...)
+CVE-2014-3101
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2014-3100 (Stack-based buffer overflow in the encode_key function in ...)
+CVE-2014-3100
 	NOT-FOR-US: Android service KeyStore
-CVE-2014-3099 (Unspecified vulnerability in the Security component in IBM Systems ...)
+CVE-2014-3099
 	NOT-FOR-US: IBM Systems Director
 CVE-2014-3098
 	RESERVED
-CVE-2014-3097 (Open redirect vulnerability in IBM Tivoli Federated Identity Manager ...)
+CVE-2014-3097
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-3096 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
+CVE-2014-3096
 	NOT-FOR-US: IBM Curam
-CVE-2014-3095 (The SQL engine in IBM DB2 9.5 through FP10, 9.7 through FP9a, 9.8 ...)
+CVE-2014-3095
 	NOT-FOR-US: IBM DB2
-CVE-2014-3094 (Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through ...)
+CVE-2014-3094
 	NOT-FOR-US: IBM DB2
-CVE-2014-3093 (IBM PowerVC 1.2.0 before FP3 and 1.2.1 before FP2 uses cleartext ...)
+CVE-2014-3093
 	NOT-FOR-US: IBM
-CVE-2014-3092 (IBM Jazz Team Server, as used in Rational Collaborative Lifecycle ...)
+CVE-2014-3092
 	NOT-FOR-US: IBM
-CVE-2014-3091 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+CVE-2014-3091
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-3090 (IBM Rational ClearCase 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and ...)
+CVE-2014-3090
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2014-3089 (The RDS Java Client library in IBM Rational Directory Server (RDS) ...)
+CVE-2014-3089
 	NOT-FOR-US: IBM Rational Directory Server
-CVE-2014-3088 (stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client ...)
+CVE-2014-3088
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3087 (callService.do in IBM Business Process Manager (BPM) 7.5 through 8.5.5 ...)
+CVE-2014-3087
 	NOT-FOR-US: IBM
-CVE-2014-3086 (Unspecified vulnerability in the IBM Java Virtual Machine, as used in ...)
+CVE-2014-3086
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3085 (systest.php on IBM GCM16 and GCM32 Global Console Manager switches ...)
+CVE-2014-3085
 	NOT-FOR-US: IBM
-CVE-2014-3084 (IBM Maximo Asset Management 6.1 through 6.5, 7.1 through 7.1.1.13, and ...)
+CVE-2014-3084
 	NOT-FOR-US: IBM
-CVE-2014-3083 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.35, 8.0.x ...)
+CVE-2014-3083
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-3082
 	RESERVED
-CVE-2014-3081 (prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches ...)
+CVE-2014-3081
 	NOT-FOR-US: IBM
-CVE-2014-3080 (Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and ...)
+CVE-2014-3080
 	NOT-FOR-US: IBM
-CVE-2014-3079 (The Administration and Reporting Tool in IBM Rational License Key ...)
+CVE-2014-3079
 	NOT-FOR-US: IBM
 CVE-2014-3078
 	RESERVED
-CVE-2014-3077 (IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x ...)
+CVE-2014-3077
 	NOT-FOR-US: IBM
-CVE-2014-3076 (IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote ...)
+CVE-2014-3076
 	NOT-FOR-US: IBM
-CVE-2014-3075 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
+CVE-2014-3075
 	NOT-FOR-US: IBM
-CVE-2014-3074 (The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local ...)
+CVE-2014-3074
 	NOT-FOR-US: IBM AIX
-CVE-2014-3073 (Unspecified vulnerability in IBM Security Access Manager (ISAM) for ...)
+CVE-2014-3073
 	NOT-FOR-US: Novell Identity Manager
-CVE-2014-3072 (Unspecified vulnerability in the Automation Server in IBM Security ...)
+CVE-2014-3072
 	NOT-FOR-US: IBM Security AppScan
-CVE-2014-3071 (Cross-site scripting (XSS) vulnerability in the Data Quality Console ...)
+CVE-2014-3071
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-3070 (The addFileRegistryAccount Virtual Member Manager (VMM) SPI Admin Task ...)
+CVE-2014-3070
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-3069 (Multiple CRLF injection vulnerabilities in the Universal Access ...)
+CVE-2014-3069
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-3068 (IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 ...)
+CVE-2014-3068
 	NOT-FOR-US: IBM JDK
 CVE-2014-3067
 	RESERVED
-CVE-2014-3066 (IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote ...)
+CVE-2014-3066
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2014-3065 (Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 ...)
+CVE-2014-3065
 	NOT-FOR-US: IBM JDK
-CVE-2014-3064 (The GDS component in IBM InfoSphere Master Data Management - ...)
+CVE-2014-3064
 	NOT-FOR-US: IBM
-CVE-2014-3063 (IBM InfoSphere Master Data Management - Collaborative Edition 10.x ...)
+CVE-2014-3063
 	NOT-FOR-US: IBM
-CVE-2014-3062 (Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 ...)
+CVE-2014-3062
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-3061 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Spend ...)
+CVE-2014-3061
 	NOT-FOR-US: IBM
-CVE-2014-3060 (Unspecified vulnerability on the IBM WebSphere DataPower XC10 ...)
+CVE-2014-3060
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3059 (Unspecified vulnerability in the Administrative Console on the IBM ...)
+CVE-2014-3059
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3058 (Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere ...)
+CVE-2014-3058
 	NOT-FOR-US: IBM
-CVE-2014-3057 (Cross-site scripting (XSS) vulnerability in the Unified Task List ...)
+CVE-2014-3057
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3056 (The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and ...)
+CVE-2014-3056
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3055 (SQL injection vulnerability in the Unified Task List (UTL) Portlet for ...)
+CVE-2014-3055
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3054 (Multiple open redirect vulnerabilities in the Unified Task List (UTL) ...)
+CVE-2014-3054
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3053 (The Local Management Interface (LMI) in IBM Security Access Manager ...)
+CVE-2014-3053
 	NOT-FOR-US: IBM ISAM
-CVE-2014-3052 (The reverse-proxy feature in IBM Security Access Manager (ISAM) for ...)
+CVE-2014-3052
 	NOT-FOR-US: IBM ISAM
-CVE-2014-3051 (The Internet Service Monitor (ISM) agent in IBM Tivoli Composite ...)
+CVE-2014-3051
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-3050 (IBM Rational Team Concert (RTC) 3.x before 3.0.1.6 IF3 and 4.x before ...)
+CVE-2014-3050
 	NOT-FOR-US: IBM Rational Team Concert
 CVE-2014-3049
 	RESERVED
-CVE-2014-3048 (Unspecified vulnerability on the IBM System Storage Virtualization ...)
+CVE-2014-3048
 	NOT-FOR-US: IBM System Storage Virtualization Engine
 CVE-2014-3047
 	RESERVED
 CVE-2014-3046
 	RESERVED
-CVE-2014-3045 (IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before ...)
+CVE-2014-3045
 	NOT-FOR-US: IBM
 CVE-2014-3044
 	RESERVED
-CVE-2014-3043 (IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.3 allows ...)
+CVE-2014-3043
 	NOT-FOR-US: IBM
-CVE-2014-3042 (IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does ...)
+CVE-2014-3042
 	NOT-FOR-US: IBM CICS Transaction Serve
-CVE-2014-3041 (SQL injection vulnerability in IBM Emptoris Contract Management 9.5.x ...)
+CVE-2014-3041
 	NOT-FOR-US: IBM
-CVE-2014-3040 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris ...)
+CVE-2014-3040
 	NOT-FOR-US: IBM
 CVE-2014-3039
 	RESERVED
-CVE-2014-3038 (IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop ...)
+CVE-2014-3038
 	NOT-FOR-US: IBM SPSS Modeler
-CVE-2014-3037 (Cross-site request forgery (CSRF) vulnerability in IBM Configuration ...)
+CVE-2014-3037
 	NOT-FOR-US: IBM
-CVE-2014-3036 (Unspecified vulnerability in IBM API Management 3.0.0.0, when basic ...)
+CVE-2014-3036
 	NOT-FOR-US: IBM API Management
-CVE-2014-3035 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Spend ...)
+CVE-2014-3035
 	NOT-FOR-US: IBM
-CVE-2014-3034 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract ...)
+CVE-2014-3034
 	NOT-FOR-US: IBM
-CVE-2014-3033 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Sourcing ...)
+CVE-2014-3033
 	NOT-FOR-US: IBM Emptoris Sourcing Portfolio
-CVE-2014-3032 (Cross-site scripting (XSS) vulnerability in the Web GUI in IBM Tivoli ...)
+CVE-2014-3032
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-3031 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Business ...)
+CVE-2014-3031
 	NOT-FOR-US: IBM Tivoli Business Service Manager
 CVE-2014-3030
 	RESERVED
@@ -18276,68 +18276,68 @@ CVE-2014-3028
 	RESERVED
 CVE-2014-3027
 	RESERVED
-CVE-2014-3026 (CRLF injection vulnerability in IBM Maximo Asset Management 7.5 ...)
+CVE-2014-3026
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-3025 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo ...)
+CVE-2014-3025
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-3024 (Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset ...)
+CVE-2014-3024
 	NOT-FOR-US: IBM
 CVE-2014-3023
 	RESERVED
-CVE-2014-3022 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x ...)
+CVE-2014-3022
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-3021 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.35, 8.0 before ...)
+CVE-2014-3021
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-3020 (install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 ...)
+CVE-2014-3020
 	NOT-FOR-US: IBM Tivoli Integrated Portal
-CVE-2014-3019 (IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module ...)
+CVE-2014-3019
 	NOT-FOR-US: IBM
-CVE-2014-3018 (IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module ...)
+CVE-2014-3018
 	NOT-FOR-US: IBM
 CVE-2014-3017
 	RESERVED
 CVE-2014-3016
 	RESERVED
-CVE-2014-3015 (Cross-site request forgery (CSRF) vulnerability in the Web player in ...)
+CVE-2014-3015
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3014 (Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM ...)
+CVE-2014-3014
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3013 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam ...)
+CVE-2014-3013
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-3012 (Multiple CRLF injection vulnerabilities in IBM Curam Social Program ...)
+CVE-2014-3012
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-3011 (IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers ...)
+CVE-2014-3011
 	NOT-FOR-US: IBM OpenPages GRC Platform
-CVE-2014-3010 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2014-3010
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3009 (The GDS component in IBM InfoSphere Master Data Management - ...)
+CVE-2014-3009
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-3008 (Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to ...)
+CVE-2014-3008
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2014-3007 (Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might ...)
+CVE-2014-3007
 	- pillow 2.4.0-1 (bug #737059)
 	- python-imaging <removed>
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
 	NOTE: details what is covered exactly by this CVE relating to CVE-2014-1932 and CVE-2014-1933 is missing
-CVE-2014-3006 (Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when ...)
+CVE-2014-3006
 	NOT-FOR-US: Sitepark Information Enterprise Server
-CVE-2014-3005 (XML external entity (XXE) vulnerability in Zabbix 1.8.x before ...)
+CVE-2014-3005
 	- zabbix 1:2.2.5+dfsg-1 (bug #751910)
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://seclists.org/fulldisclosure/2014/Jun/87
 	NOTE: Upstream issue tracking https://support.zabbix.com/browse/ZBX-8151
-CVE-2014-3004 (The default configuration for the Xerces SAX Parser in Castor before ...)
+CVE-2014-3004
 	NOT-FOR-US: Castor
 CVE-2014-3003
 	REJECTED
 CVE-2014-3002
 	RESERVED
-CVE-2014-3001 (The device file system (aka devfs) in FreeBSD 10.0 before p2 does not ...)
+CVE-2014-3001
 	- kfreebsd-10 <not-affected>
 	NOTE: it is called SA-14:07.devfs in the freebsd world
 	NOTE: the devfs rules file is loaded by /etc/init.d/freebsd-utils on boot, so debian never was vulnerable
-CVE-2014-3000 (The TCP reassembly function in the inet module in FreeBSD 8.3 before ...)
+CVE-2014-3000
 	{DSA-2952-1}
 	- kfreebsd-10 10.0-5 (bug #746949)
 	- kfreebsd-9 <removed> (bug #746951)
@@ -18350,52 +18350,52 @@ CVE-2014-2998
 	RESERVED
 CVE-2014-2997
 	RESERVED
-CVE-2014-2996 (XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem ...)
+CVE-2014-2996
 	NOT-FOR-US: XCloner Standalone
-CVE-2014-2995 (Multiple cross-site scripting (XSS) vulnerabilities in twitget.php in ...)
+CVE-2014-2995
 	NOT-FOR-US: WordPress plugin Twitget
-CVE-2014-2994 (Stack-based buffer overflow in Acunetix Web Vulnerability Scanner ...)
+CVE-2014-2994
 	NOT-FOR-US: Acunetix Web Vulnerability Scanner
-CVE-2014-2993 (The Birebin.com application for Android does not verify X.509 ...)
+CVE-2014-2993
 	NOT-FOR-US: Birebin.com application for Android
-CVE-2014-2992 (The Misli.com application for Android does not verify X.509 ...)
+CVE-2014-2992
 	NOT-FOR-US: Misli.com application for Android
 CVE-2014-2991
 	RESERVED
 CVE-2014-2990
 	RESERVED
-CVE-2014-2989 (Cross-site request forgery (CSRF) vulnerability in Open Assessment ...)
+CVE-2014-2989
 	NOT-FOR-US: Open Assessment Technologies TAO
-CVE-2014-2988 (EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware ...)
+CVE-2014-2988
 	NOT-FOR-US: EGroupware EPL
-CVE-2014-2987 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-2987
 	NOT-FOR-US: EGroupware EPL
-CVE-2014-3122 (The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel ...)
+CVE-2014-3122
 	{DSA-2926-1 DLA-0015-1}
 	- linux 3.14.4-1 (bug #747326)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: Introduced by https://git.kernel.org/linus/b291f000393f5a0b679012b39d79fbc85c018233
 	NOTE: Fixed by https://git.kernel.org/linus/57e68e9cd65b4b8eb4045a1e0d0746458502554c (v3.15-rc1)
-CVE-2014-3985 (The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows ...)
+CVE-2014-3985
 	- miniupnpc 1.6-4 (low; bug #748913)
 	[wheezy] - miniupnpc <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1085618
 	NOTE: https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
 	NOTE: http://www.openwall.com/lists/oss-security/2014/04/30/3
-CVE-2014-4338 (cups-browsed in cups-filters before 1.0.53 allows remote attackers to ...)
+CVE-2014-4338
 	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7195
-CVE-2014-4337 (The process_browse_data function in utils/cups-browsed.c in ...)
+CVE-2014-4337
 	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
-CVE-2014-4336 (The generate_local_queue function in utils/cups-browsed.c in ...)
+CVE-2014-4336
 	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: incomplete fix was applied
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194
-CVE-2014-3111 (Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 ...)
+CVE-2014-3111
 	NOT-FOR-US: fog cloning solution
 CVE-2014-2985
 	RESERVED
@@ -18407,59 +18407,59 @@ CVE-2014-2981
 	RESERVED
 CVE-2014-2979
 	RESERVED
-CVE-2014-2978 (The Dispatch_Write function in ...)
+CVE-2014-2978
 	- directfb <not-affected> (Vulnerable code was introduced in 1.4.4)
-CVE-2014-2977 (Multiple integer signedness errors in the Dispatch_Write function in ...)
+CVE-2014-2977
 	- directfb <not-affected> (Vulnerable code was introduced in 1.4.13)
-CVE-2014-2976 (Directory traversal vulnerability in Sixnet SixView Manager 2.4.1 ...)
+CVE-2014-2976
 	NOT-FOR-US: Sixnet SixView
-CVE-2014-2975 (Cross-site scripting (XSS) vulnerability in php/user_account.php in ...)
+CVE-2014-2975
 	NOT-FOR-US: Silver Peak VX
-CVE-2014-2974 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2014-2974
 	NOT-FOR-US: Silver Peak VX
 CVE-2014-2973
 	REJECTED
-CVE-2014-2972 (expand.c in Exim before 4.83 expands mathematical comparisons twice, ...)
+CVE-2014-2972
 	- exim4 4.82.1-2 (low)
 	[squeeze] - exim4 <no-dsa> (Minor issue)
 	[wheezy] - exim4 4.80-7+deb7u1
-CVE-2014-2971 (Cross-site scripting (XSS) vulnerability in AddStdLetter.jsp in ...)
+CVE-2014-2971
 	NOT-FOR-US: MicroPact iComplaints
 CVE-2014-2970
 	REJECTED
-CVE-2014-2969 (NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a ...)
+CVE-2014-2969
 	NOT-FOR-US: NETGEAR GS108PE Prosafe Plus switches
-CVE-2014-2968 (Cross-site scripting (XSS) vulnerability in the web interface on the ...)
+CVE-2014-2968
 	NOT-FOR-US: Huawei E355 CH1E355SM firmware
-CVE-2014-2967 (Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers ...)
+CVE-2014-2967
 	NOT-FOR-US: Autodesk VRED Professional
-CVE-2014-2966 (The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly ...)
+CVE-2014-2966
 	NOT-FOR-US: Resin Pro
-CVE-2014-2965 (Cross-site scripting (XSS) vulnerability in auth-settings-x.php in ...)
+CVE-2014-2965
 	NOT-FOR-US: SpamTitan
-CVE-2014-2964 (Cobham Aviator 700D and 700E satellite terminals have hardcoded ...)
+CVE-2014-2964
 	NOT-FOR-US: Cobham Aviator 700D and 700E satellite terminals
-CVE-2014-2963 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-2963
 	NOT-FOR-US: Liferay Portal
-CVE-2014-2962 (Absolute path traversal vulnerability in the webproc cgi module on the ...)
+CVE-2014-2962
 	NOT-FOR-US: Belkin router
 CVE-2014-2961
 	RESERVED
-CVE-2014-2960 (Vision Critical before 2014-05-30 allows attackers to read arbitrary ...)
+CVE-2014-2960
 	NOT-FOR-US: Vision Critical
-CVE-2014-2959 (logViewer.htm on the Dell ML6000 tape backup system with firmware ...)
+CVE-2014-2959
 	NOT-FOR-US: Quantum Scalar
 CVE-2014-2958
 	RESERVED
-CVE-2014-2957 (The dmarc_process function in dmarc.c in Exim before 4.82.1, when ...)
+CVE-2014-2957
 	- exim4 4.82.1-1 (unimportant)
 	[squeeze] - exim4 <not-affected> (Vulnerable code introduced in 4.82)
 	[wheezy] - exim4 <not-affected> (Vulnerable code introduced in 4.82)
 	NOTE: https://lists.exim.org/lurker/message/20140528.122536.a31d60a4.en.html
 	NOTE: EXPERIMENTAL_DMARC not enabled
-CVE-2014-2956 (ScriptHelperApi in the AVG ScriptHelper ActiveX control in ...)
+CVE-2014-2956
 	NOT-FOR-US: AVG Secure Search toolbar and AVG Safeguard
-CVE-2014-2955 (Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers ...)
+CVE-2014-2955
 	NOT-FOR-US: Raritan PX
 CVE-2014-2954
 	RESERVED
@@ -18469,17 +18469,17 @@ CVE-2014-2952 [Arbitrary File Deletion as Root in Webmin]
 	RESERVED
 	NOT-FOR-US: Webmin
 	NOTE: https://sites.utexas.edu/iso/2014/09/09/arbitrary-file-deletion-as-root-in-webmin/
-CVE-2014-2951 (Datum Systems SnIP on PSM-500 and PSM-4500 devices has a hardcoded ...)
+CVE-2014-2951
 	NOT-FOR-US: Datum Systems SnIP
-CVE-2014-2950 (Datum Systems SnIP on PSM-500 and PSM-4500 devices does not require ...)
+CVE-2014-2950
 	NOT-FOR-US: Datum Systems SnIP
-CVE-2014-2949 (SQL injection vulnerability in the web service in F5 ARX Data Manager ...)
+CVE-2014-2949
 	NOT-FOR-US: F5 ARX Data Manager
-CVE-2014-2948 (SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM ...)
+CVE-2014-2948
 	NOT-FOR-US: Bizagi BPM
-CVE-2014-2947 (Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM ...)
+CVE-2014-2947
 	NOT-FOR-US: Bizagi BPM
-CVE-2014-2946 (Cross-site request forgery (CSRF) vulnerability in api/sms/send-sms in ...)
+CVE-2014-2946
 	NOT-FOR-US: Huawei device
 CVE-2014-2945
 	REJECTED
@@ -18487,25 +18487,25 @@ CVE-2014-2944
 	REJECTED
 CVE-2014-2943
 	REJECTED
-CVE-2014-2942 (Cobham Aviator 700D and 700E satellite terminals use an improper ...)
+CVE-2014-2942
 	NOT-FOR-US: Cobham Aviator
-CVE-2014-2941 (** DISPUTED ** Cobham Sailor 6000 satellite terminals have hardcoded ...)
+CVE-2014-2941
 	NOT-FOR-US: Cobham Sailor 6000 satellite terminals
-CVE-2014-2940 (Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF ...)
+CVE-2014-2940
 	NOT-FOR-US: Cobham Sailor 900 and 6000 satellite terminals
-CVE-2014-2939 (Multiple cross-site scripting (XSS) vulnerabilities in Alfresco ...)
+CVE-2014-2939
 	NOT-FOR-US: Alfresco
-CVE-2014-2938 (Hanvon FaceID before 1.007.110 does not require authentication, which ...)
+CVE-2014-2938
 	NOT-FOR-US: Hanvon FaceID
 CVE-2014-2937
 	REJECTED
-CVE-2014-2936 (The directory manager in Caldera 9.20 allows remote attackers to ...)
+CVE-2014-2936
 	NOT-FOR-US: Caldera
-CVE-2014-2935 (costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows ...)
+CVE-2014-2935
 	NOT-FOR-US: Caldera
-CVE-2014-2934 (Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote ...)
+CVE-2014-2934
 	NOT-FOR-US: Caldera
-CVE-2014-2933 (Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 ...)
+CVE-2014-2933
 	NOT-FOR-US: Caldera
 CVE-2014-2932
 	RESERVED
@@ -18515,21 +18515,21 @@ CVE-2014-2930
 	RESERVED
 CVE-2014-2929
 	RESERVED
-CVE-2014-2928 (The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and ...)
+CVE-2014-2928
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-2927 (The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, ...)
+CVE-2014-2927
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-2926 (kapfa.sys in Kaseya Virtual System Administrator (VSA) 6.5 before ...)
+CVE-2014-2926
 	NOT-FOR-US: Kaseya Virtual System Administrator
-CVE-2014-2925 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2925
 	NOT-FOR-US: ASUS RT series
 CVE-2014-2924
 	RESERVED
 CVE-2014-2923
 	RESERVED
-CVE-2014-2922 (The getObjectByToken function in Newsletter.php in the ...)
+CVE-2014-2922
 	NOT-FOR-US: pimcore
-CVE-2014-2921 (The getObjectByToken function in Newsletter.php in the ...)
+CVE-2014-2921
 	NOT-FOR-US: pimcore
 CVE-2014-2920
 	RESERVED
@@ -18539,7 +18539,7 @@ CVE-2014-2918
 	RESERVED
 CVE-2014-2917
 	RESERVED
-CVE-2014-2916 (Cross-site request forgery (CSRF) vulnerability in the subscription ...)
+CVE-2014-2916
 	NOT-FOR-US: subscription page editor
 CVE-2014-2914 [remote code execution]
 	RESERVED
@@ -18553,9 +18553,9 @@ CVE-2014-2911
 	RESERVED
 CVE-2014-2910
 	RESERVED
-CVE-2014-2909 (CRLF injection vulnerability in the integrated web server on Siemens ...)
+CVE-2014-2909
 	NOT-FOR-US: Siemens
-CVE-2014-2908 (Cross-site scripting (XSS) vulnerability in the integrated web server ...)
+CVE-2014-2908
 	NOT-FOR-US: Siemens
 CVE-2014-2906 [unsafe temporary file creationg leading to privilege escalation]
 	RESERVED
@@ -18563,19 +18563,19 @@ CVE-2014-2906 [unsafe temporary file creationg leading to privilege escalation]
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
 	NOTE: https://github.com/fish-shell/fish-shell/issues/1437
-CVE-2014-2905 (fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the ...)
+CVE-2014-2905
 	- fish 2.1.1-1 (low; bug #746259)
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
 	NOTE: https://github.com/fish-shell/fish-shell/issues/1436
 CVE-2014-2895
 	RESERVED
-CVE-2014-2891 (strongSwan before 5.1.2 allows remote attackers to cause a denial of ...)
+CVE-2014-2891
 	{DSA-2922-1}
 	- strongswan 5.1.2-1
 CVE-2014-2887
 	RESERVED
-CVE-2014-2886 (GKSu 2.0.2, when sudo-mode is not enabled, uses &quot; (double quote) ...)
+CVE-2014-2886
 	- gksu <removed>
 	[stretch] - gksu <ignored> (Minor issue)
 	[jessie] - gksu <ignored> (Minor issue)
@@ -18587,13 +18587,13 @@ CVE-2014-2886 (GKSu 2.0.2, when sudo-mode is not enabled, uses &quot; (double qu
 	NOTE: enabled (in auto mode).
 CVE-2014-2883
 	RESERVED
-CVE-2014-2882 (Unspecified vulnerability in the management GUI in Citrix NetScaler ...)
+CVE-2014-2882
 	NOT-FOR-US: Citrix Netscaler
-CVE-2014-2881 (Unspecified vulnerability in the Diffie-Hellman key agreement ...)
+CVE-2014-2881
 	NOT-FOR-US: Citrix Netscaler
-CVE-2014-2880 (Open redirect vulnerability in the Oracle Identity Manager component ...)
+CVE-2014-2880
 	NOT-FOR-US: Oracle Identity Manager
-CVE-2014-2879 (Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL ...)
+CVE-2014-2879
 	NOT-FOR-US: SonicWALL
 CVE-2014-2878
 	RESERVED
@@ -18607,25 +18607,25 @@ CVE-2014-XXXX [Insecure default permissions for ~/.virtualenvs and scripts]
 	- virtualenvwrapper 4.3-1 (low; bug #745580)
 	[wheezy] - virtualenvwrapper <no-dsa> (Minor issue)
 	[squeeze] - virtualenvwrapper <no-dsa> (Minor issue)
-CVE-2014-2907 (The srtp_add_address function in epan/dissectors/packet-rtp.c in the ...)
+CVE-2014-2907
 	- wireshark 1.10.7-1 (bug #745595)
 	[wheezy] - wireshark <not-affected> (Affects 1.10.x only)
 	[squeeze] - wireshark <not-affected> (Affects 1.10.x only)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-06.html
-CVE-2014-2986 (The vgic_distr_mmio_write function in the virtual guest interrupt ...)
+CVE-2014-2986
 	- xen <not-affected> (Only 32-bit and 64-bit ARM systems are vulnerable from Xen 4.4 onwards)
-CVE-2014-2980 (Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run ...)
+CVE-2014-2980
 	- gnustep-base 1.24.6-1 (bug #745470)
 	[wheezy] - gnustep-base 1.22.1-4+deb7u1
 	[squeeze] - gnustep-base <no-dsa> (Minor issue)
 	NOTE: https://savannah.gnu.org/bugs/?41751
-CVE-2014-2915 (Xen 4.4.x, when running on ARM systems, does not properly restrict ...)
+CVE-2014-2915
 	- xen <not-affected> (Only 32-bit and 64-bit ARM systems are vulnerable from Xen 4.4 onwards)
-CVE-2014-2913 (** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios ...)
+CVE-2014-2913
 	- nagios-nrpe 2.15-1 (unimportant; bug #745272)
 	NOTE: This in insecure by design anyway
-CVE-2014-2983 (Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate ...)
+CVE-2014-2983
 	{DSA-2914-1 DSA-2913-1}
 	- drupal7 7.27-1
 	- drupal6 <removed>
@@ -18636,7 +18636,7 @@ CVE-2014-2904
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
 	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
-CVE-2014-2903 (CyaSSL does not check the key usage extension in leaf certificates, ...)
+CVE-2014-2903
 	- cyassl <removed> (bug #770229)
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
 	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
@@ -18653,9 +18653,9 @@ CVE-2014-2901
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
 	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
-CVE-2014-2900 (wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 ...)
+CVE-2014-2900
 	- cyassl 2.9.4+dfsg-1
-CVE-2014-2899 (wolfSSL CyaSSL before 2.9.4 allows remote attackers to cause a denial ...)
+CVE-2014-2899
 	- cyassl 2.9.4+dfsg-1
 CVE-2014-2898
 	RESERVED
@@ -18666,83 +18666,83 @@ CVE-2014-2897
 CVE-2014-2896
 	RESERVED
 	- cyassl 2.9.4+dfsg-1
-CVE-2014-2890 (Cross-site scripting (XSS) vulnerability in the wrap_html function in ...)
+CVE-2014-2890
 	- phpmyid <itp> (bug #492325)
-CVE-2014-2888 (lib/sfpagent/bsig.rb in the sfpagent gem before 0.4.15 for Ruby allows ...)
+CVE-2014-2888
 	NOT-FOR-US: Ruby Gem sfpagent
-CVE-2014-2885 (Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) ...)
+CVE-2014-2885
 	- truecrypt <itp> (bug #364034)
-CVE-2014-2884 (The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt ...)
+CVE-2014-2884
 	- truecrypt <itp> (bug #364034)
-CVE-2014-2874 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote ...)
+CVE-2014-2874
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2873 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not ...)
+CVE-2014-2873
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2872 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote ...)
+CVE-2014-2872
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2871 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an ...)
+CVE-2014-2871
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2870 (The default configuration of PaperThin CommonSpot before 7.0.2 and 8.x ...)
+CVE-2014-2870
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2869 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote ...)
+CVE-2014-2869
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2868 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote ...)
+CVE-2014-2868
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2867 (Unrestricted file upload vulnerability in PaperThin CommonSpot before ...)
+CVE-2014-2867
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2866 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on ...)
+CVE-2014-2866
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2865 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote ...)
+CVE-2014-2865
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2864 (Multiple directory traversal vulnerabilities in PaperThin CommonSpot ...)
+CVE-2014-2864
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2863 (Multiple absolute path traversal vulnerabilities in PaperThin ...)
+CVE-2014-2863
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2862 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not check ...)
+CVE-2014-2862
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2861 (Incomplete blacklist vulnerability in PaperThin CommonSpot before ...)
+CVE-2014-2861
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2860 (Multiple cross-site scripting (XSS) vulnerabilities in PaperThin ...)
+CVE-2014-2860
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2859 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote ...)
+CVE-2014-2859
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2858 (Directory traversal vulnerability in the Resources plugin 1.0.0 before ...)
+CVE-2014-2858
 	- grails <itp> (bug #473213)
-CVE-2014-2857 (The default configuration of the Resources plugin 1.0.0 before 1.2.6 ...)
+CVE-2014-2857
 	- grails <itp> (bug #473213)
-CVE-2014-2892 (Heap-based buffer overflow in the get_answer function in mmsh.c in ...)
+CVE-2014-2892
 	{DSA-2916-1}
 	- libmms 0.6.2-4 (bug #745301)
 	- xine-lib <not-affected> (mmsh is libmms-specific)
 	NOTE: http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
-CVE-2014-2893 (The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and ...)
+CVE-2014-2893
 	- llvm-toolchain-snapshot 1:3.5~svn211669-1 (bug #744817)
 	- llvm-toolchain-3.3 <unfixed>
 	- llvm-toolchain-3.4 1:3.4.2-1
-CVE-2014-2854 (Cross-site scripting (XSS) vulnerability in the SemanticTitle ...)
+CVE-2014-2854
 	NOT-FOR-US: MediaWiki extension SemanticTitle
-CVE-2014-2853 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2853
 	- mediawiki <not-affected> (Vulnerable code not present)
-CVE-2014-2852 (OpenAFS before 1.6.7 delays the listen thread when an ...)
+CVE-2014-2852
 	{DSA-2899-1}
 	- openafs 1.6.7-1
-CVE-2014-2850 (The network interface configuration page (netinterface) in Sophos Web ...)
+CVE-2014-2850
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2014-2849 (The Change Password dialog box (change_password) in Sophos Web ...)
+CVE-2014-2849
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2014-2848 (A race condition in the wmi_malware_scan.nbin plugin before ...)
+CVE-2014-2848
 	NOT-FOR-US: Nessus
-CVE-2014-2847 (SQL injection vulnerability in default.asp in CIS Manager CMS allows ...)
+CVE-2014-2847
 	NOT-FOR-US: CIS Manager CMS
-CVE-2014-2846 (Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php ...)
+CVE-2014-2846
 	NOT-FOR-US: Arkeia Server Backup
-CVE-2014-2845 (Cyberduck before 4.4.4 on Windows does not properly validate X.509 ...)
+CVE-2014-2845
 	NOT-FOR-US: Cyberduck on Windows
-CVE-2014-2844 (Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure ...)
+CVE-2014-2844
 	NOT-FOR-US: F-Secure Messaging Secure Gateway
 CVE-2014-2843
 	RESERVED
-CVE-2014-2842 (Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a ...)
+CVE-2014-2842
 	NOT-FOR-US: Juniper ScreenOS
 CVE-2014-2841
 	RESERVED
@@ -18750,9 +18750,9 @@ CVE-2014-2840
 	RESERVED
 	NOT-FOR-US: TR-069 Auto Configuration Servers
 	NOTE: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
-CVE-2014-2839 (SQL injection vulnerability in the GD Star Rating plugin 19.22 for ...)
+CVE-2014-2839
 	NOT-FOR-US: GD Star Rating plugin for WordPress
-CVE-2014-2838 (Multiple cross-site request forgery (CSRF) vulnerabilities in the GD ...)
+CVE-2014-2838
 	NOT-FOR-US: GD Star Rating plugin for WordPress
 CVE-2014-2837
 	RESERVED
@@ -18768,167 +18768,167 @@ CVE-2014-2832
 	RESERVED
 CVE-2014-2831
 	RESERVED
-CVE-2014-2829 (Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly ...)
+CVE-2014-2829
 	NOT-FOR-US: MongooseIM
-CVE-2014-2827 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2827
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2826 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2826
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2825 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2825
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2824 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-2824
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2823 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2823
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2822 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2822
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2821 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2014-2821
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2820 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2820
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2819 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2014-2819
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2818 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2014-2818
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2817 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2817
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2816 (Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint ...)
+CVE-2014-2816
 	NOT-FOR-US: Microsoft
-CVE-2014-2815 (Microsoft OneNote 2007 SP3 allows remote attackers to execute ...)
+CVE-2014-2815
 	NOT-FOR-US: Microsoft
-CVE-2014-2814 (Microsoft Service Bus 1.1 on Microsoft Windows Server 2008 R2 SP1 and ...)
+CVE-2014-2814
 	NOT-FOR-US: Microsoft Server
-CVE-2014-2813 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2813
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2812
 	REJECTED
-CVE-2014-2811 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2811
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2810 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2810
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2809 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2809
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2808 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2808
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2807 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2807
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2806 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2806
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2805
 	REJECTED
-CVE-2014-2804 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-2804
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2803 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2014-2803
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2802 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2802
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2801 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2801
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2800 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2800
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2799 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2799
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2798 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-2798
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2797 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-2797
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2796 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2796
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2795 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-2795
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2794 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2014-2794
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2793
 	REJECTED
-CVE-2014-2792 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2792
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2791 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-2791
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2790 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2790
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2789 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-2789
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2788 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2014-2788
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2787 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2787
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2786 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2786
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2785 (Microsoft Internet Explorer 7 allows remote attackers to execute ...)
+CVE-2014-2785
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2784 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-2784
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2783 (Microsoft Internet Explorer 7 through 11 does not prevent use of ...)
+CVE-2014-2783
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2782 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2782
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2781 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2014-2781
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-2780 (DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2014-2780
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-2779 (mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 ...)
+CVE-2014-2779
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2014-2778 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...)
+CVE-2014-2778
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2777 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-2777
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2776 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2776
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2775 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2775
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2774 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2774
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2773 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-2773
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2772 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2772
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2771 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2771
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2770 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-2770
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2769 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2769
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2768 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-2768
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2767 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2014-2767
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2766 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2766
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2765 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2765
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2764 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2764
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2763 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2763
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2762
 	REJECTED
-CVE-2014-2761 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2761
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2760 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2760
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2759 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2759
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2758 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-2758
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2757 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-2757
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2756 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-2756
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2755 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2755
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2754 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-2754
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2753 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-2753
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2752 (SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded ...)
+CVE-2014-2752
 	NOT-FOR-US: SAP
-CVE-2014-2751 (SAP Print and Output Management has hardcoded credentials, which makes ...)
+CVE-2014-2751
 	NOT-FOR-US: SAP
 CVE-2014-2750
 	REJECTED
-CVE-2014-2749 (The HANA ICM process in SAP HANA allows remote attackers to obtain the ...)
+CVE-2014-2749
 	NOT-FOR-US: SAP
-CVE-2014-2748 (The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for ...)
+CVE-2014-2748
 	NOT-FOR-US: SAP
 CVE-2014-2747
 	RESERVED
@@ -18936,28 +18936,28 @@ CVE-2014-2740
 	RESERVED
 CVE-2014-2738
 	RESERVED
-CVE-2014-2737 (SQL injection vulnerability in the get_active_session function in the ...)
+CVE-2014-2737
 	NOT-FOR-US: KnowledgeTree
-CVE-2014-2736 (Multiple SQL injection vulnerabilities in MODX Revolution before ...)
+CVE-2014-2736
 	NOT-FOR-US: MODX Revolution
-CVE-2014-2735 (WinSCP before 5.5.3, when FTP with TLS is used, does not verify that ...)
+CVE-2014-2735
 	NOT-FOR-US: WinSCP
-CVE-2014-2734 (** DISPUTED ** The openssl extension in Ruby 2.x does not properly ...)
+CVE-2014-2734
 	NOTE: considered invalid and should be rejected, see https://gist.github.com/emboss/91696b56cd227c8a0c13
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1091156#c1
-CVE-2014-2733 (Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a ...)
+CVE-2014-2733
 	NOT-FOR-US: Siemens SINEMA
-CVE-2014-2732 (Multiple directory traversal vulnerabilities in the integrated web ...)
+CVE-2014-2732
 	NOT-FOR-US: Siemens SINEMA
-CVE-2014-2731 (Multiple unspecified vulnerabilities in the integrated web server in ...)
+CVE-2014-2731
 	NOT-FOR-US: Siemens SINEMA
-CVE-2014-2889 (Off-by-one error in the bpf_jit_compile function in ...)
+CVE-2014-2889
 	- linux 3.2.1-1
 	- linux-2.6 3.2.1-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: introduced by https://git.kernel.org/linus/0a14842f5a3c0e88a1e59fac5c3025db39721f74
 	NOTE: Upstrem fix in https://git.kernel.org/linus/a03ffcf873fe0f2565386ca8ef832144c42e67fa
-CVE-2014-2894 (Off-by-one error in the cmd_smart function in the smart self test in ...)
+CVE-2014-2894
 	{DSA-2933-1 DSA-2932-1}
 	- qemu 2.0.0+dfsg-1 (bug #745157)
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
@@ -18965,13 +18965,13 @@ CVE-2014-2894 (Off-by-one error in the cmd_smart function in the smart self test
 	[squeeze] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02016.html
 	NOTE: Vulnerable code introduced in 0.11.50: http://git.qemu.org/?p=qemu.git;a=commit;h=e8b54394950f975c1b31d2359cf58ca4d9f51b00
-CVE-2014-2855 (The check_secret function in authenticate.c in rsync 3.1.0 and earlier ...)
+CVE-2014-2855
 	- rsync 3.1.0-3 (bug #744791)
 	[wheezy] - rsync <not-affected> (Introduced in 3.1.0)
 	[squeeze] - rsync <not-affected> (Introduced in 3.1.0)
 	NOTE: Introduced with https://git.samba.org/?p=rsync.git;a=commitdiff;h=5ebe9a46d7f3c846a6d665cb8c6ab8b79508a6df
 	NOTE: Fix: https://git.samba.org/?p=rsync.git;a=commitdiff;h=0dedfbce2c1b851684ba658861fe9d620636c56a
-CVE-2014-2856 (Cross-site scripting (XSS) vulnerability in scheduler/client.c in ...)
+CVE-2014-2856
 	- cups 1.7.2-1
 	[squeeze] - cups 1.4.4-7+squeeze5
 	[wheezy] - cups 1.5.3-5+deb7u2
@@ -18979,30 +18979,30 @@ CVE-2014-2856 (Cross-site scripting (XSS) vulnerability in scheduler/client.c in
 CVE-2014-XXXX [node-marked: multiple content injection vulnerabilities]
 	- node-marked 0.3.1+dfsg-1
 	NOTE: https://nodesecurity.io/advisories/marked_multiple_content_injection_vulnerabilities
-CVE-2014-2851 (Integer overflow in the ping_init_sock function in net/ipv4/ping.c in ...)
+CVE-2014-2851
 	{DSA-2926-1}
 	- linux 3.14.4-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: https://lkml.org/lkml/2014/4/10/736
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=b04c46190219a4f845e46a459e3102137b7f6cac
-CVE-2014-2830 (Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils ...)
+CVE-2014-2830
 	- cifs-utils <unfixed> (unimportant)
 	[squeeze] - cifs-utils <not-affected> (Vulnerable code not present)
 	[wheezy] - cifs-utils <not-affected> (pam_cifscreds introduced in 6.3)
 	NOTE: cifscreds PAM not built in unstable
-CVE-2014-2828 (The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and ...)
+CVE-2014-2828
 	- keystone 2014.1-1
 	[wheezy] - keystone <not-affected> (Only affects 2013.1 to 2013.2.3)
 	NOTE: https://launchpad.net/bugs/1300274
-CVE-2014-2746 (net/IOService.java in Tigase before 5.2.1 does not properly restrict ...)
+CVE-2014-2746
 	NOT-FOR-US: Tigase XMPP Server
-CVE-2014-2745 (Prosody before 0.9.4 does not properly restrict the processing of ...)
+CVE-2014-2745
 	{DSA-2895-1}
 	- prosody 0.9.4-1
 	[squeeze] - prosody <no-dsa> (Minor issue)
 	NOTE: http://hg.prosody.im/0.9/rev/a97591d2e1ad
 	NOTE: http://hg.prosody.im/0.9/rev/1107d66d2ab2
-CVE-2014-2744 (plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) ...)
+CVE-2014-2744
 	{DSA-2895-1}
 	- prosody 0.9.4-1
 	- lua-expat 1.3.0-1
@@ -19010,24 +19010,24 @@ CVE-2014-2744 (plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) .
 	[squeeze] - lua-expat <no-dsa> (Minor issue)
 	[squeeze] - prosody <no-dsa> (Minor issue)
 	NOTE: http://hg.prosody.im/0.9/rev/b3b1c9da38fb
-CVE-2014-2743 (plugins/mod_compression.lua in Lightwitch Metronome through 3.4 does ...)
+CVE-2014-2743
 	NOT-FOR-US: Openfire
-CVE-2014-2742 (Isode M-Link before 16.0v7 does not properly restrict the processing ...)
+CVE-2014-2742
 	NOT-FOR-US: Openfire
-CVE-2014-2741 (nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 ...)
+CVE-2014-2741
 	NOT-FOR-US: Openfire
-CVE-2014-2730 (The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and ...)
+CVE-2014-2730
 	NOT-FOR-US: Microsoft Office
-CVE-2014-2739 (The cma_req_handler function in drivers/infiniband/core/cma.c in the ...)
+CVE-2014-2739
 	- linux <not-affected> (Introduced and fixed in 3.14)
 	- linux-2.6 <not-affected> ((Introduced and fixed in 3.14)
-CVE-2014-2729 (Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS ...)
+CVE-2014-2729
 	NOT-FOR-US: Ektron Web Content Management System
 CVE-2014-2728
 	RESERVED
 CVE-2014-2727
 	RESERVED
-CVE-2014-1985 (Open redirect vulnerability in the redirect_back_or_default function ...)
+CVE-2014-1985
 	- redmine 2.5.1-1 (bug #743828)
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	[wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -19045,27 +19045,27 @@ CVE-2014-2722
 	RESERVED
 CVE-2014-2721
 	RESERVED
-CVE-2014-2720 (IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's ...)
+CVE-2014-2720
 	NOT-FOR-US: IZArc Archiver
-CVE-2014-2719 (Advanced_System_Content.asp in the ASUS RT series routers with ...)
+CVE-2014-2719
 	NOT-FOR-US: ASUS RT series routers
-CVE-2014-2718 (ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, ...)
+CVE-2014-2718
 	NOT-FOR-US: ASUS routers
-CVE-2014-2717 (Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier ...)
+CVE-2014-2717
 	NOT-FOR-US: Honeywell FALCON XLWeb controller
-CVE-2014-2716 (Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location ...)
+CVE-2014-2716
 	NOT-FOR-US: Ekahau Real-Time Location Tracking System
-CVE-2014-2715 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-2715
 	NOT-FOR-US: Drupal plugin
-CVE-2014-2714 (The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 ...)
+CVE-2014-2714
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2713 (Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, ...)
+CVE-2014-2713
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2712 (Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos ...)
+CVE-2014-2712
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2711 (Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos ...)
+CVE-2014-2711
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2710 (Multiple cross-site scripting (XSS) vulnerabilities in Oliver ...)
+CVE-2014-2710
 	NOT-FOR-US: Oliver (formerly Webshar)
 CVE-2014-2705
 	RESERVED
@@ -19097,9 +19097,9 @@ CVE-2014-2692
 	RESERVED
 CVE-2014-2691
 	RESERVED
-CVE-2014-2690 (Citrix VDI-in-a-Box 5.3.x before 5.3.6 and 5.4.x before 5.4.3 allows ...)
+CVE-2014-2690
 	NOT-FOR-US: Citrix VDI-in-a-Box
-CVE-2014-2689 (Cross-site scripting (XSS) vulnerability in Offiria 2.1.0 and earlier ...)
+CVE-2014-2689
 	NOT-FOR-US: Offiria
 CVE-2014-2688
 	RESERVED
@@ -19107,25 +19107,25 @@ CVE-2014-2687
 	RESERVED
 CVE-2014-5880
 	REJECTED
-CVE-2014-2709 (lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote ...)
+CVE-2014-2709
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #743565)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #743565)
 	NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
 	NOTE: CVE for all changes to lib/rrd.php to add cacti_escapeshellarg calls
-CVE-2014-2708 (Multiple SQL injection vulnerabilities in graph_xport.php in Cacti ...)
+CVE-2014-2708
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #743565)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #743565)
 	NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
 	NOTE: CVE for all changes to graph_xport.php to ensure that data is numeric
-CVE-2014-2707 (cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP ...)
+CVE-2014-2707
 	- cups-filters 1.0.51-1 (bug #743470)
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: Introduced in at least 1.0.41
-CVE-2014-2706 (Race condition in the mac80211 subsystem in the Linux kernel before ...)
+CVE-2014-2706
 	- linux 3.13.7-1 (low)
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed> (low)
@@ -19141,17 +19141,17 @@ CVE-2014-2677
 	RESERVED
 CVE-2014-2676
 	RESERVED
-CVE-2014-2675 (Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php ...)
+CVE-2014-2675
 	NOT-FOR-US: WP HTML Sitemap plugin for WordPress
-CVE-2014-2674 (Directory traversal vulnerability in the Ajax Pagination (twitter ...)
+CVE-2014-2674
 	NOT-FOR-US: Ajax Pagination (twitter Style) plugin for WordPress
-CVE-2014-2671 (Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote ...)
+CVE-2014-2671
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2014-2670 (Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ...)
+CVE-2014-2670
 	NOT-FOR-US: ZOHO ManageEngine OpStor
 CVE-2014-2666
 	RESERVED
-CVE-2014-2664 (Unrestricted file upload vulnerability in the ...)
+CVE-2014-2664
 	NOT-FOR-US: X2Engine X2CR
 CVE-2014-2663
 	RESERVED
@@ -19161,67 +19161,67 @@ CVE-2014-2661
 	RESERVED
 CVE-2014-2660
 	RESERVED
-CVE-2014-2659 (Cross-site request forgery (CSRF) vulnerability in the admin UI in ...)
+CVE-2014-2659
 	NOT-FOR-US: Papercut MF/NG
 	NOTE: This is not the papercut NNTP server.
-CVE-2014-2658 (Unspecified vulnerability in Papercut MF and NG before 14.1 (Build ...)
+CVE-2014-2658
 	NOT-FOR-US: PaperCut MF
-CVE-2014-2657 (Unspecified vulnerability in the print release functionality in ...)
+CVE-2014-2657
 	NOT-FOR-US: PaperCut MF
-CVE-2014-2654 (Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and ...)
+CVE-2014-2654
 	NOT-FOR-US: MobFox mAdserve
-CVE-2014-2685 (The GenericConsumer class in the Consumer component in ZendOpenId ...)
+CVE-2014-2685
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-02
-CVE-2014-2684 (The GenericConsumer class in the Consumer component in ZendOpenId ...)
+CVE-2014-2684
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-02
-CVE-2014-2683 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 ...)
+CVE-2014-2683
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
-CVE-2014-2682 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 ...)
+CVE-2014-2682
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
-CVE-2014-2681 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 ...)
+CVE-2014-2681
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
-CVE-2014-2678 (The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel ...)
+CVE-2014-2678
 	{DLA-0015-1}
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: https://lkml.org/lkml/2014/3/29/188
-CVE-2014-2673 (The arch_dup_task_struct function in the Transactional Memory (TM) ...)
+CVE-2014-2673
 	- linux 3.13.7-1
 	[wheezy] - linux <not-affected> (Introduced in 3.4)
 	- linux-2.6 <not-affected> (Introduced in 3.4)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=621b5060e823301d0cba4cb52a7ee3491922d291
 	NOTE: only affects powerpc architecture
-CVE-2014-2672 (Race condition in the ath_tx_aggr_sleep function in ...)
+CVE-2014-2672
 	- linux 3.13.7-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=21f8aaee0c62708654988ce092838aa7df4d25d8
-CVE-2014-2669 (Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL ...)
+CVE-2014-2669
 	{DSA-2865-1}
 	- postgresql-9.1 9.1.12-1
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (9.x branch only)
 	[squeeze] - postgresql-8.4 <not-affected> (9.x branch only)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-2668 (Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a ...)
+CVE-2014-2668
 	- couchdb <removed> (low; bug #788962)
 	[wheezy] - couchdb <no-dsa> (Minor issue)
 	[squeeze] - couchdb <no-dsa> (Minor issue)
 	NOTE: High resource usage in CPU and memory while query is active. No crash for deamon in 1.4.0-3+b1 and 1.2.0-5 versions.
 	NOTE: http://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=commitdiff_plain;h=0fb5aa9e67bd291ca2638dba961f4ddd3f6ccb3e;hp=198bea3479dfecac13ab1a3e95f902b8eba02f7d
-CVE-2014-2667 (Race condition in the _get_masked_mode function in Lib/os.py in Python ...)
+CVE-2014-2667
 	- python3.1 <removed>
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 <removed> (low)
@@ -19231,7 +19231,7 @@ CVE-2014-2667 (Race condition in the _get_masked_mode function in Lib/os.py in P
 	- python2.5 <not-affected> (Only affects Python 3.x)
 	- python2.6 <not-affected> (Only affects Python 3.x)
 	- python2.7 <not-affected> (Only affects Python 3.x)
-CVE-2014-2665 (includes/specials/SpecialChangePassword.php in MediaWiki before ...)
+CVE-2014-2665
 	{DSA-2891-1}
 	- mediawiki 1:1.19.14+dfsg-1 (bug #742857)
 	[squeeze] - mediawiki <end-of-life>
@@ -19239,122 +19239,122 @@ CVE-2014-2665 (includes/specials/SpecialChangePassword.php in MediaWiki before .
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-March/000145.html
 CVE-2014-2656
 	REJECTED
-CVE-2014-2655 (SQL injection vulnerability in the gen_show_status function in ...)
+CVE-2014-2655
 	{DSA-2889-1}
 	- postfixadmin 2.3.5-3
 	NOTE: http://sourceforge.net/p/postfixadmin/code/1650
-CVE-2014-2653 (The verify_host_key function in sshconnect.c in the client in OpenSSH ...)
+CVE-2014-2653
 	{DSA-2894-1}
 	- openssh 1:6.6p1-1 (low; bug #742513)
-CVE-2014-2652 (SQL injection vulnerability in OpenScape Deployment Service (DLS) ...)
+CVE-2014-2652
 	NOT-FOR-US: OpenScape Deployment Service
 CVE-2014-2651
 	RESERVED
 CVE-2014-2650
 	RESERVED
-CVE-2014-2649 (Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows ...)
+CVE-2014-2649
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2648 (Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on ...)
+CVE-2014-2648
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2647 (Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP ...)
+CVE-2014-2647
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2646 (Unspecified vulnerability in HP Network Automation 9.10 and 9.20 ...)
+CVE-2014-2646
 	NOT-FOR-US: HP Network Automation
-CVE-2014-2645 (HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to ...)
+CVE-2014-2645
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2014-2644 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
+CVE-2014-2644
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2014-2643 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+CVE-2014-2643
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2014-2642 (HP System Management Homepage (SMH) before 7.4 allows remote attackers ...)
+CVE-2014-2642
 	NOT-FOR-US: HP System Management Homepage
-CVE-2014-2641 (Cross-site request forgery (CSRF) vulnerability in HP System ...)
+CVE-2014-2641
 	NOT-FOR-US: HP System Management Homepage
-CVE-2014-2640 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
+CVE-2014-2640
 	NOT-FOR-US: HP System Management Homepage
-CVE-2014-2639 (Unspecified vulnerability in HP MPIO Device Specific Module Manager ...)
+CVE-2014-2639
 	NOT-FOR-US: HP MPIO Device
-CVE-2014-2638 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
+CVE-2014-2638
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2637 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
+CVE-2014-2637
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2636 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
+CVE-2014-2636
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2635 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
+CVE-2014-2635
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2634 (Unspecified vulnerability in the server in HP Service Manager (SM) ...)
+CVE-2014-2634
 	NOT-FOR-US: HP Service Manager
-CVE-2014-2633 (Cross-site request forgery (CSRF) vulnerability in the server in HP ...)
+CVE-2014-2633
 	NOT-FOR-US: HP Service Manager
-CVE-2014-2632 (Unspecified vulnerability in the WebTier component in HP Service ...)
+CVE-2014-2632
 	NOT-FOR-US: HP Service Manager
-CVE-2014-2631 (Unspecified vulnerability in HP Application Lifecycle Management (aka ...)
+CVE-2014-2631
 	NOT-FOR-US: HP Application Lifecycle Management / Quality Center
-CVE-2014-2630 (Unspecified vulnerability in HP Operations Agent 11.00, when Glance is ...)
+CVE-2014-2630
 	NOT-FOR-US: HP Operations Agent
-CVE-2014-2629 (HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, ...)
+CVE-2014-2629
 	NOT-FOR-US: HP NonStop Safeguard Security Software
-CVE-2014-2628 (Unspecified vulnerability in HP Enterprise Maps 1 allows remote ...)
+CVE-2014-2628
 	NOT-FOR-US: HP Enterprise Maps
-CVE-2014-2627 (Unspecified vulnerability in HP NonStop NetBatch G06.14 through ...)
+CVE-2014-2627
 	NOT-FOR-US: HP NonStop NetBatch
-CVE-2014-2626 (Directory traversal vulnerability in the toServerObject function in HP ...)
+CVE-2014-2626
 	NOT-FOR-US: HP Network Virtualization
-CVE-2014-2625 (Directory traversal vulnerability in the storedNtxFile function in HP ...)
+CVE-2014-2625
 	NOT-FOR-US: HP Network Virtualization
-CVE-2014-2624 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, ...)
+CVE-2014-2624
 	NOT-FOR-US: HP Network Node Manager
-CVE-2014-2623 (Unspecified vulnerability in HP Storage Data Protector 8.x allows ...)
+CVE-2014-2623
 	NOT-FOR-US: HP Data Protector
-CVE-2014-2622 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2014-2622
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2621 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2014-2621
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2620 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2014-2620
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2619 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2014-2619
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2618 (Unspecified vulnerability in HP Intelligent Management Center (iMC) ...)
+CVE-2014-2618
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2617 (Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows ...)
+CVE-2014-2617
 	NOT-FOR-US: HP Universal CMDB
-CVE-2014-2616 (Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows ...)
+CVE-2014-2616
 	NOT-FOR-US: HP Universal CMDB
-CVE-2014-2615 (Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows ...)
+CVE-2014-2615
 	NOT-FOR-US: HP Universal CMDB
-CVE-2014-2614 (Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and ...)
+CVE-2014-2614
 	NOT-FOR-US: HP SiteScope
-CVE-2014-2613 (Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and ...)
+CVE-2014-2613
 	NOT-FOR-US: HP Release Control
-CVE-2014-2612 (Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and ...)
+CVE-2014-2612
 	NOT-FOR-US: HP Release Control
-CVE-2014-2611 (Directory traversal vulnerability in the fndwar web application in HP ...)
+CVE-2014-2611
 	NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2610 (Directory traversal vulnerability in the Content Acceleration Pack ...)
+CVE-2014-2610
 	NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2609 (The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and ...)
+CVE-2014-2609
 	NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2608 (Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 ...)
+CVE-2014-2608
 	NOT-FOR-US: HP Smart Update Manager
-CVE-2014-2607 (Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 ...)
+CVE-2014-2607
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2606 (Unspecified vulnerability in HP StoreVirtual 4000 Storage and ...)
+CVE-2014-2606
 	NOT-FOR-US: HP StoreVirtual
-CVE-2014-2605 (Unspecified vulnerability in HP StoreVirtual 4000 Storage and ...)
+CVE-2014-2605
 	NOT-FOR-US: HP StoreVirtual
-CVE-2014-2604 (Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP ...)
+CVE-2014-2604
 	NOT-FOR-US: HP IceWall
-CVE-2014-2603 (Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and ...)
+CVE-2014-2603
 	NOT-FOR-US: HP
-CVE-2014-2602 (Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote ...)
+CVE-2014-2602
 	NOT-FOR-US: HP OneView
-CVE-2014-2601 (The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier ...)
+CVE-2014-2601
 	NOT-FOR-US: HP
-CVE-2014-2600 (Unspecified vulnerability in HP IceWall Identity Manager 4.0 through ...)
+CVE-2014-2600
 	NOT-FOR-US: HP
-CVE-2014-2598 (Cross-site request forgery (CSRF) vulnerability in the Quick Page/Post ...)
+CVE-2014-2598
 	NOT-FOR-US: Quick Page/Post Redirect plugin for WordPress
-CVE-2014-2597 (PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a ...)
+CVE-2014-2597
 	NOT-FOR-US: PCNetSoftware RAC Server
 CVE-2014-2596
 	RESERVED
@@ -19362,42 +19362,42 @@ CVE-2014-2595
 	RESERVED
 CVE-2014-2594
 	RESERVED
-CVE-2014-2593 (The management console in Aruba Networks ClearPass Policy Manager ...)
+CVE-2014-2593
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2014-2592 (Unrestricted file upload vulnerability in Aruba Web Management portal ...)
+CVE-2014-2592
 	NOT-FOR-US: Aruba Web Management portal
-CVE-2014-2591 (Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 ...)
+CVE-2014-2591
 	NOT-FOR-US: AIX
-CVE-2014-2590 (The web management interface in Siemens RuggedCom ROS before 3.11, ROS ...)
+CVE-2014-2590
 	NOT-FOR-US: Siemens RuggedCom ROS
-CVE-2014-2589 (Cross-site scripting (XSS) vulnerability in the Dashboard Backend ...)
+CVE-2014-2589
 	NOT-FOR-US: SonicWall
-CVE-2014-2588 (Directory traversal vulnerability in servlet/downloadReport in McAfee ...)
+CVE-2014-2588
 	NOT-FOR-US: McAfee
-CVE-2014-2587 (SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee ...)
+CVE-2014-2587
 	NOT-FOR-US: McAfee
-CVE-2014-2586 (Cross-site scripting (XSS) vulnerability in the login audit form in ...)
+CVE-2014-2586
 	NOT-FOR-US: McAfee
 CVE-2014-2584
 	RESERVED
-CVE-2014-2583 (Multiple directory traversal vulnerabilities in pam_timestamp.c in the ...)
+CVE-2014-2583
 	- pam 1.1.8-3.1 (low; bug #757555)
 	[wheezy] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	NOTE: Fix: https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8
 CVE-2014-2582
 	RESERVED
-CVE-2014-2579 (Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner ...)
+CVE-2014-2579
 	NOT-FOR-US: WordPress plugin xcloner
-CVE-2014-2578 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2014-2578
 	NOT-FOR-US: Splunk Web
-CVE-2014-2577 (Multiple cross-site scripting (XSS) vulnerabilities in the Transform ...)
+CVE-2014-2577
 	NOT-FOR-US: Transform Foundation server
-CVE-2014-2575 (Directory traversal vulnerability in the File Manager component in ...)
+CVE-2014-2575
 	NOT-FOR-US: ASP.NET WebForms and MVC
 CVE-2014-2574
 	RESERVED
-CVE-2014-2570 (Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP ...)
+CVE-2014-2570
 	- php-font-lib <unfixed> (unimportant)
 	NOTE: make_subset.php installed to examples
 	NOTE: http://seclists.org/bugtraq/2014/Mar/128
@@ -19405,7 +19405,7 @@ CVE-2014-2569
 	RESERVED
 CVE-2014-2566
 	RESERVED
-CVE-2014-2565 (The commandline interface in Blue Coat Content Analysis System (CAS) ...)
+CVE-2014-2565
 	NOT-FOR-US: Blue Coat Content Analysis System
 CVE-2014-2564
 	RESERVED
@@ -19417,9 +19417,9 @@ CVE-2014-2561
 	RESERVED
 CVE-2014-2560
 	RESERVED
-CVE-2014-2559 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-2559
 	NOT-FOR-US: WordPress plugin Twitget
-CVE-2014-2558 (The File Gallery plugin before 1.7.9.2 for WordPress does not properly ...)
+CVE-2014-2558
 	NOT-FOR-US: WordPress plugin file-gallery
 CVE-2014-2557
 	RESERVED
@@ -19427,20 +19427,20 @@ CVE-2014-2556
 	RESERVED
 CVE-2014-2555
 	RESERVED
-CVE-2014-2554 (OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 ...)
+CVE-2014-2554
 	{DLA-1119-1}
 	- otrs2 3.3.6-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-05-clickjacking-issue/
-CVE-2014-2553 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
+CVE-2014-2553
 	{DLA-1119-1}
 	- otrs2 3.3.6-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
-CVE-2014-2552 (Brookins Consulting (BC) Collected Information Export extension for eZ ...)
+CVE-2014-2552
 	NOT-FOR-US: Brookins Consulting (BC) Collected Information Export extension
 CVE-2014-2551
 	RESERVED
-CVE-2014-2550 (Cross-site request forgery (CSRF) vulnerability in the Disable ...)
+CVE-2014-2550
 	NOT-FOR-US: Disable Comments plugin for WordPress
 CVE-2014-2549
 	RESERVED
@@ -19450,82 +19450,82 @@ CVE-2014-2547
 	RESERVED
 CVE-2014-2546
 	RESERVED
-CVE-2014-2545 (TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File ...)
+CVE-2014-2545
 	NOT-FOR-US: TIBCO
-CVE-2014-2544 (Unspecified vulnerability in Spotfire Web Player Engine, Spotfire ...)
+CVE-2014-2544
 	NOT-FOR-US: Spotfire
-CVE-2014-2543 (Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing ...)
+CVE-2014-2543
 	NOT-FOR-US: TIBCO
-CVE-2014-2542 (Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon ...)
+CVE-2014-2542
 	NOT-FOR-US: TIBCO
-CVE-2014-2541 (The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), ...)
+CVE-2014-2541
 	NOT-FOR-US: TIBCO
-CVE-2014-2540 (SQL injection vulnerability in OrbitScripts Orbit Open Ad Server ...)
+CVE-2014-2540
 	NOT-FOR-US: Orbit Open Ad Server
 CVE-2014-2539
 	RESERVED
-CVE-2014-2537 (Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 ...)
+CVE-2014-2537
 	NOT-FOR-US: Sophos UTM
-CVE-2014-2536 (Directory traversal vulnerability in McAfee Cloud Identity Manager ...)
+CVE-2014-2536
 	NOT-FOR-US: McAfee Cloud Identity Manager
-CVE-2014-2535 (Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x ...)
+CVE-2014-2535
 	NOT-FOR-US: McAfee Web Gateway
-CVE-2014-2534 (/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows ...)
+CVE-2014-2534
 	NOT-FOR-US: BlackBerry
-CVE-2014-2533 (/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows ...)
+CVE-2014-2533
 	NOT-FOR-US: BlackBerry
-CVE-2014-2531 (SQL injection vulnerability in xhr.php in InterWorx Web Control Panel ...)
+CVE-2014-2531
 	NOT-FOR-US: InterWorx Control Panel
 CVE-2014-2530
 	RESERVED
 CVE-2014-2529
 	RESERVED
-CVE-2014-2526 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive ...)
+CVE-2014-2526
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-2525 (Heap-based buffer overflow in the yaml_parser_scan_uri_escapes ...)
+CVE-2014-2525
 	{DSA-2885-1 DSA-2884-1}
 	- libyaml 0.1.4-3.2 (bug #742732)
 	- libyaml-libyaml-perl 0.41-5
 	NOTE: http://www.ocert.org/advisories/ocert-2014-003.html
-CVE-2014-2521 (EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 ...)
+CVE-2014-2521
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2520 (EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 ...)
+CVE-2014-2520
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2519 (The default configuration of EMC RecoverPoint Appliance (RPA) 4.1 ...)
+CVE-2014-2519
 	NOT-FOR-US: EMC RecoverPoint Appliance
-CVE-2014-2518 (Multiple cross-site request forgery (CSRF) vulnerabilities in EMC ...)
+CVE-2014-2518
 	NOT-FOR-US: EMC Documentum
-CVE-2014-2517 (Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before ...)
+CVE-2014-2517
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-2516 (Open redirect vulnerability in EMC RSA Authentication Manager 8.x ...)
+CVE-2014-2516
 	NOT-FOR-US: EMC RSA Authentication Manager
-CVE-2014-2515 (EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, ...)
+CVE-2014-2515
 	NOT-FOR-US: EMC Documentum
-CVE-2014-2514 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, ...)
+CVE-2014-2514
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2513 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, ...)
+CVE-2014-2513
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2512 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum ...)
+CVE-2014-2512
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2014-2511 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum ...)
+CVE-2014-2511
 	NOT-FOR-US: EMC Documentum
-CVE-2014-2510 (The JAXB XML parser in EMC Documentum Foundation Services (DFS) 6.6 ...)
+CVE-2014-2510
 	NOT-FOR-US: EMC Documentum Foundation Services
-CVE-2014-2509 (Session fixation vulnerability in the Report Advisor (RA) component in ...)
+CVE-2014-2509
 	NOT-FOR-US: EMC NCM
-CVE-2014-2508 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, ...)
+CVE-2014-2508
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2507 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, ...)
+CVE-2014-2507
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2506 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, ...)
+CVE-2014-2506
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2505 (EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers ...)
+CVE-2014-2505
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-2504 (EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, ...)
+CVE-2014-2504
 	NOT-FOR-US: EMC Documentum D2
-CVE-2014-2503 (The thumbnail proxy server in EMC Documentum Digital Asset Manager ...)
+CVE-2014-2503
 	NOT-FOR-US: EMC Documentum Digital Asset Manager
-CVE-2014-2502 (Cross-site scripting (XSS) vulnerability in rsa_fso.swf in EMC RSA ...)
+CVE-2014-2502
 	NOT-FOR-US: EMC RSA Adaptive Authentication
 CVE-2014-2501
 	RESERVED
@@ -19535,18 +19535,18 @@ CVE-2014-2499
 	RESERVED
 CVE-2014-2498
 	RESERVED
-CVE-2014-2599 (The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for ...)
+CVE-2014-2599
 	{DSA-3006-1}
 	- xen 4.4.1-1 (bug #757724)
 	[squeeze] - xen <not-affected> (Only affects 4.1 and later)
-CVE-2014-2585 (ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external ...)
+CVE-2014-2585
 	- owncloud 6.0.2+dfsg-1
-CVE-2014-2580 (The netback driver in Xen, when using certain Linux versions that do ...)
+CVE-2014-2580
 	- linux 3.13.10-1
 	[wheezy] - linux <not-affected> (Introduced in 3.12)
 	- linux-2.6 <not-affected> (Introduced in 3.12)
 	NOTE: upstream patch: https://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/commit/?id=e9d8b2c2968499c1f96563e6522c56958d5a1d0d (first included in v3.15-rc1).
-CVE-2014-2532 (sshd in OpenSSH before 6.6 does not properly support wildcards on ...)
+CVE-2014-2532
 	{DSA-2894-1}
 	- openssh 1:6.6p1-1
 	NOTE: Default sshd_config in Debian has AcceptEnv LANG LC_*
@@ -19557,7 +19557,7 @@ CVE-2014-2581 [credentials cache leak]
 	[wheezy] - smb4k <no-dsa> (Minor issue)
 	[squeeze] - smb4k <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/projects/smb4k/files/Smb4K%20%28stable%20releases%29/1.1.1/
-CVE-2014-2576 (plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the ...)
+CVE-2014-2576
 	- claws-mail 3.10.1-1 (bug #742695)
 	[wheezy] - claws-mail <not-affected> (rssyl plugin in separate source package)
 	[squeeze] - claws-mail <not-affected> (rssyl plugin in separate source package)
@@ -19565,205 +19565,205 @@ CVE-2014-2576 (plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the ...
 	- claws-mail-extra-plugins <removed>
 	[squeeze] - claws-mail-extra-plugins <no-dsa> (Minor issue)
 	[wheezy] - claws-mail-extra-plugins <no-dsa> (Minor issue)
-CVE-2014-2573 (The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 ...)
+CVE-2014-2573
 	- nova 2014.1-9 (bug #750144)
 	[wheezy] - nova <not-affected> (Vulnerable code in 2013.2 to 2013.2.2)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1269418
-CVE-2014-2568 (Use-after-free vulnerability in the nfqnl_zcopy function in ...)
+CVE-2014-2568
 	- linux 3.13.7-1
 	- linux-2.6 <not-affected> (Introduced in 3.10 commit ae08ce002108)
 	[wheezy] - linux <not-affected> (Introduced in 3.10 commit ae08ce002108)
 	NOTE: Upstream path: https://lkml.org/lkml/2014/3/20/421
-CVE-2014-2567 (The OpenConnectionTask::handleStateHelper function in ...)
+CVE-2014-2567
 	NOT-FOR-US: Trojita
-CVE-2014-2538 (Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the ...)
+CVE-2014-2538
 	- ruby-rack-ssl 1.3.2-4 (low; bug #742186)
 	[wheezy] - ruby-rack-ssl <no-dsa> (Minor issue)
 	NOTE: https://github.com/josh/rack-ssl/commit/9d7d7300b907e496db68d89d07fbc2e0df0b487b
-CVE-2014-2528 (kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when ...)
+CVE-2014-2528
 	- k4dirstat 2.7.5-1 (bug #741659)
 	[wheezy] - k4dirstat <no-dsa> (Minor issue)
 	- kdirstat <removed>
 	[squeeze] - kdirstat <no-dsa> (Minor issue)
-CVE-2014-2527 (kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when ...)
+CVE-2014-2527
 	- k4dirstat <not-affected> (Uses single quotes for affected code)
 	- kdirstat <removed> (low)
 	[squeeze] - kdirstat <no-dsa> (Minor issue)
-CVE-2014-2571 (Cross-site scripting (XSS) vulnerability in the quiz_question_tostring ...)
+CVE-2014-2571
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2014-2572 (mod/assign/externallib.php in Moodle 2.6.x before 2.6.2 does not ...)
+CVE-2014-2572
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2014-2524 (The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 ...)
+CVE-2014-2524
 	- readline6 6.3-7 (low; bug #741953)
 	[wheezy] - readline6 <no-dsa> (Minor issue)
 	[squeeze] - readline6 <no-dsa> (Minor issue)
-CVE-2014-2523 (net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through ...)
+CVE-2014-2523
 	{DSA-2906-1}
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_conntrack_proto_dccp.c?id=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
-CVE-2014-2522 (curl and libcurl 7.27.0 through 7.35.0, when running on Windows and ...)
+CVE-2014-2522
 	- curl <not-affected> (Only present in code only running on Windows)
-CVE-2014-2497 (The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP ...)
+CVE-2014-2497
 	{DSA-3215-1 DLA-189-1}
 	- php5 5.6.0~rc4+dfsg-1
 	[wheezy] - php5 <not-affected> (imagecreatefromxpm function not in used gd extension)
 	[squeeze] - php5 <not-affected> (imagecreatefromxpm function not in used gd extension)
 	- libgd2 2.1.0-4 (low; bug #744719)
 	NOTE: http://web.archive.org/web/20150221193227/http://net-ninja-mr.me/2014/03/14/php-gd-v5-4-17-2-color-visual-null-pointer-dereference/
-CVE-2014-2496 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-2496
 	NOT-FOR-US: Oracle
-CVE-2014-2495 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing ...)
+CVE-2014-2495
 	NOT-FOR-US: Oracle
-CVE-2014-2494 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-2494
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-2493 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2014-2493
 	NOT-FOR-US: Oracle
-CVE-2014-2492 (Unspecified vulnerability in the Oracle Agile Product Collaboration ...)
+CVE-2014-2492
 	NOT-FOR-US: Oracle
-CVE-2014-2491 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2014-2491
 	NOT-FOR-US: Oracle
-CVE-2014-2490 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+CVE-2014-2490
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	NOTE: http://hg.openjdk.java.net/jdk6/jdk6/hotspot/rev/dd7d490e72af
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/02f12a9d5aec
-CVE-2014-2489 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-2489
 	{DLA-313-1}
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Specific details withheld, but CVSS score indicates low impact)
-CVE-2014-2488 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-2488
 	{DLA-313-1}
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Specific details withheld, but CVSS score indicates low impact)
-CVE-2014-2487 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-2487
 	- virtualbox <not-affected> (Only applies if VBox is running on Windows)
 	- virtualbox-ose <not-affected> (Only applies if VBox is running on Windows)
-CVE-2014-2486 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-2486
 	{DLA-313-1}
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Specific details withheld, but CVSS score indicates low impact)
-CVE-2014-2485 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2014-2485
 	NOT-FOR-US: Oracle
-CVE-2014-2484 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-2484
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-2483 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+CVE-2014-2483
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003
-CVE-2014-2482 (Unspecified vulnerability in the Oracle Concurrent Processing ...)
+CVE-2014-2482
 	NOT-FOR-US: Oracle
-CVE-2014-2481 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-2481
 	NOT-FOR-US: Oracle
-CVE-2014-2480 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-2480
 	NOT-FOR-US: Oracle
-CVE-2014-2479 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-2479
 	NOT-FOR-US: Oracle
-CVE-2014-2478 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2014-2478
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-2477 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-2477
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <not-affected> (Only affects 4.0 and later)
-CVE-2014-2476 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2014-2476
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2475 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2014-2475
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2474 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2014-2474
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2473 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2014-2473
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2472 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2014-2472
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2471 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
+CVE-2014-2471
 	NOT-FOR-US: Oracle iLearning
-CVE-2014-2470 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2014-2470
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2469 (Unspecified vulnerability in lighttpd in Oracle Solaris 11.1 allows ...)
+CVE-2014-2469
 	- lighttpd <not-affected> (Only affects lighttpd on Oracle Solaris)
-CVE-2014-2468 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2014-2468
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-2467 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2014-2467
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2466 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2014-2466
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2465 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2014-2465
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2464 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2014-2464
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2463 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) ...)
+CVE-2014-2463
 	NOT-FOR-US: Oracle Secure Global Desktop (SGD)
 CVE-2014-2462
 	REJECTED
-CVE-2014-2461 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-2461
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2460 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-2460
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2459 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-2459
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2458 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
+CVE-2014-2458
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2457 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
+CVE-2014-2457
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2456 (Unspecified vulnerability in the PeopleSoft Enterprise ELS Enterprise ...)
+CVE-2014-2456
 	NOT-FOR-US: Oracle
-CVE-2014-2455 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
+CVE-2014-2455
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-2454 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
+CVE-2014-2454
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-2453 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
+CVE-2014-2453
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-2452 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2014-2452
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2451 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
+CVE-2014-2451
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2450 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
+CVE-2014-2450
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2449 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS Talent ...)
+CVE-2014-2449
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2448 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-2448
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2447 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-2447
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2446 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-2446
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2445 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2014-2445
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2444 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
+CVE-2014-2444
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2443 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-2443
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2442 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
+CVE-2014-2442
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2441 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-2441
 	- virtualbox-guest-additions <not-affected> (Only affects 4.1 and later)
 	- virtualbox-guest-additions-iso 4.3.10-1
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
-CVE-2014-2440 (Unspecified vulnerability in the MySQL Client component in Oracle ...)
+CVE-2014-2440
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
@@ -19771,149 +19771,149 @@ CVE-2014-2440 (Unspecified vulnerability in the MySQL Client component in Oracle
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
 	NOTE: this is the same issue as CVE-2014-0001, see http://www.openwall.com/lists/oss-security/2014/09/11/23
-CVE-2014-2439 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) ...)
+CVE-2014-2439
 	NOT-FOR-US: Oracle Secure Global Desktop (SGD)
-CVE-2014-2438 (Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier ...)
+CVE-2014-2438
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2437 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-2437
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2436 (Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier ...)
+CVE-2014-2436
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2435 (Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier ...)
+CVE-2014-2435
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2434 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
+CVE-2014-2434
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2433 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
+CVE-2014-2433
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2432 (Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and ...)
+CVE-2014-2432
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2431 (Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier ...)
+CVE-2014-2431
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2430 (Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier ...)
+CVE-2014-2430
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2429 (Unspecified vulnerability in the PeopleSoft Enterprise CS Campus Self ...)
+CVE-2014-2429
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2428 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-2428
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-2427 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, ...)
+CVE-2014-2427
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2426 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2014-2426
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2425 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2014-2425
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2424 (Unspecified vulnerability in the Oracle Event Processing component in ...)
+CVE-2014-2424
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2423 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-2423
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2422 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and JavaFX ...)
+CVE-2014-2422
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-2421 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
+CVE-2014-2421
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2420 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-2420
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-2419 (Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier ...)
+CVE-2014-2419
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2418 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2014-2418
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2417 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2014-2417
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2416 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2014-2416
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2415 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2014-2415
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2414 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-2414
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2413 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE ...)
+CVE-2014-2413
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-2412 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and ...)
+CVE-2014-2412
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2411 (Unspecified vulnerability in the Oracle Identity Analytics component ...)
+CVE-2014-2411
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2410 (Unspecified vulnerability in Oracle Java SE 8 allows remote attackers ...)
+CVE-2014-2410
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-2409 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-2409
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-2408 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2014-2408
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-2407 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2014-2407
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2406 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2014-2406
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-2405 (Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux ...)
+CVE-2014-2405
 	{DSA-2912-1}
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2404 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2014-2404
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2403 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-2403
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2402 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE ...)
+CVE-2014-2402
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-2401 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
+CVE-2014-2401
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2014-2400 (Unspecified vulnerability in the Oracle Endeca Server component in ...)
+CVE-2014-2400
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2399 (Unspecified vulnerability in the Oracle Endeca Server component in ...)
+CVE-2014-2399
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2398 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
+CVE-2014-2398
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2397 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE ...)
+CVE-2014-2397
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
@@ -19923,198 +19923,198 @@ CVE-2014-2395
 	RESERVED
 CVE-2014-2394
 	RESERVED
-CVE-2014-2393 (Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite ...)
+CVE-2014-2393
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2392 (The E-Mail autoconfiguration feature in Open-Xchange AppSuite before ...)
+CVE-2014-2392
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2391 (The password recovery service in Open-Xchange AppSuite before ...)
+CVE-2014-2391
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2390 (Cross-site request forgery (CSRF) vulnerability in the User Management ...)
+CVE-2014-2390
 	NOT-FOR-US: McAfee Network Security Manager
-CVE-2014-2389 (Stack-based buffer overflow in a certain decryption function in ...)
+CVE-2014-2389
 	NOT-FOR-US: BlackBerry Z 10
-CVE-2014-2388 (The Storage and Access service in BlackBerry OS 10.x before ...)
+CVE-2014-2388
 	NOT-FOR-US: BlackBerry OS
-CVE-2014-2385 (Multiple cross-site scripting (XSS) vulnerabilities in the web UI in ...)
+CVE-2014-2385
 	NOT-FOR-US: Sophos Antivirus
-CVE-2014-2384 (vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player ...)
+CVE-2014-2384
 	NOT-FOR-US: VMware on Windows
-CVE-2014-2383 (dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, ...)
+CVE-2014-2383
 	- php-dompdf 0.6.1+dfsg-2 (unimportant; bug #745619)
 	NOTE: requires DOMPDF_ENABLE_REMOTE (disabled by default) to be enabled
-CVE-2014-2382 (The DfDiskLo.sys driver in Faronics Deep Freeze Standard and ...)
+CVE-2014-2382
 	NOT-FOR-US: Faronics
-CVE-2014-2381 (Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 ...)
+CVE-2014-2381
 	NOT-FOR-US: Schneider Electric
-CVE-2014-2380 (Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 ...)
+CVE-2014-2380
 	NOT-FOR-US: Schneider Electric
-CVE-2014-2379 (Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and ...)
+CVE-2014-2379
 	NOT-FOR-US: Sensys Networks
-CVE-2014-2378 (Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and ...)
+CVE-2014-2378
 	NOT-FOR-US: Sensys Networks
-CVE-2014-2377 (Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta ...)
+CVE-2014-2377
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2014-2376 (SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable ...)
+CVE-2014-2376
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2014-2375 (Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta ...)
+CVE-2014-2375
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2014-2374 (The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim ...)
+CVE-2014-2374
 	NOT-FOR-US: Accuenergy
-CVE-2014-2373 (The web server on the AXN-NET Ethernet module accessory 3.04 for the ...)
+CVE-2014-2373
 	NOT-FOR-US: Accuenergy
 CVE-2014-2372
 	RESERVED
 CVE-2014-2371
 	RESERVED
-CVE-2014-2370 (Cross-site scripting (XSS) vulnerability in the web application on ...)
+CVE-2014-2370
 	NOT-FOR-US: Omron
-CVE-2014-2369 (Cross-site request forgery (CSRF) vulnerability in the web application ...)
+CVE-2014-2369
 	NOT-FOR-US: Omron
-CVE-2014-2368 (The BrowseFolder method in the bwocxrun ActiveX control in Advantech ...)
+CVE-2014-2368
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2367 (The ChkCookie subroutine in an ActiveX control in ...)
+CVE-2014-2367
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2366 (upAdminPg.asp in Advantech WebAccess before 7.2 allows remote ...)
+CVE-2014-2366
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2365 (Unspecified vulnerability in Advantech WebAccess before 7.2 allows ...)
+CVE-2014-2365
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2364 (Multiple stack-based buffer overflows in Advantech WebAccess before ...)
+CVE-2014-2364
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2363 (Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which ...)
+CVE-2014-2363
 	NOT-FOR-US: Morpho Itemiser
-CVE-2014-2362 (OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules ...)
+CVE-2014-2362
 	NOT-FOR-US: OleumTech Wireless Gateway
-CVE-2014-2361 (OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, ...)
+CVE-2014-2361
 	NOT-FOR-US: OleumTech Wireless Gateway
-CVE-2014-2360 (OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules ...)
+CVE-2014-2360
 	NOT-FOR-US: OleumTech Wireless Gateway
-CVE-2014-2359 (OleumTech Wireless Sensor Network devices allow remote attackers to ...)
+CVE-2014-2359
 	NOT-FOR-US: OleumTech Wireless Sensor Network devices
-CVE-2014-2358 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-2358
 	NOT-FOR-US: Fox-IT Fox DataDiode
-CVE-2014-2357 (The GPT library in the Telegyr 8979 Master Protocol application in ...)
+CVE-2014-2357
 	NOT-FOR-US: SUBNET SubSTATION Server 2
-CVE-2014-2356 (Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require ...)
+CVE-2014-2356
 	NOT-FOR-US: Innominate mGuard
-CVE-2014-2355 (The (1) CimView and (2) CimEdit components in GE Proficy ...)
+CVE-2014-2355
 	NOT-FOR-US: Systems Integrated GE Proficy HMI/SCADA-CIMPLICITY
-CVE-2014-2354 (Cogent DataHub before 7.3.5 does not use a salt during password ...)
+CVE-2014-2354
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-2353 (Cross-site scripting (XSS) vulnerability in Cogent DataHub before ...)
+CVE-2014-2353
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-2352 (Directory traversal vulnerability in Cogent DataHub before 7.3.5 ...)
+CVE-2014-2352
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-2351 (SQL injection vulnerability in the LiveData service in CSWorks before ...)
+CVE-2014-2351
 	NOT-FOR-US: CSWorks
-CVE-2014-2350 (Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded ...)
+CVE-2014-2350
 	NOT-FOR-US: Emerson DeltaV
-CVE-2014-2349 (Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to ...)
+CVE-2014-2349
 	NOT-FOR-US: Emerson DeltaV
 CVE-2014-2348
 	RESERVED
-CVE-2014-2347 (Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage ...)
+CVE-2014-2347
 	NOT-FOR-US: Amtelco miSecureMessages
-CVE-2014-2346 (COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through ...)
+CVE-2014-2346
 	NOT-FOR-US: COPA-DATA
-CVE-2014-2345 (COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through ...)
+CVE-2014-2345
 	NOT-FOR-US: COPA-DATA
 CVE-2014-2344
 	REJECTED
-CVE-2014-2343 (Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows ...)
+CVE-2014-2343
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2014-2342 (Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote ...)
+CVE-2014-2342
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2014-2341 (Session fixation vulnerability in CubeCart before 5.2.9 allows remote ...)
+CVE-2014-2341
 	NOT-FOR-US: CubeCart
-CVE-2014-2340 (Cross-site request forgery (CSRF) vulnerability in the XCloner plugin ...)
+CVE-2014-2340
 	NOT-FOR-US: WordPress plugin xcloner-backup-and-restore
-CVE-2014-2339 (Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in ...)
+CVE-2014-2339
 	NOT-FOR-US: GnuBoard
-CVE-2014-2338 (IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to ...)
+CVE-2014-2338
 	{DSA-2903-1}
 	- strongswan 5.1.2-4
 CVE-2014-2337
 	RESERVED
-CVE-2014-2336 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User ...)
+CVE-2014-2336
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2014-2335 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User ...)
+CVE-2014-2335
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2014-2334 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User ...)
+CVE-2014-2334
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2014-2333 (Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin ...)
+CVE-2014-2333
 	NOT-FOR-US: WordPress plugin Lazyest Gallery
-CVE-2014-2332 (Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote ...)
+CVE-2014-2332
 	- check-mk 1.2.2p3-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2331 (Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated ...)
+CVE-2014-2331
 	- check-mk 1.2.6p4-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2330 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-2330
 	- check-mk 1.2.6p4-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2329 (Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before ...)
+CVE-2014-2329
 	- check-mk 1.2.2p3-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2328 (lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows ...)
+CVE-2014-2328
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #742768)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
 	NOTE: http://bugs.cacti.net/view.php?id=2433
-CVE-2014-2327 (Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, ...)
+CVE-2014-2327
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-6 (bug #742768)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
 	NOTE: http://bugs.cacti.net/view.php?id=2432
-CVE-2014-2326 (Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, ...)
+CVE-2014-2326
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #742768)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
 	NOTE: http://bugs.cacti.net/view.php?id=2431
-CVE-2014-2318 (SQL injection vulnerability in ATCOM Netvolution 3 allows remote ...)
+CVE-2014-2318
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2014-2317 (SQL injection vulnerability in ajax_udf.php in OpenDocMan before ...)
+CVE-2014-2317
 	NOT-FOR-US: OpenDocMan
-CVE-2014-2316 (SQL injection vulnerability in se_search_default in the Search ...)
+CVE-2014-2316
 	NOT-FOR-US: WP plugin search-everything
-CVE-2014-2315 (Multiple cross-site scripting (XSS) vulnerabilities in the Thank You ...)
+CVE-2014-2315
 	NOT-FOR-US: WP plugin thankyoubutton
-CVE-2014-2314 (Directory traversal vulnerability in the Issue Collector plugin in ...)
+CVE-2014-2314
 	NOT-FOR-US: Atlassian JIRA
-CVE-2014-2313 (Directory traversal vulnerability in the Importers plugin in Atlassian ...)
+CVE-2014-2313
 	NOT-FOR-US: Atlassian JIRA
 CVE-2014-2387 [pen: insecure temporary filename]
 	RESERVED
 	- pen 0.22.1-1 (low; bug #741370)
 	[squeeze] - pen <no-dsa> (Minor issue)
 	[wheezy] - pen <no-dsa> (Minor issue)
-CVE-2014-2386 (Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, ...)
+CVE-2014-2386
 	{DSA-2956-1}
 	- icinga 1.11.0-1
 	[squeeze] - icinga <not-affected> (Vulnerable code not present)
-CVE-2014-2325 (Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail ...)
+CVE-2014-2325
 	NOT-FOR-US: Proxmox Mail Gateway
-CVE-2014-2324 (Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) ...)
+CVE-2014-2324
 	{DSA-2877-1}
 	- lighttpd 1.4.33-1+nmu3 (bug #741493)
-CVE-2014-2323 (SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before ...)
+CVE-2014-2323
 	{DSA-2877-1}
 	- lighttpd 1.4.33-1+nmu3 (bug #741493)
-CVE-2014-2322 (lib/string_utf_support.rb in the Arabic Prawn 0.0.1 gem for Ruby ...)
+CVE-2014-2322
 	NOT-FOR-US: Ruby Gem Arabic Prawn
-CVE-2014-2321 (web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote ...)
+CVE-2014-2321
 	NOT-FOR-US: ZTE F460 and F660 cable modems
 CVE-2014-2320
 	RESERVED
-CVE-2014-2319 (The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 ...)
+CVE-2014-2319
 	NOTE: Non issue
 	NOTE: http://seclists.org/oss-sec/2014/q1/550
-CVE-2014-2312 (The main function in android_main.cpp in thermald allows local users ...)
+CVE-2014-2312
 	- thermald <not-affected> (android_main.cpp not used for Debian build)
-CVE-2014-2311 (SQL injection vulnerability in modx.class.php in MODX Revolution 2.0.0 ...)
+CVE-2014-2311
 	NOT-FOR-US: MODx Revolution
 CVE-2014-2308
 	RESERVED
@@ -20126,164 +20126,164 @@ CVE-2014-2305
 	RESERVED
 CVE-2014-2304
 	RESERVED
-CVE-2014-2303 (Multiple SQL injection vulnerabilities in the file browser component ...)
+CVE-2014-2303
 	NOT-FOR-US: webEdition CMS
-CVE-2014-2302 (The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x ...)
+CVE-2014-2302
 	NOT-FOR-US: webEdition CMS
-CVE-2014-2301 (OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive ...)
+CVE-2014-2301
 	NOT-FOR-US: OrbiTeam BSCW
 CVE-2014-2300
 	RESERVED
-CVE-2014-2299 (Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the ...)
+CVE-2014-2299
 	{DSA-2871-1}
 	- wireshark 1.10.6-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9843
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-04.html
 CVE-2014-2298
 	RESERVED
-CVE-2014-2297 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-2297
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-2296 (XML external entity (XXE) vulnerability in ...)
+CVE-2014-2296
 	NOT-FOR-US: Jasig CAS
 CVE-2014-2295
 	RESERVED
-CVE-2014-2294 (Open Web Analytics (OWA) before 1.5.7 allows remote attackers to ...)
+CVE-2014-2294
 	NOT-FOR-US: Open Web Analytics
-CVE-2014-2293 (Zikula Application Framework before 1.3.7 build 11 allows remote ...)
+CVE-2014-2293
 	NOT-FOR-US: Zikula
-CVE-2014-2292 (Unspecified vulnerability in the Linux Network Connect client in ...)
+CVE-2014-2292
 	NOT-FOR-US: Junos Pulse Secure Access Service
-CVE-2014-2291 (Cross-site scripting (XSS) vulnerability in the Pulse Collaboration ...)
+CVE-2014-2291
 	NOT-FOR-US: Junos
 CVE-2014-2290
 	RESERVED
-CVE-2014-2289 (res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk ...)
+CVE-2014-2289
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-004.html
-CVE-2014-2288 (The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, ...)
+CVE-2014-2288
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-003.html
-CVE-2014-2287 (channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, ...)
+CVE-2014-2287
 	{DLA-781-1}
 	- asterisk 1:11.8.1~dfsg-1 (bug #741313)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-002.html
-CVE-2014-2286 (main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x ...)
+CVE-2014-2286
 	{DLA-455-1}
 	- asterisk 1:11.8.1~dfsg-1 (bug #741313)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-001.html
-CVE-2014-2283 (epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x ...)
+CVE-2014-2283
 	{DSA-2871-1}
 	- wireshark 1.10.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9730
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-03.html
-CVE-2014-2282 (The dissect_protocol_data_parameter function in ...)
+CVE-2014-2282
 	- wireshark 1.10.6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9699
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-02.html
-CVE-2014-2281 (The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c ...)
+CVE-2014-2281
 	{DSA-2871-1}
 	- wireshark 1.10.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9672
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-01.html
-CVE-2014-2309 (The ip6_route_add function in net/ipv6/route.c in the Linux kernel ...)
+CVE-2014-2309
 	- linux 3.13.6-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Introduced in v3.0)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=957c665f37007de93ccbe45902a23143724170d0
 	NOTE: Fix: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39
-CVE-2014-2310 (The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers ...)
+CVE-2014-2310
 	- net-snmp 5.7.2~dfsg-3 (bug #684388)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/net-snmp/patches/1113/
-CVE-2014-2280 (Cross-site scripting (XSS) vulnerability in the search feature in ...)
+CVE-2014-2280
 	NOT-FOR-US: SeedDMS
-CVE-2014-2279 (Multiple directory traversal vulnerabilities in SeedDMS (formerly ...)
+CVE-2014-2279
 	NOT-FOR-US: SeedDMS
-CVE-2014-2278 (Unrestricted file upload vulnerability in op/op.AddFile2.php in ...)
+CVE-2014-2278
 	NOT-FOR-US: SeedDMS
-CVE-2014-2277 (The make_temporary_filename function in perltidy 20120701-1 and ...)
+CVE-2014-2277
 	- perltidy 20130922-1 (bug #740670)
 	[wheezy] - perltidy <no-dsa> (Minor issue)
 	[squeeze] - perltidy <no-dsa> (Minor issue)
-CVE-2014-2276 (The FileUploadController servlet in EMC Connectrix Manager Converged ...)
+CVE-2014-2276
 	NOT-FOR-US: EMC
 CVE-2014-2275
 	RESERVED
-CVE-2014-2274 (Cross-site request forgery (CSRF) vulnerability in the Subscribe To ...)
+CVE-2014-2274
 	NOT-FOR-US: Subscribe To Comments Reloaded plugin for WordPress
-CVE-2014-2273 (The hx170dec device driver in Huawei P2-6011 before V100R001C00B043 ...)
+CVE-2014-2273
 	NOT-FOR-US: Huawei Router
 CVE-2014-2272
 	RESERVED
 CVE-2014-2271
 	RESERVED
-CVE-2014-2269 (modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 ...)
+CVE-2014-2269
 	NOT-FOR-US: vTiger CRM
-CVE-2014-2268 (views/Index.php in the Install module in vTiger 6.0 before Security ...)
+CVE-2014-2268
 	NOT-FOR-US: vTiger CRM
 CVE-2014-2267
 	RESERVED
 CVE-2014-2266
 	RESERVED
-CVE-2014-2265 (Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to ...)
+CVE-2014-2265
 	NOT-FOR-US: Rock Lobster Contact Form
-CVE-2014-2264 (The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 ...)
+CVE-2014-2264
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2014-2263 (The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) ...)
+CVE-2014-2263
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 	- libav 6:10.4-1
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=addbaf134836aea4e14f73add8c6d753a1373257
-CVE-2014-2262 (Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS ...)
+CVE-2014-2262
 	NOT-FOR-US: Base SAS
 CVE-2014-2261
 	RESERVED
-CVE-2014-2260 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2260
 	NOT-FOR-US: Ajenti
-CVE-2014-2259 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 ...)
+CVE-2014-2259
 	NOT-FOR-US: Siemens
-CVE-2014-2258 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
+CVE-2014-2258
 	NOT-FOR-US: Siemens
-CVE-2014-2257 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 ...)
+CVE-2014-2257
 	NOT-FOR-US: Siemens
-CVE-2014-2256 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
+CVE-2014-2256
 	NOT-FOR-US: Siemens
-CVE-2014-2255 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 ...)
+CVE-2014-2255
 	NOT-FOR-US: Siemens
-CVE-2014-2254 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
+CVE-2014-2254
 	NOT-FOR-US: Siemens
-CVE-2014-2253 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 ...)
+CVE-2014-2253
 	NOT-FOR-US: Siemens
-CVE-2014-2252 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
+CVE-2014-2252
 	NOT-FOR-US: Siemens
-CVE-2014-2251 (The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices ...)
+CVE-2014-2251
 	NOT-FOR-US: Siemens
-CVE-2014-2250 (The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices ...)
+CVE-2014-2250
 	NOT-FOR-US: Siemens
-CVE-2014-2249 (Cross-site request forgery (CSRF) vulnerability on Siemens SIMATIC ...)
+CVE-2014-2249
 	NOT-FOR-US: Siemens
-CVE-2014-2248 (Open redirect vulnerability in the integrated web server on Siemens ...)
+CVE-2014-2248
 	NOT-FOR-US: Siemens
-CVE-2014-2247 (The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices ...)
+CVE-2014-2247
 	NOT-FOR-US: Siemens
-CVE-2014-2246 (Cross-site scripting (XSS) vulnerability in the integrated web server ...)
+CVE-2014-2246
 	NOT-FOR-US: Siemens
-CVE-2014-2241 (The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer ...)
+CVE-2014-2241
 	- freetype 2.5.2-1.1 (bug #741299)
 	[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
 	[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
 	NOTE: http://sourceforge.net/projects/freetype/files/freetype2/2.5.3/
 	NOTE: https://savannah.nongnu.org/bugs/?41697#comment2 if I understood it right
-CVE-2014-2240 (Stack-based buffer overflow in the cf2_hintmap_build function in ...)
+CVE-2014-2240
 	- freetype 2.5.2-1.1 (bug #741299)
 	[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
 	[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
@@ -20291,30 +20291,30 @@ CVE-2014-2240 (Stack-based buffer overflow in the cf2_hintmap_build function in
 	NOTE: https://savannah.nongnu.org/bugs/?41697#comment0
 CVE-2014-2239
 	RESERVED
-CVE-2014-2234 (A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier ...)
+CVE-2014-2234
 	- openssl <not-affected> (Apple-specific patch)
-CVE-2014-2233 (Server-side request forgery (SSRF) vulnerability in the MapAPI in ...)
+CVE-2014-2233
 	NOT-FOR-US: Infoware MapSuite
-CVE-2014-2232 (Absolute path traversal vulnerability in the MapAPI in Infoware ...)
+CVE-2014-2232
 	NOT-FOR-US: Infoware MapSuite
-CVE-2014-2231 (Cross-site scripting (XSS) vulnerability in the API in synetics i-doit ...)
+CVE-2014-2231
 	NOT-FOR-US: synetics i-doit pro
-CVE-2014-2230 (Open redirect vulnerability in the header function in adclick.php in ...)
+CVE-2014-2230
 	NOT-FOR-US: OpenX
 CVE-2014-2229
 	RESERVED
 CVE-2014-2228
 	RESERVED
-CVE-2014-2227 (The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti ...)
+CVE-2014-2227
 	NOT-FOR-US: Ubiquiti Networks
-CVE-2014-2226 (Ubiquiti UniFi Controller before 3.2.1 logs the administrative ...)
+CVE-2014-2226
 	NOT-FOR-US: Ubiquiti Networks
 CVE-2014-2225
 	RESERVED
 	NOT-FOR-US: Ubiquiti Networks
-CVE-2014-2224 (Plogger 1.0 RC1 and earlier, when the Lucid theme is used, does not ...)
+CVE-2014-2224
 	NOT-FOR-US: Plogger
-CVE-2014-2223 (Unrestricted file upload vulnerability in plog-admin/plog-upload.php ...)
+CVE-2014-2223
 	NOT-FOR-US: Plogger
 CVE-2014-2222
 	RESERVED
@@ -20322,25 +20322,25 @@ CVE-2014-2221
 	RESERVED
 CVE-2014-2220
 	RESERVED
-CVE-2014-2219 (Cross-site scripting (XSS) vulnerability in whizzywig/wb.php in ...)
+CVE-2014-2219
 	NOT-FOR-US: CMSimple
 CVE-2014-2218
 	RESERVED
-CVE-2014-2217 (Absolute path traversal vulnerability in the RadAsyncUpload control in ...)
+CVE-2014-2217
 	NOT-FOR-US: Telerik UI for ASP.NET AJAX
-CVE-2014-2216 (The FortiManager protocol service in Fortinet FortiOS before 4.3.16 ...)
+CVE-2014-2216
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2014-2215
 	REJECTED
-CVE-2014-2210 (Multiple directory traversal vulnerabilities in CA ERwin Web Portal ...)
+CVE-2014-2210
 	NOT-FOR-US: Erwin Web Portal
-CVE-2014-2209 (Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop ...)
+CVE-2014-2209
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-2208 (CRLF injection vulnerability in the LightProcess protocol ...)
+CVE-2014-2208
 	NOT-FOR-US: Facebook HipHop Virtual Machine
 CVE-2014-2207
 	RESERVED
-CVE-2014-2205 (The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) ...)
+CVE-2014-2205
 	NOT-FOR-US: McAfee ePolicy Orchestrator
 CVE-2014-2204
 	RESERVED
@@ -20348,29 +20348,29 @@ CVE-2014-2203
 	RESERVED
 CVE-2014-2202
 	RESERVED
-CVE-2014-2201 (The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS ...)
+CVE-2014-2201
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-2200 (Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local ...)
+CVE-2014-2200
 	NOT-FOR-US: Cisco
-CVE-2014-2199 (meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, ...)
+CVE-2014-2199
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2198 (Cisco Unified Communications Domain Manager (CDM) in Unified CDM ...)
+CVE-2014-2198
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-2197 (The Administration GUI in the web framework in Cisco Unified ...)
+CVE-2014-2197
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-2196 (Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when ...)
+CVE-2014-2196
 	NOT-FOR-US: Cisco Wide Area Application Services
-CVE-2014-2195 (Cisco AsyncOS on Email Security Appliance (ESA) and Content Security ...)
+CVE-2014-2195
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2014-2194 (system/egain/chat/entrypoint in Cisco Unified Web and E-mail ...)
+CVE-2014-2194
 	NOT-FOR-US: Cisco Unified Web and E-mail Interaction Manager
-CVE-2014-2193 (Cisco Unified Web and E-Mail Interaction Manager places session ...)
+CVE-2014-2193
 	NOT-FOR-US: Cisco Unified Web and E-Mail Interaction Manager
-CVE-2014-2192 (Cross-site scripting (XSS) vulnerability in Cisco Unified Web and ...)
+CVE-2014-2192
 	NOT-FOR-US: Cisco Unified Web and E-Mail Interaction Manager
-CVE-2014-2191 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2014-2191
 	NOT-FOR-US: Cisco
-CVE-2014-2190 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2014-2190
 	NOT-FOR-US: Cisco
 CVE-2014-2189
 	REJECTED
@@ -20378,77 +20378,77 @@ CVE-2014-2188
 	REJECTED
 CVE-2014-2187
 	RESERVED
-CVE-2014-2186 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2014-2186
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-2185 (The Call Detail Records (CDR) Management component in Cisco Unified ...)
+CVE-2014-2185
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-2184 (The IP Manager Assistant (IPMA) component in Cisco Unified ...)
+CVE-2014-2184
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-2183 (The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 ...)
+CVE-2014-2183
 	NOT-FOR-US: Cisco
-CVE-2014-2182 (Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay ...)
+CVE-2014-2182
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2181 (Cisco Adaptive Security Appliance (ASA) Software allows remote ...)
+CVE-2014-2181
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2180 (The Document Management component in Cisco Unified Contact Center ...)
+CVE-2014-2180
 	NOT-FOR-US: Cisco Unified Contact Center Express
-CVE-2014-2179 (The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on ...)
+CVE-2014-2179
 	NOT-FOR-US: Cisco RV
-CVE-2014-2178 (Cross-site request forgery (CSRF) vulnerability in the administrative ...)
+CVE-2014-2178
 	NOT-FOR-US: Cisco RV
-CVE-2014-2177 (The network-diagnostics administration interface in the Cisco RV ...)
+CVE-2014-2177
 	NOT-FOR-US: Cisco RV
-CVE-2014-2176 (Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a ...)
+CVE-2014-2176
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2175 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 ...)
+CVE-2014-2175
 	NOT-FOR-US: Cisco
-CVE-2014-2174 (Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 ...)
+CVE-2014-2174
 	NOT-FOR-US: Cisco
-CVE-2014-2173 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 ...)
+CVE-2014-2173
 	NOT-FOR-US: Cisco
-CVE-2014-2172 (Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE ...)
+CVE-2014-2172
 	NOT-FOR-US: Cisco
-CVE-2014-2171 (Heap-based buffer overflow in Cisco TelePresence TC Software 4.x ...)
+CVE-2014-2171
 	NOT-FOR-US: Cisco
-CVE-2014-2170 (Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before ...)
+CVE-2014-2170
 	NOT-FOR-US: Cisco
-CVE-2014-2169 (Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE ...)
+CVE-2014-2169
 	NOT-FOR-US: Cisco
-CVE-2014-2168 (Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE ...)
+CVE-2014-2168
 	NOT-FOR-US: Cisco
-CVE-2014-2167 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x ...)
+CVE-2014-2167
 	NOT-FOR-US: Cisco
-CVE-2014-2166 (The SIP implementation in Cisco TelePresence TC Software 4.x and TE ...)
+CVE-2014-2166
 	NOT-FOR-US: Cisco
-CVE-2014-2165 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x ...)
+CVE-2014-2165
 	NOT-FOR-US: Cisco
-CVE-2014-2164 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x ...)
+CVE-2014-2164
 	NOT-FOR-US: Cisco
-CVE-2014-2163 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x ...)
+CVE-2014-2163
 	NOT-FOR-US: Cisco
-CVE-2014-2162 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x ...)
+CVE-2014-2162
 	NOT-FOR-US: Cisco
-CVE-2014-2161 (The H.225 subsystem in Cisco TelePresence System MXP Series Software ...)
+CVE-2014-2161
 	NOT-FOR-US: Cisco
-CVE-2014-2160 (The H.225 subsystem in Cisco TelePresence System MXP Series Software ...)
+CVE-2014-2160
 	NOT-FOR-US: Cisco
-CVE-2014-2159 (The H.225 subsystem in Cisco TelePresence System MXP Series Software ...)
+CVE-2014-2159
 	NOT-FOR-US: Cisco
-CVE-2014-2158 (Cisco TelePresence System MXP Series Software before F9.3.1 allows ...)
+CVE-2014-2158
 	NOT-FOR-US: Cisco
-CVE-2014-2157 (Cisco TelePresence System MXP Series Software before F9.3.1 allows ...)
+CVE-2014-2157
 	NOT-FOR-US: Cisco
-CVE-2014-2156 (Cisco TelePresence System MXP Series Software before F9.3.1 allows ...)
+CVE-2014-2156
 	NOT-FOR-US: Cisco
-CVE-2014-2155 (The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows ...)
+CVE-2014-2155
 	NOT-FOR-US: Cisco
-CVE-2014-2154 (Memory leak in the SIP inspection engine in Cisco Adaptive Security ...)
+CVE-2014-2154
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2153 (Multiple cross-site scripting (XSS) vulnerabilities in INSERT pages in ...)
+CVE-2014-2153
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-2152 (Cross-site request forgery (CSRF) vulnerability in the INSERT page in ...)
+CVE-2014-2152
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-2151 (The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software ...)
+CVE-2014-2151
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2014-2150
 	REJECTED
@@ -20456,130 +20456,130 @@ CVE-2014-2149
 	REJECTED
 CVE-2014-2148
 	RESERVED
-CVE-2014-2147 (The web interface in Cisco Prime Infrastructure 2.1 and earlier does ...)
+CVE-2014-2147
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-2146 (The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly ...)
+CVE-2014-2146
 	NOT-FOR-US: Cisco
-CVE-2014-2145 (Directory traversal vulnerability in the messaging API in Cisco Unity ...)
+CVE-2014-2145
 	NOT-FOR-US: Cisco
-CVE-2014-2144 (Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which ...)
+CVE-2014-2144
 	NOT-FOR-US: Cisco
-CVE-2014-2143 (The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE ...)
+CVE-2014-2143
 	NOT-FOR-US: Cisco
-CVE-2014-2142 (Cisco ONS 15454 controller cards with software 10.0 and earlier allow ...)
+CVE-2014-2142
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2141 (The session-termination functionality on Cisco ONS 15454 controller ...)
+CVE-2014-2141
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2140 (Cisco ONS 15454 controller cards with software 9.6 and earlier allow ...)
+CVE-2014-2140
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2139 (Cisco ONS 15454 controller cards with software 9.6 and earlier allow ...)
+CVE-2014-2139
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2138 (CRLF injection vulnerability in the web framework in Cisco Security ...)
+CVE-2014-2138
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-2137 (CRLF injection vulnerability in the web framework in Cisco Web ...)
+CVE-2014-2137
 	NOT-FOR-US: Cisco Web Security Appliance
-CVE-2014-2136 (Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD ...)
+CVE-2014-2136
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2135 (Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD ...)
+CVE-2014-2135
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2134 (Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) ...)
+CVE-2014-2134
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2133 (Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD ...)
+CVE-2014-2133
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2132 (Cisco WebEx Recording Format (WRF) player and Advanced Recording ...)
+CVE-2014-2132
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2131 (The packet driver in Cisco IOS allows remote attackers to cause a ...)
+CVE-2014-2131
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2130 (Cisco Secure Access Control Server (ACS) provides an unintentional ...)
+CVE-2014-2130
 	NOT-FOR-US: Cisco
-CVE-2014-2129 (The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2014-2129
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2128 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2014-2128
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2127 (Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), ...)
+CVE-2014-2127
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2126 (Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), ...)
+CVE-2014-2126
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2125 (Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco ...)
+CVE-2014-2125
 	NOT-FOR-US: Cisco Unity Connection Server
-CVE-2014-2124 (Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T ...)
+CVE-2014-2124
 	NOT-FOR-US: Cisco
 CVE-2014-2123
 	RESERVED
-CVE-2014-2122 (Memory leak in the GUI in the Impact server in Cisco Hosted ...)
+CVE-2014-2122
 	NOT-FOR-US: Cisco
-CVE-2014-2121 (The Java-based software in Cisco Hosted Collaboration Solution (HCS) ...)
+CVE-2014-2121
 	NOT-FOR-US: Cisco
-CVE-2014-2120 (Cross-site scripting (XSS) vulnerability in the WebVPN login page in ...)
+CVE-2014-2120
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2119 (The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS ...)
+CVE-2014-2119
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2014-2118 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-2118
 	NOT-FOR-US: Cisco PRSM
-CVE-2014-2117 (Multiple open redirect vulnerabilities in Cisco Emergency Responder ...)
+CVE-2014-2117
 	NOT-FOR-US: Cisco
-CVE-2014-2116 (Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers ...)
+CVE-2014-2116
 	NOT-FOR-US: Cisco
-CVE-2014-2115 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-2115
 	NOT-FOR-US: Cisco
-CVE-2014-2114 (Cross-site scripting (XSS) vulnerability in UserServlet in Cisco ...)
+CVE-2014-2114
 	NOT-FOR-US: Cisco
-CVE-2014-2113 (Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 ...)
+CVE-2014-2113
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2112 (The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows ...)
+CVE-2014-2112
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2111 (The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through ...)
+CVE-2014-2111
 	NOT-FOR-US: Cisco IOS
 CVE-2014-2110
 	RESERVED
-CVE-2014-2109 (The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through ...)
+CVE-2014-2109
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2108 (Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before ...)
+CVE-2014-2108
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2107 (Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA ...)
+CVE-2014-2107
 	NOT-FOR-US: Cisco
-CVE-2014-2106 (Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S ...)
+CVE-2014-2106
 	NOT-FOR-US: Cisco IOS
 CVE-2014-2105
 	RESERVED
-CVE-2014-2104 (Multiple cross-site scripting (XSS) vulnerabilities in the Business ...)
+CVE-2014-2104
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-2103 (Cisco Intrusion Prevention System (IPS) Software allows remote ...)
+CVE-2014-2103
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2014-2102 (Cisco Unified Contact Center Express (Unified CCX) does not properly ...)
+CVE-2014-2102
 	NOT-FOR-US: Cisco Unified Contact Center Express
 CVE-2014-2101
 	RESERVED
 CVE-2014-2100
 	RESERVED
-CVE-2014-2099 (The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before ...)
+CVE-2014-2099
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: [Anton] appears to not be present in any version of libav
-CVE-2014-2098 (libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect ...)
+CVE-2014-2098
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:10.4-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=849b9d34 (master)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6be5a3c0 (release/10)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=36d8914f (release/9)
-CVE-2014-2097 (The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before ...)
+CVE-2014-2097
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: [Anton] appears to not be present in any version of libav
-CVE-2014-2092 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2092
 	- cmsms <itp> (bug #608888)
-CVE-2014-2091 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2091
 	NOT-FOR-US: ATutor
-CVE-2014-2090 (Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in ...)
+CVE-2014-2090
 	NOT-FOR-US: ILIAS
-CVE-2014-2089 (ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via ...)
+CVE-2014-2089
 	NOT-FOR-US: ILIAS
-CVE-2014-2088 (Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 ...)
+CVE-2014-2088
 	NOT-FOR-US: ILIAS
-CVE-2014-2087 (Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload ...)
+CVE-2014-2087
 	NOT-FOR-US: Free Download Manager
-CVE-2014-2285 (The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs ...)
+CVE-2014-2285
 	- net-snmp 5.7.2.1~dfsg-3 (unimportant)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8+deb7u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1072044
@@ -20588,7 +20588,7 @@ CVE-2014-2285 (The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver
 	NOTE: unimportant since it only segfaults with older Perl version
 	NOTE: http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html
 	NOTE: http://perl5.git.perl.org/perl.git/commitdiff/ddfa59c
-CVE-2014-2284 (The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before ...)
+CVE-2014-2284
 	- net-snmp 5.7.2.1~dfsg-3 (bug #742817)
 	[wheezy] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
 	[squeeze] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
@@ -20599,7 +20599,7 @@ CVE-2014-XXXX [buffer overflow]
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
 	[wheezy] - mp3gain <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/mp3gain/bugs/36/
-CVE-2014-2270 (softmagic.c in file before 5.17 and libmagic allows context-dependent ...)
+CVE-2014-2270
 	{DSA-2943-1 DSA-2873-1 DLA-145-1}
 	- file 1:5.17-1
 	NOTE: http://bugs.gw.com/view.php?id=313
@@ -20608,34 +20608,34 @@ CVE-2014-2270 (softmagic.c in file before 5.17 and libmagic allows context-depen
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
 CVE-2014-5795
 	REJECTED
-CVE-2014-2245 (SQL injection vulnerability in the News module in CMS Made Simple ...)
+CVE-2014-2245
 	- cmsms <itp> (bug #608888)
-CVE-2014-2244 (Cross-site scripting (XSS) vulnerability in the formatHTML function in ...)
+CVE-2014-2244
 	- mediawiki <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=61362
 	NOTE: https://gerrit.wikimedia.org/r/#/q/Idf985e4e69c2f11778a8a90503914678441cb3fb,n,z
-CVE-2014-2243 (includes/User.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x ...)
+CVE-2014-2243
 	- mediawiki 1:1.19.12+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=61346
 	NOTE: https://gerrit.wikimedia.org/r/#/q/I2a9e89120f7092015495e638c6fa9f67adc9b84f,n,z
-CVE-2014-2242 (includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and ...)
+CVE-2014-2242
 	- mediawiki 1:1.19.12+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=60771
 	NOTE: https://gerrit.wikimedia.org/r/#/q/7d923a6b53f7fbcb0cbc3a19797d741bf6f440eb,n,z
-CVE-2014-2238 (SQL injection vulnerability in the manage configuration page ...)
+CVE-2014-2238
 	- mantis <removed>
 	[wheezy] - mantis <not-affected> (Introduced in 1.2.13)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17055
-CVE-2014-2237 (The memcache token backend in OpenStack Identity (Keystone) 2013.1 ...)
+CVE-2014-2237
 	- keystone 2013.2.3-1
 	[wheezy] - keystone <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1260080
-CVE-2014-2236 (Multiple cross-site scripting (XSS) vulnerabilities in Askbot before ...)
+CVE-2014-2236
 	- askbot <itp> (bug #687966)
-CVE-2014-2235 (Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 ...)
+CVE-2014-2235
 	- askbot <itp> (bug #687966)
 CVE-2014-2214
 	RESERVED
@@ -20643,25 +20643,25 @@ CVE-2014-2214
 CVE-2014-2213
 	RESERVED
 	NOT-FOR-US: POSH web app (different from src:posh)
-CVE-2014-2212 (The remember me feature in portal/scr_authentif.php in POSH (aka Posh ...)
+CVE-2014-2212
 	NOT-FOR-US: POSH web app (different from src:posh)
-CVE-2014-2211 (SQL injection vulnerability in portal/addtoapplication.php in POSH ...)
+CVE-2014-2211
 	NOT-FOR-US: POSH web app (different from src:posh)
-CVE-2014-2206 (Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, ...)
+CVE-2014-2206
 	NOT-FOR-US: GetGo Download Manager
-CVE-2014-2096 (Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 ...)
+CVE-2014-2096
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
-CVE-2014-2095 (Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, ...)
+CVE-2014-2095
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
-CVE-2014-2094 (Untrusted search path vulnerability in Catfish through 0.4.0.3, when a ...)
+CVE-2014-2094
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
-CVE-2014-2093 (Untrusted search path vulnerability in Catfish through 0.4.0.3 allows ...)
+CVE-2014-2093
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
@@ -20669,87 +20669,87 @@ CVE-2014-2086
 	RESERVED
 CVE-2014-2085
 	REJECTED
-CVE-2014-2084 (Skybox View Appliances with ISO 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, ...)
+CVE-2014-2084
 	NOT-FOR-US: Skybox View Appliances
 CVE-2014-2083
 	RESERVED
 CVE-2014-2082
 	RESERVED
-CVE-2014-2081 (Multiple SQL injection vulnerabilities in the login in ...)
+CVE-2014-2081
 	NOT-FOR-US: Innovative vtls-Virtua
-CVE-2014-2080 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2080
 	NOT-FOR-US: MODx Revolution
-CVE-2014-2079 (X File Explorer (aka xfe) might allow local users to bypass intended ...)
+CVE-2014-2079
 	- xfe 1.37-2 (bug #739536)
 	[wheezy] - xfe <no-dsa> (Minor issue)
 	[squeeze] - xfe <no-dsa> (Minor issue)
-CVE-2014-2078 (The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 ...)
+CVE-2014-2078
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2077 (Cross-site scripting (XSS) vulnerability in the frontend in ...)
+CVE-2014-2077
 	NOT-FOR-US: Open-Xchange
 CVE-2014-2076
 	RESERVED
-CVE-2014-2075 (TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK ...)
+CVE-2014-2075
 	NOT-FOR-US: TIBCO Enterprise Administrator
 CVE-2014-2074
 	RESERVED
-CVE-2014-2073 (Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 ...)
+CVE-2014-2073
 	NOT-FOR-US: Dassault Systemes Catia
 CVE-2014-2072
 	RESERVED
 	NOT-FOR-US: Dassault Systemes Catia
-CVE-2014-2071 (Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before ...)
+CVE-2014-2071
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
 CVE-2014-2070
 	RESERVED
-CVE-2014-2069 (Absolute path traversal vulnerability in Eshtery CMS allows remote ...)
+CVE-2014-2069
 	NOT-FOR-US: Eshtery CMS
-CVE-2014-2068 (The doIndex function in hudson/util/RemotingDiagnostics.java in ...)
+CVE-2014-2068
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/0530a6645aac10fec005614211660e98db44b5eb
-CVE-2014-2067 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2067
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/5d57c855f3147bfc5e7fda9252317b428a700014
-CVE-2014-2066 (Session fixation vulnerability in Jenkins before 1.551 and LTS before ...)
+CVE-2014-2066
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/8ac74c350779921598f9d5edfed39dd35de8842a
-CVE-2014-2065 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and ...)
+CVE-2014-2065
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/a0b00508eeb74d7033dc4100eb382df4e8fa72e7
-CVE-2014-2064 (The loadUserByUsername function in ...)
+CVE-2014-2064
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/fbf96734470caba9364f04e0b77b0bae7293a1ec
-CVE-2014-2063 (Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to ...)
+CVE-2014-2063
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/16931bd7bf7560e26ef98328b8e95e803d0e90f6
-CVE-2014-2062 (Jenkins before 1.551 and LTS before 1.532.2 does not invalidate the ...)
+CVE-2014-2062
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/5548b5220cfd496831b5721124189ff18fbb12a3
-CVE-2014-2061 (The input control in PasswordParameterDefinition in Jenkins before ...)
+CVE-2014-2061
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/bf539198564a1108b7b71a973bf7de963a6213ef
-CVE-2014-2060 (The Winstone servlet container in Jenkins before 1.551 and LTS before ...)
+CVE-2014-2060
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/29351af4bd01f61715418916fc12c52be46bd9b0
-CVE-2014-2059 (Directory traversal vulnerability in the CLI job creation ...)
+CVE-2014-2059
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/ad38d8480f20ce3cbf8fec3e2003bc83efda4f7d
-CVE-2014-2058 (BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows ...)
+CVE-2014-2058
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/b6b2a367a7976be80a799c6a49fa6c58d778b50e
-CVE-2014-2057 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
+CVE-2014-2057
 	- owncloud 6.0.2+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-007/
-CVE-2014-2056 (PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before ...)
+CVE-2014-2056
 	- owncloud 6.0.2+dfsg-1
 	- phpdocx 3.0+dfsg-2
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
-CVE-2014-2055 (SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and ...)
+CVE-2014-2055
 	- owncloud 6.0.2+dfsg-1
 	- php-sabredav 1.7.11+dfsg-1
 	NOTE: https://github.com/fruux/sabre-dav/releases/tag/1.7.11
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
-CVE-2014-2054 (PHPExcel before 1.8.0, as used in ownCloud Server before 5.0.15 and ...)
+CVE-2014-2054
 	- owncloud 6.0.2+dfsg-1
 	- dolibarr 3.5.3+dfsg1-1
 	- moodle 2.7.5+dfsg-3 (bug #775842)
@@ -20759,7 +20759,7 @@ CVE-2014-2054 (PHPExcel before 1.8.0, as used in ownCloud Server before 5.0.15 a
 	NOTE: owncloud does not mention details
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
 	NOTE: https://github.com/PHPOffice/PHPExcel/blob/develop/changelog.txt
-CVE-2014-2053 (getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and ...)
+CVE-2014-2053
 	{DSA-3001-1 DLA-56-1}
 	- owncloud 6.0.2+dfsg-1
 	- php-getid3 1.9.7-2
@@ -20775,31 +20775,31 @@ CVE-2014-2052
 	NOTE: owncloud advisory does not mention details for ZendFramework
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
 	NOTE: The reference wrt zendframework is for CVE-2012-6532
-CVE-2014-2051 (ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote ...)
+CVE-2014-2051
 	- owncloud 6.0.2+dfsg-1
 CVE-2014-2050
 	RESERVED
-CVE-2014-2049 (The default Flash Cross Domain policies in ownCloud before 5.0.15 and ...)
+CVE-2014-2049
 	- owncloud 6.0.0+dfsg-1
-CVE-2014-2048 (The user_openid app in ownCloud Server before 5.0.15 allows remote ...)
+CVE-2014-2048
 	- owncloud <removed>
-CVE-2014-2047 (Session fixation vulnerability in ownCloud before 6.0.2, when PHP is ...)
+CVE-2014-2047
 	- owncloud 6.0.2+dfsg-1
-CVE-2014-2046 (cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 ...)
+CVE-2014-2046
 	NOT-FOR-US: Broadcom Ltd PIPA C211
-CVE-2014-2045 (Multiple cross-site scripting (XSS) vulnerabilities in the old and new ...)
+CVE-2014-2045
 	NOT-FOR-US: Viprinet
-CVE-2014-2044 (Incomplete blacklist vulnerability in ajax/upload.php in ownCloud ...)
+CVE-2014-2044
 	- owncloud <not-affected> (Windows-specific)
-CVE-2014-2043 (SQL injection vulnerability in Resources/System/Templates/Data.aspx in ...)
+CVE-2014-2043
 	NOT-FOR-US: Procentia IntelliPen
-CVE-2014-2042 (Unrestricted file upload vulnerability in the Manage Project ...)
+CVE-2014-2042
 	NOT-FOR-US: Livetecs Timelive
 CVE-2014-2041
 	RESERVED
-CVE-2014-2040 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2014-2040
 	NOT-FOR-US: WordPress plugin MediaFileRenamer
-CVE-2014-2038 (The nfs_can_extend_write function in fs/nfs/write.c in the Linux ...)
+CVE-2014-2038
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (Introduced in 3.11)
 	- linux-2.6 <not-affected> (Introduced in 3.11)
@@ -20807,39 +20807,39 @@ CVE-2014-2038 (The nfs_can_extend_write function in fs/nfs/write.c in the Linux
 	NOTE: Fixed by https://git.kernel.org/linus/263b4509ec4d47e0da3e753f85a39ea12d1eff24
 CVE-2014-2036
 	RESERVED
-CVE-2014-2035 (Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web ...)
+CVE-2014-2035
 	NOT-FOR-US: InterWorx Web Control Panel
-CVE-2014-2034 (Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through ...)
+CVE-2014-2034
 	NOT-FOR-US: Sonatype Nexus OSS
-CVE-2014-2033 (The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, ...)
+CVE-2014-2033
 	NOT-FOR-US: Blue Coat ProxySG
 CVE-2014-2028
 	RESERVED
-CVE-2014-2026 (Cross-site scripting (XSS) vulnerability in the search functionality ...)
+CVE-2014-2026
 	NOT-FOR-US: Intrexx
 CVE-2014-2025
 	RESERVED
 	NOT-FOR-US: Intrexx
-CVE-2014-2024 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-2024
 	NOT-FOR-US: Open Classifieds
-CVE-2014-2023 (Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 ...)
+CVE-2014-2023
 	NOT-FOR-US: vBulletin
-CVE-2014-2022 (SQL injection vulnerability in includes/api/4/breadcrumbs_create.php ...)
+CVE-2014-2022
 	NOT-FOR-US: vBulletin
-CVE-2014-2021 (Cross-site scripting (XSS) vulnerability in admincp/apilog.php in ...)
+CVE-2014-2021
 	NOT-FOR-US: vBulletin
-CVE-2014-2020 (ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which ...)
+CVE-2014-2020
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
-CVE-2014-2019 (The iCloud subsystem in Apple iOS before 7.1 allows physically ...)
+CVE-2014-2019
 	NOT-FOR-US: Apple iOS
-CVE-2014-2018 (Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x ...)
+CVE-2014-2018
 	- icedove 24.2.0-1
 	[squeeze] - icedove <end-of-life>
-CVE-2014-2017 (CRLF injection vulnerability in OXID eShop Professional Edition before ...)
+CVE-2014-2017
 	NOT-FOR-US: OXID eShop
-CVE-2014-2016 (Multiple cross-site scripting (XSS) vulnerabilities in OXID eShop ...)
+CVE-2014-2016
 	NOT-FOR-US: OXID eShop
 CVE-2014-2012
 	RESERVED
@@ -20847,111 +20847,111 @@ CVE-2014-2011
 	RESERVED
 CVE-2014-2010
 	RESERVED
-CVE-2014-2009 (The mPAY24 payment module before 1.6 for PrestaShop allows remote ...)
+CVE-2014-2009
 	NOT-FOR-US: mPAY24 payment module for PrestaShop
-CVE-2014-2008 (SQL injection vulnerability in confirm.php in the mPAY24 payment ...)
+CVE-2014-2008
 	NOT-FOR-US: mPAY24 payment module for PrestaShop
 CVE-2014-2007
 	RESERVED
-CVE-2014-2006 (Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x ...)
+CVE-2014-2006
 	NOT-FOR-US: Intercom Web Kyukincho
-CVE-2014-2005 (Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) ...)
+CVE-2014-2005
 	NOT-FOR-US: Sophos Enterprise Console
-CVE-2014-2004 (The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 ...)
+CVE-2014-2004
 	NOT-FOR-US: SEIL routers
-CVE-2014-2003 (JustSystems JUST Online Update, as used in Ichitaro through 2014 and ...)
+CVE-2014-2003
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2014-2002 (Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 1.01b6 and ...)
+CVE-2014-2002
 	NOT-FOR-US: C-BOARD Moyuku
-CVE-2014-2001 (The East Japan Railway Company JR East Japan application before 1.2.0 ...)
+CVE-2014-2001
 	NOT-FOR-US: Android application for East Japan Railway Company
-CVE-2014-2000 (The NTT 050 plus application before 4.2.1 for Android allows attackers ...)
+CVE-2014-2000
 	NOT-FOR-US: NTT application for Android
-CVE-2014-1999 (The auto-format feature in the Request_Curl class in FuelPHP 1.1 ...)
+CVE-2014-1999
 	NOT-FOR-US: FuelPHP
-CVE-2014-1998 (Cross-site scripting (XSS) vulnerability in Nippon Institute of ...)
+CVE-2014-1998
 	NOT-FOR-US: SOY CMS
-CVE-2014-1997 (The ATEN CN8000 remote-access unit with firmware 1.6.154 and earlier ...)
+CVE-2014-1997
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2014-1996 (Cybozu Garoon 3.7 before SP4 allows remote authenticated users to ...)
+CVE-2014-1996
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1995 (Cross-site scripting (XSS) vulnerability in the Map search ...)
+CVE-2014-1995
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1994 (Cross-site scripting (XSS) vulnerability in the Notices portlet in ...)
+CVE-2014-1994
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1993 (The Portlets subsystem in Cybozu Garoon 2.x and 3.x before 3.7 SP4 ...)
+CVE-2014-1993
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1992 (Cross-site scripting (XSS) vulnerability in the Messages functionality ...)
+CVE-2014-1992
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1991 (Open redirect vulnerability in WebPlatform / AppFramework 6.0 through ...)
+CVE-2014-1991
 	NOT-FOR-US: NTT DATA INTRAMART
-CVE-2014-1990 (Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the ...)
+CVE-2014-1990
 	NOT-FOR-US: TOSHIBA TEC e-Studio
-CVE-2014-1989 (Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to ...)
+CVE-2014-1989
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1988 (The Phone Messages feature in Cybozu Garoon 2.0.0 through 3.7 SP2 ...)
+CVE-2014-1988
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1987 (The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote ...)
+CVE-2014-1987
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1986 (The Content Provider in the KOKUYO CamiApp application 1.21.1 and ...)
+CVE-2014-1986
 	NOT-FOR-US: KOKUYO CamiApp application
-CVE-2014-1984 (Session fixation vulnerability in the management screen in Cybozu ...)
+CVE-2014-1984
 	NOT-FOR-US: Cybozu Remote Service Manager
-CVE-2014-1983 (Unspecified vulnerability in Cybozu Remote Service Manager through ...)
+CVE-2014-1983
 	NOT-FOR-US: Cybozu Remote Service Manager
-CVE-2014-1982 (The administrative interface in Allied Telesis AT-RG634A ADSL ...)
+CVE-2014-1982
 	NOT-FOR-US: Allied Telesis AT-RG634A ADSL Broadband router
 CVE-2014-1981
 	REJECTED
-CVE-2014-1980 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-1980
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-1979 (The NTT DOCOMO sp mode mail application 5900 through 6300 for Android ...)
+CVE-2014-1979
 	NOT-FOR-US: NTT DOCOMO mail app
-CVE-2014-1978 (The application link interface in the NTT DOCOMO sp mode mail ...)
+CVE-2014-1978
 	NOT-FOR-US: NTT DOCOMO mail app
-CVE-2014-1977 (The NTT DOCOMO sp mode mail application 6300 and earlier for Android ...)
+CVE-2014-1977
 	NOT-FOR-US: NTT DOCOMO mail app
-CVE-2014-1976 (The Demaecan application 2.1.0 and earlier for Android does not verify ...)
+CVE-2014-1976
 	NOT-FOR-US: Demaecan Android app
-CVE-2014-1975 (Directory traversal vulnerability in the R-Company Unzipper ...)
+CVE-2014-1975
 	NOT-FOR-US: Unzipper Android app
-CVE-2014-1974 (Directory traversal vulnerability in the LYSESOFT AndExplorer ...)
+CVE-2014-1974
 	NOT-FOR-US: LYSESOFT
-CVE-2014-1973 (Directory traversal vulnerability in the NextApp File Explorer ...)
+CVE-2014-1973
 	NOT-FOR-US: NextApp File Explorer application for Android
-CVE-2014-1972 (Apache Tapestry before 5.3.6 relies on client-side object storage ...)
+CVE-2014-1972
 	NOT-FOR-US: Apache Tapestry
-CVE-2014-1971 (Cross-site scripting (XSS) vulnerability in Silex before 2.0.0 allows ...)
+CVE-2014-1971
 	NOT-FOR-US: Silex
-CVE-2014-1970 (Directory traversal vulnerability in the ES File Explorer File Manager ...)
+CVE-2014-1970
 	NOT-FOR-US: ES File Explorer File Manager for Android
-CVE-2014-1969 (Directory traversal vulnerability in the apps4u@android SD Card ...)
+CVE-2014-1969
 	NOT-FOR-US: apps4u@android SD Card Manager application
-CVE-2014-1968 (Cross-site scripting (XSS) vulnerability in the XooNIps module 3.47 ...)
+CVE-2014-1968
 	NOT-FOR-US: XooNIps module for XOOPS
-CVE-2014-1967 (The Denny's application before 2.0.1 for Android does not verify X.509 ...)
+CVE-2014-1967
 	NOT-FOR-US: Denny's application for Android
-CVE-2014-1966 (The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 ...)
+CVE-2014-1966
 	NOT-FOR-US: Siemens RuggedCom ROS
-CVE-2014-1965 (Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the ...)
+CVE-2014-1965
 	NOT-FOR-US: SAP Exchange Infrastructure
-CVE-2014-1964 (Cross-site scripting (XSS) vulnerability in the Integration Repository ...)
+CVE-2014-1964
 	NOT-FOR-US: SAP Exchange Infrastructure
-CVE-2014-1963 (Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 ...)
+CVE-2014-1963
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-1962 (Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain ...)
+CVE-2014-1962
 	NOT-FOR-US: SAP CRM
-CVE-2014-1961 (Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver ...)
+CVE-2014-1961
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-1960 (The Solution Manager in SAP NetWeaver does not properly restrict ...)
+CVE-2014-1960
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-1957 (FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to ...)
+CVE-2014-1957
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-1956 (CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 ...)
+CVE-2014-1956
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-1955 (Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before ...)
+CVE-2014-1955
 	NOT-FOR-US: FortiGuard FortiWeb
 CVE-2014-1954
 	RESERVED
@@ -20961,34 +20961,34 @@ CVE-2014-1952
 	RESERVED
 CVE-2014-1951
 	RESERVED
-CVE-2014-1946 (OpenDocMan 1.2.7 and earlier does not properly validate allowed ...)
+CVE-2014-1946
 	NOT-FOR-US: OpenDocMan
-CVE-2014-1945 (SQL injection vulnerability in ajax_udf.php in OpenDocMan before ...)
+CVE-2014-1945
 	NOT-FOR-US: OpenDocMan
-CVE-2014-1944 (Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier ...)
+CVE-2014-1944
 	NOT-FOR-US: Ilch CMS
-CVE-2014-1942 (Cross-site scripting (XSS) vulnerability in aal/loginverification.aspx ...)
+CVE-2014-1942
 	NOT-FOR-US: Pearson eSIS Enterprise Student Information System
 CVE-2014-1941
 	RESERVED
 CVE-2014-1940
 	RESERVED
-CVE-2014-1931 (The user login page in Visibility Software Cyber Recruiter before ...)
+CVE-2014-1931
 	NOT-FOR-US: Visibility Software Cyber Recruiter
-CVE-2014-1930 (Visibility Software Cyber Recruiter before 8.1.00 does not use the ...)
+CVE-2014-1930
 	NOT-FOR-US: Visibility Software Cyber Recruiter
-CVE-2014-2039 (arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the ...)
+CVE-2014-2039
 	{DSA-2906-1}
 	- linux 3.13.5-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/linus/8d7f6690cedb83456edd41c9bd583783f0703bf0
-CVE-2014-2037 (Openswan 2.6.40 allows remote attackers to cause a denial of service ...)
+CVE-2014-2037
 	- openswan <not-affected> (Incomplete fix was never applied)
-CVE-2014-2032 (Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS ...)
+CVE-2014-2032
 	- maradns <not-affected> (Deadwood resolver not enabled)
 	NOTE: https://github.com/samboy/MaraDNS/commit/2cfcd2397cb8168d4aa4594839fabe88420d03c3
-CVE-2014-2031 (Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS ...)
+CVE-2014-2031
 	- maradns <not-affected> (Deadwood resolver not enabled)
 	NOTE: https://github.com/samboy/MaraDNS/commit/f015495d221f1c2b2f10db38e87cecf3839d6093
 CVE-2014-2030
@@ -20997,21 +20997,21 @@ CVE-2014-2030
 	- imagemagick 8:6.7.7.10+dfsg-1 (bug #740250)
 	[squeeze] - imagemagick <not-affected> (CVE only for versions with r1448 applied)
 	NOTE: for the issue in newer imagemagick versions using "L%06ld" string.
-CVE-2014-2029 (The automatic version check functionality in the tools in Percona ...)
+CVE-2014-2029
 	- percona-toolkit 2.2.7-1~dfsg1 (bug #740846)
 	[wheezy] - percona-toolkit <not-affected> (version-check introduced in 2.1.4)
 	- percona-xtrabackup 2.2.3-1 (bug #751377)
-CVE-2014-2027 (eGroupware before 1.8.006.20140217 allows remote attackers to conduct ...)
+CVE-2014-2027
 	- egroupware <removed>
-CVE-2014-2015 (Stack-based buffer overflow in the normify function in the rlm_pap ...)
+CVE-2014-2015
 	{DLA-977-1}
 	- freeradius 2.2.5+dfsg-0.1 (low; bug #742820)
 	[squeeze] - freeradius <no-dsa> (Minor issue)
 	NOTE: http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/0d606cfc29a.patch
-CVE-2014-2014 (imapsync before 1.584, when running with the --tls option, attempts a ...)
+CVE-2014-2014
 	- imapsync <removed>
-CVE-2014-1959 (lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 ...)
+CVE-2014-1959
 	{DSA-2866-1}
 	- gnutls26 2.12.23-12
 	[squeeze] - gnutls26 <not-affected> (does not allow X.509 v1 certificates by default)
@@ -21025,11 +21025,11 @@ CVE-2014-1958 [PSD Images Processing RLE Decoding Buffer Overflow Vulnerability]
 	[squeeze] - imagemagick <not-affected> (DecodePSDPixels function is not present)
 	NOTE: squeeze: DecodePSDPixels not present but there was a rewrite from DecodeImage?
 	NOTE: http://secunia.com/advisories/56844/
-CVE-2014-1950 (Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen ...)
+CVE-2014-1950
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Xen 4.1 onwards affected)
-CVE-2014-1949 (GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, ...)
+CVE-2014-1949
 	- gtk+3.0 3.11.8-1
 	[wheezy] - gtk+3.0 <not-affected> (Only affects GTK+ 3.10.9 and later)
 	- gtk+2.0 <not-affected> (Only affects GTK+ 3.10.9 and later)
@@ -21038,7 +21038,7 @@ CVE-2014-1949 (GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, ...)
 	NOTE: https://git.gnome.org/browse/gtk+/commit/?id=1691bb741d50c90ee938f0b73fe81b0ca9bfd6d4
 	NOTE: The CVE was originally assigned specifically for cinnamon-screensaver, but the underlying fix lies in gtk+3.0
 	NOTE: and later MITRE assigned the CVE to GTK+ 3.10.9 and later, see official MITRE CVE description.
-CVE-2014-1948 (OpenStack Image Registry and Delivery Service (Glance) 2013.2 through ...)
+CVE-2014-1948
 	- glance 2013.2.2-1 (bug #738924)
 	[wheezy] - glance <not-affected> (Only affects Havana)
 	NOTE: https://launchpad.net/bugs/1275062
@@ -21050,14 +21050,14 @@ CVE-2014-1947 [Buffer overflow vulnerability]
 	- graphicsmagick 1.3.20-1 (unimportant)
 	NOTE: for graphicsmagick: https://bugzilla.redhat.com/show_bug.cgi?id=1064098#c13
 	NOTE: Rendered non-exploitable by fortified source for graphicsmagick
-CVE-2014-1943 (Fine Free file before 5.17 allows context-dependent attackers to cause ...)
+CVE-2014-1943
 	{DSA-2868-1 DSA-2861-1}
 	- file 1:5.17-0.1 (bug #738832)
 	NOTE: http://mx.gw.com/pipermail/file/2014/001337.html
 	NOTE: https://github.com/glensc/file/commit/3c081560c23f20b2985c285338b52c7aae9fdb0f
 	NOTE: https://github.com/glensc/file/commit/cc9e74dfeca5265ad725acc926ef0b8d2a18ee70
 	- php5 5.5.10+dfsg-1 (bug #739012)
-CVE-2014-1929 (python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to ...)
+CVE-2014-1929
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
 CVE-2014-1926
@@ -21070,39 +21070,39 @@ CVE-2014-1918
 	RESERVED
 CVE-2014-1917
 	RESERVED
-CVE-2014-1916 (The (1) opus_packet_get_nb_frames and (2) ...)
+CVE-2014-1916
 	NOT-FOR-US: MumbleKit / Mumble for iOS
-CVE-2014-1915 (Multiple cross-site request forgery (CSRF) vulnerabilities in Command ...)
+CVE-2014-1915
 	NOT-FOR-US: Command School Student Management System
-CVE-2014-1914 (Multiple cross-site scripting (XSS) vulnerabilities in Command School ...)
+CVE-2014-1914
 	NOT-FOR-US: Command School Student Management System
 CVE-2014-1913
 	RESERVED
-CVE-2014-1911 (The Foscam FI8910W camera with firmware before 11.37.2.55 allows ...)
+CVE-2014-1911
 	NOT-FOR-US: Foscam camera
-CVE-2014-1910 (Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 ...)
+CVE-2014-1910
 	NOT-FOR-US: Citrix ShareFile Mobile
-CVE-2014-1908 (The error-handling feature in (1) bp.php, (2) ...)
+CVE-2014-1908
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1907 (Multiple directory traversal vulnerabilities in the VideoWhisper Live ...)
+CVE-2014-1907
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1906 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2014-1906
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1905 (Unrestricted file upload vulnerability in ls/vw_snapshots.php in the ...)
+CVE-2014-1905
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1904 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-1904
 	{DSA-2890-1}
 	- libspring-java 3.0.6.RELEASE-13 (bug #741604)
 	NOTE: http://www.gopivotal.com/security/cve-2014-1904
-CVE-2014-1903 (admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, ...)
+CVE-2014-1903
 	NOT-FOR-US: FreePBX
-CVE-2014-1902 (Multiple cross-site scripting (XSS) vulnerabilities in Y-Cam camera ...)
+CVE-2014-1902
 	NOT-FOR-US: Y-Cam cameras
-CVE-2014-1901 (Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range ...)
+CVE-2014-1901
 	NOT-FOR-US: Y-Cam cameras
-CVE-2014-1900 (Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range ...)
+CVE-2014-1900
 	NOT-FOR-US: Y-Cam cameras
-CVE-2014-1899 (Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway ...)
+CVE-2014-1899
 	NOT-FOR-US: Citrix NetScaler Gateway
 CVE-2014-1898
 	RESERVED
@@ -21110,17 +21110,17 @@ CVE-2014-1897
 	RESERVED
 CVE-2014-1890
 	RESERVED
-CVE-2014-1889 (The Group creation process in the Buddypress plugin before 1.9.2 for ...)
+CVE-2014-1889
 	NOT-FOR-US: Buddypress plugin for WordPress
-CVE-2014-1888 (Cross-site scripting (XSS) vulnerability in the BuddyPress plugin ...)
+CVE-2014-1888
 	NOT-FOR-US: BuddyPress plugin for WordPress
 CVE-2014-1880
 	RESERVED
-CVE-2014-1879 (Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin ...)
+CVE-2014-1879
 	{DSA-2975-1}
 	- phpmyadmin 4:4.1.7-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-1878 (Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c ...)
+CVE-2014-1878
 	{DSA-2956-1 DLA-1615-1 DLA-461-1 DLA-60-1}
 	- icinga 1.10.3-1
 	- nagios3 <removed> (bug #823721)
@@ -21131,13 +21131,13 @@ CVE-2014-1872
 	RESERVED
 CVE-2014-1871
 	RESERVED
-CVE-2014-1870 (Opera before 19 on Mac OS X allows user-assisted remote attackers to ...)
+CVE-2014-1870
 	NOT-FOR-US: Opera
-CVE-2014-1869 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-1869
 	- db4o <unfixed> (unimportant)
 	- jenkins 1.565.3-1 (bug #763899)
 	NOTE: in -doc package
-CVE-2014-1939 (java/android/webkit/BrowserFrame.java in Android before 4.4 uses the ...)
+CVE-2014-1939
 	NOT-FOR-US: Android Jelly Bean
 CVE-2014-1938 [insecure use of /tmp]
 	RESERVED
@@ -21159,26 +21159,26 @@ CVE-2014-1935 [insecure use of /tmp]
 	- 9base <unfixed> (unimportant; bug #737206)
 	[squeeze] - 9base <no-dsa> (Minor issue)
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2014-1934 (tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for ...)
+CVE-2014-1934
 	- eyed3 0.6.18-3 (unimportant; bug #737062)
 	[squeeze] - eyed3 <no-dsa> (Minor issue)
 	NOTE: Upstream patch: https://bitbucket.org/nicfit/eyed3/commits/372bbacb7a70
 	NOTE: https://bitbucket.org/nicfit/eyed3/issue/65/tagpy-in-eyed3-allows-local-users-to
 	NOTE: Neutralised by protected_symlinks kernel temp hardening
-CVE-2014-1933 (The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python ...)
+CVE-2014-1933
 	- pillow 2.4.0-1 (low; bug #737059)
 	- python-imaging <removed>
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
-CVE-2014-1932 (The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript ...)
+CVE-2014-1932
 	- pillow 2.4.0-1 (low; bug #737059)
 	- python-imaging <removed>
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
-CVE-2014-1928 (The shell_quote function in python-gnupg 0.3.5 does not properly ...)
+CVE-2014-1928
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
-CVE-2014-1927 (The shell_quote function in python-gnupg 0.3.5 does not properly quote ...)
+CVE-2014-1927
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
 CVE-2014-1925 [SQL injection]
@@ -21193,49 +21193,49 @@ CVE-2014-1923 [arbitrary file write trough edithelp.pl]
 CVE-2014-1922 [path traversal]
 	RESERVED
 	- koha <itp> (bug #702134)
-CVE-2014-1921 (parcimonie before 0.8.1, when using a large keyring, sleeps for the ...)
+CVE-2014-1921
 	{DSA-2860-1}
 	- parcimonie 0.8.1-1 (bug #738134)
-CVE-2014-1909 (Integer signedness error in system/core/adb/adb_client.c in Android ...)
+CVE-2014-1909
 	- android-tools 4.2.2+git20130529-5.1 (bug #770513)
 	- android-platform-system-core 1:6.0.0+r26-1~stage1
 	[jessie] - android-platform-system-core <no-dsa> (Minor issue)
 	NOTE: http://www.droidsec.org/advisories/2014/02/04/two-security-issues-found-in-the-android-sdk-tools.html
-CVE-2014-1896 (The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen ...)
+CVE-2014-1896
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
-CVE-2014-1895 (Off-by-one error in the flask_security_avc_cachestats function in ...)
+CVE-2014-1895
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
-CVE-2014-1894 (Multiple integer overflows in unspecified suboperations in the flask ...)
+CVE-2014-1894
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1893 (Multiple integer overflows in the (1) FLASK_GETBOOL and (2) ...)
+CVE-2014-1893
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1892 (Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause ...)
+CVE-2014-1892
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1891 (Multiple integer overflows in the (1) FLASK_GETBOOL, (2) ...)
+CVE-2014-1891
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1887 (The DrinkedIn BarFinder application for Android, when Adobe PhoneGap ...)
+CVE-2014-1887
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1886 (The Edinburgh by Bus application for Android, when Adobe PhoneGap ...)
+CVE-2014-1886
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1885 (The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or ...)
+CVE-2014-1885
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1884 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier ...)
+CVE-2014-1884
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1883 (Adobe PhoneGap before 2.6.0 on Android uses the ...)
+CVE-2014-1883
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1882 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier ...)
+CVE-2014-1882
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1881 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier ...)
+CVE-2014-1881
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1868 (Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when ...)
+CVE-2014-1868
 	- restlet <itp> (bug #596472)
 CVE-2014-1867
 	RESERVED
@@ -21252,14 +21252,14 @@ CVE-2014-1863
 	RESERVED
 CVE-2014-1862
 	RESERVED
-CVE-2014-1861 (The client in Jetro COCKPIT Secure Browsing (JCSB) 4.3.1 and 4.3.3 ...)
+CVE-2014-1861
 	NOT-FOR-US: Jetro COCKPIT Secure Browsing
-CVE-2014-1859 ((1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) ...)
+CVE-2014-1859
 	- python-numpy 1:1.8.1~rc1-1 (low; bug #737778)
 	[squeeze] - python-numpy <no-dsa> (Minor issue)
 	[wheezy] - python-numpy <no-dsa> (Minor issue)
 	NOTE: issue fixed by https://github.com/numpy/numpy/commit/0bb46c1448b0d3f5453d5182a17ea7ac5854ee15
-CVE-2014-1858 (__init__.py in f2py in NumPy before 1.8.1 allows local users to write ...)
+CVE-2014-1858
 	- python-numpy 1:1.8.1~rc1-1 (low; bug #737778)
 	[squeeze] - python-numpy <no-dsa> (Minor issue)
 	[wheezy] - python-numpy <no-dsa> (Minor issue)
@@ -21267,9 +21267,9 @@ CVE-2014-1857
 	RESERVED
 CVE-2014-1856
 	RESERVED
-CVE-2014-1855 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel ...)
+CVE-2014-1855
 	NOT-FOR-US: Seo Panel
-CVE-2014-1854 (SQL injection vulnerability in library/clicktracker.php in the ...)
+CVE-2014-1854
 	NOT-FOR-US: AdRotate plugin for WordPress
 CVE-2014-1853
 	RESERVED
@@ -21280,7 +21280,7 @@ CVE-2014-1851
 CVE-2014-1850
 	RESERVED
 	- node-marked 0.3.1+dfsg-1
-CVE-2014-1849 (Foscam IP camera 11.37.2.49 and other versions, when using the Foscam ...)
+CVE-2014-1849
 	NOT-FOR-US: Foscam
 CVE-2014-1848
 	RESERVED
@@ -21288,23 +21288,23 @@ CVE-2014-1847
 	RESERVED
 CVE-2014-1844
 	RESERVED
-CVE-2014-1843 (Directory traversal vulnerability in the web interface in Titan FTP ...)
+CVE-2014-1843
 	NOT-FOR-US: Titan FTP Server
-CVE-2014-1842 (Directory traversal vulnerability in the web interface in Titan FTP ...)
+CVE-2014-1842
 	NOT-FOR-US: Titan FTP Server
-CVE-2014-1841 (Directory traversal vulnerability in the web interface in Titan FTP ...)
+CVE-2014-1841
 	NOT-FOR-US: Titan FTP Server
-CVE-2014-1840 (Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB ...)
+CVE-2014-1840
 	NOT-FOR-US: MyBB
-CVE-2014-1830 (Requests (aka python-requests) before 2.3.0 allows remote servers to ...)
+CVE-2014-1830
 	{DSA-3146-1}
 	- requests 2.3.0-1 (bug #733108)
 	NOTE: https://github.com/kennethreitz/requests/issues/1885
-CVE-2014-1829 (Requests (aka python-requests) before 2.3.0 allows remote servers to ...)
+CVE-2014-1829
 	{DSA-3146-1}
 	- requests 2.3.0-1 (bug #733108)
 	NOTE: https://github.com/kennethreitz/requests/issues/1885
-CVE-2014-1912 (Buffer overflow in the socket.recvfrom_into function in ...)
+CVE-2014-1912
 	{DSA-2880-1 DLA-25-1}
 	- python2.5 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
@@ -21319,17 +21319,17 @@ CVE-2014-1912 (Buffer overflow in the socket.recvfrom_into function in ...)
 	- python3.4 3.4.0-1 (low)
 	NOTE: http://bugs.python.org/issue20246
 	NOTE: https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/
-CVE-2014-1877 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 ...)
+CVE-2014-1877
 	NOT-FOR-US: Dokeos
-CVE-2014-1876 (The unpacker::redirect_stdio function in unpack.cpp in unpack200 in ...)
+CVE-2014-1876
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1 (low; bug #737562)
 	- openjdk-6 6b31-1.13.3-1 (low)
-CVE-2014-1875 (The Capture::Tiny module before 0.24 for Perl allows local users to ...)
+CVE-2014-1875
 	- libcapture-tiny-perl 0.24-1 (bug #737835)
 	[wheezy] - libcapture-tiny-perl <no-dsa> (Minor issue)
 	[squeeze] - libcapture-tiny-perl <no-dsa> (Minor issue)
-CVE-2014-1874 (The security_context_to_sid_core function in ...)
+CVE-2014-1874
 	{DSA-2906-1}
 	- linux 3.13.4-1
 	[wheezy] - linux 3.2.57-1
@@ -21338,268 +21338,268 @@ CVE-2014-1874 (The security_context_to_sid_core function in ...)
 CVE-2014-1860 [PHP object insertion]
 	RESERVED
 	NOT-FOR-US: Contao CMS
-CVE-2014-1832 (Phusion Passenger 4.0.37 allows local users to write to certain files ...)
+CVE-2014-1832
 	- ruby-passenger 4.0.37-2
 	[wheezy] - ruby-passenger <not-affected> (incomplete patch never applied)
 	- passenger <not-affected> (incomplete patch never applied)
-CVE-2014-1831 (Phusion Passenger before 4.0.37 allows local users to write to certain ...)
+CVE-2014-1831
 	- ruby-passenger 4.0.37-1 (low; bug #736958)
 	[wheezy] - ruby-passenger 3.0.13debian-1+deb7u2 (low; bug #736958)
 	- passenger 4.0.37-1
 	[squeeze] - passenger <no-dsa> (minor issue)
-CVE-2014-1845 (An unspecified setuid root helper in Enlightenment before 0.17.6 ...)
+CVE-2014-1845
 	- e17 0.17.3-3 (bug #737705)
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=ea605237bb64ee09341121461b3d2c0f5dbe832d
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=126afd0fda493deec8398088e6e928b4d2e5f463
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=8cabf2708520539cf25ca0a876f9c044f6d56a77
-CVE-2014-1846 (Enlightenment before 0.17.6 might allow local users to gain privileges ...)
+CVE-2014-1846
 	- e17 0.17.3-3 (bug #737705)
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=ea605237bb64ee09341121461b3d2c0f5dbe832d
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=126afd0fda493deec8398088e6e928b4d2e5f463
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=8cabf2708520539cf25ca0a876f9c044f6d56a77
-CVE-2014-1839 (The Execute class in shellutils in logilab-commons before 0.61.0 uses ...)
+CVE-2014-1839
 	- logilab-common 0.61.0-1 (low; bug #737051)
 	[squeeze] - logilab-common <no-dsa> (Minor issue)
 	[wheezy] - logilab-common <no-dsa> (Minor issue)
-CVE-2014-1838 (The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py ...)
+CVE-2014-1838
 	- logilab-common 0.61.0-1 (low; bug #737051)
 	[squeeze] - logilab-common <no-dsa> (Minor issue)
 	[wheezy] - logilab-common <no-dsa> (Minor issue)
-CVE-2014-1837 (Cross-site scripting (XSS) vulnerability in the StackIdeas Komento ...)
+CVE-2014-1837
 	NOT-FOR-US: Joomla com_komento
-CVE-2014-1836 (Absolute path traversal vulnerability in ...)
+CVE-2014-1836
 	NOT-FOR-US: ImpressCMS
-CVE-2014-1835 (The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 ...)
+CVE-2014-1835
 	NOT-FOR-US: Echor Ruby Gem
-CVE-2014-1834 (The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 ...)
+CVE-2014-1834
 	NOT-FOR-US: Echor Ruby Gem
-CVE-2014-1833 (Directory traversal vulnerability in uupdate in devscripts 2.14.1 ...)
+CVE-2014-1833
 	- devscripts 2.14.8 (low; bug #737160)
 	[squeeze] - devscripts <no-dsa> (Minor issue)
 	[wheezy] - devscripts <no-dsa> (Minor issue)
 CVE-2014-XXXX [no input validation for search function]
 	- fookebox 0.7.2-1 (low; bug #736821)
 	[wheezy] - fookebox <no-dsa> (Minor issue)
-CVE-2014-2013 (Stack-based buffer overflow in the xps_parse_color function in ...)
+CVE-2014-2013
 	{DSA-2951-1}
 	- mupdf 1.3-2 (bug #738857)
 	NOTE: http://www.hdwsec.fr/blog/mupdf.html
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=694957
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=60dabde18d7fe12b19da8b509bdfee9cc886aafc
-CVE-2014-1828 (The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad ...)
+CVE-2014-1828
 	NOT-FOR-US: iOS iThoughtsHD app
-CVE-2014-1827 (The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi ...)
+CVE-2014-1827
 	NOT-FOR-US: iOS iThoughtsHD app
-CVE-2014-1826 (Cross-site scripting (XSS) vulnerability in the iThoughtsHD app 4.19 ...)
+CVE-2014-1826
 	NOT-FOR-US: iOS iThoughtsHD app
 CVE-2014-1825
 	REJECTED
-CVE-2014-1824 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2014-1824
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1823 (Cross-site scripting (XSS) vulnerability in the Web Components Server ...)
+CVE-2014-1823
 	NOT-FOR-US: Microsoft Lync Server
 CVE-2014-1822
 	REJECTED
 CVE-2014-1821
 	REJECTED
-CVE-2014-1820 (Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) ...)
+CVE-2014-1820
 	NOT-FOR-US: Microsoft
-CVE-2014-1819 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2014-1819
 	NOT-FOR-US: Microsoft
-CVE-2014-1818 (GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows ...)
+CVE-2014-1818
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1817 (usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft ...)
+CVE-2014-1817
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1816 (Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly ...)
+CVE-2014-1816
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2014-1815 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-1815
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1814 (The Windows Installer in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2014-1814
 	NOT-FOR-US: Microsoft
-CVE-2014-1813 (Microsoft Web Applications 2010 SP1 and SP2 allows remote ...)
+CVE-2014-1813
 	NOT-FOR-US: Microsoft
-CVE-2014-1812 (The Group Policy implementation in Microsoft Windows Vista SP2, ...)
+CVE-2014-1812
 	NOT-FOR-US: Microsoft
-CVE-2014-1811 (The TCP implementation in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2014-1811
 	NOT-FOR-US: Microsoft Windows
 CVE-2014-1810
 	REJECTED
-CVE-2014-1809 (The MSCOMCTL library in Microsoft Office 2007 SP3, 2010 SP1 and SP2, ...)
+CVE-2014-1809
 	NOT-FOR-US: Microsoft
-CVE-2014-1808 (Microsoft Office 2013 Gold, SP1, RT, and RT SP1 allows remote ...)
+CVE-2014-1808
 	NOT-FOR-US: Microsoft
-CVE-2014-1807 (The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 ...)
+CVE-2014-1807
 	NOT-FOR-US: Microsoft
-CVE-2014-1806 (The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, ...)
+CVE-2014-1806
 	NOT-FOR-US: Microsoft
-CVE-2014-1805 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-1805
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1804 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-1804
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1803 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-1803
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1802 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-1802
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1801
 	REJECTED
-CVE-2014-1800 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-1800
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1799 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-1799
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1798
 	REJECTED
-CVE-2014-1797 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-1797
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1796 (Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers ...)
+CVE-2014-1796
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1795 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-1795
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1794 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-1794
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1793
 	REJECTED
-CVE-2014-1792 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-1792
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1791 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2014-1791
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1790 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2014-1790
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1789 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2014-1789
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1788 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-1788
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1787
 	REJECTED
-CVE-2014-1786 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-1786
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1785 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-1785
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1784 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-1784
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1783 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-1783
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1782 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-1782
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1781 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-1781
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1780 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-1780
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1779 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-1779
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1778 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-1778
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1777 (Microsoft Internet Explorer 10 and 11 allows remote attackers to read ...)
+CVE-2014-1777
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1776 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2014-1776
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1775 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-1775
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1774 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-1774
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1773 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-1773
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1772 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-1772
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1771 (SChannel in Microsoft Internet Explorer 6 through 11 does not ensure ...)
+CVE-2014-1771
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1770 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+CVE-2014-1770
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1769 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-1769
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1768
 	REJECTED
-CVE-2014-1767 (Double free vulnerability in the Ancillary Function Driver (AFD) in ...)
+CVE-2014-1767
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1766 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-1766
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1765 (Multiple use-after-free vulnerabilities in Microsoft Internet Explorer ...)
+CVE-2014-1765
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1764 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2014-1764
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1763 (Use-after-free vulnerability in Microsoft Internet Explorer 9 through ...)
+CVE-2014-1763
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1762 (Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 ...)
+CVE-2014-1762
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1761 (Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 ...)
+CVE-2014-1761
 	NOT-FOR-US: Microsoft Word
-CVE-2014-1760 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-1760
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1759 (pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote ...)
+CVE-2014-1759
 	NOT-FOR-US: Microsoft Publisher
-CVE-2014-1758 (Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote ...)
+CVE-2014-1758
 	NOT-FOR-US: Microsoft Word
-CVE-2014-1757 (Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility ...)
+CVE-2014-1757
 	NOT-FOR-US: Microsoft Word
-CVE-2014-1756 (Untrusted search path vulnerability in Microsoft Office 2007 SP3, 2010 ...)
+CVE-2014-1756
 	NOT-FOR-US: Microsoft
-CVE-2014-1755 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-1755
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1754 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2014-1754
 	NOT-FOR-US: Microsoft
-CVE-2014-1753 (Microsoft Internet Explorer 6 through 9 allows remote attackers to ...)
+CVE-2014-1753
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1752 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
+CVE-2014-1752
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1751 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-1751
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1749 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-1749
 	{DSA-2939-1}
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 35.0.1916.114-1
-CVE-2014-1748 (The ScrollView::paint function in platform/scroll/ScrollView.cpp in ...)
+CVE-2014-1748
 	{DSA-2939-1}
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 35.0.1916.114-1
-CVE-2014-1747 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2014-1747
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1746 (The InMemoryUrlProtocol::Read function in ...)
+CVE-2014-1746
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1745 (Use-after-free vulnerability in the SVG implementation in Blink, as ...)
+CVE-2014-1745
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1744 (Integer overflow in the AudioInputRendererHost::OnCreateStream ...)
+CVE-2014-1744
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1743 (Use-after-free vulnerability in the StyleElement::removedFromDocument ...)
+CVE-2014-1743
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1742 (Use-after-free vulnerability in the FrameSelection::updateAppearance ...)
+CVE-2014-1742
 	{DSA-2930-1}
 	- chromium-browser 34.0.1847.137-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1741 (Multiple integer overflows in the replace-data functionality in the ...)
+CVE-2014-1741
 	{DSA-2930-1}
 	- chromium-browser 34.0.1847.137-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1740 (Multiple use-after-free vulnerabilities in ...)
+CVE-2014-1740
 	{DSA-2930-1}
 	- chromium-browser 34.0.1847.137-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1739 (The media_device_enum_entities function in ...)
+CVE-2014-1739
 	- linux 3.14.7-1 (unimportant)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerability introduced in 2.6.38)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6a623460e5fc960ac3ee9f946d3106233fd28d8
 	NOTE: Not exploitable with any sane setup
-CVE-2014-1738 (The raw_cmd_copyout function in drivers/block/floppy.c in the Linux ...)
+CVE-2014-1738
 	{DSA-2928-1 DSA-2926-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2145e15e0557a01b9195d1c7199a1b92cb9be81f
-CVE-2014-1737 (The raw_cmd_copyin function in drivers/block/floppy.c in the Linux ...)
+CVE-2014-1737
 	{DSA-2928-1 DSA-2926-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c
-CVE-2014-1736 (Integer overflow in api.cc in Google V8, as used in Google Chrome ...)
+CVE-2014-1736
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21608,7 +21608,7 @@ CVE-2014-1736 (Integer overflow in api.cc in Google V8, as used in Google Chrome
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1735 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, ...)
+CVE-2014-1735
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21617,23 +21617,23 @@ CVE-2014-1735 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1734 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-1734
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1733 (The PointerCompare function in codegen.cc in Seccomp-BPF, as used in ...)
+CVE-2014-1733
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1732 (Use-after-free vulnerability in ...)
+CVE-2014-1732
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1731 (core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as ...)
+CVE-2014-1731
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1730 (Google V8, as used in Google Chrome before 34.0.1847.131 on Windows ...)
+CVE-2014-1730
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21642,7 +21642,7 @@ CVE-2014-1730 (Google V8, as used in Google Chrome before 34.0.1847.131 on Windo
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1729 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, ...)
+CVE-2014-1729
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21651,23 +21651,23 @@ CVE-2014-1729 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1728 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-1728
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1727 (Use-after-free vulnerability in ...)
+CVE-2014-1727
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1726 (The drag implementation in Google Chrome before 34.0.1847.116 allows ...)
+CVE-2014-1726
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1725 (The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as ...)
+CVE-2014-1725
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1724 (Use-after-free vulnerability in Free(b)soft Laboratory Speech ...)
+CVE-2014-1724
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21675,31 +21675,31 @@ CVE-2014-1724 (Use-after-free vulnerability in Free(b)soft Laboratory Speech ...
 	[squeeze] - speech-dispatcher <no-dsa> (Minor issue)
 	[wheezy] - speech-dispatcher <no-dsa> (Minor issue)
 	NOTE: no specific information available (possibly already be fixed in 0.8), the fix in chromium was to disable speechd by default
-CVE-2014-1723 (The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in ...)
+CVE-2014-1723
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1722 (Use-after-free vulnerability in the ...)
+CVE-2014-1722
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1721 (Google V8, as used in Google Chrome before 34.0.1847.116, does not ...)
+CVE-2014-1721
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1720 (Use-after-free vulnerability in the HTMLBodyElement::insertedInto ...)
+CVE-2014-1720
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1719 (Use-after-free vulnerability in the ...)
+CVE-2014-1719
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1718 (Integer overflow in the SoftwareFrameManager::SwapToNewFrame function ...)
+CVE-2014-1718
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1717 (Google V8, as used in Google Chrome before 34.0.1847.116, does not ...)
+CVE-2014-1717
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21708,7 +21708,7 @@ CVE-2014-1717 (Google V8, as used in Google Chrome before 34.0.1847.116, does no
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1716 (Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype ...)
+CVE-2014-1716
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21717,31 +21717,31 @@ CVE-2014-1716 (Cross-site scripting (XSS) vulnerability in the Runtime_SetProtot
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1715 (Directory traversal vulnerability in Google Chrome before ...)
+CVE-2014-1715
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1714 (The ScopedClipboardWriter::WritePickledData function in ...)
+CVE-2014-1714
 	- chromium-browser <not-affected> (Windows-specific)
-CVE-2014-1713 (Use-after-free vulnerability in the AttributeSetter function in ...)
+CVE-2014-1713
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2014-1712
 	RESERVED
-CVE-2014-1711 (The GPU driver in the kernel in Google Chrome OS before 33.0.1750.152 ...)
+CVE-2014-1711
 	NOT-FOR-US: Chrome OS
-CVE-2014-1710 (The AsyncPixelTransfersCompletedQuery::End function in ...)
+CVE-2014-1710
 	NOT-FOR-US: Chrome OS
 CVE-2014-1709
 	RESERVED
-CVE-2014-1708 (The boot implementation in Google Chrome OS before 33.0.1750.152 does ...)
+CVE-2014-1708
 	NOT-FOR-US: Chrome OS
-CVE-2014-1707 (Directory traversal vulnerability in CrosDisks in Google Chrome OS ...)
+CVE-2014-1707
 	NOT-FOR-US: Chrome OS
-CVE-2014-1706 (crosh in Google Chrome OS before 33.0.1750.152 allows attackers to ...)
+CVE-2014-1706
 	NOT-FOR-US: Chrome OS
-CVE-2014-1705 (Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and ...)
+CVE-2014-1705
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21750,7 +21750,7 @@ CVE-2014-1705 (Google V8, as used in Google Chrome before 33.0.1750.152 on OS X
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1704 (Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, ...)
+CVE-2014-1704
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21759,54 +21759,54 @@ CVE-2014-1704 (Multiple unspecified vulnerabilities in Google V8 before 3.23.17.
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1703 (Use-after-free vulnerability in the ...)
+CVE-2014-1703
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1702 (Use-after-free vulnerability in the ...)
+CVE-2014-1702
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1701 (The GenerateFunction function in bindings/scripts/code_generator_v8.pm ...)
+CVE-2014-1701
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1700 (Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in ...)
+CVE-2014-1700
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1699 (Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote ...)
+CVE-2014-1699
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2014-1698 (Directory traversal vulnerability in Siemens SIMATIC WinCC OA before ...)
+CVE-2014-1698
 	NOT-FOR-US: Siemens SIMATIC WinCC OA
-CVE-2014-1697 (The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 ...)
+CVE-2014-1697
 	NOT-FOR-US: Siemens SIMATIC WinCC OA
-CVE-2014-1696 (Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash ...)
+CVE-2014-1696
 	NOT-FOR-US: Siemens SIMATIC WinCC OA
-CVE-2014-1695 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
+CVE-2014-1695
 	{DLA-1119-1}
 	- otrs2 3.3.5-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-03-xss-issue/
-CVE-2014-1750 (Open redirect vulnerability in nokia-mapsplaces.php in the Nokia Maps ...)
+CVE-2014-1750
 	NOT-FOR-US: WordPress plugin nokia-mapsplaces
-CVE-2014-1694 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) ...)
+CVE-2014-1694
 	{DSA-2867-1}
 	- otrs2 3.3.4-1 (low)
 	NOTE: https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface/
-CVE-2014-1693 (Multiple CRLF injection vulnerabilities in the FTP module in ...)
+CVE-2014-1693
 	- erlang 1:16.b.3.1-dfsg-3 (low; bug #738132)
 	[squeeze] - erlang <no-dsa> (Minor issue)
 	[wheezy] - erlang 1:15.b.1-dfsg-4+deb7u1
-CVE-2014-1692 (The hash_buffer function in schnorr.c in OpenSSH through 6.4, when ...)
+CVE-2014-1692
 	- openssh <not-affected> (J-PAKE not activated)
-CVE-2014-1691 (The framework/Util/lib/Horde/Variables.php script in the Util library ...)
+CVE-2014-1691
 	{DSA-2853-1}
 	- horde3 <removed> (medium; bug #737149)
 	- php-horde-util 2.3.0-1
 	NOTE: https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3
 	NOTE: https://github.com/horde/horde/commit/acf67ab4a633037849aca9e4a7592465b999ad93 is also required
-CVE-2014-1690 (The help function in net/netfilter/nf_nat_irc.c in the Linux kernel ...)
+CVE-2014-1690
 	- linux 3.12.8-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
@@ -21817,33 +21817,33 @@ CVE-2014-1688
 	RESERVED
 CVE-2014-1687
 	RESERVED
-CVE-2014-1686 (MediaWiki 1.18.0 allows remote attackers to obtain the installation ...)
+CVE-2014-1686
 	- mediawiki <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/Mar/102
 	NOTE: path disclosure not an issue
-CVE-2014-1685 (The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and ...)
+CVE-2014-1685
 	- zabbix 1:2.2.2+dfsg-1
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-1684 (The ASF_ReadObject_file_properties function in ...)
+CVE-2014-1684
 	- vlc 2.1.4-1 (unimportant; bug #743033)
 	NOTE: Crash in enduser application, no security impact
-CVE-2014-1683 (The bashMail function in ...)
+CVE-2014-1683
 	NOT-FOR-US: SkyBlueCanvas CMS
-CVE-2014-1682 (The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x ...)
+CVE-2014-1682
 	- zabbix 1:2.2.2+dfsg-1 (bug #737818)
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://support.zabbix.com/browse/ZBX-7703
-CVE-2014-1681 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2014-1681
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1680 (Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 ...)
+CVE-2014-1680
 	NOT-FOR-US: Bandisoft Bandizip
-CVE-2014-1679 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
+CVE-2014-1679
 	NOT-FOR-US: Open-Xchange
 CVE-2014-1678
 	RESERVED
-CVE-2014-1677 (Technicolor TC7200 with firmware STD6.01.12 could allow remote ...)
+CVE-2014-1677
 	NOT-FOR-US: Technicolor TC7200
 	NOTE: https://www.exploit-db.com/exploits/31894/
 CVE-2014-1676
@@ -21852,13 +21852,13 @@ CVE-2014-1675
 	RESERVED
 CVE-2014-1674
 	RESERVED
-CVE-2014-1673 (Check Point Session Authentication Agent allows remote attackers to ...)
+CVE-2014-1673
 	NOT-FOR-US: Check Point Session Authentication Agent
-CVE-2014-1672 (Check Point R75.47 Security Gateway and Management Server does not ...)
+CVE-2014-1672
 	NOT-FOR-US: Check Point R75.47 Security Gateway and Management Server
-CVE-2014-1671 (Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 ...)
+CVE-2014-1671
 	NOT-FOR-US: Dell KACE K1000
-CVE-2014-1670 (The Microsoft Bing application before 4.2.1 for Android allows remote ...)
+CVE-2014-1670
 	NOT-FOR-US: Microsoft Bing application
 CVE-2014-1669
 	RESERVED
@@ -21866,9 +21866,9 @@ CVE-2014-1668
 	RESERVED
 CVE-2014-1667
 	RESERVED
-CVE-2014-1665 (Cross-site scripting (XSS) vulnerability in ownCloud before 6.0.1 ...)
+CVE-2014-1665
 	- owncloud <removed>
-CVE-2014-1663 (Unspecified vulnerability in Citrix XenMobile Device Manager server ...)
+CVE-2014-1663
 	NOT-FOR-US: Citrix XenMobile Device Manager server
 CVE-2014-1662
 	REJECTED
@@ -21890,47 +21890,47 @@ CVE-2014-1654
 	REJECTED
 CVE-2014-1653
 	REJECTED
-CVE-2014-1652 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2014-1652
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2014-1651 (SQL injection vulnerability in clientreport.php in the management ...)
+CVE-2014-1651
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2014-1650 (SQL injection vulnerability in user.php in the management console in ...)
+CVE-2014-1650
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2014-1649 (The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 ...)
+CVE-2014-1649
 	NOT-FOR-US: Symantec Workspace Streaming
-CVE-2014-1648 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-1648
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2014-1647 (Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop ...)
+CVE-2014-1647
 	NOT-FOR-US: Symantec
-CVE-2014-1646 (Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop ...)
+CVE-2014-1646
 	NOT-FOR-US: Symantec
-CVE-2014-1645 (SQL injection vulnerability in forcepasswd.do in the management GUI in ...)
+CVE-2014-1645
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2014-1644 (The forgotten-password feature in forcepasswd.do in the management GUI ...)
+CVE-2014-1644
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2014-1643 (The Web Email Protection component in Symantec Encryption Management ...)
+CVE-2014-1643
 	NOT-FOR-US: Symantec PGP Universal Web Messenger
-CVE-2014-1666 (The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, ...)
+CVE-2014-1666
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2014-1664 (The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP ...)
+CVE-2014-1664
 	NOT-FOR-US: GoToMeeting in Android
 CVE-2014-1641
 	RESERVED
-CVE-2014-1637 (Command School Student Management System 1.06.01 does not properly ...)
+CVE-2014-1637
 	NOT-FOR-US: Command School Student Management System
-CVE-2014-1636 (Multiple SQL injection vulnerabilities in Command School Student ...)
+CVE-2014-1636
 	NOT-FOR-US: Command School Student Management System
-CVE-2014-1635 (Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with ...)
+CVE-2014-1635
 	NOT-FOR-US: Belkin router
 CVE-2014-1634
 	RESERVED
 CVE-2014-1633
 	RESERVED
-CVE-2014-1632 (htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers ...)
+CVE-2014-1632
 	NOT-FOR-US: Eventum
-CVE-2014-1631 (Eventum before 2.3.5 allows remote attackers to reinstall the ...)
+CVE-2014-1631
 	NOT-FOR-US: Eventum
 CVE-2014-1630
 	RESERVED
@@ -21948,45 +21948,45 @@ CVE-2014-1622
 	RESERVED
 CVE-2014-1621
 	RESERVED
-CVE-2014-1620 (Multiple cross-site scripting (XSS) vulnerabilities in add.php in HIOX ...)
+CVE-2014-1620
 	NOT-FOR-US: HIOX Guest Book
-CVE-2014-1619 (Multiple SQL injection vulnerabilities in Cubic CMS 5.1.1, 5.1.2, and ...)
+CVE-2014-1619
 	NOT-FOR-US: Cubic CMS
-CVE-2014-1618 (Multiple SQL injection vulnerabilities in UAEPD Shopping Cart Script ...)
+CVE-2014-1618
 	NOT-FOR-US: UAEPD Shopping Cart Script
 CVE-2014-1617
 	RESERVED
 CVE-2014-1616
 	RESERVED
-CVE-2014-1615 (Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon ...)
+CVE-2014-1615
 	NOT-FOR-US: Carbon Black
 CVE-2014-1614
 	RESERVED
-CVE-2014-1613 (Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP ...)
+CVE-2014-1613
 	- dotclear 2.6.2+dfsg-1
-CVE-2014-1612 (Cross-site scripting (XSS) vulnerability in login.esp in the Web ...)
+CVE-2014-1612
 	NOT-FOR-US: Mediatrix
-CVE-2014-1610 (MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x ...)
+CVE-2014-1610
 	{DSA-2891-1}
 	- mediawiki 1:1.19.11+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
-CVE-2014-1609 (Multiple SQL injection vulnerabilities in MantisBT before 1.2.16 allow ...)
+CVE-2014-1609
 	{DSA-3030-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/7efe0175f0853e18ebfacedfd2374c4179028b3f
-CVE-2014-1608 (SQL injection vulnerability in the mci_file_get function in ...)
+CVE-2014-1608
 	{DSA-3030-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/00b4c17088fa56594d85fe46b6c6057bb3421102
-CVE-2014-1607 (** DISPUTED ** Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2014-1607
 	NOT-FOR-US: Drupal EventCalendar
 CVE-2014-1606
 	RESERVED
 CVE-2014-1605
 	RESERVED
-CVE-2014-1603 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS ...)
+CVE-2014-1603
 	NOT-FOR-US: GetSimple CMS
 CVE-2014-1602
 	RESERVED
@@ -21994,96 +21994,96 @@ CVE-2014-1601
 	RESERVED
 CVE-2014-1600
 	RESERVED
-CVE-2014-1599 (Multiple cross-site scripting (XSS) vulnerabilities in the SFR Box ...)
+CVE-2014-1599
 	NOT-FOR-US: SFR Box router
 CVE-2014-1598
 	RESERVED
-CVE-2014-1597 (SQL injection vulnerability in the CMDB web application in synetics ...)
+CVE-2014-1597
 	NOT-FOR-US: i-doit
 CVE-2014-1596
 	REJECTED
-CVE-2014-1595 (Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and ...)
+CVE-2014-1595
 	- iceweasel <not-affected> (Specific to MacOS X)
 	- icedove <not-affected> (Specific to MacOS X)
-CVE-2014-1594 (Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird ...)
+CVE-2014-1594
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1593 (Stack-based buffer overflow in the mozilla::FileBlockCache::Read ...)
+CVE-2014-1593
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1592 (Use-after-free vulnerability in the nsHtml5TreeOperation function in ...)
+CVE-2014-1592
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1591 (Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in ...)
+CVE-2014-1591
 	- iceweasel <not-affected> (Only affects Firefox 33)
 	- icedove <not-affected> (Only affects Firefox 33)
-CVE-2014-1590 (The XMLHttpRequest.prototype.send method in Mozilla Firefox before ...)
+CVE-2014-1590
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1589 (Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide ...)
+CVE-2014-1589
 	- iceweasel <not-affected> (Only affects Firefox 33)
 	- icedove <not-affected> (Only affects Firefox 33)
-CVE-2014-1588 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1588
 	- iceweasel <not-affected> (Only affects Firefox 33)
 	- icedove <not-affected> (Only affects Firefox 33)
-CVE-2014-1587 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1587
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1586 (content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, ...)
+CVE-2014-1586
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1585 (The WebRTC video-sharing feature in dom/media/MediaManager.cpp in ...)
+CVE-2014-1585
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1584 (The Public Key Pinning (PKP) implementation in Mozilla Firefox before ...)
+CVE-2014-1584
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1583 (The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x ...)
+CVE-2014-1583
 	{DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
-CVE-2014-1582 (The Public Key Pinning (PKP) implementation in Mozilla Firefox before ...)
+CVE-2014-1582
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1581 (Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla ...)
+CVE-2014-1581
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1580 (Mozilla Firefox before 33.0 does not properly initialize memory for ...)
+CVE-2014-1580
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 CVE-2014-1579
 	REJECTED
-CVE-2014-1578 (The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x ...)
+CVE-2014-1578
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
@@ -22094,50 +22094,50 @@ CVE-2014-1578 (The get_tile function in Mozilla Firefox before 33.0, Firefox ESR
 	[squeeze] - libvpx <not-affected> (vp9 codec not yet present)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-77.html
 	NOTE: https://hg.mozilla.org/releases/mozilla-esr31/rev/6023f0b4f8ba
-CVE-2014-1577 (The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the ...)
+CVE-2014-1577
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1576 (Heap-based buffer overflow in the nsTransformedTextRun function in ...)
+CVE-2014-1576
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1575 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1575
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1574 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1574
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1573 (Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before ...)
+CVE-2014-1573
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1075578
-CVE-2014-1572 (The confirm_create_account function in the account-creation feature in ...)
+CVE-2014-1572
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1074812
-CVE-2014-1571 (Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before ...)
+CVE-2014-1571
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1064140
 CVE-2014-1570
 	RESERVED
-CVE-2014-1569 (The definite_length_decoder function in lib/util/quickder.c in Mozilla ...)
+CVE-2014-1569
 	{DSA-3186-1 DLA-154-1}
 	- nss 2:3.17.2-1.1 (bug #773625)
-CVE-2014-1568 (Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before ...)
+CVE-2014-1568
 	{DSA-3037-1 DSA-3034-1 DSA-3033-1 DLA-62-1}
 	- nss 2:3.17.1-1
 	- iceweasel <not-affected> (uses system nss)
@@ -22146,47 +22146,47 @@ CVE-2014-1568 (Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x b
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
 	NOTE: http://www.intelsecurity.com/advanced-threat-research/#
-CVE-2014-1567 (Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla ...)
+CVE-2014-1567
 	{DSA-3028-1 DSA-3018-1}
 	- iceweasel 31.1.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1566 (Mozilla Firefox before 31.1 on Android does not properly restrict ...)
+CVE-2014-1566
 	- iceweasel <not-affected> (Specific to Android)
-CVE-2014-1565 (The mozilla::dom::AudioEventTimeline function in the Web Audio API ...)
+CVE-2014-1565
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1564 (Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and ...)
+CVE-2014-1564
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1563 (Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff ...)
+CVE-2014-1563
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1562 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+CVE-2014-1562
 	{DSA-3028-1 DSA-3018-1}
 	- iceweasel 31.1.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1561 (Mozilla Firefox before 31.0 does not properly restrict use of ...)
+CVE-2014-1561
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
-CVE-2014-1560 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote ...)
+CVE-2014-1560
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22194,7 +22194,7 @@ CVE-2014-1560 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow rem
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
-CVE-2014-1559 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote ...)
+CVE-2014-1559
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22202,7 +22202,7 @@ CVE-2014-1559 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow rem
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
-CVE-2014-1558 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote ...)
+CVE-2014-1558
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22210,42 +22210,42 @@ CVE-2014-1558 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow rem
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
-CVE-2014-1557 (The ConvolveHorizontally function in Skia, as used in Mozilla Firefox ...)
+CVE-2014-1557
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-64.html
-CVE-2014-1556 (Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and ...)
+CVE-2014-1556
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
-CVE-2014-1555 (Use-after-free vulnerability in the nsDocLoader::OnProgress function ...)
+CVE-2014-1555
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-61.html
-CVE-2014-1554 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1554
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1553 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1553
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1552 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not ...)
+CVE-2014-1552
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22253,11 +22253,11 @@ CVE-2014-1552 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not ..
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
-CVE-2014-1551 (Use-after-free vulnerability in the FontTableRec destructor in Mozilla ...)
+CVE-2014-1551
 	- iceweasel <not-affected> (Affects only Windows platform)
 	- icedove <not-affected> (Affects only Windows platform)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
-CVE-2014-1550 (Use-after-free vulnerability in the MediaInputPort class in Mozilla ...)
+CVE-2014-1550
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
@@ -22265,7 +22265,7 @@ CVE-2014-1550 (Use-after-free vulnerability in the MediaInputPort class in Mozil
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
-CVE-2014-1549 (The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer ...)
+CVE-2014-1549
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
@@ -22273,23 +22273,23 @@ CVE-2014-1549 (The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffe
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
-CVE-2014-1548 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1548
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
-CVE-2014-1547 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1547
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-56.html
-CVE-2014-1546 (The response function in the JSONP endpoint in ...)
+CVE-2014-1546
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: bugzilla part for Adobe Flash's CVE-2014-4671.
-CVE-2014-1545 (Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote ...)
+CVE-2014-1545
 	{DSA-2962-1 DSA-2960-1 DSA-2955-1 DLA-32-1}
 	- nspr 2:4.10.6-1
 	- iceweasel 30.0-1
@@ -22298,7 +22298,7 @@ CVE-2014-1545 (Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows rem
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - nspr 4.8.6-1+squeeze2
 	NOTE: Only the Wheezy builds use the bundled nspr
-CVE-2014-1544 (Use-after-free vulnerability in the CERT_DestroyCertificate function ...)
+CVE-2014-1544
 	{DSA-3071-1 DSA-2996-1 DSA-2986-1 DLA-89-1}
 	- nss 2:3.16.3-1
 	- iceweasel 31.0-1
@@ -22307,46 +22307,46 @@ CVE-2014-1544 (Use-after-free vulnerability in the CERT_DestroyCertificate funct
 	[squeeze] - icedove <end-of-life>
 	NOTE: patch: https://hg.mozilla.org/projects/nss/rev/204f22c527f8
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-63.html
-CVE-2014-1543 (Multiple heap-based buffer overflows in the navigator.getGamepads ...)
+CVE-2014-1543
 	- iceweasel <not-affected> (Only affects Windows 8)
 	- icedove <not-affected> (Only affects Windows 8)
-CVE-2014-1542 (Buffer overflow in the Speex resampler in the Web Audio subsystem in ...)
+CVE-2014-1542
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1541 (Use-after-free vulnerability in the RefreshDriverTimer::TickDriver ...)
+CVE-2014-1541
 	{DSA-2960-1 DSA-2955-1}
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1540 (Use-after-free vulnerability in the ...)
+CVE-2014-1540
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1539 (Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do ...)
+CVE-2014-1539
 	- iceweasel <not-affected> (Only affects Mac OS X)
 	- icedove <not-affected> (Only affects Mac OS X)
-CVE-2014-1538 (Use-after-free vulnerability in the nsTextEditRules::CreateMozBR ...)
+CVE-2014-1538
 	{DSA-2960-1 DSA-2955-1}
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1537 (Use-after-free vulnerability in the ...)
+CVE-2014-1537
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1536 (The PropertyProvider::FindJustificationRange function in Mozilla ...)
+CVE-2014-1536
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
@@ -22355,190 +22355,190 @@ CVE-2014-1536 (The PropertyProvider::FindJustificationRange function in Mozilla
 	[squeeze] - icedove <end-of-life>
 CVE-2014-1535
 	RESERVED
-CVE-2014-1534 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1534
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1533 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1533
 	{DSA-2960-1 DSA-2955-1}
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1532 (Use-after-free vulnerability in the ...)
+CVE-2014-1532
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1531 (Use-after-free vulnerability in the ...)
+CVE-2014-1531
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1530 (The docshell implementation in Mozilla Firefox before 29.0, Firefox ...)
+CVE-2014-1530
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1529 (The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR ...)
+CVE-2014-1529
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1528 (The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo ...)
+CVE-2014-1528
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2014-1527 (Mozilla Firefox before 29.0 on Android allows remote attackers to ...)
+CVE-2014-1527
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	- icedove <not-affected> (Only affects Firefox on Android)
-CVE-2014-1526 (The XrayWrapper implementation in Mozilla Firefox before 29.0 and ...)
+CVE-2014-1526
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1525 (The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before ...)
+CVE-2014-1525
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1524 (The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox ...)
+CVE-2014-1524
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1523 (Heap-based buffer overflow in the read_u32 function in Mozilla Firefox ...)
+CVE-2014-1523
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1522 (The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the ...)
+CVE-2014-1522
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
 CVE-2014-1521
 	REJECTED
-CVE-2014-1520 (maintenservice_installer.exe in the Maintenance Service Installer in ...)
+CVE-2014-1520
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2014-1519 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1519
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1518 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1518
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1517 (The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x ...)
+CVE-2014-1517
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2014-1516 (The saltProfileName function in base/GeckoProfileDirectories.java in ...)
+CVE-2014-1516
 	- iceweasel <not-affected> (Android-specific)
-CVE-2014-1515 (Mozilla Firefox before 28.0.1 on Android processes a file: URL by ...)
+CVE-2014-1515
 	- iceweasel <not-affected> (Android-specific)
-CVE-2014-1514 (vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR ...)
+CVE-2014-1514
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1513 (TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x ...)
+CVE-2014-1513
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1512 (Use-after-free vulnerability in the TypeObject class in the JavaScript ...)
+CVE-2014-1512
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1511 (Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird ...)
+CVE-2014-1511
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1510 (The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR ...)
+CVE-2014-1510
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1509 (Buffer overflow in the _cairo_truetype_index_to_ucs4 function in ...)
+CVE-2014-1509
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1508 (The libxul.so!gfxContext::Polygon function in Mozilla Firefox before ...)
+CVE-2014-1508
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1507 (Directory traversal vulnerability in the DeviceStorage API in Mozilla ...)
+CVE-2014-1507
 	NOT-FOR-US: Firefox OS
-CVE-2014-1506 (Directory traversal vulnerability in Android Crash Reporter in Mozilla ...)
+CVE-2014-1506
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
-CVE-2014-1505 (The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ...)
+CVE-2014-1505
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1504 (The session-restore feature in Mozilla Firefox before 28.0 and ...)
+CVE-2014-1504
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
 CVE-2014-1503
 	RESERVED
-CVE-2014-1502 (The (1) WebGL.compressedTexImage2D and (2) ...)
+CVE-2014-1502
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1501 (Mozilla Firefox before 28.0 on Android allows remote attackers to ...)
+CVE-2014-1501
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
-CVE-2014-1500 (Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote ...)
+CVE-2014-1500
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1499 (Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote ...)
+CVE-2014-1499
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1498 (The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 ...)
+CVE-2014-1498
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1497 (The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox ...)
+CVE-2014-1497
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1496 (Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird ...)
+CVE-2014-1496
 	- iceweasel <not-affected> (Online update not used in Debian)
 	- icedove <not-affected> (Online update not used in Debian)
 CVE-2014-1495
 	RESERVED
-CVE-2014-1494 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1494
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1493 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1493
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1492 (The cert_TestHostName function in lib/certdb/certdb.c in the ...)
+CVE-2014-1492
 	{DSA-2994-1 DLA-23-1}
 	- nss 2:3.16-1
 	[squeeze] - nss 3.12.8-1+squeeze8
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1491 (Mozilla Network Security Services (NSS) before 3.15.4, as used in ...)
+CVE-2014-1491
 	{DSA-2994-1 DSA-2858-1 DLA-23-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
@@ -22546,7 +22546,7 @@ CVE-2014-1491 (Mozilla Network Security Services (NSS) before 3.15.4, as used in
 	[squeeze] - nss 3.12.8-1+squeeze8
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1490 (Race condition in libssl in Mozilla Network Security Services (NSS) ...)
+CVE-2014-1490
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
@@ -22556,115 +22556,115 @@ CVE-2014-1490 (Race condition in libssl in Mozilla Network Security Services (NS
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: session tickets must be enabled by the client (mainly browsers)
-CVE-2014-1489 (Mozilla Firefox before 27.0 does not properly restrict access to ...)
+CVE-2014-1489
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1488 (The Web workers implementation in Mozilla Firefox before 27.0 and ...)
+CVE-2014-1488
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1487 (The Web workers implementation in Mozilla Firefox before 27.0, Firefox ...)
+CVE-2014-1487
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1486 (Use-after-free vulnerability in the imgRequestProxy function in ...)
+CVE-2014-1486
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1485 (The Content Security Policy (CSP) implementation in Mozilla Firefox ...)
+CVE-2014-1485
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1484 (Mozilla Firefox before 27.0 on Android 4.2 and earlier creates ...)
+CVE-2014-1484
 	- iceweasel <not-affected> (Only affects Firefox for Android)
 	- icedove <not-affected> (Only affects Firefox for Android)
-CVE-2014-1483 (Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote ...)
+CVE-2014-1483
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1482 (RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x ...)
+CVE-2014-1482
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1481 (Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird ...)
+CVE-2014-1481
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1480 (The file-download implementation in Mozilla Firefox before 27.0 and ...)
+CVE-2014-1480
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1479 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
+CVE-2014-1479
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1478 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1478
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1477 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2014-1477
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1474 (Algorithmic complexity vulnerability in Email::Address::List before ...)
+CVE-2014-1474
 	- libemail-address-list-perl 0.03-1
 	NOTE: http://lists.bestpractical.com/pipermail/rt-announce/2014-January/000245.html
-CVE-2014-1642 (The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough ...)
+CVE-2014-1642
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/01/23/2
-CVE-2014-1640 (axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe ...)
+CVE-2014-1640
 	- axiom 20120501-17 (low; bug #736358)
 	[squeeze] - axiom <no-dsa> (Minor issue)
 	[wheezy] - axiom <no-dsa> (Minor issue)
-CVE-2014-1639 (syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses ...)
+CVE-2014-1639
 	- syncevolution 1.3.99.7-1 (unimportant; bug #736357)
 	NOTE: Only exploitable during build time
-CVE-2014-1638 ((1) debian/postrm and (2) debian/localepurge.config in localepurge ...)
+CVE-2014-1638
 	- localepurge 0.7.3.2 (bug #736359)
 	[squeeze] - localepurge 0.6.2+nmu1+squeeze1
 	[wheezy] - localepurge 0.6.3+deb7u1
-CVE-2014-1626 (XML External Entity (XXE) vulnerability in MARC::File::XML module ...)
+CVE-2014-1626
 	- libmarc-xml-perl 1.0.2-1 (bug #736275)
 	[wheezy] - libmarc-xml-perl <no-dsa> (Too intrusive to backport)
 	[squeeze] - libmarc-xml-perl <no-dsa> (Too intrusive to backport)
 	NOTE: http://sourceforge.net/p/marcpm/code/ci/cf2d36597a56eeeffd53b38182b8557c7bf569ac/
 	NOTE: older versions do not have the ability to set a user custom parser, trying to fix CVE-2014-1626 not clear yet
 	NOTE: upstream developer contacted and is looking into it; backport fix might be to intrusive due to change in used Module
-CVE-2014-1624 (Race condition in the xdg.BaseDirectory.get_runtime_dir function in ...)
+CVE-2014-1624
 	- pyxdg 0.25-4 (low; bug #736247)
 	[squeeze] - pyxdg <not-affected> (get_runtime_dir introduced in later version)
 	[wheezy] - pyxdg <not-affected> (get_runtime_dir introduced in later version)
-CVE-2014-1611 (Cross-site scripting (XSS) vulnerability in the Anonymous Posting ...)
+CVE-2014-1611
 	NOT-FOR-US: Drupal contrib
-CVE-2014-1604 (The parser cache functionality in parsergenerator.py in RPLY (aka ...)
+CVE-2014-1604
 	- python-rply 0.7.1-1
 	NOTE: https://github.com/alex/rply/commit/fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7cand
-CVE-2014-1473 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2014-1473
 	NOT-FOR-US: McAfee Vulnerability Manager
-CVE-2014-1472 (Multiple cross-site scripting (XSS) vulnerabilities in the Enterprise ...)
+CVE-2014-1472
 	NOT-FOR-US: McAfee Vulnerability Manager
-CVE-2014-1471 (SQL injection vulnerability in the StateGetStatesByType function in ...)
+CVE-2014-1471
 	{DSA-2867-1}
 	- otrs2 3.3.4-1 (low)
 	NOTE: https://www.otrs.com/security-advisory-2014-02-sql-injection-issue/
 CVE-2014-1470
 	REJECTED
-CVE-2014-1469 (BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise ...)
+CVE-2014-1469
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2014-1468
 	RESERVED
-CVE-2014-1467 (BlackBerry Enterprise Service 10 before 10.2.1, Universal Device ...)
+CVE-2014-1467
 	NOT-FOR-US: IBM Domino
-CVE-2014-1466 (SQL injection vulnerability in CSP MySQL User Manager 2.3 allows ...)
+CVE-2014-1466
 	NOT-FOR-US: CSP MySQL User Manager
 CVE-2014-1465
 	RESERVED
@@ -22678,19 +22678,19 @@ CVE-2014-1461
 	RESERVED
 CVE-2014-1460
 	RESERVED
-CVE-2014-1459 (SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 ...)
+CVE-2014-1459
 	NOT-FOR-US: doorGets CMS
-CVE-2014-1458 (Cross-site scripting (XSS) vulnerability in the web administration ...)
+CVE-2014-1458
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-1457 (Open Web Analytics (OWA) before 1.5.6 improperly generates random ...)
+CVE-2014-1457
 	NOT-FOR-US: Open Web Analytics
-CVE-2014-1456 (Cross-site scripting (XSS) vulnerability in the login page in Open Web ...)
+CVE-2014-1456
 	NOT-FOR-US: Open Web Analytics
-CVE-2014-1455 (SQL injection vulnerability in the password reset functionality in ...)
+CVE-2014-1455
 	NOT-FOR-US: Pearson eSIS Enterprise Student Information System
 CVE-2014-1454
 	RESERVED
-CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not ...)
+CVE-2014-1453
 	{DSA-2952-1}
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
@@ -22698,23 +22698,23 @@ CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not .
 	- kfreebsd-9 <removed> (bug #743984)
 	- kfreebsd-10 10.0-4
 	NOTE: kfreebsd-8 might be affected but NFS implementation isn't the one used there by default
-CVE-2014-1452 (Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in ...)
+CVE-2014-1452
 	NOT-FOR-US: bsnmpd
 CVE-2014-1451
 	RESERVED
 CVE-2014-1450
 	RESERVED
-CVE-2014-1449 (The Maxthon Cloud Browser application before 4.1.6.2000 for Android ...)
+CVE-2014-1449
 	NOT-FOR-US: Maxthon Cloud Browser application for Android
-CVE-2014-1443 (Core FTP Server 1.2 before build 515 allows remote authenticated users ...)
+CVE-2014-1443
 	NOT-FOR-US: Core FTP Server
-CVE-2014-1442 (Directory traversal vulnerability in Core FTP Server 1.2 before build ...)
+CVE-2014-1442
 	NOT-FOR-US: Core FTP Server
-CVE-2014-1441 (Core FTP Server 1.2 before build 515 allows remote attackers to cause ...)
+CVE-2014-1441
 	NOT-FOR-US: Core FTP Server
 CVE-2014-1440
 	RESERVED
-CVE-2014-1439 (The libxml_disable_entity_loader function in ...)
+CVE-2014-1439
 	NOT-FOR-US: HipHop Virtual Machine for PHP
 CVE-2014-1437
 	REJECTED
@@ -22740,10 +22740,10 @@ CVE-2014-1427
 	RESERVED
 CVE-2014-1426
 	RESERVED
-CVE-2014-1425 (cmanager 0.32 does not properly enforce nesting when modifying cgroup ...)
+CVE-2014-1425
 	- cgmanager 0.33-3
 	[jessie] - cgmanager 0.33-2+deb8u1
-CVE-2014-1424 (apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 ...)
+CVE-2014-1424
 	- apparmor <not-affected> (Vulnerable code only in Ubuntu-specific backport of patch)
 	NOTE: Caused by a patch that was added to the Ubuntu packaging before
 	NOTE: it was taken upstream. The one that was merged upstream (and part
@@ -22754,16 +22754,16 @@ CVE-2014-1423
 	RESERVED
 CVE-2014-1422
 	RESERVED
-CVE-2014-1421 (mountall 1.54, as used in Ubuntu 14.10, does not properly handle the ...)
+CVE-2014-1421
 	- mountall <not-affected> (partman-efi in jessie uses secure umask, mount in older releases not affected)
 	NOTE: See https://bugs.launchpad.net/ubuntu/+source/partman-efi/+bug/1390183
 	NOTE: and http://www.ubuntu.com/usn/usn-2411-1
 CVE-2014-1420
 	RESERVED
-CVE-2014-1419 (Race condition in the power policy functions in policy-funcs in ...)
+CVE-2014-1419
 	{DSA-2984-1 DLA-30-1}
 	- acpi-support 0.142-2
-CVE-2014-1418 (Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 ...)
+CVE-2014-1418
 	{DSA-2934-1}
 	- python-django 1.6.5-1
 	NOTE: https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/
@@ -22783,33 +22783,33 @@ CVE-2014-1411
 	RESERVED
 CVE-2014-1410
 	RESERVED
-CVE-2014-1476 (The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an ...)
+CVE-2014-1476
 	{DSA-2847-1}
 	- drupal6 <not-affected> (Only occurs on Drupal 7 sites which upgraded from Drupal 6 or earlier)
 	- drupal7 7.26-1
-CVE-2014-1475 (The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows ...)
+CVE-2014-1475
 	{DSA-2851-1 DSA-2847-1}
 	- drupal6 <removed>
 	- drupal7 7.26-1
-CVE-2014-1446 (The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux ...)
+CVE-2014-1446
 	{DSA-2906-1}
 	- linux 3.12.8-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.54-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e3fbf870481eb53b2d3a322d1fc395ad8b367ed
-CVE-2014-1445 (The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux ...)
+CVE-2014-1445
 	{DSA-2906-1}
 	- linux 3.12.6-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b13d06c9584b4eb773f1e80bbaedab9a1c344e1
-CVE-2014-1444 (The fst_get_iface function in drivers/net/wan/farsync.c in the Linux ...)
+CVE-2014-1444
 	{DSA-2906-1}
 	- linux 3.12.6-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=96b340406724d87e4621284ebac5e059d67b2194
-CVE-2014-1438 (The restore_fpu_checking function in ...)
+CVE-2014-1438
 	{DLA-0007-1}
 	- linux 3.12.8-1 (bug #733551)
 	- linux-2.6 <removed>
@@ -22819,7 +22819,7 @@ CVE-2014-1438 (The restore_fpu_checking function in ...)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=26bef1318adc1b3a530ecc807ef99346db2aa8b0
 CVE-2014-1448
 	REJECTED
-CVE-2014-1447 (Race condition in the virNetServerClientStartKeepAlive function in ...)
+CVE-2014-1447
 	{DSA-2846-1}
 	- libvirt 1.2.1-1 (bug #735676)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
@@ -22830,7 +22830,7 @@ CVE-2014-1409
 	RESERVED
 CVE-2014-1404
 	RESERVED
-CVE-2014-1403 (Cross-site scripting (XSS) vulnerability in name.html in easyXDM ...)
+CVE-2014-1403
 	NOT-FOR-US: easyXDM
 CVE-2014-1397
 	RESERVED
@@ -22844,306 +22844,306 @@ CVE-2014-1393
 	RESERVED
 CVE-2014-1392
 	RESERVED
-CVE-2014-1391 (QT Media Foundation in Apple OS X before 10.9.5 allows remote ...)
+CVE-2014-1391
 	NOT-FOR-US: Apple Quicktime
-CVE-2014-1390 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, ...)
+CVE-2014-1390
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1389 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, ...)
+CVE-2014-1389
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1388 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, ...)
+CVE-2014-1388
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1387 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, ...)
+CVE-2014-1387
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1386 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, ...)
+CVE-2014-1386
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1385 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, ...)
+CVE-2014-1385
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1384 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, ...)
+CVE-2014-1384
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1383 (Apple TV before 6.1.2 allows remote authenticated users to bypass an ...)
+CVE-2014-1383
 	NOT-FOR-US: Apple TV
-CVE-2014-1382 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1382
 	NOT-FOR-US: WebKit
-CVE-2014-1381 (Thunderbolt in Apple OS X before 10.9.4 does not properly restrict ...)
+CVE-2014-1381
 	NOT-FOR-US: Apple OS X Thunderbolt
-CVE-2014-1380 (The Security - Keychain component in Apple OS X before 10.9.4 does not ...)
+CVE-2014-1380
 	NOT-FOR-US: Apple OS X
-CVE-2014-1379 (Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain ...)
+CVE-2014-1379
 	NOT-FOR-US: Apple OS X
-CVE-2014-1378 (IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to ...)
+CVE-2014-1378
 	NOT-FOR-US: Apple OS X
-CVE-2014-1377 (Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 ...)
+CVE-2014-1377
 	NOT-FOR-US: Apple OS X
-CVE-2014-1376 (Intel Compute in Apple OS X before 10.9.4 does not properly restrict ...)
+CVE-2014-1376
 	NOT-FOR-US: Apple OS X Intel Compute
-CVE-2014-1375 (Intel Graphics Driver in Apple OS X before 10.9.4 allows local users ...)
+CVE-2014-1375
 	NOT-FOR-US: Apple OS X Intel Graphics Driver
 CVE-2014-1374
 	REJECTED
-CVE-2014-1373 (Intel Graphics Driver in Apple OS X before 10.9.4 does not properly ...)
+CVE-2014-1373
 	NOT-FOR-US: Apple OS X Intel Graphics Driver
-CVE-2014-1372 (Graphics Driver in Apple OS X before 10.9.4 does not properly restrict ...)
+CVE-2014-1372
 	NOT-FOR-US: Apple OS X Graphics Driver
-CVE-2014-1371 (Array index error in Dock in Apple OS X before 10.9.4 allows attackers ...)
+CVE-2014-1371
 	NOT-FOR-US: Apple OS X Dock
-CVE-2014-1370 (The byte-swapping implementation in copyfile in Apple OS X before ...)
+CVE-2014-1370
 	NOT-FOR-US: Apple
-CVE-2014-1369 (WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows ...)
+CVE-2014-1369
 	NOT-FOR-US: WebKit
-CVE-2014-1368 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1368
 	NOT-FOR-US: WebKit
-CVE-2014-1367 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1367
 	NOT-FOR-US: WebKit
-CVE-2014-1366 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1366
 	NOT-FOR-US: WebKit
-CVE-2014-1365 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1365
 	NOT-FOR-US: WebKit
-CVE-2014-1364 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1364
 	NOT-FOR-US: WebKit
-CVE-2014-1363 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1363
 	NOT-FOR-US: WebKit
-CVE-2014-1362 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1362
 	NOT-FOR-US: WebKit
-CVE-2014-1361 (Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, ...)
+CVE-2014-1361
 	NOT-FOR-US: Apple iOS
-CVE-2014-1360 (Lockdown in Apple iOS before 7.1.2 does not properly verify data from ...)
+CVE-2014-1360
 	NOT-FOR-US: Apple iOS
-CVE-2014-1359 (Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X ...)
+CVE-2014-1359
 	NOT-FOR-US: Apple iOS
-CVE-2014-1358 (Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X ...)
+CVE-2014-1358
 	NOT-FOR-US: Apple iOS
-CVE-2014-1357 (Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple ...)
+CVE-2014-1357
 	NOT-FOR-US: Apple iOS
-CVE-2014-1356 (Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple ...)
+CVE-2014-1356
 	NOT-FOR-US: Apple iOS
-CVE-2014-1355 (The IOKit implementation in the kernel in Apple iOS before 7.1.2 and ...)
+CVE-2014-1355
 	NOT-FOR-US: Apple iOS
-CVE-2014-1354 (CoreGraphics in Apple iOS before 7.1.2 does not properly restrict ...)
+CVE-2014-1354
 	NOT-FOR-US: Apple iOS
-CVE-2014-1353 (Lock Screen in Apple iOS before 7.1.2 does not properly manage the ...)
+CVE-2014-1353
 	NOT-FOR-US: Apple iOS
-CVE-2014-1352 (Lock Screen in Apple iOS before 7.1.2 does not properly enforce the ...)
+CVE-2014-1352
 	NOT-FOR-US: Apple iOS
-CVE-2014-1351 (Siri in Apple iOS before 7.1.2 allows physically proximate attackers ...)
+CVE-2014-1351
 	NOT-FOR-US: Apple iOS
-CVE-2014-1350 (Settings in Apple iOS before 7.1.2 allows physically proximate ...)
+CVE-2014-1350
 	NOT-FOR-US: Apple iOS
-CVE-2014-1349 (Use-after-free vulnerability in Safari in Apple iOS before 7.1.2 ...)
+CVE-2014-1349
 	NOT-FOR-US: Apple iOS
-CVE-2014-1348 (Mail in Apple iOS before 7.1.2 advertises the availability of data ...)
+CVE-2014-1348
 	NOT-FOR-US: Apple iOS
-CVE-2014-1347 (Apple iTunes before 11.2.1 on OS X sets world-writable permissions for ...)
+CVE-2014-1347
 	NOT-FOR-US: Apple iTunes
-CVE-2014-1346 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1346
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1345 (WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x ...)
+CVE-2014-1345
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1344 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1344
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1343 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1343
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1342 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1342
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1341 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1341
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1340 (WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, ...)
+CVE-2014-1340
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1339 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1339
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1338 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1338
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1337 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1337
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1336 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1336
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1335 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1335
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1334 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1334
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1333 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1333
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1332
 	REJECTED
-CVE-2014-1331 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1331
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1330 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1330
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1329 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1329
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1328
 	REJECTED
-CVE-2014-1327 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1327
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1326 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1326
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1325 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 ...)
+CVE-2014-1325
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1324 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1324
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1323 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, ...)
+CVE-2014-1323
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1322 (The kernel in Apple OS X through 10.9.2 places a kernel pointer into ...)
+CVE-2014-1322
 	NOT-FOR-US: Apple
-CVE-2014-1321 (Power Management in Apple OS X 10.9.x through 10.9.2 allows physically ...)
+CVE-2014-1321
 	NOT-FOR-US: Apple
-CVE-2014-1320 (IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple ...)
+CVE-2014-1320
 	NOT-FOR-US: Apple
-CVE-2014-1319 (Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows ...)
+CVE-2014-1319
 	NOT-FOR-US: Apple
-CVE-2014-1318 (The Intel Graphics Driver in Apple OS X through 10.9.2 does not ...)
+CVE-2014-1318
 	NOT-FOR-US: Apple
-CVE-2014-1317 (iBooks Commerce in Apple OS X before 10.9.4 places Apple ID ...)
+CVE-2014-1317
 	NOT-FOR-US: Apple
-CVE-2014-1316 (Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers ...)
+CVE-2014-1316
 	NOT-FOR-US: Apple
-CVE-2014-1315 (Format string vulnerability in CoreServicesUIAgent in Apple OS X ...)
+CVE-2014-1315
 	NOT-FOR-US: Apple
-CVE-2014-1314 (WindowServer in Apple OS X through 10.9.2 does not prevent session ...)
+CVE-2014-1314
 	NOT-FOR-US: Apple
-CVE-2014-1313 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1313
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1312 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1312
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1311 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1311
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1310 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1310
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1309 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1309
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1308 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1308
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1307 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1307
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1306
 	REJECTED
-CVE-2014-1305 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1305
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1304 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1304
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1303 (Heap-based buffer overflow in Apple Safari 7.0.2 allows remote ...)
+CVE-2014-1303
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1302 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1302
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1301 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1301
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1300 (Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote ...)
+CVE-2014-1300
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1299 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1299
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1298 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1298
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1297 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
+CVE-2014-1297
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1296 (CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and ...)
+CVE-2014-1296
 	NOT-FOR-US: Apple
-CVE-2014-1295 (Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and ...)
+CVE-2014-1295
 	NOT-FOR-US: Apple
-CVE-2014-1294 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, ...)
+CVE-2014-1294
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1293 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, ...)
+CVE-2014-1293
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1292 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, ...)
+CVE-2014-1292
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1291 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, ...)
+CVE-2014-1291
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1290 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, ...)
+CVE-2014-1290
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1289 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, ...)
+CVE-2014-1289
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1288
 	REJECTED
-CVE-2014-1287 (USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows ...)
+CVE-2014-1287
 	NOT-FOR-US: Apple
-CVE-2014-1286 (SpringBoard Lock Screen in Apple iOS before 7.1 allows remote ...)
+CVE-2014-1286
 	NOT-FOR-US: SpringBoard Lock Screen in Apple iOS
-CVE-2014-1285 (Springboard in Apple iOS before 7.1 allows physically proximate ...)
+CVE-2014-1285
 	NOT-FOR-US: Springboard in Apple iOS
 CVE-2014-1284
 	REJECTED
 CVE-2014-1283
 	REJECTED
-CVE-2014-1282 (The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 ...)
+CVE-2014-1282
 	NOT-FOR-US: Apple
-CVE-2014-1281 (Photos Backend in Apple iOS before 7.1 does not properly manage the ...)
+CVE-2014-1281
 	NOT-FOR-US: Photos Backend in Apple iOS
-CVE-2014-1280 (Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows ...)
+CVE-2014-1280
 	NOT-FOR-US: Apple
-CVE-2014-1279 (Apple TV before 6.1 does not properly restrict logging, which allows ...)
+CVE-2014-1279
 	NOT-FOR-US: Apple TV
-CVE-2014-1278 (The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 ...)
+CVE-2014-1278
 	NOT-FOR-US: Apple
 CVE-2014-1277
 	REJECTED
-CVE-2014-1276 (IOKit HID Event in Apple iOS before 7.1 allows attackers to conduct ...)
+CVE-2014-1276
 	NOT-FOR-US: IOKit HID Event in Apple iOS
-CVE-2014-1275 (Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before ...)
+CVE-2014-1275
 	NOT-FOR-US: Apple
-CVE-2014-1274 (FaceTime in Apple iOS before 7.1 allows physically proximate attackers ...)
+CVE-2014-1274
 	NOT-FOR-US: FaceTime in Apple iOS
-CVE-2014-1273 (dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers ...)
+CVE-2014-1273
 	NOT-FOR-US: Apple
-CVE-2014-1272 (CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple ...)
+CVE-2014-1272
 	NOT-FOR-US: Apple
-CVE-2014-1271 (CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not ...)
+CVE-2014-1271
 	NOT-FOR-US: Apple
-CVE-2014-1270 (WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, ...)
+CVE-2014-1270
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1269 (WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, ...)
+CVE-2014-1269
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1268 (WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, ...)
+CVE-2014-1268
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1267 (The Configuration Profiles component in Apple iOS before 7.1 and Apple ...)
+CVE-2014-1267
 	NOT-FOR-US: Apple
-CVE-2014-1266 (The SSLVerifySignedServerKeyExchange function in ...)
+CVE-2014-1266
 	NOT-FOR-US: Apple
-CVE-2014-1265 (The systemsetup program in the Date and Time subsystem in Apple OS X ...)
+CVE-2014-1265
 	NOT-FOR-US: Apple
-CVE-2014-1264 (Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after ...)
+CVE-2014-1264
 	NOT-FOR-US: Apple
-CVE-2014-1263 (curl and libcurl 7.27.0 through 7.35.0, when using the ...)
+CVE-2014-1263
 	- curl <not-affected> (Only applies to Curl on Mac OS or iOS)
 	NOTE: http://curl.haxx.se/docs/adv_20140326C.html
-CVE-2014-1262 (Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers ...)
+CVE-2014-1262
 	NOT-FOR-US: Apple
-CVE-2014-1261 (Integer signedness error in CoreText in Apple OS X before 10.9.2 ...)
+CVE-2014-1261
 	NOT-FOR-US: Apple
-CVE-2014-1260 (QuickLook in Apple OS X through 10.8.5 allows remote attackers to ...)
+CVE-2014-1260
 	NOT-FOR-US: Apple
-CVE-2014-1259 (Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows ...)
+CVE-2014-1259
 	NOT-FOR-US: Apple
-CVE-2014-1258 (Heap-based buffer overflow in CoreAnimation in Apple OS X before ...)
+CVE-2014-1258
 	NOT-FOR-US: Apple
-CVE-2014-1257 (CFNetwork in Apple OS X through 10.8.5 does not remove session cookies ...)
+CVE-2014-1257
 	NOT-FOR-US: Apple
-CVE-2014-1256 (Buffer overflow in Apple Type Services (ATS) in Apple OS X before ...)
+CVE-2014-1256
 	NOT-FOR-US: Apple
-CVE-2014-1255 (Apple Type Services (ATS) in Apple OS X before 10.9.2 does not ...)
+CVE-2014-1255
 	NOT-FOR-US: Apple
-CVE-2014-1254 (Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote ...)
+CVE-2014-1254
 	NOT-FOR-US: Apple
-CVE-2014-1253 (AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to ...)
+CVE-2014-1253
 	NOT-FOR-US: Apple Boot Camp
-CVE-2014-1252 (Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before ...)
+CVE-2014-1252
 	NOT-FOR-US: Apple Pages
-CVE-2014-1251 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote ...)
+CVE-2014-1251
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1250 (Apple QuickTime before 7.7.5 does not properly perform a byte-swapping ...)
+CVE-2014-1250
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1249 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote ...)
+CVE-2014-1249
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1248 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote ...)
+CVE-2014-1248
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1247 (Apple QuickTime before 7.7.5 allows remote attackers to execute ...)
+CVE-2014-1247
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1246 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote ...)
+CVE-2014-1246
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1245 (Integer signedness error in Apple QuickTime before 7.7.5 allows remote ...)
+CVE-2014-1245
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1244 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote ...)
+CVE-2014-1244
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1243 (Apple QuickTime before 7.7.5 does not initialize an unspecified ...)
+CVE-2014-1243
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1242 (Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, ...)
+CVE-2014-1242
 	NOT-FOR-US: Apple iTunes
 CVE-2014-1241
 	RESERVED
@@ -23154,9 +23154,9 @@ CVE-2014-1239
 CVE-2014-1238
 	RESERVED
 	NOT-FOR-US: Q-Pulse
-CVE-2014-1237 (Cross-site scripting (XSS) vulnerability in synetics i-doit pro before ...)
+CVE-2014-1237
 	NOT-FOR-US: i-doit
-CVE-2014-1232 (Cross-site scripting (XSS) vulnerability in the Foliopress WYSIWYG ...)
+CVE-2014-1232
 	NOT-FOR-US: Foliopress
 CVE-2014-1231
 	RESERVED
@@ -23168,18 +23168,18 @@ CVE-2014-1228
 	RESERVED
 CVE-2014-1227
 	RESERVED
-CVE-2014-1226 (The pipe_init_terminal function in main.c in s3dvt allows local users ...)
+CVE-2014-1226
 	- s3d 0.2.2-13 (unimportant)
 	NOTE: http://hmarco.org/bugs/CVE-2014-1226-s3dvt_0.2.2-root-shell.html
 	NOTE: Additional patch hunk applied in 0.2.2-11 (experimental) only
 	NOTE: Not running with elevated privileges in Debian packaging
 CVE-2014-1225
 	RESERVED
-CVE-2014-1224 (Incomplete blacklist vulnerability in the user registration feature in ...)
+CVE-2014-1224
 	NOT-FOR-US: rexx Recruitment
-CVE-2014-1223 (Cross-site scripting (XSS) vulnerability in controlpanel/loading.aspx ...)
+CVE-2014-1223
 	NOT-FOR-US: Telligent Evolution
-CVE-2014-1222 (Directory traversal vulnerability in kcfinder/browse.php in Vtiger CRM ...)
+CVE-2014-1222
 	NOT-FOR-US: vTiger CRM
 CVE-2014-1221
 	RESERVED
@@ -23187,217 +23187,217 @@ CVE-2014-1221
 CVE-2014-1220
 	RESERVED
 	NOT-FOR-US: IT2 Workstation
-CVE-2014-1219 (CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID ...)
+CVE-2014-1219
 	NOT-FOR-US: 2E Web Option
 CVE-2014-1218
 	RESERVED
-CVE-2014-1217 (Livetecs Timelive before 6.2.8 does not properly restrict access to ...)
+CVE-2014-1217
 	NOT-FOR-US: Livetecs Timelive
-CVE-2014-1216 (FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers ...)
+CVE-2014-1216
 	NOT-FOR-US: Fitnesse Wiki
-CVE-2014-1215 (Multiple buffer overflows in Core FTP Server before 1.2 build 508 ...)
+CVE-2014-1215
 	NOT-FOR-US: Core FTP Server
 CVE-2014-1214
 	RESERVED
 	NOT-FOR-US: Projoom NovaSFH Plugin
-CVE-2014-1213 (Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G ...)
+CVE-2014-1213
 	NOT-FOR-US: Sophos Anti Virus
 CVE-2014-1212
 	RESERVED
-CVE-2014-1211 (Cross-site request forgery (CSRF) vulnerability in VMware vCloud ...)
+CVE-2014-1211
 	NOT-FOR-US: VMWare
-CVE-2014-1210 (VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does ...)
+CVE-2014-1210
 	NOT-FOR-US: VMware vSphere Client
-CVE-2014-1209 (VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before ...)
+CVE-2014-1209
 	NOT-FOR-US: VMware vSphere Client
-CVE-2014-1208 (VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, ...)
+CVE-2014-1208
 	NOT-FOR-US: VMWare
-CVE-2014-1207 (VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers ...)
+CVE-2014-1207
 	NOT-FOR-US: VMWare
-CVE-2014-1206 (SQL injection vulnerability in the password reset page in Open Web ...)
+CVE-2014-1206
 	NOT-FOR-US: Open Web Analytics
 CVE-2014-1205
 	RESERVED
-CVE-2014-1204 (SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and ...)
+CVE-2014-1204
 	NOT-FOR-US: Tableau Server
-CVE-2014-1202 (The WSDL/WADL import functionality in SoapUI before 4.6.4 allows ...)
+CVE-2014-1202
 	NOT-FOR-US: SoapUI
-CVE-2014-1201 (Buffer overflow in the INetViewX ActiveX control in the Lorex Edge ...)
+CVE-2014-1201
 	NOT-FOR-US: Lorex
-CVE-2014-0999 (Sendio before 7.2.4 includes the session identifier in URLs in emails, ...)
+CVE-2014-0999
 	NOT-FOR-US: Sendio
-CVE-2014-0998 (Integer signedness error in the vt console driver (formerly Newcons) ...)
+CVE-2014-0998
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-3 (bug #779194)
 	- kfreebsd-9 <not-affected> (don't have newcons)
 	- kfreebsd-8 <not-affected> (don't have newcons)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:02.kmem.asc
-CVE-2014-0997 (WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android ...)
+CVE-2014-0997
 	NOT-FOR-US: WiFiMonitor in Android
 CVE-2014-0996
 	RESERVED
-CVE-2014-0995 (The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier ...)
+CVE-2014-0995
 	NOT-FOR-US: SAP Netweaver
-CVE-2014-0994 (Heap-based buffer overflow in the ReadDIB function in the ...)
+CVE-2014-0994
 	NOT-FOR-US: Delphi
-CVE-2014-0993 (Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in ...)
+CVE-2014-0993
 	NOT-FOR-US: Embarcadero
-CVE-2014-0992 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0992
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0991 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0991
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0990 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0990
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0989 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0989
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0988 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0988
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0987 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0987
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0986 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0986
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0985 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin ...)
+CVE-2014-0985
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0984 (The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, ...)
+CVE-2014-0984
 	NOT-FOR-US: SAP Router
-CVE-2014-0983 (Multiple array index errors in programs that are automatically ...)
+CVE-2014-0983
 	{DSA-2904-1}
 	- virtualbox 4.3.10-dfsg-1 (bug #741602)
 	- virtualbox-ose <removed> (bug #741602)
 	NOTE: http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities
 CVE-2014-0982
 	REJECTED
-CVE-2014-0981 (VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, ...)
+CVE-2014-0981
 	{DSA-2904-1}
 	- virtualbox 4.3.10-dfsg-1 (bug #741602)
 	- virtualbox-ose <removed> (bug #741602)
 	NOTE: http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities
-CVE-2014-0980 (Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote ...)
+CVE-2014-0980
 	NOT-FOR-US: Publish-It
 CVE-2014-0976
 	RESERVED
 CVE-2014-0975
 	RESERVED
-CVE-2014-0974 (The boot_linux_from_mmc function in app/aboot/aboot.c in the Little ...)
+CVE-2014-0974
 	NOT-FOR-US: Little Kernel (bootloader)
-CVE-2014-0973 (The image_verify function in platform/msm_shared/image_verify.c in the ...)
+CVE-2014-0973
 	NOT-FOR-US: Little Kernel (bootloader)
-CVE-2014-0972 (The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm ...)
+CVE-2014-0972
 	- linux <not-affected> (affects drivers/gpu/msm, not merged in mainline)
-CVE-2014-1408 (The Conceptronic C54APM access point with runtime code 1.26 has a ...)
+CVE-2014-1408
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1407 (Multiple cross-site scripting (XSS) vulnerabilities on the ...)
+CVE-2014-1407
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1406 (CRLF injection vulnerability in goform/formWlSiteSurvey on the ...)
+CVE-2014-1406
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1405 (Multiple open redirect vulnerabilities on the Conceptronic C54APM ...)
+CVE-2014-1405
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1402 (The default configuration for bccache.FileSystemBytecodeCache in ...)
+CVE-2014-1402
 	- jinja2 2.7.2-1 (low; bug #734747)
 	[squeeze] - jinja2 <no-dsa> (Minor issue)
 	[wheezy] - jinja2 <no-dsa> (Minor issue)
 	NOTE: 2.7.2 does not create safely temporary files, new CVE-2014-0012 was assigned for this issue
-CVE-2014-1401 (Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier ...)
+CVE-2014-1401
 	NOT-FOR-US: AuraCMS
-CVE-2014-1400 (The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3 ...)
+CVE-2014-1400
 	NOT-FOR-US: Drupal 7 Entity module
-CVE-2014-1399 (The entity wrapper access API in the Entity API module 7.x-1.x before ...)
+CVE-2014-1399
 	NOT-FOR-US: Drupal 7 Entity module
-CVE-2014-1398 (The entity wrapper access API in the Entity API module 7.x-1.x before ...)
+CVE-2014-1398
 	NOT-FOR-US: Drupal 7 Entity module
-CVE-2014-1236 (Stack-based buffer overflow in the chkNum function in ...)
+CVE-2014-1236
 	{DSA-2843-1}
 	- graphviz 2.26.3-16.1 (bug #734745)
 	NOTE: fix: https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff
-CVE-2014-1235 (Stack-based buffer overflow in the &quot;yyerror&quot; function in Graphviz ...)
+CVE-2014-1235
 	- graphviz 2.26.3-16.1 (bug #734745)
 	[wheezy] - graphviz <not-affected> (CVE for additional buffer overflow introduced by 7aaddf52cd98589fb0c3ab72a393f8411838438a)
 	[squeeze] - graphviz <not-affected> (CVE for additional buffer overflow introduced by 7aaddf52cd98589fb0c3ab72a393f8411838438a)
 	NOTE: CVE is for buffer overflow introduced by applying only 7aaddf52cd98589fb0c3ab72a393f8411838438a
 	NOTE: fix: https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
-CVE-2014-1234 (The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to ...)
+CVE-2014-1234
 	NOT-FOR-US: Paratrooper Newrelic Ruby Gem
-CVE-2014-1233 (The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to ...)
+CVE-2014-1233
 	NOT-FOR-US: Paratrooper Pingdom Ruby Gem
-CVE-2014-1203 (The get_login_ip_config_file function in Eyou Mail System before 3.6 ...)
+CVE-2014-1203
 	NOT-FOR-US: Eyou Mail System
-CVE-2014-0979 (The start_authentication function in lightdm-gtk-greeter.c in LightDM ...)
+CVE-2014-0979
 	- lightdm-gtk-greeter 1.6.1-5 (bug #734472)
 	NOTE: https://bugs.launchpad.net/lightdm-gtk-greeter/+bug/1266449
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=857303
 	[wheezy] - lightdm-gtk-greeter <not-affected> (in Wheezy, lightdm restarts when the greeter crashes, so there's no DoS)
-CVE-2014-0978 (Stack-based buffer overflow in the yyerror function in ...)
+CVE-2014-0978
 	{DSA-2843-1}
 	- graphviz 2.26.3-16 (bug #734745)
 	NOTE: https://github.com/ellson/graphviz/commit/7aaddf52cd98589fb0c3ab72a393f8411838438a
 	NOTE: additional commit required (new CVE-2014-1235): https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
 	NOTE: see: https://bugzilla.redhat.com/show_bug.cgi?id=1049165#c6
-CVE-2014-0977 (Cross-site scripting (XSS) vulnerability in the Rich Text Editor in ...)
+CVE-2014-0977
 	{DSA-2841-1}
 	- movabletype-opensource 5.2.9+dfsg-1 (bug #734304)
 CVE-2014-0971
 	RESERVED
-CVE-2014-0970 (The GDS component in IBM InfoSphere Master Data Management - ...)
+CVE-2014-0970
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0969 (Cross-site request forgery (CSRF) vulnerability in the GDS component ...)
+CVE-2014-0969
 	NOT-FOR-US: IBM
-CVE-2014-0968 (Cross-site scripting (XSS) vulnerability in the GDS component in IBM ...)
+CVE-2014-0968
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0967 (Cross-site scripting (XSS) vulnerability in the GDS component in IBM ...)
+CVE-2014-0967
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0966 (SQL injection vulnerability in the GDS component in IBM InfoSphere ...)
+CVE-2014-0966
 	NOT-FOR-US: IBM
-CVE-2014-0965 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x ...)
+CVE-2014-0965
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0964 (IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and ...)
+CVE-2014-0964
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0963 (The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in ...)
+CVE-2014-0963
 	NOT-FOR-US: IBM Global Security Kit
 CVE-2014-0962
 	RESERVED
-CVE-2014-0961 (Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity ...)
+CVE-2014-0961
 	NOT-FOR-US: IBM Tivoli Identity Manager
-CVE-2014-0960 (IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before ...)
+CVE-2014-0960
 	NOT-FOR-US: IBM PureApplication System
-CVE-2014-0959 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-0959
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0958 (Open redirect vulnerability in IBM WebSphere Portal 6.1.0 through ...)
+CVE-2014-0958
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0957 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
+CVE-2014-0957
 	NOT-FOR-US: IBM
-CVE-2014-0956 (Cross-site scripting (XSS) vulnerability in googlemap.jsp in IBM ...)
+CVE-2014-0956
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0955 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0 ...)
+CVE-2014-0955
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0954 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-0954
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0953 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
+CVE-2014-0953
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0952 (Cross-site scripting (XSS) vulnerability in boot_config.jsp in IBM ...)
+CVE-2014-0952
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0951 (Cross-site scripting (XSS) vulnerability in FilterForm.jsp in IBM ...)
+CVE-2014-0951
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0950 (Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM ...)
+CVE-2014-0950
 	NOT-FOR-US: IBM
-CVE-2014-0949 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2014-0949
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0948 (Unspecified vulnerability in IBM Rational Software Architect Design ...)
+CVE-2014-0948
 	NOT-FOR-US: IBM Rational Software Architect Design
-CVE-2014-0947 (Unspecified vulnerability in the server in IBM Rational Software ...)
+CVE-2014-0947
 	NOT-FOR-US: IBM Rational Software Architect Design
-CVE-2014-0946 (The RES Console in Rule Execution Server in IBM Operational Decision ...)
+CVE-2014-0946
 	NOT-FOR-US: IBM
-CVE-2014-0945 (Cross-site scripting (XSS) vulnerability in the RES Console in Rule ...)
+CVE-2014-0945
 	NOT-FOR-US: IBM
-CVE-2014-0944 (Cross-site request forgery (CSRF) vulnerability in the RES Console in ...)
+CVE-2014-0944
 	NOT-FOR-US: IBM
-CVE-2014-0943 (IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, ...)
+CVE-2014-0943
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2014-0942 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-0942
 	NOT-FOR-US: IBM Netcool
-CVE-2014-0941 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-0941
 	NOT-FOR-US: IBM Netcool
-CVE-2014-0940 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli ...)
+CVE-2014-0940
 	NOT-FOR-US: IBM Tivoli
 CVE-2014-0939
 	RESERVED
@@ -23405,275 +23405,275 @@ CVE-2014-0938
 	RESERVED
 CVE-2014-0937
 	RESERVED
-CVE-2014-0936 (IBM Security AppScan Source 8.0 through 9.0, when the ...)
+CVE-2014-0936
 	NOT-FOR-US: IBM Security AppScan
-CVE-2014-0935 (Unspecified vulnerability in IBM Smart Analytics System 7700 before FP ...)
+CVE-2014-0935
 	NOT-FOR-US: IBM Smart Analytics System
 CVE-2014-0934
 	RESERVED
-CVE-2014-0933 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere ...)
+CVE-2014-0933
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0932 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order ...)
+CVE-2014-0932
 	NOT-FOR-US: IBM
-CVE-2014-0931 (Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN ...)
+CVE-2014-0931
 	NOT-FOR-US: IBM
-CVE-2014-0930 (The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, ...)
+CVE-2014-0930
 	NOT-FOR-US: IBM AIX
-CVE-2014-0929 (Cross-site request forgery (CSRF) vulnerability in the Profiles ...)
+CVE-2014-0929
 	NOT-FOR-US: IBM Connections
 CVE-2014-0928
 	RESERVED
-CVE-2014-0927 (The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 ...)
+CVE-2014-0927
 	NOT-FOR-US: IBM
 CVE-2014-0926
 	RESERVED
-CVE-2014-0925 (Open redirect vulnerability in IBM Sterling Control Center 5.4.0 ...)
+CVE-2014-0925
 	NOT-FOR-US: IBM Sterling Control Center
-CVE-2014-0924 (IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 does not verify ...)
+CVE-2014-0924
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0923 (IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote ...)
+CVE-2014-0923
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0922 (IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote ...)
+CVE-2014-0922
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0921 (The server in IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 ...)
+CVE-2014-0921
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0920 (IBM SPSS Analytic Server 1.0 before IF002 and 1.0.1 before IF004 logs ...)
+CVE-2014-0920
 	NOT-FOR-US: IBM SPSS Analytic Server
-CVE-2014-0919 (IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords ...)
+CVE-2014-0919
 	NOT-FOR-US: IBM DB2
-CVE-2014-0918 (Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in ...)
+CVE-2014-0918
 	NOT-FOR-US: IBM Eclipse Help System
-CVE-2014-0917 (Cross-site scripting (XSS) vulnerability in IBM Eclipse Help System ...)
+CVE-2014-0917
 	NOT-FOR-US: IBM Eclipse Help System
 CVE-2014-0916
 	RESERVED
-CVE-2014-0915 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo ...)
+CVE-2014-0915
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0914 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2014-0914
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0913 (Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino ...)
+CVE-2014-0913
 	NOT-FOR-US: IBM iNotes
-CVE-2014-0912 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
+CVE-2014-0912
 	NOT-FOR-US: IBM
-CVE-2014-0911 (inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before ...)
+CVE-2014-0911
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2014-0910 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
+CVE-2014-0910
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0909 (The Administration and Reporting Tool in IBM Rational License Key ...)
+CVE-2014-0909
 	NOT-FOR-US: IBM
-CVE-2014-0908 (The User Attribute implementation in IBM Business Process Manager ...)
+CVE-2014-0908
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2014-0907 (Multiple untrusted search path vulnerabilities in unspecified (1) ...)
+CVE-2014-0907
 	NOT-FOR-US: IBM DB2
-CVE-2014-0906 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
+CVE-2014-0906
 	NOT-FOR-US: IBM Sametime
-CVE-2014-0905 (IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure ...)
+CVE-2014-0905
 	NOT-FOR-US: IBM
-CVE-2014-0904 (The update process in IBM Security AppScan Standard 7.9 through 8.8 ...)
+CVE-2014-0904
 	NOT-FOR-US: IBM Security AppScan Standard
 CVE-2014-0903
 	RESERVED
 CVE-2014-0902
 	RESERVED
-CVE-2014-0901 (Cross-site scripting (XSS) vulnerability in the Social Rendering ...)
+CVE-2014-0901
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0900 (The Device Administrator code in Android before 4.4.1_r1 might allow ...)
+CVE-2014-0900
 	NOT-FOR-US: Android
-CVE-2014-0899 (ftpd in IBM AIX 7.1.1 before SP10 and 7.1.2 before SP5, when a ...)
+CVE-2014-0899
 	NOT-FOR-US: IBM AIX
 CVE-2014-0898
 	RESERVED
-CVE-2014-0897 (The Configuration Patterns component in IBM Flex System Manager (FSM) ...)
+CVE-2014-0897
 	NOT-FOR-US: IBM
-CVE-2014-0896 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before ...)
+CVE-2014-0896
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0895 (Buffer overflow in the vsflex8l ActiveX control in IBM SPSS ...)
+CVE-2014-0895
 	NOT-FOR-US: IBM SPSS
-CVE-2014-0894 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before ...)
+CVE-2014-0894
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0893 (Cross-site scripting (XSS) vulnerability in customreport.jsp in IBM ...)
+CVE-2014-0893
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0892 (IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 ...)
+CVE-2014-0892
 	NOT-FOR-US: IBM
-CVE-2014-0891 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x ...)
+CVE-2014-0891
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0890 (The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, ...)
+CVE-2014-0890
 	NOT-FOR-US: IBM Sametime
-CVE-2014-0889 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite ...)
+CVE-2014-0889
 	NOT-FOR-US: IBM Atlas Suite
-CVE-2014-0888 (IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in ...)
+CVE-2014-0888
 	NOT-FOR-US: IBM
-CVE-2014-0887 (The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before ...)
+CVE-2014-0887
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0886 (The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before ...)
+CVE-2014-0886
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0885 (Cross-site request forgery (CSRF) vulnerability in the Admin Web UI in ...)
+CVE-2014-0885
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0884 (Cross-site scripting (XSS) vulnerability in the Admin Web UI in IBM ...)
+CVE-2014-0884
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0883 (Cross-site scripting (XSS) vulnerability in IBM Power Hardware ...)
+CVE-2014-0883
 	NOT-FOR-US: IBM
-CVE-2014-0882 (Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, ...)
+CVE-2014-0882
 	NOT-FOR-US: IBM
-CVE-2014-0881 (The TPM on Integrated Management Module II (IMM2) on IBM Flex System ...)
+CVE-2014-0881
 	NOT-FOR-US: IBM
-CVE-2014-0880 (IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; ...)
+CVE-2014-0880
 	NOT-FOR-US: IBM SAN Volume Controller
-CVE-2014-0879 (Stack-based buffer overflow in the Taskmaster Capture ActiveX control ...)
+CVE-2014-0879
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2014-0878 (The IBMSecureRandom component in the IBMJCE and IBMSecureRandom ...)
+CVE-2014-0878
 	NOT-FOR-US: IBM JDK
-CVE-2014-0877 (IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows ...)
+CVE-2014-0877
 	NOT-FOR-US: IBM Cognos
-CVE-2014-0876 (Buffer overflow in the Java GUI Configuration Wizard and Preferences ...)
+CVE-2014-0876
 	NOT-FOR-US: IBM
-CVE-2014-0875 (Active Cloud Engine (ACE) in IBM Storwize V7000 Unified 1.3.0.0 ...)
+CVE-2014-0875
 	NOT-FOR-US: IBM Storwize V7000 Unified
-CVE-2014-0874 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x ...)
+CVE-2014-0874
 	NOT-FOR-US: IBM Content Navigator
-CVE-2014-0873 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
+CVE-2014-0873
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0872 (The installation process in IBM Security Key Lifecycle Manager 2.5 ...)
+CVE-2014-0872
 	NOT-FOR-US: IBM
-CVE-2014-0871 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before ...)
+CVE-2014-0871
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0870 (Multiple cross-site scripting (XSS) vulnerabilities in RICOS in IBM ...)
+CVE-2014-0870
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0869 (The decrypt function in RICOS in IBM Algo Credit Limits (aka ACLM) ...)
+CVE-2014-0869
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0868 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before ...)
+CVE-2014-0868
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0867 (rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ...)
+CVE-2014-0867
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0866 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before ...)
+CVE-2014-0866
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0865 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before ...)
+CVE-2014-0865
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0864 (Multiple cross-site request forgery (CSRF) vulnerabilities in Executer ...)
+CVE-2014-0864
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0863 (The client in IBM Cognos TM1 9.5.2.3 before IF5, 10.1.1.2 before IF1, ...)
+CVE-2014-0863
 	NOT-FOR-US: IBM
-CVE-2014-0862 (Unspecified vulnerability in Jazz Team Server in IBM Rational ...)
+CVE-2014-0862
 	NOT-FOR-US: IBM Rational Collaborative Lifecycle Management
-CVE-2014-0861 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos ...)
+CVE-2014-0861
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2014-0860 (The firmware before 3.66E in IBM BladeCenter Advanced Management ...)
+CVE-2014-0860
 	NOT-FOR-US: IBM
-CVE-2014-0859 (The web-server plugin in IBM WebSphere Application Server (WAS) 7.x ...)
+CVE-2014-0859
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0858 (IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote ...)
+CVE-2014-0858
 	NOT-FOR-US: IBM Content Navigator
-CVE-2014-0857 (The Administrative Console in IBM WebSphere Application Server (WAS) ...)
+CVE-2014-0857
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-0856
 	RESERVED
-CVE-2014-0855 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections ...)
+CVE-2014-0855
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0854 (The server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before ...)
+CVE-2014-0854
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2014-0853 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2014-0853
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0852 (IBM WebSphere DataPower SOA appliances through 4.0.2.15, 5.x through ...)
+CVE-2014-0852
 	NOT-FOR-US: IBM
 CVE-2014-0851
 	RESERVED
-CVE-2014-0850 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
+CVE-2014-0850
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0849 (IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud ...)
+CVE-2014-0849
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0848 (The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server ...)
+CVE-2014-0848
 	NOT-FOR-US: IBM Netezza Performance Portal
 CVE-2014-0847
 	RESERVED
-CVE-2014-0846 (Cross-site scripting (XSS) vulnerability in IBM Rational Requirements ...)
+CVE-2014-0846
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0845 (Open redirect vulnerability in IBM Rational Requirements Composer 3.x ...)
+CVE-2014-0845
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0844 (Unspecified vulnerability in IBM Rational Requirements Composer 3.x ...)
+CVE-2014-0844
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0843 (Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point ...)
+CVE-2014-0843
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0842 (The account-creation functionality in IBM Rational Focal Point 6.4.x ...)
+CVE-2014-0842
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0841 (IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a ...)
+CVE-2014-0841
 	NOT-FOR-US: IBM
-CVE-2014-0840 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational ...)
+CVE-2014-0840
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0839 (IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x ...)
+CVE-2014-0839
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0838 (The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 ...)
+CVE-2014-0838
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0837 (The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier ...)
+CVE-2014-0837
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0836 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+CVE-2014-0836
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0835 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
+CVE-2014-0835
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0834 (IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 ...)
+CVE-2014-0834
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2014-0833 (The OAC component in IBM Financial Transaction Manager (FTM) 2.0 ...)
+CVE-2014-0833
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0832 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-0832
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0831 (Cross-site request forgery (CSRF) vulnerability in the OAC component ...)
+CVE-2014-0831
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0830 (Directory traversal vulnerability in the table-export implementation ...)
+CVE-2014-0830
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0829 (Multiple buffer overflows in IBM Rational ClearCase 7.x before ...)
+CVE-2014-0829
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2014-0828 (Cross-site scripting (XSS) vulnerability in the WCM (Web Content ...)
+CVE-2014-0828
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0827 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim ...)
+CVE-2014-0827
 	NOT-FOR-US: IBM InfoSphere
 CVE-2014-0826
 	RESERVED
-CVE-2014-0825 (Cross-site scripting (XSS) vulnerability in openreport.jsp in IBM ...)
+CVE-2014-0825
 	NOT-FOR-US: IBM Maximo Asset Management and others
-CVE-2014-0824 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2014-0824
 	NOT-FOR-US: IBM Maximo Asset Management and others
-CVE-2014-0823 (IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x ...)
+CVE-2014-0823
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0822 (The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x ...)
+CVE-2014-0822
 	NOT-FOR-US: IBM Domino
-CVE-2014-0821 (SQL injection vulnerability in the download feature in Cybozu Garoon ...)
+CVE-2014-0821
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-0820 (Directory traversal vulnerability in the download feature in Cybozu ...)
+CVE-2014-0820
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-0819 (Untrusted search path vulnerability in Autodesk AutoCAD before 2014 ...)
+CVE-2014-0819
 	NOT-FOR-US: Autodesk AutoCAD
-CVE-2014-0818 (Untrusted search path vulnerability in Autodesk AutoCAD before 2014 ...)
+CVE-2014-0818
 	NOT-FOR-US: Autodesk AutoCAD
-CVE-2014-0817 (Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not ...)
+CVE-2014-0817
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-0816 (Unspecified vulnerability in Norman Security Suite 10.1 and earlier ...)
+CVE-2014-0816
 	NOT-FOR-US: Norman Security Suite
-CVE-2014-0815 (The intent: URL implementation in Opera before 18 on Android allows ...)
+CVE-2014-0815
 	NOT-FOR-US: Opera
-CVE-2014-0814 (Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 ...)
+CVE-2014-0814
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-0813 (Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before ...)
+CVE-2014-0813
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-0812 (Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 ...)
+CVE-2014-0812
 	NOT-FOR-US: KENT-WEB Joyful Note
-CVE-2014-0811 (Cross-site scripting (XSS) vulnerability in Blackboard Vista/CE 8.0 ...)
+CVE-2014-0811
 	NOT-FOR-US: Blackboard Vista
-CVE-2014-0810 (Unspecified vulnerability in JustSystems Sanshiro 2007 before update ...)
+CVE-2014-0810
 	NOT-FOR-US: JustSystems Sanshiro 2007
-CVE-2014-0809 (Directory traversal vulnerability in the Gapless Player SimZip (aka ...)
+CVE-2014-0809
 	NOT-FOR-US: Gapless Player SimZip
-CVE-2014-0808 (The lfCheckError function in ...)
+CVE-2014-0808
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2014-0807 (data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE ...)
+CVE-2014-0807
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2014-0806 (The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile ...)
+CVE-2014-0806
 	NOT-FOR-US: Sleipnir Mobile application
-CVE-2014-0805 (Directory traversal vulnerability in the NeoFiler application 5.4.3 ...)
+CVE-2014-0805
 	NOT-FOR-US: NeoFiler
-CVE-2014-0804 (Directory traversal vulnerability in the CGENE Security File Manager ...)
+CVE-2014-0804
 	NOT-FOR-US: CGENE Security File Manager
-CVE-2014-0803 (Directory traversal vulnerability in the tetra filer application 2.3.1 ...)
+CVE-2014-0803
 	NOT-FOR-US: tetra filer application
-CVE-2014-0802 (Directory traversal vulnerability in the aokitaka ZIP with Pass ...)
+CVE-2014-0802
 	NOT-FOR-US: aokitaka ZIP with Pass
 CVE-2014-0801
 	RESERVED
@@ -23689,163 +23689,163 @@ CVE-2014-0796
 	RESERVED
 CVE-2014-0795
 	RESERVED
-CVE-2014-0794 (SQL injection vulnerability in the JV Comment (com_jvcomment) ...)
+CVE-2014-0794
 	NOT-FOR-US: JV Comment Joomla Extension
-CVE-2014-0793 (Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas ...)
+CVE-2014-0793
 	NOT-FOR-US: Komento Joomla Extension
-CVE-2014-0792 (Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to ...)
+CVE-2014-0792
 	NOT-FOR-US: Sonatype Nexus
 CVE-2014-0790
 	RESERVED
-CVE-2014-0791 (Integer overflow in the license_read_scope_list function in ...)
+CVE-2014-0791
 	- freerdp <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=998941
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/f1d6afca6ae620f9855a33280bdc6f3ad9153be0#diff-b6d68bbca6e0f5875c57ef225cd65c45
 	NOTE: A malicous license has simpler means to DoS a RDP client, e.g. by simply stating that no valid license exists etc.
-CVE-2014-0789 (Multiple buffer overflows in the OPC Automation 2.0 Server Object ...)
+CVE-2014-0789
 	NOT-FOR-US: OPC Automation 2.0 Server
 CVE-2014-0788
 	REJECTED
-CVE-2014-0787 (Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 ...)
+CVE-2014-0787
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2014-0786 (Ecava IntegraXor before 4.1.4393 allows remote attackers to read ...)
+CVE-2014-0786
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2014-0785
 	REJECTED
-CVE-2014-0784 (Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 ...)
+CVE-2014-0784
 	NOT-FOR-US: Yokogawa CENTUM CS 3000
-CVE-2014-0783 (Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 ...)
+CVE-2014-0783
 	NOT-FOR-US: Yokogawa CENTUM CS 3000
-CVE-2014-0782 (Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test ...)
+CVE-2014-0782
 	NOT-FOR-US: Yokogawa CENTUM
-CVE-2014-0781 (Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 ...)
+CVE-2014-0781
 	NOT-FOR-US: Yokogawa CENTUM CS 3000
-CVE-2014-0780 (Directory traversal vulnerability in NTWebServer in InduSoft Web ...)
+CVE-2014-0780
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2014-0779 (The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 ...)
+CVE-2014-0779
 	NOT-FOR-US: Schneider Electric
-CVE-2014-0778 (The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows ...)
+CVE-2014-0778
 	NOT-FOR-US: Progea Movicon
-CVE-2014-0777 (The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and ...)
+CVE-2014-0777
 	NOT-FOR-US: IOServer OPC Server
 CVE-2014-0776
 	RESERVED
 CVE-2014-0775
 	REJECTED
-CVE-2014-0774 (Stack-based buffer overflow in the C++ sample client in Schneider ...)
+CVE-2014-0774
 	NOT-FOR-US: Schneider Electric OPC Factory Server
-CVE-2014-0773 (The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX ...)
+CVE-2014-0773
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0772 (The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ...)
+CVE-2014-0772
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0771 (The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX ...)
+CVE-2014-0771
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0770 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows ...)
+CVE-2014-0770
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0769 (The Festo CECX-X-C1 Modular Master Controller with CoDeSys and ...)
+CVE-2014-0769
 	NOT-FOR-US: Festo controller
-CVE-2014-0768 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows ...)
+CVE-2014-0768
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0767 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows ...)
+CVE-2014-0767
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0766 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows ...)
+CVE-2014-0766
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0765 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows ...)
+CVE-2014-0765
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0764 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows ...)
+CVE-2014-0764
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0763 (Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech ...)
+CVE-2014-0763
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0762 (The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows ...)
+CVE-2014-0762
 	NOT-FOR-US: CG Automation ePAQ-9410 Substation Gateway
-CVE-2014-0761 (The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows ...)
+CVE-2014-0761
 	NOT-FOR-US: CG Automation ePAQ-9410 Substation Gateway
-CVE-2014-0760 (The Festo CECX-X-C1 Modular Master Controller with CoDeSys and ...)
+CVE-2014-0760
 	NOT-FOR-US: Festo controller
-CVE-2014-0759 (Unquoted Windows search path vulnerability in Schneider Electric ...)
+CVE-2014-0759
 	NOT-FOR-US: Schneider Electric Floating License Manager
-CVE-2014-0758 (An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, ...)
+CVE-2014-0758
 	NOT-FOR-US: ICONICS
-CVE-2014-0757 (Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 ...)
+CVE-2014-0757
 	NOT-FOR-US: Smart Software Solutions (3S) CoDeSys Runtime Toolkit
 CVE-2014-0756
 	REJECTED
-CVE-2014-0755 (Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not ...)
+CVE-2014-0755
 	NOT-FOR-US: Rockwell Automation RSLogix
-CVE-2014-0754 (Directory traversal vulnerability in SchneiderWEB on Schneider ...)
+CVE-2014-0754
 	NOT-FOR-US: SchneiderWEB
-CVE-2014-0753 (Stack-based buffer overflow in the SCADA server in Ecava IntegraXor ...)
+CVE-2014-0753
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2014-0752 (The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote ...)
+CVE-2014-0752
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2014-0751 (Directory traversal vulnerability in CimWebServer.exe (aka the WebView ...)
+CVE-2014-0751
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2014-0750 (Directory traversal vulnerability in gefebt.exe in the WebView CimWeb ...)
+CVE-2014-0750
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2014-0749 (Stack-based buffer overflow in lib/Libdis/disrsi_.c in Terascale ...)
+CVE-2014-0749
 	{DSA-2936-1}
 	- torque 2.4.16+dfsg-1.4 (bug #748827)
-CVE-2014-0748 (apinit on Cray devices with CLE before 4.2.UP02 and 5.x before ...)
+CVE-2014-0748
 	NOT-FOR-US: Aprun/apinit on Cray supercomputers
-CVE-2014-0747 (The Certificate Authority Proxy Function (CAPF) CLI implementation in ...)
+CVE-2014-0747
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0746 (The disaster recovery system (DRS) in Cisco Unified Contact Center ...)
+CVE-2014-0746
 	NOT-FOR-US: Cisco Unified Contact Center
-CVE-2014-0745 (Cross-site request forgery (CSRF) vulnerability in the Unified ...)
+CVE-2014-0745
 	NOT-FOR-US: Cisco Unified Contact Center Express
 CVE-2014-0744
 	REJECTED
-CVE-2014-0743 (The Certificate Authority Proxy Function (CAPF) component in Cisco ...)
+CVE-2014-0743
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0742 (The Certificate Authority Proxy Function (CAPF) CLI implementation in ...)
+CVE-2014-0742
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0741 (The certificate-import feature in the Certificate Authority Proxy ...)
+CVE-2014-0741
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0740 (Cross-site request forgery (CSRF) vulnerability in the Call Detail ...)
+CVE-2014-0740
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0739 (Race condition in the Phone Proxy component in Cisco Adaptive Security ...)
+CVE-2014-0739
 	NOT-FOR-US: Cisco ASA
-CVE-2014-0738 (The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2014-0738
 	NOT-FOR-US: Cisco ASA
-CVE-2014-0737 (The Cisco Unified IP Phone 7960G 9.2(1) and earlier allows remote ...)
+CVE-2014-0737
 	NOT-FOR-US: The Cisco Unified IP Phone
-CVE-2014-0736 (Cross-site request forgery (CSRF) vulnerability in the Call Detail ...)
+CVE-2014-0736
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0735 (Cross-site scripting (XSS) vulnerability in the IP Manager Assistant ...)
+CVE-2014-0735
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0734 (SQL injection vulnerability in the Certificate Authority Proxy ...)
+CVE-2014-0734
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0733 (The Enterprise License Manager (ELM) component in Cisco Unified ...)
+CVE-2014-0733
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0732 (The Real Time Monitoring Tool (RTMT) web application in Cisco Unified ...)
+CVE-2014-0732
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0731 (The administration interface in Cisco Unified Communications Manager ...)
+CVE-2014-0731
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-0730 (Cisco Unified Computing System (UCS) Central Software 1.1 and earlier ...)
+CVE-2014-0730
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-0729 (SQL injection vulnerability in the Enterprise Mobility Application ...)
+CVE-2014-0729
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0728 (SQL injection vulnerability in the Java database interface in Cisco ...)
+CVE-2014-0728
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0727 (SQL injection vulnerability in the CallManager Interactive Voice ...)
+CVE-2014-0727
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0726 (SQL injection vulnerability in the IP Manager Assistant (IPMA) ...)
+CVE-2014-0726
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0725 (Cisco Unified Communications Manager (UCM) does not require ...)
+CVE-2014-0725
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0724 (The bulk administration interface in Cisco Unified Communications ...)
+CVE-2014-0724
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0723 (Cross-site scripting (XSS) vulnerability in the IP Manager Assistant ...)
+CVE-2014-0723
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0722 (The log4jinit web application in Cisco Unified Communications Manager ...)
+CVE-2014-0722
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0721 (The Cisco Unified SIP Phone 3905 with firmware before 9.4(1) allows ...)
+CVE-2014-0721
 	NOT-FOR-US: Cisco Unified SIP Phone 3905
-CVE-2014-0720 (Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows ...)
+CVE-2014-0720
 	NOT-FOR-US: Cisco IPS
-CVE-2014-0719 (The control-plane access-list implementation in Cisco IPS Software ...)
+CVE-2014-0719
 	NOT-FOR-US: Cisco IPS
-CVE-2014-0718 (The produce-verbose-alert feature in Cisco IPS Software 7.1 before ...)
+CVE-2014-0718
 	NOT-FOR-US: Cisco IPS
 CVE-2014-0717
 	RESERVED
@@ -23861,25 +23861,25 @@ CVE-2014-0712
 	RESERVED
 CVE-2014-0711
 	RESERVED
-CVE-2014-0710 (Race condition in the cut-through proxy feature in Cisco Firewall ...)
+CVE-2014-0710
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2014-0709 (Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded ...)
+CVE-2014-0709
 	NOT-FOR-US: Cisco UCS Director
-CVE-2014-0708 (WebEx Meeting Center in Cisco WebEx Business Suite does not properly ...)
+CVE-2014-0708
 	NOT-FOR-US: Cisco WebEx Business Suite
-CVE-2014-0707 (Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before ...)
+CVE-2014-0707
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0706 (Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, ...)
+CVE-2014-0706
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0705 (The multicast listener discovery (MLD) service on Cisco Wireless LAN ...)
+CVE-2014-0705
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0704 (The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices ...)
+CVE-2014-0704
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0703 (Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 ...)
+CVE-2014-0703
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2014-0702
 	RESERVED
-CVE-2014-0701 (Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, ...)
+CVE-2014-0701
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2014-0700
 	RESERVED
@@ -23893,13 +23893,13 @@ CVE-2014-0696
 	RESERVED
 CVE-2014-0695
 	RESERVED
-CVE-2014-0694 (Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and ...)
+CVE-2014-0694
 	NOT-FOR-US: Cisco
 CVE-2014-0693
 	RESERVED
 CVE-2014-0692
 	RESERVED
-CVE-2014-0691 (Cisco WebEx Meetings Server before 1.1 uses meeting IDs with ...)
+CVE-2014-0691
 	NOT-FOR-US: Cisco WebEx Meetings Server
 CVE-2014-0690
 	RESERVED
@@ -23909,473 +23909,473 @@ CVE-2014-0688
 	RESERVED
 CVE-2014-0687
 	RESERVED
-CVE-2014-0686 (Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) ...)
+CVE-2014-0686
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0685 (Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware ...)
+CVE-2014-0685
 	NOT-FOR-US: Cisco
-CVE-2014-0684 (Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause ...)
+CVE-2014-0684
 	NOT-FOR-US: Cisco
-CVE-2014-0683 (The web management interface on the Cisco RV110W firewall with ...)
+CVE-2014-0683
 	NOT-FOR-US: Cisco
-CVE-2014-0682 (Cisco WebEx Meetings Server allows remote authenticated users to ...)
+CVE-2014-0682
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-0681 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services ...)
+CVE-2014-0681
 	NOT-FOR-US: Cisco Identity Service Engine
-CVE-2014-0680 (Cross-site scripting (XSS) vulnerability in the HTTP control interface ...)
+CVE-2014-0680
 	NOT-FOR-US: Cisco Identity Service Engine
-CVE-2014-0679 (Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before ...)
+CVE-2014-0679
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-0678 (The portal interface in Cisco Secure Access Control System (ACS) does ...)
+CVE-2014-0678
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0677 (The Label Distribution Protocol (LDP) functionality in Cisco NX-OS ...)
+CVE-2014-0677
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-0676 (Cisco NX-OS allows local users to bypass intended TACACS+ command ...)
+CVE-2014-0676
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-0675 (The Expressway component in Cisco TelePresence Video Communication ...)
+CVE-2014-0675
 	NOT-FOR-US: Cisco
-CVE-2014-0674 (Cisco Video Surveillance Operations Manager (VSOM) does not require ...)
+CVE-2014-0674
 	NOT-FOR-US: Cisco Video Surveillance Operations Manager
-CVE-2014-0673 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2014-0673
 	NOT-FOR-US: Cisco Video Surveillance
-CVE-2014-0672 (The Search and Play interface in Cisco MediaSense does not properly ...)
+CVE-2014-0672
 	NOT-FOR-US: Cisco MediaSense
-CVE-2014-0671 (Open redirect vulnerability in Cisco MediaSense allows remote ...)
+CVE-2014-0671
 	NOT-FOR-US: Cisco MediaSense
-CVE-2014-0670 (Cross-site scripting (XSS) vulnerability in the Search and Play ...)
+CVE-2014-0670
 	NOT-FOR-US: Cisco MediaSense
-CVE-2014-0669 (The Wireless Session Protocol (WSP) feature in the Gateway GPRS ...)
+CVE-2014-0669
 	NOT-FOR-US: Cisco ASR 5000
-CVE-2014-0668 (Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure ...)
+CVE-2014-0668
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0667 (The RMI interface in Cisco Secure Access Control System (ACS) does not ...)
+CVE-2014-0667
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0666 (Directory traversal vulnerability in the Send Screen Capture ...)
+CVE-2014-0666
 	NOT-FOR-US: Cisco Jabber
-CVE-2014-0665 (The RBAC implementation in Cisco Identity Services Engine (ISE) ...)
+CVE-2014-0665
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-0664 (The server in Cisco Unity Connection allows remote authenticated users ...)
+CVE-2014-0664
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2014-0663 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2014-0663
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0662 (The SIP module in Cisco TelePresence Video Communication Server (VCS) ...)
+CVE-2014-0662
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-0661 (The System Status Collection Daemon (SSCD) in Cisco TelePresence ...)
+CVE-2014-0661
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-0660 (Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows ...)
+CVE-2014-0660
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-0659 (The Cisco WAP4410N access point with firmware through 2.0.6.1, ...)
+CVE-2014-0659
 	NOT-FOR-US: Cisco Small Business Devices
-CVE-2014-0658 (Cisco 9900 Unified IP phones allow remote attackers to cause a denial ...)
+CVE-2014-0658
 	NOT-FOR-US: Cisco 9900 Unified IP phones
-CVE-2014-0657 (The administration portal in Cisco Unified Communications Manager ...)
+CVE-2014-0657
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0656 (Cisco Context Directory Agent (CDA) allows remote authenticated users ...)
+CVE-2014-0656
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0655 (The Identity Firewall (IDFW) functionality in Cisco Adaptive Security ...)
+CVE-2014-0655
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-0654 (Cisco Context Directory Agent (CDA) allows remote attackers to modify ...)
+CVE-2014-0654
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0653 (The Identity Firewall (IDFW) functionality in Cisco Adaptive Security ...)
+CVE-2014-0653
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-0652 (Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco ...)
+CVE-2014-0652
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0651 (The administrative interface in Cisco Context Directory Agent (CDA) ...)
+CVE-2014-0651
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0650 (The web interface in Cisco Secure Access Control System (ACS) 5.x ...)
+CVE-2014-0650
 	NOT-FOR-US: Cisco Secure ACS RMI
-CVE-2014-0649 (The RMI interface in Cisco Secure Access Control System (ACS) 5.x ...)
+CVE-2014-0649
 	NOT-FOR-US: Cisco Secure ACS RMI
-CVE-2014-0648 (The RMI interface in Cisco Secure Access Control System (ACS) 5.x ...)
+CVE-2014-0648
 	NOT-FOR-US: Cisco Secure ACS RMI
-CVE-2014-0647 (The Starbucks 2.6.1 application for iOS stores sensitive information ...)
+CVE-2014-0647
 	NOT-FOR-US: Starbucks iOS application
-CVE-2014-0646 (The runtime WS component in the server in EMC RSA Access Manager 6.1.3 ...)
+CVE-2014-0646
 	NOT-FOR-US: EMC
-CVE-2014-0645 (EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File ...)
+CVE-2014-0645
 	NOT-FOR-US: EMC
-CVE-2014-0644 (EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote ...)
+CVE-2014-0644
 	NOT-FOR-US: EMC
-CVE-2014-0643 (EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before ...)
+CVE-2014-0643
 	NOT-FOR-US: EMC RSA NetWitness and RSA Security Analytics
-CVE-2014-0642 (EMC Documentum Content Server before 6.7 SP1 P26, 6.7 SP2 before P13, ...)
+CVE-2014-0642
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-0641 (Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC ...)
+CVE-2014-0641
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-0640 (EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote ...)
+CVE-2014-0640
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-0639 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer ...)
+CVE-2014-0639
 	NOT-FOR-US: RSA Archer
-CVE-2014-0638 (Cross-site scripting (XSS) vulnerability in RSA Adaptive ...)
+CVE-2014-0638
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2014-0637 (Cross-site scripting (XSS) vulnerability in the back-office ...)
+CVE-2014-0637
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2014-0636 (EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x ...)
+CVE-2014-0636
 	NOT-FOR-US: EMC RSA BSAFE Micro Edition Suite
-CVE-2014-0635 (Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x ...)
+CVE-2014-0635
 	NOT-FOR-US: EMC VPLEX
-CVE-2014-0634 (EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the ...)
+CVE-2014-0634
 	NOT-FOR-US: EMC VPLEX
-CVE-2014-0633 (The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not ...)
+CVE-2014-0633
 	NOT-FOR-US: EMC VPLEX
-CVE-2014-0632 (Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and ...)
+CVE-2014-0632
 	NOT-FOR-US: EMC VPLEX
 CVE-2014-0631
 	REJECTED
-CVE-2014-0630 (EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 ...)
+CVE-2014-0630
 	NOT-FOR-US: EMC
-CVE-2014-0629 (EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 ...)
+CVE-2014-0629
 	NOT-FOR-US: EMC
-CVE-2014-0628 (The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before ...)
+CVE-2014-0628
 	NOT-FOR-US: EMC
-CVE-2014-0627 (The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before ...)
+CVE-2014-0627
 	NOT-FOR-US: EMC RSA
-CVE-2014-0626 (The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before ...)
+CVE-2014-0626
 	NOT-FOR-US: EMC RSA
-CVE-2014-0625 (The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC ...)
+CVE-2014-0625
 	NOT-FOR-US: EMC RSA
-CVE-2014-0624 (EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not ...)
+CVE-2014-0624
 	NOT-FOR-US: EMC RSA
-CVE-2014-0623 (Cross-site scripting (XSS) vulnerability in the Self-Service Console ...)
+CVE-2014-0623
 	NOT-FOR-US: EMC RSA
-CVE-2014-0622 (The web service in EMC Documentum Foundation Services (DFS) 6.5 ...)
+CVE-2014-0622
 	NOT-FOR-US: EMC Documentum Foundation Services
-CVE-2014-0621 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-0621
 	NOT-FOR-US: Technicolor TC7200 STD6.01.12
-CVE-2014-0620 (Multiple cross-site scripting (XSS) vulnerabilities in Technicolor ...)
+CVE-2014-0620
 	NOT-FOR-US: Technicolor TC7200 STD6.01.12
-CVE-2014-0619 (Untrusted search path vulnerability in Hamster Free ZIP Archiver ...)
+CVE-2014-0619
 	NOT-FOR-US: Hamster Free ZIP Archiver
-CVE-2014-0618 (Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R ...)
+CVE-2014-0618
 	NOT-FOR-US: SRX Services Gateways
-CVE-2014-0617 (Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before ...)
+CVE-2014-0617
 	NOT-FOR-US: SRX Services Gateways
-CVE-2014-0616 (Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before ...)
+CVE-2014-0616
 	NOT-FOR-US: Juniper JunOS
-CVE-2014-0615 (Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before ...)
+CVE-2014-0615
 	NOT-FOR-US: JunOS CLI
-CVE-2014-0614 (Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is ...)
+CVE-2014-0614
 	NOT-FOR-US: Juniper Junos
-CVE-2014-0613 (The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 ...)
+CVE-2014-0613
 	NOT-FOR-US: JunOS
-CVE-2014-0612 (Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before ...)
+CVE-2014-0612
 	NOT-FOR-US: Juniper Junos
-CVE-2014-0611 (Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in ...)
+CVE-2014-0611
 	NOT-FOR-US: Novell GroupWise
-CVE-2014-0610 (The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and ...)
+CVE-2014-0610
 	NOT-FOR-US: Novell GroupWise
-CVE-2014-0609 (Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 ...)
+CVE-2014-0609
 	NOT-FOR-US: Novell Open Enterprise Server
 CVE-2014-0608
 	RESERVED
-CVE-2014-0607 (Unrestricted file upload vulnerability in Attachmate Verastream ...)
+CVE-2014-0607
 	NOT-FOR-US: Attachmate Verastream Process Designer
 CVE-2014-0606
 	REJECTED
-CVE-2014-0605 (Directory traversal vulnerability in the rftpcom.dll ActiveX control ...)
+CVE-2014-0605
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-0604 (Directory traversal vulnerability in the rftpcom.dll ActiveX control ...)
+CVE-2014-0604
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-0603 (The rftpcom.dll ActiveX control in Attachmate Reflection FTP Client ...)
+CVE-2014-0603
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-0602 (Directory traversal vulnerability in the DumpToFile method in the ...)
+CVE-2014-0602
 	NOT-FOR-US: NetIQ Security Manager
 CVE-2014-0601
 	RESERVED
-CVE-2014-0600 (FileUploadServlet in the Administration service in Novell GroupWise ...)
+CVE-2014-0600
 	NOT-FOR-US: Novell GroupWise
-CVE-2014-0599 (Cross-site scripting (XSS) vulnerability in iPrint in Novell Open ...)
+CVE-2014-0599
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2014-0598 (Directory traversal vulnerability in iPrint in Novell Open Enterprise ...)
+CVE-2014-0598
 	NOT-FOR-US: Novell Open Enterprise Server
 CVE-2014-0597
 	RESERVED
 CVE-2014-0596
 	RESERVED
-CVE-2014-0595 (/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open ...)
+CVE-2014-0595
 	NOT-FOR-US: Novel OES
-CVE-2014-0594 (In the Open Build Service (OBS) before version 2.4.6 the CSRF ...)
+CVE-2014-0594
 	- open-build-service <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/openSUSE/open-build-service/commit/2188c059b67b82171d0e28ef59f77e62d22a09d8
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=870606
-CVE-2014-0593 (The set_version script as shipped with obs-service-set_version is a ...)
+CVE-2014-0593
 	NOT-FOR-US: script for OBS
-CVE-2014-0592 (Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used ...)
+CVE-2014-0592
 	NOT-FOR-US: Crowbar
-CVE-2014-0591 (The query_findclosestnsec3 function in query.c in named in ISC BIND ...)
+CVE-2014-0591
 	{DSA-3023-1 DLA-48-1}
 	- bind9 1:9.9.5.dfsg-2 (bug #735190)
 	NOTE: https://kb.isc.org/article/AA-01078
 	NOTE: https://kb.isc.org/article/AA-01085
-CVE-2014-0590 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-0590
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0589 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and ...)
+CVE-2014-0589
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0588 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 ...)
+CVE-2014-0588
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0587 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before ...)
+CVE-2014-0587
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0586 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-0586
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0585 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-0585
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0584 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-0584
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0583 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and ...)
+CVE-2014-0583
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0582 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and ...)
+CVE-2014-0582
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0581 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-0581
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0580 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before ...)
+CVE-2014-0580
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-0579
 	REJECTED
-CVE-2014-0578 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2014-0578
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0577 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-0577
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0576 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before ...)
+CVE-2014-0576
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-0575
 	REJECTED
-CVE-2014-0574 (Double free vulnerability in Adobe Flash Player before 13.0.0.252 and ...)
+CVE-2014-0574
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0573 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 ...)
+CVE-2014-0573
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0572 (Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 ...)
+CVE-2014-0572
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-0571 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 ...)
+CVE-2014-0571
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-0570 (Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion ...)
+CVE-2014-0570
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-0569 (Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and ...)
+CVE-2014-0569
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0568 (The NtSetInformationFile system call hook feature in Adobe Reader and ...)
+CVE-2014-0568
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0567 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-0567
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0566 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 ...)
+CVE-2014-0566
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0565 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 ...)
+CVE-2014-0565
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0564 (Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before ...)
+CVE-2014-0564
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0563 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 ...)
+CVE-2014-0563
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0562 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
+CVE-2014-0562
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0561 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-0561
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0560 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-0560
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0559 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and ...)
+CVE-2014-0559
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0558 (Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before ...)
+CVE-2014-0558
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0557 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0557
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0556 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and ...)
+CVE-2014-0556
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0555 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0555
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0554 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0554
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0553 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 ...)
+CVE-2014-0553
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0552 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0552
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0551 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0551
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0550 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0550
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0549 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0549
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0548 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0548
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0547 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before ...)
+CVE-2014-0547
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0546 (Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 ...)
+CVE-2014-0546
 	NOT-FOR-US: Adobe
-CVE-2014-0545 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on ...)
+CVE-2014-0545
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0544 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on ...)
+CVE-2014-0544
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0543 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on ...)
+CVE-2014-0543
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0542 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on ...)
+CVE-2014-0542
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0541 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on ...)
+CVE-2014-0541
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0540 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on ...)
+CVE-2014-0540
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0539 (Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on ...)
+CVE-2014-0539
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0538 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 ...)
+CVE-2014-0538
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0537 (Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on ...)
+CVE-2014-0537
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0536 (Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on ...)
+CVE-2014-0536
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0535 (Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on ...)
+CVE-2014-0535
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0534 (Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on ...)
+CVE-2014-0534
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0533 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2014-0533
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0532 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2014-0532
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0531 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2014-0531
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-0530
 	REJECTED
-CVE-2014-0529 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and ...)
+CVE-2014-0529
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0528 (Double free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-0528
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0527 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-0527
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0526 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 ...)
+CVE-2014-0526
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0525 (The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x ...)
+CVE-2014-0525
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0524 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 ...)
+CVE-2014-0524
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0523 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 ...)
+CVE-2014-0523
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0522 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 ...)
+CVE-2014-0522
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0521 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 ...)
+CVE-2014-0521
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0520 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before ...)
+CVE-2014-0520
 	NOT-FOR-US: Flash plugin
-CVE-2014-0519 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before ...)
+CVE-2014-0519
 	NOT-FOR-US: Flash plugin
-CVE-2014-0518 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before ...)
+CVE-2014-0518
 	NOT-FOR-US: Flash plugin
-CVE-2014-0517 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before ...)
+CVE-2014-0517
 	NOT-FOR-US: Flash plugin
-CVE-2014-0516 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before ...)
+CVE-2014-0516
 	NOT-FOR-US: Flash plugin
-CVE-2014-0515 (Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x ...)
+CVE-2014-0515
 	NOT-FOR-US: Flash plugin
-CVE-2014-0514 (The Adobe Reader Mobile application before 11.2 for Android does not ...)
+CVE-2014-0514
 	NOT-FOR-US: Adobe Reader Mobile application
-CVE-2014-0513 (Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and ...)
+CVE-2014-0513
 	NOT-FOR-US: Adobe Illustrator CS6
-CVE-2014-0512 (Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox ...)
+CVE-2014-0512
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0511 (Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote ...)
+CVE-2014-0511
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0510 (Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows ...)
+CVE-2014-0510
 	NOT-FOR-US: Flash plugin
-CVE-2014-0509 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before ...)
+CVE-2014-0509
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0508 (Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x ...)
+CVE-2014-0508
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0507 (Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x ...)
+CVE-2014-0507
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0506 (Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 ...)
+CVE-2014-0506
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0505 (Adobe Shockwave Player before 12.1.0.150 allows remote attackers to ...)
+CVE-2014-0505
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2014-0504 (Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x ...)
+CVE-2014-0504
 	NOT-FOR-US: Flash plugin
-CVE-2014-0503 (Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x ...)
+CVE-2014-0503
 	NOT-FOR-US: Flash plugin
-CVE-2014-0502 (Double free vulnerability in Adobe Flash Player before 11.7.700.269 ...)
+CVE-2014-0502
 	NOT-FOR-US: Flash plugin
-CVE-2014-0501 (Adobe Shockwave Player before 12.0.9.149 allows remote attackers to ...)
+CVE-2014-0501
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2014-0500 (Adobe Shockwave Player before 12.0.9.149 allows remote attackers to ...)
+CVE-2014-0500
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2014-0499 (Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x ...)
+CVE-2014-0499
 	NOT-FOR-US: Flash plugin
-CVE-2014-0498 (Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 ...)
+CVE-2014-0498
 	NOT-FOR-US: Flash plugin
-CVE-2014-0497 (Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x ...)
+CVE-2014-0497
 	NOT-FOR-US: Flash plugin
-CVE-2014-0496 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2014-0496
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0495 (Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on ...)
+CVE-2014-0495
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0494 (Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary ...)
+CVE-2014-0494
 	NOT-FOR-US: Adobe Digital Editions
-CVE-2014-0493 (Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on ...)
+CVE-2014-0493
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0492 (Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before ...)
+CVE-2014-0492
 	NOT-FOR-US: Flash plugin
-CVE-2014-0491 (Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before ...)
+CVE-2014-0491
 	NOT-FOR-US: Flash plugin
-CVE-2014-0490 (The apt-get download command in APT before 1.0.9 does not properly ...)
+CVE-2014-0490
 	{DSA-3025-1}
 	- apt 0.9.12
 	NOTE: fixed with commit http://anonscm.debian.org/cgit/apt/apt.git/commit/?id=d57f6084aaa3972073114973d149ea2291b36682
 	[squeeze] - apt <not-affected> (apt download command and vulnerable code not present)
-CVE-2014-0489 (APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, ...)
+CVE-2014-0489
 	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
-CVE-2014-0488 (APT before 1.0.9 does not &quot;invalidate repository data&quot; when moving ...)
+CVE-2014-0488
 	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
-CVE-2014-0487 (APT before 1.0.9 does not verify downloaded files if they have been ...)
+CVE-2014-0487
 	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
-CVE-2014-0486 (Knot DNS before 1.5.2 allows remote attackers to cause a denial of ...)
+CVE-2014-0486
 	- knot 1.5.2-1
-CVE-2014-0485 (S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which ...)
+CVE-2014-0485
 	{DSA-3013-1}
 	- s3ql 2.10.1+dfsg-4 (high)
-CVE-2014-0484 (The Debian acpi-support package before 0.140-5+deb7u3 allows local ...)
+CVE-2014-0484
 	{DSA-3020-1 DLA-49-1}
 	- acpi-support 0.142-4
-CVE-2014-0483 (The administrative interface (contrib.admin) in Django before 1.4.14, ...)
+CVE-2014-0483
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0482 (The contrib.auth.middleware.RemoteUserMiddleware middleware in Django ...)
+CVE-2014-0482
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0481 (The default configuration for the file upload handling system in ...)
+CVE-2014-0481
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0480 (The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x ...)
+CVE-2014-0480
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0479 (reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows ...)
+CVE-2014-0479
 	{DSA-2997-1 DLA-31-1}
 	- reportbug 6.5.0+nmu1
 	[squeeze] - reportbug 4.12.6+deb6u1
-CVE-2014-0478 (APT before 1.0.4 does not properly validate source packages, which ...)
+CVE-2014-0478
 	{DSA-2958-1 DLA-0005-1}
 	- apt 1.0.4 (bug #749795)
 	[squeeze] - apt 0.8.10.3+squeeze2
-CVE-2014-0477 (The parse function in Email::Address module before 1.905 for Perl uses ...)
+CVE-2014-0477
 	{DSA-2969-1 DLA-0011-1}
 	- libemail-address-perl 1.905-1
 	[squeeze] - libemail-address-perl 1.889-2+deb6u1
-CVE-2014-0476 (The slapper function in chkrootkit before 0.50 does not properly quote ...)
+CVE-2014-0476
 	{DSA-2945-1 DLA-0002-1}
 	- chkrootkit 0.49-5
 	[squeeze] - chkrootkit 0.49-4+deb6u1
-CVE-2014-0475 (Multiple directory traversal vulnerabilities in GNU C Library (aka ...)
+CVE-2014-0475
 	{DSA-2976-1 DLA-43-1}
 	- glibc 2.19-6
 	- eglibc <removed>
-CVE-2014-0474 (The (1) FilePathField, (2) GenericIPAddressField, and (3) ...)
+CVE-2014-0474
 	{DSA-2934-1}
 	- python-django 1.6.3-1
-CVE-2014-0473 (The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, ...)
+CVE-2014-0473
 	{DSA-2934-1}
 	- python-django 1.6.3-1
-CVE-2014-0472 (The django.core.urlresolvers.reverse function in Django before 1.4.11, ...)
+CVE-2014-0472
 	{DSA-2934-1}
 	- python-django 1.6.3-1
-CVE-2014-0471 (Directory traversal vulnerability in the unpacking functionality in ...)
+CVE-2014-0471
 	{DSA-2915-1}
 	- dpkg 1.17.8
-CVE-2014-0470 (super.c in Super 3.30.0 does not check the return value of the setuid ...)
+CVE-2014-0470
 	{DSA-2917-1}
 	- super 3.30.0-7
-CVE-2014-0469 (Stack-based buffer overflow in a certain Debian patch for xbuffy ...)
+CVE-2014-0469
 	{DSA-2921-1}
 	- xbuffy 3.3.bl.3.dfsg-9
 CVE-2014-0468
@@ -24383,581 +24383,581 @@ CVE-2014-0468
 	- fusionforge 5.3+20140506-1
 	[squeeze] - fusionforge <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html
-CVE-2014-0467 (Buffer overflow in copy.c in Mutt before 1.5.23 allows remote ...)
+CVE-2014-0467
 	{DSA-2874-1}
 	- mutt 1.5.22-2 (bug #708731)
-CVE-2014-0466 (The fixps script in a2ps 4.14 does not use the -dSAFER option when ...)
+CVE-2014-0466
 	{DSA-2892-1}
 	- a2ps 1:4.14-1.3 (bug #742902)
-CVE-2014-0465 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2014-0465
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0464 (Unspecified vulnerability in Oracle Java SE 8 allows remote attackers ...)
+CVE-2014-0464
 	- openjdk-7 <not-affected> (Only affects Java 8)
 	- openjdk-6 <not-affected> (Only affects Java 8)
-CVE-2014-0463 (Unspecified vulnerability in Oracle Java SE 8 allows remote attackers ...)
+CVE-2014-0463
 	- openjdk-7 <not-affected> (Only affects Java 8)
 	- openjdk-6 <not-affected> (Only affects Java 8)
-CVE-2014-0462 (Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux ...)
+CVE-2014-0462
 	{DSA-2912-1}
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0461 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-0461
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0460 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
+CVE-2014-0460
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0459 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE ...)
+CVE-2014-0459
 	{DSA-2923-1 DSA-2912-1}
 	- lcms <unfixed>
 	[squeeze] - lcms <no-dsa> (Minor issue)
 	[wheezy] - lcms <no-dsa> (Minor issue)
 	- lcms2 2.6-1 (low; bug #745471)
 	[wheezy] - lcms2 <no-dsa> (Minor issue)
-CVE-2014-0458 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-0458
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0457 (Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and ...)
+CVE-2014-0457
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0456 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-0456
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0455 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE ...)
+CVE-2014-0455
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-0454 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE ...)
+CVE-2014-0454
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-0453 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
+CVE-2014-0453
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0452 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-0452
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0451 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, ...)
+CVE-2014-0451
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0450 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+CVE-2014-0450
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0449 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
+CVE-2014-0449
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0448 (Unspecified vulnerability in Oracle Java SE 7u51 and 8 allows remote ...)
+CVE-2014-0448
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0447 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local ...)
+CVE-2014-0447
 	NOT-FOR-US: Solaris
-CVE-2014-0446 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, ...)
+CVE-2014-0446
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0445 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0445
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0444 (Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical ...)
+CVE-2014-0444
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0443 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0443
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0442 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows ...)
+CVE-2014-0442
 	NOT-FOR-US: Solaris
-CVE-2014-0441 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0441
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0440 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0440
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0439 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0439
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0438 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0438
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0437 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0437
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mysql-5.5 5.5.35+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0436 (Unspecified vulnerability in the Hyperion BI+ component in Oracle ...)
+CVE-2014-0436
 	NOT-FOR-US: Oracle
-CVE-2014-0435 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-0435
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0434 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
+CVE-2014-0434
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0433 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0433
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0432 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE ...)
+CVE-2014-0432
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2014-0431 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0431
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0430 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0430
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0429 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
+CVE-2014-0429
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0428 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2014-0428
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0427 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0427
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0426 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2014-0426
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0425 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Services ...)
+CVE-2014-0425
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0424 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2014-0424
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0423 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2014-0423
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0422 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2014-0422
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0421 (Unspecified vulnerability in Oracle Solaris 10, when running on the ...)
+CVE-2014-0421
 	NOT-FOR-US: Solaris
-CVE-2014-0420 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0420
 	{DSA-2848-1}
 	- mariadb-5.5 5.5.35-1
 	- mysql-5.5 5.5.35+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5 and 5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0419 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) ...)
+CVE-2014-0419
 	NOT-FOR-US: Oracle Secure Global Desktop
-CVE-2014-0418 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2014-0418
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0417 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2014-0417
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2014-0416 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2014-0416
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0415 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2014-0415
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0414 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2014-0414
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0413 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2014-0413
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0412 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0412
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mysql-5.5 5.5.35+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0411 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2014-0411
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0410 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2014-0410
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2014-0409
 	REJECTED
-CVE-2014-0408 (Unspecified vulnerability in Oracle Java SE 7u45, when running on OS ...)
+CVE-2014-0408
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 <not-affected> (Specific to MacOS X)
-CVE-2014-0407 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-0407
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2014-0406 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-0406
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2014-0405 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-0405
 	- virtualbox-guest-additions <removed> (bug #735410)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
 	- virtualbox-guest-additions-iso 4.3.10-1 (bug #735410)
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
-CVE-2014-0404 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2014-0404
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2014-0403 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2014-0403
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0402 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0402
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0401 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0401
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0400 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+CVE-2014-0400
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0399 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2014-0399
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0398 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2014-0398
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-0397 (Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 ...)
+CVE-2014-0397
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-0396 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0396
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0395 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0395
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0394 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0394
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0393 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0393
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0392 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+CVE-2014-0392
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0391 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2014-0391
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0390 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
+CVE-2014-0390
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-0389 (Unspecified vulnerability in Oracle iLearning 6.0 allows remote ...)
+CVE-2014-0389
 	NOT-FOR-US: Oracle iLearning
-CVE-2014-0388 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS Human ...)
+CVE-2014-0388
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0387 (Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, ...)
+CVE-2014-0387
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0386 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0386
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0385 (Unspecified vulnerability in Oracle Java SE 7u45, when installing on ...)
+CVE-2014-0385
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 <not-affected> (Specific to MacOS X)
-CVE-2014-0384 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+CVE-2014-0384
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0383 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2014-0383
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0382 (Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 ...)
+CVE-2014-0382
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-0381 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0381
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0380 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2014-0380
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0379 (Unspecified vulnerability in the Oracle Demantra Demand Management ...)
+CVE-2014-0379
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0378 (Unspecified vulnerability in the Spatial component in Oracle Database ...)
+CVE-2014-0378
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-0377 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2014-0377
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-0376 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; ...)
+CVE-2014-0376
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0375 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
+CVE-2014-0375
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0374 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+CVE-2014-0374
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0373 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, ...)
+CVE-2014-0373
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0372 (Unspecified vulnerability in the Oracle Demantra Demand Management ...)
+CVE-2014-0372
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0371 (Unspecified vulnerability in the Oracle Demantra Demand Management ...)
+CVE-2014-0371
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0370 (Unspecified vulnerability in the Siebel Life Sciences component in ...)
+CVE-2014-0370
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-0369 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2014-0369
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-0368 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, ...)
+CVE-2014-0368
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0367 (Unspecified vulnerability in the Hyperion Essbase Administration ...)
+CVE-2014-0367
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-0366 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2014-0366
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2014-0365
 	RESERVED
-CVE-2014-0364 (The ParseRoster component in the Ignite Realtime Smack XMPP API before ...)
+CVE-2014-0364
 	NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
-CVE-2014-0363 (The ServerTrustManager component in the Ignite Realtime Smack XMPP API ...)
+CVE-2014-0363
 	NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
-CVE-2014-0362 (Cross-site scripting (XSS) vulnerability on Google Search Appliance ...)
+CVE-2014-0362
 	NOT-FOR-US: Google Search Appliance
-CVE-2014-0361 (The default configuration of IBM 4690 OS, as used in Toshiba Global ...)
+CVE-2014-0361
 	NOT-FOR-US: IBM
 CVE-2014-0360
 	REJECTED
-CVE-2014-0359 (Xangati XSR before 11 and XNR before 7 allows remote attackers to ...)
+CVE-2014-0359
 	NOT-FOR-US: Xangati
-CVE-2014-0358 (Multiple directory traversal vulnerabilities in Xangati XSR before 11 ...)
+CVE-2014-0358
 	NOT-FOR-US: Xangati
-CVE-2014-0357 (Amtelco miSecureMessages allows remote attackers to read the messages ...)
+CVE-2014-0357
 	NOT-FOR-US: Amtelco miSecureMessages
-CVE-2014-0356 (The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware ...)
+CVE-2014-0356
 	NOT-FOR-US: ZyXEL
-CVE-2014-0355 (Multiple stack-based buffer overflows on the ZyXEL Wireless N300 ...)
+CVE-2014-0355
 	NOT-FOR-US: ZyXEL
-CVE-2014-0354 (The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware ...)
+CVE-2014-0354
 	NOT-FOR-US: ZyXEL
-CVE-2014-0353 (The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware ...)
+CVE-2014-0353
 	NOT-FOR-US: ZyXEL
 CVE-2014-0352
 	REJECTED
-CVE-2014-0351 (The FortiManager protocol service in Fortinet FortiOS before 4.3.16 ...)
+CVE-2014-0351
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2014-0350 (The Poco::Net::X509Certificate::verify method in the NetSSL library in ...)
+CVE-2014-0350
 	{DLA-1239-1}
 	- poco 1.3.6p1-5 (low; bug #746637)
 	[squeeze] - poco <no-dsa> (Minor issue)
-CVE-2014-0349 (Multiple unspecified vulnerabilities in J2k-Codec allow remote ...)
+CVE-2014-0349
 	NOT-FOR-US: J2k-Codec
-CVE-2014-0348 (The Artiva Agency Single Sign-On (SSO) implementation in Artiva ...)
+CVE-2014-0348
 	NOT-FOR-US: Artiva
-CVE-2014-0347 (The Settings module in Websense Triton Unified Security Center 7.7.3 ...)
+CVE-2014-0347
 	NOT-FOR-US: Websense Triton Unified Security Center
 CVE-2014-0346
 	REJECTED
 CVE-2014-0345
 	RESERVED
-CVE-2014-0344 (Properties.do in ZOHO ManageEngine OpStor before build 8500 does not ...)
+CVE-2014-0344
 	NOT-FOR-US: ZOHO ManageEngine OpStor
-CVE-2014-0343 (The web interface on Virtual Access GW6110A routers with software 9.00 ...)
+CVE-2014-0343
 	NOT-FOR-US: GW6110A routers
-CVE-2014-0342 (Multiple unrestricted file upload vulnerabilities in fileupload.php in ...)
+CVE-2014-0342
 	NOT-FOR-US: PivotX
-CVE-2014-0341 (Multiple cross-site scripting (XSS) vulnerabilities in PivotX before ...)
+CVE-2014-0341
 	NOT-FOR-US: PivotX
 CVE-2014-0340
 	RESERVED
-CVE-2014-0339 (Cross-site scripting (XSS) vulnerability in view.cgi in Webmin before ...)
+CVE-2014-0339
 	NOT-FOR-US: Webmin
-CVE-2014-0338 (Multiple cross-site scripting (XSS) vulnerabilities in the firewall ...)
+CVE-2014-0338
 	NOT-FOR-US: WatchGuard Fireware XTM
-CVE-2014-0337 (Cross-site scripting (XSS) vulnerability in the web interface on ...)
+CVE-2014-0337
 	NOT-FOR-US: Huawei Echo Life HG8247
-CVE-2014-0336 (Cross-site request forgery (CSRF) vulnerability in the web client in ...)
+CVE-2014-0336
 	NOT-FOR-US: Serena Dimensions CM
-CVE-2014-0335 (Multiple cross-site scripting (XSS) vulnerabilities in the web client ...)
+CVE-2014-0335
 	NOT-FOR-US: Serena Dimensions CM
-CVE-2014-0334 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
+CVE-2014-0334
 	NOT-FOR-US: CMS Made Simple
-CVE-2014-0333 (The png_push_read_chunk function in pngpread.c in the progressive ...)
+CVE-2014-0333
 	- libpng <not-affected> (Only affects libpng 1.6.0 through 1.6.9)
 	- libpng1.6 1.6.10-1
-CVE-2014-0332 (Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL ...)
+CVE-2014-0332
 	NOT-FOR-US: Dell SonicWALL GMS
-CVE-2014-0331 (Cross-site scripting (XSS) vulnerability in the web administration ...)
+CVE-2014-0331
 	NOT-FOR-US: Fortinet NGFW
-CVE-2014-0330 (Cross-site scripting (XSS) vulnerability in adminui/user_list.php on ...)
+CVE-2014-0330
 	NOT-FOR-US: Dell KACE K1000 management appliance
-CVE-2014-0329 (The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded ...)
+CVE-2014-0329
 	NOT-FOR-US: TELNET service on the ZTE ZXV10 W300 router
-CVE-2014-0328 (The thraneLINK protocol implementation on Cobham devices does not ...)
+CVE-2014-0328
 	NOT-FOR-US: Cobham
-CVE-2014-0327 (The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and ...)
+CVE-2014-0327
 	NOT-FOR-US: Pilot Below Deck Equipment and OpenPort implementations on Iridium satellite terminals
-CVE-2014-0326 (The Pilot Below Deck Equipment (BDE) and OpenPort implementations on ...)
+CVE-2014-0326
 	NOT-FOR-US: Pilot Below Deck Equipment and OpenPort implementations on Iridium satellite terminals
-CVE-2014-0325 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2014-0325
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0324 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-0324
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0323 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2014-0323
 	NOT-FOR-US: Microsoft
-CVE-2014-0322 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 ...)
+CVE-2014-0322
 	NOT-FOR-US: Microsoft Internet Explorer 10
-CVE-2014-0321 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-0321
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-0320
 	REJECTED
-CVE-2014-0319 (Microsoft Silverlight 5 before 5.1.30214.0 and Silverlight 5 Developer ...)
+CVE-2014-0319
 	NOT-FOR-US: Microsoft
-CVE-2014-0318 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2014-0318
 	NOT-FOR-US: Microsoft
-CVE-2014-0317 (The Security Account Manager Remote (SAMR) protocol implementation in ...)
+CVE-2014-0317
 	NOT-FOR-US: Microsoft
-CVE-2014-0316 (Memory leak in the Local RPC (LRPC) server implementation in Microsoft ...)
+CVE-2014-0316
 	NOT-FOR-US: Microsoft
-CVE-2014-0315 (Untrusted search path vulnerability in Microsoft Windows XP SP2 and ...)
+CVE-2014-0315
 	NOT-FOR-US: Microsoft
-CVE-2014-0314 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2014-0314
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0313 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2014-0313
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0312 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-0312
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0311 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0311
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0310 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0310
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0309 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2014-0309
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0308 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-0308
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0307 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+CVE-2014-0307
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0306 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2014-0306
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0305 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0305
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0304 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-0304
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0303 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-0303
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0302 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-0302
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0301 (Double free vulnerability in qedit.dll in DirectShow in Microsoft ...)
+CVE-2014-0301
 	NOT-FOR-US: Microsoft
-CVE-2014-0300 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+CVE-2014-0300
 	NOT-FOR-US: Microsoft
-CVE-2014-0299 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0299
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0298 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-0298
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0297 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-0297
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0296 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2014-0296
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-0295 (VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not ...)
+CVE-2014-0295
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2014-0294 (Microsoft Forefront Protection 2010 for Exchange Server does not ...)
+CVE-2014-0294
 	NOT-FOR-US: Microsoft Forefront Protection
-CVE-2014-0293 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-0293
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-0292
 	REJECTED
 CVE-2014-0291
 	REJECTED
-CVE-2014-0290 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-0290
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0289 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-0289
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0288 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-0288
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0287 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-0287
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0286 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0286
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0285 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0285
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0284 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2014-0284
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0283 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2014-0283
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0282 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0282
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0281 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2014-0281
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0280 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2014-0280
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0279 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-0279
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0278 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-0278
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0277 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2014-0277
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0276 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2014-0276
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0275 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2014-0275
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0274 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-0274
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0273 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-0273
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0272 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ...)
+CVE-2014-0272
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0271 (The VBScript engine in Microsoft Internet Explorer 6 through 11, and ...)
+CVE-2014-0271
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0270 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2014-0270
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0269 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2014-0269
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0268 (Microsoft Internet Explorer 8 through 11 does not properly restrict ...)
+CVE-2014-0268
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0267 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2014-0267
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0266 (The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft ...)
+CVE-2014-0266
 	NOT-FOR-US: Microsoft
 CVE-2014-0265
 	REJECTED
 CVE-2014-0264
 	REJECTED
-CVE-2014-0263 (The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server ...)
+CVE-2014-0263
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-0262 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and ...)
+CVE-2014-0262
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-0261 (Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows ...)
+CVE-2014-0261
 	NOT-FOR-US: Microsoft Dynamics
-CVE-2014-0260 (Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 ...)
+CVE-2014-0260
 	NOT-FOR-US: Microsoft Office
-CVE-2014-0259 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...)
+CVE-2014-0259
 	NOT-FOR-US: Microsoft Office
-CVE-2014-0258 (Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, ...)
+CVE-2014-0258
 	NOT-FOR-US: Microsoft Office
-CVE-2014-0257 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, ...)
+CVE-2014-0257
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2014-0256 (Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold ...)
+CVE-2014-0256
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2014-0255 (Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and ...)
+CVE-2014-0255
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2014-0254 (The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, ...)
+CVE-2014-0254
 	NOT-FOR-US: Microsoft
-CVE-2014-0253 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and ...)
+CVE-2014-0253
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2014-0252
 	REJECTED
-CVE-2014-0251 (Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 ...)
+CVE-2014-0251
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2014-0250 (Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP ...)
+CVE-2014-0250
 	- freerdp 1.1.0~git20140809.1.b07a5c1+dfsg-1 (unimportant; bug #749585)
 	NOTE: A malicious RDP server has many more ways to mess with an RDP client
-CVE-2014-0249 (The System Security Services Daemon (SSSD) 1.11.6 does not properly ...)
+CVE-2014-0249
 	- sssd 1.11.7-1 (low; bug #749569)
 	[jessie] - sssd <no-dsa> (Minor issue)
 	[squeeze] - sssd <no-dsa> (Minor issue)
 	[wheezy] - sssd <no-dsa> (Minor issue)
-CVE-2014-0248 (org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework ...)
+CVE-2014-0248
 	NOT-FOR-US: JBoss Seam
-CVE-2014-0247 (LibreOffice 4.2.4 executes unspecified VBA macros automatically, which ...)
+CVE-2014-0247
 	- libreoffice 1:4.2.5-1
 	[wheezy] - libreoffice <not-affected> (vulnerable code not present)
-CVE-2014-0246 (SOSreport stores the md5 hash of the GRUB bootloader password in an ...)
+CVE-2014-0246
 	- sosreport <unfixed> (unimportant; bug #749568)
 	NOTE: Non-issue, see https://bugzilla.redhat.com/show_bug.cgi?id=1101393#c5
 CVE-2014-0245
 	RESERVED
 	NOT-FOR-US: GateIn
-CVE-2014-0244 (The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x ...)
+CVE-2014-0244
 	{DSA-2966-1}
 	- samba 2:4.1.9+dfsg-1
 	[squeeze] - samba <not-affected> (Only affects 3.6 and later)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2014-0244
-CVE-2014-0243 (Check_MK through 1.2.5i2p1 allows local users to read arbitrary files ...)
+CVE-2014-0243
 	- check-mk <not-affected> (Vulnerable code not present)
 	NOTE: https://www.lsexperts.de/advisories/lse-2014-05-21.txt
 CVE-2014-0242 [information disclosure via Content-Type response header]
@@ -24968,32 +24968,32 @@ CVE-2014-0242 [information disclosure via Content-Type response header]
 CVE-2014-0241
 	RESERVED
 	NOT-FOR-US: hammer_cli_foreman ruby gem
-CVE-2014-0240 (The mod_wsgi module before 3.5 for Apache, when daemon mode is ...)
+CVE-2014-0240
 	{DSA-2937-1}
 	- mod-wsgi 3.5-1 (bug #748910)
 	NOTE: https://github.com/GrahamDumpleton/mod_wsgi/commit/d9d5fea585b23991f76532a9b07de7fcd3b649f4
 	NOTE: only when running with linux >= 2.6.0 and < 3.1.0
-CVE-2014-0239 (The internal DNS server in Samba 4.x before 4.0.18 does not check the ...)
+CVE-2014-0239
 	- samba 2:4.1.8+dfsg-1 (bug #749845)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	[squeeze] - samba <not-affected> (AD feature not present)
 	[wheezy] - samba <not-affected> (AD feature not present)
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
-CVE-2014-0238 (The cdf_read_property_info function in cdf.c in the Fileinfo component ...)
+CVE-2014-0238
 	{DSA-3021-1 DSA-2943-1 DLA-145-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0
 	- php5 5.6.0~beta4+dfsg-1 (low)
 	NOTE: https://bugs.php.net/bug.php?id=67327
-CVE-2014-0237 (The cdf_unpack_summary_info function in cdf.c in the Fileinfo ...)
+CVE-2014-0237
 	{DSA-3021-1 DSA-2943-1 DLA-145-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
 	- php5 5.6.0~beta4+dfsg-1 (low)
 	NOTE: https://bugs.php.net/bug.php?id=67328
-CVE-2014-0236 (file before 5.18, as used in the Fileinfo component in PHP before ...)
+CVE-2014-0236
 	- file 1:5.19-1
 	[wheezy] - file <not-affected> (Introduced in 5.18)
 	[squeeze] - file <not-affected> (Introduced in 5.18)
@@ -25006,14 +25006,14 @@ CVE-2014-0235
 CVE-2014-0234
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0233 (Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow ...)
+CVE-2014-0233
 	NOT-FOR-US: OpenShift
-CVE-2014-0232 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-0232
 	NOT-FOR-US: Apache OFBiz
-CVE-2014-0231 (The mod_cgid module in the Apache HTTP Server before 2.4.10 does not ...)
+CVE-2014-0231
 	{DSA-2989-1 DLA-66-1}
 	- apache2 2.4.10-1
-CVE-2014-0230 (Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before ...)
+CVE-2014-0230
 	{DSA-3530-1 DLA-232-1}
 	- tomcat6 6.0.41-3 (bug #785316)
 	- tomcat7 7.0.55-1
@@ -25022,11 +25022,11 @@ CVE-2014-0230 (Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x befor
 	NOTE: tomcat6 in jessie only builds the servlet API classes
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1603781 (7.x)
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1659537 (6.x)
-CVE-2014-0229 (Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in ...)
+CVE-2014-0229
 	NOT-FOR-US: Hadoop as packaged by Cloudera
-CVE-2014-0228 (Apache Hive before 0.13.1, when in SQL standards based authorization ...)
+CVE-2014-0228
 	NOT-FOR-US: Apache Hive
-CVE-2014-0227 (java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in ...)
+CVE-2014-0227
 	{DSA-3530-1 DLA-232-1}
 	- tomcat6 6.0.41-3 (bug #785312)
 	NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1603628 (6.x)
@@ -25037,60 +25037,60 @@ CVE-2014-0227 (java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in
 	- tomcat8 8.0.9-1
 	NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1600984 (8.x)
 	NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1601332 (8.x)
-CVE-2014-0226 (Race condition in the mod_status module in the Apache HTTP Server ...)
+CVE-2014-0226
 	{DSA-2989-1 DLA-66-1}
 	- apache2 2.4.10-1
-CVE-2014-0225 (When processing user provided XML documents, the Spring Framework ...)
+CVE-2014-0225
 	- libspring-java 3.0.6.RELEASE-14 (low; bug #753470)
 	[squeeze] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
-CVE-2014-0224 (OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h ...)
+CVE-2014-0224
 	{DSA-2950-1 DLA-0008-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
-CVE-2014-0223 (Integer overflow in the qcow_open function in block/qcow.c in QEMU ...)
+CVE-2014-0223
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-6 (bug #742730)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
-CVE-2014-0222 (Integer overflow in the qcow_open function in block/qcow.c in QEMU ...)
+CVE-2014-0222
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-6 (bug #742730)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
-CVE-2014-0221 (The dtls1_get_message_fragment function in d1_both.c in OpenSSL before ...)
+CVE-2014-0221
 	{DSA-2950-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
-CVE-2014-0220 (Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote ...)
+CVE-2014-0220
 	NOT-FOR-US: Cloudera Manager
-CVE-2014-0219 (Apache Karaf before 4.0.10 enables a shutdown port on the loopback ...)
+CVE-2014-0219
 	- apache-karaf <itp> (bug #881297)
-CVE-2014-0218 (Cross-site scripting (XSS) vulnerability in the URL downloader ...)
+CVE-2014-0218
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45332
-CVE-2014-0217 (enrol/index.php in Moodle 2.6.x before 2.6.3 does not check for the ...)
+CVE-2014-0217
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45126
-CVE-2014-0216 (The My Home implementation in the block_html_pluginfile function in ...)
+CVE-2014-0216
 	- moodle 2.6.3-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877
-CVE-2014-0215 (The blind-marking implementation in Moodle through 2.3.11, 2.4.x ...)
+CVE-2014-0215
 	- moodle 2.6.3-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44750
-CVE-2014-0214 (login/token.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x ...)
+CVE-2014-0214
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119
-CVE-2014-0213 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-0213
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44606
@@ -25100,20 +25100,20 @@ CVE-2014-0212 [on-demand ACL policy loading enables a denial of service by consu
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
 	NOTE: Upstream issue: https://issues.apache.org/jira/browse/QPID-4938
 	NOTE: Commit which does no longer build acl support only as plugin: https://svn.apache.org/viewvc?view=revision&revision=r1494697
-CVE-2014-0211 (Multiple integer overflows in the (1) fs_get_reply, (2) ...)
+CVE-2014-0211
 	{DSA-2927-1}
 	- libxfont 1:1.4.7-2 (unimportant)
 	NOTE: unimportant, as source affected but libxfont has disabled support to connect to font server since 1:1.4.7-1
-CVE-2014-0210 (Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x ...)
+CVE-2014-0210
 	{DSA-2927-1}
 	- libxfont 1:1.4.7-2 (unimportant)
 	NOTE: unimportant, as source affected but libxfont has disabled support to connect to font server since 1:1.4.7-1
-CVE-2014-0209 (Multiple integer overflows in the (1) FontFileAddEntry and (2) ...)
+CVE-2014-0209
 	{DSA-2927-1}
 	- libxfont 1:1.4.7-2
-CVE-2014-0208 (Cross-site scripting (XSS) vulnerability in the search auto-completion ...)
+CVE-2014-0208
 	- foreman <itp> (bug #663101)
-CVE-2014-0207 (The cdf_read_short_sector function in cdf.c in file before 5.19, as ...)
+CVE-2014-0207
 	{DSA-3021-1 DSA-2974-1 DLA-27-1 DLA-0018-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -25121,37 +25121,37 @@ CVE-2014-0207 (The cdf_read_short_sector function in cdf.c in file before 5.19,
 	- php5 5.6.0~beta4+dfsg-1
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67326
-CVE-2014-0206 (Array index error in the aio_read_events_ring function in fs/aio.c in ...)
+CVE-2014-0206
 	- linux 3.14.10-1
 	[wheezy] - linux <not-affected> (introduced by a31ad380bed817aa25f8830ad23e1a0480fef797)
 	- linux-2.6 <not-affected> (introduced by a31ad380bed817aa25f8830ad23e1a0480fef797)
 	NOTE: Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a31ad380bed817aa25f8830ad23e1a0480fef797 (v3.10)
 	NOTE: Upstream patches: https://lkml.org/lkml/2014/6/24/619 https://lkml.org/lkml/2014/6/24/623
-CVE-2014-0205 (The futex_wait function in kernel/futex.c in the Linux kernel before ...)
+CVE-2014-0205
 	- linux 2.6.37
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 2.6.32-28
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7ada876a8703f23befbb20a7465a702ee39b1704 (v2.6.37)
 	NOTE: https://lkml.org/lkml/2010/9/16/99
 	NOTE: Introduced in f801073f87aa2 (around 2.6.31) according to SuSE Bugzilla
-CVE-2014-0204 (OpenStack Identity (Keystone) before 2014.1.1 does not properly handle ...)
+CVE-2014-0204
 	- keystone 2014.1-5 (bug #749026)
 	[wheezy] - keystone <not-affected>
-CVE-2014-0203 (The __do_follow_link function in fs/namei.c in the Linux kernel before ...)
+CVE-2014-0203
 	{DLA-0015-1}
 	- linux 2.6.33-1
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=86acdca1b63e6890540fa19495cfc708beff3d8b (v2.6.33)
-CVE-2014-0202 (The setup script in ovirt-engine-dwh, as used in the Red Hat ...)
+CVE-2014-0202
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0201 (ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization ...)
+CVE-2014-0201
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0200 (The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) ...)
+CVE-2014-0200
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0199 (The setup script in ovirt-engine-reports, as used in the Red Hat ...)
+CVE-2014-0199
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0198 (The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, ...)
+CVE-2014-0198
 	{DSA-2931-1}
 	- openssl 1.0.1g-4 (bug #747432)
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
@@ -25159,53 +25159,53 @@ CVE-2014-0198 (The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0
 CVE-2014-0197
 	RESERVED
 	NOT-FOR-US: CloudForms Management Engine
-CVE-2014-0196 (The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel ...)
+CVE-2014-0196
 	{DSA-2928-1 DSA-2926-1}
 	- linux 3.14.4-1 (bug #747166)
 	- linux-2.6 <removed>
 	NOTE: PoC: http://pastebin.com/yTSFUBgZ
-CVE-2014-0195 (The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before ...)
+CVE-2014-0195
 	{DSA-2950-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-0194
 	REJECTED
-CVE-2014-0193 (WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before ...)
+CVE-2014-0193
 	- netty <not-affected> (WebSocket08FrameDecoder function not present; bug #746639)
-CVE-2014-0192 (Foreman 1.4.0 before 1.5.0 does not properly restrict access to ...)
+CVE-2014-0192
 	- foreman <itp> (bug #663101)
-CVE-2014-0191 (The xmlParserHandlePEReference function in parser.c in libxml2 before ...)
+CVE-2014-0191
 	{DSA-2978-2 DLA-151-1}
 	- libxml2 2.9.1+dfsg1-4 (bug #747309)
 	NOTE: The upstream patch we used in DSA-2978-1 and DLA-16-1 is only half of the fix. The other half is likely https://git.gnome.org/browse/libxml2/commit/?id=4629ee02ac649c27f9c0cf98ba017c6b5526070f which is only in libxml 2.9 and newer. This was found out with the test case given in https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-8935085.
 	NOTE: First patches: https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df https://git.gnome.org/browse/libxml2/commit/?id=dd8367da17c2948981a51e52c8a6beb445edf825
-CVE-2014-0190 (The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to ...)
+CVE-2014-0190
 	- qt4-x11 4:4.8.6+dfsg-1 (low)
 	[wheezy] - qt4-x11 <no-dsa> (Minor issue)
 	[squeeze] - qt4-x11 <no-dsa> (Minor issue)
 	NOTE: https://qt.gitorious.org/qt/qtbase/commit/eb1325047f2697d24e93ebaf924900affc876bc1
 	NOTE: Possible squeeze backport in http://lists.debian.org/54ca4d0c.4696420a.0f32.4d29@mx.google.com
-CVE-2014-0189 (virt-who uses world-readable permissions for /etc/sysconfig/virt-who, ...)
+CVE-2014-0189
 	NOT-FOR-US: RedHat virt-who
-CVE-2014-0188 (The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, ...)
+CVE-2014-0188
 	NOT-FOR-US: OpenShift
-CVE-2014-0187 (The openvswitch-agent process in OpenStack Neutron 2013.1 before ...)
+CVE-2014-0187
 	- neutron 2014.1.2-1
 	NOTE: https://review.openstack.org/gitweb?p=openstack%2Fneutron.git;a=commitdiff;h=68a24e5f908412b83ca7c3f2d2d2014678e79570
 	NOTE: https://review.openstack.org/gitweb?p=openstack%2Fneutron.git;a=commitdiff;h=42a8539d497322716df0150c2123befd246d69d8
-CVE-2014-0186 (A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise ...)
+CVE-2014-0186
 	- tomcat7 <not-affected> (RHEL-specific regression)
-CVE-2014-0185 (sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP ...)
+CVE-2014-0185
 	{DSA-2943-1}
 	- php5 5.5.12+dfsg-1
 	[squeeze] - php5 <not-affected> (FPM SAPI only enabled in 5.3.5-1)
 	NOTE: https://bugs.php.net/bug.php?id=67060
-CVE-2014-0184 (Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 logs ...)
+CVE-2014-0184
 	NOT-FOR-US: RedHat CloudForms Management Engine
 CVE-2014-0183
 	RESERVED
 	NOT-FOR-US: Katello
-CVE-2014-0182 (Heap-based buffer overflow in the virtio_load function in ...)
+CVE-2014-0182
 	- qemu 2.1+dfsg-1 (bug #739589)
 	- qemu-kvm <removed>
 	[wheezy] - qemu <no-dsa> (Too intrusive to backport, minor risk)
@@ -25214,102 +25214,102 @@ CVE-2014-0182 (Heap-based buffer overflow in the virtio_load function in ...)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Fix: http://git.qemu.org/?p=qemu.git;a=commit;h=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc
 	NOTE: Regression fix needed: http://git.qemu.org/?p=qemu.git;a=commit;h=2f5732e9648fcddc8759a8fd25c0b41a38352be6
-CVE-2014-0181 (The Netlink implementation in the Linux kernel through 3.14.1 does not ...)
+CVE-2014-0181
 	- linux 3.14.9-1 (bug #746738)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport to 2.6.32)
 	[wheezy] - linux <no-dsa> (Too intrusive to backport to 3.2)
-CVE-2014-0180 (The wait_for_task function in ...)
+CVE-2014-0180
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0179 (libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a ...)
+CVE-2014-0179
 	{DSA-3038-1}
 	- libvirt 1.2.4-1 (unimportant)
 	NOTE: no ACL mechanism in squeeze and wheezy and all access is root-equivalent
 	NOTE: LSN-2014-0003: https://www.redhat.com/archives/libvir-list/2014-May/msg00209.html
-CVE-2014-0178 (Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before ...)
+CVE-2014-0178
 	{DSA-2966-1}
 	- samba 2:4.1.8+dfsg-1 (low)
 	[squeeze] - samba <not-affected> (Vulnerable code not present)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: server packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
-CVE-2014-0177 (The am function in lib/hub/commands.rb in hub before 1.12.1 allows ...)
+CVE-2014-0177
 	NOT-FOR-US: Github client
-CVE-2014-0176 (Cross-site scripting (XSS) vulnerability in application/panel_control ...)
+CVE-2014-0176
 	NOT-FOR-US: RedHat CloudForms Management Engine
 CVE-2014-0175 [default password set at install]
 	RESERVED
 	- mcollective <unfixed> (unimportant)
 	NOTE: Password rotation is documented in README.Debian
-CVE-2014-0174 (Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG ...)
+CVE-2014-0174
 	NOT-FOR-US: Cumin
-CVE-2014-0173 (The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x ...)
+CVE-2014-0173
 	NOT-FOR-US: WordPress plugin Jetpack
-CVE-2014-0172 (Integer overflow in the check_section function in dwarf_begin_elf.c in ...)
+CVE-2014-0172
 	- elfutils 0.158-1 (low; bug #744017)
 	[squeeze] - elfutils <not-affected> (Affected code introduced in 0.153)
 	[wheezy] - elfutils <not-affected> (Affected code introduced in 0.153)
-CVE-2014-0171 (XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in ...)
+CVE-2014-0171
 	NOT-FOR-US: Odata4j
-CVE-2014-0170 (Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data ...)
+CVE-2014-0170
 	NOT-FOR-US: Teiid
 CVE-2014-0169
 	RESERVED
 	NOT-FOR-US: JBoss EAP
-CVE-2014-0168 (Cross-site request forgery (CSRF) vulnerability in Jolokia before ...)
+CVE-2014-0168
 	NOT-FOR-US: Jolokia
-CVE-2014-0167 (The Nova EC2 API security group implementation in OpenStack Compute ...)
+CVE-2014-0167
 	- nova 2013.2.3-1 (bug #744051)
 	[wheezy] - nova <not-affected> (Only affects 2013.1 to 2013.2.3)
-CVE-2014-0166 (The wp_validate_auth_cookie function in wp-includes/pluggable.php in ...)
+CVE-2014-0166
 	{DSA-2901-1}
 	- wordpress 3.8.2+dfsg-1 (bug #744018)
-CVE-2014-0165 (WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote ...)
+CVE-2014-0165
 	{DSA-2901-1}
 	- wordpress 3.8.2+dfsg-1 (bug #744018)
-CVE-2014-0164 (openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise ...)
+CVE-2014-0164
 	- mcollective 1.2.1+dfsg-2
 CVE-2014-0163
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0162 (The Sheepdog backend in OpenStack Image Registry and Delivery Service ...)
+CVE-2014-0162
 	- glance 2014.1-1
 	[wheezy] - glance <not-affected> (Only affects 2013.2 to 2013.2.3)
 CVE-2014-0161
 	RESERVED
 	NOT-FOR-US: ovirt-engine-sdk-python
-CVE-2014-0160 (The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before ...)
+CVE-2014-0160
 	{DSA-2896-1}
 	- openssl 1.0.1g-1 (bug #743883)
 	[squeeze] - openssl <not-affected> (vulnerable code introduced in upstream commit 4817504)
 	NOTE: fix: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db902
 	NOTE: http://www.openssl.org/news/secadv/20140407.txt
 	NOTE: system reboot is recommended after the upgrade
-CVE-2014-0159 (Buffer overflow in the GetStatistics64 remote procedure call (RPC) in ...)
+CVE-2014-0159
 	{DSA-2899-1}
 	- openafs 1.6.7-1
-CVE-2014-0157 (Cross-site scripting (XSS) vulnerability in the Horizon Orchestration ...)
+CVE-2014-0157
 	- horizon 2013.2.3-1 (bug #744019)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 CVE-2014-0156
 	RESERVED
-CVE-2014-0155 (The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel ...)
+CVE-2014-0155
 	- linux 3.14.4-1 (low)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60
-CVE-2014-0154 (oVirt Engine before 3.5.0 does not include the HTTPOnly flag in a ...)
+CVE-2014-0154
 	NOT-FOR-US: oVirt web admin interface
-CVE-2014-0153 (The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 ...)
+CVE-2014-0153
 	NOT-FOR-US: oVirt REST API
-CVE-2014-0152 (Session fixation vulnerability in the web admin interface in oVirt ...)
+CVE-2014-0152
 	NOT-FOR-US: oVirt web admin interface
-CVE-2014-0151 (Cross-site request forgery (CSRF) vulnerability in oVirt Engine before ...)
+CVE-2014-0151
 	NOT-FOR-US: ovirt
-CVE-2014-0150 (Integer overflow in the virtio_net_handle_mac function in ...)
+CVE-2014-0150
 	{DSA-2910-1 DSA-2909-1}
 	- qemu 1.7.0+dfsg-8 (bug #744221)
 	- qemu-kvm <removed>
-CVE-2014-0149 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss ...)
+CVE-2014-0149
 	NOT-FOR-US: JBoss Seam
 CVE-2014-0148
 	RESERVED
@@ -25324,14 +25324,14 @@ CVE-2014-0147
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0146 (The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 ...)
+CVE-2014-0146
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=11b128f4062dd7f89b14abc8877ff20d41b28be9
-CVE-2014-0145 (Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, ...)
+CVE-2014-0145
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
@@ -25344,117 +25344,117 @@ CVE-2014-0144
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0143 (Multiple integer overflows in the block drivers in QEMU, possibly ...)
+CVE-2014-0143
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0142 (QEMU, possibly before 2.0.0, allows local users to cause a denial of ...)
+CVE-2014-0142
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0141 (Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3. ...)
+CVE-2014-0141
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-0140 (Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows ...)
+CVE-2014-0140
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-0139 (cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, ...)
+CVE-2014-0139
 	{DSA-2902-1}
 	- curl 7.36.0-1 (bug #742728)
 	NOTE: http://curl.haxx.se/libcurl-reject-cert-ip-wildcards.patch
-CVE-2014-0138 (The default configuration in cURL and libcurl 7.10.6 before 7.36.0 ...)
+CVE-2014-0138
 	{DSA-2902-1}
 	- curl 7.36.0-1 (bug #742728)
 	NOTE: http://curl.haxx.se/libcurl-bad-reuse.patch
-CVE-2014-0137 (SQL injection vulnerability in the saved_report_delete action in the ...)
+CVE-2014-0137
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0136 (The (1) get and (2) log methods in the AgentController in Red Hat ...)
+CVE-2014-0136
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0135 (Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses ...)
+CVE-2014-0135
 	NOT-FOR-US: Kafo
 	NOTE: Might be packaged after foreman (ITP bug #663101)
-CVE-2014-0134 (The instance rescue mode in OpenStack Compute (Nova) 2013.2 before ...)
+CVE-2014-0134
 	- nova 2013.2.2-4 (bug #742712)
 	[wheezy] - nova <not-affected> (Introduced in Grizzly)
 	NOTE: https://launchpad.net/bugs/1221190
-CVE-2014-0133 (Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 ...)
+CVE-2014-0133
 	- nginx 1.4.7-1 (unimportant; bug #742059)
 	[wheezy] - nginx <not-affected> (Vulnerable code not present)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
 	NOTE: ngx_http_spdy_module introduced in 1.3.15
 	NOTE: Debian compiles with --with-http_spdy_module, but also with --with-debug
-CVE-2014-0132 (The SASL authentication functionality in 389 Directory Server before ...)
+CVE-2014-0132
 	- 389-ds-base 1.3.2.9-1.1 (bug #741600)
-CVE-2014-0131 (Use-after-free vulnerability in the skb_segment function in ...)
+CVE-2014-0131
 	- linux 3.13.6-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 	NOTE: http://marc.info/?l=linux-netdev&m=139446896921968&w=2
-CVE-2014-0130 (Directory traversal vulnerability in ...)
+CVE-2014-0130
 	{DSA-2929-1}
 	- ruby-actionpack-2.3 <not-affected> (Vulnerable code not present)
 	- ruby-actionpack-3.2 <removed> (bug #747382)
 	- rails-3.2 3.2.18-1 (bug #747382)
 	- rails-4.0 <removed> (bug #747380)
-CVE-2014-0129 (badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before ...)
+CVE-2014-0129
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140
-CVE-2014-0128 (Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is ...)
+CVE-2014-0128
 	- squid <not-affected> (All Squid-3.0 and older versions not vulnerable)
 	- squid3 3.4.8-1 (unimportant; bug #741312)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
 	NOTE: only affects package rebuilds with --enable-ssl by users
-CVE-2014-0127 (The time-validation implementation in (1) mod/feedback/complete.php ...)
+CVE-2014-0127
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43656
-CVE-2014-0126 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2014-0126
 	- moodle 2.6.2-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146
-CVE-2014-0125 (repository/alfresco/lib.php in Moodle through 2.3.11, 2.4.x before ...)
+CVE-2014-0125
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409
-CVE-2014-0124 (The identity-reporting implementations in mod/forum/renderer.php and ...)
+CVE-2014-0124
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916
-CVE-2014-0123 (The wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x ...)
+CVE-2014-0123
 	- moodle 2.6.2-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39990
 	NOTE: squeeze version unaffected due to lack of fine-grained access control?
-CVE-2014-0122 (mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, ...)
+CVE-2014-0122
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082
-CVE-2014-0121 (The admin terminal in Hawt.io does not require authentication, which ...)
+CVE-2014-0121
 	NOT-FOR-US: hawtio-karaf-terminal
-CVE-2014-0120 (Cross-site request forgery (CSRF) vulnerability in the admin terminal ...)
+CVE-2014-0120
 	NOT-FOR-US: hawtio-karaf-terminal
-CVE-2014-0119 (Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 ...)
+CVE-2014-0119
 	{DSA-3530-1}
 	- tomcat8 8.0.8-1
 	- tomcat7 7.0.54-1
 	- tomcat6 6.0.41-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u4
-CVE-2014-0118 (The deflate_in_filter function in mod_deflate.c in the mod_deflate ...)
+CVE-2014-0118
 	{DSA-2989-1 DLA-66-1}
 	- apache2 2.4.10-1
-CVE-2014-0117 (The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, ...)
+CVE-2014-0117
 	- apache2 2.4.10-1
 	[squeeze] - apache2 <not-affected> (Affects 2.4.6 to 2.4.9)
 	[wheezy] - apache2 <not-affected> (Affects 2.4.6 to 2.4.9)
-CVE-2014-0116 (CookieInterceptor in Apache Struts 2.x before 2.3.16.3, when a ...)
+CVE-2014-0116
 	- libstruts1.2-java <not-affected> (Struts 2.0.0 through to Struts 2.3.16.2)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-022
-CVE-2014-0115 (Directory traversal vulnerability in the log viewer in Apache Storm ...)
+CVE-2014-0115
 	NOT-FOR-US: Apache Storm
-CVE-2014-0114 (Apache Commons BeanUtils, as distributed in ...)
+CVE-2014-0114
 	{DSA-2940-1 DLA-57-1}
 	- libstruts1.2-java 1.2.9-9 (bug #745897)
 	NOTE: http://mail-archives.apache.org/mod_mbox/struts-announcements/201404.mbox/%3C535F5F52.4040108%40apache.org%3E
@@ -25462,31 +25462,31 @@ CVE-2014-0114 (Apache Commons BeanUtils, as distributed in ...)
 	[wheezy] - commons-beanutils <no-dsa> (Too intrusive to backport; might break existing apps)
 	[squeeze] - commons-beanutils <no-dsa> (Too intrusive to backport; might break existing apps)
 	NOTE: https://issues.apache.org/jira/browse/BEANUTILS-463
-CVE-2014-0113 (CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard ...)
+CVE-2014-0113
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
 	NOTE: https://struts.apache.org/release/2.3.x/docs/s2-021.html
-CVE-2014-0112 (ParametersInterceptor in Apache Struts before 2.3.16.2 does not ...)
+CVE-2014-0112
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
 	NOTE: https://struts.apache.org/release/2.3.x/docs/s2-021.html
-CVE-2014-0111 (Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote ...)
+CVE-2014-0111
 	NOT-FOR-US: Apache Syncope
-CVE-2014-0110 (Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote ...)
+CVE-2014-0110
 	NOT-FOR-US: Apache CXF
-CVE-2014-0109 (Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote ...)
+CVE-2014-0109
 	NOT-FOR-US: Apache CXF
 CVE-2014-0108
 	REJECTED
-CVE-2014-0107 (The TransformerFactory in Apache Xalan-Java before 2.7.2 does not ...)
+CVE-2014-0107
 	{DSA-2886-1}
 	- libxalan2-java 2.7.1-9 (bug #742577)
 	NOTE: https://issues.apache.org/jira/browse/XALANJ-2435
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1581058
-CVE-2014-0106 (Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly ...)
+CVE-2014-0106
 	{DLA-160-1}
 	- sudo 1.8.5p2-1 (low)
 	[squeeze] - sudo <no-dsa> (environment sanitising is enabled by default and turning it off in insecure anyway)
 	NOTE: http://www.sudo.ws/sudo/alerts/env_add.html
-CVE-2014-0105 (The auth_token middleware in the OpenStack Python client library for ...)
+CVE-2014-0105
 	- python-keystoneclient 1:0.6.0-4 (low; bug #742898)
 	[wheezy] - python-keystoneclient <not-affected> (Vulnerable code yet in src:keystone)
 	- keystone 2013.1.1-2
@@ -25497,54 +25497,54 @@ CVE-2014-0104
 	- fence-agents 4.0.17-1 (low; bug #764801)
 	[jessie] - fence-agents <no-dsa> (Minor issue)
 	[wheezy] - fence-agents <no-dsa> (Minor issue)
-CVE-2014-0103 (WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores ...)
+CVE-2014-0103
 	- zarafa <itp> (bug #658433)
-CVE-2014-0102 (The keyring_detect_cycle_iterator function in security/keys/keyring.c ...)
+CVE-2014-0102
 	- linux 3.13.6-1
 	[wheezy] - linux <not-affected> (Introduced in v3.13)
 	- linux-2.6 <not-affected> (Introduced in v3.13)
 	NOTE: Introduced by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2a4df200d570b2c33a57e1ebfa5896e4bc81b69
 	NOTE: patch: http://www.kernelhub.org/?msg=425013&p=2
-CVE-2014-0101 (The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the ...)
+CVE-2014-0101
 	{DSA-2906-1}
 	- linux 3.13.6-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bbd0d59809f923ea2b540cbd781b32110e249f6e
 	NOTE: http://patchwork.ozlabs.org/patch/325898/
-CVE-2014-0100 (Race condition in the inet_frag_intern function in ...)
+CVE-2014-0100
 	- linux 3.13.6-1
 	[wheezy] - linux <not-affected> (Introduced in v3.9)
 	- linux-2.6 <not-affected> (Introduced in v3.9)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ef0eb0db4bf92c6d2510fe5c4dc51852746f206
 	NOTE: http://patchwork.ozlabs.org/patch/325844/
-CVE-2014-0099 (Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in ...)
+CVE-2014-0099
 	{DSA-3530-1}
 	- tomcat8 8.0.5-1
 	- tomcat7 7.0.53-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u3
 	- tomcat6 6.0.41-1
 	NOTE: http://svn.apache.org/r1578814
-CVE-2014-0098 (The log_cookie function in mod_log_config.c in the mod_log_config ...)
+CVE-2014-0098
 	- apache2 2.4.9-1
 	[squeeze] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: Looks like it was introduced in 2.2.23 which would mean that squeeze+wheezy are not affected. sf: waiting for confirmation.
-CVE-2014-0097 (The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 ...)
+CVE-2014-0097
 	- libspring-java <not-affected> (ActiveDirectoryLdapAuthenticator not yet present, introduced in 3.1)
-CVE-2014-0096 (java/org/apache/catalina/servlets/DefaultServlet.java in the default ...)
+CVE-2014-0096
 	{DSA-3530-1}
 	- tomcat8 8.0.5-1
 	- tomcat7 7.0.53-1
 	- tomcat6 6.0.41-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u4
-CVE-2014-0095 (java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat ...)
+CVE-2014-0095
 	- tomcat8 8.0.5-1
-CVE-2014-0094 (The ParametersInterceptor in Apache Struts before 2.3.16.1 allows ...)
+CVE-2014-0094
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
-CVE-2014-0093 (Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when ...)
+CVE-2014-0093
 	NOT-FOR-US: JBoss EAP
-CVE-2014-0092 (lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does ...)
+CVE-2014-0092
 	{DSA-2869-1}
 	- gnutls26 2.12.23-13
 	- gnutls28 3.2.11-2
@@ -25552,19 +25552,19 @@ CVE-2014-0092 (lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12
 CVE-2014-0091
 	RESERVED
 	- foreman <itp> (bug #663101)
-CVE-2014-0090 (Session fixation vulnerability in Foreman before 1.4.2 allows remote ...)
+CVE-2014-0090
 	- foreman <itp> (bug #663101)
-CVE-2014-0089 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2014-0089
 	- foreman <itp> (bug #663101)
-CVE-2014-0088 (The SPDY implementation in the ngx_http_spdy_module module in nginx ...)
+CVE-2014-0088
 	- nginx <not-affected> (Only affects 1.5.10)
-CVE-2014-0087 (The check_privileges method in ...)
+CVE-2014-0087
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0086 (The doFilter function in webapp/PushHandlerFilter.java in JBoss ...)
+CVE-2014-0086
 	NOT-FOR-US: RichFaces
 	NOTE: https://github.com/richfaces/richfaces/commit/4115c103f74e7cb0af6d392e22866e52db2bc4e7
 	NOTE: https://issues.jboss.org/browse/RF-13250
-CVE-2014-0085 (JBoss Fuse did not enable encrypted passwords by default in its usage ...)
+CVE-2014-0085
 	NOT-FOR-US: Fuse Fabric
 CVE-2014-0084
 	RESERVED
@@ -25573,7 +25573,7 @@ CVE-2014-0083 [SSHA passwords generated by the net-ldap Ruby gem use a weak salt
 	RESERVED
 	- ruby-net-ldap <not-affected> (SSHA support not present)
 	NOTE: SSHA support only from version v0.5.0, see #742706
-CVE-2014-0082 (actionpack/lib/action_view/template/text.rb in Action View in Ruby on ...)
+CVE-2014-0082
 	{DSA-2929-1}
 	- rails-4.0 <not-affected> (only 3.2.x and earlier)
 	- rails-3.2 3.2.17-1
@@ -25583,7 +25583,7 @@ CVE-2014-0082 (actionpack/lib/action_view/template/text.rb in Action View in Rub
 	- rails 2.3.14.1
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2014-0081 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2014-0081
 	{DSA-2929-1}
 	- rails-4.0 <removed>
 	- rails-3.2 3.2.17-1
@@ -25593,43 +25593,43 @@ CVE-2014-0081 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	- rails 2.3.14.1
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2014-0080 (SQL injection vulnerability in ...)
+CVE-2014-0080
 	- rails-4.0 <removed>
 	- ruby-activerecord-3.2 <not-affected> (affects only rails 4.0.x)
 	- ruby-activerecord-2.3 <not-affected> (affects only rails 4.0.x)
 	- rails <not-affected> (affects only rails 4.0.x)
-CVE-2014-0079 (The ValidateUserLogon function in provider/libserver/ECSession.cpp in ...)
+CVE-2014-0079
 	NOT-FOR-US: Zarafa Collaboration Platform
-CVE-2014-0078 (The CatalogController in Red Hat CloudForms Management Engine (CFME) ...)
+CVE-2014-0078
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0077 (drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable ...)
+CVE-2014-0077
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: seems introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
 	NOTE: qemu is built with support for vhost_net, module loaded post-wheezy when linux < 3.4 but root:root 0600
-CVE-2014-0076 (The Montgomery ladder implementation in OpenSSL through 1.0.0l does ...)
+CVE-2014-0076
 	{DSA-2908-1 DLA-0003-1}
 	- openssl 1.0.1g-1 (low; bug #742923)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 	NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=f9b6c0ba4c02497782f801e3c45688f3efaac55c
-CVE-2014-0075 (Integer overflow in the parseChunkHeader function in ...)
+CVE-2014-0075
 	{DSA-3530-1}
 	- tomcat8 8.0.5-1
 	- tomcat7 7.0.53-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u3
 	- tomcat6 6.0.41-1
-CVE-2014-0074 (Apache Shiro 1.x before 1.2.3, when using an LDAP server with ...)
+CVE-2014-0074
 	- shiro 1.2.3-1
-CVE-2014-0073 (The CDVInAppBrowser class in the Apache Cordova In-App-Browser ...)
+CVE-2014-0073
 	NOT-FOR-US: Apache Cordova
-CVE-2014-0072 (ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone ...)
+CVE-2014-0072
 	NOT-FOR-US: Apache Cordova
-CVE-2014-0071 (PackStack in Red Hat OpenStack 4.0 does not enforce the default ...)
+CVE-2014-0071
 	- neutron 2014.1-1
 CVE-2014-0070
 	REJECTED
-CVE-2014-0069 (The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel ...)
+CVE-2014-0069
 	- linux 3.13.6-1 (bug #741958)
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Only affects 2.6.38 and later)
@@ -25638,43 +25638,43 @@ CVE-2014-0069 (The cifs_iovec_write function in fs/cifs/file.c in the Linux kern
 CVE-2014-0068
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0067 (The &quot;make check&quot; command for the test suites in PostgreSQL 9.3.3 and ...)
+CVE-2014-0067
 	{DSA-2865-1 DSA-2864-1 DLA-0019-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0066 (The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before ...)
+CVE-2014-0066
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0065 (Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before ...)
+CVE-2014-0065
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0064 (Multiple integer overflows in the path_in and other unspecified ...)
+CVE-2014-0064
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0063 (Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, ...)
+CVE-2014-0063
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0062 (Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE ...)
+CVE-2014-0062
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0061 (The validator functions for the procedural languages (PLs) in ...)
+CVE-2014-0061
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.12-1 (low)
 	- postgresql-8.4 <removed>
@@ -25683,43 +25683,43 @@ CVE-2014-0061 (The validator functions for the procedural languages (PLs) in ...
 	- postgresql-plsh 1.20140221-1
 	[wheezy] - postgresql-plsh <no-dsa> (Minor issue)
 	[squeeze] - postgresql-plsh <no-dsa> (Minor issue)
-CVE-2014-0060 (PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, ...)
+CVE-2014-0060
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0059 (JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise ...)
+CVE-2014-0059
 	NOT-FOR-US: JBossSX
-CVE-2014-0058 (The security audit functionality in Red Hat JBoss Enterprise ...)
+CVE-2014-0058
 	NOT-FOR-US: JBoss EAP
-CVE-2014-0057 (The x_button method in the ServiceController ...)
+CVE-2014-0057
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0056 (The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not ...)
+CVE-2014-0056
 	- neutron 2013.2.2-4 (bug #742800)
-CVE-2014-0055 (The get_rx_bufs function in drivers/vhost/net.c in the vhost-net ...)
+CVE-2014-0055
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
 	NOTE: qemu is built with support for vhost_net, module loaded post-wheezy when linux < 3.4 but root:root 0600
-CVE-2014-0054 (The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring ...)
+CVE-2014-0054
 	{DSA-2890-1}
 	- libspring-java 3.0.6.RELEASE-13 (bug #741604)
-CVE-2014-0053 (The default configuration of the Resources plugin 1.0.0 before 1.2.6 ...)
+CVE-2014-0053
 	- grails <itp> (bug #473213)
 CVE-2014-0052
 	REJECTED
 CVE-2014-0051
 	REJECTED
-CVE-2014-0050 (MultipartStream.java in Apache Commons FileUpload before 1.3.1, as ...)
+CVE-2014-0050
 	{DSA-2897-1 DSA-2856-1}
 	- libcommons-fileupload-java 1.3.1-1
 	- tomcat7 7.0.52-1
 	- tomcat6 <not-affected> (access to Manager application limited to authenticated administrators)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1565169
 	NOTE: CVE might be splitted
-CVE-2014-0049 (Buffer overflow in the complete_emulated_mmio function in ...)
+CVE-2014-0049
 	- linux 3.13.6-1
 	[wheezy] - linux <not-affected> (Introduced in 3.5)
 	- linux-2.6 <not-affected> (Introduced in 3.5)
@@ -25728,66 +25728,66 @@ CVE-2014-0048 [multiple files downloaded over HTTP and executed or used unsafely
 	RESERVED
 	- docker.io 1.6.0+dfsg1-1
 	NOTE: According to Red Hat bug no longer present in 1.5
-CVE-2014-0047 (Docker before 1.5 allows local users to have unspecified impact via ...)
+CVE-2014-0047
 	- docker.io 1.6.0+dfsg1-1
 	NOTE: According to Red Hat bug no longer present in 1.5
-CVE-2014-0046 (Cross-site scripting (XSS) vulnerability in the link-to helper in ...)
+CVE-2014-0046
 	NOT-FOR-US: ember.js
-CVE-2014-0045 (The needSamples method in AudioOutputSpeech.cpp in the client in ...)
+CVE-2014-0045
 	{DSA-2854-1}
 	- mumble 1.2.4-0.2 (bug #737739)
 	[squeeze] - mumble <not-affected> (Opus support not present)
-CVE-2014-0044 (The opus_packet_get_samples_per_frame function in client in Mumble ...)
+CVE-2014-0044
 	{DSA-2854-1}
 	- mumble 1.2.4-0.2 (bug #737739)
 	[squeeze] - mumble <not-affected> (Opus support not present)
-CVE-2014-0043 (In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls ...)
+CVE-2014-0043
 	NOT-FOR-US: Apache Wicket
-CVE-2014-0042 (OpenStack Heat Templates (heat-templates), as used in Red Hat ...)
+CVE-2014-0042
 	NOT-FOR-US: openstack-heat-templates
-CVE-2014-0041 (OpenStack Heat Templates (heat-templates), as used in Red Hat ...)
+CVE-2014-0041
 	NOT-FOR-US: openstack-heat-templates
-CVE-2014-0040 (OpenStack Heat Templates (heat-templates), as used in Red Hat ...)
+CVE-2014-0040
 	NOT-FOR-US: openstack-heat-templates
-CVE-2014-0039 (Untrusted search path vulnerability in fwsnort before 1.6.4, when not ...)
+CVE-2014-0039
 	- fwsnort 1.6.4-1 (low; bug #737495)
 	[wheezy] - fwsnort <no-dsa> (Minor issue)
 	[squeeze] - fwsnort <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348
-CVE-2014-0038 (The compat_sys_recvmmsg function in net/compat.c in the Linux kernel ...)
+CVE-2014-0038
 	- linux 3.13.4-1 (unimportant)
 	[wheezy] - linux <not-affected> (Introduced in 3.4+)
 	- linux-2.6 <not-affected> (Introduced in 3.4+)
 	NOTE: introduced by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/compat.c?id=ee4fa23c4bfcc635d077a9633d405610de45bc70
 	NOTE: Debian does not enable CONFIG_X86_X32, see #708070
-CVE-2014-0037 (The ValidateUserLogon function in provider/libserver/ECSession.cpp in ...)
+CVE-2014-0037
 	NOT-FOR-US: Zarafa Collaboration Platform
-CVE-2014-0036 (The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with ...)
+CVE-2014-0036
 	NOT-FOR-US: rbovirt
-CVE-2014-0035 (The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before ...)
+CVE-2014-0035
 	NOT-FOR-US: Apache CFX
-CVE-2014-0034 (The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x ...)
+CVE-2014-0034
 	NOT-FOR-US: Apache CFX
-CVE-2014-0033 (org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat ...)
+CVE-2014-0033
 	{DSA-3530-1 DLA-91-1}
 	- tomcat6 6.0.39
-CVE-2014-0032 (The get_resource function in repos.c in the mod_dav_svn module in ...)
+CVE-2014-0032
 	{DLA-207-1}
 	- subversion 1.8.8-1 (low; bug #737815)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u5
-CVE-2014-0031 (The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache ...)
+CVE-2014-0031
 	NOT-FOR-US: Apache CloudStack
-CVE-2014-0030 (The XML-RPC protocol support in Apache Roller before 5.0.3 allows ...)
+CVE-2014-0030
 	NOT-FOR-US: Apache Roller
-CVE-2014-0029 (Multiple cross-site scripting (XSS) vulnerabilities in the SAM web ...)
+CVE-2014-0029
 	NOT-FOR-US: Katello
-CVE-2014-0028 (libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to ...)
+CVE-2014-0028
 	- libvirt 1.2.1-1
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.1)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.1)
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html
-CVE-2014-0027 (The play_wave_from_socket function in audio/auserver.c in Flite 1.4 ...)
+CVE-2014-0027
 	- flite 1.4-release-8 (low; bug #734746)
 	[wheezy] - flite <no-dsa> (Minor issue)
 	[squeeze] - flite <no-dsa> (Minor issue)
@@ -25801,37 +25801,37 @@ CVE-2014-0024
 CVE-2014-0023
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0022 (The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and ...)
+CVE-2014-0022
 	NOT-FOR-US: yum cron
 CVE-2014-0021 [traffic amplification in cmdmon protocol]
 	RESERVED
 	- chrony 1.29.1-1 (low; bug #737644)
 	[squeeze] - chrony <no-dsa> (Minor issue)
 	[wheezy] - chrony <no-dsa> (Minor issue)
-CVE-2014-0020 (The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not ...)
+CVE-2014-0020
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2014-0019 (Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and ...)
+CVE-2014-0019
 	- socat 1.7.2.3-1 (low; bug #736993)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	[wheezy] - socat <no-dsa> (Minor issue)
-CVE-2014-0018 (Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss ...)
+CVE-2014-0018
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
-CVE-2014-0017 (The RAND_bytes function in libssh before 0.6.3, when forking is ...)
+CVE-2014-0017
 	{DSA-2879-1}
 	- libssh 0.5.4-3
 	NOTE: http://git.libssh.org/projects/libssh.git/commit/?id=e99246246b4061f7e71463f8806b9dcad65affa0
-CVE-2014-0016 (stunnel before 5.00, when using fork threading, does not properly ...)
+CVE-2014-0016
 	- stunnel4 <not-affected> (Debian package compiled with --with-threads=pthread)
-CVE-2014-0015 (cURL and libcurl 7.10.6 through 7.34.0, when more than one ...)
+CVE-2014-0015
 	{DSA-2849-1}
 	- curl 7.35.0-1
-CVE-2014-0014 (Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, ...)
+CVE-2014-0014
 	NOT-FOR-US: Ember.js
-CVE-2014-0013 (Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, ...)
+CVE-2014-0013
 	NOT-FOR-US: Ember.js
-CVE-2014-0012 (FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create ...)
+CVE-2014-0012
 	- jinja2 2.7.2-2 (bug #734956)
 	[squeeze] - jinja2 <not-affected> (introduced by fix in 2.7.2)
 	[wheezy] - jinja2 <not-affected> (introduced by fix in 2.7.2)
@@ -25843,34 +25843,34 @@ CVE-2014-0011 [ZRLE decoding bounds checking issue]
 	NOTE: may affect related *VNC implementations if built with NDEBUG
 	NOTE: e.g. vnc4 seems to have similar code in common/rfb/zrleDecode.h
 	NOTE: starting with 4.1.1+X4.3.0+t-1 it's a transitional package
-CVE-2014-0010 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2014-0010
 	- moodle 2.5.4-1
 	[squeeze] - moodle <not-affected> (Code correctly checks session key)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42883
-CVE-2014-0009 (course/loginas.php in Moodle through 2.2.11, 2.3.x before 2.3.11, ...)
+CVE-2014-0009
 	- moodle 2.5.4-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643
-CVE-2014-0008 (lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x ...)
+CVE-2014-0008
 	- moodle 2.5.4-1 (low)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721
-CVE-2014-0007 (The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows ...)
+CVE-2014-0007
 	- foreman <itp> (bug #663101)
-CVE-2014-0006 (The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 ...)
+CVE-2014-0006
 	- swift 1.11.0-2 (low; bug #735582)
 	[wheezy] - swift <no-dsa> (Minor issue)
-CVE-2014-0005 (PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application ...)
+CVE-2014-0005
 	NOT-FOR-US: PicketBox/JBossSX
-CVE-2014-0004 (Stack-based buffer overflow in udisks before 1.0.5 and 2.x before ...)
+CVE-2014-0004
 	{DSA-2872-1}
 	- udisks2 2.1.3-1
 	- udisks 1.0.5-1
-CVE-2014-0003 (The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before ...)
+CVE-2014-0003
 	NOT-FOR-US: Apache Camel
-CVE-2014-0002 (The XSLT component in Apache Camel before 2.11.4 and 2.12.x before ...)
+CVE-2014-0002
 	NOT-FOR-US: Apache Camel
-CVE-2014-0001 (Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before ...)
+CVE-2014-0001
 	{DSA-2919-1 DLA-75-1}
 	- mysql-5.1 <removed> (low)
 	[squeeze] - mysql-5.1 <no-dsa> (Minor issue, currently not fixed in MySQL, can be included once fixed in 5.1.x)
@@ -25879,7 +25879,7 @@ CVE-2014-0001 (Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB be
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1054592
 	NOTE: http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
-CVE-2014-0158 (Heap-based buffer overflow in the JPEG2000 image tile decoder in ...)
+CVE-2014-0158
 	- openjpeg 1.3+dfsg-4.7
 	NOTE: Not considering a duplicate of CVE-2013-1447 following
 	NOTE: http://www.openwall.com/lists/oss-security/2014/04/02/2 . A query
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 780abdee85..548439c3e3 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,70 +1,70 @@
 CVE-2015-9283
 	RESERVED
-CVE-2015-9282 (The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable ...)
+CVE-2015-9282
 	NOT-FOR-US: Grafana plugin
-CVE-2015-9281 (Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows ...)
+CVE-2015-9281
 	NOT-FOR-US: SAS Web Infrastructure Platform
-CVE-2015-9280 (MailEnable before 8.60 allows XXE via an XML document in the ...)
+CVE-2015-9280
 	NOT-FOR-US: MailEnable
-CVE-2015-9279 (MailEnable before 8.60 allows Stored XSS via malformed use of ...)
+CVE-2015-9279
 	NOT-FOR-US: MailEnable
-CVE-2015-9278 (MailEnable before 8.60 allows Privilege Escalation because admin ...)
+CVE-2015-9278
 	NOT-FOR-US: MailEnable
-CVE-2015-9277 (MailEnable before 8.60 allows Directory Traversal for reading the ...)
+CVE-2015-9277
 	NOT-FOR-US: MailEnable
-CVE-2015-9276 (SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS ...)
+CVE-2015-9276
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2015-9274 (HarfBuzz before 1.0.4 allows remote attackers to cause a denial of ...)
+CVE-2015-9274
 	- harfbuzz 1.2.6-1
 	[jessie] - harfbuzz <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7
-CVE-2015-9273 (The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for ...)
+CVE-2015-9273
 	NOT-FOR-US: WordPress plugin wp-slimstat
-CVE-2015-9272 (The videowhisper-video-presentation plugin 3.31.17 for WordPress allows ...)
+CVE-2015-9272
 	NOT-FOR-US: videowhisper-video-presentation plugin for WordPress
-CVE-2015-9271 (The VideoWhisper videowhisper-video-conference-integration plugin ...)
+CVE-2015-9271
 	NOT-FOR-US: WordPress plugin videowhisper-video-conference-integration
-CVE-2015-9270 (XSS exists in the the-holiday-calendar plugin before 1.11.3 for ...)
+CVE-2015-9270
 	NOT-FOR-US: the-holiday-calendar plugin for WordPress
-CVE-2015-9269 (The export/content.php exportarticle feature in the ...)
+CVE-2015-9269
 	NOT-FOR-US: wordpress-mobile-pack plugin for WordPress
-CVE-2015-9268 (Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe ...)
+CVE-2015-9268
 	{DLA-1602-1}
 	- nsis 2.50-1
 	NOTE: https://sourceforge.net/p/nsis/bugs/1125/
-CVE-2015-9267 (Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary ...)
+CVE-2015-9267
 	{DLA-1602-1}
 	- nsis 2.50-1
 	NOTE: https://sourceforge.net/p/nsis/bugs/1125/
-CVE-2015-9266 (The web management interface of Ubiquiti airMAX, airFiber, airGateway ...)
+CVE-2015-9266
 	NOT-FOR-US: Ubiquiti
 CVE-2015-9265
 	REJECTED
-CVE-2015-9264 (Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute ...)
+CVE-2015-9264
 	NOT-FOR-US: Lansweeper
-CVE-2015-9263 (An issue was discovered in post2file.php in Up.Time Monitoring Station ...)
+CVE-2015-9263
 	NOT-FOR-US: Up.Time
-CVE-2015-9262 (_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows ...)
+CVE-2015-9262
 	{DLA-1469-1}
 	- libxcursor 1:1.1.15-1 (low; bug #906012)
 	[stretch] - libxcursor 1:1.1.14-1+deb9u2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=90857
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=897213f36baf6926daf6d192c709cf627aa5fd05
-CVE-2015-9260 (An issue was discovered in BEdita before 3.7.0. A cross-site scripting ...)
+CVE-2015-9260
 	NOT-FOR-US: BEdita
-CVE-2015-9259 (In Docker Notary before 0.1, the checkRoot function in ...)
+CVE-2015-9259
 	- notary 0.1~ds1-1
-CVE-2015-9258 (In Docker Notary before 0.1, gotuf/signed/verify.go has a Signature ...)
+CVE-2015-9258
 	- notary 0.1~ds1-1
-CVE-2015-9257 (BMC Remedy Action Request (AR) System 9.0 before 9.0.00 Service Pack 2 ...)
+CVE-2015-9257
 	NOT-FOR-US: BMC Remedy Action Request (AR) System
-CVE-2015-9256 (Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive ...)
+CVE-2015-9256
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-9255 (Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive ...)
+CVE-2015-9255
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-9254 (Datto ALTO and SIRIS devices have a default VNC password. ...)
+CVE-2015-9254
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-9253 (An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before ...)
+CVE-2015-9253
 	- php7.3 <not-affected> (Fixed with initial upload to unstable)
 	- php7.2 7.2.8-1 (unimportant)
 	- php7.1 7.1.20-1 (unimportant)
@@ -74,16 +74,16 @@ CVE-2015-9253 (An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x be
 	NOTE: https://bugs.php.net/bug.php?id=70185
 	NOTE: https://bugs.php.net/bug.php?id=75968
 	NOTE: Only exploitable with malicious script
-CVE-2015-9252 (An issue was discovered in QPDF before 7.0.0. Endless recursion causes ...)
+CVE-2015-9252
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/701b518d5c56a1449825a3a37a716c58e05e1c3e
 	NOTE: https://github.com/qpdf/qpdf/issues/51
-CVE-2015-1142857 (On multiple SR-IOV cars it is possible for VF's assigned to guests to ...)
+CVE-2015-1142857
 	NOT-FOR-US: SR-IOV cars
-CVE-2015-9251 (jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks ...)
+CVE-2015-9251
 	- jquery 3.1.1-1
 	[jessie] - jquery <ignored> (Too intrusive to backport)
 	[wheezy] - jquery <ignored> (Too invasive to fix)
@@ -92,306 +92,306 @@ CVE-2015-9251 (jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) a
 	NOTE: https://github.com/jquery/jquery/pull/2588
 	NOTE: https://snyk.io/vuln/npm:jquery:20150627
 	NOTE: only 3.0 was fixed upstream, because fix considered too invasive: https://github.com/jquery/jquery/issues/2432#issuecomment-290983196
-CVE-2015-9250 (An issue was discovered in Skybox Platform before 7.5.201. Directory ...)
+CVE-2015-9250
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9249 (An issue was discovered in Skybox Platform before 7.5.201. SQL ...)
+CVE-2015-9249
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9248 (An issue was discovered in Skybox Platform before 7.5.201. Stored ...)
+CVE-2015-9248
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9247 (An issue was discovered in Skybox Platform before 7.5.401. Reflected ...)
+CVE-2015-9247
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9246 (An issue was discovered in Skybox Platform before 7.5.201. Remote ...)
+CVE-2015-9246
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9245 (Insecure default configuration in Progress Software OpenEdge 10.2x and ...)
+CVE-2015-9245
 	NOT-FOR-US: Progress Software OpenEdge
-CVE-2015-9243 (When server level, connection level or route level CORS configurations ...)
+CVE-2015-9243
 	NOT-FOR-US: hapi
-CVE-2015-9242 (Certain input strings when passed to new Date() or Date.parse() in ...)
+CVE-2015-9242
 	NOT-FOR-US: ecstatic
-CVE-2015-9241 (Certain input passed into the If-Modified-Since or Last-Modified ...)
+CVE-2015-9241
 	NOT-FOR-US: hapi
-CVE-2015-9240 (Due to a bug in the the default sign in functionality in the keystone ...)
+CVE-2015-9240
 	NOT-FOR-US: keystone node module
-CVE-2015-9239 (ansi2html is vulnerable to regular expression denial of service ...)
+CVE-2015-9239
 	NOT-FOR-US: ansi2html
-CVE-2015-9238 (secure-compare 3.0.0 and below do not actually compare two strings ...)
+CVE-2015-9238
 	NOT-FOR-US: secure-compare node module
 CVE-2015-9237
 	RESERVED
-CVE-2015-9236 (Hapi versions less than 11.0.0 implement CORS incorrectly and allowed ...)
+CVE-2015-9236
 	NOT-FOR-US: hapi
-CVE-2015-9235 (In jsonwebtoken node module before 4.2.2 it is possible for an ...)
+CVE-2015-9235
 	NOT-FOR-US: jsonwebtoken node module
-CVE-2015-9234 (The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) ...)
+CVE-2015-9234
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-9233 (The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) ...)
+CVE-2015-9233
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-9232 (The Good for Enterprise application 3.0.0.415 for Android does not use ...)
+CVE-2015-9232
 	NOT-FOR-US: Good for Enterprise application for Android
-CVE-2015-9231 (iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords ...)
+CVE-2015-9231
 	NOT-FOR-US: iTerm2
-CVE-2015-9230 (In the admin/db-backup-security/db-backup-security.php page in the ...)
+CVE-2015-9230
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-9229 (In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery ...)
+CVE-2015-9229
 	NOT-FOR-US: Photocrati NextGEN Gallery
-CVE-2015-9228 (In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for ...)
+CVE-2015-9228
 	NOT-FOR-US: Photocrati NextGEN Gallery plugin for WordPress
-CVE-2015-9227 (PHP remote file inclusion vulnerability in the get_file function in ...)
+CVE-2015-9227
 	NOT-FOR-US: AlegroCart
-CVE-2015-9226 (Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow ...)
+CVE-2015-9226
 	NOT-FOR-US: AlegroCart
 CVE-2015-9225
 	RESERVED
-CVE-2015-9224 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9224
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9223 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9223
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9222 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9222
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9221 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9221
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9220 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9220
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9219 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9219
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9218 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9218
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9217 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9217
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9216 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9216
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9215 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9215
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9214
 	RESERVED
-CVE-2015-9213 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9213
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9212 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9212
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9211 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9211
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9210 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9210
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9209 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9209
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9208 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9208
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9207 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9207
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9206 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9206
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9205 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9205
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9204 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9204
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9203 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9203
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9202 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9202
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9201 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9201
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9200 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9200
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9199 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9199
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9198 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9198
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9197 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9197
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9196 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9196
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9195 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9195
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9194 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9194
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9193 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9193
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9192 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9192
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9191 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9191
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9190 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9190
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9189 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9189
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9188 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9188
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9187 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9187
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9186 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9186
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9185 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9185
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9184 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9184
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9183 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9183
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9182 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9182
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9181 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9181
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9180 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9180
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9179 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9179
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9178 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9178
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9177 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9177
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9176 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9176
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9175 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9175
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9174 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9174
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9173 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9173
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9172 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9172
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9171 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9171
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9170 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9170
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9169 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9169
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9168
 	RESERVED
-CVE-2015-9167 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9167
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9166 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9166
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9165 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9165
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9164 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9164
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9163 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9163
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9162 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9162
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9161 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9161
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9160 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9160
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9159 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9159
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9158 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9158
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9157 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9157
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9156 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9156
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9155
 	RESERVED
 CVE-2015-9154
 	RESERVED
-CVE-2015-9153 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9153
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9152 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9152
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9151 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9151
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9150 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9150
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9149 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9149
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9148 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9148
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9147 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9147
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9146 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9146
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9145 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9145
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9144 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9144
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9143 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9143
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9142 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9142
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9141 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9141
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9140 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9140
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9139 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9139
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9138 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9138
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9137 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9137
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9136 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9136
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9135 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9135
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9134 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9134
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9133 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9133
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9132 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9132
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9131 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9131
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9130 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9130
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9129 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9129
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9128 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9128
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9127 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9127
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9126 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9126
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9125
 	RESERVED
-CVE-2015-9124 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9124
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9123 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9123
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9122 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9122
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9121
 	RESERVED
-CVE-2015-9120 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9120
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9119 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9119
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9118 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9118
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9117
 	RESERVED
-CVE-2015-9116 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9116
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9115 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9115
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9114 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9114
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9113 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9113
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9112 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9112
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9111 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9111
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9110 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9110
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9109 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9109
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9108 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2015-9108
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9107 (Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption ...)
+CVE-2015-9107
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2015-9106
 	RESERVED
 	NOT-FOR-US: WordPress plugin the-holiday-calendar
-CVE-2015-9105 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Video ...)
+CVE-2015-9105
 	NOT-FOR-US: Synology
-CVE-2015-9104 (Cross-site scripting (XSS) vulnerabilities in Synology Audio Station ...)
+CVE-2015-9104
 	NOT-FOR-US: Synology
-CVE-2015-9103 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Note ...)
+CVE-2015-9103
 	NOT-FOR-US: Synology
-CVE-2015-9102 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo ...)
+CVE-2015-9102
 	NOT-FOR-US: Synology
-CVE-2015-9098 (In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote ...)
+CVE-2015-9098
 	NOT-FOR-US: Redgate SQL Monitor
-CVE-2015-9096 (Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection ...)
+CVE-2015-9096
 	{DSA-3966-1 DLA-1421-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #864860)
 	- ruby2.1 <removed>
@@ -445,118 +445,118 @@ CVE-2015-9075
 	RESERVED
 CVE-2015-9074
 	RESERVED
-CVE-2015-9073 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9073
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9072 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9072
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9071 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9071
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9070 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9070
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9069 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9069
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9068 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9068
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9067 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9067
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9066 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9066
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9065 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9065
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9064 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9064
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9063 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9063
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9062 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9062
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9061 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9061
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9060 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9060
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9059 (picocom before 2.0 has a command injection vulnerability in the 'send ...)
+CVE-2015-9059
 	{DLA-974-1}
 	- picocom 1.7-2 (bug #863671)
 	[jessie] - picocom <no-dsa> (Minor issue)
 	NOTE: https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
-CVE-2015-9058 (Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix ...)
+CVE-2015-9058
 	NOT-FOR-US: Proxmox Mail Gateway
-CVE-2015-9057 (Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail ...)
+CVE-2015-9057
 	NOT-FOR-US: Proxmox Mail Gateway
-CVE-2015-9056 (Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS ...)
+CVE-2015-9056
 	- kibana <itp> (bug #700337)
-CVE-2015-9055 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9055
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9054 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9054
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9053 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9053
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9052 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9052
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9051 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9051
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9050 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9050
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9049 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9049
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9048 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9048
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9047 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9047
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9046 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9046
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9045 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9045
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9044 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9044
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9043 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9043
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9042 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9042
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9041 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9041
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9040 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9040
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9039 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9039
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9038 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9038
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9037 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9037
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9036 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9036
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9035 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9035
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9034 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-9034
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9033 (In all Android releases from CAF using the Linux kernel, a QTEE system ...)
+CVE-2015-9033
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9032 (In all Android releases from CAF using the Linux kernel, a DRM key was ...)
+CVE-2015-9032
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9031 (In all Android releases from CAF using the Linux kernel, a TZ memory ...)
+CVE-2015-9031
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9030 (In all Android releases from CAF using the Linux kernel, the ...)
+CVE-2015-9030
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9029 (In all Android releases from CAF using the Linux kernel, a ...)
+CVE-2015-9029
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9028 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2015-9028
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9027 (In all Android releases from CAF using the Linux kernel, an untrusted ...)
+CVE-2015-9027
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9026 (In all Android releases from CAF using the Linux kernel, an untrusted ...)
+CVE-2015-9026
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9025 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2015-9025
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9024 (In all Android releases from CAF using the Linux kernel, some ...)
+CVE-2015-9024
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9023 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2015-9023
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9022 (In all Android releases from CAF using the Linux kernel, time-of-check ...)
+CVE-2015-9022
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9021 (In all Android releases from CAF using the Linux kernel, access ...)
+CVE-2015-9021
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9020 (In all Android releases from CAF using the Linux kernel, an untrusted ...)
+CVE-2015-9020
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9019 (In libxslt 1.1.29 and earlier, the EXSLT math.random function was not ...)
+CVE-2015-9019
 	- libxslt <unfixed> (unimportant; bug #859796)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758400
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=934119
@@ -567,55 +567,55 @@ CVE-2015-9018
 	RESERVED
 CVE-2015-9017
 	RESERVED
-CVE-2015-9016 (In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a ...)
+CVE-2015-9016
 	{DSA-4187-1}
 	- linux 4.2.3-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/0048b4837affd153897ed1222283492070027aa9 (4.3-rc1)
-CVE-2015-9015 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9015
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9014 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9014
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9013 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9013
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9012 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9012
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9011 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9011
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9010 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9010
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9009 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9009
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9008 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2015-9008
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9007 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2015-9007
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9006 (In Resource Power Manager (RPM) in all Android releases from CAF using ...)
+CVE-2015-9006
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9005 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2015-9005
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9004 (kernel/events/core.c in the Linux kernel before 3.19 mishandles ...)
+CVE-2015-9004
 	- linux 3.16.7-ckt7-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2015-9003 (In TrustZone a cryptographic issue can potentially occur in all ...)
+CVE-2015-9003
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9002 (In TrustZone an out-of-range pointer offset vulnerability can ...)
+CVE-2015-9002
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9001 (In TrustZone an information exposure vulnerability can potentially ...)
+CVE-2015-9001
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9000 (In TrustZone an untrusted pointer dereference vulnerability can ...)
+CVE-2015-9000
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8999 (In TrustZone a buffer overflow vulnerability can potentially occur in ...)
+CVE-2015-8999
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8998 (In TrustZone an integer overflow vulnerability can potentially occur ...)
+CVE-2015-8998
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8997 (In TrustZone a time-of-check time-of-use race condition could ...)
+CVE-2015-8997
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8996 (In TrustZone a time-of-check time-of-use race condition could ...)
+CVE-2015-8996
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8995 (In TrustZone an integer overflow vulnerability can potentially occur ...)
+CVE-2015-8995
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8994 (An issue was discovered in PHP 5.x and 7.x, when the configuration ...)
+CVE-2015-8994
 	- php7.1 <not-affected> (Fixed before initial upload to Debian)
 	- php7.0 7.0.14-1
 	- php5 <removed>
@@ -623,23 +623,23 @@ CVE-2015-8994 (An issue was discovered in PHP 5.x and 7.x, when the configuratio
 	[wheezy] - php5 <not-affected> (vulnerable code not present)
 	NOTE: Fixed in 7.1.0, 7.0.14, 5.6.29
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=69090
-CVE-2015-8993 (Malicious file execution vulnerability in Intel Security CloudAV ...)
+CVE-2015-8993
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8992 (Malicious file execution vulnerability in Intel Security WebAdvisor ...)
+CVE-2015-8992
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8991 (Malicious file execution vulnerability in Intel Security McAfee ...)
+CVE-2015-8991
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8990 (Detection bypass vulnerability in Intel Security Advanced Threat ...)
+CVE-2015-8990
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8989 (Unsalted password vulnerability in the Enterprise Manager (web portal) ...)
+CVE-2015-8989
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8988 (Unquoted executable path vulnerability in Client Management and ...)
+CVE-2015-8988
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8987 (Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in ...)
+CVE-2015-8987
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8986 (Sandbox detection evasion vulnerability in hardware appliances in ...)
+CVE-2015-8986
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8981 (Heap-based buffer overflow in the PdfParser::ReadXRefSubsection ...)
+CVE-2015-8981
 	{DLA-929-1}
 	- libpodofo 0.9.4-1 (bug #854599)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -654,44 +654,44 @@ CVE-2015-8980 [Arbitrary code execution in select_string, ngettext and npgettext
 	NOTE: For phpmyadmin, unimportant, since embeds lib but does not use in exploitable way
 	NOTE: http://seclists.org/fulldisclosure/2016/Aug/76
 	NOTE: Upstream patch: https://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/61
-CVE-2015-8979 (Stack-based buffer overflow in the parsePresentationContext function ...)
+CVE-2015-8979
 	{DSA-3749-1 DLA-755-1}
 	- dcmtk 3.6.1~20160216-2 (bug #848830)
 	NOTE: 3.6.1~20160216-2 is the first version in unstable containing the fix
 	NOTE: http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php
 	NOTE: Fixed by: https://github.com/commontk/DCMTK/commit/1b6bb76
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/2
-CVE-2015-8978 (In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, ...)
+CVE-2015-8978
 	{DLA-723-1}
 	- libsoap-lite-perl 1.19-1
 	[jessie] - libsoap-lite-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/redhotpenguin/soaplite/pull/21
 	NOTE: https://github.com/redhotpenguin/soaplite/commit/6942fe0d281be1c32c5117605f9c4e8d44f51124
-CVE-2015-8977 (MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and ...)
+CVE-2015-8977
 	NOT-FOR-US: MyBB
-CVE-2015-8976 (Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) ...)
+CVE-2015-8976
 	NOT-FOR-US: MyBB
-CVE-2015-8975 (Cross-site scripting (XSS) vulnerability in the error handler in MyBB ...)
+CVE-2015-8975
 	NOT-FOR-US: MyBB
-CVE-2015-8974 (SQL injection vulnerability in the Group Promotions module in the ...)
+CVE-2015-8974
 	NOT-FOR-US: MyBB
-CVE-2015-8973 (xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x ...)
+CVE-2015-8973
 	NOT-FOR-US: MyBB
-CVE-2015-8972 (Stack-based buffer overflow in the ValidateMove function in ...)
+CVE-2015-8972
 	- gnuchess 6.2.4-1 (unimportant)
 	NOTE: Built with hardening flags, no security impact
 	NOTE: http://lists.gnu.org/archive/html/bug-gnu-chess/2015-10/msg00002.html
 	NOTE: http://svn.savannah.gnu.org/viewvc?view=rev&root=chess&revision=134
-CVE-2015-8971 (Terminology 0.7.0 allows remote attackers to execute arbitrary ...)
+CVE-2015-8971
 	{DSA-3712-1}
 	- terminology 0.7.0-2 (bug #843434)
 	NOTE: https://git.enlightenment.org/apps/terminology.git/commit/?id=b80bedc7c21ecffe99d8d142930db696eebdd6a5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/04/12
-CVE-2015-8969 (git-fastclone before 1.0.5 passes user modifiable strings directly to a ...)
+CVE-2015-8969
 	NOT-FOR-US: git-fastclone
-CVE-2015-8968 (git-fastclone before 1.0.1 permits arbitrary shell command execution ...)
+CVE-2015-8968
 	NOT-FOR-US: git-fastclone
-CVE-2015-8970 (crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not ...)
+CVE-2015-8970
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
@@ -701,75 +701,75 @@ CVE-2015-8970 (crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not
 	NOTE: Followed by a complete set of related upstrema commits. See kernel-sec
 	NOTE: triage for details.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/6
-CVE-2015-8967 (arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local ...)
+CVE-2015-8967
 	- linux 4.0.2-1 (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/c623b33b4e9599c6ac5076f7db7369eb9869aa04 (v4.0-rc1)
 	NOTE: Missing security mitigation, not a vulnerability per se
-CVE-2015-8966 (arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 ...)
+CVE-2015-8966
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/76cc404bfdc0d419c720de4daaf2584542734f42 (v4.4-rc8)
-CVE-2015-8965 (Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows ...)
+CVE-2015-8965
 	NOT-FOR-US: Rogue Wave JViews
-CVE-2015-8964 (The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the ...)
+CVE-2015-8964
 	{DLA-772-1}
 	- linux 4.5.1-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/dd42bf1197144ede075a9d4793123f7689e164bc (v4.5-rc1)
-CVE-2015-8963 (Race condition in kernel/events/core.c in the Linux kernel before 4.4 ...)
+CVE-2015-8963
 	{DLA-772-1}
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/12ca6ad2e3a896256f086497a7c7406a547ee373 (v4.4)
-CVE-2015-8962 (Double free vulnerability in the sg_common_write function in ...)
+CVE-2015-8962
 	{DLA-772-1}
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f3951a3709ff50990bf3e188c27d346792103432 (v4.4-rc1)
-CVE-2015-8961 (The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux ...)
+CVE-2015-8961
 	- linux 4.3.3-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/6934da9238da947628be83635e365df41064b09b (v4.4-rc5)
-CVE-2015-8960 (The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, ...)
+CVE-2015-8960
 	NOTE: Vulnerability "in the TLS documentation", not assigned to a specific source/implentation
 	NOTE: https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf
-CVE-2015-8956 (The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the ...)
+CVE-2015-8956
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.2.1-1
 	NOTE: Fixed by: https://git.kernel.org/linus/951b6a0717db97ce420547222647bcc40bf1eacd (4.2-rc1)
-CVE-2015-8955 (arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 ...)
+CVE-2015-8955
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present; arm64 introduced in 3.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/8fff105e13041e49b82f92eef034f363a6b1c071 (4.1-rc1)
-CVE-2015-8954 (The MemcmpLowercase function in Suricata before 2.0.6 improperly ...)
+CVE-2015-8954
 	- suricata 2.0.6-1 (bug #777523)
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	[squeeze] - suricata <no-dsa> (Minor issue)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1364
 	NOTE: https://github.com/OISF/suricata/commit/17dfd59bc31a21e103e2f1216443cd1418398aa9
-CVE-2015-8953 (fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an ...)
+CVE-2015-8953
 	- linux 4.2.6-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/ab79efab0a0ba01a74df782eb7fa44b044dae8b5 (v4.3)
-CVE-2015-8952 (The mbcache feature in the ext2 and ext4 filesystem implementations in ...)
+CVE-2015-8952
 	- linux 4.6.1-1 (low)
 	[jessie] - linux <ignored> (Minor issue and too intrusive to backport, workaround exists with the no_mbcache mount flag)
 	[wheezy] - linux <no-dsa> (Minor issue and too intrusive to backport)
 	NOTE: https://git.kernel.org/linus/f9a61eb4e2471c56a63cd804c7474128138c38ac (v4.6-rc1)
 	NOTE: https://git.kernel.org/linus/82939d7999dfc1f1998c4b1c12e2f19edbdff272 (v4.6-rc1)
 	NOTE: https://git.kernel.org/linus/be0726d33cb8f411945884664924bed3cb8c70ee (v4.6-rc1)
-CVE-2015-8951 (Multiple use-after-free vulnerabilities in ...)
+CVE-2015-8951
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8950 (arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used ...)
+CVE-2015-8950
 	- linux 4.0.4-1
 	[jessie] - linux 3.16.7-ckt17-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present; arm64 introduced in 3.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/6829e274a623187c24f7cfc0e3d35f25d087fcc5 (4.1-rc2)
-CVE-2015-8957 (Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote ...)
+CVE-2015-8957
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832464)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
@@ -777,7 +777,7 @@ CVE-2015-8957 (Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2015-8958 (coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote ...)
+CVE-2015-8958
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832465)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
@@ -786,78 +786,78 @@ CVE-2015-8958 (coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote ...
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2015-8959 (coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote ...)
+CVE-2015-8959
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832944)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2015-8949 (Use-after-free vulnerability in the my_login function in DBD::mysql ...)
+CVE-2015-8949
 	{DSA-3635-1 DLA-576-1}
 	- libdbd-mysql-perl 4.035-1
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/pull/45
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/cf0aa7751f6ef8445e9310a64b14dc81460ca156
-CVE-2015-8948 (idn in GNU libidn before 1.33 might allow remote attackers to obtain ...)
+CVE-2015-8948
 	{DSA-3658-1 DLA-582-1}
 	- libidn 1.33-1
 	NOTE: Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=570e68886c41c2e765e6218cb317d9a9a447a041 (libidn-1-33)
 	NOTE: When fixing this issue, the followup fix http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60
 	NOTE: is required to fix the problem. (Resultet in followup CVE, CVE-2016-6262
 	NOTE: if not applied completely).
-CVE-2015-8947 (hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote ...)
+CVE-2015-8947
 	- harfbuzz 1.2.6-1
 	[jessie] - harfbuzz <no-dsa> (Minor issue, can be fixed via a DSA)
 	NOTE: https://cgit.freedesktop.org/harfbuzz/commit/?id=f96664974774bfeb237a7274f512f64aaafb201e (1.0.5)
-CVE-2015-8946 (ecryptfs-setup-swap in eCryptfs before 111 does not prevent the ...)
+CVE-2015-8946
 	- ecryptfs-utils 111-1
 	[jessie] - ecryptfs-utils <no-dsa> (Minor issue)
 	[wheezy] - ecryptfs-utils <no-dsa> (Only happens if using systemd v207 onward)
 	NOTE: https://launchpad.net/bugs/1447282
 	NOTE: Fixed by: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2
-CVE-2015-8945 (openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores ...)
+CVE-2015-8945
 	NOT-FOR-US: OpenShift
-CVE-2015-8944 (The ioresources_init function in kernel/resource.c in the Linux kernel ...)
+CVE-2015-8944
 	- linux <not-affected> (Android-specific patch, /proc/iomem is root-restricted already)
-CVE-2015-8943 (drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in ...)
+CVE-2015-8943
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8942 (drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the ...)
+CVE-2015-8942
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8941 (drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the ...)
+CVE-2015-8941
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8940 (Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm ...)
+CVE-2015-8940
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8939 (drivers/video/msm/mdp4_util.c in the Qualcomm components in Android ...)
+CVE-2015-8939
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8938 (The MSM camera driver in the Qualcomm components in Android before ...)
+CVE-2015-8938
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8937 (drivers/char/diag/diagchar_core.c in the Qualcomm components in ...)
+CVE-2015-8937
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8936 (Cross-site scripting (XSS) vulnerability in squidGuard.cgi in ...)
+CVE-2015-8936
 	{DLA-524-1}
 	- squidguard 1.5-5 (unimportant)
 	NOTE: Only affects an example script
 	NOTE: Fix applied: 16_XSS-security-bugfix.patch in 1.5-5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/06/20/2
-CVE-2015-8935 (The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x ...)
+CVE-2015-8935
 	- php5 5.6.6+dfsg-1
 	[wheezy] - php5 5.4.38-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=68978
 	NOTE: https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b
 	NOTE: Fixed in 5.6.6, 5.5.22 and 5.4.38
-CVE-2015-8934 (The copy_from_lzss_window function in ...)
+CVE-2015-8934
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: https://github.com/libarchive/libarchive/issues/521
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/603454ec03040c29bd051fcc749e3c1433c11a8e (v3.2.1)
-CVE-2015-8933 (Integer overflow in the archive_read_format_tar_skip function in ...)
+CVE-2015-8933
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/548
 	NOTE: https://github.com/libarchive/libarchive/issues/582
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3c7a6dc6694d9b26400d2bd672e04d09ed8a4276 (v3.1.900a)
-CVE-2015-8932 (The compress_bidder_init function in ...)
+CVE-2015-8932
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/547
@@ -866,94 +866,94 @@ CVE-2015-8932 (The compress_bidder_init function in ...)
 	NOTE: and https://github.com/libarchive/libarchive/commit/618618c8a6be453f79e0bdbdeab6e1dd8bf429b3 (v3.1.900a)
 	NOTE: Part of the problematic code was introduced with commit bf4f6ec64ef3edefbc41172692868fb8df514805
 	NOTE: to fix https://github.com/libarchive/libarchive/issues/356
-CVE-2015-8931 (Multiple integer overflows in the (1) get_time_t_max and (2) ...)
+CVE-2015-8931
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/539
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/b31744df71084a8734f97199e42418f55d08c6c5 (v3.1.900a)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/c0c52e9aaafb0860c4151c5374372051e9354301 (v3.1.900a)
-CVE-2015-8930 (bsdtar in libarchive before 3.2.0 allows remote attackers to cause a ...)
+CVE-2015-8930
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/522
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/39fc59391b7cf2a007bffce280c1e3e66674258f (v3.1.900a)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/01cfbca4fdae1492a8a09c001b61bbca46f869f2 (v3.1.900a)
-CVE-2015-8929 (Memory leak in the __archive_read_get_extract function in ...)
+CVE-2015-8929
 	- libarchive 3.2.0-2
 	[jessie] - libarchive <not-affected> (Introduced in 3.2.0)
 	[wheezy] - libarchive <not-affected> (Introduced in 3.2.0)
 	NOTE: https://github.com/libarchive/libarchive/issues/517
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/d24e79e8f9547ae475a3a0c9516e079a14010838
-CVE-2015-8928 (The process_add_entry function in archive_read_support_format_mtree.c ...)
+CVE-2015-8928
 	{DSA-3657-1}
 	- libarchive 3.2.0-2
 	[wheezy] - libarchive <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libarchive/libarchive/issues/550
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/64d5628
-CVE-2015-8927 (The trad_enc_decrypt_update function in ...)
+CVE-2015-8927
 	- libarchive 3.2.0-2
 	[jessie] - libarchive <not-affected> (vulnerable code not present)
 	[wheezy] - libarchive <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libarchive/libarchive/issues/523
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/eff35d4
-CVE-2015-8926 (The archive_read_format_rar_read_data function in ...)
+CVE-2015-8926
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/518
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/aab73938
-CVE-2015-8925 (The readline function in archive_read_support_format_mtree.c in ...)
+CVE-2015-8925
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/516
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/1e18cbb71
-CVE-2015-8924 (The archive_read_format_tar_read_header function in ...)
+CVE-2015-8924
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/515
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/bb9b157
-CVE-2015-8923 (The process_extra function in libarchive before 3.2.0 uses the size ...)
+CVE-2015-8923
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/514
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/9e0689c
-CVE-2015-8922 (The read_CodersInfo function in archive_read_support_format_7zip.c in ...)
+CVE-2015-8922
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/513
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/d094dc
-CVE-2015-8921 (The ae_strtofflags function in archive_entry.c in libarchive before ...)
+CVE-2015-8921
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/512
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/1cbc76f
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/05a875fdb876e7a2f56a2937f756927cbed919e0
-CVE-2015-8920 (The _ar_read_header function in archive_read_support_format_ar.c in ...)
+CVE-2015-8920
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/511
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/97f964e
-CVE-2015-8919 (The lha_read_file_extended_header function in ...)
+CVE-2015-8919
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/510
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/e8a2e4d
-CVE-2015-8918 (The archive_string_append function in archive_string.c in libarchive ...)
+CVE-2015-8918
 	- libarchive <not-affected> (Vulnerable code not in a released version)
 	NOTE: Introduced in  https://github.com/libarchive/libarchive/commit/cf8e67ffc8a2227b63fc6d3d1569b0214f160f54
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/b6ba56037f0da44efebfa271cc4b1a736a74c62f
 	NOTE: https://github.com/libarchive/libarchive/issues/506
-CVE-2015-8917 (bsdtar in libarchive before 3.2.0 allows remote attackers to cause a ...)
+CVE-2015-8917
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/505
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
-CVE-2015-8916 (bsdtar in libarchive before 3.2.0 returns a success code without ...)
+CVE-2015-8916
 	{DSA-3657-1}
 	- libarchive 3.2.0-2
 	[wheezy] - libarchive <not-affected> (no segfault, not reproducible with reproducer)
 	NOTE: https://github.com/libarchive/libarchive/issues/504
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
-CVE-2015-8915 (bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a ...)
+CVE-2015-8915
 	{DLA-1600-1 DLA-617-1}
 	- libarchive 3.2.0-2 (low; bug #784213)
 	[squeeze] - libarchive <no-dsa> (Minor issue)
@@ -962,7 +962,7 @@ CVE-2015-8915 (bsdcpio in libarchive before 3.2.0 allows remote attackers to cau
 	NOTE: 502 is a duplicate of https://github.com/libarchive/libarchive/issues/503
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e6c9668f3202215ddb71617b41c19b6f05acf008
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3865cf2bcb0eebc1baef28a7841b1cadae6e0f7c
-CVE-2015-8914 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 ...)
+CVE-2015-8914
 	- neutron 2:8.1.2-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1502933
@@ -986,35 +986,35 @@ CVE-2015-8905
 	REJECTED
 CVE-2015-8904
 	REJECTED
-CVE-2015-1000013 (Remote file upload vulnerability in wordpress plugin csv2wpec-coupon ...)
+CVE-2015-1000013
 	NOT-FOR-US: WordPress plugin csv2wpec-coupon
-CVE-2015-1000012 (Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin ...)
+CVE-2015-1000012
 	NOT-FOR-US: WordPress plugin mypixs
-CVE-2015-1000011 (Blind SQL Injection in wordpress plugin dukapress v2.5.9 ...)
+CVE-2015-1000011
 	NOT-FOR-US: WordPress plugin dukapress
-CVE-2015-1000010 (Remote file download in simple-image-manipulator v1.0 wordpress plugin ...)
+CVE-2015-1000010
 	NOT-FOR-US: WordPress plugin simple-image-manipulator
-CVE-2015-1000009 (Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05 ...)
+CVE-2015-1000009
 	NOT-FOR-US: WordPress plugin google-adsense-and-hotel-booking
-CVE-2015-1000008 (Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2 ...)
+CVE-2015-1000008
 	NOT-FOR-US: WordPress plugin MP3-jPlayer
-CVE-2015-1000007 (Remote file download vulnerability in wptf-image-gallery v1.03 ...)
+CVE-2015-1000007
 	NOT-FOR-US: WordPress plugin wptf-image-gallery
-CVE-2015-1000006 (Remote file download vulnerability in recent-backups v0.7 wordpress ...)
+CVE-2015-1000006
 	NOT-FOR-US: WordPress plugin recent-backups
-CVE-2015-1000005 (Remote file download vulnerability in candidate-application-form v1.0 ...)
+CVE-2015-1000005
 	NOT-FOR-US: WordPress plugin candidate-application-form
-CVE-2015-1000004 (XSS in filedownload v1.4 wordpress plugin ...)
+CVE-2015-1000004
 	NOT-FOR-US: WordPress plugin filedownload
-CVE-2015-1000003 (Blind SQL Injection in filedownload v1.4 wordpress plugin ...)
+CVE-2015-1000003
 	NOT-FOR-US: WordPress plugin filedownload
-CVE-2015-1000002 (Open Proxy in filedownload v1.4 wordpress plugin ...)
+CVE-2015-1000002
 	NOT-FOR-US: WordPress plugin filedownload
-CVE-2015-1000001 (Remote file upload vulnerability in fast-image-adder v1.1 Wordpress ...)
+CVE-2015-1000001
 	NOT-FOR-US: WordPress plugin fast-image-adder
-CVE-2015-1000000 (Remote file upload vulnerability in mailcwp v1.99 wordpress plugin ...)
+CVE-2015-1000000
 	NOT-FOR-US: WordPress plugin mailcwp
-CVE-2015-8899 (Dnsmasq before 2.76 allows remote servers to cause a denial of service ...)
+CVE-2015-8899
 	- dnsmasq 2.76-1
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
@@ -1022,19 +1022,19 @@ CVE-2015-8899 (Dnsmasq before 2.76 allows remote servers to cause a denial of se
 	NOTE: Fixed by: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 (v2.76rc1)
 	NOTE: Introduced by: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=cbc652423403e3cef00e00240f6beef713142246 (v2.73rc1)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1581181
-CVE-2015-8898 (The WriteImages function in magick/constitute.c in ImageMagick before ...)
+CVE-2015-8898
 	- imagemagick 8:6.8.9.9-7
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/34
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44
-CVE-2015-8897 (The SpliceImage function in MagickCore/transform.c in ImageMagick ...)
+CVE-2015-8897
 	- imagemagick 8:6.8.9.9-7
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231
-CVE-2015-8896 (Integer truncation issue in coders/pict.c in ImageMagick before ...)
+CVE-2015-8896
 	{DLA-353-1}
 	- imagemagick 8:6.8.9.9-7 (bug #806441)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -1043,7 +1043,7 @@ CVE-2015-8896 (Integer truncation issue in coders/pict.c in ImageMagick before .
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4
-CVE-2015-8895 (Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later ...)
+CVE-2015-8895
 	{DLA-353-1}
 	- imagemagick 8:6.8.9.9-7 (bug #806441)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -1053,7 +1053,7 @@ CVE-2015-8895 (Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and late
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4
 	NOTE: The issue is only exploitable on 32 bit architectures.
-CVE-2015-8894 (Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and ...)
+CVE-2015-8894
 	- imagemagick 8:6.8.9.9-6 (bug #806442; bug #799524)
 	[jessie] - imagemagick <not-affected> (Can't reproduce crash with file)
 	[wheezy] - imagemagick <not-affected> (Can't reproduce crash with file)
@@ -1063,17 +1063,17 @@ CVE-2015-8894 (Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 an
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4
 	NOTE: The problem can only be triggered with recent versions of ImageMagick (8:6.9.1.2-1 in experimental is vulnerable, 8:6.8.9.9-6 in sid is not vulnerable, older versions are not vulnerable)
-CVE-2015-8893 (app/aboot/aboot.c in the Qualcomm bootloader in Android before ...)
+CVE-2015-8893
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8892 (platform/msm_shared/boot_verifier.c in the Qualcomm components in ...)
+CVE-2015-8892
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8891 (Multiple integer overflows in app/aboot/aboot.c in the Qualcomm ...)
+CVE-2015-8891
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8890 (platform/msm_shared/partition_parser.c in the Qualcomm components in ...)
+CVE-2015-8890
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8889 (The aboot implementation in the Qualcomm components in Android before ...)
+CVE-2015-8889
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8888 (Integer overflow in app/aboot/aboot.c in the Qualcomm components in ...)
+CVE-2015-8888
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-8887
 	RESERVED
@@ -1089,22 +1089,22 @@ CVE-2015-8882
 	RESERVED
 CVE-2015-8881
 	RESERVED
-CVE-2015-8880 (Double free vulnerability in the format printer in PHP 7.x before ...)
+CVE-2015-8880
 	- php7.0 7.0.1-1
-CVE-2015-8879 (The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 ...)
+CVE-2015-8879
 	{DLA-499-1}
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	- php7.0 7.0.0-1
 	NOTE: Fixed in PHP 5.6.12, 7.0.0
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=69975
-CVE-2015-8878 (main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before ...)
+CVE-2015-8878
 	{DLA-499-1}
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	NOTE: Fixed in PHP 5.6.12, 5.5.28
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=70002
-CVE-2015-8877 (The gdImageScaleTwoPass function in gd_interpolation.c in the GD ...)
+CVE-2015-8877
 	{DSA-3587-1}
 	- libgd2 2.2.1-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -1116,14 +1116,14 @@ CVE-2015-8877 (The gdImageScaleTwoPass function in gd_interpolation.c in the GD
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=70064
 	NOTE: Fixed in PHP 5.6.12, 7.0.0
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2015-8876 (Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and ...)
+CVE-2015-8876
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
 	- php7.0 7.0.0-1
 	NOTE: Fixed in PHP 7.0.0, 5.6.12, 5.5.28, 5.4.44
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=70121
-CVE-2015-8874 (Stack consumption vulnerability in GD in PHP before 5.6.12 allows ...)
+CVE-2015-8874
 	{DSA-3587-1 DLA-482-1}
 	- libgd2 2.2.1-1 (bug #824627)
 	NOTE: https://github.com/libgd/libgd/commit/38241013cc048af7c03daf6e9a75b4f42bffb200
@@ -1133,25 +1133,25 @@ CVE-2015-8874 (Stack consumption vulnerability in GD in PHP before 5.6.12 allows
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=66387
 	NOTE: Fixed in 5.6.12, 7.0.0
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2015-8873 (Stack consumption vulnerability in Zend/zend_exceptions.c in PHP ...)
+CVE-2015-8873
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
 	NOTE: Fixed in 5.6.12, 5.5.28, 5.4.44
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=69793
-CVE-2015-8872 (The set_fat function in fat.c in dosfstools before 4.0 might allow ...)
+CVE-2015-8872
 	{DLA-474-1}
 	- dosfstools 4.0-1
 	[jessie] - dosfstools <no-dsa> (Minor issue)
 	NOTE: https://github.com/dosfstools/dosfstools/issues/12
 	NOTE: https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7
-CVE-2015-8870 (Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows ...)
+CVE-2015-8870
 	- tiff 4.0.3-12
 	[wheezy] - tiff 4.0.2-6+deb7u4
 	NOTE: Fixed already with the patch applied in 4.0.3-12 in unstable for the
 	NOTE: CVE-2014-9330 issue.
 	- tiff3 <not-affected> (libtiff-tools not shipped in tiff3)
-CVE-2015-8869 (OCaml before 4.03.0 does not properly handle sign extensions, which ...)
+CVE-2015-8869
 	{DLA-466-1}
 	- ocaml 4.02.3-9 (bug #824139)
 	[jessie] - ocaml <no-dsa> (Minor issue; can be fixed via point release and sheduling binNMUs there)
@@ -1159,7 +1159,7 @@ CVE-2015-8869 (OCaml before 4.03.0 does not properly handle sign extensions, whi
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/1
 	NOTE: Ocaml applications using the patched functions need to be recompiled with the
 	NOTE: fixed ocaml version.
-CVE-2015-8864 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before ...)
+CVE-2015-8864
 	{DLA-537-1}
 	- roundcube 1.1.5+dfsg.1-1 (bug #822333)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/4949
@@ -1168,31 +1168,31 @@ CVE-2015-8864 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail bef
 	NOTE: https://github.com/roundcube/roundcubemail/commit/7bbefdb63b12e2344cf1cb87aeb6e3933b4063e0 (release-1.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/3
 	NOTE: https://lists.debian.org/debian-lts/2016/06/msg00159.html
-CVE-2015-8862 (mustache package before 2.2.1 for Node.js allows remote attackers to ...)
+CVE-2015-8862
 	- mustache.js <unfixed> (unimportant)
 	NOTE: node-handlebars only in experimental for now, fixed in 4.0.0
 	NOTE: libv8 is not covered by security support
-CVE-2015-8861 (The handlebars package before 4.0.0 for Node.js allows remote ...)
+CVE-2015-8861
 	- mustache.js <unfixed> (unimportant)
 	NOTE: node-handlebars only in experimental for now, fixed in 4.0.0
 	NOTE: libv8 is not covered by security support
-CVE-2015-8860 (The tar package before 2.0.0 for Node.js allows remote attackers to ...)
+CVE-2015-8860
 	- node-tar <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
-CVE-2015-8859 (The send package before 0.11.1 for Node.js allows attackers to obtain ...)
+CVE-2015-8859
 	- node-send <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/56
-CVE-2015-8858 (The uglify-js package before 2.6.0 for Node.js allows attackers to ...)
+CVE-2015-8858
 	- uglifyjs <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/48
-CVE-2015-8854 (The marked package before 0.3.4 for Node.js allows attackers to cause ...)
+CVE-2015-8854
 	- node-marked 0.3.6+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/marked_redos
 	NOTE: https://github.com/chjj/marked/issues/497
 	NOTE: libv8 is not covered by security support
-CVE-2015-8866 (ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when ...)
+CVE-2015-8866
 	{DLA-499-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=64938
@@ -1201,7 +1201,7 @@ CVE-2015-8866 (ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6,
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9
 	NOTE: Fixed in 5.6.6, 5.5.22
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
-CVE-2015-8867 (The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in ...)
+CVE-2015-8867
 	- php7.0 7.0.0-1
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
@@ -1211,14 +1211,14 @@ CVE-2015-8867 (The openssl_random_pseudo_bytes function in ext/openssl/openssl.c
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827
 	NOTE: Fixed in 7.0.0, 5.6.12, 5.5.28, 5.5.44
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
-CVE-2015-8853 (The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in ...)
+CVE-2015-8853
 	- perl 5.22.1-1 (bug #821848)
 	[jessie] - perl 5.20.2-3+deb8u5
 	[wheezy] - perl <no-dsa> (Minor issue)
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=123562
 	NOTE: http://perl5.git.perl.org/perl.git/commitdiff/22b433eff9a1ffa2454e18405a56650f07b385b5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/20/5
-CVE-2015-8863 (Off-by-one error in the tokenadd function in jv_parse.c in jq allows ...)
+CVE-2015-8863
 	- jq 1.5+dfsg-1.1 (low; bug #802231)
 	[jessie] - jq 1.4-2.1+deb8u1
 	NOTE: https://github.com/stedolan/jq/issues/995
@@ -1234,7 +1234,7 @@ CVE-2015-8847
 	RESERVED
 CVE-2015-8846
 	RESERVED
-CVE-2015-8843 (The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit ...)
+CVE-2015-8843
 	NOT-FOR-US: Foxit Reader
 CVE-2015-8851
 	RESERVED
@@ -1244,31 +1244,31 @@ CVE-2015-8851
 	NOTE: https://github.com/broofa/node-uuid/issues/122
 	NOTE: https://github.com/broofa/node-uuid/commit/672f3834ed02c798aa021c618d0a5666c8da000d
 	NOTE: nodejs not covered by security support
-CVE-2015-8844 (The signal implementation in the Linux kernel before 4.3.5 on powerpc ...)
+CVE-2015-8844
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326540
 	NOTE: Upstream commit: https://git.kernel.org/linus/d2b9d2a5ad5ef04ff978c9923d19730cb05efd55 (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/2b0a576d15e0e14751f00f9c87e46bad27f217e7 (v3.9-rc1)
-CVE-2015-8845 (The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the ...)
+CVE-2015-8845
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326540
 	NOTE: Upstream commit: https://git.kernel.org/linus/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/fb09692e71f13af7298eb603a1975850b1c7a8d8 (v3.9-rc1)
-CVE-2015-8868 (Heap-based buffer overflow in the ...)
+CVE-2015-8868
 	{DSA-3563-1 DLA-446-1}
 	- poppler 0.38.0-3 (bug #822578)
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=93476
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/12/1
-CVE-2015-8841 (Heap-based buffer overflow in the Archive support module in ESET NOD32 ...)
+CVE-2015-8841
 	NOT-FOR-US: ESET NOD32
-CVE-2015-8840 (The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does ...)
+CVE-2015-8840
 	NOT-FOR-US: SAP
-CVE-2015-8842 (tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions ...)
+CVE-2015-8842
 	- systemd 215-1 (bug #825059)
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972612
@@ -1277,7 +1277,7 @@ CVE-2015-8842 (tmpfiles.d/systemd.conf in systemd before 229 uses weak permissio
 	NOTE: Starting with 215 Debian no longer ships tmpfiles.d/systemd.conf, so the fixup upstream added as
 	NOTE: afae249efa4774c6676738ac5de6aeb4daf4889f for persistent journals is not needed for the packaged
 	NOTE: version. Anyone using a custom config needs to ensure proper permissions.
-CVE-2015-8865 (The file_check_mem function in funcs.c in file before 5.23, as used in ...)
+CVE-2015-8865
 	{DSA-3560-1 DLA-499-1 DLA-460-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -1291,7 +1291,7 @@ CVE-2015-8865 (The file_check_mem function in funcs.c in file before 5.23, as us
 	NOTE: PHP fixed in 7.0.5, 5.6.20, 5.5.34
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/4e614ba041e24af8351afbb49c92444c0850f23b
-CVE-2015-8839 (Multiple race conditions in the ext4 filesystem implementation in the ...)
+CVE-2015-8839
 	- linux 4.5.1-1
 	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://git.kernel.org/linus/ea3d7209ca01da209cda6f0dea8be9cc4b7a933b (v4.5-rc1)
@@ -1299,13 +1299,13 @@ CVE-2015-8839 (Multiple race conditions in the ext4 filesystem implementation in
 	NOTE: https://git.kernel.org/linus/32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70 (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/011278485ecc3cd2a3954b5d4c73101d919bf1fa (v4.5-rc1)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972174
-CVE-2015-8838 (ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and ...)
+CVE-2015-8838
 	- php5 5.6.11+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
 	NOTE: Fixed in 5.6.11, 5.5.27, 5.4.43
 	NOTE: https://bugs.php.net/bug.php?id=69669
-CVE-2015-8834 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in ...)
+CVE-2015-8834
 	{DSA-3639-1 DLA-633-1}
 	- wordpress 4.2.2+dfsg-1
 	NOTE: https://wordpress.org/news/2015/05/wordpress-4-2-2/
@@ -1317,7 +1317,7 @@ CVE-2015-8834 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php
 	NOTE: Wheezy: https://core.trac.wordpress.org/changeset/32395
 	NOTE: Wheezy: https://core.trac.wordpress.org/changeset/32423
 	NOTE: Wheezy: https://core.trac.wordpress.org/changeset/32435
-CVE-2015-8835 (The make_http_soap_request function in ext/soap/php_http.c in PHP ...)
+CVE-2015-8835
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
@@ -1325,7 +1325,7 @@ CVE-2015-8835 (The make_http_soap_request function in ext/soap/php_http.c in PHP
 	NOTE: https://bugs.php.net/bug.php?id=70081
 	NOTE: Fixed in 5.6.12, 5.5.28, 5.4.44
 	NOTE: CVE assignment is for "The first problem" section of Bug 70081
-CVE-2015-8833 (Use-after-free vulnerability in the create_smp_dialog function in ...)
+CVE-2015-8833
 	{DSA-3528-1}
 	- pidgin-otr 4.0.2-1
 	[wheezy] - pidgin-otr <not-affected> (Vulnerable code not present)
@@ -1335,13 +1335,13 @@ CVE-2015-8833 (Use-after-free vulnerability in the create_smp_dialog function in
 	NOTE: Fixed by: https://bugs.otr.im/projects/pidgin-otr/repository/revisions/aaf551b9dd5cbba8c4abaa3d4dc7ead860efef94
 	NOTE: Introduced by: https://bugs.otr.im/projects/pidgin-otr/repository/revisions/c276bfa786bef8a4572a37d5633cf40f480d3ae0
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/09/8
-CVE-2015-8832 (Multiple incomplete blacklist vulnerabilities in ...)
+CVE-2015-8832
 	- dotclear <removed> (bug #815979)
 	NOTE: https://hg.dotclear.org/dotclear/rev/198580bc3d80
 	NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2
 	NOTE: Fixed upstream in 2.8.2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/05/4
-CVE-2015-8831 (Cross-site scripting (XSS) vulnerability in admin/comments.php in ...)
+CVE-2015-8831
 	- dotclear <removed> (bug #815979)
 	NOTE: https://hg.dotclear.org/dotclear/rev/65e65154dadf
 	NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2
@@ -1359,17 +1359,17 @@ CVE-2015-8825
 	REJECTED
 CVE-2015-8824
 	REJECTED
-CVE-2015-8823 (Use-after-free vulnerability in the TextField object implementation in ...)
+CVE-2015-8823
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8822 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8822
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8821 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8821
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8820 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8820
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8819
 	RESERVED
-CVE-2015-8818 (The cpu_physical_memory_write_rom_internal function in exec.c in QEMU ...)
+CVE-2015-8818
 	- qemu 1:2.4+dfsg-1a
 	[jessie] - qemu <ignored> (Minor issue; too dangerous backport)
 	[wheezy] - qemu <not-affected> (Affects Qemu versions >= 1.6.0 and <= 2.3.1)
@@ -1379,7 +1379,7 @@ CVE-2015-8818 (The cpu_physical_memory_write_rom_internal function in exec.c in
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=b242e0e0e2969c044a318e56f7988bbd84de1f63 (v2.4.0-rc0)
 	NOTE: same patchset than CVE-2015-8817
 	NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00065.html
-CVE-2015-8817 (QEMU (aka Quick Emulator) built to use 'address_space_translate' to ...)
+CVE-2015-8817
 	- qemu 1:2.4+dfsg-1a
 	[jessie] - qemu <ignored> (Minor issue; too dangerous backport)
 	[wheezy] - qemu <not-affected> (Affects Qemu versions >= 1.6.0 and <= 2.3.1)
@@ -1390,13 +1390,13 @@ CVE-2015-8817 (QEMU (aka Quick Emulator) built to use 'address_space_translate'
 	NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3 (v2.4.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00065.html
-CVE-2015-8852 (Varnish 3.x before 3.0.7, when used in certain stacked installations, ...)
+CVE-2015-8852
 	{DSA-3553-1}
 	- varnish 4.0.0-1 (bug #783510)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/16/1
 	NOTE: fixed in 3.0.7 upstream, mark as fixed with first 4.x version in unstable
 	NOTE: 4.x not affected
-CVE-2015-8857 (The uglify-js package before 2.4.24 for Node.js does not properly ...)
+CVE-2015-8857
 	- uglifyjs <unfixed> (unimportant)
 	NOTE: fixed in 2.4.24
 	NOTE: https://zyan.scripts.mit.edu/blog/backdooring-js/
@@ -1424,28 +1424,28 @@ CVE-2015-XXXX [quoteless attributes in templates can lead to content injection]
 	NOTE: https://github.com/janl/mustache.js/commit/378bcca8a5cfe4058f294a3dbb78e8755e8e0da5
 	NOTE: https://nodesecurity.io/advisories/62
 	NOTE: Security hardening, not a vulnerability
-CVE-2015-9244 (Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not ...)
+CVE-2015-9244
 	- node-mysql 2.0.0~alpha8-1 (unimportant)
 	NOTE: https://github.com/felixge/node-mysql/issues/342
 	NOTE: https://nodesecurity.io/advisories/66
 	NOTE: nodejs not covered by security support
-CVE-2015-8830 (Integer overflow in the aio_setup_single_vector function in fs/aio.c ...)
+CVE-2015-8830
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.7-ckt20-1+deb8u4
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/4c185ce06dca14f5cea192f5a2c981ef50663f2b (v4.1-rc1)
-CVE-2015-8816 (The hub_activate function in drivers/usb/core/hub.c in the Linux ...)
+CVE-2015-8816
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea (v4.4-rc6)
-CVE-2015-8815 (Multiple cross-site scripting (XSS) vulnerabilities in Umbraco before ...)
+CVE-2015-8815
 	NOT-FOR-US: Umbraco
-CVE-2015-8814 (Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery ...)
+CVE-2015-8814
 	NOT-FOR-US: Umbraco
-CVE-2015-8813 (The Page_Load function in ...)
+CVE-2015-8813
 	NOT-FOR-US: Umbraco
-CVE-2015-8812 (drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 ...)
+CVE-2015-8812
 	{DSA-3503-1 DLA-439-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
@@ -1459,68 +1459,68 @@ CVE-2015-8810
 	RESERVED
 CVE-2015-8809
 	RESERVED
-CVE-2015-8808 (The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 ...)
+CVE-2015-8808
 	{DSA-3746-1 DLA-484-1}
 	- graphicsmagick 1.3.21-2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e8fa353f53
 CVE-2015-8802
 	REJECTED
-CVE-2015-8801 (Race condition in the client in Symantec Endpoint Protection (SEP) ...)
+CVE-2015-8801
 	NOT-FOR-US: Symantec
-CVE-2015-8800 (Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x ...)
+CVE-2015-8800
 	NOT-FOR-US: Symantec
-CVE-2015-8799 (Directory traversal vulnerability in the Management Server in Symantec ...)
+CVE-2015-8799
 	NOT-FOR-US: Symantec
-CVE-2015-8798 (Directory traversal vulnerability in the Management Server in Symantec ...)
+CVE-2015-8798
 	NOT-FOR-US: Symantec
-CVE-2015-8807 (Cross-site scripting (XSS) vulnerability in the _renderVarInput_number ...)
+CVE-2015-8807
 	{DSA-3496-1}
 	- php-horde-core 2.22.4+debian0-1 (bug #813590)
 	NOTE: https://github.com/horde/horde/commit/11d74fa5a22fe626c5e5a010b703cd46a136f253
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/4
-CVE-2015-8806 (dict.c in libxml2 allows remote attackers to cause a denial of service ...)
+CVE-2015-8806
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #813613)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=749115
 	NOTE: Same fix as CVE-2016-1839 seems to resolve the issue
-CVE-2015-8805 (The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not ...)
+CVE-2015-8805
 	- nettle 3.2-1 (bug #813679)
 	[jessie] - nettle 2.7.1-5+deb8u1
 	[wheezy] - nettle <not-affected> (Vulnerable code not present)
 	[squeeze] - nettle <not-affected> (Vulnerable code not present)
 	NOTE: https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
-CVE-2015-8804 (x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle ...)
+CVE-2015-8804
 	- nettle 3.2-1 (bug #813679)
 	[jessie] - nettle 2.7.1-5+deb8u1
 	[wheezy] - nettle <not-affected> (Vulnerable code not present)
 	[squeeze] - nettle <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html
 	NOTE: https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7
-CVE-2015-8803 (The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not ...)
+CVE-2015-8803
 	- nettle 3.2-1 (bug #813679)
 	[jessie] - nettle 2.7.1-5+deb8u1
 	[wheezy] - nettle <not-affected> (Vulnerable code not present)
 	[squeeze] - nettle <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html
 	NOTE: https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
-CVE-2015-8797 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-8797
 	- lucene-solr <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-7949
-CVE-2015-8796 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-8796
 	- lucene-solr <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-7920
-CVE-2015-8795 (Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in ...)
+CVE-2015-8795
 	- lucene-solr <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-7346
-CVE-2015-8794 (Absolute path traversal vulnerability in ...)
+CVE-2015-8794
 	- roundcube 1.1.2+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://www.scip.ch/en/?vuldb.80732
 	NOTE: http://web.archive.org/web/20160329044745/http://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released
 	NOTE: http://trac.roundcube.net/ticket/1490379
-CVE-2015-8793 (Cross-site scripting (XSS) vulnerability in program/include/rcmail.php ...)
+CVE-2015-8793
 	- roundcube 1.1.2+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
@@ -1528,12 +1528,12 @@ CVE-2015-8793 (Cross-site scripting (XSS) vulnerability in program/include/rcmai
 	NOTE: http://www.scip.ch/en/?vuldb.80731
 	NOTE: http://trac.roundcube.net/ticket/1490417 - mentions 1.0 not vulnerable, verified code not present in squeeze
 	NOTE: http://web.archive.org/web/20150627125240/http://trac.roundcube.net:80/changeset/b782815dac/github
-CVE-2015-8791 (The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 ...)
+CVE-2015-8791
 	{DSA-3538-1 DLA-438-1}
 	- libebml 1.3.3-1
 	NOTE: https://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
 	NOTE: https://github.com/Matroska-Org/libebml/commit/24e5cd7c666b1ddd85619d60486db0a5481c1b90
-CVE-2015-8790 (The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 ...)
+CVE-2015-8790
 	{DSA-3538-1 DLA-438-1}
 	- libebml 1.3.3-1
 	NOTE: https://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
@@ -1562,12 +1562,12 @@ CVE-2015-XXXX [Use-after-free in WDDX Packet Deserialization]
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=366f9505a4aae98ef2f4ca39a838f628a324b746
 	NOTE: https://bugs.php.net/bug.php?id=70661
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/03/3
-CVE-2015-8792 (The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 ...)
+CVE-2015-8792
 	{DSA-3526-1 DLA-420-1}
 	- libmatroska 1.4.4-1
 	NOTE: http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
 	NOTE: https://github.com/Matroska-Org/libmatroska/commit/0a2d3e3644a7453b6513db2f9bc270f77943573f
-CVE-2015-8789 (Use-after-free vulnerability in the EbmlMaster::Read function in ...)
+CVE-2015-8789
 	{DSA-3538-1}
 	- libebml 1.3.3-1
 	[squeeze] - libebml <not-affected> (Vulnerable code not present)
@@ -1575,7 +1575,7 @@ CVE-2015-8789 (Use-after-free vulnerability in the EbmlMaster::Read function in
 	NOTE: https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24
 CVE-2015-8788
 	RESERVED
-CVE-2015-8787 (The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c ...)
+CVE-2015-8787
 	- linux 4.3.5-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in v3.19-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v3.19-rc1)
@@ -1585,35 +1585,35 @@ CVE-2015-8787 (The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirec
 	NOTE: Introduced by: https://git.kernel.org/linus/8b13eddfdf04cbfa561725cfc42d6868fe896f56 (v3.19-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/94f9cd81436c85d8c3a318ba92e236ede73752fc (v4.4-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/27/6
-CVE-2015-8786 (The Management plugin in RabbitMQ before 3.6.1 allows remote ...)
+CVE-2015-8786
 	- rabbitmq-server 3.6.5-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <not-affected> (lengths_age or lengths_incr parameters are not present)
 	NOTE: https://github.com/rabbitmq/rabbitmq-management/issues/97
-CVE-2015-8780 (Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a ...)
+CVE-2015-8780
 	NOT-FOR-US: Samsung
-CVE-2015-8783 (tif_luv.c in libtiff allows attackers to cause a denial of service ...)
+CVE-2015-8783
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
-CVE-2015-8782 (tif_luv.c in libtiff allows attackers to cause a denial of service ...)
+CVE-2015-8782
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
-CVE-2015-8781 (tif_luv.c in libtiff allows attackers to cause a denial of service ...)
+CVE-2015-8781
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522#0
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
-CVE-2015-8784 (The NeXTDecode function in tif_next.c in LibTIFF allows remote ...)
+CVE-2015-8784
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
@@ -1636,66 +1636,66 @@ CVE-2015-8775
 	RESERVED
 CVE-2015-8774
 	RESERVED
-CVE-2015-8773 (Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File ...)
+CVE-2015-8773
 	NOT-FOR-US: McAfee
-CVE-2015-8772 (McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total ...)
+CVE-2015-8772
 	NOT-FOR-US: McAfee
-CVE-2015-8779 (Stack-based buffer overflow in the catopen function in the GNU C ...)
+CVE-2015-8779
 	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-7 (bug #812455)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17905#c0
-CVE-2015-8778 (Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 ...)
+CVE-2015-8778
 	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-8 (bug #812441)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18240
-CVE-2015-8776 (The strftime function in the GNU C Library (aka glibc or libc6) before ...)
+CVE-2015-8776
 	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-7 (bug #812445)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18985
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d36c75fc0d44deec29635dd239b0fbd206ca49b7
-CVE-2015-8771 (The generate_smb_nt_hash function in include/functions.inc in GOsa ...)
+CVE-2015-8771
 	{DLA-562-1 DLA-408-1}
 	- gosa 2.7.4+reloaded2-6
 	[jessie] - gosa 2.7.4+reloaded2-1+deb8u2
 	NOTE: https://github.com/gosa-project/gosa-core/commit/a67a047cba2cdae8bccb0f0e2bc6d3eb45cfcbc8
-CVE-2015-8770 (Directory traversal vulnerability in the set_skin function in ...)
+CVE-2015-8770
 	{DSA-3541-1 DLA-392-1}
 	- roundcube 1.1.4+dfsg.1-1
 	NOTE: http://web.archive.org/web/20160329044421/http://roundcube.net/news/2015/12/26/updates-1.1.4-and-1.0.8-released
 	NOTE: https://github.com/roundcube/roundcubemail/commit/10e5192a2b1bc90ec137f5e69d0aa072c1210d6d
-CVE-2015-8769 (SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows ...)
+CVE-2015-8769
 	NOT-FOR-US: Joomla!
-CVE-2015-8768 (click/install.py in click does not require files in package filesystem ...)
+CVE-2015-8768
 	NOT-FOR-US: Click package manager
 	NOTE: http://www.ubuntu.com/usn/usn-2771-1/
-CVE-2015-8766 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-8766
 	NOT-FOR-US: Symphony CMS
-CVE-2015-8765 (Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, ...)
+CVE-2015-8765
 	NOT-FOR-US: McAfee
-CVE-2015-8761 (The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly ...)
+CVE-2015-8761
 	NOT-FOR-US: Values module for Drupal
-CVE-2015-8760 (The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote ...)
+CVE-2015-8760
 	NOT-FOR-US: Typo3
-CVE-2015-8759 (Cross-site scripting (XSS) vulnerability in the typoLink function in ...)
+CVE-2015-8759
 	NOT-FOR-US: Typo3
-CVE-2015-8758 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
+CVE-2015-8758
 	NOT-FOR-US: Typo3
-CVE-2015-8757 (Cross-site scripting (XSS) vulnerability in the Extension Manager in ...)
+CVE-2015-8757
 	NOT-FOR-US: Typo3
-CVE-2015-8756 (Cross-site scripting (XSS) vulnerability in the search result view in ...)
+CVE-2015-8756
 	NOT-FOR-US: Typo3
-CVE-2015-8755 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
+CVE-2015-8755
 	NOT-FOR-US: Typo3
-CVE-2015-8754 (The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote ...)
+CVE-2015-8754
 	NOT-FOR-US: Mollom module for Drupal
-CVE-2015-8753 (SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization ...)
+CVE-2015-8753
 	NOT-FOR-US: SAP Afaria
 CVE-2015-8752
 	REJECTED
-CVE-2015-8767 (net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not ...)
+CVE-2015-8767
 	{DSA-3448-1 DLA-412-1}
 	- linux 4.3.1-1
 	[wheezy] - linux 3.2.73-2+deb7u3
@@ -1709,13 +1709,13 @@ CVE-2015-XXXX [use after free / double free]
 	[squeeze] - lighttpd <not-affected> (Regression introduced in 1.4.36)
 	NOTE: http://redmine.lighttpd.net/issues/2700
 	NOTE: Introduced in 1.4.36: http://web.archive.org/web/20150906061055/http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2976
-CVE-2015-8764 (Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through ...)
+CVE-2015-8764
 	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
-CVE-2015-8763 (The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote ...)
+CVE-2015-8763
 	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
-CVE-2015-8762 (The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote ...)
+CVE-2015-8762
 	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
 CVE-2015-8751
@@ -1724,25 +1724,25 @@ CVE-2015-8751
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1294039
 	NOTE: In 1.900.1-5.1 this issue was fixed as part of the patch for CVE-2008-3520
 	NOTE: like other distribution did.
-CVE-2015-8750 (libdwarf 20151114 and earlier allows remote attackers to cause a ...)
+CVE-2015-8750
 	{DLA-669-1 DLA-388-1}
 	- dwarfutils 20160507-1 (bug #813182)
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1294264
 	NOTE: https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697
-CVE-2015-8749 (The volume_utils._parse_volume_info function in OpenStack Compute ...)
+CVE-2015-8749
 	- nova 2:13.0.0~rc3-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1516765
 	NOTE: Affects: >= 2014.2 <= 2015.1.2, ==12.0.0
-CVE-2015-8748 (Radicale before 1.1 allows remote authenticated users to bypass ...)
+CVE-2015-8748
 	{DSA-3462-1 DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
-CVE-2015-8747 (The multifilesystem storage backend in Radicale before 1.1 allows ...)
+CVE-2015-8747
 	{DSA-3462-1 DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
-CVE-2015-8746 (fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 ...)
+CVE-2015-8746
 	- linux 4.3.1-1
 	[jessie] - linux 3.16.7-ckt20-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -1751,12 +1751,12 @@ CVE-2015-8746 (fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.
 	NOTE: Fixed by: https://git.kernel.org/linus/18e3b739fdc826481c6a1335ce0c5b19b3d415da (v4.3-rc1)
 	NOTE: Fixed as well in v3.16.7-ckt18 (commit: 6a64d8c4c07c176abee384803f28fa1507963369)
 	NOTE: Introduced by: https://git.kernel.org/linus/ec011fe847347b40c60fdb5085f65227762e2e08 (v3.13-rc1)
-CVE-2015-8604 (SQL injection vulnerability in the host_new_graphs function in ...)
+CVE-2015-8604
 	{DSA-3494-1 DLA-386-1}
 	- cacti 0.8.8f+ds1-4
 	NOTE: http://bugs.cacti.net/view.php?id=2652
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/04/8
-CVE-2015-8742 (The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c ...)
+CVE-2015-8742
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1764,7 +1764,7 @@ CVE-2015-8742 (The dissect_CPMSetBindings function in epan/dissectors/packet-msw
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-60.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d
-CVE-2015-8741 (The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI ...)
+CVE-2015-8741
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1772,7 +1772,7 @@ CVE-2015-8741 (The dissect_ppi function in epan/dissectors/packet-ppi.c in the P
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-59.html
-CVE-2015-8740 (The dissect_tds7_colmetadata_token function in ...)
+CVE-2015-8740
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1780,7 +1780,7 @@ CVE-2015-8740 (The dissect_tds7_colmetadata_token function in ...)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e78093f69f1e95df919bbe644baa06c7e4e720c0
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11846
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-58.html
-CVE-2015-8739 (The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the ...)
+CVE-2015-8739
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1788,7 +1788,7 @@ CVE-2015-8739 (The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=96bf82ced0b58c7a4c2a6c300efeebe4f05c0ff4
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11831
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-57.html
-CVE-2015-8738 (The s7comm_decode_ud_cpu_szl_subfunc function in ...)
+CVE-2015-8738
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1796,7 +1796,7 @@ CVE-2015-8738 (The s7comm_decode_ud_cpu_szl_subfunc function in ...)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=858c3f0079f987833fb22eba2c361d1a88ba4103
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11823
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-56.html
-CVE-2015-8737 (The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in ...)
+CVE-2015-8737
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1804,7 +1804,7 @@ CVE-2015-8737 (The mp2t_open function in wiretap/mp2t.c in the MP2T file parser
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e3fc691368af60bbbaec9e038ee6a6d3b7707955
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11821
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-55.html
-CVE-2015-8736 (The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file ...)
+CVE-2015-8736
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1812,7 +1812,7 @@ CVE-2015-8736 (The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T fil
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=baa3eab78b422616a92ee38551c1b1510dca4ccb
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11820
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-54.html
-CVE-2015-8735 (The get_value function in epan/dissectors/packet-btatt.c in the ...)
+CVE-2015-8735
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1820,7 +1820,7 @@ CVE-2015-8735 (The get_value function in epan/dissectors/packet-btatt.c in the .
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83bad0215dae54e77d34f8b187900125f672366e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11817
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-53.html
-CVE-2015-8734 (The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP ...)
+CVE-2015-8734
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1828,7 +1828,7 @@ CVE-2015-8734 (The dissect_nwp function in epan/dissectors/packet-nwp.c in the N
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-52.html
-CVE-2015-8733 (The ngsniffer_process_record function in wiretap/ngsniffer.c in the ...)
+CVE-2015-8733
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1836,7 +1836,7 @@ CVE-2015-8733 (The ngsniffer_process_record function in wiretap/ngsniffer.c in t
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-51.html
-CVE-2015-8732 (The dissect_zcl_pwr_prof_pwrprofstatersp function in ...)
+CVE-2015-8732
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1845,7 +1845,7 @@ CVE-2015-8732 (The dissect_zcl_pwr_prof_pwrprofstatersp function in ...)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9352616ec9742f2ed3d2802d0c8c100d51ca410b
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11830
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-50.html
-CVE-2015-8731 (The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c ...)
+CVE-2015-8731
 	{DSA-3516-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -1853,7 +1853,7 @@ CVE-2015-8731 (The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rs
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11829
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-49.html
 	NOTE: fix released in 2.0.1 is incomplete, but the rest is tracked under CVE-2016-2530
-CVE-2015-8730 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark ...)
+CVE-2015-8730
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1861,14 +1861,14 @@ CVE-2015-8730 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d2644aef369af0667220b5bd69996915b29d753d
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11815
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-48.html
-CVE-2015-8729 (The ascend_seek function in wiretap/ascendtext.c in the Ascend file ...)
+CVE-2015-8729
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=338da1c0ea0b2f8595d3a7b6d6c9548f7da3e27b
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11794
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-47.html
-CVE-2015-8728 (The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in ...)
+CVE-2015-8728
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1876,14 +1876,14 @@ CVE-2015-8728 (The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=15edc8d714b11dcff3a04e5d00b8db9adfdb81ed
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11797
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-46.html
-CVE-2015-8727 (The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in ...)
+CVE-2015-8727
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56baca60271379cb97f6a4a6bf72eb526e8b52d0
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11793
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-45.html
-CVE-2015-8726 (wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before ...)
+CVE-2015-8726
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1893,7 +1893,7 @@ CVE-2015-8726 (wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x bef
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-44.html
-CVE-2015-8725 (The dissect_diameter_base_framed_ipv6_prefix function in ...)
+CVE-2015-8725
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1901,7 +1901,7 @@ CVE-2015-8725 (The dissect_diameter_base_framed_ipv6_prefix function in ...)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=aaa28a9d39158ca1033bbd3372cf423abbf4f202
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11792
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-43.html
-CVE-2015-8724 (The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c ...)
+CVE-2015-8724
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1910,7 +1910,7 @@ CVE-2015-8724 (The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdca
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-42.html
 	NOTE: Not suitable for code injection
-CVE-2015-8723 (The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the ...)
+CVE-2015-8723
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1918,7 +1918,7 @@ CVE-2015-8723 (The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in th
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-42.html
-CVE-2015-8722 (epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark ...)
+CVE-2015-8722
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1927,20 +1927,20 @@ CVE-2015-8722 (epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1b32d505a59475d51d9b2bed5f0869d2d154e8b6
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11767
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-41.html
-CVE-2015-8721 (Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c ...)
+CVE-2015-8721
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cec0593ae6c3bca65eff65741c2a10f3de3e0afe
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-40.html
-CVE-2015-8720 (The dissect_ber_GeneralizedTime function in ...)
+CVE-2015-8720
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-39.html
-CVE-2015-8719 (The dissect_dns_answer function in epan/dissectors/packet-dns.c in the ...)
+CVE-2015-8719
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1948,13 +1948,13 @@ CVE-2015-8719 (The dissect_dns_answer function in epan/dissectors/packet-dns.c i
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=30651ab18b42e666f57ea239e58f3ff3a5e9c4ad
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10988
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-38.html
-CVE-2015-8718 (Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM ...)
+CVE-2015-8718
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-37.html
-CVE-2015-8717 (The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP ...)
+CVE-2015-8717
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1962,14 +1962,14 @@ CVE-2015-8717 (The dissect_sdp function in epan/dissectors/packet-sdp.c in the S
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-36.html
-CVE-2015-8716 (The init_t38_info_conv function in epan/dissectors/packet-t38.c in the ...)
+CVE-2015-8716
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=eb6ccb1b0c4ad02b828652c3fe6e8d51c30a315e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-35.html
-CVE-2015-8715 (epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark ...)
+CVE-2015-8715
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1977,14 +1977,14 @@ CVE-2015-8715 (epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wire
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40caff2d1fb08262c84aaaa8ac584baa8866dd7c
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11607
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-34.html
-CVE-2015-8714 (The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in ...)
+CVE-2015-8714
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d34267d0503a67235bf259fd2f2f2d2bb8b18cf5
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11610
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-33.html
-CVE-2015-8713 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
+CVE-2015-8713
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1992,7 +1992,7 @@ CVE-2015-8713 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wire
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=67b6d4f7e6f2117b40957fd51518aa2a3e659002
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11606
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-32.html
-CVE-2015-8712 (The dissect_hsdsch_channel_info function in ...)
+CVE-2015-8712
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -2000,7 +2000,7 @@ CVE-2015-8712 (The dissect_hsdsch_channel_info function in ...)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ae329a47b7f0ac94089c23e79c6b8bc18ba80ea
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-32.html
-CVE-2015-8711 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark ...)
+CVE-2015-8711
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -2012,9 +2012,9 @@ CVE-2015-8711 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-31.html
-CVE-2015-8707 (Password reset tokens in Magento CE before 1.9.2.2, and Magento EE ...)
+CVE-2015-8707
 	NOT-FOR-US: Magento
-CVE-2015-8744 (QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...)
+CVE-2015-8744
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -2022,7 +2022,7 @@ CVE-2015-8744 (QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a7278b36fcab9af469563bd7b9dadebe2ae25e48 (v2.5.0-rc0)
 	NOTE: VMXNET3 device implementation introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=786fd2b0f87baded8c9e55307b99719eea3e016e (v1.5.0-rc0)
-CVE-2015-8745 (QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...)
+CVE-2015-8745
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -2030,7 +2030,7 @@ CVE-2015-8745 (QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=c6048f849c7e3f009786df76206e895a69de032c (v2.5.0-rc0)
 	NOTE: VMXNET3 device implementation introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=786fd2b0f87baded8c9e55307b99719eea3e016e (v1.5.0-rc0)
-CVE-2015-8743 (QEMU (aka Quick Emulator) built with the NE2000 device emulation ...)
+CVE-2015-8743
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-2 (bug #810519)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
@@ -2042,21 +2042,21 @@ CVE-2015-8743 (QEMU (aka Quick Emulator) built with the NE2000 device emulation
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/04/1
 CVE-2015-8706
 	RESERVED
-CVE-2015-8705 (buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug ...)
+CVE-2015-8705
 	- bind9 <not-affected> (Only affects 9.10.0->9.10.3-P2)
 	NOTE: https://kb.isc.org/article/AA-01336
-CVE-2015-8704 (apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before ...)
+CVE-2015-8704
 	{DSA-3449-1 DLA-396-1}
 	- bind9 1:9.10.3.dfsg.P4-6 (bug #812077)
 	NOTE: https://kb.isc.org/article/AA-01335
-CVE-2015-8703 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 ...)
+CVE-2015-8703
 	NOT-FOR-US: ZTE router
-CVE-2015-8702 (The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 ...)
+CVE-2015-8702
 	{DSA-3527-1 DLA-384-1}
 	- inspircd 2.0.20-1
 	NOTE: https://github.com/inspircd/inspircd/commit/6058483d9fbc1b904d5ae7cfea47bfcde5c5b559
 	NOTE: http://www.inspircd.org/2015/04/16/v2019-released.html
-CVE-2015-8701 (QEMU (aka Quick Emulator) built with the Rocker switch emulation ...)
+CVE-2015-8701
 	- qemu 1:2.5+dfsg-3 (bug #809313)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after qemu 2.3)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after qemu 2.3)
@@ -2065,9 +2065,9 @@ CVE-2015-8701 (QEMU (aka Quick Emulator) built with the Rocker switch emulation
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/28/6
 CVE-2015-8700
 	RESERVED
-CVE-2015-8699 (Multiple cross-site scripting (XSS) vulnerabilities in CA Release ...)
+CVE-2015-8699
 	NOT-FOR-US: CA Release Automation
-CVE-2015-8698 (CA Release Automation (formerly LISA Release Automation) 5.0.2 before ...)
+CVE-2015-8698
 	NOT-FOR-US: CA Release Automation
 CVE-2015-8696
 	RESERVED
@@ -2085,151 +2085,151 @@ CVE-2015-8690
 	RESERVED
 CVE-2015-8689
 	RESERVED
-CVE-2015-8688 (Gajim before 0.16.5 allows remote attackers to modify the roster and ...)
+CVE-2015-8688
 	{DSA-3492-1 DLA-413-1}
 	- gajim 0.16.5-0.1 (bug #809900)
 	NOTE: http://gultsch.de/gajim_roster_push_and_message_interception.html
 	NOTE: https://trac.gajim.org/changeset/af78b7c068904d78c5dfb802826aae99f26a8947/
-CVE-2015-8687 (Multiple cross-site scripting (XSS) vulnerabilities in the Management ...)
+CVE-2015-8687
 	NOT-FOR-US: Alcatel
 CVE-2015-8686
 	RESERVED
-CVE-2015-8685 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
+CVE-2015-8685
 	- dolibarr 3.5.8+dfsg1-1 (bug #812449)
 	[jessie] - dolibarr 3.5.5+dfsg1-1+deb8u1
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/4291
 	NOTE: https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8
-CVE-2015-8684 (Exponent CMS before 2.3.7 does not properly restrict the types of ...)
+CVE-2015-8684
 	NOT-FOR-US: Exponent CMS
-CVE-2015-8682 (The Video0 driver in Huawei P8 smartphones with software GRA-UL00 ...)
+CVE-2015-8682
 	NOT-FOR-US: Huawei
-CVE-2015-8681 (The ovisp driver in Huawei P8 smartphones with software GRA-TL00 ...)
+CVE-2015-8681
 	NOT-FOR-US: Huawei
-CVE-2015-8680 (The Graphics driver in Huawei P8 smartphones with software GRA-TL00 ...)
+CVE-2015-8680
 	NOT-FOR-US: Huawei
-CVE-2015-8679 (The Maxim_smartpa_dev driver in Huawei P8 smartphones with software ...)
+CVE-2015-8679
 	NOT-FOR-US: Huawei
-CVE-2015-8678 (The ION driver in Huawei P8 smartphones with software GRA-TL00 before ...)
+CVE-2015-8678
 	NOT-FOR-US: ION driver in Huawei P8 smartphones
-CVE-2015-8677 (Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus ...)
+CVE-2015-8677
 	NOT-FOR-US: Huawei
-CVE-2015-8676 (Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and ...)
+CVE-2015-8676
 	NOT-FOR-US: Huawei
-CVE-2015-8675 (Huawei S5300 Campus Series switches with software before ...)
+CVE-2015-8675
 	NOT-FOR-US: Huawei
 CVE-2015-8674
 	REJECTED
-CVE-2015-8673 (Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing ...)
+CVE-2015-8673
 	NOT-FOR-US: Huawei
-CVE-2015-8672 (The presentation transmission permission management mechanism in Huawei ...)
+CVE-2015-8672
 	NOT-FOR-US: Huawei
-CVE-2015-8671 (Huawei LogCenter V100R001C10 could allow an authenticated attacker to ...)
+CVE-2015-8671
 	NOT-FOR-US: Huawei
-CVE-2015-8670 (Huawei LogCenter V100R001C10 could allow an authenticated attacker to ...)
+CVE-2015-8670
 	NOT-FOR-US: Huawei
-CVE-2015-8667 (Cross-site scripting (XSS) vulnerability in Reset Your Password module ...)
+CVE-2015-8667
 	NOT-FOR-US: Exponent CMS
-CVE-2015-8664 (Integer overflow in the WebCursor::Deserialize function in ...)
+CVE-2015-8664
 	- chromium-browser 47.0.2526.111-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8663 (The ff_get_buffer function in libavcodec/utils.c in FFmpeg before ...)
+CVE-2015-8663
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=abee0a1c60612e8638640a8a3738fffb65e16dbf
 	NOTE: For libav in jessie the patch needs to applied in libavcodec/decode.c in line 1884.
-CVE-2015-8662 (The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg ...)
+CVE-2015-8662
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5
-CVE-2015-8661 (The h264_slice_header_init function in libavcodec/h264_slice.c in ...)
+CVE-2015-8661
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.3-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5
-CVE-2015-8658 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8658
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8657 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8657
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8656 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8656
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8655 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8655
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8654 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8654
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8653 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8653
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8652 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8652
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8651 (Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and ...)
+CVE-2015-8651
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8650 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8650
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8649 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8649
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8648 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8648
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8647 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8647
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8646 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8646
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8645 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before ...)
+CVE-2015-8645
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8644 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before ...)
+CVE-2015-8644
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8643 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8643
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8642 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8642
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8641 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8641
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8640 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8640
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8639 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8639
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8638 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8638
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8637
 	REJECTED
-CVE-2015-8636 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before ...)
+CVE-2015-8636
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8635 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8635
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8634 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 ...)
+CVE-2015-8634
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8633
 	RESERVED
 CVE-2015-8632
 	RESERVED
-CVE-2015-8631 (Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in ...)
+CVE-2015-8631
 	{DSA-3466-1 DLA-423-1}
 	- krb5 1.13.2+dfsg-5 (bug #813126)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2
-CVE-2015-8630 (The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal ...)
+CVE-2015-8630
 	- krb5 1.13.2+dfsg-5 (bug #813127)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u2
 	[wheezy] - krb5 <not-affected> (Vulnerability introduced in 1.12)
 	[squeeze] - krb5 <not-affected> (Vulnerability introduced in 1.12)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b
 	NOTE: Introduced by: https://github.com/krb5/krb5/commit/0780e46fc13dbafa177525164997cd204cc50b51 (krb5-1.12-alpha1)
-CVE-2015-8629 (The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in ...)
+CVE-2015-8629
 	{DSA-3466-1 DLA-423-1}
 	- krb5 1.13.2+dfsg-5 (bug #813296)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb
-CVE-2015-8620 (Heap-based buffer overflow in the Avast virtualization driver ...)
+CVE-2015-8620
 	NOT-FOR-US: Avast
-CVE-2015-8669 (libraries/config/messages.inc.php in phpMyAdmin 4.0.x before ...)
+CVE-2015-8669
 	- phpmyadmin 4:4.5.3.1-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2015-6/
 	NOTE: non-issue for Debian-packaged version
-CVE-2015-8668 (Heap-based buffer overflow in the PackBitsPreEncode function in ...)
+CVE-2015-8668
 	{DLA-693-1}
 	[jessie] - tiff 4.0.3-12.3+deb8u2
 	- tiff 4.0.6-3 (bug #842046)
@@ -2242,19 +2242,19 @@ CVE-2015-8668 (Heap-based buffer overflow in the PackBitsPreEncode function in .
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2563#c4
 	NOTE: Reproducer file here: http://bugzilla.maptools.org/attachment.cgi?id=677
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2015-8683 (The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 ...)
+CVE-2015-8683
 	{DSA-3467-1 DLA-610-1 DLA-402-1}
 	- tiff 4.0.6-1 (bug #809021)
 	- tiff3 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/25/1
 	NOTE: https://github.com/vadz/libtiff/commit/f94a29a822f5528d2334592760fbb7938f15eb55
-CVE-2015-8665 (tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a ...)
+CVE-2015-8665
 	{DSA-3467-1 DLA-610-1 DLA-402-1}
 	- tiff 4.0.6-1 (bug #808968)
 	- tiff3 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/24/2
 	NOTE: https://github.com/vadz/libtiff/commit/f94a29a822f5528d2334592760fbb7938f15eb55
-CVE-2015-8666 (Heap-based buffer overflow in QEMU, when built with the ...)
+CVE-2015-8666
 	{DLA-1497-1}
 	- qemu 1:2.5+dfsg-1
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -2266,7 +2266,7 @@ CVE-2015-8666 (Heap-based buffer overflow in QEMU, when built with the ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283722
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/24/1
 	NOTE: Vulnerable code introduced after 0.14.50: http://git.qemu.org/?p=qemu.git;a=commit;h=23910d3f669d46073b403876e30a7314599633af
-CVE-2015-8660 (The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel ...)
+CVE-2015-8660
 	- linux 4.3.3-3
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -2274,70 +2274,70 @@ CVE-2015-8660 (The ovl_setattr function in fs/overlayfs/inode.c in the Linux ker
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=acff81ec2c79492b180fade3c2894425cd35a545 (v4.4-rc4)
 	NOTE: OverlayFS introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/23/5
-CVE-2015-8659 (The idle stream handling in nghttp2 before 1.6.0 allows attackers to ...)
+CVE-2015-8659
 	- nghttp2 1.6.0-1
 	[jessie] - nghttp2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/
 	NOTE: Fixed by: https://github.com/tatsuhiro-t/nghttp2/commit/f8c30d022982d089fb90543c0cd5628b161d065d
 	NOTE: Introduced at least after: https://github.com/tatsuhiro-t/nghttp2/commit/b2fb888363c08e98aae0638db62cdf7d164ea1d1
-CVE-2015-8628 (The (1) Special:MyPage, (2) Special:MyTalk, (3) ...)
+CVE-2015-8628
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T109724
-CVE-2015-8627 (MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, ...)
+CVE-2015-8627
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T97897
-CVE-2015-8626 (The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x ...)
+CVE-2015-8626
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T115522
-CVE-2015-8625 (MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, ...)
+CVE-2015-8625
 	- mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://phabricator.wikimedia.org/T118032
-CVE-2015-8624 (The User::matchEditToken function in includes/User.php in MediaWiki ...)
+CVE-2015-8624
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T119309
-CVE-2015-8623 (The User::matchEditToken function in includes/User.php in MediaWiki ...)
+CVE-2015-8623
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
-CVE-2015-8622 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, ...)
+CVE-2015-8622
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T117899
-CVE-2015-8621 (t-coffee before 11.00.8cbe486-2 allows local users to write to ...)
+CVE-2015-8621
 	- t-coffee 11.00.8cbe486-2 (low; bug #751579)
 	[jessie] - t-coffee <no-dsa> (Minor issue)
 	[wheezy] - t-coffee <no-dsa> (Minor issue)
 	[squeeze] - t-coffee <not-affected> (version in Squeeze uses system() and umask is handled correctly by sh (as opposed to later versions that use mkdir()))
-CVE-2015-8617 (Format string vulnerability in the zend_throw_or_error function in ...)
+CVE-2015-8617
 	- php7.0 7.0.1-1
 	NOTE: https://bugs.php.net/bug.php?id=71105
 	NOTE: https://github.com/php/php-src/commit/b101a6bbd4f2181c360bd38e7683df4a03cba83e (php-7.0.2RC1)
-CVE-2015-8616 (Use-after-free vulnerability in the Collator::sortWithSortKeys ...)
+CVE-2015-8616
 	- php7.0 7.0.1-1
 	NOTE: https://bugs.php.net/bug.php?id=71020
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/22/4
-CVE-2015-8697 (stalin 0.11-5 allows local users to write to arbitrary files. ...)
+CVE-2015-8697
 	- stalin <unfixed> (unimportant; bug #808730)
 	[squeeze] - stalin <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/27/1
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-8708 (Stack-based buffer overflow in the conv_euctojis function in ...)
+CVE-2015-8708
 	- claws-mail 3.13.1-1.1 (bug #811048)
 	[jessie] - claws-mail <not-affected> (Incomplete fix for CVE-2015-8614 not applied)
 	[wheezy] - claws-mail <not-affected> (Incomplete fix for CVE-2015-8614 not applied)
 	[squeeze] - claws-mail <not-affected> (Incomplete fix for CVE-2015-8614 not applied; instead all fixed included in DLA-383-1)
 	- macopix <not-affected> (Incomplete fix not applied)
-CVE-2015-8614 (Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) ...)
+CVE-2015-8614
 	{DSA-3452-1 DLA-383-1}
 	- claws-mail 3.13.1-1
 	- macopix 1.7.4-6
@@ -2350,9 +2350,9 @@ CVE-2015-8614 (Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (
 	NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557
 	NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3584
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=569010
-CVE-2015-8611 (BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and ...)
+CVE-2015-8611
 	NOT-FOR-US: BIG-IP
-CVE-2015-8613 (Stack-based buffer overflow in the megasas_ctrl_get_info function in ...)
+CVE-2015-8613
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-3 (bug #809232)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2362,21 +2362,21 @@ CVE-2015-8613 (Stack-based buffer overflow in the megasas_ctrl_get_info function
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1284008
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/21/7
 	NOTE: LSI Megaraid SAS HBA emulation introduced in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
-CVE-2015-8618 (The Int.Exp Montgomery code in the math/big library in Go 1.5.x before ...)
+CVE-2015-8618
 	- golang 2:1.5.3-1 (bug #809168)
 	[jessie] - golang <not-affected> (Introduced in 1.5 release)
 	[wheezy] - golang <not-affected> (Introduced in 1.5 release)
 	NOTE: https://go-review.googlesource.com/#/c/17672/
 	NOTE: Introduced in 1.5 release. Fixed in 1.5.3 upstream.
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/21/6
-CVE-2015-8615 (The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 ...)
+CVE-2015-8615
 	{DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[jessie] - xen <not-affected> (Only affects 4.6)
 	[wheezy] - xen <not-affected> (Only affects 4.6)
 	[squeeze] - xen <not-affected> (Only affects 4.6)
 	NOTE: http://xenbits.xen.org/xsa/advisory-169.html
-CVE-2015-8619 (The Human Monitor Interface support in QEMU allows remote attackers to ...)
+CVE-2015-8619
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-5 (bug #809237)
 	[wheezy] - qemu <not-affected> (Issue introduced afer 1.2)
@@ -2390,10 +2390,10 @@ CVE-2015-8610
 	RESERVED
 CVE-2015-8609
 	RESERVED
-CVE-2015-8608 (The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow ...)
+CVE-2015-8608
 	- perl <not-affected> (Only affects Perl on Windows)
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=126755
-CVE-2015-8607 (The canonpath function in the File::Spec module in PathTools before ...)
+CVE-2015-8607
 	{DSA-3441-1}
 	- perl 5.22.1-4 (bug #810719)
 	[wheezy] - perl <not-affected> (Introduced in 5.20.0)
@@ -2403,44 +2403,44 @@ CVE-2015-8607 (The canonpath function in the File::Spec module in PathTools befo
 	[squeeze] - libfile-spec-perl <not-affected> (Introduced in 3.47)
 	NOTE: http://perl5.git.perl.org/perl.git/commit/130509aa42a87eef258fab0182ee2c7ad16baa8b
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=126862
-CVE-2015-8606 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
+CVE-2015-8606
 	NOT-FOR-US: SilverStripe
-CVE-2015-8605 (ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 ...)
+CVE-2015-8605
 	{DSA-3442-1 DLA-385-2 DLA-385-1}
 	- isc-dhcp 4.3.3-7 (bug #810875)
 	NOTE: https://kb.isc.org/article/AA-01334
-CVE-2015-8603 (Cross-site scripting (XSS) vulnerability in Serendipity before 2.0.3 ...)
+CVE-2015-8603
 	- serendipity <removed>
-CVE-2015-8602 (The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does ...)
+CVE-2015-8602
 	NOT-FOR-US: Token Insert Entity module for Drupal
-CVE-2015-8601 (The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not ...)
+CVE-2015-8601
 	NOT-FOR-US: Chat Room module for Drupal
-CVE-2015-8600 (The SysAdminWebTool servlets in SAP Mobile Platform allow remote ...)
+CVE-2015-8600
 	NOT-FOR-US: SAP
 CVE-2015-8599
 	RESERVED
 CVE-2015-8598
 	RESERVED
-CVE-2015-8597 (Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 ...)
+CVE-2015-8597
 	NOT-FOR-US: Blue Coat
-CVE-2015-8596 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-8596
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8595 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-8595
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8594 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-8594
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8593 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-8593
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8592 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-8592
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8612 (The EnableNetwork method in the Network class in ...)
+CVE-2015-8612
 	{DSA-3427-1}
 	- blueman 2.0.3-1
 	[squeeze] - blueman <not-affected> (vulnerable code not present)
 	NOTE: https://twitter.com/thegrugq/status/677809527882813440
 	NOTE: https://github.com/blueman-project/blueman/commit/a3845bbed5fdddf14daec436b7e74f62719a71c1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/18/6
-CVE-2015-8709 (** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 ...)
+CVE-2015-8709
 	- linux 4.3.3-3
 	[jessie] - linux 3.16.7-ckt20-1+deb8u2
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -2469,13 +2469,13 @@ CVE-2015-8582
 	REJECTED
 CVE-2015-8581
 	REJECTED
-CVE-2015-8580 (Multiple use-after-free vulnerabilities in the (1) Print method and ...)
+CVE-2015-8580
 	NOT-FOR-US: Foxit
-CVE-2015-8579 (Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, ...)
+CVE-2015-8579
 	NOT-FOR-US: Kaspersky
-CVE-2015-8578 (AVG Internet Security 2015 allocates memory with Read, Write, Execute ...)
+CVE-2015-8578
 	NOT-FOR-US: AVG
-CVE-2015-8577 (The Buffer Overflow Protection (BOP) feature in McAfee VirusScan ...)
+CVE-2015-8577
 	NOT-FOR-US: McAfee
 CVE-2015-8576
 	REJECTED
@@ -2489,40 +2489,40 @@ CVE-2015-XXXX [XSA-166: ioreq handling possibly susceptible to multiple read iss
 	[wheezy] - xen 4.1.6.lts1-1
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-166.html
-CVE-2015-8572 (Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 ...)
+CVE-2015-8572
 	NOT-FOR-US: Autodesk
-CVE-2015-8571 (Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 ...)
+CVE-2015-8571
 	NOT-FOR-US: Autodesk
-CVE-2015-8570 (The password reset functionality in Lepide Active Directory Self ...)
+CVE-2015-8570
 	NOT-FOR-US: Lepide
-CVE-2015-8575 (The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel ...)
+CVE-2015-8575
 	{DSA-3434-1 DLA-378-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4 (v4.4-rc6)
-CVE-2015-8566 (The Session package 1.x before 1.3.1 for Joomla! Framework allows ...)
+CVE-2015-8566
 	NOT-FOR-US: Session package for Joomla
-CVE-2015-8565 (Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and ...)
+CVE-2015-8565
 	NOT-FOR-US: Joomla!
-CVE-2015-8564 (Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows ...)
+CVE-2015-8564
 	NOT-FOR-US: Joomla!
-CVE-2015-8563 (Cross-site request forgery (CSRF) vulnerability in the com_templates ...)
+CVE-2015-8563
 	NOT-FOR-US: Joomla!
-CVE-2015-8562 (Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to ...)
+CVE-2015-8562
 	NOT-FOR-US: Joomla!
-CVE-2015-8561 (The F1BookView ActiveX control in F1 Bookview in Schneider Electric ...)
+CVE-2015-8561
 	NOT-FOR-US: F1BookView
-CVE-2015-8555 (Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU ...)
+CVE-2015-8555
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-165.html
-CVE-2015-8554 (Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using ...)
+CVE-2015-8554
 	{DLA-479-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-164.html
-CVE-2015-8553 (Xen allows guest OS users to obtain sensitive information from ...)
+CVE-2015-8553
 	- linux <unfixed>
 	[stretch] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
 	[jessie] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
@@ -2535,7 +2535,7 @@ CVE-2015-8553 (Xen allows guest OS users to obtain sensitive information from ..
 	NOTE: http://xenbits.xen.org/xsa/advisory-120.html
 	NOTE: Patch is discussed in http://thread.gmane.org/gmane.comp.emulators.xen.devel/140440/focus=140441
 	NOTE: and http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1924088
-CVE-2015-8552 (The PCI backend driver in Xen, when running on an x86 system and using ...)
+CVE-2015-8552
 	{DSA-3434-1}
 	[experimental] - linux 4.4~rc6-1~exp1
 	- linux 4.3.3-3
@@ -2547,7 +2547,7 @@ CVE-2015-8552 (The PCI backend driver in Xen, when running on an x86 system and
 	NOTE: https://git.kernel.org/linus/a396f3a210c3a61e94d6b87ec05a75d0be2a60d0
 	NOTE: https://git.kernel.org/linus/7cfb905b9638982862f0331b36ccaaca5d383b49
 	NOTE: https://git.kernel.org/linus/408fb0e5aa7fda0059db282ff58c3b2a4278baa0
-CVE-2015-8551 (The PCI backend driver in Xen, when running on an x86 system and using ...)
+CVE-2015-8551
 	{DSA-3434-1}
 	[experimental] - linux 4.4~rc6-1~exp1
 	- linux 4.3.3-3
@@ -2559,7 +2559,7 @@ CVE-2015-8551 (The PCI backend driver in Xen, when running on an x86 system and
 	NOTE: https://git.kernel.org/linus/a396f3a210c3a61e94d6b87ec05a75d0be2a60d0
 	NOTE: https://git.kernel.org/linus/7cfb905b9638982862f0331b36ccaaca5d383b49
 	NOTE: https://git.kernel.org/linus/408fb0e5aa7fda0059db282ff58c3b2a4278baa0
-CVE-2015-8550 (Xen, when used on a system providing PV backends, allows local guest ...)
+CVE-2015-8550
 	{DSA-3519-1 DSA-3471-1 DSA-3434-1 DLA-479-1}
 	[experimental] - linux 4.4~rc6-1~exp1
 	- linux 4.3.3-3
@@ -2583,7 +2583,7 @@ CVE-2015-8550 (Xen, when used on a system providing PV backends, allows local gu
 	NOTE: https://git.kernel.org/linus/8135cf8b092723dbfcc611fe6fdcb3a36c9951c5
 CVE-2015-8549
 	RESERVED
-CVE-2015-8569 (The (1) pptp_bind and (2) pptp_connect functions in ...)
+CVE-2015-8569
 	{DSA-3434-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
@@ -2592,7 +2592,7 @@ CVE-2015-8569 (The (1) pptp_bind and (2) pptp_connect functions in ...)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1 (v4.4-rc6)
 	NOTE: pptp_{connect,bind} introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=00959ade36acadc00e757f87060bf6e4501d545f (v2.6.37-rc1)
 	NOTE: https://lkml.org/lkml/2015/12/14/252
-CVE-2015-8568 (Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC ...)
+CVE-2015-8568
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-3 (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2600,7 +2600,7 @@ CVE-2015-8568 (Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
-CVE-2015-8567 (Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause ...)
+CVE-2015-8567
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-3 (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2608,7 +2608,7 @@ CVE-2015-8567 (Memory leak in net/vmxnet3.c in QEMU allows remote attackers to c
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
-CVE-2015-8559 (The knife bootstrap command in chef leaks the validator.pem private ...)
+CVE-2015-8559
 	- chef <unfixed> (bug #809670)
 	[stretch] - chef <ignored> (Minor issue; workaround using validatorless bootstrapping)
 	[jessie] - chef <ignored> (Minor issue; workaround using validatorless bootstrapping)
@@ -2616,7 +2616,7 @@ CVE-2015-8559 (The knife bootstrap command in chef leaks the validator.pem priva
 	NOTE: https://github.com/chef/chef/issues/3871
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/10
 	NOTE: Workaround: use validatorless bootstrapping
-CVE-2015-8558 (The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows ...)
+CVE-2015-8558
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-2 (bug #808144)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -2624,13 +2624,13 @@ CVE-2015-8558 (The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=156a2e4dbffa85997636a7a39ef12da6f1b40254
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/9
-CVE-2015-8557 (The FontManager._get_nix_font_path function in formatters/img.py in ...)
+CVE-2015-8557
 	{DSA-3445-1 DLA-369-1}
 	- pygments 2.0.1+dfsg-2 (bug #802828)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1276321
 	NOTE: https://bitbucket.org/birkenfeld/pygments-main/commits/0036ab1c99e256298094505e5e92f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/6
-CVE-2015-8548 (Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as ...)
+CVE-2015-8548
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -2639,14 +2639,14 @@ CVE-2015-8546
 	RESERVED
 CVE-2015-8545
 	RESERVED
-CVE-2015-8544 (NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before ...)
+CVE-2015-8544
 	NOT-FOR-US: NetApp
-CVE-2015-8542 (An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The ...)
+CVE-2015-8542
 	NOT-FOR-US: Open-Xchange
-CVE-2015-8556 (Local privilege escalation vulnerability in the Gentoo QEMU package ...)
+CVE-2015-8556
 	- qemu <not-affected> (Issue specific to virtfs-proxy-helper in Gentoo installed suid)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/5
-CVE-2015-8785 (The fuse_fill_write_pages function in fs/fuse/file.c in the Linux ...)
+CVE-2015-8785
 	{DSA-3503-1 DLA-412-1}
 	- linux 4.3.5-1
 	- linux-2.6 <removed>
@@ -2660,21 +2660,21 @@ CVE-2015-XXXX [remotely triggerable crash]
 	[wheezy] - ruby-eventmachine 0.12.10-3+deb7u1
 	NOTE: Workaround entry for DLA-549-1 until CVE assigned
 	NOTE: https://github.com/eventmachine/eventmachine/issues/501#issuecomment-37307556
-CVE-2015-8560 (Incomplete blacklist vulnerability in util.c in foomatic-rip in ...)
+CVE-2015-8560
 	{DSA-3429-1 DSA-3419-1 DLA-371-1}
 	- cups-filters 1.4.0-1 (bug #807930)
 	[wheezy] - cups-filters <not-affected> (Vulnerable code not present; introduced in 1.0.42)
 	- foomatic-filters 4.0.17-7 (bug #807993)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/13/2
-CVE-2015-9097 (The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is ...)
+CVE-2015-9097
 	{DLA-489-1}
 	- ruby-mail 2.6.1+dfsg1-1
 	NOTE: https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/12/11/3
 	NOTE: Fixed in 2.6.0
 	NOTE: "Note that, this patch might not be complete ..." https://bugzilla.redhat.com/show_bug.cgi?id=1293598
-CVE-2015-8547 (The CoreUserInputHandler::doMode function in ...)
+CVE-2015-8547
 	- quassel 1:0.12.2-3 (bug #807801)
 	[jessie] - quassel 1:0.10.0-2.3+deb8u2
 	[wheezy] - quassel <not-affected> (Vulnerable code not present)
@@ -2691,14 +2691,14 @@ CVE-2015-8535
 	RESERVED
 CVE-2015-8534
 	RESERVED
-CVE-2015-8540 (Integer underflow in the png_check_keyword function in pngwutil.c in ...)
+CVE-2015-8540
 	{DSA-3443-1 DLA-375-1}
 	- libpng <removed> (bug #807694)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/10/6
 	NOTE: https://sourceforge.net/p/libpng/bugs/244/
 	NOTE: http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/
 	NOTE: Fixed in 1.0.66, 1.2.56, 1.4.19, and 1.5.26
-CVE-2015-8543 (The networking implementation in the Linux kernel through 4.3.3, as ...)
+CVE-2015-8543
 	{DLA-378-1}
 	- linux 4.3.3-1
 	[jessie] - linux 3.16.7-ckt20-1+deb8u1
@@ -2706,14 +2706,14 @@ CVE-2015-8543 (The networking implementation in the Linux kernel through 4.3.3,
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/09/3
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9 (v4.4-rc6)
-CVE-2015-8539 (The KEYS subsystem in the Linux kernel before 4.4 allows local users ...)
+CVE-2015-8539
 	- linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc (v4.4-rc1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1284450
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/09/1
-CVE-2015-8538 (dwarf_leb.c in libdwarf allows attackers to cause a denial of service ...)
+CVE-2015-8538
 	{DLA-669-1}
 	- dwarfutils 20160507-1 (bug #807817)
 	[jessie] - dwarfutils 20120410-2+deb8u1
@@ -2725,9 +2725,9 @@ CVE-2015-8533
 	REJECTED
 CVE-2015-8532
 	REJECTED
-CVE-2015-8531 (Cross-site scripting (XSS) vulnerability in IBM Security Access ...)
+CVE-2015-8531
 	NOT-FOR-US: IBM
-CVE-2015-8530 (Stack-based buffer overflow in the Initialize function in an ActiveX ...)
+CVE-2015-8530
 	NOT-FOR-US: IBM
 CVE-2015-8529
 	RESERVED
@@ -2739,17 +2739,17 @@ CVE-2015-8526
 	REJECTED
 CVE-2015-8525
 	REJECTED
-CVE-2015-8524 (Cross-site scripting (XSS) vulnerability in Process Portal in IBM ...)
+CVE-2015-8524
 	NOT-FOR-US: IBM
-CVE-2015-8523 (The server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before ...)
+CVE-2015-8523
 	NOT-FOR-US: IBM
-CVE-2015-8522 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...)
+CVE-2015-8522
 	NOT-FOR-US: IBM
-CVE-2015-8521 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...)
+CVE-2015-8521
 	NOT-FOR-US: IBM
-CVE-2015-8520 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...)
+CVE-2015-8520
 	NOT-FOR-US: IBM
-CVE-2015-8519 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...)
+CVE-2015-8519
 	NOT-FOR-US: IBM
 CVE-2015-8518
 	RESERVED
@@ -2763,21 +2763,21 @@ CVE-2015-8514
 	REJECTED
 CVE-2015-8513
 	REJECTED
-CVE-2015-8512 (The lockscreen feature in Mozilla Firefox OS before 2.5 does not ...)
+CVE-2015-8512
 	NOT-FOR-US: Firefox OS
-CVE-2015-8511 (Race condition in the lockscreen feature in Mozilla Firefox OS before ...)
+CVE-2015-8511
 	NOT-FOR-US: Firefox OS
-CVE-2015-8510 (Cross-site scripting (XSS) vulnerability in the internationalization ...)
+CVE-2015-8510
 	NOT-FOR-US: Firefox OS
-CVE-2015-8509 (Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and ...)
+CVE-2015-8509
 	- bugzilla4 <itp> (bug #669643)
-CVE-2015-8508 (Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in ...)
+CVE-2015-8508
 	- bugzilla4 <itp> (bug #669643)
-CVE-2015-8507 (mediaserver in Android 6.0 before 2015-12-01 allows remote attackers ...)
+CVE-2015-8507
 	- android <itp> (bug #459219)
-CVE-2015-8506 (mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
+CVE-2015-8506
 	- android <itp> (bug #459219)
-CVE-2015-8505 (mediaserver in Android before 5.1.1 LMY48Z allows remote attackers to ...)
+CVE-2015-8505
 	- android <itp> (bug #459219)
 CVE-2015-8503
 	RESERVED
@@ -2807,25 +2807,25 @@ CVE-2015-8491
 	REJECTED
 CVE-2015-8490
 	REJECTED
-CVE-2015-8489 (customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote ...)
+CVE-2015-8489
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8488 (Cybozu Office 10.3.0 allows remote attackers to read image files via a ...)
+CVE-2015-8488
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8487 (Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover ...)
+CVE-2015-8487
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8486 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users ...)
+CVE-2015-8486
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8485 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users ...)
+CVE-2015-8485
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8484 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users ...)
+CVE-2015-8484
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8483 (Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 ...)
+CVE-2015-8483
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8482 (Blue Coat Unified Agent before 4.6.2 does not prevent modification of ...)
+CVE-2015-8482
 	NOT-FOR-US: Blue Coat Unified Agent
-CVE-2015-8481 (Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA ...)
+CVE-2015-8481
 	NOT-FOR-US: Atlassian
-CVE-2015-8504 (Qemu, when built with VNC display driver support, allows remote ...)
+CVE-2015-8504
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #808130)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -2834,15 +2834,15 @@ CVE-2015-8504 (Qemu, when built with VNC display driver support, allows remote .
 	NOTE: Fixed by http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4c65fed8bdf96780735dbdb92a8bd0d6b6526cc3 (v2.5.0-rc3)
 	NOTE: Issue possibly introduced after http://git.qemu.org/?p=qemu.git;a=commitdiff;h=6cec5487990bf3f1f22b3fcb871978255e92ae0d (v0.10.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/08/4
-CVE-2015-8480 (The VideoFramePool::PoolImpl::CreateFrame function in ...)
+CVE-2015-8480
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8479 (Use-after-free vulnerability in the ...)
+CVE-2015-8479
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8478 (Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as ...)
+CVE-2015-8478
 	- chromium-browser 47.0.2526-73-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
@@ -2853,25 +2853,25 @@ CVE-2015-8475
 CVE-2015-8471
 	RESERVED
 	NOT-FOR-US: ATutor
-CVE-2015-8470 (The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not ...)
+CVE-2015-8470
 	NOT-FOR-US: Puppet Enterprise
 CVE-2015-8469
 	RESERVED
 CVE-2015-8468
 	RESERVED
-CVE-2015-8467 (The samldb_check_user_account_control_acl function in ...)
+CVE-2015-8467
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	NOTE: https://www.samba.org/samba/security/CVE-2015-8467.html
-CVE-2015-8466 (Swift3 before 1.9 allows remote attackers to conduct replay attacks ...)
+CVE-2015-8466
 	{DSA-3583-1}
 	- swift-plugin-s3 1.9-1 (bug #822688)
 CVE-2015-XXXX [uses non-random tempdir /tmp/tmprepo.0/.git/]
 	- git-repair 1.20151215-1 (unimportant; bug #807341)
 	NOTE: Non-exploitable on release archs due to kernel hardening
-CVE-2015-8537 (app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before ...)
+CVE-2015-8537
 	{DSA-3529-1}
 	- redmine 3.2.0-1 (bug #807826)
 	[squeeze] - redmine <not-affected> (Vulnerable code not present in 1.0.1)
@@ -2881,11 +2881,11 @@ CVE-2015-8537 (app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x b
 	NOTE: https://github.com/redmine/redmine/commit/7e423fb4538247d59e01958c48b491f196a1de56
 	NOTE: upstream fixed in 2.6.9, 3.0.6 and 3.1.3
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/08/8
-CVE-2015-8476 (Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 ...)
+CVE-2015-8476
 	{DSA-3416-1 DLA-363-1}
 	- libphp-phpmailer 5.2.14+dfsg-1 (bug #807265)
 	NOTE: https://github.com/PHPMailer/PHPMailer/commit/6687a96a18b8f12148881e4ddde795ae477284b0 (v5.2.14)
-CVE-2015-8474 (Open redirect vulnerability in the valid_back_url function in ...)
+CVE-2015-8474
 	{DSA-3529-1}
 	- redmine 3.2.0-1 (bug #807272)
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -2896,7 +2896,7 @@ CVE-2015-8474 (Open redirect vulnerability in the valid_back_url function in ...
 	NOTE: upstream fixed in 2.6.7, 3.0.5 and 3.1.1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/04/1
 	NOTE: depends on the CVE-2014-1985 fix first
-CVE-2015-8473 (The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x ...)
+CVE-2015-8473
 	{DSA-3529-1}
 	- redmine 3.2.0-1 (bug #807345)
 	[squeeze] - redmine <not-affected> (code dates from the API changes introduced in 735a83c, part of 1.1)
@@ -2913,141 +2913,141 @@ CVE-2015-8463
 	RESERVED
 CVE-2015-8462
 	RESERVED
-CVE-2015-8461 (Race condition in resolver.c in named in ISC BIND 9.9.8 before ...)
+CVE-2015-8461
 	- bind9 <not-affected> (Only affects 9.9.8 -> 9.9.8-P1, 9.9.8-S1 -> 9.9.8-S2, 9.10.3 -> 9.10.3-P1)
 	NOTE: https://kb.isc.org/article/AA-01319
-CVE-2015-8460 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before ...)
+CVE-2015-8460
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8459 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before ...)
+CVE-2015-8459
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8458 (Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-8458
 	NOT-FOR-US: Adobe
-CVE-2015-8457 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8457
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8456 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8456
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8455 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8455
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8454 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8454
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8453 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8453
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8452 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8452
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8451 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8451
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8450 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8450
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8449 (Use-after-free vulnerability in the MovieClip object implementation in ...)
+CVE-2015-8449
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8448 (Use-after-free vulnerability in the DisplacementMapFilter object ...)
+CVE-2015-8448
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8447 (Use-after-free vulnerability in the Color object implementation in ...)
+CVE-2015-8447
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8446 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and ...)
+CVE-2015-8446
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8445 (Integer overflow in the Shader filter implementation in Adobe Flash ...)
+CVE-2015-8445
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8444 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8444
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8443 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8443
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8442 (Use-after-free vulnerability in the MovieClip object implementation in ...)
+CVE-2015-8442
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8441 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8441
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8440 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8440
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8439 (The SharedObject object implementation in Adobe Flash Player before ...)
+CVE-2015-8439
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8438 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and ...)
+CVE-2015-8438
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8437 (Use-after-free vulnerability in the Selection object implementation in ...)
+CVE-2015-8437
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8436 (Use-after-free vulnerability in the PrintJob object implementation in ...)
+CVE-2015-8436
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8435 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8435
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8434 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8434
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8433 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8433
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8432 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8432
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8431 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8431
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8430 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8430
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8429 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8429
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8428 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8428
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8427 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8427
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8426 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8426
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8425 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8425
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8424 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8424
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8423 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8423
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8422 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8422
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8421 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8421
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8420 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8420
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8419 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8419
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8418 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8418
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8417 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8417
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8416 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8416
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8415 (Buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and ...)
+CVE-2015-8415
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8414 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8414
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8413 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8413
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8412 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8412
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8411 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8411
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8410 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8410
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8409 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8409
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8408 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8408
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8407 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8407
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8406 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8406
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8405 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8405
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8404 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8404
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8403 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8403
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8402 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8402
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8401 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8401
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8399 (Atlassian Confluence before 5.8.17 allows remote authenticated users ...)
+CVE-2015-8399
 	NOT-FOR-US: Atlassian Confluence
-CVE-2015-8398 (Cross-site scripting (XSS) vulnerability in Atlassian Confluence ...)
+CVE-2015-8398
 	NOT-FOR-US: Atlassian Confluence
-CVE-2015-8397 (The JPEGLSCodec::DecodeExtent function in ...)
+CVE-2015-8397
 	- gdcm 2.6.2-1
 	[jessie] - gdcm 2.4.4-3+deb8u1
 	[wheezy] - gdcm <not-affected> (Vulnerable code not present)
 	[squeeze] - gdcm <not-affected> (Vulnerable code not present)
 	NOTE: http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeextent/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/
-CVE-2015-8396 (Integer overflow in the ImageRegionReader::ReadIntoBuffer function in ...)
+CVE-2015-8396
 	- gdcm 2.6.2-1
 	[jessie] - gdcm 2.4.4-3+deb8u1
 	[wheezy] - gdcm <no-dsa> (Minor issue)
@@ -3057,18 +3057,18 @@ CVE-2015-8396 (Integer overflow in the ImageRegionReader::ReadIntoBuffer functio
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/92cd6d7fe0d01c61cf68ac4ef65ef388ee252415/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/9cbca25ff7f20c432b61eb9f4cae43a946502b66/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/e0dd1114c82d372dd905c029ddbee4e81ed01a89/
-CVE-2015-8379 (CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to ...)
+CVE-2015-8379
 	- cakephp 2.8.0-1 (bug #832316)
 	[jessie] - cakephp <no-dsa> (Minor issue)
 	[wheezy] - cakephp <not-affected> (vulnerable code not present)
 	NOTE: http://karmainsecurity.com/KIS-2016-01
 	NOTE: https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0
-CVE-2015-8400 (The HTTPS fallback implementation in Shell In A Box (aka shellinabox) ...)
+CVE-2015-8400
 	- shellinabox 2.19
 	[jessie] - shellinabox <no-dsa> (Minor issue)
 	[wheezy] - shellinabox <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/02/6
-CVE-2015-8377 (SQL injection vulnerability in the host_new_graphs_save function in ...)
+CVE-2015-8377
 	{DSA-3494-1 DLA-374-1}
 	- cacti 0.8.8f+ds1-4
 	NOTE: http://bugs.cacti.net/view.php?id=2655
@@ -3080,9 +3080,9 @@ CVE-2015-XXXX [Avoid unbounded SFTP extended attribute key/values]
 	[squeeze] - proftpd-dfsg <not-affected> (Vulnerable code not present)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4210
 	NOTE: https://github.com/proftpd/proftpd/pull/171
-CVE-2015-8376 (Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS ...)
+CVE-2015-8376
 	NOT-FOR-US: Microsoft
-CVE-2015-8373 (The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, ...)
+CVE-2015-8373
 	- isc-kea <not-affected> (Fixed before the initial version uploaded to Debian)
 CVE-2015-8372
 	RESERVED
@@ -3090,24 +3090,24 @@ CVE-2015-8371 [Composer Cache Injection vulnerability]
 	RESERVED
 	- composer 1.0.0~alpha11-3
 	NOTE: http://flyingmana.de/blog_en/2016/02/14/composer_cache_injection_vulnerability_cve_2015_8371.html
-CVE-2015-8370 (Multiple integer underflows in Grub2 1.98 through 2.02 allow ...)
+CVE-2015-8370
 	{DSA-3421-1 DLA-368-1}
 	- grub2 2.02~beta2-33 (bug #807614)
 	NOTE: https://twitter.com/lostinsecurity/status/674925944524640257
 	NOTE: http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
-CVE-2015-8369 (SQL injection vulnerability in include/top_graph_header.php in Cacti ...)
+CVE-2015-8369
 	{DSA-3423-1 DLA-374-1}
 	- cacti 0.8.8f+ds1-3 (bug #807599)
 	NOTE: http://bugs.cacti.net/view.php?id=2646
-CVE-2015-8378 (In KeePassX before 0.4.4, a cleartext copy of password data is created ...)
+CVE-2015-8378
 	- keepassx 0.4.3+dfsg-1 (bug #791858)
 	[jessie] - keepassx 0.4.3+dfsg-0.1+deb8u1
 	[wheezy] - keepassx <no-dsa> (Minor issue)
 	[squeeze] - keepassx <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/30/4
-CVE-2015-8375 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 9. ...)
+CVE-2015-8375
 	NOT-FOR-US: PHP-Fusion
-CVE-2015-8368 (ntopng (aka ntop) before 2.2 allows remote authenticated users to ...)
+CVE-2015-8368
 	- ntopng 2.2+dfsg1-1 (bug #816190)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: fixed upstream in 2.2
@@ -3166,7 +3166,7 @@ CVE-2015-8366 [Index overflow in smal_decode_segment]
 	[jessie] - xbmc <not-affected> (Transitional dummy package)
 	[wheezy] - xbmc <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
-CVE-2015-8365 (The smka_decode_frame function in libavcodec/smacker.c in FFmpeg ...)
+CVE-2015-8365
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:2.8.3-1 (bug #806519)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -3174,46 +3174,46 @@ CVE-2015-8365 (The smka_decode_frame function in libavcodec/smacker.c in FFmpeg
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4a9af07a49295e014b059c1ab624c40345af5892
 	NOTE: fix for the libav 11.9 branch: https://git.libav.org/?p=libav.git;a=commit;h=v11.9-5-g88762a0
 	NOTE: fix for the libav 0.8 branch: https://git.libav.org/?p=libav.git;a=commit;h=9fba59f471725e5235d5378e795ebf8b59472817
-CVE-2015-8364 (Integer overflow in the ff_ivi_init_planes function in ...)
+CVE-2015-8364
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.3-1 (bug #806519)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=df91aa034b82b77a3c4e01791f4a2b2ff6c82066
-CVE-2015-8363 (The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in ...)
+CVE-2015-8363
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.3-1 (bug #806519)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2
-CVE-2015-8362 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices ...)
+CVE-2015-8362
 	NOT-FOR-US: Harman AMX
-CVE-2015-8361 (Multiple unspecified services in Atlassian Bamboo before 5.9.9 and ...)
+CVE-2015-8361
 	NOT-FOR-US: Atlassian
-CVE-2015-8360 (An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x ...)
+CVE-2015-8360
 	NOT-FOR-US: Atlassian
 CVE-2015-8359
 	RESERVED
-CVE-2015-8358 (Directory traversal vulnerability in the bitrix.mpbuilder module ...)
+CVE-2015-8358
 	NOT-FOR-US: Bitrix
-CVE-2015-8357 (Directory traversal vulnerability in the bitrix.xscan module before ...)
+CVE-2015-8357
 	NOT-FOR-US: Bitrix
-CVE-2015-8356 (Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 ...)
+CVE-2015-8356
 	NOT-FOR-US: Bitrix
-CVE-2015-8355 (Multiple SQL injection vulnerabilities in the orion.extfeedbackform ...)
+CVE-2015-8355
 	NOT-FOR-US: Bitrix
-CVE-2015-8354 (Cross-site scripting (XSS) vulnerability in the Ultimate Member ...)
+CVE-2015-8354
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2015-8353 (Cross-site scripting (XSS) vulnerability in the Role Scoper plugin ...)
+CVE-2015-8353
 	NOT-FOR-US: WordPress plugin role-scoper
-CVE-2015-8352 (Directory traversal vulnerability in Zen Cart 1.5.4 allows remote ...)
+CVE-2015-8352
 	NOT-FOR-US: Zen Cart
-CVE-2015-8351 (PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin ...)
+CVE-2015-8351
 	NOT-FOR-US: WordPress plugin gwolle-gb
-CVE-2015-8350 (Multiple cross-site scripting (XSS) vulnerabilities in the Calls to ...)
+CVE-2015-8350
 	NOT-FOR-US: WordPress plugin cta
-CVE-2015-8349 (Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 ...)
+CVE-2015-8349
 	NOT-FOR-US: SourceBeans
 CVE-2015-8348
 	RESERVED
@@ -3225,29 +3225,29 @@ CVE-2015-8343
 	RESERVED
 CVE-2015-8342
 	REJECTED
-CVE-2015-8341 (The libxl toolstack library in Xen 4.1.x through 4.6.x does not ...)
+CVE-2015-8341
 	{DSA-3519-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-160.html
-CVE-2015-8340 (The memory_exchange function in common/memory.c in Xen 3.2.x through ...)
+CVE-2015-8340
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-159.html
-CVE-2015-8339 (The memory_exchange function in common/memory.c in Xen 3.2.x through ...)
+CVE-2015-8339
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-159.html
-CVE-2015-8338 (Xen 4.6.x and earlier does not properly enforce limits on page order ...)
+CVE-2015-8338
 	{DSA-3633-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[wheezy] - xen <not-affected> (Only affects Xen on arm)
 	[squeeze] - xen <not-affected> (Only affects Xen on arm)
 	NOTE: http://xenbits.xen.org/xsa/advisory-158.html
-CVE-2015-8374 (fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles ...)
+CVE-2015-8374
 	- linux 4.2.6-2
 	[jessie] - linux 3.16.7-ckt20-1+deb8u1
 	[wheezy] - linux 3.2.78-1
@@ -3258,39 +3258,39 @@ CVE-2015-8374 (fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles ...)
 	NOTE: CVE assignment for the vulnerability with the impact of "User B now
 	NOTE: gets to see the 1000 bytes that user A truncated from its file before
 	NOTE: it made its file world readable"
-CVE-2015-8337 (The HIFI driver in Huawei P8 phones with software GRA-TL00 before ...)
+CVE-2015-8337
 	NOT-FOR-US: Huawei
-CVE-2015-8336 (Huawei FusionCompute with software before V100R005C10SPC700 allows ...)
+CVE-2015-8336
 	NOT-FOR-US: Huawei FusionCompute
-CVE-2015-8335 (Huawei VCN500 with software before V100R002C00SPC201 logs passwords in ...)
+CVE-2015-8335
 	NOT-FOR-US: Huawei
-CVE-2015-8334 (SQL injection vulnerability in the Operation and Maintenance Unit ...)
+CVE-2015-8334
 	NOT-FOR-US: Huawei
-CVE-2015-8333 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with ...)
+CVE-2015-8333
 	NOT-FOR-US: Huawei
-CVE-2015-8332 (Huawei Video Content Management (VCM) before V100R001C10SPC001 does ...)
+CVE-2015-8332
 	NOT-FOR-US: Huawei
-CVE-2015-8331 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with ...)
+CVE-2015-8331
 	NOT-FOR-US: Huawei
-CVE-2015-8330 (The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers ...)
+CVE-2015-8330
 	NOT-FOR-US: SAP
-CVE-2015-8329 (SAP Manufacturing Integration and Intelligence (aka MII, formerly ...)
+CVE-2015-8329
 	NOT-FOR-US: SAP
-CVE-2015-8328 (Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU ...)
+CVE-2015-8328
 	- nvidia-graphics-drivers <not-affected> (Windows only)
-CVE-2015-8327 (Incomplete blacklist vulnerability in util.c in foomatic-rip in ...)
+CVE-2015-8327
 	{DSA-3429-1 DSA-3411-1 DLA-365-1}
 	- cups-filters 1.2.0-1
 	[wheezy] - cups-filters <not-affected> (Vulnerable code not present; introduced in 1.0.42)
 	- foomatic-filters 4.0.17-7 (bug #806886)
-CVE-2015-8325 (The do_setup_env function in session.c in sshd in OpenSSH through ...)
+CVE-2015-8325
 	{DSA-3550-1}
 	- openssh 1:7.2p2-3
 	NOTE: Upstream fix: https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
 CVE-2015-XXXX [RCE in gitlab-shell 2.6.6-2.6.7]
 	- gitlab-shell <not-affected> (Only affects version 2.6.6-2.6.7)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/11/25/5
-CVE-2015-8345 (The eepro100 emulator in QEMU qemu-kvm blank allows local guest users ...)
+CVE-2015-8345
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #806373)
 	[jessie] - qemu <no-dsa> (Minor issue, can be fixed along in a later DSA)
@@ -3302,7 +3302,7 @@ CVE-2015-8345 (The eepro100 emulator in QEMU qemu-kvm blank allows local guest u
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/25/3
-CVE-2015-8346 (app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before ...)
+CVE-2015-8346
 	{DSA-3529-1 DLA-351-1}
 	- redmine 3.2.0-1 (bug #806376)
 	[wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -3323,16 +3323,16 @@ CVE-2015-XXXX [Insecure permissions for backup directory]
 	NOTE: Workaround entry for DLA-390-1 (since no CVE for this issue)
 CVE-2015-8323
 	RESERVED
-CVE-2015-8322 (NetApp OnCommand System Manager 8.3.x before 8.3.2 allows remote ...)
+CVE-2015-8322
 	NOT-FOR-US: NetApp
-CVE-2015-8326 (The IPTables-Parse module before 1.6 for Perl allows local users to ...)
+CVE-2015-8326
 	- libiptables-parse-perl 1.6-1
 	[jessie] - libiptables-parse-perl 1.1-1+deb8u1
 	[wheezy] - libiptables-parse-perl 1.1-1+deb7u1
 	[squeeze] - libiptables-parse-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/mtrmac/IPTables-Parse/commit/b400b976d81140f6971132e94eb7657b5b0a2b87
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/24/6
-CVE-2015-8381 (The compile_regex function in pcre_compile.c in PCRE before 8.38 and ...)
+CVE-2015-8381
 	- pcre3 2:8.38-1 (bug #796762; bug #795539)
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -3344,7 +3344,7 @@ CVE-2015-8381 (The compile_regex function in pcre_compile.c in PCRE before 8.38
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/05/3
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1250943
-CVE-2015-8380 (The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a ...)
+CVE-2015-8380
 	- pcre3 2:8.38-1 (bug #806467)
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -3359,11 +3359,11 @@ CVE-2015-8380 (The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishand
 	NOTE: https://blog.fuzzing-project.org/29-Heap-Overflow-in-PCRE.html
 CVE-2015-8321
 	RESERVED
-CVE-2015-8319 (Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones ...)
+CVE-2015-8319
 	NOT-FOR-US: Huawei
-CVE-2015-8318 (Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones ...)
+CVE-2015-8318
 	NOT-FOR-US: Huawei
-CVE-2015-8315 (The ms package before 0.7.1 for Node.js allows attackers to cause a ...)
+CVE-2015-8315
 	- node-ms <not-affected> (Fixed before initial upload to Debian)
 CVE-2015-8314
 	RESERVED
@@ -3373,32 +3373,32 @@ CVE-2015-8313 [fail to check the first byte of the padding in CBC modes]
 	- gnutls28 <not-affected> (Vulnerable code not present)
 	- gnutls26 <removed>
 	NOTE: https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions.html
-CVE-2015-8312 (Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow ...)
+CVE-2015-8312
 	{DSA-3569-1 DLA-493-1}
 	- openafs 1.6.17-1
 	NOTE: http://git.openafs.org/?p=openafs.git;a=commitdiff;h=2ef863720da4d9f368aaca0461c672a3008195ca
 	NOTE: http://rt.central.org/rt/Ticket/Display.html?id=132256
 CVE-2015-8311
 	RESERVED
-CVE-2015-8310 (Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 ...)
+CVE-2015-8310
 	NOT-FOR-US: Cherry Music
-CVE-2015-8309 (Directory traversal vulnerability in Cherry Music before 0.36.0 allows ...)
+CVE-2015-8309
 	NOT-FOR-US: Cherry Music
-CVE-2015-8307 (The Graphics driver in Huawei P8 smartphones with software GRA-TL00 ...)
+CVE-2015-8307
 	NOT-FOR-US: Huawei
-CVE-2015-8306 (Buffer overflow in the HIFI driver in Huawei P8 phones with software ...)
+CVE-2015-8306
 	NOT-FOR-US: Huawei
-CVE-2015-8305 (Huawei Sophia-L10 smartphones with software before P7-L10C900B852 ...)
+CVE-2015-8305
 	NOT-FOR-US: Huawei
-CVE-2015-8304 (Integer overflow in Huawei P7 phones with software before P7-L07 ...)
+CVE-2015-8304
 	NOT-FOR-US: Huawei
-CVE-2015-8303 (Huawei Document Security Management (DSM) with software before ...)
+CVE-2015-8303
 	NOT-FOR-US: Huawei
 CVE-2015-8302
 	RESERVED
 CVE-2015-8301
 	RESERVED
-CVE-2015-8324 (The ext4 implementation in the Linux kernel before 2.6.34 does not ...)
+CVE-2015-8324
 	{DLA-360-1}
 	- linux 2.6.37-1
 	- linux-2.6 <removed>
@@ -3406,9 +3406,9 @@ CVE-2015-8324 (The ext4 implementation in the Linux kernel before 2.6.34 does no
 	NOTE: https://bugs.openvz.org/browse/OVZ-6541
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1267261
 	NOTE: Commit fixing the issue: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11 (v2.6.34-rc1)
-CVE-2015-8320 (Apache Cordova-Android before 3.7.0 improperly generates random values ...)
+CVE-2015-8320
 	NOT-FOR-US: Apache Cordova
-CVE-2015-8316 (Array index error in LightDM (aka Light Display Manager) 1.14.3, ...)
+CVE-2015-8316
 	- lightdm 1.16.6-1
 	[jessie] - lightdm <not-affected> (Affects 1.14.x, 1.16.x and development 1.17.x)
 	[wheezy] - lightdm <not-affected> (Affects 1.14.x, 1.16.x and development 1.17.x)
@@ -3416,11 +3416,11 @@ CVE-2015-8316 (Array index error in LightDM (aka Light Display Manager) 1.14.3,
 	NOTE: https://bugs.launchpad.net/lightdm/+bug/15168
 	NOTE: https://bazaar.launchpad.net/~lightdm-team/lightdm/1.14/revision/2166 (1.14.x)
 	NOTE: https://bazaar.launchpad.net/~lightdm-team/lightdm/1.16/revision/2207 (1.16.x)
-CVE-2015-8300 (Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: ...)
+CVE-2015-8300
 	NOT-FOR-US: Polycom BToE Connector
-CVE-2015-8299 (Buffer overflow in the Group messages monitor (Falcon) in KNX ETS ...)
+CVE-2015-8299
 	NOT-FOR-US: Falcon
-CVE-2015-8298 (Multiple SQL injection vulnerabilities in the login page in RXTEC ...)
+CVE-2015-8298
 	NOT-FOR-US: RXTEC
 CVE-2015-8297
 	REJECTED
@@ -3438,41 +3438,41 @@ CVE-2015-8291
 	REJECTED
 CVE-2015-8290
 	REJECTED
-CVE-2015-8289 (The password-recovery feature on NETGEAR D3600 devices with firmware ...)
+CVE-2015-8289
 	NOT-FOR-US: Netgear routers
-CVE-2015-8288 (NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with ...)
+CVE-2015-8288
 	NOT-FOR-US: Netgear routers
-CVE-2015-8287 (Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM ...)
+CVE-2015-8287
 	NOT-FOR-US: Swann
-CVE-2015-8286 (Zhuhai RaySharp firmware has a hardcoded root password, which makes it ...)
+CVE-2015-8286
 	NOT-FOR-US: Zhuhai RaySharp
-CVE-2015-8285 (The webssx.sys driver in QuickHeal 16.00 allows remote attackers to ...)
+CVE-2015-8285
 	NOT-FOR-US: QuickHeal
-CVE-2015-8284 (SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to ...)
+CVE-2015-8284
 	NOT-FOR-US: SeaWell Networks Spectrum
-CVE-2015-8283 (Directory traversal vulnerability in configure_manage.php in SeaWell ...)
+CVE-2015-8283
 	NOT-FOR-US: SeaWell Networks Spectrum
-CVE-2015-8282 (SeaWell Networks Spectrum SDC 02.05.00 has a default password of ...)
+CVE-2015-8282
 	NOT-FOR-US: SeaWell Networks Spectrum
-CVE-2015-8281 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to ...)
+CVE-2015-8281
 	NOT-FOR-US: Samsung
-CVE-2015-8280 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote ...)
+CVE-2015-8280
 	NOT-FOR-US: Samsung
-CVE-2015-8279 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote ...)
+CVE-2015-8279
 	NOT-FOR-US: Samsung
 CVE-2015-8278
 	RESERVED
-CVE-2015-8277 (Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in ...)
+CVE-2015-8277
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2015-8276 (LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow ...)
+CVE-2015-8276
 	NOT-FOR-US: LVRTC eParakstitajs
-CVE-2015-8275 (LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow ...)
+CVE-2015-8275
 	NOT-FOR-US: LVRTC eParakstitajs
 CVE-2015-8274
 	RESERVED
 CVE-2015-8273
 	RESERVED
-CVE-2015-8272 (RTMPDump 2.4 allows remote attackers to trigger a denial of service ...)
+CVE-2015-8272
 	{DSA-3850-1 DLA-917-1}
 	- rtmpdump 2.4+20151223.gitfa8646d.1-1
 	NOTE: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/4312322107a94c81d3ec5b98f91bc6b923551dc5
@@ -3480,7 +3480,7 @@ CVE-2015-8272 (RTMPDump 2.4 allows remote attackers to trigger a denial of servi
 	NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
 	NOTE: to missing upstream source import the fixes are really only present in
 	NOTE: 2.4+20151223.gitfa8646d.1-1
-CVE-2015-8271 (The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote ...)
+CVE-2015-8271
 	{DSA-3850-1 DLA-917-1}
 	- rtmpdump 2.4+20151223.gitfa8646d.1-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0067/
@@ -3489,7 +3489,7 @@ CVE-2015-8271 (The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remot
 	NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
 	NOTE: to missing upstream source import the fixes are really only present in
 	NOTE: 2.4+20151223.gitfa8646d.1-1
-CVE-2015-8270 (The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote ...)
+CVE-2015-8270
 	{DSA-3850-1 DLA-917-1}
 	- rtmpdump 2.4+20151223.gitfa8646d.1-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0066/
@@ -3497,51 +3497,51 @@ CVE-2015-8270 (The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remot
 	NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
 	NOTE: to missing upstream source import the fixes are really only present in
 	NOTE: 2.4+20151223.gitfa8646d.1-1
-CVE-2015-8269 (The API on Fisher-Price Smart Toy Bear devices allows remote attackers ...)
+CVE-2015-8269
 	NOT-FOR-US: Fisher-Price
-CVE-2015-8268 (The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 ...)
+CVE-2015-8268
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
-CVE-2015-8267 (The PasswordReset.Controllers.ResetController.ChangePasswordIndex ...)
+CVE-2015-8267
 	NOT-FOR-US: Dovestones
 CVE-2015-8266
 	RESERVED
-CVE-2015-8265 (Huawei Mobile WiFi E5151 routers with software before ...)
+CVE-2015-8265
 	NOT-FOR-US: Huawei
-CVE-2015-8264 (Untrusted search path vulnerability in F-Secure Online Scanner allows ...)
+CVE-2015-8264
 	NOT-FOR-US: F-Secure Online Scanner
-CVE-2015-8263 (NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source ...)
+CVE-2015-8263
 	NOT-FOR-US: NETGEAR
-CVE-2015-8262 (Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an ...)
+CVE-2015-8262
 	NOT-FOR-US: BUFFALO
-CVE-2015-8261 (The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold ...)
+CVE-2015-8261
 	NOT-FOR-US: Ipswitch
 CVE-2015-8260
 	RESERVED
 CVE-2015-8259
 	RESERVED
-CVE-2015-8258 (AXIS Communications products with firmware through 5.80.x allow remote ...)
+CVE-2015-8258
 	NOT-FOR-US: AXIS Communications
-CVE-2015-8257 (The devtools.sh script in AXIS network cameras allows remote ...)
+CVE-2015-8257
 	NOT-FOR-US: Axis network cameras
-CVE-2015-8256 (Multiple cross-site scripting (XSS) vulnerabilities in Axis network ...)
+CVE-2015-8256
 	NOT-FOR-US: Axis network cameras
-CVE-2015-8255 (AXIS Communications products allow CSRF, as demonstrated by ...)
+CVE-2015-8255
 	NOT-FOR-US: AXIS Communications
-CVE-2015-8254 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
+CVE-2015-8254
 	NOT-FOR-US: Frontel
-CVE-2015-8253 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
+CVE-2015-8253
 	NOT-FOR-US: Frontel
-CVE-2015-8252 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
+CVE-2015-8252
 	NOT-FOR-US: Frontel
-CVE-2015-8251 (OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, ...)
+CVE-2015-8251
 	NOT-FOR-US: OpenStage
 CVE-2015-8250
 	RESERVED
-CVE-2015-8249 (The FileUploadServlet class in ManageEngine Desktop Central 9 before ...)
+CVE-2015-8249
 	NOT-FOR-US: ManageEngine Desktop Central
 CVE-2015-8248
 	REJECTED
-CVE-2015-8247 (Cross-site scripting (XSS) vulnerability in synnefoclient in Synnefo ...)
+CVE-2015-8247
 	NOT-FOR-US: Synnefo
 CVE-2015-8246
 	RESERVED
@@ -3561,7 +3561,7 @@ CVE-2015-XXXX [Missing bounds checking and verification of data type causes segf
 	- libmaxminddb 1.1.5-1 (bug #805657)
 	NOTE: https://github.com/maxmind/libmaxminddb/commit/51255f113fe3c7b63ffe957636a7656a3ff9d1ff
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283919
-CVE-2015-8308 (LXDM before 0.5.2 did not start X server with -auth, which allows ...)
+CVE-2015-8308
 	- lxdm 0.5.3-1 (bug #805659)
 	NOTE: http://git.lxde.org/gitweb/?p=lxde/lxdm.git;a=commitdiff;h=e8f387089e241360bdc6955d3e479450722dcea3
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268900
@@ -3569,47 +3569,47 @@ CVE-2015-8308 (LXDM before 0.5.2 did not start X server with -auth, which allows
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/20/2
 CVE-2015-8243
 	RESERVED
-CVE-2015-8240 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, ...)
+CVE-2015-8240
 	NOT-FOR-US: F5 BIG-IP
 CVE-2015-8238
 	RESERVED
 CVE-2015-8237
 	RESERVED
-CVE-2015-8236 (Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, ...)
+CVE-2015-8236
 	NOT-FOR-US: Arista EOS
-CVE-2015-8235 (Directory traversal vulnerability in Spiffy before 5.4. ...)
+CVE-2015-8235
 	- chicken 4.10.0-1
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
-CVE-2015-8233 (Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x ...)
+CVE-2015-8233
 	NOT-FOR-US: Drupal theme
-CVE-2015-8232 (The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not ...)
+CVE-2015-8232
 	NOT-FOR-US: Drupal theme
-CVE-2015-8231 (Huawei eSpace 7910 and 7950 IP phones with software before ...)
+CVE-2015-8231
 	NOT-FOR-US: Huawei
-CVE-2015-8230 (Memory leak in Huawei eSpace 8950 IP phones with software before ...)
+CVE-2015-8230
 	NOT-FOR-US: Huawei
-CVE-2015-8229 (Huawei eSpace U2980 unified gateway with software before V100R001C10 ...)
+CVE-2015-8229
 	NOT-FOR-US: Huawai
-CVE-2015-8228 (Directory traversal vulnerability in the SFTP server in Huawei AR 120, ...)
+CVE-2015-8228
 	NOT-FOR-US: Huawai
-CVE-2015-8227 (The built-in web server in Huawei VP9660 multi-point control unit with ...)
+CVE-2015-8227
 	NOT-FOR-US: Huawai
-CVE-2015-8226 (The Joint Photographic Experts Group Processing Unit (JPU) driver in ...)
+CVE-2015-8226
 	NOT-FOR-US: Huawei
-CVE-2015-8225 (The Joint Photographic Experts Group Processing Unit (JPU) driver in ...)
+CVE-2015-8225
 	NOT-FOR-US: Huawei
-CVE-2015-8224 (Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before ...)
+CVE-2015-8224
 	NOT-FOR-US: Huawei
-CVE-2015-8223 (Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and ...)
+CVE-2015-8223
 	NOT-FOR-US: Huawei
-CVE-2015-8222 (The lxd-unix.socket systemd unit file in the Ubuntu lxd package before ...)
+CVE-2015-8222
 	- lxd <itp> (bug #768073)
-CVE-2015-8221 (Integer overflow in Google Picasa before 3.9.140 Build 259 allows ...)
+CVE-2015-8221
 	NOT-FOR-US: Google Picasa
-CVE-2015-8220 (Stack-based buffer overflow in the URI handler in DWRCC.exe in ...)
+CVE-2015-8220
 	NOT-FOR-US: SolarWinds remote control
-CVE-2015-8242 (The xmlSAX2TextNode function in SAX2.c in the push interface in the ...)
+CVE-2015-8242
 	- libxml2 2.9.3+dfsg1-1 (bug #805146)
 	[jessie] - libxml2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libxml2 <not-affected> (Vulnerable code introduced later)
@@ -3617,29 +3617,29 @@ CVE-2015-8242 (The xmlSAX2TextNode function in SAX2.c in the push interface in t
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756372
 	NOTE: Introduced by: https://git.gnome.org/browse/libxml2/commit/?id=826bc320206f70fccd2941a77d363e95e8076898 (v2.9.2-rc1)
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2 (v2.9.3)
-CVE-2015-8241 (The xmlNextChar function in libxml2 2.9.2 does not properly check the ...)
+CVE-2015-8241
 	{DSA-3430-1 DLA-355-1}
 	- libxml2 2.9.3+dfsg1-1 (bug #806384)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756263
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe
 	NOTE: Introduced/Uncovered by https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (fix for CVE-2015-7941)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/17/5
-CVE-2015-8239 (The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 ...)
+CVE-2015-8239
 	- sudo 1.8.17p1-1 (bug #805563)
 	[jessie] - sudo <no-dsa> (Minor issue)
 	[wheezy] - sudo <not-affected> (Command digests are only supported by version 1.8.7 or higher)
 	[squeeze] - sudo <not-affected> (Command digests are only supported by version 1.8.7 or higher)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/10/2
-CVE-2015-8234 (The image signature algorithm in OpenStack Glance 11.0.0 allows remote ...)
+CVE-2015-8234
 	- glance <unfixed> (unimportant)
-CVE-2015-8219 (The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before ...)
+CVE-2015-8219
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=43492ff3ab68a343c1264801baa1d5a02de10167
-CVE-2015-8218 (The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg ...)
+CVE-2015-8218
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable feature not present)
@@ -3647,7 +3647,7 @@ CVE-2015-8218 (The decode_uncompressed function in libavcodec/faxcompr.c in FFmp
 	NOTE: Vulnerability affects G3{1, 2}D code extensions feature, which is not present
 	NOTE: in libav 0.8 and 9. branches: https://lists.debian.org/debian-lts/2017/12/msg00011.html
 	NOTE: 11.x features G3 support, but the vulnerable code was introduced later
-CVE-2015-8217 (The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg ...)
+CVE-2015-8217
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -3655,28 +3655,28 @@ CVE-2015-8217 (The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg
 	[jessie] - libav <not-affected> (Contains a similar code block like the one referenced by the ffmpeg commit)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=93f30f825c08477fe8f76be00539e96014cc83c8
-CVE-2015-8216 (The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg ...)
+CVE-2015-8216
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=d24888ef19ba38b787b11d1ee091a3d94920c76a
 	NOTE: patch does not apply cleanly in jessie's libav, possibly needs some brainwork
-CVE-2015-8215 (net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 ...)
+CVE-2015-8215
 	{DSA-3364-1 DLA-310-1}
 	- linux 4.0.2-1
 	- linux-2.6 <removed>
 	NOTE: Patch for the kernel to harden against invalid MTUs: http://article.gmane.org/gmane.linux.network/351269
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac (v4.0-rc3)
-CVE-2015-8214 (Siemens SIMATIC CP 343-1 Advanced devices before 3.0.44, CP 343-1 Lean ...)
+CVE-2015-8214
 	NOT-FOR-US: Siemens
-CVE-2015-8213 (The get_format function in utils/formats.py in Django before 1.7.x ...)
+CVE-2015-8213
 	{DSA-3404-1 DLA-349-1}
 	- python-django 1.8.7-1
 	NOTE: https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4 (master)
 	NOTE: https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172 (1.7.x)
 	NOTE: https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
-CVE-2015-8212 (CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 ...)
+CVE-2015-8212
 	{DLA-490-1}
 	- bozohttpd <removed>
 	NOTE: FIX http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/httpd/bozohttpd.c.diff?r1=1.79&r2=1.80&only_with_tag=MAIN
@@ -3787,30 +3787,30 @@ CVE-2015-8160
 	RESERVED
 CVE-2015-8159
 	RESERVED
-CVE-2015-8158 (The getresponse function in ntpq in NTP versions before 4.2.8p9 and ...)
+CVE-2015-8158
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2948
-CVE-2015-8157 (SQL injection vulnerability in the Management Server in Symantec ...)
+CVE-2015-8157
 	NOT-FOR-US: Symantec
-CVE-2015-8156 (Unquoted Windows search path vulnerability in EEDService in Symantec ...)
+CVE-2015-8156
 	NOT-FOR-US: Symantec
 CVE-2015-8155
 	REJECTED
-CVE-2015-8154 (The SysPlant.sys driver in the Application and Device Control (ADC) ...)
+CVE-2015-8154
 	NOT-FOR-US: Symantec
-CVE-2015-8153 (SQL injection vulnerability in Symantec Endpoint Protection Manager ...)
+CVE-2015-8153
 	NOT-FOR-US: Symantec
-CVE-2015-8152 (Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint ...)
+CVE-2015-8152
 	NOT-FOR-US: Symantec
-CVE-2015-8151 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows ...)
+CVE-2015-8151
 	NOT-FOR-US: Symantec
-CVE-2015-8150 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows ...)
+CVE-2015-8150
 	NOT-FOR-US: Symantec
-CVE-2015-8149 (The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 ...)
+CVE-2015-8149
 	NOT-FOR-US: Symantec
-CVE-2015-8148 (The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 ...)
+CVE-2015-8148
 	NOT-FOR-US: Symantec
 CVE-2015-8145
 	RESERVED
@@ -3822,21 +3822,21 @@ CVE-2015-8142
 	RESERVED
 CVE-2015-8141
 	RESERVED
-CVE-2015-8140 (The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to ...)
+CVE-2015-8140
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue, no code fix by upstream and mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2947
 	NOTE: Mitigated in 4.2.8p6
-CVE-2015-8139 (ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin ...)
+CVE-2015-8139
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue, no code fix by upstream and mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2946
 	NOTE: Mitigated in 4.2.8p6
-CVE-2015-8138 (NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to ...)
+CVE-2015-8138
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0077/
@@ -3857,7 +3857,7 @@ CVE-2015-8133
 	REJECTED
 CVE-2015-8132
 	REJECTED
-CVE-2015-8131 (Cross-site request forgery (CSRF) vulnerability in Elasticsearch ...)
+CVE-2015-8131
 	- kibana <itp> (bug #700337)
 CVE-2015-8130
 	RESERVED
@@ -3867,7 +3867,7 @@ CVE-2015-8128
 	RESERVED
 CVE-2015-8127
 	RESERVED
-CVE-2015-8317 (The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 ...)
+CVE-2015-8317
 	{DSA-3430-1 DLA-355-1}
 	- libxml2 2.9.2+zdfsg1-4
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=751631
@@ -3879,12 +3879,12 @@ CVE-2015-XXXX [Kernel: Unprivileged user can freeze journald]
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/systemd/systemd/issues/1822
 	NOTE: Issue in Linux related to unprivileged CLONE_NEWUSER affecting systemd, but we disable unprivileged use by default
-CVE-2015-8125 (Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before ...)
+CVE-2015-8125
 	{DSA-3402-1}
 	- symfony 2.7.7+dfsg-1
 	NOTE: http://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service
 	NOTE: https://github.com/symfony/symfony/pull/16630
-CVE-2015-8124 (Session fixation vulnerability in the &quot;Remember Me&quot; login feature in ...)
+CVE-2015-8124
 	{DSA-3402-1}
 	- symfony 2.7.7+dfsg-1
 	NOTE: http://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature
@@ -3909,23 +3909,23 @@ CVE-2015-8115
 	REJECTED
 CVE-2015-8114
 	REJECTED
-CVE-2015-8113 (Untrusted search path vulnerability in the client in Symantec Endpoint ...)
+CVE-2015-8113
 	NOT-FOR-US: Symantec
 CVE-2015-8112
 	RESERVED
 CVE-2015-8111
 	RESERVED
-CVE-2015-8110 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
+CVE-2015-8110
 	NOT-FOR-US: Lenovo
-CVE-2015-8109 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
+CVE-2015-8109
 	NOT-FOR-US: Lenovo
-CVE-2015-8108 (The management interface in LenovoEMC EZ Media &amp; Backup (hm3), ...)
+CVE-2015-8108
 	NOT-FOR-US: LenovoEMC
-CVE-2015-8107 (Format string vulnerability in GNU a2ps 4.14 allows remote attackers ...)
+CVE-2015-8107
 	- a2ps 1:4.14-1.2
 	[wheezy] - a2ps <no-dsa> (Minor issue)
 	[squeeze] - a2ps <no-dsa> (Minor issue)
-CVE-2015-8106 (Format string vulnerability in the CmdKeywords function in funct1.c in ...)
+CVE-2015-8106
 	- latex2rtf 2.3.10-1 (unimportant; bug #805398)
 	[wheezy] - latex2rtf <not-affected> (Vulnerable code introduced later)
 	[squeeze] - latex2rtf <not-affected> (Vulnerable code introduced later)
@@ -3933,7 +3933,7 @@ CVE-2015-8106 (Format string vulnerability in the CmdKeywords function in funct1
 	NOTE: http://sourceforge.net/p/latex2rtf/code/1152/tree//trunk/funct1.c?diff=50900fed34309d3c639c868f:1151
 	NOTE: latex2rtf compiled with -D_FORTIFY_SOURCE=2
 	NOTE: Rendered non-exploitable by toolchain hardening
-CVE-2015-8472 (Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, ...)
+CVE-2015-8472
 	{DSA-3443-1 DLA-410-1 DLA-375-1}
 	- libpng <removed> (bug #807112)
 	- libpng1.6 1.6.20-1 (bug #807112)
@@ -3941,7 +3941,7 @@ CVE-2015-8472 (Buffer overflow in the png_set_PLTE function in libpng before 1.0
 	NOTE: https://github.com/glennrp/libpng/commit/7e1ca9ceba4e64259863efdd98bab9b55bdc0b9c
 	NOTE: https://github.com/glennrp/libpng/commit/4488a96126bbefda51d07835411d8e847a88b2b7
 	NOTE: https://github.com/glennrp/libpng/commit/ad224c6907e8a274f2679eae4c2e3085fdc7e8c8
-CVE-2015-8126 (Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE ...)
+CVE-2015-8126
 	{DSA-3507-1 DSA-3399-1 DLA-410-1 DLA-343-1}
 	- libpng 1.2.54-1 (bug #805113)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/12/2
@@ -3953,7 +3953,7 @@ CVE-2015-8126 (Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8105 (Cross-site scripting (XSS) vulnerability in program/js/app.js in ...)
+CVE-2015-8105
 	- roundcube 1.1.3+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
@@ -3968,17 +3968,17 @@ CVE-2015-8102
 	RESERVED
 CVE-2015-8101
 	RESERVED
-CVE-2015-8099 (F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM ...)
+CVE-2015-8099
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-8098 (F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and ...)
+CVE-2015-8098
 	NOT-FOR-US: BIG-IP
 CVE-2015-8097
 	RESERVED
-CVE-2015-8096 (Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 ...)
+CVE-2015-8096
 	NOT-FOR-US: Google Picasa
-CVE-2015-8095 (The recycle bin feature in the Monster Menus module 7.x-1.21 before ...)
+CVE-2015-8095
 	NOT-FOR-US: Monster Menus module for Drupal
-CVE-2015-8094 (Open redirect vulnerability in Cloudera HUE before 3.10.0 allows ...)
+CVE-2015-8094
 	NOT-FOR-US: Cloudera HUE
 CVE-2015-8093
 	RESERVED
@@ -3986,9 +3986,9 @@ CVE-2015-8092
 	RESERVED
 CVE-2015-8091
 	REJECTED
-CVE-2015-8090 (The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows ...)
+CVE-2015-8090
 	NOT-FOR-US: TIBCO
-CVE-2015-8104 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
+CVE-2015-8104
 	{DSA-3454-1 DSA-3426-1 DSA-3414-1 DLA-479-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -4001,30 +4001,30 @@ CVE-2015-8104 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.
 	- virtualbox 5.0.10-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2015-8100 (The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for ...)
+CVE-2015-8100
 	- net-snmp <not-affected> (Specific to packaging in OpenBSD)
-CVE-2015-8089 (The GPU driver in Huawei P7 phones with software P7-L00 before ...)
+CVE-2015-8089
 	NOT-FOR-US: Huawei
-CVE-2015-8088 (Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones ...)
+CVE-2015-8088
 	NOT-FOR-US: Huawei
-CVE-2015-8087 (Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before ...)
+CVE-2015-8087
 	NOT-FOR-US: Huawei
-CVE-2015-8086 (Huawei AR routers with software before V200R007C00SPC100; Quidway ...)
+CVE-2015-8086
 	NOT-FOR-US: Huawei
-CVE-2015-8085 (Huawei AR routers with software before V200R007C00SPC100; Quidway ...)
+CVE-2015-8085
 	NOT-FOR-US: Huawei
-CVE-2015-8084 (Huawei USG5500, USG2100, USG2200, and USG5100 unified security ...)
+CVE-2015-8084
 	NOT-FOR-US: Huawei
-CVE-2015-8083 (An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, ...)
+CVE-2015-8083
 	NOT-FOR-US: Huawei
-CVE-2015-8082 (The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before ...)
+CVE-2015-8082
 	NOT-FOR-US: Login Disable module for Drupal
-CVE-2015-8081 (The Field as Block module 7.x-1.x before 7.x-1.4 for Drupal might ...)
+CVE-2015-8081
 	NOT-FOR-US: Field as Block module for Drupal
-CVE-2015-8103 (The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before ...)
+CVE-2015-8103
 	- jenkins <removed> (bug #804522)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-7501 (Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data ...)
+CVE-2015-7501
 	- libcommons-collections3-java 3.2.2-1 (unimportant)
 	[jessie] - libcommons-collections3-java 3.2.1-7+deb8u1
 	[wheezy] - libcommons-collections3-java 3.2.1-5+deb7u1
@@ -4046,100 +4046,100 @@ CVE-2015-7501 (Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; D
 	NOTE: https://github.com/apache/commons-collections/commit/3eee44cf63b1ebb0da6925e98b3dcc6ef1e4d610
 	NOTE: https://github.com/apache/commons-collections/commit/78d47d4d098ab814a7a00a0b1c81646b27f050cf
 	NOTE: https://github.com/apache/commons-collections/commit/b2b8f4adc557e4ef1ee2fe5e0ab46866c06ec55b
-CVE-2015-8079 (qt5-qtwebkit before 5.4 records private browsing URLs to its favicon ...)
+CVE-2015-8079
 	- qtwebkit <unfixed> (unimportant)
 	NOTE: qtwebkit not covered by security support
-CVE-2015-8080 (Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x ...)
+CVE-2015-8080
 	{DSA-3412-1}
 	- redis 2:3.0.5-4 (bug #804419)
 	[wheezy] - redis <not-affected> (Vulnerable code not present)
 	[squeeze] - redis <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/antirez/redis/issues/2855
-CVE-2015-8078 (Integer overflow in the index_urlfetch function in imap/index.c in ...)
+CVE-2015-8078
 	- cyrus-imapd-2.4 2.4.18-4 (bug #804182)
 	[jessie] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	[wheezy] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=6fb6a272171f49c79ba6ab7c6403eb25b39ec1b2
-CVE-2015-8077 (Integer overflow in the index_urlfetch function in imap/index.c in ...)
+CVE-2015-8077
 	- cyrus-imapd-2.4 2.4.18-4 (bug #804182)
 	[jessie] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	[wheezy] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=745e161c834f1eb6d62fc14477f51dae799e1e08
-CVE-2015-8074 (mediaserver in Android before 5.1.1 LMY48X allows remote attackers to ...)
+CVE-2015-8074
 	NOT-FOR-US: Android
-CVE-2015-8073 (mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X allows remote ...)
+CVE-2015-8073
 	NOT-FOR-US: Android
-CVE-2015-8072 (mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 ...)
+CVE-2015-8072
 	NOT-FOR-US: Android
-CVE-2015-8071 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8071
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8070 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8070
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8069 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8069
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8068 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8068
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8067 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8067
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8066 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8066
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8065 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8065
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8064 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8064
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8063 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8063
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8062 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8062
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8061 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8061
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8060 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8060
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8059 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8059
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8058 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8058
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8057 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8057
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8056 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8056
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8055 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8055
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8054
 	REJECTED
-CVE-2015-8053 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
+CVE-2015-8053
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2015-8052 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
+CVE-2015-8052
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2015-8051 (The Adobe Premiere Clip app before 1.2.1 for iOS mishandles ...)
+CVE-2015-8051
 	NOT-FOR-US: Adobe Pemiere Clip
-CVE-2015-8050 (Use-after-free vulnerability in the MovieClip object implementation in ...)
+CVE-2015-8050
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8049 (Use-after-free vulnerability in the TextField object implementation in ...)
+CVE-2015-8049
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8048 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 ...)
+CVE-2015-8048
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8047 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8047
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8046 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-8046
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8045 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...)
+CVE-2015-8045
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8044 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-8044
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8043 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-8043
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8042 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-8042
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8040 (The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung ...)
+CVE-2015-8040
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2015-8039 (Samsung SmartViewer allows remote attackers to execute arbitrary code ...)
+CVE-2015-8039
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2015-8038 (Multiple cross-site scripting (XSS) vulnerabilities in the Graphical ...)
+CVE-2015-8038
 	NOT-FOR-US: Fortinet
-CVE-2015-8037 (Multiple cross-site scripting (XSS) vulnerabilities in the Graphical ...)
+CVE-2015-8037
 	NOT-FOR-US: Fortinet
-CVE-2015-8036 (Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x ...)
+CVE-2015-8036
 	{DSA-3468-1}
 	- mbedtls <not-affected> (Fixed before the initial release to Debian)
 	[experimental] - polarssl 1.3.14-0.1
@@ -4148,7 +4148,7 @@ CVE-2015-8036 (Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.
 	[squeeze] - polarssl <not-affected> (Vulnerable code introduced later)
 	NOTE: support for session tickets added in 1.3.0.
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
-CVE-2015-8034 (The state.sls function in Salt before 2015.8.3 uses weak permissions ...)
+CVE-2015-8034
 	- salt 2015.8.3+ds-1 (bug #807356)
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: For jessie: /var/cache/salt/minion is created with restricted permissions on
@@ -4162,7 +4162,7 @@ CVE-2015-8033
 	RESERVED
 CVE-2015-8032
 	RESERVED
-CVE-2015-8035 (The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly ...)
+CVE-2015-8035
 	{DSA-3430-1}
 	- libxml2 2.9.3+dfsg1-1 (bug #803942)
 	[squeeze] - libxml2 <not-affected> (No LZMA/XZ support in version 2.7.8)
@@ -4173,7 +4173,7 @@ CVE-2015-8035 (The xz_decomp function in xzlib.c in libxml2 2.9.1 does not prope
 	NOTE: '<' not found) even though it does not have the fix yet. The next upstream
 	NOTE: release will fix this issue and will restore XZ support.
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/02/2
-CVE-2015-7984 (Multiple cross-site request forgery (CSRF) vulnerabilities in Horde ...)
+CVE-2015-7984
 	{DSA-3391-1}
 	- php-horde 5.2.8+debian0-1 (bug #803641)
 	NOTE: https://www.htbridge.com/advisory/HTB23272
@@ -4181,27 +4181,27 @@ CVE-2015-7984 (Multiple cross-site request forgery (CSRF) vulnerabilities in Hor
 	NOTE: http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html
 CVE-2015-8031
 	RESERVED
-CVE-2015-8030 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to ...)
+CVE-2015-8030
 	NOT-FOR-US: SAP
-CVE-2015-8029 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to ...)
+CVE-2015-8029
 	NOT-FOR-US: SAP
-CVE-2015-8028 (Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) ...)
+CVE-2015-8028
 	NOT-FOR-US: SAP
-CVE-2015-8027 (Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 ...)
+CVE-2015-8027
 	- nodejs 4.2.3~dfsg-1 (bug #806385)
 	[jessie] - nodejs <not-affected> (0.10 series not affected)
 	NOTE: https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/
-CVE-2015-8024 (McAfee Enterprise Security Manager (ESM), Enterprise Security ...)
+CVE-2015-8024
 	NOT-FOR-US: McAfee
-CVE-2015-8023 (The server implementation of the EAP-MSCHAPv2 protocol in the ...)
+CVE-2015-8023
 	{DSA-3398-1 DLA-345-1}
 	- strongswan 5.3.3-3
 	NOTE: https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html
-CVE-2015-8022 (The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, ...)
+CVE-2015-8022
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-8021 (Incomplete blacklist vulnerability in the Configuration utility in F5 ...)
+CVE-2015-8021
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-8020 (Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default ...)
+CVE-2015-8020
 	NOT-FOR-US: Clustered Data ONTAP
 CVE-2015-8018
 	RESERVED
@@ -4213,13 +4213,13 @@ CVE-2015-8015
 	RESERVED
 CVE-2015-8014
 	RESERVED
-CVE-2015-8009 (The MWOAuthDataStore::lookup_token function in Extension:OAuth for ...)
+CVE-2015-8009
 	NOT-FOR-US: Mediawiki extension OAuth
-CVE-2015-8008 (The OAuth extension for MediaWiki improperly negotiates a new client ...)
+CVE-2015-8008
 	NOT-FOR-US: Mediawiki extension OAuth
-CVE-2015-8007 (The Echo extension for MediWiki does not properly implement the ...)
+CVE-2015-8007
 	NOT-FOR-US: Mediawiki extension Echo
-CVE-2015-8006 (Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in ...)
+CVE-2015-8006
 	NOT-FOR-US: Mediawiki extension PageTriage
 CVE-2015-XXXX [iptables-persistent minor local info leak]
 	- iptables-persistent 1.0.4 (low; bug #764645)
@@ -4232,65 +4232,65 @@ CVE-2015-XXXX
 	[jessie] - cinnamon-settings-daemon 2.2.4.repack-7+deb8u1
 	NOTE: https://github.com/linuxmint/cinnamon-settings-daemon/commit/ac5e0be8c1817616dbdb056b6881cfc4660f57a8
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/28/3
-CVE-2015-8025 (driver/subprocs.c in XScreenSaver before 5.34 does not properly ...)
+CVE-2015-8025
 	{DSA-3438-1 DLA-338-1}
 	- xscreensaver 5.34-1 (bug #802914)
 	NOTE: http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id=b57f59f3482fedf70ce7a3541094e2512290139f
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1274452
-CVE-2015-8005 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
+CVE-2015-8005
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T108616
-CVE-2015-8004 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
+CVE-2015-8004
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T95589
-CVE-2015-8003 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
+CVE-2015-8003
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91850
-CVE-2015-8002 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
+CVE-2015-8002
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91205
-CVE-2015-8001 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
+CVE-2015-8001
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91203
-CVE-2015-8000 (db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before ...)
+CVE-2015-8000
 	{DSA-3420-1 DLA-370-1}
 	- bind9 1:9.9.5.dfsg-12.1 (bug #808081)
 	NOTE: https://kb.isc.org/article/AA-01317
-CVE-2015-7999 (Multiple SQL injection vulnerabilities in the Administration Web UI ...)
+CVE-2015-7999
 	NOT-FOR-US: Citrix
-CVE-2015-7998 (The administration UI in Citrix NetScaler Application Delivery ...)
+CVE-2015-7998
 	NOT-FOR-US: Citrix
-CVE-2015-7997 (Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API ...)
+CVE-2015-7997
 	NOT-FOR-US: Citrix
-CVE-2015-7996 (The Nitro API in Citrix NetScaler Application Delivery Controller ...)
+CVE-2015-7996
 	NOT-FOR-US: Citrix
-CVE-2015-7994 (The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) ...)
+CVE-2015-7994
 	NOT-FOR-US: SAP HANA
-CVE-2015-7993 (The Extended Application Services (aka XS or XS Engine) in SAP HANA DB ...)
+CVE-2015-7993
 	NOT-FOR-US: SAP HANA
-CVE-2015-7992 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote ...)
+CVE-2015-7992
 	NOT-FOR-US: SAP HANA
-CVE-2015-7991 (The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 ...)
+CVE-2015-7991
 	NOT-FOR-US: SAP HANA
-CVE-2015-7988 (The handle_regservice_request function in mDNSResponder before ...)
+CVE-2015-7988
 	NOT-FOR-US: mDNSResponder
-CVE-2015-7987 (Multiple buffer overflows in mDNSResponder before 625.41.2 allow ...)
+CVE-2015-7987
 	NOT-FOR-US: mDNSResponder
-CVE-2015-7986 (The index server (hdbindexserver) in SAP HANA 1.00.095 allows remote ...)
+CVE-2015-7986
 	NOT-FOR-US: SAP
-CVE-2015-7985 (Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) ...)
+CVE-2015-7985
 	- steam <not-affected> (specific to the steam installor on windows)
-CVE-2015-8019 (The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c ...)
+CVE-2015-8019
 	- linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/11
@@ -4301,33 +4301,33 @@ CVE-2015-7983
 	RESERVED
 CVE-2015-7982
 	RESERVED
-CVE-2015-7980 (Cross-site scripting (XSS) vulnerability in the Compass Rose module ...)
+CVE-2015-7980
 	NOT-FOR-US: Drupal addon Compass Rose
-CVE-2015-7990 (Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the ...)
+CVE-2015-7990
 	{DSA-3396-1 DLA-360-1}
 	- linux 4.2.6-1
 	- linux-2.6 <removed>
 	NOTE: https://lkml.org/lkml/2015/10/16/530
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/5
-CVE-2015-7979 (NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to ...)
+CVE-2015-7979
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2942
 	NOTE: https://github.com/ntp-project/ntp/commit/fe46889f7baa75fc8e6c0fcde87706d396ce1461
-CVE-2015-7978 (NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers ...)
+CVE-2015-7978
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2940
 	NOTE: https://github.com/ntp-project/ntp/commit/8a0c765f3c47633fa262356b0818788d1cf249b1
-CVE-2015-7977 (ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote ...)
+CVE-2015-7977
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2939
 	NOTE: https://github.com/ntp-project/ntp/commit/8a0c765f3c47633fa262356b0818788d1cf249b1
-CVE-2015-7976 (The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, ...)
+CVE-2015-7976
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue, mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
@@ -4335,41 +4335,41 @@ CVE-2015-7976 (The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2938
 	NOTE: https://github.com/ntp-project/ntp/commit/3680c2e4d5f88905ce062c7b43305d610a2c9796
 	NOTE: https://github.com/ntp-project/ntp/commit/7fe04606062ed674db3b9553d32dedad29504d61
-CVE-2015-7975 (The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 ...)
+CVE-2015-7975
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <not-affected> (Introduced in 4.2.8)
 	[wheezy] - ntp <not-affected> (Introduced in 4.2.8)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2937
-CVE-2015-7974 (NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer ...)
+CVE-2015-7974
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2936
-CVE-2015-7973 (NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in ...)
+CVE-2015-7973
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
 	[wheezy] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2935
-CVE-2015-7972 (The (1) libxl_set_memory_target function in tools/libxl/libxl.c and ...)
+CVE-2015-7972
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-153.html
-CVE-2015-7971 (Xen 3.2.x through 4.6.x does not limit the number of printk console ...)
+CVE-2015-7971
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-152.html
-CVE-2015-7970 (The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen ...)
+CVE-2015-7970
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-150.html
-CVE-2015-7969 (Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest ...)
+CVE-2015-7969
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
@@ -4377,19 +4377,19 @@ CVE-2015-7969 (Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest
 	NOTE: http://xenbits.xen.org/xsa/advisory-151.html
 CVE-2015-7968
 	RESERVED
-CVE-2015-7967 (SafeNet Authentication Service for Citrix Web Interface Agent uses a ...)
+CVE-2015-7967
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7966 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
+CVE-2015-7966
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7965 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
+CVE-2015-7965
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7964 (SafeNet Authentication Service for NPS Agent uses a weak ACL for ...)
+CVE-2015-7964
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7963 (SafeNet Authentication Service for AD FS Agent uses a weak ACL for ...)
+CVE-2015-7963
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7962 (SafeNet Authentication Service for Outlook Web App Agent uses a weak ...)
+CVE-2015-7962
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7961 (SafeNet Authentication Service Remote Web Workplace Agent uses a weak ...)
+CVE-2015-7961
 	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7960
 	REJECTED
@@ -4421,7 +4421,7 @@ CVE-2015-7947
 	REJECTED
 CVE-2015-7946
 	RESERVED
-CVE-2015-7945 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti ...)
+CVE-2015-7945
 	{DSA-3431-1}
 	- ganeti 2.15.2-1 (bug #809538)
 	[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
@@ -4430,27 +4430,27 @@ CVE-2015-7945 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6e94ad76446904961744f9b0826414a5e4120693
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6d44be24c50944fc35de7a490bc836938a82e1df
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6f9ba80f8312d5607da70841f698c49000a31126
-CVE-2015-7944 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti ...)
+CVE-2015-7944
 	{DSA-3431-1}
 	- ganeti 2.15.2-1 (bug #809537)
 	[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-012.html
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=201fcb916b8164c78f4ed8e0c9cfc0227a78684c
-CVE-2015-9261 (huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before ...)
+CVE-2015-9261
 	{DLA-1445-1 DLA-337-1}
 	- busybox 1:1.27.2-1 (bug #803097)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/25/3
 	NOTE: http://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e
 	NOTE: https://git.busybox.net/busybox/commit/archival/libarchive/decompress_gunzip.c?id=6bd3fff51aa74e2ee2d87887b12182a3b09792ef
-CVE-2015-7995 (The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does ...)
+CVE-2015-7995
 	{DSA-3605-1 DLA-514-1}
 	- libxslt 1.1.28-2.1 (bug #802971)
 	[squeeze] - libxslt <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1257962
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/10
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617 (v1.1.29-rc1)
-CVE-2015-8982 (Integer overflow in the strxfrm function in the GNU C Library (aka ...)
+CVE-2015-8982
 	- glibc 2.21-1 (bug #803927)
 	[jessie] - glibc 2.19-18+deb8u2
 	[wheezy] - eglibc 2.13-38+deb7u9
@@ -4460,7 +4460,7 @@ CVE-2015-8982 (Integer overflow in the strxfrm function in the GNU C Library (ak
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16009
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=0f9e585480ed
 	NOTE: http://openwall.com/lists/oss-security/2015/09/08/2
-CVE-2015-8026 (Heap-based buffer overflow in the verify_vbr_checksum function in ...)
+CVE-2015-8026
 	- exfat-utils 1.2.1-1
 	[jessie] - exfat-utils 1.1.0-2+deb8u1
 	[wheezy] - exfat-utils 0.9.7-2+deb7u1
@@ -4481,7 +4481,7 @@ CVE-2015-XXXX [Endlees loop issue]
 	NOTE: https://crashes.fuzzing-project.org/exfatfsck-endless-loop
 	NOTE: https://github.com/relan/exfat/commit/35a1f77f9be2d8b21731f758baba4334935bf18b
 	NOTE: will possibly not get a CVE, cf. http://www.openwall.com/lists/oss-security/2015/10/29/13
-CVE-2015-8010 (Cross-site scripting (XSS) vulnerability in the Classic-UI with the ...)
+CVE-2015-8010
 	- icinga 1.13.3-3 (bug #803432)
 	[jessie] - icinga <no-dsa> (Minor issue)
 	[wheezy] - icinga <no-dsa> (Minor issue)
@@ -4490,172 +4490,172 @@ CVE-2015-8010 (Cross-site scripting (XSS) vulnerability in the Classic-UI with t
 	NOTE: Upstream issue: https://dev.icinga.org/issues/10453
 	NOTE: Upstream fix: https://dev.icinga.org/projects/icinga-core/repository/revisions/5c816f5d9352c373e9dadb95b63612a96cf96dff
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/23/15
-CVE-2015-7981 (The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before ...)
+CVE-2015-7981
 	{DSA-3399-1 DLA-343-1}
 	- libpng 1.2.54-1 (bug #803078)
 	NOTE: http://sourceforge.net/p/libpng/bugs/241/
 	NOTE: http://sourceforge.net/p/libpng/code/ci/fbf0f024346ca0a4ffc64b082a95c6b6bb6d29c4/
-CVE-2015-7939 (Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before ...)
+CVE-2015-7939
 	NOT-FOR-US: Unitronics
-CVE-2015-7938 (Advantech EKI-132x devices with firmware before 2015-12-31 allow ...)
+CVE-2015-7938
 	NOT-FOR-US: Advantech
-CVE-2015-7937 (Stack-based buffer overflow in the GoAhead Web Server on Schneider ...)
+CVE-2015-7937
 	NOT-FOR-US: Schneider Electric
-CVE-2015-7936 (Cross-site request forgery (CSRF) vulnerability in Motorola Solutions ...)
+CVE-2015-7936
 	NOT-FOR-US: Motorola Solutions MOSCAD IP Gateway
-CVE-2015-7935 (Motorola Solutions MOSCAD IP Gateway allows remote attackers to read ...)
+CVE-2015-7935
 	NOT-FOR-US: Motorola Solutions MOSCAD IP Gateway
-CVE-2015-7934 (The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station ...)
+CVE-2015-7934
 	NOT-FOR-US: Adcon
 CVE-2015-7933
 	RESERVED
-CVE-2015-7932 (Adcon Telemetry A840 Telemetry Gateway Base Station allows remote ...)
+CVE-2015-7932
 	NOT-FOR-US: Adcon
-CVE-2015-7931 (The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station ...)
+CVE-2015-7931
 	NOT-FOR-US: Adcon
-CVE-2015-7930 (Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded ...)
+CVE-2015-7930
 	NOT-FOR-US: Adcon
-CVE-2015-7929 (eWON devices with firmware through 10.1s0 support unspecified GET ...)
+CVE-2015-7929
 	NOT-FOR-US: eWON devices
-CVE-2015-7928 (eWON devices with firmware before 10.1s0 do not have an off ...)
+CVE-2015-7928
 	NOT-FOR-US: eWON devices
-CVE-2015-7927 (Cross-site scripting (XSS) vulnerability on eWON devices with firmware ...)
+CVE-2015-7927
 	NOT-FOR-US: eWON devices
-CVE-2015-7926 (eWON devices with firmware before 10.1s0 omit RBAC for I/O server ...)
+CVE-2015-7926
 	NOT-FOR-US: eWON devices
-CVE-2015-7925 (Cross-site request forgery (CSRF) vulnerability on eWON devices with ...)
+CVE-2015-7925
 	NOT-FOR-US: eWON devices
-CVE-2015-7924 (eWON devices with firmware before 10.1s0 do not trigger the discarding ...)
+CVE-2015-7924
 	NOT-FOR-US: eWON devices
-CVE-2015-7923 (Westermo WeOS before 4.19.0 uses the same SSL private key across ...)
+CVE-2015-7923
 	NOT-FOR-US: Westermo
 CVE-2015-7922
 	REJECTED
-CVE-2015-7921 (The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV ...)
+CVE-2015-7921
 	NOT-FOR-US: Pro-face GP-Pro EX EX-ED
 CVE-2015-7920
 	REJECTED
-CVE-2015-7919 (SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the ...)
+CVE-2015-7919
 	NOT-FOR-US: SearchBlox
-CVE-2015-7918 (Multiple buffer overflows in the F1BookView ActiveX control in F1 ...)
+CVE-2015-7918
 	NOT-FOR-US: F1BookView
-CVE-2015-7917 (Untrusted search path vulnerability in Open Automation OPC Systems.NET ...)
+CVE-2015-7917
 	NOT-FOR-US: Open Automation OPC Systems.NET
-CVE-2015-7916 (Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 ...)
+CVE-2015-7916
 	NOT-FOR-US: Sauter
-CVE-2015-7915 (Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext ...)
+CVE-2015-7915
 	NOT-FOR-US: Sauter
-CVE-2015-7914 (Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote ...)
+CVE-2015-7914
 	NOT-FOR-US: Sauter
-CVE-2015-7913 (ag_server_service.exe in the AggreGate Server Service in Tibbo ...)
+CVE-2015-7913
 	NOT-FOR-US: AggreGate
-CVE-2015-7912 (The Ice Faces servlet in ag_server_service.exe in the AggreGate Server ...)
+CVE-2015-7912
 	NOT-FOR-US: AggreGate
-CVE-2015-7911 (Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, ...)
+CVE-2015-7911
 	NOT-FOR-US: Saia Burgess devices
-CVE-2015-7910 (Exemys Telemetry Web Server relies on an HTTP Location header to ...)
+CVE-2015-7910
 	NOT-FOR-US: Exemys
-CVE-2015-7909 (Stack-based buffer overflow in Hospira Communication Engine (CE) ...)
+CVE-2015-7909
 	NOT-FOR-US: Hospira
-CVE-2015-7908 (Honeywell Midas gas detectors before 1.13b3 and Midas Black gas ...)
+CVE-2015-7908
 	NOT-FOR-US: Honeywell Midas gas detectors and Midas Black gas detectors
-CVE-2015-7907 (Directory traversal vulnerability in the web server on Honeywell Midas ...)
+CVE-2015-7907
 	NOT-FOR-US: Honeywell Midas gas detectors and Midas Black gas detectors
-CVE-2015-7906 (LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices ...)
+CVE-2015-7906
 	NOT-FOR-US: LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices
-CVE-2015-7905 (Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to ...)
+CVE-2015-7905
 	NOT-FOR-US: Unitronics
-CVE-2015-7904 (Unrestricted file upload vulnerability in Infinite Automation Mango ...)
+CVE-2015-7904
 	NOT-FOR-US: Mango Automation
-CVE-2015-7903 (SQL injection vulnerability in Infinite Automation Mango Automation ...)
+CVE-2015-7903
 	NOT-FOR-US: Mango Automation
-CVE-2015-7902 (Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 ...)
+CVE-2015-7902
 	NOT-FOR-US: Mango Automation
-CVE-2015-7901 (Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 ...)
+CVE-2015-7901
 	NOT-FOR-US: Mango Automation
-CVE-2015-7900 (Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 ...)
+CVE-2015-7900
 	NOT-FOR-US: Mango Automation
-CVE-2015-7898 (Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a ...)
+CVE-2015-7898
 	NOT-FOR-US: Samsung
-CVE-2015-7897 (The media scanning functionality in the face recognition library in ...)
+CVE-2015-7897
 	NOT-FOR-US: Samsung
-CVE-2015-7896 (LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows ...)
+CVE-2015-7896
 	NOT-FOR-US: Samsung
-CVE-2015-7895 (Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a ...)
+CVE-2015-7895
 	NOT-FOR-US: Samsung
-CVE-2015-7894 (The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V ...)
+CVE-2015-7894
 	NOT-FOR-US: Samsung
-CVE-2015-7893 (SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, ...)
+CVE-2015-7893
 	NOT-FOR-US: Samsung
 CVE-2015-7892
 	RESERVED
-CVE-2015-7891 (Race condition in the ioctl implementation in the Samsung Graphics 2D ...)
+CVE-2015-7891
 	NOT-FOR-US: Samsung Graphics 2D driver on Samsung devices with Android
 CVE-2015-7890
 	RESERVED
-CVE-2015-7889 (The SecEmailComposer/EmailComposer application in the Samsung S6 Edge ...)
+CVE-2015-7889
 	NOT-FOR-US: Samsung
-CVE-2015-7888 (Directory traversal vulnerability in the WifiHs20UtilityService on the ...)
+CVE-2015-7888
 	NOT-FOR-US: WifiHs20UtilityService on Samsung S6 Edge LRX22G.G925VVRU1AOE2
-CVE-2015-7887 (NetApp SnapCenter Server 1.0 allows remote authenticated users to list ...)
+CVE-2015-7887
 	NOT-FOR-US: NetApp SnapCenter Server
-CVE-2015-7886 (NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are ...)
+CVE-2015-7886
 	NOT-FOR-US: NetApp
-CVE-2015-7899 (The com_content component in Joomla! 3.x before 3.4.5 does not ...)
+CVE-2015-7899
 	NOT-FOR-US: Joomla!
 CVE-2015-7883
 	RESERVED
 CVE-2015-7882
 	RESERVED
-CVE-2015-7881 (The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote ...)
+CVE-2015-7881
 	NOT-FOR-US: Colorbox module for Drupal
-CVE-2015-7880 (The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal ...)
+CVE-2015-7880
 	NOT-FOR-US: Entity Registration module for Drupal
-CVE-2015-7879 (Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x ...)
+CVE-2015-7879
 	NOT-FOR-US: Stickynote module for Drupal
-CVE-2015-7878 (Cross-site scripting (XSS) vulnerability in the Taxonomy Find module ...)
+CVE-2015-7878
 	NOT-FOR-US: Taxonomy Find module for Drupal
-CVE-2015-7877 (Multiple SQL injection vulnerabilities in the User Dashboard module ...)
+CVE-2015-7877
 	NOT-FOR-US: User Dashboard module for Drupal
-CVE-2015-7876 (The escapeLike function in sqlsrv/database.inc in the Drupal 7 driver ...)
+CVE-2015-7876
 	NOT-FOR-US: Driver for SQL Server and SQL Azure module for Drupal
-CVE-2015-7875 (ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal ...)
+CVE-2015-7875
 	NOT-FOR-US: Ctools module for Drupal
 CVE-2015-7874
 	RESERVED
-CVE-2015-7873 (The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 ...)
+CVE-2015-7873
 	{DSA-3382-1}
 	- phpmyadmin 4:4.5.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2015-7943 (Open redirect vulnerability in the Overlay module in Drupal 7.x before ...)
+CVE-2015-7943
 	{DLA-548-1}
 	- drupal7 7.41-1
 	[jessie] - drupal7 7.32-1+deb8u9
 	NOTE: https://www.drupal.org/SA-CORE-2015-004
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/21/6
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=9f72251c9291b5613acb9ca4ea7a51b4739e3f93
-CVE-2015-7885 (The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in ...)
+CVE-2015-7885
 	- linux 4.4.2-1 (unimportant)
 	NOTE: dgnc driver not built
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05
-CVE-2015-7884 (The vivid_fb_ioctl function in ...)
+CVE-2015-7884
 	- linux 4.2.6-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c (v4.4-rc1)
-CVE-2015-7871 (Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x ...)
+CVE-2015-7871
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/aa44b5835d69d8ee031736bb8ee2730a514edb7d
 CVE-2015-7870
 	RESERVED
-CVE-2015-7869 (Multiple integer overflows in the kernel mode driver for the NVIDIA ...)
+CVE-2015-7869
 	- nvidia-graphics-drivers 352.63-1 (bug #805917)
 	[jessie] - nvidia-graphics-drivers 340.96-1
 	[wheezy] - nvidia-graphics-drivers 304.131-1
@@ -4667,48 +4667,48 @@ CVE-2015-7868
 	RESERVED
 CVE-2015-7867
 	RESERVED
-CVE-2015-7866 (Unquoted Windows search path vulnerability in the Smart Maximize ...)
+CVE-2015-7866
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2015-7865 (nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA ...)
+CVE-2015-7865
 	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2015-7864
 	RESERVED
-CVE-2015-7863 (The default configuration of Persistent Accelerite Radia Client ...)
+CVE-2015-7863
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7862 (Persistent Accelerite Radia Client Automation (formerly HP Client ...)
+CVE-2015-7862
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7861 (Persistent Accelerite Radia Client Automation (formerly HP Client ...)
+CVE-2015-7861
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7860 (Stack-based buffer overflow in the agent in Persistent Accelerite ...)
+CVE-2015-7860
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7859 (The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not ...)
+CVE-2015-7859
 	NOT-FOR-US: Joomla!
-CVE-2015-7858 (SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote ...)
+CVE-2015-7858
 	NOT-FOR-US: Joomla!
-CVE-2015-7857 (SQL injection vulnerability in the getListQuery function in ...)
+CVE-2015-7857
 	NOT-FOR-US: Joomla!
-CVE-2015-7856 (OpenNMS has a default password of rtc for the rtc account, which makes ...)
+CVE-2015-7856
 	NOT-FOR-US: OpenNMS
-CVE-2015-7855 (The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and ...)
+CVE-2015-7855
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/ba716a464ecb20618560075f2e4e1051e5b6f24f
-CVE-2015-7854 (Buffer overflow in the password management functionality in NTP 4.2.x ...)
+CVE-2015-7854
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/1bb401576f412532d8cdcca5509b85ad29605913
-CVE-2015-7853 (The datalen parameter in the refclock driver in NTP 4.2.x before ...)
+CVE-2015-7853
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/8482b536f9494a5d45196ab5b7e13040f5940261
-CVE-2015-7852 (ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows ...)
+CVE-2015-7852
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
@@ -4722,40 +4722,40 @@ CVE-2015-7851
 	[squeeze] - ntp <no-dsa> (Vulnerability only affects VMS)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/184516e143ce4448ddb5b9876dd372008cc779f6
-CVE-2015-7850 (ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows ...)
+CVE-2015-7850
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/bb928ef08eec020ef6008f3a140702ccc0536b8e
-CVE-2015-7849 (Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and ...)
+CVE-2015-7849
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/9c22e66c8f2be6aa0c846f0d9804db20f93c105d
-CVE-2015-7848 (An integer overflow can occur in NTP-dev.4.3.70 leading to an ...)
+CVE-2015-7848
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.7p131)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p131)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p131)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/c04c3d3d940dfe1a53132925c4f51aef017d2e0f
-CVE-2015-7847 (Huawei MBB (Mobile Broadband) product E3272s with software versions ...)
+CVE-2015-7847
 	NOT-FOR-US: Huawei
-CVE-2015-7846 (Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, ...)
+CVE-2015-7846
 	NOT-FOR-US: Huawei
-CVE-2015-7845 (The exception handling mechanism in the CLI Module in Huawei eSpace ...)
+CVE-2015-7845
 	NOT-FOR-US: Huawei
-CVE-2015-7844 (Huawei FusionAccess with software V100R005C10,V100R005C20 could allow ...)
+CVE-2015-7844
 	NOT-FOR-US: Huawei
-CVE-2015-7843 (The management interface on Huawei FusionServer rack servers RH2288 V3 ...)
+CVE-2015-7843
 	NOT-FOR-US: Huawei
-CVE-2015-7842 (Huawei FusionServer rack servers RH2288 V3 with software before ...)
+CVE-2015-7842
 	NOT-FOR-US: Huawei
-CVE-2015-7841 (The login page of the server on Huawei FusionServer rack servers ...)
+CVE-2015-7841
 	NOT-FOR-US: Huawei
-CVE-2015-7872 (The key_gc_unused_keys function in security/keys/gc.c in the Linux ...)
+CVE-2015-7872
 	{DSA-3396-1}
 	- linux 4.2.5-1
 	- linux-2.6 <removed>
@@ -4765,34 +4765,34 @@ CVE-2015-7872 (The key_gc_unused_keys function in security/keys/gc.c in the Linu
 	NOTE: Patches from Fedora: http://pkgs.fedoraproject.org/cgit/kernel.git/commit/?id=d76d5fe34b5c151ad83761160998b1075729b541
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61 (v4.3-rc7)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/20/5
-CVE-2015-8013 (s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of ...)
+CVE-2015-8013
 	- libjs-openpgp <itp> (bug #787774)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/13/7
-CVE-2015-7840 (The command line management console (CMC) in SolarWinds Log and Event ...)
+CVE-2015-7840
 	NOT-FOR-US: SolarWinds
-CVE-2015-7839 (SolarWinds Log and Event Manager (LEM) allows remote attackers to ...)
+CVE-2015-7839
 	NOT-FOR-US: SolarWinds
-CVE-2015-7838 (ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows ...)
+CVE-2015-7838
 	NOT-FOR-US: SolarWinds
-CVE-2015-7837 (The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, ...)
+CVE-2015-7837
 	- linux 4.5.1-1 (unimportant)
 	NOTE: secureboot not yet supported in the Debian package in 4.3
 	NOTE: https://github.com/mjg59/linux/commit/4b2b64d5a6ebc84214755ebccd599baef7c1b798
 	NOTE: Fix is included in 4.5.1-1 with the patches/features/all/securelevel/kexec-uefi-copy-secure_boot-flag-in-boot-params-acro.patch
-CVE-2015-7836 (Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain ...)
+CVE-2015-7836
 	NOT-FOR-US: Siemens
-CVE-2015-7835 (The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x ...)
+CVE-2015-7835
 	{DSA-3390-1}
 	- xen 4.6.0-1
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-148.html
-CVE-2015-7834 (Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as ...)
+CVE-2015-7834
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-7833 (The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 ...)
+CVE-2015-7833
 	{DSA-3426-1 DSA-3396-1 DLA-360-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -4803,58 +4803,58 @@ CVE-2015-7832
 	RESERVED
 CVE-2015-7831
 	RESERVED
-CVE-2015-7829 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-7829
 	NOT-FOR-US: Adobe
-CVE-2015-7828 (SAP HANA Database 1.00 SPS10 and earlier do not require ...)
+CVE-2015-7828
 	NOT-FOR-US: SAP HANA
-CVE-2015-7827 (Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for ...)
+CVE-2015-7827
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.13-1 (bug #817932)
 	NOTE: Fixed in 1.11.22 and 1.10.13. Affected all previous versions.
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7826 (botan 1.11.x before 1.11.22 improperly handles wildcard matching ...)
+CVE-2015-7826
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.22
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7825 (botan before 1.11.22 improperly validates certificate paths, which ...)
+CVE-2015-7825
 	- botan1.10 <not-affected> (Introduced in 1.11.6)
 	NOTE: Introduced in 1.11.6, fixed in 1.11.22
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7824 (botan 1.11.x before 1.11.22 makes it easier for remote attackers to ...)
+CVE-2015-7824
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.22
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7823 (Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS ...)
+CVE-2015-7823
 	NOT-FOR-US: Kentico CMS
-CVE-2015-7822 (Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 ...)
+CVE-2015-7822
 	NOT-FOR-US: Kentico CMS
 CVE-2015-7821
 	RESERVED
-CVE-2015-7820 (Race condition in the administration-panel web service in IBM System ...)
+CVE-2015-7820
 	NOT-FOR-US: IBM
-CVE-2015-7819 (The DB service in IBM System Networking Switch Center (SNSC) before ...)
+CVE-2015-7819
 	NOT-FOR-US: IBM
-CVE-2015-7818 (The administration-panel web service in IBM System Networking Switch ...)
+CVE-2015-7818
 	NOT-FOR-US: IBM
-CVE-2015-7817 (Race condition in the administration-panel web service in IBM System ...)
+CVE-2015-7817
 	NOT-FOR-US: IBM
-CVE-2015-7816 (The DisplayTopKeywords function in plugins/Referrers/Controller.php in ...)
+CVE-2015-7816
 	- piwik <itp> (bug #448532)
-CVE-2015-7815 (Directory traversal vulnerability in core/ViewDataTable/Factory.php in ...)
+CVE-2015-7815
 	- piwik <itp> (bug #448532)
-CVE-2015-7814 (Race condition in the relinquish_memory function in arch/arm/domain.c ...)
+CVE-2015-7814
 	{DSA-3414-1}
 	- xen 4.6.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-147.html
 	[wheezy] - xen <not-affected> (arm not yet supported)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
-CVE-2015-7813 (Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk ...)
+CVE-2015-7813
 	{DSA-3414-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <not-affected> (arm not yet supported)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-146.html
-CVE-2015-7812 (The hypercall_create_continuation function in arch/arm/domain.c in Xen ...)
+CVE-2015-7812
 	{DSA-3414-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <not-affected> (arm not yet supported)
@@ -4884,7 +4884,7 @@ CVE-2015-XXXX [cakephp: XML class SSRF vulnerability]
 	NOTE: Workaround entry for DLA-333-1 and DLA-566-1 until/if CVE assigned
 	NOTE: http://seclists.org/fulldisclosure/2015/Oct/70
 	NOTE: https://github.com/cakephp/cakephp/releases/tag/2.6.6
-CVE-2015-7830 (The pcapng_read_if_descr_block function in wiretap/pcapng.c in the ...)
+CVE-2015-7830
 	{DSA-3505-1}
 	- wireshark 1.12.8+g5b6e543-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
@@ -4902,28 +4902,28 @@ CVE-2015-7810
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/13/6
 	NOTE: No reply, so we'll just use the same ID
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=959434
-CVE-2015-7808 (The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 ...)
+CVE-2015-7808
 	NOT-FOR-US: vBulletin
 CVE-2015-7807
 	RESERVED
-CVE-2015-7806 (Eval injection vulnerability in the fm_saveHelperGatherItems function ...)
+CVE-2015-7806
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-7805 (Heap-based buffer overflow in libsndfile 1.0.25 allows remote ...)
+CVE-2015-7805
 	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804445)
 	[jessie] - libsndfile 1.0.25-9.1+deb8u1
 	NOTE: http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
 	NOTE: https://www.exploit-db.com/exploits/38447/
-CVE-2015-7802 (gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote ...)
+CVE-2015-7802
 	- optipng 0.7.6-1 (unimportant; bug #801700)
 	NOTE: Not a security flaw as the under-read does not depend on input
-CVE-2015-7801 (Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers ...)
+CVE-2015-7801
 	{DLA-332-1}
 	- optipng 0.7.5-1
 	[wheezy] - optipng 0.6.4-1+deb7u1
 CVE-2015-7800
 	RESERVED
-CVE-2015-7799 (The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel ...)
+CVE-2015-7799
 	{DSA-3426-1 DLA-360-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -4931,127 +4931,127 @@ CVE-2015-7799 (The slhc_init function in drivers/net/slip/slhc.c in the Linux ke
 	NOTE: DoS, requires access to /dev/ppp which is root-only by default
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0baa57d8dc32db78369d8b5176ef56c5e2e18ab3
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ab42d78e37a294ac7bc56901d563c642e03c4ae
-CVE-2015-7798 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 ...)
+CVE-2015-7798
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7797 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 ...)
+CVE-2015-7797
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7796 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 ...)
+CVE-2015-7796
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7795 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 ...)
+CVE-2015-7795
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7794 (Corega CG-WLNCM4G devices provide an open DNS resolver, which allows ...)
+CVE-2015-7794
 	NOT-FOR-US: Corega
-CVE-2015-7793 (Corega CG-WLBARAGM devices provide an open proxy service, which allows ...)
+CVE-2015-7793
 	NOT-FOR-US: Corega
-CVE-2015-7792 (Corega CG-WLBARGS devices allow remote attackers to perform ...)
+CVE-2015-7792
 	NOT-FOR-US: Corega
-CVE-2015-7791 (Multiple SQL injection vulnerabilities in admin.php in the Collne ...)
+CVE-2015-7791
 	NOT-FOR-US: Collne Welcart plugin for WordPress
-CVE-2015-7790 (Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL ...)
+CVE-2015-7790
 	NOT-FOR-US: ASUS
-CVE-2015-7789 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow ...)
+CVE-2015-7789
 	NOT-FOR-US: ASUS
-CVE-2015-7788 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow ...)
+CVE-2015-7788
 	NOT-FOR-US: ASUS
-CVE-2015-7787 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow ...)
+CVE-2015-7787
 	NOT-FOR-US: ASUS
-CVE-2015-7786 (Cross-site scripting (XSS) vulnerability in the NTT DATA Smart ...)
+CVE-2015-7786
 	NOT-FOR-US: NTT DATA
-CVE-2015-7785 (GANMA! App for iOS does not verify SSL certificates. ...)
+CVE-2015-7785
 	NOT-FOR-US: GANMA! App for iOS
-CVE-2015-7784 (SQL injection vulnerability in the BOKUBLOCK (1) ...)
+CVE-2015-7784
 	NOT-FOR-US: BOKUBLOCK
-CVE-2015-7783 (Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before ...)
+CVE-2015-7783
 	NOT-FOR-US: p++BBS
-CVE-2015-7782 (Cross-site scripting (XSS) vulnerability in Let's PHP! Frame ...)
+CVE-2015-7782
 	NOT-FOR-US: Let's PHP!
-CVE-2015-7781 (ManageEngine Firewall Analyzer before 8.0 does not restrict access ...)
+CVE-2015-7781
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2015-7780 (Directory traversal vulnerability in ManageEngine Firewall Analyzer ...)
+CVE-2015-7780
 	NOT-FOR-US: ManageEngine Firewall Analyzer
 CVE-2015-7779
 	REJECTED
-CVE-2015-7778 (Gurunavi App for iOS before 6.0.0 does not verify SSL certificates ...)
+CVE-2015-7778
 	NOT-FOR-US: Gurunavi App for iOS
-CVE-2015-7777 (Cross-site scripting (XSS) vulnerability in index.php in JosephErnest ...)
+CVE-2015-7777
 	NOT-FOR-US: JosephErnest Void
-CVE-2015-7776 (Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict ...)
+CVE-2015-7776
 	NOT-FOR-US: Cybozu
-CVE-2015-7775 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows ...)
+CVE-2015-7775
 	NOT-FOR-US: Cybozu
-CVE-2015-7774 (PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows ...)
+CVE-2015-7774
 	NOT-FOR-US: PC-EGG
-CVE-2015-7773 (Unrestricted file upload vulnerability in the Panel component in ...)
+CVE-2015-7773
 	NOT-FOR-US: Bastian Allgeier Kirby
-CVE-2015-7772 (Cross-site scripting (XSS) vulnerability in the runtime engine in the ...)
+CVE-2015-7772
 	NOT-FOR-US: Newphoria
-CVE-2015-7771 (Cross-site scripting (XSS) vulnerability in the runtime engine in the ...)
+CVE-2015-7771
 	NOT-FOR-US: Newphoria
-CVE-2015-7770 (Dell SonicWall TotalSecure TZ 100 devices with firmware before ...)
+CVE-2015-7770
 	NOT-FOR-US: Dell
-CVE-2015-7769 (baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to ...)
+CVE-2015-7769
 	NOT-FOR-US: baserCMS
-CVE-2015-7768 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...)
+CVE-2015-7768
 	NOT-FOR-US: Konica Minolta
-CVE-2015-7767 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...)
+CVE-2015-7767
 	NOT-FOR-US: Konica Minolta
-CVE-2015-7766 (PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and ...)
+CVE-2015-7766
 	NOT-FOR-US: ZOHO
-CVE-2015-7765 (ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a ...)
+CVE-2015-7765
 	NOT-FOR-US: ZOHO
-CVE-2015-7809 (The displayBlock function Template.php in Sensio Labs Twig before ...)
+CVE-2015-7809
 	{DSA-3343-1}
 	- twig 1.20.0-1
 	NOTE: http://symfony.com/blog/security-release-twig-1-20-0
-CVE-2015-7804 (Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c ...)
+CVE-2015-7804
 	{DSA-3380-1 DLA-341-1}
 	- php5 5.6.14+dfsg-1 (medium)
 	NOTE: https://bugs.php.net/bug.php?id=70433
-CVE-2015-7803 (The phar_get_entry_data function in ext/phar/util.c in PHP before ...)
+CVE-2015-7803
 	{DSA-3380-1 DLA-341-1}
 	- php5 5.6.14+dfsg-1 (low)
 	NOTE: https://bugs.php.net/bug.php?id=69720
-CVE-2015-7764 (Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting ...)
+CVE-2015-7764
 	- lemur <itp> (bug #809533)
-CVE-2015-7763 (rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and ...)
+CVE-2015-7763
 	{DSA-3387-1 DLA-342-1}
 	- openafs 1.6.15-1
 	NOTE: https://www.openafs.org/security
-CVE-2015-7762 (rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not ...)
+CVE-2015-7762
 	{DSA-3387-1 DLA-342-1}
 	- openafs 1.6.15-1
 	NOTE: https://www.openafs.org/security
-CVE-2015-7761 (Mail in Apple OS X before 10.11 does not properly recognize user ...)
+CVE-2015-7761
 	NOT-FOR-US: Apple
-CVE-2015-7760 (libxpc in launchd in Apple OS X before 10.11 does not restrict the ...)
+CVE-2015-7760
 	NOT-FOR-US: Apple
-CVE-2015-7759 (BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM ...)
+CVE-2015-7759
 	NOT-FOR-US: BIG-IP
 CVE-2015-7757
 	REJECTED
-CVE-2015-7756 (The encryption implementation in Juniper ScreenOS 6.2.0r15 through ...)
+CVE-2015-7756
 	NOT-FOR-US: Juniper ScreenOS
-CVE-2015-7755 (Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, ...)
+CVE-2015-7755
 	NOT-FOR-US: Juniper ScreenOS
-CVE-2015-7754 (Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and ...)
+CVE-2015-7754
 	NOT-FOR-US: Juniper
 CVE-2015-7753
 	RESERVED
-CVE-2015-7752 (The SSH server in Juniper Junos OS before 12.1X44-D50, 12.1X46 before ...)
+CVE-2015-7752
 	NOT-FOR-US: Juniper
-CVE-2015-7751 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, ...)
+CVE-2015-7751
 	NOT-FOR-US: Juniper
-CVE-2015-7750 (The L2TP packet processing functionality in Juniper Netscreen and ...)
+CVE-2015-7750
 	NOT-FOR-US: Juniper
-CVE-2015-7749 (The PFE daemon in Juniper vSRX virtual firewalls with Junos OS before ...)
+CVE-2015-7749
 	NOT-FOR-US: Juniper
-CVE-2015-7748 (Juniper chassis with Trio (Trinity) chipset line cards and Junos OS ...)
+CVE-2015-7748
 	NOT-FOR-US: Juniper
-CVE-2015-7746 (NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows ...)
+CVE-2015-7746
 	NOT-FOR-US: NetApp
 CVE-2015-7745
 	RESERVED
-CVE-2015-7744 (wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults ...)
+CVE-2015-7744
 	- wolfssl 3.9.10+dfsg-1
 	- mysql-5.6 5.6.27-1
 	- mysql-5.5 5.5.46-0+deb8u1
@@ -5061,7 +5061,7 @@ CVE-2015-7744 (wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle f
 	- mariadb-10.0 10.0.22-1
 	[jessie] - mariadb-10.0 10.0.22-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2015-7743 (XML external entity vulnerability in PRTG Network Monitor before ...)
+CVE-2015-7743
 	NOT-FOR-US: PRTG Network Monitor
 CVE-2015-7742
 	RESERVED
@@ -5081,29 +5081,29 @@ CVE-2015-7734
 	RESERVED
 CVE-2015-7733
 	RESERVED
-CVE-2015-7732 (The Avira Mobile Security app before 1.5.11 for iOS sends sensitive ...)
+CVE-2015-7732
 	NOT-FOR-US: Avira Mobile Security app
 CVE-2015-7731
 	RESERVED
-CVE-2015-7730 (SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and ...)
+CVE-2015-7730
 	NOT-FOR-US: SAP BusinessObjects
-CVE-2015-7729 (Eval injection in test-net.xsjs in the Web-based Development Workbench ...)
+CVE-2015-7729
 	NOT-FOR-US: SAP HANA
-CVE-2015-7728 (Cross-site scripting (XSS) vulnerability in user creation in the ...)
+CVE-2015-7728
 	NOT-FOR-US: SAP HANA
-CVE-2015-7727 (Multiple SQL injection vulnerabilities in the Web-based Development ...)
+CVE-2015-7727
 	NOT-FOR-US: SAP HANA
-CVE-2015-7726 (Cross-site scripting (XSS) vulnerability in role deletion in the ...)
+CVE-2015-7726
 	NOT-FOR-US: SAP HANA
-CVE-2015-7725 (Multiple SQL injection vulnerabilities in the Web-based Development ...)
+CVE-2015-7725
 	NOT-FOR-US: SAP HANA
-CVE-2015-7724 (AMD fglrx-driver before 15.9 allows local users to gain privileges via ...)
+CVE-2015-7724
 	- fglrx-driver 1:15.9-1 (bug #803517)
 	[jessie] - fglrx-driver <no-dsa> (Non-free not supported)
 	[wheezy] - fglrx-driver <no-dsa> (non-free not supported)
 	[squeeze] - fglrx-driver <no-dsa> (non-free not supported)
 	NOTE: http://seclists.org/fulldisclosure/2015/Oct/103
-CVE-2015-7723 (AMD fglrx-driver before 15.7 allows local users to gain privileges via ...)
+CVE-2015-7723
 	- fglrx-driver 1:15.7-1 (bug #803517)
 	[jessie] - fglrx-driver <no-dsa> (Non-free not supported)
 	[wheezy] - fglrx-driver <no-dsa> (non-free not supported)
@@ -5117,38 +5117,38 @@ CVE-2015-7720
 	RESERVED
 CVE-2015-7719
 	RESERVED
-CVE-2015-7718 (mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before ...)
+CVE-2015-7718
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-7717 (mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before ...)
+CVE-2015-7717
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-7716 (libstagefright in Android 5.x before 5.1.1 LMY48T allows remote ...)
+CVE-2015-7716
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-7715 (Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL ...)
+CVE-2015-7715
 	NOT-FOR-US: Realtyna RPL for Joomla!
-CVE-2015-7714 (Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) ...)
+CVE-2015-7714
 	NOT-FOR-US: Realtyna RPL for Joomla!
-CVE-2015-7712 (Multiple eval injection vulnerabilities in ...)
+CVE-2015-7712
 	NOT-FOR-US: ATutor
-CVE-2015-7711 (Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor ...)
+CVE-2015-7711
 	NOT-FOR-US: ATutor
 CVE-2015-7710
 	RESERVED
-CVE-2015-7709 (The arkeiad daemon in the Arkeia Backup Agent in Western Digital ...)
+CVE-2015-7709
 	NOT-FOR-US: Western Digital
-CVE-2015-7708 (Cross-site scripting (XSS) vulnerability in 4images 1.7.11 and earlier ...)
+CVE-2015-7708
 	NOT-FOR-US: 4images
-CVE-2015-7707 (Ignite Realtime Openfire 3.10.2 allows remote authenticated users to ...)
+CVE-2015-7707
 	NOT-FOR-US: Ignite Realtime Openfire
-CVE-2015-7706 (Multiple cross-site scripting (XSS) vulnerabilities in Secure Data ...)
+CVE-2015-7706
 	NOT-FOR-US: Secure Data Space
-CVE-2015-7758 (Gummi 0.6.5 allows local users to write to arbitrary files via a ...)
+CVE-2015-7758
 	- gummi 0.6.5-6 (bug #756432)
 	[jessie] - gummi 0.6.5-3+deb8u1
 	[wheezy] - gummi 0.6.3-1.2+deb7u2
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/08/4
-CVE-2015-7740 (Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and ...)
+CVE-2015-7740
 	NOT-FOR-US: ARM Mali GPU driver
-CVE-2015-7545 (The (1) git-remote-ext and (2) unspecified other remote helper ...)
+CVE-2015-7545
 	{DSA-3435-1}
 	- git 1:2.6.1-1
 	[squeeze] - git <not-affected> (git 1.7.2 did not have git-remote-ext yet)
@@ -5160,7 +5160,7 @@ CVE-2015-7747 [When changing both sample format and number of channels, data get
 	[wheezy] - audiofile <no-dsa> (Minor issue)
 	[squeeze] - audiofile <not-affected> (Vulnerable code introduced later)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/2
-CVE-2015-7705 (The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before ...)
+CVE-2015-7705
 	- ntp 1:4.2.8p4+dfsg-3
 	[jessie] - ntp <no-dsa> (Default config not affected)
 	[wheezy] - ntp <no-dsa> (Default config not affected)
@@ -5170,42 +5170,42 @@ CVE-2015-7705 (The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x bef
 	NOTE: https://github.com/ntp-project/ntp/commit/492758c3d0690d3ccf7130fabfcf670997f12f7b
 	NOTE: Original fix was reported broken, then fixed in http://bugs.ntp.org/show_bug.cgi?id=2952 (4.2.8p7)
 	NOTE: Original upsteam bug: http://support.ntp.org/bin/view/Main/NtpBug2901
-CVE-2015-7704 (The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 ...)
+CVE-2015-7704
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-3
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: Original ntp fix applied in 1:4.2.8p4+dfsg-1for CVE-2015-7704 is apparently broken
 	NOTE: http://lists.ntp.org/pipermail/pool/2015-October/007631.html
-CVE-2015-7703 (The &quot;pidfile&quot; or &quot;driftfile&quot; directives in NTP ntpd 4.2.x before ...)
+CVE-2015-7703
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/5dea6ff160c7e8f7cb038619ccccd28c3a8df637
 	NOTE: https://github.com/ntp-project/ntp/commit/cdae0f1369ade98dc7ae912a0f1953b6e533cb88
-CVE-2015-7702 (The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and ...)
+CVE-2015-7702
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/c4cd4aaf418f57f7225708a93bf48afb2bc9c1da
-CVE-2015-7701 (Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before ...)
+CVE-2015-7701
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/d7cd5e186034340402f1393e0813c7d2b14ea6ca
 	NOTE: https://github.com/ntp-project/ntp/commit/79604d925e4477247eee202155215e7865293809
-CVE-2015-7700 (Double-free vulnerability in the sPLT chunk structure and png.c in ...)
+CVE-2015-7700
 	- pngcrush 1.8.13-0.1 (bug #874109)
 	[stretch] - pngcrush <no-dsa> (Minor issue)
 	[jessie] - pngcrush <no-dsa> (Minor issue)
 	[wheezy] - pngcrush <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/pmt/code/ci/e8ae5a842e86324f0bee91f4d98245fddb8ea5dd (1.7.87)
-CVE-2015-7697 (Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of ...)
+CVE-2015-7697
 	{DSA-3386-1 DLA-330-1}
 	- unzip 6.0-19 (bug #802160)
-CVE-2015-7696 (Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of ...)
+CVE-2015-7696
 	{DSA-3386-1 DLA-330-1}
 	- unzip 6.0-19 (bug #802162)
-CVE-2015-7695 (The PDO adapters in Zend Framework before 1.12.16 do not filer null ...)
+CVE-2015-7695
 	{DSA-3369-1 DLA-326-1}
 	- zendframework 1.12.16+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-08
@@ -5214,12 +5214,12 @@ CVE-2015-7694
 	RESERVED
 CVE-2015-7693
 	RESERVED
-CVE-2015-7692 (The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and ...)
+CVE-2015-7692
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: Fixed upstream together with CVE-2015-7702
-CVE-2015-7691 (The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and ...)
+CVE-2015-7691
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
@@ -5230,35 +5230,35 @@ CVE-2015-7689
 	RESERVED
 CVE-2015-7688
 	RESERVED
-CVE-2015-7685 (GLPI before 0.85.3 allows remote authenticated users to create ...)
+CVE-2015-7685
 	- glpi <removed> (unimportant)
 	NOTE: https://forge.glpi-project.org/issues/5218
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2015-7684 (Unrestricted file upload in GLPI before 0.85.3 allows remote ...)
+CVE-2015-7684
 	- glpi <removed> (unimportant)
 	NOTE: https://forge.glpi-project.org/issues/5217
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2015-7683 (Absolute path traversal vulnerability in Font.php in the Font plugin ...)
+CVE-2015-7683
 	NOT-FOR-US: Font plugin for WordPress
-CVE-2015-7682 (Multiple SQL injection vulnerabilities in ...)
+CVE-2015-7682
 	NOT-FOR-US: Pie Register plugin for WordPress
 CVE-2015-7681
 	REJECTED
-CVE-2015-7680 (Ipswitch MOVEit DMZ before 8.2 provides different error messages for ...)
+CVE-2015-7680
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7679 (Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile ...)
+CVE-2015-7679
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7678 (Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch ...)
+CVE-2015-7678
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7677 (The MOVEitISAPI service in Ipswitch MOVEit DMZ before 8.2 provides ...)
+CVE-2015-7677
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7676 (Ipswitch MOVEit File Transfer (formerly DMZ) 8.1 and earlier, when ...)
+CVE-2015-7676
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7675 (The &quot;Send as attachment&quot; feature in Ipswitch MOVEit DMZ before 8.2 and ...)
+CVE-2015-7675
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7672 (Cross-site scripting (XSS) vulnerability in Centreon 2.6.1. ...)
+CVE-2015-7672
 	NOT-FOR-US: Centreon
-CVE-2015-7713 (OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before ...)
+CVE-2015-7713
 	- nova 1:12.0.0-2
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
@@ -5268,9 +5268,9 @@ CVE-2015-XXXX [Remotely triggerable buffer overflow in OpenSMTPD]
 	- opensmtpd 5.7.3p1-1
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/04/2
 	NOTE: Fixed with 5.7.3 upstream release
-CVE-2015-7687 (Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote ...)
+CVE-2015-7687
 	- opensmtpd 5.7.3p1-1 (bug #800787)
-CVE-2015-7686 (Algorithmic complexity vulnerability in Address.pm in the ...)
+CVE-2015-7686
 	- libemail-address-perl 1.912-1 (bug #868170; unimportant)
 	[stretch] - libemail-address-perl 1.908-1+deb9u1
 	[jessie] - libemail-address-perl <no-dsa> (Minor issue)
@@ -5281,129 +5281,129 @@ CVE-2015-7686 (Algorithmic complexity vulnerability in Address.pm in the ...)
 	NOTE: Mitigation: https://github.com/Perl-Email-Project/Email-Address/commit/aeaf0d7f1b0897b54cb246b8ac15d3ef177e5cae
 CVE-2015-7671
 	RESERVED
-CVE-2015-7670 (Multiple SQL injection vulnerabilities in includes/update.php in the ...)
+CVE-2015-7670
 	NOT-FOR-US: Support Ticket System plugin for WordPress
-CVE-2015-7669 (Multiple directory traversal vulnerabilities in (1) ...)
+CVE-2015-7669
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-7668 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-7668
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-7667 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2015-7667
 	NOT-FOR-US: ResAds plugin for WordPress
-CVE-2015-7666 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2015-7666
 	NOT-FOR-US: Payment Form for PayPal Pro plugin for WordPress
 CVE-2015-7664
 	RESERVED
-CVE-2015-7663 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7663
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7662 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on ...)
+CVE-2015-7662
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7661 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7661
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7660 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7660
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7659 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on ...)
+CVE-2015-7659
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7658 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7658
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7657 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7657
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7656 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7656
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7655 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7655
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7654 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7654
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7653 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7653
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7652 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7652
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7651 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+CVE-2015-7651
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7650 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-7650
 	NOT-FOR-US: Adobe Reader
-CVE-2015-7649 (Adobe Shockwave Player before 12.2.1.171 allows attackers to execute ...)
+CVE-2015-7649
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2015-7648 (Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on ...)
+CVE-2015-7648
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7647 (Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on ...)
+CVE-2015-7647
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-7646
 	REJECTED
-CVE-2015-7645 (Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 ...)
+CVE-2015-7645
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7644 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7644
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7643 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7643
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7642 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7642
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7641 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7641
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7640 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7640
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7639 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7639
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7638 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7638
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7637 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7637
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7636 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7636
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7635 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7635
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7634 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-7634
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7633 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-7633
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7632 (Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x ...)
+CVE-2015-7632
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7631 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7631
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7630 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-7630
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7629 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
+CVE-2015-7629
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7628 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-7628
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7627 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-7627
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7626 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-7626
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7625 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-7625
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7624 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-7624
 	NOT-FOR-US: Adobe
-CVE-2015-7623 (The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-7623
 	NOT-FOR-US: Adobe
-CVE-2015-7622 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-7622
 	NOT-FOR-US: Adobe
-CVE-2015-7621 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-7621
 	NOT-FOR-US: Adobe
-CVE-2015-7620 (The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-7620
 	NOT-FOR-US: Adobe
-CVE-2015-7619 (The ANShareFile2 method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-7619
 	NOT-FOR-US: Adobe
-CVE-2015-7618 (The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat ...)
+CVE-2015-7618
 	NOT-FOR-US: Adobe
-CVE-2015-7617 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-7617
 	NOT-FOR-US: Adobe
-CVE-2015-7616 (The ANVerifyComments method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-7616
 	NOT-FOR-US: Adobe
-CVE-2015-7615 (Use-after-free vulnerability in a SaveAs feature in Adobe Reader and ...)
+CVE-2015-7615
 	NOT-FOR-US: Adobe
-CVE-2015-7614 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-7614
 	NOT-FOR-US: Adobe
-CVE-2015-7612 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-7612
 	NOT-FOR-US: McAfee
-CVE-2015-7665 (Tails before 1.7 includes the wget program but does not prevent ...)
+CVE-2015-7665
 	NOT-FOR-US: wget as used in Tails
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/01/10
-CVE-2015-7613 (Race condition in the IPC object implementation in the Linux kernel ...)
+CVE-2015-7613
 	{DSA-3372-1 DLA-325-1}
 	- linux 4.2.3-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf (v4.3-rc4)
-CVE-2015-7610 (Cross-site request forgery (CSRF) vulnerability in the login form in ...)
+CVE-2015-7610
 	NOT-FOR-US: Zimbra
 CVE-2015-7609
 	RESERVED
@@ -5415,7 +5415,7 @@ CVE-2015-7606
 	RESERVED
 CVE-2015-7605
 	RESERVED
-CVE-2015-7673 (io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its ...)
+CVE-2015-7673
 	{DSA-3378-1 DLA-434-1}
 	- gdk-pixbuf 2.32.0-1
 	- gtk+2.0 2.21.5-1
@@ -5424,12 +5424,12 @@ CVE-2015-7673 (io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its .
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=edf6fb8d856574bc3bb3a703037f56533229267c
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6ddca835100107e6b5841ce9d56074f6d98c387e
 	NOTE: gtk+2.0 2.21.5-1 removed the embedded copy of gdk-pixbuf and build-depends on external gdk-pixbuf
-CVE-2015-8875 (Multiple integer overflows in the (1) pixops_composite_nearest, (2) ...)
+CVE-2015-8875
 	{DSA-3589-1 DLA-450-1}
 	- gdk-pixbuf 2.34.0-1
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=dbfe8f70471864818bf458a39c8a99640895bd22 (2.33.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/12/3
-CVE-2015-7674 (Integer overflow in the pixops_scale_nearest function in ...)
+CVE-2015-7674
 	{DSA-3378-1 DLA-450-1 DLA-434-1}
 	- gdk-pixbuf 2.32.1-1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/01/4
@@ -5445,33 +5445,33 @@ CVE-2015-XXXX [trivial hash complexity DoS attack]
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugs.php.net/bug.php?id=70644
 	NOTE: https://github.com/bk2204/php-hash-dos
-CVE-2015-7698 (icewind1991 SMB before 1.0.3 allows remote authenticated users to ...)
+CVE-2015-7698
 	- php-smb 1.0.3a-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-017
-CVE-2015-7699 (The files_external app in ownCloud Server before 7.0.9, 8.0.x before ...)
+CVE-2015-7699
 	{DSA-3373-1}
 	- owncloud 7.0.9~dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-018
 	NOTE: https://github.com/owncloud/core/commit/b05e178bbf884b120d1106e6a28f35aa50d6d06f
-CVE-2015-7611 (Apache James Server 2.3.2, when configured with file-based user ...)
+CVE-2015-7611
 	NOT-FOR-US: Apache James
-CVE-2015-7604 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2015-7604
 	NOT-FOR-US: Splunk
-CVE-2015-7603 (Directory traversal vulnerability in Konica Minolta FTP Utility 1.0 ...)
+CVE-2015-7603
 	NOT-FOR-US: Konica Minolta FTP Utility
-CVE-2015-7602 (Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows ...)
+CVE-2015-7602
 	NOT-FOR-US: BisonWare BisonFTP
-CVE-2015-7601 (Directory traversal vulnerability in PCMan's FTP Server 2.0.7 allows ...)
+CVE-2015-7601
 	NOT-FOR-US: PCMan's FTP Server
-CVE-2015-7600 (Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for ...)
+CVE-2015-7600
 	NOT-FOR-US: Cisco VPN Client
-CVE-2015-7599 (Integer overflow in the _authenticate function in svc_auth.c in Wind ...)
+CVE-2015-7599
 	NOT-FOR-US: Wind River VxWorks
-CVE-2015-7598 (SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ...)
+CVE-2015-7598
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7597 (SafeNet Authentication Service IIS Agent uses a weak ACL for ...)
+CVE-2015-7597
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7596 (SafeNet Authentication Service End User Software Tools for Windows ...)
+CVE-2015-7596
 	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7595
 	REJECTED
@@ -5501,7 +5501,7 @@ CVE-2015-7583
 	REJECTED
 CVE-2015-7582
 	REJECTED
-CVE-2015-7581 (actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in ...)
+CVE-2015-7581
 	{DSA-3464-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -5510,13 +5510,13 @@ CVE-2015-7581 (actionpack/lib/action_dispatch/routing/route_set.rb in Action Pac
 	[wheezy] - ruby-actionpack-3.2 <not-affected> (Vulnerable code not present)
 	- ruby-actionpack-2.3 <removed>
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
-CVE-2015-7580 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-7580
 	- ruby-rails-html-sanitizer 1.0.3-1 (bug #812814)
-CVE-2015-7579 (Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer ...)
+CVE-2015-7579
 	- ruby-rails-html-sanitizer 1.0.3-1 (bug #812814)
-CVE-2015-7578 (Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer ...)
+CVE-2015-7578
 	- ruby-rails-html-sanitizer 1.0.3-1 (bug #812814)
-CVE-2015-7577 (activerecord/lib/active_record/nested_attributes.rb in Active Record ...)
+CVE-2015-7577
 	{DSA-3464-1 DLA-496-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -5524,7 +5524,7 @@ CVE-2015-7577 (activerecord/lib/active_record/nested_attributes.rb in Active Rec
 	- ruby-activerecord-3.2 <removed>
 	- ruby-activerecord-2.3 <removed>
 	[wheezy] - ruby-activerecord-2.3 <end-of-life>
-CVE-2015-7576 (The http_basic_authenticate_with method in ...)
+CVE-2015-7576
 	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -5537,7 +5537,7 @@ CVE-2015-7576 (The http_basic_authenticate_with method in ...)
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life>
 	NOTE: https://github.com/rails/rails/commit/a6fa3960c3a149e83eb2ff057be4472a82958e3d
-CVE-2015-7575 (Mozilla Network Security Services (NSS) before 3.20.2, as used in ...)
+CVE-2015-7575
 	{DSA-3688-1 DSA-3491-1 DSA-3465-1 DSA-3458-1 DSA-3457-1 DSA-3437-1 DSA-3436-1 DLA-410-1}
 	- iceweasel 43.0.2-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5574,35 +5574,35 @@ CVE-2015-7573
 	REJECTED
 CVE-2015-7572
 	REJECTED
-CVE-2015-7571 (Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows ...)
+CVE-2015-7571
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7570 (Multiple server-side request forgery (SSRF) vulnerabilities in Yeager ...)
+CVE-2015-7570
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7569 (SQL injection vulnerability in &quot;yeager/y.php/tab_USERLIST&quot; in Yeager ...)
+CVE-2015-7569
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7568 (SQL injection vulnerability in the password recovery feature in Yeager ...)
+CVE-2015-7568
 	NOT-FOR-US: Yeager CMS
 CVE-2015-7567
 	RESERVED
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7566 (The clie_5_attach function in drivers/usb/serial/visor.c in the Linux ...)
+CVE-2015-7566
 	{DSA-3448-1 DLA-412-1}
 	- linux 4.3.3-6
 	[wheezy] - linux 3.2.73-2+deb7u3
 	- linux-2.6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283371 (not (yet) public)
 	NOTE: Proposed upstream patch: http://marc.info/?l=linux-usb&m=145260786729359&w=2
-CVE-2015-7565 (Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through ...)
+CVE-2015-7565
 	NOT-FOR-US: ember.js
-CVE-2015-7564 (Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier ...)
+CVE-2015-7564
 	NOT-FOR-US: TeamPass
-CVE-2015-7563 (Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and ...)
+CVE-2015-7563
 	NOT-FOR-US: TeamPass
-CVE-2015-7562 (Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 ...)
+CVE-2015-7562
 	NOT-FOR-US: TeamPass
-CVE-2015-7561 (Kubernetes in OpenShift3 allows remote authenticated users to use the ...)
+CVE-2015-7561
 	NOT-FOR-US: OpenShift
-CVE-2015-7560 (The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, ...)
+CVE-2015-7560
 	{DSA-3514-1}
 	- samba 2:4.3.6+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-7560.html
@@ -5613,13 +5613,13 @@ CVE-2015-7559 [DoS in client via shutdown command]
 	[jessie] - activemq 5.6.0+dfsg1-4+deb8u3
 	NOTE: Upstream commit: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=b8fc78e
 	NOTE: https://issues.apache.org/jira/browse/AMQ-6470
-CVE-2015-7558 (librsvg before 2.40.12 allows context-dependent attackers to cause a ...)
+CVE-2015-7558
 	{DSA-3584-1 DLA-477-1}
 	- librsvg 2.40.12-1
 	[squeeze] - librsvg <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268243
 	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
-CVE-2015-7557 (The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg ...)
+CVE-2015-7557
 	{DLA-395-1}
 	- librsvg 2.40.9-2
 	[jessie] - librsvg 2.40.5-1+deb8u1
@@ -5628,13 +5628,13 @@ CVE-2015-7557 (The _rsvg_node_poly_build_path function in rsvg-shapes.c in librs
 	NOTE: https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df (2.40.7)
 CVE-2015-7556
 	RESERVED
-CVE-2015-7555 (Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 ...)
+CVE-2015-7555
 	{DLA-389-1}
 	- giflib 5.1.2-0.1 (bug #808704)
 	[jessie] - giflib 4.1.6-11+deb8u1
 	[wheezy] - giflib 4.1.6-10+deb7u1
 	NOTE: Upstream fix http://sourceforge.net/p/giflib/code/ci/179510be300bf11115e37528d79619b53c884a63
-CVE-2015-7554 (The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows ...)
+CVE-2015-7554
 	{DLA-693-1 DLA-692-1}
 	- tiff 4.0.7-7 (bug #809066; bug #842043; bug #850316)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -5647,17 +5647,17 @@ CVE-2015-7554 (The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows
 	NOTE: --
 	NOTE: The problem is present in tiff3 3.9.6-11+deb7u1 on wheezy (the problematic code
 	NOTE: gets executed under gdb), however for some reason this does not lead to a segfault.
-CVE-2015-7553 (Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt ...)
+CVE-2015-7553
 	- linux <not-affected> (RHEL-specific backport bug)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288934
 	NOTE: Related to an incomplete RHEL backport of https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ac2bde2a4a05c38e2bd733bea94507cb1461e06
-CVE-2015-7552 (Heap-based buffer overflow in the gdk_pixbuf_flip function in ...)
+CVE-2015-7552
 	{DSA-3589-1 DLA-501-1}
 	- gdk-pixbuf 2.32.0-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=958963
 	NOTE: This was fixed by one of the commits between 2.31.6 and 2.32.0.
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f68cb78a5277f169b9531e6998c00c7976594e4 (2.31.7)
-CVE-2015-7551 (The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby ...)
+CVE-2015-7551
 	- ruby1.9.1 <removed>
 	[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
 	[squeeze] - ruby1.9.1 <not-affected> (DL already fixed with CVE-2009-5147, Fiddle does not have vulnerable code)
@@ -5666,12 +5666,12 @@ CVE-2015-7551 (The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby
 	[jessie] - ruby2.1 2.1.5-2+deb8u3
 	- ruby2.2 2.2.4-1 (bug #796551)
 	NOTE: https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/
-CVE-2015-7550 (The keyctl_read_key function in security/keys/keyctl.c in the Linux ...)
+CVE-2015-7550
 	{DSA-3434-1 DLA-378-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/linus/b4a1b4f5047e4f54e194681125c74c0aa64d637d (v4.4-rc8)
-CVE-2015-7549 (The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) ...)
+CVE-2015-7549
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-1 (bug #808131)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -5681,19 +5681,19 @@ CVE-2015-7549 (The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulat
 	[squeeze] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=43b11a91dd861a946b231b89b7542856ade23d1b (v2.5.0-rc0)
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d35e428c8400f9ddc07e5a15ff19622c869b9ba0 (v1.2.0-rc0)
-CVE-2015-7548 (OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before ...)
+CVE-2015-7548
 	- nova 2:13.0.0~rc3-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: Affects: Nova: <=2015.1.2, ==12.0.0
 	NOTE: https://bugs.launchpad.net/bugs/1524274
-CVE-2015-7547 (Multiple stack-based buffer overflows in the (1) send_dg and (2) ...)
+CVE-2015-7547
 	{DSA-3481-1 DSA-3480-1 DLA-416-1}
 	- glibc 2.21-8
 	- eglibc <removed>
 	NOTE: https://googleonlinesecurity.blogspot.cz/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
 	NOTE: https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
-CVE-2015-7546 (The identity service in OpenStack Identity (Keystone) before 2015.1.3 ...)
+CVE-2015-7546
 	- keystone 2:9.0.0~rc2-1
 	[jessie] - keystone <no-dsa> (Too intrusive to backport, needs to switch to different token provider)
 	[wheezy] - keystone <no-dsa> (Too intrusive to backport, needs to switch to different token provider)
@@ -5702,9 +5702,9 @@ CVE-2015-7546 (The identity service in OpenStack Identity (Keystone) before 2015
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0062
 	NOTE: Keystone: <= 2015.1.2, >= 8.0.0 <= 8.0.1
 	NOTE: Keystonemiddleware: >= 1.5.0 <= 1.5.3, >= 1.6.0 <= 2.3.2
-CVE-2015-7544 (redhat-support-plugin-rhev in Red Hat Enterprise Virtualization ...)
+CVE-2015-7544
 	NOT-FOR-US: redhat-support-plugin-rhev
-CVE-2015-7543 (aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create ...)
+CVE-2015-7543
 	{DLA-367-1 DLA-366-1}
 	- kde4libs <not-affected> (Fixed before the first release in Debian)
 	- kdelibs <removed>
@@ -5716,21 +5716,21 @@ CVE-2015-7542 [libgwenhywfar uses outdated bundled CA certificates]
 	- libgwenhywfar 4.12.0beta-3 (bug #748955; medium)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1272503
 	NOTE: Debian packaging fix: http://source.lenk.info/git/pkg-libgwenhywfar.git/commitdiff/86dacaae3a233f6ca3b420e0bfdb12eb5ef40b91
-CVE-2015-7541 (The initialize method in the Histogram class in ...)
+CVE-2015-7541
 	NOT-FOR-US: colorscore gem for Ruby
-CVE-2015-7540 (The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 ...)
+CVE-2015-7540
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.1.21)
 	[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.1.21)
 	NOTE: https://www.samba.org/samba/security/CVE-2015-7540.html
-CVE-2015-7539 (The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 ...)
+CVE-2015-7539
 	- jenkins <removed>
-CVE-2015-7538 (Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to ...)
+CVE-2015-7538
 	- jenkins <removed>
-CVE-2015-7537 (Cross-site request forgery (CSRF) vulnerability in Jenkins before ...)
+CVE-2015-7537
 	- jenkins <removed>
-CVE-2015-7536 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and ...)
+CVE-2015-7536
 	- jenkins <removed>
 CVE-2015-7535
 	REJECTED
@@ -5744,13 +5744,13 @@ CVE-2015-7531
 	REJECTED
 CVE-2015-7530
 	REJECTED
-CVE-2015-7529 (sosreport in SoS 3.x allows local users to obtain sensitive ...)
+CVE-2015-7529
 	- sosreport 3.2+git276-g7da50d6-3 (unimportant)
 	NOTE: Neutralised by kernel hardening
-CVE-2015-7528 (Kubernetes before 1.2.0-alpha.5 allows remote attackers to read ...)
+CVE-2015-7528
 	- kubernetes <not-affected> (Fixed before initial release to archive)
 	NOTE: https://github.com/kubernetes/kubernetes/pull/17886
-CVE-2015-7527 (lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows ...)
+CVE-2015-7527
 	NOT-FOR-US: WordPress plugin cool-video-gallery
 CVE-2015-7526
 	REJECTED
@@ -5762,11 +5762,11 @@ CVE-2015-7523
 	REJECTED
 CVE-2015-7522
 	REJECTED
-CVE-2015-7521 (The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, ...)
+CVE-2015-7521
 	NOT-FOR-US: Apache Hive
-CVE-2015-7520 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) ...)
+CVE-2015-7520
 	NOT-FOR-US: Apache Wicket
-CVE-2015-7519 (agent/Core/Controller/SendRequest.cpp in Phusion Passenger before ...)
+CVE-2015-7519
 	{DLA-1399-1 DLA-394-1}
 	- passenger 5.0.22-1 (bug #807354)
 	- ruby-passenger <removed> (bug #864651)
@@ -5774,35 +5774,35 @@ CVE-2015-7519 (agent/Core/Controller/SendRequest.cpp in Phusion Passenger before
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=956281
 	NOTE: https://github.com/phusion/passenger/commit/c04590871ca0878d4d3ac1220c5a554b049056b4 (4.x)
 	NOTE: https://github.com/phusion/passenger/commit/ddb8ecc4ebf260e4967f57f271d4f5761abeac3e (5.x)
-CVE-2015-7518 (Multiple cross-site scripting (XSS) vulnerabilities in information ...)
+CVE-2015-7518
 	- foreman <itp> (bug #663101)
-CVE-2015-7517 (Multiple SQL injection vulnerabilities in the Double Opt-In for ...)
+CVE-2015-7517
 	NOT-FOR-US: Double Opt-In for Download plugin for WordPress
-CVE-2015-7516 (ONOS before 1.5.0 when using the ifwd app allows remote attackers to ...)
+CVE-2015-7516
 	NOT-FOR-US: Onos
-CVE-2015-7515 (The aiptek_probe function in drivers/input/tablet/aiptek.c in the ...)
+CVE-2015-7515
 	{DSA-3607-1}
 	- linux 4.4.2-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1285326
 	NOTE: https://os-s.net/advisories/OSS-2016-05_aiptek.pdf
 	NOTE: Upstream commit: https://git.kernel.org/linus/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96 (v4.4-rc6)
-CVE-2015-7514 (OpenStack Ironic 4.2.0 through 4.2.1 does not &quot;clean&quot; the disk after ...)
+CVE-2015-7514
 	- ironic 1:4.2.2-1 (bug #807269)
-CVE-2015-7513 (arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the ...)
+CVE-2015-7513
 	{DSA-3434-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/linus/0185604c2d82c560dab2f2933a18f797e74ab5a8 (v4.4-rc7)
-CVE-2015-7512 (Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in ...)
+CVE-2015-7512
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #806741)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06341.html
-CVE-2015-7511 (Libgcrypt before 1.6.5 does not properly perform elliptic-point curve ...)
+CVE-2015-7511
 	{DSA-3478-1 DSA-3474-1}
 	- libgcrypt20 1.6.5-2
 	- libgcrypt11 <removed>
@@ -5812,13 +5812,13 @@ CVE-2015-7511 (Libgcrypt before 1.6.5 does not properly perform elliptic-point c
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=de7db12fa04016e12dffb2b678632f45eba15ec4 (libgcrypt-1.6.5)
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=28eb424e4427b320ec1c9c4ce56af25d495230bd (libgcrypt-1.6.5)
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=88e1358962e902ff1cbec8d53ba3eee46407851a (master)
-CVE-2015-7510 (Stack-based buffer overflow in the getpwnam and getgrnam functions of ...)
+CVE-2015-7510
 	- systemd 229-1
 	[jessie] - systemd <not-affected> (Vulnerable code introduced later, v223)
 	[wheezy] - systemd <not-affected> (Vulnerable code introduced later, v223)
 	NOTE: https://github.com/systemd/systemd/commit/cb31827d62066a04b02111df3052949fda4b6888 (v229)
 	NOTE: https://github.com/systemd/systemd/issues/2002
-CVE-2015-7509 (fs/ext4/namei.c in the Linux kernel before 3.7 allows physically ...)
+CVE-2015-7509
 	- linux 3.8-1~experimental.1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
@@ -5858,7 +5858,7 @@ CVE-2015-7505 [stack overflow]
 	- netsurf 3.2+dfsg-3 (bug #810491)
 	[jessie] - netsurf <no-dsa> (netsurf already relies only entirely unsupported mozjs)
 	[wheezy] - netsurf <no-dsa> (netsurf already relies only entirely unsupported mozjs)
-CVE-2015-7504 (Heap-based buffer overflow in the pcnet_receive function in ...)
+CVE-2015-7504
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #806742)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -5866,33 +5866,33 @@ CVE-2015-7504 (Heap-based buffer overflow in the pcnet_receive function in ...)
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html
 	NOTE: Xen not affected in wheezy, CVE covered by XSA-162: https://marc.info/?l=oss-security&m=144888089404618&w=2
-CVE-2015-7503 (Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before ...)
+CVE-2015-7503
 	NOT-FOR-US: php-zend-crypt
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-10
-CVE-2015-7502 (Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms ...)
+CVE-2015-7502
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2015-7500 (The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows ...)
+CVE-2015-7500
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756525 (upstream bug not yet open)
-CVE-2015-7499 (Heap-based buffer overflow in the xmlGROW function in parser.c in ...)
+CVE-2015-7499
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc (v2.9.3)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756479 (upstream bug not yet open)
-CVE-2015-7498 (Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c ...)
+CVE-2015-7498
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43 (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756527 (upstream bug not yet open)
-CVE-2015-7497 (Heap-based buffer overflow in the xmlDictComputeFastQKey function in ...)
+CVE-2015-7497
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9 (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756528 (upstream bug not yet open)
-CVE-2015-7496 (GNOME Display Manager (gdm) before 3.18.2 allows physically proximate ...)
+CVE-2015-7496
 	- gdm3 3.18.2-1
 	[jessie] - gdm3  <not-affected> (Vulnerable code not present, unreproducible)
 	[wheezy] - gdm3  <not-affected> (Vulnerable code not present, unreproducible)
@@ -5902,27 +5902,27 @@ CVE-2015-7496 (GNOME Display Manager (gdm) before 3.18.2 allows physically proxi
 	NOTE: https://git.gnome.org/browse/gdm/commit/?id=05e5fc2
 CVE-2015-7495
 	RESERVED
-CVE-2015-7494 (A vulnerability has been identified in IBM Cloud Orchestrator ...)
+CVE-2015-7494
 	NOT-FOR-US: IBM
-CVE-2015-7493 (IBM InfoSphere Information Server could allow a local user under ...)
+CVE-2015-7493
 	NOT-FOR-US: IBM
-CVE-2015-7492 (Cross-site scripting (XSS) vulnerability in Reference Data Management ...)
+CVE-2015-7492
 	NOT-FOR-US: IBM
-CVE-2015-7491 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x ...)
+CVE-2015-7491
 	NOT-FOR-US: IBM
-CVE-2015-7490 (IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, ...)
+CVE-2015-7490
 	NOT-FOR-US: IBM
-CVE-2015-7489 (IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses ...)
+CVE-2015-7489
 	NOT-FOR-US: IBM
-CVE-2015-7488 (IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in ...)
+CVE-2015-7488
 	NOT-FOR-US: IBM
-CVE-2015-7487 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 ...)
+CVE-2015-7487
 	NOT-FOR-US: IBM
-CVE-2015-7486 (Cross-site scripting (XSS) vulnerability in IBM Rational Engineering ...)
+CVE-2015-7486
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
-CVE-2015-7485 (Cross-site scripting (XSS) vulnerability in IBM Rational Engineering ...)
+CVE-2015-7485
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
-CVE-2015-7484 (IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 ...)
+CVE-2015-7484
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
 CVE-2015-7483
 	RESERVED
@@ -5942,244 +5942,244 @@ CVE-2015-7476
 	RESERVED
 CVE-2015-7475
 	RESERVED
-CVE-2015-7474 (Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM ...)
+CVE-2015-7474
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
-CVE-2015-7473 (runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to ...)
+CVE-2015-7473
 	NOT-FOR-US: IBM
-CVE-2015-7472 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2015-7472
 	NOT-FOR-US: IBM
-CVE-2015-7471 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2015-7471
 	NOT-FOR-US: IBM
-CVE-2015-7470 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
+CVE-2015-7470
 	NOT-FOR-US: IBM
-CVE-2015-7469 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
+CVE-2015-7469
 	NOT-FOR-US: IBM
-CVE-2015-7468 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
+CVE-2015-7468
 	NOT-FOR-US: IBM
-CVE-2015-7467 (Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz ...)
+CVE-2015-7467
 	NOT-FOR-US: IBM
-CVE-2015-7466 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 ...)
+CVE-2015-7466
 	NOT-FOR-US: IBM
-CVE-2015-7465 (Cross-site request forgery (CSRF) vulnerability in Lifecycle Query ...)
+CVE-2015-7465
 	NOT-FOR-US: IBM
-CVE-2015-7464 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
+CVE-2015-7464
 	NOT-FOR-US: IBM
-CVE-2015-7463 (IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 ...)
+CVE-2015-7463
 	NOT-FOR-US: IBM
-CVE-2015-7462 (IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to ...)
+CVE-2015-7462
 	NOT-FOR-US: IBM
-CVE-2015-7461 (XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and ...)
+CVE-2015-7461
 	NOT-FOR-US: IBM
-CVE-2015-7460 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 ...)
+CVE-2015-7460
 	NOT-FOR-US: IBM
-CVE-2015-7459 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 ...)
+CVE-2015-7459
 	NOT-FOR-US: IBM
-CVE-2015-7458 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 ...)
+CVE-2015-7458
 	NOT-FOR-US: IBM
-CVE-2015-7457 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x ...)
+CVE-2015-7457
 	NOT-FOR-US: IBM
-CVE-2015-7456 (IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote ...)
+CVE-2015-7456
 	NOT-FOR-US: IBM
-CVE-2015-7455 (IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 ...)
+CVE-2015-7455
 	NOT-FOR-US: IBM
-CVE-2015-7454 (Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 ...)
+CVE-2015-7454
 	NOT-FOR-US: IBM
-CVE-2015-7453 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2015-7453
 	NOT-FOR-US: IBM
-CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before ...)
+CVE-2015-7452
 	NOT-FOR-US: IBM
-CVE-2015-7451 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2015-7451
 	NOT-FOR-US: IBM
-CVE-2015-7450 (Serialized-object interfaces in certain IBM analytics, business ...)
+CVE-2015-7450
 	NOT-FOR-US: IBM
-CVE-2015-7449 (IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before ...)
+CVE-2015-7449
 	NOT-FOR-US: IBM
-CVE-2015-7448 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 through ...)
+CVE-2015-7448
 	NOT-FOR-US: IBM
-CVE-2015-7447 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2015-7447
 	NOT-FOR-US: IBM
-CVE-2015-7446 (Cross-site request forgery (CSRF) vulnerability in IBM Flash System ...)
+CVE-2015-7446
 	NOT-FOR-US: IBM
-CVE-2015-7445 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B ...)
+CVE-2015-7445
 	NOT-FOR-US: IBM
-CVE-2015-7444 (The Update Installer in IBM WebSphere Commerce Enterprise 7.0.0.8 and ...)
+CVE-2015-7444
 	NOT-FOR-US: IBM
 CVE-2015-7443
 	RESERVED
-CVE-2015-7442 (consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x ...)
+CVE-2015-7442
 	NOT-FOR-US: IBM
-CVE-2015-7441 (Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and ...)
+CVE-2015-7441
 	NOT-FOR-US: IBM
-CVE-2015-7440 (IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before ...)
+CVE-2015-7440
 	NOT-FOR-US: IBM
-CVE-2015-7439 (Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect ...)
+CVE-2015-7439
 	NOT-FOR-US: IBM
-CVE-2015-7438 (IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive ...)
+CVE-2015-7438
 	NOT-FOR-US: IBM
-CVE-2015-7437 (Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to ...)
+CVE-2015-7437
 	NOT-FOR-US: IBM
-CVE-2015-7436 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, ...)
+CVE-2015-7436
 	NOT-FOR-US: IBM
-CVE-2015-7435 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, ...)
+CVE-2015-7435
 	NOT-FOR-US: IBM
-CVE-2015-7434 (IBM Capacity Management Analytics 2.1.0.0 allows local users to ...)
+CVE-2015-7434
 	NOT-FOR-US: IBM
-CVE-2015-7433 (IBM Capacity Management Analytics 2.1.0.0 allows local users to ...)
+CVE-2015-7433
 	NOT-FOR-US: IBM
-CVE-2015-7432 (IBM Capacity Management Analytics 2.1.0.0 allows local users to ...)
+CVE-2015-7432
 	NOT-FOR-US: IBM
-CVE-2015-7431 (Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM ...)
+CVE-2015-7431
 	NOT-FOR-US: IBM
-CVE-2015-7430 (The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for ...)
+CVE-2015-7430
 	NOT-FOR-US: IBM
-CVE-2015-7429 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage ...)
+CVE-2015-7429
 	NOT-FOR-US: IBM
-CVE-2015-7428 (Open redirect vulnerability in IBM WebSphere Portal 8.0.x before ...)
+CVE-2015-7428
 	NOT-FOR-US: IBM
-CVE-2015-7427 (IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, ...)
+CVE-2015-7427
 	NOT-FOR-US: IBM
-CVE-2015-7426 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage ...)
+CVE-2015-7426
 	NOT-FOR-US: IBM
-CVE-2015-7425 (The Data Protection component in the VMware vSphere GUI in IBM Tivoli ...)
+CVE-2015-7425
 	NOT-FOR-US: IBM
-CVE-2015-7424 (IBM InfoSphere Master Data Management (MDM) - Collaborative Edition ...)
+CVE-2015-7424
 	NOT-FOR-US: IBM
-CVE-2015-7423 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere ...)
+CVE-2015-7423
 	NOT-FOR-US: IBM
-CVE-2015-7422 (Buffer overflow in IBM i Access 7.1 on Windows allows local users to ...)
+CVE-2015-7422
 	NOT-FOR-US: IBM i Access
-CVE-2015-7421 (Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before ...)
+CVE-2015-7421
 	NOT-FOR-US: IBM
-CVE-2015-7420 (Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before ...)
+CVE-2015-7420
 	NOT-FOR-US: IBM
-CVE-2015-7419 (IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows ...)
+CVE-2015-7419
 	NOT-FOR-US: IBM
-CVE-2015-7418 (IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance ...)
+CVE-2015-7418
 	NOT-FOR-US: IBM
-CVE-2015-7417 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
+CVE-2015-7417
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-7416 (AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote ...)
+CVE-2015-7416
 	NOT-FOR-US: IBM
-CVE-2015-7415 (Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode ...)
+CVE-2015-7415
 	NOT-FOR-US: IBM
-CVE-2015-7414 (Cross-site scripting (XSS) vulnerability in the GDS component in IBM ...)
+CVE-2015-7414
 	NOT-FOR-US: IBM
-CVE-2015-7413 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
+CVE-2015-7413
 	NOT-FOR-US: IBM
-CVE-2015-7412 (The GatewayScript modules on IBM DataPower Gateways with software ...)
+CVE-2015-7412
 	NOT-FOR-US: IBM
-CVE-2015-7411 (The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, ...)
+CVE-2015-7411
 	NOT-FOR-US: IBM
-CVE-2015-7410 (The Health Check tool in IBM Sterling B2B Integrator 5.2 does not ...)
+CVE-2015-7410
 	NOT-FOR-US: IBM
-CVE-2015-7409 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+CVE-2015-7409
 	NOT-FOR-US: IBM
-CVE-2015-7408 (The server in IBM Spectrum Protect (aka Tivoli Storage Manager) 5.5 ...)
+CVE-2015-7408
 	NOT-FOR-US: IBM
-CVE-2015-7407 (Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in ...)
+CVE-2015-7407
 	NOT-FOR-US: IBM
 CVE-2015-7406
 	RESERVED
 CVE-2015-7405
 	RESERVED
-CVE-2015-7404 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+CVE-2015-7404
 	NOT-FOR-US: IBM
-CVE-2015-7403 (IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File ...)
+CVE-2015-7403
 	NOT-FOR-US: IBM
-CVE-2015-7402 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
+CVE-2015-7402
 	NOT-FOR-US: IBM
-CVE-2015-7401 (IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote ...)
+CVE-2015-7401
 	NOT-FOR-US: IBM
-CVE-2015-7400 (The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote ...)
+CVE-2015-7400
 	NOT-FOR-US: IBM
-CVE-2015-7399 (IBM WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.6 and ...)
+CVE-2015-7399
 	NOT-FOR-US: IBM
-CVE-2015-7398 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract ...)
+CVE-2015-7398
 	NOT-FOR-US: IBM
-CVE-2015-7397 (Multiple open redirect vulnerabilities in the Aurora starter store in ...)
+CVE-2015-7397
 	NOT-FOR-US: IBM
-CVE-2015-7396 (The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 ...)
+CVE-2015-7396
 	NOT-FOR-US: IBM
-CVE-2015-7395 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
+CVE-2015-7395
 	NOT-FOR-US: IBM
-CVE-2015-7394 (The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link ...)
+CVE-2015-7394
 	NOT-FOR-US: BIG-IQ
-CVE-2015-7393 (dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 ...)
+CVE-2015-7393
 	NOT-FOR-US: BIG-IP
-CVE-2015-7392 (Heap-based buffer overflow in the parse_string function in ...)
+CVE-2015-7392
 	- freeswitch <itp> (bug #389591)
-CVE-2015-7391 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...)
+CVE-2015-7391
 	NOT-FOR-US: TestLink
-CVE-2015-7390 (SQL injection vulnerability in TestLink before 1.9.14 allows remote ...)
+CVE-2015-7390
 	NOT-FOR-US: TestLink
 CVE-2015-7389
 	RESERVED
 CVE-2015-7388
 	RESERVED
-CVE-2015-7387 (ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier ...)
+CVE-2015-7387
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
-CVE-2015-7386 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-7386
 	NOT-FOR-US: Gallery - Photo Albums - Portfolio plugin for WordPress
-CVE-2015-7385 (Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard ...)
+CVE-2015-7385
 	NOT-FOR-US: Open-Xchange
-CVE-2015-7384 (Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a ...)
+CVE-2015-7384
 	- nodejs 4.1.1~dfsg-3 (bug #800580)
 	[jessie] - nodejs <not-affected> (Vulnerability not present)
 	NOTE: https://groups.google.com/forum/#!topic/nodejs-sec/fSNEQiuof6I
-CVE-2015-8076 (The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before ...)
+CVE-2015-8076
 	- cyrus-imapd-2.4 2.4.17+nocaldav-2
 	[jessie] - cyrus-imapd-2.4 2.4.17+nocaldav-0~deb8u1
 	[wheezy] - cyrus-imapd-2.4 <no-dsa> (Minor issue; can be fixed alone in a future DLA)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/29/2
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b
-CVE-2015-7383 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference ...)
+CVE-2015-7383
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-7382 (SQL injection vulnerability in install.php in Web Reference Database ...)
+CVE-2015-7382
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-7381 (Multiple PHP remote file inclusion vulnerabilities in install.php in ...)
+CVE-2015-7381
 	NOT-FOR-US: Web Reference Database (aka refbase)
 CVE-2015-7380
 	RESERVED
 CVE-2015-7379
 	RESERVED
-CVE-2015-7378 (Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the ...)
+CVE-2015-7378
 	NOT-FOR-US: Panda Security
-CVE-2015-7377 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-7377
 	NOT-FOR-US: Pie Register plugin for WordPress
 CVE-2015-7376
 	RESERVED
-CVE-2015-7375 (Schneider Electric InduSoft Web Studio before 8.0 allows remote ...)
+CVE-2015-7375
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-7374 (The Remote Agent component in Schneider Electric InduSoft Web Studio ...)
+CVE-2015-7374
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-7373 (Cross-site scripting (XSS) vulnerability in the &quot;magic-macros&quot; feature ...)
+CVE-2015-7373
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7372 (Directory traversal vulnerability in delivery-dev/al.php in Revive ...)
+CVE-2015-7372
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7371 (Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, ...)
+CVE-2015-7371
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7370 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-7370
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7369 (The default Flash cross-domain policy (crossdomain.xml) in Revive ...)
+CVE-2015-7369
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7368 (Revive Adserver before 3.2.2 does not send the appropriate ...)
+CVE-2015-7368
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7367 (Revive Adserver before 3.2.2 allows remote attackers to perform ...)
+CVE-2015-7367
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7366 (Multiple cross-site request forgery (CSRF) vulnerabilities in Revive ...)
+CVE-2015-7366
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7365 (Cross-site scripting (XSS) vulnerability in the plugin upgrade form in ...)
+CVE-2015-7365
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7364 (The HTML_Quickform library, as used in Revive Adserver before 3.2.2, ...)
+CVE-2015-7364
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7363 (Cross-site scripting (XSS) vulnerability in the advanced settings page ...)
+CVE-2015-7363
 	NOT-FOR-US: Fortinet
-CVE-2015-7362 (Fortinet FortiClient Linux SSLVPN before build 2313, when installed on ...)
+CVE-2015-7362
 	NOT-FOR-US: Fortinet
-CVE-2015-7361 (FortiOS 5.2.3, when configured to use High Availability (HA) and the ...)
+CVE-2015-7361
 	NOT-FOR-US: FortiOS
-CVE-2015-7360 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User ...)
+CVE-2015-7360
 	NOT-FOR-US: Fortinet
 CVE-2015-XXXX [DoS]
 	- libemail-address-perl 1.908-1
@@ -6194,11 +6194,11 @@ CVE-2015-XXXX [DoS]
 	NOTE: See CVE-2015-7686 for the underlying CWE-407 ("Algorithmic Complexity")
 	NOTE: issue still present in 1.908
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/02/13
-CVE-2015-7359 (The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in ...)
+CVE-2015-7359
 	NOT-FOR-US: TrueCrypt
-CVE-2015-7358 (The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt ...)
+CVE-2015-7358
 	NOT-FOR-US: TrueCrypt
-CVE-2015-7357 (Cross-site scripting (XSS) vulnerability in the uDesign (aka U-Design) ...)
+CVE-2015-7357
 	NOT-FOR-US: uDesign
 CVE-2015-7356
 	RESERVED
@@ -6214,13 +6214,13 @@ CVE-2015-7351
 	RESERVED
 CVE-2015-7350
 	RESERVED
-CVE-2015-7349 (Cross-site scripting (XSS) vulnerability in the sample feedback.inc ...)
+CVE-2015-7349
 	NOT-FOR-US: Citrix
-CVE-2015-7348 (Cross-site scripting (XSS) vulnerability in zTree 3.5.19.1 and ...)
+CVE-2015-7348
 	NOT-FOR-US: zTree
-CVE-2015-7347 (Cross-site scripting (XSS) vulnerability in ZCMS JavaServer Pages ...)
+CVE-2015-7347
 	NOT-FOR-US: ZCMS
-CVE-2015-7346 (SQL injection vulnerability in ZCMS 1.1. ...)
+CVE-2015-7346
 	NOT-FOR-US: ZCMS
 CVE-2015-7345
 	RESERVED
@@ -6248,59 +6248,59 @@ CVE-2015-7333
 	RESERVED
 CVE-2015-7332
 	RESERVED
-CVE-2015-7331 (The mcollective-puppet-agent plugin before 1.11.1 for Puppet allows ...)
+CVE-2015-7331
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: https://puppet.com/security/cve/cve-2015-7331
-CVE-2015-7330 (Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to ...)
+CVE-2015-7330
 	NOT-FOR-US: Puppet Enterprise (Puppet Communications Protocol broker)
 CVE-2015-7329
 	RESERVED
-CVE-2015-7328 (Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and ...)
+CVE-2015-7328
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2015-7327 (Mozilla Firefox before 41.0 does not properly restrict the ...)
+CVE-2015-7327
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-114/
-CVE-2015-7326 (XML External Entity (XXE) vulnerability in Milton Webdav before ...)
+CVE-2015-7326
 	NOT-FOR-US: Milton Webdav
 CVE-2015-7325
 	RESERVED
-CVE-2015-7324 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-7324
 	NOT-FOR-US: StackIdeas Komento component for Joomla!
-CVE-2015-7323 (The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure ...)
+CVE-2015-7323
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2015-7322 (The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure ...)
+CVE-2015-7322
 	NOT-FOR-US: Pulse Connect Secure
 CVE-2015-7321
 	RESERVED
-CVE-2015-7320 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-7320
 	NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
-CVE-2015-7319 (SQL injection vulnerability in ...)
+CVE-2015-7319
 	NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
-CVE-2015-7318 (Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers ...)
+CVE-2015-7318
 	NOT-FOR-US: Plone
-CVE-2015-7317 (Kupu 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, ...)
+CVE-2015-7317
 	NOT-FOR-US: Plone
-CVE-2015-7316 (Cross-site scripting (XSS) vulnerability in Plone 3.3.0 through 3.3.6, ...)
+CVE-2015-7316
 	NOT-FOR-US: Plone
-CVE-2015-7315 (Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, ...)
+CVE-2015-7315
 	NOT-FOR-US: Plone
-CVE-2015-7310 (McAfee Enterprise Security Manager (ESM), Enterprise Security ...)
+CVE-2015-7310
 	NOT-FOR-US: McAfee
-CVE-2015-7309 (The theme editor in Bolt before 2.2.5 does not check the file ...)
+CVE-2015-7309
 	NOT-FOR-US: Bolt CMS
-CVE-2015-7314 (The Precious module in gollum before 4.0.1 allows remote attackers to ...)
+CVE-2015-7314
 	NOT-FOR-US: Gollum wiki
 CVE-2015-7308
 	RESERVED
-CVE-2015-7307 (Cross-site scripting (XSS) vulnerability in the CMS Updater module ...)
+CVE-2015-7307
 	NOT-FOR-US: CMS Updater module for Drupal
-CVE-2015-7306 (The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not ...)
+CVE-2015-7306
 	NOT-FOR-US: CMS Updater module for Drupal
-CVE-2015-7305 (The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly ...)
+CVE-2015-7305
 	NOT-FOR-US: Scald module for Drupal
-CVE-2015-7304 (Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x ...)
+CVE-2015-7304
 	NOT-FOR-US: amoCRM module for Drupal
-CVE-2015-7303 (Use-after-free vulnerability in the Update Manager service in Avira ...)
+CVE-2015-7303
 	NOT-FOR-US: Avira
 CVE-2015-7302
 	RESERVED
@@ -6308,18 +6308,18 @@ CVE-2015-7301
 	RESERVED
 CVE-2015-7300
 	RESERVED
-CVE-2015-7299 (SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 ...)
+CVE-2015-7299
 	NOT-FOR-US: K2
-CVE-2015-7298 (ownCloud Desktop Client before 2.0.1, when compiled with a Qt release ...)
+CVE-2015-7298
 	- owncloud-client 2.0.0+dfsg-1
 	[jessie] - owncloud-client <not-affected> (not compiled with a Qt release greater than 5.3.x)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-016
-CVE-2015-7297 (SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote ...)
+CVE-2015-7297
 	NOT-FOR-US: Joomla!
 CVE-2015-XXXX [Privilege escalation via core-gui]
 	- core-network <removed> (bug #799756)
 	NOTE: http://pf.itd.nrl.navy.mil/pipermail/core-users/2015-August/001837.html
-CVE-2015-7313 (LibTIFF allows remote attackers to cause a denial of service (memory ...)
+CVE-2015-7313
 	- tiff 4.0.7-1 (bug #800124)
 	[jessie] - tiff <ignored> (Minor issue)
 	[wheezy] - tiff <not-affected> (Can't reproduce)
@@ -6329,158 +6329,158 @@ CVE-2015-7313 (LibTIFF allows remote attackers to cause a denial of service (mem
 	NOTE: Test file here: https://marc.info/?l=oss-security&m=144284777006804&q=p6
 	NOTE: Reproduce with "ltrace -e realloc tiffdither /tmp/oom.tif /dev/null"
 	NOTE: at the end you see "libtiff.so.5->realloc(0, 1636178024)"
-CVE-2015-7311 (libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly ...)
+CVE-2015-7311
 	{DSA-3414-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <not-affected> (Only affects 4.1 and later)
 	NOTE: http://xenbits.xen.org/xsa/advisory-142.html
-CVE-2015-7296 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 ...)
+CVE-2015-7296
 	NOT-FOR-US: Securifi Almond devices
-CVE-2015-7294 (ldapauth-fork before 2.3.3 allows remote attackers to perform LDAP ...)
+CVE-2015-7294
 	NOT-FOR-US: NodeJS ldapauth
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/18/4
 	NOTE: https://github.com/vesse/node-ldapauth-fork/issues/21
 	NOTE: https://github.com/vesse/node-ldapauth-fork/commit/3feea43e243698bcaeffa904a7324f4d96df60e4
 	NOTE: https://nodesecurity.io/advisories/19
-CVE-2015-7293 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zope ...)
+CVE-2015-7293
 	NOT-FOR-US: Zope Management Interface
-CVE-2015-7292 (Stack-based buffer overflow in the havok_write function in ...)
+CVE-2015-7292
 	NOT-FOR-US: Amazon Fire OS
-CVE-2015-7291 (Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the ...)
+CVE-2015-7291
 	NOT-FOR-US: Arris
-CVE-2015-7290 (Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web ...)
+CVE-2015-7290
 	NOT-FOR-US: Arris
-CVE-2015-7289 (Arris DG860A, TG862A, and TG862G devices with firmware ...)
+CVE-2015-7289
 	NOT-FOR-US: Arris
-CVE-2015-7288 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 ...)
+CVE-2015-7288
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7287 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use ...)
+CVE-2015-7287
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7286 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely ...)
+CVE-2015-7286
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7285 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do ...)
+CVE-2015-7285
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7284 (Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N ...)
+CVE-2015-7284
 	NOT-FOR-US: ZyXEL
-CVE-2015-7283 (The web administration interface on ZyXEL NBG-418N devices with ...)
+CVE-2015-7283
 	NOT-FOR-US: ZyXEL
-CVE-2015-7282 (ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source ...)
+CVE-2015-7282
 	NOT-FOR-US: ReadyNet
-CVE-2015-7281 (Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD ...)
+CVE-2015-7281
 	NOT-FOR-US: ReadyNet
-CVE-2015-7280 (The web administration interface on ReadyNet WRT300N-DD devices with ...)
+CVE-2015-7280
 	NOT-FOR-US: ReadyNet
-CVE-2015-7279 (Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper ...)
+CVE-2015-7279
 	NOT-FOR-US: Amped Wireless
-CVE-2015-7278 (Cross-site request forgery (CSRF) vulnerability on Amped Wireless ...)
+CVE-2015-7278
 	NOT-FOR-US: Amped Wireless
-CVE-2015-7277 (The web administration interface on Amped Wireless R10000 devices with ...)
+CVE-2015-7277
 	NOT-FOR-US: Amped Wireless
 CVE-2015-7276
 	RESERVED
-CVE-2015-7275 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 ...)
+CVE-2015-7275
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7274 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows ...)
+CVE-2015-7274
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7273 (Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 ...)
+CVE-2015-7273
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7272 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 ...)
+CVE-2015-7272
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7271 (Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 ...)
+CVE-2015-7271
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7270 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 ...)
+CVE-2015-7270
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7269 (Seagate ST500LT015 hard disk drives, when operating in eDrive mode on ...)
+CVE-2015-7269
 	NOT-FOR-US: Seagate ST500LT015 hard disk drives
-CVE-2015-7268 (Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 ...)
+CVE-2015-7268
 	NOT-FOR-US: Samsung
-CVE-2015-7267 (Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 ...)
+CVE-2015-7267
 	NOT-FOR-US: Samsung
-CVE-2015-7266 (The Interactive Advertising Bureau (IAB) OpenRTB 2.3 protocol ...)
+CVE-2015-7266
 	NOT-FOR-US: Interactive Advertising Bureau (IAB) OpenRTB
-CVE-2015-7265 (Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request ...)
+CVE-2015-7265
 	NOT-FOR-US: Facebook Proxygen
-CVE-2015-7264 (The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a ...)
+CVE-2015-7264
 	NOT-FOR-US: Facebook Proxygen
-CVE-2015-7263 (The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote ...)
+CVE-2015-7263
 	NOT-FOR-US: Facebook Proxygen
-CVE-2015-7262 (QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage ...)
+CVE-2015-7262
 	NOT-FOR-US: QNAP
-CVE-2015-7261 (The FTP service in QNAP iArtist Lite before 1.4.54, as distributed ...)
+CVE-2015-7261
 	NOT-FOR-US: QNAP
-CVE-2015-7260 (Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain ...)
+CVE-2015-7260
 	NOT-FOR-US: Liebert MultiLink Automated Shutdown
-CVE-2015-7259 (ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and ...)
+CVE-2015-7259
 	NOT-FOR-US: ZTE modems
-CVE-2015-7258 (ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and ...)
+CVE-2015-7258
 	NOT-FOR-US: ZTE modems
-CVE-2015-7257 (ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and ...)
+CVE-2015-7257
 	NOT-FOR-US: ZTE modems
-CVE-2015-7256 (ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI ...)
+CVE-2015-7256
 	NOT-FOR-US: ZyXEL
-CVE-2015-7255 (ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, ...)
+CVE-2015-7255
 	NOT-FOR-US: ZTE
-CVE-2015-7254 (Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s ...)
+CVE-2015-7254
 	NOT-FOR-US: Huawei
-CVE-2015-7253 (The Web Console in Commvault Edge Server 10 R2 allows remote attackers ...)
+CVE-2015-7253
 	NOT-FOR-US: Commvault Edge Server
-CVE-2015-7252 (Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ...)
+CVE-2015-7252
 	NOT-FOR-US: ZTE router
-CVE-2015-7251 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a ...)
+CVE-2015-7251
 	NOT-FOR-US: ZTE router
-CVE-2015-7250 (Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN ...)
+CVE-2015-7250
 	NOT-FOR-US: ZTE router
-CVE-2015-7249 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow ...)
+CVE-2015-7249
 	NOT-FOR-US: ZTE router
-CVE-2015-7248 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow ...)
+CVE-2015-7248
 	NOT-FOR-US: ZTE router
-CVE-2015-7247 (D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or ...)
+CVE-2015-7247
 	NOT-FOR-US: D-Link
-CVE-2015-7246 (D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or ...)
+CVE-2015-7246
 	NOT-FOR-US: D-Link
-CVE-2015-7245 (Directory traversal vulnerability in D-Link DVG-N5402SP with firmware ...)
+CVE-2015-7245
 	NOT-FOR-US: D-Link
-CVE-2015-7244 (The default configuration of the server in MobaXterm before 8.3 has a ...)
+CVE-2015-7244
 	NOT-FOR-US: MobaXterm
-CVE-2015-7243 (Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers ...)
+CVE-2015-7243
 	NOT-FOR-US: Boxoft
-CVE-2015-7242 (Cross-site scripting (XSS) vulnerability in the Push-Service-Mails ...)
+CVE-2015-7242
 	NOT-FOR-US: AVM
-CVE-2015-7241 (XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01. ...)
+CVE-2015-7241
 	NOT-FOR-US: SAP Netweaver
 CVE-2015-7240
 	RESERVED
-CVE-2015-7239 (SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function ...)
+CVE-2015-7239
 	NOT-FOR-US: J2EE
-CVE-2015-7238 (The Secondary server in Threat Intelligence Exchange (TIE) before ...)
+CVE-2015-7238
 	NOT-FOR-US: TIE
-CVE-2015-7237 (Directory traversal vulnerability in the remote log viewing ...)
+CVE-2015-7237
 	NOT-FOR-US: McAfee
-CVE-2015-7235 (Multiple SQL injection vulnerabilities in dex_reservations.php in the ...)
+CVE-2015-7235
 	NOT-FOR-US: CP Reservation Calendar plugin for WordPress
-CVE-2015-7234 (The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF ...)
+CVE-2015-7234
 	NOT-FOR-US: OSF module for Drupal
-CVE-2015-7233 (Cross-site request forgery (CSRF) vulnerability in the OSF module ...)
+CVE-2015-7233
 	NOT-FOR-US: OSF module for Drupal
-CVE-2015-7232 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
+CVE-2015-7232
 	NOT-FOR-US: OSF module for Drupal
-CVE-2015-7231 (The Commerce Commonwealth (CBA) module 7.x-1.x before 7.x-1.5 for ...)
+CVE-2015-7231
 	NOT-FOR-US: The Commerce Commonwealth module for Drupal
-CVE-2015-7230 (The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows ...)
+CVE-2015-7230
 	NOT-FOR-US: Workbench Email module for Drupal
-CVE-2015-7229 (The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and ...)
+CVE-2015-7229
 	NOT-FOR-US: Twitter module for Drupal
-CVE-2015-7228 (The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly ...)
+CVE-2015-7228
 	NOT-FOR-US: RESTful module for Drupal
-CVE-2015-7227 (The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal ...)
+CVE-2015-7227
 	NOT-FOR-US: Fieldable Panels Panes module for Drupal
-CVE-2015-7226 (The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal ...)
+CVE-2015-7226
 	NOT-FOR-US: Administration Views module for Drupal
-CVE-2015-7224 (puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass ...)
+CVE-2015-7224
 	- puppet-module-puppetlabs-mysql 3.6.1-1
 	[jessie] - puppet-module-puppetlabs-mysql <not-affected> (Vulnerable code not present)
-CVE-2015-7295 (hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support ...)
+CVE-2015-7295
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.4+dfsg-4 (bug #799452)
 	[jessie] - qemu <no-dsa> (Minor issue; can be fixed along in a later DSA)
@@ -6493,189 +6493,189 @@ CVE-2015-7295 (hw/virtio/virtio.c in the Virtual Network Device (virtio-net) sup
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04729.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04730.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04731.html
-CVE-2015-7223 (The WebExtension APIs in Mozilla Firefox before 43.0 allow remote ...)
+CVE-2015-7223
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-148/
-CVE-2015-7222 (Integer underflow in the Metadata::setData function in MetaData.cpp in ...)
+CVE-2015-7222
 	{DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-147/
 	NOTE: Probably specific to Android
-CVE-2015-7221 (Buffer overflow in the nsDeque::GrowCapacity function in ...)
+CVE-2015-7221
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
-CVE-2015-7220 (Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp ...)
+CVE-2015-7220
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
-CVE-2015-7219 (The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote ...)
+CVE-2015-7219
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-142/
-CVE-2015-7218 (The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote ...)
+CVE-2015-7218
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-142/
-CVE-2015-7217 (The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux ...)
+CVE-2015-7217
 	- iceweasel <not-affected> (Iceweasel in Debian uses the system copy of gdk-pixbuf)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-143/
-CVE-2015-7216 (The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux ...)
+CVE-2015-7216
 	- iceweasel <not-affected> (Iceweasel in Debian uses the system copy of gdk-pixbuf)
 	NOTE: Disabled in src:gdk-pixbuf in 2.31.7-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-143/
-CVE-2015-7215 (The importScripts function in the Web Workers API implementation in ...)
+CVE-2015-7215
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-140/
-CVE-2015-7214 (Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow ...)
+CVE-2015-7214
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-149/
-CVE-2015-7213 (Integer overflow in the MPEG4Extractor::readMetaData function in ...)
+CVE-2015-7213
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-146/
-CVE-2015-7212 (Integer overflow in the ...)
+CVE-2015-7212
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-139/
-CVE-2015-7211 (Mozilla Firefox before 43.0 mishandles the # (number sign) character ...)
+CVE-2015-7211
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-141/
-CVE-2015-7210 (Use-after-free vulnerability in Mozilla Firefox before 43.0 and ...)
+CVE-2015-7210
 	{DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-138/
 CVE-2015-7209
 	REJECTED
-CVE-2015-7208 (Mozilla Firefox before 43.0 stores cookies containing vertical tab ...)
+CVE-2015-7208
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-04/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-137/
-CVE-2015-7207 (Mozilla Firefox before 43.0 does not properly restrict the ...)
+CVE-2015-7207
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-136/
 CVE-2015-7206
 	REJECTED
-CVE-2015-7205 (Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in ...)
+CVE-2015-7205
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-145/
-CVE-2015-7204 (Mozilla Firefox before 43.0 does not properly store the properties of ...)
+CVE-2015-7204
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-135/
-CVE-2015-7203 (Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData ...)
+CVE-2015-7203
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
-CVE-2015-7202 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-7202
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
-CVE-2015-7201 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-7201
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
-CVE-2015-7200 (The CryptoKey interface implementation in Mozilla Firefox before 42.0 ...)
+CVE-2015-7200
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
-CVE-2015-7199 (The (1) AddWeightedPathSegLists and (2) ...)
+CVE-2015-7199
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
-CVE-2015-7198 (Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in ...)
+CVE-2015-7198
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
-CVE-2015-7197 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 ...)
+CVE-2015-7197
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/
-CVE-2015-7196 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a ...)
+CVE-2015-7196
 	{DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-130/
-CVE-2015-7195 (The URL parsing implementation in Mozilla Firefox before 42.0 ...)
+CVE-2015-7195
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-129/
-CVE-2015-7194 (Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ...)
+CVE-2015-7194
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-128/
-CVE-2015-7193 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 ...)
+CVE-2015-7193
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/
-CVE-2015-7192 (The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X ...)
+CVE-2015-7192
 	- iceweasel <not-affected> (Only affects Firefox on MacOS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-126/
-CVE-2015-7191 (Mozilla Firefox before 42.0 on Android improperly restricts URL ...)
+CVE-2015-7191
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-125/
-CVE-2015-7190 (The Search feature in Mozilla Firefox before 42.0 on Android through ...)
+CVE-2015-7190
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-124/
-CVE-2015-7189 (Race condition in the JPEGEncoder function in Mozilla Firefox before ...)
+CVE-2015-7189
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/
-CVE-2015-7188 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow ...)
+CVE-2015-7188
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-122/
-CVE-2015-7187 (The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a &quot;script: ...)
+CVE-2015-7187
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-121/
-CVE-2015-7186 (Mozilla Firefox before 42.0 on Android allows user-assisted remote ...)
+CVE-2015-7186
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-120/
-CVE-2015-7185 (Mozilla Firefox before 42.0 on Android does not ensure that the ...)
+CVE-2015-7185
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-119/
-CVE-2015-7184 (The fetch API implementation in Mozilla Firefox before 41.0.2 does not ...)
+CVE-2015-7184
 	- iceweasel <not-affected> (Affects only Firefox later than 38)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/
-CVE-2015-7183 (Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape ...)
+CVE-2015-7183
 	{DSA-3406-1 DSA-3393-1 DLA-344-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -6694,7 +6694,7 @@ CVE-2015-7183 (Integer overflow in the PL_ARENA_ALLOCATE implementation in Netsc
 	NOTE: Icedove, virtualbox(-ose)? have embedded copies of nspr.
 	NOTE: Fixes impact macros PL_ARENA_ALLOCATE and PL_ARENA_GROW, other packages need to be recompiled:
 	NOTE: jss (on wheezy/jessie) according to codesearch.debian.net
-CVE-2015-7182 (Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network ...)
+CVE-2015-7182
 	{DSA-3688-1 DSA-3410-1 DSA-3393-1 DLA-480-1 DLA-354-1}
 	- nss 2:3.20.1-1
 	NOTE: http://hg.mozilla.org/projects/nss/rev/4dc247276e58
@@ -6706,7 +6706,7 @@ CVE-2015-7182 (Heap-based buffer overflow in the ASN.1 decoder in Mozilla Networ
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
 	NOTE: Patch for wheezy/jessie: https://lists.debian.org/debian-lts/2015/11/msg00098.html
-CVE-2015-7181 (The sec_asn1d_parse_leaf function in Mozilla Network Security Services ...)
+CVE-2015-7181
 	{DSA-3688-1 DSA-3410-1 DSA-3393-1 DLA-480-1 DLA-354-1}
 	- nss 2:3.20.1-1
 	NOTE: http://hg.mozilla.org/projects/nss/rev/8ac7f47eecbb
@@ -6717,33 +6717,33 @@ CVE-2015-7181 (The sec_asn1d_parse_leaf function in Mozilla Network Security Ser
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
 	NOTE: Patch for wheezy/jessie: https://lists.debian.org/debian-lts/2015/11/msg00098.html
-CVE-2015-7180 (The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before ...)
+CVE-2015-7180
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7179 (The VertexBufferInterface::reserveVertexSpace function in libGLES in ...)
+CVE-2015-7179
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
-CVE-2015-7178 (The ProgramBinary::linkAttributes function in libGLES in ANGLE, as ...)
+CVE-2015-7178
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
-CVE-2015-7177 (The InitTextures function in Mozilla Firefox before 41.0 and Firefox ...)
+CVE-2015-7177
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7176 (The AnimationThread function in Mozilla Firefox before 41.0 and ...)
+CVE-2015-7176
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7175 (The XULContentSinkImpl::AddText function in Mozilla Firefox before ...)
+CVE-2015-7175
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7174 (The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before ...)
+CVE-2015-7174
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -6860,183 +6860,183 @@ CVE-2015-7119
 	REJECTED
 CVE-2015-7118
 	RESERVED
-CVE-2015-7117 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7117
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7116 (libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before ...)
+CVE-2015-7116
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
-CVE-2015-7115 (libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before ...)
+CVE-2015-7115
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 CVE-2015-7114
 	REJECTED
-CVE-2015-7113 (The LaunchServices component in Apple iOS before 9.2 and watchOS ...)
+CVE-2015-7113
 	NOT-FOR-US: Apple
-CVE-2015-7112 (The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
+CVE-2015-7112
 	NOT-FOR-US: Apple
-CVE-2015-7111 (The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
+CVE-2015-7111
 	NOT-FOR-US: Apple
-CVE-2015-7110 (The Disk Images component in Apple OS X before 10.11.2 and tvOS before ...)
+CVE-2015-7110
 	NOT-FOR-US: Apple
-CVE-2015-7109 (IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 ...)
+CVE-2015-7109
 	NOT-FOR-US: Apple
-CVE-2015-7108 (The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local ...)
+CVE-2015-7108
 	NOT-FOR-US: Apple
-CVE-2015-7107 (QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows ...)
+CVE-2015-7107
 	NOT-FOR-US: Apple
-CVE-2015-7106 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
+CVE-2015-7106
 	NOT-FOR-US: Apple
-CVE-2015-7105 (CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7105
 	NOT-FOR-US: Apple
-CVE-2015-7104 (WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote ...)
+CVE-2015-7104
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-7103 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7103
 	NOT-FOR-US: Apple
-CVE-2015-7102 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7102
 	NOT-FOR-US: Apple
-CVE-2015-7101 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7101
 	NOT-FOR-US: Apple
-CVE-2015-7100 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7100
 	NOT-FOR-US: Apple
-CVE-2015-7099 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7099
 	NOT-FOR-US: Apple
-CVE-2015-7098 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7098
 	- webkit2gtk 2.10.5-1 (unimportant)
-CVE-2015-7097 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7097
 	NOT-FOR-US: Apple
-CVE-2015-7096 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7096
 	- webkit2gtk 2.10.5-1 (unimportant)
-CVE-2015-7095 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7095
 	NOT-FOR-US: Apple
-CVE-2015-7094 (CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 ...)
+CVE-2015-7094
 	NOT-FOR-US: Apple
-CVE-2015-7093 (Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL ...)
+CVE-2015-7093
 	NOT-FOR-US: Apple
-CVE-2015-7092 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7092
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7091 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7091
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7090 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7090
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7089 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7089
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7088 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7088
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7087 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7087
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7086 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7086
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7085 (Apple QuickTime before 7.7.9 allows remote attackers to execute ...)
+CVE-2015-7085
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7084 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7084
 	NOT-FOR-US: Apple
-CVE-2015-7083 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7083
 	NOT-FOR-US: Apple
-CVE-2015-7082 (Multiple unspecified vulnerabilities in Git before 2.5.4, as used in ...)
+CVE-2015-7082
 	NOT-FOR-US: Apple-specific git extension for Xcode
-CVE-2015-7081 (iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote ...)
+CVE-2015-7081
 	NOT-FOR-US: Apple
-CVE-2015-7080 (Siri in Apple iOS before 9.2 allows physically proximate attackers to ...)
+CVE-2015-7080
 	NOT-FOR-US: Apple
-CVE-2015-7079 (dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment ...)
+CVE-2015-7079
 	NOT-FOR-US: Apple
-CVE-2015-7078 (Use-after-free vulnerability in Hypervisor in Apple OS X before ...)
+CVE-2015-7078
 	NOT-FOR-US: Apple
-CVE-2015-7077 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
+CVE-2015-7077
 	NOT-FOR-US: Apple
-CVE-2015-7076 (The Intel Graphics Driver component in Apple OS X before 10.11.2 ...)
+CVE-2015-7076
 	NOT-FOR-US: Apple
-CVE-2015-7075 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
+CVE-2015-7075
 	NOT-FOR-US: Apple
-CVE-2015-7074 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and ...)
+CVE-2015-7074
 	NOT-FOR-US: Apple
-CVE-2015-7073 (Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and ...)
+CVE-2015-7073
 	NOT-FOR-US: Apple
-CVE-2015-7072 (dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 ...)
+CVE-2015-7072
 	NOT-FOR-US: Apple
-CVE-2015-7071 (The File Bookmark component in Apple OS X before 10.11.2 allows ...)
+CVE-2015-7071
 	NOT-FOR-US: Apple
-CVE-2015-7070 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows ...)
+CVE-2015-7070
 	NOT-FOR-US: Apple
-CVE-2015-7069 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows ...)
+CVE-2015-7069
 	NOT-FOR-US: Apple
-CVE-2015-7068 (IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7068
 	NOT-FOR-US: Apple
-CVE-2015-7067 (IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to ...)
+CVE-2015-7067
 	NOT-FOR-US: Apple
-CVE-2015-7066 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
+CVE-2015-7066
 	NOT-FOR-US: Apple
-CVE-2015-7065 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before ...)
+CVE-2015-7065
 	NOT-FOR-US: Apple
-CVE-2015-7064 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
+CVE-2015-7064
 	NOT-FOR-US: Apple
-CVE-2015-7063 (The kernel loader in EFI in Apple OS X before 10.11.2 allows local ...)
+CVE-2015-7063
 	NOT-FOR-US: Apple
-CVE-2015-7062 (Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to ...)
+CVE-2015-7062
 	NOT-FOR-US: Apple
-CVE-2015-7061 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and ...)
+CVE-2015-7061
 	NOT-FOR-US: Apple
-CVE-2015-7060 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and ...)
+CVE-2015-7060
 	NOT-FOR-US: Apple
-CVE-2015-7059 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and ...)
+CVE-2015-7059
 	NOT-FOR-US: Apple
-CVE-2015-7058 (Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 ...)
+CVE-2015-7058
 	NOT-FOR-US: Apple
-CVE-2015-7057 (otools in Apple Xcode before 7.2 allows local users to gain privileges ...)
+CVE-2015-7057
 	NOT-FOR-US: Apple
-CVE-2015-7056 (IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, ...)
+CVE-2015-7056
 	NOT-FOR-US: Apple
-CVE-2015-7055 (AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 ...)
+CVE-2015-7055
 	NOT-FOR-US: Apple
-CVE-2015-7054 (zlib in the Compression component in Apple iOS before 9.2, OS X before ...)
+CVE-2015-7054
 	NOT-FOR-US: Apple
-CVE-2015-7053 (ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
+CVE-2015-7053
 	NOT-FOR-US: Apple
-CVE-2015-7052 (kext tools in Apple OS X before 10.11.2 mishandles kernel-extension ...)
+CVE-2015-7052
 	NOT-FOR-US: Apple
-CVE-2015-7051 (MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 ...)
+CVE-2015-7051
 	NOT-FOR-US: Apple
-CVE-2015-7050 (WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses ...)
+CVE-2015-7050
 	NOT-FOR-US: Apple
-CVE-2015-7049 (otools in Apple Xcode before 7.2 allows local users to gain privileges ...)
+CVE-2015-7049
 	NOT-FOR-US: Apple
-CVE-2015-7048 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before ...)
+CVE-2015-7048
 	NOT-FOR-US: Apple
-CVE-2015-7047 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7047
 	NOT-FOR-US: Apple
-CVE-2015-7046 (The Sandbox feature in xnu in Apple iOS before 9.2, OS X before ...)
+CVE-2015-7046
 	NOT-FOR-US: Apple
-CVE-2015-7045 (Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 ...)
+CVE-2015-7045
 	NOT-FOR-US: Apple
-CVE-2015-7044 (The System Integrity Protection feature in Apple OS X before 10.11.2 ...)
+CVE-2015-7044
 	NOT-FOR-US: Apple
-CVE-2015-7043 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7043
 	NOT-FOR-US: Apple
-CVE-2015-7042 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7042
 	NOT-FOR-US: Apple
-CVE-2015-7041 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7041
 	NOT-FOR-US: Apple
-CVE-2015-7040 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7040
 	NOT-FOR-US: Apple
-CVE-2015-7039 (Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, ...)
+CVE-2015-7039
 	NOT-FOR-US: Apple
-CVE-2015-7038 (Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, ...)
+CVE-2015-7038
 	NOT-FOR-US: Apple
-CVE-2015-7037 (Directory traversal vulnerability in Mobile Backup in Photos in Apple ...)
+CVE-2015-7037
 	NOT-FOR-US: Apple
-CVE-2015-7036 (The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 ...)
+CVE-2015-7036
 	NOT-FOR-US: Apple
-CVE-2015-7035 (Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and ...)
+CVE-2015-7035
 	NOT-FOR-US: Apple
-CVE-2015-7034 (The Apple iWork application before 2.6 for iOS and Apple Pages before ...)
+CVE-2015-7034
 	NOT-FOR-US: Apple
-CVE-2015-7033 (The Apple iWork application before 2.6 for iOS, Apple Keynote before ...)
+CVE-2015-7033
 	NOT-FOR-US: Apple
-CVE-2015-7032 (The Apple iWork application before 2.6 for iOS, Apple Keynote before ...)
+CVE-2015-7032
 	NOT-FOR-US: Apple
-CVE-2015-7031 (The Web Service component in Apple OS X Server before 5.0.15 omits an ...)
+CVE-2015-7031
 	NOT-FOR-US: Apple
-CVE-2015-7030 (The Swift implementation in Apple Xcode before 7.1 mishandles type ...)
+CVE-2015-7030
 	NOT-FOR-US: Apple
-CVE-2015-7029 (Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before ...)
+CVE-2015-7029
 	NOT-FOR-US: Apple
 CVE-2015-7028
 	REJECTED
@@ -7046,139 +7046,139 @@ CVE-2015-7026
 	REJECTED
 CVE-2015-7025
 	REJECTED
-CVE-2015-7024 (Untrusted search path vulnerability in Apple OS X before 10.11.1 ...)
+CVE-2015-7024
 	NOT-FOR-US: Apple
-CVE-2015-7023 (CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not ...)
+CVE-2015-7023
 	NOT-FOR-US: Apple
-CVE-2015-7022 (The Telephony subsystem in Apple iOS before 9.1 allows attackers to ...)
+CVE-2015-7022
 	NOT-FOR-US: Apple
-CVE-2015-7021 (The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows ...)
+CVE-2015-7021
 	NOT-FOR-US: Apple
-CVE-2015-7020 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X ...)
+CVE-2015-7020
 	NOT-FOR-US: Apple
-CVE-2015-7019 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X ...)
+CVE-2015-7019
 	NOT-FOR-US: Apple
-CVE-2015-7018 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-7018
 	NOT-FOR-US: Apple
-CVE-2015-7017 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
+CVE-2015-7017
 	NOT-FOR-US: Apple
-CVE-2015-7016 (The MCX Application Restrictions component in Apple OS X before ...)
+CVE-2015-7016
 	NOT-FOR-US: Apple
-CVE-2015-7015 (Heap-based buffer overflow in the DNS client library in configd in ...)
+CVE-2015-7015
 	NOT-FOR-US: Apple
-CVE-2015-7014 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+CVE-2015-7014
 	NOT-FOR-US: Apple
-CVE-2015-7013 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
+CVE-2015-7013
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-7012 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+CVE-2015-7012
 	NOT-FOR-US: Apple
-CVE-2015-7011 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
+CVE-2015-7011
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-7010 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-7010
 	NOT-FOR-US: Apple
-CVE-2015-7009 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-7009
 	NOT-FOR-US: Apple
-CVE-2015-7008 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-7008
 	NOT-FOR-US: Apple
-CVE-2015-7007 (Script Editor in Apple OS X before 10.11.1 allows remote attackers to ...)
+CVE-2015-7007
 	NOT-FOR-US: Apple
-CVE-2015-7006 (Directory traversal vulnerability in the BOM (aka Bill of Materials) ...)
+CVE-2015-7006
 	NOT-FOR-US: Apple
-CVE-2015-7005 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
+CVE-2015-7005
 	NOT-FOR-US: Apple
-CVE-2015-7004 (The kernel in Apple iOS before 9.1 allows attackers to cause a denial ...)
+CVE-2015-7004
 	NOT-FOR-US: Apple
-CVE-2015-7003 (coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize ...)
+CVE-2015-7003
 	NOT-FOR-US: Apple
-CVE-2015-7002 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+CVE-2015-7002
 	NOT-FOR-US: Apple
-CVE-2015-7001 (AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
+CVE-2015-7001
 	NOT-FOR-US: Apple
-CVE-2015-7000 (Notification Center in Apple iOS before 9.1 mishandles changes to ...)
+CVE-2015-7000
 	NOT-FOR-US: Apple
-CVE-2015-6999 (The OCSP client in Apple iOS before 9.1 does not check for certificate ...)
+CVE-2015-6999
 	NOT-FOR-US: Apple
 CVE-2015-6998
 	REJECTED
-CVE-2015-6997 (The X.509 certificate-trust implementation in Apple iOS before 9.1 ...)
+CVE-2015-6997
 	NOT-FOR-US: Apple
-CVE-2015-6996 (IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and ...)
+CVE-2015-6996
 	NOT-FOR-US: Apple
-CVE-2015-6995 (The Disk Images component in Apple iOS before 9.1 and OS X before ...)
+CVE-2015-6995
 	NOT-FOR-US: Apple
-CVE-2015-6994 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles ...)
+CVE-2015-6994
 	NOT-FOR-US: Apple
-CVE-2015-6993 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-6993
 	NOT-FOR-US: Apple
-CVE-2015-6992 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
+CVE-2015-6992
 	NOT-FOR-US: Apple
-CVE-2015-6991 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-6991
 	NOT-FOR-US: Apple
-CVE-2015-6990 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-6990
 	NOT-FOR-US: Apple
-CVE-2015-6989 (Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, ...)
+CVE-2015-6989
 	NOT-FOR-US: Apple
-CVE-2015-6988 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not ...)
+CVE-2015-6988
 	NOT-FOR-US: Apple
-CVE-2015-6987 (The File Bookmark component in Apple OS X before 10.11.1 allows local ...)
+CVE-2015-6987
 	NOT-FOR-US: Apple
-CVE-2015-6986 (com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple ...)
+CVE-2015-6986
 	NOT-FOR-US: Apple
-CVE-2015-6985 (Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote ...)
+CVE-2015-6985
 	NOT-FOR-US: Apple
-CVE-2015-6984 (libarchive in Apple OS X before 10.11.1 allows attackers to write to ...)
+CVE-2015-6984
 	NOT-FOR-US: Apple
-CVE-2015-6983 (Double free vulnerability in Apple iOS before 9.1 and OS X before ...)
+CVE-2015-6983
 	NOT-FOR-US: Apple
-CVE-2015-6982 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
+CVE-2015-6982
 	NOT-FOR-US: Apple
-CVE-2015-6981 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
+CVE-2015-6981
 	NOT-FOR-US: Apple
-CVE-2015-6980 (Directory Utility in Apple OS X before 10.11.1 mishandles ...)
+CVE-2015-6980
 	NOT-FOR-US: Apple
-CVE-2015-6979 (GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary ...)
+CVE-2015-6979
 	NOT-FOR-US: Apple
-CVE-2015-6978 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-6978
 	NOT-FOR-US: Apple
-CVE-2015-6977 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-6977
 	NOT-FOR-US: Apple
-CVE-2015-6976 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+CVE-2015-6976
 	NOT-FOR-US: Apple
-CVE-2015-6975 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
+CVE-2015-6975
 	NOT-FOR-US: Apple
-CVE-2015-6974 (IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+CVE-2015-6974
 	NOT-FOR-US: Apple
-CVE-2015-6973 (Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite ...)
+CVE-2015-6973
 	NOT-FOR-US: Openfire
-CVE-2015-6972 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...)
+CVE-2015-6972
 	NOT-FOR-US: Openfire
-CVE-2015-6971 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
+CVE-2015-6971
 	NOT-FOR-US: Lenovo
 CVE-2015-6970
 	RESERVED
-CVE-2015-6969 (Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 ...)
+CVE-2015-6969
 	- serendipity <removed>
-CVE-2015-6968 (Multiple incomplete blacklist vulnerabilities in the ...)
+CVE-2015-6968
 	- serendipity <removed>
-CVE-2015-6967 (Unrestricted file upload vulnerability in the My Image plugin in ...)
+CVE-2015-6967
 	NOT-FOR-US: Nibbleblog
-CVE-2015-6966 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-6966
 	NOT-FOR-US: Nibbleblog
-CVE-2015-6965 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-6965
 	NOT-FOR-US: Contact Form Generator plugin for WordPress
 CVE-2015-6964
 	RESERVED
 CVE-2015-6963
 	REJECTED
-CVE-2015-6962 (SQL injection vulnerability in the web application in Farol allows ...)
+CVE-2015-6962
 	NOT-FOR-US: Farol
-CVE-2015-7236 (Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in ...)
+CVE-2015-7236
 	{DSA-3366-1 DLA-311-1}
 	- rpcbind 0.2.1-6.1 (bug #799307)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=946204
 	NOTE: http://www.spinics.net/lists/linux-nfs/msg53045.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/17/1
-CVE-2015-6961 (Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows ...)
+CVE-2015-6961
 	- web2py 2.12.3-1
 	[jessie] - web2py <ignored> (Minor issue)
 	[wheezy] - web2py <no-dsa> (Minor issue)
@@ -7186,7 +7186,7 @@ CVE-2015-6961 (Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 al
 	NOTE: https://github.com/web2py/web2py/issues/731
 CVE-2015-6960
 	RESERVED
-CVE-2015-6959 (Cross-site scripting (XSS) vulnerability in Vindula 1.9. ...)
+CVE-2015-6959
 	NOT-FOR-US: Vindula
 CVE-2015-6958
 	RESERVED
@@ -7206,59 +7206,59 @@ CVE-2015-6951
 	RESERVED
 CVE-2015-6950
 	RESERVED
-CVE-2015-6949 (Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote ...)
+CVE-2015-6949
 	NOT-FOR-US: ASUS TM-AC1900 router
-CVE-2015-6948 (Heap-based buffer overflow in the Microsoft Word document conversion ...)
+CVE-2015-6948
 	NOT-FOR-US: Corel WordPerfect
 CVE-2015-6947
 	REJECTED
-CVE-2015-6946 (Multiple stack-based buffer overflows in the Reprise License Manager ...)
+CVE-2015-6946
 	NOT-FOR-US: Borland AccuRev
-CVE-2015-6945 (Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador ...)
+CVE-2015-6945
 	NOT-FOR-US: JSP/MySQL Administrador Web 1
-CVE-2015-6944 (Cross-site request forgery (CSRF) vulnerability in JSP/MySQL ...)
+CVE-2015-6944
 	NOT-FOR-US: JSP/MySQL Administrador Web 1
-CVE-2015-6943 (SQL injection vulnerability in the serendipity_checkCommentToken ...)
+CVE-2015-6943
 	- serendipity <removed>
-CVE-2015-6942 (Cross-site scripting (XSS) vulnerability in Coremail XT3.0 allows ...)
+CVE-2015-6942
 	NOT-FOR-US: Coremail
-CVE-2015-6941 (win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before ...)
+CVE-2015-6941
 	- salt 2015.8.1+ds-1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html
 	NOTE: https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710
-CVE-2015-6940 (The GetResource servlet in Pentaho Business Analytics (BA) Suite ...)
+CVE-2015-6940
 	NOT-FOR-US: Pentaho
-CVE-2015-7989 (Cross-site scripting (XSS) vulnerability in the user list table in ...)
+CVE-2015-7989
 	{DSA-3383-1 DSA-3375-1 DLA-321-1}
 	- wordpress 4.3.1+dfsg-1 (bug #799140)
 	NOTE: https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/26/7
-CVE-2015-7337 (The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x ...)
+CVE-2015-7337
 	- ipython <not-affected> (Affects versions 3.0 to 3.2.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/16/3
-CVE-2015-7940 (The Bouncy Castle Java library before 1.51 does not validate a point ...)
+CVE-2015-7940
 	{DSA-3417-1 DLA-361-1}
 	- bouncycastle 1.51-1 (bug #802671)
 	NOTE: https://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
 	NOTE: Commits: https://github.com/bcgit/bc-java/commit/5cb2f05
 	NOTE: Possibly needed to include as well: https://github.com/bcgit/bc-java/commit/e25e94a
 	NOTE: Peter Dettman <peter.dettman@bouncycastle.org> offered to assist if backporting fails and to review the result.
-CVE-2015-6939 (Cross-site scripting (XSS) vulnerability in the login module in ...)
+CVE-2015-6939
 	NOT-FOR-US: Joomla!
 CVE-2015-6936
 	RESERVED
 CVE-2015-6935
 	REJECTED
-CVE-2015-6934 (Serialized-object interfaces in VMware vRealize Orchestrator 6.x, ...)
+CVE-2015-6934
 	NOT-FOR-US: VMware
-CVE-2015-6933 (The VMware Tools HGFS (aka Shared Folders) implementation in VMware ...)
+CVE-2015-6933
 	NOT-FOR-US: VMware
-CVE-2015-6932 (VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify ...)
+CVE-2015-6932
 	NOT-FOR-US: VMware
-CVE-2015-6931 (Cross-site scripting (XSS) vulnerability in the vSphere Web Client in ...)
+CVE-2015-6931
 	NOT-FOR-US: VMware
-CVE-2015-8871 (Use-after-free vulnerability in the opj_j2k_write_mco function in ...)
+CVE-2015-8871
 	{DSA-3665-1}
 	- openjpeg2 2.1.1-1 (bug #800149)
 	- openjpeg <not-affected> (Vulnerable code not present; opj_j2k_write_mco function)
@@ -7268,27 +7268,27 @@ CVE-2015-8871 (Use-after-free vulnerability in the opj_j2k_write_mco function in
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/15/4
 CVE-2015-6930
 	RESERVED
-CVE-2015-6929 (Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks ...)
+CVE-2015-6929
 	NOT-FOR-US: Nokia
-CVE-2015-6928 (classes/admin.class.php in CubeCart 5.2.12 through 5.2.16 and 6.x ...)
+CVE-2015-6928
 	NOT-FOR-US: CubeCart
-CVE-2015-6926 (The OpenID Single Sign-On authentication functionality in OXID eShop ...)
+CVE-2015-6926
 	NOT-FOR-US: OXID eShop
-CVE-2015-6925 (wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to ...)
+CVE-2015-6925
 	- wolfssl 3.9.10+dfsg-1 (bug #801120)
 CVE-2015-6924
 	RESERVED
-CVE-2015-6923 (The ndvbs module in VBox Communications Satellite Express Protocol ...)
+CVE-2015-6923
 	NOT-FOR-US: VBox Communications Satellite Express Protocol
 CVE-2015-6922
 	RESERVED
-CVE-2015-6921 (Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab ...)
+CVE-2015-6921
 	NOT-FOR-US: Zendesk Feedback Tab for Drupal
-CVE-2015-6920 (Cross-site scripting (XSS) vulnerability in js/window.php in the ...)
+CVE-2015-6920
 	NOT-FOR-US: sourceAFRICA plugin for WordPress
-CVE-2015-6919 (Cross-site scripting (XSS) vulnerability in the googleSearch (CSE) ...)
+CVE-2015-6919
 	NOT-FOR-US: googleSearch (CSE) component for Joomla!
-CVE-2015-6918 (salt before 2015.5.5 leaks git usernames and passwords to the log. ...)
+CVE-2015-6918
 	- salt 2015.8.1+ds-1 (bug #803182)
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: https://github.com/saltstack/salt/commit/28aa9b105804ff433d8f663b2f9b804f2b75495a
@@ -7298,19 +7298,19 @@ CVE-2015-6917
 	RESERVED
 CVE-2015-6916
 	RESERVED
-CVE-2015-6915 (SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 ...)
+CVE-2015-6915
 	NOT-FOR-US: Montala Limited ResourceSpace
-CVE-2015-6914 (Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows ...)
+CVE-2015-6914
 	NOT-FOR-US: SiteFactory CMS
-CVE-2015-6913 (Cross-site scripting (XSS) vulnerability in the &quot;Create download task ...)
+CVE-2015-6913
 	NOT-FOR-US: Synology Download Station
-CVE-2015-6912 (Synology Video Station before 1.5-0763 allows remote attackers to ...)
+CVE-2015-6912
 	NOT-FOR-US: Synology Video Station
-CVE-2015-6911 (SQL injection vulnerability in Synology Video Station before 1.5-0763 ...)
+CVE-2015-6911
 	NOT-FOR-US: Synology Video Station
-CVE-2015-6910 (SQL injection vulnerability in Synology Video Station before 1.5-0757 ...)
+CVE-2015-6910
 	NOT-FOR-US: Synology Video Station
-CVE-2015-6909 (Cross-site scripting (XSS) vulnerability in the &quot;Create download task ...)
+CVE-2015-6909
 	NOT-FOR-US: Synology Download Station
 CVE-2015-6907
 	RESERVED
@@ -7392,53 +7392,53 @@ CVE-2015-6869
 	REJECTED
 CVE-2015-6868
 	REJECTED
-CVE-2015-6867 (The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not ...)
+CVE-2015-6867
 	NOT-FOR-US: HP Vertica
 CVE-2015-6866
 	REJECTED
 CVE-2015-6865
 	REJECTED
-CVE-2015-6864 (HPE ArcSight Logger before 6.1P1 allows remote authenticated users to ...)
+CVE-2015-6864
 	NOT-FOR-US: HPE ArcSight Logger
-CVE-2015-6863 (HPE ArcSight Logger before 6.1P1 allows remote attackers to execute ...)
+CVE-2015-6863
 	NOT-FOR-US: HPE ArcSight Logger
-CVE-2015-6862 (HPE UCMDB Browser before 4.02 allows remote attackers to obtain ...)
+CVE-2015-6862
 	NOT-FOR-US: HPE UCMDB Browser
-CVE-2015-6861 (HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated ...)
+CVE-2015-6861
 	NOT-FOR-US: HPE Helion Eucalyptus
-CVE-2015-6860 (HPE Network Switches with software 15.16.x and 15.17.x allow local ...)
+CVE-2015-6860
 	NOT-FOR-US: HPE Network Switches
-CVE-2015-6859 (HPE Network Switches with software 15.16.x and 15.17.x allow local ...)
+CVE-2015-6859
 	NOT-FOR-US: HPE Network Switches
-CVE-2015-6858 (HP Insight Control server provisioning before 7.5.0 RabbitMQ allows ...)
+CVE-2015-6858
 	NOT-FOR-US: HP Insight Control
-CVE-2015-6857 (Unspecified vulnerability in Virtual Table Server (VTS) in HP ...)
+CVE-2015-6857
 	NOT-FOR-US: HP Performance Center
-CVE-2015-6856 (Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local ...)
+CVE-2015-6856
 	NOT-FOR-US: Dell
-CVE-2015-6854 (The non-Domino web agents in CA Single Sign-On (aka SSO, formerly ...)
+CVE-2015-6854
 	NOT-FOR-US: CA Single Sign-On
-CVE-2015-6853 (The Domino web agent in CA Single Sign-On (aka SSO, formerly ...)
+CVE-2015-6853
 	NOT-FOR-US: CA Single Sign-On
-CVE-2015-6852 (Directory traversal vulnerability in the API in EMC Secure Remote ...)
+CVE-2015-6852
 	NOT-FOR-US: EMC Secure Remote Services Virtual Edition
-CVE-2015-6851 (EMC RSA SecurID Web Agent before 8.0 allows physically proximate ...)
+CVE-2015-6851
 	NOT-FOR-US: RSA SecurID
-CVE-2015-6850 (EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a ...)
+CVE-2015-6850
 	NOT-FOR-US: EMC VPLEX
-CVE-2015-6849 (EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before ...)
+CVE-2015-6849
 	NOT-FOR-US: EMC
-CVE-2015-6848 (EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and ...)
+CVE-2015-6848
 	NOT-FOR-US: EMC
-CVE-2015-6847 (The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 ...)
+CVE-2015-6847
 	NOT-FOR-US: EMC VPLEX
-CVE-2015-6846 (EMC SourceOne Email Supervisor before 7.2 uses hardcoded encryption ...)
+CVE-2015-6846
 	NOT-FOR-US: EMC SourceOne
-CVE-2015-6845 (EMC SourceOne Email Supervisor before 7.2 does not properly employ ...)
+CVE-2015-6845
 	NOT-FOR-US: EMC SourceOne
-CVE-2015-6844 (Cross-site scripting (XSS) vulnerability in Reviewer in EMC SourceOne ...)
+CVE-2015-6844
 	NOT-FOR-US: EMC SourceOne
-CVE-2015-6843 (Reviewer in EMC SourceOne Email Supervisor before 7.2 does not ...)
+CVE-2015-6843
 	NOT-FOR-US: EMC SourceOne
 CVE-2015-6842
 	RESERVED
@@ -7446,18 +7446,18 @@ CVE-2015-6841
 	RESERVED
 CVE-2015-6840
 	RESERVED
-CVE-2015-6937 (The __rds_conn_create function in net/rds/connection.c in the Linux ...)
+CVE-2015-6937
 	{DSA-3364-1 DLA-310-1}
 	- linux 4.2.1-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f (v4.3-rc1)
-CVE-2015-6908 (The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 ...)
+CVE-2015-6908
 	{DSA-3356-1 DLA-309-1}
 	- openldap 2.4.42+dfsg-2 (bug #798622)
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240;selectid=8240
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/2
-CVE-2015-7312 (Multiple race conditions in the Advanced Union Filesystem (aufs) ...)
+CVE-2015-7312
 	- linux 4.2.1-1 (bug #796036)
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -7465,7 +7465,7 @@ CVE-2015-7312 (Multiple race conditions in the Advanced Union Filesystem (aufs)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/10/3
 	NOTE: http://sourceforge.net/p/aufs/mailman/message/34449209/
 	NOTE: For Linux kernel with aufs aufs3-mmap.patch or aufs4-mmap.patch mmap patch
-CVE-2015-6855 (hw/ide/core.c in QEMU does not properly restrict the commands accepted ...)
+CVE-2015-6855
 	{DSA-3362-1 DSA-3361-1}
 	- qemu 1:2.4+dfsg-2
 	- qemu-kvm <removed>
@@ -7475,7 +7475,7 @@ CVE-2015-6855 (hw/ide/core.c in QEMU does not properly restrict the commands acc
 	NOTE: Fix commit: http://git.qemu.org/?p=qemu.git;a=commit;h=d9033e1d3aa666c5071580617a57bd853c5d794a
 	NOTE: exec_cmd introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=7cff87ff6ab117799e32e42c2e4dc4c0588e583a
 	NOTE: cmd_table introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=844505b12e722d9ba7060480e766351fc6313501
-CVE-2015-6927 (vzctl before 4.9.4 determines the virtual environment (VE) layout ...)
+CVE-2015-6927
 	{DSA-3357-1}
 	- vzctl 4.9.4-1
 	[wheezy] - vzctl <not-affected> (Vulnerability not present)
@@ -7484,62 +7484,62 @@ CVE-2015-6927 (vzctl before 4.9.4 determines the virtual environment (VE) layout
 	NOTE: https://src.openvz.org/projects/OVZL/repos/vzctl/commits/9e98ea630ac0e88b44e3e23c878a5166aeb74e1c
 	NOTE: https://plus.google.com/+OpenVZorg/posts/gidyrouNi7D
 	NOTE: https://wiki.openvz.org/Download/vzctl/4.9.4
-CVE-2015-6839 (The parse function in MSA vot.Ar 3.1 does not check whether a ...)
+CVE-2015-6839
 	NOT-FOR-US: MSA vot.Ar
-CVE-2015-6829 (Multiple SQL injection vulnerabilities in the getip function in ...)
+CVE-2015-6829
 	NOT-FOR-US: getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin for WordPress
-CVE-2015-6828 (The tweet_info function in class/__functions.php in the SecureMoz ...)
+CVE-2015-6828
 	NOT-FOR-US: SecureMoz plugin
-CVE-2015-6827 (Cross-site request forgery (CSRF) vulnerability in Auto-Exchanger ...)
+CVE-2015-6827
 	NOT-FOR-US: Auto-Exchanger
-CVE-2015-6826 (The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in ...)
+CVE-2015-6826
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a
-CVE-2015-6825 (The ff_frame_thread_init function in libavcodec/pthread_frame.c in ...)
+CVE-2015-6825
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f1a38264f20382731cf2cc75fdd98f4c9a84a626
-CVE-2015-6824 (The sws_init_context function in libswscale/utils.c in FFmpeg before ...)
+CVE-2015-6824
 	{DLA-1611-2}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a5d44d5c220e12ca0cb7a4eceb0f74759cb13111
-CVE-2015-6823 (The allocate_buffers function in libavcodec/alac.c in FFmpeg before ...)
+CVE-2015-6823
 	{DLA-1611-2}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7068bf277a37479aecde2832208d820682b35e6
-CVE-2015-6822 (The destroy_buffers function in libavcodec/sanm.c in FFmpeg before ...)
+CVE-2015-6822
 	{DLA-1611-2 DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4
-CVE-2015-6821 (The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg ...)
+CVE-2015-6821
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b160fc290cf49b516c5b6ee0730fd9da7fc623b1
-CVE-2015-6820 (The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before ...)
+CVE-2015-6820
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=79a98294da6cd85f8c86b34764c5e0c43b09eea3
-CVE-2015-6819 (Multiple integer underflows in the ff_mjpeg_decode_frame function in ...)
+CVE-2015-6819
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <not-affected> (Vulnerable code not present in any Libav version)
-CVE-2015-6818 (The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before ...)
+CVE-2015-6818
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -7550,21 +7550,21 @@ CVE-2015-6814
 	RESERVED
 CVE-2015-6813
 	RESERVED
-CVE-2015-6812 (Invision Power Services IPS Community Suite (aka Invision Power Board, ...)
+CVE-2015-6812
 	NOT-FOR-US: Invision Power Services IPS Community Suite
-CVE-2015-6811 (SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP ...)
+CVE-2015-6811
 	NOT-FOR-US: Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS
-CVE-2015-6810 (Cross-site scripting (XSS) vulnerability in Invision Power Services ...)
+CVE-2015-6810
 	NOT-FOR-US: Invision Power Services IPS Community Suite
-CVE-2015-6809 (Multiple cross-site scripting (XSS) vulnerabilities in BEdita before ...)
+CVE-2015-6809
 	NOT-FOR-US: BEdita
-CVE-2015-6808 (Cross-site scripting (XSS) vulnerability in the Spotlight module ...)
+CVE-2015-6808
 	NOT-FOR-US: Spotlight module for Drupal
-CVE-2015-6807 (Cross-site scripting (XSS) vulnerability in the Mass Contact module ...)
+CVE-2015-6807
 	NOT-FOR-US: Mass Contact module for Drupal
-CVE-2015-6805 (Cross-site scripting (XSS) vulnerability in the MDC Private Message ...)
+CVE-2015-6805
 	NOT-FOR-US: MDC Private Message plugin for WordPress
-CVE-2015-6830 (libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin ...)
+CVE-2015-6830
 	{DSA-3382-1}
 	- phpmyadmin 4:4.4.14.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
@@ -7579,7 +7579,7 @@ CVE-2015-XXXX [hardening for RSA-CRT leak]
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b85c8d6645039fc9d403791750510e439731d479
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/08/5
 	NOTE: Thread on oss-security to clarify if this should be CVE-2015-5738 or a new CVE
-CVE-2015-6838 (The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP ...)
+CVE-2015-6838
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	- hhvm 3.12.1+dfsg-1
@@ -7587,26 +7587,26 @@ CVE-2015-6838 (The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in P
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
 	NOTE: https://github.com/facebook/hhvm/commit/f358ec0e905df41feaa9dc75f4dee814cfe5a60a
-CVE-2015-6837 (The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP ...)
+CVE-2015-6837
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69782
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6836 (The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, ...)
+CVE-2015-6836
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70388
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6835 (The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, ...)
+CVE-2015-6835
 	{DSA-3358-1}
 	- php5 5.6.13+dfsg-1
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugs.php.net/bug.php?id=70219
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6834 (Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x ...)
+CVE-2015-6834
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70172
@@ -7614,10 +7614,10 @@ CVE-2015-6834 (Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5
 	NOTE: https://bugs.php.net/bug.php?id=70366
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-7225 (Tinfoil Devise-two-factor before 2.0.0 does not strictly follow ...)
+CVE-2015-7225
 	- ruby-devise-two-factor 2.0.0-1 (bug #798466)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/06/2
-CVE-2015-8777 (The process_envvars function in elf/rtld.c in the GNU C Library (aka ...)
+CVE-2015-8777
 	{DSA-3480-1 DLA-316-1}
 	- glibc 2.21-1 (bug #798316; bug #801691)
 	[jessie] - glibc 2.19-18+deb8u2
@@ -7635,7 +7635,7 @@ CVE-2015-6815 [Qemu: net: e1000 infinite loop issue]
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/04/4
 	NOTE: Upstream fix: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html
-CVE-2015-6816 (ganglia-web before 3.7.1 allows remote attackers to bypass ...)
+CVE-2015-6816
 	- ganglia-web <unfixed> (unimportant; bug #798213)
 	- ganglia 3.6.0-1 (unimportant)
 	[squeeze] - ganglia <not-affected> (affected code not present)
@@ -7643,7 +7643,7 @@ CVE-2015-6816 (ganglia-web before 3.7.1 allows remote attackers to bypass ...)
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/04/2
 	NOTE: https://github.com/ganglia/ganglia-web/issues/267
-CVE-2015-6817 (PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows ...)
+CVE-2015-6817
 	- pgbouncer 1.6.1-1
 	[jessie] - pgbouncer <not-affected> (Introduced in 1.6)
 	[wheezy] - pgbouncer <not-affected> (Introduced in 1.6)
@@ -7664,7 +7664,7 @@ CVE-2015-XXXX [Memory corruption]
 	NOTE: https://github.com/LibVNC/libvncserver/commit/804335f9d296440bb708ca844f5d89b58b50b0c6
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/03/8
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=706087#c1 notes that the fix breaks ABI
-CVE-2015-6938 (Cross-site scripting (XSS) vulnerability in the file browser in ...)
+CVE-2015-6938
 	- ipython 2.4.1-1 (low; bug #798886)
 	[jessie] - ipython <no-dsa> (Minor issue)
 	[wheezy] - ipython <no-dsa> (Minor issue)
@@ -7695,148 +7695,148 @@ CVE-2015-6794
 	RESERVED
 CVE-2015-6793
 	RESERVED
-CVE-2015-6792 (The MIDI subsystem in Google Chrome before 47.0.2526.106 does not ...)
+CVE-2015-6792
 	{DSA-3456-1}
 	- chromium-browser 47.0.2526.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.de/2015/12/stable-channel-update_15.html
-CVE-2015-6791 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-6791
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6790 (The WebPageSerializerImpl::openTagToString function in ...)
+CVE-2015-6790
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6789 (Race condition in the MutationObserver implementation in Blink, as ...)
+CVE-2015-6789
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6788 (The ObjectBackedNativeHandler class in ...)
+CVE-2015-6788
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6787 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-6787
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6786 (The CSPSourceList::matches function in ...)
+CVE-2015-6786
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6785 (The CSPSource::hostMatches function in ...)
+CVE-2015-6785
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6784 (The page serializer in Google Chrome before 47.0.2526.73 mishandles ...)
+CVE-2015-6784
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6783 (The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in ...)
+CVE-2015-6783
 	- chromium-browser <not-affected> (android only)
-CVE-2015-6782 (The Document::open function in WebKit/Source/core/dom/Document.cpp in ...)
+CVE-2015-6782
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6781 (Integer overflow in the FontData::Bound function in data/font_data.cc ...)
+CVE-2015-6781
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6780 (Use-after-free vulnerability in the Infobars implementation in Google ...)
+CVE-2015-6780
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6779 (PDFium, as used in Google Chrome before 47.0.2526.73, does not ...)
+CVE-2015-6779
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6778 (The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in ...)
+CVE-2015-6778
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6777 (Use-after-free vulnerability in the ...)
+CVE-2015-6777
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6776 (The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in ...)
+CVE-2015-6776
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6775 (fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome ...)
+CVE-2015-6775
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6774 (Use-after-free vulnerability in the GetLoadTimes function in ...)
+CVE-2015-6774
 	{DSA-3415-1}
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6773 (The convolution implementation in Skia, as used in Google Chrome ...)
+CVE-2015-6773
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6772 (The DOM implementation in Blink, as used in Google Chrome before ...)
+CVE-2015-6772
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6771 (js/array.js in Google V8, as used in Google Chrome before ...)
+CVE-2015-6771
 	{DSA-3415-1}
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6770 (The DOM implementation in Google Chrome before 47.0.2526.73 allows ...)
+CVE-2015-6770
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6769 (The provisional-load commit implementation in ...)
+CVE-2015-6769
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6768 (The DOM implementation in Google Chrome before 47.0.2526.73 allows ...)
+CVE-2015-6768
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6767 (Use-after-free vulnerability in ...)
+CVE-2015-6767
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6766 (Use-after-free vulnerability in the AppCache implementation in Google ...)
+CVE-2015-6766
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6765 (Use-after-free vulnerability in ...)
+CVE-2015-6765
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6764 (The BasicJsonStringifier::SerializeJSArray function in ...)
+CVE-2015-6764
 	{DSA-3415-1}
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
@@ -7846,17 +7846,17 @@ CVE-2015-6764 (The BasicJsonStringifier::SerializeJSArray function in ...)
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6763 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-6763
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6762 (The CSSFontFaceSrcValue::fetch function in ...)
+CVE-2015-6762
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6761 (The update_dimensions function in libavcodec/vp8.c in FFmpeg through ...)
+CVE-2015-6761
 	{DSA-3376-1 DLA-1611-1}
 	- ffmpeg 7:2.8.1-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -7870,66 +7870,66 @@ CVE-2015-6761 (The update_dimensions function in libavcodec/vp8.c in FFmpeg thro
 	NOTE: Starting with 44.0.2403.157-1 chromium uses the ffmpeg system copy
 	NOTE: It looks like this relates to multithreaded decoding of VPx codecs, which is not implemented in the squeeze version. But I'm not sure as the second bug report is still private.
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=dabea74d0e82ea80cd344f630497cafcb3ef872c
-CVE-2015-6760 (The Image11::map function in renderer/d3d/d3d11/Image11.cpp in ...)
+CVE-2015-6760
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6759 (The shouldTreatAsUniqueOrigin function in ...)
+CVE-2015-6759
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6758 (The CPDF_Document::GetPage function in ...)
+CVE-2015-6758
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6757 (Use-after-free vulnerability in ...)
+CVE-2015-6757
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6756 (Use-after-free vulnerability in the CPDFSDK_PageView implementation in ...)
+CVE-2015-6756
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6755 (The ContainerNode::parserInsertBefore function in ...)
+CVE-2015-6755
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6754 (Cross-site scripting (XSS) vulnerability in the administration ...)
+CVE-2015-6754
 	NOT-FOR-US: Drupal Path Breadcrumbs module
-CVE-2015-6753 (Multiple cross-site scripting (XSS) vulnerabilities in the Quick Edit ...)
+CVE-2015-6753
 	NOT-FOR-US: Drupal Quick Edit module
-CVE-2015-6752 (Cross-site scripting (XSS) vulnerability in the Search API ...)
+CVE-2015-6752
 	NOT-FOR-US: Drupal Search API Autocomplete module
-CVE-2015-6751 (Multiple cross-site scripting (XSS) vulnerabilities in the Time ...)
+CVE-2015-6751
 	NOT-FOR-US: Drupal Time Tracker module
-CVE-2015-6750 (Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows ...)
+CVE-2015-6750
 	NOT-FOR-US: Ricoh DL FTP Server
-CVE-2015-6747 (Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent ...)
+CVE-2015-6747
 	NOT-FOR-US: Basware Banking
-CVE-2015-6746 (Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys ...)
+CVE-2015-6746
 	NOT-FOR-US: Basware Banking
-CVE-2015-6745 (Basware Banking (Maksuliikenne) 8.90.07.X relies on the client to ...)
+CVE-2015-6745
 	NOT-FOR-US: Basware Banking
-CVE-2015-6744 (Basware Banking (Maksuliikenne) before 8.90.07.X relies on the client ...)
+CVE-2015-6744
 	NOT-FOR-US: Basware Banking
-CVE-2015-6743 (Basware Banking (Maksuliikenne) 8.90.07.X uses a hardcoded password ...)
+CVE-2015-6743
 	NOT-FOR-US: Basware Banking
-CVE-2015-6742 (Basware Banking (Maksuliikenne) before 8.90.07.X uses a hardcoded ...)
+CVE-2015-6742
 	NOT-FOR-US: Basware Banking
-CVE-2015-6723 (The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6723
 	NOT-FOR-US: Adobe
-CVE-2015-6806 (The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does ...)
+CVE-2015-6806
 	{DSA-3352-1 DLA-305-1}
 	- screen 4.3.1-2 (bug #797624)
 	NOTE: https://savannah.gnu.org/bugs/?45713
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/01/1
-CVE-2015-6749 (Buffer overflow in the aiff_open function in oggenc/audio.c in ...)
+CVE-2015-6749
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-7 (bug #797461)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
@@ -7943,7 +7943,7 @@ CVE-2015-6739
 	RESERVED
 CVE-2015-6738
 	RESERVED
-CVE-2015-6748 (Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3. ...)
+CVE-2015-6748
 	- jsoup 1.8.3-1 (bug #797275)
 	[jessie] - jsoup <no-dsa> (Minor issue)
 	[wheezy] - jsoup <no-dsa> (Minor issue)
@@ -7953,11 +7953,11 @@ CVE-2015-6748 (Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3. .
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/28/3
 CVE-2015-6726
 	RESERVED
-CVE-2015-6725 (The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6725
 	NOT-FOR-US: Adobe
-CVE-2015-6724 (The ANSendForApproval method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6724
 	NOT-FOR-US: Adobe
-CVE-2015-5723 (Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before ...)
+CVE-2015-5723
 	{DSA-3369-1}
 	- php-doctrine-annotations 1.2.7-1 (low)
 	[jessie] - php-doctrine-annotations 1.2.1-1+deb8u1
@@ -7980,107 +7980,107 @@ CVE-2015-5723 (Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x b
 	NOTE: http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html
 	NOTE: https://github.com/aws/aws-sdk-php/releases/tag/3.2.1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-07
-CVE-2015-6722 (The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6722
 	NOT-FOR-US: Adobe
-CVE-2015-6721 (The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat ...)
+CVE-2015-6721
 	NOT-FOR-US: Adobe
-CVE-2015-6720 (The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6720
 	NOT-FOR-US: Adobe
-CVE-2015-6719 (The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6719
 	NOT-FOR-US: Adobe
-CVE-2015-6718 (The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat ...)
+CVE-2015-6718
 	NOT-FOR-US: Adobe
-CVE-2015-6717 (The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6717
 	NOT-FOR-US: Adobe
-CVE-2015-6716 (The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6716
 	NOT-FOR-US: Adobe
-CVE-2015-6715 (The Function apply implementation in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6715
 	NOT-FOR-US: Adobe
-CVE-2015-6714 (The Function bind implementation in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6714
 	NOT-FOR-US: Adobe
-CVE-2015-6713 (The Function call implementation in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6713
 	NOT-FOR-US: Adobe
-CVE-2015-6712 (The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat ...)
+CVE-2015-6712
 	NOT-FOR-US: Adobe
-CVE-2015-6711 (The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6711
 	NOT-FOR-US: Adobe
-CVE-2015-6710 (The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 ...)
+CVE-2015-6710
 	NOT-FOR-US: Adobe
-CVE-2015-6709 (The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 ...)
+CVE-2015-6709
 	NOT-FOR-US: Adobe
-CVE-2015-6708 (The ANStartApproval method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6708
 	NOT-FOR-US: Adobe
-CVE-2015-6707 (The ANSendForReview method in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6707
 	NOT-FOR-US: Adobe
-CVE-2015-6706 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-6706
 	NOT-FOR-US: Adobe
-CVE-2015-6705 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-6705
 	NOT-FOR-US: Adobe
-CVE-2015-6704 (The animations property implementation in Adobe Reader and Acrobat ...)
+CVE-2015-6704
 	NOT-FOR-US: Adobe
-CVE-2015-6703 (The loadFlashMovie function in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6703
 	NOT-FOR-US: Adobe
-CVE-2015-6702 (The createSquareMesh function in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6702
 	NOT-FOR-US: Adobe
-CVE-2015-6701 (The ambientIlluminationColor property implementation in Adobe Reader ...)
+CVE-2015-6701
 	NOT-FOR-US: Adobe
-CVE-2015-6700 (The setBackground function in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6700
 	NOT-FOR-US: Adobe
-CVE-2015-6699 (The addForegroundSprite function in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6699
 	NOT-FOR-US: Adobe
-CVE-2015-6698 (Heap-based buffer overflow in the AcroForm implementation in Adobe ...)
+CVE-2015-6698
 	NOT-FOR-US: Adobe
-CVE-2015-6697 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-6697
 	NOT-FOR-US: Adobe
-CVE-2015-6696 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6696
 	NOT-FOR-US: Adobe
-CVE-2015-6695 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-6695
 	NOT-FOR-US: Adobe
-CVE-2015-6694 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-6694
 	NOT-FOR-US: Adobe
-CVE-2015-6693 (The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x ...)
+CVE-2015-6693
 	NOT-FOR-US: Adobe
-CVE-2015-6692 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and ...)
+CVE-2015-6692
 	NOT-FOR-US: Adobe
-CVE-2015-6691 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6691
 	NOT-FOR-US: Adobe
-CVE-2015-6690 (Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader ...)
+CVE-2015-6690
 	NOT-FOR-US: Adobe
-CVE-2015-6689 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6689
 	NOT-FOR-US: Adobe
-CVE-2015-6688 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6688
 	NOT-FOR-US: Adobe
-CVE-2015-6687 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6687
 	NOT-FOR-US: Adobe
-CVE-2015-6686 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-6686
 	NOT-FOR-US: Adobe
-CVE-2015-6685 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-6685
 	NOT-FOR-US: Adobe
-CVE-2015-6684 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6684
 	NOT-FOR-US: Adobe
-CVE-2015-6683 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-6683
 	NOT-FOR-US: Adobe
-CVE-2015-6682 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
+CVE-2015-6682
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6681 (Adobe Shockwave Player before 12.2.0.162 allows attackers to execute ...)
+CVE-2015-6681
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2015-6680 (Adobe Shockwave Player before 12.2.0.162 allows attackers to execute ...)
+CVE-2015-6680
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2015-6679 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-6679
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6678 (Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x ...)
+CVE-2015-6678
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6677 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-6677
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6676 (Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x ...)
+CVE-2015-6676
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6675 (Siemens RUGGEDCOM ROS 3.8.0 through 4.1.x permanently enables the IP ...)
+CVE-2015-6675
 	NOT-FOR-US: Siemens RUGGEDCOM ROS
-CVE-2015-6672 (Cross-site scripting (XSS) vulnerability in the Administrative Web ...)
+CVE-2015-6672
 	NOT-FOR-US: Citrix
-CVE-2015-6671 (Open edX edx-platform before 2015-08-25 requires use of the database ...)
+CVE-2015-6671
 	NOT-FOR-US: Open edX
-CVE-2015-6670 (ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before ...)
+CVE-2015-6670
 	{DSA-3373-1}
 	- owncloud 7.0.8~dfsg-1
 	[experimental] - owncloud-calendar 0.7.3-1
@@ -8088,15 +8088,15 @@ CVE-2015-6670 (ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x befor
 	NOTE: https://github.com/owncloud/calendar/commit/4e0306adb13b19919e90857eaf7681303cd45414
 CVE-2015-6669
 	RESERVED
-CVE-2015-6668 (The Job Manager plugin before 0.7.25 allows remote attackers to read ...)
+CVE-2015-6668
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-6667
 	RESERVED
-CVE-2015-6664 (XML external entity (XXE) vulnerability in the application import ...)
+CVE-2015-6664
 	NOT-FOR-US: SAP Mobile Platform
-CVE-2015-6663 (Cross-site scripting (XSS) vulnerability in the Client form in the ...)
+CVE-2015-6663
 	NOT-FOR-US: SAP Afaria
-CVE-2015-6662 (XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 ...)
+CVE-2015-6662
 	NOT-FOR-US: SAP NetWeaver Portal
 CVE-2015-6657
 	RESERVED
@@ -8104,9 +8104,9 @@ CVE-2015-6656
 	RESERVED
 CVE-2015-6666
 	REJECTED
-CVE-2015-6655 (Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 ...)
+CVE-2015-6655
 	NOT-FOR-US: Pligg CMS
-CVE-2015-6654 (The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, ...)
+CVE-2015-6654
 	{DSA-3414-1}
 	- xen 4.8.0~rc3-1 (bug #823620; bug #800128)
 	[wheezy] - xen <not-affected> (Xen on arm not yet supported)
@@ -8124,126 +8124,126 @@ CVE-2015-6649
 	REJECTED
 CVE-2015-6648
 	RESERVED
-CVE-2015-6647 (The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 ...)
+CVE-2015-6647
 	NOT-FOR-US: Android
-CVE-2015-6646 (The System V IPC implementation in the kernel in Android before 6.0 ...)
+CVE-2015-6646
 	NOT-FOR-US: Android
 	NOTE: https://source.android.com/security/bulletin/2016-01-01.html
 	NOTE: This doesn't represent a specific kernel vulnerability. Android does not need and did not apply resource limits to System V IPC.
-CVE-2015-6645 (SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...)
+CVE-2015-6645
 	NOT-FOR-US: Android
-CVE-2015-6644 (Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...)
+CVE-2015-6644
 	{DSA-3829-1 DLA-893-1}
 	- bouncycastle 1.54-1
 	NOTE: https://source.android.com/security/bulletin/2016-01-01.html#information_disclosure_vulnerability_in_bouncy_castle
 	NOTE: https://android.googlesource.com/platform/external/bouncycastle/+/3e128c5fea3a0ca2d372aa09c4fd4bb0eadfbd3f
 	NOTE: Fixed differently upstream https://github.com/bcgit/bc-java/issues/177#issuecomment-290671336
-CVE-2015-6643 (Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before ...)
+CVE-2015-6643
 	NOT-FOR-US: Android
-CVE-2015-6642 (The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...)
+CVE-2015-6642
 	NOT-FOR-US: Qualcomm driver for Android
 	NOTE: https://www.codeaurora.org/projects/security-advisories/information-disclosure-vulnerability-kernel-ipc-router-module-cve-2015-6642
-CVE-2015-6641 (Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to ...)
+CVE-2015-6641
 	NOT-FOR-US: Android
-CVE-2015-6640 (The prctl_set_vma_anon_name function in kernel/sys.c in Android before ...)
+CVE-2015-6640
 	NOT-FOR-US: Android kernel extension
 	NOTE: https://android.googlesource.com/kernel%2Fcommon/+/69bfe2d957d903521d32324190c2754cb073be15
-CVE-2015-6639 (The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 ...)
+CVE-2015-6639
 	NOT-FOR-US: Android
-CVE-2015-6638 (The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F ...)
+CVE-2015-6638
 	NOT-FOR-US: Imagination driver for Android
-CVE-2015-6637 (The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 ...)
+CVE-2015-6637
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2015-6636 (mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before ...)
+CVE-2015-6636
 	NOT-FOR-US: Android Mediaserver
 CVE-2015-6635
 	RESERVED
-CVE-2015-6634 (The display drivers in Android before 5.1.1 LMY48Z allow remote ...)
+CVE-2015-6634
 	NOT-FOR-US: Android
-CVE-2015-6633 (The display drivers in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6633
 	NOT-FOR-US: Android
-CVE-2015-6632 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6632
 	NOT-FOR-US: libstagefright
-CVE-2015-6631 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6631
 	NOT-FOR-US: libstagefright
-CVE-2015-6630 (SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
+CVE-2015-6630
 	NOT-FOR-US: Android
-CVE-2015-6629 (Wi-Fi in Android 5.x before 5.1.1 LMY48Z allows attackers to obtain ...)
+CVE-2015-6629
 	NOT-FOR-US: Android
-CVE-2015-6628 (Media Framework in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6628
 	NOT-FOR-US: Android
-CVE-2015-6627 (The Audio component in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6627
 	NOT-FOR-US: Android
-CVE-2015-6626 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6626
 	NOT-FOR-US: libstagefright
-CVE-2015-6625 (System Server in Android 6.0 before 2015-12-01 allows attackers to ...)
+CVE-2015-6625
 	NOT-FOR-US: Android
-CVE-2015-6624 (System Server in Android 6.0 before 2015-12-01 allows attackers to ...)
+CVE-2015-6624
 	NOT-FOR-US: Android
-CVE-2015-6623 (Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain ...)
+CVE-2015-6623
 	NOT-FOR-US: Android
-CVE-2015-6622 (The Native Frameworks Library in Android before 5.1.1 LMY48Z and 6.0 ...)
+CVE-2015-6622
 	NOT-FOR-US: Android
-CVE-2015-6621 (SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
+CVE-2015-6621
 	NOT-FOR-US: Android
-CVE-2015-6620 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6620
 	NOT-FOR-US: libstagefright
-CVE-2015-6619 (The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
+CVE-2015-6619
 	- linux <not-affected> (Appears to be caused by a flawed backport of O_TMPFILE feature)
 	NOTE: https://android.googlesource.com/device%2Fhtc%2Fflounder-kernel/+/25d3e5d71865a7c0324423fad87aaabb70e82ee4
-CVE-2015-6618 (Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows ...)
+CVE-2015-6618
 	NOT-FOR-US: Android
-CVE-2015-6617 (Skia, as used in Android before 5.1.1 LMY48Z and 6.0 before ...)
+CVE-2015-6617
 	- skia <itp> (bug #818180)
-CVE-2015-6616 (mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
+CVE-2015-6616
 	NOT-FOR-US: mediaserver in Android
 CVE-2015-6615
 	RESERVED
-CVE-2015-6614 (Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain ...)
+CVE-2015-6614
 	NOT-FOR-US: Android
-CVE-2015-6613 (Bluetooth in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
+CVE-2015-6613
 	NOT-FOR-US: Android
-CVE-2015-6612 (libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
+CVE-2015-6612
 	NOT-FOR-US: Android
-CVE-2015-6611 (mediaserver in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
+CVE-2015-6611
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-6610 (libstagefright in Android before 5.1.1 LMY48X and 6.0 before ...)
+CVE-2015-6610
 	NOT-FOR-US: libstagefright
-CVE-2015-6609 (libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
+CVE-2015-6609
 	- android-platform-frameworks-native <unfixed> (unimportant; bug #806375)
-CVE-2015-6608 (mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before ...)
+CVE-2015-6608
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-6607 (SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows ...)
+CVE-2015-6607
 	NOT-FOR-US: Android
 	NOTE: The change simply rebased sqlite to 3.8.9, which seems to have happened
 	NOTE: for CVE-2015-3414, CVE-2015-3415 and CVE-2015-3416, but no new sqlite issue
-CVE-2015-6606 (The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin ...)
+CVE-2015-6606
 	NOT-FOR-US: Android
-CVE-2015-6605 (mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a ...)
+CVE-2015-6605
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-6604 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-6604
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6603 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-6603
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6602 (libutils in Android through 5.1.1 LMY48M allows remote attackers to ...)
+CVE-2015-6602
 	- android-platform-frameworks-native <unfixed> (unimportant; bug #806375)
-CVE-2015-6601 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-6601
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6600 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-6600
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6599 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-6599
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6598 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-6598
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-6597
 	RESERVED
-CVE-2015-6596 (mediaserver in Android before 5.1.1 LMY48T allows attackers to gain ...)
+CVE-2015-6596
 	NOT-FOR-US: mediaserver in Android
 CVE-2015-6595
 	RESERVED
 CVE-2015-6594
 	RESERVED
-CVE-2015-6592 (Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require ...)
+CVE-2015-6592
 	NOT-FOR-US: Huawei
 CVE-2015-6591
 	RESERVED
@@ -8251,34 +8251,34 @@ CVE-2015-6590
 	RESERVED
 CVE-2015-6589
 	RESERVED
-CVE-2015-6588 (Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX ...)
+CVE-2015-6588
 	NOT-FOR-US: MODX Revolution
-CVE-2015-6587 (The vlserver in OpenAFS before 1.6.13 allows remote authenticated ...)
+CVE-2015-6587
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt
-CVE-2015-6586 (The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with ...)
+CVE-2015-6586
 	NOT-FOR-US: Huawei
-CVE-2015-6585 (hwpapp.dll in Hangul Word Processor allows remote attackers to execute ...)
+CVE-2015-6585
 	NOT-FOR-US: Hangul Word Processor
-CVE-2015-6584 (Cross-site scripting (XSS) vulnerability in the DataTables plugin ...)
+CVE-2015-6584
 	- datatables.js 1.10.9+dfsg-1
 	NOTE: http://www.securityfocus.com/archive/1/archive/1/536437/100/0/threaded
 	NOTE: https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/
 	NOTE: https://github.com/DataTables/DataTables/issues/602
 	NOTE: https://github.com/DataTables/DataTablesSrc/commit/ccf86dc5982bd8e16d
 	NOTE: https://nodesecurity.io/advisories/5
-CVE-2015-6583 (Google Chrome before 45.0.2454.85 does not display a location bar for ...)
+CVE-2015-6583
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6582 (The decompose function in platform/transforms/TransformationMatrix.cpp ...)
+CVE-2015-6582
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6581 (Double free vulnerability in the ...)
+CVE-2015-6581
 	{DSA-3665-1}
 	- openjpeg <not-affected> (Vulnerable code not present, function opj_j2k_copy_default_tcp_and_create_tcd)
 	- openjpeg2 2.1.1-1 (bug #800453)
@@ -8287,7 +8287,7 @@ CVE-2015-6581 (Double free vulnerability in the ...)
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6580 (Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, ...)
+CVE-2015-6580
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
@@ -8298,11 +8298,11 @@ CVE-2015-6578
 	RESERVED
 CVE-2015-6577
 	RESERVED
-CVE-2015-6576 (Bamboo 2.2 before 5.8.5 and 5.9.x before 5.9.7 allows remote attackers ...)
+CVE-2015-6576
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2015-6575 (SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does ...)
+CVE-2015-6575
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6574 (The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP ...)
+CVE-2015-6574
 	NOT-FOR-US: SISCO MMS-EASE
 CVE-2015-6573
 	RESERVED
@@ -8312,13 +8312,13 @@ CVE-2015-6571
 	RESERVED
 CVE-2015-6570
 	RESERVED
-CVE-2015-6569 (Race condition in the LoadBalancer module in the Atlassian Floodlight ...)
+CVE-2015-6569
 	NOT-FOR-US: Atlassian
-CVE-2015-6568 (Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code ...)
+CVE-2015-6568
 	NOT-FOR-US: Wolf CMS
-CVE-2015-6567 (Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code ...)
+CVE-2015-6567
 	NOT-FOR-US: Wolf CMS
-CVE-2015-6566 (zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 ...)
+CVE-2015-6566
 	- zarafa <itp> (bug #658433)
 CVE-2015-6562
 	RESERVED
@@ -8330,51 +8330,51 @@ CVE-2015-6559
 	RESERVED
 CVE-2015-6558
 	RESERVED
-CVE-2015-6557 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+CVE-2015-6557
 	NOT-FOR-US: IBM
-CVE-2015-6556 (EACommunicatorSrv.exe in the Framework Service in the client in ...)
+CVE-2015-6556
 	NOT-FOR-US: Symantec
-CVE-2015-6555 (Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 ...)
+CVE-2015-6555
 	NOT-FOR-US: Symantec
-CVE-2015-6554 (Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 ...)
+CVE-2015-6554
 	NOT-FOR-US: Symantec
 CVE-2015-6553
 	REJECTED
-CVE-2015-6552 (The management-services protocol implementation in Veritas NetBackup ...)
+CVE-2015-6552
 	NOT-FOR-US: Veritas NetBackup
-CVE-2015-6551 (Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and ...)
+CVE-2015-6551
 	NOT-FOR-US: Veritas NetBackup
-CVE-2015-6550 (bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through ...)
+CVE-2015-6550
 	NOT-FOR-US: Veritas NetBackup
-CVE-2015-6549 (Cross-site scripting (XSS) vulnerability in an application console in ...)
+CVE-2015-6549
 	NOT-FOR-US: Symantec NetBackup OpsCenter
-CVE-2015-6548 (Multiple SQL injection vulnerabilities in a PHP script in the ...)
+CVE-2015-6548
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-6547 (The management console on Symantec Web Gateway (SWG) appliances with ...)
+CVE-2015-6547
 	NOT-FOR-US: Semantec Web Gateway
-CVE-2015-6546 (The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, ...)
+CVE-2015-6546
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-6545 (Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb ...)
+CVE-2015-6545
 	NOT-FOR-US: Cerb
-CVE-2015-6544 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-6544
 	NOT-FOR-US: Combodo
 CVE-2015-6543
 	RESERVED
 CVE-2015-6542
 	REJECTED
-CVE-2015-6541 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail ...)
+CVE-2015-6541
 	NOT-FOR-US: Zimbra
-CVE-2015-6540 (Cross-site scripting (XSS) vulnerability in Intellect Design Arena ...)
+CVE-2015-6540
 	NOT-FOR-US: Intellect Design Arena Intellect Core banking
 CVE-2015-6539
 	RESERVED
-CVE-2015-6538 (The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles ...)
+CVE-2015-6538
 	NOT-FOR-US: Epiphany Cardio Server
-CVE-2015-6537 (SQL injection vulnerability in the login page in Epiphany Cardio ...)
+CVE-2015-6537
 	NOT-FOR-US: Epiphany Cardio Server
 CVE-2015-6536
 	RESERVED
-CVE-2015-6535 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-6535
 	NOT-FOR-US: YouTube Embed plugin for WordPress
 CVE-2015-6534
 	RESERVED
@@ -8382,104 +8382,104 @@ CVE-2015-6533
 	RESERVED
 CVE-2015-6532
 	RESERVED
-CVE-2015-6531 (Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 ...)
+CVE-2015-6531
 	NOT-FOR-US: Palo Alto Networks Panorama VM Appliance
-CVE-2015-6530 (Cross-site scripting (XSS) vulnerability in OpenText Secure MFT 2013 ...)
+CVE-2015-6530
 	NOT-FOR-US: OpenText Secure MFT 2013
-CVE-2015-6529 (Multiple cross-site scripting (XSS) vulnerabilities in phpipam 1.1.010 ...)
+CVE-2015-6529
 	- phpipam <itp> (bug #731713)
-CVE-2015-6528 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-6528
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2015-6525 (Multiple integer overflows in the evbuffer API in Libevent 2.0.x ...)
+CVE-2015-6525
 	{DSA-3119-1}
 	- libevent 2.0.21-stable-2
 	[squeeze] - libevent <not-affected> (Only for issues in 2.0.x and 2.1.x)
 	NOTE: Split from CVE-2014-6272
-CVE-2015-6524 (The LDAPLoginModule implementation in the Java Authentication and ...)
+CVE-2015-6524
 	- activemq 5.6.0+dfsg1-4 (low)
 	[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
-CVE-2015-6523 (Cross-site request forgery (CSRF) vulnerability in the Portfolio ...)
+CVE-2015-6523
 	NOT-FOR-US: Portfolio plugin for WordPress
-CVE-2015-6522 (SQL injection vulnerability in the WP Symposium plugin before 15.8 for ...)
+CVE-2015-6522
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2015-6661 (Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to ...)
+CVE-2015-6661
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6660 (The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not ...)
+CVE-2015-6660
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6659 (SQL injection vulnerability in the SQL comment filtering system in the ...)
+CVE-2015-6659
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6658 (Cross-site scripting (XSS) vulnerability in the Autocomplete system in ...)
+CVE-2015-6658
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6665 (Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal ...)
+CVE-2015-6665
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6673 (Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32. ...)
+CVE-2015-6673
 	- libpgf 6.14.12-3.2 (bug #798032)
 	[jessie] - libpgf <no-dsa> (Minor issue, can be fixed via a point release)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/14
 	NOTE: Details on the CVE assignment: http://www.openwall.com/lists/oss-security/2015/08/25/9
 	NOTE: https://sourceforge.net/p/libpgf/code/147/
 	NOTE: https://sourceforge.net/p/libpgf/code/148/
-CVE-2015-6527 (The php_str_replace_in_subject function in ext/standard/string.c in ...)
+CVE-2015-6527
 	- php5 <not-affected> (Specific to PHP 7)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5
 	NOTE: https://bugs.php.net/bug.php?id=70140
-CVE-2015-6521 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS ...)
+CVE-2015-6521
 	NOT-FOR-US: ATutor
-CVE-2015-6519 (SQL injection vulnerability in Arab Portal 3 allows remote attackers ...)
+CVE-2015-6519
 	NOT-FOR-US: Arab Portal 3
-CVE-2015-6518 (Multiple cross-site scripting (XSS) vulnerabilities in phpLiteAdmin ...)
+CVE-2015-6518
 	- phpliteadmin <not-affected> (Fixed before initial upload)
-CVE-2015-6517 (Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 ...)
+CVE-2015-6517
 	- phpliteadmin <not-affected> (Fixed before initial upload)
-CVE-2015-6516 (SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier ...)
+CVE-2015-6516
 	NOT-FOR-US: cygnux.org sysPass
-CVE-2015-6515 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2015-6515
 	NOT-FOR-US: Splunk
-CVE-2015-6514 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk ...)
+CVE-2015-6514
 	NOT-FOR-US: Splunk Enterprise
-CVE-2015-6513 (Multiple SQL injection vulnerabilities in the J2Store (com_j2store) ...)
+CVE-2015-6513
 	NOT-FOR-US: Joomla extension com_j2store
-CVE-2015-6512 (SQL injection vulnerability in the get_messages function in ...)
+CVE-2015-6512
 	NOT-FOR-US: FreiChat
-CVE-2015-6511 (Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 ...)
+CVE-2015-6511
 	NOT-FOR-US: pfSense
-CVE-2015-6510 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense before ...)
+CVE-2015-6510
 	NOT-FOR-US: pfSense
-CVE-2015-6509 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense before ...)
+CVE-2015-6509
 	NOT-FOR-US: pfSense
-CVE-2015-6508 (Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 ...)
+CVE-2015-6508
 	NOT-FOR-US: pfSense
-CVE-2015-6507 (The hdbsql client 1.00.091.00 Build 1418659308-1530 in SAP HANA allows ...)
+CVE-2015-6507
 	NOT-FOR-US: SAP
-CVE-2015-6833 (Directory traversal vulnerability in the PharData class in PHP before ...)
+CVE-2015-6833
 	{DSA-3344-1 DLA-341-1}
 	- php5 5.6.12+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70019
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/3
 	NOTE: Fixed upstream in 5.4.44 and 5.6.12
-CVE-2015-6831 (Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, ...)
+CVE-2015-6831
 	{DSA-3344-1 DLA-341-1}
 	- php5 5.6.12+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70169
@@ -8488,7 +8488,7 @@ CVE-2015-6831 (Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.
 	NOTE: https://bugs.php.net/bug.php?id=70155
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/3
 	NOTE: Fixed upstream in 5.4.44 and 5.6.12
-CVE-2015-6832 (Use-after-free vulnerability in the SPL unserialize implementation in ...)
+CVE-2015-6832
 	{DSA-3344-1 DLA-341-1}
 	- php5 5.6.12+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70068
@@ -8500,11 +8500,11 @@ CVE-2015-6504
 	RESERVED
 CVE-2015-6503
 	RESERVED
-CVE-2015-6502 (Cross-site scripting (XSS) vulnerability in the console in Puppet ...)
+CVE-2015-6502
 	NOT-FOR-US: Puppet Enterprise
-CVE-2015-6501 (Open redirect vulnerability in the Console in Puppet Enterprise before ...)
+CVE-2015-6501
 	- puppet <not-affected> (Limited to Puppet Enterprise)
-CVE-2015-6500 (Directory traversal vulnerability in ownCloud Server before 8.0.6 and ...)
+CVE-2015-6500
 	{DSA-3373-1}
 	- owncloud 7.0.10~dfsg-2 (bug #800126)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-014
@@ -8512,93 +8512,93 @@ CVE-2015-6500 (Directory traversal vulnerability in ownCloud Server before 8.0.6
 	NOTE: https://github.com/owncloud/core/commit/9f8c0a3a8d14f1c127b2034faa14d8d309f962e9
 CVE-2015-6499
 	RESERVED
-CVE-2015-6498 (Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 ...)
+CVE-2015-6498
 	NOT-FOR-US: Alcatel-Lucent Home Device Manager
 CVE-2015-6497
 	RESERVED
 CVE-2015-6495
 	RESERVED
-CVE-2015-6494 (Cross-site scripting (XSS) vulnerability in Infinite Automation Mango ...)
+CVE-2015-6494
 	NOT-FOR-US: Infinite Automation Mango Automation
-CVE-2015-6493 (Cross-site request forgery (CSRF) vulnerability in Infinite Automation ...)
+CVE-2015-6493
 	NOT-FOR-US: Infinite Automation Mango Automation
-CVE-2015-6492 (Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 ...)
+CVE-2015-6492
 	NOT-FOR-US: Allen-Bradley MicroLogix
-CVE-2015-6491 (Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 ...)
+CVE-2015-6491
 	NOT-FOR-US: Allen-Bradley MicroLogix
-CVE-2015-6490 (Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices ...)
+CVE-2015-6490
 	NOT-FOR-US: Allen-Bradley MicroLogix
 CVE-2015-6489
 	RESERVED
-CVE-2015-6488 (Cross-site scripting (XSS) vulnerability in the web server on ...)
+CVE-2015-6488
 	NOT-FOR-US: Allen-Bradley MicroLogix
 CVE-2015-6487
 	REJECTED
-CVE-2015-6486 (SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices ...)
+CVE-2015-6486
 	NOT-FOR-US: Allen-Bradley MicroLogix
-CVE-2015-6485 (Schneider Electric Telvent Sage 2300 RTUs with firmware before ...)
+CVE-2015-6485
 	NOT-FOR-US: Schneider
-CVE-2015-6484 (3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote ...)
+CVE-2015-6484
 	NOT-FOR-US: 3S-Smart CODESYS
 CVE-2015-6483
 	RESERVED
-CVE-2015-6482 (Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 ...)
+CVE-2015-6482
 	NOT-FOR-US: 3S-Smart CODESYS
-CVE-2015-6481 (The login function in the RequestController class in Moxa OnCell ...)
+CVE-2015-6481
 	NOT-FOR-US: Moxa
-CVE-2015-6480 (The MessageBrokerServlet servlet in Moxa OnCell Central Manager before ...)
+CVE-2015-6480
 	NOT-FOR-US: Moxa
-CVE-2015-6479 (ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, ...)
+CVE-2015-6479
 	NOT-FOR-US: Sierra Wireless ALEOS
-CVE-2015-6478 (Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict ...)
+CVE-2015-6478
 	NOT-FOR-US: Unitronics VisiLogic OPLC IDE
-CVE-2015-6477 (Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm ...)
+CVE-2015-6477
 	NOT-FOR-US: Nordex Control
-CVE-2015-6476 (Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x ...)
+CVE-2015-6476
 	NOT-FOR-US: Advantech EKI-122x-BE devices
-CVE-2015-6475 (Multiple cross-site scripting (XSS) vulnerabilities in IBC Solar ...)
+CVE-2015-6475
 	NOT-FOR-US: ServeMaster
-CVE-2015-6474 (IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers ...)
+CVE-2015-6474
 	NOT-FOR-US: ServeMaster
-CVE-2015-6473 (WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain ...)
+CVE-2015-6473
 	NOT-FOR-US: WAGO IO
-CVE-2015-6472 (WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO ...)
+CVE-2015-6472
 	NOT-FOR-US: WAGO IO
-CVE-2015-6471 (Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 ...)
+CVE-2015-6471
 	NOT-FOR-US: Eaton Cooper Power Systems ProView
-CVE-2015-6470 (Resource Data Management Data Manager before 2.2 allows remote ...)
+CVE-2015-6470
 	NOT-FOR-US: Resource Data Manager
-CVE-2015-6469 (The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ ...)
+CVE-2015-6469
 	NOT-FOR-US: ServerMaster
-CVE-2015-6468 (Cross-site request forgery (CSRF) vulnerability in Resource Data ...)
+CVE-2015-6468
 	NOT-FOR-US: Resource Data Manager
-CVE-2015-6467 (Advantech WebAccess before 8.1 allows remote attackers to execute ...)
+CVE-2015-6467
 	NOT-FOR-US: Advantech
-CVE-2015-6466 (Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature ...)
+CVE-2015-6466
 	NOT-FOR-US: Moxa switches
-CVE-2015-6465 (The GoAhead web server on Moxa EDS-405A and EDS-408A switches with ...)
+CVE-2015-6465
 	NOT-FOR-US: Moxa switches
-CVE-2015-6464 (The administrative web interface on Moxa EDS-405A and EDS-408A ...)
+CVE-2015-6464
 	NOT-FOR-US: Moxa switches
-CVE-2015-6463 (CodeWrights HART Comm DTM components, as used with Endress+Hauser ...)
+CVE-2015-6463
 	NOT-FOR-US: CodeWrights HART Comm DTM components
 CVE-2015-6462
 	RESERVED
 CVE-2015-6461
 	RESERVED
-CVE-2015-6460 (Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway ...)
+CVE-2015-6460
 	NOT-FOR-US: CODESYS Gateway Server
-CVE-2015-6459 (Absolute path traversal vulnerability in the download feature in ...)
+CVE-2015-6459
 	NOT-FOR-US: FileDownloadServlet
 CVE-2015-6458
 	RESERVED
 CVE-2015-6457
 	RESERVED
-CVE-2015-6456 (GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before ...)
+CVE-2015-6456
 	NOT-FOR-US: PulseNET
 CVE-2015-6455
 	REJECTED
-CVE-2015-6454 (Everest PeakHMI before 8.7.0.2, when the video server is used, allows ...)
+CVE-2015-6454
 	NOT-FOR-US: PeakHMI
 CVE-2015-6453
 	REJECTED
@@ -8636,157 +8636,157 @@ CVE-2015-6437
 	REJECTED
 CVE-2015-6436
 	REJECTED
-CVE-2015-6435 (An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower ...)
+CVE-2015-6435
 	NOT-FOR-US: Cisco
-CVE-2015-6434 (Cisco Prime Infrastructure does not properly restrict use of IFRAME ...)
+CVE-2015-6434
 	NOT-FOR-US: Cisco
-CVE-2015-6433 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+CVE-2015-6433
 	NOT-FOR-US: Cisco
-CVE-2015-6432 (Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, ...)
+CVE-2015-6432
 	NOT-FOR-US: Cisco
-CVE-2015-6431 (Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of ...)
+CVE-2015-6431
 	NOT-FOR-US: Cisco
 CVE-2015-6430
 	RESERVED
-CVE-2015-6429 (The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 ...)
+CVE-2015-6429
 	NOT-FOR-US: Cisco
-CVE-2015-6428 (Cisco DPQ3925 devices with EDVA r1 Base allow remote attackers to ...)
+CVE-2015-6428
 	NOT-FOR-US: Cisco
-CVE-2015-6427 (Cisco FireSIGHT Management Center allows remote attackers to bypass ...)
+CVE-2015-6427
 	NOT-FOR-US: Cisco
-CVE-2015-6426 (Cisco Prime Network Services Controller 3.0 allows local users to ...)
+CVE-2015-6426
 	NOT-FOR-US: Cisco
-CVE-2015-6425 (The WebApplications Identity Management subsystem in Cisco Unified ...)
+CVE-2015-6425
 	NOT-FOR-US: Cisco
-CVE-2015-6424 (The boot manager in Cisco Application Policy Infrastructure Controller ...)
+CVE-2015-6424
 	NOT-FOR-US: Cisco
-CVE-2015-6423 (The DCERPC Inspection implementation in Cisco Adaptive Security ...)
+CVE-2015-6423
 	NOT-FOR-US: Cisco
-CVE-2015-6422 (The self-service application in Cisco Unified Communications Domain ...)
+CVE-2015-6422
 	NOT-FOR-US: Cisco
-CVE-2015-6421 (cifs-ao in the CIFS optimization functionality on Cisco Wide Area ...)
+CVE-2015-6421
 	NOT-FOR-US: Cisco
-CVE-2015-6420 (Serialized-object interfaces in certain Cisco Collaboration and Social ...)
+CVE-2015-6420
 	NOT-FOR-US: Cisco
-CVE-2015-6419 (Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, ...)
+CVE-2015-6419
 	NOT-FOR-US: Cisco
-CVE-2015-6418 (The random-number generator on Cisco Small Business RV routers 4.x and ...)
+CVE-2015-6418
 	NOT-FOR-US: Cisco
-CVE-2015-6417 (Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and ...)
+CVE-2015-6417
 	NOT-FOR-US: Cisco
-CVE-2015-6416 (Cross-site scripting (XSS) vulnerability in Cisco Unified Email ...)
+CVE-2015-6416
 	NOT-FOR-US: Cisco
-CVE-2015-6415 (Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect ...)
+CVE-2015-6415
 	NOT-FOR-US: Cisco
-CVE-2015-6414 (Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same ...)
+CVE-2015-6414
 	NOT-FOR-US: Cisco
-CVE-2015-6413 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 ...)
+CVE-2015-6413
 	NOT-FOR-US: Cisco
-CVE-2015-6412 (Cisco Modular Encoding Platform D9036 Software before 02.04.70 has ...)
+CVE-2015-6412
 	NOT-FOR-US: Cisco
-CVE-2015-6411 (Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides ...)
+CVE-2015-6411
 	NOT-FOR-US: Cisco
-CVE-2015-6410 (The Mobile and Remote Access (MRA) services implementation in Cisco ...)
+CVE-2015-6410
 	NOT-FOR-US: Cisco
-CVE-2015-6409 (Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows ...)
+CVE-2015-6409
 	NOT-FOR-US: Cisco
-CVE-2015-6408 (Cross-site request forgery (CSRF) vulnerability in Cisco Unity ...)
+CVE-2015-6408
 	NOT-FOR-US: Cisco
-CVE-2015-6407 (Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to ...)
+CVE-2015-6407
 	NOT-FOR-US: Cisco
-CVE-2015-6406 (Directory traversal vulnerability in the Tools menu in Cisco Emergency ...)
+CVE-2015-6406
 	NOT-FOR-US: Cisco
-CVE-2015-6405 (Cross-site request forgery (CSRF) vulnerability in Cisco Emergency ...)
+CVE-2015-6405
 	NOT-FOR-US: Cisco
-CVE-2015-6404 (Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use ...)
+CVE-2015-6404
 	NOT-FOR-US: Cisco
-CVE-2015-6403 (The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x ...)
+CVE-2015-6403
 	NOT-FOR-US: Cisco
-CVE-2015-6402 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2015-6402
 	NOT-FOR-US: Cisco
-CVE-2015-6401 (Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote ...)
+CVE-2015-6401
 	NOT-FOR-US: Cisco
-CVE-2015-6400 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency ...)
+CVE-2015-6400
 	NOT-FOR-US: Cisco
-CVE-2015-6399 (The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management ...)
+CVE-2015-6399
 	NOT-FOR-US: Cisco
-CVE-2015-6398 (Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode ...)
+CVE-2015-6398
 	NOT-FOR-US: Cisco
-CVE-2015-6397 (Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC ...)
+CVE-2015-6397
 	NOT-FOR-US: Cisco
-CVE-2015-6396 (The CLI command parser on Cisco RV110W, RV130W, and RV215W devices ...)
+CVE-2015-6396
 	NOT-FOR-US: Cisco
-CVE-2015-6395 (Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not ...)
+CVE-2015-6395
 	NOT-FOR-US: Cisco
-CVE-2015-6394 (The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows ...)
+CVE-2015-6394
 	NOT-FOR-US: Cisco
-CVE-2015-6393 (Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, ...)
+CVE-2015-6393
 	NOT-FOR-US: Cisco
-CVE-2015-6392 (Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, ...)
+CVE-2015-6392
 	NOT-FOR-US: Cisco
-CVE-2015-6391 (Cisco Unified SIP 3905 phones allow remote attackers to cause a denial ...)
+CVE-2015-6391
 	NOT-FOR-US: Cisco
-CVE-2015-6390 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2015-6390
 	NOT-FOR-US: Cisco
-CVE-2015-6389 (Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser ...)
+CVE-2015-6389
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-6388 (Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows ...)
+CVE-2015-6388
 	NOT-FOR-US: Cisco
-CVE-2015-6387 (Cross-site scripting (XSS) vulnerability in Cisco Unified Computing ...)
+CVE-2015-6387
 	NOT-FOR-US: Cisco
-CVE-2015-6386 (The passthrough FTP feature on Cisco Web Security Appliance (WSA) ...)
+CVE-2015-6386
 	NOT-FOR-US: Cisco
-CVE-2015-6385 (The publish-event event-manager feature in Cisco IOS 15.5(2)S and ...)
+CVE-2015-6385
 	NOT-FOR-US: Cisco
-CVE-2015-6384 (The Cisco WebEx Meetings application before 8.5.1 for Android ...)
+CVE-2015-6384
 	NOT-FOR-US: Cisco
-CVE-2015-6383 (Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software ...)
+CVE-2015-6383
 	NOT-FOR-US: Cisco
-CVE-2015-6382 (Cisco ASR 5000 devices with software 16.0(900) allow remote attackers ...)
+CVE-2015-6382
 	NOT-FOR-US: Cisco
 CVE-2015-6381
 	RESERVED
-CVE-2015-6380 (An unspecified script in the web interface in Cisco Firepower ...)
+CVE-2015-6380
 	NOT-FOR-US: Cisco
-CVE-2015-6379 (The XML parser in the management interface in Cisco Adaptive Security ...)
+CVE-2015-6379
 	NOT-FOR-US: Cisco
-CVE-2015-6378 (Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 ...)
+CVE-2015-6378
 	NOT-FOR-US: Cisco
-CVE-2015-6377 (Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote ...)
+CVE-2015-6377
 	NOT-FOR-US: Cisco
-CVE-2015-6376 (Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence ...)
+CVE-2015-6376
 	NOT-FOR-US: Cisco
-CVE-2015-6375 (The debug-logging (aka debug cns) feature in Cisco Networking Services ...)
+CVE-2015-6375
 	NOT-FOR-US: Cisco
-CVE-2015-6374 (The web interface in Cisco Firepower Extensible Operating System ...)
+CVE-2015-6374
 	NOT-FOR-US: Cisco
-CVE-2015-6373 (Cross-site request forgery (CSRF) vulnerability in Cisco Firepower ...)
+CVE-2015-6373
 	NOT-FOR-US: Cisco
-CVE-2015-6372 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+CVE-2015-6372
 	NOT-FOR-US: Cisco
-CVE-2015-6371 (Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower ...)
+CVE-2015-6371
 	NOT-FOR-US: Cisco
-CVE-2015-6370 (The Management I/O (MIO) component in Cisco Firepower Extensible ...)
+CVE-2015-6370
 	NOT-FOR-US: Cisco
-CVE-2015-6369 (The USB driver in Cisco Firepower Extensible Operating System ...)
+CVE-2015-6369
 	NOT-FOR-US: Cisco
-CVE-2015-6368 (Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower ...)
+CVE-2015-6368
 	NOT-FOR-US: Cisco
-CVE-2015-6367 (Cisco Aironet 1800 devices with software 8.1(131.0) allow remote ...)
+CVE-2015-6367
 	NOT-FOR-US: Cisco
-CVE-2015-6366 (Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs ...)
+CVE-2015-6366
 	NOT-FOR-US: Cisco
-CVE-2015-6365 (Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs ...)
+CVE-2015-6365
 	NOT-FOR-US: Cisco
-CVE-2015-6364 (Cisco Content Delivery System Manager Software 3.2 on Videoscape ...)
+CVE-2015-6364
 	NOT-FOR-US: Cisco
-CVE-2015-6363 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2015-6363
 	NOT-FOR-US: Cisco
-CVE-2015-6362 (The web GUI in Cisco Connected Grid Network Management System (CG-NMS) ...)
+CVE-2015-6362
 	NOT-FOR-US: Cisco
-CVE-2015-6361 (The administrative web interface on Cisco DPC3939 (XB3) devices with ...)
+CVE-2015-6361
 	NOT-FOR-US: Cisco
-CVE-2015-6360 (The encryption-processing feature in Cisco libSRTP before 1.5.3 allows ...)
+CVE-2015-6360
 	{DSA-3539-1 DLA-393-1}
 	[experimental] - srtp 1.5.3~dfsg-1
 	- srtp 1.4.5~20130609~dfsg-1.2 (bug #807698)
@@ -8794,221 +8794,221 @@ CVE-2015-6360 (The encryption-processing feature in Cisco libSRTP before 1.5.3 a
 	NOTE: Fixup: https://github.com/cisco/libsrtp/commit/be95365fbb4788b688cab7af61c65b7989055fb4
 	NOTE: Fixup: https://github.com/cisco/libsrtp/commit/be06686c8e98cc7bd934e10abb6f5e971d03f8ee
 	NOTE: Fixup: https://github.com/cisco/libsrtp/commit/cdc69f2acde796a4152a250f869271298abc233f
-CVE-2015-6359 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+CVE-2015-6359
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6358 (Multiple Cisco embedded devices use hardcoded X.509 certificates and ...)
+CVE-2015-6358
 	NOT-FOR-US: Cisco
-CVE-2015-6357 (The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 ...)
+CVE-2015-6357
 	NOT-FOR-US: Cisco FireSIGHT
-CVE-2015-6356 (Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco ...)
+CVE-2015-6356
 	NOT-FOR-US: Cisco
-CVE-2015-6355 (The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on ...)
+CVE-2015-6355
 	NOT-FOR-US: Cisco
-CVE-2015-6354 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight ...)
+CVE-2015-6354
 	NOT-FOR-US: Cisco
-CVE-2015-6353 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight ...)
+CVE-2015-6353
 	NOT-FOR-US: Cisco
-CVE-2015-6352 (Cisco Unified Communications Domain Manager before 10.6(1) provides ...)
+CVE-2015-6352
 	NOT-FOR-US: Cisco
-CVE-2015-6351 (Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices ...)
+CVE-2015-6351
 	NOT-FOR-US: Cisco
-CVE-2015-6350 (SQL injection vulnerability in the web framework in Cisco Prime ...)
+CVE-2015-6350
 	NOT-FOR-US: Cisco
-CVE-2015-6349 (Cross-site scripting (XSS) vulnerability in the web interface in the ...)
+CVE-2015-6349
 	NOT-FOR-US: Cisco
-CVE-2015-6348 (The report-generation web interface in the Solution Engine in Cisco ...)
+CVE-2015-6348
 	NOT-FOR-US: Cisco
-CVE-2015-6347 (The Solution Engine in Cisco Secure Access Control Server (ACS) ...)
+CVE-2015-6347
 	NOT-FOR-US: Cisco
-CVE-2015-6346 (Cross-site scripting (XSS) vulnerability in Cisco Secure Access ...)
+CVE-2015-6346
 	NOT-FOR-US: Cisco
-CVE-2015-6345 (SQL injection vulnerability in the Solution Engine in Cisco Secure ...)
+CVE-2015-6345
 	NOT-FOR-US: Cisco
-CVE-2015-6344 (The web-based GUI in Cisco Adaptive Security Appliance (ASA) CX ...)
+CVE-2015-6344
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-6343 (The SIP implementation in Cisco IOS 15.5(3)M on Cisco Unified Border ...)
+CVE-2015-6343
 	NOT-FOR-US: Cisco
 CVE-2015-6342
 	REJECTED
-CVE-2015-6341 (The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices ...)
+CVE-2015-6341
 	NOT-FOR-US: Cisco
-CVE-2015-6340 (The Proxy Mobile IPv6 (PMIPv6) component in the CDMA implementation on ...)
+CVE-2015-6340
 	NOT-FOR-US: Cisco
 CVE-2015-6339
 	REJECTED
 CVE-2015-6338
 	REJECTED
-CVE-2015-6337 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy ...)
+CVE-2015-6337
 	NOT-FOR-US: Cisco
-CVE-2015-6336 (Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), ...)
+CVE-2015-6336
 	NOT-FOR-US: Cisco
-CVE-2015-6335 (The policy implementation in Cisco FireSIGHT Management Center ...)
+CVE-2015-6335
 	NOT-FOR-US: Cisco
-CVE-2015-6334 (Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and ...)
+CVE-2015-6334
 	NOT-FOR-US: Cisco
-CVE-2015-6333 (Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows ...)
+CVE-2015-6333
 	NOT-FOR-US: Cisco
-CVE-2015-6332 (Cisco Prime Infrastructure 2.2 allows remote attackers to cause a ...)
+CVE-2015-6332
 	NOT-FOR-US: Cisco
-CVE-2015-6331 (SQL injection vulnerability in the web framework in Cisco Prime ...)
+CVE-2015-6331
 	NOT-FOR-US: Cisco
-CVE-2015-6330 (Cross-site request forgery (CSRF) vulnerability in Cisco Prime ...)
+CVE-2015-6330
 	NOT-FOR-US: Cisco
-CVE-2015-6329 (SQL injection vulnerability in Cisco Prime Collaboration Provisioning ...)
+CVE-2015-6329
 	NOT-FOR-US: Cisco
-CVE-2015-6328 (The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) ...)
+CVE-2015-6328
 	NOT-FOR-US: Cisco
-CVE-2015-6327 (The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2015-6327
 	NOT-FOR-US: Cisco
-CVE-2015-6326 (Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before ...)
+CVE-2015-6326
 	NOT-FOR-US: Cisco
-CVE-2015-6325 (Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before ...)
+CVE-2015-6325
 	NOT-FOR-US: Cisco
-CVE-2015-6324 (The DHCPv6 relay implementation in Cisco Adaptive Security Appliance ...)
+CVE-2015-6324
 	NOT-FOR-US: Cisco
-CVE-2015-6323 (The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 ...)
+CVE-2015-6323
 	NOT-FOR-US: Cisco
-CVE-2015-6322 (The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 ...)
+CVE-2015-6322
 	NOT-FOR-US: Cisco
-CVE-2015-6321 (Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before ...)
+CVE-2015-6321
 	NOT-FOR-US: Cisco
-CVE-2015-6320 (The IP ingress packet handler on Cisco Aironet 1800 devices with ...)
+CVE-2015-6320
 	NOT-FOR-US: Cisco
-CVE-2015-6319 (SQL injection vulnerability in the web-based management interface on ...)
+CVE-2015-6319
 	NOT-FOR-US: Cisco
-CVE-2015-6318 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 ...)
+CVE-2015-6318
 	NOT-FOR-US: Cisco
-CVE-2015-6317 (Cisco Identity Services Engine (ISE) before 2.0 allows remote ...)
+CVE-2015-6317
 	NOT-FOR-US: Cisco
-CVE-2015-6316 (The default configuration of sshd_config in Cisco Mobility Services ...)
+CVE-2015-6316
 	NOT-FOR-US: Cisco
-CVE-2015-6315 (Cisco Aironet 1850 access points with software 8.1(112.4) allow local ...)
+CVE-2015-6315
 	NOT-FOR-US: Cisco
-CVE-2015-6314 (Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 ...)
+CVE-2015-6314
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2015-6313 (Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; ...)
+CVE-2015-6313
 	NOT-FOR-US: Cisco
-CVE-2015-6312 (Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) ...)
+CVE-2015-6312
 	NOT-FOR-US: Cisco
-CVE-2015-6311 (Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), ...)
+CVE-2015-6311
 	NOT-FOR-US: Cisco
-CVE-2015-6310 (The REST interface in Cisco Unified Communications Manager IM and ...)
+CVE-2015-6310
 	NOT-FOR-US: Cisco
-CVE-2015-6309 (Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows ...)
+CVE-2015-6309
 	NOT-FOR-US: Cisco
-CVE-2015-6308 (Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated ...)
+CVE-2015-6308
 	NOT-FOR-US: Cisco
-CVE-2015-6307 (Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with ...)
+CVE-2015-6307
 	NOT-FOR-US: Cisco
-CVE-2015-6306 (Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does ...)
+CVE-2015-6306
 	NOT-FOR-US: Cisco
-CVE-2015-6305 (Untrusted search path vulnerability in the ...)
+CVE-2015-6305
 	NOT-FOR-US: Cisco
-CVE-2015-6304 (Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence ...)
+CVE-2015-6304
 	NOT-FOR-US: Cisco
-CVE-2015-6303 (The Cisco Spark application 2015-07-04 for mobile operating systems ...)
+CVE-2015-6303
 	NOT-FOR-US: Cisco
-CVE-2015-6302 (The RADIUS functionality on Cisco Wireless LAN Controller (WLC) ...)
+CVE-2015-6302
 	NOT-FOR-US: Cisco
-CVE-2015-6301 (The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 ...)
+CVE-2015-6301
 	NOT-FOR-US: Cisco
-CVE-2015-6300 (Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) ...)
+CVE-2015-6300
 	NOT-FOR-US: Cisco
-CVE-2015-6299 (SQL injection vulnerability in the web interface in Cisco Unity ...)
+CVE-2015-6299
 	NOT-FOR-US: Cisco
-CVE-2015-6298 (The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x ...)
+CVE-2015-6298
 	NOT-FOR-US: Cisco
-CVE-2015-6297 (The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 ...)
+CVE-2015-6297
 	NOT-FOR-US: Cisco
-CVE-2015-6296 (Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has ...)
+CVE-2015-6296
 	NOT-FOR-US: Cisco
-CVE-2015-6295 (Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices ...)
+CVE-2015-6295
 	NOT-FOR-US: Cisco
-CVE-2015-6294 (Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow ...)
+CVE-2015-6294
 	NOT-FOR-US: Cisco
-CVE-2015-6293 (Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, ...)
+CVE-2015-6293
 	NOT-FOR-US: Cisco
-CVE-2015-6292 (The proxy-cache implementation in Cisco AsyncOS 8.0.x before ...)
+CVE-2015-6292
 	NOT-FOR-US: Cisco
-CVE-2015-6291 (Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and ...)
+CVE-2015-6291
 	NOT-FOR-US: Cisco
-CVE-2015-6290 (Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to ...)
+CVE-2015-6290
 	NOT-FOR-US: Cisco
-CVE-2015-6289 (Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and ...)
+CVE-2015-6289
 	NOT-FOR-US: Cisco
-CVE-2015-6288 (Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not ...)
+CVE-2015-6288
 	NOT-FOR-US: Cisco
-CVE-2015-6287 (Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows ...)
+CVE-2015-6287
 	NOT-FOR-US: Cisco
-CVE-2015-6286 (Cisco Application Visibility and Control (AVC) 15.3(3)JA, when ...)
+CVE-2015-6286
 	NOT-FOR-US: Cisco
-CVE-2015-6285 (Format string vulnerability in Cisco Email Security Appliance (ESA) ...)
+CVE-2015-6285
 	NOT-FOR-US: Cisco Email Security Appliance
-CVE-2015-6284 (Buffer overflow in the Conference Control Protocol API implementation ...)
+CVE-2015-6284
 	NOT-FOR-US: Cisco TelePresence Server
 CVE-2015-6283
 	REJECTED
-CVE-2015-6282 (Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS ...)
+CVE-2015-6282
 	NOT-FOR-US: Cisco IOS
 CVE-2015-6281
 	RESERVED
-CVE-2015-6280 (The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and ...)
+CVE-2015-6280
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6279 (The IPv6 snooping functionality in the first-hop security subsystem in ...)
+CVE-2015-6279
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6278 (The IPv6 snooping functionality in the first-hop security subsystem in ...)
+CVE-2015-6278
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6277 (The ARP implementation in Cisco NX-OS on Nexus 1000V devices for ...)
+CVE-2015-6277
 	NOT-FOR-US: Cisco
-CVE-2015-6276 (Cisco TelePresence IX5000 8.0.3 stores a private key associated with ...)
+CVE-2015-6276
 	NOT-FOR-US: Cisco TelePresence
 CVE-2015-6275
 	RESERVED
-CVE-2015-6274 (The IPv4 implementation on Cisco ASR 1000 devices with software ...)
+CVE-2015-6274
 	NOT-FOR-US: Cisco ASR
-CVE-2015-6273 (Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the ...)
+CVE-2015-6273
 	NOT-FOR-US: Cisco
-CVE-2015-6272 (Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when ...)
+CVE-2015-6272
 	NOT-FOR-US: Cisco
-CVE-2015-6271 (Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when ...)
+CVE-2015-6271
 	NOT-FOR-US: Cisco
-CVE-2015-6270 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers ...)
+CVE-2015-6270
 	NOT-FOR-US: Cisco
-CVE-2015-6269 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers ...)
+CVE-2015-6269
 	NOT-FOR-US: Cisco
-CVE-2015-6268 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers ...)
+CVE-2015-6268
 	NOT-FOR-US: Cisco
-CVE-2015-6267 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers ...)
+CVE-2015-6267
 	NOT-FOR-US: Cisco
-CVE-2015-6266 (The guest portal in Cisco Identity Services Engine (ISE) 3300 ...)
+CVE-2015-6266
 	NOT-FOR-US: Cisco
-CVE-2015-6265 (The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and ...)
+CVE-2015-6265
 	NOT-FOR-US: Cisco
 CVE-2015-6264
 	REJECTED
-CVE-2015-6263 (The RADIUS client implementation in Cisco IOS 15.4(3)M2.2, when a ...)
+CVE-2015-6263
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6262 (Cross-site request forgery (CSRF) vulnerability in Cisco Prime ...)
+CVE-2015-6262
 	NOT-FOR-US: Cisco
-CVE-2015-6261 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 ...)
+CVE-2015-6261
 	NOT-FOR-US: Cisco
-CVE-2015-6260 (Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not ...)
+CVE-2015-6260
 	NOT-FOR-US: Cisco
-CVE-2015-6259 (The JavaServer Pages (JSP) component in Cisco Integrated Management ...)
+CVE-2015-6259
 	NOT-FOR-US: Cisco
-CVE-2015-6258 (The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN ...)
+CVE-2015-6258
 	NOT-FOR-US: Cisco
 CVE-2015-6257
 	RESERVED
-CVE-2015-6256 (Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote ...)
+CVE-2015-6256
 	NOT-FOR-US: Cisco Aggregation Services Router
-CVE-2015-6255 (Cross-site scripting (XSS) vulnerability in Cisco Unified Web and ...)
+CVE-2015-6255
 	NOT-FOR-US: Cisco Unified Web and E-Mail Interaction Manager
-CVE-2015-6254 (The (1) Service Provider (SP) and (2) Identity Provider (IdP) in ...)
+CVE-2015-6254
 	NOT-FOR-US: PicketLink
 CVE-2015-6253
 	RESERVED
-CVE-2015-6526 (The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c ...)
+CVE-2015-6526
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.7-ckt11-1
 	[wheezy] - linux 3.2.71-1
@@ -9016,7 +9016,7 @@ CVE-2015-6526 (The perf_callchain_user_64 function in arch/powerpc/perf/callchai
 	[squeeze] - linux-2.6 <not-affected> (powerpc not supported in Squeeze LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/18/4
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3 (v4.1-rc1)
-CVE-2015-6252 (The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux ...)
+CVE-2015-6252
 	{DSA-3364-1}
 	- linux 4.1.5-1
 	- linux-2.6 <removed>
@@ -9025,9 +9025,9 @@ CVE-2015-6252 (The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linu
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 (v4.2-rc5)
 CVE-2015-6239
 	RESERVED
-CVE-2015-6238 (Multiple cross-site scripting (XSS) vulnerabilities in the Google ...)
+CVE-2015-6238
 	NOT-FOR-US: Google Analyticator plugin for WordPress
-CVE-2015-6237 (The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 ...)
+CVE-2015-6237
 	NOT-FOR-US: Tripwire IP360 VnE Manager
 CVE-2015-6236
 	REJECTED
@@ -9133,7 +9133,7 @@ CVE-2015-6186
 	REJECTED
 CVE-2015-6185
 	REJECTED
-CVE-2015-6184 (The CAttrArray object implementation in Microsoft Internet Explorer 7 ...)
+CVE-2015-6184
 	NOT-FOR-US: Microsoft
 CVE-2015-6183
 	REJECTED
@@ -9147,117 +9147,117 @@ CVE-2015-6179
 	REJECTED
 CVE-2015-6178
 	REJECTED
-CVE-2015-6177 (Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel ...)
+CVE-2015-6177
 	NOT-FOR-US: Microsoft
-CVE-2015-6176 (Microsoft Edge mishandles HTML attributes in HTTP responses, which ...)
+CVE-2015-6176
 	NOT-FOR-US: Microsoft
-CVE-2015-6175 (The kernel in Microsoft Windows 10 Gold allows local users to gain ...)
+CVE-2015-6175
 	NOT-FOR-US: Microsoft
-CVE-2015-6174 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6174
 	NOT-FOR-US: Microsoft
-CVE-2015-6173 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6173
 	NOT-FOR-US: Microsoft
-CVE-2015-6172 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-6172
 	NOT-FOR-US: Microsoft
-CVE-2015-6171 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6171
 	NOT-FOR-US: Microsoft
-CVE-2015-6170 (Microsoft Edge allows remote attackers to gain privileges via a ...)
+CVE-2015-6170
 	NOT-FOR-US: Microsoft
-CVE-2015-6169 (Microsoft Edge misparses HTTP responses, which allows remote attackers ...)
+CVE-2015-6169
 	NOT-FOR-US: Microsoft
-CVE-2015-6168 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2015-6168
 	NOT-FOR-US: Microsoft
 CVE-2015-6167
 	REJECTED
-CVE-2015-6166 (Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to ...)
+CVE-2015-6166
 	NOT-FOR-US: Microsoft
-CVE-2015-6165 (Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to ...)
+CVE-2015-6165
 	NOT-FOR-US: Microsoft
-CVE-2015-6164 (Microsoft Internet Explorer 9 through 11 improperly implements a ...)
+CVE-2015-6164
 	NOT-FOR-US: Microsoft
 CVE-2015-6163
 	REJECTED
-CVE-2015-6162 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2015-6162
 	NOT-FOR-US: Microsoft
-CVE-2015-6161 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow ...)
+CVE-2015-6161
 	NOT-FOR-US: Microsoft
-CVE-2015-6160 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6160
 	NOT-FOR-US: Microsoft
-CVE-2015-6159 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2015-6159
 	NOT-FOR-US: Microsoft
-CVE-2015-6158 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2015-6158
 	NOT-FOR-US: Microsoft
-CVE-2015-6157 (Microsoft Internet Explorer 11 allows remote attackers to obtain ...)
+CVE-2015-6157
 	NOT-FOR-US: Microsoft
-CVE-2015-6156 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-6156
 	NOT-FOR-US: Microsoft
-CVE-2015-6155 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+CVE-2015-6155
 	NOT-FOR-US: Microsoft
-CVE-2015-6154 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow ...)
+CVE-2015-6154
 	NOT-FOR-US: Microsoft
-CVE-2015-6153 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2015-6153
 	NOT-FOR-US: Microsoft
-CVE-2015-6152 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2015-6152
 	NOT-FOR-US: Microsoft
-CVE-2015-6151 (Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow ...)
+CVE-2015-6151
 	NOT-FOR-US: Microsoft
-CVE-2015-6150 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6150
 	NOT-FOR-US: Microsoft
-CVE-2015-6149 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-6149
 	NOT-FOR-US: Microsoft
-CVE-2015-6148 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2015-6148
 	NOT-FOR-US: Microsoft
-CVE-2015-6147 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-6147
 	NOT-FOR-US: Microsoft
-CVE-2015-6146 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
+CVE-2015-6146
 	NOT-FOR-US: Microsoft
-CVE-2015-6145 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
+CVE-2015-6145
 	NOT-FOR-US: Microsoft
-CVE-2015-6144 (Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle ...)
+CVE-2015-6144
 	NOT-FOR-US: Microsoft
-CVE-2015-6143 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6143
 	NOT-FOR-US: Microsoft
-CVE-2015-6142 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2015-6142
 	NOT-FOR-US: Microsoft
-CVE-2015-6141 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-6141
 	NOT-FOR-US: Microsoft
-CVE-2015-6140 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2015-6140
 	NOT-FOR-US: Microsoft
-CVE-2015-6139 (Microsoft Internet Explorer 11 and Microsoft Edge mishandle content ...)
+CVE-2015-6139
 	NOT-FOR-US: Microsoft
-CVE-2015-6138 (Microsoft Internet Explorer 8 through 11 mishandles HTML attributes in ...)
+CVE-2015-6138
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6137
 	REJECTED
-CVE-2015-6136 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
+CVE-2015-6136
 	NOT-FOR-US: Microsof
-CVE-2015-6135 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
+CVE-2015-6135
 	NOT-FOR-US: Microsof
-CVE-2015-6134 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-6134
 	NOT-FOR-US: Microsof
-CVE-2015-6133 (Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2015-6133
 	NOT-FOR-US: Microsof
-CVE-2015-6132 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-6132
 	NOT-FOR-US: Microsof
-CVE-2015-6131 (Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, ...)
+CVE-2015-6131
 	NOT-FOR-US: Microsof
-CVE-2015-6130 (Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows ...)
+CVE-2015-6130
 	NOT-FOR-US: Microsof
 CVE-2015-6129
 	REJECTED
-CVE-2015-6128 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and ...)
+CVE-2015-6128
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6127 (Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, ...)
+CVE-2015-6127
 	NOT-FOR-US: Windows Media Center
-CVE-2015-6126 (Race condition in the Pragmatic General Multicast (PGM) protocol ...)
+CVE-2015-6126
 	NOT-FOR-US: Microsoft
-CVE-2015-6125 (Use-after-free vulnerability in the DNS server in Microsoft Windows ...)
+CVE-2015-6125
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6124 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-6124
 	NOT-FOR-US: Microsoft
-CVE-2015-6123 (Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac ...)
+CVE-2015-6123
 	NOT-FOR-US: Microsoft
-CVE-2015-6122 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office ...)
+CVE-2015-6122
 	NOT-FOR-US: Microsoft
 CVE-2015-6121
 	REJECTED
@@ -9265,240 +9265,240 @@ CVE-2015-6120
 	REJECTED
 CVE-2015-6119
 	REJECTED
-CVE-2015-6118 (Microsoft Office 2007 SP3 and Office 2010 SP2 allow remote attackers ...)
+CVE-2015-6118
 	NOT-FOR-US: Microsoft Office
-CVE-2015-6117 (Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 ...)
+CVE-2015-6117
 	NOT-FOR-US: Microsoft
 CVE-2015-6116
 	REJECTED
-CVE-2015-6115 (Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote ...)
+CVE-2015-6115
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-6114 (Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to ...)
+CVE-2015-6114
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2015-6113 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6113
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6112 (SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6112
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6111 (IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold ...)
+CVE-2015-6111
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-6110
 	REJECTED
-CVE-2015-6109 (The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows ...)
+CVE-2015-6109
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6108 (The Windows font library in Microsoft Windows Vista SP2; Windows ...)
+CVE-2015-6108
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6107 (The Windows font library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2015-6107
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6106 (The Windows font library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2015-6106
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-6105
 	REJECTED
-CVE-2015-6104 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2015-6104
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6103 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2015-6103
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6102 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6102
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6101 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6101
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6100 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6100
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6099 (Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET ...)
+CVE-2015-6099
 	NOT-FOR-US: Microsoft .NET
-CVE-2015-6098 (Buffer overflow in the Network Driver Interface Standard (NDIS) ...)
+CVE-2015-6098
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6097 (Heap-based buffer overflow in Windows Journal in Microsoft Windows ...)
+CVE-2015-6097
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6096 (The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, ...)
+CVE-2015-6096
 	NOT-FOR-US: Microsoft .NET
-CVE-2015-6095 (Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-6095
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6094 (Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel ...)
+CVE-2015-6094
 	NOT-FOR-US: Microsoft
-CVE-2015-6093 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+CVE-2015-6093
 	NOT-FOR-US: Microsoft
-CVE-2015-6092 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-6092
 	NOT-FOR-US: Microsoft
-CVE-2015-6091 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-6091
 	NOT-FOR-US: Microsoft
 CVE-2015-6090
 	REJECTED
-CVE-2015-6089 (The Microsoft (1) VBScript and (2) JScript engines, as used in ...)
+CVE-2015-6089
 	NOT-FOR-US: Microsoft
-CVE-2015-6088 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2015-6088
 	NOT-FOR-US: Microsoft
-CVE-2015-6087 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6087
 	NOT-FOR-US: Microsoft
-CVE-2015-6086 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-6086
 	NOT-FOR-US: Microsoft
-CVE-2015-6085 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-6085
 	NOT-FOR-US: Microsoft
-CVE-2015-6084 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-6084
 	NOT-FOR-US: Microsoft
-CVE-2015-6083 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-6083
 	NOT-FOR-US: Microsoft
-CVE-2015-6082 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6082
 	NOT-FOR-US: Microsoft
-CVE-2015-6081 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-6081
 	NOT-FOR-US: Microsoft
-CVE-2015-6080 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6080
 	NOT-FOR-US: Microsoft
-CVE-2015-6079 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6079
 	NOT-FOR-US: Microsoft
-CVE-2015-6078 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2015-6078
 	NOT-FOR-US: Microsoft
-CVE-2015-6077 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6077
 	NOT-FOR-US: Microsoft
-CVE-2015-6076 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6076
 	NOT-FOR-US: Microsoft
-CVE-2015-6075 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6075
 	NOT-FOR-US: Microsoft
-CVE-2015-6074 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6074
 	NOT-FOR-US: Microsoft
-CVE-2015-6073 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2015-6073
 	NOT-FOR-US: Microsoft
-CVE-2015-6072 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6072
 	NOT-FOR-US: Microsoft
-CVE-2015-6071 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6071
 	NOT-FOR-US: Microsoft
-CVE-2015-6070 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6070
 	NOT-FOR-US: Microsoft
-CVE-2015-6069 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-6069
 	NOT-FOR-US: Microsoft
-CVE-2015-6068 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-6068
 	NOT-FOR-US: Microsoft
 CVE-2015-6067
 	REJECTED
-CVE-2015-6066 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6066
 	NOT-FOR-US: Microsoft
-CVE-2015-6065 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-6065
 	NOT-FOR-US: Microsoft
-CVE-2015-6064 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+CVE-2015-6064
 	NOT-FOR-US: Microsoft
 CVE-2015-6063
 	REJECTED
 CVE-2015-6062
 	REJECTED
-CVE-2015-6061 (Cross-site scripting (XSS) vulnerability in Microsoft Skype for ...)
+CVE-2015-6061
 	NOT-FOR-US: Microsoft
 CVE-2015-6060
 	REJECTED
-CVE-2015-6059 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
+CVE-2015-6059
 	NOT-FOR-US: Microsoft
-CVE-2015-6058 (Microsoft Edge mishandles HTML attributes in HTTP responses, which ...)
+CVE-2015-6058
 	NOT-FOR-US: Microsoft Edge
-CVE-2015-6057 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
+CVE-2015-6057
 	NOT-FOR-US: Microsoft Edge
-CVE-2015-6056 (The (1) JScript and (2) VBScript engines in Microsoft Internet ...)
+CVE-2015-6056
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6055 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
+CVE-2015-6055
 	NOT-FOR-US: Microsoft
 CVE-2015-6054
 	REJECTED
-CVE-2015-6053 (Microsoft Internet Explorer 11 allows remote attackers to obtain ...)
+CVE-2015-6053
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6052 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
+CVE-2015-6052
 	NOT-FOR-US: Microsoft
-CVE-2015-6051 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain ...)
+CVE-2015-6051
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6050 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2015-6050
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6049 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6049
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6048 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-6048
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6047 (The broker EditWith feature in Microsoft Internet Explorer 8 through ...)
+CVE-2015-6047
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6046 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-6046
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6045 (Use-after-free vulnerability in the CElement object implementation in ...)
+CVE-2015-6045
 	NOT-FOR-US: Microsoft
-CVE-2015-6044 (Microsoft Internet Explorer 8 allows remote attackers to gain ...)
+CVE-2015-6044
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6043
 	REJECTED
-CVE-2015-6042 (Use-after-free vulnerability in the CWindow object implementation in ...)
+CVE-2015-6042
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6041
 	REJECTED
-CVE-2015-6040 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel ...)
+CVE-2015-6040
 	NOT-FOR-US: Microsoft
-CVE-2015-6039 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2015-6039
 	NOT-FOR-US: Microsoft
-CVE-2015-6038 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2015-6038
 	NOT-FOR-US: Microsoft
-CVE-2015-6037 (Cross-site scripting (XSS) vulnerability in Microsoft Excel Services ...)
+CVE-2015-6037
 	NOT-FOR-US: Microsoft
-CVE-2015-6036 (QNAP Signage Station before 2.0.1 allows remote attackers to bypass ...)
+CVE-2015-6036
 	NOT-FOR-US: QNAP Signage Station
-CVE-2015-6035 (Opsview before 2015-11-06 has XSS via SNMP. ...)
+CVE-2015-6035
 	NOT-FOR-US: Opsview
-CVE-2015-6034 (EPSON Network Utility 4.10 uses weak permissions (Everyone: Full ...)
+CVE-2015-6034
 	NOT-FOR-US: Epson
-CVE-2015-6033 (Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital ...)
+CVE-2015-6033
 	NOT-FOR-US: Qolsys IQ Panel
-CVE-2015-6032 (Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic ...)
+CVE-2015-6032
 	NOT-FOR-US: Qolsys IQ Panel
-CVE-2015-6031 (Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the ...)
+CVE-2015-6031
 	{DSA-3379-1}
 	- miniupnpc 1.9.20140610-2.1 (bug #802650)
 	NOTE: http://talosintel.com/reports/TALOS-2015-0035/
 	NOTE: https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
-CVE-2015-6030 (HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, ...)
+CVE-2015-6030
 	NOT-FOR-US: HP Arcsight Logger
-CVE-2015-6029 (HP ArcSight Logger before 6.0 P2 does not limit attempts to ...)
+CVE-2015-6029
 	NOT-FOR-US: HP Arcsight Logger
-CVE-2015-6028 (Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the ...)
+CVE-2015-6028
 	NOT-FOR-US: Castle Rock Computing SNMPc
-CVE-2015-6027 (Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. ...)
+CVE-2015-6027
 	NOT-FOR-US: Castle Rock Computing SNMPc
 CVE-2015-6026
 	RESERVED
 CVE-2015-6025
 	RESERVED
-CVE-2015-6024 (ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with ...)
+CVE-2015-6024
 	NOT-FOR-US: Qolsys NetCommWireless
-CVE-2015-6023 (ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with ...)
+CVE-2015-6023
 	NOT-FOR-US: Qolsys NetCommWireless
-CVE-2015-6022 (Unrestricted file upload vulnerability in QNAP Signage Station before ...)
+CVE-2015-6022
 	NOT-FOR-US: QNAP Signage Station
-CVE-2015-6021 (Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response. ...)
+CVE-2015-6021
 	NOT-FOR-US: Spiceworks Desktop
-CVE-2015-6020 (ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote ...)
+CVE-2015-6020
 	NOT-FOR-US: ZyXEL
-CVE-2015-6019 (The management portal on ZyXEL PMG5318-B20A devices with firmware ...)
+CVE-2015-6019
 	NOT-FOR-US: ZyXEL
-CVE-2015-6018 (The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with ...)
+CVE-2015-6018
 	NOT-FOR-US: ZyXEL
-CVE-2015-6017 (Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 ...)
+CVE-2015-6017
 	NOT-FOR-US: ZyXEL
-CVE-2015-6016 (ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), ...)
+CVE-2015-6016
 	NOT-FOR-US: ZyXEL
-CVE-2015-6015 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-6015
 	NOT-FOR-US: Oracle
-CVE-2015-6014 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-6014
 	NOT-FOR-US: Oracle
-CVE-2015-6013 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-6013
 	NOT-FOR-US: Oracle
-CVE-2015-6012 (Multiple open redirect vulnerabilities in Web Reference Database (aka ...)
+CVE-2015-6012
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6011 (Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge ...)
+CVE-2015-6011
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6010 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference ...)
+CVE-2015-6010
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6009 (Multiple SQL injection vulnerabilities in Web Reference Database (aka ...)
+CVE-2015-6009
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6008 (install.php in Web Reference Database (aka refbase) through 0.9.6 ...)
+CVE-2015-6008
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6007 (Cross-site request forgery (CSRF) vulnerability in Web Reference ...)
+CVE-2015-6007
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6006 (The AddUserFinding implementation in Medicomp MEDCIN Engine ...)
+CVE-2015-6006
 	NOT-FOR-US: Medicomp
-CVE-2015-6005 (Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch ...)
+CVE-2015-6005
 	NOT-FOR-US: IPSwitch
-CVE-2015-6004 (Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before ...)
+CVE-2015-6004
 	NOT-FOR-US: IPSwitch
-CVE-2015-6003 (Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 ...)
+CVE-2015-6003
 	NOT-FOR-US: QNAP QTS
 CVE-2015-6002
 	RESERVED
@@ -9506,89 +9506,89 @@ CVE-2015-6001
 	RESERVED
 CVE-2015-6000
 	RESERVED
-CVE-2015-5999 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-5999
 	NOT-FOR-US: D-Link DIR-816L Wireless Router
-CVE-2015-5998 (Impero Education Pro before 5105 relies on the ...)
+CVE-2015-5998
 	NOT-FOR-US: Impero Education Pro
-CVE-2015-5997 (Impero Education Pro before 5105 uses a hardcoded CBC key and ...)
+CVE-2015-5997
 	NOT-FOR-US: Impero Education Pro
-CVE-2015-5996 (Cross-site request forgery (CSRF) vulnerability on Mediabridge ...)
+CVE-2015-5996
 	NOT-FOR-US: Mediabridge Medialink devices
-CVE-2015-5995 (Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and ...)
+CVE-2015-5995
 	NOT-FOR-US: Mediabridge Medialink devices
-CVE-2015-5994 (The web management interface on Mediabridge Medialink MWN-WAPR300N ...)
+CVE-2015-5994
 	NOT-FOR-US: Mediabridge Medialink devices
-CVE-2015-5993 (Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone ...)
+CVE-2015-5993
 	NOT-FOR-US: SpeedSurf
-CVE-2015-5992 (Cross-site scripting (XSS) vulnerability in form2WlanSetup.cgi on ...)
+CVE-2015-5992
 	NOT-FOR-US: SpeedSurf
-CVE-2015-5991 (Cross-site request forgery (CSRF) vulnerability in form2WlanSetup.cgi ...)
+CVE-2015-5991
 	NOT-FOR-US: SpeedSurf
-CVE-2015-5990 (Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 ...)
+CVE-2015-5990
 	NOT-FOR-US: Belkin devices
-CVE-2015-5989 (Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side ...)
+CVE-2015-5989
 	NOT-FOR-US: Belkin devices
-CVE-2015-5988 (The web management interface on Belkin F9K1102 2 devices with firmware ...)
+CVE-2015-5988
 	NOT-FOR-US: Belkin devices
-CVE-2015-5987 (Belkin F9K1102 2 devices with firmware 2.10.17 use an improper ...)
+CVE-2015-5987
 	NOT-FOR-US: Belkin devices
-CVE-2015-6241 (The proto_tree_add_bytes_item function in epan/proto.c in the ...)
+CVE-2015-6241
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-21.html
-CVE-2015-6242 (The wmem_block_split_free_chunk function in ...)
+CVE-2015-6242
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-22.html
-CVE-2015-6243 (The dissector-table implementation in epan/packet.c in Wireshark ...)
+CVE-2015-6243
 	{DSA-3367-1 DLA-497-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-23.html
-CVE-2015-6244 (The dissect_zbee_secure function in ...)
+CVE-2015-6244
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-24.html
-CVE-2015-6245 (epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in ...)
+CVE-2015-6245
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-25.html
-CVE-2015-6246 (The dissect_wa_payload function in epan/dissectors/packet-waveagent.c ...)
+CVE-2015-6246
 	{DSA-3367-1 DLA-497-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-26.html
-CVE-2015-6247 (The dissect_openflow_tablemod_v5 function in ...)
+CVE-2015-6247
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-27.html
-CVE-2015-6248 (The ptvcursor_add function in the ptvcursor implementation in ...)
+CVE-2015-6248
 	{DSA-3367-1 DLA-497-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-28.html
-CVE-2015-6249 (The dissect_wccp2r1_address_table_info function in ...)
+CVE-2015-6249
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-29.html
-CVE-2015-6250 (simple-php-captcha before commit ...)
+CVE-2015-6250
 	NOT-FOR-US: simple-php-captcha
-CVE-2015-5986 (openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x ...)
+CVE-2015-5986
 	- bind9 <not-affected> (Vulnerable code present only since 9.9.7)
 	NOTE: https://kb.isc.org/article/AA-01291
-CVE-2015-6496 (conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that ...)
+CVE-2015-6496
 	{DSA-3341-1 DLA-295-1}
 	- conntrack 1:1.4.2-3 (bug #796103)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/14/4
@@ -9624,103 +9624,103 @@ CVE-2015-5972
 	REJECTED
 CVE-2015-5971
 	REJECTED
-CVE-2015-5970 (The ChangePassword RPC method in Novell ZENworks Configuration ...)
+CVE-2015-5970
 	NOT-FOR-US: Novell
-CVE-2015-5969 (The mysql-systemd-helper script in the mysql-community-server package ...)
+CVE-2015-5969
 	NOT-FOR-US: SuSE-specific mysql packaging bug
-CVE-2015-5968 (Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot ...)
+CVE-2015-5968
 	NOT-FOR-US: Novell
 CVE-2015-5967
 	REJECTED
 CVE-2015-5966
 	REJECTED
-CVE-2015-5965 (The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the ...)
+CVE-2015-5965
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-6506 (Cross-site scripting (XSS) vulnerability in the cryptography interface ...)
+CVE-2015-6506
 	{DSA-3335-1}
 	- request-tracker4 4.2.11-2
 	[jessie] - request-tracker4 4.2.8-3+deb8u1
 	[wheezy] - request-tracker4 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d1c7767d8484c4
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/13/8
-CVE-2015-6565 (sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY ...)
+CVE-2015-6565
 	- openssh <not-affected> (Vulnerable code introduce in V_6_8_P1)
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=6f941396b6835ad18018845f515b0c4fe20be21a
 	NOTE: Issue introduced with https://anongit.mindrot.org/openssh.git/commit/?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2 (V_6_8_P1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/12/1
-CVE-2015-6563 (The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD ...)
+CVE-2015-6563
 	{DLA-1500-1}
 	- openssh 1:6.9p1-1 (bug #795711)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	[squeeze] - openssh <no-dsa> (Minor issue)
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/9
-CVE-2015-6564 (Use-after-free vulnerability in the mm_answer_pam_free_ctx function in ...)
+CVE-2015-6564
 	{DLA-1500-1}
 	- openssh 1:6.9p1-1 (bug #795711)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	[squeeze] - openssh <no-dsa> (Minor issue)
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=5e75f5198769056089fb06c4d738ab0e5abc66f7
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/9
-CVE-2015-6737 (Cross-site scripting (XSS) vulnerability in the Widgets extension for ...)
+CVE-2015-6737
 	NOT-FOR-US: Widgets extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T88964
-CVE-2015-6736 (The Quiz extension for MediaWiki allows remote attackers to cause a ...)
+CVE-2015-6736
 	NOT-FOR-US: Quiz extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T97083
-CVE-2015-6735 (The reset functionality in the TimedMediaHandler extension for ...)
+CVE-2015-6735
 	NOT-FOR-US: TimedMediaHandler extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T100211
-CVE-2015-6734 (Cross-site scripting (XSS) vulnerability in contrib/cssgen.php in the ...)
+CVE-2015-6734
 	- mediawiki-extensions <not-affected> (contrib directory not present)
 	NOTE: https://phabricator.wikimedia.org/T108198
-CVE-2015-6733 (GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki ...)
+CVE-2015-6733
 	- mediawiki-extensions <not-affected> (contrib directory not present)
 	NOTE: https://phabricator.wikimedia.org/T108198
-CVE-2015-6732 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-6732
 	NOT-FOR-US: SemanticForms extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T103391
 	NOTE: https://phabricator.wikimedia.org/T103765
 	NOTE: https://phabricator.wikimedia.org/T103765
-CVE-2015-6731 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-6731
 	NOT-FOR-US: SemanticForms extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T103391
 	NOTE: https://phabricator.wikimedia.org/T103765
 	NOTE: https://phabricator.wikimedia.org/T103765
-CVE-2015-6730 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki ...)
+CVE-2015-6730
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T97391
-CVE-2015-6729 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki ...)
+CVE-2015-6729
 	- mediawiki <not-affected> (Introduced in 1.21)
 	NOTE: https://phabricator.wikimedia.org/T97391
-CVE-2015-6728 (The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, ...)
+CVE-2015-6728
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T94116
-CVE-2015-6727 (The Special:DeletedContributions page in MediaWiki before 1.23.10, ...)
+CVE-2015-6727
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T106893
 	NOTE: https://github.com/wikimedia/mediawiki/commit/5faabfa1bbf65536ea36108887040198afcb3c82
-CVE-2015-5964 (The (1) contrib.sessions.backends.base.SessionBase.flush and (2) ...)
+CVE-2015-5964
 	{DSA-3338-1 DLA-301-1}
 	- python-django 1.7.10-1 (bug #796104)
 	NOTE: https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
-CVE-2015-5963 (contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before ...)
+CVE-2015-5963
 	{DSA-3338-1 DLA-301-1}
 	- python-django 1.7.10-1 (bug #796104)
 	NOTE: https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
-CVE-2015-5962 (Integer signedness error in the ...)
+CVE-2015-5962
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-5961 (The COPPA error page in the Accounts setup dialog in Mozilla Firefox ...)
+CVE-2015-5961
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-5960 (Mozilla Firefox OS before 2.2 allows physically proximate attackers to ...)
+CVE-2015-5960
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-6520 (IPPUSBXD before 1.22 listens on all interfaces, which allows remote ...)
+CVE-2015-6520
 	- ippusbxd 1.22-1 (bug #795162)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/1
 	NOTE: https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f
@@ -9734,7 +9734,7 @@ CVE-2015-XXXX [net/http: broken trailers don't close a server connection]
 	NOTE: https://github.com/golang/go/issues/12027
 	NOTE: https://github.com/golang/go/commit/26049f6f9171d1190f3bbe05ec304845cfe6399f
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/06/2
-CVE-2015-6251 (Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before ...)
+CVE-2015-6251
 	{DSA-3334-1}
 	- gnutls28 3.3.17-1 (bug #795068)
 	- gnutls26 <not-affected> (Vulnerable code not present)
@@ -9743,20 +9743,20 @@ CVE-2015-6251 (Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x befor
 	NOTE: http://www.gnutls.org/security.html#GNUTLS-SA-2015-3
 	NOTE: _gnutls_x509_dn_to_string() introduced in 3.1.10 via:
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/6be35136333b5d6289f23209cf896e741462909a
-CVE-2015-5958 (phpFileManager 0.9.8 allows remote attackers to execute arbitrary ...)
+CVE-2015-5958
 	NOT-FOR-US: phpFileManager
-CVE-2015-5956 (The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before ...)
+CVE-2015-5956
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
-CVE-2015-5955 (ownCloud iOS app before 3.4.4 does not properly switch state between ...)
+CVE-2015-5955
 	NOT-FOR-US: ownCloud iOS app
-CVE-2015-5954 (The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before ...)
+CVE-2015-5954
 	{DSA-3373-1}
 	- owncloud 7.0.7~dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-011
-CVE-2015-5953 (Cross-site scripting (XSS) vulnerability in the activity application ...)
+CVE-2015-5953
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-010
@@ -9764,437 +9764,437 @@ CVE-2015-5952
 	RESERVED
 CVE-2015-5951
 	RESERVED
-CVE-2015-5950 (The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on ...)
+CVE-2015-5950
 	- nvidia-graphics-drivers 340.93-1 (bug #800566)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-304xx 304.128-5
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.128-1
-CVE-2015-5949 (VideoLAN VLC media player 2.2.1 allows remote attackers to cause a ...)
+CVE-2015-5949
 	{DSA-3342-1}
 	- vlc 2.2.1-3 (bug #796255)
 	[wheezy] - vlc <not-affected> (Vulnerability introduced by later changes)
 	[squeeze] - vlc <not-affected> (Vulnerability introduced by later changes)
 	NOTE: https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd
 	NOTE: http://www.ocert.org/advisories/ocert-2015-009.html
-CVE-2015-5948 (Race condition in SuiteCRM before 7.2.3 allows remote attackers to ...)
+CVE-2015-5948
 	NOT-FOR-US: SuiteCRM
-CVE-2015-5947 (SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary ...)
+CVE-2015-5947
 	NOT-FOR-US: SuiteCRM
-CVE-2015-5946 (Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote ...)
+CVE-2015-5946
 	NOT-FOR-US: SugarCRM
-CVE-2015-5945 (The Sandbox subsystem in Apple OS X before 10.11.1 allows local users ...)
+CVE-2015-5945
 	NOT-FOR-US: Apple
-CVE-2015-5944 (CoreText in Apple OS X before 10.11.1 allows remote attackers to ...)
+CVE-2015-5944
 	NOT-FOR-US: Apple
-CVE-2015-5943 (SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic ...)
+CVE-2015-5943
 	NOT-FOR-US: Apple
-CVE-2015-5942 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+CVE-2015-5942
 	NOT-FOR-US: Apple
 CVE-2015-5941
 	REJECTED
-CVE-2015-5940 (The Accelerate Framework component in Apple iOS before 9.1 and OS X ...)
+CVE-2015-5940
 	NOT-FOR-US: Apple
-CVE-2015-5939 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+CVE-2015-5939
 	NOT-FOR-US: Apple
-CVE-2015-5938 (ImageIO in Apple OS X before 10.11.1 allows remote attackers to ...)
+CVE-2015-5938
 	NOT-FOR-US: Apple
-CVE-2015-5937 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+CVE-2015-5937
 	NOT-FOR-US: Apple
-CVE-2015-5936 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+CVE-2015-5936
 	NOT-FOR-US: Apple
-CVE-2015-5935 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+CVE-2015-5935
 	NOT-FOR-US: Apple
-CVE-2015-5934 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute ...)
+CVE-2015-5934
 	NOT-FOR-US: Apple
-CVE-2015-5933 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute ...)
+CVE-2015-5933
 	NOT-FOR-US: Apple
-CVE-2015-5932 (The kernel in Apple OS X before 10.11.1 allows local users to gain ...)
+CVE-2015-5932
 	NOT-FOR-US: Apple
-CVE-2015-5931 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
+CVE-2015-5931
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-5930 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+CVE-2015-5930
 	NOT-FOR-US: Apple
-CVE-2015-5929 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+CVE-2015-5929
 	NOT-FOR-US: Apple
-CVE-2015-5928 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+CVE-2015-5928
 	NOT-FOR-US: Apple
-CVE-2015-5927 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+CVE-2015-5927
 	NOT-FOR-US: Apple
-CVE-2015-5926 (The CoreGraphics component in Apple iOS before 9.1, OS X before ...)
+CVE-2015-5926
 	NOT-FOR-US: Apple
-CVE-2015-5925 (The CoreGraphics component in Apple iOS before 9.1, OS X before ...)
+CVE-2015-5925
 	NOT-FOR-US: Apple
-CVE-2015-5924 (The OpenGL implementation in Apple iOS before 9.1 and OS X before ...)
+CVE-2015-5924
 	NOT-FOR-US: Apple
-CVE-2015-5923 (Apple iOS before 9.0.2 does not properly restrict the options ...)
+CVE-2015-5923
 	NOT-FOR-US: Apple
-CVE-2015-5922 (Unspecified vulnerability in International Components for Unicode ...)
+CVE-2015-5922
 	NOT-FOR-US: Apple
-CVE-2015-5921 (WebKit in Apple iOS before 9 mishandles &quot;Content-Disposition: ...)
+CVE-2015-5921
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5920 (The Software Update component in Apple iTunes before 12.3 does not ...)
+CVE-2015-5920
 	NOT-FOR-US: Apple
-CVE-2015-5919 (GasGauge in Apple watchOS before 2 allows local users to gain ...)
+CVE-2015-5919
 	NOT-FOR-US: Apple watchOS
-CVE-2015-5918 (GasGauge in Apple watchOS before 2 allows local users to gain ...)
+CVE-2015-5918
 	NOT-FOR-US: Apple watchOS
-CVE-2015-5917 (The glob implementation in tnftpd (formerly lukemftpd), as used in ...)
+CVE-2015-5917
 	NOT-FOR-US: Apple
-CVE-2015-5916 (The Apple Pay component in Apple iOS before 9 allows remote terminals ...)
+CVE-2015-5916
 	NOT-FOR-US: Apple
-CVE-2015-5915 (Apple OS X before 10.11 does not ensure that the keychain's lock state ...)
+CVE-2015-5915
 	NOT-FOR-US: Apple
-CVE-2015-5914 (The EFI component in Apple OS X before 10.11 allows physically ...)
+CVE-2015-5914
 	NOT-FOR-US: Apple
-CVE-2015-5913 (Heimdal, as used in Apple OS X before 10.11, allows remote attackers ...)
+CVE-2015-5913
 	NOT-FOR-US: Apple
-CVE-2015-5912 (The CFNetwork FTPProtocol component in Apple iOS before 9 allows ...)
+CVE-2015-5912
 	NOT-FOR-US: Apple
-CVE-2015-5911 (Multiple unspecified vulnerabilities in Twisted in Wiki Server in ...)
+CVE-2015-5911
 	NOT-FOR-US: Apple
-CVE-2015-5910 (IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server ...)
+CVE-2015-5910
 	NOT-FOR-US: Apple
-CVE-2015-5909 (IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict ...)
+CVE-2015-5909
 	NOT-FOR-US: Apple
 CVE-2015-5908
 	REJECTED
-CVE-2015-5907 (WebKit in Apple iOS before 9 allows man-in-the-middle attackers to ...)
+CVE-2015-5907
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5906 (The HTML form implementation in WebKit in Apple iOS before 9 does not ...)
+CVE-2015-5906
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5905 (Safari in Apple iOS before 9 allows remote attackers to spoof the ...)
+CVE-2015-5905
 	NOT-FOR-US: Apple
-CVE-2015-5904 (Safari in Apple iOS before 9 allows remote attackers to spoof the ...)
+CVE-2015-5904
 	NOT-FOR-US: Apple
-CVE-2015-5903 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
+CVE-2015-5903
 	NOT-FOR-US: Apple
-CVE-2015-5902 (The debugging feature in the kernel in Apple OS X before 10.11 ...)
+CVE-2015-5902
 	NOT-FOR-US: Apple
-CVE-2015-5901 (The Secure Empty Trash feature in Finder in Apple OS X before 10.11 ...)
+CVE-2015-5901
 	NOT-FOR-US: Apple
-CVE-2015-5900 (The protected range register in the EFI component in Apple OS X before ...)
+CVE-2015-5900
 	NOT-FOR-US: Apple
-CVE-2015-5899 (libpthread in the kernel in Apple iOS before 9 allows local users to ...)
+CVE-2015-5899
 	NOT-FOR-US: Apple
-CVE-2015-5898 (CFNetwork in Apple iOS before 9 relies on the hardware UID for its ...)
+CVE-2015-5898
 	NOT-FOR-US: Apple
-CVE-2015-5897 (The Address Book framework in Apple OS X before 10.11 allows local ...)
+CVE-2015-5897
 	NOT-FOR-US: Apple
-CVE-2015-5896 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
+CVE-2015-5896
 	NOT-FOR-US: Apple
-CVE-2015-5895 (Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as ...)
+CVE-2015-5895
 	NOT-FOR-US: Apple
-CVE-2015-5894 (The X.509 certificate-trust implementation in Apple OS X before 10.11 ...)
+CVE-2015-5894
 	NOT-FOR-US: Apple
-CVE-2015-5893 (SMBClient in SMB in Apple OS X before 10.11 allows local users to ...)
+CVE-2015-5893
 	NOT-FOR-US: Apple
-CVE-2015-5892 (Siri in Apple iOS before 9 allows physically proximate attackers to ...)
+CVE-2015-5892
 	NOT-FOR-US: Apple
-CVE-2015-5891 (The SMB implementation in the kernel in Apple OS X before 10.11 allows ...)
+CVE-2015-5891
 	NOT-FOR-US: Apple
-CVE-2015-5890 (IOGraphics in Apple OS X before 10.11 allows local users to gain ...)
+CVE-2015-5890
 	NOT-FOR-US: Apple
-CVE-2015-5889 (rsh in the remote_cmds component in Apple OS X before 10.11 allows ...)
+CVE-2015-5889
 	NOT-FOR-US: Apple
-CVE-2015-5888 (The Install Framework Legacy component in Apple OS X before 10.11 ...)
+CVE-2015-5888
 	NOT-FOR-US: Apple
-CVE-2015-5887 (The TLS Handshake Protocol implementation in Secure Transport in Apple ...)
+CVE-2015-5887
 	NOT-FOR-US: Apple
 CVE-2015-5886
 	REJECTED
-CVE-2015-5885 (The CFNetwork Cookies component in Apple iOS before 9 allows remote ...)
+CVE-2015-5885
 	NOT-FOR-US: Apple
-CVE-2015-5884 (The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles ...)
+CVE-2015-5884
 	NOT-FOR-US: Apple
-CVE-2015-5883 (The bidirectional text-display and text-selection implementations in ...)
+CVE-2015-5883
 	NOT-FOR-US: Apple
-CVE-2015-5882 (The processor_set_tasks API implementation in Apple iOS before 9 ...)
+CVE-2015-5882
 	NOT-FOR-US: Apple
 CVE-2015-5881
 	REJECTED
-CVE-2015-5880 (CoreAnimation in Apple iOS before 9 allows attackers to bypass ...)
+CVE-2015-5880
 	NOT-FOR-US: Apple
-CVE-2015-5879 (XNU in the kernel in Apple iOS before 9 does not properly validate the ...)
+CVE-2015-5879
 	NOT-FOR-US: Apple
-CVE-2015-5878 (Notes in Apple OS X before 10.11 misparses links, which allows local ...)
+CVE-2015-5878
 	NOT-FOR-US: Apple
-CVE-2015-5877 (The Intel Graphics Driver component in Apple OS X before 10.11 allows ...)
+CVE-2015-5877
 	NOT-FOR-US: Apple
-CVE-2015-5876 (dyld in Dev Tools in Apple iOS before 9 allows attackers to execute ...)
+CVE-2015-5876
 	NOT-FOR-US: Apple
-CVE-2015-5875 (Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before ...)
+CVE-2015-5875
 	NOT-FOR-US: Apple
-CVE-2015-5874 (CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote ...)
+CVE-2015-5874
 	NOT-FOR-US: Apple
-CVE-2015-5873 (IOGraphics in Apple OS X before 10.11 allows local users to gain ...)
+CVE-2015-5873
 	NOT-FOR-US: Apple
-CVE-2015-5872 (IOGraphics in Apple OS X before 10.11 allows local users to gain ...)
+CVE-2015-5872
 	NOT-FOR-US: Apple
-CVE-2015-5871 (IOGraphics in Apple OS X before 10.11 allows local users to gain ...)
+CVE-2015-5871
 	NOT-FOR-US: Apple
-CVE-2015-5870 (The debugging interfaces in the kernel in Apple OS X before 10.11 ...)
+CVE-2015-5870
 	NOT-FOR-US: Apple
-CVE-2015-5869 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+CVE-2015-5869
 	NOT-FOR-US: Apple
-CVE-2015-5868 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
+CVE-2015-5868
 	NOT-FOR-US: Apple
-CVE-2015-5867 (IOHIDFamily in Apple iOS before 9 allows attackers to execute ...)
+CVE-2015-5867
 	NOT-FOR-US: Apple
-CVE-2015-5866 (IOHIDFamily in Apple OS X before 10.11 allows attackers to execute ...)
+CVE-2015-5866
 	NOT-FOR-US: Apple
-CVE-2015-5865 (IOGraphics in Apple OS X before 10.11 allows attackers to obtain ...)
+CVE-2015-5865
 	NOT-FOR-US: Apple
-CVE-2015-5864 (IOAudioFamily in Apple OS X before 10.11 allows local users to obtain ...)
+CVE-2015-5864
 	NOT-FOR-US: Apple
-CVE-2015-5863 (IOStorageFamily in Apple iOS before 9 does not properly initialize an ...)
+CVE-2015-5863
 	NOT-FOR-US: Apple
-CVE-2015-5862 (The Audio component in Apple iOS before 9 allows remote attackers to ...)
+CVE-2015-5862
 	NOT-FOR-US: Apple
-CVE-2015-5861 (SpringBoard in Apple iOS before 9 allows physically proximate ...)
+CVE-2015-5861
 	NOT-FOR-US: Apple
-CVE-2015-5860 (The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles ...)
+CVE-2015-5860
 	NOT-FOR-US: Apple
-CVE-2015-5859 (The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X ...)
+CVE-2015-5859
 	NOT-FOR-US: Apple
-CVE-2015-5858 (The CFNetwork HTTPProtocol component in Apple iOS before 9 allows ...)
+CVE-2015-5858
 	NOT-FOR-US: Apple
-CVE-2015-5857 (Mail in Apple iOS before 9 allows remote attackers to use an ...)
+CVE-2015-5857
 	NOT-FOR-US: Apple
-CVE-2015-5856 (The Application Store component in Apple iOS before 9 allows remote ...)
+CVE-2015-5856
 	NOT-FOR-US: Apple
-CVE-2015-5855 (Apple iOS before 9 allows attackers to discover the e-mail address of ...)
+CVE-2015-5855
 	NOT-FOR-US: Apple
-CVE-2015-5854 (The backup implementation in Time Machine in Apple OS X before 10.11 ...)
+CVE-2015-5854
 	NOT-FOR-US: Apple
-CVE-2015-5853 (AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers ...)
+CVE-2015-5853
 	NOT-FOR-US: Apple
 CVE-2015-5852
 	REJECTED
-CVE-2015-5851 (The convenience initializer in the Multipeer Connectivity component in ...)
+CVE-2015-5851
 	NOT-FOR-US: Apple
-CVE-2015-5850 (AppleKeyStore in Apple iOS before 9 allows physically proximate ...)
+CVE-2015-5850
 	NOT-FOR-US: Apple
-CVE-2015-5849 (The filtering implementation in AppleEvents in Apple OS X before 10.11 ...)
+CVE-2015-5849
 	NOT-FOR-US: Apple
-CVE-2015-5848 (IOAcceleratorFamily in Apple iOS before 9 allows local users to gain ...)
+CVE-2015-5848
 	NOT-FOR-US: Apple
-CVE-2015-5847 (The Disk Images component in Apple iOS before 9 allows local users to ...)
+CVE-2015-5847
 	NOT-FOR-US: Apple
-CVE-2015-5846 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...)
+CVE-2015-5846
 	NOT-FOR-US: Apple
-CVE-2015-5845 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...)
+CVE-2015-5845
 	NOT-FOR-US: Apple
-CVE-2015-5844 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...)
+CVE-2015-5844
 	NOT-FOR-US: Apple
-CVE-2015-5843 (IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain ...)
+CVE-2015-5843
 	NOT-FOR-US: Apple
-CVE-2015-5842 (XNU in the kernel in Apple iOS before 9 does not properly initialize ...)
+CVE-2015-5842
 	NOT-FOR-US: Apple
-CVE-2015-5841 (The CFNetwork Proxies component in Apple iOS before 9 does not ...)
+CVE-2015-5841
 	NOT-FOR-US: Apple
-CVE-2015-5840 (The checkint division routines in removefile in Apple iOS before 9 ...)
+CVE-2015-5840
 	NOT-FOR-US: Apple
-CVE-2015-5839 (dyld in Apple iOS before 9 allows attackers to bypass a code-signing ...)
+CVE-2015-5839
 	NOT-FOR-US: Apple
-CVE-2015-5838 (SpringBoard in Apple iOS before 9 does not properly restrict access to ...)
+CVE-2015-5838
 	NOT-FOR-US: Apple
-CVE-2015-5837 (PluginKit in Apple iOS before 9 allows attackers to bypass an intended ...)
+CVE-2015-5837
 	NOT-FOR-US: Apple
-CVE-2015-5836 (Apple Online Store Kit in Apple OS X before 10.11 improperly validates ...)
+CVE-2015-5836
 	NOT-FOR-US: Apple
-CVE-2015-5835 (Apple iOS before 9 allows attackers to obtain sensitive information ...)
+CVE-2015-5835
 	NOT-FOR-US: Apple
-CVE-2015-5834 (IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain ...)
+CVE-2015-5834
 	NOT-FOR-US: Apple
-CVE-2015-5833 (The Login Window component in Apple OS X before 10.11 does not ensure ...)
+CVE-2015-5833
 	NOT-FOR-US: Apple
-CVE-2015-5832 (The iTunes Store component in Apple iOS before 9 does not properly ...)
+CVE-2015-5832
 	NOT-FOR-US: Apple
-CVE-2015-5831 (NetworkExtension in the kernel in Apple iOS before 9 does not properly ...)
+CVE-2015-5831
 	NOT-FOR-US: Apple
-CVE-2015-5830 (The Intel Graphics Driver component in Apple OS X before 10.11 allows ...)
+CVE-2015-5830
 	NOT-FOR-US: Apple
-CVE-2015-5829 (Data Detectors Engine in Apple iOS before 9 allows remote attackers to ...)
+CVE-2015-5829
 	NOT-FOR-US: Apple
-CVE-2015-5828 (The API in the WebKit Plug-ins component in Apple Safari before 9 does ...)
+CVE-2015-5828
 	NOT-FOR-US: Apple Safari
-CVE-2015-5827 (WebKit in Apple iOS before 9 allows remote attackers to bypass the ...)
+CVE-2015-5827
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5826 (WebKit in Apple iOS before 9 does not properly select the cases in ...)
+CVE-2015-5826
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5825 (WebKit in Apple iOS before 9 does not properly restrict the ...)
+CVE-2015-5825
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5824 (The NSURL implementation in the CFNetwork SSL component in Apple iOS ...)
+CVE-2015-5824
 	NOT-FOR-US: Apple
-CVE-2015-5823 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
+CVE-2015-5823
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5822 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
+CVE-2015-5822
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5821 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5821
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5820 (WebKit in Apple iOS before 9 allows remote attackers to trigger a ...)
+CVE-2015-5820
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5819 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5819
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5818 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5818
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5817 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5817
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5816 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
+CVE-2015-5816
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5815 (WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle ...)
+CVE-2015-5815
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5814 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
+CVE-2015-5814
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5813 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5813
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5812 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5812
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5811 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5811
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5810 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5810
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5809 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5809
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5808 (WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle ...)
+CVE-2015-5808
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5807 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5807
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5806 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5806
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5805 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5805
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5804 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5804
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5803 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5803
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5802 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5802
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5801 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5801
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5800 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5800
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5799 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5799
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5798 (WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle ...)
+CVE-2015-5798
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5797 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5797
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5796 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5796
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5795 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5795
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5794 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5794
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5793 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
+CVE-2015-5793
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5792 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5792
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5791 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...)
+CVE-2015-5791
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5790 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5790
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5789 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...)
+CVE-2015-5789
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5788 (The WebKit Canvas implementation in Apple iOS before 9 allows remote ...)
+CVE-2015-5788
 	NOT-FOR-US: Apple
-CVE-2015-5787 (The kernel in Apple iOS before 8.4.1 does not properly restrict ...)
+CVE-2015-5787
 	NOT-FOR-US: Apple
-CVE-2015-5786 (Apple QuickTime before 7.7.8 allows remote attackers to execute ...)
+CVE-2015-5786
 	NOT-FOR-US: Apple
-CVE-2015-5785 (Apple QuickTime before 7.7.8 allows remote attackers to execute ...)
+CVE-2015-5785
 	NOT-FOR-US: Apple
-CVE-2015-5784 (runner in Install.framework in the Install Framework Legacy component ...)
+CVE-2015-5784
 	NOT-FOR-US: Apple OS X
-CVE-2015-5783 (IOGraphics in Apple OS X before 10.10.5 allows attackers to execute ...)
+CVE-2015-5783
 	NOT-FOR-US: Apple OS X
-CVE-2015-5782 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not ...)
+CVE-2015-5782
 	NOT-FOR-US: Apple OS X
-CVE-2015-5781 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not ...)
+CVE-2015-5781
 	NOT-FOR-US: Apple OS X
-CVE-2015-5780 (The Safari Extensions implementation in Apple Safari before 9 does not ...)
+CVE-2015-5780
 	NOT-FOR-US: Apple
-CVE-2015-5779 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-5779
 	NOT-FOR-US: Apple OS X
-CVE-2015-5778 (CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 ...)
+CVE-2015-5778
 	NOT-FOR-US: Apple OS X
-CVE-2015-5777 (CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 ...)
+CVE-2015-5777
 	NOT-FOR-US: Apple OS X
-CVE-2015-5776 (Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5776
 	NOT-FOR-US: Apple
-CVE-2015-5775 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5775
 	NOT-FOR-US: Apple OS X
-CVE-2015-5774 (Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X ...)
+CVE-2015-5774
 	NOT-FOR-US: Apple OS X
-CVE-2015-5773 (QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5773
 	NOT-FOR-US: Apple OS X
-CVE-2015-5772 (Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 ...)
+CVE-2015-5772
 	NOT-FOR-US: Apple OS X
-CVE-2015-5771 (Quartz Composer Framework in Apple OS X before 10.10.5 allows remote ...)
+CVE-2015-5771
 	NOT-FOR-US: Apple OS X
-CVE-2015-5770 (MobileInstallation in Apple iOS before 8.4.1 does not ensure the ...)
+CVE-2015-5770
 	NOT-FOR-US: Apple OS X
-CVE-2015-5769 (The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to ...)
+CVE-2015-5769
 	NOT-FOR-US: Apple OS X
-CVE-2015-5768 (AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to ...)
+CVE-2015-5768
 	NOT-FOR-US: Apple OS X
-CVE-2015-5767 (The user interface in Safari in Apple iOS before 9 allows remote ...)
+CVE-2015-5767
 	NOT-FOR-US: Apple
-CVE-2015-5766 (Directory traversal vulnerability in Air Traffic in Apple iOS before ...)
+CVE-2015-5766
 	NOT-FOR-US: Apple OS X
-CVE-2015-5765 (The user interface in Safari in Apple iOS before 9 allows remote ...)
+CVE-2015-5765
 	NOT-FOR-US: Apple
-CVE-2015-5764 (The user interface in Safari in Apple iOS before 9 allows remote ...)
+CVE-2015-5764
 	NOT-FOR-US: Apple
-CVE-2015-5763 (ntfs in Apple OS X before 10.10.5 allows local users to gain ...)
+CVE-2015-5763
 	NOT-FOR-US: Apple OS X
 CVE-2015-5762
 	RESERVED
-CVE-2015-5761 (CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5761
 	NOT-FOR-US: Apple OS X
 CVE-2015-5760
 	REJECTED
-CVE-2015-5759 (WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof ...)
+CVE-2015-5759
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5758 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5758
 	NOT-FOR-US: Apple OS X
-CVE-2015-5757 (libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5757
 	NOT-FOR-US: Apple
-CVE-2015-5756 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5756
 	NOT-FOR-US: Apple OS X
-CVE-2015-5755 (CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-5755
 	NOT-FOR-US: Apple OS X
-CVE-2015-5754 (Race condition in runner in Install.framework in the Install Framework ...)
+CVE-2015-5754
 	NOT-FOR-US: Apple OS X
-CVE-2015-5753 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-5753
 	NOT-FOR-US: Apple OS X
-CVE-2015-5752 (Backup in Apple iOS before 8.4.1 allows attackers to bypass intended ...)
+CVE-2015-5752
 	NOT-FOR-US: Apple OS X
-CVE-2015-5751 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-5751
 	NOT-FOR-US: Apple OS X
-CVE-2015-5750 (Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to ...)
+CVE-2015-5750
 	NOT-FOR-US: Apple OS X
-CVE-2015-5749 (The Sandbox_profiles component in Apple iOS before 8.4.1 allows ...)
+CVE-2015-5749
 	NOT-FOR-US: Apple OS X
-CVE-2015-5748 (The kernel in Apple OS X before 10.10.5 does not properly mount HFS ...)
+CVE-2015-5748
 	NOT-FOR-US: Apple OS X
-CVE-2015-5747 (The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows ...)
+CVE-2015-5747
 	NOT-FOR-US: Apple OS X
-CVE-2015-5746 (AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass ...)
+CVE-2015-5746
 	NOT-FOR-US: Apple OS X
 CVE-2015-5744
 	RESERVED
 CVE-2015-5743
 	RESERVED
-CVE-2015-5742 (VeeamVixProxy in Veeam Backup &amp; Replication (B&amp;R) before 8.0 update 3 ...)
+CVE-2015-5742
 	NOT-FOR-US: Veeam
-CVE-2015-5738 (The RSA-CRT implementation in the Cavium Software Development Kit ...)
+CVE-2015-5738
 	- openssl <not-affected> (OpenSSL upstream is not affected)
-CVE-2015-5959 (Froxlor before 0.9.33.2 with the default configuration/setup might ...)
+CVE-2015-5959
 	- froxlor <itp> (bug #581792)
-CVE-2015-5957 (Buffer overflow in the DumpSysVar function in var.c in Remind before ...)
+CVE-2015-5957
 	{DLA-289-1}
 	- remind 03.01.15-1 (unimportant)
 	NOTE: Non-exploitable starting with Wheezy due to D_FORTIFY_SOURCE
@@ -10212,27 +10212,27 @@ CVE-2015-5745 [buffer overflow in virtio-serial]
 	NOTE: Patch for wheezy needs change since uses iov_from_buf:
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=dcf6f5e15ecee4f593eeacbe0591c1addc004d92
 	NOTE: iov_* function changed in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=2278a69e7020d86a8c73a28474e7709d3e7d5081 (v1.2.0-rc0)
-CVE-2015-5737 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) ...)
+CVE-2015-5737
 	NOT-FOR-US: Fortinet
-CVE-2015-5736 (The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows ...)
+CVE-2015-5736
 	NOT-FOR-US: Fortinet
-CVE-2015-5735 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) ...)
+CVE-2015-5735
 	NOT-FOR-US: Fortinet
-CVE-2015-5729 (The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, ...)
+CVE-2015-5729
 	NOT-FOR-US: Samsung
 CVE-2015-5728
 	RESERVED
-CVE-2015-5727 (The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before ...)
+CVE-2015-5727
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.10-1
 	NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-5726 (The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before ...)
+CVE-2015-5726
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.10-1
 	NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-5725 (SQL injection vulnerability in the offset method in the Active Record ...)
+CVE-2015-5725
 	- codeigniter <itp> (bug #471583)
 CVE-2015-5741 [other discoveries of security-relevant RFC 7230 violations]
 	RESERVED
@@ -10241,36 +10241,36 @@ CVE-2015-5741 [other discoveries of security-relevant RFC 7230 violations]
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f
 	NOTE: https://github.com/golang/go/commit/143822585e32449860e624cace9d2e521deee62e
-CVE-2015-5740 (The net/http library in net/http/transfer.go in Go before 1.4.3 does ...)
+CVE-2015-5740
 	- golang 2:1.4.2-4 (bug #795106)
 	[jessie] - golang <no-dsa> (Minor issue)
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f
 	NOTE: https://github.com/golang/go/commit/143822585e32449860e624cace9d2e521deee62e
-CVE-2015-5739 (The net/http library in net/textproto/reader.go in Go before 1.4.3 ...)
+CVE-2015-5739
 	- golang 2:1.4.2-4 (bug #795106)
 	[jessie] - golang <no-dsa> (Minor issue)
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://github.com/golang/go/commit/117ddcb83d7f42d6aa72241240af99ded81118e9
 CVE-2015-5724
 	RESERVED
-CVE-2015-5722 (buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before ...)
+CVE-2015-5722
 	{DSA-3350-1 DLA-308-1}
 	- bind9 1:9.9.5.dfsg-12
 	NOTE: https://kb.isc.org/article/AA-01287
-CVE-2015-5721 (Malware Information Sharing Platform (MISP) before 2.3.90 allows ...)
+CVE-2015-5721
 	NOT-FOR-US: Malware Information Sharing Platform
-CVE-2015-5720 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-5720
 	NOT-FOR-US: Malware Information Sharing Platform
-CVE-2015-5719 (app/Controller/TemplatesController.php in Malware Information Sharing ...)
+CVE-2015-5719
 	NOT-FOR-US: Malware Information Sharing Platform
-CVE-2015-5718 (Stack-based buffer overflow in the handle_debug_network function in ...)
+CVE-2015-5718
 	NOT-FOR-US: Websense Content Gateway
-CVE-2015-5734 (Cross-site scripting (XSS) vulnerability in the legacy theme preview ...)
+CVE-2015-5734
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33549
-CVE-2015-5733 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2015-5733
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	[jessie] - wordpress 4.1+dfsg-1+deb8u1
 	[wheezy] - wordpress 3.6.1+dfsg-1~deb7u6
@@ -10281,41 +10281,41 @@ CVE-2015-5733 (Cross-site scripting (XSS) vulnerability in the ...)
 	NOTE: but the issue apparently later reintroduced
 	NOTE: https://core.trac.wordpress.org/changeset/33540
 	NOTE: https://core.trac.wordpress.org/changeset/33541
-CVE-2015-5732 (Cross-site scripting (XSS) vulnerability in the form function in the ...)
+CVE-2015-5732
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33529
-CVE-2015-5731 (Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php ...)
+CVE-2015-5731
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33542
 	NOTE: https://core.trac.wordpress.org/changeset/33543
-CVE-2015-5730 (The sanitize_widget_instance function in ...)
+CVE-2015-5730
 	{DSA-3332-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	[squeeze] - wordpress <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wordpress <not-affected> (Vulnerable code introduced later)
 	NOTE: https://core.trac.wordpress.org/changeset/33535
 	NOTE: https://core.trac.wordpress.org/changeset/33536
-CVE-2015-5717 (The Siemens COMPAS Mobile application before 1.6 for Android does not ...)
+CVE-2015-5717
 	NOT-FOR-US: Siemens
 CVE-2015-5716
 	RESERVED
-CVE-2015-5715 (The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in ...)
+CVE-2015-5715
 	{DSA-3383-1 DSA-3375-1 DLA-321-1}
 	- wordpress 4.3.1+dfsg-1 (bug #799140)
 	NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
 	NOTE: https://github.com/WordPress/WordPress/commit/9c57f3a4291f2311ae05f22c10eedeb0f69337ab
-CVE-2015-5714 (Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 ...)
+CVE-2015-5714
 	{DSA-3383-1 DSA-3375-1 DLA-321-1}
 	- wordpress 4.3.1+dfsg-1 (bug #799140)
 	NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
 	NOTE: https://github.com/WordPress/WordPress/commit/f72b21af23da6b6d54208e5c1d65ececdaa109c8
-CVE-2015-5713 (Spotfire Parsing Library and Spotfire Security Filter in TIBCO ...)
+CVE-2015-5713
 	NOT-FOR-US: TIBCO
-CVE-2015-5712 (Spotfire Parsing Library and Spotfire Security Filter in TIBCO ...)
+CVE-2015-5712
 	NOT-FOR-US: TIBCO
-CVE-2015-5711 (TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File ...)
+CVE-2015-5711
 	NOT-FOR-US: TIBCO
 CVE-2015-5710
 	RESERVED
@@ -10323,9 +10323,9 @@ CVE-2015-5709
 	RESERVED
 CVE-2015-5708
 	RESERVED
-CVE-2015-5703 (SQL injection vulnerability in the public key discovery API call in ...)
+CVE-2015-5703
 	NOT-FOR-US: Open-Xchange
-CVE-2015-8395 (PCRE before 8.38 mishandles certain references, which allows remote ...)
+CVE-2015-8395
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10334,21 +10334,21 @@ CVE-2015-8395 (PCRE before 8.38 mishandles certain references, which allows remo
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1594
 	NOTE: related issue to CVE-2015-8384 and CVE-2015-8392
 	NOTE: Same fix as used for CVE-2015-8381
-CVE-2015-8394 (PCRE before 8.38 mishandles the (?(&lt;digits&gt;) and (?(R&lt;digits&gt;) ...)
+CVE-2015-8394
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1589
-CVE-2015-8393 (pcregrep in PCRE before 8.38 mishandles the -q option for binary ...)
+CVE-2015-8393
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1586
-CVE-2015-8392 (PCRE before 8.38 mishandles certain instances of the (?| substring, ...)
+CVE-2015-8392
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10356,7 +10356,7 @@ CVE-2015-8392 (PCRE before 8.38 mishandles certain instances of the (?| substrin
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
 	NOTE: related issue to CVE-2015-8384 and CVE-2015-8395
-CVE-2015-8391 (The pcre_compile function in pcre_compile.c in PCRE before 8.38 ...)
+CVE-2015-8391
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -10364,14 +10364,14 @@ CVE-2015-8391 (The pcre_compile function in pcre_compile.c in PCRE before 8.38 .
 	NOTE: Fixed in 8.38
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1579
 	NOTE: First bad commit: http://vcs.pcre.org/pcre?view=revision&revision=640
-CVE-2015-8390 (PCRE before 8.38 mishandles the [: and \\ substrings in character ...)
+CVE-2015-8390
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1578
-CVE-2015-8389 (PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related ...)
+CVE-2015-8389
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -10380,7 +10380,7 @@ CVE-2015-8389 (PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and relat
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1577
 	NOTE: First bad commit: http://vcs.pcre.org/pcre?view=revision&revision=1440
 	NOTE: Only after r1577 looks like there is another new issue (stack-buffer-underflow, READ of size 4 when running PoC)
-CVE-2015-8388 (PCRE before 8.38 mishandles the /(?=di(?&lt;=(?1))|(?=(.))))/ pattern and ...)
+CVE-2015-8388
 	- pcre3 2:8.35-7
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -10389,14 +10389,14 @@ CVE-2015-8388 (PCRE before 8.38 mishandles the /(?=di(?&lt;=(?1))|(?=(.))))/ pat
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1571
 	NOTE: Fixed in 8.38
 	NOTE: Different issue than CVE-2015-5073 but same fixing commit
-CVE-2015-8387 (PCRE before 8.38 mishandles (?123) subroutine calls and related ...)
+CVE-2015-8387
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1563
-CVE-2015-8386 (PCRE before 8.38 mishandles the interaction of lookbehind assertions ...)
+CVE-2015-8386
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10405,14 +10405,14 @@ CVE-2015-8386 (PCRE before 8.38 mishandles the interaction of lookbehind asserti
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1560
 	NOTE: Reproducer fails starting from at least http://vcs.pcre.org/pcre?view=revision&revision=1379
 	NOTE: but the patched code is as well already present in wheezy at least.
-CVE-2015-8385 (PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and ...)
+CVE-2015-8385
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1559
-CVE-2015-8384 (PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and ...)
+CVE-2015-8384
 	- pcre3 2:8.35-7.2
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10422,7 +10422,7 @@ CVE-2015-8384 (PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern a
 	NOTE: Fixed in 8.38
 	NOTE: Fixed by http://vcs.pcre.org/pcre?view=revision&revision=1558
 	NOTE: Same fixing commit as CVE-2015-3210 but different issues
-CVE-2015-8383 (PCRE before 8.38 mishandles certain repeated conditional groups, which ...)
+CVE-2015-8383
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (vulnerable coded introduce in 8.34)
@@ -10431,7 +10431,7 @@ CVE-2015-8383 (PCRE before 8.38 mishandles certain repeated conditional groups,
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/29/1
 	NOTE: Fixed by http://vcs.pcre.org/pcre?view=revision&revision=1557
 	NOTE: Introduced by/first bad commit: http://vcs.pcre.org/pcre?view=revision&revision=1365
-CVE-2015-8382 (The match function in pcre_exec.c in PCRE before 8.37 mishandles the ...)
+CVE-2015-8382
 	- pcre3 2:8.35-7.2 (bug #794589)
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -10473,7 +10473,7 @@ CVE-2015-XXXX [XSS via queue name in Sidekiq::Web]
 	NOTE: Fixed by https://github.com/mperham/sidekiq/commit/2178d66b6686fbf4430223c34c184a64c9906828
 	NOTE: Fix released in sidekiq 3.4.0
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/01/2
-CVE-2015-5707 (Integer overflow in the sg_start_req function in drivers/scsi/sg.c in ...)
+CVE-2015-5707
 	{DSA-3329-1 DLA-310-1}
 	- linux 4.1.3-1
 	- linux-2.6 <removed>
@@ -10481,7 +10481,7 @@ CVE-2015-5707 (Integer overflow in the sg_start_req function in drivers/scsi/sg.
 	NOTE: Probably introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=10db10d144c0248f285242f79daf6b9de6b00a62 (v2.6.28-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81 (v4.1-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdc81f45e9f57858da6351836507fbcf1b7583ee (v4.1-rc1)
-CVE-2015-5706 (Use-after-free vulnerability in the path_openat function in fs/namei.c ...)
+CVE-2015-5706
 	- linux 4.0.4-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u3
 	[wheezy] - linux <not-affected> (Introduced in v3.11-rc1)
@@ -10491,37 +10491,37 @@ CVE-2015-5706 (Use-after-free vulnerability in the path_openat function in fs/na
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0 (v4.1-rc3)
 CVE-2015-5702
 	RESERVED
-CVE-2015-5705 (Argument injection vulnerability in devscripts before 2.15.7 allows ...)
+CVE-2015-5705
 	- devscripts 2.15.8 (bug #794365)
 	[jessie] - devscripts <not-affected> (Vulnerable code not present)
 	[wheezy] - devscripts <not-affected> (Vulnerable code not present)
 	[squeeze] - devscripts <not-affected> (Vulnerable code not present)
 	NOTE: Introduced in https://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=025ad4ea8ba92d32bd698a83149f782c17f78bf0 (v2.15.5)
-CVE-2015-5704 (scripts/licensecheck.pl in devscripts before 2.15.7 allows local users ...)
+CVE-2015-5704
 	- devscripts 2.15.7 (bug #794260)
 	[jessie] - devscripts <not-affected> (Vulnerable code not present)
 	[wheezy] - devscripts <not-affected> (Vulnerable code not present)
 	[squeeze] - devscripts <not-affected> (Vulnerable code not present)
 	NOTE: Introduced in https://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=025ad4ea8ba92d32bd698a83149f782c17f78bf0 (v2.15.5)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/01/1
-CVE-2015-5699 (The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux ...)
+CVE-2015-5699
 	NOT-FOR-US: Cumulus Linux
 	NOTE: https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2015-July/000002.html
-CVE-2015-5698 (Cross-site request forgery (CSRF) vulnerability in the web server on ...)
+CVE-2015-5698
 	NOT-FOR-US: Siemens
-CVE-2015-5696 (Dell Netvault Backup before 10.0.5 allows remote attackers to cause a ...)
+CVE-2015-5696
 	NOT-FOR-US: Dell Netvault Backup
-CVE-2015-5693 (The management console on Symantec Web Gateway (SWG) appliances with ...)
+CVE-2015-5693
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5692 (admin_messages.php in the management console on Symantec Web Gateway ...)
+CVE-2015-5692
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5691 (Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in ...)
+CVE-2015-5691
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5690 (The management console on Symantec Web Gateway (SWG) appliances with ...)
+CVE-2015-5690
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5689 (ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions ...)
+CVE-2015-5689
 	NOT-FOR-US: Symantec
-CVE-2015-5695 (Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo ...)
+CVE-2015-5695
 	[experimental] - designate 1:1.0.0~b2-1
 	- designate 2015.1.0+2015.08.26.git34.9fa07c5798-1 (bug #796108)
 	[jessie] - designate 2014.1-18+deb8u1
@@ -10530,16 +10530,16 @@ CVE-2015-5694 [does not enforce the DNS protocol limit concerning record set siz
 	[experimental] - designate 1:1.0.0~b2-1
 	- designate 2015.1.0+2015.08.26.git34.9fa07c5798-1 (bug #796108)
 	[jessie] - designate <not-affected> (Vulnerable code doesn't exist)
-CVE-2015-5688 (Directory traversal vulnerability in lib/app/index.js in Geddy before ...)
+CVE-2015-5688
 	NOT-FOR-US: Geddy
 	NOTE: https://github.com/geddy/geddy/issues/697
 	NOTE: https://github.com/geddy/geddy/pull/699
 	NOTE: https://nodesecurity.io/advisories/10
-CVE-2015-5687 (system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote ...)
+CVE-2015-5687
 	NOT-FOR-US: Anchor CMS
 CVE-2015-5686
 	RESERVED
-CVE-2015-5685 (The lazy_bdecode function in BitTorrent DHT bootstrap server ...)
+CVE-2015-5685
 	{DLA-312-1}
 	- libtorrent-rasterbar 1.0.6-1 (bug #797046)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
@@ -10550,9 +10550,9 @@ CVE-2015-5684
 	RESERVED
 CVE-2015-5683
 	RESERVED
-CVE-2015-5682 (upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows ...)
+CVE-2015-5682
 	NOT-FOR-US: Powerplay Gallery plugin for WordPress
-CVE-2015-5681 (Unrestricted file upload vulnerability in upload.php in the Powerplay ...)
+CVE-2015-5681
 	NOT-FOR-US: Powerplay Gallery plugin for WordPress
 CVE-2015-5680
 	RESERVED
@@ -10560,11 +10560,11 @@ CVE-2015-5679
 	RESERVED
 CVE-2015-5678
 	RESERVED
-CVE-2015-5677 (bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable ...)
+CVE-2015-5677
 	NOT-FOR-US: bsnmpd
 CVE-2015-5676
 	RESERVED
-CVE-2015-5675 (The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 ...)
+CVE-2015-5675
 	- kfreebsd-10 10.1~svn274115-10 (unimportant; bug #796996)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed> (bug #796997)
@@ -10572,44 +10572,44 @@ CVE-2015-5675 (The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
-CVE-2015-5674 (The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 ...)
+CVE-2015-5674
 	NOT-FOR-US: routed daemon in FreeBSD
-CVE-2015-5673 (eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) ...)
+CVE-2015-5673
 	NOT-FOR-US: ISUCON5 qualifier portal
-CVE-2015-5672 (TYPE-MOON Fate/stay night, Fate/hollow ataraxia, Witch on the Holy ...)
+CVE-2015-5672
 	NOT-FOR-US: TYPE-MOON
-CVE-2015-5671 (Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to ...)
+CVE-2015-5671
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5670 (Cross-site scripting (XSS) vulnerability in Techno Project Japan ...)
+CVE-2015-5670
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5669 (Techno Project Japan Enisys Gw before 1.4.1 allows remote ...)
+CVE-2015-5669
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5668 (SQL injection vulnerability in Techno Project Japan Enisys Gw before ...)
+CVE-2015-5668
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5667 (Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module ...)
+CVE-2015-5667
 	{DLA-339-1}
 	- libhtml-scrubber-perl 0.15-1 (bug #803943)
 	[jessie] - libhtml-scrubber-perl 0.11-1+deb8u1
 	[wheezy] - libhtml-scrubber-perl 0.09-1+deb7u1
 	NOTE: Upstream fix: https://github.com/nigelm/html-scrubber/commit/e1978cc37867e85c06a84a4651745235010cd6cd
-CVE-2015-5666 (ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and ...)
+CVE-2015-5666
 	NOT-FOR-US: ANA App
-CVE-2015-5665 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE ...)
+CVE-2015-5665
 	NOT-FOR-US: LOCKON
-CVE-2015-5664 (Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS ...)
+CVE-2015-5664
 	NOT-FOR-US: QNAP
-CVE-2015-5663 (The file-execution functionality in WinRAR before 5.30 beta 5 allows ...)
+CVE-2015-5663
 	NOT-FOR-US: WinRAR
-CVE-2015-5662 (Directory traversal vulnerability in Avast before 150918-0 allows ...)
+CVE-2015-5662
 	NOT-FOR-US: Avast
-CVE-2015-5661 (The SAND STUDIO AirDroid application 1.1.0 and earlier for Android ...)
+CVE-2015-5661
 	NOT-FOR-US: SAND STUDIO AirDroid
-CVE-2015-5660 (Cross-site request forgery (CSRF) vulnerability in eXtplorer before ...)
+CVE-2015-5660
 	{DLA-485-1}
 	- extplorer <removed>
 	NOTE: http://extplorer.net/news/18
 	NOTE: http://extplorer.net/projects/extplorer/repository/diff?utf8=%E2%9C%93&rev=242&rev_to=241
-CVE-2015-5659 (SQL injection vulnerability in Network Applied Communication ...)
+CVE-2015-5659
 	NOT-FOR-US: Network Applied Communication Laboratory Pref Shimane CMS
 CVE-2015-5658
 	REJECTED
@@ -10617,61 +10617,61 @@ CVE-2015-5657
 	REJECTED
 CVE-2015-5656
 	REJECTED
-CVE-2015-5655 (The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 ...)
+CVE-2015-5655
 	NOT-FOR-US: Adways Party Track SDK
-CVE-2015-5654 (Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 ...)
+CVE-2015-5654
 	- dojo <not-affected> (Fixed before the first version in Debian)
-CVE-2015-5653 (Buffer overflow in Canary Labs Trend Web Server before 9.5.2 allows ...)
+CVE-2015-5653
 	NOT-FOR-US: Canary Labs Trend Web Server
-CVE-2015-5652 (Untrusted search path vulnerability in python.exe in Python through ...)
+CVE-2015-5652
 	NOT-FOR-US: Python on Windows
-CVE-2015-5651 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 ...)
+CVE-2015-5651
 	- dotclear <removed> (bug #815979)
 	NOTE: http://dotclear.org/blog/post/2015/09/23/Dotclear-2.8.1
-CVE-2015-5650 (Directory traversal vulnerability in AjaXplorer 2.0 allows remote ...)
+CVE-2015-5650
 	NOT-FOR-US: AjaXplorer
-CVE-2015-5649 (Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles ...)
+CVE-2015-5649
 	NOT-FOR-US: Cybozu Garoon
-CVE-2015-5648 (SQL injection vulnerability in list.php in phpRechnung before 1.6.5 ...)
+CVE-2015-5648
 	NOT-FOR-US: phpRechnung
-CVE-2015-5647 (The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x ...)
+CVE-2015-5647
 	NOT-FOR-US: Cybozu Garoon
-CVE-2015-5646 (Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote ...)
+CVE-2015-5646
 	NOT-FOR-US: Cybozu Garoon
-CVE-2015-5645 (ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to ...)
+CVE-2015-5645
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5644 (The installer in ICZ MATCHA SNS before 1.3.7 does not properly ...)
+CVE-2015-5644
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5643 (The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly ...)
+CVE-2015-5643
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5642 (Multiple SQL injection vulnerabilities in ICZ MATCHA INVOICE before ...)
+CVE-2015-5642
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5641 (SQL injection vulnerability in baserCMS before 3.0.8 allows remote ...)
+CVE-2015-5641
 	NOT-FOR-US: baserCMS
-CVE-2015-5640 (baserCMS before 3.0.8 allows remote authenticated users to modify ...)
+CVE-2015-5640
 	NOT-FOR-US: baserCMS
-CVE-2015-5639 (niconico App for iOS before 6.38 does not verify SSL certificates ...)
+CVE-2015-5639
 	NOT-FOR-US: niconico App for iOS
-CVE-2015-5638 (Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before ...)
+CVE-2015-5638
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/921
-CVE-2015-5637 (The Newphoria Photon application before 1.2 for Android allows ...)
+CVE-2015-5637
 	NOT-FOR-US: Newphoria
-CVE-2015-5636 (The Newphoria Reversi application before 1.0.3 for Android and before ...)
+CVE-2015-5636
 	NOT-FOR-US: Newphoria
-CVE-2015-5635 (The Newphoria Koritore application before 1.1 for Android and before ...)
+CVE-2015-5635
 	NOT-FOR-US: Newphoria
-CVE-2015-5634 (The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and ...)
+CVE-2015-5634
 	NOT-FOR-US: Newphoria
-CVE-2015-5633 (The Newphoria Auction Camera application for iOS and before 1.2 for ...)
+CVE-2015-5633
 	NOT-FOR-US: Newphoria
-CVE-2015-5632 (The runtime engine in the Newphoria applican framework before 1.12.3 ...)
+CVE-2015-5632
 	NOT-FOR-US: Newphoria
-CVE-2015-5631 (Cross-site request forgery (CSRF) vulnerability in the Remote UI on ...)
+CVE-2015-5631
 	NOT-FOR-US: Canon
-CVE-2015-5630 (Cross-site scripting (XSS) vulnerability in the NTT Broadband Platform ...)
+CVE-2015-5630
 	NOT-FOR-US: NTT
-CVE-2015-5629 (The NTT Broadband Platform Japan Connected-free Wi-Fi application ...)
+CVE-2015-5629
 	NOT-FOR-US: NTT
 CVE-2015-5628
 	RESERVED
@@ -10679,11 +10679,11 @@ CVE-2015-5627
 	RESERVED
 CVE-2015-5626
 	RESERVED
-CVE-2015-5625 (Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 ...)
+CVE-2015-5625
 	NOT-FOR-US: OpenDocMan
-CVE-2015-5624 (Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ...)
+CVE-2015-5624
 	NOT-FOR-US: FreeBit
-CVE-2015-5697 (The get_bitmap_file function in drivers/md/md.c in the Linux kernel ...)
+CVE-2015-5697
 	{DSA-3329-1 DLA-310-1}
 	- linux 4.1.3-1
 	- linux-2.6 <removed>
@@ -10691,9 +10691,9 @@ CVE-2015-5697 (The get_bitmap_file function in drivers/md/md.c in the Linux kern
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/28/2
 CVE-2015-5620
 	RESERVED
-CVE-2015-5619 (Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack ...)
+CVE-2015-5619
 	- logstash <itp> (bug #664841)
-CVE-2015-5618 (Chiyu BF-630 and BF-630W fingerprint access-control devices allow ...)
+CVE-2015-5618
 	NOT-FOR-US: Chiyu BF-630 and BF-630W fingerprint access-control devices
 CVE-2015-5617
 	RESERVED
@@ -10703,38 +10703,38 @@ CVE-2015-5615
 	REJECTED
 CVE-2015-5614
 	REJECTED
-CVE-2015-5613 (Cross-site scripting (XSS) vulnerability in October CMS build 271 and ...)
+CVE-2015-5613
 	NOT-FOR-US: October CMS
-CVE-2015-5612 (Cross-site scripting (XSS) vulnerability in October CMS build 271 and ...)
+CVE-2015-5612
 	NOT-FOR-US: October CMS
-CVE-2015-5623 (WordPress before 4.2.3 does not properly verify the edit_posts ...)
+CVE-2015-5623
 	{DSA-3328-1}
 	- wordpress 4.2.3+dfsg-1
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	[squeeze] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/33357
-CVE-2015-5622 (Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 ...)
+CVE-2015-5622
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.3+dfsg-1
 	NOTE: https://core.trac.wordpress.org/changeset/33359
-CVE-2015-5611 (Unspecified vulnerability in Uconnect before 15.26.1, as used in ...)
+CVE-2015-5611
 	NOT-FOR-US: Uconnect
-CVE-2015-5610 (The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central ...)
+CVE-2015-5610
 	NOT-FOR-US: SolarWinds
-CVE-2015-5609 (Absolute path traversal vulnerability in the Image Export plugin 1.1 ...)
+CVE-2015-5609
 	NOT-FOR-US: Image Export plugin for WordPress
-CVE-2015-5608 (Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1. ...)
+CVE-2015-5608
 	NOT-FOR-US: Joomla!
 CVE-2015-5606
 	RESERVED
-CVE-2015-5605 (The regular-expression implementation in Google V8, as used in Google ...)
+CVE-2015-5605
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 CVE-2015-5604
 	RESERVED
-CVE-2015-5603 (The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows ...)
+CVE-2015-5603
 	NOT-FOR-US: HipChat plugin
-CVE-2015-5602 (sudoedit in Sudo before 1.8.15 allows local users to gain privileges ...)
+CVE-2015-5602
 	{DSA-3440-1 DLA-382-1}
 	- sudo 1.8.15-1.1 (bug #804149)
 	NOTE: http://bugzilla.sudo.ws/show_bug.cgi?id=707
@@ -10743,7 +10743,7 @@ CVE-2015-5602 (sudoedit in Sudo before 1.8.15 allows local users to gain privile
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1512781
 CVE-2015-5601
 	RESERVED
-CVE-2015-5600 (The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH ...)
+CVE-2015-5600
 	{DLA-1500-1 DLA-288-1}
 	- openssh 1:6.9p1-1 (bug #793616)
 	[wheezy] - openssh <no-dsa> (Minor issue; not in default configurations)
@@ -10752,7 +10752,7 @@ CVE-2015-5600 (The kbdint_next_device function in auth2-chall.c in sshd in OpenS
 	NOTE: to yes. Default for KbdInteractiveAuthentication is to use whatever
 	NOTE: value ChallengeResponseAuthentication is set to, which is 'no' in
 	NOTE: default configurations in Debian.
-CVE-2015-5599 (Multiple SQL injection vulnerabilities in upload.php in the Powerplay ...)
+CVE-2015-5599
 	NOT-FOR-US: Powerplay Gallery plugin for WordPress
 CVE-2015-5598
 	RESERVED
@@ -10763,7 +10763,7 @@ CVE-2015-5596
 CVE-2015-5595
 	RESERVED
 	NOT-FOR-US: Zenphoto
-CVE-2015-5594 (The sanitize_string function in ZenPhoto before 1.4.9 utilized the ...)
+CVE-2015-5594
 	NOT-FOR-US: Zenphoto
 CVE-2015-5593
 	RESERVED
@@ -10774,109 +10774,109 @@ CVE-2015-5592
 CVE-2015-5591
 	RESERVED
 	NOT-FOR-US: Zenphoto
-CVE-2015-5588 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5588
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5587 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 ...)
+CVE-2015-5587
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5586 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5586
 	NOT-FOR-US: Adobe
 CVE-2015-5585
 	REJECTED
-CVE-2015-5584 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
+CVE-2015-5584
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5583 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+CVE-2015-5583
 	NOT-FOR-US: Adobe
-CVE-2015-5582 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5582
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5581 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
+CVE-2015-5581
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5580 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5580
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5579 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5579
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5578 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5578
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5577 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5577
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5576 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5576
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5575 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5575
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5574 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
+CVE-2015-5574
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5573 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5573
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5572 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5572
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5571 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5571
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5570 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
+CVE-2015-5570
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5569 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
+CVE-2015-5569
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5568 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5568
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5567 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
+CVE-2015-5567
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5566 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5566
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5565 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5565
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5564 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5564
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5563 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5563
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5562 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5562
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5561 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5561
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5560 (Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows ...)
+CVE-2015-5560
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5559 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5559
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5558 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5558
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5557 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5557
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5556 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5556
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5555 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5555
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5554 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5554
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5553 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5553
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5552 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5552
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5551 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5551
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5550 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5550
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5549 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5549
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5548 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5548
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5547 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5547
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5546 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5546
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5545 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5545
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5544 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5544
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5543
 	REJECTED
 CVE-2015-5542
 	REJECTED
-CVE-2015-5541 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on ...)
+CVE-2015-5541
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5540 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5540
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5539 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5539
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5538 (Multiple unspecified vulnerabilities in Citrix NetScaler Application ...)
+CVE-2015-5538
 	NOT-FOR-US: Citrix
-CVE-2015-5537 (The SSL layer of the HTTPS service in Siemens RuggedCom ROS before ...)
+CVE-2015-5537
 	NOT-FOR-US: Siemens
 CVE-2015-XXXX [integer overflow]
 	- freexl 1.0.2-1
@@ -10932,33 +10932,33 @@ CVE-2015-XXXX [SQL Injection Vulnerability in graph items and graph template ite
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/18/4
 	NOTE: http://bugs.cacti.net/view.php?id=2574
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
-CVE-2015-5590 (Stack-based buffer overflow in the phar_fix_filepath function in ...)
+CVE-2015-5590
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69923
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
 	NOTE: Fixed in 5.6.11, 5.4.43
-CVE-2015-5589 (The phar_convert_to_other function in ext/phar/phar_object.c in PHP ...)
+CVE-2015-5589
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69958
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
 	NOTE: Fixed in 5.6.11, 5.4.43
-CVE-2015-5536 (Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before ...)
+CVE-2015-5536
 	NOT-FOR-US: Belkin router
-CVE-2015-5535 (Cross-site scripting (XSS) vulnerability in the qTranslate plugin ...)
+CVE-2015-5535
 	NOT-FOR-US: qTranslate plugin for wordpress
-CVE-2015-5534 (Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall ...)
+CVE-2015-5534
 	NOT-FOR-US: Oxwall
-CVE-2015-5533 (SQL injection vulnerability in counter-options.php in the Count Per ...)
+CVE-2015-5533
 	NOT-FOR-US: WordPress plugin count-per-day
-CVE-2015-5532 (Multiple cross-site scripting (XSS) vulnerabilities in the Paid ...)
+CVE-2015-5532
 	NOT-FOR-US: WordPress plugin paid-memberships-pro
-CVE-2015-5530 (Multiple cross-site request forgery (CSRF) vulnerabilities in Free ...)
+CVE-2015-5530
 	NOT-FOR-US: Free Reprintables
-CVE-2015-5529 (Multiple cross-site scripting (XSS) vulnerabilities in Free ...)
+CVE-2015-5529
 	NOT-FOR-US: Free Reprintables
-CVE-2015-5528 (Cross-site scripting (XSS) vulnerability in the save_order function in ...)
+CVE-2015-5528
 	NOT-FOR-US: save_order function in class-floating-social-bar.php in the Floating Social Bar plugin for WordPress
 CVE-2015-5527
 	RESERVED
@@ -10968,15 +10968,15 @@ CVE-2015-5525
 	RESERVED
 CVE-2015-5524
 	RESERVED
-CVE-2015-5531 (Directory traversal vulnerability in Elasticsearch before 1.6.1 allows ...)
+CVE-2015-5531
 	- elasticsearch 1.6.1+dfsg-1 (bug #792617)
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)
 	NOTE: https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security
-CVE-2015-5521 (Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows ...)
+CVE-2015-5521
 	NOT-FOR-US: BlackCat CMS
-CVE-2015-5520 (Cross-site scripting (XSS) vulnerability in the Users module in ...)
+CVE-2015-5520
 	NOT-FOR-US: Orchard CMS
-CVE-2015-5519 (Cross-site scripting (XSS) vulnerability in the applyConvolution demo ...)
+CVE-2015-5519
 	NOT-FOR-US: WideImage
 CVE-2015-5518
 	RESERVED
@@ -10984,85 +10984,85 @@ CVE-2015-5517
 	RESERVED
 CVE-2015-8176
 	REJECTED
-CVE-2015-5516 (Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and ...)
+CVE-2015-5516
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-6240 (The chroot, jail, and zone connection plugins in ansible before 1.9.2 ...)
+CVE-2015-6240
 	- ansible 1.9.2+dfsg-1 (low)
 	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/3
-CVE-2015-5515 (The Views Bulk Operations (VBO) module 6.x-1.x and 7.x-3.x before ...)
+CVE-2015-5515
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5514 (Cross-site scripting (XSS) vulnerability in the Migrate module 7.x-2.x ...)
+CVE-2015-5514
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5513 (Cross-site scripting (XSS) vulnerability in the Shibboleth ...)
+CVE-2015-5513
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5512 (The me aliases module 6.x-2.x before 6.x-2.10 and 7.x-1.x before ...)
+CVE-2015-5512
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5511 (The HybridAuth Social Login module 7.x-2.x before 7.x-2.13 for Drupal ...)
+CVE-2015-5511
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5510 (Open redirect vulnerability in the Content Construction Kit (CCK) ...)
+CVE-2015-5510
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5509 (The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, ...)
+CVE-2015-5509
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5508 (Cross-site request forgery (CSRF) vulnerability in the XC NCIP ...)
+CVE-2015-5508
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5507 (Cross-site scripting (XSS) vulnerability in the Inline Entity Form ...)
+CVE-2015-5507
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5506 (The Apache Solr Real-Time module 7.x-1.x before 7.x-1.2 for Drupal ...)
+CVE-2015-5506
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5505 (The HTTP Strict Transport Security (HSTS) module 6.x-1.x before ...)
+CVE-2015-5505
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5504 (SQL injection vulnerability in the Novalnet Payment Module Ubercart ...)
+CVE-2015-5504
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5503 (Open redirect vulnerability in the Chamilo integration module 7.x-1.x ...)
+CVE-2015-5503
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5502 (The Storage API module 7.x-1.x before 7.x-1.8 for Drupal does not ...)
+CVE-2015-5502
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5501 (The Hostmaster (Aegir) module 6.x-2.x before 6.x-2.4 and 7.x-3.x ...)
+CVE-2015-5501
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5500 (Cross-site scripting (XSS) vulnerability in the Navigate module for ...)
+CVE-2015-5500
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5499 (The Navigate module for Drupal does not properly check permissions, ...)
+CVE-2015-5499
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5498 (The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not ...)
+CVE-2015-5498
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5497 (Cross-site scripting (XSS) vulnerability in the Web Links module ...)
+CVE-2015-5497
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5496 (The pass2pdf module for Drupal does not restrict access to generated ...)
+CVE-2015-5496
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5495 (Cross-site scripting (XSS) vulnerability in the Mobile sliding menu ...)
+CVE-2015-5495
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5494 (Cross-site scripting (XSS) vulnerability in the Webform Matrix ...)
+CVE-2015-5494
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5493 (The Entityform Block module 7.x-1.x before 7.x-1.3 for Drupal does not ...)
+CVE-2015-5493
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5492 (Cross-site scripting (XSS) vulnerability in the Video Consultation ...)
+CVE-2015-5492
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5491 (The Dynamic display block module 7.x-1.x before 7.x-1.1 for Drupal ...)
+CVE-2015-5491
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5490 (The _views_fetch_data method in includes/cache.inc in the Views module ...)
+CVE-2015-5490
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5489 (Cross-site scripting (XSS) vulnerability in the Smart Trim module ...)
+CVE-2015-5489
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5488 (Cross-site scripting (XSS) vulnerability in the MailChimp Signup ...)
+CVE-2015-5488
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5487 (Cross-site scripting (XSS) vulnerability in the Camtasia Relay module ...)
+CVE-2015-5487
 	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2015-5486
 	RESERVED
-CVE-2015-5485 (Cross-site scripting (XSS) vulnerability in the Event Import page ...)
+CVE-2015-5485
 	NOT-FOR-US: Event Import page (import-eventbrite-events.php) in the Modern Tribe Eventbrite Tickets plugin for WordPress
 CVE-2015-5484
 	RESERVED
 CVE-2015-5483
 	RESERVED
-CVE-2015-5482 (Directory traversal vulnerability in the GD bbPress Attachments plugin ...)
+CVE-2015-5482
 	NOT-FOR-US: GD bbPress Attachments plugin for WordPress
-CVE-2015-5481 (Cross-site scripting (XSS) vulnerability in forms/panels.php in the GD ...)
+CVE-2015-5481
 	NOT-FOR-US: GD bbPress Attachments plugin for WordPress
 CVE-2015-5480
 	RESERVED
-CVE-2015-5479 (The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav ...)
+CVE-2015-5479
 	{DLA-644-1}
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -11073,42 +11073,42 @@ CVE-2015-5479 (The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Lib
 	NOTE: Fixed in libav 11.5
 CVE-2015-5478
 	RESERVED
-CVE-2015-5477 (named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 ...)
+CVE-2015-5477
 	{DSA-3319-1 DLA-285-1}
 	- bind9 1:9.9.5.dfsg-11 (bug #793903)
 	NOTE: https://kb.isc.org/article/AA-01272/0
 CVE-2015-5476
 	RESERVED
-CVE-2015-5475 (Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker ...)
+CVE-2015-5475
 	{DSA-3335-1}
 	- request-tracker4 4.2.11-2
 	NOTE: https://github.com/bestpractical/rt/commit/67d517ba3421ba462e349c73207a627d137ef8ac (4.2.x)
 	NOTE: https://github.com/bestpractical/rt/commit/4ec786bb4743f67a35a634c1bf43b13d3d3b39a9 (4.0.x)
-CVE-2015-5474 (BitTorrent and uTorrent allow remote attackers to inject command line ...)
+CVE-2015-5474
 	NOT-FOR-US: uTorrent
-CVE-2015-5473 (Multiple directory traversal vulnerabilities in Samsung SyncThru 6 ...)
+CVE-2015-5473
 	NOT-FOR-US: Samsung
-CVE-2015-5472 (Absolute path traversal vulnerability in lib/download.php in the IBS ...)
+CVE-2015-5472
 	NOT-FOR-US: IBS Mappro plugin for WordPress
-CVE-2015-5471 (Absolute path traversal vulnerability in include/user/download.php in ...)
+CVE-2015-5471
 	NOT-FOR-US: Swim Team plugin for WordPress
-CVE-2015-5469 (Absolute path traversal vulnerability in the MDC YouTube Downloader ...)
+CVE-2015-5469
 	NOT-FOR-US: MDC YouTube Downloader plugin for WordPress
-CVE-2015-5468 (Directory traversal vulnerability in the WP e-Commerce Shop Styling ...)
+CVE-2015-5468
 	NOT-FOR-US: Commerce Shop Styling plugin for WordPress
 CVE-2015-5467
 	RESERVED
 CVE-2015-5466
 	RESERVED
-CVE-2015-5465 (Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver ...)
+CVE-2015-5465
 	NOT-FOR-US: Silicon Integrated Systems
-CVE-2015-5464 (The Gemalto SafeNet Luna HSM allows remote authenticated users to ...)
+CVE-2015-5464
 	NOT-FOR-US: Gemalto
 CVE-2015-5463
 	RESERVED
 CVE-2015-5462
 	RESERVED
-CVE-2015-5607 (Cross-site request forgery in the REST API in IPython 2 and 3. ...)
+CVE-2015-5607
 	- ipython 2.4.1-1 (bug #793123)
 	[jessie] - ipython <no-dsa> (Minor issue)
 	[wheezy] - ipython <no-dsa> (Minor issue)
@@ -11117,49 +11117,49 @@ CVE-2015-5607 (Cross-site request forgery in the REST API in IPython 2 and 3. ..
 	NOTE: https://github.com/ipython/ipython/commit/1415a9710407e7c14900531813c15ba6165f0816 (3.x)
 	NOTE: Affected versions: 0.12 <= version <= 3.2.0
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/12/4
-CVE-2015-5461 (Open redirect vulnerability in the Redirect function in ...)
+CVE-2015-5461
 	NOT-FOR-US: Redirect function in stageshow_redirect.php in the StageShow plugin for WordPress
-CVE-2015-5460 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-5460
 	NOT-FOR-US: Snorby
-CVE-2015-5459 (SQL injection vulnerability in the AdvanceSearch.class in ...)
+CVE-2015-5459
 	NOT-FOR-US: Password Manager Pro
-CVE-2015-5458 (Session fixation vulnerability in fileupload.php in PivotX before ...)
+CVE-2015-5458
 	NOT-FOR-US: PivotX
-CVE-2015-5457 (PivotX before 2.3.11 does not validate the new file extension when ...)
+CVE-2015-5457
 	NOT-FOR-US: PivotX
-CVE-2015-5456 (Cross-site scripting (XSS) vulnerability in the form method in ...)
+CVE-2015-5456
 	NOT-FOR-US: PivotX
-CVE-2015-5455 (Cross-site scripting (XSS) vulnerability in X-Cart 4.5.0 and earlier ...)
+CVE-2015-5455
 	NOT-FOR-US: X-cart
-CVE-2015-5454 (Cross-site scripting (XSS) vulnerability in Nucleus CMS allows remote ...)
+CVE-2015-5454
 	NOT-FOR-US: Nucleus CMS
-CVE-2015-5453 (Watchguard XCS 9.2 and 10.0 before build 150522 allow remote ...)
+CVE-2015-5453
 	NOT-FOR-US: Watchguard XCS
-CVE-2015-5452 (SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before ...)
+CVE-2015-5452
 	NOT-FOR-US: Watchguard XCS
-CVE-2015-5451 (Cross-site request forgery (CSRF) vulnerability in HP Operations ...)
+CVE-2015-5451
 	NOT-FOR-US: HP Operations Orchestration Central
 CVE-2015-5450
 	REJECTED
 CVE-2015-5449
 	REJECTED
-CVE-2015-5448 (HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 ...)
+CVE-2015-5448
 	NOT-FOR-US: HP Asset Manager
-CVE-2015-5447 (Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system ...)
+CVE-2015-5447
 	NOT-FOR-US: HP StoreOnce Backup
-CVE-2015-5446 (HP StoreOnce Backup system software before 3.13.1 allows remote ...)
+CVE-2015-5446
 	NOT-FOR-US: HP StoreOnce Backup
-CVE-2015-5445 (Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup ...)
+CVE-2015-5445
 	NOT-FOR-US: HP StoreOnce Backup
-CVE-2015-5444 (Multiple cross-site scripting (XSS) vulnerabilities in HP Smart ...)
+CVE-2015-5444
 	NOT-FOR-US: SPS DAL
-CVE-2015-5443 (HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 ...)
+CVE-2015-5443
 	NOT-FOR-US: HP
-CVE-2015-5442 (Unspecified vulnerability in HP Software Update before 5.005.002.002 ...)
+CVE-2015-5442
 	NOT-FOR-US: HP Software Update
-CVE-2015-5441 (Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight ...)
+CVE-2015-5441
 	NOT-FOR-US: HP Arcsight
-CVE-2015-5440 (HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before ...)
+CVE-2015-5440
 	NOT-FOR-US: HP UCMDB
 CVE-2015-5439
 	REJECTED
@@ -11169,81 +11169,81 @@ CVE-2015-5437
 	REJECTED
 CVE-2015-5436
 	REJECTED
-CVE-2015-5435 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 ...)
+CVE-2015-5435
 	NOT-FOR-US: HP
-CVE-2015-5434 (HPE Networking Products, originally branded as Comware 5, Comware 7, ...)
+CVE-2015-5434
 	NOT-FOR-US: HP H3C
-CVE-2015-5433 (HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used ...)
+CVE-2015-5433
 	NOT-FOR-US: HP Virtual Connect Enterprise Manager
-CVE-2015-5432 (HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used ...)
+CVE-2015-5432
 	NOT-FOR-US: HP Virtual Connect Enterprise Manager
-CVE-2015-5431 (HP Matrix Operating Environment before 7.5.0 allows remote ...)
+CVE-2015-5431
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5430 (HP Matrix Operating Environment before 7.5.0 allows remote attackers ...)
+CVE-2015-5430
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5429 (HP Matrix Operating Environment before 7.5.0 allows remote attackers ...)
+CVE-2015-5429
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5428 (HP Matrix Operating Environment before 7.5.0 allows remote attackers ...)
+CVE-2015-5428
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5427 (HP Matrix Operating Environment before 7.5.0 allows remote attackers ...)
+CVE-2015-5427
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5426 (Unspecified vulnerability in HP LoadRunner Controller before 12.50 ...)
+CVE-2015-5426
 	NOT-FOR-US: HP LoadRunner
 CVE-2015-5425
 	REJECTED
-CVE-2015-5424 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5424
 	NOT-FOR-US: HP KeyView
-CVE-2015-5423 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5423
 	NOT-FOR-US: HP KeyView
-CVE-2015-5422 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5422
 	NOT-FOR-US: HP KeyView
-CVE-2015-5421 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5421
 	NOT-FOR-US: HP KeyView
-CVE-2015-5420 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5420
 	NOT-FOR-US: HP KeyView
-CVE-2015-5419 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5419
 	NOT-FOR-US: HP KeyView
-CVE-2015-5418 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5418
 	NOT-FOR-US: HP KeyView
-CVE-2015-5417 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5417
 	NOT-FOR-US: HP KeyView
-CVE-2015-5416 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x ...)
+CVE-2015-5416
 	NOT-FOR-US: HP KeyView
 CVE-2015-5415
 	REJECTED
 CVE-2015-5414
 	REJECTED
-CVE-2015-5413 (HP Version Control Repository Manager (VCRM) before 7.5.0 allows ...)
+CVE-2015-5413
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5412 (Cross-site request forgery (CSRF) vulnerability in HP Version Control ...)
+CVE-2015-5412
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5411 (HP Version Control Repository Manager (VCRM) before 7.5.0 allows ...)
+CVE-2015-5411
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5410 (HP Version Control Repository Manager (VCRM) before 7.5.0 allows ...)
+CVE-2015-5410
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5409 (Buffer overflow in HP Version Control Repository Manager (VCRM) before ...)
+CVE-2015-5409
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5408 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
+CVE-2015-5408
 	NOT-FOR-US: HP CentralView Fraud Risk Management
-CVE-2015-5407 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
+CVE-2015-5407
 	NOT-FOR-US: HP CentralView Fraud Risk Management
-CVE-2015-5406 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
+CVE-2015-5406
 	NOT-FOR-US: HP CentralView Fraud Risk Management
-CVE-2015-5405 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix ...)
+CVE-2015-5405
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5404 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix ...)
+CVE-2015-5404
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5403 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix ...)
+CVE-2015-5403
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5402 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix ...)
+CVE-2015-5402
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5401 (Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 ...)
+CVE-2015-5401
 	NOT-FOR-US: Teradata
-CVE-2015-5399 (Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows ...)
+CVE-2015-5399
 	NOT-FOR-US: PHPVibe
 CVE-2015-5398
 	RESERVED
-CVE-2015-5397 (Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 ...)
+CVE-2015-5397
 	NOT-FOR-US: Joomla!
 CVE-2015-5396
 	RESERVED
@@ -11263,43 +11263,43 @@ CVE-2015-5388
 	RESERVED
 CVE-2015-5387
 	RESERVED
-CVE-2015-5386 (Siemens SICAM MIC devices with firmware before 2404 allow remote ...)
+CVE-2015-5386
 	NOT-FOR-US: Siemens
 CVE-2015-5385
 	RESERVED
 CVE-2015-5384
 	RESERVED
-CVE-2015-5379 (Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax ...)
+CVE-2015-5379
 	NOT-FOR-US: Axigen
-CVE-2015-5378 (Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote ...)
+CVE-2015-5378
 	- logstash <itp> (bug #664841)
-CVE-2015-5377 (** DISPUTED ** Elasticsearch before 1.6.1 allows remote attackers to ...)
+CVE-2015-5377
 	- elasticsearch 1.6.1+dfsg-1 (bug #792617)
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)
 	NOTE: https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security
-CVE-2015-5376 (SQL injection vulnerability in the login form in GSI WiNPAT Portal ...)
+CVE-2015-5376
 	NOT-FOR-US: GSI WiNPAT Portal
-CVE-2015-5375 (Cross-site scripting (XSS) vulnerability in unspecified dialogs for ...)
+CVE-2015-5375
 	NOT-FOR-US: Open-Xchange
-CVE-2015-5374 (A vulnerability has been identified in Firmware variant PROFINET IO ...)
+CVE-2015-5374
 	NOT-FOR-US: Siemens
 CVE-2015-5373
 	RESERVED
-CVE-2015-5372 (The SAML 2.0 implementation in AdNovum nevisAuth 4.13.0.0 before ...)
+CVE-2015-5372
 	NOT-FOR-US: AdNovum nevisAuth
-CVE-2015-5371 (The AuthenticationFilter class in SolarWinds Storage Manager allows ...)
+CVE-2015-5371
 	NOT-FOR-US: SolarWinds
-CVE-2015-5370 (Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before ...)
+CVE-2015-5370
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5370.html
-CVE-2015-5369 (Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, ...)
+CVE-2015-5369
 	NOT-FOR-US: Pulse Connect Secure / Juniper PCS
-CVE-2015-5368 (The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before ...)
+CVE-2015-5368
 	NOT-FOR-US: HP
-CVE-2015-5367 (The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before ...)
+CVE-2015-5367
 	NOT-FOR-US: HP
-CVE-2015-8041 (Multiple integer overflows in the NDEF record parser in hostapd before ...)
+CVE-2015-8041
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #795740)
 	- wpasupplicant <removed>
@@ -11308,14 +11308,14 @@ CVE-2015-8041 (Multiple integer overflows in the NDEF record parser in hostapd b
 	[squeeze] - hostapd <not-affected> (v0.7.0-v2.4 with CONFIG_WPS_NFC=y)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/08/3
 	NOTE: http://w1.fi/security/2015-5/
-CVE-2015-5395 (Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0. ...)
+CVE-2015-5395
 	- sogo 3.2.4-0.2 (bug #796197)
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.debian.org/debian-lts/2016/05/msg00197.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/10
 	NOTE: http://www.sogo.nu/bugs/view.php?id=3246
 	NOTE: https://github.com/inverse-inc/sogo/commit/582baf2960969c73f98643e46cfb49432c30b711 (SOGo-3.1.0)
-CVE-2015-5470 (The label decompression functionality in PowerDNS Recursor before ...)
+CVE-2015-5470
 	{DSA-3307-1 DSA-3306-1}
 	- pdns 3.4.5-1
 	[wheezy] - pdns <not-affected> (3.2 and up affected)
@@ -11326,23 +11326,23 @@ CVE-2015-5470 (The label decompression functionality in PowerDNS Recursor before
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/6
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
 	NOTE: Patch: http://downloads.powerdns.com/patches/2015-01/rec-3.7.2.patch
-CVE-2015-5383 (Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain ...)
+CVE-2015-5383
 	- roundcube <not-affected> (protection is done in apache config in binary package)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
 	NOTE: http://trac.roundcube.net/ticket/1490378
-CVE-2015-5382 (program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 ...)
+CVE-2015-5382
 	- roundcube 1.1.2+dfsg.1-1 (bug #791643)
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
 	NOTE: http://trac.roundcube.net/ticket/1490379
-CVE-2015-5381 (Cross-site scripting (XSS) vulnerability in program/include/rcmail.php ...)
+CVE-2015-5381
 	- roundcube 1.1.2+dfsg.1-1 (bug #791643)
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
 	NOTE: http://trac.roundcube.net/ticket/1490417
-CVE-2015-5400 (Squid before 3.5.6 does not properly handle CONNECT method peer ...)
+CVE-2015-5400
 	{DSA-3327-1 DLA-286-1}
 	- squid 4.1-1
 	[wheezy] - squid <no-dsa> (Fix is hard to backport and default configuration is not affected)
@@ -11355,34 +11355,34 @@ CVE-2015-5400 (Squid before 3.5.6 does not properly handle CONNECT method peer .
 	NOTE: In squeeze's squid3 the code is structured differently but the bug still appears to be present.
 	NOTE: For squid 2.x all versions are affected, cf. comment by upstream in
 	NOTE: https://bugs.debian.org/793128#12
-CVE-2015-5380 (The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in ...)
+CVE-2015-5380
 	- nodejs <not-affected> (Only affects 0.12.x)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/05/1
-CVE-2015-5365 (Cross-site scripting (XSS) vulnerability in Zurmo CRM 3.0.2 allows ...)
+CVE-2015-5365
 	NOT-FOR-US: Zurmo CRM
-CVE-2015-5363 (The SRX Network Security Daemon (nsd) in Juniper SRX Series services ...)
+CVE-2015-5363
 	NOT-FOR-US: Juniper
-CVE-2015-5362 (The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 ...)
+CVE-2015-5362
 	NOT-FOR-US: Juniper
 CVE-2015-5361
 	RESERVED
-CVE-2015-5360 (IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before ...)
+CVE-2015-5360
 	NOT-FOR-US: Juniper
-CVE-2015-5359 (Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before ...)
+CVE-2015-5359
 	NOT-FOR-US: Juniper
-CVE-2015-5358 (Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before ...)
+CVE-2015-5358
 	NOT-FOR-US: Juniper
-CVE-2015-5357 (The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos ...)
+CVE-2015-5357
 	NOT-FOR-US: Juniper
-CVE-2015-5356 (Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in ...)
+CVE-2015-5356
 	NOT-FOR-US: GetSimple CMS
-CVE-2015-5355 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS ...)
+CVE-2015-5355
 	NOT-FOR-US: GetSimple CMS
-CVE-2015-5354 (Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote ...)
+CVE-2015-5354
 	NOT-FOR-US: Novius OS
-CVE-2015-5353 (Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows ...)
+CVE-2015-5353
 	NOT-FOR-US: Novius OS
-CVE-2015-5351 (The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x ...)
+CVE-2015-5351
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -11394,15 +11394,15 @@ CVE-2015-5351 (The (1) Manager and (2) Host Manager applications in Apache Tomca
 	NOTE: upstream patches reveals that this issue is fixed since 6.0.45
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720661
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720663
-CVE-2015-5350 (In Garden versions 0.22.0-0.329.0, a vulnerability has been discovered ...)
+CVE-2015-5350
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-5349 (The CSV export in Apache LDAP Studio and Apache Directory Studio ...)
+CVE-2015-5349
 	NOT-FOR-US: Apache LDAP Studio and Apache Directory Studio
-CVE-2015-5348 (Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x ...)
+CVE-2015-5348
 	NOT-FOR-US: Apache Camel
-CVE-2015-5347 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2015-5347
 	NOT-FOR-US: Apache Wicket
-CVE-2015-5346 (Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ...)
+CVE-2015-5346
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.30-1
@@ -11414,7 +11414,7 @@ CVE-2015-5346 (Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1713187
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1713185
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1723506
-CVE-2015-5345 (The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before ...)
+CVE-2015-5345
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.30-1
@@ -11422,36 +11422,36 @@ CVE-2015-5345 (The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x befo
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.67, 8.0.30, 9.0.0.M3
-CVE-2015-5344 (The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x ...)
+CVE-2015-5344
 	NOT-FOR-US: Apache Camel
-CVE-2015-5343 (Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, ...)
+CVE-2015-5343
 	{DSA-3424-1}
 	- subversion 1.9.3-1
 	[wheezy] - subversion <not-affected> (Vulnerable code not present)
 	[squeeze] - subversion <not-affected> (Vulnerable code not present)
 	NOTE: https://subversion.apache.org/security/CVE-2015-5343-advisory.txt
-CVE-2015-5342 (The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x ...)
+CVE-2015-5342
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5341 (mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before ...)
+CVE-2015-5341
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5340 (Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and ...)
+CVE-2015-5340
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5339 (The core_enrol_get_enrolled_users web service in enrol/externallib.php ...)
+CVE-2015-5339
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5338 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-5338
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5337 (Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and ...)
+CVE-2015-5337
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5336 (Multiple cross-site scripting (XSS) vulnerabilities in the survey ...)
+CVE-2015-5336
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5335 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-5335
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 CVE-2015-5334
@@ -11460,11 +11460,11 @@ CVE-2015-5334
 CVE-2015-5333
 	RESERVED
 	- libressl <itp> (bug #754513)
-CVE-2015-5332 (Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote ...)
+CVE-2015-5332
 	- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2015-5331 (Moodle 2.9.x before 2.9.3 does not properly check the contact list ...)
+CVE-2015-5331
 	- moodle <not-affected> (Only affects 2.9 and later)
-CVE-2015-5330 (ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before ...)
+CVE-2015-5330
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
@@ -11481,45 +11481,45 @@ CVE-2015-5330 (ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x bef
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=83f1d39cd9ab9b8b548602f9ee806a994fca9d0c (v4-1-stable)
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5330.html
 	NOTE: Samba update needs as well fixed ldb
-CVE-2015-5329 (The TripleO Heat templates (tripleo-heat-templates), as used in Red ...)
+CVE-2015-5329
 	- tripleo-heat-templates 5.2.0-1 (bug #851396)
 CVE-2015-5328
 	RESERVED
-CVE-2015-5327 (Out-of-bounds memory read in the x509_decode_time function in ...)
+CVE-2015-5327
 	- linux <not-affected> (Only affected 4.3-rc1 onwards)
 	- linux-2.6 <not-affected> (Only affected 4.3-rc1 onwards)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cc25b994acfbc901429da682d0f73c190e960206 (v4.4-rc1)
-CVE-2015-5326 (Cross-site scripting (XSS) vulnerability in the slave overview page in ...)
+CVE-2015-5326
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5325 (Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass ...)
+CVE-2015-5325
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5324 (Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to ...)
+CVE-2015-5324
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5323 (Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict ...)
+CVE-2015-5323
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5322 (Directory traversal vulnerability in Jenkins before 1.638 and LTS ...)
+CVE-2015-5322
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5321 (The sidepanel widgets in the CLI command overview and help pages in ...)
+CVE-2015-5321
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5320 (Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the ...)
+CVE-2015-5320
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5319 (XML external entity (XXE) vulnerability in the create-job CLI command ...)
+CVE-2015-5319
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5318 (Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible ...)
+CVE-2015-5318
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5317 (The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 ...)
+CVE-2015-5317
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5316 (The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in ...)
+CVE-2015-5316
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804710)
 	[wheezy] - wpa <not-affected> (v2.3-v2.5 with CONFIG_EAP_PWD=y)
@@ -11528,7 +11528,7 @@ CVE-2015-5316 (The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd
 	NOTE: http://w1.fi/security/2015-8/
 	NOTE: https://w1.fi/security/2015-8/eap-pwd-unexpected-confirm.txt
 	NOTE: https://w1.fi/security/2015-8/0001-EAP-pwd-peer-Fix-error-path-for-unexpected-Confirm-m.patch
-CVE-2015-5315 (The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant ...)
+CVE-2015-5315
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804708)
 	[wheezy] - wpa <not-affected> (v2.0-v2.5 with CONFIG_EAP_PWD=y)
@@ -11537,7 +11537,7 @@ CVE-2015-5315 (The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplic
 	NOTE: http://w1.fi/security/2015-7/
 	NOTE: https://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
 	NOTE: https://w1.fi/security/2015-7/0001-EAP-pwd-peer-Fix-last-fragment-length-validation.patch
-CVE-2015-5314 (The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd ...)
+CVE-2015-5314
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804708)
 	[wheezy] - wpa <not-affected> (v2.0-v2.5 with CONFIG_EAP_PWD=y)
@@ -11546,7 +11546,7 @@ CVE-2015-5314 (The eap_pwd_process function in eap_server/eap_server_pwd.c in ho
 	NOTE: http://w1.fi/security/2015-7/
 	NOTE: https://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
 	NOTE: https://w1.fi/security/2015-7/0001-EAP-pwd-server-Fix-last-fragment-length-validation.patch
-CVE-2015-5313 (Directory traversal vulnerability in the ...)
+CVE-2015-5313
 	- libvirt 1.3.0-1 (bug #808273)
 	[jessie] - libvirt 1.2.9-9+deb8u2
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -11554,19 +11554,19 @@ CVE-2015-5313 (Directory traversal vulnerability in the ...)
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=034e47c338b13a95cf02106a3af912c1c5f818d7
 	NOTE: Broken by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=c930410bebae0a45889b992a7932c663b06cbbcd (v1.1.0-rc1)
 	NOTE: http://security.libvirt.org/2015/0004.html
-CVE-2015-5312 (The xmlStringLenDecodeEntities function in parser.c in libxml2 before ...)
+CVE-2015-5312
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756733 (upstream bug not yet open)
-CVE-2015-5311 (PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows ...)
+CVE-2015-5311
 	- pdns 3.4.7-1
 	[jessie] - pdns <not-affected> (Only 3.4.4 and later affected)
 	[wheezy] - pdns <not-affected> (Only 3.4.4 and later affected)
 	[squeeze] - pdns <not-affected> (Only 3.4.4 and later affected)
 	- pdns-recursor <not-affected> (recursor not affected)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/09/3
-CVE-2015-5310 (The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not ...)
+CVE-2015-5310
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804707)
 	[wheezy] - wpa <not-affected> (v2.0-v2.5 with CONFIG_WNM=y)
@@ -11575,14 +11575,14 @@ CVE-2015-5310 (The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not
 	NOTE: http://w1.fi/security/2015-6/
 	NOTE: https://w1.fi/security/2015-6/0001-WNM-Ignore-Key-Data-in-WNM-Sleep-Mode-Response-frame.patch
 	NOTE: https://w1.fi/security/2015-6/wpa_supplicant-unauthorized-wnm-sleep-mode-gtk-control.txt
-CVE-2015-5309 (Integer overflow in the terminal emulator in PuTTY before 0.66 allows ...)
+CVE-2015-5309
 	{DSA-3409-1 DLA-347-1}
 	- putty 0.66-1
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
 	NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=6056396f77cafc7e40da4d09f1d6212408dcb065
-CVE-2015-5308 (Multiple SQL injection vulnerabilities in cs_admin_users.php in the ...)
+CVE-2015-5308
 	NOT-FOR-US: wp-championship plugin for WordPress
-CVE-2015-5307 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
+CVE-2015-5307
 	{DSA-3454-1 DSA-3414-1 DSA-3396-1 DLA-479-1}
 	- linux 4.2.6-1
 	- linux-2.6 <removed>
@@ -11593,26 +11593,26 @@ CVE-2015-5307 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.
 	- virtualbox 5.0.10-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2015-5306 (OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), ...)
+CVE-2015-5306
 	- ironic-inspector 3.2.0-1
 	NOTE: https://bugs.launchpad.net/ironic-inspector/+bug/1506419
-CVE-2015-5305 (Directory traversal vulnerability in Kubernetes, as used in Red Hat ...)
+CVE-2015-5305
 	- kubernetes <not-affected> (Fixed before the initial release in Debian, 1.2.0)
 	NOTE: https://github.com/kubernetes/kubernetes/pull/15975
-CVE-2015-5304 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does ...)
+CVE-2015-5304
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
-CVE-2015-5303 (The TripleO Heat templates (tripleo-heat-templates), when deployed via ...)
+CVE-2015-5303
 	- tripleo-heat-templates 5.2.0-1 (bug #851396)
-CVE-2015-5302 (libreport 2.0.7 before 2.6.3 only saves changes to the first file when ...)
+CVE-2015-5302
 	NOT-FOR-US: abrt/libreport
-CVE-2015-5301 (providers/saml2/admin.py in the Identity Provider (IdP) server in ...)
+CVE-2015-5301
 	- ipsilon <itp> (bug #826838)
-CVE-2015-5300 (The panic_gate check in NTP before 4.2.8p5 is only re-enabled after ...)
+CVE-2015-5300
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-2
 	NOTE: https://www.cs.bu.edu/~goldbe/NTPattack.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1271076
-CVE-2015-5299 (The shadow_copy2_get_shadow_copy_data function in ...)
+CVE-2015-5299
 	{DSA-3433-1 DLA-379-1}
 	- samba 2:4.1.22+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5299.html
@@ -11626,19 +11626,19 @@ CVE-2015-5297 [general_composite_rect() integer overflow]
 	- pixman 0.33.4-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=92027
 	NOTE: Patch: https://cgit.freedesktop.org/pixman/patch/?id=204fcd24d9b7e3988b7496e723014f327828751a
-CVE-2015-5296 (Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before ...)
+CVE-2015-5296
 	{DSA-3433-1 DLA-379-1}
 	- samba 2:4.1.22+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5296.html
-CVE-2015-5295 (The template-validate command in OpenStack Orchestration API (Heat) ...)
+CVE-2015-5295
 	- heat 1:6.0.0~rc3-1
 	[jessie] - heat <no-dsa> (Minor issue)
 	NOTE: Affects: <=2015.1.2, ==5.0.0
 CVE-2015-5294
 	REJECTED
-CVE-2015-5293 (Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid ...)
+CVE-2015-5293
 	NOT-FOR-US: RHEV
-CVE-2015-5292 (Memory leak in the Privilege Attribute Certificate (PAC) responder ...)
+CVE-2015-5292
 	- sssd 1.13.1-1
 	[jessie] - sssd <no-dsa> (Minor issue; responder not built)
 	NOTE: binary package has the sssd_pac_plugin.so but the responder
@@ -11647,7 +11647,7 @@ CVE-2015-5292 (Memory leak in the Privilege Attribute Certificate (PAC) responde
 	[squeeze] - sssd <not-affected> (vulnerable code not present)
 	NOTE: https://fedorahosted.org/sssd/ticket/2803
 	NOTE: https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch
-CVE-2015-5291 (Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed ...)
+CVE-2015-5291
 	{DSA-3468-1 DLA-331-1}
 	- mbedtls <not-affected> (Fixed before the initial release to Debian)
 	[experimental] - polarssl 1.3.14-0.1
@@ -11663,12 +11663,12 @@ CVE-2015-5290 [Remote denial of service using MONITOR command]
 	[wheezy] - ircd-ratbox <no-dsa> (Minor issue)
 	[squeeze] - ircd-ratbox <no-dsa> (Slow leak; workaround is available)
 	NOTE: http://elemental-ircd.com/security/e50b0d59-f3c5-4472-a3cd-e2e07731417c/
-CVE-2015-5289 (Multiple stack-based buffer overflows in json parsing in PostgreSQL ...)
+CVE-2015-5289
 	{DSA-3374-1}
 	- postgresql-9.4 9.4.5-1
 	- postgresql-9.1 <not-affected> (no json datatype)
 	- postgresql-8.4 <not-affected> (no json datatype)
-CVE-2015-5288 (The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, ...)
+CVE-2015-5288
 	{DSA-3475-1 DSA-3374-1 DLA-329-1}
 	- postgresql-9.4 9.4.5-1
 	- postgresql-9.1 <removed>
@@ -11676,35 +11676,35 @@ CVE-2015-5288 (The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream)
 	[squeeze] - postgresql-8.4 <no-dsa> (minor issue)
-CVE-2015-5287 (The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before ...)
+CVE-2015-5287
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-5286 (OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x ...)
+CVE-2015-5286
 	- glance 1:11.0.0-1 (bug #800741)
 	[jessie] - glance <not-affected> (Vulnerable code not present)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: jessie: According to confirmation via upstream the fix for CVE-2014-9623
 	NOTE: was complete here so CVE-2015-5286 not affecting jessie.
 	NOTE: <=2014.2.3, >=2015.1.0, <=2015.1.1
-CVE-2015-5285 (CRLF injection vulnerability in Kallithea before 0.3 allows remote ...)
+CVE-2015-5285
 	- kallithea <itp> (bug #689573)
-CVE-2015-5284 (ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate ...)
+CVE-2015-5284
 	- freeipa <not-affected> (Introduced in 4.2)
 	NOTE: https://fedorahosted.org/freeipa/ticket/5347
 	NOTE: Upstream commit: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=55a66ccba3e2181a50e7733b7476991975b7455f
-CVE-2015-5283 (The sctp_init function in net/sctp/protocol.c in the Linux kernel ...)
+CVE-2015-5283
 	- linux 4.2.1-2
 	[jessie] - linux 3.16.7-ckt11-1+deb8u5
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4 (v4.3-rc3)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4db67e808640e3934d82ce61ee8e2e89fd877ba8 (v3.7-rc1)
-CVE-2015-5282 (Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after. ...)
+CVE-2015-5282
 	- foreman <itp> (bug #663101)
-CVE-2015-5281 (The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) ...)
+CVE-2015-5281
 	- grub2 <not-affected> (SecureBoot not yet supported)
 CVE-2015-5280
 	REJECTED
-CVE-2015-5279 (Heap-based buffer overflow in the ne2000_receive function in ...)
+CVE-2015-5279
 	{DSA-3362-1 DSA-3361-1}
 	- qemu 1:2.4+dfsg-3 (bug #799074)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -11720,13 +11720,13 @@ CVE-2015-5278 [net: avoid infinite loop when receiving packets]
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Fix: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03985.html
 	NOTE: Possibly introduced around http://git.qemu.org/?p=qemu.git;a=commitdiff;h=0ae045ae439ad83692ad039a554f7d62acf9de5c (v0.9.1)
-CVE-2015-5277 (The get_contents function in nss_files/files-XXX.c in the Name Service ...)
+CVE-2015-5277
 	- glibc 2.21-1 (bug #799966)
 	[jessie] - glibc 2.19-18+deb8u2
 	- eglibc <removed>
 	[wheezy] - eglibc <not-affected> (Vulnerable code not present)
 	[squeeze] - eglibc <not-affected> (Vulnerable code not present)
-CVE-2015-5276 (The std::random_device class in libstdc++ in the GNU Compiler ...)
+CVE-2015-5276
 	- gcc-5 5.3.0-1
 	- gcc-4.9 4.9.3-5
 	[jessie] - gcc-4.9 <no-dsa> (Minor issue)
@@ -11734,48 +11734,48 @@ CVE-2015-5276 (The std::random_device class in libstdc++ in the GNU Compiler ...
 	NOTE: Upstream commit: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=227687
 CVE-2015-5275
 	REJECTED
-CVE-2015-5274 (rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows ...)
+CVE-2015-5274
 	NOT-FOR-US: OpenShift
-CVE-2015-5273 (The abrt-action-install-debuginfo-to-abrt-cache help program in ...)
+CVE-2015-5273
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-5272 (The Forum module in Moodle 2.7.x before 2.7.10 allows remote ...)
+CVE-2015-5272
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576
-CVE-2015-5271 (The TripleO Heat templates (tripleo-heat-templates) do not properly ...)
+CVE-2015-5271
 	- tripleo-heat-templates <not-affected> (Vulnerability introduced later)
 	NOTE: Fixed by: https://github.com/openstack/tripleo-heat-templates/commit/1730d95acdbee7c7bbcfe1eba8a48ef2b0cc1476
 	NOTE: Introduced by: https://github.com/openstack/tripleo-heat-templates/commit/65d64b6a52366f36955e5e48a29f4ef0ca2ff973 (0.8.2) [Puppet: Swift Overcloud Proxy/Storage support]
 	NOTE: https://bugs.launchpad.net/tripleo/+bug/1494896
 CVE-2015-5270
 	REJECTED
-CVE-2015-5269 (Cross-site scripting (XSS) vulnerability in group/overview.php in ...)
+CVE-2015-5269
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709
-CVE-2015-5268 (The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, ...)
+CVE-2015-5268
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173
-CVE-2015-5267 (lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x ...)
+CVE-2015-5267
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860
-CVE-2015-5266 (The enrol_meta_sync function in enrol/meta/locallib.php in Moodle ...)
+CVE-2015-5266
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50744
-CVE-2015-5265 (The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, ...)
+CVE-2015-5265
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48371
-CVE-2015-5264 (The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x ...)
+CVE-2015-5264
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516
-CVE-2015-5263 (pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's ...)
+CVE-2015-5263
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2015-5262 (http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents ...)
+CVE-2015-5262
 	{DLA-322-1}
 	- httpcomponents-client 4.3.6-1 (low)
 	[jessie] - httpcomponents-client <no-dsa> (Minor issue)
@@ -11789,30 +11789,30 @@ CVE-2015-5262 (http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpCompo
 	NOTE: Proposed patch for commons-httpclient: https://bugzilla.redhat.com/show_bug.cgi?id=1259892
 	NOTE: Checked that both 4.0.1 (in Squeeze) and 4.1.1 (in Wheezy) have the call to set the timout before the SSL connection is opened.
 	NOTE: Jessie's 4.3.5-2 is however missing the upstream patch: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.3.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java?r1=1560975&r2=1626784
-CVE-2015-5261 (Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS ...)
+CVE-2015-5261
 	{DSA-3371-1}
 	- spice 0.12.5-1.3 (bug #801091)
-CVE-2015-5260 (Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS ...)
+CVE-2015-5260
 	{DSA-3371-1}
 	- spice 0.12.5-1.3 (bug #801089)
-CVE-2015-5259 (Integer overflow in the read_string function in ...)
+CVE-2015-5259
 	- subversion 1.9.3-1
 	[jessie] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
 	[wheezy] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
 	[squeeze] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
 	NOTE: https://subversion.apache.org/security/CVE-2015-5259-advisory.txt
-CVE-2015-5258 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-5258
 	NOT-FOR-US: springframework-social
-CVE-2015-5257 (drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows ...)
+CVE-2015-5257
 	{DSA-3372-1 DLA-325-1}
 	- linux 4.2.1-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbb4be652d374f64661137756b8f357a1827d6a4 (v4.3-rc3)
-CVE-2015-5256 (Apache Cordova-Android before 4.1.0, when an application relies on a ...)
+CVE-2015-5256
 	NOT-FOR-US: Apache Cordova
-CVE-2015-5255 (Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before ...)
+CVE-2015-5255
 	NOT-FOR-US: Adobe
-CVE-2015-5254 (Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that ...)
+CVE-2015-5254
 	{DSA-3524-1}
 	- activemq 5.13.2+dfsg-1 (bug #809733)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
@@ -11820,24 +11820,24 @@ CVE-2015-5254 (Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes t
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=73a0caf758f9e4916783a205c7e422b4db27905c (5.11.x)
 	NOTE: Patch applied to Fedora (5.6.0 based version): http://pkgs.fedoraproject.org/cgit/activemq.git/diff/activemq-5.6.0-CVE-2015-5254.patch?id=e3ef8a1b62d10273a814090be9168aa3019ace72
 	NOTE: https://issues.apache.org/jira/browse/AMQ-6013
-CVE-2015-5253 (The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before ...)
+CVE-2015-5253
 	NOT-FOR-US: Apache CXF
-CVE-2015-5252 (vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, ...)
+CVE-2015-5252
 	{DSA-3433-1 DLA-379-1}
 	- samba 2:4.1.22+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5252.html
-CVE-2015-5251 (OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x ...)
+CVE-2015-5251
 	- glance 1:11.0.0-1 (bug #799931)
 	[jessie] - glance 2014.1.3-12+deb8u1
 	[wheezy] - glance <no-dsa> (Minor issue)
 	NOTE: <=2014.2.3, >=2015.1.0, <=2015.1.1
-CVE-2015-5250 (The API server in OpenShift Origin 1.0.5 allows remote attackers to ...)
+CVE-2015-5250
 	NOT-FOR-US: OpenShift
 CVE-2015-5249
 	REJECTED
-CVE-2015-5248 (Reflected file download vulnerability in Red Hat Feedhenry Enterprise ...)
+CVE-2015-5248
 	NOT-FOR-US: Red Hat Mobile
-CVE-2015-5247 (The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows ...)
+CVE-2015-5247
 	- libvirt 1.2.20-1 (bug #799132)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -11845,27 +11845,27 @@ CVE-2015-5247 (The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 a
 	NOTE: http://security.libvirt.org/2015/0003.html
 	NOTE: Broken by https://libvirt.org/git/?p=libvirt.git;a=commit;h=155ca616eb231181f6978efc9e3a1eb0eb60af8a (v1.2.14-rc1)
 	NOTE: and by https://libvirt.org/git/?p=libvirt.git;a=commit;h=7c2d65dde2595c07d56aad1e043f7b1836592d89 (v1.2.16-rc1)
-CVE-2015-5246 (The LDAP Authentication functionality in Foreman might allow remote ...)
+CVE-2015-5246
 	- foreman <itp> (bug #663101)
-CVE-2015-5245 (CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw ...)
+CVE-2015-5245
 	[experimental] - ceph 0.94.3-1
 	- ceph 0.80.10-1 (bug #798567)
 	[jessie] - ceph 0.80.7-2+deb8u1
 	NOTE: http://tracker.ceph.com/issues/12537
 	NOTE: https://github.com/ceph/ceph/pull/5430
-CVE-2015-5244 (The NSSCipherSuite option with ciphersuites enabled in mod_nss before ...)
+CVE-2015-5244
 	- libapache2-mod-nss 1.0.12-1 (bug #799464)
 	[jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	[wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	NOTE: Introduced in https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.0.11)
 	NOTE: Fixed by https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=34e1ccecb4a7d5054dba2f92b403af9b6ae1e110 (1.0.12)
-CVE-2015-5243 (phpWhois allows remote attackers to execute arbitrary code via a ...)
+CVE-2015-5243
 	NOT-FOR-US: phpWhois
-CVE-2015-5242 (OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict ...)
+CVE-2015-5242
 	NOT-FOR-US: swiftonfile
-CVE-2015-5241 (After logging into the portal, the logout jsp page redirects the ...)
+CVE-2015-5241
 	NOT-FOR-US: Apache jUDDI
-CVE-2015-5240 (Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before ...)
+CVE-2015-5240
 	- neutron 1:7.0.0-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: versions through 2014.2.3 and 2015.1 versions through 2015.1.1
@@ -11879,25 +11879,25 @@ CVE-2015-5239 [Integer overflow in vnc_client_read() and protocol_client_msg()]
 	NOTE: Upstream fix: http://git.qemu.org/?p=qemu.git;a=commit;h=f9a70e79391f6d7c2a912d785239ee8effc1922d (v2.1.0-rc0)
 CVE-2015-5238
 	RESERVED
-CVE-2015-5237 (protobuf allows remote authenticated attackers to cause a heap-based ...)
+CVE-2015-5237
 	- protobuf <unfixed> (unimportant)
 	NOTE: https://github.com/google/protobuf/issues/760
 	NOTE: Upstream doesn't consider this a real issue in practice.
 CVE-2015-5236
 	RESERVED
-CVE-2015-5235 (IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly ...)
+CVE-2015-5235
 	- icedtea-web 1.6.1-1 (bug #798467)
 	[jessie] - icedtea-web 1.5.3-1
 	[wheezy] - icedtea-web <no-dsa> (Minor issue)
-CVE-2015-5234 (IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly ...)
+CVE-2015-5234
 	- icedtea-web 1.6.1-1 (bug #798467)
 	[jessie] - icedtea-web 1.5.3-1
 	[wheezy] - icedtea-web <no-dsa> (Minor issue)
-CVE-2015-5233 (Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply ...)
+CVE-2015-5233
 	- foreman <itp> (bug #663101)
-CVE-2015-5232 (Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before ...)
+CVE-2015-5232
 	NOT-FOR-US: OPA Fabric Manager and OPA tools and Fast Fabric
-CVE-2015-5231 (The service daemon in CRIU does not properly restrict access to ...)
+CVE-2015-5231
 	- criu 1.8-2 (bug #797110)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1256728
 CVE-2015-5230
@@ -11907,17 +11907,17 @@ CVE-2015-5230
 	[wheezy] - pdns <not-affected> (Only affects 3.4.0-3.4.5)
 	[squeeze] - pdns <not-affected> (Only affects 3.4.0-3.4.5)
 	NOTE: https://downloads.powerdns.com/patches/2015-02/
-CVE-2015-5229 (The calloc function in the glibc package in Red Hat Enterprise Linux ...)
+CVE-2015-5229
 	- glibc <not-affected> (RHEL-specific backport)
 	- eglibc <not-affected> (RHEL-specific backport)
-CVE-2015-5228 (The service daemon in CRIU creates log and dump files insecurely, ...)
+CVE-2015-5228
 	- criu 1.8-2 (bug #797111)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1255782
-CVE-2015-5227 (The Landing Pages plugin before 1.9.2 for WordPress allows remote ...)
+CVE-2015-5227
 	NOT-FOR-US: Landing Pages plugin for WordPress
 CVE-2015-5226
 	REJECTED
-CVE-2015-5225 (Buffer overflow in the vnc_refresh_server_surface function in the VNC ...)
+CVE-2015-5225
 	{DSA-3348-1}
 	- qemu 1:2.4+dfsg-1a (bug #796465)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in 2.1.0)
@@ -11925,37 +11925,37 @@ CVE-2015-5225 (Buffer overflow in the vnc_refresh_server_surface function in the
 	- qemu-kvm <not-affected> (Vulnerable code introduced in 2.1.0)
 	NOTE: Fix: https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=bea60dd7679364493a0d7f5b (v2.1.0-rc0)
-CVE-2015-5224 (The mkostemp function in login-utils in util-linux when used ...)
+CVE-2015-5224
 	[experimental] - util-linux 2.27~rc2-2
 	- util-linux 2.27-1 (unimportant)
 	NOTE: chfn/chsh not built in util-linux in Debian (--disable-chfn-chsh)
 	NOTE: https://github.com/karelzak/util-linux/commit/bde91c85bdc77975155058276f99d2e0f5eab5a9 (v2.27-rc2)
-CVE-2015-5223 (OpenStack Object Storage (Swift) before 2.4.0 allows attackers to ...)
+CVE-2015-5223
 	- swift 2.4.0-1 (bug #797032)
 	[jessie] - swift 2.2.0-1+deb8u1
 	[wheezy] - swift <no-dsa> (Minor issue)
-CVE-2015-5222 (Red Hat OpenShift Enterprise 3.0.0.0 does not properly check ...)
+CVE-2015-5222
 	NOT-FOR-US: OpenShift
-CVE-2015-5221 (Use-after-free vulnerability in the mif_process_cmpt function in ...)
+CVE-2015-5221
 	{DLA-1583-1}
 	- jasper <removed> (bug #796253)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	[squeeze] - jasper <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/20/4
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/df5d2867e8004e51e18b89865bc4aa69229227b3
-CVE-2015-5220 (The Web Console in Red Hat Enterprise Application Platform (EAP) ...)
+CVE-2015-5220
 	NOT-FOR-US: JBoss EAP
-CVE-2015-5219 (The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not ...)
+CVE-2015-5219
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	[squeeze] - ntp <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8
-CVE-2015-5218 (Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before ...)
+CVE-2015-5218
 	- util-linux 2.27-1 (unimportant; bug #798067)
 	NOTE: https://www.spinics.net/lists/util-linux-ng/msg11873.html
-CVE-2015-5217 (providers/saml2/admin.py in the Identity Provider (IdP) server in ...)
+CVE-2015-5217
 	- ipsilon <itp> (bug #826838)
 CVE-2015-5216
 	RESERVED
@@ -11963,19 +11963,19 @@ CVE-2015-5216
 CVE-2015-5215
 	RESERVED
 	- ipsilon <itp> (bug #826838)
-CVE-2015-5214 (LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice ...)
+CVE-2015-5214
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc2-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
-CVE-2015-5213 (Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice ...)
+CVE-2015-5213
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
-CVE-2015-5212 (Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice ...)
+CVE-2015-5212
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
-CVE-2015-5211 (Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to ...)
+CVE-2015-5211
 	- libspring-java 4.1.9-1
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
@@ -11984,45 +11984,45 @@ CVE-2015-5211 (Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0
 	NOTE: https://github.com/spring-projects/spring-framework/commit/a95c3d
 	NOTE: https://github.com/spring-projects/spring-framework/commit/03f547
 	NOTE: https://pivotal.io/security/cve-2015-5211
-CVE-2015-5210 (Open redirect vulnerability in Apache Ambari before 2.1.2 allows ...)
+CVE-2015-5210
 	NOT-FOR-US: Apache Ambari
-CVE-2015-5209 (Apache Struts 2.x before 2.3.24.1 allows remote attackers to ...)
+CVE-2015-5209
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <not-affected> (Only affects versions >= 2.x)
 	NOTE: https://struts.apache.org/docs/s2-026.html
-CVE-2015-5208 (Apache Cordova iOS before 4.0.0 allows remote attackers to execute ...)
+CVE-2015-5208
 	NOT-FOR-US: Apache Cordova
-CVE-2015-5207 (Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL ...)
+CVE-2015-5207
 	NOT-FOR-US: Apache Cordova
-CVE-2015-5206 (Unspecified vulnerability in the HTTP/2 experimental feature in Apache ...)
+CVE-2015-5206
 	- trafficserver 6.0.0-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 CVE-2015-5205
 	REJECTED
-CVE-2015-5204 (CRLF injection vulnerability in the Apache Cordova File Transfer ...)
+CVE-2015-5204
 	NOT-FOR-US: Apache Cordova Android File Transfer Plugin
-CVE-2015-5203 (Double free vulnerability in the jasper_image_stop_load function in ...)
+CVE-2015-5203
 	{DLA-1583-1}
 	- jasper <removed> (bug #796107)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	[squeeze] - jasper <no-dsa> (Minor issue)
 	NOTE: Analysis/More information/Fixing commits: https://bugzilla.redhat.com/show_bug.cgi?id=1254242#c11
-CVE-2015-5202 (Red Hat Satellite 6 allows remote authenticated users with privileged ...)
+CVE-2015-5202
 	NOT-FOR-US: Satellite6
 CVE-2015-5201
 	RESERVED
 	NOT-FOR-US: Red Hat vdms
-CVE-2015-5200 (The trace functionality in libvdpau before 1.1.1, when used in a ...)
+CVE-2015-5200
 	{DSA-3355-1 DLA-306-1}
 	- libvdpau 1.1.1-1 (bug #797895)
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-August/002630.html
 	NOTE: http://cgit.freedesktop.org/~aplattner/libvdpau/commit/?id=d1f9c16b1a8187110e501c9116d21ffee25c0ba4
-CVE-2015-5199 (Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 ...)
+CVE-2015-5199
 	{DSA-3355-1 DLA-306-1}
 	- libvdpau 1.1.1-1 (bug #797895)
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-August/002630.html
 	NOTE: http://cgit.freedesktop.org/~aplattner/libvdpau/commit/?id=d1f9c16b1a8187110e501c9116d21ffee25c0ba4
-CVE-2015-5198 (libvdpau before 1.1.1, when used in a setuid or setgid application, ...)
+CVE-2015-5198
 	{DSA-3355-1 DLA-306-1}
 	- libvdpau 1.1.1-1 (bug #797895)
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-August/002630.html
@@ -12031,14 +12031,14 @@ CVE-2015-5197
 	REJECTED
 CVE-2015-5196
 	REJECTED
-CVE-2015-5195 (ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers ...)
+CVE-2015-5195
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	[squeeze] - ntp <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be
-CVE-2015-5194 (The log_config_command function in ntp_parser.y in ntpd in NTP before ...)
+CVE-2015-5194
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -12050,7 +12050,7 @@ CVE-2015-5193
 	REJECTED
 CVE-2015-5192
 	REJECTED
-CVE-2015-5191 (VMware Tools prior to 10.0.9 contains multiple file system races in ...)
+CVE-2015-5191
 	- open-vm-tools 2:10.1.5-5055683-5 (low; bug #869633)
 	[stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u1
 	[jessie] - open-vm-tools <not-affected> (Vulnerable code not present)
@@ -12058,32 +12058,32 @@ CVE-2015-5191 (VMware Tools prior to 10.0.9 contains multiple file system races
 	NOTE: 9.10.x: https://github.com/vmware/open-vm-tools/commit/c1304ce8bfd9c0c33999e496bf7049d5c3d45821
 	NOTE: 10.0.x: https://github.com/vmware/open-vm-tools/commit/b3068b04880eda4ca3e13f2d34fb8ce336ad1a4f
 	NOTE: 10.1.x: https://github.com/vmware/open-vm-tools/commit/22e58289f71232310d30cf162b83b5151a937bac
-CVE-2015-5190 (The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated ...)
+CVE-2015-5190
 	- pcs <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/feist/pcs/commit/634f6d93e4091946441f366e29859ed64a2c977a (0.9.144)
-CVE-2015-5189 (Race condition in pcsd in PCS 0.9.139 and earlier uses a global ...)
+CVE-2015-5189
 	- pcs <not-affected> (Fixed before the initial release in Debian)
 	NOTE: Patch in Fedora: http://pkgs.fedoraproject.org/cgit/rpms/pcs.git/plain/fixed-session-and-cookies-processing.patch?h=f22&id=c4b5ad398cb011cdf31374d37943b6593411ae65
 	NOTE: Patch in CentOS 7 corresponding to RHSA-2015:1700: https://git.centos.org/blob/rpms!pcs/bafb6400d552c4d9e9cb46ddbe523e8f47e0de63/SOURCES!bz1253289-fixed-session-and-cookies-processing.patch
-CVE-2015-5188 (Cross-site request forgery (CSRF) vulnerability in the Web Console ...)
+CVE-2015-5188
 	NOT-FOR-US: JBoss EAP
-CVE-2015-5187 (Candlepin allows remote attackers to obtain sensitive information by ...)
+CVE-2015-5187
 	NOT-FOR-US: candlepin / subscription-manager
-CVE-2015-5186 (Audit before 2.4.4 in Linux does not sanitize escape characters in ...)
+CVE-2015-5186
 	- audit 1:2.4.4-1 (unimportant; bug #795457)
 	NOTE: Hardening, not a vulnerability. This is treated as a vulnerability in terminal emulators
 	NOTE: https://fedorahosted.org/audit/changeset/1122
-CVE-2015-5185 (The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and ...)
+CVE-2015-5185
 	- sblim-sfcb <itp> (bug #754493)
-CVE-2015-5184 (The Hawtio console in A-MQ allows remote attackers to obtain sensitive ...)
+CVE-2015-5184
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5183 (The Hawtio console in A-MQ does not set HTTPOnly or Secure attributes ...)
+CVE-2015-5183
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5182 (Cross-site request forgery (CSRF) vulnerability in the jolokia API in ...)
+CVE-2015-5182
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5181 (The JBoss console in A-MQ allows remote attackers to execute arbitrary ...)
+CVE-2015-5181
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5180 (res_query in libresolv in glibc before 2.25 allows remote attackers to ...)
+CVE-2015-5180
 	- glibc 2.24-9 (low; bug #796106)
 	[jessie] - glibc <no-dsa> (Minor issue, too intrusive to backport)
 	- eglibc <removed> (low)
@@ -12091,43 +12091,43 @@ CVE-2015-5180 (res_query in libresolv in glibc before 2.25 allows remote attacke
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18784
 	NOTE: Originally proposed for jessie 8.8, but breaks the NSS ABI so was retracted
-CVE-2015-5179 (FreeIPA might display user data improperly via vectors involving ...)
+CVE-2015-5179
 	- freeipa <unfixed> (unimportant; bug #795399)
 	NOTE: https://fedorahosted.org/freeipa/ticket/5153
 	NOTE: Negligible security impact
-CVE-2015-5178 (The Management Console in Red Hat Enterprise Application Platform ...)
+CVE-2015-5178
 	NOT-FOR-US: JBoss EAP
-CVE-2015-5177 (Double free vulnerability in the SLPDKnownDAAdd function in ...)
+CVE-2015-5177
 	{DSA-3353-1 DLA-304-1}
 	- openslp-dfsg 1.2.1-11 (bug #795429)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5177
-CVE-2015-5176 (The PortletRequestDispatcher in PortletBridge, as used in Red Hat ...)
+CVE-2015-5176
 	NOT-FOR-US: PortletBridge component in JBoss Portal
-CVE-2015-5175 (Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before ...)
+CVE-2015-5175
 	NOT-FOR-US: Apache CXF Fediz
-CVE-2015-5174 (Directory traversal vulnerability in RequestUtil.java in Apache Tomcat ...)
+CVE-2015-5174
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat8 8.0.28-1
 	- tomcat7 7.0.68-1
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.65, 8.0.27
-CVE-2015-5173 (Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and ...)
+CVE-2015-5173
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5172 (Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and ...)
+CVE-2015-5172
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5171 (The password change functionality in Cloud Foundry Runtime cf-release ...)
+CVE-2015-5171
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5170 (Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and ...)
+CVE-2015-5170
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5169 (Cross-site scripting (XSS) vulnerability in Apache Struts before ...)
+CVE-2015-5169
 	- libstruts1.2-java <not-affected> (Affects 2.0.0 - 2.3.16.3)
-CVE-2015-5168 (Unspecified vulnerability in the HTTP/2 experimental feature in Apache ...)
+CVE-2015-5168
 	- trafficserver 6.0.0-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
-CVE-2015-5167 (The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote ...)
+CVE-2015-5167
 	NOT-FOR-US: Apache Ranger
-CVE-2015-5166 (Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ...)
+CVE-2015-5166
 	- qemu 1:2.4+dfsg-1a (bug #794611)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -12141,7 +12141,7 @@ CVE-2015-5166 (Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier doe
 	NOTE: BlockDriverState converted to BlockBackend in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4be746345f13e99e468c60acbd3a355e8183e3ce (v2.2.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=6cd387833d05e8ad31829d97e474dc420625aed9 (v2.4.0-rc4)
 	NOTE: http://xenbits.xen.org/xsa/advisory-139.html
-CVE-2015-5165 (The C+ mode offload emulation in the RTL8139 network card device model ...)
+CVE-2015-5165
 	{DSA-3349-1 DSA-3348-1 DLA-479-1}
 	- qemu 1:2.4+dfsg-1a (bug #794610)
 	[wheezy] - qemu 1.1.2+dfsg-6a+deb7u9
@@ -12160,13 +12160,13 @@ CVE-2015-5165 (The C+ mode offload emulation in the RTL8139 network card device
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=c6296ea88df040054ccd781f3945fe103f8c7c17
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4240be45632db7831129f124bcf53c1223825b0f
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=8357946b15f0a31f73dd691b7da95f29318ed310
-CVE-2015-5164 (The Qpid server on Red Hat Satellite 6 does not properly restrict ...)
+CVE-2015-5164
 	NOT-FOR-US: Qpid server on Satellite6
-CVE-2015-5163 (The import task action in OpenStack Image Service (Glance) 2015.1.x ...)
+CVE-2015-5163
 	- glance 2015.1.0-4 (bug #795453)
 	[jessie] - glance <not-affected> (Affects Glance 2015.1 versions trough 2015.1.1)
 	[wheezy] - glance <not-affected> (Affects Glance 2015.1 versions trough 2015.1.1)
-CVE-2015-5162 (The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; ...)
+CVE-2015-5162
 	- cinder 2:8.0.0-1
 	[jessie] - cinder <no-dsa> (Minor issue)
 	- glance 2:12.0.0-1 (low)
@@ -12176,13 +12176,13 @@ CVE-2015-5162 (The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: Patches: http://www.openwall.com/lists/oss-security/2016/10/06/8
-CVE-2015-5161 (The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework ...)
+CVE-2015-5161
 	{DSA-3340-1 DLA-302-1}
 	- zendframework 1.12.14+dfsg-1
 	- php-zend-xml 1.0.1-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-06
 	NOTE: Root issue already fixed in PHP 5.6.6, so this one is not relevant starting with Jessie
-CVE-2015-5160 (libvirt before 2.2 includes Ceph credentials on the qemu command line ...)
+CVE-2015-5160
 	- libvirt 2.2.0-1 (low; bug #796111)
 	[jessie] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU)
 	[wheezy] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU)
@@ -12193,9 +12193,9 @@ CVE-2015-5160 (libvirt before 2.2 includes Ceph credentials on the qemu command
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1182074 (not yet opened)
 	NOTE: https://www.redhat.com/archives/libvir-list/2011-November/msg00853.html
 	NOTE: Needs changes in QEMU for passing passwords. Affects at least iSCSI and rbd/ceph.
-CVE-2015-5159 (python-kdcproxy before 0.3.2 allows remote attackers to cause a denial ...)
+CVE-2015-5159
 	NOT-FOR-US: kdcproxy
-CVE-2015-5158 (Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built ...)
+CVE-2015-5158
 	- qemu 1:2.4+dfsg-1a (bug #793388)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -12203,14 +12203,14 @@ CVE-2015-5158 (Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when b
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2015-07/msg04558.html
 	NOTE: Introduced in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=1894df02811f6b79ea3ffbf1084599d96f316173 (v2.2.0-rc0)
-CVE-2015-5157 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the ...)
+CVE-2015-5157
 	{DSA-3313-1}
 	- linux 4.0.8-2
 	[wheezy] - linux <not-affected> (Introduced in 3.3)
 	- linux-2.6 <not-affected> (Introduced in 3.3)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
 	NOTE: Same fix as for CVE-2015-3290.
-CVE-2015-5156 (The virtnet_probe function in drivers/net/virtio_net.c in the Linux ...)
+CVE-2015-5156
 	{DSA-3364-1 DLA-310-1}
 	- linux 4.1.5-1
 	- linux-2.6 <removed>
@@ -12220,7 +12220,7 @@ CVE-2015-5155 [Packet with crafted "nextoffset" and "extid" values causes DoS]
 	- openslp-dfsg 1.2.1-8 (bug #623551)
 	[squeeze] - openslp-dfsg 1.2.1-7.8+deb6u1
 	NOTE: duplicate of CVE-2010-3609
-CVE-2015-5154 (Heap-based buffer overflow in the IDE subsystem in QEMU, as used in ...)
+CVE-2015-5154
 	{DSA-3348-1}
 	- qemu 1:2.4+dfsg-1a (bug #793811)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced in 1.3)
@@ -12236,27 +12236,27 @@ CVE-2015-5154 (Heap-based buffer overflow in the IDE subsystem in QEMU, as used
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=cb72cba83021fa42719e73a5249c12096a4d1cfc
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=03441c3a4a42beb25460dd11592539030337d0f8
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ce560dcf20c14194db5ef3b9fc1ea592d4e68109 (v1.3.0-rc0)
-CVE-2015-5153 (Pulp does not remove permissions for named objects upon deletion, ...)
+CVE-2015-5153
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2015-5152 (Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests ...)
+CVE-2015-5152
 	- foreman <itp> (bug #663101)
-CVE-2015-5151 (Cross-site scripting (XSS) vulnerability in the Slider Revolution ...)
+CVE-2015-5151
 	NOT-FOR-US: Slider Revolution (revslider) plugin for WordPress
-CVE-2015-5150 (Multiple cross-site scripting (XSS) vulnerabilities in Zoho ...)
+CVE-2015-5150
 	NOT-FOR-US: Zoho ManageEngine SupportCenter Plus
-CVE-2015-5149 (Directory traversal vulnerability in Zoho ManageEngine SupportCenter ...)
+CVE-2015-5149
 	NOT-FOR-US: Zoho ManageEngine SupportCenter Plus
-CVE-2015-5148 (SQL injection vulnerability in LivelyCart 1.2.0 allows remote ...)
+CVE-2015-5148
 	NOT-FOR-US: LivelyCart
-CVE-2015-5145 (validators.URLValidator in Django 1.8.x before 1.8.3 allows remote ...)
+CVE-2015-5145
 	- python-django <not-affected> (Vulnerable code not present)
 	NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
-CVE-2015-5144 (Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and ...)
+CVE-2015-5144
 	{DSA-3305-1 DLA-272-1}
 	- python-django 1.7.9-1
 	NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5144 has split out patches
-CVE-2015-5143 (The session backends in Django before 1.4.21, 1.5.x through 1.6.x, ...)
+CVE-2015-5143
 	{DSA-3305-1 DLA-272-1}
 	- python-django 1.7.9-1
 	NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
@@ -12276,150 +12276,150 @@ CVE-2015-5136
 	RESERVED
 CVE-2015-5135
 	RESERVED
-CVE-2015-5134 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5134
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5133 (Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and ...)
+CVE-2015-5133
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5132 (Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and ...)
+CVE-2015-5132
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5131 (Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and ...)
+CVE-2015-5131
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5130 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5130
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5129 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on ...)
+CVE-2015-5129
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5128
 	REJECTED
-CVE-2015-5127 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+CVE-2015-5127
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5126
 	REJECTED
-CVE-2015-5125 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...)
+CVE-2015-5125
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5124 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-5124
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5123 (Use-after-free vulnerability in the BitmapData class in the ...)
+CVE-2015-5123
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5122 (Use-after-free vulnerability in the DisplayObject class in the ...)
+CVE-2015-5122
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5121 (Adobe Shockwave Player before 12.1.9.159 allows attackers to execute ...)
+CVE-2015-5121
 	NOT-FOR-US: Shockwave
-CVE-2015-5120 (Adobe Shockwave Player before 12.1.9.159 allows attackers to execute ...)
+CVE-2015-5120
 	NOT-FOR-US: Shockwave
-CVE-2015-5119 (Use-after-free vulnerability in the ByteArray class in the ...)
+CVE-2015-5119
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5118 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and ...)
+CVE-2015-5118
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5117 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-5117
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5116 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-5116
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5115 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5115
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5114 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5114
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5113 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5113
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-5112
 	REJECTED
-CVE-2015-5111 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5111
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5110 (Stack-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5110
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5109 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and ...)
+CVE-2015-5109
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5108 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and ...)
+CVE-2015-5108
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5107 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5107
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5106 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5106
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5105 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5105
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5104 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5104
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5103 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5103
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5102 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5102
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5101 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5101
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5100 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5100
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5099 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5099
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5098 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5098
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5097 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and ...)
+CVE-2015-5097
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5096 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5096
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5095 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-5095
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5094 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5094
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5093 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and ...)
+CVE-2015-5093
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5092 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5092
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5091 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5091
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5090 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5090
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5089 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5089
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5088 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5088
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5087 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5087
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5086 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5086
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5085 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-5085
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5084 (The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite ...)
+CVE-2015-5084
 	NOT-FOR-US: Siemens
 CVE-2015-5083
 	RESERVED
-CVE-2015-5082 (Endian Firewall before 3.0 allows remote attackers to execute ...)
+CVE-2015-5082
 	NOT-FOR-US: Endian Firewall
-CVE-2015-5080 (The Management Interface in Citrix NetScaler Application Delivery ...)
+CVE-2015-5080
 	NOT-FOR-US: Citrix
-CVE-2015-5079 (Directory traversal vulnerability in widgets/logs.php in BlackCat CMS ...)
+CVE-2015-5079
 	NOT-FOR-US: BlackCat CMS
-CVE-2015-5078 (SQL injection vulnerability in the insert function in ...)
+CVE-2015-5078
 	- limesurvey <itp> (bug #472802)
 CVE-2015-5077
 	RESERVED
-CVE-2015-5076 (Multiple cross-site scripting (XSS) vulnerabilities in X2Engine X2CRM ...)
+CVE-2015-5076
 	NOT-FOR-US: X2Engine
-CVE-2015-5075 (Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM ...)
+CVE-2015-5075
 	NOT-FOR-US: X2Engine
-CVE-2015-5074 (Incomplete blacklist vulnerability in the FileUploadsFilter class in ...)
+CVE-2015-5074
 	NOT-FOR-US: X2Engine
 CVE-2015-5072
 	RESERVED
 CVE-2015-5071
 	RESERVED
-CVE-2015-5146 (ntpd in ntp before 4.2.8p3 with remote configuration enabled allows ...)
+CVE-2015-5146
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	[squeeze] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
-CVE-2015-5352 (The x11_open_helper function in channels.c in ssh in OpenSSH before ...)
+CVE-2015-5352
 	{DLA-1500-1 DLA-288-1}
 	- openssh 1:6.9p1-1 (bug #790798)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/01/7
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?h=V_6_9&id=1bf477d3cdf1a864646d59820878783d42357a1d
-CVE-2015-5147 (Stack-based buffer overflow in the header_anchor function in the HTML ...)
+CVE-2015-5147
 	- ruby-redcarpet <not-affected> (Affects v3.3.0 - v3.3.1)
 	NOTE: https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/29/3
-CVE-2015-5081 (Cross-site request forgery (CSRF) vulnerability in django CMS before ...)
+CVE-2015-5081
 	- python-django-cms <itp> (bug #516183)
-CVE-2015-5073 (Heap-based buffer overflow in the find_fixedlength function in ...)
+CVE-2015-5073
 	- pcre3 2:8.35-7 (bug #790000)
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -12428,43 +12428,43 @@ CVE-2015-5073 (Heap-based buffer overflow in the find_fixedlength function in ..
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1571 (8.38)
 	NOTE: Introduced in http://vcs.pcre.org/pcre?view=revision&revision=454 (8.00)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/26/1
-CVE-2015-5068 (XML external entity (XXE) vulnerability in SAP Mobile Platform 3 ...)
+CVE-2015-5068
 	NOT-FOR-US: SAP
-CVE-2015-5067 (The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP ...)
+CVE-2015-5067
 	NOT-FOR-US: SAP
-CVE-2015-5066 (Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix ...)
+CVE-2015-5066
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-5065 (Absolute path traversal vulnerability in proxy.php in the google ...)
+CVE-2015-5065
 	NOT-FOR-US: Paypal Currency Converter Basic For WooCommerce plugin for WordPress
-CVE-2015-5064 (Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite ...)
+CVE-2015-5064
 	NOT-FOR-US: MySql Lite Administrator
-CVE-2015-5063 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
+CVE-2015-5063
 	- silverstripe <itp> (bug #528461)
-CVE-2015-5062 (Open redirect vulnerability in SilverStripe CMS &amp; Framework 3.1.13 ...)
+CVE-2015-5062
 	- silverstripe <itp> (bug #528461)
-CVE-2015-5061 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...)
+CVE-2015-5061
 	NOT-FOR-US: Zoho ManageEngine AssetExplorer
-CVE-2015-5060 (Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev. ...)
+CVE-2015-5060
 	NOT-FOR-US: anchor-cms
-CVE-2015-5058 (Memory leak in the virtual server component in F5 Big-IP LTM, AAM, ...)
+CVE-2015-5058
 	NOT-FOR-US: F5 BIG-IP
 CVE-2015-5056
 	RESERVED
 CVE-2015-5055
 	RESERVED
-CVE-2015-5054 (Open redirect vulnerability in Ellucian (formerly SunGard) Banner ...)
+CVE-2015-5054
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
-CVE-2015-5053 (The host memory mapping path feature in the NVIDIA GPU graphics driver ...)
+CVE-2015-5053
 	- nvidia-graphics-drivers 352.41-1
 	[jessie] - nvidia-graphics-drivers <not-affected> (Only affects R352 and R346 Linux branches)
 	[wheezy] - nvidia-graphics-drivers <not-affected> (Only affects R352 and R346 Linux branches)
-CVE-2015-5052 (SQL injection vulnerability in Sefrengo before 1.6.5 beta2. ...)
+CVE-2015-5052
 	NOT-FOR-US: Sefrengo
-CVE-2015-5051 (IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before ...)
+CVE-2015-5051
 	NOT-FOR-US: IBM
-CVE-2015-5050 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris ...)
+CVE-2015-5050
 	NOT-FOR-US: IBM
-CVE-2015-5049 (SQL injection vulnerability in the API in IBM OpenPages GRC Platform ...)
+CVE-2015-5049
 	NOT-FOR-US: IBM
 CVE-2015-5048
 	RESERVED
@@ -12472,27 +12472,27 @@ CVE-2015-5047
 	RESERVED
 CVE-2015-5046
 	RESERVED
-CVE-2015-5045 (The Administration and Reporting tool in IBM Rational License Key ...)
+CVE-2015-5045
 	NOT-FOR-US: IBM
-CVE-2015-5044 (The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 ...)
+CVE-2015-5044
 	NOT-FOR-US: IBM QRadar
-CVE-2015-5043 (diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, ...)
+CVE-2015-5043
 	NOT-FOR-US: IBM Security Guardium
-CVE-2015-5042 (IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, ...)
+CVE-2015-5042
 	NOT-FOR-US: IBM
-CVE-2015-5041 (The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 ...)
+CVE-2015-5041
 	NOT-FOR-US: IBM JDK
-CVE-2015-5040 (Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 ...)
+CVE-2015-5040
 	NOT-FOR-US: IBM Domino
-CVE-2015-5039 (The Remote Client and change management integrations in IBM Rational ...)
+CVE-2015-5039
 	NOT-FOR-US: IBM
-CVE-2015-5038 (IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before ...)
+CVE-2015-5038
 	NOT-FOR-US: IBM
-CVE-2015-5037 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x ...)
+CVE-2015-5037
 	NOT-FOR-US: IBM
-CVE-2015-5036 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before ...)
+CVE-2015-5036
 	NOT-FOR-US: IBM
-CVE-2015-5035 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before ...)
+CVE-2015-5035
 	NOT-FOR-US: IBM
 CVE-2015-5034
 	RESERVED
@@ -12514,81 +12514,81 @@ CVE-2015-5026
 	RESERVED
 CVE-2015-5025
 	RESERVED
-CVE-2015-5024 (IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, ...)
+CVE-2015-5024
 	NOT-FOR-US: IBM
-CVE-2015-5023 (SQL injection vulnerability in IBM Curam Social Program Management 6.1 ...)
+CVE-2015-5023
 	NOT-FOR-US: IBM
-CVE-2015-5022 (IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B ...)
+CVE-2015-5022
 	NOT-FOR-US: IBM
-CVE-2015-5021 (IBM InfoSphere Information Server 11.3 and 11.5 allows remote ...)
+CVE-2015-5021
 	NOT-FOR-US: IBM
-CVE-2015-5020 (The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, ...)
+CVE-2015-5020
 	NOT-FOR-US: IBM
-CVE-2015-5019 (IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B ...)
+CVE-2015-5019
 	NOT-FOR-US: IBM
-CVE-2015-5018 (IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before ...)
+CVE-2015-5018
 	NOT-FOR-US: IBM
-CVE-2015-5017 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
+CVE-2015-5017
 	NOT-FOR-US: IBM
-CVE-2015-5016 (IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management ...)
+CVE-2015-5016
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2015-5015 (IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack ...)
+CVE-2015-5015
 	NOT-FOR-US: IBM
-CVE-2015-5014 (IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 ...)
+CVE-2015-5014
 	NOT-FOR-US: IBM
-CVE-2015-5013 (The IBM Security Access Manager appliance includes configuration files ...)
+CVE-2015-5013
 	NOT-FOR-US: IBM
-CVE-2015-5012 (The SSH implementation on IBM Security Access Manager for Web ...)
+CVE-2015-5012
 	NOT-FOR-US: IBM
-CVE-2015-5011 (IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 ...)
+CVE-2015-5011
 	NOT-FOR-US: IBM
-CVE-2015-5010 (IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before ...)
+CVE-2015-5010
 	NOT-FOR-US: IBM
-CVE-2015-5009 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
+CVE-2015-5009
 	NOT-FOR-US: IBM
-CVE-2015-5008 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
+CVE-2015-5008
 	NOT-FOR-US: IBM
-CVE-2015-5007 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
+CVE-2015-5007
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-5006 (IBM Java Security Components in IBM SDK, Java Technology Edition 8 ...)
+CVE-2015-5006
 	NOT-FOR-US: IBM JDK
-CVE-2015-5005 (CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote ...)
+CVE-2015-5005
 	NOT-FOR-US: IBM
-CVE-2015-5004 (The Edge Component Caching Proxy in IBM WebSphere Application Server ...)
+CVE-2015-5004
 	NOT-FOR-US: IBM
-CVE-2015-5003 (The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 ...)
+CVE-2015-5003
 	NOT-FOR-US: IBM Tivoli Monitoring
-CVE-2015-5002 (Cross-site scripting (XSS) vulnerability in IBM Host On-Demand 11.0 ...)
+CVE-2015-5002
 	NOT-FOR-US: IBM
-CVE-2015-5001 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2015-5001
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2015-5000
 	RESERVED
 CVE-2015-4999
 	RESERVED
-CVE-2015-4998 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
+CVE-2015-4998
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-4997 (IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to ...)
+CVE-2015-4997
 	NOT-FOR-US: IBM
-CVE-2015-4996 (IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x ...)
+CVE-2015-4996
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2015-4995
 	RESERVED
-CVE-2015-4994 (Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 ...)
+CVE-2015-4994
 	NOT-FOR-US: IBM
-CVE-2015-4993 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
+CVE-2015-4993
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4992 (IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote ...)
+CVE-2015-4992
 	NOT-FOR-US: IBM
-CVE-2015-4991 (IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 ...)
+CVE-2015-4991
 	NOT-FOR-US: IBM
-CVE-2015-4990 (The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 ...)
+CVE-2015-4990
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2015-4989 (The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 ...)
+CVE-2015-4989
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2015-4988 (Directory traversal vulnerability in the replay server in IBM Tealeaf ...)
+CVE-2015-4988
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2015-4987 (The search and replay servers in IBM Tealeaf Customer Experience 8.0 ...)
+CVE-2015-4987
 	NOT-FOR-US: IBM Tealeaf Customer Experience
 CVE-2015-4986
 	RESERVED
@@ -12600,9 +12600,9 @@ CVE-2015-4983
 	RESERVED
 CVE-2015-4982
 	RESERVED
-CVE-2015-4981 (IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and ...)
+CVE-2015-4981
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-4980 (Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through ...)
+CVE-2015-4980
 	NOT-FOR-US: IBM WebSphere
 CVE-2015-4979
 	RESERVED
@@ -12614,13 +12614,13 @@ CVE-2015-4976
 	RESERVED
 CVE-2015-4975
 	RESERVED
-CVE-2015-4974 (IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and ...)
+CVE-2015-4974
 	NOT-FOR-US: IBM
-CVE-2015-4973 (Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise ...)
+CVE-2015-4973
 	NOT-FOR-US: IBM
 CVE-2015-4972
 	RESERVED
-CVE-2015-4971 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Strategic ...)
+CVE-2015-4971
 	NOT-FOR-US: IBM
 CVE-2015-4970
 	RESERVED
@@ -12628,301 +12628,301 @@ CVE-2015-4969
 	RESERVED
 CVE-2015-4968
 	REJECTED
-CVE-2015-4967 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 through ...)
+CVE-2015-4967
 	NOT-FOR-US: IBM
-CVE-2015-4966 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 ...)
+CVE-2015-4966
 	NOT-FOR-US: IBM
-CVE-2015-4965 (maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset ...)
+CVE-2015-4965
 	NOT-FOR-US: IBM
-CVE-2015-4964 (IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before ...)
+CVE-2015-4964
 	NOT-FOR-US: IBM
-CVE-2015-4963 (IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before ...)
+CVE-2015-4963
 	NOT-FOR-US: IBM
-CVE-2015-4962 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative ...)
+CVE-2015-4962
 	NOT-FOR-US: IBM
-CVE-2015-4961 (IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x ...)
+CVE-2015-4961
 	NOT-FOR-US: IBM
-CVE-2015-4960 (IBM InfoSphere Master Data Management - Collaborative Edition 9.1, ...)
+CVE-2015-4960
 	NOT-FOR-US: IBM InfoSphere Master Data Management
-CVE-2015-4959 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated ...)
+CVE-2015-4959
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2015-4958 (IBM InfoSphere Master Data Management - Collaborative Edition 9.1, ...)
+CVE-2015-4958
 	NOT-FOR-US: IBM InfoSphere Master Data Management
-CVE-2015-4957 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security ...)
+CVE-2015-4957
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-4956 (The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 ...)
+CVE-2015-4956
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-4955 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
+CVE-2015-4955
 	NOT-FOR-US: IBM
-CVE-2015-4954 (IBM BigFix Remote Control before Interim Fix pack ...)
+CVE-2015-4954
 	NOT-FOR-US: IBM
-CVE-2015-4953 (IBM BigFix Remote Control before Interim Fix pack ...)
+CVE-2015-4953
 	NOT-FOR-US: IBM
-CVE-2015-4952 (The on-demand plugin in IBM Endpoint Manager for Remote Control 9.0.1 ...)
+CVE-2015-4952
 	NOT-FOR-US: IBM
-CVE-2015-4951 (Client Acceptor Daemon (CAD) in the client in IBM Spectrum Protect ...)
+CVE-2015-4951
 	NOT-FOR-US: IBM Spectrum Protect
-CVE-2015-4950 (The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: ...)
+CVE-2015-4950
 	NOT-FOR-US: IBM
-CVE-2015-4949 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+CVE-2015-4949
 	NOT-FOR-US: IBM
-CVE-2015-4948 (netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre ...)
+CVE-2015-4948
 	NOT-FOR-US: IBM
-CVE-2015-4947 (Stack-based buffer overflow in the Administration Server in IBM HTTP ...)
+CVE-2015-4947
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4946 (Rational LifeCycle Project Administration in Jazz Team Server in IBM ...)
+CVE-2015-4946
 	NOT-FOR-US: IBM
-CVE-2015-4945 (Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 ...)
+CVE-2015-4945
 	NOT-FOR-US: IBM
-CVE-2015-4944 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2015-4944
 	NOT-FOR-US: IBM
-CVE-2015-4943 (IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to ...)
+CVE-2015-4943
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4942 (IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to ...)
+CVE-2015-4942
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4941 (IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS ...)
+CVE-2015-4941
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4940 (Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x ...)
+CVE-2015-4940
 	NOT-FOR-US: IBM
-CVE-2015-4939 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier ...)
+CVE-2015-4939
 	NOT-FOR-US: IBM
-CVE-2015-4938 (IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before ...)
+CVE-2015-4938
 	NOT-FOR-US: IBM WebSphere
 CVE-2015-4937
 	RESERVED
-CVE-2015-4936 (Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through ...)
+CVE-2015-4936
 	NOT-FOR-US: IBM
-CVE-2015-4935 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-4935
 	NOT-FOR-US: IBM
-CVE-2015-4934 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-4934
 	NOT-FOR-US: IBM
-CVE-2015-4933 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-4933
 	NOT-FOR-US: IBM
-CVE-2015-4932 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-4932
 	NOT-FOR-US: IBM
-CVE-2015-4931 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-4931
 	NOT-FOR-US: IBM
-CVE-2015-4930 (IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 ...)
+CVE-2015-4930
 	NOT-FOR-US: IBM QRadar SIEM
-CVE-2015-4929 (IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for ...)
+CVE-2015-4929
 	NOT-FOR-US: IBM
-CVE-2015-4928 (Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x ...)
+CVE-2015-4928
 	NOT-FOR-US: Apache Ambari
-CVE-2015-4927 (The Reporting and Monitoring component in Tivoli Monitoring in IBM ...)
+CVE-2015-4927
 	NOT-FOR-US: IBM
-CVE-2015-4926 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2015-4926
 	NOT-FOR-US: Oracle
-CVE-2015-4925 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
+CVE-2015-4925
 	NOT-FOR-US: Oracle
-CVE-2015-4924 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-4924
 	NOT-FOR-US: Oracle
-CVE-2015-4923 (Unspecified vulnerability in the XML Developer's Kit for C component ...)
+CVE-2015-4923
 	NOT-FOR-US: Oracle
-CVE-2015-4922 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2015-4922
 	NOT-FOR-US: Oracle
-CVE-2015-4921 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2015-4921
 	NOT-FOR-US: Oracle
-CVE-2015-4920 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2015-4920
 	NOT-FOR-US: Oracle
-CVE-2015-4919 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2015-4919
 	NOT-FOR-US: Oracle
 CVE-2015-4918
 	REJECTED
-CVE-2015-4917 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-4917
 	NOT-FOR-US: Oracle
-CVE-2015-4916 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 ...)
+CVE-2015-4916
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4915 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
+CVE-2015-4915
 	NOT-FOR-US: Oracle
-CVE-2015-4914 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2015-4914
 	NOT-FOR-US: Oracle
-CVE-2015-4913 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
+CVE-2015-4913
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4912 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2015-4912
 	NOT-FOR-US: Oracle
-CVE-2015-4911 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
+CVE-2015-4911
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4910 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
+CVE-2015-4910
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4909 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2015-4909
 	NOT-FOR-US: Oracle
-CVE-2015-4908 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 ...)
+CVE-2015-4908
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4907 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4907
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4906 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 ...)
+CVE-2015-4906
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4905 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-4905
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4904 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
+CVE-2015-4904
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4903 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4903
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4902 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 ...)
+CVE-2015-4902
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4901 (Unspecified vulnerability in Oracle Java SE 8u60 allows remote ...)
+CVE-2015-4901
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4900 (Unspecified vulnerability in the XDB - XML Database component in ...)
+CVE-2015-4900
 	NOT-FOR-US: Oracle
-CVE-2015-4899 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2015-4899
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-4898 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2015-4898
 	NOT-FOR-US: Oracle
 CVE-2015-4897
 	REJECTED
-CVE-2015-4896 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2015-4896
 	{DSA-3384-1}
 	- virtualbox 5.0.8-dfsg-1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <end-of-life> (No longer supported in Squeeze LTS)
-CVE-2015-4895 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
+CVE-2015-4895
 	{DSA-3385-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4894 (Unspecified vulnerability in the Mobile Server component in Oracle ...)
+CVE-2015-4894
 	NOT-FOR-US: Oracle
-CVE-2015-4893 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
+CVE-2015-4893
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4892 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-4892
 	NOT-FOR-US: Oracle
-CVE-2015-4891 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4891
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4890 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
+CVE-2015-4890
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4889
 	REJECTED
-CVE-2015-4888 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2015-4888
 	NOT-FOR-US: Oracle
-CVE-2015-4887 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2015-4887
 	NOT-FOR-US: Oracle
-CVE-2015-4886 (Unspecified vulnerability in the Oracle Report Manager component in ...)
+CVE-2015-4886
 	NOT-FOR-US: Oracle
-CVE-2015-4885 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2015-4885
 	NOT-FOR-US: Oracle
-CVE-2015-4884 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2015-4884
 	NOT-FOR-US: Oracle
-CVE-2015-4883 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4883
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4882 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4882
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4881 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4881
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4880 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2015-4880
 	NOT-FOR-US: Oracle
-CVE-2015-4879 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, ...)
+CVE-2015-4879
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4878 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-4878
 	NOT-FOR-US: Oracle
-CVE-2015-4877 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-4877
 	NOT-FOR-US: Oracle
-CVE-2015-4876 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-4876
 	NOT-FOR-US: Oracle
-CVE-2015-4875 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2015-4875
 	NOT-FOR-US: Oracle
-CVE-2015-4874 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2015-4874
 	NOT-FOR-US: Oracle
-CVE-2015-4873 (Unspecified vulnerability in the Database Scheduler component in ...)
+CVE-2015-4873
 	NOT-FOR-US: Oracle
-CVE-2015-4872 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
+CVE-2015-4872
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4871 (Unspecified vulnerability in Oracle Java SE 7u85 allows remote ...)
+CVE-2015-4871
 	{DSA-3401-1}
 	- openjdk-7 7u91-2.6.3-1
-CVE-2015-4870 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
+CVE-2015-4870
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4869 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-4869
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4868 (Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded ...)
+CVE-2015-4868
 	- openjdk-8 8u66-b17-1
-CVE-2015-4867 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2015-4867
 	NOT-FOR-US: Oracle
-CVE-2015-4866 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-4866
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 10.0.19-1
 	[jessie] - mariadb-10.0 10.0.20-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 	NOTE: MariaDB: fixed in 10.0.18
-CVE-2015-4865 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2015-4865
 	NOT-FOR-US: Oracle
-CVE-2015-4864 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier ...)
+CVE-2015-4864
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed>
 	[jessie] - mysql-5.5 5.5.44-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.44-0+deb7u1
 	[squeeze] - mysql-5.5 5.5.46-0+deb6u1
-CVE-2015-4863 (Unspecified vulnerability in the Portable Clusterware component in ...)
+CVE-2015-4863
 	NOT-FOR-US: Oracle
-CVE-2015-4862 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
+CVE-2015-4862
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4861 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
+CVE-2015-4861
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4860 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4860
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4859 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2015-4859
 	NOT-FOR-US: Oracle
-CVE-2015-4858 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
+CVE-2015-4858
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4857 (Unspecified vulnerability in the RDBMS component in Oracle Database ...)
+CVE-2015-4857
 	NOT-FOR-US: Oracle
-CVE-2015-4856 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2015-4856
 	- virtualbox 5.0.0-dfsg-1
 	[jessie] - virtualbox 4.3.30-dfsg-1+deb8u1
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
@@ -12930,27 +12930,27 @@ CVE-2015-4856 (Unspecified vulnerability in the Oracle VM VirtualBox component i
 	[squeeze] - virtualbox-ose <end-of-life> (No longer supported in Squeeze LTS)
 CVE-2015-4855
 	REJECTED
-CVE-2015-4854 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2015-4854
 	NOT-FOR-US: Oracle
 CVE-2015-4853
 	REJECTED
-CVE-2015-4852 (The WLS Security component in Oracle WebLogic Server 10.3.6.0, ...)
+CVE-2015-4852
 	NOT-FOR-US: Oracle
-CVE-2015-4851 (Unspecified vulnerability in the Oracle iSupplier Portal component in ...)
+CVE-2015-4851
 	NOT-FOR-US: Oracle
-CVE-2015-4850 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2015-4850
 	NOT-FOR-US: Oracle
-CVE-2015-4849 (Unspecified vulnerability in the Oracle Payments component in Oracle ...)
+CVE-2015-4849
 	NOT-FOR-US: Oracle
-CVE-2015-4848 (Unspecified vulnerability in the Oracle Configurator component in ...)
+CVE-2015-4848
 	NOT-FOR-US: Oracle
-CVE-2015-4847 (Unspecified vulnerability in the Oracle Configurator component in ...)
+CVE-2015-4847
 	NOT-FOR-US: Oracle
-CVE-2015-4846 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2015-4846
 	NOT-FOR-US: Oracle
-CVE-2015-4845 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2015-4845
 	NOT-FOR-US: Oracle
-CVE-2015-4844 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4844
 	{DSA-3725-1 DSA-3465-1 DSA-3381-1 DLA-545-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
@@ -12963,50 +12963,50 @@ CVE-2015-4844 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
 	NOTE: see also CVE-2016-0494, introduced in through the fix for this CVE.
 	NOTE: Upstream commit for OpenJDK: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e
-CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4843
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4842 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4842
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4841 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2015-4841
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2015-4840 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE ...)
+CVE-2015-4840
 	{DSA-3381-1}
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4839 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2015-4839
 	NOT-FOR-US: Oracle
-CVE-2015-4838 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2015-4838
 	NOT-FOR-US: Oracle
-CVE-2015-4837 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4837
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4836 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
+CVE-2015-4836
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4835 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4835
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4834 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4834
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4833 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
+CVE-2015-4833
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4832 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2015-4832
 	NOT-FOR-US: Oracle
-CVE-2015-4831 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4831
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4830 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
+CVE-2015-4830
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
@@ -13014,45 +13014,45 @@ CVE-2015-4830 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earli
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4829
 	REJECTED
-CVE-2015-4828 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
+CVE-2015-4828
 	NOT-FOR-US: Oracle
-CVE-2015-4827 (Unspecified vulnerability in the Oracle Retail Open Commerce Platform ...)
+CVE-2015-4827
 	NOT-FOR-US: Oracle
-CVE-2015-4826 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
+CVE-2015-4826
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4825 (Unspecified vulnerability in the PeopleSoft Enterprise FIN Expenses ...)
+CVE-2015-4825
 	NOT-FOR-US: Oracle
-CVE-2015-4824 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-4824
 	NOT-FOR-US: Oracle
-CVE-2015-4823 (Unspecified vulnerability in the Hyperion Installation Technology ...)
+CVE-2015-4823
 	NOT-FOR-US: Oracle
-CVE-2015-4822 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4822
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4821 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
+CVE-2015-4821
 	NOT-FOR-US: Oracle
-CVE-2015-4820 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4820
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4819 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, ...)
+CVE-2015-4819
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4818 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-4818
 	NOT-FOR-US: Oracle
-CVE-2015-4817 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4817
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4816 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier ...)
+CVE-2015-4816
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4815 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
+CVE-2015-4815
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
@@ -13060,153 +13060,153 @@ CVE-2015-4815 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earli
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4814
 	REJECTED
-CVE-2015-4813 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2015-4813
 	{DSA-3384-1}
 	- virtualbox 5.0.8-dfsg-1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <end-of-life> (No longer supported in Squeeze LTS)
-CVE-2015-4812 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2015-4812
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4811 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-4811
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4810 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local ...)
+CVE-2015-4810
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4809 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-4809
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4808 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-4808
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4807 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
+CVE-2015-4807
 	- mysql-5.6 <not-affected> (Only on Windows plattform)
 	- mysql-5.5 <not-affected> (Only on Windows plattform)
 	- mariadb-10.0 <not-affected> (Only on Windows plattform)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4806 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4806
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4805 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
+CVE-2015-4805
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4804 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent ...)
+CVE-2015-4804
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2015-4803 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
+CVE-2015-4803
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4802 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
+CVE-2015-4802
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4801 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-4801
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4800 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
+CVE-2015-4800
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4799 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2015-4799
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4798 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2015-4798
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2015-4797 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-4797
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2015-4796 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2015-4796
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4795 (Unspecified vulnerability in the Oracle Utilities Work and Asset ...)
+CVE-2015-4795
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2015-4794 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2015-4794
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4793 (Unspecified vulnerability in the Oracle Communications Convergence ...)
+CVE-2015-4793
 	NOT-FOR-US: Oracle Communications Applications
-CVE-2015-4792 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
+CVE-2015-4792
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4791 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
+CVE-2015-4791
 	- mysql-5.6 <not-affected> (Only on Windows plattform)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4790 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4790
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4789 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4789
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4788 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4788
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4787 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4787
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4786 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4786
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4785 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4785
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4784 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4784
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4783 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4783
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4782 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4782
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4781 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4781
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4780 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4780
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4779 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4779
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4778 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4778
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4777 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4777
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4776 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4776
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4775 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4775
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4774 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4774
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4773 (Unspecified vulnerability in the Hyperion Common Security component in ...)
+CVE-2015-4773
 	NOT-FOR-US: Oracle Hyperion
-CVE-2015-4772 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-4772
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4771 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-4771
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4770 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-4770
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4769 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-4769
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4768 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-4768
 	NOT-FOR-US: Oracal Supply Chain
-CVE-2015-4767 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-4767
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4766 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
+CVE-2015-4766
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4765 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2015-4765
 	NOT-FOR-US: Oracle Applications Manager
-CVE-2015-4764 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4764
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4763 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-4763
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-4762 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2015-4762
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2015-4761 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-4761
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4760 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
+CVE-2015-4760
 	{DSA-3339-1 DSA-3323-1 DSA-3316-1 DLA-303-1 DLA-283-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13215,11 +13215,11 @@ CVE-2015-4760 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45
 	- icu 52.1-10
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/3f9845510b47
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4759 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-4759
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4758 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-4758
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4757 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier ...)
+CVE-2015-4757
 	{DSA-3311-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 5.5.43-0+deb8u1
@@ -13228,27 +13228,27 @@ CVE-2015-4757 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earli
 	[wheezy] - mysql-5.5 5.5.43-0+deb7u1
 	- mariadb-10.0 10.0.19-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4756 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier ...)
+CVE-2015-4756
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4755 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+CVE-2015-4755
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4754 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-4754
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4753 (Unspecified vulnerability in the RDBMS Support Tools component in ...)
+CVE-2015-4753
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4752 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier ...)
+CVE-2015-4752
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4751 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2015-4751
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4750 (Unspecified vulnerability in the Oracle VM Server for SPARC component ...)
+CVE-2015-4750
 	NOT-FOR-US: Oracle VM Server
-CVE-2015-4749 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
+CVE-2015-4749
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13256,7 +13256,7 @@ CVE-2015-4749 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45;
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-4748 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
+CVE-2015-4748
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13264,27 +13264,27 @@ CVE-2015-4748 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45;
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-4747 (Unspecified vulnerability in the Oracle Event Processing component in ...)
+CVE-2015-4747
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4746 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
+CVE-2015-4746
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-4745 (Unspecified vulnerability in the Oracle Endeca Information Discovery ...)
+CVE-2015-4745
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4744 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2015-4744
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-4743 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2015-4743
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4742 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2015-4742
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4741 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2015-4741
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4740 (Unspecified vulnerability in the RDBMS Partitioning component in ...)
+CVE-2015-4740
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4739 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2015-4739
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4738 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Candidate ...)
+CVE-2015-4738
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2015-4737 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, ...)
+CVE-2015-4737
 	{DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
@@ -13295,17 +13295,17 @@ CVE-2015-4737 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earli
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-8269
 	NOTE: Marked as not-affected for MariaDB since Oracle has given no evidence of
 	NOTE: affecting MariaDB to their developers.
-CVE-2015-4736 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows ...)
+CVE-2015-4736
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4735 (Unspecified vulnerability in the Enterprise Manager for Oracle ...)
+CVE-2015-4735
 	NOT-FOR-US: Oracle Database
-CVE-2015-4734 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and ...)
+CVE-2015-4734
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4733 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
+CVE-2015-4733
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13313,7 +13313,7 @@ CVE-2015-4733 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45,
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4732 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
+CVE-2015-4732
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13321,7 +13321,7 @@ CVE-2015-4732 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45,
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4731 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java ...)
+CVE-2015-4731
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13329,44 +13329,44 @@ CVE-2015-4731 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45;
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4730 (Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows ...)
+CVE-2015-4730
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4729 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows ...)
+CVE-2015-4729
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4728 (Unspecified vulnerability in the Oracle Sourcing component in Oracle ...)
+CVE-2015-4728
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4727 (Unspecified vulnerability in Oracle Virtualization Sun Ray Software ...)
+CVE-2015-4727
 	NOT-FOR-US: Oracle Virtulization
-CVE-2015-4726 (PHP remote file inclusion vulnerability in ajax/myajaxphp.php in ...)
+CVE-2015-4726
 	NOT-FOR-US: AudioShare
-CVE-2015-4725 (Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare ...)
+CVE-2015-4725
 	NOT-FOR-US: AudioShare
-CVE-2015-4724 (SQL injection vulnerability in Concrete5 5.7.3.1. ...)
+CVE-2015-4724
 	NOT-FOR-US: Concrete5
 CVE-2015-4723
 	RESERVED
 CVE-2015-4722
 	RESERVED
-CVE-2015-4721 (Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 ...)
+CVE-2015-4721
 	NOT-FOR-US: Concrete5
 CVE-2015-4720
 	REJECTED
 CVE-2015-4719
 	RESERVED
-CVE-2015-4718 (The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x ...)
+CVE-2015-4718
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-008
 	NOTE: https://github.com/owncloud/core/commit/200e9d949783efbd57f39acedebc03924c1dfff4
-CVE-2015-4717 (The filename sanitization component in ownCloud Server before 6.0.8, ...)
+CVE-2015-4717
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-007
 	NOTE: https://github.com/owncloud/core/commit/5fa749cd9656ca6eab30bac0ef4e7625b8a8be2e
-CVE-2015-4716 (Directory traversal vulnerability in the routing component in ownCloud ...)
+CVE-2015-4716
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1 (unimportant)
 	NOTE: Specific to installations on Windows
@@ -13377,9 +13377,9 @@ CVE-2015-4715 [Mounted Dropbox storage allows "Dropbox.com" to access any file]
 	[jessie] - php-dropbox 1.0.0-3+deb8u1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-005
 	NOTE: Only relevant if server runs PHP below 5.6.0
-CVE-2015-4714 (Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S ...)
+CVE-2015-4714
 	NOT-FOR-US: DreamBox DM500-S
-CVE-2015-4713 (SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote ...)
+CVE-2015-4713
 	NOT-FOR-US: ApPHP Hotel Site
 CVE-2015-4712
 	RESERVED
@@ -13397,13 +13397,13 @@ CVE-2015-4702
 	RESERVED
 CVE-2015-4701
 	RESERVED
-CVE-2015-4699 (Cross-site scripting (XSS) vulnerability in the Splash Portal in ...)
+CVE-2015-4699
 	NOT-FOR-US: Cloud4Wi
 CVE-2015-4698
 	RESERVED
-CVE-2015-4697 (Cross-site request forgery (CSRF) vulnerability in Google Analyticator ...)
+CVE-2015-4697
 	NOT-FOR-US: WordPress plugin google-analyticator
-CVE-2015-4694 (Directory traversal vulnerability in download.php in the Zip ...)
+CVE-2015-4694
 	NOT-FOR-US: Zip Attachments plugin for WordPress
 CVE-2015-4693
 	RESERVED
@@ -13411,35 +13411,35 @@ CVE-2015-4691
 	RESERVED
 CVE-2015-4690
 	RESERVED
-CVE-2015-4689 (Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows ...)
+CVE-2015-4689
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
-CVE-2015-4688 (Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allow ...)
+CVE-2015-4688
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
-CVE-2015-4687 (Cross-site scripting (XSS) vulnerability in Ellucian (formerly ...)
+CVE-2015-4687
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
 CVE-2015-4686
 	RESERVED
-CVE-2015-4685 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows ...)
+CVE-2015-4685
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4684 (Multiple directory traversal vulnerabilities in Polycom RealPresence ...)
+CVE-2015-4684
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4683 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows ...)
+CVE-2015-4683
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4682 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows ...)
+CVE-2015-4682
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4681 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows ...)
+CVE-2015-4681
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4679 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2015-4679
 	NOT-FOR-US: Airties RT-210
-CVE-2015-4678 (SQL injection vulnerability in Persian Car CMS 1.0 allows remote ...)
+CVE-2015-4678
 	NOT-FOR-US: Persian Car CMS
-CVE-2015-4677 (Cross-site request forgery (CSRF) vulnerability in FiverrScript (aka ...)
+CVE-2015-4677
 	NOT-FOR-US: FiverrScript
-CVE-2015-4676 (SQL injection vulnerability in ticket.php in TickFa 1.x allows remote ...)
+CVE-2015-4676
 	NOT-FOR-US: TickFa
-CVE-2015-4675 (Buffer overflow in the Tiny SRP library (aka TinySRP) allows remote ...)
+CVE-2015-4675
 	NOT-FOR-US: Tiny SRP
-CVE-2015-5070 (The (1) filesystem::get_wml_location function in filesystem.cpp and ...)
+CVE-2015-5070
 	{DLA-297-1}
 	[experimental] - wesnoth-1.13 1:1.13.1-1
 	- wesnoth-1.12 1:1.12.4-1
@@ -13448,7 +13448,7 @@ CVE-2015-5070 (The (1) filesystem::get_wml_location function in filesystem.cpp a
 	[wheezy] - wesnoth-1.10 1:1.10.3-3+deb7u2
 	- wesnoth-1.8 <removed>
 	NOTE: https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59
-CVE-2015-5069 (The (1) filesystem::get_wml_location function in filesystem.cpp and ...)
+CVE-2015-5069
 	{DLA-297-1}
 	[experimental] - wesnoth-1.13 1:1.13.1-1
 	- wesnoth-1.12 1:1.12.4-1
@@ -13457,41 +13457,41 @@ CVE-2015-5069 (The (1) filesystem::get_wml_location function in filesystem.cpp a
 	[wheezy] - wesnoth-1.10 1:1.10.3-3+deb7u2
 	- wesnoth-1.8 <removed>
 	NOTE: https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d
-CVE-2015-5059 (The &quot;Project Documentation&quot; feature in MantisBT 1.2.19 and earlier, ...)
+CVE-2015-5059
 	- mantis <removed>
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/f39cf525 (1.2.x)
 	NOTE: https://mantisbt.org/bugs/view.php?id=19873
-CVE-2015-5057 (Cross-site scripting (XSS) vulnerability exists in the Wordpress admin ...)
+CVE-2015-5057
 	NOT-FOR-US: WordPress plugin broken-link-checker
-CVE-2015-4707 (Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows ...)
+CVE-2015-4707
 	- ipython 2.4.1-1 (bug #789824)
 	[jessie] - ipython <no-dsa> (Minor issue)
 	[wheezy] - ipython <not-affected> (Problematic code introduced in rel-2.0.0)
 	[squeeze] - ipython <not-affected> (Problematic code introduced in rel-2.0.0)
 	NOTE: https://github.com/ipython/ipython/commit/1fcc9943c000ab553ebc029db99ecbd0536960d6
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/22/4
-CVE-2015-4706 (Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 ...)
+CVE-2015-4706
 	- ipython <not-affected> (Only affects 3.x)
-CVE-2015-4704 (Directory traversal vulnerability in the Download Zip Attachments ...)
+CVE-2015-4704
 	NOT-FOR-US: WordPress plugin download-zip-attachments
-CVE-2015-4703 (Absolute path traversal vulnerability in mysqldump_download.php in the ...)
+CVE-2015-4703
 	NOT-FOR-US: WordPress plugin wp-instance-rename
-CVE-2015-4700 (The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the ...)
+CVE-2015-4700
 	{DSA-3329-1}
 	- linux 4.0.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in v3.0-rc1)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be (v4.1-rc6)
 	NOTE: Introduced in: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a14842f5a3c0e88a1e59fac5c3025db39721f74 (v3.0-rc1)
-CVE-2015-4696 (Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers ...)
+CVE-2015-4696
 	{DSA-3302-1 DLA-257-1}
 	- libwmf 0.2.8.4-10.4 (bug #784192)
-CVE-2015-4695 (meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of ...)
+CVE-2015-4695
 	{DSA-3302-1 DLA-257-1}
 	- libwmf 0.2.8.4-10.4 (bug #784205)
-CVE-2015-4680 (FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly ...)
+CVE-2015-4680
 	{DLA-977-1}
 	- freeradius 2.2.8+dfsg-0.1 (bug #789623)
 	[jessie] - freeradius <no-dsa> (Minor issue)
@@ -13500,27 +13500,27 @@ CVE-2015-4680 (FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not pro
 	NOTE: See raddb/certs/README
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/5e698b407dcac2bc45cf03484bac4398109d25c3 (v2.x.x branch)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-008.html
-CVE-2015-4674 (The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows ...)
+CVE-2015-4674
 	NOT-FOR-US: TimeDoctor Pro
-CVE-2015-4673 (Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket ...)
+CVE-2015-4673
 	NOT-FOR-US: ClipBucket
 CVE-2015-4672
 	RESERVED
-CVE-2015-4671 (Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 ...)
+CVE-2015-4671
 	NOT-FOR-US: OpenCart
-CVE-2015-4670 (Directory traversal vulnerability in the AjaxFileUpload control in ...)
+CVE-2015-4670
 	NOT-FOR-US: AjaxControlToolkit
-CVE-2015-4669 (The MySQL &quot;root&quot; user in Xsuite 2.x does not have a password set, ...)
+CVE-2015-4669
 	NOT-FOR-US: Xsuite
-CVE-2015-4668 (Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows ...)
+CVE-2015-4668
 	NOT-FOR-US: Xsuite
-CVE-2015-4667 (Multiple hardcoded credentials in Xsuite 2.x. ...)
+CVE-2015-4667
 	NOT-FOR-US: Xsuite
-CVE-2015-4666 (Directory traversal vulnerability in opm/read_sessionlog.php in ...)
+CVE-2015-4666
 	NOT-FOR-US: Xceedium Xsuite
-CVE-2015-4665 (Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium ...)
+CVE-2015-4665
 	NOT-FOR-US: Xceedium Xsuite
-CVE-2015-4664 (An improper input validation vulnerability in CA Privileged Access ...)
+CVE-2015-4664
 	NOT-FOR-US: CA Privileged Access Manager
 CVE-2015-4663
 	RESERVED
@@ -13528,109 +13528,109 @@ CVE-2015-4663
 	NOTE: https://github.com/facebook/hhvm/commit/e282a459188a472e177b45ad2d2989289294df74
 CVE-2015-4662
 	RESERVED
-CVE-2015-4661 (Cross-site scripting (XSS) vulnerability in Symphony CMS 2.6.2 allows ...)
+CVE-2015-4661
 	NOT-FOR-US: Symphony CMS
-CVE-2015-4660 (Cross-site scripting (XSS) vulnerability in Enhanced SQL Portal ...)
+CVE-2015-4660
 	NOT-FOR-US: Enhanced SQL Portal
-CVE-2015-4659 (Cross-site request forgery (CSRF) vulnerability in ClickHeat 1.14 and ...)
+CVE-2015-4659
 	NOT-FOR-US: ClickHeat
-CVE-2015-4658 (Multiple SQL injection vulnerabilities in admin/login.php in Milw0rm ...)
+CVE-2015-4658
 	NOT-FOR-US: Milw0rm Clone Script
-CVE-2015-4657 (Cross-site scripting (XSS) vulnerability in Mailbird 2.0.16.0 and ...)
+CVE-2015-4657
 	NOT-FOR-US: Mailbird
-CVE-2015-4656 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo ...)
+CVE-2015-4656
 	NOT-FOR-US: Synology Photo Station
-CVE-2015-4655 (Cross-site scripting (XSS) vulnerability in Synology DiskStation ...)
+CVE-2015-4655
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2015-4654 (SQL injection vulnerability in the EQ Event Calendar component for ...)
+CVE-2015-4654
 	NOT-FOR-US: EQ Event Calendar component for Joomla!
 CVE-2015-4653
 	RESERVED
-CVE-2015-4650 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+CVE-2015-4650
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-4649 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+CVE-2015-4649
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-4648 (Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX ...)
+CVE-2015-4648
 	NOT-FOR-US: Pansonic Security API
-CVE-2015-4647 (Multiple stack-based buffer overflows in Ipropsapi in Panasonic ...)
+CVE-2015-4647
 	NOT-FOR-US: Pansonic Security API
-CVE-2015-4641 (Directory traversal vulnerability in the SwiftKey language-pack update ...)
+CVE-2015-4641
 	NOT-FOR-US: SwiftKey language-pack update implementation on Samsung devices
-CVE-2015-4640 (The SwiftKey language-pack update implementation on Samsung Galaxy S4, ...)
+CVE-2015-4640
 	NOT-FOR-US: SwiftKey language-pack update implementation on Samsung devices
-CVE-2015-4652 (epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in ...)
+CVE-2015-4652
 	{DSA-3294-1}
 	- wireshark 1.12.6+gee1fce6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-20.html
-CVE-2015-4651 (The dissect_wccp2r1_address_table_info function in ...)
+CVE-2015-4651
 	{DSA-3294-1}
 	- wireshark 1.12.6+gee1fce6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-19.html
-CVE-2015-4646 ((1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) ...)
+CVE-2015-4646
 	- squashfs-tools 1:4.3-2 (bug #793468)
 	[jessie] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2015-4645 (Integer overflow in the read_fragment_table_4 function in unsquash-4.c ...)
+CVE-2015-4645
 	- squashfs-tools 1:4.3-2 (bug #793467)
 	[jessie] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2015-4642 (The escapeshellarg function in ext/standard/exec.c in PHP before ...)
+CVE-2015-4642
 	- php5 <not-affected> (Windows specific)
 	NOTE: https://bugs.php.net/bug.php?id=69646
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=d2ac264ffea5ca2e85640b6736e0c7cd4ee9a4a9
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4643 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP ...)
+CVE-2015-4643
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
 	NOTE: https://bugs.php.net/bug.php?id=69545#1431550655
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4644 (The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka ...)
+CVE-2015-4644
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
 	NOTE: https://bugs.php.net/bug.php?id=69667
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4639 (Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl ...)
+CVE-2015-4639
 	NOT-FOR-US: Koha
-CVE-2015-4638 (The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ...)
+CVE-2015-4638
 	NOT-FOR-US: FastL4
-CVE-2015-4637 (The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 ...)
+CVE-2015-4637
 	NOT-FOR-US: BIG-IQ
 CVE-2015-4636
 	RESERVED
 CVE-2015-4635
 	RESERVED
-CVE-2015-4634 (SQL injection vulnerability in graphs.php in Cacti before 0.8.8e ...)
+CVE-2015-4634
 	{DSA-3312-1 DLA-278-1}
 	- cacti 0.8.8e+ds1-1
 	NOTE: http://bugs.cacti.net/view.php?id=2577
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
-CVE-2015-4633 (Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, ...)
+CVE-2015-4633
 	- koha <itp> (bug #389876)
-CVE-2015-4632 (Multiple directory traversal vulnerabilities in Koha 3.14.x before ...)
+CVE-2015-4632
 	- koha <itp> (bug #389876)
-CVE-2015-4631 (Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x ...)
+CVE-2015-4631
 	- koha <itp> (bug #389876)
-CVE-2015-4630 (Multiple cross-site request forgery (CSRF) vulnerabilities in Koha ...)
+CVE-2015-4630
 	- koha <itp> (bug #389876)
-CVE-2015-4629 (Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to ...)
+CVE-2015-4629
 	NOT-FOR-US: Huawei
-CVE-2015-4628 (SQL injection vulnerability in ...)
+CVE-2015-4628
 	- limesurvey <itp> (bug #472802)
-CVE-2015-4627 (SQL injection vulnerability in Pragyan CMS 3.0. ...)
+CVE-2015-4627
 	NOT-FOR-US: Pragyan CMS
-CVE-2015-4626 (B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, ...)
+CVE-2015-4626
 	NOT-FOR-US: B.A.S C2Box
-CVE-2015-4624 (Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. ...)
+CVE-2015-4624
 	NOT-FOR-US: Hak5 WiFi Pineapple
 CVE-2015-4623
 	RESERVED
@@ -13638,59 +13638,59 @@ CVE-2015-4622
 	RESERVED
 CVE-2015-4621
 	RESERVED
-CVE-2015-4620 (name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and ...)
+CVE-2015-4620
 	{DSA-3304-1 DLA-270-1}
 	- bind9 1:9.9.5.dfsg-10 (bug #791715)
 	NOTE: https://kb.isc.org/article/AA-01267
-CVE-2015-4619 (Cross-site request forgery (CSRF) vulnerability in Spina before commit ...)
+CVE-2015-4619
 	NOT-FOR-US: Spina CMS
 CVE-2015-4618
 	RESERVED
-CVE-2015-4617 (Vulnerability in Easy2map-photos WordPress Plugin v1.09 ...)
+CVE-2015-4617
 	NOT-FOR-US: WordPress plugin easy2map-photos
-CVE-2015-4616 (Directory traversal vulnerability in includes/MapPinImageSave.php in ...)
+CVE-2015-4616
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-4615 (Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL ...)
+CVE-2015-4615
 	NOT-FOR-US: WordPress plugin easy2map-photos
-CVE-2015-4614 (Multiple SQL injection vulnerabilities in includes/Function.php in the ...)
+CVE-2015-4614
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-4613 (SQL injection vulnerability in the backend module in the Developer Log ...)
+CVE-2015-4613
 	NOT-FOR-US: TYPO3 extension devlog
-CVE-2015-4612 (SQL injection vulnerability in the &quot;FAQ - Frequently Asked Questions&quot; ...)
+CVE-2015-4612
 	NOT-FOR-US: TYPO3 extension js_faq
-CVE-2015-4611 (SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) ...)
+CVE-2015-4611
 	NOT-FOR-US: TYPO3 extension ncgov_smoelenboek
-CVE-2015-4610 (SQL injection vulnerability in the Store Locator (locator) extension ...)
+CVE-2015-4610
 	NOT-FOR-US: TYPO3 extension locator
-CVE-2015-4609 (SQL injection vulnerability in the wt_directory extension before 1.4.2 ...)
+CVE-2015-4609
 	NOT-FOR-US: TYPO3 extension wt_directory
-CVE-2015-4608 (Cross-site scripting (XSS) vulnerability in the BE User Log ...)
+CVE-2015-4608
 	NOT-FOR-US: TYPO3 extension beko_beuserlog
-CVE-2015-4607 (Unrestricted file upload vulnerability in the Frontend User Upload ...)
+CVE-2015-4607
 	NOT-FOR-US: TYPO3 extension feupload
-CVE-2015-4606 (Unrestricted file upload vulnerability in the Job Fair (jobfair) ...)
+CVE-2015-4606
 	NOT-FOR-US: TYPO3 extension jobfair
 CVE-2015-4597
 	RESERVED
-CVE-2015-4596 (Lenovo Mouse Suite before 6.73 allows local users to run arbitrary ...)
+CVE-2015-4596
 	NOT-FOR-US: Lenovo
 CVE-2015-4595
 	RESERVED
-CVE-2015-4594 (eClinicalWorks Population Health (CCMR) suffers from a session ...)
+CVE-2015-4594
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4593 (eClinicalWorks Population Health (CCMR) suffers from a cross-site ...)
+CVE-2015-4593
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4592 (eClinicalWorks Population Health (CCMR) suffers from an SQL injection ...)
+CVE-2015-4592
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4591 (eClinicalWorks Population Health (CCMR) suffers from a cross site ...)
+CVE-2015-4591
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4590 (The extractFrom function in Internals/QuotedString.cpp in Arduino JSON ...)
+CVE-2015-4590
 	NOT-FOR-US: Arduino JSON
 CVE-2015-4589
 	RESERVED
-CVE-2015-4587 (Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent ...)
+CVE-2015-4587
 	NOT-FOR-US: Alcatel-Lucent CellPipe 7130 router
-CVE-2015-4586 (Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent ...)
+CVE-2015-4586
 	NOT-FOR-US: Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL
 CVE-2015-4585
 	RESERVED
@@ -13744,147 +13744,147 @@ CVE-2015-4561
 	RESERVED
 CVE-2015-4560
 	RESERVED
-CVE-2015-4559 (Cross-site scripting (XSS) vulnerability in the product deployment ...)
+CVE-2015-4559
 	NOT-FOR-US: Intel McAfee ePolicy Orchestrator
 CVE-2015-4558
 	RESERVED
-CVE-2015-4557 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2015-4557
 	NOT-FOR-US: WordPress plugin nextend-twitter-connect
-CVE-2015-4555 (Buffer overflow in the HTTP administrative interface in TIBCO ...)
+CVE-2015-4555
 	NOT-FOR-US: TIBCO
-CVE-2015-4554 (Multiple unspecified vulnerabilities in TIBCO Spotfire Client and ...)
+CVE-2015-4554
 	NOT-FOR-US: TIBCO
 CVE-2015-4553
 	RESERVED
-CVE-2015-4552 (Cross-site scripting (XSS) vulnerability in the quick edit function in ...)
+CVE-2015-4552
 	NOT-FOR-US: MyBB
-CVE-2015-4551 (LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the ...)
+CVE-2015-4551
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
-CVE-2015-4550 (The Cavium cryptographic-module firmware on Cisco Adaptive Security ...)
+CVE-2015-4550
 	NOT-FOR-US: Cisco
 CVE-2015-4549
 	RESERVED
-CVE-2015-4548 (EMC RSA Web Threat Detection before 5.1 SP1 allows local users to ...)
+CVE-2015-4548
 	NOT-FOR-US: EMC RSA Web Threat Detection
-CVE-2015-4547 (EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB ...)
+CVE-2015-4547
 	NOT-FOR-US: EMC RSA Web Threat Detection
-CVE-2015-4546 (Directory traversal vulnerability in EMC RSA OneStep 6.9 before build ...)
+CVE-2015-4546
 	NOT-FOR-US: EMC RSA OneStep
-CVE-2015-4545 (EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 ...)
+CVE-2015-4545
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2015-4544 (EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 ...)
+CVE-2015-4544
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4543 (EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored ...)
+CVE-2015-4543
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2015-4542 (EMC RSA Archer GRC 5.x before 5.5.3 allows remote authenticated users ...)
+CVE-2015-4542
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2015-4541 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer ...)
+CVE-2015-4541
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2015-4540 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA ...)
+CVE-2015-4540
 	NOT-FOR-US: EMC RSA
-CVE-2015-4539 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA ...)
+CVE-2015-4539
 	NOT-FOR-US: EMC RSA
-CVE-2015-4538 (The XML parser in EMC Atmos before 2.2.3.426 and 2.3.x before 2.3.1.0 ...)
+CVE-2015-4538
 	NOT-FOR-US: EMC Atmos
-CVE-2015-4537 (Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase ...)
+CVE-2015-4537
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-4536 (EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 ...)
+CVE-2015-4536
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4535 (Java Method Server (JMS) in EMC Documentum Content Server before ...)
+CVE-2015-4535
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4534 (Java Method Server (JMS) in EMC Documentum Content Server before ...)
+CVE-2015-4534
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4533 (EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, ...)
+CVE-2015-4533
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4532 (EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, ...)
+CVE-2015-4532
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4531 (EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, ...)
+CVE-2015-4531
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4530 (Cross-site request forgery (CSRF) vulnerability in EMC Documentum ...)
+CVE-2015-4530
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4529 (Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, ...)
+CVE-2015-4529
 	NOT-FOR-US: EMC Documentum WebTop
-CVE-2015-4528 (Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage ...)
+CVE-2015-4528
 	NOT-FOR-US: EMC Documentum CenterStage
-CVE-2015-4527 (Directory traversal vulnerability in EMC Avamar Server 7.x before ...)
+CVE-2015-4527
 	NOT-FOR-US: EMC Avamar
-CVE-2015-4526 (EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to ...)
+CVE-2015-4526
 	NOT-FOR-US: EMC RecoverPoint
-CVE-2015-4525 (The log-gather implementation in the web administration interface in ...)
+CVE-2015-4525
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2015-4524 (Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 ...)
+CVE-2015-4524
 	NOT-FOR-US: EMC Documentum WebTop Client
-CVE-2015-4523 (Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware ...)
+CVE-2015-4523
 	NOT-FOR-US: Blue Coat
-CVE-2015-4522 (The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before ...)
+CVE-2015-4522
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-4521 (The ConvertDialogOptions function in Mozilla Firefox before 41.0 and ...)
+CVE-2015-4521
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-4520 (Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow ...)
+CVE-2015-4520
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-111/
-CVE-2015-4519 (Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow ...)
+CVE-2015-4519
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-110/
-CVE-2015-4518 (The Reader View implementation in Mozilla Firefox before 42.0 has an ...)
+CVE-2015-4518
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-118/
-CVE-2015-4517 (NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x ...)
+CVE-2015-4517
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-4516 (Mozilla Firefox before 41.0 allows remote attackers to bypass certain ...)
+CVE-2015-4516
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-109/
-CVE-2015-4515 (Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP ...)
+CVE-2015-4515
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-117/
-CVE-2015-4514 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-4514
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/
-CVE-2015-4513 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-4513
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/
-CVE-2015-4512 (gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux ...)
+CVE-2015-4512
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-107/
-CVE-2015-4511 (Heap-based buffer overflow in the nestegg_track_codec_data function in ...)
+CVE-2015-4511
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-105/
-CVE-2015-4510 (Race condition in the WorkerPrivate::NotifyFeatures function in ...)
+CVE-2015-4510
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-104/
-CVE-2015-4509 (Use-after-free vulnerability in the HTMLVideoElement interface in ...)
+CVE-2015-4509
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-106/
-CVE-2015-4508 (Mozilla Firefox before 41.0, when reader mode is enabled, allows ...)
+CVE-2015-4508
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-103/
-CVE-2015-4507 (The SavedStacks class in the JavaScript implementation in Mozilla ...)
+CVE-2015-4507
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-102/
-CVE-2015-4506 (Buffer overflow in the vp9_init_context_buffers function in libvpx, as ...)
+CVE-2015-4506
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -13893,47 +13893,47 @@ CVE-2015-4506 (Buffer overflow in the vp9_init_context_buffers function in libvp
 	[wheezy] - libvpx <not-affected> (no vp9 support in this version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-101/
 	NOTE: this is a duplicate of CVE-2015-1258, libvpx in google chrome
-CVE-2015-4505 (updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before ...)
+CVE-2015-4505
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-100/
-CVE-2015-4504 (The lut_inverse_interp16 function in the QCMS library in Mozilla ...)
+CVE-2015-4504
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-98/
-CVE-2015-4503 (The TCP Socket API implementation in Mozilla Firefox before 41.0 ...)
+CVE-2015-4503
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/
-CVE-2015-4502 (js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles ...)
+CVE-2015-4502
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-108/
-CVE-2015-4501 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-4501
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/
-CVE-2015-4500 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-4500
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/
-CVE-2015-4499 (Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x ...)
+CVE-2015-4499
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-4498 (The add-on installation feature in Mozilla Firefox before 40.0.3 and ...)
+CVE-2015-4498
 	{DSA-3345-1}
 	- iceweasel 38.2.1esr-1
 	[squeeze] - iceweasel <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-95
-CVE-2015-4497 (Use-after-free vulnerability in the CanvasRenderingContext2D ...)
+CVE-2015-4497
 	{DSA-3345-1}
 	- iceweasel 38.2.1esr-1
 	[squeeze] - iceweasel <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-94/
-CVE-2015-4496 (Multiple integer overflows in libstagefright in Mozilla Firefox before ...)
+CVE-2015-4496
 	- iceweasel 38.0-1
 	[jessie] - iceweasel 38.2.0esr-1~deb8u1
 	[wheezy] - iceweasel 38.2.0esr-1~deb7u1
 	[squeeze] - iceweasel <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/
-CVE-2015-4495 (The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x ...)
+CVE-2015-4495
 	- iceweasel 38.1.1esr-1
 	[jessie] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
 	[wheezy] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
@@ -13944,19 +13944,19 @@ CVE-2015-4495 (The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x
 	NOTE: for jessie: xul-ext-pdf.js binary package build was removed
 	NOTE: https://github.com/mozilla/pdf.js/commit/0b5330781c367fcbc997947adbf2bdcdf71f61bc
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1179262
-CVE-2015-4494 (Mozilla Firefox OS before 2.2 does not require the wifi-manage ...)
+CVE-2015-4494
 	NOT-FOR-US: Firefox OS
-CVE-2015-4493 (Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor ...)
+CVE-2015-4493
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
-CVE-2015-4492 (Use-after-free vulnerability in the XMLHttpRequest::Open ...)
+CVE-2015-4492
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-92/
-CVE-2015-4491 (Integer overflow in the make_filter_table function in pixops/pixops.c ...)
+CVE-2015-4491
 	{DSA-3337-2 DSA-3337-1 DLA-434-1}
 	- gdk-pixbuf 2.31.7-1
 	- gtk+2.0 2.21.5-1
@@ -13966,89 +13966,89 @@ CVE-2015-4491 (Integer overflow in the make_filter_table function in pixops/pixo
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/17/17
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-88/
 	NOTE: gtk+2.0 2.21.5-1 removed the embedded copy of gdk-pixbuf and build-depends on external gdk-pixbuf
-CVE-2015-4490 (The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in ...)
+CVE-2015-4490
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-91
-CVE-2015-4489 (The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR ...)
+CVE-2015-4489
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
-CVE-2015-4488 (Use-after-free vulnerability in the StyleAnimationValue class in ...)
+CVE-2015-4488
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
-CVE-2015-4487 (The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, ...)
+CVE-2015-4487
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
-CVE-2015-4486 (The decrease_ref_count function in libvpx in Mozilla Firefox before ...)
+CVE-2015-4486
 	- libvpx 1.4.0-1
 	[jessie] - libvpx <not-affected> (Vulnerable code not present)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present)
 	[squeeze] - libvpx <not-affected> (Vulnerable code not present)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1177948 is restricted
-CVE-2015-4485 (Heap-based buffer overflow in the resize_context_buffers function in ...)
+CVE-2015-4485
 	- libvpx 1.4.0-1
 	[jessie] - libvpx <not-affected> (Vulnerable code not present)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present)
 	[squeeze] - libvpx <not-affected> (Vulnerable code not present)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1178148 is restricted
-CVE-2015-4484 (The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript ...)
+CVE-2015-4484
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-87/
-CVE-2015-4483 (Mozilla Firefox before 40.0 allows man-in-the-middle attackers to ...)
+CVE-2015-4483
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-86/
-CVE-2015-4482 (mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ...)
+CVE-2015-4482
 	- iceweasel <not-affected> (Updater not used in Debian)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-85/
-CVE-2015-4481 (Race condition in the Mozilla Maintenance Service in Mozilla Firefox ...)
+CVE-2015-4481
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-84/
-CVE-2015-4480 (Integer overflow in the stagefright::SampleTable::isValid function in ...)
+CVE-2015-4480
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
-CVE-2015-4479 (Multiple integer overflows in libstagefright in Mozilla Firefox before ...)
+CVE-2015-4479
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
-CVE-2015-4478 (Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not ...)
+CVE-2015-4478
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-82/
-CVE-2015-4477 (Use-after-free vulnerability in the MediaStream playback feature in ...)
+CVE-2015-4477
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-81/
-CVE-2015-4476 (Mozilla Firefox before 41.0 on Android allows user-assisted remote ...)
+CVE-2015-4476
 	- iceweasel <not-affected> (Affects only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-99/
-CVE-2015-4475 (The mozilla::AudioSink function in Mozilla Firefox before 40.0 and ...)
+CVE-2015-4475
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-80/
-CVE-2015-4474 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-4474
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	- icedove <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-79/
-CVE-2015-4473 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-4473
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
@@ -14057,70 +14057,70 @@ CVE-2015-4473 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-79/
 CVE-2015-4466
 	RESERVED
-CVE-2015-4465 (Cross-site scripting (XSS) vulnerability in the zM Ajax Login &amp; ...)
+CVE-2015-4465
 	NOT-FOR-US: WordPress plugin zM Ajax Login & Register
-CVE-2015-4464 (Kguard Digital Video Recorder 104, 108, v2 does not have any ...)
+CVE-2015-4464
 	NOT-FOR-US: Kguard Digital Video Recorder
-CVE-2015-4463 (The file_manager component in eFront CMS before 3.6.15.5 allows remote ...)
+CVE-2015-4463
 	NOT-FOR-US: eFront CMS
-CVE-2015-4462 (Absolute path traversal vulnerability in the file_manager component of ...)
+CVE-2015-4462
 	NOT-FOR-US: eFront CMS
-CVE-2015-4461 (Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and ...)
+CVE-2015-4461
 	NOT-FOR-US: eFront CMS
-CVE-2015-4460 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-4460
 	NOT-FOR-US: C2Box
 CVE-2015-4459
 	RESERVED
-CVE-2015-4458 (The TLS implementation in the Cavium cryptographic-module firmware, as ...)
+CVE-2015-4458
 	NOT-FOR-US: Cisco
-CVE-2015-4603 (The exception::getTraceAsString function in Zend/zend_exceptions.c in ...)
+CVE-2015-4603
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69152 [2015-03-03 04:30 UTC]
-CVE-2015-4602 (The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c ...)
+CVE-2015-4602
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=fb83c76deec58f1fab17c350f04c9f042e5977d1
 	NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4601 (PHP before 5.6.7 might allow remote attackers to cause a denial of ...)
+CVE-2015-4601
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
 	NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4600 (The SoapClient implementation in PHP before 5.4.40, 5.5.x before ...)
+CVE-2015-4600
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
 	NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4599 (The SoapFault::__toString method in ext/soap/soap.c in PHP before ...)
+CVE-2015-4599
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69152
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=51856a76f87ecb24fe1385342be43610fb6c86e4
-CVE-2015-4598 (PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does ...)
+CVE-2015-4598
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69719
 	NOTE: Fixed in 5.6.10 and 5.4.42 upstream
-CVE-2015-4588 (Heap-based buffer overflow in the DecodeImage function in libwmf ...)
+CVE-2015-4588
 	{DSA-3302-1 DLA-253-1}
 	- libwmf 0.2.8.4-10.4 (bug #787644)
-CVE-2015-4556 (The string-translate* procedure in the data-structures unit in CHICKEN ...)
+CVE-2015-4556
 	- chicken 4.10.0-1 (bug #788833)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/15/1
-CVE-2015-2967 (Cross-site scripting (XSS) vulnerability in settings.php in Cacti ...)
+CVE-2015-2967
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	[squeeze] - cacti 0.8.7g-1+squeeze6
@@ -14129,105 +14129,105 @@ CVE-2015-2967 (Cross-site scripting (XSS) vulnerability in settings.php in Cacti
 	NOTE: Fixed upstream in 0.8.8d
 CVE-2015-4457
 	RESERVED
-CVE-2015-4456 (ownCloud Desktop Client before 1.8.2 does not call ...)
+CVE-2015-4456
 	{DSA-3363-1}
 	- owncloud-client 1.8.4+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-009
-CVE-2015-4455 (Unrestricted file upload vulnerability in includes/upload.php in the ...)
+CVE-2015-4455
 	NOT-FOR-US: WordPress plugin aviary-image-editor-add-on-for-gravity-forms
-CVE-2015-4454 (SQL injection vulnerability in the get_hash_graph_template function in ...)
+CVE-2015-4454
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7720
 	NOTE: http://bugs.cacti.net/view.php?id=2572
 	NOTE: Fixed upstream in 0.8.8d
-CVE-2015-4453 (interface/globals.php in OpenEMR 2.x, 3.x, and 4.x before 4.2.0 patch ...)
+CVE-2015-4453
 	NOT-FOR-US: OpenEMR
-CVE-2015-4452 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4452
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4451 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4451
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4450 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4450
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4449 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4449
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4448 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-4448
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4447 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4447
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4446 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4446
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4445 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4445
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4444 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4444
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4443 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4443
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4442
 	REJECTED
-CVE-2015-4441 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4441
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4440
 	REJECTED
 CVE-2015-4439
 	REJECTED
-CVE-2015-4438 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4438
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4437
 	REJECTED
 CVE-2015-4436
 	REJECTED
-CVE-2015-4435 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-4435
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4434
 	REJECTED
-CVE-2015-4433 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-4433
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4432 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and ...)
+CVE-2015-4432
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4431 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-4431
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4430 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-4430
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4429 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-4429
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4428 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-4428
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4427 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-4427
 	NOT-FOR-US: Ektron CMS
-CVE-2015-4426 (SQL injection vulnerability in pimcore before build 3473 allows remote ...)
+CVE-2015-4426
 	NOT-FOR-US: pimcore
-CVE-2015-4425 (Directory traversal vulnerability in pimcore before build 3473 allows ...)
+CVE-2015-4425
 	NOT-FOR-US: pimcore
 CVE-2015-4424
 	RESERVED
 CVE-2015-4423
 	RESERVED
-CVE-2015-4422 (The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before ...)
+CVE-2015-4422
 	NOT-FOR-US: TEEOS module in Huawei Mate 7
-CVE-2015-4421 (The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before ...)
+CVE-2015-4421
 	NOT-FOR-US: tzdriver module in Huawei Mate 7
-CVE-2015-4420 (Multiple cross-site scripting (XSS) vulnerabilities in Opsview 4.6.2 ...)
+CVE-2015-4420
 	NOT-FOR-US: Opsview
 CVE-2015-4419
 	RESERVED
-CVE-2015-4418 (Zoho NetFlow Analyzer build 10250 and earlier does not have an off ...)
+CVE-2015-4418
 	NOT-FOR-US: Zoho NetFlow Analyzer
 CVE-2015-4417
 	RESERVED
 CVE-2015-4416
 	RESERVED
-CVE-2015-4415 (Multiple directory traversal vulnerabilities in func.php in Magnifica ...)
+CVE-2015-4415
 	NOT-FOR-US: Magnifica Webscripts Anima Gallery
-CVE-2015-4414 (Directory traversal vulnerability in download_audio.php in the SE ...)
+CVE-2015-4414
 	NOT-FOR-US: WordPress plugin se-html5-album-audio-player
-CVE-2015-4413 (Cross-site scripting (XSS) vulnerability in the new_fb_sign_button ...)
+CVE-2015-4413
 	NOT-FOR-US: WordPress plugin nextend-facebook-connect
-CVE-2015-4409 (Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 ...)
+CVE-2015-4409
 	NOT-FOR-US: Hikvision
-CVE-2015-4408 (Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 ...)
+CVE-2015-4408
 	NOT-FOR-US: Hikvision
-CVE-2015-4407 (Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 ...)
+CVE-2015-4407
 	NOT-FOR-US: Hikvision
 CVE-2015-4406
 	RESERVED
@@ -14241,123 +14241,123 @@ CVE-2015-4402
 	RESERVED
 CVE-2015-4401
 	RESERVED
-CVE-2015-4400 (Ring (formerly DoorBot) video doorbells allow remote attackers to ...)
+CVE-2015-4400
 	NOT-FOR-US: Ring video doorbells
 CVE-2015-4399
 	RESERVED
-CVE-2015-4398 (Open redirect vulnerability in the Chaos tool suite (ctools) module ...)
+CVE-2015-4398
 	NOT-FOR-US: Drupal module Chaos tool suite
-CVE-2015-4397 (Cross-site request forgery (CSRF) vulnerability in the Node Template ...)
+CVE-2015-4397
 	NOT-FOR-US: Drupal module Node Template
-CVE-2015-4396 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-4396
 	NOT-FOR-US: Drupal module Keyword Research
-CVE-2015-4395 (The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal ...)
+CVE-2015-4395
 	NOT-FOR-US: Drupal module HybridAuth Social Login
-CVE-2015-4394 (The Services module 7.x-3.x before 7.x-3.12 for Drupal allows remote ...)
+CVE-2015-4394
 	NOT-FOR-US: Drupal module Services
-CVE-2015-4393 (The resource/endpoint for uploading files in the Services module ...)
+CVE-2015-4393
 	NOT-FOR-US: Drupal module Services
-CVE-2015-4392 (Cross-site scripting (XSS) vulnerability in the Display Suite module ...)
+CVE-2015-4392
 	NOT-FOR-US: Drupal module Display Suite
-CVE-2015-4391 (Cross-site request forgery (CSRF) vulnerability in the CiviCRM private ...)
+CVE-2015-4391
 	NOT-FOR-US: Drupal module CiviCRM
-CVE-2015-4390 (Multiple cross-site request forgery (CSRF) vulnerabilities in the User ...)
+CVE-2015-4390
 	NOT-FOR-US: Drupal module User Import
-CVE-2015-4389 (The Open Graph Importer (og_tag_importer) 7.x-1.x for Drupal does not ...)
+CVE-2015-4389
 	NOT-FOR-US: Drupal module Open Graph Importer
-CVE-2015-4388 (Cross-site scripting (XSS) vulnerability in the Current Search Links ...)
+CVE-2015-4388
 	NOT-FOR-US: Drupal module Current Search Links
-CVE-2015-4387 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
+CVE-2015-4387
 	NOT-FOR-US: Drupal module Password Policy
-CVE-2015-4386 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
+CVE-2015-4386
 	NOT-FOR-US: Drupal module EntityBulkDelete
-CVE-2015-4385 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
+CVE-2015-4385
 	NOT-FOR-US: Drupal module Imagefield Info
-CVE-2015-4384 (Cross-site scripting (XSS) vulnerability in the Ubercart Webform ...)
+CVE-2015-4384
 	NOT-FOR-US: Drupal module Ubercart Webform Checkout Pane
-CVE-2015-4383 (Cross-site request forgery (CSRF) vulnerability in the Decisions ...)
+CVE-2015-4383
 	NOT-FOR-US: Drupal module Decisions
-CVE-2015-4382 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-4382
 	NOT-FOR-US: Drupal module Invoice
-CVE-2015-4381 (Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x ...)
+CVE-2015-4381
 	NOT-FOR-US: Drupal module Invoice
-CVE-2015-4380 (Cross-site scripting (XSS) vulnerability in the Linear Case module ...)
+CVE-2015-4380
 	NOT-FOR-US: Drupal module Linear Case
-CVE-2015-4379 (Cross-site request forgery (CSRF) vulnerability in the Webform ...)
+CVE-2015-4379
 	NOT-FOR-US: Drupal module Webform Multiple File Upload
-CVE-2015-4378 (Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x ...)
+CVE-2015-4378
 	NOT-FOR-US: Drupal module Crumbs
-CVE-2015-4377 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
+CVE-2015-4377
 	NOT-FOR-US: Drupal module Petition
-CVE-2015-4376 (Cross-site scripting (XSS) vulnerability in the Profile2 Privacy ...)
+CVE-2015-4376
 	NOT-FOR-US: Drupal module Profile2 Privacy
-CVE-2015-4375 (The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal ...)
+CVE-2015-4375
 	NOT-FOR-US: Drupal module Chaos tool suite
-CVE-2015-4374 (Cross-site scripting (XSS) vulnerability in the Webform module before ...)
+CVE-2015-4374
 	NOT-FOR-US: Webform module for Drupal
-CVE-2015-4373 (Cross-site scripting (XSS) vulnerability in the OG tabs module before ...)
+CVE-2015-4373
 	NOT-FOR-US: Drupal module OG tabs
-CVE-2015-4372 (Cross-site scripting (XSS) vulnerability in the Image Title module ...)
+CVE-2015-4372
 	NOT-FOR-US: Drupal module Image Title
-CVE-2015-4371 (Open redirect vulnerability in the Perfecto module before 7.x-1.2 for ...)
+CVE-2015-4371
 	NOT-FOR-US: Drupal module Perfecto
-CVE-2015-4370 (Cross-site scripting (XSS) vulnerability in the Site Documentation ...)
+CVE-2015-4370
 	NOT-FOR-US: Drupal module Site Documentation
-CVE-2015-4369 (Cross-site scripting (XSS) vulnerability in the Trick Question module ...)
+CVE-2015-4369
 	NOT-FOR-US: Drupal module Trick Question
-CVE-2015-4368 (The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows ...)
+CVE-2015-4368
 	NOT-FOR-US: Drupal module Commerce Ogone
-CVE-2015-4367 (Cross-site scripting (XSS) vulnerability in the Simple Subscription ...)
+CVE-2015-4367
 	NOT-FOR-US: Drupal module Simple Subscription
-CVE-2015-4366 (Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 ...)
+CVE-2015-4366
 	NOT-FOR-US: Drupal module Mover
-CVE-2015-4365 (Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion ...)
+CVE-2015-4365
 	NOT-FOR-US: Drupal module Taxonomy Accordion
-CVE-2015-4364 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-4364
 	NOT-FOR-US: Drupal module Campaign Monitor
-CVE-2015-4363 (Open redirect vulnerability in the finder_form_goto function in the ...)
+CVE-2015-4363
 	NOT-FOR-US: Drupal module Finder
-CVE-2015-4362 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-4362
 	NOT-FOR-US: Drupal module Tracking Code
-CVE-2015-4361 (Cross-site request forgery (CSRF) vulnerability in the Registration ...)
+CVE-2015-4361
 	NOT-FOR-US: Drupal Module Registration codes
-CVE-2015-4360 (Cross-site request forgery (CSRF) vulnerability in the Registration ...)
+CVE-2015-4360
 	NOT-FOR-US: Drupal Module Registration codes
-CVE-2015-4359 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-4359
 	NOT-FOR-US: Drupal Module Registration codes
-CVE-2015-4358 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
+CVE-2015-4358
 	NOT-FOR-US: Drupal module Ubercart Display Coupons
-CVE-2015-4357 (Cross-site scripting (XSS) vulnerability in the Webform module before ...)
+CVE-2015-4357
 	NOT-FOR-US: Drupal module Webform
-CVE-2015-4356 (Cross-site scripting (XSS) vulnerability in the view-based webform ...)
+CVE-2015-4356
 	NOT-FOR-US: Drupal module Webform
-CVE-2015-4355 (Cross-site request forgery (CSRF) vulnerability in the Watchdog ...)
+CVE-2015-4355
 	NOT-FOR-US: Drupal module Watchdog Aggregator
-CVE-2015-4354 (Cross-site scripting (XSS) vulnerability in the Ubercart Webform ...)
+CVE-2015-4354
 	NOT-FOR-US: Drupal module Ubercart Webform Integration
-CVE-2015-4353 (Cross-site request forgery (CSRF) vulnerability in the Custom Sitemap ...)
+CVE-2015-4353
 	NOT-FOR-US: Drupal module Custom Sitemap
-CVE-2015-4352 (Cross-site request forgery (CSRF) vulnerability in the Spider Video ...)
+CVE-2015-4352
 	NOT-FOR-US: Drupal module Spider Video Player
-CVE-2015-4351 (The Spider Video Player module for Drupal allows remote authenticated ...)
+CVE-2015-4351
 	NOT-FOR-US: Drupal module Spider Video Player
-CVE-2015-4350 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-4350
 	NOT-FOR-US: Drupal Module Spider Catalog
-CVE-2015-4349 (Cross-site request forgery (CSRF) vulnerability in the Spider Contacts ...)
+CVE-2015-4349
 	NOT-FOR-US: Drupal Module Spider Catalog
-CVE-2015-4348 (SQL injection vulnerability in the Spider Contacts module for Drupal ...)
+CVE-2015-4348
 	NOT-FOR-US: Drupal module Spider Contacts
-CVE-2015-4347 (Cross-site scripting (XSS) vulnerability in the inLinks Integration ...)
+CVE-2015-4347
 	NOT-FOR-US: Drupal module inLinks Integration
-CVE-2015-4346 (Cross-site scripting (XSS) vulnerability in the SMS Framework module ...)
+CVE-2015-4346
 	NOT-FOR-US: Drupal module SMS Framework
-CVE-2015-4345 (The RESTWS Basic Auth submodule in the RESTful Web Services module ...)
+CVE-2015-4345
 	NOT-FOR-US: Drupal module RESTful Web Services
-CVE-2015-4344 (The Services Basic Authentication module 7.x-1.x through 7.x-1.3 for ...)
+CVE-2015-4344
 	NOT-FOR-US: Drupal module Services Basic Authentication
 CVE-2015-4343
 	RESERVED
-CVE-2015-4342 (SQL injection vulnerability in Cacti before 0.8.8d allows remote ...)
+CVE-2015-4342
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	NOTE: Original report: http://seclists.org/fulldisclosure/2015/Jun/19
@@ -14370,47 +14370,47 @@ CVE-2015-4340
 	RESERVED
 CVE-2015-4339
 	RESERVED
-CVE-2015-4334 (The default configuration of SGOS in Blue Coat ProxySG before ...)
+CVE-2015-4334
 	NOT-FOR-US: Blue Coat ProxySG
 CVE-2015-4333
 	RESERVED
 CVE-2015-4332
 	RESERVED
-CVE-2015-4331 (Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA ...)
+CVE-2015-4331
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2015-4330 (A local file script in Cisco TelePresence Video Communication Server ...)
+CVE-2015-4330
 	NOT-FOR-US: Cisco
-CVE-2015-4329 (The administrator web interface in Cisco TelePresence Video ...)
+CVE-2015-4329
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-4328 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 ...)
+CVE-2015-4328
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-4327 (The CLI in Cisco TelePresence Video Communication Server (VCS) ...)
+CVE-2015-4327
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
 CVE-2015-4326
 	RESERVED
-CVE-2015-4325 (The process-management implementation in Cisco TelePresence Video ...)
+CVE-2015-4325
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-4324 (Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware ...)
+CVE-2015-4324
 	NOT-FOR-US: Cisco
-CVE-2015-4323 (Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware ...)
+CVE-2015-4323
 	NOT-FOR-US: Cisco
-CVE-2015-4322 (Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, ...)
+CVE-2015-4322
 	NOT-FOR-US: Cisco
-CVE-2015-4321 (The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco ...)
+CVE-2015-4321
 	NOT-FOR-US: Cisco
-CVE-2015-4320 (The Configuration Log File component in Cisco TelePresence Video ...)
+CVE-2015-4320
 	NOT-FOR-US: Cisco
-CVE-2015-4319 (The password-change feature in the administrative web interface in ...)
+CVE-2015-4319
 	NOT-FOR-US: Cisco
-CVE-2015-4318 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 ...)
+CVE-2015-4318
 	NOT-FOR-US: Cisco
-CVE-2015-4317 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 ...)
+CVE-2015-4317
 	NOT-FOR-US: Cisco
-CVE-2015-4316 (The Mobile and Remote Access (MRA) endpoint-validation feature in ...)
+CVE-2015-4316
 	NOT-FOR-US: Cisco
-CVE-2015-4315 (The Call Policy Configuration page in Cisco TelePresence Video ...)
+CVE-2015-4315
 	NOT-FOR-US: Cisco
-CVE-2015-4314 (The System Snapshot feature in Cisco TelePresence Video Communication ...)
+CVE-2015-4314
 	NOT-FOR-US: Cisco
 CVE-2015-4313
 	RESERVED
@@ -14418,123 +14418,123 @@ CVE-2015-4312
 	RESERVED
 CVE-2015-4311
 	RESERVED
-CVE-2015-4310 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse ...)
+CVE-2015-4310
 	NOT-FOR-US: Cisco
 CVE-2015-4309
 	RESERVED
-CVE-2015-4308 (The webGUI configuration-export feature in Cisco Edge Bluebird ...)
+CVE-2015-4308
 	NOT-FOR-US: Cisco
-CVE-2015-4307 (The web framework in Cisco Prime Collaboration Provisioning before ...)
+CVE-2015-4307
 	NOT-FOR-US: Cisco Prime Collaboration Provisioning
-CVE-2015-4306 (The web framework in Cisco Prime Collaboration Assurance before ...)
+CVE-2015-4306
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-4305 (The web framework in Cisco Prime Collaboration Assurance before ...)
+CVE-2015-4305
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-4304 (The web framework in Cisco Prime Collaboration Assurance before ...)
+CVE-2015-4304
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-4303 (Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows ...)
+CVE-2015-4303
 	NOT-FOR-US: Cisco
-CVE-2015-4302 (The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows ...)
+CVE-2015-4302
 	NOT-FOR-US: Cisco
-CVE-2015-4301 (Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated ...)
+CVE-2015-4301
 	NOT-FOR-US: Cisco
 CVE-2015-4300
 	REJECTED
-CVE-2015-4299 (Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly ...)
+CVE-2015-4299
 	NOT-FOR-US: Cisco
-CVE-2015-4298 (Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) ...)
+CVE-2015-4298
 	NOT-FOR-US: Cisco
-CVE-2015-4297 (Open redirect vulnerability in Cisco WebEx Node for Media Convergence ...)
+CVE-2015-4297
 	NOT-FOR-US: Cisco
-CVE-2015-4296 (Nexus Data Broker (NDB) on Cisco Nexus 3000 devices with software ...)
+CVE-2015-4296
 	NOT-FOR-US: Cisco
-CVE-2015-4295 (The Prime Collaboration Deployment component in Cisco Unified ...)
+CVE-2015-4295
 	NOT-FOR-US: Cisco
-CVE-2015-4294 (Cross-site scripting (XSS) vulnerability in Cisco IM and Presence ...)
+CVE-2015-4294
 	NOT-FOR-US: Cisco
-CVE-2015-4293 (The packet-reassembly implementation in Cisco IOS XE 3.13S and earlier ...)
+CVE-2015-4293
 	NOT-FOR-US: Cisco
-CVE-2015-4292 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2015-4292
 	NOT-FOR-US: Cisco
-CVE-2015-4291 (Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 ...)
+CVE-2015-4291
 	NOT-FOR-US: Cisco
-CVE-2015-4290 (The kernel extension in Cisco AnyConnect Secure Mobility Client ...)
+CVE-2015-4290
 	NOT-FOR-US: Cisco
-CVE-2015-4289 (Directory traversal vulnerability in Cisco AnyConnect Secure Mobility ...)
+CVE-2015-4289
 	NOT-FOR-US: Cisco
-CVE-2015-4288 (The LDAP implementation on the Cisco Web Security Appliance (WSA) ...)
+CVE-2015-4288
 	NOT-FOR-US: Cisco
-CVE-2015-4287 (Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower ...)
+CVE-2015-4287
 	NOT-FOR-US: Cisco
-CVE-2015-4286 (The web framework in Cisco UCS Central Software 1.3(0.99) allows ...)
+CVE-2015-4286
 	NOT-FOR-US: Cisco
-CVE-2015-4285 (The Local Packet Transport Services (LPTS) implementation in Cisco IOS ...)
+CVE-2015-4285
 	NOT-FOR-US: Cisco
-CVE-2015-4284 (The Concurrent Data Management Replication process in Cisco IOS XR ...)
+CVE-2015-4284
 	NOT-FOR-US: Cisco
-CVE-2015-4283 (Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows remote ...)
+CVE-2015-4283
 	NOT-FOR-US: Cisco
-CVE-2015-4282 (Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak ...)
+CVE-2015-4282
 	NOT-FOR-US: Cisco
-CVE-2015-4281 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
+CVE-2015-4281
 	NOT-FOR-US: Cisco
-CVE-2015-4280 (Cisco Prime Collaboration Assurance 10.0 allows remote attackers to ...)
+CVE-2015-4280
 	NOT-FOR-US: Cisco
-CVE-2015-4279 (The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) ...)
+CVE-2015-4279
 	NOT-FOR-US: Cisco
-CVE-2015-4278 (Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 ...)
+CVE-2015-4278
 	NOT-FOR-US: Cisco
-CVE-2015-4277 (The global-configuration implementation on Cisco ASR 9000 devices with ...)
+CVE-2015-4277
 	NOT-FOR-US: Cisco
-CVE-2015-4276 (Cisco WebEx Meetings Server 2.5MR1 allows remote authenticated users ...)
+CVE-2015-4276
 	NOT-FOR-US: Cisco
-CVE-2015-4275 (The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 ...)
+CVE-2015-4275
 	NOT-FOR-US: Cisco
-CVE-2015-4274 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2015-4274
 	NOT-FOR-US: Cisco
-CVE-2015-4273 (The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 ...)
+CVE-2015-4273
 	NOT-FOR-US: Cisco
-CVE-2015-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page ...)
+CVE-2015-4272
 	NOT-FOR-US: Cisco
-CVE-2015-4271 (Cisco TelePresence TC before 7.3.4 on Integrator C devices allows ...)
+CVE-2015-4271
 	NOT-FOR-US: Cisco
-CVE-2015-4270 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT ...)
+CVE-2015-4270
 	NOT-FOR-US: Cisco
-CVE-2015-4269 (The Tomcat throttling feature in Cisco Unified Communications Manager ...)
+CVE-2015-4269
 	NOT-FOR-US: Cisco
-CVE-2015-4268 (Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin ...)
+CVE-2015-4268
 	NOT-FOR-US: Cisco
-CVE-2015-4267 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+CVE-2015-4267
 	NOT-FOR-US: Cisco
-CVE-2015-4266 (The web interface in Cisco Identity Services Engine (ISE) 1.1(4.1), ...)
+CVE-2015-4266
 	NOT-FOR-US: Cisco
-CVE-2015-4265 (Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x ...)
+CVE-2015-4265
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2015-4264
 	RESERVED
-CVE-2015-4263 (The Control and Provisioning functionality in Cisco Mobility Services ...)
+CVE-2015-4263
 	NOT-FOR-US: Cisco
-CVE-2015-4262 (The password-change feature in Cisco Unified MeetingPlace Web ...)
+CVE-2015-4262
 	NOT-FOR-US: Cisco Unified MeetingPlace
 CVE-2015-4261
 	REJECTED
-CVE-2015-4260 (Cross-site scripting (XSS) vulnerability in Cisco Hosted Collaboration ...)
+CVE-2015-4260
 	NOT-FOR-US: Cisco
-CVE-2015-4259 (The Integrated Management Controller on Cisco Unified Computing System ...)
+CVE-2015-4259
 	NOT-FOR-US: Cisco
-CVE-2015-4258 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ...)
+CVE-2015-4258
 	NOT-FOR-US: Cisco
-CVE-2015-4257 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ...)
+CVE-2015-4257
 	NOT-FOR-US: Cisco
-CVE-2015-4256 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ...)
+CVE-2015-4256
 	NOT-FOR-US: Cisco
-CVE-2015-4255 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ...)
+CVE-2015-4255
 	NOT-FOR-US: Cisco
-CVE-2015-4254 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ...)
+CVE-2015-4254
 	NOT-FOR-US: Cisco
-CVE-2015-4253 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ...)
+CVE-2015-4253
 	NOT-FOR-US: Cisco
-CVE-2015-4252 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ...)
+CVE-2015-4252
 	NOT-FOR-US: Cisco
 CVE-2015-4251
 	REJECTED
@@ -14550,150 +14550,150 @@ CVE-2015-4246
 	REJECTED
 CVE-2015-4245
 	REJECTED
-CVE-2015-4244 (The boot implementation on Cisco ASR 5000 and 5500 devices with ...)
+CVE-2015-4244
 	NOT-FOR-US: Cisco
-CVE-2015-4243 (The PPPoE establishment implementation in Cisco IOS XE 3.5.0S on ASR ...)
+CVE-2015-4243
 	NOT-FOR-US: Cisco
-CVE-2015-4242 (Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT ...)
+CVE-2015-4242
 	NOT-FOR-US: Cisco
-CVE-2015-4241 (Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote ...)
+CVE-2015-4241
 	NOT-FOR-US: Cisco
-CVE-2015-4240 (Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial ...)
+CVE-2015-4240
 	NOT-FOR-US: Cisco
-CVE-2015-4239 (Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and ...)
+CVE-2015-4239
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-4238 (The SNMP implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2015-4238
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-4237 (The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), ...)
+CVE-2015-4237
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4236 (Cisco AsyncOS on Email Security Appliance (ESA) devices with software ...)
+CVE-2015-4236
 	NOT-FOR-US: Cisco
-CVE-2015-4235 (Cisco Application Policy Infrastructure Controller (APIC) devices with ...)
+CVE-2015-4235
 	NOT-FOR-US: Cisco Application Policy Infrastructure Controller
-CVE-2015-4234 (Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS ...)
+CVE-2015-4234
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4233 (SQL injection vulnerability in Cisco Unified MeetingPlace 8.6(1.2) ...)
+CVE-2015-4233
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-4232 (Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users ...)
+CVE-2015-4232
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4231 (The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices ...)
+CVE-2015-4231
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4230 (Memory leak in Cisco Headend System Release allows remote attackers to ...)
+CVE-2015-4230
 	NOT-FOR-US: Cisco
-CVE-2015-4229 (The web framework in Cisco Unified Communications Domain Manager ...)
+CVE-2015-4229
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2015-4228 (Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad ...)
+CVE-2015-4228
 	NOT-FOR-US: Cisco Digital Content Manager
-CVE-2015-4227 (Memory leak in Cisco Headend System Release allows remote attackers to ...)
+CVE-2015-4227
 	NOT-FOR-US: Cisco
-CVE-2015-4226 (The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) ...)
+CVE-2015-4226
 	NOT-FOR-US: Cisco
-CVE-2015-4225 (Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) ...)
+CVE-2015-4225
 	NOT-FOR-US: Cisco
-CVE-2015-4224 (Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) ...)
+CVE-2015-4224
 	NOT-FOR-US: Cisco
-CVE-2015-4223 (Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of ...)
+CVE-2015-4223
 	NOT-FOR-US: Cisco
-CVE-2015-4222 (SQL injection vulnerability in Cisco Unified Communications Manager IM ...)
+CVE-2015-4222
 	NOT-FOR-US: Cisco
-CVE-2015-4221 (Cisco Unified Communications Manager IM and Presence Service 9.1(1) ...)
+CVE-2015-4221
 	NOT-FOR-US: Cisco
-CVE-2015-4220 (Cross-site scripting (XSS) vulnerability in Cisco Unified Presence ...)
+CVE-2015-4220
 	NOT-FOR-US: Cisco
-CVE-2015-4219 (Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before ...)
+CVE-2015-4219
 	NOT-FOR-US: Cisco
-CVE-2015-4218 (The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 ...)
+CVE-2015-4218
 	NOT-FOR-US: Cisco Jabber
-CVE-2015-4217 (The remote-support feature on Cisco Web Security Virtual Appliance ...)
+CVE-2015-4217
 	NOT-FOR-US: Cisco
-CVE-2015-4216 (The remote-support feature on Cisco Web Security Virtual Appliance ...)
+CVE-2015-4216
 	NOT-FOR-US: Cisco
-CVE-2015-4215 (Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) ...)
+CVE-2015-4215
 	NOT-FOR-US: Cisco
-CVE-2015-4214 (Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote ...)
+CVE-2015-4214
 	NOT-FOR-US: Cisco
-CVE-2015-4213 (Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated ...)
+CVE-2015-4213
 	NOT-FOR-US: Cisco
-CVE-2015-4212 (Cisco WebEx Meeting Center allows remote attackers to obtain sensitive ...)
+CVE-2015-4212
 	NOT-FOR-US: Cisco
-CVE-2015-4211 (Cisco AnyConnect Secure Mobility Client 3.1(60) on Windows does not ...)
+CVE-2015-4211
 	NOT-FOR-US: Cisco
-CVE-2015-4210 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center ...)
+CVE-2015-4210
 	NOT-FOR-US: Cisco
-CVE-2015-4209 (Cisco WebEx Meeting Center does not properly determine authorization ...)
+CVE-2015-4209
 	NOT-FOR-US: Cisco
-CVE-2015-4208 (Cisco WebEx Meeting Center does not properly restrict the content of ...)
+CVE-2015-4208
 	NOT-FOR-US: Cisco
-CVE-2015-4207 (Cisco WebEx Meeting Center places a meeting's access number in a URL, ...)
+CVE-2015-4207
 	NOT-FOR-US: Cisco
-CVE-2015-4206 (Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows ...)
+CVE-2015-4206
 	NOT-FOR-US: Cisco
-CVE-2015-4205 (Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to ...)
+CVE-2015-4205
 	NOT-FOR-US: Cisco
-CVE-2015-4204 (Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) ...)
+CVE-2015-4204
 	NOT-FOR-US: Cisco
-CVE-2015-4203 (Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine ...)
+CVE-2015-4203
 	NOT-FOR-US: Cisco
-CVE-2015-4202 (Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems ...)
+CVE-2015-4202
 	NOT-FOR-US: Cisco
-CVE-2015-4201 (The Gateway General Packet Radio Service Support Node (GGSN) component ...)
+CVE-2015-4201
 	NOT-FOR-US: Cisco
-CVE-2015-4200 (Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in ...)
+CVE-2015-4200
 	NOT-FOR-US: Cisco IOS
-CVE-2015-4199 (Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in ...)
+CVE-2015-4199
 	NOT-FOR-US: Cisco
-CVE-2015-4198 (Cross-site scripting (XSS) vulnerability in the web framework on Cisco ...)
+CVE-2015-4198
 	NOT-FOR-US: Cisco
-CVE-2015-4197 (Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to ...)
+CVE-2015-4197
 	NOT-FOR-US: Cisco
-CVE-2015-4196 (Platform Software before 4.4.5 in Cisco Unified Communications Domain ...)
+CVE-2015-4196
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2015-4195 (Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a ...)
+CVE-2015-4195
 	NOT-FOR-US: Cisco
-CVE-2015-4194 (The web-based administrative interface in Cisco WebEx Meeting Center ...)
+CVE-2015-4194
 	NOT-FOR-US: Cisco
 CVE-2015-4193
 	RESERVED
 CVE-2015-4192
 	RESERVED
-CVE-2015-4191 (Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of ...)
+CVE-2015-4191
 	NOT-FOR-US: Cisco
-CVE-2015-4190 (Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on ...)
+CVE-2015-4190
 	NOT-FOR-US: Cisco
-CVE-2015-4189 (Cross-site request forgery (CSRF) vulnerability in Cisco Data Center ...)
+CVE-2015-4189
 	NOT-FOR-US: Cisco
-CVE-2015-4188 (SQL injection vulnerability in the Manager interface in Cisco Prime ...)
+CVE-2015-4188
 	NOT-FOR-US: Cisco
 CVE-2015-4187
 	RESERVED
-CVE-2015-4186 (The diagnostics subsystem in the administrative web interface on Cisco ...)
+CVE-2015-4186
 	NOT-FOR-US: Cisco
-CVE-2015-4185 (The TCL interpreter in Cisco IOS 15.2 does not properly maintain the ...)
+CVE-2015-4185
 	NOT-FOR-US: Cisco IOS
-CVE-2015-4184 (The anti-spam scanner on Cisco Email Security Appliance (ESA) devices ...)
+CVE-2015-4184
 	NOT-FOR-US: Cisco Email Security Appliance
-CVE-2015-4183 (Cisco UCS Central Software 1.2(1a) allows local users to gain ...)
+CVE-2015-4183
 	NOT-FOR-US: Cisco
-CVE-2015-4182 (The administrative web interface in Cisco Identity Services Engine ...)
+CVE-2015-4182
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2015-4181 (Directory traversal vulnerability in get_file.php in phpMyBackupPro ...)
+CVE-2015-4181
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-4180 (Directory traversal vulnerability in get_file.php in phpMyBackupPro ...)
+CVE-2015-4180
 	NOT-FOR-US: phpMyBackupPro
 CVE-2015-4175
 	RESERVED
-CVE-2015-4174 (Cross-site scripting (XSS) vulnerability in the integrated web server ...)
+CVE-2015-4174
 	NOT-FOR-US: Siemens Climatix BACnet/IP communication module
-CVE-2015-4173 (Unquoted Windows search path vulnerability in the autorun value in ...)
+CVE-2015-4173
 	NOT-FOR-US: Dell SonicWall NetExtender
-CVE-2015-4692 (The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux ...)
+CVE-2015-4692
 	- linux 4.0.8-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u3
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/10/6
 	NOTE: Vulnerable function introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=66450a21f99636af4fafac2afd33f1a40631bc3a (v3.10-rc1)
-CVE-2015-4625 (Integer overflow in the authentication_agent_new_cookie function in ...)
+CVE-2015-4625
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-12 (low; bug #796134)
 	[jessie] - policykit-1 0.105-15~deb8u1
@@ -14707,7 +14707,7 @@ CVE-2015-4625 (Integer overflow in the authentication_agent_new_cookie function
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=ea544ffc18405237ccd95d28d7f45afef49aca17
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=493aa5dc1d278ab9097110c1262f5229bbaf1766
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=fb5076b7c05d01a532d593a4079a29cf2d63a228
-CVE-2015-4412 (BSON injection vulnerability in the legal? function in BSON ...)
+CVE-2015-4412
 	- ruby-bson <not-affected> (corresponding change in ruby-bson not present)
 	NOTE: Originating from  https://github.com/mongodb/bson-ruby/commit/21141c78d99f23d5f34d32010557ef19d0f77203#diff-8c8558c185bbb548ccb5a6d6ac4bfee5L219
 CVE-2015-4411 [ruby-bson: DoS and possible injection, with bernerdschaefer 2012-04-17 commit]
@@ -14723,13 +14723,13 @@ CVE-2015-4410 [ruby-bson: DoS and possible injection]
 	NOTE: http://sakurity.com/blog/2015/06/04/mongo_ruby_regexp.html
 	NOTE: https://sources.debian.org/src/ruby-bson/1.10.0-1/lib/bson/types/object_id.rb/#L54
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/06/1
-CVE-2015-4338 (Static code injection vulnerability in the XCloner plugin 3.1.2 for ...)
+CVE-2015-4338
 	NOT-FOR-US: WordPress plugin xclonerbackupandrestore
-CVE-2015-4337 (Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 ...)
+CVE-2015-4337
 	NOT-FOR-US: WordPress plugin xclonerbackupandrestore
-CVE-2015-4336 (cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows ...)
+CVE-2015-4336
 	NOT-FOR-US: WordPress plugin xclonerbackupandrestore
-CVE-2015-4335 (Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to ...)
+CVE-2015-4335
 	{DSA-3279-1}
 	- redis 2:3.0.2-1
 	[wheezy] - redis <not-affected> (Lua support introduced in version 2.6.0)
@@ -14743,28 +14743,28 @@ CVE-2015-XXXX [Null pointer access in inflatehd tool]
 	NOTE: Git commit: https://github.com/tatsuhiro-t/nghttp2/commit/3572e7c6343cb85fc21f5667a7ed0902cf5305cf
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/03/20
 	NOTE: inflatehd not installed into the Debian binary packages
-CVE-2015-5523 (The ParseValue function in lexer.c in tidy before 4.9.31 allows remote ...)
+CVE-2015-5523
 	{DSA-3309-1 DLA-273-1}
 	- tidy 20091223cvs-1.5 (bug #792571)
 	NOTE: https://github.com/htacg/tidy-html5/issues/217#issuecomment-108565501
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/04/2
-CVE-2015-5522 (Heap-based buffer overflow in the ParseValue function in lexer.c in ...)
+CVE-2015-5522
 	{DSA-3309-1 DLA-273-1}
 	- tidy 20091223cvs-1.5 (bug #792571)
 	NOTE: https://github.com/htacg/tidy-html5/issues/217
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/04/2
 CVE-2015-6593
 	REJECTED
-CVE-2015-4179 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-4179
 	NOT-FOR-US: WordPress plugin codestyling-localization
-CVE-2015-4176 (fs/namespace.c in the Linux kernel before 4.0.2 does not properly ...)
+CVE-2015-4176
 	- linux <not-affected> (Introducing commit was applied to 4.0.2 but e0c9c0afd2fc958ffa34b697972721d81df8a56f as well backported into 4.0.2)
 	- linux-2.6 <not-affected> (Introduced and fixed in 4.1-rc1 upstream)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce07d891a0891d3c0d0c2d73d577490486b809e1 (v4.1-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e0c9c0afd2fc958ffa34b697972721d81df8a56f (v4.1-rc1)
 CVE-2015-4172
 	RESERVED
-CVE-2015-4171 (strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client ...)
+CVE-2015-4171
 	{DSA-3282-1 DLA-244-1}
 	- strongswan 5.3.1-1
 	NOTE: https://www.strongswan.org/blog/2015/06/08/strongswan-vulnerability-(cve-2015-4171).html
@@ -14772,51 +14772,51 @@ CVE-2015-4169
 	RESERVED
 CVE-2015-4168
 	RESERVED
-CVE-2015-4166 (Cloudera Key Trustee Server before 5.4.3 does not store keys ...)
+CVE-2015-4166
 	NOT-FOR-US: Cloudera
-CVE-2015-4165 (The snapshot API in Elasticsearch before 1.6.0 when another ...)
+CVE-2015-4165
 	- elasticsearch 1.6.0+dfsg-1 (bug #788471)
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)
 	NOTE: https://github.com/elastic/elasticsearch/issues/11068
 	NOTE: https://github.com/elastic/elasticsearch/pull/11284
 	NOTE: https://github.com/imotov/elasticsearch/commit/f5cfb2a1869d1a52930cbd3138278a6e2c1b22e6
-CVE-2015-4164 (The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way ...)
+CVE-2015-4164
 	{DSA-3286-1}
 	- xen 4.6.0-1 (bug #795721)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-136.html
-CVE-2015-4163 (GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the ...)
+CVE-2015-4163
 	{DSA-3286-1}
 	- xen 4.6.0-1 (bug #795721)
 	[wheezy] - xen <not-affected> (Xen 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen 4.2 onwards are vulnerable)
 	NOTE: http://xenbits.xen.org/xsa/advisory-134.html
-CVE-2015-4162 (XML external entity (XXE) vulnerability in the management interface in ...)
+CVE-2015-4162
 	NOT-FOR-US: PAN-OS
-CVE-2015-4161 (SAP Afaria does not properly restrict access to unspecified ...)
+CVE-2015-4161
 	NOT-FOR-US: SAP Afaria
-CVE-2015-4160 (SQL injection vulnerability in SAP ASE Database Platform allows remote ...)
+CVE-2015-4160
 	NOT-FOR-US: SAP ASE Database Platform
-CVE-2015-4159 (SQL injection vulnerability in SAP HANA Web-based Development ...)
+CVE-2015-4159
 	NOT-FOR-US: SAP HANA
-CVE-2015-4158 (SAP ABAP &amp; Java Server allows remote attackers to cause a denial of ...)
+CVE-2015-4158
 	NOT-FOR-US: SAP ABAP & Java Server
-CVE-2015-4157 (SAP Content Server allows remote attackers to cause a denial of ...)
+CVE-2015-4157
 	NOT-FOR-US: SAP Content Server
-CVE-2015-4156 (GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) ...)
+CVE-2015-4156
 	- parallel 20161222-1 (unimportant; bug #787954)
 	NOTE: https://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
 	NOTE: https://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-4155 (GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) ...)
+CVE-2015-4155
 	- parallel 20161222-1 (unimportant; bug #787954)
 	NOTE: https://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
 	NOTE: Not exploitable with kernel hardening since wheezy
 CVE-2015-4154
 	RESERVED
-CVE-2015-4153 (Directory traversal vulnerability in the zM Ajax Login &amp; Register ...)
+CVE-2015-4153
 	NOT-FOR-US: WordPress plugin zm-ajax-login-register
-CVE-2015-4152 (Directory traversal vulnerability in the file output plugin in ...)
+CVE-2015-4152
 	- logstash <itp> (bug #664841)
 CVE-2015-4151
 	RESERVED
@@ -14824,13 +14824,13 @@ CVE-2015-4150
 	RESERVED
 CVE-2015-4149
 	RESERVED
-CVE-2015-4138 (The WebUI component in Blue Coat SSL Visibility Appliance SV800, ...)
+CVE-2015-4138
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-4137 (SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 ...)
+CVE-2015-4137
 	NOT-FOR-US: Milw0rm Clone Script
 CVE-2015-4136
 	RESERVED
-CVE-2015-5366 (The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux ...)
+CVE-2015-5366
 	{DSA-3313-1 DLA-310-1}
 	- linux 4.0.7-1
 	[wheezy] - linux 3.2.68-1+deb7u3
@@ -14838,7 +14838,7 @@ CVE-2015-5366 (The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 (v4.1-rc7)
 	NOTE: http://web.archive.org/web/20160309082241/https://twitter.com/grsecurity/status/605854034260426753
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/30/13
-CVE-2015-5364 (The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux ...)
+CVE-2015-5364
 	{DSA-3313-1 DLA-310-1}
 	- linux 4.0.7-1
 	[wheezy] - linux 3.2.68-1+deb7u3
@@ -14850,23 +14850,23 @@ CVE-2015-XXXX [uudecode: stack out of bounds read access]
 	- sharutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/02/8
-CVE-2015-4167 (The udf_read_inode function in fs/udf/inode.c in the Linux kernel ...)
+CVE-2015-4167
 	{DSA-3313-1 DSA-3290-1 DLA-246-1}
 	- linux 4.0.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23b133bdc452aa441fcb9b82cbf6dd05cfd342d0 (v4.0-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/6
-CVE-2015-4140 (Cross-site request forgery (CSRF) vulnerability in the WP Smiley ...)
+CVE-2015-4140
 	NOT-FOR-US: WordPress plugin wp-smiley
-CVE-2015-4139 (Cross-site scripting (XSS) vulnerability in smilies4wp.php in the WP ...)
+CVE-2015-4139
 	NOT-FOR-US: WordPress plugin wp-smiley
-CVE-2015-4135 (Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 ...)
+CVE-2015-4135
 	NOT-FOR-US: PHPWind
-CVE-2015-4134 (Open redirect vulnerability in goto.php in phpwind 8.7 allows remote ...)
+CVE-2015-4134
 	NOT-FOR-US: PHPWind
-CVE-2015-4133 (Unrestricted file upload vulnerability in ...)
+CVE-2015-4133
 	NOT-FOR-US: ReFlex Gallery plugin for WordPress
-CVE-2015-4132 (Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ...)
+CVE-2015-4132
 	NOT-FOR-US: Aruba Networks CPPM
 CVE-2015-4131
 	RESERVED
@@ -14875,13 +14875,13 @@ CVE-2015-4130 [command-injection]
 	NOT-FOR-US: NodeJS ungit
 	NOTE: https://github.com/FredrikNoren/ungit/issues/486
 	NOTE: https://nodesecurity.io/advisories/40
-CVE-2015-4129 (SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote ...)
+CVE-2015-4129
 	NOT-FOR-US: Subrion CMS
 CVE-2015-4128
 	RESERVED
-CVE-2015-4127 (Cross-site scripting (XSS) vulnerability in the church_admin plugin ...)
+CVE-2015-4127
 	NOT-FOR-US: church_admin plugin for WordPress
-CVE-2015-4178 (The fs_pin implementation in the Linux kernel before 4.0.5 does not ...)
+CVE-2015-4178
 	- linux <not-affected> (Commit was applied to 4.0.2 as well but fixed in Debian by two subsequent commits)
 	NOTE: Debian both applies "mnt: Fail collect_mounts when applied to unmounted mounts"
 	NOTE: and "fs_pin: Allow for the possibility that m_list or s_list go unused." in
@@ -14890,7 +14890,7 @@ CVE-2015-4178 (The fs_pin implementation in the Linux kernel before 4.0.5 does n
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce07d891a0891d3c0d0c2d73d577490486b809e1 (v4.1-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 (v4.1-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/29/5
-CVE-2015-4177 (The collect_mounts function in fs/namespace.c in the Linux kernel ...)
+CVE-2015-4177
 	- linux <not-affected> (Commit was applied to 4.0.2 as well but fixed in Debian by two subsequent commits)
 	NOTE: Debian both applies "mnt: Fail collect_mounts when applied to unmounted mounts"
 	NOTE: and "fs_pin: Allow for the possibility that m_list or s_list go unused." in
@@ -14913,13 +14913,13 @@ CVE-2015-4121
 	RESERVED
 CVE-2015-4120
 	RESERVED
-CVE-2015-4119 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-4119
 	NOT-FOR-US: ISPConfig
-CVE-2015-4118 (SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig ...)
+CVE-2015-4118
 	NOT-FOR-US: ISPConfig
-CVE-2015-4117 (Vesta Control Panel before 0.9.8-14 allows remote authenticated users ...)
+CVE-2015-4117
 	NOT-FOR-US: Vesta Control Panel
-CVE-2015-4116 (Use-after-free vulnerability in the spl_ptr_heap_insert function in ...)
+CVE-2015-4116
 	- php5 5.6.11+dfsg-1 (unimportant)
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	NOTE: https://bugs.php.net/bug.php?id=69737
@@ -14931,19 +14931,19 @@ CVE-2015-4114
 	RESERVED
 CVE-2015-4113
 	RESERVED
-CVE-2015-4112 (The Management Console in BlackBerry Enterprise Server (BES) 12 before ...)
+CVE-2015-4112
 	NOT-FOR-US: BlackBerry
-CVE-2015-4111 (mc_demux_mp4_ds.ax in an unspecified third-party codec demux in ...)
+CVE-2015-4111
 	NOT-FOR-US: BlackBerry
 CVE-2015-4110
 	RESERVED
-CVE-2015-4109 (Multiple SQL injection vulnerabilities in the ratings module in the ...)
+CVE-2015-4109
 	NOT-FOR-US: WordPress plugin users-ultra
-CVE-2015-4108 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wing FTP ...)
+CVE-2015-4108
 	NOT-FOR-US: Wing FTP Server
 CVE-2015-4107
 	RESERVED
-CVE-2015-4106 (QEMU does not properly restrict write access to the PCI config space ...)
+CVE-2015-4106
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14953,7 +14953,7 @@ CVE-2015-4106 (QEMU does not properly restrict write access to the PCI config sp
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-131.html
-CVE-2015-4105 (Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through ...)
+CVE-2015-4105
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14963,7 +14963,7 @@ CVE-2015-4105 (Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-throug
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-130.html
-CVE-2015-4104 (Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI ...)
+CVE-2015-4104
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14973,7 +14973,7 @@ CVE-2015-4104 (Xen 3.3.x through 4.5.x does not properly restrict access to PCI
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-129.html
-CVE-2015-4103 (Xen 3.3.x through 4.5.x does not properly restrict write access to the ...)
+CVE-2015-4103
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14987,7 +14987,7 @@ CVE-2015-4102
 	RESERVED
 CVE-2015-4101
 	RESERVED
-CVE-2015-4100 (Puppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated ...)
+CVE-2015-4100
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: https://puppet.com/security/cve/CVE-2015-4100
 CVE-2015-4099
@@ -15000,17 +15000,17 @@ CVE-2015-4096
 	RESERVED
 CVE-2015-4095
 	RESERVED
-CVE-2015-4094 (The Thycotic Password Manager Secret Server application through 2.3 ...)
+CVE-2015-4094
 	NOT-FOR-US: Thycotic Password Manager Secret Server application for iOS
-CVE-2015-4093 (Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x ...)
+CVE-2015-4093
 	- kibana <itp> (bug #700337)
-CVE-2015-4092 (Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 ...)
+CVE-2015-4092
 	NOT-FOR-US: SAP Afaria
-CVE-2015-4091 (XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 ...)
+CVE-2015-4091
 	NOT-FOR-US: SAP NetWeaver AS Java
 CVE-2015-4090
 	RESERVED
-CVE-2015-4089 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-4089
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-4088
 	RESERVED
@@ -15018,53 +15018,53 @@ CVE-2015-4087
 	RESERVED
 CVE-2015-4086
 	RESERVED
-CVE-2015-4084 (Cross-site scripting (XSS) vulnerability in the Free Counter plugin ...)
+CVE-2015-4084
 	NOT-FOR-US: Free Counter plugin for WordPress
 CVE-2015-4083
 	RESERVED
 CVE-2015-4081
 	RESERVED
-CVE-2015-4080 (The Kankun Smart Socket device and mobile application uses a hardcoded ...)
+CVE-2015-4080
 	NOT-FOR-US: Kankun Smart Socket device and mobile application
 CVE-2015-4079
 	RESERVED
-CVE-2015-4078 (Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include ...)
+CVE-2015-4078
 	NOT-FOR-US: Cloudera
-CVE-2015-4077 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) ...)
+CVE-2015-4077
 	NOT-FOR-US: Fortinet
 CVE-2015-4076
 	RESERVED
-CVE-2015-4075 (The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote ...)
+CVE-2015-4075
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4074 (Directory traversal vulnerability in the Helpdesk Pro plugin before ...)
+CVE-2015-4074
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4073 (Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin ...)
+CVE-2015-4073
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4072 (Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk ...)
+CVE-2015-4072
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4071 (The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote ...)
+CVE-2015-4071
 	NOT-FOR-US: Helpdesk Pro Plugin for Joomla!
-CVE-2015-4070 (Open redirect vulnerability in the proxyimages function in ...)
+CVE-2015-4070
 	NOT-FOR-US: Wow Moodboard Lite
-CVE-2015-4069 (The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 ...)
+CVE-2015-4069
 	NOT-FOR-US: EdgeServiceImpl web service in Arcserve UDP
-CVE-2015-4068 (Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 ...)
+CVE-2015-4068
 	NOT-FOR-US: Arcserve UDP
-CVE-2015-4067 (Integer overflow in the libnv6 module in Dell NetVault Backup before ...)
+CVE-2015-4067
 	NOT-FOR-US: Dell NetVault Backup
-CVE-2015-4066 (Multiple SQL injection vulnerabilities in admin/handlers.php in the ...)
+CVE-2015-4066
 	NOT-FOR-US: GigPress plugin for WordPress
 CVE-2015-4061
 	RESERVED
-CVE-2015-4060 (Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) ...)
+CVE-2015-4060
 	NOT-FOR-US: Wavelink ConnectPro
-CVE-2015-4059 (Heap-based buffer overflow in the License Server (LicenseServer.exe) ...)
+CVE-2015-4059
 	NOT-FOR-US: Wavelink Terminal Emulation
 CVE-2015-4058
 	REJECTED
-CVE-2015-4057 (The &quot;Plug-in for VMware vCenter&quot; in VCE Vision Intelligent Operations ...)
+CVE-2015-4057
 	NOT-FOR-US: VCE Vision Intelligent Operations
-CVE-2015-4056 (The System Library in VCE Vision Intelligent Operations before 2.6.5 ...)
+CVE-2015-4056
 	NOT-FOR-US: VCE Vision Intelligent Operations
 CVE-2015-4055
 	RESERVED
@@ -15074,32 +15074,32 @@ CVE-2015-XXXX [hwclock(8) SUID privilege escalation]
 	NOTE: hwclock is not installed suid in Debian
 	NOTE: https://github.com/karelzak/util-linux/commit/687cc5d58942b24a9f4013c68876d8cbea907ab1
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/26/10
-CVE-2015-4082 (attic before 0.15 does not confirm unencrypted backups with the user, ...)
+CVE-2015-4082
 	- attic 0.16-1 (bug #787435)
 	[jessie] - attic <no-dsa> (Minor issue)
 	NOTE: https://github.com/jborg/attic/issues/271
 	NOTE: https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/25/3
-CVE-2015-4170 (Race condition in the ldsem_cmpxchg function in ...)
+CVE-2015-4170
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (commit 4898e640caf03fdbaf2122d5a33949bf3e4a5b34 not backported)
 	- linux-2.6 <not-affected> (commit 4898e640caf03fdbaf2122d5a33949bf3e4a5b34 not backported)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf872776fc84128bb779ce2b83a37c884c3203ae (v3.13-rc5)
 	NOTE: Affected code was introduced by the rewrite in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4898e640caf03fdbaf2122d5a33949bf3e4a5b34 (v3.11-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/26/1
-CVE-2015-4065 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-4065
 	NOT-FOR-US: WordPress plugin landing-pages
-CVE-2015-4064 (SQL injection vulnerability in modules/module.ab-testing.php in the ...)
+CVE-2015-4064
 	NOT-FOR-US: WordPress plugin landing-pages
-CVE-2015-4063 (Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in ...)
+CVE-2015-4063
 	NOT-FOR-US: WordPress plugin newstatpress
-CVE-2015-4062 (SQL injection vulnerability in includes/nsp_search.php in the ...)
+CVE-2015-4062
 	NOT-FOR-US: WordPress plugin newstatpress
 CVE-2015-4052
 	RESERVED
-CVE-2015-4051 (Beckhoff IPC Diagnostics before 1.8 does not properly restrict access ...)
+CVE-2015-4051
 	NOT-FOR-US: Beckhoff IPC Diagnostics
-CVE-2015-4050 (FragmentListener in the HttpKernel component in Symfony 2.3.19 through ...)
+CVE-2015-4050
 	{DSA-3276-1}
 	- symfony 2.7.0~beta2+dfsg-2
 	NOTE: https://github.com/fabpot/symfony/commit/d320d27699abcea12479cf608908fa91bcc133d4
@@ -15108,14 +15108,14 @@ CVE-2015-XXXX [XSS in group administration]
 	- php-horde 5.2.5+debian0-1 (bug #785364)
 	[jessie] - php-horde 5.2.1+debian0-2+deb8u1
 	NOTE: https://github.com/horde/horde/commit/dae5277746abe613de0cacc004e95e9ed9d78220
-CVE-2015-4053 (The admin command in ceph-deploy before 1.5.25 uses world-readable ...)
+CVE-2015-4053
 	- ceph-deploy <not-affected> (Fixed with initial upload to Debian)
 	NOTE: http://tracker.ceph.com/issues/11694
-CVE-2015-4049 (Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with ...)
+CVE-2015-4049
 	NOT-FOR-US: Unisys Libra
 CVE-2015-4048
 	RESERVED
-CVE-2015-4054 (PgBouncer before 1.5.5 allows remote attackers to cause a denial of ...)
+CVE-2015-4054
 	- pgbouncer 1.5.5-1
 	[jessie] - pgbouncer 1.5.4-6+deb8u1
 	[wheezy] - pgbouncer 1.5.2-4+deb7u1
@@ -15128,22 +15128,22 @@ CVE-2015-8147
 	REJECTED
 CVE-2015-8146
 	REJECTED
-CVE-2015-4046 (The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows ...)
+CVE-2015-4046
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2015-4045 (The sudoers file in the asset discovery scanner in AlienVault OSSIM ...)
+CVE-2015-4045
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2015-4044
 	RESERVED
-CVE-2015-4043 (SQL injection vulnerability in ConnX ESP HR Management 4.4.0 allows ...)
+CVE-2015-4043
 	NOT-FOR-US: ConnX ESP
-CVE-2015-4040 (Directory traversal vulnerability in the configuration utility in F5 ...)
+CVE-2015-4040
 	NOT-FOR-US: F5 BIG-IP
 CVE-2015-4039
 	RESERVED
 	NOT-FOR-US: WordPress plugin WP Membership
-CVE-2015-4038 (The WP Membership plugin 1.2.3 for WordPress allows remote ...)
+CVE-2015-4038
 	NOT-FOR-US: WordPress plugin WP Membership
-CVE-2015-4037 (The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier ...)
+CVE-2015-4037
 	{DSA-3285-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5
 	[wheezy] - qemu 1.1.2+dfsg-6a+deb7u8
@@ -15151,29 +15151,29 @@ CVE-2015-4037 (The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier .
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=8b8f1c7e9ddb2e88a144638f6527bf70e32343e3
-CVE-2015-4034 (The createFromParcel method in the ...)
+CVE-2015-4034
 	NOT-FOR-US: Samsung Galaxy S5
-CVE-2015-4033 (Samsung SBeam allows remote attackers to read arbitrary images by ...)
+CVE-2015-4033
 	NOT-FOR-US: Samsung SBeam
-CVE-2015-4032 (projectContents.jsp in the Developer tools in Visual Mining NetCharts ...)
+CVE-2015-4032
 	NOT-FOR-US: Visual Mining NetCharts Server
-CVE-2015-4031 (Directory traversal vulnerability in saveFile.jsp in the development ...)
+CVE-2015-4031
 	NOT-FOR-US: Visual Mining NetChart
 CVE-2015-4030
 	RESERVED
-CVE-2015-4029 (Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense ...)
+CVE-2015-4029
 	NOT-FOR-US: pfSense
 CVE-2015-4028
 	RESERVED
-CVE-2015-4027 (The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner ...)
+CVE-2015-4027
 	NOT-FOR-US: Acunetix Web Vulnerability Scanner
-CVE-2015-4047 (racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause ...)
+CVE-2015-4047
 	{DSA-3272-1 DLA-234-1}
 	- ipsec-tools 1:0.8.2+20140711-3 (bug #785778)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/20/1
 CVE-2015-4023
 	RESERVED
-CVE-2015-4020 (RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 ...)
+CVE-2015-4020
 	- rubygems <not-affected> (Affects versions between 2.0 and 2.4.6 and incomplete fix not applied)
 	- libgems-ruby <not-affected> (Affects versions between 2.0 and 2.4.6 and incomplete fix not applied)
 	- ruby1.8 <not-affected> (Vulnerable code not present)
@@ -15187,9 +15187,9 @@ CVE-2015-4020 (RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x befor
 	NOTE: https://github.com/rubygems/rubygems/commit/5c7bfb5
 CVE-2015-4019
 	RESERVED
-CVE-2015-4018 (SQL injection vulnerability in feedwordpresssyndicationpage.class.php ...)
+CVE-2015-4018
 	NOT-FOR-US: FeedWordPress plugin for WordPress
-CVE-2015-4016 (The client detection protocol in Valve Steam allows remote attackers ...)
+CVE-2015-4016
 	NOT-FOR-US: Related to non-free steam package.
 	NOTE: The affected code is believed to be downloaded from Valve on startup.
 	NOTE: http://store.steampowered.com/news/16801/
@@ -15215,10 +15215,10 @@ CVE-2015-4041 [heap overflow; size calculation without properly considering the
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=928749
 	NOTE: https://github.com/pixelb/coreutils/commit/bea5e36cc876ed627bb5e0eca36fdfaa6465e940
 	NOTE: http://pkgs.fedoraproject.org/cgit/coreutils.git/plain/coreutils-i18n.patch
-CVE-2015-4035 (scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not ...)
+CVE-2015-4035
 	- xz-utils <not-affected> (Affects 4.999.9beta)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/7
-CVE-2015-4010 (Cross-site request forgery (CSRF) vulnerability in the Encrypted ...)
+CVE-2015-4010
 	NOT-FOR-US: Encrypted Contact Form plugin for WordPress
 CVE-2015-4009
 	RESERVED
@@ -15230,7 +15230,7 @@ CVE-2015-4006
 	RESERVED
 CVE-2015-4005
 	RESERVED
-CVE-2015-4004 (The OZWPAN driver in the Linux kernel through 4.0.5 relies on an ...)
+CVE-2015-4004
 	- linux 4.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15238,7 +15238,7 @@ CVE-2015-4004 (The OZWPAN driver in the Linux kernel through 4.0.5 relies on an
 	NOTE: https://lkml.org/lkml/2015/5/13/739
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
 	NOTE: Driver was removed in Linux 4.3
-CVE-2015-4003 (The oz_usb_handle_ep_data function in ...)
+CVE-2015-4003
 	- linux 4.1.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15246,7 +15246,7 @@ CVE-2015-4003 (The oz_usb_handle_ep_data function in ...)
 	NOTE: https://lkml.org/lkml/2015/5/13/741
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04bf464a5dfd9ade0dda918e44366c2c61fce80b (v4.1-rc7)
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2015-4002 (drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux ...)
+CVE-2015-4002
 	- linux 4.1.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15256,7 +15256,7 @@ CVE-2015-4002 (drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Li
 	NOTE: https://lkml.org/lkml/2015/5/13/742
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 (v4.1-rc7)
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2015-4001 (Integer signedness error in the oz_hcd_get_desc_cnf function in ...)
+CVE-2015-4001
 	- linux 4.1.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15264,7 +15264,7 @@ CVE-2015-4001 (Integer signedness error in the oz_hcd_get_desc_cnf function in .
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c (v4.1-rc7)
 	NOTE: https://lkml.org/lkml/2015/5/13/744
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ...)
+CVE-2015-4000
 	{DSA-3688-1 DSA-3339-1 DSA-3324-1 DSA-3316-1 DSA-3300-1 DSA-3287-1 DLA-507-1 DLA-303-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	- nss 2:3.19.1-1
@@ -15284,44 +15284,44 @@ CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite i
 	NOTE: GNUTLS: http://lists.gnutls.org/pipermail/gnutls-devel/2015-May/007597.html
 	NOTE: NSS/iceweasel/icedove: https://www.mozilla.org/en-US/security/advisories/mfsa2015-70/
 	NOTE: NSS patch increasing limit to 1023 bits: https://hg.mozilla.org/projects/nss/rev/ae72d76f8d24
-CVE-2015-3999 (Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames ...)
+CVE-2015-3999
 	NOT-FOR-US: Piriform CCleaner
-CVE-2015-3998 (Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in ...)
+CVE-2015-3998
 	NOT-FOR-US: phpwhois component of adsense-click-fraud-monitoring wordpress plugin
 CVE-2015-3997
 	RESERVED
-CVE-2015-3996 (The default AFSecurityPolicy.validatesDomainName configuration for ...)
+CVE-2015-3996
 	- owncloud <not-affected> (iOS-specific)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-012
-CVE-2015-3995 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote ...)
+CVE-2015-3995
 	NOT-FOR-US: SAP HANA DB
-CVE-2015-3994 (The grant.xsfunc application in testApps/grantAccess/ in the XS Engine ...)
+CVE-2015-3994
 	NOT-FOR-US: SAP HANA DB
-CVE-2015-3993 (Actian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows ...)
+CVE-2015-3993
 	NOT-FOR-US: Actian Matrix
 CVE-2015-3992
 	RESERVED
-CVE-2015-3991 (strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial ...)
+CVE-2015-3991
 	- strongswan 5.3.0-2
 	[jessie] - strongswan <not-affected> (only affects 5.2.2+ and 5.3.0+)
 	[wheezy] - strongswan <not-affected> (only affects 5.2.2+ and 5.3.0+)
 	[squeeze] - strongswan <not-affected> (only affects 5.2.2+ and 5.3.0+)
 	NOTE: http://www.strongswan.org/blog/2015/06/01/strongswan-vulnerability-(cve-2015-3991).html
-CVE-2015-3990 (The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, ...)
+CVE-2015-3990
 	NOT-FOR-US: Dell
-CVE-2015-3989 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
+CVE-2015-3989
 	NOT-FOR-US: concrete5
-CVE-2015-4026 (The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before ...)
+CVE-2015-4026
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68598
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-4025 (PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 ...)
+CVE-2015-4025
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69418
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-4024 (Algorithmic complexity vulnerability in the multipart_buffer_headers ...)
+CVE-2015-4024
 	{DSA-3280-1}
 	- php5 5.6.9+dfsg-1
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
@@ -15330,86 +15330,86 @@ CVE-2015-4024 (Algorithmic complexity vulnerability in the multipart_buffer_head
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
 	- hhvm 3.11.0+dfsg-1
 	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/6188457bd90ed2f3516e778dca8e91536d91802e
-CVE-2015-4022 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP ...)
+CVE-2015-4022
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69545
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/2
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-4021 (The phar_parse_tarfile function in ext/phar/tar.c in PHP before ...)
+CVE-2015-4021
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69453
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/17/2 and http://www.openwall.com/lists/oss-security/2015/05/18/2
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-3987 (Multiple unquoted Windows search path vulnerabilities in the (1) ...)
+CVE-2015-3987
 	NOT-FOR-US: McAfee
-CVE-2015-3986 (Cross-site request forgery (CSRF) vulnerability in the TheCartPress ...)
+CVE-2015-3986
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
 CVE-2015-3985
 	RESERVED
 CVE-2015-3984
 	RESERVED
-CVE-2015-3983 (The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the ...)
+CVE-2015-3983
 	- pcs <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/feist/pcs/commit/898204596a779673c88097bbdbe2d7ed6ed0cc8b (0.9.140)
-CVE-2015-3982 (The session.flush function in the cached_db backend in Django 1.8.x ...)
+CVE-2015-3982
 	- python-django <not-affected> (Only affects 1.8 and development branch)
 	NOTE: https://www.djangoproject.com/weblog/2015/may/20/security-release/
-CVE-2015-3981 (SAP NetWeaver RFC SDK allows attackers to obtain sensitive information ...)
+CVE-2015-3981
 	NOT-FOR-US: SAP NetWeaver
-CVE-2015-3980 (SQL injection vulnerability in the Business Rules Framework ...)
+CVE-2015-3980
 	NOT-FOR-US: SAP CRM
-CVE-2015-3979 (Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) ...)
+CVE-2015-3979
 	NOT-FOR-US: SAP CRM
-CVE-2015-3978 (SAP Sybase Unwired Platform Online Data Proxy allows local users to ...)
+CVE-2015-3978
 	NOT-FOR-US: SAP Sybase Unwired Platform Online Data Proxy
-CVE-2015-3977 (Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before ...)
+CVE-2015-3977
 	NOT-FOR-US: Schneider Electric
-CVE-2015-3976 (Cross-site scripting (XSS) vulnerability in GE Multilink ...)
+CVE-2015-3976
 	NOT-FOR-US: GE
 CVE-2015-3975
 	REJECTED
-CVE-2015-3974 (EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x ...)
+CVE-2015-3974
 	NOT-FOR-US: EasyIO EasyIO-30P-SF controllers
-CVE-2015-3973 (Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate ...)
+CVE-2015-3973
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3972 (The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices ...)
+CVE-2015-3972
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3971 (The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices ...)
+CVE-2015-3971
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3970 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2015-3970
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3969 (Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers ...)
+CVE-2015-3969
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3968 (The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has ...)
+CVE-2015-3968
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3967 (Cross-site request forgery (CSRF) vulnerability on Janitza UMG 508, ...)
+CVE-2015-3967
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3966 (The IPsec SA establishment process on Innominate mGuard devices with ...)
+CVE-2015-3966
 	NOT-FOR-US: Innominate mGuard
 CVE-2015-3965
 	RESERVED
-CVE-2015-3964 (SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier ...)
+CVE-2015-3964
 	NOT-FOR-US: SMA Solar Sunny WebBox
-CVE-2015-3963 (Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, ...)
+CVE-2015-3963
 	NOT-FOR-US: Wind River VxWorks as used on Schneider Electric devices
-CVE-2015-3962 (Schneider Electric StruxureWare Building Expert MPM before 2.15 does ...)
+CVE-2015-3962
 	NOT-FOR-US: Schneider Electric StruxureWare
-CVE-2015-3961 (The web-server component in MNS before 4.5.6 on Belden GarrettCom ...)
+CVE-2015-3961
 	NOT-FOR-US: Belden GarrettCom switches
-CVE-2015-3960 (The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and ...)
+CVE-2015-3960
 	NOT-FOR-US: Belden GarrettCom switches
-CVE-2015-3959 (The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and ...)
+CVE-2015-3959
 	NOT-FOR-US: Belden GarrrettCom switches
-CVE-2015-3958 (Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly ...)
+CVE-2015-3958
 	NOT-FOR-US: Hospira LifeCare
-CVE-2015-3957 (Hospira LifeCare PCA Infusion System before 7.0 stores private keys ...)
+CVE-2015-3957
 	NOT-FOR-US: Hospira LifeCare
 CVE-2015-3956
 	RESERVED
-CVE-2015-3955 (Stack-based buffer overflow in Hospira LifeCare PCA Infusion System ...)
+CVE-2015-3955
 	NOT-FOR-US: Hospira LifeCare
 CVE-2015-3954
 	RESERVED
@@ -15417,50 +15417,50 @@ CVE-2015-3953
 	RESERVED
 CVE-2015-3952
 	RESERVED
-CVE-2015-3951 (RLE Nova-Wind Turbine HMI devices store cleartext credentials, which ...)
+CVE-2015-3951
 	NOT-FOR-US: RLE Nova-Wind Turbines
-CVE-2015-3950 (Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on ...)
+CVE-2015-3950
 	NOT-FOR-US: XZERES 442SR (wind turbine)
-CVE-2015-3949 (Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows ...)
+CVE-2015-3949
 	NOT-FOR-US: Sinapsi eSolar Light
-CVE-2015-3948 (Cross-site scripting (XSS) vulnerability in Advantech WebAccess before ...)
+CVE-2015-3948
 	NOT-FOR-US: Advantech WebAccess
-CVE-2015-3947 (SQL injection vulnerability in Advantech WebAccess before 8.1 allows ...)
+CVE-2015-3947
 	NOT-FOR-US: Advantech WebAccess
-CVE-2015-3946 (Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess ...)
+CVE-2015-3946
 	NOT-FOR-US: Advantech WebAccess
 CVE-2015-3945
 	REJECTED
 CVE-2015-3944
 	REJECTED
-CVE-2015-3943 (Advantech WebAccess before 8.1 allows remote attackers to read ...)
+CVE-2015-3943
 	NOT-FOR-US: Advantech WebAccess
-CVE-2015-3942 (Multiple cross-site scripting (XSS) vulnerabilities in the web-server ...)
+CVE-2015-3942
 	NOT-FOR-US: Belden GarrettCom switches
 CVE-2015-3941
 	REJECTED
-CVE-2015-3940 (Untrusted search path vulnerability in Schneider Electric Wonderware ...)
+CVE-2015-3940
 	NOT-FOR-US: Schneider Electric
-CVE-2015-3939 (Directory traversal vulnerability in the NC854 and NC856 modules for ...)
+CVE-2015-3939
 	NOT-FOR-US: IDS RTU 850C devices
-CVE-2015-3938 (The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices ...)
+CVE-2015-3938
 	NOT-FOR-US: Mitsubishi Electric MELSEC devices
 CVE-2015-3937
 	RESERVED
 CVE-2015-3936
 	RESERVED
-CVE-2015-3935 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
+CVE-2015-3935
 	- dolibarr 3.5.7+dfsg1-1 (bug #787762)
 	[jessie] - dolibarr 3.5.5+dfsg1-1+deb8u1
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/2857
 	NOTE: https://github.com/GPCsolutions/dolibarr/commit/a7f6bbd316e9b96216e9b2c7a065c9251c9a8907
-CVE-2015-3934 (Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow ...)
+CVE-2015-3934
 	NOT-FOR-US: Fiyo CMS
-CVE-2015-3933 (Multiple SQL injection vulnerabilities in inc/lib/User.class.php in ...)
+CVE-2015-3933
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-3932 (Netlock Mokka before 2.7.8.1204 allows remote attackers to perform XML ...)
+CVE-2015-3932
 	NOT-FOR-US: Netlock Mokka
-CVE-2015-3931 (Microsec e-Szigno before 3.2.7.12 allows remote attackers to perform ...)
+CVE-2015-3931
 	NOT-FOR-US: Microsec e-Szigno
 CVE-2015-3930
 	RESERVED
@@ -15476,11 +15476,11 @@ CVE-2015-3925
 	RESERVED
 CVE-2015-3924
 	RESERVED
-CVE-2015-3923 (Coppermine Photo Gallery before 1.5.36 allows remote attackers to ...)
+CVE-2015-3923
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2015-3922 (Open redirect vulnerability in mode.php in Coppermine Photo Gallery ...)
+CVE-2015-3922
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2015-3921 (Cross-site scripting (XSS) vulnerability in contact.php in Coppermine ...)
+CVE-2015-3921
 	NOT-FOR-US: Coppermine Photo Gallery
 CVE-2015-3920
 	RESERVED
@@ -15496,13 +15496,13 @@ CVE-2015-3915
 	RESERVED
 CVE-2015-3914
 	RESERVED
-CVE-2015-3913 (The IP stack in multiple Huawei Campus series switch models allows ...)
+CVE-2015-3913
 	NOT-FOR-US: Huawei
-CVE-2015-3912 (Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and ...)
+CVE-2015-3912
 	NOT-FOR-US: Huawei
-CVE-2015-3911 (Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows ...)
+CVE-2015-3911
 	NOT-FOR-US: Huawei
-CVE-2015-3910 (Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as ...)
+CVE-2015-3910
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -15511,13 +15511,13 @@ CVE-2015-3910 (Multiple unspecified vulnerabilities in Google V8 before 4.3.61.2
 	NOTE: libv8 not covered by security support
 CVE-2015-3909
 	RESERVED
-CVE-2015-3908 (Ansible before 1.9.2 does not verify that the server hostname matches ...)
+CVE-2015-3908
 	- ansible 1.9.2+dfsg-1 (low)
 	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/4
 CVE-2015-3907
 	RESERVED
-CVE-2015-3906 (The logcat_dump_text function in wiretap/logcat.c in the Android ...)
+CVE-2015-3906
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -15525,11 +15525,11 @@ CVE-2015-3906 (The logcat_dump_text function in wiretap/logcat.c in the Android
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-18.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d
-CVE-2015-3904 (Multiple cross-site scripting (XSS) vulnerabilities in roomcloud.php ...)
+CVE-2015-3904
 	NOT-FOR-US: Roomcloud plugin for WordPress
 CVE-2015-3901
 	RESERVED
-CVE-2015-3900 (RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before ...)
+CVE-2015-3900
 	- rubygems <not-affected> (Affects versions between 2.0 and 2.4.6)
 	- libgems-ruby <not-affected> (Affects versions between 2.0 and 2.4.6)
 	- ruby1.8 <not-affected> (Vulnerable code not present)
@@ -15546,9 +15546,9 @@ CVE-2015-3900 (RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x befor
 	NOTE: http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html
 CVE-2015-3899
 	RESERVED
-CVE-2015-3898 (Multiple open redirect vulnerabilities in Bonita BPM Portal before ...)
+CVE-2015-3898
 	NOT-FOR-US: Bonita BPM Portal
-CVE-2015-3897 (Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 ...)
+CVE-2015-3897
 	NOT-FOR-US: Bonita BPM Portal
 CVE-2015-3896
 	RESERVED
@@ -15562,66 +15562,66 @@ CVE-2015-3892
 	RESERVED
 CVE-2015-3891
 	RESERVED
-CVE-2015-3890 (Use-after-free vulnerability in Open Litespeed before 1.3.10. ...)
+CVE-2015-3890
 	NOT-FOR-US: Open Litespeed
 CVE-2015-3889
 	RESERVED
-CVE-2015-3888 (Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof ...)
+CVE-2015-3888
 	NOT-FOR-US: Jolla Sailfish OS
-CVE-2015-3887 (Untrusted search path vulnerability in ProxyChains-NG before 4.9 ...)
+CVE-2015-3887
 	NOT-FOR-US: proxychains-ng
 	NOTE: proxychains does not contain the vulnerable code
-CVE-2015-3884 (Unrestricted file upload vulnerability in the (1) myAccount, (2) ...)
+CVE-2015-3884
 	NOT-FOR-US: qdPM
-CVE-2015-3883 (Multiple cross-site scripting (XSS) vulnerabilities in qdPM 8.3 allow ...)
+CVE-2015-3883
 	NOT-FOR-US: qdPM
-CVE-2015-3882 (qdPM 8.3 allows remote attackers to obtain sensitive information via ...)
+CVE-2015-3882
 	NOT-FOR-US: qdPM
-CVE-2015-3881 (Information disclosure issue in qdPM 8.3 allows remote attackers to ...)
+CVE-2015-3881
 	NOT-FOR-US: qdPM
-CVE-2015-3879 (Media Player Framework in Android before 5.1.1 LMY48T allows attackers ...)
+CVE-2015-3879
 	NOT-FOR-US: Media Player Framework in Android
-CVE-2015-3878 (Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before ...)
+CVE-2015-3878
 	NOT-FOR-US: Media Projection in Android
-CVE-2015-3877 (Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers ...)
+CVE-2015-3877
 	NOT-FOR-US: Skia, as used in Android
-CVE-2015-3876 (libstagefright in Android through 5.1.1 LMY48M allows remote attackers ...)
+CVE-2015-3876
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3875 (libutils in Android before 5.1.1 LMY48T allows remote attackers to ...)
+CVE-2015-3875
 	- android-platform-frameworks-native <unfixed> (unimportant; bug #806375)
-CVE-2015-3874 (The Sonivox components in Android before 5.1.1 LMY48T allow remote ...)
+CVE-2015-3874
 	NOT-FOR-US: The Sonivox components in Android
-CVE-2015-3873 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3873
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3872 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3872
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3871 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3871
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3870 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3870
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3869 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3869
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3868 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3868
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3867 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3867
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-3866
 	RESERVED
-CVE-2015-3865 (The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers ...)
+CVE-2015-3865
 	NOT-FOR-US: The Runtime subsystem in Android
-CVE-2015-3864 (Integer underflow in the MPEG4Extractor::parseChunk function in ...)
+CVE-2015-3864
 	NOT-FOR-US: libstagefright in mediaserver in Android
-CVE-2015-3863 (Multiple integer overflows in the Blob class in keystore/keystore.cpp ...)
+CVE-2015-3863
 	NOT-FOR-US: Keystore in Android
-CVE-2015-3862 (mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a ...)
+CVE-2015-3862
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-3861 (Multiple integer overflows in the addVorbisCodecInfo function in ...)
+CVE-2015-3861
 	NOT-FOR-US: libstagefright in mediaserver in Android
-CVE-2015-3860 (packages/Keyguard/res/layout/keyguard_password_view.xml in Lockscreen ...)
+CVE-2015-3860
 	NOT-FOR-US: Lockscreen in Android
 CVE-2015-3859
 	RESERVED
-CVE-2015-3858 (The checkDestination function in internal/telephony/SMSDispatcher.java ...)
+CVE-2015-3858
 	NOT-FOR-US: Android
 CVE-2015-3857
 	RESERVED
@@ -15629,7 +15629,7 @@ CVE-2015-3856
 	RESERVED
 CVE-2015-3855
 	RESERVED
-CVE-2015-3854 (packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java ...)
+CVE-2015-3854
 	NOT-FOR-US: Android
 CVE-2015-3853
 	RESERVED
@@ -15639,59 +15639,59 @@ CVE-2015-3851
 	RESERVED
 CVE-2015-3850
 	RESERVED
-CVE-2015-3849 (The Region_createFromParcel function in ...)
+CVE-2015-3849
 	NOT-FOR-US: Region in Android
 CVE-2015-3848
 	RESERVED
-CVE-2015-3847 (Bluetooth in Android before 5.1.1 LMY48T allows attackers to remove ...)
+CVE-2015-3847
 	NOT-FOR-US: Bluetooth in Android
 CVE-2015-3846
 	RESERVED
-CVE-2015-3845 (The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in ...)
+CVE-2015-3845
 	NOT-FOR-US: Binder in Android
-CVE-2015-3844 (The getProcessRecordLocked method in ...)
+CVE-2015-3844
 	NOT-FOR-US: ActivityManager in Android
-CVE-2015-3843 (The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I allows ...)
+CVE-2015-3843
 	NOT-FOR-US: SIM Toolkit (STK) framework in Android
-CVE-2015-3842 (Multiple heap-based buffer overflows in libeffects in the Audio Policy ...)
+CVE-2015-3842
 	NOT-FOR-US: Android
 CVE-2015-3841
 	RESERVED
-CVE-2015-3840 (The MessageStatusReceiver service in the AndroidManifest.XML in ...)
+CVE-2015-3840
 	NOT-FOR-US: MessageStatusReceiver in Android
-CVE-2015-3839 (The updateMessageStatus function in Android 5.1.1 and earlier allows ...)
+CVE-2015-3839
 	NOT-FOR-US: Android
 CVE-2015-3838
 	RESERVED
-CVE-2015-3837 (The OpenSSLX509Certificate class in ...)
+CVE-2015-3837
 	NOT-FOR-US: Android
-CVE-2015-3836 (The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the ...)
+CVE-2015-3836
 	NOT-FOR-US: Sonivox DLS-to-EAS converter in Android
-CVE-2015-3835 (Buffer overflow in the OMXNodeInstance::emptyBuffer function in ...)
+CVE-2015-3835
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3834 (Multiple integer overflows in the BnHDCP::onTransact function in ...)
+CVE-2015-3834
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3833 (The getRunningAppProcesses function in ...)
+CVE-2015-3833
 	NOT-FOR-US: Android
-CVE-2015-3832 (Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in ...)
+CVE-2015-3832
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3831 (Buffer overflow in the readAt function in BpMediaHTTPConnection in ...)
+CVE-2015-3831
 	NOT-FOR-US: mediaserver service in Android
-CVE-2015-3830 (The stock Android browser address bar in all Android operating systems ...)
+CVE-2015-3830
 	NOT-FOR-US: Android
-CVE-2015-3829 (Off-by-one error in the MPEG4Extractor::parseChunk function in ...)
+CVE-2015-3829
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3828 (The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp ...)
+CVE-2015-3828
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3827 (The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in ...)
+CVE-2015-3827
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3826 (The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp ...)
+CVE-2015-3826
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-3825
 	REJECTED
-CVE-2015-3824 (The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in ...)
+CVE-2015-3824
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3823 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers ...)
+CVE-2015-3823
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-3822
 	RESERVED
@@ -15707,27 +15707,27 @@ CVE-2015-3817
 	RESERVED
 CVE-2015-3816
 	RESERVED
-CVE-2015-3903 (libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x ...)
+CVE-2015-3903
 	{DSA-3382-1}
 	- phpmyadmin 4:4.4.6.1-1 (unimportant)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2015-3902 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3902
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.4.6.1-1 (unimportant)
-CVE-2015-4036 (Array index error in the tcm_vhost_make_tpg function in ...)
+CVE-2015-4036
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59c816c1f24df0204e01851431d3bab3eb76719c (v4.0-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/13/4
-CVE-2015-3988 (Multiple cross-site scripting (XSS) vulnerabilities in OpenStack ...)
+CVE-2015-3988
 	- horizon 2015.1.0-2 (bug #786741)
 	[jessie] - horizon <not-affected> (Vulnerable code not present)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/12/9
-CVE-2015-3886 (libinfinity before 0.6.6-1 does not validate expired SSL certificates, ...)
+CVE-2015-3886
 	- libinfinity 0.6.6-1 (bug #783601)
 	[jessie] - libinfinity 0.6.6-1~deb8u1
 	[wheezy] - libinfinity <not-affected> (vulnerable code not present)
@@ -15735,31 +15735,31 @@ CVE-2015-3886 (libinfinity before 0.6.6-1 does not validate expired SSL certific
 	NOTE: https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706
 	NOTE: https://github.com/gobby/gobby/issues/61
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/12/1
-CVE-2015-3815 (The detect_version function in wiretap/logcat.c in the Android Logcat ...)
+CVE-2015-3815
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-18.html
-CVE-2015-3814 (The (1) dissect_tfs_request and (2) dissect_tfs_response functions in ...)
+CVE-2015-3814
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-17.html
-CVE-2015-3813 (The fragment_add_work function in epan/reassemble.c in the ...)
+CVE-2015-3813
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-16.html
-CVE-2015-3812 (Multiple memory leaks in the x11_init_protocol function in ...)
+CVE-2015-3812
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-15.html
-CVE-2015-3811 (epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x ...)
+CVE-2015-3811
 	{DSA-3277-1 DLA-241-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark 1.8.2-5wheezy16
@@ -15767,360 +15767,360 @@ CVE-2015-3811 (epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-14.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10978
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a6fc6aa0b4efc1a1c3d7a2e3b5189e888fb6ccc2
-CVE-2015-3810 (epan/dissectors/packet-websocket.c in the WebSocket dissector in ...)
+CVE-2015-3810
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-13.html
-CVE-2015-3809 (The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the ...)
+CVE-2015-3809
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
-CVE-2015-3808 (The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the ...)
+CVE-2015-3808
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
-CVE-2015-3807 (libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-3807
 	NOT-FOR-US: Apple
-CVE-2015-3806 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
+CVE-2015-3806
 	NOT-FOR-US: Apple
-CVE-2015-3805 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
+CVE-2015-3805
 	NOT-FOR-US: Apple OS X
-CVE-2015-3804 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-3804
 	NOT-FOR-US: Apple
-CVE-2015-3803 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
+CVE-2015-3803
 	NOT-FOR-US: Apple OS X
-CVE-2015-3802 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...)
+CVE-2015-3802
 	NOT-FOR-US: Apple OS X
-CVE-2015-3801 (The document.cookie API implementation in the CFNetwork Cookies ...)
+CVE-2015-3801
 	NOT-FOR-US: Apple
-CVE-2015-3800 (The DiskImages component in Apple iOS before 8.4.1 and OS X before ...)
+CVE-2015-3800
 	NOT-FOR-US: Apple OS X
-CVE-2015-3799 (The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers ...)
+CVE-2015-3799
 	NOT-FOR-US: Apple OS X
-CVE-2015-3798 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...)
+CVE-2015-3798
 	NOT-FOR-US: Apple
-CVE-2015-3797 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...)
+CVE-2015-3797
 	NOT-FOR-US: Apple
-CVE-2015-3796 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...)
+CVE-2015-3796
 	NOT-FOR-US: Apple
-CVE-2015-3795 (libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-3795
 	NOT-FOR-US: Apple
-CVE-2015-3794 (The Speech UI in Apple OS X before 10.10.5, when speech alerts are ...)
+CVE-2015-3794
 	NOT-FOR-US: Apple OS X
-CVE-2015-3793 (CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the ...)
+CVE-2015-3793
 	NOT-FOR-US: Apple OS X
-CVE-2015-3792 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3792
 	NOT-FOR-US: QuickTime
-CVE-2015-3791 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3791
 	NOT-FOR-US: QuickTime
-CVE-2015-3790 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3790
 	NOT-FOR-US: QuickTime
-CVE-2015-3789 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3789
 	NOT-FOR-US: QuickTime
-CVE-2015-3788 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3788
 	NOT-FOR-US: QuickTime
-CVE-2015-3787 (The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote ...)
+CVE-2015-3787
 	NOT-FOR-US: Apple OS X
-CVE-2015-3786 (The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly ...)
+CVE-2015-3786
 	NOT-FOR-US: Apple OS X
-CVE-2015-3785 (The Telephony component in Apple OS X before 10.11, when the ...)
+CVE-2015-3785
 	NOT-FOR-US: Apple
-CVE-2015-3784 (Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-3784
 	NOT-FOR-US: Apple OS X
-CVE-2015-3783 (SceneKit in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3783
 	NOT-FOR-US: Apple OS X
-CVE-2015-3782 (CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-3782
 	NOT-FOR-US: Apple OS X
-CVE-2015-3781 (Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X ...)
+CVE-2015-3781
 	NOT-FOR-US: Apple OS X
-CVE-2015-3780 (The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers ...)
+CVE-2015-3780
 	NOT-FOR-US: Apple OS X
-CVE-2015-3779 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3779
 	NOT-FOR-US: QuickTime
-CVE-2015-3778 (bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote ...)
+CVE-2015-3778
 	NOT-FOR-US: Apple
-CVE-2015-3777 (Multiple buffer overflows in blued in the Bluetooth subsystem in Apple ...)
+CVE-2015-3777
 	NOT-FOR-US: Apple OS X
-CVE-2015-3776 (IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
+CVE-2015-3776
 	NOT-FOR-US: Apple OS X
-CVE-2015-3775 (Apple OS X before 10.10.5 does not properly implement authentication, ...)
+CVE-2015-3775
 	NOT-FOR-US: Apple OS X
-CVE-2015-3774 (The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, ...)
+CVE-2015-3774
 	NOT-FOR-US: Apple OS X
-CVE-2015-3773 (The SMB client in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3773
 	NOT-FOR-US: Apple OS X
-CVE-2015-3772 (IOFireWireFamily in Apple OS X before 10.10.5 allows local users to ...)
+CVE-2015-3772
 	NOT-FOR-US: Apple OS X
-CVE-2015-3771 (IOFireWireFamily in Apple OS X before 10.10.5 allows local users to ...)
+CVE-2015-3771
 	NOT-FOR-US: Apple OS X
-CVE-2015-3770 (IOGraphics in Apple OS X before 10.10.5 allows attackers to execute ...)
+CVE-2015-3770
 	NOT-FOR-US: Apple OS X
-CVE-2015-3769 (IOFireWireFamily in Apple OS X before 10.10.5 allows local users to ...)
+CVE-2015-3769
 	NOT-FOR-US: Apple OS X
-CVE-2015-3768 (Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X ...)
+CVE-2015-3768
 	NOT-FOR-US: Apple OS X
-CVE-2015-3767 (udf in Apple OS X before 10.10.5 allows local users to gain privileges ...)
+CVE-2015-3767
 	NOT-FOR-US: Apple
-CVE-2015-3766 (The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not ...)
+CVE-2015-3766
 	NOT-FOR-US: Apple OS X
-CVE-2015-3765 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...)
+CVE-2015-3765
 	NOT-FOR-US: Apple
-CVE-2015-3764 (Notification Center in Apple OS X before 10.10.5 does not properly ...)
+CVE-2015-3764
 	NOT-FOR-US: QuickTime
-CVE-2015-3763 (Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript ...)
+CVE-2015-3763
 	NOT-FOR-US: Safari
-CVE-2015-3762 (The Text Formats component in Apple OS X before 10.10.5, as used in ...)
+CVE-2015-3762
 	NOT-FOR-US: Apple OS X
-CVE-2015-3761 (The kernel in Apple OS X before 10.10.5 does not properly validate ...)
+CVE-2015-3761
 	NOT-FOR-US: Apple OS X
-CVE-2015-3760 (dyld in Apple OS X before 10.10.5 does not properly validate pathnames ...)
+CVE-2015-3760
 	NOT-FOR-US: Apple OS X
-CVE-2015-3759 (Location Framework in Apple iOS before 8.4.1 allows local users to ...)
+CVE-2015-3759
 	NOT-FOR-US: Apple OS X
-CVE-2015-3758 (UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an ...)
+CVE-2015-3758
 	NOT-FOR-US: Apple OS X
-CVE-2015-3757 (Apple OS X before 10.10.5 does not properly restrict access to the ...)
+CVE-2015-3757
 	NOT-FOR-US: Apple OS X
-CVE-2015-3756 (The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 ...)
+CVE-2015-3756
 	NOT-FOR-US: Apple OS X
-CVE-2015-3755 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before ...)
+CVE-2015-3755
 	NOT-FOR-US: Safari
-CVE-2015-3754 (The private-browsing implementation in WebKit in Apple Safari before ...)
+CVE-2015-3754
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3753 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before ...)
+CVE-2015-3753
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3752 (The Content Security Policy implementation in WebKit in Apple Safari ...)
+CVE-2015-3752
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3751 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before ...)
+CVE-2015-3751
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3750 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before ...)
+CVE-2015-3750
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3749 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3749
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3748 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3748
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3747 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3747
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3746 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3746
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3745 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3745
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3744 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3744
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3743 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3743
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3742 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3742
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3741 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3741
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3740 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3740
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3739 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3739
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3738 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3738
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3737 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3737
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3736 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3736
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3735 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3735
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3734 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3734
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3733 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3733
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3732 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3732
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3731 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3731
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3730 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
+CVE-2015-3730
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3729 (Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as ...)
+CVE-2015-3729
 	NOT-FOR-US: Apple
-CVE-2015-3728 (The WiFi Connectivity feature in Apple iOS before 8.4 allows remote ...)
+CVE-2015-3728
 	NOT-FOR-US: Apple iOS
-CVE-2015-3727 (WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before ...)
+CVE-2015-3727
 	NOT-FOR-US: Apple Safari
-CVE-2015-3726 (The Telephony subsystem in Apple iOS before 8.4 allows physically ...)
+CVE-2015-3726
 	NOT-FOR-US: Apple iOS
-CVE-2015-3725 (MobileInstallation in Apple iOS before 8.4 does not ensure the ...)
+CVE-2015-3725
 	NOT-FOR-US: Apple iOS
-CVE-2015-3724 (CoreGraphics in Apple iOS before 8.4 allows remote attackers to ...)
+CVE-2015-3724
 	NOT-FOR-US: Apple iOS
-CVE-2015-3723 (CoreGraphics in Apple iOS before 8.4 allows remote attackers to ...)
+CVE-2015-3723
 	NOT-FOR-US: Apple iOS
-CVE-2015-3722 (Application Store in Apple iOS before 8.4 does not ensure the ...)
+CVE-2015-3722
 	NOT-FOR-US: Apple iOS
-CVE-2015-3721 (The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not ...)
+CVE-2015-3721
 	NOT-FOR-US: Apple iOS
-CVE-2015-3720 (The kernel in Apple OS X before 10.10.4 does not properly manage ...)
+CVE-2015-3720
 	NOT-FOR-US: Apple OS X
-CVE-2015-3719 (TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before ...)
+CVE-2015-3719
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3718 (systemstatsd in the System Stats subsystem in Apple OS X before ...)
+CVE-2015-3718
 	NOT-FOR-US: Apple OS X
-CVE-2015-3717 (Multiple buffer overflows in the printf functionality in SQLite, as ...)
+CVE-2015-3717
 	NOT-FOR-US: sqlite as shipped in iOS
 	NOTE: Fix for sqlite in iOS, upstream doesn't know whether it affects the standard
 	NOTE: code base, but Apple would probably have submitted a patch if that were the case
 	NOTE: sqlite-dev thread: https://groups.google.com/forum/#!topic/sqlite-dev/U7OjAbZO6LA
-CVE-2015-3716 (Spotlight in Apple OS X before 10.10.4 allows attackers to execute ...)
+CVE-2015-3716
 	NOT-FOR-US: Apple OS X
-CVE-2015-3715 (The code-signing implementation in Apple OS X before 10.10.4 does not ...)
+CVE-2015-3715
 	NOT-FOR-US: Apple OS X
-CVE-2015-3714 (Apple OS X before 10.10.4 does not properly consider custom resource ...)
+CVE-2015-3714
 	NOT-FOR-US: Apple OS X
-CVE-2015-3713 (QuickTime in Apple OS X before 10.10.4 allows remote attackers to ...)
+CVE-2015-3713
 	NOT-FOR-US: Apple OS X
-CVE-2015-3712 (The NVIDIA graphics driver in Apple OS X before 10.10.4 allows ...)
+CVE-2015-3712
 	NOT-FOR-US: Apple OS X
-CVE-2015-3711 (The NTFS implementation in Apple OS X before 10.10.4 allows attackers ...)
+CVE-2015-3711
 	NOT-FOR-US: Apple OS X
-CVE-2015-3710 (Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
+CVE-2015-3710
 	NOT-FOR-US: Apple OS X
-CVE-2015-3709 (Race condition in kext tools in Apple OS X before 10.10.4 allows local ...)
+CVE-2015-3709
 	NOT-FOR-US: Apple OS X
-CVE-2015-3708 (kextd in kext tools in Apple OS X before 10.10.4 allows attackers to ...)
+CVE-2015-3708
 	NOT-FOR-US: Apple OS X
-CVE-2015-3707 (The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 ...)
+CVE-2015-3707
 	NOT-FOR-US: Apple OS X
-CVE-2015-3706 (IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to ...)
+CVE-2015-3706
 	NOT-FOR-US: Apple OS X
-CVE-2015-3705 (IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to ...)
+CVE-2015-3705
 	NOT-FOR-US: Apple OS X
-CVE-2015-3704 (runner in Install.framework in the Install Framework Legacy subsystem ...)
+CVE-2015-3704
 	NOT-FOR-US: Apple OS X
-CVE-2015-3703 (ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
+CVE-2015-3703
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3702 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3702
 	NOT-FOR-US: Apple OS X
-CVE-2015-3701 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3701
 	NOT-FOR-US: Apple OS X
-CVE-2015-3700 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3700
 	NOT-FOR-US: Apple OS X
-CVE-2015-3699 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3699
 	NOT-FOR-US: Apple OS X
-CVE-2015-3698 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3698
 	NOT-FOR-US: Apple OS X
-CVE-2015-3697 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3697
 	NOT-FOR-US: Apple OS X
-CVE-2015-3696 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3696
 	NOT-FOR-US: Apple OS X
-CVE-2015-3695 (Buffer overflow in the Intel Graphics Driver in Apple OS X before ...)
+CVE-2015-3695
 	NOT-FOR-US: Apple OS X
-CVE-2015-3694 (FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows ...)
+CVE-2015-3694
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3693 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and ...)
+CVE-2015-3693
 	NOT-FOR-US: Apple OS X
-CVE-2015-3692 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and ...)
+CVE-2015-3692
 	NOT-FOR-US: Apple OS X
-CVE-2015-3691 (The Monitor Control Command Set kernel extension in the Display ...)
+CVE-2015-3691
 	NOT-FOR-US: Apple OS X
-CVE-2015-3690 (The DiskImages subsystem in Apple iOS before 8.4 and OS X before ...)
+CVE-2015-3690
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3689 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
+CVE-2015-3689
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3688 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
+CVE-2015-3688
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3687 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
+CVE-2015-3687
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3686 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
+CVE-2015-3686
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3685 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
+CVE-2015-3685
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3684 (The HTTPAuthentication implementation in CFNetwork in Apple iOS before ...)
+CVE-2015-3684
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3683 (The Bluetooth HCI interface implementation in Apple OS X before ...)
+CVE-2015-3683
 	NOT-FOR-US: Apple OS X
-CVE-2015-3682 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote ...)
+CVE-2015-3682
 	NOT-FOR-US: Apple OS X
-CVE-2015-3681 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote ...)
+CVE-2015-3681
 	NOT-FOR-US: Apple OS X
-CVE-2015-3680 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote ...)
+CVE-2015-3680
 	NOT-FOR-US: Apple OS X
-CVE-2015-3679 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote ...)
+CVE-2015-3679
 	NOT-FOR-US: Apple OS X
-CVE-2015-3678 (AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local ...)
+CVE-2015-3678
 	NOT-FOR-US: Apple OS X
-CVE-2015-3677 (The LZVN compression feature in AppleFSCompression in Apple OS X ...)
+CVE-2015-3677
 	NOT-FOR-US: Apple OS X
-CVE-2015-3676 (AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to ...)
+CVE-2015-3676
 	NOT-FOR-US: Apple OS X
-CVE-2015-3675 (The default configuration of the Apache HTTP Server on Apple OS X ...)
+CVE-2015-3675
 	- apache2 <not-affected> (default configuration on Apple OS X)
-CVE-2015-3674 (afpserver in Apple OS X before 10.10.4 allows remote attackers to ...)
+CVE-2015-3674
 	NOT-FOR-US: Apple OS X
-CVE-2015-3673 (Admin Framework in Apple OS X before 10.10.4 does not properly ...)
+CVE-2015-3673
 	NOT-FOR-US: Apple OS X
-CVE-2015-3672 (Admin Framework in Apple OS X before 10.10.4 does not properly handle ...)
+CVE-2015-3672
 	NOT-FOR-US: Apple OS X
-CVE-2015-3671 (Admin Framework in Apple OS X before 10.10.4 does not properly verify ...)
+CVE-2015-3671
 	NOT-FOR-US: Apple OS X
 CVE-2015-3670
 	REJECTED
-CVE-2015-3669 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote ...)
+CVE-2015-3669
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3668 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X ...)
+CVE-2015-3668
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3667 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X ...)
+CVE-2015-3667
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3666 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X ...)
+CVE-2015-3666
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3665 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote ...)
+CVE-2015-3665
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3664 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote ...)
+CVE-2015-3664
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3663 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X ...)
+CVE-2015-3663
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3662 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X ...)
+CVE-2015-3662
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3661 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X ...)
+CVE-2015-3661
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3660 (Cross-site scripting (XSS) vulnerability in the PDF functionality in ...)
+CVE-2015-3660
 	NOT-FOR-US: Apple WebKit
-CVE-2015-3659 (The SQLite authorizer in the Storage functionality in WebKit in Apple ...)
+CVE-2015-3659
 	NOT-FOR-US: Apple WebKit
-CVE-2015-3658 (The Page Loading functionality in WebKit in Apple Safari before 6.2.7, ...)
+CVE-2015-3658
 	NOT-FOR-US: Apple WebKit
-CVE-2015-3657 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+CVE-2015-3657
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3656 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+CVE-2015-3656
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3655 (Cross-site request forgery (CSRF) vulnerability in Aruba Networks ...)
+CVE-2015-3655
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3654 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+CVE-2015-3654
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3653 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
+CVE-2015-3653
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
 CVE-2015-3652
 	RESERVED
 CVE-2015-3651
 	RESERVED
-CVE-2015-3650 (vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 ...)
+CVE-2015-3650
 	NOT-FOR-US: VMware
-CVE-2015-3649 (The open-uri-cached rubygem allows local users to execute arbitrary ...)
+CVE-2015-3649
 	NOT-FOR-US: open-uri-cached rubygem
-CVE-2015-3648 (Directory traversal vulnerability in pages/setup.php in Montala ...)
+CVE-2015-3648
 	NOT-FOR-US: ResourceSpace
-CVE-2015-3647 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-3647
 	NOT-FOR-US: WP Photo Album Plus (aka WPPA) plugin for WordPress
 CVE-2015-3645
 	RESERVED
-CVE-2015-3644 (Stunnel 5.00 through 5.13, when using the redirect option, does not ...)
+CVE-2015-3644
 	{DSA-3299-1}
 	- stunnel4 3:5.18-1 (bug #785352)
 	[wheezy] - stunnel4 <not-affected> (Affects 5.00 through 5.13 with specfic configurations)
 	[squeeze] - stunnel4 <not-affected> (Affects 5.00 through 5.13 with specfic configurations)
 	NOTE: https://www.stunnel.org/CVE-2015-3644.html
-CVE-2015-3885 (Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier ...)
+CVE-2015-3885
 	{DSA-3692-1 DLA-243-1 DLA-228-1}
 	- dcraw 9.26-1 (bug #785019)
 	[jessie] - dcraw <no-dsa> (Minor issue)
@@ -16158,7 +16158,7 @@ CVE-2015-3885 (Integer overflow in the ljpeg_start function in dcraw 7.00 and ea
 	NOTE: http://www.ocert.org/advisories/ocert-2015-006.html
 	NOTE: https://codesearch.debian.net/results/int%20CLASS%20ljpeg_start
 	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
-CVE-2015-3880 (Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before ...)
+CVE-2015-3880
 	- phpbb3 3.0.14-1
 	[jessie] - phpbb3 3.0.12-5+deb8u1
 	[wheezy] - phpbb3 3.0.10-4+deb7u3
@@ -16179,7 +16179,7 @@ CVE-2015-XXXX [didjvu: insecure use of /tmp when executing c44]
 	[wheezy] - didjvu 0.2.3-2+deb7u1
 	NOTE: https://bitbucket.org/jwilk/didjvu/issue/8
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/7
-CVE-2015-4146 (The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 ...)
+CVE-2015-4146
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	[wheezy] - wpa <not-affected> (Vulnerable code introduced later)
@@ -16190,7 +16190,7 @@ CVE-2015-4146 (The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0
 	NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt
 	NOTE: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4145 (The EAP-pwd server and peer implementation in hostapd and ...)
+CVE-2015-4145
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	[wheezy] - wpa <not-affected> (Vulnerable code introduced later)
@@ -16202,7 +16202,7 @@ CVE-2015-4145 (The EAP-pwd server and peer implementation in hostapd and ...)
 	NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
 	NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4144 (The EAP-pwd server and peer implementation in hostapd and ...)
+CVE-2015-4144
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	[wheezy] - wpa <not-affected> (Vulnerable code introduced later)
@@ -16214,7 +16214,7 @@ CVE-2015-4144 (The EAP-pwd server and peer implementation in hostapd and ...)
 	NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
 	NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4143 (The EAP-pwd server and peer implementation in hostapd and ...)
+CVE-2015-4143
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	- wpasupplicant <not-affected> (v1.0-v2.4 with CONFIG_EAP_PWD=y)
@@ -16224,7 +16224,7 @@ CVE-2015-4143 (The EAP-pwd server and peer implementation in hostapd and ...)
 	NOTE: http://w1.fi/security/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
 	NOTE: http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4142 (Integer underflow in the WMM Action frame parser in hostapd 0.5.5 ...)
+CVE-2015-4142
 	{DSA-3397-1 DLA-260-1}
 	- wpa 2.3-2.2 (bug #787373)
 	- wpasupplicant <removed>
@@ -16233,7 +16233,7 @@ CVE-2015-4142 (Integer underflow in the WMM Action frame parser in hostapd 0.5.5
 	NOTE: http://w1.fi/security/2015-3/
 	NOTE: http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/09/5
-CVE-2015-4141 (The WPS UPnP function in hostapd, when using WPS AP, and ...)
+CVE-2015-4141
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787372)
 	- wpasupplicant <removed> (unimportant)
@@ -16266,7 +16266,7 @@ CVE-2015-XXXX [incorrect substring matching when assigning pgp keys]
 	[jessie] - mew-beta 7.0.50~6.6+0.20140902-1+deb8u1
 	[wheezy] - mew-beta <no-dsa> (Minor issue)
 	[squeeze] - mew-beta <no-dsa> (Minor issue)
-CVE-2015-3429 (Cross-site scripting (XSS) vulnerability in example.html in Genericons ...)
+CVE-2015-3429
 	{DSA-3328-1}
 	- wordpress 4.2.2+dfsg-1 (bug #784603)
 	[wheezy] - wordpress <not-affected> (twentyfifteen theme not present)
@@ -16278,65 +16278,65 @@ CVE-2015-3429 (Cross-site scripting (XSS) vulnerability in example.html in Gener
 	NOTE: will enericons example.html files if present. As the file was included
 	NOTE: in other popular themes and plugins maybe it should as well be included
 	NOTE: in an update for wordpress for wheezy?
-CVE-2015-3643 (usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before ...)
+CVE-2015-3643
 	NOT-FOR-US: usb-creator
-CVE-2015-3642 (The TLS and DTLS processing functionality in Citrix NetScaler ...)
+CVE-2015-3642
 	NOT-FOR-US: Citrix
 CVE-2015-3641
 	RESERVED
-CVE-2015-3640 (phpMyBackupPro 2.5 and earlier does not properly escape the &quot;.&quot; ...)
+CVE-2015-3640
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-3639 (phpMyBackupPro 2.5 and earlier does not properly sanitize input ...)
+CVE-2015-3639
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-3638 (phpMyBackupPro before 2.5 does not validate integer input, which ...)
+CVE-2015-3638
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-3637 (SQL injection vulnerability in phpMyBackupPro when run in multi-user ...)
+CVE-2015-3637
 	NOT-FOR-US: phpMyBackupPro
 CVE-2015-3635
 	RESERVED
-CVE-2015-3634 (The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function ...)
+CVE-2015-3634
 	NOT-FOR-US: Slideshow plugin for Wordpress
-CVE-2015-3633 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow ...)
+CVE-2015-3633
 	NOT-FOR-US: Foxit Reader, Enterprise Reader, PhantomPDF
-CVE-2015-3632 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow ...)
+CVE-2015-3632
 	NOT-FOR-US: Foxit Reader, Enterprise Reader, PhantomPDF
-CVE-2015-3631 (Docker Engine before 1.6.1 allows local users to set arbitrary Linux ...)
+CVE-2015-3631
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3630 (Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, ...)
+CVE-2015-3630
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3629 (Libcontainer 1.6.0, as used in Docker Engine, allows local users to ...)
+CVE-2015-3629
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3628 (The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link ...)
+CVE-2015-3628
 	NOT-FOR-US: F5
-CVE-2015-3627 (Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor ...)
+CVE-2015-3627
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3626 (Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the ...)
+CVE-2015-3626
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-3625 (The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before ...)
+CVE-2015-3625
 	- nvidia-graphics-drivers <not-affected> (FreeBSD drivers in separate blobs/source)
-CVE-2015-3624 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-3624
 	NOT-FOR-US: Ektron Content Management System
-CVE-2015-3623 (XML external entity (XXE) vulnerability in QlikTech Qlikview before ...)
+CVE-2015-3623
 	NOT-FOR-US: QlikTech
-CVE-2015-3621 (Untrusted search path vulnerability in SAP Enterprise Central ...)
+CVE-2015-3621
 	NOT-FOR-US: SAP ECC
-CVE-2015-3620 (Cross-site scripting (XSS) vulnerability in the advanced dataset ...)
+CVE-2015-3620
 	NOT-FOR-US: Fortinet FortiAnalyzer
-CVE-2015-3619 (Cross-site scripting (XSS) vulnerability in assets/js/vm2admin.js in ...)
+CVE-2015-3619
 	NOT-FOR-US: Joomla addon
-CVE-2015-3618 (Cross-site scripting (XSS) vulnerability in Nagios Business Process ...)
+CVE-2015-3618
 	NOT-FOR-US: Nagios Business Process Intelligence
-CVE-2015-3617 (Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow ...)
+CVE-2015-3617
 	NOT-FOR-US: Fortinet
-CVE-2015-3616 (SQL injection vulnerability in Fortinet FortiManager 5.0.x before ...)
+CVE-2015-3616
 	NOT-FOR-US: Fortinet
-CVE-2015-3615 (Cross-site scripting (XSS) vulnerability in Fortinet FortiManager ...)
+CVE-2015-3615
 	NOT-FOR-US: Fortinet
-CVE-2015-3614 (Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows ...)
+CVE-2015-3614
 	NOT-FOR-US: Fortinet
 CVE-2015-3613
 	RESERVED
@@ -16344,7 +16344,7 @@ CVE-2015-3612
 	RESERVED
 CVE-2015-3611
 	RESERVED
-CVE-2015-3610 (The Siemens HomeControl for Room Automation application before 2.0.1 ...)
+CVE-2015-3610
 	NOT-FOR-US: Siemens HomeControl for Room Automation application for Android
 CVE-2015-3609
 	RESERVED
@@ -16648,7 +16648,7 @@ CVE-2015-3461
 	RESERVED
 CVE-2015-3460
 	RESERVED
-CVE-2015-3905 (Buffer overflow in the set_cs_start function in t1disasm.c in t1utils ...)
+CVE-2015-3905
 	{DLA-256-1}
 	- t1utils 1.38-4 (bug #779274)
 	[wheezy] - t1utils <no-dsa> (Minor issue)
@@ -16681,15 +16681,15 @@ CVE-2015-XXXX [BUG/MAJOR: http: prevent risk of reading past end with balance ur
 	[squeeze] - haproxy <not-affected> (Similar check was already present)
 	NOTE: Upstream fix: http://git.haproxy.org/?p=haproxy-1.5.git;a=commit;h=522aab39753e8ed13786bc57b03ef7ae4ffe6c87
 	NOTE: For squeeze, the above commit message implies that the fix does not need to be backported to version 1.4 and indeed, the code already contains a (different) check that limits the value of "len".
-CVE-2015-4017 (Salt before 2014.7.6 does not verify certificates when connecting via ...)
+CVE-2015-4017
 	- salt <not-affected> (Vulnerable code not present in the version in Debian stable/unstable)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/02/1
-CVE-2015-3646 (OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before ...)
+CVE-2015-3646
 	- keystone 2015.1.0-1
 	[jessie] - keystone <no-dsa> (Minor issue)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: Affects: versions through 2014.1.4, and 2014.2 versions through 2014.2.3
-CVE-2015-3636 (The ping_unhash function in net/ipv4/ping.c in the Linux kernel before ...)
+CVE-2015-3636
 	{DSA-3290-1}
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.7-ckt11-1
@@ -16697,13 +16697,13 @@ CVE-2015-3636 (The ping_unhash function in net/ipv4/ping.c in the Linux kernel b
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326 (v4.1-rc2)
 	NOTE: https://lkml.org/lkml/2011/5/13/382
-CVE-2015-3459 (The communication module on the Hospira LifeCare PCA Infusion System ...)
+CVE-2015-3459
 	NOT-FOR-US: Hospira Lifecare PCA
-CVE-2015-3458 (The fetchView function in the Mage_Core_Block_Template_Zend class in ...)
+CVE-2015-3458
 	NOT-FOR-US: Magento
-CVE-2015-3457 (Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) ...)
+CVE-2015-3457
 	NOT-FOR-US: Magento
-CVE-2015-3456 (The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and ...)
+CVE-2015-3456
 	{DSA-3274-1 DSA-3262-1 DSA-3259-1 DLA-268-1 DLA-249-1 DLA-248-1}
 	- qemu 1:2.3+dfsg-3
 	NOTE: qemu 1:2.3+dfsg-3 is  pending in the NEW queue
@@ -16720,25 +16720,25 @@ CVE-2015-3456 (The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x an
 	- virtualbox-ose <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html
 	NOTE: http://venom.crowdstrike.com/
-CVE-2015-3454 (TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket ...)
+CVE-2015-3454
 	NOT-FOR-US: TelescopeJS
 CVE-2015-3453
 	RESERVED
 CVE-2015-3452
 	RESERVED
-CVE-2015-3450 (Heap-based buffer overflow in libaxl 0.6.9 allows attackers to cause a ...)
+CVE-2015-3450
 	NOT-FOR-US: libaxl
-CVE-2015-3449 (The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions ...)
+CVE-2015-3449
 	NOT-FOR-US: SAP Afaria
-CVE-2015-3448 (REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and ...)
+CVE-2015-3448
 	- ruby-rest-client 1.8.0-1
 	[jessie] - ruby-rest-client <no-dsa> (Minor issue, logging not enabled by default)
 	[wheezy] - ruby-rest-client <no-dsa> (Minor issue, logging not enabled by default)
 	- librestclient-ruby <removed>
 	[squeeze] - librestclient-ruby <no-dsa> (Minor issue, logging not enabled by default)
-CVE-2015-3447 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-3447
 	NOT-FOR-US: Dell SonicWALL SonicOS
-CVE-2015-3622 (The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 ...)
+CVE-2015-3622
 	{DSA-3256-1}
 	- libtasn1-6 4.4-3
 	- libtasn1-3 <not-affected> (Introduced with 3.6)
@@ -16746,36 +16746,36 @@ CVE-2015-3622 (The _asn1_extract_der_octet function in lib/decoding.c in GNU Lib
 	NOTE: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435823a02f842c41d49cd41cc81f25b5d677
 	NOTE: Introduced by http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=609d5c1366fb424f6150c4eed358d246e61cf204 (libtasn1_3_6)
 	NOTE: DECR_LEN introduced in http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=154909136c12cfa5c60732b7210827dfb1ec6aee (libtasn1_3_6)
-CVE-2015-3455 (Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, ...)
+CVE-2015-3455
 	- squid <removed> (unimportant)
 	- squid3 3.5.6-1 (unimportant)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2015_1.txt
 	NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
-CVE-2015-3446 (The Framework Daemon in AlienVault Unified Security Management before ...)
+CVE-2015-3446
 	NOT-FOR-US: AlienVault Unified Security Management
 CVE-2015-3445
 	RESERVED
 CVE-2015-3444
 	RESERVED
-CVE-2015-3443 (Cross-site scripting (XSS) vulnerability in the basic dashboard in ...)
+CVE-2015-3443
 	NOT-FOR-US: Thycotic Secret Server
-CVE-2015-3442 (Soreco Xpert.Line 3.0 allows local users to spoof users and ...)
+CVE-2015-3442
 	NOT-FOR-US: Soreco
-CVE-2015-3441 (The Parental Control panel in Genexis devices with DRGOS before 1.14.1 ...)
+CVE-2015-3441
 	NOT-FOR-US: Genexis devices
 CVE-2015-3437
 	RESERVED
-CVE-2015-3436 (provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) ...)
+CVE-2015-3436
 	- zarafa <itp> (bug #658433)
-CVE-2015-3435 (Samsung Security Manager (SSM) before 1.31 allows remote attackers to ...)
+CVE-2015-3435
 	NOT-FOR-US: Samsung Security Manager
 CVE-2015-3434
 	RESERVED
 CVE-2015-3433
 	RESERVED
-CVE-2015-3432 (Multiple cross-site scripting (XSS) vulnerabilities in Pydio (formerly ...)
+CVE-2015-3432
 	- ajaxplorer <itp> (bug #668381)
-CVE-2015-3431 (Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to ...)
+CVE-2015-3431
 	- ajaxplorer <itp> (bug #668381)
 CVE-2015-3430
 	RESERVED
@@ -16789,17 +16789,17 @@ CVE-2015-3424
 	RESERVED
 CVE-2015-3423
 	RESERVED
-CVE-2015-3422 (Cross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 ...)
+CVE-2015-3422
 	NOT-FOR-US: SearchBlox
-CVE-2015-3421 (The eshop_checkout function in checkout.php in the Wordpress Eshop ...)
+CVE-2015-3421
 	NOT-FOR-US: Wordpress Eshop
-CVE-2015-3419 (vBulletin 5.x through 5.1.6 allows remote authenticated users to ...)
+CVE-2015-3419
 	NOT-FOR-US: vBulletin
 CVE-2015-3413
 	RESERVED
 	- hhvm 3.11.0+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/02a7a8f086c9181002fca0f0d9cef42963fdf46a
-CVE-2015-3412 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does ...)
+CVE-2015-3412
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -16807,7 +16807,7 @@ CVE-2015-3412 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 do
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=52b93f0cfd3cba7ff98cc5198df6ca4f23865f80
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257
 	NOTE: https://bugs.php.net/bug.php?id=69353
-CVE-2015-3411 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does ...)
+CVE-2015-3411
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -16815,14 +16815,14 @@ CVE-2015-3411 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 do
 	NOTE: https://bugs.php.net/bug.php?id=69353
 CVE-2015-3410
 	RESERVED
-CVE-2015-3427 (Quassel before 0.12.2 does not properly re-initialize the database ...)
+CVE-2015-3427
 	{DSA-3258-1}
 	- quassel 1:0.10.0-2.4 (bug #783926)
 	[wheezy] - quassel <not-affected> (incomplete fix for CVE-2013-4422 not applied)
 	[squeeze] - quassel <not-affected> (incomplete fix for CVE-2013-4422 not applied)
 	NOTE: https://github.com/quassel/quassel/commit/6605882f41331c80f7ac3a6992650a702ec71283
 	NOTE: http://quassel-irc.org/node/120
-CVE-2015-3420 (The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 ...)
+CVE-2015-3420
 	- dovecot 1:2.2.13-12 (bug #783649)
 	[jessie] - dovecot 1:2.2.13-12~deb8u1
 	[wheezy] - dovecot <not-affected> (Problematic patch introducing the issue not applied)
@@ -16835,7 +16835,7 @@ CVE-2015-3420 (The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when S
 	NOTE: returned error from dovecot, related to openssl bug:
 	NOTE: https://rt.openssl.org/Ticket/Display.html?id=3818&user=guest&pass=guest
 	NOTE: Possibly introduced due to http://web.archive.org/web/20150121182933/http://hg.dovecot.org:80/dovecot-2.2/rev/09d3c9c6f0ad
-CVE-2015-3440 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in ...)
+CVE-2015-3440
 	{DSA-3250-1 DLA-236-1}
 	- wordpress 4.2.1+dfsg-1 (bug #783554)
 	NOTE: http://klikki.fi/adv/wordpress2.html
@@ -16859,36 +16859,36 @@ CVE-2015-XXXX [files with invalid or unsafe names could be uploaded]
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/2
 	NOTE: To be decided: http://www.openwall.com/lists/oss-security/2015/04/28/7
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/10/11
-CVE-2015-3439 (Cross-site scripting (XSS) vulnerability in the Ephox (formerly ...)
+CVE-2015-3439
 	{DSA-3250-1 DLA-236-1}
 	- wordpress 4.2+dfsg-1 (bug #783347)
 	NOTE: http://codex.wordpress.org/Version_4.1.2
 	NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
-CVE-2015-3438 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress ...)
+CVE-2015-3438
 	{DSA-3250-1 DLA-236-1}
 	- wordpress 4.2+dfsg-1 (bug #783347)
 	NOTE: http://codex.wordpress.org/Version_4.1.2
 	NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
-CVE-2015-3451 (The _clone function in XML::LibXML before 2.0119 does not properly set ...)
+CVE-2015-3451
 	{DSA-3243-1 DLA-214-1}
 	- libxml-libxml-perl 2.0116+dfsg-2 (bug #783443)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/25/2
 	NOTE: https://bitbucket.org/shlomif/perl-xml-libxml/commits/5962fd067580767777e94640b129ae8930a68a30
 	NOTE: https://bitbucket.org/shlomif/perl-xml-libxml/commits/915f1dbaf21c5f3c21d7c519c70fd93859e47152
-CVE-2015-3418 (The ProcPutImage function in dix/dispatch.c in X.Org Server (aka ...)
+CVE-2015-3418
 	{DLA-120-2}
 	- xorg-server 2:1.16.4-1 (bug #774308)
 	[wheezy] - xorg-server 2:1.12.4-6+deb7u6
 	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=928520 (not public yet)
-CVE-2015-3417 (Use-after-free vulnerability in the ff_h264_free_tables function in ...)
+CVE-2015-3417
 	{DSA-3288-1}
 	- ffmpeg 7:2.6.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:11.4-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214
-CVE-2015-3404 (The Certify module before 6.x-2.3 for Drupal does not properly perform ...)
+CVE-2015-3404
 	NOT-FOR-US: Certify module for Drupal
 CVE-2015-3403
 	RESERVED
@@ -16900,11 +16900,11 @@ CVE-2015-3399
 	RESERVED
 CVE-2015-3398
 	RESERVED
-CVE-2015-3397 (Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 ...)
+CVE-2015-3397
 	- yii <itp> (bug #597899)
 CVE-2015-3396
 	RESERVED
-CVE-2015-3395 (The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and ...)
+CVE-2015-3395
 	{DSA-3288-1}
 	- ffmpeg 7:2.6.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -16915,150 +16915,150 @@ CVE-2015-3395 (The msrle_decode_pal4 function in msrledec.c in Libav before 10.7
 	NOTE: Patch in libav: https://git.libav.org/?p=libav.git;a=commit;h=5ecabd3c54b7c802522dc338838c9a4c2dc42948
 CVE-2015-3394
 	RESERVED
-CVE-2015-3393 (Open redirect vulnerability in the Commerce WeDeal module before ...)
+CVE-2015-3393
 	NOT-FOR-US: Drupal addon
-CVE-2015-3392 (Cross-site scripting (XSS) vulnerability in the Ajax Timeline module ...)
+CVE-2015-3392
 	NOT-FOR-US: Drupal addon
-CVE-2015-3391 (The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote ...)
+CVE-2015-3391
 	NOT-FOR-US: Drupal addon
-CVE-2015-3390 (Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher ...)
+CVE-2015-3390
 	NOT-FOR-US: Drupal addon
-CVE-2015-3389 (Cross-site scripting (XSS) vulnerability in the Download counts report ...)
+CVE-2015-3389
 	NOT-FOR-US: Drupal addon
-CVE-2015-3388 (Cross-site request forgery (CSRF) vulnerability in the Commerce ...)
+CVE-2015-3388
 	NOT-FOR-US: Drupal addon
-CVE-2015-3387 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy ...)
+CVE-2015-3387
 	NOT-FOR-US: Drupal addon
-CVE-2015-3386 (Cross-site scripting (XSS) vulnerability in the Node Access Product ...)
+CVE-2015-3386
 	NOT-FOR-US: Drupal addon
-CVE-2015-3385 (Cross-site scripting (XSS) vulnerability in the Taxonomy Path module ...)
+CVE-2015-3385
 	NOT-FOR-US: Drupal addon
-CVE-2015-3384 (Cross-site scripting (XSS) vulnerability in the Bank Account Listing ...)
+CVE-2015-3384
 	NOT-FOR-US: Drupal addon
-CVE-2015-3383 (Open redirect vulnerability in the Node basket module for Drupal ...)
+CVE-2015-3383
 	NOT-FOR-US: Drupal addon
-CVE-2015-3382 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Node ...)
+CVE-2015-3382
 	NOT-FOR-US: Drupal addon
-CVE-2015-3381 (Cross-site scripting (XSS) vulnerability in the Node basket module for ...)
+CVE-2015-3381
 	NOT-FOR-US: Drupal addon
-CVE-2015-3380 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3380
 	NOT-FOR-US: Drupal addon
-CVE-2015-3379 (The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x ...)
+CVE-2015-3379
 	NOT-FOR-US: Drupal Views module
-CVE-2015-3378 (Open redirect vulnerability in the Views module before 6.x-2.18, ...)
+CVE-2015-3378
 	NOT-FOR-US: Drupal Views module
 CVE-2015-3377
 	RESERVED
-CVE-2015-3376 (Cross-site scripting (XSS) vulnerability in the Quizzler module before ...)
+CVE-2015-3376
 	NOT-FOR-US: Quizzler module for Drupal
-CVE-2015-3375 (Cross-site request forgery (CSRF) vulnerability in the Shibboleth ...)
+CVE-2015-3375
 	NOT-FOR-US: Shibboleth Authentication module for Drupal
-CVE-2015-3374 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3374
 	NOT-FOR-US: Corner module fro Drupal
-CVE-2015-3373 (The Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and ...)
+CVE-2015-3373
 	NOT-FOR-US: Amazon AWS module for Drupal
-CVE-2015-3372 (Cross-site scripting (XSS) vulnerability in the Node Invite module ...)
+CVE-2015-3372
 	NOT-FOR-US: Node Invite module for Drupal
-CVE-2015-3371 (Open redirect vulnerability in the Node Invite module before 6.x-2.5 ...)
+CVE-2015-3371
 	NOT-FOR-US: Node Invite module for Drupal
-CVE-2015-3370 (Cross-site request forgery (CSRF) vulnerability in the Node Invite ...)
+CVE-2015-3370
 	NOT-FOR-US: Node Invite module for Drupal
-CVE-2015-3369 (Cross-site scripting (XSS) vulnerability in the Taxonews module before ...)
+CVE-2015-3369
 	NOT-FOR-US: Taxonews module for Drupal
-CVE-2015-3368 (Cross-site scripting (XSS) vulnerability in the administration user ...)
+CVE-2015-3368
 	NOT-FOR-US: Classified Ads module for Drupal
-CVE-2015-3367 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3367
 	NOT-FOR-US: Ptterns module for Drupal
-CVE-2015-3366 (Cross-site request forgery (CSRF) vulnerability in the Alfresco module ...)
+CVE-2015-3366
 	NOT-FOR-US: Alfresco module for Drupal
-CVE-2015-3365 (Cross-site scripting (XSS) vulnerability in the nodeauthor module for ...)
+CVE-2015-3365
 	NOT-FOR-US: nodeauthor module for Drupal
-CVE-2015-3364 (Cross-site scripting (XSS) vulnerability in the Content Analysis ...)
+CVE-2015-3364
 	NOT-FOR-US: Content Analysis module for Drupal
-CVE-2015-3363 (Cross-site request forgery (CSRF) vulnerability in the Contact Form ...)
+CVE-2015-3363
 	NOT-FOR-US: Contact Forms Fields module for Drupal
-CVE-2015-3362 (Cross-site scripting (XSS) vulnerability in the Video module before ...)
+CVE-2015-3362
 	NOT-FOR-US: Video module for Drupal
-CVE-2015-3361 (Cross-site scripting (XSS) vulnerability in the Linkit module before ...)
+CVE-2015-3361
 	NOT-FOR-US: Linkit module for Drupal
-CVE-2015-3360 (Cross-site scripting (XSS) vulnerability in the Term Merge module ...)
+CVE-2015-3360
 	NOT-FOR-US: Term Merge module for Drupal
-CVE-2015-3359 (Multiple cross-site scripting (XSS) vulnerabilities in the Room ...)
+CVE-2015-3359
 	NOT-FOR-US: Room Reservations module for Drupal
-CVE-2015-3358 (Multiple open redirect vulnerabilities in the Tadaa! module before ...)
+CVE-2015-3358
 	NOT-FOR-US: Tadaa! module for Drupal
-CVE-2015-3357 (Cross-site scripting (XSS) vulnerability in the Wishlist module before ...)
+CVE-2015-3357
 	NOT-FOR-US: Wishlist module for Drupal
-CVE-2015-3356 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3356
 	NOT-FOR-US: Tadaa! module for Drupal
-CVE-2015-3355 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3355
 	NOT-FOR-US: Batch Jobs module for Drupal
-CVE-2015-3354 (Cross-site request forgery (CSRF) vulnerability in the Wishlist module ...)
+CVE-2015-3354
 	NOT-FOR-US: Drupal module Wishlist
-CVE-2015-3353 (Cross-site scripting (XSS) vulnerability in the Field Display Label ...)
+CVE-2015-3353
 	NOT-FOR-US: Field Display Label module for Drupal
-CVE-2015-3352 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3352
 	NOT-FOR-US: Drupal module Jammer
-CVE-2015-3351 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Log ...)
+CVE-2015-3351
 	NOT-FOR-US: Log Watcher module for Drupal
-CVE-2015-3350 (Cross-site request forgery (CSRF) vulnerability in the Todo Filter ...)
+CVE-2015-3350
 	NOT-FOR-US: Drupal module Todo Filter
-CVE-2015-3349 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-3349
 	NOT-FOR-US: Htaccess module for Drupal
-CVE-2015-3348 (Cross-site scripting (XSS) vulnerability in the Cloudwords for ...)
+CVE-2015-3348
 	NOT-FOR-US: Cloudwords for Multilingual Drupal module for Drupal
-CVE-2015-3347 (Cross-site request forgery (CSRF) vulnerability in the Cloudwords for ...)
+CVE-2015-3347
 	NOT-FOR-US: Cloudwords for Multilingual Drupal module for Drupal
-CVE-2015-3346 (SQL injection vulnerability in the WikiWiki module before 6.x-1.2 for ...)
+CVE-2015-3346
 	NOT-FOR-US: WikiWiki module for Drupal
-CVE-2015-3345 (SQL injection vulnerability in the PHPlist Integration Module before ...)
+CVE-2015-3345
 	NOT-FOR-US: Drupal module PHPlist
-CVE-2015-3344 (Cross-site scripting (XSS) vulnerability in the Course module 6.x-1.x ...)
+CVE-2015-3344
 	NOT-FOR-US: Drupal module Course
-CVE-2015-3343 (Cross-site request forgery (CSRF) vulnerability in the OPAC module ...)
+CVE-2015-3343
 	NOT-FOR-US: OPAC module for Drupal
-CVE-2015-3342 (Open redirect vulnerability in the Ubercart Currency Conversion module ...)
+CVE-2015-3342
 	NOT-FOR-US: Ubercart Currency Conversion module for Drupal
 CVE-2015-3341
 	RESERVED
-CVE-2015-3400 (sharenfs 0.6.4, when built with commits bcdd594 and 7d08880 from the ...)
+CVE-2015-3400
 	- zfs-linux <not-affected> (Specific to packages on archive.zfsonlinux.org repositories)
 	NOTE: Issue with ZFS on Linux Debian packages specific as published in the archive.zfsonlinux.org repositories
 	NOTE: https://github.com/zfsonlinux/zfs/issues/3319
 CVE-2015-3338
 	RESERVED
-CVE-2015-3337 (Directory traversal vulnerability in Elasticsearch before 1.4.5 and ...)
+CVE-2015-3337
 	{DSA-3241-1}
 	- elasticsearch 1.0.3+dfsg-7
 	NOTE: https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released
-CVE-2015-3336 (Google Chrome before 42.0.2311.90 does not always ask the user before ...)
+CVE-2015-3336
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-3335 (The NaClSandbox::InitializeLayerTwoSandbox function in ...)
+CVE-2015-3335
 	- chromium-browser <not-affected> (native client support not built)
-CVE-2015-3334 (browser/ui/website_settings/website_settings.cc in Google Chrome ...)
+CVE-2015-3334
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-3333 (Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as ...)
+CVE-2015-3333
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-3340 (Xen 4.2.x through 4.5.x does not initialize certain fields, which ...)
+CVE-2015-3340
 	{DSA-3414-1}
 	- xen 4.6.0-1 (unimportant; bug #784011)
 	[wheezy] - xen 4.1.4-3+deb7u8
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-132.html
-CVE-2015-4605 (The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo ...)
+CVE-2015-4605
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1 (bug #783099)
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -17066,7 +17066,7 @@ CVE-2015-4605 (The mcopy function in softmagic.c in file 5.x, as used in the Fil
 	- file <not-affected> (Not reproducible with file, see #783108)
 	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=f938112c495b0d26572435c0be73ac0bfe642ecd
 	NOTE: https://bugs.php.net/bug.php?id=68819
-CVE-2015-4604 (The mget function in softmagic.c in file 5.x, as used in the Fileinfo ...)
+CVE-2015-4604
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1 (bug #783099)
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -17074,20 +17074,20 @@ CVE-2015-4604 (The mget function in softmagic.c in file 5.x, as used in the File
 	- file <not-affected> (Not reproducible with file, see #783108)
 	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=f938112c495b0d26572435c0be73ac0bfe642ecd
 	NOTE: https://bugs.php.net/bug.php?id=68819
-CVE-2015-3339 (Race condition in the prepare_binprm function in fs/exec.c in the ...)
+CVE-2015-3339
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-3
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/20/1
-CVE-2015-7942 (The xmlParseConditionalSections function in parser.c in libxml2 does ...)
+CVE-2015-7942
 	{DSA-3430-1 DLA-334-1}
 	- libxml2 2.9.3+dfsg1-1 (bug #802827)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980#c8
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756456#c0
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bd0526e66a56e75a18da8c15c4750db8f801c52d
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=41ac9049a27f52e7a1f3b341f8714149fc88d450
-CVE-2015-7941 (libxml2 2.9.2 does not properly stop parsing invalid input, which ...)
+CVE-2015-7941
 	{DSA-3430-1 DLA-266-1}
 	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #783010)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980
@@ -17095,7 +17095,7 @@ CVE-2015-7941 (libxml2 2.9.2 does not properly stop parsing invalid input, which
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/22/5
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (v2.9.3)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489 (v2.9.3)
-CVE-2015-8710 (The htmlParseComment function in HTMLparser.c in libxml2 allows ...)
+CVE-2015-8710
 	{DSA-3430-1 DLA-266-1}
 	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #782985)
 	NOTE: Added workaround item to reflect entry fixed status, remove once CVE assigned
@@ -17106,21 +17106,21 @@ CVE-2015-3328
 	RESERVED
 CVE-2015-3327
 	RESERVED
-CVE-2015-3326 (Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix ...)
+CVE-2015-3326
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2015-3325 (SQL injection vulnerability in forum.php in the WP Symposium plugin ...)
+CVE-2015-3325
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2015-3324 (The ThinkServer System Manager (TSM) Baseboard Management Controller ...)
+CVE-2015-3324
 	NOT-FOR-US: ThinkServer
-CVE-2015-3323 (The ThinkServer System Manager (TSM) Baseboard Management Controller ...)
+CVE-2015-3323
 	NOT-FOR-US: ThinkServer
-CVE-2015-3322 (Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers ...)
+CVE-2015-3322
 	NOT-FOR-US: ThinkServer
-CVE-2015-3321 (Services and files in Lenovo Fingerprint Manager before 8.01.42 have ...)
+CVE-2015-3321
 	NOT-FOR-US: Lenovo
-CVE-2015-3320 (Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 ...)
+CVE-2015-3320
 	NOT-FOR-US: Lenovo USB Enhanced Performance Keyboard software
-CVE-2015-3330 (The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP ...)
+CVE-2015-3330
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.7+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69218
@@ -17128,40 +17128,40 @@ CVE-2015-3330 (The php_handler function in sapi/apache2handler/sapi_apache2.c in
 	NOTE: Fixed by: http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/17/3
 	NOTE: For details on scope of the CVE assignment: http://www.openwall.com/lists/oss-security/2015/04/17/7
-CVE-2015-3319 (Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly ...)
+CVE-2015-3319
 	NOT-FOR-US: Hotspot Express hotEx Billing Manager
-CVE-2015-3318 (CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, ...)
+CVE-2015-3318
 	NOT-FOR-US: CA Common Services in ca.com products
-CVE-2015-3317 (CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, ...)
+CVE-2015-3317
 	NOT-FOR-US: CA Common Services in ca.com products
-CVE-2015-3316 (CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, ...)
+CVE-2015-3316
 	NOT-FOR-US: CA Common Services in ca.com products
-CVE-2015-3314 (SQL injection vulnerability in WordPress Tune Library plugin before ...)
+CVE-2015-3314
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-3313 (SQL injection vulnerability in WordPress Community Events plugin ...)
+CVE-2015-3313
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-3312
 	RESERVED
 CVE-2015-3311
 	RESERVED
-CVE-2015-3307 (The phar_parse_metadata function in ext/phar/phar.c in PHP before ...)
+CVE-2015-3307
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69443
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
-CVE-2015-3329 (Multiple stack-based buffer overflows in the phar_set_inode function ...)
+CVE-2015-3329
 	{DSA-3280-1 DLA-212-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c
 	NOTE: https://bugs.php.net/bug.php?id=69441
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/16/22
 	NOTE: Fixed in 5.6.8 and 5.4.40
-CVE-2015-3315 (Automatic Bug Reporting Tool (ABRT) allows local users to read, change ...)
+CVE-2015-3315
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2015-3309 [incomplete fix for CVE-2015-3297]
 	RESERVED
 	- etherpad-lite <itp> (bug #576998)
-CVE-2015-3308 (Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before ...)
+CVE-2015-3308
 	[experimental] - gnutls28 3.3.14-1
 	- gnutls28 3.3.8-7 (bug #782776)
 	[jessie] - gnutls28 3.3.8-6+deb8u1
@@ -17174,30 +17174,30 @@ CVE-2015-3304
 	RESERVED
 CVE-2015-3303
 	RESERVED
-CVE-2015-3302 (The TheCartPress eCommerce Shopping Cart (aka The Professional ...)
+CVE-2015-3302
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart
-CVE-2015-3301 (Directory traversal vulnerability in the TheCartPress eCommerce ...)
+CVE-2015-3301
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
-CVE-2015-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-3300
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
-CVE-2015-3299 (Cross-site scripting (XSS) vulnerability in the Floating Social Bar ...)
+CVE-2015-3299
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-3298
 	RESERVED
-CVE-2015-3296 (Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before ...)
+CVE-2015-3296
 	NOT-FOR-US: NodeBB
-CVE-2015-3295 (markdown-it before 4.1.0 does not block data: URLs. ...)
+CVE-2015-3295
 	- ruby-rails-assets-markdown-it 4.2.1-1
-CVE-2015-3294 (The tcp_request function in Dnsmasq before 2.73rc4 does not properly ...)
+CVE-2015-3294
 	{DSA-3251-1 DLA-225-1}
 	- dnsmasq 2.72-3.1 (bug #783459)
 	NOTE: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
-CVE-2015-3293 (FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain ...)
+CVE-2015-3293
 	NOT-FOR-US: FortiMail
-CVE-2015-3292 (The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 ...)
+CVE-2015-3292
 	NOT-FOR-US: NetApp OnCommand Workflow Automation
-CVE-2015-3291 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the ...)
+CVE-2015-3291
 	{DSA-3313-1}
 	- linux 4.0.8-2
 	[wheezy] - linux <not-affected> (Present since 3.3)
@@ -17205,7 +17205,7 @@ CVE-2015-3291 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a27507ca2d796cfa8d907de31ad730359c8a6d06 (prerequisite)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=810bc075f78ff2c221536eb3008eac6a492dba2d
 	NOTE: Introduced around 3.3-rc1: (https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f3c8b8c4b2a34776c3470142a7c8baafcda6eb0)
-CVE-2015-3290 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the ...)
+CVE-2015-3290
 	{DSA-3313-1}
 	- linux 4.0.8-2
 	[wheezy] - linux <not-affected> (Introduced in 3.13)
@@ -17213,89 +17213,89 @@ CVE-2015-3290 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d05041679904b12c12421cbcf9cb5f4860a8d7b (prerequisite)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e181bb58143cb4a2e8f01c281b0816cd0e4798e (prerequisite)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
-CVE-2015-3289 (OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated ...)
+CVE-2015-3289
 	- glance 2015.1.0-4 (bug #793896)
 	[jessie] - glance <not-affected> (Vulnerable code introduced later)
 	[wheezy] - glance <not-affected> (Vulnerable code introduced later)
-CVE-2015-3288 (mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous ...)
+CVE-2015-3288
 	- linux 4.2-1
 	[jessie] - linux 3.16.7-ckt17-1
 	[wheezy] - linux 3.2.71-1
 	NOTE: https://git.kernel.org/linus/6b7339f4c31ad69c8e9c0b2859276e22cf72176d (v4.2-rc2)
 CVE-2015-3287
 	REJECTED
-CVE-2015-3286 (Buffer overflow in the Solaris kernel extension in OpenAFS before ...)
+CVE-2015-3286
 	- openafs <not-affected> (The Solaris kernel extension in versions through 1.6.12)
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt
-CVE-2015-3285 (The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the ...)
+CVE-2015-3285
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt
-CVE-2015-3284 (pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read ...)
+CVE-2015-3284
 	{DSA-3320-1}
 	- openafs 1.6.13-1
 	[squeeze] - openafs <not-affected> (Only 1.6.0 trough 1.6.12)
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt
-CVE-2015-3283 (OpenAFS before 1.6.13 allows remote attackers to spoof bos commands ...)
+CVE-2015-3283
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-002.txt
-CVE-2015-3282 (vos in OpenAFS before 1.6.13, when updating VLDB entries, allows ...)
+CVE-2015-3282
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt
-CVE-2015-3281 (The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and ...)
+CVE-2015-3281
 	{DSA-3301-1}
 	- haproxy 1.5.14-1
 	[squeeze] - haproxy <not-affected> (Affects 1.5.x and 1.6-dev only)
 	NOTE: http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 (1.5.x)
-CVE-2015-3280 (OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before ...)
+CVE-2015-3280
 	- nova 1:12.0.0-2 (low; bug #798883)
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <not-affected> (Affected code introduced later)
 	NOTE: 2014.2 versions through 2014.2.3, and 2015.1 versions through 2015.1.1
-CVE-2015-3279 (Integer overflow in filter/texttopdf.c in texttopdf in cups-filters ...)
+CVE-2015-3279
 	{DSA-3303-1 DLA-314-1}
 	- cups-filters 1.0.71-1
 	- cups 1.5.0-16
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7365
-CVE-2015-3278 (The cipherstring parsing code in nss_compat_ossl while in ...)
+CVE-2015-3278
 	NOT-FOR-US: nss_compat_ossl (OpenSSL to NSS Porting Library)
-CVE-2015-3277 (The mod_nss module before 1.0.11 in Fedora allows remote attackers to ...)
+CVE-2015-3277
 	- libapache2-mod-nss <removed> (bug #795657)
 	[stretch] - libapache2-mod-nss <no-dsa> (Minor issue)
 	[jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	[wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	NOTE: Introduced by https://pagure.io/mod_nss/c/2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.10.11)
-CVE-2015-3276 (The nss_parse_ciphers function in libraries/libldap/tls_m.c in ...)
+CVE-2015-3276
 	- openldap <unfixed> (unimportant)
 	NOTE: Debian builds with GNUTLS, not NSS
-CVE-2015-3275 (Multiple cross-site scripting (XSS) vulnerabilities in the SCORM ...)
+CVE-2015-3275
 	- moodle 2.7.9+dfsg-1 (bug #792242)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50614
-CVE-2015-3274 (Cross-site scripting (XSS) vulnerability in the user_get_user_details ...)
+CVE-2015-3274
 	- moodle 2.7.9+dfsg-1 (bug #792242)
 	[squeeze] - moodle <not-affected> (Only similar function looks like the fixed version)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50130
-CVE-2015-3273 (mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the ...)
+CVE-2015-3273
 	- moodle <not-affected> (Affects only 2.9)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220
-CVE-2015-3272 (Open redirect vulnerability in the clean_param function in ...)
+CVE-2015-3272
 	- moodle 2.7.9+dfsg-1 (bug #792242)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688
-CVE-2015-3271 (Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow ...)
+CVE-2015-3271
 	- tika <not-affected> (The server isn't shipped in the Debian package)
 	NOTE: https://marc.info/?l=oss-security&m=143948566828051&w=2
-CVE-2015-3270 (Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote ...)
+CVE-2015-3270
 	NOT-FOR-US: Apache Ambari
-CVE-2015-3269 (Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe ...)
+CVE-2015-3269
 	NOT-FOR-US: Adobe
-CVE-2015-3268 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2015-3268
 	NOT-FOR-US: Apache OFBiz
-CVE-2015-3267 (Cross-site scripting (XSS) vulnerability in the 404 error page in Red ...)
+CVE-2015-3267
 	NOT-FOR-US: JBoss Operations Network
 CVE-2015-3266
 	RESERVED
@@ -17311,94 +17311,94 @@ CVE-2015-3261
 	RESERVED
 CVE-2015-3260
 	RESERVED
-CVE-2015-3259 (Stack-based buffer overflow in the xl command line utility in Xen ...)
+CVE-2015-3259
 	{DSA-3414-1}
 	- xen 4.6.0-1 (low; bug #795721)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <not-affected> (xl not shipped in Squeeze)
 	NOTE: http://xenbits.xen.org/xsa/advisory-137.html
-CVE-2015-3258 (Heap-based buffer overflow in the WriteProlog function in ...)
+CVE-2015-3258
 	{DSA-3303-1 DLA-314-1}
 	- cups-filters 1.0.70-1
 	- cups 1.5.0-16
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1235385
-CVE-2015-3257 (Zend/Diactoros/Uri::filterPath in zend-diactoros before 1.0.4 does not ...)
+CVE-2015-3257
 	NOT-FOR-US: zend-diactoros
 	NOTE: https://framework.zend.com/security/advisory/ZF2015-05
-CVE-2015-3256 (PolicyKit (aka polkit) before 0.113 allows local users to cause a ...)
+CVE-2015-3256
 	- policykit-1 <not-affected> (The Policykit versions which rely on Javascript/Spidermonkey haven't been uploaded to unstable)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=69501
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=910262#c75
-CVE-2015-3255 (The polkit_backend_action_pool_init function in ...)
+CVE-2015-3255
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-12 (bug #796134)
 	[jessie] - policykit-1 0.105-15~deb8u1
 	[wheezy] - policykit-1 <no-dsa> (Minor issue)
 	[squeeze] - policykit-1 <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=9f5e0c731784003bd4d6fc75ab739ff8b2ea269f
-CVE-2015-3254 (The client libraries in Apache Thrift before 0.9.3 might allow remote ...)
+CVE-2015-3254
 	- thrift-compiler <not-affected> (Vulnerable code not present)
 	NOTE: Affects src:thrift, which is only in experimental. The issue is fixed upstream in 0.9.3
 	NOTE: so any future upload of thrift to unstable can mark this item as <not-affected> (fixed
 	NOTE: before the initial upload to Debian unstable)
-CVE-2015-3253 (The MethodClosure class in runtime/MethodClosure.java in Apache Groovy ...)
+CVE-2015-3253
 	{DLA-274-1}
 	- groovy 2.4.6-1 (bug #793397)
 	[jessie] - groovy 1.8.6-4+deb8u1
 	[wheezy] - groovy 1.8.6-1+deb7u1
 	- groovy2 2.2.2+dfsg-5 (bug #793398)
 	[jessie] - groovy2 2.2.2+dfsg-3+deb8u1
-CVE-2015-3252 (Apache CloudStack before 4.5.2 does not properly preserve VNC ...)
+CVE-2015-3252
 	NOT-FOR-US: Apache CloudStack
-CVE-2015-3251 (Apache CloudStack before 4.5.2 might allow remote authenticated ...)
+CVE-2015-3251
 	NOT-FOR-US: Apache CloudStack
-CVE-2015-3250 (Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct ...)
+CVE-2015-3250
 	- apache-directory-api 1.0.0~M20-3 (bug #791957)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/5
-CVE-2015-3249 (The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before ...)
+CVE-2015-3249
 	- trafficserver 5.3.1-1
 	[wheezy] - trafficserver <not-affected> (HTTP2 support does not exist)
 	NOTE: http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g@mail.gmail.com%3E
-CVE-2015-3248 (openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable ...)
+CVE-2015-3248
 	- openhpi <not-affected> (Only affects RPM packaging, in Debian directory is not world-writable, bug #789543)
-CVE-2015-3247 (Race condition in the worker_update_monitors_config function in SPICE ...)
+CVE-2015-3247
 	{DSA-3354-1}
 	- spice 0.12.5-1.2 (bug #797976)
 	[wheezy] - spice <not-affected> (monitors_config support introduced in 0.11.3)
 	NOTE: Referenced Bug with Details from Red Hat is currently private
 	NOTE: Patch: https://git.centos.org/blob/rpms!spice.git/11e32f6dd156a3c4847da29d989837437e973ccc/SOURCES!0038-Avoid-race-conditions-reading-monitor-configs-from-g.patch
-CVE-2015-3246 (libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the ...)
+CVE-2015-3246
 	{DLA-468-1}
 	- libuser 1:0.62~dfsg-0.1 (bug #793465)
 	[jessie] - libuser <no-dsa> (Minor issue)
-CVE-2015-3245 (Incomplete blacklist vulnerability in the chfn function in libuser ...)
+CVE-2015-3245
 	{DLA-468-1}
 	- libuser 1:0.62~dfsg-0.1 (bug #793465)
 	[jessie] - libuser <no-dsa> (Minor issue)
 	NOTE: initially attributed to usermode package, root-cause fixed in libuser instead
-CVE-2015-3244 (The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, ...)
+CVE-2015-3244
 	NOT-FOR-US: PortletBridge component of Red Hat JBoss Portal
-CVE-2015-3243 (rsyslog uses weak permissions for generating log files, which allows ...)
+CVE-2015-3243
 	- rsyslog <unfixed> (unimportant)
 	NOTE: The default for syslog is $FileCreateMode 0644 but the rsyslog.conf
 	NOTE: provided by the Debian package sets $FileCreateMode 0640
 CVE-2015-3242
 	REJECTED
-CVE-2015-3241 (OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and ...)
+CVE-2015-3241
 	- nova 1:12.0.0-2 (bug #796109)
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1387543
 	NOTE: Affects: versions through 2014.1.4, and 2014.2 versions through 2014.2.3, and version 2015.1.0
 	NOTE: https://git.openstack.org/cgit/openstack/nova/commit/?id=7ab75d5b0b75fc3426323bef19bf436a258b9707
-CVE-2015-3240 (The pluto IKE daemon in libreswan before 3.15 and Openswan before ...)
+CVE-2015-3240
 	- openswan <removed>
 	[squeeze] - openswan <end-of-life> (Not supported in Squeeze LTS)
 	[wheezy] - openswan <end-of-life> (Not supported in Wheezy LTS)
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2015-3240/
-CVE-2015-3239 (Off-by-one error in the dwarf_to_unw_regnum function in ...)
+CVE-2015-3239
 	{DLA-271-1}
 	- libunwind 1.1-4 (low; bug #790830)
 	[jessie] - libunwind <no-dsa> (Minor issue)
@@ -17406,62 +17406,62 @@ CVE-2015-3239 (Off-by-one error in the dwarf_to_unw_regnum function in ...)
 	- android-platform-external-libunwind 7.0.0+r1-4 (bug #849346)
 	NOTE: http://savannah.nongnu.org/bugs/?45276 (private bug)
 	NOTE: http://git.savannah.gnu.org/cgit/libunwind.git/commit/?id=396b6c7ab737e2bff244d640601c436a26260ca1
-CVE-2015-3238 (The _unix_run_helper_binary function in the pam_unix module in ...)
+CVE-2015-3238
 	- pam 1.1.8-3.2 (bug #789986)
 	[jessie] - pam 1.1.8-3.1+deb8u1
 	[wheezy] - pam <no-dsa> (Minor issue e.g. in combination with enabled SELinux)
 	[squeeze] - pam <no-dsa> (Minor issue e.g. in combination with enabled SELinux)
 	NOTE: https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=e89d4c97385ff8180e6e81e84c5aa745daf28a79
 	NOTE: https://www.redhat.com/archives/pam-list/2015-June/msg00001.html
-CVE-2015-3237 (The smb_request_state function in cURL and libcurl 7.40.0 through ...)
+CVE-2015-3237
 	- curl 7.43.0-1
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
 	[squeeze] - curl <not-affected> (Vulnerable code not present)
 	NOTE: http://curl.haxx.se/docs/adv_20150617B.html
-CVE-2015-3236 (cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic ...)
+CVE-2015-3236
 	- curl 7.43.0-1
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
 	[squeeze] - curl <not-affected> (Vulnerable code not present)
 	NOTE: http://curl.haxx.se/docs/adv_20150617A.html
-CVE-2015-3235 (Foreman before 1.9.0 allows remote authenticated users with the ...)
+CVE-2015-3235
 	- foreman <itp> (bug #663101)
-CVE-2015-3234 (The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows ...)
+CVE-2015-3234
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3233 (Open redirect vulnerability in the Overlay module in Drupal 7.x before ...)
+CVE-2015-3233
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3232 (Open redirect vulnerability in the Field UI module in Drupal 7.x ...)
+CVE-2015-3232
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3231 (The Render cache system in Drupal 7.x before 7.38, when used to cache ...)
+CVE-2015-3231
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3230 (389 Directory Server (formerly Fedora Directory Server) before ...)
+CVE-2015-3230
 	- 389-ds-base 1.3.3.12-1 (bug #789202)
 	[jessie] - 389-ds-base <not-affected> (Vulnerable code not present, fix for 47838 not applied in Jessie)
 	NOTE: https://fedorahosted.org/389/ticket/48194
 	NOTE: Regression if https://fedorahosted.org/389/ticket/47838 applied
-CVE-2015-3229 (fedora-cloud-atomic.ks in spin-kickstarts allows remote attackers to ...)
+CVE-2015-3229
 	NOT-FOR-US: Fedora Atomic
-CVE-2015-3228 (Integer overflow in the gs_heap_alloc_bytes function in ...)
+CVE-2015-3228
 	{DSA-3326-1 DLA-280-1}
 	- ghostscript 9.15~dfsg-1 (bug #793489)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=696070
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0c0b0859
 	NOTE: File to reproduce segfault with ps2pdf: http://bugs.ghostscript.com/attachment.cgi?id=11776
-CVE-2015-3227 (The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby ...)
+CVE-2015-3227
 	{DSA-3464-1 DLA-603-1}
 	- rails 2:4.2.4-2 (bug #790487)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
@@ -17469,7 +17469,7 @@ CVE-2015-3227 (The (1) jdom.rb and (2) rexml.rb components in Active Support in
 	- ruby-activesupport-3.2 <removed>
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life> (https://lists.debian.org/debian-security-announce/2014/msg00164.html)
-CVE-2015-3226 (Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active ...)
+CVE-2015-3226
 	{DSA-3464-1}
 	- rails 2:4.2.4-2 (bug #790486)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
@@ -17478,15 +17478,15 @@ CVE-2015-3226 (Cross-site scripting (XSS) vulnerability in json/encoding.rb in A
 	[wheezy] - ruby-activesupport-3.2 <not-affected> (Vulnerable code not present)
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life> (https://lists.debian.org/debian-security-announce/2014/msg00164.html)
-CVE-2015-3225 (lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used ...)
+CVE-2015-3225
 	{DSA-3322-1 DLA-254-1}
 	- ruby-rack 1.5.2-4 (bug #789311)
 	- ruby-rack1.4 <removed>
 	- librack-ruby <removed>
 	NOTE: http://seclists.org/oss-sec/2015/q2/729 has patches for 1.5 and 1.6
-CVE-2015-3224 (request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x ...)
+CVE-2015-3224
 	NOT-FOR-US: Web Console Ruby Gem
-CVE-2015-3223 (The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, ...)
+CVE-2015-3223
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
@@ -17499,21 +17499,21 @@ CVE-2015-3223 (The ldb_wildcard_compare function in ldb_match.c in ldb before 1.
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=fb456954f332c07a645226d59b3b00ec252f8b26 (v4-1-stable)
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=bb1b783ee9d7259cfc6a1fe882f22189747f8684 (v4-1-stable)
 	NOTE: Samba update needs as well fixed ldb
-CVE-2015-3222 (syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows ...)
+CVE-2015-3222
 	- ossec-hids <itp> (bug #361954)
-CVE-2015-3221 (OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 ...)
+CVE-2015-3221
 	- neutron 2015.1.0+2015.06.24.git61.bdf194a0e1-1 (bug #789713)
 	[jessie] - neutron <not-affected> (ipset code introduced in Juno)
 	NOTE: https://bugs.launchpad.net/neutron/+bug/1461054/comments/18
 	NOTE: 2014.2 versions through 2014.2.3 and 2015.1.0 version
-CVE-2015-3220 (The tlslite library before 0.4.9 for Python allows remote attackers to ...)
+CVE-2015-3220
 	- tlslite <removed>
-CVE-2015-3219 (Cross-site scripting (XSS) vulnerability in the Orchestration/Stack ...)
+CVE-2015-3219
 	{DSA-3617-1}
 	- horizon 2015.1.0+2015.06.09.git15.e63af6c598-1 (bug #788306)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: 2014.2 versions through 2014.2.3 and version 2015.1.0
-CVE-2015-3218 (The authentication_agent_new function in ...)
+CVE-2015-3218
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-11 (bug #787932)
 	[jessie] - policykit-1 0.105-15~deb8u1
@@ -17522,7 +17522,7 @@ CVE-2015-3218 (The authentication_agent_new function in ...)
 	NOTE: http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html
 	NOTE: Patch: http://cgit.freedesktop.org/polkit/commit/?id=48e646918efb2bf0b3b505747655726d7869f31c
 	NOTE: Introduced by: http://cgit.freedesktop.org/polkit/commit/?id=6eeb077bc90c9c7783360a526b2f04645b1b0848
-CVE-2015-3217 (PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty ...)
+CVE-2015-3217
 	- pcre3 2:8.38-1 (bug #787641)
 	[jessie] - pcre3 <no-dsa> (Minor issue)
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -17530,12 +17530,12 @@ CVE-2015-3217 (PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group e
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1638
 	NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1566
 	NOTE: More information: https://bugzilla.redhat.com/show_bug.cgi?id=1228283#c2
-CVE-2015-3216 (Race condition in a certain Red Hat patch to the PRNG lock ...)
+CVE-2015-3216
 	- openssl <not-affected> (Affects Red Hat specific patch)
 	NOTE: More information in https://bugzilla.redhat.com/show_bug.cgi?id=1225994
-CVE-2015-3215 (The NetKVM Windows Virtio driver allows remote attackers to cause a ...)
+CVE-2015-3215
 	NOT-FOR-US: virtio Windows drivers
-CVE-2015-3214 (The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and ...)
+CVE-2015-3214
 	{DSA-3348-1}
 	- qemu 1:2.4+dfsg-1a (bug #795461)
 	[wheezy] - qemu <not-affected> (Introduced in 1.3.0)
@@ -17550,22 +17550,22 @@ CVE-2015-3214 (The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee73f656a604d5aa9df86a97102e4e462dd79924 (v2.6.33-rc8)
-CVE-2015-3213 (The gesture handling code in Clutter before 1.16.2 allows physically ...)
+CVE-2015-3213
 	- clutter-1.0 1.18.0-1
 	[wheezy] - clutter-1.0 <not-affected> (Vulnerable code introduced later)
 	[squeeze] - clutter-1.0 <not-affected> (Vulnerable code was introduced past 1.12.0)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=749847
 	NOTE: Introduced by: https://git.gnome.org/browse/clutter/commit/?id=abcf1d589f29ba7914d5648bb9814ad26c13cd83 (1.13.2)
 	NOTE: Fixed by: https://git.gnome.org/browse/clutter/commit/?id=97724939c8de004d7fa230f3ff64862d957f93a9 (1.17.2)
-CVE-2015-3212 (Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 ...)
+CVE-2015-3212
 	{DSA-3329-1}
 	- linux 4.0.8-1
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://marc.info/?l=linux-netdev&m=143277436124732&w=2
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9f7d653b67aed2d92540fbb0a8adaf32fcf352ae (v3.1-rc1)
-CVE-2015-3211 (php-fpm allows local users to write to or create arbitrary files via a ...)
+CVE-2015-3211
 	- php5 <not-affected> (Red Hat specific problem in the rpm package)
-CVE-2015-3210 (Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 ...)
+CVE-2015-3210
 	- pcre3 2:8.35-7.2 (bug #787433)
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -17574,7 +17574,7 @@ CVE-2015-3210 (Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1558
 	NOTE: Affected code refactored in: http://vcs.pcre.org/pcre?view=revision&revision=1359 (8.34)
 	NOTE: Issue then introduced by: http://vcs.pcre.org/pcre?view=revision&revision=1361
-CVE-2015-3209 (Heap-based buffer overflow in the PCNET controller in QEMU allows ...)
+CVE-2015-3209
 	{DSA-3286-1 DSA-3285-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-6 (bug #788460)
 	[wheezy] - qemu 1.1.2+dfsg-6a+deb7u8
@@ -17586,11 +17586,11 @@ CVE-2015-3209 (Heap-based buffer overflow in the PCNET controller in QEMU allows
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-135.html
-CVE-2015-3208 (XML external entity (XXE) vulnerability in the XPath selector ...)
+CVE-2015-3208
 	NOT-FOR-US: HornetQ
 CVE-2015-3207
 	RESERVED
-CVE-2015-3206 (The checkPassword function in python-kerberos does not authenticate ...)
+CVE-2015-3206
 	{DLA-265-2 DLA-265-1}
 	- pykerberos 1.1.5-1 (bug #796195)
 	[jessie] - pykerberos 1.1.5-0.1+deb8u1
@@ -17599,28 +17599,28 @@ CVE-2015-3206 (The checkPassword function in python-kerberos does not authentica
 	NOTE: former.
 	NOTE: KDC verification support in pykerberos added in https://github.com/02strich/pykerberos/commit/02d13860b25fab58e739f0e000bed0067b7c6f9c
 	NOTE: Using the above code as is might break existing installations since a keytab is required to call krb5_verify_init_creds
-CVE-2015-3205 (libmimedir allows remote attackers to execute arbitrary code via a VCF ...)
+CVE-2015-3205
 	- libmimedir <removed> (bug #789197)
 	[jessie] - libmimedir <no-dsa> (Minor issue)
 	[wheezy] - libmimedir <no-dsa> (Minor issue)
 	[squeeze] - libmimedir <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1222251
-CVE-2015-3204 (libreswan 3.9 through 3.12 allows remote attackers to cause a denial ...)
+CVE-2015-3204
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt
 	NOTE: https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204-libreswan.patch
-CVE-2015-3203 (Unrestricted file upload vulnerability in h5ai before 0.25.0 allows ...)
+CVE-2015-3203
 	NOT-FOR-US: h5ai
-CVE-2015-3202 (fusermount in FUSE before 2.9.3-15 does not properly clear the ...)
+CVE-2015-3202
 	{DSA-3268-2 DSA-3268-1 DSA-3266-1 DLA-238-1 DLA-226-2 DLA-226-1}
 	- fuse 2.9.3-16 (bug #786439)
 	NOTE: Upstream fix: http://web.archive.org/web/20150529051222/http://sourceforge.net:80/p/fuse/fuse/ci/fe2d96
 	- ntfs-3g 1:2014.2.15AR.3-3 (bug #786475)
 	NOTE: ntfs-3g source wise affected but wheezy version uses --with-fuse=external
 	NOTE: ntfs-3g is built with internal copy since 1:2013.1.13AR.3-2
-CVE-2015-3201 (Thermostat before 2.0.0 uses world-readable permissions for the ...)
+CVE-2015-3201
 	NOT-FOR-US: thermostat
-CVE-2015-3200 (mod_auth in lighttpd before 1.4.36 allows remote attackers to inject ...)
+CVE-2015-3200
 	- lighttpd 1.4.37-1 (low; bug #787132)
 	[jessie] - lighttpd <no-dsa> (Minor issue)
 	[wheezy] - lighttpd <no-dsa> (Minor issue)
@@ -17629,53 +17629,53 @@ CVE-2015-3200 (mod_auth in lighttpd before 1.4.36 allows remote attackers to inj
 	NOTE: http://redmine.lighttpd.net/issues/2646
 CVE-2015-3199
 	REJECTED
-CVE-2015-3198 (The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before ...)
+CVE-2015-3198
 	NOT-FOR-US: Undertow module of WildFly / JBOSS
-CVE-2015-3197 (ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f ...)
+CVE-2015-3197
 	{DLA-421-1}
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
 	NOTE: No MITM: https://bugzilla.redhat.com/show_bug.cgi?id=1301846#c3
-CVE-2015-3196 (ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ...)
+CVE-2015-3196
 	{DSA-3413-1}
 	- openssl 1.0.2d-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.0 to 1.0.2)
-CVE-2015-3195 (The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in ...)
+CVE-2015-3195
 	{DSA-3413-1 DLA-358-1}
 	- openssl 1.0.2e-1
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-3194 (crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before ...)
+CVE-2015-3194
 	{DSA-3413-1}
 	- openssl 1.0.2e-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.1 and 1.0.2)
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-3193 (The Montgomery squaring implementation in ...)
+CVE-2015-3193
 	- openssl 1.0.2e-1
 	[jessie] - openssl <not-affected> (Only affects 1.0.2)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2)
 	[squeeze] - openssl <not-affected> (Only affects 1.0.2)
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-3192 (Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not ...)
+CVE-2015-3192
 	- libspring-java 4.1.9-1 (low; bug #796137)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2015-3192
 	NOTE: https://jira.spring.io/browse/SPR-13136
-CVE-2015-3191 (With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA ...)
+CVE-2015-3191
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-3190 (With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA ...)
+CVE-2015-3190
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-3189 (With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA ...)
+CVE-2015-3189
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-3188 (The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote ...)
+CVE-2015-3188
 	NOT-FOR-US: Apache Storm
-CVE-2015-3187 (The svn_repos_trace_node_locations function in Apache Subversion ...)
+CVE-2015-3187
 	{DSA-3331-1 DLA-293-1}
 	- subversion 1.9.0-1
 	NOTE: https://subversion.apache.org/security/CVE-2015-3187-advisory.txt
-CVE-2015-3186 (Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 ...)
+CVE-2015-3186
 	NOT-FOR-US: Apache Ambari
-CVE-2015-3185 (The ap_some_auth_required function in server/request.c in the Apache ...)
+CVE-2015-3185
 	{DSA-3325-1}
 	- apache2 2.4.16-1
 	[wheezy] - apache2 <not-affected> (Bug introduced during 2.4 development)
@@ -17684,14 +17684,14 @@ CVE-2015-3185 (The ap_some_auth_required function in server/request.c in the Apa
 	NOTE: http://web.archive.org/web/20150918024815/http://www.apache.org:80/dist/httpd/CHANGES_2.4.16
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684525
 	NOTE: Behavior changed in 2.4.x refactoring, API no longer usable in 2.4.x
-CVE-2015-3184 (mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x ...)
+CVE-2015-3184
 	{DSA-3331-1}
 	- subversion 1.9.0-1
 	[wheezy] - subversion <not-affected> (1.6 does not build with apache 2.4)
 	[squeeze] - subversion <not-affected> (1.6 does not build with apache 2.4)
 	NOTE: https://subversion.apache.org/security/CVE-2015-3184-advisory.txt
 	NOTE: subversion needs to be built with a fixed apache version
-CVE-2015-3183 (The chunked transfer coding implementation in the Apache HTTP Server ...)
+CVE-2015-3183
 	{DSA-3325-1 DLA-284-1}
 	- apache2 2.4.16-1
 	NOTE: https://www.apache.org/dist/httpd/Announcement2.4.txt
@@ -17699,47 +17699,47 @@ CVE-2015-3183 (The chunked transfer coding implementation in the Apache HTTP Ser
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684515
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687338 (2.2.x)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687339 (2.2.x)
-CVE-2015-3182 (epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in ...)
+CVE-2015-3182
 	- wireshark 1.12.0~rc1-1
 	[jessie] - wireshark <not-affected> (Only affected 1.10.x)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-01.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1219409
-CVE-2015-3181 (files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, ...)
+CVE-2015-3181
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3180 (lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, ...)
+CVE-2015-3180
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3179 (login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x ...)
+CVE-2015-3179
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3178 (Cross-site scripting (XSS) vulnerability in the external_format_text ...)
+CVE-2015-3178
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3177 (Moodle 2.8.x before 2.8.6 does not consider the tool/monitor:subscribe ...)
+CVE-2015-3177
 	- moodle <not-affected> (Only affects versions 2.8 to 2.8.5)
-CVE-2015-3176 (The account-confirmation feature in login/confirm.php in Moodle ...)
+CVE-2015-3176
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3175 (Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x ...)
+CVE-2015-3175
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3174 (mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, ...)
+CVE-2015-3174
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
 CVE-2015-3173
 	RESERVED
 CVE-2015-3172
 	RESERVED
-CVE-2015-3171 (sosreport 3.2 uses weak permissions for generated sosreport archives, ...)
+CVE-2015-3171
 	- sosreport 3.2-2 (bug #769521)
 	NOTE: https://github.com/sosreport/sos/commit/d7759d3ddae5fe99a340c88a1d370d65cfa73fd6
 	NOTE: https://github.com/sosreport/sos/issues/425
-CVE-2015-3170 (selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows ...)
+CVE-2015-3170
 	NOT-FOR-US: Red Hat specific issue with selinux-policy rpm package
-CVE-2015-3169 (Cross-site scripting (XSS) vulnerability in askbot ...)
+CVE-2015-3169
 	- askbot <itp> (bug #687966)
 CVE-2015-3168
 	REJECTED
@@ -17758,14 +17758,14 @@ CVE-2015-3166
 	- postgresql-9.1 <removed>
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream)
-CVE-2015-3165 (Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before ...)
+CVE-2015-3165
 	{DSA-3270-1 DSA-3269-1 DLA-227-1}
 	- postgresql-9.4 9.4.2-1
 	- postgresql-9.1 <removed>
 	NOTE: Since 9.1.1-2 src:postgresql-9.1 builds only postgresql-plperl-9.1, source-wise fixed
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream)
-CVE-2015-3164 (The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 ...)
+CVE-2015-3164
 	- xorg-server 2:1.17.2-1 (bug #788410)
 	[jessie] - xorg-server 2:1.16.4-1+deb8u2
 	[wheezy] - xorg-server <not-affected> (XWayland not present)
@@ -17774,27 +17774,27 @@ CVE-2015-3164 (The authentication setup in XWayland 1.16.x and 1.17.x before 1.1
 	NOTE: Patch 1/3: http://cgit.freedesktop.org/xorg/xserver/commit/?id=c4534a38b68aa07fb82318040dc8154fb48a9588
 	NOTE: Patch 2/3: http://cgit.freedesktop.org/xorg/xserver/commit/?id=4b4b9086d02b80549981d205fb1f495edc373538
 	NOTE: Patch 3/3: http://cgit.freedesktop.org/xorg/xserver/commit/?id=76636ac12f2d1dbdf7be08222f80e7505d53c451
-CVE-2015-3163 (The admin pages for power types and key types in Beaker before 20.1 do ...)
+CVE-2015-3163
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
-CVE-2015-3162 (Cross-site scripting (XSS) vulnerability in the edit comment dialog in ...)
+CVE-2015-3162
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
-CVE-2015-3161 (The search bar code in bkr/server/widgets.py in Beaker before 20.1 ...)
+CVE-2015-3161
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
-CVE-2015-3160 (XML external entity (XXE) vulnerability in bkr/server/jobs.py in ...)
+CVE-2015-3160
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
 CVE-2015-3159
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3158 (The invokeNextValve function in ...)
+CVE-2015-3158
 	NOT-FOR-US: PicketLink
 CVE-2015-3157
 	REJECTED
-CVE-2015-3156 (The _write_config function in ...)
+CVE-2015-3156
 	- openstack-trove <unfixed> (unimportant; bug #787654)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1216073#c1
 	NOTE: partially fixed already in 2015.1~rc2-1, cf. #787654
 	NOTE: will be completed during kilo release
-CVE-2015-3155 (Foreman before 1.8.1 does not set the secure flag for the _session_id ...)
+CVE-2015-3155
 	- foreman <itp> (bug #663101)
 CVE-2015-3154 [Potential CRLF injection attacks in mail and HTTP headers]
 	RESERVED
@@ -17802,13 +17802,13 @@ CVE-2015-3154 [Potential CRLF injection attacks in mail and HTTP headers]
 	- zendframework 1.12.12+dfsg-1
 	[jessie] - zendframework 1.12.9+dfsg-2+deb8u1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-04
-CVE-2015-3153 (The default configuration for cURL and libcurl before 7.42.1 sends ...)
+CVE-2015-3153
 	{DSA-3240-1}
 	- curl 7.42.1-1
 	[wheezy] - curl <no-dsa> (Too intrusive to backport)
 	[squeeze] - curl <no-dsa> (Too intrusive to backport)
 	NOTE: http://curl.haxx.se/docs/adv_20150429.html
-CVE-2015-3152 (Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka ...)
+CVE-2015-3152
 	{DSA-3311-1}
 	- mariadb-10.0 10.0.20-1
 	- percona-xtradb-cluster-5.5 <removed>
@@ -17823,256 +17823,256 @@ CVE-2015-3151 [abrt: directory traversals in several D-Bus methods implemented b
 CVE-2015-3150 [abrt: abrt-dbus does not guard against crafted problem directory path arguments]
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3149 (The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise ...)
+CVE-2015-3149
 	- openjdk-8 <not-affected> (defective patch not applied)
-CVE-2015-3148 (cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use ...)
+CVE-2015-3148
 	{DSA-3232-1 DLA-211-1}
 	- curl 7.42.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20150422B.html
 CVE-2015-3147
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3146 (The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in ...)
+CVE-2015-3146
 	- libssh 0.6.3-4.2 (bug #784404)
 	[jessie] - libssh 0.6.3-4+deb8u1
 	[wheezy] - libssh 0.5.4-1+deb7u3
 	[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
 	NOTE: https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
-CVE-2015-3145 (The sanitize_cookie_path function in cURL and libcurl 7.31.0 through ...)
+CVE-2015-3145
 	- curl 7.42.0-1
 	[jessie] - curl 7.38.0-4+deb8u1
 	[wheezy] - curl <not-affected> (Affects 7.31.0 to and including 7.41.0)
 	[squeeze] - curl <not-affected> (Affects 7.31.0 to and including 7.41.0)
 	NOTE: http://curl.haxx.se/docs/adv_20150422C.html
-CVE-2015-3144 (The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 ...)
+CVE-2015-3144
 	- curl 7.42.0-1
 	[jessie] - curl 7.38.0-4+deb8u1
 	[wheezy] - curl <not-affected> (Affects 7.37.0 to and including 7.41.0)
 	[squeeze] - curl <not-affected> (Affects 7.37.0 to and including 7.41.0)
 	NOTE: http://curl.haxx.se/docs/adv_20150422D.html
-CVE-2015-3143 (cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM ...)
+CVE-2015-3143
 	{DSA-3232-1 DLA-211-1}
 	- curl 7.42.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20150422A.html
-CVE-2015-3142 (The kernel-invoked coredump processor in Automatic Bug Reporting Tool ...)
+CVE-2015-3142
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3141 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-3141
 	NOT-FOR-US: Synametrics Technologies Xeams
 CVE-2015-3140
 	RESERVED
 CVE-2015-3139
 	RESERVED
-CVE-2015-3138 (print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a ...)
+CVE-2015-3138
 	- tcpdump <not-affected> (Introduced in 4.7)
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/446
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/3ed82f4ed0095768529afc22b923c8f7171fff70
 	NOTE: Introduced by: https://github.com/the-tcpdump-group/tcpdump/commit/3a3ec26085461998074b827b112d38e8f3246a86
-CVE-2015-3137 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3137
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3136 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3136
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3135 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and ...)
+CVE-2015-3135
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3134 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3134
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3133 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3133
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3132 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3132
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3131 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3131
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3130 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3130
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3129 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3129
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3128 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3128
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3127 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3127
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3126 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3126
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3125 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3125
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3124 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3124
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3123 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3123
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3122 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3122
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3121 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3121
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3120 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3120
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3119 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3119
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3118 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 ...)
+CVE-2015-3118
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3117 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3117
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3116 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3116
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3115 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3115
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3114 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before ...)
+CVE-2015-3114
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3113 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and ...)
+CVE-2015-3113
 	NOT-FOR-US: Adobe Flash Player
 	NOTE: https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
-CVE-2015-3112 (Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC ...)
+CVE-2015-3112
 	NOT-FOR-US: Adobe
-CVE-2015-3111 (Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka ...)
+CVE-2015-3111
 	NOT-FOR-US: Adobe
-CVE-2015-3110 (Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and ...)
+CVE-2015-3110
 	NOT-FOR-US: Adobe
-CVE-2015-3109 (Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to ...)
+CVE-2015-3109
 	NOT-FOR-US: Adobe
-CVE-2015-3108 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
+CVE-2015-3108
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3107 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 ...)
+CVE-2015-3107
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3106 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 ...)
+CVE-2015-3106
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3105 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
+CVE-2015-3105
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3104 (Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x ...)
+CVE-2015-3104
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3103 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 ...)
+CVE-2015-3103
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3102 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
+CVE-2015-3102
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3101 (The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x ...)
+CVE-2015-3101
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3100 (Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 ...)
+CVE-2015-3100
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3099 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
+CVE-2015-3099
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3098 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
+CVE-2015-3098
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3097 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
+CVE-2015-3097
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3096 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
+CVE-2015-3096
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3095 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...)
+CVE-2015-3095
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-3094
 	REJECTED
-CVE-2015-3093 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3093
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3092 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3092
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3091 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3091
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3090 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3090
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3089 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3089
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3088 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and ...)
+CVE-2015-3088
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3087 (Integer overflow in Adobe Flash Player before 13.0.0.289 and 14.x ...)
+CVE-2015-3087
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3086 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3086
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3085 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3085
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3084 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3084
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3083 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3083
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3082 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3082
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3081 (Race condition in Adobe Flash Player before 13.0.0.289 and 14.x ...)
+CVE-2015-3081
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3080 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.289 ...)
+CVE-2015-3080
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3079 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3079
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3078 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3078
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3077 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before ...)
+CVE-2015-3077
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3076 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3076
 	NOT-FOR-US: Adobe
-CVE-2015-3075 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-3075
 	NOT-FOR-US: Adobe
-CVE-2015-3074 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3074
 	NOT-FOR-US: Adobe
-CVE-2015-3073 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3073
 	NOT-FOR-US: Adobe
-CVE-2015-3072 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3072
 	NOT-FOR-US: Adobe
-CVE-2015-3071 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3071
 	NOT-FOR-US: Adobe
-CVE-2015-3070 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3070
 	NOT-FOR-US: Adobe
-CVE-2015-3069 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3069
 	NOT-FOR-US: Adobe
-CVE-2015-3068 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3068
 	NOT-FOR-US: Adobe
-CVE-2015-3067 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3067
 	NOT-FOR-US: Adobe
-CVE-2015-3066 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3066
 	NOT-FOR-US: Adobe
-CVE-2015-3065 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3065
 	NOT-FOR-US: Adobe
-CVE-2015-3064 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3064
 	NOT-FOR-US: Adobe
-CVE-2015-3063 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3063
 	NOT-FOR-US: Adobe
-CVE-2015-3062 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3062
 	NOT-FOR-US: Adobe
-CVE-2015-3061 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3061
 	NOT-FOR-US: Adobe
-CVE-2015-3060 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3060
 	NOT-FOR-US: Adobe
-CVE-2015-3059 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-3059
 	NOT-FOR-US: Adobe
-CVE-2015-3058 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3058
 	NOT-FOR-US: Adobe
-CVE-2015-3057 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3057
 	NOT-FOR-US: Adobe
-CVE-2015-3056 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3056
 	NOT-FOR-US: Adobe
-CVE-2015-3055 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-3055
 	NOT-FOR-US: Adobe
-CVE-2015-3054 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-3054
 	NOT-FOR-US: Adobe
-CVE-2015-3053 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+CVE-2015-3053
 	NOT-FOR-US: Adobe
-CVE-2015-3052 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3052
 	NOT-FOR-US: Adobe
-CVE-2015-3051 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3051
 	NOT-FOR-US: Adobe
-CVE-2015-3050 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3050
 	NOT-FOR-US: Adobe
-CVE-2015-3049 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3049
 	NOT-FOR-US: Adobe
-CVE-2015-3048 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and ...)
+CVE-2015-3048
 	NOT-FOR-US: Adobe
-CVE-2015-3047 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3047
 	NOT-FOR-US: Adobe
-CVE-2015-3046 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 ...)
+CVE-2015-3046
 	NOT-FOR-US: Adobe
 CVE-2015-3045
 	REJECTED
-CVE-2015-3044 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-3044
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3043 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-3043
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3042 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-3042
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3041 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-3041
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3040 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-3040
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3039 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 ...)
+CVE-2015-3039
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3038 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-3038
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-3037
 	RESERVED
-CVE-2015-3036 (Stack-based buffer overflow in the run_init_sbus function in the ...)
+CVE-2015-3036
 	NOT-FOR-US: KCodes NetUSB module for the Linux kernel
-CVE-2015-3035 (Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with ...)
+CVE-2015-3035
 	NOT-FOR-US: TP-LINK Router
 CVE-2015-3034
 	RESERVED
@@ -18082,7 +18082,7 @@ CVE-2015-3032
 	RESERVED
 CVE-2015-3031
 	RESERVED
-CVE-2015-3027 (Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect ...)
+CVE-2015-3027
 	NOT-FOR-US: Clang in LLVM as used in Apple Xcode
 CVE-2015-3025
 	RESERVED
@@ -18110,28 +18110,28 @@ CVE-2015-3014
 	RESERVED
 CVE-2015-3009
 	RESERVED
-CVE-2015-3416 (The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does ...)
+CVE-2015-3416
 	{DSA-3252-2 DSA-3252-1}
 	- sqlite3 3.8.9-1 (bug #783968)
 	[squeeze] - sqlite3 <not-affected> (Can't reproduce the issue)
 	NOTE: http://www.sqlite.org/src/info/c494171f77dc2e5e
 	NOTE: http://seclists.org/bugtraq/2015/Apr/97
 	NOTE: https://lists.debian.org/debian-lts/2015/06/msg00031.html
-CVE-2015-3415 (The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not ...)
+CVE-2015-3415
 	{DSA-3252-1}
 	- sqlite3 3.8.9-1 (bug #783968)
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	[squeeze] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://www.sqlite.org/src/info/02e3c88fbf6abdcf
 	NOTE: http://seclists.org/bugtraq/2015/Apr/97
-CVE-2015-3414 (SQLite before 3.8.9 does not properly implement the dequoting of ...)
+CVE-2015-3414
 	{DSA-3252-1}
 	- sqlite3 3.8.9-1 (bug #783968)
 	[wheezy] - sqlite3 <not-affected> (Can't reproduce the issue)
 	[squeeze] - sqlite3 <not-affected> (Can't reproduce the issue)
 	NOTE: https://www.sqlite.org/src/info/eddc05e7bb31fae7
 	NOTE: http://seclists.org/bugtraq/2015/Apr/97
-CVE-2015-3306 (The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read ...)
+CVE-2015-3306
 	{DSA-3263-1}
 	- proftpd-dfsg 1.3.5-2 (bug #782781)
 	[squeeze] - proftpd-dfsg <not-affected> (mod_copy not available in version 1.3.3)
@@ -18139,7 +18139,7 @@ CVE-2015-3306 (The mod_copy module in ProFTPD 1.3.5 allows remote attackers to r
 	NOTE: https://github.com/proftpd/proftpd/pull/109
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4169
 	NOTE: https://cxsecurity.com/issue/WLB-2015040075
-CVE-2015-3331 (The __driver_rfc4106_decrypt function in ...)
+CVE-2015-3331
 	{DSA-3237-1}
 	- linux 3.16.7-ckt9-3 (bug #782561)
 	- linux-2.6 <removed>
@@ -18147,191 +18147,191 @@ CVE-2015-3331 (The __driver_rfc4106_decrypt function in ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/14/16
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccfe8c3f7e52ae83155cb038753f4c75b774ca8a (v4.0-rc5)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0bd82f5f6355775fbaf7d3c664432ce1b862be1e (v2.6.38-rc1)
-CVE-2015-3332 (A certain backport in the TCP Fast Open implementation for the Linux ...)
+CVE-2015-3332
 	- linux 3.16.7-ckt9-3 (bug #782515)
 	[jessie] - linux 3.16.7-ckt9-3~deb8u1
 	[wheezy] - linux <not-affected> (TCP Fast Open introduced in v3.6-rc1)
 	- linux-2.6 <not-affected> (TCP Fast Open introduced in v3.6-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/14/14
 	NOTE: http://thread.gmane.org/gmane.linux.network/359588
-CVE-2015-3310 (Buffer overflow in the rc_mksid function in plugins/radius/util.c in ...)
+CVE-2015-3310
 	{DSA-3228-1 DLA-205-1}
 	- ppp 2.4.6-3.1 (bug #782450)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/4
 	NOTE: Patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=17;filename=ppp_2.4.6-3.1-nmu.diff;att=1;bug=782450
-CVE-2015-5621 (The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and ...)
+CVE-2015-5621
 	{DSA-4154-1 DLA-1317-1}
 	- net-snmp 5.7.3+dfsg-1.1 (bug #788964)
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/1
 	NOTE: Upstream patch: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
 	NOTE: https://sourceforge.net/p/net-snmp/bugs/2615/ (currently not public)
-CVE-2015-4085 (Directory traversal vulnerability in node/hooks/express/tests.js in ...)
+CVE-2015-4085
 	- etherpad-lite <itp> (bug #576998)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/11/10
-CVE-2015-3297 (Directory traversal vulnerability in node/utils/Minify.js in Etherpad ...)
+CVE-2015-3297
 	- etherpad-lite <itp> (bug #576998)
-CVE-2015-3010 (ceph-deploy before 1.5.23 uses weak permissions (644) for ...)
+CVE-2015-3010
 	- ceph-deploy <not-affected> (Fixed with initial upload to Debian)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/09/9
-CVE-2015-3405 (ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 ...)
+CVE-2015-3405
 	{DSA-3223-1 DLA-192-1}
 	- ntp 1:4.2.6.p5+dfsg-7
 	NOTE: https://bugs.ntp.org/show_bug.cgi?id=2797
 	NOTE: Patch: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/09/5
-CVE-2015-3008 (Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x ...)
+CVE-2015-3008
 	{DSA-3700-1 DLA-455-1}
 	- asterisk 1:13.7.2~dfsg-1 (bug #782411)
 	[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2015-003.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24847
 	NOTE: Patch: https://issues.asterisk.org/jira/secure/attachment/52082/asterisk-null-in-cn.patch
-CVE-2015-3007 (The Juniper SRX Series services gateways with Junos OS 12.1X46 before ...)
+CVE-2015-3007
 	NOT-FOR-US: Juniper
 CVE-2015-3006
 	RESERVED
-CVE-2015-3005 (Cross-site scripting (XSS) vulnerability in the Dynamic VPN in Juniper ...)
+CVE-2015-3005
 	NOT-FOR-US: Juniper
-CVE-2015-3004 (J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before ...)
+CVE-2015-3004
 	NOT-FOR-US: Juniper
-CVE-2015-3003 (Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, ...)
+CVE-2015-3003
 	NOT-FOR-US: Juniper
-CVE-2015-3002 (Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, ...)
+CVE-2015-3002
 	NOT-FOR-US: Juniper
-CVE-2015-3001 (SysAid Help Desk before 15.2 uses a hardcoded password of Password1 ...)
+CVE-2015-3001
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-3000 (SysAid Help Desk before 15.2 allows remote attackers to cause a denial ...)
+CVE-2015-3000
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2999 (Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 ...)
+CVE-2015-2999
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2998 (SysAid Help Desk before 15.2 uses a hardcoded encryption key, which ...)
+CVE-2015-2998
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2997 (SysAid Help Desk before 15.2 allows remote attackers to obtain ...)
+CVE-2015-2997
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2996 (Multiple directory traversal vulnerabilities in SysAid Help Desk ...)
+CVE-2015-2996
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2995 (The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not ...)
+CVE-2015-2995
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2994 (Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid ...)
+CVE-2015-2994
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2993 (SysAid Help Desk before 15.2 does not properly restrict access to ...)
+CVE-2015-2993
 	NOT-FOR-US: SysAid Help Desk
 CVE-2015-2992
 	RESERVED
 	- libstruts1.2-java <not-affected> (Affects 2.0.0 - 2.3.16.3)
-CVE-2015-2991 (Buffer overflow in NScripter before 3.00 allows remote attackers to ...)
+CVE-2015-2991
 	NOT-FOR-US: NScripter
-CVE-2015-2990 (Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO ...)
+CVE-2015-2990
 	NOT-FOR-US: desknet NEO
-CVE-2015-2989 (Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP ...)
+CVE-2015-2989
 	NOT-FOR-US: LEMON-S
-CVE-2015-2988 (Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL ...)
+CVE-2015-2988
 	NOT-FOR-US: Rakuten card App for iOS
-CVE-2015-2987 (Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, ...)
+CVE-2015-2987
 	NOT-FOR-US: Type74 ED
-CVE-2015-2986 (Cross-site scripting (XSS) vulnerability in rakuto.net hitSuji ...)
+CVE-2015-2986
 	NOT-FOR-US: hitSuji
-CVE-2015-2985 (Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 ...)
+CVE-2015-2985
 	NOT-FOR-US: guide-park.com BBS
-CVE-2015-2984 (I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and ...)
+CVE-2015-2984
 	NOT-FOR-US: I-O DATA
-CVE-2015-2983 (Cross-site request forgery (CSRF) vulnerability in admin.php in PHP ...)
+CVE-2015-2983
 	NOT-FOR-US: Kobo Photo Gallery CMS
-CVE-2015-2982 (Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js ...)
+CVE-2015-2982
 	NOT-FOR-US: Kobo Photo Gallery CMS
-CVE-2015-2981 (The Yodobashi App for Android 1.2.1.0 and earlier does not verify ...)
+CVE-2015-2981
 	NOT-FOR-US: Yodobashi App for Android
-CVE-2015-2980 (The Yodobashi application 1.2.1.0 and earlier for Android allows ...)
+CVE-2015-2980
 	NOT-FOR-US: Yodobashi application for Android
-CVE-2015-2979 (Webservice-DIC yoyaku_v41 allows remote attackers to execute arbitrary ...)
+CVE-2015-2979
 	NOT-FOR-US: Webservice-DIC yoyaku_v41
-CVE-2015-2978 (Webservice-DIC yoyaku_v41 allows remote attackers to bypass ...)
+CVE-2015-2978
 	NOT-FOR-US: Webservice-DIC yoyaku_v41
-CVE-2015-2977 (Webservice-DIC yoyaku_v41 allows remote attackers to create arbitrary ...)
+CVE-2015-2977
 	NOT-FOR-US: Webservice-DIC yoyaku_v41
-CVE-2015-2976 (Multiple cross-site scripting (XSS) vulnerabilities in Research ...)
+CVE-2015-2976
 	NOT-FOR-US: Research Artisan Lite
-CVE-2015-2975 (Research Artisan Lite before 1.18 does not ensure that a user has ...)
+CVE-2015-2975
 	NOT-FOR-US: Research Artisan Lite
-CVE-2015-2974 (LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to ...)
+CVE-2015-2974
 	NOT-FOR-US: LEMON-S PHP Gazou BBS
-CVE-2015-2973 (Multiple cross-site scripting (XSS) vulnerabilities in the Welcart ...)
+CVE-2015-2973
 	NOT-FOR-US: Welcart plugin for WordPress
-CVE-2015-2972 (Multiple SQL injection vulnerabilities in Sysphonic Thetis before ...)
+CVE-2015-2972
 	NOT-FOR-US: Syshonic Thetis
-CVE-2015-2971 (Directory traversal vulnerability in Seeds acmailer before 3.8.18 and ...)
+CVE-2015-2971
 	NOT-FOR-US: Seeds acmailer
-CVE-2015-2970 (index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote ...)
+CVE-2015-2970
 	NOT-FOR-US: Oekaki BBS
-CVE-2015-2969 (Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP ...)
+CVE-2015-2969
 	NOT-FOR-US: Oekaki BBS
 CVE-2015-2968
 	RESERVED
-CVE-2015-2966 (Directory traversal vulnerability in the Droidware UK Explorer+ File ...)
+CVE-2015-2966
 	NOT-FOR-US: Droidware UK Explorer+ File Manager application for Android
-CVE-2015-2965 (Directory traversal vulnerability in osCommerce Japanese 2.2ms1j-R8 ...)
+CVE-2015-2965
 	NOT-FOR-US: osCommerce Japanese
-CVE-2015-2964 (NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass ...)
+CVE-2015-2964
 	NOT-FOR-US: NAMSHI | JOSE
-CVE-2015-2963 (The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider ...)
+CVE-2015-2963
 	NOT-FOR-US: thoughtbot paperclip gem for ruby
-CVE-2015-2962 (CGI RESCUE BloBee 1.20 and earlier allows remote attackers to write to ...)
+CVE-2015-2962
 	NOT-FOR-US: CGI RESCUE BloBee
-CVE-2015-2961 (Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow ...)
+CVE-2015-2961
 	NOT-FOR-US: Zoho NetFlow Analyzer
-CVE-2015-2960 (Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer ...)
+CVE-2015-2960
 	NOT-FOR-US: Zoho NetFlow Analyzer
-CVE-2015-2959 (Zoho NetFlow Analyzer build 10250 and earlier does not check for ...)
+CVE-2015-2959
 	NOT-FOR-US: Zoho NetFlow Analyzer
-CVE-2015-2958 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and ...)
+CVE-2015-2958
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2957 (Cross-site scripting (XSS) vulnerability in Igreks MilkyStep Light ...)
+CVE-2015-2957
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2956 (SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier ...)
+CVE-2015-2956
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2955 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and ...)
+CVE-2015-2955
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2954 (Cross-site request forgery (CSRF) vulnerability in Igreks MilkyStep ...)
+CVE-2015-2954
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2953 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and ...)
+CVE-2015-2953
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2952 (The user-information management functionality in Igreks MilkyStep ...)
+CVE-2015-2952
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2951 (JWT.php in F21 JWT before 2.0 allows remote attackers to bypass ...)
+CVE-2015-2951
 	NOT-FOR-US: PHP JWT aibrary
-CVE-2015-2950 (Directory traversal vulnerability in the Brandon Bowles Open Explorer ...)
+CVE-2015-2950
 	NOT-FOR-US: Brandon Bowles Open Explorer application for Android
-CVE-2015-2949 (Cross-site scripting (XSS) vulnerability in ZenPhoto20 1.1.3 and ...)
+CVE-2015-2949
 	NOT-FOR-US: ZenPhoto20
-CVE-2015-2948 (Cross-site scripting (XSS) vulnerability in the image processor in ...)
+CVE-2015-2948
 	NOT-FOR-US: Zenphoto
-CVE-2015-2947 (KanColleViewer versions 3.8.1 and earlier operates as an open proxy ...)
+CVE-2015-2947
 	NOT-FOR-US: KanColleViewer
-CVE-2015-2946 (Stack-based buffer overflow in the Open CAD Format Council SXF common ...)
+CVE-2015-2946
 	NOT-FOR-US: Open CAD Format Council SXF common library
-CVE-2015-2945 (mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does ...)
+CVE-2015-2945
 	NOT-FOR-US: Hajime Fujimoto mt-phpincgi
-CVE-2015-2944 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling ...)
+CVE-2015-2944
 	NOT-FOR-US: Apache Sling
-CVE-2015-2943 (Honda Moto LINC 1.6.1 does not verify SSL certificates. ...)
+CVE-2015-2943
 	NOT-FOR-US: Honda Moto LINC
-CVE-2015-3026 (Icecast before 2.4.2, when a stream_auth handler is defined for URL ...)
+CVE-2015-3026
 	{DSA-3239-1}
 	- icecast2 2.4.2-1 (bug #782120)
 	[wheezy] - icecast2 <not-affected> (stream_auth introduced in 2.3.3)
 	[squeeze] - icecast2 <not-affected> (stream_auth introduced in 2.3.3)
 	NOTE: https://trac.xiph.org/ticket/2191
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/08/8
-CVE-2015-3030 (The web interface in McAfee Advanced Threat Defense (MATD) before ...)
+CVE-2015-3030
 	NOT-FOR-US: McAfee Advanced Threat Defense
-CVE-2015-3029 (The web interface in McAfee Advanced Threat Defense (MATD) before ...)
+CVE-2015-3029
 	NOT-FOR-US: McAfee Advanced Threat Defense
-CVE-2015-3028 (McAfee Advanced Threat Defense (MATD) before 3.4.4.63 allows remote ...)
+CVE-2015-3028
 	NOT-FOR-US: McAfee Advanced Threat Defense
 CVE-2015-2930
 	RESERVED
-CVE-2015-2926 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-2926
 	NOT-FOR-US: phpTrafficA
 CVE-2015-3406 [unsigned files interpreted as signed in some circumstances]
 	RESERVED
@@ -18340,19 +18340,19 @@ CVE-2015-3406 [unsigned files interpreted as signed in some circumstances]
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/07/1
 	NOTE: Changes might needed in libtest-signature-perl, need further investigation
-CVE-2015-3407 (Module::Signature before 0.74 allows remote attackers to bypass ...)
+CVE-2015-3407
 	{DSA-3261-1 DLA-264-1}
 	- libmodule-signature-perl 0.78-1 (bug #783451)
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/07/1
 	NOTE: libtest-signature-perl needed to be updated
-CVE-2015-3408 (Module::Signature before 0.74 allows remote attackers to execute ...)
+CVE-2015-3408
 	{DSA-3261-1 DLA-264-1}
 	- libmodule-signature-perl 0.78-1 (bug #783451)
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/07/1
 	NOTE: Changes might needed in libtest-signature-perl, need further investigation
-CVE-2015-3409 (Untrusted search path vulnerability in Module::Signature before 0.75 ...)
+CVE-2015-3409
 	{DSA-3261-1 DLA-264-1}
 	- libmodule-signature-perl 0.78-1 (bug #783451)
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/c41e8885b862b9fce2719449bc9336f0bea658ef
@@ -18364,19 +18364,19 @@ CVE-2015-2920
 	RESERVED
 CVE-2015-2919
 	RESERVED
-CVE-2015-2918 (The Studio component in OrientDB Server Community Edition before ...)
+CVE-2015-2918
 	NOT-FOR-US: OrientDB
-CVE-2015-2917 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 ...)
+CVE-2015-2917
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2916 (Cross-site request forgery (CSRF) vulnerability on Securifi Almond ...)
+CVE-2015-2916
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2915 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 ...)
+CVE-2015-2915
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2914 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 ...)
+CVE-2015-2914
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2913 (server/network/protocol/http/OHttpSessionManager.java in the Studio ...)
+CVE-2015-2913
 	NOT-FOR-US: OrientDB
-CVE-2015-2912 (The JSONP endpoint in the Studio component in OrientDB Server ...)
+CVE-2015-2912
 	NOT-FOR-US: OrientDB
 CVE-2015-2911
 	RESERVED
@@ -18384,35 +18384,35 @@ CVE-2015-2910
 	RESERVED
 CVE-2015-2909
 	RESERVED
-CVE-2015-2908 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with ...)
+CVE-2015-2908
 	NOT-FOR-US: Mobile Devices (aka MDI) C4 OBD-II dongles
-CVE-2015-2907 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with ...)
+CVE-2015-2907
 	NOT-FOR-US: Mobile Devices (aka MDI) C4 OBD-II dongles
-CVE-2015-2906 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with ...)
+CVE-2015-2906
 	NOT-FOR-US: Mobile Devices (aka MDI) C4 OBD-II dongles
-CVE-2015-2905 (Cross-site request forgery (CSRF) vulnerability on Actiontec GT784WN ...)
+CVE-2015-2905
 	NOT-FOR-US: Actiontec
-CVE-2015-2904 (Actiontec GT784WN modems with firmware before NCS01-1.0.13 have ...)
+CVE-2015-2904
 	NOT-FOR-US: Actiontec
-CVE-2015-2903 (The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 ...)
+CVE-2015-2903
 	NOT-FOR-US: HP ArcSight
-CVE-2015-2902 (HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 ...)
+CVE-2015-2902
 	NOT-FOR-US: HP ArcSight
-CVE-2015-2901 (Multiple stack-based buffer overflows in Medicomp MEDCIN Engine ...)
+CVE-2015-2901
 	NOT-FOR-US: Medicomp
-CVE-2015-2900 (The AddUserFinding add_userfinding2 function in Medicomp MEDCIN Engine ...)
+CVE-2015-2900
 	NOT-FOR-US: Medicomp
-CVE-2015-2899 (Heap-based buffer overflow in the QualifierList ...)
+CVE-2015-2899
 	NOT-FOR-US: Medicomp
-CVE-2015-2898 (Multiple stack-based buffer overflows in Medicomp MEDCIN Engine before ...)
+CVE-2015-2898
 	NOT-FOR-US: Medicomp
-CVE-2015-2897 (Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices ...)
+CVE-2015-2897
 	NOT-FOR-US: Sierra Wireless ALEOS
-CVE-2015-2896 (The up.time client in Idera Uptime Infrastructure Monitor through 7.6 ...)
+CVE-2015-2896
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
-CVE-2015-2895 (Buffer overflow in the up.time client in Idera Uptime Infrastructure ...)
+CVE-2015-2895
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
-CVE-2015-2894 (Format string vulnerability in the up.time client in Idera Uptime ...)
+CVE-2015-2894
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
 CVE-2015-2893
 	RESERVED
@@ -18420,115 +18420,115 @@ CVE-2015-2892
 	RESERVED
 CVE-2015-2891
 	RESERVED
-CVE-2015-2890 (The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile ...)
+CVE-2015-2890
 	NOT-FOR-US: BIOS implementations on Dell hardware with model-dependent firmware
-CVE-2015-2889 (Summer Baby Zoom Wifi Monitor &amp; Internet Viewing System allows remote ...)
+CVE-2015-2889
 	NOT-FOR-US: Summer Baby Zoom Wifi Monitor and Internet Viewing System
-CVE-2015-2888 (Summer Baby Zoom Wifi Monitor &amp; Internet Viewing System allows remote ...)
+CVE-2015-2888
 	NOT-FOR-US: Summer Baby Zoom Wifi Monitor and Internet Viewing System
-CVE-2015-2887 (iBaby M3S has a password of admin for the backdoor admin account. ...)
+CVE-2015-2887
 	NOT-FOR-US: iBaby M3S
-CVE-2015-2886 (iBaby M6 allows remote attackers to obtain sensitive information, ...)
+CVE-2015-2886
 	NOT-FOR-US: iBaby M6
-CVE-2015-2885 (Lens Peek-a-View has a password of 2601hx for the backdoor admin ...)
+CVE-2015-2885
 	NOT-FOR-US: Lens Peek-a-View
-CVE-2015-2884 (Philips In.Sight B120/37 allows remote attackers to obtain sensitive ...)
+CVE-2015-2884
 	NOT-FOR-US: Philips In.Sight B120/37
-CVE-2015-2883 (Philips In.Sight B120/37 has XSS, related to the Weaved cloud web ...)
+CVE-2015-2883
 	NOT-FOR-US: Philips In.Sight B120/37
-CVE-2015-2882 (Philips In.Sight B120/37 has a password of b120root for the backdoor ...)
+CVE-2015-2882
 	NOT-FOR-US: Philips In.Sight B120/37
-CVE-2015-2881 (Gynoii has a password of guest for the backdoor guest account and a ...)
+CVE-2015-2881
 	NOT-FOR-US: Gynoii
-CVE-2015-2880 (TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the ...)
+CVE-2015-2880
 	NOT-FOR-US: TRENDnet WiFi Baby Cam TV-IP743SIC
 CVE-2015-2879
 	RESERVED
-CVE-2015-2878 (Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis ...)
+CVE-2015-2878
 	NOT-FOR-US: Hexis HawkEye
-CVE-2015-2877 (** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel ...)
+CVE-2015-2877
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi
 	NOTE: http://www.antoniobarresi.com/security/cloud/2015/07/30/cain/
 	NOTE: Architectual limitation, workaround exists
-CVE-2015-2876 (Unrestricted file upload vulnerability on Seagate GoFlex Satellite, ...)
+CVE-2015-2876
 	NOT-FOR-US: Seagate GoFlex
-CVE-2015-2875 (Absolute path traversal vulnerability on Seagate GoFlex Satellite, ...)
+CVE-2015-2875
 	NOT-FOR-US: Seagate GoFlex
-CVE-2015-2874 (Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate ...)
+CVE-2015-2874
 	NOT-FOR-US: Seagate GoFlex
-CVE-2015-2873 (Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat ...)
+CVE-2015-2873
 	NOT-FOR-US: Trend Micro
-CVE-2015-2872 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ...)
+CVE-2015-2872
 	NOT-FOR-US: Trend Micro
-CVE-2015-2871 (Chiyu BF-660C fingerprint access-control devices allow remote ...)
+CVE-2015-2871
 	NOT-FOR-US: Chiyu BF-660C fingerprint access-control devices
-CVE-2015-2870 (Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and ...)
+CVE-2015-2870
 	NOT-FOR-US: Chiyu fingerprint access-control devices
-CVE-2015-2869 (The FileInfo plugin before 2.22 for Ghisler Total Commander allows ...)
+CVE-2015-2869
 	NOT-FOR-US: Ghisler Total Commander
-CVE-2015-2868 (An exploitable remote code execution vulnerability exists in the Trane ...)
+CVE-2015-2868
 	NOT-FOR-US: Trane
-CVE-2015-2867 (A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 ...)
+CVE-2015-2867
 	NOT-FOR-US: Trane
-CVE-2015-2866 (SQL injection vulnerability on the Grandstream GXV3611_HD camera with ...)
+CVE-2015-2866
 	NOT-FOR-US: Grandstream camera
 CVE-2015-2865
 	REJECTED
-CVE-2015-2864 (Retrospect and Retrospect Client before 10.0.2.119 on Windows, before ...)
+CVE-2015-2864
 	NOT-FOR-US: Retrospect Client
-CVE-2015-2863 (Open redirect vulnerability in Kaseya Virtual System Administrator ...)
+CVE-2015-2863
 	NOT-FOR-US: Kaseya VSA
-CVE-2015-2862 (Directory traversal vulnerability in Kaseya Virtual System ...)
+CVE-2015-2862
 	NOT-FOR-US: Kaseya VSA
-CVE-2015-2861 (Cross-site request forgery (CSRF) vulnerability in Vesta Control Panel ...)
+CVE-2015-2861
 	NOT-FOR-US: Vesta Control Panel
-CVE-2015-2860 (Directory traversal vulnerability in Avigilon Control Center (ACC) 4 ...)
+CVE-2015-2860
 	NOT-FOR-US: Avigilon Control Center
-CVE-2015-2859 (Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x ...)
+CVE-2015-2859
 	NOT-FOR-US: Intel McAfee ePolicy Orchestrator
-CVE-2015-2858 (Datalex airline booking software before 2015-09-03 allows remote ...)
+CVE-2015-2858
 	NOT-FOR-US: Datalex airline booking software
-CVE-2015-2857 (Accellion File Transfer Appliance before FTA_9_11_210 allows remote ...)
+CVE-2015-2857
 	NOT-FOR-US: Accellion File Transfer Appliance
-CVE-2015-2856 (Directory traversal vulnerability in the template function in ...)
+CVE-2015-2856
 	NOT-FOR-US: Accellion File Transfer Appliance
-CVE-2015-2855 (The WebUI component in Blue Coat SSL Visibility Appliance SV800, ...)
+CVE-2015-2855
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2854 (The WebUI component in Blue Coat SSL Visibility Appliance SV800, ...)
+CVE-2015-2854
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2853 (Session fixation vulnerability in the WebUI component in Blue Coat SSL ...)
+CVE-2015-2853
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2852 (Cross-site request forgery (CSRF) vulnerability in the WebUI component ...)
+CVE-2015-2852
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2851 (client_chown in the sync client in Synology Cloud Station 1.1-2291 ...)
+CVE-2015-2851
 	NOT-FOR-US: Synology Cloud Station
-CVE-2015-2850 (Cross-site scripting (XSS) vulnerability in index-login.ant in the ...)
+CVE-2015-2850
 	NOT-FOR-US: ANTlabs
-CVE-2015-2849 (SQL injection vulnerability in main.ant in the ANTlabs InnGate ...)
+CVE-2015-2849
 	NOT-FOR-US: ANTlabs
-CVE-2015-2848 (Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo ...)
+CVE-2015-2848
 	NOT-FOR-US: Honeywell Tuxedo Touch
-CVE-2015-2847 (Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side ...)
+CVE-2015-2847
 	NOT-FOR-US: Honeywell Tuxedo Touch
-CVE-2015-2846 (BitTorrent Sync allows remote attackers to execute arbitrary commands ...)
+CVE-2015-2846
 	- btsync <itp> (bug #706639)
-CVE-2015-2845 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before ...)
+CVE-2015-2845
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2844 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before ...)
+CVE-2015-2844
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2843 (Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before ...)
+CVE-2015-2843
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2842 (Unrestricted file upload vulnerability in go_audiostore.php in the ...)
+CVE-2015-2842
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2841 (Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote ...)
+CVE-2015-2841
 	NOT-FOR-US: Citrix NetScaler
-CVE-2015-2840 (Cross-site scripting (XSS) vulnerability in help/rt/large_search.html ...)
+CVE-2015-2840
 	NOT-FOR-US: Citrix NetScaler
-CVE-2015-2839 (The Nitro API in Citrix NetScaler before 10.5 build 52.3nc uses an ...)
+CVE-2015-2839
 	NOT-FOR-US: Citrix NetScaler
-CVE-2015-2838 (Cross-site request forgery (CSRF) vulnerability in Nitro API in Citrix ...)
+CVE-2015-2838
 	NOT-FOR-US: Citrix NetScaler
 CVE-2015-2929 [Dos against tor client; client to crash with an assertion failure]
 	RESERVED
@@ -18554,7 +18554,7 @@ CVE-2015-2833
 	RESERVED
 CVE-2015-2832
 	RESERVED
-CVE-2015-2927 (node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause ...)
+CVE-2015-2927
 	- node <removed> (bug #777013)
 	[jessie] - node <no-dsa> (Minor issue)
 	[squeeze] - node <no-dsa> (Minor issue)
@@ -18565,31 +18565,31 @@ CVE-2015-XXXX [caja automounts USB flash drives and CD/DVD drives while session
 	[jessie] - caja 1.8.2-3+deb8u1
 	NOTE: https://github.com/mate-desktop/caja/issues/398
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/03/12
-CVE-2015-3013 (ownCloud Server before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 ...)
+CVE-2015-3013
 	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-004
-CVE-2015-3012 (Multiple cross-site scripting (XSS) vulnerabilities in WebODF before ...)
+CVE-2015-3012
 	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	- owncloud-documents <not-affected> (Fixed before initial release to Debian)
 	- webodf <itp> (bug #727529)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-002
-CVE-2015-3011 (Multiple cross-site scripting (XSS) vulnerabilities in the contacts ...)
+CVE-2015-3011
 	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	- ownclound-contacts <itp> (bug #779055)
 	NOTE: owncloud-contacts fixed in 0.3.0.18+8.0.0+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-001
-CVE-2015-8855 (The semver package before 4.3.2 for Node.js allows attackers to cause ...)
+CVE-2015-8855
 	- node-semver 5.3.0-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/semver_redos
 	NOTE: https://github.com/npm/npm/releases/tag/v2.7.5
 	NOTE: libv8 is not covered by security support
-CVE-2015-2925 (The prepend_path function in fs/dcache.c in the Linux kernel before ...)
+CVE-2015-2925
 	{DLA-325-1}
 	- linux 4.2.1-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
@@ -18597,7 +18597,7 @@ CVE-2015-2925 (The prepend_path function in fs/dcache.c in the Linux kernel befo
 	- linux-2.6 <removed>
 	NOTE: http://permalink.gmane.org/gmane.linux.kernel.containers/29173
 	NOTE: http://permalink.gmane.org/gmane.linux.kernel.containers/29177
-CVE-2015-2924 (The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor ...)
+CVE-2015-2924
 	- network-manager 1.0.2-1 (bug #783295)
 	[jessie] - network-manager <no-dsa> (Minor issue)
 	[wheezy] - network-manager <no-dsa> (Minor issue)
@@ -18614,50 +18614,50 @@ CVE-2015-2923 [IPv6 Hop limit lowering via RA messages]
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 	NOTE: https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041934.html
-CVE-2015-2922 (The ndisc_router_discovery function in net/ipv6/ndisc.c in the ...)
+CVE-2015-2922
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
-CVE-2015-2829 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler ...)
+CVE-2015-2829
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2015-2828 (CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate ...)
+CVE-2015-2828
 	NOT-FOR-US: CA Spectrum
-CVE-2015-2827 (Cross-site scripting (XSS) vulnerability in CA Spectrum 9.2.x and ...)
+CVE-2015-2827
 	NOT-FOR-US: CA Spectrum
-CVE-2015-2826 (WordPress Simple Ads Manager plugin 2.5.94 and 2.5.96 allows remote ...)
+CVE-2015-2826
 	NOT-FOR-US: WordPress plugin simple-ads-manager
-CVE-2015-2825 (Unrestricted file upload vulnerability in sam-ajax-admin.php in the ...)
+CVE-2015-2825
 	NOT-FOR-US: WordPress plugin simple-ads-manager
-CVE-2015-2824 (Multiple SQL injection vulnerabilities in the Simple Ads Manager ...)
+CVE-2015-2824
 	NOT-FOR-US: WordPress plugin simple-ads-manager
-CVE-2015-2823 (Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA ...)
+CVE-2015-2823
 	NOT-FOR-US: Siemens
-CVE-2015-2822 (Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 ...)
+CVE-2015-2822
 	NOT-FOR-US: Siemens
-CVE-2015-2821 (TYPO3 Neos 1.1.x before 1.1.3 and 1.2.x before 1.2.3 allows remote ...)
+CVE-2015-2821
 	NOT-FOR-US: TYPO3 Neos
-CVE-2015-2820 (Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote ...)
+CVE-2015-2820
 	NOT-FOR-US: SAP Afaria
-CVE-2015-2819 (SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a ...)
+CVE-2015-2819
 	NOT-FOR-US: SAP Sybase SQL Anywhere
-CVE-2015-2818 (XML external entity (XXE) vulnerability in SAP Mobile Platform 3 ...)
+CVE-2015-2818
 	NOT-FOR-US: SAP Mobile Platform
-CVE-2015-2817 (The SAP Management Console in SAP NetWeaver 7.40 allows remote ...)
+CVE-2015-2817
 	NOT-FOR-US: SAP NetWeaver
-CVE-2015-2816 (The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict ...)
+CVE-2015-2816
 	NOT-FOR-US: SAP Afaria
-CVE-2015-2815 (Buffer overflow in the C_SAPGPARAM function in the NetWeaver ...)
+CVE-2015-2815
 	NOT-FOR-US: NetWeaver Dispatcher in SAP KERNEL
-CVE-2015-2814 (SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task ...)
+CVE-2015-2814
 	NOT-FOR-US: SAP EMR Unwired and Clinical Task Tracker
-CVE-2015-2813 (XML external entity (XXE) vulnerability in SAP Mobile Platform allows ...)
+CVE-2015-2813
 	NOT-FOR-US: SAP Mobile Platform
-CVE-2015-2812 (XML external entity (XXE) vulnerability in XMLValidationComponent in ...)
+CVE-2015-2812
 	NOT-FOR-US: SAP NetWeaver Portal
-CVE-2015-2811 (XML external entity (XXE) vulnerability in ReportXmlViewer in SAP ...)
+CVE-2015-2811
 	NOT-FOR-US: SAP NetWeaver Portal
-CVE-2015-2830 (arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not ...)
+CVE-2015-2830
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
@@ -18670,11 +18670,11 @@ CVE-2015-XXXX [Signature Bypass in several JSON Web Token Libraries]
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/01/4
 	NOTE: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
 	NOTE: ruby-jwt not directly affected, see https://github.com/jwt/ruby-jwt/issues/76
-CVE-2015-2810 (Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom ...)
+CVE-2015-2810
 	NOT-FOR-US: Hancom Office Hwp
-CVE-2015-2809 (The Multicast DNS (mDNS) responder in Synology DiskStation Manager ...)
+CVE-2015-2809
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2015-2808 (The RC4 algorithm, as used in the TLS protocol and SSL protocol, does ...)
+CVE-2015-2808
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	NOTE: This CVE is specific to the design of the RC4 protocol and not to its
 	NOTE: implementations.
@@ -18684,172 +18684,172 @@ CVE-2015-2808 (The RC4 algorithm, as used in the TLS protocol and SSL protocol,
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of JSSE."
-CVE-2015-2807 (Cross-site scripting (XSS) vulnerability in js/window.php in the Navis ...)
+CVE-2015-2807
 	NOT-FOR-US: Navis DocumentCloud plugin for WordPress
-CVE-2015-2831 (Buffer overflow in das_watchdog 0.9.0 allows local users to execute ...)
+CVE-2015-2831
 	{DSA-3221-1 DLA-194-1}
 	- das-watchdog 0.9.0-3.1 (bug #781806)
 	NOTE: Upstream commit: https://github.com/kmatheussen/das_watchdog/commit/bd20bb02e75e2c
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/8
-CVE-2015-2805 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-2805
 	NOT-FOR-US: Alcatel-Lucent OmniSwitch
-CVE-2015-2804 (The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, ...)
+CVE-2015-2804
 	NOT-FOR-US: Alcatel-Lucent OmniSwitch
-CVE-2015-2803 (SQL injection vulnerability in mod1/index.php in the Akronymmanager ...)
+CVE-2015-2803
 	NOT-FOR-US: TYPO3 extension sb_akronymmanager
 CVE-2015-2802
 	RESERVED
 CVE-2015-2801
 	RESERVED
-CVE-2015-2800 (The user authentication module in Huawei Campus switches S5700, S5300, ...)
+CVE-2015-2800
 	NOT-FOR-US: Huawei
 CVE-2015-2799
 	RESERVED
-CVE-2015-2798 (SQL injection vulnerability in Joomla! Component Contact Form Maker ...)
+CVE-2015-2798
 	NOT-FOR-US: Joomla! extension
-CVE-2015-2797 (Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, ...)
+CVE-2015-2797
 	NOT-FOR-US: AirTies Air DSL modems
-CVE-2015-2796 (Multiple cross-site scripting (XSS) vulnerabilities in Project-Pier ...)
+CVE-2015-2796
 	NOT-FOR-US: Project-Pier ProjectPier-Core
 CVE-2015-2795
 	RESERVED
-CVE-2015-2794 (The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote ...)
+CVE-2015-2794
 	NOT-FOR-US: DotNetNuke
-CVE-2015-2792 (The WPML plugin before 3.1.9 for WordPress does not properly handle ...)
+CVE-2015-2792
 	NOT-FOR-US: WPML plugin for WordPress
-CVE-2015-2791 (The &quot;menu sync&quot; function in the WPML plugin before 3.1.9 for WordPress ...)
+CVE-2015-2791
 	NOT-FOR-US: WPML plugin for WordPress
-CVE-2015-2790 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow ...)
+CVE-2015-2790
 	NOT-FOR-US: Foxit Reader, Enterprise Reader, and PhantomPDF
-CVE-2015-2789 (Unquoted Windows search path vulnerability in the Foxit Cloud Safe ...)
+CVE-2015-2789
 	NOT-FOR-US: Foxit Reader
 CVE-2015-XXXX [xdeb: disables apt's signature checks]
 	- xdeb 0.6.7 (bug #781595)
 	[wheezy] - xdeb <no-dsa> (Minor issue)
-CVE-2015-2931 (Incomplete blacklist vulnerability in includes/upload/UploadBase.php ...)
+CVE-2015-2931
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2932 (Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x ...)
+CVE-2015-2932
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2933 (Cross-site scripting (XSS) vulnerability in the Html class in ...)
+CVE-2015-2933
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2934 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...)
+CVE-2015-2934
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2935 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...)
+CVE-2015-2935
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2936 (MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password ...)
+CVE-2015-2936
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2937 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before ...)
+CVE-2015-2937
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2938 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, ...)
+CVE-2015-2938
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2939 (Cross-site scripting (XSS) vulnerability in the Scribunto extension ...)
+CVE-2015-2939
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2940 (Cross-site request forgery (CSRF) vulnerability in the CheckUser ...)
+CVE-2015-2940
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2941 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, ...)
+CVE-2015-2941
 	- mediawiki 1:1.19.20+dfsg-2.3 (unimportant)
 	NOTE: HHVM not packaged in Debian
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2942 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before ...)
+CVE-2015-2942
 	- mediawiki 1:1.19.20+dfsg-2.3 (unimportant)
 	NOTE: HHVM not packaged in Debian
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2786 (Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 ...)
+CVE-2015-2786
 	NOT-FOR-US: MyBB
 CVE-2015-2784
 	RESERVED
-CVE-2015-2783 (ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x ...)
+CVE-2015-2783
 	{DSA-3280-1 DLA-212-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69324
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
 	NOTE: Fixed in 5.6.8 and 5.4.40
-CVE-2015-2781 (Cross-site scripting (XSS) vulnerability in cgi-bin/hotspotlogin.cgi ...)
+CVE-2015-2781
 	NOT-FOR-US: Hotspot Express hotEx Billing Manager
-CVE-2015-2780 (Unrestricted file upload vulnerability in Berta CMS allows remote ...)
+CVE-2015-2780
 	NOT-FOR-US: Berta CMS
 CVE-2015-2777
 	RESERVED
-CVE-2015-2775 (Directory traversal vulnerability in GNU Mailman before 2.1.20, when ...)
+CVE-2015-2775
 	{DSA-3214-1 DLA-186-1}
 	- mailman 1:2.1.18-2 (bug #781626)
 	NOTE: https://bugs.launchpad.net/mailman/+bug/1437145
 	NOTE: https://mail.python.org/pipermail/mailman-developers/2015-March/024875.html
-CVE-2015-2773 (SVM in Websense TRITON V-Series appliances before 8.0.0 allows ...)
+CVE-2015-2773
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2015-2772 (SVM in Websense TRITON V-Series appliances before 8.0.0 allows ...)
+CVE-2015-2772
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2015-2771 (The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances ...)
+CVE-2015-2771
 	NOT-FOR-US: Websense TRITON AP-EMAIL and V-Series appliances
-CVE-2015-2770 (Cross-site request forgery (CSRF) vulnerability in the command line ...)
+CVE-2015-2770
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2015-2769 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-2769
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2768 (Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL ...)
+CVE-2015-2768
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2767 (Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has ...)
+CVE-2015-2767
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2766 (The Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before ...)
+CVE-2015-2766
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2765 (The Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 ...)
+CVE-2015-2765
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2764 (Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON ...)
+CVE-2015-2764
 	NOT-FOR-US: Websense TRITON AP-DATA
-CVE-2015-2763 (Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has ...)
+CVE-2015-2763
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2762 (Websense TRITON AP-WEB before 8.0.0 allows remote attackers to ...)
+CVE-2015-2762
 	NOT-FOR-US: Websense TRITON AP-WEB
-CVE-2015-2761 (Cross-site scripting (XSS) vulnerability in the Exceptions and ...)
+CVE-2015-2761
 	NOT-FOR-US: Websense TRITON AP-WEB
-CVE-2015-2760 (Cross-site scripting (XSS) vulnerability in the ePO extension in ...)
+CVE-2015-2760
 	NOT-FOR-US: McAfee
-CVE-2015-2759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO ...)
+CVE-2015-2759
 	NOT-FOR-US: McAfee
-CVE-2015-2758 (The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) ...)
+CVE-2015-2758
 	NOT-FOR-US: McAfee
-CVE-2015-2757 (The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) ...)
+CVE-2015-2757
 	NOT-FOR-US: McAfee
 CVE-2015-XXXX [crashes found with afl]
 	- hp2xx 3.4.4-10 (low)
@@ -18861,7 +18861,7 @@ CVE-2015-2793 [cross-site scripting via openid_identifier]
 	[wheezy] - ikiwiki 3.20120629.2
 	[squeeze] - ikiwiki <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/30/5
-CVE-2015-2806 (Stack-based buffer overflow in asn1_der_decoding in libtasn1 before ...)
+CVE-2015-2806
 	{DSA-3220-1 DLA-195-1}
 	[experimental] - libtasn1-6 4.4-1
 	- libtasn1-6 4.2-3
@@ -18870,15 +18870,15 @@ CVE-2015-2806 (Stack-based buffer overflow in asn1_der_decoding in libtasn1 befo
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/29/4
 	NOTE: Only in the asn1 definition parser, not in the asn1 parser itself
 	NOTE: https://lists.gnu.org/archive/html/help-libtasn1/2015-01/msg00000.html
-CVE-2015-2787 (Use-after-free vulnerability in the process_nested_data function in ...)
+CVE-2015-2787
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.7+dfsg-1
 	NOTE: https://bugs.php.net/68976
-CVE-2015-2782 (Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote ...)
+CVE-2015-2782
 	{DSA-3213-1 DLA-188-1}
 	- arj 3.10.22-13 (bug #774015)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/28/5
-CVE-2015-2756 (QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict ...)
+CVE-2015-2756
 	{DSA-3259-1 DLA-479-1}
 	- xen 4.2.0~rc2-1 (bug #781620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
@@ -18887,44 +18887,44 @@ CVE-2015-2756 (QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restr
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: http://xenbits.xen.org/xsa/advisory-126.html
-CVE-2015-2755 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AB ...)
+CVE-2015-2755
 	NOT-FOR-US: AB Google Map Travel (AB-MAP) plugin for WordPress
-CVE-2015-2752 (The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, ...)
+CVE-2015-2752
 	{DLA-479-1}
 	- xen 4.4.1-9 (bug #781620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-125.html
-CVE-2015-2751 (Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, ...)
+CVE-2015-2751
 	- xen 4.4.1-9 (bug #781620)
 	[wheezy] - xen <not-affected> (Affected functionality introduced in 4.2)
 	[squeeze] - xen <not-affected> (Affected functionality introduced in 4.2)
 	NOTE: http://xenbits.xen.org/xsa/advisory-127.html
-CVE-2015-2748 (Websense TRITON AP-WEB before 8.0.0 does not properly restrict access ...)
+CVE-2015-2748
 	NOT-FOR-US: Websense TRITON AP-WEB
-CVE-2015-2747 (Multiple cross-site scripting (XSS) vulnerabilities in the data loss ...)
+CVE-2015-2747
 	NOT-FOR-US: Websense Triton
-CVE-2015-2746 (The network diagnostics tool (CommandLineServlet) in the Appliance ...)
+CVE-2015-2746
 	NOT-FOR-US: Websense TRITON
-CVE-2015-2774 (Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes ...)
+CVE-2015-2774
 	- erlang 1:17.3-dfsg-4 (low; bug #781839)
 	[squeeze] - erlang <no-dsa> (Minor issue)
 	[wheezy] - erlang <no-dsa> (Minor issue)
 	NOTE: http://www.erlang.org/news/85
 	NOTE: CVE about "ssl: ... added padding check for TLS-1.0 due to the Poodle vulnerability."
 	NOTE: https://github.com/erlang/otp/commit/e53c55dd0ab69982bc511396ccf8655d27c6d38c
-CVE-2015-2745 (Multiple cross-site scripting (XSS) vulnerabilities in the Search app ...)
+CVE-2015-2745
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-2744 (Cross-site scripting (XSS) vulnerability in the Search app in Gaia in ...)
+CVE-2015-2744
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-2743 (PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 ...)
+CVE-2015-2743
 	{DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/
-CVE-2015-2742 (Mozilla Firefox before 39.0 on OS X includes native key press ...)
+CVE-2015-2742
 	- iceweasel <not-affected> (OS X specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-68/
-CVE-2015-2741 (Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and ...)
+CVE-2015-2741
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -18934,56 +18934,56 @@ CVE-2015-2741 (Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and ..
 	[jessie] - icedove <not-affected> (Only affects Thunderbird 38 and later)
 	[wheezy] - icedove <not-affected> (Only affects Thunderbird 38 and later)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-67/
-CVE-2015-2740 (Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function ...)
+CVE-2015-2740
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2739 (The ArrayBufferBuilder::append function in Mozilla Firefox before ...)
+CVE-2015-2739
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2738 (The YCbCrImageDataDeserializer::ToDataSourceSurface function in the ...)
+CVE-2015-2738
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2737 (The rx::d3d11::SetBufferData function in the Direct3D 11 ...)
+CVE-2015-2737
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2736 (The nsZipArchive::BuildFileList function in Mozilla Firefox before ...)
+CVE-2015-2736
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2735 (nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x ...)
+CVE-2015-2735
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2734 (The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D ...)
+CVE-2015-2734
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2733 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant ...)
+CVE-2015-2733
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -18991,7 +18991,7 @@ CVE-2015-2733 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
 CVE-2015-2732
 	RESERVED
-CVE-2015-2731 (Use-after-free vulnerability in the CSPService::ShouldLoad function in ...)
+CVE-2015-2731
 	{DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -19000,7 +19000,7 @@ CVE-2015-2731 (Use-after-free vulnerability in the CSPService::ShouldLoad functi
 	[wheezy] - icedove <not-affected> (Does not affect 31.x ESR Thunderbird)
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-63/
-CVE-2015-2730 (Mozilla Network Security Services (NSS) before 3.19.1, as used in ...)
+CVE-2015-2730
 	{DSA-3336-1 DLA-315-1}
 	- nss 2:3.19.1-1
 	- iceweasel 38.1.0esr-1
@@ -19010,24 +19010,24 @@ CVE-2015-2730 (Mozilla Network Security Services (NSS) before 3.19.1, as used in
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/
 	NOTE: https://hg.mozilla.org/projects/nss/rev/fc6870938172
 	NOTE: https://hg.mozilla.org/projects/nss/rev/2c05e861ce07
-CVE-2015-2729 (The AudioParamTimeline::AudioNodeInputValue function in the Web Audio ...)
+CVE-2015-2729
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-62/
-CVE-2015-2728 (The IndexedDatabaseManager class in the IndexedDB implementation in ...)
+CVE-2015-2728
 	{DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-61/
-CVE-2015-2727 (Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote ...)
+CVE-2015-2727
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-60/
-CVE-2015-2726 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-2726
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 39)
@@ -19037,7 +19037,7 @@ CVE-2015-2726 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[jessie] - icedove <not-affected> (Only affects Icedove 39)
 	[wheezy] - icedove <not-affected> (Only affects Icedove 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
-CVE-2015-2725 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-2725
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -19047,7 +19047,7 @@ CVE-2015-2725 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	[jessie] - icedove <not-affected> (Only affects Icedove 38 and later)
 	[wheezy] - icedove <not-affected> (Only affects Icedove 38 and later)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
-CVE-2015-2724 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-2724
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -19056,13 +19056,13 @@ CVE-2015-2724 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
 CVE-2015-2723
 	REJECTED
-CVE-2015-2722 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant ...)
+CVE-2015-2722
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
-CVE-2015-2721 (Mozilla Network Security Services (NSS) before 3.19, as used in ...)
+CVE-2015-2721
 	{DSA-3336-1 DSA-3324-1 DSA-3300-1 DLA-315-1}
 	- nss 2:3.19.1-1
 	NOTE: NSS patch: https://hg.mozilla.org/projects/nss/rev/6b4770c76bc8
@@ -19072,65 +19072,65 @@ CVE-2015-2721 (Mozilla Network Security Services (NSS) before 3.19, as used in .
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-71/
-CVE-2015-2720 (The update implementation in Mozilla Firefox before 38.0 on Windows ...)
+CVE-2015-2720
 	- iceweasel <not-affected> (Only affects Windows)
 CVE-2015-2719
 	RESERVED
-CVE-2015-2718 (The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote ...)
+CVE-2015-2718
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2717 (Integer overflow in libstagefright in Mozilla Firefox before 38.0 ...)
+CVE-2015-2717
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2716 (Buffer overflow in the XML parser in Mozilla Firefox before 38.0, ...)
+CVE-2015-2716
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-54/
-CVE-2015-2715 (Race condition in the nsThreadManager::RegisterCurrentThread function ...)
+CVE-2015-2715
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2714 (Mozilla Firefox before 38.0 on Android does not properly restrict ...)
+CVE-2015-2714
 	- iceweasel <not-affected> (Only affects Firefox on Android)
-CVE-2015-2713 (Use-after-free vulnerability in the SetBreaks function in Mozilla ...)
+CVE-2015-2713
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-51/
-CVE-2015-2712 (The asm.js implementation in Mozilla Firefox before 38.0 does not ...)
+CVE-2015-2712
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2711 (Mozilla Firefox before 38.0 does not recognize a referrer policy ...)
+CVE-2015-2711
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2710 (Heap-based buffer overflow in the SVGTextFrame class in Mozilla ...)
+CVE-2015-2710
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-48/
-CVE-2015-2709 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-2709
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-46/
-CVE-2015-2708 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-2708
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -19139,46 +19139,46 @@ CVE-2015-2708 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-46/
 CVE-2015-2707
 	RESERVED
-CVE-2015-2706 (Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent ...)
+CVE-2015-2706
 	[experimental] - iceweasel 37.0.2-1
 	- iceweasel <not-affected> (Only affects 37.x series)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/
 CVE-2015-2705
 	RESERVED
-CVE-2015-2703 (Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON ...)
+CVE-2015-2703
 	NOT-FOR-US: Websense
-CVE-2015-2702 (Cross-site scripting (XSS) vulnerability in the Message Log in the ...)
+CVE-2015-2702
 	NOT-FOR-US: Websense
-CVE-2015-2701 (Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 ...)
+CVE-2015-2701
 	NOT-FOR-US: CS-Cart
 CVE-2015-2700
 	RESERVED
 CVE-2015-2699
 	RESERVED
-CVE-2015-2698 (The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c ...)
+CVE-2015-2698
 	- krb5 1.13.2+dfsg-4
 	[jessie] - krb5 <not-affected> (Only affected when applying original patch for CVE-2015-2696 only)
 	[wheezy] - krb5 <not-affected> (Only affected when applying original patch for CVE-2015-2696 only)
 	[squeeze] - krb5 <not-affected> (Vulnerable code not present)
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8273
 	NOTE: https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd
-CVE-2015-2697 (The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT ...)
+CVE-2015-2697
 	{DSA-3395-2 DSA-3395-1 DLA-340-1}
 	- krb5 1.13.2+dfsg-3 (bug #803088)
 	NOTE: https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252
-CVE-2015-2696 (lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 ...)
+CVE-2015-2696
 	{DSA-3395-1}
 	- krb5 1.13.2+dfsg-3 (bug #803084)
 	[squeeze] - krb5 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244
-CVE-2015-2695 (lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before ...)
+CVE-2015-2695
 	{DSA-3395-1 DLA-340-1}
 	- krb5 1.13.2+dfsg-3 (bug #803083)
 	NOTE: https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244
-CVE-2015-2694 (The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x ...)
+CVE-2015-2694
 	- krb5 1.12.1+dfsg-20 (bug #783557)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	[wheezy] - krb5 <no-dsa> (Minor issue and can be fixed in a future DSA)
@@ -19190,48 +19190,48 @@ CVE-2015-2694 (The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.
 	NOTE: has. Thus basicaly only krb5/1.12 is affected.
 CVE-2015-2693
 	RESERVED
-CVE-2015-2692 (AdBlock before 2.21 allows remote attackers to block arbitrary ...)
+CVE-2015-2692
 	NOT-FOR-US: AdBlock
 CVE-2015-2691
 	RESERVED
-CVE-2015-2690 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-2690
 	NOT-FOR-US: Digium Addons module for FreePBX
-CVE-2015-2704 (realmd allows remote attackers to inject arbitrary configurations in ...)
+CVE-2015-2704
 	- realmd 0.16.0-1 (bug #781179)
 	[jessie] - realmd <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=89207
-CVE-2015-2776 (The parse_SST function in FreeXL before 1.0.0i allows remote attackers ...)
+CVE-2015-2776
 	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/gh61gzaf8jj30hj/freexl_6889d18b?dl=0
-CVE-2015-2754 (FreeXL before 1.0.0i allows remote attackers to cause a denial of ...)
+CVE-2015-2754
 	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/66srfory903w6cl/freexl_d7273f72?dl=0
-CVE-2015-2753 (FreeXL before 1.0.0i allows remote attackers to cause a denial of ...)
+CVE-2015-2753
 	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/3htzndywvtmomlx/freexl_9f74b0e8?dl=0
 CVE-2015-2685
 	RESERVED
-CVE-2015-2683 (Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 ...)
+CVE-2015-2683
 	NOT-FOR-US: Citrix Command Center
-CVE-2015-2682 (Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 ...)
+CVE-2015-2682
 	NOT-FOR-US: Citrix Command Center
-CVE-2015-2681 (Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 ...)
+CVE-2015-2681
 	NOT-FOR-US: Asus
-CVE-2015-2680 (Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS ...)
+CVE-2015-2680
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-2679 (Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before ...)
+CVE-2015-2679
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-2678 (Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix ...)
+CVE-2015-2678
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-2677 (Multiple cross-site scripting (XSS) vulnerabilities in ocPortal before ...)
+CVE-2015-2677
 	- ocportal <itp> (bug #625865)
-CVE-2015-2676 (Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 ...)
+CVE-2015-2676
 	NOT-FOR-US: Asus
 CVE-2015-2689 [Assertion failure in dns.c, possibly connected to UDP DoS attack]
 	RESERVED
@@ -19243,12 +19243,12 @@ CVE-2015-2688 [relay could crash with an assertion]
 	{DSA-3203-1 DLA-178-1}
 	- tor 0.2.5.11-1
 	NOTE: https://trac.torproject.org/projects/tor/ticket/15083
-CVE-2015-2687 (OpenStack Compute (nova) Icehouse, Juno and Havana when live migration ...)
+CVE-2015-2687
 	- nova 2014.1-1
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: This is no longer a security issue starting with icehouse, so marking 2014.1 as fixed
 	NOTE: https://bugs.launchpad.net/nova/+bug/1419577
-CVE-2015-2673 (The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in ...)
+CVE-2015-2673
 	NOT-FOR-US: WP EasyCart plugin for Wordpress
 CVE-2015-2671
 	RESERVED
@@ -19256,108 +19256,108 @@ CVE-2015-2670
 	REJECTED
 CVE-2015-2669
 	RESERVED
-CVE-2015-2668 (ClamAV before 0.98.7 allows remote attackers to cause a denial of ...)
+CVE-2015-2668
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
-CVE-2015-2667 (Untrusted search path vulnerability in GNS3 1.2.3 allows local users ...)
+CVE-2015-2667
 	- gns3 <not-affected> (Windows specific)
-CVE-2015-2665 (Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows ...)
+CVE-2015-2665
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	NOTE: http://www.fortiguard.com/advisory/FG-VD-15-017/
 	NOTE: http://bugs.cacti.net/view.php?id=2542 (bug is not yet accessible)
 	NOTE: http://svn.cacti.net/viewvc/cacti/tags/0.8.8d/graphs.php?r1=7716&r2=7717&view=patch
-CVE-2015-2664 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
+CVE-2015-2664
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-2663 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-2663
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2662 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-2662
 	NOT-FOR-US: Solaris DHCP (dhcpagent)
-CVE-2015-2661 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-2661
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2660 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-2660
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2659 (Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded ...)
+CVE-2015-2659
 	- openjdk-6 <not-affected> (Only affects Java 8)
 	- openjdk-7 <not-affected> (Only affects Java 8)
 	- openjdk-8 8u66-b01-1
-CVE-2015-2658 (Unspecified vulnerability in the Web Cache component in Oracle Fusion ...)
+CVE-2015-2658
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2657 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-2657
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2656 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-2656
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2655 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2015-2655
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2654 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-2654
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2653 (Unspecified vulnerability in the Oracle Commerce Guided Search / ...)
+CVE-2015-2653
 	NOT-FOR-US: Oracle Commerce
-CVE-2015-2652 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2015-2652
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2651 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-2651
 	NOT-FOR-US: Solaris Virtualized NIC Driver
-CVE-2015-2650 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-2650
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2649 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2015-2649
 	NOT-FOR-US: Oracle Seibel CRM
-CVE-2015-2648 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier ...)
+CVE-2015-2648
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2647 (Unspecified vulnerability in the Enterprise Manager for Oracle ...)
+CVE-2015-2647
 	NOT-FOR-US: Oracle Database
-CVE-2015-2646 (Unspecified vulnerability in the Enterprise Manager for Oracle ...)
+CVE-2015-2646
 	NOT-FOR-US: Oracle Database
-CVE-2015-2645 (Unspecified vulnerability in the Oracle Web Applications Desktop ...)
+CVE-2015-2645
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2644 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
+CVE-2015-2644
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2643 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier ...)
+CVE-2015-2643
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2642 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-2642
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2641 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-2641
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2640 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-2640
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2639 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-2639
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2638 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
+CVE-2015-2638
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
-CVE-2015-2637 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
+CVE-2015-2637
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
-CVE-2015-2636 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-2636
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2635 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-2635
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2634 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-2634
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2633 (Unspecified vulnerability in the Enterprise Manager Ops Center ...)
+CVE-2015-2633
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2015-2632 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
+CVE-2015-2632
 	{DSA-3725-1 DSA-3339-1 DSA-3316-1 DLA-545-1 DLA-381-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19367,13 +19367,13 @@ CVE-2015-2632 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
 	- icu 55.1-7
 	NOTE: http://bugs.icu-project.org/trac/ticket/11865 (not yet public)
-CVE-2015-2631 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-2631
 	NOT-FOR-US: Solaris (rmformat)
-CVE-2015-2630 (Unspecified vulnerability in the Technology stack component in Oracle ...)
+CVE-2015-2630
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2629 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2015-2629
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2628 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
+CVE-2015-2628
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19381,13 +19381,13 @@ CVE-2015-2628 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45,
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-2627 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
+CVE-2015-2627
 	- openjdk-6 <not-affected> (Specific to Java client installer)
 	- openjdk-7 <not-affected> (Specific to Java client installer)
 	- openjdk-8 <not-affected> (Specific to Java client installer)
-CVE-2015-2626 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-2626
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2625 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
+CVE-2015-2625
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19395,13 +19395,13 @@ CVE-2015-2625 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45;
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of JSSE."
-CVE-2015-2624 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-2624
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2623 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2015-2623
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-2622 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-2622
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2621 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
+CVE-2015-2621
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19409,7 +19409,7 @@ CVE-2015-2621 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45,
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-2620 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier ...)
+CVE-2015-2620
 	{DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
@@ -19417,53 +19417,53 @@ CVE-2015-2620 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earli
 	[jessie] - mariadb-10.0 10.0.20-0+deb8u1
 	NOTE: Possibly related to https://github.com/mysql/mysql-server/commit/fdae90dd
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2619 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX ...)
+CVE-2015-2619
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2015-2618 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2015-2618
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2617 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-2617
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2616 (Unspecified vulnerability in Oracle Sun Solaris 3.3 and 4.2 allows ...)
+CVE-2015-2616
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2615 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2015-2615
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2614 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-2614
 	NOT-FOR-US: Solaris (NVM Express Driver)
-CVE-2015-2613 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE ...)
+CVE-2015-2613
 	{DSA-3339-1 DSA-3316-1}
 	- openjdk-6 <not-affected> (Does not apply to OpenJDK 6.x, only 7.x and 8.x)
 	- openjdk-7 7u79-2.5.6-1
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-2612 (Unspecified vulnerability in the Siebel Core - Server OM Svcs ...)
+CVE-2015-2612
 	NOT-FOR-US: Oracle Seibel CMS
-CVE-2015-2611 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
+CVE-2015-2611
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2610 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2015-2610
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2609 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-2609
 	NOT-FOR-US: Solaris (performance counters)
-CVE-2015-2608 (Unspecified vulnerability in (1) the Oracle Communications Diameter ...)
+CVE-2015-2608
 	NOT-FOR-US: Oracle Communications Applications
-CVE-2015-2607 (Unspecified vulnerability in the Oracle Commerce Guided Search / ...)
+CVE-2015-2607
 	NOT-FOR-US: Oracle Commerce
-CVE-2015-2606 (Unspecified vulnerability in the Oracle Endeca Information Discovery ...)
+CVE-2015-2606
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2605 (Unspecified vulnerability in the Oracle Endeca Information Discovery ...)
+CVE-2015-2605
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2604 (Unspecified vulnerability in the Oracle Endeca Information Discovery ...)
+CVE-2015-2604
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2603 (Unspecified vulnerability in the Oracle Endeca Information Discovery ...)
+CVE-2015-2603
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2602 (Unspecified vulnerability in the Oracle Endeca Information Discovery ...)
+CVE-2015-2602
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2601 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, ...)
+CVE-2015-2601
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19471,34 +19471,34 @@ CVE-2015-2601 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45,
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-2600 (Unspecified vulnerability in the Siebel Core - Server OM Svcs ...)
+CVE-2015-2600
 	NOT-FOR-US: Oracle Siebel CMS
-CVE-2015-2599 (Unspecified vulnerability in the RDBMS Scheduler component in Oracle ...)
+CVE-2015-2599
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2598 (Unspecified vulnerability in the mobile app in Oracle Business ...)
+CVE-2015-2598
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2597 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local ...)
+CVE-2015-2597
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 <not-affected> (Specific to MacOS X)
 	- openjdk-8 <not-affected> (Specific to MacOS X)
-CVE-2015-2596 (Unspecified vulnerability in Oracle Java SE 7u80 allows remote ...)
+CVE-2015-2596
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2015-2595 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2015-2595
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2594 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2015-2594
 	{DSA-3359-1 DLA-313-1}
 	- virtualbox 4.3.30-dfsg-1 (bug #792446)
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Bridged networking over wifi is unlikely to be used in production and vulnerability is not a remote one)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixOVIR
 	NOTE: "This issue affects Windows, Linux and Mac OS X hosts only when guests using bridged networking over Wifi."
-CVE-2015-2593 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2015-2593
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2592 (Unspecified vulnerability in the Hyperion Enterprise Performance ...)
+CVE-2015-2592
 	NOT-FOR-US: Oracle Hyperion
-CVE-2015-2591 (Unspecified vulnerability in the PeopleSoft Enterprise Portal - ...)
+CVE-2015-2591
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2590 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
+CVE-2015-2590
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19506,123 +19506,123 @@ CVE-2015-2590 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45,
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-2589 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-2589
 	NOT-FOR-US: Solaris
-CVE-2015-2588 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-2588
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2587 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2015-2587
 	NOT-FOR-US: Oracle Siebel CMS
-CVE-2015-2586 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2015-2586
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2585 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2015-2585
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2584 (Unspecified vulnerability in the Hyperion Enterprise Performance ...)
+CVE-2015-2584
 	NOT-FOR-US: Oracle Hyperion
-CVE-2015-2583 (Unspecified vulnerability in the Data Store component in Oracle ...)
+CVE-2015-2583
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2582 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier ...)
+CVE-2015-2582
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2581 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2015-2581
 	NOT-FOR-US: Oracle Virtualization
-CVE-2015-2580 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-2580
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2579 (Unspecified vulnerability in the Oracle Health Sciences Argus Safety ...)
+CVE-2015-2579
 	NOT-FOR-US: Oracle
-CVE-2015-2578 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote ...)
+CVE-2015-2578
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2577 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2015-2577
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2576 (Unspecified vulnerability in the MySQL Utilities component in Oracle ...)
+CVE-2015-2576
 	NOT-FOR-US: MySQL Utilities component of MySQL on Windows
-CVE-2015-2575 (Unspecified vulnerability in the MySQL Connectors component in Oracle ...)
+CVE-2015-2575
 	{DSA-3621-1 DLA-526-1}
 	- mysql-connector-java 5.1.37-1
-CVE-2015-2574 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2015-2574
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2573 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, ...)
+CVE-2015-2573
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2572 (Unspecified vulnerability in the Oracle Hyperion Smart View for Office ...)
+CVE-2015-2572
 	NOT-FOR-US: Oracle
-CVE-2015-2571 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, ...)
+CVE-2015-2571
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2570 (Unspecified vulnerability in the Oracle Demand Planning component in ...)
+CVE-2015-2570
 	NOT-FOR-US: Oracle
 CVE-2015-2569
 	REJECTED
-CVE-2015-2568 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, ...)
+CVE-2015-2568
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2567 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-2567
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2566 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier ...)
+CVE-2015-2566
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2565 (Unspecified vulnerability in the Oracle Installed Base component in ...)
+CVE-2015-2565
 	NOT-FOR-US: Oracle
-CVE-2015-2564 (SQL injection vulnerability in client-edit.php in ProjectSend ...)
+CVE-2015-2564
 	NOT-FOR-US: ProjectSend
-CVE-2015-2563 (SQL injection vulnerability in groups.php in Vastal I-Tech phpVID ...)
+CVE-2015-2563
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2015-2562 (Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD ...)
+CVE-2015-2562
 	NOT-FOR-US: Joomla component com_ecommercewd
 CVE-2015-2561
 	RESERVED
-CVE-2015-2560 (Manage Engine Desktop Central 9 before build 90135 allows remote ...)
+CVE-2015-2560
 	NOT-FOR-US: Manage Engine Desktop Central
-CVE-2015-2558 (Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 ...)
+CVE-2015-2558
 	NOT-FOR-US: Microsoft
-CVE-2015-2557 (Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote ...)
+CVE-2015-2557
 	NOT-FOR-US: Microsoft
-CVE-2015-2556 (The InfoPath Forms Services component in Microsoft SharePoint Server ...)
+CVE-2015-2556
 	NOT-FOR-US: Microsoft
-CVE-2015-2555 (Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 ...)
+CVE-2015-2555
 	NOT-FOR-US: Microsoft
-CVE-2015-2554 (The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 ...)
+CVE-2015-2554
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2553 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-2553
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2552 (The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 ...)
+CVE-2015-2552
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2551
 	REJECTED
-CVE-2015-2550 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-2550
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2549 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-2549
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2548 (Use-after-free vulnerability in the Tablet Input Band in Windows Shell ...)
+CVE-2015-2548
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2547
 	REJECTED
-CVE-2015-2546 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2015-2546
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2545 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows ...)
+CVE-2015-2545
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2544 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2015-2544
 	NOT-FOR-US: Microsoft OWA
-CVE-2015-2543 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2015-2543
 	NOT-FOR-US: Microsoft OWA
-CVE-2015-2542 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+CVE-2015-2542
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2541 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-2541
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2540
 	REJECTED
@@ -19632,83 +19632,83 @@ CVE-2015-2538
 	REJECTED
 CVE-2015-2537
 	REJECTED
-CVE-2015-2536 (Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 ...)
+CVE-2015-2536
 	NOT-FOR-US: Microsoft Lync
-CVE-2015-2535 (Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and ...)
+CVE-2015-2535
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2534 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows ...)
+CVE-2015-2534
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2533
 	REJECTED
-CVE-2015-2532 (Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 ...)
+CVE-2015-2532
 	NOT-FOR-US: Microsoft Lync
-CVE-2015-2531 (Cross-site scripting (XSS) vulnerability in the jQuery engine in ...)
+CVE-2015-2531
 	NOT-FOR-US: Microsoft Lync
-CVE-2015-2530 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2015-2530
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2529 (The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows ...)
+CVE-2015-2529
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2528 (Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2015-2528
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2527 (The process-initialization implementation in win32k.sys in the ...)
+CVE-2015-2527
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2526 (Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote ...)
+CVE-2015-2526
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2525 (Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2015-2525
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2524 (Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2015-2524
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2523 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2015-2523
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2522 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2015-2522
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2015-2521 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack ...)
+CVE-2015-2521
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2520 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, ...)
+CVE-2015-2520
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2519 (Integer overflow in Windows Journal in Microsoft Windows Vista SP2, ...)
+CVE-2015-2519
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2518 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2015-2518
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2517 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2015-2517
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2516 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2015-2516
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2515 (Use-after-free vulnerability in Windows Shell in Microsoft Windows ...)
+CVE-2015-2515
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2514 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2015-2514
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2513 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2015-2513
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2512 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2015-2512
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2511 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2015-2511
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2510 (Buffer overflow in the Adobe Type Manager Library in Microsoft Windows ...)
+CVE-2015-2510
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2509 (Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, ...)
+CVE-2015-2509
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2508 (The Adobe Type Manager Library in Microsoft Windows 10 allows local ...)
+CVE-2015-2508
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2507 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2015-2507
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2506 (atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista ...)
+CVE-2015-2506
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2505 (Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative ...)
+CVE-2015-2505
 	NOT-FOR-US: Microsoft Exchange
-CVE-2015-2504 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, ...)
+CVE-2015-2504
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2503 (Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote ...)
+CVE-2015-2503
 	NOT-FOR-US: Microsoft
-CVE-2015-2502 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2502
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2501 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-2501
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2500 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
+CVE-2015-2500
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2499 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2499
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2498 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2498
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2497
 	REJECTED
@@ -19716,115 +19716,115 @@ CVE-2015-2496
 	REJECTED
 CVE-2015-2495
 	REJECTED
-CVE-2015-2494 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow ...)
+CVE-2015-2494
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2493 (The (1) VBScript and (2) JScript engines in Microsoft Internet ...)
+CVE-2015-2493
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2492 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2492
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2491 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-2491
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2490 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2490
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2489 (Microsoft Internet Explorer 11 allows remote attackers to gain ...)
+CVE-2015-2489
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2488
 	REJECTED
-CVE-2015-2487 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2487
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2486 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow ...)
+CVE-2015-2486
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2485 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2015-2485
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2484 (Microsoft Internet Explorer 10 and 11 uses an incorrect flag during ...)
+CVE-2015-2484
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2483 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-2483
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2482 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
+CVE-2015-2482
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2481 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
+CVE-2015-2481
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2480 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
+CVE-2015-2480
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2479 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
+CVE-2015-2479
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2478 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2478
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2477 (Microsoft Office 2007 SP3, Office for Mac 2011, Office for Mac 2016, ...)
+CVE-2015-2477
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2476 (The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2015-2476
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2475 (Cross-site scripting (XSS) vulnerability in uddi/search/frames.aspx in ...)
+CVE-2015-2475
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2474 (Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote ...)
+CVE-2015-2474
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2473 (Untrusted search path vulnerability in the client in Remote Desktop ...)
+CVE-2015-2473
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2472 (Remote Desktop Session Host (RDSH) in Remote Desktop Protocol (RDP) ...)
+CVE-2015-2472
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2471 (Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which ...)
+CVE-2015-2471
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2015-2470 (Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, ...)
+CVE-2015-2470
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2469 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office ...)
+CVE-2015-2469
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2468 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-2468
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2467 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
+CVE-2015-2467
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2466 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows ...)
+CVE-2015-2466
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2465 (The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2015-2465
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2464 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2464
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2463 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2463
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2462 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft ...)
+CVE-2015-2462
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2461 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft ...)
+CVE-2015-2461
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2460 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft ...)
+CVE-2015-2460
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2459 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft ...)
+CVE-2015-2459
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2458 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft ...)
+CVE-2015-2458
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2457
 	REJECTED
-CVE-2015-2456 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2456
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2455 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2455
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2454 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2015-2454
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2453 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows ...)
+CVE-2015-2453
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2452 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2452
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2451 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-2451
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2450 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-2450
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2449 (Microsoft Internet Explorer 7 through 11 and Edge allow remote ...)
+CVE-2015-2449
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2448 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2015-2448
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2447 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-2447
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2446 (Microsoft Internet Explorer 11 and Edge allow remote attackers to ...)
+CVE-2015-2446
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2445 (Microsoft Internet Explorer 10 allows remote attackers to bypass the ...)
+CVE-2015-2445
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2444 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-2444
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2443 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-2443
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2442 (Microsoft Internet Explorer 8 through 11 and Edge allow remote ...)
+CVE-2015-2442
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2441 (Microsoft Internet Explorer 7 through 11 and Edge allow remote ...)
+CVE-2015-2441
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2440 (Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers ...)
+CVE-2015-2440
 	NOT-FOR-US: Mirosoft XML Core Services
 CVE-2015-2439
 	REJECTED
@@ -19834,83 +19834,83 @@ CVE-2015-2437
 	REJECTED
 CVE-2015-2436
 	REJECTED
-CVE-2015-2435 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2435
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2434 (Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes ...)
+CVE-2015-2434
 	NOT-FOR-US: Mirosoft XML Core Services
-CVE-2015-2433 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2015-2433
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2432 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft ...)
+CVE-2015-2432
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2431 (Microsoft Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, ...)
+CVE-2015-2431
 	NOT-FOR-US: Mirosoft Office
-CVE-2015-2430 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2430
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2429 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2429
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2428 (Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2015-2428
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2427 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-2427
 	NOT-FOR-US: Microsoft
-CVE-2015-2426 (Buffer underflow in atmfd.dll in the Windows Adobe Type Manager ...)
+CVE-2015-2426
 	NOT-FOR-US: Microsoft Adobe Type Manager Library
-CVE-2015-2425 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-2425
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2424 (Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, ...)
+CVE-2015-2424
 	NOT-FOR-US: Microsoft
-CVE-2015-2423 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-2423
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2422 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2422
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2421 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2421
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2420 (Cross-site scripting (XSS) vulnerability in Microsoft System Center ...)
+CVE-2015-2420
 	NOT-FOR-US: Microsoft System Center
-CVE-2015-2419 (JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote ...)
+CVE-2015-2419
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2418 (Race condition in Microsoft Malicious Software Removal Tool (MSRT) ...)
+CVE-2015-2418
 	NOT-FOR-US: Microsoft MSRT
-CVE-2015-2417 (OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows ...)
+CVE-2015-2417
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2416 (OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows ...)
+CVE-2015-2416
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2415 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2015-2415
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2414 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-2414
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2413 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2413
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2412 (Microsoft Internet Explorer 10 and 11 allows remote attackers to read ...)
+CVE-2015-2412
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2411 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-2411
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2410 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2410
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2409
 	REJECTED
-CVE-2015-2408 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-2408
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2407
 	REJECTED
-CVE-2015-2406 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2406
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2405
 	REJECTED
-CVE-2015-2404 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2404
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2403 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2015-2403
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2402 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-2402
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2401 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-2401
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2400
 	REJECTED
 CVE-2015-2399
 	REJECTED
-CVE-2015-2398 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-2398
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2397 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2397
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2396
 	REJECTED
@@ -19922,71 +19922,71 @@ CVE-2015-2393
 	REJECTED
 CVE-2015-2392
 	REJECTED
-CVE-2015-2391 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-2391
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2390 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2390
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2389 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-2389
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2388 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-2388
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2387 (ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows ...)
+CVE-2015-2387
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2386
 	REJECTED
-CVE-2015-2385 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-2385
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2384 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-2384
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2383 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-2383
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2382 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows ...)
+CVE-2015-2382
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2381 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows ...)
+CVE-2015-2381
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2380 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-2380
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2379 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-2379
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2378 (Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel ...)
+CVE-2015-2378
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2377 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2015-2377
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2376 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2015-2376
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2375 (Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel ...)
+CVE-2015-2375
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2374 (The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, ...)
+CVE-2015-2374
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2373 (The Remote Desktop Protocol (RDP) server service in Microsoft Windows ...)
+CVE-2015-2373
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2372 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with ...)
+CVE-2015-2372
 	NOT-FOR-US: Microsoft VBScript
-CVE-2015-2371 (The Windows Installer service in Microsoft Windows Server 2003 SP2 and ...)
+CVE-2015-2371
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2370 (The authentication implementation in the RPC subsystem in Microsoft ...)
+CVE-2015-2370
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2369 (Untrusted search path vulnerability in Windows Media Device Manager in ...)
+CVE-2015-2369
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2368 (Untrusted search path vulnerability in Microsoft Windows 7 SP1, ...)
+CVE-2015-2368
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2367 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-2367
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2366 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, ...)
+CVE-2015-2366
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2365 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-2365
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2364 (The graphics component in Microsoft Windows Server 2003 SP2 and R2 ...)
+CVE-2015-2364
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2363 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-2363
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2362 (Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, ...)
+CVE-2015-2362
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2361 (Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not ...)
+CVE-2015-2361
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2360 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-2360
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-2359 (Cross-site scripting (XSS) vulnerability in the web applications in ...)
+CVE-2015-2359
 	NOT-FOR-US: Microsoft Exchange Server
 CVE-2015-2358
 	RESERVED
@@ -20000,15 +20000,15 @@ CVE-2015-2354
 	RESERVED
 CVE-2015-2353
 	RESERVED
-CVE-2015-2352 (The cache handler in MyBB (aka MyBulletinBoard) before 1.8.4 does not ...)
+CVE-2015-2352
 	NOT-FOR-US: MyBB
-CVE-2015-2351 (Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms ...)
+CVE-2015-2351
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2015-2350 (Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS ...)
+CVE-2015-2350
 	NOT-FOR-US: MikroTik RouterOS
-CVE-2015-2349 (Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in ...)
+CVE-2015-2349
 	NOT-FOR-US: SuperWebMailer
-CVE-2015-2686 (net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate ...)
+CVE-2015-2686
 	- linux <not-affected> (Introduced in 3.19, never uploaded to unstable)
 	- linux-2.6 <not-affected> (Introduced in 3.19, never uploaded to unstable)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4de930efc23b92ddf88ce91c405ee645fe6e27ea
@@ -20017,83 +20017,83 @@ CVE-2015-XXXX [Insufficient escaping in user manager allows XSS attack]
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	[squeeze] - dokuwiki <no-dsa> (Minor issue)
-CVE-2015-6674 (Buffer underflow vulnerability in the Debian inspircd package before ...)
+CVE-2015-6674
 	{DSA-3226-1 DLA-276-1}
 	- inspircd 2.0.16-1 (bug #780880)
 	NOTE: Correct fix: https://github.com/inspircd/inspircd/commit/ed28c1ba666b39581adb860bf51cdde43c84cc89
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/29/5
-CVE-2015-2788 (Multiple stack-based buffer overflows in the ib_fill_isqlda function ...)
+CVE-2015-2788
 	{DSA-3219-1}
 	- libdbd-firebird-perl 1.18-2 (bug #780925)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/30/4
-CVE-2015-4148 (The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, ...)
+CVE-2015-4148
 	{DLA-307-1}
 	- php5 5.6.7+dfsg-1
 	[wheezy] - php5 5.4.39-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69085
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/14
-CVE-2015-4147 (The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, ...)
+CVE-2015-4147
 	{DLA-307-1}
 	- php5 5.6.7+dfsg-1
 	[wheezy] - php5 5.4.39-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69085
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/14
-CVE-2015-2779 (Stack consumption vulnerability in the message splitting functionality ...)
+CVE-2015-2779
 	- quassel 1:0.10.0-2.3 (bug #781024)
 	[wheezy] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.8)
 	[squeeze] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.6)
 	NOTE: https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/12
-CVE-2015-2778 (Quassel before 0.12-rc1 uses an incorrect data-type size when ...)
+CVE-2015-2778
 	- quassel 1:0.10.0-2.3 (bug #781024)
 	[wheezy] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.8)
 	[squeeze] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.6)
 	NOTE: https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/12
-CVE-2015-2348 (The move_uploaded_file implementation in ...)
+CVE-2015-2348
 	{DSA-3198-1 DLA-444-1}
 	- php5 5.6.7+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69207
-CVE-2015-2347 (Cross-site scripting (XSS) vulnerability in Huawei SEQ Analyst before ...)
+CVE-2015-2347
 	NOT-FOR-US: Huawei SEQ Analyst
-CVE-2015-2346 (XML external entity (XXE) vulnerability in Huawei SEQ Analyst before ...)
+CVE-2015-2346
 	NOT-FOR-US: Huawei
 CVE-2015-2345
 	REJECTED
-CVE-2015-2344 (Cross-site scripting (XSS) vulnerability in VMware vRealize Automation ...)
+CVE-2015-2344
 	NOT-FOR-US: VMware vRealize Automation
 CVE-2015-2343
 	REJECTED
-CVE-2015-2342 (The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 ...)
+CVE-2015-2342
 	NOT-FOR-US: VMware
-CVE-2015-2341 (VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, ...)
+CVE-2015-2341
 	NOT-FOR-US: VMware
-CVE-2015-2340 (TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
+CVE-2015-2340
 	NOT-FOR-US: VMware
-CVE-2015-2339 (TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
+CVE-2015-2339
 	NOT-FOR-US: VMware
-CVE-2015-2338 (TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
+CVE-2015-2338
 	NOT-FOR-US: VMware
-CVE-2015-2337 (TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
+CVE-2015-2337
 	NOT-FOR-US: VMware
-CVE-2015-2336 (TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
+CVE-2015-2336
 	NOT-FOR-US: VMware
-CVE-2015-2335 (A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows ...)
+CVE-2015-2335
 	NOT-FOR-US: MyBB
-CVE-2015-2334 (Cross-site request forgery (CSRF) vulnerability in the Admin Control ...)
+CVE-2015-2334
 	NOT-FOR-US: MyBB
-CVE-2015-2333 (Cross-site scripting (XSS) vulnerability in the MyCode editor in MyBB ...)
+CVE-2015-2333
 	NOT-FOR-US: MyBB
-CVE-2015-2332 (Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka ...)
+CVE-2015-2332
 	NOT-FOR-US: MyBB
-CVE-2015-2559 (Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated ...)
+CVE-2015-2559
 	{DSA-3200-1}
 	- drupal7 7.32-1+deb8u2 (bug #780772)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-001
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=8e54eca05a65c6231b02510e1917af0c9191e549
-CVE-2015-2750 (Open redirect vulnerability in URL-related API functions in Drupal 6.x ...)
+CVE-2015-2750
 	{DSA-3200-1}
 	- drupal7 7.32-1+deb8u2 (bug #780772)
 	- drupal6 <removed>
@@ -20101,16 +20101,16 @@ CVE-2015-2750 (Open redirect vulnerability in URL-related API functions in Drupa
 	NOTE: https://www.drupal.org/SA-CORE-2015-001
 	NOTE: http://cgit.drupalcode.org/drupal/commit/includes/menu.inc?h=6.x&id=8ffc5db3c0ab926f3d4b2cf8bc51714c8c0f3c93
 	NOTE: http://cgit.drupalcode.org/drupal/commit/includes/common.inc?h=7.x&id=b44056d2f8e8c71d35c85ec5c2fb8f7c8a02d8a8
-CVE-2015-2749 (Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before ...)
+CVE-2015-2749
 	{DSA-3200-1}
 	- drupal7 7.32-1+deb8u2 (bug #780772)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-001
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/19/5
-CVE-2015-2329 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
+CVE-2015-2329
 	NOT-FOR-US: WooCommerce plugin for WordPress
-CVE-2015-2328 (PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related ...)
+CVE-2015-2328
 	- mongodb <unfixed> (unimportant)
 	NOTE: CVE for bundled version of pcre3 in mongodb
 	NOTE: https://jira.mongodb.org/browse/SERVER-17252
@@ -20122,7 +20122,7 @@ CVE-2015-2328 (PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and rel
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1515
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1498
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/31/4
-CVE-2015-2327 (PCRE before 8.36 mishandles the /(((a\2)|(a*)\g&lt;-1&gt;))*/ pattern and ...)
+CVE-2015-2327
 	- mongodb <unfixed> (unimportant)
 	NOTE: CVE for bundled version of pcre3 in mongodb
 	NOTE: https://jira.mongodb.org/browse/SERVER-17252
@@ -20155,28 +20155,28 @@ CVE-2015-2325 [heap buffer overflow in compile_branch()]
 	NOTE: http://bugs.exim.org/show_bug.cgi?id=1591#c1
 	NOTE: Comment from upstream: Probably every version since the support for forward referencing
 	NOTE: was introduced is affected.
-CVE-2015-2324 (Cross-site scripting (XSS) vulnerability in the filemanager in the ...)
+CVE-2015-2324
 	NOT-FOR-US: filemanager in the Photo Gallery plugin for WordPress
-CVE-2015-2323 (FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, ...)
+CVE-2015-2323
 	NOT-FOR-US: FortiOS
 CVE-2015-2322
 	RESERVED
-CVE-2015-2321 (Cross-site scripting (XSS) vulnerability in the Job Manager plugin ...)
+CVE-2015-2321
 	NOT-FOR-US: WordPress plugin job-mnager
-CVE-2015-2317 (The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, ...)
+CVE-2015-2317
 	{DSA-3204-1 DLA-272-1}
 	- python-django 1.7.7-1 (bug #780873)
 	[squeeze] - python-django <no-dsa> (Minor issue, can wait next security upload)
 	NOTE: https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b (1.4.x)
 	NOTE: https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1 (1.7.x)
-CVE-2015-2316 (The utils.html.strip_tags function in Django 1.6.x before 1.6.11, ...)
+CVE-2015-2316
 	- python-django 1.7.7-1 (bug #780874)
 	[wheezy] - python-django <not-affected> (vulnerable code not present)
 	[squeeze] - python-django <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/django/django/commit/e63363f8e075fa8d66326ad6a1cc3391cc95cd97 (1.7.x)
-CVE-2015-2315 (Cross-site scripting (XSS) vulnerability in the WPML plugin before ...)
+CVE-2015-2315
 	NOT-FOR-US: WordPress plugin wpml
-CVE-2015-2314 (SQL injection vulnerability in the WPML plugin before 3.1.9 for ...)
+CVE-2015-2314
 	NOT-FOR-US: WordPress plugin wpml
 CVE-2015-XXXX [nasal scripts can ready any file]
 	- flightgear-data 3.0.0-3 (bug #780716)
@@ -20184,24 +20184,24 @@ CVE-2015-XXXX [permissive file access allowed from nasal]
 	- flightgear 3.0.0-5 (bug #780712)
 	[squeeze] - flightgear 1.9.1-1.1+deb6u11
 	NOTE: workaround entry for DLA 318-1 until/if CVE assigned
-CVE-2015-2666 (Stack-based buffer overflow in the get_matching_model_microcode ...)
+CVE-2015-2666
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <not-affected> (Introduced in 3.9)
 	- linux-2.6 <not-affected> (Introduced in 3.9)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ec400ddeff200b068ddc6c70f7321f49ecf32ed5 (v3.9-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4 (v4.0-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/7
-CVE-2015-2684 (Shibboleth Service Provider (SP) before 2.5.4 allows remote ...)
+CVE-2015-2684
 	{DSA-3207-1 DLA-259-1}
 	- shibboleth-sp2 2.5.3+dfsg-2
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150319.txt
-CVE-2015-2672 (The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the ...)
+CVE-2015-2672
 	- linux <not-affected>
 	- linux-2.6 <not-affected>
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f31a9f7c71691569359fa7fb8b0acaa44bce0324 (v3.17-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=06c8173eb92bbfc03a0fe8bb64315857d0badd06 (v4.0-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/6
-CVE-2015-2331 (Integer overflow in the _zip_cdir_new function in zip_dirent.c in ...)
+CVE-2015-2331
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.7+dfsg-1 (bug #780713)
 	- libzip 0.11.2-1.2 (bug #780756)
@@ -20211,29 +20211,29 @@ CVE-2015-2331 (Integer overflow in the _zip_cdir_new function in zip_dirent.c in
 	NOTE: https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/1
 	NOTE: libzip patch: http://hg.nih.at/libzip/rev/9f11d54f692e
-CVE-2015-2330 (Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows ...)
+CVE-2015-2330
 	- webkitgtk 2.4.9-1 (unimportant)
 	[jessie] - webkitgtk 2.4.9-1~deb8u1
 	NOTE: Not covered by security support
 CVE-2015-2309 [Unsafe methods in the Request class]
 	RESERVED
 	- symfony 2.3.21+dfsg-4
-CVE-2015-2308 (Eval injection vulnerability in the HttpCache class in HttpKernel in ...)
+CVE-2015-2308
 	- symfony 2.3.21+dfsg-4
 CVE-2015-2307
 	RESERVED
 CVE-2015-2306
 	RESERVED
-CVE-2015-2320 (The TLS stack in Mono before 3.12.1 allows remote attackers to have ...)
+CVE-2015-2320
 	{DSA-3202-1 DLA-176-1}
 	- mono 3.2.8+dfsg-10 (bug #780751)
 	NOTE: https://github.com/mono/mono/commit/b371da6b2d68b4cdd0f21d6342af6c42794f998b
-CVE-2015-2319 (The TLS stack in Mono before 3.12.1 makes it easier for remote ...)
+CVE-2015-2319
 	{DSA-3202-1 DLA-176-1}
 	- mono 3.2.8+dfsg-10 (bug #780751)
 	NOTE: https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10
 	NOTE: Patch for versions earlier than 3.4: https://gist.github.com/directhex/728af6f96d1b8c976659
-CVE-2015-2318 (The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers ...)
+CVE-2015-2318
 	{DSA-3202-1 DLA-176-1}
 	- mono 3.2.8+dfsg-10 (bug #780751)
 	NOTE: https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4
@@ -20246,34 +20246,34 @@ CVE-2015-2300
 	RESERVED
 CVE-2015-2299
 	RESERVED
-CVE-2015-2295 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-2295
 	NOT-FOR-US: pfSense
-CVE-2015-2294 (Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in ...)
+CVE-2015-2294
 	NOT-FOR-US: pfSense
-CVE-2015-2293 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-2293
 	NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2015-2292 (Multiple SQL injection vulnerabilities in ...)
+CVE-2015-2292
 	NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2015-2291 ((1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the ...)
+CVE-2015-2291
 	NOT-FOR-US: Intel Ethernet diagnostics driver for Windows
 CVE-2015-2290
 	RESERVED
 CVE-2015-2288
 	RESERVED
-CVE-2015-2313 (Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an ...)
+CVE-2015-2313
 	- capnproto 0.4.1-3 (bug #780568)
-CVE-2015-2312 (Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows ...)
+CVE-2015-2312
 	- capnproto 0.4.1-3 (bug #780567)
-CVE-2015-2311 (Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x ...)
+CVE-2015-2311
 	- capnproto 0.4.1-3 (bug #780566)
-CVE-2015-2310 (Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 ...)
+CVE-2015-2310
 	- capnproto 0.4.1-3 (bug #780565)
-CVE-2015-8856 (Cross-site scripting (XSS) vulnerability in the serve-index package ...)
+CVE-2015-8856
 	- node-serve-index <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/serve-static-xss
 	NOTE: https://github.com/expressjs/serve-index/issues/28
-CVE-2015-8903 (The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x ...)
+CVE-2015-8903
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6 (low)
@@ -20282,7 +20282,7 @@ CVE-2015-8903 (The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
 	NOTE: http://web.archive.org/web/20150428140926/http://trac.imagemagick.org/changeset/17856
-CVE-2015-8902 (The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before ...)
+CVE-2015-8902
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6 (low)
@@ -20291,7 +20291,7 @@ CVE-2015-8902 (The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x befo
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
 	NOTE: http://web.archive.org/web/20150428145652/http://trac.imagemagick.org/changeset/17855
-CVE-2015-8901 (ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a ...)
+CVE-2015-8901
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6
@@ -20299,7 +20299,7 @@ CVE-2015-8901 (ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to ca
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
-CVE-2015-8900 (The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x ...)
+CVE-2015-8900
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6
@@ -20313,24 +20313,24 @@ CVE-2015-XXXX [Incomplete fix for CVE-2014-7940]
 	- icu 52.1-8 (bug #780503)
 	[wheezy] - icu <not-affected> (Incomplete patch was never applied)
 	[squeeze] - icu <not-affected> (Incomplete patch was never applied)
-CVE-2015-2298 (node/utils/ExportEtherpad.js in Etherpad 1.5.x before 1.5.2 might ...)
+CVE-2015-2298
 	- etherpad-lite <itp> (bug #576998)
 	NOTE: https://github.com/ether/etherpad-lite/commit/a0fb65205c7d7ff95f00eb9fd88e93b300f30c3d
-CVE-2015-2296 (The resolve_redirects function in sessions.py in requests 2.1.0 ...)
+CVE-2015-2296
 	- requests 2.4.3-6 (bug #780506)
 	[wheezy] - requests <not-affected> (Vulnerable code introduced in 2.1.0)
 	NOTE: https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc
-CVE-2015-2289 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-2289
 	- serendipity <removed>
 CVE-2015-2287
 	RESERVED
-CVE-2015-2286 (lms/templates/footer-edx-new.html in Open edX edx-platform before ...)
+CVE-2015-2286
 	NOT-FOR-US: Open edX
-CVE-2015-2285 (The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart ...)
+CVE-2015-2285
 	- upstart <not-affected> (Vulnerable cron.daily script not present)
-CVE-2015-2284 (userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before ...)
+CVE-2015-2284
 	NOT-FOR-US: SolarWinds Firewall Security Manager
-CVE-2015-2674 (Restkit allows man-in-the-middle attackers to spoof TLS servers by ...)
+CVE-2015-2674
 	- python-restkit <removed> (bug #781813)
 	[stretch] - python-restkit <ignored> (Minor issue)
 	[jessie] - python-restkit <ignored> (Minor issue)
@@ -20340,59 +20340,59 @@ CVE-2015-2674 (Restkit allows man-in-the-middle attackers to spoof TLS servers b
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/12/9
 CVE-2015-2283
 	RESERVED
-CVE-2015-2282 (Stack-based buffer overflow in the LZC decompression implementation ...)
+CVE-2015-2282
 	NOT-FOR-US: SAP
-CVE-2015-2281 (Stack-based buffer overflow in collectoragent.exe in Fortinet Single ...)
+CVE-2015-2281
 	NOT-FOR-US: Fortinet Single Sign On
-CVE-2015-2280 (snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network ...)
+CVE-2015-2280
 	NOT-FOR-US: AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera
-CVE-2015-2279 (cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with ...)
+CVE-2015-2279
 	NOT-FOR-US: AirLive
-CVE-2015-2278 (The LZH decompression implementation (CsObjectInt::BuildHufTree ...)
+CVE-2015-2278
 	NOT-FOR-US: SAP
 CVE-2015-2277
 	RESERVED
 CVE-2015-2276
 	RESERVED
-CVE-2015-2275 (Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery ...)
+CVE-2015-2275
 	NOT-FOR-US: WoltLab Community Gallery
 CVE-2015-2274
 	RESERVED
-CVE-2015-2273 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-2273
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49364
-CVE-2015-2272 (login/token.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x ...)
+CVE-2015-2272
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48691
-CVE-2015-2271 (tag/user.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before ...)
+CVE-2015-2271
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49084
-CVE-2015-2270 (lib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x ...)
+CVE-2015-2270
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48804
-CVE-2015-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-2269
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49144
-CVE-2015-2268 (filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before ...)
+CVE-2015-2268
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38466
-CVE-2015-2267 (mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before ...)
+CVE-2015-2267
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49087
-CVE-2015-2266 (message/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x ...)
+CVE-2015-2266
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49204
-CVE-2015-2264 (Multiple untrusted search path vulnerabilities in (1) ...)
+CVE-2015-2264
 	NOT-FOR-US: Telerik Analytics Monitor Library
-CVE-2015-2263 (Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 5.2.x ...)
+CVE-2015-2263
 	NOT-FOR-US: Cloudera
 CVE-2015-2262
 	RESERVED
@@ -20408,75 +20408,75 @@ CVE-2015-2257
 	RESERVED
 CVE-2015-2256
 	RESERVED
-CVE-2015-2255 (Huawei AR1220 routers with software before V200R005SPH006 allow remote ...)
+CVE-2015-2255
 	NOT-FOR-US: Huawei
-CVE-2015-2254 (Huawei OceanStor UDS devices with software before V100R002C01SPC102 ...)
+CVE-2015-2254
 	NOT-FOR-US: Huawei OceanStor UDS devices
-CVE-2015-2253 (The XML interface in Huawei OceanStor UDS devices with software ...)
+CVE-2015-2253
 	NOT-FOR-US: Huawei
-CVE-2015-2252 (Huawei OceanStor UDS devices with software before V100R002C01SPC102 ...)
+CVE-2015-2252
 	NOT-FOR-US: Huawei
-CVE-2015-2251 (The DeviceManager in Huawei OceanStor UDS devices with software before ...)
+CVE-2015-2251
 	NOT-FOR-US: Huawei
-CVE-2015-2250 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
+CVE-2015-2250
 	NOT-FOR-US: concrete5
 CVE-2015-2249
 	RESERVED
-CVE-2015-2248 (Cross-site request forgery (CSRF) vulnerability in the user portal in ...)
+CVE-2015-2248
 	NOT-FOR-US: Dell SonicWALL
-CVE-2015-2247 (Unspecified vulnerability in Boosted Boards skateboards allows ...)
+CVE-2015-2247
 	NOT-FOR-US: Boosted Boards skateboards
-CVE-2015-2246 (The MeWidget module on Huawei P7 smartphones with software P7-L10 ...)
+CVE-2015-2246
 	NOT-FOR-US: Huawei
-CVE-2015-2245 (Huawei Ascend P7 allows remote attackers to cause a denial of service ...)
+CVE-2015-2245
 	NOT-FOR-US: Huawei
-CVE-2015-2244 (Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun ...)
+CVE-2015-2244
 	NOT-FOR-US: Webshop hun
-CVE-2015-2243 (Directory traversal vulnerability in Webshop hun 1.062S allows remote ...)
+CVE-2015-2243
 	NOT-FOR-US: Webshop hun
-CVE-2015-2242 (Multiple SQL injection vulnerabilities in Webshop hun 1.062S allow ...)
+CVE-2015-2242
 	NOT-FOR-US: Webshop hun
 CVE-2015-XXXX [several security vulnerabilities and network packets can terminate the connection]
 	- armagetronad 0.2.8.3.2-4 (bug #780178)
 	[wheezy] - armagetronad <no-dsa> (Minor issue)
 	[squeeze] - armagetronad <no-dsa> (Minor issue)
-CVE-2015-2301 (Use-after-free vulnerability in the phar_rename_archive function in ...)
+CVE-2015-2301
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68901
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/6
-CVE-2015-2265 (The remove_bad_chars function in utils/cups-browsed.c in cups-filters ...)
+CVE-2015-2265
 	- cups-filters 1.0.61-5 (bug #780267)
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.linuxfoundation.org/show_bug.cgi?id=1265
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/09/5
-CVE-2015-2241 (Cross-site scripting (XSS) vulnerability in the contents function in ...)
+CVE-2015-2241
 	- python-django 1.7.6-1
 	[wheezy] - python-django <not-affected> (Only affects 1.7.x and 1.8.x)
 	[squeeze] - python-django <not-affected> (Only affects 1.7.x and 1.8.x)
 	NOTE: https://www.djangoproject.com/weblog/2015/mar/09/security-releases/
 CVE-2015-2240
 	RESERVED
-CVE-2015-2239 (Google Chrome before 41.0.2272.76, when Instant Extended mode is used, ...)
+CVE-2015-2239
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-2238 (Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as ...)
+CVE-2015-2238
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-2237 (Multiple SQL injection vulnerabilities in Betster (aka PHP Betoffice) ...)
+CVE-2015-2237
 	NOT-FOR-US: Betster
 CVE-2015-2236
 	RESERVED
 CVE-2015-2235
 	REJECTED
-CVE-2015-2234 (Race condition in Lenovo System Update (formerly ThinkVantage System ...)
+CVE-2015-2234
 	NOT-FOR-US: Lenovo System Update
-CVE-2015-2233 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
+CVE-2015-2233
 	NOT-FOR-US: Lenovo System Update
 CVE-2015-2232
 	RESERVED
@@ -20496,36 +20496,36 @@ CVE-2015-2225
 	RESERVED
 CVE-2015-2224
 	RESERVED
-CVE-2015-2223 (Multiple cross-site scripting (XSS) vulnerabilities in the web-based ...)
+CVE-2015-2223
 	NOT-FOR-US: Palo Alto Networks Traps
-CVE-2015-2222 (ClamAV before 0.98.7 allows remote attackers to cause a denial of ...)
+CVE-2015-2222
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/8aeedf3c4282bc916d6f6c290e1e530d125ec953
-CVE-2015-2221 (ClamAV before 0.98.7 allows remote attackers to cause a denial of ...)
+CVE-2015-2221
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0844d0cfe118b4041ed8e2ee49ff18bfbca8eaa5
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/26b19809fb3b940cb0fda0422d685fff02a53b5f
-CVE-2015-2220 (Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms ...)
+CVE-2015-2220
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2015-2219 (Lenovo System Update (formerly ThinkVantage System Update) before ...)
+CVE-2015-2219
 	NOT-FOR-US: Lenovo System Update
-CVE-2015-2218 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-2218
 	NOT-FOR-US: wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin for WordPress
-CVE-2015-2217 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP ...)
+CVE-2015-2217
 	NOT-FOR-US: myUPB
-CVE-2015-2216 (SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme ...)
+CVE-2015-2216
 	NOT-FOR-US: Photocrati theme for WordPress
-CVE-2015-2215 (Open redirect vulnerability in the Services single sign-on server ...)
+CVE-2015-2215
 	NOT-FOR-US: Drupal module Services single sign-on server helper
-CVE-2015-2214 (NetCat 5.01 and earlier allows remote attackers to obtain the ...)
+CVE-2015-2214
 	NOT-FOR-US: NetCat CMS
-CVE-2015-2213 (SQL injection vulnerability in the wp_untrash_post_comments function ...)
+CVE-2015-2213
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33555
@@ -20538,15 +20538,15 @@ CVE-2015-XXXX [tcllib XSS]
 	- tcllib 1.16-dfsg-2 (low; bug #780100)
 	[wheezy] - tcllib 1.14-dfsg-3+deb7u1
 	[squeeze] - tcllib <no-dsa> (Minor issue)
-CVE-2015-2210 (The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows ...)
+CVE-2015-2210
 	NOT-FOR-US: Epicor CRS Retail Store
-CVE-2015-2209 (DLGuard 4.5 allows remote attackers to obtain the installation path ...)
+CVE-2015-2209
 	NOT-FOR-US: DLGuard
-CVE-2015-2208 (The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows ...)
+CVE-2015-2208
 	NOT-FOR-US: phpMoAdmin
 CVE-2015-2207
 	RESERVED
-CVE-2015-2206 (libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, ...)
+CVE-2015-2206
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.4.4-1 (unimportant)
 	NOTE: Hardening, not a concrete issue itself
@@ -20559,78 +20559,78 @@ CVE-2015-2201
 	RESERVED
 CVE-2015-2200
 	RESERVED
-CVE-2015-2199 (Multiple SQL injection vulnerabilities in the WonderPlugin Audio ...)
+CVE-2015-2199
 	NOT-FOR-US: WonderPlugin Audio Player plugin for WordPress
-CVE-2015-2198 (Multiple cross-site scripting (XSS) vulnerabilities in edit_prefs.php ...)
+CVE-2015-2198
 	NOT-FOR-US: Beehive Forum
-CVE-2015-2197 (Cross-site scripting (XSS) vulnerability in the Entity API module ...)
+CVE-2015-2197
 	NOT-FOR-US: Entity module for Drupal
-CVE-2015-2196 (SQL injection vulnerability in Spider Event Calendar 1.4.9 for ...)
+CVE-2015-2196
 	NOT-FOR-US: Spider Event Calender
-CVE-2015-2195 (Multiple cross-site scripting (XSS) vulnerabilities in the WP Media ...)
+CVE-2015-2195
 	NOT-FOR-US: WP Media Cleaner plugin for WordPress
-CVE-2015-2194 (Unrestricted file upload vulnerability in the fusion_options function ...)
+CVE-2015-2194
 	NOT-FOR-US: fusion_options function in functions.php in the Fusion theme for WordPress
 CVE-2015-2193
 	RESERVED
-CVE-2015-2675 (The OAuth implementation in librest before 0.7.93 incorrectly ...)
+CVE-2015-2675
 	- librest 0.7.92-3 (bug #780101)
 	[wheezy] - librest <not-affected> (rest_proxy_call_get_url not yet used)
 	[squeeze] - librest <not-affected> (rest_proxy_call_get_url not yet used)
 	NOTE: Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=742644
 	NOTE: Commit: https://git.gnome.org/browse/librest/commit/?id=b50ace7738ea038
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/04/6
-CVE-2015-2204 (Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 ...)
+CVE-2015-2204
 	NOT-FOR-US: Evergreen library
-CVE-2015-2203 (Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users ...)
+CVE-2015-2203
 	NOT-FOR-US: Evergreen library
-CVE-2015-2192 (Integer overflow in the dissect_osd2_cdb_continuation function in ...)
+CVE-2015-2192
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[wheezy] - wireshark <not-affected> (Only affects 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.12.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024
-CVE-2015-2191 (Integer overflow in the dissect_tnef function in ...)
+CVE-2015-2191
 	{DSA-3210-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
-CVE-2015-2190 (epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly ...)
+CVE-2015-2190
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[wheezy] - wireshark <not-affected> (Only affects 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.12.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10983
-CVE-2015-2189 (Off-by-one error in the pcapng_read function in wiretap/pcapng.c in ...)
+CVE-2015-2189
 	{DSA-3210-1}
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10895
-CVE-2015-2188 (epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x ...)
+CVE-2015-2188
 	{DSA-3210-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-07.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d
-CVE-2015-2187 (The dissect_atn_cpdlc_heur function in ...)
+CVE-2015-2187
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[wheezy] - wireshark <not-affected> (Only affects 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.12.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9952
-CVE-2015-2186 (The Ansible edxapp role in the Configuration Repo in edX allows remote ...)
+CVE-2015-2186
 	NOT-FOR-US: edX
 CVE-2015-2185
 	RESERVED
-CVE-2015-2184 (ZeusCart 4 allows remote attackers to obtain configuration information ...)
+CVE-2015-2184
 	NOT-FOR-US: ZeusCart
-CVE-2015-2183 (Multiple SQL injection vulnerabilities in the administrative backend ...)
+CVE-2015-2183
 	NOT-FOR-US: ZeusCart
-CVE-2015-2182 (Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 ...)
+CVE-2015-2182
 	NOT-FOR-US: ZeusCart
-CVE-2015-2181 (Multiple buffer overflows in the DBMail driver in the Password plugin ...)
+CVE-2015-2181
 	- roundcube 1.1.1+dfsg.1-2
 	[wheezy] - roundcube <not-affected> (variable and chgdbmailusers.c does not exist)
 	NOTE: http://trac.roundcube.net/ticket/1490261
 	NOTE: http://advisories.mageia.org/MGASA-2015-0400.html
 	NOTE: http://lists.opensuse.org/opensuse-updates/2015-07/msg00032.html
-CVE-2015-2180 (The DBMail driver in the Password plugin in Roundcube before 1.1.0 ...)
+CVE-2015-2180
 	- roundcube 1.1.1+dfsg.1-2
 	[wheezy] - roundcube <not-affected> (dbmail driver does not exist)
 	NOTE: http://trac.roundcube.net/ticket/1490261
@@ -20640,7 +20640,7 @@ CVE-2015-2179
 	RESERVED
 CVE-2015-2178
 	REJECTED
-CVE-2015-2177 (Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a ...)
+CVE-2015-2177
 	NOT-FOR-US: Siemens
 CVE-2015-2176
 	RESERVED
@@ -20650,23 +20650,23 @@ CVE-2015-2174
 	RESERVED
 CVE-2015-2173
 	RESERVED
-CVE-2015-2171 (Middleware/SessionCookie.php in Slim before 2.6.0 allows remote ...)
+CVE-2015-2171
 	NOT-FOR-US: Slim PHP Framework
-CVE-2015-2170 (The upx decoder in ClamAV before 0.98.7 allows remote attackers to ...)
+CVE-2015-2170
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/625f5a9b8f008b8714850e4aa064dee1de06e534
-CVE-2015-2169 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...)
+CVE-2015-2169
 	NOT-FOR-US: Zoho ManageEngine AssetExplorer
 CVE-2015-2168
 	REJECTED
-CVE-2015-2167 (Open redirect vulnerability in the 3PI Manager in Ericsson Drutt ...)
+CVE-2015-2167
 	NOT-FOR-US: Ericsson
-CVE-2015-2166 (Directory traversal vulnerability in the Instance Monitor in Ericsson ...)
+CVE-2015-2166
 	NOT-FOR-US: Ericsson
-CVE-2015-2165 (Multiple cross-site scripting (XSS) vulnerabilities in the Report ...)
+CVE-2015-2165
 	NOT-FOR-US: Ericsson
 CVE-2015-2164
 	RESERVED
@@ -20680,7 +20680,7 @@ CVE-2015-2160
 	RESERVED
 CVE-2015-2159
 	RESERVED
-CVE-2015-2156 (Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before ...)
+CVE-2015-2156
 	- netty3.1 <removed>
 	[wheezy] - netty3.1 <no-dsa> (Minor issue)
 	- netty 1:4.0.31-1 (bug #796114)
@@ -20694,72 +20694,72 @@ CVE-2015-2156 (Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x befor
 	NOTE: https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass
 	NOTE: http://web.archive.org/web/20150925094949/http://engineering.linkedin.com/security/look-netty%E2%80%99s-recent-security-update-cve%C2%AD-2015%C2%AD-2156
 	NOTE: https://github.com/slandelle/netty/commit/800555417e77029dcf8a31d7de44f27b5a8f79b8
-CVE-2015-2155 (The force printer in tcpdump before 4.7.2 allows remote attackers to ...)
+CVE-2015-2155
 	{DSA-3193-1 DLA-174-1}
 	- tcpdump 4.6.2-4
 	NOTE: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch
-CVE-2015-2154 (The osi_print_cksum function in print-isoclns.c in the ethernet ...)
+CVE-2015-2154
 	{DSA-3193-1 DLA-174-1}
 	- tcpdump 4.6.2-4
 	NOTE: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch
-CVE-2015-2153 (The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer ...)
+CVE-2015-2153
 	{DSA-3193-1}
 	- tcpdump 4.6.2-4
 	[squeeze] - tcpdump <not-affected> (Vulnerable code not present)
 	NOTE: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch
-CVE-2015-2152 (Xen 4.5.x and earlier enables certain default backends when emulating ...)
+CVE-2015-2152
 	- xen 4.4.1-9 (low; bug #780975)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-119.html
-CVE-2015-2151 (The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore ...)
+CVE-2015-2151
 	{DSA-3181-1}
 	- xen 4.4.1-8 (bug #780227)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-123.html
-CVE-2015-2150 (Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not ...)
+CVE-2015-2150
 	{DSA-3237-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <not-affected> (xen-pciback introduced in 3.1)
 	NOTE: http://xenbits.xen.org/xsa/advisory-120.html
-CVE-2015-2149 (Multiple cross-site scripting (XSS) vulnerabilities in the administrative ...)
+CVE-2015-2149
 	NOT-FOR-US: MyBB
-CVE-2015-2148 (Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker ...)
+CVE-2015-2148
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2147 (Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker ...)
+CVE-2015-2147
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2146 (Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker ...)
+CVE-2015-2146
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2145 (Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker ...)
+CVE-2015-2145
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2144 (Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker ...)
+CVE-2015-2144
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2143 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-2143
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2142 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-2142
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2141 (The InvertibleRWFunction::CalculateInverse function in rw.cpp in ...)
+CVE-2015-2141
 	{DSA-3296-1 DLA-262-1}
 	- libcrypto++ 5.6.1-7
 	NOTE: https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff
 	NOTE: https://eprint.iacr.org/2015/368
-CVE-2015-2140 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix ...)
+CVE-2015-2140
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-2139 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix ...)
+CVE-2015-2139
 	NOT-FOR-US: HP Systems Insight Manager
 CVE-2015-2138
 	REJECTED
-CVE-2015-2137 (Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, ...)
+CVE-2015-2137
 	NOT-FOR-US: HP Operations Manager i
-CVE-2015-2136 (HP ArcSight Logger before 6.0 P2 allows remote authenticated users to ...)
+CVE-2015-2136
 	NOT-FOR-US: HP ArcSight
-CVE-2015-2135 (Unspecified vulnerability in HP Intelligent Provisioning 1.00 through ...)
+CVE-2015-2135
 	NOT-FOR-US: HP Intelligent Provisioning
-CVE-2015-2134 (Cross-site request forgery (CSRF) vulnerability in HP System ...)
+CVE-2015-2134
 	NOT-FOR-US: Hewlett-Packard
 CVE-2015-2133
 	REJECTED
-CVE-2015-2132 (Unspecified vulnerability in the execve system-call implementation in ...)
+CVE-2015-2132
 	NOT-FOR-US: HP HP-UX
 CVE-2015-2131
 	REJECTED
@@ -20771,57 +20771,57 @@ CVE-2015-2128
 	REJECTED
 CVE-2015-2127
 	REJECTED
-CVE-2015-2126 (Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows ...)
+CVE-2015-2126
 	NOT-FOR-US: HP-UX (pppoec)
-CVE-2015-2125 (Unspecified vulnerability in HP WebInspect 7.x through 10.4 before ...)
+CVE-2015-2125
 	NOT-FOR-US: HP WebInspect
-CVE-2015-2124 (Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 ...)
+CVE-2015-2124
 	NOT-FOR-US: HP
-CVE-2015-2123 (Unspecified vulnerability in HP NonStop Safeguard Security Software ...)
+CVE-2015-2123
 	NOT-FOR-US: HP NonStop Safeguard Security Software
-CVE-2015-2122 (The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows ...)
+CVE-2015-2122
 	NOT-FOR-US: HP
-CVE-2015-2121 (HP Network Virtualization for LoadRunner and Performance Center 8.61 ...)
+CVE-2015-2121
 	NOT-FOR-US: HP
-CVE-2015-2120 (Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x ...)
+CVE-2015-2120
 	NOT-FOR-US: HP SiteScope
 CVE-2015-2119
 	REJECTED
-CVE-2015-2118 (Unspecified vulnerability in the Secure Pull Print and Security Pull ...)
+CVE-2015-2118
 	NOT-FOR-US: HP Access Control Software
-CVE-2015-2117 (HP TippingPoint Security Management System (SMS) and TippingPoint ...)
+CVE-2015-2117
 	NOT-FOR-US: HP TippingPoint
-CVE-2015-2116 (Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 ...)
+CVE-2015-2116
 	NOT-FOR-US: HP
-CVE-2015-2115 (Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 ...)
+CVE-2015-2115
 	NOT-FOR-US: HP Capture and Route
-CVE-2015-2114 (HP Support Solution Framework before 11.51.0049 allows remote ...)
+CVE-2015-2114
 	NOT-FOR-US: HP Support Solution Framework
-CVE-2015-2113 (Unspecified vulnerability in HP Easy Deploy, as distributed standalone ...)
+CVE-2015-2113
 	NOT-FOR-US: HP Thin Clients
-CVE-2015-2112 (Unspecified vulnerability in HP Easy Deploy, as distributed standalone ...)
+CVE-2015-2112
 	NOT-FOR-US: HP Thin Clients
-CVE-2015-2111 (Unspecified vulnerability in HP Intelligent Provisioning 1.40 through ...)
+CVE-2015-2111
 	NOT-FOR-US: HP Intelligent Provisioning
-CVE-2015-2110 (Buffer overflow in HP LoadRunner 11.52 allows remote attackers to ...)
+CVE-2015-2110
 	NOT-FOR-US: HP LoadRunner
-CVE-2015-2109 (Unspecified vulnerability in HP Operations Orchestration 10.x allows ...)
+CVE-2015-2109
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2015-2108 (Unspecified vulnerability in Powershell Operations in HP Operations ...)
+CVE-2015-2108
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2015-2107 (HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows ...)
+CVE-2015-2107
 	NOT-FOR-US: HP Operations Manager
-CVE-2015-2106 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 ...)
+CVE-2015-2106
 	NOT-FOR-US: HP Integrated Lights-Out
 CVE-2015-2105
 	RESERVED
 CVE-2015-2104
 	RESERVED
-CVE-2015-2103 (Cross-site scripting (XSS) vulnerability in the admin-login panel ...)
+CVE-2015-2103
 	NOT-FOR-US: Cosmoshop
-CVE-2015-2102 (SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 ...)
+CVE-2015-2102
 	NOT-FOR-US: ClipBucket
-CVE-2015-2101 (Cross-site scripting (XSS) vulnerability in the Navigate bar in the ...)
+CVE-2015-2101
 	NOT-FOR-US: Navigate module for Drupal
 CVE-2015-XXXX [heap buffer overflow]
 	- bibtool 2.57+ds-3 (bug #779573)
@@ -20851,7 +20851,7 @@ CVE-2015-XXXX [MATTA-2015-002: Enforce acceptable range for Diffie-Hellman serve
 	NOTE: temporary workaround until CVE assigned to explitly tag for wheezy+squeeze
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/27/4
 	NOTE: http://advisories.mageia.org/MGASA-2015-0098.html
-CVE-2015-2172 (DokuWiki before 2014-05-05d and before 2014-09-29c does not properly ...)
+CVE-2015-2172
 	- dokuwiki 0.0.20140929.d-1 (bug #779547)
 	[jessie] - dokuwiki 0.0.20140505.a+dfsg-4
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
@@ -20859,12 +20859,12 @@ CVE-2015-2172 (DokuWiki before 2014-05-05d and before 2014-09-29c does not prope
 	NOTE: present since release_candidate_2013-10-28
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1056
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/4970ad24ce49ec76a0ee67bca7594f918ced2f5f
-CVE-2015-2158 (Off-by-one error in the pngcrush_measure_idat function in pngcrush.c ...)
+CVE-2015-2158
 	- pngcrush <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by http://sourceforge.net/p/pmt/code/ci/e1a36a9639e2db16494d90459c7c2b78677a20bf/ (1.7.83)
 	NOTE: Fixed by: http://sourceforge.net/p/pmt/code/ci/a1ce646d00a400fd9ec321ab5cb522f40b7bdfe6/ (1.7.84)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/28/6
-CVE-2015-2157 (The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY ...)
+CVE-2015-2157
 	{DSA-3190-1 DLA-173-1}
 	- putty 0.63-10 (bug #779488)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
@@ -20874,44 +20874,44 @@ CVE-2015-2099
 	RESERVED
 CVE-2015-2098
 	RESERVED
-CVE-2015-2097 (Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) ...)
+CVE-2015-2097
 	NOT-FOR-US: WESP SDK
-CVE-2015-2096 (Use-after-free vulnerability in the Connect function in the ...)
+CVE-2015-2096
 	NOT-FOR-US: WebGate eDVR Manager
-CVE-2015-2095 (Heap-based buffer overflow in the SetConnectInfo function in the ...)
+CVE-2015-2095
 	NOT-FOR-US: WebGate eDVR Manager
-CVE-2015-2094 (Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 ...)
+CVE-2015-2094
 	NOT-FOR-US: WebGate WinRDS
-CVE-2015-2093 (Stack-based buffer overflow in the Connect function in the WebGate ...)
+CVE-2015-2093
 	NOT-FOR-US: WebGate WEbEyeAudio ActiveX control
-CVE-2015-2092 (The AnnotationX.AnnList.1 ActiveX control in Agilent Technologies ...)
+CVE-2015-2092
 	NOT-FOR-US: Agilent Technologies Feature Extraction
-CVE-2015-2090 (SQL injection vulnerability in the ajax_survey function in ...)
+CVE-2015-2090
 	NOT-FOR-US: ajax_survey function in settings.php in the WordPress Survey and Poll plugin for WordPress
-CVE-2015-2089 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-2089
 	NOT-FOR-US: CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin for WordPress
-CVE-2015-2088 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
+CVE-2015-2088
 	NOT-FOR-US: Term Queue model for Drupal
-CVE-2015-2087 (Unrestricted file upload vulnerability in the Avatar Uploader module ...)
+CVE-2015-2087
 	NOT-FOR-US: Avatar Uploader module for Drupal
-CVE-2015-2086 (Cross-site scripting (XSS) vulnerability in the live preview in the ...)
+CVE-2015-2086
 	NOT-FOR-US: Panopoly Magic module for Drupal
 CVE-2015-2085
 	RESERVED
-CVE-2015-2084 (Cross-site request forgery (CSRF) vulnerability in the Easy Social ...)
+CVE-2015-2084
 	NOT-FOR-US: Easy Social Icons plugin for WordPress
-CVE-2015-2083 (Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows ...)
+CVE-2015-2083
 	NOT-FOR-US: Ilch CMS
-CVE-2015-2082 (Cross-site scripting (XSS) vulnerability in Login.aspx in UNIT4 ...)
+CVE-2015-2082
 	NOT-FOR-US: UNIT4 Prosoft HRMS
-CVE-2015-2081 (Datto ALTO and SIRIS devices allow Remote Code Execution via ...)
+CVE-2015-2081
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-8985 (The pop_fail_stack function in the GNU C Library (aka glibc or libc6) ...)
+CVE-2015-8985
 	- glibc 2.28-1 (unimportant; bug #779392)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21163
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672 (2.28)
 	NOTE: DoS via crafted regexps are not considered security issues by glibc upstream
-CVE-2015-8984 (The fnmatch function in the GNU C Library (aka glibc or libc6) before ...)
+CVE-2015-8984
 	{DLA-316-1}
 	- glibc 2.21-1 (bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
@@ -20922,37 +20922,37 @@ CVE-2015-8984 (The fnmatch function in the GNU C Library (aka glibc or libc6) be
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/26/5
 CVE-2015-2079
 	RESERVED
-CVE-2015-2078 (The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft ...)
+CVE-2015-2078
 	NOT-FOR-US: Lavasoft Ad-Aware Web Companion
-CVE-2015-2077 (The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft ...)
+CVE-2015-2077
 	NOT-FOR-US: Lavasoft Ad-Aware Web Companion
-CVE-2015-2076 (The Auditing service in SAP BusinessObjects Edge 4.0 allows remote ...)
+CVE-2015-2076
 	NOT-FOR-US: SAP
-CVE-2015-2075 (SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit ...)
+CVE-2015-2075
 	NOT-FOR-US: SAP
 CVE-2015-2074
 	RESERVED
 CVE-2015-2073
 	RESERVED
-CVE-2015-2072 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 ...)
+CVE-2015-2072
 	NOT-FOR-US: SAP
-CVE-2015-2071 (Directory traversal vulnerability in cm/newui/blog/export.jsp in ...)
+CVE-2015-2071
 	NOT-FOR-US: eTouch SamePage Enterprise Edition
-CVE-2015-2070 (SQL injection vulnerability in eTouch SamePage Enterprise Edition ...)
+CVE-2015-2070
 	NOT-FOR-US: eTouch SamePage Enterprise Edition
-CVE-2015-2069 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
+CVE-2015-2069
 	NOT-FOR-US: WooCommerce plugin for WordPress
-CVE-2015-2068 (Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka ...)
+CVE-2015-2068
 	NOT-FOR-US: Magento Server
-CVE-2015-2067 (Directory traversal vulnerability in web/ajax_pluginconf.php in the ...)
+CVE-2015-2067
 	NOT-FOR-US: Magento Server
-CVE-2015-2066 (SQL injection vulnerability in DLGuard 4.5 allows remote attackers to ...)
+CVE-2015-2066
 	NOT-FOR-US: DLGuard
-CVE-2015-2065 (SQL injection vulnerability in videogalleryrss.php in the Apptha ...)
+CVE-2015-2065
 	NOT-FOR-US: Apptha WordPress Video Gallery (contus-video-gallery) plugin for WordPress
-CVE-2015-2064 (Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, ...)
+CVE-2015-2064
 	NOT-FOR-US: DLGuard
-CVE-2015-2080 (The exception handling code in Eclipse Jetty before 9.2.9.v20150224 ...)
+CVE-2015-2080
 	- jetty <not-affected> (Only affects 9.2.3.v20140905 through 9.2.8.v20150217)
 	- jetty8 <not-affected> (Only affects 9.2.3.v20140905 through 9.2.8.v20150217)
 	NOTE: http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00074.html
@@ -20960,45 +20960,45 @@ CVE-2015-2080 (The exception handling code in Eclipse Jetty before 9.2.9.v201502
 	NOTE: http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html
 CVE-2015-2062
 	RESERVED
-CVE-2015-2061 (Heap-based buffer overflow in the browser plugin for PTC Creo View ...)
+CVE-2015-2061
 	NOT-FOR-US: PTC Creo View
 CVE-2015-2057
 	RESERVED
 CVE-2015-2056
 	RESERVED
-CVE-2015-2055 (Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to ...)
+CVE-2015-2055
 	NOT-FOR-US: Zhone GPON 2520
-CVE-2015-2054 (CRLF injection vulnerability in export.cfg in the web-based ...)
+CVE-2015-2054
 	NOT-FOR-US: Sierra Wireless AirCard
-CVE-2015-2053 (The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, ...)
+CVE-2015-2053
 	NOT-FOR-US: McAfee
-CVE-2015-2052 (Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. ...)
+CVE-2015-2052
 	NOT-FOR-US: DIR-645 Wired/Wireless Router Rev. Ax
-CVE-2015-2051 (The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 ...)
+CVE-2015-2051
 	NOT-FOR-US: D-Link DIR-645 Wired/Wireless Router Rev. Ax
-CVE-2015-2050 (D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers ...)
+CVE-2015-2050
 	NOT-FOR-US: D-Link DAP-1320 Rev Ax
-CVE-2015-2049 (Unrestricted file upload vulnerability in D-Link DCS-931L with ...)
+CVE-2015-2049
 	NOT-FOR-US: D-Link DCS-931L
-CVE-2015-2048 (Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L ...)
+CVE-2015-2048
 	NOT-FOR-US: D-Link DCS-931L
-CVE-2015-2045 (The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does ...)
+CVE-2015-2045
 	{DSA-3181-1}
 	- xen 4.4.1-8
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-122.html
-CVE-2015-2044 (The emulation routines for unspecified X86 devices in Xen 3.2.x ...)
+CVE-2015-2044
 	{DSA-3181-1}
 	- xen 4.4.1-8
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-121.html
-CVE-2015-2043 (Multiple cross-site scripting (XSS) vulnerabilities in Visualware ...)
+CVE-2015-2043
 	NOT-FOR-US: Visualware
-CVE-2015-2040 (Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka ...)
+CVE-2015-2040
 	NOT-FOR-US: Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin for WordPress
-CVE-2015-2039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-2039
 	NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
-CVE-2015-8983 (Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c ...)
+CVE-2015-8983
 	{DLA-316-1}
 	- eglibc <removed>
 	[wheezy] - eglibc 2.13-38+deb7u9
@@ -21008,7 +21008,7 @@ CVE-2015-8983 (Integer overflow in the _IO_wstr_overflow function in libio/wstro
 	NOTE: Fixed upstream in 2.22
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bdf1ff052a8e23d637f2c838fa5642d78fcedc33
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/22/15
-CVE-2015-8477 (Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 ...)
+CVE-2015-8477
 	- redmine 3.0~20140825-5 (low)
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	[wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -21016,7 +21016,7 @@ CVE-2015-8477 (Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/19117
 	NOTE: https://github.com/redmine/redmine/commit/a1f40686ba43d121cbc8c095d2f8cc4095e70352#diff-847ef9328e260b1b93fd165d072b072d
-CVE-2015-2047 (The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through ...)
+CVE-2015-2047
 	{DSA-3164-1}
 	- typo3-src 4.5.40+dfsg1-1 (bug #778870)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
@@ -21027,348 +21027,348 @@ CVE-2015-2037
 	RESERVED
 CVE-2015-2036
 	RESERVED
-CVE-2015-2033 (Anyterm Daemon in Infoblox Network Automation NetMRI before ...)
+CVE-2015-2033
 	NOT-FOR-US: Anyterm Daemon
 CVE-2015-2032
 	RESERVED
-CVE-2015-2031 (Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme ...)
+CVE-2015-2031
 	NOT-FOR-US: IBM
-CVE-2015-2030 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before ...)
+CVE-2015-2030
 	NOT-FOR-US: IBM
-CVE-2015-2029 (Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 ...)
+CVE-2015-2029
 	NOT-FOR-US: IBM
-CVE-2015-2028 (CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 ...)
+CVE-2015-2028
 	NOT-FOR-US: IBM
-CVE-2015-2027 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before ...)
+CVE-2015-2027
 	NOT-FOR-US: IBM
-CVE-2015-2026 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
+CVE-2015-2026
 	NOT-FOR-US: IBM
-CVE-2015-2025 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before ...)
+CVE-2015-2025
 	NOT-FOR-US: IBM
 CVE-2015-2024
 	RESERVED
-CVE-2015-2023 (Buffer overflow in IBM i Access 7.1 on Windows allows local users to ...)
+CVE-2015-2023
 	NOT-FOR-US: IBM i Access 7.1 on Windows
 CVE-2015-2022
 	RESERVED
 CVE-2015-2021
 	RESERVED
-CVE-2015-2020 (The MyScript SDK before 1.3 for Android might allow attackers to ...)
+CVE-2015-2020
 	NOT-FOR-US: MyScript SDK
-CVE-2015-2019 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
+CVE-2015-2019
 	NOT-FOR-US: IBM
-CVE-2015-2018 (IBM Integration Bus 9 and 10 before 10.0.0.1 and WebSphere Message ...)
+CVE-2015-2018
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-2017 (CRLF injection vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2015-2017
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-2016 (Unspecified vulnerability in IBM QRadar SIEM 7.1 MR2 before Patch 11 ...)
+CVE-2015-2016
 	NOT-FOR-US: IBM
-CVE-2015-2015 (Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the ...)
+CVE-2015-2015
 	NOT-FOR-US: IBM Domino
-CVE-2015-2014 (Open redirect vulnerability in the web server in IBM Domino 8.5 before ...)
+CVE-2015-2014
 	NOT-FOR-US: IBM Domino
-CVE-2015-2013 (IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to ...)
+CVE-2015-2013
 	NOT-FOR-US: IBM
-CVE-2015-2012 (The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before ...)
+CVE-2015-2012
 	NOT-FOR-US: IBM
-CVE-2015-2011 (The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch ...)
+CVE-2015-2011
 	NOT-FOR-US: IBM
 CVE-2015-2010
 	REJECTED
-CVE-2015-2009 (Cross-site request forgery (CSRF) vulnerability in the xmlrpc.cgi ...)
+CVE-2015-2009
 	NOT-FOR-US: IBM
-CVE-2015-2008 (IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x ...)
+CVE-2015-2008
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-2007 (Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x ...)
+CVE-2015-2007
 	NOT-FOR-US: IBM Security QRadar SIEM
 CVE-2015-2006
 	RESERVED
-CVE-2015-2005 (IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x ...)
+CVE-2015-2005
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-2004 (The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might ...)
+CVE-2015-2004
 	NOT-FOR-US: GraceNote GNSDK SDK
-CVE-2015-2003 (The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might ...)
+CVE-2015-2003
 	NOT-FOR-US: PJSIP PJSUA2 SDK
-CVE-2015-2002 (The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow ...)
+CVE-2015-2002
 	NOT-FOR-US: ESRI ArcGis Runtime SDK
-CVE-2015-2001 (The MetaIO SDK before 6.0.2.1 for Android might allow attackers to ...)
+CVE-2015-2001
 	NOT-FOR-US: MetaIO SDK
-CVE-2015-2000 (The Jumio SDK before 1.5.0 for Android might allow attackers to ...)
+CVE-2015-2000
 	NOT-FOR-US: Jumio SDK
-CVE-2015-1999 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 ...)
+CVE-2015-1999
 	NOT-FOR-US: IBM QRadar
 CVE-2015-1998
 	RESERVED
-CVE-2015-1997 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
+CVE-2015-1997
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1996 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does ...)
+CVE-2015-1996
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1995 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Security ...)
+CVE-2015-1995
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1994 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does ...)
+CVE-2015-1994
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1993 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does ...)
+CVE-2015-1993
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1992 (IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, ...)
+CVE-2015-1992
 	NOT-FOR-US: IBM Systems Director
 CVE-2015-1991
 	REJECTED
 CVE-2015-1990
 	REJECTED
-CVE-2015-1989 (SQL injection vulnerability in IBM Security QRadar Incident Forensics ...)
+CVE-2015-1989
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1988 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger ...)
+CVE-2015-1988
 	NOT-FOR-US: IBM
-CVE-2015-1987 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial ...)
+CVE-2015-1987
 	NOT-FOR-US: IBM
-CVE-2015-1986 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
+CVE-2015-1986
 	NOT-FOR-US: IBM
-CVE-2015-1985 (The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows ...)
+CVE-2015-1985
 	NOT-FOR-US: IBM MQ M2000 appliances
-CVE-2015-1984 (IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, ...)
+CVE-2015-1984
 	NOT-FOR-US: IBM
-CVE-2015-1983 (Cross-site scripting (XSS) vulnerability in the Projects page in IBM ...)
+CVE-2015-1983
 	NOT-FOR-US: IBM
-CVE-2015-1982 (IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, ...)
+CVE-2015-1982
 	NOT-FOR-US: IBM
-CVE-2015-1981 (Cross-site scripting (XSS) vulnerability in the web server in IBM ...)
+CVE-2015-1981
 	NOT-FOR-US: IBM
-CVE-2015-1980 (IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, ...)
+CVE-2015-1980
 	NOT-FOR-US: IBM
-CVE-2015-1979 (Multiple cross-site scripting (XSS) vulnerabilities in the Error ...)
+CVE-2015-1979
 	NOT-FOR-US: IBM
-CVE-2015-1978 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Security ...)
+CVE-2015-1978
 	NOT-FOR-US: IBM
-CVE-2015-1977 (Directory traversal vulnerability in the Web Administration tool in ...)
+CVE-2015-1977
 	NOT-FOR-US: IBM
-CVE-2015-1976 (IBM Security Directory Server could allow an authenticated user to ...)
+CVE-2015-1976
 	NOT-FOR-US: IBM
-CVE-2015-1975 (The web administration tool in IBM Tivoli Security Directory Server ...)
+CVE-2015-1975
 	NOT-FOR-US: IBM
-CVE-2015-1974 (The web administration tool in IBM Tivoli Security Directory Server ...)
+CVE-2015-1974
 	NOT-FOR-US: IBM
 CVE-2015-1973
 	RESERVED
-CVE-2015-1972 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
+CVE-2015-1972
 	NOT-FOR-US: IBM
-CVE-2015-1971 (Unspecified vulnerability in Jazz Team Server in Jazz Foundation in ...)
+CVE-2015-1971
 	NOT-FOR-US: IBM
-CVE-2015-1970 (The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 ...)
+CVE-2015-1970
 	NOT-FOR-US: IBM
-CVE-2015-1969 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Common ...)
+CVE-2015-1969
 	NOT-FOR-US: IBM
-CVE-2015-1968 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
+CVE-2015-1968
 	NOT-FOR-US: IBM
-CVE-2015-1967 (MQ Explorer in IBM WebSphere MQ before 8.0.0.3 does not recognize the ...)
+CVE-2015-1967
 	NOT-FOR-US: IBM
-CVE-2015-1966 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli ...)
+CVE-2015-1966
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2015-1965 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1965
 	NOT-FOR-US: IBM
-CVE-2015-1964 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1964
 	NOT-FOR-US: IBM
-CVE-2015-1963 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1963
 	NOT-FOR-US: IBM
-CVE-2015-1962 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1962
 	NOT-FOR-US: IBM
-CVE-2015-1961 (The REST API in IBM Business Process Manager (BPM) 7.5.x through ...)
+CVE-2015-1961
 	NOT-FOR-US: IBM
 CVE-2015-1960
 	RESERVED
-CVE-2015-1959 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
+CVE-2015-1959
 	NOT-FOR-US: IBM
-CVE-2015-1958 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial ...)
+CVE-2015-1958
 	NOT-FOR-US: IBM
-CVE-2015-1957 (IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3 allows ...)
+CVE-2015-1957
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2015-1956 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial ...)
+CVE-2015-1956
 	NOT-FOR-US: IBM
-CVE-2015-1955 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial ...)
+CVE-2015-1955
 	NOT-FOR-US: IBM
-CVE-2015-1954 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1954
 	NOT-FOR-US: IBM
-CVE-2015-1953 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1953
 	NOT-FOR-US: IBM
-CVE-2015-1952 (Cross-site scripting (XSS) vulnerability in IBM AppScan Enterprise ...)
+CVE-2015-1952
 	NOT-FOR-US: IBM
-CVE-2015-1951 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
+CVE-2015-1951
 	NOT-FOR-US: IBM
-CVE-2015-1950 (IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require ...)
+CVE-2015-1950
 	NOT-FOR-US: IBM
-CVE-2015-1949 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
+CVE-2015-1949
 	NOT-FOR-US: IBM
-CVE-2015-1948 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1948
 	NOT-FOR-US: IBM
-CVE-2015-1947 (Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, ...)
+CVE-2015-1947
 	NOT-FOR-US: IBM InfoSphere BigInsights
-CVE-2015-1946 (IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and ...)
+CVE-2015-1946
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-1945 (Unspecified vulnerability in the Reference Data Management component ...)
+CVE-2015-1945
 	NOT-FOR-US: IBM InfoSphere
-CVE-2015-1944 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
+CVE-2015-1944
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-1943 (IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through ...)
+CVE-2015-1943
 	NOT-FOR-US: IBM
-CVE-2015-1942 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
+CVE-2015-1942
 	NOT-FOR-US: IBM
-CVE-2015-1941 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
+CVE-2015-1941
 	NOT-FOR-US: IBM
 CVE-2015-1940
 	RESERVED
 CVE-2015-1939
 	RESERVED
-CVE-2015-1938 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
+CVE-2015-1938
 	NOT-FOR-US: IBM
-CVE-2015-1937 (IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and ...)
+CVE-2015-1937
 	NOT-FOR-US: IBM PowerVC
-CVE-2015-1936 (The administrative console in IBM WebSphere Application Server (WAS) ...)
+CVE-2015-1936
 	NOT-FOR-US: IBM WAS
-CVE-2015-1935 (The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 ...)
+CVE-2015-1935
 	NOT-FOR-US: IBM DB2
-CVE-2015-1934 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
+CVE-2015-1934
 	NOT-FOR-US: IBM
-CVE-2015-1933 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
+CVE-2015-1933
 	NOT-FOR-US: IBM
-CVE-2015-1932 (IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before ...)
+CVE-2015-1932
 	NOT-FOR-US: IBM WebSphere
 CVE-2015-1931
 	RESERVED
 	NOT-FOR-US: IBM JDK
-CVE-2015-1930 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1930
 	NOT-FOR-US: IBM
-CVE-2015-1929 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1929
 	NOT-FOR-US: IBM
-CVE-2015-1928 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative ...)
+CVE-2015-1928
 	NOT-FOR-US: IBM
-CVE-2015-1927 (The default configuration of IBM WebSphere Application Server (WAS) ...)
+CVE-2015-1927
 	NOT-FOR-US: IBM WAS
-CVE-2015-1926 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+CVE-2015-1926
 	NOT-FOR-US: Oracle WebCenter Portal
-CVE-2015-1925 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1925
 	NOT-FOR-US: IBM
-CVE-2015-1924 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
+CVE-2015-1924
 	NOT-FOR-US: IBM
-CVE-2015-1923 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...)
+CVE-2015-1923
 	NOT-FOR-US: IBM
-CVE-2015-1922 (The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 ...)
+CVE-2015-1922
 	NOT-FOR-US: IBM DB2
-CVE-2015-1921 (Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before ...)
+CVE-2015-1921
 	NOT-FOR-US: IBM
-CVE-2015-1920 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 ...)
+CVE-2015-1920
 	NOT-FOR-US: IBM
-CVE-2015-1919 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar ...)
+CVE-2015-1919
 	NOT-FOR-US: IBM
 CVE-2015-1918
 	RESERVED
-CVE-2015-1917 (Cross-site scripting (XSS) vulnerability in the Active Content ...)
+CVE-2015-1917
 	NOT-FOR-US: IBM
-CVE-2015-1916 (Unspecified vulnerability in IBM Java 8 before SR1 allows remote ...)
+CVE-2015-1916
 	NOT-FOR-US: IBM JDK
-CVE-2015-1915 (The Endpoint Manager for Remote Control component in IBM Tivoli ...)
+CVE-2015-1915
 	NOT-FOR-US: IBM
-CVE-2015-1914 (IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before ...)
+CVE-2015-1914
 	NOT-FOR-US: IBM JDK
-CVE-2015-1913 (Rational Test Control Panel in IBM Rational Test Workbench and ...)
+CVE-2015-1913
 	NOT-FOR-US: IBM
 CVE-2015-1912
 	RESERVED
-CVE-2015-1911 (Cross-site scripting (XSS) vulnerability in Sterling Order Management ...)
+CVE-2015-1911
 	NOT-FOR-US: Sterling Order Management
-CVE-2015-1910 (Cross-site scripting (XSS) vulnerability in the Reference Data ...)
+CVE-2015-1910
 	NOT-FOR-US: IBM
-CVE-2015-1909 (The XML parser in the Reference Data Management component in the ...)
+CVE-2015-1909
 	NOT-FOR-US: IBM
-CVE-2015-1908 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
+CVE-2015-1908
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-1907 (The Administration and Reporting Tool in IBM Rational License Key ...)
+CVE-2015-1907
 	NOT-FOR-US: IBM Rational License Key Server
-CVE-2015-1906 (Cross-site scripting (XSS) vulnerability in the REST API in IBM ...)
+CVE-2015-1906
 	NOT-FOR-US: IBM BPM
-CVE-2015-1905 (The REST API in IBM Business Process Manager (BPM) 7.5.x through ...)
+CVE-2015-1905
 	NOT-FOR-US: IBM BPM
-CVE-2015-1904 (IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3, 8.5.0 ...)
+CVE-2015-1904
 	NOT-FOR-US: IBM
-CVE-2015-1903 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)
+CVE-2015-1903
 	NOT-FOR-US: IBM
-CVE-2015-1902 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)
+CVE-2015-1902
 	NOT-FOR-US: IBM
-CVE-2015-1901 (The installer in IBM InfoSphere Information Server 8.5 through 11.3 ...)
+CVE-2015-1901
 	NOT-FOR-US: IBM
-CVE-2015-1900 (IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 ...)
+CVE-2015-1900
 	NOT-FOR-US: IBM
-CVE-2015-1899 (IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause ...)
+CVE-2015-1899
 	NOT-FOR-US: IBM
-CVE-2015-1898 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
+CVE-2015-1898
 	NOT-FOR-US: IBM
-CVE-2015-1897 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
+CVE-2015-1897
 	NOT-FOR-US: IBM
-CVE-2015-1896 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
+CVE-2015-1896
 	NOT-FOR-US: IBM
-CVE-2015-1895 (IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies on ...)
+CVE-2015-1895
 	NOT-FOR-US: IBM
-CVE-2015-1894 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere ...)
+CVE-2015-1894
 	NOT-FOR-US: IBM
-CVE-2015-1893 (The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows ...)
+CVE-2015-1893
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-1892 (The Multicast DNS (mDNS) responder in IBM Security Access Manager for ...)
+CVE-2015-1892
 	NOT-FOR-US: IBM Security Access Manager
 CVE-2015-1891
 	RESERVED
-CVE-2015-1890 (/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) ...)
+CVE-2015-1890
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-1889 (The Big SQL component in IBM InfoSphere BigInsights 3.0 through ...)
+CVE-2015-1889
 	NOT-FOR-US: IBM InfoSphere BigInsights
-CVE-2015-1888 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator ...)
+CVE-2015-1888
 	NOT-FOR-US: IBM
-CVE-2015-1887 (IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 ...)
+CVE-2015-1887
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-1886 (The Remote Document Conversion Service (DCS) in IBM WebSphere Portal ...)
+CVE-2015-1886
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-1885 (WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 ...)
+CVE-2015-1885
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-1884 (Directory traversal vulnerability in IBM Business Process Manager ...)
+CVE-2015-1884
 	NOT-FOR-US: IBM
-CVE-2015-1883 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 ...)
+CVE-2015-1883
 	NOT-FOR-US: IBM DB2
-CVE-2015-1882 (Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 ...)
+CVE-2015-1882
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-1880 (Cross-site scripting (XSS) vulnerability in the sslvpn login page in ...)
+CVE-2015-1880
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1879 (Cross-site scripting (XSS) vulnerability in the Google Doc Embedder ...)
+CVE-2015-1879
 	NOT-FOR-US: Google Doc Embedder plugin for WordPress
-CVE-2015-2042 (net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect ...)
+CVE-2015-2042
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db27ebb111e9f69efece08e4cb6a34ff980f8896 (v3.19)
 	NOTE: (earliest) introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e5048495c8569bfdd552750e0315973c61e7c93 (v2.6.30-rc1)
-CVE-2015-2041 (net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an ...)
+CVE-2015-2041
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49 (v3.19-rc7)
 	NOTE: (earliest) introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=590232a7150674b2036291eaefce085f3f9659c8 (v2.6.14-rc3)
-CVE-2015-2035 (SQL injection vulnerability in the administrative backend in Piwigo ...)
+CVE-2015-2035
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2015-2034 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
+CVE-2015-2034
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2015-1878 (Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, ...)
+CVE-2015-1878
 	NOT-FOR-US: nShield Connect hardware models
-CVE-2015-1876 (Directory traversal vulnerability in ES File Explorer 3.2.4.1. ...)
+CVE-2015-1876
 	NOT-FOR-US: ES File Explorer
-CVE-2015-1875 (SQL injection vulnerability in a2billing/customer/iridium_threed.php ...)
+CVE-2015-1875
 	NOT-FOR-US: Elastix
-CVE-2015-1874 (Cross-site request forgery (CSRF) vulnerability in the Contact Form DB ...)
+CVE-2015-1874
 	NOT-FOR-US: Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin for WordPress
 CVE-2015-1873
 	RESERVED
-CVE-2015-1872 (The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg ...)
+CVE-2015-1872
 	{DLA-644-1}
 	- ffmpeg 7:2.5.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -21378,12 +21378,12 @@ CVE-2015-1872 (The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmp
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037
 CVE-2015-1871
 	RESERVED
-CVE-2015-1870 (The event scripts in Automatic Bug Reporting Tool (ABRT) uses ...)
+CVE-2015-1870
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2015-1869
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-1868 (The label decompression functionality in PowerDNS Recursor 3.5.x, ...)
+CVE-2015-1868
 	- pdns 3.4.4-1
 	[jessie] - pdns 3.4.1-4+deb8u1
 	[wheezy] - pdns <not-affected> (3.2 and up affected)
@@ -21393,20 +21393,20 @@ CVE-2015-1868 (The label decompression functionality in PowerDNS Recursor 3.5.x,
 	[wheezy] - pdns-recursor <not-affected> (3.5 and up affected)
 	[squeeze] - pdns-recursor <not-affected> (3.5 and up affected)
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
-CVE-2015-1867 (Pacemaker before 1.1.13 does not properly evaluate added nodes, which ...)
+CVE-2015-1867
 	- pacemaker <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://github.com/ClusterLabs/pacemaker/commit/f242c1ef (Pacemaker-1.1.12-rc1)
 	NOTE: Fixed by: https://github.com/ClusterLabs/pacemaker/commit/84ac07c (Pacemaker-1.1.13-rc2)
-CVE-2015-1866 (Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x before ...)
+CVE-2015-1866
 	NOT-FOR-US: ember.js
-CVE-2015-1865 (fts.c in coreutils 8.4 allows local users to delete arbitrary files. ...)
+CVE-2015-1865
 	- coreutils 8.13-1 (low)
 	[squeeze] - coreutils <no-dsa> (Minor issue)
 	NOTE: relevant code changed between 8.5 and 8.13, see https://bugzilla.redhat.com/show_bug.cgi?id=1211300 for details
 	NOTE: Issue reproduced in with 8.5 and confirmed to not work with 8.13-3.5
-CVE-2015-1864 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-1864
 	- kallithea <itp> (bug #689573)
-CVE-2015-1863 (Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows ...)
+CVE-2015-1863
 	{DSA-3233-1}
 	- wpa 2.3-2 (bug #783148)
 	- wpasupplicant <not-affected> (Vulnerable code present since v1.0)
@@ -21414,11 +21414,11 @@ CVE-2015-1863 (Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allo
 	NOTE: Vulnerable are v1.0-v2.4 with CONFIG_P2P build option enabled
 	NOTE: CONFIG_P2P enabled since 1.1-1 in debian/config/wpasupplicant/linux
 	NOTE: Binary packages built for wheezy are not affected since WiFi P2P is disabled
-CVE-2015-1862 (The crash reporting feature in Abrt allows local users to gain ...)
+CVE-2015-1862
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2015-1861
 	RESERVED
-CVE-2015-1860 (Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase ...)
+CVE-2015-1860
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
 	[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -21426,7 +21426,7 @@ CVE-2015-1860 (Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtB
 	- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
 	[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
 	NOTE: http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1859 (Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp ...)
+CVE-2015-1859
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
 	[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -21434,7 +21434,7 @@ CVE-2015-1859 (Multiple buffer overflows in plugins/imageformats/ico/qicohandler
 	- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
 	[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
 	NOTE: http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1858 (Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase ...)
+CVE-2015-1858
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
 	[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -21442,9 +21442,9 @@ CVE-2015-1858 (Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtB
 	- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
 	[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
 	NOTE: http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1857 (The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote ...)
+CVE-2015-1857
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1856 (OpenStack Object Storage (Swift) before 2.3.0, when allow_version is ...)
+CVE-2015-1856
 	- swift 2.2.0-2 (bug #783163)
 	[jessie] - swift 2.2.0-1+deb8u1
 	[wheezy] - swift <no-dsa> (Minor issue)
@@ -21459,7 +21459,7 @@ CVE-2015-1855 [OpenSSL extension hostname matching implementation violates RFC 6
 	- ruby2.2 2.2.2-1
 	NOTE: https://bugs.ruby-lang.org/issues/9644
 	NOTE: https://github.com/ruby/openssl/commit/e9a7bcb8bf2902f907c148a00bbcf21d3fa79596
-CVE-2015-1854 (389 Directory Server before 1.3.3.10 allows attackers to bypass ...)
+CVE-2015-1854
 	{DLA-1428-1}
 	- 389-ds-base 1.3.3.10-1 (bug #783923)
 	NOTE: Patch applied to CentOS package: https://git.centos.org/raw/rpms!389-ds-base.git!/309aa9ee631432d72c845f70df2ce6475055423b/SOURCES!0062-CVE-2015-1854-389ds-base-access-control-bypass-with-.patch
@@ -21468,7 +21468,7 @@ CVE-2015-1853 [authentication doesn't protect symmetric associations against DoS
 	{DSA-3222-1 DLA-193-1}
 	- chrony 1.30-2 (bug #782160)
 	NOTE: Fix: http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=d856bd34c4862398411d29200520e3a3b1d4569e
-CVE-2015-1852 (The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 ...)
+CVE-2015-1852
 	- python-keystonemiddleware 1.5.0-2
 	[jessie] - python-keystonemiddleware 1.0.0-3+deb8u1
 	- python-keystoneclient 1:1.3.0-2 (bug #783164)
@@ -21476,7 +21476,7 @@ CVE-2015-1852 (The s3_token middleware in OpenStack keystonemiddleware before 1.
 	[jessie] - python-keystoneclient 1:0.10.1-2+deb8u1
 	[wheezy] - python-keystoneclient <not-affected> (s3_token middleware not present)
 	NOTE: https://launchpad.net/bugs/1411063
-CVE-2015-1851 (OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 ...)
+CVE-2015-1851
 	{DSA-3292-1}
 	- cinder 2015.1.0+2015.06.16.git26.9634b76ba5-1 (bug #788996)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/13/1
@@ -21489,66 +21489,66 @@ CVE-2015-1850 [Host file disclosure through qcow2 backing file]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1231816
 	NOTE: According to https://bugs.launchpad.net/cinder/+bug/1415087 not exploitable
 	NOTE: in nova, cinder covered by separate CVE ID CVE-2015-1851
-CVE-2015-1849 (AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application ...)
+CVE-2015-1849
 	NOT-FOR-US: JBoss EAP
-CVE-2015-1848 (The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the ...)
+CVE-2015-1848
 	- pcs <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/feist/pcs/commit/898204596a779673c88097bbdbe2d7ed6ed0cc8b (0.9.140)
-CVE-2015-1847 (Directory traversal vulnerability in the web request/response ...)
+CVE-2015-1847
 	NOT-FOR-US: Appserver.io
-CVE-2015-1846 (unzoo allows remote attackers to cause a denial of service (infinite ...)
+CVE-2015-1846
 	- unzoo <removed>
-CVE-2015-1845 (Buffer overflow in the EntrReadArch function in unzoo might allow ...)
+CVE-2015-1845
 	- unzoo <removed>
-CVE-2015-1844 (Foreman before 1.7.5 allows remote authenticated users to bypass ...)
+CVE-2015-1844
 	- foreman <itp> (bug #663101)
-CVE-2015-1843 (The Red Hat docker package before 1.5.0-28, when using the ...)
+CVE-2015-1843
 	- docker.io <not-affected> (RHEL specific problem)
-CVE-2015-1842 (The puppet manifests in the Red Hat openstack-puppet-modules package ...)
+CVE-2015-1842
 	NOT-FOR-US: openstack-puppet-modules
-CVE-2015-1841 (The Web Admin interface in Red Hat Enterprise Virtualization Manager ...)
+CVE-2015-1841
 	NOT-FOR-US: RHEV
-CVE-2015-1840 (jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and ...)
+CVE-2015-1840
 	- ruby-jquery-rails 4.0.4-1 (bug #790395)
 	[jessie] - ruby-jquery-rails <no-dsa> (Minor issue)
 	[wheezy] - ruby-jquery-rails <no-dsa> (Minor issue)
 	NOTE: https://hackerone.com/reports/49935
 	NOTE: https://groups.google.com/forum/#!msg/rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J
 	NOTE: https://nodesecurity.io/advisories/15
-CVE-2015-1839 (modules/chef.py in SaltStack before 2014.7.4 does not properly handle ...)
+CVE-2015-1839
 	- salt <not-affected> (Vulnerable code only present in experimental version; introduced in 2014.7.0)
 	NOTE: https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c
 	NOTE: https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81
-CVE-2015-1838 (modules/serverdensity_device.py in SaltStack before 2014.7.4 does not ...)
+CVE-2015-1838
 	- salt <not-affected> (Vulnerable code only present in experimental version; introduced in 2014.7.0)
 	NOTE: https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c
 CVE-2015-1837
 	RESERVED
-CVE-2015-1836 (Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before ...)
+CVE-2015-1836
 	NOT-FOR-US: Apache HBase
-CVE-2015-1835 (Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an ...)
+CVE-2015-1835
 	NOT-FOR-US: Apache Cordova
-CVE-2015-1834 (A path traversal vulnerability was identified in the Cloud Foundry ...)
+CVE-2015-1834
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-1833 (XML external entity (XXE) vulnerability in Apache Jackrabbit before ...)
+CVE-2015-1833
 	{DSA-3298-1}
 	- jackrabbit 2.10.1-1 (bug #787316)
 	NOTE: https://issues.apache.org/jira/browse/JCR-3883
-CVE-2015-1832 (XML external entity (XXE) vulnerability in the SqlXmlUtil code in ...)
+CVE-2015-1832
 	- derby 10.13.1.1-1
 	[jessie] - derby <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/DERBY-6807
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1691461
 	NOTE: Fixed in 10.12.1.1
-CVE-2015-1831 (The default exclude patterns (excludeParams) in Apache Struts 2.3.20 ...)
+CVE-2015-1831
 	- libstruts1.2-java <not-affected> (Affects only 2.3.20)
 	NOTE: https://struts.apache.org/docs/s2-024.html
-CVE-2015-1830 (Directory traversal vulnerability in the fileserver upload/download ...)
+CVE-2015-1830
 	- activemq <not-affected> (Only affects activemq on Windows)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
-CVE-2015-1829 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2015-1829
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-1828 (The Ruby http gem before 0.7.3 does not verify hostnames in SSL ...)
+CVE-2015-1828
 	- ruby-http 1.0.2-2
 	[jessie] - ruby-http <no-dsa> (Minor issue)
 	NOTE: http.rb failed to call the `#post_connection_check` method on SSL connections.
@@ -21556,7 +21556,7 @@ CVE-2015-1828 (The Ruby http gem before 0.7.3 does not verify hostnames in SSL .
 	NOTE: vulnerable to MitM attacks. The problem was corrected by calling
 	NOTE: `#post_connection_check`.
 	NOTE: Fixed by: https://github.com/httprb/http/commit/24626bfcdeda1084502575c3fbb6091c9e2815e0
-CVE-2015-1827 (The get_user_grouplist function in the extdom plug-in in FreeIPA ...)
+CVE-2015-1827
 	- freeipa <not-affected> (Only affects 4.1, see bug #781224)
 	NOTE: https://fedorahosted.org/freeipa/ticket/4908
 CVE-2015-1826
@@ -21567,15 +21567,15 @@ CVE-2015-1824
 	RESERVED
 CVE-2015-1823
 	RESERVED
-CVE-2015-1822 (chrony before 1.31.1 does not initialize the last &quot;next&quot; pointer when ...)
+CVE-2015-1822
 	{DSA-3222-1 DLA-193-1}
 	- chrony 1.30-2 (bug #782160)
 	NOTE: Fix: http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=79eacdb7e694c7e6681b68006425df3faca51aec
-CVE-2015-1821 (Heap-based buffer overflow in chrony before 1.31.1 allows remote ...)
+CVE-2015-1821
 	{DSA-3222-1 DLA-193-1}
 	- chrony 1.30-2 (bug #782160)
 	NOTE: Fix: http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=cf19042ecb656b8afec0cc4906e7dd3ea9266ac8
-CVE-2015-1820 (REST client for Ruby (aka rest-client) before 1.8.0 allows remote ...)
+CVE-2015-1820
 	- ruby-rest-client 1.6.7-6 (bug #781238)
 	[wheezy] - ruby-rest-client <no-dsa> (The correction introduces a dependency on a package not available in wheezy)
 	- librestclient-ruby <removed>
@@ -21583,145 +21583,145 @@ CVE-2015-1820 (REST client for Ruby (aka rest-client) before 1.8.0 allows remote
 	[squeeze] - librestclient-ruby <not-affected> (Vulnerability introduced in 1.6.1, squeeze has 1.6.0)
 	NOTE: https://github.com/rest-client/rest-client/issues/369
 	NOTE: Patch: https://github.com/rest-client/rest-client/pull/365.patch (will need new dependency to ruby-http-cookie)
-CVE-2015-1819 (The xmlreader in libxml allows remote attackers to cause a denial of ...)
+CVE-2015-1819
 	{DSA-3430-1 DLA-266-1}
 	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (low; bug #782782)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
 	NOTE: Concerns by Florian Weimer: https://bugzilla.gnome.org/show_bug.cgi?id=748278
-CVE-2015-1818 (XML external entity (XXE) vulnerability in the dashbuilder import ...)
+CVE-2015-1818
 	NOT-FOR-US: JBoss dashbuilder
-CVE-2015-1817 (Stack-based buffer overflow in the inet_pton function in ...)
+CVE-2015-1817
 	- musl 1.1.5-2 (bug #781497)
-CVE-2015-1816 (Forman before 1.7.4 does not verify SSL certificates for LDAP ...)
+CVE-2015-1816
 	- foreman <itp> (bug #663101)
-CVE-2015-1815 (The get_rpm_nvr_by_file_path_temporary function in util.py in ...)
+CVE-2015-1815
 	NOT-FOR-US: setroubleshoot
-CVE-2015-1814 (The API token-issuing service in Jenkins before 1.606 and LTS before ...)
+CVE-2015-1814
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
-CVE-2015-1813 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and ...)
+CVE-2015-1813
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
-CVE-2015-1812 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and ...)
+CVE-2015-1812
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
 CVE-2015-1811 [External entity processing in XML can reveal sensitive local files (SECURITY-167)]
 	RESERVED
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1810 (The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS ...)
+CVE-2015-1810
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1809 [external entity injection via XPath (SECURITY-165)]
 	RESERVED
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1808 (Jenkins before 1.600 and LTS before 1.596.1 allows remote ...)
+CVE-2015-1808
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1807 (Directory traversal vulnerability in Jenkins before 1.600 and LTS ...)
+CVE-2015-1807
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1806 (The combination filter Groovy script in Jenkins before 1.600 and LTS ...)
+CVE-2015-1806
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1805 (The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in ...)
+CVE-2015-1805
 	{DSA-3290-1 DLA-246-1}
 	- linux 3.16.2-2
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045 (v3.16-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1 (v3.15-rc1)
-CVE-2015-1804 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont ...)
+CVE-2015-1804
 	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1803 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont ...)
+CVE-2015-1803
 	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1802 (The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont ...)
+CVE-2015-1802
 	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1801 (The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 ...)
+CVE-2015-1801
 	NOT-FOR-US: Samsung
-CVE-2015-1800 (The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 ...)
+CVE-2015-1800
 	NOT-FOR-US: Samsung
-CVE-2015-1799 (The symmetric-key feature in the receive function in ntp_proto.c in ...)
+CVE-2015-1799
 	{DSA-3223-1 DLA-192-1}
 	- ntp 1:4.2.6.p5+dfsg-6 (bug #782095)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2781
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#Authentication_doesn_t_protect_s
-CVE-2015-1798 (The symmetric-key feature in the receive function in ntp_proto.c in ...)
+CVE-2015-1798
 	{DSA-3223-1 DLA-192-1}
 	- ntp 1:4.2.6.p5+dfsg-6 (bug #782095)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2779
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#ntpd_accepts_unauthenticated_pac
 CVE-2015-1797
 	REJECTED
-CVE-2015-1796 (The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 ...)
+CVE-2015-1796
 	- libopensaml2-java <removed> (bug #780383)
 	[jessie] - libopensaml2-java <no-dsa> (Minor issue)
 	NOTE: Only change between 2.6.4 and 2.6.5 seems http://svn.shibboleth.net/view/java-opensaml2/branches/REL_2/src/main/java/org/opensaml/saml2/metadata/provider/AbstractReloadingMetadataProvider.java?r1=1656&r2=1680
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150225.txt
-CVE-2015-1795 (Red Hat Gluster Storage RPM Package 3.2 allows local users to gain ...)
+CVE-2015-1795
 	- glusterfs <not-affected> (Vulnerable code specific to glusterfs.spec and not present in source in Debian)
-CVE-2015-1794 (The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 ...)
+CVE-2015-1794
 	- openssl 1.0.2e-1
 	[jessie] - openssl <not-affected> (Vulnerable code not present)
 	[wheezy] - openssl <not-affected> (Vulnerable code not present)
 	[squeeze] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-1793 (The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL ...)
+CVE-2015-1793
 	- openssl 1.0.2d-1
 	[jessie] - openssl <not-affected> (Vulnerable code not present)
 	[wheezy] - openssl <not-affected> (Vulnerable code not present)
 	[squeeze] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: http://openssl.org/news/secadv/20150709.txt
-CVE-2015-1792 (The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before ...)
+CVE-2015-1792
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1791 (Race condition in the ssl3_get_new_session_ticket function in ...)
+CVE-2015-1791
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=dcad51bc13c9b716d9a66248bcc4038c071ff158
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=708cf593587e2fda67dae9782991ff9fccc781eb
-CVE-2015-1790 (The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL ...)
+CVE-2015-1790
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1789 (The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before ...)
+CVE-2015-1789
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1788 (The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before ...)
+CVE-2015-1788
 	{DSA-3287-1}
 	- openssl 1.0.2b-1
 	[squeeze] - openssl <not-affected> (Vulnerable code got introduced post 1.0.0)
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1787 (The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL ...)
+CVE-2015-1787
 	- openssl <not-affected> (Vulnerable version never in unstable)
 	NOTE: did affect 1.0.2 (only in experimental) and 1.0.2a was uploaded to unstable
-CVE-2015-1786 (Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf ...)
+CVE-2015-1786
 	- zendframework <not-affected> (the vulnerability was introduced specifically in the 2.3 series)
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-03
 CVE-2015-1785
 	RESERVED
 CVE-2015-1784
 	RESERVED
-CVE-2015-1783 (The prefix variable in the get_or_define_ns function in Lasso before ...)
+CVE-2015-1783
 	- lasso 2.4.1-1
 	[wheezy] - lasso <not-affected> (Vulnerable code introduced later)
 	[squeeze] - lasso <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream fix: https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd (v2.4.1)
 	NOTE: Introduced by: https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=154812b401e3845977b3a4892dbc5e5a0b9d03cf (v2.4.0)
-CVE-2015-1782 (The kex_agree_methods function in libssh2 before 1.5.0 allows remote ...)
+CVE-2015-1782
 	{DSA-3182-1 DLA-171-1}
 	- libssh2 1.4.3-4.1 (bug #780249)
 	NOTE: http://www.libssh2.org/adv_20150311.html
-CVE-2015-1781 (Buffer overflow in the gethostbyname_r and other unspecified NSS ...)
+CVE-2015-1781
 	{DSA-3480-1 DLA-230-1}
 	[experimental] - glibc 2.21-0experimental1
 	- glibc 2.19-20 (bug #796105)
@@ -21732,7 +21732,7 @@ CVE-2015-1781 (Buffer overflow in the gethostbyname_r and other unspecified NSS
 CVE-2015-1780
 	RESERVED
 	NOT-FOR-US: oVirt Engine backend
-CVE-2015-1779 (The VNC websocket frame decoder in QEMU allows remote attackers to ...)
+CVE-2015-1779
 	{DSA-3259-1}
 	- qemu 1:2.3+dfsg-1 (bug #781250)
 	[wheezy] - qemu <not-affected> (Websocket protocol support introduced in v1.4.0-rc0)
@@ -21742,252 +21742,252 @@ CVE-2015-1779 (The VNC websocket frame decoder in QEMU allows remote attackers t
 	NOTE: Original patches have problem: https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04995.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a2bebfd6e09d
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=2cdb5e142fb93
-CVE-2015-1778 (The custom authentication realm used by karaf-tomcat's &quot;opendaylight&quot; ...)
+CVE-2015-1778
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1777 (rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on ...)
+CVE-2015-1777
 	- rhn-client-tools <unfixed> (unimportant; bug #779817)
 	NOTE: No security impact, this tool performs a registration at Red Hat Network,
 	NOTE: which would fail, but no practical security impact
-CVE-2015-1776 (Apache Hadoop 2.6.x encrypts intermediate data generated by a ...)
+CVE-2015-1776
 	- hadoop <itp> (bug #793644)
-CVE-2015-1775 (Server-side request forgery (SSRF) vulnerability in the proxy endpoint ...)
+CVE-2015-1775
 	NOT-FOR-US: Apache Ambari
-CVE-2015-1774 (The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and ...)
+CVE-2015-1774
 	{DSA-3236-1}
 	- libreoffice 1:4.4.2-1
-CVE-2015-1773 (Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html ...)
+CVE-2015-1773
 	- flex-sdk <itp> (bug #602499)
-CVE-2015-1772 (The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and ...)
+CVE-2015-1772
 	NOT-FOR-US: Apache Hive
-CVE-2015-1771 (Cross-site request forgery (CSRF) vulnerability in the web ...)
+CVE-2015-1771
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2015-1770 (Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to ...)
+CVE-2015-1770
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1769 (Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2015-1769
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1768 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-1768
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1767 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1767
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1766 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1766
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1765 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1765
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1764 (The web applications in Microsoft Exchange Server 2013 SP1 and ...)
+CVE-2015-1764
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2015-1763 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 ...)
+CVE-2015-1763
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2015-1762 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 ...)
+CVE-2015-1762
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2015-1761 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 ...)
+CVE-2015-1761
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2015-1760 (Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 ...)
+CVE-2015-1760
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1759 (Microsoft Office Compatibility Pack SP3 allows remote attackers to ...)
+CVE-2015-1759
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1758 (Untrusted search path vulnerability in the LoadLibrary function in the ...)
+CVE-2015-1758
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1757 (Cross-site scripting (XSS) vulnerability in adfs/ls in Active ...)
+CVE-2015-1757
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1756 (Use-after-free vulnerability in Microsoft Common Controls in Microsoft ...)
+CVE-2015-1756
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1755 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1755
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1754 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2015-1754
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1753 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1753
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1752 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1752
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1751 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2015-1751
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1750 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1750
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1749
 	REJECTED
-CVE-2015-1748 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-1748
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1747 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1747
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1746
 	REJECTED
-CVE-2015-1745 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1745
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1744 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1744
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1743 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-1743
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1742 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1742
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1741 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1741
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1740 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1740
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1739 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain ...)
+CVE-2015-1739
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1738 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-1738
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1737 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1737
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1736 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1736
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1735 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1735
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1734
 	REJECTED
-CVE-2015-1733 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1733
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1732 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1732
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1731 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1731
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1730 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-1730
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1729 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1729
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1728 (Microsoft Windows Media Player 10 through 12 allows remote attackers ...)
+CVE-2015-1728
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1727 (Buffer overflow in the kernel-mode drivers in Microsoft Windows Server ...)
+CVE-2015-1727
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1726 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft ...)
+CVE-2015-1726
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1725 (Buffer overflow in the kernel-mode drivers in Microsoft Windows Server ...)
+CVE-2015-1725
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1724 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft ...)
+CVE-2015-1724
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1723 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft ...)
+CVE-2015-1723
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1722 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft ...)
+CVE-2015-1722
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1721 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 ...)
+CVE-2015-1721
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1720 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft ...)
+CVE-2015-1720
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1719 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 ...)
+CVE-2015-1719
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1718 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1718
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1717 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1717
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1716 (Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, ...)
+CVE-2015-1716
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1715 (Microsoft Silverlight 5 before 5.1.40416.00 allows remote attackers to ...)
+CVE-2015-1715
 	NOT-FOR-US: Microsoft
-CVE-2015-1714 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1714
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1713 (Microsoft Internet Explorer 11 allows remote attackers to gain ...)
+CVE-2015-1713
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1712 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-1712
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1711 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1711
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1710 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1710
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1709 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-1709
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1708 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-1708
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1707
 	REJECTED
-CVE-2015-1706 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1706
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1705 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1705
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1704 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1704
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1703 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1703
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1702 (The Service Control Manager (SCM) in Microsoft Windows Server 2003 ...)
+CVE-2015-1702
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1701 (Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-1701
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1700 (Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, ...)
+CVE-2015-1700
 	NOT-FOR-US: Microsoft
-CVE-2015-1699 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-1699
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1698 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-1698
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1697 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-1697
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1696 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-1696
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1695 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-1695
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1694 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1694
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1693
 	REJECTED
-CVE-2015-1692 (Microsoft Internet Explorer 7 through 11 allows user-assisted remote ...)
+CVE-2015-1692
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1691 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-1691
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1690
 	REJECTED
-CVE-2015-1689 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1689
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1688 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-1688
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1687 (Microsoft Internet Explorer 6 through 9 allows remote attackers to ...)
+CVE-2015-1687
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1686 (The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through ...)
+CVE-2015-1686
 	NOT-FOR-US: Microsoft
-CVE-2015-1685 (Microsoft Internet Explorer 11 allows remote attackers to bypass the ...)
+CVE-2015-1685
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1684 (VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used ...)
+CVE-2015-1684
 	NOT-FOR-US: Microsoft
-CVE-2015-1683 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
+CVE-2015-1683
 	NOT-FOR-US: Microsoft
-CVE-2015-1682 (Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word ...)
+CVE-2015-1682
 	NOT-FOR-US: Microsoft
-CVE-2015-1681 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-1681
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1680 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-1680
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1679 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-1679
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1678 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-1678
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1677 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-1677
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1676 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-1676
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1675 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2015-1675
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1674 (The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 ...)
+CVE-2015-1674
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1673 (The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework ...)
+CVE-2015-1673
 	NOT-FOR-US: Microsoft
-CVE-2015-1672 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 ...)
+CVE-2015-1672
 	NOT-FOR-US: Microsoft
-CVE-2015-1671 (The Windows DirectWrite library, as used in Microsoft .NET Framework ...)
+CVE-2015-1671
 	NOT-FOR-US: Microsoft
-CVE-2015-1670 (The Windows DirectWrite library, as used in Microsoft .NET Framework ...)
+CVE-2015-1670
 	NOT-FOR-US: Microsoft
 CVE-2015-1669
 	REJECTED
-CVE-2015-1668 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1668
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1667 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-1667
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1666 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1666
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1665 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1665
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1664
 	REJECTED
 CVE-2015-1663
 	REJECTED
-CVE-2015-1662 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1662
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1661 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1661
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1660 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-1660
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1659 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1659
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1658 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1658
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1657 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-1657
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1656
 	REJECTED
@@ -21995,117 +21995,117 @@ CVE-2015-1655
 	REJECTED
 CVE-2015-1654
 	REJECTED
-CVE-2015-1653 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2015-1653
 	NOT-FOR-US: Microsoft
-CVE-2015-1652 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1652
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1651 (Use-after-free vulnerability in Microsoft Word 2007 SP3, Word Viewer, ...)
+CVE-2015-1651
 	NOT-FOR-US: Microsoft
-CVE-2015-1650 (Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 ...)
+CVE-2015-1650
 	NOT-FOR-US: Microsoft
-CVE-2015-1649 (Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 ...)
+CVE-2015-1649
 	NOT-FOR-US: Microsoft
-CVE-2015-1648 (ASP.NET in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, ...)
+CVE-2015-1648
 	NOT-FOR-US: Microsoft
-CVE-2015-1647 (Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and ...)
+CVE-2015-1647
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1646 (Microsoft XML Core Services (aka MSXML) 3.0 allows remote attackers to ...)
+CVE-2015-1646
 	NOT-FOR-US: Microsoft
-CVE-2015-1645 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server ...)
+CVE-2015-1645
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1644 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server ...)
+CVE-2015-1644
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1643 (Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server ...)
+CVE-2015-1643
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1642 (Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote ...)
+CVE-2015-1642
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1641 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-1641
 	NOT-FOR-US: Microsoft
-CVE-2015-1640 (Cross-site scripting (XSS) vulnerability in Microsoft Project Server ...)
+CVE-2015-1640
 	NOT-FOR-US: Microsoft
-CVE-2015-1639 (Cross-site scripting (XSS) vulnerability in Microsoft Office for Mac ...)
+CVE-2015-1639
 	NOT-FOR-US: Microsoft
-CVE-2015-1638 (Microsoft Active Directory Federation Services (AD FS) 3.0 on Windows ...)
+CVE-2015-1638
 	NOT-FOR-US: Microsoft
-CVE-2015-1637 (Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, ...)
+CVE-2015-1637
 	NOT-FOR-US: Microsoft
-CVE-2015-1636 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2015-1636
 	NOT-FOR-US: Microsoft
-CVE-2015-1635 (HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, ...)
+CVE-2015-1635
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1634 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1634
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1633 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+CVE-2015-1633
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2015-1632 (Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook ...)
+CVE-2015-1632
 	NOT-FOR-US: Microsoft
-CVE-2015-1631 (Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows ...)
+CVE-2015-1631
 	NOT-FOR-US: Microsoft
-CVE-2015-1630 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in ...)
+CVE-2015-1630
 	NOT-FOR-US: Microsoft
-CVE-2015-1629 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in ...)
+CVE-2015-1629
 	NOT-FOR-US: Microsoft
-CVE-2015-1628 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in ...)
+CVE-2015-1628
 	NOT-FOR-US: Microsoft
-CVE-2015-1627 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-1627
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1626 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1626
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1625 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-1625
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1624 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-1624
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1623 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-1623
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1622 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-1622
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1621 (Cross-site scripting (XSS) vulnerability in the Webform prepopulate ...)
+CVE-2015-1621
 	NOT-FOR-US: Webform module for Drupal
 CVE-2015-1620
 	RESERVED
-CVE-2015-1619 (Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client ...)
+CVE-2015-1619
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2015-1618 (The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) ...)
+CVE-2015-1618
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
-CVE-2015-1617 (Cross-site scripting (XSS) vulnerability in the ePO extension in ...)
+CVE-2015-1617
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
-CVE-2015-1616 (SQL injection vulnerability in the ePO extension in McAfee Data Loss ...)
+CVE-2015-1616
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
 CVE-2015-1615
 	RESERVED
-CVE-2015-1613 (RhodeCode before 2.2.7 allows remote authenticated users to obtain API ...)
+CVE-2015-1613
 	NOT-FOR-US: RhodeCode
-CVE-2015-1612 (OpenFlow plugin for OpenDaylight before Helium SR3 allows remote ...)
+CVE-2015-1612
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1611 (OpenFlow plugin for OpenDaylight before Helium SR3 allows remote ...)
+CVE-2015-1611
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1610 (hosttracker in OpenDaylight l2switch allows remote attackers to change ...)
+CVE-2015-1610
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1609 (MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers ...)
+CVE-2015-1609
 	- mongodb 1:2.4.10-5 (bug #780129)
 	[wheezy] - mongodb <not-affected> (BSONElement::validate() checks length, problematic code introduced later)
 	[squeeze] - mongodb <not-affected> (BSONElement::validate() checks length (db/jsobj.cpp +589))
 	NOTE: https://jira.mongodb.org/browse/SERVER-17264
 	NOTE: Fast bson validate introduced with https://github.com/mongodb/mongo/commit/6889d1658136c753998b4a408dc8d1a3ec28e3b9 (r2.3.2)
-CVE-2015-1608 (Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not ...)
+CVE-2015-1608
 	NOT-FOR-US: Topline Opportunity Form
-CVE-2015-1605 (Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset ...)
+CVE-2015-1605
 	NOT-FOR-US: Dell ScriptLogic Asset Manager
-CVE-2015-1602 (Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 ...)
+CVE-2015-1602
 	NOT-FOR-US: Siemens
-CVE-2015-1601 (Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 ...)
+CVE-2015-1601
 	NOT-FOR-US: Siemens
-CVE-2015-1599 (The Siemens SPCanywhere application for iOS allows physically ...)
+CVE-2015-1599
 	NOT-FOR-US: Siemens SPCanywhere application for iOS
-CVE-2015-1598 (The Siemens SPCanywhere application for Android does not properly ...)
+CVE-2015-1598
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1597 (The Siemens SPCanywhere application for Android does not use ...)
+CVE-2015-1597
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1596 (The Siemens SPCanywhere application for Android and iOS does not ...)
+CVE-2015-1596
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1595 (The Siemens SPCanywhere application for Android and iOS does not use ...)
+CVE-2015-1595
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1594 (Untrusted search path vulnerability in Siemens SIMATIC ProSave before ...)
+CVE-2015-1594
 	NOT-FOR-US: Siemens
 CVE-2015-XXXX [incorrect memory management in Gtk2::Gdk::Display::list_devices]
 	- libgtk2-perl 2:1.2492-4
@@ -22139,17 +22139,17 @@ CVE-2015-2060 [directory traversal; related to overlong utf-8 encoding for /]
 	NOTE: code does neither of the following: 1) checking for slashes after decoding
 	NOTE: 2) checking for ordinary slashes before decoding and prohibiting overlong
 	NOTE: encodings
-CVE-2015-2297 (nanohttp in libcsoap allows remote attackers to cause a denial of ...)
+CVE-2015-2297
 	- libcsoap <removed> (bug #778599)
 	[squeeze] - libcsoap <no-dsa> (Minor issue)
 	[wheezy] - libcsoap <no-dsa> (Minor issue)
 	NOTE: CVE assigned only for the null pointer dereference, not all issues in
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/17/2
-CVE-2015-2091 (The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and ...)
+CVE-2015-2091
 	{DSA-3177-1 DLA-170-1}
 	- mod-gnutls 0.6-1.3 (bug #578663)
 	NOTE: https://github.com/airtower-luna/mod_gnutls/commit/5a8a32bbfb8a83fe6358c5c31c443325a7775fc2
-CVE-2015-1614 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-1614
 	NOT-FOR-US: WordPress plugin image-metadata-cruncher
 CVE-2015-1607 [memcpy with overlapping ranges, resulting from incorrect bitwise left shifts]
 	RESERVED
@@ -22173,66 +22173,66 @@ CVE-2015-1606 [use after free resulting from failure to skip invalid packets]
 	[squeeze] - gnupg <no-dsa> (Minor issue)
 	NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648
-CVE-2015-1604 (Unrestricted file upload vulnerability in asys/site/files.php in ...)
+CVE-2015-1604
 	NOT-FOR-US: Landsknecht Adminsystems
-CVE-2015-1603 (Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems ...)
+CVE-2015-1603
 	NOT-FOR-US: Landsknecht Adminsystems
-CVE-2015-1600 (Information disclosure vulnerability in Netatmo Indoor Module firmware ...)
+CVE-2015-1600
 	NOT-FOR-US: Netatmo Weather Station
-CVE-2015-1588 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+CVE-2015-1588
 	NOT-FOR-US: Open-Xchange
-CVE-2015-1587 (Unrestricted file upload vulnerability in file_to_index.php in Maarch ...)
+CVE-2015-1587
 	NOT-FOR-US: Maarch LetterBox
 CVE-2015-1586
 	RESERVED
-CVE-2015-1585 (Fat Free CRM before 0.13.6 allows remote attackers to conduct ...)
+CVE-2015-1585
 	NOT-FOR-US: Fat Free CRM
 CVE-2015-1584
 	RESERVED
 CVE-2015-1583
 	RESERVED
 	NOT-FOR-US: ATutor
-CVE-2015-1582 (Multiple cross-site scripting (XSS) vulnerabilities in the Spider ...)
+CVE-2015-1582
 	NOT-FOR-US: Spider Facebook plugin for WordPress
-CVE-2015-1581 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-1581
 	NOT-FOR-US: Mobile Domain plugin for WordPress
-CVE-2015-1580 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2015-1580
 	NOT-FOR-US: Redirection Page plugin for WordPress
-CVE-2015-1579 (Directory traversal vulnerability in the Elegant Themes Divi theme for ...)
+CVE-2015-1579
 	NOT-FOR-US: Elegant Themes Divi theme for WordPress
-CVE-2015-1578 (Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow ...)
+CVE-2015-1578
 	NOT-FOR-US: u5CMS
-CVE-2015-1577 (Directory traversal vulnerability in u5admin/deletefile.php in u5CMS ...)
+CVE-2015-1577
 	NOT-FOR-US: u5CMS
-CVE-2015-1576 (Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow ...)
+CVE-2015-1576
 	NOT-FOR-US: u5CMS
-CVE-2015-1575 (Multiple cross-site scripting (XSS) vulnerabilities in u5CMS before ...)
+CVE-2015-1575
 	NOT-FOR-US: u5CMS
-CVE-2015-1574 (The Google Email application 4.2.2.0200 for Android allows remote ...)
+CVE-2015-1574
 	NOT-FOR-US: Google Email application for Android
-CVE-2015-1593 (The stack randomization feature in the Linux kernel before 3.19.1 on ...)
+CVE-2015-1593
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt7-1
 	- linux-2.6 <removed>
 	NOTE: http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
 	NOTE: https://lkml.org/lkml/2015/2/14/61
-CVE-2015-1592 (Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and ...)
+CVE-2015-1592
 	{DSA-3183-1}
 	- movabletype-opensource <removed>
 	[squeeze] - movabletype-opensource <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://movabletype.org/news/2015/02/movable_type_607_and_5212_released_to_close_security_vulnera.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/2
-CVE-2015-1572 (Heap-based buffer overflow in closefs.c in the libext2fs library in ...)
+CVE-2015-1572
 	{DSA-3166-1 DLA-162-1}
 	- e2fsprogs 1.42.12-1.1 (bug #778948)
 	NOTE: https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73
-CVE-2015-1571 (** DISPUTED ** The CAPWAP DTLS protocol implementation in Fortinet ...)
+CVE-2015-1571
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1570 (The Endpoint Control protocol implementation in Fortinet FortiClient ...)
+CVE-2015-1570
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2015-1569 (Fortinet FortiClient 5.2.028 for iOS does not validate certificates, ...)
+CVE-2015-1569
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2015-2305 (Integer overflow in the regcomp implementation in the Henry Spencer ...)
+CVE-2015-2305
 	{DSA-3195-1 DLA-444-1 DLA-233-1}
 	- php5 5.6.6+dfsg-1 (low; bug #778389)
 	- olsrd <not-affected> (only when building on Android, see bug #778390)
@@ -22282,7 +22282,7 @@ CVE-2015-XXXX [insecure storage of password in the NUT-monitor app]
 	- nut 2.7.2-2 (low; bug #777706)
 	[wheezy] - nut <no-dsa> (Minor issue)
 	[squeeze] - nut <no-dsa> (Minor issue)
-CVE-2015-1881 (OpenStack Image Registry and Delivery Service (Glance) 2014.2 through ...)
+CVE-2015-1881
 	- glance <not-affected> (Only affects 2014.2.x releases, only present in experimental)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: https://review.openstack.org/#/c/156553
@@ -22290,42 +22290,42 @@ CVE-2015-1877 [command injection vulnerability]
 	RESERVED
 	{DSA-3165-1 DLA-217-1}
 	- xdg-utils 1.1.0~rc1+git20111210-7.4 (bug #777722)
-CVE-2015-1568 (Cross-site request forgery (CSRF) vulnerability in the GD Infinite ...)
+CVE-2015-1568
 	NOT-FOR-US: Drupal module GD Infinite Scroll
-CVE-2015-1567 (Cross-site scripting (XSS) vulnerability in the admin page in the GD ...)
+CVE-2015-1567
 	NOT-FOR-US: Drupal module GD Infinite Scroll
-CVE-2015-1566 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before ...)
+CVE-2015-1566
 	NOT-FOR-US: DotNetNuke
-CVE-2015-1565 (Cross-site scripting (XSS) vulnerability in the online help in Hitachi ...)
+CVE-2015-1565
 	NOT-FOR-US: Hitachi
-CVE-2015-1564 (Cross-site scripting (XSS) vulnerability in style-underground/search ...)
+CVE-2015-1564
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2015-1562 (Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS ...)
+CVE-2015-1562
 	NOT-FOR-US: Saurus CMS
-CVE-2015-1561 (The escape_command function in ...)
+CVE-2015-1561
 	NOT-FOR-US: Centreon
-CVE-2015-1560 (SQL injection vulnerability in the isUserAdmin function in ...)
+CVE-2015-1560
 	NOT-FOR-US: Centreon
-CVE-2015-1559 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-1559
 	NOT-FOR-US: Epignosis eFront
 CVE-2015-1557
 	RESERVED
 CVE-2015-1556
 	RESERVED
-CVE-2015-1555 (Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, ...)
+CVE-2015-1555
 	- zendframework <not-affected> (Vulnerable code not present)
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-01
 CVE-2015-1553
 	RESERVED
 CVE-2015-1552
 	RESERVED
-CVE-2015-1551 (Directory traversal vulnerability in Aruba Networks ClearPass Policy ...)
+CVE-2015-1551
 	NOT-FOR-US: Aruba Networks CPPM
-CVE-2015-1550 (Directory traversal vulnerability in Aruba Networks ClearPass Policy ...)
+CVE-2015-1550
 	NOT-FOR-US: Aruba Networks CPPM
 CVE-2015-1549
 	RESERVED
-CVE-2015-1548 (mini_httpd 1.21 and earlier allows remote attackers to obtain ...)
+CVE-2015-1548
 	- mini-httpd 1.21-1 (bug #778925)
 	[squeeze] - mini-httpd <no-dsa> (Minor issue)
 	[wheezy] - mini-httpd <no-dsa> (Minor issue)
@@ -22335,17 +22335,17 @@ CVE-2015-1543
 	RESERVED
 CVE-2015-1542
 	RESERVED
-CVE-2015-1541 (The AppWidgetServiceImpl implementation in ...)
+CVE-2015-1541
 	NOT-FOR-US: Android
 CVE-2015-1540
 	RESERVED
-CVE-2015-1539 (Multiple integer underflows in the ESDS::parseESDescriptor function in ...)
+CVE-2015-1539
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-1538 (Integer overflow in the SampleTable::setSampleToChunkParams function ...)
+CVE-2015-1538
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-1537 (Integer overflow in IHDCP.cpp in the media_server component in Android ...)
+CVE-2015-1537
 	NOT-FOR-US: Android
-CVE-2015-1536 (Integer overflow in the Bitmap_createFromParcel function in ...)
+CVE-2015-1536
 	NOT-FOR-US: Android
 CVE-2015-1535
 	RESERVED
@@ -22359,13 +22359,13 @@ CVE-2015-1531
 	RESERVED
 CVE-2015-1530
 	RESERVED
-CVE-2015-1529 (Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android ...)
+CVE-2015-1529
 	NOT-FOR-US: Android
-CVE-2015-1528 (Integer overflow in the native_handle_create function in ...)
+CVE-2015-1528
 	NOT-FOR-US: Android
-CVE-2015-1527 (Integer overflow in IAudioPolicyService.cpp in Android allows local ...)
+CVE-2015-1527
 	NOT-FOR-US: Android
-CVE-2015-1526 (The media_server component in Android allows remote attackers to cause ...)
+CVE-2015-1526
 	NOT-FOR-US: Android
 CVE-2015-1525
 	RESERVED
@@ -22373,29 +22373,29 @@ CVE-2015-1524
 	RESERVED
 CVE-2015-1523
 	RESERVED
-CVE-2015-1522 (analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not reject ...)
+CVE-2015-1522
 	- bro 2.3.2+dfsg-1
-CVE-2015-1521 (analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not properly ...)
+CVE-2015-1521
 	- bro 2.3.2+dfsg-1
 CVE-2015-1520
 	RESERVED
 CVE-2015-1519
 	RESERVED
-CVE-2015-1518 (SQL injection vulnerability in the search_post function in ...)
+CVE-2015-1518
 	NOT-FOR-US: Redaxscript
-CVE-2015-1517 (SQL injection vulnerability in Piwigo before 2.7.4, when all filters ...)
+CVE-2015-1517
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2015-1516 (Cross-site scripting (XSS) vulnerability in Polycom RealPresence ...)
+CVE-2015-1516
 	NOT-FOR-US: Polycom
-CVE-2015-1515 (The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 ...)
+CVE-2015-1515
 	NOT-FOR-US: SoftSphere
-CVE-2015-1514 (Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 ...)
+CVE-2015-1514
 	NOT-FOR-US: FancyFon FAMOC
-CVE-2015-1513 (SQL injection vulnerability in SIPhone Enterprise PBX allows remote ...)
+CVE-2015-1513
 	NOT-FOR-US: SIPhone Enterprise PBX
-CVE-2015-1512 (Multiple cross-site scripting (XSS) vulnerabilities in FancyFon FAMOC ...)
+CVE-2015-1512
 	NOT-FOR-US: FancyFon FAMOC
 CVE-2015-1511
 	RESERVED
@@ -22413,52 +22413,52 @@ CVE-2015-1505
 	RESERVED
 CVE-2015-1504
 	RESERVED
-CVE-2015-1503 (Multiple directory traversal vulnerabilities in IceWarp Mail Server ...)
+CVE-2015-1503
 	NOT-FOR-US: Icewarp mail server
 CVE-2015-1502
 	RESERVED
-CVE-2015-1501 (The factory.loadExtensionFactory function in ...)
+CVE-2015-1501
 	NOT-FOR-US: SolarWinds
-CVE-2015-1500 (Multiple stack-based buffer overflows in the ...)
+CVE-2015-1500
 	NOT-FOR-US: SolarWinds
-CVE-2015-1499 (The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 ...)
+CVE-2015-1499
 	NOT-FOR-US: Samsung Security Manager
-CVE-2015-1498 (Persistent Systems Radia Client Automation does not properly restrict ...)
+CVE-2015-1498
 	NOT-FOR-US: Persistent Systems Radia Client Automation
-CVE-2015-1497 (radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, ...)
+CVE-2015-1497
 	NOT-FOR-US: Persistent Systems Radia Client Automation
-CVE-2015-1496 (Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, ...)
+CVE-2015-1496
 	NOT-FOR-US: Motorola Scanner SDK
-CVE-2015-1495 (Multiple stack-based buffer overflows in Motorola Scanner SDK allow ...)
+CVE-2015-1495
 	NOT-FOR-US: Motorola Scanner SDK
-CVE-2015-1494 (The FancyBox for WordPress plugin before 3.0.3 for WordPress does not ...)
+CVE-2015-1494
 	NOT-FOR-US: FancyBox plugin for WordPress
-CVE-2015-1492 (Untrusted search path vulnerability in the client in Symantec Endpoint ...)
+CVE-2015-1492
 	NOT-FOR-US: Symantec
-CVE-2015-1491 (SQL injection vulnerability in the management console in Symantec ...)
+CVE-2015-1491
 	NOT-FOR-US: Symantec
-CVE-2015-1490 (Directory traversal vulnerability in the management console in ...)
+CVE-2015-1490
 	NOT-FOR-US: Symantec
-CVE-2015-1489 (The management console in Symantec Endpoint Protection Manager (SEPM) ...)
+CVE-2015-1489
 	NOT-FOR-US: Symantec
-CVE-2015-1488 (An unspecified action handler in the management console in Symantec ...)
+CVE-2015-1488
 	NOT-FOR-US: Symantec
-CVE-2015-1487 (The management console in Symantec Endpoint Protection Manager (SEPM) ...)
+CVE-2015-1487
 	NOT-FOR-US: Symantec
-CVE-2015-1486 (The management console in Symantec Endpoint Protection Manager (SEPM) ...)
+CVE-2015-1486
 	NOT-FOR-US: Symantec
-CVE-2015-1485 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
+CVE-2015-1485
 	NOT-FOR-US: Enforce Server in Symantec Data Loss Prevention
-CVE-2015-1484 (Unquoted Windows search path vulnerability in the agent in Symantec ...)
+CVE-2015-1484
 	NOT-FOR-US: Symantec Workspace Streaming
-CVE-2015-1483 (Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX ...)
+CVE-2015-1483
 	NOT-FOR-US: Symantec NetBackup OpsCenter
-CVE-2015-1573 (The nft_flush_table function in net/netfilter/nf_tables_api.c in the ...)
+CVE-2015-1573
 	- linux <not-affected> (Vulnerable code introduced in v3.18-rc1, never in the archive outside of experimental)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/pablo/nf.git/commit/?id=a2f18db0c68fec96631c10cad9384c196e9008ac (v3.19-rc5)
 	NOTE: Introduced by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9ac12ef099707f405d7478009564302d7ed8393 (v3.18-rc1)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=91441
-CVE-2015-2046 (Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later ...)
+CVE-2015-2046
 	- mantis <removed>
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -22471,17 +22471,17 @@ CVE-2015-XXXX [fails to detect silent driver failure to change MAC]
 	- macchanger 1.7.0-5.3 (bug #774898)
 	[wheezy] - macchanger <no-dsa> (Minor issue)
 	[squeeze] - macchanger <no-dsa> (Minor issue)
-CVE-2015-9101 (The fill_buffer_resample function in util.c in libmp3lame.a in LAME ...)
+CVE-2015-9101
 	- lame 3.99.5+repack1-6 (bug #777161)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/8
-CVE-2015-9100 (The fill_buffer_resample function in util.c in libmp3lame.a in LAME ...)
+CVE-2015-9100
 	- lame 3.99.5+repack1-6 (bug #777160)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/8
-CVE-2015-9099 (The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 ...)
+CVE-2015-9099
 	- lame 3.99.5+repack1-6 (bug #775959)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (Minor issue)
@@ -22491,11 +22491,11 @@ CVE-2015-XXXX [denial of service under memory stress]
 	[squeeze] - libhtp <no-dsa> (Minor issue)
 	[wheezy] - libhtp <no-dsa> (Minor issue)
 	NOTE: https://github.com/inliniac/libhtp/commit/c7c03843cd6b1cbf44eb435d160ba53aec948828
-CVE-2015-2058 (c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates ...)
+CVE-2015-2058
 	- jabberd2 2.3.3-1 (bug #779154)
 	NOTE: https://github.com/jabberd2/jabberd2/issues/85
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/13
-CVE-2015-2059 (The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in ...)
+CVE-2015-2059
 	{DSA-3578-1 DLA-476-1 DLA-277-1}
 	- libidn 1.31-1 (medium)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/23/25
@@ -22503,37 +22503,37 @@ CVE-2015-2059 (The stringprep_utf8_to_ucs4 function in libin before 1.31, as use
 	NOTE: This could be attributed to a misuse of a (poorly documented) API
 	NOTE: but since upstream provided a patch it makes more sense to fix
 	NOTE: only libidn instead of every application using it
-CVE-2015-1545 (The deref_parseCtrl function in servers/slapd/overlays/deref.c in ...)
+CVE-2015-1545
 	{DSA-3209-1 DLA-203-1}
 	- openldap 2.4.40-4 (bug #776988)
 	[wheezy] - openldap <no-dsa> (Minor issue)
 	[squeeze] - openldap <no-dsa> (Minor issue)
 	NOTE: http://www.openldap.org/its/?findid=8027
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=c32e74763f77675b9e144126e375977ed6dc562c
-CVE-2015-1546 (Double free vulnerability in the get_vrFilter function in ...)
+CVE-2015-1546
 	- openldap 2.4.40-4 (bug #776991)
 	[wheezy] - openldap <not-affected> (Regression introduced in 2.4.40)
 	[squeeze] - openldap <not-affected> (Regression introduced in 2.4.40)
 	NOTE: http://www.openldap.org/its/?findid=8046
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=2f1a2dd329b91afe561cd06b872d09630d4edb6a
-CVE-2015-2785 (The GIF encoder in Byzanz allows remote attackers to cause a denial of ...)
+CVE-2015-2785
 	- byzanz <unfixed> (unimportant; bug #778261)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=852481
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/11
 	NOTE: Only applies to debug recordings, negligable security impact
-CVE-2015-8837 (Stack-based buffer overflow in the isofs_real_readdir function in ...)
+CVE-2015-8837
 	{DSA-3551-1 DLA-323-1}
 	- fuseiso 20070708-3.2 (bug #779047)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=863091
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=862211
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/7
-CVE-2015-8836 (Integer overflow in the isofs_real_read_zf function in isofs.c in ...)
+CVE-2015-8836
 	{DSA-3551-1 DLA-323-1}
 	- fuseiso 20070708-3.2 (bug #779047)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=863102
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=861358
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/7
-CVE-2015-1547 (The NeXTDecode function in tif_next.c in LibTIFF allows remote ...)
+CVE-2015-1547
 	{DSA-3273-1 DLA-610-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #777390)
 	- tiff3 <removed>
@@ -22542,114 +22542,114 @@ CVE-2015-1547 (The NeXTDecode function in tif_next.c in LibTIFF allows remote ..
 	NOTE: is applied in 4.0.3-13 (but please recheck this)
 	NOTE: Raphael Hertzog> I could not find a way to reliably use the above reproducer. No segfault. And valgrind on "xloadimage" spits lots of warnings about use of uninitialized values with a good file and with the reproducer.
 	NOTE: Still this CVE has been added to DLA-221-1 because the patch used for CVE-2014-9655 seems to include the fix for this CVE.
-CVE-2015-1482 (Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to ...)
+CVE-2015-1482
 	NOT-FOR-US: Ansible Tower
-CVE-2015-1481 (Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization ...)
+CVE-2015-1481
 	NOT-FOR-US: Ansible Tower
-CVE-2015-1480 (ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows ...)
+CVE-2015-1480
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2015-1479 (SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ...)
+CVE-2015-1479
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2015-1478 (Cross-site scripting (XSS) vulnerability in the CMSJunkie ...)
+CVE-2015-1478
 	NOT-FOR-US: Joomla! plugin CMSJunkie J-ClassifiedsManager
-CVE-2015-1477 (SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager ...)
+CVE-2015-1477
 	NOT-FOR-US: Joomla! plugin CMSJunkie J-ClassifiedsManager
-CVE-2015-1476 (Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor ...)
+CVE-2015-1476
 	NOT-FOR-US: xlinkerz ecommerceMajor
-CVE-2015-1475 (Multiple cross-site scripting (XSS) vulnerabilities in my little forum ...)
+CVE-2015-1475
 	NOT-FOR-US: My Little Forum
-CVE-2015-1474 (Multiple integer overflows in the GraphicBuffer::unflatten function in ...)
+CVE-2015-1474
 	NOT-FOR-US: Android
-CVE-2015-1471 (SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 ...)
+CVE-2015-1471
 	NOT-FOR-US: Pragyan CMS
 CVE-2015-1470
 	RESERVED
-CVE-2015-1469 (time.htm in the web interface on SerVision HVG Video Gateway devices ...)
+CVE-2015-1469
 	NOT-FOR-US: SerVision HVG Video Gateway
 CVE-2015-1468
 	RESERVED
-CVE-2015-1467 (Multiple SQL injection vulnerabilities in Translations in Fork CMS ...)
+CVE-2015-1467
 	NOT-FOR-US: Fork CMS
 CVE-2015-1466
 	RESERVED
-CVE-2015-1464 (RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows ...)
+CVE-2015-1464
 	{DSA-3176-1 DLA-158-1}
 	- request-tracker4 4.2.8-3
 	- request-tracker3.8 <removed>
-CVE-2015-1463 (ClamAV before 0.98.6 allows remote attackers to cause a denial of ...)
+CVE-2015-1463
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/96ff19a19eba64bdf47f2f12ecdbc5ee331c09e2
-CVE-2015-1462 (ClamAV before 0.98.6 allows remote attackers to have unspecified ...)
+CVE-2015-1462
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
-CVE-2015-1461 (ClamAV before 0.98.6 allows remote attackers to have unspecified ...)
+CVE-2015-1461
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
-CVE-2015-1460 (Huawei Quidway switches with firmware before V200R005C00SPC300 allows ...)
+CVE-2015-1460
 	NOT-FOR-US: Huawei Quidway switches
-CVE-2015-1459 (Cross-site scripting (XSS) vulnerability in Fortinet ...)
+CVE-2015-1459
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1458 (Fortinet FortiAuthenticator 3.0.0 allows local users to bypass ...)
+CVE-2015-1458
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1457 (Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary ...)
+CVE-2015-1457
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1456 (Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and ...)
+CVE-2015-1456
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1455 (Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the ...)
+CVE-2015-1455
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1454 (Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and ...)
+CVE-2015-1454
 	NOT-FOR-US: Blue Coat ProxyClient and Unified Agent
-CVE-2015-1453 (The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a ...)
+CVE-2015-1453
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2015-1452 (The Control and Provisioning of Wireless Access Points (CAPWAP) daemon ...)
+CVE-2015-1452
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1451 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet ...)
+CVE-2015-1451
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1450 (SQL injection vulnerability in Restaurant Biller allows remote ...)
+CVE-2015-1450
 	NOT-FOR-US: Restaurant Biller
-CVE-2015-1449 (Buffer overflow in the integrated web server on Siemens Ruggedcom ...)
+CVE-2015-1449
 	NOT-FOR-US: Siemens Ruggedcom
-CVE-2015-1448 (The integrated management service on Siemens Ruggedcom WIN51xx devices ...)
+CVE-2015-1448
 	NOT-FOR-US: Siemens Ruggedcom
 CVE-2015-1447
 	RESERVED
 CVE-2015-1446
 	RESERVED
-CVE-2015-1445 (HTTP header injection in the httpd package in fli4l before 3.10.1 and ...)
+CVE-2015-1445
 	NOT-FOR-US: fli4l
-CVE-2015-1444 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+CVE-2015-1444
 	NOT-FOR-US: fli4l
-CVE-2015-1443 (The httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 ...)
+CVE-2015-1443
 	NOT-FOR-US: fli4l
-CVE-2015-1442 (SQL injection vulnerability in views/zero_transact_user.php in the ...)
+CVE-2015-1442
 	NOT-FOR-US: ZeroCMS
 CVE-2015-1440
 	RESERVED
 CVE-2015-1439
 	RESERVED
-CVE-2015-1438 (Heap-based buffer overflow in Panda Security Kernel Memory Access ...)
+CVE-2015-1438
 	NOT-FOR-US: Panda
-CVE-2015-1437 (Multiple cross-site scripting (XSS) vulnerabilities in Asus RT-N10+ D1 ...)
+CVE-2015-1437
 	NOT-FOR-US: Asus RT-N10+ D1 router
-CVE-2015-1436 (Cross-site scripting (XSS) vulnerability in the Easing Slider plugin ...)
+CVE-2015-1436
 	NOT-FOR-US: Easing Slider plugin for WordPress
-CVE-2015-1435 (Cross-site scripting (XSS) vulnerability in my little forum before ...)
+CVE-2015-1435
 	NOT-FOR-US: Little forum
-CVE-2015-1434 (Multiple SQL injection vulnerabilities in my little forum before 2.3.4 ...)
+CVE-2015-1434
 	NOT-FOR-US: Little forum
-CVE-2015-1429 (Directory traversal vulnerability in Cybele Software Thinfinity Remote ...)
+CVE-2015-1429
 	NOT-FOR-US: Cybele Software Thinfinity Remote Desktop Workstation
-CVE-2015-1428 (Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow ...)
+CVE-2015-1428
 	NOT-FOR-US: Sefrengo
-CVE-2015-1427 (The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x ...)
+CVE-2015-1427
 	- elasticsearch <not-affected> (Affects 1.3.0-1.3.7 and 1.4.0-1.4.2, vulnerable code not present)
 	NOTE: http://seclists.org/bugtraq/2015/Feb/92
 	NOTE: Problem in the Groovy scripting engine.
-CVE-2015-1426 (Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains ...)
+CVE-2015-1426
 	- facter 2.4.4-1 (bug #778265)
 	[jessie] - facter <no-dsa> (Minor issue)
 	[squeeze] - facter <not-affected> (Uses version 2008-02-01 of the EC2 API which does not expose security credentials)
@@ -22657,7 +22657,7 @@ CVE-2015-1426 (Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obta
 	NOTE: http://puppetlabs.com/security/cve/cve-2015-1426
 	NOTE: https://tickets.puppetlabs.com/browse/FACT-800
 	NOTE: The assessment for Squeeze being unaffected is based on the fact that the code accesses http://169.254.169.254/2008-02-01/meta-data/ and that http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html mentions the iam/security-credentials/role key as being introduced in version 2012-01-12.
-CVE-2015-1493 (Directory traversal vulnerability in the min_get_slash_argument ...)
+CVE-2015-1493
 	- moodle 2.7.5+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc
@@ -22675,13 +22675,13 @@ CVE-2015-XXXX [Invalid read in create_output_name]
 	[squeeze] - cabextract <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/03/12
 	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
-CVE-2015-1465 (The IPv4 implementation in the Linux kernel before 3.18.8 does not ...)
+CVE-2015-1465
 	- linux 3.16.7-ckt7-1
 	[wheezy] - linux <not-affected> (Introduced in 3.16)
 	- linux-2.6 <not-affected> (Introduced in 3.16)
 	NOTE: Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0 (v3.19-rc7)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/02/2
-CVE-2015-1473 (The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka ...)
+CVE-2015-1473
 	{DSA-3169-1 DLA-165-1}
 	- glibc 2.19-15 (bug #777197)
 	- eglibc <removed>
@@ -22690,7 +22690,7 @@ CVE-2015-1473 (The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (ak
 	NOTE: Fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
 	NOTE: This was introduced by https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0 (2.15),
 	NOTE: the patch was backported into wheezy (patches/any/cvs-vfscanf.diff), but not squeeze
-CVE-2015-1472 (The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka ...)
+CVE-2015-1472
 	{DSA-3169-1 DLA-165-1}
 	- glibc 2.19-15 (bug #777197)
 	- eglibc <removed>
@@ -22704,27 +22704,27 @@ CVE-2015-XXXX [Infinite loop in patch]
 	[squeeze] - patch <no-dsa> (Minor issue)
 	[wheezy] - patch <no-dsa> (Minor issue)
 	NOTE: Different from CVE-2014-9637
-CVE-2015-1441 (SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before ...)
+CVE-2015-1441
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 	NOTE: http://piwigo.org/releases/2.7.3
-CVE-2015-1433 (program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does ...)
+CVE-2015-1433
 	{DLA-613-1}
 	- roundcube 0.9.5+dfsg1-4.2 (low; bug #776700)
 	[wheezy] - roundcube <no-dsa> (Minor issue)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
-CVE-2015-1432 (The message_options function in includes/ucp/ucp_pm_options.php in ...)
+CVE-2015-1432
 	- phpbb3 3.0.12-4 (low; bug #776699)
 	[wheezy] - phpbb3 3.0.10-4+deb7u2
 	[squeeze] - phpbb3 <no-dsa> (Minor issue)
 	NOTE: https://tracker.phpbb.com/browse/PHPBB3-13526
-CVE-2015-1431 (Cross-site scripting (XSS) vulnerability in includes/startup.php in ...)
+CVE-2015-1431
 	- phpbb3 3.0.12-4 (low; bug #776699)
 	[wheezy] - phpbb3 3.0.10-4+deb7u2
 	[squeeze] - phpbb3 <no-dsa> (Minor issue)
 	NOTE: https://tracker.phpbb.com/browse/PHPBB3-13531
-CVE-2015-1430 (Buffer overflow in xymon 4.3.17-1. ...)
+CVE-2015-1430
 	- xymon 4.3.17-5 (low; bug #776007)
 	[squeeze] - xymon <not-affected> (Vulnerable code not present)
 	[wheezy] - xymon <not-affected> (Vulnerable code not present)
@@ -22732,38 +22732,38 @@ CVE-2015-1430 (Buffer overflow in xymon 4.3.17-1. ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/30/17
 CVE-2015-1425
 	RESERVED
-CVE-2015-1424 (Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and ...)
+CVE-2015-1424
 	NOT-FOR-US: Gecko CMS
-CVE-2015-1423 (Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow ...)
+CVE-2015-1423
 	NOT-FOR-US: Gecko CMS
-CVE-2015-1422 (Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 ...)
+CVE-2015-1422
 	NOT-FOR-US: Gecko CMS
 CVE-2015-XXXX [symlink directory traversal]
 	- unrar-nonfree 1:5.2.7-0.1 (bug #774171)
 	[wheezy] - unrar-nonfree 1:4.1.4-1+deb7u1
 	[squeeze] - unrar-nonfree <no-dsa> (Non-free not supported)
-CVE-2015-1589 (Directory traversal vulnerability in arCHMage 0.2.4 allows remote ...)
+CVE-2015-1589
 	- archmage 1:0.2.4-4 (bug #776164)
 	[squeeze] - archmage <no-dsa> (Minor issue)
 	[wheezy] - archmage <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/9
-CVE-2015-1419 (Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote ...)
+CVE-2015-1419
 	- vsftpd 3.0.2-18 (unimportant; bug #776922)
 	[jessie] - vsftpd 3.0.2-17+deb8u1
 	NOTE: http://seclists.org/oss-sec/2015/q1/389
 	NOTE: Not a real security feature according the manpage and upstream
-CVE-2015-1418 (The do_ed_script function in pch.c in GNU patch through 2.7.6, and ...)
+CVE-2015-1418
 	NOT-FOR-US: patch as used in FreeBSD specifically
-CVE-2015-1417 (The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, ...)
+CVE-2015-1417
 	- kfreebsd-10 10.2-1 (unimportant)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2015-1416 (Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 ...)
+CVE-2015-1416
 	- patch 2.5-1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/02/6
 	NOTE: CVE assignment applies as well to GNU patch before 2.3 and 2.2.5
-CVE-2015-1415 (The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when ...)
+CVE-2015-1415
 	NOT-FOR-US: FreeBSD installer
-CVE-2015-1414 (Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 ...)
+CVE-2015-1414
 	{DSA-3175-2 DSA-3175-1}
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-4 (bug #779195)
@@ -22788,192 +22788,192 @@ CVE-2015-1407
 	RESERVED
 CVE-2015-1406
 	RESERVED
-CVE-2015-1400 (SQL injection vulnerability in search.php in NPDS Revolution 13 allows ...)
+CVE-2015-1400
 	NOT-FOR-US: NPDS Revolution
-CVE-2015-1399 (PHP remote file inclusion vulnerability in the fetchView function in ...)
+CVE-2015-1399
 	NOT-FOR-US: Magento
-CVE-2015-1398 (Multiple directory traversal vulnerabilities in Magento Community ...)
+CVE-2015-1398
 	NOT-FOR-US: Magento
-CVE-2015-1397 (SQL injection vulnerability in the getCsvFile function in the ...)
+CVE-2015-1397
 	NOT-FOR-US: Magento
 CVE-2015-1394
 	RESERVED
 	NOT-FOR-US: WordPress plugin photo-gallery
-CVE-2015-1393 (SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 ...)
+CVE-2015-1393
 	NOT-FOR-US: WordPress plugin photo-gallery
-CVE-2015-1392 (Multiple SQL injection vulnerabilities in Aruba Networks ClearPass ...)
+CVE-2015-1392
 	NOT-FOR-US: Aruba Networks CPPM
 CVE-2015-1391
 	RESERVED
 CVE-2015-1390
 	RESERVED
-CVE-2015-1389 (Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass ...)
+CVE-2015-1389
 	NOT-FOR-US: Aruba Networks CPPM
-CVE-2015-1388 (The &quot;RAP console&quot; feature in ArubaOS 5.x through 6.2.x, 6.3.x before ...)
+CVE-2015-1388
 	NOT-FOR-US: ArubaOS
 CVE-2015-1387
 	RESERVED
-CVE-2015-1385 (Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress ...)
+CVE-2015-1385
 	NOT-FOR-US: WordPress plugin powerpress
-CVE-2015-1384 (Cross-site scripting (XSS) vulnerability in the Banner Effect Header ...)
+CVE-2015-1384
 	NOT-FOR-US: Banner Effect Header plugin for WordPress
-CVE-2015-1383 (Cross-site scripting (XSS) vulnerability in the geo search widget in ...)
+CVE-2015-1383
 	NOT-FOR-US: WordPress plugin geo-mashup
-CVE-2015-1376 (pixabay-images.php in the Pixabay Images plugin before 2.4 for ...)
+CVE-2015-1376
 	NOT-FOR-US: WordPress plugin Pixabay Images
-CVE-2015-1375 (pixabay-images.php in the Pixabay Images plugin before 2.4 for ...)
+CVE-2015-1375
 	NOT-FOR-US: WordPress plugin Pixabay Images
-CVE-2015-1374 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2015-1374
 	NOT-FOR-US: ferretCMS
-CVE-2015-1373 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...)
+CVE-2015-1373
 	NOT-FOR-US: ferretCMS
-CVE-2015-1372 (SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote ...)
+CVE-2015-1372
 	NOT-FOR-US: ferretCMS
-CVE-2015-1371 (Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows ...)
+CVE-2015-1371
 	NOT-FOR-US: ferretCMS
-CVE-2015-1368 (Multiple cross-site scripting (XSS) vulnerabilities in Ansible Tower ...)
+CVE-2015-1368
 	NOT-FOR-US: Ansible Tower
-CVE-2015-1367 (SQL injection vulnerability in index.php in CatBot 0.4.2 allows remote ...)
+CVE-2015-1367
 	NOT-FOR-US: CatBot
-CVE-2015-1366 (Cross-site scripting (XSS) vulnerability in pixabay-images.php in the ...)
+CVE-2015-1366
 	NOT-FOR-US: Wordpress plugin Pixabay Images
-CVE-2015-1365 (Directory traversal vulnerability in pixabay-images.php in the Pixabay ...)
+CVE-2015-1365
 	NOT-FOR-US: Wordpress plugin Pixabay Images
-CVE-2015-1364 (SQL injection vulnerability in the getProfile function in ...)
+CVE-2015-1364
 	NOT-FOR-US: Free Reprintables ArticleFR
-CVE-2015-1363 (Cross-site scripting (XSS) vulnerability in Free Reprintables ...)
+CVE-2015-1363
 	NOT-FOR-US: ArticleFR
-CVE-2015-1362 (Buffer overflow in the Customize 35mm tab in Two Pilots Exif Pilot ...)
+CVE-2015-1362
 	NOT-FOR-US: Exif Pilot
-CVE-2015-1361 (platform/image-decoders/ImageFrame.h in Blink, as used in Google ...)
+CVE-2015-1361
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1360 (Skia, as used in Google Chrome before 40.0.2214.91, allows remote ...)
+CVE-2015-1360
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1359 (Multiple off-by-one errors in fpdfapi/fpdf_font/font_int.h in PDFium, ...)
+CVE-2015-1359
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1358 (The remote-management module in the (1) Multi Panels, (2) Comfort ...)
+CVE-2015-1358
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2015-1357 (Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, ...)
+CVE-2015-1357
 	NOT-FOR-US: Siemens Ruggedcom
-CVE-2015-1356 (Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's ...)
+CVE-2015-1356
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2015-1355 (Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak ...)
+CVE-2015-1355
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2015-1563 (The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows ...)
+CVE-2015-1563
 	- xen 4.4.1-7 (low; bug #776319)
 	[wheezy] - xen <not-affected> (Only affects 4.4 and later on arm)
 	[squeeze] - xen <not-affected> (Only affects 4.4 and later on arm)
-CVE-2015-1558 (Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when ...)
+CVE-2015-1558
 	- asterisk 1:13.1.0~dfsg-1.1 (bug #780601)
 	[jessie] - asterisk <not-affected> (Only affects 12.x and 13.x)
 	[wheezy] - asterisk <not-affected> (Only affects 12.x and 13.x)
 	[squeeze] - asterisk <not-affected> (Only affects 12.x and 13.x)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24666
 	NOTE: http://downloads.digium.com/pub/security/AST-2015-001.html
-CVE-2015-1421 (Use-after-free vulnerability in the sctp_assoc_update function in ...)
+CVE-2015-1421
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt4-3
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=600ddd6825543962fb807884169e57b580dba208
-CVE-2015-1420 (Race condition in the handle_to_path function in fs/fhandle.c in the ...)
+CVE-2015-1420
 	{DSA-3170-1}
 	- linux 3.16.7-ckt7-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.39)
 	NOTE: http://marc.info/?l=linux-kernel&m=142247707318982&w=2
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=161f873b89136eb1e69477c847d5a5033239d9ba (v4.1-rc7)
-CVE-2015-1405 (SQL injection vulnerability in the Content Rating Extbase extension ...)
+CVE-2015-1405
 	NOT-FOR-US: typo3 extension
-CVE-2015-1404 (Cross-site scripting (XSS) vulnerability in the Content Rating Extbase ...)
+CVE-2015-1404
 	NOT-FOR-US: typo3 extension
-CVE-2015-1403 (SQL injection vulnerability in the Content Rating extension 1.0.3 and ...)
+CVE-2015-1403
 	NOT-FOR-US: typo3 extension
-CVE-2015-1402 (Cross-site scripting (XSS) vulnerability in the Content Rating ...)
+CVE-2015-1402
 	NOT-FOR-US: typo3 extension
-CVE-2015-1401 (Improper Authentication vulnerability in the &quot;LDAP / SSO ...)
+CVE-2015-1401
 	NOT-FOR-US: typo3 extension
-CVE-2015-1554 (kgb-bot 1.33-2 allows remote attackers to cause a denial of service ...)
+CVE-2015-1554
 	- kgb-bot <undetermined> (low; bug #776424)
-CVE-2015-1369 (SQL injection vulnerability in Sequelize before 2.0.0-rc7 for Node.js ...)
+CVE-2015-1369
 	NOT-FOR-US: sequelize
 CVE-2015-1354
 	RESERVED
-CVE-2015-1349 (named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x ...)
+CVE-2015-1349
 	{DSA-3162-1 DLA-163-1}
 	- bind9 1:9.9.5.dfsg-9 (low; bug #778733)
-CVE-2015-1348 (Heap-based buffer overflow in Aruba Instant (IAP) with firmware before ...)
+CVE-2015-1348
 	NOT-FOR-US: Aruba Instant
-CVE-2015-1347 (Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket ...)
+CVE-2015-1347
 	NOT-FOR-US: osTicket
-CVE-2015-1344 (The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not ...)
+CVE-2015-1344
 	- lxcfs <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1512854
 CVE-2015-1343
 	RESERVED
-CVE-2015-1342 (LXCFS before 0.12 does not properly enforce directory escapes, which ...)
+CVE-2015-1342
 	- lxcfs <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1508481
 CVE-2015-1341
 	RESERVED
 CVE-2015-1340
 	RESERVED
-CVE-2015-1339 (Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in ...)
+CVE-2015-1339
 	- linux 4.4.2-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in v4.2-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v4.2-rc1)
 	NOTE: Introduced in: https://git.kernel.org/linus/cc080e9e9be16ccf26135d366d7d2b65209f1d56 (v4.2-rc1)
 	NOTE: Fixed in: https://git.kernel.org/linus/2c5816b4beccc8ba709144539f6fdd764f8fa49c (v4.4-rc5)
-CVE-2015-1338 (kernel_crashdump in Apport before 2.19 allows local users to cause a ...)
+CVE-2015-1338
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
-CVE-2015-1337 (Simple Streams (simplestreams) does not properly verify the GPG ...)
+CVE-2015-1337
 	NOT-FOR-US: simplestreams
-CVE-2015-1336 (The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in ...)
+CVE-2015-1336
 	- man-db 2.7.6-1 (bug #840357)
 	[jessie] - man-db <no-dsa> (Minor issue)
 	[wheezy] - man-db <no-dsa> (Minor issue)
 	[squeeze] - man-db <no-dsa> (Not exploitable in practice)
 	NOTE: http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/man-db/+bug/1482786
-CVE-2015-1335 (lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local ...)
+CVE-2015-1335
 	{DSA-3400-1 DLA-442-1}
 	- lxc 1:1.0.8-1 (bug #800471)
 	[wheezy] - lxc <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1476662
 	NOTE: https://github.com/lxc/lxc/commit/592fd47a6245508b79fe6ac819fe6d3b2c1289be
 	NOTE: https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-September/012434.html
-CVE-2015-1334 (attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a ...)
+CVE-2015-1334
 	{DSA-3317-1}
 	- lxc 1:1.0.7-4 (bug #793298)
 	[wheezy] - lxc <not-affected> (Affects 0.9.0 and higher)
 	[squeeze] - lxc <not-affected> (Affects 0.9.0 and higher)
-CVE-2015-1333 (Memory leak in the __key_link_end function in security/keys/keyring.c ...)
+CVE-2015-1333
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u3
 	[wheezy] - linux <not-affected> (Introduced in 3.13)
 	- linux-2.6 <not-affected> (Introduced in 3.13)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=034faeb9ef390d58239e1dce748143f6b35a0d9b (v3.13-rc1)
-CVE-2015-1332 (The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 ...)
+CVE-2015-1332
 	NOT-FOR-US: oxide-qt
 	NOTE: The JavaScriptDialogManager exists as well for chromium-browser, but this
 	NOTE: CVE seem specific assigned for an issue in oxide::JavaScriptDialogManager
-CVE-2015-1331 (lxclock.c in LXC 1.1.2 and earlier allows local users to create ...)
+CVE-2015-1331
 	{DSA-3317-1}
 	- lxc 1:1.0.7-4 (bug #793298)
 	[wheezy] - lxc <not-affected> (Affects 1.0.0 and higher)
 	[squeeze] - lxc <not-affected> (Affects 1.0.0 and higher)
-CVE-2015-1330 (unattended-upgrades before 0.86.1 does not properly authenticate ...)
+CVE-2015-1330
 	{DSA-3297-1 DLA-267-1}
 	- unattended-upgrades 0.86.1
-CVE-2015-1329 (Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in ...)
+CVE-2015-1329
 	NOT-FOR-US: Oxide-QT
-CVE-2015-1328 (The overlayfs implementation in the linux (aka Linux kernel) package ...)
+CVE-2015-1328
 	- linux <not-affected> (Ubuntu-specific flaw, overlayfs mounts restricted to privileged users in Debian)
 	- linux-2.6 <not-affected> (Ubuntu-specific flaw, overlayfs mounts restricted to privileged users in Debian)
 	NOTE: http://seclists.org/oss-sec/2015/q2/717
@@ -22986,93 +22986,93 @@ CVE-2015-1326 [arbitrary code execution or file overwrite when templates are loa
 	- python-dbusmock 0.15.1-1 (bug #786858)
 	[jessie] - python-dbusmock 0.11.4-1+deb8u1
 	NOTE: https://bugs.launchpad.net/python-dbusmock/+bug/1453815
-CVE-2015-1325 (Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in ...)
+CVE-2015-1325
 	[experimental] - apport 2.17.3-1
-CVE-2015-1324 (Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before ...)
+CVE-2015-1324
 	[experimental] - apport 2.17.3-1
-CVE-2015-1323 (The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 ...)
+CVE-2015-1323
 	{DLA-261-1}
 	- aptdaemon 1.1.1+bzr982-1 (bug #789162)
 	[jessie] - aptdaemon 1.1.1-4+deb8u1
 	[wheezy] - aptdaemon 0.45-2+deb7u1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1449587
-CVE-2015-1322 (Directory traversal vulnerability in the Ubuntu network-manager ...)
+CVE-2015-1322
 	- network-manager <not-affected> (Ubuntu specific patch)
 	NOTE: http://www.ubuntu.com/usn/usn-2581-1
 	NOTE: https://bazaar.launchpad.net/~phablet-team/network-manager/ofono-format-cleanup/view/head:/debian/patches/add_ofono_settings_support.patch
-CVE-2015-1321 (Use-after-free vulnerability in the file picker implementation in ...)
+CVE-2015-1321
 	NOT-FOR-US: Oxide
 CVE-2015-1320
 	RESERVED
-CVE-2015-1319 (The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and ...)
+CVE-2015-1319
 	- unity <itp> (bug #609278)
-CVE-2015-1318 (The crash reporting feature in Apport 2.13 through 2.17.x before ...)
+CVE-2015-1318
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
-CVE-2015-1317 (Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before ...)
+CVE-2015-1317
 	NOT-FOR-US: Oxide
 CVE-2015-1316
 	RESERVED
-CVE-2015-1315 (Buffer overflow in the charset_to_intern function in unix/unix.c in ...)
+CVE-2015-1315
 	- unzip <not-affected> (*-unzip60-alt-iconv-utf8 patch not applied in Debian)
-CVE-2015-1314 (The USAA Mobile Banking application before 7.10.1 for Android displays ...)
+CVE-2015-1314
 	NOT-FOR-US: USAA Mobile Banking application for Android
 CVE-2015-1313
 	RESERVED
-CVE-2015-1312 (The Dealer Portal in SAP ERP does not properly restrict access, which ...)
+CVE-2015-1312
 	NOT-FOR-US: SAP
-CVE-2015-1311 (The Extended Application Services (XS) in SAP HANA allows remote ...)
+CVE-2015-1311
 	NOT-FOR-US: SAP
-CVE-2015-1310 (SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase ...)
+CVE-2015-1310
 	NOT-FOR-US: SAP
-CVE-2015-1309 (XML external entity vulnerability in the Extended Computer Aided Test ...)
+CVE-2015-1309
 	NOT-FOR-US: SAP
-CVE-2015-1305 (McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows ...)
+CVE-2015-1305
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
-CVE-2015-1386 (Directory traversal vulnerability in unshield 1.0-1. ...)
+CVE-2015-1386
 	- unshield 1.4-1 (low; bug #776193)
 	[jessie] - unshield <no-dsa> (Minor issue)
 	[wheezy] - unshield <no-dsa> (Minor issue)
 	[squeeze] - unshield <no-dsa> (Minor issue)
 	NOTE: https://github.com/twogood/unshield/issues/42
-CVE-2015-1382 (parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a ...)
+CVE-2015-1382
 	{DSA-3145-1 DLA-142-1}
 	- privoxy 3.0.21-7 (bug #776490)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.297&r2=1.298
-CVE-2015-1381 (Multiple unspecified vulnerabilities in pcrs.c in Privoxy before ...)
+CVE-2015-1381
 	{DSA-3145-1 DLA-142-1}
 	- privoxy 3.0.21-7 (bug #776490)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/pcrs.c?r1=1.46&r2=1.47
-CVE-2015-1380 (jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a ...)
+CVE-2015-1380
 	- privoxy 3.0.21-7 (bug #776490)
 	[wheezy] - privoxy <not-affected> (Vulnerable code introduced in 3.0.20)
 	[squeeze] - privoxy <not-affected> (Vulnerable code introduced in 3.0.20)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/jcc.c?r1=1.433&r2=1.434
-CVE-2015-1379 (The signal handler implementations in socat before 1.7.3.0 and ...)
+CVE-2015-1379
 	- socat 1.7.2.4-2 (bug #776234)
 	[wheezy] - socat <no-dsa> (Minor issue)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/24/6
 	NOTE: Upstream advisory: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
-CVE-2015-1378 (cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before ...)
+CVE-2015-1378
 	- grml-debootstrap 0.68.1 (low; bug #776502)
 	[wheezy] - grml-debootstrap <no-dsa> (Minor issue)
 	NOTE: https://github.com/grml/grml-debootstrap/issues/59
-CVE-2015-1377 (The Read Mail module in Webmin 1.720 allows local users to read ...)
+CVE-2015-1377
 	NOT-FOR-US: Webmin
-CVE-2015-1395 (Directory traversal vulnerability in GNU patch versions which support ...)
+CVE-2015-1395
 	- patch 2.7.3-1 (bug #775873)
 	[wheezy] - patch <not-affected> (Support for git-style patches added in 2.7)
 	[squeeze] - patch <not-affected> (Support for git-style patches added in 2.7)
 	NOTE: Upstream report: https://savannah.gnu.org/bugs/?44059
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/24/2
-CVE-2015-1370 (Incomplete blacklist vulnerability in marked 0.3.2 and earlier for ...)
+CVE-2015-1370
 	- node-marked 0.3.6+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/marked_vbscript_injection
 	NOTE: https://github.com/chjj/marked/issues/492
 	NOTE: libv8 is not covered by security support
-CVE-2015-1304 (object-observe.js in Google V8, as used in Google Chrome before ...)
+CVE-2015-1304
 	{DSA-3376-1}
 	- chromium-browser 45.0.2454.101-1
 	[jessie] - chromium-browser <no-dsa> (minor issue)
@@ -23080,173 +23080,173 @@ CVE-2015-1304 (object-observe.js in Google V8, as used in Google Chrome before .
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-1303 (bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome ...)
+CVE-2015-1303
 	{DSA-3376-1}
 	- chromium-browser 45.0.2454.101-1
 	[jessie] - chromium-browser <no-dsa> (minor issue)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1302 (The PDF viewer in Google Chrome before 46.0.2490.86 does not properly ...)
+CVE-2015-1302
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.de/2015/11/stable-channel-update.html
-CVE-2015-1301 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1301
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1300 (The FrameFetchContext::updateTimingInfoForIFrameNavigation function in ...)
+CVE-2015-1300
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1299 (Use-after-free vulnerability in the shared-timer implementation in ...)
+CVE-2015-1299
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1298 (The RuntimeEventRouter::OnExtensionUninstalled function in ...)
+CVE-2015-1298
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1297 (The WebRequest API implementation in ...)
+CVE-2015-1297
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1296 (The UnescapeURLWithAdjustmentsImpl implementation in ...)
+CVE-2015-1296
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1295 (Multiple use-after-free vulnerabilities in the PrintWebViewHelper ...)
+CVE-2015-1295
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1294 (Use-after-free vulnerability in the SkMatrix::invertNonIdentity ...)
+CVE-2015-1294
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1293 (The DOM implementation in Blink, as used in Google Chrome before ...)
+CVE-2015-1293
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1292 (The NavigatorServiceWorker::serviceWorker function in ...)
+CVE-2015-1292
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1291 (The ContainerNode::parserRemoveChild function in ...)
+CVE-2015-1291
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1290 (The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and ...)
+CVE-2015-1290
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-1289 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1289
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1288 (The Spellcheck API implementation in Google Chrome before 44.0.2403.89 ...)
+CVE-2015-1288
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1287 (Blink, as used in Google Chrome before 44.0.2403.89, enables a ...)
+CVE-2015-1287
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1286 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2015-1286
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1285 (The XSSAuditor::canonicalize function in ...)
+CVE-2015-1285
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1284 (The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in ...)
+CVE-2015-1284
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1283 (Multiple integer overflows in the XML_GetBuffer function in Expat ...)
+CVE-2015-1283
 	{DSA-3318-1 DSA-3315-1 DLA-281-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- expat 2.1.0-7 (bug #793484)
 	NOTE: Patch: https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c
-CVE-2015-1282 (Multiple use-after-free vulnerabilities in ...)
+CVE-2015-1282
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1281 (core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before ...)
+CVE-2015-1281
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1280 (SkPictureShader.cpp in Skia, as used in Google Chrome before ...)
+CVE-2015-1280
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1279 (Integer overflow in the CJBig2_Image::expand function in ...)
+CVE-2015-1279
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1278 (content/browser/web_contents/web_contents_impl.cc in Google Chrome ...)
+CVE-2015-1278
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1277 (Use-after-free vulnerability in the accessibility implementation in ...)
+CVE-2015-1277
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1276 (Use-after-free vulnerability in ...)
+CVE-2015-1276
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1275 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2015-1275
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2015-1274 (Google Chrome before 44.0.2403.89 does not ensure that the auto-open ...)
+CVE-2015-1274
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1273 (Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used ...)
+CVE-2015-1273
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1272 (Use-after-free vulnerability in the GPU process implementation in ...)
+CVE-2015-1272
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1271 (PDFium, as used in Google Chrome before 44.0.2403.89, does not ...)
+CVE-2015-1271
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1270 (The ucnv_io_getConverterName function in common/ucnv_io.cpp in ...)
+CVE-2015-1270
 	{DSA-3360-1 DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -23256,62 +23256,62 @@ CVE-2015-1270 (The ucnv_io_getConverterName function in common/ucnv_io.cpp in ..
 	[squeeze] - icu <not-affected> (code in ucnv_io_getConverterName not present, introduced in 49.x)
 	NOTE: http://bugs.icu-project.org/trac/ticket/11696
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37486/
-CVE-2015-1269 (The DecodeHSTSPreloadRaw function in ...)
+CVE-2015-1269
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1268 (bindings/scripts/v8_types.py in Blink, as used in Google Chrome before ...)
+CVE-2015-1268
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1267 (Blink, as used in Google Chrome before 43.0.2357.130, does not ...)
+CVE-2015-1267
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1266 (content/browser/webui/content_web_ui_controller_factory.cc in Google ...)
+CVE-2015-1266
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1265 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1265
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1264 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+CVE-2015-1264
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1263 (The Spellcheck API implementation in Google Chrome before 43.0.2357.65 ...)
+CVE-2015-1263
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1262 (platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google ...)
+CVE-2015-1262
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1261 (android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java ...)
+CVE-2015-1261
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1260 (Multiple use-after-free vulnerabilities in ...)
+CVE-2015-1260
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1259 (PDFium, as used in Google Chrome before 43.0.2357.65, does not ...)
+CVE-2015-1259
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1258 (Google Chrome before 43.0.2357.65 relies on libvpx code that was not ...)
+CVE-2015-1258
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -23322,99 +23322,99 @@ CVE-2015-1258 (Google Chrome before 43.0.2357.65 relies on libvpx code that was
 	NOTE: That's not a vulnerability in libvpx per se
 	NOTE: 1.4.0-4 adds the workaround to configure with --size-limit=16384x16384
 	NOTE: https://github.com/webmproject/libvpx/commit/943e43273b0a7369d07714e7fd2e19fecfb11c7c
-CVE-2015-1257 (platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation ...)
+CVE-2015-1257
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1256 (Use-after-free vulnerability in the SVG implementation in Blink, as ...)
+CVE-2015-1256
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1255 (Use-after-free vulnerability in ...)
+CVE-2015-1255
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1254 (core/dom/Document.cpp in Blink, as used in Google Chrome before ...)
+CVE-2015-1254
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1253 (core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in ...)
+CVE-2015-1253
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1252 (common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 ...)
+CVE-2015-1252
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1251 (Use-after-free vulnerability in the SpeechRecognitionClient ...)
+CVE-2015-1251
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1250 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1250
 	{DSA-3242-1}
 	- chromium-browser 42.0.2311.135-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html
-CVE-2015-1249 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1249
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1248 (The FileSystem API in Google Chrome before 40.0.2214.91 allows remote ...)
+CVE-2015-1248
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1247 (The SearchEngineTabHelper::OnPageHasOSDD function in ...)
+CVE-2015-1247
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1246 (Blink, as used in Google Chrome before 42.0.2311.90, allows remote ...)
+CVE-2015-1246
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1245 (Use-after-free vulnerability in the OpenPDFInReaderView::Update ...)
+CVE-2015-1245
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1244 (The URLRequest::GetHSTSRedirect function in url_request/url_request.cc ...)
+CVE-2015-1244
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1243 (Use-after-free vulnerability in the MutationObserver::disconnect ...)
+CVE-2015-1243
 	{DSA-3242-1}
 	- chromium-browser 42.0.2311.135-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html
-CVE-2015-1242 (The ReduceTransitionElementsKind function in ...)
+CVE-2015-1242
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1241 (Google Chrome before 42.0.2311.90 does not properly consider the ...)
+CVE-2015-1241
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1240 (gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in ...)
+CVE-2015-1240
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1239 (Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG ...)
+CVE-2015-1239
 	{DLA-1433-1}
 	- openjpeg2 2.1.1-1
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=430891
@@ -23423,152 +23423,152 @@ CVE-2015-1239 (Double free vulnerability in the j2k_read_ppm_v3 function in Open
 	NOTE: https://github.com/uclouvain/openjpeg/commit/2d24b6000d5611615e3e6d799e20d5fdbe4e2a1e
 	NOTE: which corresponds to the r2997 commit as mentioned in the merge which
 	NOTE: fixed the issue on Google/PDFium's side.
-CVE-2015-1238 (Skia, as used in Google Chrome before 42.0.2311.90, allows remote ...)
+CVE-2015-1238
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1237 (Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived ...)
+CVE-2015-1237
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1236 (The MediaElementAudioSourceNode::process function in ...)
+CVE-2015-1236
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1235 (The ContainerNode::parserRemoveChild function in ...)
+CVE-2015-1235
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1234 (Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in ...)
+CVE-2015-1234
 	- chromium-browser 41.0.2272.118-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1233 (Google Chrome before 41.0.2272.118 does not properly handle the ...)
+CVE-2015-1233
 	- chromium-browser 41.0.2272.118-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1232 (Array index error in the MidiManagerUsb::DispatchSendMidiData function ...)
+CVE-2015-1232
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1231 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1231
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1230 (The getHiddenProperty function in ...)
+CVE-2015-1230
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-1229 (net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 ...)
+CVE-2015-1229
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1228 (The RenderCounter::updateCounter function in ...)
+CVE-2015-1228
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1227 (The DragImage::create function in platform/DragImage.cpp in Blink, as ...)
+CVE-2015-1227
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1226 (The DebuggerFunction::InitAgentHost function in ...)
+CVE-2015-1226
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1225 (PDFium, as used in Google Chrome before 41.0.2272.76, allows remote ...)
+CVE-2015-1225
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1224 (The VpxVideoDecoder::VpxDecode function in ...)
+CVE-2015-1224
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1223 (Multiple use-after-free vulnerabilities in ...)
+CVE-2015-1223
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1222 (Multiple use-after-free vulnerabilities in the ...)
+CVE-2015-1222
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1221 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
+CVE-2015-1221
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1220 (Use-after-free vulnerability in the GIFImageReader::parseData function ...)
+CVE-2015-1220
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1219 (Integer overflow in the SkMallocPixelRef::NewAllocate function in ...)
+CVE-2015-1219
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1218 (Multiple use-after-free vulnerabilities in the DOM implementation in ...)
+CVE-2015-1218
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1217 (The V8LazyEventListener::prepareListenerObject function in ...)
+CVE-2015-1217
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1216 (Use-after-free vulnerability in the ...)
+CVE-2015-1216
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1215 (The filters implementation in Skia, as used in Google Chrome before ...)
+CVE-2015-1215
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1214 (Integer overflow in the SkAutoSTArray implementation in ...)
+CVE-2015-1214
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1213 (The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the ...)
+CVE-2015-1213
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1212 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1212
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1211 (The OriginCanAccessServiceWorkers function in ...)
+CVE-2015-1211
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1210 (The V8ThrowException::createDOMException function in ...)
+CVE-2015-1210
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1209 (Use-after-free vulnerability in the ...)
+CVE-2015-1209
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1208 (Integer underflow in the mov_read_default function in ...)
+CVE-2015-1208
 	- ffmpeg 7:2.5.3-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3ebd76a9c57558e284e94da367dd23b435e6a6d0
-CVE-2015-1207 (Double-free vulnerability in libavformat/mov.c in FFMPEG in Google ...)
+CVE-2015-1207
 	{DLA-1654-1}
 	- ffmpeg 7:2.6.1-1
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3859868c75313e318ebc5d0d33baada62d45dd75
-CVE-2015-1206 (Heap-based buffer overflow in Google Chrome before M40 allows remote ...)
+CVE-2015-1206
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
-CVE-2015-1204 (Cross-site scripting (XSS) vulnerability in the Save Filters ...)
+CVE-2015-1204
 	NOT-FOR-US: Save Filters functionality in the WP Slimstat plugin for WordPress
 CVE-2015-1190
 	RESERVED
 CVE-2015-1189
 	RESERVED
-CVE-2015-1188 (The certificate verification functions in the HNDS service in Swisscom ...)
+CVE-2015-1188
 	NOT-FOR-US: Swisscom Centro Grande DSL router
-CVE-2015-1187 (The ping tool in multiple D-Link and TRENDnet devices allow remote ...)
+CVE-2015-1187
 	NOT-FOR-US: D-Link
 CVE-2015-1186
 	RESERVED
@@ -23580,27 +23580,27 @@ CVE-2015-1183
 	RESERVED
 CVE-2015-1181
 	RESERVED
-CVE-2015-1180 (Cross-site scripting (XSS) vulnerability in the Web Reports in ...)
+CVE-2015-1180
 	NOT-FOR-US: EventSentry
-CVE-2015-1179 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2015-1179
 	NOT-FOR-US: Mango Automation
-CVE-2015-1178 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php in ...)
+CVE-2015-1178
 	NOT-FOR-US: X-Cart
-CVE-2015-1177 (Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.2. ...)
+CVE-2015-1177
 	NOT-FOR-US: Exponent CMS
-CVE-2015-1176 (Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in ...)
+CVE-2015-1176
 	NOT-FOR-US: osTicket
-CVE-2015-1174 (Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA ...)
+CVE-2015-1174
 	NOT-FOR-US: Unit4 Polska TETA Web
-CVE-2015-1173 (Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not ...)
+CVE-2015-1173
 	NOT-FOR-US: Unit4 Polska TETA Web
-CVE-2015-1172 (Unrestricted file upload vulnerability in admin/upload-file.php in the ...)
+CVE-2015-1172
 	NOT-FOR-US: WordPress theme holding_pattern
-CVE-2015-1171 (Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) ...)
+CVE-2015-1171
 	NOT-FOR-US: SIM Card Editor
-CVE-2015-1170 (The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 ...)
+CVE-2015-1170
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2015-1169 (Apereo Central Authentication Service (CAS) Server before 3.5.3 allows ...)
+CVE-2015-1169
 	NOT-FOR-US: Apereo Central Authentication Service
 CVE-2015-1168
 	RESERVED
@@ -23608,7 +23608,7 @@ CVE-2015-1167
 	RESERVED
 CVE-2015-1166
 	RESERVED
-CVE-2015-1165 (RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x ...)
+CVE-2015-1165
 	{DSA-3176-1 DLA-158-1}
 	- request-tracker4 4.2.8-3
 	- request-tracker3.8 <removed>
@@ -23626,19 +23626,19 @@ CVE-2015-1396 [(another) directory traversal via symlinks -- incomplete fix for
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/24/3
 CVE-2015-1353
 	REJECTED
-CVE-2015-4471 (Off-by-one error in the lzxd_decompress function in lzxd.c in ...)
+CVE-2015-4471
 	- libmspack 0.5-1 (bug #775499)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4470 (Off-by-one error in the inflate function in mszipd.c in libmspack ...)
+CVE-2015-4470
 	- libmspack 0.5-1 (bug #775498)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4472 (Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack ...)
+CVE-2015-4472
 	- libmspack 0.5-1 (bug #775687)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-1591 (The kamailio build in kamailio before 4.2.0-2 process allows local ...)
+CVE-2015-1591
 	- kamailio 4.2.0-2 (bug #775681)
 	NOTE: https://github.com/kamailio/kamailio/issues/48
-CVE-2015-1590 (The kamcmd administrative utility and default configuration in ...)
+CVE-2015-1590
 	- kamailio 4.2.0-2 (bug #775681)
 	NOTE: https://github.com/kamailio/kamailio/issues/48
 CVE-2015-XXXX [insecure configuration permissions]
@@ -23653,249 +23653,249 @@ CVE-2015-XXXX [information leak in event device handling]
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7c4f56070fde2367766fa1fb04852599b5e1ad35 (v3.18-rc1)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=483180281f0ac60d1138710eb21f4b9961901294 (v3.11-rc1)
 	NOTE: CVE Request: http://article.gmane.org/gmane.comp.security.oss.general/15457
-CVE-2015-1346 (Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, ...)
+CVE-2015-1346
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2015-1345 (The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows ...)
+CVE-2015-1345
 	- grep 2.20-4.1 (low; bug #776039)
 	[squeeze] - grep <not-affected> (Issue introduced with v2.18-90-g73893ff)
 	[wheezy] - grep <not-affected> (Issue introduced with v2.18-90-g73893ff)
 	NOTE: http://bugs.gnu.org/19563
 	NOTE: Upstream fix: http://git.sv.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
-CVE-2015-1182 (The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL ...)
+CVE-2015-1182
 	{DSA-3136-1 DLA-144-1}
 	- polarssl 1.3.9-2.1 (bug #775776)
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04
-CVE-2015-1175 (Cross-site scripting (XSS) vulnerability in blocklayered-ajax.php in ...)
+CVE-2015-1175
 	NOT-FOR-US: PrestaShop
 CVE-2015-1160
 	RESERVED
-CVE-2015-1159 (Cross-site scripting (XSS) vulnerability in the cgi_puts function in ...)
+CVE-2015-1159
 	{DSA-3283-1 DLA-239-1}
 	- cups 1.7.5-12
-CVE-2015-1158 (The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 ...)
+CVE-2015-1158
 	{DSA-3283-1 DLA-239-1}
 	- cups 1.7.5-12
-CVE-2015-1157 (CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause ...)
+CVE-2015-1157
 	NOT-FOR-US: Apple iOS
-CVE-2015-1156 (The page-loading implementation in WebKit, as used in Apple Safari ...)
+CVE-2015-1156
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1155 (The history implementation in WebKit, as used in Apple Safari before ...)
+CVE-2015-1155
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1154 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and ...)
+CVE-2015-1154
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1153 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and ...)
+CVE-2015-1153
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1152 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and ...)
+CVE-2015-1152
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1151 (Wiki Server in Apple OS X Server before 4.1 allows remote attackers to ...)
+CVE-2015-1151
 	NOT-FOR-US: Apple
-CVE-2015-1150 (The Firewall component in Apple OS X Server before 4.1 uses an ...)
+CVE-2015-1150
 	NOT-FOR-US: Apple
-CVE-2015-1149 (Integer overflow in the simulator in Swift in Apple Xcode before 6.3 ...)
+CVE-2015-1149
 	NOT-FOR-US: Apple Xcode
-CVE-2015-1148 (Screen Sharing in Apple OS X before 10.10.3 stores the password of a ...)
+CVE-2015-1148
 	NOT-FOR-US: Apple
-CVE-2015-1147 (Open Directory Client in Apple OS X before 10.10.3 sends unencrypted ...)
+CVE-2015-1147
 	NOT-FOR-US: Apple
-CVE-2015-1146 (The Code Signing implementation in Apple OS X before 10.10.3 does not ...)
+CVE-2015-1146
 	NOT-FOR-US: Apple
-CVE-2015-1145 (The Code Signing implementation in Apple OS X before 10.10.3 does not ...)
+CVE-2015-1145
 	NOT-FOR-US: Apple
-CVE-2015-1144 (Buffer overflow in the UniformTypeIdentifiers component in Apple OS X ...)
+CVE-2015-1144
 	NOT-FOR-US: Apple
-CVE-2015-1143 (LaunchServices in Apple OS X before 10.10.3 allows local users to gain ...)
+CVE-2015-1143
 	NOT-FOR-US: Apple
-CVE-2015-1142 (LaunchServices in Apple OS X before 10.10.3 allows local users to ...)
+CVE-2015-1142
 	NOT-FOR-US: Apple
-CVE-2015-1141 (The mach_vm_read functionality in the kernel in Apple OS X before ...)
+CVE-2015-1141
 	NOT-FOR-US: Apple
-CVE-2015-1140 (Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows ...)
+CVE-2015-1140
 	NOT-FOR-US: Apple
-CVE-2015-1139 (ImageIO in Apple OS X before 10.10.3 allows remote attackers to ...)
+CVE-2015-1139
 	NOT-FOR-US: Apple
-CVE-2015-1138 (Hypervisor in Apple OS X before 10.10.3 allows local users to cause a ...)
+CVE-2015-1138
 	NOT-FOR-US: Apple
-CVE-2015-1137 (The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local ...)
+CVE-2015-1137
 	NOT-FOR-US: Apple
-CVE-2015-1136 (Use-after-free vulnerability in CoreAnimation in Apple OS X before ...)
+CVE-2015-1136
 	NOT-FOR-US: Apple
-CVE-2015-1135 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
+CVE-2015-1135
 	NOT-FOR-US: Apple
-CVE-2015-1134 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
+CVE-2015-1134
 	NOT-FOR-US: Apple
-CVE-2015-1133 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
+CVE-2015-1133
 	NOT-FOR-US: Apple
-CVE-2015-1132 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
+CVE-2015-1132
 	NOT-FOR-US: Apple
-CVE-2015-1131 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
+CVE-2015-1131
 	NOT-FOR-US: Apple
-CVE-2015-1130 (The XPC implementation in Admin Framework in Apple OS X before 10.10.3 ...)
+CVE-2015-1130
 	NOT-FOR-US: Apple
-CVE-2015-1129 (Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does ...)
+CVE-2015-1129
 	NOT-FOR-US: Apple Safari
-CVE-2015-1128 (The private-browsing implementation in Apple Safari before 6.2.5, 7.x ...)
+CVE-2015-1128
 	NOT-FOR-US: Apple Safari
-CVE-2015-1127 (The private-browsing implementation in WebKit in Apple Safari before ...)
+CVE-2015-1127
 	NOT-FOR-US: Apple Safari
-CVE-2015-1126 (WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, ...)
+CVE-2015-1126
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1125 (The touch-events implementation in WebKit in Apple iOS before 8.3 ...)
+CVE-2015-1125
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1124 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and ...)
+CVE-2015-1124
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1123 (WebKit, as used in Apple iOS before 8.3 and Apple TV before 7.2, ...)
+CVE-2015-1123
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1122 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and ...)
+CVE-2015-1122
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1121 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and ...)
+CVE-2015-1121
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1120 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and ...)
+CVE-2015-1120
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1119 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and ...)
+CVE-2015-1119
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1118 (libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1118
 	NOT-FOR-US: Apple
-CVE-2015-1117 (The (1) setreuid and (2) setregid system-call implementations in the ...)
+CVE-2015-1117
 	NOT-FOR-US: iOS
-CVE-2015-1116 (The UIKit View component in Apple iOS before 8.3 displays unblurred ...)
+CVE-2015-1116
 	NOT-FOR-US: iOS
-CVE-2015-1115 (The Telephony component in Apple iOS before 8.3 allows attackers to ...)
+CVE-2015-1115
 	NOT-FOR-US: iOS
-CVE-2015-1114 (The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV ...)
+CVE-2015-1114
 	NOT-FOR-US: iOS
-CVE-2015-1113 (The Sandbox Profiles component in Apple iOS before 8.3 allows ...)
+CVE-2015-1113
 	NOT-FOR-US: iOS
-CVE-2015-1112 (Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as ...)
+CVE-2015-1112
 	NOT-FOR-US: iOS
-CVE-2015-1111 (Safari in Apple iOS before 8.3 does not delete Recently Closed Tabs ...)
+CVE-2015-1111
 	NOT-FOR-US: iOS
-CVE-2015-1110 (The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 ...)
+CVE-2015-1110
 	NOT-FOR-US: iOS
-CVE-2015-1109 (NetworkExtension in Apple iOS before 8.3 stores credentials in VPN ...)
+CVE-2015-1109
 	NOT-FOR-US: iOS
-CVE-2015-1108 (The Lock Screen component in Apple iOS before 8.3 does not properly ...)
+CVE-2015-1108
 	NOT-FOR-US: iOS
-CVE-2015-1107 (The Lock Screen component in Apple iOS before 8.3 does not properly ...)
+CVE-2015-1107
 	NOT-FOR-US: iOS
-CVE-2015-1106 (The QuickType feature in the Keyboards subsystem in Apple iOS before ...)
+CVE-2015-1106
 	NOT-FOR-US: iOS
-CVE-2015-1105 (The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS ...)
+CVE-2015-1105
 	NOT-FOR-US: iOS
-CVE-2015-1104 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1104
 	NOT-FOR-US: iOS
-CVE-2015-1103 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1103
 	NOT-FOR-US: iOS
-CVE-2015-1102 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1102
 	NOT-FOR-US: iOS
-CVE-2015-1101 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1101
 	NOT-FOR-US: iOS
-CVE-2015-1100 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1100
 	NOT-FOR-US: iOS
-CVE-2015-1099 (Race condition in the setreuid system-call implementation in the ...)
+CVE-2015-1099
 	NOT-FOR-US: iOS
-CVE-2015-1098 (iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows ...)
+CVE-2015-1098
 	NOT-FOR-US: iOS
-CVE-2015-1097 (IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 ...)
+CVE-2015-1097
 	NOT-FOR-US: iOS
-CVE-2015-1096 (IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1096
 	NOT-FOR-US: iOS
-CVE-2015-1095 (IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and ...)
+CVE-2015-1095
 	NOT-FOR-US: iOS
-CVE-2015-1094 (IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 ...)
+CVE-2015-1094
 	NOT-FOR-US: iOS
-CVE-2015-1093 (FontParser in Apple iOS before 8.3 and Apple OS X before 10.10.3 ...)
+CVE-2015-1093
 	NOT-FOR-US: iOS
-CVE-2015-1092 (NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before ...)
+CVE-2015-1092
 	NOT-FOR-US: iOS
-CVE-2015-1091 (The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X ...)
+CVE-2015-1091
 	NOT-FOR-US: iOS
-CVE-2015-1090 (CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict ...)
+CVE-2015-1090
 	NOT-FOR-US: iOS
-CVE-2015-1089 (CFNetwork in Apple iOS before 8.3 and Apple OS X before 10.10.3 does ...)
+CVE-2015-1089
 	NOT-FOR-US: iOS
-CVE-2015-1088 (CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not ...)
+CVE-2015-1088
 	NOT-FOR-US: iOS
-CVE-2015-1087 (Directory traversal vulnerability in Backup in Apple iOS before 8.3 ...)
+CVE-2015-1087
 	NOT-FOR-US: iOS
-CVE-2015-1086 (The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV ...)
+CVE-2015-1086
 	NOT-FOR-US: iOS
-CVE-2015-1085 (AppleKeyStore in Apple iOS before 8.3 does not properly restrict a ...)
+CVE-2015-1085
 	NOT-FOR-US: iOS
-CVE-2015-1084 (The user interface in WebKit, as used in Apple Safari before 6.2.4, ...)
+CVE-2015-1084
 	NOT-FOR-US: Safari
-CVE-2015-1083 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1083
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1082 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1082
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1081 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1081
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1080 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1080
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1079 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1079
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1078 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1078
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1077 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1077
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1076 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1076
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1075 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1075
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1074 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1074
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1073 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1073
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1072 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1072
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1071 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1071
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1070 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1070
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1069 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1069
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1068 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and ...)
+CVE-2015-1068
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1067 (Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, ...)
+CVE-2015-1067
 	NOT-FOR-US: Apple
-CVE-2015-1066 (Off-by-one error in IOAcceleratorFamily in Apple OS X through 10.10.2 ...)
+CVE-2015-1066
 	NOT-FOR-US: Apple
-CVE-2015-1065 (Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 ...)
+CVE-2015-1065
 	NOT-FOR-US: Apple
-CVE-2015-1064 (Springboard in Apple iOS before 8.2 allows physically proximate ...)
+CVE-2015-1064
 	NOT-FOR-US: Apple
-CVE-2015-1063 (CoreTelephony in Apple iOS before 8.2 allows remote attackers to cause ...)
+CVE-2015-1063
 	NOT-FOR-US: Apple
-CVE-2015-1062 (MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 ...)
+CVE-2015-1062
 	NOT-FOR-US: Apple
-CVE-2015-1061 (IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and ...)
+CVE-2015-1061
 	NOT-FOR-US: Apple
-CVE-2015-1060 (Open redirect vulnerability in lib/Cake/Controller/Controller.php in ...)
+CVE-2015-1060
 	NOT-FOR-US: AdaptCMS
-CVE-2015-1059 (Unrestricted file upload vulnerability in admin/files/add in AdaptCMS ...)
+CVE-2015-1059
 	NOT-FOR-US: AdaptCMS
-CVE-2015-1058 (Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 ...)
+CVE-2015-1058
 	NOT-FOR-US: AdaptCMS
-CVE-2015-1057 (Cross-site scripting (XSS) vulnerability in usersettings.php in e107 ...)
+CVE-2015-1057
 	NOT-FOR-US: e107
-CVE-2015-1056 (Cross-site scripting (XSS) vulnerability in Brother MFC-J4410DW ...)
+CVE-2015-1056
 	NOT-FOR-US: Brother printer
-CVE-2015-1055 (SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for ...)
+CVE-2015-1055
 	NOT-FOR-US: WordPress plugin Photo Gallery
-CVE-2015-1054 (Cross-site scripting (XSS) vulnerability in the Games feature in ...)
+CVE-2015-1054
 	NOT-FOR-US: Crea8Social
-CVE-2015-1053 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
+CVE-2015-1053
 	NOT-FOR-US: Croogo
-CVE-2015-1052 (Cross-site scripting (XSS) vulnerability in the poll archive in PHPKIT ...)
+CVE-2015-1052
 	NOT-FOR-US: PHPKIT
-CVE-2015-1050 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application ...)
+CVE-2015-1050
 	NOT-FOR-US: F5 BIG-IP Application Security Manager
-CVE-2015-1049 (The web server on Siemens SCALANCE X-200IRT switches with firmware ...)
+CVE-2015-1049
 	NOT-FOR-US: Siemens SCALANCE
-CVE-2015-1205 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2015-1205
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -23906,64 +23906,64 @@ CVE-2015-1203 [stack allocation with an attacker-controlled size -- modules/acce
 CVE-2015-1202 [stack allocation with an attacker-controlled size -- modules/services_discovery/sap.c]
 	RESERVED
 	NOTE: VLC issue disputed by upstream, see bug #775866
-CVE-2015-1201 (Privoxy before 3.0.22 allows remote attackers to cause a denial of ...)
+CVE-2015-1201
 	NOT-FOR-US: Bogus entry for Privoxy picked from Secunia
-CVE-2015-1308 (kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote ...)
+CVE-2015-1308
 	- kde-workspace 4:5.1.95-1
 	[jessie] - kde-workspace <no-dsa> (Minor issue)
 	[wheezy] - kde-workspace <no-dsa> (Minor issue)
-CVE-2015-1307 (plasma-workspace before 5.1.95 allows remote attackers to obtain ...)
+CVE-2015-1307
 	NOT-FOR-US: KDE Plasma 5 desktop, not yet packaged
-CVE-2015-1306 (The newsletter posting area in the web interface in Sympa 6.0.x before ...)
+CVE-2015-1306
 	{DSA-3134-1 DLA-148-1}
 	- sympa 6.1.23~dfsg-2
 	NOTE: https://www.sympa.org/security_advisories#security_breaches_in_newsletter_posting
-CVE-2015-1051 (Open redirect vulnerability in the Context UI module in the Context ...)
+CVE-2015-1051
 	NOT-FOR-US: Drupal extension drupal7-context
-CVE-2015-2304 (Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 ...)
+CVE-2015-2304
 	{DSA-3180-1 DLA-166-1}
 	- libarchive 3.1.2-11 (bug #778266)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/16/7
 	NOTE: Patch: https://github.com/libarchive/libarchive/commit/59357157706d47c365b2227739e17daba3607526
-CVE-2015-1200 (Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for ...)
+CVE-2015-1200
 	- pxz 4.999.99~beta3+git659fc9b-3 (bug #775306)
-CVE-2015-1199 (Directory traversal vulnerability in ppmd 10.1-5. ...)
+CVE-2015-1199
 	- ppmd <removed> (low; bug #775218)
 	[jessie] - ppmd <no-dsa> (Minor issue)
 	[wheezy] - ppmd <no-dsa> (Minor issue)
 	[squeeze] - ppmd <no-dsa> (Minor issue)
-CVE-2015-1195 (The V2 API in OpenStack Image Registry and Delivery Service (Glance) ...)
+CVE-2015-1195
 	- glance 2014.1.3-11 (bug #775926)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: up to 2014.1.3 and 2014.2 versions up to 2014.2.1
-CVE-2015-1350 (The VFS subsystem in the Linux kernel 3.x provides an incomplete set ...)
+CVE-2015-1350
 	{DLA-772-1}
 	- linux 4.8.11-1 (bug #770492)
 	[jessie] - linux 3.16.39-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/030b533c4fd4d2ec3402363323de4bb2983c9cee
-CVE-2015-1164 (Open redirect vulnerability in the serve-static plugin before 1.7.2 ...)
+CVE-2015-1164
 	- node-serve-static 1.6.4-2 (unimportant; bug #775843)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/serve-static-open-redirect
 	NOTE: https://github.com/expressjs/serve-static/issues/26
-CVE-2015-1048 (Open redirect vulnerability in the integrated web server on Siemens ...)
+CVE-2015-1048
 	NOT-FOR-US: Siemens
-CVE-2015-1047 (vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 ...)
+CVE-2015-1047
 	NOT-FOR-US: VMware vCenter
 CVE-2015-1046
 	REJECTED
 CVE-2015-1045
 	REJECTED
-CVE-2015-1044 (vmware-authd (aka the Authorization process) in VMware Workstation ...)
+CVE-2015-1044
 	NOT-FOR-US: VMware
-CVE-2015-1043 (The Host Guest File System (HGFS) in VMware Workstation 10.x before ...)
+CVE-2015-1043
 	NOT-FOR-US: VMware
-CVE-2015-1041 (Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php ...)
+CVE-2015-1041
 	NOT-FOR-US: e107
-CVE-2015-1040 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-1040
 	NOT-FOR-US: BEdita
-CVE-2015-1039 (Cross-site scripting (XSS) vulnerability in user/login.phtml in ...)
+CVE-2015-1039
 	NOT-FOR-US: zfcUser
 CVE-2015-1037
 	RESERVED
@@ -23975,24 +23975,24 @@ CVE-2015-1034
 	RESERVED
 CVE-2015-1033
 	RESERVED
-CVE-2015-1032 (Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when ...)
+CVE-2015-1032
 	- kiwix <removed>
 	NOTE: actually RFP again, but was removed from the archive on 2014-09-25
 	NOTE: See https://bugs.debian.org/763321
-CVE-2015-1029 (The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x ...)
+CVE-2015-1029
 	- puppet-module-puppetlabs-stdlib 4.9.0-1 (bug #775535)
 	[jessie] - puppet-module-puppetlabs-stdlib <not-affected> (The jessie version of facter is recent enough)
 	NOTE: http://puppetlabs.com/security/cve/cve-2015-1029
 	NOTE: http://lists.alioth.debian.org/pipermail/pkg-puppet-devel/2015-January/009318.html
-CVE-2015-1028 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link ...)
+CVE-2015-1028
 	NOT-FOR-US: D-Link router
-CVE-2015-1027 (The version checking subroutine in percona-toolkit before 2.2.13 and ...)
+CVE-2015-1027
 	- percona-toolkit 2.2.13-1 (unimportant)
 	[wheezy] - percona-toolkit <not-affected> (version-check introduced in 2.1.4)
 	- percona-xtrabackup <unfixed> (unimportant)
 	NOTE: Automatic version check is disabled and inherently insecure (CVE-2014-2029)
 	NOTE: Patch applied to OpenSUSE 13.1: https://build.opensuse.org/package/view_file/openSUSE:13.1:Update/xtrabackup/percona-xtrabackup-CVE-2015-1027.patch?expand=1
-CVE-2015-1026 (Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ...)
+CVE-2015-1026
 	NOT-FOR-US: ZOHO ManageEngine
 CVE-2015-1025
 	RESERVED
@@ -24014,106 +24014,106 @@ CVE-2015-1017
 	RESERVED
 CVE-2015-1016
 	RESERVED
-CVE-2015-1015 (Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, ...)
+CVE-2015-1015
 	NOT-FOR-US: Omron CX-One
 CVE-2015-1014
 	RESERVED
-CVE-2015-1013 (OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure ...)
+CVE-2015-1013
 	NOT-FOR-US: OSIsoft PI AF and OSIsoft PI SQL for AF
 CVE-2015-1012
 	RESERVED
-CVE-2015-1011 (Hospira LifeCare PCA Infusion System before 7.0 has hardcoded ...)
+CVE-2015-1011
 	NOT-FOR-US: Hospira LifeCare
-CVE-2015-1010 (Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does ...)
+CVE-2015-1010
 	NOT-FOR-US: Rockwell Automation RSView32
-CVE-2015-1009 (Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and ...)
+CVE-2015-1009
 	NOT-FOR-US: Schneider Electric
-CVE-2015-1008 (SQL injection vulnerability in Emerson AMS Device Manager before 13 ...)
+CVE-2015-1008
 	NOT-FOR-US: Emerson AMS Device Manager
 CVE-2015-1007
 	RESERVED
 CVE-2015-1006
 	RESERVED
-CVE-2015-1005 (IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE ...)
+CVE-2015-1005
 	NOT-FOR-US: IniNet
 CVE-2015-1004
 	REJECTED
-CVE-2015-1003 (Directory traversal vulnerability in IniNet embeddedWebServer (aka ...)
+CVE-2015-1003
 	NOT-FOR-US: IniNet
-CVE-2015-1002 (IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL ...)
+CVE-2015-1002
 	NOT-FOR-US: IniNet
-CVE-2015-1001 (Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka ...)
+CVE-2015-1001
 	NOT-FOR-US: IniNet
-CVE-2015-1000 (Stack-based buffer overflow in the OpenForIPCamTest method in the ...)
+CVE-2015-1000
 	NOT-FOR-US: SStreamVideo ActiveX control
-CVE-2015-0999 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and ...)
+CVE-2015-0999
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0998 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and ...)
+CVE-2015-0998
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0997 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and ...)
+CVE-2015-0997
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0996 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and ...)
+CVE-2015-0996
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0995 (Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which ...)
+CVE-2015-0995
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0994 (Inductive Automation Ignition 7.7.2 allows remote authenticated users ...)
+CVE-2015-0994
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0993 (Inductive Automation Ignition 7.7.2 does not terminate a session upon ...)
+CVE-2015-0993
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0992 (Inductive Automation Ignition 7.7.2 stores cleartext OPC Server ...)
+CVE-2015-0992
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0991 (Inductive Automation Ignition 7.7.2 allows remote attackers to obtain ...)
+CVE-2015-0991
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0990 (Untrusted search path vulnerability in Ecava IntegraXor SCADA Server ...)
+CVE-2015-0990
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2015-0989 (PACTware 4.1 SP3 allows remote attackers to cause a denial of service ...)
+CVE-2015-0989
 	NOT-FOR-US: PACTware
-CVE-2015-0988 (Omron CX-One CX-Programmer before 9.6 uses a reversible format for ...)
+CVE-2015-0988
 	NOT-FOR-US: Omron CX-One
-CVE-2015-0987 (Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, ...)
+CVE-2015-0987
 	NOT-FOR-US: Omron CX-One
-CVE-2015-0986 (Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus ...)
+CVE-2015-0986
 	NOT-FOR-US: Moxa VPort ActiveX SDK Plus
-CVE-2015-0985 (Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on ...)
+CVE-2015-0985
 	NOT-FOR-US: XZERES 442SR (wind turbine)
-CVE-2015-0984 (Directory traversal vulnerability in the FTP server on Honeywell Excel ...)
+CVE-2015-0984
 	NOT-FOR-US: Honeywell Excel Web
 CVE-2015-0983
 	REJECTED
-CVE-2015-0982 (Buffer overflow in an unspecified DLL in Schneider Electric Pelco ...)
+CVE-2015-0982
 	NOT-FOR-US: Schneider Electric
-CVE-2015-0981 (The SOAP web interface in SCADA Engine BACnet OPC Server before ...)
+CVE-2015-0981
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2015-0980 (Format string vulnerability in BACnOPCServer.exe in the SOAP web ...)
+CVE-2015-0980
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2015-0979 (Heap-based buffer overflow in the SOAP web interface in SCADA Engine ...)
+CVE-2015-0979
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2015-0978 (Multiple untrusted search path vulnerabilities in (1) ...)
+CVE-2015-0978
 	NOT-FOR-US: Elipse E3
-CVE-2015-0977 (Network Vision IntraVue before 2.3.0a14 on Windows allows remote ...)
+CVE-2015-0977
 	NOT-FOR-US: IntraVue
-CVE-2015-0976 (Cross-site scripting (XSS) vulnerability in Inductive Automation ...)
+CVE-2015-0976
 	NOT-FOR-US: Inductive Automation Ignition
 CVE-2015-0975
 	RESERVED
-CVE-2015-0974 (Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 ...)
+CVE-2015-0974
 	NOT-FOR-US: ZTE Datacard MF19
-CVE-2015-0972 (Pearson ProctorCache before 2015.1.17 uses the same hardcoded password ...)
+CVE-2015-0972
 	NOT-FOR-US: Pearson ProctorCache
-CVE-2015-0971 (The DER parser in Suricata before 2.0.8 allows remote attackers to ...)
+CVE-2015-0971
 	{DSA-3254-1}
 	- suricata 2.0.8-1
 	[wheezy] - suricata <not-affected> (ASN.1 parser for X509 certificates in DER format introduced in 1.3)
 	[squeeze] - suricata <not-affected> (ASN.1 parser for X509 certificates in DER format introduced in 1.3)
 	NOTE: http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/
 	NOTE: Patch: https://github.com/inliniac/suricata/commit/fa73a0bb8f312fd0a95cc70f6b3ee4e4997bdba7
-CVE-2015-0970 (Cross-site request forgery (CSRF) vulnerability in SearchBlox before ...)
+CVE-2015-0970
 	NOT-FOR-US: SearchBlox
-CVE-2015-0969 (SearchBlox before 8.2 allows remote attackers to obtain sensitive ...)
+CVE-2015-0969
 	NOT-FOR-US: SearchBlox
-CVE-2015-0968 (Unrestricted file upload vulnerability in admin/uploadImage.html in ...)
+CVE-2015-0968
 	NOT-FOR-US: SearchBlox
-CVE-2015-0967 (Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox ...)
+CVE-2015-0967
 	NOT-FOR-US: SearchBlox
 CVE-2015-0966
 	RESERVED
@@ -24123,9 +24123,9 @@ CVE-2015-0964
 	RESERVED
 CVE-2015-0963
 	RESERVED
-CVE-2015-0962 (Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection ...)
+CVE-2015-0962
 	NOT-FOR-US: Barracuda Web Filter
-CVE-2015-0961 (Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, ...)
+CVE-2015-0961
 	NOT-FOR-US: Barracuda Web Filter
 CVE-2015-0960
 	RESERVED
@@ -24145,9 +24145,9 @@ CVE-2015-0953
 	RESERVED
 CVE-2015-0952
 	RESERVED
-CVE-2015-0951 (X-Cart before 5.1.11 allows remote authenticated users to read or ...)
+CVE-2015-0951
 	NOT-FOR-US: X-Cart
-CVE-2015-0950 (Cross-site scripting (XSS) vulnerability in admin.php in X-Cart 5.1.6 ...)
+CVE-2015-0950
 	NOT-FOR-US: X-Cart
 CVE-2015-0949
 	RESERVED
@@ -24161,37 +24161,37 @@ CVE-2015-0945
 	RESERVED
 CVE-2015-0944
 	RESERVED
-CVE-2015-0943 (Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt ...)
+CVE-2015-0943
 	NOT-FOR-US: Basware Banking
 CVE-2015-0942
 	REJECTED
-CVE-2015-0941 (The Inetc plugin for Nullsoft Scriptable Install System (NSIS), as ...)
+CVE-2015-0941
 	NOT-FOR-US: Nullsoft Scriptable Install System plugin Inetc
 CVE-2015-0940
 	RESERVED
 CVE-2015-0939
 	RESERVED
-CVE-2015-0938 (search.php on the Blue Coat Malware Analysis appliance with software ...)
+CVE-2015-0938
 	NOT-FOR-US: Blue Coat
-CVE-2015-0937 (Cross-site scripting (XSS) vulnerability in search.php on the Blue ...)
+CVE-2015-0937
 	NOT-FOR-US: Blue Coat
-CVE-2015-0936 (Ceragon FibeAir IP-10 have a default SSH public key in the ...)
+CVE-2015-0936
 	NOT-FOR-US: Ceragon FibeAir IP-10
-CVE-2015-0935 (Bomgar Remote Support before 15.1.1 allows remote attackers to execute ...)
+CVE-2015-0935
 	NOT-FOR-US: Bomgar Remote Support
-CVE-2015-0934 (Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ...)
+CVE-2015-0934
 	NOT-FOR-US: ShareLaTeX
-CVE-2015-0933 (Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, ...)
+CVE-2015-0933
 	NOT-FOR-US: ShareLaTeX
-CVE-2015-0932 (The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, ...)
+CVE-2015-0932
 	NOT-FOR-US: ANTlabs InnGate
-CVE-2015-0931 (Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and ...)
+CVE-2015-0931
 	NOT-FOR-US: Ektron CMS
-CVE-2015-0930 (The web interface on SerVision HVG Video Gateway devices with firmware ...)
+CVE-2015-0930
 	NOT-FOR-US: SerVision HVG Video Gateway
-CVE-2015-0929 (time.htm in the web interface on SerVision HVG Video Gateway devices ...)
+CVE-2015-0929
 	NOT-FOR-US: SerVision HVG Video Gateway
-CVE-2015-0928 (libhtp 0.5.15 allows remote attackers to cause a denial of service ...)
+CVE-2015-0928
 	- suricata 2.0.7-1
 	[wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
 	[squeeze] - suricata <no-dsa> (Minor issue)
@@ -24199,13 +24199,13 @@ CVE-2015-0928 (libhtp 0.5.15 allows remote attackers to cause a denial of servic
 	NOTE: Commit: https://github.com/inliniac/suricata/commit/56196ace51395fcb2d8fc30d586e9ad782306d31
 CVE-2015-0927
 	RESERVED
-CVE-2015-0926 (Labtech before 100.237 on Linux uses world-writable permissions for ...)
+CVE-2015-0926
 	NOT-FOR-US: Labtech
-CVE-2015-0925 (The client in iPass Open Mobile before 2.4.5 on Windows allows remote ...)
+CVE-2015-0925
 	NOT-FOR-US: iPass Open Mobile
-CVE-2015-0924 (Ceragon FibeAir IP-10 bridges have a default password for the root ...)
+CVE-2015-0924
 	NOT-FOR-US: Ceragon FiberAir IP-10 bridges
-CVE-2015-0923 (The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron ...)
+CVE-2015-0923
 	NOT-FOR-US: Ektron CMS
 CVE-2015-XXXX [smime_keys: insecure use of /tmp]
 	- mutt 1.5.24-1 (unimportant; bug #775199)
@@ -24217,41 +24217,41 @@ CVE-2015-XXXX [djvudigital: insecure use of /tmp]
 	NOTE: Originally was addressed in 3.5.27.1-1 but it was reintroduced
 	NOTE: with the 3.5.27.1-2 upload, cf. https://bugs.debian.org/775193#17
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-5701 (mktexlsr revision 36855, and before revision 36626 as packaged in ...)
+CVE-2015-5701
 	- texlive-bin <not-affected> (Vulnerable code not reintroduced, patch mktexlsr-use-mktemp still applied)
 	NOTE: https://www.tug.org/svn/texlive/trunk/Build/source/texk/kpathsea/mktexlsr?r1=36626&r2=36855
-CVE-2015-5700 (mktexlsr revision 22855 through revision 36625 as packaged in texlive ...)
+CVE-2015-5700
 	- texlive-bin 2014.20140926.35254-5 (bug #775139)
 	[wheezy] - texlive-bin <no-dsa> (Minor issue)
 	[squeeze] - texlive-bin <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/23/22
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/28/5
 	NOTE: https://www.tug.org/svn/texlive/trunk/Build/source/texk/kpathsea/mktexlsr?r1=19613&r2=22885
-CVE-2015-1196 (GNU patch 2.7.1 allows remote attackers to write to arbitrary files ...)
+CVE-2015-1196
 	- patch 2.7.1-7 (bug #775227)
 	[wheezy] - patch <not-affected> (Support for git-style patches added in 2.7)
 	[squeeze] - patch <not-affected> (Support for git-style patches added in 2.7)
-CVE-2015-1194 (pax 1:20140703 allows remote attackers to write to arbitrary files via ...)
+CVE-2015-1194
 	- pax 1:20160306-1 (low; bug #774716)
 	[jessie] - pax <no-dsa> (Minor issue)
 	[squeeze] - pax <no-dsa> (Minor issue)
 	[wheezy] - pax <no-dsa> (Minor issue)
-CVE-2015-1193 (Multiple directory traversal vulnerabilities in pax 1:20140703 allow ...)
+CVE-2015-1193
 	- pax 1:20160306-1 (low; bug #774716)
 	[jessie] - pax <no-dsa> (Minor issue)
 	[squeeze] - pax <no-dsa> (Minor issue)
 	[wheezy] - pax <no-dsa> (Minor issue)
-CVE-2015-1192 (Absolute path traversal vulnerability in kgb 1.0b4 allows remote ...)
+CVE-2015-1192
 	- kgb 1.0b4+ds-14 (bug #774989)
 	[jessie] - kgb <no-dsa> (meant to be used as a local archiver)
 	[wheezy] - kgb <no-dsa> (meant to be used as a local archiver)
 	[squeeze] - kgb <no-dsa> (meant to be used as a local archiver)
-CVE-2015-1191 (Multiple directory traversal vulnerabilities in pigz 2.3.1 allow ...)
+CVE-2015-1191
 	- pigz 2.3.1-2 (bug #774978)
 	[squeeze] - pigz <no-dsa> (Minor issue)
 	[wheezy] - pigz <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/pigz/commit/fdad1406b3ec809f4954ff7cdf9e99eb18c2458f
-CVE-2015-0973 (Buffer overflow in the png_read_IDAT_data function in pngrutil.c in ...)
+CVE-2015-0973
 	- libpng <not-affected> (Affects 1.5.x and 1.6.x series)
 	- libpng1.6 1.6.16-1 (bug #773823)
 	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
@@ -24261,102 +24261,102 @@ CVE-2015-0973 (Buffer overflow in the png_read_IDAT_data function in pngrutil.c
 	[wheezy] - texlive-bin <not-affected> (uses system libpng)
 	NOTE: http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
 	NOTE: http://mid.gmane.org/Pine.LNX.4.64.1501101510150.31425@beijing.mitre.org
-CVE-2015-0922 (McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 ...)
+CVE-2015-0922
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2015-0921 (XML external entity (XXE) vulnerability in the Server Task Log in ...)
+CVE-2015-0921
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2015-2063 (Integer overflow in unace 1.2b allows remote attackers to cause a ...)
+CVE-2015-2063
 	{DSA-3178-1 DLA-164-1}
 	- unace 1.2b-12 (bug #775003)
 	NOTE: http://git.hadrons.org/?p=debian/pkgs/unace.git;a=commitdiff;h=319446f
-CVE-2015-0920 (Cross-site request forgery (CSRF) vulnerability in the Banner Effect ...)
+CVE-2015-0920
 	NOT-FOR-US: Banner Effect Header plugin for WordPress
-CVE-2015-0919 (Multiple SQL injection vulnerabilities in the administrative backend ...)
+CVE-2015-0919
 	NOT-FOR-US: Sefrengo
-CVE-2015-0918 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
+CVE-2015-0918
 	NOT-FOR-US: Sefrengo
-CVE-2015-0917 (Cross-site scripting (XSS) vulnerability in the backend in Kajona ...)
+CVE-2015-0917
 	NOT-FOR-US: Kajona
-CVE-2015-0916 (SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows ...)
+CVE-2015-0916
 	- cacti 0.8.6f-1
-CVE-2015-0915 (Cross-site scripting (XSS) vulnerability in RAKUS MailDealer 11.2.1 ...)
+CVE-2015-0915
 	NOT-FOR-US: RAKUS MailDealer
-CVE-2015-0914 (EasyCTF before 1.4 does not validate the session ID, which allows ...)
+CVE-2015-0914
 	NOT-FOR-US: EasyCTF
-CVE-2015-0913 (Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows ...)
+CVE-2015-0913
 	NOT-FOR-US: EasyCTF
-CVE-2015-0912 (EasyCTF before 1.4 allows remote authenticated users to write ...)
+CVE-2015-0912
 	NOT-FOR-US: EasyCTF
-CVE-2015-0911 (Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 ...)
+CVE-2015-0911
 	NOT-FOR-US: TAGAWA Takao TransmitMail
-CVE-2015-0910 (Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail ...)
+CVE-2015-0910
 	NOT-FOR-US: TAGAWA Takao TransmitMail
 CVE-2015-0909
 	RESERVED
 CVE-2015-0908
 	RESERVED
-CVE-2015-0907 (Buffer overflow in Lhaplus before 1.70 allows remote attackers to ...)
+CVE-2015-0907
 	NOT-FOR-US: Lhaplus
-CVE-2015-0906 (Directory traversal vulnerability in Lhaplus before 1.70 allows remote ...)
+CVE-2015-0906
 	NOT-FOR-US: Lhaplus
-CVE-2015-0905 (Cross-site request forgery (CSRF) vulnerability in bBlog allows remote ...)
+CVE-2015-0905
 	NOT-FOR-US: bBlog
-CVE-2015-0904 (The Restaurant Karaoke SHIDAX app 1.3.3 and earlier on Android does ...)
+CVE-2015-0904
 	NOT-FOR-US: Restaurant Karaoke SHIDAX app
-CVE-2015-0903 (Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows ...)
+CVE-2015-0903
 	NOT-FOR-US: Saitoh Kikaku Maruo Editor
-CVE-2015-0902 (The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress ...)
+CVE-2015-0902
 	NOT-FOR-US: WordPress plugin all-in-one-seo-pack
-CVE-2015-0901 (Cross-site scripting (XSS) vulnerability in the duwasai flashy theme ...)
+CVE-2015-0901
 	NOT-FOR-US: WordPress duwasai flashy theme
-CVE-2015-0900 (Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi ...)
+CVE-2015-0900
 	NOT-FOR-US: Nishishi Factory
-CVE-2015-0899 (The MultiPageValidator implementation in Apache Struts 1 1.1 through ...)
+CVE-2015-0899
 	{DSA-3536-1 DLA-292-1}
 	- libstruts1.2-java <removed>
 	NOTE: Patch in SuSE Bugzilla: https://bugzilla.novell.com/attachment.cgi?id=629559
 	NOTE: Patch appplies cleanly to the Wheezy and Squeeze versions
-CVE-2015-0898 (futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows ...)
+CVE-2015-0898
 	NOT-FOR-US: futomi CGI Cafe MP Form Mail CGI eCommerce
 CVE-2015-0897
 	RESERVED
-CVE-2015-0896 (Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer ...)
+CVE-2015-0896
 	{DLA-453-1 DLA-296-1}
 	- extplorer <removed> (bug #783231)
 	NOTE: Upstream fixes: http://extplorer.net/projects/extplorer/repository/revisions/240
-CVE-2015-0895 (Cross-site request forgery (CSRF) vulnerability in the All In One WP ...)
+CVE-2015-0895
 	NOT-FOR-US: All In One WP Security & Firewall plugin for WordPress
-CVE-2015-0894 (SQL injection vulnerability in the All In One WP Security &amp; Firewall ...)
+CVE-2015-0894
 	NOT-FOR-US: All In One WP Security & Firewall plugin for WordPress
-CVE-2015-0893 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka ...)
+CVE-2015-0893
 	NOT-FOR-US: Maroyaka
-CVE-2015-0892 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka ...)
+CVE-2015-0892
 	NOT-FOR-US: Maroyaka
-CVE-2015-0891 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka ...)
+CVE-2015-0891
 	NOT-FOR-US: Maroyaka
-CVE-2015-0890 (The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for ...)
+CVE-2015-0890
 	NOT-FOR-US: BestWebSoft plugin for WordPress
-CVE-2015-0889 (KENT-WEB Joyful Note before 5.3 allows remote attackers to delete ...)
+CVE-2015-0889
 	NOT-FOR-US: KENT-WEB Joyful Note
-CVE-2015-0888 (KENT-WEB Clip Board before 4.1 allows remote attackers to delete ...)
+CVE-2015-0888
 	NOT-FOR-US: KENT-WEB Clip Board
-CVE-2015-0887 (npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji ...)
+CVE-2015-0887
 	NOT-FOR-US: SEIL routers
-CVE-2015-0886 (Integer overflow in the crypt_raw method in the key-stretching ...)
+CVE-2015-0886
 	- libjbcrypt-java 0.4-1 (bug #780102)
 	[jessie] - libjbcrypt-java <no-dsa> (Minor issue)
 	[wheezy] - libjbcrypt-java <no-dsa> (Minor issue)
 	[squeeze] - libjbcrypt-java <no-dsa> (Minor issue)
-CVE-2015-0885 (checkpw 1.02 and earlier allows remote attackers to cause a denial of ...)
+CVE-2015-0885
 	{DSA-3192-1 DLA-191-1}
 	- checkpw 1.02-1.1 (bug #780139)
-CVE-2015-0884 (Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack ...)
+CVE-2015-0884
 	NOT-FOR-US: Toshiba Bluetooth Stack
-CVE-2015-0883 (SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth ...)
+CVE-2015-0883
 	NOT-FOR-US: Mailform Pro
-CVE-2015-0882 (Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka ...)
+CVE-2015-0882
 	NOT-FOR-US: Zen Cart
-CVE-2015-0881 (CRLF injection vulnerability in Squid before 3.1.1 allows remote ...)
+CVE-2015-0881
 	- squid 4.1-1 (low)
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
@@ -24364,66 +24364,66 @@ CVE-2015-0881 (CRLF injection vulnerability in Squid before 3.1.1 allows remote
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/01/2
 	NOTE: Patch: http://www.squid-cache.org/Versions/v3/3.1/changesets/b9619.patch
 	NOTE: https://jvn.jp/en/jp/JVN64455813/index.html
-CVE-2015-0880 (Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote ...)
+CVE-2015-0880
 	NOT-FOR-US: CREAR AL-Mail32
-CVE-2015-0879 (CREAR AL-Mail32 before 1.13d allows remote attackers to cause a denial ...)
+CVE-2015-0879
 	NOT-FOR-US: CREAR AL-Mail32
-CVE-2015-0878 (Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d ...)
+CVE-2015-0878
 	NOT-FOR-US: CREAR AL-Mail32
-CVE-2015-0877 (Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD ...)
+CVE-2015-0877
 	NOT-FOR-US: C-BOARD Moyuku
-CVE-2015-0876 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-0876
 	NOT-FOR-US: Saurus CMS
-CVE-2015-0875 (The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for ...)
+CVE-2015-0875
 	NOT-FOR-US: Ogaki Kyoritsu Bank Smartphone Passbook application for Android
-CVE-2015-0874 (Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL ...)
+CVE-2015-0874
 	NOT-FOR-US: Smartphone Passbook
-CVE-2015-0873 (Cross-site scripting (XSS) vulnerability in Homepage Decorator ...)
+CVE-2015-0873
 	NOT-FOR-US: PerlTreeBBS
 CVE-2015-0872
 	REJECTED
-CVE-2015-0871 (Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI ...)
+CVE-2015-0871
 	NOT-FOR-US: Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK
-CVE-2015-0870 (Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory ...)
+CVE-2015-0870
 	NOT-FOR-US: Nishishi Factory
-CVE-2015-0869 (I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a ...)
+CVE-2015-0869
 	NOT-FOR-US: I-O DATA DEVICE NP-BBRM routers
-CVE-2015-0868 (Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI ...)
+CVE-2015-0868
 	NOT-FOR-US: Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS
-CVE-2015-0867 (Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI ...)
+CVE-2015-0867
 	NOT-FOR-US: SYNCK GRAPHICA Download Log CGI
-CVE-2015-0866 (Multiple cross-site scripting (XSS) vulnerabilities in Zoho ...)
+CVE-2015-0866
 	NOT-FOR-US: ZOHO ManageEngine SupportCenter Plus
 CVE-2015-0865
 	RESERVED
-CVE-2015-0864 (Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x ...)
+CVE-2015-0864
 	NOT-FOR-US: Samsung
-CVE-2015-0863 (GALAXY Apps (aka Samsung Apps, Samsung Updates, or ...)
+CVE-2015-0863
 	NOT-FOR-US: Samsung GALAXY Apps
-CVE-2015-0862 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+CVE-2015-0862
 	- rabbitmq-server 3.4.3-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
 	[squeeze] - rabbitmq-server <not-affected> (Management web UI not available in version 1.8.1)
-CVE-2015-0861 (model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before ...)
+CVE-2015-0861
 	{DSA-3425-1}
 	- tryton-server 3.8.1-1
 	[wheezy] - tryton-server <not-affected> (Version < 3.2)
 	[squeeze] - tryton-server <not-affected> (Version < 3.2)
 	NOTE: Mathias Behrle told us that affected versions are >= 3.2 and < 3.8.1
-CVE-2015-0860 (Off-by-one error in the extracthalf function in dpkg-deb/extract.c in ...)
+CVE-2015-0860
 	{DSA-3407-1}
 	- dpkg 1.18.4
 	[squeeze] - dpkg <not-affected> (Vulnerable code not present)
-CVE-2015-0859 (The Debian build procedure for the smokeping package in wheezy before ...)
+CVE-2015-0859
 	{DSA-3405-1}
 	- smokeping 2.6.11-2
 	[squeeze] - smokeping <not-affected> (Vulnerable code not present)
-CVE-2015-0858 (Cool Projects TarDiff allows local users to write to arbitrary files ...)
+CVE-2015-0858
 	{DSA-3562-1 DLA-564-1}
 	- tardiff 0.1-3
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
-CVE-2015-0857 (Cool Projects TarDiff allows remote attackers to execute arbitrary ...)
+CVE-2015-0857
 	{DSA-3562-1 DLA-564-1}
 	- tardiff 0.1-5
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
@@ -24431,32 +24431,32 @@ CVE-2015-0857 (Cool Projects TarDiff allows remote attackers to execute arbitrar
 	NOTE: First part was addressed in 0.1-3 but does not contain the fix for the tar
 	NOTE: file name itself.
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=a18e8df51511df276e61dbccdbe1714fc53af965
-CVE-2015-0856 (daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the ...)
+CVE-2015-0856
 	- sddm 0.12.0-5 (bug #803336; low)
 	NOTE: https://github.com/sddm/sddm/commit/4cfed6b0a625593
-CVE-2015-0855 (The _mediaLibraryPlayCb function in mainwindow.py in pitivi before ...)
+CVE-2015-0855
 	- pitivi 0.95-1
 	[jessie] - pitivi <no-dsa> (Minor issue)
 	[squeeze] - pitivi <not-affected> (Vulnerable code not present (no os.system()))
 	[wheezy] - pitivi <not-affected> (Vulnerable code not present (no os.system()))
 	NOTE: https://git.gnome.org/browse/pitivi/commit/?id=45a4c84edb3b4343f199bba1c65502e3f49f5bb2 (RELEASE-0_95_0)
-CVE-2015-0854 (App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted ...)
+CVE-2015-0854
 	{DLA-769-1}
 	- shutter 0.93.1-1 (low; bug #798862)
 	[jessie] - shutter 0.92-0.1+deb8u1
 	[squeeze] - shutter <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/shutter/+bug/1495163
-CVE-2015-0853 (svn-workbench 1.6.2 and earlier on a system with xeyes installed ...)
+CVE-2015-0853
 	- svn-workbench 1.7.0-1 (low; bug #798863)
 	[jessie] - svn-workbench <no-dsa> (Minor issue)
 	[wheezy] - svn-workbench <no-dsa> (Minor issue)
 	[squeeze] - svn-workbench <no-dsa> (Minor issue)
-CVE-2015-0852 (Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and ...)
+CVE-2015-0852
 	{DSA-3392-1 DLA-327-1}
 	- freeimage 3.15.4-5 (bug #797165)
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.17&r2=1.18&pathrev=MAIN
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.18&r2=1.19&pathrev=MAIN
-CVE-2015-0851 (XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth ...)
+CVE-2015-0851
 	{DSA-3321-1 DLA-290-1}
 	- xmltooling 1.5.6-1 (bug #793855)
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150721.txt
@@ -24464,7 +24464,7 @@ CVE-2015-0851 (XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth .
 	NOTE: Initial advisory was listing the wrong CVE, updated later
 	NOTE: opensaml2 will need binNMUs/sourcefull upload (cf. #794851)
 	NOTE: [squeeze] partially affected (util/XMLHelper.cpp XMLHelper::getAttrInt method not present) (1.3.3.x)
-CVE-2015-0850 (The Git plugin for FusionForge before 6.0rc4 allows remote attackers ...)
+CVE-2015-0850
 	{DSA-3275-1}
 	- fusionforge 6.0~rc4-1
 	[squeeze] - fusionforge <not-affected> (Affects 5.3 and later)
@@ -24474,23 +24474,23 @@ CVE-2015-0849 [predictable temporary file vulnerability]
 	RESERVED
 	- pycode-browser 1:1.0-1 (unimportant; bug #790365)
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-0848 (Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers ...)
+CVE-2015-0848
 	{DSA-3302-1 DLA-253-1}
 	- libwmf 0.2.8.4-10.4 (bug #787644)
-CVE-2015-0847 (nbd-server.c in Network Block Device (nbd-server) before 3.11 does not ...)
+CVE-2015-0847
 	{DSA-3271-1 DLA-223-1}
 	- nbd 1:3.10-1 (bug #784657)
 	NOTE: http://sourceforge.net/p/nbd/mailman/message/34091218/
-CVE-2015-0846 (django-markupfield before 1.3.2 uses the default docutils ...)
+CVE-2015-0846
 	{DSA-3230-1 DLA-206-1}
 	- django-markupfield 1.3.2-1
 	NOTE: https://github.com/jamesturk/django-markupfield/commit/b45734ea1d206abc1ed2a90bdc779708066d49f3
-CVE-2015-0845 (Format string vulnerability in Movable Type Pro, Open Source, and ...)
+CVE-2015-0845
 	{DSA-3227-1}
 	- movabletype-opensource <removed>
 	[squeeze] - movabletype-opensource <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://movabletype.org/news/2015/04/movable_type_608_and_5213_released_to_close_security_vulnera.html
-CVE-2015-0844 (The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x ...)
+CVE-2015-0844
 	{DSA-3218-1 DLA-202-1}
 	- wesnoth-1.12 1:1.12.2-1
 	- wesnoth-1.10 1:1.10.7-2
@@ -24511,18 +24511,18 @@ CVE-2015-0841 [off-by-one buffer overflow in Listener::checkActivity in libcapsi
 	[experimental] - monopd 0.9.8-1
 	- monopd <unfixed> (bug #781043; unimportant)
 	NOTE: Not exploitable with dlmalloc
-CVE-2015-0840 (The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x ...)
+CVE-2015-0840
 	{DSA-3217-1 DLA-220-1}
 	- dpkg 1.17.25
 	NOTE: Ubuntu fix for 1.15.x (version in squeeze): http://launchpadlibrarian.net/202647129/dpkg_1.15.5.6ubuntu4.9_1.15.5.6ubuntu4.10.diff.gz
-CVE-2015-0839 (The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes ...)
+CVE-2015-0839
 	{DLA-775-1}
 	- hplip 3.15.11+repack0-1 (bug #787353; bug #796015)
 	[jessie] - hplip 3.14.6-1+deb8u1
 	[squeeze] - hplip <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2015/q2/581
 	NOTE: https://bugs.launchpad.net/bugs/1432516
-CVE-2015-0838 (Buffer overflow in the C implementation of the apply_delta function in ...)
+CVE-2015-0838
 	{DSA-3206-1 DLA-231-1}
 	- dulwich 0.10.1-1 (bug #780958)
 	[jessie] - dulwich 0.9.7-3
@@ -24533,164 +24533,164 @@ CVE-2015-0837 [data-dependent timing variations in modular exponentiation]
 	- libgcrypt20 1.6.3-2
 	- gnupg 1.4.18-7
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6cbc75e71295f23431c4ab95edc7573f2fc28476
-CVE-2015-0836 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-0836
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-11/
-CVE-2015-0835 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-0835
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-11/
-CVE-2015-0834 (The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: ...)
+CVE-2015-0834
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-15/
-CVE-2015-0833 (Multiple untrusted search path vulnerabilities in updater.exe in ...)
+CVE-2015-0833
 	- iceweasel <not-affected> (Specific to Firefox on Windows)
 	- icedove <not-affected> (Specific to Thunderbird on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-12/
-CVE-2015-0832 (Mozilla Firefox before 36.0 does not properly recognize the ...)
+CVE-2015-0832
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-13/
-CVE-2015-0831 (Use-after-free vulnerability in the ...)
+CVE-2015-0831
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-16/
-CVE-2015-0830 (The WebGL implementation in Mozilla Firefox before 36.0 does not ...)
+CVE-2015-0830
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-14/
-CVE-2015-0829 (Buffer overflow in libstagefright in Mozilla Firefox before 36.0 ...)
+CVE-2015-0829
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-17/
-CVE-2015-0828 (Double free vulnerability in the nsXMLHttpRequest::GetResponse ...)
+CVE-2015-0828
 	- iceweasel <not-affected> (Doesn't affect the memory allocator used in the Debian builds)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-18/
-CVE-2015-0827 (Heap-based buffer overflow in the mozilla::gfx::CopyRect function in ...)
+CVE-2015-0827
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-19/
-CVE-2015-0826 (The nsTransformedTextRun::SetCapitalization function in Mozilla ...)
+CVE-2015-0826
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-20/
-CVE-2015-0825 (Stack-based buffer underflow in the ...)
+CVE-2015-0825
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-21/
-CVE-2015-0824 (The mozilla::layers::BufferTextureClient::AllocateForSurface function ...)
+CVE-2015-0824
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-22/
-CVE-2015-0823 (Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used ...)
+CVE-2015-0823
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-23/
-CVE-2015-0822 (The Form Autocompletion feature in Mozilla Firefox before 36.0, ...)
+CVE-2015-0822
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-24/
-CVE-2015-0821 (Mozilla Firefox before 36.0 allows user-assisted remote attackers to ...)
+CVE-2015-0821
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-25/
-CVE-2015-0820 (Mozilla Firefox before 36.0 does not properly restrict transitions of ...)
+CVE-2015-0820
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-27/
-CVE-2015-0819 (The UITour::onPageEvent function in Mozilla Firefox before 36.0 does ...)
+CVE-2015-0819
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-26/
-CVE-2015-0818 (Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and ...)
+CVE-2015-0818
 	{DSA-3201-1}
 	- iceweasel 31.5.3esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
-CVE-2015-0817 (The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ...)
+CVE-2015-0817
 	{DSA-3201-1}
 	- iceweasel 31.5.3esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
-CVE-2015-0816 (Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and ...)
+CVE-2015-0816
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-33/
-CVE-2015-0815 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-0815
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-30/
-CVE-2015-0814 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2015-0814
 	- iceweasel <not-affected> (only affects Firefox 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-30/
-CVE-2015-0813 (Use-after-free vulnerability in the AppendElements function in Mozilla ...)
+CVE-2015-0813
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-31/
-CVE-2015-0812 (Mozilla Firefox before 37.0 does not require an HTTPS session for ...)
+CVE-2015-0812
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-32/
-CVE-2015-0811 (The QCMS implementation in Mozilla Firefox before 37.0 allows remote ...)
+CVE-2015-0811
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-34/
-CVE-2015-0810 (Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is ...)
+CVE-2015-0810
 	- iceweasel <not-affected> (Only affects 37.x; only affects OS X systems)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-35/
 CVE-2015-0809
 	RESERVED
-CVE-2015-0808 (The webrtc::VPMContentAnalysis::Release function in the WebRTC ...)
+CVE-2015-0808
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-36/
-CVE-2015-0807 (The navigator.sendBeacon implementation in Mozilla Firefox before ...)
+CVE-2015-0807
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-37/
-CVE-2015-0806 (The Off Main Thread Compositing (OMTC) implementation in Mozilla ...)
+CVE-2015-0806
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-38/
-CVE-2015-0805 (The Off Main Thread Compositing (OMTC) implementation in Mozilla ...)
+CVE-2015-0805
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-38/
-CVE-2015-0804 (The HTMLSourceElement::BindToTree function in Mozilla Firefox before ...)
+CVE-2015-0804
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-39/
-CVE-2015-0803 (The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before ...)
+CVE-2015-0803
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-39/
-CVE-2015-0802 (Mozilla Firefox before 37.0 relies on docshell type information ...)
+CVE-2015-0802
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-42/
-CVE-2015-0801 (Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and ...)
+CVE-2015-0801
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-40/
-CVE-2015-0800 (The PRNG implementation in the DNS resolver in Mozilla Firefox (aka ...)
+CVE-2015-0800
 	- iceweasel <not-affected> (Only affects 37.x; only on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
-CVE-2015-0799 (The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 ...)
+CVE-2015-0799
 	- iceweasel <not-affected> (Only affects Firefox 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-44/
-CVE-2015-0798 (The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, ...)
+CVE-2015-0798
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-43/
-CVE-2015-0797 (GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, ...)
+CVE-2015-0797
 	{DSA-3264-1 DSA-3260-1 DSA-3225-1}
 	- gst-plugins-bad0.10 <removed> (bug #784220)
 	[jessie] - gst-plugins-bad0.10 <no-dsa> (Minor impact compared to wheezy, no browser attack vector)
@@ -24700,11 +24700,11 @@ CVE-2015-0797 (GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, .
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-47/
-CVE-2015-0796 (In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before ...)
+CVE-2015-0796
 	- open-build-service <not-affected> (Fixed before initial upload)
-CVE-2015-0795 (Multiple stack-based buffer overflows in the SafeShellExecute method ...)
+CVE-2015-0795
 	NOT-FOR-US: NetIQ
-CVE-2015-0794 (modules.d/90crypt/module-setup.sh in the dracut package before ...)
+CVE-2015-0794
 	- dracut <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.opensuse.org/opensuse-updates/2015-11/msg00098.html
 	NOTE: http://lists.opensuse.org/opensuse-bugs/2015-06/msg02585.html
@@ -24723,450 +24723,450 @@ CVE-2015-0789
 	REJECTED
 CVE-2015-0788
 	REJECTED
-CVE-2015-0787 (XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote ...)
+CVE-2015-0787
 	NOT-FOR-US: NetIQ Designer for Identity Manager
-CVE-2015-0786 (Stack-based buffer overflow in the logging functionality in the ...)
+CVE-2015-0786
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0785 (com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ...)
+CVE-2015-0785
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0784 (Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows ...)
+CVE-2015-0784
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0783 (The FileViewer class in Novell ZENworks Configuration Management (ZCM) ...)
+CVE-2015-0783
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0782 (SQL injection vulnerability in the ScheduleQuery method of the ...)
+CVE-2015-0782
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0781 (Directory traversal vulnerability in the doPost method of the Rtrlet ...)
+CVE-2015-0781
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0780 (SQL injection vulnerability in the GetReRequestData method of the ...)
+CVE-2015-0780
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0779 (Directory traversal vulnerability in UploadServlet in Novell ZENworks ...)
+CVE-2015-0779
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0778 (osc before 0.151.0 allows remote attackers to execute arbitrary ...)
+CVE-2015-0778
 	- osc 0.149.0-2 (low; bug #780410)
 	[wheezy] - osc 0.134.1-2+deb7u1
 	[squeeze] - osc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=901643
-CVE-2015-0777 (drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen ...)
+CVE-2015-0777
 	- linux <not-affected> (Addon Xen usbback patch not present)
 	- linux-2.6 <not-affected> (Addon Xen usbback patch not present)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=917830
-CVE-2015-0776 (telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 ...)
+CVE-2015-0776
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0775 (The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on ...)
+CVE-2015-0775
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-0774 (Cross-site scripting (XSS) vulnerability in Cisco Application and ...)
+CVE-2015-0774
 	NOT-FOR-US: Cisco Application and Content Networking System
-CVE-2015-0773 (Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote ...)
+CVE-2015-0773
 	NOT-FOR-US: Cisco FireSIGHT System Software
-CVE-2015-0772 (Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows ...)
+CVE-2015-0772
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-0771 (The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS ...)
+CVE-2015-0771
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0770 (CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 ...)
+CVE-2015-0770
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2015-0769 (Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System ...)
+CVE-2015-0769
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0768 (The Device Work Center (DWC) component in Cisco Prime Network Control ...)
+CVE-2015-0768
 	NOT-FOR-US: Cisco Prime Network Control System
-CVE-2015-0767 (Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local ...)
+CVE-2015-0767
 	NOT-FOR-US: Cisco
-CVE-2015-0766 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-0766
 	NOT-FOR-US: Cisco
-CVE-2015-0765 (Cisco ONS 15454 System Software 10.30 and 10.301 allows remote ...)
+CVE-2015-0765
 	NOT-FOR-US: Cisco
-CVE-2015-0764 (Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read ...)
+CVE-2015-0764
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-0763 (Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session ...)
+CVE-2015-0763
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-0762 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2015-0762
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-0761 (Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x ...)
+CVE-2015-0761
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
-CVE-2015-0760 (The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and ...)
+CVE-2015-0760
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0759 (Cross-site request forgery (CSRF) vulnerability in Cisco Headend ...)
+CVE-2015-0759
 	NOT-FOR-US: Cisco
-CVE-2015-0758 (The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) ...)
+CVE-2015-0758
 	NOT-FOR-US: Cisco
-CVE-2015-0757 (The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) ...)
+CVE-2015-0757
 	NOT-FOR-US: Cisco
-CVE-2015-0756 (Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) ...)
+CVE-2015-0756
 	NOT-FOR-US: Cisco
-CVE-2015-0755 (The Posture module for Cisco Identity Services Engine (ISE), as ...)
+CVE-2015-0755
 	NOT-FOR-US: Cisco
-CVE-2015-0754 (Cisco Finesse 10.5(1) allows remote authenticated users to obtain ...)
+CVE-2015-0754
 	NOT-FOR-US: Cisco
-CVE-2015-0753 (SQL injection vulnerability in Cisco Unified Email Interaction Manager ...)
+CVE-2015-0753
 	NOT-FOR-US: Cisco
-CVE-2015-0752 (Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video ...)
+CVE-2015-0752
 	NOT-FOR-US: Cisco
-CVE-2015-0751 (Cisco IP Phone 7861, when firmware from Cisco Unified Communications ...)
+CVE-2015-0751
 	NOT-FOR-US: Cisco
-CVE-2015-0750 (The administrative web interface in Cisco Hosted Collaboration ...)
+CVE-2015-0750
 	NOT-FOR-US: Cisco
 CVE-2015-0749
 	RESERVED
 CVE-2015-0748
 	RESERVED
-CVE-2015-0747 (Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release ...)
+CVE-2015-0747
 	NOT-FOR-US: Cisco
-CVE-2015-0746 (The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows ...)
+CVE-2015-0746
 	NOT-FOR-US: Cisco Access Control Server
-CVE-2015-0745 (Cisco Headend System Release allows remote attackers to read temporary ...)
+CVE-2015-0745
 	NOT-FOR-US: Cisco
-CVE-2015-0744 (Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System ...)
+CVE-2015-0744
 	NOT-FOR-US: Cisco
-CVE-2015-0743 (Cisco Headend System Release allows remote attackers to cause a denial ...)
+CVE-2015-0743
 	NOT-FOR-US: Cisco
-CVE-2015-0742 (The Protocol Independent Multicast (PIM) application in Cisco Adaptive ...)
+CVE-2015-0742
 	NOT-FOR-US: Cisco
-CVE-2015-0741 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco ...)
+CVE-2015-0741
 	NOT-FOR-US: Cisco
-CVE-2015-0740 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
+CVE-2015-0740
 	NOT-FOR-US: Cisco
-CVE-2015-0739 (The Lights-Out Management (LOM) implementation in Cisco FireSIGHT ...)
+CVE-2015-0739
 	NOT-FOR-US: Cisco
-CVE-2015-0738 (Cross-site scripting (XSS) vulnerability in the Web Tracking Report ...)
+CVE-2015-0738
 	NOT-FOR-US: Cisco
-CVE-2015-0737 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT ...)
+CVE-2015-0737
 	NOT-FOR-US: Cisco FireSIGHT System Software
-CVE-2015-0736 (Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense ...)
+CVE-2015-0736
 	NOT-FOR-US: Cisco
-CVE-2015-0735 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
+CVE-2015-0735
 	NOT-FOR-US: Cisco
-CVE-2015-0734 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email ...)
+CVE-2015-0734
 	NOT-FOR-US: Cisco
-CVE-2015-0733 (CRLF injection vulnerability in the HTTP Header Handler in Digital ...)
+CVE-2015-0733
 	NOT-FOR-US: Cisco
-CVE-2015-0732 (Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web ...)
+CVE-2015-0732
 	NOT-FOR-US: Cisco
-CVE-2015-0731 (The ISDN implementation in Cisco IOS 15.3S allows remote attackers to ...)
+CVE-2015-0731
 	NOT-FOR-US: Cisco
-CVE-2015-0730 (The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) ...)
+CVE-2015-0730
 	NOT-FOR-US: Cisco
-CVE-2015-0729 (Cross-site scripting (XSS) vulnerability in Cisco Secure Access ...)
+CVE-2015-0729
 	NOT-FOR-US: Cisco
-CVE-2015-0728 (Cross-site scripting (XSS) vulnerability in Cisco Access Control ...)
+CVE-2015-0728
 	NOT-FOR-US: Cisco
-CVE-2015-0727 (Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco ...)
+CVE-2015-0727
 	NOT-FOR-US: Cisco
-CVE-2015-0726 (The web administration interface on Cisco Wireless LAN Controller ...)
+CVE-2015-0726
 	NOT-FOR-US: Cisco
-CVE-2015-0725 (Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when ...)
+CVE-2015-0725
 	NOT-FOR-US: Cisco
-CVE-2015-0724 (Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 ...)
+CVE-2015-0724
 	NOT-FOR-US: Cisco
-CVE-2015-0723 (The wireless web-authentication subsystem on Cisco Wireless LAN ...)
+CVE-2015-0723
 	NOT-FOR-US: Cisco
-CVE-2015-0722 (The network drivers in Cisco TelePresence T, Cisco TelePresence TE, ...)
+CVE-2015-0722
 	NOT-FOR-US: Cisco
-CVE-2015-0721 (Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, ...)
+CVE-2015-0721
 	NOT-FOR-US: Cisco
 CVE-2015-0720
 	RESERVED
 CVE-2015-0719
 	RESERVED
-CVE-2015-0718 (Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and ...)
+CVE-2015-0718
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-0717 (Cisco Unified Communications Manager 10.0(1.10000.12) allows local ...)
+CVE-2015-0717
 	NOT-FOR-US: Cisco
-CVE-2015-0716 (Cross-site request forgery (CSRF) vulnerability in the CUCReports page ...)
+CVE-2015-0716
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2015-0715 (SQL injection vulnerability in the administrative web interface in ...)
+CVE-2015-0715
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2015-0714 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse ...)
+CVE-2015-0714
 	NOT-FOR-US: Cisco Finesse
-CVE-2015-0713 (The web framework in Cisco TelePresence Advanced Media Gateway Series ...)
+CVE-2015-0713
 	NOT-FOR-US: Cisco
-CVE-2015-0712 (The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and ...)
+CVE-2015-0712
 	NOT-FOR-US: Cisco StarOS
-CVE-2015-0711 (The hamgr service in the IPv6 Proxy Mobile (PM) implementation in ...)
+CVE-2015-0711
 	NOT-FOR-US: Cisco StarOS
-CVE-2015-0710 (The Overlay Transport Virtualization (OTV) implementation in Cisco IOS ...)
+CVE-2015-0710
 	NOT-FOR-US: Cisco IOS XE
-CVE-2015-0709 (Cisco IOS 15.5S and IOS XE allow remote authenticated users to cause a ...)
+CVE-2015-0709
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0708 (Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow ...)
+CVE-2015-0708
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0707 (Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System ...)
+CVE-2015-0707
 	NOT-FOR-US: Cisco
-CVE-2015-0706 (Open redirect vulnerability in Cisco FireSIGHT System Software ...)
+CVE-2015-0706
 	NOT-FOR-US: Cisco
-CVE-2015-0705 (Cross-site request forgery (CSRF) vulnerability in the SOAP API ...)
+CVE-2015-0705
 	NOT-FOR-US: Cisco
-CVE-2015-0704 (Multiple cross-site request forgery (CSRF) vulnerabilities in API ...)
+CVE-2015-0704
 	NOT-FOR-US: Cisco
-CVE-2015-0703 (Cross-site scripting (XSS) vulnerability in the administrative web ...)
+CVE-2015-0703
 	NOT-FOR-US: Cisco
-CVE-2015-0702 (Unrestricted file upload vulnerability in the Custom Prompts upload ...)
+CVE-2015-0702
 	NOT-FOR-US: Cisco
-CVE-2015-0701 (Cisco UCS Central Software before 1.3(1a) allows remote attackers to ...)
+CVE-2015-0701
 	NOT-FOR-US: Cisco UCS
-CVE-2015-0700 (Cross-site request forgery (CSRF) vulnerability in the Dashboard page ...)
+CVE-2015-0700
 	NOT-FOR-US: Cisco
-CVE-2015-0699 (SQL injection vulnerability in the Interactive Voice Response (IVR) ...)
+CVE-2015-0699
 	NOT-FOR-US: Cisco
-CVE-2015-0698 (Multiple cross-site scripting (XSS) vulnerabilities in filter search ...)
+CVE-2015-0698
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0697 (Open redirect vulnerability in the login page in Cisco TC Software ...)
+CVE-2015-0697
 	NOT-FOR-US: Cisco
-CVE-2015-0696 (Cross-site scripting (XSS) vulnerability in the login page in Cisco TC ...)
+CVE-2015-0696
 	NOT-FOR-US: Cisco
-CVE-2015-0695 (Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, ...)
+CVE-2015-0695
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0694 (Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that ...)
+CVE-2015-0694
 	NOT-FOR-US: Cisco
-CVE-2015-0693 (Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 ...)
+CVE-2015-0693
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0692 (Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 ...)
+CVE-2015-0692
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0691 (A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco ...)
+CVE-2015-0691
 	NOT-FOR-US: Cisco Secure Desktop Cache Cleaner
-CVE-2015-0690 (Cross-site scripting (XSS) vulnerability in the HTML help system on ...)
+CVE-2015-0690
 	NOT-FOR-US: Cisco
-CVE-2015-0689 (Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to ...)
+CVE-2015-0689
 	NOT-FOR-US: Cisco
-CVE-2015-0688 (Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services ...)
+CVE-2015-0688
 	NOT-FOR-US: Cisco
-CVE-2015-0687 (The SNMP implementation in Cisco IOS 15.1(2)SG4 on Catalyst 4500 ...)
+CVE-2015-0687
 	NOT-FOR-US: Cisco
-CVE-2015-0686 (The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 ...)
+CVE-2015-0686
 	NOT-FOR-US: Cisco
-CVE-2015-0685 (Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly ...)
+CVE-2015-0685
 	NOT-FOR-US: Cisco
-CVE-2015-0684 (SQL injection vulnerability in the Image Management component in Cisco ...)
+CVE-2015-0684
 	NOT-FOR-US: Cisco
-CVE-2015-0683 (Cisco Unified Communications Domain Manager 8.1(4) allows remote ...)
+CVE-2015-0683
 	NOT-FOR-US: Cisco
-CVE-2015-0682 (Cisco Unified Communications Domain Manager 8.1(4) allows remote ...)
+CVE-2015-0682
 	NOT-FOR-US: Cisco
-CVE-2015-0681 (The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, ...)
+CVE-2015-0681
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0680 (Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly ...)
+CVE-2015-0680
 	NOT-FOR-US: Cisco
-CVE-2015-0679 (The web-authentication functionality on Cisco Wireless LAN Controller ...)
+CVE-2015-0679
 	NOT-FOR-US: Cisco
-CVE-2015-0678 (The virtualization layer in Cisco ASA FirePOWER Software before ...)
+CVE-2015-0678
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0677 (The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 ...)
+CVE-2015-0677
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0676 (The DNS implementation in Cisco Adaptive Security Appliance (ASA) ...)
+CVE-2015-0676
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0675 (The failover ipsec implementation in Cisco Adaptive Security Appliance ...)
+CVE-2015-0675
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0674 (Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco ...)
+CVE-2015-0674
 	NOT-FOR-US: Cisco
-CVE-2015-0673 (Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote ...)
+CVE-2015-0673
 	NOT-FOR-US: Cisco
-CVE-2015-0672 (The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows ...)
+CVE-2015-0672
 	NOT-FOR-US: Cisco
-CVE-2015-0671 (The DNS implementation in Cisco Videoscape Distribution Suite for ...)
+CVE-2015-0671
 	NOT-FOR-US: Cisco
-CVE-2015-0670 (The default configuration of Cisco Small Business IP phones SPA 300 ...)
+CVE-2015-0670
 	NOT-FOR-US: Cisco
-CVE-2015-0669 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
+CVE-2015-0669
 	NOT-FOR-US: Cisco
-CVE-2015-0668 (Cross-site scripting (XSS) vulnerability in the administration portal ...)
+CVE-2015-0668
 	NOT-FOR-US: Cisco
-CVE-2015-0667 (The Management Interface on Cisco Content Services Switch (CSS) 11500 ...)
+CVE-2015-0667
 	NOT-FOR-US: Cisco
-CVE-2015-0666 (Directory traversal vulnerability in the fmserver servlet in Cisco ...)
+CVE-2015-0666
 	NOT-FOR-US: Cisco
-CVE-2015-0665 (The Hostscan module in Cisco AnyConnect Secure Mobility Client ...)
+CVE-2015-0665
 	NOT-FOR-US: Cisco
-CVE-2015-0664 (The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) ...)
+CVE-2015-0664
 	NOT-FOR-US: Cisco
-CVE-2015-0663 (Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does ...)
+CVE-2015-0663
 	NOT-FOR-US: Cisco
-CVE-2015-0662 (Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows ...)
+CVE-2015-0662
 	NOT-FOR-US: Cisco
-CVE-2015-0661 (The SNMPv2 implementation in Cisco IOS XR allows remote authenticated ...)
+CVE-2015-0661
 	NOT-FOR-US: Cisco
-CVE-2015-0660 (Cisco Virtual TelePresence Server Software does not properly restrict ...)
+CVE-2015-0660
 	NOT-FOR-US: Cisco
-CVE-2015-0659 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
+CVE-2015-0659
 	NOT-FOR-US: Cisco
-CVE-2015-0658 (The DHCP implementation in the PowerOn Auto Provisioning (POAP) ...)
+CVE-2015-0658
 	NOT-FOR-US: Cisco
-CVE-2015-0657 (Cisco IOS XR allows remote attackers to cause a denial of service ...)
+CVE-2015-0657
 	NOT-FOR-US: Cisco
-CVE-2015-0656 (Cross-site scripting (XSS) vulnerability in the login page in Cisco ...)
+CVE-2015-0656
 	NOT-FOR-US: Cisco NAM
-CVE-2015-0655 (Cross-site scripting (XSS) vulnerability in Unified Web Interaction ...)
+CVE-2015-0655
 	NOT-FOR-US: Cisco Unified Web
-CVE-2015-0654 (Race condition in the TLS implementation in MainApp in the management ...)
+CVE-2015-0654
 	NOT-FOR-US: Cisco
-CVE-2015-0653 (The management interface in Cisco TelePresence Video Communication ...)
+CVE-2015-0653
 	NOT-FOR-US: Cisco
-CVE-2015-0652 (The Session Description Protocol (SDP) implementation in Cisco ...)
+CVE-2015-0652
 	NOT-FOR-US: Cisco
-CVE-2015-0651 (Cross-site request forgery (CSRF) vulnerability in the web GUI in ...)
+CVE-2015-0651
 	NOT-FOR-US: Cisco
-CVE-2015-0650 (The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, ...)
+CVE-2015-0650
 	NOT-FOR-US: Cisco
-CVE-2015-0649 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to ...)
+CVE-2015-0649
 	NOT-FOR-US: Cisco
-CVE-2015-0648 (Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows ...)
+CVE-2015-0648
 	NOT-FOR-US: Cisco
-CVE-2015-0647 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to ...)
+CVE-2015-0647
 	NOT-FOR-US: Cisco
-CVE-2015-0646 (Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, ...)
+CVE-2015-0646
 	NOT-FOR-US: Cisco
-CVE-2015-0645 (The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before ...)
+CVE-2015-0645
 	NOT-FOR-US: Cisco
-CVE-2015-0644 (AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before ...)
+CVE-2015-0644
 	NOT-FOR-US: Cisco
-CVE-2015-0643 (Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE ...)
+CVE-2015-0643
 	NOT-FOR-US: Cisco
-CVE-2015-0642 (Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE ...)
+CVE-2015-0642
 	NOT-FOR-US: Cisco
-CVE-2015-0641 (Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 ...)
+CVE-2015-0641
 	NOT-FOR-US: Cisco
-CVE-2015-0640 (The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x ...)
+CVE-2015-0640
 	NOT-FOR-US: Cisco
-CVE-2015-0639 (The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before ...)
+CVE-2015-0639
 	NOT-FOR-US: Cisco
-CVE-2015-0638 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is ...)
+CVE-2015-0638
 	NOT-FOR-US: Cisco
-CVE-2015-0637 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
+CVE-2015-0637
 	NOT-FOR-US: Cisco
-CVE-2015-0636 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
+CVE-2015-0636
 	NOT-FOR-US: Cisco
-CVE-2015-0635 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
+CVE-2015-0635
 	NOT-FOR-US: Cisco
-CVE-2015-0634 (Cross-site scripting (XSS) vulnerability in the administrative ...)
+CVE-2015-0634
 	NOT-FOR-US: Cisco
-CVE-2015-0633 (The Integrated Management Controller (IMC) in Cisco Unified Computing ...)
+CVE-2015-0633
 	NOT-FOR-US: Cisco
-CVE-2015-0632 (Race condition in the Neighbor Discovery (ND) protocol implementation ...)
+CVE-2015-0632
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0631 (Race condition in the SSL implementation on Cisco Intrusion Prevention ...)
+CVE-2015-0631
 	NOT-FOR-US: Cisco IPS
 CVE-2015-0630
 	RESERVED
 CVE-2015-0629
 	RESERVED
-CVE-2015-0628 (The proxy engine on Cisco Web Security Appliance (WSA) devices allows ...)
+CVE-2015-0628
 	NOT-FOR-US: Cisco WSA
 CVE-2015-0627
 	RESERVED
-CVE-2015-0626 (The SOAP interface in Cisco Hosted Collaboration Solution (HCS) allows ...)
+CVE-2015-0626
 	NOT-FOR-US: Cisco HCS
 CVE-2015-0625
 	RESERVED
-CVE-2015-0624 (The web framework in Cisco AsyncOS on Email Security Appliance (ESA), ...)
+CVE-2015-0624
 	NOT-FOR-US: Cisco
-CVE-2015-0623 (Cross-site scripting (XSS) vulnerability in the Administrator report ...)
+CVE-2015-0623
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0622 (The Wireless Intrusion Detection (aka WIDS) functionality on Cisco ...)
+CVE-2015-0622
 	NOT-FOR-US: Cisco WLC
-CVE-2015-0621 (Cisco TelePresence MCU devices with software 4.5(1.45) allow remote ...)
+CVE-2015-0621
 	NOT-FOR-US: Cisco TelePresence
-CVE-2015-0620 (The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) ...)
+CVE-2015-0620
 	NOT-FOR-US: Cisco TelePresence
-CVE-2015-0619 (Memory leak in the embedded web server in the WebVPN subsystem in ...)
+CVE-2015-0619
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-0618 (Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 ...)
+CVE-2015-0618
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0617 (Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices ...)
+CVE-2015-0617
 	NOT-FOR-US: Cisco
-CVE-2015-0616 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco ...)
+CVE-2015-0616
 	NOT-FOR-US: Cisco
-CVE-2015-0615 (The call-handling implementation in Cisco Unity Connection 8.5 before ...)
+CVE-2015-0615
 	NOT-FOR-US: Cisco
-CVE-2015-0614 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco ...)
+CVE-2015-0614
 	NOT-FOR-US: Cisco
-CVE-2015-0613 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco ...)
+CVE-2015-0613
 	NOT-FOR-US: Cisco
-CVE-2015-0612 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco ...)
+CVE-2015-0612
 	NOT-FOR-US: Cisco
-CVE-2015-0611 (The administrative web-management portal in Cisco IX 8 (.0.1) and ...)
+CVE-2015-0611
 	NOT-FOR-US: Cisco TelePresence
-CVE-2015-0610 (Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T ...)
+CVE-2015-0610
 	NOT-FOR-US: Cisco
-CVE-2015-0609 (Race condition in the Common Classification Engine (CCE) in the ...)
+CVE-2015-0609
 	NOT-FOR-US: Cisco
-CVE-2015-0608 (Race condition in the Measurement, Aggregation, and Correlation Engine ...)
+CVE-2015-0608
 	NOT-FOR-US: Cisco
-CVE-2015-0607 (The Authentication Proxy feature in Cisco IOS does not properly handle ...)
+CVE-2015-0607
 	NOT-FOR-US: Cisco
-CVE-2015-0606 (The IOS Shell in Cisco IOS allows local users to cause a denial of ...)
+CVE-2015-0606
 	NOT-FOR-US: Cisco
-CVE-2015-0605 (The uuencode inspection engine in Cisco AsyncOS on Cisco Email ...)
+CVE-2015-0605
 	NOT-FOR-US: Cisco
-CVE-2015-0604 (The web framework on Cisco Unified IP 9900 phones with firmware ...)
+CVE-2015-0604
 	NOT-FOR-US: Cisco
-CVE-2015-0603 (Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use ...)
+CVE-2015-0603
 	NOT-FOR-US: Cisco
-CVE-2015-0602 (The mobility extension on Cisco Unified IP 9900 phones with firmware ...)
+CVE-2015-0602
 	NOT-FOR-US: Cisco
-CVE-2015-0601 (Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow ...)
+CVE-2015-0601
 	NOT-FOR-US: Cisco
-CVE-2015-0600 (The mobility extension on Cisco Unified IP 9900 phones with firmware ...)
+CVE-2015-0600
 	NOT-FOR-US: Cisco
-CVE-2015-0599 (The web interface in Cisco Integrated Management Controller in Cisco ...)
+CVE-2015-0599
 	NOT-FOR-US: Cisco
-CVE-2015-0598 (The RADIUS implementation in Cisco IOS and IOS XE allows remote ...)
+CVE-2015-0598
 	NOT-FOR-US: Cisco
-CVE-2015-0597 (The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) ...)
+CVE-2015-0597
 	NOT-FOR-US: Cisco
-CVE-2015-0596 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
+CVE-2015-0596
 	NOT-FOR-US: Cisco
-CVE-2015-0595 (The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier ...)
+CVE-2015-0595
 	NOT-FOR-US: Cisco
-CVE-2015-0594 (Multiple cross-site scripting (XSS) vulnerabilities in the help pages ...)
+CVE-2015-0594
 	NOT-FOR-US: Cisco
-CVE-2015-0593 (The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and ...)
+CVE-2015-0593
 	NOT-FOR-US: Cisco
-CVE-2015-0592 (The Zone-Based Firewall implementation in Cisco IOS 15.4(2)T3 and ...)
+CVE-2015-0592
 	NOT-FOR-US: Cisco
-CVE-2015-0591 (Cisco Unified Communications Domain Manager (UCDM) 10 allows remote ...)
+CVE-2015-0591
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2015-0590 (Cisco WebEx Meeting Center allows remote attackers to activate ...)
+CVE-2015-0590
 	NOT-FOR-US: Cisco WebEx
-CVE-2015-0589 (The administrative web interface in Cisco WebEx Meetings Server 1.0 ...)
+CVE-2015-0589
 	NOT-FOR-US: Cisco
-CVE-2015-0588 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
+CVE-2015-0588
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
 CVE-2015-0587
 	RESERVED
-CVE-2015-0586 (The Network-Based Application Recognition (NBAR) protocol ...)
+CVE-2015-0586
 	NOT-FOR-US: Cisco
 CVE-2015-0585
 	RESERVED
-CVE-2015-0584 (The image-upgrade implementation on Cisco Desktop Collaboration ...)
+CVE-2015-0584
 	NOT-FOR-US: Cisco
-CVE-2015-0583 (Cisco WebEx Meeting Center does not properly restrict the content of ...)
+CVE-2015-0583
 	NOT-FOR-US: Cisco WebEx Meeting Center
-CVE-2015-0582 (The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 ...)
+CVE-2015-0582
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-0581 (The XML parser in Cisco Prime Service Catalog before 10.1 allows ...)
+CVE-2015-0581
 	NOT-FOR-US: Cisco
-CVE-2015-0580 (Multiple SQL injection vulnerabilities in the ACS View reporting ...)
+CVE-2015-0580
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2015-0579 (Cisco TelePresence Video Communication Server (VCS) and Cisco ...)
+CVE-2015-0579
 	NOT-FOR-US: Cisco TelePrecence Video Communication Server
-CVE-2015-0578 (Cisco Adaptive Security Appliance (ASA) Software, when a DHCPv6 relay ...)
+CVE-2015-0578
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-0577 (Multiple cross-site scripting (XSS) vulnerabilities in the IronPort ...)
+CVE-2015-0577
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2015-0576 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-0576
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0575 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-0575
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0574 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2015-0574
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0573 (drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the ...)
+CVE-2015-0573
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0572 (Multiple race conditions in drivers/char/adsprpc.c and ...)
+CVE-2015-0572
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0571 (The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used ...)
+CVE-2015-0571
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0570 (Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in ...)
+CVE-2015-0570
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0569 (Heap-based buffer overflow in the private wireless extensions IOCTL ...)
+CVE-2015-0569
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0568 (Use-after-free vulnerability in the msm_set_crop function in ...)
+CVE-2015-0568
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2015-0567
 	RESERVED
@@ -25174,17 +25174,17 @@ CVE-2015-0566
 	RESERVED
 CVE-2015-0565
 	RESERVED
-CVE-2015-1198 (Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5. ...)
+CVE-2015-1198
 	- ha <removed> (low; bug #774954)
 	[squeeze] - ha <no-dsa> (Minor issue)
 	[wheezy] - ha <no-dsa> (Minor issue)
-CVE-2015-1352 (The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) ...)
+CVE-2015-1352
 	{DSA-3195-1}
 	- php5 5.6.6+dfsg-2 (bug #777036)
 	[squeeze] - php5 <not-affected> (vulnerable code (build_tablename()) introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=68741
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e
-CVE-2015-1351 (Use-after-free vulnerability in the _zend_shared_memdup function in ...)
+CVE-2015-1351
 	- php5 5.6.6+dfsg-2 (bug #777033)
 	[squeeze] - php5 <not-affected> (opcache introduced in 5.5)
 	[wheezy] - php5 <not-affected> (opcache introduced in 5.5)
@@ -25193,38 +25193,38 @@ CVE-2015-1351 (Use-after-free vulnerability in the _zend_shared_memdup function
 CVE-2015-XXXX [insecure keyring handling]
 	- weboob 1.0-3 (low; bug #774838)
 	[wheezy] - weboob <no-dsa> (Minor issue)
-CVE-2015-1042 (The string_sanitize_url function in core/string_api.php in MantisBT ...)
+CVE-2015-1042
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <not-affected> (Incomplete fix not applied)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17997
 	NOTE: http://github.com/mantisbt/mantisbt/commit/d95f070d
-CVE-2015-1031 (Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow ...)
+CVE-2015-1031
 	{DSA-3133-1 DLA-142-1}
 	- privoxy 3.0.21-5 (bug #775167)
 	NOTE: http://www.privoxy.org/announce.txt
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/list.c?view=patch&r1=1.31&r2=1.32&pathrev=v_3_0_22
-CVE-2015-1030 (Memory leak in the rfc2553_connect_to function in jbsocket.c in ...)
+CVE-2015-1030
 	- privoxy 3.0.21-5 (bug #775167)
 	[squeeze] - privoxy <not-affected> (Introduced in 3.0.21)
 	[wheezy] - privoxy <not-affected> (Introduced in 3.0.21)
 	NOTE: http://www.privoxy.org/announce.txt
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/cgisimple.c?view=patch&r1=1.130&r2=1.131&pathrev=v_3_0_22
-CVE-2015-1197 (cpio 2.11, when using the --no-absolute-filenames option, allows local ...)
+CVE-2015-1197
 	- cpio 2.11+dfsg-4.1 (low; bug #774669)
 	[wheezy] - cpio <no-dsa> (Minor issue)
 	[squeeze] - cpio <no-dsa> (Minor issue)
 	NOTE: Patch used in SUSE: https://bugzilla.suse.com/attachment.cgi?id=599460&action=diff
-CVE-2015-4469 (The chmd_read_headers function in chmd.c in libmspack before 0.5 does ...)
+CVE-2015-4469
 	- libmspack 0.4-3 (bug #774726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4468 (Multiple integer overflows in the search_chunk function in chmd.c in ...)
+CVE-2015-4468
 	- libmspack 0.4-3 (bug #774726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4467 (The chmd_init_decomp function in chmd.c in libmspack before 0.5 does ...)
+CVE-2015-4467
 	- libmspack 0.4-3 (bug #774725)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-9275 (ARC 5.21q allows directory traversal via a full pathname in an archive ...)
+CVE-2015-9275
 	- arc 5.21q-6 (low; bug #774527)
 	[stretch] - arc 5.21q-4+deb9u1
 	[jessie] - arc <ignored> (Minor issue)
@@ -25236,48 +25236,48 @@ CVE-2015-XXXX [saves unknown host's fingerprint in known_hosts without any promp
 	[squeeze] - lftp <no-dsa> (Minor issue)
 	[wheezy] - lftp <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/12/10
-CVE-2015-0564 (Buffer underflow in the ssl_decrypt_record function in ...)
+CVE-2015-0564
 	{DSA-3141-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-05.html
-CVE-2015-0563 (epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark ...)
+CVE-2015-0563
 	{DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-04.html
-CVE-2015-0562 (Multiple use-after-free vulnerabilities in ...)
+CVE-2015-0562
 	{DSA-3141-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-03.html
-CVE-2015-0561 (asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before ...)
+CVE-2015-0561
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.8.9)
 	[wheezy] - wireshark <not-affected> (Only affected 1.8.9)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-02.html
-CVE-2015-0560 (The dissect_wccp2r1_address_table_info function in ...)
+CVE-2015-0560
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-01.html
-CVE-2015-0559 (Multiple use-after-free vulnerabilities in ...)
+CVE-2015-0559
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-01.html
 CVE-2015-0558
 	RESERVED
-CVE-2015-0555 (Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in ...)
+CVE-2015-0555
 	NOT-FOR-US: Samsung
-CVE-2015-0554 (The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with ...)
+CVE-2015-0554
 	NOT-FOR-US: ADB router
-CVE-2015-0553 (Cross-site scripting (XSS) vulnerability in admin/pages/modify.php in ...)
+CVE-2015-0553
 	NOT-FOR-US: WebsiteBaker
-CVE-2015-1038 (p7zip 9.20.1 allows remote attackers to write to arbitrary files via a ...)
+CVE-2015-1038
 	{DSA-3289-1 DLA-245-1}
 	- p7zip 9.20.1~dfsg.1-4.2 (bug #774660)
 	NOTE: Upstream bug: http://sourceforge.net/p/p7zip/bugs/147/
-CVE-2015-0552 (Directory traversal vulnerability in the gcab_folder_extract function ...)
+CVE-2015-0552
 	- gcab 0.4-2 (bug #774580)
 CVE-2015-XXXX [Zoo directory traversal]
 	- zoo <removed> (low; bug #774453)
@@ -25293,674 +25293,674 @@ CVE-2015-XXXX [buffer over-read]
 	[jessie] - arc <ignored> (Minor issue)
 	[wheezy] - arc <no-dsa> (Minor issue)
 	[squeeze] - arc <no-dsa> (Minor issue)
-CVE-2015-0557 (Open-source ARJ archiver 3.10.22 does not properly remove leading ...)
+CVE-2015-0557
 	{DSA-3213-1 DLA-188-1}
 	- arj 3.10.22-13 (low; bug #774435)
-CVE-2015-0556 (Open-source ARJ archiver 3.10.22 allows remote attackers to conduct ...)
+CVE-2015-0556
 	{DSA-3213-1 DLA-188-1}
 	- arj 3.10.22-13 (low; bug #774434)
-CVE-2015-0551 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum ...)
+CVE-2015-0551
 	NOT-FOR-US: EMC Documentum WebTop Client
-CVE-2015-0550 (Directory traversal vulnerability in EMC Documentum Thumbnail Server ...)
+CVE-2015-0550
 	NOT-FOR-US: EMC Documentum Thumbnail Server
-CVE-2015-0549 (Cross-site scripting (XSS) vulnerability in EMC Documentum D2 before ...)
+CVE-2015-0549
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0548 (The D2DownloadService.getDownloadUrls service method in EMC Documentum ...)
+CVE-2015-0548
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0547 (The D2CenterstageService.getComments service method in EMC Documentum ...)
+CVE-2015-0547
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0546 (EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows ...)
+CVE-2015-0546
 	NOT-FOR-US: EMC Unified Infrastructure Manager/Provisioning
-CVE-2015-0545 (EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging ...)
+CVE-2015-0545
 	NOT-FOR-US: EMC Unisphere
-CVE-2015-0544 (EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 ...)
+CVE-2015-0544
 	NOT-FOR-US: EMC Secure Remote Services Virtual Edition
-CVE-2015-0543 (EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 ...)
+CVE-2015-0543
 	NOT-FOR-US: EMC Secure Remote Services Virtual Edition
-CVE-2015-0542 (Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA ...)
+CVE-2015-0542
 	NOT-FOR-US: EMC RSA
-CVE-2015-0541 (Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat ...)
+CVE-2015-0541
 	NOT-FOR-US: RSA Web Threat Detection
-CVE-2015-0540 (SQL injection vulnerability in the xAdmin interface in EMC Document ...)
+CVE-2015-0540
 	NOT-FOR-US: EMC Document Sciences xPression
 CVE-2015-0539
 	REJECTED
-CVE-2015-0538 (ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 ...)
+CVE-2015-0538
 	NOT-FOR-US: EMC AutoStart
-CVE-2015-0537 (Integer underflow in the base64-decoding implementation in EMC RSA ...)
+CVE-2015-0537
 	NOT-FOR-US: EMC RSA
-CVE-2015-0536 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x ...)
+CVE-2015-0536
 	NOT-FOR-US: EMC RSA
-CVE-2015-0535 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x ...)
+CVE-2015-0535
 	NOT-FOR-US: EMC RSA
-CVE-2015-0534 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x ...)
+CVE-2015-0534
 	NOT-FOR-US: EMC RSA
-CVE-2015-0533 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x ...)
+CVE-2015-0533
 	NOT-FOR-US: EMC RSA
-CVE-2015-0532 (EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and ...)
+CVE-2015-0532
 	NOT-FOR-US: EMC RSA Identity Management and Governance
-CVE-2015-0531 (EMC SourceOne Email Management before 7.2 does not have a lockout ...)
+CVE-2015-0531
 	NOT-FOR-US: EMC SourceOne Email Management
-CVE-2015-0530 (Buffer overflow in an unspecified function in nsr_render_log in EMC ...)
+CVE-2015-0530
 	NOT-FOR-US: EMC NetWorker
-CVE-2015-0529 (EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default ...)
+CVE-2015-0529
 	NOT-FOR-US: EMC PowerPath Virtual Appliance
-CVE-2015-0528 (The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, ...)
+CVE-2015-0528
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2015-0527 (EMC Documentum xCelerated Management System (xMS) 1.1 before P14 ...)
+CVE-2015-0527
 	NOT-FOR-US: EMC
-CVE-2015-0526 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA ...)
+CVE-2015-0526
 	NOT-FOR-US: EMC RSA Validation Manager
-CVE-2015-0525 (The Gateway Provisioning service in EMC Secure Remote Services Virtual ...)
+CVE-2015-0525
 	NOT-FOR-US: EMC
-CVE-2015-0524 (SQL injection vulnerability in the Gateway Provisioning service in EMC ...)
+CVE-2015-0524
 	NOT-FOR-US: EMC
-CVE-2015-0523 (EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA ...)
+CVE-2015-0523
 	NOT-FOR-US: RSA
-CVE-2015-0522 (Cross-site scripting (XSS) vulnerability in EMC RSA Certificate ...)
+CVE-2015-0522
 	NOT-FOR-US: RSA
-CVE-2015-0521 (Cross-site scripting (XSS) vulnerability in EMC RSA Certificate ...)
+CVE-2015-0521
 	NOT-FOR-US: RSA
 CVE-2015-0520
 	REJECTED
-CVE-2015-0519 (The InputAccel Database (IADB) installation process in EMC Captiva ...)
+CVE-2015-0519
 	NOT-FOR-US: EMC Captiva Capture
-CVE-2015-0518 (The Properties service in the D2FS web-service component in EMC ...)
+CVE-2015-0518
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0517 (The D2-API component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 ...)
+CVE-2015-0517
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0516 (Directory traversal vulnerability in EMC M&amp;R (aka Watch4Net) before ...)
+CVE-2015-0516
 	NOT-FOR-US: EMC
-CVE-2015-0515 (Unrestricted file upload vulnerability in EMC M&amp;R (aka Watch4Net) ...)
+CVE-2015-0515
 	NOT-FOR-US: EMC
-CVE-2015-0514 (EMC M&amp;R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 might ...)
+CVE-2015-0514
 	NOT-FOR-US: EMC
-CVE-2015-0513 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2015-0513
 	NOT-FOR-US: EMC
-CVE-2015-0512 (Open redirect vulnerability in EMC Unisphere Central before 4.0 allows ...)
+CVE-2015-0512
 	NOT-FOR-US: EMC
-CVE-2015-0511 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-0511
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0510 (Unspecified vulnerability in the Oracle Commerce Platform component in ...)
+CVE-2015-0510
 	NOT-FOR-US: Oracle
-CVE-2015-0509 (Unspecified vulnerability in the Oracle Hyperion BI+ component in ...)
+CVE-2015-0509
 	NOT-FOR-US: Oracle
-CVE-2015-0508 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-0508
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0507 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-0507
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0506 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-0506
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0505 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, ...)
+CVE-2015-0505
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0504 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2015-0504
 	NOT-FOR-US: Oracle
-CVE-2015-0503 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-0503
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0502 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2015-0502
 	NOT-FOR-US: Oracle
-CVE-2015-0501 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, ...)
+CVE-2015-0501
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0500 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-0500
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0499 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, ...)
+CVE-2015-0499
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0498 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
+CVE-2015-0498
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0497 (Unspecified vulnerability in the PeopleSoft Enterprise Portal ...)
+CVE-2015-0497
 	NOT-FOR-US: Oracle
-CVE-2015-0496 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-0496
 	NOT-FOR-US: Oracle
-CVE-2015-0495 (Unspecified vulnerability in the Oracle Commerce Guided Search / ...)
+CVE-2015-0495
 	NOT-FOR-US: Oracle
-CVE-2015-0494 (Unspecified vulnerability in the Oracle Retail Central Office ...)
+CVE-2015-0494
 	NOT-FOR-US: Oracle
-CVE-2015-0493 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-0493
 	NOT-FOR-US: Oracle
-CVE-2015-0492 (Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX ...)
+CVE-2015-0492
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-8 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2015-0491 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0491
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
-CVE-2015-0490 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+CVE-2015-0490
 	NOT-FOR-US: Oracle
-CVE-2015-0489 (Unspecified vulnerability in the Application Management Pack for ...)
+CVE-2015-0489
 	NOT-FOR-US: Oracle
-CVE-2015-0488 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0488
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/04cda5b7a3c1
-CVE-2015-0487 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-0487
 	NOT-FOR-US: Oracle
-CVE-2015-0486 (Unspecified vulnerability in Oracle Java SE 8u40 allows remote ...)
+CVE-2015-0486
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0485 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Strategic ...)
+CVE-2015-0485
 	NOT-FOR-US: Oracle
-CVE-2015-0484 (Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX ...)
+CVE-2015-0484
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-8 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2015-0483 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2015-0483
 	NOT-FOR-US: Oracle
-CVE-2015-0482 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2015-0482
 	NOT-FOR-US: Oracle
 CVE-2015-0481
 	REJECTED
-CVE-2015-0480 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0480
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-8 8u45-b14-1
 	- openjdk-7 7u79-2.5.5-1 (bug #774953)
 	- openjdk-6 6b35-1.13.7-1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/16/2
-CVE-2015-0479 (Unspecified vulnerability in the XDK and XDB - XML Database component ...)
+CVE-2015-0479
 	NOT-FOR-US: Oracle
-CVE-2015-0478 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0478
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0477 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0477
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0476 (Unspecified vulnerability in the SQL Trace Analyzer component in ...)
+CVE-2015-0476
 	NOT-FOR-US: Oracle
-CVE-2015-0475 (Unspecified vulnerability in the JD Edwards EnterpriseOne Technology ...)
+CVE-2015-0475
 	NOT-FOR-US: Oracle
-CVE-2015-0474 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2015-0474
 	NOT-FOR-US: Oracle
-CVE-2015-0473 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2015-0473
 	NOT-FOR-US: Oracle
-CVE-2015-0472 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-0472
 	NOT-FOR-US: Oracle
-CVE-2015-0471 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+CVE-2015-0471
 	NOT-FOR-US: Oracle
-CVE-2015-0470 (Unspecified vulnerability in Oracle Java SE 8u40 allows remote ...)
+CVE-2015-0470
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0469 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0469
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0468 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2015-0468
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-0467 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent ...)
+CVE-2015-0467
 	NOT-FOR-US: PeopleSoft
-CVE-2015-0466 (Unspecified vulnerability in the Oracle Retail Back Office component ...)
+CVE-2015-0466
 	NOT-FOR-US: Oracle
-CVE-2015-0465 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0465
 	NOT-FOR-US: Oracle
-CVE-2015-0464 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0464
 	NOT-FOR-US: Oracle
-CVE-2015-0463 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0463
 	NOT-FOR-US: Oracle
-CVE-2015-0462 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0462
 	NOT-FOR-US: Oracle
-CVE-2015-0461 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2015-0461
 	NOT-FOR-US: Oracle
-CVE-2015-0460 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0460
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0459 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
+CVE-2015-0459
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
-CVE-2015-0458 (Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 ...)
+CVE-2015-0458
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0457 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2015-0457
 	NOT-FOR-US: Oracle
-CVE-2015-0456 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+CVE-2015-0456
 	NOT-FOR-US: Oracle
-CVE-2015-0455 (Unspecified vulnerability in the XDB - XML Database component in ...)
+CVE-2015-0455
 	NOT-FOR-US: Oracle
 CVE-2015-0454
 	REJECTED
-CVE-2015-0453 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-0453
 	NOT-FOR-US: Oracle
-CVE-2015-0452 (Unspecified vulnerability in the Oracle VM Server for SPARC component ...)
+CVE-2015-0452
 	NOT-FOR-US: Oracle
-CVE-2015-0451 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2015-0451
 	NOT-FOR-US: Oracle
-CVE-2015-0450 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
+CVE-2015-0450
 	NOT-FOR-US: Oracle
-CVE-2015-0449 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2015-0449
 	NOT-FOR-US: Oracle
-CVE-2015-0448 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+CVE-2015-0448
 	NOT-FOR-US: Oracle
-CVE-2015-0447 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2015-0447
 	NOT-FOR-US: Oracle
-CVE-2015-0446 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-0446
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-0445 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-0445
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-0444 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-0444
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-0443 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2015-0443
 	NOT-FOR-US: Oracle Fusion
 CVE-2015-0442
 	REJECTED
-CVE-2015-0441 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, ...)
+CVE-2015-0441
 	{DSA-3311-1 DSA-3229-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0440 (Unspecified vulnerability in the Oracle Knowledge component in Oracle ...)
+CVE-2015-0440
 	NOT-FOR-US: Oracle
-CVE-2015-0439 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier ...)
+CVE-2015-0439
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0438 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier ...)
+CVE-2015-0438
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0437 (Unspecified vulnerability in Oracle Java SE 8u25 allows remote ...)
+CVE-2015-0437
 	- openjdk-8 8u40~b22-1
-CVE-2015-0436 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
+CVE-2015-0436
 	NOT-FOR-US: Oracle iLearning
-CVE-2015-0435 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0435
 	NOT-FOR-US: Oracle
-CVE-2015-0434 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2015-0434
 	NOT-FOR-US: Oracle
-CVE-2015-0433 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, ...)
+CVE-2015-0433
 	{DSA-3311-1 DSA-3229-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0432 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ...)
+CVE-2015-0432
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0431 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0431
 	NOT-FOR-US: Oracle
-CVE-2015-0430 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2015-0430
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0429 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2015-0429
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0428 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+CVE-2015-0428
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0427 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2015-0427
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2015-0426 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2015-0426
 	NOT-FOR-US: Oracle
-CVE-2015-0425 (Unspecified vulnerability in the Oracle Enterprise Asset Management ...)
+CVE-2015-0425
 	NOT-FOR-US: Oracle
-CVE-2015-0424 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
+CVE-2015-0424
 	NOT-FOR-US: Oracle Sun Systems Products Suite ILOM
-CVE-2015-0423 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier ...)
+CVE-2015-0423
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0422 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0422
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2015-0421 (Unspecified vulnerability in Oracle Java SE 8u25 allows local users to ...)
+CVE-2015-0421
 	- openjdk-8 8u40~b22-1
-CVE-2015-0420 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
+CVE-2015-0420
 	NOT-FOR-US: Oracle
-CVE-2015-0419 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2015-0419
 	NOT-FOR-US: Oracle
-CVE-2015-0418 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2015-0418
 	{DSA-3143-1 DLA-268-1}
 	- virtualbox 4.3.2-dfsg-1 (low; bug #775888)
 	- virtualbox-ose <removed> (low)
 	NOTE: This only affects releases < 4.3, so marking the first 4.3 upload as the fixed version
 	NOTE: Upstream patches in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775888#30
-CVE-2015-0417 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2015-0417
 	NOT-FOR-US: Oracle
-CVE-2015-0416 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2015-0416
 	NOT-FOR-US: Oracle
-CVE-2015-0415 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2015-0415
 	NOT-FOR-US: Oracle
-CVE-2015-0414 (Unspecified vulnerability in the Oracle SOA Suite component in Oracle ...)
+CVE-2015-0414
 	NOT-FOR-US: Oracle
-CVE-2015-0413 (Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local ...)
+CVE-2015-0413
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
-CVE-2015-0412 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+CVE-2015-0412
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0411 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, ...)
+CVE-2015-0411
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0410 (Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit ...)
+CVE-2015-0410
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0409 (Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier ...)
+CVE-2015-0409
 	- mysql-5.5 <not-affected> (Only MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Vulnerable code not present, see https://bugs.debian.org/775882#39)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 	NOTE: For mariadb-10.0 not clear if affected
-CVE-2015-0408 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+CVE-2015-0408
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0407 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+CVE-2015-0407
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0406 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+CVE-2015-0406
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0405 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier ...)
+CVE-2015-0405
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0404 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2015-0404
 	NOT-FOR-US: Oracle
-CVE-2015-0403 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+CVE-2015-0403
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0402 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script ...)
+CVE-2015-0402
 	NOT-FOR-US: Oracle
-CVE-2015-0401 (Unspecified vulnerability in the Oracle Directory Server Enterprise ...)
+CVE-2015-0401
 	NOT-FOR-US: Oracle
-CVE-2015-0400 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+CVE-2015-0400
 	- openjdk-6 <not-affected> (This only affects Java on Windows)
 	- openjdk-7 <not-affected> (This only affects Java on Windows)
 	- openjdk-8 <not-affected> (This only affects Java on Windows)
-CVE-2015-0399 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2015-0399
 	NOT-FOR-US: Oracle
-CVE-2015-0398 (Unspecified vulnerability in the Siebel Life Sciences component in ...)
+CVE-2015-0398
 	NOT-FOR-US: Oracle
-CVE-2015-0397 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2015-0397
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0396 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2015-0396
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-0395 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+CVE-2015-0395
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0394 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-0394
 	NOT-FOR-US: Oracle
-CVE-2015-0393 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2015-0393
 	NOT-FOR-US: Oracle
-CVE-2015-0392 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script ...)
+CVE-2015-0392
 	NOT-FOR-US: Oracle
-CVE-2015-0391 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
+CVE-2015-0391
 	- mysql-5.5 5.5.39-1
 	[wheezy] - mysql-5.5 5.5.40-0+wheezy1
 	- mariadb-10.0 10.0.14-2
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0390 (Unspecified vulnerability in the MICROS Retail component in Oracle ...)
+CVE-2015-0390
 	NOT-FOR-US: Oracle
-CVE-2015-0389 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
+CVE-2015-0389
 	NOT-FOR-US: Oracle
-CVE-2015-0388 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2015-0388
 	NOT-FOR-US: Oracle
-CVE-2015-0387 (Unspecified vulnerability in the Siebel Core - Server OM Services ...)
+CVE-2015-0387
 	NOT-FOR-US: Oracle
-CVE-2015-0386 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2015-0386
 	NOT-FOR-US: Oracle
-CVE-2015-0385 (Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier ...)
+CVE-2015-0385
 	- mysql-5.5 <not-affected> (Only MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Vulnerable code not present, see https://bugs.debian.org/775882#39)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 	NOTE: For mariadb-10.0 not clear if affected
-CVE-2015-0384 (Unspecified vulnerability in the Siebel Public Sector component in ...)
+CVE-2015-0384
 	NOT-FOR-US: Oracle
-CVE-2015-0383 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+CVE-2015-0383
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1 (bug #761683)
 	- openjdk-8 8u40~b22-1
-CVE-2015-0382 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ...)
+CVE-2015-0382
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0381 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ...)
+CVE-2015-0381
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0380 (Unspecified vulnerability in the Oracle Telecommunications Billing ...)
+CVE-2015-0380
 	NOT-FOR-US: Oracle
-CVE-2015-0379 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2015-0379
 	NOT-FOR-US: Oracle
-CVE-2015-0378 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2015-0378
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0377 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2015-0377
 	{DSA-3143-1 DLA-268-1}
 	- virtualbox 4.3.2-dfsg-1 (bug #775888)
 	- virtualbox-ose <removed>
 	NOTE: According to http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html the 4.3
 	NOTE: series is not affected, so marking the first 4.3 upload as fixed
 	NOTE: Upstream patches in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775888#30
-CVE-2015-0376 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+CVE-2015-0376
 	NOT-FOR-US: Oracle
-CVE-2015-0375 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows ...)
+CVE-2015-0375
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0374 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ...)
+CVE-2015-0374
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0373 (Unspecified vulnerability in the OJVM component in Oracle Database ...)
+CVE-2015-0373
 	NOT-FOR-US: Oracle
-CVE-2015-0372 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
+CVE-2015-0372
 	NOT-FOR-US: Oracle
-CVE-2015-0371 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2015-0371
 	NOT-FOR-US: Oracle
-CVE-2015-0370 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+CVE-2015-0370
 	NOT-FOR-US: Oracle
-CVE-2015-0369 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2015-0369
 	NOT-FOR-US: Oracle
-CVE-2015-0368 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2015-0368
 	NOT-FOR-US: Oracle
-CVE-2015-0367 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+CVE-2015-0367
 	NOT-FOR-US: Oracle
-CVE-2015-0366 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2015-0366
 	NOT-FOR-US: Oracle
-CVE-2015-0365 (Unspecified vulnerability in the Siebel Core - Server Infrastructure ...)
+CVE-2015-0365
 	NOT-FOR-US: Oracle
-CVE-2015-0364 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
+CVE-2015-0364
 	NOT-FOR-US: Oracle
-CVE-2015-0363 (Unspecified vulnerability in the Siebel Core EAI component in Oracle ...)
+CVE-2015-0363
 	NOT-FOR-US: Oracle
-CVE-2015-0362 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
+CVE-2015-0362
 	NOT-FOR-US: Oracle
-CVE-2015-0361 (Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows ...)
+CVE-2015-0361
 	- xen 4.4.1-7 (bug #776319)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
-CVE-2015-0360 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0360
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0359 (Double free vulnerability in Adobe Flash Player before 13.0.0.281 and ...)
+CVE-2015-0359
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0358 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 ...)
+CVE-2015-0358
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0357 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0357
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0356 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0356
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0355 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0355
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0354 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0354
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0353 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0353
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0352 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0352
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0351 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 ...)
+CVE-2015-0351
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0350 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0350
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0349 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 ...)
+CVE-2015-0349
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0348 (Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x ...)
+CVE-2015-0348
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0347 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before ...)
+CVE-2015-0347
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0346 (Double free vulnerability in Adobe Flash Player before 13.0.0.281 and ...)
+CVE-2015-0346
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0345 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
+CVE-2015-0345
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2015-0344 (Cross-site scripting (XSS) vulnerability in the web app in Adobe ...)
+CVE-2015-0344
 	NOT-FOR-US: Adobe
-CVE-2015-0343 (Cross-site scripting (XSS) vulnerability in admin/home/homepage/search ...)
+CVE-2015-0343
 	NOT-FOR-US: Adobe
-CVE-2015-0342 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 ...)
+CVE-2015-0342
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0341 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 ...)
+CVE-2015-0341
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0340 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0340
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0339 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0339
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0338 (Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x ...)
+CVE-2015-0338
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0337 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0337
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0336 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0336
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0335 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0335
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0334 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0334
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0333 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0333
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0332 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before ...)
+CVE-2015-0332
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0331 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 ...)
+CVE-2015-0331
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0330 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0330
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0329 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0329
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0328 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0328
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0327 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and ...)
+CVE-2015-0327
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0326 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0326
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0325 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0325
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0324 (Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x ...)
+CVE-2015-0324
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0323 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and ...)
+CVE-2015-0323
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0322 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 ...)
+CVE-2015-0322
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0321 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0321
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0320 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 ...)
+CVE-2015-0320
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0319 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0319
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0318 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0318
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0317 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0317
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0316 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0316
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0315 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 ...)
+CVE-2015-0315
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0314 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before ...)
+CVE-2015-0314
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0313 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 ...)
+CVE-2015-0313
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0312 (Double free vulnerability in Adobe Flash Player before 13.0.0.264 and ...)
+CVE-2015-0312
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0311 (Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and ...)
+CVE-2015-0311
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0310 (Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before ...)
+CVE-2015-0310
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0309 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and ...)
+CVE-2015-0309
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0308 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 ...)
+CVE-2015-0308
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0307 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before ...)
+CVE-2015-0307
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0306 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before ...)
+CVE-2015-0306
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0305 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before ...)
+CVE-2015-0305
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0304 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and ...)
+CVE-2015-0304
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0303 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before ...)
+CVE-2015-0303
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0302 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before ...)
+CVE-2015-0302
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0301 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before ...)
+CVE-2015-0301
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-0300
 	RESERVED
-CVE-2015-0299 (Multiple cross-site scripting (XSS) vulnerabilities in Open Source ...)
+CVE-2015-0299
 	NOT-FOR-US: Open Source Point of Sale
-CVE-2015-0298 (Cross-site scripting (XSS) vulnerability in the manager web interface ...)
+CVE-2015-0298
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2015-0297 (Red Hat JBoss Operations Network 3.3.1 does not properly restrict ...)
+CVE-2015-0297
 	NOT-FOR-US: RHQ
-CVE-2015-0296 (The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged ...)
+CVE-2015-0296
 	- texlive-base <not-affected> (Specific to Red Hat packaging/postinst)
-CVE-2015-0295 (The BMP decoder in QtGui in QT before 5.5 does not properly calculate ...)
+CVE-2015-0295
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3 (bug #779550)
 	[wheezy] - qt4-x11 <no-dsa> (Minor issue)
@@ -25975,38 +25975,38 @@ CVE-2015-0294 [certificate algorithm consistency checking issue]
 	[experimental] - gnutls28 3.3.13-1
 	- gnutls28 3.3.8-6 (bug #779428)
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff (gnutls_3_3_13)
-CVE-2015-0293 (The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before ...)
+CVE-2015-0293
 	{DLA-177-1}
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
-CVE-2015-0292 (Integer underflow in the EVP_DecodeUpdate function in ...)
+CVE-2015-0292
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1h-1
-CVE-2015-0291 (The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a ...)
+CVE-2015-0291
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0290 (The multi-block feature in the ssl3_write_bytes function in s3_pkt.c ...)
+CVE-2015-0290
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0289 (The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before ...)
+CVE-2015-0289
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
-CVE-2015-0288 (The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL ...)
+CVE-2015-0288
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9
-CVE-2015-0287 (The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL ...)
+CVE-2015-0287
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
-CVE-2015-0286 (The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before ...)
+CVE-2015-0286
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
-CVE-2015-0285 (The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before ...)
+CVE-2015-0285
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e1b568dd2462f7cacf98f3d117936c34e2849a6b
-CVE-2015-0284 (Cross-site scripting (XSS) vulnerability in spacewalk-java in ...)
+CVE-2015-0284
 	NOT-FOR-US: Red Hat Satellite
-CVE-2015-0283 (The slapi-nis plug-in before 0.54.2 does not properly reallocate ...)
+CVE-2015-0283
 	- slapi-nis 0.54.2-1 (bug #781346)
-CVE-2015-0282 (GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature ...)
+CVE-2015-0282
 	{DSA-3191-1 DLA-180-1}
 	- gnutls26 <removed>
 	- gnutls28 <not-affected> (Fixed in 3.1.0)
@@ -26015,116 +26015,116 @@ CVE-2015-0281
 	RESERVED
 CVE-2015-0280
 	RESERVED
-CVE-2015-0279 (JBoss RichFaces before 4.5.4 allows remote attackers to inject ...)
+CVE-2015-0279
 	NOT-FOR-US: RichFaces
-CVE-2015-0278 (libuv before 0.10.34 does not properly drop group privileges, which ...)
+CVE-2015-0278
 	- libuv 0.10.28-6 (bug #779173)
 	NOTE: https://github.com/libuv/libuv/commit/66ab38918c911bcff025562cf06237d7fedaba0c
 	NOTE: https://github.com/libuv/libuv/pull/215
-CVE-2015-0277 (The Service Provider (SP) in PicketLink before 2.7.0 does not ensure ...)
+CVE-2015-0277
 	NOT-FOR-US: PicketLink
-CVE-2015-0276 (Cross-site request forgery (CSRF) vulnerability in Kallithea before ...)
+CVE-2015-0276
 	- kallithea <itp> (bug #689573)
-CVE-2015-0275 (The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel ...)
+CVE-2015-0275
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <not-affected> (Introduced in v3.15)
 	- linux-2.6 <not-affected> (Introduced in v3.15)
 	NOTE: Proposed upstream patch: http://www.spinics.net/lists/linux-ext4/msg47193.html
-CVE-2015-0274 (The XFS implementation in the Linux kernel before 3.15 improperly uses ...)
+CVE-2015-0274
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Introduced in v3.11-rc1)
 	- linux-2.6 <not-affected> (Introduced in v3.11-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59 (v3.15-rc5)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e461fcb194172b3f709e0b478d2ac1bdac7ab9a3 (v3.11-rc1)
-CVE-2015-0273 (Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP ...)
+CVE-2015-0273
 	{DSA-3195-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68942
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c377f1a715476934133f3254d1e0d4bf3743e2d2
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=71335e6ebabc1b12c057d8017fd811892ecdfd24
-CVE-2015-0272 (GNOME NetworkManager allows remote attackers to cause a denial of ...)
+CVE-2015-0272
 	- network-manager 1.0.4-1
 	[jessie] - network-manager <no-dsa> (Will be fixed on the kernel side)
 	[wheezy] - network-manager <not-affected> (code introduced in 0.9.10)
 	[squeeze] - network-manager <not-affected> (code introduced in 0.9.10)
 	NOTE: Commit for NetworkManager: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9 (1.2-beta1)
 	NOTE: Issue introduced in 0.9.10 with http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=7d5779300450bc2602ba4f7f472ebfa58bea3571
-CVE-2015-0271 (The log-viewing function in the Red Hat redhat-access-plugin before ...)
+CVE-2015-0271
 	- horizon <not-affected> (RedHat-specific plugin)
 CVE-2015-0270 [Potential SQL injection in PostgreSQL Zend\Db adapter]
 	RESERVED
 	- zendframework <not-affected> (the vulnerability was introduced in the 2 series)
 	- php-zend-db <not-affected> (Fixed before initial upload to the archive)
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-02
-CVE-2015-0269 (Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x ...)
+CVE-2015-0269
 	NOT-FOR-US: Contao
-CVE-2015-0268 (The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when ...)
+CVE-2015-0268
 	- xen <not-affected> (Only affects 4.5)
 	NOTE: http://xenbits.xen.org/xsa/advisory-117.html
-CVE-2015-0267 (The Red Hat module-setup.sh script for kexec-tools, as distributed in ...)
+CVE-2015-0267
 	- kexec-tools <not-affected> (Vulnerable script not present in the Debian package)
-CVE-2015-0266 (The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote ...)
+CVE-2015-0266
 	NOT-FOR-US: Apache Ranger
-CVE-2015-0265 (Cross-site scripting (XSS) vulnerability in the Policy Admin Tool in ...)
+CVE-2015-0265
 	NOT-FOR-US: Apache Ranger
-CVE-2015-0264 (Multiple XML external entity (XXE) vulnerabilities in ...)
+CVE-2015-0264
 	NOT-FOR-US: Apache Camel
-CVE-2015-0263 (XML external entity (XXE) vulnerability in the XML converter setup in ...)
+CVE-2015-0263
 	NOT-FOR-US: Apache Camel
 CVE-2015-0262
 	REJECTED
-CVE-2015-0261 (Integer signedness error in the mobility_opt_print function in the ...)
+CVE-2015-0261
 	{DSA-3193-1 DLA-174-1}
 	- tcpdump 4.6.2-4
 	NOTE: http://www.ca.tcpdump.org/cve/0003-test-case-for-cve2015-0261-corrupted-IPv6-mobility-h.patch
-CVE-2015-0260 (RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated ...)
+CVE-2015-0260
 	- kallithea <itp> (bug #753975)
-CVE-2015-0259 (OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, ...)
+CVE-2015-0259
 	- nova 2014.1.3-11 (bug #780250)
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 CVE-2015-0258
 	RESERVED
-CVE-2015-0257 (Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses ...)
+CVE-2015-0257
 	NOT-FOR-US: ovirt / RHEV
 CVE-2015-0256
 	RESERVED
-CVE-2015-0255 (X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x ...)
+CVE-2015-0255
 	{DSA-3160-1 DLA-218-1}
 	- xorg-server 2:1.16.4-1
-CVE-2015-0254 (Apache Standard Taglibs before 1.2.3 allows remote attackers to ...)
+CVE-2015-0254
 	- jakarta-taglibs-standard 1.1.2-3 (bug #779621)
 	[wheezy] - jakarta-taglibs-standard <no-dsa> (Minor issue)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=57560
-CVE-2015-0253 (The read_request_line function in server/protocol.c in the Apache HTTP ...)
+CVE-2015-0253
 	- apache2 <not-affected> (Vulnerable version 2.4.11 never in Debian)
-CVE-2015-0252 (internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote ...)
+CVE-2015-0252
 	{DSA-3199-1 DLA-181-1}
 	- xerces-c 3.1.1-5.1 (bug #780827)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1667870
-CVE-2015-0251 (The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 ...)
+CVE-2015-0251
 	{DSA-3231-1 DLA-207-1}
 	- subversion 1.8.10-6
 	NOTE: https://subversion.apache.org/security/CVE-2015-0251-advisory.txt
-CVE-2015-0250 (XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) ...)
+CVE-2015-0250
 	{DSA-3205-1 DLA-182-1}
 	- batik 1.7+dfsg-5 (bug #780897)
 	NOTE: https://issues.apache.org/jira/browse/BATIK-1018
 	NOTE: https://issues.apache.org/jira/browse/BATIK-1113
 	NOTE: Commit disabling external xml entities: https://svn.apache.org/viewvc/xmlgraphics/batik/trunk/sources/org/apache/batik/dom/util/SAXDocumentFactory.java?r1=662304&r2=1664335&diff_format=h
 	NOTE: PoC: https://www.ernw.de/download/xxe_batik.tar.xz
-CVE-2015-0249 (The weblog page template in Apache Roller 5.1 through 5.1.1 allows ...)
+CVE-2015-0249
 	NOT-FOR-US: Apache Roller
-CVE-2015-0248 (The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 ...)
+CVE-2015-0248
 	{DSA-3231-1 DLA-207-1}
 	- subversion 1.8.10-6
 	NOTE: https://subversion.apache.org/security/CVE-2015-0248-advisory.txt
-CVE-2015-0247 (Heap-based buffer overflow in openfs.c in the libext2fs library in ...)
+CVE-2015-0247
 	{DSA-3166-1 DLA-153-1}
 	- e2fsprogs 1.42.12-1
 	NOTE: https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4
 CVE-2015-0246
 	REJECTED
-CVE-2015-0245 (D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and ...)
+CVE-2015-0245
 	{DSA-3161-1}
 	- dbus 1.8.16-1 (bug #777545)
 	[squeeze] - dbus <not-affected> (affects 1.4 and above)
@@ -26153,13 +26153,13 @@ CVE-2015-0241
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
-CVE-2015-0240 (The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x ...)
+CVE-2015-0240
 	{DSA-3171-1 DLA-156-1}
 	- samba 2:4.1.17+dfsg-1 (bug #779033)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: Server components removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2015-0240
-CVE-2015-0239 (The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel ...)
+CVE-2015-0239
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-2
 	- linux-2.6 <removed>
@@ -26167,11 +26167,11 @@ CVE-2015-0239 (The em_sysenter function in arch/x86/kvm/emulate.c in the Linux k
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c60435261deaefeb53ce3222d04d7d5bea81296
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3747379accba8e95d70cec0eae0582c8c182050
 	NOTE: http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
-CVE-2015-0238 (selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to ...)
+CVE-2015-0238
 	NOT-FOR-US: selinux-policy as shipped with Red Hat OpenShift 2
-CVE-2015-0237 (Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores ...)
+CVE-2015-0237
 	NOT-FOR-US: Red Hat vdms
-CVE-2015-0236 (libvirt before 1.2.12 allow remote authenticated users to obtain the ...)
+CVE-2015-0236
 	- libvirt 1.2.9-8 (bug #776065)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced in v1.1.0-rc1)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced in v1.1.0-rc1)
@@ -26179,23 +26179,23 @@ CVE-2015-0236 (libvirt before 1.2.12 allow remote authenticated users to obtain
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=b347c0c2a321ec5c20aae214927949832a288c5a
 	NOTE: Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=e341435e5090677c67a0d3d4ca0393102054841f (v1.1.0-rc1)
 	NOTE: http://security.libvirt.org/2015/0001.html
-CVE-2015-0235 (Heap-based buffer overflow in the __nss_hostname_digits_dots function ...)
+CVE-2015-0235
 	{DSA-3142-1 DLA-139-1}
 	- eglibc <removed> (high; bug #776391)
 	- glibc 2.18-1 (high)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=15014
-CVE-2015-0234 (Multiple temporary file creation vulnerabilities in pki-core 10.2.0. ...)
+CVE-2015-0234
 	- dogtag-pki <unfixed> (unimportant)
 	NOTE: Rendered unexploitable by /tmp hardening in Debian kernel
-CVE-2015-0233 (Multiple insecure Temporary File vulnerabilities in 389 Administration ...)
+CVE-2015-0233
 	- 389-admin 1.1.38-1 (unimportant)
 	NOTE: Rendered unexploitable by /tmp hardening in Debian kernel
-CVE-2015-0232 (The exif_process_unicode function in ext/exif/exif.c in PHP before ...)
+CVE-2015-0232
 	{DSA-3195-1 DLA-212-1}
 	- php5 5.6.5+dfsg-1
 	NOTE: https://bugs.php.net/patch-display.php?bug=68799&patch=bug68799fix&revision=1420966468
 	NOTE: https://bugs.php.net/bug.php?id=68799
-CVE-2015-0231 (Use-after-free vulnerability in the process_nested_data function in ...)
+CVE-2015-0231
 	{DSA-3195-1}
 	- php5 5.6.5+dfsg-1
 	[squeeze] - php5 <not-affected> (Broken patch for CVE-2014-8142 never applied)
@@ -26206,135 +26206,135 @@ CVE-2015-0230
 	REJECTED
 CVE-2015-0229
 	REJECTED
-CVE-2015-0228 (The lua_websocket_read function in lua_request.c in the mod_lua module ...)
+CVE-2015-0228
 	- apache2 2.4.10-10 (low)
 	[wheezy] - apache2 <not-affected> (no mod_lua in 2.2)
 	[squeeze] - apache2 <not-affected> (no mod_lua in 2.2)
 	NOTE: https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef
-CVE-2015-0227 (Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote ...)
+CVE-2015-0227
 	- wss4j 1.6.15-2 (bug #777741)
 	[wheezy] - wss4j <not-affected> (Vulnerable code not present)
 	[squeeze] - wss4j <not-affected> (Vulnerable code not present)
-CVE-2015-0226 (Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks ...)
+CVE-2015-0226
 	- wss4j 1.6.15-2 (bug #777741)
 	[wheezy] - wss4j <not-affected> (Vulnerable code not present)
 	[squeeze] - wss4j <not-affected> (Vulnerable code not present)
-CVE-2015-0225 (The default configuration in Apache Cassandra 1.2.0 through 1.2.19, ...)
+CVE-2015-0225
 	- cassandra <itp> (bug #585905)
-CVE-2015-0224 (qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause ...)
+CVE-2015-0224
 	- qpid-cpp <not-affected> (Incomplete fix for CVE-2015-0203 not applied)
 	NOTE: CVE is for incomplete fix for CVE-2015-0203, which is not fixed in Debian
 	NOTE: https://issues.apache.org/jira/browse/QPID-6310
-CVE-2015-0223 (Unspecified vulnerability in Apache Qpid 0.30 and earlier allows ...)
+CVE-2015-0223
 	- qpid-cpp <removed> (bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/QPID-6325
-CVE-2015-0222 (ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x ...)
+CVE-2015-0222
 	- python-django 1.7.1-1.1 (bug #775375)
 	[wheezy] - python-django <not-affected> (1.4.x not affected)
 	[squeeze] - python-django <not-affected> (1.2.x not affected)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0221 (The django.views.static.serve view in Django before 1.4.18, 1.6.x ...)
+CVE-2015-0221
 	{DSA-3151-1 DLA-143-1}
 	- python-django 1.7.1-1.1 (bug #775375)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0220 (The django.util.http.is_safe_url function in Django before 1.4.18, ...)
+CVE-2015-0220
 	{DSA-3151-1 DLA-143-1}
 	- python-django 1.7.1-1.1 (bug #775375)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0219 (Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 ...)
+CVE-2015-0219
 	{DSA-3151-1 DLA-143-1}
 	- python-django 1.7.1-1.1 (bug #775375)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0218 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2015-0218
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278618#p1196684
-CVE-2015-0217 (filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before ...)
+CVE-2015-0217
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278617#p1196683
-CVE-2015-0216 (access.php in the Lesson module in Moodle 2.8.x before 2.8.2 does not ...)
+CVE-2015-0216
 	- moodle <not-affected> (Only affects 2.8.x)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278616#p1196682
-CVE-2015-0215 (calendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, ...)
+CVE-2015-0215
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278615#p1196681
-CVE-2015-0214 (message/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, ...)
+CVE-2015-0214
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278614#p1196680
-CVE-2015-0213 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) ...)
+CVE-2015-0213
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278613#p1196679
-CVE-2015-0212 (Cross-site scripting (XSS) vulnerability in course/pending.php in ...)
+CVE-2015-0212
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278612#p1196678
-CVE-2015-0211 (mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x ...)
+CVE-2015-0211
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278611#p1196676
-CVE-2015-0210 (wpa_supplicant 2.0-16 does not properly check certificate subject ...)
+CVE-2015-0210
 	NOTE: likely to be REJECTed
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0210
-CVE-2015-0209 (Use-after-free vulnerability in the d2i_ECPrivateKey function in ...)
+CVE-2015-0209
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a
-CVE-2015-0208 (The ASN.1 signature-verification implementation in the rsa_item_verify ...)
+CVE-2015-0208
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0207 (The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a ...)
+CVE-2015-0207
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0206 (Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL ...)
+CVE-2015-0206
 	{DSA-3125-1}
 	- openssl 1.0.1k-1
 	[squeeze] - openssl <not-affected> (Affects 1.0.1 and 1.0.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=04685bc949e90a877656cf5020b6d4f90a9636a6
-CVE-2015-0205 (The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before ...)
+CVE-2015-0205
 	{DSA-3125-1}
 	- openssl 1.0.1k-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.1 and 1.0.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=98a0f9660d374f58f79ee0efcc8c1672a805e8e8
-CVE-2015-0204 (The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before ...)
+CVE-2015-0204
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=37580f43b5a39f5f4e920d17273fab9713d3a744
-CVE-2015-0203 (The qpidd broker in Apache Qpid 0.30 and earlier allows remote ...)
+CVE-2015-0203
 	- qpid-cpp <removed> (bug #775359)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2015-0202 (The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows ...)
+CVE-2015-0202
 	- subversion 1.8.10-6
 	[wheezy] - subversion <not-affected> (Vulnerability introduced with 1.8.0)
 	[squeeze] - subversion <not-affected> (Vulnerability introduced with 1.8.0)
 	NOTE: https://subversion.apache.org/security/CVE-2015-0202-advisory.txt
-CVE-2015-0201 (The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 ...)
+CVE-2015-0201
 	- libspring-java <not-affected> (Only affects Spring Framework 4.1.0 to 4.1.4)
-CVE-2015-0200 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x before 7.0.0.8 IF2 ...)
+CVE-2015-0200
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-0199 (The mmfslinux kernel module in IBM General Parallel File System (GPFS) ...)
+CVE-2015-0199
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-0198 (IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 ...)
+CVE-2015-0198
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-0197 (IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 ...)
+CVE-2015-0197
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-0196 (CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through ...)
+CVE-2015-0196
 	NOT-FOR-US: IBM
-CVE-2015-0195 (Cross-site scripting (XSS) vulnerability in IBM Content Template ...)
+CVE-2015-0195
 	NOT-FOR-US: IBM
-CVE-2015-0194 (XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator ...)
+CVE-2015-0194
 	NOT-FOR-US: IBM
-CVE-2015-0193 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
+CVE-2015-0193
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0192 (Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 ...)
+CVE-2015-0192
 	NOT-FOR-US: IBM JDK
 CVE-2015-0191
 	REJECTED
 CVE-2015-0190
 	RESERVED
-CVE-2015-0189 (The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5 ...)
+CVE-2015-0189
 	NOT-FOR-US: IBM
 CVE-2015-0188
 	RESERVED
@@ -26352,33 +26352,33 @@ CVE-2015-0182
 	RESERVED
 CVE-2015-0181
 	RESERVED
-CVE-2015-0180 (The Connector Migration Tool in IBM InfoSphere Information Server 8.1 ...)
+CVE-2015-0180
 	NOT-FOR-US: IBM
-CVE-2015-0179 (Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 ...)
+CVE-2015-0179
 	NOT-FOR-US: IBM Domino
-CVE-2015-0178 (The Java overlay feature in IBM Bluemix Liberty before ...)
+CVE-2015-0178
 	NOT-FOR-US: IBM Bluemix Liberty
-CVE-2015-0177 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 ...)
+CVE-2015-0177
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-0176 (Cross-site scripting (XSS) vulnerability in MQ XR WebSockets Listener ...)
+CVE-2015-0176
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2015-0175 (IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before ...)
+CVE-2015-0175
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-0174 (The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 ...)
+CVE-2015-0174
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-0173 (The HTTP connection-management functionality in Internet Pass-Thru ...)
+CVE-2015-0173
 	NOT-FOR-US: IBM
-CVE-2015-0172 (IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote ...)
+CVE-2015-0172
 	NOT-FOR-US: IBM Security SiteProtector System
-CVE-2015-0171 (Directory traversal vulnerability in IBM Security SiteProtector System ...)
+CVE-2015-0171
 	NOT-FOR-US: IBM
-CVE-2015-0170 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before ...)
+CVE-2015-0170
 	NOT-FOR-US: IBM
-CVE-2015-0169 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before ...)
+CVE-2015-0169
 	NOT-FOR-US: IBM
-CVE-2015-0168 (Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector ...)
+CVE-2015-0168
 	NOT-FOR-US: IBM
-CVE-2015-0167 (Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in ...)
+CVE-2015-0167
 	NOT-FOR-US: textAngular
 CVE-2015-0166
 	REJECTED
@@ -26388,327 +26388,327 @@ CVE-2015-0164
 	REJECTED
 CVE-2015-0163
 	REJECTED
-CVE-2015-0162 (IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local ...)
+CVE-2015-0162
 	NOT-FOR-US: IBM
-CVE-2015-0161 (SQL injection vulnerability in IBM Security SiteProtector System 3.0 ...)
+CVE-2015-0161
 	NOT-FOR-US: IBM
-CVE-2015-0160 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before ...)
+CVE-2015-0160
 	NOT-FOR-US: IBM
 CVE-2015-0159
 	REJECTED
-CVE-2015-0158 (Cross-site scripting (XSS) vulnerability in the Coach NG framework in ...)
+CVE-2015-0158
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0157 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 ...)
+CVE-2015-0157
 	NOT-FOR-US: IBM DB2
-CVE-2015-0156 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
+CVE-2015-0156
 	NOT-FOR-US: IBM
 CVE-2015-0155
 	REJECTED
 CVE-2015-0154
 	REJECTED
-CVE-2015-0153 (D-Link DIR-815 devices with firmware before 2.07.B01 allow remote ...)
+CVE-2015-0153
 	NOT-FOR-US: D-Link
-CVE-2015-0152 (D-Link DIR-815 devices with firmware before 2.07.B01 allow remote ...)
+CVE-2015-0152
 	NOT-FOR-US: D-Link
-CVE-2015-0151 (Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 ...)
+CVE-2015-0151
 	NOT-FOR-US: D-Link
-CVE-2015-0150 (The remote administration UI in D-Link DIR-815 devices with firmware ...)
+CVE-2015-0150
 	NOT-FOR-US: D-Link
-CVE-2015-0149 (The developer portal in IBM API Management 3.0 before 3.0.4.1 does not ...)
+CVE-2015-0149
 	NOT-FOR-US: IBM API Management
 CVE-2015-0148
 	RESERVED
 CVE-2015-0147
 	RESERVED
-CVE-2015-0146 (IBM Content Collector for Email 3.0 before ...)
+CVE-2015-0146
 	NOT-FOR-US: IBM Content Collector
-CVE-2015-0145 (Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC ...)
+CVE-2015-0145
 	NOT-FOR-US: IBM
-CVE-2015-0144 (Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform ...)
+CVE-2015-0144
 	NOT-FOR-US: IBM
-CVE-2015-0143 (IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, ...)
+CVE-2015-0143
 	NOT-FOR-US: IBM
-CVE-2015-0142 (IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, ...)
+CVE-2015-0142
 	NOT-FOR-US: IBM
-CVE-2015-0141 (IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, ...)
+CVE-2015-0141
 	NOT-FOR-US: IBM
-CVE-2015-0140 (An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 ...)
+CVE-2015-0140
 	NOT-FOR-US: IBM
-CVE-2015-0139 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
+CVE-2015-0139
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-0138 (GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before ...)
+CVE-2015-0138
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2015-0137 (IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 ...)
+CVE-2015-0137
 	NOT-FOR-US: IBM PowerVC
-CVE-2015-0136 (powervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x ...)
+CVE-2015-0136
 	NOT-FOR-US: IBM PowerVC
-CVE-2015-0135 (IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 ...)
+CVE-2015-0135
 	NOT-FOR-US: IBM Domino
-CVE-2015-0134 (Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before ...)
+CVE-2015-0134
 	NOT-FOR-US: IBM
-CVE-2015-0133 (IBM WebSphere Commerce 7.0 Feature Pack 4 through 8 allows remote ...)
+CVE-2015-0133
 	NOT-FOR-US: IBM
-CVE-2015-0132 (The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 ...)
+CVE-2015-0132
 	NOT-FOR-US: IBM
-CVE-2015-0131 (Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 ...)
+CVE-2015-0131
 	NOT-FOR-US: IBM
-CVE-2015-0130 (Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz ...)
+CVE-2015-0130
 	NOT-FOR-US: IBM
-CVE-2015-0129 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
+CVE-2015-0129
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2015-0128 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
+CVE-2015-0128
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2015-0127 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, ...)
+CVE-2015-0127
 	NOT-FOR-US: IBM
-CVE-2015-0126 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, ...)
+CVE-2015-0126
 	NOT-FOR-US: IBM
-CVE-2015-0125 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next ...)
+CVE-2015-0125
 	NOT-FOR-US: IBM Rational DOORS Next Generation
-CVE-2015-0124 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality ...)
+CVE-2015-0124
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2015-0123 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
+CVE-2015-0123
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2015-0122 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
+CVE-2015-0122
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2015-0121 (IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through ...)
+CVE-2015-0121
 	NOT-FOR-US: IBM
-CVE-2015-0120 (Buffer overflow in the FastBackMount process in IBM Tivoli Storage ...)
+CVE-2015-0120
 	NOT-FOR-US: IBM
-CVE-2015-0119 (FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before ...)
+CVE-2015-0119
 	NOT-FOR-US: IBM Tivoli Storage Manager FastBack
-CVE-2015-0118 (IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before ...)
+CVE-2015-0118
 	NOT-FOR-US: IBM
-CVE-2015-0117 (The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x ...)
+CVE-2015-0117
 	NOT-FOR-US: IBM Domino
-CVE-2015-0116 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, ...)
+CVE-2015-0116
 	NOT-FOR-US: IBM
-CVE-2015-0115 (Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, ...)
+CVE-2015-0115
 	NOT-FOR-US: IBM
-CVE-2015-0114 (Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows ...)
+CVE-2015-0114
 	NOT-FOR-US: IBM
-CVE-2015-0113 (The Jazz help system in IBM Rational Collaborative Lifecycle ...)
+CVE-2015-0113
 	NOT-FOR-US: IBM Rational Collaborative Lifecycle Management
-CVE-2015-0112 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative ...)
+CVE-2015-0112
 	NOT-FOR-US: IBM Rational
 CVE-2015-0111
 	RESERVED
-CVE-2015-0110 (IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and ...)
+CVE-2015-0110
 	NOT-FOR-US: IBM
-CVE-2015-0109 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2015-0109
 	NOT-FOR-US: IBM
-CVE-2015-0108 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2015-0108
 	NOT-FOR-US: IBM
-CVE-2015-0107 (IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, ...)
+CVE-2015-0107
 	NOT-FOR-US: IBM
-CVE-2015-0106 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
+CVE-2015-0106
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0105 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM ...)
+CVE-2015-0105
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0104 (IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, ...)
+CVE-2015-0104
 	NOT-FOR-US: IBM
-CVE-2015-0103 (Multiple cross-site scripting (XSS) vulnerabilities in the Process ...)
+CVE-2015-0103
 	NOT-FOR-US: IBM Business Process Manager
 CVE-2015-0102
 	RESERVED
-CVE-2015-0101 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
+CVE-2015-0101
 	NOT-FOR-US: IBM
-CVE-2015-0100 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+CVE-2015-0100
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0099 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2015-0099
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0098 (Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 ...)
+CVE-2015-0098
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0097 (Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel ...)
+CVE-2015-0097
 	NOT-FOR-US: Microsoft
-CVE-2015-0096 (Untrusted search path vulnerability in Microsoft Windows Server 2003 ...)
+CVE-2015-0096
 	NOT-FOR-US: Microsoft
-CVE-2015-0095 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-0095
 	NOT-FOR-US: Microsoft
-CVE-2015-0094 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-0094
 	NOT-FOR-US: Microsoft
-CVE-2015-0093 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0093
 	NOT-FOR-US: Microsoft
-CVE-2015-0092 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0092
 	NOT-FOR-US: Microsoft
-CVE-2015-0091 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0091
 	NOT-FOR-US: Microsoft
-CVE-2015-0090 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0090
 	NOT-FOR-US: Microsoft
-CVE-2015-0089 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0089
 	NOT-FOR-US: Microsoft
-CVE-2015-0088 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0088
 	NOT-FOR-US: Microsoft
-CVE-2015-0087 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0087
 	NOT-FOR-US: Microsoft
-CVE-2015-0086 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2015-0086
 	NOT-FOR-US: Microsoft
-CVE-2015-0085 (Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 ...)
+CVE-2015-0085
 	NOT-FOR-US: Microsoft
-CVE-2015-0084 (The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2015-0084
 	NOT-FOR-US: Microsoft
 CVE-2015-0083
 	REJECTED
 CVE-2015-0082
 	REJECTED
-CVE-2015-0081 (Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, ...)
+CVE-2015-0081
 	NOT-FOR-US: Microsoft
-CVE-2015-0080 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server ...)
+CVE-2015-0080
 	NOT-FOR-US: Microsoft
-CVE-2015-0079 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2015-0079
 	NOT-FOR-US: Microsoft
-CVE-2015-0078 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows ...)
+CVE-2015-0078
 	NOT-FOR-US: Microsoft
-CVE-2015-0077 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-0077
 	NOT-FOR-US: Microsoft
-CVE-2015-0076 (The photo-decoder implementation in Microsoft Windows Vista SP2, ...)
+CVE-2015-0076
 	NOT-FOR-US: Microsoft
-CVE-2015-0075 (The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, ...)
+CVE-2015-0075
 	NOT-FOR-US: Microsoft
-CVE-2015-0074 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+CVE-2015-0074
 	NOT-FOR-US: Microsoft
-CVE-2015-0073 (The Windows Registry Virtualization feature in the kernel in Microsoft ...)
+CVE-2015-0073
 	NOT-FOR-US: Microsoft
-CVE-2015-0072 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2015-0072
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0071 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-0071
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0070 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0070
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0069 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-0069
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0068 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-0068
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0067 (Microsoft Internet Explorer 6 through 9 allows remote attackers to ...)
+CVE-2015-0067
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0066 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-0066
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0065 (Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary ...)
+CVE-2015-0065
 	NOT-FOR-US: Microsoft Word
-CVE-2015-0064 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word ...)
+CVE-2015-0064
 	NOT-FOR-US: Microsoft
-CVE-2015-0063 (Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel ...)
+CVE-2015-0063
 	NOT-FOR-US: Microsoft
-CVE-2015-0062 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, ...)
+CVE-2015-0062
 	NOT-FOR-US: Microsoft
-CVE-2015-0061 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server ...)
+CVE-2015-0061
 	NOT-FOR-US: Microsoft
-CVE-2015-0060 (The font mapper in win32k.sys in the kernel-mode drivers in Microsoft ...)
+CVE-2015-0060
 	NOT-FOR-US: Microsoft
-CVE-2015-0059 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...)
+CVE-2015-0059
 	NOT-FOR-US: Microsoft
-CVE-2015-0058 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
+CVE-2015-0058
 	NOT-FOR-US: Microsoft
-CVE-2015-0057 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-0057
 	NOT-FOR-US: Microsoft
-CVE-2015-0056 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-0056
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0055 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain ...)
+CVE-2015-0055
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0054 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+CVE-2015-0054
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0053 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2015-0053
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0052 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-0052
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0051 (Microsoft Internet Explorer 8 allows remote attackers to bypass the ...)
+CVE-2015-0051
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0050 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-0050
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0049 (Microsoft Internet Explorer 8 and 10 allows remote attackers to ...)
+CVE-2015-0049
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0048 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-0048
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-0047
 	REJECTED
-CVE-2015-0046 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-0046
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0045 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
+CVE-2015-0045
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0044 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+CVE-2015-0044
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0043 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+CVE-2015-0043
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0042 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-0042
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0041 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0041
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0040 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-0040
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0039 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-0039
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0038 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2015-0038
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0037 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-0037
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0036 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0036
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0035 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-0035
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-0034
 	REJECTED
 CVE-2015-0033
 	REJECTED
-CVE-2015-0032 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with ...)
+CVE-2015-0032
 	NOT-FOR-US: Microsoft
-CVE-2015-0031 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0031
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0030 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0030
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0029 (Microsoft Internet Explorer 6 and 8 allows remote attackers to execute ...)
+CVE-2015-0029
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0028 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2015-0028
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0027 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2015-0027
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0026 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0026
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0025 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2015-0025
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-0024
 	REJECTED
-CVE-2015-0023 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2015-0023
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0022 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0022
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0021 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
+CVE-2015-0021
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0020 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0020
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0019 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
+CVE-2015-0019
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0018 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2015-0018
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0017 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+CVE-2015-0017
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0016 (Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) ...)
+CVE-2015-0016
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0015 (Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and ...)
+CVE-2015-0015
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0014 (Buffer overflow in the Telnet service in Microsoft Windows Server 2003 ...)
+CVE-2015-0014
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-0013
 	REJECTED
-CVE-2015-0012 (Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update ...)
+CVE-2015-0012
 	NOT-FOR-US: Microsoft
-CVE-2015-0011 (mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in ...)
+CVE-2015-0011
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0010 (The CryptProtectMemory function in cng.sys (aka the Cryptography Next ...)
+CVE-2015-0010
 	NOT-FOR-US: Microsoft
-CVE-2015-0009 (The Group Policy Security Configuration policy implementation in ...)
+CVE-2015-0009
 	NOT-FOR-US: Microsoft
-CVE-2015-0008 (The UNC implementation in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-0008
 	NOT-FOR-US: Microsoft
 CVE-2015-0007
 	REJECTED
-CVE-2015-0006 (The Network Location Awareness (NLA) service in Microsoft Windows ...)
+CVE-2015-0006
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0005 (The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows ...)
+CVE-2015-0005
 	NOT-FOR-US: Microsoft
-CVE-2015-0004 (The User Profile Service (aka ProfSvc) in Microsoft Windows Server ...)
+CVE-2015-0004
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0003 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+CVE-2015-0003
 	NOT-FOR-US: Microsoft
-CVE-2015-0002 (The AhcVerifyAdminContext function in ahcache.sys in the Application ...)
+CVE-2015-0002
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0001 (The Windows Error Reporting (WER) component in Microsoft Windows 8, ...)
+CVE-2015-0001
 	NOT-FOR-US: Microsoft Windows
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 318abd17bf..f7884ddf50 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1,21 +1,21 @@
-CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before ...)
+CVE-2016-10742
 	{DLA-1708-1}
 	- zabbix 1:3.0.17+dfsg-1 (low)
 	[stretch] - zabbix <no-dsa> (Minor issue)
 	NOTE: https://support.zabbix.com/browse/ZBX-10272
 	NOTE: https://support.zabbix.com/browse/ZBX-13133
-CVE-2016-1000282 (Haraka version 2.8.8 and earlier comes with a plugin for processing ...)
+CVE-2016-1000282
 	NOT-FOR-US: Haraka
 CVE-2016-1000276
 	REJECTED
-CVE-2016-1000271 (Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / ...)
+CVE-2016-1000271
 	NOT-FOR-US: Joomla extension
-CVE-2016-10741 (In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users ...)
+CVE-2016-10741
 	- linux 4.9.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/04197b341f23b908193308b8d63d17ff23232598
-CVE-2016-10740 (Various resources in Atlassian Crowd before version 2.10.1 allow remote ...)
+CVE-2016-10740
 	NOT-FOR-US: Atlassian Crowd
-CVE-2016-10739 (In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo ...)
+CVE-2016-10739
 	- glibc 2.28-6 (bug #920047)
 	[stretch] - glibc <no-dsa> (Minor issue)
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -23,13 +23,13 @@ CVE-2016-10739 (In the GNU C Library (aka glibc or libc6) through 2.28, the geta
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1347549
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20018
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=108bc4049f8ae82710aec26a92ffdb4b439c83fd
-CVE-2016-10738 (Zenbership v107 has CSRF via admin/cp-functions/event-add.php. ...)
+CVE-2016-10738
 	NOT-FOR-US: Zenbership
-CVE-2016-10737 (Serendipity 2.0.4 has XSS via the serendipity_admin.php ...)
+CVE-2016-10737
 	- serendipity <removed>
-CVE-2016-10736 (The &quot;Social Pug - Easy Social Share Buttons&quot; plugin before 1.2.6 for ...)
+CVE-2016-10736
 	NOT-FOR-US: WordPress plugin social-pug
-CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is ...)
+CVE-2016-10735
 	- twitter-bootstrap4 <not-affected> (Fixed before initial upload to Debian)
 	- twitter-bootstrap3 3.4.0+dfsg-1
 	[stretch] - twitter-bootstrap3 3.3.7+dfsg-2+deb9u1
@@ -42,88 +42,88 @@ CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2,
 	NOTE: https://github.com/twbs/bootstrap/pull/23679
 	NOTE: https://github.com/twbs/bootstrap/pull/23687
 	NOTE: https://github.com/twbs/bootstrap/pull/26460
-CVE-2016-10734 (ProjectSend (formerly cFTP) r582 allows Insecure Direct Object ...)
+CVE-2016-10734
 	NOT-FOR-US: ProjectSend
-CVE-2016-10733 (ProjectSend (formerly cFTP) r582 allows directory traversal via ...)
+CVE-2016-10733
 	NOT-FOR-US: ProjectSend
-CVE-2016-10732 (ProjectSend (formerly cFTP) r582 allows authentication bypass via a ...)
+CVE-2016-10732
 	NOT-FOR-US: ProjectSend
-CVE-2016-10731 (ProjectSend (formerly cFTP) r582 allows SQL injection via ...)
+CVE-2016-10731
 	NOT-FOR-US: ProjectSend
-CVE-2016-10730 (An issue was discovered in Amanda 3.3.1. A user with backup privileges ...)
+CVE-2016-10730
 	- amanda <unfixed> (unimportant)
 	NOTE: https://www.exploit-db.com/exploits/39244/
 	NOTE: /usr/lib/amanda/application/amstar can only be run by members of the backup
 	NOTE: group (which is root-equivalent due to being able to perform restores e.g.)
-CVE-2016-10729 (An issue was discovered in Amanda 3.3.1. A user with backup privileges ...)
+CVE-2016-10729
 	- amanda <unfixed> (unimportant)
 	NOTE: https://www.exploit-db.com/exploits/39217/
 	NOTE: /usr/lib/amanda/runtar can only be run by members of the backup
 	NOTE: group (which is root-equivalent due to being able to perform restores e.g.)
-CVE-2016-10728 (An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error ...)
+CVE-2016-10728
 	{DLA-1508-1}
 	- suricata 3.1.2-1
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1880
 	NOTE: https://github.com/OISF/suricata/pull/2210
-CVE-2016-10727 (camel/providers/imapx/camel-imapx-server.c in the IMAPx component in ...)
+CVE-2016-10727
 	{DLA-1443-1}
 	- evolution-data-server 3.22.0-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334842
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/f26a6f67
-CVE-2016-10726 (The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before ...)
+CVE-2016-10726
 	NOT-FOR-US: DSpave
-CVE-2016-10725 (In Bitcoin Core before v0.13.0, a non-final alert is able to block the ...)
+CVE-2016-10725
 	- bitcoin 0.13.0-0.1
-CVE-2016-10724 (Bitcoin Core before v0.13.0 allows denial of service (memory ...)
+CVE-2016-10724
 	- bitcoin 0.13.0-0.1
-CVE-2016-1000352 (In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES ...)
+CVE-2016-1000352
 	- bouncycastle 1.56-1
 	[jessie] - bouncycastle <ignored> (Intrusive changes, can be mitigated by using a different mode than ECB)
 	NOTE: https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
-CVE-2016-1000346 (In the Bouncy Castle JCE Provider version 1.55 and earlier the other ...)
+CVE-2016-1000346
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937
-CVE-2016-1000345 (In the Bouncy Castle JCE Provider version 1.55 and earlier the ...)
+CVE-2016-1000345
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098
-CVE-2016-1000344 (In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES ...)
+CVE-2016-1000344
 	- bouncycastle 1.56-1
 	[jessie] - bouncycastle <ignored> (Intrusive changes, can be mitigated by using a different mode than ECB)
 	NOTE: https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
-CVE-2016-1000343 (In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key ...)
+CVE-2016-1000343
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d
-CVE-2016-1000342 (In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does ...)
+CVE-2016-1000342
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9
-CVE-2016-1000341 (In the Bouncy Castle JCE Provider version 1.55 and earlier DSA ...)
+CVE-2016-1000341
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce
-CVE-2016-1000340 (In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry ...)
+CVE-2016-1000340
 	- bouncycastle 1.56-1
 	[jessie] - bouncycastle <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31
-CVE-2016-1000339 (In the Bouncy Castle JCE Provider version 1.55 and earlier the primary ...)
+CVE-2016-1000339
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0
 	NOTE: https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2
-CVE-2016-10723 (** DISPUTED ** An issue was discovered in the Linux kernel through ...)
+CVE-2016-10723
 	- linux <unfixed>
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://patchwork.kernel.org/patch/10395909/
-CVE-2016-10722 (partclone.fat in Partclone before 0.2.88 is prone to a heap-based ...)
+CVE-2016-10722
 	- partclone 0.2.88-1
 	[jessie] - partclone <no-dsa> (Minor issue)
 	[wheezy] - partclone <no-dsa> (Minor issue)
 	NOTE: https://david.gnedt.at/blog/2016/11/14/advisory-partclone-fat-bitmap-heap-overflow/
 	NOTE: https://github.com/Thomas-Tsai/partclone/issues/71
-CVE-2016-10721 (partclone.restore in Partclone 0.2.87 is prone to a heap-based buffer ...)
+CVE-2016-10721
 	- partclone 0.2.88-1
 	[jessie] - partclone <no-dsa> (Minor issue)
 	[wheezy] - partclone <no-dsa> (Minor issue)
@@ -132,24 +132,24 @@ CVE-2016-10720
 	RESERVED
 CVE-2016-10719
 	RESERVED
-CVE-2016-10718 (Brave Browser before 0.13.0 allows a tab to close itself even if the ...)
+CVE-2016-10718
 	- brave-browser <itp> (bug #864795)
-CVE-2016-10717 (A vulnerability in the encryption and permission implementation of ...)
+CVE-2016-10717
 	NOT-FOR-US: Malwarebytes Anti-Malware
-CVE-2016-10716 (The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS ...)
+CVE-2016-10716
 	NOT-FOR-US: Atlassian Jira plugin
-CVE-2016-10715 (The Artezio Kanban Board plugin 1.4 revision 1914 for Atlassian Jira ...)
+CVE-2016-10715
 	NOT-FOR-US: Atlassian Jira plugin
-CVE-2016-10714 (In zsh before 5.3, an off-by-one error resulted in undersized buffers ...)
+CVE-2016-10714
 	{DLA-1304-1}
 	- zsh 5.3-1
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/a62e1640bcafbb82d86ea8d8ce057a83c4683d60
-CVE-2016-10713 (An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access ...)
+CVE-2016-10713
 	- patch 2.7.6-1 (unimportant)
 	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/src/pch.c?id=a0d7fe4589651c64bd16ddaaa634030bb0455866
 	NOTE: Crash in CLI tool, no security impact
-CVE-2016-10711 (Apsis Pound before 2.8a allows request smuggling via crafted headers, a ...)
+CVE-2016-10711
 	{DLA-1280-1}
 	- pound <removed> (bug #888786)
 	[stretch] - pound <no-dsa> (Minor issue)
@@ -159,468 +159,468 @@ CVE-2016-10711 (Apsis Pound before 2.8a allows request smuggling via crafted hea
 	NOTE: Fixed by https://build.opensuse.org/request/show/571084
 	NOTE: Confirmed that the SUSE patch is the security relevant diff between
 	NOTE: version 2.7 and 2.8a
-CVE-2016-10710 (Biscom Secure File Transfer (SFT) 5.0.1000 through 5.0.1048 does not ...)
+CVE-2016-10710
 	NOT-FOR-US: Biscom Secure File Transfer
-CVE-2016-10709 (pfSense before 2.3 allows remote authenticated users to execute ...)
+CVE-2016-10709
 	NOT-FOR-US: pfSense
-CVE-2016-10708 (sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of ...)
+CVE-2016-10708
 	{DLA-1500-1 DLA-1257-1}
 	- openssh 1:7.4p1-1
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737
 	NOTE: http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html
 	NOTE: Flaw is not crashing the whole sshd daemon, rather the privsep process
-CVE-2016-10707 (jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to ...)
+CVE-2016-10707
 	- jquery <not-affected> (Vulnerable code never in unstable; only experimental)
 	NOTE: https://github.com/jquery/jquery/issues/3133
 	NOTE: https://github.com/jquery/jquery/pull/3134
 	NOTE: https://snyk.io/vuln/npm:jquery:20160529
 	NOTE: Only 3.0.0-rc1 affected: https://github.com/jquery/jquery/issues/3133#issuecomment-358978489
-CVE-2016-10706 (The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted ...)
+CVE-2016-10706
 	NOT-FOR-US: WordPress plugin jetpack
-CVE-2016-10705 (The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes ...)
+CVE-2016-10705
 	NOT-FOR-US: WordPress plugin jetpack
-CVE-2016-10704 (Magento Community Edition and Enterprise Edition before 2.0.10 and ...)
+CVE-2016-10704
 	NOT-FOR-US: Magento
-CVE-2016-10703 (A regular expression Denial of Service (DoS) vulnerability in the file ...)
+CVE-2016-10703
 	NOT-FOR-US: ecstatic npm
-CVE-2016-10702 (Pebble Smartwatch devices through 4.3 mishandle UUID storage, which ...)
+CVE-2016-10702
 	NOT-FOR-US: Pebble
-CVE-2016-10701 (In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF issue exists ...)
+CVE-2016-10701
 	NOT-FOR-US: Hitachi Vantara Pentaho BA Platform
-CVE-2016-10700 (auth_login.php in Cacti before 1.0.0 allows remote authenticated users ...)
+CVE-2016-10700
 	- cacti 0.8.8h+ds1-5 (bug #833420)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u6
 	[wheezy] - cacti 0.8.8a+dfsg-5+deb7u9
 	NOTE: https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697
 	NOTE: https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846
 	NOTE: Fix for the incomplete fix for CVE-2016-2313
-CVE-2016-10699 (D-Link DSL-2740E 1.00_BG_20150720 devices are prone to persistent XSS ...)
+CVE-2016-10699
 	NOT-FOR-US: D-Link devices
-CVE-2016-10698 (mystem-fix is a node.js wrapper for MyStem morphology text analyzer by ...)
+CVE-2016-10698
 	NOT-FOR-US: mystem-fix
-CVE-2016-10697 (react-native-baidu-voice-synthesizer is a baidu voice speech ...)
+CVE-2016-10697
 	NOT-FOR-US: react-native-baidu-voice-synthesizer
-CVE-2016-10696 (windows-latestchromedriver downloads the latest version of ...)
+CVE-2016-10696
 	NOT-FOR-US: windows-latestchromedriver
-CVE-2016-10695 (The npm-test-sqlite3-trunk module provides asynchronous, non-blocking ...)
+CVE-2016-10695
 	NOT-FOR-US: npm-test-sqlite3-trunk
-CVE-2016-10694 (alto-saxophone is a module to install and launch Chromedriver for Mac, ...)
+CVE-2016-10694
 	NOT-FOR-US: alto-saxophone
-CVE-2016-10693 (pm2-kafka is a PM2 module that installs and runs a kafka server ...)
+CVE-2016-10693
 	NOT-FOR-US: pm2-kafka
-CVE-2016-10692 (haxeshim haxe shim to deal with coexisting versions. haxeshim ...)
+CVE-2016-10692
 	NOT-FOR-US: haxeshim
-CVE-2016-10691 (windows-seleniumjar is a module that downloads the Selenium Jar file ...)
+CVE-2016-10691
 	NOT-FOR-US: windows-seleniumjar
-CVE-2016-10690 (openframe-ascii-image module is an openframe plugin which adds support ...)
+CVE-2016-10690
 	NOT-FOR-US: openframe-ascii-image
-CVE-2016-10689 (The windows-iedriver module downloads fixed version of ...)
+CVE-2016-10689
 	NOT-FOR-US: The windows-iedriver
-CVE-2016-10688 (Haxe 3 : The Cross-Platform Toolkit (a fork from David Mouton's ...)
+CVE-2016-10688
 	NOT-FOR-US: Haxe node module, different from src:haxe
-CVE-2016-10687 (windows-selenium-chromedriver is a module that downloads the Selenium ...)
+CVE-2016-10687
 	NOT-FOR-US: windows-selenium-chromedriver
-CVE-2016-10686 (fis-sass-all is another libsass wrapper for node. fis-sass-all ...)
+CVE-2016-10686
 	NOT-FOR-US: fis-sass-all
-CVE-2016-10685 (pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox ...)
+CVE-2016-10685
 	NOT-FOR-US: pk-app-wonderbox
-CVE-2016-10684 (healthcenter - IBM Monitoring and Diagnostic Tools health Center agent ...)
+CVE-2016-10684
 	NOT-FOR-US: IBM
-CVE-2016-10683 (arcanist downloads resources over HTTP, which leaves it vulnerable to ...)
+CVE-2016-10683
 	NOT-FOR-US: arcanist node module, different from src:arcanist
-CVE-2016-10682 (massif is a Phantomjs fork massif downloads resources over HTTP, which ...)
+CVE-2016-10682
 	NOT-FOR-US: massif
-CVE-2016-10681 (roslib-socketio - The standard ROS Javascript Library fork for add ...)
+CVE-2016-10681
 	NOT-FOR-US: roslib-socketio
-CVE-2016-10680 (adamvr-geoip-lite is a light weight native JavaScript implementation ...)
+CVE-2016-10680
 	NOT-FOR-US: adamvr-geoip-lite
-CVE-2016-10679 (selenium-standalone-painful installs a start-selenium command line to ...)
+CVE-2016-10679
 	NOT-FOR-US: selenium-standalone-painful
-CVE-2016-10678 (serc.js is a Selenium RC process wrapper serc.js downloads binary ...)
+CVE-2016-10678
 	NOT-FOR-US: serc.js
-CVE-2016-10677 (google-closure-tools-latest is a Node.js module wrapper for ...)
+CVE-2016-10677
 	NOT-FOR-US: google-closure-tools-latest
-CVE-2016-10676 (rs-brightcove is a wrapper around brightcove's web api rs-brightcove ...)
+CVE-2016-10676
 	NOT-FOR-US: rs-brightcove
-CVE-2016-10675 (libsbmlsim is a module that installs linux binaries for libsbmlsim ...)
+CVE-2016-10675
 	NOT-FOR-US: libsbmlsim
-CVE-2016-10674 (limbus-buildgen is a &quot;build anywhere&quot; build system. limbus-buildgen ...)
+CVE-2016-10674
 	NOT-FOR-US: limbus-buildgen
-CVE-2016-10673 (ipip-coffee queries geolocation information from IP ipip-coffee ...)
+CVE-2016-10673
 	NOT-FOR-US: ipip-coffee
-CVE-2016-10672 (cloudpub-redis is a module for CloudPub: Redis Backend cloudpub-redis ...)
+CVE-2016-10672
 	NOT-FOR-US: cloudpub-redis
-CVE-2016-10671 (mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper ...)
+CVE-2016-10671
 	NOT-FOR-US: mystem-wrapper
-CVE-2016-10670 (windows-seleniumjar-mirror downloads the Selenium Jar file ...)
+CVE-2016-10670
 	NOT-FOR-US: windows-seleniumjar-mirror
-CVE-2016-10669 (soci downloads binary resources over HTTP, which leaves it vulnerable ...)
+CVE-2016-10669
 	NOT-FOR-US: soci
-CVE-2016-10668 (libsbml is a module that installs Linux binaries for libSBML libsbml ...)
+CVE-2016-10668
 	NOT-FOR-US: libsbml node integration, different from src:libsml
-CVE-2016-10667 (selenium-portal is a Selenium Testing Framework selenium-portal ...)
+CVE-2016-10667
 	NOT-FOR-US: selenium-portal
-CVE-2016-10666 (tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser ...)
+CVE-2016-10666
 	NOT-FOR-US: tomita-parser
-CVE-2016-10665 (herbivore is a packet sniffing and crafting library. Built on libtins ...)
+CVE-2016-10665
 	NOT-FOR-US: herbivore
-CVE-2016-10664 (mystem is a Node.js wrapper for MyStem morphology text analyzer by ...)
+CVE-2016-10664
 	NOT-FOR-US: mystem
-CVE-2016-10663 (wixtoolset is a Node module wrapper around the wixtoolset binaries ...)
+CVE-2016-10663
 	NOT-FOR-US: wixtoolset
-CVE-2016-10662 (tomita is a node wrapper for Yandex Tomita Parser tomita downloads ...)
+CVE-2016-10662
 	NOT-FOR-US: tomita
-CVE-2016-10661 (phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu ...)
+CVE-2016-10661
 	NOT-FOR-US: phantomjs-cheniu
-CVE-2016-10660 (fis-parser-sass-bin a plugin for fis to compile sass using ...)
+CVE-2016-10660
 	NOT-FOR-US: fis-parser-sass-bin
-CVE-2016-10659 (poco - The POCO libraries, downloads source file resources used for ...)
+CVE-2016-10659
 	NOT-FOR-US: nodejs poco module
-CVE-2016-10658 (native-opencv is the OpenCV library installed via npm native-opencv ...)
+CVE-2016-10658
 	NOT-FOR-US: native-opencv binding for node, different from src:opencv
-CVE-2016-10657 (co-cli-installer downloads the co-cli module as part of the install ...)
+CVE-2016-10657
 	NOT-FOR-US: co-cli-installer
-CVE-2016-10656 (qbs is a build tool that helps simplify the build process for ...)
+CVE-2016-10656
 	NOT-FOR-US: npm qbs (different from src:qbs)
-CVE-2016-10655 (The clang-extra module installs LLVM's clang-extra tools. clang-extra ...)
+CVE-2016-10655
 	NOT-FOR-US: npm clang-extra
-CVE-2016-10654 (sfml downloads resources over HTTP, which leaves it vulnerable to MITM ...)
+CVE-2016-10654
 	NOT-FOR-US: node-sfml
-CVE-2016-10653 (xd-testing is a testing library for cross-device (XD) web ...)
+CVE-2016-10653
 	NOT-FOR-US: node xp-testing
-CVE-2016-10652 (prebuild-lwip is a module for comprehensive, fast, and simple image ...)
+CVE-2016-10652
 	NOT-FOR-US: node prebuild-lwip
-CVE-2016-10651 (webdriver-launcher is a Node.js Selenium Webdriver Launcher. ...)
+CVE-2016-10651
 	NOT-FOR-US: webdriver-launcher
-CVE-2016-10650 (ntfserver is a Network Testing Framework Server. ntfserver downloads ...)
+CVE-2016-10650
 	NOT-FOR-US: ntfserver
-CVE-2016-10649 (frames-compiler downloads binary resources over HTTP, which leaves it ...)
+CVE-2016-10649
 	NOT-FOR-US: frames-compiler
-CVE-2016-10648 (marionette-socket-host is a marionette-js-runner host for sending ...)
+CVE-2016-10648
 	NOT-FOR-US: marionette-socket-host
-CVE-2016-10647 (node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary ...)
+CVE-2016-10647
 	NOT-FOR-US: node-air-sdk
-CVE-2016-10646 (resourcehacker is a Node wrapper of Resource Hacker (windows ...)
+CVE-2016-10646
 	NOT-FOR-US: resourcehacker
-CVE-2016-10645 (grunt-images is a grunt plugin for processing images. grunt-images ...)
+CVE-2016-10645
 	NOT-FOR-US: grunt-images
-CVE-2016-10644 (slimerjs-edge is a npm wrapper for installing the bleeding edge ...)
+CVE-2016-10644
 	NOT-FOR-US: slimerjs-edge
-CVE-2016-10643 (jstestdriver is a wrapper for Google's jstestdriver. jstestdriver ...)
+CVE-2016-10643
 	NOT-FOR-US: jstestdriver
-CVE-2016-10642 (cmake installs the cmake x86 linux binaries. cmake downloads binary ...)
+CVE-2016-10642
 	NOT-FOR-US: cmake node intregration
-CVE-2016-10641 (node-bsdiff-android downloads resources over HTTP, which leaves it ...)
+CVE-2016-10641
 	NOT-FOR-US: node-bsdiff-android
-CVE-2016-10640 (node-thulac is a node binding for thulac. node-thulac downloads binary ...)
+CVE-2016-10640
 	NOT-FOR-US: node-thulac
-CVE-2016-10639 (redis-srvr is a npm wrapper for redis-server. redis-srvr downloads ...)
+CVE-2016-10639
 	NOT-FOR-US: redis-srvr
-CVE-2016-10638 (js-given is a JavaScript frontend to jgiven. js-given downloads binary ...)
+CVE-2016-10638
 	NOT-FOR-US: js-given
-CVE-2016-10637 (haxe-dev is a cross-platform toolkit. haxe-dev downloads binary ...)
+CVE-2016-10637
 	NOT-FOR-US: haxe-dev, different from src:haxe
-CVE-2016-10636 (grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler ...)
+CVE-2016-10636
 	NOT-FOR-US: grunt-ccompiler
-CVE-2016-10635 (broccoli-closure is a Closure compiler plugin for Broccoli. ...)
+CVE-2016-10635
 	NOT-FOR-US: broccoli-closure
-CVE-2016-10634 (scala-standalone-bin is a Binary wrapper for ScalaJS. ...)
+CVE-2016-10634
 	NOT-FOR-US: scala-standalone-bin
-CVE-2016-10633 (dwebp-bin is a dwebp node.js wrapper that convert WebP into PNG. ...)
+CVE-2016-10633
 	NOT-FOR-US: dwebp-bin
-CVE-2016-10632 (apk-parser2 is a module which extracts Android Manifest info from an ...)
+CVE-2016-10632
 	NOT-FOR-US: apk-parser2
-CVE-2016-10631 (jvminstall is a module for downloading and unpacking jvm to local ...)
+CVE-2016-10631
 	NOT-FOR-US: jvminstall
-CVE-2016-10630 (install-g-test downloads resources over HTTP, which leaves it ...)
+CVE-2016-10630
 	NOT-FOR-US: install-g-test
-CVE-2016-10629 (nw-with-arm is a NW Installer including ARM-Build. nw-with-arm ...)
+CVE-2016-10629
 	NOT-FOR-US: nw-with-arm
-CVE-2016-10628 (selenium-wrapper is a selenium server wrapper, including installation ...)
+CVE-2016-10628
 	NOT-FOR-US: selenium-wrapper
-CVE-2016-10627 (scala-bin is a binary wrapper for Scala. scala-bin downloads binary ...)
+CVE-2016-10627
 	NOT-FOR-US: scala-bin
-CVE-2016-10626 (mystem3 is a NodeJS wrapper for the Yandex MyStem 3. mystem3 downloads ...)
+CVE-2016-10626
 	NOT-FOR-US: mystem3
-CVE-2016-10625 (headless-browser-lite is a minimal npm installer for phantomjs and ...)
+CVE-2016-10625
 	NOT-FOR-US: headless-browser-lite
-CVE-2016-10624 (selenium-chromedriver is a simple utility for downloading the Selenium ...)
+CVE-2016-10624
 	NOT-FOR-US: selenium-chromedriver
-CVE-2016-10623 (macaca-chromedriver-zxa is a Node.js wrapper for the selenium ...)
+CVE-2016-10623
 	NOT-FOR-US: macaca-chromedriver-zxa
-CVE-2016-10622 (nodeschnaps is a NodeJS compatibility layer for Java (Rhino). ...)
+CVE-2016-10622
 	NOT-FOR-US: nodeschnaps
-CVE-2016-10621 (fibjs is a runtime for javascript applictions built on google v8 JS. ...)
+CVE-2016-10621
 	NOT-FOR-US: fibjs
-CVE-2016-10620 (atom-node-module-installer installs node modules for atom-shell ...)
+CVE-2016-10620
 	NOT-FOR-US: atom-node-module-installer
-CVE-2016-10619 (pennyworth is a natural language templating engine. pennyworth ...)
+CVE-2016-10619
 	NOT-FOR-US: pennyworth
-CVE-2016-10618 (node-browser is a wrapper webdriver by nodejs. node-browser downloads ...)
+CVE-2016-10618
 	NOT-FOR-US: node-browser
-CVE-2016-10617 (box2d-native downloads binary resources over HTTP, which leaves it ...)
+CVE-2016-10617
 	NOT-FOR-US: box2d-native (different from src:box2d)
-CVE-2016-10616 (openframe-image is an Openframe extension which adds support for ...)
+CVE-2016-10616
 	NOT-FOR-US: openframe-image
-CVE-2016-10615 (curses is bindings for the native curses library, a full featured ...)
+CVE-2016-10615
 	NOT-FOR-US: curses node module
-CVE-2016-10614 (httpsync is a port of libcurl to node.js. httpsync downloads binary ...)
+CVE-2016-10614
 	NOT-FOR-US: httpsync node module
-CVE-2016-10613 (bionode-sra is a Node.js wrapper for SRA Toolkit. bionode-sra ...)
+CVE-2016-10613
 	NOT-FOR-US: bionode-sra
-CVE-2016-10612 (dalek-browser-ie-canary is Internet Explorer bindings for DalekJS. ...)
+CVE-2016-10612
 	NOT-FOR-US: dalek-browser-ie-canary
-CVE-2016-10611 (strider-sauce is Sauce Labs / Selenium support for Strider. ...)
+CVE-2016-10611
 	NOT-FOR-US: strider-sauce
-CVE-2016-10610 (unicode-json is a unicode lookup table. unicode-json before 2.0.0 ...)
+CVE-2016-10610
 	NOT-FOR-US: unicode-json
-CVE-2016-10609 (chromedriver126 is chromedriver version 1.26 for linux OS. ...)
+CVE-2016-10609
 	NOT-FOR-US: chromedriver126
-CVE-2016-10608 (robot-js is a module for native system automation for node.js. ...)
+CVE-2016-10608
 	NOT-FOR-US: robot-js
-CVE-2016-10607 (openframe-glsviewer is a Openframe extension which adds support for ...)
+CVE-2016-10607
 	NOT-FOR-US: openframe-glsviewer
-CVE-2016-10606 (grunt-webdriver-qunit is a grunt plugin to run qunit with webdriver in ...)
+CVE-2016-10606
 	NOT-FOR-US: grunt-webdriver-qunit
-CVE-2016-10605 (dalek-browser-ie is Internet Explorer bindings for DalekJS. ...)
+CVE-2016-10605
 	NOT-FOR-US: dalek-browser-ie
-CVE-2016-10604 (dalek-browser-chrome is Google Chrome bindings for DalekJS. ...)
+CVE-2016-10604
 	NOT-FOR-US: dalek-browser-chrome
-CVE-2016-10603 (air-sdk is a NPM wrapper for the Adobe AIR SDK. air-sdk downloads ...)
+CVE-2016-10603
 	NOT-FOR-US: air-sdk
-CVE-2016-10602 (haxe is a cross-platform toolkit haxe downloads zipped resources over ...)
+CVE-2016-10602
 	NOT-FOR-US: Haxe node module, different from src:haxe
-CVE-2016-10601 (webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver ...)
+CVE-2016-10601
 	NOT-FOR-US: webdrvr
-CVE-2016-10600 (webrtc-native uses WebRTC from chromium project. webrtc-native ...)
+CVE-2016-10600
 	NOT-FOR-US: webrtc-native
-CVE-2016-10599 (sauce-connect is a Node.js wrapper over the SauceLabs SauceConnect.jar ...)
+CVE-2016-10599
 	NOT-FOR-US: sauce-connect
-CVE-2016-10598 (arrayfire-js is a module for ArrayFire for the Node.js platform. ...)
+CVE-2016-10598
 	NOT-FOR-US: arrayfire-js
-CVE-2016-10597 (cobalt-cli downloads resources over HTTP, which leaves it vulnerable ...)
+CVE-2016-10597
 	NOT-FOR-US: cobalt-cli
-CVE-2016-10596 (imageoptim is a Node.js wrapper for some images compression ...)
+CVE-2016-10596
 	NOT-FOR-US: imageoptim
-CVE-2016-10595 (jdf-sass is a fork from node-sass, jdf use only. jdf-sass downloads ...)
+CVE-2016-10595
 	NOT-FOR-US: jdf-sass
-CVE-2016-10594 (ipip is a Node.js module to query geolocation information for an IP or ...)
+CVE-2016-10594
 	NOT-FOR-US: ibip
-CVE-2016-10593 (ibapi is an Interactive Brokers API addon for NodeJS. ibapi downloads ...)
+CVE-2016-10593
 	NOT-FOR-US: ibapi
-CVE-2016-10592 (jser-stat is a JSer.info stat library. jser-stat downloads data ...)
+CVE-2016-10592
 	NOT-FOR-US: jser-stat
-CVE-2016-10591 (Prince is a Node API for executing XML/HTML to PDF renderer PrinceXML ...)
+CVE-2016-10591
 	NOT-FOR-US: Prince Node API
-CVE-2016-10590 (cue-sdk-node is a Corsair Cue SDK wrapper for node.js. cue-sdk-node ...)
+CVE-2016-10590
 	NOT-FOR-US: cue-sdk-node
-CVE-2016-10589 (selenium-binaries downloads Selenium related binaries for your OS. ...)
+CVE-2016-10589
 	NOT-FOR-US: selenium-binaries
-CVE-2016-10588 (nw is an installer for nw.js. nw downloads zipped resources over HTTP, ...)
+CVE-2016-10588
 	NOT-FOR-US: nw
-CVE-2016-10587 (wasdk is a toolkit for creating WebAssembly modules. wasdk downloads ...)
+CVE-2016-10587
 	NOT-FOR-US: wasdk
-CVE-2016-10586 (macaca-chromedriver is a Node.js wrapper for the selenium ...)
+CVE-2016-10586
 	NOT-FOR-US: macaca-chromedriver
-CVE-2016-10585 (libxl provides Node bindings for the libxl library for reading and ...)
+CVE-2016-10585
 	NOT-FOR-US: libxl node bindings
-CVE-2016-10584 (dalek-browser-chrome-canary provides Google Chrome bindings for ...)
+CVE-2016-10584
 	NOT-FOR-US: dalek-browser-chrome-canary
-CVE-2016-10583 (closure-utils is Utilities for Closure Library based projects. ...)
+CVE-2016-10583
 	NOT-FOR-US: closure-utils
-CVE-2016-10582 (closurecompiler is a Closure Compiler for node.js. closurecompiler ...)
+CVE-2016-10582
 	NOT-FOR-US: closurecompiler
-CVE-2016-10581 (Steroids is PhoneGap on Steroids, providing native UI elements, ...)
+CVE-2016-10581
 	NOT-FOR-US: PhoneGap on Steroids
-CVE-2016-10580 (nodewebkit is an installer for node-webkit. nodewebkit downloads ...)
+CVE-2016-10580
 	NOT-FOR-US: nodewebkit
-CVE-2016-10579 (Chromedriver is an NPM wrapper for selenium ChromeDriver. Chromedriver ...)
+CVE-2016-10579
 	NOT-FOR-US: Chromedriver
-CVE-2016-10578 (unicode loads unicode data downloaded from unicode.org into nodejs. ...)
+CVE-2016-10578
 	NOT-FOR-US: nodejs unicode module
-CVE-2016-10577 (ibm_db is an asynchronous/synchronous interface for node.js to IBM DB2 ...)
+CVE-2016-10577
 	NOT-FOR-US: ibm_db node.js module
-CVE-2016-10576 (Fuseki server wrapper and management API in fuseki before 1.0.1 ...)
+CVE-2016-10576
 	NOT-FOR-US: Fuseki
-CVE-2016-10575 (Kindlegen is a simple Node.js wrapper of the official kindlegen ...)
+CVE-2016-10575
 	NOT-FOR-US: Kindlegen
-CVE-2016-10574 (apk-parser3 is a module to extract Android Manifest info from an APK ...)
+CVE-2016-10574
 	NOT-FOR-US: apk-parser3
-CVE-2016-10573 (baryton-saxophone is a module to install and launch Selenium Server ...)
+CVE-2016-10573
 	NOT-FOR-US: baryton-saxophone
-CVE-2016-10572 (mongodb-instance before 0.0.3 installs mongodb locally. ...)
+CVE-2016-10572
 	NOT-FOR-US: mongodb-instance
-CVE-2016-10571 (bkjs-wand is imagemagick wand support for node.js and backendjs ...)
+CVE-2016-10571
 	NOT-FOR-US: bkjs-wand
-CVE-2016-10570 (pngcrush-installer is an installer for Pngcrush. pngcrush-installer ...)
+CVE-2016-10570
 	NOT-FOR-US: pngcrush-installer
-CVE-2016-10569 (embedza is a module to create HTML snippets/embeds from URLs using ...)
+CVE-2016-10569
 	NOT-FOR-US: embedza
-CVE-2016-10568 (geoip-lite-country is a stripped down version of geoip-lite, ...)
+CVE-2016-10568
 	NOT-FOR-US: geoip-lite-country
-CVE-2016-10567 (product-monitor is a HTML/JavaScript template for monitoring a product ...)
+CVE-2016-10567
 	NOT-FOR-US: product-monitor
-CVE-2016-10566 (install-nw is a module which quickly and robustly installs and caches ...)
+CVE-2016-10566
 	NOT-FOR-US: install-nw
-CVE-2016-10565 (operadriver is a Opera Driver for Selenium. operadriver versions below ...)
+CVE-2016-10565
 	NOT-FOR-US: operadriver
-CVE-2016-10564 (apk-parser is a tool to extract Android Manifest info from an APK ...)
+CVE-2016-10564
 	NOT-FOR-US: apk-parser
-CVE-2016-10563 (During the installation process, the go-ipfs-deps module before 0.4.4 ...)
+CVE-2016-10563
 	NOT-FOR-US: go-ipfs-deps
-CVE-2016-10562 (iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions ...)
+CVE-2016-10562
 	NOT-FOR-US: iedriver
-CVE-2016-10561 (Bitty is a development web server tool that functions similar to ...)
+CVE-2016-10561
 	NOT-FOR-US: Bitty
-CVE-2016-10560 (galenframework-cli is the node wrapper for the Galen Framework. ...)
+CVE-2016-10560
 	NOT-FOR-US: galenframework-cli
-CVE-2016-10559 (selenium-download downloads the latest versions of the selenium ...)
+CVE-2016-10559
 	NOT-FOR-US: selenium-download
-CVE-2016-10558 (aerospike is an Aerospike add-on module for Node.js. aerospike ...)
+CVE-2016-10558
 	NOT-FOR-US: aerospike
-CVE-2016-10557 (appium-chromedriver is a Node.js wrapper around Chromedriver. Versions ...)
+CVE-2016-10557
 	NOT-FOR-US: appium-chromedriver
-CVE-2016-10556 (sequelize is an Object-relational mapping, or a middleman to convert ...)
+CVE-2016-10556
 	NOT-FOR-US: sequelize
-CVE-2016-10555 (Since &quot;algorithm&quot; isn't enforced in jwt.decode()in jwt-simple 0.3.0 ...)
+CVE-2016-10555
 	NOT-FOR-US: nodejs-jwt-simple
-CVE-2016-10554 (sequelize is an Object-relational mapping, or a middleman to convert ...)
+CVE-2016-10554
 	NOT-FOR-US: sequelize
-CVE-2016-10553 (sequelize is an Object-relational mapping, or a middleman to convert ...)
+CVE-2016-10553
 	NOT-FOR-US: sequelize
-CVE-2016-10552 (igniteui 0.0.5 and earlier downloads JavaScript and CSS resources over ...)
+CVE-2016-10552
 	NOT-FOR-US: igniteui
-CVE-2016-10551 (waterline-sequel is a module that helps generate SQL statements for ...)
+CVE-2016-10551
 	NOT-FOR-US: waterline-sequel
-CVE-2016-10550 (sequelize is an Object-relational mapping, or a middleman to convert ...)
+CVE-2016-10550
 	NOT-FOR-US: sequelize
-CVE-2016-10549 (Sails is an MVC style framework for building realtime web ...)
+CVE-2016-10549
 	NOT-FOR-US: Sails
-CVE-2016-10548 (Arbitrary code execution is possible in reduce-css-calc node module ...)
+CVE-2016-10548
 	NOT-FOR-US: reduce-css-calc
-CVE-2016-10547 (Nunjucks is a full featured templating engine for JavaScript. Versions ...)
+CVE-2016-10547
 	NOT-FOR-US: Nunjucks
-CVE-2016-10546 (An arbitrary code injection vector was found in PouchDB 6.0.4 and ...)
+CVE-2016-10546
 	NOT-FOR-US: PouchDB
 CVE-2016-10545
 	REJECTED
-CVE-2016-10544 (uws is a WebSocket server library. By sending a 256mb websocket ...)
+CVE-2016-10544
 	NOT-FOR-US: uws
-CVE-2016-10543 (call is an HTTP router that is primarily used by the hapi framework. ...)
+CVE-2016-10543
 	NOT-FOR-US: call HTTP router
-CVE-2016-10542 (ws is a &quot;simple to use, blazing fast and thoroughly tested websocket ...)
+CVE-2016-10542
 	- node-ws <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/120
 	NOTE: https://github.com/nodejs/node/issues/7388
 	NOTE: nodejs not covered by security support
-CVE-2016-10541 (The npm module &quot;shell-quote&quot; 1.6.0 and earlier cannot correctly escape ...)
+CVE-2016-10541
 	- node-shell-quote <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://nodesecurity.io/advisories/117
 	NOTE: nodejs not covered by security support
-CVE-2016-10540 (Minimatch is a minimal matching utility that works by converting glob ...)
+CVE-2016-10540
 	- node-minimatch <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/118
 	NOTE: https://github.com/isaacs/minimatch/commit/6944abf9e0694bd22fd9dad293faa40c2bc8a955
 	NOTE: libv8 is not covered by security support
-CVE-2016-10539 (negotiator is an HTTP content negotiator for Node.js and is used by ...)
+CVE-2016-10539
 	- node-negotiator 0.6.1-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/106
 	NOTE: nodejs not covered by security support
-CVE-2016-10538 (The package `node-cli` before 1.0.0 insecurely uses the lock_file and ...)
+CVE-2016-10538
 	- node-cli <removed> (unimportant; bug #809252)
 	NOTE: https://github.com/node-js-libs/cli/issues/81
 	NOTE: https://nodesecurity.io/advisories/95
-CVE-2016-10537 (backbone is a module that adds in structure to a JavaScript heavy ...)
+CVE-2016-10537
 	- backbone 0.5.3-1
 	NOTE: https://nodesecurity.io/advisories/108
-CVE-2016-10536 (engine.io-client is the client for engine.io, the implementation of a ...)
+CVE-2016-10536
 	NOT-FOR-US: engine.io-client
-CVE-2016-10535 (csrf-lite is a cross-site request forgery protection library for ...)
+CVE-2016-10535
 	NOT-FOR-US: csrf-lite
-CVE-2016-10534 (electron-packager is a command line tool that packages Electron source ...)
+CVE-2016-10534
 	NOT-FOR-US: electron-packager
-CVE-2016-10533 (express-restify-mongoose is a module to easily create a flexible REST ...)
+CVE-2016-10533
 	NOT-FOR-US: express-restify-mongoose
-CVE-2016-10532 (console-io is a module that allows users to implement a web console in ...)
+CVE-2016-10532
 	NOT-FOR-US: console-io
-CVE-2016-10531 (marked is an application that is meant to parse and compile markdown. ...)
+CVE-2016-10531
 	- node-marked 0.3.6+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/101
 	NOTE: nodejs not covered by security support
-CVE-2016-10530 (The airbrake module 0.3.8 and earlier defaults to sending environment ...)
+CVE-2016-10530
 	NOT-FOR-US: airbrake
-CVE-2016-10529 (Droppy versions &lt;3.5.0 does not perform any verification for ...)
+CVE-2016-10529
 	NOT-FOR-US: Droppy
-CVE-2016-10528 (restafary is a REpresentful State Transfer API for Creating, Reading, ...)
+CVE-2016-10528
 	NOT-FOR-US: restafary
-CVE-2016-10527 (The riot-compiler version version 2.3.21 has an issue in a regex ...)
+CVE-2016-10527
 	NOT-FOR-US: riot-compiler
-CVE-2016-10526 (A common setup to deploy to gh-pages on every commit via a CI system ...)
+CVE-2016-10526
 	NOT-FOR-US: gh-pages
-CVE-2016-10525 (When attempting to allow authentication mode `try` in hapi, ...)
+CVE-2016-10525
 	NOT-FOR-US: hapi
-CVE-2016-10524 (i18n-node-angular is a module used to interact between i18n and ...)
+CVE-2016-10524
 	NOT-FOR-US: i18n-node-angular
-CVE-2016-10523 (MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted ...)
+CVE-2016-10523
 	- node-mqtt-packet <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://nodesecurity.io/advisories/75
-CVE-2016-10522 (rails_admin ruby gem &lt;v1.1.1 is vulnerable to cross-site request ...)
+CVE-2016-10522
 	- ruby-rails-admin <removed> (bug #903855)
 	NOTE: https://github.com/sferik/rails_admin/commit/b13e879eb93b661204e9fb5e55f7afa4f397537a
-CVE-2016-10521 (jshamcrest is vulnerable to regular expression denial of service ...)
+CVE-2016-10521
 	NOT-FOR-US: jshamcrest
-CVE-2016-10520 (jadedown is vulnerable to regular expression denial of service (ReDoS) ...)
+CVE-2016-10520
 	NOT-FOR-US: jadedown
-CVE-2016-10519 (A security issue was found in bittorrent-dht before 5.1.3 that allows ...)
+CVE-2016-10519
 	NOT-FOR-US: bittorrent-dht
-CVE-2016-10518 (A vulnerability was found in the ping functionality of the ws module ...)
+CVE-2016-10518
 	- node-ws 1.0.1+ds1.e6ddaae4-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/67
 	NOTE: Nodefs not covered by security support
-CVE-2016-10517 (networking.c in Redis before 3.2.7 allows &quot;Cross Protocol Scripting&quot; ...)
+CVE-2016-10517
 	{DLA-1161-1}
 	- redis 3:3.2.7-1
 	[stretch] - redis <no-dsa> (Minor issue)
 	[jessie] - redis <no-dsa> (Minor issue)
 	NOTE: https://github.com/antirez/redis/commit/874804da0c014a7d704b3d285aa500098a931f50
-CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full function in ...)
+CVE-2016-10516
 	{DLA-1191-1}
 	- python-werkzeug 0.11.11+dfsg1-1
 	[jessie] - python-werkzeug <no-dsa> (Minor issue)
 	NOTE: http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
 	NOTE: https://github.com/pallets/werkzeug/pull/1001
 	NOTE: https://github.com/pallets/werkzeug/commit/1034edc7f901dd645ec6e462754111b39002bd65
-CVE-2016-10515 (In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting ...)
+CVE-2016-10515
 	- redmine 3.2.3-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
 	[wheezy] - redmine <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: upstream fixed in 3.2.3
-CVE-2016-10514 (url_check_format in include/functions.inc.php in Piwigo before 2.8.3 ...)
+CVE-2016-10514
 	- piwigo <removed>
-CVE-2016-10513 (Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a crafted ...)
+CVE-2016-10513
 	- piwigo <removed>
-CVE-2016-10512 (MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for ...)
+CVE-2016-10512
 	NOT-FOR-US: MultiTech FaxFinder
-CVE-2016-10511 (The Twitter iOS client versions 6.62 and 6.62.1 fail to validate ...)
+CVE-2016-10511
 	NOT-FOR-US: Twitter iOS client
-CVE-2016-10510 (Cross-site scripting (XSS) vulnerability in the Security component of ...)
+CVE-2016-10510
 	{DLA-1241-1}
 	- libkohana2-php <removed>
 	[jessie] - libkohana2-php <ignored> (Minor issue)
 	NOTE: https://github.com/kohana/kohana/issues/107
 	NOTE: Fixed by https://github.com/kohana/core/pull/697
-CVE-2016-10509 (SQL injection vulnerability in the updateAmazonOrderTracking function ...)
+CVE-2016-10509
 	NOT-FOR-US: OpenCart
-CVE-2016-10508 (Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() ...)
+CVE-2016-10508
 	NOT-FOR-US: phpThumb
-CVE-2016-10507 (Integer overflow vulnerability in the bmp24toimage function in ...)
+CVE-2016-10507
 	- openjpeg2 2.1.2-1
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/uclouvain/openjpeg/commit/33a0e66eb129c4e91b555a6b8dd9eab512fbfeb8 (v2.1.1)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/da940424816e11d624362ce080bc026adffa26e8 (v2.1.2)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/833
-CVE-2016-10506 (Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, ...)
+CVE-2016-10506
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b
 	NOTE: https://github.com/uclouvain/openjpeg/issues/731
@@ -629,236 +629,236 @@ CVE-2016-10506 (Division-by-zero vulnerabilities in the functions opj_pi_next_cp
 	NOTE: https://github.com/uclouvain/openjpeg/issues/778
 	NOTE: https://github.com/uclouvain/openjpeg/issues/779
 	NOTE: https://github.com/uclouvain/openjpeg/issues/780
-CVE-2016-10505 (NULL pointer dereference vulnerabilities in the imagetopnm function in ...)
+CVE-2016-10505
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/776
 	NOTE: https://github.com/uclouvain/openjpeg/issues/784
 	NOTE: https://github.com/uclouvain/openjpeg/issues/785
 	NOTE: https://github.com/uclouvain/openjpeg/issues/792
-CVE-2016-10504 (Heap-based buffer overflow vulnerability in the opj_mqc_byteout ...)
+CVE-2016-10504
 	- openjpeg2 2.2.0-1 (bug #874113)
 	[stretch] - openjpeg2 2.1.2-1.1+deb9u2
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, see #874113)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/397f62c0a838e15d667ef50e27d5d011d2c79c04
 	NOTE: https://github.com/uclouvain/openjpeg/issues/835
-CVE-2016-10503 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated ...)
+CVE-2016-10503
 	NOT-FOR-US: IBM
 CVE-2016-1000245
 	RESERVED
-CVE-2016-10502 (While generating trusted application id, An integer overflow can occur ...)
+CVE-2016-10502
 	NOT-FOR-US: Snapdragon
-CVE-2016-10501 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10501
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10500
 	RESERVED
-CVE-2016-10499 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10499
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10498 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10498
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10497 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10497
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10496 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10496
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10495 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10495
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10494 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10494
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10493 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10493
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10492 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10492
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10491 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10491
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10490 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10490
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10489 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10489
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10488
 	RESERVED
-CVE-2016-10487 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10487
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10486 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10486
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10485 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10485
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10484 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10484
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10483 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10483
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10482 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10482
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10481 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10481
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10480 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10480
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10479 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10479
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10478 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10478
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10477 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10477
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10476 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10476
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10475 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10475
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10474 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10474
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10473 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10473
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10472 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10472
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10471 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10471
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10470
 	RESERVED
-CVE-2016-10469 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10469
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10468
 	RESERVED
-CVE-2016-10467 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10467
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10466 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10466
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10465
 	RESERVED
-CVE-2016-10464 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10464
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10463
 	RESERVED
-CVE-2016-10462 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10462
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10461 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10461
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10460 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10460
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10459 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10459
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10458 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10458
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10457 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10457
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10456 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10456
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10455 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10455
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10454 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10454
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10453
 	RESERVED
-CVE-2016-10452 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10452
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10451 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10451
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10450 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10450
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10449 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10449
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10448 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10448
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10447 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10447
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10446 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10446
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10445 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10445
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10444 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10444
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10443 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10443
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10442 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10442
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10441 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10441
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10440 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10440
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10439 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10439
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10438 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10438
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10437 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10437
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10436 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10436
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10435 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10435
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10434 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10434
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10433 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10433
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10432 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10432
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10431 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10431
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10430 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10430
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10429 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10429
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10428 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10428
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10427 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10427
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10426 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10426
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10425 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10425
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10424 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10424
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10423 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10423
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10422 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10422
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10421 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10421
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10420 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10420
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10419 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10419
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10418 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10418
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10417 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10417
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10416 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10416
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10415 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10415
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10414 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10414
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10413
 	RESERVED
-CVE-2016-10412 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10412
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10411 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10411
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10410 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10410
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10409 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10409
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10408
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10407 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10407
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10406 (In Android before 2018-04-05 or earlier security patch level on ...)
+CVE-2016-10406
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10405 (Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) ...)
+CVE-2016-10405
 	NOT-FOR-US: D-Link
-CVE-2016-10404 (XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect ...)
+CVE-2016-10404
 	NOT-FOR-US: Liferay Portal
-CVE-2016-10403 (Insufficient data validation on image data in PDFium in Google Chrome ...)
+CVE-2016-10403
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-10402 (Avira Antivirus engine versions before 8.3.36.60 allow remote code ...)
+CVE-2016-10402
 	NOT-FOR-US: Avira
-CVE-2016-10401 (ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it ...)
+CVE-2016-10401
 	NOT-FOR-US: ZyXEL
-CVE-2016-10400 (Directory Traversal exists in ATutor before 2.2.2 via the icon ...)
+CVE-2016-10400
 	NOT-FOR-US: ATutor
-CVE-2016-10399 (Sendio versions before 8.2.1 were affected by a Local File Inclusion ...)
+CVE-2016-10399
 	NOT-FOR-US: Sendio
-CVE-2016-10398 (Android 6.0 has an authentication bypass for attackers with root and ...)
+CVE-2016-10398
 	NOT-FOR-US: Android
-CVE-2016-10397 (In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of ...)
+CVE-2016-10397
 	{DLA-1034-1}
 	- php7.1 <not-affected> (Fixed with initial upload to unstable)
 	- php7.0 7.0.13-1
@@ -868,7 +868,7 @@ CVE-2016-10397 (In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling o
 	NOTE: Fixed in 7.1.0, 7.0.13, 5.6.28
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=b061fa909de77085d3822a89ab901b934d0362c4
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2016-10396 (The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable ...)
+CVE-2016-10396
 	{DLA-1044-1}
 	- ipsec-tools 1:0.8.2+20140711-9 (bug #867986)
 	[stretch] - ipsec-tools 1:0.8.2+20140711-8+deb9u1
@@ -877,54 +877,54 @@ CVE-2016-10396 (The racoon daemon in IPsec-Tools 0.8.2 contains a remotely explo
 	NOTE: NetBSD Problem report: https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682
 	NOTE: Patch disputed, cf. https://bugzilla.novell.com/show_bug.cgi?id=1047443#c1
 	NOTE: Updated patch: https://anonscm.debian.org/cgit/pkg-ipsec-tools/pkg-ipsec-tools.git/plain/debian/patches/CVE-2016-10396.patch?id=62ac12648a4eb7c5ba5dba0f81998d1acf310d8b
-CVE-2016-10395 (In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running ...)
+CVE-2016-10395
 	NOT-FOR-US: FlexNet Publisher
 CVE-2016-10394
 	RESERVED
 	NOT-FOR-US: Android Qualcomm closed-source components
-CVE-2016-10393 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2016-10393
 	NOT-FOR-US: Android Qualcomm closed-source components
-CVE-2016-10392 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10392
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10391 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10391
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10390 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10390
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10389 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10389
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10388 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10388
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10387 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10387
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10386 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10386
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10385 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10385
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10384 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10384
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10383 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10383
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10382 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10382
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10381 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10381
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10380 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10380
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10379 (The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL ...)
+CVE-2016-10379
 	NOT-FOR-US: Joomla addon
-CVE-2016-10378 (e107 2.1.1 allows SQL injection by remote authenticated administrators ...)
+CVE-2016-10378
 	NOT-FOR-US: e107
-CVE-2016-10377 (In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch ...)
+CVE-2016-10377
 	- openvswitch 2.6.1+git20161123-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code using tot_len introduced later)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code using tot_len introduced later)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2016-July/319503.html
-CVE-2016-10376 (Gajim through 0.16.7 unconditionally implements the &quot;XEP-0146: Remote ...)
+CVE-2016-10376
 	{DSA-3943-1 DLA-967-1}
 	- gajim 0.16.6-1.1 (bug #863445)
 	NOTE: https://dev.gajim.org/gajim/gajim/commit/cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc
 	NOTE: https://dev.gajim.org/gajim/gajim/issues/8378
-CVE-2016-10375 (Yodl before 3.07.01 has a Buffer Over-read in the queue_push function ...)
+CVE-2016-10375
 	{DLA-976-1}
 	- yodl 3.07.01-1
 	[jessie] - yodl <no-dsa> (Minor issue)
@@ -932,13 +932,13 @@ CVE-2016-10375 (Yodl before 3.07.01 has a Buffer Over-read in the queue_push fun
 	NOTE: https://github.com/fbb-git/yodl/commit/fd85f8c94182558ff1480d06a236d6fb927979a3
 CVE-2016-10373
 	REJECTED
-CVE-2016-10372 (The Eir D1000 modem does not properly restrict the TR-064 protocol, ...)
+CVE-2016-10372
 	NOT-FOR-US: Eir D1000 modem
-CVE-2016-10374 (perltidy through 20160302, as used by perlcritic, check-all-the-things, ...)
+CVE-2016-10374
 	- perltidy 20140328-2 (bug #862667)
 	[jessie] - perltidy <no-dsa> (Minor issue; can be fixed via point release)
 	[wheezy] - perltidy <no-dsa> (Minor issue)
-CVE-2016-10371 (The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in ...)
+CVE-2016-10371
 	{DLA-969-1}
 	- tiff 4.0.7-7 (low; bug #862929)
 	[jessie] - tiff 4.0.3-12.3+deb8u5
@@ -947,9 +947,9 @@ CVE-2016-10371 (The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrit
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2535
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2612
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/0abd094b6e5079c4d8be733829240491cb230f3d
-CVE-2016-10370 (An issue was discovered on OnePlus devices such as the 3T. The OnePlus ...)
+CVE-2016-10370
 	NOT-FOR-US: OnePlus
-CVE-2016-10369 (unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a ...)
+CVE-2016-10369
 	{DLA-935-1}
 	- lxterminal 0.3.0-2 (low; bug #862098)
 	[jessie] - lxterminal 0.2.0-1+deb8u1
@@ -984,23 +984,23 @@ CVE-2016-1000361
 	REJECTED
 CVE-2016-1000360
 	REJECTED
-CVE-2016-1000338 (In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does ...)
+CVE-2016-1000338
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
-CVE-2016-10368 (Open redirect vulnerability in Opsview Monitor Pro (Prior to ...)
+CVE-2016-10368
 	NOT-FOR-US: Opsview Monitor Pro
-CVE-2016-10367 (In Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475, ...)
+CVE-2016-10367
 	NOT-FOR-US: Opsview Monitor Pro
-CVE-2016-10366 (Kibana versions after and including 4.3 and before 4.6.2 are ...)
+CVE-2016-10366
 	- kibana <itp> (bug #700337)
-CVE-2016-10365 (Kibana versions before 4.6.3 and 5.0.1 have an open redirect ...)
+CVE-2016-10365
 	- kibana <itp> (bug #700337)
-CVE-2016-10364 (With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not ...)
+CVE-2016-10364
 	NOT-FOR-US: Kibana addon
-CVE-2016-10363 (Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, ...)
+CVE-2016-10363
 	- logstash <itp> (bug #664841)
-CVE-2016-10362 (Prior to Logstash version 5.0.1, Elasticsearch Output plugin when ...)
+CVE-2016-10362
 	- logstash <itp> (bug #664841)
 CVE-2016-10361
 	REJECTED
@@ -1022,110 +1022,110 @@ CVE-2016-10353
 	REJECTED
 CVE-2016-10352
 	REJECTED
-CVE-2016-10351 (Telegram Desktop 0.10.19 uses 0755 permissions for ...)
+CVE-2016-10351
 	- telegram-desktop 1.1.19-2
 	NOTE: https://github.com/telegramdesktop/tdesktop/issues/2666
-CVE-2016-10350 (The archive_read_format_cab_read_header function in ...)
+CVE-2016-10350
 	{DSA-4360-1 DLA-1600-1 DLA-1006-1}
 	- libarchive 3.2.2-3.1 (bug #861609)
 	NOTE: https://github.com/libarchive/libarchive/issues/835
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3 (v3.3.0)
-CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive 3.2.2 ...)
+CVE-2016-10349
 	{DSA-4360-1 DLA-1600-1 DLA-1006-1}
 	- libarchive 3.2.2-3.1 (bug #861609)
 	NOTE: https://github.com/libarchive/libarchive/issues/834
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3 (v3.3.0)
 CVE-2016-10348
 	RESERVED
-CVE-2016-10347 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10347
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10346 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10346
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10345 (In Phusion Passenger before 5.1.0, a known /tmp filename was used ...)
+CVE-2016-10345
 	- passenger <unfixed> (unimportant)
 	NOTE: https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441
 	NOTE: Source present, but passenger-install-nginx-module not installed
-CVE-2016-10344 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10344
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10343 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-10343
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10342 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2016-10342
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10341 (In all Android releases from CAF using the Linux kernel, 3rd party ...)
+CVE-2016-10341
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10340 (In all Android releases from CAF using the Linux kernel, an integer ...)
+CVE-2016-10340
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10339 (In all Android releases from CAF using the Linux kernel, HLOS can ...)
+CVE-2016-10339
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10338 (In all Android releases from CAF using the Linux kernel, there was an ...)
+CVE-2016-10338
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10337 (In all Android releases from CAF using the Linux kernel, some ...)
+CVE-2016-10337
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10336 (In all Android releases from CAF using the Linux kernel, some regions ...)
+CVE-2016-10336
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10335 (In all Android releases from CAF using the Linux kernel, libtomcrypt ...)
+CVE-2016-10335
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10334 (In all Android releases from CAF using the Linux kernel, a ...)
+CVE-2016-10334
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10333 (In all Android releases from CAF using the Linux kernel, a sensitive ...)
+CVE-2016-10333
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10332 (In all Android releases from CAF using the Linux kernel, stack ...)
+CVE-2016-10332
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10331 (Directory traversal vulnerability in download.php in Synology Photo ...)
+CVE-2016-10331
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10330 (Directory traversal vulnerability in synophoto_dsm_user, a SUID ...)
+CVE-2016-10330
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10329 (Command injection vulnerability in login.php in Synology Photo Station ...)
+CVE-2016-10329
 	NOT-FOR-US: Synology Photo Station
 CVE-2016-1000259
 	REJECTED
 CVE-2016-1000258
 	REJECTED
-CVE-2016-10328 (FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a ...)
+CVE-2016-10328
 	- freetype <not-affected> (Only affected head for about a day, see bug #860303)
 	NOTE: Introduced with: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=010e0614f2effe058855aacfc3e61c71e1cb5739
 	NOTE: Fixed with http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8
 	NOTE: http://savannah.nongnu.org/bugs/?func=detailitem&item_id=49858
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289
-CVE-2016-10327 (LibreOffice before 2016-12-22 has an out-of-bounds write caused by a ...)
+CVE-2016-10327
 	- libreoffice 1:5.2.5-1
 	[jessie] - libreoffice <not-affected> (Vulnerable code not present)
 	[wheezy] - libreoffice <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416
-CVE-2016-10326 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a ...)
+CVE-2016-10326
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109132
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=b9dd097b5b24f5ee54b0a8739e59641cd51b6ead
-CVE-2016-10325 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a ...)
+CVE-2016-10325
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109131
 	NOTE: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1d9fb1d3a71cc85ef95352e549b140c706cf8696
-CVE-2016-10324 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a ...)
+CVE-2016-10324
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109133
 	NOTE: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=7e0793e15e21f68337e130c67b031ca38edf055f
-CVE-2016-10323 (Synology Photo Station before 6.3-2958 allows local users to gain ...)
+CVE-2016-10323
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10322 (Synology Photo Station before 6.3-2958 allows remote authenticated ...)
+CVE-2016-10322
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10320 (textract before 1.5.0 allows OS Command Injection attacks via a ...)
+CVE-2016-10320
 	NOT-FOR-US: textract
-CVE-2016-10319 (In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC ...)
+CVE-2016-10319
 	NOT-FOR-US: ARM
-CVE-2016-1000307 (Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket ...)
+CVE-2016-1000307
 	NOT-FOR-US: ClipBucket
 CVE-2016-1000306
 	REJECTED
-CVE-2016-7443 (Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have ...)
+CVE-2016-7443
 	NOT-FOR-US: Exponent CMS
-CVE-2016-10318 (A missing authorization check in the fscrypt_process_policy function in ...)
+CVE-2016-10318
 	- linux 4.7.4-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2016-10317 (The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex ...)
+CVE-2016-10317
 	- ghostscript 9.22~dfsg-2.1 (bug #860869)
 	[stretch] - ghostscript 9.20~dfsg-3.2+deb9u2
 	[jessie] - ghostscript 9.06~dfsg-2+deb8u7
@@ -1137,15 +1137,15 @@ CVE-2016-10317 (The fill_threshhold_buffer function in base/gxht_thresh.c in Art
 	NOTE: affected, it even segfaults. But with wheezy 9.05~dfsg-6.3+deb7u2
 	NOTE: and jessie 9.06~dfsg-2+deb8u4, we have no segfault and valgrind
 	NOTE: reports no buffer overrun. -- Raphael Hertzog
-CVE-2016-10316 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), ...)
+CVE-2016-10316
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10315 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), ...)
+CVE-2016-10315
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10314 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), ...)
+CVE-2016-10314
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10313 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), ...)
+CVE-2016-10313
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10312 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), ...)
+CVE-2016-10312
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
 CVE-2016-1000351
 	REJECTED
@@ -1157,21 +1157,21 @@ CVE-2016-1000348
 	REJECTED
 CVE-2016-1000268
 	REJECTED
-CVE-2016-10311 (Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows ...)
+CVE-2016-10311
 	NOT-FOR-US: SAP
-CVE-2016-10310 (Buffer overflow in the MobiLink Synchronization Server component in ...)
+CVE-2016-10310
 	NOT-FOR-US: MobiLink Synchronization Server
-CVE-2016-10309 (In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote ...)
+CVE-2016-10309
 	NOT-FOR-US: Ceragon FibeAir
-CVE-2016-10308 (Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a ...)
+CVE-2016-10308
 	NOT-FOR-US: Siklu EtherHaul
-CVE-2016-10307 (Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and ...)
+CVE-2016-10307
 	NOT-FOR-US: Trango
-CVE-2016-10306 (Trango Altum AC600 devices have a built-in, hidden root account, with a ...)
+CVE-2016-10306
 	NOT-FOR-US: Trango
-CVE-2016-10305 (Trango Apex &lt;= 2.1.1, ApexLynx &lt; 2.0, ApexOrion &lt; 2.0, ApexPlus &lt;= ...)
+CVE-2016-10305
 	NOT-FOR-US: Trango
-CVE-2016-10304 (The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows ...)
+CVE-2016-10304
 	NOT-FOR-US: SAP
 CVE-2016-10303
 	RESERVED
@@ -1181,45 +1181,45 @@ CVE-2016-10301
 	RESERVED
 CVE-2016-10300
 	RESERVED
-CVE-2016-10299 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2016-10299
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10298 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2016-10298
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10297 (In TrustZone in all Android releases from CAF using the Linux kernel, ...)
+CVE-2016-10297
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10296 (An information disclosure vulnerability in the Qualcomm shared memory ...)
+CVE-2016-10296
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10295 (An information disclosure vulnerability in the Qualcomm LED driver ...)
+CVE-2016-10295
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10294 (An information disclosure vulnerability in the Qualcomm power driver ...)
+CVE-2016-10294
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10293 (An information disclosure vulnerability in the Qualcomm video driver ...)
+CVE-2016-10293
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10292 (A denial of service vulnerability in the Qualcomm Wi-Fi driver could ...)
+CVE-2016-10292
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10291 (An elevation of privilege vulnerability in the Qualcomm Slimbus driver ...)
+CVE-2016-10291
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10290 (An elevation of privilege vulnerability in the Qualcomm shared memory ...)
+CVE-2016-10290
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10289 (An elevation of privilege vulnerability in the Qualcomm crypto driver ...)
+CVE-2016-10289
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10288 (An elevation of privilege vulnerability in the Qualcomm LED driver ...)
+CVE-2016-10288
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10287 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2016-10287
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10286 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
+CVE-2016-10286
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10285 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
+CVE-2016-10285
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10284 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
+CVE-2016-10284
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10283 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2016-10283
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10282 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
+CVE-2016-10282
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-10281 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
+CVE-2016-10281
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-10280 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
+CVE-2016-10280
 	NOT-FOR-US: Mediatek driver for Android
 CVE-2016-10279
 	RESERVED
@@ -1227,17 +1227,17 @@ CVE-2016-10279
 CVE-2016-10278
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10277 (An elevation of privilege vulnerability in the Motorola bootloader ...)
+CVE-2016-10277
 	NOT-FOR-US: Motorola component for Android
-CVE-2016-10276 (An elevation of privilege vulnerability in the Qualcomm bootloader ...)
+CVE-2016-10276
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10275 (An elevation of privilege vulnerability in the Qualcomm bootloader ...)
+CVE-2016-10275
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10274 (An elevation of privilege vulnerability in the MediaTek touchscreen ...)
+CVE-2016-10274
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-10273 (Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia ...)
+CVE-2016-10273
 	NOT-FOR-US: Jensen of Scandinavia Air:Link Routers
-CVE-2016-10272 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
+CVE-2016-10272
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1245,7 +1245,7 @@ CVE-2016-10272 (LibTIFF 4.0.7 allows remote attackers to cause a denial of servi
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2620
-CVE-2016-10271 (tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a ...)
+CVE-2016-10271
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1253,7 +1253,7 @@ CVE-2016-10271 (tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cau
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2620
-CVE-2016-10270 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
+CVE-2016-10270
 	{DSA-3844-1}
 	- tiff 4.0.7-2 (bug #846837)
 	[wheezy] - tiff 4.0.2-6+deb7u9
@@ -1262,7 +1262,7 @@ CVE-2016-10270 (LibTIFF 4.0.7 allows remote attackers to cause a denial of servi
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2608
-CVE-2016-10269 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
+CVE-2016-10269
 	{DSA-3844-1 DLA-877-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1270,7 +1270,7 @@ CVE-2016-10269 (LibTIFF 4.0.7 allows remote attackers to cause a denial of servi
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2604
-CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...)
+CVE-2016-10268
 	{DLA-877-1}
 	- tiff 4.0.7-2 (unimportant)
 	- tiff3 <removed> (unimportant)
@@ -1279,7 +1279,7 @@ CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause
 	NOTE: https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2598
 	NOTE: Crash in CLI tool not treated as a security issue
-CVE-2016-10267 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
+CVE-2016-10267
 	{DSA-3844-1 DLA-877-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1287,7 +1287,7 @@ CVE-2016-10267 (LibTIFF 4.0.7 allows remote attackers to cause a denial of servi
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-divide-by-zero/
 	NOTE: https://github.com/vadz/libtiff/commit/43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2611
-CVE-2016-10266 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
+CVE-2016-10266
 	{DSA-3844-1 DLA-877-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1307,56 +1307,56 @@ CVE-2016-10261
 	RESERVED
 CVE-2016-10260
 	RESERVED
-CVE-2016-10259 (Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and ...)
+CVE-2016-10259
 	NOT-FOR-US: Blue Coat
-CVE-2016-10258 (Unrestricted file upload vulnerability in the Symantec Advanced Secure ...)
+CVE-2016-10258
 	NOT-FOR-US: Symantec
-CVE-2016-10257 (The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to ...)
+CVE-2016-10257
 	NOT-FOR-US: Symantec
-CVE-2016-10256 (The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to ...)
+CVE-2016-10256
 	NOT-FOR-US: Symantec
-CVE-2016-10255 (The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils ...)
+CVE-2016-10255
 	- elfutils 0.168-0.2 (low)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: 0.168-0.2 first version uploaded to unstable
 	NOTE: https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-__libelf_set_rawdata_wrlock-elf_getdata-c/
 	NOTE: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=09ec02ec7f7e6913d10943148e2a898264345b07
-CVE-2016-10254 (The allocate_elf function in common.h in elfutils before 0.168 allows ...)
+CVE-2016-10254
 	- elfutils 0.168-0.2 (low)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: 0.168-0.2 first version uploaded to unstable
 	NOTE: https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-allocate_elf-common-h/
 	NOTE: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=191000fdedba3fafe4d5b8cddad3f3318b49c3fb
-CVE-2016-10253 (An issue was discovered in Erlang/OTP 18.x. Erlang's generation of ...)
+CVE-2016-10253
 	- erlang 1:19.2.1+dfsg-2 (bug #858313)
 	[jessie] - erlang 1:17.3-dfsg-4+deb8u1
 	[wheezy] - erlang <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/erlang/otp/pull/1108
-CVE-2016-10252 (Memory leak in the IsOptionMember function in MagickCore/option.c in ...)
+CVE-2016-10252
 	{DSA-3808-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #857426)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b
-CVE-2016-10251 (Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in ...)
+CVE-2016-10251
 	{DSA-3827-1 DLA-920-1}
 	- jasper <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/04/11
 	NOTE: https://github.com/mdadams/jasper/commit/1f0dfe5a42911b6880a1445f13f6d615ddb55387
 	NOTE: https://github.com/asarubbo/poc/blob/master/00029-jasper-uninitvalue-jpc_pi_nextcprl
-CVE-2016-10248 (The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before ...)
+CVE-2016-10248
 	- jasper <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/20/5
 	NOTE: Not suitable for code injection, hardly denial of service
 	NOTE: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
-CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in ...)
+CVE-2016-10247
 	- mupdf <unfixed> (unimportant)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present)
 	NOTE: Although jstest_main.c compiled during build and mujstest is created
 	NOTE: it is not included in the produced binary packages
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/19
-CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in Mujstest in ...)
+CVE-2016-10246
 	- mupdf <unfixed> (unimportant)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present)
 	NOTE: Although jstest_main.c compiled during build and mujstest is created
@@ -1364,20 +1364,20 @@ CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in Mujstes
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/20
 CVE-2016-10245
 	RESERVED
-CVE-2016-10244 (The parse_charstrings function in type1/t1load.c in FreeType 2 before ...)
+CVE-2016-10244
 	{DSA-3839-1 DLA-848-1}
 	[experimental] - freetype 2.7.1-0.1
 	- freetype 2.6.3-3.1 (bug #856971)
 	NOTE: Fixed in 2.7: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a660e3de422731b94d4a134d27555430cbb6fb39 (VER-2-7)
-CVE-2016-10243 (TeX Live allows remote attackers to execute arbitrary commands by ...)
+CVE-2016-10243
 	{DSA-3803-1 DLA-847-1}
 	- texlive-bin <unfixed> (unimportant)
 	- texlive-base 2016.20161130-1
 	NOTE: https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/
 	NOTE: http://www.tug.org/svn/texlive?view=revision&revision=42605
-CVE-2016-10242 (A time-of-check time-of-use race condition could potentially exist in ...)
+CVE-2016-10242
 	NOT-FOR-US: Qualcomm component/driver for Android
 CVE-2016-10241
 	RESERVED
@@ -1385,32 +1385,32 @@ CVE-2016-10241
 CVE-2016-10240
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10239 (In TrustZone access control policy may potentially be bypassed in all ...)
+CVE-2016-10239
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10238 (In QSEE in all Android releases from CAF using the Linux kernel access ...)
+CVE-2016-10238
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10237 (If shared content protection memory were passed as the secure camera ...)
+CVE-2016-10237
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10236 (An information disclosure vulnerability in the Qualcomm USB driver. ...)
+CVE-2016-10236
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10235 (A denial of service vulnerability in the Qualcomm WiFi driver. ...)
+CVE-2016-10235
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10234 (An information disclosure vulnerability in the Qualcomm IPA driver. ...)
+CVE-2016-10234
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10233 (An elevation of privilege vulnerability in the Qualcomm video driver. ...)
+CVE-2016-10233
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10232 (An elevation of privilege vulnerability in the Qualcomm video driver. ...)
+CVE-2016-10232
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10231 (An elevation of privilege vulnerability in the Qualcomm sound codec ...)
+CVE-2016-10231
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10230 (A remote code execution vulnerability in the Qualcomm crypto driver. ...)
+CVE-2016-10230
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10229 (udp.c in the Linux kernel before 4.5 allows remote attackers to ...)
+CVE-2016-10229
 	- linux 4.5.1-1 (bug #808293)
 	[jessie] - linux 3.16.7-ckt20-1+deb8u2
 	[wheezy] - linux 3.2.73-2+deb7u2
 	NOTE: Fixed by: https://git.kernel.org/linus/197c949e7798fbf28cfadc69d9ca0c2abbf93191 (v4.5-rc1)
-CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and ...)
+CVE-2016-10228
 	- glibc <unfixed> (low; bug #856503)
 	[buster] - glibc <no-dsa> (Minor issue)
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -1418,130 +1418,130 @@ CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6) 2.25
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19519
-CVE-2016-10227 (Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote ...)
+CVE-2016-10227
 	NOT-FOR-US: Zyxel
-CVE-2016-10226 (JavaScriptCore in WebKit, as distributed in Safari Technology Preview ...)
+CVE-2016-10226
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-10225 (The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and ...)
+CVE-2016-10225
 	NOT-FOR-US: sunxi-debug driver in Allwinner kernel
-CVE-2016-10224 (An issue was discovered in Sauter NovaWeb web HMI. The application uses ...)
+CVE-2016-10224
 	NOT-FOR-US: Sauter NovaWeb
-CVE-2016-10223 (An issue was discovered in BigTree CMS before 4.2.15. The vulnerability ...)
+CVE-2016-10223
 	NOT-FOR-US: BigTree CMS
-CVE-2016-10222 (runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in ...)
+CVE-2016-10222
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-10221 (The count_entries function in pdf-layer.c in Artifex Software, Inc. ...)
+CVE-2016-10221
 	- mupdf <not-affected> (Vulnerable code not yet present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697400
-CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in Artifex ...)
+CVE-2016-10220
 	{DSA-3838-1 DLA-905-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #859694)
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697450
-CVE-2016-10219 (The intersect function in base/gxfill.c in Artifex Software, Inc. ...)
+CVE-2016-10219
 	{DSA-3838-1 DLA-905-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #859666)
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?4bef1a1d32e29b68855616020dbff574b9cda08f
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697453
-CVE-2016-10218 (The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF ...)
+CVE-2016-10218
 	- ghostscript <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d621292fb2c8157d9899dcd83fd04dd250e30fe4
 	NOTE: Introduced by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=47294ff5b168d25bfc7db64f51572d64b8ebde91
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697444
-CVE-2016-10217 (The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. ...)
+CVE-2016-10217
 	- ghostscript 9.20~dfsg-3.1 (bug #859662)
 	[jessie] - ghostscript <not-affected> (pdf14_cleanup_parent_color_profiles not yet present)
 	[wheezy] - ghostscript <not-affected> (pdf14_cleanup_parent_color_profiles not yet present)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=90fd0c7ca3efc1ddff64a86f4104b13b3ac969eb
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697456
-CVE-2016-10216 (An issue was discovered in IT ITems DataBase (ITDB) through 1.23. The ...)
+CVE-2016-10216
 	NOT-FOR-US: IT ITems DataBase
-CVE-2016-10215 (An issue was discovered in Fastspot BigTree bigtree-form-builder before ...)
+CVE-2016-10215
 	NOT-FOR-US: Fastspot BigTree bigtree-form-builder
-CVE-2016-10214 (Memory leak in the virgl_resource_attach_backing function in ...)
+CVE-2016-10214
 	- virglrenderer 0.6.0-1 (bug #854728)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=40b0e7813325b08077b6f541b3989edb2d86d837 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420266
-CVE-2016-10213 (A10 AX1030 and possibly other devices with software before 2.7.2-P8 ...)
+CVE-2016-10213
 	NOT-FOR-US: A10
-CVE-2016-10212 (Radware devices use the same value for the first two GCM nonces, which ...)
+CVE-2016-10212
 	NOT-FOR-US: Radware devices
-CVE-2016-10211 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a ...)
+CVE-2016-10211
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/575
-CVE-2016-10210 (libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial ...)
+CVE-2016-10210
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/576
-CVE-2016-10209 (The archive_wstring_append_from_mbs function in archive_string.c in ...)
+CVE-2016-10209
 	{DSA-4360-1 DLA-1600-1 DLA-1006-1}
 	- libarchive 3.2.2-3.1 (low; bug #859456)
 	NOTE: https://github.com/libarchive/libarchive/issues/842
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/42a3408ac7df1e69bea9ea12b72e14f59f7400c0 (v3.3.0)
-CVE-2016-10207 (The Xvnc server in TigerVNC allows remote attackers to cause a denial ...)
+CVE-2016-10207
 	- tigervnc 1.7.0-1
 	NOTE: https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1023012
-CVE-2016-10200 (Race condition in the L2TPv3 IP Encapsulation feature in the Linux ...)
+CVE-2016-10200
 	{DLA-922-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/32c231164b762dddefa13af5a0101032c70b50ef (v4.9-rc7)
-CVE-2016-10206 (Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ...)
+CVE-2016-10206
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10205 (Session fixation vulnerability in Zoneminder 1.30 and earlier allows ...)
+CVE-2016-10205
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10204 (SQL injection vulnerability in Zoneminder 1.30 and earlier allows ...)
+CVE-2016-10204
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10203 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
+CVE-2016-10203
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10202 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
+CVE-2016-10202
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10201 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
+CVE-2016-10201
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10208 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel ...)
+CVE-2016-10208
 	{DLA-1200-1}
 	- linux 4.9.10-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe (4.10-rc1)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/952fc18ef9ec707ebdc16c0786ec360295e5ff15 (3.6-rc1)
-CVE-2016-10197 (The search_make_new function in evdns.c in libevent before 2.1.6-beta ...)
+CVE-2016-10197
 	{DSA-3789-1 DLA-824-1}
 	- libevent 2.0.21-stable-3 (bug #854092)
 	NOTE: https://github.com/libevent/libevent/issues/332
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17
-CVE-2016-10196 (Stack-based buffer overflow in the evutil_parse_sockaddr_port function ...)
+CVE-2016-10196
 	{DSA-3789-1 DLA-824-1}
 	- libevent 2.0.21-stable-3 (bug #854092)
 	NOTE: https://github.com/libevent/libevent/issues/318
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17
-CVE-2016-10195 (The name_parse function in evdns.c in libevent before 2.1.6-beta ...)
+CVE-2016-10195
 	{DSA-3789-1 DLA-824-1}
 	- libevent 2.0.21-stable-3 (bug #854092)
 	NOTE: https://github.com/libevent/libevent/issues/317
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17
-CVE-2016-10199 (The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in ...)
+CVE-2016-10199
 	{DSA-3820-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451
-CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in ...)
+CVE-2016-10198
 	{DSA-3820-1 DLA-828-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <unfixed> (low)
@@ -1550,54 +1550,54 @@ CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in ...)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775450
 CVE-2016-XXXX [iio-sensor-proxy: insecure dbus policy]
 	- iio-sensor-proxy 2.0-4 (bug #853951)
-CVE-2016-10192 (Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, ...)
+CVE-2016-10192
 	- ffmpeg 7:3.2.2-1
 	- libav <not-affected> (Vulnerable code not present in libav, only in ffmpeg)
 	NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
-CVE-2016-10191 (Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before ...)
+CVE-2016-10191
 	{DLA-1611-1}
 	- ffmpeg 7:3.2.2-1
 	- libav <removed>
 	NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
-CVE-2016-10190 (Heap-based buffer overflow in libavformat/http.c in FFmpeg before ...)
+CVE-2016-10190
 	{DLA-1611-1}
 	- ffmpeg 7:3.2.2-1
 	- libav <removed>
 	NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
-CVE-2016-10193 (The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to ...)
+CVE-2016-10193
 	NOT-FOR-US: espeak-ruby Ruby gem
-CVE-2016-10194 (The festivaltts4r gem for Ruby allows remote attackers to execute ...)
+CVE-2016-10194
 	NOT-FOR-US: festivaltts4r
-CVE-2016-10186 (An issue was discovered on the D-Link DWR-932B router. ...)
+CVE-2016-10186
 	NOT-FOR-US: D-Link
-CVE-2016-10185 (An issue was discovered on the D-Link DWR-932B router. A secure_mode=no ...)
+CVE-2016-10185
 	NOT-FOR-US: D-Link
-CVE-2016-10184 (An issue was discovered on the D-Link DWR-932B router. qmiweb allows ...)
+CVE-2016-10184
 	NOT-FOR-US: D-Link
-CVE-2016-10183 (An issue was discovered on the D-Link DWR-932B router. qmiweb allows ...)
+CVE-2016-10183
 	NOT-FOR-US: D-Link
-CVE-2016-10182 (An issue was discovered on the D-Link DWR-932B router. qmiweb allows ...)
+CVE-2016-10182
 	NOT-FOR-US: D-Link
-CVE-2016-10181 (An issue was discovered on the D-Link DWR-932B router. qmiweb provides ...)
+CVE-2016-10181
 	NOT-FOR-US: D-Link
-CVE-2016-10180 (An issue was discovered on the D-Link DWR-932B router. WPS PIN ...)
+CVE-2016-10180
 	NOT-FOR-US: D-Link
-CVE-2016-10179 (An issue was discovered on the D-Link DWR-932B router. There is a ...)
+CVE-2016-10179
 	NOT-FOR-US: D-Link
-CVE-2016-10178 (An issue was discovered on the D-Link DWR-932B router. HELODBG on port ...)
+CVE-2016-10178
 	NOT-FOR-US: D-Link
-CVE-2016-10177 (An issue was discovered on the D-Link DWR-932B router. Undocumented ...)
+CVE-2016-10177
 	NOT-FOR-US: D-Link
-CVE-2016-10176 (The NETGEAR WNR2000v5 router allows an administrator to perform ...)
+CVE-2016-10176
 	NOT-FOR-US: Netgear
-CVE-2016-10175 (The NETGEAR WNR2000v5 router leaks its serial number when performing a ...)
+CVE-2016-10175
 	NOT-FOR-US: Netgear
-CVE-2016-10174 (The NETGEAR WNR2000v5 router contains a buffer overflow in the ...)
+CVE-2016-10174
 	NOT-FOR-US: Netgear
-CVE-2016-10189 (BitlBee before 3.5 allows remote attackers to cause a denial of ...)
+CVE-2016-10189
 	{DSA-3853-1 DLA-832-1}
 	- bitlbee 3.5-1
 	NOTE: https://bugs.bitlbee.org/ticket/1282
@@ -1606,57 +1606,57 @@ CVE-2016-10189 (BitlBee before 3.5 allows remote attackers to cause a denial of
 	NOTE: When fixing this CVE make sure to apply as well
 	NOTE: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441
 	NOTE: to not open CVE-2017-5668
-CVE-2016-10188 (Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows ...)
+CVE-2016-10188
 	{DSA-3853-1 DLA-832-1}
 	- bitlbee 3.5-1
 	NOTE: https://bugs.bitlbee.org/ticket/1281
 	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2 (3.5)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4
-CVE-2016-10187 (The E-book viewer in calibre before 2.75 allows remote attackers to ...)
+CVE-2016-10187
 	{DLA-859-1}
 	- calibre 2.75.1+dfsg-1 (low; bug #853004)
 	[jessie] - calibre <no-dsa> (Minor issue)
 	NOTE: Upstream report: https://launchpad.net/bugs/1651728
 	NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/8
-CVE-2016-10173 (Directory traversal vulnerability in the minitar before 0.6 and ...)
+CVE-2016-10173
 	{DSA-3778-1 DLA-808-1}
 	- ruby-minitar 0.5.4-3.1 (bug #853075)
 	- ruby-archive-tar-minitar <removed> (bug #853249)
 	NOTE: https://github.com/halostatue/minitar/issues/16
 	NOTE: https://github.com/halostatue/minitar/commit/e25205ecbb6277ae8a3df1e6a306d7ed4458b6e4
 	NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1021740
-CVE-2016-10172 (The read_new_config_info function in open_utils.c in Wavpack before ...)
+CVE-2016-10172
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561951/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10171 (The unreorder_channels function in cli/wvunpack.c in Wavpack before ...)
+CVE-2016-10171
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561939/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10170 (The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 ...)
+CVE-2016-10170
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561921/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10169 (The read_code function in read_words.c in Wavpack before 5.1.0 allows ...)
+CVE-2016-10169
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <no-dsa> (Minor issue)
 	[wheezy] - wavpack <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35557889/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10166 (Integer underflow in the _gdContributionsAlloc function in ...)
+CVE-2016-10166
 	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
-CVE-2016-10167 (The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics ...)
+CVE-2016-10167
 	{DSA-3777-1 DLA-804-1}
 	- php7.1 7.1.1-1 (unimportant)
 	- php7.0 7.0.15-1 (unimportant)
@@ -1667,7 +1667,7 @@ CVE-2016-10167 (The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graph
 	- libgd2 2.2.4-1
 	NOTE: https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
-CVE-2016-10168 (Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) ...)
+CVE-2016-10168
 	{DSA-3777-1 DLA-804-1}
 	- php7.1 7.1.1-1 (unimportant)
 	- php7.0 7.0.15-1 (unimportant)
@@ -1678,63 +1678,63 @@ CVE-2016-10168 (Integer overflow in gd_io.c in the GD Graphics Library (aka libg
 	- libgd2 2.2.4-1
 	NOTE: https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
-CVE-2016-10165 (The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) ...)
+CVE-2016-10165
 	{DSA-3774-1 DLA-803-1}
 	- lcms2 2.8-4 (bug #852627)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1367357
 	NOTE: https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2
-CVE-2016-10164 (Multiple integer overflows in libXpm before 3.5.12, when a program ...)
+CVE-2016-10164
 	{DSA-3772-1 DLA-801-1}
 	- libxpm 1:3.5.12-1
 	NOTE: Fixed by: https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=d1167418f0fd02a27f617ec5afd6db053afbe185
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/22/2
-CVE-2016-10163 (Memory leak in the vrend_renderer_context_create_internal function in ...)
+CVE-2016-10163
 	- virglrenderer 0.6.0-1 (bug #852603)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=747a293ff6055203e529f083896b823e22523fe7 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415944
-CVE-2016-10162 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x ...)
+CVE-2016-10162
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	NOTE: PHP Bug: http://bugs.php.net/73831
 	NOTE: Fixed in 7.0.15, 7.1.1
-CVE-2016-10161 (The object_common1 function in ext/standard/var_unserializer.c in PHP ...)
+CVE-2016-10161
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73825
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10160 (Off-by-one error in the phar_parse_pharfile function in ...)
+CVE-2016-10160
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73768
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10159 (Integer overflow in the phar_parse_pharfile function in ...)
+CVE-2016-10159
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73764
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10158 (The exif_convert_any_to_int function in ext/exif/exif.c in PHP before ...)
+CVE-2016-10158
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73737
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10157 (Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to ...)
+CVE-2016-10157
 	NOT-FOR-US: Akamai NetSession
-CVE-2016-10156 (A flaw in systemd v228 in /src/basic/fs-util.c caused world writable ...)
+CVE-2016-10156
 	- systemd 229-1
 	[jessie] - systemd <not-affected> (Vulnerability introduced in v228)
 	[wheezy] - systemd <not-affected> (Vulnerability introduced in v228)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1020601
 	NOTE: Fixed by: https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e (v229)
 	NOTE: Introduced by: https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f (v228)
-CVE-2016-10155 (Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) ...)
+CVE-2016-10155
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-2 (low; bug #852232)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -1743,117 +1743,117 @@ CVE-2016-10155 (Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emu
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-12/msg03104.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415199
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=eb7a20a3616085d46aa6b4b4224e15587ec67e6e
-CVE-2016-10154 (The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x ...)
+CVE-2016-10154
 	- linux 4.9.2-1
 	[jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/06deeec77a5a689cc94b21a8a91a76e42176685d (v4.10-rc1)
-CVE-2016-10153 (The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 ...)
+CVE-2016-10153
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/a45f795c65b479b4ba107b6ccde29b896d51ee98 (v4.10-rc1)
-CVE-2016-10152 (The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls ...)
+CVE-2016-10152
 	{DLA-796-1}
 	- hesiod 3.2.1-3.1 (low; bug #852093)
 	[stretch] - hesiod <no-dsa> (Minor issue)
 	[jessie] - hesiod <no-dsa> (Minor issue)
 	NOTE: https://github.com/achernya/hesiod/pull/10
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332493
-CVE-2016-10151 (The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID ...)
+CVE-2016-10151
 	{DLA-796-1}
 	- hesiod 3.2.1-3.1 (low; bug #852094)
 	[stretch] - hesiod <no-dsa> (Minor issue)
 	[jessie] - hesiod <no-dsa> (Minor issue)
 	NOTE: https://github.com/achernya/hesiod/pull/9
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332508
-CVE-2016-10150 (Use-after-free vulnerability in the kvm_ioctl_create_device function ...)
+CVE-2016-10150
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/a0f1d21c1ccb1da66629627a74059dd7f5ac9c61 (v4.9-rc8)
 	NOTE: Introduced by: https://git.kernel.org/linus/a28ebea2adc4a2bef5989a5a181ec238f59fbcad (v4.8-rc2)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1414506
-CVE-2016-10148 (The wp_ajax_update_plugin function in ...)
+CVE-2016-10148
 	- wordpress 4.6.1+dfsg-1
 	[jessie] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	[wheezy] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	NOTE: https://core.trac.wordpress.org/ticket/37490
 	NOTE: https://core.trac.wordpress.org/changeset/38168
-CVE-2016-10147 (crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users ...)
+CVE-2016-10147
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/48a992727d82cb7db076fa15d372178743b1f4cd (v4.9)
-CVE-2016-10143 (A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to ...)
+CVE-2016-10143
 	- tikiwiki <removed>
-CVE-2016-10142 (An issue was discovered in the IPv6 protocol specification, related to ...)
+CVE-2016-10142
 	NOTE: Generic IPv6 issue
-CVE-2016-10139 (An issue was discovered on BLU R1 HD devices with Shanghai Adups ...)
+CVE-2016-10139
 	NOT-FOR-US: BLU
-CVE-2016-10138 (An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with ...)
+CVE-2016-10138
 	NOT-FOR-US: BLU
-CVE-2016-10137 (An issue was discovered on BLU R1 HD devices with Shanghai Adups ...)
+CVE-2016-10137
 	NOT-FOR-US: BLU
-CVE-2016-10136 (An issue was discovered on BLU R1 HD devices with Shanghai Adups ...)
+CVE-2016-10136
 	NOT-FOR-US: BLU
-CVE-2016-10135 (An issue was discovered on LG devices using the MTK chipset with ...)
+CVE-2016-10135
 	NOT-FOR-US: LG
-CVE-2016-10146 (Multiple memory leaks in the caption and label handling code in ...)
+CVE-2016-10146
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.0+dfsg-2 (bug #851380)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2016-10140 (Information disclosure and authentication bypass vulnerability exists ...)
+CVE-2016-10140
 	{DLA-806-1}
 	- zoneminder 1.30.4+dfsg-1 (bug #851710)
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1697
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/6361f143878ce00659f64ce42593951d773e4e63
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/aa0a4d1f5ad2c493f2bed175991e92c466ac3dc4
-CVE-2016-10144 (coders/ipl.c in ImageMagick allows remote attackers to have unspecific ...)
+CVE-2016-10144
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851485)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2016-10145 (Off-by-one error in coders/wpg.c in ImageMagick allows remote ...)
+CVE-2016-10145
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851483)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit function ...)
+CVE-2016-10141
 	NOT-FOR-US: MuJS
-CVE-2016-10133 (Heap-based buffer overflow in the js_stackoverflow function in jsrun.c ...)
+CVE-2016-10133
 	NOT-FOR-US: MuJS
-CVE-2016-10132 (regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a ...)
+CVE-2016-10132
 	NOT-FOR-US: MuJS
-CVE-2016-10131 (system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote ...)
+CVE-2016-10131
 	- codeigniter <itp> (bug #471583)
-CVE-2016-10130 (The http_connect function in transports/http.c in libgit2 before ...)
+CVE-2016-10130
 	- libgit2 0.25.1+really0.24.6-1 (bug #851406)
 	[jessie] - libgit2 <not-affected> (Vulnerable code not present)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22 (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211 (v0.24.6)
-CVE-2016-10129 (The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x ...)
+CVE-2016-10129
 	- libgit2 0.25.1+really0.24.6-1 (bug #851406)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037 (v0.24.6)
-CVE-2016-10128 (Buffer overflow in the git_pkt_parse_line function in ...)
+CVE-2016-10128
 	- libgit2 0.25.1+really0.24.6-1 (bug #851406)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834 (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2 (v0.24.6)
-CVE-2016-10126 (Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before ...)
+CVE-2016-10126
 	NOT-FOR-US: Splunk
-CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded ...)
+CVE-2016-10125
 	NOT-FOR-US: D-Link
-CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity (XXE) ...)
+CVE-2016-10127
 	- python-pysaml2 <unfixed> (low; bug #859135)
 	[buster] - python-pysaml2 <no-dsa> (Minor issue)
 	[stretch] - python-pysaml2 <no-dsa> (Minor issue)
@@ -1862,107 +1862,107 @@ CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity (
 	NOTE: A proper fix for this issue would be to fix the underlying issue in src:libxml2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1411794#c12
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/19/5 (for the scope of the CVE)
-CVE-2016-10149 (XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier ...)
+CVE-2016-10149
 	{DSA-3759-1}
 	- python-pysaml2 3.0.0-5 (bug #850716)
 	NOTE: https://github.com/rohe/pysaml2/pull/379
 	NOTE: https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
-CVE-2016-10134 (SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before ...)
+CVE-2016-10134
 	{DSA-3802-1}
 	- zabbix 1:3.0.4+dfsg-1 (bug #850936)
 	NOTE: https://support.zabbix.com/browse/ZBX-11023
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/4
-CVE-2016-10124 (An issue was discovered in Linux Containers (LXC) before 2016-02-22. ...)
+CVE-2016-10124
 	- lxc 1:2.0.0-1
 	[jessie] - lxc <no-dsa> (Minor issue)
 	[wheezy] - lxc <no-dsa> (Minor issue)
 	NOTE: https://github.com/lxc/lxc/commit/e986ea3dfa4a2957f71ae9bfaed406dd6e1ffff6
 	NOTE: https://github.com/lxc/lxc/commit/5eacdc3dbd0e45abf3cc90cf0216a7f8ee560abf (lxc-2.0.0.rc2)
-CVE-2016-10123 (Firejail allows --chroot when seccomp is not supported, which might ...)
+CVE-2016-10123
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/a23ac1bf390fa4c3db4ea31e6ee6100a9c511d59 (0.9.38-rc1)
-CVE-2016-10122 (Firejail does not properly clean environment variables, which allows ...)
+CVE-2016-10122
 	- firejail 0.9.44.2-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/3b81e1f2c331644ced87d26a943b22eed6242b8f
 	NOTE: https://github.com/netblue30/firejail/commit/72bc0e145c67da24e555d868086953148c52b5fc
 	NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/e847207df28e181a8f590ade825b5f06d4fadf17 (0.9.44.2)
 	NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/18f6e9dc9b304f7aca291c3edce5122562b1e36c (0.9.44.2)
-CVE-2016-10121 (Firejail uses weak permissions for /dev/shm/firejail and possibly ...)
+CVE-2016-10121
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/1cab02f5ae3c90c01fae4d1c16381820b757a3a6 (0.9.38)
-CVE-2016-10120 (Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, ...)
+CVE-2016-10120
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 (0.9.38-rc1)
-CVE-2016-10119 (Firejail uses 0777 permissions when mounting /tmp, which allows local ...)
+CVE-2016-10119
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/aa28ac9e09557b833f194f594e2940919d940d1f (0.9.38)
-CVE-2016-10118 (Firejail allows local users to truncate /etc/resolv.conf via a chroot ...)
+CVE-2016-10118
 	- firejail 0.9.44.2-1 (low)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/6144229605177764b7f3f3450c1a47f56595dc9e
 	NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/8b5b444c766b8d0592346decc6ed4a6d345e4f67 (0.9.44.2)
-CVE-2016-10117 (Firejail does not restrict access to --tmpfs, which allows local users ...)
+CVE-2016-10117
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/678cd1495457318dad39178bb646ba1b96332ddb (0.9.38-rc1)
-CVE-2016-10116 (NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q ...)
+CVE-2016-10116
 	NOT-FOR-US: NETGEAR
-CVE-2016-10115 (NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q ...)
+CVE-2016-10115
 	NOT-FOR-US: NETGEAR
-CVE-2016-10114 (SQL injection vulnerability in the &quot;aWeb Cart Watching System for ...)
+CVE-2016-10114
 	NOT-FOR-US: Joomla extension
 CVE-2016-10113
 	RESERVED
-CVE-2016-10112 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
+CVE-2016-10112
 	NOT-FOR-US: WordPress plugin woocommerce
 CVE-2016-10111
 	RESERVED
 CVE-2016-10110
 	RESERVED
-CVE-2016-10108 (Unauthenticated Remote Command injection as root occurs in the Western ...)
+CVE-2016-10108
 	NOT-FOR-US: Western Digital MyCloud NAS
-CVE-2016-10107 (Unauthenticated Remote Command injection as root occurs in the Western ...)
+CVE-2016-10107
 	NOT-FOR-US: Western Digital MyCloud NAS
-CVE-2016-10106 (Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR ...)
+CVE-2016-10106
 	NOT-FOR-US: NETGEAR devices
-CVE-2016-10105 (admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections ...)
+CVE-2016-10105
 	- piwigo <removed>
-CVE-2016-10104 (Information Disclosure can occur in sshProfiles.jsd in Hitek Software's ...)
+CVE-2016-10104
 	NOT-FOR-US: Hitek
-CVE-2016-10103 (Information Disclosure can occur in encryptionProfiles.jsd in Hitek ...)
+CVE-2016-10103
 	NOT-FOR-US: Hitek
-CVE-2016-10102 (hitek.jar in Hitek Software's Automize uses weak encryption when ...)
+CVE-2016-10102
 	NOT-FOR-US: Hitek
-CVE-2016-10101 (Information Disclosure can occur in Hitek Software's Automize 10.x and ...)
+CVE-2016-10101
 	NOT-FOR-US: Hitek
-CVE-2016-10100 (Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate ...)
+CVE-2016-10100
 	- borgbackup 1.0.9-1
 	NOTE: https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability
-CVE-2016-10099 (Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic ...)
+CVE-2016-10099
 	- borgbackup 1.0.9-1
 	NOTE: https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability
-CVE-2016-10109 (Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a ...)
+CVE-2016-10109
 	{DSA-3752-1 DLA-778-1}
 	- pcsc-lite 1.8.20-1
 	NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22
 	NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=3aaab9d998b5deb16a246cc7517e44144d281d3b
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/03/2
-CVE-2016-10098 (An issue was discovered on SendQuick Entera and Avera devices before ...)
+CVE-2016-10098
 	NOT-FOR-US: SendQuick Entera and Avera devices
-CVE-2016-10097 (XML External Entity (XXE) Vulnerability in ...)
+CVE-2016-10097
 	NOT-FOR-US: OpenAM
-CVE-2016-10096 (SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 ...)
+CVE-2016-10096
 	NOT-FOR-US: GenixCMS
 CVE-2016-10090
 	RESERVED
-CVE-2016-10086 (RESTful web services in CA Service Desk Manager 12.9 and CA Service ...)
+CVE-2016-10086
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2016-10095 (Stack-based buffer overflow in the _TIFFVGetField function in ...)
+CVE-2016-10095
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-2 (bug #850316)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -1973,48 +1973,48 @@ CVE-2016-10095 (Stack-based buffer overflow in the _TIFFVGetField function in ..
 	NOTE: tiffsplit tool
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2625
 	NOTE: Fixes as per http://bugzilla.maptools.org/show_bug.cgi?id=2580
-CVE-2016-10094 (Off-by-one error in the t2p_readwrite_pdf_image_tile function in ...)
+CVE-2016-10094
 	{DSA-3762-1}
 	- tiff 4.0.7-4
 	[wheezy] - tiff <not-affected> (vulnerable code introduced later)
 	- tiff3 <not-affected> (vulnerable code introduced later)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2640
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76b0969235c
-CVE-2016-10093 (Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7 allows remote ...)
+CVE-2016-10093
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (libtiff-tools not shipped by this source package)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2610
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/787c0ee906430b772f33ca50b97b8b5ca070faec
-CVE-2016-10092 (Heap-based buffer overflow in the readContigStripsIntoBuffer function ...)
+CVE-2016-10092
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (libtiff-tools not shipped by this source package)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2620
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
-CVE-2016-10091 (Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote ...)
+CVE-2016-10091
 	- unrtf 0.21.9-clean-3 (bug #849705)
 	[jessie] - unrtf 0.21.5-3+deb8u1
 	[wheezy] - unrtf <no-dsa> (Minor issue)
 	NOTE: http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406
-CVE-2016-10085 (admin/languages.php in Piwigo through 2.8.3 allows remote authenticated ...)
+CVE-2016-10085
 	- piwigo <removed>
-CVE-2016-10084 (admin/batch_manager.php in Piwigo through 2.8.3 allows remote ...)
+CVE-2016-10084
 	- piwigo <removed>
-CVE-2016-10083 (Cross-site scripting (XSS) vulnerability in admin/plugin.php in Piwigo ...)
+CVE-2016-10083
 	- piwigo <removed>
-CVE-2016-10082 (include/functions_installer.inc.php in Serendipity through 2.0.5 is ...)
+CVE-2016-10082
 	- serendipity <removed>
-CVE-2016-10081 (/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote ...)
+CVE-2016-10081
 	- shutter 0.93.1-1.3 (bug #849777)
 	[jessie] - shutter 0.92-0.1+deb8u2
 	[wheezy] - shutter <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/shutter/+bug/1652600
 CVE-2016-10080
 	RESERVED
-CVE-2016-10079 (SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of ...)
+CVE-2016-10079
 	NOT-FOR-US: SAPlpd
 CVE-2016-10078
 	RESERVED
@@ -2022,7 +2022,7 @@ CVE-2016-10077
 	RESERVED
 CVE-2016-10076
 	RESERVED
-CVE-2016-10087 (The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before ...)
+CVE-2016-10087
 	- libpng1.6 1.6.27-1 (bug #849799)
 	- libpng <removed>
 	[jessie] - libpng 1.2.50-2+deb8u3
@@ -2031,30 +2031,30 @@ CVE-2016-10087 (The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x
 	NOTE: https://sourceforge.net/p/libpng/code/ci/243d4e5f3fe71740d52a53cf3dd77cc83a3430ba
 	NOTE: https://sourceforge.net/p/libpng/code/ci/812768d7a9c973452222d454634496b25ed415eb (libpng16)
 	NOTE: https://sourceforge.net/p/libpng/code/ci/794a15fad6add4d636369d0b46f603a02995b2e2/ (libpng12)
-CVE-2016-10075 (The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local ...)
+CVE-2016-10075
 	- tqdm 4.11.2-1 (bug #849632)
 	NOTE: https://github.com/tqdm/tqdm/issues/328
-CVE-2016-10074 (The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer ...)
+CVE-2016-10074
 	{DSA-3769-1 DLA-792-1}
 	- libphp-swiftmailer 5.4.2-1.1 (bug #849626)
 	NOTE: https://legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html
 	NOTE: https://github.com/swiftmailer/swiftmailer/issues/844
 	NOTE: Fixed by https://github.com/swiftmailer/swiftmailer/commit/e6ccf40d856af9598b76eb313b215eed25ae9e86
-CVE-2016-10073 (The from method in library/core/class.email.php in Vanilla Forums ...)
+CVE-2016-10073
 	NOT-FOR-US: Vanilla Forums
-CVE-2016-10072 (** DISPUTED ** WampServer 3.0.6 has two files called 'wampmanager.exe' ...)
+CVE-2016-10072
 	NOT-FOR-US: WampServer
-CVE-2016-10044 (The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 ...)
+CVE-2016-10044
 	- linux 4.7.8-1
 	[jessie] - linux 3.16.43-1
 	[wheezy] - linux <no-dsa> (Changes required are too invasive)
-CVE-2016-10043 (An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. The ...)
+CVE-2016-10043
 	NOT-FOR-US: Radisys MRF Web Panel
-CVE-2016-10042 (Authorization Bypass in the Web interface of Arcadyan SLT-00 Star* (aka ...)
+CVE-2016-10042
 	NOT-FOR-US: Arcadyan SLT-00 Star* devices
-CVE-2016-10041 (An issue was discovered in Sprecher Automation SPRECON-E Service ...)
+CVE-2016-10041
 	NOT-FOR-US: Sprecher Automation SPRECON-E Service
-CVE-2016-10040 (Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows ...)
+CVE-2016-10040
 	- qt4-x11 4:4.8.7+dfsg-1 (low; bug #851058)
 	[jessie] - qt4-x11 <ignored> (Minor issue)
 	[wheezy] - qt4-x11 <ignored> (Minor issue)
@@ -2062,25 +2062,25 @@ CVE-2016-10040 (Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allo
 	NOTE: CVE assignment specific to http://www.openwall.com/lists/oss-security/2016/12/24/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/24/1
 	NOTE: https://github.com/qt/qtbase/commit/f1053d94f59f053ce4acad9320df14f1fbe4faac
-CVE-2016-10039 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
+CVE-2016-10039
 	NOT-FOR-US: MODX Revolution
-CVE-2016-10038 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
+CVE-2016-10038
 	NOT-FOR-US: MODX Revolution
-CVE-2016-10037 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
+CVE-2016-10037
 	NOT-FOR-US: MODX Revolution
-CVE-2016-10036 (Unrestricted file upload vulnerability in ui/artifact/upload in JFrog ...)
+CVE-2016-10036
 	NOT-FOR-US: JFrog Artifactory
 CVE-2016-10035
 	RESERVED
-CVE-2016-10034 (The setFrom function in the Sendmail adapter in the zend-mail ...)
+CVE-2016-10034
 	- zendframework <not-affected> (Vulnerable code not present in ZF1, cf. #850215)
 	NOTE: https://framework.zend.com/security/advisory/ZF2016-04
 	NOTE: https://github.com/zendframework/zendframework/commit/7c1e89815f5a9c016f4b8088e59b07cb2bf99dc0
 	NOTE: http://legalhackers.com/advisories/ZendFramework-Exploit-ZendMail-Remote-Code-Exec-CVE-2016-10034-Vuln.html
-CVE-2016-10045 (The isMail transport in PHPMailer before 5.2.20 might allow remote ...)
+CVE-2016-10045
 	- libphp-phpmailer <not-affected> (Incomplete fix not applied)
 	NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html
-CVE-2016-10033 (The mailSend function in the isMail transport in PHPMailer before ...)
+CVE-2016-10033
 	{DSA-3750-1 DLA-770-1}
 	- libphp-phpmailer 5.2.14+dfsg-2.1 (bug #849365)
 	NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
@@ -2093,9 +2093,9 @@ CVE-2016-10033 (The mailSend function in the isMail transport in PHPMailer befor
 	NOTE: Another followup: https://github.com/PHPMailer/PHPMailer/commit/833c35fe39715c3d01934508987e97af1fbc1ba0
 CVE-2016-10032
 	RESERVED
-CVE-2016-10031 (** DISPUTED ** WampServer 3.0.6 installs two services called ...)
+CVE-2016-10031
 	NOT-FOR-US: WampServer
-CVE-2016-10030 (The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, ...)
+CVE-2016-10030
 	{DLA-921-1}
 	- slurm-llnl 16.05.8-1 (bug #850491)
 	[jessie] - slurm-llnl 14.03.9-5+deb8u1
@@ -2103,7 +2103,7 @@ CVE-2016-10030 (The _prolog_error function in slurmd/req.c in Slurm before 15.08
 	NOTE: https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee
 CVE-2016-5103
 	REJECTED
-CVE-2016-10027 (Race condition in the XMPP library in Smack before 4.1.9, when the ...)
+CVE-2016-10027
 	- libsmack-java <itp> (bug #640873)
 CVE-2016-10023
 	REJECTED
@@ -2125,12 +2125,12 @@ CVE-2016-10015
 	REJECTED
 CVE-2016-10014
 	REJECTED
-CVE-2016-9645 (The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in ...)
+CVE-2016-9645
 	- ikiwiki 3.20161229
 	[jessie] - ikiwiki <not-affected> (Incomplete fix for CVE-2016-10026 not applied)
 	[wheezy] - ikiwiki <not-affected> (Incomplete fix for CVE-2016-10026 not applied)
 	NOTE: https://ikiwiki.info/security/#cve-2016-9645
-CVE-2016-10026 (ikiwiki 3.20161219 does not properly check if a revision changes the ...)
+CVE-2016-10026
 	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20161219
 	NOTE: http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/
@@ -2138,16 +2138,16 @@ CVE-2016-10026 (ikiwiki 3.20161219 does not properly check if a revision changes
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/7
 	NOTE: When fixing this issue make sure to apply the complete correct fix to
 	NOTE: not open ikiwiki to be vulnerable for CVE-2016-9645.
-CVE-2016-10025 (VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD ...)
+CVE-2016-10025
 	- xen 4.8.0-1
 	[jessie] - xen <not-affected> (Vulnerable code introduced later)
 	[wheezy] - xen <not-affected> (Vulnerable code introduced later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-203.html
-CVE-2016-10024 (Xen through 4.8.x allows local x86 PV guest OS kernel administrators ...)
+CVE-2016-10024
 	{DSA-3847-1 DLA-783-1}
 	- xen 4.8.0-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-202.html
-CVE-2016-10028 (The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in ...)
+CVE-2016-10028
 	- qemu 1:2.10.0-1 (bug #849798; unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2158,7 +2158,7 @@ CVE-2016-10028 (The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c
 	NOTE: virtio gpu (virglrenderer) and opengl, but the affected code is
 	NOTE: still present.
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=abd7f08b2353f43274b785db8c7224f082ef4d31 (v2.9.0-rc0)
-CVE-2016-10029 (The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built ...)
+CVE-2016-10029
 	- qemu 1:2.7+dfsg-1
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2172,51 +2172,51 @@ CVE-2016-9996
 	REJECTED
 CVE-2016-9995
 	REJECTED
-CVE-2016-9994 (IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL ...)
+CVE-2016-9994
 	NOT-FOR-US: IBM
-CVE-2016-9993 (IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL ...)
+CVE-2016-9993
 	NOT-FOR-US: IBM
-CVE-2016-9992 (IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL ...)
+CVE-2016-9992
 	NOT-FOR-US: IBM
-CVE-2016-9991 (IBM Sterling Order Management 9.2 through 9.5 is vulnerable to ...)
+CVE-2016-9991
 	NOT-FOR-US: IBM
-CVE-2016-9990 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-9990
 	NOT-FOR-US: IBM
-CVE-2016-9989 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable ...)
+CVE-2016-9989
 	NOT-FOR-US: IBM
-CVE-2016-9988 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable ...)
+CVE-2016-9988
 	NOT-FOR-US: IBM
-CVE-2016-9987 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable ...)
+CVE-2016-9987
 	NOT-FOR-US: IBM
-CVE-2016-9986 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable ...)
+CVE-2016-9986
 	NOT-FOR-US: IBM
-CVE-2016-9985 (IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information ...)
+CVE-2016-9985
 	NOT-FOR-US: IBM
-CVE-2016-9984 (IBM Maximo Asset Management 7.5 and 7.6 could allow a remote ...)
+CVE-2016-9984
 	NOT-FOR-US: IBM
-CVE-2016-9983 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an ...)
+CVE-2016-9983
 	NOT-FOR-US: IBM
-CVE-2016-9982 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an ...)
+CVE-2016-9982
 	NOT-FOR-US: IBM
-CVE-2016-9981 (IBM AppScan Enterprise Edition 9.0 contains an unspecified ...)
+CVE-2016-9981
 	NOT-FOR-US: IBM
-CVE-2016-9980 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to ...)
+CVE-2016-9980
 	NOT-FOR-US: IBM
-CVE-2016-9979 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to ...)
+CVE-2016-9979
 	NOT-FOR-US: IBM
-CVE-2016-9978 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an ...)
+CVE-2016-9978
 	NOT-FOR-US: IBM
-CVE-2016-9977 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote ...)
+CVE-2016-9977
 	NOT-FOR-US: IBM
-CVE-2016-9976 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote ...)
+CVE-2016-9976
 	NOT-FOR-US: IBM
-CVE-2016-9975 (IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to ...)
+CVE-2016-9975
 	NOT-FOR-US: IBM
 CVE-2016-9974
 	RESERVED
-CVE-2016-9973 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
+CVE-2016-9973
 	NOT-FOR-US: IBM
-CVE-2016-9972 (IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain ...)
+CVE-2016-9972
 	NOT-FOR-US: IBM
 CVE-2016-9971
 	RESERVED
@@ -2226,19 +2226,19 @@ CVE-2016-9969
 	RESERVED
 CVE-2016-9968
 	RESERVED
-CVE-2016-9967 (Lack of appropriate exception handling in some receivers of the Telecom ...)
+CVE-2016-9967
 	NOT-FOR-US: Samsung
-CVE-2016-9966 (Lack of appropriate exception handling in some receivers of the Telecom ...)
+CVE-2016-9966
 	NOT-FOR-US: Samsung
-CVE-2016-9965 (Lack of appropriate exception handling in some receivers of the Telecom ...)
+CVE-2016-9965
 	NOT-FOR-US: Samsung
-CVE-2016-9962 (RunC allowed additional container processes via 'runc exec' to be ...)
+CVE-2016-9962
 	- docker.io 1.13.1~ds1-2 (bug #850952)
 	- runc 0.1.1+dfsg1-2 (bug #850951)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1012568
 	NOTE: https://github.com/docker/docker/compare/v1.12.5...v1.12.6
 	NOTE: https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5
-CVE-2016-9954 (The backtrack compilation code in the Irregex package (aka IrRegular ...)
+CVE-2016-9954
 	- chicken 4.12.0-0.2 (low; bug #851278)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
@@ -2246,19 +2246,19 @@ CVE-2016-9954 (The backtrack compilation code in the Irregex package (aka IrRegu
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/18
 	NOTE: https://github.com/ashinn/irregex/commit/a16ffc86eca15fca9e40607d41de3cea9cf868f1
 	NOTE: For chicken vulnerable code in ./irregex-core.scm
-CVE-2016-9953 (The verify_certificate function in lib/vtls/schannel.c in libcurl ...)
+CVE-2016-9953
 	- curl <not-affected> (Windows CE specific issue)
 	NOTE: https://curl.haxx.se/docs/adv_20161221C.html
-CVE-2016-9952 (The verify_certificate function in lib/vtls/schannel.c in libcurl ...)
+CVE-2016-9952
 	- curl <not-affected> (Windows CE specific issue)
 	NOTE: https://curl.haxx.se/docs/adv_20161221B.html
-CVE-2016-10008 (SQL injection vulnerability in the &quot;Content Types &gt; Content Types&quot; ...)
+CVE-2016-10008
 	NOT-FOR-US: dotCMS
-CVE-2016-10007 (SQL injection vulnerability in the &quot;Marketing &gt; Forms&quot; screen in ...)
+CVE-2016-10007
 	NOT-FOR-US: dotCMS
-CVE-2016-10006 (In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input ...)
+CVE-2016-10006
 	NOT-FOR-US: OWASP AntiSamy
-CVE-2016-10005 (Webdynpro in SAP Solman 7.1 through 7.31 allows remote attackers to ...)
+CVE-2016-10005
 	NOT-FOR-US: SAP
 CVE-2016-10004
 	RESERVED
@@ -2266,45 +2266,45 @@ CVE-2016-10001
 	RESERVED
 CVE-2016-10000
 	RESERVED
-CVE-2016-10013 (Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain ...)
+CVE-2016-10013
 	{DSA-3847-1 DLA-783-1}
 	- xen 4.8.0-1 (bug #848713)
 	NOTE: https://xenbits.xen.org/xsa/advisory-204.html
-CVE-2016-10012 (The shared memory manager (associated with pre-authentication ...)
+CVE-2016-10012
 	{DLA-1500-1}
 	- openssh 1:7.4p1-1 (low; bug #848717)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.c.diff?r1=1.165&r2=1.166
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.h.diff?r1=1.19&r2=1.20
-CVE-2016-10011 (authfile.c in sshd in OpenSSH before 7.4 does not properly consider ...)
+CVE-2016-10011
 	{DLA-1500-1}
 	- openssh 1:7.4p1-1 (low; bug #848716)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.121&r2=1.122
-CVE-2016-10010 (sshd in OpenSSH before 7.4, when privilege separation is not used, ...)
+CVE-2016-10010
 	- openssh 1:7.4p1-1 (unimportant; bug #848715)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/serverloop.c.diff?r1=1.188&r2=1.189
 	NOTE: Privilege separation is enabled in the Debian package
-CVE-2016-10009 (Untrusted search path vulnerability in ssh-agent.c in ssh-agent in ...)
+CVE-2016-10009
 	{DLA-1500-1}
 	- openssh 1:7.4p1-1 (low; bug #848714)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-agent.c.diff?r1=1.214&r2=1.215
-CVE-2016-9998 (SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability ...)
+CVE-2016-9998
 	{DLA-760-1}
 	- spip 3.1.4-2 (bug #848641)
 	[jessie] - spip 3.0.17-2+deb8u3
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
-CVE-2016-9997 (SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability ...)
+CVE-2016-9997
 	{DLA-760-1}
 	- spip 3.1.4-2 (bug #848641)
 	[jessie] - spip 3.0.17-2+deb8u3
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
-CVE-2016-10003 (Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 ...)
+CVE-2016-10003
 	- squid3 3.5.23-1 (bug #848491)
 	[jessie] - squid3 <not-affected> (Does not affect Squid versions before 3.5.0.1)
 	[wheezy] - squid3 <not-affected> (Does not affect Squid versions before 3.5.0.1)
@@ -2318,7 +2318,7 @@ CVE-2016-10003 (Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5
 	NOTE: 3.5.0.1 up to and including 3.5.22
 	NOTE: 4.0.1 up to and including 4.0.16
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1
-CVE-2016-10002 (Incorrect processing of responses to If-None-Modified HTTP conditional ...)
+CVE-2016-10002
 	{DSA-3745-1 DLA-763-1}
 	- squid3 3.5.23-1 (bug #848493)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_11.txt
@@ -2336,59 +2336,59 @@ CVE-2016-10002 (Incorrect processing of responses to If-None-Modified HTTP condi
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1
 CVE-2016-582384
 	REJECTED
-CVE-2016-9964 (redirect() in bottle.py in bottle 0.12.10 doesn't filter a &quot;\r\n&quot; ...)
+CVE-2016-9964
 	{DSA-3743-1 DLA-761-1}
 	- python-bottle 0.12.11-1 (bug #848392)
 	NOTE: Upstream bug: https://github.com/bottlepy/bottle/issues/913
 	NOTE: Upstream patch: https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54
-CVE-2016-9963 (Exim before 4.87.1 might allow remote attackers to obtain the private ...)
+CVE-2016-9963
 	{DSA-3747-1 DLA-762-1}
 	- exim4 4.88~RC6-2
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1996
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/16/1
 	NOTE: https://exim.org/static/doc/CVE-2016-9963.txt
-CVE-2016-9961 (game-music-emu before 0.6.1 mishandles unspecified integer values. ...)
+CVE-2016-9961
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9960 (game-music-emu before 0.6.1 allows local users to cause a denial of ...)
+CVE-2016-9960
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9959 (game-music-emu before 0.6.1 allows remote attackers to generate out of ...)
+CVE-2016-9959
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9958 (game-music-emu before 0.6.1 allows remote attackers to write to ...)
+CVE-2016-9958
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9957 (Stack-based buffer overflow in game-music-emu before 0.6.1. ...)
+CVE-2016-9957
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9956 (The route manager in FlightGear before 2016.4.4 allows remote ...)
+CVE-2016-9956
 	{DSA-3742-1}
 	- flightgear 1:2016.4.3+dfsg-1 (bug #848114)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/11
-CVE-2016-9951 (An issue was discovered in Apport before 2.20.4. A malicious Apport ...)
+CVE-2016-9951
 	[experimental] - apport 2.20.4-1 (bug #848213)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
 	NOTE: https://bugs.launchpad.net/apport/+bug/1648806
 	NOTE: https://donncha.is/2016/12/compromising-ubuntu-desktop/
-CVE-2016-9950 (An issue was discovered in Apport before 2.20.4. There is a path ...)
+CVE-2016-9950
 	[experimental] - apport 2.20.4-1 (bug #848213)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
 	NOTE: https://bugs.launchpad.net/apport/+bug/1648806
 	NOTE: https://donncha.is/2016/12/compromising-ubuntu-desktop/
-CVE-2016-9949 (An issue was discovered in Apport before 2.20.4. In apport/ui.py, ...)
+CVE-2016-9949
 	[experimental] - apport 2.20.4-1 (bug #848213)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
@@ -2406,30 +2406,30 @@ CVE-2016-9944
 	RESERVED
 CVE-2016-9943
 	RESERVED
-CVE-2016-9942 (Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer ...)
+CVE-2016-9942
 	{DSA-3753-1 DLA-777-1}
 	- libvncserver 0.9.11+dfsg-1 (bug #850008)
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137/commits/5fff4353f66427b467eb29e5fdc1da4f2be028bb
-CVE-2016-9941 (Heap-based buffer overflow in rfbproto.c in LibVNCClient in ...)
+CVE-2016-9941
 	{DSA-3753-1 DLA-777-1}
 	- libvncserver 0.9.11+dfsg-1 (bug #850007)
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137/commits/5418e8007c248bf9668d22a8c1fa9528149b69f2
 CVE-2016-9940
 	RESERVED
-CVE-2016-9955 (The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before ...)
+CVE-2016-9955
 	{DLA-1298-1}
 	- simplesamlphp 1.14.11-1 (low)
 	[jessie] - simplesamlphp <no-dsa> (Minor issue)
 	NOTE: https://simplesamlphp.org/security/201612-02
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/a2326d75dd14accaac162dd2cb30aaefcc1f9205
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/7
-CVE-2016-9939 (Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ...)
+CVE-2016-9939
 	{DSA-3748-1 DLA-766-1}
 	- libcrypto++ 5.6.4-5 (bug #848009)
 	NOTE: https://github.com/weidai11/cryptopp/issues/346
-CVE-2016-9932 (CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows ...)
+CVE-2016-9932
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.0~rc3-1 (bug #848081)
 	NOTE: https://xenbits.xen.org/xsa/advisory-200.html
@@ -2445,15 +2445,15 @@ CVE-2016-9926
 	RESERVED
 CVE-2016-9925
 	RESERVED
-CVE-2016-9924 (Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers ...)
+CVE-2016-9924
 	NOT-FOR-US: Zimbra
-CVE-2016-9936 (The unserialize implementation in ext/standard/var.c in PHP 7.x before ...)
+CVE-2016-9936
 	- php7.0 7.0.14-1
 	NOTE: Fixed in PHP 7.0.14 and 7.1.0
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72978
 	NOTE: Fixed by: https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9935 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP before ...)
+CVE-2016-9935
 	{DSA-3737-1 DLA-818-1}
 	- php7.0 7.0.14-1
 	- php5 <removed>
@@ -2461,7 +2461,7 @@ CVE-2016-9935 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP befo
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73631
 	NOTE: Fixed by: https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9934 (ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows ...)
+CVE-2016-9934
 	{DSA-3732-1 DLA-818-1}
 	- php7.0 7.0.13-1
 	- php5 <removed>
@@ -2469,7 +2469,7 @@ CVE-2016-9934 (ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73331
 	NOTE: Fixed by: https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9933 (Stack consumption vulnerability in the gdImageFillToBorder function in ...)
+CVE-2016-9933
 	{DSA-3751-1 DSA-3732-1 DLA-758-1}
 	- libgd2 2.2.2-29-g3c2b605-1 (bug #849038)
 	NOTE: This problem could be seen as a programmer fault but the fix is easy and
@@ -2484,20 +2484,20 @@ CVE-2016-9933 (Stack consumption vulnerability in the gdImageFillToBorder functi
 	NOTE: Fixed by: https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9937 (An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x ...)
+CVE-2016-9937
 	- asterisk <not-affected> (Introduced in 13.12.0 but fixed with first version to unstable based on 13.12.1)
 	NOTE: Vulnerability introduced in 13.12.0, but the first upload to unstable
 	NOTE: versioned as 1:13.12.1~dfsg-1 via opus.patch removed the offending
 	NOTE: function. Thus Debian was never vulnerable.
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-008.html
 	NOTE: Cf. https://bugs.debian.org/847666
-CVE-2016-9938 (An issue was discovered in Asterisk Open Source 11.x before 11.25.1, ...)
+CVE-2016-9938
 	- asterisk 1:13.13.1~dfsg-1 (bug #847668)
 	[jessie] - asterisk 1:11.13.1~dfsg-2+deb8u2
 	[wheezy] - asterisk <no-dsa> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-009.html
 	NOTE: Only applicable if a proxy is in use.
-CVE-2016-9923 (Quick Emulator (Qemu) built with the 'chardev' backend support is ...)
+CVE-2016-9923
 	- qemu 1:2.8+dfsg-1 (bug #847957)
 	[jessie] - qemu <ignored> (Minor issue; too complex to backport)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -2505,7 +2505,7 @@ CVE-2016-9923 (Quick Emulator (Qemu) built with the 'chardev' backend support is
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05597.html
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a4afa548fc6dd9842ed86639b4d37d4d1c4ad480 (v2.8.0-rc0)
-CVE-2016-9922 (The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka ...)
+CVE-2016-9922
 	{DLA-1497-1 DLA-765-1 DLA-764-1}
 	- qemu 1:2.8+dfsg-1 (bug #847960)
 	- qemu-kvm <removed>
@@ -2514,7 +2514,7 @@ CVE-2016-9922 (The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (a
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3)
 	NOTE: CVE for the "blit pitch values" issue.
 	NOTE: Should be fixed along with CVE-2014-8106
-CVE-2016-9921 (Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator ...)
+CVE-2016-9921
 	{DLA-1497-1 DLA-765-1 DLA-764-1}
 	- qemu 1:2.8+dfsg-1 (bug #847960)
 	- qemu-kvm <removed>
@@ -2522,13 +2522,13 @@ CVE-2016-9921 (Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulato
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334398
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3)
 	NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue.
-CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in &quot;packet_hexdump&quot; ...)
+CVE-2016-9918
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
-CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in &quot;read_n&quot; function in ...)
+CVE-2016-9917
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
@@ -2536,93 +2536,93 @@ CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in &quot;read_n&quo
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9906
 	REJECTED
-CVE-2016-9905 (A potentially exploitable crash in &quot;EnumerateSubDocuments&quot; while ...)
+CVE-2016-9905
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox <not-affected> (Only affects Firefox 45 ESR series)
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9905
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9905
-CVE-2016-9904 (An attacker could use a JavaScript Map/Set timing attack to determine ...)
+CVE-2016-9904
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9904
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9904
-CVE-2016-9903 (Mozilla's add-ons SDK had a world-accessible resource with an HTML ...)
+CVE-2016-9903
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9903
-CVE-2016-9902 (The Pocket toolbar button, once activated, listens for events fired ...)
+CVE-2016-9902
 	{DSA-3734-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9902
-CVE-2016-9901 (HTML tags received from the Pocket server will be processed without ...)
+CVE-2016-9901
 	{DSA-3734-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9901
-CVE-2016-9900 (External resources that should be blocked when loaded by SVG images ...)
+CVE-2016-9900
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9900
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9900
-CVE-2016-9899 (Use-after-free while manipulating DOM events and removing audio ...)
+CVE-2016-9899
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9899
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9899
-CVE-2016-9898 (Use-after-free resulting in potentially exploitable crash when ...)
+CVE-2016-9898
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9898
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9898
-CVE-2016-9897 (Memory corruption resulting in a potentially exploitable crash during ...)
+CVE-2016-9897
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9897
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9897
-CVE-2016-9896 (Use-after-free while manipulating the &quot;navigator&quot; object within WebVR. ...)
+CVE-2016-9896
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9896
-CVE-2016-9895 (Event handlers on &quot;marquee&quot; elements were executed despite a strict ...)
+CVE-2016-9895
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9895
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9895
-CVE-2016-9894 (A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated ...)
+CVE-2016-9894
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9894
-CVE-2016-9893 (Memory safety bugs were reported in Thunderbird 45.5. Some of these ...)
+CVE-2016-9893
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9893
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9893
-CVE-2016-9892 (The esets_daemon service in ESET Endpoint Antivirus for macOS before ...)
+CVE-2016-9892
 	NOT-FOR-US: ESET
-CVE-2016-9891 (Cross-site scripting (XSS) vulnerability in admin/media.php and ...)
+CVE-2016-9891
 	- dotclear <removed>
 CVE-2016-9890
 	RESERVED
-CVE-2016-9889 (Some forms with the parameter geo_zoomlevel_to_found_location in Tiki ...)
+CVE-2016-9889
 	NOT-FOR-US: Tiki Wiki
-CVE-2016-9888 (An error within the &quot;tar_directory_for_file()&quot; function ...)
+CVE-2016-9888
 	{DLA-740-1}
 	- libgsf 1.14.41-1
 	[jessie] - libgsf <no-dsa> (Minor issue)
@@ -2631,22 +2631,22 @@ CVE-2016-9887
 	RESERVED
 CVE-2016-9886
 	REJECTED
-CVE-2016-9885 (An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior ...)
+CVE-2016-9885
 	NOT-FOR-US: Pivotal GemFire for PCF
 CVE-2016-9884
 	REJECTED
 CVE-2016-9883
 	REJECTED
-CVE-2016-9882 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2016-9882
 	NOT-FOR-US: Cloud Foundry Foundation cf-release
 CVE-2016-9881
 	REJECTED
-CVE-2016-9880 (The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x ...)
+CVE-2016-9880
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-9879 (An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x ...)
+CVE-2016-9879
 	- libspring-security-java <itp> (bug #582181)
 	NOTE: https://pivotal.io/security/cve-2016-9879
-CVE-2016-9878 (An issue was discovered in Pivotal Spring Framework before 3.2.18, ...)
+CVE-2016-9878
 	- libspring-java 4.3.5-1 (bug #849167)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
@@ -2655,7 +2655,7 @@ CVE-2016-9878 (An issue was discovered in Pivotal Spring Framework before 3.2.18
 	NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/43bf008fbcd0d7945e2fcd5e30039bc4d74c7a98 (4.2.x branch)
 	NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/a7dc48534ea501525f11369d369178a60c2f47d0 (3.2.x branch)
 	NOTE: https://jira.spring.io/browse/SPR-14946
-CVE-2016-9877 (An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x ...)
+CVE-2016-9877
 	{DSA-3761-1}
 	- rabbitmq-server 3.6.6-1 (bug #849849)
 	[wheezy] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
@@ -2668,34 +2668,34 @@ CVE-2016-9875
 	REJECTED
 CVE-2016-9874
 	REJECTED
-CVE-2016-9873 (EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a ...)
+CVE-2016-9873
 	NOT-FOR-US: EMC Documentum
-CVE-2016-9872 (EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has ...)
+CVE-2016-9872
 	NOT-FOR-US: EMC Documentum
-CVE-2016-9871 (EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC ...)
+CVE-2016-9871
 	NOT-FOR-US: EMC Isilon
-CVE-2016-9870 (EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC ...)
+CVE-2016-9870
 	NOT-FOR-US: EMC
-CVE-2016-9869 (An issue was discovered in EMC ScaleIO versions before 2.0.1.1. ...)
+CVE-2016-9869
 	NOT-FOR-US: EMC ScaleIO
-CVE-2016-9868 (An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A ...)
+CVE-2016-9868
 	NOT-FOR-US: EMC ScaleIO
-CVE-2016-9867 (An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A ...)
+CVE-2016-9867
 	NOT-FOR-US: EMC ScaleIO
-CVE-2016-9919 (The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through ...)
+CVE-2016-9919
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=189851
 	NOTE: Fixed by: https://git.kernel.org/linus/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 (v4.9-rc8)
-CVE-2016-9912 (Quick Emulator (Qemu) built with the Virtio GPU Device emulator ...)
+CVE-2016-9912
 	- qemu 1:2.8+dfsg-1 (bug #847391)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/12
-CVE-2016-9916 (Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows ...)
+CVE-2016-9916
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[wheezy] - qemu <no-dsa> (Minor issue, virtfs-proxy-helper not present)
@@ -2705,7 +2705,7 @@ CVE-2016-9916 (Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) al
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=898ae90a44551d25b8e956fd87372d303c82fe68 (v2.8.0-rc2)
 	NOTE: Proxy filesystem driver introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=4c793dda22213a7aba8e4d9a814e8f368a5f8bf7 (v1.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-CVE-2016-9915 (Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows ...)
+CVE-2016-9915
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[wheezy] - qemu <no-dsa> (handle driver not included during compilation)
@@ -2716,7 +2716,7 @@ CVE-2016-9915 (Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) a
 	NOTE: handle based fs driver introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=5f5422258e1f50f871bafcc5bfb2b498f414a310 (v1.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
 	NOTE: proxy driver not included during compilation in wheezy, see debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
-CVE-2016-9914 (Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local ...)
+CVE-2016-9914
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[wheezy] - qemu <no-dsa> (proxy and handle drivers not included during compilation)
@@ -2727,7 +2727,7 @@ CVE-2016-9914 (Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows l
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
 	NOTE: proxy and handle drivers not included during compilation in wheezy, so the cleanup function is never implemented:
 	NOTE: see debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
-CVE-2016-9913 (Memory leak in the v9fs_device_unrealize_common function in ...)
+CVE-2016-9913
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2735,13 +2735,13 @@ CVE-2016-9913 (Memory leak in the v9fs_device_unrealize_common function in ...)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4774718e5c194026ba5ee7a28d9be49be3080e42 (v2.8.0-rc2)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-CVE-2016-9911 (Quick Emulator (Qemu) built with the USB EHCI Emulation support is ...)
+CVE-2016-9911
 	{DLA-1497-1 DLA-765-1 DLA-764-1}
 	- qemu 1:2.8+dfsg-1 (bug #847951)
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=791f97758e223de3290592d169f (v2.8.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/10
-CVE-2016-9907 (Quick Emulator (Qemu) built with the USB redirector usb-guest support ...)
+CVE-2016-9907
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847953)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2751,59 +2751,59 @@ CVE-2016-9907 (Quick Emulator (Qemu) built with the USB redirector usb-guest sup
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=07b026fd82d6cf11baf7d7c603c4f5f6070b35bf
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/3
 	NOTE: Leakage introduced after 1.2.50: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3f6e1b106abcf6b8cf487ac8f8e5fc2fd86776
-CVE-2016-9908 (Quick Emulator (Qemu) built with the Virtio GPU Device emulator ...)
+CVE-2016-9908
 	- qemu 1:2.8+dfsg-1 (bug #847400)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00059.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/2
-CVE-2016-9920 (steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before ...)
+CVE-2016-9920
 	{DLA-737-1}
 	- roundcube 1.2.3+dfsg.1-1 (bug #847287)
 	NOTE: https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
 	NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/f84233785ddeed01445fc855f3ae1e8a62f167e1
 	NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/aa6bf38843f51a0fc7205acc98a7b84f3c4c9c4f
-CVE-2016-9910 (The serializer in html5lib before 0.99999999 might allow remote ...)
+CVE-2016-9910
 	- html5lib 0.999999999-1
 	[jessie] - html5lib <no-dsa> (Minor issue)
 	[wheezy] - html5lib <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/html5lib/html5lib-python/commit/9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7
 	NOTE: https://www.sourceclear.com/registry/security/cross-site-scripting-xss-/python/sid-3068
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/5
-CVE-2016-9909 (The serializer in html5lib before 0.99999999 might allow remote ...)
+CVE-2016-9909
 	- html5lib 0.999999999-1
 	[jessie] - html5lib <no-dsa> (Minor issue)
 	[wheezy] - html5lib <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/html5lib/html5lib-python/commit/9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7
 	NOTE: https://www.sourceclear.com/registry/security/cross-site-scripting-xss-/python/sid-3068
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/5
-CVE-2016-9839 (In MapServer before 7.0.3, OGR driver error messages are too verbose ...)
+CVE-2016-9839
 	{DLA-734-1}
 	- mapserver 7.0.3-1
 	[jessie] - mapserver 6.4.1-5+deb8u1
 	NOTE: https://lists.osgeo.org/pipermail/mapserver-dev/2016-December/014979.html
 	NOTE: https://github.com/mapserver/mapserver/pull/4928
 	NOTE: https://github.com/mapserver/mapserver/pull/5356
-CVE-2016-9838 (An issue was discovered in components/com_users/models/registration.php ...)
+CVE-2016-9838
 	NOT-FOR-US: Joomla!
-CVE-2016-9837 (An issue was discovered in ...)
+CVE-2016-9837
 	NOT-FOR-US: Joomla!
-CVE-2016-9836 (The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! ...)
+CVE-2016-9836
 	NOT-FOR-US: Joomla!
-CVE-2016-9835 (Directory traversal vulnerability in file &quot;jcss.php&quot; in Zikula 1.3.x ...)
+CVE-2016-9835
 	NOT-FOR-US: Zikula
-CVE-2016-9834 (An XSS vulnerability allows remote attackers to execute arbitrary ...)
+CVE-2016-9834
 	NOT-FOR-US: Sophos
 CVE-2016-9833
 	RESERVED
-CVE-2016-9832 (PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows ...)
+CVE-2016-9832
 	NOT-FOR-US: ACE-ABAP
 CVE-2016-9805
 	RESERVED
-CVE-2016-9796 (Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs ...)
+CVE-2016-9796
 	NOT-FOR-US: Alcatel-Lucent OmniVista
-CVE-2016-9795 (The casrvc program in CA Common Services, as used in CA Client ...)
+CVE-2016-9795
 	NOT-FOR-US: CA Common Services
 CVE-2016-9792
 	REJECTED
@@ -2833,7 +2833,7 @@ CVE-2016-9780
 	REJECTED
 CVE-2016-9779
 	REJECTED
-CVE-2016-9778 (An error in handling certain queries can cause an assertion failure ...)
+CVE-2016-9778
 	- bind9 <not-affected> (Only Supported Preview Edition/Subscription Edition and 9.11.x)
 	NOTE: https://kb.isc.org/article/AA-01442/0
 CVE-2016-9771
@@ -2864,21 +2864,21 @@ CVE-2016-9759
 	REJECTED
 CVE-2016-9758
 	REJECTED
-CVE-2016-9757 (In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user ...)
+CVE-2016-9757
 	NOT-FOR-US: Rapid7 Nexpose
-CVE-2016-9846 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator ...)
+CVE-2016-9846
 	- qemu 1:2.8+dfsg-1 (bug #847382)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00029.html
-CVE-2016-9845 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator ...)
+CVE-2016-9845
 	- qemu 1:2.8+dfsg-1 (bug #847381)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html
-CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow ...)
+CVE-2016-9843
 	- zlib 1:1.2.8.dfsg-3 (bug #847275)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2886,7 +2886,7 @@ CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow ...)
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow ...)
+CVE-2016-9842
 	- zlib 1:1.2.8.dfsg-3 (bug #847274)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2894,7 +2894,7 @@ CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow .
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers to ...)
+CVE-2016-9841
 	- zlib 1:1.2.8.dfsg-4 (bug #847270)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2902,7 +2902,7 @@ CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers t
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9840 (inftrees.c in zlib 1.2.8 might allow context-dependent attackers to ...)
+CVE-2016-9840
 	- zlib 1:1.2.8.dfsg-3 (bug #847270)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2910,7 +2910,7 @@ CVE-2016-9840 (inftrees.c in zlib 1.2.8 might allow context-dependent attackers
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9844 (Buffer overflow in the zi_short function in zipinfo.c in Info-Zip ...)
+CVE-2016-9844
 	{DLA-741-1}
 	- unzip 6.0-21 (bug #847486)
 	[jessie] - unzip 6.0-16+deb8u3
@@ -2920,54 +2920,54 @@ CVE-2016-9844 (Buffer overflow in the zi_short function in zipinfo.c in Info-Zip
 CVE-2016-XXXX [tiffcrop: divide-by-zero in readSeparateStripsIntoBuffer when BitsPerSample is missing]
 	- tiff 4.0.7-2 (unimportant; bug #846838)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2619
-CVE-2016-9831 (Heap-based buffer overflow in the parseSWF_RGBA function in parser.c ...)
+CVE-2016-9831
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-parseswf_rgba-parser-c
-CVE-2016-9830 (The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows ...)
+CVE-2016-9830
 	{DSA-3746-1}
 	- graphicsmagick 1.3.25-6 (bug #847055)
 	[wheezy] - graphicsmagick <no-dsa> (fix too intrusive, depends on jan 15th magickresources changes)
 	NOTE: upstream patch requires major refactor from jan 2015, see https://lists.debian.org/87inpe4wgu.fsf@curie.anarc.at
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c
 	NOTE: POC: https://github.com/asarubbo/poc/blob/master/00096-graphicsmagick-memalloc-MagickRealloc
-CVE-2016-9829 (Heap-based buffer overflow in the parseSWF_DEFINEFONT function in ...)
+CVE-2016-9829
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-parseswf_definefont-parser-c
-CVE-2016-9828 (The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 ...)
+CVE-2016-9828
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-null-pointer-dereference-in-dumpbuffer-read-c
-CVE-2016-9827 (The _iprintf function in outputtxt.c in the listswf tool in libming ...)
+CVE-2016-9827
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-_iprintf-outputtxt-c
-CVE-2016-9826 (libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause ...)
+CVE-2016-9826
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00041-libav-leftshift-ituh263dec_c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=985
-CVE-2016-9825 (libswscale/utils.c in libav 11.8 allows remote attackers to cause a ...)
+CVE-2016-9825
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00040-libav-leftshift-utils_c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=984
-CVE-2016-9824 (Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows ...)
+CVE-2016-9824
 	- libav <removed>
 	[jessie] - libav <no-dsa> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00039-libav-signedintoverflow-swscale_c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=983
-CVE-2016-9823 (libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to ...)
+CVE-2016-9823
 	- libav <removed>
 	[jessie] - libav <no-dsa> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00038-libav-uint8_t64-outofbounds-mpegvideo
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=982
-CVE-2016-9822 (Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote ...)
+CVE-2016-9822
 	{DSA-3833-1 DLA-791-1}
 	- libav <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
@@ -2975,7 +2975,7 @@ CVE-2016-9822 (Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows r
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33 (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0 (pre 11.9)
-CVE-2016-9821 (Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows ...)
+CVE-2016-9821
 	{DSA-3833-1 DLA-791-1}
 	- libav <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
@@ -2983,7 +2983,7 @@ CVE-2016-9821 (Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 a
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33 (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0 (pre 11.9)
-CVE-2016-9820 (libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to ...)
+CVE-2016-9820
 	{DLA-791-1}
 	- libav <removed> (unimportant)
 	[jessie] - libav <not-affected> (The fixing patches are included in the upstream version)
@@ -2992,7 +2992,7 @@ CVE-2016-9820 (libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attacke
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3 (pre 11.9)
-CVE-2016-9819 (libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause ...)
+CVE-2016-9819
 	{DLA-791-1}
 	- libav <removed> (unimportant)
 	[jessie] - libav <not-affected> (The fixing patches are included in the upstream version)
@@ -3001,32 +3001,32 @@ CVE-2016-9819 (libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3 (pre 11.9)
-CVE-2016-9818 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
+CVE-2016-9818
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-4.patch
-CVE-2016-9817 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
+CVE-2016-9817
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-3.patch
 	NOTE: or https://xenbits.xen.org/xsa/xsa201-3-4.7.patch
-CVE-2016-9816 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
+CVE-2016-9816
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-2.patch
-CVE-2016-9815 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
+CVE-2016-9815
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-1.patch
-CVE-2016-9814 (The validateSignature method in the SAML2\Utils class in SimpleSAMLphp ...)
+CVE-2016-9814
 	{DLA-1298-1}
 	- simplesamlphp 1.14.10-1 (low)
 	[jessie] - simplesamlphp <no-dsa> (Minor issue)
@@ -3035,28 +3035,28 @@ CVE-2016-9814 (The validateSignature method in the SAML2\Utils class in SimpleSA
 	NOTE: https://github.com/simplesamlphp/saml2/commit/7008b0916426212c1cc2fc238b38ab9ebff0748c
 	NOTE: only exploitable in hard to achieve conditions
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/03/5
-CVE-2016-9754 (The ring_buffer_resize function in kernel/trace/ring_buffer.c in the ...)
+CVE-2016-9754
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/59643d1535eb220668692a5359de22545af579f6 (v4.7-rc1)
 CVE-2016-9753
 	RESERVED
-CVE-2016-9752 (In Serendipity before 2.0.5, an attacker can bypass SSRF protection by ...)
+CVE-2016-9752
 	- serendipity <removed>
-CVE-2016-9751 (Cross-site scripting (XSS) vulnerability in the search results front ...)
+CVE-2016-9751
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2016-9750 (IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text ...)
+CVE-2016-9750
 	NOT-FOR-US: IBM
-CVE-2016-9749 (IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated ...)
+CVE-2016-9749
 	NOT-FOR-US: IBM
-CVE-2016-9748 (IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive ...)
+CVE-2016-9748
 	NOT-FOR-US: IBM
-CVE-2016-9747 (IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-9747
 	NOT-FOR-US: IBM
-CVE-2016-9746 (IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site ...)
+CVE-2016-9746
 	NOT-FOR-US: IBM
 CVE-2016-9745
 	RESERVED
@@ -3068,105 +3068,105 @@ CVE-2016-9742
 	RESERVED
 CVE-2016-9741
 	RESERVED
-CVE-2016-9740 (IBM QRadar 7.2 could allow a remote attacker to consume all resources ...)
+CVE-2016-9740
 	NOT-FOR-US: IBM
-CVE-2016-9739 (IBM Security Identity Manager Virtual Appliance stores user ...)
+CVE-2016-9739
 	NOT-FOR-US: IBM
-CVE-2016-9738 (IBM QRadar 7.2 and 7.3 does not require that users should have strong ...)
+CVE-2016-9738
 	NOT-FOR-US: IBM
-CVE-2016-9737 (IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. ...)
+CVE-2016-9737
 	NOT-FOR-US: IBM
-CVE-2016-9736 (IBM WebSphere Application Server using malformed SOAP requests could ...)
+CVE-2016-9736
 	NOT-FOR-US: IBM
-CVE-2016-9735 (IBM Jazz Foundation could allow an authenticated user to obtain ...)
+CVE-2016-9735
 	NOT-FOR-US: IBM
 CVE-2016-9734
 	RESERVED
-CVE-2016-9733 (IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site ...)
+CVE-2016-9733
 	NOT-FOR-US: IBM
-CVE-2016-9732 (IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is ...)
+CVE-2016-9732
 	NOT-FOR-US: IBM
-CVE-2016-9731 (IBM Business Process Manager is vulnerable to cross-site scripting. ...)
+CVE-2016-9731
 	NOT-FOR-US: IBM
-CVE-2016-9730 (IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request ...)
+CVE-2016-9730
 	NOT-FOR-US: IBM
-CVE-2016-9729 (IBM QRadar 7.2 does not perform an authentication check for a critical ...)
+CVE-2016-9729
 	NOT-FOR-US: IBM
-CVE-2016-9728 (IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could ...)
+CVE-2016-9728
 	NOT-FOR-US: IBM
-CVE-2016-9727 (IBM QRadar 7.2 could allow a remote authenticated attacker to execute ...)
+CVE-2016-9727
 	NOT-FOR-US: IBM
-CVE-2016-9726 (IBM QRadar Incident Forensics 7.2 could allow a remote authenticated ...)
+CVE-2016-9726
 	NOT-FOR-US: IBM
-CVE-2016-9725 (IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource ...)
+CVE-2016-9725
 	NOT-FOR-US: IBM
-CVE-2016-9724 (IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML ...)
+CVE-2016-9724
 	NOT-FOR-US: IBM
-CVE-2016-9723 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This ...)
+CVE-2016-9723
 	NOT-FOR-US: IBM
-CVE-2016-9722 (IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical ...)
+CVE-2016-9722
 	NOT-FOR-US: IBM QRadar
 CVE-2016-9721
 	RESERVED
-CVE-2016-9720 (IBM QRadar 7.2 discloses sensitive information to unauthorized users. ...)
+CVE-2016-9720
 	NOT-FOR-US: IBM
-CVE-2016-9719 (IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, ...)
+CVE-2016-9719
 	NOT-FOR-US: IBM
-CVE-2016-9718 (IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, ...)
+CVE-2016-9718
 	NOT-FOR-US: IBM
-CVE-2016-9717 (HTTP Parameter Override is identified in the IBM Infosphere Master ...)
+CVE-2016-9717
 	NOT-FOR-US: IBM
-CVE-2016-9716 (IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, ...)
+CVE-2016-9716
 	NOT-FOR-US: IBM
-CVE-2016-9715 (IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, ...)
+CVE-2016-9715
 	NOT-FOR-US: IBM
-CVE-2016-9714 (IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, ...)
+CVE-2016-9714
 	NOT-FOR-US: IBM
 CVE-2016-9713
 	RESERVED
 CVE-2016-9712
 	RESERVED
-CVE-2016-9711 (IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) ...)
+CVE-2016-9711
 	NOT-FOR-US: IBM
-CVE-2016-9710 (IBM Predictive Solutions Foundation (formerly PMQ) could allow a ...)
+CVE-2016-9710
 	NOT-FOR-US: IBM
 CVE-2016-9709
 	RESERVED
 CVE-2016-9708
 	RESERVED
-CVE-2016-9707 (IBM Jazz Foundation is vulnerable to a denial of service, caused by an ...)
+CVE-2016-9707
 	NOT-FOR-US: IBM
-CVE-2016-9706 (IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP ...)
+CVE-2016-9706
 	NOT-FOR-US: IBM
 CVE-2016-9705
 	RESERVED
-CVE-2016-9704 (IBM Security Identity Manager Virtual Appliance is vulnerable to ...)
+CVE-2016-9704
 	NOT-FOR-US: IBM
-CVE-2016-9703 (IBM Security Identity Manager Virtual Appliance does not invalidate ...)
+CVE-2016-9703
 	NOT-FOR-US: IBM
 CVE-2016-9702
 	RESERVED
-CVE-2016-9701 (IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site ...)
+CVE-2016-9701
 	NOT-FOR-US: IBM
-CVE-2016-9700 (IBM Jazz Foundation could allow an authenticated attacker to obtain ...)
+CVE-2016-9700
 	NOT-FOR-US: IBM
 CVE-2016-9699
 	RESERVED
-CVE-2016-9698 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of ...)
+CVE-2016-9698
 	NOT-FOR-US: IBM
-CVE-2016-9697 (An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 ...)
+CVE-2016-9697
 	NOT-FOR-US: IBM
-CVE-2016-9696 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A ...)
+CVE-2016-9696
 	NOT-FOR-US: IBM
 CVE-2016-9695
 	RESERVED
-CVE-2016-9694 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site ...)
+CVE-2016-9694
 	NOT-FOR-US: IBM
-CVE-2016-9693 (IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download ...)
+CVE-2016-9693
 	NOT-FOR-US: IBM
-CVE-2016-9692 (IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to ...)
+CVE-2016-9692
 	NOT-FOR-US: IBM
-CVE-2016-9691 (IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a ...)
+CVE-2016-9691
 	NOT-FOR-US: IBM
 CVE-2016-9690
 	REJECTED
@@ -3176,69 +3176,69 @@ CVE-2016-9688
 	REJECTED
 CVE-2016-9687
 	REJECTED
-CVE-2016-9686 (The Puppet Communications Protocol (PCP) Broker incorrectly validates ...)
+CVE-2016-9686
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in &quot;commands_dump&quot; ...)
+CVE-2016-9804
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9803 (In BlueZ 5.42, an out-of-bounds read was observed in &quot;le_meta_ev_dump&quot; ...)
+CVE-2016-9803
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9802 (In BlueZ 5.42, a buffer over-read was identified in &quot;l2cap_packet&quot; ...)
+CVE-2016-9802
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
-CVE-2016-9801 (In BlueZ 5.42, a buffer overflow was observed in &quot;set_ext_ctrl&quot; ...)
+CVE-2016-9801
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9800 (In BlueZ 5.42, a buffer overflow was observed in &quot;pin_code_reply_dump&quot; ...)
+CVE-2016-9800
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9799 (In BlueZ 5.42, a buffer overflow was observed in &quot;pklg_read_hci&quot; ...)
+CVE-2016-9799
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
-CVE-2016-9798 (In BlueZ 5.42, a use-after-free was identified in &quot;conf_opt&quot; function ...)
+CVE-2016-9798
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9797 (In BlueZ 5.42, a buffer over-read was observed in &quot;l2cap_dump&quot; function ...)
+CVE-2016-9797
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9794 (Race condition in the snd_pcm_period_elapsed function in ...)
+CVE-2016-9794
 	{DLA-772-1}
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://patchwork.kernel.org/patch/8752621/
 	NOTE: Fixed by: https://git.kernel.org/linus/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4 (v4.7-rc1)
 	NOTE: http://seclists.org/oss-sec/2016/q4/576
-CVE-2016-9793 (The sock_setsockopt function in net/core/sock.c in the Linux kernel ...)
+CVE-2016-9793
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290
-CVE-2016-9775 (The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 ...)
+CVE-2016-9775
 	{DSA-3739-1 DSA-3738-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.5.8-2 (bug #845385)
 	- tomcat7 7.0.72-3
@@ -3246,7 +3246,7 @@ CVE-2016-9775 (The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5
-CVE-2016-9774 (The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 ...)
+CVE-2016-9774
 	{DSA-3739-1 DSA-3738-1 DLA-753-1 DLA-746-1}
 	- tomcat8 8.5.8-2 (bug #845393)
 	- tomcat7 7.0.72-3
@@ -3254,7 +3254,7 @@ CVE-2016-9774 (The postinst script in the tomcat6 package before 6.0.45+dfsg-1~d
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5
-CVE-2016-9777 (KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does ...)
+CVE-2016-9777
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -3262,7 +3262,7 @@ CVE-2016-9777 (KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled,
 	NOTE: Fixed by: https://git.kernel.org/linus/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755 (v4.9-rc7)
 	NOTE: Introduced in: https://git.kernel.org/linus/af1bae5497b98cb99d6b0492e6981f060420a00c (v4.8-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/2
-CVE-2016-9776 (QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet ...)
+CVE-2016-9776
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #846797)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -3270,35 +3270,35 @@ CVE-2016-9776 (QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet .
 	[wheezy] - qemu-kvm <not-affected> (Coldfire is not emulated by kvm)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05324.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400829
-CVE-2016-9756 (arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not ...)
+CVE-2016-9756
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400468
 	NOTE: Fixed by: https://git.kernel.org/linus/2117d5398c81554fbf803f5fd1dc55eb78216c0c
-CVE-2016-9755 (The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 ...)
+CVE-2016-9755
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa (v4.9-rc8)
 	NOTE: https://groups.google.com/forum/#!topic/syzkaller/GFbGpX7nTEo
-CVE-2016-9684 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is ...)
+CVE-2016-9684
 	NOT-FOR-US: SonicWall
-CVE-2016-9683 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is ...)
+CVE-2016-9683
 	NOT-FOR-US: SonicWall
-CVE-2016-9682 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is ...)
+CVE-2016-9682
 	NOT-FOR-US: SonicWall
-CVE-2016-9681 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity ...)
+CVE-2016-9681
 	- serendipity <removed>
-CVE-2016-9680 (Citrix Provisioning Services before 7.12 allows attackers to obtain ...)
+CVE-2016-9680
 	NOT-FOR-US: Citrix
-CVE-2016-9679 (Citrix Provisioning Services before 7.12 allows attackers to execute ...)
+CVE-2016-9679
 	NOT-FOR-US: Citrix
-CVE-2016-9678 (Use-after-free vulnerability in Citrix Provisioning Services before ...)
+CVE-2016-9678
 	NOT-FOR-US: Citrix
-CVE-2016-9677 (Citrix Provisioning Services before 7.12 allows attackers to obtain ...)
+CVE-2016-9677
 	NOT-FOR-US: Citrix
-CVE-2016-9676 (Buffer overflow in Citrix Provisioning Services before 7.12 allows ...)
+CVE-2016-9676
 	NOT-FOR-US: Citrix
 CVE-2016-9674
 	REJECTED
@@ -3349,17 +3349,17 @@ CVE-2016-9652
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-9651 (A missing check for whether a property of a JS object is private in V8 ...)
+CVE-2016-9651
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-9650 (Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and ...)
+CVE-2016-9650
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-9772 (OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive ...)
+CVE-2016-9772
 	{DLA-733-1}
 	- openafs 1.6.20-1 (bug #846922)
 	[jessie] - openafs 1.6.9-2+deb8u6
@@ -3367,7 +3367,7 @@ CVE-2016-9772 (OpenAFS 1.6.19 and earlier allows remote attackers to obtain sens
 	NOTE: Upstream patch: https://www.openafs.org/pages/security/openafs-sa-2016-003-master.patch (master)
 	NOTE: Upstream patch: https://www.openafs.org/pages/security/openafs-sa-2016-003.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/01/12
-CVE-2016-9685 (Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the ...)
+CVE-2016-9685
 	- linux 4.5.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux 3.2.81-1
@@ -3378,24 +3378,24 @@ CVE-2016-9648
 	REJECTED
 CVE-2016-9647
 	REJECTED
-CVE-2016-9646 (ikiwiki before 3.20161229 incorrectly called the ...)
+CVE-2016-9646
 	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20161229
 	NOTE: https://ikiwiki.info/security/#cve-2016-9646
-CVE-2016-9643 (The regex code in Webkit 2.4.11 allows remote attackers to cause a ...)
+CVE-2016-9643
 	- webkitgtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/26/2
-CVE-2016-9642 (JavaScriptCore in WebKit allows attackers to cause a denial of service ...)
+CVE-2016-9642
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
 CVE-2016-9641
 	RESERVED
 CVE-2016-9640
 	RESERVED
-CVE-2016-9638 (In BMC Patrol before 9.13.10.02, the binary &quot;listguests64&quot; is ...)
+CVE-2016-9638
 	NOT-FOR-US: BMC Patrol
-CVE-2016-9637 (The (1) ioport_read and (2) ioport_write functions in Xen, when qemu ...)
+CVE-2016-9637
 	{DLA-1270-1}
 	- qemu <not-affected> (Vulnerability specific to Xen)
 	- qemu-kvm <not-affected> (Vulnerability specific to Xen)
@@ -3430,21 +3430,21 @@ CVE-2016-9608
 	REJECTED
 CVE-2016-9607
 	REJECTED
-CVE-2016-9606 (JBoss RESTEasy before version 3.1.2 could be forced into parsing a ...)
+CVE-2016-9606
 	- resteasy 3.1.4-1 (bug #851430)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <unfixed>
 	NOTE: See CVE-2018-1051 to address original incomplete fix for CVE-2016-9606
-CVE-2016-9605 (A flaw was found in cobbler software component version 2.6.11-1. It ...)
+CVE-2016-9605
 	- cobbler <removed> (bug #858844)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1433950
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1399333
-CVE-2016-9604 (It was discovered in the Linux kernel before 4.11-rc8 that root can ...)
+CVE-2016-9604
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ee8f844e3c5a73b999edf733df1c529d6503ec2f
-CVE-2016-9603 (A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA ...)
+CVE-2016-9603
 	{DLA-1497-1 DLA-1270-1 DLA-1035-1 DLA-939-1}
 	- qemu 1:2.8+dfsg-4 (bug #857744)
 	- qemu-kvm <removed>
@@ -3453,7 +3453,7 @@ CVE-2016-9603 (A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx
 	NOTE: https://xenbits.xen.org/xsa/advisory-211.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/14/2
 	NOTE: Upstream patch http://git.qemu-project.org/?p=qemu.git;a=commit;h=50628d3479e4f9aa97e323506856e394fe7ad7a6
-CVE-2016-9602 (Qemu before version 2.9 is vulnerable to an improper link following ...)
+CVE-2016-9602
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-3 (bug #853006)
 	- qemu-kvm <removed>
@@ -3465,65 +3465,65 @@ CVE-2016-9602 (Qemu before version 2.9 is vulnerable to an improper link followi
 	NOTE: If fixing this issue for older suites, then make sure not to open the
 	NOTE: CVE-2017-7471 vulnerability and apply as well 9c6b899f7a46893ab3b671e341a2234e9c0c060e
 	NOTE: See further details in the CVE-2017-7471 tracker entry.
-CVE-2016-9601 (ghostscript before version 9.21 is vulnerable to a heap based buffer ...)
+CVE-2016-9601
 	{DSA-3817-1 DLA-874-1}
 	- jbig2dec 0.13-4 (bug #850497)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697457
 	NOTE: Patch: http://git.ghostscript.com/?p=jbig2dec.git;a=commitdiff;h=e698d5c11d27212aa1098bc5b1673a3378563092
-CVE-2016-9600 (JasPer before version 2.0.10 is vulnerable to a null pointer ...)
+CVE-2016-9600
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/109
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/a632c6b54bd4ffc3bebab420e00b7e7688aa3846
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-9599 (puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an ...)
+CVE-2016-9599
 	NOT-FOR-US: puppet-tripleo
-CVE-2016-9598 (libxml2, as used in Red Hat JBoss Core Services, allows ...)
+CVE-2016-9598
 	- libxml2 <not-affected> (Red Hat specific security regressions)
-CVE-2016-9597 (It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 ...)
+CVE-2016-9597
 	- libxml2 <not-affected> (Red Hat specific security regressions)
-CVE-2016-9596 (libxml2, as used in Red Hat JBoss Core Services and when in recovery ...)
+CVE-2016-9596
 	- libxml2 <not-affected> (Red Hat specific security regressions)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769658
-CVE-2016-9595 (A flaw was found in katello-debug before 3.4.0 where certain scripts ...)
+CVE-2016-9595
 	NOT-FOR-US: Katello
-CVE-2016-9594 (curl before version 7.52.1 is vulnerable to an uninitialized random ...)
+CVE-2016-9594
 	- curl <not-affected> (Only affects 7.52.0)
 	NOTE: https://curl.haxx.se/docs/adv_20161223.html
-CVE-2016-9593 (foreman-debug before version 1.15.0 is vulnerable to a flaw in ...)
+CVE-2016-9593
 	- foreman <itp> (bug #663101)
-CVE-2016-9592 (openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a ...)
+CVE-2016-9592
 	NOT-FOR-US: OpenShift
-CVE-2016-9591 (JasPer before version 2.0.12 is vulnerable to a use-after-free in the ...)
+CVE-2016-9591
 	{DSA-3827-1 DLA-920-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/105
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/03fe49ab96bf65fea784cdc256507ea88267fc7c
-CVE-2016-9590 (puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an ...)
+CVE-2016-9590
 	- puppet-module-swift 9.4.4-1 (bug #851293)
-CVE-2016-9589 (Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable ...)
+CVE-2016-9589
 	NOT-FOR-US: Red Hat specific use of undertow in Wildfly
-CVE-2016-9588 (arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP ...)
+CVE-2016-9588
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.8.15-2
 	NOTE: https://www.spinics.net/lists/kvm/msg142495.html
 	NOTE: Fixed by: https://git.kernel.org/linus/ef85b67385436ddc1998f45f1d6a210f935b3388
-CVE-2016-9587 (Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper ...)
+CVE-2016-9587
 	- ansible 2.2.0.0-3 (bug #850846)
 	[jessie] - ansible <not-affected> (Vulnerable code not present, way ssh commands was reworked in 2.x branch)
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/ec84ff6de6eca9224bf3f22b752bb8da806611ed (v2.2.1.0-0.3.rc3)
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/eb8c26c105e8457b86324b64a13fac37d8862d47 (v2.2.1.0-0.4.rc4)
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/cc4634a5e73c06c6b4581f11171289ca9228391e (v2.2.1.0-0.4.rc4)
 	NOTE: Fix in 2.2.0.0-2 only partially addressed the issues, and needed a follow-up, 2.2.0.0-3
-CVE-2016-9586 (curl before version 7.52.0 is vulnerable to a buffer overflow when ...)
+CVE-2016-9586
 	{DLA-1568-1 DLA-767-1}
 	- curl 7.52.1-1 (bug #848958)
 	NOTE: https://curl.haxx.se/docs/adv_20161221A.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/3ab3c16db6a5674f53cf23d56512a405fde0b2c9
 	NOTE: There are no known vulnerable applications but as this is a
 	NOTE: library it should be fixed as we do not know the full impact.
-CVE-2016-9585 (Red Hat JBoss EAP version 5 is vulnerable to a deserialization of ...)
+CVE-2016-9585
 	NOT-FOR-US: JMX endpoint of Red Hat JBoss EAP 5
-CVE-2016-9584 (libical allows remote attackers to cause a denial of service ...)
+CVE-2016-9584
 	{DLA-959-1}
 	- libical3 3.0.1-1
 	- libical <unfixed> (bug #852034)
@@ -3531,7 +3531,7 @@ CVE-2016-9584 (libical allows remote attackers to cause a denial of service ...)
 	[jessie] - libical <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/5
 	NOTE: Upstream ticket: https://github.com/libical/libical/issues/253
-CVE-2016-9583 (An out-of-bounds heap read vulnerability was found in the ...)
+CVE-2016-9583
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/103
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/99a50593254d1b53002719bbecfc946c84b23d27
@@ -3541,73 +3541,73 @@ CVE-2016-9583 (An out-of-bounds heap read vulnerability was found in the ...)
 	NOTE: Not suitable for code injection, hardly denial of service
 CVE-2016-9582
 	REJECTED
-CVE-2016-9581 (An infinite loop vulnerability in tiftoimage that results in heap ...)
+CVE-2016-9581
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/872
 	NOTE: Fixed by: https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
 	NOTE: not built into the binary packages
-CVE-2016-9580 (An integer overflow vulnerability was found in tiftoimage function in ...)
+CVE-2016-9580
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/871
 	NOTE: Fixed by: https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
 	NOTE: not built into the binary packages
-CVE-2016-9579 (A flaw was found in the way Ceph Object Gateway would process ...)
+CVE-2016-9579
 	- ceph 10.2.5-2 (bug #849048)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/18187
-CVE-2016-9578 (A vulnerability was discovered in SPICE before 0.13.90 in the server's ...)
+CVE-2016-9578
 	{DSA-3790-1 DLA-825-1}
 	- spice 0.12.8-2.1 (bug #854336)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=1c6517973095a67c8cb57f3550fc1298404ab556 (0.12.x)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=f66dc643635518e53dfbe5262f814a64eec54e4a (0.12.x)
-CVE-2016-9577 (A vulnerability was discovered in SPICE before 0.13.90 in the server's ...)
+CVE-2016-9577
 	{DSA-3790-1 DLA-825-1}
 	- spice 0.12.8-2.1 (bug #854336)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=5f96b596353d73bdf4bb3cd2de61e48a7fd5b4c3 (0.12.x)
-CVE-2016-10088 (The sg implementation in the Linux kernel through 4.9 does not ...)
+CVE-2016-10088
 	{DLA-772-1}
 	- linux 4.8.15-2
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/128394eff343fc6d2f32172f03e24829539c5835 (v4.10-rc1)
-CVE-2016-9576 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+CVE-2016-9576
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://marc.info/?l=linux-scsi&m=148010092224801&w=2
 	NOTE: https://gist.githubusercontent.com/dvyukov/80cd94b4e4c288f16ee4c787d404118b/raw/10536069562444da51b758bb39655b514ff93b45/gistfile1.txt
 	NOTE: Fixed by: https://git.kernel.org/linus/a0ac402cfcdc904f9772e1762b3fda112dcc56a0 (v4.9)
-CVE-2016-9575 (Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not ...)
+CVE-2016-9575
 	- freeipa 4.4.4-1 (bug #849950)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1395311
 	NOTE: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=fec4c32ff15
 	NOTE: https://fedorahosted.org/freeipa/ticket/6560
-CVE-2016-9574 (nss before version 3.30 is vulnerable to a remote denial of service ...)
+CVE-2016-9574
 	- nss 2:3.25-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1320695
 	NOTE: The CVE is specific to the segfault resulting from the reproducing steps
 	NOTE: as per buzilla entry, and https://bugzilla.redhat.com/show_bug.cgi?id=1397482
 	NOTE: https://hg.mozilla.org/projects/nss/rev/7385cd821735
-CVE-2016-9573 (An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in ...)
+CVE-2016-9573
 	{DSA-3768-1}
 	- openjpeg2 2.1.2-1.1 (bug #851422)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/863
 	NOTE: https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d
-CVE-2016-9572 (A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 ...)
+CVE-2016-9572
 	{DSA-3768-1}
 	- openjpeg2 2.1.2-1.1 (bug #851422)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/863
 	NOTE: https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d
 CVE-2016-9571
 	REJECTED
-CVE-2016-9570 (cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial ...)
+CVE-2016-9570
 	NOT-FOR-US: Carbon Black
-CVE-2016-9569 (The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users ...)
+CVE-2016-9569
 	NOT-FOR-US: Carbon Black
-CVE-2016-9568 (A security design issue can allow an unprivileged user to interact ...)
+CVE-2016-9568
 	NOT-FOR-US: Carbon Black
-CVE-2016-9567 (The mDNIe system service on Samsung Mobile S7 devices with M(6.0) ...)
+CVE-2016-9567
 	NOT-FOR-US: Samsung
-CVE-2016-9566 (base/logging.c in Nagios Core before 4.2.4 allows local users with ...)
+CVE-2016-9566
 	{DLA-1615-1 DLA-751-1}
 	- nagios3 <removed>
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
@@ -3620,7 +3620,7 @@ CVE-2016-9566 (base/logging.c in Nagios Core before 4.2.4 allows local users wit
 	NOTE: https://dev.icinga.com/issues/13709
 	NOTE: https://github.com/Icinga/icinga-core/commit/a0eb8471673b6b1e9b37e1b7b91151aa00bedb65
 	NOTE: https://github.com/Icinga/icinga-core/commit/e0f55bc9b17ef1db9aed7393fc34576a5b9501f0
-CVE-2016-9565 (MagpieRSS, as used in the front-end component in Nagios Core before ...)
+CVE-2016-9565
 	{DLA-751-1}
 	- nagios3 3.5.1-1
 	NOTE: https://legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html
@@ -3628,21 +3628,21 @@ CVE-2016-9565 (MagpieRSS, as used in the front-end component in Nagios Core befo
 	NOTE: function was removed.
 	NOTE: The scope of the CVE is specific to Nagios.
 	NOTE: impact lessened by the hardened permissions in Debian: files can be extracted, but no backdoor can be installed as the web root is not writable
-CVE-2016-9564 (Buffer overflow in send_redirect() in Boa Webserver 0.92r allows ...)
+CVE-2016-9564
 	- boa <not-affected> (the vuln was removed in 0.93.14)
 	NOTE: http://www.ljcusack.io/cve-2016-9564-stack-based-buffer-overflow-in-boa-0-dot-92r
-CVE-2016-9563 (BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated ...)
+CVE-2016-9563
 	NOT-FOR-US: SAP
-CVE-2016-9562 (SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of ...)
+CVE-2016-9562
 	NOT-FOR-US: SAP
-CVE-2016-9561 (The che_configure function in libavcodec/aacdec_template.c in FFmpeg ...)
+CVE-2016-9561
 	- ffmpeg 7:3.2.4-1 (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/08/1
 	NOTE: non-issue, legitimate media file. If a server application uses libav* on untrusted media
 	NOTE: files, it needs to set resource limits
-CVE-2016-9554 (The Sophos Web Appliance Remote / Secure Web Gateway server (version ...)
+CVE-2016-9554
 	NOT-FOR-US: Sophos
-CVE-2016-9553 (The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote ...)
+CVE-2016-9553
 	NOT-FOR-US: Sophos
 CVE-2016-9552
 	RESERVED
@@ -3730,167 +3730,167 @@ CVE-2016-9502
 	REJECTED
 CVE-2016-9501
 	REJECTED
-CVE-2016-9500 (Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft ...)
+CVE-2016-9500
 	NOT-FOR-US: Accellion
-CVE-2016-9499 (Accellion FTP server prior to version FTA_9_12_220 only returns the ...)
+CVE-2016-9499
 	NOT-FOR-US: Accellion
-CVE-2016-9498 (ManageEngine Applications Manager 12 and 13 before build 13200, allows ...)
+CVE-2016-9498
 	NOT-FOR-US: ManageEngine
-CVE-2016-9497 (Hughes high-performance broadband satellite modems, models HN7740S ...)
+CVE-2016-9497
 	NOT-FOR-US: Hughes
-CVE-2016-9496 (Hughes high-performance broadband satellite modems, models HN7740S ...)
+CVE-2016-9496
 	NOT-FOR-US: Hughes
-CVE-2016-9495 (Hughes high-performance broadband satellite modems, models HN7740S ...)
+CVE-2016-9495
 	NOT-FOR-US: Hughes
-CVE-2016-9494 (Hughes high-performance broadband satellite modems, models HN7740S ...)
+CVE-2016-9494
 	NOT-FOR-US: Hughes
-CVE-2016-9493 (The code generated by PHP FormMail Generator prior to 17 December 2016 ...)
+CVE-2016-9493
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9492 (The code generated by PHP FormMail Generator prior to 17 December 2016 ...)
+CVE-2016-9492
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9491 (ManageEngine Applications Manager 12 and 13 before build 13690 allows ...)
+CVE-2016-9491
 	NOT-FOR-US: ManageEngine
-CVE-2016-9490 (ManageEngine Applications Manager versions 12 and 13 before build ...)
+CVE-2016-9490
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2016-9489 (In ManageEngine Applications Manager 12 and 13 before build 13200, an ...)
+CVE-2016-9489
 	NOT-FOR-US: ManageEngine
-CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 before build ...)
+CVE-2016-9488
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2016-9487 (EpubCheck 4.0.1 does not properly restrict resolving external entities ...)
+CVE-2016-9487
 	NOT-FOR-US: EpubCheck
-CVE-2016-9486 (On Windows endpoints, the SecureConnector agent must run under the ...)
+CVE-2016-9486
 	NOT-FOR-US: SecureConnector agent
-CVE-2016-9485 (On Windows endpoints, the SecureConnector agent must run under the ...)
+CVE-2016-9485
 	NOT-FOR-US: SecureConnector agent
-CVE-2016-9484 (The generated PHP form code does not properly validate user input ...)
+CVE-2016-9484
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9483 (The PHP form code generated by PHP FormMail Generator deserializes ...)
+CVE-2016-9483
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9482 (Code generated by PHP FormMail Generator may allow a remote ...)
+CVE-2016-9482
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-4412 (An issue was discovered in phpMyAdmin. A user can be tricked into ...)
+CVE-2016-4412
 	{DLA-757-1}
 	- phpmyadmin 4:4.1.7-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-57/
 	NOTE: may affect wheezy only.
-CVE-2016-9847 (An issue was discovered in phpMyAdmin. When the user does not specify ...)
+CVE-2016-9847
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-58/
 	NOTE: Debian packaging generates blowfish secret
-CVE-2016-9848 (An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP ...)
+CVE-2016-9848
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-59/
 	NOTE: disabled by default, debugging setting required
-CVE-2016-9849 (An issue was discovered in phpMyAdmin. It is possible to bypass ...)
+CVE-2016-9849
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-60/
-CVE-2016-9850 (An issue was discovered in phpMyAdmin. Username matching for the ...)
+CVE-2016-9850
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-61/
-CVE-2016-9851 (An issue was discovered in phpMyAdmin. With a crafted request ...)
+CVE-2016-9851
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-62/
-CVE-2016-9852 (An issue was discovered in phpMyAdmin. By calling some scripts that ...)
+CVE-2016-9852
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9853 (An issue was discovered in phpMyAdmin. By calling some scripts that ...)
+CVE-2016-9853
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9854 (An issue was discovered in phpMyAdmin. By calling some scripts that ...)
+CVE-2016-9854
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9855 (An issue was discovered in phpMyAdmin. By calling some scripts that ...)
+CVE-2016-9855
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9856 (An XSS issue was discovered in phpMyAdmin because of an improper fix ...)
+CVE-2016-9856
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-64/
-CVE-2016-9857 (An issue was discovered in phpMyAdmin. XSS is possible because of a ...)
+CVE-2016-9857
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-64/
-CVE-2016-9858 (An issue was discovered in phpMyAdmin. With a crafted request ...)
+CVE-2016-9858
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
-CVE-2016-9859 (An issue was discovered in phpMyAdmin. With a crafted request ...)
+CVE-2016-9859
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
-CVE-2016-9860 (An issue was discovered in phpMyAdmin. An unauthenticated user can ...)
+CVE-2016-9860
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
-CVE-2016-9861 (An issue was discovered in phpMyAdmin. Due to the limitation in URL ...)
+CVE-2016-9861
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-66/
-CVE-2016-9862 (An issue was discovered in phpMyAdmin. With a crafted login request it ...)
+CVE-2016-9862
 	- phpmyadmin 4:4.6.5.1-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-67/
-CVE-2016-9863 (An issue was discovered in phpMyAdmin. With a very large request to ...)
+CVE-2016-9863
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-68/
-CVE-2016-9864 (An issue was discovered in phpMyAdmin. With a crafted username or a ...)
+CVE-2016-9864
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-69/
-CVE-2016-9865 (An issue was discovered in phpMyAdmin. Due to a bug in serialized ...)
+CVE-2016-9865
 	{DLA-1415-1 DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-70/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/17b34be (RELEASE_4_6_5)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1fc004d (MAINT_4_4_15)
-CVE-2016-9866 (An issue was discovered in phpMyAdmin. When the arg_separator is ...)
+CVE-2016-9866
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-71/
 	NOTE: unlikely PHP configuration required, unclear impact
-CVE-2016-9639 (Salt before 2015.8.11 allows deleted minions to read or write to ...)
+CVE-2016-9639
 	- salt 2016.3.0+ds-1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/25/2
-CVE-2016-9813 (The _parse_pat function in the mpegts parser in GStreamer before ...)
+CVE-2016-9813
 	{DSA-3818-1}
 	- gst-plugins-bad1.0 1.10.2-1 (low)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775120
-CVE-2016-9812 (The gst_mpegts_section_new function in the mpegts decoder in GStreamer ...)
+CVE-2016-9812
 	{DSA-3818-1}
 	- gst-plugins-bad1.0 1.10.2-1 (low)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775048
-CVE-2016-9811 (The windows_icon_typefind function in gst-plugins-base in GStreamer ...)
+CVE-2016-9811
 	{DSA-3819-1 DLA-735-1}
 	- gst-plugins-base1.0 1.10.2-1
 	- gst-plugins-base0.10 <removed>
 	[jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774902
-CVE-2016-9810 (The gst_decode_chain_free_internal function in the flxdex decoder in ...)
+CVE-2016-9810
 	- gst-plugins-good1.0 1.10.1-2
 	[jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2
 	- gst-plugins-good0.10 <removed>
 	[jessie] - gst-plugins-good0.10 0.10.31-3+nmu4+deb8u2
 	[wheezy] - gst-plugins-good0.10 0.10.31-3+nmu1+deb7u1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774897
-CVE-2016-9809 (Off-by-one error in the gst_h264_parse_set_caps function in GStreamer ...)
+CVE-2016-9809
 	{DSA-3818-1 DLA-736-1}
 	- gst-plugins-bad1.0 1.10.2-1
 	- gst-plugins-bad0.10 <removed>
 	[jessie] - gst-plugins-bad0.10 <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774896
-CVE-2016-9808 (The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to ...)
+CVE-2016-9808
 	- gst-plugins-good1.0 1.10.1-2
 	[jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2
 	- gst-plugins-good0.10 <removed>
@@ -3899,7 +3899,7 @@ CVE-2016-9808 (The FLIC decoder in GStreamer before 1.10.2 allows remote attacke
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774859
 	NOTE: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
 	NOTE: https://scarybeastsecurity.blogspot.dk/2016/11/0day-poc-incorrect-fix-for-gstreamer.html
-CVE-2016-9807 (The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer ...)
+CVE-2016-9807
 	- gst-plugins-good1.0 1.10.1-2
 	[jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2
 	- gst-plugins-good0.10 <removed>
@@ -3907,12 +3907,12 @@ CVE-2016-9807 (The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreame
 	[wheezy] - gst-plugins-good0.10 0.10.31-3+nmu1+deb7u1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774859
 	NOTE: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9806 (Race condition in the netlink_dump function in ...)
+CVE-2016-9806
 	- linux 4.6.3-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Introduced in 3.12)
 	NOTE: Fixed by: https://git.kernel.org/linus/92964c79b357efd980812c4de5c1fd2ec8bb5520 (v4.7-rc1)
-CVE-2016-9636 (Heap-based buffer overflow in the flx_decode_delta_fli function in ...)
+CVE-2016-9636
 	{DSA-3724-1 DSA-3723-1 DLA-727-1}
 	- gst-plugins-good1.0 1.10.1-2 (bug #845375)
 	- gst-plugins-good0.10 <removed>
@@ -3922,7 +3922,7 @@ CVE-2016-9636 (Heap-based buffer overflow in the flx_decode_delta_fli function i
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9635 (Heap-based buffer overflow in the flx_decode_delta_fli function in ...)
+CVE-2016-9635
 	{DSA-3724-1 DSA-3723-1 DLA-727-1}
 	- gst-plugins-good1.0 1.10.1-2 (bug #845375)
 	- gst-plugins-good0.10 <removed>
@@ -3932,7 +3932,7 @@ CVE-2016-9635 (Heap-based buffer overflow in the flx_decode_delta_fli function i
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9634 (Heap-based buffer overflow in the flx_decode_delta_fli function in ...)
+CVE-2016-9634
 	{DSA-3724-1 DSA-3723-1 DLA-727-1}
 	- gst-plugins-good1.0 1.10.1-2 (bug #845375)
 	- gst-plugins-good0.10 <removed>
@@ -3942,94 +3942,94 @@ CVE-2016-9634 (Heap-based buffer overflow in the flx_decode_delta_fli function i
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9633 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9633
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/23
-CVE-2016-9632 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9632
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/43
-CVE-2016-9631 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9631
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/42
-CVE-2016-9630 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9630
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/41
-CVE-2016-9629 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9629
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/40
-CVE-2016-9628 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9628
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/39
-CVE-2016-9627 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9627
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/38
 	NOTE: https://github.com/tats/w3m/commit/0c3f5d0e0d9269ad47b8f4b061d7818993913189
-CVE-2016-9626 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9626
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/37
-CVE-2016-9625 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9625
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/36
-CVE-2016-9624 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9624
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/35
-CVE-2016-9623 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9623
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/33
-CVE-2016-9622 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9622
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/32
 CVE-2016-9621
 	REJECTED
-CVE-2016-9560 (Stack-based buffer overflow in the jpc_tsfb_getbands2 function in ...)
+CVE-2016-9560
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/11/20/jasper-stack-based-buffer-overflow-in-jpc_tsfb_getbands2-jpc_tsfb-c
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/1abc2e5a401a4bf1d5ca4df91358ce5df111f495
-CVE-2016-9558 ((1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf ...)
+CVE-2016-9558
 	- dwarfutils 20161124-1 (bug #845408)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/19/libdwarf-negation-overflow-in-dwarf_leb-c
 	NOTE: Fixed by: https://sourceforge.net/p/libdwarf/code/ci/4f19e1050cd8e9ddf2cb6caa061ff2fec4c9b5f9/#diff-5
-CVE-2016-9557 (Integer overflow in jas_image.c in JasPer before 1.900.25 allows ...)
+CVE-2016-9557
 	- jasper <removed>
 	[jessie] - jasper <no-dsa> (There is no application crash unless jasper is built with ASAN)
 	[wheezy] - jasper <no-dsa> (the fix is too invasive)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/19/jasper-signed-integer-overflow-in-jas_image-c
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a
-CVE-2016-9555 (The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux ...)
+CVE-2016-9555
 	{DLA-772-1}
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6 (4.9-rc4)
-CVE-2016-9481 (In framework/modules/core/controllers/expCommentController.php of ...)
+CVE-2016-9481
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9480 (libdwarf 2016-10-21 allows context-dependent attackers to obtain ...)
+CVE-2016-9480
 	- dwarfutils 20161124-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
@@ -4039,7 +4039,7 @@ CVE-2016-9480 (libdwarf 2016-10-21 allows context-dependent attackers to obtain
 	NOTE: The code has substantially changed in libdwarf/dwarf_util.c from older
 	NOTE: versions, but there  seem to be still back then an unchecked dereference
 	NOTE: of val_ptr.
-CVE-2016-9479 (The &quot;lost password&quot; functionality in b2evolution before 6.7.9 allows ...)
+CVE-2016-9479
 	- b2evolution <removed>
 CVE-2016-9478
 	REJECTED
@@ -4051,49 +4051,49 @@ CVE-2016-9475
 	REJECTED
 CVE-2016-9474
 	REJECTED
-CVE-2016-9473 (Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and ...)
+CVE-2016-9473
 	- brave-browser <itp> (bug #864795)
-CVE-2016-9472 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The ...)
+CVE-2016-9472
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9471 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element ...)
+CVE-2016-9471
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9470 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File ...)
+CVE-2016-9470
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9469 (Multiple versions of GitLab expose a dangerous method to any ...)
+CVE-2016-9469
 	- gitlab 8.13.6+dfsg2-2 (bug #847157)
 	NOTE: https://about.gitlab.com/2016/12/05/cve-2016-9469/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/25064
-CVE-2016-9468 (Nextcloud Server before 9.0.54 and 10.0.1 &amp; ownCloud Server before ...)
+CVE-2016-9468
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9467 (Nextcloud Server before 9.0.54 and 10.0.1 &amp; ownCloud Server before ...)
+CVE-2016-9467
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9466 (Nextcloud Server before 10.0.1 &amp; ownCloud Server before 9.0.6 and ...)
+CVE-2016-9466
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9465 (Nextcloud Server before 10.0.1 &amp; ownCloud Server before 9.0.6 and 9.1.2 ...)
+CVE-2016-9465
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9464 (Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper ...)
+CVE-2016-9464
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9463 (Nextcloud Server before 9.0.54 and 10.0.1 &amp; ownCloud Server before ...)
+CVE-2016-9463
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9462 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are not ...)
+CVE-2016-9462
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9461 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are not ...)
+CVE-2016-9461
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9460 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are ...)
+CVE-2016-9460
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9459 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are ...)
+CVE-2016-9459
 	- nextcloud <itp> (bug #835086)
 CVE-2016-9458
 	REJECTED
-CVE-2016-9457 (Revive Adserver before 3.2.3 suffers from Reflected XSS. ...)
+CVE-2016-9457
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9456 (Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery ...)
+CVE-2016-9456
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9455 (Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery ...)
+CVE-2016-9455
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9454 (Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for ...)
+CVE-2016-9454
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9444 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and ...)
+CVE-2016-9444
 	{DSA-3758-1 DLA-805-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #851062)
@@ -4120,83 +4120,83 @@ CVE-2016-XXXX [TOCTOU race condition in initscript on chown'ing JVM_TMP temporar
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
-CVE-2016-10071 (coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to ...)
+CVE-2016-10071
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10070 (Heap-based buffer overflow in the CalcMinMax function in coders/mat.c ...)
+CVE-2016-10070
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10069 (coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to ...)
+CVE-2016-10069
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845244)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-9559 (coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to ...)
+CVE-2016-9559
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845243)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1c795ce9fe1d6feac8bc36c2e6c5ba7110b671b1
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b (master)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/298
-CVE-2016-9773 (Heap-based buffer overflow in the IsPixelGray function in ...)
+CVE-2016-9773
 	- imagemagick <not-affected> (Affects only the ImageMagick-7 branch, cf. NOTE)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4e8c2ed53fcb54a34b3a6185b2584f26cf6874a3
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556/
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/312
 	NOTE: Upstream statement: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31045
-CVE-2016-9556 (The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick ...)
+CVE-2016-9556
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845242)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/301
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/174de08d7c81ce147689f3b1c73fadd6bf1c023c
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99 (master)
-CVE-2016-10068 (The MSL interpreter in ImageMagick before 6.9.6-4 allows remote ...)
+CVE-2016-10068
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845241)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10058 (Memory leak in the ReadPSDLayers function in coders/psd.c in ...)
+CVE-2016-10058
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845239)
 	[jessie] - imagemagick <not-affected> (Vulnerable code using layer_info[i].info introduced later)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code using layer_info[i].info introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10067 (magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers ...)
+CVE-2016-10067
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10066 (Buffer overflow in the ReadVIFFImage function in coders/viff.c in ...)
+CVE-2016-10066
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10065 (The ReadVIFFImage function in coders/viff.c in ImageMagick before ...)
+CVE-2016-10065
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845212)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/129
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545183
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10064 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...)
+CVE-2016-10064
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845202)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10063 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...)
+CVE-2016-10063
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845198)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10062 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not ...)
+CVE-2016-10062
 	{DSA-3799-1 DLA-868-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #849439)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
@@ -4208,170 +4208,170 @@ CVE-2016-10062 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick doe
 	NOTE: 4e914bbe371433f0590cefdf3bd5f3a5710069f9 upstream. It is not the same
 	NOTE: as the fputc issue in ReadGROUP4Image.
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/41e955984b034777903cfa61e500a0b922eb9cbd
-CVE-2016-10061 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick before ...)
+CVE-2016-10061
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10060 (The ConcatenateImages function in MagickWand/magick-cli.c in ...)
+CVE-2016-10060
 	{DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10059 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows ...)
+CVE-2016-10059
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845195)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-9448 (The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote ...)
+CVE-2016-9448
 	- tiff <not-affected> (Vulnerable code introduced by fix for CVE-2016-9297)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2593
 	NOTE: Regression introduced by previous fix done on 2016-11-11 for CVE-2016-9297
-CVE-2016-9421 (Cross-site scripting (XSS) vulnerability in the Users module in the ...)
+CVE-2016-9421
 	NOT-FOR-US: MyBB
-CVE-2016-9420 (MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before ...)
+CVE-2016-9420
 	NOT-FOR-US: MyBB
-CVE-2016-9419 (Cross-site scripting (XSS) vulnerability in the Admin control panel in ...)
+CVE-2016-9419
 	NOT-FOR-US: MyBB
-CVE-2016-9418 (MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge ...)
+CVE-2016-9418
 	NOT-FOR-US: MyBB
-CVE-2016-9417 (The fetch_remote_file function in MyBB (aka MyBulletinBoard) before ...)
+CVE-2016-9417
 	NOT-FOR-US: MyBB
-CVE-2016-9416 (SQL injection vulnerability in the users data handler in MyBB (aka ...)
+CVE-2016-9416
 	NOT-FOR-US: MyBB
-CVE-2016-9415 (MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge ...)
+CVE-2016-9415
 	NOT-FOR-US: MyBB
-CVE-2016-9414 (MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before ...)
+CVE-2016-9414
 	NOT-FOR-US: MyBB
-CVE-2016-9413 (The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and ...)
+CVE-2016-9413
 	NOT-FOR-US: MyBB
-CVE-2016-9412 (MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before ...)
+CVE-2016-9412
 	NOT-FOR-US: MyBB
-CVE-2016-9411 (The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and ...)
+CVE-2016-9411
 	NOT-FOR-US: MyBB
-CVE-2016-9410 (MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before ...)
+CVE-2016-9410
 	NOT-FOR-US: MyBB
-CVE-2016-9409 (Cross-site scripting (XSS) vulnerability in the Admin control panel in ...)
+CVE-2016-9409
 	NOT-FOR-US: MyBB
-CVE-2016-9408 (Cross-site scripting (XSS) vulnerability in the Mod control panel in ...)
+CVE-2016-9408
 	NOT-FOR-US: MyBB
-CVE-2016-9407 (Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) ...)
+CVE-2016-9407
 	NOT-FOR-US: MyBB
-CVE-2016-9406 (Cross-site scripting (XSS) vulnerability in the User control panel in ...)
+CVE-2016-9406
 	NOT-FOR-US: MyBB
-CVE-2016-9405 (Cross-site scripting (XSS) vulnerability in member validation in MyBB ...)
+CVE-2016-9405
 	NOT-FOR-US: MyBB
-CVE-2016-9404 (Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) ...)
+CVE-2016-9404
 	NOT-FOR-US: MyBB
-CVE-2016-9403 (newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge ...)
+CVE-2016-9403
 	NOT-FOR-US: MyBB
-CVE-2016-9402 (SQL injection vulnerability in the moderation tool in MyBB (aka ...)
+CVE-2016-9402
 	NOT-FOR-US: MyBB
-CVE-2016-9386 (The x86 emulator in Xen does not properly treat x86 NULL segments as ...)
+CVE-2016-9386
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845663)
 	NOTE: https://xenbits.xen.org/xsa/advisory-191.html
-CVE-2016-9385 (The x86 segment base write emulation functionality in Xen 4.4.x ...)
+CVE-2016-9385
 	{DSA-3729-1}
 	- xen 4.8.0-1 (bug #845665)
 	[wheezy] - xen <not-affected> (Only affects Xen >= 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-193.html
-CVE-2016-9384 (Xen 4.7 allows local guest OS users to obtain sensitive host ...)
+CVE-2016-9384
 	- xen 4.8.0-1 (bug #845667)
 	[jessie] - xen <not-affected> (Only affects Xen >= 4.7)
 	[wheezy] - xen <not-affected> (Only affects Xen >= 4.7)
 	NOTE: https://xenbits.xen.org/xsa/advisory-194.html
-CVE-2016-9383 (Xen, when running on a 64-bit hypervisor, allows local x86 guest OS ...)
+CVE-2016-9383
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845668)
 	NOTE: https://xenbits.xen.org/xsa/advisory-195.html
-CVE-2016-9382 (Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, ...)
+CVE-2016-9382
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845664)
 	NOTE: https://xenbits.xen.org/xsa/advisory-192.html
-CVE-2016-9381 (Race condition in QEMU in Xen allows local x86 HVM guest OS ...)
+CVE-2016-9381
 	{DLA-720-1}
 	- xen 4.4.0-1
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-197.html
-CVE-2016-9380 (The pygrub boot loader emulator in Xen, when nul-delimited output ...)
+CVE-2016-9380
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845670)
 	NOTE: https://xenbits.xen.org/xsa/advisory-198.html
-CVE-2016-9379 (The pygrub boot loader emulator in Xen, when S-expression output ...)
+CVE-2016-9379
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845670)
 	NOTE: https://xenbits.xen.org/xsa/advisory-198.html
-CVE-2016-9378 (Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when ...)
+CVE-2016-9378
 	- xen 4.8.0-1 (bug #845669)
 	[jessie] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	[wheezy] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	NOTE: https://xenbits.xen.org/xsa/advisory-196.html
-CVE-2016-9377 (Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when ...)
+CVE-2016-9377
 	- xen 4.8.0-1 (bug #845669)
 	[jessie] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	[wheezy] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	NOTE: https://xenbits.xen.org/xsa/advisory-196.html
-CVE-2016-9371 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9371
 	NOT-FOR-US: Moxa
 CVE-2016-9370
 	REJECTED
-CVE-2016-9369 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9369
 	NOT-FOR-US: Moxa
-CVE-2016-9368 (An issue was discovered in Eaton xComfort Ethernet Communication ...)
+CVE-2016-9368
 	NOT-FOR-US: Eaton xComfort Ethernet Communication Interface
-CVE-2016-9367 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9367
 	NOT-FOR-US: Moxa
-CVE-2016-9366 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9366
 	NOT-FOR-US: Moxa
-CVE-2016-9365 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9365
 	NOT-FOR-US: Moxa
-CVE-2016-9364 (An issue was discovered in Fidelix FX-20 series controllers, versions ...)
+CVE-2016-9364
 	NOT-FOR-US: Moxa
-CVE-2016-9363 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9363
 	NOT-FOR-US: Moxa
-CVE-2016-9362 (An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released ...)
+CVE-2016-9362
 	NOT-FOR-US: WAGO
-CVE-2016-9361 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9361
 	NOT-FOR-US: Moxa
-CVE-2016-9360 (An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX ...)
+CVE-2016-9360
 	NOT-FOR-US: General Electric
 CVE-2016-9359
 	REJECTED
-CVE-2016-9358 (A Hard-Coded Passwords issue was discovered in Marel Food Processing ...)
+CVE-2016-9358
 	NOT-FOR-US: Marel
-CVE-2016-9357 (An issue was discovered in certain legacy Eaton ePDUs -- the affected ...)
+CVE-2016-9357
 	NOT-FOR-US: legacy Eaton ePDUs
-CVE-2016-9356 (An issue was discovered in Moxa DACenter Versions 1.4 and older. The ...)
+CVE-2016-9356
 	NOT-FOR-US: Moxa
-CVE-2016-9355 (An issue was discovered in Becton, Dickinson and Company (BD) Alaris ...)
+CVE-2016-9355
 	NOT-FOR-US: Alaris 8015 Point of Care
-CVE-2016-9354 (An issue was discovered in Moxa DACenter Versions 1.4 and older. A ...)
+CVE-2016-9354
 	NOT-FOR-US: Moxa
-CVE-2016-9353 (An issue was discovered in Advantech SUISAccess Server Version 3.0 and ...)
+CVE-2016-9353
 	NOT-FOR-US: Advantech SUISAccess Server
 CVE-2016-9352
 	REJECTED
-CVE-2016-9351 (An issue was discovered in Advantech SUISAccess Server Version 3.0 and ...)
+CVE-2016-9351
 	NOT-FOR-US: Advantech SUISAccess Server
 CVE-2016-9350
 	REJECTED
-CVE-2016-9349 (An issue was discovered in Advantech SUISAccess Server Version 3.0 and ...)
+CVE-2016-9349
 	NOT-FOR-US: Advantech SUISAccess Server
-CVE-2016-9348 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, ...)
+CVE-2016-9348
 	NOT-FOR-US: Moxa
-CVE-2016-9347 (An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O ...)
+CVE-2016-9347
 	NOT-FOR-US: Emerson
-CVE-2016-9346 (An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 ...)
+CVE-2016-9346
 	NOT-FOR-US: Moxa
-CVE-2016-9345 (An issue was discovered in Emerson DeltaV Easy Security Management ...)
+CVE-2016-9345
 	NOT-FOR-US: Emerson
-CVE-2016-9344 (An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 ...)
+CVE-2016-9344
 	NOT-FOR-US: Moxa
-CVE-2016-9343 (An issue was discovered in Rockwell Automation Logix5000 Programmable ...)
+CVE-2016-9343
 	NOT-FOR-US: Rockwell
 CVE-2016-9342
 	REJECTED
@@ -4379,23 +4379,23 @@ CVE-2016-9341
 	REJECTED
 CVE-2016-9340
 	REJECTED
-CVE-2016-9339 (An issue was discovered in INTERSCHALT Maritime Systems VDR G4e ...)
+CVE-2016-9339
 	NOT-FOR-US: INTERSCHALT Maritime Systems
-CVE-2016-9338 (An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix ...)
+CVE-2016-9338
 	NOT-FOR-US: Rockwell
-CVE-2016-9337 (An issue was discovered in Tesla Motors Model S automobile, all ...)
+CVE-2016-9337
 	NOT-FOR-US: Tesla car
 CVE-2016-9336
 	REJECTED
-CVE-2016-9335 (A hard-coded cryptographic key vulnerability was identified in Red ...)
+CVE-2016-9335
 	NOT-FOR-US: Red Lion Controls Sixnet-Managed Industrial Switches
-CVE-2016-9334 (An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix ...)
+CVE-2016-9334
 	NOT-FOR-US: Rockwell
-CVE-2016-9333 (An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. ...)
+CVE-2016-9333
 	NOT-FOR-US: Moxa
-CVE-2016-9332 (An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. ...)
+CVE-2016-9332
 	NOT-FOR-US: Moxa
-CVE-2016-9453 (The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote ...)
+CVE-2016-9453
 	{DSA-3762-1}
 	- tiff 4.0.6-3
 	[wheezy] - tiff 4.0.2-6+deb7u7
@@ -4412,124 +4412,124 @@ CVE-2016-9453 (The t2p_readwrite_pdf_image_tile function in LibTIFF allows remot
 	NOTE: TIFFReadDirectory: Warning, Unknown field with tag 3 (0x3) encountered.
 	NOTE: TIFFReadDirectory: IO error during reading of "BitsPerSample".
 	NOTE: tiff2pdf: Can't open input file ./CVE-2016-9453.tiff for reading.
-CVE-2016-9446 (The vmnc decoder in the gstreamer does not initialize the render ...)
+CVE-2016-9446
 	{DSA-3717-1 DLA-712-1}
 	- gst-plugins-bad0.10 <removed>
 	- gst-plugins-bad1.0 1.10.1-1
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
 	NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
-CVE-2016-9445 (Integer overflow in the vmnc decoder in the gstreamer allows remote ...)
+CVE-2016-9445
 	{DSA-3717-1 DLA-712-1}
 	- gst-plugins-bad0.10 <removed>
 	- gst-plugins-bad1.0 1.10.1-1
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
 	NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
-CVE-2016-9452 (The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote ...)
+CVE-2016-9452
 	- drupal8 <itp> (bug #756305)
 	- drupal7 <not-affected> (Only affects Drupal 8)
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9451 (Confirmation forms in Drupal 7.x before 7.52 make it easier for remote ...)
+CVE-2016-9451
 	{DSA-3718-1 DLA-715-1}
 	- drupal7 7.52-1
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9450 (The user password reset form in Drupal 8.x before 8.2.3 allows remote ...)
+CVE-2016-9450
 	- drupal8 <itp> (bug #756305)
 	- drupal7 <not-affected> (Only affects Drupal 8)
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9449 (The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 ...)
+CVE-2016-9449
 	{DSA-3718-1 DLA-715-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.52-1
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9443 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9443
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/28
-CVE-2016-9442 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9442
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/commit/d43527cfa0dbb3ccefec4a6f7b32c1434739aa29
-CVE-2016-9441 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9441
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/24
-CVE-2016-9440 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9440
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/22
-CVE-2016-9439 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9439
 	- w3m 0.5.3-33 (bug #844726)
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/20
-CVE-2016-9438 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9438
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/18
-CVE-2016-9437 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9437
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/17
-CVE-2016-9436 (parsetagx.c in w3m before 0.5.3+git20161009 does not properly ...)
+CVE-2016-9436
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/16
 	NOTE: Fixed by: https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd
-CVE-2016-9435 (The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 ...)
+CVE-2016-9435
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/16
 	NOTE: Fixed by: https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd
-CVE-2016-9434 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9434
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/15
-CVE-2016-9433 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9433
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/14
-CVE-2016-9432 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9432
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/13
-CVE-2016-9431 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9431
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/10
-CVE-2016-9430 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9430
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/7
-CVE-2016-9429 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9429
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/29
-CVE-2016-9428 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9428
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/26
-CVE-2016-9427 (Integer overflow vulnerability in bdwgc before 2016-09-27 allows ...)
+CVE-2016-9427
 	{DLA-721-1}
 	[experimental] - libgc 1:7.4.4-1
 	- libgc 1:7.6.4-0.3 (bug #844771)
@@ -4539,122 +4539,122 @@ CVE-2016-9427 (Integer overflow vulnerability in bdwgc before 2016-09-27 allows
 	NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/4e1a6f9d8f2a49403bbd00b8c8e5324048fb84d4
 	NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/7292c02fac2066d39dd1bcc37d1a7054fd1e32ee
 	NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/552ad0834672fed86ada6430150ef9ebdd3f54d7
-CVE-2016-9426 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9426
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/25
-CVE-2016-9425 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9425
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/21
-CVE-2016-9424 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9424
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/12
-CVE-2016-9423 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9423
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/9
-CVE-2016-9422 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...)
+CVE-2016-9422
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/8
-CVE-2016-9401 (popd in bash might allow local users to bypass the restricted shell ...)
+CVE-2016-9401
 	- bash 4.4-3 (bug #844727)
 	[jessie] - bash <no-dsa> (Minor issue)
 	[wheezy] - bash <no-dsa> (Minor issue)
 	NOTE: Upstream bash considers this issue only to be a bug.
 	NOTE: Proposed patch: https://lists.gnu.org/archive/html/bug-bash/2016-11/msg00116.html
 	NOTE: Fixed by (4.4): https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/bash44-006
-CVE-2016-9399 (The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows ...)
+CVE-2016-9399
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00044-jasper-assert-calcstepsizes
 	NOTE: Negligible security impact
-CVE-2016-9398 (The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 ...)
+CVE-2016-9398
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00023-jasper-assert-jpc_floorlog2
 	NOTE: Negligible security impact
-CVE-2016-9397 (The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows ...)
+CVE-2016-9397
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00010-jasper-assert-jpc_dequantize
 	NOTE: Negligible security impact
-CVE-2016-9396 (The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through ...)
+CVE-2016-9396
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00004-jasper-assert-JPC_NOMINALGAIN
 	NOTE: Negligible security impact
-CVE-2016-9395 (The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 ...)
+CVE-2016-9395
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00043-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9394 (The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 ...)
+CVE-2016-9394
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00016-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9393 (The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 ...)
+CVE-2016-9393
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00013-jasper-assert-jpc_pi_nextrpcl
 	NOTE: Negligible security impact
-CVE-2016-9392 (The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 ...)
+CVE-2016-9392
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00012-jasper-assert-calcstepsizes
 	NOTE: Negligible security impact
-CVE-2016-9391 (The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 ...)
+CVE-2016-9391
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/1e84674d95353c64e5c4c0e7232ae86fd6ea813b
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00014-jasper-assert-jpc_bitstream_getbits
 	NOTE: Negligible security impact
-CVE-2016-9390 (The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 ...)
+CVE-2016-9390
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00007-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9389 (The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before ...)
+CVE-2016-9389
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00006-jasper-assert-jpc_irct
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00008-jasper-assert-jpc_iict
 	NOTE: Negligible security impact
-CVE-2016-9388 (The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows ...)
+CVE-2016-9388
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00005-jasper-assert-ras_getcmap
 	NOTE: Negligible security impact
-CVE-2016-9387 (Integer overflow in the jpc_dec_process_siz function in ...)
+CVE-2016-9387
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00003-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9372 (In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop ...)
+CVE-2016-9372
 	- wireshark 2.2.2+g9c5aae3-1
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-58.html
-CVE-2016-9373 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector ...)
+CVE-2016-9373
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-61.html
-CVE-2016-9374 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector ...)
+CVE-2016-9374
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-59.html
-CVE-2016-9375 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could ...)
+CVE-2016-9375
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-62.html
-CVE-2016-9376 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector ...)
+CVE-2016-9376
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
@@ -4679,7 +4679,7 @@ CVE-2016-9323
 	REJECTED
 CVE-2016-9322
 	REJECTED
-CVE-2016-9400 (The CClient::ProcessServerPacket method in engine/client/client.cpp in ...)
+CVE-2016-9400
 	- teeworlds 0.6.4+dfsg-1 (bug #844546)
 	[jessie] - teeworlds <no-dsa> (Minor issue; can be fixed via point release)
 	[wheezy] - teeworlds <end-of-life> (Games are not supported in Wheezy)
@@ -4690,9 +4690,9 @@ CVE-2016-9321
 	RESERVED
 CVE-2016-9320
 	RESERVED
-CVE-2016-9319 (There is Missing SSL Certificate Validation in the Trend Micro ...)
+CVE-2016-9319
 	NOT-FOR-US: Trend Micro
-CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and ...)
+CVE-2016-9318
 	- libxml2 <unfixed> (bug #844581)
 	[stretch] - libxml2 <ignored> (Minor issue; intrusive to backport)
 	[jessie] - libxml2 <ignored> (Minor issue; intrusive to backport)
@@ -4703,35 +4703,35 @@ CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier a
 	NOTE: behaviour is wanted. Not enforced by default.
 	NOTE: The option though was reverted in https://git.gnome.org/browse/libxml2/commit/?id=030b1f7a27c22f9237eddca49ec5e620b6258d7d
 	NOTE: New proposed/commited fix: https://git.gnome.org/browse/libxml2/commit/?id=ad88b54f1a28a8565964a370b5d387927b633c0d
-CVE-2016-9317 (The gdImageCreate function in the GD Graphics Library (aka libgd) ...)
+CVE-2016-9317
 	{DSA-3777-1 DLA-804-1}
 	- libgd2 2.2.4-1
 	NOTE: https://github.com/libgd/libgd/commit/6944ea10cb730d5071620439c6c2e823e6caeff1
 	NOTE: https://github.com/libgd/libgd/issues/340
-CVE-2016-9316 (Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in ...)
+CVE-2016-9316
 	NOT-FOR-US: Trend Micro
-CVE-2016-9315 (Privilege Escalation Vulnerability in ...)
+CVE-2016-9315
 	NOT-FOR-US: Trend Micro
-CVE-2016-9314 (Sensitive Information Disclosure in ...)
+CVE-2016-9314
 	NOT-FOR-US: Trend Micro
-CVE-2016-9313 (security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles ...)
+CVE-2016-9313
 	- linux 4.8.7-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb (v4.9-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/13100a72f40f5748a04017e0ab3df4cf27c809ef (v4.7-rc1)
-CVE-2016-9312 (ntpd in NTP before 4.2.8p9, when running on Windows, allows remote ...)
+CVE-2016-9312
 	- ntp <not-affected> (Only ntpd on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3110
 	NOTE: Only relevant for ntpd on Windows, but fixed source-wise in 1:4.2.8p9+dfsg-1
-CVE-2016-9311 (ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows ...)
+CVE-2016-9311
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue, not vulnerable by default)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3119
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0204/
 	NOTE: Only affects configurations that do not have "restrict noquery", Debian's default config does have that restriction.
-CVE-2016-9310 (The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 ...)
+CVE-2016-9310
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue, not vulnerable by default)
@@ -4742,15 +4742,15 @@ CVE-2016-9309
 	RESERVED
 CVE-2016-9308
 	RESERVED
-CVE-2016-9307 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can ...)
+CVE-2016-9307
 	NOT-FOR-US: Autodesk
-CVE-2016-9306 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can ...)
+CVE-2016-9306
 	NOT-FOR-US: Autodesk
-CVE-2016-9305 (Improper handling in the Autodesk FBX-SDK before 2017.1 of type ...)
+CVE-2016-9305
 	NOT-FOR-US: Autodesk
-CVE-2016-9304 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can ...)
+CVE-2016-9304
 	NOT-FOR-US: Autodesk
-CVE-2016-9303 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can ...)
+CVE-2016-9303
 	NOT-FOR-US: Autodesk
 CVE-2016-9295
 	RESERVED
@@ -4764,55 +4764,55 @@ CVE-2016-9290
 	RESERVED
 CVE-2016-9289
 	RESERVED
-CVE-2016-9288 (In framework/modules/navigation/controllers/navigationController.php in ...)
+CVE-2016-9288
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9287 (In /framework/modules/notfound/controllers/notfoundController.php of ...)
+CVE-2016-9287
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9286 (framework/modules/users/controllers/usersController.php in Exponent CMS ...)
+CVE-2016-9286
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9285 (framework/modules/addressbook/controllers/addressController.php in ...)
+CVE-2016-9285
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9284 (getUsersByJSON in ...)
+CVE-2016-9284
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9283 (SQL Injection in framework/core/subsystems/expRouter.php in Exponent ...)
+CVE-2016-9283
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9282 (SQL Injection in ...)
+CVE-2016-9282
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9281
 	RESERVED
 CVE-2016-9280
 	RESERVED
-CVE-2016-9277 (Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note ...)
+CVE-2016-9277
 	NOT-FOR-US: Samsung
-CVE-2016-9274 (Untrusted search path vulnerability in Git 1.x for Windows allows local ...)
+CVE-2016-9274
 	NOT-FOR-US: Git-for-Windows (Git fork containing Windows-specific patches)
-CVE-2016-9272 (A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with ...)
+CVE-2016-9272
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9271
 	RESERVED
 CVE-2016-9270
 	RESERVED
-CVE-2016-9269 (Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in ...)
+CVE-2016-9269
 	NOT-FOR-US: Trend Micro
-CVE-2016-9268 (Unrestricted file upload vulnerability in the Blog appearance in the ...)
+CVE-2016-9268
 	- dotclear <removed>
 	NOTE: http://dev.dotclear.org/2.0/changeset/445e9ff79a1fa81033591761d6a340e219d159b2
 	NOTE: http://dev.dotclear.org/2.0/ticket/2214
 CVE-2016-9267
 	RESERVED
-CVE-2016-9263 (WordPress through 4.8.2, when domain-based flashmediaelement.swf ...)
+CVE-2016-9263
 	{DLA-1151-1}
 	- wordpress 4.1+dfsg-1
 	NOTE: https://opnsec.com/2017/10/cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress/
 	NOTE: flashmediaelement.swf removed from source tree starting in 4.1+dfsg-1
-CVE-2016-9447 (The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote ...)
+CVE-2016-9447
 	{DSA-3713-1 DLA-712-1}
 	- gst-plugins-bad0.10 <removed>
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
-CVE-2016-9299 (The remoting module in Jenkins before 2.32 and LTS before 2.19.3 ...)
+CVE-2016-9299
 	- jenkins <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/12/4
-CVE-2016-9298 (Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c ...)
+CVE-2016-9298
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #844211)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
@@ -4824,7 +4824,7 @@ CVE-2016-9301
 	REJECTED
 CVE-2016-9302
 	REJECTED
-CVE-2016-9297 (The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote ...)
+CVE-2016-9297
 	{DSA-3762-1 DLA-716-1}
 	- tiff 4.0.7-1 (bug #844226)
 	- tiff3 <removed>
@@ -4838,48 +4838,48 @@ CVE-2016-9297 (The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote ..
 	NOTE: introduce CVE-2016-9448 / http://bugzilla.maptools.org/show_bug.cgi?id=2593
 	NOTE: Fix in 4.0.7 is complete.
 	NOTE: Patch CVE-2016-9448: https://github.com/vadz/libtiff/commit/89406285f318ffad27af4b200204394b2ee6ba5e
-CVE-2016-9540 (tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled ...)
+CVE-2016-9540
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3
-CVE-2016-9539 (tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in ...)
+CVE-2016-9539
 	- tiff 4.0.7-1 (unimportant)
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53
 	NOTE: Crash in CLI tool, no security impact
-CVE-2016-9538 (tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in ...)
+CVE-2016-9538
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
-CVE-2016-9537 (tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write ...)
+CVE-2016-9537
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-c8b4b355f9b5c06d585b23138e1c185f
-CVE-2016-9536 (tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write ...)
+CVE-2016-9536
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5173a9b3b48146e4fd86d7b9b346115e
-CVE-2016-9535 (tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that ...)
+CVE-2016-9535
 	{DSA-3844-1 DLA-880-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1
 	NOTE: https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33
-CVE-2016-9534 (tif_write.c in libtiff 4.0.6 has an issue in the error code path of ...)
+CVE-2016-9534
 	{DSA-3762-1 DLA-880-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5be5ce02d0dea67050d5b2a10102d1ba
-CVE-2016-9533 (tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities ...)
+CVE-2016-9533
 	{DSA-3762-1 DLA-880-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-bdc795f6afeb9558c1012b3cfae729ef
-CVE-2016-9532 (Integer overflow in the writeBufferToSeparateStrips function in ...)
+CVE-2016-9532
 	{DSA-3762-1 DLA-716-1}
 	- tiff 4.0.7-1 (bug #844057)
 	- tiff3 <removed>
@@ -4887,33 +4887,33 @@ CVE-2016-9532 (Integer overflow in the writeBufferToSeparateStrips function in .
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2592
 	NOTE: Patch: https://github.com/vadz/libtiff/commit/21d39de1002a5e69caa0574b2cc05d795d6fbfad
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/11/14
-CVE-2016-9296 (A null pointer dereference bug affects the 16.02 and many old versions ...)
+CVE-2016-9296
 	- p7zip 16.02+dfsg-2 (unimportant; bug #844344)
 	[jessie] - p7zip <not-affected> (Vulnerable code with potential NULL pointer dereference introduced later)
 	[wheezy] - p7zip <not-affected> (Vulnerable code with potential NULL pointer dereference introduced later)
 	NOTE: https://sourceforge.net/p/p7zip/bugs/185/
 	NOTE: no security impact
-CVE-2016-9294 (Artifex Software, Inc. MuJS before ...)
+CVE-2016-9294
 	NOT-FOR-US: MuJS
-CVE-2016-9279 (Use-after-free vulnerability in the Samsung Exynos fimg2d driver for ...)
+CVE-2016-9279
 	NOT-FOR-US: Samsung Exynos fimg2d driver for Android
-CVE-2016-9278 (The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, ...)
+CVE-2016-9278
 	NOT-FOR-US: Samsung Exynos fimg2d driver for Android
-CVE-2016-9276 (The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf ...)
+CVE-2016-9276
 	- dwarfutils 20161124-1 (bug #844011)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-dwarf_get_aranges_list-dwarf_arange-c
 	NOTE: Same commit as for CVE-2016-9275. Needs the dwarf_arange.c part of the commit.
-CVE-2016-9275 (Heap-based buffer overflow in the _dwarf_skim_forms function in ...)
+CVE-2016-9275
 	- dwarfutils 20161124-1 (bug #844012)
 	[jessie] - dwarfutils <not-affected> (Vulnerable code not present)
 	[wheezy] - dwarfutils <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c
 	NOTE: Same commit as for CVE-2016-9276. Needs the dwarf_macro5.c part of the commit.
-CVE-2016-9273 (tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial ...)
+CVE-2016-9273
 	{DSA-3762-1 DLA-716-1}
 	- tiff 4.0.7-1 (bug #844013)
 	- tiff3 <removed>
@@ -4922,28 +4922,28 @@ CVE-2016-9273 (tiffsplit in libtiff 4.0.6 allows remote attackers to cause a den
 	NOTE: Patch: https://github.com/vadz/libtiff/commit/d651abc097d91fac57f33b5f9447d0a9183f58e7
 	NOTE: Can be reproduced with valgrind in wheezy with libtiff 4.0.2-6+deb7u7
 	NOTE: Can be reproduced with valgrind in jessie with libtiff 4.0.3-12.3+deb8u1
-CVE-2016-9261 (Cross-site scripting (XSS) vulnerability in Tenable Log Correlation ...)
+CVE-2016-9261
 	NOT-FOR-US: Tenable Log Correlation Engine
-CVE-2016-9260 (Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 ...)
+CVE-2016-9260
 	NOT-FOR-US: Nessus
-CVE-2016-9259 (Cross-site scripting (XSS) vulnerability in Tenable Nessus before ...)
+CVE-2016-9259
 	NOT-FOR-US: Nessus
-CVE-2016-9266 (listmp3.c in libming 0.4.7 allows remote attackers to unspecified ...)
+CVE-2016-9266
 	{DLA-799-1}
 	- ming <removed> (bug #843928)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-left-shift-in-listmp3-c
 	NOTE: https://github.com/libming/libming/issues/53
-CVE-2016-9265 (The printMP3Headers function in listmp3.c in Libming 0.4.7 allows ...)
+CVE-2016-9265
 	{DLA-799-1}
 	- ming <removed> (bug #843928)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-divide-by-zero-in-printmp3headers-list
 	NOTE: https://github.com/libming/libming/issues/52
-CVE-2016-9264 (Buffer overflow in the printMP3Headers function in listmp3.c in ...)
+CVE-2016-9264
 	{DLA-799-1}
 	- ming <removed> (bug #843928)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c
 	NOTE: https://github.com/libming/libming/issues/51
-CVE-2016-9262 (Multiple integer overflows in the (1) jas_realloc function in ...)
+CVE-2016-9262
 	- jasper <removed>
 	[jessie] - jasper <not-affected> (Vulnerable code introduced later)
 	[wheezy] - jasper <not-affected> (Vulnerable code introduced later)
@@ -4954,42 +4954,42 @@ CVE-2016-9262 (Multiple integer overflows in the (1) jas_realloc function in ...
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c
 CVE-2016-9258
 	REJECTED
-CVE-2016-9257 (In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be ...)
+CVE-2016-9257
 	NOT-FOR-US: F5
-CVE-2016-9256 (In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl ...)
+CVE-2016-9256
 	NOT-FOR-US: F5
 CVE-2016-9255
 	REJECTED
 CVE-2016-9254
 	REJECTED
-CVE-2016-9253 (In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic ...)
+CVE-2016-9253
 	NOT-FOR-US: F5
-CVE-2016-9252 (The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 ...)
+CVE-2016-9252
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-9251 (In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be ...)
+CVE-2016-9251
 	NOT-FOR-US: F5
-CVE-2016-9250 (In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, ...)
+CVE-2016-9250
 	NOT-FOR-US: F5
-CVE-2016-9249 (An undisclosed traffic pattern received by a BIG-IP Virtual Server ...)
+CVE-2016-9249
 	NOT-FOR-US: F5
 CVE-2016-9248
 	REJECTED
-CVE-2016-9247 (Under certain conditions for BIG-IP systems using a virtual server ...)
+CVE-2016-9247
 	NOT-FOR-US: F5
 CVE-2016-9246
 	REJECTED
-CVE-2016-9245 (In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to ...)
+CVE-2016-9245
 	NOT-FOR-US: F5
-CVE-2016-9244 (A BIG-IP virtual server configured with a Client SSL profile that has ...)
+CVE-2016-9244
 	NOT-FOR-US: F5 TLS stack
 	NOTE: https://ticketbleed.com/
-CVE-2016-9243 (HKDF in cryptography before 1.5.2 returns an empty byte-string if used ...)
+CVE-2016-9243
 	- python-cryptography 1.5.3-1
 	[jessie] - python-cryptography 0.6.1-1+deb8u1
 	NOTE: Upstream bug: https://github.com/pyca/cryptography/issues/3211
 	NOTE: Upstream commit: https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/08/6
-CVE-2016-9242 (Multiple SQL injection vulnerabilities in the update method in ...)
+CVE-2016-9242
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9241
 	REJECTED
@@ -5023,114 +5023,114 @@ CVE-2016-9227
 	REJECTED
 CVE-2016-9226
 	REJECTED
-CVE-2016-9225 (A vulnerability in the data plane IP fragment handler of the Cisco ...)
+CVE-2016-9225
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-9224 (A vulnerability in the Cisco Jabber Guest Server could allow an ...)
+CVE-2016-9224
 	NOT-FOR-US: Cisco
-CVE-2016-9223 (A vulnerability in the Docker Engine configuration of Cisco ...)
+CVE-2016-9223
 	NOT-FOR-US: Cisco
-CVE-2016-9222 (A vulnerability in the web-based management interface of Cisco NetFlow ...)
+CVE-2016-9222
 	NOT-FOR-US: Cisco
-CVE-2016-9221 (A Denial of Service Vulnerability in 802.11 ingress connection ...)
+CVE-2016-9221
 	NOT-FOR-US: Cisco
-CVE-2016-9220 (A Denial of Service Vulnerability in 802.11 ingress packet processing ...)
+CVE-2016-9220
 	NOT-FOR-US: Cisco
-CVE-2016-9219 (A vulnerability with IPv6 UDP ingress packet processing in Cisco ...)
+CVE-2016-9219
 	NOT-FOR-US: Cisco
-CVE-2016-9218 (A vulnerability in Cisco Hybrid Meeting Server could allow an ...)
+CVE-2016-9218
 	NOT-FOR-US: Cisco
-CVE-2016-9217 (A vulnerability in Cisco Intercloud Fabric for Business and Cisco ...)
+CVE-2016-9217
 	NOT-FOR-US: Cisco
-CVE-2016-9216 (An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr ...)
+CVE-2016-9216
 	NOT-FOR-US: Cisco ASR 5000
-CVE-2016-9215 (A vulnerability in Cisco IOS XR Software could allow an authenticated, ...)
+CVE-2016-9215
 	NOT-FOR-US: Cisco
-CVE-2016-9214 (Cisco Identity Services Engine (ISE) contains a vulnerability that ...)
+CVE-2016-9214
 	NOT-FOR-US: Cisco
 CVE-2016-9213
 	REJECTED
-CVE-2016-9212 (A vulnerability in the Decrypt for End-User Notification configuration ...)
+CVE-2016-9212
 	NOT-FOR-US: Cisco
-CVE-2016-9211 (A vulnerability in TCP port management in Cisco ONS 15454 Series ...)
+CVE-2016-9211
 	NOT-FOR-US: Cisco
-CVE-2016-9210 (A vulnerability in the Cisco Unified Reporting upload tool accessed via ...)
+CVE-2016-9210
 	NOT-FOR-US: Cisco
-CVE-2016-9209 (A vulnerability in TCP processing in Cisco FirePOWER system software ...)
+CVE-2016-9209
 	NOT-FOR-US: Cisco
-CVE-2016-9208 (A vulnerability in the File Management Utility, the Download File form, ...)
+CVE-2016-9208
 	NOT-FOR-US: Cisco
-CVE-2016-9207 (A vulnerability in the HTTP traffic server component of Cisco ...)
+CVE-2016-9207
 	NOT-FOR-US: Cisco
-CVE-2016-9206 (A vulnerability in the ccmadmin page of Cisco Unified Communications ...)
+CVE-2016-9206
 	NOT-FOR-US: Cisco
-CVE-2016-9205 (A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR ...)
+CVE-2016-9205
 	NOT-FOR-US: Cisco
-CVE-2016-9204 (A vulnerability in the Cisco Intercloud Fabric (ICF) Director could ...)
+CVE-2016-9204
 	NOT-FOR-US: Cisco
-CVE-2016-9203 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature ...)
+CVE-2016-9203
 	NOT-FOR-US: Cisco
-CVE-2016-9202 (A vulnerability in the web-based management interface of Cisco Email ...)
+CVE-2016-9202
 	NOT-FOR-US: Cisco
-CVE-2016-9201 (A vulnerability in the Zone-Based Firewall feature of Cisco IOS and ...)
+CVE-2016-9201
 	NOT-FOR-US: Cisco
-CVE-2016-9200 (A vulnerability in the web framework code of Cisco Prime Collaboration ...)
+CVE-2016-9200
 	NOT-FOR-US: Cisco
-CVE-2016-9199 (A vulnerability in the Cisco application-hosting framework (CAF) of ...)
+CVE-2016-9199
 	NOT-FOR-US: Cisco
-CVE-2016-9198 (A vulnerability in the Active Directory integration component of Cisco ...)
+CVE-2016-9198
 	NOT-FOR-US: Cisco
-CVE-2016-9197 (A vulnerability in the CLI command parser of the Cisco Mobility Express ...)
+CVE-2016-9197
 	NOT-FOR-US: Cisco
-CVE-2016-9196 (A vulnerability in login authentication management in Cisco Aironet ...)
+CVE-2016-9196
 	NOT-FOR-US: Cisco
-CVE-2016-9195 (A vulnerability in RADIUS Change of Authorization (CoA) request ...)
+CVE-2016-9195
 	NOT-FOR-US: Cisco
-CVE-2016-9194 (A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action ...)
+CVE-2016-9194
 	NOT-FOR-US: Cisco
-CVE-2016-9193 (A vulnerability in the malicious file detection and blocking features ...)
+CVE-2016-9193
 	NOT-FOR-US: Cisco
-CVE-2016-9192 (A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows ...)
+CVE-2016-9192
 	NOT-FOR-US: Cisco
-CVE-2016-9191 (The cgroup offline implementation in the Linux kernel through 4.8.11 ...)
+CVE-2016-9191
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.11-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/93362fa47fe98b62e4a34ab408c4a418432e7939 (v4.10-rc4)
 	NOTE: Introduced by: https://git.kernel.org/linus/f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa (v3.11-rc1)
-CVE-2016-9190 (Pillow before 3.3.2 allows context-dependent attackers to execute ...)
+CVE-2016-9190
 	{DSA-3710-1 DLA-705-1}
 	- pillow 3.4.2-1
 	- python-imaging <removed>
 	NOTE: https://github.com/python-pillow/Pillow/issues/2105
 	NOTE: https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af
-CVE-2016-9189 (Pillow before 3.3.2 allows context-dependent attackers to obtain ...)
+CVE-2016-9189
 	{DSA-3710-1 DLA-705-1}
 	- pillow 3.4.2-1
 	- python-imaging <removed>
 	NOTE: https://github.com/python-pillow/Pillow/issues/2105
 	NOTE: https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f
-CVE-2016-9188 (Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before ...)
+CVE-2016-9188
 	NOTE: Moodle upstream does not believe it is a security vulnerability and the reporter
 	NOTE: did not followed up on requests from upstream to provide clarification, cf. #851405
-CVE-2016-9187 (Unrestricted file upload vulnerability in the double extension support ...)
+CVE-2016-9187
 	NOTE: Moodle upstream does not believe it is a security vulnerability and the reporter
 	NOTE: did not followed up on requests from upstream to provide clarification, cf. #851405
-CVE-2016-9186 (Unrestricted file upload vulnerability in the &quot;legacy course files&quot; and ...)
+CVE-2016-9186
 	NOTE: Moodle upstream does not believe it is a security vulnerability and the reporter
 	NOTE: did not followed up on requests from upstream to provide clarification, cf. #851405
-CVE-2016-9185 (In OpenStack Heat, by launching a new Heat stack with a local URL an ...)
+CVE-2016-9185
 	- heat 1:7.0.0-2 (bug #843232)
 	[jessie] - heat <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ossa/+bug/1606500
-CVE-2016-9184 (In /framework/modules/core/controllers/expHTMLEditorController.php of ...)
+CVE-2016-9184
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9183 (In /framework/modules/ecommerce/controllers/orderController.php of ...)
+CVE-2016-9183
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9182 (Exponent CMS 2.4 uses PHP reflection to call a method of a controller ...)
+CVE-2016-9182
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9177 (Directory traversal vulnerability in Spark 2.5 allows remote attackers ...)
+CVE-2016-9177
 	NOT-FOR-US: Spark (sparkjava)
-CVE-2016-9176 (Stack buffer overflow in the send.exe and receive.exe components of ...)
+CVE-2016-9176
 	NOT-FOR-US: Micro Focus Rumba
 CVE-2016-9175
 	REJECTED
@@ -5144,17 +5144,17 @@ CVE-2016-9171
 	REJECTED
 CVE-2016-9170
 	REJECTED
-CVE-2016-9169 (A reflected XSS vulnerability exists in the web console of the Document ...)
+CVE-2016-9169
 	NOT-FOR-US: Novell
-CVE-2016-9168 (A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in ...)
+CVE-2016-9168
 	NOT-FOR-US: Novell
-CVE-2016-9167 (NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP ...)
+CVE-2016-9167
 	NOT-FOR-US: Novell
 CVE-2016-9166
-	RESERVED
-CVE-2016-9165 (The get_sessions servlet in CA Unified Infrastructure Management ...)
+	TODO: check
+CVE-2016-9165
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2016-9164 (Directory traversal vulnerability in diag.jsp file in CA Unified ...)
+CVE-2016-9164
 	NOT-FOR-US: CA Unified Infrastructure Management
 CVE-2016-9163
 	REJECTED
@@ -5162,41 +5162,41 @@ CVE-2016-9162
 	REJECTED
 CVE-2016-9161
 	REJECTED
-CVE-2016-9160 (A vulnerability in SIEMENS SIMATIC WinCC (All versions &lt; SIMATIC WinCC ...)
+CVE-2016-9160
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2016-9159 (A vulnerability has been identified in SIMATIC S7-300 CPU family, ...)
+CVE-2016-9159
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2016-9158 (A vulnerability has been identified in SIMATIC S7-300 CPU family, ...)
+CVE-2016-9158
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2016-9157 (A vulnerability in Siemens SICAM PAS (all versions before V8.09) could ...)
+CVE-2016-9157
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-9156 (A vulnerability in Siemens SICAM PAS (all versions before V8.09) could ...)
+CVE-2016-9156
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-9155 (The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, ...)
+CVE-2016-9155
 	NOT-FOR-US: Siemens
-CVE-2016-9154 (Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo ...)
+CVE-2016-9154
 	NOT-FOR-US: Siemens Desigo PX
 CVE-2016-9153
 	RESERVED
-CVE-2016-9152 (Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in ...)
+CVE-2016-9152
 	{DLA-738-1}
 	- spip 3.1.4-2 (bug #847156)
 	[jessie] - spip 3.0.17-2+deb8u3
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23290
-CVE-2016-9151 (Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x ...)
+CVE-2016-9151
 	NOT-FOR-US: PAN-OS
-CVE-2016-9150 (Buffer overflow in the management web interface in Palo Alto Networks ...)
+CVE-2016-9150
 	NOT-FOR-US: PAN-OS
-CVE-2016-9149 (The Addresses Object parser in Palo Alto Networks PAN-OS before ...)
+CVE-2016-9149
 	NOT-FOR-US: PAN-OS
-CVE-2016-9148 (Cross-site scripting (XSS) vulnerability in CA Service Desk Manager ...)
+CVE-2016-9148
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2016-9147 (named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows ...)
+CVE-2016-9147
 	{DSA-3758-1 DLA-805-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #851063)
 	NOTE: https://kb.isc.org/article/AA-01440/0
-CVE-2016-9179 (lynx: It was found that Lynx doesn't parse the authority component of ...)
+CVE-2016-9179
 	{DLA-719-1}
 	- lynx 2.8.9dev11-1 (bug #843258)
 	- lynx-cur <removed>
@@ -5204,7 +5204,7 @@ CVE-2016-9179 (lynx: It was found that Lynx doesn't parse the authority componen
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/4
 	NOTE: Slight mitigation and documentation improvement was done in 2.8.9dev.10 upstream
 	NOTE: the uplaod to unstable as 2.8.9dev10-1
-CVE-2016-9644 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the ...)
+CVE-2016-9644
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: No incorrect backport of CVE-2016-9178 done in Debian
 	NOTE: This is only an issue if 1c109fabbd51863475cd12ac206bdd249aee35af
@@ -5213,7 +5213,7 @@ CVE-2016-9644 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in
 	NOTE: src:linux was never affected. 1c109fabbd5 also wasn't backported to
 	NOTE: the 3.2 and 3.16 LTS series
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/2
-CVE-2016-9178 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the ...)
+CVE-2016-9178
 	{DLA-772-1}
 	- linux 4.7.5-1
 	[jessie] - linux 3.16.39-1
@@ -5231,7 +5231,7 @@ CVE-2016-9142
 	REJECTED
 CVE-2016-9141
 	REJECTED
-CVE-2016-9181 (perl-Image-Info: When parsing an SVG file, external entity expansion ...)
+CVE-2016-9181
 	- libimage-info-perl 1.39-1 (bug #842891)
 	[jessie] - libimage-info-perl <no-dsa> (Minor issue)
 	[wheezy] - libimage-info-perl <no-dsa> (Minor issue)
@@ -5245,7 +5245,7 @@ CVE-2016-9181 (perl-Image-Info: When parsing an SVG file, external entity expans
 	NOTE: so as a workaround the underlying SAX parser is fixed to
 	NOTE: XML::SAX::PurePerl which is uncapable of processing external entities
 	NOTE: but unfortunately it is also a slow parser.
-CVE-2016-9180 (perl-XML-Twig: The option to `expand_external_ents`, documented as ...)
+CVE-2016-9180
 	- libxml-twig-perl <unfixed> (low; bug #842893)
 	[stretch] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via point release)
@@ -5255,158 +5255,158 @@ CVE-2016-9180 (perl-XML-Twig: The option to `expand_external_ents`, documented a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/02/1
 	NOTE: Release 3.50 adds a no_xxe flag which will fail to parse files with external entities.
 	NOTE: 2016-12-13: The corresponding changes is not in the public git repository yet: https://github.com/mirod/xmltwig/commits/master
-CVE-2016-9136 (Artifex Software, Inc. MuJS before ...)
+CVE-2016-9136
 	NOT-FOR-US: MuJS
-CVE-2016-9135 (Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in ...)
+CVE-2016-9135
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9134 (Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in ...)
+CVE-2016-9134
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9133
 	RESERVED
-CVE-2016-9132 (In Botan 1.8.0 through 1.11.33, when decoding BER data an integer ...)
+CVE-2016-9132
 	{DLA-786-1}
 	- botan1.10 1.10.14-1
 	[jessie] - botan1.10 <ignored> (Minor issue, not believed to be exploitable in practice)
 	NOTE: Fixed in 1.10.14 and 1.11.34, all prior versions affected.
 	NOTE: Fixed by: https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f
-CVE-2016-9131 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and ...)
+CVE-2016-9131
 	{DSA-3758-1 DLA-805-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #851065)
 	NOTE: https://kb.isc.org/article/AA-01439/0
-CVE-2016-9130 (Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for ...)
+CVE-2016-9130
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9129 (Revive Adserver before 3.2.3 suffers from Information Exposure Through ...)
+CVE-2016-9129
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9128 (Revive Adserver before 3.2.3 suffers from reflected XSS. The ...)
+CVE-2016-9128
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9127 (Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery ...)
+CVE-2016-9127
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9126 (Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are ...)
+CVE-2016-9126
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9125 (Revive Adserver before 3.2.3 suffers from session fixation, by ...)
+CVE-2016-9125
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9124 (Revive Adserver before 3.2.3 suffers from Improper Restriction of ...)
+CVE-2016-9124
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9123 (go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit ...)
+CVE-2016-9123
 	- golang-gopkg-square-go-jose.v1 1.0.5-1
-CVE-2016-9122 (go-jose before 1.0.4 suffers from multiple signatures exploitation. ...)
+CVE-2016-9122
 	- golang-gopkg-square-go-jose.v1 1.0.5-1
-CVE-2016-9121 (go-jose before 1.0.4 suffers from an invalid curve attack for the ...)
+CVE-2016-9121
 	- golang-gopkg-square-go-jose.v1 1.0.5-1
 CVE-2016-9140
 	REJECTED
-CVE-2016-9139 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
+CVE-2016-9139
 	{DLA-787-1}
 	- otrs2 5.0.14-1 (bug #843091)
 	[jessie] - otrs2 3.3.18-1+deb8u1
 	NOTE: https://community.otrs.com/security-advisory-2016-02-security-update-otrs
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/5
 	NOTE: upstream fix likely https://github.com/OTRS/otrs/commit/6578a8bcf82529461302291ab3fcb500363b005a
-CVE-2016-9120 (Race condition in the ion_ioctl function in ...)
+CVE-2016-9120
 	- linux 4.6.1-1 (unimportant)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/9590232bb4f4cc824f3425a6e1349afbe6d6d2b7 (v4.6-rc1)
-CVE-2016-9119 (Cross-site scripting (XSS) vulnerability in the link dialogue in GUI ...)
+CVE-2016-9119
 	{DSA-3715-1 DLA-717-1}
 	- moin 1.9.9-1 (bug #844338)
 	NOTE: Fixed by: http://hg.moinmo.in/moin/1.9/rev/3bddf075fdbd
-CVE-2016-9118 (Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of ...)
+CVE-2016-9118
 	{DSA-4013-1}
 	- openjpeg2 2.1.2-1.2 (bug #844557)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/861
 	NOTE: https://github.com/uclouvain/openjpeg/commit/c22cbd8bdf8ff2ae372f94391a4be2d322b36b41
-CVE-2016-9117 (NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in ...)
+CVE-2016-9117
 	- openjpeg2 <unfixed> (unimportant; bug #844556)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/860
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9116 (NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in ...)
+CVE-2016-9116
 	- openjpeg2 <unfixed> (unimportant; bug #844555)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/859
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9115 (Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ...)
+CVE-2016-9115
 	- openjpeg2 <unfixed> (unimportant; bug #844554)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/858
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9114 (There is a NULL Pointer Access in function imagetopnm of ...)
+CVE-2016-9114
 	- openjpeg2 <unfixed> (unimportant; bug #844553)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/857
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9113 (There is a NULL pointer dereference in function imagetobmp of ...)
+CVE-2016-9113
 	- openjpeg2 <unfixed> (unimportant; bug #844552)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/856
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9112 (Floating Point Exception (aka FPE or divide by zero) in ...)
+CVE-2016-9112
 	- openjpeg2 2.1.2-1.2 (bug #844551)
 	[stretch] - openjpeg2 <no-dsa> (Minor issue)
 	[jessie] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b
 	NOTE: https://github.com/uclouvain/openjpeg/issues/855
-CVE-2016-9111 (Incorrect access control mechanisms in Citrix Receiver Desktop Lock ...)
+CVE-2016-9111
 	NOT-FOR-US: Citrix
 CVE-2016-9110
 	RESERVED
-CVE-2016-9100 (Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 ...)
+CVE-2016-9100
 	NOT-FOR-US: Symantec
-CVE-2016-9099 (Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ...)
+CVE-2016-9099
 	NOT-FOR-US: Symantec
 CVE-2016-9098
 	REJECTED
-CVE-2016-9097 (The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ...)
+CVE-2016-9097
 	NOT-FOR-US: Symantec
 CVE-2016-9096
 	REJECTED
 CVE-2016-9095
 	REJECTED
-CVE-2016-9094 (Symantec Endpoint Protection clients place detected malware in ...)
+CVE-2016-9094
 	NOT-FOR-US: Symantec
-CVE-2016-9093 (A version of the SymEvent Driver that shipped with Symantec Endpoint ...)
+CVE-2016-9093
 	NOT-FOR-US: Symantec
-CVE-2016-9092 (The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail ...)
+CVE-2016-9092
 	NOT-FOR-US: Symantec
-CVE-2016-9091 (Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content ...)
+CVE-2016-9091
 	NOT-FOR-US: Blue Coat Advanced Secure Gateway
 CVE-2016-9090
 	RESERVED
 CVE-2016-9089
 	RESERVED
-CVE-2016-9109 (Artifex Software MuJS allows attackers to cause a denial of service ...)
+CVE-2016-9109
 	NOT-FOR-US: MuJS
-CVE-2016-9108 (Integer overflow in the js_regcomp function in regexp.c in Artifex ...)
+CVE-2016-9108
 	NOT-FOR-US: MuJS
-CVE-2016-9107 (The OTR plugin for Gajim sends information in cleartext when using ...)
+CVE-2016-9107
 	- gajim-otr <itp> (bug #722130)
 	NOTE: Upstream bug: https://trac-plugins.gajim.org/ticket/145
 	NOTE: Upstream fix: https://trac-plugins.gajim.org/changeset/c7c2e519ed63377bc943dd01c4661b0fe49321ae
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/30/2
-CVE-2016-9106 (Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka ...)
+CVE-2016-9106
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/4
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9
-CVE-2016-9105 (Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka ...)
+CVE-2016-9105
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/3
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=4c1586787ff43c9acd18a56c12d720e3e6be9f7c
-CVE-2016-9104 (Multiple integer overflows in the (1) v9fs_xattr_read and (2) ...)
+CVE-2016-9104
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/2
-CVE-2016-9103 (The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick ...)
+CVE-2016-9103
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/1
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=eb687602853b4ae656e9236ee4222609f3a6887d
-CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ...)
+CVE-2016-9102
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
@@ -5414,7 +5414,7 @@ CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in Q
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1389550
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/15
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff55e94d23ae94c8628b0115320157c763eb3e06
-CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows ...)
+CVE-2016-9101
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842455)
 	- qemu-kvm <removed>
@@ -5424,38 +5424,38 @@ CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) all
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=2634ab7fe29b3f75d0865b719caf8f310d634aae (v2.8.0-rc0)
 CVE-2016-9088
 	RESERVED
-CVE-2016-9087 (SQL injection vulnerability in ...)
+CVE-2016-9087
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9086 (GitLab versions 8.9.x and above contain a critical security flaw in the ...)
+CVE-2016-9086
 	- gitlab 8.13.3+dfsg1-2 (bug #843519)
 	NOTE: https://hackerone.com/reports/178152
 	NOTE: https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/
-CVE-2016-9081 (Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, ...)
+CVE-2016-9081
 	NOT-FOR-US: Joomla!
-CVE-2016-9080 (Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs ...)
+CVE-2016-9080
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9080
-CVE-2016-9079 (A use-after-free vulnerability in SVG Animation has been discovered. ...)
+CVE-2016-9079
 	{DSA-3730-1 DSA-3728-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0.2-1
 	- firefox-esr 45.5.1esr-1
 	- icedove 1:45.5.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/#CVE-2016-9079
-CVE-2016-9078 (Redirection from an HTTP connection to a &quot;data:&quot; URL assigns the ...)
+CVE-2016-9078
 	- firefox 50.0.2-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/
-CVE-2016-9077 (Canvas allows the use of the &quot;feDisplacementMap&quot; filter on images ...)
+CVE-2016-9077
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9076 (An issue where a &quot;&lt;select&gt;&quot; dropdown menu can be used to cover ...)
+CVE-2016-9076
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9075 (An issue where WebExtensions can use the mozAddonManager API to ...)
+CVE-2016-9075
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9074 (An existing mitigation of timing side-channel attacks is insufficient ...)
+CVE-2016-9074
 	{DSA-3730-1 DSA-3716-1 DLA-759-1 DLA-752-1}
 	- nss 2:3.26.2-1
 	[jessie] - nss <no-dsa> (Minor issue, can be fixed in point release or future DSA)
@@ -5463,47 +5463,47 @@ CVE-2016-9074 (An existing mitigation of timing side-channel attacks is insuffic
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/#CVE-2016-9074
-CVE-2016-9073 (WebExtensions can bypass security checks to load privileged URLs and ...)
+CVE-2016-9073
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9072 (When a new Firefox profile is created on 64-bit Windows installations, ...)
+CVE-2016-9072
 	- firefox <not-affected> (Only affects Firefox on Windows 64bit)
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9071 (Content Security Policy combined with HTTP to HTTPS redirection can be ...)
+CVE-2016-9071
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9070 (A maliciously crafted page loaded to the sidebar through a bookmark ...)
+CVE-2016-9070
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9069 (A use-after-free in nsINode::ReplaceOrInsertBefore during DOM ...)
+CVE-2016-9069
 	- firefox 50.0-1
-CVE-2016-9068 (A use-after-free during web animations when working with timelines ...)
+CVE-2016-9068
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9067 (Two use-after-free errors during DOM operations resulting in ...)
+CVE-2016-9067
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9066 (A buffer overflow resulting in a potentially exploitable crash due to ...)
+CVE-2016-9066
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-9065 (The location bar in Firefox for Android can be spoofed by forcing a ...)
+CVE-2016-9065
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-9064 (Add-on updates failed to verify that the add-on ID inside the signed ...)
+CVE-2016-9064
 	{DSA-3716-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
-CVE-2016-9063 (An integer overflow during the parsing of XML using the Expat library. ...)
+CVE-2016-9063
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
 	- expat 2.2.0-2
 	[jessie] - expat 2.1.0-6+deb8u4
 	[wheezy] - expat <no-dsa> (Minor issue)
 	NOTE: Expat upstream fix: https://github.com/libexpat/libexpat/commit/d4f735b88d9932bd5039df2335eefdd0723dbe20
-CVE-2016-9062 (Private browsing mode leaves metadata information, such as URLs, for ...)
+CVE-2016-9062
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-9061 (A previously installed malicious Android application which defines a ...)
+CVE-2016-9061
 	- firefox <not-affected> (Only affects Firefox on Android)
 CVE-2016-9060
 	REJECTED
@@ -5517,31 +5517,31 @@ CVE-2016-9056
 	REJECTED
 CVE-2016-9055
 	REJECTED
-CVE-2016-9054 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2016-9054
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9053 (An exploitable out-of-bounds indexing vulnerability exists within the ...)
+CVE-2016-9053
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9052 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2016-9052
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9051 (An exploitable out-of-bounds write vulnerability exists in the batch ...)
+CVE-2016-9051
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9050 (An exploitable out-of-bounds read vulnerability exists in the client ...)
+CVE-2016-9050
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9049 (An exploitable denial-of-service vulnerability exists in the ...)
+CVE-2016-9049
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9048 (Multiple exploitable SQL Injection vulnerabilities exists in ...)
+CVE-2016-9048
 	NOT-FOR-US: ProcessMaker Enterprise Core
 CVE-2016-9047
 	RESERVED
 CVE-2016-9046
 	RESERVED
-CVE-2016-9045 (A code execution vulnerability exists in ProcessMaker Enterprise Core ...)
+CVE-2016-9045
 	NOT-FOR-US: ProcessMaker Enterprise Core
-CVE-2016-9044 (An exploitable command execution vulnerability exists in Information ...)
+CVE-2016-9044
 	NOT-FOR-US: Information Builders WebFOCUS Business Intelligence Porta
-CVE-2016-9043 (An out of bound write vulnerability exists in the EMF parsing ...)
+CVE-2016-9043
 	NOT-FOR-US: CorelDRAW X8
-CVE-2016-9042 (An exploitable denial of service vulnerability exists in the origin ...)
+CVE-2016-9042
 	- ntp 1:4.2.8p10+dfsg-1
 	[jessie] - ntp <not-affected> (Doesn't use the affected upstream patch)
 	[wheezy] - ntp <not-affected> (Doesn't use the affected upstream patch)
@@ -5553,19 +5553,19 @@ CVE-2016-9042 (An exploitable denial of service vulnerability exists in the orig
 	NOTE: http://pkgs.fedoraproject.org/cgit/rpms/ntp.git/tree/ntp-4.2.6p5-cve-2015-8138.patch?h=f24
 CVE-2016-9041
 	REJECTED
-CVE-2016-9040 (An exploitable denial of service exists in the the Joyent SmartOS OS ...)
+CVE-2016-9040
 	NOT-FOR-US: Joyent
-CVE-2016-9039 (An exploitable denial of service exists in the Joyent SmartOS ...)
+CVE-2016-9039
 	NOT-FOR-US: Joyent
-CVE-2016-9038 (An exploitable double fetch vulnerability exists in the SboxDrv.sys ...)
+CVE-2016-9038
 	NOT-FOR-US: Invincea-X
-CVE-2016-9037 (An exploitable out-of-bounds array access vulnerability exists in the ...)
+CVE-2016-9037
 	- tarantool 1.7.2.385.g952d79e-1
 	[jessie] - tarantool <not-affected> (Vulnerable code not present)
 	[wheezy] - tarantool <not-affected> (Not vulnerable)
 	NOTE: https://github.com/tarantool/tarantool/issues/1992
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0255/
-CVE-2016-9036 (An exploitable incorrect return value vulnerability exists in the ...)
+CVE-2016-9036
 	- msgpuck 1.0.3-1.1 (bug #849212)
 	NOTE: https://github.com/rtsisyk/msgpuck/issues/12
 	- tarantool 1.7.2.385.g952d79e-1
@@ -5573,17 +5573,17 @@ CVE-2016-9036 (An exploitable incorrect return value vulnerability exists in the
 	[wheezy] - tarantool <not-affected> (Not vulnerable)
 	NOTE: https://github.com/tarantool/tarantool/issues/1991
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0254/
-CVE-2016-9035 (An exploitable buffer overflow exists in the Joyent SmartOS ...)
+CVE-2016-9035
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9034 (An exploitable buffer overflow exists in the Joyent SmartOS ...)
+CVE-2016-9034
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9033 (An exploitable buffer overflow exists in the Joyent SmartOS ...)
+CVE-2016-9033
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9032 (An exploitable buffer overflow exists in the Joyent SmartOS ...)
+CVE-2016-9032
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9031 (An exploitable integer overflow exists in the Joyent SmartOS ...)
+CVE-2016-9031
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9085 (Multiple integer overflows in libwebp allows attackers to have ...)
+CVE-2016-9085
 	- libwebp <unfixed> (unimportant; bug #842714)
 	[wheezy] - libwebp <not-affected> (vulnerable code not present)
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83
@@ -5592,19 +5592,19 @@ CVE-2016-9085 (Multiple integer overflows in libwebp allows attackers to have ..
 	NOTE: Origin of the file seems to be from libav
 	NOTE: 0.5.1-3 claims the upload fixed CVE-2016-8888 and CVE-2016-9085 but the taken patches
 	NOTE: look different, needs further investigation before marking as fixed
-CVE-2016-9084 (drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 ...)
+CVE-2016-9084
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://patchwork.kernel.org/patch/9373631/
 	NOTE: Fixed by: https://git.kernel.org/linus/05692d7005a364add85c6e25a6c4447ce08f913a (v4.9-rc4)
-CVE-2016-9083 (drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows ...)
+CVE-2016-9083
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://patchwork.kernel.org/patch/9373631/
 	NOTE: Fixed by: https://git.kernel.org/linus/05692d7005a364add85c6e25a6c4447ce08f913a (v4.9-rc4)
-CVE-2016-9082 (Integer overflow in the write_png function in cairo 1.14.6 allows ...)
+CVE-2016-9082
 	{DLA-688-1}
 	- cairo 1.14.6-1.1 (bug #842289)
 	[jessie] - cairo 1.14.0-2.1+deb8u2
@@ -5614,7 +5614,7 @@ CVE-2016-9030
 	RESERVED
 CVE-2016-9029
 	RESERVED
-CVE-2016-9028 (Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 ...)
+CVE-2016-9028
 	NOT-FOR-US: Citrix
 CVE-2016-9027
 	RESERVED
@@ -5630,40 +5630,40 @@ CVE-2016-9022
 	RESERVED
 CVE-2016-9021
 	RESERVED
-CVE-2016-9020 (SQL injection vulnerability in ...)
+CVE-2016-9020
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9019 (SQL injection vulnerability in the activate_address function in ...)
+CVE-2016-9019
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9018 (Improper handling of a repeating VRAT chunk in qcpfformat.dll allows ...)
+CVE-2016-9018
 	NOT-FOR-US: RealPlayer
-CVE-2016-9017 (Artifex Software, Inc. MuJS before ...)
+CVE-2016-9017
 	NOT-FOR-US: MuJS
-CVE-2016-9015 (Versions 1.17 and 1.18 of the Python urllib3 library suffer from a ...)
+CVE-2016-9015
 	- python-urllib3 <not-affected> (Issue only present in 1.17 and 1.18 releases)
-CVE-2016-9014 (Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x ...)
+CVE-2016-9014
 	{DSA-3835-1 DLA-706-1}
 	- python-django 1:1.10.3-1 (bug #842856)
 	NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
 	NOTE: https://github.com/django/django/commit/7fe2d8d940fdddd1a02c4754008a27060c4a03e9
-CVE-2016-9013 (Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before ...)
+CVE-2016-9013
 	{DSA-3835-1}
 	- python-django 1:1.10.3-1 (bug #842856)
 	[wheezy] - python-django <no-dsa> (Minor issue; specific to Oracle)
 	NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
 	NOTE: https://github.com/django/django/commit/da7910d4834726eca596af0a830762fa5fb2dfd9
-CVE-2016-9012 (CloudVision Portal (CVP) before 2016.1.2.1 allows remote authenticated ...)
+CVE-2016-9012
 	NOT-FOR-US: CloudVision Portal
-CVE-2016-9010 (IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote ...)
+CVE-2016-9010
 	NOT-FOR-US: IBM
-CVE-2016-9009 (IBM WebSphere MQ 8.0 could allow an authenticated user with authority ...)
+CVE-2016-9009
 	NOT-FOR-US: IBM
-CVE-2016-9008 (IBM UrbanCode Deploy could allow a malicious user to access the Agent ...)
+CVE-2016-9008
 	NOT-FOR-US: IBM
 CVE-2016-9007
 	RESERVED
-CVE-2016-9006 (IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site ...)
+CVE-2016-9006
 	NOT-FOR-US: IBM
-CVE-2016-9005 (IBM System Storage TS3100-TS3200 Tape Library could allow an ...)
+CVE-2016-9005
 	NOT-FOR-US: IBM
 CVE-2016-9004
 	RESERVED
@@ -5673,11 +5673,11 @@ CVE-2016-9002
 	RESERVED
 CVE-2016-9001
 	RESERVED
-CVE-2016-9000 (IBM InfoSphere DataStage is vulnerable to cross-frame scripting, ...)
+CVE-2016-9000
 	NOT-FOR-US: IBM
-CVE-2016-8999 (IBM InfoSphere Information Server contains a Path-relative stylesheet ...)
+CVE-2016-8999
 	NOT-FOR-US: IBM
-CVE-2016-8998 (IBM Tivoli Storage Manager Server 7.1 could allow an authenticated ...)
+CVE-2016-8998
 	NOT-FOR-US: IBM
 CVE-2016-8997
 	RESERVED
@@ -5699,9 +5699,9 @@ CVE-2016-8989
 	RESERVED
 CVE-2016-8988
 	RESERVED
-CVE-2016-8987 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an ...)
+CVE-2016-8987
 	NOT-FOR-US: IBM
-CVE-2016-8986 (IBM WebSphere MQ 8.0 could allow an authenticated user with access to ...)
+CVE-2016-8986
 	NOT-FOR-US: IBM
 CVE-2016-8985
 	RESERVED
@@ -5709,51 +5709,51 @@ CVE-2016-8984
 	RESERVED
 CVE-2016-8983
 	RESERVED
-CVE-2016-8982 (IBM InfoSphere Information Server stores sensitive information in URL ...)
+CVE-2016-8982
 	NOT-FOR-US: IBM
-CVE-2016-8981 (IBM BigFix Inventory v9 allows web pages to be stored locally which ...)
+CVE-2016-8981
 	NOT-FOR-US: IBM
-CVE-2016-8980 (IBM BigFix Inventory v9 is vulnerable to a denial of service, caused ...)
+CVE-2016-8980
 	NOT-FOR-US: IBM
 CVE-2016-8979
 	RESERVED
 CVE-2016-8978
 	RESERVED
-CVE-2016-8977 (IBM BigFix Inventory v9 could disclose sensitive information to an ...)
+CVE-2016-8977
 	NOT-FOR-US: IBM
 CVE-2016-8976
 	RESERVED
-CVE-2016-8975 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. ...)
+CVE-2016-8975
 	NOT-FOR-US: IBM
-CVE-2016-8974 (IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, ...)
+CVE-2016-8974
 	NOT-FOR-US: IBM
-CVE-2016-8973 (IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability ...)
+CVE-2016-8973
 	NOT-FOR-US: IBM
-CVE-2016-8972 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root ...)
+CVE-2016-8972
 	NOT-FOR-US: IBM
-CVE-2016-8971 (IBM WebSphere MQ 8.0 could allow an authenticated user with queue ...)
+CVE-2016-8971
 	NOT-FOR-US: IBM
 CVE-2016-8970
 	RESERVED
 CVE-2016-8969
 	RESERVED
-CVE-2016-8968 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
+CVE-2016-8968
 	NOT-FOR-US: IBM
-CVE-2016-8967 (IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear ...)
+CVE-2016-8967
 	NOT-FOR-US: IBM
-CVE-2016-8966 (IBM BigFix Inventory v9 could allow a remote attacker to obtain ...)
+CVE-2016-8966
 	NOT-FOR-US: IBM
 CVE-2016-8965
 	RESERVED
-CVE-2016-8964 (IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting ...)
+CVE-2016-8964
 	NOT-FOR-US: IBM
-CVE-2016-8963 (IBM BigFix Inventory v9 stores potentially sensitive information in ...)
+CVE-2016-8963
 	NOT-FOR-US: IBM
-CVE-2016-8962 (IBM BigFix Inventory 9.2 does not require that users should have ...)
+CVE-2016-8962
 	NOT-FOR-US: IBM
-CVE-2016-8961 (IBM BigFix Inventory v9 could allow a remote attacker to conduct ...)
+CVE-2016-8961
 	NOT-FOR-US: IBM
-CVE-2016-8960 (IBM Cognos Business Intelligence 10.2 could allow a user with lower ...)
+CVE-2016-8960
 	NOT-FOR-US: IBM Cognos Business Intelligence
 CVE-2016-8959
 	RESERVED
@@ -5765,99 +5765,99 @@ CVE-2016-8956
 	RESERVED
 CVE-2016-8955
 	RESERVED
-CVE-2016-8954 (IBM dashDB Local uses hard-coded credentials that could allow a remote ...)
+CVE-2016-8954
 	NOT-FOR-US: IBM
-CVE-2016-8953 (IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote ...)
+CVE-2016-8953
 	NOT-FOR-US: IBM
-CVE-2016-8952 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through ...)
+CVE-2016-8952
 	NOT-FOR-US: IBM
-CVE-2016-8951 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through ...)
+CVE-2016-8951
 	NOT-FOR-US: IBM
-CVE-2016-8950 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
+CVE-2016-8950
 	NOT-FOR-US: IBM
-CVE-2016-8949 (IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could ...)
+CVE-2016-8949
 	NOT-FOR-US: IBM
-CVE-2016-8948 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
+CVE-2016-8948
 	NOT-FOR-US: IBM
-CVE-2016-8947 (IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote ...)
+CVE-2016-8947
 	NOT-FOR-US: IBM
-CVE-2016-8946 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
+CVE-2016-8946
 	NOT-FOR-US: IBM
 CVE-2016-8945
 	RESERVED
-CVE-2016-8944 (IBM AIX 7.1 and 7.2 allows a local user to open a file with a ...)
+CVE-2016-8944
 	NOT-FOR-US: IBM
-CVE-2016-8943 (IBM Tivoli Storage Productivity Center is vulnerable to cross-site ...)
+CVE-2016-8943
 	NOT-FOR-US: IBM
-CVE-2016-8942 (IBM Tivoli Storage Productivity Center could allow an authenticated ...)
+CVE-2016-8942
 	NOT-FOR-US: IBM
-CVE-2016-8941 (IBM Tivoli Storage Productivity Center is vulnerable to cross-site ...)
+CVE-2016-8941
 	NOT-FOR-US: IBM
-CVE-2016-8940 (IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and ...)
+CVE-2016-8940
 	NOT-FOR-US: IBM
-CVE-2016-8939 (IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) ...)
+CVE-2016-8939
 	NOT-FOR-US: IBM
-CVE-2016-8938 (IBM UrbanCode Deploy could allow a user to execute code using a ...)
+CVE-2016-8938
 	NOT-FOR-US: IBM
-CVE-2016-8937 (The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) ...)
+CVE-2016-8937
 	NOT-FOR-US: IBM
-CVE-2016-8936 (IBM Social Rendering Templates for Digital Data Connector is ...)
+CVE-2016-8936
 	NOT-FOR-US: IBM
-CVE-2016-8935 (IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 ...)
+CVE-2016-8935
 	NOT-FOR-US: IBM
-CVE-2016-8934 (IBM WebSphere Application Server is vulnerable to cross-site ...)
+CVE-2016-8934
 	NOT-FOR-US: IBM
-CVE-2016-8933 (IBM Kenexa LMS on Cloud could allow a remote attacker to traverse ...)
+CVE-2016-8933
 	NOT-FOR-US: IBM
-CVE-2016-8932 (IBM Kenexa LMS on Cloud could allow a remote attacker to upload ...)
+CVE-2016-8932
 	NOT-FOR-US: IBM
-CVE-2016-8931 (IBM Kenexa LMS on Cloud could allow a remote attacker to upload ...)
+CVE-2016-8931
 	NOT-FOR-US: IBM
-CVE-2016-8930 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote ...)
+CVE-2016-8930
 	NOT-FOR-US: IBM
-CVE-2016-8929 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote ...)
+CVE-2016-8929
 	NOT-FOR-US: IBM
-CVE-2016-8928 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote ...)
+CVE-2016-8928
 	NOT-FOR-US: IBM
-CVE-2016-8927 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is ...)
+CVE-2016-8927
 	NOT-FOR-US: IBM
-CVE-2016-8926 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 ...)
+CVE-2016-8926
 	NOT-FOR-US: IBM
-CVE-2016-8925 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 ...)
+CVE-2016-8925
 	NOT-FOR-US: IBM
-CVE-2016-8924 (IBM Maximo Asset Management 7.1, 7.5 and 7.6 could allow a remote ...)
+CVE-2016-8924
 	NOT-FOR-US: IBM
-CVE-2016-8923 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a ...)
+CVE-2016-8923
 	NOT-FOR-US: IBM
-CVE-2016-8922 (Exphox WebRadar is vulnerable to cross-site scripting. This ...)
+CVE-2016-8922
 	NOT-FOR-US: Exphox WebRadar
-CVE-2016-8921 (IBM FileNet WorkPlace XT could allow a remote attacker to upload ...)
+CVE-2016-8921
 	NOT-FOR-US: IBM
-CVE-2016-8920 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to ...)
+CVE-2016-8920
 	NOT-FOR-US: IBM
-CVE-2016-8919 (IBM WebSphere Application Server may be vulnerable to a denial of ...)
+CVE-2016-8919
 	NOT-FOR-US: IBM
-CVE-2016-8918 (IBM Integration Bus, under non default configurations, could allow a ...)
+CVE-2016-8918
 	NOT-FOR-US: IBM
-CVE-2016-8917 (IBM Sterling Order Management 9.2 - 9.5 is vulnerable to cross-site ...)
+CVE-2016-8917
 	NOT-FOR-US: IBM
-CVE-2016-8916 (IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password ...)
+CVE-2016-8916
 	NOT-FOR-US: IBM
-CVE-2016-8915 (IBM WebSphere MQ 8.0 could allow an authenticated user with access to ...)
+CVE-2016-8915
 	NOT-FOR-US: IBM
 CVE-2016-8914
 	RESERVED
-CVE-2016-8913 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote ...)
+CVE-2016-8913
 	NOT-FOR-US: IBM
-CVE-2016-8912 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially ...)
+CVE-2016-8912
 	NOT-FOR-US: IBM
-CVE-2016-8911 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote ...)
+CVE-2016-8911
 	NOT-FOR-US: IBM
-CVE-2016-9016 (Firejail 0.9.38.4 allows local users to execute arbitrary commands ...)
+CVE-2016-9016
 	- firejail 0.9.44-1
 	NOTE: https://github.com/netblue30/firejail/commit/46dc2b34f1fbbc4597b4ff9f6a3cb28b2d500d1b
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/25/3
-CVE-2016-9011 (The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote ...)
+CVE-2016-9011
 	{DLA-694-1}
 	- libwmf 0.2.8.4-10.6 (bug #842090)
 	[jessie] - libwmf 0.2.8.4-10.3+deb8u2
@@ -5865,19 +5865,19 @@ CVE-2016-9011 (The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/libwmf-memory-allocation-failure-in-wmf_malloc-api-c
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00015-libwmf-memalloc-wmf_malloc
 	NOTE: Proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=842090;filename=libwmf-0.2.8.4-CVE-2016-9011-debian.patch;msg=10
-CVE-2016-8908 (SQL injection vulnerability in the &quot;Site Browser &gt; HTML pages&quot; screen ...)
+CVE-2016-8908
 	NOT-FOR-US: dotCMS
-CVE-2016-8907 (SQL injection vulnerability in the &quot;Content Types &gt; Content Types&quot; ...)
+CVE-2016-8907
 	NOT-FOR-US: dotCMS
-CVE-2016-8906 (SQL injection vulnerability in the &quot;Site Browser &gt; Links pages&quot; screen ...)
+CVE-2016-8906
 	NOT-FOR-US: dotCMS
-CVE-2016-8905 (SQL injection vulnerability in the JSONTags servlet in dotCMS before ...)
+CVE-2016-8905
 	NOT-FOR-US: dotCMS
-CVE-2016-8904 (SQL injection vulnerability in the &quot;Site Browser &gt; Containers pages&quot; ...)
+CVE-2016-8904
 	NOT-FOR-US: dotCMS
-CVE-2016-8903 (SQL injection vulnerability in the &quot;Site Browser &gt; Templates pages&quot; ...)
+CVE-2016-8903
 	NOT-FOR-US: dotCMS
-CVE-2016-8902 (SQL injection vulnerability in the categoriesServlet servlet in dotCMS ...)
+CVE-2016-8902
 	NOT-FOR-US: dotCMS
 CVE-2016-8901
 	RESERVED
@@ -5903,19 +5903,19 @@ CVE-2016-8891
 	RESERVED
 CVE-2016-8890
 	RESERVED
-CVE-2016-8889 (In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 ...)
+CVE-2016-8889
 	NOT-FOR-US: Bitcoin Knots
 CVE-2016-8888
 	RESERVED
-CVE-2016-8879 (The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in ...)
+CVE-2016-8879
 	NOT-FOR-US: Foxit
-CVE-2016-8878 (Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before ...)
+CVE-2016-8878
 	NOT-FOR-US: Foxit
-CVE-2016-8877 (Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit ...)
+CVE-2016-8877
 	NOT-FOR-US: Foxit
-CVE-2016-8876 (Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before ...)
+CVE-2016-8876
 	NOT-FOR-US: Foxit
-CVE-2016-8875 (The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on ...)
+CVE-2016-8875
 	NOT-FOR-US: Foxit
 CVE-2016-8874
 	RESERVED
@@ -5923,15 +5923,15 @@ CVE-2016-8873
 	RESERVED
 CVE-2016-8872
 	RESERVED
-CVE-2016-8871 (In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding ...)
+CVE-2016-8871
 	- botan1.10 <not-affected> (Only affects 1.11.29 through 1.11.32)
-CVE-2016-8870 (The register method in the UsersModelRegistration class in ...)
+CVE-2016-8870
 	NOT-FOR-US: Joomla!
-CVE-2016-8869 (The register method in the UsersModelRegistration class in ...)
+CVE-2016-8869
 	NOT-FOR-US: Joomla!
 CVE-2016-8868
 	RESERVED
-CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with misconfigured ...)
+CVE-2016-8867
 	- docker.io <not-affected> (Not built from/with a runc with "ambient capabilities")
 	- runc <not-affected> ("ambient capabilities" introduced later, cf bug #853240)
 	NOTE: https://github.com/docker/docker/issues/27590
@@ -5944,13 +5944,13 @@ CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with misconfigu
 	NOTE: in runc.
 CVE-2016-8865
 	RESERVED
-CVE-2016-8864 (named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and ...)
+CVE-2016-8864
 	{DSA-3703-1 DLA-696-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #842858)
 	NOTE: https://kb.isc.org/article/AA-01434
 	NOTE: upstream fix https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=8bd0c12d53bea6f299e92d20ee0a23b16a7f65bc
-CVE-2016-8863 (Heap-based buffer overflow in the create_url_list function in ...)
+CVE-2016-8863
 	{DSA-3736-1 DLA-748-1 DLA-747-1}
 	- libupnp 1:1.6.19+git20160116-1.2 (bug #842093)
 	- libupnp4 <removed>
@@ -5960,9 +5960,9 @@ CVE-2016-8861
 	RESERVED
 CVE-2016-8857
 	RESERVED
-CVE-2016-8856 (Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux ...)
+CVE-2016-8856
 	NOT-FOR-US: Foxit
-CVE-2016-8855 (Cross-Site Scripting (XSS) in &quot;/sitecore/client/Applications/List ...)
+CVE-2016-8855
 	NOT-FOR-US: Sitecore Experience Platform
 CVE-2016-8854
 	REJECTED
@@ -6018,9 +6018,9 @@ CVE-2016-8829
 	REJECTED
 CVE-2016-8828
 	REJECTED
-CVE-2016-8827 (NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a ...)
+CVE-2016-8827
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2016-8826 (All versions of NVIDIA GPU Display Driver contain a vulnerability in ...)
+CVE-2016-8826
 	- nvidia-graphics-drivers 375.26-1 (bug #848195)
 	[jessie] - nvidia-graphics-drivers 340.101-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -6028,111 +6028,111 @@ CVE-2016-8826 (All versions of NVIDIA GPU Display Driver contain a vulnerability
 	- nvidia-graphics-drivers-legacy-304xx 304.134-1 (bug #848197)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.134-0~deb8u1
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/4278
-CVE-2016-8825 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8825
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8824 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8824
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8823 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8823
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8822 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8822
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8821 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8821
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8820 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8820
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8819 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8819
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8818 (All versions of NVIDIA Windows GPU Display contain a vulnerability in ...)
+CVE-2016-8818
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8817 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8817
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8816 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8816
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8815 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8815
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8814 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8814
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8813 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2016-8813
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8812 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce ...)
+CVE-2016-8812
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8811 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-8811
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8810 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-8810
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8809 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-8809
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8808 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-8808
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8807 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-8807
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8806 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-8806
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8805 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-8805
 	NOT-FOR-US: Nvidia Windows driver
 CVE-2016-8804
 	RESERVED
-CVE-2016-8803 (The maintenance module in Huawei FusionStorage V100R003C30U1 allows ...)
+CVE-2016-8803
 	NOT-FOR-US: Huawei
-CVE-2016-8802 (The security policy processing module in Huawei Secospace USG6300 with ...)
+CVE-2016-8802
 	NOT-FOR-US: Huawei
-CVE-2016-8801 (Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions ...)
+CVE-2016-8801
 	NOT-FOR-US: Huawei
 CVE-2016-8800
 	REJECTED
 CVE-2016-8799
 	REJECTED
-CVE-2016-8798 (Huawei USG5500 with software V300R001C00 and V300R001C00 allows ...)
+CVE-2016-8798
 	NOT-FOR-US: Huawei
-CVE-2016-8797 (Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; ...)
+CVE-2016-8797
 	NOT-FOR-US: Huawei
-CVE-2016-8796 (Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 ...)
+CVE-2016-8796
 	NOT-FOR-US: Huawei
-CVE-2016-8795 (Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, ...)
+CVE-2016-8795
 	NOT-FOR-US: Huawei
-CVE-2016-8794 (Huawei Mate 8 phones with software Versions before ...)
+CVE-2016-8794
 	NOT-FOR-US: Huawei
-CVE-2016-8793 (Huawei Mate 8 phones with software Versions before ...)
+CVE-2016-8793
 	NOT-FOR-US: Huawei
-CVE-2016-8792 (Huawei Mate 8 phones with software Versions before ...)
+CVE-2016-8792
 	NOT-FOR-US: Huawei
-CVE-2016-8791 (Huawei Mate 8 phones with software Versions before ...)
+CVE-2016-8791
 	NOT-FOR-US: Huawei
-CVE-2016-8790 (Huawei CloudEngine 5800 with software before V200R001C00SPC700, ...)
+CVE-2016-8790
 	NOT-FOR-US: Huawei
-CVE-2016-8789 (Huawei eSpace Integrated Access Device (IAD) with software ...)
+CVE-2016-8789
 	NOT-FOR-US: Huawei
 CVE-2016-8788
 	REJECTED
 CVE-2016-8787
 	REJECTED
-CVE-2016-8786 (Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, ...)
+CVE-2016-8786
 	NOT-FOR-US: Huawei
-CVE-2016-8785 (Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 ...)
+CVE-2016-8785
 	NOT-FOR-US: Huawei
-CVE-2016-8784 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, ...)
+CVE-2016-8784
 	NOT-FOR-US: Huawei
-CVE-2016-8783 (Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than ...)
+CVE-2016-8783
 	NOT-FOR-US: Huawei
-CVE-2016-8782 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, ...)
+CVE-2016-8782
 	NOT-FOR-US: Huawei
-CVE-2016-8781 (Huawei Secospace USG6300 with software V500R001C20 and ...)
+CVE-2016-8781
 	NOT-FOR-US: Huawei
-CVE-2016-8780 (Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, ...)
+CVE-2016-8780
 	NOT-FOR-US: Huawei
-CVE-2016-8779 (Huawei FusionAccess with software V100R005C10 and V100R005C20 could ...)
+CVE-2016-8779
 	NOT-FOR-US: Huawei
 CVE-2016-8778
 	REJECTED
 CVE-2016-8777
 	REJECTED
-CVE-2016-8776 (Huawei P9 phones with software ...)
+CVE-2016-8776
 	NOT-FOR-US: Huawei
-CVE-2016-8775 (Touch Panel (TP) driver in Huawei NEM phones with software Versions ...)
+CVE-2016-8775
 	NOT-FOR-US: Huawei
-CVE-2016-8774 (The HIFI driver in Huawei Mate 8 phones with software versions before ...)
+CVE-2016-8774
 	NOT-FOR-US: Huawei
-CVE-2016-8773 (Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, ...)
+CVE-2016-8773
 	NOT-FOR-US: Huawei
 CVE-2016-8772
 	REJECTED
@@ -6140,9 +6140,9 @@ CVE-2016-8771
 	REJECTED
 CVE-2016-8770
 	REJECTED
-CVE-2016-8769 (Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted ...)
+CVE-2016-8769
 	NOT-FOR-US: Huawei
-CVE-2016-8768 (Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions ...)
+CVE-2016-8768
 	NOT-FOR-US: Huawei
 CVE-2016-8767
 	REJECTED
@@ -6150,47 +6150,47 @@ CVE-2016-8766
 	REJECTED
 CVE-2016-8765
 	REJECTED
-CVE-2016-8764 (The TrustZone driver in Huawei P9 phones with software Versions ...)
+CVE-2016-8764
 	NOT-FOR-US: Huawei
-CVE-2016-8763 (The TrustZone driver in Huawei P9 phones with software Versions earlier ...)
+CVE-2016-8763
 	NOT-FOR-US: Huawei
-CVE-2016-8762 (The TrustZone driver in Huawei P9 phones with software Versions earlier ...)
+CVE-2016-8762
 	NOT-FOR-US: Huawei
-CVE-2016-8761 (Video driver in Huawei P9 phones with software versions before ...)
+CVE-2016-8761
 	NOT-FOR-US: Huawei
-CVE-2016-8760 (Touchscreen driver in Huawei P9 phones with software versions before ...)
+CVE-2016-8760
 	NOT-FOR-US: Huawei
-CVE-2016-8759 (Video driver in Huawei P9 phones with software versions before ...)
+CVE-2016-8759
 	NOT-FOR-US: Huawei
-CVE-2016-8758 (ION memory management module in Huawei Mate8 phones with software ...)
+CVE-2016-8758
 	NOT-FOR-US: Huawei
-CVE-2016-8757 (ION memory management module in Huawei P9 phones with software ...)
+CVE-2016-8757
 	NOT-FOR-US: Huawei
-CVE-2016-8756 (ION memory management module in Huawei Mate 8 phones with software ...)
+CVE-2016-8756
 	NOT-FOR-US: Huawei
 CVE-2016-8755
 	REJECTED
-CVE-2016-8754 (Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key ...)
+CVE-2016-8754
 	NOT-FOR-US: Huawei
 CVE-2016-8753
 	REJECTED
-CVE-2016-8752 (Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and ...)
+CVE-2016-8752
 	NOT-FOR-US: Apache Atlas
-CVE-2016-8751 (Apache Ranger before 0.6.3 is vulnerable to a Stored Cross-Site ...)
+CVE-2016-8751
 	NOT-FOR-US: Apache Ranger
-CVE-2016-8750 (Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate ...)
+CVE-2016-8750
 	- apache-karaf <itp> (bug #881297)
-CVE-2016-8749 (Apache Camel's Jackson and JacksonXML unmarshalling operation are ...)
+CVE-2016-8749
 	NOT-FOR-US: Apache Camel
-CVE-2016-8748 (In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a ...)
+CVE-2016-8748
 	NOT-FOR-US: Apache NiFi
-CVE-2016-8747 (An information disclosure issue was discovered in Apache Tomcat 8.5.7 ...)
+CVE-2016-8747
 	- tomcat8 8.5.9-1
 	[jessie] - tomcat8 <not-affected> (Only affects 8.5.7 to 8.5.9)
 	NOTE: http://svn.apache.org/r1774166
-CVE-2016-8746 (Apache Ranger before 0.6.3 policy engine incorrectly matches paths in ...)
+CVE-2016-8746
 	NOT-FOR-US: Apache Ranger
-CVE-2016-8745 (A bug in the error handling of the send file code for the NIO HTTP ...)
+CVE-2016-8745
 	{DSA-3755-1 DSA-3754-1 DLA-779-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.9-1
@@ -6202,9 +6202,9 @@ CVE-2016-8745 (A bug in the error handling of the send file code for the NIO HTT
 	NOTE: Fixed by: http://svn.apache.org/r1777469 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1777471 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1777472 (6.0.x)
-CVE-2016-8744 (Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. ...)
+CVE-2016-8744
 	NOT-FOR-US: Apache Brooklyn
-CVE-2016-8743 (Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was ...)
+CVE-2016-8743
 	{DSA-3796-1 DLA-841-2 DLA-841-1}
 	- apache2 2.4.25-1
 	NOTE: https://lists.apache.org/thread.html/139862b41c0dfd5e6e00ad89c00119f9faf0dd41a2f927da9c9a4076@%3Cannounce.httpd.apache.org%3E
@@ -6217,26 +6217,26 @@ CVE-2016-8743 (Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, w
 	NOTE: Affects: 2.2.0 to 2.4.23.
 	NOTE: Fixed in 2.4.25.
 	NOTE: For 2.2 preparation is done in http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x-merge-http-strict/
-CVE-2016-8742 (The Windows installer that the Apache CouchDB team provides was ...)
+CVE-2016-8742
 	NOT-FOR-US: Windows installer for Apache CouchDB
-CVE-2016-8741 (The Apache Qpid Broker for Java can be configured to use different so ...)
+CVE-2016-8741
 	- qpid-java <itp> (bug #840131)
-CVE-2016-8740 (The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, ...)
+CVE-2016-8740
 	- apache2 2.4.25-1 (bug #847124)
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
-CVE-2016-8739 (The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to ...)
+CVE-2016-8739
 	NOT-FOR-US: Apache CXF
-CVE-2016-8738 (In Apache Struts 2.5 through 2.5.5, if an application allows entering ...)
+CVE-2016-8738
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <end-of-life> (no longer supported)
 	NOTE: https://struts.apache.org/docs/s2-044.html
-CVE-2016-8737 (In Apache Brooklyn before 0.10.0, the REST server is vulnerable to ...)
+CVE-2016-8737
 	NOT-FOR-US: Apache Brooklyn
-CVE-2016-8736 (Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code ...)
+CVE-2016-8736
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-8735 (Remote code execution is possible with Apache Tomcat before 6.0.48, ...)
+CVE-2016-8735
 	{DSA-3739-1 DSA-3738-1 DLA-729-1 DLA-728-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.39-1
@@ -6247,7 +6247,7 @@ CVE-2016-8735 (Remote code execution is possible with Apache Tomcat before 6.0.4
 	NOTE: Fixed by: http://svn.apache.org/r1767656 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767676 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767684 (6.0.x)
-CVE-2016-8734 (Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 ...)
+CVE-2016-8734
 	- subversion 1.9.5-1 (low)
 	[jessie] - subversion 1.8.10-6+deb8u5
 	[wheezy] - subversion <no-dsa> (Minor issue, binary packages not affected since built against Neon as HTTP library)
@@ -6255,86 +6255,86 @@ CVE-2016-8734 (Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0
 	NOTE: library), though source is. (unimporant) for individual lines is not supported, thus workaround by marking
 	NOTE: as no-dsa.
 	NOTE: https://subversion.apache.org/security/CVE-2016-8734-advisory.txt
-CVE-2016-8733 (An exploitable integer overflow exists in the Joyent SmartOS ...)
+CVE-2016-8733
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-8732 (Multiple security flaws exists in InvProtectDrv.sys which is a part of ...)
+CVE-2016-8732
 	NOT-FOR-US: Invincea Dell Protected Workspace
-CVE-2016-8731 (Hard-coded FTP credentials (r:r) are included in the Foscam C1 running ...)
+CVE-2016-8731
 	NOT-FOR-US: Foscam C1
-CVE-2016-8730 (An of bound write / memory corruption vulnerability exists in the GIF ...)
+CVE-2016-8730
 	NOT-FOR-US: Core PHOTO-PAINT X8
-CVE-2016-8729 (An exploitable memory corruption vulnerability exists in the JBIG2 ...)
+CVE-2016-8729
 	{DSA-3817-1 DLA-874-1}
 	- jbig2dec 0.13-4 (bug #863886)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698438
 	NOTE: http://git.ghostscript.com/?p=jbig2dec.git;h=e698d5c11d27212aa1098bc5b1673a3378563092
-CVE-2016-8728 (An exploitable heap out of bounds write vulnerability exists in the ...)
+CVE-2016-8728
 	- mupdf <not-affected> (Vulnerable code introduced in 1.10, cf. #863545)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242%20
-CVE-2016-8727 (An exploitable information disclosure vulnerability exists in the Web ...)
+CVE-2016-8727
 	NOT-FOR-US: Moxa
-CVE-2016-8726 (An exploitable null pointer dereference vulnerability exists in the ...)
+CVE-2016-8726
 	NOT-FOR-US: Moxa
-CVE-2016-8725 (An exploitable information disclosure vulnerability exists in the Web ...)
+CVE-2016-8725
 	NOT-FOR-US: Moxa
-CVE-2016-8724 (An exploitable information disclosure vulnerability exists in the ...)
+CVE-2016-8724
 	NOT-FOR-US: Moxa
-CVE-2016-8723 (An exploitable null pointer dereference exists in the Web Application ...)
+CVE-2016-8723
 	NOT-FOR-US: Moxa
-CVE-2016-8722 (An exploitable Information Disclosure vulnerability exists in the Web ...)
+CVE-2016-8722
 	NOT-FOR-US: Moxa
-CVE-2016-8721 (An exploitable OS Command Injection vulnerability exists in the web ...)
+CVE-2016-8721
 	NOT-FOR-US: Moxa
-CVE-2016-8720 (An exploitable HTTP Header Injection vulnerability exists in the Web ...)
+CVE-2016-8720
 	NOT-FOR-US: Moxa
-CVE-2016-8719 (An exploitable reflected Cross-Site Scripting vulnerability exists in ...)
+CVE-2016-8719
 	NOT-FOR-US: Moxa
-CVE-2016-8718 (An exploitable Cross-Site Request Forgery vulnerability exists in the ...)
+CVE-2016-8718
 	NOT-FOR-US: Moxa
-CVE-2016-8717 (An exploitable Use of Hard-coded Credentials vulnerability exists in ...)
+CVE-2016-8717
 	NOT-FOR-US: Moxa
-CVE-2016-8716 (An exploitable Cleartext Transmission of Password vulnerability exists ...)
+CVE-2016-8716
 	NOT-FOR-US: Moxa
-CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the loadTrailer ...)
+CVE-2016-8715
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8714 (An exploitable buffer overflow vulnerability exists in the ...)
+CVE-2016-8714
 	{DSA-3813-1 DLA-861-1}
 	- r-base 3.3.3-1 (bug #857466)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0227/
-CVE-2016-8713 (A remote out of bound write / memory corruption vulnerability exists ...)
+CVE-2016-8713
 	NOT-FOR-US: Nitro Pro
-CVE-2016-8712 (An exploitable nonce reuse vulnerability exists in the Web Application ...)
+CVE-2016-8712
 	NOT-FOR-US: Moxa
-CVE-2016-8711 (A potential remote code execution vulnerability exists in the PDF ...)
+CVE-2016-8711
 	NOT-FOR-US: Nitro Pro
-CVE-2016-8710 (An exploitable heap write out of bounds vulnerability exists in the ...)
+CVE-2016-8710
 	- ffmpeg <not-affected> (Vulnerable code wasn't part of ffmpeg according to upstream)
 	NOTE: The libbpg library is not packaged in Debian but seem embedded in ffmpeg
 	NOTE: http://blog.talosintel.com/2017/01/vulnerability-spotlight-libbpg-image.html
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0223/
-CVE-2016-8709 (A remote out of bound write / memory corruption vulnerability exists ...)
+CVE-2016-8709
 	NOT-FOR-US: Nitro Pro
 CVE-2016-8708
 	REJECTED
-CVE-2016-8707 (An exploitable out of bounds write exists in the handling of ...)
+CVE-2016-8707
 	{DSA-3799-1 DLA-756-1}
 	- imagemagick 8:6.9.7.0+dfsg-2 (bug #848139)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0216/
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/e5fd9ab1b70b2edd06de8efb606e04482cb9a2f0 (7.0.3-9)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/fde5f55af94f189f16958535a9c22b439d71ac93 (6.9.6-7)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/e5dc6d628a1c6049dc95adcea5e49aaa7ef2c778 (6.9.6-7)
-CVE-2016-8706 (An integer overflow in process_bin_sasl_auth function in Memcached, ...)
+CVE-2016-8706
 	{DSA-3704-1 DLA-701-1}
 	- memcached 1.4.33-1 (bug #842814)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0221/
 	NOTE: upstream fix https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
-CVE-2016-8705 (Multiple integer overflows in process_bin_update function in ...)
+CVE-2016-8705
 	{DSA-3704-1 DLA-701-1}
 	- memcached 1.4.33-1 (bug #842812)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0220/
 	NOTE: upstream fix https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
-CVE-2016-8704 (An integer overflow in the process_bin_append_prepend function in ...)
+CVE-2016-8704
 	{DSA-3704-1 DLA-701-1}
 	- memcached 1.4.33-1 (bug #842811)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0219/
@@ -6345,15 +6345,15 @@ CVE-2016-1000035
 	RESERVED
 CVE-2016-1000034
 	RESERVED
-CVE-2016-1000032 (TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a ...)
+CVE-2016-1000032
 	NOT-FOR-US: TGCaptcha2
-CVE-2016-8910 (The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka ...)
+CVE-2016-8910
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #841955)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/2
-CVE-2016-8909 (The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick ...)
+CVE-2016-8909
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #841950)
 	- qemu-kvm <removed>
@@ -6364,18 +6364,18 @@ CVE-2016-XXXX [Privilege escalation possible to other user than root]
 	NOTE: This is strongly related to the problem described in CVE-2016-7543 and the correction
 	NOTE: is very similar.
 	NOTE: https://lists.gnu.org/archive/html/bug-bash/2015-12/msg00112.html
-CVE-2016-10249 (Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in ...)
+CVE-2016-10249
 	{DSA-3827-1 DLA-739-1}
 	- jasper <removed>
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568 (version-1.900.12)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00001-jasper-heapoverflow-jpc_dec_tiledecode
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/23/7
-CVE-2016-10250 (The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 ...)
+CVE-2016-10250
 	- jasper <not-affected> (Incomplete fix for CVE-206-8887 not applied)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00002-jasper-NULLptr-jp2_colr_destroy
 	NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887
-CVE-2016-8887 (The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer ...)
+CVE-2016-8887
 	{DLA-739-1}
 	- jasper <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c
@@ -6384,7 +6384,7 @@ CVE-2016-8887 (The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPe
 	NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887
 	NOTE: and include the fix to not make jasper vulnerable to the incomplete fix.
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8886 (The jas_malloc function in libjasper/base/jas_malloc.c in JasPer ...)
+CVE-2016-8886
 	- jasper <removed> (low)
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
@@ -6397,21 +6397,21 @@ CVE-2016-XXXX [sendmail: Privilege escalation from group smmsp to root]
 	[jessie] - sendmail 8.14.4-8+deb8u2
 	[wheezy] - sendmail <no-dsa> (Minor issue)
 	NOTE: no unprivileged user should be in smmsp group and there is no known vulnerability to gain smmsp group membership
-CVE-2016-8885 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before ...)
+CVE-2016-8885
 	- jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698
-CVE-2016-8884 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 ...)
+CVE-2016-8884
 	- jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698
-CVE-2016-8883 (The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 ...)
+CVE-2016-8883
 	{DLA-739-1}
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/32
 	NOTE: https://github.com/mdadams/jasper/commit/33cc2cfa51a8d0fc3116d16cc1d8fc581b3f9e8d
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8882 (The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer ...)
+CVE-2016-8882
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/30
@@ -6421,14 +6421,14 @@ CVE-2016-8881
 	REJECTED
 CVE-2016-8880
 	REJECTED
-CVE-2016-8866 (The AcquireMagickMemory function in MagickCore/memory.c in ...)
+CVE-2016-8866
 	{DLA-756-1}
 	- imagemagick <not-affected>
 	NOTE: For incomplete fix of CVE-2016-8862
 	NOTE: https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/
 	NOTE: This is not a real problem in imagemagick but caused by the "observer" (the address sanitizer), cf.
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255 .
-CVE-2016-8859 (Multiple integer overflows in the TRE library and musl libc allow ...)
+CVE-2016-8859
 	{DLA-687-1}
 	- tre 0.8.0-5 (bug #842169)
 	[jessie] - tre 0.8.0-4+deb8u1
@@ -6437,13 +6437,13 @@ CVE-2016-8859 (Multiple integer overflows in the TRE library and musl libc allow
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/19/1
 	NOTE: other issues may still be present in tre after this: https://github.com/laurikari/tre/issues/37
 	NOTE: musl patch: http://git.musl-libc.org/cgit/musl/commit/?id=c3edc06d1e1360f3570db9155d6b318ae0d0f0f7, not released yet
-CVE-2016-8858 (** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x ...)
+CVE-2016-8858
 	- openssh 1:7.3p1-2 (bug #841884)
 	[jessie] - openssh <ignored> (Minor issue)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
 	NOTE: Only thing the attacker could do here is self-dos own connection
-CVE-2016-8862 (The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick ...)
+CVE-2016-8862
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.6+dfsg-1 (bug #845634)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/
@@ -6452,21 +6452,21 @@ CVE-2016-8862 (The AcquireMagickMemory function in MagickCore/memory.c in ImageM
 	NOTE: this CVE make sure to fix it completely to not open up CVE-2016-8866.
 	NOTE: The "incomplete fix" though is not a real problem, cf. https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/17/4
-CVE-2016-8860 (Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal ...)
+CVE-2016-8860
 	{DSA-3694-1 DLA-663-1}
 	- tor 0.2.8.9-1
 	NOTE: https://trac.torproject.org/projects/tor/ticket/20384
 	NOTE: https://blog.torproject.org/blog/tor-0289-released-important-fixes
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/11
-CVE-2016-9138 (PHP through 5.6.27 and 7.x through 7.0.12 mishandles property ...)
+CVE-2016-9138
 	{DSA-3732-1}
 	- php7.0 7.0.12-1
 	- php5 <removed>
 	[wheezy] - php5 <not-affected> (Vulnerable code not present in version 5.4.45)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/7
-CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in ...)
+CVE-2016-9137
 	{DSA-3698-1}
 	- php7.0 7.0.12-1
 	- php5 <removed>
@@ -6475,83 +6475,83 @@ CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in ..
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0e6fe3a4c96be2d3e88389a5776f878021b4c59f
 	NOTE: Fixed in 7.0.12, 5.6.27
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/1
-CVE-2016-8673 (Cross-site request forgery (CSRF) vulnerability in the integrated web ...)
+CVE-2016-8673
 	NOT-FOR-US: Siemens SIMATIC CP
-CVE-2016-8672 (The integrated web server on Siemens SIMATIC CP 343-1 Advanced prior to ...)
+CVE-2016-8672
 	NOT-FOR-US: Siemens SIMATIC CP
-CVE-2016-6911 (The dynamicGetbuf function in the GD Graphics Library (aka libgd) ...)
+CVE-2016-6911
 	{DSA-3693-1 DLA-665-1}
 	- libgd2 2.2.3-87-gd0fec80-2 (bug #840806)
 	NOTE: Corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch
 	NOTE: https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae
-CVE-2016-8703 (Heap-based buffer overflow in the bm_readbody_bmp function in ...)
+CVE-2016-8703
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8702 (Heap-based buffer overflow in the bm_readbody_bmp function in ...)
+CVE-2016-8702
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8701 (Heap-based buffer overflow in the bm_readbody_bmp function in ...)
+CVE-2016-8701
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8700 (Heap-based buffer overflow in the bm_readbody_bmp function in ...)
+CVE-2016-8700
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8699 (Heap-based buffer overflow in the bm_readbody_bmp function in ...)
+CVE-2016-8699
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8698 (Heap-based buffer overflow in the bm_readbody_bmp function in ...)
+CVE-2016-8698
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8697 (The bm_new function in bitmap.h in potrace before 1.13 allows remote ...)
+CVE-2016-8697
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-divide-by-zero-in-bm_new-bitmap-h/
-CVE-2016-8696 (The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 ...)
+CVE-2016-8696
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8695 (The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 ...)
+CVE-2016-8695
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8694 (The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 ...)
+CVE-2016-8694
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8693 (Double free vulnerability in the mem_close function in jas_stream.c in ...)
+CVE-2016-8693
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (bug #841110)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-double-free-in-mem_close-jas_stream-c/
 	NOTE: https://github.com/mdadams/jasper/commit/44a524e367597af58d6265ae2014468b334d0309
-CVE-2016-8692 (The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer ...)
+CVE-2016-8692
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (unimportant; bug #841111)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8691 (The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer ...)
+CVE-2016-8691
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (unimportant; bug #841111)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8690 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before ...)
+CVE-2016-8690
 	{DLA-1583-1}
 	- jasper <removed> (low; bug #841112)
 	[wheezy] - jasper <no-dsa> (Minor issue)
@@ -6559,13 +6559,13 @@ CVE-2016-8690 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer bef
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
 	NOTE: The original fix is incomplete resulting in two follow ups CVE-2016-8884 and
 	NOTE: CVE-2016-8885.
-CVE-2016-8689 (The read_Header function in archive_read_support_format_7zip.c in ...)
+CVE-2016-8689
 	{DLA-1600-1 DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840934)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
 	NOTE: https://github.com/libarchive/libarchive/issues/761
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
-CVE-2016-8688 (The mtree bidder in libarchive 3.2.1 does not keep track of line sizes ...)
+CVE-2016-8688
 	{DLA-1600-1 DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840935)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
@@ -6574,61 +6574,61 @@ CVE-2016-8688 (The mtree bidder in libarchive 3.2.1 does not keep track of line
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-bid_entry-archive_read_support_format_mtree-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca
-CVE-2016-8687 (Stack-based buffer overflow in the safe_fprintf function in tar/util.c ...)
+CVE-2016-8687
 	{DLA-1600-1 DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840936)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
 	NOTE: https://github.com/libarchive/libarchive/issues/767
-CVE-2016-8678 (The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ...)
+CVE-2016-8678
 	- imagemagick <unfixed> (unimportant; bug #845204)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h/
 	NOTE: unimportant: Only an issue with a QuantumDepth=64 build, thus not affecting the binary packages
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/272
-CVE-2016-8677 (The AcquireQuantumPixels function in MagickCore/quantum.c in ...)
+CVE-2016-8677
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-1 (bug #845206)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60
-CVE-2016-8676 (The get_vlc2 function in get_bits.h in Libav 11.9 allows remote ...)
+CVE-2016-8676
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
-CVE-2016-8675 (The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote ...)
+CVE-2016-8675
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
 	NOTE: Fixed by: https://github.com/libav/libav/commit/e5b019725f53b79159931d3a7317107cbbfd0860
 	NOTE: Cf. CVE-2016-8676 as well which remain unfixed after e5b019725f53b79159931d3a7317107cbbfd0860
-CVE-2016-8674 (The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows ...)
+CVE-2016-8674
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-2 (bug #840957)
 	[wheezy] - mupdf <not-affected> (Crash is not reproducible with reprocuder. Needs clarification from upstream.)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697015
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697019
-CVE-2016-8670 (Integer signedness error in the dynamicGetbuf function in gd_io_dp.c ...)
+CVE-2016-8670
 	{DSA-3693-1 DLA-665-1}
 	- libgd2 2.2.3-87-gd0fec80-1 (bug #840805)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280
 	NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/15/1
-CVE-2016-8671 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not ...)
+CVE-2016-8671
 	- matrixssl <not-affected> (Incomplete fix for CVE-2016-6887 not applied)
 	NOTE: https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-incomplete-fix-for-CVE-2016-6887.html
-CVE-2016-8669 (The serial_update_parameters function in hw/char/serial.c in QEMU (aka ...)
+CVE-2016-8669
 	{DLA-1497-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840945)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02461.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384909
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=3592fe0c919cf27a81d8e9f9b4f269553418bb01
-CVE-2016-8668 (The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka ...)
+CVE-2016-8668
 	- qemu 1:2.8+dfsg-1 (bug #840948)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02501.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384896
-CVE-2016-8667 (The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick ...)
+CVE-2016-8667
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-4 (bug #840950)
 	[wheezy] - qemu <no-dsa> (minor issue)
@@ -6643,13 +6643,13 @@ CVE-2016-8663
 	REJECTED
 CVE-2016-8662
 	REJECTED
-CVE-2016-8661 (Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow ...)
+CVE-2016-8661
 	NOT-FOR-US: Little Snitch
-CVE-2016-8657 (It was discovered that EAP packages in certain versions of Red Hat ...)
+CVE-2016-8657
 	NOT-FOR-US: Red Hat JBoss; jbossas Red Hat configuration file permissions and init script
-CVE-2016-8656 (Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to ...)
+CVE-2016-8656
 	NOT-FOR-US: Red Hat JBoss; jbossas init script
-CVE-2016-8655 (Race condition in net/packet/af_packet.c in the Linux kernel through ...)
+CVE-2016-8655
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
@@ -6657,21 +6657,21 @@ CVE-2016-8655 (Race condition in net/packet/af_packet.c in the Linux kernel thro
 	NOTE: Introduced by: https://git.kernel.org/linus/f6fb8f100b807378fda19e83e5ac6828b638603a (v3.2-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/84ac7260236a49c79eede91617700174c2c19b0c (v4.9-rc8)
 	NOTE: Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-8654 (A heap-buffer overflow vulnerability was found in QMFB code in JPC ...)
+CVE-2016-8654
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed>
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/93
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/94
 	NOTE: https://github.com/mdadams/jasper/commit/4a59cfaf9ab3d48fca4a15c0d2674bf7138e3d1a
-CVE-2016-8653 (It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red ...)
+CVE-2016-8653
 	NOT-FOR-US: JMX endpoint of Red Hat JBoss Fuse 6 and Red Hat A-MQ 6
-CVE-2016-8652 (The auth component in Dovecot before 2.2.27, when auth-policy is ...)
+CVE-2016-8652
 	- dovecot 1:2.2.27-1 (bug #846605)
 	[jessie] - dovecot <not-affected> (Only affects 2.2.25 up and including 2.2.26.1)
 	[wheezy] - dovecot <not-affected> (Only affects 2.2.25 up and including 2.2.26.1)
-CVE-2016-8651 (An input validation flaw was found in the way OpenShift 3 handles ...)
+CVE-2016-8651
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-8650 (The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through ...)
+CVE-2016-8650
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -6680,204 +6680,204 @@ CVE-2016-8650 (The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel th
 	NOTE: Fixed by: https://git.kernel.org/linus/f5527fffff3f002b0a6b376163613b82f69de073
 	NOTE: Introduced by https://git.kernel.org/linus/cdec9cb5167ab1113ba9c58e395f664d9d3f9acb (v3.3-rc1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343162 (not yet opened)
-CVE-2016-8649 (lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker ...)
+CVE-2016-8649
 	- lxc 1:2.0.6-1 (bug #845465)
 	[jessie] - lxc 1:1.0.6-6+deb8u5
 	[wheezy] - lxc <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c
 	NOTE: Details: https://launchpad.net/bugs/1639345
 	NOTE: To be complete this needs as well changes to src:linux
-CVE-2016-8648 (It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, ...)
+CVE-2016-8648
 	NOT-FOR-US: Karaf container uses by Red Hat products
-CVE-2016-8647 (An input validation vulnerability was found in Ansible's mysql_user ...)
+CVE-2016-8647
 	- ansible 2.2.0.0-4 (bug #844691)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ansible/ansible-modules-core/pull/5388
-CVE-2016-8646 (The hash_accept function in crypto/algif_hash.c in the Linux kernel ...)
+CVE-2016-8646
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
 	NOTE: https://lkml.org/lkml/2016/10/12/198
 	NOTE: Fixed by: https://git.kernel.org/linus/4afa5f9617927453ac04b24b584f6c718dfb4f45 (v4.4-rc2)
-CVE-2016-8645 (The TCP stack in the Linux kernel before 4.8.10 mishandles skb ...)
+CVE-2016-8645
 	{DLA-772-1}
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ac6e780070e30e4c35bd395acfe9191e6268bdd3 (v4.9-rc6)
-CVE-2016-8644 (In Moodle 2.x and 3.x, the capability to view course notes is checked ...)
+CVE-2016-8644
 	- moodle 2.7.17+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=343277
-CVE-2016-8643 (In Moodle 2.x and 3.x, non-admin site managers may accidentally edit ...)
+CVE-2016-8643
 	- moodle 2.7.17+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=343276
-CVE-2016-8642 (In Moodle 2.x and 3.x, the question engine allows access to files that ...)
+CVE-2016-8642
 	- moodle 2.7.17+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=343275
-CVE-2016-10089 (Nagios 4.3.2 and earlier allows local users to gain root privileges ...)
+CVE-2016-10089
 	- nagios3 <not-affected> (Vulnerable code not present)
 	NOTE: Flaw in upstream damon-init.in. Debian package installs an own init-skript.
-CVE-2016-8641 (A privilege escalation vulnerability was found in nagios 4.2.x that ...)
+CVE-2016-8641
 	- nagios3 <not-affected> (Vulnerable code not present)
 	NOTE: Flaw in upstream damon-init.in. Debian package installs an own init-skript.
-CVE-2016-8640 (A SQL injection vulnerability in pycsw all versions before 2.0.2, ...)
+CVE-2016-8640
 	- pycsw 2.0.2+dfsg-1
 	NOTE: https://github.com/geopython/pycsw/pull/474/files
 	NOTE: https://patch-diff.githubusercontent.com/raw/geopython/pycsw/pull/474.patch
-CVE-2016-8639 (It was found that foreman before 1.13.0 is vulnerable to a stored XSS ...)
+CVE-2016-8639
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/15037
 	NOTE: https://github.com/theforeman/foreman/pull/3523
-CVE-2016-8638 (A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 ...)
+CVE-2016-8638
 	- ipsilon <itp> (bug #826838)
 	NOTE: https://ipsilon-project.org/advisory/CVE-2016-8638.txt
 	NOTE: https://pagure.io/ipsilon/c/511fa8b7001c2f9a42301aa1d4b85aaf170a461c
-CVE-2016-8637 (A local information disclosure issue was found in dracut before 045 ...)
+CVE-2016-8637
 	- dracut 044+189-1 (low; bug #843697)
 	[jessie] - dracut <no-dsa> (Minor issue)
 	[wheezy] - dracut <not-affected> (Introduced in 030 upstream)
 	NOTE: Fixed by: http://git.kernel.org/cgit/boot/dracut/dracut.git/commit/?id=0db98910a11c12a454eac4c8e86dc7a7bbc764a4
 	NOTE: Introduced by: http://git.kernel.org/cgit/boot/dracut/dracut.git/commit/?id=5f2c30d9bcd614d546d5c55c6897e33f88b9ab90 (030)
-CVE-2016-8636 (Integer overflow in the mem_check_range function in ...)
+CVE-2016-8636
 	- linux 4.9.10-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fix https://github.com/torvalds/linux/commit/647bf3d8a8e5777319da92af672289b2a6c4dc66
-CVE-2016-8635 (It was found that Diffie Hellman Client key exchange handling in NSS ...)
+CVE-2016-8635
 	- nss 2:3.25-1
 	NOTE: Patch as applied in CentOS (but contains other changes):
 	NOTE: https://git.centos.org/blob/rpms!nss!/aada6b10b73091276397404059605d13e7548462/SOURCES!moz-1314604.patch
 	NOTE: Further info: https://bugzilla.redhat.com/show_bug.cgi?id=1391818
 	NOTE: Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1314604
-CVE-2016-8634 (A vulnerability was found in foreman 1.14.0. When creating an ...)
+CVE-2016-8634
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/17195
-CVE-2016-8633 (drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain ...)
+CVE-2016-8633
 	{DLA-772-1}
 	- linux 4.8.7-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://git.kernel.org/linus/667121ace9dbafb368618dbabcf07901c962ddac
 	NOTE: https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
-CVE-2016-8632 (The tipc_msg_build function in net/tipc/msg.c in the Linux kernel ...)
+CVE-2016-8632
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 3.17-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.17-rc1)
 	NOTE: https://www.mail-archive.com/netdev@vger.kernel.org/msg133205.html
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3de81b758853f0b29c61e246679d20b513c4cfec (v4.9-rc8)
-CVE-2016-8631 (The OpenShift Enterprise 3 router does not properly sort routes when ...)
+CVE-2016-8631
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-8630 (The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux ...)
+CVE-2016-8630
 	- linux 4.8.7-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/d9092f52d7e61dd1557f2db2400ddb430e85937e (v4.9-rc4)
 	NOTE: Introduced by: https://git.kernel.org/linus/41061cdb98a0bec464278b4db8e894a3121671f5 (v3.17-rc1)
-CVE-2016-8629 (Red Hat Keycloak before version 2.4.0 did not correctly check ...)
+CVE-2016-8629
 	NOT-FOR-US: Keycloak
-CVE-2016-8628 (Ansible before version 2.2.0 fails to properly sanitize fact variables ...)
+CVE-2016-8628
 	- ansible 2.2.0.0-1 (bug #842985)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: Fixed upstream in v2.2.0.0-1
 	NOTE: Needs an attacker to compromise a controlled server.
-CVE-2016-8627 (admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an ...)
+CVE-2016-8627
 	NOT-FOR-US: Red Hat JBoss EAP
-CVE-2016-8626 (A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object ...)
+CVE-2016-8626
 	- ceph 10.2.5-1 (bug #844200)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/17635
-CVE-2016-8625 (curl before version 7.51.0 uses outdated IDNA 2003 standard to handle ...)
+CVE-2016-8625
 	- curl 7.51.0-1
 	[jessie] - curl <no-dsa> (the fix is too invasive)
 	[wheezy] - curl <no-dsa> (the fix is too invasive)
 	NOTE: https://github.com/curl/curl/commit/9c91ec778104ae3b744b39444d544e82d5ee9ece
 	NOTE: https://curl.haxx.se/docs/adv_20161102K.html
 	NOTE: https://curl.haxx.se/CVE-2016-8625.patch
-CVE-2016-8624 (curl before version 7.51.0 doesn't parse the authority component of ...)
+CVE-2016-8624
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/3bb273db7e40ebc284cff45f3ce3f0475c8339c2
 	NOTE: https://curl.haxx.se/docs/adv_20161102J.html
 	NOTE: https://curl.haxx.se/CVE-2016-8624.patch
-CVE-2016-8623 (A flaw was found in curl before version 7.51.0. The way curl handles ...)
+CVE-2016-8623
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5
 	NOTE: https://curl.haxx.se/docs/adv_20161102I.html
 	NOTE: https://curl.haxx.se/CVE-2016-8623.patch
-CVE-2016-8622 (The URL percent-encoding decode function in libcurl before 7.51.0 is ...)
+CVE-2016-8622
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/53e71e47d6b81650d26ec33a58d0dca24c7ffb2c
 	NOTE: https://curl.haxx.se/docs/adv_20161102H.html
 	NOTE: https://curl.haxx.se/CVE-2016-8622.patch
-CVE-2016-8621 (The `curl_getdate` function in curl before version 7.51.0 is ...)
+CVE-2016-8621
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/96a80b5a262fb6dd2ddcea7987296f3b9a405618
 	NOTE: https://curl.haxx.se/docs/adv_20161102G.html
 	NOTE: https://curl.haxx.se/CVE-2016-8621.patch
-CVE-2016-8620 (The 'globbing' feature in curl before version 7.51.0 has a flaw that ...)
+CVE-2016-8620
 	{DSA-3705-1}
 	- curl 7.51.0-1
 	[wheezy] - curl <not-affected> (Vulnerable code introduced in 7.34.0)
 	NOTE: https://github.com/curl/curl/commit/fbb5f1aa0326d485d5a7ac643b48481897ca667f
 	NOTE: https://curl.haxx.se/docs/adv_20161102F.html
 	NOTE: https://curl.haxx.se/CVE-2016-8620.patch
-CVE-2016-8619 (The function `read_data()` in security.c in curl before version 7.51.0 ...)
+CVE-2016-8619
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/3d6460edeee21d7d790ec570d0887bed1f4366dd
 	NOTE: https://curl.haxx.se/docs/adv_20161102E.html
 	NOTE: https://curl.haxx.se/CVE-2016-8619.patch
-CVE-2016-8618 (The libcurl API function called `curl_maprintf()` before version ...)
+CVE-2016-8618
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/8732ec40db652c53fa58cd13e2acb8eab6e40874
 	NOTE: https://curl.haxx.se/docs/adv_20161102D.html
 	NOTE: https://curl.haxx.se/CVE-2016-8618.patch
-CVE-2016-8617 (The base64 encode function in curl before version 7.51.0 is prone to a ...)
+CVE-2016-8617
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/efd24d57426bd77c9b5860e6b297904703750412
 	NOTE: https://curl.haxx.se/docs/adv_20161102C.html
 	NOTE: https://curl.haxx.se/CVE-2016-8617.patch
-CVE-2016-8616 (A flaw was found in curl before version 7.51.0 When re-using a ...)
+CVE-2016-8616
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/b3ee26c5df75d97f6895e6ec4538894ebaf76e48
 	NOTE: https://curl.haxx.se/docs/adv_20161102B.html
 	NOTE: https://curl.haxx.se/CVE-2016-8616.patch
-CVE-2016-8615 (A flaw was found in curl before version 7.51. If cookie state is ...)
+CVE-2016-8615
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/cff89bc088b7884098ea0c5378bbda3d49c437bc
 	NOTE: https://curl.haxx.se/docs/adv_20161102A.html
 	NOTE: https://curl.haxx.se/CVE-2016-8615.patch
-CVE-2016-8614 (A flaw was found in Ansible before version 2.2.0. The apt_key module ...)
+CVE-2016-8614
 	- ansible 2.2.0.0-1 (bug #842984)
 	[jessie] - ansible <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed upstream in v2.2.0.0-1
 	NOTE: https://github.com/ansible/ansible-modules-core/issues/5237
 	NOTE: https://github.com/ansible/ansible-modules-core/pull/5353
 	NOTE: https://github.com/ansible/ansible-modules-core/pull/5357
-CVE-2016-8613 (A flaw was found in foreman 1.5.1. The remote execution plugin runs ...)
+CVE-2016-8613
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/17066/
 	NOTE: https://github.com/theforeman/foreman_remote_execution/pull/208
-CVE-2016-8612 (Apache HTTP Server mod_cluster before version httpd 2.4.23 is ...)
+CVE-2016-8612
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2016-8611 (A vulnerability was found in Openstack Glance. No limits are enforced ...)
+CVE-2016-8611
 	- glance <unfixed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/16
-CVE-2016-8610 (A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 ...)
+CVE-2016-8610
 	{DSA-3773-1 DLA-814-1}
 	- openssl 1.0.2j-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/3
 	NOTE: Fixed by: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384743 mentions countermeasures in gnutls
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/1ffb827e45721ef56982d0ffd5c5de52376c428e
-CVE-2016-8609 (It was found that the keycloak before 2.3.0 did not implement ...)
+CVE-2016-8609
 	NOT-FOR-US: Keycloak
-CVE-2016-8608 (JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via ...)
+CVE-2016-8608
 	NOT-FOR-US: JBoss BPMS
 CVE-2016-8607
 	RESERVED
@@ -6885,52 +6885,52 @@ CVE-2016-8604
 	RESERVED
 CVE-2016-8603
 	RESERVED
-CVE-2016-8600 (In dotCMS 3.2.1, attacker can load captcha once, fill it with correct ...)
+CVE-2016-8600
 	NOT-FOR-US: dotCMS
 CVE-2016-8599
 	RESERVED
-CVE-2016-8598 (Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp ...)
+CVE-2016-8598
 	- libcsp <removed> (bug #843012)
 	NOTE: https://github.com/GomSpace/libcsp/pull/81/commits/4435fbed4090ff3cd090a61517430fe8a3924cd8
-CVE-2016-8597 (Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp ...)
+CVE-2016-8597
 	- libcsp <removed> (bug #843012)
 	NOTE: https://github.com/GomSpace/libcsp/pull/81/commits/4435fbed4090ff3cd090a61517430fe8a3924cd8
-CVE-2016-8596 (Buffer overflow in the csp_can_process_frame in csp_if_can.c in the ...)
+CVE-2016-8596
 	- libcsp <removed> (bug #843012)
 	NOTE: https://github.com/GomSpace/libcsp/pull/81/commits/4435fbed4090ff3cd090a61517430fe8a3924cd8
-CVE-2016-8595 (The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before ...)
+CVE-2016-8595
 	- ffmpeg 7:3.1.5-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/08/2
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/987690799dd86433bf98b897aaa4c8d93ade646d
 CVE-2016-8594
 	RESERVED
-CVE-2016-8666 (The IP stack in the Linux kernel before 4.6 allows remote attackers to ...)
+CVE-2016-8666
 	- linux 4.6.1-1
 	[jessie] - linux 3.6.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/fac8e0f579695a3ecbc4d3cac369139d7f819971
 	NOTE: Introduced by: htttps://git.kernel.org/linus/bf5a755f5e9186406bbf50f4087100af5bd68e40
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/13/11
-CVE-2016-8660 (The XFS subsystem in the Linux kernel through 4.8.2 allows local users ...)
+CVE-2016-8660
 	- linux <unfixed> (low)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux-4.9 <unfixed> (low)
-CVE-2016-8659 (Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might ...)
+CVE-2016-8659
 	- bubblewrap 0.1.2-2 (bug #840605)
 	NOTE: https://github.com/projectatomic/bubblewrap/issues/107
-CVE-2016-8658 (Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in ...)
+CVE-2016-8658
 	- linux 4.7.5-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later in 3.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/ded89912156b1a47d940a0c954c43afbabd0c42c (v4.8-rc8)
-CVE-2016-8606 (The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to ...)
+CVE-2016-8606
 	{DLA-666-1}
 	- guile-2.0 2.0.13+1-1 (low; bug #840555)
 	[jessie] - guile-2.0 2.0.11+1-9+deb8u1
 	- guile-1.8 <not-affected> (repl server introduced in 2.0)
 	NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916dbd3a235a9f9cc33df4c418c0724e03
-CVE-2016-8605 (The mkdir procedure of GNU Guile temporarily changed the process' ...)
+CVE-2016-8605
 	{DLA-666-1}
 	- guile-2.0 2.0.13+1-1 (low; bug #840556)
 	[jessie] - guile-2.0 2.0.11+1-9+deb8u1
@@ -6939,42 +6939,42 @@ CVE-2016-8605 (The mkdir procedure of GNU Guile temporarily changed the process'
 	[wheezy] - guile-1.8 <no-dsa> (Minor issue)
 	NOTE: http://bugs.gnu.org/24659
 	NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=245608911698adb3472803856019bdd5670b6614
-CVE-2016-8593 (Directory traversal vulnerability in upload.cgi in Trend Micro Threat ...)
+CVE-2016-8593
 	NOT-FOR-US: Trend Micro
-CVE-2016-8592 (log_query_system.cgi in Trend Micro Threat Discovery Appliance ...)
+CVE-2016-8592
 	NOT-FOR-US: Trend Micro
-CVE-2016-8591 (log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and ...)
+CVE-2016-8591
 	NOT-FOR-US: Trend Micro
-CVE-2016-8590 (log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 ...)
+CVE-2016-8590
 	NOT-FOR-US: Trend Micro
-CVE-2016-8589 (log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 ...)
+CVE-2016-8589
 	NOT-FOR-US: Trend Micro
-CVE-2016-8588 (The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance ...)
+CVE-2016-8588
 	NOT-FOR-US: Trend Micro
-CVE-2016-8587 (dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance ...)
+CVE-2016-8587
 	NOT-FOR-US: Trend Micro
-CVE-2016-8586 (detected_potential_files.cgi in Trend Micro Threat Discovery Appliance ...)
+CVE-2016-8586
 	NOT-FOR-US: Trend Micro
-CVE-2016-8585 (admin_sys_time.cgi in Trend Micro Threat Discovery Appliance ...)
+CVE-2016-8585
 	NOT-FOR-US: Trend Micro
-CVE-2016-8584 (Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses ...)
+CVE-2016-8584
 	NOT-FOR-US: Trend Micro
-CVE-2016-8583 (Multiple GET parameters in the vulnerability scan scheduler of ...)
+CVE-2016-8583
 	NOT-FOR-US: AlienVault
-CVE-2016-8582 (A vulnerability exists in gauge.php of AlienVault OSSIM and USM before ...)
+CVE-2016-8582
 	NOT-FOR-US: AlienVault
-CVE-2016-8581 (A persistent XSS vulnerability exists in the User-Agent header of the ...)
+CVE-2016-8581
 	NOT-FOR-US: AlienVault
-CVE-2016-8580 (PHP object injection vulnerabilities exist in multiple widget files in ...)
+CVE-2016-8580
 	NOT-FOR-US: AlienVault
-CVE-2016-8579 (docker2aci &lt;= 0.12.3 has an infinite loop when handling local images ...)
+CVE-2016-8579
 	- golang-github-appc-docker2aci 0.12.3+dfsg-2 (bug #840711)
 	NOTE: https://github.com/appc/docker2aci/issues/203
 	NOTE: https://github.com/lucab/docker2aci/commit/54331ec7020e102935c31096f336d31f6400064f
-CVE-2016-8575 (The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-8575
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-8574 (The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-8574
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-8573
@@ -6985,19 +6985,19 @@ CVE-2016-8571
 	RESERVED
 CVE-2016-8570
 	RESERVED
-CVE-2016-8567 (An issue was discovered in Siemens SICAM PAS before 8.00. A factory ...)
+CVE-2016-8567
 	NOT-FOR-US: Siemens
-CVE-2016-8566 (An issue was discovered in Siemens SICAM PAS before 8.00. Because of ...)
+CVE-2016-8566
 	NOT-FOR-US: Siemens
-CVE-2016-8565 (Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote ...)
+CVE-2016-8565
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2016-8564 (SQL injection vulnerability in Siemens Automation License Manager ...)
+CVE-2016-8564
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2016-8563 (Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 ...)
+CVE-2016-8563
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2016-8562 (Siemens SIMATIC CP 1543-1 before 2.0.28, when SNMPv3 write access or ...)
+CVE-2016-8562
 	NOT-FOR-US: Siemens SIMATIC CP
-CVE-2016-8561 (Siemens SIMATIC CP 1543-1 before 2.0.28 allows remote authenticated ...)
+CVE-2016-8561
 	NOT-FOR-US: Siemens SIMATIC CP
 CVE-2016-8560
 	REJECTED
@@ -7049,75 +7049,75 @@ CVE-2016-8537
 	REJECTED
 CVE-2016-8536
 	REJECTED
-CVE-2016-8535 (A remote HTTP parameter Pollution vulnerability in HPE Matrix ...)
+CVE-2016-8535
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8534 (A remote privilege elevation vulnerability in HPE Matrix Operating ...)
+CVE-2016-8534
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8533 (A remote priviledge escalation vulnerability in HPE Matrix Operating ...)
+CVE-2016-8533
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8532 (A cross site scripting vulnerability in HPE Matrix Operating ...)
+CVE-2016-8532
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8531 (A remote information disclosure vulnerability in HPE Matrix Operating ...)
+CVE-2016-8531
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8530 (A remote denial of service vulnerability in HPE iMC PLAT version v7.2 ...)
+CVE-2016-8530
 	NOT-FOR-US: HPE iMC PLAT
-CVE-2016-8529 (A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual ...)
+CVE-2016-8529
 	NOT-FOR-US: HPE StoreVirtual
-CVE-2016-8528 (A Remote Escalation of Privilege vulnerability in HPE Helion ...)
+CVE-2016-8528
 	NOT-FOR-US: HPE Helion Eucalyptus
-CVE-2016-8527 (Aruba Airwave all versions up to, but not including, 8.2.3.1 is ...)
+CVE-2016-8527
 	NOT-FOR-US: Aruba
-CVE-2016-8526 (Aruba Airwave all versions up to, but not including, 8.2.3.1 is ...)
+CVE-2016-8526
 	NOT-FOR-US: Aruba
-CVE-2016-8525 (A Remote Disclosure of Information vulnerability in HPE iMC PLAT ...)
+CVE-2016-8525
 	NOT-FOR-US: HPE iMC PLAT
 CVE-2016-8524
 	REJECTED
-CVE-2016-8523 (A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage ...)
+CVE-2016-8523
 	NOT-FOR-US: HP Smart Storage Administrator
-CVE-2016-8522 (A cross-site scripting vulnerability in HPE Diagnostics version 9.24 ...)
+CVE-2016-8522
 	NOT-FOR-US: HPE Diagnostics
-CVE-2016-8521 (A Remote click jacking vulnerability in HPE Diagnostics version 9.24 ...)
+CVE-2016-8521
 	NOT-FOR-US: HPE Diagnostics
-CVE-2016-8520 (HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM ...)
+CVE-2016-8520
 	- eucalyptus <removed>
-CVE-2016-8519 (A remote code execution vulnerability in HPE Operations Orchestration ...)
+CVE-2016-8519
 	NOT-FOR-US: HPE Operations Orchestration
-CVE-2016-8518 (A remote denial of service vulnerability in HPE Systems Insight ...)
+CVE-2016-8518
 	NOT-FOR-US: HPE
-CVE-2016-8517 (A cross site scripting vulnerability in HPE Systems Insight Manager in ...)
+CVE-2016-8517
 	NOT-FOR-US: HPE
-CVE-2016-8516 (A remote denial of service vulnerability in HPE Systems Insight ...)
+CVE-2016-8516
 	NOT-FOR-US: HPE
-CVE-2016-8515 (A remote malicious file upload vulnerability in HPE Version Control ...)
+CVE-2016-8515
 	NOT-FOR-US: HPE Version Control Repository Manager
-CVE-2016-8514 (A remote information disclosure in HPE Version Control Repository ...)
+CVE-2016-8514
 	NOT-FOR-US: HPE Version Control Repository Manager
-CVE-2016-8513 (A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version ...)
+CVE-2016-8513
 	NOT-FOR-US: HPE Version Control Repository Manager
-CVE-2016-8512 (A Remote Code Execution vulnerability in all versions of HPE ...)
+CVE-2016-8512
 	NOT-FOR-US: HPE
-CVE-2016-8511 (A Remote Code Execution vulnerability in HPE Network Automation using ...)
+CVE-2016-8511
 	NOT-FOR-US: HPE
 CVE-2016-8510
 	REJECTED
 CVE-2016-8509
 	REJECTED
-CVE-2016-8508 (Yandex Browser for desktop before 17.1.1.227 does not show Protect ...)
+CVE-2016-8508
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8507 (Yandex Browser for iOS before 16.10.0.2357 does not properly restrict ...)
+CVE-2016-8507
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8506 (XSS in Yandex Browser Translator in Yandex browser for desktop for ...)
+CVE-2016-8506
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8505 (XSS in Yandex Browser BookReader in Yandex browser for desktop for ...)
+CVE-2016-8505
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8504 (CSRF of synchronization form in Yandex Browser for desktop before ...)
+CVE-2016-8504
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8503 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
+CVE-2016-8503
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8502 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
+CVE-2016-8502
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8501 (Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 ...)
+CVE-2016-8501
 	NOT-FOR-US: Yandex Browser
 CVE-2016-8500
 	REJECTED
@@ -7129,15 +7129,15 @@ CVE-2016-8497
 	REJECTED
 CVE-2016-8496
 	REJECTED
-CVE-2016-8495 (An improper certificate validation vulnerability in Fortinet ...)
+CVE-2016-8495
 	NOT-FOR-US: FortiManager
-CVE-2016-8494 (Insufficient verification of uploaded files allows attackers with ...)
+CVE-2016-8494
 	NOT-FOR-US: Fortiguard
-CVE-2016-8493 (In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate ...)
+CVE-2016-8493
 	NOT-FOR-US: Fortiguard
-CVE-2016-8492 (The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows ...)
+CVE-2016-8492
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2016-8491 (The presence of a hardcoded account named 'core' in Fortinet FortiWLC ...)
+CVE-2016-8491
 	NOT-FOR-US: Fortinet FortiWLC
 CVE-2016-XXXX [dbus format string vulnerability]
 	- dbus 1.10.12-1
@@ -7155,7 +7155,7 @@ CVE-2016-XXXX [dbus format string vulnerability]
 	NOTE: and no mechanism is currently known by which an attacker who does not
 	NOTE: already have root privileges could induce systemd to send messages
 	NOTE: that would trigger the format string vulnerability.
-CVE-2016-8686 (The bm_new function in bitmap.h in potrace 1.13 allows remote ...)
+CVE-2016-8686
 	- potrace 1.14-1 (low; bug #850595)
 	[stretch] - potrace <no-dsa> (Minor issue)
 	[jessie] - potrace <no-dsa> (Minor issue)
@@ -7163,27 +7163,27 @@ CVE-2016-8686 (The bm_new function in bitmap.h in potrace 1.13 allows remote ...
 	NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-memory-allocation-failure
 	NOTE: http://potrace.sourceforge.net/ChangeLog claims that it's fixed in 1.14
 	NOTE: but see https://lists.debian.org/debian-lts/2017/05/msg00032.html
-CVE-2016-8685 (The findnext function in decompose.c in potrace 1.13 allows remote ...)
+CVE-2016-8685
 	{DLA-889-1}
 	- potrace 1.13-3 (bug #843861)
 	[jessie] - potrace <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-invalid-memory-access-in-findnext-decompose-c/
-CVE-2016-8684 (The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 ...)
+CVE-2016-8684
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-5
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/c53725cb5449
-CVE-2016-8683 (The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 ...)
+CVE-2016-8683
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-5
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-readpcximage-pcx-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/b9edafd479b9
-CVE-2016-8682 (The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 ...)
+CVE-2016-8682
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-5
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-stack-based-buffer-overflow-in-readsctimage-sct-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/0a0dfa81906d
-CVE-2016-8679 (The _dwarf_get_size_of_val function in libdwarf/dwarf_util.c in ...)
+CVE-2016-8679
 	- dwarfutils 20161001-2 (bug #840958)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
@@ -7191,51 +7191,51 @@ CVE-2016-8679 (The _dwarf_get_size_of_val function in libdwarf/dwarf_util.c in .
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
 	NOTE: Same fix as CVE-2016-8681 but different issue
-CVE-2016-8680 (The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf ...)
+CVE-2016-8680
 	- dwarfutils 20161001-2 (bug #840960)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/12
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/268c1f18d1d28612af3b72d7c670076b1b88e51c/tree/libdwarf/dwarf_util.c?diff=0b28b923c3bd9827d1d904feed2abadde4fa5de2
-CVE-2016-8681 (The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf ...)
+CVE-2016-8681
 	- dwarfutils 20161001-2 (bug #840961)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/13
-CVE-2016-8602 (The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 ...)
+CVE-2016-8602
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (bug #840451)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697203
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78
 CVE-2016-8601
 	REJECTED
-CVE-2016-8578 (The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU ...)
+CVE-2016-8578
 	{DLA-1599-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840340)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ba42ebb863ab7d40adc79298422ed9596df8f73a
-CVE-2016-8577 (Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka ...)
+CVE-2016-8577
 	{DLA-1599-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840341)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07127.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e95c9a493a5a8d6f969e86c9f19f80ffe6587e19
-CVE-2016-8576 (The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick ...)
+CVE-2016-8576
 	{DLA-1497-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840343)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01265.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=05f43d44e4bc26611ce25fd7d726e483f73363ce
-CVE-2016-8569 (The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows ...)
+CVE-2016-8569
 	- libgit2 0.24.2-2 (bug #840227)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860989)
 	NOTE: https://github.com/libgit2/libgit2/issues/3937
-CVE-2016-8568 (The git_commit_message function in oid.c in libgit2 before 0.24.3 ...)
+CVE-2016-8568
 	- libgit2 0.24.5-1 (bug #840227)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
@@ -7245,210 +7245,210 @@ CVE-2016-8490
 	RESERVED
 CVE-2016-8489
 	REJECTED
-CVE-2016-8488 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2016-8488
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8487 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2016-8487
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8486 (An information disclosure vulnerability in Qualcomm closed source ...)
+CVE-2016-8486
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8485 (An information disclosure vulnerability in Qualcomm closed source ...)
+CVE-2016-8485
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8484 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2016-8484
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8483 (An information disclosure vulnerability in the Qualcomm power driver ...)
+CVE-2016-8483
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8482 (An elevation of privilege vulnerability in the NVIDIA GPU driver. ...)
+CVE-2016-8482
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8481 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2016-8481
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8480 (An elevation of privilege vulnerability in the Qualcomm Secure ...)
+CVE-2016-8480
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8479 (An elevation of privilege vulnerability in the Qualcomm GPU driver ...)
+CVE-2016-8479
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8478 (An information disclosure vulnerability in the Qualcomm video driver ...)
+CVE-2016-8478
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8477 (An information disclosure vulnerability in the Qualcomm camera driver ...)
+CVE-2016-8477
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8476 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2016-8476
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8475 (An information disclosure vulnerability in the HTC input driver could ...)
+CVE-2016-8475
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-8474 (An information disclosure vulnerability in the STMicroelectronics ...)
+CVE-2016-8474
 	NOT-FOR-US: STMicroelectronics driver for Android
-CVE-2016-8473 (An information disclosure vulnerability in the STMicroelectronics ...)
+CVE-2016-8473
 	NOT-FOR-US: STMicroelectronics driver for Android
-CVE-2016-8472 (An information disclosure vulnerability in the MediaTek driver could ...)
+CVE-2016-8472
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8471 (An information disclosure vulnerability in the MediaTek driver could ...)
+CVE-2016-8471
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8470 (An information disclosure vulnerability in the MediaTek driver could ...)
+CVE-2016-8470
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8469 (An information disclosure vulnerability in the camera driver could ...)
+CVE-2016-8469
 	NOT-FOR-US: camera driver for Android
-CVE-2016-8468 (An elevation of privilege vulnerability in Binder could enable a local ...)
+CVE-2016-8468
 	NOT-FOR-US: Android Binder
-CVE-2016-8467 (An elevation of privilege vulnerability in the bootloader could enable ...)
+CVE-2016-8467
 	NOT-FOR-US: Android bootloader
-CVE-2016-8466 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8466
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8465 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8465
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8464 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8464
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8463 (A denial of service vulnerability in the Qualcomm FUSE file system ...)
+CVE-2016-8463
 	NOT-FOR-US: Qualcomm file system for Android
-CVE-2016-8462 (An information disclosure vulnerability in the bootloader could enable ...)
+CVE-2016-8462
 	NOT-FOR-US: Android bootloader
-CVE-2016-8461 (An information disclosure vulnerability in the bootloader could enable ...)
+CVE-2016-8461
 	NOT-FOR-US: Android bootloader
-CVE-2016-8460 (An information disclosure vulnerability in the NVIDIA video driver ...)
+CVE-2016-8460
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8459 (Possible buffer overflow in storage subsystem. Bad parameters as part ...)
+CVE-2016-8459
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8458 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-8458
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8457 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8457
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8456 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8456
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8455 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8455
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8454 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8454
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8453 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2016-8453
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8452 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2016-8452
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8451 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-8451
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8450 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2016-8450
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8449 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8449
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8448 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2016-8448
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8447 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2016-8447
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8446 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2016-8446
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8445 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2016-8445
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8444 (An elevation of privilege vulnerability in the Qualcomm camera could ...)
+CVE-2016-8444
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8443 (Possible unauthorized memory access in the hypervisor. Incorrect ...)
+CVE-2016-8443
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8442 (Possible unauthorized memory access in the hypervisor. Lack of input ...)
+CVE-2016-8442
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8441 (Possible buffer overflow in the hypervisor. Inappropriate usage of a ...)
+CVE-2016-8441
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8440 (Possible buffer overflow in SMMU system call. Improper input ...)
+CVE-2016-8440
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8439 (Possible buffer overflow in trust zone access control API. Buffer ...)
+CVE-2016-8439
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8438 (Integer overflow leading to a TOCTOU condition in hypervisor PIL. An ...)
+CVE-2016-8438
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8437 (Improper input validation in Access Control APIs. Access control API ...)
+CVE-2016-8437
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8436 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
+CVE-2016-8436
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8435 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8435
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8434 (An elevation of privilege vulnerability in the Qualcomm GPU driver ...)
+CVE-2016-8434
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8433 (An elevation of privilege vulnerability in the MediaTek driver could ...)
+CVE-2016-8433
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-8432 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8432
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8431 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8431
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8430 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8430
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8429 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8429
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8428 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8428
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8427 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8427
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8426 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8426
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8425 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8425
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8424 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-8424
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8423 (An elevation of privilege vulnerability in the Qualcomm bootloader ...)
+CVE-2016-8423
 	NOT-FOR-US: Qualcomm bootloader for Android
-CVE-2016-8422 (An elevation of privilege vulnerability in the Qualcomm bootloader ...)
+CVE-2016-8422
 	NOT-FOR-US: Qualcomm bootloader for Android
-CVE-2016-8421 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2016-8421
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8420 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2016-8420
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8419 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2016-8419
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8418 (A remote code execution vulnerability in the Qualcomm crypto driver ...)
+CVE-2016-8418
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8417 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2016-8417
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8416 (An information disclosure vulnerability in the Qualcomm video driver ...)
+CVE-2016-8416
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2016-8415
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8414 (An information disclosure vulnerability in the Qualcomm Secure ...)
+CVE-2016-8414
 	NOT-FOR-US: Qualcomm Secure Execution Environment Communicator
-CVE-2016-8413 (An information disclosure vulnerability in the Qualcomm camera driver ...)
+CVE-2016-8413
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera could ...)
+CVE-2016-8412
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8411 (Buffer overflow vulnerability while processing QMI QOS TLVs. Product: ...)
+CVE-2016-8411
 	NOT-FOR-US: Android
-CVE-2016-8410 (An information disclosure vulnerability in the Qualcomm sound driver ...)
+CVE-2016-8410
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8409 (An information disclosure vulnerability in the NVIDIA video driver ...)
+CVE-2016-8409
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8408 (An information disclosure vulnerability in the NVIDIA video driver ...)
+CVE-2016-8408
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8407 (An information disclosure vulnerability in kernel components including ...)
+CVE-2016-8407
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8406 (An information disclosure vulnerability in kernel components including ...)
+CVE-2016-8406
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8405 (An information disclosure vulnerability in kernel components including ...)
+CVE-2016-8405
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2dc705a9930b4806250fbf5a76e55266e59389f2
-CVE-2016-8404 (An information disclosure vulnerability in kernel components including ...)
+CVE-2016-8404
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8403 (An information disclosure vulnerability in kernel components including ...)
+CVE-2016-8403
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8402 (An information disclosure vulnerability in kernel components including ...)
+CVE-2016-8402
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8401 (An information disclosure vulnerability in kernel components including ...)
+CVE-2016-8401
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8400 (An information disclosure vulnerability in the NVIDIA librm library ...)
+CVE-2016-8400
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8399 (An elevation of privilege vulnerability in the kernel networking ...)
+CVE-2016-8399
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/0eab121ef8750a5c8637d51534d5e9143fb0633f
-CVE-2016-8398 (Unauthenticated messages processed by the UE. Certain NAS messages are ...)
+CVE-2016-8398
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8397 (An information disclosure vulnerability in the NVIDIA video driver ...)
+CVE-2016-8397
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8396 (An information disclosure vulnerability in the MediaTek video driver ...)
+CVE-2016-8396
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8395 (A denial of service vulnerability in the NVIDIA camera driver could ...)
+CVE-2016-8395
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8394 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-8394
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8393 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-8393
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8392 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2016-8392
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8391 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2016-8391
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-1000246
 	RESERVED
-CVE-2016-7979 (Ghostscript before 9.21 might allow remote attackers to bypass the ...)
+CVE-2016-7979
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (bug #839846)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697190
@@ -7456,21 +7456,21 @@ CVE-2016-7979 (Ghostscript before 9.21 might allow remote attackers to bypass th
 	NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=875a0095f37626a721c7ff57d606a0f95af03913
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/19
-CVE-2016-7978 (Use-after-free vulnerability in Ghostscript 9.20 might allow remote ...)
+CVE-2016-7978
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (bug #839845)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697179
 	NOTE: Reproducer: http://bugs.ghostscript.com/show_bug.cgi?id=697179#c0
 	NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=6f749c0c44e7b9e09737b9f29edf29925a34f0cf
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
-CVE-2016-7977 (Ghostscript before 9.21 might allow remote attackers to bypass the ...)
+CVE-2016-7977
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (high; bug #839841)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697169
 	NOTE: Reproducer: http://www.openwall.com/lists/oss-security/2016/09/29/28
 	NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
-CVE-2016-7976 (The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote ...)
+CVE-2016-7976
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (high; bug #839260)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697178
@@ -7493,109 +7493,109 @@ CVE-2016-XXXX [nspr, nss: unprotected environment variables]
 	NOTE: Workaround entry for DSA-3688-1/DLA-677-1 until CVE is assigned
 	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.22.1_release_notes
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/02/4
-CVE-2016-8390 (An exploitable out of bounds write vulnerability exists in the parsing ...)
+CVE-2016-8390
 	NOT-FOR-US: Hopper Disassembler
-CVE-2016-8389 (An exploitable integer-overflow vulnerability exists within Iceni ...)
+CVE-2016-8389
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8388 (An exploitable arbitrary heap-overwrite vulnerability exists within ...)
+CVE-2016-8388
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8387 (An exploitable heap-based buffer overflow exists in Iceni Argus. When ...)
+CVE-2016-8387
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8386 (An exploitable heap-based buffer overflow exists in Iceni Argus. When ...)
+CVE-2016-8386
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8385 (An exploitable uninitialized variable vulnerability which leads to a ...)
+CVE-2016-8385
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8384 (An exploitable heap corruption vulnerability exists in the DHFSummary ...)
+CVE-2016-8384
 	NOT-FOR-US: AntennaHouse
-CVE-2016-8383 (An exploitable heap corruption vulnerability exists in the ...)
+CVE-2016-8383
 	NOT-FOR-US: AntennaHouse
-CVE-2016-8382 (An exploitable heap corruption vulnerability exists in the ...)
+CVE-2016-8382
 	NOT-FOR-US: AntennaHouse
 CVE-2016-8381
 	RESERVED
-CVE-2016-8380 (The web server in Phoenix Contact ILC PLCs allows access to read and ...)
+CVE-2016-8380
 	NOT-FOR-US: web server in Phoenix Contact ILC PLCs
-CVE-2016-8379 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 ...)
+CVE-2016-8379
 	NOT-FOR-US: Moxa
-CVE-2016-8378 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 ...)
+CVE-2016-8378
 	NOT-FOR-US: Lynxspring
-CVE-2016-8377 (An issue was discovered in Fatek Automation PLC WinProladder Version ...)
+CVE-2016-8377
 	NOT-FOR-US: Fatek
-CVE-2016-8376 (An issue was discovered in Kabona AB WebDatorCentral (WDC) application ...)
+CVE-2016-8376
 	NOT-FOR-US: Kabona AB WebDatorCentral
-CVE-2016-8375 (An issue was discovered in Becton, Dickinson and Company (BD) Alaris ...)
+CVE-2016-8375
 	NOT-FOR-US: Alaris 8015 Point of Care
-CVE-2016-8374 (An issue was discovered in Schneider Electric Magelis HMI Magelis GTO ...)
+CVE-2016-8374
 	NOT-FOR-US: Schneider
 CVE-2016-8373
 	RESERVED
-CVE-2016-8372 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 ...)
+CVE-2016-8372
 	NOT-FOR-US: Moxa
-CVE-2016-8371 (The web server in Phoenix Contact ILC PLCs can be accessed without ...)
+CVE-2016-8371
 	NOT-FOR-US: web server in Phoenix Contact ILC PLCs
-CVE-2016-8370 (An issue was discovered in Mitsubishi Electric Automation MELSEC-Q ...)
+CVE-2016-8370
 	NOT-FOR-US: Mitsubishi
-CVE-2016-8369 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 ...)
+CVE-2016-8369
 	NOT-FOR-US: Lynxspring
-CVE-2016-8368 (An issue was discovered in Mitsubishi Electric Automation MELSEC-Q ...)
+CVE-2016-8368
 	NOT-FOR-US: Mitsubishi
-CVE-2016-8367 (An issue was discovered in Schneider Electric Magelis HMI Magelis GTO ...)
+CVE-2016-8367
 	NOT-FOR-US: Schneider
-CVE-2016-8366 (Webvisit in Phoenix Contact ILC PLCs offers a password macro to ...)
+CVE-2016-8366
 	NOT-FOR-US: Phoenix Contact ILC PLCs
-CVE-2016-8365 (OSIsoft PI System software (Applications using PI Asset Framework (AF) ...)
+CVE-2016-8365
 	NOT-FOR-US: OSIsoft PI
-CVE-2016-8364 (An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object ...)
+CVE-2016-8364
 	NOT-FOR-US: IBHsoftec
-CVE-2016-8363 (An issue was discovered in Moxa OnCell OnCellG3470A-LTE, ...)
+CVE-2016-8363
 	NOT-FOR-US: Moxa
-CVE-2016-8362 (An issue was discovered in Moxa OnCell OnCellG3470A-LTE, ...)
+CVE-2016-8362
 	NOT-FOR-US: Moxa
-CVE-2016-8361 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 ...)
+CVE-2016-8361
 	NOT-FOR-US: Lynxspring
-CVE-2016-8360 (An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. ...)
+CVE-2016-8360
 	NOT-FOR-US: Moxa
-CVE-2016-8359 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 ...)
+CVE-2016-8359
 	NOT-FOR-US: Moxa
-CVE-2016-8358 (An issue was discovered in Smiths-Medical CADD-Solis Medication Safety ...)
+CVE-2016-8358
 	NOT-FOR-US: Smiths-Medical
-CVE-2016-8357 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 ...)
+CVE-2016-8357
 	NOT-FOR-US: Lynxspring
-CVE-2016-8356 (An issue was discovered in Kabona AB WebDatorCentral (WDC) application ...)
+CVE-2016-8356
 	NOT-FOR-US: Kabona
-CVE-2016-8355 (An issue was discovered in Smiths-Medical CADD-Solis Medication Safety ...)
+CVE-2016-8355
 	NOT-FOR-US: Smiths-Medical
-CVE-2016-8354 (An issue was discovered in Schneider Electric Unity PRO prior to V11.1. ...)
+CVE-2016-8354
 	NOT-FOR-US: Schneider
-CVE-2016-8353 (An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). ...)
+CVE-2016-8353
 	NOT-FOR-US: OSISoft PI Web API
-CVE-2016-8352 (An issue was discovered in Schneider Electric ConneXium firewalls ...)
+CVE-2016-8352
 	NOT-FOR-US: Schneider
 CVE-2016-8351
 	RESERVED
-CVE-2016-8350 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 ...)
+CVE-2016-8350
 	NOT-FOR-US: Moxa
 CVE-2016-8349
 	REJECTED
-CVE-2016-8348 (An XML External Entity (XXE) issue was discovered in Emerson Liebert ...)
+CVE-2016-8348
 	NOT-FOR-US: Emerson
-CVE-2016-8347 (An issue was discovered in Kabona AB WebDatorCentral (WDC) application ...)
+CVE-2016-8347
 	NOT-FOR-US: Kabona
-CVE-2016-8346 (An issue was discovered in Moxa EDR-810 Industrial Secure Router. By ...)
+CVE-2016-8346
 	NOT-FOR-US: Moxa
 CVE-2016-8345
 	REJECTED
-CVE-2016-8344 (An issue was discovered in Honeywell Experion Process Knowledge System ...)
+CVE-2016-8344
 	NOT-FOR-US: Honeywell
-CVE-2016-8343 (Directory traversal vulnerability in INDAS Web SCADA before 3 allows ...)
+CVE-2016-8343
 	NOT-FOR-US: INDAS Web SCADA
 CVE-2016-8342
 	REJECTED
-CVE-2016-8341 (An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The ...)
+CVE-2016-8341
 	NOT-FOR-US: Ecava
 CVE-2016-8340
 	RESERVED
-CVE-2016-8339 (A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code ...)
+CVE-2016-8339
 	- redis 3:3.2.4-1
 	[jessie] - redis <not-affected> (Vulnerable code introduced later)
 	[wheezy] - redis <not-affected> (Vulnerable code not present)
@@ -7608,18 +7608,18 @@ CVE-2016-8337
 	RESERVED
 CVE-2016-8336
 	RESERVED
-CVE-2016-8335 (An exploitable stack based buffer overflow vulnerability exists in the ...)
+CVE-2016-8335
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8334 (A large out-of-bounds read on the heap vulnerability in Foxit PDF ...)
+CVE-2016-8334
 	NOT-FOR-US: Foxit PDF
-CVE-2016-8333 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2016-8333
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8332 (A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution ...)
+CVE-2016-8332
 	{DSA-3768-1}
 	- openjpeg2 2.1.2-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0193/
 	NOTE: https://github.com/uclouvain/openjpeg/pull/820
-CVE-2016-8331 (An exploitable remote code execution vulnerability exists in the ...)
+CVE-2016-8331
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	- tiff3 <removed>
@@ -7628,117 +7628,117 @@ CVE-2016-8331 (An exploitable remote code execution vulnerability exists in the
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0190/
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
 	NOTE: From the backtrace shared in the report, we can see that the crash is triggered though the thumbnail tool which has been dropped upstream.
-CVE-2016-8330 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2016-8330
 	NOT-FOR-US: Solaris
-CVE-2016-8329 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2016-8329
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2016-8328 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2016-8328
 	- openjdk-8 <not-affected> (specific to Oracle Java)
-CVE-2016-8327 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2016-8327
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 CVE-2016-8326
 	RESERVED
-CVE-2016-8325 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2016-8325
 	NOT-FOR-US: Oracle
-CVE-2016-8324 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle ...)
+CVE-2016-8324
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8323 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle ...)
+CVE-2016-8323
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8322 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle ...)
+CVE-2016-8322
 	NOT-FOR-US: Oracle FLEXCUBE
 CVE-2016-8321
 	REJECTED
-CVE-2016-8320 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2016-8320
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8319 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2016-8319
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8318 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2016-8318
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8317 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2016-8317
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8316 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2016-8316
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8315 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2016-8315
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8314 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle ...)
+CVE-2016-8314
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8313 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-8313
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8312 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-8312
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8311 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8311
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8310 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8310
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8309 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2016-8309
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8308 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-8308
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8307 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8307
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8306 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2016-8306
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8305 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8305
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8304 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8304
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8303 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8303
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8302 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8302
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8301 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8301
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8300 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-8300
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8299 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8299
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8298 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-8298
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8297 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2016-8297
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8296 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-8296
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8295 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2016-8295
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8294 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-8294
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8293 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-8293
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8292 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2016-8292
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8291 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-8291
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8290 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-8290
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8289 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-8289
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8288 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and ...)
+CVE-2016-8288
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8287 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-8287
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8286 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows ...)
+CVE-2016-8286
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8285 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2016-8285
 	NOT-FOR-US: Oracle
-CVE-2016-8284 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
+CVE-2016-8284
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8283 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
+CVE-2016-8283
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -7747,15 +7747,15 @@ CVE-2016-8283 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-8282 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-8282
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8281 (Unspecified vulnerability in the Oracle Platform Security for Java ...)
+CVE-2016-8281
 	NOT-FOR-US: Oracle
 CVE-2016-1000244
 	RESERVED
 CVE-2016-1000243
 	RESERVED
-CVE-2016-7553 (The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak ...)
+CVE-2016-7553
 	{DLA-722-1}
 	- irssi 0.8.20-2 (bug #838762)
 	[jessie] - irssi 0.8.17-1+deb8u2
@@ -7786,7 +7786,7 @@ CVE-2016-1000234
 	RESERVED
 CVE-2016-1000233
 	RESERVED
-CVE-2016-1000232 (NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression ...)
+CVE-2016-1000232
 	NOT-FOR-US: nodejs tough-cookie
 	NOTE: https://nodesecurity.io/advisories/130
 CVE-2016-1000231
@@ -7809,14 +7809,14 @@ CVE-2016-1000224
 	RESERVED
 CVE-2016-1000223
 	RESERVED
-CVE-2016-1000031 (Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation ...)
+CVE-2016-1000031
 	- libcommons-fileupload-java <unfixed> (unimportant)
 	NOTE: https://www.tenable.com/security/research/tra-2016-12
 	NOTE: Marked as unimportant since even though the CVE is assigned for Apache Commons FileUpload
 	NOTE: Apache say that issue needs to be fixed in any vendor/product using Apache Commons FileUpload
 	NOTE: DiskFileItem as described in the given advisory.
 	NOTE: Thus we are not going to diverge from Apache upstream here.
-CVE-2016-7466 (Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU ...)
+CVE-2016-7466
 	- qemu 1:2.7+dfsg-1 (bug #838687)
 	[jessie] - qemu <not-affected> (Vulnerable code not present. Introduced in 2.2.x)
 	[wheezy] - qemu <no-dsa> (Minor issue, needs qemu monitor access to unplug nec-xhci controller)
@@ -7827,25 +7827,25 @@ CVE-2016-7466 (Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in
 	NOTE: The usb_xhci_exit and thus the patched code was introduced in:
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=53c30545fb34c43c84d62ea1c2b0dc6b53303c34 (v2.2.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/19/8
-CVE-2016-8280 (Directory traversal vulnerability in Huawei eSight before ...)
+CVE-2016-8280
 	NOT-FOR-US: Huawei eSight UMS
-CVE-2016-8279 (The video driver in Huawei Mate S smartphones with software CRR-TL00 ...)
+CVE-2016-8279
 	NOT-FOR-US: Huawei
-CVE-2016-8278 (Huawei USG9520, USG9560, and USG9580 unified security gateways with ...)
+CVE-2016-8278
 	NOT-FOR-US: Huawei Firewalls
-CVE-2016-8277 (Huawei USG9520, USG9560, and USG9580 unified security gateways with ...)
+CVE-2016-8277
 	NOT-FOR-US: Huawei Firewalls
-CVE-2016-8276 (Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) ...)
+CVE-2016-8276
 	NOT-FOR-US: Huawei
-CVE-2016-8275 (Huawei AnyOffice V200R006C00 could allow an authenticated, remote ...)
+CVE-2016-8275
 	NOT-FOR-US: Huawei
-CVE-2016-8274 (Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link ...)
+CVE-2016-8274
 	NOT-FOR-US: Huawei
-CVE-2016-8273 (Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for ...)
+CVE-2016-8273
 	NOT-FOR-US: Huawei
-CVE-2016-8272 (Huawei PC client software HiSuite 4.0.5.300_OVE has an information ...)
+CVE-2016-8272
 	NOT-FOR-US: Huawei
-CVE-2016-8271 (Huawei eSpace IAD V300R002C01SPC100 and earlier versions have an ...)
+CVE-2016-8271
 	NOT-FOR-US: Huawei
 CVE-2016-8270
 	REJECTED
@@ -7913,41 +7913,41 @@ CVE-2016-8239
 	REJECTED
 CVE-2016-8238
 	REJECTED
-CVE-2016-8237 (Remote code execution in Lenovo Updates (not Lenovo System Update) ...)
+CVE-2016-8237
 	NOT-FOR-US: Lenovo
-CVE-2016-8236 (Reset to default settings may occur in Lenovo ThinkServer TSM RD350, ...)
+CVE-2016-8236
 	NOT-FOR-US: Lenovo
-CVE-2016-8235 (Privilege escalation in Lenovo Customer Care Software Development Kit ...)
+CVE-2016-8235
 	NOT-FOR-US: Lenovo
 CVE-2016-8234
 	REJECTED
-CVE-2016-8233 (Log files generated by Lenovo XClarity Administrator (LXCA) versions ...)
+CVE-2016-8233
 	NOT-FOR-US: Lenovo
-CVE-2016-8232 (Document Object Model-(DOM) based cross-site scripting vulnerability ...)
+CVE-2016-8232
 	NOT-FOR-US: Lenovo
-CVE-2016-8231 (In Lenovo Service Bridge before version 4, a bug found in the ...)
+CVE-2016-8231
 	NOT-FOR-US: Lenovo
-CVE-2016-8230 (In Lenovo Service Bridge before version 4, an insecure HTTP connection ...)
+CVE-2016-8230
 	NOT-FOR-US: Lenovo
-CVE-2016-8229 (A cross-site request forgery vulnerability in Lenovo Service Bridge ...)
+CVE-2016-8229
 	NOT-FOR-US: Lenovo
-CVE-2016-8228 (In Lenovo Service Bridge before version 4, a user with local ...)
+CVE-2016-8228
 	NOT-FOR-US: Lenovo
-CVE-2016-8227 (Privilege escalation vulnerability in Lenovo Transition application ...)
+CVE-2016-8227
 	NOT-FOR-US: Lenovo
-CVE-2016-8226 (The BIOS in Lenovo System X M5, M6, and X6 systems allows ...)
+CVE-2016-8226
 	NOT-FOR-US: Lenovo
-CVE-2016-8225 (Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB ...)
+CVE-2016-8225
 	NOT-FOR-US: Lenovo
-CVE-2016-8224 (A vulnerability has been identified in some Lenovo Notebook and ...)
+CVE-2016-8224
 	NOT-FOR-US: Lenovo
-CVE-2016-8223 (During an internal security review, Lenovo identified a local ...)
+CVE-2016-8223
 	NOT-FOR-US: Lenovo
-CVE-2016-8222 (A vulnerability has been identified in a signed kernel driver for the ...)
+CVE-2016-8222
 	NOT-FOR-US: Lenovo
-CVE-2016-8221 (Privilege Escalation in Lenovo XClarity Administrator earlier than ...)
+CVE-2016-8221
 	NOT-FOR-US: Lenovo
-CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick ...)
+CVE-2016-7423
 	- qemu 1:2.7+dfsg-1 (bug #838145)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -7958,7 +7958,7 @@ CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick ..
 	NOTE: LSI SAS1068 (mptsas) device support added in
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5
-CVE-2016-7422 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka ...)
+CVE-2016-7422
 	- qemu 1:2.7+dfsg-1 (bug #838146)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -7967,7 +7967,7 @@ CVE-2016-7422 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (ak
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376755
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4
-CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...)
+CVE-2016-7421
 	{DLA-1599-1}
 	- qemu 1:2.7+dfsg-1 (bug #838147)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after 1.5)
@@ -7976,47 +7976,47 @@ CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376731
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/3
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=d251157ac1928191af851d199a9ff255d330bec9
-CVE-2016-8220 (Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x ...)
+CVE-2016-8220
 	NOT-FOR-US: Pivotal
-CVE-2016-8219 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2016-8219
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-8218 (An issue was discovered in Cloud Foundry Foundation routing-release ...)
+CVE-2016-8218
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-8217 (EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing ...)
+CVE-2016-8217
 	NOT-FOR-US: EMC RSA
-CVE-2016-8216 (EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) ...)
+CVE-2016-8216
 	NOT-FOR-US: EMC
-CVE-2016-8215 (EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a ...)
+CVE-2016-8215
 	NOT-FOR-US: RSA Security Analytics
-CVE-2016-8214 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions ...)
+CVE-2016-8214
 	NOT-FOR-US: EMC Avamar
-CVE-2016-8213 (EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, ...)
+CVE-2016-8213
 	NOT-FOR-US: EMC Documentum
-CVE-2016-8212 (An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to ...)
+CVE-2016-8212
 	NOT-FOR-US: EMC RSA
-CVE-2016-8211 (EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC ...)
+CVE-2016-8211
 	NOT-FOR-US: EMC Data Protection Advisor
 CVE-2016-8210
 	RESERVED
-CVE-2016-8209 (Improper checks for unusual or exceptional conditions in Brocade ...)
+CVE-2016-8209
 	NOT-FOR-US: Brocade
 CVE-2016-8208
 	RESERVED
-CVE-2016-8207 (A Directory Traversal vulnerability in CliMonitorReportServlet in the ...)
+CVE-2016-8207
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8206 (A Directory Traversal vulnerability in servlet SoftwareImageUpload in ...)
+CVE-2016-8206
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8205 (A Directory Traversal vulnerability in DashboardFileReceiveServlet in ...)
+CVE-2016-8205
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8204 (A Directory Traversal vulnerability in FileReceiveServlet in the ...)
+CVE-2016-8204
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8203 (A memory corruption in the IPsec code path of Brocade NetIron OS on ...)
+CVE-2016-8203
 	NOT-FOR-US: Brocade
-CVE-2016-8202 (A privilege escalation vulnerability in Brocade Fibre Channel SAN ...)
+CVE-2016-8202
 	NOT-FOR-US: Brocade
-CVE-2016-8201 (A CSRF vulnerability in Brocade Virtual Traffic Manager versions ...)
+CVE-2016-8201
 	NOT-FOR-US: Brocade
-CVE-2016-7444 (The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS ...)
+CVE-2016-7444
 	- gnutls28 3.5.3-4
 	[jessie] - gnutls28 3.3.8-6+deb8u4
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2016-3
@@ -8212,19 +8212,19 @@ CVE-2016-8108
 	RESERVED
 CVE-2016-8107
 	RESERVED
-CVE-2016-8106 (A Denial of Service in Intel Ethernet Controller's X710/XL710 with ...)
+CVE-2016-8106
 	NOT-FOR-US: Intel driver
-CVE-2016-8105 (Drivers for the Intel Ethernet Controller X710 and Intel Ethernet ...)
+CVE-2016-8105
 	NOT-FOR-US: Intel driver
-CVE-2016-8104 (Buffer overflow in Intel PROSet/Wireless Software and Drivers in ...)
+CVE-2016-8104
 	NOT-FOR-US: Intel driver
-CVE-2016-8103 (SMM call out in all Intel Branded NUC Kits allows a local privileged ...)
+CVE-2016-8103
 	NOT-FOR-US: Intel driver
-CVE-2016-8102 (Unquoted service path vulnerability in Intel Wireless Bluetooth ...)
+CVE-2016-8102
 	NOT-FOR-US: Intel driver
-CVE-2016-8101 (The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local ...)
+CVE-2016-8101
 	NOT-FOR-US: Intel SSD Toolbox
-CVE-2016-8100 (Intel Integrated Performance Primitives (aka IPP) Cryptography before ...)
+CVE-2016-8100
 	NOT-FOR-US: Intel
 CVE-2016-8099
 	REJECTED
@@ -8360,39 +8360,39 @@ CVE-2016-8034
 	REJECTED
 CVE-2016-8033
 	REJECTED
-CVE-2016-8032 (Software Integrity Attacks vulnerability in Intel Security Anti-Virus ...)
+CVE-2016-8032
 	NOT-FOR-US: Intel Security Anti-Virus
-CVE-2016-8031 (Software Integrity Attacks vulnerability in Intel Security Anti-Virus ...)
+CVE-2016-8031
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8030 (A memory corruption vulnerability in Scriptscan COM Object in McAfee ...)
+CVE-2016-8030
 	NOT-FOR-US: Intel antivirus
 CVE-2016-8029
 	REJECTED
 CVE-2016-8028
 	RESERVED
-CVE-2016-8027 (SQL injection vulnerability in core services in Intel Security McAfee ...)
+CVE-2016-8027
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8026 (Arbitrary command execution vulnerability in Intel Security McAfee ...)
+CVE-2016-8026
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8025 (SQL injection vulnerability in Intel Security VirusScan Enterprise ...)
+CVE-2016-8025
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8024 (Improper neutralization of CRLF sequences in HTTP headers ...)
+CVE-2016-8024
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8023 (Authentication bypass by assumed-immutable data vulnerability in Intel ...)
+CVE-2016-8023
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8022 (Authentication bypass by spoofing vulnerability in Intel Security ...)
+CVE-2016-8022
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8021 (Improper verification of cryptographic signature vulnerability in ...)
+CVE-2016-8021
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8020 (Improper control of generation of code vulnerability in Intel Security ...)
+CVE-2016-8020
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8019 (Cross-site scripting (XSS) vulnerability in attributes in Intel ...)
+CVE-2016-8019
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8018 (Cross-site request forgery (CSRF) vulnerability in Intel Security ...)
+CVE-2016-8018
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8017 (Special element injection vulnerability in Intel Security VirusScan ...)
+CVE-2016-8017
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8016 (Information exposure in Intel Security VirusScan Enterprise Linux ...)
+CVE-2016-8016
 	NOT-FOR-US: Intel antivirus
 CVE-2016-8015
 	RESERVED
@@ -8400,21 +8400,21 @@ CVE-2016-8014
 	RESERVED
 CVE-2016-8013
 	RESERVED
-CVE-2016-8012 (Access control vulnerability in Intel Security Data Loss Prevention ...)
+CVE-2016-8012
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8011 (Cross-site scripting vulnerability in Intel Security McAfee Endpoint ...)
+CVE-2016-8011
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8010 (Application protections bypass vulnerability in Intel Security McAfee ...)
+CVE-2016-8010
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8009 (Privilege escalation vulnerability in Intel Security McAfee ...)
+CVE-2016-8009
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8008 (Privilege escalation vulnerability in Windows 7 and Windows 10 in ...)
+CVE-2016-8008
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8007 (Authentication bypass vulnerability in McAfee Host Intrusion ...)
+CVE-2016-8007
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8006 (Authentication bypass vulnerability in Enterprise Security Manager ...)
+CVE-2016-8006
 	NOT-FOR-US: Intel Security McAfee Security Information and Event Management
-CVE-2016-8005 (File extension filtering vulnerability in Intel Security McAfee Email ...)
+CVE-2016-8005
 	NOT-FOR-US: Intel antivirus
 CVE-2016-8004
 	RESERVED
@@ -8424,7 +8424,7 @@ CVE-2016-8002
 	REJECTED
 CVE-2016-8001
 	RESERVED
-CVE-2016-7999 (ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote ...)
+CVE-2016-7999
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8433,7 +8433,7 @@ CVE-2016-7999 (ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remo
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23182 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23184 (3.0)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7998 (The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows ...)
+CVE-2016-7998
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8442,11 +8442,11 @@ CVE-2016-7998 (The SPIP template composer/compiler in SPIP 3.1.2 and earlier all
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23189 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23192 (3.0)
 	NOTE: reproducible in Jessie (3.0.17-2+deb8u2)
-CVE-2016-7997 (The WPG format reader in GraphicsMagick 1.3.25 and earlier allows ...)
+CVE-2016-7997
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-4
 	NOTE: patch for this and CVE-2016-7996 at: http://openwall.com/lists/oss-security/2016/10/07/4
-CVE-2016-7996 (Heap-based buffer overflow in the WPG format reader in GraphicsMagick ...)
+CVE-2016-7996
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.21-2
 	NOTE: The patch addressing CVE-2016-7996 applied is in 1.3.25-4, but in
@@ -8454,7 +8454,7 @@ CVE-2016-7996 (Heap-based buffer overflow in the WPG format reader in GraphicsMa
 	NOTE: 1.3.21-2 the build is done with --with-quantum-depth=16 switching
 	NOTE: away from the default with QuantumDepth=8
 	NOTE: patch for this and CVE-2016-7997 at: http://openwall.com/lists/oss-security/2016/10/07/4
-CVE-2016-7995 (Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in ...)
+CVE-2016-7995
 	- qemu 1:2.8+dfsg-1 (bug #840236)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in v2.6.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in v2.6.0-rc0)
@@ -8464,41 +8464,41 @@ CVE-2016-7995 (Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c
 	NOTE: Vulnerable code introduced in 49d925ce50383a286278143c05511d30ec41a36e
 	NOTE: Though this commit fixed an OOB read access issue which might need
 	NOTE: potentially a new separate CVE id if it does not have one yet.
-CVE-2016-7994 (Memory leak in the virtio_gpu_resource_create_2d function in ...)
+CVE-2016-7994
 	- qemu 1:2.8+dfsg-1 (bug #840228)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in 2.4.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in 2.4.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced in 2.4.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04129.html
-CVE-2016-7993 (A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause ...)
+CVE-2016-7993
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7992 (The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer ...)
+CVE-2016-7992
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7991 (On Samsung Galaxy S4 through S7 devices, the &quot;omacp&quot; app ignores ...)
+CVE-2016-7991
 	NOT-FOR-US: Samsung
-CVE-2016-7990 (On Samsung Galaxy S4 through S7 devices, an integer overflow condition ...)
+CVE-2016-7990
 	NOT-FOR-US: Samsung
-CVE-2016-7989 (On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS ...)
+CVE-2016-7989
 	NOT-FOR-US: Samsung
-CVE-2016-7988 (On Samsung Galaxy S4 through S7 devices, absence of permissions on the ...)
+CVE-2016-7988
 	NOT-FOR-US: Samsung
-CVE-2016-7987 (An issue was discovered in Siemens ETA4 firmware (all versions prior to ...)
+CVE-2016-7987
 	NOT-FOR-US: Siemens
-CVE-2016-7986 (The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow ...)
+CVE-2016-7986
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7985 (The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7985
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7984 (The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7984
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7983 (The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7983
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7982 (Directory traversal vulnerability in ecrire/exec/valider_xml.php in ...)
+CVE-2016-7982
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8519,7 +8519,7 @@ CVE-2016-7982 (Directory traversal vulnerability in ecrire/exec/valider_xml.php
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23207 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23208 (3.0)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7981 (Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP ...)
+CVE-2016-7981
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8528,7 +8528,7 @@ CVE-2016-7981 (Cross-site scripting (XSS) vulnerability in valider_xml.php in SP
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1.x)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23202 (3.0.x)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7980 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2016-7980
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8537,34 +8537,34 @@ CVE-2016-7980 (Cross-site request forgery (CSRF) vulnerability in ...)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23202 (3.0)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7975 (The TCP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7975
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7974 (The IP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7974
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7973 (The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7973
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7972 (The check_allocations function in libass/ass_shaper.c in libass before ...)
+CVE-2016-7972
 	{DLA-668-1}
 	- libass 0.13.4-1
 	[jessie] - libass <no-dsa> (Minor issue)
 	NOTE: https://github.com/libass/libass/pull/240/commits/aa54e0b59200a994d50a346b5d7ac818ebcf2d4b
 CVE-2016-7971
 	REJECTED
-CVE-2016-7970 (Buffer overflow in the calc_coeff function in libass/ass_blur.c in ...)
+CVE-2016-7970
 	- libass 0.13.4-1
 	[jessie] - libass <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libass <not-affected> (Vulnerable code first introduced in July 2015)
 	NOTE: Fixed by: https://github.com/libass/libass/pull/240/commits/08e754612019ed84d1db0d1fc4f5798248decd75
 	NOTE: Vulnerable function calc_coeff introduced in: https://github.com/libass/libass/commit/d787615845d78d8f8e6d1a4ffc3dc3eecd8a92f6 (0.13.0)
-CVE-2016-7969 (The wrap_lines_smart function in ass_render.c in libass before 0.13.4 ...)
+CVE-2016-7969
 	{DLA-668-1}
 	- libass 0.13.4-1
 	[jessie] - libass <no-dsa> (Minor issue)
 	NOTE: https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26
-CVE-2016-7968 (KMail since version 5.3.0 used a QWebEngine based viewer that had ...)
+CVE-2016-7968
 	- kf5-messagelib <not-affected> (Doesn't use qtwebengine, see bug #853241)
 	NOTE: https://www.kde.org/info/security/advisory-20161006-3.txt
 	NOTE: Would by fixed by: https://cgit.kde.org/messagelib.git/commit/?id=f601f9ffb706f7d3a5893b04f067a1f75da62c99
@@ -8577,23 +8577,23 @@ CVE-2016-7968 (KMail since version 5.3.0 used a QWebEngine based viewer that had
 	NOTE: https://cgit.kde.org/messagelib.git/commit/?id=0402c17a8ead92188971cb604d905b3072d56a73 (v16.08.2)
 	NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a
 	NOTE: user protected from this CVE by only viewing plain text mails.
-CVE-2016-7967 (KMail since version 5.3.0 used a QWebEngine based viewer that had ...)
+CVE-2016-7967
 	- kf5-messagelib <not-affected> (Doesn't use qtwebengine, see bug #853241)
 	NOTE: https://www.kde.org/info/security/advisory-20161006-2.txt
 	NOTE: Fixed by: https://cgit.kde.org/messagelib.git/commit/?id=dfc6a86f1b25f1da04b8f1df5320fcdd7085bcc1 (16.11.80)
 	NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a
 	NOTE: user protected from this CVE by only viewing plain text mails.
-CVE-2016-7966 (Through a malicious URL that contained a quote character it was ...)
+CVE-2016-7966
 	{DSA-3697-1 DLA-673-1}
 	- kdepimlibs 4:4.14.10-7 (bug #840546)
 	- kcoreaddons 5.26.0-3 (bug #840547)
 	NOTE: https://www.kde.org/info/security/advisory-20161006-1.txt
-CVE-2016-7965 (DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ...)
+CVE-2016-7965
 	- dokuwiki <unfixed> (bug #844732; unimportant)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1709
 	NOTE: Can be adresesd by properly configure dokuwiki as per
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1709#issuecomment-262337572
-CVE-2016-7964 (The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ...)
+CVE-2016-7964
 	- dokuwiki <unfixed> (low; bug #844731)
 	[buster] - dokuwiki <ignored> (Minor issue)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
@@ -8605,18 +8605,18 @@ CVE-2016-7962
 	RESERVED
 CVE-2016-7961
 	RESERVED
-CVE-2016-7960 (Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format ...)
+CVE-2016-7960
 	NOT-FOR-US: Siemens
-CVE-2016-7959 (Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores ...)
+CVE-2016-7959
 	NOT-FOR-US: Siemens
-CVE-2016-7958 (In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet ...)
+CVE-2016-7958
 	- wireshark 2.2.1+ga6fbd27-1
 	[jessie] - wireshark <not-affected> (Introduced with "Add checkAPI calls to CMake")
 	[wheezy] - wireshark <not-affected> (Introduced with "Add checkAPI calls to CMake")
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12945
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=67597cb2457fb843fa97d3f2c87b82dad6f0de07
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-57.html
-CVE-2016-7957 (In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, ...)
+CVE-2016-7957
 	- wireshark 2.2.1+ga6fbd27-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -8625,9 +8625,9 @@ CVE-2016-7957 (In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, ..
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-56.html
 CVE-2016-7956
 	RESERVED
-CVE-2016-7955 (The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, ...)
+CVE-2016-7955
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby code ...)
+CVE-2016-7954
 	- bundler <unfixed> (bug #842504)
 	[buster] - bundler <ignored> (Minor issue, too intrusive to backport)
 	[stretch] - bundler <ignored> (Minor issue, too intrusive to backport)
@@ -8636,185 +8636,185 @@ CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
 	NOTE: There is no plan (yet) from upstream to address this for bundler 1.x
 	NOTE: due to lockfile format.
-CVE-2016-7953 (Buffer underflow in X.org libXvMC before 1.0.10 allows remote X ...)
+CVE-2016-7953
 	{DLA-671-1}
 	- libxvmc 2:1.0.10-1 (low; bug #840445)
 	[jessie] - libxvmc 2:1.0.8-2+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb
-CVE-2016-7952 (X.org libXtst before 1.2.3 allows remote X servers to cause a denial ...)
+CVE-2016-7952
 	{DLA-686-1}
 	- libxtst 2:1.2.3-1 (low; bug #840444)
 	[jessie] - libxtst 2:1.2.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
-CVE-2016-7951 (Multiple integer overflows in X.org libXtst before 1.2.3 allow remote ...)
+CVE-2016-7951
 	{DLA-686-1}
 	- libxtst 2:1.2.3-1 (low; bug #840444)
 	[jessie] - libxtst 2:1.2.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
-CVE-2016-7950 (The XRenderQueryFilters function in X.org libXrender before 0.9.10 ...)
+CVE-2016-7950
 	{DLA-664-1}
 	- libxrender 1:0.9.10-1 (low; bug #840443)
 	[jessie] - libxrender <no-dsa> (Minor issue, will be fixed in a point release)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=8fad00b0b647ee662ce4737ca15be033b7a21714
-CVE-2016-7949 (Multiple buffer overflows in the (1) XvQueryAdaptors and (2) ...)
+CVE-2016-7949
 	{DLA-664-1}
 	- libxrender 1:0.9.10-1 (low; bug #840443)
 	[jessie] - libxrender <no-dsa> (Minor issue, will be fixed in a point release)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4
-CVE-2016-7948 (X.org libXrandr before 1.5.1 allows remote X servers to trigger ...)
+CVE-2016-7948
 	{DLA-660-1}
 	- libxrandr 2:1.5.1-1 (low; bug #840441)
 	[jessie] - libxrandr 2:1.4.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
-CVE-2016-7947 (Multiple integer overflows in X.org libXrandr before 1.5.1 allow ...)
+CVE-2016-7947
 	{DLA-660-1}
 	- libxrandr 2:1.5.1-1 (low; bug #840441)
 	[jessie] - libxrandr 2:1.4.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
-CVE-2016-7946 (X.org libXi before 1.7.7 allows remote X servers to cause a denial of ...)
+CVE-2016-7946
 	{DLA-685-1}
 	- libxi 2:1.7.8-1 (low; bug #840440)
 	[jessie] - libxi 2:1.7.4-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5
 	NOTE: Regression: https://bugs.freedesktop.org/98204
-CVE-2016-7945 (Multiple integer overflows in X.org libXi before 1.7.7 allow remote X ...)
+CVE-2016-7945
 	{DLA-685-1}
 	- libxi 2:1.7.8-1 (low; bug #840440)
 	[jessie] - libxi 2:1.7.4-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5
 	NOTE: Regression: https://bugs.freedesktop.org/98204
-CVE-2016-7944 (Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms ...)
+CVE-2016-7944
 	{DLA-654-1}
 	- libxfixes 1:5.0.3-1 (low; bug #840442)
 	[jessie] - libxfixes 1:5.0.1-2+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e
-CVE-2016-7943 (The XListFonts function in X.org libX11 before 1.6.4 might allow ...)
+CVE-2016-7943
 	{DLA-684-1}
 	- libx11 2:1.6.4-1 (low; bug #840439)
 	[jessie] - libx11 2:1.6.2-3+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9
-CVE-2016-7942 (The XGetImage function in X.org libX11 before 1.6.4 might allow remote ...)
+CVE-2016-7942
 	{DLA-684-1}
 	- libx11 2:1.6.4-1 (low; bug #840439)
 	[jessie] - libx11 2:1.6.2-3+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17
 CVE-2016-7941
 	RESERVED
-CVE-2016-7940 (The STP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7940
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7939 (The GRE parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7939
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7938 (The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in ...)
+CVE-2016-7938
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7937 (The VAT parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7937
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7936 (The UDP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7936
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7935 (The RTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7935
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7934 (The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7934
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7933 (The PPP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7933
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7932 (The PIM parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7932
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7931 (The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7931
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7930 (The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7930
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7929 (The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer ...)
+CVE-2016-7929
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7928 (The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7928
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7927 (The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7927
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7926 (The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7926
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7925 (The compressed SLIP parser in tcpdump before 4.9.0 has a buffer ...)
+CVE-2016-7925
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7924 (The ATM parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7924
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7923 (The ARP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7923
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7922 (The AH parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2016-7922
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7920
 	RESERVED
-CVE-2016-7919 (** DISPUTED ** Moodle 3.1.2 allows remote attackers to obtain ...)
+CVE-2016-7919
 	NOTE: Disputed moodle non-issue
 CVE-2016-7918
 	RESERVED
-CVE-2016-7917 (The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the ...)
+CVE-2016-7917
 	- linux 4.5.1-1 (low)
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/c58d6c93680f28ac58984af61d0a7ebf4319c241 (v4.5-rc6)
-CVE-2016-7916 (Race condition in the environ_read function in fs/proc/base.c in the ...)
+CVE-2016-7916
 	- linux 4.5.4-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8148a73c9901a8794a50f950083c00ccf97d43b3 (v4.6-rc7)
-CVE-2016-7915 (The hid_input_field function in drivers/hid/hid-core.c in the Linux ...)
+CVE-2016-7915
 	{DLA-772-1}
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/50220dead1650609206efe91f0cc116132d59b3f (v4.6-rc1)
-CVE-2016-7914 (The assoc_array_insert_into_terminal_node function in ...)
+CVE-2016-7914
 	- linux 4.5.3-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8d4a2ec1e0b41b0cf9a0c5cd4511da7f8e4f3de2 (v4.6-rc4)
-CVE-2016-7913 (The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c ...)
+CVE-2016-7913
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18 (v4.6-rc1)
-CVE-2016-7912 (Use-after-free vulnerability in the ffs_user_copy_worker function in ...)
+CVE-2016-7912
 	- linux 4.5.3-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/38740a5b87d53ceb89eb2c970150f6e94e00373a (v4.6-rc5)
-CVE-2016-7911 (Race condition in the get_task_ioprio function in block/ioprio.c in ...)
+CVE-2016-7911
 	{DLA-772-1}
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8ba8682107ee2ca3347354e018865d8e1967c5f4 (v4.7-rc7)
-CVE-2016-7910 (Use-after-free vulnerability in the disk_seqf_stop function in ...)
+CVE-2016-7910
 	{DLA-772-1}
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/77da160530dd1dc94f6ae15a981f24e5f0021e84 (v4.8-rc1)
-CVE-2016-7909 (The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick ...)
+CVE-2016-7909
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #839834)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
-CVE-2016-7908 (The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick ...)
+CVE-2016-7908
 	{DLA-1599-1 DLA-653-1 DLA-652-1}
 	- qemu 1:2.8+dfsg-1 (bug #839835)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=070c4b92b8cd5390889716677a0b92444d6e087a
-CVE-2016-7907 (The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick ...)
+CVE-2016-7907
 	- qemu 1:2.8+dfsg-3 (bug #839986)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after v2.5.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after v2.5.0-rc0)
@@ -8822,21 +8822,21 @@ CVE-2016-7907 (The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05556.html
 	NOTE: i.MX Fast Ethernet Controller emulation introduced in v2.5.0-rc0 with
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fcbd8018e645f3ab1ef9af94dc88a0d3272926d3 (v2.5.0-rc0)
-CVE-2016-7906 (magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to ...)
+CVE-2016-7906
 	{DSA-3726-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #840435)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/281
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d63a3c5729df59f183e9e110d5d8385d17caaad0
-CVE-2016-7905 (The read_gab2_sub function in libavformat/avidec.c in FFmpeg before ...)
+CVE-2016-7905
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/622ccbd8ab894e3ac6cdf607e3d4f39e406786e9 (n3.1.4)
-CVE-2016-7904 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple ...)
+CVE-2016-7904
 	NOT-FOR-US: CMS Made Simple
-CVE-2016-7903 (Dotclear before 2.10.3, when the Host header is not part of the web ...)
+CVE-2016-7903
 	- dotclear <removed>
 	NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/bb06343f4247
-CVE-2016-7902 (Unrestricted file upload vulnerability in the fileUnzip-&gt;unzip method ...)
+CVE-2016-7902
 	- dotclear <removed>
 	NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/a9db771a5a70
 CVE-2016-7901
@@ -8857,89 +8857,89 @@ CVE-2016-7894
 	REJECTED
 CVE-2016-7893
 	REJECTED
-CVE-2016-7892 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7892
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7891 (Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier ...)
+CVE-2016-7891
 	NOT-FOR-US: Adobe
-CVE-2016-7890 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7890
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7889 (Adobe Digital Editions versions 4.5.2 and earlier has an issue with ...)
+CVE-2016-7889
 	NOT-FOR-US: Adobe
-CVE-2016-7888 (Adobe Digital Editions versions 4.5.2 and earlier has an important ...)
+CVE-2016-7888
 	NOT-FOR-US: Adobe
-CVE-2016-7887 (Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and ...)
+CVE-2016-7887
 	NOT-FOR-US: Adobe
-CVE-2016-7886 (Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 ...)
+CVE-2016-7886
 	NOT-FOR-US: Adobe
-CVE-2016-7885 (Adobe Experience Manager versions 6.2 and earlier have a vulnerability ...)
+CVE-2016-7885
 	NOT-FOR-US: Adobe
-CVE-2016-7884 (Adobe Experience Manager versions 6.1 and earlier have an input ...)
+CVE-2016-7884
 	NOT-FOR-US: Adobe
-CVE-2016-7883 (Adobe Experience Manager version 6.2 has an input validation issue in ...)
+CVE-2016-7883
 	NOT-FOR-US: Adobe
-CVE-2016-7882 (Adobe Experience Manager versions 6.2 and earlier have an input ...)
+CVE-2016-7882
 	NOT-FOR-US: Adobe
-CVE-2016-7881 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7881
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7880 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7880
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7879 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7879
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7878 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7878
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7877 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7877
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7876 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7876
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7875 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7875
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7874 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7874
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7873 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7873
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7872 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7872
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7871 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7871
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7870 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7870
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7869 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7869
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7868 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7868
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7867 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and ...)
+CVE-2016-7867
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7866 (Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory ...)
+CVE-2016-7866
 	NOT-FOR-US: Adobe Animate
-CVE-2016-7865 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7865
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7864 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7864
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7863 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7863
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7862 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7862
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7861 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7861
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7860 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7860
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7859 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7859
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7858 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7858
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7857 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and ...)
+CVE-2016-7857
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7856 (Adobe DNG Converter versions 9.7 and earlier have an exploitable memory ...)
+CVE-2016-7856
 	NOT-FOR-US: Adobe DNG Converter
-CVE-2016-7855 (Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 ...)
+CVE-2016-7855
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7854 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7854
 	NOT-FOR-US: Adobe
-CVE-2016-7853 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7853
 	NOT-FOR-US: Adobe
-CVE-2016-7852 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7852
 	NOT-FOR-US: Adobe
-CVE-2016-7851 (Adobe Connect version 9.5.6 and earlier does not adequately validate ...)
+CVE-2016-7851
 	NOT-FOR-US: Adobe
 CVE-2016-7850
 	REJECTED
@@ -8951,41 +8951,41 @@ CVE-2016-7847
 	REJECTED
 CVE-2016-7846
 	REJECTED
-CVE-2016-7845 (GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload ...)
+CVE-2016-7845
 	NOT-FOR-US: GigaCC OFFICE
-CVE-2016-7844 (GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute ...)
+CVE-2016-7844
 	NOT-FOR-US: GigaCC OFFICE
-CVE-2016-7843 (Directory traversal vulnerability in AttacheCase for Java 0.60 and ...)
+CVE-2016-7843
 	NOT-FOR-US: AttacheCase
-CVE-2016-7842 (Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier ...)
+CVE-2016-7842
 	NOT-FOR-US: AttacheCase
-CVE-2016-7841 (Cross-site scripting vulnerability in Olive Diary DX allows remote ...)
+CVE-2016-7841
 	NOT-FOR-US: Olive Diary DX
-CVE-2016-7840 (Cross-site scripting vulnerability in WEB SCHEDULE allows remote ...)
+CVE-2016-7840
 	NOT-FOR-US: WEB SCHEDULE
-CVE-2016-7839 (Cross-site scripting vulnerability in Olive Blog allows remote ...)
+CVE-2016-7839
 	NOT-FOR-US: Olive Blog
-CVE-2016-7838 (Untrusted search path vulnerability in WinSparkle versions prior to ...)
+CVE-2016-7838
 	NOT-FOR-US: WinSparkle
-CVE-2016-7837 (Buffer overflow in BlueZ 5.41 and earlier allows an attacker to ...)
+CVE-2016-7837
 	- bluez 5.43-1
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.kernel.org/cgit/bluetooth/bluez.git/commit/?id=8514068150759c1d6a46d4605d2351babfde1601 (5.42)
-CVE-2016-7836 (SKYSEA Client View Ver.11.221.03 and earlier allows remote code ...)
+CVE-2016-7836
 	NOT-FOR-US: SKYSEA Client View
-CVE-2016-7835 (Use-after-free vulnerability in H2O allows remote attackers to cause a ...)
+CVE-2016-7835
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/1144
-CVE-2016-7834 (SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, ...)
+CVE-2016-7834
 	NOT-FOR-US: SONY
-CVE-2016-7833 (Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access ...)
+CVE-2016-7833
 	NOT-FOR-US: Cybozu
-CVE-2016-7832 (Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access ...)
+CVE-2016-7832
 	NOT-FOR-US: Cybozu
-CVE-2016-7831 (Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for ...)
+CVE-2016-7831
 	NOT-FOR-US: Sleipnir
-CVE-2016-7830 (Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C ...)
+CVE-2016-7830
 	NOT-FOR-US: Sony
 CVE-2016-7829
 	REJECTED
@@ -8993,68 +8993,68 @@ CVE-2016-7828
 	REJECTED
 CVE-2016-7827
 	REJECTED
-CVE-2016-7826 (Directory traversal vulnerability in Buffalo WNC01WH devices with ...)
+CVE-2016-7826
 	NOT-FOR-US: Buffalo
-CVE-2016-7825 (Directory traversal vulnerability in Buffalo WNC01WH devices with ...)
+CVE-2016-7825
 	NOT-FOR-US: Buffalo
-CVE-2016-7824 (Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier ...)
+CVE-2016-7824
 	NOT-FOR-US: Buffalo
-CVE-2016-7823 (Cross-site scripting vulnerability in Buffalo WNC01WH devices with ...)
+CVE-2016-7823
 	NOT-FOR-US: Buffalo
-CVE-2016-7822 (Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH ...)
+CVE-2016-7822
 	NOT-FOR-US: Buffalo
-CVE-2016-7821 (Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier ...)
+CVE-2016-7821
 	NOT-FOR-US: Buffalo
-CVE-2016-7820 (Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 ...)
+CVE-2016-7820
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7819 (I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and ...)
+CVE-2016-7819
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7818 (Untrusted search path vulnerability in Installers for Specification ...)
+CVE-2016-7818
 	NOT-FOR-US: Untrusted search path vulnerability in various installers
-CVE-2016-7817 (Cross-site scripting vulnerability in Simple keitai chat 2.0 and ...)
+CVE-2016-7817
 	NOT-FOR-US: Simple keitai chat
-CVE-2016-7816 (The Cybozu kintone mobile for Android 1.0.6 and earlier does not ...)
+CVE-2016-7816
 	NOT-FOR-US: Cybozu
-CVE-2016-7815 (Remote Service Manager 3.0.0 to 3.1.4 fails to verify client ...)
+CVE-2016-7815
 	NOT-FOR-US: Remote Service Manager provided by Cybozu
-CVE-2016-7814 (I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and ...)
+CVE-2016-7814
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7813 (Cross-site scripting vulnerability in DERAEMON-CMS version 0.8.9 and ...)
+CVE-2016-7813
 	NOT-FOR-US: DERAEMON-CMS
-CVE-2016-7812 (The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android ver5.3.1, ...)
+CVE-2016-7812
 	NOT-FOR-US: Bank of Tokyo-Mitsubishi UFJ, Ltd. App
-CVE-2016-7811 (Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker ...)
+CVE-2016-7811
 	NOT-FOR-US: Corega
-CVE-2016-7810 (Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. ...)
+CVE-2016-7810
 	NOT-FOR-US: Corega
-CVE-2016-7809 (Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX ...)
+CVE-2016-7809
 	NOT-FOR-US: Corega
-CVE-2016-7808 (Cross-site scripting vulnerability in Corega CG-WLBARGMH and ...)
+CVE-2016-7808
 	NOT-FOR-US: Corega
-CVE-2016-7807 (I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow ...)
+CVE-2016-7807
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7806 (I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow ...)
+CVE-2016-7806
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7805 (The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate ...)
+CVE-2016-7805
 	NOT-FOR-US: mobiGate App
-CVE-2016-7804 (Untrusted search path vulnerability in 7 Zip for Windows 16.02 and ...)
+CVE-2016-7804
 	NOT-FOR-US: 7 Zip for Windows
-CVE-2016-7803 (SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows ...)
+CVE-2016-7803
 	NOT-FOR-US: Cybozu
-CVE-2016-7802 (Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 ...)
+CVE-2016-7802
 	NOT-FOR-US: Cybozu
-CVE-2016-7801 (Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access ...)
+CVE-2016-7801
 	NOT-FOR-US: Cybozu
-CVE-2016-7800 (Integer underflow in the parse8BIM function in coders/meta.c in ...)
+CVE-2016-7800
 	{DSA-3746-1 DLA-651-1}
 	- graphicsmagick 1.3.25-3
 	NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/5c7b6d6094a25e99c57f8b18343914ebfd8213ef/
-CVE-2016-7799 (MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote ...)
+CVE-2016-7799
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #840437)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/280
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa
-CVE-2016-7798 (The openssl gem for Ruby uses the same initialization vector (IV) in ...)
+CVE-2016-7798
 	{DSA-3966-1 DLA-1421-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #842432)
 	- ruby2.1 <removed> (bug #842544)
@@ -9064,19 +9064,19 @@ CVE-2016-7798 (The openssl gem for Ruby uses the same initialization vector (IV)
 	NOTE: https://github.com/attr-encrypted/attr_encrypted/issues/203
 	- ruby-encryptor 3.0.0-1
 	NOTE: https://github.com/attr-encrypted/encryptor/pull/22
-CVE-2016-7797 (Pacemaker before 1.1.15, when using pacemaker remote, might allow ...)
+CVE-2016-7797
 	- pacemaker 1.1.15~rc3-1
 	[wheezy] - pacemaker <not-affected> (Vulnerable code introduced after 1.1.10)
 	NOTE: http://bugs.clusterlabs.org/show_bug.cgi?id=5269
 	NOTE: Fixed by: https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410 (Pacemaker-1.1.15-rc1)
 	NOTE: Vulnerable code introduced in: https://github.com/ClusterLabs/pacemaker/commit/87f40917feb5109f827d83765c924acbbd824379 (Pacemaker-1.1.12-rc1)
-CVE-2016-7796 (The manager_dispatch_notify_fd function in systemd allows local users ...)
+CVE-2016-7796
 	{DLA-659-1}
 	- systemd 231-9 (bug #839607)
 	[jessie] - systemd 215-17+deb8u6
 	NOTE: https://github.com/systemd/systemd/issues/4234#issuecomment-250441246
 	NOTE: Fixed by: https://github.com/systemd/systemd/pull/4240
-CVE-2016-7795 (The manager_invoke_notify_message function in systemd 231 and earlier ...)
+CVE-2016-7795
 	- systemd 231-9 (bug #839171)
 	[jessie] - systemd <not-affected> (Introduced in 219)
 	[wheezy] - systemd <not-affected> (Introduced in 219)
@@ -9084,21 +9084,21 @@ CVE-2016-7795 (The manager_invoke_notify_message function in systemd 231 and ear
 	NOTE: https://github.com/systemd/systemd/commit/531ac2b2349da02acc9c382849758e07eb92b020
 	NOTE: Originally fixed in 231-8 but caused a regression fixed in 231-9
 	NOTE: https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet
-CVE-2016-7794 (sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to ...)
+CVE-2016-7794
 	- git-hub 0.10.2-2 (bug #839284)
-CVE-2016-7793 (sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to ...)
+CVE-2016-7793
 	- git-hub 0.10.2-2 (bug #839284)
-CVE-2016-7792 (Ubiquiti Networks UniFi 5.2.7 does not restrict access to the ...)
+CVE-2016-7792
 	NOT-FOR-US: Ubiquiti Networks UniFi
-CVE-2016-7791 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability ...)
+CVE-2016-7791
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7790 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability ...)
+CVE-2016-7790
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7789 (SQL injection vulnerability in framework/core/models/expConfig.php in ...)
+CVE-2016-7789
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7788 (SQL injection vulnerability in framework/modules/users/models/user.php ...)
+CVE-2016-7788
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7787 (A maliciously crafted command line for kdesu can result in the user ...)
+CVE-2016-7787
 	- kde-cli-tools 4:5.8.0-1 (bug #839865)
 	- kde-runtime 4:16.08.3-2 (bug #842498)
 	[jessie] - kde-runtime <no-dsa> (Minor issue)
@@ -9112,26 +9112,26 @@ CVE-2016-7787 (A maliciously crafted command line for kdesu can result in the us
 	NOTE: For kde-cli-tools fixed in 5.7.5 upstream
 	NOTE: kde-runtime's affected binary is /usr/lib/kde4/libexec/kdesu-distrib/kdesu
 	NOTE: kdesudo's affected binary is /usr/bin/kdesudo
-CVE-2016-7786 (Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated ...)
+CVE-2016-7786
 	NOT-FOR-US: Sophos
-CVE-2016-7785 (The avi_read_seek function in libavformat/avidec.c in FFmpeg before ...)
+CVE-2016-7785
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c8c5f66b42edc37474baa5cb51460cbf6f33075b (n3.1.4)
-CVE-2016-7784 (SQL injection vulnerability in the getSection function in ...)
+CVE-2016-7784
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7783 (SQL injection vulnerability in framework/core/models/expRecord.php in ...)
+CVE-2016-7783
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7782 (SQL injection vulnerability in framework/core/models/expConfig.php in ...)
+CVE-2016-7782
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7781 (SQL injection vulnerability in ...)
+CVE-2016-7781
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7780 (SQL injection vulnerability in cron/find_help.php in Exponent CMS ...)
+CVE-2016-7780
 	NOT-FOR-US: Exponent CMS
 CVE-2016-7779
 	RESERVED
 CVE-2016-7778
 	RESERVED
-CVE-2016-7777 (Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which ...)
+CVE-2016-7777
 	{DSA-3729-1 DLA-699-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-190.html
@@ -9157,19 +9157,19 @@ CVE-2016-7767
 	REJECTED
 CVE-2016-7766
 	REJECTED
-CVE-2016-7765 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7765
 	NOT-FOR-US: Apple
 CVE-2016-7764
 	REJECTED
 CVE-2016-7763
 	REJECTED
-CVE-2016-7762 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7762
 	NOT-FOR-US: Apple
-CVE-2016-7761 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7761
 	NOT-FOR-US: Apple
 CVE-2016-7760
 	REJECTED
-CVE-2016-7759 (An issue was discovered in certain Apple products. iOS before 10 is ...)
+CVE-2016-7759
 	NOT-FOR-US: Apple
 CVE-2016-7758
 	REJECTED
@@ -9203,7 +9203,7 @@ CVE-2016-7744
 	REJECTED
 CVE-2016-7743
 	REJECTED
-CVE-2016-7742 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7742
 	NOT-FOR-US: Apple
 CVE-2016-7741
 	REJECTED
@@ -9259,7 +9259,7 @@ CVE-2016-7716
 	REJECTED
 CVE-2016-7715
 	REJECTED
-CVE-2016-7714 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7714
 	NOT-FOR-US: Apple
 CVE-2016-7713
 	REJECTED
@@ -9353,226 +9353,226 @@ CVE-2016-7669
 	REJECTED
 CVE-2016-7668
 	REJECTED
-CVE-2016-7667 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7667
 	NOT-FOR-US: Apple
-CVE-2016-7666 (An issue was discovered in certain Apple products. Transporter before ...)
+CVE-2016-7666
 	NOT-FOR-US: Apple
-CVE-2016-7665 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7665
 	NOT-FOR-US: Apple
-CVE-2016-7664 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7664
 	NOT-FOR-US: Apple
-CVE-2016-7663 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7663
 	NOT-FOR-US: Apple
-CVE-2016-7662 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7662
 	NOT-FOR-US: Apple
-CVE-2016-7661 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7661
 	NOT-FOR-US: Apple
-CVE-2016-7660 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7660
 	NOT-FOR-US: Apple
-CVE-2016-7659 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7659
 	NOT-FOR-US: Apple
-CVE-2016-7658 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7658
 	NOT-FOR-US: Apple
-CVE-2016-7657 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7657
 	NOT-FOR-US: Apple
-CVE-2016-7656 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7656
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7655 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7655
 	NOT-FOR-US: Apple
-CVE-2016-7654 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7654
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7653 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7653
 	NOT-FOR-US: Apple
-CVE-2016-7652 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7652
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7651 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7651
 	NOT-FOR-US: Apple
-CVE-2016-7650 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7650
 	NOT-FOR-US: Apple
-CVE-2016-7649 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7649
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7648 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7648
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
 CVE-2016-7647
 	REJECTED
-CVE-2016-7646 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7646
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7645 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7645
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7644 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7644
 	NOT-FOR-US: Apple
-CVE-2016-7643 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7643
 	NOT-FOR-US: Apple
-CVE-2016-7642 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7642
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7641 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7641
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7640 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7640
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7639 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7639
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7638 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7638
 	NOT-FOR-US: Apple
-CVE-2016-7637 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7637
 	NOT-FOR-US: Apple
-CVE-2016-7636 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7636
 	NOT-FOR-US: Apple
-CVE-2016-7635 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7635
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7634 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7634
 	NOT-FOR-US: Apple
-CVE-2016-7633 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7633
 	NOT-FOR-US: Apple
-CVE-2016-7632 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7632
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
 CVE-2016-7631
 	REJECTED
-CVE-2016-7630 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7630
 	NOT-FOR-US: Apple
-CVE-2016-7629 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7629
 	NOT-FOR-US: Apple
-CVE-2016-7628 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7628
 	NOT-FOR-US: Apple
-CVE-2016-7627 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7627
 	NOT-FOR-US: Apple
-CVE-2016-7626 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7626
 	NOT-FOR-US: Apple
-CVE-2016-7625 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7625
 	NOT-FOR-US: Apple
-CVE-2016-7624 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7624
 	NOT-FOR-US: Apple
-CVE-2016-7623 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7623
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7622 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7622
 	NOT-FOR-US: Apple
-CVE-2016-7621 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7621
 	NOT-FOR-US: Apple
-CVE-2016-7620 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7620
 	NOT-FOR-US: Apple
-CVE-2016-7619 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7619
 	NOT-FOR-US: Apple
-CVE-2016-7618 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7618
 	NOT-FOR-US: Apple
-CVE-2016-7617 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7617
 	NOT-FOR-US: Apple
-CVE-2016-7616 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7616
 	NOT-FOR-US: Apple
-CVE-2016-7615 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7615
 	NOT-FOR-US: Apple
-CVE-2016-7614 (An issue was discovered in certain Apple products. iCloud before 6.1 ...)
+CVE-2016-7614
 	NOT-FOR-US: Apple
-CVE-2016-7613 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-7613
 	NOT-FOR-US: Apple
-CVE-2016-7612 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7612
 	NOT-FOR-US: Apple
-CVE-2016-7611 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7611
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7610 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7610
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7609 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7609
 	NOT-FOR-US: Apple
-CVE-2016-7608 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7608
 	NOT-FOR-US: Apple
-CVE-2016-7607 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7607
 	NOT-FOR-US: Apple
-CVE-2016-7606 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7606
 	NOT-FOR-US: Apple
-CVE-2016-7605 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7605
 	NOT-FOR-US: Apple
-CVE-2016-7604 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7604
 	NOT-FOR-US: Apple
-CVE-2016-7603 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7603
 	NOT-FOR-US: Apple
-CVE-2016-7602 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7602
 	NOT-FOR-US: Apple
-CVE-2016-7601 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7601
 	NOT-FOR-US: Apple
-CVE-2016-7600 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7600
 	NOT-FOR-US: Apple
-CVE-2016-7599 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7599
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7598 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7598
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7597 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7597
 	NOT-FOR-US: Apple
-CVE-2016-7596 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7596
 	NOT-FOR-US: Apple
-CVE-2016-7595 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7595
 	NOT-FOR-US: Apple
-CVE-2016-7594 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7594
 	NOT-FOR-US: Apple
 CVE-2016-7593
 	REJECTED
-CVE-2016-7592 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7592
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7591 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7591
 	NOT-FOR-US: Apple
 CVE-2016-7590
 	REJECTED
-CVE-2016-7589 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7589
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7588 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7588
 	NOT-FOR-US: Apple
-CVE-2016-7587 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7587
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7586 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-7586
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7585 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-7585
 	NOT-FOR-US: Apple
-CVE-2016-7584 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-7584
 	NOT-FOR-US: Apple
-CVE-2016-7583 (An issue was discovered in certain Apple products. iCloud before 6.0.1 ...)
+CVE-2016-7583
 	NOT-FOR-US: Apple
-CVE-2016-7582 (An issue was discovered in certain Apple products. macOS before 10.12 ...)
+CVE-2016-7582
 	NOT-FOR-US: Apple
-CVE-2016-7581 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-7581
 	NOT-FOR-US: Apple
-CVE-2016-7580 (An issue was discovered in certain Apple products. macOS before 10.12 ...)
+CVE-2016-7580
 	NOT-FOR-US: Apple
-CVE-2016-7579 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-7579
 	NOT-FOR-US: Apple
-CVE-2016-7578 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-7578
 	NOT-FOR-US: Apple
-CVE-2016-7577 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-7577
 	NOT-FOR-US: Apple
-CVE-2016-7576 (In iOS before 9.3.3, a memory corruption issue existed in the kernel. ...)
+CVE-2016-7576
 	NOT-FOR-US: Apple
 CVE-2016-7574
 	RESERVED
 CVE-2016-7573
 	RESERVED
-CVE-2016-7572 (The system.temporary route in Drupal 8.x before 8.1.10 does not ...)
+CVE-2016-7572
 	- drupal7 <not-affected> (Only affects Drupal 8)
-CVE-2016-7571 (Cross-site scripting (XSS) vulnerability in Drupal 8.x before 8.1.10 ...)
+CVE-2016-7571
 	- drupal7 <not-affected> (Only affects Drupal 8)
-CVE-2016-7570 (Drupal 8.x before 8.1.10 does not properly check for &quot;Administer ...)
+CVE-2016-7570
 	- drupal7 <not-affected> (Only affects Drupal 8)
-CVE-2016-7569 (Directory traversal vulnerability in docker2aci before 0.13.0 allows ...)
+CVE-2016-7569
 	- golang-github-appc-docker2aci 0.14.0+dfsg-1 (bug #839282)
 	NOTE: https://github.com/appc/docker2aci/issues/201
-CVE-2016-7568 (Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD ...)
+CVE-2016-7568
 	{DSA-3693-1}
 	- libgd2 2.2.3-87-gd0fec80-1 (bug #839659)
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -9583,23 +9583,23 @@ CVE-2016-7568 (Integer overflow in the gdImageWebpCtx function in gd_webp.c in t
 	[jessie] - php5 5.6.27+dfsg-0+deb8u1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73003
 	NOTE: https://github.com/php/php-src/commit/c18263e0e0769faee96a5d0ee04b750c442783c6
-CVE-2016-7567 (Buffer overflow in the SLPFoldWhiteSpace function in ...)
+CVE-2016-7567
 	- openslp-dfsg <not-affected> (Only affects openslp 2)
 	NOTE: https://sourceforge.net/p/openslp/mercurial/ci/34fb3aa5e6b4997fa21cb614e480de36da5dbc9a/
 CVE-2016-7566
 	RESERVED
-CVE-2016-7565 (install/index.php in Exponent CMS 2.3.9 allows remote attackers to ...)
+CVE-2016-7565
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7564 (Heap-based buffer overflow in the Fp_toString function in jsfunction.c ...)
+CVE-2016-7564
 	NOT-FOR-US: MuJS
-CVE-2016-7563 (The chartorune function in Artifex Software MuJS allows attackers to ...)
+CVE-2016-7563
 	NOT-FOR-US: MuJS
-CVE-2016-7562 (The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before ...)
+CVE-2016-7562
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/496267f8e9ec218351e4359e1fde48722d4fc804 (n3.1.4)
-CVE-2016-7561 (Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, ...)
+CVE-2016-7561
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2016-7560 (The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, ...)
+CVE-2016-7560
 	NOT-FOR-US: Fortinet FortiWLC
 CVE-2016-7559
 	RESERVED
@@ -9609,24 +9609,24 @@ CVE-2016-7557
 	RESERVED
 CVE-2016-7556
 	RESERVED
-CVE-2016-7555 (The avi_read_header function in libavformat/avidec.c in FFmpeg before ...)
+CVE-2016-7555
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/8834e080c20d3d23c3ffe779371359f9b9b835ec (n3.1.4)
 CVE-2016-7554
 	REJECTED
-CVE-2016-7552 (On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory ...)
+CVE-2016-7552
 	NOT-FOR-US: Trend Micro Threat Discovery Appliance
-CVE-2016-7549 (Google Chrome before 53.0.2785.113 does not ensure that the recipient ...)
+CVE-2016-7549
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2016-7548
 	RESERVED
-CVE-2016-7547 (A command execution flaw on the Trend Micro Threat Discovery Appliance ...)
+CVE-2016-7547
 	NOT-FOR-US: Trend Micro Threat Discovery Appliance
 CVE-2016-7546
 	RESERVED
-CVE-2016-7545 (SELinux policycoreutils allows local users to execute arbitrary ...)
+CVE-2016-7545
 	{DLA-638-1}
 	- policycoreutils 2.5-3 (bug #838599)
 	[jessie] - policycoreutils <not-affected> ("sandbox" executable not packaged in this version)
@@ -9636,9 +9636,9 @@ CVE-2016-7545 (SELinux policycoreutils allows local users to execute arbitrary .
 	NOTE: Marked as exception as not-affected, although the source is affected but the built
 	NOTE: binary packages do not contain the sandbox binary. We cannot use 'unimportant'
 	NOTE: severity here since the unstable version builts a binary package which contains it.
-CVE-2016-7544 (Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and ...)
+CVE-2016-7544
 	- libcrypto++ <not-affected> (Vulnerable code intorduced in 5.6.4, only affects Windows and Microsoft compilers)
-CVE-2016-7543 (Bash before 4.4 allows local users to execute arbitrary commands with ...)
+CVE-2016-7543
 	{DLA-680-1}
 	- bash 4.4-1
 	[jessie] - bash 4.3-11+deb8u1
@@ -9646,13 +9646,13 @@ CVE-2016-7543 (Bash before 4.4 allows local users to execute arbitrary commands
 	NOTE: Default shell is dash which is not vulnerable, but bash in Jessie and
 	NOTE: Wheezy are affected.
 	NOTE: Fixed by (4.3): https://ftp.gnu.org/pub/gnu/bash/bash-4.3-patches/bash43-048
-CVE-2016-7542 (A read-only administrator on Fortinet devices with FortiOS 5.2.x ...)
+CVE-2016-7542
 	NOT-FOR-US: FortiOS
-CVE-2016-7541 (Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x ...)
+CVE-2016-7541
 	NOT-FOR-US: FortiOS
 CVE-2016-7512
 	RESERVED
-CVE-2016-7511 (Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows ...)
+CVE-2016-7511
 	{DLA-635-1}
 	- dwarfutils 20160923-1 (bug #838757)
 	[jessie] - dwarfutils <no-dsa> (Minor issue, can be fixed in point release)
@@ -9662,7 +9662,7 @@ CVE-2016-7511 (Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 al
 	NOTE: See though notes for CVE-2016-7410, the 3767305debcba8bd7e1c483ae48c509d25399252
 	NOTE: seem to be the ultimate fix upstream, introducing commit should as well still be
 	NOTE: found.
-CVE-2016-7510 (The read_line_table_program function in ...)
+CVE-2016-7510
 	{DLA-635-1}
 	- dwarfutils 20160923-1 (bug #838756)
 	[jessie] - dwarfutils <no-dsa> (Minor issue, can be fixed in point release)
@@ -9673,25 +9673,25 @@ CVE-2016-7510 (The read_line_table_program function in ...)
 	NOTE: See though notes for CVE-2016-7410, the 3767305debcba8bd7e1c483ae48c509d25399252
 	NOTE: seem to be the ultimate fix upstream, introducing commit should as well still be
 	NOTE: found.
-CVE-2016-7509 (Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote ...)
+CVE-2016-7509
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2016-7508 (Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an ...)
+CVE-2016-7508
 	- glpi <removed> (unimportant)
 	NOTE: https://github.com/glpi-project/glpi/issues/1047
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2016-7507 (Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows ...)
+CVE-2016-7507
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2016-7506 (An out-of-bounds read vulnerability was observed in Sp_replace_regexp ...)
+CVE-2016-7506
 	NOT-FOR-US: MuJS
-CVE-2016-7505 (A buffer overflow vulnerability was observed in divby function of ...)
+CVE-2016-7505
 	NOT-FOR-US: MuJS
-CVE-2016-7504 (A use-after-free vulnerability was observed in Rp_toString function of ...)
+CVE-2016-7504
 	NOT-FOR-US: MuJS
 CVE-2016-7503
 	RESERVED
-CVE-2016-7502 (The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before ...)
+CVE-2016-7502
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/9d738e6968757d4e70c8e07e0b720ac0004accc4 (n3.1.4)
 CVE-2016-7501
@@ -9699,10 +9699,10 @@ CVE-2016-7501
 	NOT-FOR-US: Oracle
 CVE-2016-7500
 	RESERVED
-CVE-2016-7499 (The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote ...)
+CVE-2016-7499
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/
-CVE-2016-7498 (OpenStack Compute (nova) 13.0.0 does not properly delete instances ...)
+CVE-2016-7498
 	- nova 2:13.1.0-1
 	[jessie] - nova <not-affected> (Vulnerable code (re)introduced later)
 	[wheezy] - nova <not-affected> (Vulnerable code (re)introduced later)
@@ -9722,11 +9722,11 @@ CVE-2016-7492
 	REJECTED
 CVE-2016-7491
 	REJECTED
-CVE-2016-7490 (The installation script studioexpressinstall for Teradata Studio ...)
+CVE-2016-7490
 	NOT-FOR-US: Teradata Studio Express
-CVE-2016-7489 (Teradata Virtual Machine Community Edition v15.10's perl script ...)
+CVE-2016-7489
 	NOT-FOR-US: Teradata Virtual Machine Community Edition
-CVE-2016-7488 (Teradata Virtual Machine Community Edition v15.10 has insecure file ...)
+CVE-2016-7488
 	NOT-FOR-US: Teradata Virtual Machine Community Edition
 CVE-2016-7487
 	REJECTED
@@ -9742,11 +9742,11 @@ CVE-2016-7482
 	REJECTED
 CVE-2016-7481
 	REJECTED
-CVE-2016-7480 (The SplObjectStorage unserialize implementation in ...)
+CVE-2016-7480
 	- php7.0 7.0.12-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73257
 	NOTE: Fixed in 7.0.12
-CVE-2016-7479 (In all versions of PHP 7, during the unserialization process, resizing ...)
+CVE-2016-7479
 	{DSA-3783-1 DLA-875-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
@@ -9759,7 +9759,7 @@ CVE-2016-7479 (In all versions of PHP 7, during the unserialization process, res
 	NOTE: The change is in 5.6+, even though the property table issue only affects
 	NOTE: PHP 7, because this also prevents a wide range of other __wakeup() based
 	NOTE: attacks.
-CVE-2016-7478 (Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x ...)
+CVE-2016-7478
 	{DSA-3732-1 DLA-875-1}
 	- php7.1 <not-affected> (Fixed before initial upload to Debian)
 	- php7.0 7.0.13-1
@@ -9767,63 +9767,63 @@ CVE-2016-7478 (Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73093
 	NOTE: Patch for 5.6.x: http://git.php.net/?p=php-src.git;a=commit;h=40e7baab3c90001beee4c8f0ed0ef79ad18ee0d6 (5.6.28)
 	NOTE: backported patch for 5.4: https://lists.debian.org/87efysy07p.fsf@curie.anarc.at
-CVE-2016-7477 (The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 ...)
+CVE-2016-7477
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/20/libav-null-pointer-dereference-in-ff_put_pixels8_xy2_mmx-rnd_template-c/
-CVE-2016-7476 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, ...)
+CVE-2016-7476
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-7475 (Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or ...)
+CVE-2016-7475
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-7474 (In some cases the MCPD binary cache in F5 BIG-IP devices may allow a ...)
+CVE-2016-7474
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-7473
 	REJECTED
-CVE-2016-7472 (F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to ...)
+CVE-2016-7472
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-7471
 	REJECTED
 CVE-2016-7470
 	REJECTED
-CVE-2016-7469 (A stored cross-site scripting (XSS) vulnerability in the Configuration ...)
+CVE-2016-7469
 	NOT-FOR-US: BIG-IP
-CVE-2016-7468 (An unauthenticated remote attacker may be able to disrupt services on ...)
+CVE-2016-7468
 	NOT-FOR-US: F5
-CVE-2016-7467 (The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 ...)
+CVE-2016-7467
 	NOT-FOR-US: F5
 CVE-2016-7465
 	REJECTED
 CVE-2016-7464
 	REJECTED
-CVE-2016-7463 (Cross-site scripting (XSS) vulnerability in the Host Client in VMware ...)
+CVE-2016-7463
 	NOT-FOR-US: VMware
-CVE-2016-7462 (The Suite REST API in VMware vRealize Operations (aka vROps) 6.x ...)
+CVE-2016-7462
 	NOT-FOR-US: VMware
-CVE-2016-7461 (The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x ...)
+CVE-2016-7461
 	NOT-FOR-US: VMware
-CVE-2016-7460 (The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and ...)
+CVE-2016-7460
 	NOT-FOR-US: VMware
-CVE-2016-7459 (VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote ...)
+CVE-2016-7459
 	NOT-FOR-US: VMware
-CVE-2016-7458 (VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote ...)
+CVE-2016-7458
 	NOT-FOR-US: VMware
-CVE-2016-7457 (VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote ...)
+CVE-2016-7457
 	NOT-FOR-US: VMware
-CVE-2016-7456 (VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH ...)
+CVE-2016-7456
 	NOT-FOR-US: VMware
 CVE-2016-7455
 	RESERVED
-CVE-2016-7454 (CSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T) ...)
+CVE-2016-7454
 	NOT-FOR-US: Technicolor TC dpc3941T
-CVE-2016-7453 (The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could ...)
+CVE-2016-7453
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7452 (The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could ...)
+CVE-2016-7452
 	NOT-FOR-US: Exponent CMS
 CVE-2016-7451
 	RESERVED
-CVE-2016-7450 (The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before ...)
+CVE-2016-7450
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ac8ac46641adef208485baebc3734463bf0bd266 (n3.1.4)
-CVE-2016-7449 (The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 ...)
+CVE-2016-7449
 	{DLA-1401-1 DLA-651-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: The scope of the CVE is for all of these reported TIFF problems.
@@ -9835,31 +9835,31 @@ CVE-2016-7449 (The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.
 	NOTE: https://blogs.gentoo.org/ago/2016/08/23/graphicsmagick-two-heap-based-buffer-overflow-in-readtiffimage-tiff-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/graphicsmagick-null-pointer-dereference-in-magickstrlcpy-utility-c/
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/eb58028dacf5
-CVE-2016-7448 (The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote ...)
+CVE-2016-7448
 	{DLA-1401-1 DLA-683-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/30043afadb10
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d972c761b55d
-CVE-2016-7447 (Heap-based buffer overflow in the EscapeParenthesis function in ...)
+CVE-2016-7447
 	{DLA-1401-1 DLA-651-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d580e3c3c034
-CVE-2016-7446 (Buffer overflow in the MVG and SVG rendering code in GraphicsMagick ...)
+CVE-2016-7446
 	{DLA-1401-1 DLA-651-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: For the http://www.graphicsmagick.org/NEWS.html#september-5-2016 case
 	NOTE: which remained present in the 1.3.24 release (and was not fixed until 1.3.25)
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6071b5820215
-CVE-2016-7445 (convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a ...)
+CVE-2016-7445
 	- openjpeg2 2.1.2-1 (unimportant; bug #838690)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/843
 	NOTE: PoC: https://github.com/STARLABSEC/pocs/raw/master/openjpeg-nullptr-github-issue-842.ppm
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-7442 (The Frontend component in Sophos UTM with firmware 9.405-5 and earlier ...)
+CVE-2016-7442
 	NOT-FOR-US: Sophos UTM
 CVE-2016-7441
 	RESERVED
-CVE-2016-7440 (The C software implementation of AES Encryption and Decryption in ...)
+CVE-2016-7440
 	{DSA-3711-1 DSA-3706-1 DLA-708-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.16-1 (bug #841163)
@@ -9867,23 +9867,23 @@ CVE-2016-7440 (The C software implementation of AES Encryption and Decryption in
 	- mysql-5.5 <removed> (bug #841050)
 	NOTE: Fixed in MariaDB 5.5.53, MariaDB 10.0.28
 	- wolfssl 3.9.10+dfsg-1
-CVE-2016-7439 (The C software implementation of RSA in wolfSSL (formerly CyaSSL) ...)
+CVE-2016-7439
 	- wolfssl 3.9.10+dfsg-1
-CVE-2016-7438 (The C software implementation of ECC in wolfSSL (formerly CyaSSL) ...)
+CVE-2016-7438
 	- wolfssl 3.9.10+dfsg-1
-CVE-2016-7437 (SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the ...)
+CVE-2016-7437
 	NOT-FOR-US: SAP Netweaver
 CVE-2016-7436
 	RESERVED
-CVE-2016-7435 (The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and ...)
+CVE-2016-7435
 	NOT-FOR-US: SAP Netweaver
-CVE-2016-7434 (The read_mru_list function in NTP before 4.2.8p9 allows remote ...)
+CVE-2016-7434
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (mrulist introduced in ntp-4.2.7p22, vulnerable code not present)
 	[wheezy] - ntp <not-affected> (mrulist introduced in ntp-4.2.7p22, vulnerable code not present)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3082
 	NOTE: Only possible to trigger from hosts in allow mrulist query.
-CVE-2016-7433 (NTP before 4.2.8p9 does not properly perform the initial sync ...)
+CVE-2016-7433
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385)
 	[wheezy] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385)
@@ -9893,19 +9893,19 @@ CVE-2016-7433 (NTP before 4.2.8p9 does not properly perform the initial sync ...
 	NOTE: itself in general is incorrect in all version of ntp-4 until ntp-4.2.8p9
 CVE-2016-7432
 	RESERVED
-CVE-2016-7431 (NTP before 4.2.8p9 allows remote attackers to bypass the origin ...)
+CVE-2016-7431
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code introduced later)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3102
 CVE-2016-7430
 	RESERVED
-CVE-2016-7429 (NTP before 4.2.8p9 changes the peer structure to the interface it ...)
+CVE-2016-7429
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue, only possible if rp_filter is 0)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3072
-CVE-2016-7428 (ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial ...)
+CVE-2016-7428
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code not present)
@@ -9914,7 +9914,7 @@ CVE-2016-7428 (ntpd in NTP before 4.2.8p9 allows remote attackers to cause a den
 	NOTE: The fixes for CVE-2015-7973 have added several new integrity checks on incoming
 	NOTE: broadcast mode packets and issue got introduced with code changes to fix that
 	NOTE: issue.
-CVE-2016-7427 (The broadcast mode replay prevention functionality in ntpd in NTP ...)
+CVE-2016-7427
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code not present)
@@ -9923,29 +9923,29 @@ CVE-2016-7427 (The broadcast mode replay prevention functionality in ntpd in NTP
 	NOTE: The fixes for CVE-2015-7973 have added several new integrity checks on incoming
 	NOTE: broadcast mode packets and issue got introduced with code changes to fix that
 	NOTE: issue.
-CVE-2016-7426 (NTP before 4.2.8p9 rate limits responses received from the configured ...)
+CVE-2016-7426
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3071
-CVE-2016-7425 (The arcmsr_iop_message_xfer function in ...)
+CVE-2016-7425
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.7.8-1
 	NOTE: http://marc.info/?l=linux-scsi&m=147394713328707&w=2
 	NOTE: Upstream commit: https://git.kernel.org/linus/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167
-CVE-2016-7424 (The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav ...)
+CVE-2016-7424
 	{DSA-3685-1 DLA-780-1}
 	- libav <removed>
 	- ffmpeg <not-affected> (Fixed before introduction into the archive)
 	NOTE: Fixed by: https://git.libav.org/?p=libav.git;a=commit;h=136f55207521f0b03194ef5b55ba70f1635d6aee
 	NOTE: https://blogs.gentoo.org/ago/2016/09/17/libav-null-pointer-dereference-in-put_no_rnd_pixels8_xy2_mmx-rnd_template-c/
-CVE-2016-7420 (Crypto++ (aka cryptopp) through 5.6.4 does not document the ...)
+CVE-2016-7420
 	- libcrypto++ <unfixed> (unimportant)
 	NOTE: https://github.com/weidai11/cryptopp/issues/277
 	NOTE: The scope of this CVE is the documentation bug, lacking treatment of
 	NOTE: -DNDEBUG and Static Initialization
 	NOTE: Documentation added in https://github.com/weidai11/cryptopp/commit/553049ba297d89d9e8fbf2204acb40a8a53f5cd6
-CVE-2016-7419 (Cross-site scripting (XSS) vulnerability in share.js in the gallery ...)
+CVE-2016-7419
 	- nextcloud <itp> (bug #835086)
 	- owncloud <not-affected> (Vulnerable code introduced later)
 	NOTE: up to version which was removed, not included, as the vulnerable code was
@@ -9955,7 +9955,7 @@ CVE-2016-7419 (Cross-site scripting (XSS) vulnerability in share.js in the galle
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-011
 	NOTE: https://github.com/owncloud/gallery/commit/6933d27afe518967bd1b60e6a7eacd88288929fc
 	NOTE: https://hackerone.com/reports/145355
-CVE-2016-7418 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP before ...)
+CVE-2016-7418
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
@@ -9964,21 +9964,21 @@ CVE-2016-7418 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP befo
 	NOTE: https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1
 	NOTE: The scope of this CVE also includes all of the "other four similar issues"
 	NOTE: in the "[2016-09-12 06:44 UTC]" comment.
-CVE-2016-7417 (ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 ...)
+CVE-2016-7417
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73029
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/ecb7f58a069be0dec4a6131b6351a761f808f22e?w=1
-CVE-2016-7416 (ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x ...)
+CVE-2016-7416
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73007
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1
-CVE-2016-7415 (Stack-based buffer overflow in the Locale class in common/locid.cpp in ...)
+CVE-2016-7415
 	{DSA-3725-1 DLA-744-1}
 	[experimental] - icu 58.1-1
 	- icu 57.1-5 (bug #838694)
@@ -9986,35 +9986,35 @@ CVE-2016-7415 (Stack-based buffer overflow in the Locale class in common/locid.c
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73007
 	NOTE: PHP fix: https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1
 	NOTE: Upstream bug: http://bugs.icu-project.org/trac/ticket/12745
-CVE-2016-7414 (The ZIP signature-verification feature in PHP before 5.6.26 and 7.x ...)
+CVE-2016-7414
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72928
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/0bfb970f43acd1e81d11be1154805f86655f15d5?w=1
-CVE-2016-7413 (Use-after-free vulnerability in the wddx_stack_destroy function in ...)
+CVE-2016-7413
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72860
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/b88393f08a558eec14964a55d3c680fe67407712?w=1
-CVE-2016-7412 (ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before ...)
+CVE-2016-7412
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72293
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1
-CVE-2016-7411 (ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles ...)
+CVE-2016-7411
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 <not-affected> (Only affects 5.x)
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73052
 	NOTE: Fixed in 5.6.26
 	NOTE: https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1
-CVE-2016-7410 (The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf ...)
+CVE-2016-7410
 	- dwarfutils 20160923-1 (bug #838019)
 	[jessie] - dwarfutils <not-affected> (Vulnerable code introduced in later version)
 	[wheezy] - dwarfutils <not-affected> (Vulnerable code introduced in later version)
@@ -10024,22 +10024,22 @@ CVE-2016-7410 (The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf .
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/e12f6c0b69c20f58dccc4505309cf7f974c34dc2
 	NOTE: with final fix/follow up: https://sourceforge.net/p/libdwarf/code/ci/3767305debcba8bd7e1c483ae48c509d25399252
 	NOTE: Introduced by (as confirmed by upstream): https://sourceforge.net/p/libdwarf/code/ci/b446e23dc21704ccd3b76d8945aaf39e4aca8c27
-CVE-2016-7409 (The dbclient and server in Dropbear SSH before 2016.74, when compiled ...)
+CVE-2016-7409
 	- dropbear 2016.74-1 (unimportant)
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04
 	NOTE: Not an issue for the the Debian binary package since we do not
 	NOTE: compile with DEBUG_TRACE.
-CVE-2016-7408 (The dbclient in Dropbear SSH before 2016.74 allows remote attackers to ...)
+CVE-2016-7408
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
 	[wheezy] - dropbear <not-affected> (Vulnerable code not present)
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6
-CVE-2016-7407 (The dropbearconvert command in Dropbear SSH before 2016.74 allows ...)
+CVE-2016-7407
 	{DLA-634-1}
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e
-CVE-2016-7406 (Format string vulnerability in Dropbear SSH before 2016.74 allows ...)
+CVE-2016-7406
 	{DLA-634-1}
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
@@ -10050,34 +10050,34 @@ CVE-2016-7404 [Magnum created instances have full API access to creating user's
 	NOTE: https://git.openstack.org/cgit/openstack/magnum/commit/?id=0bb0d6486d6771ee21bbf897a091b1aa59e01b22
 CVE-2016-7403
 	RESERVED
-CVE-2016-7402 (SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own ...)
+CVE-2016-7402
 	NOT-FOR-US: SAP ASE
-CVE-2016-7401 (The cookie parsing code in Django before 1.8.15 and 1.9.x before ...)
+CVE-2016-7401
 	{DSA-3678-1 DLA-649-1}
 	- python-django 1:1.10-1 (low)
 	NOTE: https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
-CVE-2016-7400 (Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 ...)
+CVE-2016-7400
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7399 (scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through ...)
+CVE-2016-7399
 	NOT-FOR-US: Veritas NetBackup Applianc
 CVE-2016-7398
 	RESERVED
-CVE-2016-7397 (The Frontend component in Sophos UTM with firmware 9.405-5 and earlier ...)
+CVE-2016-7397
 	NOT-FOR-US: Sophos UTM
 CVE-2016-7396
 	RESERVED
-CVE-2016-7395 (SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on ...)
+CVE-2016-7395
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.92-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-7394 (tiki wiki cms groupware &lt;=15.2 has a xss vulnerability, allow ...)
+CVE-2016-7394
 	- tikiwiki <removed>
 	NOTE: https://sourceforge.net/p/tikiwiki/code/59653/
-CVE-2016-7391 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7391
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7390 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7390
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7389 (For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU ...)
+CVE-2016-7389
 	- nvidia-graphics-drivers 367.57-1 (bug #846331)
 	[jessie] - nvidia-graphics-drivers 340.101-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -10085,19 +10085,19 @@ CVE-2016-7389 (For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA G
 	- nvidia-graphics-drivers-legacy-304xx 304.132-1 (bug #846333)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.134-0~deb8u1
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/4246
-CVE-2016-7388 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7388
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7387 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7387
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7386 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7386
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7385 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7385
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7384 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7384
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7383 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7383
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7382 (For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU ...)
+CVE-2016-7382
 	- nvidia-graphics-drivers 367.57-1 (bug #846331)
 	[jessie] - nvidia-graphics-drivers 340.101-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -10105,7 +10105,7 @@ CVE-2016-7382 (For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA G
 	- nvidia-graphics-drivers-legacy-304xx 304.132-1 (bug #846333)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.134-0~deb8u1
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/4246
-CVE-2016-7381 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU ...)
+CVE-2016-7381
 	NOT-FOR-US: Nvidia Windows driver
 CVE-2016-7380
 	RESERVED
@@ -10267,259 +10267,259 @@ CVE-2016-7302
 	REJECTED
 CVE-2016-7301
 	REJECTED
-CVE-2016-7300 (Untrusted search path vulnerability in Microsoft Auto Updater for Mac ...)
+CVE-2016-7300
 	NOT-FOR-US: Microsoft Auto Updater for Mac
 CVE-2016-7299
 	REJECTED
-CVE-2016-7298 (Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for ...)
+CVE-2016-7298
 	NOT-FOR-US: Microsoft
-CVE-2016-7297 (The scripting engines in Microsoft Edge allow remote attackers to ...)
+CVE-2016-7297
 	NOT-FOR-US: Microsoft
-CVE-2016-7296 (The scripting engines in Microsoft Edge allow remote attackers to ...)
+CVE-2016-7296
 	NOT-FOR-US: Microsoft
-CVE-2016-7295 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-7295
 	NOT-FOR-US: Microsoft
 CVE-2016-7294
 	REJECTED
 CVE-2016-7293
 	REJECTED
-CVE-2016-7292 (The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2016-7292
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7291 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ...)
+CVE-2016-7291
 	NOT-FOR-US: Microsoft
-CVE-2016-7290 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ...)
+CVE-2016-7290
 	NOT-FOR-US: Microsoft
-CVE-2016-7289 (Microsoft Publisher 2010 SP2 allows remote attackers to execute ...)
+CVE-2016-7289
 	NOT-FOR-US: Microsoft
-CVE-2016-7288 (The scripting engines in Microsoft Edge allow remote attackers to ...)
+CVE-2016-7288
 	NOT-FOR-US: Microsoft
-CVE-2016-7287 (The scripting engines in Microsoft Internet Explorer 11 and Microsoft ...)
+CVE-2016-7287
 	NOT-FOR-US: Microsoft
-CVE-2016-7286 (The scripting engines in Microsoft Edge allow remote attackers to ...)
+CVE-2016-7286
 	NOT-FOR-US: Microsoft
 CVE-2016-7285
 	REJECTED
-CVE-2016-7284 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2016-7284
 	NOT-FOR-US: Microsoft
-CVE-2016-7283 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-7283
 	NOT-FOR-US: Microsoft
-CVE-2016-7282 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+CVE-2016-7282
 	NOT-FOR-US: Microsoft
-CVE-2016-7281 (The Web Workers implementation in Microsoft Internet Explorer 10 and ...)
+CVE-2016-7281
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-7280 (Cross-site scripting (XSS) vulnerability in Microsoft Edge allows ...)
+CVE-2016-7280
 	NOT-FOR-US: Microsoft
-CVE-2016-7279 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-7279
 	NOT-FOR-US: Microsoft
-CVE-2016-7278 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-7278
 	NOT-FOR-US: Microsoft
-CVE-2016-7277 (Microsoft Office 2016 allows remote attackers to execute arbitrary ...)
+CVE-2016-7277
 	NOT-FOR-US: Microsoft
-CVE-2016-7276 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+CVE-2016-7276
 	NOT-FOR-US: Microsoft
-CVE-2016-7275 (Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles ...)
+CVE-2016-7275
 	NOT-FOR-US: Microsoft
-CVE-2016-7274 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-7274
 	NOT-FOR-US: Microsoft
-CVE-2016-7273 (The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 ...)
+CVE-2016-7273
 	NOT-FOR-US: Microsoft
-CVE-2016-7272 (The Graphics component in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-7272
 	NOT-FOR-US: Microsoft
-CVE-2016-7271 (The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, ...)
+CVE-2016-7271
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7270 (The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 ...)
+CVE-2016-7270
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2016-7269
 	REJECTED
-CVE-2016-7268 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ...)
+CVE-2016-7268
 	NOT-FOR-US: Microsoft
-CVE-2016-7267 (Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses ...)
+CVE-2016-7267
 	NOT-FOR-US: Microsoft
-CVE-2016-7266 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-7266
 	NOT-FOR-US: Microsoft
-CVE-2016-7265 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-7265
 	NOT-FOR-US: Microsoft
-CVE-2016-7264 (Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, ...)
+CVE-2016-7264
 	NOT-FOR-US: Microsoft
-CVE-2016-7263 (Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote ...)
+CVE-2016-7263
 	NOT-FOR-US: Microsoft
-CVE-2016-7262 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-7262
 	NOT-FOR-US: Microsoft
 CVE-2016-7261
 	REJECTED
-CVE-2016-7260 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-7260
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7259 (The Graphics Component in the kernel-mode drivers in Microsoft Windows ...)
+CVE-2016-7259
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7258 (The kernel in Microsoft Windows 10 Gold, 1511, and 1607 and Windows ...)
+CVE-2016-7258
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7257 (The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2016-7257
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7256 (atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, ...)
+CVE-2016-7256
 	NOT-FOR-US: Microsoft
-CVE-2016-7255 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-7255
 	NOT-FOR-US: Microsoft
-CVE-2016-7254 (Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a ...)
+CVE-2016-7254
 	NOT-FOR-US: Microsoft
-CVE-2016-7253 (The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 ...)
+CVE-2016-7253
 	NOT-FOR-US: Microsoft
-CVE-2016-7252 (Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows ...)
+CVE-2016-7252
 	NOT-FOR-US: Microsoft
-CVE-2016-7251 (Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft ...)
+CVE-2016-7251
 	NOT-FOR-US: Microsoft
-CVE-2016-7250 (Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly ...)
+CVE-2016-7250
 	NOT-FOR-US: Microsoft
-CVE-2016-7249 (Microsoft SQL Server 2016 does not properly perform a cast of an ...)
+CVE-2016-7249
 	NOT-FOR-US: Microsoft
-CVE-2016-7248 (Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, ...)
+CVE-2016-7248
 	NOT-FOR-US: Microsoft
-CVE-2016-7247 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT ...)
+CVE-2016-7247
 	NOT-FOR-US: Microsoft
-CVE-2016-7246 (The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, ...)
+CVE-2016-7246
 	NOT-FOR-US: Microsoft
-CVE-2016-7245 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+CVE-2016-7245
 	NOT-FOR-US: Microsoft
-CVE-2016-7244 (Microsoft Office 2007 SP3 allows remote attackers to cause a denial of ...)
+CVE-2016-7244
 	NOT-FOR-US: Microsoft
-CVE-2016-7243 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+CVE-2016-7243
 	NOT-FOR-US: Microsoft
-CVE-2016-7242 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+CVE-2016-7242
 	NOT-FOR-US: Microsoft
-CVE-2016-7241 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-7241
 	NOT-FOR-US: Microsoft
-CVE-2016-7240 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+CVE-2016-7240
 	NOT-FOR-US: Microsoft
-CVE-2016-7239 (The RegEx class in the XSS filter in Microsoft Internet Explorer 9 ...)
+CVE-2016-7239
 	NOT-FOR-US: Microsoft
-CVE-2016-7238 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-7238
 	NOT-FOR-US: Microsoft
-CVE-2016-7237 (Local Security Authority Subsystem Service (LSASS) in Microsoft ...)
+CVE-2016-7237
 	NOT-FOR-US: Microsoft
-CVE-2016-7236 (Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and ...)
+CVE-2016-7236
 	NOT-FOR-US: Microsoft
-CVE-2016-7235 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+CVE-2016-7235
 	NOT-FOR-US: Microsoft
-CVE-2016-7234 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, ...)
+CVE-2016-7234
 	NOT-FOR-US: Microsoft
-CVE-2016-7233 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+CVE-2016-7233
 	NOT-FOR-US: Microsoft
-CVE-2016-7232 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+CVE-2016-7232
 	NOT-FOR-US: Microsoft
-CVE-2016-7231 (Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility ...)
+CVE-2016-7231
 	NOT-FOR-US: Microsoft
-CVE-2016-7230 (Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps ...)
+CVE-2016-7230
 	NOT-FOR-US: Microsoft
-CVE-2016-7229 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-7229
 	NOT-FOR-US: Microsoft
-CVE-2016-7228 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-7228
 	NOT-FOR-US: Microsoft
-CVE-2016-7227 (The scripting engines in Microsoft Internet Explorer 9 through 11 and ...)
+CVE-2016-7227
 	NOT-FOR-US: Microsoft
-CVE-2016-7226 (Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and ...)
+CVE-2016-7226
 	NOT-FOR-US: Microsoft
-CVE-2016-7225 (Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and ...)
+CVE-2016-7225
 	NOT-FOR-US: Microsoft
-CVE-2016-7224 (Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
+CVE-2016-7224
 	NOT-FOR-US: Microsoft
-CVE-2016-7223 (Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
+CVE-2016-7223
 	NOT-FOR-US: Microsoft
-CVE-2016-7222 (Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and ...)
+CVE-2016-7222
 	NOT-FOR-US: Microsoft
-CVE-2016-7221 (Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-7221
 	NOT-FOR-US: Microsoft
-CVE-2016-7220 (Virtual Secure Mode in Microsoft Windows 10 allows local users to ...)
+CVE-2016-7220
 	NOT-FOR-US: Microsoft
-CVE-2016-7219 (The Crypto driver in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2016-7219
 	NOT-FOR-US: Microsoft
-CVE-2016-7218 (Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
+CVE-2016-7218
 	NOT-FOR-US: Microsoft
-CVE-2016-7217 (Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold ...)
+CVE-2016-7217
 	NOT-FOR-US: Microsoft
-CVE-2016-7216 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2016-7216
 	NOT-FOR-US: Microsoft
-CVE-2016-7215 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-7215
 	NOT-FOR-US: Microsoft
-CVE-2016-7214 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-7214
 	NOT-FOR-US: Microsoft
-CVE-2016-7213 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-7213
 	NOT-FOR-US: Microsoft
-CVE-2016-7212 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-7212
 	NOT-FOR-US: Microsoft
-CVE-2016-7211 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-7211
 	NOT-FOR-US: Microsoft
-CVE-2016-7210 (atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-7210
 	NOT-FOR-US: Microsoft
-CVE-2016-7209 (Microsoft Edge allows remote attackers to spoof web content via a ...)
+CVE-2016-7209
 	NOT-FOR-US: Mircosoft
-CVE-2016-7208 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+CVE-2016-7208
 	NOT-FOR-US: Microsoft
 CVE-2016-7207
 	REJECTED
-CVE-2016-7206 (Cross-site scripting (XSS) vulnerability in Microsoft Edge allows ...)
+CVE-2016-7206
 	NOT-FOR-US: Microsoft
-CVE-2016-7205 (Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 ...)
+CVE-2016-7205
 	NOT-FOR-US: Microsoft
-CVE-2016-7204 (Microsoft Edge allows remote attackers to access arbitrary &quot;My ...)
+CVE-2016-7204
 	NOT-FOR-US: Microsoft
-CVE-2016-7203 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+CVE-2016-7203
 	NOT-FOR-US: Microsoft
-CVE-2016-7202 (The scripting engines in Microsoft Internet Explorer 9 through 11 and ...)
+CVE-2016-7202
 	NOT-FOR-US: Microsoft
-CVE-2016-7201 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+CVE-2016-7201
 	NOT-FOR-US: Microsoft
-CVE-2016-7200 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+CVE-2016-7200
 	NOT-FOR-US: Microsoft
-CVE-2016-7199 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-7199
 	NOT-FOR-US: Microsoft
-CVE-2016-7198 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-7198
 	NOT-FOR-US: Microsoft
 CVE-2016-7197
 	REJECTED
-CVE-2016-7196 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+CVE-2016-7196
 	NOT-FOR-US: Microsoft
-CVE-2016-7195 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-7195
 	NOT-FOR-US: Microsoft
-CVE-2016-7194 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-7194
 	NOT-FOR-US: Microsoft
-CVE-2016-7193 (Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT ...)
+CVE-2016-7193
 	NOT-FOR-US: Microsoft
 CVE-2016-7192
 	REJECTED
-CVE-2016-7191 (The Microsoft Azure Active Directory Passport (aka Passport-Azure-AD) ...)
+CVE-2016-7191
 	NOT-FOR-US: Microsoft Azure Active Directory Passport
-CVE-2016-7190 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-7190
 	NOT-FOR-US: Microsoft
-CVE-2016-7189 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-7189
 	NOT-FOR-US: Microsoft
-CVE-2016-7188 (The Standard Collector Service in Windows Diagnostics Hub in Microsoft ...)
+CVE-2016-7188
 	NOT-FOR-US: Microsoft
 CVE-2016-7187
 	REJECTED
 CVE-2016-7186
 	REJECTED
-CVE-2016-7185 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-7185
 	NOT-FOR-US: Microsoft
-CVE-2016-7184 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-7184
 	NOT-FOR-US: Microsoft
 CVE-2016-7183
 	REJECTED
-CVE-2016-7182 (The Graphics component in Microsoft Windows Vista SP2; Windows Server ...)
+CVE-2016-7182
 	NOT-FOR-US: Microsoft
-CVE-2016-7181 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-7181
 	NOT-FOR-US: Microsoft
-CVE-2016-7393 (Stack-based buffer overflow in the aac_sync function in aac_parser.c ...)
+CVE-2016-7393
 	{DLA-644-1}
 	- ffmpeg 7:2.4-1
 	- libav <removed>
 	[jessie] - libav 6:11.6-1~deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/20/libav-stack-based-buffer-overflow-in-aac_sync-aac_parser-c/
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=fb1473080223a634b8ac2cca48a632d037a0a69d
-CVE-2016-7392 (Heap-based buffer overflow in the pstoedit_suffix_table_init function ...)
+CVE-2016-7392
 	{DLA-621-1}
 	- autotrace 0.31.1-17 (bug #837599)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/10/autotrace-heap-based-buffer-overflow-in-pstoedit_suffix_table_init-output-pstoedit-c/
 	NOTE: Also reproducible with valgrind
-CVE-2016-7180 (epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in ...)
+CVE-2016-7180
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5213496250aceff086404c568e3718ebc0060934
@@ -10527,7 +10527,7 @@ CVE-2016-7180 (epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector i
 	NOTE: https://code.wireshark.org/review/17289
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7179 (Stack-based buffer overflow in ...)
+CVE-2016-7179
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b97fbddc23c065727b0147aab52a27c4aadffe7
@@ -10535,7 +10535,7 @@ CVE-2016-7179 (Stack-based buffer overflow in ...)
 	NOTE: https://code.wireshark.org/review/17095
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7178 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
+CVE-2016-7178
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=315bba7c645b75af24215c6303d187b188610bba
@@ -10543,7 +10543,7 @@ CVE-2016-7178 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wire
 	NOTE: https://code.wireshark.org/review/17094
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7177 (epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 ...)
+CVE-2016-7177
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638
@@ -10551,7 +10551,7 @@ CVE-2016-7177 (epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000
 	NOTE: https://code.wireshark.org/review/17096
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7176 (epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x ...)
+CVE-2016-7176
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6d8261994bb928b7e80e3a2478a3d939ea1ef373
@@ -10559,7 +10559,7 @@ CVE-2016-7176 (epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark
 	NOTE: https://code.wireshark.org/review/16852
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7175 (epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark ...)
+CVE-2016-7175
 	- wireshark 2.2.0~rc1+g438c022-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -10568,25 +10568,25 @@ CVE-2016-7175 (epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wire
 	NOTE: https://code.wireshark.org/review/16965
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-1000222 (Logstash prior to version 2.1.2, the CSV output can be attacked via ...)
+CVE-2016-1000222
 	- logstash <itp> (bug #664841)
-CVE-2016-1000221 (Logstash prior to version 2.3.4, Elasticsearch Output plugin would log ...)
+CVE-2016-1000221
 	- logstash <itp> (bug #664841)
-CVE-2016-1000220 (Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that ...)
+CVE-2016-1000220
 	- kibana <itp> (bug #700337)
-CVE-2016-1000219 (Kibana before 4.5.4 and 4.1.11 when a custom output is configured for ...)
+CVE-2016-1000219
 	- kibana <itp> (bug #700337)
-CVE-2016-1000217 (Zotpress plugin for WordPress SQLi in zp_get_account() ...)
+CVE-2016-1000217
 	NOT-FOR-US: WordPress plugin zotpress
-CVE-2016-1000216 (Ruckus Wireless H500 web management interface authenticated command ...)
+CVE-2016-1000216
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-1000215 (Ruckus Wireless H500 web management interface denial of service ...)
+CVE-2016-1000215
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-1000214 (Ruckus Wireless H500 web management interface authentication bypass ...)
+CVE-2016-1000214
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-1000213 (Ruckus Wireless H500 web management interface CSRF ...)
+CVE-2016-1000213
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-7551 (chain_sip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 ...)
+CVE-2016-7551
 	{DSA-3700-1 DLA-781-1}
 	- asterisk 1:13.11.2~dfsg-1 (bug #838832)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-007.html
@@ -10600,38 +10600,38 @@ CVE-2016-7174
 	RESERVED
 CVE-2016-7173
 	RESERVED
-CVE-2016-7172 (NetApp Snap Creator Framework before 4.3.1 discloses sensitive ...)
+CVE-2016-7172
 	NOT-FOR-US: NetApp
-CVE-2016-7171 (NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use ...)
+CVE-2016-7171
 	NOT-FOR-US: NetApp
-CVE-2016-7170 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka ...)
+CVE-2016-7170
 	{DLA-1599-1 DLA-653-1 DLA-652-1}
 	- qemu 1:2.8+dfsg-1 (bug #837316)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=167d97a3def77ee2dbf6e908b0ecbfe2103977db
-CVE-2016-7169 (Directory traversal vulnerability in the File_Upload_Upgrader class in ...)
+CVE-2016-7169
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.6.1+dfsg-1
 	NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
 	NOTE: Fixed in 4.6.1 release upstream
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/38524
-CVE-2016-7168 (Cross-site scripting (XSS) vulnerability in the media_handle_upload ...)
+CVE-2016-7168
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.6.1+dfsg-1
 	NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
 	NOTE: Fixed in 4.6.1 release upstream
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/38538
-CVE-2016-7167 (Multiple integer overflows in the (1) curl_escape, (2) ...)
+CVE-2016-7167
 	{DLA-1568-1 DLA-625-1}
 	- curl 7.51.0-1 (bug #837945)
 	NOTE: Upstream advisory: https://curl.haxx.se/docs/adv_20160914.html
 	NOTE: Upstream patch: https://curl.haxx.se/CVE-2016-7167.patch
 	NOTE: Affected versions: libcurl 7.11.1 to and including 7.50.2
 	NOTE: Not affected versions: libcurl < 7.11.1 and libcurl >= 7.50.3
-CVE-2016-7165 (A vulnerability has been identified in Primary Setup Tool (PST) (All ...)
+CVE-2016-7165
 	NOT-FOR-US: Microsoft
-CVE-2016-7162 (The _g_file_remove_directory function in file-utils.c in File Roller ...)
+CVE-2016-7162
 	- file-roller 3.20.3-1
 	[jessie] - file-roller <no-dsa> (Minor issue)
 	[wheezy] - file-roller <not-affected> (Vulnerable code introduced in 3.5.4)
@@ -10639,19 +10639,19 @@ CVE-2016-7162 (The _g_file_remove_directory function in file-utils.c in File Rol
 	NOTE: Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=698554
 	NOTE: Introduced by: https://git.gnome.org/browse/file-roller/commit/?id=34b64f3a897c4b4e8e180c028f326bc921eb08ec (3.5.4)
 	NOTE: Fixed by: https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5 (3.20.3)
-CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of ...)
+CVE-2016-7161
 	{DLA-1599-1 DLA-653-1 DLA-652-1}
 	- qemu 1:2.7+dfsg-1 (bug #838850)
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968 (2.7.0-rc3)
 	NOTE: http://patchwork.ozlabs.org/patch/657076/
-CVE-2016-7160 (A vulnerability on Samsung Mobile M(6.0) devices exists because ...)
+CVE-2016-7160
 	NOT-FOR-US: Samsumg
 CVE-2016-7159
 	RESERVED
 CVE-2016-7158
 	RESERVED
-CVE-2016-7405 (The qstr method in the PDO driver in the ADOdb Library for PHP before ...)
+CVE-2016-7405
 	{DLA-620-1}
 	- libphp-adodb 5.20.6-1 (bug #837211)
 	[jessie] - libphp-adodb 5.15-1+deb8u1
@@ -10660,21 +10660,21 @@ CVE-2016-7405 (The qstr method in the PDO driver in the ADOdb Library for PHP be
 	NOTE: Issue only with the PDO driver and only if queries built by inlining
 	NOTE: the quoted string (not recommended).
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/07/8
-CVE-2016-7154 (Use-after-free vulnerability in the FIFO event channel code in Xen ...)
+CVE-2016-7154
 	{DSA-3663-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <not-affected> (Versions 4.3 and earlier are not vulnerable)
 	NOTE: http://xenbits.xen.org/xsa/advisory-188.html
 	NOTE: Only affects Xen 4.4, as workaround it is marked as fixed in the first xen version entering unstable
 	NOTE: after the 4.4 series.
-CVE-2016-7166 (libarchive before 3.2.0 does not limit the number of recursive ...)
+CVE-2016-7166
 	{DSA-3677-1 DLA-617-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/660
 	NOTE: (with reproducer) https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0
 	NOTE: Fix improved by: https://github.com/libarchive/libarchive/commit/37649d274867edd2dd25d8a3057c3b6cd81ce83e
-CVE-2016-7164 (The construct function in puff.cpp in Libtorrent 1.1.0 allows remote ...)
+CVE-2016-7164
 	- libtorrent-rasterbar 1.1.1-1 (bug #837338)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
 	[wheezy] - libtorrent-rasterbar <not-affected> (Vulnerable code not present, reproducer does not crash)
@@ -10682,40 +10682,40 @@ CVE-2016-7164 (The construct function in puff.cpp in Libtorrent 1.1.0 allows rem
 	NOTE: https://github.com/arvidn/libtorrent/pull/1022
 	NOTE: https://github.com/arvidn/libtorrent/commit/debf3c6e3688aab8394fe5c47737625faffe6f9e
 	NOTE: Fixed upstream in 1.1.1.
-CVE-2016-7163 (Integer overflow in the opj_pi_create_decode function in pi.c in ...)
+CVE-2016-7163
 	{DSA-3665-1}
 	- openjpeg2 2.1.2-1 (bug #837604)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4
 	NOTE: https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24
-CVE-2016-7153 (The HTTP/2 protocol does not consider the role of the TCP congestion ...)
+CVE-2016-7153
 	NOTE: CVE assigned for the HTTP/2 protocol issue
-CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP congestion ...)
+CVE-2016-7152
 	NOTE: CVE assigned for the HTTP/2 protocol issue
 CVE-2016-7151
 	RESERVED
-CVE-2016-7150 (Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and ...)
+CVE-2016-7150
 	NOT-FOR-US: b2evolution
-CVE-2016-7149 (Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and ...)
+CVE-2016-7149
 	NOT-FOR-US: b2evolution
-CVE-2016-7148 (MoinMoin 1.9.8 allows remote attackers to conduct &quot;JavaScript ...)
+CVE-2016-7148
 	{DSA-3715-1}
 	- moin 1.9.9-1 (bug #844341)
 	[wheezy] - moin <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: http://hg.moinmo.in/moin/1.9/rev/eceb70c41ecc
 	NOTE: https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
-CVE-2016-7147 (Cross-site scripting (XSS) vulnerability in the manage_findResult ...)
+CVE-2016-7147
 	NOT-FOR-US: Plone
-CVE-2016-7146 (MoinMoin 1.9.8 allows remote attackers to conduct &quot;JavaScript ...)
+CVE-2016-7146
 	{DSA-3715-1 DLA-717-1}
 	- moin 1.9.9-1 (bug #844340)
 	NOTE: Fixed by: http://hg.moinmo.in/moin/1.9/rev/1563d6db198c
 	NOTE: https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
-CVE-2016-7122 (The avi_read_nikon function in libavformat/avidec.c in FFmpeg before ...)
+CVE-2016-7122
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ed38046c5c2e3b310980be32287179895c83e0d8 (n3.1.4)
 CVE-2016-7121
 	RESERVED
-CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest ...)
+CVE-2016-7155
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #837174)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5)
@@ -10725,7 +10725,7 @@ CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local gu
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373462
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2
 	NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5
-CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU ...)
+CVE-2016-7156
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #837339)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5)
@@ -10735,7 +10735,7 @@ CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEM
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373478
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/3
 	NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5
-CVE-2016-7157 (The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 ...)
+CVE-2016-7157
 	- qemu 1:2.6+dfsg-3.1 (bug #837603)
 	[jessie] - qemu <not-affected> (Vulnerable code not present, introduced after v2.6)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v2.6)
@@ -10745,37 +10745,37 @@ CVE-2016-7157 (The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0
 	NOTE: Upstream patches: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04296.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/4
 	NOTE: Vulnerable code introduced after version 2.6: http://wiki.qemu.org/ChangeLog/2.6
-CVE-2016-7140 (Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in ...)
+CVE-2016-7140
 	NOT-FOR-US: Plone
-CVE-2016-7139 (Cross-site scripting (XSS) vulnerability in an unspecified page ...)
+CVE-2016-7139
 	NOT-FOR-US: Plone
-CVE-2016-7138 (Cross-site scripting (XSS) vulnerability in the URL checking ...)
+CVE-2016-7138
 	NOT-FOR-US: Plone
-CVE-2016-7137 (Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, ...)
+CVE-2016-7137
 	NOT-FOR-US: Plone
-CVE-2016-7136 (z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows ...)
+CVE-2016-7136
 	NOT-FOR-US: Plone
-CVE-2016-7135 (Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and ...)
+CVE-2016-7135
 	NOT-FOR-US: Plone
-CVE-2016-7141 (curl and libcurl before 7.50.2, when built with NSS and the ...)
+CVE-2016-7141
 	{DLA-1568-1 DLA-616-1}
 	- curl 7.51.0-1 (bug #836918)
 	NOTE: Only affects libcurl3-nss
 	NOTE: http://seclists.org/oss-sec/2016/q3/419
 	NOTE: https://curl.haxx.se/docs/adv_20160907.html
-CVE-2016-7145 (The m_authenticate function in ircd/m_authenticate.c in nefarious2 ...)
+CVE-2016-7145
 	NOT-FOR-US: Nefarious 2
-CVE-2016-7144 (The m_authenticate function in modules/m_sasl.c in UnrealIRCd before ...)
+CVE-2016-7144
 	- unrealircd <itp> (bug #515130)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
 	NOTE: unrealircd reportedly vulnerable, and ircd-seven reportedly not vulnerable
-CVE-2016-7143 (The m_authenticate function in modules/m_sasl.c in Charybdis before ...)
+CVE-2016-7143
 	{DSA-3661-1}
 	- charybdis 3.5.3-1 (bug #836714)
 	[wheezy] - charybdis <no-dsa> (unsupported)
 	NOTE: charybdis patch: https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
-CVE-2016-7142 (The m_sasl module in InspIRCd before 2.0.23, when used with a service ...)
+CVE-2016-7142
 	{DSA-3662-1}
 	- inspircd 2.0.23-1 (bug #836706)
 	[wheezy] - inspircd <end-of-life> (not supported in Wheezy)
@@ -10783,21 +10783,21 @@ CVE-2016-7142 (The m_sasl module in InspIRCd before 2.0.23, when used with a ser
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
 CVE-2016-7120
 	RESERVED
-CVE-2016-7134 (ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a ...)
+CVE-2016-7134
 	- php7.0 7.0.10-1
 	- php5 <not-affected> (Only affects PHP 7)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72674
 	NOTE: Fixed in 7.0.10
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/72dbb7f416160f490c4e9987040989a10ad431c7?w=1
-CVE-2016-7133 (Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is ...)
+CVE-2016-7133
 	- php7.0 7.0.10-1
 	- php5 <not-affected> (Only affects PHP 7)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72742
 	NOTE: Fixed in 7.0.10
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/c2a13ced4272f2e65d2773e2ea6ca11c1ce4a911?w=1
-CVE-2016-7132 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows ...)
+CVE-2016-7132
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10807,7 +10807,7 @@ CVE-2016-7132 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows
 	NOTE: https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1
 	NOTE: 72790 and 72799 are associated with the same commit. Not all of the
 	NOTE: commit is about the pop issue in 72799.
-CVE-2016-7131 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows ...)
+CVE-2016-7131
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10818,7 +10818,7 @@ CVE-2016-7131 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows
 	NOTE: Cf. as well https://bugs.php.net/bug.php?id=72799
 	NOTE: 72790 and 72799 are associated with the same commit. Not all of the
 	NOTE: commit is about the pop issue in 72799.
-CVE-2016-7130 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before ...)
+CVE-2016-7130
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10826,7 +10826,7 @@ CVE-2016-7130 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP befor
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1
-CVE-2016-7129 (The php_wddx_process_data function in ext/wddx/wddx.c in PHP before ...)
+CVE-2016-7129
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10834,7 +10834,7 @@ CVE-2016-7129 (The php_wddx_process_data function in ext/wddx/wddx.c in PHP befo
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/426aeb2808955ee3d3f52e0cfb102834cdb836a5?w=1
-CVE-2016-7128 (The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before ...)
+CVE-2016-7128
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10842,7 +10842,7 @@ CVE-2016-7128 (The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP b
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/6dbb1ee46b5f4725cc6519abf91e512a2a10dfed?w=1
-CVE-2016-7127 (The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and ...)
+CVE-2016-7127
 	{DSA-3689-1}
 	- libgd2 <not-affected> (gamma correction is only implemented in PHP)
 	- php7.0 7.0.10-1 (unimportant)
@@ -10851,7 +10851,7 @@ CVE-2016-7127 (The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.2
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae?w=1
-CVE-2016-7126 (The imagetruecolortopalette function in ext/gd/gd.c in PHP before ...)
+CVE-2016-7126
 	{DSA-3689-1}
 	- libgd2 <not-affected> (libgd upstream not affected, overflow2 function check prevents the issue)
 	- php7.0 7.0.10-1 (unimportant)
@@ -10860,7 +10860,7 @@ CVE-2016-7126 (The imagetruecolortopalette function in ext/gd/gd.c in PHP before
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1
-CVE-2016-7125 (ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips ...)
+CVE-2016-7125
 	{DSA-3689-1 DLA-628-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10870,7 +10870,7 @@ CVE-2016-7125 (ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10
 	NOTE: https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1
 	NOTE: Scope of CVE also includes the "The similar issue also exist in session php_binary
 	NOTE: handler" part of 72681.
-CVE-2016-7124 (ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before ...)
+CVE-2016-7124
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10878,73 +10878,73 @@ CVE-2016-7124 (ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x befo
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/20ce2fe8e3c211a42fee05a461a5881be9a8790e?w=1
-CVE-2016-7123 (Cross-site request forgery (CSRF) vulnerability in the admin web ...)
+CVE-2016-7123
 	- mailman 2.1.15-1
 	NOTE: https://bugs.launchpad.net/mailman/+bug/1614841/comments/8
 	NOTE: https://bugs.launchpad.net/mailman/+bug/775294
-CVE-2016-7119 (Cross-site scripting (XSS) vulnerability in the user-profile biography ...)
+CVE-2016-7119
 	NOT-FOR-US: DotNetNuke
-CVE-2016-7117 (Use-after-free vulnerability in the __sys_recvmmsg function in ...)
+CVE-2016-7117
 	- linux 4.5.2-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: Fixed by: https://git.kernel.org/linus/34b88a68f26a75e4fded796f1a49c40f82234b7d (4.6-rc1)
-CVE-2016-7115 (Buffer overflow in the handle_packet function in mactelnet.c in the ...)
+CVE-2016-7115
 	{DLA-639-1}
 	- mactelnet 0.4.4-4 (bug #836320)
 	[jessie] - mactelnet 0.4.0-1+deb8u1
 	NOTE: https://github.com/haakonnessjoen/MAC-Telnet/commit/b69d11727d4f0f8cf719c79e3fb700f55ca03e9a
-CVE-2016-7114 (A vulnerability has been identified in Firmware variant PROFINET IO ...)
+CVE-2016-7114
 	NOT-FOR-US: Siemens
-CVE-2016-7113 (A vulnerability has been identified in Firmware variant PROFINET IO ...)
+CVE-2016-7113
 	NOT-FOR-US: Siemens
-CVE-2016-7112 (A vulnerability has been identified in Firmware variant PROFINET IO ...)
+CVE-2016-7112
 	NOT-FOR-US: Siemens
-CVE-2016-10057 (Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ...)
+CVE-2016-10057
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10056 (Buffer overflow in the sixel_decode function in coders/sixel.c in ...)
+CVE-2016-10056
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10055 (Buffer overflow in the WritePDBImage function in coders/pdb.c in ...)
+CVE-2016-10055
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10054 (Buffer overflow in the WriteMAPImage function in coders/map.c in ...)
+CVE-2016-10054
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10053 (The WriteTIFFImage function in coders/tiff.c in ImageMagick before ...)
+CVE-2016-10053
 	{DSA-3675-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836171)
 	[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced in a version after 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-7118 (fs/fcntl.c in the &quot;aufs 3.2.x+setfl-debian&quot; patch in the linux-image ...)
+CVE-2016-7118
 	{DLA-609-1}
 	- linux <not-affected>
 	NOTE: Bit of complicated tracking information. For jessie the affected version is not in any yet
 	NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/31/1
-CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick ...)
+CVE-2016-7116
 	{DLA-1599-1 DLA-619-1 DLA-618-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #836502)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261
 	NOTE: May as well need: http://git.qemu.org/?p=qemu.git;a=commit;h=fff39a7ad09da07ef490de05c92c91f22f8002f2
-CVE-2016-7110 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows ...)
+CVE-2016-7110
 	NOT-FOR-US: Huawei UMA
-CVE-2016-7109 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows ...)
+CVE-2016-7109
 	NOT-FOR-US: Huawei UMA
-CVE-2016-7108 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 ...)
+CVE-2016-7108
 	NOT-FOR-US: Huawei UMA
-CVE-2016-7107 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 ...)
+CVE-2016-7107
 	NOT-FOR-US: Huawei UMA
 CVE-2016-7106
 	RESERVED
@@ -10952,28 +10952,28 @@ CVE-2016-7105
 	RESERVED
 CVE-2016-7104
 	RESERVED
-CVE-2016-7102 (ownCloud Desktop before 2.2.3 allows local users to execute arbitrary ...)
+CVE-2016-7102
 	NOT-FOR-US: ownCloud Desktop
-CVE-2016-7101 (The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers ...)
+CVE-2016-7101
 	{DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836776)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u5
 CVE-2016-7100
 	RESERVED
-CVE-2016-7099 (The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, ...)
+CVE-2016-7099
 	- nodejs 4.6.0~dfsg-1 (bug #839714; unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/
 	NOTE: 0.10.x: https://github.com/nodejs/node/commit/0d7e21ee7bcc79046f898f8c202d2ec87d23d711
 	NOTE: 4.x: https://github.com/nodejs/node/commit/3ff82deb2c3bd580d64be75dbafe460393c952fb
 CVE-2016-7096
 	RESERVED
-CVE-2016-7095 (Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a ...)
+CVE-2016-7095
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7111 (MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content ...)
+CVE-2016-7111
 	- mantis <not-affected> (Vulnerable code introduced in 1.3.0-rc.2)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/b3511d2feb47eaee41feb5f69cf3c8a2c9acd229
 	NOTE: https://mantisbt.org/bugs/view.php?id=21263
-CVE-2016-7103 (Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 ...)
+CVE-2016-7103
 	- jqueryui 1.12.1+dfsg-1
 	[jessie] - jqueryui <no-dsa> (Minor issue)
 	[wheezy] - jqueryui <no-dsa> (Minor issue)
@@ -10981,26 +10981,26 @@ CVE-2016-7103 (Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12
 	NOTE: https://github.com/jquery/jquery-ui/pull/1622
 	NOTE: https://github.com/jquery/jquery-ui/pull/1632
 	NOTE: https://github.com/jquery/api.jqueryui.com/issues/281
-CVE-2016-7094 (Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS ...)
+CVE-2016-7094
 	{DSA-3663-1 DLA-614-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-187.html
-CVE-2016-7093 (Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to ...)
+CVE-2016-7093
 	- xen <not-affected> (Affects only 4.7.0 and later; 4.6.3 and 4.5.3)
 	NOTE: http://xenbits.xen.org/xsa/advisory-186.html
-CVE-2016-7092 (The get_page_from_l3e function in arch/x86/mm.c in Xen allows local ...)
+CVE-2016-7092
 	{DSA-3663-1 DLA-614-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-185.html
-CVE-2016-7090 (The integrated web server on Siemens SCALANCE M-800 and S615 modules ...)
+CVE-2016-7090
 	NOT-FOR-US: Siemens
-CVE-2016-7098 (Race condition in wget 1.17 and earlier, when used in recursive or ...)
+CVE-2016-7098
 	- wget 1.18-4 (low; bug #836503)
 	[jessie] - wget <no-dsa> (Minor issue)
 	[wheezy] - wget <no-dsa> (Minor issue)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
-CVE-2016-7097 (The filesystem implementation in the Linux kernel through 4.8.2 ...)
+CVE-2016-7097
 	{DLA-772-1}
 	- linux 4.7.8-1
 	[jessie] - linux 3.16.39-1
@@ -11008,7 +11008,7 @@ CVE-2016-7097 (The filesystem implementation in the Linux kernel through 4.8.2 .
 	NOTE: http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1368938
 	NOTE: Fixed by: https://git.kernel.org/linus/073931017b49d9458aa351605b43a7e34598caef
-CVE-2016-7091 (sudo: It was discovered that the default sudo configuration on Red Hat ...)
+CVE-2016-7091
 	- sudo <not-affected> (Debian not including INPUTRC in /etc/sudoers)
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1339935
 	NOTE: The scope of this CVE is the entire 'INPUTRC should
@@ -11016,35 +11016,35 @@ CVE-2016-7091 (sudo: It was discovered that the default sudo configuration on Re
 	NOTE: problem, which has both the information disclosure and segmentation
 	NOTE: fault outcomes.
 	NOTE: Debian does not include INPUTRC by default in /etc/sudoers
-CVE-2016-7089 (WatchGuard RapidStream appliances allow local users to gain privileges ...)
+CVE-2016-7089
 	NOT-FOR-US: WatchGuard
 CVE-2016-7088
 	RESERVED
-CVE-2016-7087 (Directory traversal vulnerability in the Connection Server in VMware ...)
+CVE-2016-7087
 	NOT-FOR-US: VMware
-CVE-2016-7086 (The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware ...)
+CVE-2016-7086
 	NOT-FOR-US: VMware
-CVE-2016-7085 (Untrusted search path vulnerability in the installer in VMware ...)
+CVE-2016-7085
 	NOT-FOR-US: VMware
-CVE-2016-7084 (tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware ...)
+CVE-2016-7084
 	NOT-FOR-US: VMware
-CVE-2016-7083 (VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation ...)
+CVE-2016-7083
 	NOT-FOR-US: VMware
-CVE-2016-7082 (VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation ...)
+CVE-2016-7082
 	NOT-FOR-US: VMware
-CVE-2016-7081 (Multiple heap-based buffer overflows in VMware Workstation Pro 12.x ...)
+CVE-2016-7081
 	NOT-FOR-US: VMware
-CVE-2016-7080 (The graphic acceleration functions in VMware Tools 9.x and 10.x before ...)
+CVE-2016-7080
 	NOT-FOR-US: VMware
-CVE-2016-7079 (The graphic acceleration functions in VMware Tools 9.x and 10.x before ...)
+CVE-2016-7079
 	NOT-FOR-US: VMware
-CVE-2016-7078 (foreman before version 1.15.0 is vulnerable to an information leak ...)
+CVE-2016-7078
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/16982
-CVE-2016-7077 (foreman before 1.14.0 is vulnerable to an information leak. It was ...)
+CVE-2016-7077
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/16971
-CVE-2016-7076 (sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo ...)
+CVE-2016-7076
 	{DLA-707-1}
 	- sudo 1.8.18p1-1 (bug #842507)
 	[jessie] - sudo <no-dsa> (Minor issue)
@@ -11053,61 +11053,61 @@ CVE-2016-7076 (sudo before version 1.8.18p1 is vulnerable to a bypass in the sud
 	NOTE: https://www.sudo.ws/repos/sudo/rev/7b8357b0a358
 	NOTE: https://www.sudo.ws/repos/sudo/rev/167a518d8129
 	NOTE: Might need as well: https://bugzilla.sudo.ws/show_bug.cgi?id=761
-CVE-2016-7075 (It was found that Kubernetes as used by Openshift Enterprise 3 did not ...)
+CVE-2016-7075
 	- kubernetes 1.5.5+dfsg-1 (bug #795652)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/34517
-CVE-2016-7074 (An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and ...)
+CVE-2016-7074
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	- pdns-recursor 4.0.4-1
 	[jessie] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	[wheezy] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-04/
-CVE-2016-7073 (An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and ...)
+CVE-2016-7073
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	- pdns-recursor 4.0.4-1
 	[jessie] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	[wheezy] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-04/
-CVE-2016-7072 (An issue has been found in PowerDNS Authoritative Server before 3.4.11 ...)
+CVE-2016-7072
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-03/
-CVE-2016-7071 (It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not ...)
+CVE-2016-7071
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-7070 (A privilege escalation flaw was found in the Ansible Tower. When Tower ...)
+CVE-2016-7070
 	NOT-FOR-US: Ansible Tower
-CVE-2016-7069 (An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT ...)
+CVE-2016-7069
 	- dnsdist 1.2.0-1 (low; bug #872854)
 	[stretch] - dnsdist 1.1.0-2+deb9u1
 	NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-01.html
 	NOTE: https://downloads.powerdns.com/patches/2017-01
-CVE-2016-7068 (An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and ...)
+CVE-2016-7068
 	{DSA-3764-1 DSA-3763-1 DLA-798-1 DLA-788-1}
 	- pdns 4.0.2-1
 	- pdns-recursor 4.0.4-1
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-02/
-CVE-2016-7067 (Monit before version 5.20.0 is vulnerable to a cross site request ...)
+CVE-2016-7067
 	{DLA-732-1}
 	- monit 1:5.20.0-1
 	[jessie] - monit <no-dsa> (Minor issue)
 	NOTE: https://bitbucket.org/tildeslash/monit/commits/c6ec3820e627f85417053e6336de2987f2d863e3?at=master
 	NOTE: Although configured only on localhost, the httpd service is started by
 	NOTE: default and accessible.
-CVE-2016-7066 (It was found that the improper default permissions on /tmp/auth ...)
+CVE-2016-7066
 	NOT-FOR-US: admin-cli / jboss-cli in Red Hat
-CVE-2016-7065 (The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) ...)
+CVE-2016-7065
 	NOT-FOR-US: Red Hat JBoss EAP
 CVE-2016-7064
 	RESERVED
 CVE-2016-7063
 	RESERVED
-CVE-2016-7062 (rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage ...)
+CVE-2016-7062
 	NOT-FOR-US: Red Hat rhscon-core
-CVE-2016-7061 (An information disclosure vulnerability was found in JBoss Enterprise ...)
+CVE-2016-7061
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
-CVE-2016-7060 (The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does ...)
+CVE-2016-7060
 	NOT-FOR-US: Red Hat QCI
 CVE-2016-7059
 	REJECTED
@@ -11115,43 +11115,43 @@ CVE-2016-7058
 	REJECTED
 CVE-2016-7057
 	REJECTED
-CVE-2016-7056 (A timing attack flaw was found in OpenSSL 1.0.1u and before that could ...)
+CVE-2016-7056
 	{DSA-3773-1 DLA-814-1}
 	- openssl 1.0.2a-1
 	- openssl1.0 <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://eprint.iacr.org/2016/1195.pdf
 	NOTE: Fixed by: https://git.openssl.org/?p=openssl.git;a=commit;h=f54be179aa4cbbd944728771d7d59ed588158a12
 	NOTE: Fixed by: https://git.openssl.org/?p=openssl.git;a=commit;h=8aed2a7548362e88e84a7feb795a3a97e8395008 (OpenSSL_1_0_2-beta3)
-CVE-2016-7055 (There is a carry propagating bug in the Broadwell-specific Montgomery ...)
+CVE-2016-7055
 	- openssl 1.1.0c-1 (low)
 	[jessie] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	- openssl1.0 1.0.2k-1 (low)
 	NOTE: https://www.openssl.org/news/secadv/20161110.txt
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=2fac86d9abeaa643677d1ffd0a139239fdf9406a
-CVE-2016-7054 (In OpenSSL 1.1.0 before 1.1.0c, TLS connections using ...)
+CVE-2016-7054
 	- openssl 1.1.0c-1
 	[jessie] - openssl <not-affected> (Only affects 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.1.0)
 	- openssl1.0 <not-affected> (Only affects 1.1.0)
 	NOTE: https://www.openssl.org/news/secadv/20161110.txt
-CVE-2016-7053 (In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS ...)
+CVE-2016-7053
 	- openssl 1.1.0c-1
 	[jessie] - openssl <not-affected> (Only affects 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.1.0)
 	- openssl1.0 <not-affected> (Only affects 1.1.0)
 	NOTE: https://www.openssl.org/news/secadv/20161110.txt
-CVE-2016-7052 (crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to ...)
+CVE-2016-7052
 	- openssl 1.0.2j-1
 	[jessie] - openssl <not-affected> (Introduced in 1.0.2i)
 	[wheezy] - openssl <not-affected> (Introduced in 1.0.2i)
 	NOTE: https://www.openssl.org/news/secadv/20160926.txt
-CVE-2016-7051 (XmlMapper in the Jackson XML dataformat component (aka ...)
+CVE-2016-7051
 	- jackson-dataformat-xml 2.8.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1378673#c7
 	NOTE: https://github.com/FasterXML/jackson-dataformat-xml/issues/211
 	NOTE: https://github.com/FasterXML/jackson-dataformat-xml/commit/eeff2c312e9d4caa8c9f27b8f740c7529d00524a (2.7.8)
-CVE-2016-7050 (SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop ...)
+CVE-2016-7050
 	- resteasy 3.0.18-1
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <not-affected> (Fixed before initial release to Debian)
@@ -11159,57 +11159,57 @@ CVE-2016-7050 (SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desk
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1378613
 CVE-2016-7049
 	RESERVED
-CVE-2016-7048 (The interactive installer in PostgreSQL before 9.3.15, 9.4.x before ...)
+CVE-2016-7048
 	NOT-FOR-US: interactive installer used in EnterpriseDB-supplied PostgreSQL packages
-CVE-2016-7047 (A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and ...)
+CVE-2016-7047
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2016-7046 (Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating ...)
+CVE-2016-7046
 	- undertow 1.4.3-1 (bug #838600)
 	NOTE: https://github.com/undertow-io/undertow/commit/c518b5a1784061d807efedcef0a03fcd35a53de2
-CVE-2016-7045 (The format_send_to_gui function in the format parsing code in Irssi ...)
+CVE-2016-7045
 	{DSA-3672-1}
 	- irssi 0.8.20-1
 	[wheezy] - irssi <not-affected> (Introduced in 0.8.17-beta)
 	NOTE: http://irssi.org/security/irssi_sa_2016.txt
-CVE-2016-7044 (The unformat_24bit_color function in the format parsing code in Irssi ...)
+CVE-2016-7044
 	{DSA-3672-1}
 	- irssi 0.8.20-1
 	[wheezy] - irssi <not-affected> (Introduced in 0.8.17-beta)
 	NOTE: http://irssi.org/security/irssi_sa_2016.txt
 CVE-2016-7043
 	RESERVED
-CVE-2016-7042 (The proc_keys_show function in security/keys/proc.c in the Linux ...)
+CVE-2016-7042
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.7.8-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373966
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373499
 	NOTE: https://git.kernel.org/linus/03dab869b7b239c4e013ec82aea22e181e441cfc
-CVE-2016-7041 (Drools Workbench contains a path traversal vulnerability. The ...)
+CVE-2016-7041
 	NOT-FOR-US: JBoss Drolls Workbench
-CVE-2016-7040 (Red Hat CloudForms Management Engine 4.1 does not properly handle ...)
+CVE-2016-7040
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-7039 (The IP stack in the Linux kernel through 4.8.2 allows remote attackers ...)
+CVE-2016-7039
 	- linux 4.7.8-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fcd91dd449867c6bfe56a81cabba76b829fd05cd
 	NOTE: Introduced by: https://git.kernel.org/linus/9b174d88c257150562b0101fcc6cb6c3cb74275c (v4.0-rc1)
 	NOTE: Intorduced by: https://git.kernel.org/linus/66e5133f19e901a044fa5eaeeb6ecff4545839e5 (v4.2-rc1)
-CVE-2016-7038 (In Moodle 2.x and 3.x, web service tokens are not invalidated when the ...)
+CVE-2016-7038
 	- moodle 2.7.16+dfsg-1
-CVE-2016-7037 (The verify function in Encryption/Symmetric.php in Malcolm Fell jwt ...)
+CVE-2016-7037
 	NOT-FOR-US: Malcolm Fell jwt
-CVE-2016-7036 (python-jose before 1.3.2 allows attackers to have unspecified impact ...)
+CVE-2016-7036
 	NOT-FOR-US: Python jose
-CVE-2016-7035 (An authorization flaw was found in Pacemaker before 1.1.16, where it ...)
+CVE-2016-7035
 	- pacemaker 1.1.15-3 (bug #843041)
 	[wheezy] - pacemaker <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ClusterLabs/pacemaker/pull/1166/commits/5a20855d6054ebaae590c09262b328d957cc1fc2
-CVE-2016-7034 (The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly ...)
+CVE-2016-7034
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-7033 (Multiple cross-site scripting (XSS) vulnerabilities in the admin pages ...)
+CVE-2016-7033
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-7032 (sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users ...)
+CVE-2016-7032
 	{DLA-707-1}
 	- sudo 1.8.15-1
 	[jessie] - sudo <no-dsa> (Minor issue)
@@ -11219,13 +11219,13 @@ CVE-2016-7032 (sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local u
 	NOTE: https://www.sudo.ws/devel.html#1.8.15rc1
 	NOTE: https://www.sudo.ws/repos/sudo/rev/58a5c06b5257
 	NOTE: https://www.sudo.ws/repos/sudo/rev/a826cd7787e9
-CVE-2016-7031 (The RGW code in Ceph before 10.0.1, when authenticated-read ACL is ...)
+CVE-2016-7031
 	- ceph 10.2.5-1 (bug #838026)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/13207
 	NOTE: https://github.com/ceph/ceph/pull/6057
 	NOTE: https://github.com/ceph/ceph/pull/11045
-CVE-2016-7030 (FreeIPA uses a default password policy that locks an account after 5 ...)
+CVE-2016-7030
 	- freeipa 4.4.4-1 (bug #849970)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1370493
 	NOTE: https://fedorahosted.org/freeipa/ticket/6561
@@ -11247,207 +11247,207 @@ CVE-2016-7022
 	REJECTED
 CVE-2016-7021
 	REJECTED
-CVE-2016-7020 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-7020
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7019 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7019
 	NOT-FOR-US: Adobe
-CVE-2016-7018 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7018
 	NOT-FOR-US: Adobe
-CVE-2016-7017 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7017
 	NOT-FOR-US: Adobe
-CVE-2016-7016 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7016
 	NOT-FOR-US: Adobe
-CVE-2016-7015 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7015
 	NOT-FOR-US: Adobe
-CVE-2016-7014 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7014
 	NOT-FOR-US: Adobe
-CVE-2016-7013 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7013
 	NOT-FOR-US: Adobe
-CVE-2016-7012 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7012
 	NOT-FOR-US: Adobe
-CVE-2016-7011 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7011
 	NOT-FOR-US: Adobe
-CVE-2016-7010 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7010
 	NOT-FOR-US: Adobe
-CVE-2016-7009 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7009
 	NOT-FOR-US: Adobe
-CVE-2016-7008 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7008
 	NOT-FOR-US: Adobe
-CVE-2016-7007 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7007
 	NOT-FOR-US: Adobe
-CVE-2016-7006 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7006
 	NOT-FOR-US: Adobe
-CVE-2016-7005 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7005
 	NOT-FOR-US: Adobe
-CVE-2016-7004 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7004
 	NOT-FOR-US: Adobe
-CVE-2016-7003 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7003
 	NOT-FOR-US: Adobe
-CVE-2016-7002 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7002
 	NOT-FOR-US: Adobe
-CVE-2016-7001 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7001
 	NOT-FOR-US: Adobe
-CVE-2016-7000 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-7000
 	NOT-FOR-US: Adobe
-CVE-2016-6999 (Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat ...)
+CVE-2016-6999
 	NOT-FOR-US: Adobe
-CVE-2016-6998 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6998
 	NOT-FOR-US: Adobe
-CVE-2016-6997 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6997
 	NOT-FOR-US: Adobe
-CVE-2016-6996 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6996
 	NOT-FOR-US: Adobe
-CVE-2016-6995 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6995
 	NOT-FOR-US: Adobe
-CVE-2016-6994 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, ...)
+CVE-2016-6994
 	NOT-FOR-US: Adobe
-CVE-2016-6993 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6993
 	NOT-FOR-US: Adobe
-CVE-2016-6992 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6992
 	NOT-FOR-US: Adobe
 CVE-2016-6991
 	REJECTED
-CVE-2016-6990 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6990
 	NOT-FOR-US: Adobe
-CVE-2016-6989 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6989
 	NOT-FOR-US: Adobe
-CVE-2016-6988 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6988
 	NOT-FOR-US: Adobe
-CVE-2016-6987 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 ...)
+CVE-2016-6987
 	NOT-FOR-US: Adobe
-CVE-2016-6986 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6986
 	NOT-FOR-US: Adobe
-CVE-2016-6985 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6985
 	NOT-FOR-US: Adobe
-CVE-2016-6984 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6984
 	NOT-FOR-US: Adobe
-CVE-2016-6983 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6983
 	NOT-FOR-US: Adobe
-CVE-2016-6982 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-6982
 	NOT-FOR-US: Adobe
-CVE-2016-6981 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 ...)
+CVE-2016-6981
 	NOT-FOR-US: Adobe
-CVE-2016-6980 (Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 ...)
+CVE-2016-6980
 	NOT-FOR-US: Adobe
-CVE-2016-6979 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6979
 	NOT-FOR-US: Adobe
-CVE-2016-6978 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6978
 	NOT-FOR-US: Adobe
-CVE-2016-6977 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6977
 	NOT-FOR-US: Adobe
-CVE-2016-6976 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6976
 	NOT-FOR-US: Adobe
-CVE-2016-6975 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6975
 	NOT-FOR-US: Adobe
-CVE-2016-6974 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6974
 	NOT-FOR-US: Adobe
-CVE-2016-6973 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6973
 	NOT-FOR-US: Adobe
-CVE-2016-6972 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6972
 	NOT-FOR-US: Adobe
-CVE-2016-6971 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6971
 	NOT-FOR-US: Adobe
-CVE-2016-6970 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6970
 	NOT-FOR-US: Adobe
-CVE-2016-6969 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6969
 	NOT-FOR-US: Adobe
-CVE-2016-6968 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6968
 	NOT-FOR-US: Adobe
-CVE-2016-6967 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6967
 	NOT-FOR-US: Adobe
-CVE-2016-6966 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6966
 	NOT-FOR-US: Adobe
-CVE-2016-6965 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6965
 	NOT-FOR-US: Adobe
-CVE-2016-6964 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6964
 	NOT-FOR-US: Adobe
-CVE-2016-6963 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6963
 	NOT-FOR-US: Adobe
-CVE-2016-6962 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6962
 	NOT-FOR-US: Adobe
-CVE-2016-6961 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6961
 	NOT-FOR-US: Adobe
-CVE-2016-6960 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6960
 	NOT-FOR-US: Adobe
-CVE-2016-6959 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6959
 	NOT-FOR-US: Adobe
-CVE-2016-6958 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6958
 	NOT-FOR-US: Adobe
-CVE-2016-6957 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6957
 	NOT-FOR-US: Adobe
-CVE-2016-6956 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6956
 	NOT-FOR-US: Adobe
-CVE-2016-6955 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6955
 	NOT-FOR-US: Adobe
-CVE-2016-6954 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6954
 	NOT-FOR-US: Adobe
-CVE-2016-6953 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6953
 	NOT-FOR-US: Adobe
-CVE-2016-6952 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6952
 	NOT-FOR-US: Adobe
-CVE-2016-6951 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6951
 	NOT-FOR-US: Adobe
-CVE-2016-6950 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6950
 	NOT-FOR-US: Adobe
-CVE-2016-6949 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6949
 	NOT-FOR-US: Adobe
-CVE-2016-6948 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6948
 	NOT-FOR-US: Adobe
-CVE-2016-6947 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6947
 	NOT-FOR-US: Adobe
-CVE-2016-6946 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6946
 	NOT-FOR-US: Adobe
-CVE-2016-6945 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6945
 	NOT-FOR-US: Adobe
-CVE-2016-6944 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6944
 	NOT-FOR-US: Adobe
-CVE-2016-6943 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6943
 	NOT-FOR-US: Adobe
-CVE-2016-6942 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6942
 	NOT-FOR-US: Adobe
-CVE-2016-6941 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6941
 	NOT-FOR-US: Adobe
-CVE-2016-6940 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6940
 	NOT-FOR-US: Adobe
-CVE-2016-6939 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, ...)
+CVE-2016-6939
 	NOT-FOR-US: Adobe
-CVE-2016-6938 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-6938
 	NOT-FOR-US: Adobe
-CVE-2016-6937 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-6937
 	NOT-FOR-US: Adobe
-CVE-2016-6936 (Adobe AIR SDK &amp; Compiler before 23.0.0.257 on Windows does not support ...)
+CVE-2016-6936
 	NOT-FOR-US: Adobe
-CVE-2016-6935 (Unquoted Windows search path vulnerability in Adobe Creative Cloud ...)
+CVE-2016-6935
 	NOT-FOR-US: Adobe
-CVE-2016-6934 (Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle ...)
+CVE-2016-6934
 	NOT-FOR-US: Adobe
-CVE-2016-6933 (Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle ...)
+CVE-2016-6933
 	NOT-FOR-US: Adobe
-CVE-2016-6932 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6932
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6931 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6931
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6930 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6930
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6929 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6929
 	NOT-FOR-US: Adobe Flash Player
 CVE-2016-6928
 	REJECTED
-CVE-2016-6927 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6927
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6926 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6926
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6925 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6925
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6924 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-6924
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6923 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6923
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6922 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-6922
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6921 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-6921
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6920 (Heap-based buffer overflow in the decode_block function in ...)
+CVE-2016-6920
 	- ffmpeg 7:3.1.3-1
 	- libav <not-affected>
 	NOTE: Vulnerable code not present in any Libav version.
@@ -11455,70 +11455,70 @@ CVE-2016-6919
 	RESERVED
 CVE-2016-6918
 	RESERVED
-CVE-2016-6917 (Buffer overflow in nvhost_job.c in the NVIDIA video driver for ...)
+CVE-2016-6917
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6916 (Integer overflow in nvhost_job.c in the NVIDIA video driver for ...)
+CVE-2016-6916
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6915 (Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver ...)
+CVE-2016-6915
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6914 (Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions ...)
+CVE-2016-6914
 	NOT-FOR-US: Ubiquiti UniFi Video
-CVE-2016-6913 (Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before ...)
+CVE-2016-6913
 	NOT-FOR-US: OSSIM
-CVE-2016-6912 (Double free vulnerability in the gdImageWebPtr function in the GD ...)
+CVE-2016-6912
 	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2
-CVE-2016-6910 (The non-existent notification listener vulnerability was introduced in ...)
+CVE-2016-6910
 	NOT-FOR-US: Android build by Samsung
-CVE-2016-6909 (Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before ...)
+CVE-2016-6909
 	NOT-FOR-US: Fortinet
-CVE-2016-6908 (Characters from languages are such as Arabic, Hebrew are displayed ...)
+CVE-2016-6908
 	NOT-FOR-US: Opera
 CVE-2016-6907
 	RESERVED
-CVE-2016-6906 (The read_image_tga function in gd_tga.c in the GD Graphics Library ...)
+CVE-2016-6906
 	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558
-CVE-2016-6904 (Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 ...)
+CVE-2016-6904
 	NOT-FOR-US: NetAPP
-CVE-2016-6901 (Format string vulnerability in Huawei AR100, AR120, AR150, AR200, ...)
+CVE-2016-6901
 	NOT-FOR-US: Huawei Routers
-CVE-2016-6900 (The Intelligent Baseboard Management Controller (iBMC) in Huawei ...)
+CVE-2016-6900
 	NOT-FOR-US: Huawei FusionServer
-CVE-2016-6899 (The Intelligent Baseboard Management Controller (iBMC) in Huawei ...)
+CVE-2016-6899
 	NOT-FOR-US: Huawei FusionServer
-CVE-2016-6898 (XML external entity (XXE) vulnerability in the Hyper Management Module ...)
+CVE-2016-6898
 	NOT-FOR-US: Huawei FusionServer
 CVE-2016-6895
 	REJECTED
-CVE-2016-6894 (Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17 before ...)
+CVE-2016-6894
 	NOT-FOR-US: Arista EOS
-CVE-2016-6892 (The x509FreeExtensions function in MatrixSSL before 3.8.6 allows ...)
+CVE-2016-6892
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
-CVE-2016-6891 (MatrixSSL before 3.8.6 allows remote attackers to cause a denial of ...)
+CVE-2016-6891
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
-CVE-2016-6890 (Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote ...)
+CVE-2016-6890
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
 CVE-2016-6889
 	RESERVED
-CVE-2016-6881 (The zlib_refill function in libavformat/swfdec.c in FFmpeg before ...)
+CVE-2016-6881
 	- ffmpeg 7:3.1.3-1 (unimportant)
 	- libav <not-affected>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/26/6
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/4770eac6
 	NOTE: Vulnerable code not present in any Libav version.
-CVE-2016-6902 (lshell 0.9.16 allows remote authenticated users to break out of a ...)
+CVE-2016-6902
 	- lshell <removed> (bug #834949)
 	[wheezy] - lshell <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ghantoos/lshell/issues/147
@@ -11526,26 +11526,26 @@ CVE-2016-6902 (lshell 0.9.16 allows remote authenticated users to break out of a
 	NOTE: As for 2016-08-23 https://github.com/ghantoos/lshell/issues/147#issuecomment-241366750 ist still
 	NOTE: as well under the scope of CVE-2016-6902, until "there is further vendor followup
 	NOTE: about issues/147" and possibly a new/additional CVE assignment.
-CVE-2016-6903 (lshell 0.9.16 allows remote authenticated users to break out of a ...)
+CVE-2016-6903
 	- lshell <removed> (bug #834946)
 	[wheezy] - lshell <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ghantoos/lshell/issues/149
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15
-CVE-2016-6897 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2016-6897
 	- wordpress 4.6.1+dfsg-1 (bug #837090)
 	[jessie] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	[wheezy] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	NOTE: http://seclists.org/oss-sec/2016/q3/347
 	NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
 	NOTE: https://core.trac.wordpress.org/changeset/38168
-CVE-2016-6896 (Directory traversal vulnerability in the wp_ajax_update_plugin ...)
+CVE-2016-6896
 	- wordpress 4.6.1+dfsg-1 (bug #837090)
 	[jessie] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	[wheezy] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	NOTE: http://seclists.org/oss-sec/2016/q3/347
 	NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
 	NOTE: https://core.trac.wordpress.org/changeset/38168
-CVE-2016-6893 (Cross-site request forgery (CSRF) vulnerability in the user options ...)
+CVE-2016-6893
 	{DSA-3668-1 DLA-608-1}
 	- mailman 1:2.1.23-1 (bug #835970)
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2016-August/000225.html
@@ -11553,15 +11553,15 @@ CVE-2016-6893 (Cross-site request forgery (CSRF) vulnerability in the user optio
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2016-August/000226.html
 CVE-2016-6880
 	RESERVED
-CVE-2016-6879 (The X509_Certificate::allowed_usage function in botan 1.11.x before ...)
+CVE-2016-6879
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.31
-CVE-2016-6878 (The Curve25519 code in botan before 1.11.31, on systems without a ...)
+CVE-2016-6878
 	- botan1.10 <not-affected> (Introduced in 1.11.12)
 	NOTE: Introduced in 1.11.12, fixed in 1.11.31
-CVE-2016-6877 (** DISPUTED ** Citrix XenMobile Server before 10.5.0.24 allows ...)
+CVE-2016-6877
 	NOT-FOR-US: Citrix
-CVE-2016-6876 (The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link ...)
+CVE-2016-6876
 	NOT-FOR-US: F5
 CVE-2016-6869
 	RESERVED
@@ -11581,65 +11581,65 @@ CVE-2016-6861
 	RESERVED
 CVE-2016-6860
 	RESERVED
-CVE-2016-6859 (Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote ...)
+CVE-2016-6859
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6858 (Cross-site scripting (XSS) vulnerability in the Create Employee ...)
+CVE-2016-6858
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6857 (Cross-site scripting (XSS) vulnerability in the Create Catalogue ...)
+CVE-2016-6857
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6856 (Cross-site scripting (XSS) vulnerability in the Inbox Search feature ...)
+CVE-2016-6856
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6855 (Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, ...)
+CVE-2016-6855
 	{DLA-605-1}
 	- eog 3.20.4-1
 	[jessie] - eog <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=770143
 	NOTE: https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4
-CVE-2016-6854 (An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. ...)
+CVE-2016-6854
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6853 (An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. ...)
+CVE-2016-6853
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6852 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6852
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6851 (An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. ...)
+CVE-2016-6851
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6850 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6850
 	NOT-FOR-US: Open-Xchange
 CVE-2016-6849
 	RESERVED
-CVE-2016-6848 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6848
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6847 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6847
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6846 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
+CVE-2016-6846
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6845 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6845
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6844 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6844
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6843 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6843
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6842 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. ...)
+CVE-2016-6842
 	NOT-FOR-US: Open-Xchange
 CVE-2016-6841
 	RESERVED
-CVE-2016-6840 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2016-6840
 	NOT-FOR-US: Huawei
-CVE-2016-6839 (CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 ...)
+CVE-2016-6839
 	NOT-FOR-US: Huawei FusionAccess
-CVE-2016-6838 (Huawei X6800 and XH620 V3 servers with software before ...)
+CVE-2016-6838
 	NOT-FOR-US: Huawei FusionServer
-CVE-2016-6829 (The trove service user in (1) Openstack deployment (aka ...)
+CVE-2016-6829
 	NOT-FOR-US: Crowbar Framework
-CVE-2016-6827 (Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES ...)
+CVE-2016-6827
 	NOT-FOR-US: Huawei FusionCompute
-CVE-2016-6826 (Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a ...)
+CVE-2016-6826
 	NOT-FOR-US: Huawei AnyMail
-CVE-2016-6825 (Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before ...)
+CVE-2016-6825
 	NOT-FOR-US: Huawei FusionServer Node
-CVE-2016-6824 (Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with ...)
+CVE-2016-6824
 	NOT-FOR-US: Huawei Campus Switch
-CVE-2016-6888 (Integer overflow in the net_tx_pkt_init function in ...)
+CVE-2016-6888
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834902)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -11647,25 +11647,25 @@ CVE-2016-6888 (Integer overflow in the net_tx_pkt_init function in ...)
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03176.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=47882fa4975bf0b58dd74474329fdd7154e8f04c
-CVE-2016-6875 (Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows ...)
+CVE-2016-6875
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/1888810e77b446a79a7674784d5f139fcfa605e2
-CVE-2016-6874 (The array_*_recursive functions in Facebook HHVM before 3.15.0 allows ...)
+CVE-2016-6874
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/05e706d98f748f609b19d8697e490eaab5007d69
-CVE-2016-6873 (Self recursion in compact in Facebook HHVM before 3.15.0 allows ...)
+CVE-2016-6873
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
-CVE-2016-6872 (Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 ...)
+CVE-2016-6872
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/2c9a8fcc73a151608634d3e712973d192027c271
-CVE-2016-6871 (Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows ...)
+CVE-2016-6871
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/c00fc9d3003eb06226b58b6a48555f1456ee2475
-CVE-2016-6870 (Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, ...)
+CVE-2016-6870
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/365abe807cab2d60dc9ec307292a06181f77a9c2
-CVE-2016-6866 (slock allows attackers to bypass the screen lock via vectors involving ...)
+CVE-2016-6866
 	{DLA-598-1}
 	- suckless-tools 41-1
 	[jessie] - suckless-tools 40-1+deb8u2
@@ -11675,24 +11675,24 @@ CVE-2016-6866 (slock allows attackers to bypass the screen lock via vectors invo
 	NOTE: and with the patch readpw(dpy, pws) is not called anymore, and
 	NOTE: thus in readpw, not calling crypt(passwd, pws) with a possibly
 	NOTE: empty pws.
-CVE-2016-6837 (Cross-site scripting (XSS) vulnerability in MantisBT Filter API in ...)
+CVE-2016-6837
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (unsupported)
 	NOTE: https://mantisbt.org/bugs/view.php?id=21611
 	NOTE: https://github.com/mantisbt/mantisbt/commit/7086c2d8b4b20ac14013b36761ac04f0abf21a4e
-CVE-2016-6832 (Heap-based buffer overflow in the ff_audio_resample function in ...)
+CVE-2016-6832
 	- libav 6:11.4-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://blogs.gentoo.org/ago/2016/08/07/libav-heap-based-buffer-overflow-in-ff_audio_resample-resample-c/
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=0ac8ff618c5e6d878c547a8877e714ed728950ce
 	NOTE: Claimed to not affect ffmpeg
-CVE-2016-6831 (The &quot;process-execute&quot; and &quot;process-spawn&quot; procedures did not free ...)
+CVE-2016-6831
 	{DLA-643-1}
 	- chicken 4.12.0-0.2 (bug #834845)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	NOTE: Fixed in the same upstream patch which is provided for CVE-2016-6830
-CVE-2016-6830 (The &quot;process-execute&quot; and &quot;process-spawn&quot; procedures in CHICKEN Scheme ...)
+CVE-2016-6830
 	{DLA-643-1}
 	- chicken 4.12.0-0.2 (bug #834845)
 	[stretch] - chicken <no-dsa> (Minor issue)
@@ -11700,7 +11700,7 @@ CVE-2016-6830 (The &quot;process-execute&quot; and &quot;process-spawn&quot; pro
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
 	NOTE: https://lists.nongnu.org/archive/html/chicken-hackers/2016-07/txtSWHYeFeG0R.txt
 	NOTE: http://bugs.call-cc.org/ticket/1308
-CVE-2016-6828 (The tcp_check_send_head function in include/net/tcp.h in the Linux ...)
+CVE-2016-6828
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4
@@ -11708,18 +11708,18 @@ CVE-2016-6822
 	RESERVED
 CVE-2016-6821
 	RESERVED
-CVE-2016-6820 (MetroCluster Tiebreaker for clustered Data ONTAP in versions before ...)
+CVE-2016-6820
 	NOT-FOR-US: MetroCluster Tiebreaker
 CVE-2016-6819
 	RESERVED
-CVE-2016-6818 (SQL injection vulnerability in SAP Business Intelligence platform ...)
+CVE-2016-6818
 	NOT-FOR-US: SAP
-CVE-2016-6817 (The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and ...)
+CVE-2016-6817
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 <not-affected> (Only affects 9.x and 8.5.x)
 	- tomcat7 <not-affected> (Only affects 9.x and 8.5.x)
 	- tomcat6 <not-affected> (Only affects 9.x and 8.5.x)
-CVE-2016-6816 (The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, ...)
+CVE-2016-6816
 	{DSA-3739-1 DSA-3738-1 DLA-729-1 DLA-728-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.39-1
@@ -11730,62 +11730,62 @@ CVE-2016-6816 (The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6,
 	NOTE: Fixed by: http://svn.apache.org/r1767653 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767675 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767683 (6.0.x)
-CVE-2016-6815 (In Apache Ranger before 0.6.2, users with &quot;keyadmin&quot; role should not ...)
+CVE-2016-6815
 	NOT-FOR-US: Apache Ranger
-CVE-2016-6814 (When an application with unsupported Codehaus versions of Groovy from ...)
+CVE-2016-6814
 	{DLA-794-1}
 	- groovy 2.4.8-1 (bug #851408)
 	[jessie] - groovy 1.8.6-4+deb8u2
 	- groovy2 <removed>
 	[jessie] - groovy2 2.2.2+dfsg-3+deb8u2
-CVE-2016-6813 (Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call ...)
+CVE-2016-6813
 	NOT-FOR-US: Apache CloudStack
-CVE-2016-6812 (The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x ...)
+CVE-2016-6812
 	NOT-FOR-US: Apache CXF
-CVE-2016-6811 (In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn ...)
+CVE-2016-6811
 	- hadoop <itp> (bug #793644)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/01/2
-CVE-2016-6810 (In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site ...)
+CVE-2016-6810
 	- activemq 5.14.2+dfsg-1 (unimportant)
 	NOTE: Admin console not enabled in the Debian package, see #702670
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt
 	NOTE: http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000245.html
 	NOTE: https://jvn.jp/en/jp/JVN78980598/index.html
-CVE-2016-6809 (Apache Tika before 1.14 allows Java code execution for serialized ...)
+CVE-2016-6809
 	- tika 1.18-1
 	[jessie] - tika <not-affected> (Matlab file parser introduced in 1.6)
 	NOTE: http://seclists.org/bugtraq/2016/Nov/40
-CVE-2016-6808 (Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. ...)
+CVE-2016-6808
 	- libapache-mod-jk <not-affected> (Windows/IIS vhost handling specific issue)
 	NOTE: Fixed by: http://svn.apache.org/r1762057
 	NOTE: https://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.42
 	NOTE: This is though only Windows/IIS specific, thus marked as not-affected, cf. #840000
-CVE-2016-6807 (Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) ...)
+CVE-2016-6807
 	NOT-FOR-US: Ambari Agent
-CVE-2016-6806 (Apache Wicket 6.x before 6.25.0, 7.x before 7.5.0, and 8.0.0-M1 ...)
+CVE-2016-6806
 	NOT-FOR-US: Apache Wicket
-CVE-2016-6805 (Apache Ignite before 1.9 allows man-in-the-middle attackers to read ...)
+CVE-2016-6805
 	NOT-FOR-US: Apache Ignite
-CVE-2016-6804 (The Apache OpenOffice installer (versions prior to 4.1.3, including ...)
+CVE-2016-6804
 	NOT-FOR-US: Apache OpenOffice installer for Windows
-CVE-2016-6803 (An installer defect known as an &quot;unquoted Windows search path ...)
+CVE-2016-6803
 	NOT-FOR-US: Apache OpenOffice installer for Windows
-CVE-2016-6802 (Apache Shiro before 1.3.2 allows attackers to bypass intended servlet ...)
+CVE-2016-6802
 	- shiro 1.3.2-1
 	[jessie] - shiro <no-dsa> (Minor issue)
-CVE-2016-6801 (Cross-site request forgery (CSRF) vulnerability in the CSRF ...)
+CVE-2016-6801
 	{DSA-3679-1 DLA-629-1}
 	- jackrabbit 2.12.4-1 (bug #838204)
 	NOTE: http://svn.apache.org/r1758791 (2.4.x)
 	NOTE: http://svn.apache.org/r1758771 (2.6.x)
 	NOTE: http://svn.apache.org/r1758764 (2.8.x)
-CVE-2016-6800 (The default configuration of the Apache OFBiz framework offers a blog ...)
+CVE-2016-6800
 	NOT-FOR-US: Apache OFBiz
-CVE-2016-6799 (Product: Apache Cordova Android 5.2.2 and earlier. The application ...)
+CVE-2016-6799
 	NOT-FOR-US: Apache Cordova
-CVE-2016-6798 (In the XSS Protection API module before 1.0.12 in Apache Sling, the ...)
+CVE-2016-6798
 	NOT-FOR-US: Apache Sling
-CVE-2016-6797 (The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to ...)
+CVE-2016-6797
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842666)
@@ -11795,7 +11795,7 @@ CVE-2016-6797 (The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1
 	NOTE: Fixed by: http://svn.apache.org/r1757273 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1757275 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1757285 (6.0.x)
-CVE-2016-6796 (A malicious web application running on Apache Tomcat 9.0.0.M1 to ...)
+CVE-2016-6796
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842665)
@@ -11805,11 +11805,11 @@ CVE-2016-6796 (A malicious web application running on Apache Tomcat 9.0.0.M1 to
 	NOTE: Fixed by: http://svn.apache.org/r1758494 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1758495 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1758496 (6.0.x)
-CVE-2016-6795 (In the Convention plugin in Apache Struts 2.3.20 through 2.3.30, it is ...)
+CVE-2016-6795
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <end-of-life> (no longer supported)
 	NOTE: https://struts.apache.org/docs/s2-042.html
-CVE-2016-6794 (When a SecurityManager is configured, a web application's ability to ...)
+CVE-2016-6794
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842664)
@@ -11819,282 +11819,282 @@ CVE-2016-6794 (When a SecurityManager is configured, a web application's ability
 	NOTE: Fixed by: http://svn.apache.org/r1754727 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1754728 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1754733 (6.0.x)
-CVE-2016-6793 (The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x ...)
+CVE-2016-6793
 	NOT-FOR-US: Apache Wicket
-CVE-2016-6823 (Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 ...)
+CVE-2016-6823
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #834504)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323
-CVE-2016-10052 (Buffer overflow in the WriteProfile function in coders/jpeg.c in ...)
+CVE-2016-10052
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #834501)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
 CVE-2016-6792
 	RESERVED
-CVE-2016-6791 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2016-6791
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6790 (An elevation of privilege vulnerability in the NVIDIA libomx library ...)
+CVE-2016-6790
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6789 (An elevation of privilege vulnerability in the NVIDIA libomx library ...)
+CVE-2016-6789
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6788 (An elevation of privilege vulnerability in the MediaTek I2C driver ...)
+CVE-2016-6788
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6787 (kernel/events/core.c in the performance subsystem in the Linux kernel ...)
+CVE-2016-6787
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.0.2-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f63a8daa5812afef4f06c962351687e1ff9ccb2b (v4.0-rc1)
-CVE-2016-6786 (kernel/events/core.c in the performance subsystem in the Linux kernel ...)
+CVE-2016-6786
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.0.2-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f63a8daa5812afef4f06c962351687e1ff9ccb2b (v4.0-rc1)
-CVE-2016-6785 (An elevation of privilege vulnerability in the MediaTek driver could ...)
+CVE-2016-6785
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6784 (An elevation of privilege vulnerability in the MediaTek driver could ...)
+CVE-2016-6784
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6783 (An elevation of privilege vulnerability in the MediaTek driver could ...)
+CVE-2016-6783
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6782 (An elevation of privilege vulnerability in the MediaTek driver could ...)
+CVE-2016-6782
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6781 (An elevation of privilege vulnerability in the MediaTek driver could ...)
+CVE-2016-6781
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6780 (An elevation of privilege vulnerability in the HTC sound codec driver ...)
+CVE-2016-6780
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-6779 (An elevation of privilege vulnerability in the HTC sound codec driver ...)
+CVE-2016-6779
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-6778 (An elevation of privilege vulnerability in the HTC sound codec driver ...)
+CVE-2016-6778
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-6777 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-6777
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6776 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-6776
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6775 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2016-6775
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6774 (An information disclosure vulnerability in Package Manager could ...)
+CVE-2016-6774
 	NOT-FOR-US: Android
-CVE-2016-6773 (An information disclosure vulnerability in the ih264d decoder in ...)
+CVE-2016-6773
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6772 (An elevation of privilege vulnerability in Wi-Fi could enable a local ...)
+CVE-2016-6772
 	NOT-FOR-US: Android
-CVE-2016-6771 (An elevation of privilege vulnerability in Telephony could enable a ...)
+CVE-2016-6771
 	NOT-FOR-US: Android
-CVE-2016-6770 (An elevation of privilege vulnerability in the Framework API could ...)
+CVE-2016-6770
 	NOT-FOR-US: Android
-CVE-2016-6769 (An elevation of privilege vulnerability in Smart Lock could enable a ...)
+CVE-2016-6769
 	NOT-FOR-US: Android
-CVE-2016-6768 (A remote code execution vulnerability in the Framesequence library ...)
+CVE-2016-6768
 	NOT-FOR-US: Android
-CVE-2016-6767 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2016-6767
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6766 (A denial of service vulnerability in libmedia and libstagefright in ...)
+CVE-2016-6766
 	NOT-FOR-US: libstagefright
-CVE-2016-6765 (A denial of service vulnerability in libstagefright in Mediaserver ...)
+CVE-2016-6765
 	NOT-FOR-US: libstagefright
-CVE-2016-6764 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2016-6764
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6763 (A denial of service vulnerability in Telephony could enable a local ...)
+CVE-2016-6763
 	NOT-FOR-US: Android
-CVE-2016-6762 (An elevation of privilege vulnerability in the libziparchive library ...)
+CVE-2016-6762
 	- android-platform-system-core 1:7.0.0+r1-1
 	[jessie] - android-platform-system-core <not-affected> (Vulnerable code not present)
-CVE-2016-6761 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
+CVE-2016-6761
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6760 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
+CVE-2016-6760
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6759 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
+CVE-2016-6759
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6758 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
+CVE-2016-6758
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6757 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6757
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6756 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6756
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6755 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2016-6755
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6754 (A remote code execution vulnerability in Webview in Android 5.0.x ...)
+CVE-2016-6754
 	NOT-FOR-US: Webview for Android
-CVE-2016-6753 (An information disclosure vulnerability in kernel components, ...)
+CVE-2016-6753
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-11-01.html
-CVE-2016-6752 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6752
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6751 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6751
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6750 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6750
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6749 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6749
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6748 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6748
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6747 (A denial of service vulnerability in Mediaserver in Android before ...)
+CVE-2016-6747
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6746 (An information disclosure vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6746
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6745 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-6745
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6744 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-6744
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6743 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-6743
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6742 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2016-6742
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6741 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2016-6741
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6740 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2016-6740
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6739 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2016-6739
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6738 (An elevation of privilege vulnerability in the Qualcomm crypto engine ...)
+CVE-2016-6738
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6737 (An elevation of privilege vulnerability in the kernel ION subsystem in ...)
+CVE-2016-6737
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6736 (An elevation of privilege vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6736
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6735 (An elevation of privilege vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6735
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6734 (An elevation of privilege vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6734
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6733 (An elevation of privilege vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6733
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6732 (An elevation of privilege vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6732
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6731 (An elevation of privilege vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6731
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6730 (An elevation of privilege vulnerability in the NVIDIA GPU driver in ...)
+CVE-2016-6730
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6729 (An elevation of privilege vulnerability in the Qualcomm bootloader in ...)
+CVE-2016-6729
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6728 (An elevation of privilege vulnerability in the kernel ION subsystem in ...)
+CVE-2016-6728
 	NOT-FOR-US: Rowhammer hardware vulnerability on Android devices
 	NOTE: https://www.vusec.net/projects/drammer/
-CVE-2016-6727 (The Qualcomm GPS subsystem in Android on Android One devices allows ...)
+CVE-2016-6727
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6726 (Unspecified vulnerability in Qualcomm components in Android on Nexus 6 ...)
+CVE-2016-6726
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6725 (A remote code execution vulnerability in the Qualcomm crypto driver in ...)
+CVE-2016-6725
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6724 (A denial of service vulnerability in the Input Manager Service in ...)
+CVE-2016-6724
 	NOT-FOR-US: Android
-CVE-2016-6723 (A denial of service vulnerability in Proxy Auto Config in Android 4.x ...)
+CVE-2016-6723
 	NOT-FOR-US: Android
-CVE-2016-6722 (An information disclosure vulnerability in libstagefright in ...)
+CVE-2016-6722
 	NOT-FOR-US: libstagefright
-CVE-2016-6721 (An information disclosure vulnerability in Mediaserver in Android 6.x ...)
+CVE-2016-6721
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6720 (An information disclosure vulnerability in libstagefright in ...)
+CVE-2016-6720
 	NOT-FOR-US: libstagefright
-CVE-2016-6719 (An elevation of privilege vulnerability in the Bluetooth component in ...)
+CVE-2016-6719
 	NOT-FOR-US: Android
-CVE-2016-6718 (An elevation of privilege vulnerability in the Account Manager Service ...)
+CVE-2016-6718
 	NOT-FOR-US: Android
-CVE-2016-6717 (An elevation of privilege vulnerability in Mediaserver in Android 4.x ...)
+CVE-2016-6717
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6716 (An elevation of privilege vulnerability in the AOSP Launcher in ...)
+CVE-2016-6716
 	NOT-FOR-US: Android
-CVE-2016-6715 (An elevation of privilege vulnerability in the Framework APIs in ...)
+CVE-2016-6715
 	NOT-FOR-US: Android
-CVE-2016-6714 (A remote denial of service vulnerability in Mediaserver in Android 6.x ...)
+CVE-2016-6714
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6713 (A remote denial of service vulnerability in Mediaserver in Android 6.x ...)
+CVE-2016-6713
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6712 (A remote denial of service vulnerability in libvpx in Mediaserver in ...)
+CVE-2016-6712
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minpr issue)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/fdb1b40e7bb147c07bda988c9501ad223795d12d
-CVE-2016-6711 (A remote denial of service vulnerability in libvpx in Mediaserver in ...)
+CVE-2016-6711
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minpr issue)
 	[wheezy] - libvpx <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: Wheezy is confirmed (by code inspection) to have vulnerable source.
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/063be1485e0099bc81ace3a08b0ec9186dcad693
-CVE-2016-6710 (An information disclosure vulnerability in the download manager in ...)
+CVE-2016-6710
 	NOT-FOR-US: Android
-CVE-2016-6709 (An information disclosure vulnerability in Conscrypt and BoringSSL in ...)
+CVE-2016-6709
 	NOT-FOR-US: Android
-CVE-2016-6708 (An elevation of privilege in the System UI in Android 7.0 before ...)
+CVE-2016-6708
 	NOT-FOR-US: Android
-CVE-2016-6707 (An elevation of privilege vulnerability in System Server in Android ...)
+CVE-2016-6707
 	NOT-FOR-US: Android
-CVE-2016-6706 (An elevation of privilege vulnerability in libstagefright in ...)
+CVE-2016-6706
 	NOT-FOR-US: libstagefright
-CVE-2016-6705 (An elevation of privilege vulnerability in Mediaserver in Android ...)
+CVE-2016-6705
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6704 (An elevation of privilege vulnerability in Mediaserver in Android 4.x ...)
+CVE-2016-6704
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6703 (A remote code execution vulnerability in an Android runtime library in ...)
+CVE-2016-6703
 	NOT-FOR-US: Android
-CVE-2016-6702 (A remote code execution vulnerability in libjpeg in Android 4.x before ...)
+CVE-2016-6702
 	- libjpeg-turbo <not-affected> (Android-specific patch, jpeg_open_backing_store in standard releases is just a stub)
-CVE-2016-6701 (A remote code execution vulnerability in libskia in Android 7.0 before ...)
+CVE-2016-6701
 	- skia <itp> (bug #818180)
-CVE-2016-6700 (An elevation of privilege vulnerability in libzipfile in Android 4.x ...)
+CVE-2016-6700
 	NOT-FOR-US: Android
-CVE-2016-6699 (A remote code execution vulnerability in libstagefright in Mediaserver ...)
+CVE-2016-6699
 	NOT-FOR-US: libstagefright
-CVE-2016-6698 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-6698
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-6697
 	RESERVED
-CVE-2016-6696 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 ...)
+CVE-2016-6696
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6695 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 ...)
+CVE-2016-6695
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6694 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 ...)
+CVE-2016-6694
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6693 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 ...)
+CVE-2016-6693
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6692 (drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in ...)
+CVE-2016-6692
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6691 (service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi ...)
+CVE-2016-6691
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6690 (The sound driver in the kernel in Android before 2016-10-05 on Nexus ...)
+CVE-2016-6690
 	NOT-FOR-US: Sound driver for Android
-CVE-2016-6689 (Binder in the kernel in Android before 2016-10-05 on Nexus devices ...)
+CVE-2016-6689
 	NOT-FOR-US: Android Binder
-CVE-2016-6688 (The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices ...)
+CVE-2016-6688
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6687 (The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices ...)
+CVE-2016-6687
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6686 (The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices ...)
+CVE-2016-6686
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6685 (The kernel in Android before 2016-10-05 on Nexus 6P devices allows ...)
+CVE-2016-6685
 	NOT-FOR-US: Android kernel for Nexus devices
-CVE-2016-6684 (The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, ...)
+CVE-2016-6684
 	NOT-FOR-US: Android kernel for Nexus devices
-CVE-2016-6683 (The kernel in Android before 2016-10-05 on Nexus devices allows ...)
+CVE-2016-6683
 	NOT-FOR-US: Android kernel for Nexus devices
-CVE-2016-6682 (drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver ...)
+CVE-2016-6682
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6681 (drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver ...)
+CVE-2016-6681
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6680 (CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android ...)
+CVE-2016-6680
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6679 (CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in ...)
+CVE-2016-6679
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6678 (The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 ...)
+CVE-2016-6678
 	NOT-FOR-US: Motorola driver for Android
-CVE-2016-6677 (The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices ...)
+CVE-2016-6677
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6676 (Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi ...)
+CVE-2016-6676
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6675 (Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm ...)
+CVE-2016-6675
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6674 (system_server in Android before 2016-10-05 on Nexus devices allows ...)
+CVE-2016-6674
 	- android <itp> (bug #459219)
-CVE-2016-6673 (The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 ...)
+CVE-2016-6673
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6672 (The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus ...)
+CVE-2016-6672
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-10051 (Use-after-free vulnerability in the ReadPWPImage function in ...)
+CVE-2016-10051
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #834183)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-6833 (Use-after-free vulnerability in the vmxnet3_io_bar0_write function in ...)
+CVE-2016-6833
 	{DLA-1497-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834904)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -12103,7 +12103,7 @@ CVE-2016-6833 (Use-after-free vulnerability in the vmxnet3_io_bar0_write functio
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1
-CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in ...)
+CVE-2016-6834
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834905)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, packet abstraction introduced in 1.5)
@@ -12112,7 +12112,7 @@ CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ead315e43ea0c2ca3491209c6c8db8ce3f2bbe05
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/8
-CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in ...)
+CVE-2016-6835
 	{DLA-1497-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #835031)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -12120,7 +12120,7 @@ CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/7
-CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...)
+CVE-2016-6836
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834944)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -12129,21 +12129,21 @@ CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1366369
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/5
-CVE-2016-6671 (The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 ...)
+CVE-2016-6671
 	- ffmpeg 7:3.1.2-1
-CVE-2016-6670 (Huawei S7700, S9300, S9700, and S12700 devices with software before ...)
+CVE-2016-6670
 	NOT-FOR-US: Huawei
-CVE-2016-6669 (Buffer overflow in the Authentication, Authorization and Accounting ...)
+CVE-2016-6669
 	NOT-FOR-US: Huawei
-CVE-2016-6668 (The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 ...)
+CVE-2016-6668
 	NOT-FOR-US: Atlassian Hipchat Integration Plugin for Bitbucket Server
-CVE-2016-6667 (NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through ...)
+CVE-2016-6667
 	NOT-FOR-US: NetApp
 CVE-2016-6666
 	RESERVED
 CVE-2016-6665
 	RESERVED
-CVE-2016-6664 (mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and ...)
+CVE-2016-6664
 	{DSA-3770-1}
 	- mariadb-10.1 10.1.21-1 (bug #849435; bug #851759)
 	- mariadb-10.0 <removed> (bug #842895; bug #851755)
@@ -12155,7 +12155,7 @@ CVE-2016-6664 (mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32,
 	NOTE: http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
 	NOTE: Possible fixed by: https://github.com/MariaDB/server/commit/684a165f28b3718160a3e4c5ebd18a465d85e97c
 	NOTE: https://mariadb.com/blog/update-security-vulnerabilities-cve-2016-6663-and-cve-2016-6664-related-mariadb-server
-CVE-2016-6663 (Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, ...)
+CVE-2016-6663
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -12168,7 +12168,7 @@ CVE-2016-6663 (Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
 	NOTE: Fixed in Oracle MySQL: 5.5.52, 5.6.33, and 5.7.15.
 	NOTE: http://legalhackers.com/advisories/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-OCVE-2016-5616-Exploit.html
-CVE-2016-6662 (Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through ...)
+CVE-2016-6662
 	{DSA-3666-1 DLA-624-1}
 	- mariadb-10.0 10.0.27-1
 	[jessie] - mariadb-10.0 10.0.27-0+deb8u1
@@ -12192,156 +12192,156 @@ CVE-2016-6661
 	RESERVED
 CVE-2016-6660
 	REJECTED
-CVE-2016-6659 (Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, ...)
+CVE-2016-6659
 	NOT-FOR-US: Pivotal
-CVE-2016-6658 (Applications in cf-release before 245 can be configured and pushed ...)
+CVE-2016-6658
 	NOT-FOR-US: cf-release
-CVE-2016-6657 (An open redirect vulnerability has been detected with some Pivotal ...)
+CVE-2016-6657
 	NOT-FOR-US: Pivotal
-CVE-2016-6656 (An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation ...)
+CVE-2016-6656
 	NOT-FOR-US: Pivotal
-CVE-2016-6655 (An issue was discovered in Cloud Foundry Foundation Cloud Foundry ...)
+CVE-2016-6655
 	NOT-FOR-US: Cloud Foundry
 CVE-2016-6654
 	REJECTED
-CVE-2016-6653 (The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) ...)
+CVE-2016-6653
 	NOT-FOR-US: Pivotal
-CVE-2016-6652 (SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 ...)
+CVE-2016-6652
 	NOT-FOR-US: Pivotal Spring Data
-CVE-2016-6651 (The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before ...)
+CVE-2016-6651
 	NOT-FOR-US: Pivotal
-CVE-2016-6650 (EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual ...)
+CVE-2016-6650
 	NOT-FOR-US: EMC
-CVE-2016-6649 (EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for ...)
+CVE-2016-6649
 	NOT-FOR-US: EMC
-CVE-2016-6648 (EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for ...)
+CVE-2016-6648
 	NOT-FOR-US: EMC
-CVE-2016-6647 (Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 4.0.1 ...)
+CVE-2016-6647
 	NOT-FOR-US: EMC
-CVE-2016-6646 (The vApp Managers web application in EMC Unisphere for VMAX Virtual ...)
+CVE-2016-6646
 	NOT-FOR-US: VMAX
-CVE-2016-6645 (The vApp Managers web application in EMC Unisphere for VMAX Virtual ...)
+CVE-2016-6645
 	NOT-FOR-US: VMAX
-CVE-2016-6644 (EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows ...)
+CVE-2016-6644
 	NOT-FOR-US: EMC
-CVE-2016-6643 (Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 ...)
+CVE-2016-6643
 	NOT-FOR-US: EMC
-CVE-2016-6642 (Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before ...)
+CVE-2016-6642
 	NOT-FOR-US: EMC
-CVE-2016-6641 (Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 ...)
+CVE-2016-6641
 	NOT-FOR-US: EMC
 CVE-2016-6640
 	REJECTED
-CVE-2016-6639 (Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP ...)
+CVE-2016-6639
 	NOT-FOR-US: Pivotal
 CVE-2016-6638
 	REJECTED
-CVE-2016-6637 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pivotal ...)
+CVE-2016-6637
 	NOT-FOR-US: Pivotal
-CVE-2016-6636 (The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) ...)
+CVE-2016-6636
 	NOT-FOR-US: Pivotal
 CVE-2016-1000038
 	RESERVED
-CVE-2016-10050 (Heap-based buffer overflow in the ReadRLEImage function in ...)
+CVE-2016-10050
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833744)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10049 (Buffer overflow in the ReadRLEImage function in coders/rle.c in ...)
+CVE-2016-10049
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833743)
 	[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced in a version after 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10048 (Directory traversal vulnerability in magick/module.c in ImageMagick ...)
+CVE-2016-10048
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.5.7+dfsg-1 (bug #833735)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10047 (Memory leak in the NewXMLTree function in magick/xml-tree.c in ...)
+CVE-2016-10047
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833732)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present in version 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10046 (Heap-based buffer overflow in the DrawImage function in magick/draw.c ...)
+CVE-2016-10046
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833730)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-6887 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not ...)
+CVE-2016-6887
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6886 (The pstm_reverse function in MatrixSSL before 3.8.4 allows remote ...)
+CVE-2016-6886
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6885 (The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote ...)
+CVE-2016-6885
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6884 (TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before ...)
+CVE-2016-6884
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6883 (MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote ...)
+CVE-2016-6883
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: Fixed in 3.8.3 https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.md#changes-in-383
 	NOTE: https://robotattack.org/
-CVE-2016-6882 (MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is ...)
+CVE-2016-6882
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6635 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2016-6635
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.5+dfsg-1
 	NOTE: https://github.com/WordPress/WordPress/commit/9b7a7754133c50b82bd9d976fb5b24094f658aab
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37143
-CVE-2016-6634 (Cross-site scripting (XSS) vulnerability in the network settings page ...)
+CVE-2016-6634
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.5+dfsg-1
 	NOTE: http://codex.wordpress.org/Version_4.5
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37124
 	NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9
-CVE-2016-6633 (An issue was discovered in phpMyAdmin. phpMyAdmin can be used to ...)
+CVE-2016-6633
 	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: dbase extension not available in Debian
-CVE-2016-6632 (An issue was discovered in phpMyAdmin where, under certain conditions, ...)
+CVE-2016-6632
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-55/
-CVE-2016-6631 (An issue was discovered in phpMyAdmin. A user can execute a remote ...)
+CVE-2016-6631
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-54/
-CVE-2016-6630 (An issue was discovered in phpMyAdmin. An authenticated user can ...)
+CVE-2016-6630
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-53/
-CVE-2016-6629 (An issue was discovered in phpMyAdmin involving the ...)
+CVE-2016-6629
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-52/
-CVE-2016-6628 (An issue was discovered in phpMyAdmin. An attacker may be able to ...)
+CVE-2016-6628
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-51/
-CVE-2016-6627 (An issue was discovered in phpMyAdmin. An attacker can determine the ...)
+CVE-2016-6627
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Not critical enough)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-50/
-CVE-2016-6626 (An issue was discovered in phpMyAdmin. An attacker could redirect a ...)
+CVE-2016-6626
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-49/
-CVE-2016-6625 (An issue was discovered in phpMyAdmin. An attacker can determine ...)
+CVE-2016-6625
 	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-48/
 	NOTE: The solution is to remove a configuration option. This option
@@ -12350,105 +12350,105 @@ CVE-2016-6625 (An issue was discovered in phpMyAdmin. An attacker can determine
 	NOTE: printing can show more information than what should be used in
 	NOTE: a production environment. This is the motivation that it is not
 	NOTE: solved for wheezy.
-CVE-2016-6624 (An issue was discovered in phpMyAdmin involving improper enforcement ...)
+CVE-2016-6624
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-47/
-CVE-2016-6623 (An issue was discovered in phpMyAdmin. An authorized user can cause a ...)
+CVE-2016-6623
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-46/
-CVE-2016-6622 (An issue was discovered in phpMyAdmin. An unauthenticated user is able ...)
+CVE-2016-6622
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-45/
-CVE-2016-6621 (The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before ...)
+CVE-2016-6621
 	{DLA-1415-1 DLA-834-1}
 	- phpmyadmin 4:4.6.6-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-44/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/issues/12481
-CVE-2016-6620 (An issue was discovered in phpMyAdmin. Some data is passed to the PHP ...)
+CVE-2016-6620
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-43/
-CVE-2016-6619 (An issue was discovered in phpMyAdmin. In the user interface ...)
+CVE-2016-6619
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-42/
-CVE-2016-6618 (An issue was discovered in phpMyAdmin. The transformation feature ...)
+CVE-2016-6618
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-41/
-CVE-2016-6617 (An issue was discovered in phpMyAdmin. A specially crafted database ...)
+CVE-2016-6617
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <not-affected> (Only affects 4.6.x)
 	[wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x)
-CVE-2016-6616 (An issue was discovered in phpMyAdmin. In the &quot;User group&quot; and ...)
+CVE-2016-6616
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Only affects 4.4.x onward)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-39/
-CVE-2016-6615 (XSS issues were discovered in phpMyAdmin. This affects navigation pane ...)
+CVE-2016-6615
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-38/
-CVE-2016-6614 (An issue was discovered in phpMyAdmin involving the %u username ...)
+CVE-2016-6614
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-37/
-CVE-2016-6613 (An issue was discovered in phpMyAdmin. A user can specially craft a ...)
+CVE-2016-6613
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-36/
-CVE-2016-6612 (An issue was discovered in phpMyAdmin. A user can exploit the LOAD ...)
+CVE-2016-6612
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-35/
-CVE-2016-6611 (An issue was discovered in phpMyAdmin. A specially crafted database ...)
+CVE-2016-6611
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-34/
-CVE-2016-6610 (A full path disclosure vulnerability was discovered in phpMyAdmin ...)
+CVE-2016-6610
 	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-33/
 	NOTE: Not relevant to packaged version in Debian
-CVE-2016-6609 (An issue was discovered in phpMyAdmin. A specially crafted database ...)
+CVE-2016-6609
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-32/
-CVE-2016-6608 (XSS issues were discovered in phpMyAdmin. This affects the database ...)
+CVE-2016-6608
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <not-affected> (Only affects 4.6.x)
 	[wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x)
-CVE-2016-6607 (XSS issues were discovered in phpMyAdmin. This affects Zoom search ...)
+CVE-2016-6607
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-30/
-CVE-2016-6606 (An issue was discovered in cookie encryption in phpMyAdmin. The ...)
+CVE-2016-6606
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/
-CVE-2016-6605 (Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to ...)
+CVE-2016-6605
 	NOT-FOR-US: Impala
-CVE-2016-6604 (NULL pointer dereference in Samsung Exynos fimg2d driver for Android ...)
+CVE-2016-6604
 	NOT-FOR-US: Samsung
-CVE-2016-7513 (Off-by-one error in magick/cache.c in ImageMagick allows remote ...)
+CVE-2016-7513
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832455)
 	[wheezy] - imagemagick <not-affected> (Affected code does not exist in version 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723
-CVE-2016-7514 (The ReadPSDChannelPixels function in coders/psd.c in ImageMagick ...)
+CVE-2016-7514
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832457)
 	NOTE: https://bugs.launchpad.net/bugs/1533442
@@ -12458,52 +12458,52 @@ CVE-2016-7514 (The ReadPSDChannelPixels function in coders/psd.c in ImageMagick
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7515 (The ReadRLEImage function in coders/rle.c in ImageMagick allows remote ...)
+CVE-2016-7515
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832461)
 	NOTE: https://bugs.launchpad.net/bugs/1533445
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7516 (The ReadVIFFImage function in coders/viff.c in ImageMagick allows ...)
+CVE-2016-7516
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533452
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/77
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7517 (The EncodeImage function in coders/pict.c in ImageMagick allows remote ...)
+CVE-2016-7517
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533449
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/80
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7518 (The ReadSUNImage function in coders/sun.c in ImageMagick allows remote ...)
+CVE-2016-7518
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533447
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/81
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7519 (The ReadRLEImage function in coders/rle.c in ImageMagick allows remote ...)
+CVE-2016-7519
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533445
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7520 (Heap-based buffer overflow in coders/hdr.c in ImageMagick allows ...)
+CVE-2016-7520
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832469)
 	NOTE: https://bugs.launchpad.net/bugs/1537213
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/90
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7521 (Heap-based buffer overflow in coders/psd.c in ImageMagick allows ...)
+CVE-2016-7521
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832474)
 	NOTE: https://bugs.launchpad.net/bugs/1537418
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/92
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7522 (The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows ...)
+CVE-2016-7522
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832475)
 	NOTE: https://bugs.launchpad.net/bugs/1537419
@@ -12523,7 +12523,7 @@ CVE-2016-7524
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832478)
 	NOTE: https://bugs.launchpad.net/bugs/1537422
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/96
-CVE-2016-7525 (Heap-based buffer overflow in coders/psd.c in ImageMagick allows ...)
+CVE-2016-7525
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832480)
 	[wheezy] - imagemagick <not-affected> (The affected function, GetPSDRowSize, does not exist in version 6.7.7.10)
@@ -12531,7 +12531,7 @@ CVE-2016-7525 (Heap-based buffer overflow in coders/psd.c in ImageMagick allows
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/98
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7526 (coders/wpg.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2016-7526
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832482)
 	NOTE: https://bugs.launchpad.net/bugs/1539050
@@ -12539,21 +12539,21 @@ CVE-2016-7526 (coders/wpg.c in ImageMagick allows remote attackers to cause a de
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7527 (coders/wpg.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2016-7527
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832482)
 	NOTE: https://bugs.launchpad.net/bugs/1542115
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/122
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7528 (The ReadVIFFImage function in coders/viff.c in ImageMagick allows ...)
+CVE-2016-7528
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832483)
 	NOTE: https://bugs.launchpad.net/bugs/1537425
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/99
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7529 (coders/xcf.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2016-7529
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832504)
 	NOTE: https://bugs.launchpad.net/bugs/1539051
@@ -12562,7 +12562,7 @@ CVE-2016-7529 (coders/xcf.c in ImageMagick allows remote attackers to cause a de
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/103
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7530 (The quantum handling code in ImageMagick allows remote attackers to ...)
+CVE-2016-7530
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832506)
 	NOTE: https://bugs.launchpad.net/bugs/1539067
@@ -12573,91 +12573,91 @@ CVE-2016-7530 (The quantum handling code in ImageMagick allows remote attackers
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/110
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7531 (MagickCore/memory.c in ImageMagick allows remote attackers to cause a ...)
+CVE-2016-7531
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832633)
 	NOTE: https://bugs.launchpad.net/bugs/1539061
 	NOTE: https://bugs.launchpad.net/bugs/1542112
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/107
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7532 (coders/psd.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2016-7532
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832776)
 	NOTE: https://bugs.launchpad.net/bugs/1539066
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/109
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7533 (The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote ...)
+CVE-2016-7533
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832780)
 	NOTE: https://bugs.launchpad.net/bugs/1542114
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/120
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7534 (The generic decoder in ImageMagick allows remote attackers to cause a ...)
+CVE-2016-7534
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832785)
 	NOTE: https://bugs.launchpad.net/bugs/1542785
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/126
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7535 (coders/psd.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2016-7535
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832787)
 	NOTE: https://bugs.launchpad.net/bugs/1545180
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/128
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7536 (magick/profile.c in ImageMagick allows remote attackers to cause a ...)
+CVE-2016-7536
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832789)
 	NOTE: https://bugs.launchpad.net/bugs/1545367
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/130
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7537 (MagickCore/memory.c in ImageMagick allows remote attackers to cause a ...)
+CVE-2016-7537
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832791)
 	NOTE: https://bugs.launchpad.net/bugs/1553366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/143
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7538 (coders/psd.c in ImageMagick allows remote attackers to cause a denial ...)
+CVE-2016-7538
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832793)
 	NOTE: https://bugs.launchpad.net/bugs/1556273
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/148
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/53c1dcd34bed85181b901bfce1a2322f85a59472
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7539 (Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows ...)
+CVE-2016-7539
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833101)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7540 (coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to ...)
+CVE-2016-7540
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #827643)
 	[wheezy] - imagemagick <not-affected> (RGF coder is not present in version 6.7.7.10)
 	NOTE: https://bugs.launchpad.net/bugs/1594060
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/223
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-6603 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to ...)
+CVE-2016-6603
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6602 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm ...)
+CVE-2016-6602
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6601 (Directory traversal vulnerability in the file download functionality ...)
+CVE-2016-6601
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6600 (Directory traversal vulnerability in the file upload functionality in ...)
+CVE-2016-6600
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6599 (BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET ...)
+CVE-2016-6599
 	NOT-FOR-US: BMC Track-It!
-CVE-2016-6598 (BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET ...)
+CVE-2016-6598
 	NOT-FOR-US: BMC Track-It!
-CVE-2016-6597 (Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus ...)
+CVE-2016-6597
 	NOT-FOR-US: Sophos EAS Proxy
 	NOTE: https://www.pallas.com/advisories/sophos_eas_open_reverse_proxy_vulnerability
 CVE-2016-6596
 	RESERVED
-CVE-2016-6594 (Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and ...)
+CVE-2016-6594
 	NOT-FOR-US: Blue Coat
 CVE-2016-6593
 	RESERVED
@@ -12682,13 +12682,13 @@ CVE-2016-6584
 	RESERVED
 CVE-2016-6583
 	RESERVED
-CVE-2016-6582 (The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers ...)
+CVE-2016-6582
 	- ruby-doorkeeper 4.2.0-3 (bug #834843)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/commit/fb938051777a3c9cb071e96fc66458f8f615bd53
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/875
 CVE-2016-6579
 	REJECTED
-CVE-2016-6578 (CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a ...)
+CVE-2016-6578
 	NOT-FOR-US: CodeLathe FileCloud
 CVE-2016-6577
 	RESERVED
@@ -12710,81 +12710,81 @@ CVE-2016-6569
 	RESERVED
 CVE-2016-6568
 	RESERVED
-CVE-2016-6567 (SHDesigns' Resident Download Manager provides firmware update ...)
+CVE-2016-6567
 	NOT-FOR-US: SHDesigns
-CVE-2016-6566 (The valueAsString parameter inside the JSON payload contained by the ...)
+CVE-2016-6566
 	NOT-FOR-US: Sungard
-CVE-2016-6565 (The Imagely NextGen Gallery plugin for Wordpress prior to version ...)
+CVE-2016-6565
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-6564 (Android devices with code from Ragentek contain a privileged binary ...)
+CVE-2016-6564
 	NOT-FOR-US: Ragentek
-CVE-2016-6563 (Processing malformed SOAP messages when performing the HNAP Login ...)
+CVE-2016-6563
 	NOT-FOR-US: HNAP
-CVE-2016-6562 (On iOS and Android devices, the ShoreTel Mobility Client app version ...)
+CVE-2016-6562
 	NOT-FOR-US: ShoreTel Mobility Client
-CVE-2016-6561 (illumos smbsrv NULL pointer dereference allows system crash. ...)
+CVE-2016-6561
 	NOT-FOR-US: illumos
-CVE-2016-6560 (illumos osnet-incorporation bcopy() and bzero() implementations make ...)
+CVE-2016-6560
 	NOT-FOR-US: illumos
-CVE-2016-6559 (Improper bounds checking of the obuf variable in the link_ntoa() ...)
+CVE-2016-6559
 	NOT-FOR-US: freebsd libc
-CVE-2016-6558 (A command injection vulnerability exists in apply.cgi on the ASUS ...)
+CVE-2016-6558
 	NOT-FOR-US: ASUS
-CVE-2016-6557 (In ASUS RP-AC52 access points with firmware version 1.0.1.1s and ...)
+CVE-2016-6557
 	NOT-FOR-US: ASUS RP-AC52 access points
 CVE-2016-6556
 	RESERVED
 CVE-2016-6555
 	RESERVED
-CVE-2016-6554 (Synology NAS servers DS107, firmware version 3.1-1639 and prior, and ...)
+CVE-2016-6554
 	NOT-FOR-US: Synology
-CVE-2016-6553 (Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses ...)
+CVE-2016-6553
 	NOT-FOR-US: Nuuo NT-4040 Titan
-CVE-2016-6552 (Green Packet DX-350 uses non-random default credentials of: ...)
+CVE-2016-6552
 	NOT-FOR-US: Green Packet DX-350
-CVE-2016-6551 (Intellian Satellite TV antennas t-Series and v-Series, firmware ...)
+CVE-2016-6551
 	NOT-FOR-US: Intellian
-CVE-2016-6550 (The U by BB&amp;T app 1.5.4 and earlier for iOS does not properly verify ...)
+CVE-2016-6550
 	NOT-FOR-US: BB&T
-CVE-2016-6549 (The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, ...)
+CVE-2016-6549
 	NOT-FOR-US: Zizai Tech Nut device
-CVE-2016-6548 (The Zizai Tech Nut mobile app makes requests via HTTP instead of ...)
+CVE-2016-6548
 	NOT-FOR-US: Zizai Tech Nut mobile app
-CVE-2016-6547 (The Zizai Tech Nut mobile app stores the account password used to ...)
+CVE-2016-6547
 	NOT-FOR-US: Zizai Tech Nut mobile app
-CVE-2016-6546 (The iTrack Easy mobile application stores the account password used to ...)
+CVE-2016-6546
 	NOT-FOR-US: iTrack
-CVE-2016-6545 (Session cookies are not used for maintaining valid sessions in iTrack ...)
+CVE-2016-6545
 	NOT-FOR-US: iTrack
-CVE-2016-6544 (getgps data in iTrack Easy can be modified without authentication by ...)
+CVE-2016-6544
 	NOT-FOR-US: iTrack
-CVE-2016-6543 (A captured MAC/device ID of an iTrack Easy can be registered under ...)
+CVE-2016-6543
 	NOT-FOR-US: iTrack
-CVE-2016-6542 (The iTrack device tracking ID number, also called &quot;LosserID&quot; in the ...)
+CVE-2016-6542
 	NOT-FOR-US: iTrack
-CVE-2016-6541 (TrackR Bravo device allows unauthenticated pairing, which enables ...)
+CVE-2016-6541
 	NOT-FOR-US: TrackR
-CVE-2016-6540 (Unauthenticated access to the cloud-based service maintained by TrackR ...)
+CVE-2016-6540
 	NOT-FOR-US: TrackR
-CVE-2016-6539 (The Trackr device ID is constructed of a manufacturer identifier of ...)
+CVE-2016-6539
 	NOT-FOR-US: TrackR
-CVE-2016-6538 (The TrackR Bravo mobile app stores the account password used to ...)
+CVE-2016-6538
 	NOT-FOR-US: TrackR
-CVE-2016-6537 (AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store ...)
+CVE-2016-6537
 	NOT-FOR-US: AVer
-CVE-2016-6536 (The /setup URI on AVer Information EH6108H+ devices with firmware ...)
+CVE-2016-6536
 	NOT-FOR-US: AVer
-CVE-2016-6535 (AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have ...)
+CVE-2016-6535
 	NOT-FOR-US: AVer
-CVE-2016-6534 (Opmantek NMIS before 4.3.7c has command injection via man, finger, ...)
+CVE-2016-6534
 	NOT-FOR-US: Opmantek NMIS
 CVE-2016-6533
 	RESERVED
-CVE-2016-6532 (DEXIS Imaging Suite 10 has a hardcoded password for the sa account, ...)
+CVE-2016-6532
 	NOT-FOR-US: DEXIS
-CVE-2016-6531 (** DISPUTED ** Open Dental 16.1 and earlier has a hardcoded MySQL root ...)
+CVE-2016-6531
 	NOT-FOR-US: Open Dental
-CVE-2016-6530 (Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default ...)
+CVE-2016-6530
 	NOT-FOR-US: Dentsply Sirona
 CVE-2016-6529
 	RESERVED
@@ -12792,28 +12792,28 @@ CVE-2016-6528
 	RESERVED
 CVE-2016-6524
 	RESERVED
-CVE-2016-6527 (The SmartCall Activity component in Telecom application on Samsung ...)
+CVE-2016-6527
 	NOT-FOR-US: Samsung
 	NOTE: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
-CVE-2016-6526 (The SpamCall Activity component in Telecom application on Samsung Note ...)
+CVE-2016-6526
 	NOT-FOR-US: Samsung
 	NOTE: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
-CVE-2016-6595 (** DISPUTED ** The SwarmKit toolkit 1.12.0 for Docker allows remote ...)
+CVE-2016-6595
 	- docker.io <not-affected> (Only affects Docker 1.12)
 	NOTE: http://seclists.org/oss-sec/2016/q3/198
-CVE-2016-6581 (A HTTP/2 implementation built using any version of the Python HPACK ...)
+CVE-2016-6581
 	- python-hpack 2.3.0-1 (bug #833467)
 	NOTE: https://github.com/python-hyper/hpack/pull/56
-CVE-2016-6580 (A HTTP/2 implementation built using any version of the Python priority ...)
+CVE-2016-6580
 	NOT-FOR-US: Python Priority
 	NOTE: https://github.com/python-hyper/priority/pull/23
-CVE-2016-6519 (Cross-site scripting (XSS) vulnerability in the &quot;Shares&quot; overview in ...)
+CVE-2016-6519
 	- manila-ui 2.5.1-0 (bug #838017)
-CVE-2016-6518 (Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and ...)
+CVE-2016-6518
 	NOT-FOR-US: Huawei
-CVE-2016-6517 (Directory traversal vulnerability in Liferay 5.1.0 allows remote ...)
+CVE-2016-6517
 	NOT-FOR-US: Liferay
-CVE-2016-6515 (The auth_password function in auth-passwd.c in sshd in OpenSSH before ...)
+CVE-2016-6515
 	{DLA-1500-1 DLA-594-1}
 	- openssh 1:7.3p1-1 (bug #833823)
 	NOTE: Fixed by: https://anongit.mindrot.org/openssh.git/commit/?id=fcd135c9df440bcd2d5870405ad3311743d78d97
@@ -12821,43 +12821,43 @@ CVE-2016-6514
 	RESERVED
 CVE-2016-6502
 	RESERVED
-CVE-2016-6501 (JFrog Artifactory before 4.11 allows remote attackers to execute ...)
+CVE-2016-6501
 	NOT-FOR-US: JFrog Artifactory
-CVE-2016-6500 (Unspecified methods in the RACF Connector component before 1.1.1.0 in ...)
+CVE-2016-6500
 	NOT-FOR-US: ForgeRock
 CVE-2016-6499
 	RESERVED
 CVE-2016-6498
 	RESERVED
-CVE-2016-6497 (main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP ...)
+CVE-2016-6497
 	NOT-FOR-US: Groovy LDAP extension
-CVE-2016-6496 (The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x ...)
+CVE-2016-6496
 	NOT-FOR-US: Atlassian Crowd
-CVE-2016-6525 (Heap-based buffer overflow in the pdf_load_mesh_params function in ...)
+CVE-2016-6525
 	{DSA-3655-1 DLA-589-1}
 	- mupdf 1.9a+ds1-1.2 (bug #833417)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=696954
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e
-CVE-2016-6523 (Multiple cross-site scripting (XSS) vulnerabilities in the media ...)
+CVE-2016-6523
 	- dotclear <removed>
 	NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/40d0207e520d
-CVE-2016-6522 (Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in ...)
+CVE-2016-6522
 	NOT-FOR-US: OpenBSD
-CVE-2016-6521 (Cross-site request forgery (CSRF) vulnerability in Grails console (aka ...)
+CVE-2016-6521
 	- grails <itp> (bug #473213)
-CVE-2016-6520 (Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 ...)
+CVE-2016-6520
 	- imagemagick <not-affected> (Only affects imagemagick 7, which isn't packaged yet, bug #833485)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30259&p=136359#p136359
-CVE-2016-6516 (Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c ...)
+CVE-2016-6516
 	- linux 4.7.2-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://git.kernel.org/linus/54dbc15172375641ef03399e8f911d7165eb90fb (v4.5-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/10eec60ce79187686e052092e5383c99b4420a20
-CVE-2016-6495 (NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows ...)
+CVE-2016-6495
 	NOT-FOR-US: NetApp
-CVE-2016-6493 (Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix ...)
+CVE-2016-6493
 	NOT-FOR-US: Citrix
 CVE-2016-XXXX [bruteforcable challenge responses in unprotected logfile]
 	- mongodb 1:2.6.12-1 (bug #833087)
@@ -12866,25 +12866,25 @@ CVE-2016-XXXX [bruteforcable challenge responses in unprotected logfile]
 	NOTE: Fixed in experimental 1:2.6.11-1, first version in unstable 1:2.6.12-1
 	NOTE: https://jira.mongodb.org/browse/SERVER-9476
 	NOTE: Fixed by: https://github.com/mongodb/mongo/commit/f85ceb17b37210eef71e8113162c41368bfd5c12
-CVE-2016-6492 (The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek ...)
+CVE-2016-6492
 	NOT-FOR-US: Out of tree driver from https://github.com/jawad6233/MT6795.kernel
 CVE-2016-6488
 	RESERVED
 CVE-2016-6487
 	RESERVED
-CVE-2016-6486 (Siemens SINEMA Server uses weak permissions for the application ...)
+CVE-2016-6486
 	NOT-FOR-US: Siemens Sinema Server
 	NOTE: http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-321174.pdf
-CVE-2016-6494 (The client in MongoDB uses world-readable permissions on .dbshell ...)
+CVE-2016-6494
 	{DLA-588-1}
 	- mongodb 1:2.6.12-3 (bug #832908)
 	[jessie] - mongodb 1:2.4.10-5+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/29/4
-CVE-2016-6491 (Buffer overflow in the Get8BIMProperty function in ...)
+CVE-2016-6491
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833099)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b
-CVE-2016-6489 (The RSA and DSA decryption code in Nettle makes it easier for ...)
+CVE-2016-6489
 	{DLA-593-1}
 	- nettle 3.3-1 (bug #832983)
 	[jessie] - nettle 2.7.1-5+deb8u2
@@ -12895,11 +12895,11 @@ CVE-2016-6489 (The RSA and DSA decryption code in Nettle makes it easier for ...
 	NOTE: Additionally needed: https://git.lysator.liu.se/nettle/nettle/commit/52b9223126b3f997c00d399166c006ae28669068
 	NOTE: GnuTLS needs an update when/before src:nettle is fixed to continue working with patched src:nettle for CVE-2016-6489
 	NOTE: but not a vulnerability in GnuTLS. Needs https://gitlab.com/gnutls/gnutls/commit/186dc9c2012003587a38d7f4d03edd8da5fe989f
-CVE-2016-6485 (The __construct function in Framework/Encryption/Crypt.php in Magento ...)
+CVE-2016-6485
 	NOT-FOR-US: Magento
-CVE-2016-6484 (CRLF injection vulnerability in Infoblox Network Automation NetMRI ...)
+CVE-2016-6484
 	NOT-FOR-US: Infoblox Network Automation NetMR
-CVE-2016-6513 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x ...)
+CVE-2016-6513
 	- wireshark 2.0.5+ga3be9c6-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -12908,7 +12908,7 @@ CVE-2016-6513 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshar
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=347f071f1b9180563c28b0f3d0627b91eb456c72
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6512 (epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an ...)
+CVE-2016-6512
 	- wireshark 2.0.5+ga3be9c6-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -12917,7 +12917,7 @@ CVE-2016-6512 (epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2193bea3212d74e2a907152055e27d409b59485e
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6511 (epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 ...)
+CVE-2016-6511
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
@@ -12925,7 +12925,7 @@ CVE-2016-6511 (epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56706427f53cc64793870bf072c2c06248ae88f3
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6510 (Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector ...)
+CVE-2016-6510
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
@@ -12933,7 +12933,7 @@ CVE-2016-6510 (Off-by-one error in epan/dissectors/packet-rlc.c in the RLC disse
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47a5fa850b388fcf4ea762073806f01b459820fe
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6509 (epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark ...)
+CVE-2016-6509
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
@@ -12941,7 +12941,7 @@ CVE-2016-6509 (epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6508 (epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x ...)
+CVE-2016-6508
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-44.html
@@ -12949,7 +12949,7 @@ CVE-2016-6508 (epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb
 	NOTE: Affects  2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6507 (epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark ...)
+CVE-2016-6507
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0
 	NOTE: Only affects 1.12, marking 2.0 as fixed
@@ -12958,7 +12958,7 @@ CVE-2016-6507 (epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5a10743258bd016c07ebf6479137fda3d172a0f
 	NOTE: Affects 1.12.0 to 1.12.12, fixed 1.12.13
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6506 (epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x ...)
+CVE-2016-6506
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-42.html
@@ -12966,7 +12966,7 @@ CVE-2016-6506 (epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 , fixed in 2.0.5, 1.12.13
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6505 (epan/dissectors/packet-packetbb.c in the PacketBB dissector in ...)
+CVE-2016-6505
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-41.html
@@ -12974,7 +12974,7 @@ CVE-2016-6505 (epan/dissectors/packet-packetbb.c in the PacketBB dissector in ..
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94e97e45cf614c7bb8fe90c23df52910246b2c95
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6504 (epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark ...)
+CVE-2016-6504
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0
 	NOTE: Only affects 1.12, marking 2.0 as fixed
@@ -12983,13 +12983,13 @@ CVE-2016-6504 (epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wiresh
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9eacbb4d48df647648127b9258f9e5aeeb0c7d99
 	NOTE: Affects 1.12.0 to 1.12.12, fixed in 1.12.13.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6503 (The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit ...)
+CVE-2016-6503
 	- wireshark <not-affected> (Only affects Wireshark on Windows)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-39.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12495
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=581a17af40b84ef0c9e7f41ed0795af345b61ce1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6490 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka ...)
+CVE-2016-6490
 	- qemu 1:2.6+dfsg-3.1 (bug #832767)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Issue introduced later)
@@ -12997,13 +12997,13 @@ CVE-2016-6490 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (ak
 	[wheezy] - qemu-kvm <not-affected> (Issue introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-07/msg06246.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0)
-CVE-2016-6483 (The media-file upload feature in vBulletin before 3.8.7 Patch Level 6, ...)
+CVE-2016-6483
 	NOT-FOR-US: vBulletin
 CVE-2016-6482
 	RESERVED
 CVE-2016-6481
 	RESERVED
-CVE-2016-6480 (Race condition in the ioctl_send_fib function in ...)
+CVE-2016-6480
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: Fixed by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3
@@ -13015,173 +13015,173 @@ CVE-2016-6476
 	RESERVED
 CVE-2016-6475
 	RESERVED
-CVE-2016-6474 (A vulnerability in the implementation of X.509 Version 3 for SSH ...)
+CVE-2016-6474
 	NOT-FOR-US: Cisco
-CVE-2016-6473 (A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series ...)
+CVE-2016-6473
 	NOT-FOR-US: Cisco
-CVE-2016-6472 (A vulnerability in several parameters of the ccmivr page of Cisco ...)
+CVE-2016-6472
 	NOT-FOR-US: Cisco
-CVE-2016-6471 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2016-6471
 	NOT-FOR-US: Cisco
-CVE-2016-6470 (A vulnerability in the installation procedure of the Cisco Hybrid Media ...)
+CVE-2016-6470
 	NOT-FOR-US: Cisco
-CVE-2016-6469 (A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web ...)
+CVE-2016-6469
 	NOT-FOR-US: Cisco
-CVE-2016-6468 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2016-6468
 	NOT-FOR-US: Cisco
-CVE-2016-6467 (A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco ...)
+CVE-2016-6467
 	NOT-FOR-US: Cisco
-CVE-2016-6466 (A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 ...)
+CVE-2016-6466
 	NOT-FOR-US: Cisco
-CVE-2016-6465 (A vulnerability in the content filtering functionality of Cisco AsyncOS ...)
+CVE-2016-6465
 	NOT-FOR-US: Cisco
-CVE-2016-6464 (A vulnerability in the web management interface of the Cisco Unified ...)
+CVE-2016-6464
 	NOT-FOR-US: Cisco
-CVE-2016-6463 (A vulnerability in the email filtering functionality of Cisco AsyncOS ...)
+CVE-2016-6463
 	NOT-FOR-US: Cisco
-CVE-2016-6462 (A vulnerability in the email filtering functionality of Cisco AsyncOS ...)
+CVE-2016-6462
 	NOT-FOR-US: Cisco
-CVE-2016-6461 (A vulnerability in the HTTP web-based management interface of the Cisco ...)
+CVE-2016-6461
 	NOT-FOR-US: Cisco
-CVE-2016-6460 (A vulnerability in the FTP Representational State Transfer Application ...)
+CVE-2016-6460
 	NOT-FOR-US: Cisco
-CVE-2016-6459 (Cisco TelePresence endpoints running either CE or TC software contain a ...)
+CVE-2016-6459
 	NOT-FOR-US: Cisco
-CVE-2016-6458 (A vulnerability in the content filtering functionality of Cisco AsyncOS ...)
+CVE-2016-6458
 	NOT-FOR-US: Cisco
-CVE-2016-6457 (A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches ...)
+CVE-2016-6457
 	NOT-FOR-US: Cisco
 CVE-2016-6456
 	RESERVED
-CVE-2016-6455 (A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series ...)
+CVE-2016-6455
 	NOT-FOR-US: Cisco
-CVE-2016-6454 (A cross-site request forgery (CSRF) vulnerability in the web interface ...)
+CVE-2016-6454
 	NOT-FOR-US: Cisco
-CVE-2016-6453 (A vulnerability in the web framework code of Cisco Identity Services ...)
+CVE-2016-6453
 	NOT-FOR-US: Cisco
-CVE-2016-6452 (A vulnerability in the web-based graphical user interface (GUI) of ...)
+CVE-2016-6452
 	NOT-FOR-US: Cisco
-CVE-2016-6451 (Multiple vulnerabilities in the web framework code of the Cisco Prime ...)
+CVE-2016-6451
 	NOT-FOR-US: Cisco
-CVE-2016-6450 (A vulnerability in the package unbundle utility of Cisco IOS XE ...)
+CVE-2016-6450
 	NOT-FOR-US: Cisco
-CVE-2016-6449 (A vulnerability in the system management of certain FireAMP system ...)
+CVE-2016-6449
 	NOT-FOR-US: Cisco
-CVE-2016-6448 (A vulnerability in the Session Description Protocol (SDP) parser of ...)
+CVE-2016-6448
 	NOT-FOR-US: Cisco
-CVE-2016-6447 (A vulnerability in Cisco Meeting Server and Meeting App could allow an ...)
+CVE-2016-6447
 	NOT-FOR-US: Cisco Meeting Server and Meeting App
-CVE-2016-6446 (A vulnerability in Web Bridge for Cisco Meeting Server could allow an ...)
+CVE-2016-6446
 	NOT-FOR-US: Cisco
-CVE-2016-6445 (A vulnerability in the Extensible Messaging and Presence Protocol ...)
+CVE-2016-6445
 	NOT-FOR-US: Cisco
-CVE-2016-6444 (A vulnerability in Cisco Meeting Server could allow an unauthenticated, ...)
+CVE-2016-6444
 	NOT-FOR-US: Cisco
-CVE-2016-6443 (A vulnerability in the Cisco Prime Infrastructure and Evolved ...)
+CVE-2016-6443
 	NOT-FOR-US: Cisco
-CVE-2016-6442 (A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software ...)
+CVE-2016-6442
 	NOT-FOR-US: Cisco
-CVE-2016-6441 (A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR ...)
+CVE-2016-6441
 	NOT-FOR-US: Cisco ASR 900 Series Aggregation Services Routers
-CVE-2016-6440 (The Cisco Unified Communications Manager (CUCM) may be vulnerable to ...)
+CVE-2016-6440
 	NOT-FOR-US: Cisco
-CVE-2016-6439 (A vulnerability in the detection engine reassembly of HTTP packets for ...)
+CVE-2016-6439
 	NOT-FOR-US: Cisco
-CVE-2016-6438 (A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 ...)
+CVE-2016-6438
 	NOT-FOR-US: Cisco
-CVE-2016-6437 (A vulnerability in the SSL session cache management of Cisco Wide Area ...)
+CVE-2016-6437
 	NOT-FOR-US: Cisco
-CVE-2016-6436 (Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 ...)
+CVE-2016-6436
 	NOT-FOR-US: Cisco
-CVE-2016-6435 (The web console in Cisco Firepower Management Center 6.0.1 allows ...)
+CVE-2016-6435
 	NOT-FOR-US: Cisco
-CVE-2016-6434 (Cisco Firepower Management Center 6.0.1 has hardcoded database ...)
+CVE-2016-6434
 	NOT-FOR-US: Cisco
-CVE-2016-6433 (The Threat Management Console in Cisco Firepower Management Center ...)
+CVE-2016-6433
 	NOT-FOR-US: Cisco
-CVE-2016-6432 (A vulnerability in the Identity Firewall feature of Cisco ASA Software ...)
+CVE-2016-6432
 	NOT-FOR-US: Cisco
-CVE-2016-6431 (A vulnerability in the local Certificate Authority (CA) feature of ...)
+CVE-2016-6431
 	NOT-FOR-US: Cisco
-CVE-2016-6430 (A vulnerability in the command-line interface of the Cisco IP ...)
+CVE-2016-6430
 	NOT-FOR-US: Cisco
-CVE-2016-6429 (A vulnerability in the web framework code of the Cisco IP ...)
+CVE-2016-6429
 	NOT-FOR-US: Cisco
-CVE-2016-6428 (Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands ...)
+CVE-2016-6428
 	NOT-FOR-US: Cisco
-CVE-2016-6427 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
+CVE-2016-6427
 	NOT-FOR-US: Cisco
-CVE-2016-6426 (The j_spring_security_switch_user function in Cisco Unified ...)
+CVE-2016-6426
 	NOT-FOR-US: Cisco
-CVE-2016-6425 (Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence ...)
+CVE-2016-6425
 	NOT-FOR-US: Cisco
-CVE-2016-6424 (The DHCP Relay implementation in Cisco Adaptive Security Appliance ...)
+CVE-2016-6424
 	NOT-FOR-US: Cisco
-CVE-2016-6423 (The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M ...)
+CVE-2016-6423
 	NOT-FOR-US: Cisco
-CVE-2016-6422 (Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for ...)
+CVE-2016-6422
 	NOT-FOR-US: Cisco
-CVE-2016-6421 (Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of ...)
+CVE-2016-6421
 	NOT-FOR-US: Cisco
-CVE-2016-6420 (Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower ...)
+CVE-2016-6420
 	NOT-FOR-US: Cisco
-CVE-2016-6419 (SQL injection vulnerability in Cisco Firepower Management Center ...)
+CVE-2016-6419
 	NOT-FOR-US: Cisco
-CVE-2016-6418 (Cross-site scripting (XSS) vulnerability in Cisco Videoscape ...)
+CVE-2016-6418
 	NOT-FOR-US: Cisco
-CVE-2016-6417 (Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT ...)
+CVE-2016-6417
 	NOT-FOR-US: Cisco
-CVE-2016-6416 (The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) ...)
+CVE-2016-6416
 	NOT-FOR-US: Cisco
-CVE-2016-6415 (The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and ...)
+CVE-2016-6415
 	NOT-FOR-US: Cisco
-CVE-2016-6414 (iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 ...)
+CVE-2016-6414
 	NOT-FOR-US: Cisco
-CVE-2016-6413 (The installation procedure on Cisco Application Policy Infrastructure ...)
+CVE-2016-6413
 	NOT-FOR-US: Cisco
-CVE-2016-6412 (The Cisco Application-hosting Framework (CAF) component in Cisco IOS ...)
+CVE-2016-6412
 	NOT-FOR-US: Cisco
-CVE-2016-6411 (Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 ...)
+CVE-2016-6411
 	NOT-FOR-US: Cisco
-CVE-2016-6410 (The Cisco Application-hosting Framework (CAF) component in Cisco IOS ...)
+CVE-2016-6410
 	NOT-FOR-US: Cisco
-CVE-2016-6409 (The Data in Motion (DMo) component in Cisco IOS 15.6(1)T and IOS XE, ...)
+CVE-2016-6409
 	NOT-FOR-US: Cisco
-CVE-2016-6408 (Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files ...)
+CVE-2016-6408
 	NOT-FOR-US: Cisco
-CVE-2016-6407 (Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) ...)
+CVE-2016-6407
 	NOT-FOR-US: Cisco
-CVE-2016-6406 (Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, ...)
+CVE-2016-6406
 	NOT-FOR-US: Cisco
-CVE-2016-6405 (Cisco Fog Director 1.0(0) for IOx allows remote authenticated users to ...)
+CVE-2016-6405
 	NOT-FOR-US: Cisco
-CVE-2016-6404 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
+CVE-2016-6404
 	NOT-FOR-US: Cisco
-CVE-2016-6403 (The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, ...)
+CVE-2016-6403
 	NOT-FOR-US: Cisco
-CVE-2016-6402 (UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified ...)
+CVE-2016-6402
 	NOT-FOR-US: Cisco
-CVE-2016-6401 (Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS ...)
+CVE-2016-6401
 	NOT-FOR-US: Cisco
 CVE-2016-6400
 	RESERVED
-CVE-2016-6399 (Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE ...)
+CVE-2016-6399
 	NOT-FOR-US: Cisco
-CVE-2016-6398 (The PPTP server in Cisco IOS 15.5(3)M does not properly initialize ...)
+CVE-2016-6398
 	NOT-FOR-US: Cisco
-CVE-2016-6397 (A vulnerability in the interdevice communications interface of the ...)
+CVE-2016-6397
 	NOT-FOR-US: Cisco
-CVE-2016-6396 (Cisco Firepower Management Center before 6.1 and FireSIGHT System ...)
+CVE-2016-6396
 	NOT-FOR-US: Cisco
-CVE-2016-6395 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+CVE-2016-6395
 	NOT-FOR-US: Cisco
-CVE-2016-6394 (Session fixation vulnerability in Cisco Firepower Management Center ...)
+CVE-2016-6394
 	NOT-FOR-US: Cisco
-CVE-2016-6393 (The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 ...)
+CVE-2016-6393
 	NOT-FOR-US: Cisco
-CVE-2016-6392 (Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow ...)
+CVE-2016-6392
 	NOT-FOR-US: Cisco
-CVE-2016-6391 (Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause ...)
+CVE-2016-6391
 	NOT-FOR-US: Cisco
 CVE-2016-6390
 	REJECTED
@@ -13191,146 +13191,146 @@ CVE-2016-6388
 	REJECTED
 CVE-2016-6387
 	REJECTED
-CVE-2016-6386 (Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows ...)
+CVE-2016-6386
 	NOT-FOR-US: Cisco
-CVE-2016-6385 (Memory leak in the Smart Install client implementation in Cisco IOS ...)
+CVE-2016-6385
 	NOT-FOR-US: Cisco
-CVE-2016-6384 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 ...)
+CVE-2016-6384
 	NOT-FOR-US: Cisco
 CVE-2016-6383
 	REJECTED
-CVE-2016-6382 (Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow ...)
+CVE-2016-6382
 	NOT-FOR-US: Cisco
-CVE-2016-6381 (Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and ...)
+CVE-2016-6381
 	NOT-FOR-US: Cisco
-CVE-2016-6380 (The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 ...)
+CVE-2016-6380
 	NOT-FOR-US: Cisco
-CVE-2016-6379 (Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote ...)
+CVE-2016-6379
 	NOT-FOR-US: Cisco
-CVE-2016-6378 (Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote ...)
+CVE-2016-6378
 	NOT-FOR-US: Cisco
-CVE-2016-6377 (Media Origination System Suite Software 2.6 and earlier in Cisco ...)
+CVE-2016-6377
 	NOT-FOR-US: Cisco
-CVE-2016-6376 (The Adaptive Wireless Intrusion Prevention System (wIPS) feature on ...)
+CVE-2016-6376
 	NOT-FOR-US: Cisco
-CVE-2016-6375 (Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x ...)
+CVE-2016-6375
 	NOT-FOR-US: Cisco
-CVE-2016-6374 (Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers ...)
+CVE-2016-6374
 	NOT-FOR-US: Cisco Cloud Services Platform 2100
-CVE-2016-6373 (The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 ...)
+CVE-2016-6373
 	NOT-FOR-US: Cisco Cloud Services Platform 2100
-CVE-2016-6372 (A vulnerability in the email message and content filtering for ...)
+CVE-2016-6372
 	NOT-FOR-US: Cisco
-CVE-2016-6371 (Directory traversal vulnerability in the web interface in Cisco Hosted ...)
+CVE-2016-6371
 	NOT-FOR-US: Cisco
-CVE-2016-6370 (Directory traversal vulnerability in the web interface in Cisco Hosted ...)
+CVE-2016-6370
 	NOT-FOR-US: Cisco
-CVE-2016-6369 (Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x ...)
+CVE-2016-6369
 	NOT-FOR-US: Cisco
-CVE-2016-6368 (A vulnerability in the detection engine parsing of Pragmatic General ...)
+CVE-2016-6368
 	NOT-FOR-US: Cisco
-CVE-2016-6367 (Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA ...)
+CVE-2016-6367
 	NOT-FOR-US: Cisco
-CVE-2016-6366 (Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software ...)
+CVE-2016-6366
 	NOT-FOR-US: Cisco
-CVE-2016-6365 (Cross-site scripting (XSS) vulnerability in Cisco Firepower Management ...)
+CVE-2016-6365
 	NOT-FOR-US: Cisco
-CVE-2016-6364 (The User Data Services (UDS) API implementation in Cisco Unified ...)
+CVE-2016-6364
 	NOT-FOR-US: Cisco
-CVE-2016-6363 (The rate-limit feature in the 802.11 protocol implementation on Cisco ...)
+CVE-2016-6363
 	NOT-FOR-US: Cisco
-CVE-2016-6362 (Cisco Aironet 1800, 2800, and 3800 devices with software before ...)
+CVE-2016-6362
 	NOT-FOR-US: Cisco
-CVE-2016-6361 (The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco ...)
+CVE-2016-6361
 	NOT-FOR-US: Cisco
-CVE-2016-6360 (A vulnerability in Advanced Malware Protection (AMP) for Cisco Email ...)
+CVE-2016-6360
 	NOT-FOR-US: Cisco
-CVE-2016-6359 (Cross-site scripting (XSS) vulnerability in Cisco Transport Gateway ...)
+CVE-2016-6359
 	NOT-FOR-US: Cisco
-CVE-2016-6358 (A vulnerability in local FTP to the Cisco Email Security Appliance ...)
+CVE-2016-6358
 	NOT-FOR-US: Cisco
-CVE-2016-6357 (A vulnerability in the configured security policies, including drop ...)
+CVE-2016-6357
 	NOT-FOR-US: Cisco
-CVE-2016-6356 (A vulnerability in the email message filtering feature of Cisco AsyncOS ...)
+CVE-2016-6356
 	NOT-FOR-US: Cisco
-CVE-2016-6355 (Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, ...)
+CVE-2016-6355
 	NOT-FOR-US: Cisco
 CVE-2016-6353
 	RESERVED
-CVE-2016-6348 (JacksonJsonpInterceptor in RESTEasy might allow remote attackers to ...)
+CVE-2016-6348
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6347 (Cross-site scripting (XSS) vulnerability in the default exception ...)
+CVE-2016-6347
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6346 (RESTEasy enables GZIPInterceptor, which allows remote attackers to ...)
+CVE-2016-6346
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6345 (RESTEasy allows remote authenticated users to obtain sensitive ...)
+CVE-2016-6345
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6344 (Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly flag in a ...)
+CVE-2016-6344
 	NOT-FOR-US: Red Hat JBoss bpm Suite
-CVE-2016-6343 (JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. ...)
+CVE-2016-6343
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-6342 (elog 3.1.1 allows remote attackers to post data as any username in the ...)
+CVE-2016-6342
 	- elog 3.1.2-1-1 (bug #836505)
 	[jessie] - elog 2.9.2+2014.05.11git44800a7-2+deb8u1
 	NOTE: https://bitbucket.org/ritt/elog/commits/2f6a300572bd6048351af8c45394ae62230c83d9
 	NOTE: https://bitbucket.org/ritt/elog/commits/9ca611aca2b1860efac15f806bf907cc2e6f870a/
-CVE-2016-6341 (oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list ...)
+CVE-2016-6341
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6340 (The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces ...)
+CVE-2016-6340
 	NOT-FOR-US: Red Hat QCI
 CVE-2016-6339
 	REJECTED
-CVE-2016-6338 (ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization ...)
+CVE-2016-6338
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6337 (MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass ...)
+CVE-2016-6337
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6336 (MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before ...)
+CVE-2016-6336
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6335 (MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before ...)
+CVE-2016-6335
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6334 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2016-6334
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	- mediawiki 1:1.27.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6333 (Cross-site scripting (XSS) vulnerability in the CSS user subpage ...)
+CVE-2016-6333
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	- mediawiki 1:1.27.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6332 (MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before ...)
+CVE-2016-6332
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	- mediawiki 1:1.27.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6331 (ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x ...)
+CVE-2016-6331
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6330 (The server in Red Hat JBoss Operations Network (JON), when SSL ...)
+CVE-2016-6330
 	NOT-FOR-US: Red Hat / JBoss Operations Network server
-CVE-2016-6329 (OpenVPN, when using a 64-bit block cipher, makes it easier for remote ...)
+CVE-2016-6329
 	- openvpn <unfixed> (unimportant)
 	NOTE: https://community.openvpn.net/openvpn/wiki/SWEET32
 	NOTE: This is a generic cryptographic weakness, not a vulnerability in OpenVPN per se
-CVE-2016-6328 (A vulnerability was found in libexif. An integer overflow when parsing ...)
+CVE-2016-6328
 	- libexif 0.6.21-2.1 (bug #873022)
 	[stretch] - libexif <no-dsa> (Minor issue)
 	[jessie] - libexif <no-dsa> (Minor issue)
 	[wheezy] - libexif <no-dsa> (Minor issue)
 	NOTE: http://libexif.cvs.sourceforge.net/viewvc/libexif/libexif/libexif/pentax/mnote-pentax-entry.c?r1=1.26&r2=1.27
-CVE-2016-6327 (drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 ...)
+CVE-2016-6327
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -13338,44 +13338,44 @@ CVE-2016-6327 (drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before
 	NOTE: Introduced by: https://git.kernel.org/linus/3e4f574857eebce60bb56d7524f3f9eaa2a126d0 (v3.8-rc1)
 CVE-2016-6326
 	RESERVED
-CVE-2016-6325 (The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, ...)
+CVE-2016-6325
 	- tomcat8 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat7 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat6 <not-affected> (Red Hat and derivatives packaging specific)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1367447
 CVE-2016-6324
 	RESERVED
-CVE-2016-6323 (The makecontext function in the GNU C Library (aka glibc or libc6) ...)
+CVE-2016-6323
 	- glibc 2.24-1 (bug #834752)
 	[jessie] - glibc 2.19-18+deb8u6
 	- eglibc <removed>
 	[wheezy] - eglibc <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20435
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617
-CVE-2016-6322 (Red Hat QuickStart Cloud Installer (QCI) uses world-readable ...)
+CVE-2016-6322
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6321 (Directory traversal vulnerability in the safer_name_suffix function in ...)
+CVE-2016-6321
 	{DSA-3702-1 DLA-690-1}
 	- tar 1.29b-1.1 (bug #842339)
 	NOTE: https://sintonen.fi/advisories/tar-extract-pathname-bypass.txt
 	NOTE: POC in https://sintonen.fi/advisories/tar-poc.tar (etc/shadow should not be extracted when asking for etc/motd)
 	NOTE: Proposed patch by Antoine Beaupre: https://lists.debian.org/debian-lts/2016/10/msg00206.html
 	NOTE: Proposed patch upstream: http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
-CVE-2016-6320 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2016-6320
 	- foreman <itp> (bug #663101)
-CVE-2016-6319 (Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb ...)
+CVE-2016-6319
 	- foreman <itp> (bug #663101)
-CVE-2016-6318 (Stack-based buffer overflow in the FascistGecosUser function in ...)
+CVE-2016-6318
 	{DLA-599-1}
 	- cracklib2 2.9.2-2 (bug #834502)
 	[jessie] - cracklib2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/attachment.cgi?id=1188599
 	NOTE: In Debian compiled with CPPFLAGS="-D_FORTIFY_SOURCE=2" so, at most application crash
-CVE-2016-6317 (Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly ...)
+CVE-2016-6317
 	- rails 2:4.2.7.1-1 (bug #834154)
 	[jessie] - rails <not-affected> (Vulnerable code not present, introduced in 4.2)
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package and introduced in 4.2 anyway)
-CVE-2016-6316 (Cross-site scripting (XSS) vulnerability in Action View in Ruby on ...)
+CVE-2016-6316
 	{DSA-3651-1 DLA-604-1}
 	- rails 2:4.2.7.1-1 (low; bug #834155)
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -13385,7 +13385,7 @@ CVE-2016-6315
 	RESERVED
 CVE-2016-6314
 	RESERVED
-CVE-2016-6313 (The mixing functions in the random number generator in Libgcrypt ...)
+CVE-2016-6313
 	{DSA-3650-1 DSA-3649-1 DLA-602-1 DLA-600-1}
 	- gnupg2 <not-affected> (Uses system libgcrypt)
 	- gnupg1 1.4.21-1 (bug #834894)
@@ -13401,79 +13401,79 @@ CVE-2016-6313 (The mixing functions in the random number generator in Libgcrypt
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=98980e2fd29ad62903c78fa6521489fce651cdda
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=6199cd963d1fba86e0b7b9e2de4b6c00b945193a
 	NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
-CVE-2016-6312 (The mod_dontdothat component of the mod_dav_svn Apache module in ...)
+CVE-2016-6312
 	- apr-util <not-affected> (RHEL-5.11 specific regression)
-CVE-2016-6311 (Get requests in JBoss Enterprise Application Platform (EAP) 7 ...)
+CVE-2016-6311
 	NOT-FOR-US: WildFly / Red Hat JBoss EAP
-CVE-2016-6310 (oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in ...)
+CVE-2016-6310
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6309 (statem/statem.c in OpenSSL 1.1.0a does not consider memory-block ...)
+CVE-2016-6309
 	[experimental] - openssl 1.1.0b-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://www.openssl.org/news/secadv/20160926.txt
-CVE-2016-6308 (statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 ...)
+CVE-2016-6308
 	[experimental] - openssl 1.1.0a-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=48c054fec3506417b2598837b8062aae7114c200
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
-CVE-2016-6307 (The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a ...)
+CVE-2016-6307
 	[experimental] - openssl 1.1.0a-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=c1ef7c971d0bbf117c3c80f65b5875e2e7b024b1
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
-CVE-2016-6306 (The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before ...)
+CVE-2016-6306
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=ff553f837172ecb2b5c8eca257ec3c5619a4b299
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-6305 (The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 ...)
+CVE-2016-6305
 	[experimental] - openssl 1.1.0a-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.1.0a
-CVE-2016-6304 (Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 ...)
+CVE-2016-6304
 	{DSA-3673-1 DLA-637-1}
 	[experimental] - openssl 1.1.0a-1
 	- openssl 1.0.2i-1
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.1.0a, 1.0.2i, 1.0.1u
-CVE-2016-6303 (Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c ...)
+CVE-2016-6303
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=55d83bf7c10c7b205fffa23fa7c3977491e56c07
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-6302 (The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before ...)
+CVE-2016-6302
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=e97763c92c655dcf4af2860b3abd2bc4c8a267f9
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-6301 (The recv_and_process_client_pkt function in networking/ntpd.c in ...)
+CVE-2016-6301
 	- busybox 1:1.27.2-1 (unimportant; bug #833442)
 	NOTE: NTP server not enabled by default in debian/config/pkg/* via CONFIG_NTPD
 	NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71
 CVE-2016-6300
 	REJECTED
-CVE-2016-6299 (The scm plug-in in mock might allow attackers to bypass the intended ...)
+CVE-2016-6299
 	- mock 1.3.2-1 (bug #850320)
 	[jessie] - mock <not-affected> (Parsing is done before, after temporarily dropping super-user privileges at startup)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1375490
 	NOTE: https://github.com/rpm-software-management/mock/commit/8b02f43beadacf6911200b48d94e39e891a41da9 (mock-1.2.21)
-CVE-2016-6298 (The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in ...)
+CVE-2016-6298
 	- python-jwcrypto 0.3.2-1
 	NOTE: https://github.com/latchset/jwcrypto/issues/65
 	NOTE: https://github.com/latchset/jwcrypto/pull/66
 	NOTE: https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba
 	NOTE: Code moved around in git, for 0.3.2 it is in jwe.py
-CVE-2016-6354 (Heap-based buffer overflow in the yy_get_next_buffer function in Flex ...)
+CVE-2016-6354
 	{DSA-3653-2 DSA-3653-1}
 	- flex 2.6.1-1 (bug #832768)
 	[wheezy] - flex <not-affected> (Issue introduced with 2.5.36)
 	NOTE: Intorduced by: https://github.com/westes/flex/commit/9ba3187a537d6a58d345f2874d06087fd4050399 (flex-2-5-36)
 	NOTE: Fixed by: https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466 (v2.6.1)
-CVE-2016-6351 (The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), ...)
+CVE-2016-6351
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #832621)
 	- qemu-kvm <removed>
@@ -13481,9 +13481,9 @@ CVE-2016-6351 (The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emula
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=cc96677469388bad3d66479379735cf75db069e3 (v2.7.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/25/14
 	NOTE: According to maintainer the fix relies on the fix for CVE-2016-4439
-CVE-2016-6350 (OpenBSD 5.8 and 5.9 allows local users to cause a denial of service ...)
+CVE-2016-6350
 	NOT-FOR-US: OpenBSD
-CVE-2016-6349 (The machinectl command in oci-register-machine allows local users to ...)
+CVE-2016-6349
 	NOT-FOR-US: oci-register-machine
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/26/5
 	NOTE: Requirement is that docker containers would register themselves to
@@ -13493,15 +13493,15 @@ CVE-2016-6349 (The machinectl command in oci-register-machine allows local users
 	NOTE: https://github.com/systemd/systemd/issues/3815
 	NOTE: The problem as well only arises with docker fork in RedHat, not with upstream docker
 	NOTE: https://github.com/projectatomic/oci-register-machine/pull/22
-CVE-2016-6287 (The &quot;http-client&quot; egg always used a HTTP_PROXY environment variable to ...)
+CVE-2016-6287
 	NOT-FOR-US: Addons for Chicken
-CVE-2016-6286 (The &quot;spiffy-cgi-handlers&quot; egg would convert a nonexistent &quot;Proxy&quot; ...)
+CVE-2016-6286
 	NOT-FOR-US: Addons for Chicken
-CVE-2016-6285 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2016-6285
 	NOT-FOR-US: Atlassian JIRA
 CVE-2016-6284
 	RESERVED
-CVE-2016-6283 (Cross-site scripting (XSS) vulnerability in Atlassian Confluence ...)
+CVE-2016-6283
 	NOT-FOR-US: Atlassian Confluence
 CVE-2016-6282
 	RESERVED
@@ -13513,26 +13513,26 @@ CVE-2016-6279
 	RESERVED
 CVE-2016-6278
 	RESERVED
-CVE-2016-6277 (NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 ...)
+CVE-2016-6277
 	NOT-FOR-US: Netgear routers
-CVE-2016-6276 (Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual ...)
+CVE-2016-6276
 	NOT-FOR-US: Citrix
 CVE-2016-6275
 	RESERVED
 CVE-2016-6274
 	RESERVED
-CVE-2016-6273 (The lmadmin component in Flexera FlexNet Publisher (aka Flex License ...)
+CVE-2016-6273
 	NOT-FOR-US: Flexera
-CVE-2016-6272 (XPath injection vulnerability in Epic MyChart allows remote attackers ...)
+CVE-2016-6272
 	NOT-FOR-US: EPIC MyChart
-CVE-2016-6297 (Integer overflow in the php_stream_zip_opener function in ...)
+CVE-2016-6297
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72520
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6296 (Integer signedness error in the simplestring_addn function in ...)
+CVE-2016-6296
 	{DSA-3631-1 DLA-628-1 DLA-569-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
@@ -13542,91 +13542,91 @@ CVE-2016-6296 (Integer signedness error in the simplestring_addn function in ...
 	- xmlrpc-epi 0.54.2-1.2 (bug #832959)
 	[jessie] - xmlrpc-epi <no-dsa> (Can be fixed via point release, nothing depending on it in stable)
 	NOTE: In stretch/sid php7.0 is using the system library not the embedded one.
-CVE-2016-6295 (ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x ...)
+CVE-2016-6295
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72479
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=cab1c3b3708eead315e033359d07049b23b147a3
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6294 (The locale_accept_from_http function in ...)
+CVE-2016-6294
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72533
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6293 (The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in ...)
+CVE-2016-6293
 	{DSA-3725-1 DLA-615-1}
 	- icu 57.1-4
 	NOTE: http://bugs.icu-project.org/trac/changeset/39109
 	NOTE: http://bugs.icu-project.org/trac/ticket/12652
 	NOTE: And possibly needs some more follow-up fixes, cf. with upstream changes
 	NOTE: around/later than changeset 39109.
-CVE-2016-6292 (The exif_process_user_comment function in ext/exif/exif.c in PHP ...)
+CVE-2016-6292
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72618
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6291 (The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP ...)
+CVE-2016-6291
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72603
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=eebcbd5de38a0f1c2876035402cb770e37476519
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6290 (ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and ...)
+CVE-2016-6290
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72562
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=3798eb6fd5dddb211b01d41495072fd9858d4e32
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6289 (Integer overflow in the virtual_file_ex function in ...)
+CVE-2016-6289
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72513
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0218acb7e756a469099c4ccfb22bce6c2bd1ef87
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6271 (The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows ...)
+CVE-2016-6271
 	- bzrtp 1.0.2-1.2 (bug #859277)
 	NOTE: Fixed by: https://github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99b
-CVE-2016-6270 (The handle_certificate function in ...)
+CVE-2016-6270
 	NOT-FOR-US: Trend Micro
-CVE-2016-6269 (Multiple directory traversal vulnerabilities in Trend Micro Smart ...)
+CVE-2016-6269
 	NOT-FOR-US: Trend Micro
-CVE-2016-6268 (Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before ...)
+CVE-2016-6268
 	NOT-FOR-US: Trend Micro
-CVE-2016-6267 (SnmpUtils in Trend Micro Smart Protection Server 2.5 before build ...)
+CVE-2016-6267
 	NOT-FOR-US: Trend Micro
-CVE-2016-6266 (ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before ...)
+CVE-2016-6266
 	NOT-FOR-US: Trend Micro
 CVE-2016-6260
 	RESERVED
-CVE-2016-6259 (Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access ...)
+CVE-2016-6259
 	- xen 4.8.0~rc3-1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: http://xenbits.xen.org/xsa/advisory-183.html
-CVE-2016-6258 (The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows ...)
+CVE-2016-6258
 	{DSA-3633-1 DLA-571-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-182.html
-CVE-2016-6257 (The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon ...)
+CVE-2016-6257
 	NOT-FOR-US: Lenovo
-CVE-2016-6256 (SAP Business One for Android 1.2.3 allows remote attackers to conduct ...)
+CVE-2016-6256
 	NOT-FOR-US: SAP
-CVE-2016-6254 (Heap-based buffer overflow in the parse_packet function in network.c ...)
+CVE-2016-6254
 	{DSA-3636-1 DLA-575-1}
 	- collectd 5.5.2-1 (bug #832507)
 	NOTE: https://github.com/collectd/collectd/commit/b589096f907052b3a4da2b9ccc9b0e2e888dfc18
 	NOTE: https://github.com/collectd/collectd/commit/8b4fed9940e02138b7e273e56863df03d1a39ef7
-CVE-2016-6253 (mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, ...)
+CVE-2016-6253
 	NOT-FOR-US: mail.local in NetBSD
-CVE-2016-1000218 (Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF ...)
+CVE-2016-1000218
 	- kibana <itp> (bug #700337)
 CVE-2016-1000212 [Mitigation for HTTPoxy vulnerability]
 	{DSA-3642-1 DLA-583-1}
@@ -13743,97 +13743,97 @@ CVE-2016-1000158
 	RESERVED
 CVE-2016-1000157
 	RESERVED
-CVE-2016-1000156 (Mailcwp remote file upload vulnerability incomplete fix v1.100 ...)
+CVE-2016-1000156
 	NOT-FOR-US: WordPress plugin mailcwp
-CVE-2016-1000155 (Reflected XSS in wordpress plugin wpsolr-search-engine v7.6 ...)
+CVE-2016-1000155
 	NOT-FOR-US: Wordpress plugin wpsolr-search-engine
-CVE-2016-1000154 (Reflected XSS in wordpress plugin whizz v1.0.7 ...)
+CVE-2016-1000154
 	NOT-FOR-US: Wordpress plugin whizz
-CVE-2016-1000153 (Reflected XSS in wordpress plugin tidio-gallery v1.1 ...)
+CVE-2016-1000153
 	NOT-FOR-US: Wordpress plugin tidio-gallery
-CVE-2016-1000152 (Reflected XSS in wordpress plugin tidio-form v1.0 ...)
+CVE-2016-1000152
 	NOT-FOR-US: Wordpress plugin tidio-form
-CVE-2016-1000151 (Reflected XSS in wordpress plugin tera-charts v1.0 ...)
+CVE-2016-1000151
 	NOT-FOR-US: Wordpress plugin tera-charts
-CVE-2016-1000150 (Reflected XSS in wordpress plugin simplified-content v1.0.0 ...)
+CVE-2016-1000150
 	NOT-FOR-US: Wordpress plugin simplified-content
-CVE-2016-1000149 (Reflected XSS in wordpress plugin simpel-reserveren v3.5.2 ...)
+CVE-2016-1000149
 	NOT-FOR-US: Wordpress plugin simpel-reserveren
-CVE-2016-1000148 (Reflected XSS in wordpress plugin s3-video v0.983 ...)
+CVE-2016-1000148
 	NOT-FOR-US: Wordpress plugin s3-video
-CVE-2016-1000147 (Reflected XSS in wordpress plugin recipes-writer v1.0.4 ...)
+CVE-2016-1000147
 	NOT-FOR-US: Wordpress plugin recipes-writer
-CVE-2016-1000146 (Reflected XSS in wordpress plugin pondol-formmail v1.1 ...)
+CVE-2016-1000146
 	NOT-FOR-US: Wordpress plugin pondol-formmail
-CVE-2016-1000145 (Reflected XSS in wordpress plugin pondol-carousel v1.0 ...)
+CVE-2016-1000145
 	NOT-FOR-US: Wordpress plugin pondol-carousel
-CVE-2016-1000144 (Reflected XSS in wordpress plugin photoxhibit v2.1.8 ...)
+CVE-2016-1000144
 	NOT-FOR-US: Wordpress plugin photoxhibit
-CVE-2016-1000143 (Reflected XSS in wordpress plugin photoxhibit v2.1.8 ...)
+CVE-2016-1000143
 	NOT-FOR-US: Wordpress plugin photoxhibit
-CVE-2016-1000142 (Reflected XSS in wordpress plugin parsi-font v4.2.5 ...)
+CVE-2016-1000142
 	NOT-FOR-US: Wordpress plugin parsi-font
-CVE-2016-1000141 (Reflected XSS in wordpress plugin page-layout-builder v1.9.3 ...)
+CVE-2016-1000141
 	NOT-FOR-US: Wordpress plugin page-layout-builder
-CVE-2016-1000140 (Reflected XSS in wordpress plugin new-year-firework v1.1.9 ...)
+CVE-2016-1000140
 	NOT-FOR-US: Wordpress plugin new-year-firework
-CVE-2016-1000139 (Reflected XSS in wordpress plugin infusionsoft v1.5.11 ...)
+CVE-2016-1000139
 	NOT-FOR-US: Wordpress plugin infusionsoft
-CVE-2016-1000138 (Reflected XSS in wordpress plugin indexisto v1.0.5 ...)
+CVE-2016-1000138
 	NOT-FOR-US: Wordpress plugin indexisto
-CVE-2016-1000137 (Reflected XSS in wordpress plugin hero-maps-pro v2.1.0 ...)
+CVE-2016-1000137
 	NOT-FOR-US: Wordpress plugin hero-maps-pro
-CVE-2016-1000136 (Reflected XSS in wordpress plugin heat-trackr v1.0 ...)
+CVE-2016-1000136
 	NOT-FOR-US: Wordpress plugin heat-trackr
-CVE-2016-1000135 (Reflected XSS in wordpress plugin hdw-tube v1.2 ...)
+CVE-2016-1000135
 	NOT-FOR-US: Wordpress plugin hdw-tube
-CVE-2016-1000134 (Reflected XSS in wordpress plugin hdw-tube v1.2 ...)
+CVE-2016-1000134
 	NOT-FOR-US: Wordpress plugin hdw-tube
-CVE-2016-1000133 (Reflected XSS in wordpress plugin forget-about-shortcode-buttons ...)
+CVE-2016-1000133
 	NOT-FOR-US: Wordpress plugin forget-about-shortcode-buttons
-CVE-2016-1000132 (Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8 ...)
+CVE-2016-1000132
 	NOT-FOR-US: Wordpress plugin enhanced-tooltipglossary
-CVE-2016-1000131 (Reflected XSS in wordpress plugin e-search v1.0 ...)
+CVE-2016-1000131
 	NOT-FOR-US: Wordpress plugin e-search
-CVE-2016-1000130 (Reflected XSS in wordpress plugin e-search v1.0 ...)
+CVE-2016-1000130
 	NOT-FOR-US: Wordpress plugin e-search
-CVE-2016-1000129 (Reflected XSS in wordpress plugin defa-online-image-protector v3.3 ...)
+CVE-2016-1000129
 	NOT-FOR-US: Wordpress plugin defa-online-image-protector
-CVE-2016-1000128 (Reflected XSS in wordpress plugin anti-plagiarism v3.60 ...)
+CVE-2016-1000128
 	NOT-FOR-US: Wordpress plugin anti-plagiarism
-CVE-2016-1000127 (Reflected XSS in wordpress plugin ajax-random-post v2.00 ...)
+CVE-2016-1000127
 	NOT-FOR-US: Wordpress plugin ajax-random-post
-CVE-2016-1000126 (Reflected XSS in wordpress plugin admin-font-editor v1.8 ...)
+CVE-2016-1000126
 	NOT-FOR-US: Wordpress plugin admin-font-editor
-CVE-2016-1000125 (Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla ...)
+CVE-2016-1000125
 	NOT-FOR-US: Joomla component Huge-IT Catalog
-CVE-2016-1000124 (Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin ...)
+CVE-2016-1000124
 	NOT-FOR-US: Joomla component Huge-IT Portfolio Gallery
-CVE-2016-1000123 (Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for ...)
+CVE-2016-1000123
 	NOT-FOR-US: Joomla component Huge-IT Video Gallery
-CVE-2016-1000122 (XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension ...)
+CVE-2016-1000122
 	NOT-FOR-US: Joomla extension Huge IT Joomla Slider
-CVE-2016-1000121 (XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension ...)
+CVE-2016-1000121
 	NOT-FOR-US: Joomla extension Huge IT Joomla Slider
-CVE-2016-1000120 (SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla ...)
+CVE-2016-1000120
 	NOT-FOR-US: Joomla extension Huge IT catalog
-CVE-2016-1000119 (SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla ...)
+CVE-2016-1000119
 	NOT-FOR-US: Joomla extension Huge IT catalog
-CVE-2016-1000118 (XSS &amp; SQLi in HugeIT slideshow v1.0.4 ...)
+CVE-2016-1000118
 	NOT-FOR-US: Joomla extension HugeIT slideshow
-CVE-2016-1000117 (XSS &amp; SQLi in HugeIT slideshow v1.0.4 ...)
+CVE-2016-1000117
 	NOT-FOR-US: Joomla extension HugeIT slideshow
-CVE-2016-1000116 (Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS ...)
+CVE-2016-1000116
 	NOT-FOR-US: Joomla extension Huge-IT Portfolio Gallery manager
-CVE-2016-1000115 (Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS ...)
+CVE-2016-1000115
 	NOT-FOR-US: Joomla extension Huge-IT Portfolio Gallery manager
-CVE-2016-1000114 (XSS in huge IT gallery v1.1.5 for Joomla ...)
+CVE-2016-1000114
 	NOT-FOR-US: Joomla extension huge IT gallery
-CVE-2016-1000113 (XSS and SQLi in huge IT gallery v1.1.5 for Joomla ...)
+CVE-2016-1000113
 	NOT-FOR-US: Joomla extension huge IT gallery
-CVE-2016-1000112 (Unauthenticated remote .jpg file upload in contus-video-comments v1.0 ...)
+CVE-2016-1000112
 	NOT-FOR-US: WordPress plugin contus-video-comments
-CVE-2016-6265 (Use-after-free vulnerability in the pdf_load_xref function in ...)
+CVE-2016-6265
 	{DSA-3655-1}
 	- mupdf 1.9a+ds1-1.1 (bug #832031)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present, no segfault)
@@ -13845,7 +13845,7 @@ CVE-2016-6265 (Use-after-free vulnerability in the pdf_load_xref function in ...
 	NOTE: thus the issue could possibly be presend already before. The code in 1.5-1 looks
 	NOTE: quite similar, although the reproducer does not lead to a heap-use-after-free in
 	NOTE: the 1.5-1 case.
-CVE-2016-6264 (Integer signedness error in libc/string/arm/memset.S in uClibc and ...)
+CVE-2016-6264
 	{DLA-561-1}
 	- uclibc-ng <itp> (bug #811275)
 	- uclibc <unfixed> (unimportant)
@@ -13853,17 +13853,17 @@ CVE-2016-6264 (Integer signedness error in libc/string/arm/memset.S in uClibc an
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/e3848e3dd64a8d6437531488fe341354bc02eaed
 	NOTE: http://mailman.uclibc-ng.org/pipermail/devel/2016-July/001067.html
 	NOTE: Fixed in 1.0.16 of uClibc-ng
-CVE-2016-6263 (The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn ...)
+CVE-2016-6263
 	{DSA-3658-1 DLA-582-1}
 	- libidn 1.33-1
 	NOTE: https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
 	NOTE: Test / Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=1fbee57ef3c72db2206dd87e4162108b2f425555 (libidn-1-33)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
-CVE-2016-6262 (idn in libidn before 1.33 might allow remote attackers to obtain ...)
+CVE-2016-6262
 	- libidn <not-affected> (Incomplete fix for CVE-2015-8948 not applied)
 	NOTE: Follow-up fix for CVE-2015-8948: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60 (libidn-1-33)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
-CVE-2016-6261 (The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 ...)
+CVE-2016-6261
 	{DSA-3658-1 DLA-582-1}
 	- libidn 1.33-1
 	NOTE: https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
@@ -13871,12 +13871,12 @@ CVE-2016-6261 (The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33
 	NOTE: Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=f20ce1128fb7f4d33297eee307dddaf0f92ac72d (libidn-1-33)
 	NOTE: Follow-up memory leak fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=11abd0e02c16f9e0b6944aea4ef0f2df44b42dd4 (libidn-1-33)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
-CVE-2016-6249 (F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout ...)
+CVE-2016-6249
 	NOT-FOR-US: F5
 CVE-2016-1000037
 	RESERVED
 	- pagure <itp> (bug #829046)
-CVE-2016-1000030 (Pidgin version &lt;2.11.0 contains a vulnerability in X.509 Certificates ...)
+CVE-2016-1000030
 	- pidgin 2.11.0-1 (unimportant)
 	[jessie] - pidgin 2.11.0-0+deb8u1
 	NOTE: http://www.pidgin.im/news/security/?id=91
@@ -13890,13 +13890,13 @@ CVE-2016-XXXX [insecure default PATH]
 	NOTE: Following reverse dependencies need to be recompiled: minit (wheezy, jessie),
 	NOTE: util-vserver (jessie, sid), mksh (sid, experimental)
 	NOTE: http://news.gmane.org/find-root.php?message_id=alpine.DEB.2.20.1607181048300.24083%40tglase.lan.tarent.de
-CVE-2016-6250 (Integer overflow in the ISO9660 writer in libarchive before 3.2.1 ...)
+CVE-2016-6250
 	{DSA-3677-1 DLA-554-1}
 	- libarchive 3.2.1-1 (low)
 	NOTE: https://github.com/libarchive/libarchive/issues/711
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3014e19820ea53c15c90f9d447ca3e668a0b76c6 (v3.2.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/1
-CVE-2016-6252 (Integer overflow in shadow 4.2.1 allows local users to gain privileges ...)
+CVE-2016-6252
 	{DSA-3793-1}
 	- shadow 1:4.4-1 (bug #832170)
 	[wheezy] - shadow <not-affected> (Vulnerable code not present)
@@ -13910,35 +13910,35 @@ CVE-2016-1000029
 	RESERVED
 CVE-2016-1000028
 	RESERVED
-CVE-2016-6247 (OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of ...)
+CVE-2016-6247
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6246 (OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount ...)
+CVE-2016-6246
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6245 (OpenBSD 5.8 and 5.9 allows local users to cause a denial of service ...)
+CVE-2016-6245
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6244 (The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel ...)
+CVE-2016-6244
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6243 (thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local ...)
+CVE-2016-6243
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6242 (OpenBSD 5.8 and 5.9 allows local users to cause a denial of service ...)
+CVE-2016-6242
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6241 (Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 ...)
+CVE-2016-6241
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6240 (Integer truncation error in the amap_alloc function in OpenBSD 5.8 and ...)
+CVE-2016-6240
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6239 (The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows ...)
+CVE-2016-6239
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6238 (The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 ...)
+CVE-2016-6238
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6237 (The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton ...)
+CVE-2016-6237
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6236 (The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton ...)
+CVE-2016-6236
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6235 (The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton ...)
+CVE-2016-6235
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6234 (The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 ...)
+CVE-2016-6234
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6231 (Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 ...)
+CVE-2016-6231
 	NOT-FOR-US: Kaspersky
 CVE-2016-6230
 	RESERVED
@@ -13950,7 +13950,7 @@ CVE-2016-6227
 	RESERVED
 CVE-2016-6226
 	RESERVED
-CVE-2016-6225 (xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does ...)
+CVE-2016-6225
 	- percona-xtrabackup <unfixed> (bug #851244)
 	[jessie] - percona-xtrabackup <no-dsa> (Minor issue)
 	NOTE: https://www.percona.com/blog/2017/01/12/cve-2016-6225-percona-xtrabackup-encryption-iv-not-set-properly
@@ -13960,7 +13960,7 @@ CVE-2016-6222
 	RESERVED
 CVE-2016-6221
 	RESERVED
-CVE-2016-6220 (Information Disclosure vulnerability in the Dashboard and Error Pages ...)
+CVE-2016-6220
 	NOT-FOR-US: Trend Micro Control Manager
 CVE-2016-6219
 	RESERVED
@@ -13999,34 +13999,34 @@ CVE-2016-1000027
 	- libspring-java 4.2.7-1 (unimportant)
 	NOTE: https://www.tenable.com/security/research/tra-2016-20
 	NOTE: This is not a vulnerability in Spring itself, just how applications are using it
-CVE-2016-6255 (Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers ...)
+CVE-2016-6255
 	{DSA-3736-1 DLA-597-1}
 	- libupnp 1:1.6.19+git20160116-1.1 (bug #831857)
 	NOTE: https://twitter.com/mjg59/status/755062278513319936
 	NOTE: Proposed fix: https://github.com/mjg59/pupnp-code/commit/be0a01bdb83395d9f3a5ea09c1308a4f1a972cbd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/18/13
-CVE-2016-6233 (The (1) order and (2) group methods in Zend_Db_Select in the Zend ...)
+CVE-2016-6233
 	- zendframework 1.12.19+dfsg-1
 	[jessie] - zendframework <not-affected> (introduced after 1.12.9)
 	[wheezy] - zendframework <not-affected> (introduced after 1.12.9)
 	NOTE: http://framework.zend.com/security/advisory/ZF2016-02
 	NOTE: https://github.com/zendframework/zf1/commit/bf3f40605be3d8f136a07ae991079a7dcb34d967
-CVE-2016-6232 (Directory traversal vulnerability in KArchive before 5.24, as used in ...)
+CVE-2016-6232
 	{DSA-3643-1 DLA-570-1}
 	- karchive 5.24.0-1
 	- kde4libs 4:4.14.22-2 (bug #832620)
 	NOTE: The fix for 4:4.14.22-1 was incomplete, cf.
 	NOTE: https://lists.debian.org/debian-lts/2016/07/msg00144.html
 	NOTE: Fix: https://git.reviewboard.kde.org/r/128185/
-CVE-2016-6217 (Cross-site scripting (XSS) vulnerability in Sophos PureMessage for ...)
+CVE-2016-6217
 	NOT-FOR-US: Sophos
 CVE-2016-6216
 	RESERVED
 CVE-2016-6215
 	RESERVED
-CVE-2016-6212 (The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views ...)
+CVE-2016-6212
 	- drupal8 <itp> (bug #756305)
-CVE-2016-6210 (sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user ...)
+CVE-2016-6210
 	{DSA-3626-1 DLA-578-1}
 	- openssh 1:7.2p2-6 (bug #831902)
 	NOTE: http://seclists.org/fulldisclosure/2016/Jul/51
@@ -14036,7 +14036,7 @@ CVE-2016-6210 (sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for us
 	NOTE: otherwise the mitigiation isn't very effective for systems with a locked root account.
 CVE-2016-6208
 	RESERVED
-CVE-2016-6207 (Integer overflow in the _gdContributionsAlloc function in ...)
+CVE-2016-6207
 	{DSA-3630-1}
 	- libgd2 2.2.2-43-g22cba39-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14052,7 +14052,7 @@ CVE-2016-6207 (Integer overflow in the _gdContributionsAlloc function in ...)
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72558
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2016-6209 (Cross-site scripting (XSS) vulnerability in Nagios. ...)
+CVE-2016-6209
 	- nagios3 <removed> (bug #831698)
 	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
@@ -14060,21 +14060,21 @@ CVE-2016-6209 (Cross-site scripting (XSS) vulnerability in Nagios. ...)
 	NOTE: http://seclists.org/fulldisclosure/2016/Jun/20
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/297
 	NOTE: Fixed by https://github.com/NagiosEnterprises/nagioscore/commit/78b7bdde3ab4dec265879ff1b4d49a398bf3ba9c
-CVE-2016-6206 (Huawei AR3200 routers with software before V200R007C00SPC600 allow ...)
+CVE-2016-6206
 	NOT-FOR-US: Huawei
 CVE-2016-6205
 	RESERVED
-CVE-2016-6204 (Cross-site scripting (XSS) vulnerability in the integrated web server ...)
+CVE-2016-6204
 	NOT-FOR-US: Siemens
 CVE-2016-6203
 	RESERVED
 CVE-2016-6202
 	RESERVED
-CVE-2016-6201 (Cross-site scripting (XSS) vulnerability in Ektron Content Management ...)
+CVE-2016-6201
 	NOT-FOR-US: Ektron Content Management System
 CVE-2016-6200
 	RESERVED
-CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to ...)
+CVE-2016-6199
 	- gradle 2.13-1
 	[jessie] - gradle <ignored> (Minor issue)
 	NOTE: Starting from 2.13-1 it uses commons-collections:commons-collections:3.2.2
@@ -14083,13 +14083,13 @@ CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers t
 	NOTE: ObjectSocketWrapper only used by Gradle UI, which was removed in current releases (4.x)
 CVE-2016-6196
 	RESERVED
-CVE-2016-6195 (SQL injection vulnerability in forumrunner/includes/moderation.php in ...)
+CVE-2016-6195
 	NOT-FOR-US: vBulletin
 CVE-2016-6194
 	RESERVED
-CVE-2016-6193 (Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with ...)
+CVE-2016-6193
 	NOT-FOR-US: Huawei
-CVE-2016-6192 (Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with ...)
+CVE-2016-6192
 	NOT-FOR-US: Huawei
 CVE-2016-1000026
 	RESERVED
@@ -14130,7 +14130,7 @@ CVE-2016-1000011
 	RESERVED
 CVE-2016-1000010
 	RESERVED
-CVE-2016-6905 (The read_image_tga function in gd_tga.c in the GD Graphics Library ...)
+CVE-2016-6905
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14140,20 +14140,20 @@ CVE-2016-6905 (The read_image_tga function in gd_tga.c in the GD Graphics Librar
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186
 	NOTE: followed by: https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/12/4
-CVE-2016-6352 (The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows ...)
+CVE-2016-6352
 	- gdk-pixbuf 2.35.4-1 (bug #832496)
 	[jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed along in a future DSA)
 	[wheezy] - gdk-pixbuf <not-affected> (Fails with ENOMEM, no crash)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/11
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769170
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=88af50a864195da1a4f7bda5f02539704fbda599
-CVE-2016-6224 (ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap ...)
+CVE-2016-6224
 	- ecryptfs-utils <not-affected> (Broken code not present; incomplete fix for CVE-2015-8946 not applied)
 	NOTE: Actually due to an incomplete fix of LP#1447282
 	NOTE: https://launchpad.net/bugs/1597154
 	NOTE: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2
-CVE-2016-6214 (gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows ...)
+CVE-2016-6214
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14161,7 +14161,7 @@ CVE-2016-6214 (gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allo
 	NOTE: https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
 	NOTE: Different issue than CVE-2016-6132
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/5
-CVE-2016-6223 (The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in ...)
+CVE-2016-6223
 	{DSA-3762-1 DLA-693-1 DLA-610-1}
 	- tiff 4.0.6-2 (bug #842270)
 	- tiff3 <removed>
@@ -14169,55 +14169,55 @@ CVE-2016-6223 (The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.
 	NOTE: Upstream patch: https://github.com/vadz/libtiff/commit/0ba5d8814a17a64bdb8d9035f4c533f3f3f4b496
 CVE-2016-1000023
 	REJECTED
-CVE-2016-6213 (fs/namespace.c in the Linux kernel before 4.9 does not restrict how ...)
+CVE-2016-6213
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.43-1
 	[wheezy] - linux <no-dsa> (Only exploitable by privileged user; too many changes to backport)
 	NOTE: https://lkml.org/lkml/2016/8/28/269
 	NOTE: Fixed by: https://git.kernel.org/linus/d29216842a85c7970c536108e093963f02714498 (v4.9-rc1)
-CVE-2016-6186 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2016-6186
 	{DSA-3622-1 DLA-555-1}
 	- python-django 1:1.9.8-1 (bug #831799)
 	NOTE: https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
-CVE-2016-1000009 (TP-LINK lost control of two domains, www.tplinklogin.net and ...)
+CVE-2016-1000009
 	NOT-FOR-US: TP-LINK
 CVE-2016-XXXX [Insecure use of /tmp]
 	- leptonlib 1.73-5 (unimportant; bug #830660)
 	NOTE: Neutralised by kernel hardening
-CVE-2016-6198 (The filesystem layer in the Linux kernel before 4.5.5 proceeds with ...)
+CVE-2016-6198
 	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/54d5ca871e72f2bb172ec9323497f01cd5091ec7 (v4.6)
 	NOTE: https://git.kernel.org/linus/9409e22acdfc9153f88d9b1ed2bd2a5b34d2d3ca (v4.6)
-CVE-2016-6197 (fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the ...)
+CVE-2016-6197
 	- linux 4.6.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/11f3710417d026ea2f4fcf362d866342c5274185 (v4.6-rc1)
-CVE-2016-6191 (Multiple cross-site scripting (XSS) vulnerabilities in the View Raw ...)
+CVE-2016-6191
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://sogo.nu/bugs/view.php?id=3718
 	NOTE: http://github.com/inverse-inc/sogo/commit/64ce3c9c22fd9a28caabf11e76216cd53d0245aa (SOGo-3.1.3)
-CVE-2016-6190 (SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to ...)
+CVE-2016-6190
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: Fix SOGo v2: https://github.com/inverse-inc/sogo/commit/717f45f640a2866b76a8984139391fae64339225 (SOGo-2.3.12)
 	NOTE: Fix SOGo v3: https://github.com/inverse-inc/sogo/commit/875a4aca3218340fd4d3141950c82c2ff45b343d (SOGo-3.1.1)
 	NOTE: https://sogo.nu/bugs/view.php?id=3696
-CVE-2016-6189 (Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows ...)
+CVE-2016-6189
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: Fix SOGo v2: https://github.com/inverse-inc/sogo/commit/717f45f640a2866b76a8984139391fae64339225 (SOGo-2.3.12)
 	NOTE: Fix SOGo v3: https://github.com/inverse-inc/sogo/commit/875a4aca3218340fd4d3141950c82c2ff45b343d (SOGo-3.1.1)
 	NOTE: https://sogo.nu/bugs/view.php?id=3695
-CVE-2016-6188 (Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of ...)
+CVE-2016-6188
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: http://github.com/inverse-inc/sogo/commit/32bb1456e23a32c7f45079c3985bf732dd0d276d (SOGo-2.3.9)
 	NOTE: https://sogo.nu/bugs/view.php?id=3510
-CVE-2016-6187 (The apparmor_setprocattr function in security/apparmor/lsm.c in the ...)
+CVE-2016-6187
 	- linux 4.6.4-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -14229,28 +14229,28 @@ CVE-2016-XXXX [GNUTLS-SA-2016-2: certificate verification issue]
 	NOTE: http://gnutls.org/security.html#GNUTLS-SA-2016-2
 	NOTE: Unimportant since Debian's binary packages are not built
 	NOTE: with --with-default-trust-store-pkcs11=
-CVE-2016-6184 (The Camera driver in Huawei Honor 4C smartphones with software ...)
+CVE-2016-6184
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6183 (The Camera driver in Huawei Honor 4C smartphones with software ...)
+CVE-2016-6183
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6182 (The Camera driver in Huawei Honor 4C smartphones with software ...)
+CVE-2016-6182
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6181 (The Camera driver in Huawei Honor 4C smartphones with software ...)
+CVE-2016-6181
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6180 (The Camera driver in Huawei Honor 4C smartphones with software ...)
+CVE-2016-6180
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6179 (The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 ...)
+CVE-2016-6179
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6178 (Huawei NE40E and CX600 devices with software before V800R007SPH017; ...)
+CVE-2016-6178
 	NOT-FOR-US: Huawei
-CVE-2016-6177 (The Huawei OceanStor 5800 V300R003C00 has an integer overflow ...)
+CVE-2016-6177
 	NOT-FOR-US: Huawei
 CVE-2016-6176
 	RESERVED
-CVE-2016-6185 (The XSLoader::load method in XSLoader in Perl does not properly locate ...)
+CVE-2016-6185
 	{DSA-3628-1 DLA-565-1}
 	- perl 5.22.2-2 (bug #829578)
-CVE-2016-6175 (Eval injection vulnerability in php-gettext 1.0.12 and earlier allows ...)
+CVE-2016-6175
 	- php-gettext <unfixed> (bug #851771)
 	[buster] - php-gettext <no-dsa> (Minor issue)
 	[stretch] - php-gettext <no-dsa> (Minor issue)
@@ -14258,19 +14258,19 @@ CVE-2016-6175 (Eval injection vulnerability in php-gettext 1.0.12 and earlier al
 	[wheezy] - php-gettext <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/php-gettext/+bug/1606184
 	NOTE: https://kmkz-web-blog.blogspot.cz/2016/07/advisory-cve-2016-6175.html
-CVE-2016-6174 (applications/core/modules/front/system/content.php in Invision Power ...)
+CVE-2016-6174
 	NOT-FOR-US: Inivision
-CVE-2016-6169 (Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 ...)
+CVE-2016-6169
 	NOT-FOR-US: Foxit Reader
-CVE-2016-6168 (Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 ...)
+CVE-2016-6168
 	NOT-FOR-US: Foxit Reader
-CVE-2016-6167 (Multiple untrusted search path vulnerabilities in Putty beta 0.67 ...)
+CVE-2016-6167
 	- putty <not-affected> (Windows-specific)
 CVE-2016-6166
 	RESERVED
 CVE-2016-6165
 	RESERVED
-CVE-2016-6164 (Integer overflow in the mov_build_index function in libavformat/mov.c ...)
+CVE-2016-6164
 	- ffmpeg 7:3.1.1-1
 	NOTE: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823
 CVE-2016-1000101
@@ -14288,47 +14288,47 @@ CVE-2016-1000005
 CVE-2016-1000004
 	RESERVED
 	- hhvm 3.12.11+dfsg-1
-CVE-2016-6173 (NSD before 4.1.11 allows remote DNS master servers to cause a denial ...)
+CVE-2016-6173
 	- nsd 4.1.11-1 (unimportant; bug #830806)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=790
 	NOTE: Not considered a security issue due to trust relationship, see #830806
-CVE-2016-6172 (PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote ...)
+CVE-2016-6172
 	{DSA-3664-1 DLA-627-1}
 	- pdns 4.0.1-1 (bug #830808)
 	NOTE: https://github.com/PowerDNS/pdns/issues/4128
 	NOTE: Master: https://github.com/PowerDNS/pdns/pull/4133
 	NOTE: 3.4.x: https://github.com/PowerDNS/pdns/pull/4134
-CVE-2016-6171 (Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of ...)
+CVE-2016-6171
 	- knot 2.3.0-1 (bug #830809)
 	[jessie] - knot <no-dsa> (Minor issue)
 	NOTE: https://gitlab.labs.nic.cz/labs/knot/merge_requests/541
 	NOTE: https://gitlab.labs.nic.cz/labs/knot/issues/464
-CVE-2016-6170 (ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x ...)
+CVE-2016-6170
 	- bind9 1:9.10.6+dfsg-1 (unimportant; bug #830810)
 	NOTE: Not fixed upstream, proposed patches below are unofficial:
 	NOTE: Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.10.3-xfer-limit-0.0.1.patch
 	NOTE: Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.9.9-P1-xfer-limit-0.0.1.patch
 	NOTE: Negligible security impact
-CVE-2016-6163 (The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in ...)
+CVE-2016-6163
 	- librsvg 2.40.9-2
 	[jessie] - librsvg <no-dsa> (Minor issue)
 	[wheezy] - librsvg <not-affected> (vulnerable code not present, no segfault)
 	NOTE: Fixed by: https://git.gnome.org/browse/librsvg/commit/?id=0035e95118a60c0cd3949c2300472d805e16a022 (2.40.7)
 	NOTE: Reproducer attached in http://seclists.org/oss-sec/2016/q3/7
-CVE-2016-6162 (net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to ...)
+CVE-2016-6162
 	- linux <not-affected> (Vulnerable code introduced in 4.7-rc1)
-CVE-2016-6161 (The output function in gd_gif_out.c in the GD Graphics Library (aka ...)
+CVE-2016-6161
 	{DSA-3619-1 DLA-563-1}
 	- libgd2 2.2.1-1
 	NOTE: https://github.com/libgd/libgd/issues/209
 	NOTE: https://github.com/libgd/libgd/commit/82b80dcb70a7ca8986125ff412bceddafc896842 (gd-2.2.0)
-CVE-2016-6159 (The management interface of Huawei WS331a routers with software before ...)
+CVE-2016-6159
 	NOT-FOR-US: Huawei
-CVE-2016-6158 (Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei ...)
+CVE-2016-6158
 	NOT-FOR-US: Huawei
 CVE-2016-6157
 	RESERVED
-CVE-2016-6156 (Race condition in the ec_device_ioctl_xcmd function in ...)
+CVE-2016-6156
 	- linux 4.7.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -14338,39 +14338,39 @@ CVE-2016-6155
 	RESERVED
 CVE-2016-6154
 	RESERVED
-CVE-2016-6152 (CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated ...)
+CVE-2016-6152
 	NOT-FOR-US: eHealth
-CVE-2016-6151 (CA eHealth 6.2.x allows remote authenticated users to cause a denial ...)
+CVE-2016-6151
 	NOT-FOR-US: eHealth
-CVE-2016-6150 (The multi-tenant database container feature in SAP HANA does not ...)
+CVE-2016-6150
 	NOT-FOR-US: SAP HANA
-CVE-2016-6149 (SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain ...)
+CVE-2016-6149
 	NOT-FOR-US: SAP HANA
-CVE-2016-6148 (SAP HANA DB 1.00.73.00.389160 allows remote attackers to cause a ...)
+CVE-2016-6148
 	NOT-FOR-US: SAP HANA
-CVE-2016-6147 (An unspecified interface in SAP TREX 7.10 Revision 63 allows remote ...)
+CVE-2016-6147
 	NOT-FOR-US: SAP TREX
-CVE-2016-6146 (The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to ...)
+CVE-2016-6146
 	NOT-FOR-US: SAP
-CVE-2016-6145 (The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides ...)
+CVE-2016-6145
 	NOT-FOR-US: SAP HANA
-CVE-2016-6144 (The SQL interface in SAP HANA before Revision 102 does not limit the ...)
+CVE-2016-6144
 	NOT-FOR-US: SAP HANA
-CVE-2016-6143 (SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute ...)
+CVE-2016-6143
 	NOT-FOR-US: SAP HANA
-CVE-2016-6142 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers ...)
+CVE-2016-6142
 	NOT-FOR-US: SAP
 CVE-2016-6141
 	RESERVED
-CVE-2016-6140 (SAP TREX 7.10 Revision 63 allows remote attackers to write to ...)
+CVE-2016-6140
 	NOT-FOR-US: SAP TREX
-CVE-2016-6139 (SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary ...)
+CVE-2016-6139
 	NOT-FOR-US: SAP TREX
-CVE-2016-6138 (Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows ...)
+CVE-2016-6138
 	NOT-FOR-US: SAP TREX
-CVE-2016-6137 (An unspecified function in SAP TREX 7.10 Revision 63 allows remote ...)
+CVE-2016-6137
 	NOT-FOR-US: SAP
-CVE-2016-6136 (Race condition in the audit_log_single_execve_arg function in ...)
+CVE-2016-6136
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=120681
@@ -14380,16 +14380,16 @@ CVE-2016-6135
 	RESERVED
 CVE-2016-6134
 	RESERVED
-CVE-2016-1000007 (Pagure 2.2.1 XSS in raw file endpoint ...)
+CVE-2016-1000007
 	- pagure <itp> (bug #829046)
 	NOTE: https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77
-CVE-2016-6160 (tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause ...)
+CVE-2016-6160
 	{DLA-544-1}
 	- tcpreplay 3.4.4-3 (bug #829350)
 	[jessie] - tcpreplay 3.4.4-2+deb8u1
-CVE-2016-6133 (Cross-site scripting (XSS) vulnerability in Ektron Content Management ...)
+CVE-2016-6133
 	NOT-FOR-US: Ektron
-CVE-2016-6153 (os_unix.c in SQLite before 3.13.0 improperly implements the temporary ...)
+CVE-2016-6153
 	{DLA-543-1}
 	- sqlite3 3.13.0-1
 	[jessie] - sqlite3 3.8.7.1-1+deb8u2
@@ -14397,7 +14397,7 @@ CVE-2016-6153 (os_unix.c in SQLite before 3.13.0 improperly implements the tempo
 	NOTE: http://www.sqlite.org/cgi/src/info/b38fe522cfc971b3
 	NOTE: and possibly http://www.sqlite.org/cgi/src/info/614bb709d34e1148
 	NOTE: https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt
-CVE-2016-6129 (The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, ...)
+CVE-2016-6129
 	{DLA-612-1}
 	- libtomcrypt 1.17-8 (bug #837042)
 	[jessie] - libtomcrypt <no-dsa> (Minor issue)
@@ -14406,42 +14406,42 @@ CVE-2016-6129 (The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCry
 	NOTE: https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd09
 	NOTE: The CVE is originally assigend to OP-TEE, but the underlying issue seems to be in
 	NOTE: libtomcrypt, thus keep that source package as well for now associated.
-CVE-2016-6127 (Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x ...)
+CVE-2016-6127
 	{DSA-3882-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
-CVE-2016-6126 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote ...)
+CVE-2016-6126
 	NOT-FOR-US: IBM
-CVE-2016-6125 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to ...)
+CVE-2016-6125
 	NOT-FOR-US: IBM
-CVE-2016-6124 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote ...)
+CVE-2016-6124
 	NOT-FOR-US: IBM
-CVE-2016-6123 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to ...)
+CVE-2016-6123
 	NOT-FOR-US: IBM
-CVE-2016-6122 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to ...)
+CVE-2016-6122
 	NOT-FOR-US: IBM
-CVE-2016-6121 (IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is ...)
+CVE-2016-6121
 	NOT-FOR-US: IBM
 CVE-2016-6120
 	RESERVED
 CVE-2016-6119
 	RESERVED
-CVE-2016-6118 (IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to ...)
+CVE-2016-6118
 	NOT-FOR-US: IBM
-CVE-2016-6117 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 can be deployed with ...)
+CVE-2016-6117
 	NOT-FOR-US: IBM
-CVE-2016-6116 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 could allow a remote ...)
+CVE-2016-6116
 	NOT-FOR-US: IBM
-CVE-2016-6115 (IBM General Parallel File System is vulnerable to a buffer overflow. A ...)
+CVE-2016-6115
 	NOT-FOR-US: IBM
-CVE-2016-6114 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
+CVE-2016-6114
 	NOT-FOR-US: IBM
-CVE-2016-6113 (IBM Verse is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2016-6113
 	NOT-FOR-US: IBM
-CVE-2016-6112 (IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and ...)
+CVE-2016-6112
 	NOT-FOR-US: IBM
-CVE-2016-6111 (IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a ...)
+CVE-2016-6111
 	NOT-FOR-US: IBM
-CVE-2016-6110 (IBM Tivoli Storage Manager discloses unencrypted login credentials to ...)
+CVE-2016-6110
 	NOT-FOR-US: IBM
 CVE-2016-6109
 	RESERVED
@@ -14451,63 +14451,63 @@ CVE-2016-6107
 	RESERVED
 CVE-2016-6106
 	RESERVED
-CVE-2016-6105 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an ...)
+CVE-2016-6105
 	NOT-FOR-US: IBM
-CVE-2016-6104 (IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote ...)
+CVE-2016-6104
 	NOT-FOR-US: IBM
-CVE-2016-6103 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 is vulnerable to ...)
+CVE-2016-6103
 	NOT-FOR-US: IBM
-CVE-2016-6102 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive ...)
+CVE-2016-6102
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2016-6101
 	RESERVED
-CVE-2016-6100 (IBM Disposal and Governance Management for IT and IBM Global Retention ...)
+CVE-2016-6100
 	NOT-FOR-US: IBM
-CVE-2016-6099 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 discloses sensitive ...)
+CVE-2016-6099
 	NOT-FOR-US: IBM
-CVE-2016-6098 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies ...)
+CVE-2016-6098
 	NOT-FOR-US: IBM
-CVE-2016-6097 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 allows web pages ...)
+CVE-2016-6097
 	NOT-FOR-US: IBM
-CVE-2016-6096 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to ...)
+CVE-2016-6096
 	NOT-FOR-US: IBM
-CVE-2016-6095 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate ...)
+CVE-2016-6095
 	NOT-FOR-US: IBM
-CVE-2016-6094 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 generates an ...)
+CVE-2016-6094
 	NOT-FOR-US: IBM
-CVE-2016-6093 (IBM Tivoli Key Lifecycle Manager does not require that users should ...)
+CVE-2016-6093
 	NOT-FOR-US: IBM
-CVE-2016-6092 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 stores user ...)
+CVE-2016-6092
 	NOT-FOR-US: IBM
 CVE-2016-6091
 	REJECTED
-CVE-2016-6090 (IBM WebSphere Commerce contains an unspecified vulnerability that ...)
+CVE-2016-6090
 	NOT-FOR-US: IBM
-CVE-2016-6089 (IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write ...)
+CVE-2016-6089
 	NOT-FOR-US: IBM
 CVE-2016-6088
 	RESERVED
-CVE-2016-6087 (IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials ...)
+CVE-2016-6087
 	NOT-FOR-US: IBM
 CVE-2016-6086
 	RESERVED
-CVE-2016-6085 (IBM BigFix Platform could allow an attacker on the local network to ...)
+CVE-2016-6085
 	NOT-FOR-US: IBM
-CVE-2016-6084 (IBM BigFix Platform could allow an attacker on the local network to ...)
+CVE-2016-6084
 	NOT-FOR-US: IBM
-CVE-2016-6083 (IBM Tivoli Monitoring V6 could allow an unauthenticated user to access ...)
+CVE-2016-6083
 	NOT-FOR-US: IBM
-CVE-2016-6082 (IBM BigFix Platform could allow a remote attacker to execute arbitrary ...)
+CVE-2016-6082
 	NOT-FOR-US: IBM
 CVE-2016-6081
 	RESERVED
-CVE-2016-6080 (The WebAdmin context for WebSphere Message Broker allows directory ...)
+CVE-2016-6080
 	NOT-FOR-US: IBM
-CVE-2016-6079 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability ...)
+CVE-2016-6079
 	NOT-FOR-US: IBM
 CVE-2016-6078
 	RESERVED
-CVE-2016-6077 (IBM Cognos Disclosure Management 10.2 could allow a malicious attacker ...)
+CVE-2016-6077
 	NOT-FOR-US: IBM
 CVE-2016-6076
 	RESERVED
@@ -14517,7 +14517,7 @@ CVE-2016-6074
 	RESERVED
 CVE-2016-6073
 	RESERVED
-CVE-2016-6072 (IBM Maximo Asset Management is vulnerable to cross-site scripting. ...)
+CVE-2016-6072
 	NOT-FOR-US: IBM
 CVE-2016-6071
 	RESERVED
@@ -14525,35 +14525,35 @@ CVE-2016-6070
 	RESERVED
 CVE-2016-6069
 	RESERVED
-CVE-2016-6068 (IBM UrbanCode Deploy could allow an authenticated user with access to ...)
+CVE-2016-6068
 	NOT-FOR-US: IBM
 CVE-2016-6067
 	RESERVED
 CVE-2016-6066
 	RESERVED
-CVE-2016-6065 (IBM Security Guardium Database Activity Monitor appliance could allow ...)
+CVE-2016-6065
 	NOT-FOR-US: IBM
 CVE-2016-6064
 	RESERVED
 CVE-2016-6063
 	RESERVED
-CVE-2016-6062 (IBM Resilient v26.0, v26.1, and v26.2 is vulnerable to cross-site ...)
+CVE-2016-6062
 	NOT-FOR-US: IBM
-CVE-2016-6061 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
+CVE-2016-6061
 	NOT-FOR-US: IBM
-CVE-2016-6060 (An undisclosed vulnerability in IBM Rational DOORS Next Generation ...)
+CVE-2016-6060
 	NOT-FOR-US: IBM
-CVE-2016-6059 (IBM InfoSphere Information Server is vulnerable to a denial of ...)
+CVE-2016-6059
 	NOT-FOR-US: IBM
 CVE-2016-6058
 	RESERVED
 CVE-2016-6057
 	RESERVED
-CVE-2016-6056 (IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site ...)
+CVE-2016-6056
 	NOT-FOR-US: IBM Call Center for Commerce
-CVE-2016-6055 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2016-6055
 	NOT-FOR-US: IBM
-CVE-2016-6054 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
+CVE-2016-6054
 	NOT-FOR-US: IBM
 CVE-2016-6053
 	RESERVED
@@ -14567,65 +14567,65 @@ CVE-2016-6049
 	RESERVED
 CVE-2016-6048
 	RESERVED
-CVE-2016-6047 (IBM Jazz Reporting Service (JRS) is vulnerable to cross-site ...)
+CVE-2016-6047
 	NOT-FOR-US: IBM
-CVE-2016-6046 (IBM Tivoli Storage Manager Operations Center is vulnerable to ...)
+CVE-2016-6046
 	NOT-FOR-US: IBM
-CVE-2016-6045 (IBM Tivoli Storage Manager Operations Center is vulnerable to ...)
+CVE-2016-6045
 	NOT-FOR-US: IBM
-CVE-2016-6044 (IBM Tivoli Storage Manager Operations Center could allow an ...)
+CVE-2016-6044
 	NOT-FOR-US: IBM
-CVE-2016-6043 (Tivoli Storage Manager Operations Center could allow a local user to ...)
+CVE-2016-6043
 	NOT-FOR-US: IBM
-CVE-2016-6042 (IBM AppScan Enterprise Edition could allow a remote attacker to ...)
+CVE-2016-6042
 	NOT-FOR-US: IBM
 CVE-2016-6041
 	RESERVED
-CVE-2016-6040 (IBM Jazz Foundation could allow an authenticated user to take over a ...)
+CVE-2016-6040
 	NOT-FOR-US: IBM
-CVE-2016-6039 (IBM Jazz Reporting Service (JRS) is vulnerable to cross-site ...)
+CVE-2016-6039
 	NOT-FOR-US: IBM
-CVE-2016-6038 (Directory traversal vulnerability in Eclipse Help in IBM Tivoli ...)
+CVE-2016-6038
 	NOT-FOR-US: Tivoli
-CVE-2016-6037 (IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A ...)
+CVE-2016-6037
 	NOT-FOR-US: IBM
-CVE-2016-6036 (IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to ...)
+CVE-2016-6036
 	NOT-FOR-US: IBM
-CVE-2016-6035 (IBM Rational Quality Manager is vulnerable to cross-site scripting. ...)
+CVE-2016-6035
 	NOT-FOR-US: IBM
-CVE-2016-6034 (IBM Tivoli Storage Manager for Virtual Environments (VMware) could ...)
+CVE-2016-6034
 	NOT-FOR-US: IBM
-CVE-2016-6033 (IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is ...)
+CVE-2016-6033
 	NOT-FOR-US: IBM
-CVE-2016-6032 (IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site ...)
+CVE-2016-6032
 	NOT-FOR-US: IBM
-CVE-2016-6031 (IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to ...)
+CVE-2016-6031
 	NOT-FOR-US: IBM
-CVE-2016-6030 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
+CVE-2016-6030
 	NOT-FOR-US: IBM
-CVE-2016-6029 (IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could ...)
+CVE-2016-6029
 	NOT-FOR-US: IBM
-CVE-2016-6028 (IBM Jazz technology based products might allow an attacker to view ...)
+CVE-2016-6028
 	NOT-FOR-US: IBM
-CVE-2016-6027 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 ...)
+CVE-2016-6027
 	NOT-FOR-US: IBM
-CVE-2016-6026 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 ...)
+CVE-2016-6026
 	NOT-FOR-US: IBM
-CVE-2016-6025 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 ...)
+CVE-2016-6025
 	NOT-FOR-US: IBM
-CVE-2016-6024 (IBM Jazz technology based products might divulge information that ...)
+CVE-2016-6024
 	NOT-FOR-US: IBM
-CVE-2016-6023 (Directory traversal vulnerability in the Configuration Manager in IBM ...)
+CVE-2016-6023
 	NOT-FOR-US: IBM
-CVE-2016-6022 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to ...)
+CVE-2016-6022
 	NOT-FOR-US: IBM
-CVE-2016-6021 (IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is ...)
+CVE-2016-6021
 	NOT-FOR-US: IBM
-CVE-2016-6020 (IBM Sterling B2B Integrator Standard Edition could allow a remote ...)
+CVE-2016-6020
 	NOT-FOR-US: IBM
-CVE-2016-6019 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through ...)
+CVE-2016-6019
 	NOT-FOR-US: IBM
-CVE-2016-6018 (IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error ...)
+CVE-2016-6018
 	NOT-FOR-US: IBM
 CVE-2016-6017
 	RESERVED
@@ -14659,145 +14659,145 @@ CVE-2016-6003
 	RESERVED
 CVE-2016-6002
 	RESERVED
-CVE-2016-6001 (IBM Forms Experience Builder could be susceptible to a server-side ...)
+CVE-2016-6001
 	NOT-FOR-US: IBM
-CVE-2016-6000 (IBM TRIRIGA Application Platform is vulnerable to cross-site ...)
+CVE-2016-6000
 	NOT-FOR-US: IBM
 CVE-2016-5999
 	RESERVED
 CVE-2016-5998
 	RESERVED
-CVE-2016-5997 (The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 ...)
+CVE-2016-5997
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5996 (The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 ...)
+CVE-2016-5996
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5995 (Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 ...)
+CVE-2016-5995
 	NOT-FOR-US: IBM
-CVE-2016-5994 (IBM InfoSphere Information Server contains a vulnerability that would ...)
+CVE-2016-5994
 	NOT-FOR-US: IBM
 CVE-2016-5993
 	RESERVED
-CVE-2016-5992 (IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 ...)
+CVE-2016-5992
 	NOT-FOR-US: IBM
-CVE-2016-5991 (IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 ...)
+CVE-2016-5991
 	NOT-FOR-US: IBM
-CVE-2016-5990 (IBM Security Privileged Identity Manager Virtual Appliance allows an ...)
+CVE-2016-5990
 	NOT-FOR-US: IBM
 CVE-2016-5989
 	RESERVED
-CVE-2016-5988 (IBM Security Privileged Identity Manager Virtual Appliance could ...)
+CVE-2016-5988
 	NOT-FOR-US: IBM
-CVE-2016-5987 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.10 ...)
+CVE-2016-5987
 	NOT-FOR-US: IBM
-CVE-2016-5986 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x ...)
+CVE-2016-5986
 	NOT-FOR-US: IBM
-CVE-2016-5985 (The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is ...)
+CVE-2016-5985
 	NOT-FOR-US: IBM
-CVE-2016-5984 (IBM InfoSphere Information Server is vulnerable to cross-frame ...)
+CVE-2016-5984
 	NOT-FOR-US: IBM
-CVE-2016-5983 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before ...)
+CVE-2016-5983
 	NOT-FOR-US: IBM
 CVE-2016-5982
 	RESERVED
-CVE-2016-5981 (Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace XT ...)
+CVE-2016-5981
 	NOT-FOR-US: IBM
-CVE-2016-5980 (IBM TRIRIGA Application Platform is vulnerable to cross-site ...)
+CVE-2016-5980
 	NOT-FOR-US: IBM
-CVE-2016-5979 (IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged ...)
+CVE-2016-5979
 	NOT-FOR-US: IBM
-CVE-2016-5978 (Cross-site scripting (XSS) vulnerability in the Web UI in the web ...)
+CVE-2016-5978
 	NOT-FOR-US: IBM
-CVE-2016-5977 (Open redirect vulnerability in the web portal in IBM Tealeaf Customer ...)
+CVE-2016-5977
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5976 (The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 ...)
+CVE-2016-5976
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5975 (Cross-site scripting (XSS) vulnerability in the Web UI in the web ...)
+CVE-2016-5975
 	NOT-FOR-US: IBM
-CVE-2016-5974 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security ...)
+CVE-2016-5974
 	NOT-FOR-US: IBM
 CVE-2016-5973
 	RESERVED
-CVE-2016-5972 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
+CVE-2016-5972
 	NOT-FOR-US: IBM Security Privileged Identity Manager
-CVE-2016-5971 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
+CVE-2016-5971
 	NOT-FOR-US: IBM Security Privileged Identity Manager
-CVE-2016-5970 (Directory traversal vulnerability in IBM Security Privileged Identity ...)
+CVE-2016-5970
 	NOT-FOR-US: IBM Security Privileged Identity Manager
 CVE-2016-5969
 	RESERVED
-CVE-2016-5968 (The Replay Server in IBM Tealeaf Customer Experience 8.x before ...)
+CVE-2016-5968
 	NOT-FOR-US: IBM
-CVE-2016-5967 (The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 ...)
+CVE-2016-5967
 	NOT-FOR-US: IBM
-CVE-2016-5966 (IBM Security Privileged Identity Manager Virtual Appliance could allow ...)
+CVE-2016-5966
 	NOT-FOR-US: IBM
 CVE-2016-5965
 	RESERVED
-CVE-2016-5964 (IBM Security Privileged Identity Manager Virtual Appliance version ...)
+CVE-2016-5964
 	NOT-FOR-US: IBM
-CVE-2016-5963 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
+CVE-2016-5963
 	NOT-FOR-US: IBM
 CVE-2016-5962
 	RESERVED
 CVE-2016-5961
 	RESERVED
-CVE-2016-5960 (IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user ...)
+CVE-2016-5960
 	NOT-FOR-US: IBM
-CVE-2016-5959 (IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores ...)
+CVE-2016-5959
 	NOT-FOR-US: IBM
-CVE-2016-5958 (IBM Security Privileged Identity Manager could allow a remote attacker ...)
+CVE-2016-5958
 	NOT-FOR-US: IBM
-CVE-2016-5957 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
+CVE-2016-5957
 	NOT-FOR-US: IBM
 CVE-2016-5956
 	RESERVED
-CVE-2016-5955 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next ...)
+CVE-2016-5955
 	NOT-FOR-US: IBM
-CVE-2016-5954 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+CVE-2016-5954
 	NOT-FOR-US: IBM
-CVE-2016-5953 (IBM Sterling Order Management transmits the session identifier within ...)
+CVE-2016-5953
 	NOT-FOR-US: IBM
-CVE-2016-5952 (IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL injection. A ...)
+CVE-2016-5952
 	NOT-FOR-US: IBM
-CVE-2016-5951 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site ...)
+CVE-2016-5951
 	NOT-FOR-US: IBM
-CVE-2016-5950 (IBM Kenexa LCMS Premier on Cloud stores user credentials in plain in ...)
+CVE-2016-5950
 	NOT-FOR-US: IBM
-CVE-2016-5949 (IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to ...)
+CVE-2016-5949
 	NOT-FOR-US: IBM
-CVE-2016-5948 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site ...)
+CVE-2016-5948
 	NOT-FOR-US: IBM
-CVE-2016-5947 (IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ...)
+CVE-2016-5947
 	NOT-FOR-US: IBM
-CVE-2016-5946 (Directory traversal vulnerability in IBM Spectrum Control (formerly ...)
+CVE-2016-5946
 	NOT-FOR-US: IBM
-CVE-2016-5945 (IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ...)
+CVE-2016-5945
 	NOT-FOR-US: IBM
-CVE-2016-5944 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Spectrum ...)
+CVE-2016-5944
 	NOT-FOR-US: IBM
-CVE-2016-5943 (IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ...)
+CVE-2016-5943
 	NOT-FOR-US: IBM
-CVE-2016-5942 (IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This ...)
+CVE-2016-5942
 	NOT-FOR-US: IBM
-CVE-2016-5941 (IBM Kenexa LMS on Cloud could allow a remote attacker to traverse ...)
+CVE-2016-5941
 	NOT-FOR-US: IBM
-CVE-2016-5940 (IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This ...)
+CVE-2016-5940
 	NOT-FOR-US: IBM
-CVE-2016-5939 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote ...)
+CVE-2016-5939
 	NOT-FOR-US: IBM
-CVE-2016-5938 (IBM Kenexa LMS on Cloud allows web pages to be stored locally which ...)
+CVE-2016-5938
 	NOT-FOR-US: IBM
-CVE-2016-5937 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request ...)
+CVE-2016-5937
 	NOT-FOR-US: IBM
 CVE-2016-5936
 	RESERVED
-CVE-2016-5935 (IBM Jazz for Service Management could allow a remote attacker to ...)
+CVE-2016-5935
 	NOT-FOR-US: IBM
-CVE-2016-5934 (IBM Tivoli Storage Manager FastBack installer could allow a remote ...)
+CVE-2016-5934
 	NOT-FOR-US: IBM
-CVE-2016-5933 (IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host ...)
+CVE-2016-5933
 	NOT-FOR-US: IBM
-CVE-2016-5932 (IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site ...)
+CVE-2016-5932
 	NOT-FOR-US: IBM
 CVE-2016-5931
 	RESERVED
@@ -14807,7 +14807,7 @@ CVE-2016-5929
 	RESERVED
 CVE-2016-5928
 	RESERVED
-CVE-2016-5927 (IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect ...)
+CVE-2016-5927
 	NOT-FOR-US: IBM
 CVE-2016-5926
 	RESERVED
@@ -14821,11 +14821,11 @@ CVE-2016-5922
 	RESERVED
 CVE-2016-5921
 	RESERVED
-CVE-2016-5920 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-5920
 	NOT-FOR-US: IBM
-CVE-2016-5919 (IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses ...)
+CVE-2016-5919
 	NOT-FOR-US: IBM
-CVE-2016-5918 (IBM Tivoli Storage Manager HSM for Windows displays the encrypted ...)
+CVE-2016-5918
 	NOT-FOR-US: IBM
 CVE-2016-5917
 	RESERVED
@@ -14851,41 +14851,41 @@ CVE-2016-5907
 	RESERVED
 CVE-2016-5906
 	RESERVED
-CVE-2016-5905 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2016-5905
 	NOT-FOR-US: IBM
 CVE-2016-5904
 	RESERVED
 CVE-2016-5903
 	RESERVED
-CVE-2016-5902 (IBM Maximo Asset Management is vulnerable to cross-site scripting. ...)
+CVE-2016-5902
 	NOT-FOR-US: IBM
-CVE-2016-5901 (Cross-site scripting (XSS) vulnerability in a test page in IBM ...)
+CVE-2016-5901
 	NOT-FOR-US: IBM
-CVE-2016-5900 (IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could ...)
+CVE-2016-5900
 	NOT-FOR-US: IBM
-CVE-2016-5899 (IBM Jazz Reporting Service (JRS) is vulnerable to cross-site ...)
+CVE-2016-5899
 	NOT-FOR-US: IBM
-CVE-2016-5898 (IBM Jazz Reporting Service (JRS) could allow a remote attacker to ...)
+CVE-2016-5898
 	NOT-FOR-US: IBM
-CVE-2016-5897 (IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A ...)
+CVE-2016-5897
 	NOT-FOR-US: IBM
-CVE-2016-5896 (IBM Maximo Asset Management could disclose sensitive information from ...)
+CVE-2016-5896
 	NOT-FOR-US: IBM
 CVE-2016-5895
 	RESERVED
-CVE-2016-5894 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
+CVE-2016-5894
 	NOT-FOR-US: IBM
-CVE-2016-5893 (IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to ...)
+CVE-2016-5893
 	NOT-FOR-US: IBM
-CVE-2016-5892 (Cross-site scripting (XSS) vulnerability in IBM 10x, as used in ...)
+CVE-2016-5892
 	NOT-FOR-US: IBM
 CVE-2016-5891
 	RESERVED
-CVE-2016-5890 (IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before ...)
+CVE-2016-5890
 	NOT-FOR-US: IBM
-CVE-2016-5889 (IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site ...)
+CVE-2016-5889
 	NOT-FOR-US: IBM
-CVE-2016-5888 (IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site ...)
+CVE-2016-5888
 	NOT-FOR-US: IBM
 CVE-2016-5887
 	RESERVED
@@ -14893,29 +14893,29 @@ CVE-2016-5886
 	RESERVED
 CVE-2016-5885
 	RESERVED
-CVE-2016-5884 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2016-5884
 	NOT-FOR-US: IBM
-CVE-2016-5883 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-5883
 	NOT-FOR-US: IBM
-CVE-2016-5882 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2016-5882
 	NOT-FOR-US: IBM
-CVE-2016-5881 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2016-5881
 	NOT-FOR-US: IBM
-CVE-2016-5880 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2016-5880
 	NOT-FOR-US: IBM
-CVE-2016-5879 (MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users ...)
+CVE-2016-5879
 	NOT-FOR-US: IBM
-CVE-2016-5878 (Open redirect vulnerability in IBM FileNet Workplace 4.0.2 before ...)
+CVE-2016-5878
 	NOT-FOR-US: IBM
 CVE-2016-5877
 	RESERVED
-CVE-2016-6132 (The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka ...)
+CVE-2016-6132
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1 (bug #829694)
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/libgd/libgd/issues/247
 	NOTE: https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
-CVE-2016-6131 (The demangler in GNU Libiberty allows remote attackers to cause a ...)
+CVE-2016-6131
 	{DLA-552-1}
 	- libiberty 20161017-1 (low; bug #840889)
 	[jessie] - libiberty <no-dsa> (Minor issue)
@@ -14926,12 +14926,12 @@ CVE-2016-6131 (The demangler in GNU Libiberty allows remote attackers to cause a
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71696
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=239143
-CVE-2016-6130 (Race condition in the sclp_ctl_ioctl_sccb function in ...)
+CVE-2016-6130
 	{DSA-3616-1}
 	- linux 4.6.1-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/532c34b5fbf1687df63b3fcd5b2846312ac943c6
-CVE-2016-6128 (The gdImageCropThreshold function in gd_crop.c in the GD Graphics ...)
+CVE-2016-6128
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1 (bug #829062)
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14943,155 +14943,155 @@ CVE-2016-6128 (The gdImageCropThreshold function in gd_crop.c in the GD Graphics
 	[wheezy] - php5 <not-affected> (Vulnerable code not present)
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72494
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2016-5876 (ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery ...)
+CVE-2016-5876
 	- owncloud <removed>
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-010
 CVE-2016-5875
 	REJECTED
-CVE-2016-5874 (Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers ...)
+CVE-2016-5874
 	NOT-FOR-US: Siemens
-CVE-2016-5872 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-5872
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5871 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-5871
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5870 (The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c ...)
+CVE-2016-5870
 	- linux <not-affected> (Qualcomm-specific kernel patch)
 CVE-2016-5869
 	RESERVED
-CVE-2016-5868 (drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver ...)
+CVE-2016-5868
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5867 (In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, ...)
+CVE-2016-5867
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5866
 	RESERVED
 CVE-2016-5865
 	RESERVED
-CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android for ...)
+CVE-2016-5864
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android for MSM, ...)
+CVE-2016-5863
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5862 (When a control related to codec is issued from userspace in all ...)
+CVE-2016-5862
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5861 (In a display driver in all Qualcomm products with Android for MSM, ...)
+CVE-2016-5861
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5860 (In an audio driver in all Qualcomm products with Android for MSM, ...)
+CVE-2016-5860
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5859 (In a sound driver in all Qualcomm products with Android for MSM, ...)
+CVE-2016-5859
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android for MSM, ...)
+CVE-2016-5858
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to ...)
+CVE-2016-5857
 	NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm
-CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android ...)
+CVE-2016-5856
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5855 (In a driver in all Qualcomm products with Android for MSM, Firefox OS ...)
+CVE-2016-5855
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5854 (In a driver in all Qualcomm products with Android for MSM, Firefox OS ...)
+CVE-2016-5854
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5853 (In an audio driver in all Qualcomm products with Android releases from ...)
+CVE-2016-5853
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5852 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and ...)
+CVE-2016-5852
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2016-5850 (Cross-site scripting (XSS) vulnerability in the volume backup service ...)
+CVE-2016-5850
 	NOT-FOR-US: Huawei
-CVE-2016-5873 (Buffer overflow in the HTTP URL parsing functions in pecl_http before ...)
+CVE-2016-5873
 	- php-pecl-http 3.0.1-0.1
 	[jessie] - php-pecl-http <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.php.net/bug.php?id=71719
 	NOTE: https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac567ae1f5/def
-CVE-2016-5851 (python-docx before 0.8.6 allows context-dependent attackers to conduct ...)
+CVE-2016-5851
 	NOT-FOR-US: python-docx
-CVE-2016-5849 (Siemens SICAM PAS through 8.07 allows local users to obtain sensitive ...)
+CVE-2016-5849
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-5848 (Siemens SICAM PAS before 8.07 does not properly restrict password data ...)
+CVE-2016-5848
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-5847 (SAP SAPCAR allows local users to change the permissions of arbitrary ...)
+CVE-2016-5847
 	NOT-FOR-US: SAP SAPCAR
 CVE-2016-5846
 	RESERVED
-CVE-2016-5845 (SAP SAPCAR does not check the return value of file operations when ...)
+CVE-2016-5845
 	NOT-FOR-US: SAP SAPCAR
-CVE-2016-5843 (Multiple SQL injection vulnerabilities in the FAQ package 2.x before ...)
+CVE-2016-5843
 	NOT-FOR-US: OTRS addon
-CVE-2016-5840 (hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, ...)
+CVE-2016-5840
 	NOT-FOR-US: Trend Micro Deep Discovery Inspector
 CVE-2016-5831
 	RESERVED
 CVE-2016-5830
 	RESERVED
-CVE-2016-5822 (Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers ...)
+CVE-2016-5822
 	NOT-FOR-US: Huawei
-CVE-2016-5821 (Huawei HiSuite before 4.0.4.204_ove (Out of China) and before ...)
+CVE-2016-5821
 	NOT-FOR-US: Huawei HiSuite
 CVE-2016-5820
 	REJECTED
 CVE-2016-5819
 	RESERVED
-CVE-2016-5818 (An issue was discovered in Schneider Electric PowerLogic PM8ECC device ...)
+CVE-2016-5818
 	NOT-FOR-US: Schneider
-CVE-2016-5817 (SQL injection vulnerability in news pages in Cargotec Navis WebAccess ...)
+CVE-2016-5817
 	NOT-FOR-US: Cargotec
-CVE-2016-5816 (A Use of Hard-Coded Cryptographic Key issue was discovered in ...)
+CVE-2016-5816
 	NOT-FOR-US: Westermo
-CVE-2016-5815 (An issue was discovered on Schneider Electric IONXXXX series power ...)
+CVE-2016-5815
 	NOT-FOR-US: Schneider
-CVE-2016-5814 (Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, ...)
+CVE-2016-5814
 	NOT-FOR-US: Rockwell
-CVE-2016-5813 (An issue was discovered in Visonic PowerLink2, all versions prior to ...)
+CVE-2016-5813
 	NOT-FOR-US: Visonic PowerLink
-CVE-2016-5812 (Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and ...)
+CVE-2016-5812
 	NOT-FOR-US: Moxa
-CVE-2016-5811 (An issue was discovered in Visonic PowerLink2, all versions prior to ...)
+CVE-2016-5811
 	NOT-FOR-US: Visonic PowerLink
-CVE-2016-5810 (upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote ...)
+CVE-2016-5810
 	NOT-FOR-US: Advantech WebAccess
-CVE-2016-5809 (An issue was discovered on Schneider Electric IONXXXX series power ...)
+CVE-2016-5809
 	NOT-FOR-US: Schneider
 CVE-2016-5808
 	REJECTED
-CVE-2016-5807 (Tollgrade LightHouse SMS before 5.1 patch 3 allows remote ...)
+CVE-2016-5807
 	NOT-FOR-US: Tollgrade
 CVE-2016-5806
 	REJECTED
-CVE-2016-5805 (An issue was discovered in Delta Electronics WPLSoft, Versions prior to ...)
+CVE-2016-5805
 	NOT-FOR-US: Delta Electronics WPLSoft
-CVE-2016-5804 (Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 ...)
+CVE-2016-5804
 	NOT-FOR-US: Moxa
-CVE-2016-5803 (An issue was discovered in CA Unified Infrastructure Management Version ...)
+CVE-2016-5803
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2016-5802 (An issue was discovered in Delta Electronics WPLSoft, Versions prior to ...)
+CVE-2016-5802
 	NOT-FOR-US: Delta Electronics WPLSoft
-CVE-2016-5801 (An issue was discovered in OmniMetrix OmniView, Version 1.2. ...)
+CVE-2016-5801
 	NOT-FOR-US: OmniMetrix OmniView
 CVE-2016-5800
 	RESERVED
-CVE-2016-5799 (Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and ...)
+CVE-2016-5799
 	NOT-FOR-US: Moxa
-CVE-2016-5798 (An issue was discovered in Fatek Automation PM Designer V3 Version ...)
+CVE-2016-5798
 	NOT-FOR-US: Fatek Automation PM Designer
-CVE-2016-5797 (Tollgrade LightHouse SMS before 5.1 patch 3 provides different error ...)
+CVE-2016-5797
 	NOT-FOR-US: Tollgrade
-CVE-2016-5796 (An issue was discovered in Fatek Automation PM Designer V3 Version ...)
+CVE-2016-5796
 	NOT-FOR-US: Fatek Automation PM Designer
-CVE-2016-5795 (An XXE issue was discovered in Automated Logic Corporation (ALC) ...)
+CVE-2016-5795
 	NOT-FOR-US: Automated Logic Corporation (ALC)
 CVE-2016-5794
 	REJECTED
-CVE-2016-5793 (Unquoted Windows search path vulnerability in Moxa Active OPC Server ...)
+CVE-2016-5793
 	NOT-FOR-US: Moxa
-CVE-2016-5792 (SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote ...)
+CVE-2016-5792
 	NOT-FOR-US: Moxa
-CVE-2016-5791 (An Improper Authentication issue was discovered in JanTek JTC-200, all ...)
+CVE-2016-5791
 	NOT-FOR-US: JanTek JTC-200
-CVE-2016-5790 (Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to ...)
+CVE-2016-5790
 	NOT-FOR-US: Tollgrade
-CVE-2016-5789 (A Cross-site Request Forgery issue was discovered in JanTek JTC-200, ...)
+CVE-2016-5789
 	NOT-FOR-US: JanTek JTC-200
-CVE-2016-5788 (General Electric (GE) Bently Nevada 3500/22M USB with firmware before ...)
+CVE-2016-5788
 	NOT-FOR-US: General Electric (GE) Bently Nevada
-CVE-2016-5787 (General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before ...)
+CVE-2016-5787
 	NOT-FOR-US: CIMPLICITY
-CVE-2016-5786 (An issue was discovered in OmniMetrix OmniView, Version 1.2. The ...)
+CVE-2016-5786
 	NOT-FOR-US: OmniMetrix OmniView
 CVE-2016-5785
 	RESERVED
@@ -15099,9 +15099,9 @@ CVE-2016-5784
 	RESERVED
 CVE-2016-5783
 	RESERVED
-CVE-2016-5782 (An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, ...)
+CVE-2016-5782
 	NOT-FOR-US: Locus Energy LGate
-CVE-2016-5781 (Stack-based buffer overflow in WECON LeviStudio allows remote ...)
+CVE-2016-5781
 	NOT-FOR-US: LeviStudio
 CVE-2016-5780
 	RESERVED
@@ -15115,78 +15115,78 @@ CVE-2016-5776
 	RESERVED
 CVE-2016-5775
 	RESERVED
-CVE-2016-5774 (The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before ...)
+CVE-2016-5774
 	NOT-FOR-US: Blue Coat
-CVE-2016-5765 (Administrative Server in Micro Focus Host Access Management and ...)
+CVE-2016-5765
 	NOT-FOR-US: Micro Focus
-CVE-2016-5764 (Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to ...)
+CVE-2016-5764
 	NOT-FOR-US: Micro Focus Rumba
-CVE-2016-5763 (Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before ...)
+CVE-2016-5763
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2016-5762 (Integer overflow in the Post Office Agent in Novell GroupWise before ...)
+CVE-2016-5762
 	NOT-FOR-US: Novell GroupWise
-CVE-2016-5761 (Cross-site scripting (XSS) vulnerability in Novell GroupWise before ...)
+CVE-2016-5761
 	NOT-FOR-US: Novell GroupWise
-CVE-2016-5760 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2016-5760
 	NOT-FOR-US: Novell GroupWise
-CVE-2016-5759 (The mkdumprd script called &quot;dracut&quot; in the current working directory ...)
+CVE-2016-5759
 	NOT-FOR-US: SuSE-specific Dracut script mkdumprd
-CVE-2016-5758 (A cross site request forgery protection mechanism in NetIQ Access ...)
+CVE-2016-5758
 	NOT-FOR-US: NetIQ
-CVE-2016-5757 (iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix ...)
+CVE-2016-5757
 	NOT-FOR-US: NetIQ
-CVE-2016-5756 (Multiple components of the web tools in NetIQ Access Manager 4.1 before ...)
+CVE-2016-5756
 	NOT-FOR-US: NetIQ
-CVE-2016-5755 (NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 ...)
+CVE-2016-5755
 	NOT-FOR-US: NetIQ
-CVE-2016-5754 (Presence of a .htaccess file could leak information in NetIQ Access ...)
+CVE-2016-5754
 	NOT-FOR-US: NetIQ
 CVE-2016-5753
 	RESERVED
-CVE-2016-5752 (The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 ...)
+CVE-2016-5752
 	NOT-FOR-US: NetIQ
-CVE-2016-5751 (An unfiltered finalizer target URL in the SAML processing feature in ...)
+CVE-2016-5751
 	NOT-FOR-US: NetIQ
-CVE-2016-5750 (The certificate upload feature in iManager in NetIQ Access Manager 4.1 ...)
+CVE-2016-5750
 	NOT-FOR-US: NetIQ
-CVE-2016-5749 (NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was ...)
+CVE-2016-5749
 	NOT-FOR-US: NetIQ
-CVE-2016-5748 (External Entity Processing (XXE) vulnerability in the &quot;risk score&quot; ...)
+CVE-2016-5748
 	NOT-FOR-US: NetIQ
-CVE-2016-5747 (A security vulnerability in cookie handling in the http stack ...)
+CVE-2016-5747
 	NOT-FOR-US: Novell
-CVE-2016-5746 (libstorage, libstorage-ng, and yast-storage improperly store ...)
+CVE-2016-5746
 	NOT-FOR-US: libstorage
-CVE-2016-5745 (F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before ...)
+CVE-2016-5745
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-5844 (Integer overflow in the ISO parser in libarchive before 3.2.1 allows ...)
+CVE-2016-5844
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: Upstream ticket: https://github.com/libarchive/libarchive/issues/717
 	NOTE: Upstream fix: https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22 (v3.2.1)
-CVE-2016-5842 (MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote ...)
+CVE-2016-5842
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #831034)
 	NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b
 	NOTE: Reproducer http://bugs.fi/media/afl/imagemagick/CVE-2016-5842.jpg
-CVE-2016-5841 (Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 ...)
+CVE-2016-5841
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #831034)
 	NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b
 	NOTE: Reproducer http://bugs.fi/media/afl/imagemagick/CVE-2016-5841.jpg
-CVE-2016-5829 (Multiple heap-based buffer overflows in the hiddev_ioctl_usage ...)
+CVE-2016-5829
 	{DSA-3616-1 DLA-609-1}
 	- linux 4.6.3-1
 	NOTE: Fixed by: https://git.kernel.org/linus/93a2001bdfd5376c3dc2158653034c20392d15c5
-CVE-2016-5828 (The start_thread function in arch/powerpc/kernel/process.c in the ...)
+CVE-2016-5828
 	{DSA-3616-1}
 	- linux 4.6.3-1
 	[wheezy] - linux <not-affected> (Introduced in v3.10-rc1)
 	NOTE: https://patchwork.ozlabs.org/patch/636776/
 	NOTE: Introduced in https://git.kernel.org/linus/bc2a9408fa65195288b41751016c36fd00a75a85 (v3.10-rc1)
-CVE-2016-5827 (The icaltime_from_string function in libical 0.47 and 1.0 allows ...)
+CVE-2016-5827
 	- libical <unfixed>
 	[stretch] - libical <no-dsa> (Minor issue)
 	[jessie] - libical <no-dsa> (Minor issue)
@@ -15196,19 +15196,19 @@ CVE-2016-5827 (The icaltime_from_string function in libical 0.47 and 1.0 allows
 	NOTE: https://github.com/libical/libical/commit/38757abb495ea6cb40faa5418052278bf75040f7
 	NOTE: https://github.com/libical/libical/commit/04d84749e53db08c71ed0ce8b6ba5c11082743cd
 	NOTE: https://github.com/libical/libical/commit/830d9530817516377c2bc3b532798ce2c6b4765a
-CVE-2016-5826 (The parser_get_next_char function in libical 0.47 and 1.0 allows ...)
+CVE-2016-5826
 	- libical <unfixed>
 	[stretch] - libical <no-dsa> (Minor issue)
 	[jessie] - libical <no-dsa> (Minor issue)
 	[wheezy] - libical <no-dsa> (Low prio according to upstream)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1281041
-CVE-2016-5825 (The icalparser_parse_string function in libical 0.47 and 1.0 allows ...)
+CVE-2016-5825
 	- libical <unfixed>
 	[stretch] - libical <no-dsa> (Minor issue)
 	[jessie] - libical <no-dsa> (Minor issue)
 	[wheezy] - libical <no-dsa> (Low prio according to upstream)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1280832
-CVE-2016-5824 (libical 1.0 allows remote attackers to cause a denial of service ...)
+CVE-2016-5824
 	{DLA-959-1}
 	- libical <unfixed> (bug #860451)
 	[stretch] - libical <no-dsa> (Minor issue)
@@ -15224,102 +15224,102 @@ CVE-2016-5824 (libical 1.0 allows remote attackers to cause a denial of service
 	NOTE: in http://www.openwall.com/lists/oss-security/2016/06/25/4
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2016-5824
 	NOTE: thunderbird uses embedded libical copy
-CVE-2016-5823 (The icalproperty_new_clone function in libical 0.47 and 1.0 allows ...)
+CVE-2016-5823
 	- libical 1.0-1
 	[wheezy] - libical <no-dsa> (Only possible denial of service, not severe enough to solve)
 	NOTE: possibly correct upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1275787
 	NOTE: Exact fixing commit unfortunately not bisected, need more investigation
-CVE-2016-5744 (Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers ...)
+CVE-2016-5744
 	NOT-FOR-US: Siemens
-CVE-2016-5743 (Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, ...)
+CVE-2016-5743
 	NOT-FOR-US: Siemens
-CVE-2016-5839 (WordPress before 4.5.3 allows remote attackers to bypass the ...)
+CVE-2016-5839
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: https://core.trac.wordpress.org/ticket/37111
 	NOTE: https://core.trac.wordpress.org/changeset/37818
-CVE-2016-5838 (WordPress before 4.5.3 allows remote attackers to bypass intended ...)
+CVE-2016-5838
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://core.trac.wordpress.org/changeset/37762/
 	NOTE: https://core.trac.wordpress.org/ticket/37047
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
-CVE-2016-5837 (WordPress before 4.5.3 allows remote attackers to bypass intended ...)
+CVE-2016-5837
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: Upstream bug: https://core.trac.wordpress.org/ticket/36379
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37781
-CVE-2016-5836 (The oEmbed protocol implementation in WordPress before 4.5.3 allows ...)
+CVE-2016-5836
 	{DLA-1452-1 DLA-633-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: Upstream ticket: https://core.trac.wordpress.org/ticket/36767
 	NOTE: Fixed by (Branch 4.4): https://core.trac.wordpress.org/changeset/37798
-CVE-2016-5835 (WordPress before 4.5.3 allows remote attackers to obtain sensitive ...)
+CVE-2016-5835
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: https://core.trac.wordpress.org/changeset/37800
-CVE-2016-5834 (Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link ...)
+CVE-2016-5834
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: https://core.trac.wordpress.org/changeset/37790/
-CVE-2016-5833 (Cross-site scripting (XSS) vulnerability in the column_title function ...)
+CVE-2016-5833
 	- wordpress 4.5.3+dfsg-1
 	[jessie] - wordpress <not-affected> (vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (vulnerable code not present)
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
-CVE-2016-5832 (The customizer in WordPress before 4.5.3 allows remote attackers to ...)
+CVE-2016-5832
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37773/
-CVE-2016-5773 (php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before ...)
+CVE-2016-5773
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72434
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f6aef68089221c5ea047d4a74224ee3deead99a6
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5772 (Double free vulnerability in the php_wddx_process_data function in ...)
+CVE-2016-5772
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72340
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5771 (spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before ...)
+CVE-2016-5771
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 <not-affected> (Does not affect PHP 7.x)
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72433
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
 	NOTE: Fixed in 5.5.37, 5.6.23
-CVE-2016-5770 (Integer overflow in the SplFileObject::fread function in ...)
+CVE-2016-5770
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72262
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=7245bff300d3fa8bacbef7897ff080a6f1c23eba
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5769 (Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP ...)
+CVE-2016-5769
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72455
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5768 (Double free vulnerability in the _php_mb_regex_ereg_replace_exec ...)
+CVE-2016-5768
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72402
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5767 (Integer overflow in the gdImageCreate function in gd.c in the GD ...)
+CVE-2016-5767
 	- php7.0 7.0.8-1 (unimportant)
 	- php5 5.6.23+dfsg-1 (unimportant)
 	[jessie] - php5 5.6.23+dfsg-0+deb8u1
@@ -15329,7 +15329,7 @@ CVE-2016-5767 (Integer overflow in the gdImageCreate function in gd.c in the GD
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 	- libgd2 2.0.34~rc1-1
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/cfee163a5e848fc3e3fb1d05a30d7557cdd36457 (GD_2_0_34RC1)
-CVE-2016-5766 (Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD ...)
+CVE-2016-5766
 	{DSA-3619-1 DLA-534-1}
 	- php7.0 7.0.8-1 (unimportant)
 	- php5 5.6.23+dfsg-1 (unimportant)
@@ -15343,67 +15343,67 @@ CVE-2016-5766 (Integer overflow in the _gd2GetHeader function in gd_gd2.c in the
 	NOTE: https://github.com/libgd/libgd/commit/aba3db8ba159465ecec1089027a24835a6da9cc0
 CVE-2016-5741
 	RESERVED
-CVE-2016-5740 (An issue was discovered in Open-Xchange OX App Suite before ...)
+CVE-2016-5740
 	NOT-FOR-US: Open-Xchange
-CVE-2016-5739 (The Transformation implementation in phpMyAdmin 4.0.x before ...)
+CVE-2016-5739
 	{DSA-3627-1 DLA-551-1}
 	- phpmyadmin 4:4.6.3-1
 CVE-2016-5738
 	RESERVED
-CVE-2016-5736 (The default configuration of the IPsec IKE peer listener in F5 BIG-IP ...)
+CVE-2016-5736
 	NOT-FOR-US: BIG-IP
-CVE-2016-5735 (Integer overflow in the rwpng_read_image24_libpng function in rwpng.c ...)
+CVE-2016-5735
 	{DLA-966-1}
 	- pngquant 2.5.0-2 (bug #863469)
 	[jessie] - pngquant <no-dsa> (Minor issue)
 	NOTE: https://github.com/pornel/pngquant/commit/b7c217680cda02dddced245d237ebe8c383be285
-CVE-2016-5734 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x ...)
+CVE-2016-5734
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <no-dsa> (Vulnerable only with a php version earlier than the one in jessie)
 	[wheezy] - phpmyadmin <no-dsa> (Vulnerable only with a php version earlier than the one in wheezy)
-CVE-2016-5733 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2016-5733
 	{DSA-3627-1 DLA-551-1}
 	- phpmyadmin 4:4.6.3-1
-CVE-2016-5732 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2016-5732
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5731 (Cross-site scripting (XSS) vulnerability in examples/openid.php in ...)
+CVE-2016-5731
 	{DSA-3627-1 DLA-551-1}
 	- phpmyadmin 4:4.6.3-1 (low)
-CVE-2016-5730 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x ...)
+CVE-2016-5730
 	- phpmyadmin 4:4.6.3-1 (unimportant)
 	NOTE: path disclosure irrelevant in Debian
-CVE-2016-5742 (SQL injection vulnerability in the XML-RPC interface in Movable Type ...)
+CVE-2016-5742
 	{DLA-532-1}
 	- movabletype-opensource <removed>
 	NOTE: https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/06/22/3
 	NOTE: https://github.com/movabletype/movabletype/commit/42113544e7d8ebf6064b7b01b921734b667a1682
-CVE-2016-5737 (The Gerrit configuration in the Openstack Puppet module for Gerrit ...)
+CVE-2016-5737
 	NOT-FOR-US: Openstack-infra puppet-gerrit module
-CVE-2016-5729 (Lenovo BIOS EFI Driver allows local administrators to execute ...)
+CVE-2016-5729
 	NOT-FOR-US: Lenovo
-CVE-2016-5728 (Race condition in the vop_ioctl function in ...)
+CVE-2016-5728
 	{DSA-3616-1}
 	- linux 4.6.1-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix: https://git.kernel.org/linus/9bf292bfca94694a721449e3fd752493856710f6 (v4.7-rc1)
 	NOTE: Introduced in: https://git.kernel.org/linus/f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5 (v3.13-rc1)
-CVE-2016-5725 (Directory traversal vulnerability in JCraft JSch before 0.1.54 on ...)
+CVE-2016-5725
 	{DLA-611-1}
 	- jsch 0.1.54-1 (low)
 	[jessie] - jsch <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/jsch/mailman/message/35318093/
 CVE-2016-5724
 	RESERVED
-CVE-2016-5723 (Huawei FusionInsight HD before V100R002C60SPC200 allows local users to ...)
+CVE-2016-5723
 	NOT-FOR-US: Huawei
-CVE-2016-5722 (Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 ...)
+CVE-2016-5722
 	NOT-FOR-US: OceanStor
-CVE-2016-5721 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+CVE-2016-5721
 	NOT-FOR-US: Zimbra
-CVE-2016-5720 (Multiple untrusted search path vulnerabilities in Microsoft Skype ...)
+CVE-2016-5720
 	NOT-FOR-US: Skype
 CVE-2016-5719
 	RESERVED
@@ -15411,11 +15411,11 @@ CVE-2016-5718
 	RESERVED
 CVE-2016-5717
 	RESERVED
-CVE-2016-5716 (The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 ...)
+CVE-2016-5716
 	- puppet <not-affected> (Limited to Puppet Enterprise)
-CVE-2016-5715 (Open redirect vulnerability in the Console in Puppet Enterprise 2015.x ...)
+CVE-2016-5715
 	- puppet <not-affected> (Limited to Puppet Enterprise)
-CVE-2016-5714 (Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet ...)
+CVE-2016-5714
 	- puppet 4.8.0-1
 	[jessie] - puppet <not-affected> (Vulnerable code introduced later)
 	[wheezy] - puppet <not-affected> (Vulnerable code introduced later)
@@ -15423,7 +15423,7 @@ CVE-2016-5714 (Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet
 	NOTE: triaged away in Ubuntu: "Default configurations of FOSS Puppet Agent are not vulnerable."
 	NOTE: gentoo released a fix: https://security.gentoo.org/glsa/201710-12
 	NOTE: rosetta stone for puppet version numbers: https://puppet.com/docs/puppet/4.10/about_agent.html
-CVE-2016-5713 (Versions of Puppet Agent prior to 1.6.0 included a version of the ...)
+CVE-2016-5713
 	- puppet 4.7.0-1
 	[jessie] - puppet <not-affected> (Vulnerable code introduced later)
 	[wheezy] - puppet <not-affected> (Vulnerable code introduced later)
@@ -15432,45 +15432,45 @@ CVE-2016-5713 (Versions of Puppet Agent prior to 1.6.0 included a version of the
 	NOTE: https://puppet.com/security/cve/cve-2016-5713
 CVE-2016-5712
 	RESERVED
-CVE-2016-5711 (NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a ...)
+CVE-2016-5711
 	NOT-FOR-US: NetApp
 CVE-2016-5710
 	RESERVED
-CVE-2016-5709 (SolarWinds Virtualization Manager 6.3.1 and earlier uses weak ...)
+CVE-2016-5709
 	NOT-FOR-US: SolarWinds
 CVE-2016-5708
 	RESERVED
 CVE-2016-5707
 	RESERVED
-CVE-2016-5706 (js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x ...)
+CVE-2016-5706
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.3-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5705 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2016-5705
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.3-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5704 (Cross-site scripting (XSS) vulnerability in the table-structure page ...)
+CVE-2016-5704
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5703 (SQL injection vulnerability in libraries/central_columns.lib.php in ...)
+CVE-2016-5703
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5702 (phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF ...)
+CVE-2016-5702
 	- phpmyadmin 4:4.6.3-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
-CVE-2016-5701 (setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, ...)
+CVE-2016-5701
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.3-1
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
-CVE-2016-5700 (Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, ...)
+CVE-2016-5700
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-5698
 	RESERVED
-CVE-2016-5697 (Ruby-saml before 1.3.0 allows attackers to perform XML signature ...)
+CVE-2016-5697
 	- ruby-saml 1.3.0-1 (bug #828076)
 	NOTE: https://github.com/onelogin/ruby-saml/commit/a571f52171e6bfd87db59822d1d9e8c38fb3b995
 CVE-2016-5695
@@ -15481,63 +15481,63 @@ CVE-2016-5693
 	RESERVED
 CVE-2016-5692
 	RESERVED
-CVE-2016-5686 (Johnson &amp; Johnson Animas OneTouch Ping devices mishandle ...)
+CVE-2016-5686
 	NOT-FOR-US: Animas OneTouch Ping
-CVE-2016-5685 (Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow ...)
+CVE-2016-5685
 	NOT-FOR-US: Dell
-CVE-2016-5684 (An exploitable out-of-bounds write vulnerability exists in the XMP ...)
+CVE-2016-5684
 	{DSA-3692-1 DLA-647-1}
 	- freeimage 3.17.0+ds1-3 (bug #839827)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0189/
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginXPM.cpp?r1=1.17&r2=1.18
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginXPM.cpp?r1=1.18&r2=1.19
-CVE-2016-5683 (ReadyDesk 9.1 allows local users to determine cleartext SQL Server ...)
+CVE-2016-5683
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5682 (Swagger-UI before 2.2.1 has XSS via the Default field in the ...)
+CVE-2016-5682
 	NOT-FOR-US: Swagger-UI
-CVE-2016-5681 (Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 ...)
+CVE-2016-5681
 	NOT-FOR-US: D-Link
-CVE-2016-5680 (Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 ...)
+CVE-2016-5680
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5679 (cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ...)
+CVE-2016-5679
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5678 (NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through ...)
+CVE-2016-5678
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5677 (NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, ...)
+CVE-2016-5677
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5676 (cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo ...)
+CVE-2016-5676
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5675 (handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO ...)
+CVE-2016-5675
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5674 (__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, ...)
+CVE-2016-5674
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5673 (UltraVNC Repeater before 1300 does not restrict destination IP ...)
+CVE-2016-5673
 	NOT-FOR-US: UltraVNC
-CVE-2016-5672 (Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x ...)
+CVE-2016-5672
 	- crosswalk <itp> (bug #775876)
-CVE-2016-5671 (Multiple cross-site request forgery (CSRF) vulnerabilities on Crestron ...)
+CVE-2016-5671
 	NOT-FOR-US: Creston
-CVE-2016-5670 (Crestron Electronics DM-TXRX-100-STR devices with firmware before ...)
+CVE-2016-5670
 	NOT-FOR-US: Creston
-CVE-2016-5669 (Crestron Electronics DM-TXRX-100-STR devices with firmware before ...)
+CVE-2016-5669
 	NOT-FOR-US: Creston
-CVE-2016-5668 (Crestron Electronics DM-TXRX-100-STR devices with firmware before ...)
+CVE-2016-5668
 	NOT-FOR-US: Creston
-CVE-2016-5667 (Crestron Electronics DM-TXRX-100-STR devices with firmware before ...)
+CVE-2016-5667
 	NOT-FOR-US: Creston
-CVE-2016-5666 (Crestron Electronics DM-TXRX-100-STR devices with firmware before ...)
+CVE-2016-5666
 	NOT-FOR-US: Creston
 CVE-2016-5665
 	RESERVED
-CVE-2016-5664 (Directory traversal vulnerability on Accellion Kiteworks appliances ...)
+CVE-2016-5664
 	NOT-FOR-US: Accellion Kiteworks
-CVE-2016-5663 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2016-5663
 	NOT-FOR-US: Accellion Kiteworks
-CVE-2016-5662 (Accellion Kiteworks appliances before kw2016.03.00 use setuid-root ...)
+CVE-2016-5662
 	NOT-FOR-US: Accellion Kiteworks
-CVE-2016-5661 (Accela Civic Platform Citizen Access portal relies on the client to ...)
+CVE-2016-5661
 	NOT-FOR-US: Accela
-CVE-2016-5660 (Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in ...)
+CVE-2016-5660
 	NOT-FOR-US: Accela
 CVE-2016-5659
 	RESERVED
@@ -15548,13 +15548,13 @@ CVE-2016-5657
 	NOT-FOR-US: Apache Archiva
 CVE-2016-5656
 	RESERVED
-CVE-2016-5655 (Misys FusionCapital Opics Plus does not verify X.509 certificates from ...)
+CVE-2016-5655
 	NOT-FOR-US: Misys
-CVE-2016-5654 (Misys FusionCapital Opics Plus allows remote authenticated users to ...)
+CVE-2016-5654
 	NOT-FOR-US: Misys
-CVE-2016-5653 (Multiple SQL injection vulnerabilities in Misys FusionCapital Opics ...)
+CVE-2016-5653
 	NOT-FOR-US: Misys
-CVE-2016-5652 (An exploitable heap-based buffer overflow exists in the handling of ...)
+CVE-2016-5652
 	{DSA-3762-1 DLA-693-1}
 	- tiff 4.0.6-3 (bug #842361)
 	- tiff3 <removed>
@@ -15563,65 +15563,65 @@ CVE-2016-5652 (An exploitable heap-based buffer overflow exists in the handling
 	NOTE: https://github.com/vadz/libtiff/commit/b5d6803f0898e931cf772d3d0755704ab8488e63
 CVE-2016-5651
 	RESERVED
-CVE-2016-5650 (ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 ...)
+CVE-2016-5650
 	NOT-FOR-US: ZModo
-CVE-2016-5649 (A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear ...)
+CVE-2016-5649
 	NOT-FOR-US: Netgear
-CVE-2016-5648 (Acer Portal app before 3.9.4.2000 for Android does not properly ...)
+CVE-2016-5648
 	NOT-FOR-US: Acer Portal Android application
-CVE-2016-5647 (The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, ...)
+CVE-2016-5647
 	NOT-FOR-US: Intel Windows drivers
-CVE-2016-5646 (An exploitable heap overflow vulnerability exists in the Compound ...)
+CVE-2016-5646
 	NOT-FOR-US: Lexmark
-CVE-2016-5645 (Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, ...)
+CVE-2016-5645
 	NOT-FOR-US: Rockwell
 CVE-2016-5644
 	RESERVED
 CVE-2016-5643
 	RESERVED
-CVE-2016-5642 (Opmantek NMIS before 8.5.12G has XSS via SNMP. ...)
+CVE-2016-5642
 	NOT-FOR-US: Opmantek NMIS
 CVE-2016-5641
 	RESERVED
-CVE-2016-5640 (Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron ...)
+CVE-2016-5640
 	NOT-FOR-US: Creston
-CVE-2016-5639 (Directory traversal vulnerability in cgi-bin/login.cgi on Crestron ...)
+CVE-2016-5639
 	NOT-FOR-US: Creston
-CVE-2016-5638 (There are few web pages associated with the genie app on the Netgear ...)
+CVE-2016-5638
 	NOT-FOR-US: Netgear
-CVE-2016-5637 (The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 ...)
+CVE-2016-5637
 	NOTE: https://www.kb.cert.org/vuls/id/123799
 	NOTE: No further information provided, but this is very likely a dupe of CVE-2016-8710
-CVE-2016-1000003 (Mirror Manager version 0.7.2 and older is vulnerable to remote code ...)
+CVE-2016-1000003
 	NOT-FOR-US: Fedora Mirror Manager
-CVE-2016-5727 (LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote ...)
+CVE-2016-5727
 	NOT-FOR-US: Simple Machines Forum
-CVE-2016-5726 (Packages.php in Simple Machines Forum (SMF) 2.1 allows remote ...)
+CVE-2016-5726
 	NOT-FOR-US: Simple Machines Forum
-CVE-2016-5691 (The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 ...)
+CVE-2016-5691
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833044)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
-CVE-2016-5690 (The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 ...)
+CVE-2016-5690
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833043)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
-CVE-2016-5689 (The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 ...)
+CVE-2016-5689
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833042)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
 	NOTE: Will be fixed in a 6.9.4-3 based version
-CVE-2016-5688 (The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, ...)
+CVE-2016-5688
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833003)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f
-CVE-2016-5687 (The VerticalFilter function in the DDS coder in ImageMagick before ...)
+CVE-2016-5687
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832890)
 	NOTE: https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0b7172f2ba2c9e664d4df148e7d6e14a50edb57a
-CVE-2016-5699 (CRLF injection vulnerability in the HTTPConnection.putheader function ...)
+CVE-2016-5699
 	{DLA-1663-1 DLA-522-1}
 	- python3.5 <not-affected> (Fixed with initial upload to Debian)
 	- python3.4 3.4.4~rc1-1
@@ -15630,33 +15630,33 @@ CVE-2016-5699 (CRLF injection vulnerability in the HTTPConnection.putheader func
 	NOTE: https://bugs.python.org/issue22928
 	NOTE: Fixed in 3.4 / 3.5: revision 94952: https://hg.python.org/cpython/rev/bf3e1c9b80e9
 	NOTE: Fixed in 2.7: revision 94951: https://hg.python.org/cpython/rev/1c45047c5102
-CVE-2016-5635 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-5635
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5634 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-5634
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5633 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-5633
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5632 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows ...)
+CVE-2016-5632
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5631 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-5631
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5630 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
+CVE-2016-5630
 	- mariadb-10.0 10.0.27-1
 	[jessie] - mariadb-10.0 10.0.27-0+deb8u1
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5629 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
+CVE-2016-5629
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -15665,15 +15665,15 @@ CVE-2016-5629 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-5628 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-5628
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5627 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
+CVE-2016-5627
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5626 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
+CVE-2016-5626
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -15682,11 +15682,11 @@ CVE-2016-5626 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-5625 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows ...)
+CVE-2016-5625
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5624 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows ...)
+CVE-2016-5624
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5)
@@ -15695,31 +15695,31 @@ CVE-2016-5624 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allo
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-5623 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-5623
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5622 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5622
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5621 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5621
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5620 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5620
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5619 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5619
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5618 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2016-5618
 	NOT-FOR-US: Oracle
 CVE-2016-5617
 	REJECTED
 CVE-2016-5616
 	REJECTED
-CVE-2016-5615 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5615
 	NOT-FOR-US: Solaris
-CVE-2016-5614 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2016-5614
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5613 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
+CVE-2016-5613
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5612 (Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 ...)
+CVE-2016-5612
 	- mariadb-10.0 10.0.27-1
 	[jessie] - mariadb-10.0 10.0.27-0+deb8u1
 	- mysql-5.7 5.7.15-1
@@ -15727,48 +15727,48 @@ CVE-2016-5612 (Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6
 	- mysql-5.5 <removed>
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
-CVE-2016-5611 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
+CVE-2016-5611
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5610 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
+CVE-2016-5610
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5609 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
+CVE-2016-5609
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5608 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
+CVE-2016-5608
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5607 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5607
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5606 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5606
 	NOT-FOR-US: Solaris
-CVE-2016-5605 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
+CVE-2016-5605
 	- virtualbox 5.1.4-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5604 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-5604
 	NOT-FOR-US: Oracle
-CVE-2016-5603 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5603
 	NOT-FOR-US: Oracle
-CVE-2016-5602 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+CVE-2016-5602
 	NOT-FOR-US: Oracle
-CVE-2016-5601 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-5601
 	NOT-FOR-US: Oracle
-CVE-2016-5600 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Services ...)
+CVE-2016-5600
 	NOT-FOR-US: Oracle
-CVE-2016-5599 (Unspecified vulnerability in the Oracle Advanced Supply Chain Planning ...)
+CVE-2016-5599
 	NOT-FOR-US: Oracle
-CVE-2016-5598 (Unspecified vulnerability in the MySQL Connector component 2.1.3 and ...)
+CVE-2016-5598
 	- mysql-connector-python 2.1.5-1 (bug #841677)
 	[jessie] - mysql-connector-python <not-affected> (Vulnerable code not present)
 	[wheezy] - mysql-connector-python <not-affected> (Only the Python 3 code is affected which is not shipped in binary package)
 	NOTE: https://blog.qualys.com/laws-of-vulnerabilities/2016/10/18/oracle-october-2016-critical-patch-update
-CVE-2016-5597 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
+CVE-2016-5597
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15776,40 +15776,40 @@ CVE-2016-5597 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102;
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5596 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-5596
 	NOT-FOR-US: Oracle
-CVE-2016-5595 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-5595
 	NOT-FOR-US: Oracle
-CVE-2016-5594 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5594
 	NOT-FOR-US: Oracle
-CVE-2016-5593 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-5593
 	NOT-FOR-US: Oracle
-CVE-2016-5592 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-5592
 	NOT-FOR-US: Oracle
-CVE-2016-5591 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-5591
 	NOT-FOR-US: Oracle
-CVE-2016-5590 (Vulnerability in the MySQL Enterprise Monitor component of Oracle ...)
+CVE-2016-5590
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2016-5589 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-5589
 	NOT-FOR-US: Oracle
-CVE-2016-5588 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-5588
 	NOT-FOR-US: Oracle
-CVE-2016-5587 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-5587
 	NOT-FOR-US: Oracle
-CVE-2016-5586 (Unspecified vulnerability in the Oracle Email Center component in ...)
+CVE-2016-5586
 	NOT-FOR-US: Oracle
-CVE-2016-5585 (Unspecified vulnerability in the Oracle Interaction Center ...)
+CVE-2016-5585
 	NOT-FOR-US: Oracle
-CVE-2016-5584 (Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 ...)
+CVE-2016-5584
 	{DSA-3711-1 DSA-3706-1 DLA-708-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.16-1 (bug #841163)
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <removed> (bug #841050)
 	NOTE: Fixed in MariaDB 5.5.53, MariaDB 10.0.28
-CVE-2016-5583 (Unspecified vulnerability in the Oracle One-to-One Fulfillment ...)
+CVE-2016-5583
 	NOT-FOR-US: Oracle
-CVE-2016-5582 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
+CVE-2016-5582
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15817,23 +15817,23 @@ CVE-2016-5582 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102;
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5581 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
+CVE-2016-5581
 	NOT-FOR-US: Oracle
-CVE-2016-5580 (Unspecified vulnerability in the Secure Global Desktop component in ...)
+CVE-2016-5580
 	NOT-FOR-US: Secure Global Desktop
-CVE-2016-5579 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-5579
 	NOT-FOR-US: Oracle
-CVE-2016-5578 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-5578
 	NOT-FOR-US: Oracle
-CVE-2016-5577 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-5577
 	NOT-FOR-US: Oracle
-CVE-2016-5576 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5576
 	NOT-FOR-US: Solaris
-CVE-2016-5575 (Unspecified vulnerability in the Oracle Common Applications Calendar ...)
+CVE-2016-5575
 	NOT-FOR-US: Oracle
-CVE-2016-5574 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-5574
 	NOT-FOR-US: Oracle
-CVE-2016-5573 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
+CVE-2016-5573
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15841,47 +15841,47 @@ CVE-2016-5573 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102;
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5572 (Unspecified vulnerability in the Kernel PDB component in Oracle ...)
+CVE-2016-5572
 	NOT-FOR-US: Oracle
-CVE-2016-5571 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2016-5571
 	NOT-FOR-US: Oracle
-CVE-2016-5570 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2016-5570
 	NOT-FOR-US: Oracle
-CVE-2016-5569 (Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and ...)
+CVE-2016-5569
 	NOT-FOR-US: Oracle
-CVE-2016-5568 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 ...)
+CVE-2016-5568
 	- openjdk-8 <not-affected> (Only affects Windows)
 	- openjdk-7 <not-affected> (Only affects Windows)
 	- openjdk-6 <not-affected> (Only affects Windows)
-CVE-2016-5567 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2016-5567
 	NOT-FOR-US: Oracle
-CVE-2016-5566 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote ...)
+CVE-2016-5566
 	NOT-FOR-US: Solaris
-CVE-2016-5565 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property ...)
+CVE-2016-5565
 	NOT-FOR-US: Oracle
-CVE-2016-5564 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property ...)
+CVE-2016-5564
 	NOT-FOR-US: Oracle
-CVE-2016-5563 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property ...)
+CVE-2016-5563
 	NOT-FOR-US: Oracle
-CVE-2016-5562 (Unspecified vulnerability in the Oracle iProcurement component in ...)
+CVE-2016-5562
 	NOT-FOR-US: Oracle
-CVE-2016-5561 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote ...)
+CVE-2016-5561
 	NOT-FOR-US: Solaris
-CVE-2016-5560 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2016-5560
 	NOT-FOR-US: Oracle Siebel
-CVE-2016-5559 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
+CVE-2016-5559
 	NOT-FOR-US: Solaris
-CVE-2016-5558 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-5558
 	NOT-FOR-US: Oracle
-CVE-2016-5557 (Unspecified vulnerability in the Oracle Advanced Pricing component in ...)
+CVE-2016-5557
 	NOT-FOR-US: Oracle
-CVE-2016-5556 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 ...)
+CVE-2016-5556
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
 	- openjdk-8 <not-affected> (specific to Oracle Java)
-CVE-2016-5555 (Unspecified vulnerability in the OJVM component in Oracle Database ...)
+CVE-2016-5555
 	NOT-FOR-US: Oracle
-CVE-2016-5554 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
+CVE-2016-5554
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15889,50 +15889,50 @@ CVE-2016-5554 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102;
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5553 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
+CVE-2016-5553
 	NOT-FOR-US: Solaris
-CVE-2016-5552 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2016-5552
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5551 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems ...)
+CVE-2016-5551
 	NOT-FOR-US: Solaris
 CVE-2016-5550
 	REJECTED
-CVE-2016-5549 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2016-5549
 	- openjdk-8 8u121-b13-1
 	- openjdk-7 <not-affected> (In the Debian package, the code is removed during build time)
-CVE-2016-5548 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2016-5548
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5547 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2016-5547
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
-CVE-2016-5546 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2016-5546
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5545 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2016-5545
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5544 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
+CVE-2016-5544
 	NOT-FOR-US: Solaris
-CVE-2016-5543 (Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and ...)
+CVE-2016-5543
 	NOT-FOR-US: Oracle
-CVE-2016-5542 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
+CVE-2016-5542
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15940,126 +15940,126 @@ CVE-2016-5542 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102;
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5541 (Vulnerability in the MySQL Cluster component of Oracle MySQL ...)
+CVE-2016-5541
 	NOT-FOR-US: MySQL Cluster
-CVE-2016-5540 (Unspecified vulnerability in the Oracle Retail Xstore Payment ...)
+CVE-2016-5540
 	NOT-FOR-US: Oracle
-CVE-2016-5539 (Unspecified vulnerability in the Oracle Retail Xstore Payment ...)
+CVE-2016-5539
 	NOT-FOR-US: Oracle
-CVE-2016-5538 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
+CVE-2016-5538
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5537 (Unspecified vulnerability in the NetBeans component in Oracle Fusion ...)
+CVE-2016-5537
 	[experimental] - netbeans 8.2+dfsg1-1
 	- netbeans 10.0-1 (bug #852029)
 	[stretch] - netbeans <ignored> (No details about affected code, backport of Netbeans 8.2 too intrusive)
 	[wheezy] - netbeans <ignored> (No details about affected code, backport of Netbeans 8.2 too intrusive)
-CVE-2016-5536 (Unspecified vulnerability in the Oracle Platform Security for Java ...)
+CVE-2016-5536
 	NOT-FOR-US: Oracle
-CVE-2016-5535 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-5535
 	NOT-FOR-US: Oracle
-CVE-2016-5534 (Unspecified vulnerability in the Siebel Apps - Customer Order ...)
+CVE-2016-5534
 	NOT-FOR-US: Oracle Siebel
-CVE-2016-5533 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-5533
 	NOT-FOR-US: Oracle
-CVE-2016-5532 (Unspecified vulnerability in the Oracle Shipping Execution component ...)
+CVE-2016-5532
 	NOT-FOR-US: Oracle
-CVE-2016-5531 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-5531
 	NOT-FOR-US: Oracle
-CVE-2016-5530 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-5530
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2016-5529 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-5529
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2016-5528 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2016-5528
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2016-5527 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5527
 	NOT-FOR-US: Oracle
-CVE-2016-5526 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5526
 	NOT-FOR-US: Oracle
-CVE-2016-5525 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2016-5525
 	NOT-FOR-US: Oracle
-CVE-2016-5524 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5524
 	NOT-FOR-US: Oracle
-CVE-2016-5523 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5523
 	NOT-FOR-US: Oracle
-CVE-2016-5522 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5522
 	NOT-FOR-US: Oracle
-CVE-2016-5521 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5521
 	NOT-FOR-US: Oracle
 CVE-2016-5520
 	REJECTED
-CVE-2016-5519 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2016-5519
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2016-5518 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+CVE-2016-5518
 	NOT-FOR-US: Oracle
-CVE-2016-5517 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+CVE-2016-5517
 	NOT-FOR-US: Oracle
-CVE-2016-5516 (Unspecified vulnerability in the Kernel PDB component in Oracle ...)
+CVE-2016-5516
 	NOT-FOR-US: Oracle
-CVE-2016-5515 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5515
 	NOT-FOR-US: Oracle
-CVE-2016-5514 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5514
 	NOT-FOR-US: Oracle
-CVE-2016-5513 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5513
 	NOT-FOR-US: Oracle
-CVE-2016-5512 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5512
 	NOT-FOR-US: Oracle
-CVE-2016-5511 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2016-5511
 	NOT-FOR-US: Oracle
-CVE-2016-5510 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5510
 	NOT-FOR-US: Oracle
-CVE-2016-5509 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2016-5509
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5508 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2016-5508
 	NOT-FOR-US: Solaris
-CVE-2016-5507 (Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and ...)
+CVE-2016-5507
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5506 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+CVE-2016-5506
 	NOT-FOR-US: Oracle
-CVE-2016-5505 (Unspecified vulnerability in the RDBMS Programmable Interface ...)
+CVE-2016-5505
 	NOT-FOR-US: Oracle
-CVE-2016-5504 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
+CVE-2016-5504
 	NOT-FOR-US: Oracle
-CVE-2016-5503 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+CVE-2016-5503
 	NOT-FOR-US: Oracle
-CVE-2016-5502 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5502
 	NOT-FOR-US: Oracle
-CVE-2016-5501 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
+CVE-2016-5501
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5500 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
+CVE-2016-5500
 	NOT-FOR-US: Oracle
-CVE-2016-5499 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+CVE-2016-5499
 	NOT-FOR-US: Oracle
-CVE-2016-5498 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+CVE-2016-5498
 	NOT-FOR-US: Oracle
-CVE-2016-5497 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+CVE-2016-5497
 	NOT-FOR-US: Oracle
 CVE-2016-5496
 	REJECTED
-CVE-2016-5495 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
+CVE-2016-5495
 	NOT-FOR-US: Oracle
 CVE-2016-5494
 	REJECTED
-CVE-2016-5493 (Unspecified vulnerability in the Oracle FLEXCUBE Private Banking ...)
+CVE-2016-5493
 	NOT-FOR-US: Oracle
-CVE-2016-5492 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+CVE-2016-5492
 	NOT-FOR-US: Oracle
-CVE-2016-5491 (Unspecified vulnerability in the Oracle Commerce Service Center ...)
+CVE-2016-5491
 	NOT-FOR-US: Oracle
-CVE-2016-5490 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5490
 	NOT-FOR-US: Oracle
-CVE-2016-5489 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+CVE-2016-5489
 	NOT-FOR-US: Oracle
-CVE-2016-5488 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-5488
 	NOT-FOR-US: Oracle
-CVE-2016-5487 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5487
 	NOT-FOR-US: Solaris
-CVE-2016-5486 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+CVE-2016-5486
 	NOT-FOR-US: Oracle
 CVE-2016-5485
 	REJECTED
@@ -16067,83 +16067,83 @@ CVE-2016-5484
 	REJECTED
 CVE-2016-5483
 	REJECTED
-CVE-2016-5482 (Unspecified vulnerability in the Oracle Commerce Guided Search ...)
+CVE-2016-5482
 	NOT-FOR-US: Oracle
-CVE-2016-5481 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+CVE-2016-5481
 	NOT-FOR-US: Oracle
-CVE-2016-5480 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2016-5480
 	NOT-FOR-US: Solaris
-CVE-2016-5479 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+CVE-2016-5479
 	NOT-FOR-US: Oracle
 CVE-2016-5478
 	REJECTED
-CVE-2016-5477 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2016-5477
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-5476 (Unspecified vulnerability in the Oracle Retail Integration Bus ...)
+CVE-2016-5476
 	NOT-FOR-US: Oracle
-CVE-2016-5475 (Unspecified vulnerability in the Oracle Retail Service Backbone ...)
+CVE-2016-5475
 	NOT-FOR-US: Oracle
-CVE-2016-5474 (Unspecified vulnerability in the Oracle Retail Service Backbone ...)
+CVE-2016-5474
 	NOT-FOR-US: Oracle
-CVE-2016-5473 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-5473
 	NOT-FOR-US: Oracle
-CVE-2016-5472 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-5472
 	NOT-FOR-US: Oracle
-CVE-2016-5471 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5471
 	NOT-FOR-US: Solaris
-CVE-2016-5470 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-5470
 	NOT-FOR-US: Oracle
-CVE-2016-5469 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5469
 	NOT-FOR-US: Oracle
-CVE-2016-5468 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2016-5468
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5467 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
+CVE-2016-5467
 	NOT-FOR-US: Oracle
-CVE-2016-5466 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2016-5466
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5465 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-5465
 	NOT-FOR-US: Oracle
-CVE-2016-5464 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2016-5464
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5463 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2016-5463
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5462 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2016-5462
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5461 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2016-5461
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5460 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2016-5460
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5459 (Unspecified vulnerability in the Siebel Core - Common Components ...)
+CVE-2016-5459
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5458 (Unspecified vulnerability in the Oracle Communications EAGLE ...)
+CVE-2016-5458
 	NOT-FOR-US: Oracle
-CVE-2016-5457 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-5457
 	NOT-FOR-US: Oracle
-CVE-2016-5456 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2016-5456
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5455 (Unspecified vulnerability in the Oracle Communications Messaging ...)
+CVE-2016-5455
 	NOT-FOR-US: Oracle
-CVE-2016-5454 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5454
 	NOT-FOR-US: Oracle
-CVE-2016-5453 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-5453
 	NOT-FOR-US: Oracle
-CVE-2016-5452 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-5452
 	NOT-FOR-US: Oracle
-CVE-2016-5451 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2016-5451
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5450 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2016-5450
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5449 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-5449
 	NOT-FOR-US: Oracle
-CVE-2016-5448 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-5448
 	NOT-FOR-US: Oracle
-CVE-2016-5447 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-5447
 	NOT-FOR-US: Oracle
-CVE-2016-5446 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-5446
 	NOT-FOR-US: Oracle
-CVE-2016-5445 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-5445
 	NOT-FOR-US: Oracle
-CVE-2016-5444 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 ...)
+CVE-2016-5444
 	- mariadb-10.0 10.0.25-1
 	[jessie] - mariadb-10.0 10.0.25-0+deb8u1
 	- mysql-5.6 5.6.30-1
@@ -16151,48 +16151,48 @@ CVE-2016-5444 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6
 	[jessie] - mysql-5.5 5.5.49-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.49-0+deb7u1
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5443 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-5443
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5442 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-5442
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5441 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-5441
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5440 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 ...)
+CVE-2016-5440
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5439 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and ...)
+CVE-2016-5439
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
 CVE-2016-5438
 	REJECTED
-CVE-2016-5437 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-5437
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5436 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-5436
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5435 (Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and ...)
+CVE-2016-5435
 	NOT-FOR-US: Huawei
-CVE-2016-6211 (The User module in Drupal 7.x before 7.44 allows remote authenticated ...)
+CVE-2016-6211
 	{DSA-3604-1 DLA-550-1}
 	- drupal7 7.44-1
 	NOTE: https://www.drupal.org/SA-CORE-2016-002
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/4
 	NOTE: https://gist.github.com/lamby/4697fea399f3f01ca6de3ce9ed79fce7 tarball diff
 	NOTE: https://gist.github.com/lamby/dbeda4d49f48a32aa0dd4b3ed7f06a13 filtered diff
-CVE-2016-5636 (Integer overflow in the get_data function in zipimport.c in CPython ...)
+CVE-2016-5636
 	{DLA-1663-1 DLA-522-1}
 	- python3.5 3.5.2~rc1-1
 	- python3.4 <removed>
@@ -16201,40 +16201,40 @@ CVE-2016-5636 (Integer overflow in the get_data function in zipimport.c in CPyth
 	NOTE: https://bugs.python.org/issue26171
 	NOTE: 2.7: https://hg.python.org/cpython/rev/985fc64c60d6
 	NOTE: 3.5: https://hg.python.org/cpython/rev/2df462852464
-CVE-2016-5433 (Citrix iOS Receiver before 7.0 allows attackers to cause TLS ...)
+CVE-2016-5433
 	NOT-FOR-US: Citrix
-CVE-2016-5434 (libalpm, as used in pacman 5.0.1, allows remote attackers to cause a ...)
+CVE-2016-5434
 	NOT-FOR-US: libalpm (Arch Linux Package Management (ALPM) library)
-CVE-2016-5432 (The ovirt-engine-provisiondb utility in Red Hat Enterprise ...)
+CVE-2016-5432
 	NOT-FOR-US: ovirt-engine
 CVE-2016-5431
 	RESERVED
-CVE-2016-5430 (The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php ...)
+CVE-2016-5430
 	NOT-FOR-US: jose-php
-CVE-2016-5429 (jose-php before 2.2.1 does not use constant-time operations for HMAC ...)
+CVE-2016-5429
 	NOT-FOR-US: jose-php
 CVE-2016-5428
 	RESERVED
-CVE-2016-5427 (PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not ...)
+CVE-2016-5427
 	{DSA-3664-1 DLA-627-1}
 	- pdns 4.0.0~alpha1-1
 	NOTE: Only affects PowerDNS Authoritative Server up to and including 3.4.9, 4.x not affected
 	NOTE: Added workaround to mark first 4.x version in unstable as fixed.
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/
 	NOTE: https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3
-CVE-2016-5426 (PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote ...)
+CVE-2016-5426
 	{DSA-3664-1 DLA-627-1}
 	- pdns 4.0.0~alpha1-1
 	NOTE: Only affects PowerDNS Authoritative Server up to and including 3.4.9, 4.x not affected
 	NOTE: Added workaround to mark first 4.x version in unstable as fixed.
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/
 	NOTE: https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3
-CVE-2016-5425 (The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, ...)
+CVE-2016-5425
 	- tomcat8 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat7 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat6 <not-affected> (Red Hat and derivatives packaging specific)
 	NOTE: http://legalhackers.com/advisories/Tomcat-RedHat-Pkgs-Root-PrivEsc-Exploit-CVE-2016-5425.html
-CVE-2016-5424 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, ...)
+CVE-2016-5424
 	{DSA-3646-1 DLA-592-1}
 	- postgresql-9.5 9.5.4-1
 	- postgresql-9.4 <removed>
@@ -16242,7 +16242,7 @@ CVE-2016-5424 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.1
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=fcd15f13581f6d75c63d213220d5a94889206c1b
 	NOTE: https://www.postgresql.org/about/news/1688/
-CVE-2016-5423 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, ...)
+CVE-2016-5423
 	{DSA-3646-1 DLA-592-1}
 	- postgresql-9.5 9.5.4-1
 	- postgresql-9.4 <removed>
@@ -16250,27 +16250,27 @@ CVE-2016-5423 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.1
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=f0c7b789ab12fbc8248b671c7882dd96ac932ef4
 	NOTE: https://www.postgresql.org/about/news/1688/
-CVE-2016-5422 (The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 ...)
+CVE-2016-5422
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2016-5421 (Use-after-free vulnerability in libcurl before 7.50.1 allows attackers ...)
+CVE-2016-5421
 	{DSA-3638-1}
 	- curl 7.50.1-1
 	[wheezy] - curl <not-affected> (introduced in 7.32.0)
 	NOTE: https://curl.haxx.se/docs/adv_20160803C.html
 	NOTE: Fixed by https://curl.haxx.se/CVE-2016-5421.patch
-CVE-2016-5420 (curl and libcurl before 7.50.1 do not check the client certificate ...)
+CVE-2016-5420
 	{DSA-3638-1 DLA-586-1}
 	- curl 7.50.1-1
 	NOTE: https://curl.haxx.se/docs/adv_20160803B.html
 	NOTE: Fixed by https://curl.haxx.se/CVE-2016-5420.patch
 	NOTE: Wheezy: vulnerable code is in lib/sslgen.c
-CVE-2016-5419 (curl and libcurl before 7.50.1 do not prevent TLS session resumption ...)
+CVE-2016-5419
 	{DSA-3638-1 DLA-586-1}
 	- curl 7.50.1-1
 	NOTE: https://curl.haxx.se/docs/adv_20160803A.html
 	NOTE: Fixed by https://curl.haxx.se/CVE-2016-5419.patch
 	NOTE: Wheezy: vulnerable code is in lib/sslgen.c
-CVE-2016-5418 (The sandboxing code in libarchive 3.2.0 and earlier mishandles ...)
+CVE-2016-5418
 	{DSA-3677-1 DLA-657-1}
 	- libarchive 3.2.1-4 (bug #837714)
 	NOTE: Centos patch: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3
@@ -16284,14 +16284,14 @@ CVE-2016-5418 (The sandboxing code in libarchive 3.2.0 and earlier mishandles ..
 	NOTE: https://github.com/libarchive/libarchive/issues/746
 	NOTE: Testcase: https://github.com/libarchive/libarchive/commit/063ea3ea3fcb569a380b2ebe9c9ddd8bd6ce0d49
 	NOTE: Fix for testcase: https://github.com/libarchive/libarchive/commit/50952acd22df3326c49771f5e5ba48630899468c
-CVE-2016-5417 (Memory leak in the __res_vinit function in the IPv6 name server ...)
+CVE-2016-5417
 	- glibc 2.22-4 (bug #833302)
 	[jessie] - glibc <not-affected> (Introduced in 2.22)
 	- eglibc <not-affected> (Introduced in 2.22)
 	NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2212c1420c92a33b0e0bd9a34938c9814a56c0f7 (glibc-2.22)
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5e7fdabd7df1fc6c56d104e61390bf5a6b526c38 (glibc-2.24)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19257
-CVE-2016-5416 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...)
+CVE-2016-5416
 	- 389-ds-base <unfixed> (bug #834233)
 	[buster] - 389-ds-base <no-dsa> (Minor issue)
 	[stretch] - 389-ds-base <no-dsa> (Minor issue)
@@ -16300,64 +16300,64 @@ CVE-2016-5416 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 throug
 	NOTE: Potentially related: https://fedorahosted.org/389/ticket/48354
 CVE-2016-5415
 	RESERVED
-CVE-2016-5414 (FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name ...)
+CVE-2016-5414
 	- freeipa <not-affected> (Vulnerable code introduced in the 4.4.0 release)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1360757
 	NOTE: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=25ed36fda14b30d6a50746a536939e3b428993cb
 CVE-2016-5413
 	RESERVED
-CVE-2016-5412 (arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through ...)
+CVE-2016-5412
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Transactional memory not supported)
 	NOTE: https://marc.info/?l=kvm&m=146968629127349&w=2
 	NOTE: https://git.kernel.org/linus/93d17397e4e2182fdaad503e2f9da46202c0f1c3 (v4.8-rc1)
-CVE-2016-5411 (/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart ...)
+CVE-2016-5411
 	NOT-FOR-US: ovirt engine
-CVE-2016-5410 (firewalld.py in firewalld before 0.4.3.3 allows local users to bypass ...)
+CVE-2016-5410
 	- firewalld 0.4.3.3-1 (bug #834529)
 	[jessie] - firewalld <ignored> (Minor issue)
 	NOTE: Introduced by: https://github.com/t-woerner/firewalld/commit/6b9867cd5c5e2c83adeec42666521a420e59ef11
-CVE-2016-5409 (Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a ...)
+CVE-2016-5409
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-5408 (Stack-based buffer overflow in the munge_other_line function in ...)
+CVE-2016-5408
 	{DLA-556-1}
 	- squid3 <not-affected> (Incomplete fix for CVE-2016-4051 not applied)
 	NOTE: CVE is specific for the incomplete fix of CVE-2016-4051 as applied
 	NOTE: by some vendors.
-CVE-2016-5407 (The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org ...)
+CVE-2016-5407
 	{DLA-667-1}
 	- libxv 2:1.0.11-1 (low; bug #840438)
 	[jessie] - libxv 2:1.0.10-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXv/commit/?id=d9da580b46a28ab497de2e94fdc7b9ff953dab17
-CVE-2016-5406 (The domain controller in Red Hat JBoss Enterprise Application Platform ...)
+CVE-2016-5406
 	NOT-FOR-US: JBoss EAP
-CVE-2016-5405 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...)
+CVE-2016-5405
 	- 389-ds-base 1.3.5.15-1 (bug #842121)
 	[jessie] - 389-ds-base <no-dsa> (minor issue)
 	NOTE: This affects systems storing passwords in plain text.
 	NOTE: Systems using unsalted hashes might be unsafe as well if using weak
 	NOTE: hash algorithms, however the attack would be very time-consuming.
 	NOTE: the patch for this CVE causes CVE-2017-15135
-CVE-2016-5404 (The cert_revoke command in FreeIPA does not check for the &quot;revoke ...)
+CVE-2016-5404
 	- freeipa 4.3.2-5 (bug #835131)
 	NOTE: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd (master)
 	NOTE: https://fedorahosted.org/freeipa/ticket/6232
-CVE-2016-5403 (The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local ...)
+CVE-2016-5403
 	{DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #832619)
 	[jessie] - qemu <no-dsa> (Minor issue; can be fixed in future DSA or point release)
 	- qemu-kvm <removed>
-CVE-2016-5402 (A code injection flaw was found in the way capacity and utilization ...)
+CVE-2016-5402
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-5401 (Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS ...)
+CVE-2016-5401
 	NOT-FOR-US: JBoss BPMS business-central
-CVE-2016-5400 (Memory leak in the airspy_probe function in ...)
+CVE-2016-5400
 	- linux 4.7.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/aa93d1fee85c890a34f2510a310e55ee76a27848 (4.7)
-CVE-2016-5399 (The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x ...)
+CVE-2016-5399
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
@@ -16366,9 +16366,9 @@ CVE-2016-5399 (The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x
 	NOTE: CVE is assigned for the issue in PHP in adequate error handling in the
 	NOTE: bzread() function. Disputed by PHP upstream, which considers that the
 	NOTE: underlying bzip2 library is at fault.
-CVE-2016-5398 (Cross-site scripting (XSS) vulnerability in Business Process Editor in ...)
+CVE-2016-5398
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-5397 (The Apache Thrift Go client library exposed the potential during code ...)
+CVE-2016-5397
 	- thrift-compiler <unfixed> (unimportant; bug #894577)
 	[experimental] - thrift 0.10.0-1 (unimportant)
 	- thrift 0.11.0-3 (unimportant)
@@ -16380,31 +16380,31 @@ CVE-2016-5397 (The Apache Thrift Go client library exposed the potential during
 	NOTE: Only ever affected src:thrift in experimental, and fixed in src:thrift/0.10.0-1
 	NOTE: so any future upload of thrift to unstable can mark this item as <not-affected>
 	NOTE: (fixed before the initial upload to Debian unstable)
-CVE-2016-5396 (Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb ...)
+CVE-2016-5396
 	- trafficserver 7.0.0-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/TS-5019
-CVE-2016-5395 (Cross-site scripting (XSS) vulnerability in the create user ...)
+CVE-2016-5395
 	NOT-FOR-US: Apache Ranger
-CVE-2016-5394 (In the XSS Protection API module before 1.0.12 in Apache Sling, the ...)
+CVE-2016-5394
 	NOT-FOR-US: Apache Sling
-CVE-2016-5393 (In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote ...)
+CVE-2016-5393
 	- hadoop <itp> (bug #793644)
-CVE-2016-5392 (The API server in Kubernetes, as used in Red Hat OpenShift Enterprise ...)
+CVE-2016-5392
 	NOT-FOR-US: OpenShift
-CVE-2016-5391 (libreswan before 3.18 allows remote attackers to cause a denial of ...)
+CVE-2016-5391
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2016-5391/CVE-2016-5391.txt
-CVE-2016-5390 (Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote ...)
+CVE-2016-5390
 	- foreman <itp> (bug #663101)
-CVE-2016-5696 (net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly ...)
+CVE-2016-5696
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/282f23c6ee343126156dd41218b22ece96d747e3
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/75ff39ccc1bd5d3c455b6822ab09e533c551f758
 CVE-2016-5389
 	REJECTED
-CVE-2016-5388 (Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI ...)
+CVE-2016-5388
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.37-1 (unimportant)
 	- tomcat7 7.0.72-1 (unimportant)
@@ -16439,27 +16439,27 @@ CVE-2016-1000104
 	NOTE: libapache2-mod-fcgid does not set HTTP_PROXY based on Proxy: header unless
 	NOTE: explicitly configured so and mitigations for Apache in CVE-2016-5387 prevent
 	NOTE: exploitation anyway
-CVE-2016-5387 (The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 ...)
+CVE-2016-5387
 	{DSA-3623-1 DLA-553-1}
 	- apache2 2.4.23-2
 	NOTE: https://www.apache.org/security/asf-httpoxy-response.txt
 	NOTE: https://httpoxy.org
-CVE-2016-5386 (The net/http package in Go through 1.6 does not attempt to address RFC ...)
+CVE-2016-5386
 	- golang <unfixed> (unimportant)
 	NOTE: No part of Go does set HTTP_PROXY based on a Proxy: header, 1.6.3 and 1.7
 	NOTE: provide hardening to discard HTTP_PROXY
-CVE-2016-5385 (PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 ...)
+CVE-2016-5385
 	{DSA-3631-1 DLA-749-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72573
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-5384 (fontconfig before 2.12.1 does not validate offsets, which allows local ...)
+CVE-2016-5384
 	{DSA-3644-1 DLA-587-1}
 	- fontconfig 2.11.0-6.5 (bug #833570)
 	NOTE: https://lists.freedesktop.org/archives/fontconfig/2016-August/005792.html
 	NOTE: Fixed by: https://cgit.freedesktop.org/fontconfig/commit/?id=7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940 (2.12.1)
-CVE-2016-5383 (The web UI in Red Hat CloudForms 4.1 allows remote authenticated users ...)
+CVE-2016-5383
 	NOT-FOR-US: Red Hat CloudForms
 CVE-2016-5382
 	RESERVED
@@ -16477,11 +16477,11 @@ CVE-2016-5376
 	RESERVED
 CVE-2016-5375
 	RESERVED
-CVE-2016-5374 (NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated ...)
+CVE-2016-5374
 	NOT-FOR-US: NetApp
 CVE-2016-5373
 	RESERVED
-CVE-2016-5372 (Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator ...)
+CVE-2016-5372
 	NOT-FOR-US: NetApp
 CVE-2016-5371
 	RESERVED
@@ -16489,61 +16489,61 @@ CVE-2016-5370
 	RESERVED
 CVE-2016-5369
 	RESERVED
-CVE-2016-5368 (Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote ...)
+CVE-2016-5368
 	NOT-FOR-US: Huawei
-CVE-2016-5367 (Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow ...)
+CVE-2016-5367
 	NOT-FOR-US: Huawei
-CVE-2016-5366 (Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow ...)
+CVE-2016-5366
 	NOT-FOR-US: Huawei
-CVE-2016-5365 (Stack-based buffer overflow in Huawei Honor WS851 routers with ...)
+CVE-2016-5365
 	NOT-FOR-US: Huawei
-CVE-2016-5364 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2016-5364
 	{DLA-512-1}
 	- mantis <removed>
 	NOTE: http://github.com/mantisbt/mantisbt/commit/5068df2d (1.2.x)
 	NOTE: https://mantisbt.org/bugs/view.php?id=20956
-CVE-2016-5363 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 ...)
+CVE-2016-5363
 	- neutron 2:8.1.2-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1558658
-CVE-2016-5362 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 ...)
+CVE-2016-5362
 	- neutron 2:8.1.2-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1558658
-CVE-2016-5349 (The high level operating systems (HLOS) was not providing sufficient ...)
+CVE-2016-5349
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5348 (The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, ...)
+CVE-2016-5348
 	NOT-FOR-US: Android
-CVE-2016-5347 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2016-5347
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5346
 	RESERVED
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5345 (Buffer overflow in the Qualcomm radio driver in Android before ...)
+CVE-2016-5345
 	NOT-FOR-US: Qualcomm radio driver for Android
-CVE-2016-5344 (Multiple integer overflows in the MDSS driver for the Linux kernel ...)
+CVE-2016-5344
 	- linux <not-affected> (Android-specific kernel patch)
-CVE-2016-5343 (drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service ...)
+CVE-2016-5343
 	- linux <not-affected> (Android-specific kernel patch)
-CVE-2016-5342 (Heap-based buffer overflow in the wcnss_wlan_write function in ...)
+CVE-2016-5342
 	- linux <not-affected> (Android-specific kernel patch)
-CVE-2016-5341 (The GPS component in Android before 2016-12-05 allows ...)
+CVE-2016-5341
 	NOT-FOR-US: Android
-CVE-2016-5340 (The is_ashmem_file function in drivers/staging/android/ashmem.c in a ...)
+CVE-2016-5340
 	- linux <not-affected> (Android-specific kernel patch, is_ashmem_file/put_ashmem_file not present in mainline kernel)
 CVE-2016-5339
 	RESERVED
-CVE-2016-5361 (programs/pluto/ikev1.c in libreswan before 3.17 retransmits in ...)
+CVE-2016-5361
 	- libreswan <not-affected> (Fixed before initial upload to Debian)
 	NOTE: Possibly the CVE should be rejected: http://www.openwall.com/lists/oss-security/2016/06/13/1
 	NOTE: MITRE has not assigned the CVE to the protocol flaw, but specific to libreswan, but as
 	NOTE: Huzaifa Sidhpurwala <huzaifas@redhat.com> pointed out that is not a libreswan issue, rather
 	NOTE: the protocol is flawed.
-CVE-2016-5360 (HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, ...)
+CVE-2016-5360
 	- haproxy 1.6.5-2 (bug #826869)
 	[jessie] - haproxy <not-affected> (Issue introduced in 1.6.0)
 	NOTE: Fixed by: http://git.haproxy.org/?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e699567e0b
-CVE-2016-5338 (The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c ...)
+CVE-2016-5338
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #827024)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -16552,7 +16552,7 @@ CVE-2016-5338 (The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/e
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343323
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff589551c8e8e9e95e211b9d8daafb4ed39f1aec
-CVE-2016-5337 (The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows ...)
+CVE-2016-5337
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #827026)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -16561,100 +16561,100 @@ CVE-2016-5337 (The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU a
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343909
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=844864fbae66935951529408831c2f22367a57b6
-CVE-2016-5336 (VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to ...)
+CVE-2016-5336
 	NOT-FOR-US: VMware
-CVE-2016-5335 (VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x ...)
+CVE-2016-5335
 	NOT-FOR-US: VMware
-CVE-2016-5334 (VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x ...)
+CVE-2016-5334
 	NOT-FOR-US: VMware
-CVE-2016-5333 (VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public ...)
+CVE-2016-5333
 	NOT-FOR-US: VMware
-CVE-2016-5332 (Directory traversal vulnerability in VMware vRealize Log Insight 2.x ...)
+CVE-2016-5332
 	NOT-FOR-US: vRealize Log Insight
-CVE-2016-5331 (CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 ...)
+CVE-2016-5331
 	NOT-FOR-US: VMware
-CVE-2016-5330 (Untrusted search path vulnerability in the HGFS (aka Shared Folders) ...)
+CVE-2016-5330
 	NOT-FOR-US: VMware
-CVE-2016-5329 (VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection ...)
+CVE-2016-5329
 	NOT-FOR-US: VMware
-CVE-2016-5328 (VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity ...)
+CVE-2016-5328
 	NOT-FOR-US: VMware
 CVE-2016-5327
 	RESERVED
 CVE-2016-5326
 	RESERVED
-CVE-2016-5325 (CRLF injection vulnerability in the ServerResponse#writeHead function ...)
+CVE-2016-5325
 	- nodejs 4.6.0~dfsg-1 (bug #839714; unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2016-security-releases/
-CVE-2016-5359 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark ...)
+CVE-2016-5359
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0
 	NOTE: Only affects 1.12, marking 2.0 as fixed
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-38.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12408
 	NOTE: https://github.com/wireshark/wireshark/commit/b8e0d416898bb975a02c1b55883342edc5b4c9c0
-CVE-2016-5358 (epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark ...)
+CVE-2016-5358
 	- wireshark 2.0.4+gdd7746e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-37.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12440
 	NOTE: https://github.com/wireshark/wireshark/commit/2c13e97d656c1c0ac4d76eb9d307664aae0e0cf7
-CVE-2016-5357 (wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x ...)
+CVE-2016-5357
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-36.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12396
 	NOTE: https://github.com/wireshark/wireshark/commit/11edc83b98a61e890d7bb01855389d40e984ea82
 	NOTE: https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78
-CVE-2016-5356 (wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before ...)
+CVE-2016-5356
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-35.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12395
 	NOTE: https://github.com/wireshark/wireshark/commit/a66628e425db725df1ac52a3c573a03357060ddd
 	NOTE: https://github.com/wireshark/wireshark/commit/f5ec0afb766f19519ea9623152cca3bbe2229500
-CVE-2016-5355 (wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x ...)
+CVE-2016-5355
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-34.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12394
 	NOTE: https://github.com/wireshark/wireshark/commit/3270dfac43da861c714df76513456b46765ff47f
 	NOTE: https://github.com/wireshark/wireshark/commit/5efb45231671baa2db2011d8f67f9d6e72bc455b
-CVE-2016-5354 (The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before ...)
+CVE-2016-5354
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-33.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356
 	NOTE: https://github.com/wireshark/wireshark/commit/2cb5985bf47bdc8bea78d28483ed224abdd33dc6
-CVE-2016-5353 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
+CVE-2016-5353
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-32.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12191
 	NOTE: https://github.com/wireshark/wireshark/commit/7d7190695ce2ff269fdffb04e87139995cde21f4
-CVE-2016-5352 (epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x ...)
+CVE-2016-5352
 	- wireshark 2.0.4+gdd7746e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-31.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175
 	NOTE: https://github.com/wireshark/wireshark/commit/b6d838eebf4456192360654092e5587c5207f185
-CVE-2016-5351 (epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x ...)
+CVE-2016-5351
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-30.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585
 	NOTE: https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4
-CVE-2016-5350 (epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in ...)
+CVE-2016-5350
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-29.html
 	NOTE: https://github.com/wireshark/wireshark/commit/b4d16b4495b732888e12baf5b8a7e9bf2665e22b
 CVE-2016-5324
 	RESERVED
-CVE-2016-5323 (The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote ...)
+CVE-2016-5323
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (unimportant)
 	- tiff3 <removed> (unimportant)
@@ -16662,14 +16662,14 @@ CVE-2016-5323 (The _TIFFFax3fillruns function in libtiff before 4.0.6 allows rem
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2559
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=659
 	NOTE: No security impact, just a crash in a CLI tool
-CVE-2016-5322 (The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier ...)
+CVE-2016-5322
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2560
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=658
-CVE-2016-5321 (The DumpModeDecode function in libtiff 4.0.6 and earlier allows ...)
+CVE-2016-5321
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2
 	- tiff3 <removed>
@@ -16678,21 +16678,21 @@ CVE-2016-5321 (The DumpModeDecode function in libtiff 4.0.6 and earlier allows .
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=657
 CVE-2016-5320
 	REJECTED
-CVE-2016-5317 (Buffer overflow in the PixarLogDecode function in libtiff.so in the ...)
+CVE-2016-5317
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2557
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=653
 	NOTE: Upstream marked this duplicate of bug http://bugzilla.maptools.org/show_bug.cgi?id=2554
-CVE-2016-5316 (Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c ...)
+CVE-2016-5316
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2556
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=656
 	NOTE: Upstream marked this duplicate of bug http://bugzilla.maptools.org/show_bug.cgi?id=2554
-CVE-2016-5315 (The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier ...)
+CVE-2016-5315
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
@@ -16701,82 +16701,82 @@ CVE-2016-5315 (The setByteArray function in tif_dir.c in libtiff 4.0.6 and earli
 	NOTE: Possible duplicate with PixarLogDecode() issue
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2555#c2
 	NOTE: Upstream marked this duplicate of http://bugzilla.maptools.org/show_bug.cgi?id=2554
-CVE-2016-5314 (Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in ...)
+CVE-2016-5314
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2554
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=654
 	NOTE: Upstream fix https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
-CVE-2016-5313 (Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated ...)
+CVE-2016-5313
 	NOT-FOR-US: Symantec
-CVE-2016-5312 (Directory traversal vulnerability in the charting component in ...)
+CVE-2016-5312
 	NOT-FOR-US: Symantec
 CVE-2016-5311
 	RESERVED
-CVE-2016-5310 (The RAR file parser component in the AntiVirus Decomposer engine in ...)
+CVE-2016-5310
 	NOT-FOR-US: Symantec
-CVE-2016-5309 (The RAR file parser component in the AntiVirus Decomposer engine in ...)
+CVE-2016-5309
 	NOT-FOR-US: Symantec
-CVE-2016-5308 (The Client Intrusion Detection System (CIDS) driver before 15.0.6 in ...)
+CVE-2016-5308
 	NOT-FOR-US: Norton
-CVE-2016-5307 (Directory traversal vulnerability in Symantec Endpoint Protection ...)
+CVE-2016-5307
 	NOT-FOR-US: Symantec
-CVE-2016-5306 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does ...)
+CVE-2016-5306
 	NOT-FOR-US: Symantec
-CVE-2016-5305 (Multiple cross-site scripting (XSS) vulnerabilities in management ...)
+CVE-2016-5305
 	NOT-FOR-US: Symantec
-CVE-2016-5304 (Open redirect vulnerability in a report-routing component in Symantec ...)
+CVE-2016-5304
 	NOT-FOR-US: Symantec
-CVE-2016-5303 (Cross-site scripting (XSS) vulnerability in the Horde Text Filter API ...)
+CVE-2016-5303
 	- php-horde-text-filter 2.3.5-1 (bug #837150)
 	[jessie] - php-horde-text-filter <no-dsa> (Minor issue)
-CVE-2016-5302 (Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has ...)
+CVE-2016-5302
 	NOT-FOR-US: Citrix
-CVE-2016-5299 (A previously installed malicious Android application with same ...)
+CVE-2016-5299
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-5298 (A mechanism where disruption of the loading of a new web page can ...)
+CVE-2016-5298
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-5297 (An error in argument length checking in JavaScript, leading to ...)
+CVE-2016-5297
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5296 (A heap-buffer-overflow in Cairo when processing SVG content caused by ...)
+CVE-2016-5296
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5295 (This vulnerability allows an attacker to use the Mozilla Maintenance ...)
+CVE-2016-5295
 	- firefox <not-affected> (Only affects Firefox on Windows)
-CVE-2016-5294 (The Mozilla Updater can be made to choose an arbitrary target working ...)
+CVE-2016-5294
 	- firefox <not-affected> (Only affects Firefox on Windows)
 	- firefox-esr <not-affected> (Only affects Firefox on Windows)
 	- icedove <not-affected> (Only affects Thunderbird on Windows)
-CVE-2016-5293 (When the Mozilla Updater is run, if the Updater's log file in the ...)
+CVE-2016-5293
 	- firefox <not-affected> (Only affects Firefox on Windows)
 	- firefox-esr <not-affected> (Only affects Firefox on Windows)
-CVE-2016-5292 (During URL parsing, a maliciously crafted URL can cause a potentially ...)
+CVE-2016-5292
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-5291 (A same-origin policy bypass with local shortcut files to load ...)
+CVE-2016-5291
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5290 (Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. ...)
+CVE-2016-5290
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5289 (Memory safety bugs were reported in Firefox 49. Some of these bugs ...)
+CVE-2016-5289
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-5288 (Web content could access information in the HTTP cache if e10s is ...)
+CVE-2016-5288
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox releases < 48)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1310183 (not yet public)
-CVE-2016-5287 (A potentially exploitable use-after-free crash during actor ...)
+CVE-2016-5287
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox releases < 49)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1309823
@@ -16787,85 +16787,85 @@ CVE-2016-5285
 	- nss 2:3.25-1
 	NOTE: Fixed by https://hg.mozilla.org/projects/nss/rev/45c047d18ac4
 	NOTE: Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1306103
-CVE-2016-5284 (Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and ...)
+CVE-2016-5284
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5283 (Mozilla Firefox before 49.0 allows remote attackers to bypass the Same ...)
+CVE-2016-5283
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5282 (Mozilla Firefox before 49.0 does not properly restrict the scheme in ...)
+CVE-2016-5282
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5281 (Use-after-free vulnerability in the DOMSVGLength class in Mozilla ...)
+CVE-2016-5281
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5280 (Use-after-free vulnerability in the ...)
+CVE-2016-5280
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5279 (Mozilla Firefox before 49.0 allows user-assisted remote attackers to ...)
+CVE-2016-5279
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5278 (Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function ...)
+CVE-2016-5278
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5277 (Use-after-free vulnerability in the nsRefreshDriver::Tick function in ...)
+CVE-2016-5277
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5276 (Use-after-free vulnerability in the ...)
+CVE-2016-5276
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5275 (Buffer overflow in the ...)
+CVE-2016-5275
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5274 (Use-after-free vulnerability in the nsFrameManager::CaptureFrameState ...)
+CVE-2016-5274
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5273 (The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the ...)
+CVE-2016-5273
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5272 (The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ...)
+CVE-2016-5272
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5271 (The PropertyProvider::GetSpacingInternal function in Mozilla Firefox ...)
+CVE-2016-5271
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5270 (Heap-based buffer overflow in the ...)
+CVE-2016-5270
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
@@ -16873,107 +16873,107 @@ CVE-2016-5270 (Heap-based buffer overflow in the ...)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
 CVE-2016-5269
 	RESERVED
-CVE-2016-5268 (Mozilla Firefox before 48.0 does not properly set the LINKABLE and ...)
+CVE-2016-5268
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-83/
-CVE-2016-5267 (Mozilla Firefox before 48.0 on Android allows remote attackers to ...)
+CVE-2016-5267
 	- firefox <not-affected> (Android-specific)
 	- firefox-esr <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-82/
-CVE-2016-5266 (Mozilla Firefox before 48.0 does not properly restrict drag-and-drop ...)
+CVE-2016-5266
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-81/
-CVE-2016-5265 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow ...)
+CVE-2016-5265
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-80/
-CVE-2016-5264 (Use-after-free vulnerability in the ...)
+CVE-2016-5264
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-79/
-CVE-2016-5263 (The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and ...)
+CVE-2016-5263
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-78/
-CVE-2016-5262 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process ...)
+CVE-2016-5262
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-76/
-CVE-2016-5261 (Integer overflow in the WebSocketChannel class in the WebSockets ...)
+CVE-2016-5261
 	{DSA-3674-1 DLA-636-1}
 	- firefox 48.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-75/
 	NOTE: For Firefox https://www.mozilla.org/security/advisories/mfsa2016-86/
-CVE-2016-5260 (Mozilla Firefox before 48.0 mishandles changes from 'INPUT ...)
+CVE-2016-5260
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-74/
-CVE-2016-5259 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant ...)
+CVE-2016-5259
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-73/
-CVE-2016-5258 (Use-after-free vulnerability in the WebRTC socket thread in Mozilla ...)
+CVE-2016-5258
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-72/
-CVE-2016-5257 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-5257
 	{DSA-3690-1 DSA-3674-1 DLA-658-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	- icedove 1:45.4.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-85/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
-CVE-2016-5256 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-5256
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
-CVE-2016-5255 (Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep ...)
+CVE-2016-5255
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-71/
-CVE-2016-5254 (Use-after-free vulnerability in the nsXULPopupManager::KeyDown ...)
+CVE-2016-5254
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-70/
-CVE-2016-5253 (The Updater in Mozilla Firefox before 48.0 on Windows allows local ...)
+CVE-2016-5253
 	- firefox <not-affected> (Only affects Windows)
 	- firefox-esr <not-affected> (Only affects Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-69/
-CVE-2016-5252 (Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function ...)
+CVE-2016-5252
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-67/
-CVE-2016-5251 (Mozilla Firefox before 48.0 allows remote attackers to spoof the ...)
+CVE-2016-5251
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-66/
-CVE-2016-5250 (Mozilla Firefox before 48.0, Firefox ESR &lt; 45.4 and Thunderbird &lt; 45.4 ...)
+CVE-2016-5250
 	{DSA-3674-1 DLA-636-1}
 	- firefox 48.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-84/
 	NOTE: For Firefox ESR: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
-CVE-2016-5249 (Lenovo Solution Center (LSC) before 3.3.003 allows local users to ...)
+CVE-2016-5249
 	NOT-FOR-US: Lenovo
-CVE-2016-5248 (The StopProxy command in LSC.Services.SystemService in Lenovo Solution ...)
+CVE-2016-5248
 	NOT-FOR-US: Lenovo
-CVE-2016-5247 (The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, ...)
+CVE-2016-5247
 	NOT-FOR-US: Lenovo
 CVE-2016-5246
 	RESERVED
 CVE-2016-5245
 	RESERVED
-CVE-2016-4456 (The &quot;GNUTLS_KEYLOGFILE&quot; environment variable in gnutls 3.4.12 allows ...)
+CVE-2016-4456
 	- gnutls28 3.4.13-1
 	[jessie] - gnutls28 <not-affected> (Introduced in 3.4.12)
 	NOTE: http://gnutls.org/security.html#GNUTLS-SA-2016-1
@@ -16988,7 +16988,7 @@ CVE-2016-1000002
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1391126
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=753678
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=776051
-CVE-2016-5319 (Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and ...)
+CVE-2016-5319
 	{DLA-693-1}
 	- tiff 4.0.6-3 (bug #842046)
 	- tiff3 <removed>
@@ -16999,7 +16999,7 @@ CVE-2016-5319 (Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: No patch available. Marked as wontfix by upstream.
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-5318 (Stack-based buffer overflow in the _TIFFVGetField function in libtiff ...)
+CVE-2016-5318
 	{DLA-693-1 DLA-692-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -17013,38 +17013,38 @@ CVE-2016-5318 (Stack-based buffer overflow in the _TIFFVGetField function in lib
 	NOTE: With 4.0.6-2 (sid), I get a segfault.
 	NOTE: With 4.0.3-12.3+deb8u1 (jessie), I get a segfault.
 	NOTE: With 3.9.6-11+deb7u1 (wheezy), I get a failure: MissingRequired: ../CVE-2016-5318.tiff: TIFF directory is missing required "StripOffsets" field.
-CVE-2016-5301 (The parse_chunk_header function in libtorrent before 1.1.1 allows ...)
+CVE-2016-5301
 	{DLA-511-1}
 	- libtorrent-rasterbar 1.1.0-1 (bug #826380)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
 	NOTE: https://github.com/arvidn/libtorrent/issues/780
 	NOTE: https://github.com/arvidn/libtorrent/pull/782
-CVE-2016-5300 (The XML parser in Expat does not use sufficient entropy for hash ...)
+CVE-2016-5300
 	{DSA-3597-1 DLA-508-1}
 	- expat 2.1.1-3
-CVE-2016-5244 (The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel ...)
+CVE-2016-5244
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.6.2-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb
-CVE-2016-5243 (The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in ...)
+CVE-2016-5243
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.6.2-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2
-CVE-2016-5242 (The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x ...)
+CVE-2016-5242
 	{DSA-3633-1}
 	- xen 4.8.0~rc3-1
 	[wheezy] - xen <not-affected> (arm not supported)
 	NOTE: http://xenbits.xen.org/xsa/advisory-181.html
-CVE-2016-5241 (magick/render.c in GraphicsMagick before 1.3.24 allows remote ...)
+CVE-2016-5241
 	{DLA-1401-1 DLA-547-1}
 	- graphicsmagick 1.3.24-1
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/8d175c4edfe7
-CVE-2016-5240 (The DrawDashPolygon function in magick/render.c in GraphicsMagick ...)
+CVE-2016-5240
 	{DSA-3746-1 DLA-547-1}
 	- graphicsmagick 1.3.24-1
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ddc999ec896c
 	NOTE: DLA-547-1 didn't fix this properly
-CVE-2016-5237 (Valve Steam 3.42.16.13 uses weak permissions for the files in the ...)
+CVE-2016-5237
 	NOT-FOR-US: Valve Steam
 CVE-2016-5236
 	RESERVED
@@ -17058,13 +17058,13 @@ CVE-2016-XXXX [doesn't remove metadata in embedded images in PDFs]
 	NOTE: https://0xacab.org/mat/mat/issues/11067
 	NOTE: Patch in 0.6.1-3 disabled PDF support
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/06/02/5
-CVE-2016-5239 (The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and ...)
+CVE-2016-5239
 	{DSA-3580-1 DLA-1456-1 DLA-486-1 DLA-484-1}
 	- graphicsmagick 1.3.24-1
 	- imagemagick 8:6.9.6.2+dfsg-2
 	NOTE: http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e38b4f74ca19
-CVE-2016-5238 (The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest ...)
+CVE-2016-5238
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3 (bug #826152)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -17072,119 +17072,119 @@ CVE-2016-5238 (The get_cmd function in hw/scsi/esp.c in QEMU might allow local g
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1341931
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00150.html
-CVE-2016-5234 (Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint ...)
+CVE-2016-5234
 	NOT-FOR-US: Huawei
-CVE-2016-5233 (Huawei Mate 8 smartphones with software NXT-AL10 before ...)
+CVE-2016-5233
 	NOT-FOR-US: Huawei
-CVE-2016-5232 (Buffer overflow in Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL ...)
+CVE-2016-5232
 	NOT-FOR-US: Huawei
-CVE-2016-5231 (Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before ...)
+CVE-2016-5231
 	NOT-FOR-US: Huawei
-CVE-2016-5230 (Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before ...)
+CVE-2016-5230
 	NOT-FOR-US: Huawei
-CVE-2016-5229 (Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not ...)
+CVE-2016-5229
 	NOT-FOR-US: Atlassian
-CVE-2016-5228 (Stack-based buffer overflow in the PlayMacro function in ...)
+CVE-2016-5228
 	NOT-FOR-US: Rumba
 CVE-2016-5227
 	RESERVED
-CVE-2016-5226 (Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and ...)
+CVE-2016-5226
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5225 (Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and ...)
+CVE-2016-5225
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5224 (A timing attack on denormalized floating point arithmetic in SVG ...)
+CVE-2016-5224
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5223 (Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for ...)
+CVE-2016-5223
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5222 (Incorrect handling of invalid URLs in Google Chrome prior to ...)
+CVE-2016-5222
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5221 (Type confusion in libGLESv2 in ANGLE in Google Chrome prior to ...)
+CVE-2016-5221
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5220 (PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and ...)
+CVE-2016-5220
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5219 (A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for ...)
+CVE-2016-5219
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5218 (The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, ...)
+CVE-2016-5218
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5217 (The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, ...)
+CVE-2016-5217
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5216 (A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for ...)
+CVE-2016-5216
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5215 (A use after free in webaudio in Google Chrome prior to 55.0.2883.75 ...)
+CVE-2016-5215
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5214 (Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded ...)
+CVE-2016-5214
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5213 (A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, ...)
+CVE-2016-5213
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5212 (Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and ...)
+CVE-2016-5212
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5211 (A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for ...)
+CVE-2016-5211
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5210 (Heap buffer overflow during TIFF image parsing in PDFium in Google ...)
+CVE-2016-5210
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5209 (Bad casting in bitmap manipulation in Blink in Google Chrome prior to ...)
+CVE-2016-5209
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5208 (Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, ...)
+CVE-2016-5208
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5207 (In Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and ...)
+CVE-2016-5207
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5206 (The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows ...)
+CVE-2016-5206
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5205 (Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and ...)
+CVE-2016-5205
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5204 (Leaking of an SVG shadow tree leading to corruption of the DOM tree in ...)
+CVE-2016-5204
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5203 (A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for ...)
+CVE-2016-5203
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -17193,17 +17193,17 @@ CVE-2016-5202 [various fixes from internal audits]
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5201 (A leak of privateClass in the extensions API in Google Chrome prior to ...)
+CVE-2016-5201
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5200 (V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 ...)
+CVE-2016-5200
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5199 (An off by one error resulting in an allocation of zero size in FFmpeg ...)
+CVE-2016-5199
 	{DSA-3731-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -17212,17 +17212,17 @@ CVE-2016-5199 (An off by one error resulting in an allocation of zero size in FF
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://chromium-review.googlesource.com/383956
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/347cb14b7cba7560e53f4434b419b9d8800253e7
-CVE-2016-5198 (V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 ...)
+CVE-2016-5198
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5197 (The content view client in Google Chrome prior to 54.0.2840.85 for ...)
+CVE-2016-5197
 	- chromium-browser <not-affected> (Only affects Chrome on Android)
-CVE-2016-5196 (The content renderer client in Google Chrome prior to 54.0.2840.85 for ...)
+CVE-2016-5196
 	- chromium-browser <not-affected> (Only affects Chrome on Android)
-CVE-2016-5195 (Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before ...)
+CVE-2016-5195
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.7.8-1
 	NOTE: https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
@@ -17232,153 +17232,153 @@ CVE-2016-5194
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5193 (Google Chrome prior to 54.0 for iOS had insufficient validation of URLs ...)
+CVE-2016-5193
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5192 (Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS ...)
+CVE-2016-5192
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5191 (Bookmark handling in Google Chrome prior to 54.0.2840.59 for Windows, ...)
+CVE-2016-5191
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5190 (Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; ...)
+CVE-2016-5190
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5189 (Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; ...)
+CVE-2016-5189
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5188 (Multiple issues in Blink in Google Chrome prior to 54.0.2840.59 for ...)
+CVE-2016-5188
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5187 (Google Chrome prior to 54.0.2840.85 for Android incorrectly handled ...)
+CVE-2016-5187
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5186 (Devtools in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and ...)
+CVE-2016-5186
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5185 (Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and ...)
+CVE-2016-5185
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5184 (PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and ...)
+CVE-2016-5184
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5183 (A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 ...)
+CVE-2016-5183
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5182 (Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and ...)
+CVE-2016-5182
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5181 (Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and ...)
+CVE-2016-5181
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5180 (Heap-based buffer overflow in the ares_create_query function in c-ares ...)
+CVE-2016-5180
 	{DSA-3682-1 DLA-648-1}
 	- c-ares 1.12.0-1 (medium; bug #839151)
 	NOTE: https://c-ares.haxx.se/adv_20160929.html
 	NOTE: https://c-ares.haxx.se/CVE-2016-5180.patch
-CVE-2016-5179 (Chrome OS before 53.0.2785.144 allows remote attackers to execute ...)
+CVE-2016-5179
 	NOT-FOR-US: Chrome OS
-CVE-2016-5178 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-5178
 	{DSA-3683-1}
 	- chromium-browser 53.0.2785.143-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5177 (Use-after-free vulnerability in V8 in Google Chrome before ...)
+CVE-2016-5177
 	{DSA-3683-1}
 	- chromium-browser 53.0.2785.143-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5176 (Google Chrome before 53.0.2785.113 allows remote attackers to bypass ...)
+CVE-2016-5176
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5175 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-5175
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5174 (browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome ...)
+CVE-2016-5174
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5173 (The extensions subsystem in Google Chrome before 53.0.2785.113 does ...)
+CVE-2016-5173
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5172 (The parser in Google V8, as used in Google Chrome before ...)
+CVE-2016-5172
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5171 (WebKit/Source/bindings/templates/interface.cpp in Blink, as used in ...)
+CVE-2016-5171
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5170 (WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as ...)
+CVE-2016-5170
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5169 (Format string vulnerability in Google Chrome OS before 53.0.2785.103 ...)
+CVE-2016-5169
 	NOT-FOR-US: Google Chrome OS
-CVE-2016-5168 (Skia, as used in Google Chrome before 50.0.2661.94, allows remote ...)
+CVE-2016-5168
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- skia <itp> (bug #818180)
-CVE-2016-5167 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-5167
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5166 (The download implementation in Google Chrome before 53.0.2785.89 on ...)
+CVE-2016-5166
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5165 (Cross-site scripting (XSS) vulnerability in the Developer Tools (aka ...)
+CVE-2016-5165
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5164 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2016-5164
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5163 (The bidirectional-text implementation in Google Chrome before ...)
+CVE-2016-5163
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5162 (The AllowCrossRendererResourceLoad function in ...)
+CVE-2016-5162
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5161 (The EditingStyle::mergeStyle function in ...)
+CVE-2016-5161
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5160 (The AllowCrossRendererResourceLoad function in ...)
+CVE-2016-5160
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5159 (Multiple integer overflows in OpenJPEG, as used in PDFium in Google ...)
+CVE-2016-5159
 	{DSA-3768-1 DSA-3660-1}
 	- openjpeg2 2.1.2-1
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/9a07ccb3d0f076388e4da684a3bfd4327125c721
-CVE-2016-5158 (Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ...)
+CVE-2016-5158
 	{DSA-3768-1 DSA-3660-1}
 	- openjpeg2 2.1.2-1
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/9a07ccb3d0f076388e4da684a3bfd4327125c721
 	NOTE: https://github.com/uclouvain/openjpeg/issues/854
-CVE-2016-5157 (Heap-based buffer overflow in the opj_dwt_interleave_v function in ...)
+CVE-2016-5157
 	{DSA-3660-1}
 	- openjpeg2 2.1.2-1
 	[jessie] - openjpeg2 2.1.0-2+deb8u3
@@ -17386,111 +17386,111 @@ CVE-2016-5157 (Heap-based buffer overflow in the opj_dwt_interleave_v function i
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/08/8
 	NOTE: https://github.com/uclouvain/openjpeg/pull/823
-CVE-2016-5156 (extensions/renderer/event_bindings.cc in the event bindings in Google ...)
+CVE-2016-5156
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5155 (Google Chrome before 53.0.2785.89 on Windows and OS X and before ...)
+CVE-2016-5155
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5154 (Multiple heap-based buffer overflows in PDFium, as used in Google ...)
+CVE-2016-5154
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5153 (The Web Animations implementation in Blink, as used in Google Chrome ...)
+CVE-2016-5153
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5152 (Integer overflow in the opj_tcd_get_decoded_tile_size function in ...)
+CVE-2016-5152
 	{DSA-4013-1 DSA-3660-1}
 	- openjpeg2 2.1.2-1.2
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/3fbe71369019df0b47c7a2be4fab8c05768f2f32
 	NOTE: https://github.com/uclouvain/openjpeg/issues/854
-CVE-2016-5151 (PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and ...)
+CVE-2016-5151
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5150 (WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as ...)
+CVE-2016-5150
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5149 (The extensions subsystem in Google Chrome before 53.0.2785.89 on ...)
+CVE-2016-5149
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5148 (Cross-site scripting (XSS) vulnerability in Blink, as used in Google ...)
+CVE-2016-5148
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5147 (Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS ...)
+CVE-2016-5147
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5146 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-5146
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5145 (Blink, as used in Google Chrome before 52.0.2743.116, does not ensure ...)
+CVE-2016-5145
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5144 (The Developer Tools (aka DevTools) subsystem in Blink, as used in ...)
+CVE-2016-5144
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5143 (The Developer Tools (aka DevTools) subsystem in Blink, as used in ...)
+CVE-2016-5143
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5142 (The Web Cryptography API (aka WebCrypto) implementation in Blink, as ...)
+CVE-2016-5142
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5141 (Blink, as used in Google Chrome before 52.0.2743.116, allows remote ...)
+CVE-2016-5141
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5140 (Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in ...)
+CVE-2016-5140
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5139 (Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ...)
+CVE-2016-5139
 	{DSA-3645-1 DLA-1433-1}
 	- openjpeg2 2.1.2-1
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: Fixed in Google with: https://pdfium.googlesource.com/pdfium.git/+/2f6d1480a1be2b1f82c94219c2d99e67d7e0660d
 	NOTE: https://github.com/uclouvain/openjpeg/pull/819
-CVE-2016-5138 (Integer overflow in the kbasep_vinstr_attach_client function in ...)
+CVE-2016-5138
 	- chromium-browser <not-affected> (Chrome on Chrome OS)
-CVE-2016-5137 (The CSPSource::schemeMatches function in ...)
+CVE-2016-5137
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5136 (Use-after-free vulnerability in ...)
+CVE-2016-5136
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5135 (WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as ...)
+CVE-2016-5135
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5134 (net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in ...)
+CVE-2016-5134
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5133 (Google Chrome before 52.0.2743.82 mishandles origin information during ...)
+CVE-2016-5133
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5132 (The Service Workers subsystem in Google Chrome before 52.0.2743.82 ...)
+CVE-2016-5132
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5131 (Use-after-free vulnerability in libxml2 through 2.9.4, as used in ...)
+CVE-2016-5131
 	{DSA-3744-1 DSA-3637-1 DLA-691-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -17498,27 +17498,27 @@ CVE-2016-5131 (Use-after-free vulnerability in libxml2 through 2.9.4, as used in
 	NOTE: Google fix: https://codereview.chromium.org/2127493002
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e
 	NOTE: Requisite for the test: https://git.gnome.org/browse/libxml2/commit/?id=a005199330b86dada19d162cae15ef9bdcb6baa8
-CVE-2016-5130 (content/renderer/history_controller.cc in Google Chrome before ...)
+CVE-2016-5130
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5129 (Google V8 before 5.2.361.32, as used in Google Chrome before ...)
+CVE-2016-5129
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5128 (objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome ...)
+CVE-2016-5128
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5127 (Use-after-free vulnerability in ...)
+CVE-2016-5127
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2016-5125
 	REJECTED
-CVE-2016-5124 (An issue was discovered in Open-Xchange OX App Suite before ...)
+CVE-2016-5124
 	NOT-FOR-US: Open-Xchange
 CVE-2016-5123
 	RESERVED
@@ -17528,7 +17528,7 @@ CVE-2016-5121
 	RESERVED
 CVE-2016-5120
 	RESERVED
-CVE-2016-5119 (The automatic update feature in KeePass 2.33 and earlier allows ...)
+CVE-2016-5119
 	- keepass2 2.18+dfsg-1
 	NOTE: autoupdate dialog disabled in Debian via patch, but basically not-affected
 CVE-2016-5113
@@ -17539,9 +17539,9 @@ CVE-2016-5111
 	RESERVED
 CVE-2016-5110
 	RESERVED
-CVE-2016-5109 (Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for ...)
+CVE-2016-5109
 	NOT-FOR-US: Citrix
-CVE-2016-5126 (Heap-based buffer overflow in the iscsi_aio_ioctl function in ...)
+CVE-2016-5126
 	- qemu 1:2.6+dfsg-2 (bug #826151)
 	[jessie] - qemu <no-dsa> (Minor issue, can be fixed along in a future update)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -17558,13 +17558,13 @@ CVE-2016-XXXX [CSRF protection for POST requests]
 	NOTE: http://seclists.org/fulldisclosure/2016/May/59
 	NOTE: https://sourceforge.net/p/postfixadmin/bugs/372/
 	NOTE: Fixed by: https://sourceforge.net/p/postfixadmin/code/1842
-CVE-2016-5118 (The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ...)
+CVE-2016-5118
 	{DSA-3746-1 DSA-3591-1 DLA-502-1 DLA-500-1}
 	- imagemagick 8:6.8.9.9-7.1 (bug #825799)
 	- graphicsmagick 1.3.24-1 (bug #825800)
 	NOTE: fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ae3928faa858
 	NOTE: patch available at http://www.openwall.com/lists/oss-security/2016/05/29/7
-CVE-2016-5116 (gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used ...)
+CVE-2016-5116
 	{DSA-3619-1}
 	- libgd2 2.2.1-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -17575,13 +17575,13 @@ CVE-2016-5116 (gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72115
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/29/3
-CVE-2016-5115 (The avcodec_decode_audio4 function in libavcodec in libavformat ...)
+CVE-2016-5115
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: This is an issue in ffmpeg/libav, which is fixed in stretch's ffmpeg, but it's unclear when it was fixed exactly
 	NOTE: https://trac.mplayerhq.hu/ticket/2298
-CVE-2016-5102 (Buffer overflow in the readgifimage function in gif2tiff.c in the ...)
+CVE-2016-5102
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -17594,28 +17594,28 @@ CVE-2016-5102 (Buffer overflow in the readgifimage function in gif2tiff.c in the
 	NOTE: No patch available. Marked as wontfix by upstream
 	NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-5102.gif
 	NOTE: gif2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-5101 (Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows ...)
+CVE-2016-5101
 	NOT-FOR-US: Opera
-CVE-2016-5100 (Froxlor before 0.9.35 uses the PHP rand function for random number ...)
+CVE-2016-5100
 	NOT-FOR-US: Froxlor
-CVE-2016-5099 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before ...)
+CVE-2016-5099
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.2-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-16/
-CVE-2016-5098 (Directory traversal vulnerability in libraries/error_report.lib.php in ...)
+CVE-2016-5098
 	- phpmyadmin <not-affected> (Only affected git versions but not released versions, cf. PMASA-2016-15)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-15/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8
-CVE-2016-5097 (phpMyAdmin before 4.6.2 places tokens in query strings and does not ...)
+CVE-2016-5097
 	- phpmyadmin 4:4.6.2-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-14/
-CVE-2016-5092 (Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 ...)
+CVE-2016-5092
 	NOT-FOR-US: Fortinet
-CVE-2016-5108 (Buffer overflow in the DecodeAdpcmImaQT function in ...)
+CVE-2016-5108
 	{DSA-3598-1}
 	- vlc 2.2.3-2 (bug #825728)
 	[wheezy] - vlc <end-of-life> (Unsupported in wheezy-lts)
@@ -17627,108 +17627,108 @@ CVE-2016-5089
 	RESERVED
 CVE-2016-5088
 	RESERVED
-CVE-2016-5087 (Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak ...)
+CVE-2016-5087
 	NOT-FOR-US: Alertus
-CVE-2016-5086 (Johnson &amp; Johnson Animas OneTouch Ping devices allow remote attackers ...)
+CVE-2016-5086
 	NOT-FOR-US: Animas OneTouch Ping
-CVE-2016-5085 (Johnson &amp; Johnson Animas OneTouch Ping devices do not properly ...)
+CVE-2016-5085
 	NOT-FOR-US: Animas OneTouch Ping
-CVE-2016-5084 (Johnson &amp; Johnson Animas OneTouch Ping devices do not use encryption ...)
+CVE-2016-5084
 	NOT-FOR-US: Animas OneTouch Ping
 CVE-2016-5083
 	RESERVED
 CVE-2016-5082
 	RESERVED
-CVE-2016-5081 (ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, ...)
+CVE-2016-5081
 	NOT-FOR-US: ZModo
-CVE-2016-5080 (Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in ...)
+CVE-2016-5080
 	NOT-FOR-US: Objective Systems Inc. ASN1C compiler
 	NOTE: https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080
 CVE-2016-5079
 	RESERVED
-CVE-2016-5078 (Paessler PRTG before 16.2.24.4045 has XSS via SNMP. ...)
+CVE-2016-5078
 	NOT-FOR-US: Paessler PRTG
-CVE-2016-5077 (Netikus EventSentry before 3.2.1.44 has XSS via SNMP. ...)
+CVE-2016-5077
 	NOT-FOR-US: Netikus EventSentry
-CVE-2016-5076 (CloudView NMS before 2.10a allows remote attackers to obtain sensitive ...)
+CVE-2016-5076
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5075 (CloudView NMS before 2.10a has XSS via a TELNET login. ...)
+CVE-2016-5075
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5074 (CloudView NMS before 2.10a has a format string issue exploitable over ...)
+CVE-2016-5074
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5073 (CloudView NMS before 2.10a has XSS via SNMP. ...)
+CVE-2016-5073
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5072 (OXID eShop before 2016-06-13 allows remote attackers to execute ...)
+CVE-2016-5072
 	NOT-FOR-US: OXID eShop
-CVE-2016-5071 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the ...)
+CVE-2016-5071
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5070 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store ...)
+CVE-2016-5070
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5069 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable ...)
+CVE-2016-5069
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5068 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require ...)
+CVE-2016-5068
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5067 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT ...)
+CVE-2016-5067
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5066 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak ...)
+CVE-2016-5066
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5065 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow ...)
+CVE-2016-5065
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
 CVE-2016-5064
 	RESERVED
-CVE-2016-5063 (The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 ...)
+CVE-2016-5063
 	NOT-FOR-US: BMC Server Automation
-CVE-2016-5062 (The web server in Aternity before 9.0.1 does not require ...)
+CVE-2016-5062
 	NOT-FOR-US: Aternity
-CVE-2016-5061 (Multiple cross-site scripting (XSS) vulnerabilities in the web server ...)
+CVE-2016-5061
 	NOT-FOR-US: Aternity
-CVE-2016-5060 (Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before ...)
+CVE-2016-5060
 	NOT-FOR-US: nGrinder
-CVE-2016-5059 (OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to ...)
+CVE-2016-5059
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5058 (OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee ...)
+CVE-2016-5058
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5057 (OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL ...)
+CVE-2016-5057
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5056 (OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex ...)
+CVE-2016-5056
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5055 (OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the ...)
+CVE-2016-5055
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5054 (OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee ...)
+CVE-2016-5054
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5053 (OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote ...)
+CVE-2016-5053
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5052 (OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL ...)
+CVE-2016-5052
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5051 (OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in ...)
+CVE-2016-5051
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5050 (Unrestricted file upload vulnerability in chat/sendfile.aspx in ...)
+CVE-2016-5050
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5049 (Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk ...)
+CVE-2016-5049
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5048 (SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk ...)
+CVE-2016-5048
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5047 (NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote ...)
+CVE-2016-5047
 	NOT-FOR-US: NetApp OnCommand System Manager
 CVE-2016-5046
 	RESERVED
-CVE-2016-5045 (NetApp OnCommand System Manager before 9.0 allows remote attackers to ...)
+CVE-2016-5045
 	NOT-FOR-US: NetApp OnCommand System Manager
-CVE-2016-5025 (For the NVIDIA Quadro, NVS, and GeForce products, improper ...)
+CVE-2016-5025
 	NOT-FOR-US: NVIDIA Quadro, NVS, and GeForce product
-CVE-2016-5024 (Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and ...)
+CVE-2016-5024
 	NOT-FOR-US: BIG-IP
-CVE-2016-5023 (Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 ...)
+CVE-2016-5023
 	NOT-FOR-US: BIG-IP
-CVE-2016-5022 (F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before ...)
+CVE-2016-5022
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-5021 (The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ...)
+CVE-2016-5021
 	NOT-FOR-US: BIG-IP
-CVE-2016-5020 (F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to ...)
+CVE-2016-5020
 	NOT-FOR-US: BIG-IP
-CVE-2016-5019 (CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through ...)
+CVE-2016-5019
 	NOT-FOR-US: Apache MyFaces Trinidad
-CVE-2016-5018 (In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to ...)
+CVE-2016-5018
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842663)
@@ -17738,7 +17738,7 @@ CVE-2016-5018 (In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1
 	NOTE: Fixed by: http://svn.apache.org/r1754901 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1754902 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1754904
-CVE-2016-5017 (Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 ...)
+CVE-2016-5017
 	{DLA-630-1}
 	- zookeeper 3.4.9-1
 	[jessie] - zookeeper 3.4.5+dfsg-2+deb8u1
@@ -17746,42 +17746,42 @@ CVE-2016-5017 (Buffer overflow in the C cli shell in Apache Zookeeper before 3.4
 	NOTE: client interface, not as a production tool
 	NOTE: https://zookeeper.apache.org/security.html#CVE-2016-5017
 	NOTE: Fixed by https://git-wip-us.apache.org/repos/asf?p=zookeeper.git;a=commitdiff;h=27ecf981a15554dc8e64a28630af7a5c9e2bdf4f
-CVE-2016-5016 (Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and ...)
+CVE-2016-5016
 	NOT-FOR-US: Pivotal Cloud Foundry
 CVE-2016-5015
 	REJECTED
-CVE-2016-5014 (In Moodle 2.x and 3.x, an unenrolled user still receives event monitor ...)
+CVE-2016-5014
 	- moodle <not-affected> (Only affects 2.8 and later)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=336699
-CVE-2016-5013 (In Moodle 2.x and 3.x, text injection can occur in email headers, ...)
+CVE-2016-5013
 	- moodle 2.7.15+dfsg-1
-CVE-2016-5012 (In Moodle 3.x, glossary search displays entries without checking user ...)
+CVE-2016-5012
 	- moodle <not-affected> (Only affects 3.1)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=336697
-CVE-2016-5011 (The parse_dos_extended function in partitions/dos.c in the libblkid ...)
+CVE-2016-5011
 	- util-linux 2.28.1-1 (bug #830802)
 	[jessie] - util-linux <no-dsa> (Minor issue)
 	[wheezy] - util-linux <no-dsa> (Minor issue)
 	NOTE: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=7164a1c34d18831ac61c6744ad14ce916d389b3f
 	NOTE: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=50d1594c2e6142a3b51d2143c74027480df082e0
-CVE-2016-5010 (coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to ...)
+CVE-2016-5010
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832968)
 	NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0
-CVE-2016-5009 (The handle_command function in mon/Monitor.cc in Ceph allows remote ...)
+CVE-2016-5009
 	- ceph 10.2.5-1 (bug #829661)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/16297
 	NOTE: https://github.com/ceph/ceph/pull/9700
 	NOTE: https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6
-CVE-2016-5008 (libvirt before 2.0.0 improperly disables password checking when the ...)
+CVE-2016-5008
 	{DSA-3613-1 DLA-541-1}
 	- libvirt 2.0.0-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1180092
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=bb848feec0f3f10e92dd8e5231ae7aa89b5598f3 (v2.0.0)
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=f32441c69bf450d6ac593c3acd621c37e120cdaf (v1.2.9-maint)
 	NOTE: http://security.libvirt.org/2016/0001.html
-CVE-2016-5007 (Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework ...)
+CVE-2016-5007
 	- libspring-java 4.3.2-1
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <not-affected> (Vulnerable code not present)
@@ -17791,46 +17791,46 @@ CVE-2016-5007 (Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework
 	NOTE: Upstream bug: https://github.com/spring-projects/spring-security/issues/3964
 	NOTE: Mitigations exists in https://pivotal.io/security/cve-2016-5007
 	NOTE: Other (already unsupported) versions are affected as well by the issue
-CVE-2016-5006 (The Cloud Controller in Cloud Foundry before 239 logs user-provided ...)
+CVE-2016-5006
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-5005 (Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and ...)
+CVE-2016-5005
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5004 (The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in ...)
+CVE-2016-5004
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5003 (The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache ...)
+CVE-2016-5003
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5002 (XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ...)
+CVE-2016-5002
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5001 (This is an information disclosure vulnerability in Apache Hadoop ...)
+CVE-2016-5001
 	- hadoop <itp> (bug #793644)
-CVE-2016-5000 (The XLSX2CSV example in Apache POI before 3.14 allows remote attackers ...)
+CVE-2016-5000
 	- libapache-poi-java <unfixed> (unimportant)
 	NOTE: Versions affected: POI 3.5-3.13; Fixed in 3.14
 	NOTE: XLSX2CSV example is not installed
-CVE-2016-4999 (SQL injection vulnerability in the getStringParameterSQL method in ...)
+CVE-2016-4999
 	NOT-FOR-US: JBoss dashbuilder
-CVE-2016-4998 (The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter ...)
+CVE-2016-4998
 	{DSA-3607-1}
 	- linux 4.6.2-2
 	[wheezy] - linux <no-dsa> (Only exploitable by privileged user; too many changes to backport)
 	NOTE: Non-privileged user namespaces disabled by default, only vulnerable with sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-4997 (The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt ...)
+CVE-2016-4997
 	{DSA-3607-1}
 	- linux 4.6.2-2
 	[wheezy] - linux <no-dsa> (Only exploitable by privileged user; too many changes to backport)
 	NOTE: Non-privileged user namespaces disabled by default, only vulnerable with sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-4996 (discovery-debug in Foreman before 6.2 when the ssh service has been ...)
+CVE-2016-4996
 	- foreman <itp> (bug #663101)
-CVE-2016-4995 (Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly ...)
+CVE-2016-4995
 	- foreman <itp> (bug #663101)
-CVE-2016-4994 (Use-after-free vulnerability in the xcf_load_image function in ...)
+CVE-2016-4994
 	{DSA-3612-1 DLA-525-1}
 	- gimp 2.8.16-2.2 (bug #828179)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=767873
-CVE-2016-4993 (CRLF injection vulnerability in the Undertow web server in WildFly ...)
+CVE-2016-4993
 	- undertow 1.4.3-1
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-827
-CVE-2016-4992 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...)
+CVE-2016-4992
 	- 389-ds-base 1.3.5.13-1
 	[jessie] - 389-ds-base <no-dsa> (Minor issue)
 	NOTE: http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-5-13.html
@@ -17838,52 +17838,52 @@ CVE-2016-4991
 	RESERVED
 CVE-2016-4990
 	REJECTED
-CVE-2016-4989 (setroubleshoot allows local users to bypass an intended container ...)
+CVE-2016-4989
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4988 (Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer ...)
+CVE-2016-4988
 	NOT-FOR-US: Jenkins plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20
-CVE-2016-4987 (Directory traversal vulnerability in the Image Gallery plugin before ...)
+CVE-2016-4987
 	NOT-FOR-US: Jenkins plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20
-CVE-2016-4986 (Directory traversal vulnerability in the TAP plugin before 1.25 in ...)
+CVE-2016-4986
 	NOT-FOR-US: Jenkins plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20
-CVE-2016-4985 (The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and ...)
+CVE-2016-4985
 	- ironic 1:5.1.2-1 (bug #827886)
 	NOTE: Affects >=2014.2, >=4.0.0 <=4.2.4, >=4.3.0 <=5.1.1
-CVE-2016-4984 (/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets ...)
+CVE-2016-4984
 	- openldap <not-affected> (Red Hat-specific)
 CVE-2016-4983
 	RESERVED
 	- dovecot <not-affected> (Specific to Red Hat packaging)
-CVE-2016-4982 (authd sets weak permissions for /etc/ident.key, which allows local ...)
+CVE-2016-4982
 	NOT-FOR-US: authd
 CVE-2016-4981
 	RESERVED
 CVE-2016-4980
 	RESERVED
 	NOT-FOR-US: Red Hat xguest kiosk mode
-CVE-2016-4979 (The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and ...)
+CVE-2016-4979
 	- apache2 2.4.23-1
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: Upstream fix: https://svn.apache.org/r1750779
-CVE-2016-4978 (The getObject method of the javax.jms.ObjectMessage class in the (1) ...)
+CVE-2016-4978
 	NOT-FOR-US: ApacheMQ Artemis
-CVE-2016-4977 (When processing authorization requests using the whitelabel views in ...)
+CVE-2016-4977
 	NOT-FOR-US: Spring Security OAuth
-CVE-2016-4976 (Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on ...)
+CVE-2016-4976
 	NOT-FOR-US: Apache Ambari
-CVE-2016-4975 (Possible CRLF injection allowing HTTP response splitting attacks for ...)
+CVE-2016-4975
 	- apache2 2.4.25-1 (low)
 	[jessie] - apache2 2.4.10-10+deb8u8
 	NOTE: https://svn.apache.org/r1772678
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975
-CVE-2016-4974 (Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before ...)
+CVE-2016-4974
 	- qpid-java <itp> (bug #840131)
-CVE-2016-4973 (Binaries compiled against targets that use the libssp library in GCC ...)
+CVE-2016-4973
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1324759
 	- gcc-6 <not-affected> (Uses glibc-internal SSP)
 	- gcc-5 <not-affected> (Uses glibc-internal SSP)
@@ -17892,40 +17892,40 @@ CVE-2016-4973 (Binaries compiled against targets that use the libssp library in
 	- mingw32 <removed>
 	[wheezy] - mingw32 <no-dsa> (Minor issue)
 	NOTE: Missing security feature, not a direct vulnerability
-CVE-2016-4972 (OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), ...)
+CVE-2016-4972
 	- murano 1:2.0.1-1 (bug #828062)
 	NOTE: Affects: Murano: <=2015.1.1; <=1.0.2; ==2.0.0
 	- murano-dashboard 1:2.0.0-5 (bug #828064)
 	NOTE: Affects: Murano-dashboard: <=2015.1.1; <=1.0.2; ==2.0.0
 	- python-muranoclient 0.8.3-4 (bug #828063)
 	NOTE: Affects: Python-muranoclient: <=0.7.2; >=0.8.0<=0.8.4
-CVE-2016-4971 (GNU wget before 1.18 allows remote servers to write to arbitrary files ...)
+CVE-2016-4971
 	{DLA-536-1}
 	- wget 1.18-1 (bug #827003)
 	[jessie] - wget 1.16-1+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1 (v1.18)
-CVE-2016-4970 (handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and ...)
+CVE-2016-4970
 	- netty 1:4.0.37-1 (bug #827620)
 	[jessie] - netty <not-affected> (Vulnerable code not present)
 	[wheezy] - netty <not-affected> (Vulnerable code not present)
 	NOTE: Versions affected: Netty 4.0.0.Final - 4.0.36.Final and 4.1.0.Final
-CVE-2016-4969 (Cross-site scripting (XSS) vulnerability in Fortinet FortiWan ...)
+CVE-2016-4969
 	NOT-FOR-US: Fortinet
-CVE-2016-4968 (The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly ...)
+CVE-2016-4968
 	NOT-FOR-US: Fortinet
-CVE-2016-4967 (Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote ...)
+CVE-2016-4967
 	NOT-FOR-US: Fortinet
-CVE-2016-4966 (The diagnosis_control.php page in Fortinet FortiWan (formerly ...)
+CVE-2016-4966
 	NOT-FOR-US: Fortinet
-CVE-2016-4965 (Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote ...)
+CVE-2016-4965
 	NOT-FOR-US: Fortinet
 CVE-2016-XXXX [AST-2016-005]
 	- asterisk 1:13.8.2~dfsg-1
 	[jessie] - asterisk <not-affected> (Only affects 13.x)
 	[wheezy] - asterisk <not-affected> (Only affects 13.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-005.html
-CVE-2016-5107 (The megasas_lookup_frame function in QEMU, when built with MegaRAID ...)
+CVE-2016-5107
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825616)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -17933,14 +17933,14 @@ CVE-2016-5107 (The megasas_lookup_frame function in QEMU, when built with MegaRA
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04424.html
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336461
-CVE-2016-5106 (The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, ...)
+CVE-2016-5106
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825615)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
-CVE-2016-5105 (The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when ...)
+CVE-2016-5105
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825614)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -17948,7 +17948,7 @@ CVE-2016-5105 (The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU,
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04419.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1339583
-CVE-2016-5104 (The socket_create function in common/socket.c in libimobiledevice and ...)
+CVE-2016-5104
 	- libimobiledevice 1.2.0+dfsg-3 (bug #825553)
 	[jessie] - libimobiledevice <no-dsa> (Minor issue)
 	[wheezy] - libimobiledevice <not-affected> (Vulnerable code not present)
@@ -17956,221 +17956,221 @@ CVE-2016-5104 (The socket_create function in common/socket.c in libimobiledevice
 	- libusbmuxd 1.0.10-3 (bug #825554)
 	[jessie] - libusbmuxd <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196
-CVE-2016-4552 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before ...)
+CVE-2016-4552
 	- roundcube 1.2.0+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/5240
 	NOTE: https://github.com/roundcube/roundcubemail/pull/5241
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/8
-CVE-2016-5096 (Integer overflow in the fread function in ext/standard/file.c in PHP ...)
+CVE-2016-5096
 	{DSA-3602-1 DLA-533-1}
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72114
 	NOTE: Fixed in 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2016-5095 (Integer overflow in the php_escape_html_entities_ex function in ...)
+CVE-2016-5095
 	{DSA-3602-1 DLA-533-1}
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72135
 	NOTE: Fixed in 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
 	NOTE: For the additional issue reported in the "[2016-05-17 12:55 UTC]" comment
-CVE-2016-5094 (Integer overflow in the php_html_entities function in ...)
+CVE-2016-5094
 	{DSA-3602-1 DLA-533-1}
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72135
 	NOTE: Fixed in 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2016-5093 (The get_icu_value_internal function in ...)
+CVE-2016-5093
 	{DSA-3602-1 DLA-533-1}
 	- php7.0 7.0.7-1
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72241
 	NOTE: Fixed in 7.0.7, 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2016-5091 (Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 ...)
+CVE-2016-5091
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-5044 (The WRITE_UNALIGNED function in dwarf_elf_access.c in libdwarf before ...)
+CVE-2016-5044
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5043 (The dwarf_dealloc function in libdwarf before 20160923 allows remote ...)
+CVE-2016-5043
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5042 (The dwarf_get_aranges_list function in libdwarf before 20160923 allows ...)
+CVE-2016-5042
 	{DLA-669-1}
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5041 (dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to ...)
+CVE-2016-5041
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5040 (libdwarf before 20160923 allows remote attackers to cause a denial of ...)
+CVE-2016-5040
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5039 (The get_attr_value function in libdwarf before 20160923 allows remote ...)
+CVE-2016-5039
 	{DLA-669-1}
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/eb1472afac95031d0c9dd8c11d527b865fe7deb8/
-CVE-2016-5038 (The dwarf_get_macro_startend_file function in dwarf_macro5.c in ...)
+CVE-2016-5038
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
-CVE-2016-5037 (The _dwarf_load_section function in libdwarf before 20160923 allows ...)
+CVE-2016-5037
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/b6ec2dfd850929821626ea63fb0a752076a3c08a/
-CVE-2016-5036 (The dump_block function in print_sections.c in libdwarf before ...)
+CVE-2016-5036
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
-CVE-2016-5035 (The _dwarf_read_line_table_header function in ...)
+CVE-2016-5035
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
-CVE-2016-5034 (dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers ...)
+CVE-2016-5034
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/10ca310f64368dc083efacac87732c02ef560a92/
-CVE-2016-5033 (The print_exprloc_content function in libdwarf before 20160923 allows ...)
+CVE-2016-5033
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/ac6673e32f3443a5d36c2217cb814000930b2c54/
-CVE-2016-5032 (The dwarf_get_xu_hash_entry function in libdwarf before 20160923 ...)
+CVE-2016-5032
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/ac6673e32f3443a5d36c2217cb814000930b2c54/
-CVE-2016-5031 (The print_frame_inst_bytes function in libdwarf before 20160923 allows ...)
+CVE-2016-5031
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/ac6673e32f3443a5d36c2217cb814000930b2c54/
-CVE-2016-5030 (The _dwarf_calculate_info_section_end_ptr function in libdwarf before ...)
+CVE-2016-5030
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/6fa3f710ee6f21bba7966b963033a91d77c952bd/
-CVE-2016-5029 (The create_fullest_file_path function in libdwarf before 20160923 ...)
+CVE-2016-5029
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/acae971371daa23a19358bc62204007d258fbc5e/
-CVE-2016-5028 (The print_frame_inst_bytes function in libdwarf before 20160923 allows ...)
+CVE-2016-5028
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/a55b958926cc67f89a512ed30bb5a22b0adb10f4/
-CVE-2016-5027 (dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a ...)
+CVE-2016-5027
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1330237
-CVE-2016-5026 (hs.py in OnionShare before 0.9.1 allows local users to modify the ...)
+CVE-2016-5026
 	- onionshare 0.8.1-2 (unimportant)
 	[jessie] - onionshare <not-affected> (Vulnerable code not present)
 	NOTE: Neutralised by kernel hardening (also contrib and non-free not supported)
-CVE-2016-4963 (The libxl device-handling in Xen through 4.6.x allows local guest OS ...)
+CVE-2016-4963
 	{DLA-1493-1}
 	- xen 4.8.0~rc3-1
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport, libvirt doesn't have libxl driver enabled)
 	NOTE: http://xenbits.xen.org/xsa/advisory-178.html
-CVE-2016-4962 (The libxl device-handling in Xen 4.6.x and earlier allows local OS ...)
+CVE-2016-4962
 	{DSA-3633-1}
 	- xen 4.8.0~rc3-1
 	[wheezy] - xen <no-dsa> (Too intrusive to backport, libvirt doesn't have libxl driver enabled)
 	NOTE: http://xenbits.xen.org/xsa/advisory-175.html
-CVE-2016-4961 (For the NVIDIA Quadro, NVS, and GeForce products, improper ...)
+CVE-2016-4961
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-4960 (For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA ...)
+CVE-2016-4960
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-4959 (For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote ...)
+CVE-2016-4959
 	NOT-FOR-US: NVIDIA Windows drivers
 CVE-2016-4958
 	RESERVED
-CVE-2016-4957 (ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial ...)
+CVE-2016-4957
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <not-affected> (Fix for CVE-2016-1547 wasn't backported)
 	[wheezy] - ntp <not-affected> (Fix for CVE-2016-1547 wasn't backported)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3046
-CVE-2016-4956 (ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a ...)
+CVE-2016-4956
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <not-affected> (Fix for CVE-2016-1548 wasn't backported)
 	[wheezy] - ntp <not-affected> (Fix for CVE-2016-1548 wasn't backported)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3042
-CVE-2016-4955 (ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote ...)
+CVE-2016-4955
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3043
-CVE-2016-4954 (The process_packet function in ntp_proto.c in ntpd in NTP 4.x before ...)
+CVE-2016-4954
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3044
-CVE-2016-4953 (ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a ...)
+CVE-2016-4953
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <not-affected> (Upstream fix for CVE-2016-1547 or CVE-2015-7979 wasn't backported)
 	[wheezy] - ntp <not-affected> (Fix for CVE-2016-1547 or CVE-2015-7979 wasn't backported)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3045
-CVE-2016-5117 (OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint ...)
+CVE-2016-5117
 	- openntpd 1:6.0p1-1 (bug #825856; unimportant)
 	[jessie] - openntpd <not-affected> (Vulnerable code introduced later)
 	[wheezy] - openntpd <not-affected> (Vulnerable code introduced later)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/23/2
 	NOTE: Authenticated TLS "contraints" introduced in 2015-03-24 OpenNTPD 5.7p4
 	NOTE: Option is not enabled at buildtime.
-CVE-2016-4964 (The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka ...)
+CVE-2016-4964
 	- qemu 1:2.6+dfsg-2 (bug #825207)
 	[jessie] - qemu <not-affected> (LSI SAS1068 (mptsas) device support added later)
 	[wheezy] - qemu <not-affected> (LSI SAS1068 (mptsas) device support added later)
 	- qemu-kvm <not-affected> (LSI SAS1068 (mptsas) device support added later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04027.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0)
-CVE-2016-4950 (Cloudera Manager 5.5 and earlier allows remote attackers to enumerate ...)
+CVE-2016-4950
 	NOT-FOR-US: Cloudera Manager
-CVE-2016-4949 (Cloudera Manager 5.5 and earlier allows remote attackers to obtain ...)
+CVE-2016-4949
 	NOT-FOR-US: Cloudera Manager
-CVE-2016-4948 (Multiple cross-site scripting (XSS) vulnerabilities in Cloudera ...)
+CVE-2016-4948
 	NOT-FOR-US: Cloudera Manager
-CVE-2016-4947 (Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate ...)
+CVE-2016-4947
 	NOT-FOR-US: Cloudera HUE
-CVE-2016-4946 (Multiple cross-site scripting (XSS) vulnerabilities in Cloudera HUE ...)
+CVE-2016-4946
 	NOT-FOR-US: Cloudera HUE
-CVE-2016-4945 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2016-4945
 	NOT-FOR-US: Citrix NetScaler Gateway
 CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14]
 	- mediawiki 1:1.27.0-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
-CVE-2016-4952 (QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual ...)
+CVE-2016-4952
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825210)
 	[wheezy] - qemu <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later)
 	- qemu-kvm <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03774.html
 	NOTE: Introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=881d588a98bf0dce98ddb65c15aa0854c0ac41ed (v1.5.0-rc0)
-CVE-2016-4951 (The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux ...)
+CVE-2016-4951
 	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Introduced in 3.19)
 	[wheezy] - linux <not-affected> (Introduced in 3.19)
@@ -18203,27 +18203,27 @@ CVE-2016-4933
 	REJECTED
 CVE-2016-4932
 	REJECTED
-CVE-2016-4931 (XML entity injection in Junos Space before 15.2R2 allows attackers to ...)
+CVE-2016-4931
 	NOT-FOR-US: Juniper
-CVE-2016-4930 (Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 ...)
+CVE-2016-4930
 	NOT-FOR-US: Juniper
-CVE-2016-4929 (Command injection vulnerability in Junos Space before 15.2R2 allows ...)
+CVE-2016-4929
 	NOT-FOR-US: Juniper
-CVE-2016-4928 (Cross site request forgery vulnerability in Junos Space before 15.2R2 ...)
+CVE-2016-4928
 	NOT-FOR-US: Juniper
-CVE-2016-4927 (Insufficient validation of SSH keys in Junos Space before 15.2R2 ...)
+CVE-2016-4927
 	NOT-FOR-US: Juniper
-CVE-2016-4926 (Insufficient authentication vulnerability in Junos Space before 15.2R2 ...)
+CVE-2016-4926
 	NOT-FOR-US: Juniper
-CVE-2016-4925 (Receipt of a specifically malformed IPv6 packet processed by the ...)
+CVE-2016-4925
 	NOT-FOR-US: Juniper
-CVE-2016-4924 (An incorrect permissions vulnerability in Juniper Networks Junos OS on ...)
+CVE-2016-4924
 	NOT-FOR-US: Juniper
-CVE-2016-4923 (Insufficient cross site scripting protection in J-Web component in ...)
+CVE-2016-4923
 	NOT-FOR-US: Juniper
-CVE-2016-4922 (Certain combinations of Junos OS CLI commands and arguments have been ...)
+CVE-2016-4922
 	NOT-FOR-US: Juniper
-CVE-2016-4921 (By flooding a Juniper Networks router running Junos OS with specially ...)
+CVE-2016-4921
 	NOT-FOR-US: Juniper
 CVE-2016-4920
 	RESERVED
@@ -18239,127 +18239,127 @@ CVE-2016-4915
 	RESERVED
 CVE-2016-4914
 	RESERVED
-CVE-2016-1000001 (flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect ...)
+CVE-2016-1000001
 	NOT-FOR-US: flask-oidc
-CVE-2016-1000000 (Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter ...)
+CVE-2016-1000000
 	NOT-FOR-US: Ipswitch
-CVE-2016-4910 (Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to ...)
+CVE-2016-4910
 	NOT-FOR-US: Cybozu
-CVE-2016-4909 (Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 ...)
+CVE-2016-4909
 	NOT-FOR-US: Cybozu
-CVE-2016-4908 (Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to ...)
+CVE-2016-4908
 	NOT-FOR-US: Cybozu
-CVE-2016-4907 (Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF ...)
+CVE-2016-4907
 	NOT-FOR-US: Cybozu
-CVE-2016-4906 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 ...)
+CVE-2016-4906
 	NOT-FOR-US: Cybozu
-CVE-2016-4905 (SQL injection vulnerability in the WP-OliveCart versions prior to ...)
+CVE-2016-4905
 	NOT-FOR-US: WP-OliveCart
-CVE-2016-4904 (Cross-site request forgery (CSRF) vulnerability in WP-OliveCart ...)
+CVE-2016-4904
 	NOT-FOR-US: WP-OliveCart
-CVE-2016-4903 (Cross-site scripting vulnerability in WP-OliveCart versions prior to ...)
+CVE-2016-4903
 	NOT-FOR-US: WP-OliveCart
-CVE-2016-4902 (Untrusted search path vulnerability in The Public Certification ...)
+CVE-2016-4902
 	NOT-FOR-US: Public Certification Service for Individuals
-CVE-2016-4901 (Untrusted search path vulnerability in The installer of e-Tax Software ...)
+CVE-2016-4901
 	NOT-FOR-US: e-Tax
-CVE-2016-4900 (Untrusted search path vulnerability in Evernote for Windows versions ...)
+CVE-2016-4900
 	NOT-FOR-US: Evernote
-CVE-2016-4899 (The datamover module in the Linux version of NovaBACKUP DataCenter ...)
+CVE-2016-4899
 	NOT-FOR-US: NovaBACKUP
-CVE-2016-4898 (The datamover module in the Linux version of NovaBACKUP DataCenter ...)
+CVE-2016-4898
 	NOT-FOR-US: NovaBACKUP
-CVE-2016-4897 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2016-4897
 	NOT-FOR-US: Usermin
-CVE-2016-4896 (SetsucoCMS all versions does not properly manage sessions, which ...)
+CVE-2016-4896
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4895 (SetsucoCMS all versions allows remote authenticated attackers to ...)
+CVE-2016-4895
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4894 (SetsucoCMS all versions allows remote attackers to cause a denial of ...)
+CVE-2016-4894
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4893 (SQL injection vulnerability in the SetsucoCMS all versions allows ...)
+CVE-2016-4893
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4892 (Cross-site scripting vulnerability in SetsucoCMS all versions allows ...)
+CVE-2016-4892
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4891 (Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all ...)
+CVE-2016-4891
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4890 (ZOHO ManageEngine ServiceDesk Plus before 9.2 uses an insecure method ...)
+CVE-2016-4890
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2016-4889 (ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote ...)
+CVE-2016-4889
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2016-4888 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ...)
+CVE-2016-4888
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2016-4887 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
+CVE-2016-4887
 	NOT-FOR-US: baserCMS
-CVE-2016-4886 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
+CVE-2016-4886
 	NOT-FOR-US: baserCMS
-CVE-2016-4885 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
+CVE-2016-4885
 	NOT-FOR-US: baserCMS
-CVE-2016-4884 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
+CVE-2016-4884
 	NOT-FOR-US: baserCMS
-CVE-2016-4883 (Cross-site scripting vulnerability in baserCMS version 3.0.10 and ...)
+CVE-2016-4883
 	NOT-FOR-US: baserCMS
-CVE-2016-4882 (Cross-site request forgery (CSRF) vulnerability in baserCMS version ...)
+CVE-2016-4882
 	NOT-FOR-US: baserCMS
-CVE-2016-4881 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
+CVE-2016-4881
 	NOT-FOR-US: baserCMS
-CVE-2016-4880 (Cross-site scripting vulnerability in baserCMS plugin Blog version ...)
+CVE-2016-4880
 	NOT-FOR-US: baserCMS
-CVE-2016-4879 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
+CVE-2016-4879
 	NOT-FOR-US: baserCMS
-CVE-2016-4878 (Cross-site request forgery (CSRF) vulnerability in baserCMS version ...)
+CVE-2016-4878
 	NOT-FOR-US: baserCMS
-CVE-2016-4877 (Cross-site scripting vulnerability in baserCMS plugin Mail version ...)
+CVE-2016-4877
 	NOT-FOR-US: baserCMS
-CVE-2016-4876 (Cross-site request forgery (CSRF) vulnerability in baserCMS version ...)
+CVE-2016-4876
 	NOT-FOR-US: baserCMS
-CVE-2016-4875 (Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) ...)
+CVE-2016-4875
 	NOT-FOR-US: IVYWE
-CVE-2016-4874 (Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct ...)
+CVE-2016-4874
 	NOT-FOR-US: Cybozu
-CVE-2016-4873 (Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to ...)
+CVE-2016-4873
 	NOT-FOR-US: Cybozu
-CVE-2016-4872 (Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to ...)
+CVE-2016-4872
 	NOT-FOR-US: Cybozu
-CVE-2016-4871 (Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a ...)
+CVE-2016-4871
 	NOT-FOR-US: Cybozu
-CVE-2016-4870 (Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 ...)
+CVE-2016-4870
 	NOT-FOR-US: Cybozu
-CVE-2016-4869 (Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session ...)
+CVE-2016-4869
 	NOT-FOR-US: Cybozu
-CVE-2016-4868 (Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 ...)
+CVE-2016-4868
 	NOT-FOR-US: Cybozu
-CVE-2016-4867 (Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to ...)
+CVE-2016-4867
 	NOT-FOR-US: Cybozu
-CVE-2016-4866 (Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 ...)
+CVE-2016-4866
 	NOT-FOR-US: Cybozu
-CVE-2016-4865 (Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 ...)
+CVE-2016-4865
 	NOT-FOR-US: Cybozu
-CVE-2016-4864 (H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows ...)
+CVE-2016-4864
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/1077
-CVE-2016-4863 (The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware ...)
+CVE-2016-4863
 	NOT-FOR-US: Toshiba FlashAir
-CVE-2016-4862 (Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with ...)
+CVE-2016-4862
 	NOT-FOR-US: Twigmo
-CVE-2016-4861 (The (1) order and (2) group methods in Zend_Db_Select in the Zend ...)
+CVE-2016-4861
 	{DLA-1403-1 DLA-646-1}
 	- zendframework 1.12.20+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2016-03
 	NOTE: This security fix can be considered an improvement of the previous ZF2016-02
 	NOTE: and ZF2014-04 advisories.
 	NOTE: Fixed by: https://github.com/zendframework/zf1/commit/b1c71dd94296d9000127720c85a7ea9e3b35af4b (1.12.20)
-CVE-2016-4860 (Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not ...)
+CVE-2016-4860
 	NOT-FOR-US: Yokogawa STARDOM
-CVE-2016-4859 (Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, ...)
+CVE-2016-4859
 	NOT-FOR-US: Splunk
-CVE-2016-4858 (Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to ...)
+CVE-2016-4858
 	NOT-FOR-US: Splunk
-CVE-2016-4857 (Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, ...)
+CVE-2016-4857
 	NOT-FOR-US: Splunk
-CVE-2016-4856 (Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to ...)
+CVE-2016-4856
 	NOT-FOR-US: Splunk
-CVE-2016-4855 (Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 ...)
+CVE-2016-4855
 	{DLA-620-1}
 	- libphp-adodb 5.20.6-1 (unimportant; bug #837418)
 	[jessie] - libphp-adodb 5.15-1+deb8u1
@@ -18367,158 +18367,158 @@ CVE-2016-4855 (Cross-site scripting vulnerability in ADOdb versions prior to 5.2
 	NOTE: https://jvn.jp/en/jp/JVN48237713/
 	NOTE: https://github.com/ADOdb/ADOdb/commit/ecb93d8c1
 	NOTE: Vulnerable file is shipped as an example only
-CVE-2016-4854 (Cross-site request forgery (CSRF) vulnerability in L-04D firmware ...)
+CVE-2016-4854
 	NOT-FOR-US: L-04D firmware
-CVE-2016-4853 (AKABEi SOFT2 games allow remote attackers to execute arbitrary OS ...)
+CVE-2016-4853
 	NOT-FOR-US: AKABEi SOFT2
-CVE-2016-4852 (YoruFukurou (NightOwl) before 2.85 relies on support for emoji ...)
+CVE-2016-4852
 	NOT-FOR-US: YoruFukurou
-CVE-2016-4851 (Cross-site scripting (XSS) vulnerability in Let's PHP! simple chat ...)
+CVE-2016-4851
 	NOT-FOR-US: Let's PHP! simple chat
-CVE-2016-4850 (LINE for Windows before 4.8.3 allows man-in-the-middle attackers to ...)
+CVE-2016-4850
 	NOT-FOR-US: LINE for Windows
-CVE-2016-4849 (Multiple cross-site scripting (XSS) vulnerabilities in Geeklog IVYWE ...)
+CVE-2016-4849
 	NOT-FOR-US: Geeklog
-CVE-2016-4848 (Cross-site scripting (XSS) vulnerability in ClipBucket before 2.8.1 ...)
+CVE-2016-4848
 	NOT-FOR-US: ClipBucket
-CVE-2016-4847 (Cross-site scripting (XSS) vulnerability in site/search.php in OSSEC ...)
+CVE-2016-4847
 	NOT-FOR-US: OSSEC Web UI
-CVE-2016-4846 (Untrusted search path vulnerability in the installer of PhishWall ...)
+CVE-2016-4846
 	NOT-FOR-US: PhishWall Client Internet Explorer
-CVE-2016-4845 (Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ...)
+CVE-2016-4845
 	NOT-FOR-US: I-O DATA
-CVE-2016-4844 (Cybozu Mailwise before 5.4.0 allows remote attackers to conduct ...)
+CVE-2016-4844
 	NOT-FOR-US: Cybozu
-CVE-2016-4843 (Cybozu Mailwise before 5.4.0 allows remote attackers to obtain ...)
+CVE-2016-4843
 	NOT-FOR-US: Cybozu
-CVE-2016-4842 (Cybozu Mailwise before 5.4.0 allows remote attackers to obtain ...)
+CVE-2016-4842
 	NOT-FOR-US: Cybozu
-CVE-2016-4841 (Cybozu Mailwise before 5.4.0 allows remote attackers to inject ...)
+CVE-2016-4841
 	NOT-FOR-US: Cybozu
-CVE-2016-4840 (Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus ...)
+CVE-2016-4840
 	NOT-FOR-US: Coordinate Plus App for Android
-CVE-2016-4839 (The Android Apps Money Forward (prior to v7.18.0), Money Forward for ...)
+CVE-2016-4839
 	NOT-FOR-US: Money Forward
-CVE-2016-4838 (The Android Apps Money Forward (prior to v7.18.0), Money Forward for ...)
+CVE-2016-4838
 	NOT-FOR-US: Money Forward
-CVE-2016-4837 (SQL injection vulnerability in the Seed Coupon plugin before 1.6 for ...)
+CVE-2016-4837
 	NOT-FOR-US: EC-CUBE
 CVE-2016-4836
 	REJECTED
 CVE-2016-4835
 	REJECTED
-CVE-2016-4834 (modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does ...)
+CVE-2016-4834
 	NOT-FOR-US: Vtiger
-CVE-2016-4833 (Cross-site scripting (XSS) vulnerability in the Nofollow Links plugin ...)
+CVE-2016-4833
 	NOT-FOR-US: Nofollow Links plugin for WordPress
-CVE-2016-4832 (WAON &quot;Service Application&quot; for Android 1.4.1 and earlier does not ...)
+CVE-2016-4832
 	NOT-FOR-US: WAON "Service Application" for Android
-CVE-2016-4831 (Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 ...)
+CVE-2016-4831
 	NOT-FOR-US: LINE
-CVE-2016-4830 (Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android ...)
+CVE-2016-4830
 	NOT-FOR-US: Sushiro App
-CVE-2016-4829 (DMM Movie Player App for Android before 1.2.1, and DMM Movie Player ...)
+CVE-2016-4829
 	NOT-FOR-US: DMM Movie Player App
-CVE-2016-4828 (The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress ...)
+CVE-2016-4828
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4827 (Cross-site scripting (XSS) vulnerability in the Collne Welcart ...)
+CVE-2016-4827
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4826 (Cross-site scripting (XSS) vulnerability in the Collne Welcart ...)
+CVE-2016-4826
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4825 (The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows ...)
+CVE-2016-4825
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4824 (The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV ...)
+CVE-2016-4824
 	NOT-FOR-US: Corega
-CVE-2016-4823 (Corega CG-WLBARAGM devices allow remote attackers to cause a denial of ...)
+CVE-2016-4823
 	NOT-FOR-US: Corega
-CVE-2016-4822 (Corega CG-WLBARGL devices allow remote authenticated users to execute ...)
+CVE-2016-4822
 	NOT-FOR-US: Corega
-CVE-2016-4821 (I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial ...)
+CVE-2016-4821
 	NOT-FOR-US: I-O DATA
-CVE-2016-4820 (Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ...)
+CVE-2016-4820
 	NOT-FOR-US: I-O DATA
-CVE-2016-4819 (The printfDx function in Takumi Yamada DX Library for Borland C++ ...)
+CVE-2016-4819
 	NOT-FOR-US: Borland
-CVE-2016-4818 (DMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for ...)
+CVE-2016-4818
 	NOT-FOR-US: DMMFX
-CVE-2016-4817 (lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 ...)
+CVE-2016-4817
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/pull/920
 	NOTE: https://github.com/h2o/h2o/commit/1c0808d580da09fdec5a9a74ff09e103ea058dd4
-CVE-2016-4816 (BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and ...)
+CVE-2016-4816
 	NOT-FOR-US: BUFFALO
-CVE-2016-4815 (Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with ...)
+CVE-2016-4815
 	NOT-FOR-US: BUFFALO
-CVE-2016-4814 (Directory traversal vulnerability in kml2jsonp.php in Geospatial ...)
+CVE-2016-4814
 	NOT-FOR-US: Old_GSI_Maps
-CVE-2016-4813 (NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat ...)
+CVE-2016-4813
 	NOT-FOR-US: NetCommons
-CVE-2016-4812 (Cross-site scripting (XSS) vulnerability in the Markdown on Save ...)
+CVE-2016-4812
 	NOT-FOR-US: Markdown on Save Improved plugin for WordPress
-CVE-2016-4811 (The NTT Broadband Platform Japan Connected-free Wi-Fi application ...)
+CVE-2016-4811
 	NOT-FOR-US: NTT
-CVE-2016-4810 (Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR ...)
+CVE-2016-4810
 	NOT-FOR-US: Citrix
-CVE-2016-4913 (The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux ...)
+CVE-2016-4913
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.4-1
 	NOTE: Fixed by: https://git.kernel.org/linus/99d825822eade8d827a1817357cbf3f889a552d6 (v4.6)
-CVE-2016-4912 (The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows ...)
+CVE-2016-4912
 	- openslp-dfsg <not-affected> (Vulnerable code not present)
 	NOTE: Issue present only in OpenSLP 2.x where the return from malloc isn't checked.
-CVE-2016-4911 (The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x ...)
+CVE-2016-4911
 	- keystone 2:9.0.0-2 (bug #824683)
 	[jessie] - keystone <not-affected> (affects only 9.0.0)
 	[wheezy] - keystone <not-affected> (affects only 9.0.0)
 	NOTE: https://launchpad.net/bugs/1577558
-CVE-2016-4809 (The archive_read_format_cpio_read_header function in ...)
+CVE-2016-4809
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: https://github.com/libarchive/libarchive/issues/705
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/fd7e0c02e272913a0a8b6d492c7260dfca0b1408 (v3.2.1)
-CVE-2016-10321 (web2py before 2.14.6 does not properly check if a host is denied before ...)
+CVE-2016-10321
 	- web2py <removed> (bug #860038)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585#issuecomment-284317919
 	NOTE: https://github.com/web2py/web2py/commit/944d8bd8f3c5cf8ae296fc03d149056c65358426
-CVE-2016-4808 (Web2py versions 2.14.5 and below was affected by CSRF (Cross Site ...)
+CVE-2016-4808
 	- web2py <removed> (bug #856127)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585
 	NOTE: https://github.com/web2py/web2py/commit/4bd002aee978813bc664cf186ef38ff4e8bbe1cd
-CVE-2016-4807 (Web2py versions 2.14.5 and below was affected by Reflected XSS ...)
+CVE-2016-4807
 	- web2py <removed> (bug #856127)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585
 	NOTE: https://github.com/web2py/web2py/commit/51c3b633fe7ad647bc3013e899c1e3a910362dd1
-CVE-2016-4806 (Web2py versions 2.14.5 and below was affected by Local File Inclusion ...)
+CVE-2016-4806
 	- web2py <removed> (bug #856127)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585
 	NOTE: https://github.com/web2py/web2py/issues/1316
 	NOTE: https://github.com/web2py/web2py/commit/1b42fe65472930668435007cfcb077207051ba34
-CVE-2016-4803 (CRLF injection vulnerability in the send email functionality in dotCMS ...)
+CVE-2016-4803
 	NOT-FOR-US: dotCMS
-CVE-2016-4802 (Multiple untrusted search path vulnerabilities in cURL and libcurl ...)
+CVE-2016-4802
 	- curl <not-affected> (Windows only)
 CVE-2016-4801
 	RESERVED
-CVE-2016-4800 (The path normalization mechanism in PathResource class in Eclipse ...)
+CVE-2016-4800
 	- jetty9 <not-affected> (Only affects Jetty >= 9.3.0, Jetty <= 9.3.8)
 	- jetty8 <not-affected> (Only affects 9.3.x)
 	- jetty <not-affected> (Only affects 9.3.x)
 	NOTE: http://www.ocert.org/advisories/ocert-2016-001.html
-CVE-2016-4805 (Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the ...)
+CVE-2016-4805
 	{DSA-3607-1}
 	- linux 4.5.2-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89 (v4.6-rc1)
 	NOTE: Introduced by: https://git.kernel.org/linus/273ec51dd7ceaa76e038875d85061ec856d8905e (v2.6.30)
-CVE-2016-4804 (The read_boot function in boot.c in dosfstools before 4.0 allows ...)
+CVE-2016-4804
 	{DLA-474-1}
 	- dosfstools 4.0-1
 	[jessie] - dosfstools <no-dsa> (Minor issue)
@@ -18531,552 +18531,552 @@ CVE-2016-4798
 	RESERVED
 CVE-2016-4795
 	RESERVED
-CVE-2016-4793 (The clientIp function in CakePHP 3.2.4 and earlier allows remote ...)
+CVE-2016-4793
 	{DLA-835-1}
 	- cakephp 2.8.3-1
 	[jessie] - cakephp <no-dsa> (Minor issue)
 	NOTE: http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt
 	NOTE: https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
 	NOTE: Fixed by https://github.com/cakephp/cakephp/commit/48af49ddde16c8b99edb701f1c31283455b2b0b6
-CVE-2016-4792 (Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote attackers to ...)
+CVE-2016-4792
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4791 (The administrative user interface in Pulse Connect Secure (PCS) 8.2 ...)
+CVE-2016-4791
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4790 (Cross-site scripting (XSS) vulnerability in the administrative user ...)
+CVE-2016-4790
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4789 (Cross-site scripting (XSS) vulnerability in the system configuration ...)
+CVE-2016-4789
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4788 (Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 ...)
+CVE-2016-4788
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4787 (Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 ...)
+CVE-2016-4787
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4786 (Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r3, 8.0 ...)
+CVE-2016-4786
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4785 (A vulnerability has been identified in Firmware variant PROFINET IO ...)
+CVE-2016-4785
 	NOT-FOR-US: Siemens
-CVE-2016-4784 (A vulnerability has been identified in firmware variant PROFINET IO ...)
+CVE-2016-4784
 	NOT-FOR-US: Siemens
-CVE-2016-4783 (Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before ...)
+CVE-2016-4783
 	NOT-FOR-US: Lenovo
-CVE-2016-4782 (Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote ...)
+CVE-2016-4782
 	NOT-FOR-US: Lenovo
-CVE-2016-4781 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-4781
 	NOT-FOR-US: Apple
-CVE-2016-4780 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4780
 	NOT-FOR-US: Apple
-CVE-2016-4779 (Apple Type Services (ATS) in Apple OS X before 10.12 allows remote ...)
+CVE-2016-4779
 	NOT-FOR-US: Apple
-CVE-2016-4778 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4778
 	NOT-FOR-US: Apple
-CVE-2016-4777 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4777
 	NOT-FOR-US: Apple
-CVE-2016-4776 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4776
 	NOT-FOR-US: Apple
-CVE-2016-4775 (The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS ...)
+CVE-2016-4775
 	NOT-FOR-US: Apple
-CVE-2016-4774 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4774
 	NOT-FOR-US: Apple
-CVE-2016-4773 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4773
 	NOT-FOR-US: Apple
-CVE-2016-4772 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4772
 	NOT-FOR-US: Apple
-CVE-2016-4771 (The kernel in Apple iOS before 10 and OS X before 10.12 allows local ...)
+CVE-2016-4771
 	NOT-FOR-US: Apple
 CVE-2016-4770
 	REJECTED
-CVE-2016-4769 (WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 ...)
+CVE-2016-4769
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4768 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
+CVE-2016-4768
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4767 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
+CVE-2016-4767
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4766 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
+CVE-2016-4766
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4765 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
+CVE-2016-4765
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4764 (An issue was discovered in certain Apple products. iOS before 10 is ...)
+CVE-2016-4764
 	NOT-FOR-US: Apple
-CVE-2016-4763 (WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on ...)
+CVE-2016-4763
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4762 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud ...)
+CVE-2016-4762
 	NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4761
 	RESERVED
-CVE-2016-4760 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and ...)
+CVE-2016-4760
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4759 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
+CVE-2016-4759
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4758 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and ...)
+CVE-2016-4758
 	NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4757
 	REJECTED
 CVE-2016-4756
 	REJECTED
-CVE-2016-4755 (Terminal in Apple OS X before 10.12 uses weak permissions for the ...)
+CVE-2016-4755
 	NOT-FOR-US: Apple
-CVE-2016-4754 (ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 ...)
+CVE-2016-4754
 	NOT-FOR-US: Apple
-CVE-2016-4753 (Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS ...)
+CVE-2016-4753
 	NOT-FOR-US: Apple
-CVE-2016-4752 (The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does ...)
+CVE-2016-4752
 	NOT-FOR-US: Apple
-CVE-2016-4751 (The Safari Tabs component in Apple Safari before 10 allows remote ...)
+CVE-2016-4751
 	NOT-FOR-US: Apple
-CVE-2016-4750 (S2 Camera in Apple iOS before 10 and OS X before 10.12 allows ...)
+CVE-2016-4750
 	NOT-FOR-US: Apple
-CVE-2016-4749 (Printing UIKit in Apple iOS before 10 mishandles environment ...)
+CVE-2016-4749
 	NOT-FOR-US: Apple
-CVE-2016-4748 (Perl in Apple OS X before 10.12 allows local users to bypass the ...)
+CVE-2016-4748
 	NOT-FOR-US: Apple
-CVE-2016-4747 (Mail in Apple iOS before 10 mishandles certificates, which makes it ...)
+CVE-2016-4747
 	NOT-FOR-US: Apple
-CVE-2016-4746 (The Keyboards component in Apple iOS before 10 does not properly use a ...)
+CVE-2016-4746
 	NOT-FOR-US: Apple
-CVE-2016-4745 (The Kerberos 5 (aka krb5) PAM module in Apple OS X before 10.12 does ...)
+CVE-2016-4745
 	NOT-FOR-US: Apple
 CVE-2016-4744
 	REJECTED
-CVE-2016-4743 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-4743
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-4742 (NSSecureTextField in Apple OS X before 10.12 does not enable Secure ...)
+CVE-2016-4742
 	NOT-FOR-US: Apple
-CVE-2016-4741 (The Assets component in Apple iOS before 10 allows man-in-the-middle ...)
+CVE-2016-4741
 	NOT-FOR-US: Apple
-CVE-2016-4740 (Apple iOS before 10, when Handoff for Messages is used, does not ...)
+CVE-2016-4740
 	NOT-FOR-US: Apple
-CVE-2016-4739 (mDNSResponder in Apple OS X before 10.12, when VMnet.framework is ...)
+CVE-2016-4739
 	NOT-FOR-US: Apple
-CVE-2016-4738 (libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and ...)
+CVE-2016-4738
 	{DSA-3709-1 DLA-700-1}
 	- libxslt 1.1.29-2 (bug #842570)
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=619006
-CVE-2016-4737 (WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and ...)
+CVE-2016-4737
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4736 (libarchive in Apple OS X before 10.12 allows remote attackers to cause ...)
+CVE-2016-4736
 	NOT-FOR-US: Apple / libarchive
 	NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't cooperate
-CVE-2016-4735 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 ...)
+CVE-2016-4735
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4734 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 ...)
+CVE-2016-4734
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4733 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 ...)
+CVE-2016-4733
 	NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4732
 	REJECTED
-CVE-2016-4731 (WebKit in Apple iOS before 10 and Safari before 10 allows remote ...)
+CVE-2016-4731
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4730 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 ...)
+CVE-2016-4730
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4729 (WebKit in Apple iOS before 10 and Safari before 10 allows remote ...)
+CVE-2016-4729
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4728 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
+CVE-2016-4728
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4727 (IOThunderboltFamily in Apple OS X before 10.12 allows attackers to ...)
+CVE-2016-4727
 	NOT-FOR-US: Apple
-CVE-2016-4726 (IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS ...)
+CVE-2016-4726
 	NOT-FOR-US: Apple
-CVE-2016-4725 (IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS ...)
+CVE-2016-4725
 	NOT-FOR-US: Apple
-CVE-2016-4724 (IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 ...)
+CVE-2016-4724
 	NOT-FOR-US: Apple
-CVE-2016-4723 (Intel Graphics Driver in Apple OS X before 10.12 allows attackers to ...)
+CVE-2016-4723
 	NOT-FOR-US: Intel driver for OS X
-CVE-2016-4722 (The IDS - Connectivity component in Apple iOS before 10 and OS X ...)
+CVE-2016-4722
 	NOT-FOR-US: Apple
-CVE-2016-4721 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4721
 	NOT-FOR-US: Apple
 CVE-2016-4720
 	REJECTED
-CVE-2016-4719 (The GeoServices component in Apple iOS before 10 and watchOS before 3 ...)
+CVE-2016-4719
 	NOT-FOR-US: Apple
-CVE-2016-4718 (Buffer overflow in FontParser in Apple iOS before 10, OS X before ...)
+CVE-2016-4718
 	NOT-FOR-US: Apple
-CVE-2016-4717 (The File Bookmark component in Apple OS X before 10.12 mishandles ...)
+CVE-2016-4717
 	NOT-FOR-US: Apple
-CVE-2016-4716 (diskutil in DiskArbitration in Apple OS X before 10.12 allows local ...)
+CVE-2016-4716
 	NOT-FOR-US: Apple
-CVE-2016-4715 (The Date &amp; Time Pref Pane component in Apple OS X before 10.12 ...)
+CVE-2016-4715
 	NOT-FOR-US: Apple
 CVE-2016-4714
 	REJECTED
-CVE-2016-4713 (CoreDisplay in Apple OS X before 10.12 allows attackers to view ...)
+CVE-2016-4713
 	NOT-FOR-US: Apple
-CVE-2016-4712 (CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4712
 	NOT-FOR-US: Apple
-CVE-2016-4711 (CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X ...)
+CVE-2016-4711
 	NOT-FOR-US: Apple
-CVE-2016-4710 (WindowServer in Apple OS X before 10.12 allows local users to obtain ...)
+CVE-2016-4710
 	NOT-FOR-US: Apple
-CVE-2016-4709 (WindowServer in Apple OS X before 10.12 allows local users to obtain ...)
+CVE-2016-4709
 	NOT-FOR-US: Apple
-CVE-2016-4708 (CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, ...)
+CVE-2016-4708
 	NOT-FOR-US: Apple
-CVE-2016-4707 (CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles ...)
+CVE-2016-4707
 	NOT-FOR-US: Apple
-CVE-2016-4706 (cd9660 in Apple OS X before 10.12 allows local users to cause a denial ...)
+CVE-2016-4706
 	NOT-FOR-US: Apple
-CVE-2016-4705 (otool in Apple Xcode before 8 allows local users to gain privileges or ...)
+CVE-2016-4705
 	NOT-FOR-US: Apple
-CVE-2016-4704 (otool in Apple Xcode before 8 allows local users to gain privileges or ...)
+CVE-2016-4704
 	NOT-FOR-US: Apple
-CVE-2016-4703 (Bluetooth in Apple OS X before 10.12 allows attackers to execute ...)
+CVE-2016-4703
 	NOT-FOR-US: Apple
-CVE-2016-4702 (Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and ...)
+CVE-2016-4702
 	NOT-FOR-US: Apple
-CVE-2016-4701 (Application Firewall in Apple OS X before 10.12 allows local users to ...)
+CVE-2016-4701
 	NOT-FOR-US: Apple
-CVE-2016-4700 (AppleUUC in Apple OS X before 10.12 allows attackers to execute ...)
+CVE-2016-4700
 	NOT-FOR-US: Apple
-CVE-2016-4699 (AppleUUC in Apple OS X before 10.12 allows attackers to execute ...)
+CVE-2016-4699
 	NOT-FOR-US: Apple
-CVE-2016-4698 (AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 ...)
+CVE-2016-4698
 	NOT-FOR-US: Apple
-CVE-2016-4697 (Apple HSSPI Support in Apple OS X before 10.12 allows attackers to ...)
+CVE-2016-4697
 	NOT-FOR-US: Apple
-CVE-2016-4696 (AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute ...)
+CVE-2016-4696
 	NOT-FOR-US: Apple
 CVE-2016-4695
 	REJECTED
-CVE-2016-4694 (The Apache HTTP Server in Apple OS X before 10.12 and OS X Server ...)
+CVE-2016-4694
 	NOT-FOR-US: Apple CVE assignment to the equivalent of CVE-2016-5387
-CVE-2016-4693 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-4693
 	NOT-FOR-US: Apple
-CVE-2016-4692 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-4692
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-4691 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-4691
 	NOT-FOR-US: Apple
-CVE-2016-4690 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-4690
 	NOT-FOR-US: Apple
-CVE-2016-4689 (An issue was discovered in certain Apple products. iOS before 10.2 is ...)
+CVE-2016-4689
 	NOT-FOR-US: Apple
-CVE-2016-4688 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4688
 	NOT-FOR-US: Apple
 CVE-2016-4687
 	REJECTED
-CVE-2016-4686 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4686
 	NOT-FOR-US: Apple
-CVE-2016-4685 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4685
 	NOT-FOR-US: Apple
 CVE-2016-4684
 	REJECTED
-CVE-2016-4683 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4683
 	NOT-FOR-US: Apple
-CVE-2016-4682 (An issue was discovered in certain Apple products. macOS before 10.12 ...)
+CVE-2016-4682
 	NOT-FOR-US: Apple
-CVE-2016-4681 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4681
 	NOT-FOR-US: Apple
-CVE-2016-4680 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4680
 	NOT-FOR-US: Apple
-CVE-2016-4679 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4679
 	NOT-FOR-US: Apple
-CVE-2016-4678 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4678
 	NOT-FOR-US: Apple
-CVE-2016-4677 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4677
 	NOT-FOR-US: Apple
 CVE-2016-4676
 	RESERVED
-CVE-2016-4675 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4675
 	NOT-FOR-US: Apple
-CVE-2016-4674 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4674
 	NOT-FOR-US: Apple
-CVE-2016-4673 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4673
 	NOT-FOR-US: Apple
 CVE-2016-4672
 	REJECTED
-CVE-2016-4671 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4671
 	NOT-FOR-US: Apple
-CVE-2016-4670 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4670
 	NOT-FOR-US: Apple
-CVE-2016-4669 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4669
 	NOT-FOR-US: Apple
 CVE-2016-4668
 	REJECTED
-CVE-2016-4667 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4667
 	NOT-FOR-US: Apple
-CVE-2016-4666 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4666
 	NOT-FOR-US: Apple
-CVE-2016-4665 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4665
 	NOT-FOR-US: Apple
-CVE-2016-4664 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4664
 	NOT-FOR-US: Apple
-CVE-2016-4663 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4663
 	NOT-FOR-US: Apple
-CVE-2016-4662 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4662
 	NOT-FOR-US: Apple
-CVE-2016-4661 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2016-4661
 	NOT-FOR-US: Apple
-CVE-2016-4660 (An issue was discovered in certain Apple products. iOS before 10.1 is ...)
+CVE-2016-4660
 	NOT-FOR-US: Apple
 CVE-2016-4659
 	REJECTED
-CVE-2016-4658 (xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS ...)
+CVE-2016-4658
 	{DSA-3744-1 DLA-691-1}
 	- libxml2 2.9.4+dfsg1-2.1 (bug #840553)
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
-CVE-2016-4657 (WebKit in Apple iOS before 9.3.5 allows remote attackers to execute ...)
+CVE-2016-4657
 	- webkitgtk <removed> (unimportant)
 	NOTE: https://www.youtube.com/watch?v=xkdPjbaLngE
 	NOTE: Not covered by security support
-CVE-2016-4656 (The kernel in Apple iOS before 9.3.5 allows attackers to execute ...)
+CVE-2016-4656
 	NOT-FOR-US: Apple
-CVE-2016-4655 (The kernel in Apple iOS before 9.3.5 allows attackers to obtain ...)
+CVE-2016-4655
 	NOT-FOR-US: Apple
-CVE-2016-4654 (IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to ...)
+CVE-2016-4654
 	NOT-FOR-US: Apple
-CVE-2016-4653 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
+CVE-2016-4653
 	NOT-FOR-US: Apple
-CVE-2016-4652 (CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain ...)
+CVE-2016-4652
 	NOT-FOR-US: Apple
-CVE-2016-4651 (Cross-site scripting (XSS) vulnerability in the WebKit JavaScript ...)
+CVE-2016-4651
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4650 (Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, ...)
+CVE-2016-4650
 	NOT-FOR-US: Apple
-CVE-2016-4649 (Audio in Apple OS X before 10.11.6 allows local users to cause a ...)
+CVE-2016-4649
 	NOT-FOR-US: Apple
-CVE-2016-4648 (Audio in Apple OS X before 10.11.6 allows local users to obtain ...)
+CVE-2016-4648
 	NOT-FOR-US: Apple
-CVE-2016-4647 (Audio in Apple OS X before 10.11.6 allows local users to gain ...)
+CVE-2016-4647
 	NOT-FOR-US: Apple
-CVE-2016-4646 (Audio in Apple OS X before 10.11.6 mishandles a size value, which ...)
+CVE-2016-4646
 	NOT-FOR-US: Apple
-CVE-2016-4645 (CFNetwork in Apple OS X before 10.11.6 uses weak permissions for ...)
+CVE-2016-4645
 	NOT-FOR-US: Apple
-CVE-2016-4644 (In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before ...)
+CVE-2016-4644
 	NOT-FOR-US: Apple
-CVE-2016-4643 (In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before ...)
+CVE-2016-4643
 	NOT-FOR-US: Apple
-CVE-2016-4642 (In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before ...)
+CVE-2016-4642
 	NOT-FOR-US: Apple
-CVE-2016-4641 (Login Window in Apple OS X before 10.11.6 allows attackers to execute ...)
+CVE-2016-4641
 	NOT-FOR-US: Apple
-CVE-2016-4640 (Login Window in Apple OS X before 10.11.6 allows attackers to execute ...)
+CVE-2016-4640
 	NOT-FOR-US: Apple
-CVE-2016-4639 (Login Window in Apple OS X before 10.11.6 does not properly initialize ...)
+CVE-2016-4639
 	NOT-FOR-US: Apple
-CVE-2016-4638 (Login Window in Apple OS X before 10.11.6 allows attackers to gain ...)
+CVE-2016-4638
 	NOT-FOR-US: Apple
-CVE-2016-4637 (CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS ...)
+CVE-2016-4637
 	NOT-FOR-US: Apple
 CVE-2016-4636
 	REJECTED
-CVE-2016-4635 (FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows ...)
+CVE-2016-4635
 	NOT-FOR-US: Apple
-CVE-2016-4634 (The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows ...)
+CVE-2016-4634
 	NOT-FOR-US: Apple
-CVE-2016-4633 (Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to ...)
+CVE-2016-4633
 	NOT-FOR-US: Apple
-CVE-2016-4632 (ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
+CVE-2016-4632
 	NOT-FOR-US: Apple
-CVE-2016-4631 (ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
+CVE-2016-4631
 	NOT-FOR-US: Apple
-CVE-2016-4630 (ImageIO in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4630
 	NOT-FOR-US: Apple
-CVE-2016-4629 (ImageIO in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4629
 	NOT-FOR-US: Apple
-CVE-2016-4628 (IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 ...)
+CVE-2016-4628
 	NOT-FOR-US: Apple
-CVE-2016-4627 (IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and ...)
+CVE-2016-4627
 	NOT-FOR-US: Apple
-CVE-2016-4626 (IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS ...)
+CVE-2016-4626
 	NOT-FOR-US: Apple
-CVE-2016-4625 (Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 ...)
+CVE-2016-4625
 	NOT-FOR-US: Apple
-CVE-2016-4624 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
+CVE-2016-4624
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4623 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
+CVE-2016-4623
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4622 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
+CVE-2016-4622
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4621 (libc++abi in Apple OS X before 10.11.6 allows attackers to execute ...)
+CVE-2016-4621
 	NOT-FOR-US: Apple
-CVE-2016-4620 (The Sandbox Profiles component in Apple iOS before 10 does not ...)
+CVE-2016-4620
 	NOT-FOR-US: Apple
 CVE-2016-4619
 	REJECTED
-CVE-2016-4618 (Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS ...)
+CVE-2016-4618
 	NOT-FOR-US: Apple
-CVE-2016-4617 (An issue was discovered in certain Apple products. macOS before 10.12 ...)
+CVE-2016-4617
 	NOT-FOR-US: Apple
-CVE-2016-4616 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4616
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4615 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4615
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4614 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4614
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4613 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2016-4613
 	NOT-FOR-US: Apple
 CVE-2016-4612
 	REJECTED
-CVE-2016-4611 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 ...)
+CVE-2016-4611
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4610 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4610
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4609 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4609
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4608 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4608
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4607 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4607
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
 CVE-2016-4606
 	RESERVED
-CVE-2016-4605 (Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a ...)
+CVE-2016-4605
 	NOT-FOR-US: Apple
-CVE-2016-4604 (Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the ...)
+CVE-2016-4604
 	NOT-FOR-US: Apple
-CVE-2016-4603 (Web Media in Apple iOS before 9.3.3 allows attackers to bypass the ...)
+CVE-2016-4603
 	NOT-FOR-US: Apple
-CVE-2016-4602 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4602
 	NOT-FOR-US: Apple
-CVE-2016-4601 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4601
 	NOT-FOR-US: Apple
-CVE-2016-4600 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4600
 	NOT-FOR-US: Apple
-CVE-2016-4599 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4599
 	NOT-FOR-US: Apple
-CVE-2016-4598 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4598
 	NOT-FOR-US: Apple
-CVE-2016-4597 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4597
 	NOT-FOR-US: Apple
-CVE-2016-4596 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to ...)
+CVE-2016-4596
 	NOT-FOR-US: Apple
-CVE-2016-4595 (Safari Login AutoFill in Apple OS X before 10.11.6 allows physically ...)
+CVE-2016-4595
 	NOT-FOR-US: Apple
-CVE-2016-4594 (The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before ...)
+CVE-2016-4594
 	NOT-FOR-US: Apple
-CVE-2016-4593 (The Siri Contacts component in Apple iOS before 9.3.3 allows ...)
+CVE-2016-4593
 	NOT-FOR-US: Apple
-CVE-2016-4592 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
+CVE-2016-4592
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4591 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
+CVE-2016-4591
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4590 (WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles ...)
+CVE-2016-4590
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4589 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
+CVE-2016-4589
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4588 (WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute ...)
+CVE-2016-4588
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4587 (WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote ...)
+CVE-2016-4587
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4586 (WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows ...)
+CVE-2016-4586
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4585 (Cross-site scripting (XSS) vulnerability in the WebKit Page Loading ...)
+CVE-2016-4585
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4584 (The WebKit Page Loading implementation in Apple iOS before 9.3.3, ...)
+CVE-2016-4584
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4583 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
+CVE-2016-4583
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4582 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
+CVE-2016-4582
 	NOT-FOR-US: Apple
-CVE-2016-4580 (The x25_negotiate_facilities function in net/x25/x25_facilities.c in ...)
+CVE-2016-4580
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: Fixed by: https://git.kernel.org/linus/79e48650320e6fba48369fccf13fd045315b19b8 (v4.6)
-CVE-2016-4577 (Buffer overflow in the Smart DNS functionality in the Huawei NGFW ...)
+CVE-2016-4577
 	NOT-FOR-US: Huawei
-CVE-2016-4576 (Buffer overflow in the Application Specific Packet Filtering (ASPF) ...)
+CVE-2016-4576
 	NOT-FOR-US: Huawei
-CVE-2016-4575 (Cross-site scripting (XSS) vulnerability in the email APP in Huawei ...)
+CVE-2016-4575
 	NOT-FOR-US: Huawei
-CVE-2016-4796 (Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c ...)
+CVE-2016-4796
 	- openjpeg2 2.1.1-1
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	- openjpeg <removed>
 	[jessie] - openjpeg <not-affected> (Vulnerable code not present)
 	[wheezy] - openjpeg <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
-CVE-2016-4797 (Divide-by-zero vulnerability in the opj_tcd_init_tile function in ...)
+CVE-2016-4797
 	- openjpeg2 2.1.1-1
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
 	NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
-CVE-2016-4794 (Use-after-free vulnerability in mm/percpu.c in the Linux kernel ...)
+CVE-2016-4794
 	- linux 4.6.2-2
 	[jessie] - linux <not-affected> (Introduced in v3.18-rc1)
 	[wheezy] - linux <not-affected> (Introduced in v3.18-rc1)
 	NOTE: https://git.kernel.org/linus/4f996e234dad488e5d9ba0858bc1bae12eff82c3
 	NOTE: https://git.kernel.org/linus/6710e594f71ccaad8101bc64321152af7cd9ea28
-CVE-2016-4573 (Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, ...)
+CVE-2016-4573
 	NOT-FOR-US: Fortinet
-CVE-2016-4581 (fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse ...)
+CVE-2016-4581
 	{DSA-3607-1}
 	- linux 4.5.4-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/5ec0811d30378ae104f250bfc9b3640242d81e3f (v4.6-rc7)
 	NOTE: Introduced by: https://git.kernel.org/linus/f2ebb3a921c1ca1e2ddd9242e95a1989a50c4c68 (v3.15-rc1)
-CVE-2016-4579 (Libksba before 1.3.4 allows remote attackers to cause a denial of ...)
+CVE-2016-4579
 	{DLA-470-1}
 	- libksba 1.3.4-3
 	[jessie] - libksba 1.3.2-1+deb8u1
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
 CVE-2016-4572
 	RESERVED
-CVE-2016-4574 (Off-by-one error in the append_utf8_value function in the DN decoder ...)
+CVE-2016-4574
 	- libksba 1.3.4-3
 	[jessie] - libksba <not-affected> (Incomplete fix not applied)
 	[wheezy] - libksba <not-affected> (Incomplete fix not applied)
 	NOTE: Fixed by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=6be61daac047d8e6aa941eb103f8e71a1d4e3c75
 	NOTE: Introduced by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
-CVE-2016-4578 (sound/core/timer.c in the Linux kernel through 4.6 does not initialize ...)
+CVE-2016-4578
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6
 	NOTE: https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5
-CVE-2016-4569 (The snd_timer_user_params function in sound/core/timer.c in the Linux ...)
+CVE-2016-4569
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: http://comments.gmane.org/gmane.linux.kernel/2214250
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e
-CVE-2016-4564 (The DrawImage function in MagickCore/draw.c in ImageMagick before ...)
+CVE-2016-4564
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832888)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
-CVE-2016-4563 (The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick ...)
+CVE-2016-4563
 	{DSA-3652-1 DLA-517-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832887)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
-CVE-2016-4562 (The DrawDashPolygon function in MagickCore/draw.c in ImageMagick ...)
+CVE-2016-4562
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832885)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
-CVE-2016-4560 (Untrusted search path vulnerability in Flexera InstallAnywhere allows ...)
+CVE-2016-4560
 	NOT-FOR-US: Flexera
 CVE-2016-4559
 	RESERVED
-CVE-2016-4567 (Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as ...)
+CVE-2016-4567
 	- mediaelement <unfixed> (unimportant; bug #823649)
 	NOTE: https://core.trac.wordpress.org/changeset/37370
 	NOTE: Fixed by: https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e
 	NOTE: Vulnerable code present, but Flash Player disabled in Debian
 	NOTE: See 0004-Deactivate-Flash-and-Silverlight.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2
-CVE-2016-4566 (Cross-site scripting (XSS) vulnerability in plupload.flash.swf in ...)
+CVE-2016-4566
 	- wordpress 4.5.2+dfsg-1 (bug #823640)
 	[jessie] - wordpress <not-affected> (Vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://wordpress.org/news/2016/05/wordpress-4-5-2/
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37382
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2
-CVE-2016-4568 (drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before ...)
+CVE-2016-4568
 	- linux 4.5.3-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.4)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 4.4)
 	NOTE: Fixed by: https://git.kernel.org/linus/2c1f6951a8a82e6de0d82b1158b5e493fc6c54ab (v4.6-rc6)
 	NOTE: Introduced by: https://git.kernel.org/linus/b0e0e1f83de31aa0428c38b692c590cc0ecd3f03 (v4.4-rc1)
-CVE-2016-4565 (The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 ...)
+CVE-2016-4565
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.3-1
 	NOTE: Fixed by: https://git.kernel.org/linus/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 (v4.6-rc6)
-CVE-2016-4551 (The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP ...)
+CVE-2016-4551
 	NOT-FOR-US: SAP
 CVE-2016-4550
 	RESERVED
@@ -19084,37 +19084,37 @@ CVE-2016-4549
 	RESERVED
 CVE-2016-4548
 	RESERVED
-CVE-2016-4545 (Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, ...)
+CVE-2016-4545
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-4561 (Cross-site scripting (XSS) vulnerability in the cgierror function in ...)
+CVE-2016-4561
 	{DSA-3571-1 DLA-463-1}
 	- ikiwiki 3.20160506
 	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=32ef584dc5abb6ddb9f794f94ea0b2934967bba7
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/8
-CVE-2016-4547 (Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow ...)
+CVE-2016-4547
 	NOT-FOR-US: Samsung Android component
-CVE-2016-4546 (Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users ...)
+CVE-2016-4546
 	NOT-FOR-US: Samsung Android component
-CVE-2016-4570 (The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly ...)
+CVE-2016-4570
 	{DLA-1641-1}
 	- mxml 2.9-1 (bug #825855)
 	[wheezy] - mxml <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8
 	NOTE: https://github.com/michaelrsweet/mxml/commit/d8c0ba900728d47523d76ba4acf33176cd04647c
-CVE-2016-4571 (The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and ...)
+CVE-2016-4571
 	{DLA-1641-1}
 	- mxml 2.9-2 (bug #825855)
 	[wheezy] - mxml <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8
 	NOTE: https://github.com/michaelrsweet/mxml/commit/5f74dc212497332d05882660db130a37d2f458eb
-CVE-2016-4558 (The BPF subsystem in the Linux kernel before 4.5.5 mishandles ...)
+CVE-2016-4558
 	- linux 4.5.3-1
 	[jessie] - linux <not-affected> (Issue introduced later)
 	[wheezy] - linux <not-affected> (Issue introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/92117d8443bc5afacc8d5ba82e541946310f106e
 	NOTE: Introduced by: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc(v4.4-rc1)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=809
-CVE-2016-4557 (The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in ...)
+CVE-2016-4557
 	- linux 4.5.3-1 (bug #823603)
 	[jessie] - linux <not-affected> (Issue introduced later)
 	[wheezy] - linux <not-affected> (Issue introduced later)
@@ -19123,14 +19123,14 @@ CVE-2016-4557 (The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c
 	NOTE: Introduced by: https://git.kernel.org/linus/0246e64d9a5fcd4805198de59b9b5cf1f974eb41 (v3.18-rc1)
 	NOTE: Exploitable since: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc (v4.4-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/4
-CVE-2016-4556 (Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x ...)
+CVE-2016-4556
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.19-1 (bug #823968)
 	- squid <not-affected> (Does not affect 2.x)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
-CVE-2016-4555 (client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before ...)
+CVE-2016-4555
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.19-1 (bug #823968)
 	[wheezy] - squid3 <not-affected> (3.1 not vulnerable)
@@ -19138,7 +19138,7 @@ CVE-2016-4555 (client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
-CVE-2016-4554 (mime_header.cc in Squid before 3.5.18 allows remote attackers to ...)
+CVE-2016-4554
 	{DSA-3625-1 DLA-558-1 DLA-478-1}
 	- squid3 3.5.19-1 (bug #823968)
 	- squid 4.1-1
@@ -19150,7 +19150,7 @@ CVE-2016-4554 (mime_header.cc in Squid before 3.5.18 allows remote attackers to
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14038.patch
 	NOTE: Regression and fix: http://bugs.squid-cache.org/show_bug.cgi?id=4515
 	NOTE: Complete patch for 3.4 branch: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_8.patch
-CVE-2016-4553 (client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not ...)
+CVE-2016-4553
 	{DSA-3625-1}
 	- squid3 3.5.19-1 (bug #823968)
 	[wheezy] - squid3 <not-affected> (issue introduced by CVE-2009-0801 fix, not applied in wheezy)
@@ -19159,91 +19159,91 @@ CVE-2016-4553 (client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does
 	NOTE: Fix for 3.5.x: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14039.patch
 	NOTE: Fix for 3.5 relies on SBuf.
 	NOTE: Fix for 3.4.x: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13240.patch
-CVE-2016-4535 (Integer signedness error in the AV engine before DAT 8145, as used in ...)
+CVE-2016-4535
 	NOT-FOR-US: McAfee / AV engine
-CVE-2016-4534 (The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan ...)
+CVE-2016-4534
 	NOT-FOR-US: McAfee VirusScan Console
-CVE-2016-4533 (Heap-based buffer overflow in WECON LeviStudio allows remote attackers ...)
+CVE-2016-4533
 	NOT-FOR-US: LeviStudio
-CVE-2016-4532 (Directory traversal vulnerability in the WAP interface in Trihedral ...)
+CVE-2016-4532
 	NOT-FOR-US: Trihedral
-CVE-2016-4531 (Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not ...)
+CVE-2016-4531
 	NOT-FOR-US: Rockwell
-CVE-2016-4530 (OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote ...)
+CVE-2016-4530
 	NOT-FOR-US: OSISoft
-CVE-2016-4529 (An unspecified ActiveX control in Schneider Electric SoMachine HVAC ...)
+CVE-2016-4529
 	NOT-FOR-US: Schneider
-CVE-2016-4528 (Buffer overflow in Advantech WebAccess before 8.1_20160519 allows ...)
+CVE-2016-4528
 	NOT-FOR-US: Advantech WebAccess
-CVE-2016-4527 (ABB PCM600 before 2.7 improperly stores PCM600 authentication ...)
+CVE-2016-4527
 	NOT-FOR-US: ABB PCM600
-CVE-2016-4526 (ABB DataManagerPro 1.x before 1.7.1 allows local users to gain ...)
+CVE-2016-4526
 	NOT-FOR-US: ABB DataManagerPro
-CVE-2016-4525 (Unspecified ActiveX controls in Advantech WebAccess before ...)
+CVE-2016-4525
 	NOT-FOR-US: Advantech WebAccess
-CVE-2016-4524 (ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords ...)
+CVE-2016-4524
 	NOT-FOR-US: ABB PCM600
-CVE-2016-4523 (The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x ...)
+CVE-2016-4523
 	NOT-FOR-US: Trihedral
-CVE-2016-4522 (SQL injection vulnerability in Rockwell Automation FactoryTalk ...)
+CVE-2016-4522
 	NOT-FOR-US: Rockwell
-CVE-2016-4521 (Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before ...)
+CVE-2016-4521
 	NOT-FOR-US: Sixnet
-CVE-2016-4520 (Schneider Electric Pelco Digital Sentry Video Management System with ...)
+CVE-2016-4520
 	NOT-FOR-US: Schneider
-CVE-2016-4519 (Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before ...)
+CVE-2016-4519
 	NOT-FOR-US: Unitronics VisiLogic
-CVE-2016-4518 (OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated ...)
+CVE-2016-4518
 	NOT-FOR-US: OSIsoft PI AF Server
 CVE-2016-4517
 	RESERVED
-CVE-2016-4516 (ABB PCM600 before 2.7 improperly stores the main application password ...)
+CVE-2016-4516
 	NOT-FOR-US: ABB PCM600
 CVE-2016-4515
 	REJECTED
-CVE-2016-4514 (Moxa PT-7728 devices with software 3.4 build 15081113 allow remote ...)
+CVE-2016-4514
 	NOT-FOR-US: Moxa
-CVE-2016-4513 (Cross-site scripting (XSS) vulnerability in the Schneider Electric ...)
+CVE-2016-4513
 	NOT-FOR-US: Schneider
-CVE-2016-4512 (Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 ...)
+CVE-2016-4512
 	NOT-FOR-US: Eaton ELCSoft
-CVE-2016-4511 (ABB PCM600 before 2.7 uses an improper hash algorithm for the main ...)
+CVE-2016-4511
 	NOT-FOR-US: ABB PCM600
-CVE-2016-4510 (The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x ...)
+CVE-2016-4510
 	NOT-FOR-US: Trihedral VTScada
-CVE-2016-4509 (Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and ...)
+CVE-2016-4509
 	NOT-FOR-US: Eaton ELCSoft
-CVE-2016-4508 (Cross-site scripting (XSS) vulnerability in Rexroth Bosch ...)
+CVE-2016-4508
 	NOT-FOR-US: Rexroth Bosch
-CVE-2016-4507 (SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 ...)
+CVE-2016-4507
 	NOT-FOR-US: Rexroth Bosch
-CVE-2016-4506 (Cross-site request forgery (CSRF) vulnerability on Resource Data ...)
+CVE-2016-4506
 	NOT-FOR-US: Resource Data Management
-CVE-2016-4505 (Resource Data Management (RDM) Intuitive 650 TDB Controller devices ...)
+CVE-2016-4505
 	NOT-FOR-US: Resource Data Management
-CVE-2016-4504 (A Cross-Site Request Forgery issue was discovered in Meteocontrol ...)
+CVE-2016-4504
 	NOT-FOR-US: Meteocontrol WEB'log
-CVE-2016-4503 (Moxa Device Server Web Console 5232-N allows remote attackers to ...)
+CVE-2016-4503
 	NOT-FOR-US: Moxa
-CVE-2016-4502 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and ...)
+CVE-2016-4502
 	NOT-FOR-US: Environmental Systems Corporation
-CVE-2016-4501 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and ...)
+CVE-2016-4501
 	NOT-FOR-US: Environmental Systems Corporation
-CVE-2016-4500 (Moxa UC-7408 LX-Plus devices allow remote authenticated users to write ...)
+CVE-2016-4500
 	NOT-FOR-US: Moxa
-CVE-2016-4499 (Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x ...)
+CVE-2016-4499
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4498 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an ...)
+CVE-2016-4498
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4497 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to ...)
+CVE-2016-4497
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4496 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to ...)
+CVE-2016-4496
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4495 (KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allow ...)
+CVE-2016-4495
 	NOT-FOR-US: KMC
-CVE-2016-4494 (Cross-site request forgery (CSRF) vulnerability on KMC Controls ...)
+CVE-2016-4494
 	NOT-FOR-US: KMC
-CVE-2016-4493 (The demangle_template_value_parm and do_hpacc_template_literal ...)
+CVE-2016-4493
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19255,7 +19255,7 @@ CVE-2016-4493 (The demangle_template_value_parm and do_hpacc_template_literal ..
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70926
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=238313
-CVE-2016-4492 (Buffer overflow in the do_type function in cplus-dem.c in libiberty ...)
+CVE-2016-4492
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19267,7 +19267,7 @@ CVE-2016-4492 (Buffer overflow in the do_type function in cplus-dem.c in libiber
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70926
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=238313
-CVE-2016-4491 (The d_print_comp function in cp-demangle.c in libiberty allows remote ...)
+CVE-2016-4491
 	- binutils 2.28-3 (low)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
@@ -19278,7 +19278,7 @@ CVE-2016-4491 (The d_print_comp function in cp-demangle.c in libiberty allows re
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2016-05/msg00105.html
 	NOTE: https://gcc.gnu.org/viewcvs?rev=247056&root=gcc&view=rev
-CVE-2016-4490 (Integer overflow in cp-demangle.c in libiberty allows remote attackers ...)
+CVE-2016-4490
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19290,7 +19290,7 @@ CVE-2016-4490 (Integer overflow in cp-demangle.c in libiberty allows remote atta
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=235767
-CVE-2016-4489 (Integer overflow in the gnu_special function in libiberty allows ...)
+CVE-2016-4489
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19302,7 +19302,7 @@ CVE-2016-4489 (Integer overflow in the gnu_special function in libiberty allows
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70492
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=234828
-CVE-2016-4488 (Use-after-free vulnerability in libiberty allows remote attackers to ...)
+CVE-2016-4488
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19314,7 +19314,7 @@ CVE-2016-4488 (Use-after-free vulnerability in libiberty allows remote attackers
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70481
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2016-03/msg01687.html
-CVE-2016-4487 (Use-after-free vulnerability in libiberty allows remote attackers to ...)
+CVE-2016-4487
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19326,7 +19326,7 @@ CVE-2016-4487 (Use-after-free vulnerability in libiberty allows remote attackers
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70481
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2016-03/msg01687.html
-CVE-2016-4539 (The xml_parse_into_struct function in ext/xml/xml.c in PHP before ...)
+CVE-2016-4539
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19336,7 +19336,7 @@ CVE-2016-4539 (The xml_parse_into_struct function in ext/xml/xml.c in PHP before
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
 	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/7290b3bbcaa1e10a8d807fab3242204e9ec3a015
-CVE-2016-4537 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, ...)
+CVE-2016-4537
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19344,7 +19344,7 @@ CVE-2016-4537 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4538 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, ...)
+CVE-2016-4538
 	{DSA-3602-1 DLA-628-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19352,7 +19352,7 @@ CVE-2016-4538 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4540 (The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c ...)
+CVE-2016-4540
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19360,7 +19360,7 @@ CVE-2016-4540 (The grapheme_stripos function in ext/intl/grapheme/grapheme_strin
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4541 (The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in ...)
+CVE-2016-4541
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19368,7 +19368,7 @@ CVE-2016-4541 (The grapheme_strpos function in ext/intl/grapheme/grapheme_string
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4542 (The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before ...)
+CVE-2016-4542
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19376,7 +19376,7 @@ CVE-2016-4542 (The exif_process_IFD_TAG function in ext/exif/exif.c in PHP befor
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4543 (The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before ...)
+CVE-2016-4543
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19384,7 +19384,7 @@ CVE-2016-4543 (The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP b
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4544 (The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP ...)
+CVE-2016-4544
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19392,37 +19392,37 @@ CVE-2016-4544 (The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4536 (The client in OpenAFS before 1.6.17 does not properly initialize the ...)
+CVE-2016-4536
 	{DLA-493-1}
 	- openafs 1.6.17-1
 	[jessie] - openafs 1.6.9-2+deb8u6
 	NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt
-CVE-2016-4486 (The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux ...)
+CVE-2016-4486
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.4-1
 	NOTE: https://git.kernel.org/linus/5f8e44741f9f216e33736ea4ec65ca9ac03036e6
-CVE-2016-4485 (The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel ...)
+CVE-2016-4485
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.4-1
 	NOTE: https://git.kernel.org/linus/b8670c09f37bdf2847cc44f36511a53afc6161fd
-CVE-2016-4484 (The Debian initrd script for the cryptsetup package 2:1.7.3-2 and ...)
+CVE-2016-4484
 	- cryptsetup 2:1.7.3-2 (unimportant)
 	NOTE: http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
 	NOTE: Negligible security impact
 	NOTE: in #860981 claimed to still be unresolved as per 2:1.7.3-3
 CVE-2016-4481
 	RESERVED
-CVE-2016-4480 (The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen ...)
+CVE-2016-4480
 	{DSA-3633-1 DLA-571-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-176.html
 CVE-2016-4479
 	RESERVED
-CVE-2016-4475 (The (1) Organization and (2) Locations APIs and UIs in Foreman before ...)
+CVE-2016-4475
 	- foreman <itp> (bug #663101)
-CVE-2016-4474 (The image build process for the overcloud images in Red Hat OpenStack ...)
+CVE-2016-4474
 	NOT-FOR-US: Red Hat OpenStack Overcloud image
-CVE-2016-4473 (/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers ...)
+CVE-2016-4473
 	{DLA-628-1}
 	- php5 5.6.23+dfsg-1
 	[jessie] - php5 5.6.23+dfsg-0+deb8u1
@@ -19431,48 +19431,48 @@ CVE-2016-4473 (/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote atta
 	NOTE: https://bugs.php.net/bug.php?id=72321
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=d144590d38fa321b46b8e199c754006318985c84
 	NOTE: Fixed in 5.6.23
-CVE-2016-4472 (The overflow protection in Expat is removed by compilers with certain ...)
+CVE-2016-4472
 	{DSA-3582-1 DLA-483-1}
 	- expat 2.1.1-2
 	NOTE: https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde/tree/expat/lib/xmlparse.c?diff=a238d7ea7a715ef3850c4cbdd86aeda7077b6bbc
-CVE-2016-4471 (ManageIQ in CloudForms before 4.1 allows remote authenticated users to ...)
+CVE-2016-4471
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-4470 (The key_reject_and_link function in security/keys/key.c in the Linux ...)
+CVE-2016-4470
 	{DSA-3607-1 DLA-609-1}
 	- linux 4.6.2-2
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a
-CVE-2016-4469 (Multiple cross-site request forgery (CSRF) vulnerabilities in Apache ...)
+CVE-2016-4469
 	NOT-FOR-US: Apache Archiva
-CVE-2016-4468 (SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; ...)
+CVE-2016-4468
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-4467 (The C client and C-based client bindings in the Apache Qpid Proton ...)
+CVE-2016-4467
 	- qpid-proton <not-affected> (Windows-specific)
 CVE-2016-4466
 	REJECTED
-CVE-2016-4465 (The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and ...)
+CVE-2016-4465
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1 and 2.5)
 	NOTE: https://struts.apache.org/docs/s2-041.html
-CVE-2016-4464 (The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and ...)
+CVE-2016-4464
 	NOT-FOR-US: Apache CXF
-CVE-2016-4463 (Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows ...)
+CVE-2016-4463
 	{DSA-3610-1 DLA-535-1}
 	- xerces-c 3.1.3+debian-2.1 (bug #828990)
 	NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt
-CVE-2016-4462 (By manipulating the URL parameter externalLoginKey, a malicious, ...)
+CVE-2016-4462
 	NOT-FOR-US: Apache OFBiz
-CVE-2016-4461 (Apache Struts 2.x before 2.3.29 allows remote attackers to execute ...)
+CVE-2016-4461
 	- libstruts1.2-java <not-affected> (Vulnerable code not present, CVE for incomplete fix for CVE-2016-0785)
-CVE-2016-4460 (Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass ...)
+CVE-2016-4460
 	NOT-FOR-US: Apache Pony Mail
-CVE-2016-4459 (Stack-based buffer overflow in native/mod_manager/node.c in ...)
+CVE-2016-4459
 	- libapache2-mod-cluster <itp> (bug #731410)
 CVE-2016-4458
 	RESERVED
-CVE-2016-4457 (CloudForms Management Engine before 5.8 includes a default SSL/TLS ...)
+CVE-2016-4457
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-4455 (The Subscription Manager package (aka subscription-manager) before ...)
+CVE-2016-4455
 	NOT-FOR-US: Red Hat Subscription Manager
-CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU ...)
+CVE-2016-4454
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -19480,7 +19480,7 @@ CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in Q
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336429
-CVE-2016-4453 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...)
+CVE-2016-4453
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -19490,40 +19490,40 @@ CVE-2016-4453 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU a
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336650
 CVE-2016-4452
 	RESERVED
-CVE-2016-4451 (The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 ...)
+CVE-2016-4451
 	- foreman <itp> (bug #663101)
-CVE-2016-4450 (os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 ...)
+CVE-2016-4450
 	{DSA-3592-1}
 	- nginx 1.10.1-1 (bug #825960)
 	[wheezy] - nginx <not-affected> (Introduced in 1.3.9)
-CVE-2016-4449 (XML external entity (XXE) vulnerability in the ...)
+CVE-2016-4449
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761430
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5 (v2.9.4)
-CVE-2016-4448 (Format string vulnerability in libxml2 before 2.9.4 allows attackers ...)
+CVE-2016-4448
 	- libxml2 2.9.4+dfsg1-1 (bug #829718)
 	[jessie] - libxml2 <ignored> (Minor impact; too intrusive to backport)
 	[wheezy] - libxml2 <no-dsa> (Minor impact; too intrusive to backport)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761029
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 (v2.9.4)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b (v2.9.4)
-CVE-2016-4447 (The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 ...)
+CVE-2016-4447
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759573
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83 (v2.9.4)
-CVE-2016-4446 (The allow_execstack plugin for setroubleshoot allows local users to ...)
+CVE-2016-4446
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4445 (The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 ...)
+CVE-2016-4445
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4444 (The allow_execmod plugin for setroubleshoot before 3.2.23 allows local ...)
+CVE-2016-4444
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4443 (Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local ...)
+CVE-2016-4443
 	NOT-FOR-US: org.ovirt.engine-root / engine-setup (Red Hat)
-CVE-2016-4442 (The rack-mini-profiler gem before 0.10.1 for Ruby allows remote ...)
+CVE-2016-4442
 	NOT-FOR-US: rack-mini-profiler gem
-CVE-2016-4441 (The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI ...)
+CVE-2016-4441
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #824856)
 	[wheezy] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA)
@@ -19531,45 +19531,45 @@ CVE-2016-4441 (The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI ...)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue; can be fixed along with a future DSA)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03274.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337505
-CVE-2016-4440 (arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the ...)
+CVE-2016-4440
 	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Introduced in 4.5)
 	[wheezy] - linux <not-affected> (Introduced in 4.5)
 	NOTE: Upstream patch: https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337806
 	NOTE: http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
-CVE-2016-4439 (The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI ...)
+CVE-2016-4439
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-2 (bug #824856)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03273.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337502
-CVE-2016-4438 (The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows ...)
+CVE-2016-4438
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-037.html
-CVE-2016-4437 (Apache Shiro before 1.2.5, when a cipher key has not been configured ...)
+CVE-2016-4437
 	- shiro 1.2.5-1 (bug #826653)
 	[jessie] - shiro <no-dsa> (Minor issue)
-CVE-2016-4436 (Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers ...)
+CVE-2016-4436
 	- libstruts1.2-java <not-affected> (Only affects 2.0.0 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-035.html
-CVE-2016-4435 (An endpoint of the Agent running on the BOSH Director VM with stemcell ...)
+CVE-2016-4435
 	NOT-FOR-US: BOSH
-CVE-2016-4434 (Apache Tika before 1.13 does not properly initialize the XML parser or ...)
+CVE-2016-4434
 	- tika 1.18-1 (bug #825501)
 	[jessie] - tika <no-dsa> (Minor issue, no standard alone package, just a reverse dependency of jmeter)
-CVE-2016-4433 (Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to ...)
+CVE-2016-4433
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-039.html
-CVE-2016-4432 (The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid ...)
+CVE-2016-4432
 	- qpid-java <itp> (bug #840131)
-CVE-2016-4431 (Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to ...)
+CVE-2016-4431
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-040.html
-CVE-2016-4430 (Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, ...)
+CVE-2016-4430
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-038.html
-CVE-2016-4429 (Stack-based buffer overflow in the clntudp_call function in ...)
+CVE-2016-4429
 	- glibc 2.22-10
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
@@ -19578,7 +19578,7 @@ CVE-2016-4429 (Stack-based buffer overflow in the clntudp_call function in ...)
 	- libtirpc 0.2.5-1.1 (bug #840347)
 	[jessie] - libtirpc <no-dsa> (Minor issue)
 	[wheezy] - libtirpc <no-dsa> (Minor issue)
-CVE-2016-4428 (Cross-site scripting (XSS) vulnerability in OpenStack Dashboard ...)
+CVE-2016-4428
 	{DSA-3617-1 DLA-520-1}
 	- horizon 3:9.0.1-2 (bug #828967)
 	NOTE: https://bugs.launchpad.net/bugs/1567673
@@ -19588,7 +19588,7 @@ CVE-2016-4426
 	RESERVED
 CVE-2016-4424
 	RESERVED
-CVE-2016-4423 (The attemptAuthentication function in ...)
+CVE-2016-4423
 	{DSA-3588-1}
 	- symfony 2.8.6+dfsg-1
 	NOTE: https://github.com/symfony/symfony/pull/18733
@@ -19596,24 +19596,24 @@ CVE-2016-4423 (The attemptAuthentication function in ...)
 CVE-2016-XXXX [XSS]
 	- dotclear <removed>
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9
-CVE-2016-4482 (The proc_connectinfo function in drivers/usb/core/devio.c in the Linux ...)
+CVE-2016-4482
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: http://www.spinics.net/lists/linux-usb/msg140243.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/04/2
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee
-CVE-2016-4483 (The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 ...)
+CVE-2016-4483
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #823405)
 	NOTE: Minor issue, only when using libxml2 using recovery mode
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=766414
-CVE-2016-4477 (wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters ...)
+CVE-2016-4477
 	{DLA-473-1}
 	- wpa 2.3-2.4 (bug #823411)
 	[jessie] - wpa 2.3-1+deb8u4
 	NOTE: http://w1.fi/security/2016-1/
-CVE-2016-4476 (hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not ...)
+CVE-2016-4476
 	{DLA-473-1}
 	- wpa 2.3-2.4 (bug #823411)
 	[jessie] - wpa 2.3-1+deb8u4
@@ -19628,133 +19628,133 @@ CVE-2016-4409
 	RESERVED
 CVE-2016-4408
 	RESERVED
-CVE-2016-4407 (The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not ...)
+CVE-2016-4407
 	NOT-FOR-US: SAP
-CVE-2016-4406 (A remote cross site scripting vulnerability was identified in HPE iLO ...)
+CVE-2016-4406
 	NOT-FOR-US: HPE iLO
-CVE-2016-4405 (A remote code execution vulnerability was identified in HP Business ...)
+CVE-2016-4405
 	NOT-FOR-US: HP
-CVE-2016-4404 (A security vulnerability was identified in the Filter SDK component of ...)
+CVE-2016-4404
 	NOT-FOR-US: HPE KeyView using Filter SDK
-CVE-2016-4403 (A security vulnerability was identified in the Filter SDK component of ...)
+CVE-2016-4403
 	NOT-FOR-US: HPE KeyView using Filter SDK
-CVE-2016-4402 (A security vulnerability was identified in the Filter SDK component of ...)
+CVE-2016-4402
 	NOT-FOR-US: HPE KeyView using Filter SDK
 CVE-2016-4401
 	RESERVED
-CVE-2016-4400 (A security vulnerability was identified in HP Network Node Manager i ...)
+CVE-2016-4400
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4399 (A security vulnerability was identified in HP Network Node Manager i ...)
+CVE-2016-4399
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4398 (A remote arbitrary code execution vulnerability was identified in HP ...)
+CVE-2016-4398
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4397 (A local code execution security vulnerability was identified in HP ...)
+CVE-2016-4397
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4396 (HPE System Management Homepage before v7.6 allows remote attackers to ...)
+CVE-2016-4396
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4395 (HPE System Management Homepage before v7.6 allows remote attackers to ...)
+CVE-2016-4395
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4394 (HPE System Management Homepage before v7.6 allows remote attackers to ...)
+CVE-2016-4394
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4393 (HPE System Management Homepage before v7.6 allows &quot;remote ...)
+CVE-2016-4393
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4392 (A remote cross site scripting vulnerability has been identified in HP ...)
+CVE-2016-4392
 	NOT-FOR-US: HP Business Service Management
-CVE-2016-4391 (A remote code execution security vulnerability has been identified in ...)
+CVE-2016-4391
 	NOT-FOR-US: HP ArcSight WINC Connector
-CVE-2016-4390 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote ...)
+CVE-2016-4390
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4389 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote ...)
+CVE-2016-4389
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4388 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote ...)
+CVE-2016-4388
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4387 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote ...)
+CVE-2016-4387
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4386 (HPE Network Automation Software 10.10 allows local users to write to ...)
+CVE-2016-4386
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-4385 (The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x ...)
+CVE-2016-4385
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-4384 (HPE Performance Center before 12.50 and LoadRunner before 12.50 allow ...)
+CVE-2016-4384
 	NOT-FOR-US: HPE Performance Center
-CVE-2016-4383 (The glance-manage db in all versions of HPE Helion Openstack Glance ...)
+CVE-2016-4383
 	- glance <unfixed> (unimportant; bug #868185)
 	NOTE: https://bugs.launchpad.net/glance/+bug/1593799/
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0075
 	NOTE: No code fix, documented shortcoming
-CVE-2016-4382 (HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows ...)
+CVE-2016-4382
 	NOT-FOR-US: HPE Performance Center
-CVE-2016-4381 (HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x ...)
+CVE-2016-4381
 	NOT-FOR-US: HPE
-CVE-2016-4380 (Cross-site scripting (XSS) vulnerability in the AdminUI in HPE ...)
+CVE-2016-4380
 	NOT-FOR-US: HPE
-CVE-2016-4379 (The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) ...)
+CVE-2016-4379
 	NOT-FOR-US: HPE
-CVE-2016-4378 (The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication ...)
+CVE-2016-4378
 	NOT-FOR-US: HPE
-CVE-2016-4377 (HPE Smart Update in Storage Sizing Tool before 13.0, Converged ...)
+CVE-2016-4377
 	NOT-FOR-US: HPE
-CVE-2016-4376 (HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches ...)
+CVE-2016-4376
 	NOT-FOR-US: HPE
-CVE-2016-4375 (Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 ...)
+CVE-2016-4375
 	NOT-FOR-US: HPE
-CVE-2016-4374 (HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 ...)
+CVE-2016-4374
 	NOT-FOR-US: HPE
-CVE-2016-4373 (The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, ...)
+CVE-2016-4373
 	NOT-FOR-US: HPE
-CVE-2016-4372 (HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM ...)
+CVE-2016-4372
 	NOT-FOR-US: HPE
-CVE-2016-4371 (HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, ...)
+CVE-2016-4371
 	NOT-FOR-US: HPE Service Manager
-CVE-2016-4370 (HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before ...)
+CVE-2016-4370
 	NOT-FOR-US: HPE Project and Portfolio Management Center
-CVE-2016-4369 (HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, ...)
+CVE-2016-4369
 	NOT-FOR-US: HPE Discovery and Dependency Mapping Inventory
-CVE-2016-4368 (HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration ...)
+CVE-2016-4368
 	NOT-FOR-US: HPE Universal CMDB
-CVE-2016-4367 (The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, ...)
+CVE-2016-4367
 	NOT-FOR-US: HPE Universal CMDB
-CVE-2016-4366 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers ...)
+CVE-2016-4366
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-4365 (HPE Insight Control server deployment allows remote attackers to ...)
+CVE-2016-4365
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4364 (HPE Insight Control server deployment allows local users to gain ...)
+CVE-2016-4364
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4363 (HPE Insight Control server deployment allows remote attackers to ...)
+CVE-2016-4363
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4362 (HPE Insight Control server deployment allows remote authenticated ...)
+CVE-2016-4362
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4361 (HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 ...)
+CVE-2016-4361
 	NOT-FOR-US: HPE LoadRunner
-CVE-2016-4360 (web/admin/data.js in the Performance Center Virtual Table Server (VTS) ...)
+CVE-2016-4360
 	NOT-FOR-US: HPE LoadRunner
-CVE-2016-4359 (Stack-based buffer overflow in mchan.dll in the agent in HPE ...)
+CVE-2016-4359
 	NOT-FOR-US: HPE LoadRunner
-CVE-2016-4358 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers ...)
+CVE-2016-4358
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-4357 (HPE Matrix Operating Environment before 7.5.1 allows remote ...)
+CVE-2016-4357
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-4351 (SQL injection vulnerability in the authentication functionality in ...)
+CVE-2016-4351
 	NOT-FOR-US: Trend Micro
-CVE-2016-4350 (Multiple SQL injection vulnerabilities in the Web Services web server ...)
+CVE-2016-4350
 	NOT-FOR-US: SolarWinds Storage Resource Monitor
-CVE-2016-4478 (Buffer overflow in the xmlrpc_char_encode function in ...)
+CVE-2016-4478
 	{DSA-3586-1}
 	- atheme-services 7.0.7-2
 	NOTE: https://github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63e
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
-CVE-2016-4425 (Jansson 2.7 and earlier allows context-dependent attackers to cause a ...)
+CVE-2016-4425
 	{DSA-3577-1 DLA-471-1}
 	- jansson 2.7-5 (bug #823238)
 	NOTE: https://github.com/akheron/jansson/issues/282
 	NOTE: https://github.com/akheron/jansson/pull/284
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/01/5
-CVE-2016-4422 (The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth ...)
+CVE-2016-4422
 	{DSA-3567-1}
 	- libpam-sshauth 0.4.1-2
 	NOTE: Introduced in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/93/src/pam_sshauth.c
 	NOTE: Fixed in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/01/2
-CVE-2016-4414 (The onReadyRead function in core/coreauthhandler.cpp in Quassel before ...)
+CVE-2016-4414
 	- quassel 1:0.12.4-2 (bug #826402)
 	[jessie] - quassel 1:0.10.0-2.3+deb8u3
 	[wheezy] - quassel <not-affected> (Vulnerable code introduced with 0.10.0)
@@ -19762,9 +19762,9 @@ CVE-2016-4414 (The onReadyRead function in core/coreauthhandler.cpp in Quassel b
 	NOTE: Introduced by: https://github.com/quassel/quassel/commit/d1bf207 (0.10.0)
 	NOTE: Fixed by: https://github.com/quassel/quassel/commit/e67887343c433cc35bc26ad6a9392588f427e746 (0.12.4)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/30/2
-CVE-2016-4349 (Untrusted search path vulnerability in Cisco WebEx Productivity Tools ...)
+CVE-2016-4349
 	NOT-FOR-US: Cisco
-CVE-2016-4352 (Integer overflow in the demuxer function in libmpdemux/demux_gif.c in ...)
+CVE-2016-4352
 	{DLA-458-1 DLA-457-1}
 	- mplayer 2:1.3.0-2 (bug #823723)
 	- mplayer2 <removed> (low)
@@ -19772,117 +19772,117 @@ CVE-2016-4352 (Integer overflow in the demuxer function in libmpdemux/demux_gif.
 	NOTE: https://trac.mplayerhq.hu/ticket/2295
 	NOTE: Fixed in Revision r37857 upstream
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/3
-CVE-2016-4341 (NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to ...)
+CVE-2016-4341
 	NOT-FOR-US: NetApp
 CVE-2016-4339
 	RESERVED
-CVE-2016-4338 (The mysql user parameter configuration script ...)
+CVE-2016-4338
 	- zabbix 1:3.0.3+dfsg-1 (bug #823329)
 	[jessie] - zabbix 1:2.2.7+dfsg-2+deb8u1
 	NOTE: http://seclists.org/bugtraq/2016/May/11
 	NOTE: https://support.zabbix.com/browse/ZBX-10741
-CVE-2016-4337 (SQL injection vulnerability in the mgr.login.php file in Ktools.net ...)
+CVE-2016-4337
 	NOT-FOR-US: Photostore
-CVE-2016-4336 (An exploitable out-of-bounds write exists in the Bzip2 parsing of the ...)
+CVE-2016-4336
 	NOT-FOR-US: Lexmark Document Filters
-CVE-2016-4335 (An exploitable buffer overflow exists in the XLS parsing of the ...)
+CVE-2016-4335
 	NOT-FOR-US: Lexmark Document Filters
-CVE-2016-4334 (Jive before 2016.3.1 has an open redirect from the external-link.jspa ...)
+CVE-2016-4334
 	NOT-FOR-US: Jive
-CVE-2016-4333 (The HDF5 1.8.16 library allocating space for the array using a value ...)
+CVE-2016-4333
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0179/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/73640612aad91d3f04e4d8f1ea71d42acbc85f6e
-CVE-2016-4332 (The library's failure to check if certain message types support a ...)
+CVE-2016-4332
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0178/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1d50d498a0affbbd6e088b524fd495ea95dea88
-CVE-2016-4331 (When decoding data out of a dataset encoded with the H5Z_NBIT ...)
+CVE-2016-4331
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0177/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1c4ec3d541eecda78b3afcb1a0fa071c4b52afa
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/43ec23616697ce0ea3f99e40900fec55fe9107ef
-CVE-2016-4330 (In the HDF5 1.8.16 library's failure to check if the number of ...)
+CVE-2016-4330
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0176/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/2e7e1899d3d7131bcbad65233ba713f6b79e2d69
-CVE-2016-4329 (A local denial of service vulnerability exists in window broadcast ...)
+CVE-2016-4329
 	NOT-FOR-US: Kaspersky
-CVE-2016-4328 (MEDHOST Perioperative Information Management System (aka PIMS or ...)
+CVE-2016-4328
 	NOT-FOR-US: MEDHOST Perioperative Information Management System
-CVE-2016-4327 (Cross-site scripting (XSS) vulnerability in WSO2 SOA Enablement Server ...)
+CVE-2016-4327
 	NOT-FOR-US: WSO2 SOA Enablement Server
-CVE-2016-4326 (The Chef Manage (formerly opscode-manage) add-on before 1.12.0 for ...)
+CVE-2016-4326
 	NOT-FOR-US: Chef Manage addon
-CVE-2016-4325 (Lantronix xPrintServer devices with firmware before 5.0.1-65 have ...)
+CVE-2016-4325
 	NOT-FOR-US: Lantronix xPrintServer
-CVE-2016-4324 (Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote ...)
+CVE-2016-4324
 	{DSA-3608-1 DLA-581-1}
 	- libreoffice 1:5.1.4~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0126/
-CVE-2016-4323 (A directory traversal exists in the handling of the MXIT protocol in ...)
+CVE-2016-4323
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0128/
 	NOTE: http://www.pidgin.im/news/security/?id=97
-CVE-2016-4322 (BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows ...)
+CVE-2016-4322
 	NOT-FOR-US: BMC
 CVE-2016-4321
 	RESERVED
-CVE-2016-4320 (Atlassian Bitbucket Server before 4.7.1 allows remote attackers to read ...)
+CVE-2016-4320
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2016-4319 (Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings. ...)
+CVE-2016-4319
 	NOT-FOR-US: Atlassian JIRA Server
-CVE-2016-4318 (Atlassian JIRA Server before 7.1.9 has XSS in ...)
+CVE-2016-4318
 	NOT-FOR-US: Atlassian JIRA Server
-CVE-2016-4317 (Atlassian Confluence Server before 5.9.11 has XSS on the ...)
+CVE-2016-4317
 	NOT-FOR-US: Atlassian Confluence
-CVE-2016-4316 (Multiple cross-site scripting (XSS) vulnerabilities in WSO2 Carbon ...)
+CVE-2016-4316
 	NOT-FOR-US: WSO2 Carbon
-CVE-2016-4315 (Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 ...)
+CVE-2016-4315
 	NOT-FOR-US: WSO2 Carbon
-CVE-2016-4314 (Directory traversal vulnerability in the LogViewer Admin Service in ...)
+CVE-2016-4314
 	NOT-FOR-US: WSO2 Carbon
-CVE-2016-4313 (Directory traversal vulnerability in unzip/extract feature in ...)
+CVE-2016-4313
 	{DLA-596-1}
 	- extplorer <removed>
-CVE-2016-4312 (XML external entity (XXE) vulnerability in the XACML flow feature in ...)
+CVE-2016-4312
 	NOT-FOR-US: WSO2 Identity Server
-CVE-2016-4311 (Cross-site request forgery (CSRF) vulnerability in the XACML flow ...)
+CVE-2016-4311
 	NOT-FOR-US: WSO2 Identity Server
 CVE-2016-4310
 	RESERVED
-CVE-2016-4309 (Session fixation vulnerability in Symphony CMS 2.6.7, when ...)
+CVE-2016-4309
 	NOT-FOR-US: Symphony CMS
 CVE-2016-4308
 	RESERVED
-CVE-2016-4307 (A denial of service vulnerability exists in the IOCTL handling ...)
+CVE-2016-4307
 	NOT-FOR-US: Kaspersky Internet Security KL1 driver
-CVE-2016-4306 (Multiple information leaks exist in various IOCTL handlers of the ...)
+CVE-2016-4306
 	NOT-FOR-US: Kaspersky Internet Security KLDISK driver
-CVE-2016-4305 (A denial of service vulnerability exists in the syscall filtering ...)
+CVE-2016-4305
 	NOT-FOR-US: Kaspersky Internet Security KLIF driver
-CVE-2016-4304 (A denial of service vulnerability exists in the syscall filtering ...)
+CVE-2016-4304
 	NOT-FOR-US: Kaspersky Internet Security KLIF driver
-CVE-2016-4303 (The parse_string function in cjson.c in the cJSON library mishandles ...)
+CVE-2016-4303
 	- iperf3 3.1.3-1 (bug #827116)
 	[jessie] - iperf3 <no-dsa> (Minor issue)
 	NOTE: https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc
 	NOTE: https://github.com/esnet/iperf/commit/f01a9ca8f7e878e438a53687dabe30b7f7222912 (3.1.x)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0164/
-CVE-2016-4302 (Heap-based buffer overflow in the parse_codes function in ...)
+CVE-2016-4302
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0154/
 	NOTE: https://github.com/libarchive/libarchive/issues/719
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700 (v3.2.1)
-CVE-2016-4301 (Stack-based buffer overflow in the parse_device function in ...)
+CVE-2016-4301
 	- libarchive 3.2.1-1
 	[jessie] - libarchive <not-affected> (Introduced in 3.2.0)
 	[wheezy] - libarchive <not-affected> (Introduced in 3.2.0)
@@ -19890,7 +19890,7 @@ CVE-2016-4301 (Stack-based buffer overflow in the parse_device function in ...)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0153/
 	NOTE: https://github.com/libarchive/libarchive/pull/715
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/ecdac4d50db0cf5a0c630ba077729aaa6c5a2dd2
-CVE-2016-4300 (Integer overflow in the read_SubStreamsInfo function in ...)
+CVE-2016-4300
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
@@ -19904,461 +19904,461 @@ CVE-2016-4300 (Integer overflow in the read_SubStreamsInfo function in ...)
 	NOTE: 1000000, making exploitation more difficult but not impossible.
 CVE-2016-4299
 	RESERVED
-CVE-2016-4298 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
+CVE-2016-4298
 	NOT-FOR-US: Hancom Office
 CVE-2016-4297
 	RESERVED
-CVE-2016-4296 (When opening a Hangul Hcell Document (.cell) and processing a record ...)
+CVE-2016-4296
 	NOT-FOR-US: Hancom Office
-CVE-2016-4295 (When opening a Hangul Hcell Document (.cell) and processing a ...)
+CVE-2016-4295
 	NOT-FOR-US: Hancom Office
-CVE-2016-4294 (When opening a Hangul Hcell Document (.cell) and processing a property ...)
+CVE-2016-4294
 	NOT-FOR-US: Hancom Office
-CVE-2016-4293 (Multiple heap-based buffer overflows in the (1) ...)
+CVE-2016-4293
 	NOT-FOR-US: Hancom Office
-CVE-2016-4292 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
+CVE-2016-4292
 	NOT-FOR-US: Hancom Office
-CVE-2016-4291 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
+CVE-2016-4291
 	NOT-FOR-US: Hancom Office
-CVE-2016-4290 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
+CVE-2016-4290
 	NOT-FOR-US: Hancom Office
 CVE-2016-4289
 	RESERVED
-CVE-2016-4288 (A local privilege escalation vulnerability exists in BlueStacks App ...)
+CVE-2016-4288
 	NOT-FOR-US: BlueStacks
-CVE-2016-4287 (Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x ...)
+CVE-2016-4287
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4286 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-4286
 	NOT-FOR-US: Adobe
-CVE-2016-4285 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4285
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4284 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4284
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4283 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4283
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4282 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4282
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4281 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4281
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4280 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4280
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4279 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-4279
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4278 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4278
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4277 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4277
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4276 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4276
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4275 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4275
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4274 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4274
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4273 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before ...)
+CVE-2016-4273
 	NOT-FOR-US: Adobe
-CVE-2016-4272 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
+CVE-2016-4272
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4271 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before ...)
+CVE-2016-4271
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4270 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4270
 	NOT-FOR-US: Adobe
-CVE-2016-4269 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4269
 	NOT-FOR-US: Adobe
-CVE-2016-4268 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4268
 	NOT-FOR-US: Adobe
-CVE-2016-4267 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4267
 	NOT-FOR-US: Adobe
-CVE-2016-4266 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4266
 	NOT-FOR-US: Adobe
-CVE-2016-4265 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4265
 	NOT-FOR-US: Adobe
-CVE-2016-4264 (The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before ...)
+CVE-2016-4264
 	NOT-FOR-US: Adobe
-CVE-2016-4263 (Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 ...)
+CVE-2016-4263
 	NOT-FOR-US: Adobe
-CVE-2016-4262 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+CVE-2016-4262
 	NOT-FOR-US: Adobe
-CVE-2016-4261 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+CVE-2016-4261
 	NOT-FOR-US: Adobe
-CVE-2016-4260 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+CVE-2016-4260
 	NOT-FOR-US: Adobe
-CVE-2016-4259 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+CVE-2016-4259
 	NOT-FOR-US: Adobe
-CVE-2016-4258 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+CVE-2016-4258
 	NOT-FOR-US: Adobe
-CVE-2016-4257 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+CVE-2016-4257
 	NOT-FOR-US: Adobe
-CVE-2016-4256 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+CVE-2016-4256
 	NOT-FOR-US: Adobe
-CVE-2016-4255 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-4255
 	NOT-FOR-US: Adobe
-CVE-2016-4254 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4254
 	NOT-FOR-US: Adobe
-CVE-2016-4253 (The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, ...)
+CVE-2016-4253
 	NOT-FOR-US: Adobe
-CVE-2016-4252 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4252
 	NOT-FOR-US: Adobe
-CVE-2016-4251 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4251
 	NOT-FOR-US: Adobe
-CVE-2016-4250 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4250
 	NOT-FOR-US: Adobe
-CVE-2016-4249 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and ...)
+CVE-2016-4249
 	NOT-FOR-US: Adobe
-CVE-2016-4248 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4248
 	NOT-FOR-US: Adobe
-CVE-2016-4247 (Race condition in Adobe Flash Player before 18.0.0.366 and 19.x ...)
+CVE-2016-4247
 	NOT-FOR-US: Adobe
-CVE-2016-4246 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4246
 	NOT-FOR-US: Adobe
-CVE-2016-4245 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4245
 	NOT-FOR-US: Adobe
-CVE-2016-4244 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4244
 	NOT-FOR-US: Adobe
-CVE-2016-4243 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4243
 	NOT-FOR-US: Adobe
-CVE-2016-4242 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4242
 	NOT-FOR-US: Adobe
-CVE-2016-4241 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4241
 	NOT-FOR-US: Adobe
-CVE-2016-4240 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4240
 	NOT-FOR-US: Adobe
-CVE-2016-4239 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4239
 	NOT-FOR-US: Adobe
-CVE-2016-4238 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4238
 	NOT-FOR-US: Adobe
-CVE-2016-4237 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4237
 	NOT-FOR-US: Adobe
-CVE-2016-4236 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4236
 	NOT-FOR-US: Adobe
-CVE-2016-4235 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4235
 	NOT-FOR-US: Adobe
-CVE-2016-4234 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4234
 	NOT-FOR-US: Adobe
-CVE-2016-4233 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4233
 	NOT-FOR-US: Adobe
-CVE-2016-4232 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4232
 	NOT-FOR-US: Adobe
-CVE-2016-4231 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4231
 	NOT-FOR-US: Adobe
-CVE-2016-4230 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4230
 	NOT-FOR-US: Adobe
-CVE-2016-4229 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4229
 	NOT-FOR-US: Adobe
-CVE-2016-4228 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4228
 	NOT-FOR-US: Adobe
-CVE-2016-4227 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4227
 	NOT-FOR-US: Adobe
-CVE-2016-4226 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4226
 	NOT-FOR-US: Adobe
-CVE-2016-4225 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4225
 	NOT-FOR-US: Adobe
-CVE-2016-4224 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4224
 	NOT-FOR-US: Adobe
-CVE-2016-4223 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4223
 	NOT-FOR-US: Adobe
-CVE-2016-4222 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4222
 	NOT-FOR-US: Adobe
-CVE-2016-4221 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4221
 	NOT-FOR-US: Adobe
-CVE-2016-4220 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4220
 	NOT-FOR-US: Adobe
-CVE-2016-4219 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4219
 	NOT-FOR-US: Adobe
-CVE-2016-4218 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4218
 	NOT-FOR-US: Adobe
-CVE-2016-4217 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4217
 	NOT-FOR-US: Adobe
-CVE-2016-4216 (XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote ...)
+CVE-2016-4216
 	NOT-FOR-US: Adobe
-CVE-2016-4215 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4215
 	NOT-FOR-US: Adobe
-CVE-2016-4214 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4214
 	NOT-FOR-US: Adobe
-CVE-2016-4213 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4213
 	NOT-FOR-US: Adobe
-CVE-2016-4212 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4212
 	NOT-FOR-US: Adobe
-CVE-2016-4211 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4211
 	NOT-FOR-US: Adobe
-CVE-2016-4210 (Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat ...)
+CVE-2016-4210
 	NOT-FOR-US: Adobe
-CVE-2016-4209 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, ...)
+CVE-2016-4209
 	NOT-FOR-US: Adobe
-CVE-2016-4208 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4208
 	NOT-FOR-US: Adobe
-CVE-2016-4207 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4207
 	NOT-FOR-US: Adobe
-CVE-2016-4206 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4206
 	NOT-FOR-US: Adobe
-CVE-2016-4205 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4205
 	NOT-FOR-US: Adobe
-CVE-2016-4204 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4204
 	NOT-FOR-US: Adobe
-CVE-2016-4203 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4203
 	NOT-FOR-US: Adobe
-CVE-2016-4202 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4202
 	NOT-FOR-US: Adobe
-CVE-2016-4201 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4201
 	NOT-FOR-US: Adobe
-CVE-2016-4200 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4200
 	NOT-FOR-US: Adobe
-CVE-2016-4199 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4199
 	NOT-FOR-US: Adobe
-CVE-2016-4198 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4198
 	NOT-FOR-US: Adobe
-CVE-2016-4197 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4197
 	NOT-FOR-US: Adobe
-CVE-2016-4196 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4196
 	NOT-FOR-US: Adobe
-CVE-2016-4195 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4195
 	NOT-FOR-US: Adobe
-CVE-2016-4194 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4194
 	NOT-FOR-US: Adobe
-CVE-2016-4193 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4193
 	NOT-FOR-US: Adobe
-CVE-2016-4192 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4192
 	NOT-FOR-US: Adobe
-CVE-2016-4191 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4191
 	NOT-FOR-US: Adobe
-CVE-2016-4190 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4190
 	NOT-FOR-US: Adobe
-CVE-2016-4189 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4189
 	NOT-FOR-US: Adobe
-CVE-2016-4188 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4188
 	NOT-FOR-US: Adobe
-CVE-2016-4187 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4187
 	NOT-FOR-US: Adobe
-CVE-2016-4186 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4186
 	NOT-FOR-US: Adobe
-CVE-2016-4185 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4185
 	NOT-FOR-US: Adobe
-CVE-2016-4184 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4184
 	NOT-FOR-US: Adobe
-CVE-2016-4183 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4183
 	NOT-FOR-US: Adobe
-CVE-2016-4182 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4182
 	NOT-FOR-US: Adobe
-CVE-2016-4181 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4181
 	NOT-FOR-US: Adobe
-CVE-2016-4180 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4180
 	NOT-FOR-US: Adobe
-CVE-2016-4179 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4179
 	NOT-FOR-US: Adobe
-CVE-2016-4178 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4178
 	NOT-FOR-US: Adobe
-CVE-2016-4177 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4177
 	NOT-FOR-US: Adobe
-CVE-2016-4176 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4176
 	NOT-FOR-US: Adobe
-CVE-2016-4175 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4175
 	NOT-FOR-US: Adobe
-CVE-2016-4174 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4174
 	NOT-FOR-US: Adobe
-CVE-2016-4173 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
+CVE-2016-4173
 	NOT-FOR-US: Adobe
-CVE-2016-4172 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before ...)
+CVE-2016-4172
 	NOT-FOR-US: Adobe
-CVE-2016-4171 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
+CVE-2016-4171
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4170 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager ...)
+CVE-2016-4170
 	NOT-FOR-US: Adobe
-CVE-2016-4169 (Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain ...)
+CVE-2016-4169
 	NOT-FOR-US: Adobe
-CVE-2016-4168 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager ...)
+CVE-2016-4168
 	NOT-FOR-US: Adobe
-CVE-2016-4167 (Adobe DNG Software Development Kit (SDK) before 1.4 2016 allows ...)
+CVE-2016-4167
 	NOT-FOR-US: Adobe
-CVE-2016-4166 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4166
 	NOT-FOR-US: Adobe
-CVE-2016-4165 (The extension manager in Adobe Brackets before 1.7 allows attackers to ...)
+CVE-2016-4165
 	NOT-FOR-US: Adobe
-CVE-2016-4164 (Cross-site scripting (XSS) vulnerability in Adobe Brackets before 1.7 ...)
+CVE-2016-4164
 	NOT-FOR-US: Adobe
-CVE-2016-4163 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before ...)
+CVE-2016-4163
 	NOT-FOR-US: Adobe
-CVE-2016-4162 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before ...)
+CVE-2016-4162
 	NOT-FOR-US: Adobe
-CVE-2016-4161 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before ...)
+CVE-2016-4161
 	NOT-FOR-US: Adobe
-CVE-2016-4160 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before ...)
+CVE-2016-4160
 	NOT-FOR-US: Adobe
-CVE-2016-4159 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
+CVE-2016-4159
 	NOT-FOR-US: Adobe
-CVE-2016-4158 (Unquoted Windows search path vulnerability in Adobe Creative Cloud ...)
+CVE-2016-4158
 	NOT-FOR-US: Adobe
-CVE-2016-4157 (Untrusted search path vulnerability in the installer in Adobe Creative ...)
+CVE-2016-4157
 	NOT-FOR-US: Adobe
-CVE-2016-4156 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4156
 	NOT-FOR-US: Adobe
-CVE-2016-4155 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4155
 	NOT-FOR-US: Adobe
-CVE-2016-4154 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4154
 	NOT-FOR-US: Adobe
-CVE-2016-4153 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4153
 	NOT-FOR-US: Adobe
-CVE-2016-4152 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4152
 	NOT-FOR-US: Adobe
-CVE-2016-4151 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4151
 	NOT-FOR-US: Adobe
-CVE-2016-4150 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4150
 	NOT-FOR-US: Adobe
-CVE-2016-4149 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4149
 	NOT-FOR-US: Adobe
-CVE-2016-4148 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4148
 	NOT-FOR-US: Adobe
-CVE-2016-4147 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4147
 	NOT-FOR-US: Adobe
-CVE-2016-4146 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4146
 	NOT-FOR-US: Adobe
-CVE-2016-4145 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4145
 	NOT-FOR-US: Adobe
-CVE-2016-4144 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4144
 	NOT-FOR-US: Adobe
-CVE-2016-4143 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4143
 	NOT-FOR-US: Adobe
-CVE-2016-4142 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4142
 	NOT-FOR-US: Adobe
-CVE-2016-4141 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4141
 	NOT-FOR-US: Adobe
-CVE-2016-4140 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4140
 	NOT-FOR-US: Adobe
-CVE-2016-4139 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4139
 	NOT-FOR-US: Adobe
-CVE-2016-4138 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4138
 	NOT-FOR-US: Adobe
-CVE-2016-4137 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4137
 	NOT-FOR-US: Adobe
-CVE-2016-4136 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4136
 	NOT-FOR-US: Adobe
-CVE-2016-4135 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4135
 	NOT-FOR-US: Adobe
-CVE-2016-4134 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4134
 	NOT-FOR-US: Adobe
-CVE-2016-4133 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4133
 	NOT-FOR-US: Adobe
-CVE-2016-4132 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4132
 	NOT-FOR-US: Adobe
-CVE-2016-4131 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4131
 	NOT-FOR-US: Adobe
-CVE-2016-4130 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4130
 	NOT-FOR-US: Adobe
-CVE-2016-4129 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4129
 	NOT-FOR-US: Adobe
-CVE-2016-4128 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4128
 	NOT-FOR-US: Adobe
-CVE-2016-4127 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4127
 	NOT-FOR-US: Adobe
-CVE-2016-4126 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4126
 	NOT-FOR-US: Adobe
-CVE-2016-4125 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4125
 	NOT-FOR-US: Adobe
-CVE-2016-4124 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4124
 	NOT-FOR-US: Adobe
-CVE-2016-4123 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4123
 	NOT-FOR-US: Adobe
-CVE-2016-4122 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and ...)
+CVE-2016-4122
 	NOT-FOR-US: Adobe
-CVE-2016-4121 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 ...)
+CVE-2016-4121
 	NOT-FOR-US: Adobe
-CVE-2016-4120 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before ...)
+CVE-2016-4120
 	NOT-FOR-US: Adobe
-CVE-2016-4119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4119
 	NOT-FOR-US: Adobe
-CVE-2016-4118 (Untrusted search path vulnerability in the installer in Adobe Connect ...)
+CVE-2016-4118
 	NOT-FOR-US: Adobe
-CVE-2016-4117 (Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to ...)
+CVE-2016-4117
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4116 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4116
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4115 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4115
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4114 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4114
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4113 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4113
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4112 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4112
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4111 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4111
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4110 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4110
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4109 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4109
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4108 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-4108
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4107 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-4107
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4106 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-4106
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4105 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4105
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4104 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4104
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4103 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4103
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4102 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-4102
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4101 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4101
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4100 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4100
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4099 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4099
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4098 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4098
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4097 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4097
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4096 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4096
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4095 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4095
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4094 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4094
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4093 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4093
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4092 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, ...)
+CVE-2016-4092
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4091 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, ...)
+CVE-2016-4091
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4090 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4090
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4089 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4089
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4088 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-4088
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4340 (The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 ...)
+CVE-2016-4340
 	- gitlab 8.8.2+dfsg-1 (bug #823290)
 	NOTE: https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/
-CVE-2016-4087 (Huawei S12700 switches with software before V200R008C00SPC500 and ...)
+CVE-2016-4087
 	NOT-FOR-US: Huawei
-CVE-2016-4086 (Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before ...)
+CVE-2016-4086
 	NOT-FOR-US: Huawei HiSuite Device Manager
-CVE-2016-4075 (Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the ...)
+CVE-2016-4075
 	NOT-FOR-US: Opera
 CVE-2016-4067
 	RESERVED
-CVE-2016-4066 (Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb ...)
+CVE-2016-4066
 	NOT-FOR-US: Fortinet
-CVE-2016-4065 (The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on ...)
+CVE-2016-4065
 	NOT-FOR-US: Foxit
-CVE-2016-4064 (Use-after-free vulnerability in the XFA forms handling functionality ...)
+CVE-2016-4064
 	NOT-FOR-US: Foxit
-CVE-2016-4063 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before ...)
+CVE-2016-4063
 	NOT-FOR-US: Foxit
-CVE-2016-4062 (Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report ...)
+CVE-2016-4062
 	NOT-FOR-US: Foxit
-CVE-2016-4061 (Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote ...)
+CVE-2016-4061
 	NOT-FOR-US: Foxit
-CVE-2016-4060 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before ...)
+CVE-2016-4060
 	NOT-FOR-US: Foxit
-CVE-2016-4059 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before ...)
+CVE-2016-4059
 	NOT-FOR-US: Foxit
-CVE-2016-4074 (The jv_dump_term function in jq 1.5 allows remote attackers to cause a ...)
+CVE-2016-4074
 	- jq 1.5+dfsg-1.1 (low; bug #822456)
 	[jessie] - jq 1.4-2.1+deb8u1
 	NOTE: https://github.com/stedolan/jq/issues/1136
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3
-CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail ...)
+CVE-2016-4069
 	{DLA-613-1}
 	- roundcube 1.1.5+dfsg.1-1 (bug #822333)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/4957
@@ -20366,94 +20366,94 @@ CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webm
 	NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5
 	NOTE: https://github.com/roundcube/roundcubemail/commit/699af1e5206ed9114322adaa3c25c1c969640a53 (release-1.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/3
-CVE-2016-4068 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before ...)
+CVE-2016-4068
 	{DLA-537-1}
 	- roundcube 1.2.1+dfsg.1-1
 	NOTE: https://github.com/roundcube/roundcubemail/issues/5398
 	NOTE: https://github.com/roundcube/roundcubemail/commit/a1fdb205f824dee7fd42dda739f207abc85ce158
-CVE-2016-4085 (Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in ...)
+CVE-2016-4085
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.0~rc2+g74e5b56-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-28.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293
 	NOTE: Doesn't affect 2.x series
-CVE-2016-4084 (Integer signedness error in epan/dissectors/packet-mswsp.c in the ...)
+CVE-2016-4084
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-27.html
-CVE-2016-4083 (epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark ...)
+CVE-2016-4083
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-27.html
-CVE-2016-4082 (epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in ...)
+CVE-2016-4082
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-26.html
-CVE-2016-4006 (epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 ...)
+CVE-2016-4006
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-25.html
-CVE-2016-4081 (epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark ...)
+CVE-2016-4081
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-24.html
-CVE-2016-4080 (epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark ...)
+CVE-2016-4080
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-23.html
-CVE-2016-4079 (epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark ...)
+CVE-2016-4079
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-22.html
-CVE-2016-4078 (The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x ...)
+CVE-2016-4078
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-21.html
 	NOTE: Upstream lists 1.12.x affected, I have contacted them for clarification
-CVE-2016-4077 (epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on ...)
+CVE-2016-4077
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-20.html
-CVE-2016-4076 (epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark ...)
+CVE-2016-4076
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-19.html
-CVE-2016-4058 (Cross-site scripting (XSS) vulnerability in Huawei Policy Center ...)
+CVE-2016-4058
 	NOT-FOR-US: Huawei
-CVE-2016-4057 (Huawei FusionCompute before V100R005C10SPC700 allows remote ...)
+CVE-2016-4057
 	NOT-FOR-US: Huawei FusionCompute
 CVE-2016-6479
 	REJECTED
-CVE-2016-4055 (The duration function in the moment package before 2.11.2 for Node.js ...)
+CVE-2016-4055
 	- node-moment 2.13.0+ds-1 (unimportant)
 	NOTE: https://github.com/moment/moment/pull/2939
 	NOTE: https://nodesecurity.io/advisories/55
 	NOTE: nodejs not covered by security support
 CVE-2016-4050
 	REJECTED
-CVE-2016-4049 (The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does ...)
+CVE-2016-4049
 	{DSA-3654-1 DLA-601-1}
 	- quagga 1.0.20160315-2 (bug #822787)
 	NOTE: https://lists.quagga.net/pipermail/quagga-dev/2016-January/014699.html
 	NOTE: https://lists.quagga.net/pipermail/quagga-dev/2016-April/015241.html
-CVE-2016-4048 (An issue was discovered in Open-Xchange OX App Suite before ...)
+CVE-2016-4048
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4047 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. ...)
+CVE-2016-4047
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4046 (An issue was discovered in Open-Xchange OX App Suite before ...)
+CVE-2016-4046
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4045 (An issue was discovered in Open-Xchange OX App Suite before ...)
+CVE-2016-4045
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4056 (Cross-site scripting (XSS) vulnerability in the Backend component in ...)
+CVE-2016-4056
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
-CVE-2016-4054 (Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows ...)
+CVE-2016-4054
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid <not-affected> (Squid 2.x are not vulnerable)
@@ -20462,7 +20462,7 @@ CVE-2016-4054 (Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 a
 	NOTE: http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12697.patch (Squid 3.3)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch (Squid 3.4)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch (Squid 3.5)
-CVE-2016-4053 (Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to ...)
+CVE-2016-4053
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid <not-affected> (Squid 2.x are not vulnerable)
@@ -20471,7 +20471,7 @@ CVE-2016-4053 (Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attacke
 	NOTE: http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12697.patch (Squid 3.3)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch (Squid 3.4)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch (Squid 3.5)
-CVE-2016-4052 (Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and ...)
+CVE-2016-4052
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid <not-affected> (Squid 2.x are not vulnerable)
@@ -20480,7 +20480,7 @@ CVE-2016-4052 (Multiple stack-based buffer overflows in Squid 3.x before 3.5.17
 	NOTE: http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12697.patch (Squid 3.3)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch (Squid 3.4)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch (Squid 3.5)
-CVE-2016-4051 (Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and ...)
+CVE-2016-4051
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid 4.1-1
@@ -20493,27 +20493,27 @@ CVE-2016-4051 (Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17,
 	NOTE: Fixed in wheezy by DLA-556-1, c.f. CVE-2016-5408
 CVE-2016-4044
 	RESERVED
-CVE-2016-4043 (Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote ...)
+CVE-2016-4043
 	NOT-FOR-US: Plone
-CVE-2016-4042 (Plone 3.3 through 5.1a1 allows remote attackers to obtain information ...)
+CVE-2016-4042
 	NOT-FOR-US: Plone
-CVE-2016-4041 (Plone 4.0 through 5.1a1 does not have security declarations for ...)
+CVE-2016-4041
 	NOT-FOR-US: Plone
-CVE-2016-4040 (SQL injection vulnerability in the Workflow Screen in dotCMS before ...)
+CVE-2016-4040
 	NOT-FOR-US: dotCMS
 CVE-2016-4039
 	RESERVED
-CVE-2016-4036 (The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux ...)
+CVE-2016-4036
 	{DSA-3654-1 DLA-601-1}
 	- quagga 1.0.20160315-2 (bug #835223)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=770619
 	NOTE: World readable files in /etc/quagga as well in Debian
-CVE-2016-3955 (The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in ...)
+CVE-2016-3955
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.2-1
 	NOTE: Upstream commit: https://git.kernel.org/linus/b348d7dddb6c4fbfc810b7a0626e8ec9e29f7cbb (v4.6-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/19/1
-CVE-2016-4038 (Array index error in the msm_sensor_config function in ...)
+CVE-2016-4038
 	NOT-FOR-US: Samsung Android driver
 CVE-2016-4035
 	RESERVED
@@ -20521,11 +20521,11 @@ CVE-2016-4034
 	RESERVED
 CVE-2016-4033
 	RESERVED
-CVE-2016-4032 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build ...)
+CVE-2016-4032
 	NOT-FOR-US: Samsung
-CVE-2016-4031 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build ...)
+CVE-2016-4031
 	NOT-FOR-US: Samsung
-CVE-2016-4037 (The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows ...)
+CVE-2016-4037
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #822344)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -20536,43 +20536,43 @@ CVE-2016-4037 (The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allo
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/18/3
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=1ae3f2f178087711f9591350abad133525ba93f2 (v2.6.0-rc3)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a49923d2837d20510d645d3758f1ad87c32d0730 (v2.6.0-rc3)
-CVE-2016-4030 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build ...)
+CVE-2016-4030
 	NOT-FOR-US: Samsung
-CVE-2016-4029 (WordPress before 4.5 does not consider octal and hexadecimal IP ...)
+CVE-2016-4029
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.5+dfsg-1
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37115
 	NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
 	NOTE: Release notes: https://codex.wordpress.org/Version_4.5
-CVE-2016-4028 (An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX ...)
+CVE-2016-4028
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4027 (An issue was discovered in Open-Xchange OX App Suite before ...)
+CVE-2016-4027
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4026 (An issue was discovered in Open-Xchange OX App Suite before ...)
+CVE-2016-4026
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4025 (Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier ...)
+CVE-2016-4025
 	NOT-FOR-US: Avast
 CVE-2016-4023
 	RESERVED
 CVE-2016-4022
 	RESERVED
-CVE-2016-4021 (The read_binary function in buffer.c in pgpdump before 0.30 allows ...)
+CVE-2016-4021
 	{DLA-768-1}
 	- pgpdump 0.31-0.1 (bug #773747)
 	[jessie] - pgpdump 0.28-1+deb8u1
 	NOTE: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt
 	NOTE: https://github.com/kazu-yamamoto/pgpdump/pull/16
-CVE-2016-4019 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows ...)
+CVE-2016-4019
 	NOT-FOR-US: Zimbra
-CVE-2016-4018 (The Data Provisioning Agent (aka DP Agent) in SAP HANA does not ...)
+CVE-2016-4018
 	NOT-FOR-US: SAP
-CVE-2016-4017 (The Data Provisioning Agent (aka DP Agent) in SAP HANA allows remote ...)
+CVE-2016-4017
 	NOT-FOR-US: SAP
-CVE-2016-4016 (Cross-site scripting (XSS) vulnerability in SAP Manufacturing ...)
+CVE-2016-4016
 	NOT-FOR-US: SAP
-CVE-2016-4015 (The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows ...)
+CVE-2016-4015
 	NOT-FOR-US: SAP
-CVE-2016-4014 (XML external entity (XXE) vulnerability in the UDDI component in SAP ...)
+CVE-2016-4014
 	NOT-FOR-US: SAP
 CVE-2016-XXXX [ZF2016-01: Potential Insufficient Entropy Vulnerability in ZF1]
 	- zendframework 1.12.18+dfsg-1
@@ -20585,41 +20585,41 @@ CVE-2016-4012
 	RESERVED
 CVE-2016-4011
 	RESERVED
-CVE-2016-4010 (Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP ...)
+CVE-2016-4010
 	NOT-FOR-US: Magento
 	NOTE: https://magento.com/security/patches/magento-206-security-update
 	NOTE: http://www.netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/
-CVE-2016-4007 (Multiple unspecified vulnerabilities in the obs-service-extract_file ...)
+CVE-2016-4007
 	NOT-FOR-US: obs-service-extract_file
-CVE-2016-4024 (Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows ...)
+CVE-2016-4024
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #821732)
 	NOTE: Upstream fix: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/14/5
-CVE-2016-4005 (The Huawei Hilink App application before 3.19.2 for Android does not ...)
+CVE-2016-4005
 	NOT-FOR-US: Huawei
-CVE-2016-4004 (Directory traversal vulnerability in Dell OpenManage Server ...)
+CVE-2016-4004
 	NOT-FOR-US: Dell
-CVE-2016-4003 (Cross-site scripting (XSS) vulnerability in the URLDecoder function in ...)
+CVE-2016-4003
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: http://struts.apache.org/docs/s2-028.html
-CVE-2016-4020 (The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not ...)
+CVE-2016-4020
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-2 (bug #821062)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01118.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1313686
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/13/6
-CVE-2016-4000 (Jython before 2.7.1rc1 allows attackers to execute arbitrary code via ...)
+CVE-2016-4000
 	{DSA-3893-1 DLA-989-1}
 	- jython 2.5.3-17 (bug #864859)
 	NOTE: http://bugs.jython.org/issue2454
 	NOTE: https://hg.python.org/jython/rev/d06e29d100c0
-CVE-2016-3999 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+CVE-2016-3999
 	NOT-FOR-US: Zimbra
-CVE-2016-3998 (NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to ...)
+CVE-2016-3998
 	NOT-FOR-US: NetApp AltaVault
-CVE-2016-3997 (NetApp Clustered Data ONTAP allows man-in-the-middle attackers to ...)
+CVE-2016-3997
 	NOT-FOR-US: NetApp Clustered Data ONTAP
 CVE-2016-XXXX [auth bypass]
 	- brltty <not-affected> (Vulnerable code introduced later)
@@ -20627,42 +20627,42 @@ CVE-2016-XXXX [auth bypass]
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/04/12/4
 	NOTE: Introduced in: https://github.com/brltty/brltty/commit/e62b3c925d03239a372d425fb87b2cac65d8ef19
 	NOTE: Fixed by: https://github.com/brltty/brltty/commit/74affe7d1401f2b43ad32e18cb78704d22604ad7
-CVE-2016-3996 (ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly ...)
+CVE-2016-3996
 	NOT-FOR-US: Samsung
-CVE-2016-3991 (Heap-based buffer overflow in the loadImage function in the tiffcrop ...)
+CVE-2016-3991
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2543
 	NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-3991.tif
-CVE-2016-3990 (Heap-based buffer overflow in the horizontalDifference8 function in ...)
+CVE-2016-3990
 	{DSA-3762-1 DLA-795-1 DLA-610-1}
 	- tiff 4.0.7-1 (bug #836570)
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2544
-CVE-2016-3989 (The NTP time-server interface on Meinberg IMS-LANTIME M3000, ...)
+CVE-2016-3989
 	NOT-FOR-US: Meinberg
-CVE-2016-3988 (Multiple stack-based buffer overflows in the NTP time-server interface ...)
+CVE-2016-3988
 	NOT-FOR-US: Meinberg
-CVE-2016-3987 (The HTTP server in Trend Micro Password Manager allows remote web ...)
+CVE-2016-3987
 	NOT-FOR-US: Trend Micro
-CVE-2016-3986 (Avast allows remote attackers to cause a denial of service (memory ...)
+CVE-2016-3986
 	NOT-FOR-US: Avast
-CVE-2016-3985 (The Terminal Services Remote Desktop Protocol (RDP) client session ...)
+CVE-2016-3985
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-3984 (The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response ...)
+CVE-2016-3984
 	NOT-FOR-US: McAfee
-CVE-2016-3983 (McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow ...)
+CVE-2016-3983
 	NOT-FOR-US: McAfee
-CVE-2016-3980 (The Java Startup Framework (aka jstart) in SAP JAVA AS 7.2 through 7.4 ...)
+CVE-2016-3980
 	NOT-FOR-US: SAP
-CVE-2016-3979 (Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA AS 7.2 ...)
+CVE-2016-3979
 	NOT-FOR-US: SAP
-CVE-2016-3978 (The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x ...)
+CVE-2016-3978
 	NOT-FOR-US: FortiOS
-CVE-2016-4002 (Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in ...)
+CVE-2016-4002
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #821061)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -20671,7 +20671,7 @@ CVE-2016-4002 (Buffer overflow in the mipsnet_receive function in hw/net/mipsnet
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326082
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01131.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/6
-CVE-2016-4001 (Buffer overflow in the stellaris_enet_receive function in ...)
+CVE-2016-4001
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #821038)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -20681,26 +20681,26 @@ CVE-2016-4001 (Buffer overflow in the stellaris_enet_receive function in ...)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01334.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=3a15cc0e1ee7168db0782133d2607a6bfa422d66 (v2.6.0-rc2)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/4
-CVE-2016-4008 (The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 ...)
+CVE-2016-4008
 	{DSA-3568-1 DLA-495-1}
 	- libtasn1-6 4.8-1
 	- libtasn1-3 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/3
 	NOTE: http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=f435825c0f527a8e52e6ffbc3ad0bc60531d537e
 	NOTE: http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=a6e0a0b58f5cdaf4e9beca5bce69c09808cbb625
-CVE-2016-3995 (The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and ...)
+CVE-2016-3995
 	- libcrypto++ 5.6.3-6
 	[jessie] - libcrypto++ 5.6.1-6+deb8u2
 	[wheezy] - libcrypto++ 5.6.1-6+deb7u2
 	NOTE: https://github.com/weidai11/cryptopp/issues/146
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/6
 	NOTE: Initial upload in 5.6.3-5 was incomplete
-CVE-2016-3994 (The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause ...)
+CVE-2016-3994
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #785369)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/6
-CVE-2016-4070 (** DISPUTED ** Integer overflow in the php_raw_url_encode function in ...)
+CVE-2016-4070
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20710,7 +20710,7 @@ CVE-2016-4070 (** DISPUTED ** Integer overflow in the php_raw_url_encode functio
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=95433e8e339dbb6b5d5541473c1661db6ba2c451
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/ea6ff01f6c31f1615a935ef96622d623a6277d37
-CVE-2016-4071 (Format string vulnerability in the php_snmp_error function in ...)
+CVE-2016-4071
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20718,7 +20718,7 @@ CVE-2016-4071 (Format string vulnerability in the php_snmp_error function in ...
 	NOTE: https://bugs.php.net/bug.php?id=71704
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=6e25966544fb1d2f3d7596e060ce9c9269bbdcf8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-4072 (The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x ...)
+CVE-2016-4072
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20727,7 +20727,7 @@ CVE-2016-4072 (The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and
 	NOTE: https://gist.github.com/smalyshev/80b5c2909832872f2ba2
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=1e9b175204e3286d64dfd6c9f09151c31b5e099a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-4073 (Multiple integer overflows in the mbfl_strcut function in ...)
+CVE-2016-4073
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20736,31 +20736,31 @@ CVE-2016-4073 (Multiple integer overflows in the mbfl_strcut function in ...)
 	NOTE: https://gist.github.com/smalyshev/d8355c96a657cc5dba70
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=64f42c73efc58e88671ad76b6b6bc8e2b62713e1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-3976 (Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through ...)
+CVE-2016-3976
 	NOT-FOR-US: SAP
-CVE-2016-3975 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 ...)
+CVE-2016-3975
 	NOT-FOR-US: SAP
-CVE-2016-3974 (XML external entity (XXE) vulnerability in the Configuration Wizard in ...)
+CVE-2016-3974
 	NOT-FOR-US: SAP
-CVE-2016-3973 (The chat feature in the Real-Time Collaboration (RTC) services 7.3 and ...)
+CVE-2016-3973
 	NOT-FOR-US: SAP
-CVE-2016-3972 (Directory traversal vulnerability in the dotTailLogServlet in dotCMS ...)
+CVE-2016-3972
 	NOT-FOR-US: dotCMS
-CVE-2016-3971 (Cross-site scripting (XSS) vulnerability in lucene_search.jsp in ...)
+CVE-2016-3971
 	NOT-FOR-US: dotCMS
 CVE-2016-3970
 	RESERVED
 CVE-2016-7921
 	REJECTED
-CVE-2016-3982 (Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in ...)
+CVE-2016-3982
 	{DSA-3546-1}
 	- optipng 0.7.6-1
 	NOTE: https://sourceforge.net/p/optipng/bugs/57/
-CVE-2016-3981 (Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c ...)
+CVE-2016-3981
 	{DSA-3546-1}
 	- optipng 0.7.6-1
 	NOTE: https://sourceforge.net/p/optipng/bugs/56/
-CVE-2016-3977 (Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib ...)
+CVE-2016-3977
 	- giflib 5.1.4-3 (bug #820526)
 	[stretch] - giflib <no-dsa> (Minor issue)
 	[jessie] - giflib <no-dsa> (Minor issue)
@@ -20770,9 +20770,9 @@ CVE-2016-3977 (Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib
 	NOTE: The issue was originally fixed in 5.1.4-0.3 but then the NMU upload
 	NOTE: 5.1.4-0.4 just dropped the patch claiming the patch was already present
 	NOTE: which is untrue and reopening the issue.
-CVE-2016-3969 (Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) ...)
+CVE-2016-3969
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2016-3968 (Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam ...)
+CVE-2016-3968
 	NOT-FOR-US: Sophos
 CVE-2016-3967
 	RESERVED
@@ -20782,76 +20782,76 @@ CVE-2016-3965
 	RESERVED
 CVE-2016-3964
 	RESERVED
-CVE-2016-3963 (Siemens SCALANCE S613 allows remote attackers to cause a denial of ...)
+CVE-2016-3963
 	NOT-FOR-US: Siemens
-CVE-2016-3992 (cronic before 3 allows local users to write to arbitrary files via a ...)
+CVE-2016-3992
 	- cronic 3-1 (bug #820331)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/4
-CVE-2016-3962 (Stack-based buffer overflow in the NTP time-server interface on ...)
+CVE-2016-3962
 	NOT-FOR-US: Meinberg
-CVE-2016-3961 (Xen and the Linux kernel through 4.5.x do not properly suppress ...)
+CVE-2016-3961
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.2-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-174.html
 	NOTE: Fixed by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=103f6112f253017d7062cd74d17f4a514ed4485c
-CVE-2016-3960 (Integer overflow in the x86 shadow pagetable code in Xen allows local ...)
+CVE-2016-3960
 	{DSA-3554-1 DLA-571-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-173.html
-CVE-2016-3957 (The secure_load function in gluon/utils.py in web2py before 2.14.2 ...)
+CVE-2016-3957
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3956 (The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js ...)
+CVE-2016-3956
 	- npm 5.8.0+ds-2 (bug #850322)
 	[jessie] - npm <no-dsa> (Minor issue)
 	NOTE: https://github.com/npm/npm/issues/8380
 	NOTE: https://github.com/npm/npm/commit/fea8cc92cee02c720b58f95f14d315507ccad401 (2.15.1)
 	NOTE: https://github.com/npm/npm/commit/f67ecad59e99a03e5aad8e93cd1a086ae087cb29 (3.8.3)
-CVE-2016-3954 (web2py before 2.14.2 allows remote attackers to obtain the ...)
+CVE-2016-3954
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3953 (The sample web application in web2py before 2.14.2 might allow remote ...)
+CVE-2016-3953
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3952 (web2py before 2.14.1, when using the standalone version, allows remote ...)
+CVE-2016-3952
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3951 (Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux ...)
+CVE-2016-3951
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	NOTE: https://git.kernel.org/linus/4d06dd537f95683aba3651098ae288b7cbff8274 (v4.5)
 	NOTE: https://git.kernel.org/linus/1666984c8625b3db19a9abc298931d35ab7bc64b (v4.5)
 	NOTE: https://www.spinics.net/lists/netdev/msg367669.html
-CVE-2016-3950 (Huawei AR3200 routers with software before V200R006C10SPC300 allow ...)
+CVE-2016-3950
 	NOT-FOR-US: Huawei AR3200 routers
-CVE-2016-3949 (Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware ...)
+CVE-2016-3949
 	NOT-FOR-US: Siemens
-CVE-2016-3959 (The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x ...)
+CVE-2016-3959
 	- golang 2:1.6.1-1 (bug #820369)
 	[jessie] - golang <no-dsa> (Minor issue)
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://golang.org/cl/21533
-CVE-2016-3958 (Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x ...)
+CVE-2016-3958
 	- golang <not-affected> (Only affects Go on Windows)
 	NOTE: https://golang.org/cl/21428
-CVE-2016-3946 (SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP ...)
+CVE-2016-3946
 	NOT-FOR-US: SAP
-CVE-2016-3945 (Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile ...)
+CVE-2016-3945
 	{DSA-3762-1 DLA-795-1 DLA-610-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2545
-CVE-2016-3993 (Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c ...)
+CVE-2016-3993
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #819818)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/5
-CVE-2016-3948 (Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds ...)
+CVE-2016-3948
 	{DSA-3625-1}
 	- squid3 3.5.16-1 (bug #819784)
 	[wheezy] - squid3 <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
@@ -20859,7 +20859,7 @@ CVE-2016-3948 (Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform b
 	[wheezy] - squid <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14016.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_4.txt
-CVE-2016-3947 (Heap-based buffer overflow in the Icmp6::Recv function in ...)
+CVE-2016-3947
 	- squid3 3.5.16-1 (bug #819783)
 	[jessie] - squid3 <no-dsa> (Minor issue)
 	[wheezy] - squid3 <no-dsa> (Minor issue)
@@ -20867,326 +20867,326 @@ CVE-2016-3947 (Heap-based buffer overflow in the Icmp6::Recv function in ...)
 	[wheezy] - squid <no-dsa> (Minor issue)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14015.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_3.txt
-CVE-2016-3944 (UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle ...)
+CVE-2016-3944
 	NOT-FOR-US: Lenovo
-CVE-2016-3943 (Panda Endpoint Administration Agent before 7.50.00, as used in Panda ...)
+CVE-2016-3943
 	NOT-FOR-US: Panda
 CVE-2016-3942
 	RESERVED
-CVE-2016-3940 (The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus ...)
+CVE-2016-3940
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-3939 (drivers/video/msm/mdss/mdss_debug.c in the Qualcomm video driver in ...)
+CVE-2016-3939
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3938 (drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver ...)
+CVE-2016-3938
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3937 (The MediaTek video driver in Android before 2016-10-05 allows ...)
+CVE-2016-3937
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3936 (The MediaTek video driver in Android before 2016-10-05 allows ...)
+CVE-2016-3936
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3935 (Multiple integer overflows in drivers/crypto/msm/qcedev.c in the ...)
+CVE-2016-3935
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3934 (drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_cci_i2c.c in ...)
+CVE-2016-3934
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3933 (mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C ...)
+CVE-2016-3933
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3932 (mediaserver in Android before 2016-10-05 allows attackers to gain ...)
+CVE-2016-3932
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3931 (drivers/misc/qseecom.c in the Qualcomm QSEE Communicator driver in ...)
+CVE-2016-3931
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3930 (The NVIDIA MMC test driver in Android before 2016-10-05 on Nexus 9 ...)
+CVE-2016-3930
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3929 (Unspecified vulnerability in a Qualcomm component in Android before ...)
+CVE-2016-3929
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3928 (The MediaTek video driver in Android before 2016-10-05 allows ...)
+CVE-2016-3928
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3927 (Unspecified vulnerability in a Qualcomm component in Android before ...)
+CVE-2016-3927
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3926 (Unspecified vulnerability in a Qualcomm component in Android before ...)
+CVE-2016-3926
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3925 (server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and ...)
+CVE-2016-3925
 	NOT-FOR-US: Android
-CVE-2016-3924 (services/audioflinger/Effects.cpp in mediaserver in Android 4.x before ...)
+CVE-2016-3924
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3923 (The Accessibility services in Android 7.0 before 2016-10-01 mishandle ...)
+CVE-2016-3923
 	NOT-FOR-US: Android
-CVE-2016-3922 (libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 ...)
+CVE-2016-3922
 	NOT-FOR-US: Android Telephony
-CVE-2016-3921 (libsysutils/src/FrameworkListener.cpp in Framework Listener in Android ...)
+CVE-2016-3921
 	- android-platform-system-core <not-affected> (libsysutils not included, bug #858177)
-CVE-2016-3920 (id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before ...)
+CVE-2016-3920
 	NOT-FOR-US: libstagefright
 CVE-2016-3919
 	REJECTED
-CVE-2016-3918 (email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x ...)
+CVE-2016-3918
 	NOT-FOR-US: Android
-CVE-2016-3917 (The fingerprint login feature in Android 6.0.1 before 2016-10-01 and ...)
+CVE-2016-3917
 	NOT-FOR-US: Android
-CVE-2016-3916 (camera/src/camera_metadata.c in the Camera service in Android 4.x ...)
+CVE-2016-3916
 	NOT-FOR-US: Android
-CVE-2016-3915 (camera/src/camera_metadata.c in the Camera service in Android 4.x ...)
+CVE-2016-3915
 	NOT-FOR-US: Android
-CVE-2016-3914 (Race condition in providers/telephony/MmsProvider.java in Telephony in ...)
+CVE-2016-3914
 	NOT-FOR-US: Android Telephony
-CVE-2016-3913 (media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in ...)
+CVE-2016-3913
 	NOT-FOR-US: Android
-CVE-2016-3912 (The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, ...)
+CVE-2016-3912
 	NOT-FOR-US: Android
-CVE-2016-3911 (core/java/android/os/Process.java in Zygote in Android 4.x before ...)
+CVE-2016-3911
 	NOT-FOR-US: Android
-CVE-2016-3910 (services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in ...)
+CVE-2016-3910
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3909 (The SoftMPEG4 component in libstagefright in mediaserver in Android ...)
+CVE-2016-3909
 	NOT-FOR-US: libstagefright
-CVE-2016-3908 (The Lock Settings Service in Android 6.x before 2016-10-01 and 7.0 ...)
+CVE-2016-3908
 	NOT-FOR-US: Android
-CVE-2016-3907 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-3907
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-3906 (An information disclosure vulnerability in Qualcomm components ...)
+CVE-2016-3906
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-3905 (CORE/HDD/src/wlan_hdd_main.c in the Qualcomm Wi-Fi driver in Android ...)
+CVE-2016-3905
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3904 (An elevation of privilege vulnerability in the Qualcomm bus driver in ...)
+CVE-2016-3904
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3903 (drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the ...)
+CVE-2016-3903
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3902 (drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver ...)
+CVE-2016-3902
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3901 (Multiple integer overflows in drivers/crypto/msm/qcedev.c in the ...)
+CVE-2016-3901
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3900 (cmds/servicemanager/service_manager.c in ServiceManager in Android ...)
+CVE-2016-3900
 	NOT-FOR-US: Android
-CVE-2016-3899 (OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before ...)
+CVE-2016-3899
 	NOT-FOR-US: libstagefright
-CVE-2016-3898 (Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x ...)
+CVE-2016-3898
 	NOT-FOR-US: Android
-CVE-2016-3897 (The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java ...)
+CVE-2016-3897
 	NOT-FOR-US: Android
-CVE-2016-3896 (AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-3896
 	NOT-FOR-US: Android
-CVE-2016-3895 (Integer overflow in the Region::unflatten function in ...)
+CVE-2016-3895
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3894 (The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 ...)
+CVE-2016-3894
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3893 (The wcdcal_hwdep_ioctl_shared function in ...)
+CVE-2016-3893
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3892 (The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, ...)
+CVE-2016-3892
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-3891
 	RESERVED
-CVE-2016-3890 (The Java Debug Wire Protocol (JDWP) implementation in adb/sockets.cpp ...)
+CVE-2016-3890
 	- android-platform-system-core 1:6.0.1+r43-1
 	[jessie] - android-platform-system-core <no-dsa> (Minor issue)
-CVE-2016-3889 (Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows ...)
+CVE-2016-3889
 	NOT-FOR-US: Android
-CVE-2016-3888 (internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, ...)
+CVE-2016-3888
 	NOT-FOR-US: Android
-CVE-2016-3887 (providers/settings/SettingsProvider.java in Android 7.0 before ...)
+CVE-2016-3887
 	NOT-FOR-US: Android
-CVE-2016-3886 (systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI ...)
+CVE-2016-3886
 	NOT-FOR-US: Android
-CVE-2016-3885 (debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, ...)
+CVE-2016-3885
 	- android-platform-system-core <not-affected> (debugged not provided, see bug #858177)
-CVE-2016-3884 (server/notification/NotificationManagerService.java in the ...)
+CVE-2016-3884
 	NOT-FOR-US: Android
-CVE-2016-3883 (internal/telephony/SMSDispatcher.java in Telephony in Android 4.x ...)
+CVE-2016-3883
 	NOT-FOR-US: Android
-CVE-2016-3882 (Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in ...)
+CVE-2016-3882
 	NOT-FOR-US: Android
-CVE-2016-3881 (The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx ...)
+CVE-2016-3881
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minor issue)
 	[wheezy] - libvpx <not-affected> (Vulnerable source not present)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/4974dcbd0289a2530df2ee2a25b5f92775df80da
-CVE-2016-3880 (Multiple buffer overflows in rtsp/ASessionDescription.cpp in ...)
+CVE-2016-3880
 	NOT-FOR-US: libstagefright
-CVE-2016-3879 (arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before ...)
+CVE-2016-3879
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3878 (decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 ...)
+CVE-2016-3878
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3877 (Unspecified vulnerability in Android before 2016-09-01 has unknown ...)
+CVE-2016-3877
 	NOT-FOR-US: Android
-CVE-2016-3876 (providers/settings/SettingsProvider.java in Android 6.x before ...)
+CVE-2016-3876
 	NOT-FOR-US: Android
-CVE-2016-3875 (server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 ...)
+CVE-2016-3875
 	NOT-FOR-US: Android
-CVE-2016-3874 (CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android ...)
+CVE-2016-3874
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3873 (The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices ...)
+CVE-2016-3873
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3872 (Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in ...)
+CVE-2016-3872
 	NOT-FOR-US: libstagefright
-CVE-2016-3871 (Multiple buffer overflows in codecs/mp3dec/SoftMP3.cpp in ...)
+CVE-2016-3871
 	NOT-FOR-US: libstagefright
-CVE-2016-3870 (omx/SimpleSoftOMXComponent.cpp in libstagefright in mediaserver in ...)
+CVE-2016-3870
 	NOT-FOR-US: libstagefright
-CVE-2016-3869 (The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, ...)
+CVE-2016-3869
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2016-3868 (The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and ...)
+CVE-2016-3868
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3867 (The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and ...)
+CVE-2016-3867
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3866 (The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, ...)
+CVE-2016-3866
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3865 (The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus ...)
+CVE-2016-3865
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-3864 (The Qualcomm radio interface layer in Android before 2016-09-05 on ...)
+CVE-2016-3864
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3863 (Multiple stack-based buffer overflows in the AVCC reassembly ...)
+CVE-2016-3863
 	NOT-FOR-US: libstagefright
-CVE-2016-3862 (media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, ...)
+CVE-2016-3862
 	NOT-FOR-US: libstagefright
-CVE-2016-3861 (LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before ...)
+CVE-2016-3861
 	- android-platform-system-core 1:7.0.0+r1-4  (unimportant; bug #858177)
 	NOTE: Not running as a privileged process in SDK
-CVE-2016-3860 (sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver ...)
+CVE-2016-3860
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3859 (The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, ...)
+CVE-2016-3859
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3858 (Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the ...)
+CVE-2016-3858
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3857 (The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices ...)
+CVE-2016-3857
 	{DLA-609-1}
 	- linux 4.7.2-1 (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/7de249964f5578e67b99699c5f0b405738d820a2 (v4.8-rc2)
 	NOTE: CONFIG_OABI_COMPAT disabled in 3.13.4-1, cf. #728975
-CVE-2016-3856 (netd in Android before 2016-08-05 mishandles tethering and stdio ...)
+CVE-2016-3856
 	NOT-FOR-US: Android
-CVE-2016-3855 (drivers/thermal/supply_lm_core.c in the Qualcomm components in Android ...)
+CVE-2016-3855
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3854 (drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in ...)
+CVE-2016-3854
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3853 (Google Play services in Android before 2016-08-05 on Nexus devices ...)
+CVE-2016-3853
 	NOT-FOR-US: Android
-CVE-2016-3852 (The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One ...)
+CVE-2016-3852
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3851 (The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X ...)
+CVE-2016-3851
 	NOT-FOR-US: LG bootloader for Android
-CVE-2016-3850 (Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in ...)
+CVE-2016-3850
 	NOT-FOR-US: Qualcomm bootloader for Android
-CVE-2016-3849 (The ION driver in Android before 2016-08-05 on Pixel C devices allows ...)
+CVE-2016-3849
 	NOT-FOR-US: ION driver for Android
-CVE-2016-3848 (The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 ...)
+CVE-2016-3848
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3847 (The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 ...)
+CVE-2016-3847
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3846 (The Serial Peripheral Interface driver in Android before 2016-08-05 on ...)
+CVE-2016-3846
 	NOT-FOR-US: Android
-CVE-2016-3845 (The video driver in the kernel in Android before 2016-08-05 on Nexus 5 ...)
+CVE-2016-3845
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3844 (mediaserver in Android before 2016-08-05 on Nexus 9 and Pixel C ...)
+CVE-2016-3844
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3843 (Android before 2016-08-05 does not properly restrict code execution in ...)
+CVE-2016-3843
 	NOT-FOR-US: Android
-CVE-2016-3842 (The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, ...)
+CVE-2016-3842
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3841 (The IPv6 stack in the Linux kernel before 4.3.3 mishandles options ...)
+CVE-2016-3841
 	- linux 4.3.3-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
 	NOTE: Fixed by: https://git.kernel.org/linus/45f6fad84cc305103b28d73482b344d7f5b76f39 (v4.4-rc4)
-CVE-2016-3840 (Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-3840
 	NOT-FOR-US: Android
-CVE-2016-3839 (Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-3839
 	NOT-FOR-US: Android
-CVE-2016-3838 (Android 6.x before 2016-08-01 allows attackers to cause a denial of ...)
+CVE-2016-3838
 	NOT-FOR-US: Android
-CVE-2016-3837 (service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android ...)
+CVE-2016-3837
 	NOT-FOR-US: Android
-CVE-2016-3836 (The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before ...)
+CVE-2016-3836
 	NOT-FOR-US: Android
-CVE-2016-3835 (The secure-session feature in the mm-video-v4l2 venc component in ...)
+CVE-2016-3835
 	NOT-FOR-US: Android
-CVE-2016-3834 (The camera APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-3834
 	NOT-FOR-US: Android
-CVE-2016-3833 (The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, ...)
+CVE-2016-3833
 	NOT-FOR-US: Android
-CVE-2016-3832 (The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, ...)
+CVE-2016-3832
 	NOT-FOR-US: Android
-CVE-2016-3831 (The telephony component in Android 4.x before 4.4.4, 5.0.x before ...)
+CVE-2016-3831
 	NOT-FOR-US: Android
-CVE-2016-3830 (codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android ...)
+CVE-2016-3830
 	NOT-FOR-US: libstagefright
-CVE-2016-3829 (The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 ...)
+CVE-2016-3829
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3828 (decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 ...)
+CVE-2016-3828
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3827 (codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in ...)
+CVE-2016-3827
 	NOT-FOR-US: libstagefright
-CVE-2016-3826 (services/audioflinger/Effects.cpp in mediaserver in Android 4.x before ...)
+CVE-2016-3826
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3825 (mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in ...)
+CVE-2016-3825
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3824 (omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android ...)
+CVE-2016-3824
 	NOT-FOR-US: libstagefright
-CVE-2016-3823 (The secure-session feature in the mm-video-v4l2 venc component in ...)
+CVE-2016-3823
 	NOT-FOR-US: Android
-CVE-2016-3822 (exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android ...)
+CVE-2016-3822
 	{DSA-3825-1 DLA-864-1}
 	- jhead 1:3.00-4 (bug #858213)
-CVE-2016-3821 (libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before ...)
+CVE-2016-3821
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3820 (The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 ...)
+CVE-2016-3820
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3819 (Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in ...)
+CVE-2016-3819
 	NOT-FOR-US: libstagefright
-CVE-2016-3818 (libc in Android 4.x before 4.4.4 allows remote attackers to cause a ...)
+CVE-2016-3818
 	NOT-FOR-US: Android libc
 CVE-2016-3817
 	REJECTED
-CVE-2016-3816 (The MediaTek display driver in Android before 2016-07-05 on Android ...)
+CVE-2016-3816
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3815 (The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 ...)
+CVE-2016-3815
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3814 (The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 ...)
+CVE-2016-3814
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3813 (The Qualcomm USB driver in Android before 2016-07-05 on Nexus 5, 5X, ...)
+CVE-2016-3813
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3812 (The MediaTek video codec driver in Android before 2016-07-05 on ...)
+CVE-2016-3812
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3811 (The kernel video driver in Android before 2016-07-05 on Nexus 9 ...)
+CVE-2016-3811
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3810 (The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One ...)
+CVE-2016-3810
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3809 (The networking component in Android before 2016-07-05 on Android One, ...)
+CVE-2016-3809
 	NOT-FOR-US: Android
-CVE-2016-3808 (The serial peripheral interface driver in Android before 2016-07-05 on ...)
+CVE-2016-3808
 	NOT-FOR-US: Android
-CVE-2016-3807 (The serial peripheral interface driver in Android before 2016-07-05 on ...)
+CVE-2016-3807
 	NOT-FOR-US: Android
-CVE-2016-3806 (The MediaTek display driver in Android before 2016-07-05 on Android ...)
+CVE-2016-3806
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3805 (The MediaTek power management driver in Android before 2016-07-05 on ...)
+CVE-2016-3805
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3804 (The MediaTek power management driver in Android before 2016-07-05 on ...)
+CVE-2016-3804
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3803 (The kernel filesystem implementation in Android before 2016-07-05 on ...)
+CVE-2016-3803
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-07-01.html
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2016-3802 (The kernel filesystem implementation in Android before 2016-07-05 on ...)
+CVE-2016-3802
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-07-01.html
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2016-3801 (The MediaTek GPS driver in Android before 2016-07-05 on Android One ...)
+CVE-2016-3801
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3800 (The MediaTek video driver in Android before 2016-07-05 on Android One ...)
+CVE-2016-3800
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3799 (The MediaTek video driver in Android before 2016-07-05 on Android One ...)
+CVE-2016-3799
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3798 (The MediaTek hardware sensor driver in Android before 2016-07-05 on ...)
+CVE-2016-3798
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3797 (The Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 5X ...)
+CVE-2016-3797
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3796 (The MediaTek power driver in Android before 2016-07-05 on Android One ...)
+CVE-2016-3796
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3795 (The MediaTek power driver in Android before 2016-07-05 on Android One ...)
+CVE-2016-3795
 	NOT-FOR-US: MediaTek driver for Android
 CVE-2016-3794
 	REJECTED
-CVE-2016-3793 (The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 ...)
+CVE-2016-3793
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3792 (CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in ...)
+CVE-2016-3792
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-3791
 	REJECTED
@@ -21220,158 +21220,158 @@ CVE-2016-3777
 	REJECTED
 CVE-2016-3776
 	REJECTED
-CVE-2016-3775 (The kernel filesystem implementation in Android before 2016-07-05 on ...)
+CVE-2016-3775
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-07-01.html
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2016-3774 (The MediaTek drivers in Android before 2016-07-05 on Android One ...)
+CVE-2016-3774
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3773 (The MediaTek drivers in Android before 2016-07-05 on Android One ...)
+CVE-2016-3773
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3772 (The MediaTek drivers in Android before 2016-07-05 on Android One ...)
+CVE-2016-3772
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3771 (The MediaTek drivers in Android before 2016-07-05 on Android One ...)
+CVE-2016-3771
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3770 (The MediaTek drivers in Android before 2016-07-05 on Android One ...)
+CVE-2016-3770
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3769 (The NVIDIA video driver in Android before 2016-07-05 on Nexus 9 ...)
+CVE-2016-3769
 	NOT-FOR-US: NVIDIA drivers for Android
-CVE-2016-3768 (The Qualcomm performance component in Android before 2016-07-05 on ...)
+CVE-2016-3768
 	NOT-FOR-US: Qualcomm drivers for Android
-CVE-2016-3767 (The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One ...)
+CVE-2016-3767
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3766 (MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x ...)
+CVE-2016-3766
 	NOT-FOR-US: libstagefright
-CVE-2016-3765 (decoder/impeg2d_bitstream.c in mediaserver in Android 6.x before ...)
+CVE-2016-3765
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3764 (media/libmediaplayerservice/MetadataRetrieverClient.cpp in mediaserver ...)
+CVE-2016-3764
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3763 (net/PacProxySelector.java in the Proxy Auto-Config (PAC) feature in ...)
+CVE-2016-3763
 	NOT-FOR-US: Android
-CVE-2016-3762 (The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before ...)
+CVE-2016-3762
 	NOT-FOR-US: Android SELinux policy
-CVE-2016-3761 (NfcService.java in NFC in Android 4.x before 4.4.4, 5.0.x before ...)
+CVE-2016-3761
 	NOT-FOR-US: Android
-CVE-2016-3760 (Bluetooth in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x ...)
+CVE-2016-3760
 	NOT-FOR-US: Android
-CVE-2016-3759 (The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, ...)
+CVE-2016-3759
 	NOT-FOR-US: Android
-CVE-2016-3758 (Multiple buffer overflows in libdex/OptInvocation.cpp in ...)
+CVE-2016-3758
 	- android-platform-dalvik 6.0.1+r55-1
-CVE-2016-3757 (The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, ...)
+CVE-2016-3757
 	NOT-FOR-US: toolbox
-CVE-2016-3756 (Tremolo/res012.c in mediaserver in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-3756
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3755 (decoder/ih264d_parse_pslice.c in mediaserver in Android 6.x before ...)
+CVE-2016-3755
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3754 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-3754
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3753 (mediaserver in Android 4.x before 4.4.4 allows remote attackers to ...)
+CVE-2016-3753
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3752 (internal/app/ChooserActivity.java in the ChooserTarget service in ...)
+CVE-2016-3752
 	NOT-FOR-US: Android
-CVE-2016-3751 (Unspecified vulnerability in libpng before 1.6.20, as used in Android ...)
+CVE-2016-3751
 	NOT-FOR-US: Specific CVE assignment for libpng "fork" used on Android
-CVE-2016-3750 (libs/binder/Parcel.cpp in the Parcels Framework APIs in Android 4.x ...)
+CVE-2016-3750
 	NOT-FOR-US: Android
-CVE-2016-3749 (server/LockSettingsService.java in LockSettingsService in Android 6.x ...)
+CVE-2016-3749
 	NOT-FOR-US: Android
-CVE-2016-3748 (The sockets subsystem in Android 6.x before 2016-07-01 allows ...)
+CVE-2016-3748
 	NOT-FOR-US: Android SELinux policy
-CVE-2016-3747 (Use-after-free vulnerability in the mm-video-v4l2 venc component in ...)
+CVE-2016-3747
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3746 (Use-after-free vulnerability in the mm-video-v4l2 vdec component in ...)
+CVE-2016-3746
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3745 (Multiple buffer overflows in mediaserver in Android 4.x before 4.4.4, ...)
+CVE-2016-3745
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3744 (Buffer overflow in the create_pbuf function in btif/src/btif_hh.c in ...)
+CVE-2016-3744
 	NOT-FOR-US: Android
-CVE-2016-3743 (decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-07-01 ...)
+CVE-2016-3743
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3742 (decoder/ih264d_process_intra_mb.c in mediaserver in Android 6.x before ...)
+CVE-2016-3742
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3741 (The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does ...)
+CVE-2016-3741
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3740 (Heap-based buffer overflow in the CreateFXPDFConvertor function in ...)
+CVE-2016-3740
 	NOT-FOR-US: Foxit
-CVE-2016-3739 (The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) ...)
+CVE-2016-3739
 	- curl 7.50.1-1 (unimportant)
 	NOTE: only relevant when built with mbedTLS/PolarSSL
 	NOTE: Source-wise fixed in 7.49.0
-CVE-2016-3738 (Red Hat OpenShift Enterprise 3.2 does not properly restrict access to ...)
+CVE-2016-3738
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-3737 (The server in Red Hat JBoss Operations Network (JON) before 3.3.6 ...)
+CVE-2016-3737
 	NOT-FOR-US: Red Hat / JBoss Operations Network server
 CVE-2016-3736
 	RESERVED
 CVE-2016-3735
 	RESERVED
-CVE-2016-3734 (Cross-site request forgery (CSRF) vulnerability in markposts.php in ...)
+CVE-2016-3734
 	- moodle 2.7.14+dfsg-1
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53755
-CVE-2016-3733 (The &quot;restore teacher&quot; feature in Moodle 3.0 through 3.0.3, 2.9 through ...)
+CVE-2016-3733
 	- moodle 2.7.14+dfsg-1
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51369
-CVE-2016-3732 (The capability check to access other badges in Moodle 3.0 through ...)
+CVE-2016-3732
 	- moodle <not-affected> (Does only affect 2.8 and newer)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53589
-CVE-2016-3731 (Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 ...)
+CVE-2016-3731
 	- moodle <not-affected> (Does only affect 2.8 and newer)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53696
 CVE-2016-3730
 	RESERVED
-CVE-2016-3729 (The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, ...)
+CVE-2016-3729
 	- moodle 2.7.14+dfsg-1
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53954
-CVE-2016-3728 (Eval injection vulnerability in tftp_api.rb in the TFTP module in the ...)
+CVE-2016-3728
 	- foreman <itp> (bug #663101)
-CVE-2016-3727 (The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS ...)
+CVE-2016-3727
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3726 (Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS ...)
+CVE-2016-3726
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3725 (Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated ...)
+CVE-2016-3725
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3724 (Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated ...)
+CVE-2016-3724
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3723 (Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated ...)
+CVE-2016-3723
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3722 (Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated ...)
+CVE-2016-3722
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3721 (Jenkins before 2.3 and LTS before 1.651.2 might allow remote ...)
+CVE-2016-3721
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3720 (XML external entity (XXE) vulnerability in XmlMapper in the Data ...)
+CVE-2016-3720
 	- jackson-dataformat-xml 2.7.4-1 (bug #823703)
 	NOTE: https://github.com/FasterXML/jackson-dataformat-xml/commit/f0f19a4c924d9db9a1e2830434061c8640092cc0 (2.7.4)
 CVE-2016-3719
 	REJECTED
-CVE-2016-3718 (The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x ...)
+CVE-2016-3718
 	{DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3717 (The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 ...)
+CVE-2016-3717
 	{DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3716 (The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 ...)
+CVE-2016-3716
 	{DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3715 (The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before ...)
+CVE-2016-3715
 	{DSA-3746-1 DSA-3580-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3714 (The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, ...)
+CVE-2016-3714
 	{DSA-3746-1 DSA-3580-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	NOTE: Workaround: https://bugzilla.redhat.com/show_bug.cgi?id=1332492#c3
@@ -21383,13 +21383,13 @@ CVE-2016-3714 (The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHO
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
 	NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/45998a25992d1142df201d8cf024b6c948b40748/
-CVE-2016-3713 (The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel ...)
+CVE-2016-3713
 	- linux 4.5.4-1
 	[jessie] - linux <not-affected> (Introduced in v4.2-rc1)
 	[wheezy] - linux <not-affected> (Introduced in v4.2-rc1)
 	NOTE: Introduced by: https://git.kernel.org/linus/910a6aae4e2e45855efc4a268e43eed2d8445575 (v4.2-rc1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332139
-CVE-2016-3712 (Integer overflow in the VGA module in QEMU allows local guest OS users ...)
+CVE-2016-3712
 	{DSA-3573-1 DLA-571-1 DLA-540-1 DLA-539-1}
 	- qemu 1:2.6+dfsg-1 (bug #823830)
 	- qemu-kvm <removed>
@@ -21398,9 +21398,9 @@ CVE-2016-3712 (Integer overflow in the VGA module in QEMU allows local guest OS
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-179.html
 	NOTE: mitigation: run HVM in stubdomains, PV, default video card not vulnerable, i386-only
-CVE-2016-3711 (HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin ...)
+CVE-2016-3711
 	NOT-FOR-US: OpenShift
-CVE-2016-3710 (The VGA module in QEMU improperly performs bounds checking on banked ...)
+CVE-2016-3710
 	{DSA-3573-1 DLA-571-1 DLA-540-1 DLA-539-1}
 	- qemu 1:2.6+dfsg-1 (bug #823830)
 	- qemu-kvm <removed>
@@ -21411,84 +21411,84 @@ CVE-2016-3710 (The VGA module in QEMU improperly performs bounds checking on ban
 	NOTE: mitigation: run HVM in stubdomains, PV, default video card not vulnerable, i386-only
 CVE-2016-3709
 	RESERVED
-CVE-2016-3708 (Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and ...)
+CVE-2016-3708
 	NOT-FOR-US: OpenShiftEnterprise / Red Hat
-CVE-2016-3707 (The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org ...)
+CVE-2016-3707
 	- linux 3.15~rc5-1~exp1 (unimportant)
 	NOTE: This is not really fixed in 3.15, but depends on the rt feature set patches applied
 	NOTE: more details in kernel-sec repository.
 	NOTE: https://lwn.net/Articles/448790/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1327484
-CVE-2016-3706 (Stack-based buffer overflow in the getaddrinfo function in ...)
+CVE-2016-3706
 	{DLA-494-1}
 	- glibc 2.22-8
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20010
-CVE-2016-3705 (The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions ...)
+CVE-2016-3705
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #823414)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8f30bdff69edac9075f4663ce3b56b0c52d48ce6 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=765207
-CVE-2016-3704 (Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate ...)
+CVE-2016-3704
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3703 (Red Hat OpenShift Enterprise 3.2 and 3.1 do not properly validate the ...)
+CVE-2016-3703
 	NOT-FOR-US: OpenShift
-CVE-2016-3702 (Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 ...)
+CVE-2016-3702
 	NOT-FOR-US: Red Hat CloudForms Management Engine
 CVE-2016-3701
 	RESERVED
 CVE-2016-3700
 	RESERVED
-CVE-2016-3699 (The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat ...)
+CVE-2016-3699
 	- linux <not-affected> (Fixed before we first included the securelevel patchset)
 	NOTE: https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76
 	NOTE: securelevel patchset added in 4.5.1-1
-CVE-2016-3698 (libndp before 1.6, as used in NetworkManager, does not properly ...)
+CVE-2016-3698
 	{DSA-3581-1}
 	- libndp 1.6-1 (bug #824545)
 	NOTE: https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f
 	NOTE: https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839
-CVE-2016-3697 (libcontainer/user/user.go in runC before 0.1.0, as used in Docker ...)
+CVE-2016-3697
 	- docker.io <not-affected> (Vulnerable code not present)
 	NOTE: Affected file not present, but docker.io probably needs to be rebuild with fixed runc
 	- runc 0.1.0+dfsg-1
 	NOTE: https://github.com/opencontainers/runc/commit/69af385de62ea68e2e608335cffbb0f4aa3db091 (runc, v0.1.0)
 	NOTE: https://github.com/docker/docker/commit/da38ac6c79fe902ed0687afc73d731c95c6d491a (docker)
-CVE-2016-3696 (The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users ...)
+CVE-2016-3696
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3695 (The einj_error_inject function in drivers/acpi/apei/einj.c in the ...)
+CVE-2016-3695
 	- linux 4.5.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2016-3694 (Multiple SQL injection vulnerabilities in modified eCommerce ...)
+CVE-2016-3694
 	NOT-FOR-US: eCommerce Shopsoftware
-CVE-2016-3693 (The Safemode gem before 1.2.4 for Ruby, when initialized with a ...)
+CVE-2016-3693
 	- foreman <itp> (bug #663101)
 CVE-2016-3692
 	RESERVED
-CVE-2016-3691 (Routes in Kallithea before 0.3.2 allows remote attackers to bypass the ...)
+CVE-2016-3691
 	- kallithea <itp> (bug #689573)
-CVE-2016-3690 (The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote ...)
+CVE-2016-3690
 	NOT-FOR-US: PooledInvokerServlet
-CVE-2016-3941 (Buffer overflow in the AStreamPeekStream function in input/stream.c in ...)
+CVE-2016-3941
 	- vlc 2.2.0-1
 	[wheezy] - vlc <end-of-life> (Unsupported in -lts)
 	NOTE: https://bugs.launchpad.net/bugs/1533633
 	NOTE: It is unclear when this was fixed exactly, marking the version in jessie as fixed for now
-CVE-2016-3688 (SQL injection vulnerability in dotCMS before 3.5 allows remote ...)
+CVE-2016-3688
 	NOT-FOR-US: dotCMS
-CVE-2016-3687 (Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, ...)
+CVE-2016-3687
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-3686 (The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 ...)
+CVE-2016-3686
 	NOT-FOR-US: F5 BIG-IP APM
-CVE-2016-3685 (SAP Download Manager 2.1.142 and earlier generates an encryption key ...)
+CVE-2016-3685
 	NOT-FOR-US: SAP Download Manager
-CVE-2016-3684 (SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption ...)
+CVE-2016-3684
 	NOT-FOR-US: SAP Download Manager
 CVE-2016-3683
 	RESERVED
-CVE-2016-3689 (The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in ...)
+CVE-2016-3689
 	- linux 4.5.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -21497,35 +21497,35 @@ CVE-2016-3689 (The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1320060
 CVE-2016-3682
 	REJECTED
-CVE-2016-3681 (Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before ...)
+CVE-2016-3681
 	NOT-FOR-US: Huawei
-CVE-2016-3680 (Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before ...)
+CVE-2016-3680
 	NOT-FOR-US: Huawei
-CVE-2016-3679 (Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, ...)
+CVE-2016-3679
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-3678 (Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with ...)
+CVE-2016-3678
 	NOT-FOR-US: Huawei
-CVE-2016-3677 (The Huawei Wear App application before 15.0.0.307 for Android does not ...)
+CVE-2016-3677
 	NOT-FOR-US: Huawei
-CVE-2016-3676 (Huawei E3276s USB modems with software before ...)
+CVE-2016-3676
 	NOT-FOR-US: Huawei
-CVE-2016-3675 (SQL injection vulnerability in Huawei Policy Center with software ...)
+CVE-2016-3675
 	NOT-FOR-US: Huawei
 CVE-2016-3673
 	REJECTED
-CVE-2016-3672 (The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux ...)
+CVE-2016-3672
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	NOTE: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
 	NOTE: Upstream fix: https://git.kernel.org/linus/8b8addf891de8a00e4d39fc32f93f7c5eb8feceb (v4.6-rc1)
-CVE-2016-3674 (Multiple XML external entity (XXE) vulnerabilities in the (1) ...)
+CVE-2016-3674
 	{DSA-3575-1 DLA-504-1}
 	- libxstream-java 1.4.9-1 (bug #819455)
 	NOTE: http://x-stream.github.io/changes.html#1.4.9
 CVE-2016-3671
 	RESERVED
-CVE-2016-3670 (Cross-site scripting (XSS) vulnerability in users.jsp in the Profile ...)
+CVE-2016-3670
 	NOT-FOR-US: Liferay
 CVE-2016-3669
 	RESERVED
@@ -21537,7 +21537,7 @@ CVE-2016-3666
 	RESERVED
 CVE-2016-3665
 	RESERVED
-CVE-2016-3664 (Trend Micro Mobile Security for iOS before 3.2.1188 does not verify ...)
+CVE-2016-3664
 	NOT-FOR-US: Trend Micro
 CVE-2016-3663
 	RESERVED
@@ -21547,66 +21547,66 @@ CVE-2016-3661
 	RESERVED
 CVE-2016-3660
 	RESERVED
-CVE-2016-3659 (SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows ...)
+CVE-2016-3659
 	{DLA-560-1}
 	- cacti 0.8.8h+ds1-1 (bug #820521)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u5
 	NOTE: http://bugs.cacti.net/view.php?id=2673
 	NOTE: Requires authenticated user
-CVE-2016-3658 (The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in ...)
+CVE-2016-3658
 	{DSA-3844-1 DLA-969-1}
 	- tiff 4.0.6-3 (low)
 	- tiff3 <removed> (low)
 	[wheezy] - tiff3 <not-affected> (Does not ship libtiff tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2546
 	NOTE: Duplicate of http://bugzilla.maptools.org/show_bug.cgi?id=2500
-CVE-2016-3657 (Buffer overflow in the GlobalProtect Portal in Palo Alto Networks ...)
+CVE-2016-3657
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3656 (The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, ...)
+CVE-2016-3656
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3655 (The management web interface in Palo Alto Networks PAN-OS before ...)
+CVE-2016-3655
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3654 (The device management command line interface (CLI) in Palo Alto ...)
+CVE-2016-3654
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3653 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2016-3653
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3652 (Multiple cross-site scripting (XSS) vulnerabilities in management ...)
+CVE-2016-3652
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3651 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
+CVE-2016-3651
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3650 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
+CVE-2016-3650
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3649 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
+CVE-2016-3649
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3648 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
+CVE-2016-3648
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3647 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
+CVE-2016-3647
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3646 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
+CVE-2016-3646
 	NOT-FOR-US: Symantec
-CVE-2016-3645 (Integer overflow in the TNEF unpacker in the AntiVirus Decomposer ...)
+CVE-2016-3645
 	NOT-FOR-US: Symantec
-CVE-2016-3644 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
+CVE-2016-3644
 	NOT-FOR-US: Symantec
-CVE-2016-3643 (SolarWinds Virtualization Manager 6.3.1 and earlier allow local users ...)
+CVE-2016-3643
 	NOT-FOR-US: SolarWinds Virtualization Manager
-CVE-2016-3642 (The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier ...)
+CVE-2016-3642
 	NOT-FOR-US: SolarWinds Virtualization Manager
 CVE-2016-3641
 	RESERVED
-CVE-2016-3640 (The Extended Application Services (aka XS or XS Engine) in SAP HANA DB ...)
+CVE-2016-3640
 	NOT-FOR-US: SAP HANA
-CVE-2016-3639 (SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain ...)
+CVE-2016-3639
 	NOT-FOR-US: SAP HANA
-CVE-2016-3638 (SAP SLD Registration Program (aka SLDREG) allows local users to cause ...)
+CVE-2016-3638
 	NOT-FOR-US: SAP SLD
 CVE-2016-3637
 	RESERVED
 CVE-2016-3636
 	RESERVED
-CVE-2016-3635 (SAP Netweaver 7.4 allows remote authenticated users to bypass an ...)
+CVE-2016-3635
 	NOT-FOR-US: SAP Netweaver
-CVE-2016-3634 (The tagCompare function in tif_dirinfo.c in the thumbnail tool in ...)
+CVE-2016-3634
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21617,7 +21617,7 @@ CVE-2016-3634 (The tagCompare function in tif_dirinfo.c in the thumbnail tool in
 	NOTE: Upstream will remove thumbnail from 4.0.7 release
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3633 (The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier ...)
+CVE-2016-3633
 	{DLA-693-1}
 	- tiff 4.0.6-3 (bug #842046)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21628,7 +21628,7 @@ CVE-2016-3633 (The setrow function in the thumbnail tool in LibTIFF 4.0.6 and ea
 	NOTE: Upstream will remove thumbnail from 4.0.7 release
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3632 (The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and ...)
+CVE-2016-3632
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21639,7 +21639,7 @@ CVE-2016-3632 (The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and
 	NOTE: Upstream will remove thumbnail from 4.0.7 release
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3631 (The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in ...)
+CVE-2016-3631
 	{DLA-693-1}
 	- tiff 4.0.6-3 (bug #820366)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21648,7 +21648,7 @@ CVE-2016-3631 (The (1) cpStrips and (2) cpTiles functions in the thumbnail tool
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3630 (The binary delta decoder in Mercurial before 3.7.3 allows remote ...)
+CVE-2016-3630
 	{DSA-3542-1}
 	- mercurial 3.7.3-1 (bug #819504)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
@@ -21656,11 +21656,11 @@ CVE-2016-3630 (The binary delta decoder in Mercurial before 3.7.3 allows remote
 	NOTE: https://selenic.com/repo/hg-stable/rev/b9714d958e89 (2/2)
 CVE-2016-3629
 	REJECTED
-CVE-2016-3628 (Buffer overflow in tibemsd in the server in TIBCO Enterprise Message ...)
+CVE-2016-3628
 	NOT-FOR-US: TIBCO
 CVE-2016-3626
 	RESERVED
-CVE-2016-3625 (tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows ...)
+CVE-2016-3625
 	- tiff 4.0.3-1
 	[wheezy] - tiff <not-affected> (Can't reproduce)
 	- tiff3 <removed>
@@ -21669,25 +21669,25 @@ CVE-2016-3625 (tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allow
 	NOTE: Not reproducible with jessie and above, marking the version in jessie as fixed
 	NOTE: CVE probably should/needs to be rejected, since upstream is as well unable to
 	NOTE: reproduce the issue. Might have been a problem on reporter from id=2566
-CVE-2016-3624 (The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and ...)
+CVE-2016-3624
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.6-3
 	- tiff3 <not-affected> (tiff tools not built)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2568
 	NOTE: Upstream marked this duplicate of bug 2569
-CVE-2016-3623 (The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote ...)
+CVE-2016-3623
 	{DSA-3762-1 DLA-795-1 DLA-610-1}
 	- tiff 4.0.6-3 (unimportant)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2569
 	NOTE: No security impact, just triggers a crash in a CLI tool
-CVE-2016-3622 (The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF ...)
+CVE-2016-3622
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1 (low; bug #820365)
 	- tiff3 <not-affected> (tiff tools not built)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/4
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286
-CVE-2016-3621 (The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF ...)
+CVE-2016-3621
 	{DLA-693-1}
 	- tiff 4.0.6-3 (low; bug #820364)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21696,7 +21696,7 @@ CVE-2016-3621 (The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTI
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/3
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3620 (The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF ...)
+CVE-2016-3620
 	{DLA-693-1}
 	- tiff 4.0.6-3 (low; bug #820363)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21705,7 +21705,7 @@ CVE-2016-3620 (The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTI
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/2
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3619 (The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in ...)
+CVE-2016-3619
 	{DLA-693-1}
 	- tiff 4.0.6-3 (low; bug #820362)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21718,7 +21718,7 @@ CVE-2016-3618
 	RESERVED
 CVE-2016-3617
 	RESERVED
-CVE-2016-3616 (The cjpeg utility in libjpeg allows remote attackers to cause a denial ...)
+CVE-2016-3616
 	{DLA-1638-1}
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: libjpeg-turbo: Fixed by: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
@@ -21730,42 +21730,42 @@ CVE-2016-3616 (The cjpeg utility in libjpeg allows remote attackers to cause a d
 	- libjpeg9 1:9b-2 (bug #819969)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1319661
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1318509
-CVE-2016-3627 (The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and ...)
+CVE-2016-3627
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #819006)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bdd66182ef53fe1f7209ab6535fda56366bd7ac9 (v2.9.4)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/21/3
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=762100
-CVE-2016-3615 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 ...)
+CVE-2016-3615
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3614 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and ...)
+CVE-2016-3614
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3613 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2016-3613
 	NOT-FOR-US: Oracle
-CVE-2016-3612 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2016-3612
 	- virtualbox 5.0.22-dfsg-1
 	[jessie] - virtualbox <not-affected> (Only affects 5.x)
 	[wheezy] - virtualbox <not-affected> (Only affects 5.x)
-CVE-2016-3611 (Unspecified vulnerability in the Oracle Retail Order Broker component ...)
+CVE-2016-3611
 	NOT-FOR-US: Oracle
-CVE-2016-3610 (Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded ...)
+CVE-2016-3610
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
-CVE-2016-3609 (Unspecified vulnerability in the OJVM component in Oracle Database ...)
+CVE-2016-3609
 	NOT-FOR-US: Oracle Database
-CVE-2016-3608 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2016-3608
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-3607 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2016-3607
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-3606 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE ...)
+CVE-2016-3606
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
@@ -21784,256 +21784,256 @@ CVE-2016-3600
 	REJECTED
 CVE-2016-3599
 	REJECTED
-CVE-2016-3598 (Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded ...)
+CVE-2016-3598
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
-CVE-2016-3597 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2016-3597
 	- virtualbox 5.1.4-dfsg-1
 	[jessie] - virtualbox <not-affected> (Only affects 5.x)
 	[wheezy] - virtualbox <not-affected> (Only affects 5.x)
-CVE-2016-3596 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3596
 	NOT-FOR-US: Oracle
-CVE-2016-3595 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3595
 	NOT-FOR-US: Oracle
-CVE-2016-3594 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3594
 	NOT-FOR-US: Oracle
-CVE-2016-3593 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3593
 	NOT-FOR-US: Oracle
-CVE-2016-3592 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3592
 	NOT-FOR-US: Oracle
-CVE-2016-3591 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3591
 	NOT-FOR-US: Oracle
-CVE-2016-3590 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3590
 	NOT-FOR-US: Oracle
-CVE-2016-3589 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2016-3589
 	NOT-FOR-US: Oracle
-CVE-2016-3588 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-3588
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3587 (Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded ...)
+CVE-2016-3587
 	- openjdk-8 8u102-b14-1
-CVE-2016-3586 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-3586
 	NOT-FOR-US: Oracle
-CVE-2016-3585 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-3585
 	NOT-FOR-US: Oracle
-CVE-2016-3584 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-3584
 	NOT-FOR-US: Oracle
-CVE-2016-3583 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3583
 	NOT-FOR-US: Oracle
-CVE-2016-3582 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3582
 	NOT-FOR-US: Oracle
-CVE-2016-3581 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3581
 	NOT-FOR-US: Oracle
-CVE-2016-3580 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3580
 	NOT-FOR-US: Oracle
-CVE-2016-3579 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3579
 	NOT-FOR-US: Oracle
-CVE-2016-3578 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3578
 	NOT-FOR-US: Oracle
-CVE-2016-3577 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3577
 	NOT-FOR-US: Oracle
-CVE-2016-3576 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3576
 	NOT-FOR-US: Oracle
-CVE-2016-3575 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3575
 	NOT-FOR-US: Oracle
-CVE-2016-3574 (Unspecified vulnerability in the Outside In Technology component in ...)
+CVE-2016-3574
 	NOT-FOR-US: Oracle
-CVE-2016-3573 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3573
 	NOT-FOR-US: Oracle
-CVE-2016-3572 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3572
 	NOT-FOR-US: Oracle
-CVE-2016-3571 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3571
 	NOT-FOR-US: Oracle
-CVE-2016-3570 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3570
 	NOT-FOR-US: Oracle
 	NOT-FOR-US: Oracle
-CVE-2016-3569 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3569
 	NOT-FOR-US: Oracle
-CVE-2016-3568 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3568
 	NOT-FOR-US: Oracle
-CVE-2016-3567 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3567
 	NOT-FOR-US: Oracle
-CVE-2016-3566 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+CVE-2016-3566
 	NOT-FOR-US: Oracle
-CVE-2016-3565 (Unspecified vulnerability in the Oracle Retail Order Broker component ...)
+CVE-2016-3565
 	NOT-FOR-US: Oracle
-CVE-2016-3564 (Unspecified vulnerability in the Oracle TopLink component in Oracle ...)
+CVE-2016-3564
 	NOT-FOR-US: Oracle
-CVE-2016-3563 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-3563
 	NOT-FOR-US: Oracle
-CVE-2016-3562 (Unspecified vulnerability in the RDBMS Security and SQL*Plus ...)
+CVE-2016-3562
 	NOT-FOR-US: Oracle
-CVE-2016-3561 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3561
 	NOT-FOR-US: Oracle
-CVE-2016-3560 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3560
 	NOT-FOR-US: Oracle
-CVE-2016-3559 (Unspecified vulnerability in the Oracle Email Center component in ...)
+CVE-2016-3559
 	NOT-FOR-US: Oracle
-CVE-2016-3558 (Unspecified vulnerability in the Oracle Email Center component in ...)
+CVE-2016-3558
 	NOT-FOR-US: Oracle
-CVE-2016-3557 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3557
 	NOT-FOR-US: Oracle
-CVE-2016-3556 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3556
 	NOT-FOR-US: Oracle
-CVE-2016-3555 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3555
 	NOT-FOR-US: Oracle
-CVE-2016-3554 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3554
 	NOT-FOR-US: Oracle
-CVE-2016-3553 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3553
 	NOT-FOR-US: Oracle
-CVE-2016-3552 (Unspecified vulnerability in Oracle Java SE 8u92 allows local users to ...)
+CVE-2016-3552
 	- openjdk-8 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
-CVE-2016-3551 (Unspecified vulnerability in the Oracle Web Services component in ...)
+CVE-2016-3551
 	NOT-FOR-US: Oracle
-CVE-2016-3550 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and ...)
+CVE-2016-3550
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3549 (Unspecified vulnerability in the Oracle E-Business Suite Secure ...)
+CVE-2016-3549
 	NOT-FOR-US: Oracle
-CVE-2016-3548 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2016-3548
 	NOT-FOR-US: Oracle
-CVE-2016-3547 (Unspecified vulnerability in the Oracle One-to-One Fulfillment ...)
+CVE-2016-3547
 	NOT-FOR-US: Oracle
-CVE-2016-3546 (Unspecified vulnerability in the Oracle Advanced Collections component ...)
+CVE-2016-3546
 	NOT-FOR-US: Oracle
-CVE-2016-3545 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-3545
 	NOT-FOR-US: Oracle
-CVE-2016-3544 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2016-3544
 	NOT-FOR-US: Oracle
-CVE-2016-3543 (Unspecified vulnerability in the Oracle Common Applications Calendar ...)
+CVE-2016-3543
 	NOT-FOR-US: Oracle
-CVE-2016-3542 (Unspecified vulnerability in the Oracle Knowledge Management component ...)
+CVE-2016-3542
 	NOT-FOR-US: Oracle
-CVE-2016-3541 (Unspecified vulnerability in the Oracle Common Applications Calendar ...)
+CVE-2016-3541
 	NOT-FOR-US: Oracle
-CVE-2016-3540 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-3540
 	NOT-FOR-US: Oracle
-CVE-2016-3539 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3539
 	NOT-FOR-US: Oracle
-CVE-2016-3538 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3538
 	NOT-FOR-US: Oracle
-CVE-2016-3537 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3537
 	NOT-FOR-US: Oracle
-CVE-2016-3536 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2016-3536
 	NOT-FOR-US: Oracle
-CVE-2016-3535 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-3535
 	NOT-FOR-US: Oracle
-CVE-2016-3534 (Unspecified vulnerability in the Oracle Installed Base component in ...)
+CVE-2016-3534
 	NOT-FOR-US: Oracle
-CVE-2016-3533 (Unspecified vulnerability in the Oracle Knowledge Management component ...)
+CVE-2016-3533
 	NOT-FOR-US: Oracle
-CVE-2016-3532 (Unspecified vulnerability in the Oracle Advanced Inbound Telephony ...)
+CVE-2016-3532
 	NOT-FOR-US: Oracle
-CVE-2016-3531 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3531
 	NOT-FOR-US: Oracle
-CVE-2016-3530 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3530
 	NOT-FOR-US: Oracle
-CVE-2016-3529 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3529
 	NOT-FOR-US: Oracle
-CVE-2016-3528 (Unspecified vulnerability in the Oracle Internet Expenses component in ...)
+CVE-2016-3528
 	NOT-FOR-US: Oracle
-CVE-2016-3527 (Unspecified vulnerability in the Oracle Demand Planning component in ...)
+CVE-2016-3527
 	NOT-FOR-US: Oracle
-CVE-2016-3526 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3526
 	NOT-FOR-US: Oracle
-CVE-2016-3525 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2016-3525
 	NOT-FOR-US: Oracle
-CVE-2016-3524 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+CVE-2016-3524
 	NOT-FOR-US: Oracle
-CVE-2016-3523 (Unspecified vulnerability in the Oracle Web Applications Desktop ...)
+CVE-2016-3523
 	NOT-FOR-US: Oracle
-CVE-2016-3522 (Unspecified vulnerability in the Oracle Web Applications Desktop ...)
+CVE-2016-3522
 	NOT-FOR-US: Oracle
-CVE-2016-3521 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 ...)
+CVE-2016-3521
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3520 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-3520
 	NOT-FOR-US: Oracle
-CVE-2016-3519 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3519
 	NOT-FOR-US: Oracle
-CVE-2016-3518 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-3518
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3517 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3517
 	NOT-FOR-US: Oracle
-CVE-2016-3516 (Unspecified vulnerability in the Oracle Enterprise Communications ...)
+CVE-2016-3516
 	NOT-FOR-US: Oracle
-CVE-2016-3515 (Unspecified vulnerability in the Oracle Enterprise Communications ...)
+CVE-2016-3515
 	NOT-FOR-US: Oracle
-CVE-2016-3514 (Unspecified vulnerability in the Oracle Enterprise Communications ...)
+CVE-2016-3514
 	NOT-FOR-US: Oracle
-CVE-2016-3513 (Unspecified vulnerability in the Oracle Communications Operations ...)
+CVE-2016-3513
 	NOT-FOR-US: Oracle
-CVE-2016-3512 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-3512
 	NOT-FOR-US: Oracle
-CVE-2016-3511 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows ...)
+CVE-2016-3511
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2016-3510 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-3510
 	NOT-FOR-US: Oracle
-CVE-2016-3509 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3509
 	NOT-FOR-US: Oracle
-CVE-2016-3508 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; ...)
+CVE-2016-3508
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3507 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3507
 	NOT-FOR-US: Oracle
-CVE-2016-3506 (Unspecified vulnerability in the JDBC component in Oracle Database ...)
+CVE-2016-3506
 	NOT-FOR-US: Oracle Database
-CVE-2016-3505 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-3505
 	NOT-FOR-US: Oracle
-CVE-2016-3504 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+CVE-2016-3504
 	NOT-FOR-US: Oracle
-CVE-2016-3503 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 ...)
+CVE-2016-3503
 	- openjdk-8 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
 	- openjdk-7 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
 	- openjdk-6 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
-CVE-2016-3502 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2016-3502
 	NOT-FOR-US: Oracle
-CVE-2016-3501 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and ...)
+CVE-2016-3501
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3500 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; ...)
+CVE-2016-3500
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3499 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-3499
 	NOT-FOR-US: Oracle
-CVE-2016-3498 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows ...)
+CVE-2016-3498
 	- openjfx 8u102-b14-1 (bug #832419)
-CVE-2016-3497 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-3497
 	NOT-FOR-US: Oracle
-CVE-2016-3496 (Unspecified vulnerability in the Enterprise Manager for Fusion ...)
+CVE-2016-3496
 	NOT-FOR-US: Oracle
-CVE-2016-3495 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
+CVE-2016-3495
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-3494 (Unspecified vulnerability in the Enterprise Manager Ops Center ...)
+CVE-2016-3494
 	NOT-FOR-US: Oracle
-CVE-2016-3493 (Unspecified vulnerability in the Hyperion Financial Reporting ...)
+CVE-2016-3493
 	NOT-FOR-US: Oracle
-CVE-2016-3492 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
+CVE-2016-3492
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -22042,55 +22042,55 @@ CVE-2016-3492 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-3491 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-3491
 	NOT-FOR-US: Oracle
-CVE-2016-3490 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2016-3490
 	NOT-FOR-US: Oracle
-CVE-2016-3489 (Unspecified vulnerability in the Data Pump Import component in Oracle ...)
+CVE-2016-3489
 	NOT-FOR-US: Oracle Database
-CVE-2016-3488 (Unspecified vulnerability in the DB Sharding component in Oracle ...)
+CVE-2016-3488
 	NOT-FOR-US: Oracle Database
-CVE-2016-3487 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+CVE-2016-3487
 	NOT-FOR-US: Oracle
-CVE-2016-3486 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and ...)
+CVE-2016-3486
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3485 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; ...)
+CVE-2016-3485
 	- openjdk-8 <not-affected> (Windows-specific)
 	- openjdk-7 <not-affected> (Windows-specific)
 	- openjdk-6 <not-affected> (Windows-specific)
-CVE-2016-3484 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+CVE-2016-3484
 	NOT-FOR-US: Oracle Database
-CVE-2016-3483 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-3483
 	NOT-FOR-US: Oracle
-CVE-2016-3482 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2016-3482
 	NOT-FOR-US: Oracle
-CVE-2016-3481 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-3481
 	NOT-FOR-US: Oracle
-CVE-2016-3480 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2016-3480
 	NOT-FOR-US: Oracle
-CVE-2016-3479 (Unspecified vulnerability in the Portable Clusterware component in ...)
+CVE-2016-3479
 	NOT-FOR-US: Oracle Database
-CVE-2016-3478 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-3478
 	NOT-FOR-US: Oracle
-CVE-2016-3477 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 ...)
+CVE-2016-3477
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3476 (Unspecified vulnerability in the Oracle Knowledge component in Oracle ...)
+CVE-2016-3476
 	NOT-FOR-US: Oracle
-CVE-2016-3475 (Unspecified vulnerability in the Oracle Knowledge component in Oracle ...)
+CVE-2016-3475
 	NOT-FOR-US: Oracle
-CVE-2016-3474 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
+CVE-2016-3474
 	NOT-FOR-US: Oracle
-CVE-2016-3473 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
+CVE-2016-3473
 	NOT-FOR-US: Oracle
-CVE-2016-3472 (Unspecified vulnerability in the Siebel Engineering - Installer and ...)
+CVE-2016-3472
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-3471 (Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and ...)
+CVE-2016-3471
 	- mariadb-10.0 10.0.22-1
 	[jessie] - mariadb-10.0 10.0.22-0+deb8u1
 	- mysql-5.6 5.6.28-1
@@ -22098,52 +22098,52 @@ CVE-2016-3471 (Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and
 	[jessie] - mysql-5.5 5.5.46-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.46-0+deb7u1
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3470 (Unspecified vulnerability in the Oracle Transportation Management ...)
+CVE-2016-3470
 	NOT-FOR-US: Oracle
-CVE-2016-3469 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2016-3469
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-3468 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+CVE-2016-3468
 	NOT-FOR-US: Oracle
-CVE-2016-3467 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2016-3467
 	NOT-FOR-US: Oracle Database
-CVE-2016-3466 (Unspecified vulnerability in the Oracle Field Service component in ...)
+CVE-2016-3466
 	NOT-FOR-US: Oracle
-CVE-2016-3465 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
+CVE-2016-3465
 	NOT-FOR-US: Solaris
-CVE-2016-3464 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2016-3464
 	NOT-FOR-US: Oracle
-CVE-2016-3463 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2016-3463
 	NOT-FOR-US: Oracle
-CVE-2016-3462 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-3462
 	NOT-FOR-US: Solaris
-CVE-2016-3461 (Unspecified vulnerability in the MySQL Enterprise Monitor component in ...)
+CVE-2016-3461
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2016-3460 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2016-3460
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3459 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and ...)
+CVE-2016-3459
 	- mariadb-10.0 10.0.25-1
 	[jessie] - mariadb-10.0 10.0.25-0+deb8u1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3458 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; ...)
+CVE-2016-3458
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3457 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ...)
+CVE-2016-3457
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3456 (Unspecified vulnerability in the Oracle Complex Maintenance, Repair, ...)
+CVE-2016-3456
 	NOT-FOR-US: Oracle
-CVE-2016-3455 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-3455
 	NOT-FOR-US: Oracle
-CVE-2016-3454 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2016-3454
 	NOT-FOR-US: Oracle
-CVE-2016-3453 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2016-3453
 	NOT-FOR-US: Oracle
-CVE-2016-3452 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 ...)
+CVE-2016-3452
 	- mariadb-10.0 10.0.25-1
 	[jessie] - mariadb-10.0 10.0.25-0+deb8u1
 	- mysql-5.6 5.6.30-1
@@ -22151,131 +22151,131 @@ CVE-2016-3452 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6
 	[jessie] - mysql-5.5 5.5.49-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.49-0+deb7u1
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3451 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems ...)
+CVE-2016-3451
 	NOT-FOR-US: Oracle
-CVE-2016-3450 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+CVE-2016-3450
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-3449 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 ...)
+CVE-2016-3449
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2016-3448 (Unspecified vulnerability in the Application Express component in ...)
+CVE-2016-3448
 	NOT-FOR-US: Oracle Database
-CVE-2016-3447 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2016-3447
 	NOT-FOR-US: Oracle
-CVE-2016-3446 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2016-3446
 	NOT-FOR-US: Oracle
-CVE-2016-3445 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-3445
 	NOT-FOR-US: Oracle
-CVE-2016-3444 (Unspecified vulnerability in the Oracle Retail Integration Bus ...)
+CVE-2016-3444
 	NOT-FOR-US: Oracle
-CVE-2016-3443 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 ...)
+CVE-2016-3443
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2016-3442 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-3442
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3441 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
+CVE-2016-3441
 	NOT-FOR-US: Solaris
-CVE-2016-3440 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows ...)
+CVE-2016-3440
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3439 (Unspecified vulnerability in the Oracle CRM Wireless component in ...)
+CVE-2016-3439
 	NOT-FOR-US: Oracle
-CVE-2016-3438 (Unspecified vulnerability in the Oracle Configurator component in ...)
+CVE-2016-3438
 	NOT-FOR-US: Oracle
-CVE-2016-3437 (Unspecified vulnerability in the Oracle CRM Wireless component in ...)
+CVE-2016-3437
 	NOT-FOR-US: Oracle
-CVE-2016-3436 (Unspecified vulnerability in the Oracle Common Applications Calendar ...)
+CVE-2016-3436
 	NOT-FOR-US: Oracle
-CVE-2016-3435 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-3435
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3434 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-3434
 	NOT-FOR-US: Oracle
-CVE-2016-3433 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2016-3433
 	NOT-FOR-US: Oracle
-CVE-2016-3432 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
+CVE-2016-3432
 	NOT-FOR-US: Oracle
-CVE-2016-3431 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3431
 	NOT-FOR-US: Oracle
 CVE-2016-3430
 	RESERVED
-CVE-2016-3429 (Unspecified vulnerability in the Oracle Retail Xstore Point of Service ...)
+CVE-2016-3429
 	NOT-FOR-US: Oracle Retail
-CVE-2016-3428 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+CVE-2016-3428
 	NOT-FOR-US: Oracle
-CVE-2016-3427 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; ...)
+CVE-2016-3427
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-3426 (Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded ...)
+CVE-2016-3426
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-3425 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; ...)
+CVE-2016-3425
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-3424 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows ...)
+CVE-2016-3424
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3423 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-3423
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3422 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 ...)
+CVE-2016-3422
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2016-3421 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-3421
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3420 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+CVE-2016-3420
 	NOT-FOR-US: Oracle
-CVE-2016-3419 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
+CVE-2016-3419
 	NOT-FOR-US: Solaris
-CVE-2016-3418 (Unspecified vulnerability in the DataStore component in Oracle ...)
+CVE-2016-3418
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-3417 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-3417
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3416 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-3416
 	NOT-FOR-US: Oracle
-CVE-2016-3415 (Zimbra Collaboration before 8.7.0 allows remote attackers to conduct ...)
+CVE-2016-3415
 	NOT-FOR-US: Zimbra
-CVE-2016-3414 (Unspecified vulnerability in Zimbra Collaboration before 8.6.0 Patch 7 ...)
+CVE-2016-3414
 	NOT-FOR-US: Zimbra
-CVE-2016-3413 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows ...)
+CVE-2016-3413
 	NOT-FOR-US: Zimbra
-CVE-2016-3412 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+CVE-2016-3412
 	NOT-FOR-US: Zimbra
-CVE-2016-3411 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration ...)
+CVE-2016-3411
 	NOT-FOR-US: Zimbra
-CVE-2016-3410 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+CVE-2016-3410
 	NOT-FOR-US: Zimbra
-CVE-2016-3409 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration ...)
+CVE-2016-3409
 	NOT-FOR-US: Zimbra
-CVE-2016-3408 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration ...)
+CVE-2016-3408
 	NOT-FOR-US: Zimbra
-CVE-2016-3407 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+CVE-2016-3407
 	NOT-FOR-US: Zimbra
-CVE-2016-3406 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zimbra ...)
+CVE-2016-3406
 	NOT-FOR-US: Zimbra
-CVE-2016-3405 (Multiple unspecified vulnerabilities in Zimbra Collaboration before ...)
+CVE-2016-3405
 	NOT-FOR-US: Zimbra
-CVE-2016-3404 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows ...)
+CVE-2016-3404
 	NOT-FOR-US: Zimbra
-CVE-2016-3403 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2016-3403
 	NOT-FOR-US: Zimbra
-CVE-2016-3402 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows ...)
+CVE-2016-3402
 	NOT-FOR-US: Zimbra
-CVE-2016-3401 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows ...)
+CVE-2016-3401
 	NOT-FOR-US: Zimbra
-CVE-2016-3400 (NetApp Data ONTAP 8.1 and 8.2, when operating in 7-Mode, allows ...)
+CVE-2016-3400
 	NOT-FOR-US: NetApp Data ONTAP
 CVE-2016-3399
 	RESERVED
@@ -22283,428 +22283,428 @@ CVE-2016-3398
 	RESERVED
 CVE-2016-3397
 	REJECTED
-CVE-2016-3396 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
+CVE-2016-3396
 	NOT-FOR-US: Microsoft
 CVE-2016-3395
 	REJECTED
 CVE-2016-3394
 	REJECTED
-CVE-2016-3393 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
+CVE-2016-3393
 	NOT-FOR-US: Microsoft
-CVE-2016-3392 (The Edge Content Security Policy feature in Microsoft Edge does not ...)
+CVE-2016-3392
 	NOT-FOR-US: Microsoft
-CVE-2016-3391 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow ...)
+CVE-2016-3391
 	NOT-FOR-US: Microsoft
-CVE-2016-3390 (The scripting engines in Microsoft Internet Explorer 11 and Microsoft ...)
+CVE-2016-3390
 	NOT-FOR-US: Microsoft
-CVE-2016-3389 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3389
 	NOT-FOR-US: Microsoft
-CVE-2016-3388 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not ...)
+CVE-2016-3388
 	NOT-FOR-US: Microsoft
-CVE-2016-3387 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not ...)
+CVE-2016-3387
 	NOT-FOR-US: Microsoft
-CVE-2016-3386 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3386
 	NOT-FOR-US: Microsoft
-CVE-2016-3385 (The scripting engine in Microsoft Internet Explorer 9 through 11 ...)
+CVE-2016-3385
 	NOT-FOR-US: Microsoft
-CVE-2016-3384 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-3384
 	NOT-FOR-US: Microsoft
-CVE-2016-3383 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2016-3383
 	NOT-FOR-US: Microsoft
-CVE-2016-3382 (The scripting engines in Microsoft Internet Explorer 9 through 11 and ...)
+CVE-2016-3382
 	NOT-FOR-US: Microsoft
-CVE-2016-3381 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-3381
 	NOT-FOR-US: Microsoft
 CVE-2016-3380
 	REJECTED
-CVE-2016-3379 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server ...)
+CVE-2016-3379
 	NOT-FOR-US: Microsoft
-CVE-2016-3378 (Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, ...)
+CVE-2016-3378
 	NOT-FOR-US: Microsoft
-CVE-2016-3377 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3377
 	NOT-FOR-US: Microsoft
-CVE-2016-3376 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3376
 	NOT-FOR-US: Microsoft
-CVE-2016-3375 (The OLE Automation mechanism and VBScript scripting engine in ...)
+CVE-2016-3375
 	NOT-FOR-US: Microsoft
-CVE-2016-3374 (The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 ...)
+CVE-2016-3374
 	NOT-FOR-US: Microsoft
-CVE-2016-3373 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2016-3373
 	NOT-FOR-US: Microsoft
-CVE-2016-3372 (The kernel API in Microsoft Windows Vista SP2 and Windows Server 2008 ...)
+CVE-2016-3372
 	NOT-FOR-US: Microsoft
-CVE-2016-3371 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2016-3371
 	NOT-FOR-US: Microsoft
-CVE-2016-3370 (The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 ...)
+CVE-2016-3370
 	NOT-FOR-US: Microsoft
-CVE-2016-3369 (Microsoft Windows 10 Gold and 1511 allows attackers to cause a denial ...)
+CVE-2016-3369
 	NOT-FOR-US: Microsoft
-CVE-2016-3368 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-3368
 	NOT-FOR-US: Microsoft
-CVE-2016-3367 (StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not ...)
+CVE-2016-3367
 	NOT-FOR-US: Microsoft
-CVE-2016-3366 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, ...)
+CVE-2016-3366
 	NOT-FOR-US: Microsoft
-CVE-2016-3365 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-3365
 	NOT-FOR-US: Microsoft
-CVE-2016-3364 (Microsoft Visio 2016 allows remote attackers to execute arbitrary code ...)
+CVE-2016-3364
 	NOT-FOR-US: Microsoft
-CVE-2016-3363 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-3363
 	NOT-FOR-US: Microsoft
-CVE-2016-3362 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-3362
 	NOT-FOR-US: Microsoft
-CVE-2016-3361 (Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary ...)
+CVE-2016-3361
 	NOT-FOR-US: Microsoft
-CVE-2016-3360 (Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 ...)
+CVE-2016-3360
 	NOT-FOR-US: Microsoft
-CVE-2016-3359 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack ...)
+CVE-2016-3359
 	NOT-FOR-US: Microsoft
-CVE-2016-3358 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-3358
 	NOT-FOR-US: Microsoft
-CVE-2016-3357 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+CVE-2016-3357
 	NOT-FOR-US: Microsoft
-CVE-2016-3356 (The Graphics Device Interface (GDI) in Microsoft Windows 10 1607 ...)
+CVE-2016-3356
 	NOT-FOR-US: Microsoft
-CVE-2016-3355 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, ...)
+CVE-2016-3355
 	NOT-FOR-US: Microsoft
-CVE-2016-3354 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, ...)
+CVE-2016-3354
 	NOT-FOR-US: Microsoft
-CVE-2016-3353 (Microsoft Internet Explorer 9 through 11 mishandles .url files from ...)
+CVE-2016-3353
 	NOT-FOR-US: Microsoft
-CVE-2016-3352 (Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and ...)
+CVE-2016-3352
 	NOT-FOR-US: Microsoft
-CVE-2016-3351 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-3351
 	NOT-FOR-US: Microsoft
-CVE-2016-3350 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3350
 	NOT-FOR-US: Microsoft
-CVE-2016-3349 (The kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 ...)
+CVE-2016-3349
 	NOT-FOR-US: Microsoft
-CVE-2016-3348 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3348
 	NOT-FOR-US: Microsoft
 CVE-2016-3347
 	REJECTED
-CVE-2016-3346 (Microsoft Windows 10 Gold, 1511, and 1607 does not properly enforce ...)
+CVE-2016-3346
 	NOT-FOR-US: Microsoft
-CVE-2016-3345 (The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2016-3345
 	NOT-FOR-US: Microsoft
-CVE-2016-3344 (The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 ...)
+CVE-2016-3344
 	NOT-FOR-US: Microsoft
-CVE-2016-3343 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3343
 	NOT-FOR-US: Microsoft
-CVE-2016-3342 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3342
 	NOT-FOR-US: Microsoft
-CVE-2016-3341 (The kernel-mode drivers in Transaction Manager in Microsoft Windows ...)
+CVE-2016-3341
 	NOT-FOR-US: Microsoft
-CVE-2016-3340 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3340
 	NOT-FOR-US: Microsoft
 CVE-2016-3339
 	REJECTED
-CVE-2016-3338 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3338
 	NOT-FOR-US: Microsoft
 CVE-2016-3337
 	REJECTED
 CVE-2016-3336
 	REJECTED
-CVE-2016-3335 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3335
 	NOT-FOR-US: Microsoft
-CVE-2016-3334 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3334
 	NOT-FOR-US: Microsoft
-CVE-2016-3333 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3333
 	NOT-FOR-US: Microsoft
-CVE-2016-3332 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-3332
 	NOT-FOR-US: Microsoft
-CVE-2016-3331 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-3331
 	NOT-FOR-US: Microsoft
-CVE-2016-3330 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-3330
 	NOT-FOR-US: Microsoft
-CVE-2016-3329 (Microsoft Internet Explorer 9 through 11 and Edge allow remote ...)
+CVE-2016-3329
 	NOT-FOR-US: Microsoft
 CVE-2016-3328
 	REJECTED
-CVE-2016-3327 (Microsoft Internet Explorer 9 through 11 and Edge allow remote ...)
+CVE-2016-3327
 	NOT-FOR-US: Microsoft
-CVE-2016-3326 (Microsoft Internet Explorer 9 through 11 and Edge allow remote ...)
+CVE-2016-3326
 	NOT-FOR-US: Microsoft
-CVE-2016-3325 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-3325
 	NOT-FOR-US: Microsoft
-CVE-2016-3324 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-3324
 	NOT-FOR-US: Microsoft
 CVE-2016-3323
 	REJECTED
-CVE-2016-3322 (Microsoft Internet Explorer 11 and Edge allow remote attackers to ...)
+CVE-2016-3322
 	NOT-FOR-US: Microsoft
-CVE-2016-3321 (Microsoft Internet Explorer 10 and 11 load different files for ...)
+CVE-2016-3321
 	NOT-FOR-US: Microsoft
-CVE-2016-3320 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT ...)
+CVE-2016-3320
 	NOT-FOR-US: Microsoft
-CVE-2016-3319 (The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
+CVE-2016-3319
 	NOT-FOR-US: Microsoft
-CVE-2016-3318 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow ...)
+CVE-2016-3318
 	NOT-FOR-US: Microsoft
-CVE-2016-3317 (Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word for Mac ...)
+CVE-2016-3317
 	NOT-FOR-US: Microsoft
-CVE-2016-3316 (Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow ...)
+CVE-2016-3316
 	NOT-FOR-US: Microsoft
-CVE-2016-3315 (Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and ...)
+CVE-2016-3315
 	NOT-FOR-US: Microsoft
 CVE-2016-3314
 	REJECTED
-CVE-2016-3313 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, ...)
+CVE-2016-3313
 	NOT-FOR-US: Microsoft
-CVE-2016-3312 (ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows ...)
+CVE-2016-3312
 	NOT-FOR-US: Microsoft
-CVE-2016-3311 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
+CVE-2016-3311
 	NOT-FOR-US: Microsoft
-CVE-2016-3310 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
+CVE-2016-3310
 	NOT-FOR-US: Microsoft
-CVE-2016-3309 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
+CVE-2016-3309
 	NOT-FOR-US: Microsoft
-CVE-2016-3308 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
+CVE-2016-3308
 	NOT-FOR-US: Microsoft
 CVE-2016-3307
 	REJECTED
-CVE-2016-3306 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-3306
 	NOT-FOR-US: Microsoft
-CVE-2016-3305 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-3305
 	NOT-FOR-US: Microsoft
-CVE-2016-3304 (The Windows font library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-3304
 	NOT-FOR-US: Microsoft
-CVE-2016-3303 (The Windows font library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-3303
 	NOT-FOR-US: Microsoft
-CVE-2016-3302 (Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and ...)
+CVE-2016-3302
 	NOT-FOR-US: Microsoft
-CVE-2016-3301 (The Windows font library in Microsoft Windows Vista SP2; Windows ...)
+CVE-2016-3301
 	NOT-FOR-US: Microsoft
-CVE-2016-3300 (The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 ...)
+CVE-2016-3300
 	NOT-FOR-US: Microsoft
-CVE-2016-3299 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-3299
 	NOT-FOR-US: Microsoft
-CVE-2016-3298 (Microsoft Internet Explorer 9 through 11 and the Internet Messaging ...)
+CVE-2016-3298
 	NOT-FOR-US: Microsoft
-CVE-2016-3297 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-3297
 	NOT-FOR-US: Microsoft
-CVE-2016-3296 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3296
 	NOT-FOR-US: Microsoft
-CVE-2016-3295 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+CVE-2016-3295
 	NOT-FOR-US: Microsoft
-CVE-2016-3294 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-3294
 	NOT-FOR-US: Microsoft
-CVE-2016-3293 (Microsoft Internet Explorer 9 through 11 and Edge allow remote ...)
+CVE-2016-3293
 	NOT-FOR-US: Microsoft
-CVE-2016-3292 (Microsoft Internet Explorer 10 and 11 mishandles integrity settings ...)
+CVE-2016-3292
 	NOT-FOR-US: Microsoft
-CVE-2016-3291 (Microsoft Internet Explorer 11 and Microsoft Edge mishandle ...)
+CVE-2016-3291
 	NOT-FOR-US: Microsoft
-CVE-2016-3290 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2016-3290
 	NOT-FOR-US: Microsoft
-CVE-2016-3289 (Microsoft Internet Explorer 11 and Edge allow remote attackers to ...)
+CVE-2016-3289
 	NOT-FOR-US: Microsoft
-CVE-2016-3288 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2016-3288
 	NOT-FOR-US: Microsoft
-CVE-2016-3287 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT ...)
+CVE-2016-3287
 	NOT-FOR-US: Microsoft
-CVE-2016-3286 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3286
 	NOT-FOR-US: Microsoft
 CVE-2016-3285
 	REJECTED
-CVE-2016-3284 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-3284
 	NOT-FOR-US: Microsoft
-CVE-2016-3283 (Microsoft Word Viewer allows remote attackers to execute arbitrary ...)
+CVE-2016-3283
 	NOT-FOR-US: Microsoft
-CVE-2016-3282 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-3282
 	NOT-FOR-US: Microsoft
-CVE-2016-3281 (Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT ...)
+CVE-2016-3281
 	NOT-FOR-US: Microsoft
-CVE-2016-3280 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-3280
 	NOT-FOR-US: Microsoft
-CVE-2016-3279 (Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word ...)
+CVE-2016-3279
 	NOT-FOR-US: Microsoft
-CVE-2016-3278 (Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows ...)
+CVE-2016-3278
 	NOT-FOR-US: Microsoft
-CVE-2016-3277 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+CVE-2016-3277
 	NOT-FOR-US: Microsoft
-CVE-2016-3276 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-3276
 	NOT-FOR-US: Microsoft
 CVE-2016-3275
 	REJECTED
-CVE-2016-3274 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-3274
 	NOT-FOR-US: Microsoft
-CVE-2016-3273 (The XSS Filter in Microsoft Internet Explorer 9 through 11 and ...)
+CVE-2016-3273
 	NOT-FOR-US: Microsoft
-CVE-2016-3272 (The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2016-3272
 	NOT-FOR-US: Microsoft
-CVE-2016-3271 (The VBScript engine in Microsoft Edge allows remote attackers to ...)
+CVE-2016-3271
 	NOT-FOR-US: Microsoft
-CVE-2016-3270 (The Graphics component in the kernel in Microsoft Windows Vista SP2; ...)
+CVE-2016-3270
 	NOT-FOR-US: Microsoft
-CVE-2016-3269 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3269
 	NOT-FOR-US: Microsoft
 CVE-2016-3268
 	REJECTED
-CVE-2016-3267 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-3267
 	NOT-FOR-US: Microsoft
-CVE-2016-3266 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3266
 	NOT-FOR-US: Microsoft
-CVE-2016-3265 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3265
 	NOT-FOR-US: Microsoft
-CVE-2016-3264 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-3264
 	NOT-FOR-US: Microsoft
-CVE-2016-3263 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
+CVE-2016-3263
 	NOT-FOR-US: Microsoft
-CVE-2016-3262 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
+CVE-2016-3262
 	NOT-FOR-US: Microsoft
-CVE-2016-3261 (Microsoft Internet Explorer 11 allows remote attackers to obtain ...)
+CVE-2016-3261
 	NOT-FOR-US: Microsoft
-CVE-2016-3260 (The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript ...)
+CVE-2016-3260
 	NOT-FOR-US: Microsoft
-CVE-2016-3259 (The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript ...)
+CVE-2016-3259
 	NOT-FOR-US: Microsoft
-CVE-2016-3258 (Race condition in the kernel in Microsoft Windows 8.1, Windows Server ...)
+CVE-2016-3258
 	NOT-FOR-US: Microsoft
 CVE-2016-3257
 	REJECTED
-CVE-2016-3256 (Microsoft Windows 10 Gold and 1511 allows local users to bypass the ...)
+CVE-2016-3256
 	NOT-FOR-US: Microsoft
-CVE-2016-3255 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 ...)
+CVE-2016-3255
 	NOT-FOR-US: Microsoft
-CVE-2016-3254 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3254
 	NOT-FOR-US: Microsoft
 CVE-2016-3253
 	REJECTED
-CVE-2016-3252 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3252
 	NOT-FOR-US: Microsoft
-CVE-2016-3251 (The GDI component in the kernel-mode drivers in Microsoft Windows ...)
+CVE-2016-3251
 	NOT-FOR-US: Microsoft
-CVE-2016-3250 (The kernel-mode drivers in Microsoft Windows Server 2012 and Windows ...)
+CVE-2016-3250
 	NOT-FOR-US: Microsoft
-CVE-2016-3249 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3249
 	NOT-FOR-US: Microsoft
-CVE-2016-3248 (The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript ...)
+CVE-2016-3248
 	NOT-FOR-US: Microsoft
-CVE-2016-3247 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-3247
 	NOT-FOR-US: Microsoft
-CVE-2016-3246 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-3246
 	NOT-FOR-US: Microsoft
-CVE-2016-3245 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-3245
 	NOT-FOR-US: Microsoft
-CVE-2016-3244 (Microsoft Edge allows remote attackers to bypass the ASLR protection ...)
+CVE-2016-3244
 	NOT-FOR-US: Microsoft
-CVE-2016-3243 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2016-3243
 	NOT-FOR-US: Microsoft
-CVE-2016-3242 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-3242
 	NOT-FOR-US: Microsoft
-CVE-2016-3241 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-3241
 	NOT-FOR-US: Microsoft
-CVE-2016-3240 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-3240
 	NOT-FOR-US: Microsoft
-CVE-2016-3239 (The Print Spooler service in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-3239
 	NOT-FOR-US: Microsoft
-CVE-2016-3238 (The Print Spooler service in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-3238
 	NOT-FOR-US: Microsoft
-CVE-2016-3237 (Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2016-3237
 	NOT-FOR-US: Microsoft
-CVE-2016-3236 (The Web Proxy Auto Discovery (WPAD) protocol implementation in ...)
+CVE-2016-3236
 	NOT-FOR-US: Microsoft
-CVE-2016-3235 (Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, ...)
+CVE-2016-3235
 	NOT-FOR-US: Microsoft
-CVE-2016-3234 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ...)
+CVE-2016-3234
 	NOT-FOR-US: Microsoft
-CVE-2016-3233 (Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility ...)
+CVE-2016-3233
 	NOT-FOR-US: Microsoft
-CVE-2016-3232 (The Virtual PCI (VPCI) virtual service provider in Microsoft Windows ...)
+CVE-2016-3232
 	NOT-FOR-US: Microsoft
-CVE-2016-3231 (The Standard Collector service in Windows Diagnostics Hub mishandles ...)
+CVE-2016-3231
 	NOT-FOR-US: Microsoft
-CVE-2016-3230 (The Search component in Microsoft Windows 7, Windows Server 2008 R2 ...)
+CVE-2016-3230
 	NOT-FOR-US: Microsoft
 CVE-2016-3229
 	REJECTED
-CVE-2016-3228 (Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 ...)
+CVE-2016-3228
 	NOT-FOR-US: Microsoft
-CVE-2016-3227 (Use-after-free vulnerability in the DNS Server component in Microsoft ...)
+CVE-2016-3227
 	NOT-FOR-US: Microsoft
-CVE-2016-3226 (Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server ...)
+CVE-2016-3226
 	NOT-FOR-US: Microsoft
-CVE-2016-3225 (The SMB server component in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-3225
 	NOT-FOR-US: Microsoft
 CVE-2016-3224
 	REJECTED
-CVE-2016-3223 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-3223
 	NOT-FOR-US: Microsoft
-CVE-2016-3222 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-3222
 	NOT-FOR-US: Microsoft
-CVE-2016-3221 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3221
 	NOT-FOR-US: Microsoft
-CVE-2016-3220 (atmfd.dll in the Adobe Type Manager Font Driver in Microsoft Windows ...)
+CVE-2016-3220
 	NOT-FOR-US: Microsoft
-CVE-2016-3219 (The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows ...)
+CVE-2016-3219
 	NOT-FOR-US: Microsoft
-CVE-2016-3218 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-3218
 	NOT-FOR-US: Microsoft
 CVE-2016-3217
 	REJECTED
-CVE-2016-3216 (GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, ...)
+CVE-2016-3216
 	NOT-FOR-US: Microsoft
-CVE-2016-3215 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 ...)
+CVE-2016-3215
 	NOT-FOR-US: Microsoft
-CVE-2016-3214 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3214
 	NOT-FOR-US: Microsoft
-CVE-2016-3213 (The Web Proxy Auto Discovery (WPAD) protocol implementation in ...)
+CVE-2016-3213
 	NOT-FOR-US: Microsoft
-CVE-2016-3212 (The XSS Filter in Microsoft Internet Explorer 9 through 11 does not ...)
+CVE-2016-3212
 	NOT-FOR-US: Microsoft
-CVE-2016-3211 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-3211
 	NOT-FOR-US: Microsoft
-CVE-2016-3210 (The Microsoft (1) JScript and (2) VBScript engines, as used in ...)
+CVE-2016-3210
 	NOT-FOR-US: Microsoft
-CVE-2016-3209 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
+CVE-2016-3209
 	NOT-FOR-US: Microsoft
 CVE-2016-3208
 	REJECTED
-CVE-2016-3207 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
+CVE-2016-3207
 	NOT-FOR-US: Microsoft
-CVE-2016-3206 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
+CVE-2016-3206
 	NOT-FOR-US: Microsoft
-CVE-2016-3205 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
+CVE-2016-3205
 	NOT-FOR-US: Microsoft
-CVE-2016-3204 (The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 ...)
+CVE-2016-3204
 	NOT-FOR-US: Microsoft
-CVE-2016-3203 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 ...)
+CVE-2016-3203
 	NOT-FOR-US: Microsoft
-CVE-2016-3202 (The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript ...)
+CVE-2016-3202
 	NOT-FOR-US: Microsoft
-CVE-2016-3201 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 ...)
+CVE-2016-3201
 	NOT-FOR-US: Microsoft
 CVE-2016-3200
 	REJECTED
-CVE-2016-3199 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-3199
 	NOT-FOR-US: Microsoft
-CVE-2016-3198 (Microsoft Edge allows remote attackers to bypass the Content Security ...)
+CVE-2016-3198
 	NOT-FOR-US: Microsoft
-CVE-2016-3196 (Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x ...)
+CVE-2016-3196
 	NOT-FOR-US: Fortinet
-CVE-2016-3195 (Cross-site scripting (XSS) vulnerability in the Web-UI in Fortinet ...)
+CVE-2016-3195
 	NOT-FOR-US: Fortinet
-CVE-2016-3194 (Cross-site scripting (XSS) vulnerability in the address added page in ...)
+CVE-2016-3194
 	NOT-FOR-US: Fortinet
-CVE-2016-3193 (Cross-site scripting (XSS) vulnerability in the appliance ...)
+CVE-2016-3193
 	NOT-FOR-US: Fortinet
 CVE-2016-3192
 	RESERVED
-CVE-2016-3190 (The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c ...)
+CVE-2016-3190
 	- cairo 1.14.2-2
 	[jessie] - cairo 1.14.0-2.1+deb8u1
 	[wheezy] - cairo <no-dsa> (Minor issue)
 	NOTE: https://cgit.freedesktop.org/cairo/patch/src/cairo-image-compositor.c?id=5c82d91a5e15d29b1489dcb413b24ee7fdf59934
-CVE-2016-3189 (Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows ...)
+CVE-2016-3189
 	- bzip2 1.0.6-8.1 (low; bug #827744)
 	[jessie] - bzip2 <no-dsa> (Minor issue)
 	[wheezy] - bzip2 <no-dsa> (Minor issue)
-CVE-2016-3188 (The _prepopulate_request_walk function in the Prepopulate module ...)
+CVE-2016-3188
 	NOT-FOR-US: Prepopulate module for Drupal
-CVE-2016-3187 (The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote ...)
+CVE-2016-3187
 	NOT-FOR-US: Prepopulate module for Drupal
-CVE-2016-3186 (Buffer overflow in the readextension function in gif2tiff.c in LibTIFF ...)
+CVE-2016-3186
 	{DLA-693-1 DLA-610-1}
 	- tiff 4.0.6-3 (bug #819972)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -22714,7 +22714,7 @@ CVE-2016-3186 (Buffer overflow in the readextension function in gif2tiff.c in Li
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2536
 	NOTE: Proposed patch from Red Hat: https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff
 	NOTE: gif2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3185 (The make_http_soap_request function in ext/soap/php_http.c in PHP ...)
+CVE-2016-3185
 	- php7.0 7.0.4-1
 	NOTE: https://bugs.php.net/bug.php?id=71610
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=eaf4e77190d402ea014207e9a7d5da1a4f3727ba
@@ -22727,15 +22727,15 @@ CVE-2016-3185 (The make_http_soap_request function in ext/soap/php_http.c in PHP
 	NOTE: Fixed in 5.6.12, 5.5.28, 5.4.44
 CVE-2016-3184
 	RESERVED
-CVE-2016-3180 (Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during ...)
+CVE-2016-3180
 	- torbrowser-launcher 0.2.4-1
 	[jessie] - torbrowser-launcher 0.1.9-1+deb8u3
 	NOTE: https://github.com/micahflee/torbrowser-launcher/issues/229
-CVE-2016-3177 (Multiple use-after-free and double-free vulnerabilities in gifcolor.c ...)
+CVE-2016-3177
 	- giflib <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/giflib/bugs/83/
 	NOTE: Issue only in gifcolor utility, not installed into giflib-tools
-CVE-2016-3176 (Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external ...)
+CVE-2016-3176
 	- salt 2015.8.8+ds-1 (bug #819184)
 	[jessie] - salt <no-dsa> (Minor issue; external_auth not by default usable)
 	NOTE: external_auth seems not usable by default under Jessie due to the
@@ -22746,15 +22746,15 @@ CVE-2016-3176 (Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM exte
 	NOTE: Fixed in 2015.5.10/2015.8.8 upstream
 CVE-2016-3175
 	RESERVED
-CVE-2016-3174 (An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. ...)
+CVE-2016-3174
 	NOT-FOR-US: Open-Xchange
-CVE-2016-3173 (An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. ...)
+CVE-2016-3173
 	NOT-FOR-US: Open-Xchange
-CVE-2016-3161 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and ...)
+CVE-2016-3161
 	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2016-3160
 	RESERVED
-CVE-2016-3159 (The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not ...)
+CVE-2016-3159
 	{DSA-3554-1 DLA-571-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-172.html
@@ -22762,7 +22762,7 @@ CVE-2016-3159 (The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not .
 	NOTE: versions only, but which must always be combined with the code change
 	NOTE: for CVE-2016-3158.  Ie for the first hunk in xsa172.patch, which
 	NOTE: patches the function fpu_fxrstor.
-CVE-2016-3158 (The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly ...)
+CVE-2016-3158
 	{DSA-3554-1 DLA-571-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-172.html
@@ -22770,65 +22770,65 @@ CVE-2016-3158 (The xrstor function in arch/x86/xstate.c in Xen 4.x does not prop
 	NOTE: versions (but which is sufficient only on Xen 4.3.x, and insufficient
 	NOTE: on later versions).  Ie for the second hunk in xsa172.patch (the only
 	NOTE: hunk in xsa172-4.3.patch), which patches the function xrstor.
-CVE-2016-3157 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux ...)
+CVE-2016-3157
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-171.html
 	NOTE: https://git.kernel.org/linus/b7a584598aea7ca73140cb87b40319944dd3393f
-CVE-2016-3155 (Siemens APOGEE Insight uses weak permissions for the application ...)
+CVE-2016-3155
 	NOT-FOR-US: Siemens APOGEE Insight
 CVE-2016-XXXX [use-after-free in unserialisation]
 	- hhvm 3.12.1+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/fd456ffad5d164c1563dc8bd97bcc2f200ff6f69
-CVE-2016-6288 (The php_url_parse_ex function in ext/standard/url.c in PHP before ...)
+CVE-2016-6288
 	{DLA-533-1}
 	- hhvm 3.12.1+dfsg-1
 	- php5 5.6.15+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70480
 	NOTE: https://github.com/facebook/hhvm/commit/3fa7e73055855c409d48e8aa1dc416a76d3dd764
 	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=629e4da7cc8b174acdeab84969cbfc606a019b31
-CVE-2016-3152 (Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow ...)
+CVE-2016-3152
 	NOT-FOR-US: Barco ClickShare
-CVE-2016-3151 (Directory traversal vulnerability in the wallpaper parsing ...)
+CVE-2016-3151
 	NOT-FOR-US: Barco ClickShare
-CVE-2016-3150 (Cross-site scripting (XSS) vulnerability in wallpaper.php in the Base ...)
+CVE-2016-3150
 	NOT-FOR-US: Barco ClickShare
-CVE-2016-3149 (Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 ...)
+CVE-2016-3149
 	NOT-FOR-US: Barco ClickShare
 CVE-2016-3148
 	RESERVED
-CVE-2016-3147 (Buffer overflow in the collector.exe listener of the Landesk ...)
+CVE-2016-3147
 	NOT-FOR-US: Landesk Management Suite
 CVE-2016-3146
 	RESERVED
-CVE-2016-3145 (Lexmark printers with firmware ATL before ATL.021.063, CB before ...)
+CVE-2016-3145
 	NOT-FOR-US: Lexmark printers
-CVE-2016-3144 (Cross-site scripting (XSS) vulnerability in the Block Class module ...)
+CVE-2016-3144
 	NOT-FOR-US: Drupal Block Class module
 CVE-2016-3143
 	RESERVED
-CVE-2016-3156 (The IPv4 implementation in the Linux kernel before 4.5.2 mishandles ...)
+CVE-2016-3156
 	{DSA-3607-1}
 	- linux 4.5.1-1
 	[wheezy] - linux <not-affected> (Not a security issue since containers are not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/3
 CVE-2016-3133
 	RESERVED
-CVE-2016-3132 (Double free vulnerability in the SplDoublyLinkedList::offsetSet ...)
+CVE-2016-3132
 	- php7.0 7.0.6-1
 	NOTE: https://bugs.php.net/bug.php?id=71735
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5
 CVE-2016-3131
 	RESERVED
-CVE-2016-3130 (An information disclosure vulnerability in the Core and Management ...)
+CVE-2016-3130
 	NOT-FOR-US: BlackBerry
-CVE-2016-3129 (A remote shell execution vulnerability in the BlackBerry Good ...)
+CVE-2016-3129
 	NOT-FOR-US: BlackBerry
-CVE-2016-3128 (A spoofing vulnerability in the Core of BlackBerry Enterprise Server ...)
+CVE-2016-3128
 	NOT-FOR-US: BlackBerry
-CVE-2016-3127 (An information disclosure vulnerability in the logging implementation ...)
+CVE-2016-3127
 	NOT-FOR-US: BlackBerry
-CVE-2016-3126 (Cross-site scripting (XSS) vulnerability in the Management Console in ...)
+CVE-2016-3126
 	NOT-FOR-US: BlackBerry
 CVE-2016-3123
 	RESERVED
@@ -22836,44 +22836,44 @@ CVE-2016-3122
 	RESERVED
 CVE-2016-3121
 	RESERVED
-CVE-2016-3120 (The validate_as_request function in kdc_util.c in the Key Distribution ...)
+CVE-2016-3120
 	{DLA-1265-1}
 	- krb5 1.14.3+dfsg-1 (bug #832572)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	NOTE: https://github.com/krb5/krb5/commit/93b4a6306a0026cf1cc31ac4bd8a49ba5d034ba7
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8458
-CVE-2016-3119 (The process_db_args function in ...)
+CVE-2016-3119
 	{DLA-1265-1}
 	- krb5 1.14.2+dfsg-1 (bug #819468)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	NOTE: https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99
-CVE-2016-3118 (CRLF injection vulnerability in CA API Gateway (formerly Layer7 API ...)
+CVE-2016-3118
 	NOT-FOR-US: CA API Gateway
 CVE-2016-3117
 	RESERVED
-CVE-2016-3114 (Kallithea before 0.3.2 allows remote authenticated users to edit or ...)
+CVE-2016-3114
 	- kallithea <itp> (bug #689573)
-CVE-2016-3113 (Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote ...)
+CVE-2016-3113
 	NOT-FOR-US: ovirt-engine
-CVE-2016-3112 (client/consumer/cli.py in Pulp before 2.8.3 writes consumer private ...)
+CVE-2016-3112
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3111 (pulp.spec in the installation process for Pulp 2.8.3 generates the RSA ...)
+CVE-2016-3111
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3110 (mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote ...)
+CVE-2016-3110
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2016-3109 (The backend/Login/load/ script in Shopware before 5.1.5 allows remote ...)
+CVE-2016-3109
 	NOT-FOR-US: Shopware
-CVE-2016-3108 (The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows ...)
+CVE-2016-3108
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3107 (The Node certificate in Pulp before 2.8.3 contains the private key, ...)
+CVE-2016-3107
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3106 (Pulp before 2.8.3 creates a temporary directory during CA key ...)
+CVE-2016-3106
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3105 (The convert extension in Mercurial before 3.8 might allow ...)
+CVE-2016-3105
 	{DSA-3570-1 DLA-459-1}
 	- mercurial 3.8.1-1
 	NOTE: https://selenic.com/hg/rev/a56296f55a5e
-CVE-2016-3104 (mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow ...)
+CVE-2016-3104
 	- mongodb 1:3.2.11-1
 	[jessie] - mongodb <no-dsa> (Minor issue)
 	[wheezy] - mongodb <no-dsa> (Minor issue)
@@ -22885,38 +22885,38 @@ CVE-2016-3104 (mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow
 	NOTE: to 2.6, and did not complete a full upgrade
 CVE-2016-3103
 	RESERVED
-CVE-2016-3102 (The Script Security plugin before 1.18.1 in Jenkins might allow remote ...)
+CVE-2016-3102
 	- jenkins <removed>
-CVE-2016-3101 (Cross-site scripting (XSS) vulnerability in the Extra Columns plugin ...)
+CVE-2016-3101
 	- jenkins <removed>
-CVE-2016-3100 (kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for ...)
+CVE-2016-3100
 	- kinit 5.23.0-1 (bug #827476)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=358593
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=363140
 	NOTE: https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=dece8fd89979cd1a86c03bcaceef6e9221e8d8cd
 	NOTE: https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=72f3702dbe6cf15c06dc13da2c99c864e9022a58
-CVE-2016-3099 (mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux ...)
+CVE-2016-3099
 	- libapache2-mod-nss 1.0.14-1 (bug #822461)
 	[jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	[wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	NOTE: Introduced in https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.10.11)
 CVE-2016-3098
 	RESERVED
-CVE-2016-3097 (Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat ...)
+CVE-2016-3097
 	NOT-FOR-US: spacewalk-java
-CVE-2016-3096 (The create_script function in the lxc_container module in Ansible ...)
+CVE-2016-3096
 	- ansible 2.0.1.0-2 (bug #819676)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1322925
 	NOTE: https://sources.debian.org/src/ansible/2.0.1.0-1/lib/ansible/modules/extras/cloud/lxc/lxc_container.py/?hl=523#L523
-CVE-2016-3095 (server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local ...)
+CVE-2016-3095
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3094 (PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker ...)
+CVE-2016-3094
 	- qpid-java <itp> (bug #840131)
-CVE-2016-3093 (Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method ...)
+CVE-2016-3093
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-034.html
-CVE-2016-3092 (The MultipartStream class in Apache Commons Fileupload before 1.3.2, ...)
+CVE-2016-3092
 	{DSA-3614-1 DSA-3611-1 DSA-3609-1 DLA-529-1 DLA-528-1}
 	- libcommons-fileupload-java 1.3.2-1
 	- tomcat7 7.0.70-1
@@ -22925,61 +22925,61 @@ CVE-2016-3092 (The MultipartStream class in Apache Commons Fileupload before 1.3
 	NOTE: Fixed by https://svn.apache.org/r1743480
 	NOTE: Upstream advisory http://markmail.org/message/oyxfv73jb2g7rjg3
 	NOTE: https://mail-archives.us.apache.org/mod_mbox/www-announce/201606.mbox/%3C6223ece6-2b41-ef4f-22f9-d3481e492832@apache.org%3E
-CVE-2016-3091 (Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers ...)
+CVE-2016-3091
 	NOT-FOR-US: Cloud Foundry Diego
-CVE-2016-3090 (The TextParseUtil.translateVariables method in Apache Struts 2.x ...)
+CVE-2016-3090
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <end-of-life>
 	NOTE: https://struts.apache.org/docs/s2-027.html
-CVE-2016-3089 (Cross-site scripting (XSS) vulnerability in the SWF panel in Apache ...)
+CVE-2016-3089
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-3088 (The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 ...)
+CVE-2016-3088
 	- activemq 5.14.0+dfsg-1
 	[jessie] - activemq <not-affected> (file server was only enabled in 5.13.2+dfsg-2)
 	[wheezy] - activemq <not-affected> (file server was only enabled in 5.13.2+dfsg-2)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt
-CVE-2016-3087 (Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and ...)
+CVE-2016-3087
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-033.html
-CVE-2016-3086 (The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x ...)
+CVE-2016-3086
 	- hadoop <itp> (bug #793644)
-CVE-2016-3085 (Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x ...)
+CVE-2016-3085
 	NOT-FOR-US: Apache CloudStack
-CVE-2016-3084 (The UAA reset password flow in Cloud Foundry release v236 and earlier ...)
+CVE-2016-3084
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-3083 (Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP ...)
+CVE-2016-3083
 	NOT-FOR-US: Apache Hive
-CVE-2016-3082 (XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before ...)
+CVE-2016-3082
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-031.html
-CVE-2016-3081 (Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and ...)
+CVE-2016-3081
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-032.html
-CVE-2016-3080 (Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat ...)
+CVE-2016-3080
 	NOT-FOR-US: Red Hat Satellite / Spacewalk / spacewalk-monitoring
-CVE-2016-3079 (Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in ...)
+CVE-2016-3079
 	NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2016-3078 (Multiple integer overflows in php_zip.c in the zip extension in PHP ...)
+CVE-2016-3078
 	- php7.0 7.0.6-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/28/1
 	NOTE: Fixed in 7.0.6
 	NOTE: https://bugs.php.net/bug.php?id=71923
-CVE-2016-3077 (The VersionMapper.fromKernelVersionString method in oVirt Engine ...)
+CVE-2016-3077
 	NOT-FOR-US: ovirt-engine
-CVE-2016-3076 (Heap-based buffer overflow in the j2k_encode_entry function in Pillow ...)
+CVE-2016-3076
 	- pillow <unfixed> (unimportant)
 	- python-imaging <removed> (unimportant)
 	NOTE: https://github.com/python-pillow/Pillow/commit/a1f244343df389cf15cdfff80327594821097295 (3.1.2)
 	NOTE: Marked as unimportant since source vulnerable but in Debian we do
 	NOTE: not built against openjpeg by default
-CVE-2016-3075 (Stack-based buffer overflow in the nss_dns implementation of the ...)
+CVE-2016-3075
 	{DLA-494-1}
 	- glibc 2.22-6
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19879
-CVE-2016-3074 (Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or ...)
+CVE-2016-3074
 	{DSA-3602-1 DSA-3556-1}
 	- libgd2 2.1.1-4.1 (bug #822242)
 	- php5 5.6.21+dfsg-1 (unimportant)
@@ -22993,18 +22993,18 @@ CVE-2016-3074 (Integer signedness error in GD Graphics Library 2.1.1 (aka libgd
 	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/29a6487d648d1593e1e2fa615d9b3a844756ddc3
 CVE-2016-3073
 	REJECTED
-CVE-2016-3072 (Multiple SQL injection vulnerabilities in the scoped_search function ...)
+CVE-2016-3072
 	NOT-FOR-US: Katello
-CVE-2016-3071 (Libreswan 3.16 might allow remote attackers to cause a denial of ...)
+CVE-2016-3071
 	- libreswan <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://lists.libreswan.org/pipermail/swan-announce/2016/000019.html
-CVE-2016-3070 (The trace_writeback_dirty_page implementation in ...)
+CVE-2016-3070
 	{DSA-3607-1}
 	- linux 4.4.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1306851
 	NOTE: https://git.kernel.org/linus/42cb14b110a5698ccf26ce59c4441722605a3743 (v4.4-rc1)
-CVE-2016-3069 (Mercurial before 3.7.3 allows remote attackers to execute arbitrary ...)
+CVE-2016-3069
 	{DSA-3542-1}
 	- mercurial 3.7.3-1 (bug #819504)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
@@ -23013,19 +23013,19 @@ CVE-2016-3069 (Mercurial before 3.7.3 allows remote attackers to execute arbitra
 	NOTE: https://selenic.com/repo/hg-stable/rev/b732e7f2aba4 (3/5)
 	NOTE: https://selenic.com/repo/hg-stable/rev/80cac1de6aea (4/5)
 	NOTE: https://selenic.com/repo/hg-stable/rev/ae279d4a19e9 (5/5)
-CVE-2016-3068 (Mercurial before 3.7.3 allows remote attackers to execute arbitrary ...)
+CVE-2016-3068
 	{DSA-3542-1}
 	- mercurial 3.7.3-1 (bug #819504)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
 	NOTE: https://selenic.com/repo/hg-stable/rev/34d43cb85de8
-CVE-2016-3067 (Cygwin before 2.5.0 does not properly handle updating permissions when ...)
+CVE-2016-3067
 	NOT-FOR-US: Cygwin
-CVE-2016-3066 (The spice-gtk widget allows remote authenticated users to obtain ...)
+CVE-2016-3066
 	- spice-gtk <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1320263
 	NOTE: Hardly a security issue per se, but a design limitation/risky feature
 	NOTE: It's up to applications using spice-gtk to use it as appropriate
-CVE-2016-3065 (The (1) brin_page_type and (2) brin_metapage_info functions in the ...)
+CVE-2016-3065
 	- postgresql-9.5 9.5.2-1
 	- postgresql-9.4 <not-affected> (Only affects 9.5.x)
 	- postgresql-9.1 <not-affected> (Only affects 9.5.x)
@@ -23037,7 +23037,7 @@ CVE-2016-XXXX [fscanf format string security bug in flashrom layout code]
 	[wheezy] - flashrom <no-dsa> (Minor issue)
 	NOTE: https://www.flashrom.org/pipermail/flashrom/2016-March/014523.html
 	NOTE: Neutralised by hardening
-CVE-2016-3183 (The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 ...)
+CVE-2016-3183
 	- openjpeg2 2.1.1-1 (low; bug #818399)
 	[jessie] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/14
@@ -23054,46 +23054,46 @@ CVE-2016-3181 [Out-Of-Bounds Read in opj_tcd_free_tile function]
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/12
 	NOTE: https://github.com/uclouvain/openjpeg/issues/724
-CVE-2016-3140 (The digi_port_init function in drivers/usb/serial/digi_acceleport.c in ...)
+CVE-2016-3140
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/61
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283378
 	NOTE: https://marc.info/?l=linux-usb&m=145796765030590&w=2
-CVE-2016-3139 (The wacom_probe function in drivers/input/tablet/wacom_sys.c in the ...)
+CVE-2016-3139
 	- linux 4.0.2-1 (low)
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/60
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283375
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283377
-CVE-2016-3138 (The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux ...)
+CVE-2016-3138
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/54
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283366
 	NOTE: http://marc.info/?l=linux-usb&m=145803342320160&w=2
-CVE-2016-3137 (drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 ...)
+CVE-2016-3137
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/55
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283368
-CVE-2016-3136 (The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in ...)
+CVE-2016-3136
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/57
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283370
-CVE-2016-3125 (The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 ...)
+CVE-2016-3125
 	- proftpd-dfsg 1.3.5b-1 (bug #818492)
 	[jessie] - proftpd-dfsg 1.3.5-1.1+deb8u2
 	[wheezy] - proftpd-dfsg <no-dsa> (Minor issue; can be fixed in point release)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4230
 	NOTE: Fixed in 1.3.6rc2, 1.3.5b.
-CVE-2016-3064 (NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 ...)
+CVE-2016-3064
 	NOT-FOR-US: NetApp
-CVE-2016-3063 (Multiple functions in NetApp OnCommand System Manager before 8.3.2 do ...)
+CVE-2016-3063
 	NOT-FOR-US: NetApp
-CVE-2016-3062 (The mov_read_dref function in libavformat/mov.c in Libav before 11.7 ...)
+CVE-2016-3062
 	{DSA-3603-1 DLA-515-1}
 	- libav <removed>
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328
@@ -23103,287 +23103,287 @@ CVE-2016-3062 (The mov_read_dref function in libavformat/mov.c in Libav before 1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746 (n0.11)
 CVE-2016-3061
 	RESERVED
-CVE-2016-3060 (Payments Director in IBM Financial Transaction Manager (FTM) for ACH ...)
+CVE-2016-3060
 	NOT-FOR-US: IBM
-CVE-2016-3059 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+CVE-2016-3059
 	NOT-FOR-US: IBM
 CVE-2016-3058
 	RESERVED
-CVE-2016-3057 (Cross-site scripting (XSS) vulnerability in IBM Sterling B2B ...)
+CVE-2016-3057
 	NOT-FOR-US: IBM
-CVE-2016-3056 (Cross-site scripting (XSS) vulnerability in Business Space in IBM ...)
+CVE-2016-3056
 	NOT-FOR-US: IBM
-CVE-2016-3055 (IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote ...)
+CVE-2016-3055
 	NOT-FOR-US: IBM
-CVE-2016-3054 (Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace ...)
+CVE-2016-3054
 	NOT-FOR-US: IBM
-CVE-2016-3053 (IBM AIX contains an unspecified vulnerability that would allow a ...)
+CVE-2016-3053
 	NOT-FOR-US: IBM
-CVE-2016-3052 (Under non-standard configurations, IBM WebSphere MQ might send ...)
+CVE-2016-3052
 	NOT-FOR-US: IBM
-CVE-2016-3051 (IBM Security Access Manager for Web 9.0.0 could allow an authenticated ...)
+CVE-2016-3051
 	NOT-FOR-US: IBM
 CVE-2016-3050
 	RESERVED
-CVE-2016-3049 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML ...)
+CVE-2016-3049
 	NOT-FOR-US: IBM
-CVE-2016-3048 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to ...)
+CVE-2016-3048
 	NOT-FOR-US: IBM
-CVE-2016-3047 (Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through ...)
+CVE-2016-3047
 	NOT-FOR-US: IBM
-CVE-2016-3046 (IBM Security Access Manager for Web is vulnerable to SQL injection. A ...)
+CVE-2016-3046
 	NOT-FOR-US: IBM
-CVE-2016-3045 (IBM Security Access Manager for Web stores sensitive information in ...)
+CVE-2016-3045
 	NOT-FOR-US: IBM
-CVE-2016-3044 (The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 ...)
+CVE-2016-3044
 	- linux 4.4.6-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www-01.ibm.com/support/docview.wss?uid=isg3T1023969
 	NOTE: http://www.securityfocus.com/bid/92123/info
-CVE-2016-3043 (IBM Security Access Manager for Web could allow a remote attacker to ...)
+CVE-2016-3043
 	NOT-FOR-US: IBM
-CVE-2016-3042 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-3042
 	NOT-FOR-US: IBM
 CVE-2016-3041
 	RESERVED
-CVE-2016-3040 (IBM WebSphere Application Server (WAS) Liberty, as used in IBM ...)
+CVE-2016-3040
 	NOT-FOR-US: IBM
-CVE-2016-3039 (IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated ...)
+CVE-2016-3039
 	NOT-FOR-US: IBM
-CVE-2016-3038 (IBM Cognos TM1 10.1 and 10.2 is vulnerable to cross-site scripting. ...)
+CVE-2016-3038
 	NOT-FOR-US: IBM
-CVE-2016-3037 (IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's ...)
+CVE-2016-3037
 	NOT-FOR-US: IBM
-CVE-2016-3036 (IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, ...)
+CVE-2016-3036
 	NOT-FOR-US: IBM
-CVE-2016-3035 (IBM AppScan Source could reveal some sensitive information through the ...)
+CVE-2016-3035
 	NOT-FOR-US: IBM
-CVE-2016-3034 (IBM AppScan Source uses a one-way hash without salt to encrypt highly ...)
+CVE-2016-3034
 	NOT-FOR-US: IBM
-CVE-2016-3033 (IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated ...)
+CVE-2016-3033
 	NOT-FOR-US: IBM
-CVE-2016-3032 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-3032
 	NOT-FOR-US: IBM
-CVE-2016-3031 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-3031
 	NOT-FOR-US: IBM
 CVE-2016-3030
 	RESERVED
-CVE-2016-3029 (IBM Security Access Manager for Web is vulnerable to cross-site ...)
+CVE-2016-3029
 	NOT-FOR-US: IBM
-CVE-2016-3028 (IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before ...)
+CVE-2016-3028
 	NOT-FOR-US: IBM
-CVE-2016-3027 (IBM Security Access Manager for Web is vulnerable to a denial of ...)
+CVE-2016-3027
 	NOT-FOR-US: IBM
 CVE-2016-3026
 	RESERVED
-CVE-2016-3025 (IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and ...)
+CVE-2016-3025
 	NOT-FOR-US: IBM
-CVE-2016-3024 (IBM Security Access Manager for Web allows web pages to be stored ...)
+CVE-2016-3024
 	NOT-FOR-US: IBM
-CVE-2016-3023 (IBM Security Access Manager for Web could allow an unauthenticated ...)
+CVE-2016-3023
 	NOT-FOR-US: IBM
-CVE-2016-3022 (IBM Security Access Manager for Web could allow an authenticated user ...)
+CVE-2016-3022
 	NOT-FOR-US: IBM
-CVE-2016-3021 (IBM Security Access Manager for Web could allow an authenticated ...)
+CVE-2016-3021
 	NOT-FOR-US: IBM
-CVE-2016-3020 (IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could ...)
+CVE-2016-3020
 	NOT-FOR-US: IBM
-CVE-2016-3019 (IBM Security Access Manager for Web 9.0.0 uses weaker than expected ...)
+CVE-2016-3019
 	NOT-FOR-US: IBM
-CVE-2016-3018 (IBM Security Access Manager for Web is vulnerable to cross-site ...)
+CVE-2016-3018
 	NOT-FOR-US: IBM
-CVE-2016-3017 (IBM Security Access Manager for Web could allow a remote attacker to ...)
+CVE-2016-3017
 	NOT-FOR-US: IBM
-CVE-2016-3016 (IBM Security Access Manager for Web processes patches, image backups ...)
+CVE-2016-3016
 	NOT-FOR-US: IBM
-CVE-2016-3015 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-3015
 	NOT-FOR-US: IBM
-CVE-2016-3014 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2016-3014
 	NOT-FOR-US: IBM
-CVE-2016-3013 (IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ ...)
+CVE-2016-3013
 	NOT-FOR-US: IBM
-CVE-2016-3012 (IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 ...)
+CVE-2016-3012
 	NOT-FOR-US: IBM
 CVE-2016-3011
 	RESERVED
-CVE-2016-3010 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-3010
 	NOT-FOR-US: IBM
-CVE-2016-3009 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 ...)
+CVE-2016-3009
 	NOT-FOR-US: IBM
-CVE-2016-3008 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-3008
 	NOT-FOR-US: IBM
-CVE-2016-3007 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.x ...)
+CVE-2016-3007
 	NOT-FOR-US: IBM
-CVE-2016-3006 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-3006
 	NOT-FOR-US: IBM
-CVE-2016-3005 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-3005
 	NOT-FOR-US: IBM
-CVE-2016-3004 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 ...)
+CVE-2016-3004
 	NOT-FOR-US: IBM
-CVE-2016-3003 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-3003
 	NOT-FOR-US: IBM
-CVE-2016-3002 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
+CVE-2016-3002
 	NOT-FOR-US: IBM
-CVE-2016-3001 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-3001
 	NOT-FOR-US: IBM
-CVE-2016-3000 (The help service in IBM Connections 4.x through 4.5 CR5, 5.0 before ...)
+CVE-2016-3000
 	NOT-FOR-US: IBM
-CVE-2016-2999 (IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before ...)
+CVE-2016-2999
 	NOT-FOR-US: IBM
-CVE-2016-2998 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 ...)
+CVE-2016-2998
 	NOT-FOR-US: IBM
-CVE-2016-2997 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-2997
 	NOT-FOR-US: IBM
-CVE-2016-2996 (IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when ...)
+CVE-2016-2996
 	NOT-FOR-US: IBM
-CVE-2016-2995 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-2995
 	NOT-FOR-US: IBM
-CVE-2016-2994 (Cross-site scripting (XSS) vulnerability in IBM UrbanCode Deploy 6.2.x ...)
+CVE-2016-2994
 	NOT-FOR-US: IBM
 CVE-2016-2993
 	RESERVED
-CVE-2016-2992 (IBM Infosphere BigInsights is vulnerable to cross-site scripting. This ...)
+CVE-2016-2992
 	NOT-FOR-US: IBM
-CVE-2016-2991 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
+CVE-2016-2991
 	NOT-FOR-US: IBM
 CVE-2016-2990
 	RESERVED
-CVE-2016-2989 (Open redirect vulnerability in the Connections Portlets component 5.x ...)
+CVE-2016-2989
 	NOT-FOR-US: IBM
-CVE-2016-2988 (IBM Tivoli Storage Manger for Virtual Environments: Data Protection ...)
+CVE-2016-2988
 	NOT-FOR-US: IBM
-CVE-2016-2987 (An undisclosed vulnerability in CLM applications may result in some ...)
+CVE-2016-2987
 	NOT-FOR-US: IBM
-CVE-2016-2986 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2016-2986
 	NOT-FOR-US: IBM
-CVE-2016-2985 (IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and ...)
+CVE-2016-2985
 	NOT-FOR-US: IBM
-CVE-2016-2984 (IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and ...)
+CVE-2016-2984
 	NOT-FOR-US: IBM
-CVE-2016-2983 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a ...)
+CVE-2016-2983
 	NOT-FOR-US: IBM Tealeaf Customer Experience
 CVE-2016-2982
 	RESERVED
-CVE-2016-2981 (An undisclosed vulnerability in the CLM applications in IBM Jazz Team ...)
+CVE-2016-2981
 	NOT-FOR-US: IBM
-CVE-2016-2980 (The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script ...)
+CVE-2016-2980
 	NOT-FOR-US: IBM
-CVE-2016-2979 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
+CVE-2016-2979
 	NOT-FOR-US: IBM
-CVE-2016-2978 (IBM Sametime 8.5.2 and 9.0 could store potentially sensitive ...)
+CVE-2016-2978
 	NOT-FOR-US: IBM
-CVE-2016-2977 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user ...)
+CVE-2016-2977
 	NOT-FOR-US: IBM
-CVE-2016-2976 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting ...)
+CVE-2016-2976
 	NOT-FOR-US: IBM
-CVE-2016-2975 (IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-2975
 	NOT-FOR-US: IBM
-CVE-2016-2974 (IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime ...)
+CVE-2016-2974
 	NOT-FOR-US: IBM
-CVE-2016-2973 (IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site ...)
+CVE-2016-2973
 	NOT-FOR-US: IBM
-CVE-2016-2972 (IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of ...)
+CVE-2016-2972
 	NOT-FOR-US: IBM
-CVE-2016-2971 (IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive ...)
+CVE-2016-2971
 	NOT-FOR-US: IBM
-CVE-2016-2970 (IBM Sametime 8.5 and 9.0 meetings server may provide detailed ...)
+CVE-2016-2970
 	NOT-FOR-US: IBM
-CVE-2016-2969 (IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that ...)
+CVE-2016-2969
 	NOT-FOR-US: IBM
-CVE-2016-2968 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows ...)
+CVE-2016-2968
 	NOT-FOR-US: IBM
-CVE-2016-2967 (IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This ...)
+CVE-2016-2967
 	NOT-FOR-US: IBM
-CVE-2016-2966 (IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to ...)
+CVE-2016-2966
 	NOT-FOR-US: IBM
-CVE-2016-2965 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
+CVE-2016-2965
 	NOT-FOR-US: IBM
-CVE-2016-2964 (IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error ...)
+CVE-2016-2964
 	NOT-FOR-US: IBM
-CVE-2016-2963 (Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote ...)
+CVE-2016-2963
 	NOT-FOR-US: IBM
 CVE-2016-2962
 	RESERVED
-CVE-2016-2961 (The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 ...)
+CVE-2016-2961
 	NOT-FOR-US: IBM
-CVE-2016-2960 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x ...)
+CVE-2016-2960
 	NOT-FOR-US: IBM
-CVE-2016-2959 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room ...)
+CVE-2016-2959
 	NOT-FOR-US: IBM
-CVE-2016-2958 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
+CVE-2016-2958
 	NOT-FOR-US: IBM
-CVE-2016-2957 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
+CVE-2016-2957
 	NOT-FOR-US: IBM
-CVE-2016-2956 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-2956
 	NOT-FOR-US: IBM
-CVE-2016-2955 (Cross-site scripting (XSS) vulnerability in IBM Connections 5.0 before ...)
+CVE-2016-2955
 	NOT-FOR-US: IBM
-CVE-2016-2954 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM ...)
+CVE-2016-2954
 	NOT-FOR-US: IBM
-CVE-2016-2953 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
+CVE-2016-2953
 	NOT-FOR-US: IBM
-CVE-2016-2952 (IBM BigFix Remote Control before 9.1.3 does not enable the HSTS ...)
+CVE-2016-2952
 	NOT-FOR-US: IBM
-CVE-2016-2951 (IBM BigFix Remote Control before 9.1.3 does not properly set the ...)
+CVE-2016-2951
 	NOT-FOR-US: IBM
-CVE-2016-2950 (SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 ...)
+CVE-2016-2950
 	NOT-FOR-US: IBM
-CVE-2016-2949 (IBM BigFix Remote Control before 9.1.3 allows local users to obtain ...)
+CVE-2016-2949
 	NOT-FOR-US: IBM
-CVE-2016-2948 (IBM BigFix Remote Control before 9.1.3 allows local users to discover ...)
+CVE-2016-2948
 	NOT-FOR-US: IBM
-CVE-2016-2947 (IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 ...)
+CVE-2016-2947
 	NOT-FOR-US: IBM
-CVE-2016-2946 (Stack-based buffer overflow in the ax Shared Libraries in the Agent in ...)
+CVE-2016-2946
 	NOT-FOR-US: IBM
-CVE-2016-2945 (The API Discovery implementation in IBM WebSphere Application Server ...)
+CVE-2016-2945
 	NOT-FOR-US: IBM
-CVE-2016-2944 (IBM BigFix Remote Control before 9.1.3 does not properly restrict ...)
+CVE-2016-2944
 	NOT-FOR-US: IBM
-CVE-2016-2943 (IBM BigFix Remote Control before 9.1.3 allows local users to obtain ...)
+CVE-2016-2943
 	NOT-FOR-US: IBM
-CVE-2016-2942 (IBM UrbanCode Deploy could allow an authenticated attacker with ...)
+CVE-2016-2942
 	NOT-FOR-US: IBM
-CVE-2016-2941 (IBM UrbanCode Deploy creates temporary files during step execution ...)
+CVE-2016-2941
 	NOT-FOR-US: IBM
-CVE-2016-2940 (Multiple unspecified vulnerabilities in IBM BigFix Remote Control ...)
+CVE-2016-2940
 	NOT-FOR-US: IBM
-CVE-2016-2939 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2016-2939
 	NOT-FOR-US: IBM
-CVE-2016-2938 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2016-2938
 	NOT-FOR-US: IBM
-CVE-2016-2937 (IBM BigFix Remote Control before 9.1.3 allows remote attackers to ...)
+CVE-2016-2937
 	NOT-FOR-US: IBM
-CVE-2016-2936 (IBM BigFix Remote Control before 9.1.3 uses cleartext storage for ...)
+CVE-2016-2936
 	NOT-FOR-US: IBM
-CVE-2016-2935 (The broker application in IBM BigFix Remote Control before 9.1.3 ...)
+CVE-2016-2935
 	NOT-FOR-US: IBM
-CVE-2016-2934 (Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control ...)
+CVE-2016-2934
 	NOT-FOR-US: IBM
-CVE-2016-2933 (Directory traversal vulnerability in IBM BigFix Remote Control before ...)
+CVE-2016-2933
 	NOT-FOR-US: IBM
-CVE-2016-2932 (IBM BigFix Remote Control before 9.1.3 allows remote attackers to ...)
+CVE-2016-2932
 	NOT-FOR-US: IBM
-CVE-2016-2931 (IBM BigFix Remote Control before 9.1.3 allows remote attackers to ...)
+CVE-2016-2931
 	NOT-FOR-US: IBM
-CVE-2016-2930 (IBM BigFix Remote Control 9.1.3 could allow a remote attacker to ...)
+CVE-2016-2930
 	NOT-FOR-US: IBM
-CVE-2016-2929 (IBM BigFix Remote Control before 9.1.3 does not properly restrict ...)
+CVE-2016-2929
 	NOT-FOR-US: IBM
-CVE-2016-2928 (IBM BigFix Remote Control before 9.1.3 allows remote authenticated ...)
+CVE-2016-2928
 	NOT-FOR-US: IBM
-CVE-2016-2927 (IBM BigFix Remote Control before 9.1.3 does not properly restrict the ...)
+CVE-2016-2927
 	NOT-FOR-US: IBM
-CVE-2016-2926 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2016-2926
 	NOT-FOR-US: IBM
-CVE-2016-2925 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
+CVE-2016-2925
 	NOT-FOR-US: IBM
-CVE-2016-2924 (IBM Infosphere BigInsights is vulnerable to cross-site scripting, ...)
+CVE-2016-2924
 	NOT-FOR-US: IBM
-CVE-2016-2923 (IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9 Liberty ...)
+CVE-2016-2923
 	NOT-FOR-US: IBM
-CVE-2016-2922 (IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 ...)
+CVE-2016-2922
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2016-2921
 	RESERVED
@@ -23393,17 +23393,17 @@ CVE-2016-2919
 	RESERVED
 CVE-2016-2918
 	RESERVED
-CVE-2016-2917 (The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 ...)
+CVE-2016-2917
 	NOT-FOR-US: IBM
 CVE-2016-2916
 	RESERVED
 CVE-2016-2915
 	RESERVED
-CVE-2016-2914 (Unrestricted file upload vulnerability in the Document Builder in IBM ...)
+CVE-2016-2914
 	NOT-FOR-US: IBM
 CVE-2016-2913
 	RESERVED
-CVE-2016-2912 (Cross-site scripting (XSS) vulnerability in the Document Builder in ...)
+CVE-2016-2912
 	NOT-FOR-US: IBM
 CVE-2016-2911
 	RESERVED
@@ -23411,7 +23411,7 @@ CVE-2016-2910
 	RESERVED
 CVE-2016-2909
 	RESERVED
-CVE-2016-2908 (IBM Single Sign On for Bluemix could allow a remote attacker to obtain ...)
+CVE-2016-2908
 	NOT-FOR-US: IBM
 CVE-2016-2907
 	RESERVED
@@ -23425,7 +23425,7 @@ CVE-2016-2903
 	RESERVED
 CVE-2016-2902
 	RESERVED
-CVE-2016-2901 (Cross-site request forgery (CSRF) vulnerability in the ...)
+CVE-2016-2901
 	NOT-FOR-US: IBM
 CVE-2016-2900
 	RESERVED
@@ -23439,7 +23439,7 @@ CVE-2016-2896
 	RESERVED
 CVE-2016-2895
 	RESERVED
-CVE-2016-2894 (IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 ...)
+CVE-2016-2894
 	NOT-FOR-US: IBM
 CVE-2016-2893
 	RESERVED
@@ -23449,75 +23449,75 @@ CVE-2016-2891
 	RESERVED
 CVE-2016-2890
 	RESERVED
-CVE-2016-2889 (Cross-site request forgery (CSRF) vulnerability in the Report Builder ...)
+CVE-2016-2889
 	NOT-FOR-US: IBM
-CVE-2016-2888 (Cross-site scripting (XSS) vulnerability in the Report Builder and ...)
+CVE-2016-2888
 	NOT-FOR-US: IBM
-CVE-2016-2887 (IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft ...)
+CVE-2016-2887
 	NOT-FOR-US: IBM
 CVE-2016-2886
 	RESERVED
 CVE-2016-2885
 	RESERVED
-CVE-2016-2884 (Cross-site request forgery (CSRF) vulnerability in IBM Forms ...)
+CVE-2016-2884
 	NOT-FOR-US: IBM
-CVE-2016-2883 (Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application ...)
+CVE-2016-2883
 	NOT-FOR-US: IBM
-CVE-2016-2882 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
+CVE-2016-2882
 	NOT-FOR-US: IBM
-CVE-2016-2881 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and ...)
+CVE-2016-2881
 	NOT-FOR-US: IBM
-CVE-2016-2880 (IBM QRadar 7.2 stores the encryption key used to encrypt the service ...)
+CVE-2016-2880
 	NOT-FOR-US: IBM
-CVE-2016-2879 (IBM QRadar 7.2 uses outdated hashing algorithms to hash certain ...)
+CVE-2016-2879
 	NOT-FOR-US: IBM
-CVE-2016-2878 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM ...)
+CVE-2016-2878
 	NOT-FOR-US: IBM
-CVE-2016-2877 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak ...)
+CVE-2016-2877
 	NOT-FOR-US: IBM
-CVE-2016-2876 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes ...)
+CVE-2016-2876
 	NOT-FOR-US: IBM
-CVE-2016-2875 (IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote ...)
+CVE-2016-2875
 	NOT-FOR-US: IBM
-CVE-2016-2874 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 ...)
+CVE-2016-2874
 	NOT-FOR-US: IBM
-CVE-2016-2873 (SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 ...)
+CVE-2016-2873
 	NOT-FOR-US: IBM
-CVE-2016-2872 (Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x ...)
+CVE-2016-2872
 	NOT-FOR-US: IBM
-CVE-2016-2871 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses ...)
+CVE-2016-2871
 	NOT-FOR-US: IBM
-CVE-2016-2870 (Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances ...)
+CVE-2016-2870
 	NOT-FOR-US: IBM
-CVE-2016-2869 (Multiple cross-site scripting (XSS) vulnerabilities in the UI in IBM ...)
+CVE-2016-2869
 	NOT-FOR-US: IBM
-CVE-2016-2868 (IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote ...)
+CVE-2016-2868
 	NOT-FOR-US: IBM
-CVE-2016-2867 (IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 ...)
+CVE-2016-2867
 	NOT-FOR-US: IBM
-CVE-2016-2866 (An unspecified vulnerability in IBM Jazz Team Server may disclose some ...)
+CVE-2016-2866
 	NOT-FOR-US: IBM
-CVE-2016-2865 (The GIT Integration component in IBM Rational Team Concert (RTC) 5.x ...)
+CVE-2016-2865
 	NOT-FOR-US: IBM
-CVE-2016-2864 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2016-2864
 	NOT-FOR-US: IBM
-CVE-2016-2863 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
+CVE-2016-2863
 	NOT-FOR-US: IBM
-CVE-2016-2862 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
+CVE-2016-2862
 	NOT-FOR-US: IBM
-CVE-2016-2861 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before ...)
+CVE-2016-2861
 	NOT-FOR-US: IBM
-CVE-2016-2860 (The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 ...)
+CVE-2016-2860
 	{DSA-3569-1 DLA-493-1}
 	- openafs 1.6.17-1
 	NOTE: http://git.openafs.org/?p=openafs.git;a=commitdiff;h=396240cf070a806b91fea81131d034e1399af1e0
 	NOTE: http://rt.central.org/rt/Ticket/Display.html?id=132822 (currently not public)
-CVE-2016-3154 (The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP ...)
+CVE-2016-3154
 	{DSA-3518-1}
 	- spip 3.0.22-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
 	NOTE: patch https://core.spip.net/projects/spip/repository/revisions/22903
-CVE-2016-3153 (SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 ...)
+CVE-2016-3153
 	{DSA-3518-1}
 	- spip 3.0.22-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
@@ -23527,20 +23527,20 @@ CVE-2016-XXXX [Cross-site scripting (XSS) vulnerability in cgit's "txt2html" fil
 	[jessie] - cgit 0.10.2.git2.0.1-3+deb8u1
 	NOTE: https://git.zx2c4.com/cgit/commit/filters/html-converters/txt2html?id=13c2d3df0440ce04273de3149631a9bd97490c6e
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/05/8
-CVE-2016-3172 (SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier ...)
+CVE-2016-3172
 	{DLA-560-1}
 	- cacti 0.8.8g+ds1-2 (bug #818647)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u5
 	NOTE: http://bugs.cacti.net/view.php?id=2667
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/13
 	NOTE: Requires authenticated user
-CVE-2016-3116 (CRLF injection vulnerability in Dropbear SSH before 2016.72 allows ...)
+CVE-2016-3116
 	- dropbear 2016.72-1
 	[jessie] - dropbear 2014.65-1+deb8u1
 	[wheezy] - dropbear <no-dsa> (Minor issue)
 	NOTE: https://matt.ucc.asn.au/dropbear/CHANGES
 	NOTE: Fixed in 2016.72 upstream
-CVE-2016-3115 (Multiple CRLF injection vulnerabilities in session.c in sshd in ...)
+CVE-2016-3115
 	{DLA-1500-1}
 	- openssh 1:7.2p2-1
 	[wheezy] - openssh <no-dsa> (Minor issue)
@@ -23548,7 +23548,7 @@ CVE-2016-3115 (Multiple CRLF injection vulnerabilities in session.c in sshd in .
 	NOTE: Portable OpenSSH 7.2p2 contains a fix for this vulnerability.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/8
 	NOTE: Upstream fix: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&sortby=date&f=h
-CVE-2016-3134 (The netfilter subsystem in the Linux kernel through 4.5.2 does not ...)
+CVE-2016-3134
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	[wheezy] - linux <no-dsa> (Minor issue)
@@ -23558,7 +23558,7 @@ CVE-2016-3134 (The netfilter subsystem in the Linux kernel through 4.5.2 does no
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7
 	NOTE: Non-privileged user namespaces disabled by default, only vulnerable with sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-3135 (Integer overflow in the xt_alloc_table_info function in ...)
+CVE-2016-3135
 	- linux 4.4.6-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -23567,70 +23567,70 @@ CVE-2016-3135 (Integer overflow in the xt_alloc_table_info function in ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7
 CVE-2016-2859
 	REJECTED
-CVE-2016-3124 (The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote ...)
+CVE-2016-3124
 	- simplesamlphp 1.14.1-1 (unimportant; bug #817162)
 	NOTE: https://simplesamlphp.org/security/201603-01
 	NOTE: Fixed upstream in 1.14.1
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/952027dd7f794ff4b2d4f5eddf549c5b5070fa38
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/08/4
 	NOTE: Not treated as a security issue, many components in Debian reveal the release in use
-CVE-2016-2855 (The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier ...)
+CVE-2016-2855
 	NOT-FOR-US: Huawei
 CVE-2016-2852
 	RESERVED
-CVE-2016-2851 (Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms ...)
+CVE-2016-2851
 	{DSA-3512-1}
 	- libotr 4.1.1-1 (bug #817799)
 	NOTE: https://lists.cypherpunks.ca/pipermail/otr-announce/2016-March/000062.html
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/
-CVE-2016-2850 (Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) ...)
+CVE-2016-2850
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.29
-CVE-2016-2849 (Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a ...)
+CVE-2016-2849
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.13-1 (bug #822698)
 	NOTE: http://botan.randombit.net/security.html
 	NOTE: Introduced in 1.7.15, fixed in 1.10.13 and 1.11.29
 	NOTE: FIX https://github.com/randombit/botan/commit/bcf13fa153a11b3e0ad54e2af6962441cea3adf1
-CVE-2016-2848 (ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows ...)
+CVE-2016-2848
 	{DLA-672-1}
 	- bind9 1:9.9.3.dfsg.P2-1 (bug #839051)
 	NOTE: https://kb.isc.org/article/AA-01433
 	NOTE: Fixed by https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=4adf97c32fcca7d00e5756607fd045f2aab9c3d4
-CVE-2016-2846 (Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers ...)
+CVE-2016-2846
 	NOT-FOR-US: Siemens SIMATIC S7-1200 CPU devices
-CVE-2016-2845 (The Content Security Policy (CSP) implementation in Blink, as used in ...)
+CVE-2016-2845
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-2844 (WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google ...)
+CVE-2016-2844
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-2843 (Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, ...)
+CVE-2016-2843
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-3178 (The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 ...)
+CVE-2016-3178
 	{DLA-454-1}
 	- minissdpd 1.2.20130907-3.2 (bug #816759)
 	[jessie] - minissdpd 1.2.20130907-3+deb8u1
 	NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2016-02.md
 	NOTE: https://github.com/miniupnp/miniupnp/commit/b238cade9a173c6f751a34acf8ccff838a62aa47
-CVE-2016-3179 (The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 ...)
+CVE-2016-3179
 	{DLA-454-1}
 	- minissdpd 1.2.20130907-3.2 (bug #816759)
 	[jessie] - minissdpd 1.2.20130907-3+deb8u1
 	NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2016-02.md
 	NOTE: https://github.com/miniupnp/miniupnp/commit/140ee8d2204b383279f854802b27bdb41c1d5d1a
-CVE-2016-2842 (The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 ...)
+CVE-2016-2842
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: split from CVE-2016-0799
-CVE-2016-3142 (The phar_parse_zipfile function in zip.c in the PHAR extension in PHP ...)
+CVE-2016-3142
 	{DLA-818-1}
 	- php5 5.6.19+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -23640,7 +23640,7 @@ CVE-2016-3142 (The phar_parse_zipfile function in zip.c in the PHAR extension in
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/2
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=a6fdc5bb27b20d889de0cd29318b3968aabb57bd
-CVE-2016-3141 (Use-after-free vulnerability in wddx.c in the WDDX extension in PHP ...)
+CVE-2016-3141
 	{DLA-818-1}
 	- php5 5.6.19+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -23649,7 +23649,7 @@ CVE-2016-3141 (Use-after-free vulnerability in wddx.c in the WDDX extension in P
 	NOTE: Fixed in 5.5.33, 5.6.19
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/1
-CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG) ...)
+CVE-2016-2858
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #817183)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -23661,16 +23661,16 @@ CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG) .
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/04/1
 CVE-2016-8000
 	REJECTED
-CVE-2016-2840 (An issue was discovered in Open-Xchange Server 6 / OX AppSuite before ...)
+CVE-2016-2840
 	NOT-FOR-US: Open-Xchange
-CVE-2016-2857 (The net_checksum_calculate function in net/checksum.c in QEMU allows ...)
+CVE-2016-2857
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-1 (bug #817182)
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=362786f14a753d8a5256ef97d7c10ed576d6572b (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1296567
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/9
-CVE-2016-2854 (The aufs module for the Linux kernel 3.x and 4.x does not properly ...)
+CVE-2016-2854
 	- linux 3.18-1~exp1
 	[jessie] - linux <ignored> (Not exploitable in default configuration)
 	[wheezy] - linux <not-affected> (Vulnerable code is not present)
@@ -23679,7 +23679,7 @@ CVE-2016-2854 (The aufs module for the Linux kernel 3.x and 4.x does not properl
 	NOTE: This depends on a user namespace creator being able to mount aufs.
 	NOTE: jessie: Unprivileged users are not allowed to create user namespaces by default; aufs is not allowed to be mounted from a new user namespace by default.
 	NOTE: wheezy: User namespaces are non-functional.
-CVE-2016-2853 (The aufs module for the Linux kernel 3.x and 4.x does not properly ...)
+CVE-2016-2853
 	- linux 3.18-1~exp1
 	[jessie] - linux <ignored> (Not exploitable in default configuration)
 	[wheezy] - linux <not-affected> (Vulnerable code is not present)
@@ -23688,179 +23688,179 @@ CVE-2016-2853 (The aufs module for the Linux kernel 3.x and 4.x does not properl
 	NOTE: This depends on a user namespace creator being able to mount aufs.
 	NOTE: jessie: Unprivileged users are not allowed to create user namespaces by default; aufs is not allowed to be mounted from a new user namespace by default.
 	NOTE: wheezy: User namespaces are non-functional.
-CVE-2016-2839 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux ...)
+CVE-2016-2839
 	- firefox <not-affected> (Uses gstreamer-ffmpeg/libav 1.0)
 	- firefox-esr <not-affected> (Uses gstreamer-ffmpeg/libav 1.0)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-65/
 	NOTE: Related patches https://hg.mozilla.org/mozilla-central/log?rev=Bug+1275339
-CVE-2016-2838 (Heap-based buffer overflow in the nsBidi::BracketData::AddOpening ...)
+CVE-2016-2838
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-64/
-CVE-2016-2837 (Heap-based buffer overflow in the ClearKey Content Decryption Module ...)
+CVE-2016-2837
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-77/
-CVE-2016-2836 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-2836
 	{DSA-3686-1 DSA-3640-1 DLA-640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	- icedove 1:45.3.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
-CVE-2016-2835 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-2835
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- icedove <not-affected> (Doesn't apply to Thunderbird ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
-CVE-2016-2834 (Mozilla Network Security Services (NSS) before 3.23, as used in ...)
+CVE-2016-2834
 	{DSA-3688-1 DLA-527-1}
 	- nss 2:3.23-1
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-61/
-CVE-2016-2833 (Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) ...)
+CVE-2016-2833
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2832 (Mozilla Firefox before 47.0 allows remote attackers to discover the ...)
+CVE-2016-2832
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2831 (Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ...)
+CVE-2016-2831
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2830 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve ...)
+CVE-2016-2830
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-63/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1342897
-CVE-2016-2829 (Mozilla Firefox before 47.0 allows remote attackers to spoof ...)
+CVE-2016-2829
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2828 (Use-after-free vulnerability in Mozilla Firefox before 47.0 and ...)
+CVE-2016-2828
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2827 (The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox ...)
+CVE-2016-2827
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-2826 (The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR ...)
+CVE-2016-2826
 	- firefox-esr <not-affected> (Only affects Windows)
 	- firefox <not-affected> (Only affects Windows)
-CVE-2016-2825 (Mozilla Firefox before 47.0 allows remote attackers to bypass the Same ...)
+CVE-2016-2825
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2824 (The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox ...)
+CVE-2016-2824
 	- firefox-esr <not-affected> (Only affects Windows)
 	- firefox <not-affected> (Only affects Windows)
 CVE-2016-2823
 	RESERVED
-CVE-2016-2822 (Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow ...)
+CVE-2016-2822
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2821 (Use-after-free vulnerability in the mozilla::dom::Element class in ...)
+CVE-2016-2821
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2820 (The Firefox Health Reports (aka FHR or about:healthreport) feature in ...)
+CVE-2016-2820
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-48/
-CVE-2016-2819 (Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ...)
+CVE-2016-2819
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2818 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-2818
 	{DSA-3647-1 DSA-3600-1 DLA-572-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
 	- icedove 1:45.2.0-1
-CVE-2016-2817 (The WebExtension sandbox feature in ...)
+CVE-2016-2817
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-46/
-CVE-2016-2816 (Mozilla Firefox before 46.0 allows remote attackers to bypass the ...)
+CVE-2016-2816
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-45/
-CVE-2016-2815 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-2815
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2814 (Heap-based buffer overflow in the ...)
+CVE-2016-2814
 	{DSA-3559-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-44/
-CVE-2016-2813 (Mozilla Firefox before 46.0 on Android does not properly restrict ...)
+CVE-2016-2813
 	- iceweasel <not-affected> (Only Firefox on Android)
 	- firefox-esr <not-affected> (Only Firefox on Android)
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-43/
-CVE-2016-2812 (Race condition in the get implementation in the ServiceWorkerManager ...)
+CVE-2016-2812
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-42/
-CVE-2016-2811 (Use-after-free vulnerability in the ServiceWorkerInfo class in the ...)
+CVE-2016-2811
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-42/
-CVE-2016-2810 (Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to ...)
+CVE-2016-2810
 	- iceweasel <not-affected> (Only Firefox on Android)
 	- firefox-esr <not-affected> (Only Firefox on Android)
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-41/
-CVE-2016-2809 (The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 ...)
+CVE-2016-2809
 	- iceweasel <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox on Windows)
 	- firefox <not-affected> (Only Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-40/
-CVE-2016-2808 (The watch implementation in the JavaScript engine in Mozilla Firefox ...)
+CVE-2016-2808
 	{DSA-3559-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-47/
-CVE-2016-2807 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-2807
 	{DSA-3576-1 DSA-3559-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	- icedove 1:45.1.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2806 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-2806
 	{DSA-3601-1 DLA-519-1}
 	- iceweasel <not-affected> (Only Firefox 45.x)
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	- icedove 1:45.1.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2805 (Unspecified vulnerability in the browser engine in Mozilla Firefox ESR ...)
+CVE-2016-2805
 	{DSA-3576-1 DSA-3559-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr <not-affected> (Only affects Firefox ESR 38.x)
 	- firefox <not-affected> (Only affects Firefox ESR 38.x)
 	- icedove 1:45.1.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2804 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-2804
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2803 (Cross-site scripting (XSS) vulnerability in the dependency graphs in ...)
+CVE-2016-2803
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
-CVE-2016-2802 (The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in ...)
+CVE-2016-2802
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23868,7 +23868,7 @@ CVE-2016-2802 (The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in ..
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2801 (The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp ...)
+CVE-2016-2801
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23876,7 +23876,7 @@ CVE-2016-2801 (The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2800 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...)
+CVE-2016-2800
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23884,7 +23884,7 @@ CVE-2016-2800 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 b
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2799 (Heap-based buffer overflow in the graphite2::Slot::setAttr function in ...)
+CVE-2016-2799
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23892,7 +23892,7 @@ CVE-2016-2799 (Heap-based buffer overflow in the graphite2::Slot::setAttr functi
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2798 (The graphite2::GlyphCache::Loader::Loader function in Graphite 2 ...)
+CVE-2016-2798
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23900,7 +23900,7 @@ CVE-2016-2798 (The graphite2::GlyphCache::Loader::Loader function in Graphite 2
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2797 (The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 ...)
+CVE-2016-2797
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23908,7 +23908,7 @@ CVE-2016-2797 (The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2796 (Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code ...)
+CVE-2016-2796
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23916,7 +23916,7 @@ CVE-2016-2796 (Heap-based buffer overflow in the graphite2::vm::Machine::Code::C
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2795 (The graphite2::FileFace::get_table_fn function in Graphite 2 before ...)
+CVE-2016-2795
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23924,7 +23924,7 @@ CVE-2016-2795 (The graphite2::FileFace::get_table_fn function in Graphite 2 befo
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2794 (The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in ...)
+CVE-2016-2794
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23932,7 +23932,7 @@ CVE-2016-2794 (The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in .
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2793 (CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox ...)
+CVE-2016-2793
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23940,7 +23940,7 @@ CVE-2016-2793 (CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Fir
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2792 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...)
+CVE-2016-2792
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23948,7 +23948,7 @@ CVE-2016-2792 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 b
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2791 (The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, ...)
+CVE-2016-2791
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23956,7 +23956,7 @@ CVE-2016-2791 (The graphite2::GlyphCache::glyph function in Graphite 2 before 1.
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2790 (The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before ...)
+CVE-2016-2790
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23964,9 +23964,9 @@ CVE-2016-2790 (The graphite2::TtfUtil::GetTableInfo function in Graphite 2 befor
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2789 (Cross-site scripting (XSS) vulnerability in the Web User Interface in ...)
+CVE-2016-2789
 	NOT-FOR-US: Citrix
-CVE-2016-2841 (The ne2000_receive function in the NE2000 NIC emulation support ...)
+CVE-2016-2841
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #817181)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -23975,42 +23975,42 @@ CVE-2016-2841 (The ne2000_receive function in the NE2000 NIC emulation support .
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=415ab35a441eca767d033a2702223e785b9d5190 (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1303106
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/02/8
-CVE-2016-2788 (MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet ...)
+CVE-2016-2788
 	- mcollective 2.12.0+dfsg-1 (bug #850968)
 	[jessie] - mcollective <no-dsa> (Minor issue)
 	[wheezy] - mcollective <no-dsa> (Minor issue)
 	NOTE: https://puppet.com/security/cve/cve-2016-2788
 	NOTE: https://github.com/puppetlabs/marionette-collective/commit/4918a0f136aea04452b48a1ba29eb9aabcf5c97d
-CVE-2016-2787 (The Puppet Communications Protocol in Puppet Enterprise 2015.3.x ...)
+CVE-2016-2787
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2016-2786 (The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 ...)
+CVE-2016-2786
 	- puppet <not-affected> (pxp-agent not packaged in Debian)
 	NOTE: https://puppet.com/security/cve/cve-2016-2786
-CVE-2016-2785 (Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before ...)
+CVE-2016-2785
 	- puppet <not-affected> (Vulnerable code only in 4.x)
 	NOTE: https://puppet.com/security/cve/cve-2016-2785
 	NOTE: https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2
-CVE-2016-2784 (CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty ...)
+CVE-2016-2784
 	NOT-FOR-US: CMS Made Simple
-CVE-2016-2783 (Avaya Fabric Connect Virtual Services Platform (VSP) Operating System ...)
+CVE-2016-2783
 	NOT-FOR-US: Avaya
-CVE-2016-2780 (Untrusted search path vulnerability in Huawei UTPS before ...)
+CVE-2016-2780
 	NOT-FOR-US: Huawei UTPS
 CVE-2016-2778
 	RESERVED
 CVE-2016-2777
 	REJECTED
-CVE-2016-2776 (buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before ...)
+CVE-2016-2776
 	{DSA-3680-1 DLA-645-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #839010)
 	NOTE: https://kb.isc.org/article/AA-01419
-CVE-2016-2775 (ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x ...)
+CVE-2016-2775
 	{DSA-3680-1 DLA-645-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #831796)
 	NOTE: https://kb.isc.org/article/AA-01393/74/CVE-2016-2775
-CVE-2016-2774 (ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 ...)
+CVE-2016-2774
 	- isc-dhcp 4.3.4-1 (bug #817158)
 	[jessie] - isc-dhcp <no-dsa> (Minor issue)
 	[wheezy] - isc-dhcp <no-dsa> (Minor issue)
@@ -24425,13 +24425,13 @@ CVE-2016-XXXX [remote memory disclosure]
 	NOTE: fixed in 1.0.1
 	NOTE: https://nodesecurity.io/advisories/67
 	NOTE: nodejs not covered by security support
-CVE-2016-2782 (The treo_attach function in drivers/usb/serial/visor.c in the Linux ...)
+CVE-2016-2782
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0 (v4.5-rc2)
-CVE-2016-2781 (chroot in GNU coreutils, when used with --userspec, allows local users ...)
+CVE-2016-2781
 	- coreutils <unfixed> (low; bug #816320)
 	[buster] - coreutils <ignored> (Minor issue)
 	[stretch] - coreutils <ignored> (Minor issue)
@@ -24440,7 +24440,7 @@ CVE-2016-2781 (chroot in GNU coreutils, when used with --userspec, allows local
 	NOTE: Restricting ioctl on the kernel side seems the better approach, but rejected by Linux upstream
 	NOTE: Fixing this issue via setsid() would introduce regressions:
 	NOTE: https://www.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes
-CVE-2016-2779 (runuser in util-linux allows local users to escape to the parent ...)
+CVE-2016-2779
 	- util-linux 2.31.1-0.1 (bug #815922)
 	[stretch] - util-linux <no-dsa> (Minor issue)
 	[jessie] - util-linux <no-dsa> (Minor issue)
@@ -24463,47 +24463,47 @@ CVE-2016-7575
 	REJECTED
 CVE-2016-2573
 	RESERVED
-CVE-2016-2567 (secfilter in the Samsung kernel for Android on SM-N9005 build ...)
+CVE-2016-2567
 	NOT-FOR-US: Samsung
-CVE-2016-2566 (Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) ...)
+CVE-2016-2566
 	NOT-FOR-US: Samsung
-CVE-2016-2565 (Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) ...)
+CVE-2016-2565
 	NOT-FOR-US: Samsung
-CVE-2016-2564 (Invision Power Services (IPS) Community Suite before 4.1.9 makes ...)
+CVE-2016-2564
 	NOT-FOR-US: Invision Power Services
-CVE-2016-2563 (Stack-based buffer overflow in the SCP command-line utility in PuTTY ...)
+CVE-2016-2563
 	- putty 0.67-1 (bug #816921)
 	[jessie] - putty <no-dsa> (Minor issue)
 	[wheezy] - putty <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html
 	NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=bc6c15ab5f636e05b7e91883f0031a7e06117947
 	NOTE: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563
-CVE-2016-2562 (The checkHTTP function in libraries/Config.class.php in phpMyAdmin ...)
+CVE-2016-2562
 	- phpmyadmin 4:4.5.5.1-1 (unimportant)
 	[jessie] - phpmyadmin <not-affected>
 	[wheezy] - phpmyadmin <not-affected>
 	NOTE: vulnerabilty is only in the test suite
-CVE-2016-2561 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2016-2561
 	{DSA-3627-1}
 	- phpmyadmin 4:4.5.5.1-1
 	[wheezy] - phpmyadmin <not-affected>
-CVE-2016-2560 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2016-2560
 	{DSA-3627-1 DLA-481-1}
 	- phpmyadmin 4:4.5.5.1-1 (low)
 	NOTE: 7ddce5e39a4e12cd351732955394bc7055c280eb: file not present, vulnerability not found in wheezy
 	NOTE: 0667ea8ac7519d7e642eade2686dc393d5faeae3: vulnerability present in 3.4.3.1, but code mysteriously not found in wheezy
 	NOTE: fe3be9f4b9edd54dc39919e7dfeaaf4a67c1cf83: vulnerability introduced in 052fd61f (3.5.1)
 	NOTE: b8f1e0f325f8f32bd82af64111d8c2e9055a363c and 73c8245a3d1893a710447957e28dcfb18d9b47ad present in wheezy and later, patch in lists.debian.org/87lh4fpyap.fsf@angela.anarcat.ath.cx
-CVE-2016-2559 (Cross-site scripting (XSS) vulnerability in the format function in ...)
+CVE-2016-2559
 	- phpmyadmin 4:4.5.5.1-1 (low)
 	[jessie] - phpmyadmin <not-affected>
 	[wheezy] - phpmyadmin <not-affected>
-CVE-2016-2572 (http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after ...)
+CVE-2016-2572
 	- squid3 <not-affected> (Only affects 4.x)
 	- squid <not-affected> (Only affects 4.x)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14548.patch
-CVE-2016-2571 (http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with ...)
+CVE-2016-2571
 	{DSA-3522-1 DLA-445-1}
 	- squid3 3.5.15-1 (bug #816011)
 	- squid <not-affected> (Vulnerable code not present)
@@ -24511,7 +24511,7 @@ CVE-2016-2571 (http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13990.patch
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14548.patch
 	NOTE: Upstream confirmed it does not affect squid 2.7.x
-CVE-2016-2570 (The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x ...)
+CVE-2016-2570
 	- squid3 3.5.15-1 (bug #816011)
 	[jessie] - squid3 <no-dsa> (Minor issue, needs substantial backporting; too intrusive to backport)
 	[wheezy] - squid3 <no-dsa> (Minor issue, needs substantial backporting; too intrusive to backport)
@@ -24522,7 +24522,7 @@ CVE-2016-2570 (The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 an
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14549.patch
 	NOTE: Upstream confirmed it does not affect squid 2.7.x
 	NOTE: It's maybe too instrusive to fix in 3.1 (squeeze and wheezy).
-CVE-2016-2569 (Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append ...)
+CVE-2016-2569
 	- squid3 3.5.15-1 (bug #816011)
 	[jessie] - squid3 <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
 	[wheezy] - squid3 <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
@@ -24533,7 +24533,7 @@ CVE-2016-2569 (Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly ap
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13999.patch
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14552.patch
 	NOTE: Upstream confirmed it does not affect squid 2.7.x
-CVE-2016-2568 (pkexec, when used with --user nonpriv, allows local users to escape to ...)
+CVE-2016-2568
 	- policykit-1 <unfixed> (low; bug #816062; bug #812512)
 	[buster] - policykit-1 <ignored> (Minor issue)
 	[stretch] - policykit-1 <ignored> (Minor issue)
@@ -24541,13 +24541,13 @@ CVE-2016-2568 (pkexec, when used with --user nonpriv, allows local users to esca
 	[wheezy] - policykit-1 <ignored> (Minor issue)
 	NOTE: Restricting ioctl on the kernel side seems the better approach
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300746
-CVE-2016-2558 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
+CVE-2016-2558
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-2557 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
+CVE-2016-2557
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-2556 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
+CVE-2016-2556
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-2555 (SQL injection vulnerability in include/lib/mysql_connect.inc.php in ...)
+CVE-2016-2555
 	NOT-FOR-US: ATutor
 CVE-2016-2553
 	REJECTED
@@ -24555,7 +24555,7 @@ CVE-2016-2552
 	RESERVED
 CVE-2016-2551
 	RESERVED
-CVE-2016-3191 (The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 ...)
+CVE-2016-3191
 	{DLA-441-1}
 	- pcre3 2:8.38-2 (bug #815921)
 	[jessie] - pcre3 2:8.35-3.3+deb8u3
@@ -24565,21 +24565,21 @@ CVE-2016-3191 (The compile_branch function in pcre_compile.c in PCRE 8.x before
 	NOTE: pcre2: http://vcs.pcre.org/pcre2?view=revision&revision=489
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1791
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1311503
-CVE-2016-3162 (The File module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allows ...)
+CVE-2016-3162
 	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3163 (The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might ...)
+CVE-2016-3163
 	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3164 (Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might ...)
+CVE-2016-3164
 	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
@@ -24587,68 +24587,68 @@ CVE-2016-3164 (Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 mig
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3165 (The Form API in Drupal 6.x before 6.38 ignores access restrictions on ...)
+CVE-2016-3165
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3166 (CRLF injection vulnerability in the drupal_set_header function in ...)
+CVE-2016-3166
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3167 (Open redirect vulnerability in the drupal_goto function in Drupal 6.x ...)
+CVE-2016-3167
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3168 (The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might ...)
+CVE-2016-3168
 	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3169 (The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows ...)
+CVE-2016-3169
 	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3170 (The &quot;have you forgotten your password&quot; links in the User module in ...)
+CVE-2016-3170
 	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3171 (Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before ...)
+CVE-2016-3171
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-2541 (Audacity before 2.1.2 allows remote attackers to cause a denial of ...)
+CVE-2016-2541
 	- audacity 2.1.2-1 (unimportant)
 	[jessie] - audacity <not-affected> (Vulnerable code not present)
 	[wheezy] - audacity <not-affected> (vulnerable code not present)
 	NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2
 	NOTE: https://github.com/audacity/audacity/commit/85026f98958a8dcc09188be24a8db0385988e23f
 	NOTE: Crash in desktop application, no security impact
-CVE-2016-2540 (Audacity before 2.1.2 allows remote attackers to cause a denial of ...)
+CVE-2016-2540
 	{DLA-1277-1}
 	- audacity 2.1.2-1 (unimportant)
 	NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2
 	NOTE: https://github.com/audacity/audacity/commit/407c1dc4b209111e4dbb3eec88f333aa8f69094c
 	NOTE: https://github.com/audacity/audacity/commit/b5f2046286b266b10f87b764faa1586aee9c23ea
 	NOTE: Crash in desktop application, no security impact
-CVE-2016-2539 (Cross-site request forgery (CSRF) vulnerability in install_modules.php ...)
+CVE-2016-2539
 	NOT-FOR-US: ATutor
-CVE-2016-2550 (The Linux kernel before 4.5 allows local users to bypass ...)
+CVE-2016-2550
 	{DSA-3503-1}
 	- linux 4.4.4-1
 	- linux-2.6 <removed>
@@ -24656,152 +24656,152 @@ CVE-2016-2550 (The Linux kernel before 4.5 allows local users to bypass ...)
 	NOTE: Introduced by: https://git.kernel.org/linus/712f4aad406bb1ed67f3f98d04c044191f0ff593 (v4.5-rc1)
 	NOTE: Technically wheezy-security and squeeze-lts are not affected by this CVE since the fix for
 	NOTE: addressing CVE-2013-4312 was not applied.
-CVE-2016-2549 (sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent ...)
+CVE-2016-2549
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ba1fe7a06d3624f9a7586d672b55f08f7c670f3 (v4.5-rc1)
-CVE-2016-2548 (sound/core/timer.c in the Linux kernel before 4.4.1 retains certain ...)
+CVE-2016-2548
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d (v4.5-rc1)
-CVE-2016-2547 (sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking ...)
+CVE-2016-2547
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d (v4.5-rc1)
-CVE-2016-2546 (sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect ...)
+CVE-2016-2546
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af368027a49a751d6ff4ee9e3f9961f35bb4fede (v4.5-rc1)
-CVE-2016-2545 (The snd_timer_interrupt function in sound/core/timer.c in the Linux ...)
+CVE-2016-2545
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736 (v4.5-rc1)
-CVE-2016-2544 (Race condition in the queue_delete function in ...)
+CVE-2016-2544
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3567eb6af614dac436c4b16a8d426f9faed639b3 (v4.5-rc1)
-CVE-2016-2543 (The snd_seq_ioctl_remove_events function in ...)
+CVE-2016-2543
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1 (v4.5-rc1)
-CVE-2016-2542 (Untrusted search path vulnerability in Flexera InstallShield through ...)
+CVE-2016-2542
 	NOT-FOR-US: Flexera InstallShield
-CVE-2016-2537 (The is-my-json-valid package before 2.12.4 for Node.js has an ...)
+CVE-2016-2537
 	NOT-FOR-US: is-my-json-valid package for Node.js
-CVE-2016-2536 (Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise ...)
+CVE-2016-2536
 	NOT-FOR-US: SAP
 CVE-2016-2535
 	RESERVED
 CVE-2016-2534
 	RESERVED
-CVE-2016-4421 (epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark ...)
+CVE-2016-4421
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-18.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-4420 (The NFS dissector in Wireshark 2.x before 2.0.2 allows remote ...)
+CVE-2016-4420
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-17.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-4419 (epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x ...)
+CVE-2016-4419
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-16.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-4418 (epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark ...)
+CVE-2016-4418
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-15.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-4417 (Off-by-one error in epan/dissectors/packet-gsm_abis_oml.c in the GSM ...)
+CVE-2016-4417
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-14.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-4416 (epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in ...)
+CVE-2016-4416
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-13.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-4415 (wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x ...)
+CVE-2016-4415
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-12.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2532 (The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c ...)
+CVE-2016-2532
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-11.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2531 (Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector ...)
+CVE-2016-2531
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-10.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2530 (The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c ...)
+CVE-2016-2530
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-10.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2529 (The iseries_check_file_type function in wiretap/iseries.c in the ...)
+CVE-2016-2529
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-09.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2528 (The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in ...)
+CVE-2016-2528
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-08.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2527 (wiretap/nettrace_3gpp_32_423.c in the 3GPP TS 32.423 Trace file parser ...)
+CVE-2016-2527
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-07.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2526 (epan/dissectors/packet-hiqnet.c in the HiQnet dissector in Wireshark ...)
+CVE-2016-2526
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-06.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2525 (epan/dissectors/packet-http2.c in the HTTP/2 dissector in Wireshark ...)
+CVE-2016-2525
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-05.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2524 (epan/dissectors/packet-x509af.c in the X.509AF dissector in Wireshark ...)
+CVE-2016-2524
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0.x)
@@ -24809,13 +24809,13 @@ CVE-2016-2524 (epan/dissectors/packet-x509af.c in the X.509AF dissector in Wires
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-04.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2523 (The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in ...)
+CVE-2016-2523
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-03.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2522 (The dissect_ber_constrained_bitstring function in ...)
+CVE-2016-2522
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0.x)
@@ -24823,42 +24823,42 @@ CVE-2016-2522 (The dissect_ber_constrained_bitstring function in ...)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-02.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2521 (Untrusted search path vulnerability in the WiresharkApplication class ...)
+CVE-2016-2521
 	- wireshark <not-affected> (Windows-specific)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-01.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
 CVE-2016-2520
 	RESERVED
-CVE-2016-2519 (ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote ...)
+CVE-2016-2519
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-2518 (The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x ...)
+CVE-2016-2518
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-2517 (NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to ...)
+CVE-2016-2517
 	- ntp 1:4.2.8p7+dfsg-1 (unimportant)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	NOTE: not a security issue, anyone with the privileges for remote configuration can
 	NOTE: cause trouble anyway
-CVE-2016-2516 (NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, ...)
+CVE-2016-2516
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 CVE-2016-2514
 	RESERVED
-CVE-2016-2513 (The password hasher in contrib/auth/hashers.py in Django before 1.8.10 ...)
+CVE-2016-2513
 	{DSA-3544-1}
 	- python-django 1.9.4-1 (bug #816434)
 	NOTE: https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
-CVE-2016-2512 (The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x ...)
+CVE-2016-2512
 	{DSA-3544-1}
 	- python-django 1.9.4-1 (bug #816434)
 	NOTE: https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
-CVE-2016-2538 (Multiple integer overflows in the USB Net device emulator ...)
+CVE-2016-2538
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #815680)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -24871,227 +24871,227 @@ CVE-2016-2538 (Multiple integer overflows in the USB Net device emulator ...)
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=fe3c546c5ff2a6210f9a4d8561cc64051ca8603e (v2.6.0-rc0)
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=6c9f886ceae5b998dc2b9af2bf77666941689bce (v0.10.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/3
-CVE-2016-2515 (Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause ...)
+CVE-2016-2515
 	NOT-FOR-US: NodeJS Hawk
-CVE-2016-2511 (Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier ...)
+CVE-2016-2511
 	{DSA-3490-1 DLA-428-1}
 	- websvn <removed>
-CVE-2016-2509 (The password-sync feature on Belden Hirschmann Classic Platform ...)
+CVE-2016-2509
 	NOT-FOR-US: Belden Hirschmann Classic Platform switches
-CVE-2016-2508 (media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver ...)
+CVE-2016-2508
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2507 (Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in ...)
+CVE-2016-2507
 	NOT-FOR-US: libstagefright
-CVE-2016-2506 (DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x ...)
+CVE-2016-2506
 	NOT-FOR-US: libstagefright
-CVE-2016-2505 (mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x ...)
+CVE-2016-2505
 	NOT-FOR-US: libstagefright
-CVE-2016-2504 (The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, ...)
+CVE-2016-2504
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2503 (The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and ...)
+CVE-2016-2503
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2502 (drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android ...)
+CVE-2016-2502
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2501 (The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, ...)
+CVE-2016-2501
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2500 (Activity Manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, ...)
+CVE-2016-2500
 	NOT-FOR-US: Android
-CVE-2016-2499 (AudioSource.cpp in libstagefright in mediaserver in Android 4.x before ...)
+CVE-2016-2499
 	NOT-FOR-US: libstagefright
-CVE-2016-2498 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...)
+CVE-2016-2498
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2497 (services/core/java/com/android/server/pm/PackageManagerService.java in ...)
+CVE-2016-2497
 	NOT-FOR-US: Android
-CVE-2016-2496 (The Framework UI permission-dialog implementation in Android 6.x ...)
+CVE-2016-2496
 	NOT-FOR-US: Android
-CVE-2016-2495 (SampleTable.cpp in libstagefright in mediaserver in Android 4.x before ...)
+CVE-2016-2495
 	NOT-FOR-US: libstagefright
-CVE-2016-2494 (Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-2494
 	NOT-FOR-US: libstagefright
-CVE-2016-2493 (The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, ...)
+CVE-2016-2493
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2016-2492 (The MediaTek power-management driver in Android before 2016-06-01 on ...)
+CVE-2016-2492
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-2491 (The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 ...)
+CVE-2016-2491
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-2490 (The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 ...)
+CVE-2016-2490
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-2489 (The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, ...)
+CVE-2016-2489
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2488 (The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, ...)
+CVE-2016-2488
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2487 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-2487
 	NOT-FOR-US: libstagefright
-CVE-2016-2486 (mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x ...)
+CVE-2016-2486
 	NOT-FOR-US: libstagefright
-CVE-2016-2485 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-2485
 	NOT-FOR-US: libstagefright
-CVE-2016-2484 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-2484
 	NOT-FOR-US: libstagefright
-CVE-2016-2483 (The mm-video-v4l2 venc component in mediaserver in Android 4.x before ...)
+CVE-2016-2483
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2482 (The mm-video-v4l2 vdec component in mediaserver in Android 4.x before ...)
+CVE-2016-2482
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2481 (The mm-video-v4l2 venc component in mediaserver in Android 4.x before ...)
+CVE-2016-2481
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2480 (The mm-video-v4l2 vidc component in mediaserver in Android 4.x before ...)
+CVE-2016-2480
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2479 (The mm-video-v4l2 vdec component in mediaserver in Android 4.x before ...)
+CVE-2016-2479
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2478 (mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in ...)
+CVE-2016-2478
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2477 (mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in ...)
+CVE-2016-2477
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2476 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-2476
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2475 (The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, ...)
+CVE-2016-2475
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2016-2474 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X ...)
+CVE-2016-2474
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2473 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...)
+CVE-2016-2473
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2472 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...)
+CVE-2016-2472
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2471 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...)
+CVE-2016-2471
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2470 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...)
+CVE-2016-2470
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2469 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, ...)
+CVE-2016-2469
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2468 (The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, ...)
+CVE-2016-2468
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2467 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 ...)
+CVE-2016-2467
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2466 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 ...)
+CVE-2016-2466
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2465 (The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, ...)
+CVE-2016-2465
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2464 (libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-2464
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <not-affected> (libwebm not yet present)
 	[wheezy] - libvpx <not-affected> (libwebm not yet present)
 	NOTE: probably fixed earlier, but this was the version checked
-CVE-2016-2463 (Multiple integer overflows in the h264dec component in libstagefright ...)
+CVE-2016-2463
 	NOT-FOR-US: libstagefright
-CVE-2016-2462 (OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 ...)
+CVE-2016-2462
 	NOT-FOR-US: Android
-CVE-2016-2461 (OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 ...)
+CVE-2016-2461
 	NOT-FOR-US: Android
-CVE-2016-2460 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-2460
 	NOT-FOR-US: Android
-CVE-2016-2459 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
+CVE-2016-2459
 	NOT-FOR-US: Android
-CVE-2016-2458 (The compose functionality in AOSP Mail in Android 5.0.x before 5.0.2, ...)
+CVE-2016-2458
 	NOT-FOR-US: Android
-CVE-2016-2457 (server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before ...)
+CVE-2016-2457
 	NOT-FOR-US: Android
-CVE-2016-2456 (The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One ...)
+CVE-2016-2456
 	NOT-FOR-US: Android
 CVE-2016-2455
 	REJECTED
-CVE-2016-2454 (The Qualcomm hardware video codec in Android before 2016-05-01 on ...)
+CVE-2016-2454
 	NOT-FOR-US: Android
-CVE-2016-2453 (The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One ...)
+CVE-2016-2453
 	NOT-FOR-US: Android
-CVE-2016-2452 (codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in ...)
+CVE-2016-2452
 	NOT-FOR-US: Android
-CVE-2016-2451 (codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android ...)
+CVE-2016-2451
 	NOT-FOR-US: Android
-CVE-2016-2450 (codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in ...)
+CVE-2016-2450
 	NOT-FOR-US: Android
-CVE-2016-2449 (services/camera/libcameraservice/device3/Camera3Device.cpp in ...)
+CVE-2016-2449
 	NOT-FOR-US: Android
-CVE-2016-2448 (media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in ...)
+CVE-2016-2448
 	NOT-FOR-US: Android
 CVE-2016-2447
 	REJECTED
-CVE-2016-2446 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 ...)
+CVE-2016-2446
 	NOT-FOR-US: Android
-CVE-2016-2445 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 ...)
+CVE-2016-2445
 	NOT-FOR-US: Android
-CVE-2016-2444 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 ...)
+CVE-2016-2444
 	NOT-FOR-US: Android
-CVE-2016-2443 (The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and ...)
+CVE-2016-2443
 	NOT-FOR-US: Android
-CVE-2016-2442 (The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, ...)
+CVE-2016-2442
 	NOT-FOR-US: Android
-CVE-2016-2441 (The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, ...)
+CVE-2016-2441
 	NOT-FOR-US: Android
-CVE-2016-2440 (libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, ...)
+CVE-2016-2440
 	NOT-FOR-US: Android
-CVE-2016-2439 (Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x ...)
+CVE-2016-2439
 	NOT-FOR-US: Android
 CVE-2016-2438
 	REJECTED
-CVE-2016-2437 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
+CVE-2016-2437
 	NOT-FOR-US: Android
-CVE-2016-2436 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
+CVE-2016-2436
 	NOT-FOR-US: Android
-CVE-2016-2435 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
+CVE-2016-2435
 	NOT-FOR-US: Android
-CVE-2016-2434 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
+CVE-2016-2434
 	NOT-FOR-US: Android
-CVE-2016-2433 (The Broadcom Wi-Fi driver for Android, as used by BlackBerry ...)
+CVE-2016-2433
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-2432 (The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus ...)
+CVE-2016-2432
 	NOT-FOR-US: Android
-CVE-2016-2431 (The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus ...)
+CVE-2016-2431
 	NOT-FOR-US: Android
-CVE-2016-2430 (libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, ...)
+CVE-2016-2430
 	NOT-FOR-US: Android
-CVE-2016-2429 (libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, ...)
+CVE-2016-2429
 	NOT-FOR-US: Android
-CVE-2016-2428 (libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before ...)
+CVE-2016-2428
 	NOT-FOR-US: Android
-CVE-2016-2427 (** DISPUTED ** The AES-GCM specification in RFC 5084, as used in ...)
+CVE-2016-2427
 	NOT-FOR-US: Android
-CVE-2016-2426 (server/content/ContentService.java in the Framework component in ...)
+CVE-2016-2426
 	NOT-FOR-US: Android
-CVE-2016-2425 (mail/compose/ComposeActivity.java in AOSP Mail in Android 4.x before ...)
+CVE-2016-2425
 	NOT-FOR-US: Android
-CVE-2016-2424 (server/content/SyncStorageEngine.java in SyncStorageEngine in Android ...)
+CVE-2016-2424
 	NOT-FOR-US: Android
-CVE-2016-2423 (server/telecom/CallsManager.java in Telephony in Android 4.x before ...)
+CVE-2016-2423
 	NOT-FOR-US: Android
-CVE-2016-2422 (Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before ...)
+CVE-2016-2422
 	NOT-FOR-US: Android
-CVE-2016-2421 (Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 ...)
+CVE-2016-2421
 	NOT-FOR-US: Android
-CVE-2016-2420 (rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the ...)
+CVE-2016-2420
 	NOT-FOR-US: Android
-CVE-2016-2419 (media/libmedia/IDrm.cpp in mediaserver in Android 6.x before ...)
+CVE-2016-2419
 	NOT-FOR-US: Android
-CVE-2016-2418 (media/libmedia/IOMX.cpp in mediaserver in Android 6.x before ...)
+CVE-2016-2418
 	NOT-FOR-US: Android
-CVE-2016-2417 (media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, ...)
+CVE-2016-2417
 	NOT-FOR-US: Android
-CVE-2016-2416 (libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before ...)
+CVE-2016-2416
 	NOT-FOR-US: Android
-CVE-2016-2415 (exchange/eas/EasAutoDiscover.java in the Autodiscover implementation ...)
+CVE-2016-2415
 	NOT-FOR-US: Android
-CVE-2016-2414 (The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, ...)
+CVE-2016-2414
 	NOT-FOR-US: Android
-CVE-2016-2413 (media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, ...)
+CVE-2016-2413
 	NOT-FOR-US: Android
-CVE-2016-2412 (include/core/SkPostConfig.h in Skia, as used in System_server in ...)
+CVE-2016-2412
 	NOT-FOR-US: Android
-CVE-2016-2411 (A Qualcomm Power Management kernel driver in Android 6.x before ...)
+CVE-2016-2411
 	NOT-FOR-US: Android
-CVE-2016-2410 (A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows ...)
+CVE-2016-2410
 	NOT-FOR-US: Android
-CVE-2016-2409 (A Texas Instruments (TI) haptic kernel driver in Android 6.x before ...)
+CVE-2016-2409
 	NOT-FOR-US: Android
-CVE-2016-2408 (An unspecified client-side component in Pulse Secure Desktop Client ...)
+CVE-2016-2408
 	NOT-FOR-US: Pulse Secure Desktop Client
 CVE-2016-2407
 	REJECTED
-CVE-2016-2406 (The permission control module in Huawei Document Security Management ...)
+CVE-2016-2406
 	NOT-FOR-US: Huawei
-CVE-2016-2405 (Huawei Policy Center with software before V100R003C10SPC020 allows ...)
+CVE-2016-2405
 	NOT-FOR-US: Huawei
-CVE-2016-2404 (Huawei switches S5700, S6700, S7700, S9700 with software ...)
+CVE-2016-2404
 	NOT-FOR-US: Huawei
-CVE-2016-2403 (Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to ...)
+CVE-2016-2403
 	{DSA-4262-1}
 	- symfony 2.8.6+dfsg-1
 	[jessie] - symfony <not-affected> (Vulnerable code not present)
@@ -25100,43 +25100,43 @@ CVE-2016-2403 (Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers
 	NOTE: CVE-2018-11407. Complete fix as per
 	NOTE: https://github.com/symfony/symfony/pull/26589
 	NOTE: https://github.com/symfony/symfony/commit/2f5bd18d82f4a8911d549d14c72bf935602834a9
-CVE-2016-2510 (BeanShell (bsh) before 2.0b6, when included on the classpath by an ...)
+CVE-2016-2510
 	{DSA-3504-1 DLA-443-1}
 	- bsh 2.0b4-16
 	NOTE: https://github.com/beanshell/beanshell/releases/tag/2.0b6
 	NOTE: https://github.com/beanshell/beanshell/commit/7c68fde2d6fc65e362f20863d868c112a90a9b49
 	NOTE: https://github.com/beanshell/beanshell/commit/1ccc66bb693d4e46a34a904db8eeff07808d2ced
-CVE-2016-2402 (OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle ...)
+CVE-2016-2402
 	NOT-FOR-US: OkHttp
 CVE-2016-2401
 	RESERVED
 CVE-2016-2400
 	RESERVED
-CVE-2016-2399 (Integer overflow in the quicktime_read_pascal function in libquicktime ...)
+CVE-2016-2399
 	{DSA-3800-1 DLA-844-1}
 	- libquicktime 2:1.2.4-10 (bug #855099)
 	NOTE: PoC: http://www.nemux.org/2016/02/23/libquicktime-1-2-4/
-CVE-2016-2398 (Comcast XFINITY Home Security System does not properly maintain ...)
+CVE-2016-2398
 	NOT-FOR-US: XFINITY
-CVE-2016-2397 (The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA ...)
+CVE-2016-2397
 	NOT-FOR-US: Dell
-CVE-2016-2396 (The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, ...)
+CVE-2016-2396
 	NOT-FOR-US: Dell
 CVE-2016-2395
 	RESERVED
 CVE-2016-2394
 	RESERVED
-CVE-2016-2393 (Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before ...)
+CVE-2016-2393
 	NOT-FOR-US: Lenovo
-CVE-2016-2389 (Directory traversal vulnerability in the GetFileList function in the ...)
+CVE-2016-2389
 	NOT-FOR-US: SAP
-CVE-2016-2388 (The Universal Worklist Configuration in SAP NetWeaver 7.4 allows ...)
+CVE-2016-2388
 	NOT-FOR-US: SAP
-CVE-2016-2387 (Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy ...)
+CVE-2016-2387
 	NOT-FOR-US: SAP
-CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE ...)
+CVE-2016-2386
 	NOT-FOR-US: SAP
-CVE-2016-2392 (The is_rndis function in the USB Net device emulator ...)
+CVE-2016-2392
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #815008)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -25146,7 +25146,7 @@ CVE-2016-2392 (The is_rndis function in the USB Net device emulator ...)
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=80eecda8e5d09c442c24307f340840a5b70ea3b9 (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302299
-CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support ...)
+CVE-2016-2391
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #815009)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -25157,62 +25157,62 @@ CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support ...
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fa1298c2d623522eda7b4f1f721fcb935abb7360 (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1304794
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/16/2
-CVE-2016-2390 (The FwdState::connectedToPeer method in FwdState.cc in Squid before ...)
+CVE-2016-2390
 	- squid <removed> (unimportant)
 	- squid3 3.5.14-1 (unimportant)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_1.txt
 	NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
 CVE-2016-2382
 	RESERVED
-CVE-2016-2381 (Perl might allow context-dependent attackers to bypass the taint ...)
+CVE-2016-2381
 	{DSA-3501-1}
 	- perl 5.22.1-8
 	NOTE: http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
-CVE-2016-2380 (An information leak exists in the handling of the MXIT protocol in ...)
+CVE-2016-2380
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0123/
 	NOTE: http://www.pidgin.im/news/security/?id=96
 	NOTE: https://bitbucket.org/pidgin/main/commits/8172584fd640
-CVE-2016-2379 (The Mxit protocol uses weak encryption when encrypting user passwords, ...)
+CVE-2016-2379
 	NOTE: Mentioned at http://www.pidgin.im/news/security/?id=96 without further details
-CVE-2016-2378 (A buffer overflow vulnerability exists in the handling of the MXIT ...)
+CVE-2016-2378
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0120/
 	NOTE: http://www.pidgin.im/news/security/?id=94
 	NOTE: https://bitbucket.org/pidgin/main/commits/06278419c703
-CVE-2016-2377 (A buffer overflow vulnerability exists in the handling of the MXIT ...)
+CVE-2016-2377
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0119/
 	NOTE: http://www.pidgin.im/news/security/?id=93
 	NOTE: https://bitbucket.org/pidgin/main/commits/0f94ef13ab37
-CVE-2016-2376 (A buffer overflow vulnerability exists in the handling of the MXIT ...)
+CVE-2016-2376
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0118/
 	NOTE: http://www.pidgin.im/news/security/?id=92
 	NOTE: https://bitbucket.org/pidgin/main/commits/19f89eda8587
-CVE-2016-2375 (An exploitable out-of-bounds read exists in the handling of the MXIT ...)
+CVE-2016-2375
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0143/
 	NOTE: http://www.pidgin.im/news/security/?id=108
 	NOTE: https://bitbucket.org/pidgin/main/commits/b786e9814536
-CVE-2016-2374 (An exploitable memory corruption vulnerability exists in the handling ...)
+CVE-2016-2374
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0142/
 	NOTE: http://www.pidgin.im/news/security/?id=107
 	NOTE: https://bitbucket.org/pidgin/main/commits/f6c08d962618
-CVE-2016-2373 (A denial of service vulnerability exists in the handling of the MXIT ...)
+CVE-2016-2373
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0141/
 	NOTE: http://www.pidgin.im/news/security/?id=106
 	NOTE: https://bitbucket.org/pidgin/main/commits/e6159ad42c4c
-CVE-2016-2372 (An information leak exists in the handling of the MXIT protocol in ...)
+CVE-2016-2372
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0140/
@@ -25220,13 +25220,13 @@ CVE-2016-2372 (An information leak exists in the handling of the MXIT protocol i
 	NOTE: https://bitbucket.org/pidgin/main/commits/5e3601f8bde4
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c5197a66760
 	NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
-CVE-2016-2371 (An out-of-bounds write vulnerability exists in the handling of the ...)
+CVE-2016-2371
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0139/
 	NOTE: http://www.pidgin.im/news/security/?id=104
 	NOTE: https://bitbucket.org/pidgin/main/commits/f0287378203fbf496a9890bf273d96adefb93b74
-CVE-2016-2370 (A denial of service vulnerability exists in the handling of the MXIT ...)
+CVE-2016-2370
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0138/
@@ -25234,19 +25234,19 @@ CVE-2016-2370 (A denial of service vulnerability exists in the handling of the M
 	NOTE: https://bitbucket.org/pidgin/main/commits/5e3601f8bde4
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c5197a66760
 	NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
-CVE-2016-2369 (A NULL pointer dereference vulnerability exists in the handling of the ...)
+CVE-2016-2369
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0137/
 	NOTE: http://www.pidgin.im/news/security/?id=102
-CVE-2016-2368 (Multiple memory corruption vulnerabilities exist in the handling of ...)
+CVE-2016-2368
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0136/
 	NOTE: http://www.pidgin.im/news/security/?id=101
 	NOTE: https://bitbucket.org/pidgin/main/commits/60f95045db42
 	NOTE: https://bitbucket.org/pidgin/main/commits/f6efc254e947
-CVE-2016-2367 (An information leak exists in the handling of the MXIT protocol in ...)
+CVE-2016-2367
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0135/
@@ -25254,23 +25254,23 @@ CVE-2016-2367 (An information leak exists in the handling of the MXIT protocol i
 	NOTE: https://bitbucket.org/pidgin/main/commits/5e3601f8bde4
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c5197a66760
 	NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
-CVE-2016-2366 (A denial of service vulnerability exists in the handling of the MXIT ...)
+CVE-2016-2366
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0134/
 	NOTE: http://www.pidgin.im/news/security/?id=99
 	NOTE: https://bitbucket.org/pidgin/main/commits/abdc3025f6b8
-CVE-2016-2365 (A denial of service vulnerability exists in the handling of the MXIT ...)
+CVE-2016-2365
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0133/
 	NOTE: http://www.pidgin.im/news/security/?id=98
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c4acc6977a8686ad980e5b820327c9c47dbeaca
-CVE-2016-2364 (The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously ...)
+CVE-2016-2364
 	NOT-FOR-US: Fonality
-CVE-2016-2363 (Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 ...)
+CVE-2016-2363
 	NOT-FOR-US: Fonality
-CVE-2016-2362 (Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 ...)
+CVE-2016-2362
 	NOT-FOR-US: Fonality
 CVE-2016-2361
 	RESERVED
@@ -25284,44 +25284,44 @@ CVE-2016-2357
 	RESERVED
 CVE-2016-2356
 	RESERVED
-CVE-2016-2355 (SQL injection vulnerability in the REST API in dotCMS before 3.3.2 ...)
+CVE-2016-2355
 	NOT-FOR-US: dotCMS
-CVE-2016-2354 (The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver ...)
+CVE-2016-2354
 	NOT-FOR-US: Lemur Vehicle Monitors BlueDriver
-CVE-2016-2353 (The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows ...)
+CVE-2016-2353
 	NOT-FOR-US: Accellion
-CVE-2016-2352 (The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows ...)
+CVE-2016-2352
 	NOT-FOR-US: Accellion
-CVE-2016-2351 (SQL injection vulnerability in home/seos/courier/security_key2.api on ...)
+CVE-2016-2351
 	NOT-FOR-US: Accellion
-CVE-2016-2350 (Multiple cross-site scripting (XSS) vulnerabilities on the Accellion ...)
+CVE-2016-2350
 	NOT-FOR-US: Accellion
-CVE-2016-2349 (Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 ...)
+CVE-2016-2349
 	NOT-FOR-US: BMC
 CVE-2016-2348
 	RESERVED
-CVE-2016-2347 (Integer underflow in the decode_level3_header function in ...)
+CVE-2016-2347
 	{DSA-3540-1}
 	- lhasa 0.3.1-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0095/
-CVE-2016-2346 (Allround Automations PL/SQL Developer 11 before 11.0.6 relies on ...)
+CVE-2016-2346
 	NOT-FOR-US: Allround Automations
-CVE-2016-2345 (Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in ...)
+CVE-2016-2345
 	NOT-FOR-US: SolarWinds DameWare Mini Remote Control
-CVE-2016-2344 (Stack-based buffer overflow in manager.exe in Backburner Manager in ...)
+CVE-2016-2344
 	NOT-FOR-US: Autodesk Backburner
-CVE-2016-2343 (Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the ...)
+CVE-2016-2343
 	NOT-FOR-US: Patterson Dental Eaglesoft 17
-CVE-2016-2342 (The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI ...)
+CVE-2016-2342
 	{DSA-3532-1}
 	- quagga 1.0.20160315-1 (bug #819179)
 	NOTE: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=a3bc7e9400b214a0f078fdb19596ba54214a1442
 	NOTE: https://www.kb.cert.org/vuls/id/270232
 CVE-2016-2341
 	RESERVED
-CVE-2016-2340 (The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows ...)
+CVE-2016-2340
 	NOT-FOR-US: Granite
-CVE-2016-2339 (An exploitable heap overflow vulnerability exists in the ...)
+CVE-2016-2339
 	{DLA-1421-1}
 	- ruby2.3 2.3.0-1
 	- ruby2.1 <removed> (bug #851161)
@@ -25331,46 +25331,46 @@ CVE-2016-2339 (An exploitable heap overflow vulnerability exists in the ...)
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/4977af3c3d54d27167bfc237f1b2802c40bddc10
 CVE-2016-2338
 	RESERVED
-CVE-2016-2337 (Type confusion exists in _cancel_eval Ruby's TclTkIp class method. ...)
+CVE-2016-2337
 	{DLA-1480-1}
 	- ruby2.3 2.3.0-1
 	- ruby2.1 <removed> (bug #851161)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0031/
 	NOTE: https://github.com/ruby/ruby/commit/a2b8925a94a672235ca6a16e584bf09026a957ab
-CVE-2016-2336 (Type confusion exists in two methods of Ruby's WIN32OLE class, ...)
+CVE-2016-2336
 	- ruby2.3 <not-affected> (Windows-specific)
 	- ruby2.1 <not-affected> (Windows-specific)
 	NOTE: Vulnerable win32ole ruby extension not included in binary packages, specific to Windows
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0029/
-CVE-2016-2335 (The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip ...)
+CVE-2016-2335
 	{DSA-3599-1 DLA-510-1}
 	- p7zip 15.14.1+dfsg-2 (bug #824160)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0094/
-CVE-2016-2334 (Heap-based buffer overflow in the ...)
+CVE-2016-2334
 	- p7zip 15.14.1+dfsg-2 (bug #824160)
 	[jessie] - p7zip <not-affected> (Introduced in 9.32)
 	[wheezy] - p7zip <not-affected> (Introduced in 9.32)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0093/
 	NOTE: https://twitter.com/_Icewall/status/739731922998448129
-CVE-2016-2333 (SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with ...)
+CVE-2016-2333
 	NOT-FOR-US: SysLINK
-CVE-2016-2332 (flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine ...)
+CVE-2016-2332
 	NOT-FOR-US: SysLINK
-CVE-2016-2331 (The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular ...)
+CVE-2016-2331
 	NOT-FOR-US: SysLINK
-CVE-2016-2385 (Heap-based buffer overflow in the encode_msg function in encode_msg.c ...)
+CVE-2016-2385
 	{DSA-3535-1}
 	- kamailio 4.3.4-2 (bug #815178)
 	NOTE: https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643
 	NOTE: https://census-labs.com/news/2016/03/30/kamailio-seas-heap-overflow/
-CVE-2016-2384 (Double free vulnerability in the snd_usbmidi_create function in ...)
+CVE-2016-2384
 	{DSA-3503-1 DLA-439-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/07d86ca93db7e5cdf4743564d98292042ec21af7 (v4.5-rc4)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/14/2
 	NOTE: https://xairy.github.io/blog/2016/cve-2016-2384
-CVE-2016-2383 (The adjust_branches function in kernel/bpf/verifier.c in the Linux ...)
+CVE-2016-2383
 	- linux 4.4.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -25390,7 +25390,7 @@ CVE-2016-XXXX [exec functions ignore length but look for NULL termination]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305494
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=c527549e899bf211aac7d8ab5ceb1bdfedf07f14
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
-CVE-2016-10712 (In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of ...)
+CVE-2016-10712
 	{DLA-818-1}
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -25414,36 +25414,36 @@ CVE-2016-XXXX [Integer overflow in iptcembed()]
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
 	- hhvm 3.12.1+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/381702ffbfdae170ba3fff97d6cc1b9c69666854
-CVE-2016-4348 (The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows ...)
+CVE-2016-4348
 	{DSA-3584-1 DLA-477-1}
 	- librsvg 2.40.12-1
 	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2 (2.40.12)
 CVE-2016-4347
 	REJECTED
-CVE-2016-4346 (Integer overflow in the str_pad function in ext/standard/string.c in ...)
+CVE-2016-4346
 	- php7.0 7.0.4-1
 	- php5 <not-affected> (Only affects PHP7.x)
 	NOTE: https://bugs.php.net/bug.php?id=71637
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=57b997ebf99e0eb9a073e0dafd2ab100bd4a112d
 	NOTE: Reproducer: second test script 2.php in upstream bugreport
-CVE-2016-4345 (Integer overflow in the php_filter_encode_url function in ...)
+CVE-2016-4345
 	- php7.0 7.0.4-1
 	- php5 <not-affected> (Only affects PHP7.x)
 	NOTE: https://bugs.php.net/bug.php?id=71637
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=57b997ebf99e0eb9a073e0dafd2ab100bd4a112d
-CVE-2016-4344 (Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in ...)
+CVE-2016-4344
 	- php7.0 7.0.4-1
 	- php5 <not-affected> (Only affects PHP7.x)
 	NOTE: https://bugs.php.net/bug.php?id=71637
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=57b997ebf99e0eb9a073e0dafd2ab100bd4a112d
-CVE-2016-4343 (The phar_make_dirstream function in ext/phar/dirstream.c in PHP before ...)
+CVE-2016-4343
 	{DLA-499-1}
 	- php7.0 7.0.3-1
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.18+dfsg-0+deb8u1
 	NOTE: https://bugs.php.net/bug.php?id=71331
 	NOTE: Fixed in 7.0.3, 5.6.18
-CVE-2016-4342 (ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and ...)
+CVE-2016-4342
 	{DLA-818-1}
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -25467,7 +25467,7 @@ CVE-2016-XXXX [NULL Pointer Dereference in phar_tar_setupmetadata()]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305540
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=1c1b8b69982375700d4b011eb89ea48b66dbd5aa
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
-CVE-2016-2554 (Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, ...)
+CVE-2016-2554
 	{DLA-818-1}
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -25501,32 +25501,32 @@ CVE-2016-XXXX [Crash on bad SOAP request]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305551
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=4308c868f94df1f2b99e80038ba5ea1076d919a7
 	NOTE: Fixed in 5.6.18, 7.0.3
-CVE-2016-2330 (libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a ...)
+CVE-2016-2330
 	- ffmpeg 2.8.6-1
 	- libav <not-affected> (Libav not affected according to upstream)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=03d83ba34b2070878909eae18dfac0f519503777
-CVE-2016-2329 (libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate ...)
+CVE-2016-2329
 	- ffmpeg 2.8.6-1
 	- libav <not-affected> (Vulnerable code not present in any Libav version)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f464e9c229006e16f6bb5403c5529fdd0a9edd
-CVE-2016-2328 (libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate ...)
+CVE-2016-2328
 	- ffmpeg 2.8.6-1
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ad3b6fa7d83db7de951ed891649af93a47e74be5
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=757248ea3cd917a7755cb15f817a9b1f15578718
-CVE-2016-2327 (libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes ...)
+CVE-2016-2327
 	- ffmpeg 2.8.5-1
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971
-CVE-2016-2326 (Integer overflow in the asf_write_packet function in ...)
+CVE-2016-2326
 	{DSA-3506-1}
 	- ffmpeg 2.8.5-1
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7c0b84d89911b2035161f5ef51aafbfcc84aa9e2
 CVE-2016-2325
 	RESERVED
-CVE-2016-2324 (Integer overflow in Git before 2.7.4 allows remote attackers to ...)
+CVE-2016-2324
 	{DSA-3521-1}
 	- git 1:2.8.0~rc3-1 (bug #818318)
 	NOTE: Removal of path_name: https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d (v2.8.0-rc0)
@@ -25543,117 +25543,117 @@ CVE-2016-2320
 	RESERVED
 CVE-2016-2319
 	RESERVED
-CVE-2016-2315 (revision.c in git before 2.7.4 uses an incorrect integer data type, ...)
+CVE-2016-2315
 	{DSA-3521-1}
 	- git 1:2.7.0-1 (bug #818318)
 	NOTE: https://github.com/git/git/commit/34fa79a6cde56d6d428ab0d3160cb094ebad3305 (v2.7.0-rc0)
 	- cgit <not-affected> (path_name function from embedded git is not called)
-CVE-2016-2314 (GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices ...)
+CVE-2016-2314
 	NOT-FOR-US: Huawei
-CVE-2016-2318 (GraphicsMagick 1.3.23 allows remote attackers to cause a denial of ...)
+CVE-2016-2318
 	{DSA-3746-1 DLA-484-1}
 	- graphicsmagick 1.3.24-1 (bug #814732)
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/e797bb0aec31
-CVE-2016-2317 (Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote ...)
+CVE-2016-2317
 	{DSA-3746-1 DLA-484-1}
 	- graphicsmagick 1.3.24-1 (bug #814732)
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/98394eb235a6
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52b59d2ef4a1
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ed8318ba6a
-CVE-2016-2311 (Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ...)
+CVE-2016-2311
 	NOT-FOR-US: AlertWerks
-CVE-2016-2310 (General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 ...)
+CVE-2016-2310
 	NOT-FOR-US: GE Multilink devices
-CVE-2016-2309 (iRZ RUH2 before 2b does not validate firmware patches, which allows ...)
+CVE-2016-2309
 	NOT-FOR-US: iRZ RUH2
-CVE-2016-2308 (American Auto-Matrix Aspect-Nexus Building Automation Front-End ...)
+CVE-2016-2308
 	NOT-FOR-US: American Auto-Matrix
-CVE-2016-2307 (American Auto-Matrix Aspect-Nexus Building Automation Front-End ...)
+CVE-2016-2307
 	NOT-FOR-US: American Auto-Matrix
-CVE-2016-2306 (The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows ...)
+CVE-2016-2306
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2305 (Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before ...)
+CVE-2016-2305
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2304 (Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly ...)
+CVE-2016-2304
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2303 (CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 ...)
+CVE-2016-2303
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2302 (Ecava IntegraXor before 5.0 build 4522 allows remote attackers to ...)
+CVE-2016-2302
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2301 (SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 ...)
+CVE-2016-2301
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2300 (Ecava IntegraXor before 5.0 build 4522 allows remote attackers to ...)
+CVE-2016-2300
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2299 (SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 ...)
+CVE-2016-2299
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2298 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows ...)
+CVE-2016-2298
 	NOT-FOR-US: Meteocontrol
-CVE-2016-2297 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows ...)
+CVE-2016-2297
 	NOT-FOR-US: Meteocontrol
-CVE-2016-2296 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not ...)
+CVE-2016-2296
 	NOT-FOR-US: Meteocontrol
-CVE-2016-2295 (Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, ...)
+CVE-2016-2295
 	NOT-FOR-US: Moxa
-CVE-2016-2294 (The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and ...)
+CVE-2016-2294
 	NOT-FOR-US: Acuvim
-CVE-2016-2293 (The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and ...)
+CVE-2016-2293
 	NOT-FOR-US: Acuvim
-CVE-2016-2292 (Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before ...)
+CVE-2016-2292
 	NOT-FOR-US: Pro-face
-CVE-2016-2291 (Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, ...)
+CVE-2016-2291
 	NOT-FOR-US: Pro-face
-CVE-2016-2290 (Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before ...)
+CVE-2016-2290
 	NOT-FOR-US: Pro-face
-CVE-2016-2289 (Directory traversal vulnerability in ICONICS WebHMI 9 and earlier ...)
+CVE-2016-2289
 	NOT-FOR-US: ICONICS WebHMI
 	NOT-FOR-US: ICONICS
-CVE-2016-2288 (Cogent DataHub before 7.3.10 allows local users to gain privileges by ...)
+CVE-2016-2288
 	NOT-FOR-US: Cogent DataHub
-CVE-2016-2287 (Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR ...)
+CVE-2016-2287
 	NOT-FOR-US: XZERES
-CVE-2016-2286 (Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, ...)
+CVE-2016-2286
 	NOT-FOR-US: Moxa
-CVE-2016-2285 (Cross-site request forgery (CSRF) vulnerability on Moxa ...)
+CVE-2016-2285
 	NOT-FOR-US: Moxa
 CVE-2016-2284
 	REJECTED
-CVE-2016-2283 (Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration ...)
+CVE-2016-2283
 	NOT-FOR-US: Moxa ioLogik E2200 devices
-CVE-2016-2282 (Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration ...)
+CVE-2016-2282
 	NOT-FOR-US: Moxa ioLogik E2200 devices
-CVE-2016-2281 (Untrusted search path vulnerability in ABB Panel Builder 800 5.1 ...)
+CVE-2016-2281
 	NOT-FOR-US: ABB Panel Builder
-CVE-2016-2280 (Buffer overflow in RDISERVER in Honeywell Uniformance Process History ...)
+CVE-2016-2280
 	NOT-FOR-US: Honeywell
-CVE-2016-2279 (Cross-site scripting (XSS) vulnerability in the web server in Rockwell ...)
+CVE-2016-2279
 	NOT-FOR-US: CompactLogix
-CVE-2016-2278 (Schneider Electric Struxureware Building Operations Automation Server ...)
+CVE-2016-2278
 	NOT-FOR-US: Schneider Electric
-CVE-2016-2277 (IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) ...)
+CVE-2016-2277
 	NOT-FOR-US: Rockwell
 CVE-2016-2276
 	REJECTED
-CVE-2016-2275 (The web interface on Advantech/B+B SmartWorx VESP211-EU devices with ...)
+CVE-2016-2275
 	NOT-FOR-US: SmartWorx
-CVE-2016-2274 (An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base ...)
+CVE-2016-2274
 	NOT-FOR-US: Adcon
 CVE-2016-2273
 	REJECTED
-CVE-2016-2272 (Eaton Lighting EG2 Web Control 4.04P and earlier allows remote ...)
+CVE-2016-2272
 	NOT-FOR-US: Eaton Lighting
-CVE-2016-2271 (VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows ...)
+CVE-2016-2271
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-170.html
-CVE-2016-2270 (Xen 4.6.x and earlier allows local guest administrators to cause a ...)
+CVE-2016-2270
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-154.html
 CVE-2016-2269
 	RESERVED
-CVE-2016-2268 (Dell SecureWorks app before 2.1 for iOS does not validate SSL ...)
+CVE-2016-2268
 	NOT-FOR-US: Dell
 CVE-2016-2267
 	REJECTED
@@ -25697,15 +25697,15 @@ CVE-2016-2248
 	REJECTED
 CVE-2016-2247
 	REJECTED
-CVE-2016-2246 (HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control ...)
+CVE-2016-2246
 	NOT-FOR-US: HP ThinPro
-CVE-2016-2245 (HP Support Assistant before 8.1.52.1 allows remote attackers to bypass ...)
+CVE-2016-2245
 	NOT-FOR-US: HP Support Assistant
-CVE-2016-2244 (HP LaserJet printers and MFPs and OfficeJet Enterprise printers with ...)
+CVE-2016-2244
 	NOT-FOR-US: HP LaserJet Printers
-CVE-2016-2243 (Sure Start on HP Commercial PCs 2015 allows local users to cause a ...)
+CVE-2016-2243
 	NOT-FOR-US: HP Commercial PCs with Sure Start
-CVE-2016-2313 (auth_login.php in Cacti before 0.8.8g allows remote authenticated ...)
+CVE-2016-2313
 	{DLA-560-1}
 	- cacti 0.8.8g+ds1-1 (bug #814353)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u5
@@ -25715,7 +25715,7 @@ CVE-2016-2313 (auth_login.php in Cacti before 0.8.8g allows remote authenticated
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=965930
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/09/3
 	NOTE: Only exploitable in non default setup
-CVE-2016-2312 (Turning all screens off in Plasma-workspace and kscreenlocker while ...)
+CVE-2016-2312
 	- plasma-workspace 4:5.4.3-2 (bug #814355)
 	NOTE: Affects plasma-workspace < 5.5.0, kscreenlocker < 5.5.5
 	NOTE: kscreenlocker is only in experimental
@@ -25731,7 +25731,7 @@ CVE-2016-XXXX [Stack corruption from crafted pattern]
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1780
 	NOTE: Possibly introduced after http://vcs.pcre.org/pcre?view=revision&revision=1266
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1638 (8.39)
-CVE-2016-2242 (Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to ...)
+CVE-2016-2242
 	NOT-FOR-US: Exponent CMS
 CVE-2016-2241
 	RESERVED
@@ -25749,21 +25749,21 @@ CVE-2016-2235
 	RESERVED
 CVE-2016-2234
 	RESERVED
-CVE-2016-2233 (Stack-based buffer overflow in the inbound_cap_ls function in ...)
+CVE-2016-2233
 	- hexchat 2.12.0-1 (low)
 	[jessie] - hexchat <no-dsa> (Minor issue, requires connection to a malicious server)
 	NOTE: https://www.exploit-db.com/exploits/39657/
 	NOTE: https://github.com/hexchat/hexchat/issues/1934
 	NOTE: https://github.com/hexchat/hexchat/commit/4e061a43b3453a9856d34250c3913175c45afe9d
-CVE-2016-2231 (The Windows-based Host Interface Program (WHIP) service on Huawei ...)
+CVE-2016-2231
 	NOT-FOR-US: Huawei
-CVE-2016-2230 (OpenELEC and RasPlex devices have a hardcoded password for the root ...)
+CVE-2016-2230
 	NOT-FOR-US: OpenELEC/ResPlex
 CVE-2016-2229
 	RESERVED
 CVE-2016-2227
 	RESERVED
-CVE-2016-2226 (Integer overflow in the string_appends function in cplus-dem.c in ...)
+CVE-2016-2226
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -25779,57 +25779,57 @@ CVE-2016-2223
 	RESERVED
 CVE-2016-2220
 	RESERVED
-CVE-2016-2219 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2016-2219
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2016-2218
 	RESERVED
-CVE-2016-2224 (The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before ...)
+CVE-2016-2224
 	{DLA-561-1}
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2
-CVE-2016-2225 (The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng ...)
+CVE-2016-2225
 	{DLA-561-1}
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/6932f2282ba0578d6ca2f21eead920d6b78bc93c
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2
-CVE-2016-2216 (The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 ...)
+CVE-2016-2216
 	- nodejs 4.3.0~dfsg-1 (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
 CVE-2016-2215
 	RESERVED
-CVE-2016-2214 (Cross-site scripting (XSS) vulnerability in an unspecified portal ...)
+CVE-2016-2214
 	NOT-FOR-US: Huawei
-CVE-2016-2212 (The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class ...)
+CVE-2016-2212
 	NOT-FOR-US: Magento
-CVE-2016-2211 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
+CVE-2016-2211
 	NOT-FOR-US: Symantec
-CVE-2016-2210 (Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in ...)
+CVE-2016-2210
 	NOT-FOR-US: Symantec
-CVE-2016-2209 (Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in ...)
+CVE-2016-2209
 	NOT-FOR-US: Symantec
-CVE-2016-2208 (The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 ...)
+CVE-2016-2208
 	NOT-FOR-US: Symantec
-CVE-2016-2207 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
+CVE-2016-2207
 	NOT-FOR-US: Symantec
-CVE-2016-2206 (The management console in Symantec Workspace Streaming (SWS) 7.5.x ...)
+CVE-2016-2206
 	NOT-FOR-US: Symantec
-CVE-2016-2205 (Directory traversal vulnerability in the file-download configuration ...)
+CVE-2016-2205
 	NOT-FOR-US: Symantec
-CVE-2016-2204 (The management console on Symantec Messaging Gateway (SMG) Appliance ...)
+CVE-2016-2204
 	NOT-FOR-US: Symantec
-CVE-2016-2203 (The management console on Symantec Messaging Gateway (SMG) Appliance ...)
+CVE-2016-2203
 	NOT-FOR-US: Symantec
-CVE-2016-2202 (The Inventory Solution component in the Management Agent in the client ...)
+CVE-2016-2202
 	NOT-FOR-US: Symantec
-CVE-2016-2201 (Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote ...)
+CVE-2016-2201
 	NOTE: Siemens SIMATIC
-CVE-2016-2200 (Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote ...)
+CVE-2016-2200
 	NOTE: Siemens SIMATIC
-CVE-2016-4009 (Integer overflow in the ImagingResampleHorizontal function in ...)
+CVE-2016-4009
 	- pillow 3.1.1-1
 	[jessie] - pillow <not-affected>
 	- python-imaging <removed>
@@ -25839,7 +25839,7 @@ CVE-2016-4009 (Integer overflow in the ImagingResampleHorizontal function in ...
 	NOTE: Upstream confirmed that versions prior 2.7 are not vulnerable.
 	NOTE: https://github.com/python-pillow/Pillow/pull/1714
 	NOTE: https://github.com/python-pillow/Pillow/issues/1737
-CVE-2016-2232 (Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before ...)
+CVE-2016-2232
 	{DSA-3700-1}
 	- asterisk 1:13.7.2~dfsg-1
 	[wheezy] - asterisk <no-dsa> (Minor issue)
@@ -25849,7 +25849,7 @@ CVE-2016-2232 (Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x b
 	NOTE: issue was introduced in 2006 with commit 0f5e4e47, so squeeze and previous also vulnerable
 	NOTE: patch for 11 / jessie: https://code.asterisk.org/code/changelog/asterisk?cs=da2573a3779425654543d6ac4c4dd6871ce16720
 	NOTE: all versions vulnerable, backport required for wheezy
-CVE-2016-2316 (chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and ...)
+CVE-2016-2316
 	{DSA-3700-1}
 	- asterisk 1:13.7.2~dfsg-1
 	[wheezy] - asterisk <no-dsa> (Minor issue)
@@ -25859,7 +25859,7 @@ CVE-2016-2316 (chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x
 	NOTE: issue introduced in ~2008 with the SIP timer support implementation (https://issues.asterisk.org/jira/browse/ASTERISK-4257 https://issues.asterisk.org/jira/browse/ASTERISK-5187), so squeeze also vulnerable
 	NOTE: patch for jessie / 11: https://code.asterisk.org/code/changelog/asterisk?cs=882e85388295eac8eebd0b82e71a9af0a769b41f
 	NOTE: all versions vulnerable, backport required for wheezy
-CVE-2016-2228 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2016-2228
 	{DSA-3497-1}
 	- php-horde 5.2.9+debian0-1 (bug #813573)
 	NOTE: https://bugs.horde.org/ticket/14213
@@ -25869,47 +25869,47 @@ CVE-2016-2228 (Cross-site scripting (XSS) vulnerability in ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/4
 CVE-2016-7028
 	REJECTED
-CVE-2016-2199 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2016-2199
 	NOT-FOR-US: Enterprise Manager in McAfee Vulnerability Manager
-CVE-2016-2213 (The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in ...)
+CVE-2016-2213
 	- ffmpeg 7:2.8.6-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=0aada30510d809bccfd539a90ea37b61188f2cb4
-CVE-2016-2196 (Heap-based buffer overflow in the P-521 reduction function in Botan ...)
+CVE-2016-2196
 	- botan1.10 <not-affected> (Introduced in 1.11.10)
 	NOTE: Introduced in 1.11.10, fixed in 1.11.27
 	NOTE: http://botan.randombit.net/security.html
-CVE-2016-2195 (Integer overflow in the PointGFp constructor in Botan before 1.10.11 ...)
+CVE-2016-2195
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.12-1
 	NOTE: Introduced in 1.9.18, fixed in 1.11.27 and 1.10.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2016-2194 (The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 ...)
+CVE-2016-2194
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.12-1
 	NOTE: Introduced in 1.7.15, fixed in 1.11.27 and 1.10.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2016-2193 (PostgreSQL before 9.5.x before 9.5.2 does not properly maintain ...)
+CVE-2016-2193
 	- postgresql-9.5 9.5.2-1
 	- postgresql-9.4 <not-affected> (Only affects 9.5.x)
 	- postgresql-9.1 <not-affected> (Only affects 9.5.x)
 	- postgresql-8.4 <not-affected> (Only affects 9.5.x)
 	NOTE: http://www.postgresql.org/about/news/1656/
 	NOTE: http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=db69e58a0642ef7fa46d62f6c4cf2460c3a1b41b
-CVE-2016-2192 (PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to ...)
+CVE-2016-2192
 	- postgresql-pljava <removed>
 	[wheezy] - postgresql-pljava <no-dsa> (Minor issue)
-CVE-2016-2191 (The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before ...)
+CVE-2016-2191
 	{DSA-3546-1}
 	- optipng 0.7.6-1 (bug #820068)
 	NOTE: https://sourceforge.net/p/optipng/bugs/59/
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/04/2
-CVE-2016-2190 (Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x ...)
+CVE-2016-2190
 	- moodle 2.7.13+dfsg-1
 CVE-2016-2189
 	REJECTED
-CVE-2016-2188 (The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the ...)
+CVE-2016-2188
 	{DLA-922-1}
 	- linux 4.9.16-1
 	[jessie] - linux 3.16.43-1
@@ -25921,117 +25921,117 @@ CVE-2016-2188 (The iowarrior_probe function in drivers/usb/misc/iowarrior.c in t
 	NOTE: From kernel-sec triaging: the above commits only handles the case where there
 	NOTE: are zero endpoints, but not the case where there are some endpoints but none of the expected type.
 	NOTE: Fixed by: https://git.kernel.org/linus/b7321e81fc369abe353cf094d4f0dc2fe11ab95f (v4.11-rc2)
-CVE-2016-2187 (The gtco_probe function in drivers/input/tablet/gtco.c in the Linux ...)
+CVE-2016-2187
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.2-1
 	NOTE: Upstream commit: https://git.kernel.org/linus/162f98dea487206d9ab79fc12ed64700667a894d (v4.6-rc5)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317017
-CVE-2016-2186 (The powermate_probe function in drivers/input/misc/powermate.c in the ...)
+CVE-2016-2186
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317015
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283384
 	NOTE: http://seclists.org/bugtraq/2016/Mar/85
 	NOTE: http://marc.info/?l=linux-usb&m=145796479528669&w=2
-CVE-2016-2185 (The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in ...)
+CVE-2016-2185
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317014
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283362
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283363
-CVE-2016-2184 (The create_fixed_stream_quirk function in sound/usb/quirks.c in the ...)
+CVE-2016-2184
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317012
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283355
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283358
-CVE-2016-2183 (The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec ...)
+CVE-2016-2183
 	NOTE: Generic protocol issue
 	NOTE: The CVE is assigned for the protocol flaw in the DES/3DES cipher, used as a part of the SSL/TLS protocol.
 	NOTE: What was done in OpenSSL: https://www.openssl.org/blog/blog/2016/08/24/sweet32/
 	NOTE: Python issue: https://bugs.python.org/issue27850
-CVE-2016-2182 (The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 ...)
+CVE-2016-2182
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=07bed46f332fce8c1d157689a2cdf915a982ae34
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=099e2968ed3c7d256cda048995626664082b1b30
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2181 (The Anti-Replay feature in the DTLS implementation in OpenSSL before ...)
+CVE-2016-2181
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=1fb9fdc3027b27d8eb6a1e6a846435b070980770
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2180 (The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 ...)
+CVE-2016-2180
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=0ed26acce328ec16a3aa635f1ca37365e8c7403a
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2179 (The DTLS implementation in OpenSSL before 1.1.0 does not properly ...)
+CVE-2016-2179
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2178 (The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL ...)
+CVE-2016-2178
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1 (low)
 	NOTE: Fixed in master branch in https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2177 (OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for ...)
+CVE-2016-2177
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1 (low)
 	NOTE: Fixed in 1.0.2 branch in https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7
 	NOTE: https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2176 (The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL ...)
+CVE-2016-2176
 	- openssl <not-affected> (Only applies to EBCDIC systems)
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2175 (Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly ...)
+CVE-2016-2175
 	{DSA-3606-1 DLA-505-1}
 	- libpdfbox-java 1:1.8.12-1
 	NOTE: Fixed on upstream 1.8 branch in https://svn.apache.org/viewvc?view=revision&revision=1739564
 	NOTE: Fixed on upstream 2.0 branch in https://svn.apache.org/viewvc?view=revision&revision=1739565
-CVE-2016-2174 (SQL injection vulnerability in the policy admin tool in Apache Ranger ...)
+CVE-2016-2174
 	NOT-FOR-US: Apache Ranger
-CVE-2016-2173 (org.springframework.core.serializer.DefaultDeserializer in Spring AMQP ...)
+CVE-2016-2173
 	NOT-FOR-US: Spring AMQP
 CVE-2016-2172
 	REJECTED
-CVE-2016-2171 (The User Manager service in Apache Jetspeed before 2.3.1 does not ...)
+CVE-2016-2171
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-2170 (Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow ...)
+CVE-2016-2170
 	NOT-FOR-US: Apache OFBiz
-CVE-2016-2169 (Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 ...)
+CVE-2016-2169
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-2168 (The req_check_access function in the mod_authz_svn module in the httpd ...)
+CVE-2016-2168
 	{DSA-3561-1 DLA-448-1}
 	- subversion 1.9.4-1
 	NOTE: https://subversion.apache.org/security/CVE-2016-2168-advisory.txt
-CVE-2016-2167 (The canonicalize_username function in svnserve/cyrus_auth.c in Apache ...)
+CVE-2016-2167
 	{DSA-3561-1 DLA-448-1}
 	- subversion 1.9.4-1
 	NOTE: https://subversion.apache.org/security/CVE-2016-2167-advisory.txt
-CVE-2016-2166 (The (1) proton.reactor.Connector, (2) proton.reactor.Container, and ...)
+CVE-2016-2166
 	- qpid-proton <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/PROTON-1157
 	NOTE: http://qpid.apache.org/releases/qpid-proton-0.12.1/
 	NOTE: Affects Qpid Proton python API starting at 0.9 up to and including 0.12.0
-CVE-2016-2165 (The Loggregator Traffic Controller endpoints in cf-release v231 and ...)
+CVE-2016-2165
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-2164 (The (1) FileService.importFileByInternalUserId and (2) ...)
+CVE-2016-2164
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-2163 (Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before ...)
+CVE-2016-2163
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-2162 (Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale ...)
+CVE-2016-2162
 	- libstruts1.2-java <not-affected> (Only affects 2.0.0 to 2.3.24.1)
 	NOTE: http://struts.apache.org/docs/s2-030.html
-CVE-2016-2161 (In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to ...)
+CVE-2016-2161
 	{DSA-3796-1}
 	- apache2 2.4.25-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code introduced in 2.4.x)
@@ -26039,66 +26039,66 @@ CVE-2016-2161 (In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input t
 	NOTE: Fixed by: https://svn.apache.org/r1772919
 	NOTE: Affects: 2.4.1 to 2.4.23
 	NOTE: Fixed in 2.4.25
-CVE-2016-2160 (Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote ...)
+CVE-2016-2160
 	NOT-FOR-US: OpenShift
-CVE-2016-2159 (The save_submission function in mod/assign/externallib.php in Moodle ...)
+CVE-2016-2159
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2158 (lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before ...)
+CVE-2016-2158
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2157 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2016-2157
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2156 (calendar/externallib.php in Moodle through 2.6.11, 2.7.x before ...)
+CVE-2016-2156
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2155 (The grade-reporting feature in Singleview (aka Single View) in Moodle ...)
+CVE-2016-2155
 	- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2016-2154 (admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before ...)
+CVE-2016-2154
 	- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2016-2153 (Cross-site scripting (XSS) vulnerability in the advanced-search ...)
+CVE-2016-2153
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2152 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2016-2152
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2151 (user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x ...)
+CVE-2016-2151
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2150 (SPICE allows local guest OS users to read from or write to arbitrary ...)
+CVE-2016-2150
 	{DSA-3596-1 DLA-531-1}
 	- spice 0.12.6-4.1 (bug #826584)
-CVE-2016-2149 (Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to ...)
+CVE-2016-2149
 	NOT-FOR-US: OpenShift
-CVE-2016-2148 (Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox ...)
+CVE-2016-2148
 	{DLA-1445-1}
 	- busybox 1:1.27.2-1 (bug #818497)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2
-CVE-2016-2147 (Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 ...)
+CVE-2016-2147
 	{DLA-1445-1}
 	- busybox 1:1.27.2-1 (bug #818499)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87
-CVE-2016-2146 (The am_read_post_data function in mod_auth_mellon before 0.11.1 does ...)
+CVE-2016-2146
 	- libapache2-mod-auth-mellon 0.12.0-1
 	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
-CVE-2016-2145 (The am_read_post_data function in mod_auth_mellon before 0.11.1 does ...)
+CVE-2016-2145
 	- libapache2-mod-auth-mellon 0.12.0-1
 	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
 CVE-2016-2144
 	REJECTED
-CVE-2016-2143 (The fork implementation in the Linux kernel before 4.5 on s390 ...)
+CVE-2016-2143
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.4.6-1
 	[wheezy] - linux <no-dsa> (Architecture not supported in Wheezy LTS)
 	NOTE: Fixed by: https://git.kernel.org/linus/3446c13b268af86391d06611327006b059b8bab1 (v4.5)
 	NOTE: Introduced in: https://git.kernel.org/linus/6252d702c5311ce916caf75ed82e5c8245171c92 (v2.6.25-rc1)
-CVE-2016-2142 (Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on ...)
+CVE-2016-2142
 	NOT-FOR-US: OpenShift
-CVE-2016-2141 (JGroups before 4.0 does not require the proper headers for the ENCRYPT ...)
+CVE-2016-2141
 	- libjgroups-java <unfixed> (low; bug #867493)
 	[buster] - libjgroups-java <ignored> (Minor issue, only used as build dep)
 	[stretch] - libjgroups-java <ignored> (Minor issue, only used as build dep)
 	[jessie] - libjgroups-java <no-dsa> (Minor issue)
 	[wheezy] - libjgroups-java <no-dsa> (Minor issue, only used as build dependency)
-CVE-2016-2140 (The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) ...)
+CVE-2016-2140
 	- nova 2:13.0.0-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
@@ -26129,120 +26129,120 @@ CVE-2016-2128
 	REJECTED
 CVE-2016-2127
 	REJECTED
-CVE-2016-2126 (Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation ...)
+CVE-2016-2126
 	{DSA-3740-1}
 	- samba 2:4.5.2+dfsg-2
 	[wheezy] - samba <not-affected> (Affects only Samba 4.0.0 to 4.5.2)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2126.html
-CVE-2016-2125 (It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always ...)
+CVE-2016-2125
 	{DSA-3740-1 DLA-776-1}
 	- samba 2:4.5.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2125.html
 	NOTE: Patch (with some more) here: https://download.samba.org/pub/samba/patches/security/samba-4.3.12-security-20016-12-19.patch
 CVE-2016-2124
 	RESERVED
-CVE-2016-2123 (A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ...)
+CVE-2016-2123
 	{DSA-3740-1}
 	- samba 2:4.5.2+dfsg-2
 	[wheezy] - samba <not-affected> (Affects only Samba 4.0.0 to 4.5.2)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2123.html
 CVE-2016-2122
 	RESERVED
-CVE-2016-2121 (A permissions flaw was found in redis, which sets weak permissions on ...)
+CVE-2016-2121
 	- redis 3:3.2.5-2 (bug #842987)
 	[jessie] - redis <no-dsa> (Minor issue)
 	[wheezy] - redis <no-dsa> (minor issue, details see #842987)
 	NOTE: Might be Red Hat-specific, needs investigation
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374700
-CVE-2016-2120 (An issue has been found in PowerDNS Authoritative Server versions up ...)
+CVE-2016-2120
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-05/
-CVE-2016-2119 (libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before ...)
+CVE-2016-2119
 	{DSA-3740-1}
 	- samba 2:4.4.5+dfsg-1 (bug #830195)
 	[wheezy] - samba <not-affected> (Affects Samba 4.0.0 to 4.4.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2119.html
 	NOTE: Affects Samba 4.0.0 to 4.4.4
-CVE-2016-2118 (The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x ...)
+CVE-2016-2118
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2118.html
 	NOTE: http://badlock.org/
-CVE-2016-2117 (The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in ...)
+CVE-2016-2117
 	{DSA-3607-1}
 	- linux 4.5.2-1
 	[wheezy] - linux <not-affected> (Issue introduced with v3.10-rc1)
 	NOTE: Introduced in https://git.kernel.org/linus/ec5f061564238892005257c83565a0b58ec79295 (v3.10-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/16/7
-CVE-2016-2116 (Memory leak in the jas_iccprof_createfrombuf function in JasPer ...)
+CVE-2016-2116
 	{DSA-3508-1}
 	- jasper <removed> (bug #816626)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/12
-CVE-2016-2115 (Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before ...)
+CVE-2016-2115
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2115.html
-CVE-2016-2114 (The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x ...)
+CVE-2016-2114
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	[wheezy] - samba <not-affected> (Affects Samba 4.0.0 to 4.4.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2114.html
-CVE-2016-2113 (Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 ...)
+CVE-2016-2113
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	[wheezy] - samba <not-affected> (Affects Samba 4.0.0 to 4.4.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2113.html
-CVE-2016-2112 (The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, ...)
+CVE-2016-2112
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2112.html
-CVE-2016-2111 (The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before ...)
+CVE-2016-2111
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2111.html
-CVE-2016-2110 (The NTLMSSP authentication implementation in Samba 3.x and 4.x before ...)
+CVE-2016-2110
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2110.html
-CVE-2016-2109 (The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 ...)
+CVE-2016-2109
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=c62981390d6cf9e3d612c489b8b77c2913b25807
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2108 (The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before ...)
+CVE-2016-2108
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2c-1
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2107 (The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before ...)
+CVE-2016-2107
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2106 (Integer overflow in the EVP_EncryptUpdate function in ...)
+CVE-2016-2106
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=3f3582139fbb259a1c3cbb0a25236500a409bf26
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2105 (Integer overflow in the EVP_EncodeUpdate function in ...)
+CVE-2016-2105
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ee1e3cac2e83abc77bcc8ff98729ca1e10fcc920
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat ...)
+CVE-2016-2104
 	NOT-FOR-US: Red Hat Satellite
-CVE-2016-2103 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat ...)
+CVE-2016-2103
 	NOT-FOR-US: Red Hat Satellite
-CVE-2016-2102 (HAProxy statistics in openstack-tripleo-image-elements are ...)
+CVE-2016-2102
 	- tripleo-image-elements <not-affected> (Configuration not found in Debian's version)
 CVE-2016-2101
 	RESERVED
-CVE-2016-2100 (Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote ...)
+CVE-2016-2100
 	- foreman <itp> (bug #663101)
-CVE-2016-2099 (Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in ...)
+CVE-2016-2099
 	{DSA-3579-1 DLA-467-1}
 	- xerces-c 3.1.3+debian-2 (bug #823863)
 	NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
-CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and ...)
+CVE-2016-2098
 	{DSA-3509-1 DLA-604-1}
 	- rails 2:4.2.5.2-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -26252,7 +26252,7 @@ CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
 	NOTE: Versions Affected: 3.2.x, 4.0.x, 4.1.x, 4.2.x
 	NOTE: Fixed Versions: 3.2.22.2, 4.1.14.2, 4.2.5.2
-CVE-2016-2097 (Directory traversal vulnerability in Action View in Ruby on Rails ...)
+CVE-2016-2097
 	{DSA-3509-1 DLA-604-1}
 	- rails 2:4.2.5.2-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -26267,11 +26267,11 @@ CVE-2016-2096
 	RESERVED
 CVE-2016-2095
 	RESERVED
-CVE-2016-2094 (The HTTPS NIO Connector allows remote attackers to cause a denial of ...)
+CVE-2016-2094
 	NOT-FOR-US: JBoss EAP
 CVE-2016-2093
 	RESERVED
-CVE-2016-2533 (Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in ...)
+CVE-2016-2533
 	{DSA-3499-1 DLA-422-1}
 	- pillow 3.1.1-1
 	- python-imaging <removed>
@@ -26279,19 +26279,19 @@ CVE-2016-2533 (Buffer overflow in the ImagingPcdDecode function in PcdDecode.c i
 	NOTE: https://github.com/python-pillow/Pillow/pull/1706
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/02/5
 	NOTE: https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4
-CVE-2016-2221 (Open redirect vulnerability in the wp_validate_redirect function in ...)
+CVE-2016-2221
 	{DSA-3472-1 DLA-418-1}
 	- wordpress 4.4.2+dfsg-1 (bug #813697)
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE: https://core.trac.wordpress.org/changeset/36444
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
-CVE-2016-2222 (The wp_http_validate_url function in wp-includes/http.php in WordPress ...)
+CVE-2016-2222
 	{DSA-3472-1 DLA-418-1}
 	- wordpress 4.4.2+dfsg-1 (bug #813697)
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE: https://core.trac.wordpress.org/changeset/36435
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
-CVE-2016-2217 (The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does ...)
+CVE-2016-2217
 	- socat 1.7.3.1-1 (bug #813536)
 	[jessie] - socat <not-affected> (Broken 1024bit DH parameter generated in 1.7.3.0)
 	[wheezy] - socat <not-affected> (Broken 1024bit DH parameter generated in 1.7.3.0)
@@ -26301,7 +26301,7 @@ CVE-2016-2217 (The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8
 	NOTE: bit long.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/01/4
 	NOTE: http://www.dest-unreach.org/socat/contrib/socat-secadv7.html
-CVE-2016-5114 (sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and ...)
+CVE-2016-5114
 	{DLA-628-1}
 	- php5 5.6.17+dfsg-1
 	[jessie] - php5 5.6.17+dfsg-0+deb8u1
@@ -26314,7 +26314,7 @@ CVE-2016-3197
 	REJECTED
 CVE-2016-2092
 	RESERVED
-CVE-2016-2198 (QEMU (aka Quick Emulator) built with the USB EHCI emulation support is ...)
+CVE-2016-2198
 	{DLA-1497-1}
 	- qemu 1:2.6+dfsg-1 (bug #813193)
 	[wheezy] - qemu <not-affected> (Introduced after v1.2.0)
@@ -26322,7 +26322,7 @@ CVE-2016-2198 (QEMU (aka Quick Emulator) built with the USB EHCI emulation suppo
 	- qemu-kvm <not-affected> (Introduced after v1.2.0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=dff0367cf66f489aa772320fa2937a8cac1ca30d (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1301643
-CVE-2016-2197 (QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is ...)
+CVE-2016-2197
 	- qemu 1:2.6+dfsg-1 (bug #813194)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -26332,10 +26332,10 @@ CVE-2016-2197 (QEMU (aka Quick Emulator) built with an IDE AHCI emulation suppor
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302057
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/29/2
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3d8e1138cd0c843d6fd75272633a31be6554ef (v2.3.0-rc2)
-CVE-2016-2088 (resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS ...)
+CVE-2016-2088
 	- bind9 <not-affected> (Introduced in Bind 9.10)
 	NOTE: https://kb.isc.org/article/AA-01351
-CVE-2016-2087 (Directory traversal vulnerability in the client in HexChat 2.11.0 ...)
+CVE-2016-2087
 	{DLA-1050-1}
 	- xchat 2.8.8-10
 	[jessie] - xchat <no-dsa> (Minor issue)
@@ -26348,17 +26348,17 @@ CVE-2016-2087 (Directory traversal vulnerability in the client in HexChat 2.11.0
 	NOTE: Would be included in upstream source since the upload 2.12.3-0.1 to unstable but the
 	NOTE: Debian packaging reverts the 15600f405f2d5bda6ccf0dd73957395716e0d4d3 commit
 	NOTE: The Debian packagging drops the revert in 2.12.4-4 to not diverge from upstream.
-CVE-2016-2086 (Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before ...)
+CVE-2016-2086
 	- nodejs 4.3.0~dfsg-1 (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
-CVE-2016-2091 (The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf ...)
+CVE-2016-2091
 	{DLA-669-1}
 	- dwarfutils 20160507-1 (bug #813148)
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/3
 	NOTE: Fixed by http://sourceforge.net/p/libdwarf/code/ci/9565964f26966d8391fe2cfa8e6e8e59278c5f91
-CVE-2016-2090 (Off-by-one vulnerability in the fgetwln function in libbsd before ...)
+CVE-2016-2090
 	- libbsd 0.8.2-1
 	[jessie] - libbsd <no-dsa> (Minor issue)
 	[wheezy] - libbsd <not-affected> (Vulnerable code not present)
@@ -26368,45 +26368,45 @@ CVE-2016-2090 (Off-by-one vulnerability in the fgetwln function in libbsd before
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=93881
 	NOTE: Fixed by: http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7 (0.8.2)
 	NOTE: Introduced by: http://cgit.freedesktop.org/libbsd/commit/?id=a97ce513e031b29a47965b740be14fb9a84277fc (0.5.0)
-CVE-2016-2089 (The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows ...)
+CVE-2016-2089
 	{DSA-3508-1}
 	- jasper <removed> (bug #812978)
 	[squeeze] - jasper <no-dsa> (Minor issue)
 	NOTE: https://github.com/mdadams/jasper/commit/c87ad330a8b8d6e5eb0065675601fdfae08ebaab
-CVE-2016-2085 (The evm_verify_hmac function in security/integrity/evm/evm_main.c in ...)
+CVE-2016-2085
 	- linux 4.4.2-1 (unimportant)
 	[jessie] - linux 3.16.7-ckt25-1
 	- linux-2.6 <removed> (unimportant)
 	NOTE: EVM is not enabled
 	NOTE: https://git.kernel.org/linus/613317bd212c585c20796c10afe5daaa95d4b0a1 (v4.5-rc4)
-CVE-2016-2084 (F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM ...)
+CVE-2016-2084
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-2083
 	REJECTED
-CVE-2016-2082 (Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log ...)
+CVE-2016-2082
 	NOT-FOR-US: VMware
-CVE-2016-2081 (Cross-site scripting (XSS) vulnerability in VMware vRealize Log ...)
+CVE-2016-2081
 	NOT-FOR-US: VMware
 CVE-2016-2080
 	REJECTED
-CVE-2016-2079 (VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge ...)
+CVE-2016-2079
 	NOT-FOR-US: VMware
-CVE-2016-2078 (Cross-site scripting (XSS) vulnerability in the Web Client in VMware ...)
+CVE-2016-2078
 	NOT-FOR-US: VMware
-CVE-2016-2077 (VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before ...)
+CVE-2016-2077
 	NOT-FOR-US: VMware
-CVE-2016-2076 (Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, ...)
+CVE-2016-2076
 	NOT-FOR-US: VMware
-CVE-2016-2075 (Cross-site scripting (XSS) vulnerability in VMware vRealize Business ...)
+CVE-2016-2075
 	NOT-FOR-US: VMware vRealize Business Advanced and Enterprise
-CVE-2016-2074 (Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x ...)
+CVE-2016-2074
 	{DSA-3533-1}
 	- openvswitch 2.3.0+git20140819-4
 	[wheezy] - openvswitch <not-affected> (Affects only 2.2.x and later)
 	NOTE: http://openvswitch.org/pipermail/announce/2016-March/000082.html
-CVE-2016-2072 (The Administrative Web Interface in Citrix NetScaler Application ...)
+CVE-2016-2072
 	NOT-FOR-US: Citrix
-CVE-2016-2071 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler ...)
+CVE-2016-2071
 	NOT-FOR-US: Citrix
 CVE-2016-XXXX [out of bound read and write issues]
 	- giflib 5.1.4-0.1 (bug #820594)
@@ -26416,139 +26416,139 @@ CVE-2016-XXXX [out of bound read and write issues]
 	NOTE: http://sourceforge.net/p/giflib/bugs/82/
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/26/5
 	NOTE: http://sourceforge.net/p/giflib/code/ci/4cc68b315ff9a378aef6664e1be6b2144ad4a5e6/
-CVE-2016-2073 (The htmlParseNameComplex function in HTMLparser.c in libxml2 allows ...)
+CVE-2016-2073
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #812807)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/6
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/26/8 has details
 	NOTE: Same fix as CVE-2016-1839 and CVE-2015-8806
-CVE-2016-2070 (The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux ...)
+CVE-2016-2070
 	- linux 4.3.5-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream commit: https://git.kernel.org/linus/8b8a321ff72c785ed5e8b4cf6eda20b35d427390 (v4.4)
 	NOTE: Introduced by: https://git.kernel.org/linus/3759824da87b30ce7a35b4873b62b0ba38905ef5 (v4.3-rc1)
-CVE-2016-2068 (The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel ...)
+CVE-2016-2068
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2067 (drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for ...)
+CVE-2016-2067
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2066 (Integer signedness error in the MSM QDSP6 audio driver for the Linux ...)
+CVE-2016-2066
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2065 (sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio ...)
+CVE-2016-2065
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2064 (sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio ...)
+CVE-2016-2064
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2063 (Stack-based buffer overflow in the supply_lm_input_write function in ...)
+CVE-2016-2063
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2062 (The adreno_perfcounter_query_group function in ...)
+CVE-2016-2062
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2061 (Integer signedness error in the MSM V4L2 video driver for the Linux ...)
+CVE-2016-2061
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2060 (server/TetherController.cpp in the tethering controller in netd, as ...)
+CVE-2016-2060
 	NOT-FOR-US: Android
-CVE-2016-2059 (The msm_ipc_router_bind_control_port function in ...)
+CVE-2016-2059
 	NOT-FOR-US: Android drivers
-CVE-2016-2058 (Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, ...)
+CVE-2016-2058
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2057 (lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use ...)
+CVE-2016-2057
 	{DSA-3495-1}
 	- xymon 4.3.25-1
 	[wheezy] - xymon <not-affected> (vulnerable code not present)
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2056 (xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote ...)
+CVE-2016-2056
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2055 (xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before ...)
+CVE-2016-2055
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2054 (Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, ...)
+CVE-2016-2054
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2052 (Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used ...)
+CVE-2016-2052
 	- harfbuzz 1.2.6-1
 	[jessie] - harfbuzz <not-affected> (Vulnerable code not present)
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=544270
 	NOTE: https://github.com/behdad/harfbuzz/commit/63ef0b41dc48d6112d1918c1b1de9de8ea90adb5
-CVE-2016-2051 (Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, ...)
+CVE-2016-2051
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-2048 (Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, ...)
+CVE-2016-2048
 	- python-django 1.9.2-1 (bug #813448)
 	[jessie] - python-django <not-affected> (Only affects 1.9)
 	[wheezy] - python-django <not-affected> (Only affects 1.9)
 	[squeeze] - python-django <not-affected> (Only affects 1.9)
 	NOTE: https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/
-CVE-2016-2046 (Cross-site scripting (XSS) vulnerability in the UserPortal page in ...)
+CVE-2016-2046
 	NOT-FOR-US: SOPHOS
-CVE-2016-2045 (Cross-site scripting (XSS) vulnerability in the SQL editor in ...)
+CVE-2016-2045
 	{DLA-481-1}
 	- phpmyadmin 4:4.5.4-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-9/
-CVE-2016-2044 (libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin ...)
+CVE-2016-2044
 	- phpmyadmin 4:4.5.4-1
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-8/
 	NOTE: vulnerability introduced in 4.5.0.1 / 718ef31
-CVE-2016-2043 (Cross-site scripting (XSS) vulnerability in the goToFinish1NF function ...)
+CVE-2016-2043
 	- phpmyadmin 4:4.5.4-1
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-7/
 	NOTE: vulnerability introduced in 4.3.3 / 1e971f3
-CVE-2016-2042 (phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote ...)
+CVE-2016-2042
 	- phpmyadmin 4:4.5.4-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: introduced as part of the CVE-2016-2039 fix
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-6/
 	NOTE: path disclosure not relevant on Debian
-CVE-2016-2041 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...)
+CVE-2016-2041
 	{DSA-3627-1 DLA-481-1 DLA-406-1}
 	- phpmyadmin 4:4.5.4-1
 	NOTE: squeeze patch backport trivial to wheezy
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-5/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c
-CVE-2016-2040 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2016-2040
 	{DSA-3627-1 DLA-481-1}
 	- phpmyadmin 4:4.5.4-1
 	[squeeze] - phpmyadmin <no-dsa> (minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-3/
-CVE-2016-2039 (libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...)
+CVE-2016-2039
 	{DSA-3627-1 DLA-481-1 DLA-406-1}
 	- phpmyadmin 4:4.5.4-1
 	NOTE: squeeze patch was actually incorrect and probably not functional: libraries/phpseclib/Crypt/Random.php needs some engine (e.g. AES) to work
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-2/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd is not sufficient: one needs 29b297f to import more bits from phpseclib or simply import all of phpseclib.
 	NOTE: such a fix needs to avoid introducing a new vulnerability as well, upstream introduced CVE-2016-2042 as part of this
-CVE-2016-2038 (phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x ...)
+CVE-2016-2038
 	{DLA-481-1}
 	- phpmyadmin 4:4.5.4-1 (unimportant)
 	[squeeze] - phpmyadmin <no-dsa> (minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-1/
 	NOTE: path disclosure not relevant on Debian
-CVE-2016-2036 (The getURL function in drivers/secfilter/urlparser.c in secfilter in ...)
+CVE-2016-2036
 	NOT-FOR-US: Samsung
-CVE-2016-2069 (Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 ...)
+CVE-2016-2069
 	{DSA-3503-1 DLA-412-1}
 	- linux 4.3.5-1
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/1
 	NOTE: https://git.kernel.org/linus/71b3c126e61177eb693423f2e18a1914205b165e (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/4eaffdd5a5fe6ff9f95e1ab4de1ac904d5e0fa8b (v4.5-rc1)
-CVE-2016-2053 (The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux ...)
+CVE-2016-2053
 	- linux 4.3.1-1
 	[jessie] - linux 3.16.7-ckt25-2
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -26556,12 +26556,12 @@ CVE-2016-2053 (The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300237
 	NOTE: Introduced in https://git.kernel.org/linus/3d167d68e3805ee45ed2e8412fc03ed919c54c24 (v3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f (v4.3-rc1)
-CVE-2016-2049 (examples/consumer/common.php in JanRain PHP OpenID library (aka ...)
+CVE-2016-2049
 	- php-openid <unfixed> (unimportant)
 	NOTE: sample code only, actual vulnerable code not shipped in package
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/2
 	NOTE: https://github.com/openid/php-openid/issues/128
-CVE-2016-2047 (The ssl_verify_server_cert function in sql-common/client.c in MariaDB ...)
+CVE-2016-2047
 	{DSA-3557-1 DSA-3453-1 DLA-447-1}
 	- mariadb-10.0 10.0.23-1
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-9212
@@ -26572,7 +26572,7 @@ CVE-2016-2047 (The ssl_verify_server_cert function in sql-common/client.c in Mar
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-2035
 	REJECTED
-CVE-2016-2034 (SQL injection vulnerability in ClearPass Policy Manager 6.5.x through ...)
+CVE-2016-2034
 	NOT-FOR-US: ClearPass Policy Manager
 CVE-2016-2033
 	RESERVED
@@ -26580,103 +26580,103 @@ CVE-2016-2032
 	RESERVED
 CVE-2016-2031
 	RESERVED
-CVE-2016-2030 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote ...)
+CVE-2016-2030
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2029 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers ...)
+CVE-2016-2029
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2028 (HPE Matrix Operating Environment before 7.5.1 allows remote ...)
+CVE-2016-2028
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2027 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers ...)
+CVE-2016-2027
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2026 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers ...)
+CVE-2016-2026
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2025 (HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 ...)
+CVE-2016-2025
 	NOT-FOR-US: HPE
-CVE-2016-2024 (HPE Insight Control before 7.5.1 allow remote attackers to obtain ...)
+CVE-2016-2024
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-2023 (HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive ...)
+CVE-2016-2023
 	NOT-FOR-US: HPE
-CVE-2016-2022 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote ...)
+CVE-2016-2022
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2021 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote ...)
+CVE-2016-2021
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2020 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote ...)
+CVE-2016-2020
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2019 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote ...)
+CVE-2016-2019
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2018 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers ...)
+CVE-2016-2018
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2017 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote ...)
+CVE-2016-2017
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2016 (Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 ...)
+CVE-2016-2016
 	NOT-FOR-US: HPE
-CVE-2016-2015 (HPE System Management Homepage before 7.5.5 allows local users to ...)
+CVE-2016-2015
 	NOT-FOR-US: HPE
-CVE-2016-2014 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and ...)
+CVE-2016-2014
 	NOT-FOR-US: HPE
-CVE-2016-2013 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and ...)
+CVE-2016-2013
 	NOT-FOR-US: HPE
-CVE-2016-2012 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and ...)
+CVE-2016-2012
 	NOT-FOR-US: HPE
-CVE-2016-2011 (Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i ...)
+CVE-2016-2011
 	NOT-FOR-US: HPE
-CVE-2016-2010 (Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i ...)
+CVE-2016-2010
 	NOT-FOR-US: HPE
-CVE-2016-2009 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and ...)
+CVE-2016-2009
 	NOT-FOR-US: HPE
-CVE-2016-2008 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before ...)
+CVE-2016-2008
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2007 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before ...)
+CVE-2016-2007
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2006 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before ...)
+CVE-2016-2006
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2005 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before ...)
+CVE-2016-2005
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2004 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before ...)
+CVE-2016-2004
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2003 (HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x ...)
+CVE-2016-2003
 	NOT-FOR-US: HPE P9000 Command View Advanced Edition Software
-CVE-2016-2002 (The validateAdminConfig handler in the Analytics Management Console in ...)
+CVE-2016-2002
 	NOT-FOR-US: HPE Vertica
-CVE-2016-2001 (HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 ...)
+CVE-2016-2001
 	NOT-FOR-US: HPE Universal CMDB
-CVE-2016-2000 (HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem ...)
+CVE-2016-2000
 	NOT-FOR-US: HPE Asset Manager
-CVE-2016-1999 (The server in HP Release Control 9.13, 9.20, and 9.21 allows remote ...)
+CVE-2016-1999
 	NOT-FOR-US: HP Release Control
-CVE-2016-1998 (HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 ...)
+CVE-2016-1998
 	NOT-FOR-US: HPE Service Manager
-CVE-2016-1997 (HPE Operations Orchestration 10.x before 10.51 and Operations ...)
+CVE-2016-1997
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2016-1996 (HPE System Management Homepage before 7.5.4 allows local users to ...)
+CVE-2016-1996
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1995 (HPE System Management Homepage before 7.5.4 allows remote attackers to ...)
+CVE-2016-1995
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1994 (HPE System Management Homepage before 7.5.4 allows remote ...)
+CVE-2016-1994
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1993 (HPE System Management Homepage before 7.5.4 allows remote ...)
+CVE-2016-1993
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1992 (HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, ...)
+CVE-2016-1992
 	NOT-FOR-US: HPE ArcSight ESM
-CVE-2016-1991 (HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, ...)
+CVE-2016-1991
 	NOT-FOR-US: HPE ArcSight ESM
-CVE-2016-1990 (HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, ...)
+CVE-2016-1990
 	NOT-FOR-US: HPE ArcSight ESM
-CVE-2016-1989 (HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 ...)
+CVE-2016-1989
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-1988 (HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 ...)
+CVE-2016-1988
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-1987 (HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state ...)
+CVE-2016-1987
 	NOT-FOR-US: HP-UX IPFilter
-CVE-2016-1986 (HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers ...)
+CVE-2016-1986
 	NOT-FOR-US: HP CDA
-CVE-2016-1985 (HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers ...)
+CVE-2016-1985
 	NOT-FOR-US: HPE Operations Manager
-CVE-2016-1984 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices ...)
+CVE-2016-1984
 	NOT-FOR-US: Harman AMX devices
 CVE-2016-1980
 	RESERVED
-CVE-2016-1979 (Use-after-free vulnerability in the ...)
+CVE-2016-1979
 	{DSA-3688-1 DSA-3576-1 DLA-480-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -26686,7 +26686,7 @@ CVE-2016-1979 (Use-after-free vulnerability in the ...)
 	- icedove 38.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
 	- nss 2:3.21-1
-CVE-2016-1978 (Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange ...)
+CVE-2016-1978
 	{DSA-3688-1 DLA-480-1}
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26696,7 +26696,7 @@ CVE-2016-1978 (Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExcha
 	NOTE: unstable though used the system library.
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-15/
 	- nss 2:3.21-1
-CVE-2016-1977 (The Machine::Code::decoder::analysis::set_ref function in Graphite 2 ...)
+CVE-2016-1977
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -26704,39 +26704,39 @@ CVE-2016-1977 (The Machine::Code::decoder::analysis::set_ref function in Graphit
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-1976 (Use-after-free vulnerability in the DesktopDisplayDevice class in the ...)
+CVE-2016-1976
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1975 (Multiple race conditions in dom/media/systemservices/CamerasChild.cpp ...)
+CVE-2016-1975
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1974 (The nsScannerString::AppendUnicodeTo function in Mozilla Firefox ...)
+CVE-2016-1974
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
-CVE-2016-1973 (Race condition in the GetStaticInstance function in the WebRTC ...)
+CVE-2016-1973
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/
-CVE-2016-1972 (Race condition in libvpx in Mozilla Firefox before 45.0 on Windows ...)
+CVE-2016-1972
 	- iceweasel <not-affected> (Windows-specific)
 	- libvpx <not-affected> (Windows-specific)
-CVE-2016-1971 (The I420VideoFrame::CreateFrame function in the WebRTC implementation ...)
+CVE-2016-1971
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1970 (Integer underflow in the srtp_unprotect function in the WebRTC ...)
+CVE-2016-1970
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1969 (The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla ...)
+CVE-2016-1969
 	{DSA-3515-1 DSA-3477-1}
 	- graphite2 1.3.6-1
 	- iceweasel <removed>
 	- firefox 45.0-1
 	- firefox-esr 45.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/
-CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, ...)
+CVE-2016-1968
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -26745,116 +26745,116 @@ CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before 45
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/
 	- brotli 0.3.0+dfsg-3 (bug #817233)
 	NOTE: https://github.com/google/brotli/commit/37a320dd81db8d546cd24a45b4c61d87b45dcade
-CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the ...)
+CVE-2016-1967
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/
-CVE-2016-1966 (The nsNPObjWrapper::GetNewOrUsed function in ...)
+CVE-2016-1966
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
-CVE-2016-1965 (Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle ...)
+CVE-2016-1965
 	{DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/
-CVE-2016-1964 (Use-after-free vulnerability in the AtomicBaseIncDec function in ...)
+CVE-2016-1964
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
-CVE-2016-1963 (The FileReader class in Mozilla Firefox before 45.0 allows local users ...)
+CVE-2016-1963
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/
-CVE-2016-1962 (Use-after-free vulnerability in the ...)
+CVE-2016-1962
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/
-CVE-2016-1961 (Use-after-free vulnerability in the nsHTMLDocument::SetBody function ...)
+CVE-2016-1961
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
-CVE-2016-1960 (Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string ...)
+CVE-2016-1960
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/
-CVE-2016-1959 (The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows ...)
+CVE-2016-1959
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- iceweasel <removed>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/
-CVE-2016-1958 (browser/base/content/browser.js in Mozilla Firefox before 45.0 and ...)
+CVE-2016-1958
 	{DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/
-CVE-2016-1957 (Memory leak in libstagefright in Mozilla Firefox before 45.0 and ...)
+CVE-2016-1957
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
-CVE-2016-1956 (Mozilla Firefox before 45.0 on Linux, when an Intel video driver is ...)
+CVE-2016-1956
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/
-CVE-2016-1955 (Mozilla Firefox before 45.0 allows remote attackers to bypass the Same ...)
+CVE-2016-1955
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/
-CVE-2016-1954 (The nsCSPContext::SendReports function in ...)
+CVE-2016-1954
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
-CVE-2016-1953 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-1953
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
-CVE-2016-1952 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-1952
 	{DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
-CVE-2016-1951 (Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable ...)
+CVE-2016-1951
 	{DSA-3687-1 DLA-513-1}
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -26863,7 +26863,7 @@ CVE-2016-1951 (Multiple integer overflows in io/prprf.c in Mozilla Netscape Port
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1174015
 	NOTE: https://groups.google.com/forum/#!topic/mozilla.dev.tech.nspr/dV4MyMsg6jw
 	NOTE: Upstream commit: https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2
-CVE-2016-1950 (Heap-based buffer overflow in Mozilla Network Security Services (NSS) ...)
+CVE-2016-1950
 	{DSA-3688-1 DSA-3520-1 DSA-3510-1 DLA-480-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -26872,7 +26872,7 @@ CVE-2016-1950 (Heap-based buffer overflow in Mozilla Network Security Services (
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
 	- nss 2:3.23-1
 	NOTE: NSS fixed in 3.21.1
-CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the ...)
+CVE-2016-1949
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -26880,58 +26880,58 @@ CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the ...)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/
-CVE-2016-1948 (Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is ...)
+CVE-2016-1948
 	- iceweasel <not-affected> (Only affects Firefox for Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-12/
-CVE-2016-1947 (Mozilla Firefox 43.x mishandles attempts to connect to the Application ...)
+CVE-2016-1947
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-11/
-CVE-2016-1946 (The MoofParser::Metadata function in binding/MoofParser.cpp in ...)
+CVE-2016-1946
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/
-CVE-2016-1945 (The nsZipArchive function in Mozilla Firefox before 44.0 might allow ...)
+CVE-2016-1945
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/
-CVE-2016-1944 (The Buffer11::NativeBuffer11::map function in ANGLE, as used in ...)
+CVE-2016-1944
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/
-CVE-2016-1943 (Mozilla Firefox before 44.0 on Android allows remote attackers to ...)
+CVE-2016-1943
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-09/
-CVE-2016-1942 (Mozilla Firefox before 44.0 allows user-assisted remote attackers to ...)
+CVE-2016-1942
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-09/
-CVE-2016-1941 (The file-download dialog in Mozilla Firefox before 44.0 on OS X ...)
+CVE-2016-1941
 	- iceweasel <not-affected> (Affects only Firefox on OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-08/
-CVE-2016-1940 (Mozilla Firefox before 44.0 on Android allows remote attackers to ...)
+CVE-2016-1940
 	- iceweasel <not-affected> (Affects Firefox for Android only)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-05/
-CVE-2016-1939 (Mozilla Firefox before 44.0 stores cookies with names containing ...)
+CVE-2016-1939
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-04/
-CVE-2016-1938 (The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network ...)
+CVE-2016-1938
 	{DSA-3688-1 DLA-480-1 DLA-427-1}
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26946,7 +26946,7 @@ CVE-2016-1938 (The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network
 	NOTE: https://hg.mozilla.org/projects/nss/rev/608645309ab9
 	NOTE: https://hg.mozilla.org/projects/nss/rev/cfd0ad4726cb
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1190248 (not yet public)
-CVE-2016-1937 (The protocol-handler dialog in Mozilla Firefox before 44.0 allows ...)
+CVE-2016-1937
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26954,7 +26954,7 @@ CVE-2016-1937 (The protocol-handler dialog in Mozilla Firefox before 44.0 allows
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-06/
 CVE-2016-1936
 	RESERVED
-CVE-2016-1935 (Buffer overflow in the BufferSubData function in Mozilla Firefox ...)
+CVE-2016-1935
 	{DSA-3491-1 DSA-3457-1}
 	- iceweasel 44.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -26963,7 +26963,7 @@ CVE-2016-1935 (Buffer overflow in the BufferSubData function in Mozilla Firefox
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-03/
 CVE-2016-1934
 	RESERVED
-CVE-2016-1933 (Integer overflow in the image-deinterlacing functionality in Mozilla ...)
+CVE-2016-1933
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26971,66 +26971,66 @@ CVE-2016-1933 (Integer overflow in the image-deinterlacing functionality in Mozi
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-02/
 CVE-2016-1932
 	RESERVED
-CVE-2016-1931 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-1931
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
-CVE-2016-1930 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+CVE-2016-1930
 	{DSA-3491-1 DSA-3457-1}
 	- iceweasel 44.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
-CVE-2016-1929 (The XS engine in SAP HANA allows remote attackers to spoof log entries ...)
+CVE-2016-1929
 	NOT-FOR-US: SAP
-CVE-2016-1928 (Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows ...)
+CVE-2016-1928
 	NOT-FOR-US: SAP
-CVE-2016-1927 (The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x ...)
+CVE-2016-1927
 	{DSA-3627-1 DLA-481-1}
 	- phpmyadmin 4:4.5.4-1
 	[squeeze] - phpmyadmin <no-dsa> (minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-4/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720
-CVE-2016-1983 (The client_host function in parsers.c in Privoxy before 3.0.24 allows ...)
+CVE-2016-1983
 	{DSA-3460-1 DLA-398-1}
 	- privoxy 3.0.24-1
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/21/4
-CVE-2016-1982 (The remove_chunked_transfer_coding function in filters.c in Privoxy ...)
+CVE-2016-1982
 	{DSA-3460-1 DLA-398-1}
 	- privoxy 3.0.24-1
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/filters.c?r1=1.196&r2=1.197
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/21/4
-CVE-2016-1926 (Cross-site scripting (XSS) vulnerability in the charts module in ...)
+CVE-2016-1926
 	NOT-FOR-US: Greenbone Security Assistant
 CVE-2016-1921
 	RESERVED
-CVE-2016-1918 (Cross-site scripting (XSS) vulnerability in the Management Console in ...)
+CVE-2016-1918
 	NOT-FOR-US: BlackBerry
-CVE-2016-1917 (Cross-site scripting (XSS) vulnerability in the Management Console in ...)
+CVE-2016-1917
 	NOT-FOR-US: BlackBerry
-CVE-2016-1916 (Cross-site scripting (XSS) vulnerability in the Management Console in ...)
+CVE-2016-1916
 	NOT-FOR-US: BlackBerry
-CVE-2016-1915 (Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry ...)
+CVE-2016-1915
 	NOT-FOR-US: BlackBerry
-CVE-2016-1914 (Multiple SQL injection vulnerabilities in the ...)
+CVE-2016-1914
 	NOT-FOR-US: BlackBerry
-CVE-2016-1913 (Multiple cross-site scripting (XSS) vulnerabilities in the Redhen ...)
+CVE-2016-1913
 	NOT-FOR-US: Redhen module for Drupal
-CVE-2016-1912 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
+CVE-2016-1912
 	- dolibarr 3.5.8+dfsg1-1 (bug #812496)
 	[jessie] - dolibarr 3.5.5+dfsg1-1+deb8u1
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/4341
-CVE-2016-1911 (Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver ...)
+CVE-2016-1911
 	NOT-FOR-US: SAP
-CVE-2016-1910 (The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers ...)
+CVE-2016-1910
 	NOT-FOR-US: SAP
-CVE-2016-1909 (Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; ...)
+CVE-2016-1909
 	NOT-FOR-US: FortiOS
-CVE-2016-1981 (QEMU (aka Quick Emulator) built with the e1000 NIC emulation support ...)
+CVE-2016-1981
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-5 (bug #812307)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -27040,14 +27040,14 @@ CVE-2016-1981 (QEMU (aka Quick Emulator) built with the e1000 NIC emulation supp
 	NOTE: Introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=7c23b8920329180f48b8a147b629d8837709d201 (v0.10.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298570
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/10
-CVE-2016-2037 (The cpio_safer_name_suffix function in util.c in cpio 2.11 allows ...)
+CVE-2016-2037
 	{DSA-3483-1 DLA-415-1}
 	- cpio 2.11+dfsg-5 (bug #812401)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/4
 	NOTE: To reproduce and uncover the issue with unstable version compile with ASAN
 	NOTE: Patch: https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
 	NOTE: https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b
-CVE-2016-2050 (The get_abbrev_array_info function in libdwarf-20151114 allows remote ...)
+CVE-2016-2050
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1 (unimportant)
 	[jessie] - dwarfutils 20120410-2+deb8u1
@@ -27062,41 +27062,41 @@ CVE-2016-XXXX [Multiple minor security issues]
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/4
-CVE-2016-1925 (Integer underflow in header.c in lha allows remote attackers to have ...)
+CVE-2016-1925
 	- lha <removed> (unimportant)
 	NOTE: Non-free not supported
-CVE-2016-1924 (The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote ...)
+CVE-2016-1924
 	{DSA-3665-1}
 	- openjpeg2 2.1.1-1 (bug #818399)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e
-CVE-2016-1923 (Heap-based buffer overflow in the opj_j2k_update_image_data function ...)
+CVE-2016-1923
 	- openjpeg2 2.1.1-1 (bug #818399)
 	[jessie] - openjpeg2 <no-dsa> (Minor issue, too intrusive to backport)
-CVE-2016-1920 (Samsung KNOX 1.0.0 uses the shared certificate on Android, which ...)
+CVE-2016-1920
 	NOT-FOR-US: KNOX 1.0 / Android 4.3
-CVE-2016-1919 (Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which ...)
+CVE-2016-1919
 	NOT-FOR-US: KNOX 1.0 / Android 4.3
-CVE-2016-1902 (The nextBytes function in the SecureRandom class in Symfony before ...)
+CVE-2016-1902
 	{DSA-3588-1}
 	- symfony 2.7.9+dfsg-1
 	NOTE: http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
 	NOTE: https://github.com/symfony/symfony/pull/17359
-CVE-2016-1906 (Openshift allows remote attackers to gain privileges by updating a ...)
+CVE-2016-1906
 	- kubernetes <not-affected> (Openshift Specific)
 	NOTE: https://github.com/openshift/origin/issues/6556
 	NOTE: https://github.com/openshift/origin/pull/6576
-CVE-2016-1905 (The API server in Kubernetes does not properly check admission ...)
+CVE-2016-1905
 	- kubernetes <not-affected> (Fixed before the initial release in Debian, 1.2.0)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/19479
 	NOTE: https://github.com/kubernetes/kubernetes/pull/19481
-CVE-2016-1904 (Multiple integer overflows in ext/standard/exec.c in PHP 7.x before ...)
+CVE-2016-1904
 	- php5 <not-affected> (Vulnerable code not present)
 	- php5.6 <not-affected> (Vulnerable code not present)
 	NOTE: Already using safe_emalloc() in php_escape_shell_cmd()
 	- php7.0 7.0.2-1
 	NOTE: https://bugs.php.net/bug.php?id=71270
 	NOTE: https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b
-CVE-2016-1903 (The gdImageRotateInterpolated function in ...)
+CVE-2016-1903
 	- php5 5.6.17+dfsg-1
 	[jessie] - php5 5.6.14+dfsg-0+deb8u1
 	[wheezy] - php5 <not-affected> (Vulnerable code not present)
@@ -27107,23 +27107,23 @@ CVE-2016-1903 (The gdImageRotateInterpolated function in ...)
 	NOTE: https://bugs.php.net/bug.php?id=70976
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=4b8394dd78571826ac66a69dc240c623f31d78f8
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/f91abcc3b156823688c54158fc4fa36d87570afe
-CVE-2016-1901 (Integer overflow in the authenticate_post function in CGit before 0.12 ...)
+CVE-2016-1901
 	{DSA-3545-1}
 	- cgit 0.11.2.git2.3.2-1.1 (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763 (v0.12)
-CVE-2016-1900 (CRLF injection vulnerability in the cgit_print_http_headers function ...)
+CVE-2016-1900
 	{DSA-3545-1}
 	- cgit 0.11.2.git2.3.2-1.1 (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463 (v0.12)
-CVE-2016-1899 (CRLF injection vulnerability in the ui-blob handler in CGit before ...)
+CVE-2016-1899
 	{DSA-3545-1}
 	- cgit 0.11.2.git2.3.2-1.1 (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96 (v0.12)
-CVE-2016-1896 (Race condition in the initialization process on Lexmark printers with ...)
+CVE-2016-1896
 	NOT-FOR-US: Firmware in Lexmark printers
-CVE-2016-1895 (NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote ...)
+CVE-2016-1895
 	NOT-FOR-US: NetApp
-CVE-2016-1894 (NetApp OnCommand Workflow Automation before 3.1P2 allows remote ...)
+CVE-2016-1894
 	NOT-FOR-US: NetApp
 CVE-2016-1893
 	RESERVED
@@ -27133,43 +27133,43 @@ CVE-2016-1891
 	RESERVED
 CVE-2016-1890
 	RESERVED
-CVE-2016-1889 (Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, ...)
+CVE-2016-1889
 	NOT-FOR-US: bhyve hypervisor for FreeBSD
-CVE-2016-1888 (The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows ...)
+CVE-2016-1888
 	NOT-FOR-US: telnetd in FreeBSD
-CVE-2016-1887 (Integer signedness error in the sockargs function in ...)
+CVE-2016-1887
 	- kfreebsd-10 10.3~svn300087-1 (unimportant; bug #824605)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2016-1886 (Integer signedness error in the genkbd_commonioctl function in ...)
+CVE-2016-1886
 	- kfreebsd-10 10.3~svn300087-1 (unimportant; bug #824604)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2016-1885 (Integer signedness error in the amd64_set_ldt function in ...)
+CVE-2016-1885
 	- kfreebsd-10 10.3~svn300087-1 (unimportant; bug #818426)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
 CVE-2016-1884
 	RESERVED
-CVE-2016-1883 (The issetugid system call in the Linux compatibility layer in FreeBSD ...)
+CVE-2016-1883
 	- kfreebsd-10 10.3~svn300087-1 (unimportant)
 	- kfreebsd-9 <removed> (unimportant)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2016-1882 (FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow ...)
+CVE-2016-1882
 	- kfreebsd-10 10.3~svn296373-1 (unimportant; bug #811280)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
-CVE-2016-1881 (The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause ...)
+CVE-2016-1881
 	- kfreebsd-10 10.3~svn296373-1 (unimportant; bug #811279)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
-CVE-2016-1880 (The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and ...)
+CVE-2016-1880
 	- kfreebsd-10 10.3~svn296373-1 (unimportant; bug #811278)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
-CVE-2016-1879 (The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 ...)
+CVE-2016-1879
 	- kfreebsd-10 <unfixed> (unimportant; bug #811277)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
@@ -27178,7 +27178,7 @@ CVE-2016-1878
 	RESERVED
 CVE-2016-1877
 	RESERVED
-CVE-2016-1876 (The backend service process in Lenovo Solution Center (aka LSC) before ...)
+CVE-2016-1876
 	NOT-FOR-US: Lenovo
 CVE-2016-1875
 	RESERVED
@@ -27196,89 +27196,89 @@ CVE-2016-1869
 	RESERVED
 CVE-2016-1868
 	RESERVED
-CVE-2016-1866 (Salt 2015.8.x before 2015.8.4 does not properly handle clear messages ...)
+CVE-2016-1866
 	- salt 2015.8.5+ds-1
 	[jessie] - salt <not-affected> (affects only the 2015.8.x releases of Salt)
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2015.8.5.html
-CVE-2016-1865 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
+CVE-2016-1865
 	NOT-FOR-US: Apple
-CVE-2016-1864 (The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari ...)
+CVE-2016-1864
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1863 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
+CVE-2016-1863
 	NOT-FOR-US: Apple
-CVE-2016-1862 (Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1862
 	NOT-FOR-US: Apple
-CVE-2016-1861 (The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 ...)
+CVE-2016-1861
 	NOT-FOR-US: Apple
-CVE-2016-1860 (Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1860
 	NOT-FOR-US: Apple
-CVE-2016-1859 (The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari ...)
+CVE-2016-1859
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1858 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and ...)
+CVE-2016-1858
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1857 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and ...)
+CVE-2016-1857
 	- webkitgtk 2.12.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-1856 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and ...)
+CVE-2016-1856
 	- webkitgtk 2.12.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-1855 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and ...)
+CVE-2016-1855
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1854 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and ...)
+CVE-2016-1854
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1853 (Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain ...)
+CVE-2016-1853
 	NOT-FOR-US: Apple
-CVE-2016-1852 (Siri in Apple iOS before 9.3.2 does not block data detectors within ...)
+CVE-2016-1852
 	NOT-FOR-US: Apple
-CVE-2016-1851 (The Screen Lock feature in Apple OS X before 10.11.5 mishandles ...)
+CVE-2016-1851
 	NOT-FOR-US: Apple
-CVE-2016-1850 (SceneKit in Apple OS X before 10.11.5 allows remote attackers to ...)
+CVE-2016-1850
 	NOT-FOR-US: Apple
-CVE-2016-1849 (The &quot;Clear History and Website Data&quot; feature in Apple Safari before ...)
+CVE-2016-1849
 	NOT-FOR-US: Apple
-CVE-2016-1848 (QuickTime in Apple OS X before 10.11.5 allows remote attackers to ...)
+CVE-2016-1848
 	NOT-FOR-US: Apple
-CVE-2016-1847 (OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...)
+CVE-2016-1847
 	NOT-FOR-US: Apple
-CVE-2016-1846 (The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics ...)
+CVE-2016-1846
 	NOT-FOR-US: Apple
 CVE-2016-1845
 	REJECTED
-CVE-2016-1844 (The Messages component in Apple OS X before 10.11.5 mishandles roster ...)
+CVE-2016-1844
 	NOT-FOR-US: Apple
-CVE-2016-1843 (The Messages component in Apple OS X before 10.11.5 mishandles ...)
+CVE-2016-1843
 	NOT-FOR-US: Apple
-CVE-2016-1842 (MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS ...)
+CVE-2016-1842
 	NOT-FOR-US: Apple
-CVE-2016-1841 (libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...)
+CVE-2016-1841
 	- libxslt 1.1.29-1
 	[jessie] - libxslt 1.1.28-2+deb8u1
 	[wheezy] - libxslt 1.1.26-14.1+deb7u1
 	NOTE: upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=758291
 	NOTE: upstream commit: https://git.gnome.org/browse/libxslt/commit/?id=fc1ff481fd01e9a65a921c542fed68d8c965e8a3
-CVE-2016-1840 (Heap-based buffer overflow in the xmlFAParsePosCharGroup function in ...)
+CVE-2016-1840
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=757711
-CVE-2016-1839 (The xmlDictAddString function in libxml2 before 2.9.4, as used in ...)
+CVE-2016-1839
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758605
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=637
-CVE-2016-1838 (The xmlPArserPrintFileContextInternal function in libxml2 before ...)
+CVE-2016-1838
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758588
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=639
-CVE-2016-1837 (Multiple use-after-free vulnerabilities in the (1) ...)
+CVE-2016-1837
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=11ed4a7a90d5ce156a18980a4ad4e53e77384852 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=760263
-CVE-2016-1836 (Use-after-free vulnerability in the xmlDictComputeFastKey function in ...)
+CVE-2016-1836
 	{DSA-3593-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	[wheezy] - libxml2 <not-affected> (Vulnerable code not present)
@@ -27286,261 +27286,261 @@ CVE-2016-1836 (Use-after-free vulnerability in the xmlDictComputeFastKey functio
 	NOTE: Introduced by: https://git.gnome.org/browse/libxml2/commit/?id=dcc19503193c71596278a252064a8ce66331b3cd (v2.9.2)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759398
 	NOTE: Regression applies to Jessie, since fix backported as 0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch
-CVE-2016-1835 (Use-after-free vulnerability in the xmlSAX2AttributeNs function in ...)
+CVE-2016-1835
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759020
-CVE-2016-1834 (Heap-based buffer overflow in the xmlStrncat function in libxml2 ...)
+CVE-2016-1834
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=763071
-CVE-2016-1833 (The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple ...)
+CVE-2016-1833
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=0bcd05c5cd83dec3406c8f68b769b1d610c72f76 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758606
-CVE-2016-1832 (libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
+CVE-2016-1832
 	NOT-FOR-US: Apple
-CVE-2016-1831 (The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows ...)
+CVE-2016-1831
 	NOT-FOR-US: Apple
-CVE-2016-1830 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
+CVE-2016-1830
 	NOT-FOR-US: Apple
-CVE-2016-1829 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
+CVE-2016-1829
 	NOT-FOR-US: Apple
-CVE-2016-1828 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
+CVE-2016-1828
 	NOT-FOR-US: Apple
-CVE-2016-1827 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
+CVE-2016-1827
 	NOT-FOR-US: Apple
-CVE-2016-1826 (Integer overflow in the dtrace implementation in the kernel in Apple ...)
+CVE-2016-1826
 	NOT-FOR-US: Apple
-CVE-2016-1825 (IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute ...)
+CVE-2016-1825
 	NOT-FOR-US: Apple
-CVE-2016-1824 (IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...)
+CVE-2016-1824
 	NOT-FOR-US: Apple
-CVE-2016-1823 (The IOHIDDevice::handleReportWithTime function in Apple iOS before ...)
+CVE-2016-1823
 	NOT-FOR-US: Apple
-CVE-2016-1822 (IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1822
 	NOT-FOR-US: Apple
-CVE-2016-1821 (IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute ...)
+CVE-2016-1821
 	NOT-FOR-US: Apple
-CVE-2016-1820 (Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows ...)
+CVE-2016-1820
 	NOT-FOR-US: Apple
-CVE-2016-1819 (Use-after-free vulnerability in the ...)
+CVE-2016-1819
 	NOT-FOR-US: Apple
-CVE-2016-1818 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, ...)
+CVE-2016-1818
 	NOT-FOR-US: Apple
-CVE-2016-1817 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, ...)
+CVE-2016-1817
 	NOT-FOR-US: Apple
-CVE-2016-1816 (IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1816
 	NOT-FOR-US: Apple
-CVE-2016-1815 (IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1815
 	NOT-FOR-US: Apple
-CVE-2016-1814 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, ...)
+CVE-2016-1814
 	NOT-FOR-US: Apple
-CVE-2016-1813 (The IOAccelSharedUserClient2::page_off_resource method in Apple iOS ...)
+CVE-2016-1813
 	NOT-FOR-US: Apple
-CVE-2016-1812 (Buffer overflow in Intel Graphics Driver in Apple OS X before 10.11.5 ...)
+CVE-2016-1812
 	NOT-FOR-US: Apple
-CVE-2016-1811 (ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
+CVE-2016-1811
 	NOT-FOR-US: Apple
-CVE-2016-1810 (The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows ...)
+CVE-2016-1810
 	NOT-FOR-US: Apple
-CVE-2016-1809 (Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption ...)
+CVE-2016-1809
 	NOT-FOR-US: Apple
-CVE-2016-1808 (The Disk Images subsystem in Apple iOS before 9.3.2, OS X before ...)
+CVE-2016-1808
 	NOT-FOR-US: Apple
-CVE-2016-1807 (Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, ...)
+CVE-2016-1807
 	NOT-FOR-US: Apple
-CVE-2016-1806 (Crash Reporter in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1806
 	NOT-FOR-US: Apple
-CVE-2016-1805 (CoreStorage in Apple OS X before 10.11.5 allows attackers to execute ...)
+CVE-2016-1805
 	NOT-FOR-US: Apple
-CVE-2016-1804 (The Multi-Touch subsystem in Apple OS X before 10.11.5 allows ...)
+CVE-2016-1804
 	NOT-FOR-US: Apple
-CVE-2016-1803 (CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...)
+CVE-2016-1803
 	NOT-FOR-US: Apple
-CVE-2016-1802 (CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before ...)
+CVE-2016-1802
 	NOT-FOR-US: Apple
-CVE-2016-1801 (The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before ...)
+CVE-2016-1801
 	NOT-FOR-US: Apple
-CVE-2016-1800 (Captive Network Assistant in Apple OS X before 10.11.5 mishandles a ...)
+CVE-2016-1800
 	NOT-FOR-US: Apple
-CVE-2016-1799 (Audio in Apple OS X before 10.11.5 allows attackers to execute ...)
+CVE-2016-1799
 	NOT-FOR-US: Apple
-CVE-2016-1798 (Audio in Apple OS X before 10.11.5 allows attackers to cause a denial ...)
+CVE-2016-1798
 	NOT-FOR-US: Apple
-CVE-2016-1797 (Apple Type Services (ATS) in Apple OS X before 10.11.5 allows ...)
+CVE-2016-1797
 	NOT-FOR-US: Apple
-CVE-2016-1796 (Apple Type Services (ATS) in Apple OS X before 10.11.5 allows ...)
+CVE-2016-1796
 	NOT-FOR-US: Apple
-CVE-2016-1795 (AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows ...)
+CVE-2016-1795
 	NOT-FOR-US: Apple
-CVE-2016-1794 (The AppleGraphicsControlClient::checkArguments method in ...)
+CVE-2016-1794
 	NOT-FOR-US: Apple
-CVE-2016-1793 (AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows ...)
+CVE-2016-1793
 	NOT-FOR-US: Apple
-CVE-2016-1792 (The AMD subsystem in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1792
 	NOT-FOR-US: Apple
-CVE-2016-1791 (The AMD subsystem in Apple OS X before 10.11.5 allows attackers to ...)
+CVE-2016-1791
 	NOT-FOR-US: Apple
-CVE-2016-1790 (Buffer overflow in the Accessibility component in Apple iOS before ...)
+CVE-2016-1790
 	NOT-FOR-US: Apple
-CVE-2016-1789 (Apple iBooks Author before 2.4.1 allows remote attackers to read ...)
+CVE-2016-1789
 	NOT-FOR-US: Apple
-CVE-2016-1788 (Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS ...)
+CVE-2016-1788
 	NOT-FOR-US: Apple
-CVE-2016-1787 (Wiki Server in Apple OS X Server before 5.1 allows remote attackers to ...)
+CVE-2016-1787
 	NOT-FOR-US: Apple
-CVE-2016-1786 (The Page Loading implementation in WebKit in Apple iOS before 9.3 and ...)
+CVE-2016-1786
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1785 (The Page Loading implementation in WebKit in Apple iOS before 9.3 and ...)
+CVE-2016-1785
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1784 (The History implementation in WebKit in Apple iOS before 9.3, Safari ...)
+CVE-2016-1784
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1783 (WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 ...)
+CVE-2016-1783
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1782 (WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly ...)
+CVE-2016-1782
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1781 (WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles ...)
+CVE-2016-1781
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1780 (WebKit in Apple iOS before 9.3 does not prevent hidden web views from ...)
+CVE-2016-1780
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1779 (WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote ...)
+CVE-2016-1779
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1778 (WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote ...)
+CVE-2016-1778
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1777 (Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, ...)
+CVE-2016-1777
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1776 (Web Server in Apple OS X Server before 5.1 does not properly restrict ...)
+CVE-2016-1776
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1775 (TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS ...)
+CVE-2016-1775
 	NOT-FOR-US: Apple
-CVE-2016-1774 (The Time Machine server in Server App in Apple OS X Server before 5.1 ...)
+CVE-2016-1774
 	NOT-FOR-US: Apple
-CVE-2016-1773 (The code-signing subsystem in Apple OS X before 10.11.4 does not ...)
+CVE-2016-1773
 	NOT-FOR-US: Apple
-CVE-2016-1772 (The Top Sites feature in Apple Safari before 9.1 mishandles cookie ...)
+CVE-2016-1772
 	NOT-FOR-US: Apple
-CVE-2016-1771 (The Downloads feature in Apple Safari before 9.1 mishandles file ...)
+CVE-2016-1771
 	NOT-FOR-US: Apple
-CVE-2016-1770 (The Reminders component in Apple OS X before 10.11.4 allows attackers ...)
+CVE-2016-1770
 	NOT-FOR-US: Apple
-CVE-2016-1769 (QuickTime in Apple OS X before 10.11.4 allows remote attackers to ...)
+CVE-2016-1769
 	NOT-FOR-US: Apple
-CVE-2016-1768 (QuickTime in Apple OS X before 10.11.4 allows remote attackers to ...)
+CVE-2016-1768
 	NOT-FOR-US: Apple
-CVE-2016-1767 (QuickTime in Apple OS X before 10.11.4 allows remote attackers to ...)
+CVE-2016-1767
 	NOT-FOR-US: Apple
-CVE-2016-1766 (The Profiles component in Apple iOS before 9.3 does not properly ...)
+CVE-2016-1766
 	NOT-FOR-US: Apple
-CVE-2016-1765 (otool in Apple Xcode before 7.3 allows local users to gain privileges ...)
+CVE-2016-1765
 	NOT-FOR-US: Apple
-CVE-2016-1764 (The Content Security Policy (CSP) implementation in Messages in Apple ...)
+CVE-2016-1764
 	NOT-FOR-US: Apple
-CVE-2016-1763 (Messages in Apple iOS before 9.3 does not ensure that an auto-fill ...)
+CVE-2016-1763
 	NOT-FOR-US: Apple
-CVE-2016-1762 (The xmlNextChar function in libxml2 before 2.9.4 allows remote ...)
+CVE-2016-1762
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671
-CVE-2016-1761 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS ...)
+CVE-2016-1761
 	NOT-FOR-US: No public details available, probably Apple specific libxml2 changes
 	NOTE: Marking as NFU since a regular libxml2 security issue would have trickled down
 	NOTE: via libxml upstream
-CVE-2016-1760 (The XPC Services API in LaunchServices in Apple iOS before 9.3 allows ...)
+CVE-2016-1760
 	NOT-FOR-US: Apple
-CVE-2016-1759 (The kernel in Apple OS X before 10.11.4 allows attackers to execute ...)
+CVE-2016-1759
 	NOT-FOR-US: Apple
-CVE-2016-1758 (The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows ...)
+CVE-2016-1758
 	NOT-FOR-US: Apple
-CVE-2016-1757 (Race condition in the kernel in Apple iOS before 9.3 and OS X before ...)
+CVE-2016-1757
 	NOT-FOR-US: Apple
-CVE-2016-1756 (The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows ...)
+CVE-2016-1756
 	NOT-FOR-US: Apple
-CVE-2016-1755 (The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before ...)
+CVE-2016-1755
 	NOT-FOR-US: Apple
-CVE-2016-1754 (The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before ...)
+CVE-2016-1754
 	NOT-FOR-US: Apple
-CVE-2016-1753 (Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X ...)
+CVE-2016-1753
 	NOT-FOR-US: Apple
-CVE-2016-1752 (The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before ...)
+CVE-2016-1752
 	NOT-FOR-US: Apple
-CVE-2016-1751 (The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS ...)
+CVE-2016-1751
 	NOT-FOR-US: Apple
-CVE-2016-1750 (Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS ...)
+CVE-2016-1750
 	NOT-FOR-US: Apple
-CVE-2016-1749 (IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute ...)
+CVE-2016-1749
 	NOT-FOR-US: Apple
-CVE-2016-1748 (IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before ...)
+CVE-2016-1748
 	NOT-FOR-US: Apple
-CVE-2016-1747 (IOGraphics in Apple OS X before 10.11.4 allows attackers to execute ...)
+CVE-2016-1747
 	NOT-FOR-US: Apple
-CVE-2016-1746 (IOGraphics in Apple OS X before 10.11.4 allows attackers to execute ...)
+CVE-2016-1746
 	NOT-FOR-US: Apple
-CVE-2016-1745 (IOFireWireFamily in Apple OS X before 10.11.4 allows local users to ...)
+CVE-2016-1745
 	NOT-FOR-US: Apple
-CVE-2016-1744 (The Intel driver in the Graphics Drivers subsystem in Apple OS X ...)
+CVE-2016-1744
 	NOT-FOR-US: Apple
-CVE-2016-1743 (The Intel driver in the Graphics Drivers subsystem in Apple OS X ...)
+CVE-2016-1743
 	NOT-FOR-US: Apple
-CVE-2016-1742 (Untrusted search path vulnerability in the installer in Apple iTunes ...)
+CVE-2016-1742
 	NOT-FOR-US: Apple
-CVE-2016-1741 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X ...)
+CVE-2016-1741
 	NOT-FOR-US: Apple / NVIDIA
-CVE-2016-1740 (FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before ...)
+CVE-2016-1740
 	NOT-FOR-US: Apple
 CVE-2016-1739
 	REJECTED
-CVE-2016-1738 (dyld in Apple OS X before 10.11.4 allows attackers to bypass a ...)
+CVE-2016-1738
 	NOT-FOR-US: Apple
-CVE-2016-1737 (Carbon in Apple OS X before 10.11.4 allows remote attackers to execute ...)
+CVE-2016-1737
 	NOT-FOR-US: Apple
-CVE-2016-1736 (Bluetooth in Apple OS X before 10.11.4 allows attackers to execute ...)
+CVE-2016-1736
 	NOT-FOR-US: Apple
-CVE-2016-1735 (Bluetooth in Apple OS X before 10.11.4 allows attackers to execute ...)
+CVE-2016-1735
 	NOT-FOR-US: Apple
-CVE-2016-1734 (AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 ...)
+CVE-2016-1734
 	NOT-FOR-US: Apple
-CVE-2016-1733 (AppleRAID in Apple OS X before 10.11.4 allows attackers to execute ...)
+CVE-2016-1733
 	NOT-FOR-US: Apple
-CVE-2016-1732 (AppleRAID in Apple OS X before 10.11.4 allows local users to obtain ...)
+CVE-2016-1732
 	NOT-FOR-US: Apple
-CVE-2016-1731 (Apple Software Update before 2.2 on Windows does not use HTTPS, which ...)
+CVE-2016-1731
 	NOT-FOR-US: Apple
-CVE-2016-1730 (WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or ...)
+CVE-2016-1730
 	NOT-FOR-US: Apple iOS
-CVE-2016-1729 (Untrusted search path vulnerability in OSA Scripts in Apple OS X ...)
+CVE-2016-1729
 	NOT-FOR-US: Apple
-CVE-2016-1728 (The Cascading Style Sheets (CSS) implementation in Apple iOS before ...)
+CVE-2016-1728
 	NOT-FOR-US: Apple iOS
-CVE-2016-1727 (WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and ...)
+CVE-2016-1727
 	NOT-FOR-US: Apple iOS
-CVE-2016-1726 (WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, ...)
+CVE-2016-1726
 	NOT-FOR-US: Apple iOS
-CVE-2016-1725 (WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, ...)
+CVE-2016-1725
 	NOT-FOR-US: Apple iOS
-CVE-2016-1724 (WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and ...)
+CVE-2016-1724
 	NOT-FOR-US: Apple iOS
-CVE-2016-1723 (WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, ...)
+CVE-2016-1723
 	NOT-FOR-US: Apple iOS
-CVE-2016-1722 (syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before ...)
+CVE-2016-1722
 	NOT-FOR-US: Apple iOS
-CVE-2016-1721 (The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS ...)
+CVE-2016-1721
 	NOT-FOR-US: Apple iOS
-CVE-2016-1720 (IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before ...)
+CVE-2016-1720
 	NOT-FOR-US: Apple iOS
-CVE-2016-1719 (The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, ...)
+CVE-2016-1719
 	NOT-FOR-US: Apple iOS
-CVE-2016-1718 (The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS ...)
+CVE-2016-1718
 	NOT-FOR-US: Apple iOS
-CVE-2016-1717 (The Disk Images component in Apple iOS before 9.2.1, OS X before ...)
+CVE-2016-1717
 	NOT-FOR-US: Apple
-CVE-2016-1716 (AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local ...)
+CVE-2016-1716
 	NOT-FOR-US: Apple
-CVE-2016-1908 (The client in OpenSSH before 7.2 mishandles failed cookie generation ...)
+CVE-2016-1908
 	{DLA-1500-1}
 	- openssh 1:7.2p1-1
 	[wheezy] - openssh <no-dsa> (Minor issue)
@@ -27553,403 +27553,403 @@ CVE-2016-1908 (The client in OpenSSH before 7.2 mishandles failed cookie generat
 	NOTE: vulnerability is partly due to /etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 1:7.6+9 (wheezy and up)
 	NOTE: https://lists.debian.org/debian-lts/2016/01/msg00029.html
 	NOTE: Upstream announce: http://www.openssh.com/txt/release-7.2
-CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 ...)
+CVE-2016-1907
 	- openssh 1:7.1p2-1
 	[jessie] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
 	[wheezy] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
 	[squeeze] - openssh <not-affected> (Issue introduced in OpenSSH 6.8)
 	NOTE: Fixed by: https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
 	NOTE: Introduced by: https://anongit.mindrot.org/openssh.git/commit/packet.c?id=091c302829210c41e7f57c3f094c7b9c054306f0 (V_6_8_P1)
-CVE-2016-1898 (FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and ...)
+CVE-2016-1898
 	{DSA-3506-1}
 	- ffmpeg 7:2.8.5-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://habrahabr.ru/company/mailru/blog/274855
 	NOTE: Fixed in 2.8.5 upstream
-CVE-2016-1897 (FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and ...)
+CVE-2016-1897
 	{DSA-3506-1}
 	- ffmpeg 7:2.8.5-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://habrahabr.ru/company/mailru/blog/274855
 	NOTE: Fixed in 2.8.5 upstream
-CVE-2016-1867 (The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers ...)
+CVE-2016-1867
 	{DSA-3785-1}
 	- jasper <removed> (bug #811023)
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	[squeeze] - jasper <no-dsa> (Minor issue)
-CVE-2016-1715 (The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 ...)
+CVE-2016-1715
 	NOT-FOR-US: swin.sys kernel driver in McAfee Application Control
-CVE-2016-1713 (Unrestricted file upload vulnerability in the ...)
+CVE-2016-1713
 	NOT-FOR-US: vTiger
-CVE-2016-1712 (Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x ...)
+CVE-2016-1712
 	NOT-FOR-US: Palo Alto Networks
-CVE-2016-1711 (WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google ...)
+CVE-2016-1711
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1710 (The ChromeClientImpl::createWindow method in ...)
+CVE-2016-1710
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1709 (Heap-based buffer overflow in the ByteArray::Get method in ...)
+CVE-2016-1709
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1708 (The Chrome Web Store inline-installation implementation in the ...)
+CVE-2016-1708
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1707 (ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before ...)
+CVE-2016-1707
 	{DSA-3637-1}
 	- chromium-browser <not-affected> (Only affects chromium-browser on iOS)
-CVE-2016-1706 (The PPAPI implementation in Google Chrome before 52.0.2743.82 does not ...)
+CVE-2016-1706
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1705 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1705
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1704 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1704
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1703 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1703
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1702 (The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as ...)
+CVE-2016-1702
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1701 (The Autofill implementation in Google Chrome before 51.0.2704.79 ...)
+CVE-2016-1701
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1700 (extensions/renderer/runtime_custom_bindings.cc in Google Chrome before ...)
+CVE-2016-1700
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1699 (WebKit/Source/devtools/front_end/devtools.js in the Developer Tools ...)
+CVE-2016-1699
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1698 (The createCustomType function in ...)
+CVE-2016-1698
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1697 (The FrameLoader::startLoad function in ...)
+CVE-2016-1697
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1696 (The extensions subsystem in Google Chrome before 51.0.2704.79 does not ...)
+CVE-2016-1696
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1695 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1695
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1694 (browser/browsing_data/browsing_data_remover.cc in Google Chrome before ...)
+CVE-2016-1694
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1693 (browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before ...)
+CVE-2016-1693
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1692 (WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in ...)
+CVE-2016-1692
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1691 (Skia, as used in Google Chrome before 51.0.2704.63, mishandles ...)
+CVE-2016-1691
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1690 (The Autofill implementation in Google Chrome before 51.0.2704.63 ...)
+CVE-2016-1690
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1689 (Heap-based buffer overflow in ...)
+CVE-2016-1689
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1688 (The regexp (aka regular expression) implementation in Google V8 before ...)
+CVE-2016-1688
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1687 (The renderer implementation in Google Chrome before 51.0.2704.63 does ...)
+CVE-2016-1687
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1686 (The CPDF_DIBSource::CreateDecoder function in ...)
+CVE-2016-1686
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1685 (core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before ...)
+CVE-2016-1685
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1684 (numbers.c in libxslt before 1.1.29, as used in Google Chrome before ...)
+CVE-2016-1684
 	{DSA-3605-1 DSA-3590-1 DLA-514-1}
 	- libxslt 1.1.29-1
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d (v1.1.29-rc1)
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: Chromium bug report: https://code.google.com/p/chromium/issues/detail?id=583171
-CVE-2016-1683 (numbers.c in libxslt before 1.1.29, as used in Google Chrome before ...)
+CVE-2016-1683
 	{DSA-3605-1 DSA-3590-1 DLA-514-1}
 	- libxslt 1.1.29-1
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242 (v1.1.29-rc1)
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: Chromium bug report: https://code.google.com/p/chromium/issues/detail?id=583156
-CVE-2016-1682 (The ServiceWorkerContainer::registerServiceWorkerImpl function in ...)
+CVE-2016-1682
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1681 (Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in ...)
+CVE-2016-1681
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: http://blog.talosintel.com/2016/06/pdfium.html
-CVE-2016-1680 (Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, ...)
+CVE-2016-1680
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1679 (The ToV8Value function in content/child/v8_value_converter_impl.cc in ...)
+CVE-2016-1679
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1678 (objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome ...)
+CVE-2016-1678
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1677 (uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before ...)
+CVE-2016-1677
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1676 (extensions/renderer/resources/binding.js in the extension bindings in ...)
+CVE-2016-1676
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1675 (Blink, as used in Google Chrome before 51.0.2704.63, allows remote ...)
+CVE-2016-1675
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1674 (The extensions subsystem in Google Chrome before 51.0.2704.63 allows ...)
+CVE-2016-1674
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1673 (Blink, as used in Google Chrome before 51.0.2704.63, allows remote ...)
+CVE-2016-1673
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1672 (The ModuleSystem::RequireForJsInner function in ...)
+CVE-2016-1672
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1671 (Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and ...)
+CVE-2016-1671
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2016-1670 (Race condition in the ResourceDispatcherHostImpl::BeginRequest ...)
+CVE-2016-1670
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1669 (The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as ...)
+CVE-2016-1669
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	- nodejs 4.4.6~dfsg-1 (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1668 (The forEachForBinding function in ...)
+CVE-2016-1668
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1667 (The TreeScope::adoptIfNeeded function in ...)
+CVE-2016-1667
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1666 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1666
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1665 (The JSGenericLowering class in compiler/js-generic-lowering.cc in ...)
+CVE-2016-1665
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1664 (The HistoryController::UpdateForCommit function in ...)
+CVE-2016-1664
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1663 (The SerializedScriptValue::transferArrayBuffers function in ...)
+CVE-2016-1663
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1662 (extensions/renderer/gc_callback.cc in Google Chrome before ...)
+CVE-2016-1662
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1661 (Blink, as used in Google Chrome before 50.0.2661.94, does not ensure ...)
+CVE-2016-1661
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1660 (Blink, as used in Google Chrome before 50.0.2661.94, mishandles ...)
+CVE-2016-1660
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1659 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1659
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1658 (The Extensions subsystem in Google Chrome before 50.0.2661.75 ...)
+CVE-2016-1658
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1657 (The WebContentsImpl::FocusLocationBarByDefault function in ...)
+CVE-2016-1657
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1656 (The download implementation in Google Chrome before 50.0.2661.75 on ...)
+CVE-2016-1656
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2016-1655 (Google Chrome before 50.0.2661.75 does not properly consider that ...)
+CVE-2016-1655
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1654 (The media subsystem in Google Chrome before 50.0.2661.75 does not ...)
+CVE-2016-1654
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1653 (The LoadBuffer implementation in Google V8, as used in Google Chrome ...)
+CVE-2016-1653
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1652 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2016-1652
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1651 (fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome ...)
+CVE-2016-1651
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1650 (The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in ...)
+CVE-2016-1650
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1649 (The Program::getUniformInternal function in Program.cpp in libANGLE, ...)
+CVE-2016-1649
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1648 (Use-after-free vulnerability in the GetLoadTimes function in ...)
+CVE-2016-1648
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1647 (Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy ...)
+CVE-2016-1647
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1646 (The Array.prototype.concat implementation in builtins.cc in Google V8, ...)
+CVE-2016-1646
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1645 (Multiple integer signedness errors in the opj_j2k_update_image_data ...)
+CVE-2016-1645
 	{DSA-3513-1}
 	- chromium-browser 49.0.2623.87-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1644 (WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google ...)
+CVE-2016-1644
 	{DSA-3513-1}
 	- chromium-browser 49.0.2623.87-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1643 (The ImageInputType::ensurePrimaryContent function in ...)
+CVE-2016-1643
 	{DSA-3513-1}
 	- chromium-browser 49.0.2623.87-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1642 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1642
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1641 (Use-after-free vulnerability in ...)
+CVE-2016-1641
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1640 (The Web Store inline-installer implementation in the Extensions UI in ...)
+CVE-2016-1640
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1639 (Use-after-free vulnerability in ...)
+CVE-2016-1639
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1638 (extensions/renderer/resources/platform_app.js in the Extensions ...)
+CVE-2016-1638
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1637 (The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in ...)
+CVE-2016-1637
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1636 (The PendingScript::notifyFinished function in ...)
+CVE-2016-1636
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1635 (extensions/renderer/render_frame_observer_natives.cc in Google Chrome ...)
+CVE-2016-1635
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1634 (Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet ...)
+CVE-2016-1634
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1633 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
+CVE-2016-1633
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1632 (The Extensions subsystem in Google Chrome before 49.0.2623.75 does not ...)
+CVE-2016-1632
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1631 (The PPB_Flash_MessageLoop_Impl::InternalRun function in ...)
+CVE-2016-1631
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1630 (The ContainerNode::parserRemoveChild function in ...)
+CVE-2016-1630
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1629 (Google Chrome before 48.0.2564.116 allows remote attackers to bypass ...)
+CVE-2016-1629
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1628 (pi.c in OpenJPEG, as used in PDFium in Google Chrome before ...)
+CVE-2016-1628
 	{DSA-4013-1 DSA-3486-1}
 	- openjpeg <removed>
 	[jessie] - openjpeg <not-affected> (Vulnerable code introduced later)
@@ -27961,12 +27961,12 @@ CVE-2016-1628 (pi.c in OpenJPEG, as used in PDFium in Google Chrome before ...)
 	NOTE: openjpeg2 fixed in google by https://pdfium.googlesource.com/pdfium.git/+/76c995796f95fd4c54c5f11d2a04392f16478619%5E%21/#F2
 	NOTE: https://github.com/uclouvain/openjpeg/issues/850
 	NOTE: https://github.com/uclouvain/openjpeg/commit/11445eddad7e7fa5b273d1c83c91011c44e5d586
-CVE-2016-1627 (The Developer Tools (aka DevTools) subsystem in Google Chrome before ...)
+CVE-2016-1627
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1626 (The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in ...)
+CVE-2016-1626
 	{DSA-4013-1 DSA-3486-1}
 	- openjpeg <removed>
 	[jessie] - openjpeg <not-affected> (Vulnerable code introduced later)
@@ -27978,12 +27978,12 @@ CVE-2016-1626 (The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as use
 	NOTE: openjpeg2 fixed in google by https://pdfium.googlesource.com/pdfium.git/+/76c995796f95fd4c54c5f11d2a04392f16478619%5E%21/#F2
 	NOTE: https://github.com/uclouvain/openjpeg/issues/850
 	NOTE: https://github.com/uclouvain/openjpeg/commit/11445eddad7e7fa5b273d1c83c91011c44e5d586
-CVE-2016-1625 (The Chrome Instant feature in Google Chrome before 48.0.2564.109 does ...)
+CVE-2016-1625
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1624 (Integer underflow in the ProcessCommandsInternal function in ...)
+CVE-2016-1624
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -27992,106 +27992,106 @@ CVE-2016-1624 (Integer underflow in the ProcessCommandsInternal function in ...)
 	NOTE: https://codereview.chromium.org/1662313002
 	NOTE: https://codereview.chromium.org/1662313002/diff/1/third_party/brotli/dec/decode.c
 	NOTE: Same fix/change as for CVE-2016-1968
-CVE-2016-1623 (The DOM implementation in Google Chrome before 48.0.2564.109 does not ...)
+CVE-2016-1623
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1622 (The Extensions subsystem in Google Chrome before 48.0.2564.109 does ...)
+CVE-2016-1622
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1621 (libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 ...)
+CVE-2016-1621
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <not-affected> (Vulnerable code not present, libwebm not yet included)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present, libwebm not yet included)
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d%5E!/#F1
 	NOTE: probably fixed earlier than this version, but this was the version checked
-CVE-2016-1620 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+CVE-2016-1620
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1619 (Multiple integer overflows in the (1) sycc422_to_rgb and (2) ...)
+CVE-2016-1619
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1618 (Blink, as used in Google Chrome before 48.0.2564.82, does not ensure ...)
+CVE-2016-1618
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1617 (The CSPSource::schemeMatches function in ...)
+CVE-2016-1617
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1616 (The CustomButton::AcceleratorPressed function in ...)
+CVE-2016-1616
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1615 (The Omnibox implementation in Google Chrome before 48.0.2564.82 allows ...)
+CVE-2016-1615
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1614 (The UnacceleratedImageBufferSurface class in ...)
+CVE-2016-1614
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1613 (Multiple use-after-free vulnerabilities in the formfiller ...)
+CVE-2016-1613
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1612 (The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in ...)
+CVE-2016-1612
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1611 (Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses ...)
+CVE-2016-1611
 	NOT-FOR-US: Novell Filr
-CVE-2016-1610 (Directory traversal vulnerability in the email-template feature in ...)
+CVE-2016-1610
 	NOT-FOR-US: Novell Filr
-CVE-2016-1609 (Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr ...)
+CVE-2016-1609
 	NOT-FOR-US: Novell Filr
-CVE-2016-1608 (vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 ...)
+CVE-2016-1608
 	NOT-FOR-US: Novell Filr
-CVE-2016-1607 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2016-1607
 	NOT-FOR-US: Novell Filr
-CVE-2016-1606 (Multiple stack-based buffer overflows in COM objects in Micro Focus ...)
+CVE-2016-1606
 	NOT-FOR-US: Micro Focus Rumba
-CVE-2016-1605 (Directory traversal vulnerability in the ReportViewServlet servlet in ...)
+CVE-2016-1605
 	NOT-FOR-US: NetIQ Sentinel
 CVE-2016-1604
 	RESERVED
-CVE-2016-1603 (An information leak in the NetIQ IDM ServiceNow Driver before 1.0.0.1 ...)
+CVE-2016-1603
 	NOT-FOR-US: NetIQ
-CVE-2016-1602 (A code injection in the supportconfig data collection tool in ...)
+CVE-2016-1602
 	NOT-FOR-US: SLES support tool
-CVE-2016-1601 (yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, ...)
+CVE-2016-1601
 	NOT-FOR-US: yast2-users / SuSE YAST
 CVE-2016-1600
 	RESERVED
-CVE-2016-1599 (Cross-site scripting (XSS) vulnerability in NetIQ Self Service ...)
+CVE-2016-1599
 	NOT-FOR-US: NetIQ Self Service Password Reset
-CVE-2016-1598 (XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows ...)
+CVE-2016-1598
 	NOT-FOR-US: NetIQ IDM
-CVE-2016-1597 (A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could ...)
+CVE-2016-1597
 	NOT-FOR-US: NetIQ
-CVE-2016-1596 (Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus ...)
+CVE-2016-1596
 	NOT-FOR-US: Micro Focus
-CVE-2016-1595 (LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in ...)
+CVE-2016-1595
 	NOT-FOR-US: Micro Focus
-CVE-2016-1594 (Micro Focus Novell Service Desk before 7.2 allows remote authenticated ...)
+CVE-2016-1594
 	NOT-FOR-US: Micro Focus
-CVE-2016-1593 (Directory traversal vulnerability in the import users feature in Micro ...)
+CVE-2016-1593
 	NOT-FOR-US: Micro Focus
-CVE-2016-1592 (XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote ...)
+CVE-2016-1592
 	NOT-FOR-US: NetIQ Designer
 CVE-2016-1591
 	REJECTED
@@ -28109,24 +28109,24 @@ CVE-2016-1585
 	RESERVED
 CVE-2016-1584
 	RESERVED
-CVE-2016-1583 (The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the ...)
+CVE-2016-1583
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.6.2-1
-CVE-2016-1582 (LXD before 2.0.2 does not properly set permissions when switching an ...)
+CVE-2016-1582
 	- lxd <itp> (bug #768073)
-CVE-2016-1581 (LXD before 2.0.2 uses world-readable permissions for ...)
+CVE-2016-1581
 	- lxd <itp> (bug #768073)
-CVE-2016-1580 (The setup_snappy_os_mounts function in the ubuntu-core-launcher ...)
+CVE-2016-1580
 	NOT-FOR-US: ubuntu-core-launcher
 CVE-2016-1579
 	RESERVED
-CVE-2016-1578 (Use-after-free vulnerability in Oxide allows remote attackers to cause ...)
+CVE-2016-1578
 	NOT-FOR-US: Oxide
-CVE-2016-1577 (Double free vulnerability in the jas_iccattrval_destroy function in ...)
+CVE-2016-1577
 	{DSA-3508-1}
 	- jasper <removed> (bug #816625)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/12
-CVE-2016-1576 (The overlayfs implementation in the Linux kernel through 4.5.2 does ...)
+CVE-2016-1576
 	- linux 4.5.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -28134,7 +28134,7 @@ CVE-2016-1576 (The overlayfs implementation in the Linux kernel through 4.5.2 do
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1535150
 	NOTE: http://www.halfdog.net/Security/2016/OverlayfsOverFusePrivilegeEscalation/
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9f57ebcba563e0cd532926cab83c92bb4d79360
-CVE-2016-1575 (The overlayfs implementation in the Linux kernel through 4.5.2 does ...)
+CVE-2016-1575
 	- linux 4.5.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -28146,22 +28146,22 @@ CVE-2016-1574
 	REJECTED
 CVE-2016-1573
 	RESERVED
-CVE-2016-1572 (mount.ecryptfs_private.c in eCryptfs-utils does not validate mount ...)
+CVE-2016-1572
 	{DSA-3450-1 DLA-397-1}
 	- ecryptfs-utils 106-2
 	NOTE: https://bugs.launchpad.net/ecryptfs/+bug/1530566
 	NOTE: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870
-CVE-2016-1571 (The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x ...)
+CVE-2016-1571
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-168.html
-CVE-2016-1570 (The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, ...)
+CVE-2016-1570
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-167.html
-CVE-2016-1567 (chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer ...)
+CVE-2016-1567
 	{DLA-742-1 DLA-414-1}
 	- chrony 2.2.1-1 (low; bug #812923)
 	[jessie] - chrony 1.30-2+deb8u2
@@ -28169,15 +28169,15 @@ CVE-2016-1567 (chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer ...)
 	NOTE: http://chrony.tuxfamily.org/news.html#_20_jan_2016_chrony_2_2_1_and_chrony_1_31_2_released
 	NOTE: Fix for 2.x http://git.tuxfamily.org/chrony/chrony.git/commit/?id=a78bf9725a7b481ebff0e0c321294ba767f2c1d8
 	NOTE: Fix for 1.x http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=df46e5ca5d70be1c0ae037f96b4b038362703832
-CVE-2016-1566 (Cross-site scripting (XSS) vulnerability in the file browser in ...)
+CVE-2016-1566
 	- guacamole-client <unfixed> (bug #859136)
 	[stretch] - guacamole-client <no-dsa> (Minor issue)
 	[jessie] - guacamole-client <not-affected> (Vulnerable code not present)
 	- guacamole <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/glyptodon/guacamole-client/commit/7da13129c432d1c0a577342a9bf23ca2bde9c367
-CVE-2016-1565 (Cross-site scripting (XSS) vulnerability in the Field Group module ...)
+CVE-2016-1565
 	NOT-FOR-US: Field Group module for Drupal
-CVE-2016-1714 (The (1) fw_cfg_write and (2) fw_cfg_read functions in ...)
+CVE-2016-1714
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-4
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -28189,14 +28189,14 @@ CVE-2016-1714 (The (1) fw_cfg_write and (2) fw_cfg_read functions in ...)
 	NOTE: fw_cfg support for guest-side data writes removed in 2.4 (1:2.4+dfsg-1a)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=023e3148567ac898c7258138f8e86c3c2bb40d07 (v2.4.0-rc0)
 	NOTE: fw_cfg_read removed in: http://git.qemu.org/?p=qemu.git;a=commit;h=6c8d56a2e95712a6206a2671d2b04b2e59cabc0b
-CVE-2016-1569 (FireBird 2.5.5 allows remote authenticated users to cause a denial of ...)
+CVE-2016-1569
 	- firebird2.5 2.5.5.26952.ds4-3 (bug #810599)
 	[jessie] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
 	[wheezy] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
 	[squeeze] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
 	NOTE: http://tracker.firebirdsql.org/browse/CORE-5068
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/10/2
-CVE-2016-1568 (Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with ...)
+CVE-2016-1568
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-2 (bug #810527)
 	[squeeze] - qemu <not-affected> (Vulnerable code introduced later)
@@ -28206,23 +28206,23 @@ CVE-2016-1568 (Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built
 	NOTE: ahci emulation added in: http://git.qemu.org/?p=qemu.git;a=commit;h=f6ad2e32f8d833c7f1c75dc084a84a8f02704d64 (v0.14.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288532
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/09/1
-CVE-2016-1563 (NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 ...)
+CVE-2016-1563
 	NOT-FOR-US: NetApp
-CVE-2016-1562 (The REST API in the DTE Energy Insight application before 1.7.8 for ...)
+CVE-2016-1562
 	NOT-FOR-US: DTE Energy Insight
-CVE-2016-1561 (ExaGrid appliances with firmware before 4.8 P26 have a default SSH ...)
+CVE-2016-1561
 	NOT-FOR-US: ExaGrid appliances
-CVE-2016-1560 (ExaGrid appliances with firmware before 4.8 P26 have a default ...)
+CVE-2016-1560
 	NOT-FOR-US: ExaGrid appliances
-CVE-2016-1559 (D-Link DAP-1353 H/W vers. B1 3.15 and earlier, D-Link DAP-2553 H/W ...)
+CVE-2016-1559
 	NOT-FOR-US: D-Link
-CVE-2016-1558 (Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and ...)
+CVE-2016-1558
 	NOT-FOR-US: D-Link
-CVE-2016-1557 (Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless ...)
+CVE-2016-1557
 	NOT-FOR-US: Netgear
-CVE-2016-1556 (Information disclosure in Netgear WN604 before 3.3.3; WNAP210, ...)
+CVE-2016-1556
 	NOT-FOR-US: Netgear
-CVE-2016-1555 ((1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) ...)
+CVE-2016-1555
 	NOT-FOR-US: Netgear
 CVE-2016-1554
 	RESERVED
@@ -28234,29 +28234,29 @@ CVE-2016-1552
 	NOTE: https://github.com/facebook/hhvm/commit/979b5b312ffbd56126c52f3dcb6cf8fcab89664f
 	NOTE: https://github.com/facebook/hhvm/commit/604689e1565ea6361f9d81f839cd56bdda3b45ed
 	NOTE: https://github.com/facebook/hhvm/commit/f21dccdde582c61d5a9b52dd821bcb1f08169d28
-CVE-2016-1551 (ntpd in NTP 4.2.8p3 and NTPsec ...)
+CVE-2016-1551
 	- ntp <not-affected> (Does not affect Linux or FreeBSD)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1550 (An exploitable vulnerability exists in the message authentication ...)
+CVE-2016-1550
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1549 (A malicious authenticated peer can create arbitrarily-many ephemeral ...)
+CVE-2016-1549
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
 	NOTE: additional significant protection went into ntp-4.2.8p11.
-CVE-2016-1548 (An attacker can spoof a packet from a legitimate ntpd server with an ...)
+CVE-2016-1548
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1547 (An off-path attacker can cause a preemptible client association to be ...)
+CVE-2016-1547
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1546 (The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, ...)
+CVE-2016-1546
 	- apache2 2.4.20-1
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
@@ -28272,11 +28272,11 @@ CVE-2016-1544 [out of memory error due to unlimited incoming HTTP header fields]
 	NOTE: Fix spread across multiple commits: https://github.com/tatsuhiro-t/nghttp2/compare/v1.7.0...v1.7.1
 	NOTE: Commits between 1.7.0 and 1.7.1 seem almost limited to this issue, cf.
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1308461#c3
-CVE-2016-1543 (The RPC API in the RSCD agent in BMC BladeLogic Server Automation ...)
+CVE-2016-1543
 	NOT-FOR-US: BMC
-CVE-2016-1542 (The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) ...)
+CVE-2016-1542
 	NOT-FOR-US: BMC
-CVE-2016-1541 (Heap-based buffer overflow in the zip_read_mac_metadata function in ...)
+CVE-2016-1541
 	{DSA-3574-1}
 	[experimental] - libarchive 3.2.0-1
 	- libarchive 3.1.2-11.1 (bug #823893)
@@ -28304,7 +28304,7 @@ CVE-2016-1533
 	RESERVED
 CVE-2016-1532
 	RESERVED
-CVE-2016-1531 (Exim before 4.86.2, when installed setuid root, allows local users to ...)
+CVE-2016-1531
 	{DSA-3517-1}
 	- exim4 4.86.2-1
 	NOTE: https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html
@@ -28316,7 +28316,7 @@ CVE-2016-1528
 	RESERVED
 CVE-2016-1527
 	RESERVED
-CVE-2016-1526 (The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in ...)
+CVE-2016-1526
 	{DSA-3491-1 DSA-3479-1 DSA-3477-1}
 	- graphite2 1.3.5-1
 	NOTE: http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
@@ -28327,11 +28327,11 @@ CVE-2016-1526 (The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in
 	- icedove 38.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/
-CVE-2016-1525 (Directory traversal vulnerability in data/config/image.do in NETGEAR ...)
+CVE-2016-1525
 	NOT-FOR-US: NETGEAR Management System NMS300
-CVE-2016-1524 (Multiple unrestricted file upload vulnerabilities in NETGEAR ...)
+CVE-2016-1524
 	NOT-FOR-US: NETGEAR Management System NMS300
-CVE-2016-1523 (The SillMap::readFace function in FeatureMap.cpp in Libgraphite in ...)
+CVE-2016-1523
 	{DSA-3491-1 DSA-3479-1 DSA-3477-1}
 	- graphite2 1.3.5-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0059/
@@ -28341,25 +28341,25 @@ CVE-2016-1523 (The SillMap::readFace function in FeatureMap.cpp in Libgraphite i
 	- icedove 38.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/
-CVE-2016-1522 (Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla ...)
+CVE-2016-1522
 	{DSA-3479-1}
 	- graphite2 1.3.5-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0057/
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0060/
 	NOTE: http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
-CVE-2016-1521 (The directrun function in directmachine.cpp in Libgraphite in Graphite ...)
+CVE-2016-1521
 	{DSA-3479-1}
 	- graphite2 1.3.5-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0058/
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0061/
 	NOTE: http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
-CVE-2016-1520 (The Grandstream Wave app 1.0.1.26 and earlier for Android does not use ...)
+CVE-2016-1520
 	NOT-FOR-US: Grandstream Wave app
-CVE-2016-1519 (The com.softphone.common package in the Grandstream Wave app 1.0.1.26 ...)
+CVE-2016-1519
 	NOT-FOR-US: Grandstream Wave app
-CVE-2016-1518 (The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 ...)
+CVE-2016-1518
 	NOT-FOR-US: Grandstream Wave app
-CVE-2016-1517 (OpenCV 3.0.0 allows remote attackers to cause a denial of service ...)
+CVE-2016-1517
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872043)
 	[stretch] - opencv <ignored> (Minor issue)
@@ -28367,7 +28367,7 @@ CVE-2016-1517 (OpenCV 3.0.0 allows remote attackers to cause a denial of service
 	[wheezy] - opencv <no-dsa> (Minor issue)
 	NOTE: https://arxiv.org/pdf/1701.04739.pdf
 	NOTE: https://github.com/opencv/opencv/issues/5956
-CVE-2016-1516 (OpenCV 3.0.0 has a double free issue that allows attackers to execute ...)
+CVE-2016-1516
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872043)
@@ -28378,7 +28378,7 @@ CVE-2016-1515
 	REJECTED
 CVE-2016-1514
 	REJECTED
-CVE-2016-1513 (The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote ...)
+CVE-2016-1513
 	{DLA-591-1}
 	- libreoffice 1:4.3.3-1
 	NOTE: http://www.openoffice.org/security/cves/CVE-2016-1513.html
@@ -28400,15 +28400,15 @@ CVE-2016-1507
 	RESERVED
 CVE-2016-1506
 	RESERVED
-CVE-2016-1502 (NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to ...)
+CVE-2016-1502
 	NOT-FOR-US: NetApp
-CVE-2016-1497 (The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x ...)
+CVE-2016-1497
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-1496 (The graphics driver in Huawei P8 smartphones with software GRA-TL00 ...)
+CVE-2016-1496
 	NOT-FOR-US: Huawei
-CVE-2016-1495 (Integer overflow in the graphics drivers in Huawei Mate S smartphones ...)
+CVE-2016-1495
 	NOT-FOR-US: Huawei
-CVE-2016-1564 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2016-1564
 	{DSA-3444-1}
 	- wordpress 4.4.1+dfsg-1 (bug #810325)
 	[squeeze] - wordpress <not-affected> (Vulnerable code not present)
@@ -28417,7 +28417,7 @@ CVE-2016-1564 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOTE: https://wpvulndb.com/vulnerabilities/8358
 	NOTE: https://twitter.com/brutelogic/status/685105483397619713
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/08/3
-CVE-2016-1503 (dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-1503
 	- dhcpcd5 6.10.1-1 (bug #810621)
 	[jessie] - dhcpcd5 <not-affected> (Vulnerable code not present)
 	[wheezy] - dhcpcd5 <not-affected> (Vulnerable code not present)
@@ -28425,7 +28425,7 @@ CVE-2016-1503 (dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x
 	NOTE: https://dev.marples.name/rDHC1475a702df74b120db847991bc011e3441a045b8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/07/3
 	NOTE: dhcpcd 3.2.3-<rev> in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions.
-CVE-2016-1504 (dhcpcd before 6.10.0 allows remote attackers to cause a denial of ...)
+CVE-2016-1504
 	- dhcpcd5 6.10.1-1 (bug #810620)
 	[jessie] - dhcpcd5 <not-affected> (Vulnerable code not present)
 	[wheezy] - dhcpcd5 <not-affected> (Vulnerable code not present)
@@ -28438,470 +28438,470 @@ CVE-2016-XXXX [Missing normalization]
 	- ruby-rack-attack 4.3.1-1
 	NOTE: https://github.com/kickstarter/rack-attack/commit/76c2e3143099d938883ae5654527b47e9e6a8977
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/1
-CVE-2016-1501 (ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote ...)
+CVE-2016-1501
 	- owncloud 7.0.12~dfsg-2
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-004
-CVE-2016-1500 (ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before ...)
+CVE-2016-1500
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-1
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-003
-CVE-2016-1499 (ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before ...)
+CVE-2016-1499
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-2
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-002
-CVE-2016-1498 (Cross-site scripting (XSS) vulnerability in the OCS discovery provider ...)
+CVE-2016-1498
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-1
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-001
-CVE-2016-1493 (Intel Driver Update Utility before 2.4 retrieves driver updates in ...)
+CVE-2016-1493
 	NOT-FOR-US: Intel Driver Update Utility
-CVE-2016-1492 (The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when ...)
+CVE-2016-1492
 	NOT-FOR-US: Lenovo
-CVE-2016-1491 (The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when ...)
+CVE-2016-1491
 	NOT-FOR-US: Lenovo
-CVE-2016-1490 (The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows ...)
+CVE-2016-1490
 	NOT-FOR-US: Lenovo
-CVE-2016-1489 (Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww ...)
+CVE-2016-1489
 	NOT-FOR-US: Lenovo
-CVE-2016-1488 (Cross-site scripting (XSS) vulnerability in the login form in the ...)
+CVE-2016-1488
 	NOT-FOR-US: Siemens
 CVE-2016-1487
 	RESERVED
-CVE-2016-1486 (A vulnerability in the email attachment scanning functionality of the ...)
+CVE-2016-1486
 	NOT-FOR-US: Siemens OZW OZW672
-CVE-2016-1485 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services ...)
+CVE-2016-1485
 	NOT-FOR-US: Cisco
-CVE-2016-1484 (Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass ...)
+CVE-2016-1484
 	NOT-FOR-US: Cisco
-CVE-2016-1483 (Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a ...)
+CVE-2016-1483
 	NOT-FOR-US: Cisco
-CVE-2016-1482 (Cisco WebEx Meetings Server 2.6 allows remote attackers to execute ...)
+CVE-2016-1482
 	NOT-FOR-US: Cisco
-CVE-2016-1481 (A vulnerability in the email message filtering feature of Cisco AsyncOS ...)
+CVE-2016-1481
 	NOT-FOR-US: Cisco
-CVE-2016-1480 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
+CVE-2016-1480
 	NOT-FOR-US: Cisco
-CVE-2016-1479 (Cisco IP Phone 8800 devices with software 11.0(1) allow remote ...)
+CVE-2016-1479
 	NOT-FOR-US: Cisco
-CVE-2016-1478 (Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not ...)
+CVE-2016-1478
 	NOT-FOR-US: Cisco
-CVE-2016-1477 (Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated ...)
+CVE-2016-1477
 	NOT-FOR-US: Cisco
-CVE-2016-1476 (Cross-site scripting (XSS) vulnerability on Cisco IP Phone 8800 ...)
+CVE-2016-1476
 	NOT-FOR-US: Cisco
 CVE-2016-1475
 	RESERVED
-CVE-2016-1474 (Cisco Prime Infrastructure 2.2(2) does not properly restrict use of ...)
+CVE-2016-1474
 	NOT-FOR-US: Cisco
-CVE-2016-1473 (Cisco Small Business 220 devices with firmware before 1.0.1.1 have a ...)
+CVE-2016-1473
 	NOT-FOR-US: Cisco
-CVE-2016-1472 (The web-based management interface on Cisco Small Business 220 devices ...)
+CVE-2016-1472
 	NOT-FOR-US: Cisco
-CVE-2016-1471 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+CVE-2016-1471
 	NOT-FOR-US: Cisco
-CVE-2016-1470 (Cross-site request forgery (CSRF) vulnerability in the web-based ...)
+CVE-2016-1470
 	NOT-FOR-US: Cisco
-CVE-2016-1469 (The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows ...)
+CVE-2016-1469
 	NOT-FOR-US: Cisco
-CVE-2016-1468 (The administrative web interface in Cisco TelePresence Video ...)
+CVE-2016-1468
 	NOT-FOR-US: Cisco
-CVE-2016-1467 (Cisco Videoscape Session Resource Manager (VSRM) allows remote ...)
+CVE-2016-1467
 	NOT-FOR-US: Cisco
-CVE-2016-1466 (Cisco Unified Communications Manager IM and Presence Service 9.1(1) ...)
+CVE-2016-1466
 	NOT-FOR-US: Cisco
-CVE-2016-1465 (Cisco Nexus 1000v Application Virtual Switch (AVS) devices before ...)
+CVE-2016-1465
 	NOT-FOR-US: Cisco
-CVE-2016-1464 (Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, ...)
+CVE-2016-1464
 	NOT-FOR-US: Cisco
-CVE-2016-1463 (Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 ...)
+CVE-2016-1463
 	NOT-FOR-US: Cisco
-CVE-2016-1462 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+CVE-2016-1462
 	NOT-FOR-US: Cisco
-CVE-2016-1461 (Cisco AsyncOS on Email Security Appliance (ESA) devices through ...)
+CVE-2016-1461
 	NOT-FOR-US: Cisco
-CVE-2016-1460 (Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and ...)
+CVE-2016-1460
 	NOT-FOR-US: Cisco
-CVE-2016-1459 (Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 ...)
+CVE-2016-1459
 	NOT-FOR-US: Cisco
-CVE-2016-1458 (The web-based GUI in Cisco Firepower Management Center 4.x and 5.x ...)
+CVE-2016-1458
 	NOT-FOR-US: Cisco
-CVE-2016-1457 (The web-based GUI in Cisco Firepower Management Center 4.x and 5.x ...)
+CVE-2016-1457
 	NOT-FOR-US: Cisco
-CVE-2016-1456 (The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to ...)
+CVE-2016-1456
 	NOT-FOR-US: Cisco
-CVE-2016-1455 (Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an ...)
+CVE-2016-1455
 	NOT-FOR-US: Cisco
-CVE-2016-1454 (Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, ...)
+CVE-2016-1454
 	NOT-FOR-US: Cisco
-CVE-2016-1453 (Buffer overflow in the Overlay Transport Virtualization (OTV) GRE ...)
+CVE-2016-1453
 	NOT-FOR-US: Cisco
-CVE-2016-1452 (Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote ...)
+CVE-2016-1452
 	NOT-FOR-US: Cisco
-CVE-2016-1451 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+CVE-2016-1451
 	NOT-FOR-US: Cisco
-CVE-2016-1450 (Cisco WebEx Meetings Server 2.6 allows remote authenticated users to ...)
+CVE-2016-1450
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1449 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings ...)
+CVE-2016-1449
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1448 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
+CVE-2016-1448
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1447 (Cross-site scripting (XSS) vulnerability in the administrator ...)
+CVE-2016-1447
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1446 (SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows ...)
+CVE-2016-1446
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1445 (Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 ...)
+CVE-2016-1445
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1444 (The Mobile and Remote Access (MRA) component in Cisco TelePresence ...)
+CVE-2016-1444
 	NOT-FOR-US: Cisco
-CVE-2016-1443 (The virtual network stack on Cisco AMP Threat Grid Appliance devices ...)
+CVE-2016-1443
 	NOT-FOR-US: Cisco
-CVE-2016-1442 (The administrative web interface in Cisco Prime Infrastructure (PI) ...)
+CVE-2016-1442
 	NOT-FOR-US: Cisco
-CVE-2016-1441 (Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco ...)
+CVE-2016-1441
 	NOT-FOR-US: Cisco
-CVE-2016-1440 (The proxy process on Cisco Web Security Appliance (WSA) devices ...)
+CVE-2016-1440
 	NOT-FOR-US: Cisco
-CVE-2016-1439 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2016-1439
 	NOT-FOR-US: Cisco
-CVE-2016-1438 (Cisco AsyncOS 9.7.0-125 on Email Security Appliance (ESA) devices ...)
+CVE-2016-1438
 	NOT-FOR-US: Cisco
-CVE-2016-1437 (SQL injection vulnerability in the SQL database in Cisco Prime ...)
+CVE-2016-1437
 	NOT-FOR-US: Cisco
-CVE-2016-1436 (The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) ...)
+CVE-2016-1436
 	NOT-FOR-US: Cisco
-CVE-2016-1435 (Cisco 8800 phones with software 11.0(1) do not properly enforce ...)
+CVE-2016-1435
 	NOT-FOR-US: Cisco
-CVE-2016-1434 (The license-certificate upload functionality on Cisco 8800 phones with ...)
+CVE-2016-1434
 	NOT-FOR-US: Cisco
-CVE-2016-1433 (Cisco IOS XR 6.0 and 6.0.1 on NCS 6000 devices allows remote attackers ...)
+CVE-2016-1433
 	NOT-FOR-US: Cisco
-CVE-2016-1432 (Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router ...)
+CVE-2016-1432
 	NOT-FOR-US: Cisco
-CVE-2016-1431 (Cross-site scripting (XSS) vulnerability in Cisco Firepower Management ...)
+CVE-2016-1431
 	NOT-FOR-US: Cisco
-CVE-2016-1430 (Cisco RV180 and RV180W devices allow remote authenticated users to ...)
+CVE-2016-1430
 	NOT-FOR-US: Cisco
-CVE-2016-1429 (Directory traversal vulnerability in the web interface on Cisco RV180 ...)
+CVE-2016-1429
 	NOT-FOR-US: Cisco
-CVE-2016-1428 (Double free vulnerability in Cisco IOS XE 3.15S, 3.16S, and 3.17S ...)
+CVE-2016-1428
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1427 (The System Configuration Protocol (SCP) core messaging interface in ...)
+CVE-2016-1427
 	NOT-FOR-US: Cisco Prime Network Registrar
-CVE-2016-1426 (Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote ...)
+CVE-2016-1426
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1425 (Cisco IOS 15.0(2)SG5, 15.1(2)SG3, 15.2(1)E, 15.3(3)S, and 15.4(1.13)S ...)
+CVE-2016-1425
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1424 (Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause ...)
+CVE-2016-1424
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1423 (A vulnerability in the display of email messages in the Messages in ...)
+CVE-2016-1423
 	NOT-FOR-US: Cisco ESA
 CVE-2016-1422
 	RESERVED
-CVE-2016-1421 (The web application on Cisco IP 8800 devices allows remote attackers ...)
+CVE-2016-1421
 	NOT-FOR-US: Cisco
-CVE-2016-1420 (The installation component on Cisco Application Policy Infrastructure ...)
+CVE-2016-1420
 	NOT-FOR-US: Cisco
-CVE-2016-1419 (Cisco Access Point devices with software 8.2(102.43) allow remote ...)
+CVE-2016-1419
 	NOT-FOR-US: Cisco
-CVE-2016-1418 (Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, ...)
+CVE-2016-1418
 	NOT-FOR-US: Cisco
-CVE-2016-1417 (Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows ...)
+CVE-2016-1417
 	NOT-FOR-US: Cisco
-CVE-2016-1416 (Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) ...)
+CVE-2016-1416
 	NOT-FOR-US: Cisco Prime
-CVE-2016-1415 (Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, ...)
+CVE-2016-1415
 	NOT-FOR-US: Cisco
 CVE-2016-1414
 	RESERVED
-CVE-2016-1413 (The web interface in Cisco Firepower Management Center 5.4.0 through ...)
+CVE-2016-1413
 	NOT-FOR-US: Cisco
 CVE-2016-1412
 	RESERVED
-CVE-2016-1411 (A vulnerability in the update functionality of Cisco AsyncOS Software ...)
+CVE-2016-1411
 	NOT-FOR-US: Cisco
-CVE-2016-1410 (Cisco WebEx Meeting Center Original Release Base allows remote ...)
+CVE-2016-1410
 	NOT-FOR-US: Cisco
-CVE-2016-1409 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+CVE-2016-1409
 	NOT-FOR-US: Cisco
-CVE-2016-1408 (Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable ...)
+CVE-2016-1408
 	NOT-FOR-US: Cisco
-CVE-2016-1407 (Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services ...)
+CVE-2016-1407
 	NOT-FOR-US: Cisco
-CVE-2016-1406 (The API web interface in Cisco Prime Infrastructure before 3.1 and ...)
+CVE-2016-1406
 	NOT-FOR-US: Cisco
-CVE-2016-1405 (libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware ...)
+CVE-2016-1405
 	- clamav 0.99+dfsg-1
-CVE-2016-1404 (Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and ...)
+CVE-2016-1404
 	NOT-FOR-US: Cisco
-CVE-2016-1403 (CISCO IP 8800 phones with software 11.0.1 and earlier allow local ...)
+CVE-2016-1403
 	NOT-FOR-US: Cisco
-CVE-2016-1402 (The Active Directory (AD) integration component in Cisco Identity ...)
+CVE-2016-1402
 	NOT-FOR-US: Cisco
-CVE-2016-1401 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2016-1401
 	NOT-FOR-US: Cisco
-CVE-2016-1400 (Cisco TelePresence Video Communications Server (VCS) X8.x before ...)
+CVE-2016-1400
 	NOT-FOR-US: Cisco
-CVE-2016-1399 (The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, ...)
+CVE-2016-1399
 	NOT-FOR-US: Cisco
-CVE-2016-1398 (Buffer overflow in the web-based management interface on Cisco RV110W ...)
+CVE-2016-1398
 	NOT-FOR-US: Cisco
-CVE-2016-1397 (Buffer overflow in the web-based management interface on Cisco RV110W ...)
+CVE-2016-1397
 	NOT-FOR-US: Cisco
-CVE-2016-1396 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+CVE-2016-1396
 	NOT-FOR-US: Cisco
-CVE-2016-1395 (The web-based management interface on Cisco RV110W devices with ...)
+CVE-2016-1395
 	NOT-FOR-US: Cisco
-CVE-2016-1394 (Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded ...)
+CVE-2016-1394
 	NOT-FOR-US: Cisco Firepower System Software
-CVE-2016-1393 (SQL injection vulnerability in Cisco Cloud Network Automation ...)
+CVE-2016-1393
 	NOT-FOR-US: Cisco
-CVE-2016-1392 (Open redirect vulnerability in Cisco Prime Collaboration Assurance ...)
+CVE-2016-1392
 	NOT-FOR-US: Cisco
-CVE-2016-1391 (Cisco Prime Network Analysis Module (NAM) before 6.1(1) ...)
+CVE-2016-1391
 	NOT-FOR-US: Cisco
-CVE-2016-1390 (Cisco Prime Network Analysis Module (NAM) before 6.1(1) ...)
+CVE-2016-1390
 	NOT-FOR-US: Cisco
-CVE-2016-1389 (Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 ...)
+CVE-2016-1389
 	NOT-FOR-US: Cisco
-CVE-2016-1388 (Cisco Prime Network Analysis Module (NAM) before 6.1(1) ...)
+CVE-2016-1388
 	NOT-FOR-US: Cisco
-CVE-2016-1387 (The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, ...)
+CVE-2016-1387
 	NOT-FOR-US: Cisco
-CVE-2016-1386 (The API in Cisco Application Policy Infrastructure Controller ...)
+CVE-2016-1386
 	NOT-FOR-US: Cisco
-CVE-2016-1385 (The XML parser in Cisco Adaptive Security Appliance (ASA) Software ...)
+CVE-2016-1385
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1384 (The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 ...)
+CVE-2016-1384
 	NOT-FOR-US: Cisco
-CVE-2016-1383 (Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance ...)
+CVE-2016-1383
 	NOT-FOR-US: Cisco
-CVE-2016-1382 (Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security ...)
+CVE-2016-1382
 	NOT-FOR-US: Cisco
-CVE-2016-1381 (Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web ...)
+CVE-2016-1381
 	NOT-FOR-US: Cisco
-CVE-2016-1380 (Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) ...)
+CVE-2016-1380
 	NOT-FOR-US: Cisco
-CVE-2016-1379 (Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 ...)
+CVE-2016-1379
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1378 (Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote ...)
+CVE-2016-1378
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1377 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection ...)
+CVE-2016-1377
 	NOT-FOR-US: Cisco
-CVE-2016-1376 (Cisco IOS XR 4.2.3, 4.3.0, 4.3.4, and 5.3.1 on ASR 9000 devices allows ...)
+CVE-2016-1376
 	NOT-FOR-US: Cisco
-CVE-2016-1375 (Cross-site scripting (XSS) vulnerability in Cisco IP Interoperability ...)
+CVE-2016-1375
 	NOT-FOR-US: Cisco
-CVE-2016-1374 (The web framework in Cisco Unified Computing System (UCS) Performance ...)
+CVE-2016-1374
 	NOT-FOR-US: Cisco
-CVE-2016-1373 (The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), ...)
+CVE-2016-1373
 	NOT-FOR-US: Cisco
-CVE-2016-1372 (ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to ...)
+CVE-2016-1372
 	{DLA-546-1}
 	- clamav 0.99.2+dfsg-1
 	[jessie] - clamav 0.99.2+dfsg-0+deb8u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11514
 	NOTE: https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
-CVE-2016-1371 (ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to ...)
+CVE-2016-1371
 	{DLA-546-1}
 	- clamav 0.99.2+dfsg-1
 	[jessie] - clamav 0.99.2+dfsg-0+deb8u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11514
 	NOTE: https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
-CVE-2016-1370 (Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) ...)
+CVE-2016-1370
 	NOT-FOR-US: Cisco
-CVE-2016-1369 (The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security ...)
+CVE-2016-1369
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1368 (Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x ...)
+CVE-2016-1368
 	NOT-FOR-US: Cisco
-CVE-2016-1367 (The DHCPv6 relay implementation in Cisco Adaptive Security Appliance ...)
+CVE-2016-1367
 	NOT-FOR-US: Cisco
-CVE-2016-1366 (The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on ...)
+CVE-2016-1366
 	NOT-FOR-US: Cisco IOS XR
-CVE-2016-1365 (The Grapevine update process in Cisco Application Policy ...)
+CVE-2016-1365
 	NOT-FOR-US: Cisco
-CVE-2016-1364 (Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) ...)
+CVE-2016-1364
 	NOT-FOR-US: Cisco
-CVE-2016-1363 (Buffer overflow in the redirection functionality in Cisco Wireless LAN ...)
+CVE-2016-1363
 	NOT-FOR-US: Cisco
-CVE-2016-1362 (Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless ...)
+CVE-2016-1362
 	NOT-FOR-US: Cisco
-CVE-2016-1361 (Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 ...)
+CVE-2016-1361
 	NOT-FOR-US: Cisco
-CVE-2016-1360 (Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same ...)
+CVE-2016-1360
 	NOT-FOR-US: Cisco
-CVE-2016-1359 (Cisco Prime Infrastructure 3.0 allows remote authenticated users to ...)
+CVE-2016-1359
 	NOT-FOR-US: Cisco
-CVE-2016-1358 (Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote ...)
+CVE-2016-1358
 	NOT-FOR-US: Cisco
-CVE-2016-1357 (The password-management administration component in Cisco Policy Suite ...)
+CVE-2016-1357
 	NOT-FOR-US: Cisco
-CVE-2016-1356 (Cisco FireSIGHT System Software 6.1.0 does not use a constant-time ...)
+CVE-2016-1356
 	NOT-FOR-US: Cisco
-CVE-2016-1355 (Cross-site scripting (XSS) vulnerability in the Device Management UI ...)
+CVE-2016-1355
 	NOT-FOR-US: Cisco
-CVE-2016-1354 (Cross-site scripting (XSS) vulnerability in Cisco Unified ...)
+CVE-2016-1354
 	NOT-FOR-US: Cisco
-CVE-2016-1353 (The TCP implementation in Cisco Videoscape Distribution Suite for ...)
+CVE-2016-1353
 	NOT-FOR-US: Cisco Videoscape Distribution Suite
-CVE-2016-1352 (Cisco Unified Computing System (UCS) Central Software 1.3(1b) and ...)
+CVE-2016-1352
 	NOT-FOR-US: Cisco
-CVE-2016-1351 (The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS ...)
+CVE-2016-1351
 	NOT-FOR-US: Cisco
-CVE-2016-1350 (Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco ...)
+CVE-2016-1350
 	NOT-FOR-US: Cisco
-CVE-2016-1349 (The Smart Install client implementation in Cisco IOS 12.2, 15.0, and ...)
+CVE-2016-1349
 	NOT-FOR-US: Cisco
-CVE-2016-1348 (Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote ...)
+CVE-2016-1348
 	NOT-FOR-US: Cisco
-CVE-2016-1347 (The Wide Area Application Services (WAAS) Express implementation in ...)
+CVE-2016-1347
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1346 (The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on ...)
+CVE-2016-1346
 	NOT-FOR-US: Cisco
-CVE-2016-1345 (Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with ...)
+CVE-2016-1345
 	NOT-FOR-US: Cisco Firepower
-CVE-2016-1344 (The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 ...)
+CVE-2016-1344
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1343 (The XML parser in Cisco Information Server (CIS) 6.2 allows remote ...)
+CVE-2016-1343
 	NOT-FOR-US: Cisco
-CVE-2016-1342 (The device login page in Cisco FirePOWER Management Center 5.3 through ...)
+CVE-2016-1342
 	NOT-FOR-US: Cisco
-CVE-2016-1341 (Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 ...)
+CVE-2016-1341
 	NOT-FOR-US: Cisco
-CVE-2016-1340 (Heap-based buffer overflow in Cisco Unified Computing System (UCS) ...)
+CVE-2016-1340
 	NOT-FOR-US: Cisco
-CVE-2016-1339 (Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, ...)
+CVE-2016-1339
 	NOT-FOR-US: Cisco
-CVE-2016-1338 (Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 ...)
+CVE-2016-1338
 	NOT-FOR-US: Cisco
-CVE-2016-1337 (Cisco EPC3928 devices allow remote attackers to obtain sensitive ...)
+CVE-2016-1337
 	NOT-FOR-US: Cisco
-CVE-2016-1336 (goform/Docsis_system on Cisco EPC3928 devices allows remote attackers ...)
+CVE-2016-1336
 	NOT-FOR-US: Cisco
-CVE-2016-1335 (The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x ...)
+CVE-2016-1335
 	NOT-FOR-US: Cisco StarOS
-CVE-2016-1334 (Cisco Small Business 500 Wireless Access Point devices with firmware ...)
+CVE-2016-1334
 	NOT-FOR-US: Cisco
-CVE-2016-1333 (Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers ...)
+CVE-2016-1333
 	NOT-FOR-US: Cisco IOS
 CVE-2016-1332
 	REJECTED
-CVE-2016-1331 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency ...)
+CVE-2016-1331
 	NOT-FOR-US: Cisco Emergency Responder
-CVE-2016-1330 (Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote ...)
+CVE-2016-1330
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1329 (Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and ...)
+CVE-2016-1329
 	NOT-FOR-US: Cisco Nexus
-CVE-2016-1328 (goform/WClientMACList on Cisco EPC3928 devices allows remote attackers ...)
+CVE-2016-1328
 	NOT-FOR-US: Cisco
-CVE-2016-1327 (Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices ...)
+CVE-2016-1327
 	NOT-FOR-US: Cisco
-CVE-2016-1326 (The administration interface on Cisco DPQ3925 devices with firmware r1 ...)
+CVE-2016-1326
 	NOT-FOR-US: Cisco
-CVE-2016-1325 (The administration interface on Cisco DPC3939B and DPC3941 devices ...)
+CVE-2016-1325
 	NOT-FOR-US: Cisco
-CVE-2016-1324 (The REST interface in Cisco Spark 2015-06 allows remote attackers to ...)
+CVE-2016-1324
 	NOT-FOR-US: Cisco Spark
-CVE-2016-1323 (The REST interface in Cisco Spark 2015-06 allows remote authenticated ...)
+CVE-2016-1323
 	NOT-FOR-US: Cisco Spark
-CVE-2016-1322 (The REST interface in Cisco Spark 2015-07-04 allows remote attackers ...)
+CVE-2016-1322
 	NOT-FOR-US: Cisco Spark
-CVE-2016-1321 (Cisco Universal Small Cell devices with firmware R2.12 through R3.5 ...)
+CVE-2016-1321
 	NOT-FOR-US: Cisco
-CVE-2016-1320 (The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users ...)
+CVE-2016-1320
 	NOT-FOR-US: Cisco
-CVE-2016-1319 (Cisco Unified Communications Manager (aka CallManager) ...)
+CVE-2016-1319
 	NOT-FOR-US: Cisco
-CVE-2016-1318 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy ...)
+CVE-2016-1318
 	NOT-FOR-US: Cisco
-CVE-2016-1317 (Cisco Unified Communications Manager 11.5(0.98000.480) allows remote ...)
+CVE-2016-1317
 	NOT-FOR-US: Cisco
-CVE-2016-1316 (Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, ...)
+CVE-2016-1316
 	NOT-FOR-US: Cisco
-CVE-2016-1315 (The proxy engine in Cisco Advanced Malware Protection (AMP), when used ...)
+CVE-2016-1315
 	NOT-FOR-US: Cisco
-CVE-2016-1314 (Cross-site scripting (XSS) vulnerability in Cisco Unified ...)
+CVE-2016-1314
 	NOT-FOR-US: Cisco
-CVE-2016-1313 (Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta ...)
+CVE-2016-1313
 	NOT-FOR-US: Cisco
-CVE-2016-1312 (The HTTPS inspection engine in the Content Security and Control ...)
+CVE-2016-1312
 	NOT-FOR-US: Cisco
-CVE-2016-1311 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+CVE-2016-1311
 	NOT-FOR-US: Cisco
-CVE-2016-1310 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection ...)
+CVE-2016-1310
 	NOT-FOR-US: Cisco
-CVE-2016-1309 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx ...)
+CVE-2016-1309
 	NOT-FOR-US: Cisco
-CVE-2016-1308 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+CVE-2016-1308
 	NOT-FOR-US: Cisco
-CVE-2016-1307 (The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and ...)
+CVE-2016-1307
 	NOT-FOR-US: Cisco
-CVE-2016-1306 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog ...)
+CVE-2016-1306
 	NOT-FOR-US: Cisco
-CVE-2016-1305 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy ...)
+CVE-2016-1305
 	NOT-FOR-US: Cisco
-CVE-2016-1304 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection ...)
+CVE-2016-1304
 	NOT-FOR-US: Cisco
-CVE-2016-1303 (The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote ...)
+CVE-2016-1303
 	NOT-FOR-US: Cisco
-CVE-2016-1302 (Cisco Application Policy Infrastructure Controller (APIC) devices with ...)
+CVE-2016-1302
 	NOT-FOR-US: Cisco
-CVE-2016-1301 (The RBAC implementation in Cisco ASA-CX Content-Aware Security ...)
+CVE-2016-1301
 	NOT-FOR-US: Cisco
-CVE-2016-1300 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection ...)
+CVE-2016-1300
 	NOT-FOR-US: Cisco
-CVE-2016-1299 (The web-management GUI implementation on Cisco Small Business SG300 ...)
+CVE-2016-1299
 	NOT-FOR-US: Cisco
-CVE-2016-1298 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
+CVE-2016-1298
 	NOT-FOR-US: Cisco
-CVE-2016-1297 (The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 ...)
+CVE-2016-1297
 	NOT-FOR-US: Cisco
-CVE-2016-1296 (The proxy engine on Cisco Web Security Appliance (WSA) devices with ...)
+CVE-2016-1296
 	NOT-FOR-US: Cisco
-CVE-2016-1295 (Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote ...)
+CVE-2016-1295
 	NOT-FOR-US: Cisco
-CVE-2016-1294 (Cross-site scripting (XSS) vulnerability in the Management Center in ...)
+CVE-2016-1294
 	NOT-FOR-US: Cisco
-CVE-2016-1293 (Multiple cross-site scripting (XSS) vulnerabilities in the Management ...)
+CVE-2016-1293
 	NOT-FOR-US: Cisco
 CVE-2016-1292
 	RESERVED
-CVE-2016-1291 (Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved ...)
+CVE-2016-1291
 	NOT-FOR-US: Cisco
-CVE-2016-1290 (The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and ...)
+CVE-2016-1290
 	NOT-FOR-US: Cisco
-CVE-2016-1289 (The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved ...)
+CVE-2016-1289
 	NOT-FOR-US: Cisco Prime
-CVE-2016-1288 (The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x ...)
+CVE-2016-1288
 	NOT-FOR-US: Cisco Web Security Appliance
-CVE-2016-1287 (Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA ...)
+CVE-2016-1287
 	NOT-FOR-US: Cisco ASA
-CVE-2016-1286 (named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 ...)
+CVE-2016-1286
 	{DSA-3511-1}
 	- bind9 1:9.10.3.dfsg.P4-6
 	NOTE: https://kb.isc.org/article/AA-01353
-CVE-2016-1285 (named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does ...)
+CVE-2016-1285
 	{DSA-3511-1}
 	- bind9 1:9.10.3.dfsg.P4-6
 	NOTE: https://kb.isc.org/article/AA-01352
-CVE-2016-1284 (rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before ...)
+CVE-2016-1284
 	- bind9 <not-affected> (Only Supported Preview Edition/Subscription Edition)
 	NOTE: https://kb.isc.org/article/AA-01348
-CVE-2016-1505 (The filesystem storage backend in Radicale before 1.1 on Windows ...)
+CVE-2016-1505
 	- radicale <not-affected> (Only an issue on MS Windows)
-CVE-2016-1494 (The verify function in the RSA package for Python (Python-RSA) before ...)
+CVE-2016-1494
 	- python-rsa 3.2.3-1.1 (bug #809980)
 	[jessie] - python-rsa 3.1.4-1+deb8u1
 	NOTE: proposed fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
 	NOTE: https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
 CVE-2016-1282
 	RESERVED
-CVE-2016-1281 (Untrusted search path vulnerability in the installer for TrueCrypt 7.2 ...)
+CVE-2016-1281
 	NOT-FOR-US: Truecrypt
-CVE-2016-1283 (The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles ...)
+CVE-2016-1283
 	- pcre3 2:8.38-3.1 (bug #809706)
 	[jessie] - pcre3 2:8.35-3.3+deb8u3
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -28910,77 +28910,77 @@ CVE-2016-1283 (The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishand
 	- pcre2 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1767
 	NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1636
-CVE-2016-1280 (PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before ...)
+CVE-2016-1280
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1279 (J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 ...)
+CVE-2016-1279
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1278 (Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to ...)
+CVE-2016-1278
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1277 (Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, ...)
+CVE-2016-1277
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1276 (Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, ...)
+CVE-2016-1276
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1275 (Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 ...)
+CVE-2016-1275
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1274 (Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches ...)
+CVE-2016-1274
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1273 (Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x ...)
+CVE-2016-1273
 	NOT-FOR-US: Juniper Junos OS
 CVE-2016-1272
 	RESERVED
-CVE-2016-1271 (Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 ...)
+CVE-2016-1271
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1270 (The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before ...)
+CVE-2016-1270
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1269 (Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D40, ...)
+CVE-2016-1269
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1268 (The administrative web services interface in Juniper ScreenOS before ...)
+CVE-2016-1268
 	NOT-FOR-US: Juniper ScreenOS
-CVE-2016-1267 (Race condition in the RPC functionality in Juniper Junos OS before ...)
+CVE-2016-1267
 	NOT-FOR-US: Juniper Junos OS
 CVE-2016-1266
 	RESERVED
-CVE-2016-1265 (A remote unauthenticated network based attacker with access to Junos ...)
+CVE-2016-1265
 	NOT-FOR-US: Juniper
-CVE-2016-1264 (Race condition in the Op command in Juniper Junos OS before ...)
+CVE-2016-1264
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1263 (Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before ...)
+CVE-2016-1263
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1262 (Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, ...)
+CVE-2016-1262
 	NOT-FOR-US: Juniper
-CVE-2016-1261 (J-Web does not validate certain input that may lead to cross-site ...)
+CVE-2016-1261
 	NOT-FOR-US: Juniper
-CVE-2016-1260 (Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and ...)
+CVE-2016-1260
 	NOT-FOR-US: Juniper
 CVE-2016-1259
 	RESERVED
-CVE-2016-1258 (Embedthis Appweb, as used in J-Web in Juniper Junos OS before ...)
+CVE-2016-1258
 	NOT-FOR-US: Juniper
-CVE-2016-1257 (The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 ...)
+CVE-2016-1257
 	NOT-FOR-US: Juniper
-CVE-2016-1256 (Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, ...)
+CVE-2016-1256
 	NOT-FOR-US: Juniper
-CVE-2016-1255 (The pg_ctlcluster script in postgresql-common package in Debian wheezy ...)
+CVE-2016-1255
 	{DLA-774-1}
 	- postgresql-common 178
 	[jessie] - postgresql-common 165+deb8u2
 	NOTE: Fix: https://anonscm.debian.org/cgit/pkg-postgresql/postgresql-common.git/commit/?id=c8989206ec360f199400c74f129f7b4cb878c1ee
 	NOTE: Testsuite update: https://anonscm.debian.org/cgit/pkg-postgresql/postgresql-common.git/commit/?id=30f0e4200cfc358b4536bf5d1f6c48abb779d438
-CVE-2016-1254 (Tor before 0.2.8.12 might allow remote attackers to cause a denial of ...)
+CVE-2016-1254
 	{DSA-3741-1 DLA-754-1}
 	- tor 0.2.9.8-2 (bug #848847)
 	NOTE: https://blog.torproject.org/blog/tor-02812-released
 	NOTE: https://trac.torproject.org/projects/tor/ticket/21018
-CVE-2016-1253 (The most package in Debian wheezy before 5.0.0a-2.2, in Debian jessie ...)
+CVE-2016-1253
 	{DLA-745-1}
 	- most 5.0.0a-3 (bug #848132)
 	[jessie] - most 5.0.0a-2.3+deb8u1
-CVE-2016-1252 (The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable ...)
+CVE-2016-1252
 	{DSA-3733-1}
 	- apt 1.4~beta2
 	[wheezy] - apt <not-affected> (Issue introduced in apt >= 0.9.8)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1647467
-CVE-2016-1251 (There is a vulnerability of type use-after-free affecting DBD::mysql ...)
+CVE-2016-1251
 	- libdbd-mysql-perl 4.041-1
 	[jessie] - libdbd-mysql-perl <no-dsa> (Minor issue)
 	[wheezy] - libdbd-mysql-perl <no-dsa> (Minor issue)
@@ -28988,47 +28988,47 @@ CVE-2016-1251 (There is a vulnerability of type use-after-free affecting DBD::my
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1 (4.041)
 CVE-2016-1250
 	REJECTED
-CVE-2016-1249 (The DBD::mysql module before 4.039 for Perl, when using server-side ...)
+CVE-2016-1249
 	- libdbd-mysql-perl 4.039-1 (bug #844475)
 	[jessie] - libdbd-mysql-perl <no-dsa> (Minor issue)
 	[wheezy] - libdbd-mysql-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/793b72b1a0baa5070adacaac0e12fd995a6fbabe (4.039)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/16/1
-CVE-2016-1248 (vim before patch 8.0.0056 does not properly validate values for the ...)
+CVE-2016-1248
 	{DSA-3722-1 DLA-718-1}
 	- vim 2:8.0.0095-1
 	- neovim 0.1.6-4
 	NOTE: Fixed by: https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a
 	NOTE: Fixed by (neovim): https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040
-CVE-2016-1247 (The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx ...)
+CVE-2016-1247
 	{DSA-3701-1}
 	- nginx 1.10.2-1 (bug #842295)
 	[wheezy] - nginx <not-affected> (Introduced by the fix for CVE-2013-0337, not applied)
 	NOTE: Issue introduced with the Debian specific fix for CVE-2013-0337 / #701112
 	NOTE: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
-CVE-2016-1246 (Buffer overflow in the DBD::mysql module before 4.037 for Perl allows ...)
+CVE-2016-1246
 	{DSA-3684-1 DLA-656-1}
 	- libdbd-mysql-perl 4.037-1 (low)
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2 (4.037)
-CVE-2016-1245 (It was discovered that the zebra daemon in Quagga before 1.0.20161017 ...)
+CVE-2016-1245
 	{DSA-3695-1 DLA-662-1}
 	- quagga 1.0.20160315-3 (bug #841162)
 	NOTE: Fixed by: https://github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546
 	NOTE: https://lists.quagga.net/pipermail/quagga-users/2016-October/014478.html
-CVE-2016-1244 (The extractTree function in unADF allows remote attackers to execute ...)
+CVE-2016-1244
 	{DSA-3676-1 DLA-631-1}
 	- unadf 0.7.11a-4 (bug #838248)
-CVE-2016-1243 (Stack-based buffer overflow in the extractTree function in unADF ...)
+CVE-2016-1243
 	{DSA-3676-1 DLA-631-1}
 	- unadf 0.7.11a-4 (bug #838248)
-CVE-2016-1242 (file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before ...)
+CVE-2016-1242
 	{DSA-3656-1 DLA-607-1}
 	- tryton-server 4.0.4-1
-CVE-2016-1241 (Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, ...)
+CVE-2016-1241
 	{DSA-3656-1}
 	- tryton-server 4.0.4-1
 	[wheezy] - tryton-server <not-affected> (password_hash field introduced in 3.2 series)
-CVE-2016-1240 (The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 ...)
+CVE-2016-1240
 	{DSA-3670-1 DSA-3669-1 DLA-623-1 DLA-622-1}
 	- tomcat8 8.0.36-3
 	- tomcat7 7.0.70-3
@@ -29039,7 +29039,7 @@ CVE-2016-1239 [loads arbitrary code from the current untrusted directory]
 	- duck 0.10
 	[jessie] - duck 0.7+deb8u1
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/duck.git/commit/?id=b43b5bbf07973c54b8f1c581a941f4facc97177a (0.10)
-CVE-2016-1238 ((1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) ...)
+CVE-2016-1238
 	{DSA-3628-1 DLA-1578-1 DLA-584-1 DLA-565-1}
 	- perl 5.22.2-3
 	- libsys-syslog-perl <removed>
@@ -29048,139 +29048,139 @@ CVE-2016-1238 ((1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff,
 	NOTE: Although more modules and scripts are affected by similar issue and mentioned
 	NOTE: in the DSA/DLA, the CVE is for src:perl (and libsys-syslog-perl beeing dual-lived)
 	NOTE: and thus not adding more source packages here.
-CVE-2016-1237 (nfsd in the Linux kernel through 4.6.3 allows local users to bypass ...)
+CVE-2016-1237
 	{DSA-3607-1}
 	- linux 4.6.2-2
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://git.kernel.org/linus/4ac7249ea5a0ceef9f8269f63f33cc873c3fac61 (v3.14-rc1)
 	NOTE: Prerequisite: https://git.kernel.org/linus/485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f
 	NOTE: Fixed by: https://git.kernel.org/linus/999653786df6954a31044528ac3f7a5dadca08f4
-CVE-2016-1236 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+CVE-2016-1236
 	{DSA-3572-1 DLA-462-1}
 	- websvn <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/22
-CVE-2016-1235 (The oarsh script in OAR before 2.5.7 allows remote authenticated users ...)
+CVE-2016-1235
 	{DSA-3543-1}
 	- oar 2.5.7-1 (bug #819952)
 	NOTE: https://raw.githubusercontent.com/oar-team/oar/ce77ffed620fdce94881c9b35064507777c24a1c/debian/patches/004-fix-oarsh-security-issue
-CVE-2016-1234 (Stack-based buffer overflow in the glob implementation in GNU C ...)
+CVE-2016-1234
 	{DLA-494-1}
 	- glibc 2.22-8
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue, can be fixed in a point update)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19779
-CVE-2016-1233 (An unspecified udev rule in the Debian fuse package in jessie before ...)
+CVE-2016-1233
 	{DSA-3451-1}
 	- fuse 2.9.5-1
 	[wheezy] - fuse <not-affected> (Problematic permissions via udev rule not set)
 	[squeeze] - fuse <not-affected> (Problematic permissions via udev rule not set)
-CVE-2016-1232 (The mod_dialback module in Prosody before 0.9.9 does not properly ...)
+CVE-2016-1232
 	{DSA-3439-1 DLA-391-1}
 	- prosody 0.9.9-1
 	NOTE: https://prosody.im/security/advisory_20160108-2/
-CVE-2016-1231 (Directory traversal vulnerability in the HTTP file-serving module ...)
+CVE-2016-1231
 	{DSA-3439-1}
 	- prosody 0.9.9-1
 	[squeeze] - prosody <not-affected> (Vulnerable code not present)
 	NOTE: https://prosody.im/security/advisory_20160108-1/
-CVE-2016-1230 (Cross-site scripting (XSS) vulnerability in NTT PC Communications ...)
+CVE-2016-1230
 	NOT-FOR-US: NTT
-CVE-2016-1229 (Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 ...)
+CVE-2016-1229
 	NOT-FOR-US: HumHub
-CVE-2016-1228 (Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari ...)
+CVE-2016-1228
 	NOT-FOR-US: NTT
-CVE-2016-1227 (NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and ...)
+CVE-2016-1227
 	NOT-FOR-US: NTT
-CVE-2016-1226 (Cross-site scripting (XSS) vulnerability in Trend Micro Internet ...)
+CVE-2016-1226
 	NOT-FOR-US: Trend Micro
-CVE-2016-1225 (Trend Micro Internet Security 8 and 10 allows remote attackers to read ...)
+CVE-2016-1225
 	NOT-FOR-US: Trend Micro
-CVE-2016-1224 (CRLF injection vulnerability in Trend Micro Worry-Free Business ...)
+CVE-2016-1224
 	NOT-FOR-US: Trend Micro
-CVE-2016-1223 (Directory traversal vulnerability in Trend Micro Office Scan 11.0, ...)
+CVE-2016-1223
 	NOT-FOR-US: Trend Micro
-CVE-2016-1222 (Cross-site scripting (XSS) vulnerability in Kobe Beauty ...)
+CVE-2016-1222
 	NOT-FOR-US: Kobe Beauty
-CVE-2016-1221 (Jetstar App for iOS before 3.0.0 does not verify X.509 certificates ...)
+CVE-2016-1221
 	NOT-FOR-US: Jetstar App
-CVE-2016-1220 (Cybozu Garoon before 4.2.2 does not properly restrict access. ...)
+CVE-2016-1220
 	NOT-FOR-US: Cybozu
-CVE-2016-1219 (Cybozu Garoon before 4.2.2 allows remote attackers to bypass login ...)
+CVE-2016-1219
 	NOT-FOR-US: Cybozu
-CVE-2016-1218 (SQL injection vulnerability in Cybozu Garoon before 4.2.2. ...)
+CVE-2016-1218
 	NOT-FOR-US: Cybozu
-CVE-2016-1217 (Cross-site scripting (XSS) vulnerability in the &quot;Check available ...)
+CVE-2016-1217
 	NOT-FOR-US: Cybozu
-CVE-2016-1216 (Cross-site scripting (XSS) vulnerability in the &quot;New appointment&quot; ...)
+CVE-2016-1216
 	NOT-FOR-US: Cybozu
-CVE-2016-1215 (Cross-site scripting (XSS) vulnerability in the &quot;User details&quot; ...)
+CVE-2016-1215
 	NOT-FOR-US: Cybozu
-CVE-2016-1214 (Cross-site scripting (XSS) vulnerability in the &quot;Response request&quot; ...)
+CVE-2016-1214
 	NOT-FOR-US: Cybozu
-CVE-2016-1213 (The &quot;Scheduler&quot; function in Cybozu Garoon before 4.2.2 allows remote ...)
+CVE-2016-1213
 	NOT-FOR-US: Cybozu
-CVE-2016-1212 (Directory traversal vulnerability in futomi MP Form Mail CGI ...)
+CVE-2016-1212
 	NOT-FOR-US: futomi MP Form Mail CGI Professional Edition
-CVE-2016-1211 (Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List ...)
+CVE-2016-1211
 	NOT-FOR-US: Epoch Web Mailing List
-CVE-2016-1210 (The 105 BANK app 1.0 and 1.1 for Android and 1.0 for iOS does not ...)
+CVE-2016-1210
 	NOT-FOR-US: 105 BANK app
-CVE-2016-1209 (The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote ...)
+CVE-2016-1209
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-1208 (The server in Apple FileMaker before 14.0.4 on OS X allows remote ...)
+CVE-2016-1208
 	NOT-FOR-US: Apple FileMaker
-CVE-2016-1207 (Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R ...)
+CVE-2016-1207
 	NOT-FOR-US: I-O DATA
-CVE-2016-1206 (The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, ...)
+CVE-2016-1206
 	NOT-FOR-US: I-O DATA
-CVE-2016-1205 (Cross-site scripting (XSS) vulnerability in the shiro8 (1) ...)
+CVE-2016-1205
 	NOT-FOR-US: EC-CUBE plugin
 CVE-2016-1204
 	RESERVED
 CVE-2016-1203
 	RESERVED
-CVE-2016-1202 (Untrusted search path vulnerability in Atom Electron before 0.33.5 ...)
+CVE-2016-1202
 	NOT-FOR-US: Atom Electron
-CVE-2016-1201 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE ...)
+CVE-2016-1201
 	NOT-FOR-US: LOCKON
-CVE-2016-1200 (The management screen in LOCKON EC-CUBE 3.0.7 through 3.0.9 allows ...)
+CVE-2016-1200
 	NOT-FOR-US: LOCKON
-CVE-2016-1199 (The login page in the management screen in LOCKON EC-CUBE 3.0.0 ...)
+CVE-2016-1199
 	NOT-FOR-US: LOCKON
-CVE-2016-1198 (Photopt for Android before 2.0.1 does not verify SSL certificates. ...)
+CVE-2016-1198
 	NOT-FOR-US: Photopt for Android
-CVE-2016-1197 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before ...)
+CVE-2016-1197
 	NOT-FOR-US: Cybozu
-CVE-2016-1196 (Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated ...)
+CVE-2016-1196
 	NOT-FOR-US: Cybozu
-CVE-2016-1195 (Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 ...)
+CVE-2016-1195
 	NOT-FOR-US: Cybozu
-CVE-2016-1194 (Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial ...)
+CVE-2016-1194
 	NOT-FOR-US: Cybozu
-CVE-2016-1193 (Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain ...)
+CVE-2016-1193
 	NOT-FOR-US: Cybozu
-CVE-2016-1192 (Directory traversal vulnerability in the logging implementation in ...)
+CVE-2016-1192
 	NOT-FOR-US: Cybozu
-CVE-2016-1191 (Directory traversal vulnerability in the Files function in Cybozu ...)
+CVE-2016-1191
 	NOT-FOR-US: Cybozu
-CVE-2016-1190 (Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to ...)
+CVE-2016-1190
 	NOT-FOR-US: Cybozu
-CVE-2016-1189 (Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated ...)
+CVE-2016-1189
 	NOT-FOR-US: Cybozu
-CVE-2016-1188 (Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated ...)
+CVE-2016-1188
 	NOT-FOR-US: Cybozu
-CVE-2016-1187 (Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 ...)
+CVE-2016-1187
 	NOT-FOR-US: Cybozu
-CVE-2016-1186 (Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL ...)
+CVE-2016-1186
 	NOT-FOR-US: Kintone mobile for Android
-CVE-2016-1185 (The Cybozu kintone mobile application 1.x before 1.0.6 for Android ...)
+CVE-2016-1185
 	NOT-FOR-US: Cybozu
-CVE-2016-1184 (Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for ...)
+CVE-2016-1184
 	NOT-FOR-US: Tokyo Star bank App for Android
-CVE-2016-1183 (NTT Data TERASOLUNA Server Framework for Java(WEB) 2.0.0.1 through ...)
+CVE-2016-1183
 	NOT-FOR-US: NTT
-CVE-2016-1182 (ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not ...)
+CVE-2016-1182
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <no-dsa> (basically fixed in CVE-2015-0899)
 	NOTE: https://jvn.jp/en/jp/JVN65044642/
@@ -29189,7 +29189,7 @@ CVE-2016-1182 (ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not
 	NOTE: condition two can be fixed by the following patch:
 	NOTE: https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
 	NOTE: but as this completely deactivates multipart requests, this should not be generally applied
-CVE-2016-1181 (ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles ...)
+CVE-2016-1181
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <no-dsa> (basically fixed in CVE-2015-0899)
 	NOTE: https://jvn.jp/en/jp/JVN03188560/
@@ -29198,33 +29198,33 @@ CVE-2016-1181 (ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandl
 	NOTE: condition two can be fixed by the following patch:
 	NOTE: https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
 	NOTE: but as this completely deactivates multipart requests, this should not be generally applied
-CVE-2016-1180 (Cross-site scripting (XSS) vulnerability in the Cyber-Will ...)
+CVE-2016-1180
 	NOT-FOR-US: Cyber-Will Social-button Premium plugin
-CVE-2016-1179 (Cross-site scripting (XSS) vulnerability in the standard template of ...)
+CVE-2016-1179
 	NOT-FOR-US: appleple a-blog cms
-CVE-2016-1178 (The session management of the comment functionality in appleple a-blog ...)
+CVE-2016-1178
 	NOT-FOR-US: appleple a-blog cms
-CVE-2016-1177 (The management screen in Falcon WisePoint 4.3.1 and earlier and ...)
+CVE-2016-1177
 	NOT-FOR-US: Falcon WisePoint
-CVE-2016-1176 (Buffer overflow in the ActiveX control in Sharp EVA Animeter allows ...)
+CVE-2016-1176
 	NOT-FOR-US: Sharp EVA Animeter
-CVE-2016-1175 (Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player ...)
+CVE-2016-1175
 	NOT-FOR-US: AQUOS Photo Player
-CVE-2016-1174 (Cross-site request forgery (CSRF) vulnerability in the Menubook plugin ...)
+CVE-2016-1174
 	NOT-FOR-US: baserCMS
-CVE-2016-1173 (Cross-site scripting (XSS) vulnerability in the Menubook plugin before ...)
+CVE-2016-1173
 	NOT-FOR-US: baserCMS
-CVE-2016-1172 (Cross-site request forgery (CSRF) vulnerability in the Recruit plugin ...)
+CVE-2016-1172
 	NOT-FOR-US: baserCMS
-CVE-2016-1171 (Cross-site scripting (XSS) vulnerability in the Recruit plugin before ...)
+CVE-2016-1171
 	NOT-FOR-US: baserCMS
-CVE-2016-1170 (Cross-site request forgery (CSRF) vulnerability in the Casebook plugin ...)
+CVE-2016-1170
 	NOT-FOR-US: baserCMS
-CVE-2016-1169 (Cross-site scripting (XSS) vulnerability in the Casebook plugin before ...)
+CVE-2016-1169
 	NOT-FOR-US: baserCMS
-CVE-2016-1168 (Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP ...)
+CVE-2016-1168
 	NOT-FOR-US: NEC
-CVE-2016-1167 (Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP ...)
+CVE-2016-1167
 	NOT-FOR-US: NEC
 CVE-2016-1166
 	REJECTED
@@ -29236,472 +29236,472 @@ CVE-2016-1163
 	REJECTED
 CVE-2016-1162
 	REJECTED
-CVE-2016-1161 (Cross-site request forgery (CSRF) vulnerability in ManageEngine ...)
+CVE-2016-1161
 	NOT-FOR-US: ManageEngine Password Manager Pro
-CVE-2016-1160 (Cross-site scripting (XSS) vulnerability in the WP Favorite Posts ...)
+CVE-2016-1160
 	NOT-FOR-US: WP Favorite Posts plugin for WordPress
 CVE-2016-1159
 	RESERVED
-CVE-2016-1158 (Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH ...)
+CVE-2016-1158
 	NOT-FOR-US: Corega
-CVE-2016-1157 (Cross-site scripting (XSS) vulnerability in log_chat.cgi in Script* ...)
+CVE-2016-1157
 	NOT-FOR-US: Log-Chat
-CVE-2016-1156 (LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X ...)
+CVE-2016-1156
 	NOT-FOR-US: LINE
-CVE-2016-1155 (HTTP header injection vulnerability in the URLConnection class in ...)
+CVE-2016-1155
 	NOT-FOR-US: Android
-CVE-2016-1154 (SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in ...)
+CVE-2016-1154
 	NOT-FOR-US: Cuore EC-CUBE
-CVE-2016-1153 (customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote ...)
+CVE-2016-1153
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1152 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users ...)
+CVE-2016-1152
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1151 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu ...)
+CVE-2016-1151
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1150 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 ...)
+CVE-2016-1150
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1149 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 ...)
+CVE-2016-1149
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1148 (Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL ...)
+CVE-2016-1148
 	NOT-FOR-US: Akerun
 CVE-2016-1147
 	REJECTED
 CVE-2016-1146
 	REJECTED
-CVE-2016-1145 (Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER ...)
+CVE-2016-1145
 	NOT-FOR-US: NEC EXPRESSCLUSTER
-CVE-2016-1144 (Cross-site scripting (XSS) vulnerability in JOB-CUBE -JOB WEB SYSTEM ...)
+CVE-2016-1144
 	NOT-FOR-US: High Income
-CVE-2016-1143 (Cross-site scripting (XSS) vulnerability in main.rb in Vine MV before ...)
+CVE-2016-1143
 	NOT-FOR-US: Vine MV
-CVE-2016-1142 (Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows ...)
+CVE-2016-1142
 	NOT-FOR-US: Seeds acmailer
-CVE-2016-1141 (KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users ...)
+CVE-2016-1141
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1140 (KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct ...)
+CVE-2016-1140
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1139 (Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE ...)
+CVE-2016-1139
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1138 (CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 ...)
+CVE-2016-1138
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1137 (Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 ...)
+CVE-2016-1137
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1136 (Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE ...)
+CVE-2016-1136
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1135 (Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices ...)
+CVE-2016-1135
 	NOT-FOR-US: BUFFALO
-CVE-2016-1134 (Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 ...)
+CVE-2016-1134
 	NOT-FOR-US: BUFFALO
-CVE-2016-1133 (CRLF injection vulnerability in the on_req function in ...)
+CVE-2016-1133
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/682
 	NOTE: https://github.com/h2o/h2o/issues/684
 	NOTE: https://github.com/h2o/h2o/pull/684
-CVE-2016-1132 (Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify ...)
+CVE-2016-1132
 	NOT-FOR-US: Shoplat App
-CVE-2016-1131 (Buffer overflow in the CL_vsprintf function in Takumi Yamada DX ...)
+CVE-2016-1131
 	NOT-FOR-US: Takumi Yamada
-CVE-2016-1130 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1130
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1129 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1129
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1128 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1128
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1127 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1127
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1126 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1126
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1125 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1125
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1124 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1124
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1123 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1123
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1122 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1122
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1121 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1121
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1120 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1120
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1119
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1118 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1118
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1117 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1117
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1116 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1116
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1115 (Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 ...)
+CVE-2016-1115
 	NOT-FOR-US: Adobe
-CVE-2016-1114 (Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 ...)
+CVE-2016-1114
 	NOT-FOR-US: Adobe
-CVE-2016-1113 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
+CVE-2016-1113
 	NOT-FOR-US: Adobe
-CVE-2016-1112 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1112
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1111 (Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, ...)
+CVE-2016-1111
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1110 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1110
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1109 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1109
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1108 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1108
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1107 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1107
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1106 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1106
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1105 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1105
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1104 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1104
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1103 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1103
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1102 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1102
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1101 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1101
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1100 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1100
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1099 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1099
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1098 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1098
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1097 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1097
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1096 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+CVE-2016-1096
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1095 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1095
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1094 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1094
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1093 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1093
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1092 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1092
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1091 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1091
 	NOT-FOR-US: Adobe
-CVE-2016-1090 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1090
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1089 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1089
 	NOT-FOR-US: Adobe
-CVE-2016-1088 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1088
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1087 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1087
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1086 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1086
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1085 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1085
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1084 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1084
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1083 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1083
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1082 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1082
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1081 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1081
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1080 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1080
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1079 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1079
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1078 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1078
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1077 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1077
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1076 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1076
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1075 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1075
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1074 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1074
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1073 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1073
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1072 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1072
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1071 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1071
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1070 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1070
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1069 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1069
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1068 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1068
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1067 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1067
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1066 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1066
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1065 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1065
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1064 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1064
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1063 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1063
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1062 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1062
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1061 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1061
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1060 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1060
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1059 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1059
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1058 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1058
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1057 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1057
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1056 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1056
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1055 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1055
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1054 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1054
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1053 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1053
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1052 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1052
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1051 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1051
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1050 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1050
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1049 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1049
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1048 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1048
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1047 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1047
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1046 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1046
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1045 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1045
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1044 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1044
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1043 (Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat ...)
+CVE-2016-1043
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1042 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1042
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1041 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1041
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1040 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1040
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1039 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1039
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1038 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1038
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1037 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1037
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1036 (Cross-site scripting (XSS) vulnerability in Adobe Analytics ...)
+CVE-2016-1036
 	NOT-FOR-US: Adobe
-CVE-2016-1035 (Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which ...)
+CVE-2016-1035
 	NOT-FOR-US: Adobe
-CVE-2016-1034 (The Sync Process in the JavaScript API for Creative Cloud Libraries in ...)
+CVE-2016-1034
 	NOT-FOR-US: Adobe
-CVE-2016-1033 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1033
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1032 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1032
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1031 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 ...)
+CVE-2016-1031
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1030 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1030
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1029 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1029
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1028 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1028
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1027 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1027
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1026 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1026
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1025 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1025
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1024 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1024
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1023 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1023
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1022 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1022
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1021 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1021
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1020 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1020
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1019 (Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to ...)
+CVE-2016-1019
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1018 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 ...)
+CVE-2016-1018
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1017 (Use-after-free vulnerability in the LoadVars.decode function in Adobe ...)
+CVE-2016-1017
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1016 (Use-after-free vulnerability in the Transform object implementation in ...)
+CVE-2016-1016
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1015 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1015
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1014 (Untrusted search path vulnerability in Adobe Flash Player before ...)
+CVE-2016-1014
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1013 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 ...)
+CVE-2016-1013
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1012 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1012
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1011 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 ...)
+CVE-2016-1011
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1010 (Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x ...)
+CVE-2016-1010
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1009 (Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1009
 	NOT-FOR-US: Adobe
-CVE-2016-1008 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-1008
 	NOT-FOR-US: Adobe
-CVE-2016-1007 (Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC ...)
+CVE-2016-1007
 	NOT-FOR-US: Adobe
-CVE-2016-1006 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before ...)
+CVE-2016-1006
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1005 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-1005
 	NOT-FOR-US: Adobe Flash Player
 CVE-2016-1004
 	REJECTED
 CVE-2016-1003
 	REJECTED
-CVE-2016-1002 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-1002
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1001 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and ...)
+CVE-2016-1001
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1000 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-1000
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0999 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0999
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0998 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0998
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0997 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0997
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0996 (Use-after-free vulnerability in the setInterval method in Adobe Flash ...)
+CVE-2016-0996
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0995 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0995
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0994 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0994
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0993 (Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x ...)
+CVE-2016-0993
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0992 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-0992
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0991 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0991
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0990 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0990
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0989 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-0989
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0988 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0988
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0987 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 ...)
+CVE-2016-0987
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0986 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-0986
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0985 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0985
 	NOT-FOR-US: Adobe
-CVE-2016-0984 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
+CVE-2016-0984
 	NOT-FOR-US: Adobe
-CVE-2016-0983 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
+CVE-2016-0983
 	NOT-FOR-US: Adobe
-CVE-2016-0982 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
+CVE-2016-0982
 	NOT-FOR-US: Adobe
-CVE-2016-0981 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0981
 	NOT-FOR-US: Adobe
-CVE-2016-0980 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0980
 	NOT-FOR-US: Adobe
-CVE-2016-0979 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0979
 	NOT-FOR-US: Adobe
-CVE-2016-0978 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0978
 	NOT-FOR-US: Adobe
-CVE-2016-0977 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0977
 	NOT-FOR-US: Adobe
-CVE-2016-0976 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0976
 	NOT-FOR-US: Adobe
-CVE-2016-0975 (Use-after-free vulnerability in the instanceof function in Adobe Flash ...)
+CVE-2016-0975
 	NOT-FOR-US: Adobe
-CVE-2016-0974 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 ...)
+CVE-2016-0974
 	NOT-FOR-US: Adobe
-CVE-2016-0973 (Use-after-free vulnerability in the URLRequest object implementation ...)
+CVE-2016-0973
 	NOT-FOR-US: Adobe
-CVE-2016-0972 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0972
 	NOT-FOR-US: Adobe
-CVE-2016-0971 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and ...)
+CVE-2016-0971
 	NOT-FOR-US: Adobe
-CVE-2016-0970 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0970
 	NOT-FOR-US: Adobe
-CVE-2016-0969 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0969
 	NOT-FOR-US: Adobe
-CVE-2016-0968 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0968
 	NOT-FOR-US: Adobe
-CVE-2016-0967 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0967
 	NOT-FOR-US: Adobe
-CVE-2016-0966 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0966
 	NOT-FOR-US: Adobe
-CVE-2016-0965 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0965
 	NOT-FOR-US: Adobe
-CVE-2016-0964 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before ...)
+CVE-2016-0964
 	NOT-FOR-US: Adobe
-CVE-2016-0963 (Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x ...)
+CVE-2016-0963
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0962 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-0962
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0961 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-0961
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0960 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
+CVE-2016-0960
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0959 (Use after free vulnerability in Adobe Flash Player Desktop Runtime ...)
+CVE-2016-0959
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0958 (Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote ...)
+CVE-2016-0958
 	NOT-FOR-US: Adobe
-CVE-2016-0957 (Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and ...)
+CVE-2016-0957
 	NOT-FOR-US: Adobe
-CVE-2016-0956 (The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe ...)
+CVE-2016-0956
 	NOT-FOR-US: Apache Sling
-CVE-2016-0955 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager ...)
+CVE-2016-0955
 	NOT-FOR-US: Adobe
-CVE-2016-0954 (Adobe Digital Editions before 4.5.1 allows attackers to execute ...)
+CVE-2016-0954
 	NOT-FOR-US: Adobe
-CVE-2016-0953 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
+CVE-2016-0953
 	NOT-FOR-US: Adobe
-CVE-2016-0952 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
+CVE-2016-0952
 	NOT-FOR-US: Adobe
-CVE-2016-0951 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
+CVE-2016-0951
 	NOT-FOR-US: Adobe
-CVE-2016-0950 (Adobe Connect before 9.5.2 allows remote attackers to spoof the user ...)
+CVE-2016-0950
 	NOT-FOR-US: Adobe
-CVE-2016-0949 (Adobe Connect before 9.5.2 allows remote attackers to have an ...)
+CVE-2016-0949
 	NOT-FOR-US: Adobe
-CVE-2016-0948 (Cross-site request forgery (CSRF) vulnerability in Adobe Connect ...)
+CVE-2016-0948
 	NOT-FOR-US: Adobe
-CVE-2016-0947 (Untrusted search path vulnerability in Adobe Download Manager, as used ...)
+CVE-2016-0947
 	NOT-FOR-US: Adobe
-CVE-2016-0946 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0946
 	NOT-FOR-US: Adobe
-CVE-2016-0945 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0945
 	NOT-FOR-US: Adobe
-CVE-2016-0944 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0944
 	NOT-FOR-US: Adobe
-CVE-2016-0943 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0943
 	NOT-FOR-US: Adobe
-CVE-2016-0942 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0942
 	NOT-FOR-US: Adobe
-CVE-2016-0941 (Use-after-free vulnerability in the Search object implementation in ...)
+CVE-2016-0941
 	NOT-FOR-US: Adobe
-CVE-2016-0940 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+CVE-2016-0940
 	NOT-FOR-US: Adobe
-CVE-2016-0939 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0939
 	NOT-FOR-US: Adobe
-CVE-2016-0938 (The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, ...)
+CVE-2016-0938
 	NOT-FOR-US: Adobe
-CVE-2016-0937 (Use-after-free vulnerability in the OCG object implementation in Adobe ...)
+CVE-2016-0937
 	NOT-FOR-US: Adobe
-CVE-2016-0936 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0936
 	NOT-FOR-US: Adobe
-CVE-2016-0935 (Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, ...)
+CVE-2016-0935
 	NOT-FOR-US: Adobe
-CVE-2016-0934 (Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat ...)
+CVE-2016-0934
 	NOT-FOR-US: Adobe
-CVE-2016-0933 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0933
 	NOT-FOR-US: Adobe
-CVE-2016-0932 (Use-after-free vulnerability in the Doc object implementation in Adobe ...)
+CVE-2016-0932
 	NOT-FOR-US: Adobe
-CVE-2016-0931 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+CVE-2016-0931
 	NOT-FOR-US: Adobe
-CVE-2016-1922 (QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit ...)
+CVE-2016-1922
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-4 (bug #811201)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
@@ -29712,277 +29712,277 @@ CVE-2016-1922 (QEMU (aka Quick Emulator) built with the TPR optimization for 32-
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/16/1
 	NOTE: Possibly introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=4917cf44326a1bda2fd7f27303aff7a25ad86518 (v1.6.0-rc0)
 	NOTE: kvmapic introduced after 1.0.50 (http://git.qemu.org/?p=qemu.git;a=commit;h=e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b)
-CVE-2016-0930 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before ...)
+CVE-2016-0930
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0929 (The metrics-collection component in RabbitMQ for Pivotal Cloud Foundry ...)
+CVE-2016-0929
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0928 (Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) ...)
+CVE-2016-0928
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0927 (Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry ...)
+CVE-2016-0927
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0926 (Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal ...)
+CVE-2016-0926
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0925 (Cross-site scripting (XSS) vulnerability in the Case Management ...)
+CVE-2016-0925
 	NOT-FOR-US: EMC RSA Adaptive Authentication
 CVE-2016-0924
 	REJECTED
-CVE-2016-0923 (The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before ...)
+CVE-2016-0923
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2016-0922 (EMC ViPR SRM before 3.7.2 does not restrict the number of ...)
+CVE-2016-0922
 	NOT-FOR-US: EMC ViPR SRM
-CVE-2016-0921 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
+CVE-2016-0921
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0920 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
+CVE-2016-0920
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0919 (EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection ...)
+CVE-2016-0919
 	NOT-FOR-US: RSA Web Threat Detection
-CVE-2016-0918 (EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x ...)
+CVE-2016-0918
 	NOT-FOR-US: EMC RSA Identity Governance and Lifecycle
-CVE-2016-0917 (The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to ...)
+CVE-2016-0917
 	NOT-FOR-US: EMC VNX
-CVE-2016-0916 (EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before ...)
+CVE-2016-0916
 	NOT-FOR-US: EMC NetWorker
-CVE-2016-0915 (The Self-Service Portal in EMC RSA Authentication Manager (AM) Prime ...)
+CVE-2016-0915
 	NOT-FOR-US: EMC RSA Authentication Manager
-CVE-2016-0914 (EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, ...)
+CVE-2016-0914
 	NOT-FOR-US: EMC Documentum WebTop and WebTop Clients
-CVE-2016-0913 (The client in EMC Replication Manager (RM) before ...)
+CVE-2016-0913
 	NOT-FOR-US: EMC
-CVE-2016-0912 (EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote ...)
+CVE-2016-0912
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0911 (EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default ...)
+CVE-2016-0911
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0910 (EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 ...)
+CVE-2016-0910
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0909 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions ...)
+CVE-2016-0909
 	NOT-FOR-US: EMC
-CVE-2016-0908 (EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows ...)
+CVE-2016-0908
 	NOT-FOR-US: EMC Isilon
-CVE-2016-0907 (EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before ...)
+CVE-2016-0907
 	NOT-FOR-US: EMC Isilon
-CVE-2016-0906 (The web-restore interface in Avamar Data Store (ADS) and Avamar ...)
+CVE-2016-0906
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0905 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
+CVE-2016-0905
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0904 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
+CVE-2016-0904
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0903 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
+CVE-2016-0903
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0902 (CRLF injection vulnerability in EMC RSA Authentication Manager before ...)
+CVE-2016-0902
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2016-0901 (Cross-site scripting (XSS) vulnerability in EMC RSA Authentication ...)
+CVE-2016-0901
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2016-0900 (Cross-site scripting (XSS) vulnerability in EMC RSA Authentication ...)
+CVE-2016-0900
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2016-0899 (EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated ...)
+CVE-2016-0899
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2016-0898 (MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS ...)
+CVE-2016-0898
 	NOT-FOR-US: MySQL for PCF tiles
-CVE-2016-0897 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before ...)
+CVE-2016-0897
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0896 (Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.34 and 1.7.x ...)
+CVE-2016-0896
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0895 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers ...)
+CVE-2016-0895
 	NOT-FOR-US: EMC
-CVE-2016-0894 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote ...)
+CVE-2016-0894
 	NOT-FOR-US: EMC
-CVE-2016-0893 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote ...)
+CVE-2016-0893
 	NOT-FOR-US: EMC
-CVE-2016-0892 (Cross-site scripting (XSS) vulnerability in EMC RSA Data Loss ...)
+CVE-2016-0892
 	NOT-FOR-US: EMC
-CVE-2016-0891 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2016-0891
 	NOT-FOR-US: EMC ViPR SRM
-CVE-2016-0890 (EMC PowerPath Virtual (Management) Appliance 2.0, EMC PowerPath Virtual ...)
+CVE-2016-0890
 	NOT-FOR-US: EMC
-CVE-2016-0889 (An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual ...)
+CVE-2016-0889
 	NOT-FOR-US: EMC
-CVE-2016-0888 (EMC Documentum D2 before 4.6 lacks intended ACLs for configuration ...)
+CVE-2016-0888
 	NOT-FOR-US: EMC Documentum D2
-CVE-2016-0887 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, ...)
+CVE-2016-0887
 	NOT-FOR-US: EMC
-CVE-2016-0886 (EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows ...)
+CVE-2016-0886
 	NOT-FOR-US: EMC Documentum
 CVE-2016-0885
 	REJECTED
 CVE-2016-0884
 	REJECTED
-CVE-2016-0883 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before ...)
+CVE-2016-0883
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0882 (EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows ...)
+CVE-2016-0882
 	NOT-FOR-US: EMC Documentum
-CVE-2016-0881 (EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows ...)
+CVE-2016-0881
 	NOT-FOR-US: EMC Documentum
 CVE-2016-0880
 	REJECTED
-CVE-2016-0879 (Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies ...)
+CVE-2016-0879
 	NOT-FOR-US: Moxa
-CVE-2016-0878 (Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote ...)
+CVE-2016-0878
 	NOT-FOR-US: Moxa
-CVE-2016-0877 (Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 ...)
+CVE-2016-0877
 	NOT-FOR-US: Moxa
-CVE-2016-0876 (Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote ...)
+CVE-2016-0876
 	NOT-FOR-US: Moxa
-CVE-2016-0875 (Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote ...)
+CVE-2016-0875
 	NOT-FOR-US: Moxa
 CVE-2016-0874
 	RESERVED
 CVE-2016-0873
 	RESERVED
-CVE-2016-0872 (A Plaintext Storage of a Password issue was discovered in Kabona AB ...)
+CVE-2016-0872
 	NOT-FOR-US: Kabona AB WebDatorCentral
-CVE-2016-0871 (Eaton Lighting EG2 Web Control 4.04P and earlier allows remote ...)
+CVE-2016-0871
 	NOT-FOR-US: Eaton Lighting EG2 Web Control
-CVE-2016-0870 (The web server in Trane Tracer SC 4.2.1134 and earlier allows remote ...)
+CVE-2016-0870
 	NOT-FOR-US: Trane Tracer
-CVE-2016-0869 (Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows ...)
+CVE-2016-0869
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2016-0868 (Stack-based buffer overflow on Rockwell Automation Allen-Bradley ...)
+CVE-2016-0868
 	NOT-FOR-US: MicroLogix
-CVE-2016-0867 (CAREL PlantVisorEnhanced allows remote attackers to bypass intended ...)
+CVE-2016-0867
 	NOT-FOR-US: CAREL
-CVE-2016-0866 (Cross-site scripting (XSS) vulnerability in Tollgrade SmartGrid ...)
+CVE-2016-0866
 	NOT-FOR-US: Tollgrade
-CVE-2016-0865 (Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software ...)
+CVE-2016-0865
 	NOT-FOR-US: Tollgrade
-CVE-2016-0864 (Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software ...)
+CVE-2016-0864
 	NOT-FOR-US: Tollgrade
-CVE-2016-0863 (Cross-site request forgery (CSRF) vulnerability in Tollgrade SmartGrid ...)
+CVE-2016-0863
 	NOT-FOR-US: Tollgrade
-CVE-2016-0862 (General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter ...)
+CVE-2016-0862
 	NOT-FOR-US: General Electric devices
-CVE-2016-0861 (General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter ...)
+CVE-2016-0861
 	NOT-FOR-US: General Electric devices
-CVE-2016-0860 (Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess ...)
+CVE-2016-0860
 	NOT-FOR-US: BwpAlarm
-CVE-2016-0859 (Integer overflow in the Kernel service in Advantech WebAccess before ...)
+CVE-2016-0859
 	NOT-FOR-US: Advantech
-CVE-2016-0858 (Race condition in Advantech WebAccess before 8.1 allows remote ...)
+CVE-2016-0858
 	NOT-FOR-US: Advantech
-CVE-2016-0857 (Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 ...)
+CVE-2016-0857
 	NOT-FOR-US: Advantech
-CVE-2016-0856 (Multiple stack-based buffer overflows in Advantech WebAccess before ...)
+CVE-2016-0856
 	NOT-FOR-US: Advantech
-CVE-2016-0855 (Directory traversal vulnerability in Advantech WebAccess before 8.1 ...)
+CVE-2016-0855
 	NOT-FOR-US: Advantech
-CVE-2016-0854 (Unrestricted file upload vulnerability in the uploadImageCommon ...)
+CVE-2016-0854
 	NOT-FOR-US: Advantech
-CVE-2016-0853 (Advantech WebAccess before 8.1 allows remote attackers to obtain ...)
+CVE-2016-0853
 	NOT-FOR-US: Advantech
-CVE-2016-0852 (Advantech WebAccess before 8.1 allows remote attackers to bypass an ...)
+CVE-2016-0852
 	NOT-FOR-US: Advantech
-CVE-2016-0851 (Advantech WebAccess before 8.1 allows remote attackers to cause a ...)
+CVE-2016-0851
 	NOT-FOR-US: Advantech
-CVE-2016-0850 (The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before ...)
+CVE-2016-0850
 	NOT-FOR-US: Android
-CVE-2016-0849 (Multiple integer overflows in minzip/SysUtil.c in the Recovery ...)
+CVE-2016-0849
 	NOT-FOR-US: Android
-CVE-2016-0848 (Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x ...)
+CVE-2016-0848
 	NOT-FOR-US: Android
-CVE-2016-0847 (The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before ...)
+CVE-2016-0847
 	NOT-FOR-US: Android
-CVE-2016-0846 (libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x ...)
+CVE-2016-0846
 	NOT-FOR-US: Android
 CVE-2016-0845
 	REJECTED
-CVE-2016-0844 (The Qualcomm RF driver in Android 6.x before 2016-04-01 does not ...)
+CVE-2016-0844
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-0843 (The Qualcomm ARM processor performance-event manager in Android 4.x ...)
+CVE-2016-0843
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-0842 (The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 ...)
+CVE-2016-0842
 	NOT-FOR-US: libstagefright
-CVE-2016-0841 (media/libmedia/mediametadataretriever.cpp in mediaserver in Android ...)
+CVE-2016-0841
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0840 (Multiple stack-based buffer underflows in decoder/ih264d_parse_cavlc.c ...)
+CVE-2016-0840
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0839 (post_proc/volume_listener.c in mediaserver in Android 6.x before ...)
+CVE-2016-0839
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0838 (Sonivox in mediaserver in Android 4.x before 4.4.4, 5.0.x before ...)
+CVE-2016-0838
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0837 (MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x ...)
+CVE-2016-0837
 	NOT-FOR-US: libstagefright
-CVE-2016-0836 (Stack-based buffer overflow in decoder/impeg2d_vld.c in mediaserver in ...)
+CVE-2016-0836
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0835 (decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before ...)
+CVE-2016-0835
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0834 (An unspecified media codec in mediaserver in Android 6.x before ...)
+CVE-2016-0834
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0833 (Android allows users to cause a denial of service. ...)
+CVE-2016-0833
 	NOT-FOR-US: Android
-CVE-2016-0832 (Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 ...)
+CVE-2016-0832
 	NOT-FOR-US: Android
-CVE-2016-0831 (The getDeviceIdForPhone function in ...)
+CVE-2016-0831
 	NOT-FOR-US: Android
-CVE-2016-0830 (btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows ...)
+CVE-2016-0830
 	NOT-FOR-US: Android
-CVE-2016-0829 (The BnGraphicBufferProducer::onTransact function in ...)
+CVE-2016-0829
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0828 (The BnGraphicBufferConsumer::onTransact function in ...)
+CVE-2016-0828
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0827 (Multiple integer overflows in libeffects in mediaserver in Android 4.x ...)
+CVE-2016-0827
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0826 (libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x ...)
+CVE-2016-0826
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0825 (The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 ...)
+CVE-2016-0825
 	NOT-FOR-US: Android
-CVE-2016-0824 (libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows ...)
+CVE-2016-0824
 	NOT-FOR-US: libstagefright
-CVE-2016-0823 (The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel ...)
+CVE-2016-0823
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.7-ckt11-1
 	[wheezy] - linux 3.2.71-1
 	NOTE: Upstream patch: https://git.kernel.org/linus/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce (v4.0-rc5)
 	NOTE: https://googleprojectzero.blogspot.cz/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
-CVE-2016-0822 (The MediaTek connectivity kernel driver in Android 6.0.1 before ...)
+CVE-2016-0822
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-0821 (The LIST_POISON feature in include/linux/poison.h in the Linux kernel ...)
+CVE-2016-0821
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.3.1-1
 	NOTE: Upstream patch: https://git.kernel.org/linus/8a5e5e02fc83aaf67053ab53b359af08c6c49aaf (v4.3-rc1)
-CVE-2016-0820 (The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 ...)
+CVE-2016-0820
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-0819 (The Qualcomm performance component in Android 4.x before 4.4.4, 5.x ...)
+CVE-2016-0819
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-0818 (The caching functionality in the TrustManagerImpl class in ...)
+CVE-2016-0818
 	NOT-FOR-US: Android
 CVE-2016-0817
 	RESERVED
-CVE-2016-0816 (mediaserver in Android 6.x before 2016-03-01 allows remote attackers ...)
+CVE-2016-0816
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0815 (The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in ...)
+CVE-2016-0815
 	NOT-FOR-US: libstagefright
 CVE-2016-0814
 	RESERVED
-CVE-2016-0813 (packages/SystemUI/src/com/android/systemui/recents/AlternateRecentsComponent.java ...)
+CVE-2016-0813
 	NOT-FOR-US: Android
-CVE-2016-0812 (The interceptKeyBeforeDispatching function in ...)
+CVE-2016-0812
 	NOT-FOR-US: Android
-CVE-2016-0811 (Integer overflow in the BnCrypto::onTransact function in ...)
+CVE-2016-0811
 	NOT-FOR-US: Android
-CVE-2016-0810 (media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before ...)
+CVE-2016-0810
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0809 (Use-after-free vulnerability in the wifi_cleanup function in ...)
+CVE-2016-0809
 	NOT-FOR-US: Android
-CVE-2016-0808 (Integer overflow in the getCoverageFormat12 function in ...)
+CVE-2016-0808
 	NOT-FOR-US: Android
-CVE-2016-0807 (The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x ...)
+CVE-2016-0807
 	- android-platform-system-core 1:7.0.0+r1-1 (unimportant)
 	NOTE: debuggerd not included, see bug #858177
-CVE-2016-0806 (The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, ...)
+CVE-2016-0806
 	NOT-FOR-US: Android drivers
-CVE-2016-0805 (The performance event manager for Qualcomm ARM processors in Android ...)
+CVE-2016-0805
 	NOT-FOR-US: Android drivers
-CVE-2016-0804 (The NuPlayer::GenericSource::notifyPreparedAndCleanup function in ...)
+CVE-2016-0804
 	NOT-FOR-US: Android
-CVE-2016-0803 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before ...)
+CVE-2016-0803
 	NOT-FOR-US: libstagefright
-CVE-2016-0802 (The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, ...)
+CVE-2016-0802
 	NOT-FOR-US: Android drivers
-CVE-2016-0801 (The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, ...)
+CVE-2016-0801
 	{DLA-1573-1}
 	- firmware-nonfree 20180518-1 (bug #869639)
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
-CVE-2016-0800 (The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before ...)
+CVE-2016-0800
 	- openssl 1.0.0c-2
 	- nss 3.13
 	NOTE: openssl 1.0.0c-2 dropped SSLv2 support
@@ -29991,104 +29991,104 @@ CVE-2016-0800 (The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 be
 	NOTE: https://www.drownattack.com/
 	NOTE: GNUTLS never implemented SSLv2
 	NOTE: http://blog.cryptographyengineering.com/2016/03/attack-of-week-drown.html
-CVE-2016-0799 (The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before ...)
+CVE-2016-0799
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=a801bf263849a2ef773e5bc0c86438cbba720835
 	NOTE: https://guidovranken.wordpress.com/2016/02/27/openssl-cve-2016-0799-heap-corruption-via-bio_printf/
-CVE-2016-0798 (Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL ...)
+CVE-2016-0798
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=59a908f1e8380412a81392c468b83bf6071beb2a
-CVE-2016-0797 (Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 ...)
+CVE-2016-0797
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=99ba9fd02fd481eb971023a3a0a251a37eb87e4c
 CVE-2016-0796
 	RESERVED
-CVE-2016-0795 (LibreOffice before 5.0.5 allows remote attackers to cause a denial of ...)
+CVE-2016-0795
 	{DSA-3482-1}
 	- libreoffice 1:5.0.5~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/
-CVE-2016-0794 (The lwp filter in LibreOffice before 5.0.4 allows remote attackers to ...)
+CVE-2016-0794
 	{DSA-3482-1}
 	- libreoffice 1:5.0.5~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/
-CVE-2016-0793 (Incomplete blacklist vulnerability in the servlet filter restriction ...)
+CVE-2016-0793
 	NOT-FOR-US: WildFly / Red Hat JBoss EAP
-CVE-2016-0792 (Multiple unspecified API endpoints in Jenkins before 1.650 and LTS ...)
+CVE-2016-0792
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0791 (Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time ...)
+CVE-2016-0791
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0790 (Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time ...)
+CVE-2016-0790
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0789 (CRLF injection vulnerability in the CLI command documentation in ...)
+CVE-2016-0789
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0788 (The remoting module in Jenkins before 1.650 and LTS before 1.642.2 ...)
+CVE-2016-0788
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0787 (The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 ...)
+CVE-2016-0787
 	{DSA-3487-1 DLA-426-1}
 	- libssh2 1.5.0-2.1 (bug #815662)
 	NOTE: Upstream fix: https://github.com/libssh2/libssh2/commit/ca5222ea819cc5ed797860070b4c6c1aeeb28420
 	NOTE: Upstream patch only fixes DH SHA-256 key exchange type, not DH SHA-1
 CVE-2016-0786
 	RESERVED
-CVE-2016-0785 (Apache Struts 2.x before 2.3.28 allows remote attackers to execute ...)
+CVE-2016-0785
 	- libstruts1.2-java <not-affected> (Only 2.0.0 to 2.3.28.1)
 	NOTE: http://struts.apache.org/docs/s2-029.html
-CVE-2016-0784 (Directory traversal vulnerability in the Import/Export System Backups ...)
+CVE-2016-0784
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-0783 (The sendHashByUser function in Apache OpenMeetings before 3.1.1 ...)
+CVE-2016-0783
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-0782 (The administration web console in Apache ActiveMQ 5.x before 5.11.4, ...)
+CVE-2016-0782
 	- activemq 5.13.2+dfsg-1 (unimportant)
 	NOTE: Admin console not enabled in the Debian package, see #702670
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
-CVE-2016-0781 (The UAA OAuth approval pages in Cloud Foundry v208 to v231, ...)
+CVE-2016-0781
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0780 (It was discovered that cf-release v231 and lower, Pivotal Cloud ...)
+CVE-2016-0780
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0779 (The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x ...)
+CVE-2016-0779
 	NOT-FOR-US: Apache TomEE
-CVE-2016-0778 (The (1) roaming_read and (2) roaming_write functions in ...)
+CVE-2016-0778
 	{DSA-3446-1 DLA-387-1}
 	- openssh 1:7.1p2-1
 	NOTE: https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
-CVE-2016-0777 (The resend_bytes function in roaming_common.c in the client in OpenSSH ...)
+CVE-2016-0777
 	{DSA-3446-1 DLA-387-1}
 	- openssh 1:7.1p2-1 (bug #810984)
 	NOTE: https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
 CVE-2016-0776
 	REJECTED
-CVE-2016-0775 (Buffer overflow in the ImagingFliDecode function in ...)
+CVE-2016-0775
 	{DSA-3499-1 DLA-422-1}
 	- pillow 3.1.1-1 (bug #813909)
 	- python-imaging <removed>
 	[wheezy] - python-imaging 1.1.7-4+deb7u2
 	NOTE: https://github.com/python-pillow/Pillow/commit/bcaaf97f4ff25b3b5b9e8efeda364e17e80858ec (3.1.1)
-CVE-2016-0774 (The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a ...)
+CVE-2016-0774
 	{DLA-439-1}
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.73-2+deb7u3
 	- linux-2.6 <removed>
 	NOTE: https://rhn.redhat.com/errata/RHSA-2016-0103.html
 	NOTE: The upstream fix for 3.16 was correct, but wheezy had a incomplete backport
-CVE-2016-0773 (PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, ...)
+CVE-2016-0773
 	{DSA-3476-1 DSA-3475-1 DLA-432-1}
 	- postgresql-9.5 9.5.1-1
 	- postgresql-9.4 <unfixed>
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	NOTE: http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=3bb3f42f3749d40b8d4de65871e8d828b18d4a45
-CVE-2016-0772 (The smtplib library in CPython (aka Python) before 2.7.12, 3.x before ...)
+CVE-2016-0772
 	{DLA-1663-1 DLA-871-1 DLA-522-1}
 	- python3.5 3.5.2~rc1-1
 	- python3.4 <removed>
@@ -30097,37 +30097,37 @@ CVE-2016-0772 (The smtplib library in CPython (aka Python) before 2.7.12, 3.x be
 	[jessie] - python2.7 2.7.9-2+deb8u1
 	NOTE: 3.4 branch: https://hg.python.org/cpython/rev/d590114c2394
 	NOTE: 2.7 branch: https://hg.python.org/cpython/rev/b3ce713fb9be
-CVE-2016-0771 (The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before ...)
+CVE-2016-0771
 	{DSA-3514-1}
 	- samba 2:4.3.6+dfsg-1
 	[wheezy] - samba <not-affected> (Vulnerable code not present)
 	[squeeze] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-0771.html
-CVE-2016-0770 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2016-0770
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-0769 (Multiple SQL injection vulnerabilities in eshop-orders.php in the ...)
+CVE-2016-0769
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-0768 (PostgreSQL PL/Java after 9.0 does not honor access controls on large ...)
+CVE-2016-0768
 	- postgresql-pljava <removed>
 	[wheezy] - postgresql-pljava <no-dsa> (Minor issue on undocumented API that got later removed)
-CVE-2016-0767 (PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with ...)
+CVE-2016-0767
 	- postgresql-pljava <removed>
 	[wheezy] - postgresql-pljava <no-dsa> (Minor issue)
-CVE-2016-0766 (PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, ...)
+CVE-2016-0766
 	{DSA-3476-1 DSA-3475-1}
 	- postgresql-9.5 9.5.1
 	- postgresql-9.4 <unfixed>
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
-CVE-2016-0765 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2016-0765
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-0764 (Race condition in Network Manager before 1.0.12 as packaged in Red Hat ...)
+CVE-2016-0764
 	- network-manager 1.1.91-1 (bug #820354)
 	[jessie] - network-manager <no-dsa> (Minor issue)
 	[wheezy] - network-manager <no-dsa> (Minor issue)
 	NOTE: Upstream fix: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=60b7ed3bdc3941a3b7c56824fba4b7291e79041f (1.2-beta2)
 	NOTE: Fixed in 1.0.12 for the 1.0.x branch: https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/NEWS?h=1.0.12
-CVE-2016-0763 (The setGlobalContext method in ...)
+CVE-2016-0763
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -30135,7 +30135,7 @@ CVE-2016-0763 (The setGlobalContext method in ...)
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.68, 8.0.32, 9.0.0.M3
-CVE-2016-0762 (The Realm implementations in Apache Tomcat versions 9.0.0.M1 to ...)
+CVE-2016-0762
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842662)
@@ -30145,13 +30145,13 @@ CVE-2016-0762 (The Realm implementations in Apache Tomcat versions 9.0.0.M1 to .
 	NOTE: Fixed by: http://svn.apache.org/r1758501 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1758502 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1758506 (6.0.x)
-CVE-2016-0761 (Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic ...)
+CVE-2016-0761
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0760 (Multiple incomplete blacklist vulnerabilities in Apache Sentry before ...)
+CVE-2016-0760
 	NOT-FOR-US: Apache Hive
 CVE-2016-0759
 	REJECTED
-CVE-2016-0758 (Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 ...)
+CVE-2016-0758
 	- linux 4.5.4-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v3.10-rc1)
@@ -30159,27 +30159,27 @@ CVE-2016-0758 (Integer overflow in lib/asn1_decoder.c in the Linux kernel before
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300257
 	NOTE: Fixed by: https://git.kernel.org/linus/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa
 	NOTE: Introduced by: https://git.kernel.org/linus/42d5ec27f873c654a68f7f865dcd7737513e9508 (v3.10-rc1)
-CVE-2016-0757 (OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x ...)
+CVE-2016-0757
 	- glance 2:12.0.0-1
 	[jessie] - glance <no-dsa> (Minor issue)
 	[wheezy] - glance <no-dsa> (Minor issue)
 	NOTE: <=2015.1.2, >=11.0.0 <= 11.0.1
 	NOTE: https://bugs.launchpad.net/bugs/1525915
-CVE-2016-0756 (The generate_dialback function in the mod_dialback module in Prosody ...)
+CVE-2016-0756
 	{DSA-3463-1 DLA-407-1}
 	- prosody 0.9.10-1
 	NOTE: http://blog.prosody.im/prosody-0-9-10-released/
 	NOTE: https://prosody.im/security/advisory_20160127/
 	NOTE: Upstream fix https://github.com/bjc/prosody/commit/8708def4f55e61acdd5b2c762d420ab40da0d015
-CVE-2016-0755 (The ConnectionExists function in lib/url.c in libcurl before 7.47.0 ...)
+CVE-2016-0755
 	{DSA-3455-1}
 	- curl 7.47.0-1
 	[wheezy] - curl <no-dsa> (Too intrusive to backport)
 	NOTE: http://curl.haxx.se/docs/adv_20160127A.html
-CVE-2016-0754 (cURL before 7.47.0 on Windows allows attackers to write to arbitrary ...)
+CVE-2016-0754
 	- curl <not-affected> (Windows only)
 	NOTE: http://curl.haxx.se/docs/adv_20160127B.html
-CVE-2016-0753 (Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before ...)
+CVE-2016-0753
 	{DSA-3464-1 DLA-642-1 DLA-641-1 DLA-498-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -30191,7 +30191,7 @@ CVE-2016-0753 (Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life>
 	- ruby-activemodel-3.2 <removed>
-CVE-2016-0752 (Directory traversal vulnerability in Action View in Ruby on Rails ...)
+CVE-2016-0752
 	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -30199,7 +30199,7 @@ CVE-2016-0752 (Directory traversal vulnerability in Action View in Ruby on Rails
 	- ruby-actionpack-3.2 <removed>
 	- ruby-actionpack-2.3 <removed>
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
-CVE-2016-0751 (actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in ...)
+CVE-2016-0751
 	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -30207,22 +30207,22 @@ CVE-2016-0751 (actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack i
 	- ruby-actionpack-3.2 <removed>
 	- ruby-actionpack-2.3 <removed>
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
-CVE-2016-0750 (The hotrod java client in infinispan before 9.1.0.Final automatically ...)
+CVE-2016-0750
 	NOT-FOR-US: Infinispan
-CVE-2016-0749 (The smartcard interaction in SPICE allows remote attackers to cause a ...)
+CVE-2016-0749
 	{DSA-3596-1}
 	- spice 0.12.6-4.1 (bug #826585)
 	[wheezy] - spice <not-affected> (Vulnerable code not present. Configured with --disable-smartcard)
 CVE-2016-0748
 	RESERVED
-CVE-2016-0747 (The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not ...)
+CVE-2016-0747
 	{DSA-3473-1}
 	- nginx 1.9.10-1 (bug #812806)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
 	NOTE: http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
 	NOTE: https://github.com/nginx/nginx/commit/4016e6b1da4fbf9c45963211791be124cd7ffb8f (release-1.9.10)
 	NOTE: https://github.com/nginx/nginx/commit/fe89d99796d42b86816e17d9c87ab16964768024 (release-1.9.10)
-CVE-2016-0746 (Use-after-free vulnerability in the resolver in nginx 0.6.18 through ...)
+CVE-2016-0746
 	{DSA-3473-1}
 	- nginx 1.9.10-1 (bug #812806)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
@@ -30235,37 +30235,37 @@ CVE-2016-0744
 	RESERVED
 CVE-2016-0743
 	RESERVED
-CVE-2016-0742 (The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows ...)
+CVE-2016-0742
 	{DSA-3473-1 DLA-404-1}
 	- nginx 1.9.10-1 (bug #812806)
 	NOTE: http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
 	NOTE: https://github.com/nginx/nginx/commit/c44fd4e837f979912749a5a19490ccb9b46398d3 (release-1.9.10)
-CVE-2016-0741 (slapd/connection.c in 389 Directory Server (formerly Fedora Directory ...)
+CVE-2016-0741
 	- 389-ds-base 1.3.4.8-1
 	[jessie] - 389-ds-base <not-affected> (Only affects 1.3.4 and up)
 	NOTE: https://fedorahosted.org/389/ticket/48412
-CVE-2016-0740 (Buffer overflow in the ImagingLibTiffDecode function in ...)
+CVE-2016-0740
 	{DSA-3499-1}
 	- pillow 3.1.1-1 (bug #813905)
 	- python-imaging <not-affected> (Vulnerable code introduce in 2.0.0)
 	NOTE: Issue when linked against libtiff >= 4.0.0
 	NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e (3.1.1)
 	NOTE: Introduced by: https://github.com/python-pillow/Pillow/commit/e782fe721e0156de9636e78cd881d9f9e7e6ce50 (2.0.0)
-CVE-2016-0739 (libssh before 0.7.3 improperly truncates ephemeral secrets generated ...)
+CVE-2016-0739
 	{DSA-3488-1 DLA-425-1}
 	- libssh 0.6.3-4.3 (bug #815663)
 	NOTE: Upstream fix: https://git.libssh.org/projects/libssh.git/commit/?h=v0-7&id=f8d0026c65fc8a55748ae481758e2cf376c26c86
-CVE-2016-0738 (OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x ...)
+CVE-2016-0738
 	- swift 2.5.0-3 (bug #812984)
 	[jessie] - swift <not-affected> (Vulnerable code not present)
 	[wheezy] - swift <not-affected> (Vulnerable code not present)
 	NOTE: Swift: >=2.2.1 <= 2.3.0, >= 2.4.0 <= 2.5.0
-CVE-2016-0737 (OpenStack Object Storage (Swift) before 2.4.0 does not properly close ...)
+CVE-2016-0737
 	- swift 2.4.0-1
 	[jessie] - swift <not-affected> (Vulnerable code not present)
 	[wheezy] - swift <not-affected> (Vulnerable code not present)
 	NOTE: Swift: >=2.2.1 <= 2.3.0
-CVE-2016-0736 (In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was ...)
+CVE-2016-0736
 	{DSA-3796-1}
 	- apache2 2.4.25-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
@@ -30273,25 +30273,25 @@ CVE-2016-0736 (In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypt
 	NOTE: Fixed by: https://svn.apache.org/r1772812
 	NOTE: Affects: 2.4.1 to 2.4.23
 	NOTE: Fixed in 2.4.25
-CVE-2016-0735 (Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to ...)
+CVE-2016-0735
 	NOT-FOR-US: Apache Ranger
-CVE-2016-0734 (The web-based administration console in Apache ActiveMQ 5.x before ...)
+CVE-2016-0734
 	- activemq <not-affected> (Admin console not enabled in the Debian package, see #702670)
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt
-CVE-2016-0733 (The Admin UI in Apache Ranger before 0.5.1 does not properly handle ...)
+CVE-2016-0733
 	NOT-FOR-US: Apache Ranger
-CVE-2016-0732 (The identity zones feature in Pivotal Cloud Foundry 208 through 229; ...)
+CVE-2016-0732
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0731 (The File Browser View in Apache Ambari before 2.2.1 allows remote ...)
+CVE-2016-0731
 	NOT-FOR-US: Apache Ambari
 CVE-2016-0730
 	REJECTED
-CVE-2016-0729 (Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) ...)
+CVE-2016-0729
 	{DSA-3493-1 DLA-433-1}
 	- xerces-c 3.1.3+debian-1 (bug #815907)
 	NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1727978
-CVE-2016-0728 (The join_session_keyring function in security/keys/process_keys.c in ...)
+CVE-2016-0728
 	{DSA-3448-1}
 	- linux 4.3.3-6
 	[wheezy] - linux <not-affected> (Introduced in v3.8-rc1)
@@ -30299,24 +30299,24 @@ CVE-2016-0728 (The join_session_keyring function in security/keys/process_keys.c
 	NOTE: Upstream commit: https://git.kernel.org/linus/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2
 	NOTE: Introduced in https://git.kernel.org/linus/3a50597de8635cd05133bd12c95681c82fe7b878 (v3.8-rc1)
 	NOTE: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
-CVE-2016-0727 (The crontab script in the ntp package before ...)
+CVE-2016-0727
 	- ntp 1:4.2.8p9+dfsg-2 (low; bug #839998)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1528050
 	NOTE: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/
 	NOTE: Originally addressed in 1:4.2.8p8+dfsg-1.1, then refixed in 1:4.2.8p9+dfsg-2
-CVE-2016-0726 (The Fedora Nagios package uses &quot;nagiosadmin&quot; as the default password ...)
+CVE-2016-0726
 	- nagios3 <not-affected> (Specific to Fedora installation)
-CVE-2016-0725 (Cross-site scripting (XSS) vulnerability in the search_pagination ...)
+CVE-2016-0725
 	- moodle <not-affected> (Only affects 3.0 to 3.0.1, 2.9 to 2.9.3 and 2.8 to 2.8.9)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52552
-CVE-2016-0724 (The (1) core_enrol_get_course_enrolment_methods and (2) ...)
+CVE-2016-0724
 	- moodle 2.7.12+dfsg-1 (bug #811344)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072
-CVE-2016-0723 (Race condition in the tty_ioctl function in drivers/tty/tty_io.c in ...)
+CVE-2016-0723
 	{DSA-3448-1 DLA-412-1}
 	- linux 4.3.3-6
 	[wheezy] - linux 3.2.73-2+deb7u3
@@ -30325,19 +30325,19 @@ CVE-2016-0723 (Race condition in the tty_ioctl function in drivers/tty/tty_io.c
 	NOTE: https://git.kernel.org/linus/5c17c861a357e9458001f021a7afa7aab9937439 (v4.5-rc2)
 CVE-2016-0722
 	REJECTED
-CVE-2016-0721 (Session fixation vulnerability in pcsd in pcs before 0.9.157. ...)
+CVE-2016-0721
 	- pcs 0.9.149-1
 	NOTE: https://github.com/feist/pcs/commit/bc6ad9086857559db57f4e3e6de66762291c0774 (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/e9b28833d54a47ec441f6dbad0db96e1fc662a5b (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/acdbbe8307e6f4a36b2c7754765e732e43fe8d17 (0.9.149)
-CVE-2016-0720 (Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs ...)
+CVE-2016-0720
 	- pcs 0.9.149-1
 	NOTE: https://github.com/feist/pcs/commit/3360ecd318f7631bf5826d99a20bf4b29d86dc9c (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/d49435de20f71bd0816c42b445ed484dd21fbe96 (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625 (0.9.149)
 CVE-2016-0719
 	REJECTED
-CVE-2016-0718 (Expat allows context-dependent attackers to cause a denial of service ...)
+CVE-2016-0718
 	{DSA-3582-1 DLA-483-1}
 	- expat 2.1.1-2
 	- firefox 48.0-1 (unimportant)
@@ -30348,9 +30348,9 @@ CVE-2016-0717
 	REJECTED
 CVE-2016-0716
 	REJECTED
-CVE-2016-0715 (Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, ...)
+CVE-2016-0715
 	NOT-FOR-US: Pivotal Cloud Foundry Elastic Runtime
-CVE-2016-0714 (The session-persistence implementation in Apache Tomcat 6.x before ...)
+CVE-2016-0714
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -30358,21 +30358,21 @@ CVE-2016-0714 (The session-persistence implementation in Apache Tomcat 6.x befor
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.68, 8.0.32, 9.0.0.M3
-CVE-2016-0713 (Gorouter in Cloud Foundry cf-release v141 through v228 allows ...)
+CVE-2016-0713
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0712 (Cross-site scripting (XSS) vulnerability in Apache Jetspeed before ...)
+CVE-2016-0712
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0711 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed ...)
+CVE-2016-0711
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0710 (Multiple SQL injection vulnerabilities in the User Manager service in ...)
+CVE-2016-0710
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0709 (Directory traversal vulnerability in the Import/Export function in the ...)
+CVE-2016-0709
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0708 (Applications deployed to Cloud Foundry, versions v166 through v227, ...)
+CVE-2016-0708
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0707 (The agent in Apache Ambari before 2.1.2 uses weak permissions for the ...)
+CVE-2016-0707
 	NOT-FOR-US: Apache Ambari
-CVE-2016-0706 (Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, ...)
+CVE-2016-0706
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -30380,119 +30380,119 @@ CVE-2016-0706 (Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.68, 8.0.32, 9.0.0.M3
-CVE-2016-0705 (Double free vulnerability in the dsa_priv_decode function in ...)
+CVE-2016-0705
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ab4a81f69ec88d06c9d8de15326b9296d7f498ed
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
-CVE-2016-0704 (An oracle protection mechanism in the get_client_master_key function ...)
+CVE-2016-0704
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
-CVE-2016-0703 (The get_client_master_key function in s2_srvr.c in the SSLv2 ...)
+CVE-2016-0703
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
-CVE-2016-0702 (The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in ...)
+CVE-2016-0702
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: https://cachebleed.info
-CVE-2016-0701 (The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 ...)
+CVE-2016-0701
 	- openssl 1.0.2f-2
 	[jessie] - openssl <not-affected> (Only affects 1.0.2)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2)
 	[squeeze] - openssl <not-affected> (Only affects 1.0.2)
-CVE-2016-0700 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0700
 	NOT-FOR-US: Oracle
-CVE-2016-0699 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2016-0699
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-0698 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0698
 	NOT-FOR-US: Oracle
-CVE-2016-0697 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-0697
 	NOT-FOR-US: Oracle
-CVE-2016-0696 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0696
 	NOT-FOR-US: Oracle
-CVE-2016-0695 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; ...)
+CVE-2016-0695
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-0694 (Unspecified vulnerability in the DataStore component in Oracle ...)
+CVE-2016-0694
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0693 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
+CVE-2016-0693
 	NOT-FOR-US: Solaris
-CVE-2016-0692 (Unspecified vulnerability in the DataStore component in Oracle ...)
+CVE-2016-0692
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0691 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+CVE-2016-0691
 	NOT-FOR-US: Oracle
-CVE-2016-0690 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+CVE-2016-0690
 	NOT-FOR-US: Oracle
-CVE-2016-0689 (Unspecified vulnerability in the DataStore component in Oracle ...)
+CVE-2016-0689
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0688 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0688
 	NOT-FOR-US: Oracle
-CVE-2016-0687 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and ...)
+CVE-2016-0687
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-0686 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and ...)
+CVE-2016-0686
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-0685 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0685
 	NOT-FOR-US: Oracle
-CVE-2016-0684 (Unspecified vulnerability in the Oracle Retail MICROS ARS POS ...)
+CVE-2016-0684
 	NOT-FOR-US: Oracle Retail
-CVE-2016-0683 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0683
 	NOT-FOR-US: Oracle
-CVE-2016-0682 (Unspecified vulnerability in the DataStore component in Oracle ...)
+CVE-2016-0682
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0681 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+CVE-2016-0681
 	NOT-FOR-US: Oracle
-CVE-2016-0680 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...)
+CVE-2016-0680
 	NOT-FOR-US: Oracle
-CVE-2016-0679 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0679
 	NOT-FOR-US: Oracle
-CVE-2016-0678 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2016-0678
 	- virtualbox 5.0.18-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-0677 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+CVE-2016-0677
 	NOT-FOR-US: Oracle
-CVE-2016-0676 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+CVE-2016-0676
 	NOT-FOR-US: Solaris
-CVE-2016-0675 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0675
 	NOT-FOR-US: Oracle
-CVE-2016-0674 (Unspecified vulnerability in the Siebel Core - Common Components ...)
+CVE-2016-0674
 	NOT-FOR-US: Siebel
-CVE-2016-0673 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+CVE-2016-0673
 	NOT-FOR-US: Siebel
-CVE-2016-0672 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+CVE-2016-0672
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-0671 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+CVE-2016-0671
 	NOT-FOR-US: Oracle
 CVE-2016-0670
 	REJECTED
-CVE-2016-0669 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
+CVE-2016-0669
 	NOT-FOR-US: Solaris
-CVE-2016-0668 (Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and ...)
+CVE-2016-0668
 	{DSA-3595-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0667 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows ...)
+CVE-2016-0667
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0666 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 ...)
+CVE-2016-0666
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30500,43 +30500,43 @@ CVE-2016-0666 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0665 (Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and ...)
+CVE-2016-0665
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-0664
 	REJECTED
-CVE-2016-0663 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows ...)
+CVE-2016-0663
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0662 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows ...)
+CVE-2016-0662
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0661 (Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and ...)
+CVE-2016-0661
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-0660
 	REJECTED
-CVE-2016-0659 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows ...)
+CVE-2016-0659
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0658 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows ...)
+CVE-2016-0658
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0657 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows ...)
+CVE-2016-0657
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0656 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows ...)
+CVE-2016-0656
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0655 (Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and ...)
+CVE-2016-0655
 	{DSA-3595-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
@@ -30544,19 +30544,19 @@ CVE-2016-0655 (Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0654 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows ...)
+CVE-2016-0654
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0653 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows ...)
+CVE-2016-0653
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0652 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows ...)
+CVE-2016-0652
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0651 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows ...)
+CVE-2016-0651
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed>
 	[jessie] - mysql-5.5 5.5.47-0+deb8u1
@@ -30564,19 +30564,19 @@ CVE-2016-0651 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allo
 	- mariadb-10.0 10.0.23-1
 	[jessie] - mariadb-10.0 10.0.23-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0650 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 ...)
+CVE-2016-0650
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0649 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 ...)
+CVE-2016-0649
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0648 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 ...)
+CVE-2016-0648
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30584,7 +30584,7 @@ CVE-2016-0648 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0647 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 ...)
+CVE-2016-0647
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30592,7 +30592,7 @@ CVE-2016-0647 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0646 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 ...)
+CVE-2016-0646
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30600,13 +30600,13 @@ CVE-2016-0646 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-0645
 	REJECTED
-CVE-2016-0644 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 ...)
+CVE-2016-0644
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0643 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 ...)
+CVE-2016-0643
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30614,34 +30614,34 @@ CVE-2016-0643 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0642 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 ...)
+CVE-2016-0642
 	{DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.23-1
 	[jessie] - mariadb-10.0 10.0.23-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0641 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 ...)
+CVE-2016-0641
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0640 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 ...)
+CVE-2016-0640
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0639 (Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and ...)
+CVE-2016-0639
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0638 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0638
 	NOT-FOR-US: Oracle
 CVE-2016-0637
 	REJECTED
-CVE-2016-0636 (Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 ...)
+CVE-2016-0636
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u77-b03-1
 	[experimental] - openjdk-7 7u95-2.6.4-3
@@ -30651,9 +30651,9 @@ CVE-2016-0636 (Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74
 	NOTE: http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
 	NOTE: https://blogs.oracle.com/security/entry/security_alert_cve_2016_0636
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c44179bce874
-CVE-2016-0635 (Unspecified vulnerability in the Enterprise Manager Ops Center ...)
+CVE-2016-0635
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2016-0634 (The expansion of '\h' in the prompt string in bash 4.3 allows remote ...)
+CVE-2016-0634
 	- bash 4.4-1 (unimportant)
 	[jessie] - bash 4.3-11+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/8
@@ -30683,7 +30683,7 @@ CVE-2016-0625
 	REJECTED
 CVE-2016-0624
 	REJECTED
-CVE-2016-0623 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote ...)
+CVE-2016-0623
 	NOT-FOR-US: Solaris
 CVE-2016-0622
 	REJECTED
@@ -30693,16 +30693,16 @@ CVE-2016-0620
 	REJECTED
 CVE-2016-0619
 	REJECTED
-CVE-2016-0618 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0618
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2016-0617 (Unspecified vulnerability in the kernel-uek component in Oracle Linux ...)
+CVE-2016-0617
 	- linux 4.4.2-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://git.kernel.org/linus/1bfad99ab42569807d0ca1698449cae5e8c0334a (v4.3-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/9aacdd354d197ad64685941b36d28ea20ab88757 (v4.5-rc1)
-CVE-2016-0616 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and ...)
+CVE-2016-0616
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed> (bug #811428)
@@ -30710,317 +30710,317 @@ CVE-2016-0616 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0615
 	REJECTED
-CVE-2016-0614 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2016-0614
 	NOT-FOR-US: Oracle
 CVE-2016-0613
 	REJECTED
 CVE-2016-0612
 	REJECTED
-CVE-2016-0611 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
+CVE-2016-0611
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0610 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and ...)
+CVE-2016-0610
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 10.0.22-1
 	[jessie] - mariadb-10.0 10.0.22-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0609 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0609
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0608 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0608
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0607 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
+CVE-2016-0607
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0606 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0606
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0605 (Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows ...)
+CVE-2016-0605
 	- mysql-5.6 5.6.27-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0604
 	REJECTED
-CVE-2016-0603 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+CVE-2016-0603
 	- openjdk-8 <not-affected> (Java on Windows)
 	- openjdk-7 <not-affected> (Java on Windows)
 	- openjdk-6 <not-affected> (Java on Windows)
-CVE-2016-0602 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2016-0602
 	- virtualbox <not-affected> (VirtualBox Windows Installer component)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2016-0601 (Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote ...)
+CVE-2016-0601
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0600 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0600
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0599 (Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote ...)
+CVE-2016-0599
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0598 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0598
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0597 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0597
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0596 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and ...)
+CVE-2016-0596
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0595 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows ...)
+CVE-2016-0595
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0594 (Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows ...)
+CVE-2016-0594
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0593
 	REJECTED
-CVE-2016-0592 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2016-0592
 	{DSA-3454-1}
 	- virtualbox 5.0.14-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2016-0591 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing ...)
+CVE-2016-0591
 	NOT-FOR-US: PeopleSoft
-CVE-2016-0590 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Order ...)
+CVE-2016-0590
 	NOT-FOR-US: Oracle
-CVE-2016-0589 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-0589
 	NOT-FOR-US: Oracle
-CVE-2016-0588 (Unspecified vulnerability in the Oracle General Ledger component in ...)
+CVE-2016-0588
 	NOT-FOR-US: Oracle
-CVE-2016-0587 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0587
 	NOT-FOR-US: PeopleSoft
-CVE-2016-0586 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-0586
 	NOT-FOR-US: Oracle
-CVE-2016-0585 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-0585
 	NOT-FOR-US: Oracle
-CVE-2016-0584 (Unspecified vulnerability in the Oracle CRM Technology Foundation ...)
+CVE-2016-0584
 	NOT-FOR-US: Oracle
-CVE-2016-0583 (Unspecified vulnerability in the Oracle CRM Technology Foundation ...)
+CVE-2016-0583
 	NOT-FOR-US: Oracle
-CVE-2016-0582 (Unspecified vulnerability in the Oracle CRM Technology Foundation ...)
+CVE-2016-0582
 	NOT-FOR-US: Oracle
-CVE-2016-0581 (Unspecified vulnerability in the Oracle Approvals Management component ...)
+CVE-2016-0581
 	NOT-FOR-US: Oracle
-CVE-2016-0580 (Unspecified vulnerability in the Oracle Report Manager component in ...)
+CVE-2016-0580
 	NOT-FOR-US: Oracle
-CVE-2016-0579 (Unspecified vulnerability in the Oracle CRM Technology Foundation ...)
+CVE-2016-0579
 	NOT-FOR-US: Oracle
-CVE-2016-0578 (Unspecified vulnerability in the Oracle CRM Technology Foundation ...)
+CVE-2016-0578
 	NOT-FOR-US: Oracle
-CVE-2016-0577 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0577
 	NOT-FOR-US: Oracle
-CVE-2016-0576 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-0576
 	NOT-FOR-US: Oracle
-CVE-2016-0575 (Unspecified vulnerability in the Oracle Learning Management component ...)
+CVE-2016-0575
 	NOT-FOR-US: Oracle
-CVE-2016-0574 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0574
 	NOT-FOR-US: Oracle
-CVE-2016-0573 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0573
 	NOT-FOR-US: Oracle
-CVE-2016-0572 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0572
 	NOT-FOR-US: Oracle
-CVE-2016-0571 (Unspecified vulnerability in the Oracle Balanced Scorecard component ...)
+CVE-2016-0571
 	NOT-FOR-US: Oracle
-CVE-2016-0570 (Unspecified vulnerability in the Oracle HCM Configuration Workbench ...)
+CVE-2016-0570
 	NOT-FOR-US: Oracle
-CVE-2016-0569 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0569
 	NOT-FOR-US: Oracle
-CVE-2016-0568 (Unspecified vulnerability in the Oracle Email Center component in ...)
+CVE-2016-0568
 	NOT-FOR-US: Oracle
-CVE-2016-0567 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0567
 	NOT-FOR-US: Oracle
-CVE-2016-0566 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2016-0566
 	NOT-FOR-US: Oracle
-CVE-2016-0565 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2016-0565
 	NOT-FOR-US: Oracle
-CVE-2016-0564 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0564
 	NOT-FOR-US: Oracle
-CVE-2016-0563 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0563
 	NOT-FOR-US: Oracle
-CVE-2016-0562 (Unspecified vulnerability in the Oracle Common Applications component ...)
+CVE-2016-0562
 	NOT-FOR-US: Oracle
-CVE-2016-0561 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0561
 	NOT-FOR-US: Oracle
-CVE-2016-0560 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
+CVE-2016-0560
 	NOT-FOR-US: Oracle
-CVE-2016-0559 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
+CVE-2016-0559
 	NOT-FOR-US: Oracle
-CVE-2016-0558 (Unspecified vulnerability in the Oracle Service Contracts component in ...)
+CVE-2016-0558
 	NOT-FOR-US: Oracle
-CVE-2016-0557 (Unspecified vulnerability in the Oracle Advanced Collections component ...)
+CVE-2016-0557
 	NOT-FOR-US: Oracle
-CVE-2016-0556 (Unspecified vulnerability in the Oracle Advanced Collections component ...)
+CVE-2016-0556
 	NOT-FOR-US: Oracle
-CVE-2016-0555 (Unspecified vulnerability in the Oracle CADView-3D component in Oracle ...)
+CVE-2016-0555
 	NOT-FOR-US: Oracle
-CVE-2016-0554 (Unspecified vulnerability in the Oracle Interaction Center ...)
+CVE-2016-0554
 	NOT-FOR-US: Oracle
-CVE-2016-0553 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0553
 	NOT-FOR-US: Oracle
-CVE-2016-0552 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
+CVE-2016-0552
 	NOT-FOR-US: Oracle
-CVE-2016-0551 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
+CVE-2016-0551
 	NOT-FOR-US: Oracle
-CVE-2016-0550 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0550
 	NOT-FOR-US: Oracle
-CVE-2016-0549 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0549
 	NOT-FOR-US: Oracle
-CVE-2016-0548 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0548
 	NOT-FOR-US: Oracle
-CVE-2016-0547 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0547
 	NOT-FOR-US: Oracle
-CVE-2016-0546 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0546
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0545 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
+CVE-2016-0545
 	NOT-FOR-US: Oracle
-CVE-2016-0544 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2016-0544
 	NOT-FOR-US: Oracle
-CVE-2016-0543 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
+CVE-2016-0543
 	NOT-FOR-US: Oracle
-CVE-2016-0542 (Unspecified vulnerability in the Oracle Field Service component in ...)
+CVE-2016-0542
 	NOT-FOR-US: Oracle
-CVE-2016-0541 (Unspecified vulnerability in the Oracle Configurator component in ...)
+CVE-2016-0541
 	NOT-FOR-US: Oracle
-CVE-2016-0540 (Unspecified vulnerability in the Oracle Configurator component in ...)
+CVE-2016-0540
 	NOT-FOR-US: Oracle
-CVE-2016-0539 (Unspecified vulnerability in the Oracle Report Manager component in ...)
+CVE-2016-0539
 	NOT-FOR-US: Oracle
-CVE-2016-0538 (Unspecified vulnerability in the Oracle Financial Consolidation Hub ...)
+CVE-2016-0538
 	NOT-FOR-US: Oracle
-CVE-2016-0537 (Unspecified vulnerability in the Oracle Human Resources component in ...)
+CVE-2016-0537
 	NOT-FOR-US: Oracle
-CVE-2016-0536 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
+CVE-2016-0536
 	NOT-FOR-US: Oracle
-CVE-2016-0535 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows ...)
+CVE-2016-0535
 	NOT-FOR-US: Oracle
-CVE-2016-0534 (Unspecified vulnerability in the Oracle Project Contracts component in ...)
+CVE-2016-0534
 	NOT-FOR-US: Oracle
-CVE-2016-0533 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0533
 	NOT-FOR-US: Oracle
-CVE-2016-0532 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0532
 	NOT-FOR-US: Oracle
-CVE-2016-0531 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+CVE-2016-0531
 	NOT-FOR-US: Oracle
-CVE-2016-0530 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-0530
 	NOT-FOR-US: Oracle
-CVE-2016-0529 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-0529
 	NOT-FOR-US: Oracle
-CVE-2016-0528 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-0528
 	NOT-FOR-US: Oracle
-CVE-2016-0527 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+CVE-2016-0527
 	NOT-FOR-US: Oracle
-CVE-2016-0526 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0526
 	NOT-FOR-US: Oracle
-CVE-2016-0525 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
+CVE-2016-0525
 	NOT-FOR-US: Oracle
-CVE-2016-0524 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
+CVE-2016-0524
 	NOT-FOR-US: Oracle
-CVE-2016-0523 (Unspecified vulnerability in the Oracle Interaction Blending component ...)
+CVE-2016-0523
 	NOT-FOR-US: Oracle
-CVE-2016-0522 (Unspecified vulnerability in the Oracle Retail Open Commerce Platform ...)
+CVE-2016-0522
 	NOT-FOR-US: Oracle
-CVE-2016-0521 (Unspecified vulnerability in the Oracle iProcurement component in ...)
+CVE-2016-0521
 	NOT-FOR-US: Oracle
-CVE-2016-0520 (Unspecified vulnerability in the Oracle Application Object Library ...)
+CVE-2016-0520
 	NOT-FOR-US: Oracle
-CVE-2016-0519 (Unspecified vulnerability in the Oracle iReceivables component in ...)
+CVE-2016-0519
 	NOT-FOR-US: Oracle
-CVE-2016-0518 (Unspecified vulnerability in the Oracle Human Resources component in ...)
+CVE-2016-0518
 	NOT-FOR-US: Oracle
-CVE-2016-0517 (Unspecified vulnerability in the Oracle Human Resources component in ...)
+CVE-2016-0517
 	NOT-FOR-US: Oracle
-CVE-2016-0516 (Unspecified vulnerability in the Oracle Quality component in Oracle ...)
+CVE-2016-0516
 	NOT-FOR-US: Oracle
-CVE-2016-0515 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0515
 	NOT-FOR-US: Oracle
-CVE-2016-0514 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0514
 	NOT-FOR-US: Oracle
-CVE-2016-0513 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+CVE-2016-0513
 	NOT-FOR-US: Oracle
-CVE-2016-0512 (Unspecified vulnerability in the Oracle Human Resources component in ...)
+CVE-2016-0512
 	NOT-FOR-US: Oracle
-CVE-2016-0511 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0511
 	NOT-FOR-US: Oracle
-CVE-2016-0510 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+CVE-2016-0510
 	NOT-FOR-US: Oracle
-CVE-2016-0509 (Unspecified vulnerability in the Oracle Internet Expenses component in ...)
+CVE-2016-0509
 	NOT-FOR-US: Oracle
-CVE-2016-0508 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
+CVE-2016-0508
 	NOT-FOR-US: Oracle
-CVE-2016-0507 (Unspecified vulnerability in the Oracle iReceivables component in ...)
+CVE-2016-0507
 	NOT-FOR-US: Oracle
-CVE-2016-0506 (Unspecified vulnerability in the Oracle Retail Order Management System ...)
+CVE-2016-0506
 	NOT-FOR-US: Oracle
-CVE-2016-0505 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 ...)
+CVE-2016-0505
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0504 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
+CVE-2016-0504
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0503 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
+CVE-2016-0503
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0502 (Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and ...)
+CVE-2016-0502
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 5.5.33+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before the initial release in Debian, 10.0.4)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0501 (Unspecified vulnerability in the Oracle Secure Global Desktop ...)
+CVE-2016-0501
 	NOT-FOR-US: Oracle
-CVE-2016-0500 (Unspecified vulnerability in the Oracle Retail Order Broker Cloud ...)
+CVE-2016-0500
 	NOT-FOR-US: Oracle
-CVE-2016-0499 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+CVE-2016-0499
 	NOT-FOR-US: Oracle
-CVE-2016-0498 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+CVE-2016-0498
 	NOT-FOR-US: Oracle
-CVE-2016-0497 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+CVE-2016-0497
 	NOT-FOR-US: Oracle
-CVE-2016-0496 (Unspecified vulnerability in the MICROS CWDirect component in Oracle ...)
+CVE-2016-0496
 	NOT-FOR-US: Oracle
-CVE-2016-0495 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+CVE-2016-0495
 	{DSA-3454-1}
 	- virtualbox 5.0.14-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2016-0494 (Unspecified vulnerability in the Java SE and Java SE Embedded ...)
+CVE-2016-0494
 	{DSA-3725-1 DSA-3465-1 DSA-3458-1 DLA-545-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
@@ -31033,492 +31033,492 @@ CVE-2016-0494 (Unspecified vulnerability in the Java SE and Java SE Embedded ...
 	NOTE: the CVE-2015-4844 fix. To avoid confusion with the DSA text in DSA-3725-1
 	NOTE: threat this CVE separately as affected src:icu despite beeing for the
 	NOTE: incomplete fix for CVE-2015-4844
-CVE-2016-0493 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0493
 	NOT-FOR-US: Oracle
-CVE-2016-0492 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0492
 	NOT-FOR-US: Oracle
-CVE-2016-0491 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0491
 	NOT-FOR-US: Oracle
-CVE-2016-0490 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0490
 	NOT-FOR-US: Oracle
-CVE-2016-0489 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0489
 	NOT-FOR-US: Oracle
-CVE-2016-0488 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0488
 	NOT-FOR-US: Oracle
-CVE-2016-0487 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0487
 	NOT-FOR-US: Oracle
-CVE-2016-0486 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0486
 	NOT-FOR-US: Oracle
-CVE-2016-0485 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0485
 	NOT-FOR-US: Oracle
-CVE-2016-0484 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0484
 	NOT-FOR-US: Oracle
-CVE-2016-0483 (Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; ...)
+CVE-2016-0483
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299441#c2
-CVE-2016-0482 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0482
 	NOT-FOR-US: Oracle
-CVE-2016-0481 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0481
 	NOT-FOR-US: Oracle
-CVE-2016-0480 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0480
 	NOT-FOR-US: Oracle
-CVE-2016-0479 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2016-0479
 	NOT-FOR-US: Oracle
-CVE-2016-0478 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0478
 	NOT-FOR-US: Oracle
-CVE-2016-0477 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0477
 	NOT-FOR-US: Oracle
-CVE-2016-0476 (Unspecified vulnerability in the Oracle Application Testing Suite ...)
+CVE-2016-0476
 	NOT-FOR-US: Oracle
-CVE-2016-0475 (Unspecified vulnerability in the Java SE, Java SE Embedded, and ...)
+CVE-2016-0475
 	- openjdk-8 8u72-b15-1
-CVE-2016-0474 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0474
 	NOT-FOR-US: Oracle
-CVE-2016-0473 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0473
 	NOT-FOR-US: Oracle
-CVE-2016-0472 (Unspecified vulnerability in the XDB - XML Database component in ...)
+CVE-2016-0472
 	NOT-FOR-US: Oracle
-CVE-2016-0471 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0471
 	NOT-FOR-US: Oracle
-CVE-2016-0470 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2016-0470
 	NOT-FOR-US: Oracle
-CVE-2016-0469 (Unspecified vulnerability in the Oracle Retail MICROS C2 component in ...)
+CVE-2016-0469
 	NOT-FOR-US: Oracle Retail
-CVE-2016-0468 (Unspecified vulnerability in the Oracle Business Intelligence ...)
+CVE-2016-0468
 	NOT-FOR-US: Oracle
-CVE-2016-0467 (Unspecified vulnerability in the Security component in Oracle Database ...)
+CVE-2016-0467
 	NOT-FOR-US: Oracle
-CVE-2016-0466 (Unspecified vulnerability in the Java SE, Java SE Embedded, and ...)
+CVE-2016-0466
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299385#c4
-CVE-2016-0465 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2016-0465
 	NOT-FOR-US: Oracle
-CVE-2016-0464 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+CVE-2016-0464
 	NOT-FOR-US: Oracle
-CVE-2016-0463 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0463
 	NOT-FOR-US: Oracle
-CVE-2016-0462 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0462
 	NOT-FOR-US: Oracle
-CVE-2016-0461 (Unspecified vulnerability in the XDB - XML Database component in ...)
+CVE-2016-0461
 	NOT-FOR-US: Oracle
-CVE-2016-0460 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0460
 	NOT-FOR-US: Oracle
-CVE-2016-0459 (Unspecified vulnerability in the Oracle Applications Framework ...)
+CVE-2016-0459
 	NOT-FOR-US: Oracle
-CVE-2016-0458 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0458
 	NOT-FOR-US: Oracle
-CVE-2016-0457 (Unspecified vulnerability in the Application Mgmt Pack for E-Business ...)
+CVE-2016-0457
 	NOT-FOR-US: Oracle
-CVE-2016-0456 (Unspecified vulnerability in the Application Mgmt Pack for E-Business ...)
+CVE-2016-0456
 	NOT-FOR-US: Oracle
-CVE-2016-0455 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0455
 	NOT-FOR-US: Oracle
-CVE-2016-0454 (Unspecified vulnerability in the Oracle Mobile Application Servlet ...)
+CVE-2016-0454
 	NOT-FOR-US: Oracle
-CVE-2016-0453 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2016-0453
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-0452 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
+CVE-2016-0452
 	NOT-FOR-US: Oracle
-CVE-2016-0451 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
+CVE-2016-0451
 	NOT-FOR-US: Oracle
-CVE-2016-0450 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
+CVE-2016-0450
 	NOT-FOR-US: Oracle
-CVE-2016-0449 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0449
 	NOT-FOR-US: Oracle
-CVE-2016-0448 (Unspecified vulnerability in the Java SE and Java SE Embedded ...)
+CVE-2016-0448
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299385#c4
-CVE-2016-0447 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0447
 	NOT-FOR-US: Oracle
-CVE-2016-0446 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0446
 	NOT-FOR-US: Oracle
-CVE-2016-0445 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0445
 	NOT-FOR-US: Oracle
-CVE-2016-0444 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0444
 	NOT-FOR-US: Oracle
-CVE-2016-0443 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0443
 	NOT-FOR-US: Oracle
-CVE-2016-0442 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0442
 	NOT-FOR-US: Oracle
-CVE-2016-0441 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+CVE-2016-0441
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-0440 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2016-0440
 	NOT-FOR-US: Oracle
-CVE-2016-0439 (Unspecified vulnerability in the Web Cache component in Oracle Fusion ...)
+CVE-2016-0439
 	NOT-FOR-US: Oracle
-CVE-2016-0438 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
+CVE-2016-0438
 	NOT-FOR-US: Oracle
-CVE-2016-0437 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
+CVE-2016-0437
 	NOT-FOR-US: Oracle
-CVE-2016-0436 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
+CVE-2016-0436
 	NOT-FOR-US: Oracle
-CVE-2016-0435 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
+CVE-2016-0435
 	NOT-FOR-US: Oracle
-CVE-2016-0434 (Unspecified vulnerability in the Oracle Retail Point-of-Service ...)
+CVE-2016-0434
 	NOT-FOR-US: Oracle
-CVE-2016-0433 (Unspecified vulnerability in the Web Cache component in Oracle Fusion ...)
+CVE-2016-0433
 	NOT-FOR-US: Oracle
-CVE-2016-0432 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+CVE-2016-0432
 	NOT-FOR-US: Oracle
-CVE-2016-0431 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0431
 	NOT-FOR-US: Oracle
-CVE-2016-0430 (Unspecified vulnerability in the Web Cache component in Oracle Fusion ...)
+CVE-2016-0430
 	NOT-FOR-US: Oracle
-CVE-2016-0429 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2016-0429
 	NOT-FOR-US: Oracle
-CVE-2016-0428 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0428
 	NOT-FOR-US: Oracle
-CVE-2016-0427 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0427
 	NOT-FOR-US: Oracle
-CVE-2016-0426 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0426
 	NOT-FOR-US: Oracle
-CVE-2016-0425 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2016-0425
 	NOT-FOR-US: Oracle
-CVE-2016-0424 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2016-0424
 	NOT-FOR-US: Oracle
-CVE-2016-0423 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2016-0423
 	NOT-FOR-US: Oracle
-CVE-2016-0422 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2016-0422
 	NOT-FOR-US: Oracle
-CVE-2016-0421 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2016-0421
 	NOT-FOR-US: Oracle
-CVE-2016-0420 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+CVE-2016-0420
 	NOT-FOR-US: Oracle
-CVE-2016-0419 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0419
 	NOT-FOR-US: Oracle
-CVE-2016-0418 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0418
 	NOT-FOR-US: Oracle
-CVE-2016-0417 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2016-0417
 	NOT-FOR-US: Oracle
-CVE-2016-0416 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2016-0416
 	NOT-FOR-US: Oracle
-CVE-2016-0415 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0415
 	NOT-FOR-US: Oracle
-CVE-2016-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0414
 	NOT-FOR-US: Oracle
-CVE-2016-0413 (Unspecified vulnerability in the Oracle Identity Federation component ...)
+CVE-2016-0413
 	NOT-FOR-US: Oracle
-CVE-2016-0412 (Unspecified vulnerability in the PeopleSoft Enterprise SCM ...)
+CVE-2016-0412
 	NOT-FOR-US: Oracle
-CVE-2016-0411 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+CVE-2016-0411
 	NOT-FOR-US: Oracle
 CVE-2016-0410
 	REJECTED
-CVE-2016-0409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Global ...)
+CVE-2016-0409
 	NOT-FOR-US: Oracle
-CVE-2016-0408 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+CVE-2016-0408
 	NOT-FOR-US: Oracle
-CVE-2016-0407 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+CVE-2016-0407
 	NOT-FOR-US: Oracle
 	NOT-FOR-US: PeopleSoft
-CVE-2016-0406 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+CVE-2016-0406
 	NOT-FOR-US: Oracle
-CVE-2016-0405 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+CVE-2016-0405
 	NOT-FOR-US: Oracle
-CVE-2016-0404 (Unspecified vulnerability in the Oracle Identity Federation component ...)
+CVE-2016-0404
 	NOT-FOR-US: Oracle
-CVE-2016-0403 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
+CVE-2016-0403
 	NOT-FOR-US: Oracle
-CVE-2016-0402 (Unspecified vulnerability in the Java SE and Java SE Embedded ...)
+CVE-2016-0402
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298957#c2
-CVE-2016-0401 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+CVE-2016-0401
 	NOT-FOR-US: Oracle
-CVE-2016-0400 (CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 ...)
+CVE-2016-0400
 	NOT-FOR-US: IBM
-CVE-2016-0399 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2016-0399
 	NOT-FOR-US: IBM
-CVE-2016-0398 (IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers ...)
+CVE-2016-0398
 	NOT-FOR-US: IBM
-CVE-2016-0397 (WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) ...)
+CVE-2016-0397
 	NOT-FOR-US: IBM
-CVE-2016-0396 (IBM Tivoli Endpoint Manager could allow a user under special ...)
+CVE-2016-0396
 	NOT-FOR-US: IBM
 CVE-2016-0395
 	RESERVED
-CVE-2016-0394 (IBM Integration Bus and WebSphere Message broker sets incorrect ...)
+CVE-2016-0394
 	NOT-FOR-US: IBM
-CVE-2016-0393 (IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and ...)
+CVE-2016-0393
 	NOT-FOR-US: IBM
-CVE-2016-0392 (IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 ...)
+CVE-2016-0392
 	NOT-FOR-US: IBM
-CVE-2016-0391 (The IBM Watson Developer Cloud services on Bluemix platforms do not ...)
+CVE-2016-0391
 	NOT-FOR-US: IBM
-CVE-2016-0390 (Cross-site scripting (XSS) vulnerability in IBM Algorithmics Algo One ...)
+CVE-2016-0390
 	NOT-FOR-US: IBM
-CVE-2016-0389 (Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 through ...)
+CVE-2016-0389
 	NOT-FOR-US: IBM
 CVE-2016-0388
 	RESERVED
-CVE-2016-0387 (Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application ...)
+CVE-2016-0387
 	NOT-FOR-US: IBM
-CVE-2016-0386 (Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA ...)
+CVE-2016-0386
 	NOT-FOR-US: IBM
-CVE-2016-0385 (Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before ...)
+CVE-2016-0385
 	NOT-FOR-US: IBM
 CVE-2016-0384
 	RESERVED
 CVE-2016-0383
 	RESERVED
-CVE-2016-0382 (The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes ...)
+CVE-2016-0382
 	NOT-FOR-US: IBM
-CVE-2016-0381 (IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin ...)
+CVE-2016-0381
 	NOT-FOR-US: IBM
-CVE-2016-0380 (IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and ...)
+CVE-2016-0380
 	NOT-FOR-US: IBM
-CVE-2016-0379 (IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles ...)
+CVE-2016-0379
 	NOT-FOR-US: IBM
-CVE-2016-0378 (IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3, when ...)
+CVE-2016-0378
 	NOT-FOR-US: IBM
-CVE-2016-0377 (The Administrative Console in IBM WebSphere Application Server (WAS) ...)
+CVE-2016-0377
 	NOT-FOR-US: IBM
-CVE-2016-0376 (The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java ...)
+CVE-2016-0376
 	NOT-FOR-US: IBM
-CVE-2016-0375 (JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through ...)
+CVE-2016-0375
 	NOT-FOR-US: IBM
-CVE-2016-0374 (The builder tools in IBM TRIRIGA Application Platform 3.3 before ...)
+CVE-2016-0374
 	NOT-FOR-US: IBM
-CVE-2016-0373 (IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated ...)
+CVE-2016-0373
 	NOT-FOR-US: IBM
-CVE-2016-0372 (IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, ...)
+CVE-2016-0372
 	NOT-FOR-US: IBM
-CVE-2016-0371 (The Tivoli Storage Manager (TSM) password may be displayed in plain ...)
+CVE-2016-0371
 	NOT-FOR-US: IBM
-CVE-2016-0370 (Cross-site scripting (XSS) vulnerability in IBM Forms Experience ...)
+CVE-2016-0370
 	NOT-FOR-US: IBM
-CVE-2016-0369 (XML external entity (XXE) vulnerability in IBM Forms Experience ...)
+CVE-2016-0369
 	NOT-FOR-US: IBM Forms Experience Builder
 CVE-2016-0368
 	RESERVED
-CVE-2016-0367 (IBM Security Identity Manager Virtual Appliance 7.0.x before ...)
+CVE-2016-0367
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
-CVE-2016-0366 (IBM Security Identity Manager Virtual Appliance 7.0.x before ...)
+CVE-2016-0366
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
-CVE-2016-0365 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and ...)
+CVE-2016-0365
 	NOT-FOR-US: IBM
-CVE-2016-0364 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and ...)
+CVE-2016-0364
 	NOT-FOR-US: IBM
-CVE-2016-0363 (The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java ...)
+CVE-2016-0363
 	NOT-FOR-US: IBM JDK
-CVE-2016-0362 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
+CVE-2016-0362
 	NOT-FOR-US: IBM
-CVE-2016-0361 (IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and ...)
+CVE-2016-0361
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2016-0360 (IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides ...)
+CVE-2016-0360
 	NOT-FOR-US: IBM
-CVE-2016-0359 (CRLF injection vulnerability in IBM WebSphere Application Server (WAS) ...)
+CVE-2016-0359
 	NOT-FOR-US: IBM
-CVE-2016-0358 (IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated ...)
+CVE-2016-0358
 	NOT-FOR-US: IBM
-CVE-2016-0357 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0357
 	NOT-FOR-US: IBM
-CVE-2016-0356 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
+CVE-2016-0356
 	NOT-FOR-US: IBM
-CVE-2016-0355 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
+CVE-2016-0355
 	NOT-FOR-US: IBM
-CVE-2016-0354 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
+CVE-2016-0354
 	NOT-FOR-US: IBM
-CVE-2016-0353 (IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when ...)
+CVE-2016-0353
 	NOT-FOR-US: IBM
 CVE-2016-0352
 	RESERVED
-CVE-2016-0351 (IBM Security Identity Manager Virtual Appliance 7.0.x before ...)
+CVE-2016-0351
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
-CVE-2016-0350 (Cross-site scripting (XSS) vulnerability in the Report Builder and ...)
+CVE-2016-0350
 	NOT-FOR-US: IBM
-CVE-2016-0349 (IBM Business Process Manager 8.5.6 through 8.5.6.2 and 8.5.7 before ...)
+CVE-2016-0349
 	NOT-FOR-US: IBM
-CVE-2016-0348 (Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA ...)
+CVE-2016-0348
 	NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0347
 	RESERVED
-CVE-2016-0346 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business ...)
+CVE-2016-0346
 	NOT-FOR-US: IBM
-CVE-2016-0345 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
+CVE-2016-0345
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0344 (Cross-site scripting (XSS) vulnerability in the My Reports component ...)
+CVE-2016-0344
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0343 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
+CVE-2016-0343
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0342 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
+CVE-2016-0342
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0341 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B ...)
+CVE-2016-0341
 	NOT-FOR-US: IBM
-CVE-2016-0340 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0340
 	NOT-FOR-US: IBM
-CVE-2016-0339 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0339
 	NOT-FOR-US: IBM
-CVE-2016-0338 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0338
 	NOT-FOR-US: IBM
 CVE-2016-0337
 	RESERVED
-CVE-2016-0336 (Cross-site scripting (XSS) vulnerability in IBM Security Identity ...)
+CVE-2016-0336
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0335 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...)
+CVE-2016-0335
 	NOT-FOR-US: IBM Security Identity Manager
 CVE-2016-0334
 	RESERVED
 CVE-2016-0333
 	RESERVED
-CVE-2016-0332 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0332
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0331 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
+CVE-2016-0331
 	NOT-FOR-US: IBM
-CVE-2016-0330 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0330
 	NOT-FOR-US: IBM
-CVE-2016-0329 (Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before ...)
+CVE-2016-0329
 	NOT-FOR-US: IBM
-CVE-2016-0328 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x ...)
+CVE-2016-0328
 	NOT-FOR-US: IBM
-CVE-2016-0327 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0327
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0326 (IBM Rational Quality Manager (RQM) and Rational Collaborative ...)
+CVE-2016-0326
 	NOT-FOR-US: IBM
-CVE-2016-0325 (IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, ...)
+CVE-2016-0325
 	NOT-FOR-US: IBM
-CVE-2016-0324 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
+CVE-2016-0324
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0323 (The Auto-Scaling agent in Liberty for Java in IBM Bluemix before ...)
+CVE-2016-0323
 	NOT-FOR-US: IBM
-CVE-2016-0322 (Cross-site scripting (XSS) vulnerability in IBM Connections 4.0 ...)
+CVE-2016-0322
 	NOT-FOR-US: IBM
-CVE-2016-0321 (IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x ...)
+CVE-2016-0321
 	NOT-FOR-US: IBM
-CVE-2016-0320 (IBM UrbanCode Deploy could allow an authenticated user to modify Ucd ...)
+CVE-2016-0320
 	NOT-FOR-US: IBM
-CVE-2016-0319 (The XML parser in Lifecycle Query Engine (LQE) in IBM Jazz Reporting ...)
+CVE-2016-0319
 	NOT-FOR-US: IBM
-CVE-2016-0318 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and ...)
+CVE-2016-0318
 	NOT-FOR-US: IBM
-CVE-2016-0317 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and ...)
+CVE-2016-0317
 	NOT-FOR-US: IBM
-CVE-2016-0316 (Cross-site scripting (XSS) vulnerability in Lifecycle Query Engine ...)
+CVE-2016-0316
 	NOT-FOR-US: IBM
-CVE-2016-0315 (The Report Builder and Data Collection Component (DCC) in IBM Jazz ...)
+CVE-2016-0315
 	NOT-FOR-US: IBM
-CVE-2016-0314 (The Report Builder and Data Collection Component (DCC) in IBM Jazz ...)
+CVE-2016-0314
 	NOT-FOR-US: IBM
-CVE-2016-0313 (Cross-site scripting (XSS) vulnerability in the Report Builder and ...)
+CVE-2016-0313
 	NOT-FOR-US: IBM
-CVE-2016-0312 (IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers ...)
+CVE-2016-0312
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0311 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Business ...)
+CVE-2016-0311
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2016-0310 (IBM Connections 5.5 and earlier is vulnerable to possible host header ...)
+CVE-2016-0310
 	NOT-FOR-US: IBM
 CVE-2016-0309
 	RESERVED
-CVE-2016-0308 (IBM Connections 5.5 and earlier is vulnerable to possible link ...)
+CVE-2016-0308
 	NOT-FOR-US: IBM
-CVE-2016-0307 (IBM Connections 5.5 and earlier allows remote attackers to obtain ...)
+CVE-2016-0307
 	NOT-FOR-US: IBM
-CVE-2016-0306 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.41, 8.0 before ...)
+CVE-2016-0306
 	NOT-FOR-US: IBM
-CVE-2016-0305 (IBM Connections is vulnerable to cross-site scripting, caused by ...)
+CVE-2016-0305
 	NOT-FOR-US: IBM
-CVE-2016-0304 (The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x ...)
+CVE-2016-0304
 	NOT-FOR-US: IBM
-CVE-2016-0303 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated ...)
+CVE-2016-0303
 	NOT-FOR-US: IBM Tivoli Integrated Portal
 CVE-2016-0302
 	RESERVED
-CVE-2016-0301 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino ...)
+CVE-2016-0301
 	NOT-FOR-US: IBM
-CVE-2016-0300 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
+CVE-2016-0300
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0299 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before ...)
+CVE-2016-0299
 	NOT-FOR-US: IBM
-CVE-2016-0298 (Directory traversal vulnerability in IBM Security Guardium Database ...)
+CVE-2016-0298
 	NOT-FOR-US: IBM
-CVE-2016-0297 (IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could ...)
+CVE-2016-0297
 	NOT-FOR-US: IBM
-CVE-2016-0296 (IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores ...)
+CVE-2016-0296
 	NOT-FOR-US: IBM
-CVE-2016-0295 (Cross-site request forgery (CSRF) vulnerability in the IBM BigFix ...)
+CVE-2016-0295
 	NOT-FOR-US: IBM
 CVE-2016-0294
 	RESERVED
-CVE-2016-0293 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform ...)
+CVE-2016-0293
 	NOT-FOR-US: IBM
-CVE-2016-0292 (WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) ...)
+CVE-2016-0292
 	NOT-FOR-US: IBM
-CVE-2016-0291 (IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow ...)
+CVE-2016-0291
 	NOT-FOR-US: IBM
 CVE-2016-0290
 	RESERVED
-CVE-2016-0289 (shiprec.xml in the SHIPREC application in IBM Maximo Asset Management ...)
+CVE-2016-0289
 	NOT-FOR-US: IBM
-CVE-2016-0288 (IBM Security AppScan Standard 8.7.x, 8.8.x, and 9.x before 9.0.3.2 and ...)
+CVE-2016-0288
 	NOT-FOR-US: IBM
-CVE-2016-0287 (IBM i Access 7.1 on Windows allows local users to discover registry ...)
+CVE-2016-0287
 	NOT-FOR-US: IBM
-CVE-2016-0286 (IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 ...)
+CVE-2016-0286
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2016-0285 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2016-0285
 	NOT-FOR-US: IBM
-CVE-2016-0284 (The XML parser in IBM Rational Collaborative Lifecycle Management ...)
+CVE-2016-0284
 	NOT-FOR-US: IBM
-CVE-2016-0283 (Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC) ...)
+CVE-2016-0283
 	NOT-FOR-US: IBM
-CVE-2016-0282 (Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 ...)
+CVE-2016-0282
 	NOT-FOR-US: IBM
-CVE-2016-0281 (The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, ...)
+CVE-2016-0281
 	NOT-FOR-US: IBM
-CVE-2016-0280 (Cross-site scripting (XSS) vulnerability in IBM Information Server ...)
+CVE-2016-0280
 	NOT-FOR-US: IBM
-CVE-2016-0279 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino ...)
+CVE-2016-0279
 	NOT-FOR-US: IBM
-CVE-2016-0278 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino ...)
+CVE-2016-0278
 	NOT-FOR-US: IBM
-CVE-2016-0277 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino ...)
+CVE-2016-0277
 	NOT-FOR-US: IBM
-CVE-2016-0276 (IBM Financial Transaction Manager (FTM) for ACH Services for ...)
+CVE-2016-0276
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0275 (IBM Financial Transaction Manager (FTM) for ACH Services for ...)
+CVE-2016-0275
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0274 (IBM Financial Transaction Manager (FTM) for ACH Services for ...)
+CVE-2016-0274
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0273 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+CVE-2016-0273
 	NOT-FOR-US: IBM
-CVE-2016-0272 (Cross-site request forgery (CSRF) vulnerability in IBM Financial ...)
+CVE-2016-0272
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0271 (The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before ...)
+CVE-2016-0271
 	NOT-FOR-US: IBM
-CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 ...)
+CVE-2016-0270
 	NOT-FOR-US: IBM
-CVE-2016-0269 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x ...)
+CVE-2016-0269
 	NOT-FOR-US: IBM
-CVE-2016-0268 (XML external entity (XXE) vulnerability in IBM Financial Transaction ...)
+CVE-2016-0268
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0267 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and ...)
+CVE-2016-0267
 	NOT-FOR-US: IBM
-CVE-2016-0266 (IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the ...)
+CVE-2016-0266
 	NOT-FOR-US: IBM
-CVE-2016-0265 (IBM Campaign is vulnerable to cross-site scripting, caused by improper ...)
+CVE-2016-0265
 	NOT-FOR-US: IBM
-CVE-2016-0264 (Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java ...)
+CVE-2016-0264
 	NOT-FOR-US: IBM JDK
-CVE-2016-0263 (IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and ...)
+CVE-2016-0263
 	NOT-FOR-US: IBM
-CVE-2016-0262 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+CVE-2016-0262
 	NOT-FOR-US: IBM
-CVE-2016-0261 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
+CVE-2016-0261
 	NOT-FOR-US: IBM
-CVE-2016-0260 (Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before ...)
+CVE-2016-0260
 	NOT-FOR-US: IBM
-CVE-2016-0259 (runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to ...)
+CVE-2016-0259
 	NOT-FOR-US: IBM
 CVE-2016-0258
 	RESERVED
@@ -31526,349 +31526,349 @@ CVE-2016-0257
 	RESERVED
 CVE-2016-0256
 	RESERVED
-CVE-2016-0255 (IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site ...)
+CVE-2016-0255
 	NOT-FOR-US: IBM
-CVE-2016-0254 (IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a ...)
+CVE-2016-0254
 	NOT-FOR-US: IBM
-CVE-2016-0253 (Cross-site scripting (XSS) vulnerability in IBM Financial Transaction ...)
+CVE-2016-0253
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0252 (IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control ...)
+CVE-2016-0252
 	NOT-FOR-US: IBM
 CVE-2016-0251
 	RESERVED
-CVE-2016-0250 (XML external entity (XXE) vulnerability in IBM InfoSphere Information ...)
+CVE-2016-0250
 	NOT-FOR-US: IBM
-CVE-2016-0249 (SQL injection vulnerability in IBM Security Guardium Database Activity ...)
+CVE-2016-0249
 	NOT-FOR-US: IBM
-CVE-2016-0248 (IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows ...)
+CVE-2016-0248
 	NOT-FOR-US: IBM
-CVE-2016-0247 (IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, ...)
+CVE-2016-0247
 	NOT-FOR-US: IBM
-CVE-2016-0246 (Cross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2 ...)
+CVE-2016-0246
 	NOT-FOR-US: IBM
-CVE-2016-0245 (The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and ...)
+CVE-2016-0245
 	NOT-FOR-US: IBM
-CVE-2016-0244 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
+CVE-2016-0244
 	NOT-FOR-US: IBM
-CVE-2016-0243 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
+CVE-2016-0243
 	NOT-FOR-US: IBM
-CVE-2016-0242 (IBM Security Guardium 10.x through 10.1 before p100 allows remote ...)
+CVE-2016-0242
 	NOT-FOR-US: IBM
-CVE-2016-0241 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x ...)
+CVE-2016-0241
 	NOT-FOR-US: IBM
-CVE-2016-0240 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x ...)
+CVE-2016-0240
 	NOT-FOR-US: IBM
-CVE-2016-0239 (IBM Security Guardium Database Activity Monitor 9.x through 9.5 before ...)
+CVE-2016-0239
 	NOT-FOR-US: IBM
-CVE-2016-0238 (IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits ...)
+CVE-2016-0238
 	NOT-FOR-US: IBM
-CVE-2016-0237 (IBM Security Guardium Database Activity Monitor 10 allows local users ...)
+CVE-2016-0237
 	NOT-FOR-US: IBM
-CVE-2016-0236 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x ...)
+CVE-2016-0236
 	NOT-FOR-US: IBM
-CVE-2016-0235 (IBM Security Guardium Database Activity Monitor 10 allows local users ...)
+CVE-2016-0235
 	NOT-FOR-US: IBM
-CVE-2016-0234 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user ...)
+CVE-2016-0234
 	NOT-FOR-US: IBM
-CVE-2016-0233 (SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, ...)
+CVE-2016-0233
 	NOT-FOR-US: IBM
-CVE-2016-0232 (IBM Financial Transaction Manager (FTM) for ACH Services, Check ...)
+CVE-2016-0232
 	NOT-FOR-US: IBM
-CVE-2016-0231 (IBM Financial Transaction Manager (FTM) for ACH Services, Check ...)
+CVE-2016-0231
 	NOT-FOR-US: IBM
-CVE-2016-0230 (IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 ...)
+CVE-2016-0230
 	NOT-FOR-US: IBM
-CVE-2016-0229 (Cross-site scripting (XSS) vulnerability in IBM Marketing Platform ...)
+CVE-2016-0229
 	NOT-FOR-US: IBM
-CVE-2016-0228 (IBM Marketing Platform 10.0 could allow a remote attacker to conduct ...)
+CVE-2016-0228
 	NOT-FOR-US: IBM
-CVE-2016-0227 (Cross-site scripting (XSS) vulnerability in the document-list control ...)
+CVE-2016-0227
 	NOT-FOR-US: IBM
-CVE-2016-0226 (The client implementation in IBM Informix Dynamic Server 11.70.xCn on ...)
+CVE-2016-0226
 	NOT-FOR-US: IBM
-CVE-2016-0225 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 ...)
+CVE-2016-0225
 	NOT-FOR-US: IBM
-CVE-2016-0224 (SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, ...)
+CVE-2016-0224
 	NOT-FOR-US: IBM
-CVE-2016-0223 (Cross-site scripting (XSS) vulnerability in the Webform Framework API ...)
+CVE-2016-0223
 	NOT-FOR-US: IBM Forms Server
-CVE-2016-0222 (IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote ...)
+CVE-2016-0222
 	NOT-FOR-US: IBM
-CVE-2016-0221 (Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as used in ...)
+CVE-2016-0221
 	NOT-FOR-US: IBM
 CVE-2016-0220
 	RESERVED
-CVE-2016-0219 (XML external entity (XXE) vulnerability in IBM Rational Team Concert ...)
+CVE-2016-0219
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2016-0218 (IBM Cognos Business Intelligence and IBM Cognos Analytics are ...)
+CVE-2016-0218
 	NOT-FOR-US: IBM
-CVE-2016-0217 (IBM Cognos Business Intelligence and IBM Cognos Analytics are ...)
+CVE-2016-0217
 	NOT-FOR-US: IBM
-CVE-2016-0216 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
+CVE-2016-0216
 	NOT-FOR-US: IBM
-CVE-2016-0215 (IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, ...)
+CVE-2016-0215
 	NOT-FOR-US: IBM DB2
-CVE-2016-0214 (IBM Tivoli Endpoint Manager could allow a remote attacker to upload ...)
+CVE-2016-0214
 	NOT-FOR-US: IBM
-CVE-2016-0213 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
+CVE-2016-0213
 	NOT-FOR-US: IBM
-CVE-2016-0212 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
+CVE-2016-0212
 	NOT-FOR-US: IBM
-CVE-2016-0211 (IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 ...)
+CVE-2016-0211
 	NOT-FOR-US: IBM
-CVE-2016-0210 (IBM Sterling B2B Integrator Standard Edition could allow a remote ...)
+CVE-2016-0210
 	NOT-FOR-US: IBM
-CVE-2016-0209 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 ...)
+CVE-2016-0209
 	NOT-FOR-US: IBM
-CVE-2016-0208 (IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and ...)
+CVE-2016-0208
 	NOT-FOR-US: IBM
-CVE-2016-0207 (IBM Algorithmics One-Algo Risk Application (ARA) 4.9.1 through 5.1.0 ...)
+CVE-2016-0207
 	NOT-FOR-US: IBM Algorithmics One-Algo Risk Application
-CVE-2016-0206 (IBM Cloud Orchestrator could allow a local authenticated attacker to ...)
+CVE-2016-0206
 	NOT-FOR-US: IBM
-CVE-2016-0205 (A vulnerability has been identified in IBM Cloud Orchestrator 2.3, ...)
+CVE-2016-0205
 	NOT-FOR-US: IBM
-CVE-2016-0204 (Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before ...)
+CVE-2016-0204
 	NOT-FOR-US: IBM
-CVE-2016-0203 (A vulnerability has been identified in the IBM Cloud Orchestrator task ...)
+CVE-2016-0203
 	NOT-FOR-US: IBM
-CVE-2016-0202 (A vulnerability has been identified in tasks, backend object generated ...)
+CVE-2016-0202
 	NOT-FOR-US: IBM
-CVE-2016-0201 (GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and ...)
+CVE-2016-0201
 	NOT-FOR-US: IBM
-CVE-2016-0200 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0200
 	NOT-FOR-US: Microsoft
-CVE-2016-0199 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0199
 	NOT-FOR-US: Microsoft
-CVE-2016-0198 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0198
 	NOT-FOR-US: Microsoft
-CVE-2016-0197 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the ...)
+CVE-2016-0197
 	NOT-FOR-US: Microsoft
-CVE-2016-0196 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0196
 	NOT-FOR-US: Microsoft
-CVE-2016-0195 (The Imaging Component in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0195
 	NOT-FOR-US: Microsoft
-CVE-2016-0194 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2016-0194
 	NOT-FOR-US: Microsoft
-CVE-2016-0193 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-0193
 	NOT-FOR-US: Microsoft
-CVE-2016-0192 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-0192
 	NOT-FOR-US: Microsoft
-CVE-2016-0191 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-0191
 	NOT-FOR-US: Microsoft
-CVE-2016-0190 (Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
+CVE-2016-0190
 	NOT-FOR-US: Microsoft
-CVE-2016-0189 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
+CVE-2016-0189
 	NOT-FOR-US: Microsoft
-CVE-2016-0188 (The User Mode Code Integrity (UMCI) implementation in Device Guard in ...)
+CVE-2016-0188
 	NOT-FOR-US: Microsoft
-CVE-2016-0187 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in ...)
+CVE-2016-0187
 	NOT-FOR-US: Microsoft
-CVE-2016-0186 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-0186
 	NOT-FOR-US: Microsoft
-CVE-2016-0185 (Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and ...)
+CVE-2016-0185
 	NOT-FOR-US: Microsoft
-CVE-2016-0184 (Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, ...)
+CVE-2016-0184
 	NOT-FOR-US: Microsoft
-CVE-2016-0183 (The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, ...)
+CVE-2016-0183
 	NOT-FOR-US: Microsoft
-CVE-2016-0182 (Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows ...)
+CVE-2016-0182
 	NOT-FOR-US: Microsoft
-CVE-2016-0181 (Microsoft Windows 10 Gold and 1511 allows local users to bypass the ...)
+CVE-2016-0181
 	NOT-FOR-US: Microsoft
-CVE-2016-0180 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-0180
 	NOT-FOR-US: Microsoft
-CVE-2016-0179 (Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, ...)
+CVE-2016-0179
 	NOT-FOR-US: Microsoft
-CVE-2016-0178 (The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2016-0178
 	NOT-FOR-US: Microsoft
 CVE-2016-0177
 	REJECTED
-CVE-2016-0176 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the ...)
+CVE-2016-0176
 	NOT-FOR-US: Microsoft
-CVE-2016-0175 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0175
 	NOT-FOR-US: Microsoft
-CVE-2016-0174 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0174
 	NOT-FOR-US: Microsoft
-CVE-2016-0173 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0173
 	NOT-FOR-US: Microsoft
 CVE-2016-0172
 	REJECTED
-CVE-2016-0171 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0171
 	NOT-FOR-US: Microsoft
-CVE-2016-0170 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+CVE-2016-0170
 	NOT-FOR-US: Microsoft
-CVE-2016-0169 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+CVE-2016-0169
 	NOT-FOR-US: Microsoft
-CVE-2016-0168 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+CVE-2016-0168
 	NOT-FOR-US: Microsoft
-CVE-2016-0167 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0167
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0166 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2016-0166
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0165 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0165
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0164 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+CVE-2016-0164
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2016-0163
 	REJECTED
-CVE-2016-0162 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0162
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0161 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+CVE-2016-0161
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0160 (Microsoft Internet Explorer 11 mishandles DLL loading, which allows ...)
+CVE-2016-0160
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0159 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2016-0159
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0158 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+CVE-2016-0158
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0157 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0157
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0156 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0156
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0155 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0155
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0154 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-0154
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0153 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+CVE-2016-0153
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0152 (Internet Information Services (IIS) in Microsoft Windows Vista SP2 and ...)
+CVE-2016-0152
 	NOT-FOR-US: Microsoft
-CVE-2016-0151 (The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, ...)
+CVE-2016-0151
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0150 (HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers ...)
+CVE-2016-0150
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0149 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and ...)
+CVE-2016-0149
 	NOT-FOR-US: Microsoft
-CVE-2016-0148 (Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, ...)
+CVE-2016-0148
 	NOT-FOR-US: Microsoft .NET
-CVE-2016-0147 (Microsoft XML Core Services 3.0 allows remote attackers to execute ...)
+CVE-2016-0147
 	NOT-FOR-US: Microsoft XML Core Services
 CVE-2016-0146
 	REJECTED
-CVE-2016-0145 (The font library in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+CVE-2016-0145
 	NOT-FOR-US: Microsoft Windows
 CVE-2016-0144
 	REJECTED
-CVE-2016-0143 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0143
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0142 (Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows ...)
+CVE-2016-0142
 	NOT-FOR-US: Microsoft
-CVE-2016-0141 (The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 ...)
+CVE-2016-0141
 	NOT-FOR-US: Microsoft
-CVE-2016-0140 (Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services ...)
+CVE-2016-0140
 	NOT-FOR-US: Microsoft
-CVE-2016-0139 (Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow ...)
+CVE-2016-0139
 	NOT-FOR-US: Microsoft Excel
-CVE-2016-0138 (Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 ...)
+CVE-2016-0138
 	NOT-FOR-US: Microsoft
-CVE-2016-0137 (The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and ...)
+CVE-2016-0137
 	NOT-FOR-US: Microsoft
-CVE-2016-0136 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack ...)
+CVE-2016-0136
 	NOT-FOR-US: Microsoft Excel
-CVE-2016-0135 (The Secondary Logon Service in Microsoft Windows 10 Gold and 1511 ...)
+CVE-2016-0135
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0134 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0134
 	NOT-FOR-US: Microsoft
-CVE-2016-0133 (The USB Mass Storage Class driver in Microsoft Windows Vista SP2, ...)
+CVE-2016-0133
 	NOT-FOR-US: Microsoft
-CVE-2016-0132 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and ...)
+CVE-2016-0132
 	NOT-FOR-US: Microsoft
 CVE-2016-0131
 	REJECTED
-CVE-2016-0130 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0130
 	NOT-FOR-US: Microsoft
-CVE-2016-0129 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0129
 	NOT-FOR-US: Microsoft
-CVE-2016-0128 (The SAM and LSAD protocol implementations in Microsoft Windows Vista ...)
+CVE-2016-0128
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0127 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0127
 	NOT-FOR-US: Microsoft Word
-CVE-2016-0126 (Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote ...)
+CVE-2016-0126
 	NOT-FOR-US: Microsoft
-CVE-2016-0125 (Microsoft Edge mishandles the Referer policy, which allows remote ...)
+CVE-2016-0125
 	NOT-FOR-US: Microsoft
-CVE-2016-0124 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0124
 	NOT-FOR-US: Microsoft
-CVE-2016-0123 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0123
 	NOT-FOR-US: Microsoft
-CVE-2016-0122 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-0122
 	NOT-FOR-US: Microsoft
-CVE-2016-0121 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-0121
 	NOT-FOR-US: Microsoft
-CVE-2016-0120 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-0120
 	NOT-FOR-US: Microsoft
 CVE-2016-0119
 	REJECTED
-CVE-2016-0118 (The PDF library in Microsoft Windows 10 Gold and 1511 allows remote ...)
+CVE-2016-0118
 	NOT-FOR-US: Microsoft
-CVE-2016-0117 (The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
+CVE-2016-0117
 	NOT-FOR-US: Microsoft
-CVE-2016-0116 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0116
 	NOT-FOR-US: Microsoft
 CVE-2016-0115
 	REJECTED
-CVE-2016-0114 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2016-0114
 	NOT-FOR-US: Microsoft
-CVE-2016-0113 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0113
 	NOT-FOR-US: Microsoft
-CVE-2016-0112 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0112
 	NOT-FOR-US: Microsoft
-CVE-2016-0111 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-0111
 	NOT-FOR-US: Microsoft
-CVE-2016-0110 (Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow ...)
+CVE-2016-0110
 	NOT-FOR-US: Microsoft
-CVE-2016-0109 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-0109
 	NOT-FOR-US: Microsoft
-CVE-2016-0108 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2016-0108
 	NOT-FOR-US: Microsoft
-CVE-2016-0107 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0107
 	NOT-FOR-US: Microsoft
-CVE-2016-0106 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2016-0106
 	NOT-FOR-US: Microsoft
-CVE-2016-0105 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-0105
 	NOT-FOR-US: Microsoft
-CVE-2016-0104 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2016-0104
 	NOT-FOR-US: Microsoft
-CVE-2016-0103 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+CVE-2016-0103
 	NOT-FOR-US: Microsoft
-CVE-2016-0102 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-0102
 	NOT-FOR-US: Microsoft
-CVE-2016-0101 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, ...)
+CVE-2016-0101
 	NOT-FOR-US: Microsoft
-CVE-2016-0100 (Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library ...)
+CVE-2016-0100
 	NOT-FOR-US: Microsoft
-CVE-2016-0099 (The Secondary Logon Service in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-0099
 	NOT-FOR-US: Microsoft
-CVE-2016-0098 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, ...)
+CVE-2016-0098
 	NOT-FOR-US: Microsoft
 CVE-2016-0097
 	REJECTED
-CVE-2016-0096 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0096
 	NOT-FOR-US: Microsoft
-CVE-2016-0095 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0095
 	NOT-FOR-US: Microsoft
-CVE-2016-0094 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0094
 	NOT-FOR-US: Microsoft
-CVE-2016-0093 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0093
 	NOT-FOR-US: Microsoft
-CVE-2016-0092 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+CVE-2016-0092
 	NOT-FOR-US: Microsoft
-CVE-2016-0091 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+CVE-2016-0091
 	NOT-FOR-US: Microsoft
-CVE-2016-0090 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows ...)
+CVE-2016-0090
 	NOT-FOR-US: Microsoft
-CVE-2016-0089 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and ...)
+CVE-2016-0089
 	NOT-FOR-US: Microsoft
-CVE-2016-0088 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and ...)
+CVE-2016-0088
 	NOT-FOR-US: Microsoft
-CVE-2016-0087 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and ...)
+CVE-2016-0087
 	NOT-FOR-US: Microsoft
 CVE-2016-0086
 	REJECTED
 CVE-2016-0085
 	REJECTED
-CVE-2016-0084 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+CVE-2016-0084
 	NOT-FOR-US: Microsoft
 CVE-2016-0083
 	REJECTED
@@ -31876,174 +31876,174 @@ CVE-2016-0082
 	REJECTED
 CVE-2016-0081
 	REJECTED
-CVE-2016-0080 (Microsoft Edge mishandles exceptions during window-message dispatch ...)
+CVE-2016-0080
 	NOT-FOR-US: Microsoft
-CVE-2016-0079 (The kernel in Microsoft Windows 10 Gold, 1511, and 1607 allows local ...)
+CVE-2016-0079
 	NOT-FOR-US: Microsoft
 CVE-2016-0078
 	REJECTED
-CVE-2016-0077 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse ...)
+CVE-2016-0077
 	NOT-FOR-US: Microsoft
 CVE-2016-0076
 	REJECTED
-CVE-2016-0075 (The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2016-0075
 	NOT-FOR-US: Microsoft
 CVE-2016-0074
 	REJECTED
-CVE-2016-0073 (The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2016-0073
 	NOT-FOR-US: Microsoft
-CVE-2016-0072 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0072
 	NOT-FOR-US: Microsoft
-CVE-2016-0071 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+CVE-2016-0071
 	NOT-FOR-US: Microsoft
-CVE-2016-0070 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-0070
 	NOT-FOR-US: Microsoft
-CVE-2016-0069 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0069
 	NOT-FOR-US: Microsoft
-CVE-2016-0068 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0068
 	NOT-FOR-US: Microsoft
-CVE-2016-0067 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0067
 	NOT-FOR-US: Microsoft
 CVE-2016-0066
 	REJECTED
 CVE-2016-0065
 	REJECTED
-CVE-2016-0064 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+CVE-2016-0064
 	NOT-FOR-US: Microsoft
-CVE-2016-0063 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0063
 	NOT-FOR-US: Microsoft
-CVE-2016-0062 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2016-0062
 	NOT-FOR-US: Microsoft
-CVE-2016-0061 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-0061
 	NOT-FOR-US: Microsoft
-CVE-2016-0060 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+CVE-2016-0060
 	NOT-FOR-US: Microsoft
-CVE-2016-0059 (The Hyperlink Object Library in Microsoft Internet Explorer 9 through ...)
+CVE-2016-0059
 	NOT-FOR-US: Microsoft
-CVE-2016-0058 (Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows ...)
+CVE-2016-0058
 	NOT-FOR-US: Microsoft
-CVE-2016-0057 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not ...)
+CVE-2016-0057
 	NOT-FOR-US: Microsoft
-CVE-2016-0056 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0056
 	NOT-FOR-US: Microsoft
-CVE-2016-0055 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
+CVE-2016-0055
 	NOT-FOR-US: Microsoft
-CVE-2016-0054 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-0054
 	NOT-FOR-US: Microsoft
-CVE-2016-0053 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0053
 	NOT-FOR-US: Microsoft
-CVE-2016-0052 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0052
 	NOT-FOR-US: Microsoft
-CVE-2016-0051 (The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2016-0051
 	NOT-FOR-US: Microsoft
-CVE-2016-0050 (Network Policy Server (NPS) in Microsoft Windows Server 2008 SP2 and ...)
+CVE-2016-0050
 	NOT-FOR-US: Microsoft
-CVE-2016-0049 (Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-0049
 	NOT-FOR-US: Microsoft
-CVE-2016-0048 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+CVE-2016-0048
 	NOT-FOR-US: Microsoft
-CVE-2016-0047 (WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, ...)
+CVE-2016-0047
 	NOT-FOR-US: Microsoft
-CVE-2016-0046 (Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
+CVE-2016-0046
 	NOT-FOR-US: Microsoft
 CVE-2016-0045
 	REJECTED
-CVE-2016-0044 (Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and ...)
+CVE-2016-0044
 	NOT-FOR-US: Microsoft
 CVE-2016-0043
 	REJECTED
-CVE-2016-0042 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-0042
 	NOT-FOR-US: Microsoft
-CVE-2016-0041 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-0041
 	NOT-FOR-US: Microsoft
-CVE-2016-0040 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-0040
 	NOT-FOR-US: Microsoft
-CVE-2016-0039 (Cross-site scripting (XSS) vulnerability in SharePoint Server in ...)
+CVE-2016-0039
 	NOT-FOR-US: Microsoft
-CVE-2016-0038 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+CVE-2016-0038
 	NOT-FOR-US: Microsoft
-CVE-2016-0037 (The forms-based authentication implementation in Active Directory ...)
+CVE-2016-0037
 	NOT-FOR-US: Microsoft
-CVE-2016-0036 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2016-0036
 	NOT-FOR-US: Microsoft
-CVE-2016-0035 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+CVE-2016-0035
 	NOT-FOR-US: Microsoft
-CVE-2016-0034 (Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets ...)
+CVE-2016-0034
 	NOT-FOR-US: Microsoft
-CVE-2016-0033 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 ...)
+CVE-2016-0033
 	NOT-FOR-US: Microsoft
-CVE-2016-0032 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2016-0032
 	NOT-FOR-US: Microsoft
-CVE-2016-0031 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2016-0031
 	NOT-FOR-US: Microsoft
-CVE-2016-0030 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2016-0030
 	NOT-FOR-US: Microsoft
-CVE-2016-0029 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
+CVE-2016-0029
 	NOT-FOR-US: Microsoft
-CVE-2016-0028 (Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, ...)
+CVE-2016-0028
 	NOT-FOR-US: Microsoft
 CVE-2016-0027
 	REJECTED
-CVE-2016-0026 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+CVE-2016-0026
 	NOT-FOR-US: Microsoft
-CVE-2016-0025 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0025
 	NOT-FOR-US: Microsoft
-CVE-2016-0024 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+CVE-2016-0024
 	NOT-FOR-US: Microsoft
 CVE-2016-0023
 	REJECTED
-CVE-2016-0022 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+CVE-2016-0022
 	NOT-FOR-US: Microsoft
-CVE-2016-0021 (Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote ...)
+CVE-2016-0021
 	NOT-FOR-US: Microsoft
-CVE-2016-0020 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and ...)
+CVE-2016-0020
 	NOT-FOR-US: Microsoft
-CVE-2016-0019 (The Remote Desktop Protocol (RDP) service implementation in Microsoft ...)
+CVE-2016-0019
 	NOT-FOR-US: Microsoft
-CVE-2016-0018 (Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 ...)
+CVE-2016-0018
 	NOT-FOR-US: Microsoft
 CVE-2016-0017
 	REJECTED
-CVE-2016-0016 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-0016
 	NOT-FOR-US: Microsoft
-CVE-2016-0015 (DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2016-0015
 	NOT-FOR-US: Microsoft
-CVE-2016-0014 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-0014
 	NOT-FOR-US: Microsoft
 CVE-2016-0013
 	REJECTED
-CVE-2016-0012 (Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio ...)
+CVE-2016-0012
 	NOT-FOR-US: Microsoft
-CVE-2016-0011 (Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 ...)
+CVE-2016-0011
 	NOT-FOR-US: Microsoft
-CVE-2016-0010 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+CVE-2016-0010
 	NOT-FOR-US: Microsoft
-CVE-2016-0009 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2016-0009
 	NOT-FOR-US: Microsoft
-CVE-2016-0008 (The graphics device interface in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-0008
 	NOT-FOR-US: Microsoft
-CVE-2016-0007 (The sandbox implementation in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-0007
 	NOT-FOR-US: Microsoft
-CVE-2016-0006 (The sandbox implementation in Microsoft Windows Vista SP2, Windows ...)
+CVE-2016-0006
 	NOT-FOR-US: Microsoft
-CVE-2016-0005 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+CVE-2016-0005
 	NOT-FOR-US: Microsoft
 CVE-2016-0004
 	REJECTED
-CVE-2016-0003 (Microsoft Edge allows remote attackers to execute arbitrary code via ...)
+CVE-2016-0003
 	NOT-FOR-US: Microsoft
-CVE-2016-0002 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
+CVE-2016-0002
 	NOT-FOR-US: Microsoft
 CVE-2016-0001
 	REJECTED
-CVE-2016-1000033 (Shotwell version 0.22.0 (and possibly other versions) is vulnerable to ...)
+CVE-2016-1000033
 	- shotwell 0.22.0-3 (low; bug #807110)
 	[jessie] - shotwell <no-dsa> (Minor issue)
 	[wheezy] - shotwell <no-dsa> (Minor issue)
 	[squeeze] - shotwell <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/04/4
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=754488
-CVE-2016-4353 (ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder ...)
+CVE-2016-4353
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32051,7 +32051,7 @@ CVE-2016-4353 (ber-decoder.c in Libksba before 1.3.3 does not properly handle de
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a
-CVE-2016-4355 (Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 ...)
+CVE-2016-4355
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32059,7 +32059,7 @@ CVE-2016-4355 (Multiple integer overflows in ber-decoder.c in Libksba before 1.3
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887
-CVE-2016-4354 (ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data ...)
+CVE-2016-4354
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32067,7 +32067,7 @@ CVE-2016-4354 (ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer d
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887
-CVE-2016-4356 (The append_utf8_value function in the DN decoder (dn.c) in Libksba ...)
+CVE-2016-4356
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32075,16 +32075,16 @@ CVE-2016-4356 (The append_utf8_value function in the DN decoder (dn.c) in Libksb
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
-CVE-2016-9675 (openjpeg: A heap-based buffer overflow flaw was found in the patch for ...)
+CVE-2016-9675
 	- openjpeg 1.5.2-1
 	[wheezy] - openjpeg 1.3+dfsg-4.8
 	[squeeze] - openjpeg 1.3+dfsg-4+squeeze3
 	NOTE: Introduced as well a regression, cf. https://bugs.debian.org/734238
-CVE-2016-2847 (fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of ...)
+CVE-2016-2847
 	{DSA-3503-1}
 	- linux 4.3.5-1
 	NOTE: https://git.kernel.org/linus/759c01142a5d0f364a462346168a56de28a80f52 (v4.5-rc1)
-CVE-2016-2856 (pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; ...)
+CVE-2016-2856
 	- eglibc <removed>
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 235be7f66f..ffb6fc65d5 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -2,70 +2,70 @@ CVE-2017-18363
 	RESERVED
 CVE-2017-1000000
 	REJECTED
-CVE-2017-18362 (ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is ...)
+CVE-2017-18362
 	NOT-FOR-US: ConnectWise ManagedITSync
-CVE-2017-18361 (In Pylons Colander through 1.6, the URL validator allows an attacker to ...)
+CVE-2017-18361
 	- python-colander <removed>
 	[stretch] - python-colander <no-dsa> (Minor issue)
 	[jessie] - python-colander <no-dsa> (Minor issue)
 	NOTE: https://github.com/Pylons/colander/issues/290
 	NOTE: https://github.com/Pylons/colander/pull/323
-CVE-2017-18360 (In change_port_settings in drivers/usb/serial/io_ti.c in the Linux ...)
+CVE-2017-18360
 	- linux 4.9.30-1
 	[jessie] - linux 3.16.48-1
 	NOTE: Fixed by: https://git.kernel.org/linus/6aeb75e6adfaed16e58780309613a578fe1ee90b
-CVE-2017-18359 (PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote ...)
+CVE-2017-18359
 	{DLA-1653-1}
 	- postgis 2.3.3+dfsg-1 (low)
 	[stretch] - postgis <no-dsa> (Minor issue)
 	NOTE: https://trac.osgeo.org/postgis/ticket/3704
 	NOTE: https://trac.osgeo.org/postgis/changeset/15444
 	NOTE: https://trac.osgeo.org/postgis/changeset/15445
-CVE-2017-18358 (LimeSurvey before 2.72.4 has Stored XSS by using the Continue Later ...)
+CVE-2017-18358
 	- limesurvey <itp> (bug #472802)
-CVE-2017-18357 (Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort ...)
+CVE-2017-18357
 	NOT-FOR-US: Shopware
-CVE-2017-18356 (In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an ...)
+CVE-2017-18356
 	NOT-FOR-US: Automattic WooCommerce plugin for WordPress
-CVE-2017-1002157 (modulemd 1.3.1 and earlier uses an unsafe function for processing ...)
+CVE-2017-1002157
 	NOT-FOR-US: modulemd
-CVE-2017-1002152 (Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting ...)
+CVE-2017-1002152
 	NOT-FOR-US: Bodhi
-CVE-2017-18355 (Installed packages are exposed by node_modules in Rendertron 1.0.0, ...)
+CVE-2017-18355
 	NOT-FOR-US: Rendertron
-CVE-2017-18354 (Rendertron 1.0.0 allows for alternative protocols such as 'file://' ...)
+CVE-2017-18354
 	NOT-FOR-US: Rendertron
-CVE-2017-18353 (Rendertron 1.0.0 includes an _ah/stop route to shutdown the Chrome ...)
+CVE-2017-18353
 	NOT-FOR-US: Rendertron
-CVE-2017-18352 (Error reporting within Rendertron 1.0.0 allows reflected Cross Site ...)
+CVE-2017-18352
 	NOT-FOR-US: Rendertron
 CVE-2017-18351
 	RESERVED
 CVE-2017-18350
 	RESERVED
-CVE-2017-18349 (parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in ...)
+CVE-2017-18349
 	NOT-FOR-US: FastjsonEngine
-CVE-2017-18348 (Splunk Enterprise 6.6.x, when configured to run as root but drop ...)
+CVE-2017-18348
 	NOT-FOR-US: Splunk
-CVE-2017-18347 (Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 ...)
+CVE-2017-18347
 	NOT-FOR-US: STMicroelectronics STM32F0 series devices
-CVE-2017-1000600 (WordPress version &lt;4.9 contains a CWE-20 Input Validation ...)
+CVE-2017-1000600
 	- wordpress <undetermined>
 CVE-2017-18346
 	RESERVED
-CVE-2017-18345 (The Joomanager component through 2.0.0 for Joomla! has an arbitrary ...)
+CVE-2017-18345
 	NOT-FOR-US: Joomla addon
-CVE-2017-18344 (The timer_create syscall implementation in kernel/time/posix-timers.c ...)
+CVE-2017-18344
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	[jessie] - linux 3.16.56-1
 	NOTE: Fixed by: https://git.kernel.org/linus/cef31d9af908243421258f1df35a4a644604efbe
-CVE-2017-18343 (** DISPUTED ** The debug handler in Symfony before v2.7.33, 2.8.x ...)
+CVE-2017-18343
 	- symfony 3.4.0+dfsg-1 (unimportant)
 	NOTE: https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c
 	NOTE: https://github.com/symfony/symfony/issues/27987
 	NOTE: https://github.com/symfony/symfony/pull/23684
-CVE-2017-18342 (In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. ...)
+CVE-2017-18342
 	- pyyaml <unfixed> (unimportant; bug #902878)
 	NOTE: This is a well-known design deficiency in pyyaml, various CVE IDs have been assigned
 	NOTE: to applications misusing the API over the years. The CVE ID was assigned to raise
@@ -89,115 +89,115 @@ CVE-2017-18334
 	RESERVED
 CVE-2017-18333
 	RESERVED
-CVE-2017-18332 (Security keys are logged when any WCDMA call is configured or ...)
+CVE-2017-18332
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18331 (Improper access control on secure display buffers in snapdragon ...)
+CVE-2017-18331
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18330 (Buffer overflow in AES-CCM and AES-GCM encryption via initialization ...)
+CVE-2017-18330
 	NOT-FOR-US: snapdragon
-CVE-2017-18329 (Possible Buffer overflow when transmitting an RTP packet in snapdragon ...)
+CVE-2017-18329
 	NOT-FOR-US: snapdragon
-CVE-2017-18328 (Use after free in QSH client rule processing in snapdragon mobile and ...)
+CVE-2017-18328
 	NOT-FOR-US: snapdragon
-CVE-2017-18327 (Security keys are logged when any WCDMA call is configured or ...)
+CVE-2017-18327
 	NOT-FOR-US: snapdragon
-CVE-2017-18326 (Cryptographic keys are printed in modem debug messages in snapdragon ...)
+CVE-2017-18326
 	NOT-FOR-US: snapdragon
 CVE-2017-18325
 	RESERVED
-CVE-2017-18324 (Cryptographic key material leaked in debug messages - GERAN in ...)
+CVE-2017-18324
 	NOT-FOR-US: snapdragon
-CVE-2017-18323 (Cryptographic key material leaked in TDSCDMA RRC debug messages in ...)
+CVE-2017-18323
 	NOT-FOR-US: snapdragon
-CVE-2017-18322 (Cryptographic key material leaked in WCDMA debug messages in ...)
+CVE-2017-18322
 	NOT-FOR-US: snapdragon
-CVE-2017-18321 (Security keys used by the terminal and NW for a session could be ...)
+CVE-2017-18321
 	NOT-FOR-US: snapdragon
-CVE-2017-18320 (QSEE unload attempt on a 3rd party TEE without previously loading ...)
+CVE-2017-18320
 	NOT-FOR-US: snapdragon
-CVE-2017-18319 (Information leak in UIM API debug messages in snapdragon mobile and ...)
+CVE-2017-18319
 	NOT-FOR-US: snapdragon
-CVE-2017-18318 (Missing validation check on CRL issuer name in Snapdragon Automobile, ...)
+CVE-2017-18318
 	NOT-FOR-US: Snapdragon
-CVE-2017-18317 (Restrictions related to the modem (sim lock, sim kill) can be bypassed ...)
+CVE-2017-18317
 	NOT-FOR-US: Snapdragon
-CVE-2017-18316 (Secure application can access QSEE kernel memory through Ontario ...)
+CVE-2017-18316
 	NOT-FOR-US: Snapdragon
-CVE-2017-18315 (Buffer over-read vulnerabilities in an older version of ASN.1 parser ...)
+CVE-2017-18315
 	NOT-FOR-US: Snapdragon
-CVE-2017-18314 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2017-18314
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18313 (Under certain mode of operations, HLOS may be able get direct or ...)
+CVE-2017-18313
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18312 (While accessing SafeSwitch services, third party can manipulate a ...)
+CVE-2017-18312
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18311 (XPU Master privilege escalation is possible due to improper access ...)
+CVE-2017-18311
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18310 (ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, ...)
+CVE-2017-18310
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18309 (A micro-core of QMP transportation may cause a macro-core to read from ...)
+CVE-2017-18309
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18308 (Modem segments are unlocked after authentication, leaving modem ...)
+CVE-2017-18308
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18307
 	RESERVED
 CVE-2017-18306
 	RESERVED
-CVE-2017-18305 (XBL sec mem dump system call allows complete control of EL3 by ...)
+CVE-2017-18305
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18304 (Insufficient memory allocation in boot due to incorrect size being ...)
+CVE-2017-18304
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18303 (While processing the sensors registry configuration file, if inputs ...)
+CVE-2017-18303
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18302 (In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD ...)
+CVE-2017-18302
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18301 (In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version ...)
+CVE-2017-18301
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18300 (Secure display content could be accessed by third party trusted ...)
+CVE-2017-18300
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18299 (Improper translation table consolidation logic leads to resource ...)
+CVE-2017-18299
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18298 (Lack of Input Validation in SDMX API can lead to NULL pointer access ...)
+CVE-2017-18298
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18297 (Double memory free while closing TEE SE API Session management in ...)
+CVE-2017-18297
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18296 (Access control on applications is not applied while accessing ...)
+CVE-2017-18296
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18295 (Possible buffer overflow if input is not null terminated in DSP ...)
+CVE-2017-18295
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18294 (While reading file class type from ELF header, a buffer overread may ...)
+CVE-2017-18294
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18293 (When a particular GPIO is protected by blocking access to the ...)
+CVE-2017-18293
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18292 (Secure app running in non secure space can restart TZ by calling ...)
+CVE-2017-18292
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18291 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...)
+CVE-2017-18291
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18290 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...)
+CVE-2017-18290
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18289 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ...)
+CVE-2017-18289
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18288 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...)
+CVE-2017-18288
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18287 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...)
+CVE-2017-18287
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18286 (nZEDb v0.7.3.3 has XSS in the 404 error page. ...)
+CVE-2017-18286
 	NOT-FOR-US: nZEDb
-CVE-2017-18285 (The Gentoo app-backup/burp package before 2.1.32 has incorrect group ...)
+CVE-2017-18285
 	- burp <not-affected> (/etc/burp is owned by root:root in Debian)
-CVE-2017-18284 (The Gentoo app-backup/burp package before 2.1.32 sets the ownership of ...)
+CVE-2017-18284
 	- burp <not-affected> (Debian package uses /var/run for the PID file)
-CVE-2017-0921 (GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and ...)
+CVE-2017-0921
 	[experimental] - gitlab 10.7.5+dfsg-1
 	- gitlab 10.7.7+dfsg-2 (bug #900522)
 	NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/
-CVE-2017-18283 (Possible memory corruption when Read Val Blob Req is received with ...)
+CVE-2017-18283
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18282 (Non-secure SW can cause SDCC to generate secure bus accesses, which ...)
+CVE-2017-18282
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18281 (A bool variable in Video function, which gets typecasted to int before ...)
+CVE-2017-18281
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18280 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, ...)
+CVE-2017-18280
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18279
 	RESERVED
@@ -205,7 +205,7 @@ CVE-2017-18279
 CVE-2017-18278
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18277 (When dynamic memory allocation fails, currently the process sleeps for ...)
+CVE-2017-18277
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18276
 	RESERVED
@@ -216,43 +216,43 @@ CVE-2017-18275
 CVE-2017-18274
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18273 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop ...)
+CVE-2017-18273
 	{DLA-1381-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/910
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8fcb59e9e1d1189caf2e0f5e39346944dcd6b9d
-CVE-2017-18272 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a ...)
+CVE-2017-18272
 	- imagemagick 8:6.9.9.34+dfsg-3
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/918
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/93d029b70ac766ce0b5d7261a2dd334535f48038
-CVE-2017-18271 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop ...)
+CVE-2017-18271
 	{DLA-1381-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/911
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7523250e2664028aa1d8f02d2d7ae49c769a851e
-CVE-2017-18269 (An SSE2-optimized memmove implementation for i386 in ...)
+CVE-2017-18269
 	- glibc 2.27-3
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <not-affected> (Vulnerable code not present)
 	- eglibc <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22644
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada
-CVE-2017-18270 (In the Linux kernel before 4.13.5, a local user could create keyrings ...)
+CVE-2017-18270
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.56-1
 	[wheezy] - linux 3.2.101-1
 	NOTE: Fixed by: https://git.kernel.org/linus/237bbd29f7a049d310d907f4b2716a7feef9abf3 (4.14-rc3)
-CVE-2017-18268 (Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the ...)
+CVE-2017-18268
 	NOT-FOR-US: Symantec
-CVE-2017-18267 (The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler ...)
+CVE-2017-18267
 	{DLA-1562-1}
 	[experimental] - poppler 0.65.0-1
 	- poppler 0.69.0-2 (bug #898357)
@@ -261,46 +261,46 @@ CVE-2017-18267 (The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppl
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=104942
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103238
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=60b4fe65bc9dc9b82bbadf0be2e3781be796a13d
-CVE-2017-18266 (The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not ...)
+CVE-2017-18266
 	{DSA-4211-1 DLA-1384-1}
 	- xdg-utils 1.1.3-1 (bug #898317)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103807
 	NOTE: Upstream bug discussed possible other approach to fix the issue.
 	NOTE: Fixed by: https://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=ce802d71c3466d1dbb24f2fe9b6db82a1f899bcb
-CVE-2017-18265 (Prosody before 0.10.0 allows remote attackers to cause a denial of ...)
+CVE-2017-18265
 	{DSA-4198-1}
 	- prosody 0.10.0-1 (bug #875829)
 	[jessie] - prosody <not-affected> (Only exploitable with a LuaSocket version not in jessie)
 	[wheezy] - prosody <not-affected> (Vulnerable code not present)
 	NOTE: https://prosody.im/issues/issue/987
-CVE-2017-18264 (An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 ...)
+CVE-2017-18264
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.6-2
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-8/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/7232271a379396ca1d4b083af051262057003c41 (4.7-branch)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/b6ca92cc75c8a16001425be7881e73430bcc35b8 (4.0-branch)
 	NOTE: If the issue is triggerable depends as well on the used PHP version.
-CVE-2017-18263 (Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has ...)
+CVE-2017-18263
 	NOT-FOR-US: Seagate
-CVE-2017-18262 (Blackboard Learn (Since at least 17th of October 2017) has allowed ...)
+CVE-2017-18262
 	NOT-FOR-US: Blackboard Learn
-CVE-2017-18261 (The arch_timer_reg_read_stable macro in ...)
+CVE-2017-18261
 	- linux 4.13.4-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/adb4f11e0a8f4e29900adb2b7af28b6bbd5c1fa4 (4.13-rc6)
-CVE-2017-18260 (Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities ...)
+CVE-2017-18260
 	- dolibarr <removed>
-CVE-2017-18259 (Dolibarr ERP/CRM is affected by stored Cross-Site Scripting (XSS) in ...)
+CVE-2017-18259
 	- dolibarr <removed>
-CVE-2017-18257 (The __get_data_block function in fs/f2fs/data.c in the Linux kernel ...)
+CVE-2017-18257
 	{DSA-4188-1}
 	- linux 4.11.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b86e33075ed1909d8002745b56ecf73b833db143
-CVE-2017-18258 (The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote ...)
+CVE-2017-18258
 	{DLA-1524-1}
 	- libxml2 <unfixed> (bug #895245)
 	[stretch] - libxml2 <postponed> (Minor issue; wait for upstream fix for upstream bug 794914)
@@ -309,23 +309,23 @@ CVE-2017-18258 (The xz_head function in xzlib.c in libxml2 before 2.9.6 allows r
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb
 	NOTE: When fixing this issue make sure to not open CVE-2018-9251 and apply
 	NOTE: the fix for CVE-2018-9251 / https://bugzilla.gnome.org/show_bug.cgi?id=794914
-CVE-2017-18256 (Brave Browser before 0.13.0 allows remote attackers to cause a denial ...)
+CVE-2017-18256
 	- brave-browser <itp> (bug #864795)
-CVE-2017-18255 (The perf_cpu_time_max_percent_handler function in kernel/events/core.c ...)
+CVE-2017-18255
 	{DLA-1423-1}
 	- linux 4.11.6-1 (unimportant)
 	[stretch] - linux 4.9.107-1
 	NOTE: https://git.kernel.org/linus/1572e45a924f254d9570093abde46430c3172e3d
-CVE-2017-18254 (An issue was discovered in ImageMagick 7.0.7. A memory leak ...)
+CVE-2017-18254
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/24d5699753170c141b46816284430516c2d48fed
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/53ea13989003cdb4955024f95b4a0158a2e871c6
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/808
-CVE-2017-18253 (An issue was discovered in ImageMagick 7.0.7. A NULL pointer ...)
+CVE-2017-18253
 	- imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/794
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/de5deab202c340162b65f65bafbbe17b1eda2c1a
-CVE-2017-18252 (An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList ...)
+CVE-2017-18252
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -333,182 +333,182 @@ CVE-2017-18252 (An issue was discovered in ImageMagick 7.0.7. The MogrifyImageLi
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/802
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/12f34b60564de1cbec08e23e2413dab5b64daeb7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb04ccb34fd45e9c3020786857fb79b09f44d7db
-CVE-2017-18251 (An issue was discovered in ImageMagick 7.0.7. A memory leak ...)
+CVE-2017-18251
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/809
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/12a43437fec6f9245327636dc2730863bb9fdd8b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/99718b41102f26f802311045e882aa947ef2941b
-CVE-2017-18250 (An issue was discovered in ImageMagick 7.0.7. A NULL pointer ...)
+CVE-2017-18250
 	- imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/793
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2f368e74a51ec7541b6595af712d17d6d1376534
-CVE-2017-18249 (The add_free_nid function in fs/f2fs/node.c in the Linux kernel before ...)
+CVE-2017-18249
 	{DLA-1715-1}
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.144-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/30a61ddf8117c26ac5b295e1233eaa9629a94ca3
-CVE-2017-18248 (The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when ...)
+CVE-2017-18248
 	{DLA-1412-1 DLA-1387-1}
 	- cups 2.2.6-1
 	[stretch] - cups 2.2.1-8+deb9u3
 	NOTE: https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3
 	NOTE: https://github.com/apple/cups/issues/5143
-CVE-2017-18247 (The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 ...)
+CVE-2017-18247
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1089
-CVE-2017-18246 (The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows ...)
+CVE-2017-18246
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1095
-CVE-2017-18245 (The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows ...)
+CVE-2017-18245
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1094
-CVE-2017-18244 (The stereo_processing function in libavcodec/aacps.c in Libav 12.2 ...)
+CVE-2017-18244
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1105
-CVE-2017-18243 (The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav ...)
+CVE-2017-18243
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1088
-CVE-2017-18242 (The apply_dependent_coupling function in libavcodec/aacdec.c in Libav ...)
+CVE-2017-18242
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1093
-CVE-2017-18241 (fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to ...)
+CVE-2017-18241
 	{DSA-4188-1 DSA-4187-1}
 	- linux 4.13.4-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/d4fdf8ba0e5808ba9ad6b44337783bd9935e0982
-CVE-2017-18240 (The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...)
+CVE-2017-18240
 	TODO: check
-CVE-2017-18239 (A time-sensitive equality check on the JWT signature in the ...)
+CVE-2017-18239
 	NOT-FOR-US: authentikat-jwt
-CVE-2017-18238 (An issue was discovered in Exempi before 2.4.4. The ...)
+CVE-2017-18238
 	{DLA-1310-1}
 	- exempi 2.4.4-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102483
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=886cd1d2314755adb1f4cdb99c16ff00830f0331
-CVE-2017-18237 (An issue was discovered in Exempi before 2.4.3. The ...)
+CVE-2017-18237
 	- exempi 2.4.3-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101914
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=f19d0107fbae1fb41836cd110d4425e407e64048
-CVE-2017-18236 (An issue was discovered in Exempi before 2.4.4. The ...)
+CVE-2017-18236
 	{DLA-1310-1}
 	- exempi 2.4.4-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102484
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806
-CVE-2017-18235 (An issue was discovered in Exempi before 2.4.3. The VPXChunk class in ...)
+CVE-2017-18235
 	- exempi 2.4.3-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101913
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=9e76a7782a54a242f18d609e7ba32bf1c430a5e4
-CVE-2017-18234 (An issue was discovered in Exempi before 2.4.3. It allows remote ...)
+CVE-2017-18234
 	{DLA-1310-1}
 	- exempi 2.4.3-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100397
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=c26d5beb60a5a85f76259f50ed3e08c8169b0a0c
-CVE-2017-18233 (An issue was discovered in Exempi before 2.4.4. Integer overflow in the ...)
+CVE-2017-18233
 	{DLA-1310-1}
 	- exempi 2.4.4-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102151
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=65a8492832b7335ffabd01f5f64d89dec757c260
-CVE-2017-18232 (The Serial Attached SCSI (SAS) implementation in the Linux kernel ...)
+CVE-2017-18232
 	{DSA-4187-1}
 	- linux 4.15.17-1
 	[wheezy] - linux <not-affected> (Vulnerability introduced later)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/0558f33c06bb910e2879e355192227a8e8f0219d
-CVE-2017-18231 (An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer ...)
+CVE-2017-18231
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ea074081678b
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/475/
-CVE-2017-18230 (An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer ...)
+CVE-2017-18230
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/53a4d841e90f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/473/
-CVE-2017-18229 (An issue was discovered in GraphicsMagick 1.3.26. An allocation failure ...)
+CVE-2017-18229
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/752c0b41fa32
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/461/
-CVE-2017-18228 (Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey ...)
+CVE-2017-18228
 	NOT-FOR-US: Remedy Mid Tier in BMC Remedy AR System
-CVE-2017-18227 (TitanHQ WebTitan Gateway has incorrect certificate validation for the ...)
+CVE-2017-18227
 	NOT-FOR-US: TitanHQ WebTitan Gateway
-CVE-2017-18226 (The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of ...)
+CVE-2017-18226
 	- jabberd2 <unfixed> (low; bug #902783)
 	[buster] - jabberd2 <no-dsa> (Minor issue, default init system not affected)
 	[stretch] - jabberd2 <no-dsa> (Minor issue, default init system not affected)
 	NOTE: https://bugs.gentoo.org/631068
-CVE-2017-18225 (The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, ...)
+CVE-2017-18225
 	- jabberd2 <not-affected> (Installed with correct permissions in Debian)
 	NOTE: https://bugs.gentoo.org/629412
-CVE-2017-18224 (In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a ...)
+CVE-2017-18224
 	{DSA-4188-1}
 	- linux 4.15.4-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/3e4c56d41eef5595035872a2ec5a483f42e8917f
-CVE-2017-18223 (BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is ...)
+CVE-2017-18223
 	NOT-FOR-US: BMC Remedy AR System
-CVE-2017-18222 (In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does ...)
+CVE-2017-18222
 	{DSA-4188-1}
 	- linux 4.15.17-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-18221 (The __munlock_pagevec function in mm/mlock.c in the Linux kernel before ...)
+CVE-2017-18221
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.48-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduce later)
-CVE-2017-18220 (The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...)
+CVE-2017-18220
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.26-8
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/98721124e51f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/438/
 	NOTE: Issue is related to CVE-2017-11403 but not the same issue.
-CVE-2017-18219 (An issue was discovered in GraphicsMagick 1.3.26. An allocation failure ...)
+CVE-2017-18219
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/cadd4b0522fa
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/459/
-CVE-2017-18218 (In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel ...)
+CVE-2017-18218
 	{DSA-4188-1}
 	- linux 4.13.4-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/27463ad99f738ed93c7c8b3e2e5bc8c4853a2ff2
-CVE-2017-18217 (An issue was discovered in InvoicePlane before 1.5.5. It was observed ...)
+CVE-2017-18217
 	NOT-FOR-US: InvoicePlane
-CVE-2017-18216 (In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, ...)
+CVE-2017-18216
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.4-1
 	NOTE: Fixed by: https://git.kernel.org/linus/853bc26a7ea39e354b9f8889ae7ad1492ffa28d2
-CVE-2017-18215 (xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when ...)
+CVE-2017-18215
 	- xv <removed>
-CVE-2017-18213 (In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate ...)
+CVE-2017-18213
 	NOT-FOR-US: Exponent CMS
-CVE-2017-18214 (The moment module before 2.19.3 for Node.js is prone to a regular ...)
+CVE-2017-18214
 	- node-moment 2.19.3+ds-1 (unimportant)
 	NOTE: fixed in 2.19.3 upstream
 	NOTE: https://github.com/moment/moment/commit/69ed9d44957fa6ab12b73d2ae29d286a857b80eb
@@ -516,9 +516,9 @@ CVE-2017-18214 (The moment module before 2.19.3 for Node.js is prone to a regula
 	NOTE: https://github.com/moment/moment/issues/4163
 	NOTE: https://nodesecurity.io/advisories/532
 	NOTE: nodejs not covered by security support
-CVE-2017-18212 (An issue was discovered in JerryScript 1.0. There is a heap-based ...)
+CVE-2017-18212
 	NOT-FOR-US: JerryScript
-CVE-2017-18211 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was ...)
+CVE-2017-18211
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -526,13 +526,13 @@ CVE-2017-18211 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability w
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/792
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/96c2fab85e1699c87080271254c5a01387805564
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/22eec833cd72b5abab2627fcacc27d2dfb6aa6e7
-CVE-2017-18210 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was ...)
+CVE-2017-18210
 	- imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/791
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d2b87b403059af21db3002db95f4603f32b492ef
 	NOTE: The commit referenced the wrong issue in the upstream issue tracker, but
 	NOTE: as noted in https://github.com/ImageMagick/ImageMagick/issues/791#issuecomment-334050314
-CVE-2017-18209 (In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ...)
+CVE-2017-18209
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -540,146 +540,146 @@ CVE-2017-18209 (In the GetOpenCLCachedFilesDirectory function in magick/opencl.c
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/790
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6ac2858a87df6d645813e43928b4f01a3169ad3f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cca91aa1861818342e3d072bb0fad7dc4ffac24a
-CVE-2017-18208 (The madvise_willneed function in mm/madvise.c in the Linux kernel ...)
+CVE-2017-18208
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux 3.16.57-1
 	[wheezy] - linux <ignored> (Only affects ARM with XIP enabled)
 	NOTE: Fixed by: https://git.kernel.org/linus/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91
-CVE-2017-18207 (** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py ...)
+CVE-2017-18207
 	NOTE: Nonsense report for Python
-CVE-2017-18206 (In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. ...)
+CVE-2017-18206
 	{DLA-1304-1}
 	- zsh 5.4.1-1
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/c7a9cf465dd620ef48d586026944d9bd7a0d5d6d
-CVE-2017-18205 (In builtin.c in zsh before 5.4, when sh compatibility mode is used, ...)
+CVE-2017-18205
 	- zsh 5.4.1-1 (unimportant)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/eb783754bdb74377f3cea4ceca9c23a02ea1bf58
 	NOTE: no security impact
-CVE-2017-18204 (The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel ...)
+CVE-2017-18204
 	- linux 4.14.2-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/28f5a8a7c033cbf3e32277f4cc9c6afd74f05300
-CVE-2017-18203 (The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel ...)
+CVE-2017-18203
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b9a41d21dceadf8104812626ef85dc56ee8a60ed
-CVE-2017-18202 (The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel ...)
+CVE-2017-18202
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/687cb0884a714ff484d038e9190edc874edcf146
-CVE-2017-18201 (An issue was discovered in GNU libcdio before 2.0.0. There is a double ...)
+CVE-2017-18201
 	- libcdio 2.0.0-2 (bug #891638)
 	[stretch] - libcdio <not-affected> (Vulnerable code introduced post 0.92)
 	[jessie] - libcdio <not-affected> (Vulnerable code introduced post 0.92)
 	[wheezy] - libcdio <not-affected> (Vulnerable code introduced post 0.92)
 	NOTE: Fixed by https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=f6f9c48fb40b8a1e8218799724b0b61a7161eb1d
 	NOTE: with https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=dec2f876c2d7162da213429bce1a7140cdbdd734
-CVE-2017-18200 (The f2fs implementation in the Linux kernel before 4.14 mishandles ...)
+CVE-2017-18200
 	- linux <not-affected> (Vulnerable code not present)
-CVE-2017-18199 (realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote ...)
+CVE-2017-18199
 	- libcdio 1.0.0-1 (low)
 	[stretch] - libcdio <no-dsa> (Minor issue)
 	[jessie] - libcdio <no-dsa> (Minor issue)
 	[wheezy] - libcdio <no-dsa> (Minor issue)
 	NOTE: https://savannah.gnu.org/bugs/?52264
-CVE-2017-18198 (print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows ...)
+CVE-2017-18198
 	- libcdio 1.0.0-1 (low)
 	[stretch] - libcdio <no-dsa> (Minor issue)
 	[jessie] - libcdio <no-dsa> (Minor issue)
 	[wheezy] - libcdio <no-dsa> (Minor issue)
 	NOTE: https://savannah.gnu.org/bugs/?52265
-CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph before 3.7.6, the ...)
+CVE-2017-18197
 	{DLA-1299-1}
 	- libjgraphx-java 2.1.0.7-2 (low; bug #891796)
 	[stretch] - libjgraphx-java <no-dsa> (Minor issue)
 	[jessie] - libjgraphx-java <no-dsa> (Minor issue)
 	NOTE: https://github.com/jgraph/mxgraph/issues/124
 	NOTE: https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1
-CVE-2017-18195 (An issue was discovered in tools/conversations/view_ajax.php in ...)
+CVE-2017-18195
 	NOT-FOR-US: Concrete5
-CVE-2017-18194 (SQL injection vulnerability in users/signup.php in the &quot;signup&quot; ...)
+CVE-2017-18194
 	NOT-FOR-US: HamayeshNegar CMS
-CVE-2017-18193 (fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles ...)
+CVE-2017-18193
 	{DSA-4188-1}
 	- linux 4.13.4-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/dad48e73127ba10279ea33e6dbc8d3905c4d31c0
-CVE-2017-6932 (Drupal core 7.x versions before 7.57 has an external link injection ...)
+CVE-2017-6932
 	{DSA-4123-1 DLA-1295-1}
 	- drupal7 7.57-1 (bug #891154)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6929 (A jQuery cross site scripting vulnerability is present when making ...)
+CVE-2017-6929
 	{DSA-4123-1 DLA-1295-1}
 	- drupal7 7.57-1 (bug #891153)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6928 (Drupal core 7.x versions before 7.57 when using Drupal's private file ...)
+CVE-2017-6928
 	{DSA-4123-1 DLA-1295-1}
 	- drupal7 7.57-1 (bug #891152)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6927 (Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 ...)
+CVE-2017-6927
 	{DSA-4123-1 DLA-1295-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.57-1 (bug #891150)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-18192 (smart/calculator/gallerylock/CalculatorActivity.java in the ...)
+CVE-2017-18192
 	NOT-FOR-US: "Photo,Video Locker-Calculator" application for Android
-CVE-2017-18191 (An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x ...)
+CVE-2017-18191
 	- nova 2:17.0.0-1
 	[stretch] - nova <no-dsa> (Minor issue)
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <end-of-life> (Not supported in Wheezy)
 	NOTE: https://launchpad.net/bugs/1739593
 	NOTE: https://review.openstack.org/539893
-CVE-2017-18190 (A localhost.localdomain whitelist entry in valid_host() in ...)
+CVE-2017-18190
 	{DLA-1412-1 DLA-1288-1}
 	- cups 2.2.3-2
 	[stretch] - cups 2.2.1-8+deb9u1
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1048
 	NOTE: https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41 (v2.2.2)
-CVE-2017-18189 (In the startread function in xa.c in Sound eXchange (SoX) through ...)
+CVE-2017-18189
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #881121)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53
-CVE-2017-18188 (OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks ...)
+CVE-2017-18188
 	NOT-FOR-US: opentmpfiles
-CVE-2017-18187 (In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an ...)
+CVE-2017-18187
 	{DSA-4147-1 DSA-4138-1}
 	- mbedtls 2.7.0-2
 	- polarssl <removed>
 	[wheezy] - polarssl <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/83c9f495ffe70c7dd280b41fdfd4881485a3bc28
-CVE-2017-18186 (An issue was discovered in QPDF before 7.0.0. There is an infinite loop ...)
+CVE-2017-18186
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/85f05cc57ffa0a863d9d9b23e73acea9410b2937
 	NOTE: https://github.com/qpdf/qpdf/issues/149
-CVE-2017-18185 (An issue was discovered in QPDF before 7.0.0. There is a large ...)
+CVE-2017-18185
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/ec7d74a386c0b2f38990079c3b0d2a2b30be0e71
 	NOTE: https://github.com/qpdf/qpdf/issues/150
-CVE-2017-18184 (An issue was discovered in QPDF before 7.0.0. There is a stack-based ...)
+CVE-2017-18184
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/dea704f0ab7f625e1e7b3f9a1110b45b63157317
 	NOTE: https://github.com/qpdf/qpdf/issues/147
-CVE-2017-18183 (An issue was discovered in QPDF before 7.0.0. There is an infinite loop ...)
+CVE-2017-18183
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
@@ -692,29 +692,29 @@ CVE-2017-18181
 	RESERVED
 CVE-2017-18180
 	RESERVED
-CVE-2017-18179 (Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring ...)
+CVE-2017-18179
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18178 (Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue ...)
+CVE-2017-18178
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18177 (Progress Sitefinity 9.1 has XSS via the Last name, First name, and ...)
+CVE-2017-18177
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18176 (Progress Sitefinity 9.1 has XSS via file upload, because JavaScript ...)
+CVE-2017-18176
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18175 (Progress Sitefinity 9.1 has XSS via the Content Management Template ...)
+CVE-2017-18175
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18174 (In the Linux kernel before 4.7, the amd_gpio_remove function in ...)
+CVE-2017-18174
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: double-free introduced and fixed in the 4.11 release cycle
 CVE-2017-18173
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18172 (In a device, with screen size 1440x2560, the check of contiguous ...)
+CVE-2017-18172
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18171 (Improper input validation for GATT data packet received in Bluetooth ...)
+CVE-2017-18171
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18170 (Improper input validation in Bluetooth Controller function can lead to ...)
+CVE-2017-18170
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18169 (User process can perform the kernel DOS in ashmem when doing cache ...)
+CVE-2017-18169
 	- linux <not-affected> (Android-specific)
 CVE-2017-18168
 	RESERVED
@@ -732,19 +732,19 @@ CVE-2017-18162
 	RESERVED
 CVE-2017-18161
 	RESERVED
-CVE-2017-18160 (AGPS session failure in GNSS module due to cyphersuites are hardcoded ...)
+CVE-2017-18160
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18159 (In Android releases from CAF using the linux kernel (Android for MSM, ...)
+CVE-2017-18159
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18158 (Possible buffer overflows and array out of bounds accesses in Android ...)
+CVE-2017-18158
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18157
 	RESERVED
 CVE-2017-18156
 	RESERVED
-CVE-2017-18155 (While playing HEVC content using HD DMB in Snapdragon Automobile and ...)
+CVE-2017-18155
 	NOT-FOR-US: Snapdragon
-CVE-2017-18154 (A crafted binder request can cause an arbitrary unmap in MediaServer ...)
+CVE-2017-18154
 	NOT-FOR-US: Android Mediaserver
 CVE-2017-18153
 	RESERVED
@@ -759,71 +759,71 @@ CVE-2017-18149
 	RESERVED
 CVE-2017-18148
 	RESERVED
-CVE-2017-18147 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-18147
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18146 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18146
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18145 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18145
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18144 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18144
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18143 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18143
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18142 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18142
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18141 (When a 3rd party TEE has been loaded it is possible for the non-secure ...)
+CVE-2017-18141
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18140 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18140
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18139 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18139
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18138 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18138
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18137 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18137
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18136 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18136
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18135 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18135
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18134 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18134
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18133 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18133
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18132 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18132
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18131
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18130 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18130
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18129 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18129
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18128 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18128
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18127 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18127
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18126 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18126
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18125 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18125
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18124 (During secure boot, addition is performed on uint8 ptrs which led to ...)
+CVE-2017-18124
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18123 (The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e ...)
+CVE-2017-18123
 	{DLA-1413-1 DLA-1269-1}
 	- dokuwiki 0.0.20160626.a-2.1 (bug #889281)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2029
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/238b8e878ad48f370903465192b57c2072f65d86
-CVE-2017-18122 (A signature-validation bypass issue was discovered in SimpleSAMLphp ...)
+CVE-2017-18122
 	{DSA-4127-1 DLA-1273-1}
 	- simplesamlphp 1.15.0-1 (bug #889286)
 	NOTE: https://simplesamlphp.org/security/201710-01
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/e2d53086abbb253efb24ddcb49b116246eb0b6ca (v1.14.17)
-CVE-2017-18121 (The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable ...)
+CVE-2017-18121
 	{DSA-4127-1 DLA-1273-1}
 	- simplesamlphp 1.15.0-1 (bug #889286)
 	NOTE: https://simplesamlphp.org/security/201709-01
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/34e1bdb7660c0c9b627f8e5f0ca224a6afe641a8 (v1.14.16)
-CVE-2017-18120 (A double-free bug in the read_gif function in gifread.c in gifsicle ...)
+CVE-2017-18120
 	- gifsicle 1.91-1 (unimportant; bug #878739; bug #881120)
 	NOTE: https://github.com/kohler/gifsicle/issues/117
 	NOTE: https://github.com/kohler/gifsicle/commit/118a46090c50829dc543179019e6140e1235f909
@@ -858,182 +858,182 @@ CVE-2017-18106
 	RESERVED
 CVE-2017-18105
 	RESERVED
-CVE-2017-18104 (The Webhooks component of Atlassian Jira before version 7.6.7 and from ...)
+CVE-2017-18104
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-18103 (The atlassian-http library, as used in various Atlassian products, ...)
+CVE-2017-18103
 	NOT-FOR-US: Atlassian
-CVE-2017-18102 (The wiki markup component of atlassian-renderer from version 8.0.0 ...)
+CVE-2017-18102
 	NOT-FOR-US: wiki markup component of atlassian-renderer
-CVE-2017-18101 (Various administrative external system import resources in Atlassian ...)
+CVE-2017-18101
 	NOT-FOR-US: Atlassian
-CVE-2017-18100 (The agile wallboard gadget in Atlassian Jira before version 7.8.1 ...)
+CVE-2017-18100
 	NOT-FOR-US: Atlassian
 CVE-2017-18099
 	RESERVED
-CVE-2017-18098 (The searchrequest-xml resource in Atlassian Jira before version 7.6.1 ...)
+CVE-2017-18098
 	NOT-FOR-US: Atlassian
-CVE-2017-18097 (The Trello board importer resource in Atlassian Jira before version ...)
+CVE-2017-18097
 	NOT-FOR-US: Atlassian
-CVE-2017-18096 (The OAuth status rest resource in Atlassian Application Links before ...)
+CVE-2017-18096
 	NOT-FOR-US: Atlassian Application Links
-CVE-2017-18095 (The SnippetRPCServiceImpl class in Atlassian Crucible before version ...)
+CVE-2017-18095
 	NOT-FOR-US: Atlassian Crucible
-CVE-2017-18094 (Various resources in Atlassian Fisheye and Crucible before version ...)
+CVE-2017-18094
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18093 (Various resources in Atlassian Fisheye and Crucible before version ...)
+CVE-2017-18093
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18092 (The print snippet resource in Atlassian Crucible before version 4.4.3 ...)
+CVE-2017-18092
 	NOT-FOR-US: Atlassian Crucible
-CVE-2017-18091 (The admin backupprogress action in Atlassian Fisheye and Crucible ...)
+CVE-2017-18091
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18090 (Various resources in Atlassian Fisheye before version 4.5.1 (the fixed ...)
+CVE-2017-18090
 	NOT-FOR-US: Atlassian Fisheye
-CVE-2017-18089 (The view review history resource in Atlassian Crucible before version ...)
+CVE-2017-18089
 	NOT-FOR-US: Atlassian Crucible
-CVE-2017-18088 (Various plugin servlet resources in Atlassian Bitbucket Server before ...)
+CVE-2017-18088
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2017-18087 (The download commit resource in Atlassian Bitbucket Server from ...)
+CVE-2017-18087
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2017-18086 (Various resources in Atlassian Confluence Server before version 6.4.2 ...)
+CVE-2017-18086
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18085 (The viewdefaultdecorator resource in Atlassian Confluence Server ...)
+CVE-2017-18085
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18084 (The usermacros resource in Atlassian Confluence Server before version ...)
+CVE-2017-18084
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18083 (The editinword resource in Atlassian Confluence Server before version ...)
+CVE-2017-18083
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18082 (The plan configure branches resource in Atlassian Bamboo before ...)
+CVE-2017-18082
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18081 (The signupUser resource in Atlassian Bamboo before version 6.3.1 ...)
+CVE-2017-18081
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18080 (The saveConfigureSecurity resource in Atlassian Bamboo before version ...)
+CVE-2017-18080
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-1000510 (Croogo version 2.3.1-17-g6f82e6c contains a Cross Site Scripting (XSS) ...)
+CVE-2017-1000510
 	NOT-FOR-US: Croogo
-CVE-2017-1000509 (Dolibarr version 6.0.2 contains a Cross Site Scripting (XSS) ...)
+CVE-2017-1000509
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/7727
-CVE-2017-1000508 (Invoice Plane version 1.5.4 and earlier contains a Cross Site ...)
+CVE-2017-1000508
 	NOT-FOR-US: Invoice Plane
-CVE-2017-1000507 (Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) ...)
+CVE-2017-1000507
 	NOT-FOR-US: Canvs Canvas
-CVE-2017-1000506 (Mautic version 2.11.0 and earlier contains a Cross Site Scripting ...)
+CVE-2017-1000506
 	NOT-FOR-US: Mautic
-CVE-2017-18079 (drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows ...)
+CVE-2017-18079
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux 3.2.96-1
 	NOTE: Fixed by: https://git.kernel.org/linus/340d394a789518018f834ff70f7534fc463d3226
-CVE-2017-18078 (systemd-tmpfiles in systemd before 237 attempts to support ...)
+CVE-2017-18078
 	- systemd 237-1 (unimportant)
 	NOTE: https://github.com/systemd/systemd/issues/7736
 	NOTE: https://github.com/systemd/systemd/commit/5579f85663d10269e7ac7464be6548c99cea4ada (v237)
 	NOTE: Neutralised by kernel hardening
-CVE-2017-18077 (index.js in brace-expansion before 1.1.7 is vulnerable to Regular ...)
+CVE-2017-18077
 	- node-brace-expansion 1.1.8-1 (unimportant; bug #862712)
 	[stretch] - node-brace-expansion 1.1.6-1+deb9u1
 	NOTE: https://nodesecurity.io/advisories/338
 	NOTE: https://github.com/juliangruber/brace-expansion/issues/33
 	NOTE: https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3
 	NOTE: nodejs not covered by security support
-CVE-2017-18076 (In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value ...)
+CVE-2017-18076
 	{DSA-4109-1}
 	[experimental] - ruby-omniauth 1.6.1-1
 	- ruby-omniauth 1.3.1-2 (bug #888523)
 	NOTE: https://github.com/omniauth/omniauth/pull/867
-CVE-2017-1000505 (In Jenkins Script Security Plugin version 1.36 and earlier, users with ...)
+CVE-2017-1000505
 	NOT-FOR-US: Jenkins Script Security Plugin
 CVE-2017-1000468
 	REJECTED
 CVE-2017-1000464
 	REJECTED
-CVE-2017-1000414 (ImpulseAdventure JPEGsnoop version 1.7.5 is vulnerable to a division ...)
+CVE-2017-1000414
 	NOT-FOR-US: ImpulseAdventure JPEGsnoop
-CVE-2017-1000504 (A race condition during Jenkins 2.94 and earlier; 2.89.1 and earlier ...)
+CVE-2017-1000504
 	- jenkins <removed>
-CVE-2017-1000503 (A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 ...)
+CVE-2017-1000503
 	- jenkins <removed>
-CVE-2017-1000502 (Users with permission to create or configure agents in Jenkins 1.37 ...)
+CVE-2017-1000502
 	- jenkins <removed>
-CVE-2017-1000474 (Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is ...)
+CVE-2017-1000474
 	NOT-FOR-US: Soyket Chowdhury Vehicle Sales Management System
-CVE-2017-1000475 (FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service ...)
+CVE-2017-1000475
 	NOT-FOR-US: FreeSSHd
-CVE-2017-18075 (crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing ...)
+CVE-2017-18075
 	- linux 4.14.13-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/d76c68109f37cb85b243a1cf0f40313afd2bae68
-CVE-2017-18074 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18074
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18073 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18073
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18072 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18072
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18071 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-18071
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18070 (In wma_ndp_end_response_event_handler(), the variable len_end_rsp is a ...)
+CVE-2017-18070
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18069 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18069
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18068 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18068
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18067
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18066 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18066
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18065 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18065
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18064
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18063 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18063
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18062 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18062
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18061 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18061
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18060 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18060
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18059 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18059
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18058 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18058
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18057 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18057
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18056 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18056
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18055 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18055
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18054 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18054
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18053 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18053
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18052 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18052
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18051 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18051
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18050 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-18050
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18049 (In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before ...)
+CVE-2017-18049
 	NOT-FOR-US: SilverStripe
-CVE-2017-18048 (Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads ...)
+CVE-2017-18048
 	NOT-FOR-US: Monstra CMS
-CVE-2017-1000417 (MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic ...)
+CVE-2017-1000417
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2017-1000416 (axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting ...)
+CVE-2017-1000416
 	NOT-FOR-US: axTLS
-CVE-2017-18047 (Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP ...)
+CVE-2017-18047
 	NOT-FOR-US: LabF nfsAxe
-CVE-2017-18046 (Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 ...)
+CVE-2017-18046
 	NOT-FOR-US: Dasan GPON ONT WiFi Router devices
-CVE-2017-18045 (JBMC DirectAdmin before 1.52, when the email_ftp_password_change ...)
+CVE-2017-18045
 	NOT-FOR-US: JBMC DirectAdmin
-CVE-2017-18044 (A Command Injection issue was discovered in ...)
+CVE-2017-18044
 	NOT-FOR-US: Commvault
-CVE-2017-18043 (Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) ...)
+CVE-2017-18043
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.10.0+dfsg-2
 	[wheezy] - qemu <not-affected> (vulnerable code not present)
@@ -1042,47 +1042,47 @@ CVE-2017-18043 (Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=2098b073f398cd628c09c5a78537a6854
 	NOTE: Broken since: https://git.qemu.org/?p=qemu.git;a=object;h=292c8e50 (v1.5.0)
 	NOTE: Fix included in 1:2.10.0+dfsg-2 via debian/patches/qemu-2.10.1.diff patch
-CVE-2017-18042 (The update user administration resource in Atlassian Bamboo before ...)
+CVE-2017-18042
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18041 (The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo ...)
+CVE-2017-18041
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18040 (The viewDeploymentVersionCommits resource in Atlassian Bamboo before ...)
+CVE-2017-18040
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18039 (The IncomingMailServers resource in Atlassian Jira from version 6.2.1 ...)
+CVE-2017-18039
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-18038 (The repository settings resource in Atlassian Bitbucket Server before ...)
+CVE-2017-18038
 	NOT-FOR-US: Atlassian Bitbucket
-CVE-2017-18037 (The git repository tag rest resource in Atlassian Bitbucket Server ...)
+CVE-2017-18037
 	NOT-FOR-US: Atlassian Bitbucket
-CVE-2017-18036 (The Github repository importer in Atlassian Bitbucket Server before ...)
+CVE-2017-18036
 	NOT-FOR-US: Atlassian Bitbucket
-CVE-2017-18035 (The /rest/review-coverage-chart/1.0/data/&lt;repository_name&gt;/.json ...)
+CVE-2017-18035
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18034 (The source browse resource in Atlassian FishEye and Crucible before ...)
+CVE-2017-18034
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18033 (The Jira-importers-plugin in Atlassian Jira before version 7.6.1 ...)
+CVE-2017-18033
 	NOT-FOR-US: Jira-importers-plugin in Atlassian Jira
-CVE-2017-18032 (The download-manager plugin before 2.9.52 for WordPress has XSS via the ...)
+CVE-2017-18032
 	NOT-FOR-US: download-manager plugin for WordPress
 CVE-2017-18031
 	RESERVED
-CVE-2017-18030 (The cirrus_invalidate_region function in hw/display/cirrus_vga.c in ...)
+CVE-2017-18030
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-4
 	[wheezy] - qemu 1.1.2+dfsg-6+deb7u22
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm 1.1.2+dfsg-6+deb7u21
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=f153b563f8cf121aebf5a2fff5f0110faf58ccb3
-CVE-2017-18029 (In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-18029
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/691
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d3144a8be81aed6e635de68f0d8e97881638a398
-CVE-2017-18028 (In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found ...)
+CVE-2017-18028
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/736
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/740985d9bd3f1c50d622c3496bb2e75d44b65a91
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/32a3eeb9e0da083cbc05909e4935efdbf9846df9
-CVE-2017-18027 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-18027
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/734
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a43f4155ee916fbed080acd534232a9d2396b5b5
@@ -1091,13 +1091,13 @@ CVE-2017-1000441
 	REJECTED
 CVE-2017-1000439
 	REJECTED
-CVE-2017-1000465 (Sulu-standard version 1.6.6 is vulnerable to stored cross-site ...)
+CVE-2017-1000465
 	NOT-FOR-US: Sulu-standard
-CVE-2017-1000429 (rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file ...)
+CVE-2017-1000429
 	NOT-FOR-US: rui Li finecms
-CVE-2017-1000428 (flatCore-CMS 1.4.6 is vulnerable to reflected XSS in ...)
+CVE-2017-1000428
 	NOT-FOR-US: flatCore-CMS
-CVE-2017-18026 (Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does ...)
+CVE-2017-18026
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #887307)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -1107,30 +1107,30 @@ CVE-2017-18026 (Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4
 	NOTE: https://github.com/redmine/redmine/commit/58ed8655136ff2fe5ff7796859bf6a399c76c678
 	NOTE: https://github.com/redmine/redmine/commit/9d797400eaec5f9fa7ba9507c82d9c18cb91d02e
 	NOTE: upstream fixed in 3.2.9, 3.3.6 and 3.4.4
-CVE-2017-1000415 (MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation ...)
+CVE-2017-1000415
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2017-18025 (cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote ...)
+CVE-2017-18025
 	NOT-FOR-US: Innotube ITGuard-Manager
-CVE-2017-18024 (AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default ...)
+CVE-2017-18024
 	NOT-FOR-US: AvantFAX
-CVE-2017-18023 (Office Tracker 11.2.5 has XSS via the logincount parameter to the ...)
+CVE-2017-18023
 	NOT-FOR-US: Office Tracker
-CVE-2017-18022 (In ImageMagick 7.0.7-12 Q16, there are memory leaks in ...)
+CVE-2017-18022
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/904
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8cf0676455929a067257400e8020dea6ca94c1a4
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e7649e96a7730dd116afb629b372c5772be0b900
-CVE-2017-18021 (It was discovered that QtPass before 1.2.1, when using the built-in ...)
+CVE-2017-18021
 	- qtpass 1.2.1-1
 	[stretch] - qtpass 1.1.6-1+deb9u1
 	NOTE: https://lists.zx2c4.com/pipermail/password-store/2018-January/003165.html
 	NOTE: https://github.com/IJHack/QtPass/issues/338
-CVE-2017-18020 (On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and ...)
+CVE-2017-18020
 	NOT-FOR-US: Samsung mobile devices
-CVE-2017-18019 (In K7 Total Security before 15.1.0.305, user-controlled input to the ...)
+CVE-2017-18019
 	NOT-FOR-US: K7 Total Security
-CVE-2017-18018 (In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not ...)
+CVE-2017-18018
 	- coreutils <unfixed> (unimportant)
 	NOTE: http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/04/3
@@ -1140,18 +1140,18 @@ CVE-2017-18018 (In GNU Coreutils through 8.29, chown-core.c in chown and chgrp d
 	NOTE: Neutralised by kernel hardening
 CVE-2017-1000500
 	REJECTED
-CVE-2017-1000499 (phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a ...)
+CVE-2017-1000499
 	- phpmyadmin <not-affected> (Only affects phpMyAdmin starting from 4.7.0)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-9/
-CVE-2017-1000498 (AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG ...)
+CVE-2017-1000498
 	NOT-FOR-US: AndroidSVG
-CVE-2017-1000497 (Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the ...)
+CVE-2017-1000497
 	NOT-FOR-US: Pepperminty-Wiki
-CVE-2017-1000496 (Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration ...)
+CVE-2017-1000496
 	NOT-FOR-US: Commsy
-CVE-2017-1000495 (QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site ...)
+CVE-2017-1000495
 	NOT-FOR-US: QuickApps CMS
-CVE-2017-1000494 (Uninitialized stack variable vulnerability in NameValueParserEndElt ...)
+CVE-2017-1000494
 	- miniupnpd 2.0.20171212-1 (bug #887129)
 	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u1
 	[jessie] - miniupnpd <no-dsa> (Minor issue)
@@ -1159,146 +1159,146 @@ CVE-2017-1000494 (Uninitialized stack variable vulnerability in NameValueParserE
 	NOTE: https://github.com/miniupnp/miniupnp/issues/268
 	NOTE: https://github.com/miniupnp/miniupnp/commit/7aeb624b44f86d335841242ff427433190e7168a
 	NOTE: https://github.com/miniupnp/miniupnp/commit/a0573e251817ec090a8c9f9f41b56d720c835a6c
-CVE-2017-1000490 (Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any ...)
+CVE-2017-1000490
 	NOT-FOR-US: Mautic
-CVE-2017-1000489 (Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow ...)
+CVE-2017-1000489
 	NOT-FOR-US: Mautic
-CVE-2017-1000488 (Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack ...)
+CVE-2017-1000488
 	NOT-FOR-US: Mautic
-CVE-2017-1000487 (Plexus-utils before 3.0.16 is vulnerable to command injection because ...)
+CVE-2017-1000487
 	{DSA-4149-1 DSA-4146-1 DLA-1237-1 DLA-1236-1}
 	- plexus-utils 1:1.5.15-5
 	- plexus-utils2 3.0.22-1
 	NOTE: https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522
 	NOTE: https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41
-CVE-2017-1000486 (Primetek Primefaces 5.x is vulnerable to a weak encryption flaw ...)
+CVE-2017-1000486
 	NOT-FOR-US: Primetek Primefaces
-CVE-2017-1000485 (Nylas Mail Lives 2.2.2 uses 0755 permissions for $HOME/.nylas-mail, ...)
+CVE-2017-1000485
 	NOT-FOR-US: Nylas Mail Lives
-CVE-2017-1000484 (By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an ...)
+CVE-2017-1000484
 	NOT-FOR-US: Plone
-CVE-2017-1000483 (Accessing private content via str.format in through-the-web templates ...)
+CVE-2017-1000483
 	NOT-FOR-US: Plone
-CVE-2017-1000482 (A member of the Plone 2.5-5.1rc1 site could set javascript in the ...)
+CVE-2017-1000482
 	NOT-FOR-US: Plone
-CVE-2017-1000481 (When you visit a page where you need to login, Plone 2.5-5.1rc1 sends ...)
+CVE-2017-1000481
 	NOT-FOR-US: Plone
-CVE-2017-1000480 (Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when ...)
+CVE-2017-1000480
 	{DSA-4094-1 DLA-1249-1}
 	- smarty <removed>
 	- smarty3 3.1.31+20161214.1.c7d42e4+selfpack1-3 (bug #886460)
 	NOTE: https://github.com/smarty-php/smarty/commit/614ad1f8b9b00086efc123e49b7bb8efbfa81b61
-CVE-2017-1000479 (pfSense versions 2.4.1 and lower are vulnerable to clickjacking ...)
+CVE-2017-1000479
 	NOT-FOR-US: pfSense
-CVE-2017-1000478 (ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in ...)
+CVE-2017-1000478
 	NOT-FOR-US: ELabftw
-CVE-2017-1000477 (XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result ...)
+CVE-2017-1000477
 	NOT-FOR-US: XMLBundle
-CVE-2017-1000476 (ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in ...)
+CVE-2017-1000476
 	{DLA-1229-1}
 	- imagemagick 8:6.9.9.34+dfsg-3
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/867
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e5dae180b9236bccd73ce93bfce81e99232a8533
-CVE-2017-1000473 (Linux Dash up to version v2 is vulnerable to multiple command ...)
+CVE-2017-1000473
 	NOT-FOR-US: Linux Dash
-CVE-2017-1000472 (The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO ...)
+CVE-2017-1000472
 	{DSA-4083-1 DLA-1239-1}
 	- poco 1.8.0-2
 	NOTE: https://github.com/pocoproject/poco/issues/1968
-CVE-2017-1000471 (EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL ...)
+CVE-2017-1000471
 	NOT-FOR-US: EmbedThis GoAhead Webserver
-CVE-2017-1000470 (EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable ...)
+CVE-2017-1000470
 	NOT-FOR-US: EmbedThis GoAhead Webserver
-CVE-2017-1000469 (Cobbler version up to 2.8.2 is vulnerable to a command injection ...)
+CVE-2017-1000469
 	- cobbler <removed> (bug #886480)
 	NOTE: https://github.com/cobbler/cobbler/issues/1845
-CVE-2017-1000467 (LavaLite version 5.2.4 is vulnerable to stored cross-site scripting ...)
+CVE-2017-1000467
 	NOT-FOR-US: LavaLite
-CVE-2017-1000462 (BookStack version 0.18.4 is vulnerable to stored cross-site scripting, ...)
+CVE-2017-1000462
 	NOT-FOR-US: BookStack
-CVE-2017-1000461 (Brave Software's Brave Browser, version 0.19.73 (and earlier) is ...)
+CVE-2017-1000461
 	- brave-browser <itp> (bug #864795)
-CVE-2017-1000460 (In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), ...)
+CVE-2017-1000460
 	- libav <removed>
 	- ffmpeg 7:3.1.1-1
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=952
 	NOTE: https://lists.ffmpeg.org/pipermail/ffmpeg-cvslog/2017-January/104221.html
-CVE-2017-18196 (Leptonica 1.74.4 constructs unintended pathnames (containing duplicated ...)
+CVE-2017-18196
 	- leptonlib 1.74.4-2 (low; bug #885704)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
 	[jessie] - leptonlib <not-affected> (Vulnerable code not present)
 	[wheezy] - leptonlib <not-affected> (Vulnerable code not present)
-CVE-2017-18017 (The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the ...)
+CVE-2017-18017
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.47-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2638fd0f92d4397884fd991d8f4925cb3f081901
-CVE-2017-18016 (Parity Browser 1.6.10 and earlier allows remote attackers to bypass ...)
+CVE-2017-18016
 	NOT-FOR-US: Paritytech Parity Ethereum
-CVE-2017-1000493 (Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL ...)
+CVE-2017-1000493
 	NOT-FOR-US: Rocket.Chat Server
-CVE-2017-1000492 (Leanote-desktop version v2.5 is vulnerable to a XSS which leads to ...)
+CVE-2017-1000492
 	NOT-FOR-US: Leanote-desktop
-CVE-2017-1000491 (Shiba markdown live preview app version 1.1.0 is vulnerable to XSS ...)
+CVE-2017-1000491
 	NOT-FOR-US: Shiba markdown live preview app
-CVE-2017-1000466 (Invoice Ninja version 3.8.1 is vulnerable to stored cross-site ...)
+CVE-2017-1000466
 	NOT-FOR-US: Invoice Ninja
-CVE-2017-1000463 (Leafpub version 1.2.0-beta6 is vulnerable to stored cross-site ...)
+CVE-2017-1000463
 	NOT-FOR-US: Leafpub
-CVE-2017-1000459 (Leanote version &lt;= 2.5 is vulnerable to XSS due to not sanitized input ...)
+CVE-2017-1000459
 	NOT-FOR-US: Leanote
-CVE-2017-1000438 (In OMERO 5.3.3 or earlier a user could create an OriginalFile and ...)
+CVE-2017-1000438
 	NOT-FOR-US: OMERO
-CVE-2017-1000437 (Creolabs Gravity 1.0 contains a stack based buffer overflow in the ...)
+CVE-2017-1000437
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000434 (Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open ...)
+CVE-2017-1000434
 	NOT-FOR-US: Wordpress plugin Furikake
-CVE-2017-1000433 (pysaml2 version 4.4.0 and older accept any password when run with ...)
+CVE-2017-1000433
 	{DLA-1410-1}
 	- python-pysaml2 4.5.0-2 (bug #886423)
 	[stretch] - python-pysaml2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/rohe/pysaml2/issues/451
 	NOTE: Fixed by: https://github.com/rohe/pysaml2/commit/6312a41e037954850867f29d329e5007df1424a5
-CVE-2017-1000432 (Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting ...)
+CVE-2017-1000432
 	NOT-FOR-US: Vanilla Forums
-CVE-2017-1000427 (marked version 0.3.6 and earlier is vulnerable to an XSS attack in the ...)
+CVE-2017-1000427
 	- node-marked 0.3.9+dfsg-1 (unimportant; bug #886451)
 	NOTE: https://github.com/chjj/marked/commit/cd2f6f5b7091154c5526e79b5f3bfb4d15995a51
 	NOTE: nodejs not covered by security support
-CVE-2017-1000426 (MapProxy version 1.10.3 and older is vulnerable to a Cross Site ...)
+CVE-2017-1000426
 	- mapproxy 1.10.4-1 (low)
 	[stretch] - mapproxy 1.9.0-3+deb9u1
 	NOTE: https://github.com/mapproxy/mapproxy/issues/322
 	NOTE: https://github.com/mapproxy/mapproxy/commit/2e102843203c11b02c002daa08ca59d05d5eff5a (master)
 	NOTE: https://github.com/mapproxy/mapproxy/commit/87faa667007b00ef11ee09b16707aa9ad2e8da28 (1.10.x)
-CVE-2017-1000425 (Cross-site scripting (XSS) vulnerability in the /html/portal/flash.jsp ...)
+CVE-2017-1000425
 	NOT-FOR-US: Liferay Portal CE
-CVE-2017-1000458 (Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ...)
+CVE-2017-1000458
 	- bro 2.5.2-1
 	[stretch] - bro <no-dsa> (Minor issue)
 	NOTE: https://bro-tracker.atlassian.net/browse/BIT-1856
 	NOTE: https://github.com/bro/bro/commit/6c0f101a62489b1c5927b4ed63b0e1d37db40282
-CVE-2017-1000457 (Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal ...)
+CVE-2017-1000457
 	NOT-FOR-US: mojoPortal
-CVE-2017-1000456 (freedesktop.org libpoppler 0.60.1 fails to validate boundaries in ...)
+CVE-2017-1000456
 	{DSA-4097-1 DLA-1228-1}
 	- poppler 0.61.1-2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103116
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=7ee9dadef37b20bca707a6b1e858e17d191e368b
-CVE-2017-1000455 (GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d ...)
+CVE-2017-1000455
 	- guix <itp> (bug #850644)
 	NOTE: https://lists.gnu.org/archive/html/guix-devel/2017-10/msg00090.html
-CVE-2017-1000454 (CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template ...)
+CVE-2017-1000454
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-1000453 (CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty ...)
+CVE-2017-1000453
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-1000452 (An XML Signature Wrapping vulnerability exists in Samlify 2.2.0 and ...)
+CVE-2017-1000452
 	NOT-FOR-US: Samlify
-CVE-2017-1000451 (fs-git is a file system like api for git repository. The fs-git ...)
+CVE-2017-1000451
 	NOT-FOR-US: fs-git
-CVE-2017-1000450 (In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and ...)
+CVE-2017-1000450
 	{DLA-1438-1 DLA-1235-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #886282)
@@ -1308,9 +1308,9 @@ CVE-2017-1000450 (In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniCo
 	NOTE: https://github.com/opencv/opencv/pull/9726
 CVE-2017-1000449
 	REJECTED
-CVE-2017-1000448 (Structured Data Linter versions 2.4.1 and older are vulnerable to a ...)
+CVE-2017-1000448
 	NOT-FOR-US: Structured Data Linter
-CVE-2017-1000445 (ImageMagick 7.0.7-1 and older version are vulnerable to null pointer ...)
+CVE-2017-1000445
 	{DLA-1229-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #886281)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -1318,69 +1318,69 @@ CVE-2017-1000445 (ImageMagick 7.0.7-1 and older version are vulnerable to null p
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/775
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/441fde32557eb3cec573b0f877ac324173feed7f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/839a14e43d0c88db7b3fffe8aa4ec57d80c93623
-CVE-2017-1000444 (Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in ...)
+CVE-2017-1000444
 	NOT-FOR-US: Eleix Openhacker
-CVE-2017-1000443 (Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability ...)
+CVE-2017-1000443
 	NOT-FOR-US: Eleix Openhacker
-CVE-2017-1000442 (Passbolt API version 1.6.4 and older are vulnerable to a XSS in the ...)
+CVE-2017-1000442
 	NOT-FOR-US: Passbolt API
-CVE-2017-1000431 (eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is ...)
+CVE-2017-1000431
 	NOT-FOR-US: eZ Systems eZ Publish
-CVE-2017-1000430 (rust-base64 version &lt;= 0.5.1 is vulnerable to a buffer overflow when ...)
+CVE-2017-1000430
 	NOTE: https://github.com/RustSec/advisory-db/blob/master/crates/base64/RUSTSEC-2017-0004.toml
 	NOT-FOR-US: rust-base64
-CVE-2017-1000424 (Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable ...)
+CVE-2017-1000424
 	- electron <itp> (bug #842420)
-CVE-2017-1000423 (b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation ...)
+CVE-2017-1000423
 	- b2evolution <removed>
-CVE-2017-1000422 (Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer ...)
+CVE-2017-1000422
 	{DSA-4088-1 DLA-1234-1}
 	- gdk-pixbuf 2.36.11-1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785973
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=0012e066ba37439d402ce46afbc1311530a4ec61
-CVE-2017-1000421 (Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in ...)
+CVE-2017-1000421
 	{DSA-4084-1 DLA-1233-1}
 	- gifsicle 1.90-1
 	NOTE: https://github.com/kohler/gifsicle/issues/114
 	NOTE: https://github.com/kohler/gifsicle/commit/81fd7823f6d9c85ab598bc850e40382068361185
-CVE-2017-1000420 (Syncthing version 0.14.33 and older is vulnerable to symlink traversal ...)
+CVE-2017-1000420
 	- syncthing 0.14.36+ds1-1
 	[stretch] - syncthing <no-dsa> (Minor issue)
 	NOTE: https://github.com/syncthing/syncthing/commit/1f09488a0f1fdca07076b007b9789f23a6df1060 (v0.14.34)
 	NOTE: https://github.com/syncthing/syncthing/commit/a0f771c221f6ef18fcc496e736670d85f36b8dec
 	NOTE: https://github.com/syncthing/syncthing/issues/4286
-CVE-2017-1000419 (phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar ...)
+CVE-2017-1000419
 	- phpbb3 <removed>
 	[jessie] - phpbb3 <not-affected> (Vulnerable code not present)
 	[wheezy] - phpbb3 <not-affected> (Vulnerable code not present)
-CVE-2017-1000418 (The WildMidi_Open function in WildMIDI since commit ...)
+CVE-2017-1000418
 	- wildmidi 0.4.2-1 (bug #886503)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wildmidi <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Mindwerks/wildmidi/issues/178
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/814f31d8eceda8401eb812fc2e94ed143fdad0ab
-CVE-2017-1000413 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ...)
+CVE-2017-1000413
 	NOT-FOR-US: OP-TEE
-CVE-2017-1000412 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ...)
+CVE-2017-1000412
 	NOT-FOR-US: OP-TEE
-CVE-2017-18015 (The ILLID Share This Image plugin before 1.04 for WordPress has XSS via ...)
+CVE-2017-18015
 	NOT-FOR-US: ILLID Share This Image plugin for WordPress
-CVE-2017-18014 (An NC-25986 issue was discovered in the Logging subsystem of Sophos XG ...)
+CVE-2017-18014
 	NOT-FOR-US: Sophos
-CVE-2017-18013 (In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the ...)
+CVE-2017-18013
 	{DSA-4100-1 DLA-1260-1 DLA-1259-1}
 	- tiff 4.0.9-3 (bug #885985)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2770
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01
-CVE-2017-18012 (The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the ...)
+CVE-2017-18012
 	NOT-FOR-US: Z-URL Preview plugin for WordPress
-CVE-2017-18011 (The MyCBGenie Affiliate Ads for Clickbank Products plugin through 1.6 ...)
+CVE-2017-18011
 	NOT-FOR-US: MyCBGenie Affiliate Ads for Clickbank Products plugin WordPress
-CVE-2017-18010 (The E-goi Smart Marketing SMS and Newsletters Forms plugin before ...)
+CVE-2017-18010
 	NOT-FOR-US: E-goi Smart Marketing SMS and Newsletters Forms plugin for WordPress
-CVE-2017-18009 (In OpenCV 3.3.1, a heap-based buffer over-read exists in the function ...)
+CVE-2017-18009
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv <unfixed> (bug #924884)
 	[stretch] - opencv <not-affected> (Vulnerable code introduced later)
@@ -1388,15 +1388,15 @@ CVE-2017-18009 (In OpenCV 3.3.1, a heap-based buffer over-read exists in the fun
 	[wheezy] - opencv <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/opencv/opencv/issues/10479
 	NOTE: Introduced after: https://github.com/opencv/opencv/commit/7469c935f3ec8e9fe4f56b7eed07b284b7b7b5df
-CVE-2017-18008 (In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in ...)
+CVE-2017-18008
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/921
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1a5f95fc018a5667de5a9448aee9d7251b2eb952
 CVE-2017-18007
 	RESERVED
-CVE-2017-18006 (netpub/server.np in Extensis Portfolio NetPublish has XSS in the ...)
+CVE-2017-18006
 	NOT-FOR-US: Extensis Portfolio NetPublish
-CVE-2017-18005 (Exiv2 0.26 has a Null Pointer Dereference in the ...)
+CVE-2017-18005
 	- exiv2 <unfixed> (low; bug #885981)
 	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -1404,21 +1404,21 @@ CVE-2017-18005 (Exiv2 0.26 has a Null Pointer Dereference in the ...)
 	[wheezy] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/168
 	NOTE: Fixed via: https://github.com/Exiv2/exiv2/pull/199
-CVE-2017-18004 (Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to ...)
+CVE-2017-18004
 	NOT-FOR-US: Zurmo
 CVE-2017-18003
 	RESERVED
 CVE-2017-18002
 	RESERVED
-CVE-2017-18001 (Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote ...)
+CVE-2017-18001
 	NOT-FOR-US: Trustwave Secure Web Gateway
 CVE-2017-18000
 	RESERVED
-CVE-2017-17999 (SQL injection vulnerability in RISE Ultimate Project Manager 1.9 ...)
+CVE-2017-17999
 	NOT-FOR-US: RISE Ultimate Project Manager
 CVE-2017-17998
 	RESERVED
-CVE-2017-17997 (In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL ...)
+CVE-2017-17997
 	{DLA-1634-1}
 	- wireshark 2.4.0-1
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -1426,37 +1426,37 @@ CVE-2017-17997 (In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14299
 	NOTE: https://code.wireshark.org/review/#/c/25063/
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=80a695869c9aef2fb473d9361da068022be7cb50
-CVE-2017-17996 (A buffer overflow vulnerability in &quot;Add command&quot; functionality exists ...)
+CVE-2017-17996
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
-CVE-2017-17995 (Biometric Shift Employee Management System has XSS via the Last_Name ...)
+CVE-2017-17995
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17994 (Biometric Shift Employee Management System has XSS via the criteria ...)
+CVE-2017-17994
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17993 (Biometric Shift Employee Management System has XSS via the amount ...)
+CVE-2017-17993
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17992 (Biometric Shift Employee Management System allows Arbitrary File ...)
+CVE-2017-17992
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17991 (Biometric Shift Employee Management System has XSS via the expense_name ...)
+CVE-2017-17991
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17990 (Biometric Shift Employee Management System has CSRF via index.php in an ...)
+CVE-2017-17990
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17989 (Biometric Shift Employee Management System has XSS via the index.php ...)
+CVE-2017-17989
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17988 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
+CVE-2017-17988
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17987 (PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file upload ...)
+CVE-2017-17987
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17986 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
+CVE-2017-17986
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17985 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
+CVE-2017-17985
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17984 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
+CVE-2017-17984
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17983 (PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the ...)
+CVE-2017-17983
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17982 (PHP Scripts Mall Muslim Matrimonial Script has CSRF via ...)
+CVE-2017-17982
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17981 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the ...)
+CVE-2017-17981
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17980
 	RESERVED
@@ -1466,16 +1466,16 @@ CVE-2017-17978
 	RESERVED
 CVE-2017-17977
 	RESERVED
-CVE-2017-17976 (In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can ...)
+CVE-2017-17976
 	NOT-FOR-US: Perfex CRM
-CVE-2017-17975 (Use-after-free in the usbtv_probe function in ...)
+CVE-2017-17975
 	{DSA-4188-1}
 	- linux 4.15.17-1
 	[jessie] - linux <not-affected> (Vulnerable code path not present)
 	[wheezy] - linux <not-affected> (Vulnerable code path not present)
-CVE-2017-17974 (BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv ...)
+CVE-2017-17974
 	NOT-FOR-US: BA SYSTEMS BAS Web on BAS920 devices
-CVE-2017-17973 (** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free ...)
+CVE-2017-17973
 	- tiff <unfixed> (unimportant)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2769
@@ -1494,26 +1494,26 @@ CVE-2017-1000436
 	REJECTED
 CVE-2017-1000435
 	REJECTED
-CVE-2017-1000501 (Awstats version 7.6 and earlier is vulnerable to a path traversal flaw ...)
+CVE-2017-1000501
 	{DSA-4092-1 DLA-1238-1}
 	- awstats 7.6+dfsg-2 (bug #885835)
 	NOTE: https://github.com/eldy/awstats/commit/cf219843a74c951bf5986f3a7fffa3dcf99c3899
 	NOTE: https://github.com/eldy/awstats/commit/06c0ab29c1e5059d9e0279c6b64d573d619e1651
 CVE-2017-17972
 	RESERVED
-CVE-2017-17971 (The test_sql_and_script_inject function in htdocs/main.inc.php in ...)
+CVE-2017-17971
 	- dolibarr <removed> (bug #885828)
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/8000
-CVE-2017-17970 (Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote ...)
+CVE-2017-17970
 	NOT-FOR-US: Muviko
-CVE-2017-17969 (Heap-based buffer overflow in the ...)
+CVE-2017-17969
 	{DSA-4104-1 DLA-1268-1}
 	- p7zip 16.02+dfsg-5 (bug #888297)
 	NOTE: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
 	NOTE: Fixed in upstream 18.00-beta.
-CVE-2017-17968 (A buffer overflow vulnerability in NetTransport.exe in NetTransport ...)
+CVE-2017-17968
 	NOT-FOR-US: NetTransport Download Manager
-CVE-2017-17967 (pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote ...)
+CVE-2017-17967
 	NOT-FOR-US: Kingsoft WPS Office
 CVE-2017-17966
 	RESERVED
@@ -1527,37 +1527,37 @@ CVE-2017-17962
 	RESERVED
 CVE-2017-17961
 	RESERVED
-CVE-2017-17960 (PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via ...)
+CVE-2017-17960
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17959 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...)
+CVE-2017-17959
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17958 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...)
+CVE-2017-17958
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17957 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...)
+CVE-2017-17957
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17956 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...)
+CVE-2017-17956
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17955 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...)
+CVE-2017-17955
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17954 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...)
+CVE-2017-17954
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17953 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php ...)
+CVE-2017-17953
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17952 (PHP Scripts Mall PHP Multivendor Ecommerce has a predicable ...)
+CVE-2017-17952
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17951 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...)
+CVE-2017-17951
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17950 (Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid ...)
+CVE-2017-17950
 	NOT-FOR-US: Cells Blog
-CVE-2017-17949 (Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter. ...)
+CVE-2017-17949
 	NOT-FOR-US: Cells Blog
-CVE-2017-17948 (Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic ...)
+CVE-2017-17948
 	NOT-FOR-US: Cells Blog
-CVE-2017-17947 (A cross site scripting issue has been found in custompage.cgi in Pulse ...)
+CVE-2017-17947
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2017-1000411 (OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, ...)
+CVE-2017-1000411
 	NOT-FOR-US: OpenDayLight
-CVE-2017-17946 (A buffer overflow in Handy Password 4.9.3 allows remote attackers to ...)
+CVE-2017-17946
 	NOT-FOR-US: Handy Password
 CVE-2017-17945
 	RESERVED
@@ -1565,7 +1565,7 @@ CVE-2017-17944
 	RESERVED
 CVE-2017-17943
 	RESERVED
-CVE-2017-17942 (In LibTIFF 4.0.9, there is a heap-based buffer over-read in the ...)
+CVE-2017-17942
 	- tiff <unfixed> (low; bug #885579)
 	[buster] - tiff <postponed> (Minor issue, revisit once fixed upstream)
 	[stretch] - tiff <postponed> (Minor issue, revisit once fixed upstream)
@@ -1574,49 +1574,49 @@ CVE-2017-17942 (In LibTIFF 4.0.9, there is a heap-based buffer over-read in the
 	- tiff3 <removed>
 	[wheezy] - tiff3 <postponed> (Minor issue, revisit once fixed upstream)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2767
-CVE-2017-17941 (PHP Scripts Mall Single Theater Booking has SQL Injection via the ...)
+CVE-2017-17941
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17940 (PHP Scripts Mall Single Theater Booking has XSS via the title parameter ...)
+CVE-2017-17940
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17939 (PHP Scripts Mall Single Theater Booking has CSRF via ...)
+CVE-2017-17939
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17938 (PHP Scripts Mall Single Theater Booking has XSS via the ...)
+CVE-2017-17938
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17937 (Vanguard Marketplace Digital Products PHP has XSS via the phps_query ...)
+CVE-2017-17937
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17936 (Vanguard Marketplace Digital Products PHP has CSRF via /search. ...)
+CVE-2017-17936
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17935 (The File_read_line function in epan/wslua/wslua_file.c in Wireshark ...)
+CVE-2017-17935
 	{DLA-1634-1}
 	- wireshark 2.4.4-1 (bug #885831)
 	[wheezy] - wireshark <ignored> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295
 	NOTE: https://code.wireshark.org/review/#/c/24997/
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=137ab7d5681486c6d6cc8faac4300b7cd4ec0cf1
-CVE-2017-17934 (ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, ...)
+CVE-2017-17934
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/920
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3755d2289b032919c065f6ab11ef570063f7f828
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/08278c7cf1c0b4f1da4cdcfaa857ff6b2373a1b2
-CVE-2017-17933 (cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or ...)
+CVE-2017-17933
 	NOT-FOR-US: NetWin SurgeFTP
-CVE-2017-17932 (A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ...)
+CVE-2017-17932
 	NOT-FOR-US: ALLPlayer
-CVE-2017-17931 (PHP Scripts Mall Resume Clone Script has SQL Injection via the ...)
+CVE-2017-17931
 	NOT-FOR-US: PHP Scripts Mall Resume Clone Script
-CVE-2017-17930 (PHP Scripts Mall Professional Service Script has CSRF via ...)
+CVE-2017-17930
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17929 (PHP Scripts Mall Professional Service Script has XSS via the ...)
+CVE-2017-17929
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17928 (PHP Scripts Mall Professional Service Script has SQL injection via the ...)
+CVE-2017-17928
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17927 (PHP Scripts Mall Professional Service Script allows remote attackers to ...)
+CVE-2017-17927
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17926 (PHP Scripts Mall Professional Service Script has a predicable ...)
+CVE-2017-17926
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17925 (PHP Scripts Mall Professional Service Script has XSS via the ...)
+CVE-2017-17925
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17924 (PHP Scripts Mall Professional Service Script allows remote attackers to ...)
+CVE-2017-17924
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
 CVE-2017-17923
 	RESERVED
@@ -1624,30 +1624,30 @@ CVE-2017-17922
 	RESERVED
 CVE-2017-17921
 	RESERVED
-CVE-2017-17920 (** DISPUTED ** SQL injection vulnerability in the 'reorder' method in ...)
+CVE-2017-17920
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
-CVE-2017-17919 (** DISPUTED ** SQL injection vulnerability in the 'order' method in ...)
+CVE-2017-17919
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
 CVE-2017-17918
 	RESERVED
-CVE-2017-17917 (** DISPUTED ** SQL injection vulnerability in the 'where' method in ...)
+CVE-2017-17917
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
-CVE-2017-17916 (** DISPUTED ** SQL injection vulnerability in the 'find_by' method in ...)
+CVE-2017-17916
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
-CVE-2017-17915 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based ...)
+CVE-2017-17915
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/535/
-CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ...)
+CVE-2017-17914
 	{DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #886584)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -1655,7 +1655,7 @@ CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the fu
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/908
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/650ec57d84b7b1dce66435b8cd3b58f7ae66db1b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/42781eeebadf111a2e01559735ea504a78192046
-CVE-2017-17913 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based ...)
+CVE-2017-17913
 	{DSA-4321-1}
 	- graphicsmagick 1.3.27-3
 	[jessie] - graphicsmagick <not-affected> (webp feature was not compiled in)
@@ -1663,136 +1663,136 @@ CVE-2017-17913 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-bas
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/88313ebe379c
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/536/
-CVE-2017-17912 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based ...)
+CVE-2017-17912
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/0d871e813a4f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/533/
-CVE-2017-17911 (packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer ...)
+CVE-2017-17911
 	NOT-FOR-US: Archon
-CVE-2017-17910 (On Hoermann BiSecur devices before 2018, a vulnerability can be ...)
+CVE-2017-17910
 	NOT-FOR-US: Hoermann BiSecur
-CVE-2017-17909 (PHP Scripts Mall Responsive Realestate Script has XSS via the ...)
+CVE-2017-17909
 	NOT-FOR-US: PHP Scripts Mall Responsive Realestate Script
-CVE-2017-17908 (PHP Scripts Mall Responsive Realestate Script has CSRF via ...)
+CVE-2017-17908
 	NOT-FOR-US: PHP Scripts Mall Responsive Realestate Script
-CVE-2017-17907 (PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php ...)
+CVE-2017-17907
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2017-17906 (PHP Scripts Mall Car Rental Script has SQL Injection via the ...)
+CVE-2017-17906
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2017-17905 (PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. ...)
+CVE-2017-17905
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2017-17904 (FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the ...)
+CVE-2017-17904
 	NOT-FOR-US: FS Lynda Clone
-CVE-2017-17903 (FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by ...)
+CVE-2017-17903
 	NOT-FOR-US: FS Lynda Clone
-CVE-2017-17902 (SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a ...)
+CVE-2017-17902
 	NOT-FOR-US: Kliqqi CMS
-CVE-2017-17901 (ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of ...)
+CVE-2017-17901
 	NOT-FOR-US: ZyXEL
-CVE-2017-17900 (SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM ...)
+CVE-2017-17900
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
-CVE-2017-17899 (SQL injection vulnerability in adherents/subscription/info.php in ...)
+CVE-2017-17899
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
-CVE-2017-17898 (Dolibarr ERP/CRM version 6.0.4 does not block direct requests to ...)
+CVE-2017-17898
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/6a62e139604dbbd5729e57df2433b37a5950c35c
-CVE-2017-17897 (SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM ...)
+CVE-2017-17897
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
-CVE-2017-17896 (Readymade Job Site Script has XSS via the keyword parameter to the /job ...)
+CVE-2017-17896
 	NOT-FOR-US: Readymade Job Site Script
-CVE-2017-17895 (Readymade Job Site Script has SQL Injection via the location_name array ...)
+CVE-2017-17895
 	NOT-FOR-US: Readymade Job Site Script
-CVE-2017-17894 (Readymade Job Site Script has CSRF via the /job URI. ...)
+CVE-2017-17894
 	NOT-FOR-US: Readymade Job Site Script
-CVE-2017-17893 (Readymade Video Sharing Script has XSS via the search_video.php search ...)
+CVE-2017-17893
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17892 (Readymade Video Sharing Script has SQL Injection via the viewsubs.php ...)
+CVE-2017-17892
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17891 (Readymade Video Sharing Script has CSRF via user-profile-edit.php. ...)
+CVE-2017-17891
 	NOT-FOR-US: Readymade Video Sharing Script
 CVE-2017-17890
 	RESERVED
-CVE-2017-17889 (Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, ...)
+CVE-2017-17889
 	NOT-FOR-US: Kliqqi CMS
-CVE-2017-17888 (cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, ...)
+CVE-2017-17888
 	NOT-FOR-US: Anti-Web
-CVE-2017-17887 (In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17887
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/903
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7a42f63927e7f2e26846b7ed4560e9cb4984af7b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dddce3e790b5b0f5dad91a7960de67af5bdea789
-CVE-2017-17886 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17886
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/874
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8204599ef0e85324876459e5d45db00660920482
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4a71d71f4ae289b6672102efaef6543643e8efb8
-CVE-2017-17885 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17885
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/879
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ba085736fd49ad89c1937d1ee2b80ae4e11ab97
 	NOTE: Imagemagick-6: https://github.com/ImageMagick/ImageMagick/commit/5e863ae629010110772321fd181bac34c4b57345
-CVE-2017-17884 (In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17884
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/902
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4d6accd355119d54429a86a1859b8329f0130f30
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/82f20a898107a9c1ef6ad2024c4b191719b294ea
-CVE-2017-17883 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17883
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/877
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b0a7241df0f889cc3158ba82774ff21fa1da87ec
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/2a1ec7d97f356e9fb6dbc328da17d93ab7a8167c
-CVE-2017-17882 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17882
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/880
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/903f14eb94521aa6dca9d9ac55d3d9a6c7676a63
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/92fbef516b94ed96fa2a672831acd5dafb242ac5
-CVE-2017-17881 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17881
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/878
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ece953bbe14e8514afc23e05e4030eea872e29da
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/aa601d79a630f6de0694fadbeee31456a357fa73
-CVE-2017-17880 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based ...)
+CVE-2017-17880
 	- imagemagick 8:6.9.9.39+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/907
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b5d1edb02c432040e3ff894d0c461bcce6fd2c9
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/663b3b432c202cd2aeda7ea7e82b74cce51ab1cf
 	NOTE: webp support not enabled, see #806425
-CVE-2017-17879 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based ...)
+CVE-2017-17879
 	{DSA-4204-1 DSA-4074-1 DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #885125)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/906
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/72b3994a948a8a90dc664f3e7f72464878a31fbf
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e41f18ecccbdd1c38e1382057718e91e8f8d6d80
-CVE-2017-17878 (An issue was discovered in Valve Steam Link build 643. Root passwords ...)
+CVE-2017-17878
 	NOT-FOR-US: Valve Steam Link
-CVE-2017-17877 (An issue was discovered in Valve Steam Link build 643. When the SSH ...)
+CVE-2017-17877
 	NOT-FOR-US: Valve Steam Link
-CVE-2017-17876 (Biometric Shift Employee Management System 3.0 allows remote attackers ...)
+CVE-2017-17876
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17875 (The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the ...)
+CVE-2017-17875
 	NOT-FOR-US: JEXTN FAQ Pro extension for Joomla!
-CVE-2017-17874 (Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file ...)
+CVE-2017-17874
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17873 (Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the ...)
+CVE-2017-17873
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17872 (The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection ...)
+CVE-2017-17872
 	NOT-FOR-US: JEXTN Video Gallery extension for Joomla!
-CVE-2017-17871 (The &quot;JEXTN Question And Answer&quot; extension 3.1.0 for Joomla! has SQL ...)
+CVE-2017-17871
 	NOT-FOR-US: "JEXTN Question And Answer" extension for Joomla!
-CVE-2017-17870 (The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the ...)
+CVE-2017-17870
 	NOT-FOR-US: JBuildozer extension for Joomla!
-CVE-2017-17869 (The mgl-instagram-gallery plugin for WordPress has XSS via the ...)
+CVE-2017-17869
 	NOT-FOR-US: mgl-instagram-gallery plugin for WordPress
-CVE-2017-17868 (In Liferay Portal 6.1.0, the tags section has XSS via a Public Render ...)
+CVE-2017-17868
 	NOT-FOR-US: Liferay Portal
-CVE-2017-17867 (Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users ...)
+CVE-2017-17867
 	NOT-FOR-US: Inteno iopsys
-CVE-2017-17866 (pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain ...)
+CVE-2017-17866
 	{DSA-4334-1}
 	- mupdf 1.12.0+ds1-1 (bug #885120)
 	[jessie] - mupdf <no-dsa> (Minor issue)
@@ -1801,18 +1801,18 @@ CVE-2017-17866 (pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certai
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698699 (not public)
 CVE-2017-17865
 	RESERVED
-CVE-2017-17864 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles ...)
+CVE-2017-17864
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-17863 (kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not ...)
+CVE-2017-17863
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.spinics.net/lists/stable/msg206985.html
-CVE-2017-17862 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores ...)
+CVE-2017-17862
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -1821,11 +1821,11 @@ CVE-2017-17862 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores
 	NOTE: https://www.spinics.net/lists/stable/msg206984.html
 CVE-2017-17861
 	RESERVED
-CVE-2017-17860 (In Samsung Gear products, Bluetooth link key is updated to the ...)
+CVE-2017-17860
 	NOT-FOR-US: Samsung
-CVE-2017-17859 (Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass ...)
+CVE-2017-17859
 	NOT-FOR-US: Samsung Internet Browser
-CVE-2017-17858 (Heap-based buffer overflow in the ensure_solid_xref function in ...)
+CVE-2017-17858
 	- mupdf <not-affected> (Vulnerable code introduced in 1.11.1)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698819 (not public)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731
@@ -1834,46 +1834,46 @@ CVE-2017-17858 (Heap-based buffer overflow in the ensure_solid_xref function in
 	NOTE: https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md
 CVE-2017-17851
 	RESERVED
-CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and ...)
+CVE-2017-17850
 	- asterisk 1:13.18.5~dfsg-1 (bug #885072)
 	[stretch] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
 	[jessie] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
 	[wheezy] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480
-CVE-2017-17849 (A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 ...)
+CVE-2017-17849
 	NOT-FOR-US: GetGo Download Manager
-CVE-2017-17857 (The check_stack_boundary function in kernel/bpf/verifier.c in the Linux ...)
+CVE-2017-17857
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469
-CVE-2017-17856 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...)
+CVE-2017-17856
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f
-CVE-2017-17855 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...)
+CVE-2017-17855
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14
-CVE-2017-17854 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...)
+CVE-2017-17854
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03
-CVE-2017-17853 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...)
+CVE-2017-17853
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941
-CVE-2017-17852 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...)
+CVE-2017-17852
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
@@ -1881,9 +1881,9 @@ CVE-2017-17852 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
 	NOTE: Fixed by: https://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a
 CVE-2017-17842
 	RESERVED
-CVE-2017-17841 (Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an ...)
+CVE-2017-17841
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-17840 (An issue was discovered in Open-iSCSI through 2.0.875. A local attacker ...)
+CVE-2017-17840
 	- open-iscsi 2.0.874-5 (bug #885021)
 	[stretch] - open-iscsi <no-dsa> (Minor issue)
 	[jessie] - open-iscsi <ignored> (Minor issue, iscsiuio not built in this version, source affected)
@@ -1899,189 +1899,189 @@ CVE-2017-17839
 	REJECTED
 CVE-2017-17838
 	REJECTED
-CVE-2017-17837 (The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the ...)
+CVE-2017-17837
 	NOT-FOR-US: Apache DeltaSpike-JSF module
-CVE-2017-17836 (In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature ...)
+CVE-2017-17836
 	- airflow <itp> (bug #819700)
-CVE-2017-17835 (In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for ...)
+CVE-2017-17835
 	- airflow <itp> (bug #819700)
 CVE-2017-17834
 	REJECTED
-CVE-2017-17833 (OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a ...)
+CVE-2017-17833
 	{DLA-1364-1}
 	- openslp-dfsg <removed> (low)
 	[jessie] - openslp-dfsg <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/
-CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a ...)
+CVE-2017-17832
 	NOT-FOR-US: ServersCheck Monitoring Software
-CVE-2017-17843 (An issue was discovered in Enigmail before 1.9.9 that allows remote ...)
+CVE-2017-17843
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17844 (An issue was discovered in Enigmail before 1.9.9. A remote attacker can ...)
+CVE-2017-17844
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17845 (An issue was discovered in Enigmail before 1.9.9. Improper Random ...)
+CVE-2017-17845
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17846 (An issue was discovered in Enigmail before 1.9.9. Regular expressions ...)
+CVE-2017-17846
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17847 (An issue was discovered in Enigmail before 1.9.9. Signature spoofing is ...)
+CVE-2017-17847
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17848 (An issue was discovered in Enigmail before 1.9.9. In a variant of ...)
+CVE-2017-17848
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute ...)
+CVE-2017-17831
 	- git-lfs <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/git-lfs/git-lfs/pull/2242
 	NOTE: https://github.com/git-lfs/git-lfs/releases/tag/v2.1.1
-CVE-2017-17830 (Bus Booking Script has CSRF via admin/new_master.php. ...)
+CVE-2017-17830
 	NOT-FOR-US: Bus Booking Script
-CVE-2017-17829 (Bus Booking Script has SQL Injection via the admin/view_seatseller.php ...)
+CVE-2017-17829
 	NOT-FOR-US: Bus Booking Script
-CVE-2017-17828 (Bus Booking Script has XSS via the results.php datepicker parameter or ...)
+CVE-2017-17828
 	NOT-FOR-US: Bus Booking Script
-CVE-2017-17827 (Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via ...)
+CVE-2017-17827
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/822
 	NOTE: https://github.com/Piwigo/Piwigo/commit/c3b4c6f7f0ddeaea492080fb8211d7b4cfedaf6f
 	NOTE: https://github.com/Piwigo/Piwigo/commit/77f02bfd76ed13dd14044d04cdd8d28213e1848d
-CVE-2017-17826 (The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent ...)
+CVE-2017-17826
 	- piwigo <removed>
-CVE-2017-17825 (The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent ...)
+CVE-2017-17825
 	- piwigo <removed>
-CVE-2017-17824 (The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL ...)
+CVE-2017-17824
 	- piwigo <removed>
-CVE-2017-17823 (The Configuration component of Piwigo 2.9.2 is vulnerable to SQL ...)
+CVE-2017-17823
 	- piwigo <removed>
-CVE-2017-17822 (The List Users API of Piwigo 2.9.2 is vulnerable to SQL Injection via ...)
+CVE-2017-17822
 	- piwigo <removed>
-CVE-2017-17821 (WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology ...)
+CVE-2017-17821
 	- webkit2gtk <unfixed> (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=181020 (not public)
 	NOTE: Not covered by security support
-CVE-2017-17820 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
+CVE-2017-17820
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392433
-CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...)
+CVE-2017-17819
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435
 	NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3)
-CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
+CVE-2017-17818
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392428
-CVE-2017-17817 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
+CVE-2017-17817
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392427
-CVE-2017-17816 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
+CVE-2017-17816
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392426
-CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...)
+CVE-2017-17815
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436
-CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
+CVE-2017-17814
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392430
-CVE-2017-17813 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the ...)
+CVE-2017-17813
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392429
-CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
+CVE-2017-17812
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424
-CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
+CVE-2017-17811
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392432
-CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a &quot;SEGV on unknown ...)
+CVE-2017-17810
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431
-CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice ...)
+CVE-2017-17809
 	NOT-FOR-US: Golden Frog VyprVPN
 CVE-2017-17808
 	RESERVED
-CVE-2017-17807 (The KEYS subsystem in the Linux kernel before 4.14.6 omitted an ...)
+CVE-2017-17807
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: Fixed by: https://git.kernel.org/linus/4dca6ea1d9432052afb06baf2e3ae78188a4410b (v4.15-rc3)
-CVE-2017-17806 (The HMAC implementation (crypto/hmac.c) in the Linux kernel before ...)
+CVE-2017-17806
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: Fixed by: https://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1 (v4.15-rc4)
-CVE-2017-17805 (The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does ...)
+CVE-2017-17805
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e (4.15-rc4)
-CVE-2017-17804 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows ...)
+CVE-2017-17804
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-17803 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+CVE-2017-17803
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17802 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+CVE-2017-17802
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17801 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+CVE-2017-17801
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17800 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+CVE-2017-17800
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17799 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+CVE-2017-17799
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17798 (In TG Soft Vir.IT eXplorer Lite 8.5.42, the driver file (VIRAGTLT.SYS) ...)
+CVE-2017-17798
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17797 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows ...)
+CVE-2017-17797
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-17796 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+CVE-2017-17796
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17795 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows ...)
+CVE-2017-17795
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-17794 (validate_form_preferences in admin/preferences.php in BlogoText through ...)
+CVE-2017-17794
 	NOT-FOR-US: BlogoText
-CVE-2017-17793 (Information Disclosure vulnerability in creer_fichier_zip in ...)
+CVE-2017-17793
 	NOT-FOR-US: BlogoText
-CVE-2017-17792 (Cross site scripting (XSS) vulnerability in the markup_clean_href ...)
+CVE-2017-17792
 	NOT-FOR-US: BlogoText
 CVE-2017-17791
 	RESERVED
-CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 ...)
+CVE-2017-17790
 	{DSA-4259-1 DLA-1421-1 DLA-1222-1 DLA-1221-1}
 	- ruby2.5 2.5.0-1 (bug #884878)
 	- ruby2.3 <removed> (bug #884879)
@@ -2090,75 +2090,75 @@ CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through 2.
 	- ruby1.8 <removed>
 	NOTE: https://github.com/ruby/ruby/pull/1777
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/e7464561b5151501beb356fc750d5dd1a88014f7
-CVE-2017-17783 (In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage ...)
+CVE-2017-17783
 	{DSA-4321-1}
 	- graphicsmagick 1.3.27-2 (bug #884904)
 	[jessie] - graphicsmagick <no-dsa> (Minor issue)
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present, unreproducible with ASAN)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=60932931559a
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/529/
-CVE-2017-17782 (In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ...)
+CVE-2017-17782
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-2 (bug #884905)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e3d2264109c
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/530/
 CVE-2017-17781
 	REJECTED
-CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...)
+CVE-2017-17780
 	NOT-FOR-US: Clockwork SMS plugins for WordPress
-CVE-2017-17779 (Paid To Read Script 2.0.5 has SQL injection via the referrals.php id ...)
+CVE-2017-17779
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17778 (Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter ...)
+CVE-2017-17778
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17777 (Paid To Read Script 2.0.5 has authentication bypass in the admin panel ...)
+CVE-2017-17777
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17776 (Paid To Read Script 2.0.5 has full path disclosure via an invalid ...)
+CVE-2017-17776
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name parameter in an ...)
+CVE-2017-17775
 	- piwigo <removed>
-CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...)
+CVE-2017-17774
 	- piwigo <removed>
-CVE-2017-17773 (In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile ...)
+CVE-2017-17773
 	NOT-FOR-US: Android Qualcomm closed-source components
 CVE-2017-17772
 	RESERVED
-CVE-2017-17771 (In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, ...)
+CVE-2017-17771
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17770 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-17770
 	NOT-FOR-US: Android Linux component (source code not availalable, so probably Android-specific)
-CVE-2017-17769 (Information leakage in Android for MSM, Firefox OS for MSM, and QRD ...)
+CVE-2017-17769
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-17768
 	RESERVED
-CVE-2017-17767 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-17767
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17766 (In wma_peer_info_event_handler() in Android for MSM, Firefox OS for ...)
+CVE-2017-17766
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17765 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-17765
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17764 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-17764
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17763 (SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share ...)
+CVE-2017-17763
 	NOT-FOR-US: SuperBeam
-CVE-2017-17762 (XML external entity (XXE) vulnerability in Episerver 7 patch 4 and ...)
+CVE-2017-17762
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17761 (An issue was discovered on Ichano AtHome IP Camera devices. The device ...)
+CVE-2017-17761
 	NOT-FOR-US: Ichano AtHome IP Camera
-CVE-2017-17476 (Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before ...)
+CVE-2017-17476
 	{DSA-4069-1 DLA-1215-1}
 	- otrs2 6.0.3-1 (bug #884801)
 	NOTE: https://www.otrs.com/security-advisory-2017-10-security-update-otrs-framework/
 	NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/36e3be99cfe8a9e09afa1b75fdc39f3e28f561fc
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb
-CVE-2017-17785 (In GIMP 2.8.22, there is a heap-based buffer overflow in the ...)
+CVE-2017-17785
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (bug #884836)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=edb251a7ef1602d20a5afcbf23f24afb163de63b (master)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=1882bac996a20ab5c15c42b0c5e8f49033a1af54 (gimp-2-8)
 	NOTE: Can be reproduced (at least in wheezy) with "valgrind --trace-children=yes gimp <reproducerfile>"
-CVE-2017-17786 (In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in ...)
+CVE-2017-17786
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #884862)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739134
@@ -2167,20 +2167,20 @@ CVE-2017-17786 (In GIMP 2.8.22, there is a heap-based buffer over-read in ReadIm
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=ef9c821fff8b637a2178eab1c78cae6764c50e12 (gimp-2-8)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=22e2571c25425f225abdb11a566cc281fca6f366 (gimp-2-8)
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17788 (In GIMP 2.8.22, there is a stack-based buffer over-read in ...)
+CVE-2017-17788
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #885347)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=702c4227e8b6169f781e4bb5ae4b5733f51ab126 (master)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790783
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17784 (In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in ...)
+CVE-2017-17784
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #884925)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790784
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=06d24a79af94837d615d0024916bb95a01bf3c59 (master)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=c57f9dcf1934a9ab0cd67650f2dea18cb0902270 (gimp-2-8)
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17789 (In GIMP 2.8.22, there is a heap-based buffer overflow in ...)
+CVE-2017-17789
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (bug #884837)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790849
@@ -2188,25 +2188,25 @@ CVE-2017-17789 (In GIMP 2.8.22, there is a heap-based buffer overflow in ...)
 	NOTE: https://git.gnome.org/browse/GIMP/commit/?id=01898f10f87a094665a7fdcf7153990f4e511d3f (gimp-2-8)
 	NOTE: Cannot be reproduced in wheezy with "valgrind --trace-children=yes gimp <reproducerfile>"
 	NOTE: Some OOB read/write can be reproduced in sid with "valgrind --trace-children=yes gimp <reproducerfile>"
-CVE-2017-17787 (In GIMP 2.8.22, there is a heap-based buffer over-read in ...)
+CVE-2017-17787
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #884927)
 	NOTE: https://git.gnome.org/browse/GIMP/commit/?id=eb2980683e6472aff35a3117587c4f814515c74d (master)
 	NOTE: https://git.gnome.org/browse/GIMP/commit/?id=87ba505fff85989af795f4ab6a047713f4d9381d (gimp-2-8)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790853
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17760 (OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData ...)
+CVE-2017-17760
 	{DLA-1438-1 DLA-1235-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #885843)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/10351
 	NOTE: https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c
-CVE-2017-17759 (Conarc iChannel allows remote attackers to obtain sensitive ...)
+CVE-2017-17759
 	NOT-FOR-US: Conarc iChannel
-CVE-2017-17758 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to ...)
+CVE-2017-17758
 	NOT-FOR-US: TP-Link
-CVE-2017-17757 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to ...)
+CVE-2017-17757
 	NOT-FOR-US: TP-Link
 CVE-2017-17756
 	RESERVED
@@ -2214,29 +2214,29 @@ CVE-2017-17755
 	RESERVED
 CVE-2017-17754
 	RESERVED
-CVE-2017-17753 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2017-17753
 	NOT-FOR-US: esb-csv-import-export plugin for WordPress
-CVE-2017-17752 (Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body ...)
+CVE-2017-17752
 	NOT-FOR-US: Ability Mail Server
-CVE-2017-17751 (Bose SoundTouch devices allows remote attackers to achieve remote ...)
+CVE-2017-17751
 	NOT-FOR-US: Bose SoundTouch devices
-CVE-2017-17750 (Bose SoundTouch devices allow XSS via a crafted public playlist from ...)
+CVE-2017-17750
 	NOT-FOR-US: Bose SoundTouch devices
-CVE-2017-17749 (Bose SoundTouch devices allow XSS via crafted song data from a music ...)
+CVE-2017-17749
 	NOT-FOR-US: Bose SoundTouch devices
 CVE-2017-17748
 	RESERVED
-CVE-2017-17747 (Weak access controls in the Device Logout functionality on the TP-Link ...)
+CVE-2017-17747
 	NOT-FOR-US: TP-Link
-CVE-2017-17746 (Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any ...)
+CVE-2017-17746
 	NOT-FOR-US: TP-Link
-CVE-2017-17745 (Cross-site scripting (XSS) vulnerability in system_name_set.cgi in ...)
+CVE-2017-17745
 	NOT-FOR-US: TP-Link
-CVE-2017-17744 (A cross-site scripting (XSS) vulnerability in the custom-map plugin ...)
+CVE-2017-17744
 	NOT-FOR-US: custom-map plugin for WordPress
-CVE-2017-17743 (Improper input sanitization within the restricted administration shell ...)
+CVE-2017-17743
 	NOT-FOR-US: UCOPIA Wireless Appliance
-CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
+CVE-2017-17742
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -2244,74 +2244,74 @@ CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.
 	- ruby1.9.1 <removed>
 	- ruby1.8 <removed>
 	NOTE: https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/
-CVE-2017-17741 (The KVM implementation in the Linux kernel through 4.14.7 allows ...)
+CVE-2017-17741
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: https://www.spinics.net/lists/kvm/msg160796.html
-CVE-2017-17740 (contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both ...)
+CVE-2017-17740
 	- openldap <unfixed> (unimportant)
 	NOTE: http://www.openldap.org/its/index.cgi/Incoming?id=8759
 	NOTE: nops slapd-module not built
-CVE-2017-17739 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and ...)
+CVE-2017-17739
 	NOT-FOR-US: BrightSign Digital Signage
-CVE-2017-17738 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and ...)
+CVE-2017-17738
 	NOT-FOR-US: BrightSign Digital Signage
-CVE-2017-17737 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and ...)
+CVE-2017-17737
 	NOT-FOR-US: BrightSign Digital Signage
-CVE-2017-17736 (Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote ...)
+CVE-2017-17736
 	NOT-FOR-US: Kentico
-CVE-2017-17735 (CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login ...)
+CVE-2017-17735
 	NOT-FOR-US: CMS Made Simple (CMSMS)
-CVE-2017-17734 (CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login ...)
+CVE-2017-17734
 	NOT-FOR-US: CMS Made Simple (CMSMS)
-CVE-2017-17733 (Maccms 8.x allows remote command execution via the wd parameter in an ...)
+CVE-2017-17733
 	NOT-FOR-US: Maccms
 CVE-2017-17732
 	RESERVED
-CVE-2017-17731 (DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to ...)
+CVE-2017-17731
 	NOT-FOR-US: DedeCMS
-CVE-2017-17730 (DedeCMS through 5.7 has SQL Injection via the logo parameter to ...)
+CVE-2017-17730
 	NOT-FOR-US: DedeCMS
 CVE-2017-17729
 	RESERVED
 CVE-2017-17728
 	RESERVED
-CVE-2017-17727 (DedeCMS through 5.6 allows arbitrary file upload and PHP code execution ...)
+CVE-2017-17727
 	NOT-FOR-US: DedeCMS
 CVE-2017-17726
 	RESERVED
-CVE-2017-17725 (In Exiv2 0.26, there is an integer overflow leading to a heap-based ...)
+CVE-2017-17725
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1525055
 	NOTE: https://github.com/Exiv2/exiv2/issues/188
 	NOTE: https://github.com/Exiv2/exiv2/pull/193
-CVE-2017-17724 (In Exiv2 0.26, there is a heap-based buffer over-read in the ...)
+CVE-2017-17724
 	[experimental] - exiv2 <unfixed> (bug #891783)
 	- exiv2 <not-affected> (Introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524107
 	NOTE: https://github.com/Exiv2/exiv2/issues/210
 	NOTE: https://github.com/Exiv2/exiv2/commit/962962a8e9885ccbca28f624492f1427152a0695
-CVE-2017-17723 (In Exiv2 0.26, there is a heap-based buffer over-read in the ...)
+CVE-2017-17723
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524104
 	NOTE: https://github.com/Exiv2/exiv2/issues/229
 	NOTE: https://github.com/Exiv2/exiv2/commit/36df4bc997d74ecc447e4541e2fc3fda10586103
-CVE-2017-17722 (In Exiv2 0.26, there is a reachable assertion in the readHeader ...)
+CVE-2017-17722
 	[experimental] - exiv2 <unfixed> (low; bug #891044)
 	- exiv2 <not-affected> (Vulnerable code introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524116
 	NOTE: https://github.com/Exiv2/exiv2/issues/208
 	NOTE: https://github.com/Exiv2/exiv2/issues/228 (duplicate)
 	NOTE: https://github.com/Kicer86/exiv2/commit/1647908e00a4df7246d76678e59587e62c690dcd
-CVE-2017-17721 (CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 ...)
+CVE-2017-17721
 	NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
 CVE-2017-17720
 	RESERVED
-CVE-2017-17719 (A cross-site scripting (XSS) vulnerability in the wp-concours plugin ...)
+CVE-2017-17719
 	NOT-FOR-US: wp-concours plugin for WordPress
-CVE-2017-17718 (The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL ...)
+CVE-2017-17718
 	- ruby-net-ldap 0.16.1-1 (bug #884693)
 	[stretch] - ruby-net-ldap <no-dsa> (Minor issue)
 	[jessie] - ruby-net-ldap <not-affected> (Documentation already states that there is no validation)
@@ -2321,17 +2321,17 @@ CVE-2017-17718 (The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Miss
 	NOTE: validation, see https://sources.debian.org/src/ruby-net-ldap/0.8.0-1/lib/net/ldap.rb/#L476
 	NOTE: In wheezy/jessie, only reverse dependencies are redmine (which is unsupported in wheezy)
 	NOTE: and ruby-omniauth-ldap (which has no reverse dep either).
-CVE-2017-17717 (Sonatype Nexus Repository Manager through 2.14.5 has weak password ...)
+CVE-2017-17717
 	NOT-FOR-US: Sonatype Nexus
-CVE-2017-17716 (GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate ...)
+CVE-2017-17716
 	- gitlab <not-affected> (vulnerable version never uploaded to the archive)
-CVE-2017-17715 (The saveFile method in MediaController.java in the Telegram Messenger ...)
+CVE-2017-17715
 	NOT-FOR-US: Telegram Messenger for Android
-CVE-2017-17714 (Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId ...)
+CVE-2017-17714
 	NOT-FOR-US: Trape
-CVE-2017-17713 (Trape before 2017-11-05 has SQL injection via the /nr red parameter, ...)
+CVE-2017-17713
 	NOT-FOR-US: Trape
-CVE-2017-17712 (The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel ...)
+CVE-2017-17712
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -2343,45 +2343,45 @@ CVE-2017-17710
 	RESERVED
 CVE-2017-17709
 	RESERVED
-CVE-2017-17708 (Because of insufficient authorization checks it is possible for any ...)
+CVE-2017-17708
 	NOT-FOR-US: Pleasant Password Server
-CVE-2017-17707 (Due to missing authorization checks, any authenticated user is able to ...)
+CVE-2017-17707
 	NOT-FOR-US: Pleasant Password Server
 CVE-2017-17706
 	RESERVED
 CVE-2017-17705
 	RESERVED
-CVE-2017-17704 (A door-unlocking issue was discovered on Software House iStar Ultra ...)
+CVE-2017-17704
 	NOT-FOR-US: Software House iStar Ultra devices
-CVE-2017-17703 (Synacor Zimbra Collaboration Suite (ZCS) before 8.8.3 has Persistent ...)
+CVE-2017-17703
 	NOT-FOR-US: Zimbra
 CVE-2017-17702
 	RESERVED
-CVE-2017-17701 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer ...)
+CVE-2017-17701
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17700 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer ...)
+CVE-2017-17700
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17699 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer ...)
+CVE-2017-17699
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17698 (Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has ...)
+CVE-2017-17698
 	NOT-FOR-US: Zoho ManageEngine Password Manager Pro
-CVE-2017-17697 (The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has ...)
+CVE-2017-17697
 	NOT-FOR-US: Harbor
-CVE-2017-17696 (Techno - Portfolio Management Panel through 2017-11-16 allows full path ...)
+CVE-2017-17696
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17695 (Techno - Portfolio Management Panel through 2017-11-16 allows SQL ...)
+CVE-2017-17695
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17694 (Techno - Portfolio Management Panel through 2017-11-16 allows XSS via ...)
+CVE-2017-17694
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17693 (Techno - Portfolio Management Panel through 2017-11-16 does not check ...)
+CVE-2017-17693
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17692 (Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass ...)
+CVE-2017-17692
 	NOT-FOR-US: Samsung Internet Browser
-CVE-2017-17691 (Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses ...)
+CVE-2017-17691
 	NOT-FOR-US: Homeputer CL Studio fur HomeMatic
 CVE-2017-17690
 	RESERVED
-CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ...)
+CVE-2017-17689
 	- evolution <unfixed> (bug #898633; unimportant)
 	- kf5-messagelib 4:18.08.1-1 (bug #899127)
 	[stretch] - kf5-messagelib <no-dsa> (Defaults to secure handling, change to disable it entirely can be fixed via spu)
@@ -2396,7 +2396,7 @@ CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ..
 	NOTE: kf5-messagelib: https://phabricator.kde.org/D12391 (v18.04.1)
 	NOTE: kf5-messagelib: https://phabricator.kde.org/D12393 (v18.04.1)
 	NOTE: kmail: https://phabricator.kde.org/D12394
-CVE-2017-17688 (** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode ...)
+CVE-2017-17688
 	- enigmail 2:2.0.6.1-4 (bug #898630)
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
 	NOTE: vulnerability is in the clients handling, not in OpenPGP
@@ -2409,11 +2409,11 @@ CVE-2017-17686
 	RESERVED
 CVE-2017-17685
 	RESERVED
-CVE-2017-17684 (Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 ...)
+CVE-2017-17684
 	NOT-FOR-US: Panda Global Protection
-CVE-2017-17683 (Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 ...)
+CVE-2017-17683
 	NOT-FOR-US: Panda Global Protection
-CVE-2017-17682 (In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in ...)
+CVE-2017-17682
 	{DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #885942)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -2421,7 +2421,7 @@ CVE-2017-17682 (In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was foun
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/870
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/da649f031e36753c69268c5c027e695b8ae45e9a
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/06c8dd4de59e48d282d4f224faa64ab9012a711a
-CVE-2017-17681 (In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found ...)
+CVE-2017-17681
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #885941)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -2433,7 +2433,7 @@ CVE-2017-17681 (In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was
 	NOTE: different fix for IM-6: https://github.com/ImageMagick/ImageMagick/commit/cae42160e5ab6de4b2a9433267e143ce295ae957
 	NOTE: The fix involves all done changes on the relevant part of coders/psd.c between
 	NOTE: (and including) edf1b9408492b97cd08111a0a9cb123f6391dc5b and cae42160e5ab6de4b2a9433267e143ce295ae957 .
-CVE-2017-17680 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-17680
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/873
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/69601843684dd038a8397e1a12dd15777d2513bf
@@ -2452,32 +2452,32 @@ CVE-2017-17674
 	RESERVED
 CVE-2017-17673
 	RESERVED
-CVE-2017-17672 (In vBulletin through 5.3.x, there is an unauthenticated deserialization ...)
+CVE-2017-17672
 	NOT-FOR-US: vBulletin
-CVE-2017-17671 (vBulletin through 5.3.x on Windows allows remote PHP code execution ...)
+CVE-2017-17671
 	NOT-FOR-US: vBulletin
-CVE-2017-17670 (In VideoLAN VLC media player through 2.2.8, there is a type conversion ...)
+CVE-2017-17670
 	{DSA-4203-1}
 	- vlc 3.0.0~rc2-1
 	[jessie] - vlc <end-of-life> (See DSA-4203-1)
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/15/1
 	NOTE: POC: https://gist.github.com/dyntopia/194d912287656f66dd502158b0cd2e68
-CVE-2017-17669 (There is a heap-based buffer over-read in the ...)
+CVE-2017-17669
 	- exiv2 <unfixed> (bug #886006)
 	[stretch] - exiv2 <ignored> (Minor issue)
 	[jessie] - exiv2 <ignored> (Minor issue)
 	[wheezy] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/187
-CVE-2017-17668 (Memory write mechanism in NCR S1 Dispenser controller before firmware ...)
+CVE-2017-17668
 	NOT-FOR-US: NCR S1 Dispenser controller
 CVE-2017-17667
 	RESERVED
 CVE-2017-17666
 	RESERVED
-CVE-2017-17665 (In Octopus Deploy before 4.1.3, the machine update process doesn't ...)
+CVE-2017-17665
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-17664 (A Remote Crash issue was discovered in Asterisk Open Source 13.x before ...)
+CVE-2017-17664
 	- asterisk 1:13.18.5~dfsg-1 (bug #884345)
 	[stretch] - asterisk 1:13.14.1~dfsg-2+deb9u3
 	[jessie] - asterisk <not-affected> (Vulnerable code introduced later)
@@ -2485,236 +2485,236 @@ CVE-2017-17664 (A Remote Crash issue was discovered in Asterisk Open Source 13.x
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-012.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27382
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27429
-CVE-2017-17663 (The htpasswd implementation of mini_httpd before v1.28 and of thttpd ...)
+CVE-2017-17663
 	- mini-httpd <unfixed> (unimportant)
 	- thttpd <removed> (unimportant)
 	NOTE: http://acme.com/updates/archive/199.html
-CVE-2017-17662 (Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 ...)
+CVE-2017-17662
 	NOT-FOR-US: Yawcam
 CVE-2017-17661
 	RESERVED
 CVE-2017-17660
 	RESERVED
-CVE-2017-17659 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17659
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17658 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17658
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17657 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17657
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17656 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17656
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17655 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17655
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17654 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17654
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17653 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17653
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17652 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17652
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17651 (Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php ...)
+CVE-2017-17651
 	NOT-FOR-US: Paid To Read Script
 CVE-2017-17650
 	RESERVED
-CVE-2017-17649 (Readymade Video Sharing Script 3.2 has HTML Injection via the ...)
+CVE-2017-17649
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17648 (Entrepreneur Dating Script 2.0.1 has SQL Injection via the ...)
+CVE-2017-17648
 	NOT-FOR-US: Entrepreneur Dating Script
 CVE-2017-17647
 	RESERVED
 CVE-2017-17646
 	RESERVED
-CVE-2017-17645 (Bus Booking Script 1.0 has SQL Injection via the txtname parameter to ...)
+CVE-2017-17645
 	NOT-FOR-US: Bus Booking Script
 CVE-2017-17644
 	RESERVED
-CVE-2017-17643 (FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to ...)
+CVE-2017-17643
 	NOT-FOR-US: FS Lynda Clone
-CVE-2017-17642 (Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter ...)
+CVE-2017-17642
 	NOT-FOR-US: Basic Job Site Script
-CVE-2017-17641 (Resume Clone Script 2.0.5 has SQL Injection via the preview.php id ...)
+CVE-2017-17641
 	NOT-FOR-US: Resume Clone Script
-CVE-2017-17640 (Advanced World Database 2.0.5 has SQL Injection via the city.php ...)
+CVE-2017-17640
 	NOT-FOR-US: Advanced World Database
-CVE-2017-17639 (Muslim Matrimonial Script 3.02 has SQL Injection via the ...)
+CVE-2017-17639
 	NOT-FOR-US: Muslim Matrimonial Script
-CVE-2017-17638 (Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php ...)
+CVE-2017-17638
 	NOT-FOR-US: Groupon Clone Script
-CVE-2017-17637 (Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val ...)
+CVE-2017-17637
 	NOT-FOR-US: Car Rental Script
-CVE-2017-17636 (MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid ...)
+CVE-2017-17636
 	NOT-FOR-US: MLM Forced Matrix
-CVE-2017-17635 (MLM Forex Market Plan Script 2.0.4 has SQL Injection via the ...)
+CVE-2017-17635
 	NOT-FOR-US: MLM Forex Market Plan Script
-CVE-2017-17634 (Single Theater Booking Script 3.2.1 has SQL Injection via the ...)
+CVE-2017-17634
 	NOT-FOR-US: Single Theater Booking Script
-CVE-2017-17633 (Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the ...)
+CVE-2017-17633
 	NOT-FOR-US: Multiplex Movie Theater Booking Script
-CVE-2017-17632 (Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL ...)
+CVE-2017-17632
 	NOT-FOR-US: Responsive Events And Movie Ticket Booking Script
-CVE-2017-17631 (Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the ...)
+CVE-2017-17631
 	NOT-FOR-US: Multireligion Responsive Matrimonial
-CVE-2017-17630 (Yoga Class Script 1.0 has SQL Injection via the /list city parameter. ...)
+CVE-2017-17630
 	NOT-FOR-US: Yoga Class Script
-CVE-2017-17629 (Secure E-commerce Script 2.0.1 has SQL Injection via the category.php ...)
+CVE-2017-17629
 	NOT-FOR-US: Secure E-commerce Script
-CVE-2017-17628 (Responsive Realestate Script 3.2 has SQL Injection via the ...)
+CVE-2017-17628
 	NOT-FOR-US: Responsive Realestate Script
-CVE-2017-17627 (Readymade Video Sharing Script 3.2 has SQL Injection via the ...)
+CVE-2017-17627
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17626 (Readymade PHP Classified Script 3.3 has SQL Injection via the ...)
+CVE-2017-17626
 	NOT-FOR-US: Readymade PHP Classified Script
-CVE-2017-17625 (Professional Service Script 1.0 has SQL Injection via the service-list ...)
+CVE-2017-17625
 	NOT-FOR-US: Professional Service Script
-CVE-2017-17624 (PHP Multivendor Ecommerce 1.0 has SQL Injection via the ...)
+CVE-2017-17624
 	NOT-FOR-US: PHP Multivendor Ecommerce
-CVE-2017-17623 (Opensource Classified Ads Script 3.2 has SQL Injection via the ...)
+CVE-2017-17623
 	NOT-FOR-US: Opensource Classified Ads Script
-CVE-2017-17622 (Online Exam Test Application Script 1.6 has SQL Injection via the ...)
+CVE-2017-17622
 	NOT-FOR-US: Online Exam Test Application Script
-CVE-2017-17621 (Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the ...)
+CVE-2017-17621
 	NOT-FOR-US: Multivendor Penny Auction Clone Script
-CVE-2017-17620 (Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city ...)
+CVE-2017-17620
 	NOT-FOR-US: Lawyer Search Script
-CVE-2017-17619 (Laundry Booking Script 1.0 has SQL Injection via the /list city ...)
+CVE-2017-17619
 	NOT-FOR-US: Laundry Booking Script
-CVE-2017-17618 (Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php ...)
+CVE-2017-17618
 	NOT-FOR-US: Kickstarter Clone Script
-CVE-2017-17617 (Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php ...)
+CVE-2017-17617
 	NOT-FOR-US: Foodspotting Clone Script
-CVE-2017-17616 (Event Search Script 1.0 has SQL Injection via the /event-list city ...)
+CVE-2017-17616
 	NOT-FOR-US: Event Search Script
-CVE-2017-17615 (Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php ...)
+CVE-2017-17615
 	NOT-FOR-US: Facebook Clone Script
-CVE-2017-17614 (Food Order Script 1.0 has SQL Injection via the /list city parameter. ...)
+CVE-2017-17614
 	NOT-FOR-US: Food Order Script
-CVE-2017-17613 (Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php ...)
+CVE-2017-17613
 	NOT-FOR-US: Freelance Website Script
-CVE-2017-17612 (Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or ...)
+CVE-2017-17612
 	NOT-FOR-US: Hot Scripts Clone
-CVE-2017-17611 (Doctor Search Script 1.0 has SQL Injection via the /list city ...)
+CVE-2017-17611
 	NOT-FOR-US: Doctor Search Script
-CVE-2017-17610 (E-commerce MLM Software 1.0 has SQL Injection via the ...)
+CVE-2017-17610
 	NOT-FOR-US: E-commerce MLM Software
-CVE-2017-17609 (Chartered Accountant Booking Script 1.0 has SQL Injection via the ...)
+CVE-2017-17609
 	NOT-FOR-US: Chartered Accountant Booking Script
-CVE-2017-17608 (Child Care Script 1.0 has SQL Injection via the /list city parameter. ...)
+CVE-2017-17608
 	NOT-FOR-US: Child Care Script
-CVE-2017-17607 (CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to ...)
+CVE-2017-17607
 	NOT-FOR-US: CMS Auditor Website
-CVE-2017-17606 (Co-work Space Search Script 1.0 has SQL Injection via the /list city ...)
+CVE-2017-17606
 	NOT-FOR-US: Co-work Space Search Script
-CVE-2017-17605 (Consumer Complaints Clone Script 1.0 has SQL Injection via the ...)
+CVE-2017-17605
 	NOT-FOR-US: Consumer Complaints Clone Script
-CVE-2017-17604 (Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the ...)
+CVE-2017-17604
 	NOT-FOR-US: Entrepreneur Bus Booking Script
-CVE-2017-17603 (Advanced Real Estate Script 4.0.7 has SQL Injection via the ...)
+CVE-2017-17603
 	NOT-FOR-US: Advanced Real Estate Script
-CVE-2017-17602 (Advance B2B Script 2.1.3 has SQL Injection via the ...)
+CVE-2017-17602
 	NOT-FOR-US: Advance B2B Script
-CVE-2017-17601 (Cab Booking Script 1.0 has SQL Injection via the /service-list city ...)
+CVE-2017-17601
 	NOT-FOR-US: Cab Booking Script
-CVE-2017-17600 (Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id ...)
+CVE-2017-17600
 	NOT-FOR-US: Basic B2B Script
-CVE-2017-17599 (Advance Online Learning Management Script 3.1 has SQL Injection via the ...)
+CVE-2017-17599
 	NOT-FOR-US: Advance Online Learning Management Script
-CVE-2017-17598 (Affiliate MLM Script 1.0 has SQL Injection via the product-category.php ...)
+CVE-2017-17598
 	NOT-FOR-US: Affiliate MLM Script
-CVE-2017-17597 (Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php ...)
+CVE-2017-17597
 	NOT-FOR-US: Nearbuy Clone Script
-CVE-2017-17596 (Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the ...)
+CVE-2017-17596
 	NOT-FOR-US: Entrepreneur Job Portal Script
-CVE-2017-17595 (Beauty Parlour Booking Script 1.0 has SQL Injection via the /list ...)
+CVE-2017-17595
 	NOT-FOR-US: Beauty Parlour Booking Script
-CVE-2017-17594 (DomainSale PHP Script 1.0 has SQL Injection via the domain.php id ...)
+CVE-2017-17594
 	NOT-FOR-US: DomainSale PHP Script
-CVE-2017-17593 (Simple Chatting System 1.0 allows Arbitrary File Upload via ...)
+CVE-2017-17593
 	NOT-FOR-US: Simple Chatting System
-CVE-2017-17592 (Website Auction Marketplace 2.0.5 has SQL Injection via the search.php ...)
+CVE-2017-17592
 	NOT-FOR-US: Website Auction Marketplace
-CVE-2017-17591 (Realestate Crowdfunding Script 2.7.2 has SQL Injection via the ...)
+CVE-2017-17591
 	NOT-FOR-US: Realestate Crowdfunding Script
-CVE-2017-17590 (FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords ...)
+CVE-2017-17590
 	NOT-FOR-US: FS Stackoverflow Clone
-CVE-2017-17589 (FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php ...)
+CVE-2017-17589
 	NOT-FOR-US: FS Thumbtack Clone
-CVE-2017-17588 (FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, ...)
+CVE-2017-17588
 	NOT-FOR-US: FS IMDB Clone
-CVE-2017-17587 (FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token ...)
+CVE-2017-17587
 	NOT-FOR-US: FS Indiamart Clone
-CVE-2017-17586 (FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter ...)
+CVE-2017-17586
 	NOT-FOR-US: FS Olx Clone
-CVE-2017-17585 (FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id ...)
+CVE-2017-17585
 	NOT-FOR-US: FS Monster Clone
-CVE-2017-17584 (FS Makemytrip Clone 1.0 has SQL Injection via the ...)
+CVE-2017-17584
 	NOT-FOR-US: FS Makemytrip Clone
-CVE-2017-17583 (FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords ...)
+CVE-2017-17583
 	NOT-FOR-US: FS Shutterstock Clone
-CVE-2017-17582 (FS Grubhub Clone 1.0 has SQL Injection via the /food keywords ...)
+CVE-2017-17582
 	NOT-FOR-US: FS Grubhub Clone
-CVE-2017-17581 (FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid ...)
+CVE-2017-17581
 	NOT-FOR-US: FS Quibids Clone
-CVE-2017-17580 (FS Linkedin Clone 1.0 has SQL Injection via the group.php grid ...)
+CVE-2017-17580
 	NOT-FOR-US: FS Linkedin Clone
-CVE-2017-17579 (FS Freelancer Clone 1.0 has SQL Injection via the profile.php u ...)
+CVE-2017-17579
 	NOT-FOR-US: FS Freelancer Clone
-CVE-2017-17578 (FS Crowdfunding Script 1.0 has SQL Injection via the ...)
+CVE-2017-17578
 	NOT-FOR-US: FS Crowdfunding Script
-CVE-2017-17577 (FS Trademe Clone 1.0 has SQL Injection via the search_item.php search ...)
+CVE-2017-17577
 	NOT-FOR-US: FS Trademe Clone
-CVE-2017-17576 (FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat ...)
+CVE-2017-17576
 	NOT-FOR-US: FS Gigs Script
-CVE-2017-17575 (FS Groupon Clone 1.0 has SQL Injection via the item_details.php id ...)
+CVE-2017-17575
 	NOT-FOR-US: FS Groupon Clone
-CVE-2017-17574 (FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or ...)
+CVE-2017-17574
 	NOT-FOR-US: FS Care Clone
-CVE-2017-17573 (FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, ...)
+CVE-2017-17573
 	NOT-FOR-US: FS Ebay Clone
-CVE-2017-17572 (FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. ...)
+CVE-2017-17572
 	NOT-FOR-US: FS Amazon Clone
-CVE-2017-17571 (FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords ...)
+CVE-2017-17571
 	NOT-FOR-US: FS Foodpanda Clone
-CVE-2017-17570 (FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php ...)
+CVE-2017-17570
 	NOT-FOR-US: FS Expedia Clone
-CVE-2017-17569 (Scubez Posty Readymade Classifieds has XSS via the ...)
+CVE-2017-17569
 	NOT-FOR-US: Scubez Posty Readymade Classifieds
-CVE-2017-17568 (Scubez Posty Readymade Classifieds has Incorrect Access Control for ...)
+CVE-2017-17568
 	NOT-FOR-US: Scubez Posty Readymade Classifieds
-CVE-2017-17567 (Scubez Posty Readymade Classifieds has SQL Injection via the ...)
+CVE-2017-17567
 	NOT-FOR-US: Scubez Posty Readymade Classifieds
-CVE-2017-17562 (Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is ...)
+CVE-2017-17562
 	NOT-FOR-US: Embedthis GoAhead
-CVE-2017-17561 (SeaCMS 6.56 allows remote authenticated administrators to execute ...)
+CVE-2017-17561
 	NOT-FOR-US: SeaCMS
-CVE-2017-17560 (An issue was discovered on Western Digital MyCloud PR4100 2.30.172 ...)
+CVE-2017-17560
 	NOT-FOR-US: Western Digital MyCloud
 CVE-2017-17559
 	RESERVED
-CVE-2017-17565 (An issue was discovered in Xen through 4.9.x allowing PV guest OS users ...)
+CVE-2017-17565
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-251.html
-CVE-2017-17564 (An issue was discovered in Xen through 4.9.x allowing guest OS users to ...)
+CVE-2017-17564
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-250.html
-CVE-2017-17563 (An issue was discovered in Xen through 4.9.x allowing guest OS users to ...)
+CVE-2017-17563
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-249.html
-CVE-2017-17566 (An issue was discovered in Xen through 4.9.x allowing PV guest OS users ...)
+CVE-2017-17566
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-248.html
-CVE-2017-17558 (The usb_destroy_configuration function in drivers/usb/core/config.c in ...)
+CVE-2017-17558
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: https://www.spinics.net/lists/linux-usb/msg163644.html
 	NOTE: Fixed by: https://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7
-CVE-2017-17557 (In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw ...)
+CVE-2017-17557
 	NOT-FOR-US: Foxit Reader
-CVE-2017-17556 (A debug tool in Synaptics TouchPad drivers allows local users with ...)
+CVE-2017-17556
 	NOT-FOR-US: debug tool in Synaptics TouchPad drivers
-CVE-2017-17555 (The swri_audio_convert function in audioconvert.c in FFmpeg ...)
+CVE-2017-17555
 	- aubio 0.4.6-1 (low; bug #884232)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
@@ -2724,7 +2724,7 @@ CVE-2017-17555 (The swri_audio_convert function in audioconvert.c in FFmpeg ...)
 	NOTE: aubio initializes libswresample with 2 channels and then passes data
 	NOTE: that contains just one channel. Not an issue in src:ffmpeg.
 	NOTE: https://github.com/aubio/aubio/issues/137
-CVE-2017-17554 (A NULL pointer dereference (DoS) Vulnerability was found in the ...)
+CVE-2017-17554
 	- aubio 0.4.6-1 (low; bug #884237)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
@@ -2732,15 +2732,15 @@ CVE-2017-17554 (A NULL pointer dereference (DoS) Vulnerability was found in the
 	NOTE: Fixed by: https://github.com/aubio/aubio/commit/a81b12a3b4174953b3bc7ef4c37103f4d5636740
 	NOTE: https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.md
 	NOTE: https://github.com/aubio/aubio/issues/137
-CVE-2017-17553 (The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing ...)
+CVE-2017-17553
 	NOT-FOR-US: Dolphin Browser for Android
-CVE-2017-17552 (/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 ...)
+CVE-2017-17552
 	NOT-FOR-US: Zoho ManageEngine AD Manager Plus
-CVE-2017-17551 (The Backup and Restore feature in Mobotap Dolphin Browser for Android ...)
+CVE-2017-17551
 	NOT-FOR-US: Dolphin Browser for Android
-CVE-2017-17550 (ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a ...)
+CVE-2017-17550
 	NOT-FOR-US: ZyXEL
-CVE-2017-17549 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler ...)
+CVE-2017-17549
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
 CVE-2017-17548
 	RESERVED
@@ -2752,80 +2752,80 @@ CVE-2017-17545
 	RESERVED
 CVE-2017-17544
 	RESERVED
-CVE-2017-17543 (Users' VPN authentication credentials are unsafely encrypted in ...)
+CVE-2017-17543
 	NOT-FOR-US: Fortinet FortiClient
 CVE-2017-17542
 	RESERVED
-CVE-2017-17541 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager ...)
+CVE-2017-17541
 	NOT-FOR-US: Fortinet
-CVE-2017-17540 (The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows ...)
+CVE-2017-17540
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2017-17539 (The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and ...)
+CVE-2017-17539
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2017-17538 (MikroTik v6.40.5 devices allow remote attackers to cause a denial of ...)
+CVE-2017-17538
 	NOT-FOR-US: MikroTik
-CVE-2017-17537 (MikroTik RouterBOARD v6.39.2 and v6.40.5 allows an unauthenticated ...)
+CVE-2017-17537
 	NOT-FOR-US: MikroTik
-CVE-2017-17536 (Phabricator before 2017-11-10 does not block the --config and ...)
+CVE-2017-17536
 	- phabricator <unfixed> (unimportant)
 	NOTE: Fixed by: https://github.com/phacility/phabricator/commit/a7921a4448093d00defa8bd18f35b8c8f8bf3314
 	NOTE: Starting with 0~git20160726-3 the Phabricator package is not built
 	NOTE: The issue is unfixed in the source up to 0~git20170812-1
 	NOTE: Fixed in 0~git20171202-1 (not yet accepted from NEW)
-CVE-2017-17535 (lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before ...)
+CVE-2017-17535
 	- gjots2 <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/gjots2/2.4.1-2/lib/gui.py/?hl=2188#L2188
-CVE-2017-17534 (uiutil.c in Mensis 0.0.080507 does not validate strings before ...)
+CVE-2017-17534
 	- mensis <removed> (unimportant)
 	NOTE: https://sources.debian.org/src/mensis/0.0.080507-4/uiutil.c/?hl=293#L428
-CVE-2017-17533 (** DISPUTED ** default.tcl in Tkabber 1.1 does not validate strings ...)
+CVE-2017-17533
 	NOTE: Originally assigned for src:tkabber
 	NOTE: https://sources.debian.org/src/tkabber/1.1-1/default.tcl/?hl=118#L118
 	NOTE: TCL's exec call does not involve the shell. It does its own argument parsing
 	NOTE: which safely forwards the content of any variable. No command injection is
 	NOTE: thus possible. See https://tcl.tk/man/tcl/TclCmd/exec.htm
 	NOTE: MITRE only considers this as DISPUTED rather than fully REJECT The CVE.
-CVE-2017-17532 (examples/framework/news/news3.py in Kiwi 1.9.22 does not validate ...)
+CVE-2017-17532
 	- kiwi <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/kiwi/1.9.22-4/examples/framework/news/news3.py/?hl=88#L88
 	NOTE: Only in examples code, negligible impact
-CVE-2017-17531 (gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before ...)
+CVE-2017-17531
 	- global 6.6.1-1 (unimportant; bug #884912)
 	[stretch] - global 6.5.6-2+deb9u1
 	NOTE: https://sources.debian.org/src/global/4.8.6-2/gozilla/gozilla.c/#L269
-CVE-2017-17530 (common/help.c in Geomview 1.9.5 does not validate strings before ...)
+CVE-2017-17530
 	- geomview <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/geomview/1.9.5-1/src/bin/geomview/common/help.c/?hl=51#L83
-CVE-2017-17529 (af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings ...)
+CVE-2017-17529
 	- abiword <unfixed> (unimportant; bug #884923)
 	NOTE: Non-issue, nothing exploitable, should be rejected
-CVE-2017-17528 (backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not ...)
+CVE-2017-17528
 	- scummvm <unfixed> (unimportant)
 	[wheezy] - scummvm <not-affected> (Vulnerable code not there)
 	NOTE: https://sources.debian.org/src/scummvm/1.9.0+dfsg-2/backends/platform/sdl/posix/posix.cpp/?hl=274#L274
-CVE-2017-17527 (** DISPUTED ** delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does ...)
+CVE-2017-17527
 	- pasdoc 0.15.0-1 (unimportant)
 	NOTE: https://sources.debian.org/src/pasdoc/0.14.0-1/source/delphi_gui/WWWBrowserRunnerDM.pas/?hl=63#L63
 	NOTE: Marked as unimportant since issue in unused code. MITRE marks CVE as
 	NOTE: disputed.
-CVE-2017-17526 (Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings ...)
+CVE-2017-17526
 	- giac <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/giac/1.2.3.57+dfsg1-2/src/Input.cc/?hl=68#L77
-CVE-2017-17525 (guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate ...)
+CVE-2017-17525
 	- postbooks <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/postbooks/4.7.0-3/guiclient/guiclient.cpp/?hl=1610#L1610
-CVE-2017-17524 (library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings ...)
+CVE-2017-17524
 	- swi-prolog <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/swi-prolog/7.2.3+dfsg-1/library/www_browser.pl/?hl=68#L68
 	NOTE: In wheezy it is technically possible to trigger an argument injection
 	NOTE: vulnerability however it is quoted in an unusual way which makes it highly
 	NOTE: unlikely that it going to be.
-CVE-2017-17523 (lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings ...)
+CVE-2017-17523
 	- lilypond 2.18.2-12 (bug #884136)
 	[jessie] - lilypond <no-dsa> (Minor issue)
 	[wheezy] - lilypond <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/testlilyissues/issues/5243/
-CVE-2017-17522 (** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not ...)
+CVE-2017-17522
 	- jython <unfixed> (unimportant)
 	[wheezy] - jython <not-affected> (Vulnerable code is not provided in the binary package)
 	- python2.6 <removed> (unimportant)
@@ -2840,35 +2840,35 @@ CVE-2017-17522 (** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does no
 	NOTE: https://bugs.python.org/issue32367
 	NOTE: Hardly an issue with security impact, as the problematic code further relies
 	NOTE: on subprocess.Popen with the default shell=False.
-CVE-2017-17521 (uiutil.c in FontForge through 20170731 does not validate strings before ...)
+CVE-2017-17521
 	- fontforge <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/fontforge/1:20170731%7Edfsg-1/fontforgeexe/uiutil.c/#L285
-CVE-2017-17520 (** DISPUTED ** tools/url_handler.pl in TIN 2.4.1 does not validate ...)
+CVE-2017-17520
 	- tin <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/tin/1:2.4.1-1/tools/url_handler.pl/?hl=120#L120
 	NOTE: Documentation has a clear SECURITY section mentioning that [...] url_handler
 	NOTE: does not try hard to shell escape its input nor does it convert relative URLs
 	NOTE: into abosulte ones. If you use url_handler.pl from other applications be sure to
 	NOTE: at least shell escaped its input.
-CVE-2017-17519 (batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) ...)
+CVE-2017-17519
 	- ocaml-batteries <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/ocaml-batteries/2.6.0-1/src/batteriesConfig.mlp/?hl=23#L23
-CVE-2017-17518 (swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not ...)
+CVE-2017-17518
 	- whitedune <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/whitedune/0.30.10-2.1/src/swt/motif/browser.c/?hl=159#L214
-CVE-2017-17517 (libsylph/utils.c in Sylpheed through 3.6 does not validate strings ...)
+CVE-2017-17517
 	- sylpheed <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/sylpheed/3.5.1-1/libsylph/utils.c/?hl=4292#L4292
-CVE-2017-17516 (scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 ...)
+CVE-2017-17516
 	- rtv <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/rtv/1.20.0+dfsg-1/scripts/inspect_webbrowser.py/
-CVE-2017-17515 (** DISPUTED ** etc/ObjectList in Metview 4.7.3 does not validate ...)
+CVE-2017-17515
 	- metview <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/metview/4.7.2-3/share/metview/etc/ObjectList/?hl=2857#L2857
-CVE-2017-17514 (** DISPUTED ** boxes.c in nip2 8.4.0 does not validate strings before ...)
+CVE-2017-17514
 	- nip2 <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/nip2/8.4.0-1/src/boxes.c/?hl=727#L727
-CVE-2017-17513 (TeX Live through 20170524 does not validate strings before launching ...)
+CVE-2017-17513
 	- texlive-base <unfixed> (unimportant)
 	[wheezy] - texlive-base <not-affected> (Vulnerable code do not exist)
 	- texlive-bin <unfixed> (unimportant)
@@ -2878,11 +2878,11 @@ CVE-2017-17513 (TeX Live through 20170524 does not validate strings before launc
 	NOTE: https://sources.debian.org/src/texlive-base/2017.20171128-1/texmf-dist/tex/luatex/lualibs/lualibs-os.lua/#L153
 	NOTE: https://sources.debian.org/src/texlive-bin/2016.20160513.41080.dfsg-2/texk/texlive/linked_scripts/context/stubs/unix/mtxrun/#L3004
 	NOTE: https://sources.debian.org/src/context/2017.05.15.20170613-2/texmf-dist/scripts/context/stubs/mswin/mtxrun.lua/?hl=3424#L3424
-CVE-2017-17512 (sensible-browser in sensible-utils before 0.0.11 does not validate ...)
+CVE-2017-17512
 	{DSA-4071-1 DLA-1209-1}
 	- sensible-utils 0.0.11 (bug #881767)
 	NOTE: https://anonscm.debian.org/git/collab-maint/sensible-utils.git/commit/?id=e16c937c43126df7f08d355277f99dd94cc21ce5
-CVE-2017-17511 (KildClient 3.1.0 does not validate strings before launching the program ...)
+CVE-2017-17511
 	{DLA-1210-1}
 	- kildclient 3.2.0-1 (bug #885007)
 	[stretch] - kildclient 3.1.0-1+deb9u1
@@ -2891,21 +2891,21 @@ CVE-2017-17511 (KildClient 3.1.0 does not validate strings before launching the
 	NOTE: https://sources.debian.org/src/kildclient/3.1.0-1/src/prefs.c/?hl=324#L324
 CVE-2017-17510
 	RESERVED
-CVE-2017-17509 (In HDF5 1.10.1, there is an out of bounds write vulnerability in the ...)
+CVE-2017-17509
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/5-hdf5-heap-overflow-H5G__ent_decode_vec
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17508 (In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function ...)
+CVE-2017-17508
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/1-hdf5-divbyzero-H5T_set_loc
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17507 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the ...)
+CVE-2017-17507
 	- hdf5 <unfixed> (low; bug #915807)
 	[buster] - hdf5 <no-dsa> (Minor issue, requires ABI change)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
@@ -2915,48 +2915,48 @@ CVE-2017-17507 (In HDF5 1.10.1, there is an out of bounds read vulnerability in
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
 	NOTE: Fixing the bug requires an ABI changes thus upstream will only include a fix
 	NOTE: on a major version bump.
-CVE-2017-17506 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the ...)
+CVE-2017-17506
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/4-hdf5-outbound-read-H5Opline_pline_decode
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17505 (In HDF5 1.10.1, there is a NULL pointer dereference in the function ...)
+CVE-2017-17505
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/2-hdf5-null-pointer-H5O_pline_decode
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17504 (ImageMagick before 7.0.7-12 has a coders/png.c ...)
+CVE-2017-17504
 	{DSA-4204-1 DSA-4074-1 DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #885340)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/872
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/59c49559e302e06bfba46cb6feb4e39adbe675b6
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/fb89192c4ca1600741af79dd22166a7d91e76924
-CVE-2017-17503 (ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a ...)
+CVE-2017-17503
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/460ef5e858ad
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/522/
-CVE-2017-17502 (ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a ...)
+CVE-2017-17502
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/a9c425688397
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/521/
-CVE-2017-17501 (WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a ...)
+CVE-2017-17501
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/5b8414c0d0c4
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/526/
-CVE-2017-17500 (ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a ...)
+CVE-2017-17500
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/1366f2dd9931
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/523/
-CVE-2017-17499 (ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a ...)
+CVE-2017-17499
 	{DSA-4074-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #885339)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
@@ -2964,12 +2964,12 @@ CVE-2017-17499 (ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a ...)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=33078&sid=5fbb164c3830293138917f9b14264ed1
-CVE-2017-17498 (WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote ...)
+CVE-2017-17498
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f1c418ef0260
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/525/
-CVE-2017-17497 (In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows ...)
+CVE-2017-17497
 	- tidy-html5 2:5.6.0-3
 	[stretch] - tidy-html5 <not-affected> (Vulnerable code introduced after 5.6.0)
 	- tidy <not-affected> (Vulnerable code not present)
@@ -3000,12 +3000,12 @@ CVE-2017-17487
 	RESERVED
 CVE-2017-17486
 	RESERVED
-CVE-2017-17485 (FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 ...)
+CVE-2017-17485
 	{DSA-4114-1}
 	- jackson-databind 2.9.4-1 (bug #888318)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1528565#c0
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1855
-CVE-2017-17484 (The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International ...)
+CVE-2017-17484
 	- icu <not-affected> (Vulnerable code not present, only experimental was ever affected and fixed in 60.2-1)
 	NOTE: https://ssl.icu-project.org/trac/ticket/13510
 	NOTE: https://ssl.icu-project.org/trac/ticket/13490
@@ -3015,48 +3015,48 @@ CVE-2017-17484 (The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International .
 	NOTE: Introduced by https://ssl.icu-project.org/trac/changeset/40455/
 CVE-2017-17483
 	RESERVED
-CVE-2017-17482 (An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and ...)
+CVE-2017-17482
 	NOT-FOR-US: OpenVMS
 CVE-2017-17481
 	RESERVED
-CVE-2017-17480 (In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...)
+CVE-2017-17480
 	{DSA-4405-1 DLA-1579-1}
 	- openjpeg2 2.3.0-2 (bug #884738)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1044
 	NOTE: https://github.com/uclouvain/openjpeg/commit/0bc90e4062a5f9258c91eca018c019b179066c62
-CVE-2017-17479 (In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...)
+CVE-2017-17479
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1044
 	NOTE: Debian packaging does not build JPWL, has BUILD_JPWL:BOOL=OFF
-CVE-2017-17478 (An XSS issue was discovered in Designer Studio in Pegasystems Pega ...)
+CVE-2017-17478
 	NOT-FOR-US: Pegasystems Pega Platform
 CVE-2017-17477
 	RESERVED
-CVE-2017-17475 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17475
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17474 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17474
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17473 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17473
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17472 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17472
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17471 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17471
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17470 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17470
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17469 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17469
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17468 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain ...)
+CVE-2017-17468
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17467 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17467
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17466 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain ...)
+CVE-2017-17466
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17465 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer ...)
+CVE-2017-17465
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17464 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer ...)
+CVE-2017-17464
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17463 (Vivo modems allow remote attackers to obtain sensitive information by ...)
+CVE-2017-17463
 	NOT-FOR-US: Vivo modems
 CVE-2017-17462
 	RESERVED
@@ -3064,13 +3064,13 @@ CVE-2017-17461
 	REJECTED
 CVE-2017-17460
 	RESERVED
-CVE-2017-17459 (http_transport.c in Fossil before 2.4, when the SSH sync protocol is ...)
+CVE-2017-17459
 	- fossil 1:2.4-1
 	[stretch] - fossil <no-dsa> (Minor issue)
 	[jessie] - fossil <no-dsa> (Minor issue)
 	[wheezy] - fossil <no-dsa> (Minor issue)
 	NOTE: https://www.fossil-scm.org/xfer/info/1f63db591c77108c
-CVE-2017-17458 (In Mercurial before 4.4.1, it is possible that a specially malformed ...)
+CVE-2017-17458
 	{DLA-1414-2 DLA-1414-1 DLA-1224-1}
 	- mercurial 4.4.1-1
 	NOTE: https://bz.mercurial-scm.org/show_bug.cgi?id=5730
@@ -3078,47 +3078,47 @@ CVE-2017-17458 (In Mercurial before 4.4.1, it is possible that a specially malfo
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.4.1_.282017-11-07.29
 	NOTE: Fixed by: https://mercurial-scm.org/repo/hg/rev/071cbeba4212
 	NOTE: Alternative workaround/additionally needed: https://mercurial-scm.org/repo/hg/rev/5e27afeddaee
-CVE-2017-1002102 (In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to ...)
+CVE-2017-1002102
 	- kubernetes 1.7.16+dfsg-1 (bug #894051)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/60814
-CVE-2017-1002101 (In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to ...)
+CVE-2017-1002101
 	- kubernetes 1.7.16+dfsg-1 (bug #892801)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/60813
-CVE-2017-17457 (The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead ...)
+CVE-2017-17457
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #884735)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/344
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-17456 (The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead ...)
+CVE-2017-17456
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #884735)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/344
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-17455 (Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before ...)
+CVE-2017-17455
 	- mahara <removed>
-CVE-2017-17454 (Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before ...)
+CVE-2017-17454
 	- mahara <removed>
 CVE-2017-17453
 	RESERVED
 CVE-2017-17452
 	RESERVED
-CVE-2017-17451 (The WP Mailster plugin before 1.5.5 for WordPress has XSS in the ...)
+CVE-2017-17451
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-17450 (net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not ...)
+CVE-2017-17450
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <ignored> (User namespaces not supported)
 	NOTE: https://lkml.org/lkml/2017/12/5/982
-CVE-2017-17449 (The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in ...)
+CVE-2017-17449
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2017/12/5/950
-CVE-2017-17448 (net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 ...)
+CVE-2017-17448
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <ignored> (User namespaces not supported)
@@ -3129,13 +3129,13 @@ CVE-2017-17445
 	RESERVED
 CVE-2017-17444
 	RESERVED
-CVE-2017-17443 (OPC Foundation Local Discovery Server (LDS) 1.03.370 required a ...)
+CVE-2017-17443
 	NOT-FOR-US: OPC Foundation Local Discovery Server
-CVE-2017-17442 (In BlackBerry UEM Management Console version 12.7.1 and earlier, a ...)
+CVE-2017-17442
 	NOT-FOR-US: BlackBerry
 CVE-2017-17441
 	RESERVED
-CVE-2017-17446 (The Mem_File_Reader::read_avail function in Data_Reader.cpp in the ...)
+CVE-2017-17446
 	- game-music-emu 0.6.2-1 (bug #883691)
 	[stretch] - game-music-emu <no-dsa> (Minor issue)
 	[jessie] - game-music-emu <no-dsa> (Minor issue)
@@ -3143,13 +3143,13 @@ CVE-2017-17446 (The Mem_File_Reader::read_avail function in Data_Reader.cpp in t
 	NOTE: https://bitbucket.org/mpyne/game-music-emu/issues/14/addresssanitizer-negative-size-param-size
 	NOTE: Patch: https://bitbucket.org/mpyne/game-music-emu/commits/205290614cdc057541b26adeea05a9d45993f860
 	NOTE: Additional hardening: https://bitbucket.org/mpyne/game-music-emu/commits/4a441e94cba14268bc4e983d4dfd6ed112084d00
-CVE-2017-17440 (GNU Libextractor 1.6 allows remote attackers to cause a denial of ...)
+CVE-2017-17440
 	- libextractor 1:1.6-2 (bug #883528)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	[wheezy] - libextractor <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e
-CVE-2017-17439 (In Heimdal through 7.4, remote unauthenticated attackers are able to ...)
+CVE-2017-17439
 	{DSA-4055-1}
 	- heimdal 7.5.0+dfsg-1 (bug #878144)
 	[jessie] - heimdal <not-affected> (Vulnerability introduced in 7.0)
@@ -3161,104 +3161,104 @@ CVE-2017-17438
 	RESERVED
 CVE-2017-17437
 	RESERVED
-CVE-2017-17436 (An issue was discovered in the software on Vaultek Gun Safe VT20i ...)
+CVE-2017-17436
 	NOT-FOR-US: Vaultek Gun Safe
-CVE-2017-17435 (An issue was discovered in the software on Vaultek Gun Safe VT20i ...)
+CVE-2017-17435
 	NOT-FOR-US: Vaultek Gun Safe
-CVE-2017-17434 (The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, ...)
+CVE-2017-17434
 	{DSA-4068-1 DLA-1218-1}
 	- rsync 3.1.2-2.1 (bug #883665)
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=5509597decdbd7b91994210f700329d8a35e70a1
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=70aeb5fddd1b2f8e143276f8d5a085db16c593b9
-CVE-2017-17433 (The recv_files function in receiver.c in the daemon in rsync 3.1.2, and ...)
+CVE-2017-17433
 	{DSA-4068-1 DLA-1218-1}
 	- rsync 3.1.2-2.1 (bug #883667)
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
-CVE-2017-17431 (GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, ...)
+CVE-2017-17431
 	NOT-FOR-US: GeniXCMS
-CVE-2017-17430 (Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows ...)
+CVE-2017-17430
 	NOT-FOR-US: Sangoma NetBorder / Vega Session Controller
-CVE-2017-17429 (In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the ...)
+CVE-2017-17429
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17428 (Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development ...)
+CVE-2017-17428
 	NOT-FOR-US: Cisco ACE
 	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
 	NOTE: https://robotattack.org/
-CVE-2017-17427 (Radware Alteon devices with a firmware version between ...)
+CVE-2017-17427
 	NOT-FOR-US: Radware
 	NOTE: https://portals.radware.com/getattachment/21be0b7b-fa1c-4cbc-8bd2-c19946aee270/Security-Advisory-Adaptive-chosen-ciphertext-atta/
 	NOTE: https://robotattack.org/
-CVE-2017-17426 (The malloc function in the GNU C Library (aka glibc or libc6) 2.26 ...)
+CVE-2017-17426
 	- glibc <not-affected> (Issue introduced in glibc-2.26 with addition of per-thread cache to malloc)
 	- eglibc <not-affected> (Issue introduced in glibc-2.26 with addition of per-thread cache to malloc)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22375
 	NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d5c3fafc4307c9b7a4c7d5cb381fcdbfad340bcc
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=34697694e8a93b325b18f25f7dcded55d6baeaf6
 	NOTE: The upload of 2.26-0experimental2 to experimental fixed the issue (cf. #883729).
-CVE-2017-1000410 (The Linux kernel version 3.3-rc1 and later is affected by a ...)
+CVE-2017-1000410
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.3)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/06/3
-CVE-2017-1000409 (A buffer overflow in glibc 2.5 (released on September 29, 2006) and ...)
+CVE-2017-1000409
 	- glibc 2.25-5 (bug #884133)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/11/4
-CVE-2017-1000408 (A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached ...)
+CVE-2017-1000408
 	- glibc 2.25-5 (bug #884132)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/11/4
-CVE-2017-17432 (OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, ...)
+CVE-2017-17432
 	{DSA-4067-1 DLA-1213-1}
 	- openafs 1.6.22-1 (bug #883602)
 	NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt
-CVE-2017-17425 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17425
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17424 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17424
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17423 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17423
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17422 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17422
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17421 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17421
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17420 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17420
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17419 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17419
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17418 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17418
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17417 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17417
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17416 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17416
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17415 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17415
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17414 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17414
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17413 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17413
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17412 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17412
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17411 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17411
 	NOT-FOR-US: web management portal of Linksys WVBR0 WVBR0
-CVE-2017-17410 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17410
 	NOT-FOR-US: Bitdefender Internet Security 2018
-CVE-2017-17409 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17409
 	NOT-FOR-US: Bitdefender Internet Security 2018
-CVE-2017-17408 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17408
 	NOT-FOR-US: Bitdefender Internet Security 2018
-CVE-2017-17407 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17407
 	NOT-FOR-US: NetGain
-CVE-2017-17406 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-17406
 	NOT-FOR-US: NetGain
-CVE-2017-17405 (Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, ...)
+CVE-2017-17405
 	{DSA-4259-1 DLA-1421-1 DLA-1222-1 DLA-1221-1}
 	- ruby2.5 2.5.0~rc1-1 (bug #884437)
 	- ruby2.3 2.3.6-1 (bug #884438)
@@ -3309,15 +3309,15 @@ CVE-2017-17386
 	RESERVED
 CVE-2017-17385
 	RESERVED
-CVE-2017-17384 (ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain ...)
+CVE-2017-17384
 	NOT-FOR-US: ISPConfig
-CVE-2017-17383 (Jenkins through 2.93 allows remote authenticated administrators to ...)
+CVE-2017-17383
 	- jenkins <removed>
-CVE-2017-17382 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler ...)
+CVE-2017-17382
 	NOT-FOR-US: Citrix
 	NOTE: https://support.citrix.com/article/CTX230238
 	NOTE: https://robotattack.org/
-CVE-2017-17381 (The Virtio Vring implementation in QEMU allows local OS guest users to ...)
+CVE-2017-17381
 	{DSA-4213-1}
 	- qemu 1:2.11+dfsg-1 (bug #883625)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -3425,109 +3425,109 @@ CVE-2017-17332
 	RESERVED
 CVE-2017-17331
 	RESERVED
-CVE-2017-17330 (Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; ...)
+CVE-2017-17330
 	NOT-FOR-US: Huawei
-CVE-2017-17329 (Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. ...)
+CVE-2017-17329
 	NOT-FOR-US: Huawei
-CVE-2017-17328 (Huawei smartphones with software of MHA-AL00AC00B125 have an integer ...)
+CVE-2017-17328
 	NOT-FOR-US: Huawei
-CVE-2017-17327 (Huawei smartphones with software of MHA-AL00AC00B125 have an improper ...)
+CVE-2017-17327
 	NOT-FOR-US: Huawei
-CVE-2017-17326 (Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; ...)
+CVE-2017-17326
 	NOT-FOR-US: Huawei
-CVE-2017-17325 (Huawei video applications HiCinema with software of 8.0.3.308; ...)
+CVE-2017-17325
 	NOT-FOR-US: Huawei
-CVE-2017-17324 (Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; ...)
+CVE-2017-17324
 	NOT-FOR-US: Huawei
-CVE-2017-17323 (Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper ...)
+CVE-2017-17323
 	NOT-FOR-US: Huawei
-CVE-2017-17322 (Huawei Honor Smart Scale Application with software of 1.1.1 has an ...)
+CVE-2017-17322
 	NOT-FOR-US: Huawei
-CVE-2017-17321 (Huawei eNSP software with software of versions earlier than ...)
+CVE-2017-17321
 	NOT-FOR-US: Huawei
-CVE-2017-17320 (Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, ...)
+CVE-2017-17320
 	NOT-FOR-US: Huawei
-CVE-2017-17319 (Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 ...)
+CVE-2017-17319
 	NOT-FOR-US: Huawei
-CVE-2017-17318 (Huawei MBB (Mobile Broadband) products E5771h-937 with the versions ...)
+CVE-2017-17318
 	NOT-FOR-US: Huawei
-CVE-2017-17317 (Common Open Policy Service Protocol (COPS) module in Huawei USG6300 ...)
+CVE-2017-17317
 	NOT-FOR-US: Huawei
-CVE-2017-17316 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 ...)
+CVE-2017-17316
 	NOT-FOR-US: Huawei
-CVE-2017-17315 (Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; ...)
+CVE-2017-17315
 	NOT-FOR-US: Huawei
-CVE-2017-17314 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, ...)
+CVE-2017-17314
 	NOT-FOR-US: Huawei
-CVE-2017-17313 (The inputhub driver of HUAWEI P9 Lite mobile phones with Versions ...)
+CVE-2017-17313
 	NOT-FOR-US: inputhub driver of HUAWEI P9 Lite mobile phones
-CVE-2017-17312 (Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR ...)
+CVE-2017-17312
 	NOT-FOR-US: Huawei
-CVE-2017-17311 (Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR ...)
+CVE-2017-17311
 	NOT-FOR-US: Huawei
-CVE-2017-17310 (Electronic Numbers to URI Mapping (ENUM) module in some Huawei ...)
+CVE-2017-17310
 	NOT-FOR-US: Huawei
-CVE-2017-17309 (Huawei HG255s-10 V100R001C163B025SP02 has a path traversal ...)
+CVE-2017-17309
 	NOT-FOR-US: Huawei
-CVE-2017-17308 (SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, ...)
+CVE-2017-17308
 	NOT-FOR-US: Huawei
-CVE-2017-17307 (Some Huawei Smartphones with software of VNS-L21AUTC555B141 have an ...)
+CVE-2017-17307
 	NOT-FOR-US: Huawei
-CVE-2017-17306 (Some Huawei Smartphones with software of VNS-L21AUTC555B141, ...)
+CVE-2017-17306
 	NOT-FOR-US: Huawei
-CVE-2017-17305 (Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR ...)
+CVE-2017-17305
 	NOT-FOR-US: Huawei
-CVE-2017-17304 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
+CVE-2017-17304
 	NOT-FOR-US: Huawei
-CVE-2017-17303 (Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; ...)
+CVE-2017-17303
 	NOT-FOR-US: Huawei
-CVE-2017-17302 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, ...)
+CVE-2017-17302
 	NOT-FOR-US: Huawei
-CVE-2017-17301 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, ...)
+CVE-2017-17301
 	NOT-FOR-US: Huawei
-CVE-2017-17300 (Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, ...)
+CVE-2017-17300
 	NOT-FOR-US: Huawei
-CVE-2017-17299 (Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, ...)
+CVE-2017-17299
 	NOT-FOR-US: Huawei
-CVE-2017-17298 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17298
 	NOT-FOR-US: Huawei
-CVE-2017-17297 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17297
 	NOT-FOR-US: Huawei
-CVE-2017-17296 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17296
 	NOT-FOR-US: Huawei
-CVE-2017-17295 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17295
 	NOT-FOR-US: Huawei
-CVE-2017-17294 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17294
 	NOT-FOR-US: Huawei
-CVE-2017-17293 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17293
 	NOT-FOR-US: Huawei
-CVE-2017-17292 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17292
 	NOT-FOR-US: Huawei
-CVE-2017-17291 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17291
 	NOT-FOR-US: Huawei
-CVE-2017-17290 (The Light Directory Access Protocol (LDAP) clients of Huawei TE60 with ...)
+CVE-2017-17290
 	NOT-FOR-US: Huawei
-CVE-2017-17289 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17289
 	NOT-FOR-US: Huawei
-CVE-2017-17288 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17288
 	NOT-FOR-US: Huawei
-CVE-2017-17287 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, ...)
+CVE-2017-17287
 	NOT-FOR-US: Huawei
-CVE-2017-17286 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, ...)
+CVE-2017-17286
 	NOT-FOR-US: Huawei
-CVE-2017-17285 (Bluetooth module in some Huawei mobile phones with software ...)
+CVE-2017-17285
 	NOT-FOR-US: Huawei
-CVE-2017-17284 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17284
 	NOT-FOR-US: Huawei
-CVE-2017-17283 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17283
 	NOT-FOR-US: Huawei
-CVE-2017-17282 (SCCP (Signalling Connection Control Part) module in Huawei DP300 ...)
+CVE-2017-17282
 	NOT-FOR-US: Huawei
-CVE-2017-17281 (SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 ...)
+CVE-2017-17281
 	NOT-FOR-US: Huawei
-CVE-2017-17280 (NFC (Near Field Communication) module in Huawei mobile phones with ...)
+CVE-2017-17280
 	NOT-FOR-US: Huawei
-CVE-2017-17279 (The soundtrigger module in Huawei Mate 9 Pro smart phones with ...)
+CVE-2017-17279
 	NOT-FOR-US: Huawei
 CVE-2017-17278
 	REJECTED
@@ -3569,23 +3569,23 @@ CVE-2017-17260
 	REJECTED
 CVE-2017-17259
 	REJECTED
-CVE-2017-17258 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17258
 	NOT-FOR-US: Huawei
-CVE-2017-17257 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17257
 	NOT-FOR-US: Huawei
-CVE-2017-17256 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17256
 	NOT-FOR-US: Huawei
-CVE-2017-17255 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17255
 	NOT-FOR-US: Huawei
-CVE-2017-17254 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17254
 	NOT-FOR-US: Huawei
-CVE-2017-17253 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17253
 	NOT-FOR-US: Huawei
-CVE-2017-17252 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17252
 	NOT-FOR-US: Huawei
-CVE-2017-17251 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-17251
 	NOT-FOR-US: Huawei
-CVE-2017-17250 (Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; ...)
+CVE-2017-17250
 	NOT-FOR-US: Huawei
 CVE-2017-17249
 	REJECTED
@@ -3631,31 +3631,31 @@ CVE-2017-17229
 	REJECTED
 CVE-2017-17228
 	REJECTED
-CVE-2017-17227 (GPU driver in Huawei Mate 10 smart phones with the versions before ...)
+CVE-2017-17227
 	NOT-FOR-US: Huawei
-CVE-2017-17226 (The TripAdvisor app with the versions before TAMobileApp-24.6.4 ...)
+CVE-2017-17226
 	NOT-FOR-US: The TripAdvisor app on Huawei
-CVE-2017-17225 (The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile ...)
+CVE-2017-17225
 	NOT-FOR-US: Huawei
 CVE-2017-17224
 	RESERVED
-CVE-2017-17223 (Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 ...)
+CVE-2017-17223
 	NOT-FOR-US: Huawei
-CVE-2017-17222 (Import Language Package function in Huawei eSpace 7950 V200R003C30; ...)
+CVE-2017-17222
 	NOT-FOR-US: Huawei
-CVE-2017-17221 (Import Signal Tone function in Huawei eSpace 7950 V200R003C30; eSpace ...)
+CVE-2017-17221
 	NOT-FOR-US: Huawei
-CVE-2017-17220 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
+CVE-2017-17220
 	NOT-FOR-US: Huawei
-CVE-2017-17219 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
+CVE-2017-17219
 	NOT-FOR-US: Huawei
-CVE-2017-17218 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
+CVE-2017-17218
 	NOT-FOR-US: Huawei
-CVE-2017-17217 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; ...)
+CVE-2017-17217
 	NOT-FOR-US: Huawei
-CVE-2017-17216 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; ...)
+CVE-2017-17216
 	NOT-FOR-US: Huawei
-CVE-2017-17215 (Huawei HG532 with some customized versions has a remote code execution ...)
+CVE-2017-17215
 	NOT-FOR-US: Huawei
 CVE-2017-17214
 	REJECTED
@@ -3681,13 +3681,13 @@ CVE-2017-17204
 	REJECTED
 CVE-2017-17203
 	REJECTED
-CVE-2017-17202 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, ...)
+CVE-2017-17202
 	NOT-FOR-US: Huawei
-CVE-2017-17201 (Some huawei smartphones with software BTV-DL09C233B350, ...)
+CVE-2017-17201
 	NOT-FOR-US: Huawei
-CVE-2017-17200 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 ...)
+CVE-2017-17200
 	NOT-FOR-US: Huawei
-CVE-2017-17199 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 ...)
+CVE-2017-17199
 	NOT-FOR-US: Huawei
 CVE-2017-17198
 	REJECTED
@@ -3711,17 +3711,17 @@ CVE-2017-17189
 	REJECTED
 CVE-2017-17188
 	REJECTED
-CVE-2017-17187 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17187
 	NOT-FOR-US: Huawei
-CVE-2017-17186 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17186
 	NOT-FOR-US: Huawei
-CVE-2017-17185 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17185
 	NOT-FOR-US: Huawei
-CVE-2017-17184 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17184
 	NOT-FOR-US: Huawei
-CVE-2017-17183 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17183
 	NOT-FOR-US: Huawei
-CVE-2017-17182 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 ...)
+CVE-2017-17182
 	NOT-FOR-US: Huawei
 CVE-2017-17181
 	REJECTED
@@ -3733,114 +3733,114 @@ CVE-2017-17178
 	REJECTED
 CVE-2017-17177
 	REJECTED
-CVE-2017-17176 (The hardware security module of Mate 9 and Mate 9 Pro Huawei smart ...)
+CVE-2017-17176
 	NOT-FOR-US: Huawei
-CVE-2017-17175 (Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones ...)
+CVE-2017-17175
 	NOT-FOR-US: Huawei
-CVE-2017-17174 (Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; ...)
+CVE-2017-17174
 	NOT-FOR-US: Huawei
-CVE-2017-17173 (Due to insufficient parameters verification GPU driver of Mate 9 Pro ...)
+CVE-2017-17173
 	NOT-FOR-US: Huawei
-CVE-2017-17172 (Huawei smart phones LYO-L21 with software LYO-L21C479B107, ...)
+CVE-2017-17172
 	NOT-FOR-US: Huawei
-CVE-2017-17171 (Some Huawei smart phones have the denial of service (DoS) ...)
+CVE-2017-17171
 	NOT-FOR-US: Huawei
-CVE-2017-17170 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
+CVE-2017-17170
 	NOT-FOR-US: Huawei
-CVE-2017-17169 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
+CVE-2017-17169
 	NOT-FOR-US: Huawei
-CVE-2017-17168 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
+CVE-2017-17168
 	NOT-FOR-US: Huawei
-CVE-2017-17167 (Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 ...)
+CVE-2017-17167
 	NOT-FOR-US: Huawei
-CVE-2017-17166 (Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, ...)
+CVE-2017-17166
 	NOT-FOR-US: Huawei
-CVE-2017-17165 (IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 ...)
+CVE-2017-17165
 	NOT-FOR-US: Huawei
-CVE-2017-17164 (Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak ...)
+CVE-2017-17164
 	NOT-FOR-US: Huawei
-CVE-2017-17163 (Huawei Secospace USG6600 V500R001C30SPC100 has an Out-of-Bounds memory ...)
+CVE-2017-17163
 	NOT-FOR-US: Huawei
-CVE-2017-17162 (Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600 ...)
+CVE-2017-17162
 	NOT-FOR-US: Huawei
-CVE-2017-17161 (The 'Find Phone' function in some Huawei smart phones with software ...)
+CVE-2017-17161
 	NOT-FOR-US: Huawei
-CVE-2017-17160 (Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, ...)
+CVE-2017-17160
 	NOT-FOR-US: Huawei
-CVE-2017-17159 (Some Huawei smart phones with software of NXT-AL10C00B386, ...)
+CVE-2017-17159
 	NOT-FOR-US: Huawei
-CVE-2017-17158 (Some Huawei smart phones with the versions before ...)
+CVE-2017-17158
 	NOT-FOR-US: Huawei
-CVE-2017-17157 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+CVE-2017-17157
 	NOT-FOR-US: Huawei
-CVE-2017-17156 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+CVE-2017-17156
 	NOT-FOR-US: Huawei
-CVE-2017-17155 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+CVE-2017-17155
 	NOT-FOR-US: Huawei
-CVE-2017-17154 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+CVE-2017-17154
 	NOT-FOR-US: Huawei
-CVE-2017-17153 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+CVE-2017-17153
 	NOT-FOR-US: Huawei
-CVE-2017-17152 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+CVE-2017-17152
 	NOT-FOR-US: Huawei
-CVE-2017-17151 (Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, ...)
+CVE-2017-17151
 	NOT-FOR-US: Huawei
-CVE-2017-17150 (Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
+CVE-2017-17150
 	NOT-FOR-US: Huawei
-CVE-2017-17149 (Huawei HiWallet App with the versions before 8.0.4 has an arbitrary ...)
+CVE-2017-17149
 	NOT-FOR-US: Huawei
-CVE-2017-17148 (Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of ...)
+CVE-2017-17148
 	NOT-FOR-US: Huawei
-CVE-2017-17147 (Huawei DP300 V500R002C00 have an integer overflow vulnerability due to ...)
+CVE-2017-17147
 	NOT-FOR-US: Huawei
-CVE-2017-17146 (Huawei DP300 V500R002C00 have a buffer overflow vulnerability due to ...)
+CVE-2017-17146
 	NOT-FOR-US: Huawei
-CVE-2017-17145 (Huawei Honor V9 Play smart phones with the versions before ...)
+CVE-2017-17145
 	NOT-FOR-US: Huawei
-CVE-2017-17144 (Backup feature of SIP module in Huawei DP300 V500R002C00; ...)
+CVE-2017-17144
 	NOT-FOR-US: Huawei
-CVE-2017-17143 (SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; ...)
+CVE-2017-17143
 	NOT-FOR-US: Huawei
-CVE-2017-17142 (SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; ...)
+CVE-2017-17142
 	NOT-FOR-US: Huawei
-CVE-2017-17141 (Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; ...)
+CVE-2017-17141
 	NOT-FOR-US: Huawei
-CVE-2017-17140 (Huawei Enjoy 5s and Y6 Pro smartphones with software the versions ...)
+CVE-2017-17140
 	NOT-FOR-US: Huawei
-CVE-2017-17139 (Huawei Mate 9 and Mate 9 pro smart phones with software the versions ...)
+CVE-2017-17139
 	NOT-FOR-US: Huawei
-CVE-2017-17138 (PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; ...)
+CVE-2017-17138
 	NOT-FOR-US: Huawei
-CVE-2017-17137 (PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; ...)
+CVE-2017-17137
 	NOT-FOR-US: Huawei
-CVE-2017-17136 (PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; ...)
+CVE-2017-17136
 	NOT-FOR-US: Huawei
-CVE-2017-17135 (PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; ...)
+CVE-2017-17135
 	NOT-FOR-US: Huawei
-CVE-2017-17134 (XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; ...)
+CVE-2017-17134
 	NOT-FOR-US: Huawei
-CVE-2017-17133 (Huawei VP9660 V500R002C10 has a null pointer reference vulnerability ...)
+CVE-2017-17133
 	NOT-FOR-US: Huawei
-CVE-2017-17132 (Huawei VP9660 V500R002C10 has a uncontrolled format string ...)
+CVE-2017-17132
 	NOT-FOR-US: Huawei
-CVE-2017-17131 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 ...)
+CVE-2017-17131
 	NOT-FOR-US: Huawei
-CVE-2017-17130 (The ff_free_picture_tables function in libavcodec/mpegpicture.c in ...)
+CVE-2017-17130
 	{DLA-1630-1}
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1100
-CVE-2017-17129 (The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 ...)
+CVE-2017-17129
 	- libav <not-affected> (Vulnerable code introduced in 12.x)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1101
-CVE-2017-17128 (The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 ...)
+CVE-2017-17128
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1104
-CVE-2017-17127 (The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 ...)
+CVE-2017-17127
 	- libav <removed>
 	[jessie] - libav <ignored> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1099
-CVE-2017-17126 (The load_debug_section function in readelf.c in GNU Binutils 2.29.1 ...)
+CVE-2017-17126
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3848,7 +3848,7 @@ CVE-2017-17126 (The load_debug_section function in readelf.c in GNU Binutils 2.2
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22510
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f425ec6600b69e39eb605f3128806ff688137ea8
-CVE-2017-17125 (nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global ...)
+CVE-2017-17125
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3856,7 +3856,7 @@ CVE-2017-17125 (nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain glob
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22443
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=160b1a618ad94988410dc81fce9189fcda5b7ff4
-CVE-2017-17124 (The _bfd_coff_read_string_table function in coffgen.c in the Binary ...)
+CVE-2017-17124
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3864,7 +3864,7 @@ CVE-2017-17124 (The _bfd_coff_read_string_table function in coffgen.c in the Bin
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22507
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b0029dce6867de1a2828293177b0e030d2f0f03c
-CVE-2017-17123 (The coff_slurp_reloc_table function in coffcode.h in the Binary File ...)
+CVE-2017-17123
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3872,7 +3872,7 @@ CVE-2017-17123 (The coff_slurp_reloc_table function in coffcode.h in the Binary
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22509
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=4581a1c7d304ce14e714b27522ebf3d0188d6543
-CVE-2017-17122 (The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 ...)
+CVE-2017-17122
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3880,7 +3880,7 @@ CVE-2017-17122 (The dump_relocs_in_section function in objdump.c in GNU Binutils
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22508
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d785b7d4b877ed465d04072e17ca19d0f47d840f
-CVE-2017-17121 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-17121
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3900,101 +3900,101 @@ CVE-2017-17116
 	RESERVED
 CVE-2017-17115
 	RESERVED
-CVE-2017-17114 (ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus ...)
+CVE-2017-17114
 	NOT-FOR-US: IKARUS
-CVE-2017-17113 (ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL ...)
+CVE-2017-17113
 	NOT-FOR-US: IKARUS
-CVE-2017-17112 (ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool ...)
+CVE-2017-17112
 	NOT-FOR-US: IKARUS
-CVE-2017-17111 (Posty Readymade Classifieds Script 1.0 allows an attacker to inject ...)
+CVE-2017-17111
 	NOT-FOR-US: Posty Readymade Classifieds Script
-CVE-2017-17110 (Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL ...)
+CVE-2017-17110
 	NOT-FOR-US: Techno Portfolio Management Panel
 CVE-2017-17109
 	RESERVED
-CVE-2017-17108 (Path traversal vulnerability in the administrative panel in KonaKart ...)
+CVE-2017-17108
 	NOT-FOR-US: KonaKart eCommerce Platform
-CVE-2017-17107 (Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded ...)
+CVE-2017-17107
 	NOT-FOR-US: Zivif web cameras
-CVE-2017-17106 (Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be ...)
+CVE-2017-17106
 	NOT-FOR-US: Zivif web cameras
-CVE-2017-17105 (Zivif PR115-204-P-RS V2.3.4.2103 web cameras are vulnerable to ...)
+CVE-2017-17105
 	NOT-FOR-US: Zivif web cameras
-CVE-2017-17104 (Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in ...)
+CVE-2017-17104
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-17103 (Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via ...)
+CVE-2017-17103
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-17102 (Fiyo CMS 2.0.7 has SQL injection in /system/site.php via ...)
+CVE-2017-17102
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-17101 (An issue was discovered in Apexis APM-H803-MPC software, as used with ...)
+CVE-2017-17101
 	NOT-FOR-US: Apexis
 CVE-2017-17100
 	RESERVED
-CVE-2017-17099 (There exists an unauthenticated SEH based Buffer Overflow vulnerability ...)
+CVE-2017-17099
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
-CVE-2017-17098 (The writeLog function in fn_common.php in gps-server.net GPS Tracking ...)
+CVE-2017-17098
 	NOT-FOR-US: gps-server.net GPS Tracking Software
-CVE-2017-17097 (gps-server.net GPS Tracking Software (self hosted) 2.x has a password ...)
+CVE-2017-17097
 	NOT-FOR-US: gps-server.net GPS Tracking Software
-CVE-2017-17096 (Cross-site scripting (XSS) vulnerability in the Content Cards plugin ...)
+CVE-2017-17096
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-17090 (An issue was discovered in chan_skinny.c in Asterisk Open Source ...)
+CVE-2017-17090
 	{DSA-4076-1 DLA-1225-1}
 	- asterisk 1:13.18.3~dfsg-1 (bug #883342)
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-013.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27452
-CVE-2017-17089 (custom/run.cgi in Webmin before 1.870 allows remote authenticated ...)
+CVE-2017-17089
 	- webmin <removed>
-CVE-2017-17091 (wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser ...)
+CVE-2017-17091
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17093 (wp-includes/general-template.php in WordPress before 4.9.1 does not ...)
+CVE-2017-17093
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17094 (wp-includes/feed.php in WordPress before 4.9.1 does not properly ...)
+CVE-2017-17094
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17092 (wp-includes/functions.php in WordPress before 4.9.1 does not require ...)
+CVE-2017-17092
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17095 (tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to ...)
+CVE-2017-17095
 	{DSA-4349-1}
 	- tiff 4.0.9-5 (unimportant; bug #883320)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2750
 	NOTE: Crash in CLI tool not treated as a security issue
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/9171da596c88e6a2dadcab4a3a89dddd6e1b4655
-CVE-2017-17088 (The Enterprise version of SyncBreeze 10.2.12 and earlier is affected ...)
+CVE-2017-17088
 	NOT-FOR-US: SyncBreeze
-CVE-2017-17087 (fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp ...)
+CVE-2017-17087
 	- vim 2:8.0.1401-1
 	[stretch] - vim <no-dsa> (Minor issue)
 	[jessie] - vim <no-dsa> (Minor issue)
 	[wheezy] - vim <no-dsa> (Minor issue)
 	NOTE: https://github.com/vim/vim/commit/5a73e0ca54c77e067c3b12ea6f35e3e8681e8cf8 (8.0.1263)
-CVE-2017-17086 (Indeo Otter through 1.7.4 mishandles a &quot;&lt;/script&gt;&quot; substring in an ...)
+CVE-2017-17086
 	NOT-FOR-US: Indeo Otter
-CVE-2017-17085 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety ...)
+CVE-2017-17085
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14250
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f5939debe96e3c3953c6020818f1fbb80eb83ce8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-49.html
-CVE-2017-17084 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA ...)
+CVE-2017-17084
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14236
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8502fe94ef9e431860921507e1a351c5e3f5c634
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-47.html
-CVE-2017-17083 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector ...)
+CVE-2017-17083
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14249
@@ -4002,11 +4002,11 @@ CVE-2017-17083 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dis
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-48.html
 CVE-2017-17082
 	REJECTED
-CVE-2017-17081 (The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 ...)
+CVE-2017-17081
 	{DSA-4099-1}
 	- ffmpeg 7:3.4.1-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/58cf31cee7a456057f337b3102a03206d833d5e8
-CVE-2017-17080 (elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2017-17080
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -4033,30 +4033,30 @@ CVE-2017-17071
 	REJECTED
 CVE-2017-17070
 	REJECTED
-CVE-2017-17069 (ActiveSetupN.exe in Amazon Audible for Windows before November 2017 ...)
+CVE-2017-17069
 	NOT-FOR-US: ActiveSetupN.exe in Amazon Audible for Windows
-CVE-2017-17068 (A cross-origin vulnerability has been discovered in the Auth0 auth0.js ...)
+CVE-2017-17068
 	NOT-FOR-US: Auth0 auth0.js library
-CVE-2017-17067 (Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before ...)
+CVE-2017-17067
 	NOT-FOR-US: Splunk Web
-CVE-2017-17066 (The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of the ...)
+CVE-2017-17066
 	- i2pd <not-affected> (Fixed before/with the initial upload to Debian)
 	NOTE: Issue fixed with 2.17.0 upstream
-CVE-2017-17065 (An issue was discovered on D-Link DIR-605L Model B before ...)
+CVE-2017-17065
 	NOT-FOR-US: D-Link
 CVE-2017-17064
 	RESERVED
 CVE-2017-17063
 	RESERVED
-CVE-2017-17062 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, ...)
+CVE-2017-17062
 	NOT-FOR-US: Open-Xchange
 CVE-2017-17061
 	RESERVED
 CVE-2017-17060
 	RESERVED
-CVE-2017-17059 (XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb posts ...)
+CVE-2017-17059
 	NOT-FOR-US: WordPress plugin wp-thumb-post
-CVE-2017-1000385 (The Erlang otp TLS server answers with different TLS alerts to ...)
+CVE-2017-1000385
 	{DSA-4057-1 DLA-1207-1}
 	- erlang 1:20.1.7+dfsg-1
 	NOTE: https://groups.google.com/forum/#!topic/erlang-programming/J0LH-j6fRlM
@@ -4064,43 +4064,43 @@ CVE-2017-1000385 (The Erlang otp TLS server answers with different TLS alerts to
 	NOTE: https://github.com/erlang/otp/commit/3b4386dd19b7e669f557c95ace8d7ba228291927 (OTP-19.3.6.4)
 	NOTE: https://github.com/erlang/otp/commit/de3b9cdb8521d7edd524b4e17d1e3f883f832ec0 (OTP-18.3.4.7)
 	NOTE: https://robotattack.org/
-CVE-2017-17058 (** DISPUTED ** The WooCommerce plugin through 3.x for WordPress has a ...)
+CVE-2017-17058
 	NOT-FOR-US: WooCommerce plugin for WordPress
-CVE-2017-17057 (There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The ...)
+CVE-2017-17057
 	NOT-FOR-US: ZKTeco ZKTime Web Software
-CVE-2017-17056 (The ZKTime Web Software 2.0.1.12280 allows the Administrator to ...)
+CVE-2017-17056
 	NOT-FOR-US: ZKTeco ZKTime Web Software
-CVE-2017-17055 (Artica Web Proxy before 3.06.112911 allows remote attackers to execute ...)
+CVE-2017-17055
 	NOT-FOR-US: Artica Web Proxy
-CVE-2017-17054 (In aubio 0.4.6, a divide-by-zero error exists in the function ...)
+CVE-2017-17054
 	- aubio 0.4.6-1 (bug #883355)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <not-affected> (Vulnerability introduced in 0.4.3)
 	[wheezy] - aubio <not-affected> (Vulnerability introduced in 0.4.3)
 	NOTE: https://github.com/aubio/aubio/issues/148
-CVE-2017-17050 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17050
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17049 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-17049
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
 CVE-2017-17048
 	RESERVED
 CVE-2017-17047
 	RESERVED
-CVE-2017-17043 (The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected ...)
+CVE-2017-17043
 	NOT-FOR-US: Emag Marketplace Connector for WordPress
-CVE-2017-17053 (The init_new_context function in arch/x86/include/asm/mmu_context.h in ...)
+CVE-2017-17053
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/ccd5b3235180eef3cfec337df1c8554ab151b5cc
-CVE-2017-17052 (The mm_init function in kernel/fork.c in the Linux kernel before ...)
+CVE-2017-17052
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/2b7e8665b4ff51c034c55df3cff76518d1a9ee3a
-CVE-2017-17042 (lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not ...)
+CVE-2017-17042
 	- yard 0.9.12-1
 	[stretch] - yard <no-dsa> (Minor issue)
 	[jessie] - yard <no-dsa> (Minor issue)
@@ -4122,29 +4122,29 @@ CVE-2017-17035
 	RESERVED
 CVE-2017-17034
 	RESERVED
-CVE-2017-17033 (A buffer overflow vulnerability in password function in QNAP QTS ...)
+CVE-2017-17033
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17032 (A buffer overflow vulnerability in password function in QNAP QTS ...)
+CVE-2017-17032
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17031 (A buffer overflow vulnerability in password function in QNAP QTS ...)
+CVE-2017-17031
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17030 (A buffer overflow vulnerability in login function in QNAP QTS version ...)
+CVE-2017-17030
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17029 (A buffer overflow vulnerability in login function in QNAP QTS version ...)
+CVE-2017-17029
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17028 (A buffer overflow vulnerability in external device function in QNAP ...)
+CVE-2017-17028
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17027 (A buffer overflow vulnerability in FTP service in QNAP QTS version ...)
+CVE-2017-17027
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17045 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS ...)
+CVE-2017-17045
 	{DSA-4050-1 DLA-1559-1 DLA-1230-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-247.html
-CVE-2017-17044 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS ...)
+CVE-2017-17044
 	{DSA-4050-1 DLA-1559-1 DLA-1230-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-246.html
-CVE-2017-17046 (An issue was discovered in Xen through 4.9.x on the ARM platform ...)
+CVE-2017-17046
 	{DSA-4050-1 DLA-1549-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <not-affected> (arm not supported)
@@ -4161,7 +4161,7 @@ CVE-2017-17022
 	RESERVED
 CVE-2017-17021
 	RESERVED
-CVE-2017-17020 (On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 ...)
+CVE-2017-17020
 	NOT-FOR-US: D-Link
 CVE-2017-17019
 	RESERVED
@@ -4181,7 +4181,7 @@ CVE-2017-17012
 	RESERVED
 CVE-2017-17011
 	RESERVED
-CVE-2017-17010 (Untrusted search path vulnerability in Content Manager Assistant for ...)
+CVE-2017-17010
 	NOT-FOR-US: Content Manager Assistant for PlayStation
 CVE-2017-17009
 	REJECTED
@@ -4207,7 +4207,7 @@ CVE-2017-16999
 	REJECTED
 CVE-2017-16998
 	REJECTED
-CVE-2017-16997 (elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through ...)
+CVE-2017-16997
 	- glibc 2.25-6 (bug #884615)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -4215,29 +4215,29 @@ CVE-2017-16997 (elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 thr
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=22625
 	NOTE: Proposed patch: https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html
-CVE-2017-16996 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...)
+CVE-2017-16996
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958
-CVE-2017-16995 (The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel ...)
+CVE-2017-16995
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f
-CVE-2017-1001004 (typed-function before 0.10.6 had an arbitrary code execution in the ...)
+CVE-2017-1001004
 	NOT-FOR-US: typed-function
-CVE-2017-1001003 (math.js before 3.17.0 had an issue where private properties such as a ...)
+CVE-2017-1001003
 	NOT-FOR-US: math.js
-CVE-2017-1001002 (math.js before 3.17.0 had an arbitrary code execution in the ...)
+CVE-2017-1001002
 	NOT-FOR-US: math.js
-CVE-2017-1000214 (GitPHP by xiphux is vulnerable to OS Command Injections ...)
+CVE-2017-1000214
 	NOT-FOR-US: GitPHP
-CVE-2017-1000207 (A vulnerability in Swagger-Parser's version &lt;= 1.0.30 and Swagger ...)
+CVE-2017-1000207
 	NOT-FOR-US: Swagger-Parser
-CVE-2017-1000159 (Command injection in evince via filename when printing to PDF. This ...)
+CVE-2017-1000159
 	{DLA-1204-1}
 	- evince 3.25.92-1 (low)
 	[stretch] - evince <no-dsa> (Minor issue)
@@ -4245,7 +4245,7 @@ CVE-2017-1000159 (Command injection in evince via filename when printing to PDF.
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=784947
 	NOTE: Introduced by: https://git.gnome.org/browse/evince/commit/?id=1fcca0b8041de0d6074d7e17fba174da36c65f99 (EVINCE_0_9_1)
 	NOTE: Fixed by: https://git.gnome.org/browse/evince/commit/?id=350404c76dc8601e2cdd2636490e2afc83d3090e (3.25.91)
-CVE-2017-16994 (The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel ...)
+CVE-2017-16994
 	- linux 4.14.2-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.0)
@@ -4313,48 +4313,48 @@ CVE-2017-16964
 	RESERVED
 CVE-2017-16963
 	RESERVED
-CVE-2017-16962 (The WebMail components (Crystal, pronto, and pronto4) in CommuniGate ...)
+CVE-2017-16962
 	NOT-FOR-US: CommuniGate Pro
-CVE-2017-16961 (A SQL injection vulnerability in core/inc/auto-modules.php in BigTree ...)
+CVE-2017-16961
 	NOT-FOR-US: BigTree CMS
-CVE-2017-16960 (TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote ...)
+CVE-2017-16960
 	NOT-FOR-US: TP-Link
-CVE-2017-16959 (The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, ...)
+CVE-2017-16959
 	NOT-FOR-US: TP-Link
-CVE-2017-16958 (TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote ...)
+CVE-2017-16958
 	NOT-FOR-US: TP-Link
-CVE-2017-16957 (TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote ...)
+CVE-2017-16957
 	NOT-FOR-US: TP-Link
-CVE-2017-16956 (b3log Symphony (aka Sym) 2.2.0 allows an XSS attack by sending a ...)
+CVE-2017-16956
 	NOT-FOR-US: b3log Symphony
-CVE-2017-16955 (SQL injection vulnerability in the InLinks plugin through 1.1 for ...)
+CVE-2017-16955
 	NOT-FOR-US: InLinks plugin for WordPress
 CVE-2017-16954
 	RESERVED
-CVE-2017-16953 (connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic ...)
+CVE-2017-16953
 	NOT-FOR-US: ZTE
-CVE-2017-16952 (KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service ...)
+CVE-2017-16952
 	NOT-FOR-US: K-Multimedia Player
-CVE-2017-16951 (Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial ...)
+CVE-2017-16951
 	NOT-FOR-US: Winamp
-CVE-2017-16950 (Cross - site scripting (XSS) vulnerability in UrBackup Server before ...)
+CVE-2017-16950
 	- urbackup-server <itp> (bug #697325)
-CVE-2017-16949 (An issue was discovered in the AccessKeys AccessPress Anonymous Post ...)
+CVE-2017-16949
 	NOT-FOR-US: AccessKeys AccessPress Anonymous Post Pro plugin for WordPress
-CVE-2017-16948 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+CVE-2017-16948
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
 CVE-2017-16947
 	RESERVED
-CVE-2017-16946 (The admin_edit function in app/Controller/UsersController.php in MISP ...)
+CVE-2017-16946
 	NOT-FOR-US: MISP
-CVE-2017-16945 (The standardrestorer binary in Arq 5.10 and earlier for Mac allows ...)
+CVE-2017-16945
 	NOT-FOR-US: standardrestorer binary in Arq
-CVE-2017-16942 (In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists ...)
+CVE-2017-16942
 	- libsndfile 1.0.27-1
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/341
-CVE-2017-16944 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...)
+CVE-2017-16944
 	{DSA-4053-1}
 	- exim4 4.89-13 (bug #882671)
 	[jessie] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
@@ -4363,7 +4363,7 @@ CVE-2017-16944 (The receive_msg function in receive.c in the SMTP daemon in Exim
 	NOTE: https://git.exim.org/exim.git/commitdiff/178ecb70987f024f0e775d87c2f8b2cf587dd542
 	NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
 	NOTE: 4.89-10 adds a workaround which disables the affected code by default
-CVE-2017-16943 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...)
+CVE-2017-16943
 	{DSA-4053-1}
 	- exim4 4.89-12 (bug #882648)
 	[jessie] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
@@ -4373,34 +4373,34 @@ CVE-2017-16943 (The receive_msg function in receive.c in the SMTP daemon in Exim
 	NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
 	NOTE: https://twitter.com/philpennock/status/934270613811875840
 	NOTE: 4.89-10 adds a workaround which disables the affected code by default
-CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of ...)
+CVE-2017-16941
 	NOT-FOR-US: October CMS
 CVE-2017-16940
 	RESERVED
-CVE-2017-16939 (The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the ...)
+CVE-2017-16939
 	{DSA-4082-1 DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1137b5e2529a8f5ca8ee709288ecba3e68044df2
-CVE-2017-16938 (A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to ...)
+CVE-2017-16938
 	{DSA-4058-1 DLA-1196-1}
 	- optipng 0.7.6-1.1 (bug #878839)
 	NOTE: https://sourceforge.net/p/optipng/bugs/69/
 CVE-2017-16937
 	RESERVED
-CVE-2017-16936 (Directory Traversal vulnerability in app_data_center on Shenzhen Tenda ...)
+CVE-2017-16936
 	NOT-FOR-US: Shenzhen Tenda
-CVE-2017-16935 (Ametys before 4.0.3 requires authentication only for URIs containing a ...)
+CVE-2017-16935
 	NOT-FOR-US: Ametys CMS
-CVE-2017-16934 (The web server on DBL DBLTek devices allows remote attackers to execute ...)
+CVE-2017-16934
 	NOT-FOR-US: DBL DBLTek devices
-CVE-2017-16933 (etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown ...)
+CVE-2017-16933
 	- icinga2 2.8.4-1 (low; bug #883247)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/issues/5793
 	NOTE: CVE is for the unsafe use of chown(1)
-CVE-2017-16932 (parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in ...)
+CVE-2017-16932
 	{DLA-1194-1}
 	[experimental] - libxml2 2.9.7+dfsg-1
 	- libxml2 <unfixed> (bug #882613)
@@ -4410,7 +4410,7 @@ CVE-2017-16932 (parser.c in libxml2 before 2.9.5 does not prevent infinite recur
 	NOTE: https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
 	NOTE: Applying only 899a5d9f0ed13b8e32449a08a361e0de127dd961 does not completely
 	NOTE: fix the issue, see https://bugs.debian.org/882613#12 for discussion.
-CVE-2017-16931 (parser.c in libxml2 before 2.9.5 mishandles parameter-entity references ...)
+CVE-2017-16931
 	{DLA-1194-1}
 	- libxml2 2.9.4+dfsg1-3.1
 	[stretch] - libxml2 2.9.4+dfsg1-2.2+deb9u1
@@ -4418,13 +4418,13 @@ CVE-2017-16931 (parser.c in libxml2 before 2.9.5 mishandles parameter-entity ref
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=766956
 	NOTE: https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3
 	NOTE: Not a duplicate but a variant of the issue of CVE-2017-9049 and CVE-2017-9050
-CVE-2017-16930 (The remote management interface on the Claymore Dual GPU miner 10.1 ...)
+CVE-2017-16930
 	NOT-FOR-US: Claymore's Dual Ethereum+Decred AMD+NVIDIA GPU Miner
-CVE-2017-16929 (The remote management interface on the Claymore Dual GPU miner 10.1 is ...)
+CVE-2017-16929
 	NOT-FOR-US: Claymore's Dual Ethereum+Decred AMD+NVIDIA GPU Miner
-CVE-2017-16928 (The arq_updater binary in Arq 5.10 and earlier for Mac allows local ...)
+CVE-2017-16928
 	NOT-FOR-US: arq_updater binary in Arq
-CVE-2017-16927 (The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session ...)
+CVE-2017-16927
 	{DLA-1203-1}
 	- xrdp 0.9.4-3 (bug #882463)
 	[stretch] - xrdp 0.9.1-9+deb9u2
@@ -4433,7 +4433,7 @@ CVE-2017-16927 (The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the
 	NOTE: https://groups.google.com/forum/#!topic/xrdp-devel/PmVfMuy_xBA
 	NOTE: Originally fixed with upstream patch in 0.9.4-2 but which caused regression
 	NOTE: thus marking it only as fixed in the followup version, cf. #884702
-CVE-2017-16926 (Ohcount 3.0.0 is prone to a command injection via specially crafted ...)
+CVE-2017-16926
 	- ohcount 3.1.0-1 (bug #882372)
 	[stretch] - ohcount <no-dsa> (Minor issue)
 	[jessie] - ohcount <no-dsa> (Minor issue)
@@ -4441,13 +4441,13 @@ CVE-2017-16926 (Ohcount 3.0.0 is prone to a command injection via specially craf
 	NOTE: https://github.com/blackducksoftware/ohcount/commit/6bed45d6fb7c080ae5c163c12b4eb8749a3492ac (v3.1.0)
 CVE-2017-16925
 	RESERVED
-CVE-2017-16924 (Remote Information Disclosure and Escalation of Privileges in ...)
+CVE-2017-16924
 	NOT-FOR-US: ManageEngine Desktop Central
-CVE-2017-16923 (Command Injection vulnerability in app_data_center on Shenzhen Tenda ...)
+CVE-2017-16923
 	NOT-FOR-US: Shenzhen Tenda
-CVE-2017-16922 (In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza ...)
+CVE-2017-16922
 	NOT-FOR-US: Wowza
-CVE-2017-16921 (In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including ...)
+CVE-2017-16921
 	{DSA-4066-1 DLA-1212-1}
 	- otrs2 6.0.2-1 (bug #883774)
 	NOTE: https://www.otrs.com/security-advisory-2017-09-security-update-otrs-framework/
@@ -4456,9 +4456,9 @@ CVE-2017-16921 (In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and in
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/d433518d7bd8e9e079af67ef9ea7079cd2f59646
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/368bc37f137e6344f4db014ee2e03c38e2fc62d2
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/4043ebb2580cd8f87e7758e95bf0d77eea5c82ae
-CVE-2017-16920 (v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY ...)
+CVE-2017-16920
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-16919 (MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) ...)
+CVE-2017-16919
 	NOT-FOR-US: MapOS
 CVE-2017-16918
 	RESERVED
@@ -4468,47 +4468,47 @@ CVE-2017-16916
 	RESERVED
 CVE-2017-16915
 	RESERVED
-CVE-2017-16914 (The &quot;stub_send_ret_submit()&quot; function (drivers/usb/usbip/stub_tx.c) in ...)
+CVE-2017-16914
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/be6123df1ea8f01ee2f896a16c2b7be3e4557a5a
-CVE-2017-16913 (The &quot;stub_recv_cmd_submit()&quot; function (drivers/usb/usbip/stub_rx.c) in ...)
+CVE-2017-16913
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c6688ef9f29762e65bce325ef4acd6c675806366
-CVE-2017-16912 (The &quot;get_pipe()&quot; function (drivers/usb/usbip/stub_rx.c) in the Linux ...)
+CVE-2017-16912
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/635f545a7e8be7596b9b2b6a43cab6bbd5a88e43
-CVE-2017-16911 (The vhci_hcd driver in the Linux Kernel before version 4.14.8 and ...)
+CVE-2017-16911
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2f2d0088eb93db5c649d2a5e34a3800a8a935fc5
-CVE-2017-16910 (An error within the &quot;LibRaw::xtrans_interpolate()&quot; function ...)
+CVE-2017-16910
 	- libraw 0.18.6-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19
 	NOTE: https://github.com/LibRaw/LibRaw/commit/2f59bac59dbcbf6bbcf01a9f3eed74307e96ca7e
-CVE-2017-16909 (An error related to the &quot;LibRaw::panasonic_load_raw()&quot; function ...)
+CVE-2017-16909
 	- libraw 0.18.6-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19
 	NOTE: https://github.com/LibRaw/LibRaw/commit/2f59bac59dbcbf6bbcf01a9f3eed74307e96ca7e
-CVE-2017-16908 (In Horde Groupware 5.2.19, there is XSS via the Name field during ...)
+CVE-2017-16908
 	- php-horde-kronolith 4.2.24-1 (bug #909738)
 	[jessie] - php-horde-kronolith <not-affected> (vulnerable code not present)
 	NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html
 	NOTE: https://bugs.horde.org/ticket/14857
 	NOTE: https://github.com/horde/kronolith/commit/39f740068ad21618f6f70b6e37855c61cadbd716
-CVE-2017-16907 (In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...)
+CVE-2017-16907
 	{DLA-1536-1 DLA-1535-1}
 	- php-horde 5.2.18+debian0-1 (bug #909739)
 	- php-horde-core 2.31.3+debian0-1 (bug #909800)
@@ -4516,52 +4516,52 @@ CVE-2017-16907 (In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color
 	NOTE: https://bugs.horde.org/ticket/14857
 	NOTE: php-horde: https://github.com/horde/base/commit/fb2113bbcd04bd4a28c46aad0889fb0a3979a230
 	NOTE: php-horde-core: https://github.com/horde/Core/commit/ecea6ea740419e19122a50579ba2903c1cb71d7a
-CVE-2017-16906 (In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a ...)
+CVE-2017-16906
 	{DLA-1537-1}
 	- php-horde-kronolith 4.2.24-1 (bug #909737)
 	NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html
 	NOTE: https://bugs.horde.org/ticket/14857
 	NOTE: https://github.com/horde/kronolith/commit/09d90141292f9ec516a7a2007bf828ce2bbdf60d
-CVE-2017-16905 (The DuoLingo TinyCards application before 1.0 for Android has one use ...)
+CVE-2017-16905
 	NOT-FOR-US: DuoLingo TinyCards application
-CVE-2017-16904 (The Public tologin feature in admin.php in LvyeCMS through 3.1 allows ...)
+CVE-2017-16904
 	NOT-FOR-US: LvyeCMS
-CVE-2017-16903 (LvyeCMS through 3.1 allows remote attackers to upload and execute ...)
+CVE-2017-16903
 	NOT-FOR-US: LvyeCMS
-CVE-2017-16902 (On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long ...)
+CVE-2017-16902
 	NOT-FOR-US: Vonage VDV-23 115 3.2.11-0.9.40 home router
 CVE-2017-16901
 	RESERVED
 CVE-2017-16900
 	RESERVED
-CVE-2017-16899 (An array index error in the fig2dev program in Xfig 3.2.6a allows ...)
+CVE-2017-16899
 	- fig2dev 1:3.2.6a-5 (bug #881143)
 	[stretch] - fig2dev 1:3.2.6a-2+deb9u1
 	- transfig <removed>
 	[jessie] - transfig 1:3.2.5.e-4+deb8u1
 	[wheezy] - transfig <no-dsa> (Minor issue)
-CVE-2017-16898 (The printMP3Headers function in util/listmp3.c in libming v0.4.8 or ...)
+CVE-2017-16898
 	{DLA-1240-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/75
-CVE-2017-16897 (A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 ...)
+CVE-2017-16897
 	NOT-FOR-US: Auth0 passport-wsfed-saml2 library
-CVE-2017-16896 (A SQL injection in classes/handler/public.php in the forgotpass ...)
+CVE-2017-16896
 	- tt-rss 17.4+git20180312+dfsg-1 (bug #882543)
 	NOTE: https://discourse.tt-rss.org/t/sql-injection-in-forgotpass-fixed/669
 	NOTE: https://git.tt-rss.org/git/tt-rss/commit/2352c320c2ed34ec7df1ad22f0c55a1b26489815
-CVE-2017-16895 (The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) ...)
+CVE-2017-16895
 	NOT-FOR-US: Arq
-CVE-2017-16894 (In Laravel framework through 5.5.21, remote attackers can obtain ...)
+CVE-2017-16894
 	NOT-FOR-US: Laravel framework
-CVE-2017-16893 (The application Piwigo is affected by an SQL injection vulnerability ...)
+CVE-2017-16893
 	- piwigo <removed>
-CVE-2017-16892 (In Bftpd before 4.7, there is a memory leak in the file rename ...)
+CVE-2017-16892
 	- bftpd <itp> (bug #640469)
 	NOTE: http://bftpd.sourceforge.net/news.html#032390
 CVE-2017-16891
 	RESERVED
-CVE-2017-16890 (SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono ...)
+CVE-2017-16890
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/57
 	NOTE: Crash in CLI tool, no security impact
@@ -4569,19 +4569,19 @@ CVE-2017-16889
 	RESERVED
 CVE-2017-16888
 	RESERVED
-CVE-2017-16887 (The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 ...)
+CVE-2017-16887
 	NOT-FOR-US: FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38
-CVE-2017-16886 (The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 ...)
+CVE-2017-16886
 	NOT-FOR-US: FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38
-CVE-2017-16885 (Improper Permissions Handling in the Portal on FiberHome LM53Q1 ...)
+CVE-2017-16885
 	NOT-FOR-US: FiberHome LM53Q1 VH519R05C01S38 devices
-CVE-2017-1000407 (The Linux Kernel 2.6.32 and later are affected by a denial of service, ...)
+CVE-2017-1000407
 	{DSA-4082-1 DSA-4073-1 DLA-1200-1}
 	- linux 4.14.7-1
 	NOTE: https://www.spinics.net/lists/kvm/msg159809.html
-CVE-2017-1000406 (OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a ...)
+CVE-2017-1000406
 	NOT-FOR-US: OpenDayLight
-CVE-2017-1000405 (The Linux Kernel versions 2.6.38 through 4.14 have a problematic use ...)
+CVE-2017-1000405
 	- linux 4.14.2-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
@@ -4589,107 +4589,107 @@ CVE-2017-1000405 (The Linux Kernel versions 2.6.38 through 4.14 have a problemat
 	NOTE: Fixed by: https://git.kernel.org/linus/a8f97366452ed491d13cf1e44241bc0b5740b1f0
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/30/1
 	NOTE: https://github.com/bindecy/HugeDirtyCowPOC
-CVE-2017-1000404 (The Jenkins Delivery Pipeline Plugin version 1.0.7 and earlier used ...)
+CVE-2017-1000404
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000403 (Jenkins Speaks! Plugin, all current versions, allows users with ...)
+CVE-2017-1000403
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000402 (Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the ...)
+CVE-2017-1000402
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000401 (The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control ...)
+CVE-2017-1000401
 	NOT-FOR-US: Jenkins
-CVE-2017-1000400 (The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at ...)
+CVE-2017-1000400
 	NOT-FOR-US: Jenkins
-CVE-2017-1000399 (The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at ...)
+CVE-2017-1000399
 	NOT-FOR-US: Jenkins
-CVE-2017-1000398 (The remote API in Jenkins 2.73.1 and earlier, 2.83 and earlier at ...)
+CVE-2017-1000398
 	NOT-FOR-US: Jenkins
-CVE-2017-1000397 (Jenkins Maven Plugin 2.17 and earlier bundled a version of the ...)
+CVE-2017-1000397
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000396 (Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the ...)
+CVE-2017-1000396
 	NOT-FOR-US: Jenkins
-CVE-2017-1000395 (Jenkins 2.73.1 and earlier, 2.83 and earlier provides information ...)
+CVE-2017-1000395
 	NOT-FOR-US: Jenkins
-CVE-2017-1000394 (Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the ...)
+CVE-2017-1000394
 	NOT-FOR-US: Jenkins
-CVE-2017-1000393 (Jenkins 2.73.1 and earlier, 2.83 and earlier users with permission to ...)
+CVE-2017-1000393
 	NOT-FOR-US: Jenkins
-CVE-2017-1000392 (Jenkins 2.88 and earlier; 2.73.2 and earlier Autocompletion ...)
+CVE-2017-1000392
 	NOT-FOR-US: Jenkins
-CVE-2017-1000391 (Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores ...)
+CVE-2017-1000391
 	NOT-FOR-US: Jenkins
-CVE-2017-1000390 (Jenkins Multijob plugin version 1.25 and earlier did not check ...)
+CVE-2017-1000390
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000389 (Some URLs provided by Jenkins global-build-stats plugin version 1.4 ...)
+CVE-2017-1000389
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000388 (Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not ...)
+CVE-2017-1000388
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000387 (Jenkins Build-Publisher plugin version 1.21 and earlier stores ...)
+CVE-2017-1000387
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000386 (Jenkins Active Choices plugin version 1.5.3 and earlier allowed users ...)
+CVE-2017-1000386
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-16884 (Cross-site scripting (XSS) vulnerability in MistServer before 2.13 ...)
+CVE-2017-16884
 	NOT-FOR-US: MistServer
-CVE-2017-16883 (The outputSWF_TEXT_RECORD function in util/outputscript.c in libming &lt;= ...)
+CVE-2017-16883
 	{DLA-1240-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/77
-CVE-2017-16882 (Icinga Core through 1.14.0 initially executes bin/icinga as root but ...)
+CVE-2017-16882
 	- icinga <not-affected> (Doesn't affect Icinga 1.x as packaged in Debian)
 	NOTE: https://github.com/Icinga/icinga-core/issues/1601
 	NOTE: State is not fully correct, since "affected" source would be there,
 	NOTE: But Debian does not install the binaries nor configuration files as
 	NOTE: respective icinga user.
-CVE-2017-16881 (b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON ...)
+CVE-2017-16881
 	NOT-FOR-US: b3log Symphony
-CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...)
+CVE-2017-16880
 	NOT-FOR-US: filp whoops
-CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...)
+CVE-2017-1000230
 	NOT-FOR-US: Snap7 Server
-CVE-2017-1000227 (Stored XSS in Salutation Responsive WordPress + BuddyPress Theme ...)
+CVE-2017-1000227
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1000221 (In Opencast 2.2.3 and older if user names overlap, the Opencast search ...)
+CVE-2017-1000221
 	NOT-FOR-US: Opencast
-CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script injections ...)
+CVE-2017-1000217
 	NOT-FOR-US: Opencast
-CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability ...)
+CVE-2017-1000190
 	- simple-xml <unfixed> (bug #888547)
 	[stretch] - simple-xml <no-dsa> (Minor issue)
 	[jessie] - simple-xml <no-dsa> (Minor issue)
 	[wheezy] - simple-xml <no-dsa> (Minor issue)
 	NOTE: https://github.com/ngallagher/simplexml/issues/18
-CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through ...)
+CVE-2017-1000163
 	NOT-FOR-US: Phoenix Framework
-CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...)
+CVE-2017-1000128
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced in 0.26)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
 	NOTE: https://github.com/Exiv2/exiv2/issues/177
-CVE-2017-1000127 (Exiv2 0.26 contains a heap buffer overflow in tiff parser ...)
+CVE-2017-1000127
 	[experimental] - exiv2 <unfixed> (low; bug #888863)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
 	NOTE: https://github.com/Exiv2/exiv2/issues/176
-CVE-2017-1000126 (exiv2 0.26 contains a Stack out of bounds read in webp parser ...)
+CVE-2017-1000126
 	[experimental] - exiv2 <unfixed> (low; bug #888864)
 	- exiv2 <not-affected> (WebP support introduced in 0.26)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
 	NOTE: https://github.com/Exiv2/exiv2/issues/175
-CVE-2017-16879 (Stack-based buffer overflow in the _nc_write_entry function in ...)
+CVE-2017-16879
 	- ncurses 6.0+20171125-1 (bug #882620)
 	[stretch] - ncurses 6.0+20161126-1+deb9u2
 	[jessie] - ncurses 5.9+20140913-1+deb8u3
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: PoC https://packetstormsecurity.com/files/download/145045/tic-overflow.tgz
 	NOTE: http://invisible-island.net/ncurses/NEWS.html#t20171125
-CVE-2017-16878 (Cross-site scripting (XSS) vulnerability in the Captive Portal ...)
+CVE-2017-16878
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-16877 (ZEIT Next.js before 2.4.1 has directory traversal under the /_next and ...)
+CVE-2017-16877
 	NOT-FOR-US: ZEIT Next.js
-CVE-2017-16876 (Cross-site scripting (XSS) vulnerability in the _keyify function in ...)
+CVE-2017-16876
 	- mistune 0.8.1-1
 	[stretch] - mistune <no-dsa> (Minor issue)
 	NOTE: https://github.com/lepture/mistune/commit/5f06d724bc05580e7f203db2d4a4905fc1127f98
-CVE-2017-16875 (An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in ...)
+CVE-2017-16875
 	{DSA-4170-1}
 	- pjproject 2.7.1~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
@@ -4698,189 +4698,189 @@ CVE-2017-16875 (An issue was discovered in Teluu pjproject (pjlib and pjlib-util
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
 CVE-2017-16874
 	RESERVED
-CVE-2017-16873 (It is possible to exploit an unsanitized PATH in the suid binary that ...)
+CVE-2017-16873
 	NOT-FOR-US: vagrant-vmware-fusion
 CVE-2017-1000233
 	REJECTED
 CVE-2017-1000222
 	REJECTED
-CVE-2017-1000215 (ROOT xrootd version 4.6.0 and below is vulnerable to an ...)
+CVE-2017-1000215
 	- xrootd <itp> (bug #687222)
-CVE-2017-1000212 (Elixir's vim plugin, alchemist.vim is vulnerable to remote code ...)
+CVE-2017-1000212
 	NOT-FOR-US: Elixir's vim plugin
-CVE-2017-1000211 (Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML ...)
+CVE-2017-1000211
 	{DLA-1175-1}
 	- lynx 2.8.9dev16-1
 	[stretch] - lynx <no-dsa> (Minor issue)
 	- lynx-cur <removed>
 	[jessie] - lynx-cur <no-dsa> (Minor issue)
 	NOTE: https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9
-CVE-2017-1000206 (samtools htslib library version 1.4.0 and earlier is vulnerable to ...)
+CVE-2017-1000206
 	- htslib 1.4.1-1
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
 CVE-2017-1000204
 	REJECTED
-CVE-2017-1000203 (ROOT version 6.9.03 and below is vulnerable to an authenticated shell ...)
+CVE-2017-1000203
 	- root-system <removed>
 	[jessie] - root-system <ignored> (Minor issue)
 	[wheezy] - root-system <ignored> (Minor issue as it's restricted to authenticated users)
 	NOTE: https://github.com/root-project/root/commit/88ccff152604e0f1012653a596d802ff7ede3145#diff-6cd6f6c31bac70116b7ca7abdc8e517e
-CVE-2017-1000192 (Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File ...)
+CVE-2017-1000192
 	NOT-FOR-US: Cygnux sysPass
-CVE-2017-1000191 (Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting ...)
+CVE-2017-1000191
 	NOT-FOR-US: Jool
-CVE-2017-1000170 (jqueryFileTree 2.1.5 and older Directory Traversal ...)
+CVE-2017-1000170
 	NOT-FOR-US: jqueryFileTree
-CVE-2017-1000169 (QuickerBB version &lt;= 0.7.2 is vulnerable to arbitrary file writes ...)
+CVE-2017-1000169
 	NOT-FOR-US: QuickerBB
-CVE-2017-1000168 (sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate ...)
+CVE-2017-1000168
 	NOT-FOR-US: sodiumoxide
 CVE-2017-1000161
 	REJECTED
-CVE-2017-16872 (An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in ...)
+CVE-2017-16872
 	{DSA-4170-1}
 	- pjproject 2.7.1~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
 	NOTE: https://trac.pjsip.org/repos/ticket/2056
 	NOTE: https://trac.pjsip.org/repos/changeset/5682
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
-CVE-2017-16871 (** DISPUTED ** The UpdraftPlus plugin through 1.13.12 for WordPress ...)
+CVE-2017-16871
 	NOT-FOR-US: UpdraftPlus plugin for WordPress
-CVE-2017-16870 (** DISPUTED ** The UpdraftPlus plugin through 1.13.12 for WordPress ...)
+CVE-2017-16870
 	NOT-FOR-US: UpdraftPlus plugin for WordPress
-CVE-2017-16869 (** DISPUTED ** p_mach.cpp in UPX 3.94 allows remote attackers to cause ...)
+CVE-2017-16869
 	- upx-ucl 3.94-4 (bug #882041; unimportant)
 	NOTE: https://github.com/upx/upx/issues/146
 	NOTE: crash in CLI tool, no security impact
-CVE-2017-16868 (In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not ...)
+CVE-2017-16868
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/52
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-16867 (Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 ...)
+CVE-2017-16867
 	NOT-FOR-US: Amazon Key
-CVE-2017-1000248 (Redis-store &lt;=v1.3.0 allows unsafe objects to be loaded from redis ...)
+CVE-2017-1000248
 	- ruby-redis-store 1.1.6-2 (bug #882034)
 	[stretch] - ruby-redis-store 1.1.6-1+deb9u1
 	NOTE: https://github.com/redis-store/redis-store/commit/e0c1398d54a9661c8c70267c3a925ba6b192142e
-CVE-2017-1000247 (British Columbia Institute of Technology CodeIgniter 3.1.3 is ...)
+CVE-2017-1000247
 	- codeigniter <itp> (bug #471583)
-CVE-2017-1000246 (Python package pysaml2 version 4.4.0 and earlier reuses the ...)
+CVE-2017-1000246
 	- python-pysaml2 4.5.0-4 (bug #882012)
 	[stretch] - python-pysaml2 <no-dsa> (Minor issue)
 	[jessie] - python-pysaml2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/rohe/pysaml2/issues/417
 	NOTE: https://github.com/c00kiemon5ter/pysaml2/commit/7323f5c20efb59424d853c822e7a26d1aa3e84aa
-CVE-2017-1000241 (The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected ...)
+CVE-2017-1000241
 	NOT-FOR-US: OpenEMR
-CVE-2017-1000240 (The application OpenEMR is affected by multiple reflected &amp; stored ...)
+CVE-2017-1000240
 	NOT-FOR-US: OpenEMR
-CVE-2017-1000239 (InvoicePlane version 1.4.10 is vulnerable to a Stored Cross Site ...)
+CVE-2017-1000239
 	NOT-FOR-US: InvoicePlane
-CVE-2017-1000238 (InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload ...)
+CVE-2017-1000238
 	NOT-FOR-US: InvoicePlane
-CVE-2017-1000237 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to Server-Side Request ...)
+CVE-2017-1000237
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000236 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to Reflected Cross-Site ...)
+CVE-2017-1000236
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000235 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to OS Command Injection ...)
+CVE-2017-1000235
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000234 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to Directory ...)
+CVE-2017-1000234
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000232 (A double-free vulnerability in str2host.c in ldns 1.7.0 have ...)
+CVE-2017-1000232
 	- ldns 1.7.0-4 (bug #882014)
 	[stretch] - ldns <no-dsa> (Minor issue)
 	[jessie] - ldns <no-dsa> (Minor issue)
 	[wheezy] - ldns <not-affected> (Vulnerable code not present)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257
 	NOTE: https://git.nlnetlabs.nl/ldns/commit/?id=3bdeed02505c9bbacb3b64a97ddcb1de967153b7
-CVE-2017-1000231 (A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified ...)
+CVE-2017-1000231
 	{DLA-1182-1}
 	- ldns 1.7.0-4 (bug #882015)
 	[stretch] - ldns <no-dsa> (Minor issue)
 	[jessie] - ldns <no-dsa> (Minor issue)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
 	NOTE: https://git.nlnetlabs.nl/ldns/commit/?id=c8391790c96d4c8a2c10f9ab1460fda83b509fc2
-CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 ...)
+CVE-2017-1000229
 	{DSA-4058-1 DLA-1184-1}
 	- optipng 0.7.6-1.1 (bug #882032)
 	NOTE: https://sourceforge.net/p/optipng/bugs/65/
 	NOTE: Proposed patch: https://sourceforge.net/p/optipng/bugs/_discuss/thread/2a56b3aa/f6bb/attachment/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch
-CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote code ...)
+CVE-2017-1000228
 	NOT-FOR-US: nodejs ejs
-CVE-2017-1000226 (Stop User Enumeration 1.3.8 allows user enumeration via the REST API ...)
+CVE-2017-1000226
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1000225 (Reflected XSS in Relevanssi Premium version 1.14.8 when using ...)
+CVE-2017-1000225
 	NOT-FOR-US: Relevanssi
-CVE-2017-1000224 (CSRF in YouTube (WordPress plugin) could allow unauthenticated ...)
+CVE-2017-1000224
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1000223 (A stored web content injection vulnerability (WCI, a.k.a XSS) is ...)
+CVE-2017-1000223
 	NOT-FOR-US: MODX Revolution
-CVE-2017-1000220 (soyuka/pidusage &lt;=1.1.4 is vulnerable to command injection in the ...)
+CVE-2017-1000220
 	NOT-FOR-US: soyuka/pidusage
-CVE-2017-1000219 (npm/KyleRoss windows-cpu all versions vulnerable to command injection ...)
+CVE-2017-1000219
 	NOT-FOR-US: npm/KyleRoss windows-cpu
-CVE-2017-1000218 (LightFTP version 1.1 is vulnerable to a buffer overflow in the ...)
+CVE-2017-1000218
 	NOT-FOR-US: LightFTP
-CVE-2017-1000213 (WBCE v1.1.11 is vulnerable to reflected XSS via the &quot;begriff&quot; POST ...)
+CVE-2017-1000213
 	NOT-FOR-US: WBCE
-CVE-2017-1000210 (picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer ...)
+CVE-2017-1000210
 	NOT-FOR-US: picoTCP
-CVE-2017-1000209 (The Java WebSocket client nv-websocket-client does not verify that the ...)
+CVE-2017-1000209
 	NOT-FOR-US: Java WebSocket client nv-websocket-client
-CVE-2017-1000208 (A vulnerability in Swagger-Parser's (version &lt;= 1.0.30) yaml parsing ...)
+CVE-2017-1000208
 	NOT-FOR-US: Swagger-Parser
-CVE-2017-1000197 (October CMS build 412 is vulnerable to file path modification in asset ...)
+CVE-2017-1000197
 	NOT-FOR-US: October CMS
-CVE-2017-1000196 (October CMS build 412 is vulnerable to PHP code execution in the asset ...)
+CVE-2017-1000196
 	NOT-FOR-US: October CMS
-CVE-2017-1000195 (October CMS build 412 is vulnerable to PHP object injection in asset ...)
+CVE-2017-1000195
 	NOT-FOR-US: October CMS
-CVE-2017-1000194 (October CMS build 412 is vulnerable to Apache configuration ...)
+CVE-2017-1000194
 	NOT-FOR-US: October CMS
-CVE-2017-1000193 (October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand ...)
+CVE-2017-1000193
 	NOT-FOR-US: October CMS
-CVE-2017-1000189 (nodejs ejs version older than 2.5.5 is vulnerable to a ...)
+CVE-2017-1000189
 	NOT-FOR-US: nodejs ejs
-CVE-2017-1000188 (nodejs ejs version older than 2.5.5 is vulnerable to a ...)
+CVE-2017-1000188
 	NOT-FOR-US: nodejs ejs
-CVE-2017-1000187 (In SWFTools, an address access exception was found in pdf2swf. ...)
+CVE-2017-1000187
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/36
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000186 (In SWFTools, a stack overflow was found in pdf2swf. ...)
+CVE-2017-1000186
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/34
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000185 (In SWFTools, a memcpy buffer overflow was found in gif2swf. ...)
+CVE-2017-1000185
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/33
-CVE-2017-1000182 (In SWFTools, a memory leak was found in wav2swf. ...)
+CVE-2017-1000182
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/30
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000176 (In SWFTools, a memcpy buffer overflow was found in swfc. ...)
+CVE-2017-1000176
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/23
-CVE-2017-1000174 (In SWFTools, an address access exception was found in swfdump ...)
+CVE-2017-1000174
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/21
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000173 (Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. ...)
+CVE-2017-1000173
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000172 (Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. ...)
+CVE-2017-1000172
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000164 (Tine 2.0 version 2017.02.4 is vulnerable to XSS in the Addressbook ...)
+CVE-2017-1000164
 	NOT-FOR-US: Tine groupware
-CVE-2017-1000160 (EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting ...)
+CVE-2017-1000160
 	NOT-FOR-US: EllisLab ExpressionEngine
-CVE-2017-1000158 (CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow ...)
+CVE-2017-1000158
 	{DSA-4307-1 DLA-1520-1 DLA-1519-1 DLA-1190-1 DLA-1189-1}
 	- python3.5 3.5.5-1
 	- python3.4 <removed>
@@ -4892,35 +4892,35 @@ CVE-2017-1000158 (CPython (aka Python) up to 2.7.13 is vulnerable to an integer
 	NOTE: 3.4 https://github.com/python/cpython/commit/6c004b40f9d51872d848981ef1a18bb08c2dfc42 (v3.4.8rc1)
 	NOTE: 3.5 https://github.com/python/cpython/commit/fd8614c5c5466a14a945db5b059c10c0fb8f76d9 (v3.5.5rc1)
 	NOTE: The 2.7.13-4 upload included the commit in debian/patches/git-updates.diff
-CVE-2017-1000129 (Serendipity 2.0.3 is vulnerable to a SQL injection in the blog ...)
+CVE-2017-1000129
 	- serendipity <removed>
-CVE-2017-1000125 (Codiad(full version) is vulnerable to write anything to configure file ...)
+CVE-2017-1000125
 	NOT-FOR-US: Codiad
-CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site Scripting (XSS) ...)
+CVE-2017-16866
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-16865 (The Trello importer in Atlassian Jira before version 7.6.1 allows ...)
+CVE-2017-16865
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-16864 (The issue search resource in Atlassian Jira before version 7.4.2 ...)
+CVE-2017-16864
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-16863 (The PieChart gadget in Atlassian Jira before version 7.5.3 allows ...)
+CVE-2017-16863
 	NOT-FOR-US: PieChart gadget in Atlassian Jira
-CVE-2017-16862 (The IncomingMailServers resource in Atlassian Jira before version ...)
+CVE-2017-16862
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-16861 (It was possible for double OGNL evaluation in certain redirect action ...)
+CVE-2017-16861
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-16860 (The invalidRedirectUrl template in Atlassian Application Links before ...)
+CVE-2017-16860
 	NOT-FOR-US: Atlassian
-CVE-2017-16859 (The review attachment resource in Atlassian Fisheye and Crucible ...)
+CVE-2017-16859
 	NOT-FOR-US: Atlassian
-CVE-2017-16858 (The 'crowd-application' plugin module (notably used by the Google Apps ...)
+CVE-2017-16858
 	NOT-FOR-US: 'crowd-application' plugin module in Atlassian Crowd
-CVE-2017-16857 (It is possible to bypass the bitbucket auto-unapprove plugin via ...)
+CVE-2017-16857
 	NOT-FOR-US: Atlassian
-CVE-2017-16856 (The RSS Feed macro in Atlassian Confluence before version 6.5.2 allows ...)
+CVE-2017-16856
 	NOT-FOR-US: Atlassian Confluence
 CVE-2017-16855
 	REJECTED
-CVE-2017-16854 (In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, ...)
+CVE-2017-16854
 	{DSA-4066-1 DLA-1212-1}
 	- otrs2 6.0.2-1
 	NOTE: https://www.otrs.com/security-advisory-2017-08-security-update-otrs-framework/
@@ -4928,19 +4928,19 @@ CVE-2017-16854 (In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4
 	NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/867aba14900f17caacb0285a08b6981bbdbbe016
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/8748d040058695fda5c9cfcb2a78d8947ed4188d
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/e0deab303e3d0f7c860bba291410512734f4d6b0
-CVE-2017-16851 (Zoho ManageEngine Applications Manager 13 before build 13530 allows ...)
+CVE-2017-16851
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16850 (Zoho ManageEngine Applications Manager 13 before build 13530 allows ...)
+CVE-2017-16850
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16849 (Zoho ManageEngine Applications Manager 13 before build 13530 allows ...)
+CVE-2017-16849
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16848 (Zoho ManageEngine Applications Manager 13 allows SQL injection via the ...)
+CVE-2017-16848
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16847 (Zoho ManageEngine Applications Manager 13 before build 13530 allows ...)
+CVE-2017-16847
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16846 (Zoho ManageEngine Applications Manager 13 before build 13530 allows ...)
+CVE-2017-16846
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16845 (hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values ...)
+CVE-2017-16845
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #882136)
 	[wheezy] - qemu <postponed> (Can be fixed along in a future update)
@@ -4948,45 +4948,45 @@ CVE-2017-16845 (hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' valu
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=802cbcb73002b92e6ddc8464d39b668a71b78d74
-CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in formisc.c in ...)
+CVE-2017-16844
 	{DSA-4041-1 DLA-1173-1}
 	- procmail 3.22-26 (bug #876511)
-CVE-2017-16843 (Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the ...)
+CVE-2017-16843
 	NOT-FOR-US: Vonage VDV-23
-CVE-2017-16842 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-16842
 	NOT-FOR-US: Yoast SEO plugin for WordPress
-CVE-2017-16841 (LanSweeper 6.0.100.75 has XSS via the description parameter to ...)
+CVE-2017-16841
 	NOT-FOR-US: LanSweeper
-CVE-2017-16840 (The VC-2 Video Compression encoder in FFmpeg 3.4 allows remote ...)
+CVE-2017-16840
 	{DSA-4049-1}
 	- ffmpeg 7:3.4.1-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74
-CVE-2017-16839 (Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root ...)
+CVE-2017-16839
 	NOT-FOR-US: vagrant-vmware-fusion
 CVE-2017-16838
 	RESERVED
-CVE-2017-16837 (Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not ...)
+CVE-2017-16837
 	- tboot <itp> (bug #803180)
-CVE-2017-16836 (Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse ...)
+CVE-2017-16836
 	NOT-FOR-US: Arris TG1682G devices
-CVE-2017-16835 (The &quot;Photo,Video Locker-Calculator&quot; application 12.0 for Android has ...)
+CVE-2017-16835
 	NOT-FOR-US: Photo Video Locker-Calculator application for Android
-CVE-2017-16834 (PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an ...)
+CVE-2017-16834
 	- pnp4nagios <not-affected> (/etc/pnp4nagios and its content is installed as root by the Debian package)
 	NOTE: https://github.com/lingej/pnp4nagios/issues/140
-CVE-2017-16833 (Stored cross-site scripting (XSS) vulnerability in Gemirro before ...)
+CVE-2017-16833
 	NOT-FOR-US: Gemirro
-CVE-2017-16853 (The DynamicMetadataProvider class in ...)
+CVE-2017-16853
 	{DSA-4039-1 DLA-1178-1}
 	- opensaml2 2.6.1-1 (bug #881856)
 	NOTE: https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=6182b0acf2df670e75423c2ed7afe6950ef11c9d
 	NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt
-CVE-2017-16852 (shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic ...)
+CVE-2017-16852
 	{DSA-4038-1 DLA-1179-1}
 	- shibboleth-sp2 2.6.1+dfsg1-1 (bug #881857)
 	NOTE: https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=b66cceb0e992c351ad5e2c665229ede82f261b16
 	NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt
-CVE-2017-16832 (The pe_bfd_read_buildid function in peicode.h in the Binary File ...)
+CVE-2017-16832
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -4994,7 +4994,7 @@ CVE-2017-16832 (The pe_bfd_read_buildid function in peicode.h in the Binary File
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22373
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0bb6961f18b8e832d88b490d421ca56cea16c45b
-CVE-2017-16831 (coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2017-16831
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5002,7 +5002,7 @@ CVE-2017-16831 (coffgen.c in the Binary File Descriptor (BFD) library (aka libbf
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22385
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6cee897971d4d7cd37d2a686bb6d2aa3e759c8ca
-CVE-2017-16830 (The print_gnu_property_note function in readelf.c in GNU Binutils ...)
+CVE-2017-16830
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5010,7 +5010,7 @@ CVE-2017-16830 (The print_gnu_property_note function in readelf.c in GNU Binutil
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22384
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6ab2c4ed51f9c4243691755e1b1d2149c6a426f4
-CVE-2017-16829 (The _bfd_elf_parse_gnu_properties function in elf-properties.c in the ...)
+CVE-2017-16829
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5018,7 +5018,7 @@ CVE-2017-16829 (The _bfd_elf_parse_gnu_properties function in elf-properties.c i
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22307
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cf54ebff3b7361989712fd9c0128a9b255578163
-CVE-2017-16828 (The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 ...)
+CVE-2017-16828
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5026,7 +5026,7 @@ CVE-2017-16828 (The display_debug_frames function in dwarf.c in GNU Binutils 2.2
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22386
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bf59c5d5f4f5b8b4da1f5f605cfa546f8029b43d
-CVE-2017-16827 (The aout_get_external_symbols function in aoutx.h in the Binary File ...)
+CVE-2017-16827
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5034,7 +5034,7 @@ CVE-2017-16827 (The aout_get_external_symbols function in aoutx.h in the Binary
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22306
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0301ce1486b1450f219202677f30d0fa97335419
-CVE-2017-16826 (The coff_slurp_line_table function in coffcode.h in the Binary File ...)
+CVE-2017-16826
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5050,57 +5050,57 @@ CVE-2017-16823
 	RESERVED
 CVE-2017-16822
 	RESERVED
-CVE-2017-16821 (b3log Symphony (aka Sym) 2.2.0 has XSS in processor/AdminProcessor.java ...)
+CVE-2017-16821
 	NOT-FOR-US: b3log Symphony
-CVE-2017-16819 (A stored cross-site scripting vulnerability in the Icon Time Systems ...)
+CVE-2017-16819
 	NOT-FOR-US: Icon Time Systems RTC-1000
-CVE-2017-16818 (RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote ...)
+CVE-2017-16818
 	- ceph <not-affected> (Vulnerable code introduced after 12.1.0)
 	NOTE: https://github.com/ceph/ceph/commit/b3118cabb8060a8cc6a01c4e8264cb18e7b1745a
 CVE-2017-16817
 	RESERVED
-CVE-2017-16816 (The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before ...)
+CVE-2017-16816
 	- condor 8.6.8~dfsg.1-1
 	[stretch] - condor <not-affected> (VOMS support disabled)
 	[jessie] - condor <no-dsa> (Minor issue)
 	[wheezy] - condor <no-dsa> (Minor issue)
 	NOTE: http://research.cs.wisc.edu/htcondor//security/vulnerabilities/HTCONDOR-2017-0001.html
-CVE-2017-16815 (installer.php in the Snap Creek Duplicator (WordPress Site Migration &amp; ...)
+CVE-2017-16815
 	NOT-FOR-US: Snap Creek Duplicator (WordPress Site Migration & Backup) plugin for WordPress
-CVE-2017-16820 (The csnmp_read_table function in snmp.c in the SNMP plugin in collectd ...)
+CVE-2017-16820
 	- collectd 5.8.0-1 (bug #881757)
 	[stretch] - collectd <no-dsa> (Minor issue)
 	[jessie] - collectd <no-dsa> (Minor issue)
 	[wheezy] - collectd <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/collectd/collectd/issues/2291
-CVE-2017-16814 (A Directory Traversal issue was discovered in the Foxit MobilePDF app ...)
+CVE-2017-16814
 	NOT-FOR-US: Foxit
-CVE-2017-16813 (A denial-of-service issue was discovered in the Foxit MobilePDF app ...)
+CVE-2017-16813
 	NOT-FOR-US: Foxit
 CVE-2017-16812
 	RESERVED
 CVE-2017-16811
 	RESERVED
-CVE-2017-16810 (Cross-site scripting (XSS) vulnerability in the All Variables tab in ...)
+CVE-2017-16810
 	NOT-FOR-US: Octopus Deploy
 CVE-2017-16809
 	RESERVED
-CVE-2017-16808 (tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print in ...)
+CVE-2017-16808
 	- tcpdump <unfixed> (unimportant; bug #881862)
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/645
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-16807 (A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, ...)
+CVE-2017-16807
 	NOT-FOR-US: Kirby Panel
-CVE-2017-16806 (The Process function in RemoteTaskServer/WebServer/HttpServer.cs in ...)
+CVE-2017-16806
 	NOT-FOR-US: Ulterius
-CVE-2017-16805 (In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...)
+CVE-2017-16805
 	- radare2 2.1.0+dfsg-1 (bug #882134)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <not-affected> (Vulnerable code does not exist; no dwarf support)
 	NOTE: https://github.com/radare/radare2/commit/2ca9ab45891b6ae8e32b6c28c81eebca059cbe5d
 	NOTE: https://github.com/radare/radare2/issues/8813
-CVE-2017-16803 (In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree ...)
+CVE-2017-16803
 	{DSA-4119-1}
 	- libav <removed> (low)
 	- ffmpeg 7:2.2.1-1
@@ -5108,9 +5108,9 @@ CVE-2017-16803 (In Libav through 11.11 and 12.x through 12.1, the smacker_decode
 	NOTE: https://github.com/libav/libav/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f
 	NOTE: ffmpeg: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f
 	NOTE: ffmpeg originally fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/b829da363985cb2f80130bba304cc29a632f6446
-CVE-2017-16802 (In the sharingGroupPopulateOrganisations function in ...)
+CVE-2017-16802
 	NOT-FOR-US: MISP
-CVE-2017-16804 (In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function ...)
+CVE-2017-16804
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -5118,65 +5118,65 @@ CVE-2017-16804 (In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders fu
 	NOTE: https://www.redmine.org/issues/25713 (private)
 	NOTE: upstream fixed in 3.2.7, 3.3.4 and 3.4.0
 	NOTE: https://github.com/redmine/redmine/commit/0f09f161f64f4190a52166675ff380a15b72a8bc
-CVE-2017-16801 (Cross-site scripting (XSS) vulnerability in Octopus Deploy ...)
+CVE-2017-16801
 	NOT-FOR-US: Octopus Deploy
 CVE-2017-16800
 	RESERVED
-CVE-2017-16799 (In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, ...)
+CVE-2017-16799
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16798 (In CMS Made Simple 2.2.3.1, the is_file_acceptable function in ...)
+CVE-2017-16798
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16797 (In SWFTools 0.9.2, the png_load function in lib/png.c does not properly ...)
+CVE-2017-16797
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/51
-CVE-2017-16796 (In SWFTools 0.9.2, the png_load function in lib/png.c does not check ...)
+CVE-2017-16796
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/51
 	NOTE: Crash in CLI tool, no security implications
 CVE-2017-16795
 	RESERVED
-CVE-2017-16794 (The png_load function in lib/png.c in SWFTools 0.9.2 does not properly ...)
+CVE-2017-16794
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/50
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-16793 (The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not ...)
+CVE-2017-16793
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/47
-CVE-2017-16792 (Stored cross-site scripting (XSS) vulnerability in &quot;geminabox&quot; (Gem in ...)
+CVE-2017-16792
 	NOT-FOR-US: geminabox
 CVE-2017-16791
 	RESERVED
-CVE-2017-16790 (An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, ...)
+CVE-2017-16790
 	{DSA-4262-1}
 	- symfony 3.4.0+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code introduced in 2.4.*)
 	NOTE: https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files
 	NOTE: https://github.com/symfony/symfony/pull/24993
-CVE-2017-16789 (Cross-site scripting (XSS) vulnerability in Integration Matters nJAMS ...)
+CVE-2017-16789
 	NOT-FOR-US: TIBCO
-CVE-2017-16788 (Directory traversal vulnerability in the &quot;Upload Groupkey&quot; ...)
+CVE-2017-16788
 	NOT-FOR-US: Meinberg LANTIME
-CVE-2017-16787 (The Web Configuration Utility in Meinberg LANTIME devices with ...)
+CVE-2017-16787
 	NOT-FOR-US: Meinberg LANTIME
-CVE-2017-16786 (The Web Configuration Utility in Meinberg LANTIME devices with ...)
+CVE-2017-16786
 	NOT-FOR-US: Meinberg LANTIME
-CVE-2017-16784 (In CMS Made Simple 2.2.2, there is Reflected XSS via the ...)
+CVE-2017-16784
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16783 (In CMS Made Simple 2.1.6, there is Server-Side Template Injection via ...)
+CVE-2017-16783
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16782 (In Home Assistant before 0.57, it is possible to inject JavaScript code ...)
+CVE-2017-16782
 	NOT-FOR-US: Home Assistant
-CVE-2017-16781 (The installer in MyBB before 1.8.13 has XSS. ...)
+CVE-2017-16781
 	NOT-FOR-US: MyBB
-CVE-2017-16780 (The installer in MyBB before 1.8.13 allows remote attackers to execute ...)
+CVE-2017-16780
 	NOT-FOR-US: MyBB
-CVE-2017-16785 (Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. ...)
+CVE-2017-16785
 	- cacti 1.1.27+ds1-3
 	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
 	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
@@ -5188,145 +5188,145 @@ CVE-2017-16779
 	RESERVED
 CVE-2017-16778
 	RESERVED
-CVE-2017-16777 (If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) ...)
+CVE-2017-16777
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
-CVE-2017-16776 (Security researchers discovered an authentication bypass vulnerability ...)
+CVE-2017-16776
 	NOT-FOR-US: Conserus Workflow Intelligence
 CVE-2017-16775
 	RESERVED
 CVE-2017-16774
 	RESERVED
-CVE-2017-16773 (Improper authorization vulnerability in Highlight Preview in Synology ...)
+CVE-2017-16773
 	NOT-FOR-US: Synology
-CVE-2017-16772 (Improper input validation vulnerability in ...)
+CVE-2017-16772
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-16771 (Cross-site scripting (XSS) vulnerability in Log Viewer in Synology ...)
+CVE-2017-16771
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-16770 (File and directory information exposure vulnerability in ...)
+CVE-2017-16770
 	NOT-FOR-US: Synology Surveillance Station
-CVE-2017-16769 (Exposure of private information vulnerability in Photo Viewer in ...)
+CVE-2017-16769
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-16768 (Cross-site scripting (XSS) vulnerability in User Policy editor in ...)
+CVE-2017-16768
 	NOT-FOR-US: Synology MailPlus Server
-CVE-2017-16767 (Cross-site scripting (XSS) vulnerability in User Profile in Synology ...)
+CVE-2017-16767
 	NOT-FOR-US: Synology Surveillance Station
-CVE-2017-16766 (An improper access control vulnerability in synodsmnotify in Synology ...)
+CVE-2017-16766
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-16765 (XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi. ...)
+CVE-2017-16765
 	NOT-FOR-US: D-Link
-CVE-2017-16764 (An exploitable vulnerability exists in the YAML parsing functionality ...)
+CVE-2017-16764
 	NOT-FOR-US: django_make_app
-CVE-2017-16763 (An exploitable vulnerability exists in the YAML parsing functionality ...)
+CVE-2017-16763
 	NOT-FOR-US: Confire
-CVE-2017-16762 (Sanic before 0.5.1 allows reading arbitrary files with directory ...)
+CVE-2017-16762
 	NOT-FOR-US: Sanic
-CVE-2017-16761 (An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows ...)
+CVE-2017-16761
 	NOT-FOR-US: Inedo BuildMaster
-CVE-2017-16760 (Inedo BuildMaster before 5.8.2 has XSS. ...)
+CVE-2017-16760
 	NOT-FOR-US: Inedo BuildMaster
-CVE-2017-16759 (The installation process in LibreNMS before 2017-08-18 allows remote ...)
+CVE-2017-16759
 	NOT-FOR-US: LibreNMS
-CVE-2017-16758 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-16758
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-16757 (Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, ...)
+CVE-2017-16757
 	NOT-FOR-US: Hola VPN
-CVE-2017-16756 (An issue was discovered in Userscape HelpSpot before 4.7.2. A ...)
+CVE-2017-16756
 	NOT-FOR-US: Userscape HelpSpot
-CVE-2017-16755 (An issue was discovered in Userscape HelpSpot before 4.7.2. A reflected ...)
+CVE-2017-16755
 	NOT-FOR-US: Userscape HelpSpot
-CVE-2017-16754 (Bolt before 3.3.6 does not properly restrict access to _profiler ...)
+CVE-2017-16754
 	NOT-FOR-US: Bolt CMS
-CVE-2017-16753 (An Improper Input Validation issue was discovered in Advantech ...)
+CVE-2017-16753
 	NOT-FOR-US: Advantech WebAccess
 CVE-2017-16752
 	RESERVED
-CVE-2017-16751 (A Stack-based Buffer Overflow issue was discovered in Delta Electronics ...)
+CVE-2017-16751
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16750
 	RESERVED
-CVE-2017-16749 (A Use-after-Free issue was discovered in Delta Electronics Delta ...)
+CVE-2017-16749
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
-CVE-2017-16748 (An attacker can log into the local Niagara platform (Niagara AX ...)
+CVE-2017-16748
 	NOT-FOR-US: Niagara AX
-CVE-2017-16747 (An Out-of-bounds Write issue was discovered in Delta Electronics Delta ...)
+CVE-2017-16747
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16746
 	RESERVED
-CVE-2017-16745 (A Type Confusion issue was discovered in Delta Electronics Delta ...)
+CVE-2017-16745
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
-CVE-2017-16744 (A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and ...)
+CVE-2017-16744
 	NOT-FOR-US: Niagara AX
-CVE-2017-16743 (An Improper Authorization issue was discovered in PHOENIX CONTACT FL ...)
+CVE-2017-16743
 	NOT-FOR-US: PHOENIX CONTACT FL SWITCH
 CVE-2017-16742
 	RESERVED
-CVE-2017-16741 (An Information Exposure issue was discovered in PHOENIX CONTACT FL ...)
+CVE-2017-16741
 	NOT-FOR-US: PHOENIX CONTACT FL SWITCH
-CVE-2017-16740 (A Buffer Overflow issue was discovered in Rockwell Automation ...)
+CVE-2017-16740
 	NOT-FOR-US: Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers
-CVE-2017-16739 (An issue was discovered in WECON Technology LEVI Studio HMI Editor ...)
+CVE-2017-16739
 	NOT-FOR-US: WECON Technology LEVI Studio HMI Editor
 CVE-2017-16738
 	RESERVED
-CVE-2017-16737 (An issue was discovered in WECON Technology LEVI Studio HMI Editor ...)
+CVE-2017-16737
 	NOT-FOR-US: WECON Technology LEVI Studio HMI Editor
-CVE-2017-16736 (An Unrestricted Upload Of File With Dangerous Type issue was discovered ...)
+CVE-2017-16736
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16735 (A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 ...)
+CVE-2017-16735
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2017-16734
 	RESERVED
-CVE-2017-16733 (A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 ...)
+CVE-2017-16733
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2017-16732 (A use-after-free issue was discovered in Advantech WebAccess versions ...)
+CVE-2017-16732
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16731 (An Unprotected Transport of Credentials issue was discovered in ABB ...)
+CVE-2017-16731
 	NOT-FOR-US: Ellipse
 CVE-2017-16730
 	RESERVED
 CVE-2017-16729
 	RESERVED
-CVE-2017-16728 (An Untrusted Pointer Dereference issue was discovered in Advantech ...)
+CVE-2017-16728
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16727 (A Credentials Management issue was discovered in Moxa NPort W2150A ...)
+CVE-2017-16727
 	NOT-FOR-US: Moxa
-CVE-2017-16726 (Beckhoff TwinCAT supports communication over ADS. ADS is a protocol ...)
+CVE-2017-16726
 	NOT-FOR-US: Beckhoff TwinCAT
-CVE-2017-16725 (A Stack-based Buffer Overflow issue was discovered in Xiongmai ...)
+CVE-2017-16725
 	NOT-FOR-US: Xiongmai Technology IP Cameras and DVRs
-CVE-2017-16724 (A Stack-based Buffer Overflow issue was discovered in Advantech ...)
+CVE-2017-16724
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16723 (A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL ...)
+CVE-2017-16723
 	NOT-FOR-US: PHOENIX
 CVE-2017-16722
 	RESERVED
-CVE-2017-16721 (A Cross-site Scripting issue was discovered in Geovap Reliance SCADA ...)
+CVE-2017-16721
 	NOT-FOR-US: Geovap Reliance SCADA
-CVE-2017-16720 (A Path Traversal issue was discovered in WebAccess versions 8.3.2 and ...)
+CVE-2017-16720
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort ...)
+CVE-2017-16719
 	NOT-FOR-US: Moxa
-CVE-2017-16718 (Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol ...)
+CVE-2017-16718
 	NOT-FOR-US: Beckhoff TwinCAT
-CVE-2017-16717 (A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio ...)
+CVE-2017-16717
 	NOT-FOR-US: WECON LeviStudio HMI
-CVE-2017-16716 (A SQL Injection issue was discovered in WebAccess versions prior to ...)
+CVE-2017-16716
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16715 (An Information Exposure issue was discovered in Moxa NPort 5110 Version ...)
+CVE-2017-16715
 	NOT-FOR-US: Moxa
-CVE-2017-16714 (In Ice Qube Thermal Management Center versions prior to version 4.13, ...)
+CVE-2017-16714
 	NOT-FOR-US: Ice Qube Thermal Management Center
 CVE-2017-16713
 	RESERVED
 CVE-2017-16712
 	RESERVED
-CVE-2017-16711 (The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c ...)
+CVE-2017-16711
 	- swftools <unfixed> (unimportant; bug #881390)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/46
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-16710 (Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 ...)
+CVE-2017-16710
 	NOT-FOR-US: Creston
-CVE-2017-16709 (Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 ...)
+CVE-2017-16709
 	NOT-FOR-US: Creston
 CVE-2017-16708
 	RESERVED
@@ -5362,33 +5362,33 @@ CVE-2017-16693
 	RESERVED
 CVE-2017-16692
 	RESERVED
-CVE-2017-16691 (SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to ...)
+CVE-2017-16691
 	NOT-FOR-US: SAP Note Assistant
-CVE-2017-16690 (A malicious DLL preload attack possible on NwSapSetup and Installation ...)
+CVE-2017-16690
 	NOT-FOR-US: SAP Plant Connectivity
-CVE-2017-16689 (A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, ...)
+CVE-2017-16689
 	NOT-FOR-US: SAP KERNEL
 CVE-2017-16688
 	RESERVED
-CVE-2017-16687 (The user self-service tools of SAP HANA extended application services, ...)
+CVE-2017-16687
 	NOT-FOR-US: SAP HANA
 CVE-2017-16686
 	RESERVED
-CVE-2017-16685 (Cross-Site scripting (XSS) in SAP Business Warehouse Universal Data ...)
+CVE-2017-16685
 	NOT-FOR-US: SAP Business Warehouse Universal Data Integration
-CVE-2017-16684 (SAP Business Intelligence Promotion Management Application, Enterprise ...)
+CVE-2017-16684
 	NOT-FOR-US: SAP Business Intelligence Promotion Management Application
-CVE-2017-16683 (Denial of Service (DOS) in SAP Business Objects Platform, Enterprise ...)
+CVE-2017-16683
 	NOT-FOR-US: SAP Business Objects Platform
-CVE-2017-16682 (SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 ...)
+CVE-2017-16682
 	NOT-FOR-US: SAP NetWeaver Internet Transaction Server
-CVE-2017-16681 (Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence ...)
+CVE-2017-16681
 	NOT-FOR-US: SAP Business Intelligence Promotion Management Application
-CVE-2017-16680 (Two potential audit log injections in SAP HANA extended application ...)
+CVE-2017-16680
 	NOT-FOR-US: SAP HANA extended application services
-CVE-2017-16679 (URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 ...)
+CVE-2017-16679
 	NOT-FOR-US: SAP's Startup Service
-CVE-2017-16678 (Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver ...)
+CVE-2017-16678
 	NOT-FOR-US: SAP NetWeaver Knowledge Management Configuration Service
 CVE-2017-16677
 	RESERVED
@@ -5396,11 +5396,11 @@ CVE-2017-16676
 	RESERVED
 CVE-2017-16675
 	RESERVED
-CVE-2017-16674 (Datto Windows Agent allows unauthenticated remote command execution via ...)
+CVE-2017-16674
 	NOT-FOR-US: Datto Windows Agent
-CVE-2017-16673 (Datto Backup Agent 1.0.6.0 and earlier does not authenticate incoming ...)
+CVE-2017-16673
 	NOT-FOR-US: Datto Backup Agent
-CVE-2017-16672 (An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 ...)
+CVE-2017-16672
 	- asterisk 1:13.18.1~dfsg-1 (bug #881256)
 	[stretch] - asterisk 1:13.14.1~dfsg-2+deb9u3
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
@@ -5408,7 +5408,7 @@ CVE-2017-16672 (An issue was discovered in Asterisk Open Source 13 before 13.18.
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-011.html
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-011-13.diff
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27345
-CVE-2017-16671 (A Buffer Overflow issue was discovered in Asterisk Open Source 13 ...)
+CVE-2017-16671
 	- asterisk 1:13.18.1~dfsg-1 (bug #881257)
 	[stretch] - asterisk 1:13.14.1~dfsg-2+deb9u3
 	[jessie] - asterisk <not-affected> (Vulnerable code do not exist)
@@ -5416,9 +5416,9 @@ CVE-2017-16671 (A Buffer Overflow issue was discovered in Asterisk Open Source 1
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-010.html
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-010-13.diff
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27337
-CVE-2017-16670 (The project import functionality in SoapUI 5.3.0 allows remote ...)
+CVE-2017-16670
 	NOT-FOR-US: SoapUI
-CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause ...)
+CVE-2017-16669
 	{DSA-4321-1 DLA-1401-1 DLA-1168-1}
 	- graphicsmagick 1.3.26-19 (bug #881391)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/450/
@@ -5432,31 +5432,31 @@ CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/fcd3ed3394f6
 CVE-2017-16668
 	RESERVED
-CVE-2017-16666 (Xplico before 1.2.1 allows remote authenticated users to execute ...)
+CVE-2017-16666
 	NOT-FOR-US: Xplico
-CVE-2017-16665 (RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a ...)
+CVE-2017-16665
 	NOT-FOR-US: RemObjects Remoting SDK
-CVE-2017-16664 (Code injection exists in Kernel/System/Spelling.pm in Open Ticket ...)
+CVE-2017-16664
 	{DSA-4047-1 DLA-1212-1}
 	- otrs2 5.0.24-1 (bug #882370)
 	NOTE: https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/4c36932d0c42343f21246a107e17a2ebbd9c2c7d
 	NOTE: OTRS 3.3: https://github.com/OTRS/otrs/commit/2e58a4bbd99b2477d72c3b2d9fef009537ab19ce
-CVE-2017-16667 (backintime (aka Back in Time) before 1.1.24 did improper ...)
+CVE-2017-16667
 	- backintime 1.1.24-0.1 (bug #881205)
 	[stretch] - backintime <no-dsa> (Minor issue)
 	[jessie] - backintime <no-dsa> (Minor issue)
 	[wheezy] - backintime <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/bit-team/backintime/issues/834
 	NOTE: https://github.com/bit-team/backintime/commit/cef81d0da93ff601252607df3db1a48f7f6f01b3
-CVE-2017-16663 (In sam2p 0.49.4, there are integer overflows (with resultant heap-based ...)
+CVE-2017-16663
 	{DLA-1185-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/16
 CVE-2017-16662
 	RESERVED
-CVE-2017-16659 (The Gentoo mail-filter/assp package 1.9.8.13030 and earlier allows ...)
+CVE-2017-16659
 	NOT-FOR-US: assp as packaged by Gentoo
 CVE-2017-16658
 	RESERVED
@@ -5466,24 +5466,24 @@ CVE-2017-16656
 	RESERVED
 CVE-2017-16655
 	RESERVED
-CVE-2017-16654 (An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, ...)
+CVE-2017-16654
 	{DSA-4262-1 DLA-1707-1}
 	- symfony 3.4.0+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths
 	NOTE: https://github.com/symfony/symfony/pull/24994
-CVE-2017-16653 (An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, ...)
+CVE-2017-16653
 	{DSA-4262-1}
 	- symfony 3.4.0+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code not present in branch 2.3)
 	NOTE: https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https
 	NOTE: https://github.com/symfony/symfony/pull/24992
-CVE-2017-16652 (An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before ...)
+CVE-2017-16652
 	{DSA-4262-1 DLA-1707-1}
 	- symfony 3.4.0+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers
 	NOTE: https://github.com/symfony/symfony/pull/24995
 	NOTE: See CVE-2018-11408 to address original incomplete fix for CVE-2017-16652
-CVE-2017-16651 (Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before ...)
+CVE-2017-16651
 	{DSA-4030-1 DLA-1193-1}
 	- roundcube 1.3.3+dfsg.1-1
 	NOTE: master: https://github.com/roundcube/roundcubemail/commit/2a32f51c91d5e9c7b1a9d931846dd44c008ff36d
@@ -5492,45 +5492,45 @@ CVE-2017-16651 (Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x b
 	NOTE: release-1.1: https://github.com/roundcube/roundcubemail/commit/e757cc410145d043c30889d28fa0b5f67a5cf2fd
 	NOTE: release-1.0: https://github.com/roundcube/roundcubemail/commit/8d87bb34f3c6103ab81e5342d8b3d297832d178a
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6026
-CVE-2017-16650 (The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux ...)
+CVE-2017-16650
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16649 (The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in ...)
+CVE-2017-16649
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16648 (The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c ...)
+CVE-2017-16648
 	- linux <not-affected> (Vulnerable code not present)
-CVE-2017-16647 (drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 ...)
+CVE-2017-16647
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16646 (drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through ...)
+CVE-2017-16646
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16645 (The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c ...)
+CVE-2017-16645
 	- linux 4.14.2-1 (unimportant)
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.56-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: CONFIG_INPUT_IMS_PCU is not set in Debian config
-CVE-2017-16644 (The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the ...)
+CVE-2017-16644
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16643 (The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c ...)
+CVE-2017-16643
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16642 (In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an ...)
+CVE-2017-16642
 	{DSA-4081-1 DSA-4080-1}
 	- php7.1 7.1.11-1
 	- php7.0 7.0.25-1
@@ -5540,21 +5540,21 @@ CVE-2017-16642 (In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75055
 	NOTE: https://github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536
 	NOTE: https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1
-CVE-2017-16661 (Cacti 1.1.27 allows remote authenticated administrators to read ...)
+CVE-2017-16661
 	- cacti 1.1.27+ds1-3
 	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
 	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
 	[wheezy] - cacti <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/Cacti/cacti/issues/1066
 	NOTE: affected code was introduced in the 1.x release
-CVE-2017-16660 (Cacti 1.1.27 allows remote authenticated administrators to conduct ...)
+CVE-2017-16660
 	- cacti 1.1.27+ds1-3
 	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
 	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
 	[wheezy] - cacti <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/Cacti/cacti/issues/1066
 	NOTE: affected code was introduced in the 1.x release
-CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators ...)
+CVE-2017-16641
 	- cacti 1.1.27+ds1-3 (bug #881110)
 	[stretch] - cacti <ignored> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
 	[jessie] - cacti <ignored> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
@@ -5563,19 +5563,19 @@ CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated administ
 	NOTE: https://github.com/Cacti/cacti/commit/e8088bb6593e6a49d000c342d17402f01db8740e
 CVE-2017-16640
 	RESERVED
-CVE-2017-16639 (Tor Browser on Windows before 8.0 allows remote attackers to bypass ...)
+CVE-2017-16639
 	NOT-FOR-US: Tor Browser on Windows
-CVE-2017-16638 (The Gentoo net-misc/vde package before version 2.3.2-r4 may allow ...)
+CVE-2017-16638
 	NOT-FOR-US: Gentoo net-misc/vde packaging issue
-CVE-2017-16637 (In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when ...)
+CVE-2017-16637
 	NOT-FOR-US: Vectura Perfect Privacy VPN Manager
-CVE-2017-16636 (In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new ...)
+CVE-2017-16636
 	NOT-FOR-US: Bludit
-CVE-2017-16635 (In TinyWebGallery v2.4, an XSS vulnerability is located in the ...)
+CVE-2017-16635
 	NOT-FOR-US: TinyWebGallery
-CVE-2017-16634 (In Joomla! before 3.8.2, a bug allowed third parties to bypass a ...)
+CVE-2017-16634
 	NOT-FOR-US: Joomla!
-CVE-2017-16633 (In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only ...)
+CVE-2017-16633
 	NOT-FOR-US: Joomla!
 CVE-2017-16632
 	RESERVED
@@ -5605,21 +5605,21 @@ CVE-2017-16620
 	RESERVED
 CVE-2017-16619
 	RESERVED
-CVE-2017-16618 (An exploitable vulnerability exists in the YAML loading functionality ...)
+CVE-2017-16618
 	NOT-FOR-US: OwlMixin
 CVE-2017-16617
 	RESERVED
-CVE-2017-16616 (An exploitable vulnerability exists in the YAML parsing functionality ...)
+CVE-2017-16616
 	NOT-FOR-US: pyanyapi
-CVE-2017-16615 (An exploitable vulnerability exists in the YAML parsing functionality ...)
+CVE-2017-16615
 	NOT-FOR-US: MLAlchemy
-CVE-2017-16614 (SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows ...)
+CVE-2017-16614
 	NOT-FOR-US: tpshop
-CVE-2017-16613 (An issue was discovered in middleware.py in OpenStack Swauth through ...)
+CVE-2017-16613
 	{DSA-4044-1}
 	- swauth 1.2.0-4 (bug #882314)
 	NOTE: https://bugs.launchpad.net/swift/+bug/1655781
-CVE-2017-16612 (libXcursor before 1.1.15 has various integer overflows that could lead ...)
+CVE-2017-16612
 	{DSA-4059-1 DLA-1201-1}
 	- libxcursor 1:1.1.14-3.1 (bug #883792)
 	- wayland 1.14.0-2 (bug #889681)
@@ -5633,7 +5633,7 @@ CVE-2017-16612 (libXcursor before 1.1.15 has various integer overflows that coul
 	NOTE: Wayland: https://cgit.freedesktop.org/wayland/wayland/commit/?id=5d201df72f3d4f4cb8b8f75f980169b03507da38
 	NOTE: For src:wayland originally fixed in 1.14.0-2 but the 1.15.0-1 upload
 	NOTE: did not merge in the 1.14.0-2 upload.
-CVE-2017-16611 (In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker ...)
+CVE-2017-16611
 	- libxfont 1:2.0.3-1 (low; bug #883929)
 	[stretch] - libxfont <no-dsa> (Minor issue)
 	[jessie] - libxfont <no-dsa> (Minor issue)
@@ -5644,148 +5644,148 @@ CVE-2017-16611 (In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local att
 	NOTE: (for 1.5.x): https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?h=libXfont-1.5-branch&id=5ed8ac0e4f063825b8ecda48e9a111d3ce92e825
 	NOTE: https://marc.info/?l=freedesktop-xorg-announce&m=151188049718337&w=2
 	NOTE: https://marc.info/?l=freedesktop-xorg-announce&m=151188044218304&w=2
-CVE-2017-16610 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16610
 	NOT-FOR-US: Netgain
-CVE-2017-16609 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16609
 	NOT-FOR-US: Netgain
-CVE-2017-16608 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16608
 	NOT-FOR-US: Netgain
-CVE-2017-16607 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16607
 	NOT-FOR-US: Netgain
-CVE-2017-16606 (This vulnerability allows remote attackers to execute code by creating ...)
+CVE-2017-16606
 	NOT-FOR-US: Netgain
-CVE-2017-16605 (This vulnerability allows remote attackers to overwrite arbitrary ...)
+CVE-2017-16605
 	NOT-FOR-US: Netgain
-CVE-2017-16604 (This vulnerability allows remote attackers to overwrite arbitrary ...)
+CVE-2017-16604
 	NOT-FOR-US: Netgain
-CVE-2017-16603 (This vulnerability allows remote attackers to execute code by creating ...)
+CVE-2017-16603
 	NOT-FOR-US: Netgain
-CVE-2017-16602 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16602
 	NOT-FOR-US: Netgain
-CVE-2017-16601 (This vulnerability allows remote attackers to overwrite arbitrary ...)
+CVE-2017-16601
 	NOT-FOR-US: Netgain
-CVE-2017-16600 (This vulnerability allows remote attackers to overwrite files on ...)
+CVE-2017-16600
 	NOT-FOR-US: Netgain
-CVE-2017-16599 (This vulnerability allows remote attackers to delete arbitrary files ...)
+CVE-2017-16599
 	NOT-FOR-US: Netgain
-CVE-2017-16598 (This vulnerability allows remote attackers to execute code by ...)
+CVE-2017-16598
 	NOT-FOR-US: Netgain
-CVE-2017-16597 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16597
 	NOT-FOR-US: Netgain
-CVE-2017-16596 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16596
 	NOT-FOR-US: Netgain
-CVE-2017-16595 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16595
 	NOT-FOR-US: Netgain
-CVE-2017-16594 (This vulnerability allows remote attackers to create arbitrary files ...)
+CVE-2017-16594
 	NOT-FOR-US: Netgain
-CVE-2017-16593 (This vulnerability allows remote attackers to delete arbitrary files ...)
+CVE-2017-16593
 	NOT-FOR-US: Netgain
-CVE-2017-16592 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16592
 	NOT-FOR-US: Netgain
-CVE-2017-16591 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16591
 	NOT-FOR-US: Netgain
-CVE-2017-16590 (This vulnerability allows remote attackers to bypass authentication on ...)
+CVE-2017-16590
 	NOT-FOR-US: Netgain
-CVE-2017-16589 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16589
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16588 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16588
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16587 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16587
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16586 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16586
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16585 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16585
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16584 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16584
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16583 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16583
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16582 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16582
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16581 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16581
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16580 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16580
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16579 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16579
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16578 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16578
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16577 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16577
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16576 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16576
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16575 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16575
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16574 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16574
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16573 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-16573
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16572 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16572
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16571 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-16571
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16570 (KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by ...)
+CVE-2017-16570
 	NOT-FOR-US: KeystoneJS
-CVE-2017-16569 (An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an ...)
+CVE-2017-16569
 	NOT-FOR-US: Zurmo
-CVE-2017-16568 (Cross-site scripting (XSS) vulnerability in Logitech Media Server ...)
+CVE-2017-16568
 	NOT-FOR-US: Logitech Media Server
-CVE-2017-16567 (Cross-site scripting (XSS) vulnerability in Logitech Media Server ...)
+CVE-2017-16567
 	NOT-FOR-US: Logitech Media Server
-CVE-2017-16566 (On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not ...)
+CVE-2017-16566
 	NOT-FOR-US: Jooan IP Camera A5 2.3.36 devices
-CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage ...)
+CVE-2017-16565
 	NOT-FOR-US: Vonage
-CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on ...)
+CVE-2017-16564
 	NOT-FOR-US: Vonage
-CVE-2017-16563 (Cross-Site Request Forgery (CSRF) in the Basic Settings screen on ...)
+CVE-2017-16563
 	NOT-FOR-US: Vonage
-CVE-2017-16562 (The UserPro plugin before 4.9.17.1 for WordPress, when used on a site ...)
+CVE-2017-16562
 	NOT-FOR-US: WordPress plugin userpro
-CVE-2017-16561 (/view/friend_profile.php in Ingenious School Management System 2.3.0 is ...)
+CVE-2017-16561
 	NOT-FOR-US: Ingenious School Management System
-CVE-2017-16560 (SanDisk Secure Access 3.01 vault decrypts and copies encrypted files ...)
+CVE-2017-16560
 	NOT-FOR-US: SanDisk Secure Access
 CVE-2017-16559
 	RESERVED
 CVE-2017-16558
 	RESERVED
-CVE-2017-16557 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
+CVE-2017-16557
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16556 (In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be ...)
+CVE-2017-16556
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16555 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
+CVE-2017-16555
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16554 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
+CVE-2017-16554
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16553 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
+CVE-2017-16553
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16552 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
+CVE-2017-16552
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16551 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain ...)
+CVE-2017-16551
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16550 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
+CVE-2017-16550
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16549 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to ...)
+CVE-2017-16549
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16548 (The receive_xattr function in xattrs.c in rsync 3.1.2 and ...)
+CVE-2017-16548
 	{DSA-4068-1 DLA-1218-1}
 	- rsync 3.1.2-2.1 (bug #880954)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13112
 	NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1
-CVE-2017-16547 (The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does ...)
+CVE-2017-16547
 	{DSA-4321-1 DLA-1456-1 DLA-1170-1}
 	- graphicsmagick 1.3.26-18
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/517/
-CVE-2017-16546 (The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does ...)
+CVE-2017-16546
 	{DSA-4074-1 DSA-4040-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #881392)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present; PoC from GitHub issue results in memory allocation exception thrown at coders/wpg.c:1109 and valgrind does not report any issues)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/851
-CVE-2017-16545 (The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does ...)
+CVE-2017-16545
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-18
 	[jessie] - graphicsmagick 1.3.20-3+deb8u3
@@ -5795,18 +5795,18 @@ CVE-2017-16545 (The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.
 	NOTE: The wheezy version gives an assert before the vulnerability can be triggered. Due to this
 	NOTE: the severity of the wheezy version is low even though the vulnerable code is still present.
 	NOTE: The patch is trivial so it may be worth fixing in combination with some other fix.
-CVE-2017-16544 (In the add_match function in libbb/lineedit.c in BusyBox through ...)
+CVE-2017-16544
 	{DLA-1445-1}
 	- busybox 1:1.27.2-2 (bug #882258)
 	[stretch] - busybox <no-dsa> (Minor issue, can be fixed via point release)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/
 	NOTE: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
-CVE-2017-16543 (Zoho ManageEngine Applications Manager 13 before build 13500 allows ...)
+CVE-2017-16543
 	NOT-FOR-US: Zoho
-CVE-2017-16542 (Zoho ManageEngine Applications Manager 13 before build 13500 allows ...)
+CVE-2017-16542
 	NOT-FOR-US: Zoho
-CVE-2017-16541 (Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to ...)
+CVE-2017-16541
 	{DSA-4327-1 DLA-1575-1}
 	- firefox 62.0-1 (unimportant)
 	- firefox-esr 60.2.0esr-1 (unimportant)
@@ -5817,99 +5817,99 @@ CVE-2017-16541 (Tor Browser before 7.0.9 on macOS and Linux allows remote attack
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2017-16541
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2017-16541
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2017-16541
-CVE-2017-16540 (OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database ...)
+CVE-2017-16540
 	NOT-FOR-US: OpenEMR
-CVE-2017-16539 (The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through ...)
+CVE-2017-16539
 	- docker.io 1.13.1~ds3-1 (bug #900140)
 	NOTE: https://github.com/moby/moby/pull/35399
 	NOTE: https://github.com/moby/moby/pull/35399/commits/a21ecdf3c8a343a7c94e4c4d01b178c87ca7aaa1
-CVE-2017-16538 (drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through ...)
+CVE-2017-16538
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16537 (The imon_probe function in drivers/media/rc/imon.c in the Linux kernel ...)
+CVE-2017-16537
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16536 (The cx231xx_usb_probe function in ...)
+CVE-2017-16536
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16535 (The usb_get_bos_descriptor function in drivers/usb/core/config.c in the ...)
+CVE-2017-16535
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1c0edc3633b56000e18d82fc241e3995ca18a69e
-CVE-2017-16534 (The cdc_parse_cdc_header function in drivers/usb/core/message.c in the ...)
+CVE-2017-16534
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/2e1c42391ff2556387b3cb6308b24f6f65619feb
-CVE-2017-16533 (The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux ...)
+CVE-2017-16533
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f043bfc98c193c284e2cd768fefabe18ac2fed9b
-CVE-2017-16532 (The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux ...)
+CVE-2017-16532
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/7c80f9e4a588f1925b07134bb2e3689335f6c6d8
-CVE-2017-16531 (drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows ...)
+CVE-2017-16531
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb
-CVE-2017-16530 (The uas driver in the Linux kernel before 4.13.6 allows local users to ...)
+CVE-2017-16530
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/786de92b3cb26012d3d0f00ee37adf14527f35c4
-CVE-2017-16529 (The snd_usb_create_streams function in sound/usb/card.c in the Linux ...)
+CVE-2017-16529
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991
-CVE-2017-16528 (sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local ...)
+CVE-2017-16528
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57
-CVE-2017-16527 (sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users ...)
+CVE-2017-16527
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/124751d5e63c823092060074bd0abaae61aaa9c4
-CVE-2017-16526 (drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users ...)
+CVE-2017-16526
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bbf26183b7a6236ba602f4d6a2f7cade35bba043
-CVE-2017-16525 (The usb_serial_console_disconnect function in ...)
+CVE-2017-16525
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16524 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an ...)
+CVE-2017-16524
 	NOT-FOR-US: Samsung SRN-1670D devices
-CVE-2017-16523 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
+CVE-2017-16523
 	NOT-FOR-US: MitraStar
-CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
+CVE-2017-16522
 	NOT-FOR-US: MitraStar
-CVE-2017-16521 (In Inedo BuildMaster before 5.8.2, XslTransform was used where ...)
+CVE-2017-16521
 	NOT-FOR-US: Inedo BuildMaster
-CVE-2017-16520 (Inedo BuildMaster before 5.8.2 does not properly restrict creation of ...)
+CVE-2017-16520
 	NOT-FOR-US: Inedo BuildMaster
 CVE-2017-16519
 	RESERVED
@@ -5917,7 +5917,7 @@ CVE-2017-16518
 	RESERVED
 CVE-2017-16517
 	RESERVED
-CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is ...)
+CVE-2017-16516
 	{DLA-1167-1}
 	- ruby-yajl 1.2.0-3.1 (low; bug #880691)
 	[stretch] - ruby-yajl <no-dsa> (Minor issue)
@@ -5926,72 +5926,72 @@ CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is
 	NOTE: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
 CVE-2017-16515
 	RESERVED
-CVE-2017-16514 (Multiple persistent stored Cross-Site-Scripting (XSS) vulnerabilities ...)
+CVE-2017-16514
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-16513 (Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in ...)
+CVE-2017-16513
 	NOT-FOR-US: Ipswitch WS_FTP Professional
-CVE-2017-16512 (The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 ...)
+CVE-2017-16512
 	NOT-FOR-US: vagrant-vmware-fusion
 CVE-2017-16511
 	RESERVED
-CVE-2017-1000171 (Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to ...)
+CVE-2017-1000171
 	- mahara <removed>
-CVE-2017-1000157 (Mahara 15.04 before 15.04.13 and 16.04 before 16.04.7 and 16.10 before ...)
+CVE-2017-1000157
 	- mahara <removed>
-CVE-2017-1000156 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before ...)
+CVE-2017-1000156
 	- mahara <removed>
-CVE-2017-1000155 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+CVE-2017-1000155
 	- mahara <removed>
-CVE-2017-1000154 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+CVE-2017-1000154
 	- mahara <removed>
-CVE-2017-1000153 (Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before ...)
+CVE-2017-1000153
 	- mahara <removed>
-CVE-2017-1000152 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 ...)
+CVE-2017-1000152
 	- mahara <removed>
-CVE-2017-1000151 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before ...)
+CVE-2017-1000151
 	- mahara <removed>
-CVE-2017-1000150 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to ...)
+CVE-2017-1000150
 	- mahara <removed>
-CVE-2017-1000149 (Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before ...)
+CVE-2017-1000149
 	- mahara <removed>
-CVE-2017-1000148 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+CVE-2017-1000148
 	- mahara <removed>
-CVE-2017-1000147 (Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before ...)
+CVE-2017-1000147
 	- mahara <removed>
-CVE-2017-1000146 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before ...)
+CVE-2017-1000146
 	- mahara <removed>
-CVE-2017-1000145 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before ...)
+CVE-2017-1000145
 	- mahara <removed>
-CVE-2017-1000144 (Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before ...)
+CVE-2017-1000144
 	- mahara <removed>
-CVE-2017-1000143 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+CVE-2017-1000143
 	- mahara <removed>
-CVE-2017-1000142 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+CVE-2017-1000142
 	- mahara <removed>
-CVE-2017-1000141 (An issue was discovered in Mahara before 18.10.0. It mishandled user ...)
+CVE-2017-1000141
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1422492
-CVE-2017-1000140 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+CVE-2017-1000140
 	- mahara <removed>
-CVE-2017-1000139 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+CVE-2017-1000139
 	- mahara <removed>
-CVE-2017-1000138 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to ...)
+CVE-2017-1000138
 	- mahara <removed>
-CVE-2017-1000137 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to ...)
+CVE-2017-1000137
 	- mahara <removed>
-CVE-2017-1000136 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 ...)
+CVE-2017-1000136
 	- mahara <removed>
-CVE-2017-1000135 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+CVE-2017-1000135
 	- mahara <removed>
-CVE-2017-1000134 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 ...)
+CVE-2017-1000134
 	- mahara <removed>
-CVE-2017-1000133 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+CVE-2017-1000133
 	- mahara <removed>
-CVE-2017-1000132 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+CVE-2017-1000132
 	- mahara <removed>
-CVE-2017-1000131 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+CVE-2017-1000131
 	- mahara <removed>
-CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where $wpdb-&gt;prepare() ...)
+CVE-2017-16510
 	{DSA-4090-1 DLA-1160-1}
 	- wordpress 4.8.3+dfsg-1 (bug #880528)
 	NOTE: https://wpvulndb.com/vulnerabilities/8941
@@ -6175,129 +6175,129 @@ CVE-2017-16422
 	REJECTED
 CVE-2017-16421
 	REJECTED
-CVE-2017-16420 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16420
 	NOT-FOR-US: Adobe
-CVE-2017-16419 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16419
 	NOT-FOR-US: Adobe
-CVE-2017-16418 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16418
 	NOT-FOR-US: Adobe
-CVE-2017-16417 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16417
 	NOT-FOR-US: Adobe
-CVE-2017-16416 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16416
 	NOT-FOR-US: Adobe
-CVE-2017-16415 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16415
 	NOT-FOR-US: Adobe
-CVE-2017-16414 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16414
 	NOT-FOR-US: Adobe
-CVE-2017-16413 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16413
 	NOT-FOR-US: Adobe
-CVE-2017-16412 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16412
 	NOT-FOR-US: Adobe
-CVE-2017-16411 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16411
 	NOT-FOR-US: Adobe
-CVE-2017-16410 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16410
 	NOT-FOR-US: Adobe
-CVE-2017-16409 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16409
 	NOT-FOR-US: Adobe
-CVE-2017-16408 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16408
 	NOT-FOR-US: Adobe
-CVE-2017-16407 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16407
 	NOT-FOR-US: Adobe
-CVE-2017-16406 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16406
 	NOT-FOR-US: Adobe
-CVE-2017-16405 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16405
 	NOT-FOR-US: Adobe
-CVE-2017-16404 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16404
 	NOT-FOR-US: Adobe
-CVE-2017-16403 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16403
 	NOT-FOR-US: Adobe
-CVE-2017-16402 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16402
 	NOT-FOR-US: Adobe
-CVE-2017-16401 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16401
 	NOT-FOR-US: Adobe
-CVE-2017-16400 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16400
 	NOT-FOR-US: Adobe
-CVE-2017-16399 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16399
 	NOT-FOR-US: Adobe
-CVE-2017-16398 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16398
 	NOT-FOR-US: Adobe
-CVE-2017-16397 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16397
 	NOT-FOR-US: Adobe
-CVE-2017-16396 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16396
 	NOT-FOR-US: Adobe
-CVE-2017-16395 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16395
 	NOT-FOR-US: Adobe
-CVE-2017-16394 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16394
 	NOT-FOR-US: Adobe
-CVE-2017-16393 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16393
 	NOT-FOR-US: Adobe
-CVE-2017-16392 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16392
 	NOT-FOR-US: Adobe
-CVE-2017-16391 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16391
 	NOT-FOR-US: Adobe
-CVE-2017-16390 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16390
 	NOT-FOR-US: Adobe
-CVE-2017-16389 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16389
 	NOT-FOR-US: Adobe
-CVE-2017-16388 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16388
 	NOT-FOR-US: Adobe
-CVE-2017-16387 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16387
 	NOT-FOR-US: Adobe
-CVE-2017-16386 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16386
 	NOT-FOR-US: Adobe
-CVE-2017-16385 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16385
 	NOT-FOR-US: Adobe
-CVE-2017-16384 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16384
 	NOT-FOR-US: Adobe
-CVE-2017-16383 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16383
 	NOT-FOR-US: Adobe
-CVE-2017-16382 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16382
 	NOT-FOR-US: Adobe
-CVE-2017-16381 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16381
 	NOT-FOR-US: Adobe
-CVE-2017-16380 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16380
 	NOT-FOR-US: Adobe
-CVE-2017-16379 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16379
 	NOT-FOR-US: Adobe
-CVE-2017-16378 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16378
 	NOT-FOR-US: Adobe
-CVE-2017-16377 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16377
 	NOT-FOR-US: Adobe
-CVE-2017-16376 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16376
 	NOT-FOR-US: Adobe
-CVE-2017-16375 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16375
 	NOT-FOR-US: Adobe
-CVE-2017-16374 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16374
 	NOT-FOR-US: Adobe
-CVE-2017-16373 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16373
 	NOT-FOR-US: Adobe
-CVE-2017-16372 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16372
 	NOT-FOR-US: Adobe
-CVE-2017-16371 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16371
 	NOT-FOR-US: Adobe
-CVE-2017-16370 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16370
 	NOT-FOR-US: Adobe
-CVE-2017-16369 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16369
 	NOT-FOR-US: Adobe
-CVE-2017-16368 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16368
 	NOT-FOR-US: Adobe
-CVE-2017-16367 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16367
 	NOT-FOR-US: Adobe
-CVE-2017-16366 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16366
 	NOT-FOR-US: Adobe
-CVE-2017-16365 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16365
 	NOT-FOR-US: Adobe
-CVE-2017-16364 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16364
 	NOT-FOR-US: Adobe
-CVE-2017-16363 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16363
 	NOT-FOR-US: Adobe
-CVE-2017-16362 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16362
 	NOT-FOR-US: Adobe
-CVE-2017-16361 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16361
 	NOT-FOR-US: Adobe
-CVE-2017-16360 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-16360
 	NOT-FOR-US: Adobe
-CVE-2017-16359 (In radare 2.0.1, a pointer wraparound vulnerability exists in ...)
+CVE-2017-16359
 	- radare2 2.1.0+dfsg-1 (bug #880616)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
@@ -6306,23 +6306,23 @@ CVE-2017-16359 (In radare 2.0.1, a pointer wraparound vulnerability exists in ..
 	NOTE: https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882
 	NOTE: https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d
 	NOTE: https://github.com/radare/radare2/issues/8764
-CVE-2017-16358 (In radare 2.0.1, an out-of-bounds read vulnerability exists in ...)
+CVE-2017-16358
 	- radare2 2.1.0+dfsg-1 (bug #880619)
 	[stretch] - radare2 <not-affected> (Vulnerable code introduced later)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9
 	NOTE: https://github.com/radare/radare2/issues/8748
-CVE-2017-16357 (In radare 2.0.1, a memory corruption vulnerability exists in ...)
+CVE-2017-16357
 	- radare2 2.1.0+dfsg-1 (bug #880620)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/radare/radare2/commit/0b973e28166636e0ff1fad80baa0385c9c09c53a
 	NOTE: https://github.com/radare/radare2/issues/8742
-CVE-2017-16356 (Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) ...)
+CVE-2017-16356
 	NOT-FOR-US: Kubik-Rubik SIGE
-CVE-2017-16355 (In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed ...)
+CVE-2017-16355
 	- passenger <unfixed> (bug #884463)
 	- ruby-passenger <removed>
 	[jessie] - ruby-passenger <no-dsa> (Minor issue)
@@ -6334,56 +6334,56 @@ CVE-2017-16355 (In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10
 	NOTE: get the status information.
 CVE-2017-16354
 	RESERVED
-CVE-2017-16353 (GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure ...)
+CVE-2017-16353
 	{DSA-4321-1 DLA-1401-1 DLA-1159-1}
 	- graphicsmagick 1.3.26-17
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8
 	NOTE: https://blogs.securiteam.com/index.php/archives/3494
-CVE-2017-16352 (GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow ...)
+CVE-2017-16352
 	{DSA-4321-1 DLA-1456-1 DLA-1159-1}
 	- graphicsmagick 1.3.26-17
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=7292230dd185
 	NOTE: https://blogs.securiteam.com/index.php/archives/3494
-CVE-2017-1001001 (PluXml version 5.6 is vulnerable to stored cross-site scripting ...)
+CVE-2017-1001001
 	- pluxml 5.6-1 (bug #881796)
 	[stretch] - pluxml <no-dsa> (Minor issue)
 	[jessie] - pluxml <no-dsa> (Minor issue)
 	NOTE: https://github.com/pluxml/PluXml/issues/253
-CVE-2017-1000244 (Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF ...)
+CVE-2017-1000244
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000243 (Jenkins Favorite Plugin 2.1.4 and older does not perform permission ...)
+CVE-2017-1000243
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000242 (Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file ...)
+CVE-2017-1000242
 	NOT-FOR-US: Jenkins plugin
 CVE-2017-16351
 	RESERVED
 CVE-2017-16350
 	RESERVED
-CVE-2017-16349 (An exploitable XML external entity vulnerability exists in the ...)
+CVE-2017-16349
 	NOT-FOR-US: SAP
-CVE-2017-16348 (An exploitable denial of service vulnerability exists in Insteon Hub ...)
+CVE-2017-16348
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16347 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16347
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16346 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16346
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16345 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16345
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16344 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16344
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16343 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16343
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16342 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16342
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16341 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16341
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16340 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16340
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16339 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16339
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16338 (An attacker could send an authenticated HTTP request to trigger this ...)
+CVE-2017-16338
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16337 (On Insteon Hub 2245-222 devices with firmware version 1012, specially ...)
+CVE-2017-16337
 	NOT-FOR-US: Insteon Hub
 CVE-2017-16336
 	RESERVED
@@ -6553,13 +6553,13 @@ CVE-2017-16254
 	RESERVED
 CVE-2017-16253
 	RESERVED
-CVE-2017-16252 (Specially crafted commands sent through the PubNub service in Insteon ...)
+CVE-2017-16252
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16251 (A vulnerability in the conferencing component of Mitel ST 14.2, ...)
+CVE-2017-16251
 	NOT-FOR-US: Mitel
-CVE-2017-16250 (A vulnerability in Mitel ST 14.2, release GA28 and earlier, could ...)
+CVE-2017-16250
 	NOT-FOR-US: Mitel
-CVE-2017-16249 (The Debut embedded http server contains a remotely exploitable denial ...)
+CVE-2017-16249
 	NOT-FOR-US: Debut embedded http server
 CVE-2017-16247
 	RESERVED
@@ -6567,42 +6567,42 @@ CVE-2017-16246
 	RESERVED
 CVE-2017-16245
 	RESERVED
-CVE-2017-16244 (Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) ...)
+CVE-2017-16244
 	NOT-FOR-US: OctoberCMS
 CVE-2017-16243
 	RESERVED
-CVE-2017-16242 (An issue was discovered on MECO USB Memory Stick with Fingerprint ...)
+CVE-2017-16242
 	NOT-FOR-US: MECO
 CVE-2017-1000384
 	REJECTED
-CVE-2017-1000383 (GNU Emacs version 25.3.1 (and other versions most likely) ignores ...)
+CVE-2017-1000383
 	NOTE: This CVE assignment is nonsense, GNU emacs reuses the umask of the original
 	NOTE: file when creating a backup file. That's hardly incorrect behaviour
 	NOTE: Upstream report: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=29182
-CVE-2017-1000382 (VIM version 8.0.1187 (and other versions most likely) ignores umask ...)
+CVE-2017-1000382
 	- vim <unfixed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/31/15
 	NOTE: Cf. http://www.openwall.com/lists/oss-security/2017/11/01/4
 	NOTE: vim creates the .swp file according to the permissions of the file being
 	NOTE: edited, admitely ignoring the umask, so in the reporters case the .swp
 	NOTE: file is readable by others. But that seem to be the intended behaviour.
-CVE-2017-16248 (The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows ...)
+CVE-2017-16248
 	- libcatalyst-plugin-static-simple-perl 0.34-1 (bug #880458)
 	[stretch] - libcatalyst-plugin-static-simple-perl <no-dsa> (Minor issue)
 	[jessie] - libcatalyst-plugin-static-simple-perl <no-dsa> (Minor issue)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=120558
-CVE-2017-16241 (Incorrect access control in AMAG Symmetry Door Edge Network Controllers ...)
+CVE-2017-16241
 	NOT-FOR-US: AMAG Symmetry Door Edge Network Controllers
 CVE-2017-16240
 	RESERVED
-CVE-2017-17051 (An issue was discovered in the default FilterScheduler in OpenStack ...)
+CVE-2017-17051
 	- nova 2:16.0.3-6 (bug #883621)
 	[stretch] - nova <not-affected> (Fix for CVE-2017-16239 not applied and not affecting 14.x.y)
 	[jessie] - nova <not-affected> (Vulnerable code not present)
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/05/5
 	NOTE: https://launchpad.net/bugs/1732976
-CVE-2017-16239 (In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through ...)
+CVE-2017-16239
 	{DSA-4056-1}
 	- nova 2:16.0.3-1 (bug #882009)
 	[jessie] - nova <not-affected> (Vulnerble code introduced later)
@@ -6612,7 +6612,7 @@ CVE-2017-16239 (In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x
 	NOTE: Regression fix: http://www.openwall.com/lists/oss-security/2017/12/05/4
 CVE-2017-16238
 	RESERVED
-CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file ...)
+CVE-2017-16237
 	NOT-FOR-US: Vir.IT eXplorer Anti-Virus
 CVE-2017-16236
 	RESERVED
@@ -6623,7 +6623,6 @@ CVE-2017-16234
 CVE-2017-16233
 	RESERVED
 CVE-2017-16232 [memory-based DoS in tiff2bw]
-	RESERVED
 	- tiff <unfixed> (unimportant)
 	NOTE: http://seclists.org/oss-sec/2017/q4/168
 	NOTE: Related commit: https://gitlab.com/libtiff/libtiff/commit/25f9ffa56548c1846c4a1f19308b7f561f7b1ab0
@@ -6631,18 +6630,17 @@ CVE-2017-16232 [memory-based DoS in tiff2bw]
 	NOTE: The related commit is included in 4.0.9. The underlying memory-based DOS
 	NOTE: would still be present.
 CVE-2017-16231 [match() stack overflow]
-	RESERVED
 	- pcre3 <unfixed> (unimportant)
-CVE-2017-16230 (In admin/write-post.php in Typecho through 1.1, one can log in to the ...)
+CVE-2017-16230
 	NOT-FOR-US: Typecho
-CVE-2017-16229 (In the Ox gem 2.8.1 for Ruby, the process crashes with a stack-based ...)
+CVE-2017-16229
 	- ruby-ox 2.8.2-1
 	[stretch] - ruby-ox <no-dsa> (Minor issue)
 	[jessie] - ruby-ox <no-dsa> (Minor issue)
 	NOTE: https://github.com/ohler55/ox/issues/195
 	NOTE: https://github.com/ohler55/ox/pull/196
 	NOTE: https://github.com/ohler55/ox/commit/0708ae44faf2ffc3d9330daf6ae023859a8b168b
-CVE-2017-16228 (Dulwich before 0.18.5, when an SSH subprocess is used, allows remote ...)
+CVE-2017-16228
 	- dulwich 0.18.5-1
 	[stretch] - dulwich <no-dsa> (Minor issue)
 	[jessie] - dulwich <no-dsa> (Minor issue)
@@ -6650,413 +6648,413 @@ CVE-2017-16228 (Dulwich before 0.18.5, when an SSH subprocess is used, allows re
 	NOTE: https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/
 	NOTE: This is similar class of issue as for CVE-2017-1000117/git
 	NOTE: But needs a separate CVE since different codebasis.
-CVE-2017-16227 (The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 ...)
+CVE-2017-16227
 	{DSA-4011-1 DLA-1152-1}
 	- quagga 1.2.2-1 (bug #879474)
 	NOTE: https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
 	NOTE: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008
-CVE-2017-16226 (The static-eval module is intended to evaluate statically-analyzable ...)
+CVE-2017-16226
 	NOT-FOR-US: static-eval module
-CVE-2017-16225 (aegir is a module to help automate JavaScript project management. ...)
+CVE-2017-16225
 	NOT-FOR-US: aegir
-CVE-2017-16224 (st is a module for serving static files. An attacker is able to craft ...)
+CVE-2017-16224
 	NOT-FOR-US: st
-CVE-2017-16223 (nodeaaaaa is a static file server. nodeaaaaa is vulnerable to a ...)
+CVE-2017-16223
 	NOT-FOR-US: nodeaaaaa
-CVE-2017-16222 (elding is a simple web server. elding is vulnerable to a directory ...)
+CVE-2017-16222
 	NOT-FOR-US: elding
-CVE-2017-16221 (yzt is a simple file server. yzt is vulnerable to a directory ...)
+CVE-2017-16221
 	NOT-FOR-US: yzt
-CVE-2017-16220 (wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory ...)
+CVE-2017-16220
 	NOT-FOR-US: wind-mvc
-CVE-2017-16219 (yttivy is a static file server. yttivy is vulnerable to a directory ...)
+CVE-2017-16219
 	NOT-FOR-US: yttivy
-CVE-2017-16218 (dgard8.lab6 is a static file server. dgard8.lab6 is vulnerable to a ...)
+CVE-2017-16218
 	NOT-FOR-US: dgard8.lab6
-CVE-2017-16217 (fbr-client sends files through sockets via socket.io and webRTC. ...)
+CVE-2017-16217
 	NOT-FOR-US: fbr-client
-CVE-2017-16216 (tencent-server is a simple web server. tencent-server is vulnerable to ...)
+CVE-2017-16216
 	NOT-FOR-US: tencent-server
-CVE-2017-16215 (sgqserve is a simple file server. sgqserve is vulnerable to a ...)
+CVE-2017-16215
 	NOT-FOR-US: sgqserve
-CVE-2017-16214 (peiserver is a static file server. peiserver is vulnerable to a ...)
+CVE-2017-16214
 	NOT-FOR-US: peiserver
-CVE-2017-16213 (mfrserver is a simple file server. mfrserver is vulnerable to a ...)
+CVE-2017-16213
 	NOT-FOR-US: mfrserver
-CVE-2017-16212 (ltt is a static file server. ltt is vulnerable to a directory ...)
+CVE-2017-16212
 	NOT-FOR-US: ltt
-CVE-2017-16211 (lessindex is a static file server. lessindex is vulnerable to a ...)
+CVE-2017-16211
 	NOT-FOR-US: lessindex
-CVE-2017-16210 (jn_jj_server is a static file server. jn_jj_server is vulnerable to a ...)
+CVE-2017-16210
 	NOT-FOR-US: jn_jj_server
-CVE-2017-16209 (enserver is a simple web server. enserver is vulnerable to a directory ...)
+CVE-2017-16209
 	NOT-FOR-US: enserver
-CVE-2017-16208 (dmmcquay.lab6 is a REST server. dmmcquay.lab6 is vulnerable to a ...)
+CVE-2017-16208
 	NOT-FOR-US: dmmcquay.lab6
-CVE-2017-16207 (discordi.js is a malicious module based on the discord.js library that ...)
+CVE-2017-16207
 	NOT-FOR-US: discordi.js
-CVE-2017-16206 (The cofee-script module exfiltrates sensitive data such as a user's ...)
+CVE-2017-16206
 	NOT-FOR-US: cofee-script
-CVE-2017-16205 (The coffescript module exfiltrates sensitive data such as a user's ...)
+CVE-2017-16205
 	NOT-FOR-US:  coffescript
-CVE-2017-16204 (The jquey module exfiltrates sensitive data such as a user's private ...)
+CVE-2017-16204
 	NOT-FOR-US: jquey
-CVE-2017-16203 (The coffe-script module exfiltrates sensitive data such as a user's ...)
+CVE-2017-16203
 	NOT-FOR-US: coffe-script
-CVE-2017-16202 (The cofeescript module exfiltrates sensitive data such as a user's ...)
+CVE-2017-16202
 	NOT-FOR-US: cofeescript
-CVE-2017-16201 (zjjserver is a static file server. zjjserver is vulnerable to a ...)
+CVE-2017-16201
 	NOT-FOR-US: zjjserver
-CVE-2017-16200 (uv-tj-demo is a static file server. uv-tj-demo is vulnerable to a ...)
+CVE-2017-16200
 	NOT-FOR-US: uv-tj-demo
-CVE-2017-16199 (susu-sum is a static file server. susu-sum is vulnerable to a ...)
+CVE-2017-16199
 	NOT-FOR-US: sus-sum
-CVE-2017-16198 (ritp is a static web server. ritp is vulnerable to a directory ...)
+CVE-2017-16198
 	NOT-FOR-US: ritp
-CVE-2017-16197 (qinserve is a static file server. qinserve is vulnerable to a ...)
+CVE-2017-16197
 	NOT-FOR-US: sinserve
-CVE-2017-16196 (quickserver is a simple static file server. quickserver is vulnerable ...)
+CVE-2017-16196
 	NOT-FOR-US: quickserver
-CVE-2017-16195 (pytservce is a static file server. pytservce is vulnerable to a ...)
+CVE-2017-16195
 	NOT-FOR-US: pytservce
-CVE-2017-16194 (picard is a micro framework. picard is vulnerable to a directory ...)
+CVE-2017-16194
 	NOT-FOR-US: picard
-CVE-2017-16193 (mfrs is a static file server. mfrs is vulnerable to a directory ...)
+CVE-2017-16193
 	NOT-FOR-US: mfrs
-CVE-2017-16192 (getcityapi.yoehoehne is a web server. getcityapi.yoehoehne is ...)
+CVE-2017-16192
 	NOT-FOR-US: getcityapi.yoehoehne
-CVE-2017-16191 (cypserver is a static file server. cypserver is vulnerable to a ...)
+CVE-2017-16191
 	NOT-FOR-US: cypserver
-CVE-2017-16190 (dcdcdcdcdc is a static file server. dcdcdcdcdc is vulnerable to a ...)
+CVE-2017-16190
 	NOT-FOR-US: dcdcdcdcdc
-CVE-2017-16189 (sly07 is an API for censoring text. sly07 is vulnerable to a directory ...)
+CVE-2017-16189
 	NOT-FOR-US: sly07
-CVE-2017-16188 (reecerver is a web server. reecerver is vulnerable to a directory ...)
+CVE-2017-16188
 	NOT-FOR-US: reecerver
-CVE-2017-16187 (open-device creates a web interface for any device. open-device is ...)
+CVE-2017-16187
 	NOT-FOR-US: open-device
-CVE-2017-16186 (360class.jansenhm is a static file server. 360class.jansenhm is ...)
+CVE-2017-16186
 	NOT-FOR-US: 360class.jansenhm
-CVE-2017-16185 (uekw1511server is a static file server. uekw1511server is vulnerable ...)
+CVE-2017-16185
 	NOT-FOR-US: uekw1511server
-CVE-2017-16184 (scott-blanch-weather-app is a sample Node.js app using Express 4. ...)
+CVE-2017-16184
 	NOT-FOR-US: scott-blanch-weather-app
-CVE-2017-16183 (iter-server is a static file server. iter-server is vulnerable to a ...)
+CVE-2017-16183
 	NOT-FOR-US: iter-server
-CVE-2017-16182 (serverxxx is a static file server. serverxxx is vulnerable to a ...)
+CVE-2017-16182
 	NOT-FOR-US: serverxxx
-CVE-2017-16181 (wintiwebdev is a static file server. wintiwebdev is vulnerable to a ...)
+CVE-2017-16181
 	NOT-FOR-US: wintiwebdev
-CVE-2017-16180 (serverabc is a static file server. serverabc is vulnerable to a ...)
+CVE-2017-16180
 	NOT-FOR-US: serverabc
-CVE-2017-16179 (dasafio is a web server. dasafio is vulnerable to a directory ...)
+CVE-2017-16179
 	NOT-FOR-US: dasafio
-CVE-2017-16178 (intsol-package is a file server. intsol-package is vulnerable to a ...)
+CVE-2017-16178
 	NOT-FOR-US: intsol-package
-CVE-2017-16177 (chatbyvista is a file server. chatbyvista is vulnerable to a directory ...)
+CVE-2017-16177
 	NOT-FOR-US: chatbyvista
-CVE-2017-16176 (jansenstuffpleasework is a file server. jansenstuffpleasework is ...)
+CVE-2017-16176
 	NOT-FOR-US: jansenstuffpleasework
-CVE-2017-16175 (ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a ...)
+CVE-2017-16175
 	NOT-FOR-US: ewgaddis.lab6
-CVE-2017-16174 (whispercast is a file server. whispercast is vulnerable to a directory ...)
+CVE-2017-16174
 	NOT-FOR-US: whispercast
-CVE-2017-16173 (utahcityfinder constructs lists of Utah cities with a certain prefix. ...)
+CVE-2017-16173
 	NOT-FOR-US: utahcityfinder
-CVE-2017-16172 (section2.madisonjbrooks12 is a simple web server. ...)
+CVE-2017-16172
 	NOT-FOR-US: section2.madisonjbrooks12
-CVE-2017-16171 (hcbserver is a static file server. hcbserver is vulnerable to a ...)
+CVE-2017-16171
 	NOT-FOR-US: hcbserver
-CVE-2017-16170 (liuyaserver is a static file server. liuyaserver is vulnerable to a ...)
+CVE-2017-16170
 	NOT-FOR-US: liuyaserver
-CVE-2017-16169 (looppake is a simple http server. looppake is vulnerable to a ...)
+CVE-2017-16169
 	NOT-FOR-US: looppake
-CVE-2017-16168 (wffserve is vulnerable to a directory traversal issue, giving an ...)
+CVE-2017-16168
 	NOT-FOR-US: wffserve
-CVE-2017-16167 (yyooopack is a simple file server. yyooopack is vulnerable to a ...)
+CVE-2017-16167
 	NOT-FOR-US: yyooopack
-CVE-2017-16166 (byucslabsix is an http server. byucslabsix is vulnerable to a ...)
+CVE-2017-16166
 	NOT-FOR-US: byucslabsix
-CVE-2017-16165 (calmquist.static-server is a static file server. ...)
+CVE-2017-16165
 	NOT-FOR-US: calmquist.static-server
-CVE-2017-16164 (desafio is a simple web server. desafio is vulnerable to a directory ...)
+CVE-2017-16164
 	NOT-FOR-US: desafio
-CVE-2017-16163 (dylmomo is a simple file server. dylmomo is vulnerable to a directory ...)
+CVE-2017-16163
 	NOT-FOR-US: dylmomo
-CVE-2017-16162 (22lixian is a simple file server. 22lixian is vulnerable to a ...)
+CVE-2017-16162
 	NOT-FOR-US: 22lixian
-CVE-2017-16161 (shenliru is a simple file server. shenliru is vulnerable to a ...)
+CVE-2017-16161
 	NOT-FOR-US: shenliru
-CVE-2017-16160 (11xiaoli is a simple file server. 11xiaoli is vulnerable to a ...)
+CVE-2017-16160
 	NOT-FOR-US: 11xiaoli
-CVE-2017-16159 (caolilinode is a simple file server. caolilinode is vulnerable to a ...)
+CVE-2017-16159
 	NOT-FOR-US: caolilinode
-CVE-2017-16158 (dcserver is a static file server. dcserver is vulnerable to a ...)
+CVE-2017-16158
 	NOT-FOR-US: dcserver
-CVE-2017-16157 (censorify.tanisjr is a simple web server and API RESTful service. ...)
+CVE-2017-16157
 	NOT-FOR-US: censorify.tanisjr
-CVE-2017-16156 (myprolyz is a static file server. myprolyz is vulnerable to a ...)
+CVE-2017-16156
 	NOT-FOR-US: myprolyz
-CVE-2017-16155 (fast-http-cli is the command line interface for fast-http, a simple ...)
+CVE-2017-16155
 	NOT-FOR-US: fast-http-cli
-CVE-2017-16154 (earlybird is a web server module for early development. earlybird is ...)
+CVE-2017-16154
 	NOT-FOR-US: earlybird
-CVE-2017-16153 (gaoxuyan is vulnerable to a directory traversal issue, giving an ...)
+CVE-2017-16153
 	NOT-FOR-US: gaoxuyan
-CVE-2017-16152 (static-html-server is a static file server. static-html-server is ...)
+CVE-2017-16152
 	NOT-FOR-US: static-html-server
-CVE-2017-16151 (Based on details posted by the ElectronJS team; A remote code ...)
+CVE-2017-16151
 	NOT-FOR-US: Electron
-CVE-2017-16150 (wanggoujing123 is a simple webserver. wanggoujing123 is vulnerable to ...)
+CVE-2017-16150
 	NOT-FOR-US: wanggoujing123
-CVE-2017-16149 (zwserver is a weather web server. zwserver is vulnerable to a ...)
+CVE-2017-16149
 	NOT-FOR-US: zwserver
-CVE-2017-16148 (serve46 is a static file server. serve46 is vulnerable to a directory ...)
+CVE-2017-16148
 	NOT-FOR-US: serve46
-CVE-2017-16147 (shit-server is a file server. shit-server is vulnerable to a directory ...)
+CVE-2017-16147
 	NOT-FOR-US: shit-server
-CVE-2017-16146 (mockserve is a file server. mockserve is vulnerable to a directory ...)
+CVE-2017-16146
 	NOT-FOR-US: mockserve
-CVE-2017-16145 (sspa is a server dedicated to single-page apps. sspa is vulnerable to ...)
+CVE-2017-16145
 	NOT-FOR-US: sspa
-CVE-2017-16144 (myserver.alexcthomas18 is a file server. myserver.alexcthomas18 is ...)
+CVE-2017-16144
 	NOT-FOR-US: myserver.alexcthomas18
-CVE-2017-16143 (commentapp.stetsonwood is an http server. commentapp.stetsonwood is ...)
+CVE-2017-16143
 	NOT-FOR-US: commentapp.stetsonwood
-CVE-2017-16142 (infraserver is a RESTful server. infraserver is vulnerable to a ...)
+CVE-2017-16142
 	NOT-FOR-US: infraserver
-CVE-2017-16141 (lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a ...)
+CVE-2017-16141
 	NOT-FOR-US: lab6drewfusbyu
-CVE-2017-16140 (lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory ...)
+CVE-2017-16140
 	NOT-FOR-US: lab6.brit95
-CVE-2017-16139 (jikes is a file server. jikes is vulnerable to a directory traversal ...)
+CVE-2017-16139
 	NOT-FOR-US: jikes
-CVE-2017-16138 (The mime module &lt; 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input. ...)
+CVE-2017-16138
 	- node-mime 2.3.1-1 (unimportant; bug #901277)
 	NOTE: https://github.com/broofa/node-mime/issues/167
 	NOTE: https://nodesecurity.io/advisories/535
 	NOTE: https://github.com/broofa/node-mime/commit/855d0c4b8b22e4a80b9401a81f2872058eae274d (1.x)
 	NOTE: https://github.com/broofa/node-mime/commit/1df903fdeb9ae7eaa048795b8d580ce2c98f40b0 (2.x)
 	NOTE: nodejs not covered by security support
-CVE-2017-16137 (The debug module is vulnerable to regular expression denial of service ...)
+CVE-2017-16137
 	- node-debug 3.1.0-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/534
 	NOTE: nodejs not covered by security support
-CVE-2017-16136 (method-override is a module used by the Express.js framework to let ...)
+CVE-2017-16136
 	NOT-FOR-US: method-override nodejs module
-CVE-2017-16135 (serverzyy is a static file server. serverzyy is vulnerable to a ...)
+CVE-2017-16135
 	NOT-FOR-US: serverzyy
-CVE-2017-16134 (http_static_simple is an http server. http_static_simple is vulnerable ...)
+CVE-2017-16134
 	NOT-FOR-US: http_static_simple
-CVE-2017-16133 (goserv is an http server. goserv is vulnerable to a directory ...)
+CVE-2017-16133
 	NOT-FOR-US: goserv
-CVE-2017-16132 (simple-npm-registry is a local npm package cache. simple-npm-registry ...)
+CVE-2017-16132
 	NOT-FOR-US: simple-npm-registry
-CVE-2017-16131 (unicorn-list is a web framework. unicorn-list is vulnerable to a ...)
+CVE-2017-16131
 	NOT-FOR-US: unicorn-list
-CVE-2017-16130 (exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. ...)
+CVE-2017-16130
 	NOT-FOR-US: exxxxxxxxxxx
-CVE-2017-16129 (The HTTP client module superagent is vulnerable to ZIP bomb attacks. ...)
+CVE-2017-16129
 	- node-superagent <unfixed> (unimportant)
 	NOTE: https://github.com/visionmedia/superagent/issues/1259
 	NOTE: https://nodesecurity.io/advisories/479
 	NOTE: nodejs not covered by security support
-CVE-2017-16128 (The module npm-script-demo opened a connection to a command and ...)
+CVE-2017-16128
 	NOT-FOR-US: npm-script-demo
-CVE-2017-16127 (The module pandora-doomsday infects other modules. It's since been ...)
+CVE-2017-16127
 	NOT-FOR-US: pandora-doomsday
-CVE-2017-16126 (The module botbait is a tool to be used to track bot and automated ...)
+CVE-2017-16126
 	NOT-FOR-US: botbait
-CVE-2017-16125 (rtcmulticonnection-client is a signaling implementation for ...)
+CVE-2017-16125
 	NOT-FOR-US: rtcmulticonnection-client
-CVE-2017-16124 (node-server-forfront is a simple static file server. ...)
+CVE-2017-16124
 	NOT-FOR-US: node-server-forfront
-CVE-2017-16123 (welcomyzt is a simple file server. welcomyzt is vulnerable to a ...)
+CVE-2017-16123
 	NOT-FOR-US: welcomyzt
-CVE-2017-16122 (cuciuci is a simple fileserver. cuciuci is vulnerable to a directory ...)
+CVE-2017-16122
 	NOT-FOR-US: cuciuci
-CVE-2017-16121 (datachannel-client is a signaling implementation for DataChannel.js. ...)
+CVE-2017-16121
 	NOT-FOR-US: datachannel-client
-CVE-2017-16120 (liyujing is a static file server. liyujing is vulnerable to a ...)
+CVE-2017-16120
 	NOT-FOR-US: liyujing
-CVE-2017-16119 (Fresh is a module used by the Express.js framework for HTTP response ...)
+CVE-2017-16119
 	- node-fresh <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/526
 	NOTE: nodejs not covered by security support
-CVE-2017-16118 (The forwarded module is used by the Express.js framework to handle the ...)
+CVE-2017-16118
 	NOT-FOR-US: forwarded nodejs module
-CVE-2017-16117 (slug is a module to slugify strings, even if they contain unicode. ...)
+CVE-2017-16117
 	NOT-FOR-US: slug node module
-CVE-2017-16116 (The string module is a module that provides extra string operations. ...)
+CVE-2017-16116
 	NOT-FOR-US: string node module
-CVE-2017-16115 (The timespan module is vulnerable to regular expression denial of ...)
+CVE-2017-16115
 	NOT-FOR-US: timespane node module
-CVE-2017-16114 (The marked module is vulnerable to a regular expression denial of ...)
+CVE-2017-16114
 	- node-marked 0.3.9+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/531
-CVE-2017-16113 (The parsejson module is vulnerable to regular expression denial of ...)
+CVE-2017-16113
 	NOT-FOR-US: parsejson node module
 CVE-2017-16112
 	RESERVED
-CVE-2017-16111 (The content module is a module to parse HTTP Content-* headers. It is ...)
+CVE-2017-16111
 	NOT-FOR-US: node content
-CVE-2017-16110 (weather.swlyons is a simple web server for weather updates. ...)
+CVE-2017-16110
 	NOT-FOR-US: weather.swlyons
-CVE-2017-16109 (easyquick is a simple web server. easyquick is vulnerable to a ...)
+CVE-2017-16109
 	NOT-FOR-US: easyquick
-CVE-2017-16108 (gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is ...)
+CVE-2017-16108
 	NOT-FOR-US: gaoxiaotingtingting
-CVE-2017-16107 (pooledwebsocket is vulnerable to a directory traversal issue, giving ...)
+CVE-2017-16107
 	NOT-FOR-US: pooledwebsocket
-CVE-2017-16106 (tmock is a static file server. tmock is vulnerable to a directory ...)
+CVE-2017-16106
 	NOT-FOR-US: tmock
-CVE-2017-16105 (serverwzl is a simple http server. serverwzl is vulnerable to a ...)
+CVE-2017-16105
 	NOT-FOR-US: serverwzl
-CVE-2017-16104 (citypredict.whauwiller is vulnerable to a directory traversal issue, ...)
+CVE-2017-16104
 	NOT-FOR-US: citypredict.whauwiller
-CVE-2017-16103 (serveryztyzt is a simple http server. serveryztyzt is vulnerable to a ...)
+CVE-2017-16103
 	NOT-FOR-US: serveryztyzt
-CVE-2017-16102 (serverhuwenhui is a simple http server. serverhuwenhui is vulnerable ...)
+CVE-2017-16102
 	NOT-FOR-US: serverhuwenhui
-CVE-2017-16101 (serverwg is a simple http server. serverwg is vulnerable to a ...)
+CVE-2017-16101
 	NOT-FOR-US: serverwg
-CVE-2017-16100 (dns-sync is a sync/blocking dns resolver. If untrusted user input is ...)
+CVE-2017-16100
 	NOT-FOR-US: dns-sync
-CVE-2017-16099 (The no-case module is vulnerable to regular expression denial of ...)
+CVE-2017-16099
 	NOT-FOR-US: no-case
-CVE-2017-16098 (charset 1.0.0 and below are vulnerable to regular expression denial of ...)
+CVE-2017-16098
 	NOT-FOR-US: charset
-CVE-2017-16097 (tiny-http is a simple http server. tiny-http is vulnerable to a ...)
+CVE-2017-16097
 	NOT-FOR-US: tiny-http
-CVE-2017-16096 (serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable ...)
+CVE-2017-16096
 	NOT-FOR-US: serveryaozeyan
-CVE-2017-16095 (serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable ...)
+CVE-2017-16095
 	NOT-FOR-US: serverliujiayi1
-CVE-2017-16094 (iter-http is a server for static files. iter-http is vulnerable to a ...)
+CVE-2017-16094
 	NOT-FOR-US: iter-http
-CVE-2017-16093 (cyber-js is a simple http server. A cyberjs server is vulnerable to a ...)
+CVE-2017-16093
 	NOT-FOR-US: cyber-js
-CVE-2017-16092 (Sencisho is a simple http server for local development. Sencisho is ...)
+CVE-2017-16092
 	NOT-FOR-US: Sencisho
-CVE-2017-16091 (xtalk helps your browser talk to nodex, a simple web framework. xtalk ...)
+CVE-2017-16091
 	NOT-FOR-US: xtalk (not the chat client)
-CVE-2017-16090 (fsk-server is a simple http server. fsk-server is vulnerable to a ...)
+CVE-2017-16090
 	NOT-FOR-US: fsk-server
-CVE-2017-16089 (serverlyr is a simple http server. serverlyr is vulnerable to a ...)
+CVE-2017-16089
 	NOT-FOR-US: serverlyr
-CVE-2017-16088 (The safe-eval module describes itself as a safer version of eval. By ...)
+CVE-2017-16088
 	NOT-FOR-US: safe-eval
 CVE-2017-16087
 	RESERVED
-CVE-2017-16086 (ua-parser is a port of Browserscope's user agent parser. ua-parser is ...)
+CVE-2017-16086
 	NOT-FOR-US: ua-parser
-CVE-2017-16085 (tinyserver2 is a webserver for static files. tinyserver2 is vulnerable ...)
+CVE-2017-16085
 	NOT-FOR-US: tinyserver2
-CVE-2017-16084 (list-n-stream is a server for static files to list and stream local ...)
+CVE-2017-16084
 	NOT-FOR-US: list-n-stream
-CVE-2017-16083 (node-simple-router is a minimalistic router for Node. ...)
+CVE-2017-16083
 	NOT-FOR-US: node-simple-router
-CVE-2017-16082 (A remote code execution vulnerability was found within the pg module ...)
+CVE-2017-16082
 	- node-postgres <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/521
 	NOTE: nodejs not covered by security support
-CVE-2017-16081 (cross-env.js was a malicious module published with the intent to ...)
+CVE-2017-16081
 	NOT-FOR-US: malicious node module
-CVE-2017-16080 (nodesass was a malicious module published with the intent to hijack ...)
+CVE-2017-16080
 	NOT-FOR-US: malicious node module
-CVE-2017-16079 (smb was a malicious module published with the intent to hijack ...)
+CVE-2017-16079
 	NOT-FOR-US: malicious node module
-CVE-2017-16078 (shadowsock was a malicious module published with the intent to hijack ...)
+CVE-2017-16078
 	NOT-FOR-US: malicious node module
-CVE-2017-16077 (mongose was a malicious module published with the intent to hijack ...)
+CVE-2017-16077
 	NOT-FOR-US: malicious node module
-CVE-2017-16076 (proxy.js was a malicious module published with the intent to hijack ...)
+CVE-2017-16076
 	NOT-FOR-US: malicious node module
-CVE-2017-16075 (http-proxy.js was a malicious module published with the intent to ...)
+CVE-2017-16075
 	NOT-FOR-US: malicious node module
-CVE-2017-16074 (crossenv was a malicious module published with the intent to hijack ...)
+CVE-2017-16074
 	NOT-FOR-US: malicious node module
-CVE-2017-16073 (noderequest was a malicious module published with the intent to hijack ...)
+CVE-2017-16073
 	NOT-FOR-US: malicious node module
-CVE-2017-16072 (nodemailer.js was a malicious module published with the intent to ...)
+CVE-2017-16072
 	NOT-FOR-US: malicious node module
-CVE-2017-16071 (nodemailer-js was a malicious module published with the intent to ...)
+CVE-2017-16071
 	NOT-FOR-US: malicious node module
-CVE-2017-16070 (nodecaffe was a malicious module published with the intent to hijack ...)
+CVE-2017-16070
 	NOT-FOR-US: malicious node module
-CVE-2017-16069 (nodeffmpeg was a malicious module published with the intent to hijack ...)
+CVE-2017-16069
 	NOT-FOR-US: malicious node module
-CVE-2017-16068 (ffmepg was a malicious module published with the intent to hijack ...)
+CVE-2017-16068
 	NOT-FOR-US: malicious node module
-CVE-2017-16067 (node-opencv was a malicious module published with the intent to hijack ...)
+CVE-2017-16067
 	NOT-FOR-US: malicious node module
-CVE-2017-16066 (opencv.js was a malicious module published with the intent to hijack ...)
+CVE-2017-16066
 	NOT-FOR-US: malicious node module
-CVE-2017-16065 (openssl.js was a malicious module published with the intent to hijack ...)
+CVE-2017-16065
 	NOT-FOR-US: malicious node module
-CVE-2017-16064 (node-openssl was a malicious module published with the intent to ...)
+CVE-2017-16064
 	NOT-FOR-US: malicious node module
-CVE-2017-16063 (node-opensl was a malicious module published with the intent to hijack ...)
+CVE-2017-16063
 	NOT-FOR-US: malicious node module
-CVE-2017-16062 (node-tkinter was a malicious module published with the intent to ...)
+CVE-2017-16062
 	NOT-FOR-US: malicious node module
-CVE-2017-16061 (tkinter was a malicious module published with the intent to hijack ...)
+CVE-2017-16061
 	NOT-FOR-US: malicious node module
-CVE-2017-16060 (babelcli was a malicious module published with the intent to hijack ...)
+CVE-2017-16060
 	NOT-FOR-US: malicious node module
-CVE-2017-16059 (mssql-node was a malicious module published with the intent to hijack ...)
+CVE-2017-16059
 	NOT-FOR-US: malicious node module
-CVE-2017-16058 (gruntcli was a malicious module published with the intent to hijack ...)
+CVE-2017-16058
 	NOT-FOR-US: malicious node module
-CVE-2017-16057 (nodemssql was a malicious module published with the intent to hijack ...)
+CVE-2017-16057
 	NOT-FOR-US: malicious node module
-CVE-2017-16056 (mssql.js was a malicious module published with the intent to hijack ...)
+CVE-2017-16056
 	NOT-FOR-US: malicious node module
-CVE-2017-16055 (`sqlserver` was a malicious module published with the intent to hijack ...)
+CVE-2017-16055
 	NOT-FOR-US: malicious node module
-CVE-2017-16054 (`nodefabric` was a malicious module published with the intent to ...)
+CVE-2017-16054
 	NOT-FOR-US: malicious node module
-CVE-2017-16053 (`fabric-js` was a malicious module published with the intent to hijack ...)
+CVE-2017-16053
 	NOT-FOR-US: malicious node module
-CVE-2017-16052 (`node-fabric` was a malicious module published with the intent to ...)
+CVE-2017-16052
 	NOT-FOR-US: malicious node module
-CVE-2017-16051 (`sqliter` was a malicious module published with the intent to hijack ...)
+CVE-2017-16051
 	NOT-FOR-US: malicious node module
-CVE-2017-16050 (`sqlite.js` was a malicious module published with the intent to hijack ...)
+CVE-2017-16050
 	NOT-FOR-US: malicious node module
-CVE-2017-16049 (`nodesqlite` was a malicious module published with the intent to ...)
+CVE-2017-16049
 	NOT-FOR-US: malicious node module
-CVE-2017-16048 (`node-sqlite` was a malicious module published with the intent to ...)
+CVE-2017-16048
 	NOT-FOR-US: malicious node module
-CVE-2017-16047 (mysqljs was a malicious module published with the intent to hijack ...)
+CVE-2017-16047
 	NOT-FOR-US: malicious node module
-CVE-2017-16046 (`mariadb` was a malicious module published with the intent to hijack ...)
+CVE-2017-16046
 	NOT-FOR-US: malicious node module
-CVE-2017-16045 (`jquery.js` was a malicious module published with the intent to hijack ...)
+CVE-2017-16045
 	NOT-FOR-US: malicious node module
-CVE-2017-16044 (`d3.js` was a malicious module published with the intent to hijack ...)
+CVE-2017-16044
 	NOT-FOR-US: malicious node module
-CVE-2017-16043 (Shout is an IRC client. Because the `/topic` command in messages is ...)
+CVE-2017-16043
 	NOT-FOR-US: Shout
-CVE-2017-16042 (Growl adds growl notification support to nodejs. Growl before 1.10.2 ...)
+CVE-2017-16042
 	- node-growl 1.10.5-1 (unimportant; bug #900868)
 	NOTE: Issue: https://github.com/tj/node-growl/issues/60
 	NOTE: https://github.com/tj/node-growl/pull/61
 	NOTE: https://nodesecurity.io/advisories/146
 	NOTE: nodejs not covered by security support
-CVE-2017-16041 (ikst versions before 1.1.2 download resources over HTTP, which leaves ...)
+CVE-2017-16041
 	NOT-FOR-US: ikst
-CVE-2017-16040 (gfe-sass is a library for promises (CommonJS/Promises/A,B,D) gfe-sass ...)
+CVE-2017-16040
 	NOT-FOR-US: gfe-sass
-CVE-2017-16039 (`hftp` is a static http or ftp server `hftp` is vulnerable to a ...)
+CVE-2017-16039
 	NOT-FOR-US: hftp
-CVE-2017-16038 (`f2e-server` 1.12.11 and earlier is vulnerable to a directory ...)
+CVE-2017-16038
 	NOT-FOR-US: f2e-server
-CVE-2017-16037 (`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, ...)
+CVE-2017-16037
 	NOT-FOR-US: gomeplus-h5-proxy
-CVE-2017-16036 (`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. ...)
+CVE-2017-16036
 	NOT-FOR-US: badjs-sourcemap-server
-CVE-2017-16035 (The hubl-server module is a wrapper for the HubL Development Server. ...)
+CVE-2017-16035
 	NOT-FOR-US: hubl-server
 CVE-2017-16034
 	RESERVED
@@ -7064,92 +7062,92 @@ CVE-2017-16033
 	RESERVED
 CVE-2017-16032
 	RESERVED
-CVE-2017-16031 (Socket.io is a realtime application framework that provides ...)
+CVE-2017-16031
 	NOT-FOR-US: Socket.io
-CVE-2017-16030 (Useragent is used to parse useragent headers. It uses several regular ...)
+CVE-2017-16030
 	NOT-FOR-US: useragent nodejs module
-CVE-2017-16029 (hostr is a simple web server that serves up the contents of the ...)
+CVE-2017-16029
 	NOT-FOR-US: hostr
-CVE-2017-16028 (react-native-meteor-oauth is a library for Oauth2 login to a Meteor ...)
+CVE-2017-16028
 	NOT-FOR-US: react-native-meteor-oauth
 CVE-2017-16027
 	RESERVED
-CVE-2017-16026 (Request is an http client. If a request is made using ```multipart```, ...)
+CVE-2017-16026
 	- node-request <unfixed> (unimportant; bug #901708)
 	NOTE: https://github.com/request/request/issues/1904
 	NOTE: https://nodesecurity.io/advisories/309
 	NOTE: https://github.com/request/request/pull/2018
 	NOTE: nodejs not covered by security support
-CVE-2017-16025 (Nes is a websocket extension library for hapi. Hapi is a webserver ...)
+CVE-2017-16025
 	NOT-FOR-US: Nes
-CVE-2017-16024 (The sync-exec module is used to simulate child_process.execSync in ...)
+CVE-2017-16024
 	NOT-FOR-US: sync-exec
-CVE-2017-16023 (Decamelize is used to convert a dash/dot/underscore/space separated ...)
+CVE-2017-16023
 	- node-decamelize <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/sindresorhus/decamelize/issues/5
 	NOTE: https://github.com/sindresorhus/decamelize/commit/76d47d8de360afb574da2e34db87430ce11094e0
 	NOTE: nodejs not covered by security support
-CVE-2017-16022 (Morris.js creates an svg graph, with labels that appear when hovering ...)
+CVE-2017-16022
 	NOT-FOR-US: Morris.js
-CVE-2017-16021 (uri-js is a module that tries to fully implement RFC 3986. One of ...)
+CVE-2017-16021
 	NOT-FOR-US: uri-js nodejs module
-CVE-2017-16020 (Summit is a node web framework. When using the PouchDB driver in the ...)
+CVE-2017-16020
 	NOT-FOR-US: Summit
-CVE-2017-16019 (GitBook is a command line tool (and Node.js library) for building ...)
+CVE-2017-16019
 	NOT-FOR-US: GitBook
-CVE-2017-16018 (Restify is a framework for building REST APIs. Restify &gt;=2.0.0 &lt;=4.0.4 ...)
+CVE-2017-16018
 	NOT-FOR-US: Restify
-CVE-2017-16017 (sanitize-html is a library for scrubbing html input for malicious ...)
+CVE-2017-16017
 	NOT-FOR-US: sanitize-html
-CVE-2017-16016 (Sanitize-html is a library for scrubbing html input of malicious ...)
+CVE-2017-16016
 	NOT-FOR-US: sanitize-html
-CVE-2017-16015 (Forms is a library for easily creating HTML forms. Versions before ...)
+CVE-2017-16015
 	NOT-FOR-US: Forms
-CVE-2017-16014 (Http-proxy is a proxying library. Because of the way errors are ...)
+CVE-2017-16014
 	- node-http-proxy <itp> (bug #896978)
 	NOTE: https://nodesecurity.io/advisories/323
 	NOTE: https://github.com/nodejitsu/node-http-proxy/pull/101
-CVE-2017-16013 (hapi is a web and services application framework. When hapi &gt;= 15.0.0 ...)
+CVE-2017-16013
 	NOT-FOR-US: hapi
 CVE-2017-16012
 	REJECTED
 CVE-2017-16011
 	REJECTED
-CVE-2017-16010 (i18next is a language translation framework. When using the .init ...)
+CVE-2017-16010
 	- libjs-i18next <unfixed> (unimportant)
 	NOTE: https://github.com/i18next/i18next/pull/826
 	NOTE: https://nodesecurity.io/advisories/326
 	NOTE: nodejs not covered by security support
-CVE-2017-16009 (ag-grid is an advanced data grid that is library agnostic. ag-grid is ...)
+CVE-2017-16009
 	NOT-FOR-US: ag-grid
-CVE-2017-16008 (i18next is a language translation framework. Because of how the ...)
+CVE-2017-16008
 	NOT-FOR-US: i18next
-CVE-2017-16007 (node-jose is a JavaScript implementation of the JSON Object Signing ...)
+CVE-2017-16007
 	NOT-FOR-US: node-jose
-CVE-2017-16006 (Remarkable is a markdown parser. In versions 1.6.2 and lower, ...)
+CVE-2017-16006
 	NOT-FOR-US: Remarkable
-CVE-2017-16005 (Http-signature is a &quot;Reference implementation of Joyent's HTTP ...)
+CVE-2017-16005
 	- node-http-signature <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/joyent/node-http-signature/issues/10
 	NOTE: https://nodesecurity.io/advisories/318
 	NOTE: nodejs not covered by security support
 CVE-2017-16004
 	RESERVED
-CVE-2017-16003 (windows-build-tools is a module for installing C++ Build Tools for ...)
+CVE-2017-16003
 	NOT-FOR-US: windows-build-tools
 CVE-2017-16002
 	RESERVED
-CVE-2017-16001 (In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) ...)
+CVE-2017-16001
 	NOT-FOR-US: VMware
-CVE-2017-16000 (SQL injection vulnerability in the EyesOfNetwork web interface (aka ...)
+CVE-2017-16000
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-15999 (In the &quot;NQ Contacts Backup &amp; Restore&quot; application 1.1 for Android, no ...)
+CVE-2017-15999
 	NOT-FOR-US: Contacts Backup & Restore
-CVE-2017-15998 (In the &quot;NQ Contacts Backup &amp; Restore&quot; application 1.1 for Android, DES ...)
+CVE-2017-15998
 	NOT-FOR-US: Contacts Backup & Restore
-CVE-2017-15997 (In the &quot;NQ Contacts Backup &amp; Restore&quot; application 1.1 for Android, RC4 ...)
+CVE-2017-15997
 	NOT-FOR-US: Contacts Backup & Restore
-CVE-2017-15996 (elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to ...)
+CVE-2017-15996
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -7159,7 +7157,7 @@ CVE-2017-15996 (elfcomm.c in readelf in GNU Binutils 2.29 allows remote attacker
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d91f0b20e561e326ee91a09a76206257bde8438b
 CVE-2017-15995
 	RESERVED
-CVE-2017-15994 (rsync 3.1.3-development before 2017-10-24 mishandles archaic ...)
+CVE-2017-15994
 	- rsync <not-affected> (Problematic code to allow checksum choice only introduced after 3.1.2 release)
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55
@@ -7170,130 +7168,130 @@ CVE-2017-15994 (rsync 3.1.3-development before 2017-10-24 mishandles archaic ...
 	NOTE: The following commit introduced special handling of archaic versions / handling of
 	NOTE: --checksum-choice option to choose the checksum algorithms:
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=a5a7d3a297b836387b0ac677383bdddaf2ac3598
-CVE-2017-15993 (Zomato Clone Script allows SQL Injection via the restaurant-menu.php ...)
+CVE-2017-15993
 	NOT-FOR-US: Zomato Clone Script
-CVE-2017-15992 (Website Broker Script allows SQL Injection via the 'status_id' ...)
+CVE-2017-15992
 	NOT-FOR-US: Website Broker Script
-CVE-2017-15991 (Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL ...)
+CVE-2017-15991
 	NOT-FOR-US: Vastal I-Tech Agent Zone
-CVE-2017-15990 (Php Inventory &amp; Invoice Management System allows Arbitrary File Upload ...)
+CVE-2017-15990
 	NOT-FOR-US: Php Inventory & Invoice Management System
-CVE-2017-15989 (Online Exam Test Application allows SQL Injection via the resources.php ...)
+CVE-2017-15989
 	NOT-FOR-US: Online Exam Test Application
-CVE-2017-15988 (Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme ...)
+CVE-2017-15988
 	NOT-FOR-US: PHP FAQ Script
-CVE-2017-15987 (Fake Magazine Cover Script allows SQL Injection via the rate.php value ...)
+CVE-2017-15987
 	NOT-FOR-US: Fake Magazine Cover Script
-CVE-2017-15986 (CPA Lead Reward Script allows SQL Injection via the username parameter. ...)
+CVE-2017-15986
 	NOT-FOR-US: CPA Lead Reward Script
-CVE-2017-15985 (Basic B2B Script allows SQL Injection via the product_view1.php pid or ...)
+CVE-2017-15985
 	NOT-FOR-US: Basic B2B Script
-CVE-2017-15984 (Creative Management System (CMS) Lite 1.4 allows SQL Injection via the ...)
+CVE-2017-15984
 	NOT-FOR-US: Creative Management System (CMS) Lite
-CVE-2017-15983 (MyMagazine Magazine &amp; Blog CMS 1.0 allows SQL Injection via the id ...)
+CVE-2017-15983
 	NOT-FOR-US: MyMagazine Magazine & Blog CMS
-CVE-2017-15982 (Dynamic News Magazine &amp; Blog CMS 1.0 allows SQL Injection via the id ...)
+CVE-2017-15982
 	NOT-FOR-US: Dynamic News Magazine & Blog CMS
-CVE-2017-15981 (Responsive Newspaper Magazine &amp; Blog CMS 1.0 allows SQL Injection via ...)
+CVE-2017-15981
 	NOT-FOR-US: Responsive Newspaper Magazine & Blog CMS
-CVE-2017-15980 (US Zip Codes Database Script 1.0 allows SQL Injection via the state ...)
+CVE-2017-15980
 	NOT-FOR-US: US Zip Codes Database Script
-CVE-2017-15979 (Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the ...)
+CVE-2017-15979
 	NOT-FOR-US: Shareet - Photo Sharing Social Network
-CVE-2017-15978 (AROX School ERP PHP Script 1.0 allows SQL Injection via the ...)
+CVE-2017-15978
 	NOT-FOR-US: AROX School ERP PHP Script
-CVE-2017-15977 (Protected Links - Expiring Download Links 1.0 allows SQL Injection via ...)
+CVE-2017-15977
 	NOT-FOR-US: Protected Links - Expiring Download Links
-CVE-2017-15976 (ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid ...)
+CVE-2017-15976
 	NOT-FOR-US: ZeeBuddy
-CVE-2017-15975 (Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the ...)
+CVE-2017-15975
 	NOT-FOR-US: Vastal I-Tech Dating Zone
-CVE-2017-15974 (tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 ...)
+CVE-2017-15974
 	NOT-FOR-US: tPanel
-CVE-2017-15973 (Sokial Social Network Script 1.0 allows SQL Injection via the id ...)
+CVE-2017-15973
 	NOT-FOR-US: Sokial Social Network Script
-CVE-2017-15972 (SoftDatepro Dating Social Network 1.3 allows SQL Injection via the ...)
+CVE-2017-15972
 	NOT-FOR-US: SoftDatepro Dating Social Network
-CVE-2017-15971 (Same Sex Dating Software Pro 1.0 allows SQL Injection via the ...)
+CVE-2017-15971
 	NOT-FOR-US: Same Sex Dating Software Pro
-CVE-2017-15970 (PHP CityPortal 2.0 allows SQL Injection via the nid parameter to ...)
+CVE-2017-15970
 	NOT-FOR-US: PHP CityPortal
-CVE-2017-15969 (PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to ...)
+CVE-2017-15969
 	NOT-FOR-US: PG All Share Video
-CVE-2017-15968 (MyBuilder Clone 1.0 allows SQL Injection via the ...)
+CVE-2017-15968
 	NOT-FOR-US: MyBuilder Clone
-CVE-2017-15967 (Mailing List Manager Pro 3.0 allows SQL Injection via the edit ...)
+CVE-2017-15967
 	NOT-FOR-US: Mailing List Manager Pro
-CVE-2017-15966 (The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! ...)
+CVE-2017-15966
 	NOT-FOR-US: Zh YandexMap
-CVE-2017-15965 (The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for ...)
+CVE-2017-15965
 	NOT-FOR-US: NS Download Shop
-CVE-2017-15964 (Job Board Script Software allows SQL Injection via the PATH_INFO to a ...)
+CVE-2017-15964
 	NOT-FOR-US: Job Board Script Software
-CVE-2017-15963 (iTech Gigs Script 1.21 allows SQL Injection via the ...)
+CVE-2017-15963
 	NOT-FOR-US: iTech Gigs Script
-CVE-2017-15962 (iStock Management System 1.0 allows Arbitrary File Upload via ...)
+CVE-2017-15962
 	NOT-FOR-US: iStock Management System
-CVE-2017-15961 (iProject Management System 1.0 allows SQL Injection via the ID ...)
+CVE-2017-15961
 	NOT-FOR-US: iProject Management System
-CVE-2017-15960 (Article Directory Script 3.0 allows SQL Injection via the id parameter ...)
+CVE-2017-15960
 	NOT-FOR-US: Article Directory Scrip
-CVE-2017-15959 (Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a ...)
+CVE-2017-15959
 	NOT-FOR-US: Adult Script Pro
-CVE-2017-15958 (D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the ...)
+CVE-2017-15958
 	NOT-FOR-US: D-Park Pro Domain Parking Script
-CVE-2017-15957 (my_profile.php in Ingenious School Management System 2.3.0 allows a ...)
+CVE-2017-15957
 	NOT-FOR-US: Ingenious School Management System
-CVE-2017-15956 (ConverTo Video Downloader &amp; Converter 1.4.1 allows Arbitrary File ...)
+CVE-2017-15956
 	NOT-FOR-US: ConverTo Video Downloader
-CVE-2017-15955 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an ...)
+CVE-2017-15955
 	{DSA-4026-1 DLA-1158-1}
 	- bchunk 1.2.0-12.1 (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/4
-CVE-2017-15954 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...)
+CVE-2017-15954
 	{DSA-4026-1 DLA-1158-1}
 	- bchunk 1.2.0-12.1 (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/3
-CVE-2017-15953 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...)
+CVE-2017-15953
 	{DSA-4026-1 DLA-1158-1}
 	- bchunk 1.2.0-12.1 (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/2
 CVE-2017-15952
 	RESERVED
-CVE-2017-15951 (The KEYS subsystem in the Linux kernel before 4.13.10 does not ...)
+CVE-2017-15951
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/363b02dab09b3226f3bd1420dad9c72b79a42a76 (v4.14-rc6)
-CVE-2017-15950 (Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a ...)
+CVE-2017-15950
 	NOT-FOR-US: Flexense SyncBreeze
-CVE-2017-15949 (Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit ...)
+CVE-2017-15949
 	NOT-FOR-US: Xavier PHP Management Panel
-CVE-2017-15948 (Perch Content Management System 3.0.3 allows unrestricted file upload ...)
+CVE-2017-15948
 	NOT-FOR-US: Perch Content Management System
-CVE-2017-15947 (Simple ASC Content Management System v1.2 has XSS in the location field ...)
+CVE-2017-15947
 	NOT-FOR-US: Simple ASC Content Management
-CVE-2017-15946 (In the com_tag component 1.7.6 for Joomla!, a SQL injection ...)
+CVE-2017-15946
 	NOT-FOR-US: Joomla addon
-CVE-2017-15945 (The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, ...)
+CVE-2017-15945
 	NOT-FOR-US: Gentoo installation scripts
-CVE-2017-15944 (Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x ...)
+CVE-2017-15944
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15943 (The configuration file import for applications, spyware and ...)
+CVE-2017-15943
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15942 (Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x ...)
+CVE-2017-15942
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15941 (Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS ...)
+CVE-2017-15941
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15940 (The web interface packet capture management component in Palo Alto ...)
+CVE-2017-15940
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15939 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2017-15939
 	- binutils <not-affected> (Incomplete fix not applied)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22205
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a54018b72d75abf2e74bf36016702da06399c1d9
 	NOTE: https://blogs.gentoo.org/ago/2017/10/24/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c-incomplete-fix-for-cve-2017-15023/
-CVE-2017-15938 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2017-15938
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -7302,31 +7300,31 @@ CVE-2017-15938 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22209
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1b86808a86077722ee4f42ff97f836b12420bb2a
 	NOTE: https://blogs.gentoo.org/ago/2017/10/24/binutils-invalid-memory-read-in-find_abstract_instance_name-dwarf2-c/
-CVE-2017-15937 (Artica Pandora FMS version 7.0 leaks a full installation pathname via ...)
+CVE-2017-15937
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15936 (In Artica Pandora FMS version 7.0, an Attacker with write Permission ...)
+CVE-2017-15936
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15935 (Artica Pandora FMS version 7.0 is vulnerable to remote PHP code ...)
+CVE-2017-15935
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15934 (Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site ...)
+CVE-2017-15934
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15933 (SQL injection vulnerability vulnerability in the EyesOfNetwork web ...)
+CVE-2017-15933
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-15932 (In radare2 2.0.1, an integer exception (negative number leading to an ...)
+CVE-2017-15932
 	- radare2 2.1.0+dfsg-1 (bug #880024)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	NOTE: https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9
 	NOTE: https://github.com/radare/radare2/issues/8743
-CVE-2017-15931 (In radare2 2.0.1, an integer exception (negative number leading to an ...)
+CVE-2017-15931
 	- radare2 2.1.0+dfsg-1 (bug #880025)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	NOTE: https://github.com/radare/radare2/commit/c6d0076c924891ad9948a62d89d0bcdaf965f0cd
 	NOTE: https://github.com/radare/radare2/issues/8731
-CVE-2017-15930 (In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null ...)
+CVE-2017-15930
 	{DSA-4321-1 DLA-1456-1 DLA-1154-1}
 	- graphicsmagick 1.3.26-16 (bug #879999)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=6fc54b6d2be8
@@ -7334,7 +7332,7 @@ CVE-2017-15930 (In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a N
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/518/
 CVE-2017-15929
 	RESERVED
-CVE-2017-15928 (In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation ...)
+CVE-2017-15928
 	- ruby-ox 2.8.2-1 (bug #881445)
 	[stretch] - ruby-ox 2.1.1-2+deb9u1
 	[jessie] - ruby-ox 2.1.1-2+deb8u1
@@ -7346,26 +7344,26 @@ CVE-2017-15926
 	RESERVED
 CVE-2017-15925
 	RESERVED
-CVE-2017-15923 (Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote ...)
+CVE-2017-15923
 	{DSA-4033-1 DLA-1174-1}
 	- konversation 1.7.3-1 (bug #881586)
 	NOTE: https://cgit.kde.org/konversation.git/commit/?h=1.7&id=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0
-CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the ...)
+CVE-2017-15922
 	{DLA-1198-1}
 	- libextractor 1:1.6-2 (low; bug #880016)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=d4d488b0e5ab13dda241d688d87a07816368f117
-CVE-2017-15921 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro ...)
+CVE-2017-15921
 	NOT-FOR-US: Watchdog Anti-Malware
-CVE-2017-15920 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro ...)
+CVE-2017-15920
 	NOT-FOR-US: Watchdog Anti-Malware
-CVE-2017-15918 (Sera 1.2 stores the user's login password in plain text in their home ...)
+CVE-2017-15918
 	NOT-FOR-US: Sera
-CVE-2017-15917 (In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create ...)
+CVE-2017-15917
 	NOT-FOR-US: Paessler PRTG Network Monitor
-CVE-2017-15908 (In systemd 223 through 235, a remote DNS server can respond with a ...)
+CVE-2017-15908
 	- systemd 235-3 (bug #880026)
 	[stretch] - systemd 232-25+deb9u2
 	[jessie] - systemd <not-affected> (Vulnerable code introduced later)
@@ -7373,29 +7371,29 @@ CVE-2017-15908 (In systemd 223 through 235, a remote DNS server can respond with
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
 	NOTE: https://github.com/systemd/systemd/pull/7184
 	NOTE: Fix: https://github.com/systemd/systemd/commit/9f939335a07085aa9a9663efd1dca06ef6405d62
-CVE-2017-15919 (The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has ...)
+CVE-2017-15919
 	NOT-FOR-US: WordPress plugin ultimate-form-builder-lite
 CVE-2017-15916
 	RESERVED
 CVE-2017-15915
 	RESERVED
-CVE-2017-15914 (Incorrect implementation of access controls allows remote users to ...)
+CVE-2017-15914
 	- borgbackup 1.1.3-1
 	[stretch] - borgbackup <not-affected> (Only affects 1.1.0, 1.1.1 and 1.1.2 releases)
 	NOTE: https://borgbackup.readthedocs.io/en/stable/changes.html#version-1-1-3-2017-11-27
-CVE-2017-15913 (The Installer in Whale allows DLL hijacking. ...)
+CVE-2017-15913
 	NOT-FOR-US: Installer in Whale
 CVE-2017-15912
 	RESERVED
-CVE-2017-15911 (The Admin Console in Ignite Realtime Openfire Server before 4.1.7 ...)
+CVE-2017-15911
 	NOT-FOR-US: Ignite Realtime Openfire Server
 CVE-2017-15910
 	RESERVED
-CVE-2017-15909 (D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, ...)
+CVE-2017-15909
 	NOT-FOR-US: D-Link
-CVE-2017-15907 (SQL injection vulnerability in phpCollab 2.5.1 and earlier allows ...)
+CVE-2017-15907
 	NOT-FOR-US: phpCollab
-CVE-2017-15906 (The process_open function in sftp-server.c in OpenSSH before 7.6 does ...)
+CVE-2017-15906
 	{DLA-1500-1}
 	- openssh 1:7.6p1-1 (low)
 	[stretch] - openssh 1:7.4p1-10+deb9u3
@@ -7417,53 +7415,53 @@ CVE-2017-15899
 	RESERVED
 CVE-2017-15898
 	RESERVED
-CVE-2017-15897 (Node.js had a bug in versions 8.X and 9.X which caused buffers to not ...)
+CVE-2017-15897
 	- nodejs <not-affected> (Only affects 8.x and 9.x)
-CVE-2017-15896 (Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards ...)
+CVE-2017-15896
 	- nodejs <not-affected> (HTTP2 module only in 8.x and 9.x and Debian package uses the system copy of OpenSSL)
-CVE-2017-15895 (Directory traversal vulnerability in the SYNO.FileStation.Extract in ...)
+CVE-2017-15895
 	NOT-FOR-US: Synology Router Manager
-CVE-2017-15894 (Directory traversal vulnerability in the SYNO.FileStation.Extract in ...)
+CVE-2017-15894
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-15893 (Directory traversal vulnerability in the SYNO.FileStation.Extract in ...)
+CVE-2017-15893
 	NOT-FOR-US: Synology File Station
-CVE-2017-15892 (Multiple cross-site scripting (XSS) vulnerabilities in Slash Command ...)
+CVE-2017-15892
 	NOT-FOR-US: Synology Chat
-CVE-2017-15891 (Improper access control vulnerability in SYNO.Cal.EventBase in ...)
+CVE-2017-15891
 	NOT-FOR-US: Synology Calendar
-CVE-2017-15890 (Cross-site scripting (XSS) vulnerability in Disclaimer in Synology ...)
+CVE-2017-15890
 	NOT-FOR-US: Synology
-CVE-2017-15889 (Command injection vulnerability in smart.cgi in Synology DiskStation ...)
+CVE-2017-15889
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-15888 (Cross-site scripting (XSS) vulnerability in Custom Internet Radio List ...)
+CVE-2017-15888
 	NOT-FOR-US: Synology
-CVE-2017-15887 (An improper restriction of excessive authentication attempts ...)
+CVE-2017-15887
 	NOT-FOR-US: Synology
-CVE-2017-15886 (Server-side request forgery (SSRF) vulnerability in Link Preview in ...)
+CVE-2017-15886
 	NOT-FOR-US: Synology Chat
-CVE-2017-15885 (Reflected XSS in the web administration portal on the Axis 2100 Network ...)
+CVE-2017-15885
 	NOT-FOR-US: Axis
-CVE-2017-15884 (In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) ...)
+CVE-2017-15884
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
-CVE-2017-15883 (Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow ...)
+CVE-2017-15883
 	NOT-FOR-US: Sitefinity
-CVE-2017-15882 (The London Trust Media Private Internet Access (PIA) application before ...)
+CVE-2017-15882
 	NOT-FOR-US: London Trust Media Private Internet Access (PIA) application
-CVE-2017-15881 (Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 ...)
+CVE-2017-15881
 	NOT-FOR-US: KeystoneJS
-CVE-2017-15880 (SQL injection vulnerability vulnerability in the EyesOfNetwork web ...)
+CVE-2017-15880
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-15879 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists ...)
+CVE-2017-15879
 	NOT-FOR-US: KeystoneJS
-CVE-2017-15878 (A cross-site scripting (XSS) vulnerability exists in ...)
+CVE-2017-15878
 	NOT-FOR-US: KeystoneJS
-CVE-2017-15877 (Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 ...)
+CVE-2017-15877
 	NOT-FOR-US: GPWeb
-CVE-2017-15876 (Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote ...)
+CVE-2017-15876
 	NOT-FOR-US: GPWeb
-CVE-2017-15875 (SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 ...)
+CVE-2017-15875
 	NOT-FOR-US: GPWeb
-CVE-2017-15874 (archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an ...)
+CVE-2017-15874
 	- busybox 1:1.27.2-2 (bug #879732)
 	[stretch] - busybox <not-affected> (Vulnerable code not present)
 	[jessie] - busybox <not-affected> (Vulnerable code not present)
@@ -7471,32 +7469,32 @@ CVE-2017-15874 (archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an
 	NOTE: https://bugs.busybox.net/show_bug.cgi?id=10436
 	NOTE: Introduced in: https://git.busybox.net/busybox/commit/?id=3989e5adf454a3ab98412b249c2c9bd2a3175ae0
 	NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=9ac42c500586fa5f10a1f6d22c3f797df11b1f6b
-CVE-2017-15873 (The get_next_block function in archival/libarchive/decompress_bunzip2.c ...)
+CVE-2017-15873
 	{DLA-1445-1}
 	- busybox 1:1.27.2-2 (bug #879732)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0
 	NOTE: https://bugs.busybox.net/show_bug.cgi?id=10431
-CVE-2017-15872 (phpwcms 1.8.9 has XSS in include/inc_tmpl/admin.edituser.tmpl.php and ...)
+CVE-2017-15872
 	NOT-FOR-US: phpwcms
-CVE-2017-15871 (** DISPUTED ** The deserialize function in serialize-to-js through ...)
+CVE-2017-15871
 	NOT-FOR-US: Disputed serialize-to-js issue
-CVE-2017-15870 (Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers ...)
+CVE-2017-15870
 	NOT-FOR-US: Palo Alto Networks GlobalProtect Agent
-CVE-2017-15869 (Cross-site scripting (XSS) vulnerability in knowledgebase.php in ...)
+CVE-2017-15869
 	NOT-FOR-US: LiveZilla
-CVE-2017-15868 (The bnep_add_connection function in net/bluetooth/bnep/core.c in the ...)
+CVE-2017-15868
 	{DSA-4082-1 DLA-1200-1}
 	- linux 4.0.2-1
 	NOTE: Fixed by: https://git.kernel.org/linus/71bb99a02b32b4cc4265118e85f6035ca72923f0 (v3.19-rc3)
-CVE-2017-15867 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2017-15867
 	NOT-FOR-US: user-login-history plugin for WordPress
 CVE-2017-15866
 	RESERVED
-CVE-2017-15865 (bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in ...)
+CVE-2017-15865
 	- frr <not-affected> (Fixed before initial upload)
-CVE-2017-15864 (In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x ...)
+CVE-2017-15864
 	{DLA-1212-1}
 	- otrs2 4.0.7-2
 	[jessie] - otrs2 3.3.18-1+deb8u2
@@ -7506,49 +7504,49 @@ CVE-2017-15864 (In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x
 	NOTE: DTL template engine that OTRS used up to OTRS 3.3. Starting with OTRS 4
 	NOTE: OTRS switched to a new Template::Toolkit based engine which does not perform
 	NOTE: recursive parsing and not affected by this issue.
-CVE-2017-15863 (Cross Site Scripting (XSS) exists in the wp-noexternallinks plugin ...)
+CVE-2017-15863
 	NOT-FOR-US: WordPress plugin wp-noexternallinks
-CVE-2017-15862 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-15862
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15861 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-15861
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15860 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-15860
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15859 (While processing the ...)
+CVE-2017-15859
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15858
 	RESERVED
-CVE-2017-15857 (In the camera driver, an out-of-bounds access can occur due to an ...)
+CVE-2017-15857
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15856 (Due to a race condition while processing the power stats debug file to ...)
+CVE-2017-15856
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15855 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-15855
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15854 (The value of fix_param-&gt;num_chans is received from firmware and if it ...)
+CVE-2017-15854
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15853 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-15853
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15852 (Information leak of the ISPIF base address in Android for MSM, Firefox ...)
+CVE-2017-15852
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15851 (Lack of copy_from_user and information leak in function ...)
+CVE-2017-15851
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15850 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15850
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15849 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15849
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15848 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15848
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15847 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15847
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15846 (In the video_ioctl2() function in the camera driver in Android for ...)
+CVE-2017-15846
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15845 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15845
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15844 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-15844
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15843 (Due to a race condition in a bus driver, a double free in ...)
+CVE-2017-15843
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15842 (Buffer might get used after it gets freed due to unlocking the mutex ...)
+CVE-2017-15842
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15841
 	RESERVED
@@ -7559,74 +7557,74 @@ CVE-2017-15839
 	RESERVED
 CVE-2017-15838
 	RESERVED
-CVE-2017-15837 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-15837
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15836 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-15836
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15835 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-15835
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15834 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15834
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15833 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15833
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15832
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15831 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15831
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15830 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15830
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15829 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-15829
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15828 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-15828
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15827
 	RESERVED
-CVE-2017-15826 (Due to a race condition in MDSS rotator in Android for MSM, Firefox OS ...)
+CVE-2017-15826
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15825 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-15825
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15824 (In Android releases from CAF using the linux kernel (Android for MSM, ...)
+CVE-2017-15824
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15823 (In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, ...)
+CVE-2017-15823
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-15822
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15821 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15821
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15820 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-15820
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15819
 	RESERVED
-CVE-2017-15818 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-15818
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15817 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-15817
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15816
 	RESERVED
-CVE-2017-15815 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15815
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15814 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15814
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15813 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-15813
 	NOT-FOR-US: Qualcomm closed-source components on Android
-CVE-2017-15812 (The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a ...)
+CVE-2017-15812
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-15811 (The Pootle Button plugin before 1.2.0 for WordPress has XSS via the ...)
+CVE-2017-15811
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-15810 (The PopCash.Net Code Integration Tool plugin before 1.1 for WordPress ...)
+CVE-2017-15810
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-15809 (In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a ...)
+CVE-2017-15809
 	NOT-FOR-US: phpMyFaq
-CVE-2017-15808 (In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php. ...)
+CVE-2017-15808
 	NOT-FOR-US: phpMyFaq
 CVE-2017-15807
 	RESERVED
-CVE-2017-15806 (The send function in the ezcMailMtaTransport class in Zeta Components ...)
+CVE-2017-15806
 	NOT-FOR-US: Zeta Components Mail
-CVE-2017-15805 (Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and ...)
+CVE-2017-15805
 	NOT-FOR-US: Cisco
-CVE-2017-15804 (The glob function in glob.c in the GNU C Library (aka glibc or libc6) ...)
+CVE-2017-15804
 	- glibc 2.25-3 (low; bug #879955)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -7634,11 +7632,11 @@ CVE-2017-15804 (The glob function in glob.c in the GNU C Library (aka glibc or l
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22332
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8
-CVE-2017-15803 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15803
 	NOT-FOR-US: XnView
-CVE-2017-15802 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15802
 	NOT-FOR-US: XnView
-CVE-2017-15801 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15801
 	NOT-FOR-US: XnView
 CVE-2017-15800
 	REJECTED
@@ -7662,134 +7660,134 @@ CVE-2017-15791
 	REJECTED
 CVE-2017-15790
 	REJECTED
-CVE-2017-15789 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15789
 	NOT-FOR-US: XnView
-CVE-2017-15788 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15788
 	NOT-FOR-US: XnView
-CVE-2017-15787 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15787
 	NOT-FOR-US: XnView
-CVE-2017-15786 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15786
 	NOT-FOR-US: XnView
-CVE-2017-15785 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15785
 	NOT-FOR-US: XnView
-CVE-2017-15784 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15784
 	NOT-FOR-US: XnView
-CVE-2017-15783 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15783
 	NOT-FOR-US: XnView
-CVE-2017-15782 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15782
 	NOT-FOR-US: XnView
-CVE-2017-15781 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15781
 	NOT-FOR-US: XnView
-CVE-2017-15780 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15780
 	NOT-FOR-US: XnView
-CVE-2017-15779 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15779
 	NOT-FOR-US: XnView
-CVE-2017-15778 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15778
 	NOT-FOR-US: XnView
-CVE-2017-15777 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15777
 	NOT-FOR-US: XnView
-CVE-2017-15776 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15776
 	NOT-FOR-US: XnView
-CVE-2017-15775 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15775
 	NOT-FOR-US: XnView
-CVE-2017-15774 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
+CVE-2017-15774
 	NOT-FOR-US: XnView
-CVE-2017-15773 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15773
 	NOT-FOR-US: XnView
-CVE-2017-15772 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
+CVE-2017-15772
 	NOT-FOR-US: XnView
 CVE-2017-15771
 	REJECTED
 CVE-2017-15770
 	REJECTED
-CVE-2017-15769 (IrfanView 4.50 - 64bit allows attackers to cause a denial of service or ...)
+CVE-2017-15769
 	NOT-FOR-US: IrfanView
-CVE-2017-15768 (IrfanView version 4.50 - 64bit allows attackers to cause a denial of ...)
+CVE-2017-15768
 	NOT-FOR-US: IrfanView
-CVE-2017-15767 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15767
 	NOT-FOR-US: IrfanView
-CVE-2017-15766 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15766
 	NOT-FOR-US: IrfanView
-CVE-2017-15765 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15765
 	NOT-FOR-US: IrfanView
-CVE-2017-15764 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15764
 	NOT-FOR-US: IrfanView
-CVE-2017-15763 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15763
 	NOT-FOR-US: IrfanView
-CVE-2017-15762 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15762
 	NOT-FOR-US: IrfanView
-CVE-2017-15761 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15761
 	NOT-FOR-US: IrfanView
-CVE-2017-15760 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15760
 	NOT-FOR-US: IrfanView
-CVE-2017-15759 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15759
 	NOT-FOR-US: IrfanView
-CVE-2017-15758 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15758
 	NOT-FOR-US: IrfanView
-CVE-2017-15757 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15757
 	NOT-FOR-US: IrfanView
-CVE-2017-15756 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15756
 	NOT-FOR-US: IrfanView
-CVE-2017-15755 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15755
 	NOT-FOR-US: IrfanView
-CVE-2017-15754 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15754
 	NOT-FOR-US: IrfanView
-CVE-2017-15753 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15753
 	NOT-FOR-US: IrfanView
-CVE-2017-15752 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15752
 	NOT-FOR-US: IrfanView
-CVE-2017-15751 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15751
 	NOT-FOR-US: IrfanView
-CVE-2017-15750 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows ...)
+CVE-2017-15750
 	NOT-FOR-US: IrfanView
-CVE-2017-15749 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15749
 	NOT-FOR-US: IrfanView
-CVE-2017-15748 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15748
 	NOT-FOR-US: IrfanView
-CVE-2017-15747 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15747
 	NOT-FOR-US: IrfanView
-CVE-2017-15746 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15746
 	NOT-FOR-US: IrfanView
-CVE-2017-15745 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15745
 	NOT-FOR-US: IrfanView
-CVE-2017-15744 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15744
 	NOT-FOR-US: IrfanView
-CVE-2017-15743 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15743
 	NOT-FOR-US: IrfanView
-CVE-2017-15742 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15742
 	NOT-FOR-US: IrfanView
-CVE-2017-15741 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15741
 	NOT-FOR-US: IrfanView
-CVE-2017-15740 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15740
 	NOT-FOR-US: IrfanView
-CVE-2017-15739 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15739
 	NOT-FOR-US: IrfanView
-CVE-2017-15738 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15738
 	NOT-FOR-US: IrfanView
-CVE-2017-15737 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows ...)
+CVE-2017-15737
 	NOT-FOR-US: IrfanView
-CVE-2017-15736 (Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 ...)
+CVE-2017-15736
 	{DSA-4228-1}
 	- spip 3.1.4-4 (bug #879954)
 	[wheezy] - spip <not-affected> (vulnerable code not present)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23701
-CVE-2017-15735 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) ...)
+CVE-2017-15735
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15734 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in ...)
+CVE-2017-15734
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15733 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in ...)
+CVE-2017-15733
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15732 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in ...)
+CVE-2017-15732
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15731 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in ...)
+CVE-2017-15731
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15730 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in ...)
+CVE-2017-15730
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15729 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) ...)
+CVE-2017-15729
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15728 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) ...)
+CVE-2017-15728
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15727 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) ...)
+CVE-2017-15727
 	NOT-FOR-US: phpMyFAQ
 CVE-2017-15726
 	RESERVED
@@ -7797,59 +7795,59 @@ CVE-2017-15725
 	RESERVED
 CVE-2017-15724
 	RESERVED
-CVE-2017-15723 (In Irssi before 1.0.5, overlong nicks or targets may result in a NULL ...)
+CVE-2017-15723
 	{DSA-4016-1}
 	- irssi 1.0.5-1 (bug #879521)
 	[wheezy] - irssi <not-affected> (Vulnerable code introduced in 0.8.17)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15722 (In certain cases, Irssi before 1.0.5 may fail to verify that a Safe ...)
+CVE-2017-15722
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15721 (In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages ...)
+CVE-2017-15721
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15720 (In Apache Airflow 1.8.2 and earlier, an authenticated user can execute ...)
+CVE-2017-15720
 	- airflow <itp> (bug #819700)
-CVE-2017-15719 (In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and ...)
+CVE-2017-15719
 	NOT-FOR-US: Wicket jQuery UI
-CVE-2017-15718 (The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the ...)
+CVE-2017-15718
 	- hadoop <itp> (bug #793644)
-CVE-2017-15717 (A flaw in the way URLs are escaped and encoded in the ...)
+CVE-2017-15717
 	NOT-FOR-US: Apache Sling
 CVE-2017-15716
 	RESERVED
-CVE-2017-15715 (In Apache httpd 2.4.0 to 2.4.29, the expression specified in ...)
+CVE-2017-15715
 	{DSA-4164-1}
 	- apache2 2.4.33-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/6
-CVE-2017-15714 (The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape ...)
+CVE-2017-15714
 	NOT-FOR-US: BIRT plugin in Apache OFBiz
-CVE-2017-15713 (Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before ...)
+CVE-2017-15713
 	- hadoop <itp> (bug #793644)
-CVE-2017-15712 (Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 ...)
+CVE-2017-15712
 	NOT-FOR-US: Apache Oozie
 CVE-2017-15711
 	REJECTED
-CVE-2017-15710 (In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to ...)
+CVE-2017-15710
 	{DSA-4164-1 DLA-1389-1}
 	- apache2 2.4.33-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/8
-CVE-2017-15709 (When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 ...)
+CVE-2017-15709
 	- activemq 5.15.3-1 (bug #890352)
 	[stretch] - activemq <no-dsa> (Minor issue)
 	[jessie] - activemq <not-affected> (Issue introduced with OpenWire protocol support)
 	[wheezy] - activemq <not-affected> (Issue introduced with OpenWire protocol support)
-CVE-2017-15708 (In Apache Synapse, by default no authentication is required for Java ...)
+CVE-2017-15708
 	NOT-FOR-US: Apache Synapse
-CVE-2017-15707 (In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated ...)
+CVE-2017-15707
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
-CVE-2017-15706 (As part of the fix for bug 61201, the documentation for Apache Tomcat ...)
+CVE-2017-15706
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.24-1
 	[stretch] - tomcat8 <not-affected> (Issue introduced later)
@@ -7862,50 +7860,50 @@ CVE-2017-15706 (As part of the fix for bug 61201, the documentation for Apache T
 	NOTE: https://svn.apache.org/r1814826 (8.5.x)
 	NOTE: Introduced by fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=61201
 	NOTE: https://lists.apache.org/thread.html/e1ef853fc0079cdb55befbd2dac042934e49288b476d5f6a649e5da2@%3Cannounce.tomcat.apache.org%3E
-CVE-2017-15705 (A denial of service vulnerability was identified that exists in Apache ...)
+CVE-2017-15705
 	{DLA-1578-1}
 	- spamassassin 3.4.2-1 (bug #908969)
 	[stretch] - spamassassin 3.4.2-1~deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/16/1
 CVE-2017-15704
 	REJECTED
-CVE-2017-15703 (Any authenticated user (valid client certificate but without ACL ...)
+CVE-2017-15703
 	NOT-FOR-US: Apache NiFi
-CVE-2017-15702 (In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured ...)
+CVE-2017-15702
 	- qpid-java <itp> (bug #840131)
-CVE-2017-15701 (In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the ...)
+CVE-2017-15701
 	- qpid-java <itp> (bug #840131)
-CVE-2017-15700 (A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid ...)
+CVE-2017-15700
 	NOT-FOR-US: Apache Sling Authentication Service
-CVE-2017-15699 (A Denial of Service vulnerability was found in Apache Qpid Dispatch ...)
+CVE-2017-15699
 	- qpid-dispatch <itp> (bug #737776)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/13/5
-CVE-2017-15698 (When parsing the AIA-Extension field of a client certificate, Apache ...)
+CVE-2017-15698
 	{DSA-4118-1 DLA-1276-1}
 	- tomcat-native 1.2.16-1
 	NOTE: https://lists.apache.org/thread.html/6eb0a53e5827d97db1a05c736d01101fec21202a5b8fc77bb0eaaed8@%3Cannounce.tomcat.apache.org%3E
 	NOTE: http://svn.apache.org/r1815200
 	NOTE: http://svn.apache.org/r1815218
 	NOTE: Affects: 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34
-CVE-2017-15697 (A malicious X-ProxyContextPath or X-Forwarded-Context header ...)
+CVE-2017-15697
 	NOT-FOR-US: Apache NiFi
-CVE-2017-15696 (When an Apache Geode cluster before v1.4.0 is operating in secure ...)
+CVE-2017-15696
 	NOT-FOR-US: Apache Geode
-CVE-2017-15695 (When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with ...)
+CVE-2017-15695
 	NOT-FOR-US: Apache Geode
 CVE-2017-15694
 	RESERVED
-CVE-2017-15693 (In Apache Geode before v1.4.0, the Geode server stores application ...)
+CVE-2017-15693
 	NOT-FOR-US: Apache Geode
-CVE-2017-15692 (In Apache Geode before v1.4.0, the TcpServer within the Geode locator ...)
+CVE-2017-15692
 	NOT-FOR-US: Apache Geode
-CVE-2017-15691 (In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to ...)
+CVE-2017-15691
 	- uimaj 2.10.2-1 (bug #897009)
 	[stretch] - uimaj <no-dsa> (Minor issue)
 	[jessie] - uimaj <no-dsa> (Minor issue)
 	[wheezy] - uimaj <no-dsa> (Minor issue)
 	NOTE: https://uima.apache.org/security_report#CVE-2017-15691
-CVE-2017-15924 (In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing ...)
+CVE-2017-15924
 	{DSA-4009-1}
 	- shadowsocks-libev 3.1.0+ds-2
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-010-shadowsocks-libev/
@@ -7917,7 +7915,7 @@ CVE-2017-15689
 	RESERVED
 CVE-2017-15688
 	RESERVED
-CVE-2017-15687 (DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server ...)
+CVE-2017-15687
 	NOT-FOR-US: Logitech
 CVE-2017-15686
 	RESERVED
@@ -7945,14 +7943,14 @@ CVE-2017-15675
 	RESERVED
 CVE-2017-15674
 	RESERVED
-CVE-2017-15673 (The files function in the administration section in CS-Cart 4.6.2 and ...)
+CVE-2017-15673
 	NOT-FOR-US: CS-Cart
-CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and ...)
+CVE-2017-15672
 	{DSA-4049-1 DLA-1630-1}
 	- ffmpeg 7:3.4-1
 	- libav <removed>
 	NOTE: Fixed by: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904
-CVE-2017-15671 (The glob function in glob.c in the GNU C Library (aka glibc or libc6) ...)
+CVE-2017-15671
 	[experimental] - glibc 2.26-0experimental0
 	- glibc 2.25-3 (low; bug #879500)
 	[stretch] - glibc 2.24-11+deb9u4
@@ -7961,7 +7959,7 @@ CVE-2017-15671 (The glob function in glob.c in the GNU C Library (aka glibc or l
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22325
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c66c908230169c1bab1f83b071eb585baa214b9f
-CVE-2017-15670 (The GNU C Library (aka glibc or libc6) before 2.27 contains an ...)
+CVE-2017-15670
 	[experimental] - glibc 2.26-0experimental0
 	- glibc 2.25-3 (low; bug #879501)
 	[stretch] - glibc 2.24-11+deb9u4
@@ -7975,17 +7973,17 @@ CVE-2017-15669
 	RESERVED
 CVE-2017-15668
 	RESERVED
-CVE-2017-15667 (In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a ...)
+CVE-2017-15667
 	NOT-FOR-US: Flexense SysGauge Server
 CVE-2017-15666
 	RESERVED
-CVE-2017-15665 (In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers ...)
+CVE-2017-15665
 	NOT-FOR-US: Flexense DiskBoss Enterprise
-CVE-2017-15664 (In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol ...)
+CVE-2017-15664
 	NOT-FOR-US: Flexense Sync Breeze Enterprise
-CVE-2017-15663 (In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol ...)
+CVE-2017-15663
 	NOT-FOR-US: Flexense Disk Pulse Enterprise
-CVE-2017-15662 (In Flexense VX Search Enterprise v10.1.12, the Control Protocol ...)
+CVE-2017-15662
 	NOT-FOR-US: Flexense VX Search Enterprise
 CVE-2017-15661
 	RESERVED
@@ -7997,43 +7995,43 @@ CVE-2017-15658
 	RESERVED
 CVE-2017-15657
 	RESERVED
-CVE-2017-15656 (Password are stored in plaintext in nvram in the HTTPd server in all ...)
+CVE-2017-15656
 	NOT-FOR-US: HTTPd server in Asus asuswrt
-CVE-2017-15655 (Multiple buffer overflow vulnerabilities exist in the HTTPd server in ...)
+CVE-2017-15655
 	NOT-FOR-US: HTTPd server in Asus asuswrt
-CVE-2017-15654 (Highly predictable session tokens in the HTTPd server in all current ...)
+CVE-2017-15654
 	NOT-FOR-US: HTTPd server in Asus asuswrt
-CVE-2017-15653 (Improper administrator IP validation after his login in the HTTPd ...)
+CVE-2017-15653
 	NOT-FOR-US: HTTPd server in Asus asuswrt
 CVE-2017-15652
 	RESERVED
-CVE-2017-15651 (PRTG Network Monitor 17.3.33.2830 allows remote authenticated ...)
+CVE-2017-15651
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2017-15649 (net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local ...)
+CVE-2017-15649
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/008ba2a13f2d04c947adc536d19debb8fe66f110
 	NOTE: Fixed by: https://git.kernel.org/linus/4971613c1639d8e5f102c4e797c3bf8f83a5a69e
-CVE-2017-15648 (In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the ...)
+CVE-2017-15648
 	NOT-FOR-US: PHPSUGAR PHP Melody
-CVE-2017-15647 (On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc ...)
+CVE-2017-15647
 	NOT-FOR-US: On FiberHome
-CVE-2017-15646 (Webmin before 1.860 has XSS with resultant remote code execution. Under ...)
+CVE-2017-15646
 	- webmin <removed>
-CVE-2017-15645 (CSRF exists in Webmin 1.850. By sending a GET request to ...)
+CVE-2017-15645
 	- webmin <removed>
-CVE-2017-15644 (SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as ...)
+CVE-2017-15644
 	- webmin <removed>
-CVE-2017-15643 (An active network attacker (MiTM) can achieve remote code execution on ...)
+CVE-2017-15643
 	NOT-FOR-US: IKARUS Anti Virus
-CVE-2017-15650 (musl libc before 1.1.17 has a buffer overflow via crafted DNS replies ...)
+CVE-2017-15650
 	- musl 1.1.17-1
 	[stretch] - musl <no-dsa> (Minor issue)
 	[jessie] - musl <no-dsa> (Minor issue)
 	NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395
-CVE-2017-15642 (In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is ...)
+CVE-2017-15642
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #882144)
 	[stretch] - sox <no-dsa> (Minor issue)
@@ -8041,76 +8039,76 @@ CVE-2017-15642 (In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, t
 	NOTE: https://github.com/mansr/sox/commit/0be259eaa9ce3f3fa587a3ef0cf2c0b9c73167a2
 CVE-2017-15641
 	RESERVED
-CVE-2017-15640 (app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip ...)
+CVE-2017-15640
 	NOT-FOR-US: phpIPAM
-CVE-2017-15639 (tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to ...)
+CVE-2017-15639
 	NOT-FOR-US: Mura CMS
-CVE-2017-15638 (The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux ...)
+CVE-2017-15638
 	NOT-FOR-US: SuSEfirewall2 in SUSE
-CVE-2017-15637 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15637
 	NOT-FOR-US: TP-Link
-CVE-2017-15636 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15636
 	NOT-FOR-US: TP-Link
-CVE-2017-15635 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15635
 	NOT-FOR-US: TP-Link
-CVE-2017-15634 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15634
 	NOT-FOR-US: TP-Link
-CVE-2017-15633 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15633
 	NOT-FOR-US: TP-Link
-CVE-2017-15632 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15632
 	NOT-FOR-US: TP-Link
-CVE-2017-15631 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15631
 	NOT-FOR-US: TP-Link
-CVE-2017-15630 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15630
 	NOT-FOR-US: TP-Link
-CVE-2017-15629 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15629
 	NOT-FOR-US: TP-Link
-CVE-2017-15628 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15628
 	NOT-FOR-US: TP-Link
-CVE-2017-15627 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15627
 	NOT-FOR-US: TP-Link
-CVE-2017-15626 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15626
 	NOT-FOR-US: TP-Link
-CVE-2017-15625 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15625
 	NOT-FOR-US: TP-Link
-CVE-2017-15624 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15624
 	NOT-FOR-US: TP-Link
-CVE-2017-15623 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15623
 	NOT-FOR-US: TP-Link
-CVE-2017-15622 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15622
 	NOT-FOR-US: TP-Link
-CVE-2017-15621 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15621
 	NOT-FOR-US: TP-Link
-CVE-2017-15620 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15620
 	NOT-FOR-US: TP-Link
-CVE-2017-15619 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15619
 	NOT-FOR-US: TP-Link
-CVE-2017-15618 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15618
 	NOT-FOR-US: TP-Link
-CVE-2017-15617 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15617
 	NOT-FOR-US: TP-Link
-CVE-2017-15616 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15616
 	NOT-FOR-US: TP-Link
-CVE-2017-15615 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15615
 	NOT-FOR-US: TP-Link
-CVE-2017-15614 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15614
 	NOT-FOR-US: TP-Link
-CVE-2017-15613 (TP-Link WVR, WAR and ER devices allow remote authenticated ...)
+CVE-2017-15613
 	NOT-FOR-US: TP-Link
-CVE-2017-15612 (mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such ...)
+CVE-2017-15612
 	- mistune 0.8-1 (bug #879098)
 	[stretch] - mistune <no-dsa> (Minor issue)
 	NOTE: https://github.com/lepture/mistune/pull/140
 	NOTE: https://github.com/lepture/mistune/commit/d6f0b6402299bf5a380e7b4e77bd80e8736630fe
-CVE-2017-15611 (In Octopus before 3.17.7, an authenticated user who was explicitly ...)
+CVE-2017-15611
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-15610 (An issue was discovered in Octopus before 3.17.7. When the special ...)
+CVE-2017-15610
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-15609 (Octopus before 3.17.7 allows attackers to obtain sensitive cleartext ...)
+CVE-2017-15609
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-15608 (Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change ...)
+CVE-2017-15608
 	NOT-FOR-US: Inedo ProGet
-CVE-2017-15607 (Inedo Otter before 1.7.4 has directory traversal in filesystem-based ...)
+CVE-2017-15607
 	NOT-FOR-US: Inedo Otter
 CVE-2017-15606
 	RESERVED
@@ -8120,21 +8118,21 @@ CVE-2017-15604
 	RESERVED
 CVE-2017-15603
 	RESERVED
-CVE-2017-15602 (In GNU Libextractor 1.4, there is an integer signedness error for the ...)
+CVE-2017-15602
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (low)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
 	NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=ffab889c1710c7646af9ed360c796a2a0a619efc
-CVE-2017-15601 (In GNU Libextractor 1.4, there is a heap-based buffer overflow in the ...)
+CVE-2017-15601
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (low)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html
 	NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=f813535dad4ad860b989952a46266a1469801091
-CVE-2017-15600 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the ...)
+CVE-2017-15600
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (low)
 	[stretch] - libextractor 1:1.3-4+deb9u1
@@ -8146,7 +8144,7 @@ CVE-2017-15599
 	RESERVED
 CVE-2017-15598
 	RESERVED
-CVE-2017-15597 (An issue was discovered in Xen through 4.9.x. Grant copying code made ...)
+CVE-2017-15597
 	{DSA-4050-1 DLA-1549-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
@@ -8157,28 +8155,28 @@ CVE-2017-15585
 	RESERVED
 CVE-2017-15584
 	RESERVED
-CVE-2017-15583 (The embedded web server on ABB Fox515T 1.0 devices is vulnerable to ...)
+CVE-2017-15583
 	NOT-FOR-US: ABB Fox515T 1.0 devices
-CVE-2017-15582 (In net.MCrypt in the &quot;Diary with lock&quot; (aka WriteDiary) application ...)
+CVE-2017-15582
 	NOT-FOR-US: Diary with lock
-CVE-2017-15581 (In the &quot;Diary with lock&quot; (aka WriteDiary) application 4.72 for Android, ...)
+CVE-2017-15581
 	NOT-FOR-US: Diary with lock
-CVE-2017-15580 (osTicket 1.10.1 provides a functionality to upload 'html' files with ...)
+CVE-2017-15580
 	NOT-FOR-US: osTicket
-CVE-2017-15579 (In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an ...)
+CVE-2017-15579
 	NOT-FOR-US: PHPSUGAR PHP Melody
-CVE-2017-15578 (In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image ...)
+CVE-2017-15578
 	NOT-FOR-US: PHPSUGAR PHP Melody
-CVE-2017-15567 (** DISPUTED ** The certificate import component in IDEMIA (formerly ...)
+CVE-2017-15567
 	NOT-FOR-US: IDEMIA
-CVE-2017-15566 (Insecure SPANK environment variable handling exists in SchedMD Slurm ...)
+CVE-2017-15566
 	{DSA-4023-1}
 	- slurm-llnl 17.02.9-1 (bug #880530)
 	[jessie] - slurm-llnl <not-affected> (Vulnerable code introduced later)
 	[wheezy] - slurm-llnl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4228 (not public)
 	NOTE: Fixed by: https://github.com/SchedMD/slurm/commit/b30e9e9ee2ade6951bfaf28e15ef77325a206971
-CVE-2017-15565 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the ...)
+CVE-2017-15565
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (bug #879066)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103016
@@ -8211,15 +8209,15 @@ CVE-2017-15552
 	REJECTED
 CVE-2017-15551
 	REJECTED
-CVE-2017-15550 (An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, ...)
+CVE-2017-15550
 	NOT-FOR-US: EMC Avamar Server
-CVE-2017-15549 (An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, ...)
+CVE-2017-15549
 	NOT-FOR-US: EMC Avamar Server
-CVE-2017-15548 (An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, ...)
+CVE-2017-15548
 	NOT-FOR-US: EMC Avamar Server
 CVE-2017-15547
 	REJECTED
-CVE-2017-15546 (The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and ...)
+CVE-2017-15546
 	NOT-FOR-US: EMC RSA Authentication Manager
 CVE-2017-15545
 	REJECTED
@@ -8233,42 +8231,42 @@ CVE-2017-15541
 	REJECTED
 CVE-2017-15540
 	REJECTED
-CVE-2017-15539 (SQL Injection exists in zorovavi/blog through 2017-10-17 via the id ...)
+CVE-2017-15539
 	NOT-FOR-US: zorovavi/blog
-CVE-2017-15587 (An integer overflow was discovered in pdf_read_new_xref_section in ...)
+CVE-2017-15587
 	{DSA-4006-2 DSA-4006-1 DLA-1164-1}
 	- mupdf 1.11+ds1-2 (bug #879055)
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698605 (not public)
 	NOTE: https://nandynarwhals.org/CVE-2017-15587/
-CVE-2017-15538 (Stored XSS vulnerability in the Media Objects component of ILIAS before ...)
+CVE-2017-15538
 	NOT-FOR-US: ILIAS
-CVE-2017-15536 (An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x ...)
+CVE-2017-15536
 	NOT-FOR-US: Cloudera Data Science Workbench
-CVE-2017-15535 (MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a ...)
+CVE-2017-15535
 	- mongodb <not-affected> (wire protocol compression introduced in 3.4.x and disabled by default)
 	NOTE: https://jira.mongodb.org/browse/SERVER-31273
-CVE-2017-15534 (The Norton App Lock prior to version 1.3.0.13 can be susceptible to an ...)
+CVE-2017-15534
 	NOT-FOR-US: Noron App Lock
-CVE-2017-15533 (Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, ...)
+CVE-2017-15533
 	NOT-FOR-US: Symantec
-CVE-2017-15532 (Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a ...)
+CVE-2017-15532
 	NOT-FOR-US: Symantec
-CVE-2017-15531 (Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 ...)
+CVE-2017-15531
 	NOT-FOR-US: Symantec
-CVE-2017-15530 (Prior to 4.4.1.10, the Norton Family Android App can be susceptible to ...)
+CVE-2017-15530
 	NOT-FOR-US: Norton
-CVE-2017-15529 (Prior to 4.4.1.10, the Norton Family Android App can be susceptible to ...)
+CVE-2017-15529
 	NOT-FOR-US: Norton
-CVE-2017-15528 (Prior to v 7.6, the Install Norton Security (INS) product can be ...)
+CVE-2017-15528
 	NOT-FOR-US: Install Norton Security
-CVE-2017-15527 (Prior to ITMS 8.1 RU4, the Symantec Management Console can be ...)
+CVE-2017-15527
 	NOT-FOR-US: Symantec
-CVE-2017-15526 (Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be ...)
+CVE-2017-15526
 	NOT-FOR-US: Symantec
-CVE-2017-15525 (Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be ...)
+CVE-2017-15525
 	NOT-FOR-US: Symantec
-CVE-2017-15524 (The Application Firewall Pack (AFP, aka Web Application Firewall) ...)
+CVE-2017-15524
 	NOT-FOR-US: Kemp Load Balancer
 CVE-2017-15523
 	REJECTED
@@ -8278,19 +8276,19 @@ CVE-2017-15521
 	REJECTED
 CVE-2017-15520
 	REJECTED
-CVE-2017-15519 (Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote ...)
+CVE-2017-15519
 	NOT-FOR-US: SnapCenter
-CVE-2017-15518 (All versions of OnCommand API Services prior to 2.1 and NetApp Service ...)
+CVE-2017-15518
 	NOT-FOR-US: NetApp
-CVE-2017-15517 (AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to ...)
+CVE-2017-15517
 	NOT-FOR-US: AltaVault OST Plug-in
-CVE-2017-15516 (NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a ...)
+CVE-2017-15516
 	NOT-FOR-US: NetApp
-CVE-2017-15515 (NetApp SnapCenter Server prior to 4.0 is susceptible to cross site ...)
+CVE-2017-15515
 	NOT-FOR-US: NetApp SnapCenter Server
 CVE-2017-15514
 	RESERVED
-CVE-2017-15568 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, ...)
+CVE-2017-15568
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882544)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8299,7 +8297,7 @@ CVE-2017-15568 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: upstream fixed in 3.2.8, 3.3.5 and 3.4.3
 	NOTE: https://github.com/redmine/redmine/commit/94f7cfbf990028348b9262578acbc53a94fce448
-CVE-2017-15569 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, ...)
+CVE-2017-15569
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882545)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8307,7 +8305,7 @@ CVE-2017-15569 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: https://github.com/redmine/redmine/commit/56c8ee0440d8555aa7822d947ba9091c8a791508
-CVE-2017-15570 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, ...)
+CVE-2017-15570
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882547)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8315,7 +8313,7 @@ CVE-2017-15570 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: https://github.com/redmine/redmine/commit/1a0976417975a128b0a932ba1552c37e9414953b
-CVE-2017-15571 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, ...)
+CVE-2017-15571
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882548)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8323,7 +8321,7 @@ CVE-2017-15571 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: https://github.com/redmine/redmine/commit/273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa
-CVE-2017-15573 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists because ...)
+CVE-2017-15573
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8331,7 +8329,7 @@ CVE-2017-15573 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists becau
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/25503 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15572 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can ...)
+CVE-2017-15572
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8339,7 +8337,7 @@ CVE-2017-15572 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/24416 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15575 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a ...)
+CVE-2017-15575
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8347,7 +8345,7 @@ CVE-2017-15575 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/24307 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15574 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible ...)
+CVE-2017-15574
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8355,7 +8353,7 @@ CVE-2017-15574 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is po
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/24199 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15576 (Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry ...)
+CVE-2017-15576
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8363,7 +8361,7 @@ CVE-2017-15576 (Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entr
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/23803 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15577 (Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of ...)
+CVE-2017-15577
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8371,7 +8369,7 @@ CVE-2017-15577 (Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rende
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/23793 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15537 (The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before ...)
+CVE-2017-15537
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -8543,46 +8541,46 @@ CVE-2017-15432
 	REJECTED
 CVE-2017-15431
 	RESERVED
-CVE-2017-15430 (Unsafe navigation in Chromecast in Google Chrome prior to 63.0.3239.84 ...)
+CVE-2017-15430
 	- chromium-browser <not-affected> (Plugin specific to Chrome)
-CVE-2017-15429 (Inappropriate implementation in V8 WebAssembly JS bindings in Google ...)
+CVE-2017-15429
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15428 (Insufficient data validation in V8 builtins string generator could ...)
+CVE-2017-15428
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15427 (Insufficient policy enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-15427
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15426 (Insufficient policy enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-15426
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15425 (Insufficient policy enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-15425
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15424 (Insufficient policy enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-15424
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15423 (Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior ...)
+CVE-2017-15423
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15422 (Integer overflow in international date handling in International ...)
+CVE-2017-15422
 	{DSA-4150-1}
 	- icu 57.1-9 (bug #892766)
 	[wheezy] - icu <not-affected> (Vulnerable code not present)
@@ -8591,92 +8589,92 @@ CVE-2017-15422 (Integer overflow in international date handling in International
 	NOTE: Issue fixed in: https://ssl.icu-project.org/trac/changeset/40654
 CVE-2017-15421
 	RESERVED
-CVE-2017-15420 (Incorrect handling of back navigations in error pages in Navigation in ...)
+CVE-2017-15420
 	{DSA-4103-1 DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15419 (Insufficient policy enforcement in Resource Timing API in Google Chrome ...)
+CVE-2017-15419
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15418 (Use of uninitialized memory in Skia in Google Chrome prior to ...)
+CVE-2017-15418
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15417 (Inappropriate implementation in Skia canvas composite operations in ...)
+CVE-2017-15417
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15416 (Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 ...)
+CVE-2017-15416
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15415 (Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 ...)
+CVE-2017-15415
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15414
 	RESERVED
-CVE-2017-15413 (Type confusion in WebAssembly in V8 in Google Chrome prior to ...)
+CVE-2017-15413
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15412 (Use after free in libxml2 before 2.9.5, as used in Google Chrome prior ...)
+CVE-2017-15412
 	{DSA-4086-1 DLA-1211-1}
 	- libxml2 2.9.4+dfsg1-5.2 (bug #883790)
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=727039
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783160 (not public)
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=0f3b843b3534784ef57a4f9b874238aa1fda5a73
-CVE-2017-15411 (Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed ...)
+CVE-2017-15411
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15410 (Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed ...)
+CVE-2017-15410
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15409 (Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 ...)
+CVE-2017-15409
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15408 (Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 ...)
+CVE-2017-15408
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15407 (Out-of-bounds Write in the QUIC networking stack in Google Chrome prior ...)
+CVE-2017-15407
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15406 (A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 ...)
+CVE-2017-15406
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15405 (Inappropriate symlink handling and a race condition in the stateful ...)
+CVE-2017-15405
 	NOT-FOR-US: Chrome OS
-CVE-2017-15404 (An ability to process crash dumps under root privileges and ...)
+CVE-2017-15404
 	NOT-FOR-US: Chrome OS
-CVE-2017-15403 (Insufficient data validation in crosh could lead to a command ...)
+CVE-2017-15403
 	NOT-FOR-US: Chrome OS
-CVE-2017-15402 (Using an ID that can be controlled by a compromised renderer which ...)
+CVE-2017-15402
 	NOT-FOR-US: Chrome OS
-CVE-2017-15401 (A memory corruption bug in WebAssembly could lead to out of bounds ...)
+CVE-2017-15401
 	NOT-FOR-US: Chrome OS
-CVE-2017-15400 (Insufficient restriction of IPP filters in CUPS in Google Chrome OS ...)
+CVE-2017-15400
 	{DSA-4243-1}
 	- cups 2.2.3-2
 	[jessie] - cups <not-affected> (Vulnerable code not present, ppdCreateFromIPP() introduced in v2.2.0)
@@ -8685,148 +8683,148 @@ CVE-2017-15400 (Insufficient restriction of IPP filters in CUPS in Google Chrome
 	NOTE: Patches from upstream to restrict what filters will be accpeted
 	NOTE: https://github.com/apple/cups/commit/07428f6a640ff93aa0b4cc69ca372e2cf8490e41 (v2.2.2)
 	NOTE: https://github.com/apple/cups/commit/1add23375658e9163e5493ee19de7c9f7a9b483b (v2.2.2)
-CVE-2017-15399 (A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a ...)
+CVE-2017-15399
 	{DSA-4024-1}
 	- chromium-browser 62.0.3202.89-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15398 (A stack buffer overflow in the QUIC networking stack in Google Chrome ...)
+CVE-2017-15398
 	{DSA-4024-1}
 	- chromium-browser 62.0.3202.89-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15397 (Inappropriate implementation in ChromeVox in Google Chrome OS prior to ...)
+CVE-2017-15397
 	NOT-FOR-US: ChromeVox in Google Chrome OS
-CVE-2017-15396 (A stack buffer overflow in NumberingSystem in International Components ...)
+CVE-2017-15396
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15395 (A use after free in Blink in Google Chrome prior to 62.0.3202.62 ...)
+CVE-2017-15395
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15394 (Insufficient Policy Enforcement in Extensions in Google Chrome prior to ...)
+CVE-2017-15394
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15393 (Insufficient Policy Enforcement in Devtools remote debugging in Google ...)
+CVE-2017-15393
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15392 (Insufficient data validation in V8 in Google Chrome prior to ...)
+CVE-2017-15392
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15391 (Insufficient Policy Enforcement in Extensions in Google Chrome prior to ...)
+CVE-2017-15391
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15390 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-15390
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15389 (An insufficient watchdog timer in navigation in Google Chrome prior to ...)
+CVE-2017-15389
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15388 (Iteration through non-finite points in Skia in Google Chrome prior to ...)
+CVE-2017-15388
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15387 (Insufficient enforcement of Content Security Policy in Blink in Google ...)
+CVE-2017-15387
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15386 (Incorrect implementation in Blink in Google Chrome prior to ...)
+CVE-2017-15386
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15385 (The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...)
+CVE-2017-15385
 	- radare2 2.1.0+dfsg-1 (bug #879119)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	NOTE: https://github.com/radare/radare2/issues/8685
 	NOTE: https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4
-CVE-2017-15384 (rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action. ...)
+CVE-2017-15384
 	NOT-FOR-US: Rate Me
-CVE-2017-15383 (Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, ...)
+CVE-2017-15383
 	NOT-FOR-US: Nero
 CVE-2017-15382
 	RESERVED
-CVE-2017-15381 (SQL Injection exists in E-Sic 1.0 via the f parameter to ...)
+CVE-2017-15381
 	NOT-FOR-US: E-Sic
-CVE-2017-15380 (XSS exists in the E-Sic 1.0 /cadastro/index.php URI (aka the ...)
+CVE-2017-15380
 	NOT-FOR-US: E-Sic
-CVE-2017-15379 (An authentication bypass exists in the E-Sic 1.0 /index (aka login) URI ...)
+CVE-2017-15379
 	NOT-FOR-US: E-Sic
-CVE-2017-15378 (SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the ...)
+CVE-2017-15378
 	NOT-FOR-US: E-Sic
-CVE-2017-15377 (In Suricata before 4.x, it was possible to trigger lots of redundant ...)
+CVE-2017-15377
 	{DLA-1603-1}
 	- suricata 1:4.0.0-1 (low)
 	[stretch] - suricata <no-dsa> (Minor issue)
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/pull/2680/commits/47afc577ff763150f9b47f10331f5ef9eb847a57
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2231
-CVE-2017-15376 (The TELNET service in Mobatek MobaXterm 10.4 does not require ...)
+CVE-2017-15376
 	NOT-FOR-US: Mobatek MobaXterm
-CVE-2017-15375 (Multiple client-side cross site scripting vulnerabilities have been ...)
+CVE-2017-15375
 	NOT-FOR-US: WpJobBoard
-CVE-2017-15374 (Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the ...)
+CVE-2017-15374
 	NOT-FOR-US: Shopware
-CVE-2017-15373 (E-Sic 1.0 allows SQL injection via the q parameter to ...)
+CVE-2017-15373
 	NOT-FOR-US: E-Sic
-CVE-2017-15372 (There is a stack-based buffer overflow in the ...)
+CVE-2017-15372
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878808)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553
 	NOTE: https://github.com/mansr/sox/commit/001c337552912d286ba68086ac378f6fdc1e8b50
-CVE-2017-15371 (There is a reachable assertion abort in the function ...)
+CVE-2017-15371
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878809)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500570
 	NOTE: https://github.com/mansr/sox/commit/818bdd0ccc1e5b6cae742c740c17fd414935cf39
-CVE-2017-15370 (There is a heap-based buffer overflow in the ImaExpandS function of ...)
+CVE-2017-15370
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878810)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500554
 	NOTE: https://github.com/mansr/sox/commit/ef3d8be0f80cbb650e4766b545d61e10d7a24c9e
-CVE-2017-15369 (The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF ...)
+CVE-2017-15369
 	- mupdf <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=c2663e51238ec8256da7fc61ad580db891d9fe9a
 	NOTE: Introduced by: http://git.ghostscript.com/?p=mupdf.git;h=2707fa9e8e6d17d794330e719dec1b08161fb045
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698592
-CVE-2017-15368 (The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 ...)
+CVE-2017-15368
 	- radare2 2.1.0+dfsg-1 (bug #878767)
 	[stretch] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	NOTE: https://github.com/radare/radare2/issues/8673
 	NOTE: https://github.com/radare/radare2/commit/52b1526443c1f433087928291d1c3d37a5600515
-CVE-2017-15367 (Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection ...)
+CVE-2017-15367
 	NOT-FOR-US: Bacula-Web
-CVE-2017-15366 (Before Thornberry NDoc version 8.0, laptop clients and the server have ...)
+CVE-2017-15366
 	NOT-FOR-US: Thornberry NDoc
-CVE-2017-15365 (sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before ...)
+CVE-2017-15365
 	{DSA-4341-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 1:10.1.34-1 (bug #885345)
@@ -8841,204 +8839,204 @@ CVE-2017-15365 (sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x b
 	NOTE: Likely (unconfirmed) fix: https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e?diff=unified
 	NOTE: Possibly only introduced with https://github.com/MariaDB/server/commit/df4dd593f29aec8e2116aec1775ad4b8833d8c93 (mariadb-10.1.1)
 	NOTE: starting to be present in mariadb-10.1.1.
-CVE-2017-15364 (The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote ...)
+CVE-2017-15364
 	NOT-FOR-US: ccsv
-CVE-2017-15363 (Directory traversal vulnerability in ...)
+CVE-2017-15363
 	NOT-FOR-US: Luracast Restler
-CVE-2017-15362 (osTicket 1.10.1 allows arbitrary client-side JavaScript code execution ...)
+CVE-2017-15362
 	NOT-FOR-US: osTicket
-CVE-2017-15361 (The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module ...)
+CVE-2017-15361
 	NOT-FOR-US: Infineon RSA library
-CVE-2017-15360 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored ...)
+CVE-2017-15360
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2017-15359 (In the 3CX Phone System 15.5.3554.1, the Management Console typically ...)
+CVE-2017-15359
 	NOT-FOR-US: 3CX Phone System
-CVE-2017-15358 (Race condition in the Charles Proxy Settings suid binary in Charles ...)
+CVE-2017-15358
 	NOT-FOR-US: Charles Proxy
-CVE-2017-15357 (The setpermissions function in the auto-updater in Arq before 5.9.7 ...)
+CVE-2017-15357
 	NOT-FOR-US: Arq
-CVE-2017-15356 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, ...)
+CVE-2017-15356
 	NOT-FOR-US: Huawei
-CVE-2017-15355 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, ...)
+CVE-2017-15355
 	NOT-FOR-US: Huawei
-CVE-2017-15354 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, ...)
+CVE-2017-15354
 	NOT-FOR-US: Huawei
-CVE-2017-15353 (Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, ...)
+CVE-2017-15353
 	NOT-FOR-US: Huawei
-CVE-2017-15352 (Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, ...)
+CVE-2017-15352
 	NOT-FOR-US: Huawei
-CVE-2017-15351 (The 'Find Phone' function in Huawei Honor V9 play smart phones with ...)
+CVE-2017-15351
 	NOT-FOR-US: Huawei
-CVE-2017-15350 (The Common Open Policy Service Protocol (COPS) module in Huawei DP300 ...)
+CVE-2017-15350
 	NOT-FOR-US: Huawei
-CVE-2017-15349 (Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, ...)
+CVE-2017-15349
 	NOT-FOR-US: Huawei
-CVE-2017-15348 (Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 ...)
+CVE-2017-15348
 	NOT-FOR-US: Huawei
-CVE-2017-15347 (Huawei Mate 9 Pro mobile phones with software of versions earlier than ...)
+CVE-2017-15347
 	NOT-FOR-US: Huawei
-CVE-2017-15346 (XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, ...)
+CVE-2017-15346
 	NOT-FOR-US: Huawei
-CVE-2017-15345 (Huawei Smartphones with software LON-L29DC721B186 have a denial of ...)
+CVE-2017-15345
 	NOT-FOR-US: Huawei
-CVE-2017-15344 (Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, ...)
+CVE-2017-15344
 	NOT-FOR-US: Huawei
-CVE-2017-15343 (Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, ...)
+CVE-2017-15343
 	NOT-FOR-US: Huawei
-CVE-2017-15342 (Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106 V100R002C00, eSpace ...)
+CVE-2017-15342
 	NOT-FOR-US: Huawei
-CVE-2017-15341 (Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50 ...)
+CVE-2017-15341
 	NOT-FOR-US: Huawei
-CVE-2017-15340 (Huawei smartphones with software of TAG-AL00C92B168 have an ...)
+CVE-2017-15340
 	NOT-FOR-US: Huawei
-CVE-2017-15339 (The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, ...)
+CVE-2017-15339
 	NOT-FOR-US: Huawei
-CVE-2017-15338 (The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, ...)
+CVE-2017-15338
 	NOT-FOR-US: Huawei
-CVE-2017-15337 (The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, ...)
+CVE-2017-15337
 	NOT-FOR-US: Huawei
-CVE-2017-15336 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module ...)
+CVE-2017-15336
 	NOT-FOR-US: Huawei
-CVE-2017-15335 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module ...)
+CVE-2017-15335
 	NOT-FOR-US: Huawei
-CVE-2017-15334 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module ...)
+CVE-2017-15334
 	NOT-FOR-US: Huawei
-CVE-2017-15333 (XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, ...)
+CVE-2017-15333
 	NOT-FOR-US: Huawei
-CVE-2017-15332 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-15332
 	NOT-FOR-US: Huawei
-CVE-2017-15331 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, ...)
+CVE-2017-15331
 	NOT-FOR-US: Huawei
-CVE-2017-15330 (The Flp Driver in some Huawei smartphones of the software ...)
+CVE-2017-15330
 	NOT-FOR-US: Huawei
-CVE-2017-15329 (Huawei UMA V200R001C00 has a SQL injection vulnerability in the ...)
+CVE-2017-15329
 	NOT-FOR-US: Huawei
-CVE-2017-15328 (Huawei HG8245H version earlier than V300R018C00SPC110 has an ...)
+CVE-2017-15328
 	NOT-FOR-US: Huawei
-CVE-2017-15327 (S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, ...)
+CVE-2017-15327
 	NOT-FOR-US: Huawei
-CVE-2017-15326 (DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption ...)
+CVE-2017-15326
 	NOT-FOR-US: Huawei
-CVE-2017-15325 (The Bdat driver of Prague smart phones with software versions earlier ...)
+CVE-2017-15325
 	NOT-FOR-US: Bdat driver of Prague smart phones
-CVE-2017-15324 (Huawei S5700 and S6700 with software of V200R005C00 have a DoS ...)
+CVE-2017-15324
 	NOT-FOR-US: Huawei
-CVE-2017-15323 (Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, ...)
+CVE-2017-15323
 	NOT-FOR-US: Huawei
-CVE-2017-15322 (Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 ...)
+CVE-2017-15322
 	NOT-FOR-US: Huawei
-CVE-2017-15321 (Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an ...)
+CVE-2017-15321
 	NOT-FOR-US: Huawei
-CVE-2017-15320 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, ...)
+CVE-2017-15320
 	NOT-FOR-US: Huawei
-CVE-2017-15319 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, ...)
+CVE-2017-15319
 	NOT-FOR-US: Huawei
-CVE-2017-15318 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, ...)
+CVE-2017-15318
 	NOT-FOR-US: Huawei
-CVE-2017-15317 (AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 ...)
+CVE-2017-15317
 	NOT-FOR-US: Huawei
-CVE-2017-15316 (The GPU driver of Mate 9 Huawei smart phones with software before ...)
+CVE-2017-15316
 	NOT-FOR-US: Huawei
-CVE-2017-15315 (Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, ...)
+CVE-2017-15315
 	NOT-FOR-US: Huawei
-CVE-2017-15314 (Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 ...)
+CVE-2017-15314
 	NOT-FOR-US: Huawei
-CVE-2017-15313 (Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An ...)
+CVE-2017-15313
 	NOT-FOR-US: Huawei
-CVE-2017-15312 (Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) ...)
+CVE-2017-15312
 	NOT-FOR-US: Huawei
-CVE-2017-15311 (The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro ...)
+CVE-2017-15311
 	NOT-FOR-US: Huawei
-CVE-2017-15310 (Huawei iReader app before 8.0.2.301 has an arbitrary file deletion ...)
+CVE-2017-15310
 	NOT-FOR-US: Huawei
-CVE-2017-15309 (Huawei iReader app before 8.0.2.301 has a path traversal vulnerability ...)
+CVE-2017-15309
 	NOT-FOR-US: Huawei
-CVE-2017-15308 (Huawei iReader app before 8.0.2.301 has an input validation ...)
+CVE-2017-15308
 	NOT-FOR-US: Huawei
-CVE-2017-15307 (Huawei Honor 8 smartphone with software versions earlier than ...)
+CVE-2017-15307
 	NOT-FOR-US: Huawei
-CVE-2017-15306 (The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c ...)
+CVE-2017-15306
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/ac64115a66c18c01745bbd3c47a36b124e5fd8c0 (4.14-rc7)
-CVE-2017-15305 (XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php. ...)
+CVE-2017-15305
 	NOT-FOR-US: NexusPHP
-CVE-2017-15304 (/bin/login.php in the Web Panel on the Airtame HDMI dongle with ...)
+CVE-2017-15304
 	NOT-FOR-US: Airtame HDMI dongle
-CVE-2017-15303 (In CPUID CPU-Z before 1.43, there is an arbitrary memory write that ...)
+CVE-2017-15303
 	NOT-FOR-US: CPUID CPU-Z
-CVE-2017-15302 (In CPUID CPU-Z through 1.81, there are improper access rights to a ...)
+CVE-2017-15302
 	NOT-FOR-US: CPUID CPU-Z
 CVE-2017-15301
 	RESERVED
-CVE-2017-15300 (The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b ...)
+CVE-2017-15300
 	NOT-FOR-US: EWBF Cuda Zcash Miner
-CVE-2017-15299 (The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of ...)
+CVE-2017-15299
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/60ff5b2f547af3828aebafd54daded44cfb0807a (4.14-rc6)
-CVE-2017-15298 (Git through 2.14.2 mishandles layers of tree objects, which allows ...)
+CVE-2017-15298
 	- git <unfixed> (unimportant)
 	NOTE: https://kate.io/blog/git-bomb/
 	NOTE: https://github.com/Katee/git-bomb
 	NOTE: No practical security implications
-CVE-2017-15297 (SAP Hostcontrol does not require authentication for the SOAP ...)
+CVE-2017-15297
 	NOT-FOR-US: SAP
-CVE-2017-15296 (The Java component in SAP CRM has CSRF. This is SAP Security Note ...)
+CVE-2017-15296
 	NOT-FOR-US: SAP
-CVE-2017-15295 (Xpress Server in SAP POS does not require authentication for ...)
+CVE-2017-15295
 	NOT-FOR-US: SAP
-CVE-2017-15294 (The Java administration console in SAP CRM has XSS. This is SAP ...)
+CVE-2017-15294
 	NOT-FOR-US: SAP
-CVE-2017-15293 (Xpress Server in SAP POS does not require authentication for file read ...)
+CVE-2017-15293
 	NOT-FOR-US: SAP
 CVE-2017-15292
 	RESERVED
-CVE-2017-15291 (Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering ...)
+CVE-2017-15291
 	NOT-FOR-US: TP-LINK TL-MR3220 wireless routers
-CVE-2017-15290 (Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before ...)
+CVE-2017-15290
 	NOT-FOR-US: Mirasys Video Management System
-CVE-2017-15594 (An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest ...)
+CVE-2017-15594
 	{DSA-4050-1 DLA-1559-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <ignored> (minor issue)
 	NOTE: https://xenbits.xen.org/xsa/advisory-244.html
-CVE-2017-15592 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
+CVE-2017-15592
 	{DSA-4050-1 DLA-1559-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-243.html
-CVE-2017-15593 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
+CVE-2017-15593
 	{DSA-4050-1 DLA-1559-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-242.html
-CVE-2017-15588 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
+CVE-2017-15588
 	{DSA-4050-1 DLA-1549-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-241.html
-CVE-2017-15595 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
+CVE-2017-15595
 	{DSA-4050-1 DLA-1559-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-240.html
-CVE-2017-15589 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
+CVE-2017-15589
 	{DSA-4050-1 DLA-1549-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-239.html
-CVE-2017-15591 (An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers ...)
+CVE-2017-15591
 	{DSA-4050-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-238.html
-CVE-2017-15590 (An issue was discovered in Xen through 4.9.x allowing x86 guest OS ...)
+CVE-2017-15590
 	{DSA-4050-1 DLA-1549-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <no-dsa> (Patches too intrusive to backport)
 	NOTE: https://xenbits.xen.org/xsa/advisory-237.html
-CVE-2017-15289 (The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow ...)
+CVE-2017-15289
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.11+dfsg-1 (bug #880832)
 	[wheezy] - qemu <postponed> (Can be fixed along in a future update)
@@ -9046,31 +9044,31 @@ CVE-2017-15289 (The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.html
 	NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=eb38e1bc3740725ca29a535351de94107ec58d51
-CVE-2017-15288 (The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, ...)
+CVE-2017-15288
 	- scala 2.11.12-1 (unimportant)
 	NOTE: http://scala-lang.org/news/security-update-nov17.html
 	NOTE: For 2.11.x: https://github.com/scala/scala/pull/6108
 	NOTE: For 2.12.x: https://github.com/scala/scala/pull/6120
 	NOTE: For 2.10.x: https://github.com/scala/scala/pull/6128
 	NOTE: Neutralised by kernel hardening
-CVE-2017-15287 (There is XSS in the BouquetEditor WebPlugin for Dream Multimedia ...)
+CVE-2017-15287
 	NOT-FOR-US: BouquetEditor WebPlugin
-CVE-2017-15286 (SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in ...)
+CVE-2017-15286
 	- sqlite3 3.20.1-2 (low; bug #878680)
 	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
 	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md
 	NOTE: https://www.sqlite.org/src/info/5d0ceb8dcdef92cd
-CVE-2017-15285 (X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote ...)
+CVE-2017-15285
 	NOT-FOR-US: X-Cart
-CVE-2017-15284 (Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), ...)
+CVE-2017-15284
 	NOT-FOR-US: OctoberCMS
 CVE-2017-15283
 	RESERVED
 CVE-2017-15282
 	RESERVED
-CVE-2017-15281 (ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote ...)
+CVE-2017-15281
 	{DLA-1139-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878579)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -9078,13 +9076,13 @@ CVE-2017-15281 (ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remot
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/832
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e9d1c2adae866861a291535997b2263f26becb1e
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/32cbfceeee57962321b2ead627129c9d9ffbfcdb
-CVE-2017-15280 (XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 ...)
+CVE-2017-15280
 	NOT-FOR-US: Umbraco CMS
-CVE-2017-15279 (Cross-site scripting (XSS) vulnerability in Umbraco CMS before 7.7.3 ...)
+CVE-2017-15279
 	NOT-FOR-US: Umbraco CMS
-CVE-2017-15278 (Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. ...)
+CVE-2017-15278
 	NOT-FOR-US: TeamPass
-CVE-2017-15277 (ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick ...)
+CVE-2017-15277
 	{DSA-4321-1 DSA-4040-1 DSA-4032-1 DLA-1456-1 DLA-1140-1 DLA-1139-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878578)
 	- graphicsmagick 1.3.26-14
@@ -9092,30 +9090,30 @@ CVE-2017-15277 (ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and Graphics
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/592
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/923c4a525c99
 	NOTE: https://github.com/neex/gifoeb
-CVE-2017-15276 (OpenText Documentum Content Server (formerly EMC Documentum Content ...)
+CVE-2017-15276
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-15275 (Samba before 4.7.3 might allow remote attackers to obtain sensitive ...)
+CVE-2017-15275
 	{DSA-4043-1 DLA-1183-1}
 	- samba 2:4.7.1+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-15275.html
-CVE-2017-15274 (security/keys/keyctl.c in the Linux kernel before 4.11.5 does not ...)
+CVE-2017-15274
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.48-1
 	[wheezy] - linux 3.2.93-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5649645d725c73df4302428ee4e02c869248b4c5 (4.12-rc5)
-CVE-2017-15273 (Mahara 15.04 before 15.04.15, 16.04 before 16.04.9, 16.10 before ...)
+CVE-2017-15273
 	- mahara <removed>
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8081
-CVE-2017-15272 (The PSFTPd 10.0.4 Build 729 server stores its configuration inside ...)
+CVE-2017-15272
 	NOT-FOR-US: PSFTPd
-CVE-2017-15271 (A use-after-free issue could be triggered remotely in the SFTP ...)
+CVE-2017-15271
 	NOT-FOR-US: PSFTPd
-CVE-2017-15270 (The PSFTPd 10.0.4 Build 729 server does not properly escape data ...)
+CVE-2017-15270
 	NOT-FOR-US: PSFTPd
-CVE-2017-15269 (The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans ...)
+CVE-2017-15269
 	NOT-FOR-US: PSFTPd
-CVE-2017-15268 (Qemu through 2.10.0 allows remote attackers to cause a memory leak by ...)
+CVE-2017-15268
 	{DSA-4213-1}
 	- qemu 1:2.11+dfsg-1 (bug #880836)
 	[jessie] - qemu <not-affected> (I/O channels driver websockets introduced later)
@@ -9125,7 +9123,7 @@ CVE-2017-15268 (Qemu through 2.10.0 allows remote attackers to cause a memory le
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1496879
 	NOTE: https://bugs.launchpad.net/bugs/1718964
 	NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=a7b20a8efa28e5f22c26c06cd06c2f12bc863493
-CVE-2017-15267 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in ...)
+CVE-2017-15267
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (bug #878314)
 	[stretch] - libextractor 1:1.3-4+deb9u1
@@ -9134,7 +9132,7 @@ CVE-2017-15267 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in
 	NOTE: http://openwall.com/lists/oss-security/2017/10/11/1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499600
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=6095d7132b57fc7368fc7a40bab2a71b735724d2
-CVE-2017-15266 (In GNU Libextractor 1.4, there is a Divide-By-Zero in ...)
+CVE-2017-15266
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (bug #878314)
 	[stretch] - libextractor 1:1.3-4+deb9u1
@@ -9143,66 +9141,66 @@ CVE-2017-15266 (In GNU Libextractor 1.4, there is a Divide-By-Zero in ...)
 	NOTE: http://openwall.com/lists/oss-security/2017/10/11/1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499599
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=b577d5452c5c4ee9d552da62a24b95f461551fe2
-CVE-2017-15265 (Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 ...)
+CVE-2017-15265
 	{DLA-1200-1}
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1062520
 	NOTE: http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
-CVE-2017-15264 (IrfanView version 4.44 (32bit) allows attackers to cause a denial of ...)
+CVE-2017-15264
 	NOT-FOR-US: IrfanView
-CVE-2017-15263 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15263
 	NOT-FOR-US: IrfanView
-CVE-2017-15262 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15262
 	NOT-FOR-US: IrfanView
-CVE-2017-15261 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15261
 	NOT-FOR-US: IrfanView
-CVE-2017-15260 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15260
 	NOT-FOR-US: IrfanView
-CVE-2017-15259 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15259
 	NOT-FOR-US: IrfanView
-CVE-2017-15258 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15258
 	NOT-FOR-US: IrfanView
-CVE-2017-15257 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15257
 	NOT-FOR-US: IrfanView
-CVE-2017-15256 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15256
 	NOT-FOR-US: IrfanView
-CVE-2017-15255 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15255
 	NOT-FOR-US: IrfanView
-CVE-2017-15254 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15254
 	NOT-FOR-US: IrfanView
-CVE-2017-15253 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15253
 	NOT-FOR-US: IrfanView
-CVE-2017-15252 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15252
 	NOT-FOR-US: IrfanView
-CVE-2017-15251 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15251
 	NOT-FOR-US: IrfanView
-CVE-2017-15250 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15250
 	NOT-FOR-US: IrfanView
-CVE-2017-15249 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15249
 	NOT-FOR-US: IrfanView
-CVE-2017-15248 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15248
 	NOT-FOR-US: IrfanView
-CVE-2017-15247 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15247
 	NOT-FOR-US: IrfanView
-CVE-2017-15246 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15246
 	NOT-FOR-US: IrfanView
-CVE-2017-15245 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15245
 	NOT-FOR-US: IrfanView
-CVE-2017-15244 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15244
 	NOT-FOR-US: IrfanView
-CVE-2017-15243 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15243
 	NOT-FOR-US: IrfanView
-CVE-2017-15242 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15242
 	NOT-FOR-US: IrfanView
-CVE-2017-15241 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15241
 	NOT-FOR-US: IrfanView
-CVE-2017-15240 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows ...)
+CVE-2017-15240
 	NOT-FOR-US: IrfanView
-CVE-2017-15239 (IrfanView 4.44 - 32bit with PDF plugin version 4.43 allows attackers to ...)
+CVE-2017-15239
 	NOT-FOR-US: IrfanView
-CVE-2017-15238 (ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a ...)
+CVE-2017-15238
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-14
 	[jessie] - graphicsmagick <not-affected> (Vulnerable code not present)
@@ -9212,9 +9210,9 @@ CVE-2017-15238 (ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a .
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/469/
 CVE-2017-15237
 	RESERVED
-CVE-2017-15236 (Tiandy IP cameras 5.56.17.120 do not properly restrict a certain ...)
+CVE-2017-15236
 	NOT-FOR-US: Tiandy IP cameras
-CVE-2017-15235 (The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 ...)
+CVE-2017-15235
 	- php-horde-gollem 3.0.12-1
 	[stretch] - php-horde-gollem <no-dsa> (Minor issue)
 	[jessie] - php-horde-gollem <no-dsa> (Minor issue)
@@ -9225,7 +9223,7 @@ CVE-2017-15234
 	RESERVED
 CVE-2017-15233
 	RESERVED
-CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and ...)
+CVE-2017-15232
 	- libjpeg-turbo <unfixed> (low; bug #878567)
 	[stretch] - libjpeg-turbo <ignored> (Minor issue)
 	[jessie] - libjpeg-turbo <no-dsa> (Minor issue)
@@ -9243,19 +9241,19 @@ CVE-2017-15230
 	RESERVED
 CVE-2017-15229
 	RESERVED
-CVE-2017-15228 (Irssi before 1.0.5, when installing themes with unterminated colour ...)
+CVE-2017-15228
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15227 (Irssi before 1.0.5, while waiting for the channel synchronisation, may ...)
+CVE-2017-15227
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15226 (Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ...)
+CVE-2017-15226
 	NOT-FOR-US: Zyxel
-CVE-2017-15225 (_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File ...)
+CVE-2017-15225
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9265,72 +9263,72 @@ CVE-2017-15225 (_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File ..
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b55ec8b676ed05d93ee49d6c79ae0403616c4fb0
 CVE-2017-15224
 	RESERVED
-CVE-2017-15223 (Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 ...)
+CVE-2017-15223
 	NOT-FOR-US: ArGoSoft Mini Mail Server
-CVE-2017-15222 (Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows ...)
+CVE-2017-15222
 	NOT-FOR-US: Ayukov NFTPD
-CVE-2017-15221 (ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a ...)
+CVE-2017-15221
 	NOT-FOR-US: ASX to MP3 converter
-CVE-2017-15220 (Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer ...)
+CVE-2017-15220
 	NOT-FOR-US: Flexense VX Search Enterprise
-CVE-2017-15219 (The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site ...)
+CVE-2017-15219
 	NOT-FOR-US: dotCMS
-CVE-2017-15218 (ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in ...)
+CVE-2017-15218
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/760
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/698c09d05a749664288281012f319cd51da664ee
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6387479aa974709d5c329c8efbde38175f386844
-CVE-2017-15217 (ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. ...)
+CVE-2017-15217
 	[experimental] - imagemagick 8:6.9.9.34+dfsg-1
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/759
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9bad9cd6752bf8dc5825f555fd1117855bd2fc47
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8fa3c10977f668c92688272a4802f4477df61076
-CVE-2017-15216 (MISP before 2.4.81 has a potential reflected XSS in a quickDelete ...)
+CVE-2017-15216
 	NOT-FOR-US: MISP
-CVE-2017-15215 (Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated ...)
+CVE-2017-15215
 	- shaarli <itp> (bug #864559)
-CVE-2017-15214 (Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an ...)
+CVE-2017-15214
 	NOT-FOR-US: Flyspray
-CVE-2017-15213 (Stored XSS vulnerability in Flyspray before 1.0-rc6 allows an ...)
+CVE-2017-15213
 	NOT-FOR-US: Flyspray
-CVE-2017-15212 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15212
 	- kanboard <itp> (bug #790814)
-CVE-2017-15211 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15211
 	- kanboard <itp> (bug #790814)
-CVE-2017-15210 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15210
 	- kanboard <itp> (bug #790814)
-CVE-2017-15209 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15209
 	- kanboard <itp> (bug #790814)
-CVE-2017-15208 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15208
 	- kanboard <itp> (bug #790814)
-CVE-2017-15207 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15207
 	- kanboard <itp> (bug #790814)
-CVE-2017-15206 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15206
 	- kanboard <itp> (bug #790814)
-CVE-2017-15205 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15205
 	- kanboard <itp> (bug #790814)
-CVE-2017-15204 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15204
 	- kanboard <itp> (bug #790814)
-CVE-2017-15203 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15203
 	- kanboard <itp> (bug #790814)
-CVE-2017-15202 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15202
 	- kanboard <itp> (bug #790814)
-CVE-2017-15201 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15201
 	- kanboard <itp> (bug #790814)
-CVE-2017-15200 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15200
 	- kanboard <itp> (bug #790814)
-CVE-2017-15199 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15199
 	- kanboard <itp> (bug #790814)
-CVE-2017-15198 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15198
 	- kanboard <itp> (bug #790814)
-CVE-2017-15197 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15197
 	- kanboard <itp> (bug #790814)
-CVE-2017-15196 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15196
 	- kanboard <itp> (bug #790814)
-CVE-2017-15195 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
+CVE-2017-15195
 	- kanboard <itp> (bug #790814)
-CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector ...)
+CVE-2017-15193
 	- wireshark 2.4.2-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -9338,7 +9336,7 @@ CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissect
 	NOTE: https://code.wireshark.org/review/23537
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-43.html
-CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector ...)
+CVE-2017-15192
 	- wireshark 2.4.2-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced in version 1.99)
 	[wheezy] - wireshark <not-affected> (Vulnerable code introduced in version 1.99)
@@ -9346,7 +9344,7 @@ CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT disse
 	NOTE: https://code.wireshark.org/review/23470
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-42.html
-CVE-2017-15191 (In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the ...)
+CVE-2017-15191
 	{DLA-1634-1}
 	- wireshark 2.4.2-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -9354,7 +9352,7 @@ CVE-2017-15191 (In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15
 	NOTE: https://code.wireshark.org/review/23591
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-44.html
-CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was ...)
+CVE-2017-15190
 	- wireshark 2.4.2-1 (low)
 	[stretch] - wireshark <not-affected> (Only affects 2.4)
 	[jessie] - wireshark <not-affected> (Only affects 2.4)
@@ -9363,7 +9361,7 @@ CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. Thi
 	NOTE: https://code.wireshark.org/review/23635
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e27870eaa6efa1c2dac08aa41a67fe9f0839e6e0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-45.html
-CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an ...)
+CVE-2017-15189
 	- wireshark 2.4.2-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -9371,11 +9369,11 @@ CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into
 	NOTE: https://code.wireshark.org/review/23663
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=625bab309d9dd21db2d8ae2aa3511810d32842a8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-46.html
-CVE-2017-15188 (A persistent (stored) XSS vulnerability in the EyesOfNetwork web ...)
+CVE-2017-15188
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-15187
 	RESERVED
-CVE-2017-15194 (include/global_session.php in Cacti 1.1.25 has XSS related to (1) the ...)
+CVE-2017-15194
 	- cacti 1.1.25+ds1-1 (bug #878304)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced in 1.0.0)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced in 1.0.0)
@@ -9383,14 +9381,14 @@ CVE-2017-15194 (include/global_session.php in Cacti 1.1.25 has XSS related to (1
 	NOTE: https://github.com/Cacti/cacti/issues/1010
 	NOTE: https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd
 	NOTE: https://github.com/Cacti/cacti/commit/4f87256e63859117f81d2a2bd40c9c730e39b65d
-CVE-2017-15186 (Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote ...)
+CVE-2017-15186
 	{DSA-4049-1}
 	- ffmpeg 7:3.4-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code was introduced later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/20/4
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/df62b70de8aaa285168e72fe8f6e740843ca91fa
-CVE-2017-15185 (plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis ...)
+CVE-2017-15185
 	- mp3splt 2.6.2+20170630-2
 	[jessie] - mp3splt <not-affected> (Vulnerable code not present)
 	[wheezy] - mp3splt <not-affected> (Vulnerable code does not exist)
@@ -9489,38 +9487,38 @@ CVE-2017-15141
 	RESERVED
 CVE-2017-15140
 	RESERVED
-CVE-2017-15139 (A vulnerability was found in openstack-cinder releases up to and ...)
+CVE-2017-15139
 	[experimental] - cinder 2:13.0.0-1
 	- cinder 2:13.0.0-2
 	[stretch] - cinder <no-dsa> (Minor issue)
 	[jessie] - cinder <not-affected> (ScaleIO Driver support does not exist)
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0084
 	NOTE: https://bugs.launchpad.net/ossn/+bug/1699573
-CVE-2017-15138 (The OpenShift Enterprise cluster-read can access webhook tokens which ...)
+CVE-2017-15138
 	NOT-FOR-US: atomic-openshift
-CVE-2017-15137 (The OpenShift image import whitelist failed to enforce restrictions ...)
+CVE-2017-15137
 	NOT-FOR-US: atomic-openshift
-CVE-2017-15136 (When registering and activating a new system with Red Hat Satellite 6 ...)
+CVE-2017-15136
 	NOT-FOR-US: Red Hat Satellite 6
-CVE-2017-15135 (It was found that 389-ds-base since 1.3.6.1 up to and including ...)
+CVE-2017-15135
 	- 389-ds-base 1.3.7.9-1 (bug #888451)
 	[stretch] - 389-ds-base <not-affected> (Affected code was never backported)
 	[jessie] - 389-ds-base <not-affected> (vulnerable code (patch for CVE-2016-5405) not applied)
-CVE-2017-15134 (A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x ...)
+CVE-2017-15134
 	{DLA-1428-1}
 	- 389-ds-base 1.3.7.9-1 (bug #888452)
 	NOTE: Fixed by: https://pagure.io/389-ds-base/c/6aa2acdc3cad9
-CVE-2017-15133 (A denial of service flaw was found in miekg-dns before 1.0.4. A remote ...)
+CVE-2017-15133
 	- golang-github-miekg-dns 0.0~git20170501.0.f282f80-3 (bug #888777)
 	[stretch] - golang-github-miekg-dns <no-dsa> (Minor issue)
 	NOTE: https://github.com/miekg/dns/issues/627
 	NOTE: https://github.com/miekg/dns/pull/631
-CVE-2017-15132 (A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of ...)
+CVE-2017-15132
 	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #888432)
 	NOTE: Fixed by: https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
 	NOTE: Regression fix needed on top: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22
-CVE-2017-15131 (It was found that system umask policy is not being honored when ...)
+CVE-2017-15131
 	- xdg-user-dirs <unfixed> (unimportant)
 	NOTE: The CVE relates that created directories by xdg-user-dirs might not
 	NOTE: respect a system policy for user created files by setting a umask
@@ -9533,7 +9531,7 @@ CVE-2017-15131 (It was found that system umask policy is not being honored when
 	NOTE: sessions.
 	NOTE: Enforcements can be achieved e.g. by using pam_umask.
 	NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=102303
-CVE-2017-15130 (A denial of service flaw was found in dovecot before 2.2.34. An ...)
+CVE-2017-15130
 	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #891820)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
@@ -9543,33 +9541,33 @@ CVE-2017-15130 (A denial of service flaw was found in dovecot before 2.2.34. An
 	NOTE: https://github.com/dovecot/core/commit/390592e6af07e02064ebdbb1bbcf06528887370f
 	NOTE: https://github.com/dovecot/core/commit/bc27538d084e01a7a1aca3330e27aebfc0e311eb
 	NOTE: https://github.com/dovecot/core/commit/00016646cc32a3fa1cf54c22ed7388ed06bbc0f1
-CVE-2017-15129 (A use-after-free vulnerability was found in network namespaces code ...)
+CVE-2017-15129
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/21b5944350052d2583e82dd59b19a9ba94a007f0
-CVE-2017-15128 (A flaw was found in the hugetlb_mcopy_atomic_pte function in ...)
+CVE-2017-15128
 	- linux 4.13.13-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://post-office.corp.redhat.com/archives/rhkernel-list/2017-October/msg09574.html
-CVE-2017-15127 (A flaw was found in the hugetlb_mcopy_atomic_pte function in ...)
+CVE-2017-15127
 	- linux 3.13.4-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/5af10dfd0afc559bb4b0f7e3e8227a1578333995
-CVE-2017-15126 (A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel ...)
+CVE-2017-15126
 	- linux 4.13.10-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/384632e67e0829deb8015ee6ad916b180049d252
-CVE-2017-15125 (A flaw was found in CloudForms before 5.9.0.22 in the self-service UI ...)
+CVE-2017-15125
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-15124 (VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older ...)
+CVE-2017-15124
 	{DSA-4213-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #884806)
 	[jessie] - qemu <postponed> (Can be fixed along in later update)
@@ -9581,19 +9579,19 @@ CVE-2017-15123
 	RESERVED
 CVE-2017-15122
 	RESERVED
-CVE-2017-15121 (A non-privileged user is able to mount a fuse filesystem on RHEL 6 or ...)
+CVE-2017-15121
 	- linux 3.11.5-1
 	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1520893
 	NOTE: Fixed by: https://git.kernel.org/linus/5a7203947a1d9b6f3a00a39fda08c2466489555f (v3.11-rc1)
-CVE-2017-15120 (An issue has been found in the parsing of authoritative answers in ...)
+CVE-2017-15120
 	{DSA-4063-1}
 	- pdns-recursor 4.1.0-1
 	[jessie] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
 	NOTE: Patch: https://downloads.powerdns.com/patches/2017-08
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-08.html
-CVE-2017-15119 (The Network Block Device (NBD) server in Quick Emulator (QEMU) before ...)
+CVE-2017-15119
 	{DSA-4213-1}
 	- qemu 1:2.11+dfsg-1 (bug #883399)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -9601,7 +9599,7 @@ CVE-2017-15119 (The Network Block Device (NBD) server in Quick Emulator (QEMU) b
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05044.html
-CVE-2017-15118 (A stack-based buffer overflow vulnerability was found in NBD server ...)
+CVE-2017-15118
 	- qemu 1:2.11+dfsg-1 (bug #883406)
 	[stretch] - qemu <not-affected> (Vulnerable code introduced in 2.10)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in 2.10)
@@ -9611,17 +9609,17 @@ CVE-2017-15118 (A stack-based buffer overflow vulnerability was found in NBD ser
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05045.html
 CVE-2017-15117
 	REJECTED
-CVE-2017-15116 (The rngapi_reset function in crypto/rng.c in the Linux kernel before ...)
+CVE-2017-15116
 	- linux 4.2.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-15115 (The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel ...)
+CVE-2017-15115
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://git.kernel.org/linus/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 (v4.14-rc6)
-CVE-2017-15114 (When libvirtd is configured by OSP director (tripleo-heat-templates) ...)
+CVE-2017-15114
 	- tripleo-heat-templates <not-affected> (Vulnerability introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1510015
 	NOTE: Bug: https://bugs.launchpad.net/tripleo/+bug/1730370
@@ -9629,24 +9627,24 @@ CVE-2017-15114 (When libvirtd is configured by OSP director (tripleo-heat-templa
 	NOTE: TLS libvirt live migration introduced in: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=fa740c5e49994ffdd3a5aa1f43a0305c8e5a0b3a
 	NOTE: Re-enabled libvirt TLS with SASL auth:
 	NOTE: https://bugs.launchpad.net/tripleo/+bug/1732479
-CVE-2017-15113 (ovirt-engine before version 4.1.7.6 with log level set to DEBUG ...)
+CVE-2017-15113
 	NOT-FOR-US: ovirt-engine
-CVE-2017-15112 (keycloak-httpd-client-install versions before 0.8 allow users to ...)
+CVE-2017-15112
 	NOT-FOR-US: Keycloak
-CVE-2017-15111 (keycloak-httpd-client-install versions before 0.8 insecurely creates ...)
+CVE-2017-15111
 	NOT-FOR-US: Keycloak
-CVE-2017-15110 (In Moodle 3.x, students can find out email addresses of other students ...)
+CVE-2017-15110
 	- moodle <removed>
 CVE-2017-15109
 	RESERVED
-CVE-2017-15108 (spice-vdagent up to and including 0.17.0 does not properly escape save ...)
+CVE-2017-15108
 	- spice-vdagent 0.18.0-1 (bug #883238)
 	[stretch] - spice-vdagent <no-dsa> (Minor issue)
 	[jessie] - spice-vdagent <no-dsa> (Minor issue)
 	[wheezy] - spice-vdagent <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/linux/vd_agent/commit/?id=8ba174816d245757e743e636df357910e1d5eb61
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1510864
-CVE-2017-15107 (A vulnerability was found in the implementation of DNSSEC in Dnsmasq ...)
+CVE-2017-15107
 	- dnsmasq 2.79-1 (bug #888200)
 	[stretch] - dnsmasq <no-dsa> (Minor issue)
 	[jessie] - dnsmasq <no-dsa> (Minor issue)
@@ -9657,35 +9655,35 @@ CVE-2017-15107 (A vulnerability was found in the implementation of DNSSEC in Dns
 	NOTE: https://medium.com/nlnetlabs/the-peculiar-case-of-nsec-processing-using-expanded-wildcard-records-ae8285f236be
 CVE-2017-15106
 	RESERVED
-CVE-2017-15105 (A flaw was found in the way unbound before 1.6.8 validated ...)
+CVE-2017-15105
 	{DLA-1676-1 DLA-1264-1}
 	- unbound 1.7.1-1 (bug #887733)
 	[stretch] - unbound 1.6.0-3+deb9u2
 	NOTE: https://unbound.net/downloads/CVE-2017-15105.txt
 	NOTE: https://unbound.net/downloads/patch_cve_2017_15105.diff
 	NOTE: https://medium.com/nlnetlabs/the-peculiar-case-of-nsec-processing-using-expanded-wildcard-records-ae8285f236be
-CVE-2017-15104 (An access flaw was found in Heketi 5, where the heketi.json ...)
+CVE-2017-15104
 	NOT-FOR-US: Heketi
-CVE-2017-15103 (A security-check flaw was found in the way the Heketi 5 server API ...)
+CVE-2017-15103
 	NOT-FOR-US: Heketi
-CVE-2017-15102 (The tower_probe function in drivers/usb/misc/legousbtower.c in the ...)
+CVE-2017-15102
 	- linux 4.7.8-1
 	[jessie] - linux 3.16.43-1
 	[wheezy] - linux 3.2.86-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2fae9e5a7babada041e2e161699ade2447a01989 (4.9-rc1)
-CVE-2017-15101 (A missing patch for a stack-based buffer overflow in findTable() was ...)
+CVE-2017-15101
 	- liblouis <not-affected> (Incomplete fix not applied in Debian)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1492701#c12
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1511023
-CVE-2017-15100 (An attacker submitting facts to the Foreman server containing HTML can ...)
+CVE-2017-15100
 	- foreman <itp> (bug #663101)
-CVE-2017-15099 (INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before ...)
+CVE-2017-15099
 	{DSA-4028-1}
 	- postgresql-10 10.1-1
 	- postgresql-9.6 <removed>
 	- postgresql-9.4 <not-affected> (ON CONFLICT DO UPDATE and RLS introduced in 9.5)
 	- postgresql-9.1 <not-affected> (ON CONFLICT DO UPDATE and RLS introduced in 9.5)
-CVE-2017-15098 (Invalid json_populate_recordset or jsonb_populate_recordset function ...)
+CVE-2017-15098
 	{DSA-4028-1 DSA-4027-1}
 	- postgresql-10 10.1-1
 	- postgresql-9.6 <removed>
@@ -9693,11 +9691,11 @@ CVE-2017-15098 (Invalid json_populate_recordset or jsonb_populate_recordset func
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	[wheezy] - postgresql-9.1 <not-affected> (Vulnerable code does not exist)
-CVE-2017-15097 (Privilege escalation flaws were found in the Red Hat initialization ...)
+CVE-2017-15097
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1508985
 	NOTE: Similar issues as CVE-2016-1255 in Debian
 	NOT-FOR-US: Red Hat specific provides scripts for starting the database server during system boot and for initializing the database
-CVE-2017-15096 (A flaw was found in GlusterFS in versions prior to 3.10. A null ...)
+CVE-2017-15096
 	- glusterfs 3.12.2-2 (bug #880017)
 	[stretch] - glusterfs <not-affected> (Vulnerable code introduced later)
 	[jessie] - glusterfs <not-affected> (Vulnerable code introduced later)
@@ -9706,7 +9704,7 @@ CVE-2017-15096 (A flaw was found in GlusterFS in versions prior to 3.10. A null
 	NOTE: https://review.gluster.org/18539 (release-3.10)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1502928
 	NOTE: Fixed by: http://git.gluster.org/cgit/glusterfs.git/commit/?id=1f48d17fee0cac95648ec34d13f038b27ef5c6ac
-CVE-2017-15095 (A deserialization flaw was discovered in the jackson-databind in ...)
+CVE-2017-15095
 	{DSA-4037-1}
 	- jackson-databind 2.9.1-1
 	NOTE: The Debian upload for stretch (2.8.6-1+deb9u1) and jessie (2.4.2-2+deb8u1)
@@ -9723,44 +9721,44 @@ CVE-2017-15095 (A deserialization flaw was discovered in the jackson-databind in
 	NOTE: NO_DESER_CLASS_NAMES as of:
 	NOTE: https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43
 	NOTE: Details: http://www.openwall.com/lists/oss-security/2017/11/02/3
-CVE-2017-15094 (An issue has been found in the DNSSEC parsing code of PowerDNS ...)
+CVE-2017-15094
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.html
 	NOTE: https://downloads.powerdns.com/patches/2017-07/
-CVE-2017-15093 (When api-config-dir is set to a non-empty value, which is not the case ...)
+CVE-2017-15093
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor 3.6.2-2+deb8u4
 	[wheezy] - pdns-recursor <not-affected> (Vulnerable code introduced later)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-06.html
 	NOTE: https://downloads.powerdns.com/patches/2017-06/
-CVE-2017-15092 (A cross-site scripting issue has been found in the web interface of ...)
+CVE-2017-15092
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-05.html
 	NOTE: https://downloads.powerdns.com/patches/2017-05/
-CVE-2017-15091 (An issue has been found in the API component of PowerDNS Authoritative ...)
+CVE-2017-15091
 	- pdns 4.0.5-1
 	[stretch] - pdns 4.0.3-1+deb9u2
 	[jessie] - pdns 3.4.1-4+deb8u8
 	[wheezy] - pdns <not-affected> (Vulnerable code not present)
 	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2017-04.html
 	NOTE: https://downloads.powerdns.com/patches/2017-04/
-CVE-2017-15090 (An issue has been found in the DNSSEC validation component of PowerDNS ...)
+CVE-2017-15090
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-03.html
 	NOTE: https://downloads.powerdns.com/patches/2017-03/
-CVE-2017-15089 (It was found that the Hotrod client in Infinispan before 9.2.0.CR1 ...)
+CVE-2017-15089
 	NOT-FOR-US: infinispan
-CVE-2017-15088 (plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka ...)
+CVE-2017-15088
 	- krb5 1.15.2-2 (unimportant; bug #871698)
 	NOTE: https://github.com/krb5/krb5/pull/707
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4
@@ -9769,23 +9767,23 @@ CVE-2017-15088 (plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5
 	NOTE: runs on client systems, and only with a certificate that is explicitly
 	NOTE: configured locally, leading to a local kinit crash if passed a crafted
 	NOTE: local certificate. This is hardly has any harmful security implication.
-CVE-2017-15087 (It was discovered that the fix for CVE-2017-12163 was not properly ...)
+CVE-2017-15087
 	- samba <not-affected> (Incomplete Red Hat backport for CVE-2017-12163)
-CVE-2017-15086 (It was discovered that the fix for CVE-2017-12151 was not properly ...)
+CVE-2017-15086
 	- samba <not-affected> (Incomplete Red Hat backport for CVE-2017-12151)
-CVE-2017-15085 (It was discovered that the fix for CVE-2017-12150 was not properly ...)
+CVE-2017-15085
 	- samba <not-affected> (Incomplete Red Hat backport for CVE-2017-12150)
-CVE-2017-15084 (The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout ...)
+CVE-2017-15084
 	NOT-FOR-US: Metasploit Framework
 CVE-2017-15083
 	REJECTED
 CVE-2017-15082
 	RESERVED
-CVE-2017-15081 (In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist ...)
+CVE-2017-15081
 	NOT-FOR-US: PHPSUGAR PHP Melody CMS
 CVE-2017-15080
 	RESERVED
-CVE-2017-15079 (The Smush Image Compression and Optimization plugin before 2.7.6 for ...)
+CVE-2017-15079
 	NOT-FOR-US: Smush Image Compression and Optimization plugin for WordPress
 CVE-2017-15078
 	REJECTED
@@ -9817,16 +9815,16 @@ CVE-2017-15065
 	REJECTED
 CVE-2017-15064
 	REJECTED
-CVE-2017-1002153 (Koji 1.13.0 does not properly validate SCM paths, allowing an attacker ...)
+CVE-2017-1002153
 	- koji 1.16.0-1 (bug #877921)
 	[stretch] - koji <no-dsa> (Minor issue)
 	NOTE: https://pagure.io/koji/issue/563
 	NOTE: https://pagure.io/koji/c/ba7b5a3cbed11ade11c3af5e834c9a6de4f6d7c3
-CVE-2017-1000257 (An IMAP FETCH response line indicates the size of the returned data, ...)
+CVE-2017-1000257
 	{DSA-4007-1 DLA-1143-1}
 	- curl 7.56.1-1
 	NOTE: https://curl.haxx.se/docs/adv_20171023.html
-CVE-2017-1000256 (libvirt version 2.3.0 and later is vulnerable to a bad default ...)
+CVE-2017-1000256
 	{DSA-4003-1}
 	- libvirt 3.8.0-3 (bug #878799)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -9835,13 +9833,13 @@ CVE-2017-1000256 (libvirt version 2.3.0 and later is vulnerable to a bad default
 	NOTE: https://security.libvirt.org/2017/0002.html
 	NOTE: Broken by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=ce61c16450d4992612d1fc6f39a39e79bfccead5 (master)
 	NOTE: Fixed by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=441d3eb6d1be940a67ce45a286602a967601b157 (master)
-CVE-2017-1000255 (On Linux running on PowerPC hardware (Power8 or later) a user process ...)
+CVE-2017-1000255
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/265e60a170d0a0ecfc2d20490134ed2c48dd45ab
-CVE-2017-15063 (There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and ...)
+CVE-2017-15063
 	NOT-FOR-US: Subrion CMS
 CVE-2017-15062
 	RESERVED
@@ -9855,52 +9853,52 @@ CVE-2017-15058
 	RESERVED
 CVE-2017-15057
 	RESERVED
-CVE-2017-15056 (p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote ...)
+CVE-2017-15056
 	- upx-ucl 3.94-4 (unimportant)
 	NOTE: https://github.com/upx/upx/issues/128
 	NOTE: https://github.com/upx/upx/commit/ef336dbcc6dc8344482f8cf6c909ae96c3286317
 	NOTE: crash in CLI tool, no security impact
-CVE-2017-15055 (TeamPass before 2.1.27.9 does not properly enforce item access control ...)
+CVE-2017-15055
 	- teampass <itp> (bug #730180)
-CVE-2017-15054 (An arbitrary file upload vulnerability, present in TeamPass before ...)
+CVE-2017-15054
 	- teampass <itp> (bug #730180)
-CVE-2017-15053 (TeamPass before 2.1.27.9 does not properly enforce manager access ...)
+CVE-2017-15053
 	- teampass <itp> (bug #730180)
-CVE-2017-15052 (TeamPass before 2.1.27.9 does not properly enforce manager access ...)
+CVE-2017-15052
 	- teampass <itp> (bug #730180)
-CVE-2017-15051 (Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass ...)
+CVE-2017-15051
 	- teampass <itp> (bug #730180)
 CVE-2017-15050
 	RESERVED
-CVE-2017-15049 (The ZoomLauncher binary in the Zoom client for Linux before ...)
+CVE-2017-15049
 	NOT-FOR-US: Zoom
-CVE-2017-15048 (Stack-based buffer overflow in the ZoomLauncher binary in the Zoom ...)
+CVE-2017-15048
 	NOT-FOR-US: Zoom
-CVE-2017-15047 (The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows ...)
+CVE-2017-15047
 	- redis 4:4.0.2-5 (bug #878076; unimportant)
 	[jessie] - redis <not-affected> (Vulnerable code introduced later)
 	[wheezy] - redis <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/antirez/redis/issues/4278
 	NOTE: Pull request: https://github.com/antirez/redis/pull/4365
-CVE-2017-15046 (LAME 3.99.5 has a stack-based buffer overflow in unpack_read_samples ...)
+CVE-2017-15046
 	- lame 3.99.5+repack1-8
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://sourceforge.net/p/lame/bugs/479/
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-15045 (LAME 3.99.5 has a heap-based buffer over-read in fill_buffer in ...)
+CVE-2017-15045
 	- lame 3.99.5+repack1-8
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://sourceforge.net/p/lame/bugs/478/
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-15044 (The default installation of DocuWare Fulltext Search server through ...)
+CVE-2017-15044
 	NOT-FOR-US: DocuWare Fulltext Search server
-CVE-2017-15043 (A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and ...)
+CVE-2017-15043
 	NOT-FOR-US: Sierra Wireless AirLink routers
-CVE-2017-15042 (An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x ...)
+CVE-2017-15042
 	- golang-1.9 1.9.1-1
 	- golang-1.8 1.8.4-1
 	[stretch] - golang-1.8 <ignored> (Minor issue, would require builds of all go packages in stable)
@@ -9913,7 +9911,7 @@ CVE-2017-15042 (An unintended cleartext issue exists in Go before 1.8.4 and 1.9.
 	NOTE: https://golang.org/cl/68023
 	NOTE: https://golang.org/cl/68210
 	NOTE: https://groups.google.com/d/msg/golang-dev/RinSE3EiJBI/kYL7zb07AgAJ
-CVE-2017-15041 (Go before 1.8.4 and 1.9.x before 1.9.1 allows &quot;go get&quot; remote command ...)
+CVE-2017-15041
 	{DLA-1148-1}
 	- golang-1.9 1.9.1-1
 	- golang-1.8 1.8.4-1
@@ -9929,31 +9927,31 @@ CVE-2017-15041 (Go before 1.8.4 and 1.9.x before 1.9.1 allows &quot;go get&quot;
 	NOTE: https://groups.google.com/d/msg/golang-dev/RinSE3EiJBI/kYL7zb07AgAJ
 CVE-2017-15040
 	RESERVED
-CVE-2017-15039 (Cross-site scripting (XSS) exists in Zurmo 3.2.1.57987acc3018 via a ...)
+CVE-2017-15039
 	NOT-FOR-US: Zurmo
-CVE-2017-15038 (Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU ...)
+CVE-2017-15038
 	{DSA-4213-1 DLA-1497-1 DLA-1129-1 DLA-1128-1}
 	- qemu 1:2.10.0+dfsg-2 (bug #877890)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg00729.html
-CVE-2017-15037 (In FreeBSD through 11.1, the smb_strdupin function in ...)
+CVE-2017-15037
 	- kfreebsd-10 <unfixed> (unimportant; bug #877903)
 	NOTE: kfreebsd not covered by security support
 CVE-2017-15036
 	RESERVED
-CVE-2017-15035 (EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial ...)
+CVE-2017-15035
 	NOT-FOR-US: EmTec PyroBatchFTP
 CVE-2017-15034
 	RESERVED
-CVE-2017-15033 (ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in ...)
+CVE-2017-15033
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/756
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ef8f40689ac452398026c07da41656a7c87e4683
-CVE-2017-15032 (ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in ...)
+CVE-2017-15032
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/752
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/241988ca28139ad970c1d9717c419f41e360ddb0
-CVE-2017-15031 (In all versions of ARM Trusted Firmware up to and including v1.4, not ...)
+CVE-2017-15031
 	NOT-FOR-US: ARM Trusted Firmware
 CVE-2017-15030
 	RESERVED
@@ -9965,7 +9963,7 @@ CVE-2017-15027
 	RESERVED
 CVE-2017-15026
 	RESERVED
-CVE-2017-15025 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-15025
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9974,7 +9972,7 @@ CVE-2017-15025 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD)
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22186
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48
-CVE-2017-15024 (find_abstract_instance_name in dwarf2.c in the Binary File Descriptor ...)
+CVE-2017-15024
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9983,7 +9981,7 @@ CVE-2017-15024 (find_abstract_instance_name in dwarf2.c in the Binary File Descr
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22187
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52a93b95ec0771c97e26f0bb28630a271a667bd2
-CVE-2017-15023 (read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-15023
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9994,7 +9992,7 @@ CVE-2017-15023 (read_formatted_entries in dwarf2.c in the Binary File Descriptor
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c361faae8d964db951b7100cada4dcdc983df1bf
 	NOTE: When this issue is fixed it is to make sure to not open CVE-2017-15939, i.e.
 	NOTE: not to apply the incomplete fix. See notes on CVE-2017-15939
-CVE-2017-15022 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2017-15022
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10003,7 +10001,7 @@ CVE-2017-15022 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22201
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11855d8a1f11b102a702ab76e95b22082cccf2f8
-CVE-2017-15021 (bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor ...)
+CVE-2017-15021
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10012,7 +10010,7 @@ CVE-2017-15021 (bfd_get_debug_link_info_1 in opncls.c in the Binary File Descrip
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22197
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d
-CVE-2017-15020 (dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2017-15020
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10021,19 +10019,19 @@ CVE-2017-15020 (dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22202
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5
-CVE-2017-15019 (LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init ...)
+CVE-2017-15019
 	- lame 3.100-1
 	[stretch] - lame <ignored> (Minor issue)
 	[jessie] - lame <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/lame/bugs/477/
-CVE-2017-15018 (LAME 3.99.5 has a heap-based buffer over-read when handling a malformed ...)
+CVE-2017-15018
 	- lame 3.99.5+repack1-8
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://sourceforge.net/p/lame/bugs/480/
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...)
+CVE-2017-15017
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878554)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10041,14 +10039,14 @@ CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerabi
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/723
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a1006a249516a875558c3d642e719b1eac8f820
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0cff8bac0a47f8693cfe57f026fcd752689ff375
-CVE-2017-15016 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...)
+CVE-2017-15016
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/725
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8254d24b86a62803231773ecf54c707aef4a1457
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/27f8ba82ddd665ab41cef6588128f680cbd69905
 	NOTE: emf.c not compiled under Debian
-CVE-2017-15015 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...)
+CVE-2017-15015
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878555)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -10056,37 +10054,37 @@ CVE-2017-15015 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerabi
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/724
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0cbb3b3b02e7af493a9aafa8f7e7d23fc70644e4
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a0cef9db632ef8e1b9de4c463700c6a24d4f96ca
-CVE-2017-15014 (OpenText Documentum Content Server (formerly EMC Documentum Content ...)
+CVE-2017-15014
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-15013 (OpenText Documentum Content Server (formerly EMC Documentum Content ...)
+CVE-2017-15013
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-15012 (OpenText Documentum Content Server (formerly EMC Documentum Content ...)
+CVE-2017-15012
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-1000120 ([ERPNext][Frappe Version &lt;= 7.1.27] SQL injection vulnerability in ...)
+CVE-2017-1000120
 	NOT-FOR-US: ERPNext Frappe framework
-CVE-2017-1000119 (October CMS build 412 is vulnerable to PHP code execution in the file ...)
+CVE-2017-1000119
 	NOT-FOR-US: October CMS
-CVE-2017-1000118 (Akka HTTP versions &lt;= 10.0.5 Illegal Media Range in Accept Header ...)
+CVE-2017-1000118
 	NOT-FOR-US: Akka HTTP
-CVE-2017-1000114 (The Datadog Plugin stores an API key to access the Datadog service in ...)
+CVE-2017-1000114
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000113 (The Deploy to container Plugin stored passwords unencrypted as part of ...)
+CVE-2017-1000113
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000110 (Blue Ocean allows the creation of GitHub organization folders that are ...)
+CVE-2017-1000110
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000109 (The custom Details view of the Static Analysis Utilities based OWASP ...)
+CVE-2017-1000109
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000106 (Blue Ocean allows the creation of GitHub organization folders that are ...)
+CVE-2017-1000106
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000105 (The optional Run/Artifacts permission can be enabled by setting a Java ...)
+CVE-2017-1000105
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000104 (The Config File Provider Plugin is used to centrally manage ...)
+CVE-2017-1000104
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000103 (The custom Details view of the Static Analysis Utilities based DRY ...)
+CVE-2017-1000103
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000102 (The Details view of some Static Analysis Utilities based plugins, was ...)
+CVE-2017-1000102
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000098 (The net/http package's Request.ParseMultipartForm method starts ...)
+CVE-2017-1000098
 	{DLA-1123-1}
 	- golang-1.9 <not-affected> (Fixed before initial release to Debian)
 	- golang-1.8 <not-affected> (Fixed before initial release to Debian)
@@ -10096,21 +10094,21 @@ CVE-2017-1000098 (The net/http package's Request.ParseMultipartForm method start
 	NOTE: https://groups.google.com/forum/#!msg/golang-dev/4NdLzS8sls8/uIz8QlnIBQAJ
 	NOTE: https://golang.org/cl/30410
 	NOTE: https://golang.org/issue/17965
-CVE-2017-1000097 (On Darwin, user's trust preferences for root certificates were not ...)
+CVE-2017-1000097
 	- golang <not-affected> (OS X specific issue)
 	- golang-1.7 <not-affected> (OS X specific issue)
 	- golang-1.8 <not-affected> (OS X specific issue)
 	- golang-1.9 <not-affected> (OS X specific issue)
 	NOTE: https://github.com/golang/go/issues/18141
-CVE-2017-15011 (The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and ...)
+CVE-2017-15011
 	- qbittorrent <not-affected> (Only affects Windows)
-CVE-2017-15010 (A ReDoS (regular expression denial of service) flaw was found in the ...)
+CVE-2017-15010
 	- node-tough-cookie 2.3.4+dfsg-1 (bug #877660)
 	NOTE: https://github.com/salesforce/tough-cookie/issues/92
 	NOTE: https://nodesecurity.io/advisories/525
-CVE-2017-15009 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected ...)
+CVE-2017-15009
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2017-15008 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored ...)
+CVE-2017-15008
 	NOT-FOR-US: PRTG Network Monitor
 CVE-2017-15007
 	RESERVED
@@ -10132,23 +10130,23 @@ CVE-2017-14999
 	RESERVED
 CVE-2017-14998
 	RESERVED
-CVE-2017-14997 (GraphicsMagick 1.3.26 allows remote attackers to cause a denial of ...)
+CVE-2017-14997
 	{DSA-4321-1 DLA-1456-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-13
 	NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/0683f8724200495059606c03f04e0d589b33ebe8/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/511/
 CVE-2017-14996
 	RESERVED
-CVE-2017-14995 (The Management Console in WSO2 Application Server 5.3.0, WSO2 Business ...)
+CVE-2017-14995
 	NOT-FOR-US: WSO2 Application Server
-CVE-2017-14994 (ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote ...)
+CVE-2017-14994
 	{DSA-4321-1 DLA-1456-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-13
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/512/
-CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x ...)
+CVE-2017-14993
 	NOT-FOR-US: OXID eShop Community Edition
-CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) ...)
+CVE-2017-14992
 	- docker.io 18.03.1+dfsg1-2 (bug #908055)
 	- golang-github-vbatts-tar-split 0.10.2-1 (bug #908056)
 	[stretch] - golang-github-vbatts-tar-split <no-dsa> (Minor issue)
@@ -10158,26 +10156,26 @@ CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) .
 	NOTE: version.
 	NOTE: 17.12.1+dfsg-1 was the first upload (to experimental) using the fixed version
 	NOTE: golang-github-vbatts-tar-split.
-CVE-2017-14991 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before ...)
+CVE-2017-14991
 	- linux 4.13.4-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/3e0097499839e0fe3af380410eababe5a47c4cf9
-CVE-2017-14758 (OpenText Document Sciences xPression (formerly EMC Document Sciences ...)
+CVE-2017-14758
 	NOT-FOR-US: EMC
-CVE-2017-14990 (WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but ...)
+CVE-2017-14990
 	{DSA-3997-1}
 	- wordpress 4.8.2+dfsg-2 (bug #877629)
 	[wheezy] - wordpress <ignored> (Fix requires database upgrade which is too intrusive compared to the actual benefit.)
 	NOTE: https://core.trac.wordpress.org/ticket/38474
-CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in ...)
+CVE-2017-14989
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878562)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/781
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/97740ccc177ee264e79091fa573d994eb6b05628
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/28bad01242898d7f863deedbfa8502c348293093
-CVE-2017-14988 (Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote ...)
+CVE-2017-14988
 	- openexr <unfixed> (bug #878551; unimportant)
 	NOTE: https://github.com/openexr/openexr/issues/248
 	NOTE: Issue in the use of openexr via ImageMagick, no real security impact
@@ -10185,38 +10183,38 @@ CVE-2017-14987
 	RESERVED
 CVE-2017-14986
 	RESERVED
-CVE-2017-14985 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web ...)
+CVE-2017-14985
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14984 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web ...)
+CVE-2017-14984
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14983 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web ...)
+CVE-2017-14983
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-14982
 	RESERVED
-CVE-2017-14981 (Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The ...)
+CVE-2017-14981
 	NOT-FOR-US: ATutor
-CVE-2017-14980 (Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote ...)
+CVE-2017-14980
 	NOT-FOR-US: Sync Breeze Enterprise
-CVE-2017-14979 (Gxlcms uses an unsafe character-replacement approach in an attempt to ...)
+CVE-2017-14979
 	NOT-FOR-US: Gxlcms
 CVE-2017-14978
 	RESERVED
-CVE-2017-14977 (The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler ...)
+CVE-2017-14977
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877952)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103045
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=19eedc6fb693a62f305e13079501e3105f869f3c
-CVE-2017-14976 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler ...)
+CVE-2017-14976
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877954)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102724
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf
-CVE-2017-14975 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler ...)
+CVE-2017-14975
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877957)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102653
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=a5e5649ecf16fa05770620dbbd4985935dc2bbff
-CVE-2017-14974 (The *_get_synthetic_symtab functions in the Binary File Descriptor ...)
+CVE-2017-14974
 	- binutils 2.29.1-2
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -10225,58 +10223,58 @@ CVE-2017-14974 (The *_get_synthetic_symtab functions in the Binary File Descript
 	NOTE: a fixed 2.29.1-3 for unrelated issues.
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22163
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e70c19e3a4c26e9c1ebf0c9170d105039b56d7cf
-CVE-2017-14973 (IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) is ...)
+CVE-2017-14973
 	NOT-FOR-US: IDenticard Two-Reader Controller Configuration Manager
-CVE-2017-14972 (InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when ...)
+CVE-2017-14972
 	NOT-FOR-US: InFocus Mondopad
-CVE-2017-14971 (Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure ...)
+CVE-2017-14971
 	NOT-FOR-US: InFocus Mondopad
-CVE-2017-14970 (In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are ...)
+CVE-2017-14970
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #877543)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html
 	NOTE: Not considered a security issue by upstream, see #877543
-CVE-2017-14969 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14969
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14968 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14968
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14967 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14967
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14966 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14966
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14965 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14965
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14964 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14964
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14963 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14963
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14962 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+CVE-2017-14962
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14961 (In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an ...)
+CVE-2017-14961
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14960 (xDashboard in OpenText Document Sciences xPression (formerly EMC ...)
+CVE-2017-14960
 	NOT-FOR-US: EMC Document Sciences xPression
 CVE-2017-14959
 	RESERVED
-CVE-2017-14958 (lib.php in PivotX 2.3.11 does not properly block uploads of dangerous ...)
+CVE-2017-14958
 	NOT-FOR-US: PivotX
-CVE-2017-14957 (Stored XSS vulnerability via a comment in inc/conv.php in BlogoText ...)
+CVE-2017-14957
 	NOT-FOR-US: BlogoText
-CVE-2017-14956 (AlienVault USM v5.4.2 and earlier offers authenticated users the ...)
+CVE-2017-14956
 	NOT-FOR-US: AlienVault
-CVE-2017-14955 (Check_MK before 1.2.8p26 mishandles certain errors within the ...)
+CVE-2017-14955
 	- check-mk 1.2.8p26-1
 	[wheezy] - check-mk <not-affected> (Vulnerable code not present)
 	NOTE: http://mathias-kettner.com/check_mk_werks.php?edition_id=raw&branch=1.2.8
 	NOTE: https://mathias-kettner.de/check_mk_werks.php?werk_id=5208&HTML=yes
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commitdiff;h=a4a2cc1f30ff6032899ca80eed29fa26b8898c54
-CVE-2017-14954 (The waitid implementation in kernel/exit.c in the Linux kernel through ...)
+CVE-2017-14954
 	- linux <not-affected> (Vulnerable code introduced in v4.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/6c85501f2fabcfc4fc6ed976543d252c4eaf4be9
-CVE-2017-14953 (HikVision Wi-Fi IP cameras, when used in a wired configuration, allow ...)
+CVE-2017-14953
 	NOT-FOR-US: HikVision
-CVE-2017-14952 (Double free in i18n/zonemeta.cpp in International Components for ...)
+CVE-2017-14952
 	- icu 57.1-7 (bug #878840)
 	[stretch] - icu 57.1-6+deb9u1
 	[jessie] - icu 52.1-8+deb8u6
@@ -10287,28 +10285,28 @@ CVE-2017-14951
 	RESERVED
 CVE-2017-14950
 	RESERVED
-CVE-2017-14949 (Restlet Framework before 2.3.12 allows remote attackers to access ...)
+CVE-2017-14949
 	- restlet <itp> (bug #596472)
 CVE-2017-14948
 	RESERVED
-CVE-2017-14947 (Artifex GSView 6.0 Beta on Windows allows attackers to execute ...)
+CVE-2017-14947
 	NOT-FOR-US: GSView (different from gv)
-CVE-2017-14946 (Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial ...)
+CVE-2017-14946
 	NOT-FOR-US: GSView (different from gv)
-CVE-2017-14945 (Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial ...)
+CVE-2017-14945
 	NOT-FOR-US: GSView (different from gv)
-CVE-2017-14944 (Inedo ProGet before 4.7.14 does not properly address dangerous package ...)
+CVE-2017-14944
 	NOT-FOR-US: Inedo ProGet
-CVE-2017-14943 (Trapeze TransitMaster is vulnerable to information disclosure (emails / ...)
+CVE-2017-14943
 	NOT-FOR-US: Trapeze TransitMaster
-CVE-2017-14942 (Intelbras WRN 150 devices allow remote attackers to read the ...)
+CVE-2017-14942
 	NOT-FOR-US: Intelbras WRN 150 devices
-CVE-2017-14941 (Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure ...)
+CVE-2017-14941
 	- jasperreports <undetermined> (bug #880467; bug #884131)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://github.com/binary1985/VulnerabilityDisclosure/blob/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941
-CVE-2017-14940 (scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-14940
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10317,7 +10315,7 @@ CVE-2017-14940 (scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22166
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0d76029f92182c3682d8be2c833d45bc9a2068fe
 	NOTE: https://blogs.gentoo.org/ago/2017/09/26/binutils-null-pointer-dereference-in-scan_unit_for_symbols-dwarf2-c
-CVE-2017-14939 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-14939
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10326,7 +10324,7 @@ CVE-2017-14939 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22169
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=515f23e63c0074ab531bc954f84ca40c6281a724
 	NOTE: https://blogs.gentoo.org/ago/2017/09/26/binutils-heap-based-buffer-overflow-in-read_1_byte-dwarf2-c
-CVE-2017-14938 (_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor ...)
+CVE-2017-14938
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10335,13 +10333,13 @@ CVE-2017-14938 (_bfd_elf_slurp_version_tables in elf.c in the Binary File Descri
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22166
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6
 	NOTE: https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/
-CVE-2017-14937 (The airbag detonation algorithm allows injury to passenger-car ...)
+CVE-2017-14937
 	NOT-FOR-US: passenger-car
 CVE-2017-14936
 	RESERVED
-CVE-2017-14935 (Pulse Secure Pulse One On-Premise 2.0.1649 and below does not properly ...)
+CVE-2017-14935
 	NOT-FOR-US: Pulse Secure
-CVE-2017-14934 (process_debug_info in dwarf.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-14934
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10349,7 +10347,7 @@ CVE-2017-14934 (process_debug_info in dwarf.c in the Binary File Descriptor (BFD
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22219
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=19485196044b2521af979f1e5c4a89bfb90fba0b
-CVE-2017-14933 (read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-14933
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10358,7 +10356,7 @@ CVE-2017-14933 (read_formatted_entries in dwarf2.c in the Binary File Descriptor
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22210
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=30d0157a2ad64e64e5ff9fcc0dbe78a3e682f573
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=33e0a9a056bd23e923b929a4f2ab049ade0b1c32
-CVE-2017-14932 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-14932
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10366,9 +10364,9 @@ CVE-2017-14932 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22204
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e338894dc2e603683bed2172e8e9f25b29051005
-CVE-2017-14931 (ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 ...)
+CVE-2017-14931
 	NOT-FOR-US: OpenExif
-CVE-2017-14930 (Memory leak in decode_line_info in dwarf2.c in the Binary File ...)
+CVE-2017-14930
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10376,160 +10374,160 @@ CVE-2017-14930 (Memory leak in decode_line_info in dwarf2.c in the Binary File .
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22191
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a26a013f22a19e2c16729e64f40ef8a7dfcc086e
-CVE-2017-14929 (In Poppler 0.59.0, memory corruption occurs in a call to ...)
+CVE-2017-14929
 	- poppler 0.61.1-2 (bug #877222)
 	[stretch] - poppler 0.48.0-2+deb9u2
 	[jessie] - poppler <ignored> (Minor impact, too intrusive to backport)
 	[wheezy] - poppler <ignored> (unreproducible, requires API change which appears to be too intrusive in this case.)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102969
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=2c92c7b6a828c9db8a38f079ea7a3d51c12a481d
-CVE-2017-14928 (In Poppler 0.59.0, a NULL Pointer Dereference exists in ...)
+CVE-2017-14928
 	- poppler 0.61.1-2 (bug #877231)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <not-affected> (Problematic code introduced in 0.36)
 	[wheezy] - poppler <not-affected> (Problematic code introduced in 0.36)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102607
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=1316c7a41f4dd7276f404f775ebb5fef2d24ab1c
-CVE-2017-14927 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the ...)
+CVE-2017-14927
 	- poppler 0.61.1-2 (bug #877237)
 	[stretch] - poppler <not-affected> (Vulnerable code introduced in 0.49)
 	[jessie] - poppler <not-affected> (Vulnerable code introduced in 0.49)
 	[wheezy] - poppler <not-affected> (Vulnerable code introduced in 0.49)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102604
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=6472d8493f7e82cc78b41da20a2bf19fcb4e0a7d
-CVE-2017-14926 (In Poppler 0.59.0, a NULL Pointer Dereference exists in ...)
+CVE-2017-14926
 	- poppler 0.61.1-2 (bug #877239)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <not-affected> (Problematic code introduced in 0.36)
 	[wheezy] - poppler <not-affected> (Problematic code introduced in 0.36)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102601
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=2532df6060092e9fab7f041ae9598aff9cdd94bb
-CVE-2017-14925 (Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki ...)
+CVE-2017-14925
 	NOT-FOR-US: Tiki
-CVE-2017-14924 (Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki ...)
+CVE-2017-14924
 	NOT-FOR-US: Tiki
-CVE-2017-14923 (Stored XSS vulnerability via IMG element at &quot;Leadname&quot; of CRM in Tine ...)
+CVE-2017-14923
 	NOT-FOR-US: Tine groupware
-CVE-2017-14922 (Stored XSS vulnerability via IMG element at &quot;History&quot; of Profile, ...)
+CVE-2017-14922
 	NOT-FOR-US: Tine groupware
-CVE-2017-14921 (Stored XSS vulnerability via IMG element at &quot;Filename&quot; of Filemanager ...)
+CVE-2017-14921
 	NOT-FOR-US: Tine groupware
-CVE-2017-14920 (Stored XSS vulnerability in eGroupware Community Edition before ...)
+CVE-2017-14920
 	NOT-FOR-US: eGroupware
-CVE-2017-14919 (Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows ...)
+CVE-2017-14919
 	- nodejs <unfixed> (unimportant)
 	NOTE: Debian doesn't use zlib 1.2.9 yet
 	NOTE: https://nodejs.org/en/blog/vulnerability/oct-2017-dos/
-CVE-2017-14918 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14918
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14917 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14917
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14916 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14916
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14915 (In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD ...)
+CVE-2017-14915
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14914 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14914
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14913 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon ...)
+CVE-2017-14913
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14912 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon ...)
+CVE-2017-14912
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14911 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon ...)
+CVE-2017-14911
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14910 (In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 ...)
+CVE-2017-14910
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14909 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14909
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14908 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14908
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14907 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14907
 	NOT-FOR-US: Qualcomm closed-source components on Android
-CVE-2017-14906 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon ...)
+CVE-2017-14906
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14905 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14905
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14904 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14904
 	NOT-FOR-US: Android MediaServer
-CVE-2017-14903 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14903
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14902 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14902
 	NOT-FOR-US: Android
-CVE-2017-14901 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14901
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14900 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14900
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14899 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14899
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14898 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14898
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14897 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14897
 	NOT-FOR-US: Android
-CVE-2017-14896 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14896
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14895 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14895
 	NOT-FOR-US: Android
-CVE-2017-14894 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-14894
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14893 (While flashing meta image, a buffer over-read may potentially occur ...)
+CVE-2017-14893
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14892 (In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for ...)
+CVE-2017-14892
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14891 (In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, ...)
+CVE-2017-14891
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14890 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-14890
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14889 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14889
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14888 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-14888
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14887 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14887
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-14886
 	RESERVED
-CVE-2017-14885 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14885
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14884 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-14884
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14883 (In the function wma_unified_power_debug_stats_event_handler() in ...)
+CVE-2017-14883
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14882 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14882
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14881 (While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in ...)
+CVE-2017-14881
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14880 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-14880
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14879
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14878 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14878
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14877 (While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD ...)
+CVE-2017-14877
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14876 (In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, ...)
+CVE-2017-14876
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14875 (In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE ...)
+CVE-2017-14875
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-14874
 	RESERVED
-CVE-2017-14873 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14873
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14872 (While flashing a meta image, a buffer over-read can potentially occur ...)
+CVE-2017-14872
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-14871
 	RESERVED
-CVE-2017-14870 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14870
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14869 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-14869
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14868 (Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows ...)
+CVE-2017-14868
 	- restlet <itp> (bug #596472)
-CVE-2017-14866 (There is a heap-based buffer overflow in the Exiv2::s2Data function of ...)
+CVE-2017-14866
 	[experimental] - exiv2 <unfixed> (bug #880015)
 	- exiv2 <not-affected> (Versions prior to 0.26 don't parse ICC profiles yet)
 	NOTE: https://github.com/Exiv2/exiv2/issues/140
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494781
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): corrupted unsorted chunks" without valgrind).
-CVE-2017-14865 (There is a heap-based buffer overflow in the Exiv2::us2Data function of ...)
+CVE-2017-14865
 	[experimental] - exiv2 <unfixed> (bug #888865)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/134
@@ -10537,7 +10535,7 @@ CVE-2017-14865 (There is a heap-based buffer overflow in the Exiv2::us2Data func
 	NOTE: Patch: https://github.com/Exiv2/exiv2/commit/d3c2b9938583440f87ce9115de5a7e8cd8f8db57
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): corrupted unsorted chunks" without valgrind).
-CVE-2017-14864 (An Invalid memory address dereference was discovered in Exiv2::getULong ...)
+CVE-2017-14864
 	{DLA-1147-1}
 	- exiv2 <unfixed>
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -10548,14 +10546,14 @@ CVE-2017-14864 (An Invalid memory address dereference was discovered in Exiv2::g
 	NOTE: Depends on: https://github.com/Exiv2/exiv2/commit/65f45a350516bfde4941d7906f2d67462f48d1ca
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14863 (A NULL pointer dereference was discovered in ...)
+CVE-2017-14863
 	[experimental] - exiv2 <unfixed> (low; bug #888866)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/132
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494443
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): invalid next size (fast)" without valgrind).
-CVE-2017-14862 (An Invalid memory address dereference was discovered in ...)
+CVE-2017-14862
 	{DLA-1147-1}
 	- exiv2 <unfixed>
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -10566,14 +10564,14 @@ CVE-2017-14862 (An Invalid memory address dereference was discovered in ...)
 	NOTE: Depends on: https://github.com/Exiv2/exiv2/commit/65f45a350516bfde4941d7906f2d67462f48d1ca
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14861 (There is a stack consumption vulnerability in the ...)
+CVE-2017-14861
 	[experimental] - exiv2 <unfixed> (bug #880027)
 	- exiv2 <not-affected> (printIFDStructure introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/139
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494787
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14860 (There is a heap-based buffer over-read in the ...)
+CVE-2017-14860
 	[experimental] - exiv2 <unfixed> (low; bug #888867)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/71
@@ -10581,7 +10579,7 @@ CVE-2017-14860 (There is a heap-based buffer over-read in the ...)
 	NOTE: Patch: https://github.com/Exiv2/exiv2/pull/108
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14859 (An Invalid memory address dereference was discovered in ...)
+CVE-2017-14859
 	{DLA-1147-1}
 	- exiv2 <unfixed>
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -10592,14 +10590,14 @@ CVE-2017-14859 (An Invalid memory address dereference was discovered in ...)
 	NOTE: Depends on: https://github.com/Exiv2/exiv2/commit/65f45a350516bfde4941d7906f2d67462f48d1ca
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1).
-CVE-2017-14858 (There is a heap-based buffer overflow in the Exiv2::l2Data function of ...)
+CVE-2017-14858
 	[experimental] - exiv2 <unfixed> (bug #897134)
 	- exiv2 <not-affected> (TIFF meta data handler doesn't parse ICC profiles yet)
 	NOTE: https://github.com/Exiv2/exiv2/issues/138
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494782
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with a different error (double free or corruption (out))
-CVE-2017-14857 (In Exiv2 0.26, there is an invalid free in the Image class in image.cpp ...)
+CVE-2017-14857
 	[experimental] - exiv2 <unfixed> (low; bug #888869)
 	- exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Exiv2/exiv2/issues/76
@@ -10609,7 +10607,7 @@ CVE-2017-14857 (In Exiv2 0.26, there is an invalid free in the Image class in im
 	NOTE: Reproducible in experimental(0.26-1).
 CVE-2017-14856
 	RESERVED
-CVE-2017-14855 (Red Lion HMI panels allow remote attackers to cause a denial of service ...)
+CVE-2017-14855
 	NOT-FOR-US: Red Lion HMI
 CVE-2017-14854
 	RESERVED
@@ -10621,71 +10619,71 @@ CVE-2017-14851
 	RESERVED
 CVE-2017-14850
 	RESERVED
-CVE-2017-14849 (Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended ...)
+CVE-2017-14849
 	- nodejs <not-affected> (Vulnerable code introduced in 8.5.0)
 	NOTE: https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/
 	NOTE: https://twitter.com/nodejs/status/913131152868876288
-CVE-2017-14848 (WPHRM Human Resource Management System for WordPress 1.0 allows SQL ...)
+CVE-2017-14848
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14847 (Mojoomla WPAMS Apartment Management System for WordPress allows SQL ...)
+CVE-2017-14847
 	NOT-FOR-US: Mojoomla WPAMS Apartment Management System for WordPress
-CVE-2017-14846 (Mojoomla Hospital Management System for WordPress allows SQL Injection ...)
+CVE-2017-14846
 	NOT-FOR-US: Mojoomla Hospital Management System for WordPress
-CVE-2017-14845 (Mojoomla WPCHURCH Church Management System for WordPress allows SQL ...)
+CVE-2017-14845
 	NOT-FOR-US: Mojoomla WPCHURCH Church Management System for WordPress
-CVE-2017-14844 (Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via ...)
+CVE-2017-14844
 	NOT-FOR-US: Mojoomla WPGYM WordPress Gym Management System
-CVE-2017-14843 (Mojoomla School Management System for WordPress allows SQL Injection ...)
+CVE-2017-14843
 	NOT-FOR-US: Mojoomla School Management System for WordPress
-CVE-2017-14842 (Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL ...)
+CVE-2017-14842
 	NOT-FOR-US: Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress
-CVE-2017-14841 (Mojoomla Annual Maintenance Contract (AMC) Management System allows ...)
+CVE-2017-14841
 	NOT-FOR-US: Mojoomla Annual Maintenance Contract (AMC) Management System
-CVE-2017-14840 (TeamWork TicketPlus allows Arbitrary File Upload in updateProfile. ...)
+CVE-2017-14840
 	NOT-FOR-US: TeamWork TicketPlus
-CVE-2017-14839 (TeamWork Photo Fusion allows Arbitrary File Upload in changeAvatar and ...)
+CVE-2017-14839
 	NOT-FOR-US: TeamWork Photo Fusion
-CVE-2017-14838 (TeamWork Job Links allows Arbitrary File Upload in profileChange and ...)
+CVE-2017-14838
 	NOT-FOR-US: TeamWork Job Links
-CVE-2017-14837 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14837
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14836 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14836
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14835 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14835
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14834 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14834
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14833 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14833
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14832 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14832
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14831 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14831
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14830 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14830
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14829 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14829
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14828 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14828
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14827 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14827
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14826 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14826
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14825 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14825
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14824 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14824
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14823 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-14823
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14822 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-14822
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14821 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-14821
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14820 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-14820
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14819 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-14819
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14818 (This vulnerability allows remote attackers to disclose sensitive on ...)
+CVE-2017-14818
 	NOT-FOR-US: Foxit Reader
 CVE-2017-14817
 	REJECTED
@@ -10713,28 +10711,28 @@ CVE-2017-14806
 	RESERVED
 CVE-2017-14805
 	RESERVED
-CVE-2017-14804 (The build package before 20171128 did not check directory names during ...)
+CVE-2017-14804
 	- obs-build 20180302-1 (bug #887306)
 	[stretch] - obs-build <no-dsa> (Minor issue)
 	[jessie] - obs-build <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1069904
-CVE-2017-14803 (In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server ...)
+CVE-2017-14803
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-14802 (Novell Access Manager Admin Console and IDP servers before 4.3.3 have ...)
+CVE-2017-14802
 	NOT-FOR-US: Novell Access Manager Admin Console
-CVE-2017-14801 (Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed ...)
+CVE-2017-14801
 	NOT-FOR-US: NetIQ
-CVE-2017-14800 (A reflected cross site scripting attack in the NetIQ Access Manager ...)
+CVE-2017-14800
 	NOT-FOR-US: NetIQ
-CVE-2017-14799 (A cross site scripting attack in handling the ESP login parameter ...)
+CVE-2017-14799
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-14798 (A race condition in the postgresql init script could be used by ...)
+CVE-2017-14798
 	NOT-FOR-US: SuSE-specific flaw in Postgres init script
-CVE-2017-14797 (Lack of Transport Encryption in the public API in Philips Hue Bridge ...)
+CVE-2017-14797
 	NOT-FOR-US: Philips Hue
-CVE-2017-14796 (The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote ...)
+CVE-2017-14796
 	NOT-FOR-US: libbpg
-CVE-2017-14795 (The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote ...)
+CVE-2017-14795
 	NOT-FOR-US: libbpg
 CVE-2017-14794
 	REJECTED
@@ -10774,74 +10772,74 @@ CVE-2017-14777
 	REJECTED
 CVE-2017-14776
 	REJECTED
-CVE-2017-14775 (Laravel before 5.5.10 mishandles the remember_me token verification ...)
+CVE-2017-14775
 	NOT-FOR-US: Laravel
 CVE-2017-14774
 	RESERVED
-CVE-2017-14773 (Skybox Manager Client Application prior to 8.5.501 is prone to an ...)
+CVE-2017-14773
 	NOT-FOR-US: Skybox Manager Client Application
-CVE-2017-14772 (Skybox Manager Client Application is prone to information disclosure ...)
+CVE-2017-14772
 	NOT-FOR-US: Skybox Manager Client Application
-CVE-2017-14771 (Skybox Manager Client Application prior to 8.5.501 is prone to an ...)
+CVE-2017-14771
 	NOT-FOR-US: Skybox Manager Client Application
-CVE-2017-14770 (Skybox Manager Client Application prior to 8.5.501 is prone to an ...)
+CVE-2017-14770
 	NOT-FOR-US: Skybox Manager Client Application
 CVE-2017-14769
 	RESERVED
 CVE-2017-14768
 	RESERVED
-CVE-2017-14767 (The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in ...)
+CVE-2017-14767
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
 	NOTE: Fixed in 3.2.8
 	NOTE: The check is completely missing in Jessie. It should be added.
-CVE-2017-14766 (The Simple Student Result plugin before 1.6.4 for WordPress has an ...)
+CVE-2017-14766
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14765 (In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a ...)
+CVE-2017-14765
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14764 (In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated ...)
+CVE-2017-14764
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14763 (In the Install Themes page in GeniXCMS 1.1.4, remote authenticated ...)
+CVE-2017-14763
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14762 (In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS ...)
+CVE-2017-14762
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14761 (In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the ...)
+CVE-2017-14761
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14760 (SQL Injection exists in /includes/event-management/index.php in the ...)
+CVE-2017-14760
 	NOT-FOR-US: Event Espresso Lite
-CVE-2017-14759 (OpenText Document Sciences xPression (formerly EMC Document Sciences ...)
+CVE-2017-14759
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14757 (OpenText Document Sciences xPression (formerly EMC Document Sciences ...)
+CVE-2017-14757
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14756 (OpenText Document Sciences xPression (formerly EMC Document Sciences ...)
+CVE-2017-14756
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14755 (OpenText Document Sciences xPression (formerly EMC Document Sciences ...)
+CVE-2017-14755
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14754 (OpenText Document Sciences xPression (formerly EMC Document Sciences ...)
+CVE-2017-14754
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14753 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web ...)
+CVE-2017-14753
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14752 (Mahara 15.04 before 15.04.15, 16.04 before 16.04.9, 16.10 before ...)
+CVE-2017-14752
 	- mahara <removed>
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8083
-CVE-2017-14751 (The Intense WP &quot;WP Jobs&quot; plugin 1.5 for WordPress has XSS, related to ...)
+CVE-2017-14751
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-14750
 	RESERVED
-CVE-2017-14749 (JerryScript 1.0 allows remote attackers to cause a denial of service ...)
+CVE-2017-14749
 	NOT-FOR-US: JerryScript
-CVE-2017-14748 (Race condition in Blizzard Overwatch 1.15.0.2 allows remote ...)
+CVE-2017-14748
 	NOT-FOR-US: Blizzard Overwatch
 CVE-2017-14747
 	RESERVED
-CVE-2017-14746 (Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote ...)
+CVE-2017-14746
 	{DSA-4043-1}
 	- samba 2:4.7.1+dfsg-2
 	[wheezy] - samba <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2017-14746.html
-CVE-2017-14745 (The *_get_synthetic_symtab functions in the Binary File Descriptor ...)
+CVE-2017-14745
 	- binutils 2.29-11
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -10849,18 +10847,18 @@ CVE-2017-14745 (The *_get_synthetic_symtab functions in the Binary File Descript
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22148
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=94670f6cf11fc29cc6db6814b38c4305d9bcac96 (master)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e6ff33ca50c1180725dde11c84ee93fcdb4235ef (binutils-2_29-branch)
-CVE-2017-14867 (Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x ...)
+CVE-2017-14867
 	{DSA-3984-1 DLA-1120-1}
 	- git 1:2.14.2-1 (bug #876854)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/26/9
 	NOTE: https://public-inbox.org/git/xmqqy3p29ekj.fsf@gitster.mtv.corp.google.com/T/#u
-CVE-2017-14744 (UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element. ...)
+CVE-2017-14744
 	NOT-FOR-US: UEditor
-CVE-2017-14743 (Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL ...)
+CVE-2017-14743
 	NOT-FOR-US: Faleemi FSC-880 00.01.01.0048P2 devices
 CVE-2017-14742
 	RESERVED
-CVE-2017-14741 (The ReadCAPTIONImage function in coders/caption.c in ImageMagick ...)
+CVE-2017-14741
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878548)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10868,9 +10866,9 @@ CVE-2017-14741 (The ReadCAPTIONImage function in coders/caption.c in ImageMagick
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/771
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d8e14899c562157c7760a77fc91625a27cb596f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb11d07139efe0f5e4ce0e4afda32abdbe82fa9d
-CVE-2017-14740 (Cross-site scripting (XSS) vulnerability in GeniXCMS 1.1.0 allows ...)
+CVE-2017-14740
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14739 (The AcquireResampleFilterThreadSet function in ...)
+CVE-2017-14739
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878547)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10881,9 +10879,9 @@ CVE-2017-14739 (The AcquireResampleFilterThreadSet function in ...)
 	NOTE: Requires additional fixes:
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bbc582d5439a7f9338c6bdc8c34b1ae221ae5214
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/67a633df9386704f45d1ad24f7f5af8a5d11f4a3
-CVE-2017-14738 (FileRun (version 2017.09.18 and below) suffers from a remote SQL ...)
+CVE-2017-14738
 	NOT-FOR-US: FileRun
-CVE-2017-14737 (A cryptographic cache-based side channel in the RSA implementation in ...)
+CVE-2017-14737
 	{DLA-1125-1}
 	- botan1.10 1.10.17-0.1 (bug #877436)
 	[stretch] - botan1.10 <no-dsa> (Minor issue)
@@ -10894,27 +10892,27 @@ CVE-2017-14737 (A cryptographic cache-based side channel in the RSA implementati
 	NOTE: for 2.x: https://github.com/randombit/botan/commit/95df7f155570949837e8e28e733f3d59408092da
 CVE-2017-14736
 	RESERVED
-CVE-2017-14735 (OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as ...)
+CVE-2017-14735
 	NOT-FOR-US: OWASP AntiSamy
-CVE-2017-14734 (The build_msps function in libbpg.c in libbpg 0.9.7 allows remote ...)
+CVE-2017-14734
 	NOT-FOR-US: libbpg
-CVE-2017-14733 (ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE ...)
+CVE-2017-14733
 	{DSA-4321-1 DLA-1401-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-13
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=5381c71724e3
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/458/
 CVE-2017-14732
 	RESERVED
-CVE-2017-14731 (ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote ...)
+CVE-2017-14731
 	{DLA-1192-1}
 	- libofx 1:0.9.11-5 (bug #877442)
 	[stretch] - libofx 1:0.9.10-2+deb9u1
 	[jessie] - libofx 1:0.9.10-1+deb8u1
 	NOTE: https://github.com/libofx/libofx/issues/10
 	NOTE: https://github.com/libofx/libofx/commit/fad8418f34094de42e1307113598e0e8bee0a2bd
-CVE-2017-14730 (The init script in the Gentoo app-admin/logstash-bin package before ...)
+CVE-2017-14730
 	NOT-FOR-US: Gentoo packagin flaw for Logstash
-CVE-2017-14729 (The *_get_synthetic_symtab functions in the Binary File Descriptor ...)
+CVE-2017-14729
 	- binutils 2.29.1-2
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -10927,22 +10925,22 @@ CVE-2017-14729 (The *_get_synthetic_symtab functions in the Binary File Descript
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=61e3bf5f83f7e505b6bc51ef65426e5b31e6e360
 CVE-2017-14728
 	RESERVED
-CVE-2017-14726 (Before version 4.8.2, WordPress was vulnerable to a cross-site ...)
+CVE-2017-14726
 	{DSA-3997-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/41395
-CVE-2017-14725 (Before version 4.8.2, WordPress was susceptible to an open redirect ...)
+CVE-2017-14725
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41398
-CVE-2017-14724 (Before version 4.8.2, WordPress was vulnerable to cross-site scripting ...)
+CVE-2017-14724
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	[stretch] - wordpress 4.7.5+dfsg-2+deb9u1
 	[jessie] - wordpress <not-affected> (Vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/41448
-CVE-2017-14723 (Before version 4.8.2, WordPress mishandled % characters and additional ...)
+CVE-2017-14723
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41470
@@ -10951,140 +10949,140 @@ CVE-2017-14723 (Before version 4.8.2, WordPress mishandled % characters and addi
 	NOTE: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
 	NOTE: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
 	NOTE: https://medium.com/websec/wordpress-sqli-poc-f1827c20bf8e
-CVE-2017-14722 (Before version 4.8.2, WordPress allowed a Directory Traversal attack in ...)
+CVE-2017-14722
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41397
-CVE-2017-14721 (Before version 4.8.2, WordPress allowed Cross-Site scripting in the ...)
+CVE-2017-14721
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41412
-CVE-2017-14720 (Before version 4.8.2, WordPress allowed a Cross-Site scripting attack ...)
+CVE-2017-14720
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41412
-CVE-2017-14719 (Before version 4.8.2, WordPress was vulnerable to a directory traversal ...)
+CVE-2017-14719
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41457
-CVE-2017-14718 (Before version 4.8.2, WordPress was susceptible to a Cross-Site ...)
+CVE-2017-14718
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41393
-CVE-2017-14727 (logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash ...)
+CVE-2017-14727
 	{DLA-1111-1}
 	- weechat 1.9.1-1 (bug #876553)
 	[stretch] - weechat 1.6-1+deb9u2
 	[jessie] - weechat 1.0.1-1+deb8u2
 	NOTE: Fixed by: https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556
-CVE-2017-14717 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks ...)
+CVE-2017-14717
 	NOT-FOR-US: EPESI
-CVE-2017-14716 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title ...)
+CVE-2017-14716
 	NOT-FOR-US: EPESI
-CVE-2017-14715 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts ...)
+CVE-2017-14715
 	NOT-FOR-US: EPESI
-CVE-2017-14714 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls ...)
+CVE-2017-14714
 	NOT-FOR-US: EPESI
-CVE-2017-14713 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls ...)
+CVE-2017-14713
 	NOT-FOR-US: EPESI
-CVE-2017-14712 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall ...)
+CVE-2017-14712
 	NOT-FOR-US: EPESI
-CVE-2017-14711 (The Kickbase GmbH &quot;Kickbase Bundesliga Manager&quot; app before 2.2.1 -- aka ...)
+CVE-2017-14711
 	NOT-FOR-US: Kickbase GmbH "Kickbase Bundesliga Manager"
-CVE-2017-14710 (The Shein Group Ltd. &quot;SHEIN - Fashion Shopping&quot; app -- aka shein ...)
+CVE-2017-14710
 	NOT-FOR-US: Fashion Shopping app
-CVE-2017-14709 (The komoot GmbH &quot;Komoot - Cycling &amp; Hiking Maps&quot; app before 9.3.2 -- ...)
+CVE-2017-14709
 	NOT-FOR-US: Cycling & Hiking Maps app
 CVE-2017-14708
 	RESERVED
 CVE-2017-14707
 	RESERVED
-CVE-2017-14706 (DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to ...)
+CVE-2017-14706
 	NOT-FOR-US: DenyAll WAF
-CVE-2017-14705 (DenyAll WAF before 6.4.1 allows unauthenticated remote command ...)
+CVE-2017-14705
 	NOT-FOR-US: DenyAll WAF
-CVE-2017-14704 (Multiple unrestricted file upload vulnerabilities in the (1) ...)
+CVE-2017-14704
 	NOT-FOR-US: Claydip Laravel Airbnb Clone
-CVE-2017-14703 (SQL injection vulnerability in Cash Back Comparison Script 1.0 allows ...)
+CVE-2017-14703
 	NOT-FOR-US: Cash Back Comparison Script
-CVE-2017-14702 (ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary ...)
+CVE-2017-14702
 	NOT-FOR-US: ERS Data System
 CVE-2017-14701
 	RESERVED
 CVE-2017-14700
 	RESERVED
-CVE-2017-14699 (Multiple XML external entity (XXE) vulnerabilities in the AiCloud ...)
+CVE-2017-14699
 	NOT-FOR-US: ASUS routers
-CVE-2017-14698 (ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, ...)
+CVE-2017-14698
 	NOT-FOR-US: ASUS routers
 CVE-2017-14697
 	RESERVED
-CVE-2017-14696 (SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and ...)
+CVE-2017-14696
 	- salt 2016.11.8+dfsg1-1 (bug #879090)
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/89e084bda356739de645c15e7d1968afebdcc56e (2016.11)
-CVE-2017-14695 (Directory traversal vulnerability in minion id validation in SaltStack ...)
+CVE-2017-14695
 	- salt 2016.11.8+dfsg1-1 (bug #879089)
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/206ae23f15cb7ec95a07dee4cbe9802da84f9c42 (2016.11)
-CVE-2017-14694 (Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 ...)
+CVE-2017-14694
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14693 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...)
+CVE-2017-14693
 	NOT-FOR-US: IrfanView
-CVE-2017-14692 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14692
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14691 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14691
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14690 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14690
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14689 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14689
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14688 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14688
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14687 (Artifex MuPDF 1.11 allows attackers to cause a denial of service or ...)
+CVE-2017-14687
 	{DSA-4006-1 DLA-1164-1}
 	- mupdf 1.11+ds1-1.1 (bug #877379)
 	[jessie] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698558
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28
 	NOTE: Several fz_xml_tag && !strcmp idoms are used in older versions
-CVE-2017-14686 (Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14686
 	{DSA-4006-1}
 	- mupdf 1.11+ds1-1.1 (bug #877379)
 	[jessie] - mupdf <not-affected> (vulnerable code not present, poc not effective)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698540
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1
-CVE-2017-14685 (Artifex MuPDF 1.11 allows attackers to cause a denial of service or ...)
+CVE-2017-14685
 	{DSA-4006-1}
 	- mupdf 1.11+ds1-1.1 (bug #877379)
 	[jessie] - mupdf <not-affected> (vulnerable code not present, poc not effective)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698539
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a
-CVE-2017-14684 (In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-14684
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #876487)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/770
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/dd367e0c3c3f37fbf1c20fa107b67a668b22c6e2
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a25142f284384a10306f14393d9bfd7af95ddfff
-CVE-2017-14683 (geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by ...)
+CVE-2017-14683
 	NOT-FOR-US: geminabox
-CVE-2017-14682 (GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote ...)
+CVE-2017-14682
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #876488)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3bee958ee63eb6ec62834d0c7b28b4b6835e6a00
-CVE-2017-14681 (The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file ...)
+CVE-2017-14681
 	- p3scan <removed> (bug #876674)
 	[stretch] - p3scan <ignored> (Minor issue)
 	[jessie] - p3scan <ignored> (Minor issue)
 	[wheezy] - p3scan <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/p3scan/bugs/33/
-CVE-2017-14680 (ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain ...)
+CVE-2017-14680
 	NOT-FOR-US: ZKTeco ZKTime Web
 CVE-2017-14679
 	REJECTED
@@ -11138,50 +11136,50 @@ CVE-2017-14655
 	REJECTED
 CVE-2017-14654
 	RESERVED
-CVE-2017-14653 (member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote ...)
+CVE-2017-14653
 	NOT-FOR-US: ASP4CMS AspCMS
-CVE-2017-14652 (SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the ...)
+CVE-2017-14652
 	NOT-FOR-US: Tapatalk plugin for MyBB
-CVE-2017-14651 (WSO2 Data Analytics Server 3.1.0 has XSS in ...)
+CVE-2017-14651
 	NOT-FOR-US: WSO2 Data Analytics Server
-CVE-2017-14649 (ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does ...)
+CVE-2017-14649
 	- graphicsmagick 1.3.26-12 (unimportant; bug #876460)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/358608a46f0a
 	NOTE: https://blogs.gentoo.org/ago/2017/09/19/graphicsmagick-assertion-failure-in-pixel_cache-c/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/439/
-CVE-2017-14648 (A global buffer overflow was discovered in the iteration_loop function ...)
+CVE-2017-14648
 	NOT-FOR-US: BladeEnc
-CVE-2017-14647 (A heap-based buffer overflow was discovered in ...)
+CVE-2017-14647
 	NOT-FOR-US: Bento4
-CVE-2017-14646 (The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 ...)
+CVE-2017-14646
 	NOT-FOR-US: Bento4
-CVE-2017-14645 (A heap-based buffer over-read was discovered in ...)
+CVE-2017-14645
 	NOT-FOR-US: Bento4
-CVE-2017-14644 (A heap-based buffer overflow was discovered in the AP4_HdlrAtom class ...)
+CVE-2017-14644
 	NOT-FOR-US: Bento4
-CVE-2017-14643 (The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version ...)
+CVE-2017-14643
 	NOT-FOR-US: Bento4
-CVE-2017-14642 (A NULL pointer dereference was discovered in the AP4_HdlrAtom class in ...)
+CVE-2017-14642
 	NOT-FOR-US: Bento4
-CVE-2017-14641 (A NULL pointer dereference was discovered in the AP4_DataAtom class in ...)
+CVE-2017-14641
 	NOT-FOR-US: Bento4
-CVE-2017-14640 (A NULL pointer dereference was discovered in ...)
+CVE-2017-14640
 	NOT-FOR-US: Bento4
-CVE-2017-14639 (AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 ...)
+CVE-2017-14639
 	NOT-FOR-US: Bento4
-CVE-2017-14638 (AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in ...)
+CVE-2017-14638
 	NOT-FOR-US: Bento4
-CVE-2017-14637 (In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb ...)
+CVE-2017-14637
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 5)
-CVE-2017-14636 (Because of an integer overflow in sam2p 0.49.3, a loop executes ...)
+CVE-2017-14636
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 4)
-CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before ...)
+CVE-2017-14635
 	{DSA-4021-1 DLA-1119-1}
 	- otrs2 5.0.23-1 (bug #876462)
 	NOTE: https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a85 (rel-5_0)
@@ -11194,26 +11192,26 @@ CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x be
 	NOTE: https://github.com/OTRS/otrs/commit/5468720cc8225a85699b1977ff230adbf9f8362d (rel-3_3)
 	NOTE: https://github.com/OTRS/otrs/commit/0583dfda7bc9c7d76457aad68083f4b28a288ce5 (rel-3_3)
 	NOTE: https://www.otrs.com/security-advisory-2017-04-security-update-otrs-versions/
-CVE-2017-14650 (A Remote Code Execution vulnerability has been found in the Horde_Image ...)
+CVE-2017-14650
 	{DSA-4276-1 DLA-1395-1}
 	- php-horde-image 2.5.2-1 (bug #876400)
 	NOTE: https://marc.info/?l=horde-announce&m=150600299528079&w=2
 	NOTE: https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b
-CVE-2017-14634 (In libsndfile 1.0.28, a divide-by-zero error exists in the function ...)
+CVE-2017-14634
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (bug #876783)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/318
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788
-CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...)
+CVE-2017-14633
 	{DSA-4113-1 DLA-1368-1}
 	- libvorbis 1.3.5-4.1 (bug #876778)
 	[jessie] - libvorbis <postponed> (Minor issue, can be fixed along later)
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2329
 	NOTE: https://github.com/xiph/vorbis/pull/34
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993
-CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing ...)
+CVE-2017-14632
 	{DSA-4113-1 DLA-1368-1}
 	- libvorbis 1.3.5-4.1 (bug #876779)
 	[jessie] - libvorbis <not-affected> (Vulnerable code not present)
@@ -11221,29 +11219,29 @@ CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freei
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328
 	NOTE: https://github.com/xiph/vorbis/issues/29
 	NOTE: https://github.com/xiph/vorbis/pull/34
-CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an ...)
+CVE-2017-14631
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 1)
-CVE-2017-14630 (In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 ...)
+CVE-2017-14630
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 6)
-CVE-2017-14629 (In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an ...)
+CVE-2017-14629
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 3)
-CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the ...)
+CVE-2017-14628
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 2)
-CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote ...)
+CVE-2017-14627
 	NOT-FOR-US: CyberLink LabelPrint
-CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...)
+CVE-2017-14626
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878524)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -11252,36 +11250,36 @@ CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerabi
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/721
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/90b301db18434b2c2228776d06c2898b5fed74f0
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9
-CVE-2017-14625 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...)
+CVE-2017-14625
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #877355)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/721
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9
-CVE-2017-14624 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...)
+CVE-2017-14624
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #877354)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/722
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9ff805077fd5297dc41dc989f9dba59877e12f97
-CVE-2017-14623 (In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go, an attacker ...)
+CVE-2017-14623
 	- golang-github-go-ldap-ldap 2.5.1-1 (low; bug #876404)
 	[stretch] - golang-github-go-ldap-ldap 2.4.1-1+deb9u1
 	NOTE: https://github.com/go-ldap/ldap/pull/126
 	NOTE: https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66
-CVE-2017-14622 (Multiple cross-site scripting (XSS) vulnerabilities in the 2kb Amazon ...)
+CVE-2017-14622
 	NOT-FOR-US: 2kb Amazon Affiliates Store plugin for WordPress
-CVE-2017-14621 (Portus 2.2.0 has XSS via the Team field, related to typeahead. ...)
+CVE-2017-14621
 	NOT-FOR-US: Portus
-CVE-2017-14620 (SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP ...)
+CVE-2017-14620
 	NOT-FOR-US: SmarterStats
-CVE-2017-14619 (Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 ...)
+CVE-2017-14619
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-14618 (Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ ...)
+CVE-2017-14618
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-14617 (In Poppler 0.59.0, a floating point exception occurs in the ImageStream ...)
+CVE-2017-14617
 	{DLA-1116-1}
 	- poppler 0.61.1-2 (bug #876385)
 	[stretch] - poppler <ignored> (Minor issue)
@@ -11291,36 +11289,36 @@ CVE-2017-14617 (In Poppler 0.59.0, a floating point exception occurs in the Imag
 	NOTE: The patch applied in 0.48.0-2+deb9u1 (stretch) and 0.26.5-2+deb8u2 (jessie)
 	NOTE: does not completely fix the issue thus still marked as unfixed even if the
 	NOTE: CVE is recorded in debian/changelog.
-CVE-2017-14616 (An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If ...)
+CVE-2017-14616
 	NOT-FOR-US: WatchGuard Fireware
-CVE-2017-14615 (An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. ...)
+CVE-2017-14615
 	NOT-FOR-US: WatchGuard Fireware
-CVE-2017-14614 (Directory traversal vulnerability in the Visor GUI Console in GridGain ...)
+CVE-2017-14614
 	NOT-FOR-US: GridGain
 CVE-2017-14613
 	RESERVED
-CVE-2017-14612 (&quot;Shpock Boot Sale &amp; Classifieds&quot; app before 3.17.0 -- aka ...)
+CVE-2017-14612
 	NOT-FOR-US: Book sale app
-CVE-2017-14611 (SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote ...)
+CVE-2017-14611
 	NOT-FOR-US: Cockpit CMS (different from src:cockpit)
-CVE-2017-14610 (bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 ...)
+CVE-2017-14610
 	- bareos <unfixed> (bug #877334)
 	[buster] - bareos <no-dsa> (Minor issue)
 	[stretch] - bareos <no-dsa> (Minor issue)
 	[jessie] - bareos <no-dsa> (Minor issue)
 	NOTE: https://bugs.bareos.org/view.php?id=847
-CVE-2017-14609 (The server daemons in Kannel 1.5.0 and earlier create a PID file after ...)
+CVE-2017-14609
 	- kannel <unfixed> (unimportant; bug #877361)
 	NOTE: https://redmine.kannel.org/issues/771
 	NOTE: No real security issue in combination with start-stop-daemon from dpkg
-CVE-2017-14608 (In LibRaw through 0.18.4, an out of bounds read flaw related to ...)
+CVE-2017-14608
 	{DLA-1109-1}
 	- libraw 0.18.5-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21
 	NOTE: https://github.com/LibRaw/LibRaw/issues/101
-CVE-2017-14607 (In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ...)
+CVE-2017-14607
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878527)
 	NOTE: IM6 patch: https://github.com/ImageMagick/ImageMagick/commit/cd665c3d05b46d1579c738a72214175ff50aec74
@@ -11329,7 +11327,7 @@ CVE-2017-14606
 	RESERVED
 CVE-2017-14605
 	RESERVED
-CVE-2017-14604 (GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by ...)
+CVE-2017-14604
 	{DSA-3994-1}
 	- nautilus 3.25.90-1 (bug #860268)
 	[jessie] - nautilus <no-dsa> (Minor issue, issue mitigated because does not silently decompress tarballs)
@@ -11338,160 +11336,160 @@ CVE-2017-14604 (GNOME Nautilus before 3.23.90 allows attackers to spoof a file t
 	NOTE: https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
 	NOTE: https://github.com/freedomofpress/securedrop/issues/2238
 	NOTE: https://github.com/GNOME/nautilus/commit/1630f53481f445ada0a455e9979236d31a8d3bb0
-CVE-2017-14603 (In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before ...)
+CVE-2017-14603
 	{DSA-3990-1}
 	- asterisk 1:13.17.2~dfsg-1 (bug #876328)
 	[wheezy] - asterisk <ignored> (strictrtp option is disabled by default. Too intrusive too backport)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-008.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27274
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27252
-CVE-2017-14602 (A vulnerability has been identified in the management interface of ...)
+CVE-2017-14602
 	NOT-FOR-US: Citrix
-CVE-2017-14601 (Pragyan CMS v3.0 is vulnerable to a Boolean-based SQL injection in ...)
+CVE-2017-14601
 	NOT-FOR-US: Pragyan CMS
-CVE-2017-14600 (Pragyan CMS v3.0 is vulnerable to an Error-Based SQL injection in ...)
+CVE-2017-14600
 	NOT-FOR-US: Pragyan CMS
 CVE-2017-14599
 	RESERVED
 CVE-2017-14598
 	RESERVED
-CVE-2017-14597 (AdminPanel in AfterLogic WebMail 7.7 and Aurora 7.7.5 has XSS via the ...)
+CVE-2017-14597
 	NOT-FOR-US: AfterLogic WebMail
-CVE-2017-14596 (In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication ...)
+CVE-2017-14596
 	NOT-FOR-US: Joomla!
-CVE-2017-14595 (In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the ...)
+CVE-2017-14595
 	NOT-FOR-US: Joomla!
-CVE-2017-14594 (The printable searchrequest issue resource in Atlassian Jira before ...)
+CVE-2017-14594
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-14593 (Sourcetree for Windows had several argument and command injection bugs ...)
+CVE-2017-14593
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2017-14592 (Sourcetree for macOS had several argument and command injection bugs ...)
+CVE-2017-14592
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2017-14591 (Atlassian Fisheye and Crucible versions less than 4.4.3 and version ...)
+CVE-2017-14591
 	NOT-FOR-US: Atlassian
-CVE-2017-14590 (Bamboo did not check that the name of a branch in a Mercurial ...)
+CVE-2017-14590
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-14589 (It was possible for double OGNL evaluation in FreeMarker templates ...)
+CVE-2017-14589
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-14588 (Various resources in Atlassian FishEye and Crucible before version ...)
+CVE-2017-14588
 	NOT-FOR-US: Atlassian
-CVE-2017-14587 (The administration user deletion resource in Atlassian FishEye and ...)
+CVE-2017-14587
 	NOT-FOR-US: Atlassian
-CVE-2017-14586 (The Hipchat for Mac desktop client is vulnerable to client-side remote ...)
+CVE-2017-14586
 	NOT-FOR-US: Atlassian
-CVE-2017-14585 (A Server Side Request Forgery (SSRF) vulnerability could lead to ...)
+CVE-2017-14585
 	NOT-FOR-US: Atlassian
 CVE-2017-14584
 	RESERVED
-CVE-2017-14583 (NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are ...)
+CVE-2017-14583
 	NOT-FOR-US: NetApp Clustered Data ONTAP
-CVE-2017-14582 (The Zoho Site24x7 Mobile Network Poller application before 1.1.5 for ...)
+CVE-2017-14582
 	NOT-FOR-US: Zoho
 CVE-2017-XXXX [pcb code injection by malicious layout file]
 	- pcb-rnd 1.2.5-2 (bug #876540)
 	[stretch] - pcb-rnd 1.1.4-2
-CVE-2017-14581 (The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 ...)
+CVE-2017-14581
 	NOT-FOR-US: SAP
-CVE-2017-14580 (XnView Classic for Windows Version 2.41 allows attackers to execute ...)
+CVE-2017-14580
 	NOT-FOR-US: XnView
-CVE-2017-14579 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14579
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14578 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...)
+CVE-2017-14578
 	NOT-FOR-US: IrfanView
-CVE-2017-14577 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14577
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14576 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14576
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14575 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14575
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14574 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14574
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14573 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14573
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14572 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14572
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14571 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14571
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14570 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14570
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14569 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14569
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14568 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14568
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14567 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14567
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14566 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14566
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14565 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14565
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14564 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14564
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14563 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14563
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14562 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14562
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14561 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14561
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14560 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14560
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14559 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14559
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14558 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14558
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14557 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14557
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14556 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14556
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14555 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14555
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14554 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14554
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14553 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14553
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14552 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14552
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14551 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14551
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14550 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14550
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14549 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14549
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14548 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14548
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14547 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14547
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14546 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14546
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14545 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14545
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14544 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14544
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14543 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14543
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14542 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14542
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14541 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14541
 	NOT-FOR-US: XnView
-CVE-2017-14540 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...)
+CVE-2017-14540
 	NOT-FOR-US: IrfanView
-CVE-2017-14539 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...)
+CVE-2017-14539
 	NOT-FOR-US: IrfanView
-CVE-2017-14538 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-14538
 	NOT-FOR-US: XnView
-CVE-2017-14537 (trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to ...)
+CVE-2017-14537
 	NOT-FOR-US: trixbox
-CVE-2017-14536 (trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or ...)
+CVE-2017-14536
 	NOT-FOR-US: trixbox
-CVE-2017-14535 (trixbox 2.8.0.4 has OS command injection via shell metacharacters in ...)
+CVE-2017-14535
 	NOT-FOR-US: trixbox
-CVE-2017-14534 (Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via ...)
+CVE-2017-14534
 	NOT-FOR-US: NexusPHP
-CVE-2017-14533 (ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. ...)
+CVE-2017-14533
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/648
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f1f2089e79bcf5714cefba7cdc47049b4ac53c6b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bdfc5538051ad0d1c2083ba2a29180ff6abea907
-CVE-2017-14532 (ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in ...)
+CVE-2017-14532
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878541)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -11499,14 +11497,14 @@ CVE-2017-14532 (ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnore
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/719
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1942317d9208ea17ee17d976a39768cd51d74160
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/c55fb18c3f78445d100a378ab8b3c0acd53c6590
-CVE-2017-14531 (ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in ...)
+CVE-2017-14531
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/718
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/69967f4161bd14d8e03ea463d6545da442a6ea78
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1385a09732c261f1f403a9af6700979ca56c76d3
-CVE-2017-14530 (WP_Admin_UI in the Crony Cronjob Manager plugin before 0.4.7 for ...)
+CVE-2017-14530
 	NOT-FOR-US: Crony Cronjob Manager plugin for WordPress
-CVE-2017-14529 (The pe_print_idata function in peXXigen.c in the Binary File Descriptor ...)
+CVE-2017-14529
 	- binutils 2.29-10
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -11514,7 +11512,7 @@ CVE-2017-14529 (The pe_print_idata function in peXXigen.c in the Binary File Des
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22113
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=4d465c689a8fb27212ef358d0aee89d60dee69a6
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dcaaca89e8618eba35193c27afcb1cfa54f74582
-CVE-2017-14528 (The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has ...)
+CVE-2017-14528
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #878544)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -11522,65 +11520,65 @@ CVE-2017-14528 (The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0
 	[wheezy] - imagemagick <not-affected> (Can't reproduce crash with file)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2730
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32560
-CVE-2017-14527 (Multiple XML external entity (XXE) vulnerabilities in the OpenText ...)
+CVE-2017-14527
 	NOT-FOR-US: OpenText Documentum Webtop
-CVE-2017-14526 (Multiple XML external entity (XXE) vulnerabilities in the OpenText ...)
+CVE-2017-14526
 	NOT-FOR-US: OpenText Documentum Administrator
-CVE-2017-14525 (Multiple open redirect vulnerabilities in OpenText Documentum Webtop ...)
+CVE-2017-14525
 	NOT-FOR-US: OpenText Documentum Webtop
-CVE-2017-14524 (Multiple open redirect vulnerabilities in OpenText Documentum ...)
+CVE-2017-14524
 	NOT-FOR-US: OpenText Documentum Administrator
-CVE-2017-14523 (** DISPUTED **  ...)
+CVE-2017-14523
 	NOT-FOR-US: WonderCMS
-CVE-2017-14522 (** DISPUTED **  ...)
+CVE-2017-14522
 	NOT-FOR-US: WonderCMS
-CVE-2017-14521 (In WonderCMS 2.3.1, the upload functionality accepts random ...)
+CVE-2017-14521
 	NOT-FOR-US: WonderCMS
-CVE-2017-14520 (In Poppler 0.59.0, a floating point exception occurs in ...)
+CVE-2017-14520
 	{DSA-4079-1}
 	- poppler 0.61.1-2 (low; bug #876081)
 	[wheezy] - poppler <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102719
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=504b3590182175390f474657a372e78fb1508262
-CVE-2017-14519 (In Poppler 0.59.0, memory corruption occurs in a call to ...)
+CVE-2017-14519
 	{DSA-4079-1 DLA-1116-1}
 	- poppler 0.61.1-2 (bug #876086)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102701
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=aaf5327649e8f7371c9d3270e7813c43ddfd47ee
-CVE-2017-14518 (In Poppler 0.59.0, a floating point exception exists in the ...)
+CVE-2017-14518
 	{DSA-4079-1}
 	- poppler 0.61.1-2 (low; bug #876082)
 	[wheezy] - poppler <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102688
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=80f9819b6233f9f9b5fd44f0e4cad026e5d048c2
-CVE-2017-14517 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the ...)
+CVE-2017-14517
 	{DSA-4079-1 DLA-1116-1}
 	- poppler 0.61.1-2 (low; bug #876079)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102687
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f
-CVE-2017-14516 (Cross-Site Scripting (XSS) exists in SAP Business Objects Financial ...)
+CVE-2017-14516
 	NOT-FOR-US: SAP Business Objects Financial Consolidation
-CVE-2017-14515 (Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 ...)
+CVE-2017-14515
 	NOT-FOR-US: Tenda W15E devices
-CVE-2017-14514 (Directory Traversal on Tenda W15E devices before 15.11.0.14 allows ...)
+CVE-2017-14514
 	NOT-FOR-US: Tenda W15E devices
-CVE-2017-14513 (Directory traversal vulnerability in MetInfo 5.3.17 allows remote ...)
+CVE-2017-14513
 	NOT-FOR-US: MetInfo
-CVE-2017-14512 (NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via ...)
+CVE-2017-14512
 	NOT-FOR-US: NexusPHP
-CVE-2017-14511 (An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through ...)
+CVE-2017-14511
 	NOT-FOR-US: SAP
-CVE-2017-14510 (An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before ...)
+CVE-2017-14510
 	NOT-FOR-US: SugarCRM
-CVE-2017-14509 (An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before ...)
+CVE-2017-14509
 	NOT-FOR-US: SugarCRM
-CVE-2017-14508 (An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before ...)
+CVE-2017-14508
 	NOT-FOR-US: SugarCRM
-CVE-2017-14507 (Multiple SQL injection vulnerabilities in the Content Timeline plugin ...)
+CVE-2017-14507
 	NOT-FOR-US: Content Timeline plugin for WordPress
-CVE-2017-14506 (geminabox (aka Gem in a Box) before 0.13.6 has XSS, as demonstrated by ...)
+CVE-2017-14506
 	NOT-FOR-US: geminabox
-CVE-2017-14505 (DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 ...)
+CVE-2017-14505
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878545)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -11588,31 +11586,31 @@ CVE-2017-14505 (DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/716
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ad5fc3c9b652eec27fc0b1a0817159f8547d5d9
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f7b0cf098bc800c5b6181dc522a99997bfee8948
-CVE-2017-14504 (ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure ...)
+CVE-2017-14504
 	{DSA-4321-1 DLA-1456-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-11
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=fb09ca6dd22c
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/465/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/466/
-CVE-2017-14503 (libarchive 3.3.2 suffers from an out-of-bounds read within ...)
+CVE-2017-14503
 	{DSA-4360-1 DLA-1600-1}
 	- libarchive 3.2.2-4.1 (bug #875960)
 	[wheezy] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/issues/948
 	NOTE: https://github.com/libarchive/libarchive/commit/2c8c83b9731ff822fad6cc8c670ea5519c366a14
-CVE-2017-14502 (read_header in archive_read_support_format_rar.c in libarchive 3.3.2 ...)
+CVE-2017-14502
 	{DSA-4360-1 DLA-1600-1}
 	- libarchive 3.2.2-4.1 (bug #875974)
 	[wheezy] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/commit/5562545b5562f6d12a4ef991fae158bf4ccf92b6
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573
-CVE-2017-14501 (An out-of-bounds read flaw exists in parse_file_info in ...)
+CVE-2017-14501
 	{DSA-4360-1 DLA-1600-1}
 	- libarchive 3.2.2-4.2 (bug #875966)
 	[wheezy] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/issues/949
 	NOTE: https://github.com/libarchive/libarchive/commit/f9569c086ff29259c73790db9cbf39fe8fb9d862
-CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS Command in ...)
+CVE-2017-14500
 	{DSA-3977-1 DLA-1104-1}
 	- newsbeuter 2.9-7 (bug #876004)
 	NOTE: http://openwall.com/lists/oss-security/2017/09/16/1
@@ -11621,45 +11619,45 @@ CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS Comman
 	NOTE: https://github.com/akrennmair/newsbeuter/issues/598
 CVE-2017-14499
 	RESERVED
-CVE-2017-14498 (SilverStripe CMS before 3.6.1 has XSS via an SVG document that is ...)
+CVE-2017-14498
 	NOT-FOR-US: SilverStripe CMS
-CVE-2017-14497 (The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel ...)
+CVE-2017-14497
 	- linux 4.12.13-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/edbd58be15a957f6a760c4a514cd475217eb97fd (v4.13)
-CVE-2017-14496 (Integer underflow in the add_pseudoheader function in dnsmasq before ...)
+CVE-2017-14496
 	- dnsmasq 2.78-1
 	[stretch] - dnsmasq 2.76-5+deb9u1
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7
-CVE-2017-14495 (Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id ...)
+CVE-2017-14495
 	- dnsmasq 2.78-1
 	[stretch] - dnsmasq 2.76-5+deb9u1
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=51eadb692a5123b9838e5a68ecace3ac579a3a45
-CVE-2017-14494 (dnsmasq before 2.78, when configured as a relay, allows remote ...)
+CVE-2017-14494
 	{DSA-3989-1 DLA-1124-1}
 	- dnsmasq 2.78-1
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=33e3f1029c9ec6c63e430ff51063a6301d4b2262
-CVE-2017-14493 (Stack-based buffer overflow in dnsmasq before 2.78 allows remote ...)
+CVE-2017-14493
 	{DSA-3989-1}
 	- dnsmasq 2.78-1
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3d4ff1ba8419546490b464418223132529514033
-CVE-2017-14492 (Heap-based buffer overflow in dnsmasq before 2.78 allows remote ...)
+CVE-2017-14492
 	{DSA-3989-1 DLA-1124-1}
 	- dnsmasq 2.78-1
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=24036ea507862c7b7898b68289c8130f85599c10
-CVE-2017-14491 (Heap-based buffer overflow in dnsmasq before 2.78 allows remote ...)
+CVE-2017-14491
 	{DSA-3989-1 DLA-1124-1}
 	- dnsmasq 2.78-1
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
@@ -11667,122 +11665,122 @@ CVE-2017-14491 (Heap-based buffer overflow in dnsmasq before 2.78 allows remote
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=62cb936cb7ad5f219715515ae7d32dd281a5aa1f
 CVE-2017-14490
 	RESERVED
-CVE-2017-14489 (The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the ...)
+CVE-2017-14489
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: https://patchwork.kernel.org/patch/9923803/
 	NOTE: Fixed by: https://git.kernel.org/linus/c88f0e6b06f4092995688211a631bb436125d77b
 CVE-2017-14488
 	RESERVED
-CVE-2017-14487 (The OhMiBod Remote app for Android and iOS allows remote attackers to ...)
+CVE-2017-14487
 	NOT-FOR-US: OhMiBod Remote app
-CVE-2017-14486 (The Vibease Wireless Remote Vibrator app for Android and the Vibease ...)
+CVE-2017-14486
 	NOT-FOR-US: Vibease Wireless Remote Vibrator app
 CVE-2017-14485
 	RESERVED
-CVE-2017-14484 (The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great ...)
+CVE-2017-14484
 	NOT-FOR-US: Gentoo packaging flaw in gimps
-CVE-2017-14483 (flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 ...)
+CVE-2017-14483
 	- flower <not-affected> (Gentoo-specific issue, Debian doesn't provide an init script at all)
-CVE-2017-1002100 (Default access permissions for Persistent Volumes (PVs) created by the ...)
+CVE-2017-1002100
 	- kubernetes <not-affected> (Vulnerable code not yet present)
-CVE-2017-1002028 (Vulnerability in wordpress plugin wordpress-gallery-transformation ...)
+CVE-2017-1002028
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002027 (Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The ...)
+CVE-2017-1002027
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002026 (Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, ...)
+CVE-2017-1002026
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002025 (Vulnerability in wordpress plugin ...)
+CVE-2017-1002025
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002023 (Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code ...)
+CVE-2017-1002023
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002022 (Vulnerability in wordpress plugin surveys v1.01.8, The code in ...)
+CVE-2017-1002022
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002021 (Vulnerability in wordpress plugin surveys v1.01.8, The code in ...)
+CVE-2017-1002021
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002020 (Vulnerability in wordpress plugin surveys v1.01.8, The code in ...)
+CVE-2017-1002020
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002019 (Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form ...)
+CVE-2017-1002019
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002018 (Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form ...)
+CVE-2017-1002018
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002017 (Vulnerability in wordpress plugin gift-certificate-creator v1.0, The ...)
+CVE-2017-1002017
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002016 (Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code ...)
+CVE-2017-1002016
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002015 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
+CVE-2017-1002015
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002014 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
+CVE-2017-1002014
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002013 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
+CVE-2017-1002013
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002012 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
+CVE-2017-1002012
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002011 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
+CVE-2017-1002011
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002010 (Vulnerability in wordpress plugin Membership Simplified v1.58, The ...)
+CVE-2017-1002010
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002009 (Vulnerability in wordpress plugin Membership Simplified v1.58, The ...)
+CVE-2017-1002009
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002008 (Vulnerability in wordpress plugin ...)
+CVE-2017-1002008
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002007 (Vulnerability in wordpress plugin DTracker v1.5, The code ...)
+CVE-2017-1002007
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002006 (Vulnerability in wordpress plugin DTracker v1.5, The code ...)
+CVE-2017-1002006
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002005 (Vulnerability in wordpress plugin DTracker v1.5, In file ...)
+CVE-2017-1002005
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002004 (Vulnerability in wordpress plugin DTracker v1.5, In file ...)
+CVE-2017-1002004
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002003 (Vulnerability in wordpress plugin ...)
+CVE-2017-1002003
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002002 (Vulnerability in wordpress plugin webapp-builder v2.0, The plugin ...)
+CVE-2017-1002002
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002001 (Vulnerability in wordpress plugin mobile-app-builder-by-wappress ...)
+CVE-2017-1002001
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002000 (Vulnerability in wordpress plugin ...)
+CVE-2017-1002000
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14481 (In the MMM::Agent::Helpers::Network::send_arp function in MySQL ...)
+CVE-2017-14481
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14480 (In the MMM::Agent::Helpers::Network::clear_ip function in MySQL ...)
+CVE-2017-14480
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14479 (In the MMM::Agent::Helpers::Network::clear_ip function in MySQL ...)
+CVE-2017-14479
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14478 (In the MMM::Agent::Helpers::Network::clear_ip function in MySQL ...)
+CVE-2017-14478
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14477 (In the MMM::Agent::Helpers::Network::add_ip function in MySQL ...)
+CVE-2017-14477
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14476 (In the MMM::Agent::Helpers::Network::add_ip function in MySQL ...)
+CVE-2017-14476
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14475 (In the MMM::Agent::Helpers::Network::add_ip function in MySQL ...)
+CVE-2017-14475
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14474 (In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master ...)
+CVE-2017-14474
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14473 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14473
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14472 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14472
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14471 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14471
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14470 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14470
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14469 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14469
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14468 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14468
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14467 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14467
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14466 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14466
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14465 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14465
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14464 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14464
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14463 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14463
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14462 (An exploitable access control vulnerability exists in the data, ...)
+CVE-2017-14462
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14461 (A specially crafted email delivered over SMTP and passed on to Dovecot ...)
+CVE-2017-14461
 	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #891819)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
@@ -11794,163 +11792,163 @@ CVE-2017-14461 (A specially crafted email delivered over SMTP and passed on to D
 	NOTE: https://github.com/dovecot/core/commit/18a7a161c8dae6f630770a3cbab7374a0c3dd732
 	NOTE: https://github.com/dovecot/core/commit/0ed696987e5e5d44e971da2a10f6275b276ece34
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0510
-CVE-2017-14460 (An exploitable overly permissive cross-domain (CORS) whitelist ...)
+CVE-2017-14460
 	- parity <itp> (bug #890550)
-CVE-2017-14459 (An exploitable OS Command Injection vulnerability exists in the ...)
+CVE-2017-14459
 	NOT-FOR-US: Moxa
-CVE-2017-14458 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2017-14458
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2017-14457 (An exploitable information leak/denial of service vulnerability exists ...)
+CVE-2017-14457
 	- cpp-etherum <itp> (bug #860434)
 CVE-2017-14456
 	RESERVED
-CVE-2017-14455 (On Insteon Hub 2245-222 devices with firmware version 1012, specially ...)
+CVE-2017-14455
 	NOT-FOR-US: Insteon Hub
 CVE-2017-14454
 	RESERVED
-CVE-2017-14453 (On Insteon Hub 2245-222 devices with firmware version 1012, specially ...)
+CVE-2017-14453
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14452 (An exploitable buffer overflow vulnerability exists in the PubNub ...)
+CVE-2017-14452
 	NOT-FOR-US: Insteon Hub
 CVE-2017-14451
 	RESERVED
-CVE-2017-14450 (A buffer overflow vulnerability exists in the GIF image parsing ...)
+CVE-2017-14450
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0499
 	NOTE: https://hg.libsdl.org/SDL_image/rev/45e750f92c84
-CVE-2017-14449 (A double-Free vulnerability exists in the XCF image rendering ...)
+CVE-2017-14449
 	{DSA-4177-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 <not-affected> (Vulnerable code not present)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0498
 	NOTE: https://hg.libsdl.org/SDL_image/rev/d0142861559c
-CVE-2017-14448 (An exploitable code execution vulnerability exists in the XCF image ...)
+CVE-2017-14448
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0497
 	NOTE: https://hg.libsdl.org/SDL_image/rev/7df1580f1695
-CVE-2017-14447 (An exploitable buffer overflow vulnerability exists in the PubNub ...)
+CVE-2017-14447
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14446 (An exploitable stack-based buffer overflow vulnerability exists in ...)
+CVE-2017-14446
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14445 (An exploitable buffer overflow vulnerability exists in Insteon Hub ...)
+CVE-2017-14445
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14444 (An exploitable buffer overflow vulnerability exists in Insteon Hub ...)
+CVE-2017-14444
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14443 (An exploitable information leak vulnerability exists in Insteon Hub ...)
+CVE-2017-14443
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14442 (An exploitable code execution vulnerability exists in the BMP image ...)
+CVE-2017-14442
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0491
 	NOTE: https://hg.libsdl.org/SDL_image/rev/37445f6180a8
-CVE-2017-14441 (An exploitable code execution vulnerability exists in the ICO image ...)
+CVE-2017-14441
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0490
 	NOTE: https://hg.libsdl.org/SDL_image/rev/a1e9b624ca10
-CVE-2017-14440 (An exploitable code execution vulnerability exists in the ILBM image ...)
+CVE-2017-14440
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0489
 	NOTE: https://hg.libsdl.org/SDL_image/rev/bfa08dc02b3c
-CVE-2017-14439 (Exploitable denial of service vulnerabilities exists in the Service ...)
+CVE-2017-14439
 	NOT-FOR-US: Moxa
-CVE-2017-14438 (Exploitable denial of service vulnerabilities exists in the Service ...)
+CVE-2017-14438
 	NOT-FOR-US: Moxa
-CVE-2017-14437 (An exploitable denial of service vulnerability exists in the web ...)
+CVE-2017-14437
 	NOT-FOR-US: Moxa
-CVE-2017-14436 (An exploitable denial of service vulnerability exists in the web ...)
+CVE-2017-14436
 	NOT-FOR-US: Moxa
-CVE-2017-14435 (An exploitable denial of service vulnerability exists in the web ...)
+CVE-2017-14435
 	NOT-FOR-US: Moxa
-CVE-2017-14434 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-14434
 	NOT-FOR-US: Moxa
-CVE-2017-14433 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-14433
 	NOT-FOR-US: Moxa
-CVE-2017-14432 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-14432
 	NOT-FOR-US: Moxa
-CVE-2017-14430 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14430
 	NOT-FOR-US: D-Link
-CVE-2017-14429 (The DHCP client on D-Link DIR-850L REV. A (with firmware through ...)
+CVE-2017-14429
 	NOT-FOR-US: D-Link
-CVE-2017-14428 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14428
 	NOT-FOR-US: D-Link
-CVE-2017-14427 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14427
 	NOT-FOR-US: D-Link
-CVE-2017-14426 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14426
 	NOT-FOR-US: D-Link
-CVE-2017-14425 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14425
 	NOT-FOR-US: D-Link
-CVE-2017-14424 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14424
 	NOT-FOR-US: D-Link
-CVE-2017-14423 (htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with ...)
+CVE-2017-14423
 	NOT-FOR-US: D-Link
-CVE-2017-14422 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14422
 	NOT-FOR-US: D-Link
-CVE-2017-14421 (D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have ...)
+CVE-2017-14421
 	NOT-FOR-US: D-Link
-CVE-2017-14420 (The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with ...)
+CVE-2017-14420
 	NOT-FOR-US: D-Link
-CVE-2017-14419 (The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with ...)
+CVE-2017-14419
 	NOT-FOR-US: D-Link
-CVE-2017-14418 (The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L ...)
+CVE-2017-14418
 	NOT-FOR-US: D-Link
-CVE-2017-14417 (register_send.php on D-Link DIR-850L REV. B (with firmware through ...)
+CVE-2017-14417
 	NOT-FOR-US: D-Link
-CVE-2017-14416 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14416
 	NOT-FOR-US: D-Link
-CVE-2017-14415 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14415
 	NOT-FOR-US: D-Link
-CVE-2017-14414 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14414
 	NOT-FOR-US: D-Link
-CVE-2017-14413 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
+CVE-2017-14413
 	NOT-FOR-US: D-Link
-CVE-2017-14412 (An invalid memory write was discovered in copy_mp in interface.c in ...)
+CVE-2017-14412
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-invalid-memory-write-in-copy_mp-mpglibdblinterface-c/
-CVE-2017-14411 (A stack-based buffer overflow was discovered in copy_mp in interface.c ...)
+CVE-2017-14411
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-copy_mp-mpglibdblinterface-c/
-CVE-2017-14410 (A buffer over-read was discovered in III_i_stereo in layer3.c in ...)
+CVE-2017-14410
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-global-buffer-overflow-in-iii_i_stereo-mpglibdbllayer3-c/
-CVE-2017-14409 (A buffer overflow was discovered in III_dequantize_sample in layer3.c ...)
+CVE-2017-14409
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-global-buffer-overflow-in-iii_dequantize_sample-mpglibdbllayer3-c/
-CVE-2017-14408 (A stack-based buffer over-read was discovered in dct36 in layer3.c in ...)
+CVE-2017-14408
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-dct36-mpglibdbllayer3-c/
-CVE-2017-14407 (A stack-based buffer over-read was discovered in filterYule in ...)
+CVE-2017-14407
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-filteryule-gain_analysis-c/
-CVE-2017-14406 (A NULL pointer dereference was discovered in sync_buffer in interface.c ...)
+CVE-2017-14406
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-null-pointer-dereference-in-sync_buffer-mpglibdblinterface-c/
-CVE-2017-14405 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote ...)
+CVE-2017-14405
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14404 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file ...)
+CVE-2017-14404
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14403 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection ...)
+CVE-2017-14403
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14402 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection ...)
+CVE-2017-14402
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14401 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection ...)
+CVE-2017-14401
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14400 (In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in ...)
+CVE-2017-14400
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878546)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -11958,13 +11956,13 @@ CVE-2017-14400 (In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in ..
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/746
 	NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/04b863f15effa4375e4ee42f413f0246062b48af
 	NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/44a55580ac8c01d8cff1e6e0063820af113f8591
-CVE-2017-14399 (In BlackCat CMS 1.2.2, unrestricted file upload is possible in ...)
+CVE-2017-14399
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-14398 (rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and ...)
+CVE-2017-14398
 	NOT-FOR-US: Razer Synapse
-CVE-2017-14397 (AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. ...)
+CVE-2017-14397
 	NOT-FOR-US: AnyDesk
-CVE-2017-14396 (In osTicket before 1.10.1, SQL injection is possible by constructing ...)
+CVE-2017-14396
 	NOT-FOR-US: osTicket
 CVE-2017-14395
 	RESERVED
@@ -11976,49 +11974,49 @@ CVE-2017-14392
 	REJECTED
 CVE-2017-14391
 	REJECTED
-CVE-2017-14390 (In Cloud Foundry Foundation cf-deployment v0.35.0, a misconfiguration ...)
+CVE-2017-14390
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-14389 (An issue was discovered in Cloud Foundry Foundation capi-release (all ...)
+CVE-2017-14389
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-14388 (Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 ...)
+CVE-2017-14388
 	NOT-FOR-US: Cloud Foundry Foundation GrootFS
-CVE-2017-14387 (The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and ...)
+CVE-2017-14387
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2017-14386 (The web user interface of Dell 2335dn and 2355dn Multifunction Laser ...)
+CVE-2017-14386
 	NOT-FOR-US: Dell
-CVE-2017-14385 (An issue was discovered in EMC Data Domain DD OS 5.7 family, versions ...)
+CVE-2017-14385
 	NOT-FOR-US: EMC Data Domain DD OS
-CVE-2017-14384 (In Dell Storage Manager versions earlier than 16.3.20, the ...)
+CVE-2017-14384
 	NOT-FOR-US: EMConfigMigration service
-CVE-2017-14383 (In Dell EMC VNX2 versions prior to Operating Environment for File ...)
+CVE-2017-14383
 	NOT-FOR-US: EMC VNX
 CVE-2017-14382
 	REJECTED
 CVE-2017-14381
 	REJECTED
-CVE-2017-14380 (In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, ...)
+CVE-2017-14380
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2017-14379 (EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site ...)
+CVE-2017-14379
 	NOT-FOR-US: EMC RSA
-CVE-2017-14378 (EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent ...)
+CVE-2017-14378
 	NOT-FOR-US: EMC RSA
-CVE-2017-14377 (EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and ...)
+CVE-2017-14377
 	NOT-FOR-US: EMC RSA
-CVE-2017-14376 (EMC AppSync Server prior to 3.5.0.1 contains database accounts with ...)
+CVE-2017-14376
 	NOT-FOR-US: EMC AppSync Server
-CVE-2017-14375 (EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to ...)
+CVE-2017-14375
 	NOT-FOR-US: EMC
-CVE-2017-14374 (The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 ...)
+CVE-2017-14374
 	NOT-FOR-US: Dell
-CVE-2017-14373 (EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains a ...)
+CVE-2017-14373
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2017-14372 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected ...)
+CVE-2017-14372
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-14371 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected ...)
+CVE-2017-14371
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-14370 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored ...)
+CVE-2017-14370
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-14369 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege ...)
+CVE-2017-14369
 	NOT-FOR-US: RSA Archer GRC Platform
 CVE-2017-14368
 	RESERVED
@@ -12030,53 +12028,53 @@ CVE-2017-14365
 	RESERVED
 CVE-2017-14364
 	RESERVED
-CVE-2017-14363 (Cross-Site Scripting (XSS) vulnerability has been identified in Micro ...)
+CVE-2017-14363
 	NOT-FOR-US: Micro Focus Operations Manager
-CVE-2017-14362 (Cross-Site Request Forgery vulnerability in Micro Focus Project and ...)
+CVE-2017-14362
 	NOT-FOR-US: Micro Focus Project and Portfolio Management Center
-CVE-2017-14361 (Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio ...)
+CVE-2017-14361
 	NOT-FOR-US: Micro Focus Project and Portfolio Management Center
-CVE-2017-14360 (A potential security vulnerability has been identified in HPE Content ...)
+CVE-2017-14360
 	NOT-FOR-US: HPE
-CVE-2017-14359 (A potential security vulnerability has been identified in HPE ...)
+CVE-2017-14359
 	NOT-FOR-US: HPE Performance Center
-CVE-2017-14358 (A URL redirection to untrusted site vulnerability in HP ArcSight ESM ...)
+CVE-2017-14358
 	NOT-FOR-US: HP ArcSight
-CVE-2017-14357 (A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ...)
+CVE-2017-14357
 	NOT-FOR-US: HP ArcSight
-CVE-2017-14356 (An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM ...)
+CVE-2017-14356
 	NOT-FOR-US: HP ArcSight
-CVE-2017-14355 (A potential security vulnerability has been identified in HPE ...)
+CVE-2017-14355
 	NOT-FOR-US: HPE Connected Backup
-CVE-2017-14354 (A remote cross-site scripting vulnerability in HP UCMDB Foundation ...)
+CVE-2017-14354
 	NOT-FOR-US: HP UCMDB Foundation
-CVE-2017-14353 (A remote code execution vulnerability in HP UCMDB Foundation Software ...)
+CVE-2017-14353
 	NOT-FOR-US: HP UCMDB Foundation
-CVE-2017-14352 (A potential security vulnerability has been identified in HP UCMDB ...)
+CVE-2017-14352
 	NOT-FOR-US: HP
-CVE-2017-14351 (A potential security vulnerability has been identified in HP UCMDB ...)
+CVE-2017-14351
 	NOT-FOR-US: HP
-CVE-2017-14350 (A potential security vulnerability has been identified in HPE ...)
+CVE-2017-14350
 	NOT-FOR-US: HP
-CVE-2017-14349 (An authentication vulnerability in HPE SiteScope product versions ...)
+CVE-2017-14349
 	NOT-FOR-US: HP
-CVE-2017-14347 (NexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter to ...)
+CVE-2017-14347
 	NOT-FOR-US: NexusPHP
-CVE-2017-14346 (upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file ...)
+CVE-2017-14346
 	NOT-FOR-US: tianchoy/blog
-CVE-2017-14345 (SQL Injection exists in tianchoy/blog through 2017-09-12 via the id ...)
+CVE-2017-14345
 	NOT-FOR-US: tianchoy/blog
-CVE-2017-14344 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2017-14344
 	NOT-FOR-US: Jungo WinDriver
-CVE-2017-14343 (ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in ...)
+CVE-2017-14343
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/649
-CVE-2017-14342 (ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ...)
+CVE-2017-14342
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/650
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e378ea8fb99e869768f34e900105e8c769adfcd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6d5b22baedd49ef8a35011789bd600762ce1ef21
-CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in ...)
+CVE-2017-14341
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #876105)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -12084,190 +12082,190 @@ CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGIma
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/654
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4
-CVE-2017-14348 (LibRaw before 0.18.4 has a heap-based Buffer Overflow in the ...)
+CVE-2017-14348
 	- libraw 0.18.5-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
 	[wheezy] - libraw <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/LibRaw/LibRaw/issues/100
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8303e74b0567806dd5f16fc39aab70fe928de1a2
-CVE-2017-14340 (The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux ...)
+CVE-2017-14340
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b31ff3cdf540110da4572e3e29bd172087af65cc
-CVE-2017-14339 (The DNS packet parser in YADIFA before 2.2.6 does not check for the ...)
+CVE-2017-14339
 	{DSA-4001-1}
 	- yadifa 2.2.6-1 (bug #876315)
 	NOTE: https://www.tarlogic.com/blog/fuzzing-yadifa-dns/
 	NOTE: https://github.com/yadifa/yadifa/blob/v2.2.6/ChangeLog
 CVE-2017-14338
 	RESERVED
-CVE-2017-14337 (When MISP before 2.4.80 is configured with X.509 certificate ...)
+CVE-2017-14337
 	NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
 CVE-2017-14336
 	RESERVED
-CVE-2017-14335 (On Beijing Hanbang Hanbanggaoke devices, because user-controlled input ...)
+CVE-2017-14335
 	NOT-FOR-US: Beijing Hanbang Hanbanggaoke devices
 CVE-2017-14334
 	RESERVED
-CVE-2017-14333 (The process_version_sections function in readelf.c in GNU Binutils 2.29 ...)
+CVE-2017-14333
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21990
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=452bf675ea772002aa86fb1d28f3474da70ee1de
-CVE-2017-14332 (Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to ...)
+CVE-2017-14332
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14331 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the ...)
+CVE-2017-14331
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14330 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a ...)
+CVE-2017-14330
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14329 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a ...)
+CVE-2017-14329
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14328 (Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to ...)
+CVE-2017-14328
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14327 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read ...)
+CVE-2017-14327
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14326 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-14326
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/740
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/dfefe8de5068a547ae4097c69456f02f93935164
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a542c9f9a53327b623333150874d4e5a5b3bcbd0
-CVE-2017-14325 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-14325
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/741
-CVE-2017-14324 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in ...)
+CVE-2017-14324
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/739
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/399631650b38eaf21c2f3c306b8b74e66be6a0d2
-CVE-2017-14323 (SSRF (Server Side Request Forgery) in getRemoteImage.php in Ueditor in ...)
+CVE-2017-14323
 	NOT-FOR-US: Onethink
-CVE-2017-14322 (The function in charge to check whether the user is already logged in ...)
+CVE-2017-14322
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2017-14321 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2017-14321
 	NOT-FOR-US: Mirasvit Helpdesk MX
-CVE-2017-14320 (Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to ...)
+CVE-2017-14320
 	NOT-FOR-US: Mirasvit Helpdesk MX
-CVE-2017-14319 (A grant unmapping issue was discovered in Xen through 4.9.x. When ...)
+CVE-2017-14319
 	{DSA-4050-1 DLA-1549-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-234.html
-CVE-2017-14318 (An issue was discovered in Xen 4.5.x through 4.9.x. The function ...)
+CVE-2017-14318
 	{DSA-4050-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-232.html
 	NOTE: Wheezy will be affected with the upcoming grant table backport
-CVE-2017-14317 (A domain cleanup issue was discovered in the C xenstore daemon (aka ...)
+CVE-2017-14317
 	{DSA-4050-1 DLA-1549-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-233.html
-CVE-2017-14316 (A parameter verification issue was discovered in Xen through 4.9.x. The ...)
+CVE-2017-14316
 	{DSA-4050-1 DLA-1549-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-231.html
-CVE-2017-14315 (In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation ...)
+CVE-2017-14315
 	NOT-FOR-US: Apple
-CVE-2017-14314 (Off-by-one error in the DrawImage function in magick/render.c in ...)
+CVE-2017-14314
 	{DSA-4321-1 DLA-1401-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-10
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/2835184bfb78
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/448/
-CVE-2017-14312 (Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root ...)
+CVE-2017-14312
 	- nagios3 <not-affected> (Doesn't affect Nagios as packaged in Debian)
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/424
 	NOTE: State is not fully correct, since "affected" source would be there.
-CVE-2017-15596 (An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest ...)
+CVE-2017-15596
 	{DSA-3969-1}
 	- xen 4.8.1-1+deb9u3
 	[wheezy] - xen <not-affected> (No arm support in Wheezy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-235.html
-CVE-2017-14311 (The Winring0x32.sys driver in NetMechanica NetDecision 5.8.2 allows ...)
+CVE-2017-14311
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2017-14310 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14310
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14309 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14309
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14308 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14308
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14307 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14307
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14306 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14306
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14305 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14305
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14304 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14304
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14303 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14303
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14302 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...)
+CVE-2017-14302
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14301 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14301
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14300 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14300
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14299 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14299
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14298 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14298
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14297 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14297
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14296 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14296
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14295 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14295
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14294 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14294
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14293 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14293
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14292 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14292
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14291 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14291
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14290 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14290
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14289 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14289
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14288 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14288
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14287 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14287
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14286 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
+CVE-2017-14286
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14285 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14285
 	NOT-FOR-US: XnView
-CVE-2017-14284 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14284
 	NOT-FOR-US: XnView
-CVE-2017-14283 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14283
 	NOT-FOR-US: XnView
-CVE-2017-14282 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14282
 	NOT-FOR-US: XnView
-CVE-2017-14281 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14281
 	NOT-FOR-US: XnView
-CVE-2017-14280 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14280
 	NOT-FOR-US: XnView
-CVE-2017-14279 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14279
 	NOT-FOR-US: XnView
-CVE-2017-14278 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14278
 	NOT-FOR-US: XnView
-CVE-2017-14277 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14277
 	NOT-FOR-US: XnView
-CVE-2017-14276 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...)
+CVE-2017-14276
 	NOT-FOR-US: XnView
-CVE-2017-14275 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-14275
 	NOT-FOR-US: XnView
-CVE-2017-14274 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-14274
 	NOT-FOR-US: XnView
-CVE-2017-14273 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-14273
 	NOT-FOR-US: XnView
-CVE-2017-14272 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-14272
 	NOT-FOR-US: XnView
-CVE-2017-14271 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-14271
 	NOT-FOR-US: XnView
-CVE-2017-14270 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-14270
 	NOT-FOR-US: XnView
-CVE-2017-14482 (GNU Emacs before 25.3 allows remote attackers to execute arbitrary code ...)
+CVE-2017-14482
 	{DSA-3975-1 DSA-3970-1 DLA-1101-1}
 	- emacs25 25.2+1-6 (bug #875447)
 	- emacs24 <removed> (bug #875448)
@@ -12275,18 +12273,18 @@ CVE-2017-14482 (GNU Emacs before 25.3 allows remote attackers to execute arbitra
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/11/1
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350
 	NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70
-CVE-2017-14313 (The shibboleth_login_form function in shibboleth.php in the Shibboleth ...)
+CVE-2017-14313
 	{DSA-3973-1 DLA-1096-1}
 	- wordpress-shibboleth 1.8-1 (bug #874416)
 	NOTE: https://github.com/michaelryanmcneill/shibboleth/commit/1d65ad6786282d23ba1865f56e2fd19188e7c26a
 	NOTE: https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/
-CVE-2017-14269 (EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote ...)
+CVE-2017-14269
 	NOT-FOR-US: EE 4GEE WiFi MBB
-CVE-2017-14268 (EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the ...)
+CVE-2017-14268
 	NOT-FOR-US: EE 4GEE WiFi MBB
-CVE-2017-14267 (EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related ...)
+CVE-2017-14267
 	NOT-FOR-US: EE 4GEE WiFi MBB
-CVE-2017-14266 (tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow ...)
+CVE-2017-14266
 	- tcpreplay 3.4.4-3
 	[jessie] - tcpreplay 3.4.4-2+deb8u1
 	[wheezy] - tcpreplay 3.4.3-2+wheezy2
@@ -12294,7 +12292,7 @@ CVE-2017-14266 (tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow .
 	NOTE: Not a duplicate of CVE-2016-6160 the detailed MITRE description, but both issues
 	NOTE: are addressed with the same patch:
 	NOTE: Patch enforce-maxpacket.patch addresses the issue
-CVE-2017-14265 (A Stack-based Buffer Overflow was discovered in xtrans_interpolate in ...)
+CVE-2017-14265
 	- libraw 0.18.5-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
@@ -12303,19 +12301,19 @@ CVE-2017-14265 (A Stack-based Buffer Overflow was discovered in xtrans_interpola
 	NOTE: https://github.com/LibRaw/LibRaw/commit/82616eff4c7f7437e96bdeeed238c3ef3dc12d60
 CVE-2017-14264
 	RESERVED
-CVE-2017-14263 (Honeywell NVR devices allow remote attackers to create a user account ...)
+CVE-2017-14263
 	NOT-FOR-US: Honeywell
-CVE-2017-14262 (On Samsung NVR devices, remote attackers can read the MD5 password hash ...)
+CVE-2017-14262
 	NOT-FOR-US: Samsung
-CVE-2017-14261 (In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in ...)
+CVE-2017-14261
 	NOT-FOR-US: Bento4
-CVE-2017-14260 (In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in ...)
+CVE-2017-14260
 	NOT-FOR-US: Bento4
-CVE-2017-14259 (In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in ...)
+CVE-2017-14259
 	NOT-FOR-US: Bento4
-CVE-2017-14258 (In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file ...)
+CVE-2017-14258
 	NOT-FOR-US: Bento4
-CVE-2017-14257 (In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in ...)
+CVE-2017-14257
 	NOT-FOR-US: Bento4
 CVE-2017-14256
 	RESERVED
@@ -12325,14 +12323,14 @@ CVE-2017-14254
 	RESERVED
 CVE-2017-14253
 	RESERVED
-CVE-2017-14252 (SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) ...)
+CVE-2017-14252
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14251 (Unrestricted File Upload vulnerability in the fileDenyPattern in ...)
+CVE-2017-14251
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
-CVE-2017-14250 (In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with ...)
+CVE-2017-14250
 	NOT-FOR-US: TP-LINK Router
-CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in ...)
+CVE-2017-14249
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #876099)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -12340,43 +12338,43 @@ CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/708
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2071d67ebf729f76d73c33c1152df4816d1d79ac
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/66112b7a7b64f688efe6fec53a829874a74dea04
-CVE-2017-14248 (A heap-based buffer over-read in SampleImage() in MagickCore/resize.c ...)
+CVE-2017-14248
 	- imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/717
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c5402b6e0fcf8b694ae2af6a6652ebb8ce0ccf46
-CVE-2017-14247 (SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) ...)
+CVE-2017-14247
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14246 (An out of bounds read in the function d2ulaw_array() in ulaw.c of ...)
+CVE-2017-14246
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #876682)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/317
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-14245 (An out of bounds read in the function d2alaw_array() in alaw.c of ...)
+CVE-2017-14245
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #876682)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/317
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-14244 (An authentication bypass vulnerability on iBall Baton ADSL2+ Home ...)
+CVE-2017-14244
 	NOT-FOR-US: iBall
-CVE-2017-14243 (An authentication bypass vulnerability on UTStar WA3002G4 ADSL ...)
+CVE-2017-14243
 	NOT-FOR-US: UTStar
-CVE-2017-14242 (SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 ...)
+CVE-2017-14242
 	- dolibarr <removed> (bug #885319)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/33e2179b65331d9d9179b59d746817c5be1fecdb
-CVE-2017-14241 (Cross-site scripting (XSS) vulnerability in Dolibarr ERP/CRM 6.0.0 ...)
+CVE-2017-14241
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
-CVE-2017-14240 (There is a sensitive information disclosure vulnerability in ...)
+CVE-2017-14240
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
-CVE-2017-14239 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM ...)
+CVE-2017-14239
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
-CVE-2017-14238 (SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM ...)
+CVE-2017-14238
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
 CVE-2017-14237
@@ -12391,25 +12389,25 @@ CVE-2017-14233
 	RESERVED
 CVE-2017-14232
 	RESERVED
-CVE-2017-14231 (GeniXCMS before 1.1.0 allows remote attackers to cause a denial of ...)
+CVE-2017-14231
 	NOT-FOR-US: GenixCMS
-CVE-2017-14230 (In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP ...)
+CVE-2017-14230
 	- cyrus-imapd <not-affected> (Vulnerable code introduced later)
 	- cyrus-imapd-2.4 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/cyrusimap/cyrus-imapd/commit/6bd33275368edfa71ae117de895488584678ac79
 	NOTE: Introduced by: https://github.com/cyrusimap/cyrus-imapd/commit/1fe918087237f55e09a37fa414bf988873739021 (cyrus-imapd-3.0.0-beta1)
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/issues/2132
-CVE-2017-14229 (There is an infinite loop in the jpc_dec_tileinit function in ...)
+CVE-2017-14229
 	- jasper <removed>
 	[jessie] - jasper <ignored> (Minor issue)
 	[wheezy] - jasper <ignored> (Minor issue)
 	NOTE: https://github.com/mdadams/jasper/issues/146
 	NOTE: Possible false-positive, cf. https://github.com/mdadams/jasper/issues/146#issuecomment-330674648
-CVE-2017-14228 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...)
+CVE-2017-14228
 	- nasm 2.13.02-0.1 (unimportant; bug #874731)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392423
 	NOTE: Crash in CLI tool, no securiy impact
-CVE-2017-14227 (In MongoDB libbson 1.7.0, the bson_iter_codewscope function in ...)
+CVE-2017-14227
 	- libbson 1.8.0-1 (bug #874754)
 	[stretch] - libbson <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489355
@@ -12423,7 +12421,7 @@ CVE-2017-14227 (In MongoDB libbson 1.7.0, the bson_iter_codewscope function in .
 	NOTE: type is present in earlier versions.
 	NOTE: Upstream issue: https://jira.mongodb.org/browse/CDRIVER-2269
 	NOTE: Fixed by: https://github.com/mongodb/libbson/commit/42900956dc461dfe7fb91d93361d10737c1602b3
-CVE-2017-14226 (WP1StylesListener.cpp, WP5StylesListener.cpp, and ...)
+CVE-2017-14226
 	- libwpd 0.10.2-1 (bug #876001)
 	[stretch] - libwpd 0.10.1-5+deb9u1
 	[jessie] - libwpd 0.10.0-2+deb8u1
@@ -12431,24 +12429,24 @@ CVE-2017-14226 (WP1StylesListener.cpp, WP5StylesListener.cpp, and ...)
 	NOTE: https://bugs.documentfoundation.org/show_bug.cgi?id=112269
 	NOTE: https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/
 	NOTE: https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/
-CVE-2017-14225 (The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg ...)
+CVE-2017-14225
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/837cb4325b712ff1aab531bf41668933f61d75d2
-CVE-2017-14224 (A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ...)
+CVE-2017-14224
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #876097)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/733
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7f2d6fe34d695d3445e2d50937db5541a1b76bde
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c6409227c430f114b6425337e64b848535b62e0b
-CVE-2017-14223 (In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in ...)
+CVE-2017-14223
 	{DSA-3996-1 DLA-1654-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/afc9c683ed9db01edb357bc8c19edad4282b3a97
-CVE-2017-14222 (In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack ...)
+CVE-2017-14222
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
@@ -12458,7 +12456,7 @@ CVE-2017-14221
 	RESERVED
 CVE-2017-14220
 	RESERVED
-CVE-2017-14219 (XSS (persistent) on the Intelbras Wireless N 150Mbps router with ...)
+CVE-2017-14219
 	NOT-FOR-US: Intelbras Wireless N 150Mbps router
 CVE-2017-14218
 	RESERVED
@@ -12500,66 +12498,66 @@ CVE-2017-14200
 	RESERVED
 CVE-2017-14199
 	RESERVED
-CVE-2017-14198 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before ...)
+CVE-2017-14198
 	NOT-FOR-US: Squiz Matrix
-CVE-2017-14197 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before ...)
+CVE-2017-14197
 	NOT-FOR-US: Squiz Matrix
-CVE-2017-14196 (An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and ...)
+CVE-2017-14196
 	NOT-FOR-US: Squiz Matrix
-CVE-2017-14195 (The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 ...)
+CVE-2017-14195
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14194 (The out function in controllers/member/Login.php in dayrui FineCms ...)
+CVE-2017-14194
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14193 (The oauth function in controllers/member/api.php in dayrui FineCms ...)
+CVE-2017-14193
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14192 (The checktitle function in controllers/member/api.php in dayrui FineCms ...)
+CVE-2017-14192
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14191 (An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 ...)
+CVE-2017-14191
 	NOT-FOR-US: Fortinet
-CVE-2017-14190 (A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to ...)
+CVE-2017-14190
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-14189 (An improper access control vulnerability in Fortinet FortiWebManager ...)
+CVE-2017-14189
 	NOT-FOR-US: Fortinet
 CVE-2017-14188
 	RESERVED
-CVE-2017-14187 (A local privilege escalation and local code execution vulnerability in ...)
+CVE-2017-14187
 	NOT-FOR-US: Fortinet
-CVE-2017-14186 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 5.6.0 ...)
+CVE-2017-14186
 	NOT-FOR-US: Fortinet
-CVE-2017-14185 (An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to ...)
+CVE-2017-14185
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-14184 (An Information Disclosure vulnerability in Fortinet FortiClient for ...)
+CVE-2017-14184
 	NOT-FOR-US: Fortinet
 CVE-2017-14183
 	RESERVED
-CVE-2017-14182 (A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to ...)
+CVE-2017-14182
 	NOT-FOR-US: Fortinet
-CVE-2017-14180 (Apport 2.13 through 2.20.7 does not properly handle crashes ...)
+CVE-2017-14180
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2017-14179 (Apport before 2.13 does not properly handle crashes originating from a ...)
+CVE-2017-14179
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2017-14178 (In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to ...)
+CVE-2017-14178
 	- snapd 2.30-1
 	[stretch] - snapd <not-affected> (Issue introduced in 2.27)
 	NOTE: https://launchpad.net/bugs/1730255
-CVE-2017-14177 (Apport through 2.20.7 does not properly handle core dumps from setuid ...)
+CVE-2017-14177
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2017-14181 (DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 ...)
+CVE-2017-14181
 	NOT-FOR-US: aacplusenc
-CVE-2017-14175 (In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due ...)
+CVE-2017-14175
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875502)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/712
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b8c63b156bf26b52e710b1a0643c846a6cd01e56
-CVE-2017-14174 (In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ...)
+CVE-2017-14174
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875503)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -12567,31 +12565,31 @@ CVE-2017-14174 (In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ...)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/714
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64
-CVE-2017-14173 (In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, ...)
+CVE-2017-14173
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875504)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/713
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/48bcf7c39302cdf9b0d9202ad03bf1b95152c44d
-CVE-2017-14172 (In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due ...)
+CVE-2017-14172
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875506)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/715
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8598a497e2d1f556a34458cf54b40ba40674734c
-CVE-2017-14171 (In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in ...)
+CVE-2017-14171
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c24bcb553650b91e9eff15ef6e54ca73de2453b7
-CVE-2017-14170 (In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in ...)
+CVE-2017-14170
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2
-CVE-2017-14169 (In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg ...)
+CVE-2017-14169
 	{DSA-3996-1 DLA-1654-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
@@ -12600,30 +12598,30 @@ CVE-2017-14169 (In the mxf_read_primer_pack function in libavformat/mxfdec.c in
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad
 CVE-2017-14168
 	RESERVED
-CVE-2017-14167 (Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...)
+CVE-2017-14167
 	{DSA-3991-1 DLA-1497-1 DLA-1129-1 DLA-1128-1}
 	- qemu 1:2.10.0-1 (bug #874606)
 	- qemu-kvm <removed>
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489375
-CVE-2017-14163 (An issue was discovered in Mahara before 15.04.14, 16.x before ...)
+CVE-2017-14163
 	- mahara <removed>
 CVE-2017-14162
 	RESERVED
 CVE-2017-14161
 	RESERVED
-CVE-2017-14166 (libarchive 3.3.2 allows remote attackers to cause a denial of service ...)
+CVE-2017-14166
 	{DSA-4360-1 DLA-1600-1 DLA-1092-1}
 	- libarchive 3.2.2-3.1 (bug #874539)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/5
 	NOTE: https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
 	NOTE: https://github.com/libarchive/libarchive/issues/935
-CVE-2017-14165 (The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has ...)
+CVE-2017-14165
 	- graphicsmagick 1.3.26-9 (unimportant; bug #874724)
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/493da54370aa
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/4
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/442/
-CVE-2017-14160 (The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 ...)
+CVE-2017-14160
 	- libvorbis 1.3.6-2 (bug #876780)
 	[stretch] - libvorbis <no-dsa> (Minor issue)
 	[jessie] - libvorbis <no-dsa> (Minor issue)
@@ -12632,34 +12630,34 @@ CVE-2017-14160 (The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/3
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2330
 	NOTE: Upstream fix: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
-CVE-2017-14176 (Bazaar through 2.7.0, when Subprocess SSH is used, allows remote ...)
+CVE-2017-14176
 	{DSA-4052-1 DLA-1107-1}
 	- bzr 2.7.0+bzr6622-7 (bug #874429)
 	- breezy 3.0.0~bzr6772-1
 	NOTE: https://bugs.launchpad.net/bzr/+bug/1710979
-CVE-2017-14159 (slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping ...)
+CVE-2017-14159
 	- openldap <unfixed> (unimportant)
 	NOTE: http://www.openldap.org/its/index.cgi?findid=8703
 	NOTE: Negligible security impact, but filed #877512
-CVE-2017-14158 (Scrapy 1.4 allows remote attackers to cause a denial of service (memory ...)
+CVE-2017-14158
 	- python-scrapy <unfixed> (unimportant; bug #875947)
 	NOTE: http://blog.csdn.net/wangtua/article/details/75228728
 	NOTE: https://github.com/scrapy/scrapy/issues/482
 	NOTE: Negligable security impact
 CVE-2017-14157
 	RESERVED
-CVE-2017-14156 (The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the ...)
+CVE-2017-14156
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1 (low)
 CVE-2017-14155
 	RESERVED
 CVE-2017-14154
 	RESERVED
-CVE-2017-14153 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2017-14153
 	NOT-FOR-US: Jungo WinDriver
-CVE-2017-14164 (A size-validation issue was discovered in opj_j2k_write_sot in ...)
+CVE-2017-14164
 	- openjpeg2 <not-affected> (Incomplete fix for CVE-2017-14152 not applied)
-CVE-2017-14152 (A mishandled zero case was discovered in opj_j2k_set_cinema_parameters ...)
+CVE-2017-14152
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874431)
 	NOTE: https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c/
@@ -12669,25 +12667,25 @@ CVE-2017-14152 (A mishandled zero case was discovered in opj_j2k_set_cinema_para
 	NOTE: commit:
 	NOTE: https://github.com/uclouvain/openjpeg/commit/dcac91b8c72f743bda7dbfa9032356bc8110098a
 	NOTE: to not make openjpeg2 vulnerable to CVE-2017-14164.
-CVE-2017-14151 (An off-by-one error was discovered in ...)
+CVE-2017-14151
 	- openjpeg2 2.3.0-1 (bug #874430)
 	[stretch] - openjpeg2 2.1.2-1.1+deb9u2
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, see #874430)
 	NOTE: https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/
 	NOTE: https://github.com/uclouvain/openjpeg/commit/afb308b9ccbe129608c9205cf3bb39bbefad90b9
 	NOTE: https://github.com/uclouvain/openjpeg/issues/982
-CVE-2017-1000254 (libcurl may read outside of a heap allocated buffer when doing FTP. ...)
+CVE-2017-1000254
 	{DSA-3992-1 DLA-1121-1}
 	- curl 7.56.1-1 (bug #877671)
 	NOTE: https://curl.haxx.se/docs/adv_20171004.html
 	NOTE: Patch: https://curl.haxx.se/CVE-2017-1000254.patch
 	NOTE: Introduced by: https://github.com/curl/curl/commit/415d2e7cb7
 	NOTE: Upstream fix: https://github.com/curl/curl/commit/5ff2c5ff25750aba1a8f64fbcad8e5b891512584
-CVE-2017-1000253 (Linux distributions that have not patched their long-term kernels with ...)
+CVE-2017-1000253
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.7-ckt11-1
 	[wheezy] - linux 3.2.71-1
-CVE-2017-1000252 (The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS ...)
+CVE-2017-1000252
 	- linux 4.12.13-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -12695,18 +12693,18 @@ CVE-2017-1000252 (The KVM subsystem in the Linux kernel through 4.13.3 allows gu
 	NOTE: Fixed by: https://git.kernel.org/linus/3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb (v4.14-rc1)
 	NOTE: https://marc.info/?l=kvm&m=150549145711115&w=2
 	NOTE: https://marc.info/?l=kvm&m=150549146311117&w=2
-CVE-2017-1000251 (The native Bluetooth stack in the Linux Kernel (BlueZ), starting at ...)
+CVE-2017-1000251
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1 (bug #875881)
 	NOTE: Fixed by: https://git.kernel.org/linus/e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3
 	NOTE: https://www.armis.com/blueborne/
 	NOTE: https://access.redhat.com/security/vulnerabilities/blueborne
-CVE-2017-1000250 (All versions of the SDP server in BlueZ 5.46 and earlier are ...)
+CVE-2017-1000250
 	{DSA-3972-1 DLA-1103-1}
 	- bluez 5.46-1 (bug #875633)
 	NOTE: https://www.armis.com/blueborne/
 	NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=9e009647b14e810e06626dde7f1bb9ea3c375d09
-CVE-2017-1000249 (An issue in file() was introduced in commit ...)
+CVE-2017-1000249
 	{DSA-3965-1}
 	- file 1:5.32-1
 	[jessie] - file <not-affected> (Vulnerable code introduced later)
@@ -12715,56 +12713,56 @@ CVE-2017-1000249 (An issue in file() was introduced in commit ...)
 	NOTE: Introduced by: https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d1
 CVE-2017-14150
 	RESERVED
-CVE-2017-14149 (GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the ...)
+CVE-2017-14149
 	NOT-FOR-US: GoAhead
 CVE-2017-14148
 	RESERVED
-CVE-2017-14147 (An issue was discovered on FiberHome User End Routers Bearing Model ...)
+CVE-2017-14147
 	NOT-FOR-US: FiberHome
-CVE-2017-14146 (HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary ...)
+CVE-2017-14146
 	NOT-FOR-US: HelpDEZk
-CVE-2017-14145 (HelpDEZk 1.1.1 has SQL Injection in ...)
+CVE-2017-14145
 	NOT-FOR-US: HelpDEZk
 CVE-2017-14144
 	RESERVED
-CVE-2017-14143 (The getUserzoneCookie function in Kaltura before 13.2.0 uses a ...)
+CVE-2017-14143
 	NOT-FOR-US: Kaltura
-CVE-2017-14142 (Multiple cross-site scripting (XSS) vulnerabilities in Kaltura before ...)
+CVE-2017-14142
 	NOT-FOR-US: Kaltura
-CVE-2017-14141 (The wiki_decode Developer System Helper function in the admin panel in ...)
+CVE-2017-14141
 	NOT-FOR-US: Kaltura
-CVE-2017-14140 (The move_pages system call in mm/migrate.c in the Linux kernel before ...)
+CVE-2017-14140
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.12-1
 	NOTE: Fixed by: https://git.kernel.org/linus/197e7e521384a23b9e585178f3f11c9fa08274b9
-CVE-2017-14139 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in ...)
+CVE-2017-14139
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/578
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/955bd1008a5371bbd1b8db0a1e41e333ebfc63ef
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dbe0008c6fa225d01085ca86f3e425c306ee6240
 	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/d426a1dc84cfdafdac67bdb2a1ecc6e1798053e6
 	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/0dfce0579c881245e495aa2d8d114e63b96a860e
-CVE-2017-14138 (ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in ...)
+CVE-2017-14138
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/639
-CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue ...)
+CVE-2017-14137
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/641
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb63560ba25e4a6c51ab282538c24877fff7d471
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cfc2bd4c87481d4cf60308cc6ffd3c61288ff004
 	NOTE: ImageMagick in Debian not compiled with webp support (--with-webp=yes)
-CVE-2017-14136 (OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds ...)
+CVE-2017-14136
 	- opencv <not-affected> (Incomplete patch never shipped)
 	NOTE: https://github.com/opencv/opencv/issues/9443
 	NOTE: https://github.com/opencv/opencv/pull/9448
-CVE-2017-14135 (enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the ...)
+CVE-2017-14135
 	NOT-FOR-US: webadmin plugin for opendreambox
-CVE-2017-14134 (A Reflected XSS Vulnerability affects the forgotten password page of ...)
+CVE-2017-14134
 	NOT-FOR-US: Maplesoft Maple
 CVE-2017-14133
 	RESERVED
-CVE-2017-14132 (JasPer 2.0.13 allows remote attackers to cause a denial of service ...)
+CVE-2017-14132
 	{DLA-1583-1}
 	- jasper <removed> (low)
 	[wheezy] - jasper <ignored> (Minor issue)
@@ -12772,63 +12770,63 @@ CVE-2017-14132 (JasPer 2.0.13 allows remote attackers to cause a denial of servi
 	NOTE: The suggested fix by thoger addresses the reported issue.
 CVE-2017-14131
 	RESERVED
-CVE-2017-14130 (The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary ...)
+CVE-2017-14130
 	- binutils 2.29-9 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22058
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a143b99fc4a5094a9cf128f3184d8e6818c8229
-CVE-2017-14129 (The read_section function in dwarf2.c in the Binary File Descriptor ...)
+CVE-2017-14129
 	- binutils 2.29-10 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22047
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e4f2723003859dc6b33ca0dadbc4a7659ebf1643
-CVE-2017-14128 (The decode_line_info function in dwarf2.c in the Binary File Descriptor ...)
+CVE-2017-14128
 	- binutils 2.29-9 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22059
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e8b60085eb3e6f2c41bc0c00c0d759fa7f72780
-CVE-2017-14127 (Command Injection in the Ping Module in the Web Interface on ...)
+CVE-2017-14127
 	NOT-FOR-US: Technicolor
-CVE-2017-14126 (The Participants Database plugin before 1.7.5.10 for WordPress has XSS. ...)
+CVE-2017-14126
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14125 (SQL injection vulnerability in the Responsive Image Gallery plugin ...)
+CVE-2017-14125
 	NOT-FOR-US: Responsive Image Gallery plugin for WordPress
-CVE-2017-14124 (In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when ...)
+CVE-2017-14124
 	NOT-FOR-US: eLux
-CVE-2017-14123 (Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File ...)
+CVE-2017-14123
 	NOT-FOR-US: Zoho ManageEngine
-CVE-2017-14122 (unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based ...)
+CVE-2017-14122
 	- unrar-free 1:0.0.1+cvs20140707-4 (unimportant; bug #874060)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/20/1
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-14121 (The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free ...)
+CVE-2017-14121
 	- unrar-free 1:0.0.1+cvs20140707-4 (unimportant; bug #874061)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/20/1
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-14120 (unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory ...)
+CVE-2017-14120
 	{DLA-1091-1}
 	- unrar-free 1:0.0.1+cvs20140707-2 (bug #874059)
 	[stretch] - unrar-free <no-dsa> (Minor issue)
 	[jessie] - unrar-free <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/20/1
 	NOTE: Proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=874059;filename=874059.diff.txt;msg=29
-CVE-2017-14119 (In the EyesOfNetwork web interface (aka eonweb) 5.1-0, ...)
+CVE-2017-14119
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14118 (In the EyesOfNetwork web interface (aka eonweb) 5.1-0, ...)
+CVE-2017-14118
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14117 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 ...)
+CVE-2017-14117
 	NOT-FOR-US: Arris
-CVE-2017-14116 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when ...)
+CVE-2017-14116
 	NOT-FOR-US: Arris
-CVE-2017-14115 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 ...)
+CVE-2017-14115
 	NOT-FOR-US: Arris
-CVE-2017-14114 (RTPproxy through 2.2.alpha.20160822 has a NAT feature that results in ...)
+CVE-2017-14114
 	- rtpproxy <unfixed> (unimportant; bug #874070)
 	NOTE: https://rtpbleed.com/
 	NOTE: https://github.com/sippy/rtpproxy/issues/70
@@ -12837,25 +12835,25 @@ CVE-2017-14113
 	REJECTED
 CVE-2017-14112
 	RESERVED
-CVE-2017-14111 (The workstation logging function in Philips IntelliSpace ...)
+CVE-2017-14111
 	NOT-FOR-US: Philips IntelliSpace Cardiovascular and Xcelera
 CVE-2017-14110
 	RESERVED
-CVE-2017-1000201 (The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is ...)
+CVE-2017-1000201
 	NOT-FOR-US: tcmu-runner
-CVE-2017-1000200 (tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered ...)
+CVE-2017-1000200
 	NOT-FOR-US: tcmu-runner
-CVE-2017-1000199 (tcmu-runner version 0.91 up to 1.20 is vulnerable to information ...)
+CVE-2017-1000199
 	NOT-FOR-US: tcmu-runner
-CVE-2017-1000198 (tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid ...)
+CVE-2017-1000198
 	NOT-FOR-US: tcmu-runner
 CVE-2017-14109
 	RESERVED
-CVE-2017-14108 (libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to ...)
+CVE-2017-14108
 	- gedit <unfixed> (unimportant; bug #875311)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=791037
 	NOTE: negligible security impact
-CVE-2017-14107 (The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 ...)
+CVE-2017-14107
 	[experimental] - libzip 1.3.0+dfsg.1-1
 	- libzip 1.5.1-3 (low; bug #874010)
 	[stretch] - libzip <no-dsa> (Minor issue)
@@ -12867,15 +12865,15 @@ CVE-2017-14107 (The _zip_read_eocd64 function in zip_open.c in libzip before 1.3
 	NOTE: https://github.com/nih-at/libzip/commit/9b46957ec98d85a572e9ef98301247f39338a3b5
 	NOTE: PHP commit: https://github.com/php/php-src/commit/f6e8ce812174343b5c9fd1860f9e2e2864428567
 	NOTE: Marked as unimportant, php5 uses system libzip since 5.4.5-1
-CVE-2017-14105 (HiveManager Classic through 8.1r1 allows arbitrary JSP code execution ...)
+CVE-2017-14105
 	NOT-FOR-US: HiveManager
 CVE-2017-14104
 	RESERVED
-CVE-2017-14106 (The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel ...)
+CVE-2017-14106
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/499350a5a6e7512d9ed369ed63a4244b6536f4f8 (v4.12-rc3)
-CVE-2017-14103 (The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in ...)
+CVE-2017-14103
 	{DLA-1130-1}
 	- graphicsmagick 1.3.26-8
 	[stretch] - graphicsmagick <not-affected> (Incomplete fix for CVE-2017-11403 not applied)
@@ -12883,78 +12881,78 @@ CVE-2017-14103 (The ReadJNGImage and ReadOneJNGImage functions in coders/png.c i
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/01/6
 	NOTE: https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/
-CVE-2017-14102 (MIMEDefang 2.80 and earlier creates a PID file after dropping ...)
+CVE-2017-14102
 	- mimedefang 2.83-1 (bug #877363)
 	[stretch] - mimedefang <no-dsa> (Minor issue)
 	[jessie] - mimedefang <no-dsa> (Minor issue)
 	[wheezy] - mimedefang <ignored> (Minor issue only exploitable if daemon is compromised in some other way)
 	NOTE: http://lists.roaringpenguin.com/pipermail/mimedefang/2017-August/038077.html
 	NOTE: http://lists.roaringpenguin.com/pipermail/mimedefang/2017-August/038085.html
-CVE-2017-14101 (A security researcher found an XML External Entity (XXE) vulnerability ...)
+CVE-2017-14101
 	NOT-FOR-US: Conserus Image Repository
-CVE-2017-14097 (An improper access control vulnerability in Trend Micro Smart ...)
+CVE-2017-14097
 	NOT-FOR-US: Trend Micro
-CVE-2017-14096 (A stored cross site scripting (XSS) vulnerability in Trend Micro Smart ...)
+CVE-2017-14096
 	NOT-FOR-US: Trend Micro
-CVE-2017-14095 (A vulnerability in Trend Micro Smart Protection Server (Standalone) ...)
+CVE-2017-14095
 	NOT-FOR-US: Trend Micro
-CVE-2017-14094 (A vulnerability in Trend Micro Smart Protection Server (Standalone) ...)
+CVE-2017-14094
 	NOT-FOR-US: Trend Micro
-CVE-2017-14093 (The Log Query and Quarantine Query pages in Trend Micro ScanMail for ...)
+CVE-2017-14093
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14092 (The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange ...)
+CVE-2017-14092
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14091 (A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in ...)
+CVE-2017-14091
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14090 (A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in ...)
+CVE-2017-14090
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14089 (An Unauthorized Memory Corruption vulnerability in Trend Micro ...)
+CVE-2017-14089
 	NOT-FOR-US: Trend Micro
-CVE-2017-14088 (Memory Corruption Privilege Escalation vulnerabilities in Trend Micro ...)
+CVE-2017-14088
 	NOT-FOR-US: Trend Micro
-CVE-2017-14087 (A Host Header Injection vulnerability in Trend Micro OfficeScan XG ...)
+CVE-2017-14087
 	NOT-FOR-US: Trend Micro
-CVE-2017-14086 (Pre-authorization Start Remote Process vulnerabilities in Trend Micro ...)
+CVE-2017-14086
 	NOT-FOR-US: Trend Micro
-CVE-2017-14085 (Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 ...)
+CVE-2017-14085
 	NOT-FOR-US: Trend Micro
-CVE-2017-14084 (A potential Man-in-the-Middle (MitM) attack vulnerability in Trend ...)
+CVE-2017-14084
 	NOT-FOR-US: Trend Micro
-CVE-2017-14083 (A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote ...)
+CVE-2017-14083
 	NOT-FOR-US: Trend Micro
-CVE-2017-14082 (An uninitialized pointer information disclosure vulnerability in Trend ...)
+CVE-2017-14082
 	NOT-FOR-US: Trend Micro
-CVE-2017-14081 (Proxy command injection vulnerabilities in Trend Micro Mobile Security ...)
+CVE-2017-14081
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14080 (Authentication bypass vulnerability in Trend Micro Mobile Security ...)
+CVE-2017-14080
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14079 (Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) ...)
+CVE-2017-14079
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14078 (SQL Injection vulnerabilities in Trend Micro Mobile Security ...)
+CVE-2017-14078
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14098 (In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 ...)
+CVE-2017-14098
 	- asterisk 1:13.17.1~dfsg-1 (bug #873909)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
 	[wheezy] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27152
 	NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27152
-CVE-2017-14100 (In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before ...)
+CVE-2017-14100
 	{DSA-3964-1 DLA-1122-1}
 	- asterisk 1:13.17.1~dfsg-1 (bug #873908)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27103
 	NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27103
-CVE-2017-14099 (In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 13.x before ...)
+CVE-2017-14099
 	{DSA-3964-1}
 	- asterisk 1:13.17.1~dfsg-1 (bug #873907)
 	[wheezy] - asterisk <ignored> (strictrtp option is disabled by default. Too intrusive too backport)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27013
 	NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27013
-CVE-2017-14077 (HTML Injection in Securimage 3.6.4 and earlier allows remote attackers ...)
+CVE-2017-14077
 	NOT-FOR-US: Securimage
-CVE-2017-14076 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id ...)
+CVE-2017-14076
 	NOT-FOR-US: NexusPHP
-CVE-2017-14075 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2017-14075
 	NOT-FOR-US: Jungo WinDriver
 CVE-2017-14074
 	RESERVED
@@ -12964,9 +12962,9 @@ CVE-2017-14072
 	RESERVED
 CVE-2017-14071
 	RESERVED
-CVE-2017-14070 (Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via ...)
+CVE-2017-14070
 	NOT-FOR-US: NexusPHP
-CVE-2017-14069 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw ...)
+CVE-2017-14069
 	NOT-FOR-US: NexusPHP
 CVE-2017-14068
 	RESERVED
@@ -12976,26 +12974,26 @@ CVE-2017-14066
 	RESERVED
 CVE-2017-14065
 	RESERVED
-CVE-2017-14064 (Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can ...)
+CVE-2017-14064
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873906)
 	- ruby2.1 <removed>
 	- ruby1.9.1 <removed>
 	NOTE: https://bugs.ruby-lang.org/issues/13853
 	NOTE: https://github.com/flori/json/commit/8f782fd8e181d9cfe9387ded43a5ca9692266b85
-CVE-2017-14062 (Integer overflow in the decode_digit function in puny_decode.c in ...)
+CVE-2017-14062
 	{DSA-3988-1 DLA-1447-1 DLA-1085-1 DLA-1084-1}
 	- libidn2-0 2.0.2-4 (bug #873902)
 	- libidn 1.33-2 (bug #873903)
 	NOTE: https://gitlab.com/libidn/libidn2/commit/3284eb342cd0ed1a18786e3fcdf0cdd7e76676bd
-CVE-2017-14061 (Integer overflow in the _isBidi function in bidi.c in Libidn2 before ...)
+CVE-2017-14061
 	- libidn2-0 2.0.2-4 (bug #873904)
 	[stretch] - libidn2-0 <not-affected> (Vulnerable code not present)
 	[jessie] - libidn2-0 <not-affected> (Vulnerable code not present)
 	[wheezy] - libidn2-0 <not-affected> (Vulnerable code not present)
 	- libidn <not-affected> (Vulnerable code not present)
 	NOTE: https://gitlab.com/libidn/libidn2/commit/16853b6973a1e72fee2b7cccda85472cb9951305
-CVE-2017-14060 (In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in ...)
+CVE-2017-14060
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878506)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -13003,52 +13001,52 @@ CVE-2017-14060 (In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is pre
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/710
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c535e1f1a6b1faaa35e007df4fc535ec08daa97c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5bdfef29f5e6744f36f25ec04583c6b6f4a13b48
-CVE-2017-14059 (In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF ...)
+CVE-2017-14059
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7e80b63ecd259d69d383623e75b318bf2bd491f6
-CVE-2017-14058 (In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not ...)
+CVE-2017-14058
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7ec414892ddcad88313848494b6fc5f437c9ca4a
-CVE-2017-14057 (In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End ...)
+CVE-2017-14057
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7f9ec5593e04827249e7aeb466da06a98a0d7329
 	NOTE: libav: The vulnerable code is in asfdec.c.
-CVE-2017-14056 (In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to ...)
+CVE-2017-14056
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/96f24d1bee7fe7bac08e2b7c74db1a046c9dc0de
-CVE-2017-14055 (In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due ...)
+CVE-2017-14055
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/4f05e2e2dc1a89f38cd9f0960a6561083d714f1e
-CVE-2017-14054 (In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due ...)
+CVE-2017-14054
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/124eb202e70678539544f6268efc98131f19fa49
-CVE-2017-14053 (NetApp OnCommand Unified Manager for Clustered Data ONTAP before 7.2P1 ...)
+CVE-2017-14053
 	NOT-FOR-US: NetApp
 CVE-2017-14052
 	RESERVED
-CVE-2017-14063 (Async Http Client (aka async-http-client) before 2.0.35 can be tricked ...)
+CVE-2017-14063
 	- async-http-client <not-affected> (Vulnerable code introduced later after port to new Request API)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/1455
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/commit/eb9e3347e45319be494db24d285a2aee4396f5d3
-CVE-2017-14050 (In BlackCat CMS 1.2, backend/addons/install.php allows remote ...)
+CVE-2017-14050
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-14049 (In BlackCat CMS 1.2, backend/settings/ajax_save_settings.php allows ...)
+CVE-2017-14049
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-14048 (BlackCat CMS 1.2 allows remote authenticated users to inject arbitrary ...)
+CVE-2017-14048
 	NOT-FOR-US: BlackCat CMS
 CVE-2017-14047
 	RESERVED
@@ -13060,15 +13058,15 @@ CVE-2017-14044
 	RESERVED
 CVE-2017-14043
 	RESERVED
-CVE-2017-14038 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect ...)
+CVE-2017-14038
 	NOT-FOR-US: CrushFTP
-CVE-2017-14037 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header ...)
+CVE-2017-14037
 	NOT-FOR-US: CrushFTP
-CVE-2017-14036 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has XSS. ...)
+CVE-2017-14036
 	NOT-FOR-US: CrushFTP
-CVE-2017-14035 (CrushFTP 8.x before 8.2.0 has a serialization vulnerability. ...)
+CVE-2017-14035
 	NOT-FOR-US: CrushFTP
-CVE-2017-14051 (An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in ...)
+CVE-2017-14051
 	{DLA-1200-1}
 	- linux 4.12.13-1 (unimportant)
 	[stretch] - linux 4.9.30-2+deb9u5
@@ -13076,10 +13074,10 @@ CVE-2017-14051 (An integer overflow in the qla2x00_sysfs_write_optrom_ctl functi
 	NOTE: Fixed by: https://git.kernel.org/linus/e6f77540c067b48dee10f1e33678415bfcc89017
 	NOTE: https://patchwork.kernel.org/patch/9929625/
 	NOTE: Non issue, only "exploitable" with root access
-CVE-2017-14034 (The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used ...)
+CVE-2017-14034
 	NOT-FOR-US: libbpg
 	NOTE: Issue 3 from https://github.com/ebel34/bpg-web-encoder/issues/1
-CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, ...)
+CVE-2017-14033
 	{DSA-4031-1 DLA-1421-1 DLA-1114-1}
 	- ruby2.3 2.3.5-1 (bug #875928)
 	- ruby2.1 <removed>
@@ -13088,106 +13086,106 @@ CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before 2.2
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1058757
 	NOTE: https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/
 	NOTE: https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b
-CVE-2017-14031 (An Improper Access Control issue was discovered in Trihedral VTScada ...)
+CVE-2017-14031
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-14030 (An issue was discovered in Moxa MXview v2.8 and prior. The unquoted ...)
+CVE-2017-14030
 	NOT-FOR-US: Moxa MXview
-CVE-2017-14029 (An Uncontrolled Search Path Element issue was discovered in Trihedral ...)
+CVE-2017-14029
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-14028 (A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version ...)
+CVE-2017-14028
 	NOT-FOR-US: Moxa
-CVE-2017-14027 (A Use of Hard-coded Credentials issue was discovered in Korenix JetNet ...)
+CVE-2017-14027
 	NOT-FOR-US: Korenix
-CVE-2017-14026 (In Ice Qube Thermal Management Center versions prior to version 4.13, ...)
+CVE-2017-14026
 	NOT-FOR-US: Ice Qube Thermal Management Center
-CVE-2017-14025 (An Improper Input Validation issue was discovered in ABB FOX515T ...)
+CVE-2017-14025
 	NOT-FOR-US: ABB FOX515T
-CVE-2017-14024 (A Stack-based Buffer Overflow issue was discovered in Schneider ...)
+CVE-2017-14024
 	NOT-FOR-US: Schneider Electric
-CVE-2017-14023 (An Improper Input Validation issue was discovered in Siemens SIMATIC ...)
+CVE-2017-14023
 	NOT-FOR-US: Siemens
-CVE-2017-14022 (An Improper Input Validation issue was discovered in Rockwell ...)
+CVE-2017-14022
 	NOT-FOR-US: Rockwell Automation FactoryTalk Alarms and Events
-CVE-2017-14021 (A Use of Hard-coded Cryptographic Key issue was discovered in Korenix ...)
+CVE-2017-14021
 	NOT-FOR-US: Korenix
-CVE-2017-14020 (In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) ...)
+CVE-2017-14020
 	NOT-FOR-US: AutomationDirect
-CVE-2017-14019 (An Unquoted Search Path or Element issue was discovered in Progea ...)
+CVE-2017-14019
 	NOT-FOR-US: Progea Movicon
-CVE-2017-14018 (An improper authentication issue was discovered in Johnson &amp; Johnson ...)
+CVE-2017-14018
 	NOT-FOR-US: Johnson & Johnson Ethicon Endo-Surgery Generator Gen11
-CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in Progea ...)
+CVE-2017-14017
 	NOT-FOR-US: Progea Movicon
-CVE-2017-14016 (A Stack-based Buffer Overflow issue was discovered in Advantech ...)
+CVE-2017-14016
 	NOT-FOR-US: Advantech
 CVE-2017-14015
 	RESERVED
-CVE-2017-14014 (Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded ...)
+CVE-2017-14014
 	NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120
-CVE-2017-14013 (A Client-Side Enforcement of Server-Side Security issue was discovered ...)
+CVE-2017-14013
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14012 (Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at ...)
+CVE-2017-14012
 	NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120
-CVE-2017-14011 (A Cross-Site Request Forgery issue was discovered in ProMinent ...)
+CVE-2017-14011
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14010 (In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions ...)
+CVE-2017-14010
 	NOT-FOR-US: SpiderControl
-CVE-2017-14009 (An Information Exposure issue was discovered in ProMinent MultiFLEX ...)
+CVE-2017-14009
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14008 (GE Centricity PACS RA1000, diagnostic image analysis, all current ...)
+CVE-2017-14008
 	NOT-FOR-US: GE Centricity PACS RA1000
-CVE-2017-14007 (An Insufficient Session Expiration issue was discovered in ProMinent ...)
+CVE-2017-14007
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14006 (GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all ...)
+CVE-2017-14006
 	NOT-FOR-US: GE Xeleris
-CVE-2017-14005 (An Unverified Password Change issue was discovered in ProMinent ...)
+CVE-2017-14005
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14004 (GE GEMNet License server (EchoServer) all current versions are ...)
+CVE-2017-14004
 	NOT-FOR-US: GE GEMNet License server
-CVE-2017-14003 (An Authentication Bypass by Spoofing issue was discovered in LAVA ...)
+CVE-2017-14003
 	NOT-FOR-US: LAVA Ether-Serial Link
-CVE-2017-14002 (GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current ...)
+CVE-2017-14002
 	NOT-FOR-US: GE Infinia/Infinia with Hawkeye 4 medical imaging systems
-CVE-2017-14001 (An Improper Neutralization of Special Elements used in an OS Command ...)
+CVE-2017-14001
 	NOT-FOR-US: Asterisk GUI
 	NOTE: Different from standard asterisk: https://wiki.asterisk.org/wiki/display/AST/Asterisk+GUI
-CVE-2017-14000 (An Improper Authentication issue was discovered in Ctek SkyRouter ...)
+CVE-2017-14000
 	NOT-FOR-US: Ctek SkyRouter
-CVE-2017-13999 (A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio ...)
+CVE-2017-13999
 	NOT-FOR-US: WECON LEVI Studio HMI Editor
-CVE-2017-13998 (An Insufficiently Protected Credentials issue was discovered in LOYTEC ...)
+CVE-2017-13998
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13997 (A Missing Authentication for Critical Function issue was discovered in ...)
+CVE-2017-13997
 	NOT-FOR-US: Schneider
-CVE-2017-13996 (A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME ...)
+CVE-2017-13996
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13995 (An Improper Authentication issue was discovered in iniNet Solutions ...)
+CVE-2017-13995
 	NOT-FOR-US: iniNet Solutions iniNet Webserver
-CVE-2017-13994 (A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions ...)
+CVE-2017-13994
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13993 (An Uncontrolled Search Path or Element issue was discovered in i-SENS ...)
+CVE-2017-13993
 	NOT-FOR-US: i-SENS SmartLog Diabetes Management Software
-CVE-2017-13992 (An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME ...)
+CVE-2017-13992
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13991 (An information leakage vulnerability in ArcSight ESM and ArcSight ESM ...)
+CVE-2017-13991
 	NOT-FOR-US: ArcSight
-CVE-2017-13990 (An information leakage vulnerability in ArcSight ESM and ArcSight ESM ...)
+CVE-2017-13990
 	NOT-FOR-US: ArcSight
-CVE-2017-13989 (An improper access control vulnerability in ArcSight ESM and ArcSight ...)
+CVE-2017-13989
 	NOT-FOR-US: ArcSight
-CVE-2017-13988 (An improper access control vulnerability in ArcSight ESM and ArcSight ...)
+CVE-2017-13988
 	NOT-FOR-US: ArcSight
-CVE-2017-13987 (An insufficient access control vulnerability in ArcSight ESM and ...)
+CVE-2017-13987
 	NOT-FOR-US: ArcSight
-CVE-2017-13986 (A reflected Cross-Site Scripting(XSS) vulnerability in ArcSight ESM ...)
+CVE-2017-13986
 	NOT-FOR-US: ArcSight
-CVE-2017-13985 (An authentication vulnerability in HPE BSM Platform Application ...)
+CVE-2017-13985
 	NOT-FOR-US: HP
-CVE-2017-13984 (An authentication vulnerability in HPE BSM Platform Application ...)
+CVE-2017-13984
 	NOT-FOR-US: HP
-CVE-2017-13983 (An authentication vulnerability in HPE BSM Platform Application ...)
+CVE-2017-13983
 	NOT-FOR-US: HP
-CVE-2017-13982 (A directory traversal vulnerability in HPE BSM Platform Application ...)
+CVE-2017-13982
 	NOT-FOR-US: HP
 CVE-2017-13981
 	RESERVED
@@ -13343,9 +13341,9 @@ CVE-2017-13906
 	RESERVED
 CVE-2017-13905
 	RESERVED
-CVE-2017-13904 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13904
 	NOT-FOR-US: Apple
-CVE-2017-13903 (An issue was discovered in certain Apple products. iOS before 11.2.1 ...)
+CVE-2017-13903
 	NOT-FOR-US: Apple
 CVE-2017-13902
 	RESERVED
@@ -13369,29 +13367,29 @@ CVE-2017-13893
 	RESERVED
 CVE-2017-13892
 	RESERVED
-CVE-2017-13891 (In iOS before 11.2, an inconsistent user interface issue was addressed ...)
+CVE-2017-13891
 	NOT-FOR-US: Apple
-CVE-2017-13890 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13890
 	NOT-FOR-US: Apple
-CVE-2017-13889 (In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, ...)
+CVE-2017-13889
 	NOT-FOR-US: Apple
-CVE-2017-13888 (In iOS before 11.2, a type confusion issue was addressed with improved ...)
+CVE-2017-13888
 	NOT-FOR-US: Apple
-CVE-2017-13887 (In macOS High Sierra before 10.13.2, a logic issue existed in APFS ...)
+CVE-2017-13887
 	NOT-FOR-US: Apple
-CVE-2017-13886 (In macOS High Sierra before 10.13.2, an access issue existed with ...)
+CVE-2017-13886
 	NOT-FOR-US: Apple
-CVE-2017-13885 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13885
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-13884 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13884
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-13883 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13883
 	NOT-FOR-US: Apple
 CVE-2017-13882
 	RESERVED
@@ -13399,239 +13397,239 @@ CVE-2017-13881
 	RESERVED
 CVE-2017-13880
 	RESERVED
-CVE-2017-13879 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13879
 	NOT-FOR-US: Apple
-CVE-2017-13878 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13878
 	NOT-FOR-US: Apple
-CVE-2017-13877 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-13877
 	NOT-FOR-US: Apple
-CVE-2017-13876 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13876
 	NOT-FOR-US: Apple
-CVE-2017-13875 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13875
 	NOT-FOR-US: Apple
-CVE-2017-13874 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13874
 	NOT-FOR-US: Apple
-CVE-2017-13873 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-13873
 	NOT-FOR-US: Apple
-CVE-2017-13872 (An issue was discovered in certain Apple products. macOS High Sierra ...)
+CVE-2017-13872
 	NOT-FOR-US: Apple
-CVE-2017-13871 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13871
 	NOT-FOR-US: Apple
-CVE-2017-13870 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13870
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-13869 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13869
 	NOT-FOR-US: Apple
-CVE-2017-13868 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13868
 	NOT-FOR-US: Apple
-CVE-2017-13867 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13867
 	NOT-FOR-US: Apple
-CVE-2017-13866 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13866
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-13865 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13865
 	NOT-FOR-US: Apple
-CVE-2017-13864 (An issue was discovered in certain Apple products. iCloud before 7.2 ...)
+CVE-2017-13864
 	NOT-FOR-US: Apple
-CVE-2017-13863 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-13863
 	NOT-FOR-US: Apple
-CVE-2017-13862 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13862
 	NOT-FOR-US: Apple
-CVE-2017-13861 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13861
 	NOT-FOR-US: Apple
-CVE-2017-13860 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13860
 	NOT-FOR-US: Apple
 CVE-2017-13859
 	RESERVED
-CVE-2017-13858 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13858
 	NOT-FOR-US: Apple
 CVE-2017-13857
 	RESERVED
-CVE-2017-13856 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13856
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-13855 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13855
 	NOT-FOR-US: Apple
-CVE-2017-13854 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-13854
 	NOT-FOR-US: Apple
-CVE-2017-13853 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13853
 	NOT-FOR-US: Apple
-CVE-2017-13852 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13852
 	NOT-FOR-US: Apple
-CVE-2017-13851 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-13851
 	NOT-FOR-US: Apple
-CVE-2017-13850 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13850
 	NOT-FOR-US: Apple
-CVE-2017-13849 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13849
 	NOT-FOR-US: Apple
-CVE-2017-13848 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13848
 	NOT-FOR-US: Apple
-CVE-2017-13847 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-13847
 	NOT-FOR-US: Apple
-CVE-2017-13846 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13846
 	NOT-FOR-US: Potentially src:pcre3, but Apple doesn't play by the rules
 CVE-2017-13845
 	RESERVED
-CVE-2017-13844 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13844
 	NOT-FOR-US: Apple
-CVE-2017-13843 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13843
 	NOT-FOR-US: Apple
-CVE-2017-13842 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13842
 	NOT-FOR-US: Apple
-CVE-2017-13841 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13841
 	NOT-FOR-US: Apple
-CVE-2017-13840 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13840
 	NOT-FOR-US: Apple
-CVE-2017-13839 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-13839
 	NOT-FOR-US: Apple
-CVE-2017-13838 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13838
 	NOT-FOR-US: Apple
-CVE-2017-13837 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-13837
 	NOT-FOR-US: Apple
-CVE-2017-13836 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13836
 	NOT-FOR-US: Apple
 CVE-2017-13835
 	RESERVED
-CVE-2017-13834 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13834
 	NOT-FOR-US: Apple
-CVE-2017-13833 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13833
 	NOT-FOR-US: Apple
-CVE-2017-13832 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13832
 	NOT-FOR-US: Apple
-CVE-2017-13831 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13831
 	NOT-FOR-US: Apple
-CVE-2017-13830 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13830
 	NOT-FOR-US: Apple
-CVE-2017-13829 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13829
 	NOT-FOR-US: Apple
-CVE-2017-13828 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13828
 	NOT-FOR-US: Apple
-CVE-2017-13827 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-13827
 	NOT-FOR-US: Apple
 CVE-2017-13826
 	REJECTED
-CVE-2017-13825 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13825
 	NOT-FOR-US: Apple
-CVE-2017-13824 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13824
 	NOT-FOR-US: Apple
-CVE-2017-13823 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13823
 	NOT-FOR-US: Apple
-CVE-2017-13822 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13822
 	NOT-FOR-US: Apple
-CVE-2017-13821 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13821
 	NOT-FOR-US: Apple
-CVE-2017-13820 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13820
 	NOT-FOR-US: Apple
-CVE-2017-13819 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13819
 	NOT-FOR-US: Apple
-CVE-2017-13818 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13818
 	NOT-FOR-US: Apple
-CVE-2017-13817 (An out-of-bounds read issue was discovered in certain Apple products. ...)
+CVE-2017-13817
 	NOT-FOR-US: Apple
-CVE-2017-13816 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13816
 	NOT-FOR-US: Potentially src:libarchive, but Apple doesn't play by the rules
-CVE-2017-13815 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13815
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-13814 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13814
 	NOT-FOR-US: Apple
-CVE-2017-13813 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13813
 	NOT-FOR-US: Potentially src:libarchive, but Apple doesn't play by the rules
-CVE-2017-13812 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13812
 	NOT-FOR-US: Potentially src:libarchive, but Apple doesn't play by the rules
-CVE-2017-13811 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13811
 	NOT-FOR-US: Apple
-CVE-2017-13810 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13810
 	NOT-FOR-US: Apple
-CVE-2017-13809 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13809
 	NOT-FOR-US: Apple
-CVE-2017-13808 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13808
 	NOT-FOR-US: Apple
-CVE-2017-13807 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13807
 	NOT-FOR-US: Apple
-CVE-2017-13806 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-13806
 	NOT-FOR-US: Apple
-CVE-2017-13805 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13805
 	NOT-FOR-US: Apple
-CVE-2017-13804 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13804
 	NOT-FOR-US: Apple
-CVE-2017-13803 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13803
 	- webkit2gtk 2.18.3-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13802 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13802
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13801 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13801
 	NOT-FOR-US: Apple
-CVE-2017-13800 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13800
 	NOT-FOR-US: Apple
-CVE-2017-13799 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13799
 	NOT-FOR-US: Apple
-CVE-2017-13798 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13798
 	- webkit2gtk 2.18.3-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13797 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13797
 	NOT-FOR-US: Apple-specific Webkit change (since not mentioned in webkitgtk releases)
-CVE-2017-13796 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13796
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13795 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13795
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13794 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13794
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13793 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13793
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13792 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13792
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13791 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13791
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13790 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2017-13790
 	NOT-FOR-US: Apple Safari
-CVE-2017-13789 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2017-13789
 	NOT-FOR-US: Apple Safari
-CVE-2017-13788 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13788
 	- webkit2gtk 2.18.3-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
 CVE-2017-13787
 	RESERVED
-CVE-2017-13786 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13786
 	NOT-FOR-US: Apple
-CVE-2017-13785 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13785
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13784 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13784
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13783 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-13783
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13782 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-13782
 	NOT-FOR-US: Apple
 CVE-2017-13781
 	RESERVED
-CVE-2017-13780 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory ...)
+CVE-2017-13780
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14032 (ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional ...)
+CVE-2017-14032
 	{DSA-3967-1}
 	- mbedtls 2.6.0-1 (bug #873557)
 	- polarssl <removed>
@@ -13641,34 +13639,34 @@ CVE-2017-14032 (ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional ...
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/31458a18788b0cf0b722acda9bb2f2fe13a3fb32
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/d15795acd5074e0b44e71f7ede8bdfe1b48591fc
-CVE-2017-13779 (GSTN_offline_tool in India Goods and Services Tax Network (GSTN) ...)
+CVE-2017-13779
 	NOT-FOR-US: India Goods and Services Tax Network
-CVE-2017-13778 (Fiyo CMS 2.0.7 has XSS in dapur\apps\app_config\sys_config.php via the ...)
+CVE-2017-13778
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-13777 (GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() ...)
+CVE-2017-13777
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-8 (low)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/233a720bfd5e
-CVE-2017-13776 (GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() ...)
+CVE-2017-13776
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-8 (low)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/233a720bfd5e
-CVE-2017-13775 (GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() ...)
+CVE-2017-13775
 	{DSA-4321-1 DLA-1456-1}
 	- graphicsmagick 1.3.26-8 (low)
 	[wheezy] - graphicsmagick <not-affected> (Vulnerable code not present)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/b037d79b6ccd
-CVE-2017-13774 (Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to ...)
+CVE-2017-13774
 	NOT-FOR-US: Hikvision
 CVE-2017-13773
 	RESERVED
-CVE-2017-13772 (Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers ...)
+CVE-2017-13772
 	NOT-FOR-US: TP-Link
-CVE-2017-13771 (Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network ...)
+CVE-2017-13771
 	NOT-FOR-US: Lexmark Scan To Network
 CVE-2017-13770
 	RESERVED
-CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick ...)
+CVE-2017-13769
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878507)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/705
@@ -13677,7 +13675,7 @@ CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageM
 	NOTE: Extra checks:
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5a3897693a8b4e97add649c0ca1d538bd90f59c9
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/abb9d1322317733b799e8b87b2e346b3038f3260
-CVE-2017-13768 (Null Pointer Dereference in the IdentifyImage function in ...)
+CVE-2017-13768
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875352)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -13685,14 +13683,14 @@ CVE-2017-13768 (Null Pointer Dereference in the IdentifyImage function in ...)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/706
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/152e510e2b7858efe5992ed95090d8e0049417f3
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/2c1b360d80e5f8f7c7108c0afedde64ab79318ff
-CVE-2017-13767 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP ...)
+CVE-2017-13767
 	- wireshark 2.4.1-1
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13933
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f18ace2a2683418a9368a8dfd92da6bd8213e15
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html
-CVE-2017-13766 (In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could ...)
+CVE-2017-13766
 	- wireshark 2.4.1-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -13701,142 +13699,142 @@ CVE-2017-13766 (In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissecto
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2096bc1e5078732543e0a3ee115a2ce520a72bbc
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=af7b093ca528516c14247acb545046199d30843e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-39.html
-CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM ...)
+CVE-2017-13765
 	{DLA-1634-1}
 	- wireshark 2.4.1-1
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13929
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94666d4357096fc45e3bcad3d9414a14f0831bc8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-41.html
-CVE-2017-13764 (In Wireshark 2.4.0, the Modbus dissector could crash with a NULL ...)
+CVE-2017-13764
 	- wireshark 2.4.1-1
 	[jessie] - wireshark <not-affected> (vulnerable request not implemented)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-40.html
-CVE-2017-13763 (ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of ...)
+CVE-2017-13763
 	NOT-FOR-US: ONOS
-CVE-2017-13762 (ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. ...)
+CVE-2017-13762
 	NOT-FOR-US: ONOS
-CVE-2017-13761 (The Fastly CDN module before 1.2.26 for Magento2, when used with a ...)
+CVE-2017-13761
 	NOT-FOR-US: Fastly CDN module for Magento2
-CVE-2017-13760 (In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in ...)
+CVE-2017-13760
 	- sleuthkit 4.4.2-3 (unimportant; bug #873724)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/906
 	NOTE: Negligible security impact
 CVE-2017-13759
 	RESERVED
-CVE-2017-13758 (In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the ...)
+CVE-2017-13758
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878508)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/ef6cee1bcf144b7c9285787920361a53296e7907
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/57eced684ad0660fe580800d977ba94623ec67ac
-CVE-2017-13757 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-13757
 	- binutils 2.29-10
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22018
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=90efb6422939ca031804266fba669f77c22a274a
-CVE-2017-13756 (In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers ...)
+CVE-2017-13756
 	- sleuthkit 4.4.2-3 (unimportant; bug #873725)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/914
 	NOTE: Negligible security impact
-CVE-2017-13755 (In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image ...)
+CVE-2017-13755
 	- sleuthkit 4.4.2-3 (unimportant; bug #873726)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/913
 	NOTE: Negligible security impact
-CVE-2017-13754 (Cross-site scripting (XSS) vulnerability in the &quot;advanced settings - ...)
+CVE-2017-13754
 	NOT-FOR-US: Wibu-Systems
 CVE-2017-13753
 	REJECTED
-CVE-2017-13752 (There is a reachable assertion abort in the function jpc_dequantize() ...)
+CVE-2017-13752
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485276
-CVE-2017-13751 (There is a reachable assertion abort in the function calcstepsizes() in ...)
+CVE-2017-13751
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485283
-CVE-2017-13750 (There is a reachable assertion abort in the function ...)
+CVE-2017-13750
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485280
-CVE-2017-13749 (There is a reachable assertion abort in the function jpc_pi_nextrpcl() ...)
+CVE-2017-13749
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485285
-CVE-2017-13748 (There are lots of memory leaks in JasPer 2.0.12, triggered in the ...)
+CVE-2017-13748
 	{DLA-1583-1}
 	- jasper <removed> (low)
 	[wheezy] - jasper <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485287
 	NOTE: https://github.com/mdadams/jasper/issues/168
 	NOTE: Fixed by https://github.com/mdadams/jasper/pull/159 but still no upstream comment.
-CVE-2017-13747 (There is a reachable assertion abort in the function jpc_floorlog2() in ...)
+CVE-2017-13747
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485282
-CVE-2017-13746 (There is a reachable assertion abort in the function ...)
+CVE-2017-13746
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485286
-CVE-2017-13745 (There is a reachable assertion abort in the function ...)
+CVE-2017-13745
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485274
-CVE-2017-13744 (There is an illegal address access in the function _lou_getALine() in ...)
+CVE-2017-13744
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484338
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/edf8ee00197e5a9b062554bdca00fe1617d257a4
-CVE-2017-13743 (There is a buffer overflow in Liblouis 3.2.0, triggered in the function ...)
+CVE-2017-13743
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484335
-CVE-2017-13742 (There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in ...)
+CVE-2017-13742
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484334
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
-CVE-2017-13741 (There is a use-after-free in the function compileBrailleIndicator() in ...)
+CVE-2017-13741
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484332
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/af5791ea792acc0a9707738001aa1df3daff7a66
-CVE-2017-13740 (There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in ...)
+CVE-2017-13740
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484306
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
-CVE-2017-13739 (There is a heap-based buffer overflow that causes a more than two ...)
+CVE-2017-13739
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484299
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
-CVE-2017-13738 (There is an illegal address access in the _lou_getALine function in ...)
+CVE-2017-13738
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484297
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/edf8ee00197e5a9b062554bdca00fe1617d257a4
-CVE-2017-13737 (There is an invalid free in the MagickFree function in magick/memory.c ...)
+CVE-2017-13737
 	{DSA-4321-1 DLA-1456-1 DLA-1140-1}
 	- graphicsmagick 1.3.26-15 (low; bug #878511)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484196
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/3db9449e3d6a/
-CVE-2017-13736 (There are lots of memory leaks in the GMCommand function in ...)
+CVE-2017-13736
 	- graphicsmagick <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484192
-CVE-2017-13735 (There is a floating point exception in the kodak_radc_load_raw function ...)
+CVE-2017-13735
 	- libraw 0.18.5-1 (low; bug #874729)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
@@ -13844,84 +13842,84 @@ CVE-2017-13735 (There is a floating point exception in the kodak_radc_load_raw f
 	NOTE: https://github.com/LibRaw/LibRaw/issues/96
 	NOTE: Isolated patch: https://github.com/LibRaw/LibRaw/files/1276421/radc_divbyzero.txt
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1483988
-CVE-2017-13734 (There is an illegal address access in the _nc_safe_strcat function in ...)
+CVE-2017-13734
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484291
-CVE-2017-13733 (There is an illegal address access in the fmt_entry function in ...)
+CVE-2017-13733
 	- ncurses 6.0+20170902-1 (bug #873746)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484290
-CVE-2017-13732 (There is an illegal address access in the function dump_uses() in ...)
+CVE-2017-13732
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484287
-CVE-2017-13731 (There is an illegal address access in the function ...)
+CVE-2017-13731
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484285
-CVE-2017-13730 (There is an illegal address access in the function ...)
+CVE-2017-13730
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484284
-CVE-2017-13729 (There is an illegal address access in the _nc_save_str function in ...)
+CVE-2017-13729
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484276
-CVE-2017-13728 (There is an infinite loop in the next_char function in comp_scan.c in ...)
+CVE-2017-13728
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484274
-CVE-2017-13727 (There is a reachable assertion abort in the function ...)
+CVE-2017-13727
 	{DSA-4100-1 DLA-1093-1}
 	- tiff 4.0.8-5 (bug #873879)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2728
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/b6af137bf9ef852f1a48a50a5afb88f9e9da01cc
-CVE-2017-13726 (There is a reachable assertion abort in the function ...)
+CVE-2017-13726
 	{DSA-4100-1 DLA-1093-1}
 	- tiff 4.0.8-5 (bug #873880)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2727
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/f91ca83a21a6a583050e5a5755ce1441b2bf1d7e
-CVE-2017-13725 (The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer ...)
+CVE-2017-13725
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13724 (On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site ...)
+CVE-2017-13724
 	NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
-CVE-2017-13723 (In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local ...)
+CVE-2017-13723
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.4-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=94f11ca5cf011ef123bd222cabeaef6f424d76ac
 	NOTE: This is in libxkbfile in wheezy
-CVE-2017-13722 (In the pcfGetProperties function in bitmap/pcfread.c in libXfont ...)
+CVE-2017-13722
 	{DSA-3995-1 DLA-1126-1}
 	- libxfont 1:2.0.1-4
 	- libxfont1 <removed> (unimportant)
 	NOTE: Fixed by: https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=672bb944311392e2415b39c0d63b1e1902905bcd
 	NOTE: libxfont1 is only used by xfonts-utils, no security impact
-CVE-2017-13721 (In X.Org Server (aka xserver and xorg-server) before 1.19.4, an ...)
+CVE-2017-13721
 	{DSA-4000-1}
 	- xorg-server 2:1.19.4-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1
-CVE-2017-13720 (In the PatternMatch function in fontfile/fontdir.c in libXfont through ...)
+CVE-2017-13720
 	{DSA-3995-1 DLA-1126-1}
 	- libxfont 1:2.0.1-4
 	- libxfont1 <removed> (unimportant)
@@ -13933,7 +13931,7 @@ CVE-2017-13718
 	RESERVED
 CVE-2017-13717
 	RESERVED
-CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty, as ...)
+CVE-2017-13716
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -13941,7 +13939,7 @@ CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty, as
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22009
 	NOTE: Underlying bug is though in the C++ demangler part of libiberty, but MITRE
 	NOTE: has assigned it specifically to the issue as raised within binutils.
-CVE-2017-13715 (The __skb_flow_dissect function in net/core/flow_dissector.c in the ...)
+CVE-2017-13715
 	- linux 4.3.1-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -13949,14 +13947,14 @@ CVE-2017-13715 (The __skb_flow_dissect function in net/core/flow_dissector.c in
 	NOTE: Introduced by: https://git.kernel.org/linus/b3baa0fbd02a1a9d493d8cb92ae4a4491b9e9d13 (4.2-rc1)
 CVE-2017-13714
 	RESERVED
-CVE-2017-13713 (T&amp;W WIFI Repeater BE126 allows remote authenticated users to execute ...)
+CVE-2017-13713
 	NOT-FOR-US: T&W WIFI Repeater BE126
-CVE-2017-13712 (NULL Pointer Dereference in the id3v2AddAudioDuration function in ...)
+CVE-2017-13712
 	- lame 3.100-1 (low)
 	[stretch] - lame <no-dsa> (Minor issue)
 	[jessie] - lame <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/lame/bugs/472/
-CVE-2017-13711 (Use-after-free vulnerability in the sofree function in slirp/socket.c ...)
+CVE-2017-13711
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (bug #873875)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
@@ -13965,50 +13963,50 @@ CVE-2017-13711 (Use-after-free vulnerability in the sofree function in slirp/soc
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg05201.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1486400
-CVE-2017-14041 (A stack-based buffer overflow was discovered in the pgxtoimage function ...)
+CVE-2017-14041
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874115)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9
 	NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/
 	NOTE: https://github.com/uclouvain/openjpeg/issues/997
-CVE-2017-14040 (An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG ...)
+CVE-2017-14040
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874117)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281
 	NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-invalid-memory-write-in-tgatoimage-convert-c/
 	NOTE: https://github.com/uclouvain/openjpeg/issues/995
-CVE-2017-14039 (A heap-based buffer overflow was discovered in the opj_t2_encode_packet ...)
+CVE-2017-14039
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874118)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e
 	NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/
 	NOTE: https://github.com/uclouvain/openjpeg/issues/992
 	NOTE: The issue is covered by https://github.com/uclouvain/openjpeg/commit/4241ae6fbbf1de9658764a80944dc8108f2b4154
-CVE-2017-14042 (A memory allocation failure was discovered in the ReadPNMImage function ...)
+CVE-2017-14042
 	- graphicsmagick 1.3.26-9 (unimportant; bug #873538)
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/3bbf7a13643d
 	NOTE: https://blogs.gentoo.org/ago/2017/08/28/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c-2/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/441/
-CVE-2017-13710 (The setup_group function in elf.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-13710
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0c54f69295208331faab9bc5e995111a35672f9b
-CVE-2017-13708 (Buffer overflow in the web server service in VX Search Enterprise ...)
+CVE-2017-13708
 	NOT-FOR-US: VX Search Enterprise
-CVE-2017-13707 (Privilege escalation in Replibit Backup Manager earlier than version ...)
+CVE-2017-13707
 	NOT-FOR-US: Replibit
-CVE-2017-13706 (XML external entity (XXE) vulnerability in the import package ...)
+CVE-2017-13706
 	NOT-FOR-US: Lansweeper
-CVE-2017-13709 (In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger ...)
+CVE-2017-13709
 	- flightgear 1:2017.2.1+dfsg-4 (low; bug #873439)
 	[stretch] - flightgear 1:2016.4.4+dfsg-3+deb9u1
 	[jessie] - flightgear 3.0.0-5+deb8u3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/27/1
 CVE-2017-13705
 	RESERVED
-CVE-2017-13704 (In dnsmasq before 2.78, if the DNS packet size does not match the ...)
+CVE-2017-13704
 	- dnsmasq 2.78-1 (bug #877102)
 	[stretch] - dnsmasq <not-affected> (Vulnerable code not present; Upstream: Regression introduced in 2.77)
 	[jessie] - dnsmasq <not-affected> (Vulnerable code not present; Upstream: Regression introduced in 2.77)
@@ -14016,94 +14014,94 @@ CVE-2017-13704 (In dnsmasq before 2.78, if the DNS packet size does not match th
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1495510
 	NOTE: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q3/011729.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928
-CVE-2017-13703 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A ...)
+CVE-2017-13703
 	NOT-FOR-US: Moxa
-CVE-2017-13702 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...)
+CVE-2017-13702
 	NOT-FOR-US: Moxa
-CVE-2017-13701 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...)
+CVE-2017-13701
 	NOT-FOR-US: Moxa
-CVE-2017-13700 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...)
+CVE-2017-13700
 	NOT-FOR-US: Moxa
-CVE-2017-13699 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...)
+CVE-2017-13699
 	NOT-FOR-US: MOXA
-CVE-2017-13698 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...)
+CVE-2017-13698
 	NOT-FOR-US: MOXA
-CVE-2017-13697 (controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to ...)
+CVE-2017-13697
 	NOT-FOR-US: FineCMS
-CVE-2017-13696 (A buffer overflow vulnerability lies in the web server component of ...)
+CVE-2017-13696
 	NOT-FOR-US: Dup Scout Enterprise
-CVE-2017-1000122 (The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, ...)
+CVE-2017-1000122
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0007.html
 	NOTE: Not covered by security support
-CVE-2017-1000121 (The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, ...)
+CVE-2017-1000121
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0007.html
 	NOTE: Not covered by security support
-CVE-2017-13695 (The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the ...)
+CVE-2017-13695
 	- acpica-unix 20180209-1 (unimportant)
 	- linux 4.17.3-1 (unimportant)
 	NOTE: https://patchwork.kernel.org/patch/9850567/
 	NOTE: non-issue/no relevant security impact
-CVE-2017-13694 (The acpi_ps_complete_final_op() function in ...)
+CVE-2017-13694
 	- acpica-unix 20180209-1 (unimportant)
 	- linux <unfixed> (unimportant)
 	NOTE: https://patchwork.kernel.org/patch/9806085/
 	NOTE: non-issue/no relevant security impact
-CVE-2017-13693 (The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c ...)
+CVE-2017-13693
 	- acpica-unix 20180209-1 (unimportant)
 	- linux <unfixed> (unimportant)
 	NOTE: https://patchwork.kernel.org/patch/9919053/
 	NOTE: non-issue/no relevant security impact
-CVE-2017-13692 (In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers ...)
+CVE-2017-13692
 	- tidy-html5 <not-affected> (Vulnerable code introduced later)
 	- tidy <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/htacg/tidy-html5/issues/588
 CVE-2017-13691
 	RESERVED
-CVE-2017-13690 (The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13690
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13689 (The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13689
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13688 (The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13688
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13687 (The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13687
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13686 (net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too ...)
+CVE-2017-13686
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/bc3aae2bbac46dd894c89db5d5e98f7f0ef9e205
-CVE-2017-13685 (The dump_callback function in SQLite 3.20.0 allows remote attackers to ...)
+CVE-2017-13685
 	- sqlite3 3.20.1-1 (unimportant; bug #873762)
 	NOTE: https://sqlite.org/src/info/02f0f4c54f2819b3
 	NOTE: http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html
 	NOTE: Crash in the command-line shell program, not the the core SQLite library.
-CVE-2017-13684 (Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE ...)
+CVE-2017-13684
 	NOT-FOR-US: Unisys Libra
-CVE-2017-13683 (In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory ...)
+CVE-2017-13683
 	NOT-FOR-US: Symantec
-CVE-2017-13682 (In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel ...)
+CVE-2017-13682
 	NOT-FOR-US: Symantec
-CVE-2017-13681 (Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be ...)
+CVE-2017-13681
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2017-13680 (Prior to SEP 12.1 RU6 MP9 &amp; SEP 14 RU1 Symantec Endpoint Protection ...)
+CVE-2017-13680
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2017-13679 (A denial of service (DoS) attack in Symantec Encryption Desktop before ...)
+CVE-2017-13679
 	NOT-FOR-US: Symantec
-CVE-2017-13678 (Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) ...)
+CVE-2017-13678
 	NOT-FOR-US: Symantec
-CVE-2017-13677 (Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure ...)
+CVE-2017-13677
 	NOT-FOR-US: Symantec
-CVE-2017-13676 (Norton Remove &amp; Reinstall can be susceptible to a DLL preloading ...)
+CVE-2017-13676
 	NOT-FOR-US: Symantec
-CVE-2017-13675 (A denial of service (DoS) attack in Symantec Endpoint Encryption ...)
+CVE-2017-13675
 	NOT-FOR-US: Symantec
-CVE-2017-13674 (Symantec ProxyClient 3.4 for Windows is susceptible to a privilege ...)
+CVE-2017-13674
 	NOT-FOR-US: Symantec ProxyClient
-CVE-2017-13673 (The vga display update in mis-calculated the region for the dirty ...)
+CVE-2017-13673
 	- qemu 1:2.10.0+dfsg-2
 	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
@@ -14113,7 +14111,7 @@ CVE-2017-13673 (The vga display update in mis-calculated the region for the dirt
 	NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=d6f7f3b0cf4b6c5e7cdff9dfa6d20545e1051375 (v2.10.1)
 	NOTE: Introduced by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72
 	NOTE: In the unstable upload the fix is integrated in debian/patches/qemu-2.10.1.diff
-CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display emulator ...)
+CVE-2017-13672
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (low; bug #873851)
 	[jessie] - qemu <no-dsa> (Minor issue. Too complex to backport)
@@ -14122,23 +14120,23 @@ CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display emula
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along in a future DSA)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04684.html
 	NOTE: Fixed by https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=3d90c6254863693a6b13d918d2b8682e08bbc681
-CVE-2017-13671 (app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent ...)
+CVE-2017-13671
 	NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
-CVE-2017-13670 (In BlackCat CMS 1.2, remote authenticated users can upload any file via ...)
+CVE-2017-13670
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-13669 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered ...)
+CVE-2017-13669
 	NOT-FOR-US: NexusPHP
 CVE-2017-13668
 	RESERVED
 CVE-2017-13667
 	RESERVED
-CVE-2017-13666 (An integer underflow vulnerability exists in pixel-a.asm, the x86 ...)
+CVE-2017-13666
 	- x265 <not-affected> (Affected code is not enabled)
 CVE-2017-13665
 	RESERVED
-CVE-2017-13664 (Password file exposure in firmware in iSmartAlarm CubeOne version ...)
+CVE-2017-13664
 	NOT-FOR-US: iSmartAlarm CubeOne
-CVE-2017-13663 (Encryption key exposure in firmware in iSmartAlarm CubeOne version ...)
+CVE-2017-13663
 	NOT-FOR-US: iSmartAlarm CubeOne
 CVE-2017-13662
 	RESERVED
@@ -14158,20 +14156,20 @@ CVE-2017-13654
 	RESERVED
 CVE-2017-13653
 	RESERVED
-CVE-2017-13652 (NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are ...)
+CVE-2017-13652
 	NOT-FOR-US: NetApp
 CVE-2017-13651
 	RESERVED
 CVE-2017-13650
 	RESERVED
-CVE-2017-1002150 (python-fedora 0.8.0 and lower is vulnerable to an open redirect ...)
+CVE-2017-1002150
 	- python-fedora 0.9.0-1
 	[stretch] - python-fedora <no-dsa> (Minor issue)
 	[jessie] - python-fedora <no-dsa> (Minor issue)
 	NOTE: https://github.com/fedora-infra/python-fedora/commit/b27f38a67573f4c989710c9bfb726dd4c1eeb929.patch
-CVE-2017-13649 (UnrealIRCd 4.0.13 and earlier creates a PID file after dropping ...)
+CVE-2017-13649
 	- unrealircd <itp> (bug #515130)
-CVE-2017-13648 (In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the ...)
+CVE-2017-13648
 	- graphicsmagick 1.3.27-1 (unimportant)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/433/
 CVE-2017-13647
@@ -14862,372 +14860,372 @@ CVE-2017-13309
 	RESERVED
 CVE-2017-13308
 	RESERVED
-CVE-2017-13307 (A elevation of privilege vulnerability in the Upstream kernel pci ...)
+CVE-2017-13307
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13306 (A elevation of privilege vulnerability in the Upstream kernel mnh ...)
+CVE-2017-13306
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13305 (A information disclosure vulnerability in the Upstream kernel ...)
+CVE-2017-13305
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	NOTE: Fixed by: https://git.kernel.org/linus/794b4bc292f5d31739d89c0202c54e7dc9bc3add
-CVE-2017-13304 (A information disclosure vulnerability in the Upstream kernel mnh_sm ...)
+CVE-2017-13304
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13303 (A information disclosure vulnerability in the Broadcom bcmdhd driver. ...)
+CVE-2017-13303
 	NOT-FOR-US: Broadcom components for Android
-CVE-2017-13302 (A denial of service vulnerability in the Android system (system ui). ...)
+CVE-2017-13302
 	NOT-FOR-US: Android
-CVE-2017-13301 (A denial of service vulnerability in the Android system (system ui). ...)
+CVE-2017-13301
 	NOT-FOR-US: Android
-CVE-2017-13300 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-13300
 	NOT-FOR-US: Android media framework
-CVE-2017-13299 (A other vulnerability in the Android media framework (libavc). ...)
+CVE-2017-13299
 	NOT-FOR-US: Android media framework
-CVE-2017-13298 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13298
 	NOT-FOR-US: Android media framework
-CVE-2017-13297 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13297
 	NOT-FOR-US: Android media framework
-CVE-2017-13296 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13296
 	NOT-FOR-US: Android media framework
-CVE-2017-13295 (A denial of service vulnerability in the Android framework (package ...)
+CVE-2017-13295
 	NOT-FOR-US: Android
-CVE-2017-13294 (A information disclosure vulnerability in the Android framework (aosp ...)
+CVE-2017-13294
 	NOT-FOR-US: Android framework (aosp email application)
-CVE-2017-13293 (In the nfc_hci_cmd_received() function of core.c, there is a possible ...)
+CVE-2017-13293
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13292 (In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of ...)
+CVE-2017-13292
 	NOT-FOR-US: Broadcom components for Android
-CVE-2017-13291 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible ...)
+CVE-2017-13291
 	NOT-FOR-US: Android
-CVE-2017-13290 (In sdp_server_handle_client_req of sdp_server.cc, there is an out of ...)
+CVE-2017-13290
 	NOT-FOR-US: Android
-CVE-2017-13289 (In writeToParcel and createFromParcel of RttManager.java, there is a ...)
+CVE-2017-13289
 	NOT-FOR-US: Android
-CVE-2017-13288 (In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, ...)
+CVE-2017-13288
 	NOT-FOR-US: Android
-CVE-2017-13287 (In createFromParcel of VerifyCredentialResponse.java, there is a ...)
+CVE-2017-13287
 	NOT-FOR-US: Android
-CVE-2017-13286 (In writeToParcel and readFromParcel of OutputConfiguration.java, there ...)
+CVE-2017-13286
 	NOT-FOR-US: Android
-CVE-2017-13285 (In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a ...)
+CVE-2017-13285
 	NOT-FOR-US: Android
-CVE-2017-13284 (In config_set_string of config.cc, it is possible to pair a second BT ...)
+CVE-2017-13284
 	NOT-FOR-US: Android
-CVE-2017-13283 (In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a ...)
+CVE-2017-13283
 	NOT-FOR-US: Android
-CVE-2017-13282 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible ...)
+CVE-2017-13282
 	NOT-FOR-US: Android
-CVE-2017-13281 (In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible ...)
+CVE-2017-13281
 	NOT-FOR-US: Android
-CVE-2017-13280 (In the FrameSequence_gif::FrameSequence_gif function of ...)
+CVE-2017-13280
 	NOT-FOR-US: Android media framework
-CVE-2017-13279 (In M3UParser::parse of M3UParser.cpp, there is a memory resource ...)
+CVE-2017-13279
 	NOT-FOR-US: Android media framework
-CVE-2017-13278 (In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there ...)
+CVE-2017-13278
 	NOT-FOR-US: Android media framework
-CVE-2017-13277 (In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of ...)
+CVE-2017-13277
 	NOT-FOR-US: Android media framework
-CVE-2017-13276 (In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible ...)
+CVE-2017-13276
 	NOT-FOR-US: Android media framework
-CVE-2017-13275 (In getVSCoverage of CmapCoverage.cpp, there is a possible out of ...)
+CVE-2017-13275
 	NOT-FOR-US: Android
-CVE-2017-13274 (In the getHost() function of UriTest.java, there is the possibility of ...)
+CVE-2017-13274
 	NOT-FOR-US: Android
-CVE-2017-13273 (In xt_qtaguid.c, there is a race condition due to insufficient ...)
+CVE-2017-13273
 	NOT-FOR-US: Android
-CVE-2017-13272 (In alarm_ready_generic of alarm.cc, there is a possible out of bounds ...)
+CVE-2017-13272
 	NOT-FOR-US: Android
-CVE-2017-13271 (A elevation of privilege vulnerability in the upstream kernel mnh_sm ...)
+CVE-2017-13271
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13270 (A elevation of privilege vulnerability in the upstream kernel mnh_sm ...)
+CVE-2017-13270
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13269 (A information disclosure vulnerability in the Android system ...)
+CVE-2017-13269
 	NOT-FOR-US: Android
-CVE-2017-13268 (A information disclosure vulnerability in the Android system ...)
+CVE-2017-13268
 	NOT-FOR-US: Android
-CVE-2017-13267 (In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack ...)
+CVE-2017-13267
 	NOT-FOR-US: Android
-CVE-2017-13266 (In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack ...)
+CVE-2017-13266
 	NOT-FOR-US: Android
-CVE-2017-13265 (A elevation of privilege vulnerability in the Android system (OTA ...)
+CVE-2017-13265
 	NOT-FOR-US: Android
-CVE-2017-13264 (A other vulnerability in the Android media framework (Avcdec). ...)
+CVE-2017-13264
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13263 (A elevation of privilege vulnerability in the Android framework. ...)
+CVE-2017-13263
 	NOT-FOR-US: Android
-CVE-2017-13262 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds ...)
+CVE-2017-13262
 	NOT-FOR-US: Android
-CVE-2017-13261 (In bnep_process_control_packet of bnep_utils.cc, there is a possible ...)
+CVE-2017-13261
 	NOT-FOR-US: Android
-CVE-2017-13260 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds ...)
+CVE-2017-13260
 	NOT-FOR-US: Android
-CVE-2017-13259 (In functionality implemented in sdp_discovery.cc, there are possible ...)
+CVE-2017-13259
 	NOT-FOR-US: Android
-CVE-2017-13258 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds ...)
+CVE-2017-13258
 	NOT-FOR-US: Android
-CVE-2017-13257 (In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after ...)
+CVE-2017-13257
 	NOT-FOR-US: Android
-CVE-2017-13256 (In process_service_search_attr_req of sdp_server.cc, there is an out ...)
+CVE-2017-13256
 	NOT-FOR-US: Android
-CVE-2017-13255 (In process_service_attr_req of sdp_server.c, there is an out of bounds ...)
+CVE-2017-13255
 	NOT-FOR-US: Android
-CVE-2017-13254 (A other vulnerability in the Android media framework (AACExtractor). ...)
+CVE-2017-13254
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13253 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out ...)
+CVE-2017-13253
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13252 (In CryptoHal::decrypt of CryptoHal.cpp, there is an out of bounds ...)
+CVE-2017-13252
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13251 (In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a ...)
+CVE-2017-13251
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13250 (In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of ...)
+CVE-2017-13250
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13249 (In impeg2d_api_set_display_frame of impeg2d_api_main.c, there is an ...)
+CVE-2017-13249
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13248 (In impeg2_idct_recon_sse42() of impeg2_idct_recon_sse42_intr.c, there ...)
+CVE-2017-13248
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13247 (In the Pixel 2 bootloader, there is a missing permission check which ...)
+CVE-2017-13247
 	NOT-FOR-US: HTC Android components
-CVE-2017-13246 (A information disclosure vulnerability in the Upstream kernel network ...)
+CVE-2017-13246
 	NOT-FOR-US: Closed source network driver for Pixel phones
-CVE-2017-13245 (A elevation of privilege vulnerability in the Upstream kernel audio ...)
+CVE-2017-13245
 	NOT-FOR-US: Closed source audio driver for Pixel phones
-CVE-2017-13244 (A elevation of privilege vulnerability in the Upstream kernel easel. ...)
+CVE-2017-13244
 	NOT-FOR-US: Easel driver for Pixel phones
-CVE-2017-13243 (A information disclosure vulnerability in the Android system (ui). ...)
+CVE-2017-13243
 	NOT-FOR-US: Android
-CVE-2017-13242 (A information disclosure vulnerability in the Android system ...)
+CVE-2017-13242
 	NOT-FOR-US: Android
-CVE-2017-13241 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13241
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13240 (A information disclosure vulnerability in the Android framework ...)
+CVE-2017-13240
 	NOT-FOR-US: Android
-CVE-2017-13239 (A information disclosure vulnerability in the Android framework (ui ...)
+CVE-2017-13239
 	NOT-FOR-US: Android
-CVE-2017-13238 (In XBLRamDump mode, there is a debug feature that can be used to dump ...)
+CVE-2017-13238
 	NOT-FOR-US: HTC Android components
 CVE-2017-13237
 	RESERVED
-CVE-2017-13236 (In the KeyStore service, there is a permissions bypass that allows ...)
+CVE-2017-13236
 	NOT-FOR-US: Android
-CVE-2017-13235 (A other vulnerability in the Android media framework (n/a). Product: ...)
+CVE-2017-13235
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13234 (In DLSParser of the sonivox library, there is possible resource ...)
+CVE-2017-13234
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13233 (In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible ...)
+CVE-2017-13233
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13232 (In audioserver, there is an out-of-bounds write due to a log statement ...)
+CVE-2017-13232
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13231 (In libmediadrm, there is an out-of-bounds write due to improper input ...)
+CVE-2017-13231
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13230 (In hevc codec, there is an out-of-bounds write due to an incorrect ...)
+CVE-2017-13230
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13229 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-13229
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13228 (In function ih264d_ref_idx_reordering of libavc, there is an ...)
+CVE-2017-13228
 	NOT-FOR-US: Android Media Framework
 CVE-2017-13227
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2017-13226 (An elevation of privilege vulnerability in the MediaTek mtk. Product: ...)
+CVE-2017-13226
 	NOT-FOR-US: Mediatek components for Android
-CVE-2017-13225 (In libMtkOmxVdec.so there is a possible heap buffer overflow. This ...)
+CVE-2017-13225
 	NOT-FOR-US: Mediatek components for Android
 CVE-2017-13224
 	RESERVED
 CVE-2017-13223
 	RESERVED
-CVE-2017-13222 (An information disclosure vulnerability in the Upstream kernel kernel. ...)
+CVE-2017-13222
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13221 (An elevation of privilege vulnerability in the Upstream kernel wifi ...)
+CVE-2017-13221
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13220 (An elevation of privilege vulnerability in the Upstream kernel bluez. ...)
+CVE-2017-13220
 	{DSA-4187-1}
 	- linux 4.0.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/51bda2bca53b265715ca1852528f38dc67429d9a
-CVE-2017-13219 (A denial of service vulnerability in the Upstream kernel synaptics ...)
+CVE-2017-13219
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13218 (Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, ...)
+CVE-2017-13218
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13217 (In DisplayFtmItem in the bootloader, there is an out-of-bounds write ...)
+CVE-2017-13217
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13216 (In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to ...)
+CVE-2017-13216
 	- linux 4.14.17-1 (unimportant)
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux 3.16.56-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/443064cb0b1fb4569fe0a71209da7625129f
-CVE-2017-13215 (A elevation of privilege vulnerability in the Upstream kernel ...)
+CVE-2017-13215
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
-CVE-2017-13214 (In the hardware HEVC decoder, some media files could cause a page ...)
+CVE-2017-13214
 	NOT-FOR-US: HTC components for Android
-CVE-2017-13213 (An elevation of privilege vulnerability in the Broadcom bcmdhd driver. ...)
+CVE-2017-13213
 	NOT-FOR-US: Broadcom component for Android
-CVE-2017-13212 (An elevation of privilege vulnerability in the Android system ...)
+CVE-2017-13212
 	NOT-FOR-US: Android
-CVE-2017-13211 (In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible ...)
+CVE-2017-13211
 	NOT-FOR-US: Android
-CVE-2017-13210 (In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, ...)
+CVE-2017-13210
 	NOT-FOR-US: Android
-CVE-2017-13209 (In the ServiceManager::add function in the hardware service manager, ...)
+CVE-2017-13209
 	NOT-FOR-US: Android
-CVE-2017-13208 (In receive_packet of libnetutils/packet.c, there is a possible ...)
+CVE-2017-13208
 	NOT-FOR-US: Android
-CVE-2017-13207 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13207
 	NOT-FOR-US: Android media framework
-CVE-2017-13206 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13206
 	NOT-FOR-US: Android media framework
-CVE-2017-13205 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13205
 	NOT-FOR-US: Android media framework
-CVE-2017-13204 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13204
 	NOT-FOR-US: Android media framework
-CVE-2017-13203 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13203
 	NOT-FOR-US: Android media framework
-CVE-2017-13202 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13202
 	NOT-FOR-US: Android media framework
-CVE-2017-13201 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13201
 	NOT-FOR-US: Android media framework
-CVE-2017-13200 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13200
 	NOT-FOR-US: Android media framework
-CVE-2017-13199 (In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception ...)
+CVE-2017-13199
 	NOT-FOR-US: Android media framework
-CVE-2017-13198 (A vulnerability in the Android media framework (ex) related to ...)
+CVE-2017-13198
 	NOT-FOR-US: Android media framework
-CVE-2017-13197 (In the ihevcd_parse_slice.c function, slave threads are not joined if ...)
+CVE-2017-13197
 	NOT-FOR-US: Android media framework
-CVE-2017-13196 (In several places in ihevcd_decode.c, a dead loop could occur due to ...)
+CVE-2017-13196
 	NOT-FOR-US: Android media framework
-CVE-2017-13195 (In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several ...)
+CVE-2017-13195
 	NOT-FOR-US: Android media framework
-CVE-2017-13194 (A vulnerability in the Android media framework (libvpx) related to odd ...)
+CVE-2017-13194
 	{DSA-4132-1 DLA-1290-1}
 	- libvpx 1.7.0-2
 	NOTE: Android patch: https://android.googlesource.com/platform/external/libvpx/+/55cd1dd7c8d0a3de907d22e0f12718733f4e41d9
-CVE-2017-13193 (In ihevcd_decode.c there is a possible infinite loop due to bytes for ...)
+CVE-2017-13193
 	NOT-FOR-US: Android media framework
-CVE-2017-13192 (In the ihevcd_parse_slice_header function of ...)
+CVE-2017-13192
 	NOT-FOR-US: Android media framework
-CVE-2017-13191 (In the ihevcd_decode function of ihevcd_decode.c, there is an infinite ...)
+CVE-2017-13191
 	NOT-FOR-US: Android media framework
-CVE-2017-13190 (A vulnerability in the Android media framework (libhevc) related to ...)
+CVE-2017-13190
 	NOT-FOR-US: Android media framework
-CVE-2017-13189 (A vulnerability in the Android media framework (libavc) related to ...)
+CVE-2017-13189
 	NOT-FOR-US: Android media framework
-CVE-2017-13188 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13188
 	NOT-FOR-US: Android media framework
-CVE-2017-13187 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13187
 	NOT-FOR-US: Android media framework
-CVE-2017-13186 (A vulnerability in the Android media framework (libavc) related to ...)
+CVE-2017-13186
 	NOT-FOR-US: Android media framework
-CVE-2017-13185 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13185
 	NOT-FOR-US: Android media framework
-CVE-2017-13184 (In the enableVSyncInjections function of SurfaceFlinger, there is a ...)
+CVE-2017-13184
 	NOT-FOR-US: Android media framework
-CVE-2017-13183 (In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, ...)
+CVE-2017-13183
 	NOT-FOR-US: Android media framework
-CVE-2017-13182 (In the sendFormatChange function of ACodec, there is a possible ...)
+CVE-2017-13182
 	NOT-FOR-US: Android media framework
-CVE-2017-13181 (In the doGetThumb and getThumbnail functions of MtpServer, there is a ...)
+CVE-2017-13181
 	NOT-FOR-US: Android media framework
-CVE-2017-13180 (In the onQueueFilled function of SoftAVCDec, there is a possible ...)
+CVE-2017-13180
 	NOT-FOR-US: Android media framework
-CVE-2017-13179 (In the ihevcd_allocate_static_bufs and ihevcd_create functions of ...)
+CVE-2017-13179
 	NOT-FOR-US: Android media framework
-CVE-2017-13178 (In the initDecoder function of SoftAVCDec, there is a possible ...)
+CVE-2017-13178
 	NOT-FOR-US: Android media framework
-CVE-2017-13177 (In several functions of libhevc, NEON registers are not preserved. ...)
+CVE-2017-13177
 	NOT-FOR-US: Android media framework
-CVE-2017-13176 (In the parseURL function of URLStreamHandler, there is improper input ...)
+CVE-2017-13176
 	NOT-FOR-US: Android
-CVE-2017-13175 (An information disclosure vulnerability in the NVIDIA libwilhelm. ...)
+CVE-2017-13175
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-13174 (An elevation of privilege vulnerability in the kernel edl. Product: ...)
+CVE-2017-13174
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13173 (An elevation of privilege vulnerability in the MediaTek system server. ...)
+CVE-2017-13173
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13172 (An elevation of privilege vulnerability in the MediaTek bluetooth ...)
+CVE-2017-13172
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13171 (An elevation of privilege vulnerability in the MediaTek performance ...)
+CVE-2017-13171
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13170 (An elevation of privilege vulnerability in the MediaTek display ...)
+CVE-2017-13170
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13169 (An information disclosure vulnerability in the kernel camera server. ...)
+CVE-2017-13169
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13168 (An elevation of privilege vulnerability in the kernel scsi driver. ...)
+CVE-2017-13168
 	- linux 4.17.6-1
 	[stretch] - linux 4.9.130-1
 	NOTE: Fixed by: https://git.kernel.org/linus/26b5b874aff5659a7e26e5b1997e3df2c41fa7fd
-CVE-2017-13167 (An elevation of privilege vulnerability in the kernel sound timer. ...)
+CVE-2017-13167
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c3b1681375dc6e71d89a3ae00cc3ce9e775a8917
 	NOTE: Fixed by: https://git.kernel.org/linus/4dff5c7b7093b19c19d3a100f8a3ad87cb7cd9e7
-CVE-2017-13166 (An elevation of privilege vulnerability in the kernel v4l2 video ...)
+CVE-2017-13166
 	{DSA-4187-1 DSA-4120-1 DLA-1369-1}
 	- linux 4.15.4-1
 	NOTE: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13166.html
 	NOTE: https://git.kernel.org/linus/a1dfb4c48cc1e64eeb7800a27c66a6f7e88d075a
-CVE-2017-13165 (An elevation of privilege vulnerability in the kernel file system. ...)
+CVE-2017-13165
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13164 (An information disclosure vulnerability in the kernel binder driver. ...)
+CVE-2017-13164
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13163 (An elevation of privilege vulnerability in the kernel mtp usb driver. ...)
+CVE-2017-13163
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13162 (An elevation of privilege vulnerability in the kernel binder. Product: ...)
+CVE-2017-13162
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13161 (An elevation of privilege vulnerability in the Broadcom wireless ...)
+CVE-2017-13161
 	NOT-FOR-US: Broadcom components for Android
-CVE-2017-13160 (A remote code execution vulnerability in the Android system ...)
+CVE-2017-13160
 	NOT-FOR-US: Android
-CVE-2017-13159 (An information disclosure vulnerability in the Android system ...)
+CVE-2017-13159
 	NOT-FOR-US: Android
-CVE-2017-13158 (An information disclosure vulnerability in the Android system ...)
+CVE-2017-13158
 	NOT-FOR-US: Android
-CVE-2017-13157 (An information disclosure vulnerability in the Android system ...)
+CVE-2017-13157
 	NOT-FOR-US: Android
-CVE-2017-13156 (An elevation of privilege vulnerability in the Android system (art). ...)
+CVE-2017-13156
 	- android-platform-system-core <not-affected> (Not exploitable on Debian, see #890949)
 CVE-2017-13155
 	RESERVED
-CVE-2017-13154 (An elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-13154
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13153 (An elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-13153
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13152 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13152
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13151 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-13151
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13150 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13150
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13149 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-13149
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13148 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-13148
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13147 (In GraphicsMagick 1.3.26, an allocation failure vulnerability was found ...)
+CVE-2017-13147
 	- graphicsmagick 1.3.27-1 (unimportant)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/446/
-CVE-2017-13146 (In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory ...)
+CVE-2017-13146
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870013)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/437a35e57db5ec078f4a3ccbf71f941276e88430
-CVE-2017-13141 (In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file ...)
+CVE-2017-13141
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870116)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/600
-CVE-2017-13138 (DOM based Cross-site scripting (XSS) vulnerability in the Bridge theme ...)
+CVE-2017-13138
 	NOT-FOR-US: Wordpress theme
-CVE-2017-13137 (The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the ...)
+CVE-2017-13137
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-13136 (The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer ...)
+CVE-2017-13136
 	NOT-FOR-US: libbpg
-CVE-2017-13135 (A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg ...)
+CVE-2017-13135
 	- x265 2.6-3
 	[stretch] - x265 <no-dsa> (Minor issue)
 	NOTE: https://github.com/ebel34/bpg-web-encoder/issues/1
 	NOTE: https://bitbucket.org/multicoreware/x265/issues/385/cve-2017-13135
 	NOTE: https://bitbucket.org/multicoreware/x265/commits/78c0f2c8ba087b38e291226a9555b4b4dab323a5/raw
-CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer ...)
+CVE-2017-13134
 	{DSA-4321-1 DSA-4040-1 DSA-4032-1 DLA-1401-1 DLA-1170-1 DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #873099)
 	- graphicsmagick 1.3.26-19 (bug #881524)
@@ -15235,7 +15233,7 @@ CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based b
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5304ae14655a67b9a3db00563fe44d9abd6de4f0
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1b234b4fe2ec864b2d5af898a31c06c9736da904
 	NOTE: GraphicsMagick: http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05
-CVE-2017-13133 (In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks ...)
+CVE-2017-13133
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873100)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -15243,19 +15241,19 @@ CVE-2017-13133 (In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/679
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/19dbe11c5060f66abb393d1945107c5f54894fa8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/fad03699658d2607562a8487c944c300d59a1ca5
-CVE-2017-13132 (In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c ...)
+CVE-2017-13132
 	- imagemagick <not-affected> (Vulnerable code not present, introduced in 7.0.1-0)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/674
-CVE-2017-13131 (In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the ...)
+CVE-2017-13131
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/676
-CVE-2017-13130 (mcmnm in BMC Patrol allows local users to gain privileges via a crafted ...)
+CVE-2017-13130
 	NOT-FOR-US: BMC Patrol
-CVE-2017-13129 (Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web ...)
+CVE-2017-13129
 	NOT-FOR-US: ZKTeco ZKTime Web
 CVE-2017-13128
 	RESERVED
-CVE-2017-13127 (The VIP.com application for IOS and Android allows remote attackers to ...)
+CVE-2017-13127
 	NOT-FOR-US: VIP.com app
 CVE-2017-13126
 	REJECTED
@@ -15293,29 +15291,29 @@ CVE-2017-13110
 	REJECTED
 CVE-2017-13109
 	REJECTED
-CVE-2017-13108 (DFNDR Security Antivirus, Anti-hacking &amp; Cleaner, 5.0.9, 2017-11-01, ...)
+CVE-2017-13108
 	NOT-FOR-US: DFNDR Security Antivirus, Anti-hacking & Cleaner
-CVE-2017-13107 (Live.me - live stream video chat, 3.7.20, 2017-11-06, Android ...)
+CVE-2017-13107
 	NOT-FOR-US: Live.me - live stream video chat Android application
-CVE-2017-13106 (Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, ...)
+CVE-2017-13106
 	NOT-FOR-US: Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient Android application
-CVE-2017-13105 (Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, ...)
+CVE-2017-13105
 	NOT-FOR-US: Hi Security Virus Cleaner - Antivirus, Booster Android application
-CVE-2017-13104 (Uber Technologies, Inc. UberEATS: Uber for Food Delivery, 1.108.10001, ...)
+CVE-2017-13104
 	NOT-FOR-US: Uber Technologies, Inc. UberEATS: Uber for Food Delivery iOS application
 CVE-2017-13103
 	REJECTED
-CVE-2017-13102 (Gameloft Asphalt Xtreme: Offroad Rally Racing, 1.6.0, 2017-08-13, iOS ...)
+CVE-2017-13102
 	NOT-FOR-US: Gameloft Asphalt Xtreme: Offroad Rally Racing iOS application
-CVE-2017-13101 (Musical.ly Inc., musical.ly - your video social network, 6.1.6, ...)
+CVE-2017-13101
 	NOT-FOR-US: Musical.ly Inc., musical.ly - your video social network iOS application
-CVE-2017-13100 (DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application ...)
+CVE-2017-13100
 	NOT-FOR-US: DistinctDev, Inc., The Moron Test iOS application
-CVE-2017-13099 (wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle ...)
+CVE-2017-13099
 	- wolfssl 3.13.0+dfsg-1 (bug #884235)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/1229
 	NOTE: https://robotattack.org/
-CVE-2017-13098 (BouncyCastle TLS prior to version 1.0.3, when configured to use the ...)
+CVE-2017-13098
 	{DSA-4072-1}
 	- bouncycastle 1.58-1 (bug #884241)
 	[jessie] - bouncycastle <not-affected> (Vulnerable code introduced in 1.56 with tls API addition)
@@ -15324,43 +15322,43 @@ CVE-2017-13098 (BouncyCastle TLS prior to version 1.0.3, when configured to use
 	NOTE: Fixed by: https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
 	NOTE: Fixed in 1.59 beta 9
 	NOTE: https://robotattack.org/
-CVE-2017-13097 (The P1735 IEEE standard describes flawed methods for encrypting ...)
+CVE-2017-13097
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13096 (The P1735 IEEE standard describes flawed methods for encrypting ...)
+CVE-2017-13096
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13095 (The P1735 IEEE standard describes flawed methods for encrypting ...)
+CVE-2017-13095
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13094 (The P1735 IEEE standard describes flawed methods for encrypting ...)
+CVE-2017-13094
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13093 (The P1735 IEEE standard describes flawed methods for encrypting ...)
+CVE-2017-13093
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13092 (The P1735 IEEE standard describes flawed methods for encrypting ...)
+CVE-2017-13092
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13091 (The P1735 IEEE standard describes flawed methods for encrypting ...)
+CVE-2017-13091
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13090 (The retr.c:fd_read_body() function is called when processing OK ...)
+CVE-2017-13090
 	{DSA-4008-1 DLA-1149-1}
 	- wget 1.19.2-1 (bug #879957)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba
-CVE-2017-13089 (The http.c:skip_short_body() function is called in some circumstances, ...)
+CVE-2017-13089
 	{DSA-4008-1 DLA-1149-1}
 	- wget 1.19.2-1 (bug #879957)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f
-CVE-2017-13088 (Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows ...)
+CVE-2017-13088
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13087 (Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows ...)
+CVE-2017-13087
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13086 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the ...)
+CVE-2017-13086
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
 CVE-2017-13085
 	RESERVED
-CVE-2017-13084 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the ...)
+CVE-2017-13084
 	- wpa <unfixed> (unimportant)
 	NOTE: From https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
 	NOTE: As far as the related CVE-2017-13084 (reinstallation of the STK key in
@@ -15369,20 +15367,20 @@ CVE-2017-13084 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of t
 	NOTE: installation of the key into the driver does not work. As such, this
 	NOTE: item is not applicable in practice. Furthermore, the PeerKey handshake
 	NOTE: for IEEE 802.11e DLS is obsolete and not known to have been deployed.
-CVE-2017-13083 (Akeo Consulting Rufus prior to version 2.17.1187 does not adequately ...)
+CVE-2017-13083
 	NOT-FOR-US: Akeo Consulting Rufus
-CVE-2017-13082 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r ...)
+CVE-2017-13082
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13081 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w ...)
+CVE-2017-13081
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13080 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the ...)
+CVE-2017-13080
 	{DSA-3999-1 DLA-1573-1 DLA-1200-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
@@ -15393,21 +15391,21 @@ CVE-2017-13080 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of t
 	[jessie] - linux 3.16.51-1
 	NOTE: https://w1.fi/security/2017-1/
 	NOTE: https://git.kernel.org/linus/fdf7cb4185b60c68e1a75e61691c4afdc15dea0e (v4.14-rc6)
-CVE-2017-13079 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w ...)
+CVE-2017-13079
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13078 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the ...)
+CVE-2017-13078
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13077 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the ...)
+CVE-2017-13077
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
@@ -15420,42 +15418,42 @@ CVE-2017-13075
 	RESERVED
 CVE-2017-13074
 	RESERVED
-CVE-2017-13073 (Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo ...)
+CVE-2017-13073
 	NOT-FOR-US: NAP NAS application Photo Station
-CVE-2017-13072 (Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS ...)
+CVE-2017-13072
 	NOT-FOR-US: QNAP
-CVE-2017-13071 (QNAP has already patched this vulnerability. This security concern ...)
+CVE-2017-13071
 	NOT-FOR-US: QNAP
-CVE-2017-13070 (A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version ...)
+CVE-2017-13070
 	NOT-FOR-US: QNAP
-CVE-2017-13069 (QNAP discovered a number of command injection vulnerabilities found in ...)
+CVE-2017-13069
 	NOT-FOR-US: QNAP
-CVE-2017-13068 (QNAP has already patched this vulnerability. This security concern ...)
+CVE-2017-13068
 	NOT-FOR-US: QNAP
-CVE-2017-13067 (QNAP has patched a remote code execution vulnerability affecting the ...)
+CVE-2017-13067
 	NOT-FOR-US: QNAP
-CVE-2017-13066 (GraphicsMagick 1.3.26 has a memory leak vulnerability in the function ...)
+CVE-2017-13066
 	- graphicsmagick 1.3.27-1 (unimportant)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/430/
-CVE-2017-13065 (GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in ...)
+CVE-2017-13065
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-7 (bug #873119)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/435/
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
-CVE-2017-13064 (GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in ...)
+CVE-2017-13064
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-7 (bug #873129)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/436/
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
-CVE-2017-13063 (GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in ...)
+CVE-2017-13063
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-7 (bug #873130)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/434/
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
-CVE-2017-13062 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the ...)
+CVE-2017-13062
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/669
-CVE-2017-13061 (In ImageMagick 7.0.6-5, a length-validation vulnerability was found in ...)
+CVE-2017-13061
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #873131)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
@@ -15463,262 +15461,262 @@ CVE-2017-13061 (In ImageMagick 7.0.6-5, a length-validation vulnerability was fo
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/645
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/90ed66889d6455a1d7f36e939977fa099e2d7ca7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/90ed66889d6455a1d7f36e939977fa099e2d7ca7
-CVE-2017-13060 (In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the ...)
+CVE-2017-13060
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/644
-CVE-2017-13059 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the ...)
+CVE-2017-13059
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/667
-CVE-2017-13058 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the ...)
+CVE-2017-13058
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/666
 CVE-2017-13057
 	RESERVED
-CVE-2017-13056 (The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might ...)
+CVE-2017-13056
 	NOT-FOR-US: PDF-XChange Viewer
-CVE-2017-13055 (The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13055
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13054 (The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13054
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13053 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13053
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13052 (The CFM parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13052
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13051 (The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13051
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13050 (The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13050
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13049 (The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13049
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13048 (The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13048
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13047 (The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13047
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13046 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13046
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13045 (The VQP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13045
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13044 (The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13044
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13043 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13043
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13042 (The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13042
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13041 (The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13041
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13040 (The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13040
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13039 (The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13039
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13038 (The PPP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13038
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13037 (The IP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13037
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13036 (The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13036
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13035 (The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13035
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13034 (The PGM parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13034
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13033 (The VTP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13033
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13032 (The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13032
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13031 (The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a ...)
+CVE-2017-13031
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13030 (The PIM parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13030
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13029 (The PPP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13029
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13028 (The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13028
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13027 (The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13027
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13026 (The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13026
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13025 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13025
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13024 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13024
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13023 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13023
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13022 (The IP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13022
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13021 (The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13021
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13020 (The VTP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13020
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13019 (The PGM parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13019
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13018 (The PGM parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13018
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13017 (The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13017
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13016 (The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13016
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13015 (The EAP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13015
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13014 (The White Board protocol parser in tcpdump before 4.9.2 has a buffer ...)
+CVE-2017-13014
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13013 (The ARP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13013
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13012 (The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13012
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13011 (Several protocol parsers in tcpdump before 4.9.2 could cause a buffer ...)
+CVE-2017-13011
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13010 (The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13010
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13009 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13009
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13008 (The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13008
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13007 (The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13007
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13006 (The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13006
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13005 (The NFS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13005
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13004 (The Juniper protocols parser in tcpdump before 4.9.2 has a buffer ...)
+CVE-2017-13004
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13003 (The LMP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13003
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13002 (The AODV parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13002
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13001 (The NFS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-13001
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13000 (The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-13000
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12999 (The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12999
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12998 (The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12998
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12997 (The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop ...)
+CVE-2017-12997
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12996 (The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12996
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12995 (The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due ...)
+CVE-2017-12995
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12994 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12994
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12993 (The Juniper protocols parser in tcpdump before 4.9.2 has a buffer ...)
+CVE-2017-12993
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12992 (The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12992
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12991 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12991
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12990 (The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop ...)
+CVE-2017-12990
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12989 (The RESP parser in tcpdump before 4.9.2 could enter an infinite loop ...)
+CVE-2017-12989
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12988 (The telnet parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12988
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12987 (The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read ...)
+CVE-2017-12987
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12986 (The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer ...)
+CVE-2017-12986
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12985 (The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12985
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12984 (PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, ...)
+CVE-2017-12984
 	NOT-FOR-US: PHPMyWind
-CVE-2017-12983 (Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c ...)
+CVE-2017-12983
 	{DSA-4040-1 DSA-4032-1 DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #873134)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/682
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d4145e664aea3752ca6d3bf1ee825352b595dab5
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/26078285f49c361ad8ddc8e14bd1d4aab7ed5682
-CVE-2017-12981 (NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via ...)
+CVE-2017-12981
 	NOT-FOR-US: NexusPHP
-CVE-2017-12980 (DokuWiki through 2017-02-19c has stored XSS when rendering a malicious ...)
+CVE-2017-12980
 	- dokuwiki 0.0.20180422.a-1 (bug #872941)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2081
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/f883db117a4fdeae72071db41b3ef5932d6335da
-CVE-2017-12979 (DokuWiki through 2017-02-19c has stored XSS when rendering a malicious ...)
+CVE-2017-12979
 	- dokuwiki 0.0.20180422.a-1 (bug #872940)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2080
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/56bd9509ab2037512829392fda6427af7f390724
-CVE-2017-12978 (lib/html.php in Cacti before 1.1.18 has XSS via the title field of an ...)
+CVE-2017-12978
 	- cacti 1.1.18+ds1-1
 	[stretch] - cacti <not-affected> (Vulnerable code, external link support, introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code, external link support, introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code, external link support, introduced later)
 	NOTE: https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24
 	NOTE: https://github.com/Cacti/cacti/issues/918
-CVE-2017-12977 (The Web-Dorado &quot;Photo Gallery by WD - Responsive Photo Gallery&quot; plugin ...)
+CVE-2017-12977
 	NOT-FOR-US: Web-Dorado plugin for Wordpress
 CVE-2017-1000216
 	REJECTED
@@ -15754,19 +15752,19 @@ CVE-2017-1000124
 	REJECTED
 CVE-2017-1000123
 	REJECTED
-CVE-2017-12982 (The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG ...)
+CVE-2017-12982
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/983
 	NOTE: https://github.com/uclouvain/openjpeg/commit/baf0c1ad4572daa89caa3b12985bdd93530f0dd7
 CVE-2017-12975
 	RESERVED
-CVE-2017-12974 (Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without ...)
+CVE-2017-12974
 	NOT-FOR-US: Nimbus JOSE + JWT
-CVE-2017-12973 (Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an ...)
+CVE-2017-12973
 	NOT-FOR-US: Nimbus JOSE + JWT
-CVE-2017-12972 (In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when ...)
+CVE-2017-12972
 	NOT-FOR-US: Nimbus JOSE + JWT
-CVE-2017-12976 (git-annex before 6.20170818 allows remote attackers to execute ...)
+CVE-2017-12976
 	{DSA-4010-1 DLA-1495-1 DLA-1144-1}
 	- git-annex 6.20170818-1 (bug #873088)
 	NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commit;h=df11e54788b254efebb4898b474de11ae8d3b471
@@ -15775,182 +15773,182 @@ CVE-2017-12976 (git-annex before 6.20170818 allows remote attackers to execute .
 	NOTE: jessie patch: https://gitlab.com/anarcat/git-annex/commit/58daf6cbe4c1ea1cf71f3a538a0e27b5075c7265
 	NOTE: stretch patch: https://gitlab.com/anarcat/git-annex/commit/115585df48dce16aa702663dab220de625b9de7d
 	NOTE: This is similar class of issue as for CVE-2017-1000117/git
-CVE-2017-12971 (Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows ...)
+CVE-2017-12971
 	NOT-FOR-US: Apache2Triad
-CVE-2017-12970 (Cross-site request forgery (CSRF) vulnerability in Apache2Triad 1.5.4 ...)
+CVE-2017-12970
 	NOT-FOR-US: Apache2Triad
-CVE-2017-12969 (Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in ...)
+CVE-2017-12969
 	NOT-FOR-US: Avaya IP Office Contact Center
 CVE-2017-12968
 	RESERVED
-CVE-2017-12967 (The getsym function in tekhex.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-12967
 	- binutils 2.29-5
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21962
-CVE-2017-12966 (The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in ...)
+CVE-2017-12966
 	- asn1c <unfixed> (unimportant)
-CVE-2017-12965 (Session fixation vulnerability in Apache2Triad 1.5.4 allows remote ...)
+CVE-2017-12965
 	NOT-FOR-US: Apache2Triad
-CVE-2017-12964 (There is a stack consumption issue in LibSass 3.4.5 that is triggered ...)
+CVE-2017-12964
 	- libsass <unfixed> (low; bug #873034)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482397
-CVE-2017-12963 (There is an illegal address access in Sass::Eval::operator() in ...)
+CVE-2017-12963
 	- libsass <unfixed> (low; bug #873034)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482335
 	NOTE: Similar issue to CVE-2017-11555 but for the issue which remains unfixed
 	NOTE: with the upstream patch for CVE-2017-11555.
-CVE-2017-12962 (There are memory leaks in LibSass 3.4.5 triggered by deeply nested ...)
+CVE-2017-12962
 	- libsass <unfixed> (low; bug #873034)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482331
-CVE-2017-12961 (There is an assertion abort in the function parse_attributes() in ...)
+CVE-2017-12961
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482436
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12960 (There is a reachable assertion abort in the function dict_rename_var() ...)
+CVE-2017-12960
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482433
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12959 (There is a reachable assertion abort in the function dict_add_mrset() ...)
+CVE-2017-12959
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482432
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12958 (There is an illegal address access in the function output_hex() in ...)
+CVE-2017-12958
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482429
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12957 (There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that ...)
+CVE-2017-12957
 	- exiv2 <not-affected> (Incorrect memory allocation introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/60
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482423
 	NOTE: Experimental is affected, tracking as #876242
-CVE-2017-12956 (There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() ...)
+CVE-2017-12956
 	[experimental] - exiv2 <unfixed> (low; bug #888872)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/59
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482296
 	NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The file contains data of an unknown image type"
 	NOTE: Reproducible in experimental (0.26-1).
-CVE-2017-12955 (There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The ...)
+CVE-2017-12955
 	[experimental] - exiv2 <unfixed> (bug #888873)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/58
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482295
 	NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The memory contains data of an unknown image type"
 	NOTE: Reproducible in experimental (0.26-1).
-CVE-2017-12954 (The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig ...)
+CVE-2017-12954
 	- libgig 4.0.0-5 (low; bug #877652)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3350
-CVE-2017-12953 (The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in ...)
+CVE-2017-12953
 	- libgig 4.0.0-4 (low; bug #873718)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
-CVE-2017-12952 (The LoadString function in helper.h in libgig 4.0.0 allows remote ...)
+CVE-2017-12952
 	- libgig 4.0.0-4 (low; bug #873718)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
-CVE-2017-12951 (The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in ...)
+CVE-2017-12951
 	- libgig 4.0.0-5 (low; bug #877651)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3349
-CVE-2017-12950 (The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows ...)
+CVE-2017-12950
 	- libgig 4.0.0-4 (low; bug #873718)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
-CVE-2017-12949 (lib\modules\contributors\contributor_list_table.php in the Podlove ...)
+CVE-2017-12949
 	NOT-FOR-US: Podlove Podcast Publisher plugin for Wordpress
-CVE-2017-12948 (Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier ...)
+CVE-2017-12948
 	NOT-FOR-US: PressForward plugin for Wordpress
-CVE-2017-12947 (classes\controller\admin\modals.php in the Easy Modal plugin before ...)
+CVE-2017-12947
 	NOT-FOR-US: Easy Modal plugin for WordPress
-CVE-2017-12946 (classes\controller\admin\modals.php in the Easy Modal plugin before ...)
+CVE-2017-12946
 	NOT-FOR-US: Easy Modal plugin for WordPress
 CVE-2017-12945
 	RESERVED
-CVE-2017-12944 (The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 ...)
+CVE-2017-12944
 	{DSA-4100-1 DLA-1093-1}
 	- tiff 4.0.8-6 (bug #872607)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2725
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/dc02f9050311a90b3c0655147cee09bfa7081cfc
-CVE-2017-12943 (D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers ...)
+CVE-2017-12943
 	NOT-FOR-US: D-Link DIR-600 Rev Bx devices
-CVE-2017-12939 (A Remote Code Execution vulnerability was identified in all Windows ...)
+CVE-2017-12939
 	NOT-FOR-US: Unity Editor
-CVE-2017-12942 (libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the ...)
+CVE-2017-12942
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12941 (libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the ...)
+CVE-2017-12941
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12940 (libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the ...)
+CVE-2017-12940
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12938 (UnRAR before 5.5.7 allows remote attackers to bypass a ...)
+CVE-2017-12938
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/2
-CVE-2017-12937 (The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has ...)
+CVE-2017-12937
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-6 (bug #872574)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/5
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
-CVE-2017-12936 (The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has ...)
+CVE-2017-12936
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-6 (bug #872575)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/3
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd
-CVE-2017-12935 (The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
+CVE-2017-12935
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-6 (bug #872576)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/4
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188
-CVE-2017-12934 (ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x ...)
+CVE-2017-12934
 	{DSA-4080-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
 	NOTE: Fixed in 7.1.7, 7.0.21
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74101
-CVE-2017-12933 (The finish_nested_data function in ext/standard/var_unserializer.re in ...)
+CVE-2017-12933
 	{DSA-4081-1 DSA-4080-1 DLA-1076-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
 	- php5 <removed>
 	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74111
-CVE-2017-12932 (ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x ...)
+CVE-2017-12932
 	{DSA-4080-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
@@ -15959,11 +15957,11 @@ CVE-2017-12932 (ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and
 	NOTE: https://github.com/php/php-src/commit/1a23ebc1fff59bf480ca92963b36eba5c1b904c4
 CVE-2017-12931
 	RESERVED
-CVE-2017-12930 (SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 ...)
+CVE-2017-12930
 	NOT-FOR-US: TecnoVISION DLX Spot Player4
-CVE-2017-12929 (Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 ...)
+CVE-2017-12929
 	NOT-FOR-US: TecnoVISION DLX Spot Player4
-CVE-2017-12928 (A hard-coded password of tecn0visi0n for the dlxuser account in ...)
+CVE-2017-12928
 	NOT-FOR-US: TecnoVISION DLX Spot Player4
 CVE-2017-12926
 	RESERVED
@@ -15979,89 +15977,89 @@ CVE-2017-12914
 	RESERVED
 CVE-2017-12913
 	RESERVED
-CVE-2017-12912 (The &quot;mpglibDBL/layer3.c&quot; file in MP3Gain 1.5.2.r2 has a vulnerability ...)
+CVE-2017-12912
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://drive.google.com/open?id=0B9DojFnTUSNGeS1hZlJkeGVkYlU
-CVE-2017-12911 (The &quot;apetag.c&quot; file in MP3Gain 1.5.2.r2 has a vulnerability which ...)
+CVE-2017-12911
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://drive.google.com/open?id=0B9DojFnTUSNGeS1hZlJkeGVkYlU
-CVE-2017-12910 (SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows ...)
+CVE-2017-12910
 	NOT-FOR-US: NexusPHP
-CVE-2017-12909 (SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows ...)
+CVE-2017-12909
 	NOT-FOR-US: NexusPHP
-CVE-2017-12908 (SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows ...)
+CVE-2017-12908
 	NOT-FOR-US: NexusPHP
-CVE-2017-12907 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the url ...)
+CVE-2017-12907
 	NOT-FOR-US: NexusPHP
-CVE-2017-12906 (Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow ...)
+CVE-2017-12906
 	NOT-FOR-US: NexusPHP
-CVE-2017-12905 (Server Side Request Forgery vulnerability in Vebto Pixie Image Editor ...)
+CVE-2017-12905
 	NOT-FOR-US: Vebto Pixie Image Editor
-CVE-2017-12904 (Improper Neutralization of Special Elements used in an OS Command in ...)
+CVE-2017-12904
 	{DSA-3947-1 DLA-1061-1}
 	- newsbeuter 2.9-6
 	NOTE: https://github.com/akrennmair/newsbeuter/issues/591
 	NOTE: https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307
 CVE-2017-12903
 	RESERVED
-CVE-2017-12902 (The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12902
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12901 (The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12901
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12900 (Several protocol parsers in tcpdump before 4.9.2 could cause a buffer ...)
+CVE-2017-12900
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12899 (The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12899
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12898 (The NFS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12898
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12897 (The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12897
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12896 (The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12896
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12895 (The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12895
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12894 (Several protocol parsers in tcpdump before 4.9.2 could cause a buffer ...)
+CVE-2017-12894
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12893 (The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
+CVE-2017-12893
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12925 (Double free vulnerability in DfFromLB in docfile.cxx in libfpx ...)
+CVE-2017-12925
 	NOT-FOR-US: libfpx
-CVE-2017-12924 (CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1_p6 allows remote ...)
+CVE-2017-12924
 	NOT-FOR-US: libfpx
-CVE-2017-12923 (OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows ...)
+CVE-2017-12923
 	NOT-FOR-US: libfpx
-CVE-2017-12922 (wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial ...)
+CVE-2017-12922
 	NOT-FOR-US: libfpx
-CVE-2017-12921 (PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx ...)
+CVE-2017-12921
 	NOT-FOR-US: libfpx
-CVE-2017-12920 (CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote ...)
+CVE-2017-12920
 	NOT-FOR-US: libfpx
-CVE-2017-12919 (Heap-based buffer overflow in OLEStream::WriteVT_LPSTR in olestrm.cpp ...)
+CVE-2017-12919
 	NOT-FOR-US: libfpx
-CVE-2017-12927 (A cross-site scripting vulnerability exists in Cacti 1.1.17 in the ...)
+CVE-2017-12927
 	- cacti 1.1.17+ds1-2 (bug #872478)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/issues/907
 	NOTE: https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99
-CVE-2017-1000108 (The Pipeline: Input Step Plugin by default allowed users with ...)
+CVE-2017-1000108
 	NOT-FOR-US: Jenkins Input Step Plugin
-CVE-2017-1000107 (Script Security Plugin did not apply sandboxing restrictions to ...)
+CVE-2017-1000107
 	NOT-FOR-US: Jenkins Script Security Plugin
-CVE-2017-12892 (Foxit PDF Compressor installers from versions from 7.0.0.183 to ...)
+CVE-2017-12892
 	NOT-FOR-US: Foxit PDF Compressor
 CVE-2017-12891
 	RESERVED
@@ -16079,7 +16077,7 @@ CVE-2017-12885
 	RESERVED
 CVE-2017-12884
 	RESERVED
-CVE-2017-12883 (Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 ...)
+CVE-2017-12883
 	{DSA-3982-1}
 	- perl 5.26.0-8 (bug #875597)
 	[wheezy] - perl <not-affected> (Vulnerable code introduced later)
@@ -16087,28 +16085,28 @@ CVE-2017-12883 (Buffer overflow in the S_grok_bslash_N function in regcomp.c in
 	NOTE: https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/2692dda97731c37082a0075eff50d741901c665f
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/40b3cdad3649334585cee8f4630ec9a025e62be6
-CVE-2017-12882 (Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin ...)
+CVE-2017-12882
 	NOT-FOR-US: Spring Batch Admin
-CVE-2017-12881 (Cross-site request forgery (CSRF) vulnerability in the Spring Batch ...)
+CVE-2017-12881
 	NOT-FOR-US: Spring Batch Admin
 CVE-2017-12880
 	REJECTED
-CVE-2017-12879 (Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR ...)
+CVE-2017-12879
 	NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2017-12878
 	RESERVED
-CVE-2017-12877 (Use-after-free vulnerability in the DestroyImage function in image.c ...)
+CVE-2017-12877
 	{DSA-4074-1 DSA-4040-1 DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #872373)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/662
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890
 	NOTE: This doesn't affect the base releases, but got introduced via security fixes, which got backported to older suites
-CVE-2017-12876 (Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 ...)
+CVE-2017-12876
 	- imagemagick <not-affected> (Specific to Imagemagick 7, 6.x uses fixed pixel cache morphology)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/663
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e
-CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows ...)
+CVE-2017-12875
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873871)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16118,111 +16116,111 @@ CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d96b55ea41e71de43663818ccd17c6af3fa6c4fd
 CVE-2017-12866
 	RESERVED
-CVE-2017-12865 (Stack-based buffer overflow in &quot;dnsproxy.c&quot; in connman 1.34 and ...)
+CVE-2017-12865
 	{DSA-3956-1 DLA-1078-1}
 	- connman 1.35-1 (bug #872844)
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71 (1.35)
-CVE-2017-12864 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did ...)
+CVE-2017-12864
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #875345)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9372
-CVE-2017-12863 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ...)
+CVE-2017-12863
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #875344)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9371
-CVE-2017-12862 (In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer ...)
+CVE-2017-12862
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #875342)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9370
-CVE-2017-12861 (The Epson &quot;EasyMP&quot; software is designed to remotely stream a users ...)
+CVE-2017-12861
 	NOT-FOR-US: Epson "EasyMP"
-CVE-2017-12860 (The Epson &quot;EasyMP&quot; software is designed to remotely stream a users ...)
+CVE-2017-12860
 	NOT-FOR-US: Epson "EasyMP"
-CVE-2017-12859 (NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS ...)
+CVE-2017-12859
 	NOT-FOR-US: NetApp
-CVE-2017-12858 (Double free vulnerability in the _zip_dirent_read function in ...)
+CVE-2017-12858
 	- libzip <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced after: https://github.com/nih-at/libzip/commit/796c5968ad679220db3fb65ec6f48c66e554e5d5 (rel-1-2-0)
 	NOTE: Fixed by: https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796
-CVE-2017-12857 (Polycom SoundStation IP, VVX, and RealPresence Trio that are running ...)
+CVE-2017-12857
 	NOT-FOR-US: Polycom
-CVE-2017-12856 (Cross-site scripting (XSS) vulnerability in C.P.Sub 5.2 allows remote ...)
+CVE-2017-12856
 	NOT-FOR-US: C.P.Sub
 CVE-2017-12854
 	RESERVED
-CVE-2017-12874 (The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof ...)
+CVE-2017-12874
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.11-1
 	NOTE: Issue lies in simplesamlphp/simplesamlphp-module-infocard and fixed
 	NOTE: in 1.0.1. The module is embedded in src:simplesamlphp
 	NOTE: https://simplesamlphp.org/security/201612-03
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp-module-infocard/commit/7353762acacd827a61378629f87de991451089da
-CVE-2017-12873 (SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain ...)
+CVE-2017-12873
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.11-1
 	NOTE: https://simplesamlphp.org/security/201612-04
 	NOTE: Patches: https://github.com/simplesamlphp/simplesamlphp/commit/90dca835158495b173808273e7df127303b8b953aa
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/e2daf4ceb6e580815c3741384b3a09b85a5fc231
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/300d8aa48fe93706ade95be481c68e9cf2f32d1f
-CVE-2017-12872 (The (1) Htpasswd authentication source in the authcrypt module and (2) ...)
+CVE-2017-12872
 	{DLA-1408-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	[stretch] - simplesamlphp <no-dsa> (Minor issue)
 	NOTE: https://simplesamlphp.org/security/201703-01
 	NOTE: Patches: https://github.com/simplesamlphp/simplesamlphp/commit/ab7761d4a523a4ed00479fb1ddba688e7ca72439
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1
-CVE-2017-12871 (The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in ...)
+CVE-2017-12871
 	- simplesamlphp 1.14.15-1
 	[jessie] - simplesamlphp <not-affected> (Vulnerable code not present)
 	[wheezy] - simplesamlphp <not-affected> (Vulnerable code not present)
 	NOTE: https://simplesamlphp.org/security/201703-02
-CVE-2017-12870 (SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle ...)
+CVE-2017-12870
 	- simplesamlphp 1.14.15-1
 	[jessie] - simplesamlphp <ignored> (Minor issue mitigated by HTTPS usage, hard to backport)
 	[wheezy] - simplesamlphp <ignored> (Minor issue mitigated by HTTPS usage, hard to backport)
 	NOTE: https://simplesamlphp.org/security/201704-01
-CVE-2017-12869 (The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows ...)
+CVE-2017-12869
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	NOTE: https://simplesamlphp.org/security/201704-02
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/f1e485284dd428ab3cd9500c62e19c7c7234be9a
-CVE-2017-12868 (The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in ...)
+CVE-2017-12868
 	{DLA-1408-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	[stretch] - simplesamlphp <not-affected> (Only affects setups with old PHP versions not found in stable)
 	NOTE: https://simplesamlphp.org/security/201705-01
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1
-CVE-2017-12867 (The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 ...)
+CVE-2017-12867
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	NOTE: https://simplesamlphp.org/security/201708-01
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/608f24c2d5afd70c2af050785d2b12f878b33c68
-CVE-2017-12855 (Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform ...)
+CVE-2017-12855
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-230.html
-CVE-2017-12853 (The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is ...)
+CVE-2017-12853
 	NOT-FOR-US: RealTime RWR-3G-100 Router Firmware
-CVE-2017-12852 (The numpy.pad function in Numpy 1.13.1 and older versions is missing ...)
+CVE-2017-12852
 	- python-numpy <unfixed> (unimportant; bug #872407)
 	NOTE: https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
 	NOTE: Negligible security impact
-CVE-2017-12851 (An authenticated standard user could reset the password of the admin ...)
+CVE-2017-12851
 	- kanboard <itp> (bug #790814)
-CVE-2017-12850 (An authenticated standard user could reset the password of other users ...)
+CVE-2017-12850
 	- kanboard <itp> (bug #790814)
 	NOTE: https://github.com/kanboard/kanboard/commit/88dd6abbf3f519897f2f6280e95c9eec9123a4ae
-CVE-2017-12849 (Response discrepancy in the login and password reset forms in ...)
+CVE-2017-12849
 	NOT-FOR-US: SilverStripe CMS
 CVE-2017-12848
 	RESERVED
-CVE-2017-12847 (Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping ...)
+CVE-2017-12847
 	- nagios3 <removed>
 	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
@@ -16234,9 +16232,9 @@ CVE-2017-12846
 	RESERVED
 CVE-2017-12845
 	RESERVED
-CVE-2017-12844 (Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp ...)
+CVE-2017-12844
 	NOT-FOR-US: IceWarp
-CVE-2017-12843 (Cyrus IMAP before 3.0.3 allows remote authenticated users to write to ...)
+CVE-2017-12843
 	- cyrus-imapd <not-affected> (Vulnerable code introduced later)
 	- cyrus-imapd-2.4 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/d734a23122155f3522a8cb6aef118223aa73cde0
@@ -16244,13 +16242,13 @@ CVE-2017-12842
 	RESERVED
 CVE-2017-12841
 	RESERVED
-CVE-2017-12840 (A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ client ...)
+CVE-2017-12840
 	NOTE: DESLock+
 CVE-2017-12839
 	RESERVED
-CVE-2017-12838 (Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows ...)
+CVE-2017-12838
 	NOT-FOR-US: NexusPHP
-CVE-2017-12837 (Heap-based buffer overflow in the S_regatom function in regcomp.c in ...)
+CVE-2017-12837
 	{DSA-3982-1}
 	- perl 5.26.0-8 (bug #875596)
 	[wheezy] - perl <not-affected> (Vulnerable code introduced after 5.14.4)
@@ -16280,38 +16278,38 @@ CVE-2017-12826
 	REJECTED
 CVE-2017-12825
 	RESERVED
-CVE-2017-12824 (Special crafted InPage document leads to arbitrary code execution in ...)
+CVE-2017-12824
 	NOT-FOR-US: InPage
-CVE-2017-12823 (Kernel pool memory corruption in one of drivers in Kaspersky Embedded ...)
+CVE-2017-12823
 	NOT-FOR-US: Kaspersky
-CVE-2017-12822 (Remote enabling and disabling admin interface in Gemalto's HASP SRM, ...)
+CVE-2017-12822
 	NOT-FOR-US: Gemalto
-CVE-2017-12821 (Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel ...)
+CVE-2017-12821
 	NOT-FOR-US: Gemalto
-CVE-2017-12820 (Arbitrary memory read from controlled memory pointer in Gemalto's HASP ...)
+CVE-2017-12820
 	NOT-FOR-US: Gemalto
-CVE-2017-12819 (Remote manipulations with language pack updater lead to NTLM-relay ...)
+CVE-2017-12819
 	NOT-FOR-US: Gemalto
-CVE-2017-12818 (Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel ...)
+CVE-2017-12818
 	NOT-FOR-US: Gemalto
-CVE-2017-12817 (In Kaspersky Internet Security for Android 11.12.4.1622, some of the ...)
+CVE-2017-12817
 	NOT-FOR-US: Kaspersky Internet Security for Android
-CVE-2017-12816 (In Kaspersky Internet Security for Android 11.12.4.1622, some of ...)
+CVE-2017-12816
 	NOT-FOR-US: Kaspersky Internet Security for Android
-CVE-2017-12815 (Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet ...)
+CVE-2017-12815
 	NOT-FOR-US: Bomgar Remote Support Portal JavaStart Applet
-CVE-2017-12814 (Stack-based buffer overflow in the CPerlHost::Add method in ...)
+CVE-2017-12814
 	- perl <not-affected> (Windows specific issue)
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=131665 (not yet public)
-CVE-2017-12813 (PHPJabbers File Sharing Script 1.0 has stored XSS in the comments ...)
+CVE-2017-12813
 	NOT-FOR-US: PHPJabbers File Sharing Script
-CVE-2017-12812 (PHPJabbers Night Club Booking Software has stored XSS in the name ...)
+CVE-2017-12812
 	NOT-FOR-US: PHPJabbers Night Club Booking Software
-CVE-2017-12811 (PHPJabbers Star Rating Script 4.0 has stored XSS via a rating item. ...)
+CVE-2017-12811
 	NOT-FOR-US: PHPJabbers Star Rating Script
-CVE-2017-12810 (PHPJabbers PHP Newsletter Script 4.2 has stored XSS in lists in the ...)
+CVE-2017-12810
 	NOT-FOR-US: PHPJabbers PHP Newsletter Script
-CVE-2017-12809 (QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM ...)
+CVE-2017-12809
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (bug #873849)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -16329,39 +16327,39 @@ CVE-2017-12805
 	RESERVED
 CVE-2017-12804
 	RESERVED
-CVE-2017-12803 (The Node_ValidatePtr function in corec/corec/node/node.c in mkclean ...)
+CVE-2017-12803
 	NOT-FOR-US: mkclean
-CVE-2017-12802 (The EBML_IntegerValue function in ebmlnumber.c in libebml2 through ...)
+CVE-2017-12802
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12801 (The UpdateDataSize function in ebmlmaster.c in libebml2 through ...)
+CVE-2017-12801
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12800 (The EBML_FindNextElement function in ebmlmain.c in libebml2 through ...)
+CVE-2017-12800
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12836 (CVS 1.12.x, when configured to use SSH for remote repositories, might ...)
+CVE-2017-12836
 	{DSA-3940-1 DLA-1056-1}
 	- cvs 2:1.12.13+real-24 (bug #871810)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/11/1
-CVE-2017-12799 (The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows ...)
+CVE-2017-12799
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21933
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=957e1fc1c5d0262e4b2f764cf031ad1458446498
-CVE-2017-12798 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the q ...)
+CVE-2017-12798
 	NOT-FOR-US: NexusPHP
-CVE-2017-12797 (Integer overflow in the INT123_parse_new_id3 function in the ID3 ...)
+CVE-2017-12797
 	- mpg123 1.25.6-1
 	[stretch] - mpg123 <no-dsa> (Minor issue)
 	[jessie] - mpg123 <no-dsa> (Minor issue)
 	[wheezy] - mpg123 <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/mpg123/bugs/254/
 	NOTE: https://sourceforge.net/p/mpg123/mailman/message/35987663/
-CVE-2017-12796 (The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as ...)
+CVE-2017-12796
 	NOT-FOR-US: OpenMRS addon
 CVE-2017-12795
 	RESERVED
-CVE-2017-12794 (In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML ...)
+CVE-2017-12794
 	- python-django 1:1.11.5-1 (low; bug #874415)
 	[stretch] - python-django 1:1.10.7-2+deb9u2
 	[jessie] - python-django <not-affected> (Vulnerable code do not exist)
@@ -16369,9 +16367,9 @@ CVE-2017-12794 (In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML ..
 	NOTE: https://www.djangoproject.com/weblog/2017/sep/05/security-releases/
 CVE-2017-12793
 	RESERVED
-CVE-2017-12792 (Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP ...)
+CVE-2017-12792
 	NOT-FOR-US: NexusPHP
-CVE-2017-12791 (Directory traversal vulnerability in minion id validation in SaltStack ...)
+CVE-2017-12791
 	- salt 2016.11.8+dfsg1-1 (bug #872399)
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
 	[jessie] - salt <no-dsa> (Minor issue)
@@ -16384,43 +16382,43 @@ CVE-2017-12789
 	RESERVED
 CVE-2017-12788
 	RESERVED
-CVE-2017-12787 (A network interface of the novi_process_manager_daemon service, ...)
+CVE-2017-12787
 	NOT-FOR-US: NoviWare
-CVE-2017-12786 (Network interfaces of the cliengine and noviengine services, included ...)
+CVE-2017-12786
 	NOT-FOR-US: NoviWare
-CVE-2017-12785 (The novish command-line interface, included in the NoviWare software ...)
+CVE-2017-12785
 	NOT-FOR-US: NoviWare
-CVE-2017-12784 (In Youngzsoft CCFile (aka CC File Transfer) 3.6, by sending a crafted ...)
+CVE-2017-12784
 	NOT-FOR-US: Youngzsoft CCFile
-CVE-2017-12783 (The ReadDataFloat function in ebmlnumber.c in libebml2 through ...)
+CVE-2017-12783
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12782 (The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 ...)
+CVE-2017-12782
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12781 (The EBML_BufferToID function in ebmlelement.c in libebml2 through ...)
+CVE-2017-12781
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12780 (The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 ...)
+CVE-2017-12780
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12779 (The Node_GetData function in corec/corec/node/node.c in mkvalidator ...)
+CVE-2017-12779
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
 CVE-2017-12778
 	RESERVED
-CVE-2017-1000112 (Linux kernel: Exploitable memory corruption due to UFO to non-UFO path ...)
+CVE-2017-1000112
 	{DSA-3981-1}
 	- linux 4.12.6-1 (low)
 	[wheezy] - linux <ignored> (Low severity and difficult to backport)
 	NOTE: Introduced by: https://git.kernel.org/linus/e89e9cf539a28df7d0eb1d0a545368e9920b34ac (2.6.15-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/85f1bd9a7b5a79d5baa8bf44af19658f7bf77bfa
-CVE-2017-1000111 (Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue ...)
+CVE-2017-1000111
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: Introduced by: https://git.kernel.org/linus/8913336a7e8d56e984109a3137d6c0e3362596a4 (2.6.27-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/c27927e372f0785f3303e8fad94b85945e2c97b7
 	NOTE: Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1
-CVE-2017-1000117 (A malicious third-party can give a crafted &quot;ssh://...&quot; URL to an ...)
+CVE-2017-1000117
 	{DSA-3934-1 DLA-1068-1}
 	- git 1:2.14.1-1
 	NOTE: https://public-inbox.org/git/xmqqh8xf482j.fsf@gitster.mtv.corp.google.com/T/#u
-CVE-2017-1000116 (Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ...)
+CVE-2017-1000116
 	{DSA-3963-1 DLA-1072-1}
 	- mercurial 4.3.1-1 (bug #871710)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
@@ -16438,7 +16436,7 @@ CVE-2017-1000116 (Mercurial prior to 4.3 did not adequately sanitize hostnames p
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
 	NOTE: 3.7 and 4.1 backports also available at https://bitbucket.org/atlassian/mercurial/commits/branch/sec-3.7
 	NOTE: and https://bitbucket.org/octobus/mercurial-backport/branch/backport-4.1
-CVE-2017-1000115 (Mercurial prior to version 4.3 is vulnerable to a missing symlink ...)
+CVE-2017-1000115
 	{DSA-3963-1 DLA-1072-1}
 	- mercurial 4.3.1-1 (bug #871709)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
@@ -16446,13 +16444,13 @@ CVE-2017-1000115 (Mercurial prior to version 4.3 is vulnerable to a missing syml
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/377e8ddaebef (fix)
 	NOTE: 3.7 and 4.1 backports available at https://bitbucket.org/atlassian/mercurial/commits/branch/sec-3.7
 	NOTE: and https://bitbucket.org/octobus/mercurial-backport/branch/backport-4.1CVE-2017-12777
-CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...)
+CVE-2017-12777
 	NOT-FOR-US: NexusPHP
-CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows ...)
+CVE-2017-12776
 	NOT-FOR-US: NexusPHP
-CVE-2017-12775 (qa-include/qa-install.php in Question2Answer before 1.7.5 allows ...)
+CVE-2017-12775
 	NOT-FOR-US: question2answer
-CVE-2017-12774 (finecms in 1.9.5\controllers\member\ContentController.php allows ...)
+CVE-2017-12774
 	NOT-FOR-US: FineCMS
 CVE-2017-12773
 	RESERVED
@@ -16474,9 +16472,9 @@ CVE-2017-12765
 	RESERVED
 CVE-2017-12764
 	RESERVED
-CVE-2017-12763 (An unspecified server utility in NoMachine before 5.3.10 on Mac OS X ...)
+CVE-2017-12763
 	NOT-FOR-US: NoMachine
-CVE-2017-12762 (In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied ...)
+CVE-2017-12762
 	- linux 4.13.4-1 (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/9f5af546e6acc30f075828cb58c7f09665033967 (v4.13-rc4)
 	NOTE: Driver is disabled since squeeze and unmaintained for a long time
@@ -16490,13 +16488,13 @@ CVE-2017-12758
 	RESERVED
 CVE-2017-12757
 	RESERVED
-CVE-2017-12756 (Command inject in transfer from another server in extplorer 2.1.9 and ...)
+CVE-2017-12756
 	{DLA-1063-1}
 	- extplorer <removed>
 	NOTE: http://extplorer.net/news/21
 CVE-2017-12755
 	RESERVED
-CVE-2017-12754 (Stack buffer overflow in httpd in Asuswrt-Merlin firmware ...)
+CVE-2017-12754
 	NOT-FOR-US: Asuswrt-Merlin firmware
 CVE-2017-12753
 	RESERVED
@@ -16522,119 +16520,119 @@ CVE-2017-12743
 	RESERVED
 CVE-2017-12742
 	RESERVED
-CVE-2017-12741 (A vulnerability has been identified in SIMATIC S7-200 Smart (All ...)
+CVE-2017-12741
 	NOT-FOR-US: Siemens
-CVE-2017-12740 (Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity ...)
+CVE-2017-12740
 	NOT-FOR-US: Siemens
-CVE-2017-12739 (An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with ...)
+CVE-2017-12739
 	NOT-FOR-US: Siemens
-CVE-2017-12738 (An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with ...)
+CVE-2017-12738
 	NOT-FOR-US: Siemens
-CVE-2017-12737 (An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with ...)
+CVE-2017-12737
 	NOT-FOR-US: Siemens
-CVE-2017-12736 (A vulnerability has been identified in RUGGEDCOM ROS for RSL910 ...)
+CVE-2017-12736
 	NOT-FOR-US: Siemens
-CVE-2017-12735 (A vulnerability has been identified in Siemens LOGO! devices. An ...)
+CVE-2017-12735
 	NOT-FOR-US: Siemens
-CVE-2017-12734 (A vulnerability has been identified in Siemens LOGO! devices before ...)
+CVE-2017-12734
 	NOT-FOR-US: Siemens
-CVE-2017-12733 (A Missing Authentication for Critical Function issue was discovered in ...)
+CVE-2017-12733
 	NOT-FOR-US: SiteSentinel
-CVE-2017-12732 (A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY ...)
+CVE-2017-12732
 	NOT-FOR-US: GE CIMPLICITY
-CVE-2017-12731 (A SQL Injection issue was discovered in OPW Fuel Management Systems ...)
+CVE-2017-12731
 	NOT-FOR-US: SiteSentinel
-CVE-2017-12730 (An Unquoted Search Path issue was discovered in mySCADA myPRO Versions ...)
+CVE-2017-12730
 	NOT-FOR-US: mySCADA myPRO
-CVE-2017-12729 (A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer ...)
+CVE-2017-12729
 	NOT-FOR-US: Moxa SoftCMS Live Viewer
-CVE-2017-12728 (An Improper Privilege Management issue was discovered in SpiderControl ...)
+CVE-2017-12728
 	NOT-FOR-US: SpiderControl SCADA Web Server
 CVE-2017-12727
 	RESERVED
-CVE-2017-12726 (A Use of Hard-coded Password issue was discovered in Smiths Medical ...)
+CVE-2017-12726
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12725 (A Use of Hard-coded Credentials issue was discovered in Smiths Medical ...)
+CVE-2017-12725
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12724 (A Use of Hard-coded Credentials issue was discovered in Smiths Medical ...)
+CVE-2017-12724
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12723 (A Password in Configuration File issue was discovered in Smiths Medical ...)
+CVE-2017-12723
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12722 (An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion ...)
+CVE-2017-12722
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12721 (An Improper Certificate Validation issue was discovered in Smiths ...)
+CVE-2017-12721
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12720 (An Improper Access Control issue was discovered in Smiths Medical ...)
+CVE-2017-12720
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12719 (An Untrusted Pointer Dereference issue was discovered in Advantech ...)
+CVE-2017-12719
 	NOT-FOR-US: Advantech
-CVE-2017-12718 (A Classic Buffer Overflow issue was discovered in Smiths Medical ...)
+CVE-2017-12718
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12717 (An Uncontrolled Search Path Element issue was discovered in Advantech ...)
+CVE-2017-12717
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12716 (Abbott Laboratories Accent and Anthem pacemakers manufactured prior to ...)
+CVE-2017-12716
 	NOT-FOR-US: Abbott Laboratories Accent and Anthem pacemakers
 CVE-2017-12715
 	RESERVED
-CVE-2017-12714 (Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do ...)
+CVE-2017-12714
 	NOT-FOR-US: Abbott Laboratories pacemakers
-CVE-2017-12713 (An Incorrect Permission Assignment for Critical Resource issue was ...)
+CVE-2017-12713
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12712 (The authentication algorithm in Abbott Laboratories pacemakers ...)
+CVE-2017-12712
 	NOT-FOR-US: Abbott Laboratories pacemakers
-CVE-2017-12711 (An Incorrect Privilege Assignment issue was discovered in Advantech ...)
+CVE-2017-12711
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12710 (A SQL Injection issue was discovered in Advantech WebAccess versions ...)
+CVE-2017-12710
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12709 (A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN ...)
+CVE-2017-12709
 	NOT-FOR-US: Westermo devices
-CVE-2017-12708 (An Improper Restriction Of Operations Within The Bounds Of A Memory ...)
+CVE-2017-12708
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12707 (A Stack-based Buffer Overflow issue was discovered in SpiderControl ...)
+CVE-2017-12707
 	NOT-FOR-US: SpiderControl SCADA MicroBrowser
-CVE-2017-12706 (A stack-based buffer overflow issue was discovered in Advantech ...)
+CVE-2017-12706
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12705 (A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP. A ...)
+CVE-2017-12705
 	NOT-FOR-US: Advantech
-CVE-2017-12704 (A heap-based buffer overflow issue was discovered in Advantech ...)
+CVE-2017-12704
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12703 (A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo ...)
+CVE-2017-12703
 	NOT-FOR-US: Westermo
-CVE-2017-12702 (An Externally Controlled Format String issue was discovered in ...)
+CVE-2017-12702
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12701 (BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain ...)
+CVE-2017-12701
 	NOT-FOR-US: BMC Medical Luna CPAP Machines
 CVE-2017-12700
 	RESERVED
-CVE-2017-12699 (An Incorrect Default Permissions issue was discovered in AzeoTech ...)
+CVE-2017-12699
 	NOT-FOR-US: AzeoTech DAQFactory
-CVE-2017-12698 (An Improper Authentication issue was discovered in Advantech WebAccess ...)
+CVE-2017-12698
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12697 (A Man-in-the-Middle issue was discovered in General Motors (GM) and ...)
+CVE-2017-12697
 	NOT-FOR-US: General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client
 CVE-2017-12696
 	RESERVED
-CVE-2017-12695 (An Improper Authentication issue was discovered in General Motors (GM) ...)
+CVE-2017-12695
 	NOT-FOR-US: General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client
-CVE-2017-12694 (A Directory Traversal issue was discovered in SpiderControl SCADA Web ...)
+CVE-2017-12694
 	NOT-FOR-US: SpiderControl SCADA Web Server
-CVE-2017-1000101 (curl supports &quot;globbing&quot; of URLs, in which a user can pass a numerical ...)
+CVE-2017-1000101
 	{DSA-3992-1}
 	- curl 7.55.0-1 (bug #871554)
 	[wheezy] - curl <not-affected> (Vulnerable code not present, introduced later in 7.34.0)
 	NOTE: https://curl.haxx.se/docs/adv_20170809A.html
 	NOTE: https://curl.haxx.se/CVE-2017-1000101.patch
-CVE-2017-1000100 (When doing a TFTP transfer and curl/libcurl is given a URL that ...)
+CVE-2017-1000100
 	{DSA-3992-1 DLA-1062-1}
 	- curl 7.55.0-1 (bug #871555)
 	NOTE: https://curl.haxx.se/docs/adv_20170809B.html
 	NOTE: https://curl.haxx.se/CVE-2017-1000100.patch
-CVE-2017-1000099 (When asking to get a file from a file:// URL, libcurl provides a ...)
+CVE-2017-1000099
 	- curl <not-affected> (Only affects 7.54.1, no affected version ever in the archive)
 	NOTE: https://curl.haxx.se/docs/adv_20170809C.html
 	NOTE: https://curl.haxx.se/CVE-2017-1000099.patch
 	NOTE: Introduced by: https://github.com/curl/curl/commit/7c312f84ea930d8
-CVE-2017-12693 (The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 ...)
+CVE-2017-12693
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875341)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16642,7 +16640,7 @@ CVE-2017-12693 (The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/652
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/75fcbf5d649bba046c6a0db650a518f7bfc0fb3f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6709bd585b9609a9cf98a7042089f3e725886d5e
-CVE-2017-12692 (The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 ...)
+CVE-2017-12692
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875339)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16650,7 +16648,7 @@ CVE-2017-12692 (The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/653
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4a25fe5447bfb3a1918a2e9d595928e853b09d2e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5919dc606bc1d6022d3d2d205a91fdbe98de9e15
-CVE-2017-12691 (The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 ...)
+CVE-2017-12691
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875338)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16678,11 +16676,11 @@ CVE-2017-12682
 	RESERVED
 CVE-2017-12681
 	RESERVED
-CVE-2017-12680 (Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type ...)
+CVE-2017-12680
 	NOT-FOR-US: NexusPHP
-CVE-2017-12679 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater ...)
+CVE-2017-12679
 	NOT-FOR-US: NexusPHP
-CVE-2017-12678 (In TagLib 1.11.1, the rebuildAggregateFrames function in ...)
+CVE-2017-12678
 	- taglib 1.11.1+dfsg.1-0.2 (bug #871511)
 	[stretch] - taglib <no-dsa> (Minor issue)
 	[jessie] - taglib <not-affected> (Vulnerable code not present)
@@ -16690,21 +16688,21 @@ CVE-2017-12678 (In TagLib 1.11.1, the rebuildAggregateFrames function in ...)
 	- silverjuke <not-affected> (Vulnerable code not present, based on older taglib version)
 	NOTE: https://github.com/taglib/taglib/issues/829
 	NOTE: https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6#diff-37f706c8696a7c1ca939b169c0a04d97
-CVE-2017-12677 (IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an ...)
+CVE-2017-12677
 	NOT-FOR-US: IdentityServer
-CVE-2017-12676 (In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the ...)
+CVE-2017-12676
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870118)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/618
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/387adbe4b05a545b9f3972e862602480c850303c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7287f50888c26b133ee173816332fcaec4e8cb62
-CVE-2017-12675 (In ImageMagick 7.0.6-3, a missing check for multidimensional data was ...)
+CVE-2017-12675
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870022)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/616
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7a020acbcfea6e53eff6766c87ea175eac9dcd18
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e33a39a6a168cdd800fd160e8f93f0059432bdf7
-CVE-2017-12674 (In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the ...)
+CVE-2017-12674
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #872609)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16712,45 +16710,45 @@ CVE-2017-12674 (In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/604
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/91651bd482b6637cf650700ffd7b3b63de1cb049
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a91708c6b70bd4e3d2b931465307e0aeababb3c
-CVE-2017-12673 (In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the ...)
+CVE-2017-12673
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870117)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/619
-CVE-2017-12672 (In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the ...)
+CVE-2017-12672
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870021)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/617
-CVE-2017-12671 (In ImageMagick 7.0.6-3, a missing NULL assignment was found in ...)
+CVE-2017-12671
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870119)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/621
-CVE-2017-12669 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage ...)
+CVE-2017-12669
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870475)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/571
-CVE-2017-12668 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in ...)
+CVE-2017-12668
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870489)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/575
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ba8f335fa06daf1165e0878462686028e633a74
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/560e6e512961008938aa1d1b9aab06347b1c8f9b
-CVE-2017-12667 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in ...)
+CVE-2017-12667
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870015)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/553
-CVE-2017-12666 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage ...)
+CVE-2017-12666
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870482)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/572
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d5559407ce29f4371e5df9c1cbde65455fe5854c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/45aeda5da9eb328689afc221fa3b7dfa5cdea54d
-CVE-2017-12665 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage ...)
+CVE-2017-12665
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870501)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/577
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c1b09bbec148f6ae11d0b686fdb89ac6dc0ab14e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/859084b4fd966ac007965c3d85caabccd8aee9b4
-CVE-2017-12663 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in ...)
+CVE-2017-12663
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870483)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/573
-CVE-2017-12662 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in ...)
+CVE-2017-12662
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870492)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/576
 CVE-2017-12661
@@ -16765,79 +16763,79 @@ CVE-2017-12657
 	RESERVED
 CVE-2017-12656
 	RESERVED
-CVE-2017-12655 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the ...)
+CVE-2017-12655
 	NOT-FOR-US: NexusPHP
-CVE-2017-12654 (The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 ...)
+CVE-2017-12654
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870502)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/620
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ffcb8f8e2248fde38a2cb30aeb48403d2b3471cc
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f2c26fa4db84e92d754c7f8b269db2883cf7f32c
-CVE-2017-12653 (360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege ...)
+CVE-2017-12653
 	NOT-FOR-US: 360 Total Security
 CVE-2017-12652
 	RESERVED
-CVE-2017-12651 (Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist ...)
+CVE-2017-12651
 	NOT-FOR-US: Loginizer plugin for WordPress
-CVE-2017-12650 (SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress ...)
+CVE-2017-12650
 	NOT-FOR-US: Loginizer plugin for WordPress
-CVE-2017-12649 (XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or ...)
+CVE-2017-12649
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12648 (XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL. ...)
+CVE-2017-12648
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12647 (XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base ...)
+CVE-2017-12647
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12646 (XSS exists in Liferay Portal before 7.0 CE GA4 via a login name, ...)
+CVE-2017-12646
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12645 (XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid ...)
+CVE-2017-12645
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12644 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in ...)
+CVE-2017-12644
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/551
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a33f7498f9052b50e8fe8c8422a11ba84474cb42
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9f375e7080a2c1044cd546854d0548b4bfb429d0
-CVE-2017-12642 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in ...)
+CVE-2017-12642
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869796)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/552
-CVE-2017-12641 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage ...)
+CVE-2017-12641
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870108)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/550
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3320955045e5a2a22c13a04fa9422bb809e75eda
-CVE-2017-12640 (ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ...)
+CVE-2017-12640
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870106)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/542
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/78d4c5db50fbab0b4beb69c46c6167f2c6513dec
-CVE-2017-12639 (Stack based buffer overflow in Ipswitch IMail server up to and ...)
+CVE-2017-12639
 	NOT-FOR-US: Ipswitch IMail
-CVE-2017-12638 (Stack based buffer overflow in Ipswitch IMail server up to and ...)
+CVE-2017-12638
 	NOT-FOR-US: Ipswitch IMail
-CVE-2017-12637 (Directory traversal vulnerability in ...)
+CVE-2017-12637
 	NOT-FOR-US: SAP
-CVE-2017-12636 (CouchDB administrative users can configure the database server via ...)
+CVE-2017-12636
 	{DLA-1252-1}
 	- couchdb <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
 	NOTE: Likely patch for 1.2.x: https://github.com/apache/couchdb/commit/9a28df7e9703a1a3420e7616c4d33a523ee06354
 	NOTE: Possibly needs more updates: https://github.com/apache/couchdb/commit/bf6b6a1c84321baee2c4ad354059a45e0b8fdec7
-CVE-2017-12635 (Due to differences in the Erlang-based JSON parser and ...)
+CVE-2017-12635
 	{DLA-1252-1}
 	- couchdb <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
 	NOTE: Likely patch for 1.2.x: https://github.com/apache/couchdb/commit/3706a77c13a78672e5a3fbde06e7bffd3665f73b
-CVE-2017-12634 (The camel-castor component in Apache Camel 2.x before 2.19.4 and ...)
+CVE-2017-12634
 	NOT-FOR-US: Apache Camel
-CVE-2017-12633 (The camel-hessian component in Apache Camel 2.x before 2.19.4 and ...)
+CVE-2017-12633
 	NOT-FOR-US: Apache Camel
-CVE-2017-12632 (A malicious host header in an incoming HTTP request could cause NiFi ...)
+CVE-2017-12632
 	NOT-FOR-US: Apache NiFi
-CVE-2017-12631 (Apache CXF Fediz ships with a number of container-specific plugins to ...)
+CVE-2017-12631
 	NOT-FOR-US: Apache CXF
-CVE-2017-12630 (In Apache Drill 1.11.0 and earlier when submitting form from Query ...)
+CVE-2017-12630
 	NOT-FOR-US: Apache Drill
-CVE-2017-12629 (Remote code execution occurs in Apache Solr before 7.1 with Apache ...)
+CVE-2017-12629
 	{DSA-4124-1 DLA-1254-1}
 	- lucene-solr 3.6.2+dfsg-11
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1501529
@@ -16845,16 +16843,16 @@ CVE-2017-12629 (Remote code execution occurs in Apache Solr before 7.1 with Apac
 	NOTE: http://lucene.472066.n3.nabble.com/Re-Several-critical-vulnerabilities-discovered-in-Apache-Solr-XXE-amp-RCE-tt4358355.html
 	NOTE: Patch removing RunExecutableListener: https://github.com/apache/lucene-solr/commit/7b313bb597a6d1f78773dc9c00f484c078a46c25
 	NOTE: Patch disallowing XXE: https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc4
-CVE-2017-12628 (The JMX server embedded in Apache James, also used by the command line ...)
+CVE-2017-12628
 	NOT-FOR-US: Apache James
-CVE-2017-12627 (In Apache Xerces-C XML Parser library before 3.2.1, processing of ...)
+CVE-2017-12627
 	{DLA-1328-1}
 	- xerces-c 3.2.1+debian-1 (bug #894050)
 	[stretch] - xerces-c 3.1.4+debian-2+deb9u1
 	[jessie] - xerces-c 3.1.1-5.1+deb8u4
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1819998
 	NOTE: https://xerces.apache.org/xerces-c/secadv/CVE-2017-12627.txt
-CVE-2017-12626 (Apache POI in versions prior to release 3.17 are vulnerable to Denial ...)
+CVE-2017-12626
 	- libapache-poi-java 3.17-1 (bug #888651)
 	[stretch] - libapache-poi-java <no-dsa> (Minor issue)
 	[jessie] - libapache-poi-java <no-dsa> (Minor issue)
@@ -16863,31 +16861,31 @@ CVE-2017-12626 (Apache POI in versions prior to release 3.17 are vulnerable to D
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61294
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=52372
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61295
-CVE-2017-12625 (Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before ...)
+CVE-2017-12625
 	NOT-FOR-US: Apache Hive
-CVE-2017-12624 (Apache CXF supports sending and receiving attachments via either the ...)
+CVE-2017-12624
 	NOT-FOR-US: Apache CXF
-CVE-2017-12623 (An authorized user could upload a template which contained malicious ...)
+CVE-2017-12623
 	NOT-FOR-US: Apache NiFi
-CVE-2017-12622 (When an Apache Geode cluster before v1.3.0 is operating in secure mode ...)
+CVE-2017-12622
 	NOT-FOR-US: Apache Geode
-CVE-2017-12621 (During Jelly (xml) file parsing with Apache Xerces, if a custom ...)
+CVE-2017-12621
 	- jenkins-commons-jelly <removed>
 	[jessie] - jenkins-commons-jelly <ignored> (Minor issue, only used by Jenkins which got removed)
 	[wheezy] - jenkins-commons-jelly <ignored> (Minor issue, only used by Jenkins which got removed)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/27/6
-CVE-2017-12620 (When loading models or dictionaries that contain XML it is possible to ...)
+CVE-2017-12620
 	NOT-FOR-US: Apache OpenNLP
 CVE-2017-12619
 	RESERVED
-CVE-2017-12618 (Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to ...)
+CVE-2017-12618
 	{DLA-1163-1}
 	- apr-util 1.6.1-1 (low; bug #879996)
 	[stretch] - apr-util <no-dsa> (Minor issue)
 	[jessie] - apr-util <no-dsa> (Minor issue)
 	NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E
 	NOTE: https://github.com/apache/apr/commit/f672b565c825c34de9ee298b5bdc62c01cdd6147
-CVE-2017-12617 (When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to ...)
+CVE-2017-12617
 	{DLA-1166-1}
 	- tomcat8 <not-affected> (Specific to running Tomcat on Windows)
 	- tomcat8.0 <not-affected> (Specific to running Tomcat on Windows)
@@ -16901,116 +16899,116 @@ CVE-2017-12617 (When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to
 	NOTE: https://svn.apache.org/r1810014 (7.0.x)
 	NOTE: https://svn.apache.org/r1810026 (7.0.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
-CVE-2017-12616 (When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it ...)
+CVE-2017-12616
 	{DLA-1400-1 DLA-1108-1}
 	- tomcat7 7.0.72-3
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	NOTE: https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81
 	NOTE: https://svn.apache.org/r1804729
-CVE-2017-12615 (When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs ...)
+CVE-2017-12615
 	- tomcat7 <not-affected> (Windows-specific)
-CVE-2017-12614 (It was noticed an XSS in certain 404 pages that could be exploited to ...)
+CVE-2017-12614
 	- airflow <itp> (bug #819700)
-CVE-2017-12613 (When apr_time_exp*() or apr_os_exp_time*() functions are invoked with ...)
+CVE-2017-12613
 	{DLA-1162-1}
 	- apr 1.6.3-1 (low; bug #879708)
 	[stretch] - apr <no-dsa> (Minor issue)
 	[jessie] - apr <no-dsa> (Minor issue)
 	NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E
 	NOTE: Fixed by: https://github.com/apache/apr/commit/ad958385a4180d7a83d90589689fcd36e3bbc57a
-CVE-2017-12612 (In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe ...)
+CVE-2017-12612
 	NOT-FOR-US: Apache Spark
-CVE-2017-12611 (In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, using an ...)
+CVE-2017-12611
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <ignored> (Minor issue)
 	NOTE: Only a problem if the application programmer has made a security mistake.
 	NOTE: https://struts.apache.org/docs/s2-053.html
-CVE-2017-12610 (In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, ...)
+CVE-2017-12610
 	- kafka <itp> (bug #786460)
 CVE-2017-12609
 	REJECTED
-CVE-2017-12608 (A vulnerability in Apache OpenOffice Writer DOC file parser before ...)
+CVE-2017-12608
 	{DSA-4022-1 DLA-1214-1}
 	- libreoffice 1:5.0.2-1
 	NOTE: https://www.talosintelligence.com/reports/TALOS-2017-0301
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2017-12608
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commitdiff_plain;h=42a709d1ef647aab9a1c9422b4e25ecaee857aba
-CVE-2017-12607 (A vulnerability in OpenOffice's PPT file parser before 4.1.4, and ...)
+CVE-2017-12607
 	{DSA-4022-1 DLA-1214-1}
 	- libreoffice 1:5.0.2-1
 	NOTE: https://www.talosintelligence.com/reports/TALOS-2017-0300
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2017-12607
 	NOTE: https://cgit.freedesktop.org/libreoffice/core/commit/?id=334dba623dfb0c4fb2b5292c2d03741b7b33aef1
-CVE-2017-12606 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+CVE-2017-12606
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12605 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+CVE-2017-12605
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12604 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+CVE-2017-12604
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12603 (OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid ...)
+CVE-2017-12603
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12602 (OpenCV (Open Source Computer Vision Library) through 3.3 has a denial ...)
+CVE-2017-12602
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872045)
 	[stretch] - opencv <ignored> (Minor issue)
 	[jessie] - opencv <ignored> (Minor issue)
 	[wheezy] - opencv <ignored> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9311
-CVE-2017-12601 (OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer ...)
+CVE-2017-12601
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12600 (OpenCV (Open Source Computer Vision Library) through 3.3 has a denial ...)
+CVE-2017-12600
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872045)
 	[stretch] - opencv <ignored> (Minor issue)
 	[jessie] - opencv <ignored> (Minor issue)
 	[wheezy] - opencv <ignored> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9311
-CVE-2017-12599 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+CVE-2017-12599
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12598 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+CVE-2017-12598
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+CVE-2017-12597
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...)
+CVE-2017-12596
 	- openexr 2.2.0-11.1 (bug #877352)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr 1.6.1-6+deb7u1
 	NOTE: https://github.com/openexr/openexr/issues/238
 	NOTE: Upstream fix https://github.com/openexr/openexr/commit/f09f5f26c1924c4f7e183428ca79c9881afaf53c
-CVE-2017-12595 (The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and ...)
+CVE-2017-12595
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
@@ -17019,60 +17017,60 @@ CVE-2017-12595 (The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays a
 	NOTE: Fixed by: https://github.com/qpdf/qpdf/commit/ad527a64f93dca12f6aabab2ca99ae5eb352ab4b
 CVE-2017-12594
 	RESERVED
-CVE-2017-12593 (ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. ...)
+CVE-2017-12593
 	NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
-CVE-2017-12592 (ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation ...)
+CVE-2017-12592
 	NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
-CVE-2017-12591 (ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross ...)
+CVE-2017-12591
 	NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
-CVE-2017-12590 (ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS ...)
+CVE-2017-12590
 	NOT-FOR-US: ASUS RT-N14UHP devices
-CVE-2017-12589 (ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any ...)
+CVE-2017-12589
 	NOT-FOR-US: ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices
-CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0 interpreted ...)
+CVE-2017-12588
 	- rsyslog 8.28.0-1 (unimportant)
 	NOTE: https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b
 	NOTE: https://github.com/rsyslog/rsyslog/pull/1565
 	NOTE: The zmq3 input and output modules are not enabled and built in Debian
-CVE-2017-12587 (ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage ...)
+CVE-2017-12587
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870526)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/535
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bb5b16c512977e8134701063e0adb05a4a342add
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/d4192df5eb03892089806d52a317cc3101856726
-CVE-2017-12586 (SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue ...)
+CVE-2017-12586
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2017-12585 (SLiMS 8 Akasia through 8.3.1 has SQL injection in ...)
+CVE-2017-12585
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2017-12584 (There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an ...)
+CVE-2017-12584
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2017-12583 (DokuWiki through 2017-02-19b has XSS in the at parameter (aka the ...)
+CVE-2017-12583
 	- dokuwiki 0.0.20180422.a-1 (bug #870903)
 	[jessie] - dokuwiki <not-affected> (Vulnerable code not present)
 	[wheezy] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2061
-CVE-2017-12582 (Unprivileged user can access all functions in the Surveillance Station ...)
+CVE-2017-12582
 	NOT-FOR-US: QNAP
-CVE-2017-12581 (GitHub Electron before 1.6.8 allows remote command execution because of ...)
+CVE-2017-12581
 	- electron <itp> (bug #842420)
 CVE-2017-12580
 	RESERVED
-CVE-2017-12579 (An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion ...)
+CVE-2017-12579
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-12578
 	RESERVED
-CVE-2017-12577 (An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded ...)
+CVE-2017-12577
 	NOT-FOR-US: PLANEX
-CVE-2017-12576 (An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and ...)
+CVE-2017-12576
 	NOT-FOR-US: PLANEX
-CVE-2017-12575 (An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router ...)
+CVE-2017-12575
 	NOT-FOR-US: NEC
-CVE-2017-12574 (An issue was discovered on PLANEX CS-W50HD devices with firmware ...)
+CVE-2017-12574
 	NOT-FOR-US: PLANEX
-CVE-2017-12573 (An issue was discovered on PLANEX CS-W50HD devices with firmware ...)
+CVE-2017-12573
 	NOT-FOR-US: PLANEX
-CVE-2017-12572 (Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x ...)
+CVE-2017-12572
 	NOT-FOR-US: Splunk
 CVE-2017-12571
 	RESERVED
@@ -17080,29 +17078,29 @@ CVE-2017-12570
 	RESERVED
 CVE-2017-12569
 	RESERVED
-CVE-2017-12568 (Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother ...)
+CVE-2017-12568
 	NOT-FOR-US: Brother
-CVE-2017-12567 (SQL injection exists in Quest KACE Asset Management Appliance ...)
+CVE-2017-12567
 	NOT-FOR-US: Quest KACE Asset Management Appliance
-CVE-2017-12566 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the ...)
+CVE-2017-12566
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870503)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/603
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2477eacf09d3a26efe814590a5dbbe1efd16764f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/27b3b9ca5cfb7b8935852cf315abc005ea7c1e16
-CVE-2017-12565 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the ...)
+CVE-2017-12565
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870115)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/602
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e0e544bb173213df00f82a810d66321e1bb4f3c8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4d0ac66c9778faebd2d1fac7140462b043626458
-CVE-2017-12564 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the ...)
+CVE-2017-12564
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870017)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/601
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ff3faa31166439d81b72de22daea2b6404569137
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a4779cfbee2e4235fa9f9f8f2e58dca17f7ccc6b
-CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in ...)
+CVE-2017-12563
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870530)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17110,155 +17108,155 @@ CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was fo
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/599
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/82b53bd74df1489332e4043035a51b43f54d43f1
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7d3af83d8b946f952bfd028451e6dfb1f7ace07a
-CVE-2017-12561 (A remote code execution vulnerability in HPE intelligent Management ...)
+CVE-2017-12561
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12560 (A Remote Denial of Service vulnerability in HPE Intelligent Management ...)
+CVE-2017-12560
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12559 (A Remote Denial of Service vulnerability in HPE Intelligent Management ...)
+CVE-2017-12559
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12558 (A Remote Code Execution vulnerability in HPE intelligent Management ...)
+CVE-2017-12558
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12557 (A Remote Code Execution vulnerability in HPE intelligent Management ...)
+CVE-2017-12557
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12556 (A Remote Code Execution vulnerability in HPE intelligent Management ...)
+CVE-2017-12556
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12555 (A remote arbitrary file download and disclosure of information ...)
+CVE-2017-12555
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12554 (A remote code execution vulnerability in HPE intelligent Management ...)
+CVE-2017-12554
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12553 (A local authentication bypass vulnerability in HPE System Management ...)
+CVE-2017-12553
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12552 (A local arbitrary execution of commands vulnerability in HPE System ...)
+CVE-2017-12552
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12551 (A local arbitrary execution of commands vulnerability in HPE System ...)
+CVE-2017-12551
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12550 (A local security misconfiguration vulnerability in HPE System ...)
+CVE-2017-12550
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12549 (A local authentication bypass vulnerability in HPE System Management ...)
+CVE-2017-12549
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12548 (A local arbitrary command execution vulnerability in HPE System ...)
+CVE-2017-12548
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12547 (A local arbitrary command execution vulnerability in HPE System ...)
+CVE-2017-12547
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12546 (A local buffer overflow vulnerability in HPE System Management ...)
+CVE-2017-12546
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12545 (A remote denial of service vulnerability in HPE System Management ...)
+CVE-2017-12545
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12544 (A cross-site scripting vulnerability in HPE System Management Homepage ...)
+CVE-2017-12544
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12543 (A remote disclosure of information vulnerability in Moonshot Remote ...)
+CVE-2017-12543
 	NOT-FOR-US: Moonshot Remote Console Administrator Pro
-CVE-2017-12542 (A authentication bypass and execution of code vulnerability in HPE ...)
+CVE-2017-12542
 	NOT-FOR-US: HPE ILO 4
-CVE-2017-12541 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12541
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12540 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12540
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12539 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12539
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12538 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12538
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12537 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12537
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12536 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12536
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12535 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12535
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12534 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12534
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12533 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12533
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12532 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12532
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12531 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12531
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12530 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12530
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12529 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12529
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12528 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12528
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12527 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12527
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12526 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12526
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12525 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12525
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12524 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12524
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12523 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12523
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12522 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12522
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12521 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12521
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12520 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12520
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12519 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12519
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12518 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12518
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12517 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12517
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12516 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12516
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12515 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12515
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12514 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12514
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12513 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12513
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12512 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12512
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12511 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12511
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12510 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12510
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12509 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12509
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12508 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12508
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12507 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12507
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12506 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12506
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12505 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12505
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12504 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12504
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12503 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12503
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12502 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12502
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12501 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12501
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12500 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12500
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12499 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12499
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12498 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12498
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12497 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12497
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12496 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12496
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12495 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12495
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12494 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12494
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12493 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12493
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12492 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12492
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12491 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12491
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12490 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12490
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12489 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12489
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12488 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12488
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12487 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-12487
 	NOT-FOR-US: HPE Intelligent Management Center
 CVE-2017-12486
 	RESERVED
@@ -17268,7 +17266,7 @@ CVE-2017-12484
 	RESERVED
 CVE-2017-12483
 	RESERVED
-CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in Ledger ...)
+CVE-2017-12482
 	- ledger 3.1.2+dfsg1-1 (low; bug #870900)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -17276,7 +17274,7 @@ CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in Ledg
 	NOTE: http://bugs.ledger-cli.org/show_bug.cgi?id=1224
 	NOTE: https://github.com/ledger/ledger/issues/1224
 	NOTE: https://github.com/ledger/ledger/commit/7c0ae5b02571e21f97d45f5d091cb78af9885713
-CVE-2017-12481 (The find_option function in option.cc in Ledger 3.1.1 allows remote ...)
+CVE-2017-12481
 	- ledger 3.1.2+dfsg1-1 (low; bug #870900)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -17284,155 +17282,155 @@ CVE-2017-12481 (The find_option function in option.cc in Ledger 3.1.1 allows rem
 	NOTE: http://bugs.ledger-cli.org/show_bug.cgi?id=1222
 	NOTE: https://github.com/ledger/ledger/issues/1222
 	NOTE: https://github.com/ledger/ledger/commit/c5343f18744d0f6fddcc590f9a54c23674d8c489
-CVE-2017-12480 (Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading ...)
+CVE-2017-12480
 	NOT-FOR-US: Sandboxie
-CVE-2017-12479 (It was discovered that an issue in the session logic in Unitrends ...)
+CVE-2017-12479
 	NOT-FOR-US: Unitrends Backup
-CVE-2017-12478 (It was discovered that the api/storage web interface in Unitrends ...)
+CVE-2017-12478
 	NOT-FOR-US: Unitrends Backup
-CVE-2017-12477 (It was discovered that the bpserverd proprietary protocol in Unitrends ...)
+CVE-2017-12477
 	NOT-FOR-US: Unitrends Backup
-CVE-2017-12476 (The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in ...)
+CVE-2017-12476
 	NOT-FOR-US: Bento4
-CVE-2017-12475 (The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 ...)
+CVE-2017-12475
 	NOT-FOR-US: Bento4
-CVE-2017-12474 (The AP4_AtomSampleTable::GetSample function in ...)
+CVE-2017-12474
 	NOT-FOR-US: Bento4
-CVE-2017-12473 (ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent attackers ...)
+CVE-2017-12473
 	NOT-FOR-US: CCN-lite
-CVE-2017-12472 (ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent ...)
+CVE-2017-12472
 	NOT-FOR-US: CCN-lite
-CVE-2017-12471 (The cnb_parse_lev function in CCN-lite before 2.00 allows ...)
+CVE-2017-12471
 	NOT-FOR-US: CCN-lite
-CVE-2017-12470 (Integer overflow in the ndn_parse_sequence function in CCN-lite before ...)
+CVE-2017-12470
 	NOT-FOR-US: CCN-lite
-CVE-2017-12469 (Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 allows ...)
+CVE-2017-12469
 	NOT-FOR-US: CCN-lite
-CVE-2017-12468 (Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows ...)
+CVE-2017-12468
 	NOT-FOR-US: CCN-lite
-CVE-2017-12467 (Memory leak in CCN-lite before 2.00 allows context-dependent attackers ...)
+CVE-2017-12467
 	NOT-FOR-US: CCN-lite
-CVE-2017-12466 (CCN-lite before 2.00 allows context-dependent attackers to have ...)
+CVE-2017-12466
 	NOT-FOR-US: CCN-lite
-CVE-2017-12465 (Multiple integer overflows in CCN-lite before 2.00 allow ...)
+CVE-2017-12465
 	NOT-FOR-US: CCN-lite
-CVE-2017-12464 (ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent ...)
+CVE-2017-12464
 	NOT-FOR-US: CCN-lite
-CVE-2017-12463 (Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite ...)
+CVE-2017-12463
 	NOT-FOR-US: CCN-lite
 CVE-2017-12462
 	RESERVED
 CVE-2017-12461
 	RESERVED
-CVE-2017-12460 (An issue was discovered in Barco ClickShare CSM-1 firmware before ...)
+CVE-2017-12460
 	NOT-FOR-US: Barco ClickShare CSM-1 firmware
-CVE-2017-12459 (The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the ...)
+CVE-2017-12459
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12458 (The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the ...)
+CVE-2017-12458
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12457 (The bfd_make_section_with_flags function in section.c in the Binary ...)
+CVE-2017-12457
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=patch;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12456 (The read_symbol_stabs_debugging_info function in rddbg.c in GNU ...)
+CVE-2017-12456
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12455 (The evax_bfd_print_emh function in vms-alpha.c in the Binary File ...)
+CVE-2017-12455
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12454 (The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File ...)
+CVE-2017-12454
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12453 (The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File ...)
+CVE-2017-12453
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12452 (The bfd_mach_o_i386_canonicalize_one_reloc function in ...)
+CVE-2017-12452
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12451 (The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and ...)
+CVE-2017-12451
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21786
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=29866fa186ee3ebda5242221607dba360b2e541e
-CVE-2017-12450 (The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File ...)
+CVE-2017-12450
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8a2df5e2df374289e00ecd8f099eb46d76ef982e
-CVE-2017-12449 (The _bfd_vms_save_sized_string function in vms-misc.c in the Binary ...)
+CVE-2017-12449
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12448 (The bfd_cache_close function in bfd/cache.c in the Binary File ...)
+CVE-2017-12448
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21787
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=909e4e716c4d77e33357bbe9bc902bfaf2e1af24
-CVE-2017-12447 (GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus ...)
+CVE-2017-12447
 	- gdk-pixbuf 2.34.0-1
 	[jessie] - gdk-pixbuf 2.31.1-2+deb8u5
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785979
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gdk-pixbuf/commit/b7bf6fbfb310fceba2d35d4de143b8d5ffdad990 (2.33.2)
 CVE-2017-12446
 	RESERVED
-CVE-2017-12445 (The JB2BitmapCoder::code_row_by_refinement function in ...)
+CVE-2017-12445
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12444 (The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in ...)
+CVE-2017-12444
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12443 (The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 ...)
+CVE-2017-12443
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12442 (The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can ...)
+CVE-2017-12442
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12441 (The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can ...)
+CVE-2017-12441
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12440 (Aodh as packaged in Openstack Ocata and Newton before change-ID ...)
+CVE-2017-12440
 	{DSA-3953-1}
 	- aodh 5.0.0-2 (bug #872605)
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0080
@@ -17440,7 +17438,7 @@ CVE-2017-12440 (Aodh as packaged in Openstack Ocata and Newton before change-ID
 	NOTE: Ocata: https://review.openstack.org/#/c/493824/
 	NOTE: Newton: https://review.openstack.org/#/c/493826/
 	NOTE: https://github.com/openstack/aodh/commit/cb90d3ad472bba8d648803ca94a9196dff97f0e8
-CVE-2017-12439 (SocuSoft Flash Slideshow Maker Professional through v5.20, when the ...)
+CVE-2017-12439
 	NOT-FOR-US: SocuSoft Flash Slideshow Maker Professional
 CVE-2017-12438
 	RESERVED
@@ -17448,7 +17446,7 @@ CVE-2017-12437
 	RESERVED
 CVE-2017-12436
 	RESERVED
-CVE-2017-12435 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+CVE-2017-12435
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870504)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17456,13 +17454,13 @@ CVE-2017-12435 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was fo
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/543
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2dd8d55742fce7d079b6a16039c18e49c091224f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/44cb8dfd4cbe6fc475c863a5946cff64e34c2088
-CVE-2017-12433 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the ...)
+CVE-2017-12433
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #872481)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/548
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7beec9a7a8a5701652b313e6e94bafd36b3627dc
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0a170d18390d3762586f164e6abe3c4766d14620
-CVE-2017-12432 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+CVE-2017-12432
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870491)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17470,7 +17468,7 @@ CVE-2017-12432 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was fo
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/536
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/061de02095a56d438409c63f723f340b2d9d36c7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ded916c5da6febe9660c3cfa44c3114567adf74
-CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+CVE-2017-12429
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17480,38 +17478,38 @@ CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was fo
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ac6c73d39d59a7b0285b3756810272121759a31
 	NOTE: The fix applied for #869727 included the change for upstream issue 545, cf.
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/546#issuecomment-313968413
-CVE-2017-12427 (The ProcessMSLScript function in coders/msl.c in ImageMagick before ...)
+CVE-2017-12427
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870525)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/636
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/841f7b27dc88c685c61252d59b7e20e94c982456
-CVE-2017-12426 (GitLab Community Edition (CE) and Enterprise Edition (EE) before ...)
+CVE-2017-12426
 	- gitlab 9.5.4+dfsg-7 (bug #872190; unimportant)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/35212
 	NOTE: The fix for git for CVE-2017-1000117 mitgates the issue in gitlab itself.
 	NOTE: The CVE is for the issue when importing a project via crafted SSH URLs,
 	NOTE: which becomes ineffective with a fixed git version itself.
-CVE-2017-12424 (In shadow before 4.5, the newusers tool could be made to manipulate ...)
+CVE-2017-12424
 	- shadow 1:4.5-1 (bug #756630)
 	[stretch] - shadow <no-dsa> (Minor issue)
 	[jessie] - shadow <no-dsa> (Minor issue)
 	[wheezy] - shadow <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1266675
 	NOTE: https://github.com/shadow-maint/shadow/commit/954e3d2e7113e9ac06632aee3c69b8d818cc8952 (4.5)
-CVE-2017-12423 (NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote ...)
+CVE-2017-12423
 	NOT-FOR-US: NetApp
-CVE-2017-12422 (NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before ...)
+CVE-2017-12422
 	NOT-FOR-US: NetApp
-CVE-2017-12421 (NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote ...)
+CVE-2017-12421
 	NOT-FOR-US: NetApp
-CVE-2017-12420 (Heap-based buffer overflow in the SMB implementation in NetApp ...)
+CVE-2017-12420
 	NOT-FOR-US: NetApp
-CVE-2017-12419 (If, after successful installation of MantisBT through 2.5.2 on ...)
+CVE-2017-12419
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23173
-CVE-2017-12418 (ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM ...)
+CVE-2017-12418
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #872498)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/643
@@ -17519,19 +17517,19 @@ CVE-2017-12418 (ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and forma
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bfd93888beccf2eff49cc9abfa6b5167c9c9109d
 CVE-2017-12417
 	RESERVED
-CVE-2017-12416 (Cross-site scripting (XSS) vulnerability in the GlobalProtect internal ...)
+CVE-2017-12416
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-12415 (OXID eShop Community Edition before 6.0.0 RC2 (development), 4.10.x ...)
+CVE-2017-12415
 	NOT-FOR-US: OXID eShop
-CVE-2017-12414 (Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an ...)
+CVE-2017-12414
 	NOT-FOR-US: Format Factory
-CVE-2017-12413 (AXIS 2100 devices 2.43 have XSS via the URI, possibly related to ...)
+CVE-2017-12413
 	NOT-FOR-US: AXIS 2100 devices
-CVE-2017-12412 (ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent ...)
+CVE-2017-12412
 	NOT-FOR-US: CCN-lite
 CVE-2017-12411
 	RESERVED
-CVE-2017-12410 (It is possible to exploit a Time of Check &amp; Time of Use (TOCTOU) ...)
+CVE-2017-12410
 	NOT-FOR-US: Kaseya Virtual System Administrator agent
 CVE-2017-12409
 	RESERVED
@@ -17591,7 +17589,7 @@ CVE-2017-12382
 	RESERVED
 CVE-2017-12381
 	RESERVED
-CVE-2017-12380 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+CVE-2017-12380
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17599,7 +17597,7 @@ CVE-2017-12380 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11945
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/39c89d14a61aef2958b8ea64ade1be7a5faca897
-CVE-2017-12379 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+CVE-2017-12379
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17607,7 +17605,7 @@ CVE-2017-12379 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11944
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0604618374dc0dfd148b0ce7bf7a3d2b7528e66b
-CVE-2017-12378 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+CVE-2017-12378
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17616,7 +17614,7 @@ CVE-2017-12378 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11946
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/292d6878fa3e7fd2ab0f7275a78190639ad116d4
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0cf813f835e48ab0f94dd54200ceba0dc25fa1c4
-CVE-2017-12377 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+CVE-2017-12377
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17625,7 +17623,7 @@ CVE-2017-12377 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11943
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/38da4800bfb2d6b13579950b6543302d13e3015c
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/e887f113242ffcb0ea8735c3f567c6be77f382d6
-CVE-2017-12376 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+CVE-2017-12376
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17633,7 +17631,7 @@ CVE-2017-12376 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11942
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/c8ba4ae2e47a4f49add3e85ef7041b166be6bfdb
-CVE-2017-12375 (The ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+CVE-2017-12375
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17641,7 +17639,7 @@ CVE-2017-12375 (The ClamAV AntiVirus software versions 0.99.2 and prior contain
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11940
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/d1100be31a567718ce7c7dd6e6c632eddab55209
-CVE-2017-12374 (The ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+CVE-2017-12374
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17649,97 +17647,97 @@ CVE-2017-12374 (The ClamAV AntiVirus software versions 0.99.2 and prior contain
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11939
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/7cf2a701041b775dda9743d01665279facc9b326
-CVE-2017-12373 (A vulnerability in the TLS protocol implementation of legacy Cisco ASA ...)
+CVE-2017-12373
 	NOT-FOR-US: Cisco
-CVE-2017-12372 (A &quot;Cisco WebEx Network Recording Player Remote Code Execution ...)
+CVE-2017-12372
 	NOT-FOR-US: Cisco
-CVE-2017-12371 (A &quot;Cisco WebEx Network Recording Player Remote Code Execution ...)
+CVE-2017-12371
 	NOT-FOR-US: Cisco
-CVE-2017-12370 (A &quot;Cisco WebEx Network Recording Player Remote Code Execution ...)
+CVE-2017-12370
 	NOT-FOR-US: Cisco
-CVE-2017-12369 (A &quot;Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability&quot; ...)
+CVE-2017-12369
 	NOT-FOR-US: Cisco
-CVE-2017-12368 (A &quot;Cisco WebEx Network Recording Player Remote Code Execution ...)
+CVE-2017-12368
 	NOT-FOR-US: Cisco
-CVE-2017-12367 (A &quot;Cisco WebEx Network Recording Player Denial of Service ...)
+CVE-2017-12367
 	NOT-FOR-US: Cisco
-CVE-2017-12366 (A vulnerability in Cisco WebEx Meeting Center could allow an ...)
+CVE-2017-12366
 	NOT-FOR-US: Cisco
-CVE-2017-12365 (A vulnerability in Cisco WebEx Event Center could allow an ...)
+CVE-2017-12365
 	NOT-FOR-US: Cisco
-CVE-2017-12364 (A SQL Injection vulnerability in the web framework of Cisco Prime ...)
+CVE-2017-12364
 	NOT-FOR-US: Cisco
-CVE-2017-12363 (A vulnerability in Cisco WebEx Meeting Server could allow an ...)
+CVE-2017-12363
 	NOT-FOR-US: Cisco
-CVE-2017-12362 (A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could ...)
+CVE-2017-12362
 	NOT-FOR-US: Cisco
-CVE-2017-12361 (A vulnerability in Cisco Jabber for Windows could allow an ...)
+CVE-2017-12361
 	NOT-FOR-US: Cisco
-CVE-2017-12360 (A vulnerability in Cisco WebEx Network Recording Player for WebEx ...)
+CVE-2017-12360
 	NOT-FOR-US: Cisco
-CVE-2017-12359 (A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player ...)
+CVE-2017-12359
 	NOT-FOR-US: Cisco
-CVE-2017-12358 (A vulnerability in the web-based management interface of Cisco Jabber ...)
+CVE-2017-12358
 	NOT-FOR-US: Cisco
-CVE-2017-12357 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2017-12357
 	NOT-FOR-US: Cisco
-CVE-2017-12356 (A vulnerability in the web-based management interface of Cisco Jabber ...)
+CVE-2017-12356
 	NOT-FOR-US: Cisco
-CVE-2017-12355 (A vulnerability in the Local Packet Transport Services (LPTS) ingress ...)
+CVE-2017-12355
 	NOT-FOR-US: Cisco
-CVE-2017-12354 (A vulnerability in the web-based interface of Cisco Secure Access ...)
+CVE-2017-12354
 	NOT-FOR-US: Cisco
-CVE-2017-12353 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
+CVE-2017-12353
 	NOT-FOR-US: Cisco
-CVE-2017-12352 (A vulnerability in certain system script files that are installed at ...)
+CVE-2017-12352
 	NOT-FOR-US: Cisco
-CVE-2017-12351 (A vulnerability in the guest shell feature of Cisco NX-OS System ...)
+CVE-2017-12351
 	NOT-FOR-US: Cisco
-CVE-2017-12350 (A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and ...)
+CVE-2017-12350
 	NOT-FOR-US: Cisco
-CVE-2017-12349 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2017-12349
 	NOT-FOR-US: Cisco
-CVE-2017-12348 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2017-12348
 	NOT-FOR-US: Cisco
-CVE-2017-12347 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
+CVE-2017-12347
 	NOT-FOR-US: Cisco
-CVE-2017-12346 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
+CVE-2017-12346
 	NOT-FOR-US: Cisco
-CVE-2017-12345 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
+CVE-2017-12345
 	NOT-FOR-US: Cisco
-CVE-2017-12344 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
+CVE-2017-12344
 	NOT-FOR-US: Cisco
-CVE-2017-12343 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
+CVE-2017-12343
 	NOT-FOR-US: Cisco
-CVE-2017-12342 (A vulnerability in the Open Agent Container (OAC) feature of Cisco ...)
+CVE-2017-12342
 	NOT-FOR-US: Cisco
-CVE-2017-12341 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
+CVE-2017-12341
 	NOT-FOR-US: Cisco
-CVE-2017-12340 (A vulnerability in Cisco NX-OS System Software running on Cisco MDS ...)
+CVE-2017-12340
 	NOT-FOR-US: Cisco
-CVE-2017-12339 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
+CVE-2017-12339
 	NOT-FOR-US: Cisco
-CVE-2017-12338 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
+CVE-2017-12338
 	NOT-FOR-US: Cisco
-CVE-2017-12337 (A vulnerability in the upgrade mechanism of Cisco collaboration ...)
+CVE-2017-12337
 	NOT-FOR-US: Cisco
-CVE-2017-12336 (A vulnerability in the TCL scripting subsystem of Cisco NX-OS System ...)
+CVE-2017-12336
 	NOT-FOR-US: Cisco
-CVE-2017-12335 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
+CVE-2017-12335
 	NOT-FOR-US: Cisco
-CVE-2017-12334 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
+CVE-2017-12334
 	NOT-FOR-US: Cisco
-CVE-2017-12333 (A vulnerability in Cisco NX-OS System Software could allow an ...)
+CVE-2017-12333
 	NOT-FOR-US: Cisco
-CVE-2017-12332 (A vulnerability in Cisco NX-OS System Software patch installation could ...)
+CVE-2017-12332
 	NOT-FOR-US: Cisco
-CVE-2017-12331 (A vulnerability in Cisco NX-OS System Software could allow an ...)
+CVE-2017-12331
 	NOT-FOR-US: Cisco
-CVE-2017-12330 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
+CVE-2017-12330
 	NOT-FOR-US: Cisco
-CVE-2017-12329 (A vulnerability in the CLI of Cisco Firepower Extensible Operating ...)
+CVE-2017-12329
 	NOT-FOR-US: Cisco
-CVE-2017-12328 (A vulnerability in Session Initiation Protocol (SIP) call handling in ...)
+CVE-2017-12328
 	NOT-FOR-US: Cisco
 CVE-2017-12327
 	RESERVED
@@ -17749,231 +17747,231 @@ CVE-2017-12325
 	RESERVED
 CVE-2017-12324
 	RESERVED
-CVE-2017-12323 (Multiple vulnerabilities in the web interface of the Cisco Registered ...)
+CVE-2017-12323
 	NOT-FOR-US: Cisco
-CVE-2017-12322 (Multiple vulnerabilities in the web interface of the Cisco Registered ...)
+CVE-2017-12322
 	NOT-FOR-US: Cisco
-CVE-2017-12321 (Multiple vulnerabilities in the web interface of the Cisco Registered ...)
+CVE-2017-12321
 	NOT-FOR-US: Cisco
-CVE-2017-12320 (Multiple vulnerabilities in the web interface of the Cisco Registered ...)
+CVE-2017-12320
 	NOT-FOR-US: Cisco
-CVE-2017-12319 (A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet ...)
+CVE-2017-12319
 	NOT-FOR-US: Cisco
-CVE-2017-12318 (A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices ...)
+CVE-2017-12318
 	NOT-FOR-US: Cisco
-CVE-2017-12317 (The Cisco AMP For Endpoints application allows an authenticated, local ...)
+CVE-2017-12317
 	NOT-FOR-US: Cisco
-CVE-2017-12316 (A vulnerability in the Guest Portal login page of Cisco Identity ...)
+CVE-2017-12316
 	NOT-FOR-US: Cisco
-CVE-2017-12315 (A vulnerability in system logging when replication is being configured ...)
+CVE-2017-12315
 	NOT-FOR-US: Cisco
-CVE-2017-12314 (A vulnerability in the Cisco FindIT Network Discovery Utility could ...)
+CVE-2017-12314
 	NOT-FOR-US: Cisco
-CVE-2017-12313 (An untrusted search path (aka DLL Preload) vulnerability in the Cisco ...)
+CVE-2017-12313
 	NOT-FOR-US: Cisco
-CVE-2017-12312 (An untrusted search path (aka DLL Preloading) vulnerability in the ...)
+CVE-2017-12312
 	NOT-FOR-US: Cisco
-CVE-2017-12311 (A vulnerability in the H.264 decoder function of Cisco Meeting Server ...)
+CVE-2017-12311
 	NOT-FOR-US: Cisco
-CVE-2017-12310 (A vulnerability in the auto discovery phase of Cisco Spark Hybrid ...)
+CVE-2017-12310
 	NOT-FOR-US: Cisco
-CVE-2017-12309 (A vulnerability in the Cisco Email Security Appliance (ESA) could allow ...)
+CVE-2017-12309
 	NOT-FOR-US: Cisco
-CVE-2017-12308 (A vulnerability in the web framework of Cisco Small Business Managed ...)
+CVE-2017-12308
 	NOT-FOR-US: Cisco
-CVE-2017-12307 (A vulnerability in the web framework of Cisco Small Business Managed ...)
+CVE-2017-12307
 	NOT-FOR-US: Cisco
-CVE-2017-12306 (A vulnerability in the upgrade process of Cisco Spark Board could allow ...)
+CVE-2017-12306
 	NOT-FOR-US: Cisco
-CVE-2017-12305 (A vulnerability in the debug interface of Cisco IP Phone 8800 series ...)
+CVE-2017-12305
 	NOT-FOR-US: Cisco
-CVE-2017-12304 (A vulnerability in the IOS daemon (IOSd) web-based management interface ...)
+CVE-2017-12304
 	NOT-FOR-US: Cisco
-CVE-2017-12303 (A vulnerability in the Advanced Malware Protection (AMP) file filtering ...)
+CVE-2017-12303
 	NOT-FOR-US: Cisco
-CVE-2017-12302 (A vulnerability in the Cisco Unified Communications Manager SQL ...)
+CVE-2017-12302
 	NOT-FOR-US: Cisco
-CVE-2017-12301 (A vulnerability in the Python scripting subsystem of Cisco NX-OS ...)
+CVE-2017-12301
 	NOT-FOR-US: Cisco
-CVE-2017-12300 (A vulnerability in the SNORT detection engine of Cisco Firepower System ...)
+CVE-2017-12300
 	NOT-FOR-US: Cisco
-CVE-2017-12299 (A vulnerability exists in the process of creating default IP blocks ...)
+CVE-2017-12299
 	NOT-FOR-US: Cisco
-CVE-2017-12298 (A vulnerability in Cisco WebEx Meeting Center could allow an ...)
+CVE-2017-12298
 	NOT-FOR-US: Cisco
-CVE-2017-12297 (A vulnerability in Cisco WebEx Meeting Center could allow an ...)
+CVE-2017-12297
 	NOT-FOR-US: Cisco
-CVE-2017-12296 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-12296
 	NOT-FOR-US: Cisco
-CVE-2017-12295 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-12295
 	NOT-FOR-US: Cisco
-CVE-2017-12294 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-12294
 	NOT-FOR-US: Cisco
-CVE-2017-12293 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-12293
 	NOT-FOR-US: Cisco
-CVE-2017-12292 (Multiple vulnerabilities in the web interface of the Cisco Registered ...)
+CVE-2017-12292
 	NOT-FOR-US: Cisco
-CVE-2017-12291 (Multiple vulnerabilities in the web interface of the Cisco Registered ...)
+CVE-2017-12291
 	NOT-FOR-US: Cisco
-CVE-2017-12290 (Multiple vulnerabilities in the web interface of the Cisco Registered ...)
+CVE-2017-12290
 	NOT-FOR-US: Cisco
-CVE-2017-12289 (A vulnerability in conditional, verbose debug logging for the IPsec ...)
+CVE-2017-12289
 	NOT-FOR-US: Cisco
-CVE-2017-12288 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2017-12288
 	NOT-FOR-US: Cisco
-CVE-2017-12287 (A vulnerability in the cluster database (CDB) management component of ...)
+CVE-2017-12287
 	NOT-FOR-US: Cisco
-CVE-2017-12286 (A vulnerability in the web interface of Cisco Jabber could allow an ...)
+CVE-2017-12286
 	NOT-FOR-US: Cisco
-CVE-2017-12285 (A vulnerability in the web interface of Cisco Network Analysis Module ...)
+CVE-2017-12285
 	NOT-FOR-US: Cisco
-CVE-2017-12284 (A vulnerability in the web interface of Cisco Jabber for Windows Client ...)
+CVE-2017-12284
 	NOT-FOR-US: Cisco
-CVE-2017-12283 (A vulnerability in the handling of 802.11w Protected Management Frames ...)
+CVE-2017-12283
 	NOT-FOR-US: Cisco
-CVE-2017-12282 (A vulnerability in the Access Network Query Protocol (ANQP) ingress ...)
+CVE-2017-12282
 	NOT-FOR-US: Cisco
-CVE-2017-12281 (A vulnerability in the implementation of Protected Extensible ...)
+CVE-2017-12281
 	NOT-FOR-US: Cisco
-CVE-2017-12280 (A vulnerability in the Control and Provisioning of Wireless Access ...)
+CVE-2017-12280
 	NOT-FOR-US: Cisco
-CVE-2017-12279 (A vulnerability in the packet processing code of Cisco IOS Software for ...)
+CVE-2017-12279
 	NOT-FOR-US: Cisco
-CVE-2017-12278 (A vulnerability in the Simple Network Management Protocol (SNMP) ...)
+CVE-2017-12278
 	NOT-FOR-US: Cisco
-CVE-2017-12277 (A vulnerability in the Smart Licensing Manager service of the Cisco ...)
+CVE-2017-12277
 	NOT-FOR-US: Cisco
-CVE-2017-12276 (A vulnerability in the web framework code for the SQL database ...)
+CVE-2017-12276
 	NOT-FOR-US: Cisco
-CVE-2017-12275 (A vulnerability in the implementation of 802.11v Basic Service Set ...)
+CVE-2017-12275
 	NOT-FOR-US: Cisco
-CVE-2017-12274 (A vulnerability in Extensible Authentication Protocol (EAP) ingress ...)
+CVE-2017-12274
 	NOT-FOR-US: Cisco
-CVE-2017-12273 (A vulnerability in 802.11 association request frame processing for the ...)
+CVE-2017-12273
 	NOT-FOR-US: Cisco
-CVE-2017-12272 (A vulnerability in the web framework code of Cisco IOS XE Software ...)
+CVE-2017-12272
 	NOT-FOR-US: Cisco
-CVE-2017-12271 (A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow ...)
+CVE-2017-12271
 	NOT-FOR-US: Cisco
-CVE-2017-12270 (A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco ...)
+CVE-2017-12270
 	NOT-FOR-US: Cisco
-CVE-2017-12269 (A vulnerability in the web UI of Cisco Spark Messaging Software could ...)
+CVE-2017-12269
 	NOT-FOR-US: Cisco
-CVE-2017-12268 (A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect ...)
+CVE-2017-12268
 	NOT-FOR-US: Cisco
-CVE-2017-12267 (A vulnerability in the Independent Computing Architecture (ICA) ...)
+CVE-2017-12267
 	NOT-FOR-US: Cisco
-CVE-2017-12266 (A vulnerability in the routine that loads DLL files in Cisco Meeting ...)
+CVE-2017-12266
 	NOT-FOR-US: Cisco
-CVE-2017-12265 (A vulnerability in the web-based management interface of Cisco Adaptive ...)
+CVE-2017-12265
 	NOT-FOR-US: Cisco
-CVE-2017-12264 (A vulnerability in the Web Admin Interface of Cisco Meeting Server ...)
+CVE-2017-12264
 	NOT-FOR-US: Cisco
-CVE-2017-12263 (A vulnerability in the web interface of Cisco License Manager software ...)
+CVE-2017-12263
 	NOT-FOR-US: Cisco
-CVE-2017-12262 (A vulnerability within the firewall configuration of the Cisco ...)
+CVE-2017-12262
 	NOT-FOR-US: Cisco
-CVE-2017-12261 (A vulnerability in the restricted shell of the Cisco Identity Services ...)
+CVE-2017-12261
 	NOT-FOR-US: Cisco
-CVE-2017-12260 (A vulnerability in the implementation of Session Initiation Protocol ...)
+CVE-2017-12260
 	NOT-FOR-US: Cisco
-CVE-2017-12259 (A vulnerability in the implementation of Session Initiation Protocol ...)
+CVE-2017-12259
 	NOT-FOR-US: Cisco
-CVE-2017-12258 (A vulnerability in the web-based UI of Cisco Unified Communications ...)
+CVE-2017-12258
 	NOT-FOR-US: Cisco
-CVE-2017-12257 (A vulnerability in the web framework of Cisco WebEx Meetings Server ...)
+CVE-2017-12257
 	NOT-FOR-US: Cisco
-CVE-2017-12256 (A vulnerability in the Akamai Connect feature of Cisco Wide Area ...)
+CVE-2017-12256
 	NOT-FOR-US: Cisco
-CVE-2017-12255 (A vulnerability in the CLI of Cisco UCS Central Software could allow an ...)
+CVE-2017-12255
 	NOT-FOR-US: Cisco
-CVE-2017-12254 (A vulnerability in the web interface of Cisco Unified Intelligence ...)
+CVE-2017-12254
 	NOT-FOR-US: Cisco
-CVE-2017-12253 (A vulnerability in the Cisco Unified Intelligence Center could allow an ...)
+CVE-2017-12253
 	NOT-FOR-US: Cisco
-CVE-2017-12252 (A vulnerability in the Cisco FindIT Network Discovery Utility could ...)
+CVE-2017-12252
 	NOT-FOR-US: Cisco
-CVE-2017-12251 (A vulnerability in the web console of the Cisco Cloud Services Platform ...)
+CVE-2017-12251
 	NOT-FOR-US: Cisco
-CVE-2017-12250 (A vulnerability in the HTTP web interface for Cisco Wide Area ...)
+CVE-2017-12250
 	NOT-FOR-US: Cisco
-CVE-2017-12249 (A vulnerability in the Traversal Using Relay NAT (TURN) server included ...)
+CVE-2017-12249
 	NOT-FOR-US: Cisco Meeting Server
-CVE-2017-12248 (A vulnerability in the web framework code of Cisco Unified Intelligence ...)
+CVE-2017-12248
 	NOT-FOR-US: Cisco
 CVE-2017-12247
 	RESERVED
-CVE-2017-12246 (A vulnerability in the implementation of the direct authentication ...)
+CVE-2017-12246
 	NOT-FOR-US: Cisco
-CVE-2017-12245 (A vulnerability in SSL traffic decryption for Cisco Firepower Threat ...)
+CVE-2017-12245
 	NOT-FOR-US: Cisco
-CVE-2017-12244 (A vulnerability in the detection engine parsing of IPv6 packets for ...)
+CVE-2017-12244
 	NOT-FOR-US: Cisco
-CVE-2017-12243 (A vulnerability in the Cisco Unified Computing System (UCS) Manager, ...)
+CVE-2017-12243
 	NOT-FOR-US: Cisco
 CVE-2017-12242
 	RESERVED
 CVE-2017-12241
 	RESERVED
-CVE-2017-12240 (The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS ...)
+CVE-2017-12240
 	NOT-FOR-US: Cisco
-CVE-2017-12239 (A vulnerability in motherboard console ports of line cards for Cisco ...)
+CVE-2017-12239
 	NOT-FOR-US: Cisco
-CVE-2017-12238 (A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco ...)
+CVE-2017-12238
 	NOT-FOR-US: Cisco
-CVE-2017-12237 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module ...)
+CVE-2017-12237
 	NOT-FOR-US: Cisco
-CVE-2017-12236 (A vulnerability in the implementation of the Locator/ID Separation ...)
+CVE-2017-12236
 	NOT-FOR-US: Cisco
-CVE-2017-12235 (A vulnerability in the implementation of the PROFINET Discovery and ...)
+CVE-2017-12235
 	NOT-FOR-US: Cisco
-CVE-2017-12234 (Multiple vulnerabilities in the implementation of the Common Industrial ...)
+CVE-2017-12234
 	NOT-FOR-US: Cisco
-CVE-2017-12233 (Multiple vulnerabilities in the implementation of the Common Industrial ...)
+CVE-2017-12233
 	NOT-FOR-US: Cisco
-CVE-2017-12232 (A vulnerability in the implementation of a protocol in Cisco Integrated ...)
+CVE-2017-12232
 	NOT-FOR-US: Cisco
-CVE-2017-12231 (A vulnerability in the implementation of Network Address Translation ...)
+CVE-2017-12231
 	NOT-FOR-US: Cisco
-CVE-2017-12230 (A vulnerability in the web-based user interface (web UI) of Cisco IOS ...)
+CVE-2017-12230
 	NOT-FOR-US: Cisco
-CVE-2017-12229 (A vulnerability in the REST API of the web-based user interface (web ...)
+CVE-2017-12229
 	NOT-FOR-US: Cisco
-CVE-2017-12228 (A vulnerability in the Cisco Network Plug and Play application of Cisco ...)
+CVE-2017-12228
 	NOT-FOR-US: Cisco
-CVE-2017-12227 (A vulnerability in the SQL database interface for Cisco Emergency ...)
+CVE-2017-12227
 	NOT-FOR-US: Cisco
-CVE-2017-12226 (A vulnerability in the web-based Wireless Controller GUI of Cisco IOS ...)
+CVE-2017-12226
 	NOT-FOR-US: Cisco
-CVE-2017-12225 (A vulnerability in the web functionality of the Cisco Prime LAN ...)
+CVE-2017-12225
 	NOT-FOR-US: Cisco
-CVE-2017-12224 (A vulnerability in the ability for guest users to join meetings via a ...)
+CVE-2017-12224
 	NOT-FOR-US: Cisco
-CVE-2017-12223 (A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 ...)
+CVE-2017-12223
 	NOT-FOR-US: Cisco
-CVE-2017-12222 (A vulnerability in the wireless controller manager of Cisco IOS XE ...)
+CVE-2017-12222
 	NOT-FOR-US: Cisco
-CVE-2017-12221 (A vulnerability in the web framework of Cisco Firepower Management ...)
+CVE-2017-12221
 	NOT-FOR-US: Cisco
-CVE-2017-12220 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2017-12220
 	NOT-FOR-US: Cisco
-CVE-2017-12219 (A vulnerability in the handling of IP fragments for the Cisco Small ...)
+CVE-2017-12219
 	NOT-FOR-US: Cisco
-CVE-2017-12218 (A vulnerability in the malware detection functionality within Advanced ...)
+CVE-2017-12218
 	NOT-FOR-US: Cisco
-CVE-2017-12217 (A vulnerability in the General Packet Radio Service (GPRS) Tunneling ...)
+CVE-2017-12217
 	NOT-FOR-US: Cisco
-CVE-2017-12216 (A vulnerability in the web-based user interface of Cisco SocialMiner ...)
+CVE-2017-12216
 	NOT-FOR-US: Cisco
-CVE-2017-12215 (A vulnerability in the email message filtering feature of Cisco AsyncOS ...)
+CVE-2017-12215
 	NOT-FOR-US: Cisco
-CVE-2017-12214 (A vulnerability in the Operations, Administration, Maintenance, and ...)
+CVE-2017-12214
 	NOT-FOR-US: Cisco
-CVE-2017-12213 (A vulnerability in the dynamic access control list (ACL) feature of ...)
+CVE-2017-12213
 	NOT-FOR-US: Cisco
-CVE-2017-12212 (A vulnerability in the web framework of Cisco Unity Connection could ...)
+CVE-2017-12212
 	NOT-FOR-US: Cisco
-CVE-2017-12211 (A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) ...)
+CVE-2017-12211
 	NOT-FOR-US: Cisco
 CVE-2017-12210
 	RESERVED
@@ -17995,33 +17993,33 @@ CVE-2017-12202
 	RESERVED
 CVE-2017-12201
 	RESERVED
-CVE-2017-12425 (An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, ...)
+CVE-2017-12425
 	{DSA-3924-1}
 	- varnish 5.0.0-7.1 (bug #870467)
 	[wheezy] - varnish <not-affected> (code path is not exposed to clients)
 	NOTE: https://www.varnish-cache.org/security/VSV00001.html#vsv00001
 	NOTE: https://github.com/varnishcache/varnish-cache/issues/2379
 	NOTE: https://github.com/varnishcache/varnish-cache/commit/09731b24b2225e3c0d66d3ec1b4fedef6fa22b6e
-CVE-2017-12200 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS ...)
+CVE-2017-12200
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-12199 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL ...)
+CVE-2017-12199
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-12198
 	RESERVED
-CVE-2017-12197 (It was found that libpam4j up to and including 1.8 did not properly ...)
+CVE-2017-12197
 	{DSA-4025-1 DLA-1165-1}
 	- libpam4j 1.4-3 (bug #879001)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1503103
 	NOTE: https://github.com/kohsuke/libpam4j/issues/18
 	NOTE: (Non-upstream) patch: https://github.com/letonez/libpam4j/commit/84f32f4001fc6bdcc125ccc959081de022d18b6d
-CVE-2017-12196 (undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was ...)
+CVE-2017-12196
 	- undertow 1.4.25-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1503055
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/facb33a5cedaf4b7b96d3840a08210370a806870
 	NOTE: See also https://github.com/undertow-io/undertow/commit/8804170ce3186bdd83b486959399ec7ac0f59d0f
-CVE-2017-12195 (A flaw was found in all Openshift Enterprise versions using the ...)
+CVE-2017-12195
 	NOT-FOR-US: OpenShift
-CVE-2017-12194 (A flaw was found in the way spice-client processed certain messages ...)
+CVE-2017-12194
 	- spice-gtk 0.35-1 (bug #898503)
 	[stretch] - spice-gtk <no-dsa> (Minor issue)
 	[jessie] - spice-gtk <no-dsa> (Minor issue)
@@ -18029,99 +18027,99 @@ CVE-2017-12194 (A flaw was found in the way spice-client processed certain messa
 	NOTE: Proposed patches in: https://bugzilla.redhat.com/show_bug.cgi?id=1240165
 	NOTE: Although not present in the binary packages the (de)marshal.py are used to
 	NOTE: generate repsecitve code which should be in libspice-common-client.
-CVE-2017-12193 (The assoc_array_insert_into_terminal_node function in lib/assoc_array.c ...)
+CVE-2017-12193
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/ea6789980fdaa610d7eb63602c746bf6ec70cd2b (4.14-rc7)
 	NOTE: Introduced by: https://git.kernel.org/linus/3cb989501c2688cacbb7dc4b0d353faf838f53a1 (3.13-rc1)
-CVE-2017-12192 (The keyctl_read_key function in security/keys/keyctl.c in the Key ...)
+CVE-2017-12192
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/37863c43b2c6464f252862bf2e9768264e961678 (4.14-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/61ea0c0ba904a55f55317d850c1072ff7835ac92 (3.13-rc1)
-CVE-2017-12191 (A flaw was found in the CloudForms account configuration when using ...)
+CVE-2017-12191
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-12190 (The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the ...)
+CVE-2017-12190
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1495089
-CVE-2017-12189 (It was discovered that the jboss init script as used in Red Hat JBoss ...)
+CVE-2017-12189
 	NOT-FOR-US: Red Hat JBoss; jbossas init script
-CVE-2017-12188 (arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested ...)
+CVE-2017-12188
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500380
 	NOTE: https://www.spinics.net/lists/kvm/msg156651.html
-CVE-2017-12187 (xorg-x11-server before 1.19.5 was missing length validation in RENDER ...)
+CVE-2017-12187
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12186 (xorg-x11-server before 1.19.5 was missing length validation in ...)
+CVE-2017-12186
 	{DSA-4000-1}
 	- xorg-server 2:1.19.5-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12185 (xorg-x11-server before 1.19.5 was missing length validation in ...)
+CVE-2017-12185
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12184 (xorg-x11-server before 1.19.5 was missing length validation in ...)
+CVE-2017-12184
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12183 (xorg-x11-server before 1.19.5 was missing length validation in XFIXES ...)
+CVE-2017-12183
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5
-CVE-2017-12182 (xorg-x11-server before 1.19.5 was missing length validation in XFree86 ...)
+CVE-2017-12182
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
-CVE-2017-12181 (xorg-x11-server before 1.19.5 was missing length validation in XFree86 ...)
+CVE-2017-12181
 	{DSA-4000-1}
 	- xorg-server 2:1.19.5-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
-CVE-2017-12180 (xorg-x11-server before 1.19.5 was missing length validation in XFree86 ...)
+CVE-2017-12180
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
-CVE-2017-12179 (xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ...)
+CVE-2017-12179
 	{DSA-4000-1}
 	- xorg-server 2:1.19.5-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
-CVE-2017-12178 (xorg-x11-server before 1.19.5 had wrong extra length check in ...)
+CVE-2017-12178
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=859b08d523307eebde7724fd1a0789c44813e821
-CVE-2017-12177 (xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ...)
+CVE-2017-12177
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=4ca68b878e851e2136c234f40a25008297d8d831
-CVE-2017-12176 (xorg-x11-server before 1.19.5 was missing extra length validation in ...)
+CVE-2017-12176
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81
-CVE-2017-12175 (Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule ...)
+CVE-2017-12175
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-12174 (It was found that when Artemis and HornetQ before 2.4.0 are configured ...)
+CVE-2017-12174
 	NOT-FOR-US: Artemis and HornetQ
-CVE-2017-12173 (It was found that sssd's sysdb_search_user_by_upn_res() function ...)
+CVE-2017-12173
 	- sssd 1.15.3-2 (bug #877885)
 	[jessie] - sssd <not-affected> (Vulnerable code introduced later)
 	[wheezy] - sssd <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1498173
 	NOTE: Fixed by: https://pagure.io/SSSD/sssd/c/1f2662c8f97c9c0fa250055d4b6750abfc6d0835
 	NOTE: Introduced by https://pagure.io/SSSD/sssd/c/7ecb5aea65cb1899f16e7a41bffa93d074defd4a (sssd-1_12_0)
-CVE-2017-12172 (PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, ...)
+CVE-2017-12172
 	- postgresql-10 10.1-1 (unimportant)
 	- postgresql-9.6 <removed> (unimportant)
 	[stretch] - postgresql-9.6 9.6.6-0+deb9u1
@@ -18131,24 +18129,24 @@ CVE-2017-12172 (PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	[wheezy] - postgresql-9.1 <not-affected> (Vulnerable code not installed)
 	NOTE: Issue in sample init-scirpt as provided by postgresql project, but not installed
-CVE-2017-12171 (A regression was found in the Red Hat Enterprise Linux 6.9 version of ...)
+CVE-2017-12171
 	- apache2 <not-affected> (Introduced by Red Hat RHEL 6.9 specific non-security patch)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1493056
-CVE-2017-12170 (Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was ...)
+CVE-2017-12170
 	- pure-ftpd <not-affected> (Fedora specific packaging error)
-CVE-2017-12169 (It was found that FreeIPA 4.2.0 and later could disclose password ...)
+CVE-2017-12169
 	- freeipa <unfixed> (unimportant; bug #895950)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1487697
 	NOTE: Proposed patch: https://bugzilla.redhat.com/attachment.cgi?id=1331008
 	NOTE: Negligible security impact
-CVE-2017-12168 (The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the ...)
+CVE-2017-12168
 	- linux 4.8.11-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/9e3f7a29694049edd728e2400ab57ad7553e5aa9 (4.9-rc6)
-CVE-2017-12167 (It was found in EAP 7 before 7.0.9 that properties based files of the ...)
+CVE-2017-12167
 	NOT-FOR-US: Red Hat JBoss EAP
-CVE-2017-12166 (OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to ...)
+CVE-2017-12166
 	- openvpn 2.4.4-1 (bug #877089)
 	[stretch] - openvpn <no-dsa> (Minor issue)
 	[jessie] - openvpn <no-dsa> (Minor issue)
@@ -18159,102 +18157,102 @@ CVE-2017-12166 (OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnera
 	NOTE: https://community.openvpn.net/openvpn/changeset/c7e259160b28e94e4ea7f0ef767f8134283af255/ (release/2.4)
 	NOTE: https://community.openvpn.net/openvpn/changeset/fce34375295151f548a26c2d0eb30141e427c81a/ (release/2.3)
 	NOTE: https://community.openvpn.net/openvpn/changeset/a9f5c744d6b09f2495ca48d2c926efd3a4b981e6/ (release/2.2)
-CVE-2017-12165 (It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 ...)
+CVE-2017-12165
 	- undertow <unfixed> (bug #885338)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1490301
 	NOTE: Fix likely included in the same commit as the fix for CVE-2017-7559
 	NOTE: https://github.com/undertow-io/undertow/commit/3436b03eda8b0b62c1855698c4d7c358add836c2
-CVE-2017-12164 (A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer ...)
+CVE-2017-12164
 	- gdm3 3.26.0-1
 	[stretch] - gdm3 <not-affected> (Vulnerable code not present)
 	[jessie] - gdm3 <not-affected> (Vulnerable code not present)
 	[wheezy] - gdm3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1490417
 	NOTE: Introduced in https://git.gnome.org/browse/gdm/commit/?id=ff98b28
-CVE-2017-12163 (An information leak flaw was found in the way SMB1 protocol was ...)
+CVE-2017-12163
 	{DSA-3983-1 DLA-1110-1}
 	- samba 2:4.6.7+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12163.html
 CVE-2017-12162
 	RESERVED
-CVE-2017-12161 (It was found that keycloak before 3.4.2 final would permit misuse of a ...)
+CVE-2017-12161
 	NOT-FOR-US: Keycloak
-CVE-2017-12160 (It was found that Keycloak oauth would permit an authenticated ...)
+CVE-2017-12160
 	NOT-FOR-US: Keycloak
-CVE-2017-12159 (It was found that the cookie used for CSRF prevention in Keycloak was ...)
+CVE-2017-12159
 	NOT-FOR-US: Keycloak
-CVE-2017-12158 (It was found that Keycloak would accept a HOST header URL in the admin ...)
+CVE-2017-12158
 	NOT-FOR-US: Keycloak
-CVE-2017-12157 (In Moodle 3.x, various course reports allow teachers to view details ...)
+CVE-2017-12157
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=358586
-CVE-2017-12156 (Moodle 3.x has XSS in the contact form on the &quot;non-respondents&quot; page in ...)
+CVE-2017-12156
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=358585
-CVE-2017-12155 (A resource-permission flaw was found in the ...)
+CVE-2017-12155
 	- tripleo-heat-templates <removed> (bug #900176)
 	NOTE: https://bugs.launchpad.net/tripleo/+bug/1720787
-CVE-2017-12154 (The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel ...)
+CVE-2017-12154
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f (v4.14-rc1)
 	NOTE: https://www.spinics.net/lists/kvm/msg155414.html
-CVE-2017-12153 (A security flaw was discovered in the nl80211_set_rekey_data() function ...)
+CVE-2017-12153
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: https://marc.info/?t=150525503100001&r=1&w=2
 	NOTE: https://marc.info/?l=linux-wireless&m=150525493517953&w=2
 CVE-2017-12152
 	RESERVED
-CVE-2017-12151 (A flaw was found in the way samba client before samba 4.4.16, samba ...)
+CVE-2017-12151
 	{DSA-3983-1}
 	- samba 2:4.6.7+dfsg-2
 	[wheezy] - samba <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12151.html
-CVE-2017-12150 (It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x ...)
+CVE-2017-12150
 	{DSA-3983-1 DLA-1110-1}
 	- samba 2:4.6.7+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12150.html
-CVE-2017-12149 (In Jboss Application Server as shipped with Red Hat Enterprise ...)
+CVE-2017-12149
 	- jbossas4 <removed>
 	[wheezy] - jbossas4 <end-of-life> (incomplete packaging, 4.x series released more than nine years ago.)
-CVE-2017-12148 (A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 ...)
+CVE-2017-12148
 	NOT-FOR-US: Ansible Tower
 CVE-2017-12147
 	RESERVED
-CVE-2017-12146 (The driver_override implementation in drivers/base/platform.c in the ...)
+CVE-2017-12146
 	- linux 4.11.11-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/6265539776a0810b7ce6398c27866ddb9c6bd154 (v4.13-rc1)
-CVE-2017-12145 (In libquicktime 1.2.4, an allocation failure was found in the function ...)
+CVE-2017-12145
 	- libquicktime <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2017-12144 (In ytnef 1.9.2, an allocation failure was found in the function ...)
+CVE-2017-12144
 	- libytnef 1.9.3-1 (bug #870817)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/51
 	NOTE: https://github.com/ohwgiles/ytnef/commit/a341b7f1bf8a2c59ece89f2d6cdc09856d501cc0
-CVE-2017-12143 (In libquicktime 1.2.4, an allocation failure was found in the function ...)
+CVE-2017-12143
 	- libquicktime <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2017-12142 (In ytnef 1.9.2, an invalid memory read vulnerability was found in the ...)
+CVE-2017-12142
 	- libytnef 1.9.3-1 (low; bug #870816)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/49
 	NOTE: https://github.com/Yeraze/ytnef/commit/35dc50190aac54947bafb3d84ab7727e940c6236
-CVE-2017-12141 (In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in ...)
+CVE-2017-12141
 	- libytnef 1.9.3-1 (low; bug #870815)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/50
-CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an ...)
+CVE-2017-12140
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873059)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -18262,30 +18260,30 @@ CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/533
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6bf56fbe1fc551f198c3491ed58d56bb5efea23c
-CVE-2017-12139 (XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of missing ...)
+CVE-2017-12139
 	NOT-FOR-US: XOOPS
-CVE-2017-12138 (XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in ...)
+CVE-2017-12138
 	NOT-FOR-US: XOOPS
-CVE-2017-12137 (arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS ...)
+CVE-2017-12137
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-227.html
-CVE-2017-12136 (Race condition in the grant table code in Xen 4.6.x through 4.9.x ...)
+CVE-2017-12136
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <not-affected> (Only affects 4.6 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.6 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-228.html
-CVE-2017-12135 (Xen allows local OS guest users to cause a denial of service (crash) ...)
+CVE-2017-12135
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-226.html
-CVE-2017-12134 (The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in ...)
+CVE-2017-12134
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.12-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-229.html
 	NOTE: https://git.kernel.org/linus/462cdace790ac2ed6aad1b19c9c0af0143b6aab0 (v4.13-rc6)
-CVE-2017-12133 (Use-after-free vulnerability in the clntudp_call function in ...)
+CVE-2017-12133
 	- glibc 2.24-15 (bug #870648)
 	[stretch] - glibc 2.24-11+deb9u2
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -18294,7 +18292,7 @@ CVE-2017-12133 (Use-after-free vulnerability in the clntudp_call function in ...
 	NOTE: issue introduced by fix for CVE-2016-4429
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21115
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d42eed4a044e5e10dfb885cf9891c2518a72a491
-CVE-2017-12132 (The DNS stub resolver in the GNU C Library (aka glibc or libc6) before ...)
+CVE-2017-12132
 	[experimental] - glibc 2.25-0experimental1
 	- glibc 2.25-1 (bug #870650)
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -18304,220 +18302,220 @@ CVE-2017-12132 (The DNS stub resolver in the GNU C Library (aka glibc or libc6)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21361
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e14a27723cc3a154d67f3f26e719d08c0ba9ad25
 	NOTE: https://arxiv.org/pdf/1205.4011.pdf
-CVE-2017-12131 (The Easy Testimonials plugin 3.0.4 for WordPress has XSS in ...)
+CVE-2017-12131
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-12130 (An exploitable NULL pointer dereference vulnerability exists in the ...)
+CVE-2017-12130
 	NOT-FOR-US: tinysvcmdns
-CVE-2017-12129 (An exploitable Weak Cryptography for Passwords vulnerability exists in ...)
+CVE-2017-12129
 	NOT-FOR-US: Moxa
-CVE-2017-12128 (An exploitable information disclosure vulnerability exists in the ...)
+CVE-2017-12128
 	NOT-FOR-US: Moxa
-CVE-2017-12127 (A password storage vulnerability exists in the operating system ...)
+CVE-2017-12127
 	NOT-FOR-US: Moxa
-CVE-2017-12126 (An exploitable cross-site request forgery vulnerability exists in the ...)
+CVE-2017-12126
 	NOT-FOR-US: Moxa
-CVE-2017-12125 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-12125
 	NOT-FOR-US: Moxa
-CVE-2017-12124 (An exploitable denial of service vulnerability exists in the web ...)
+CVE-2017-12124
 	NOT-FOR-US: Moxa
-CVE-2017-12123 (An exploitable clear text transmission of password vulnerability ...)
+CVE-2017-12123
 	NOT-FOR-US: Moxa
-CVE-2017-12122 (An exploitable code execution vulnerability exists in the ILBM image ...)
+CVE-2017-12122
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0488
 	NOTE: https://hg.libsdl.org/SDL_image/rev/16772bbb1b09
 	NOTE: https://hg.libsdl.org/SDL_image/rev/97f7f01e0665
-CVE-2017-12121 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-12121
 	NOT-FOR-US: Moxa
-CVE-2017-12120 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-12120
 	NOT-FOR-US: Moxa
-CVE-2017-12119 (An exploitable unhandled exception vulnerability exists in multiple ...)
+CVE-2017-12119
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12118 (An exploitable improper authorization vulnerability exists in ...)
+CVE-2017-12118
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12117 (An exploitable improper authorization vulnerability exists in ...)
+CVE-2017-12117
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12116 (An exploitable improper authorization vulnerability exists in ...)
+CVE-2017-12116
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12115 (An exploitable improper authorization vulnerability exists in ...)
+CVE-2017-12115
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12114 (An exploitable improper authorization vulnerability exists in ...)
+CVE-2017-12114
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12113 (An exploitable improper authorization vulnerability exists in ...)
+CVE-2017-12113
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12112 (An exploitable improper authorization vulnerability exists in ...)
+CVE-2017-12112
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12111 (An exploitable out-of-bounds vulnerability exists in the xls_addCell ...)
+CVE-2017-12111
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0463
-CVE-2017-12110 (An exploitable integer overflow vulnerability exists in the ...)
+CVE-2017-12110
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0462
-CVE-2017-12109 (An exploitable integer overflow vulnerability exists in the ...)
+CVE-2017-12109
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0461
-CVE-2017-12108 (An exploitable integer overflow vulnerability exists in the ...)
+CVE-2017-12108
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0460
-CVE-2017-12107 (An memory corruption vulnerability exists in the .PCX parsing ...)
+CVE-2017-12107
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-12106 (A memory corruption vulnerability exists in the .TGA parsing ...)
+CVE-2017-12106
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-12105 (An exploitable integer overflow exists in the way that the Blender ...)
+CVE-2017-12105
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0457
-CVE-2017-12104 (An exploitable integer overflow exists in the way that the Blender ...)
+CVE-2017-12104
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e6df02861e17f75d4dd243776f35208681b78465
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0456
-CVE-2017-12103 (An exploitable integer overflow exists in the way that the Blender ...)
+CVE-2017-12103
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e6df02861e17f75d4dd243776f35208681b78465
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0455
-CVE-2017-12102 (An exploitable integer overflow exists in the way that the Blender ...)
+CVE-2017-12102
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e6df02861e17f75d4dd243776f35208681b78465
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0454
-CVE-2017-12101 (An exploitable integer overflow exists in the ...)
+CVE-2017-12101
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0453
-CVE-2017-12100 (An exploitable integer overflow exists in the 'multires_load_old_dm' ...)
+CVE-2017-12100
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0452
-CVE-2017-12099 (An exploitable integer overflow exists in the upgrade of the legacy ...)
+CVE-2017-12099
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0451
-CVE-2017-12098 (An exploitable cross site scripting (XSS) vulnerability exists in the ...)
+CVE-2017-12098
 	- ruby-rails-admin <removed> (bug #900178)
 	[stretch] - ruby-rails-admin <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0450
 	NOTE: https://github.com/sferik/rails_admin/issues/2985
 	NOTE: https://github.com/sferik/rails_admin/commit/44f09ed72b5e0e917a5d61bd89c48d97c494b41c
-CVE-2017-12097 (An exploitable cross site scripting (XSS) vulnerability exists in the ...)
+CVE-2017-12097
 	NOT-FOR-US: delayed_job_web rails gem
-CVE-2017-12096 (An exploitable vulnerability exists in the WiFi management of Circle ...)
+CVE-2017-12096
 	NOT-FOR-US: Circle of Disney
-CVE-2017-12095 (An exploitable vulnerability exists in the WiFi Access Point feature ...)
+CVE-2017-12095
 	NOT-FOR-US: Circle of Disney
-CVE-2017-12094 (An exploitable vulnerability exists in the WiFi Channel parsing of ...)
+CVE-2017-12094
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12093 (An exploitable insufficient resource pool vulnerability exists in the ...)
+CVE-2017-12093
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12092 (An exploitable file write vulnerability exists in the memory module ...)
+CVE-2017-12092
 	NOT-FOR-US: Allen Bradley Micrologix
 CVE-2017-12091
 	REJECTED
-CVE-2017-12090 (An exploitable denial of service vulnerability exists in the ...)
+CVE-2017-12090
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12089 (An exploitable denial of service vulnerability exists in the program ...)
+CVE-2017-12089
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12088 (An exploitable denial of service vulnerability exists in the Ethernet ...)
+CVE-2017-12088
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12087 (An exploitable heap overflow vulnerability exists in the tinysvcmdns ...)
+CVE-2017-12087
 	- shairport-sync 3.1.4-1 (unimportant; bug #882508)
 	NOTE: Debian build uses Avahi instead
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/shairport-sync/+bug/1729668
-CVE-2017-12086 (An exploitable integer overflow exists in the ...)
+CVE-2017-12086
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0438
-CVE-2017-12085 (An exploitable routing vulnerability exists in the Circle with Disney ...)
+CVE-2017-12085
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12084 (A backdoor vulnerability exists in remote control functionality of ...)
+CVE-2017-12084
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12083 (An exploitable information disclosure vulnerability exists in the apid ...)
+CVE-2017-12083
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12082 (An exploitable integer overflow exists in the 'CustomData' Mesh ...)
+CVE-2017-12082
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0434
-CVE-2017-12081 (An exploitable integer overflow exists in the upgrade of a legacy Mesh ...)
+CVE-2017-12081
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0433
-CVE-2017-12080 (An information exposure vulnerability in default HTTP configuration ...)
+CVE-2017-12080
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-12079 (Files or directories accessible to external parties vulnerability in ...)
+CVE-2017-12079
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-12078 (Command injection vulnerability in EZ-Internet in Synology Router ...)
+CVE-2017-12078
 	NOT-FOR-US: Synology
-CVE-2017-12077 (Uncontrolled Resource Consumption vulnerability in ...)
+CVE-2017-12077
 	NOT-FOR-US: Synology
-CVE-2017-12076 (Uncontrolled Resource Consumption vulnerability in ...)
+CVE-2017-12076
 	NOT-FOR-US: Synology
-CVE-2017-12075 (Command injection vulnerability in EZ-Internet in Synology DiskStation ...)
+CVE-2017-12075
 	NOT-FOR-US: Synology
-CVE-2017-12074 (Directory traversal vulnerability in the ...)
+CVE-2017-12074
 	NOT-FOR-US: Synology
 CVE-2017-12073
 	RESERVED
-CVE-2017-12072 (Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in ...)
+CVE-2017-12072
 	NOT-FOR-US: Synology
-CVE-2017-12071 (Server-side request forgery (SSRF) vulnerability in file_upload.php in ...)
+CVE-2017-12071
 	NOT-FOR-US: Synology
-CVE-2017-12070 (Unsigned versions of the DLLs distributed by the OPC Foundation may be ...)
+CVE-2017-12070
 	NOT-FOR-US: OPC Foundation
-CVE-2017-12069 (An XXE vulnerability has been identified in OPC Foundation UA .NET ...)
+CVE-2017-12069
 	NOT-FOR-US: OPC Foundation UA .NET Sampe code and Local Discovery Server affecting various vendors
-CVE-2017-12068 (The Event List plugin 0.7.9 for WordPress has XSS in the slug array ...)
+CVE-2017-12068
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-12067 (Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic ...)
+CVE-2017-12067
 	- potrace 1.15-1 (unimportant; bug #870356)
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overflow-mkbitmap
 	NOTE: Upstream bug report https://sourceforge.net/p/potrace/bugs/22/
 	NOTE: Crash only in CLI tool mkbitmap, negligible security impact
-CVE-2017-12066 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...)
+CVE-2017-12066
 	- cacti 1.1.16+ds1-1 (bug #870354)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e
 	NOTE: https://github.com/Cacti/cacti/issues/877
-CVE-2017-12065 (spikekill.php in Cacti before 1.1.16 might allow remote attackers to ...)
+CVE-2017-12065
 	- cacti 1.1.16+ds1-1 (bug #870353)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e
 	NOTE: https://github.com/Cacti/cacti/issues/877
-CVE-2017-12064 (The csv_log_html function in library/edihistory/edih_csv_inc.php in ...)
+CVE-2017-12064
 	NOT-FOR-US: OpenEMR
 CVE-2017-12063
 	RESERVED
-CVE-2017-12062 (An XSS issue was discovered in manage_user_page.php in MantisBT 2.x ...)
+CVE-2017-12062
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy LTS)
-CVE-2017-12061 (An XSS issue was discovered in admin/install.php in MantisBT before ...)
+CVE-2017-12061
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy LTS)
 CVE-2017-12060
@@ -18760,33 +18758,33 @@ CVE-2017-11942
 	RESERVED
 CVE-2017-11941
 	RESERVED
-CVE-2017-11940 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-11940
 	NOT-FOR-US: Microsoft
-CVE-2017-11939 (Microsoft Office 2016 Click-to-Run (C2R) allows an information ...)
+CVE-2017-11939
 	NOT-FOR-US: Microsoft
 CVE-2017-11938
 	RESERVED
-CVE-2017-11937 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-11937
 	NOT-FOR-US: Microsoft
-CVE-2017-11936 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of ...)
+CVE-2017-11936
 	NOT-FOR-US: Microsoft
-CVE-2017-11935 (Microsoft Office 2016 Click-to-Run (C2R) allows a remote code ...)
+CVE-2017-11935
 	NOT-FOR-US: Microsoft
-CVE-2017-11934 (Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft ...)
+CVE-2017-11934
 	NOT-FOR-US: Microsoft
 CVE-2017-11933
 	RESERVED
-CVE-2017-11932 (Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 ...)
+CVE-2017-11932
 	NOT-FOR-US: Microsoft
 CVE-2017-11931
 	RESERVED
-CVE-2017-11930 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11930
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11929
 	RESERVED
 CVE-2017-11928
 	RESERVED
-CVE-2017-11927 (Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 ...)
+CVE-2017-11927
 	NOT-FOR-US: Microsoft Windows
 CVE-2017-11926
 	RESERVED
@@ -18802,47 +18800,47 @@ CVE-2017-11921
 	RESERVED
 CVE-2017-11920
 	RESERVED
-CVE-2017-11919 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11919
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11918 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2017-11918
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11917
 	RESERVED
-CVE-2017-11916 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
+CVE-2017-11916
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11915
 	RESERVED
-CVE-2017-11914 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, ...)
+CVE-2017-11914
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11913 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2017-11913
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11912 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11912
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11911 (ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server ...)
+CVE-2017-11911
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11910 (ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2017-11910
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11909 (ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server ...)
+CVE-2017-11909
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11908 (ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary ...)
+CVE-2017-11908
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11907 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2017-11907
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11906 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2017-11906
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11905 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, ...)
+CVE-2017-11905
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11904
 	RESERVED
-CVE-2017-11903 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2017-11903
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2017-11902
 	RESERVED
-CVE-2017-11901 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-11901
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2017-11900
 	RESERVED
-CVE-2017-11899 (Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server ...)
+CVE-2017-11899
 	NOT-FOR-US: Microsoft Windows
 CVE-2017-11898
 	RESERVED
@@ -18850,283 +18848,283 @@ CVE-2017-11897
 	RESERVED
 CVE-2017-11896
 	RESERVED
-CVE-2017-11895 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11895
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11894 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11894
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11893 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, ...)
+CVE-2017-11893
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11892
 	RESERVED
 CVE-2017-11891
 	RESERVED
-CVE-2017-11890 (Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 ...)
+CVE-2017-11890
 	NOT-FOR-US: Microsoft Windows
-CVE-2017-11889 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2017-11889
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11888 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
+CVE-2017-11888
 	NOT-FOR-US: Microsoft Edge
-CVE-2017-11887 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11887
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11886 (Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 ...)
+CVE-2017-11886
 	NOT-FOR-US: Microsoft Windows
-CVE-2017-11885 (Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 ...)
+CVE-2017-11885
 	NOT-FOR-US: Microsoft Windows
-CVE-2017-11884 (Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run ...)
+CVE-2017-11884
 	NOT-FOR-US: Microsoft
-CVE-2017-11883 (.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to ...)
+CVE-2017-11883
 	NOT-FOR-US: .NET core
-CVE-2017-11882 (Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service ...)
+CVE-2017-11882
 	NOT-FOR-US: Microsoft
 CVE-2017-11881
 	RESERVED
-CVE-2017-11880 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-11880
 	NOT-FOR-US: Microsoft
-CVE-2017-11879 (ASP.NET Core 2.0 allows an attacker to steal log-in session ...)
+CVE-2017-11879
 	NOT-FOR-US: Microsoft
-CVE-2017-11878 (Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack ...)
+CVE-2017-11878
 	NOT-FOR-US: Microsoft
-CVE-2017-11877 (Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack ...)
+CVE-2017-11877
 	NOT-FOR-US: Microsoft
-CVE-2017-11876 (Microsoft Project Server and Microsoft SharePoint Enterprise Server ...)
+CVE-2017-11876
 	NOT-FOR-US: Microsoft
 CVE-2017-11875
 	RESERVED
-CVE-2017-11874 (Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, ...)
+CVE-2017-11874
 	NOT-FOR-US: Microsoft
-CVE-2017-11873 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, ...)
+CVE-2017-11873
 	NOT-FOR-US: Microsoft
-CVE-2017-11872 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2017-11872
 	NOT-FOR-US: Microsoft
-CVE-2017-11871 (ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows ...)
+CVE-2017-11871
 	NOT-FOR-US: Microsoft
-CVE-2017-11870 (ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows ...)
+CVE-2017-11870
 	NOT-FOR-US: Microsoft
-CVE-2017-11869 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2017-11869
 	NOT-FOR-US: Microsoft
 CVE-2017-11868
 	RESERVED
 CVE-2017-11867
 	RESERVED
-CVE-2017-11866 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2017-11866
 	NOT-FOR-US: Microsoft
 CVE-2017-11865
 	RESERVED
 CVE-2017-11864
 	RESERVED
-CVE-2017-11863 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
+CVE-2017-11863
 	NOT-FOR-US: Microsoft
-CVE-2017-11862 (ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, ...)
+CVE-2017-11862
 	NOT-FOR-US: Microsoft
-CVE-2017-11861 (Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and ...)
+CVE-2017-11861
 	NOT-FOR-US: Microsoft
 CVE-2017-11860
 	RESERVED
 CVE-2017-11859
 	RESERVED
-CVE-2017-11858 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11858
 	NOT-FOR-US: Microsoft
 CVE-2017-11857
 	RESERVED
-CVE-2017-11856 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11856
 	NOT-FOR-US: Microsoft
-CVE-2017-11855 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11855
 	NOT-FOR-US: Microsoft
-CVE-2017-11854 (Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack ...)
+CVE-2017-11854
 	NOT-FOR-US: Microsoft
-CVE-2017-11853 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-11853
 	NOT-FOR-US: Microsoft
-CVE-2017-11852 (Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 ...)
+CVE-2017-11852
 	NOT-FOR-US: Microsoft
-CVE-2017-11851 (The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11851
 	NOT-FOR-US: Microsoft
-CVE-2017-11850 (Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server ...)
+CVE-2017-11850
 	NOT-FOR-US: Microsoft
-CVE-2017-11849 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-11849
 	NOT-FOR-US: Microsoft
-CVE-2017-11848 (Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server ...)
+CVE-2017-11848
 	NOT-FOR-US: Microsoft
-CVE-2017-11847 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-11847
 	NOT-FOR-US: Microsoft
-CVE-2017-11846 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11846
 	NOT-FOR-US: Microsoft
-CVE-2017-11845 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-11845
 	NOT-FOR-US: Microsoft
-CVE-2017-11844 (Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, ...)
+CVE-2017-11844
 	NOT-FOR-US: Microsoft
-CVE-2017-11843 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11843
 	NOT-FOR-US: Microsoft
-CVE-2017-11842 (Windows kernel in Windows 8.1 and RT 8.1, Server 2012 and R2, Windows ...)
+CVE-2017-11842
 	NOT-FOR-US: Microsoft
-CVE-2017-11841 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2017-11841
 	NOT-FOR-US: Microsoft
-CVE-2017-11840 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2017-11840
 	NOT-FOR-US: Microsoft
-CVE-2017-11839 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows ...)
+CVE-2017-11839
 	NOT-FOR-US: Microsoft
-CVE-2017-11838 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11838
 	NOT-FOR-US: Microsoft
-CVE-2017-11837 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11837
 	NOT-FOR-US: Microsoft
-CVE-2017-11836 (ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-11836
 	NOT-FOR-US: Microsoft
-CVE-2017-11835 (Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 ...)
+CVE-2017-11835
 	NOT-FOR-US: Microsoft
-CVE-2017-11834 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11834
 	NOT-FOR-US: Microsoft
-CVE-2017-11833 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
+CVE-2017-11833
 	NOT-FOR-US: Microsoft
-CVE-2017-11832 (The Microsoft Windows embedded OpenType (EOT) font engine in Windows 7 ...)
+CVE-2017-11832
 	NOT-FOR-US: Microsoft
-CVE-2017-11831 (Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2017-11831
 	NOT-FOR-US: Microsoft
-CVE-2017-11830 (Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows ...)
+CVE-2017-11830
 	NOT-FOR-US: Microsoft
-CVE-2017-11829 (Microsoft Windows 10 allows an elevation of privilege vulnerability ...)
+CVE-2017-11829
 	NOT-FOR-US: Microsoft
 CVE-2017-11828
 	RESERVED
-CVE-2017-11827 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-11827
 	NOT-FOR-US: Microsoft
-CVE-2017-11826 (Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint ...)
+CVE-2017-11826
 	NOT-FOR-US: Microsoft
-CVE-2017-11825 (Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for ...)
+CVE-2017-11825
 	NOT-FOR-US: Microsoft
-CVE-2017-11824 (The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 ...)
+CVE-2017-11824
 	NOT-FOR-US: Microsoft
-CVE-2017-11823 (The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, ...)
+CVE-2017-11823
 	NOT-FOR-US: Microsoft
-CVE-2017-11822 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11822
 	NOT-FOR-US: Microsoft
-CVE-2017-11821 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an ...)
+CVE-2017-11821
 	NOT-FOR-US: Microsoft
-CVE-2017-11820 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft ...)
+CVE-2017-11820
 	NOT-FOR-US: Microsoft
-CVE-2017-11819 (Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code ...)
+CVE-2017-11819
 	NOT-FOR-US: Microsoft
-CVE-2017-11818 (The Microsoft Windows Storage component on Microsoft Windows 8.1, ...)
+CVE-2017-11818
 	NOT-FOR-US: Microsoft
-CVE-2017-11817 (The Microsoft Windows Kernel component on Microsoft Windows Server ...)
+CVE-2017-11817
 	NOT-FOR-US: Microsoft
-CVE-2017-11816 (The Microsoft Windows Graphics Device Interface (GDI) on Microsoft ...)
+CVE-2017-11816
 	NOT-FOR-US: Microsoft
-CVE-2017-11815 (The Microsoft Server Block Message (SMB) on Microsoft Windows Server ...)
+CVE-2017-11815
 	NOT-FOR-US: Microsoft
-CVE-2017-11814 (The Microsoft Windows Kernel component on Microsoft Windows Server ...)
+CVE-2017-11814
 	NOT-FOR-US: Microsoft
-CVE-2017-11813 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-11813
 	NOT-FOR-US: Microsoft
-CVE-2017-11812 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, ...)
+CVE-2017-11812
 	NOT-FOR-US: Microsoft
-CVE-2017-11811 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-11811
 	NOT-FOR-US: Microsoft
-CVE-2017-11810 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11810
 	NOT-FOR-US: Microsoft
-CVE-2017-11809 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-11809
 	NOT-FOR-US: Microsoft
-CVE-2017-11808 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-11808
 	NOT-FOR-US: Microsoft
-CVE-2017-11807 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an ...)
+CVE-2017-11807
 	NOT-FOR-US: Microsoft
-CVE-2017-11806 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an ...)
+CVE-2017-11806
 	NOT-FOR-US: Microsoft
-CVE-2017-11805 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an ...)
+CVE-2017-11805
 	NOT-FOR-US: Microsoft
-CVE-2017-11804 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-11804
 	NOT-FOR-US: Microsoft
-CVE-2017-11803 (Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, ...)
+CVE-2017-11803
 	NOT-FOR-US: Microsoft
-CVE-2017-11802 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-11802
 	NOT-FOR-US: Microsoft
-CVE-2017-11801 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
+CVE-2017-11801
 	NOT-FOR-US: Microsoft
-CVE-2017-11800 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows ...)
+CVE-2017-11800
 	NOT-FOR-US: Microsoft
-CVE-2017-11799 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-11799
 	NOT-FOR-US: Microsoft
-CVE-2017-11798 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-11798
 	NOT-FOR-US: Microsoft
-CVE-2017-11797 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
+CVE-2017-11797
 	NOT-FOR-US: Microsoft
-CVE-2017-11796 (ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to ...)
+CVE-2017-11796
 	NOT-FOR-US: Microsoft
 CVE-2017-11795
 	RESERVED
-CVE-2017-11794 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-11794
 	NOT-FOR-US: Microsoft
-CVE-2017-11793 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11793
 	NOT-FOR-US: Microsoft
-CVE-2017-11792 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an ...)
+CVE-2017-11792
 	NOT-FOR-US: Microsoft
-CVE-2017-11791 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2017-11791
 	NOT-FOR-US: Microsoft
-CVE-2017-11790 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-11790
 	NOT-FOR-US: Microsoft
 CVE-2017-11789
 	RESERVED
-CVE-2017-11788 (Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-11788
 	NOT-FOR-US: Microsoft
 CVE-2017-11787
 	RESERVED
-CVE-2017-11786 (Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business ...)
+CVE-2017-11786
 	NOT-FOR-US: Skype
-CVE-2017-11785 (The Microsoft Windows Kernel component on Microsoft Windows Server ...)
+CVE-2017-11785
 	NOT-FOR-US: Microsoft
-CVE-2017-11784 (The Microsoft Windows Kernel component on Microsoft Windows Server ...)
+CVE-2017-11784
 	NOT-FOR-US: Microsoft
-CVE-2017-11783 (Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows ...)
+CVE-2017-11783
 	NOT-FOR-US: Microsoft
-CVE-2017-11782 (The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 ...)
+CVE-2017-11782
 	NOT-FOR-US: Microsoft
-CVE-2017-11781 (The Microsoft Server Block Message (SMB) on Microsoft Windows Server ...)
+CVE-2017-11781
 	NOT-FOR-US: Microsoft
-CVE-2017-11780 (The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 ...)
+CVE-2017-11780
 	NOT-FOR-US: Microsoft
-CVE-2017-11779 (The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft ...)
+CVE-2017-11779
 	NOT-FOR-US: Microsoft
 CVE-2017-11778
 	RESERVED
-CVE-2017-11777 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft ...)
+CVE-2017-11777
 	NOT-FOR-US: Microsoft
-CVE-2017-11776 (Microsoft Outlook 2016 allows an attacker to obtain the email content ...)
+CVE-2017-11776
 	NOT-FOR-US: Microsoft
-CVE-2017-11775 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft ...)
+CVE-2017-11775
 	NOT-FOR-US: Microsoft
-CVE-2017-11774 (Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook ...)
+CVE-2017-11774
 	NOT-FOR-US: Microsoft
 CVE-2017-11773
 	RESERVED
-CVE-2017-11772 (The Microsoft Windows Search component on Microsoft Windows Server ...)
+CVE-2017-11772
 	NOT-FOR-US: Microsoft
-CVE-2017-11771 (The Microsoft Windows Search component on Microsoft Windows Server ...)
+CVE-2017-11771
 	NOT-FOR-US: Microsoft
-CVE-2017-11770 (.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to ...)
+CVE-2017-11770
 	NOT-FOR-US: .NET Core
-CVE-2017-11769 (The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, ...)
+CVE-2017-11769
 	NOT-FOR-US: Microsoft
-CVE-2017-11768 (Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 ...)
+CVE-2017-11768
 	NOT-FOR-US: Microsoft
-CVE-2017-11767 (ChakraCore allows an attacker to gain the same user rights as the ...)
+CVE-2017-11767
 	NOT-FOR-US: Microsoft
-CVE-2017-11766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-11766
 	NOT-FOR-US: Microsoft
-CVE-2017-11765 (The Microsoft Windows Kernel component on Microsoft Windows Server ...)
+CVE-2017-11765
 	NOT-FOR-US: Microsoft
-CVE-2017-11764 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2017-11764
 	NOT-FOR-US: Microsoft
-CVE-2017-11763 (The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 ...)
+CVE-2017-11763
 	NOT-FOR-US: Microsoft
-CVE-2017-11762 (The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 ...)
+CVE-2017-11762
 	NOT-FOR-US: Microsoft
-CVE-2017-11761 (Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 ...)
+CVE-2017-11761
 	NOT-FOR-US: Microsoft
-CVE-2017-11760 (uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated ...)
+CVE-2017-11760
 	NOT-FOR-US: ProjeQtOr
 CVE-2017-11759
 	RESERVED
 CVE-2017-11758
 	RESERVED
-CVE-2017-11757 (Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 ...)
+CVE-2017-11757
 	NOT-FOR-US: Actian Pervasive PSQL server
 CVE-2017-XXXX [executes javascript code downloaded from insecure URL]
 	- smplayer 17.7.0~ds0-1 (low; bug #870233)
@@ -19137,7 +19135,7 @@ CVE-2017-XXXX [executes javascript code downloaded from insecure URL]
 	NOTE: be present in the source. Users though need to explicitly rebuilt the package
 	NOTE: changing the upstream pro file to enable YT_USE_YTSIG. YT_USE_YTSIG is
 	NOTE: disabled by default on upstream since 17.2.0
-CVE-2017-13140 (In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ...)
+CVE-2017-13140
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870111)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19146,49 +19144,49 @@ CVE-2017-13140 (In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ...)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/596
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/62fcf3d9638b87cd7ac81962cadf5bf88db62fa0
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/75f7e994e4e990627a5a37385bcc9a0205013645
-CVE-2017-13139 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ...)
+CVE-2017-13139
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870109)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/22e0310345499ffe906c604428f2a3a668942b05
-CVE-2017-12643 (ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ...)
+CVE-2017-12643
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870107)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/549
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eedb5660f1704cde8e8cd784c5c2a09dd2fd60f
-CVE-2017-13142 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG ...)
+CVE-2017-13142
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870105)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac
-CVE-2017-11756 (In Earcms Ear Music through 4.1 build 20170710, remote authenticated ...)
+CVE-2017-11756
 	NOT-FOR-US: Earcms
-CVE-2017-11755 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 ...)
+CVE-2017-11755
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/634
 	NOTE: Possibly fixed by same commit as issue #631 upstream
-CVE-2017-11754 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 ...)
+CVE-2017-11754
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/633
 	NOTE: ossibly fixed by same commit as issue #631 upstream
-CVE-2017-11753 (The GetImageDepth function in MagickCore/attribute.c in ImageMagick ...)
+CVE-2017-11753
 	- imagemagick <not-affected> (Affects only ImageMagick-7; vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/629
-CVE-2017-11752 (The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 ...)
+CVE-2017-11752
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870481)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/628
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/21d19d0c64ff070dbf37279432837bf425c0d5dd
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eccfd52199616da66c93b6d627d4d4126f5a5f0
-CVE-2017-11751 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 ...)
+CVE-2017-11751
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870480)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/631
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb713211bad3fa4f0c535255fa043917482fc964
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b04e9c949d917a4a603f1a9bfe09737246229323
-CVE-2017-11750 (The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...)
+CVE-2017-11750
 	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870478)
 	[stretch] - imagemagick <not-affected> (Incomplete patch for upstream issues/618 not applied)
 	[jessie] - imagemagick <not-affected> (Incomplete patch for upstream issues/618 not applied)
@@ -19200,17 +19198,17 @@ CVE-2017-11750 (The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.
 	NOTE: Fixed by (ImageMagick-6): https://github.com/ImageMagick/ImageMagick/commit/253d56027765dcbd8d6bc2bbd7d59aa41dab60e7
 	NOTE: Issue introduced by the original patch for https://github.com/ImageMagick/ImageMagick/issues/618
 	TODO: check if patch simplifying patch applied in any suite
-CVE-2017-11749 (InternetSoft FTP Commander 8.02 and prior has an untrusted search path, ...)
+CVE-2017-11749
 	NOT-FOR-US: InternetSoft FTP Commander
-CVE-2017-11748 (VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL ...)
+CVE-2017-11748
 	NOT-FOR-US: VIT Spider Player
-CVE-2017-11747 (main.c in Tinyproxy 1.8.4 and earlier creates a ...)
+CVE-2017-11747
 	- tinyproxy 1.10.0-1 (bug #870307)
 	[stretch] - tinyproxy <no-dsa> (Minor issue)
 	[jessie] - tinyproxy <no-dsa> (Minor issue)
 	[wheezy] - tinyproxy <no-dsa> (Minor issue)
 	NOTE: https://github.com/tinyproxy/tinyproxy/issues/106
-CVE-2017-11746 (Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a ...)
+CVE-2017-11746
 	{DLA-1069-1}
 	- tenshi <unfixed> (unimportant; bug #871321)
 	NOTE: https://github.com/inversepath/tenshi/issues/6
@@ -19218,13 +19216,13 @@ CVE-2017-11746 (Tenshi 0.15 creates a tenshi.pid file after dropping privileges
 	NOTE: Negligible security impact
 CVE-2017-11745
 	RESERVED
-CVE-2017-11744 (In MODX Revolution 2.5.7, the &quot;key&quot; and &quot;name&quot; parameters in the System ...)
+CVE-2017-11744
 	NOT-FOR-US: MODX Revolution
-CVE-2017-11743 (MEDHOST Connex contains a hard-coded Mirth Connect admin credential ...)
+CVE-2017-11743
 	NOT-FOR-US: MEDHOST Connex
-CVE-2017-11742 (The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in ...)
+CVE-2017-11742
 	- expat <not-affected> (Windows specfic issue)
-CVE-2017-11741 (HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) ...)
+CVE-2017-11741
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-11740
 	RESERVED
@@ -19232,57 +19230,57 @@ CVE-2017-11739
 	RESERVED
 CVE-2017-11738
 	RESERVED
-CVE-2017-11737 (interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS ...)
+CVE-2017-11737
 	- rspamd 1.7.6-1
 	[jessie] - rspamd <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/vstakhov/rspamd/issues/1738
 	NOTE: https://github.com/rspamd/rspamd/pull/1739
-CVE-2017-11736 (SQL injection vulnerability in ...)
+CVE-2017-11736
 	NOT-FOR-US: BigTree CMS
 CVE-2017-11735
 	REJECTED
-CVE-2017-11734 (A heap-based buffer over-read was found in the function ...)
+CVE-2017-11734
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/83
-CVE-2017-11733 (A null pointer dereference vulnerability was found in the function ...)
+CVE-2017-11733
 	{DLA-1176-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/78
-CVE-2017-11732 (A heap-based buffer overflow vulnerability was found in the function ...)
+CVE-2017-11732
 	{DLA-1240-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/80
-CVE-2017-11731 (An invalid memory read vulnerability was found in the function OpCode ...)
+CVE-2017-11731
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/84
-CVE-2017-11730 (A heap-based buffer over-read was found in the function OpCode (called ...)
+CVE-2017-11730
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/81
-CVE-2017-11729 (A heap-based buffer over-read was found in the function OpCode (called ...)
+CVE-2017-11729
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/79
-CVE-2017-11728 (A heap-based buffer over-read was found in the function OpCode (called ...)
+CVE-2017-11728
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/82
-CVE-2017-11727 (services/system_io/actionprocessor/Contact.rails in ConnectWise Manage ...)
+CVE-2017-11727
 	NOT-FOR-US: ConnectWise Manage
-CVE-2017-11726 (services/system_io/actionprocessor/System.rails in ConnectWise Manage ...)
+CVE-2017-11726
 	NOT-FOR-US: ConnectWise Manage
-CVE-2017-11725 (The share function in Thycotic Secret Server before 10.2.000019 ...)
+CVE-2017-11725
 	NOT-FOR-US: Thycotic Secret Server
-CVE-2017-11723 (Directory traversal vulnerability in plugins/ImageManager/backend.php ...)
+CVE-2017-11723
 	NOT-FOR-US: Xinha
-CVE-2017-11724 (The ReadMATImage function in coders/mat.c in ImageMagick through ...)
+CVE-2017-11724
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870023)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/624
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5163756a1f829a561912dfdb74a0dae41d8ed8cf
-CVE-2017-12670 (In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, ...)
+CVE-2017-12670
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870020)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19290,14 +19288,14 @@ CVE-2017-12670 (In ImageMagick 7.0.6-3, missing validation was found in coders/m
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/610
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ab440f9ea11e0dbefb7a808cbb9441198758b0cb
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/75db34b6a4d642cb6f88c792942de27490c900e0
-CVE-2017-13658 (In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a ...)
+CVE-2017-13658
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870019)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/598
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89
-CVE-2017-12434 (In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in ...)
+CVE-2017-12434
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870014)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19305,19 +19303,19 @@ CVE-2017-12434 (In ImageMagick 7.0.6-1, a missing NULL check vulnerability was f
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/547
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6767f31cac3eacdc9dc41b3193a73bdd37610375
-CVE-2017-13143 (In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage ...)
+CVE-2017-13143
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870012)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/362
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f86268752ffc70e40b6e1afdebfc96dcc29452db
-CVE-2017-11722 (The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
+CVE-2017-11722
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-4 (bug #870158)
 	[jessie] - graphicsmagick <not-affected> (vulnerable code not present)
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f423ba88ca4e
-CVE-2017-11721 (Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers ...)
+CVE-2017-11721
 	{DSA-3948-1 DSA-3941-1}
 	- ioquake3 1.36+u20170803+dfsg1-1 (bug #870725)
 	[wheezy] - ioquake3 <end-of-life> (games are not supported in Wheezy)
@@ -19325,27 +19323,27 @@ CVE-2017-11721 (Buffer overflow in ioquake3 before 2017-08-02 allows remote atta
 	- iortcw 1.51+dfsg1-3 (bug #870811)
 	NOTE: https://github.com/iortcw/iortcw/commit/260c39a29af517a08b3ee1a0e78ad654bdd70934
 	NOTE: Also affects openjk (only in experimental; fixed in 0~20170718+dfsg1-2
-CVE-2017-11720 (There is a division-by-zero vulnerability in LAME 3.99.5, caused by a ...)
+CVE-2017-11720
 	- lame 3.99.5+repack1-6 (low; bug #870809; bug #777159)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: https://sourceforge.net/p/lame/bugs/460/
 	NOTE: Duplicate/same as: https://blogs.gentoo.org/ago/2017/06/17/lame-divide-by-zero-in-parse_wave_header-get_audio-c/
-CVE-2017-11719 (The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg ...)
+CVE-2017-11719
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (Issue only present in ffmpeg since 6f1ccca4)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92
 	NOTE: Fixed in 3.2.7
-CVE-2017-11718 (There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl ...)
+CVE-2017-11718
 	NOT-FOR-US: MetInfo
-CVE-2017-11717 (MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 ...)
+CVE-2017-11717
 	NOT-FOR-US: MetInfo
-CVE-2017-11716 (MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. ...)
+CVE-2017-11716
 	NOT-FOR-US: MetInfo
-CVE-2017-11715 (job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php ...)
+CVE-2017-11715
 	NOT-FOR-US: MetInfo
-CVE-2017-11714 (psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the ...)
+CVE-2017-11714
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869977)
@@ -19365,17 +19363,17 @@ CVE-2017-11708
 	RESERVED
 CVE-2017-11707
 	RESERVED
-CVE-2017-11706 (The Boozt Fashion application before 2.3.4 for Android allows remote ...)
+CVE-2017-11706
 	NOT-FOR-US: Boozt Fashion application
-CVE-2017-11705 (A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in ...)
+CVE-2017-11705
 	- ming <removed>
 	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/71
-CVE-2017-11704 (A heap-based buffer over-read was found in the function decompileIF in ...)
+CVE-2017-11704
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/76
-CVE-2017-11703 (A memory leak vulnerability was found in the function parseSWF_DOACTION ...)
+CVE-2017-11703
 	- ming <removed>
 	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/72
@@ -19387,39 +19385,39 @@ CVE-2017-11700
 	RESERVED
 CVE-2017-11699
 	RESERVED
-CVE-2017-11698 (Heap-based buffer overflow in the __get_page function in ...)
+CVE-2017-11698
 	- nss <unfixed> (bug #873259; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360779
-CVE-2017-11697 (The __hash_open function in hash.c:229 in Mozilla Network Security ...)
+CVE-2017-11697
 	- nss <unfixed> (bug #873258; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360900
-CVE-2017-11696 (Heap-based buffer overflow in the __hash_open function in ...)
+CVE-2017-11696
 	- nss <unfixed> (bug #873257; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360778
-CVE-2017-11695 (Heap-based buffer overflow in the alloc_segs function in ...)
+CVE-2017-11695
 	- nss <unfixed> (bug #873256; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360782
-CVE-2017-11694 (MEDHOST Document Management System contains hard-coded credentials that ...)
+CVE-2017-11694
 	NOT-FOR-US: MEDHOST Document Management System
-CVE-2017-11693 (MEDHOST Document Management System contains hard-coded credentials that ...)
+CVE-2017-11693
 	NOT-FOR-US: MEDHOST Document Management System
-CVE-2017-11692 (The function &quot;Token&amp; Scanner::peek&quot; in scanner.cpp in yaml-cpp 0.5.3 ...)
+CVE-2017-11692
 	- yaml-cpp <unfixed> (low; bug #870326)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -19435,19 +19433,19 @@ CVE-2017-11689
 	RESERVED
 CVE-2017-11688
 	RESERVED
-CVE-2017-11687 (Multiple Persistent cross-site scripting (XSS) vulnerabilities in Event ...)
+CVE-2017-11687
 	NOT-FOR-US: Zoho ManageEngine Event Log Analyzer
-CVE-2017-11686 (Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 allows remote ...)
+CVE-2017-11686
 	NOT-FOR-US: Zoho ManageEngine Event Log Analyzer
-CVE-2017-11685 (Multiple Reflective cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2017-11685
 	NOT-FOR-US: Zoho ManageEngine Event Log Analyzer
-CVE-2017-11684 (There is an illegal address access in the build_table function in ...)
+CVE-2017-11684
 	- libav <removed>
 	[jessie] - libav 6:11.11-1~deb8u1
 	- ffmpeg 7:2.3.1-1
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1073
 	NOTE: Fixed by https://github.com/libav/libav/commit/ec683ed527cef9aad208d1daeb10d0e7fb63e75e.patch
-CVE-2017-11683 (There is a reachable assertion in the ...)
+CVE-2017-11683
 	{DLA-1147-1}
 	- exiv2 <unfixed> (unimportant)
 	NOTE: http://dev.exiv2.org/issues/1307
@@ -19455,29 +19453,29 @@ CVE-2017-11683 (There is a reachable assertion in the ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1475124
 	NOTE: Problematic assert() exists in all versions in Debian.
 	NOTE: Negligable security impact
-CVE-2017-11682 (Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0 allows ...)
+CVE-2017-11682
 	NOT-FOR-US: Hashtopussy
-CVE-2017-11681 (Incorrect Access Control vulnerability in Hashtopussy 0.4.0 allows ...)
+CVE-2017-11681
 	NOT-FOR-US: Hashtopussy
-CVE-2017-11680 (Cross-Site Request Forgery (CSRF) exists in Hashtopussy 0.4.0, allowing ...)
+CVE-2017-11680
 	NOT-FOR-US: Hashtopussy
-CVE-2017-11679 (Cross-Site Request Forgery (CSRF) exists in Hashtopus 1.5g via the ...)
+CVE-2017-11679
 	NOT-FOR-US: Hashtopus
-CVE-2017-11678 (SQL injection vulnerability in Hashtopus 1.5g allows remote ...)
+CVE-2017-11678
 	NOT-FOR-US: Hashtopus
-CVE-2017-11677 (Cross-site scripting (XSS) vulnerability in Hashtopus 1.5g allows ...)
+CVE-2017-11677
 	NOT-FOR-US: Hashtopus
 CVE-2017-11676
 	RESERVED
-CVE-2017-11675 (The traverseStrictSanitize function in ...)
+CVE-2017-11675
 	NOT-FOR-US: ZenCart
-CVE-2017-11674 (Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of ...)
+CVE-2017-11674
 	NOT-FOR-US: Acunetix
-CVE-2017-11673 (Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary ...)
+CVE-2017-11673
 	NOT-FOR-US: Acunetix
-CVE-2017-11672 (The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is ...)
+CVE-2017-11672
 	NOT-FOR-US: OPC Foundation Local Discovery Server
-CVE-2017-11671 (Under certain circumstances, the ix86_expand_builtin function in i386.c ...)
+CVE-2017-11671
 	- gcc-6 6.3.0-12
 	- gcc-5 5.4.1-10
 	- gcc-4.9 <removed>
@@ -19491,13 +19489,13 @@ CVE-2017-11671 (Under certain circumstances, the ix86_expand_builtin function in
 	NOTE: http://openwall.com/lists/oss-security/2017/07/27/2
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html
-CVE-2017-11670 (A length validation (leading to out-of-bounds read and write) flaw was ...)
+CVE-2017-11670
 	NOT-FOR-US: eapmd5pass
-CVE-2017-11669 (An out-of-bounds read flaw related to the assess_packet function in ...)
+CVE-2017-11669
 	NOT-FOR-US: eapmd5pass
-CVE-2017-11668 (An out-of-bounds read flaw related to the assess_packet function in ...)
+CVE-2017-11668
 	NOT-FOR-US: eapmd5pass
-CVE-2017-13145 (In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image ...)
+CVE-2017-13145
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869830)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -19506,44 +19504,44 @@ CVE-2017-13145 (In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ac23b02ecb741e5de60f5235ea443790c88a0b80
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b0c5222ce31e8f941fa02ff9c7a040fb2db30dbc
-CVE-2017-11691 (Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti ...)
+CVE-2017-11691
 	- cacti 1.1.15+ds1-1 (bug #869848)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
 	NOTE: https://github.com/Cacti/cacti/issues/867
 	NOTE: /for/fohttps://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c
-CVE-2017-11667 (OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session ...)
+CVE-2017-11667
 	NOT-FOR-US: OpenProject
-CVE-2017-11666 (Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the ...)
+CVE-2017-11666
 	NOT-FOR-US: Kopano
-CVE-2017-11665 (The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg ...)
+CVE-2017-11665
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ffcc82219cef0928bed2d558b19ef6ea35634130
 	NOTE: Fixed in 3.2.7
-CVE-2017-11664 (The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI ...)
+CVE-2017-11664
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
 	[wheezy] - wildmidi <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/12
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/660b513d99bced8783a4a5984ac2f742c74ebbdd
-CVE-2017-11663 (The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI ...)
+CVE-2017-11663
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
 	[wheezy] - wildmidi <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/12
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/660b513d99bced8783a4a5984ac2f742c74ebbdd
-CVE-2017-11662 (The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause ...)
+CVE-2017-11662
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
 	[wheezy] - wildmidi <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/12
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/660b513d99bced8783a4a5984ac2f742c74ebbdd
-CVE-2017-11661 (The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI ...)
+CVE-2017-11661
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
@@ -19554,95 +19552,95 @@ CVE-2017-11660
 	RESERVED
 CVE-2017-11659
 	RESERVED
-CVE-2017-11658 (In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion ...)
+CVE-2017-11658
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-11657 (Dashlane might allow local users to gain privileges by placing a Trojan ...)
+CVE-2017-11657
 	NOT-FOR-US: Dashlane
 CVE-2017-11656
 	RESERVED
-CVE-2017-11655 (A memory leak was found in the way SIPcrack 0.2 handled processing of ...)
+CVE-2017-11655
 	- sipcrack <unfixed> (unimportant; bug #869803)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
 	NOTE: Negligible security impact
-CVE-2017-11654 (An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 ...)
+CVE-2017-11654
 	- sipcrack <unfixed> (unimportant; bug #869803)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
 	NOTE: Negligible security impact
-CVE-2017-11653 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the ...)
+CVE-2017-11653
 	NOT-FOR-US: Razer Synapse
-CVE-2017-11652 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the ...)
+CVE-2017-11652
 	NOT-FOR-US: Razer Synapse
-CVE-2017-11651 (NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url ...)
+CVE-2017-11651
 	NOT-FOR-US: NexusPHP
-CVE-2017-11650 (Cross-site scripting (XSS) vulnerability in DrayTek Vigor AP910C ...)
+CVE-2017-11650
 	NOT-FOR-US: DrayTek
-CVE-2017-11649 (Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor ...)
+CVE-2017-11649
 	NOT-FOR-US: DrayTek
-CVE-2017-11648 (Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do ...)
+CVE-2017-11648
 	NOT-FOR-US: Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices
-CVE-2017-11647 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: ...)
+CVE-2017-11647
 	NOT-FOR-US: NetComm Wireless 4GT101W routers
-CVE-2017-11646 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: ...)
+CVE-2017-11646
 	NOT-FOR-US: NetComm Wireless 4GT101W routers
-CVE-2017-11645 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: ...)
+CVE-2017-11645
 	NOT-FOR-US: NetComm Wireless 4GT101W routers
-CVE-2017-11644 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11644
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870016)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/587
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a6802e21d824e786d1e2a8440cf749a6e1a8d95f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/418f88dd18af34b6cb64f709567c81b89865d7bc
-CVE-2017-11643 (GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() ...)
+CVE-2017-11643
 	{DSA-4321-1 DLA-1401-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870157)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d00b74315a71
-CVE-2017-11642 (GraphicsMagick 1.3.26 has a NULL pointer dereference in the ...)
+CVE-2017-11642
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870156)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/29550606d8b9
-CVE-2017-11641 (GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in ...)
+CVE-2017-11641
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870155)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/db732abd9318
-CVE-2017-11640 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11640
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870067)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/584
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1b811f7e7dad92b2992939f854201370a7d8084a
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1fcd0feb93b51b9363176097ee5f360c62687d86
-CVE-2017-11639 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11639
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870065)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/588
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/65b7c57502bb2b6d22f607383e87cc3eaed94014
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8ec8ca4c61b1199b727cf52e440f3db79a5b0d0a
-CVE-2017-11638 (GraphicsMagick 1.3.26 has a segmentation violation in the ...)
+CVE-2017-11638
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870154)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/29550606d8b9
-CVE-2017-11637 (GraphicsMagick 1.3.26 has a NULL pointer dereference in the ...)
+CVE-2017-11637
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870153)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f3ffc5541257
-CVE-2017-11636 (GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() ...)
+CVE-2017-11636
 	{DSA-4321-1 DLA-1401-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870149)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/39961adf974c
-CVE-2017-11635 (An issue was discovered on Wireless IP Camera 360 devices. Attackers ...)
+CVE-2017-11635
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11634 (An issue was discovered on Wireless IP Camera 360 devices. Remote ...)
+CVE-2017-11634
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11633 (An issue was discovered on Wireless IP Camera 360 devices. Remote ...)
+CVE-2017-11633
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11632 (An issue was discovered on Wireless IP Camera 360 devices. A root ...)
+CVE-2017-11632
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11631 (dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL ...)
+CVE-2017-11631
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11630 (dapur\apps\app_config\controller\backuper.php in Fiyo CMS 2.0.7 allows ...)
+CVE-2017-11630
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11629 (dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in ...)
+CVE-2017-11629
 	NOT-FOR-US: FineCMS
-CVE-2017-11628 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a ...)
+CVE-2017-11628
 	{DSA-4081-1 DSA-4080-1 DLA-1066-1}
 	- php7.1 7.1.8-1 (low)
 	- php7.0 7.0.22-1 (low)
@@ -19650,28 +19648,28 @@ CVE-2017-11628 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7,
 	NOTE: https://bugs.php.net/bug.php?id=74603
 	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
 	NOTE: Fixed by https://git.php.net/?p=php-src.git;a=commit;h=05255749139b3686c8a6a58ee01131ac0047465e
-CVE-2017-11627 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, ...)
+CVE-2017-11627
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/issues/118
-CVE-2017-11626 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, ...)
+CVE-2017-11626
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/issues/119
-CVE-2017-11625 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, ...)
+CVE-2017-11625
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/issues/120
-CVE-2017-11624 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, ...)
+CVE-2017-11624
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -19694,12 +19692,12 @@ CVE-2017-XXXX [out-of-bounds read in eexec_line()]
 	[wheezy] - t1utils <not-affected> (Vulnerable code introduced in 1.39)
 	NOTE: Crash in CLI tool, no security impact
 	NOTE: https://github.com/kohler/t1utils/issues/6
-CVE-2017-13144 (In ImageMagick before 6.9.7-10, there is a crash (rather than a &quot;width ...)
+CVE-2017-13144
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869728)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b580ad0564aefd9beeccbcbb8d62ccd05795a84
-CVE-2017-12430 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+CVE-2017-12430
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869727)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19713,18 +19711,18 @@ CVE-2017-XXXX [memory leak in quantize]
 	NOTE: Workaround entry for DLA-1081-1 since no CVE assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/574
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b604a554dfb6630fe32e739334fa57341dc6123
-CVE-2017-12664 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage ...)
+CVE-2017-12664
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869721)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/574
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/db1ffb6cf44bcfe5c4d5fcf9d9109ded5617387f
-CVE-2017-12431 (In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the ...)
+CVE-2017-12431
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869715)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/555
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/784fcac688161aeaea221e00b706c88b08196945
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5660836f9197107e9c38f14f27a45c2d9f26afe2
-CVE-2017-12428 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the ...)
+CVE-2017-12428
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869713)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/544
@@ -19732,15 +19730,15 @@ CVE-2017-12428 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f37d26336bf13737db45e556c25fc098f8a8b277
 CVE-2017-11618
 	RESERVED
-CVE-2017-11617 (Cross-site scripting (XSS) vulnerability in atmail prior to version ...)
+CVE-2017-11617
 	- atmailopen <removed>
 CVE-2017-11616
 	RESERVED
-CVE-2017-11615 (A sandbox escape in the Lua interface in Wube Factorio before 0.15.31 ...)
+CVE-2017-11615
 	NOT-FOR-US: Wube Factorio
-CVE-2017-11614 (MEDHOST Connex contains hard-coded credentials that are used for ...)
+CVE-2017-11614
 	NOT-FOR-US: MEDHOST Connex
-CVE-2017-11613 (In LibTIFF 4.0.8, there is a denial of service vulnerability in the ...)
+CVE-2017-11613
 	{DSA-4349-1 DLA-1411-1 DLA-1391-1}
 	- tiff 4.0.9-5 (low; bug #869823)
 	- tiff3 <removed>
@@ -19750,11 +19748,11 @@ CVE-2017-11613 (In LibTIFF 4.0.8, there is a denial of service vulnerability in
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1475530
 	NOTE: Upstream fix 1/2: https://gitlab.com/libtiff/libtiff/commit/3719385a3fac5cfb20b487619a5f08abbf967cf8
 	NOTE: Upstream fix 2/2: https://gitlab.com/libtiff/libtiff/commit/7a092f8af2568d61993a8cc2e7a35a998d7d37be
-CVE-2017-11612 (In Joomla! before 3.7.4, inadequate filtering of potentially malicious ...)
+CVE-2017-11612
 	NOT-FOR-US: Joomla!
-CVE-2017-11611 (Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The ...)
+CVE-2017-11611
 	NOT-FOR-US: Wolf CMS
-CVE-2017-11610 (The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, ...)
+CVE-2017-11610
 	{DSA-3942-1 DLA-1047-1}
 	- supervisor 3.3.1-1.1 (bug #870187)
 	NOTE: https://github.com/Supervisor/supervisor/issues/964
@@ -19764,7 +19762,7 @@ CVE-2017-11610 (The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.
 	NOTE: 3.0.1 https://github.com/Supervisor/supervisor/commit/83060f3383ebd26add094398174f1de34cf7b7f0
 CVE-2017-11609
 	RESERVED
-CVE-2017-11608 (There is a heap-based buffer over-read in the ...)
+CVE-2017-11608
 	- libsass 3.4.6-1 (bug #870186)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1474276
@@ -19773,7 +19771,7 @@ CVE-2017-11607
 	RESERVED
 CVE-2017-11606
 	RESERVED
-CVE-2017-11605 (There is a heap based buffer over-read in LibSass 3.4.5, related to ...)
+CVE-2017-11605
 	- libsass <unfixed> (bug #870184)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1474019
@@ -19785,7 +19783,7 @@ CVE-2017-11602
 	RESERVED
 CVE-2017-11601
 	RESERVED
-CVE-2017-11600 (net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when ...)
+CVE-2017-11600
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: http://seclists.org/bugtraq/2017/Jul/30
@@ -19799,18 +19797,18 @@ CVE-2017-11596
 	RESERVED
 CVE-2017-11595
 	RESERVED
-CVE-2017-11594 (Cross-site scripting (XSS) vulnerability in the Markdown parser in ...)
+CVE-2017-11594
 	- loomio <itp> (bug #756319)
-CVE-2017-11593 (Cross-site scripting (XSS) vulnerability in the Markdown Preview Plus ...)
+CVE-2017-11593
 	NOT-FOR-US: Chrome extension Markdown Preview Plus
-CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability in the ...)
+CVE-2017-11592
 	[experimental] - exiv2 <unfixed> (bug #895568)
 	- exiv2 <not-affected> (printTiffStructure introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/56
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
 	NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental with version 0.26-1.
-CVE-2017-11591 (There is a Floating point exception in the Exiv2::ValueType function in ...)
+CVE-2017-11591
 	{DLA-1147-1}
 	- exiv2 <unfixed> (low; bug #876893)
 	[buster] - exiv2 <ignored> (Minor issue)
@@ -19819,7 +19817,7 @@ CVE-2017-11591 (There is a Floating point exception in the Exiv2::ValueType func
 	NOTE: https://github.com/Exiv2/exiv2/issues/55
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473888
 	NOTE: Reproducible in wheezy/jessie/stretch/sid(0.25-3.1)/experimental(0.26-1).
-CVE-2017-11590 (There is a NULL pointer dereference in the caseless_hash function in ...)
+CVE-2017-11590
 	{DLA-1054-1}
 	- libgxps 0.3.0-1 (low; bug #870183)
 	[stretch] - libgxps <no-dsa> (Minor issue)
@@ -19827,23 +19825,23 @@ CVE-2017-11590 (There is a NULL pointer dereference in the caseless_hash functio
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473167
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785479
 	NOTE: Fixed by: https://git.gnome.org/browse/libgxps/commit/?id=9d5d2920
-CVE-2017-11589 (On Cisco DDR2200 ADSL2+ Residential Gateway ...)
+CVE-2017-11589
 	NOT-FOR-US: Cisco
-CVE-2017-11588 (On Cisco DDR2200 ADSL2+ Residential Gateway ...)
+CVE-2017-11588
 	NOT-FOR-US: Cisco
-CVE-2017-11587 (On Cisco DDR2200 ADSL2+ Residential Gateway ...)
+CVE-2017-11587
 	NOT-FOR-US: Cisco
-CVE-2017-11586 (dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in ...)
+CVE-2017-11586
 	NOT-FOR-US: FineCms
-CVE-2017-11585 (dayrui FineCms 5.0.9 has remote PHP code execution via the param ...)
+CVE-2017-11585
 	NOT-FOR-US: FineCms
-CVE-2017-11584 (dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an ...)
+CVE-2017-11584
 	NOT-FOR-US: FineCms
-CVE-2017-11583 (dayrui FineCms 5.0.9 has SQL Injection via the catid parameter in an ...)
+CVE-2017-11583
 	NOT-FOR-US: FineCms
-CVE-2017-11582 (dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an ...)
+CVE-2017-11582
 	NOT-FOR-US: FineCms
-CVE-2017-11581 (dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php ...)
+CVE-2017-11581
 	NOT-FOR-US: FineCms
 CVE-2017-11580
 	RESERVED
@@ -19851,64 +19849,64 @@ CVE-2017-11579
 	RESERVED
 CVE-2017-11578
 	RESERVED
-CVE-2017-11577 (FontForge 20161012 is vulnerable to a buffer over-read in getsid ...)
+CVE-2017-11577
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3088
 	NOTE: https://github.com/fontforge/fontforge/commit/3245d354865def9d712bdffe61fa211ad6aa4081
-CVE-2017-11576 (FontForge 20161012 does not ensure a positive size in a weight vector ...)
+CVE-2017-11576
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3091
 	NOTE: https://github.com/fontforge/fontforge/commit/df349365630344ef3004a3c7934c7e7496692fb1
-CVE-2017-11575 (FontForge 20161012 is vulnerable to a buffer over-read in strnmatch ...)
+CVE-2017-11575
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3096
 	NOTE: https://github.com/fontforge/fontforge/commit/4de0c58a01e5e30610c200e9aea98bc7db12c7ac
-CVE-2017-11574 (FontForge 20161012 is vulnerable to a heap-based buffer overflow in ...)
+CVE-2017-11574
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3090
 	NOTE: https://github.com/fontforge/fontforge/commit/62b6433a81ee7ed6e0ac2d6b09ac85b885046ac3
-CVE-2017-11573 (FontForge 20161012 is vulnerable to a buffer over-read in ...)
+CVE-2017-11573
 	- fontforge <unfixed> (unimportant; bug #873588)
 	NOTE: https://github.com/fontforge/fontforge/issues/3098
 	NOTE: Crash in GUI tool/related desktop libs, no security impact
-CVE-2017-11572 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...)
+CVE-2017-11572
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3092
-CVE-2017-11571 (FontForge 20161012 is vulnerable to a stack-based buffer overflow in ...)
+CVE-2017-11571
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3087
 	NOTE: https://github.com/fontforge/fontforge/commit/5a0c6522682b0788fc478dd159dd6168cb5fa38b
-CVE-2017-11570 (FontForge 20161012 is vulnerable to a buffer over-read in umodenc ...)
+CVE-2017-11570
 	- fontforge <unfixed> (unimportant; bug #873587)
 	NOTE: https://github.com/fontforge/fontforge/issues/3097
 	NOTE: Crash in GUI tool/related desktop libs, no security impact
-CVE-2017-11569 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...)
+CVE-2017-11569
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3093
 	NOTE: https://github.com/fontforge/fontforge/commit/7bfec47910293bf149b8debe44c6f3f788506092
-CVE-2017-11568 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...)
+CVE-2017-11568
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3089
-CVE-2017-11567 (Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server ...)
+CVE-2017-11567
 	NOT-FOR-US: Mongoose
-CVE-2017-11566 (AppUse 4.0 allows shell command injection via a proxy field. ...)
+CVE-2017-11566
 	NOT-FOR-US: AppUse
-CVE-2017-1002151 (Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due ...)
+CVE-2017-1002151
 	- pagure <itp> (bug #829046)
 	NOTE: https://pagure.io/pagure/pull-request/2426
-CVE-2017-11564 (The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command ...)
+CVE-2017-11564
 	NOT-FOR-US: D-Link
-CVE-2017-11563 (D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has a remote code ...)
+CVE-2017-11563
 	NOT-FOR-US: D-Link
-CVE-2017-11562 (A Session Fixation Vulnerability exists in the MT4 Networks ...)
+CVE-2017-11562
 	NOT-FOR-US: MT4 SenhaSegura
 CVE-2017-11561
 	RESERVED
@@ -19920,26 +19918,26 @@ CVE-2017-11558
 	RESERVED
 CVE-2017-11557
 	RESERVED
-CVE-2017-11556 (There is a stack consumption vulnerability in the ...)
+CVE-2017-11556
 	- libsass <unfixed> (bug #870182)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2447
-CVE-2017-11555 (There is an illegal address access in the Eval::operator function in ...)
+CVE-2017-11555
 	- libsass <unfixed> (bug #870182)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2446
-CVE-2017-11554 (There is a stack consumption vulnerability in the lex function in ...)
+CVE-2017-11554
 	- libsass <unfixed> (bug #870182)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2445
-CVE-2017-11553 (There is an illegal address access in the extend_alias_table function ...)
+CVE-2017-11553
 	[experimental] - exiv2 <unfixed> (low; bug #888874)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/54
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1471772
 	NOTE: Not reproducible in wheezy/jessie/stretch.
 	NOTE: Reproducible with 0.26-1 (experimental).
-CVE-2017-11552 (mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use ...)
+CVE-2017-11552
 	- mpg321 0.3.2-2 (bug #870406)
 	[stretch] - mpg321 <no-dsa> (Minor issue)
 	[jessie] - mpg321 <no-dsa> (Minor issue)
@@ -19948,29 +19946,29 @@ CVE-2017-11552 (mpg321.c in mpg321 0.3.2-1 does not properly manage memory for u
 	NOTE: that the underlying issue is in src:mpg321
 	NOTE: Cf. https://bugs.debian.org/870406#25 for more Details.
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/94
-CVE-2017-11551 (The id3_field_parse function in field.c in libid3tag 0.15.1b allows ...)
+CVE-2017-11551
 	- libid3tag 0.15.1b-5 (bug #870333)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
 	NOTE: Same issue as #304913
-CVE-2017-11550 (The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows ...)
+CVE-2017-11550
 	- libid3tag 0.15.1b-9 (bug #405801)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
 	NOTE: Addressed by the 11_unknown_encoding.dpatch patch
-CVE-2017-11549 (The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote ...)
+CVE-2017-11549
 	- timidity <unfixed> (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
 	NOTE: https://sourceforge.net/p/timidity/discussion/217458/thread/9a1c9620/
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-11548 (The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 ...)
+CVE-2017-11548
 	- libao <unfixed> (unimportant; bug #870608)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/84
 	NOTE: Not a security issue in ao, needs to be validated in applications using it, see #870608
-CVE-2017-11547 (The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows ...)
+CVE-2017-11547
 	- timidity 2.14.0-4 (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
 	NOTE: https://sourceforge.net/p/timidity/discussion/217458/thread/9a1c9620/
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-11546 (The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 ...)
+CVE-2017-11546
 	- timidity 2.14.0-4 (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
 	NOTE: https://sourceforge.net/p/timidity/discussion/217458/thread/9a1c9620/
@@ -19979,77 +19977,77 @@ CVE-2017-11545
 	REJECTED
 CVE-2017-11544
 	REJECTED
-CVE-2017-11543 (tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in ...)
+CVE-2017-11543
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-3 (bug #873806)
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/7039327875525278d17edee59720e29a3e76b7b3
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/global-overflow/print-sl
-CVE-2017-11542 (tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print ...)
+CVE-2017-11542
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-3 (bug #873805)
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/print-pim
-CVE-2017-11541 (tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print ...)
+CVE-2017-11541
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-3 (bug #873804)
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/21d702a136c5c16882e368af7c173df728242280
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/util-print
-CVE-2017-11540 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11540
 	- imagemagick <not-affected> (Only affects ImageMagick-7 series)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/581
-CVE-2017-11539 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11539
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870120)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/582
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4e81160d66f02bf7b4f569669ca7dd80d416ba6e
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/36aad912d1f405a28a9a1204120b569e7da5898e
-CVE-2017-11538 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11538
 	- imagemagick <not-affected> (Vulnerable code introduced later, cf bug #870110)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/569
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0a80c9e5f293a8de51011ac784ac52b96932c08f
 	NOTE: Introduced after: https://github.com/ImageMagick/ImageMagick/commit/0bf18387ae1336475631284854b664d0e2d89697
-CVE-2017-11537 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11537
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869712)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/560
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bbc1b96f0d9371df675fdf7b8fc9bd4a42ae9cd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bac384563f557d1ac7413d2eaec00dd59c3cc29b
-CVE-2017-11536 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11536
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869831)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/567
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/167e1538ae9818d46c9462a4273082871e35a480
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dba1ccfbcdf61c0eb599c7c308b42ed46dc92be6
-CVE-2017-11535 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11535
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869827)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/561
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8647f11ddfd6f85a6cc39654c7e78c2bc6412e4
 	NOTE: Imagemagick-6: https://github.com/ImageMagick/ImageMagick/commit/bba95cfcc19fa8a261e12692f31279148ad42441
-CVE-2017-11534 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11534
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869711)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/564
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3f21b17f06eacb40dab08738e0abf68fb0d58c90
-CVE-2017-11533 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11533
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869834)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/562
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f0c29cc251578fe0ad8ec7b72f2487a77a1696b8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ed1fd69231ab21dc540167c63bc3b0fa3282ec59
-CVE-2017-11532 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11532
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869726)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/563
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/d60d705cddac7fa5d0e6596c183bbb9b46a57161
-CVE-2017-11531 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
+CVE-2017-11531
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869725)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/566
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/c81594c6ee93581b97e8f8c743200b1366d83989
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1885ab1231e82f90d3f0e839555ee3e1a441bbf8
-CVE-2017-11521 (The SdpContents::Session::Medium::parse function in ...)
+CVE-2017-11521
 	{DLA-1439-1 DLA-1040-1}
 	- resiprocate <removed> (low; bug #869404)
 	[stretch] - resiprocate <no-dsa> (Minor issue)
@@ -20057,13 +20055,13 @@ CVE-2017-11521 (The SdpContents::Session::Medium::parse function in ...)
 	NOTE: https://github.com/resiprocate/resiprocate/pull/88/commits/4b8ffa5afd3291a2701f8d39c31ada443f79a5c8
 CVE-2017-11520
 	RESERVED
-CVE-2017-11519 (passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an ...)
+CVE-2017-11519
 	NOT-FOR-US: TP-Link
 CVE-2017-11518
 	RESERVED
-CVE-2017-11517 (Stack-based buffer overflow in GCoreServer.exe in the server in ...)
+CVE-2017-11517
 	NOT-FOR-US: Geutebrueck Gcore
-CVE-2017-11516 (An XSS vulnerability exists in ...)
+CVE-2017-11516
 	NOT-FOR-US: Yii Framework
 CVE-2017-11515
 	RESERVED
@@ -20071,13 +20069,13 @@ CVE-2017-11514
 	RESERVED
 CVE-2017-11513
 	RESERVED
-CVE-2017-11512 (The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file ...)
+CVE-2017-11512
 	NOT-FOR-US: ManageEngine ServiceDesk
-CVE-2017-11511 (The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file ...)
+CVE-2017-11511
 	NOT-FOR-US: ManageEngine ServiceDesk
-CVE-2017-11510 (An information leak exists in Wanscam's HW0021 network camera that ...)
+CVE-2017-11510
 	NOT-FOR-US: Wanscam's HW0021 network camera
-CVE-2017-11509 (An authenticated remote attacker can execute arbitrary code in ...)
+CVE-2017-11509
 	{DLA-1374-1}
 	- firebird3.0 3.0.3.32900.ds4-3
 	[stretch] - firebird3.0 <postponed> (Minor issue, can be fixed along in a future update)
@@ -20089,56 +20087,56 @@ CVE-2017-11509 (An authenticated remote attacker can execute arbitrary code in .
 	NOTE: Issue adressed by disabling UDFs in firebird.conf, this is not a source code fix,
 	NOTE: and might actually be considered more justof a mitigation.
 	NOTE: Steps to reproduce (partly) in: https://lists.debian.org/874lk9wyz5.fsf@curie.anarc.at
-CVE-2017-11508 (SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection ...)
+CVE-2017-11508
 	NOT-FOR-US: SecurityCenter
-CVE-2017-11507 (A cross site scripting (XSS) vulnerability exists in Check_MK versions ...)
+CVE-2017-11507
 	- check-mk 1.2.8p26-1
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://mathias-kettner.com/check_mk_werks.php?werk_id=7661
 	NOTE: https://www.tenable.com/security/research/tra-2017-20
-CVE-2017-11506 (When linking a Nessus scanner or agent to Tenable.io or other manager, ...)
+CVE-2017-11506
 	NOT-FOR-US: Nessus
-CVE-2017-11565 (debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was ...)
+CVE-2017-11565
 	- tor 0.3.1.7-1 (bug #869153)
 	[stretch] - tor <no-dsa> (Minor issue)
 	[jessie] - tor <not-affected> (aa-exec in jessie is located in /usr/sbin/)
 	[wheezy] - tor <not-affected> (aa-exec in jessie is located in /usr/sbin/)
 	NOTE: https://twitter.com/pissquark/status/888142796414226432
-CVE-2017-11523 (The ReadTXTImage function in coders/txt.c in ImageMagick through ...)
+CVE-2017-11523
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #869210)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/591
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078
 	NOTE: Fixed by (ImageMagick-6): https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78
-CVE-2017-11522 (The WriteOnePNGImage function in coders/png.c in ImageMagick through ...)
+CVE-2017-11522
 	- imagemagick <not-affected> (bug #869209; vulnerable code not present, ImageMagick-7 issue only)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/586
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f
 CVE-2017-11504
 	RESERVED
-CVE-2017-11503 (PHPMailer 5.2.23 has XSS in the &quot;From Email Address&quot; and &quot;To Email ...)
+CVE-2017-11503
 	- libphp-phpmailer <unfixed> (unimportant)
 	NOTE: code_generator.phps installed to examples
-CVE-2017-11502 (Technicolor DPC3928AD DOCSIS devices allow remote attackers to read ...)
+CVE-2017-11502
 	NOT-FOR-US: Technicolor
-CVE-2017-11501 (NixOS 17.03 and earlier has an unintended default absence of SSL ...)
+CVE-2017-11501
 	NOT-FOR-US: NixOS
-CVE-2017-11500 (A directory traversal vulnerability exists in MetInfo 5.3.17. A remote ...)
+CVE-2017-11500
 	NOT-FOR-US: MetInfo
-CVE-2017-11499 (Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through ...)
+CVE-2017-11499
 	- nodejs 4.8.4~dfsg-1 (bug #868162; unimportant)
 	NOTE: https://nodejs.org/en/blog/release/v6.11.1/
 	NOTE: https://nodejs.org/en/blog/release/v4.8.4/
-CVE-2017-11498 (Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all ...)
+CVE-2017-11498
 	NOT-FOR-US: Gemalto ACC
-CVE-2017-11497 (Stack buffer overflow in hasplms in Gemalto ACC (Admin Control ...)
+CVE-2017-11497
 	NOT-FOR-US: Gemalto ACC
-CVE-2017-11496 (Stack buffer overflow in hasplms in Gemalto ACC (Admin Control ...)
+CVE-2017-11496
 	NOT-FOR-US: Gemalto ACC
-CVE-2017-11495 (PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow ...)
+CVE-2017-11495
 	NOT-FOR-US: PHICOMM
-CVE-2017-11494 (SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and ...)
+CVE-2017-11494
 	NOT-FOR-US: SOL.Connect ISET-mpp meter
 CVE-2017-11493
 	REJECTED
@@ -20162,38 +20160,38 @@ CVE-2017-11484
 	REJECTED
 CVE-2017-11483
 	REJECTED
-CVE-2017-11482 (The Kibana fix for CVE-2017-8451 was found to be incomplete. With ...)
+CVE-2017-11482
 	- kibana <itp> (bug #700337)
-CVE-2017-11481 (Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting ...)
+CVE-2017-11481
 	- kibana <itp> (bug #700337)
-CVE-2017-11480 (Packetbeat versions prior to 5.6.4 are affected by a denial of service ...)
+CVE-2017-11480
 	NOT-FOR-US: Packetbeat
-CVE-2017-11479 (Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) ...)
+CVE-2017-11479
 	- kibana <itp> (bug #700337)
 CVE-2017-11477
 	RESERVED
 CVE-2017-11476
 	RESERVED
-CVE-2017-11475 (GLPI before 9.1.5.1 has SQL Injection in the condition rule field, ...)
+CVE-2017-11475
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11474 (GLPI before 9.1.5.1 has SQL Injection in the $crit variable in ...)
+CVE-2017-11474
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11471 (IDERA Uptime Monitor 7.8 has SQL injection in ...)
+CVE-2017-11471
 	NOT-FOR-US: IDERA Uptime Monitor
-CVE-2017-11470 (IDERA Uptime Monitor 7.8 has SQL injection in ...)
+CVE-2017-11470
 	NOT-FOR-US: IDERA Uptime Monitor
-CVE-2017-11469 (get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the ...)
+CVE-2017-11469
 	NOT-FOR-US: IDERA Uptime Monitor
-CVE-2017-11468 (Docker Registry before 2.6.2 in Docker Distribution does not properly ...)
+CVE-2017-11468
 	- docker-registry 2.6.2~ds1-1 (bug #869242)
-CVE-2017-11467 (OrientDB through 2.2.22 does not enforce privilege requirements during ...)
+CVE-2017-11467
 	NOT-FOR-US: OrientDB
-CVE-2017-11465 (The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows ...)
+CVE-2017-11465
 	- ruby2.3 <not-affected> (Specific to Ruby 2.4)
 	- ruby2.1 <not-affected> (Specific to Ruby 2.4)
-CVE-2017-11464 (A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in ...)
+CVE-2017-11464
 	- librsvg 2.40.18-1 (bug #869129)
 	[stretch] - librsvg <no-dsa> (Minor issue)
 	[jessie] - librsvg <not-affected> (Vulnerable code introduced in 2.40.9)
@@ -20201,41 +20199,41 @@ CVE-2017-11464 (A SIGFPE is raised in the function box_blur_line of rsvg-filter.
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783835
 	NOTE: Introduced in: https://git.gnome.org/browse/librsvg/commit/?id=054807726db76558728e7a7513aabc4698b3dc95 (2.40.9)
 	NOTE: Fixed by: https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
-CVE-2017-11473 (Buffer overflow in the mp_override_legacy_irq() function in ...)
+CVE-2017-11473
 	- linux 4.13.4-1 (unimportant)
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux 3.2.96-1
 	NOTE: Fixed by: https://git.kernel.org/linus/dad5ab0db8deac535d03e3fe3d8f2892173fa6a4
 	NOTE: Non-issue since ACPI tables are trusted
-CVE-2017-11472 (The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in ...)
+CVE-2017-11472
 	- linux <unfixed> (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/3b2d69114fefa474fca542e51119036dceb4aa6f (4.12-rc1)
 	NOTE: Non-issue since ACPI tables are trusted
-CVE-2017-11466 (Arbitrary file upload vulnerability in ...)
+CVE-2017-11466
 	NOT-FOR-US: dotCMS
-CVE-2017-11463 (In Ivanti Service Desk (formerly LANDESK Management Suite) versions ...)
+CVE-2017-11463
 	NOT-FOR-US: LANDESK
-CVE-2017-11462 (Double free vulnerability in MIT Kerberos 5 (aka krb5) allows ...)
+CVE-2017-11462
 	- krb5 1.15.2-1 (low; bug #873563)
 	[stretch] - krb5 <ignored> (Minor issue, might lead to behaviour changes)
 	[jessie] - krb5 <ignored> (Minor issue, might lead to behaviour changes)
 	[wheezy] - krb5 <ignored> (Minor issue, might lead to behaviour changes)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598
-CVE-2017-11461 (NetApp OnCommand Unified Manager for 7-mode (core package) versions ...)
+CVE-2017-11461
 	NOT-FOR-US: NetApp
-CVE-2017-11460 (Cross-site scripting (XSS) vulnerability in the DataArchivingService ...)
+CVE-2017-11460
 	NOT-FOR-US: SAP
-CVE-2017-11459 (SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via ...)
+CVE-2017-11459
 	NOT-FOR-US: SAP
-CVE-2017-11458 (Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol ...)
+CVE-2017-11458
 	NOT-FOR-US: SAP
-CVE-2017-11457 (XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP ...)
+CVE-2017-11457
 	NOT-FOR-US: SAP
-CVE-2017-11456 (Geneko GWR routers allow directory traversal sequences starting with a ...)
+CVE-2017-11456
 	NOT-FOR-US: Geneko GWR routers
-CVE-2017-11455 (diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through ...)
+CVE-2017-11455
 	NOT-FOR-US: Pulse Connect Secure
 CVE-2017-11454
 	RESERVED
@@ -20245,61 +20243,61 @@ CVE-2017-11452
 	RESERVED
 CVE-2017-11451
 	RESERVED
-CVE-2017-11450 (coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to ...)
+CVE-2017-11450
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867894)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602
-CVE-2017-11449 (coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable ...)
+CVE-2017-11449
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867896)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3#diff-cdb21e3ad4d6e304030bd19bdc881fce
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1#diff-cdb21e3ad4d6e304030bd19bdc881fce
-CVE-2017-11448 (The ReadJPEGImage function in coders/jpeg.c in ImageMagick before ...)
+CVE-2017-11448
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867893)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1737ac82b335e53376382c07b9a500d73dd2aa11
-CVE-2017-11447 (The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick ...)
+CVE-2017-11447
 	{DSA-3914-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867897)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8c10b9247509c0484b55330458846115131ec2ae#diff-0a5dc34e461f3c458e758c199f2dc46d
-CVE-2017-11446 (The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an ...)
+CVE-2017-11446
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #868950)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/537
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/787ee25e9fb0e4e0509121342371d925fe5044f8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/96182884778bfc43d6a9a0abd90cedb5d8cf8977
-CVE-2017-11445 (Subrion CMS before 4.1.6 has a SQL injection vulnerability in ...)
+CVE-2017-11445
 	NOT-FOR-US: Subrion CMS
-CVE-2017-11444 (Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in ...)
+CVE-2017-11444
 	NOT-FOR-US: Subrion CMS
 CVE-2017-11443
 	RESERVED
 CVE-2017-11442
 	RESERVED
-CVE-2017-11441 (The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before ...)
+CVE-2017-11441
 	NOT-FOR-US: WHM Upload Locale interface in cPanel
-CVE-2017-11440 (In Sitecore 8.2, there is absolute path traversal via the ...)
+CVE-2017-11440
 	NOT-FOR-US: Sitecore
-CVE-2017-11439 (In Sitecore 8.2, there is reflected XSS in the ...)
+CVE-2017-11439
 	NOT-FOR-US: Sitecore
-CVE-2017-11438 (GitLab Community Edition (CE) and Enterprise Edition (EE) before ...)
+CVE-2017-11438
 	- gitlab <not-affected> (Only affects 8.5 onwards)
 	NOTE: https://about.gitlab.com/2017/07/19/gitlab-9-dot-3-dot-8-released/
-CVE-2017-11437 (GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, ...)
+CVE-2017-11437
 	- gitlab <not-affected> (Only affects Enterprise Edition)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ee/issues/2905
 	NOTE: https://about.gitlab.com/2017/07/19/gitlab-9-dot-3-dot-8-released/
-CVE-2017-11436 (D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 ...)
+CVE-2017-11436
 	NOT-FOR-US: D-Link
-CVE-2017-11435 (The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an ...)
+CVE-2017-11435
 	NOT-FOR-US: Humax Wi-Fi Router model HG100R-*
-CVE-2017-11434 (The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) ...)
+CVE-2017-11434
 	{DSA-3925-1 DLA-1497-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-7 (bug #869171)
 	- qemu-kvm <removed>
@@ -20341,11 +20339,11 @@ CVE-2017-11426
 	RESERVED
 CVE-2017-11425
 	RESERVED
-CVE-2017-11424 (In PyJWT 1.5.0 and below the `invalid_strings` check in ...)
+CVE-2017-11424
 	{DSA-3979-1}
 	- pyjwt 1.4.2-1.1 (bug #873244)
 	NOTE: https://github.com/jpadilla/pyjwt/pull/277
-CVE-2017-11423 (The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, ...)
+CVE-2017-11423
 	{DSA-3946-1 DLA-1279-1}
 	- libmspack 0.6-1 (bug #868956)
 	- clamav 0.99.3~beta1+dfsg-1 (unimportant)
@@ -20358,27 +20356,27 @@ CVE-2017-11423 (The cabd_read_string function in mspack/cabd.c in libmspack 0.5a
 	NOTE: ClamAV uses the libmspack system library when available. This is the
 	NOTE: case from starting from Debian Jessie. Debian Wheezy does not have
 	NOTE: libmspack and thus need to have the fix as well in the src:clamav source package.
-CVE-2017-11422 (Statamic framework before 2.6.0 does not correctly check a session's ...)
+CVE-2017-11422
 	NOT-FOR-US: Statamic
-CVE-2017-11420 (Stack-based buffer overflow in ASUS_Discovery.c in networkmap in ...)
+CVE-2017-11420
 	NOT-FOR-US: ASUS
-CVE-2017-11419 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11419
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11418 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11418
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11417 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11417
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11416 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11416
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11415 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11415
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11414 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11414
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11413 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11413
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11412 (Fiyo CMS 2.0.7 has SQL injection in ...)
+CVE-2017-11412
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11411 (In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY ...)
+CVE-2017-11411
 	- wireshark 2.4.0-1 (bug #870179)
 	[stretch] - wireshark <not-affected> (Incomplete fix for CVE-2017-9350 not applied)
 	[jessie] - wireshark <not-affected> (Incomplete fix for CVE-2017-9350 not applied)
@@ -20386,14 +20384,14 @@ CVE-2017-11411 (In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAF
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13755
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a83a324acdfc07a0ca8b65e6ebaba3374ab19c76
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-28.html
-CVE-2017-11410 (In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML ...)
+CVE-2017-11410
 	- wireshark 2.4.0-1 (bug #870180)
 	[jessie] - wireshark <not-affected> (Incomplete fix for CVE-2017-7702 not applied)
 	[wheezy] - wireshark <not-affected> (Incomplete fix for CVE-2017-7702 not applied)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13796
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3c7168cc5f044b4da8747d35da0b2b204dabf398
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html
-CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a ...)
+CVE-2017-11409
 	{DLA-1634-1}
 	- wireshark 2.2.0~rc1+g438c022-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -20403,93 +20401,93 @@ CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go in
 	NOTE: Technically the 2.2.0~rc1+g438c022-1 is just the first version in unstable
 	NOTE: after 2.1.0 from upstream. Upstream changed the types in llc_gprs_dissect_xid
 	NOTE: in version 2.1.0.
-CVE-2017-11408 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector ...)
+CVE-2017-11408
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.0-1 (bug #870172)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a102c172b0b2fe231fdb49f4f6694603f5b93b0c
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e57c86ef8e3b57b7f90c224f6053d1eacf20e1ba
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-34.html
-CVE-2017-11407 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could ...)
+CVE-2017-11407
 	{DLA-1634-1}
 	- wireshark 2.4.0-1 (low; bug #870172)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13792
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4e54dae7f0d7840836ee6d5ce1e688f152ab2978
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-35.html
-CVE-2017-11406 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector ...)
+CVE-2017-11406
 	{DLA-1634-1}
 	- wireshark 2.4.0-1 (bug #870172)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13797
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=250216263c3a3f2c651e80d9c6b3dc0adc53dc2c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-36.html
-CVE-2017-11405 (In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators ...)
+CVE-2017-11405
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-11404 (In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators ...)
+CVE-2017-11404
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-11403 (The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has ...)
+CVE-2017-11403
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-3
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37
 	NOTE: When fixing this CVE make sure to not make the fix incomplete and open the CVE-2017-14103
 	NOTE: issue. See: http://www.openwall.com/lists/oss-security/2017/09/01/6
 	NOTE: The addition required commit is: http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f
-CVE-2017-11402 (An issue has been discovered on the Belden Hirschmann Tofino Xenon ...)
+CVE-2017-11402
 	NOT-FOR-US: Belden Hirschmann Tofino Xenon Security Appliance
-CVE-2017-11401 (An issue has been discovered on the Belden Hirschmann Tofino Xenon ...)
+CVE-2017-11401
 	NOT-FOR-US: Belden Hirschmann Tofino Xenon Security Appliance
-CVE-2017-11400 (An issue has been discovered on the Belden Hirschmann Tofino Xenon ...)
+CVE-2017-11400
 	NOT-FOR-US: Belden Hirschmann Tofino Xenon Security Appliance
-CVE-2017-11421 (gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection ...)
+CVE-2017-11421
 	- gnome-exe-thumbnailer 0.9.5-1 (bug #868705)
 	[stretch] - gnome-exe-thumbnailer 0.9.4-2+deb9u1
 	NOTE: http://news.dieweltistgarnichtso.net/posts/gnome-thumbnailer-msi-fail.html
 	NOTE: https://github.com/gnome-exe-thumbnailer/gnome-exe-thumbnailer/commit/1d8e3102dd8fd23431ae6127d14a236da6b4a4a5
-CVE-2017-11399 (Integer overflow in the ape_decode_frame function in ...)
+CVE-2017-11399
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/ba4beaf6149f7241c8bd85fe853318c2f6837ad0
 	NOTE: Fixed in 3.2.7
-CVE-2017-11398 (A session hijacking via log disclosure vulnerability in Trend Micro ...)
+CVE-2017-11398
 	NOT-FOR-US: Trend Micro
-CVE-2017-11397 (A service DLL preloading vulnerability in Trend Micro Encryption for ...)
+CVE-2017-11397
 	NOT-FOR-US: Trend Micro
-CVE-2017-11396 (Vulnerability issues with the web service inspection of input ...)
+CVE-2017-11396
 	NOT-FOR-US: Trend Micro Web Security Virtual Appliance
-CVE-2017-11395 (Command injection vulnerability in Trend Micro Smart Protection Server ...)
+CVE-2017-11395
 	NOT-FOR-US: Trend Micro Smart Protection Server
-CVE-2017-11394 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
+CVE-2017-11394
 	NOT-FOR-US: Trend Micro
-CVE-2017-11393 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
+CVE-2017-11393
 	NOT-FOR-US: Trend Micro
-CVE-2017-11392 (Proxy command injection vulnerability in Trend Micro InterScan ...)
+CVE-2017-11392
 	NOT-FOR-US: Trend Micro
-CVE-2017-11391 (Proxy command injection vulnerability in Trend Micro InterScan ...)
+CVE-2017-11391
 	NOT-FOR-US: Trend Micro
-CVE-2017-11390 (XML external entity (XXE) processing vulnerability in Trend Micro ...)
+CVE-2017-11390
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11389 (Directory traversal vulnerability in Trend Micro Control Manager 6.0 ...)
+CVE-2017-11389
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11388 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code ...)
+CVE-2017-11388
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11387 (Authentication Bypass in Trend Micro Control Manager 6.0 causes ...)
+CVE-2017-11387
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11386 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code ...)
+CVE-2017-11386
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11385 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code ...)
+CVE-2017-11385
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11384 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code ...)
+CVE-2017-11384
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11383 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code ...)
+CVE-2017-11383
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11382 (Denial of Service vulnerability in Trend Micro Deep Discovery Email ...)
+CVE-2017-11382
 	NOT-FOR-US: Trend Micro
-CVE-2017-11381 (A command injection vulnerability exists in Trend Micro Deep Discovery ...)
+CVE-2017-11381
 	NOT-FOR-US: Trend Micro Deep Discovery Director
-CVE-2017-11380 (Backup archives were found to be encrypted with a static password ...)
+CVE-2017-11380
 	NOT-FOR-US: Trend Micro Deep Discovery Director
-CVE-2017-11379 (Configuration and database backup archives are not signed or validated ...)
+CVE-2017-11379
 	NOT-FOR-US: Trend Micro Deep Discovery Director
 CVE-2017-11378
 	RESERVED
@@ -20511,116 +20509,116 @@ CVE-2017-11370
 	RESERVED
 CVE-2017-11369
 	RESERVED
-CVE-2017-11368 (In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker ...)
+CVE-2017-11368
 	{DLA-1058-1}
 	- krb5 1.15.1-2 (bug #869260)
 	[stretch] - krb5 1.15-1+deb9u1
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	NOTE: https://github.com/krb5/krb5/pull/678/commits/a860385dd8fbd239fdb31b347e07f4e6b2fbdcc2
-CVE-2017-11367 (The shoco_decompress function in the API in shoco through 2017-07-17 ...)
+CVE-2017-11367
 	NOT-FOR-US: shoco
-CVE-2017-11366 (components/filemanager/class.filemanager.php in Codiad before 2.8.4 is ...)
+CVE-2017-11366
 	NOT-FOR-US: Codiad
 CVE-2017-11365 [Empty passwords validation issue]
 	RESERVED
 	- symfony <not-affected> (introduced in versions that were never packaged in Debian)
 	NOTE: https://symfony.com/blog/cve-2017-11365-empty-passwords-validation-issue
-CVE-2017-11364 (The CMS installer in Joomla! before 3.7.4 does not verify a user's ...)
+CVE-2017-11364
 	NOT-FOR-US: Joomla!
 CVE-2017-11363
 	RESERVED
-CVE-2017-11362 (In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ...)
+CVE-2017-11362
 	- php7.1 7.1.8-1 (unimportant)
 	- php7.0 7.0.22-1 (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73473
 	NOTE: Fixed in 7.1.7, 7.0.21
 	NOTE: Only triggerable by malicious script
-CVE-2017-11361 (Inteno routers have a JUCI ACL misconfiguration that allows the &quot;user&quot; ...)
+CVE-2017-11361
 	NOT-FOR-US: Inteno routers
-CVE-2017-11360 (The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a ...)
+CVE-2017-11360
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867808)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/518
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30
-CVE-2017-11359 (The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...)
+CVE-2017-11359
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/8b590b3a52f4ccc4eea3f41b4a067c38b3565b60
-CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 ...)
+CVE-2017-11358
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/6cb44a44b9eda6b321ccdbf6483348d4a9798b00
-CVE-2017-11357 (Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not ...)
+CVE-2017-11357
 	NOT-FOR-US: Progress Telerik UI
-CVE-2017-11356 (The application distribution export functionality in PEGA Platform 7.2 ...)
+CVE-2017-11356
 	NOT-FOR-US: PEGA Platform
-CVE-2017-11355 (Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform ...)
+CVE-2017-11355
 	NOT-FOR-US: PEGA Platform
-CVE-2017-11354 (Fiyo CMS v2.0.7 has an SQL injection vulnerability in ...)
+CVE-2017-11354
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11351 (Axesstel MU553S MU55XS-V1.14 devices have a default password of admin ...)
+CVE-2017-11351
 	NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
-CVE-2017-11350 (Cross-Site Request Forgery (CSRF) exists in cgi-bin/ConfigSet on ...)
+CVE-2017-11350
 	NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
-CVE-2017-11349 (dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs ...)
+CVE-2017-11349
 	NOT-FOR-US: dataTaker
-CVE-2017-11348 (In Octopus Deploy 3.x before 3.15.4, an authenticated user with ...)
+CVE-2017-11348
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-11347 (Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a ...)
+CVE-2017-11347
 	NOT-FOR-US: MetInfo
-CVE-2017-11346 (Zoho ManageEngine Desktop Central before build 100092 allows remote ...)
+CVE-2017-11346
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2017-11345 (Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS ...)
+CVE-2017-11345
 	NOT-FOR-US: ASUS
-CVE-2017-11344 (Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ...)
+CVE-2017-11344
 	NOT-FOR-US: ASUS
-CVE-2017-11353 (yadm (yet another dotfile manager) 1.10.0 has a race condition ...)
+CVE-2017-11353
 	- yadm 1.11.1-1 (bug #868300)
 	[stretch] - yadm 1.06-1+deb9u1
 	NOTE: https://github.com/TheLocehiliosan/yadm/issues/74
-CVE-2017-11343 (Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN ...)
+CVE-2017-11343
 	- chicken 4.12.0-0.2 (bug #870266)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2017-07/msg00000.html
-CVE-2017-11342 (There is an illegal address access in ast.cpp of LibSass 3.4.5. A ...)
+CVE-2017-11342
 	- libsass <unfixed> (bug #868577)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470722
-CVE-2017-11341 (There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. A ...)
+CVE-2017-11341
 	- libsass <unfixed> (bug #868577)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470714
-CVE-2017-11340 (There is a Segmentation fault in the XmpParser::terminate() function in ...)
+CVE-2017-11340
 	[experimental] - exiv2 <unfixed> (low; bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/53
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470950
 	NOTE: Not reproducible in wheezy/jessie/stretch, I get "The file contains data of an unknown image type".
 	NOTE: Reproducible with 0.26-1 (experimental) although I get another error "free(): invalid next size (fast)".
-CVE-2017-11339 (There is a heap-based buffer overflow in the Image::printIFDStructure ...)
+CVE-2017-11339
 	[experimental] - exiv2 <unfixed> (bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/52
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470946
 	NOTE: Not reproducible in wheezy/jessie/stretch, I get "The file contains data of an unknown image type".
 	NOTE: Reproducible with 0.26-1 (experimental) although I get another error "free(): invalid next size (fast)".
-CVE-2017-11338 (There is an infinite loop in the Exiv2::Image::printIFDStructure ...)
+CVE-2017-11338
 	[experimental] - exiv2 <unfixed> (low; bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/51
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470913
 	NOTE: Not reproducible in wheezy/jessie/stretch, I get "No Exif data found in the file".
 	NOTE: Reproducible with 0.26-1 (experimental).
-CVE-2017-11337 (There is an invalid free in the Action::TaskFactory::cleanup function ...)
+CVE-2017-11337
 	[experimental] - exiv2 <unfixed> (low; bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/50
@@ -20628,14 +20626,14 @@ CVE-2017-11337 (There is an invalid free in the Action::TaskFactory::cleanup fun
 	NOTE: Not reproducible in wheezy/jessie/stretch (even with valgrind), I get "No Exif data found in the file".
 	NOTE: Reproducible with 0.26-1 (experimental).
 	NOTE: Action::TaskFactory::cleanup function is the same in all versions, so the problem is likely an earlier memory corruption.
-CVE-2017-11336 (There is a heap-based buffer over-read in the Image::printIFDStructure ...)
+CVE-2017-11336
 	[experimental] - exiv2 <unfixed> (bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/49
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470729
 	NOTE: Not reproducible in wheezy/jessie/stretch (even with valgrind).
 	NOTE: Reproducible with 0.26-1 (experimental) although I get another error "free(): invalid next size (fast)".
-CVE-2017-11335 (There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF ...)
+CVE-2017-11335
 	{DSA-4100-1 DLA-1094-1 DLA-1093-1}
 	- tiff 4.0.8-4 (bug #868513)
 	[stretch] - tiff <no-dsa> (Minor issue)
@@ -20643,32 +20641,32 @@ CVE-2017-11335 (There is a heap based buffer overflow in tools/tiff2pdf.c of Lib
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2715
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
-CVE-2017-11529 (The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 ...)
+CVE-2017-11529
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867823)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/525
-CVE-2017-11478 (The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through ...)
+CVE-2017-11478
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867826)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/528
-CVE-2017-11526 (The ReadOneMNGImage function in coders/png.c in ImageMagick before ...)
+CVE-2017-11526
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867825)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/527
-CVE-2017-11505 (The ReadOneJNGImage function in coders/png.c in ImageMagick through ...)
+CVE-2017-11505
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867824)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/526
-CVE-2017-11530 (The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 ...)
+CVE-2017-11530
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867821)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/524
-CVE-2017-11524 (The WriteBlob function in MagickCore/blob.c in ImageMagick before ...)
+CVE-2017-11524
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867798)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/506
-CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka Quick ...)
+CVE-2017-11334
 	{DSA-3925-1}
 	- qemu 1:2.8+dfsg-7 (bug #869173)
 	[jessie] - qemu <no-dsa> (Minor issue. Backport caused regression in Ubuntu)
@@ -20678,57 +20676,57 @@ CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=f5aa69bdc3418773f26747ca282c291519626ece
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=04bf2526ce87f21b32c9acba1c5518708c243ad0
-CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis ...)
+CVE-2017-11333
 	{DSA-4113-1 DLA-1368-1}
 	- libvorbis 1.3.5-4.1 (low; bug #870341)
 	[jessie] - libvorbis <postponed> (Minor issue, can be revisited once fixed upstream)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993
-CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...)
+CVE-2017-11332
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/7405bcaacb1ded8c595cb751d407cf738cb26571
-CVE-2017-11331 (The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 ...)
+CVE-2017-11331
 	- vorbis-tools <unfixed> (unimportant)
 	NOTE: The issue is "covered" by the fix applied in 0016-oggenc-validate-count-of-channels-in-the-header-CVE-.patch
 	NOTE: still the return of malloc is not checked.
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/80
 	NOTE: Crash in CLI tool only, negligible security impact
-CVE-2017-11330 (The DivFixppCore::avi_header_fix function in DivFix++Core.cpp in ...)
+CVE-2017-11330
 	NOT-FOR-US: DivFix++
-CVE-2017-11329 (GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php ...)
+CVE-2017-11329
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11328 (Heap buffer overflow in the yr_object_array_set_item() function in ...)
+CVE-2017-11328
 	- yara 3.6.3+dfsg-1
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: Fixed by: https://github.com/VirusTotal/yara/commit/4a342f01e5439b9bb901aff1c6c23c536baeeb3f
-CVE-2017-11327 (An issue was discovered in Tilde CMS 1.0.1. It is possible to retrieve ...)
+CVE-2017-11327
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11326 (An issue was discovered in Tilde CMS 1.0.1. It is possible to bypass ...)
+CVE-2017-11326
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11325 (An issue was discovered in Tilde CMS 1.0.1. Arbitrary files can be read ...)
+CVE-2017-11325
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11324 (An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of ...)
+CVE-2017-11324
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11323 (Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows ...)
+CVE-2017-11323
 	NOT-FOR-US: ESTsoft ALZip
-CVE-2017-11322 (The chroothole_client executable in UCOPIA Wireless Appliance before ...)
+CVE-2017-11322
 	NOT-FOR-US: UCOPIA Wireless Appliance
-CVE-2017-11321 (The restricted shell interface in UCOPIA Wireless Appliance before ...)
+CVE-2017-11321
 	NOT-FOR-US: UCOPIA Wireless Appliance
-CVE-2017-11320 (Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor ...)
+CVE-2017-11320
 	NOT-FOR-US: Technicolor TC7337 routers
-CVE-2017-11319 (Perspective ICM Investigation &amp; Case 5.1.1.16 allows remote ...)
+CVE-2017-11319
 	NOT-FOR-US: Perspective ICM Investigation
-CVE-2017-11318 (Cobian Backup 11 client allows man-in-the-middle attackers to add and ...)
+CVE-2017-11318
 	NOT-FOR-US: Cobian
-CVE-2017-11317 (Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 ...)
+CVE-2017-11317
 	NOT-FOR-US: Progress Telerik UI
 CVE-2017-11316
 	RESERVED
@@ -20740,216 +20738,216 @@ CVE-2017-11313
 	RESERVED
 CVE-2017-11312
 	RESERVED
-CVE-2017-11311 (soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt ...)
+CVE-2017-11311
 	- libopenmpt 0.2.8461~beta26-1 (bug #867579)
 	[stretch] - libopenmpt 0.2.7386~beta20.3-3+deb9u2
-CVE-2017-11310 (The read_user_chunk_callback function in coders\png.c in ImageMagick ...)
+CVE-2017-11310
 	- imagemagick <not-affected> (Vulnerable code not present, Only affects ImageMagick-7)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/517
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/8ca35831e91c3db8c6d281d09b605001003bec08
-CVE-2017-11309 (Buffer overflow in the SoftConsole client in Avaya IP Office before ...)
+CVE-2017-11309
 	NOT-FOR-US: Avaya IP Office
-CVE-2017-11308 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
+CVE-2017-11308
 	NOT-FOR-US: Adobe
-CVE-2017-11307 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
+CVE-2017-11307
 	NOT-FOR-US: Adobe
-CVE-2017-11306 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
+CVE-2017-11306
 	NOT-FOR-US: Adobe
-CVE-2017-11305 (A regression affecting Adobe Flash Player version 27.0.0.187 (and ...)
+CVE-2017-11305
 	NOT-FOR-US: Adobe
-CVE-2017-11304 (An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and ...)
+CVE-2017-11304
 	NOT-FOR-US: Adobe
-CVE-2017-11303 (An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and ...)
+CVE-2017-11303
 	NOT-FOR-US: Adobe
-CVE-2017-11302 (An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. ...)
+CVE-2017-11302
 	NOT-FOR-US: Adobe
-CVE-2017-11301 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ...)
+CVE-2017-11301
 	NOT-FOR-US: Adobe
-CVE-2017-11300 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ...)
+CVE-2017-11300
 	NOT-FOR-US: Adobe
-CVE-2017-11299 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ...)
+CVE-2017-11299
 	NOT-FOR-US: Adobe
-CVE-2017-11298 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ...)
+CVE-2017-11298
 	NOT-FOR-US: Adobe
-CVE-2017-11297 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ...)
+CVE-2017-11297
 	NOT-FOR-US: Adobe
-CVE-2017-11296 (An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. ...)
+CVE-2017-11296
 	NOT-FOR-US: Adobe
-CVE-2017-11295 (An issue was discovered in Adobe DNG Converter 9.12.1 and earlier ...)
+CVE-2017-11295
 	NOT-FOR-US: Adobe
-CVE-2017-11294 (An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An ...)
+CVE-2017-11294
 	NOT-FOR-US: Adobe
-CVE-2017-11293 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and ...)
+CVE-2017-11293
 	NOT-FOR-US: Adobe
-CVE-2017-11292 (Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode ...)
+CVE-2017-11292
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-11291 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
+CVE-2017-11291
 	NOT-FOR-US: Adobe
-CVE-2017-11290 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
+CVE-2017-11290
 	NOT-FOR-US: Adobe
-CVE-2017-11289 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
+CVE-2017-11289
 	NOT-FOR-US: Adobe
-CVE-2017-11288 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
+CVE-2017-11288
 	NOT-FOR-US: Adobe
-CVE-2017-11287 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
+CVE-2017-11287
 	NOT-FOR-US: Adobe
-CVE-2017-11286 (Adobe ColdFusion has an XML external entity (XXE) injection ...)
+CVE-2017-11286
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11285 (Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This ...)
+CVE-2017-11285
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11284 (Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. ...)
+CVE-2017-11284
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11283 (Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. ...)
+CVE-2017-11283
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11282 (Adobe Flash Player has an exploitable memory corruption vulnerability ...)
+CVE-2017-11282
 	NOT-FOR-US: Adobe
-CVE-2017-11281 (Adobe Flash Player has an exploitable memory corruption vulnerability ...)
+CVE-2017-11281
 	NOT-FOR-US: Adobe
-CVE-2017-11280 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory ...)
+CVE-2017-11280
 	NOT-FOR-US: Adobe
-CVE-2017-11279 (Adobe Digital Editions 4.5.4 and earlier has an exploitable use after ...)
+CVE-2017-11279
 	NOT-FOR-US: Adobe
-CVE-2017-11278 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory ...)
+CVE-2017-11278
 	NOT-FOR-US: Adobe
-CVE-2017-11277 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory ...)
+CVE-2017-11277
 	NOT-FOR-US: Adobe
-CVE-2017-11276 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory ...)
+CVE-2017-11276
 	NOT-FOR-US: Adobe
-CVE-2017-11275 (Adobe Digital Editions 4.5.4 and earlier has an exploitable heap ...)
+CVE-2017-11275
 	NOT-FOR-US: Adobe
-CVE-2017-11274 (Adobe Digital Editions 4.5.4 and earlier has an exploitable use after ...)
+CVE-2017-11274
 	NOT-FOR-US: Adobe
-CVE-2017-11273 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ...)
+CVE-2017-11273
 	NOT-FOR-US: Adobe
-CVE-2017-11272 (Adobe Digital Editions 4.5.4 and earlier has a security bypass ...)
+CVE-2017-11272
 	NOT-FOR-US: Adobe
-CVE-2017-11271 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11271
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11270 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11270
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11269 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11269
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11268 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11268
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11267 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11267
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11266
 	REJECTED
-CVE-2017-11265 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11265
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11264
 	REJECTED
-CVE-2017-11263 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11263
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11262 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11262
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11261 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11261
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11260 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11260
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11259 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11259
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11258 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11258
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11257 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11257
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11256 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11256
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11255 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11255
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11254 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11254
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11253 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
+CVE-2017-11253
 	NOT-FOR-US: Adobe
-CVE-2017-11252 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11252
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11251 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11251
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11250 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
+CVE-2017-11250
 	NOT-FOR-US: Adobe
-CVE-2017-11249 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11249
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11248 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11248
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11247
 	REJECTED
-CVE-2017-11246 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11246
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11245 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11245
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11244 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11244
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11243 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11243
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11242 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11242
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11241 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11241
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11240 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, ...)
+CVE-2017-11240
 	NOT-FOR-US: Adobe
-CVE-2017-11239 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11239
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11238 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11238
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11237 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11237
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11236 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11236
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11235 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11235
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11234 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11234
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11233 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11233
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11232 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11232
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11231 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11231
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11230 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11230
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11229 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11229
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11228 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11228
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11227 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11227
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11226 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11226
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11225 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier ...)
+CVE-2017-11225
 	NOT-FOR-US: Adobe
-CVE-2017-11224 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11224
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11223 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11223
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11222 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11222
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11221 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11221
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11220 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11220
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11219 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11219
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11218 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11218
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11217 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11217
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11216 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11216
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11215 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier ...)
+CVE-2017-11215
 	NOT-FOR-US: Adobe
-CVE-2017-11214 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11214
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11213 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier ...)
+CVE-2017-11213
 	NOT-FOR-US: Adobe
-CVE-2017-11212 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11212
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11211 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11211
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11210 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11210
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11209 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-11209
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-1000083 (backend/comics/comics-document.c (aka the comic book backend) in GNOME ...)
+CVE-2017-1000083
 	{DSA-3916-1 DSA-3911-1 DLA-1031-1}
 	- evince 3.22.1-4
 	- atril 1.16.1-2.1 (bug #868500)
@@ -20966,133 +20964,133 @@ CVE-2017-11204
 	RESERVED
 CVE-2017-11203
 	RESERVED
-CVE-2017-11202 (FineCMS through 2017-07-12 allows XSS in visitors.php because ...)
+CVE-2017-11202
 	NOT-FOR-US: FineCMS
-CVE-2017-11201 (application/core/controller/images.php in FineCMS through 2017-07-12 ...)
+CVE-2017-11201
 	NOT-FOR-US: FineCMS
-CVE-2017-11200 (SQL Injection exists in FineCMS through 2017-07-12 via the ...)
+CVE-2017-11200
 	NOT-FOR-US: FineCMS
 CVE-2017-11199
 	RESERVED
-CVE-2017-11198 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-11198
 	NOT-FOR-US: FineCMS
 CVE-2017-11197
 	RESERVED
-CVE-2017-12562 (Heap-based Buffer Overflow in the psf_binheader_writef function in ...)
+CVE-2017-12562
 	{DLA-1049-1}
 	- libsndfile 1.0.28-3 (bug #869166)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/292
 	NOTE: https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8
-CVE-2017-11196 (Pulse Connect Secure 8.3R1 has CSRF in logout.cgi. The logout function ...)
+CVE-2017-11196
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2017-11195 (Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The ...)
+CVE-2017-11195
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2017-11194 (Pulse Connect Secure 8.3R1 has Reflected XSS in ...)
+CVE-2017-11194
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2017-11193 (Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. In the panel, the ...)
+CVE-2017-11193
 	NOT-FOR-US: Pulse Connect Secure
 CVE-2017-11192
 	RESERVED
-CVE-2017-11191 (** DISPUTED ** FreeIPA 4.x with API version 2.213 allows a remote ...)
+CVE-2017-11191
 	NOTE: non-issue claimed for freepia
-CVE-2017-11190 (unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might ...)
+CVE-2017-11190
 	- unrar-free <unfixed> (unimportant)
 	NOTE: Affected debug code not enabled
-CVE-2017-11189 (unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a ...)
+CVE-2017-11189
 	- unrar-free <unfixed> (unimportant)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-11187 (phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks ...)
+CVE-2017-11187
 	NOT-FOR-US: phpMyFAQ
 CVE-2017-11186
 	RESERVED
-CVE-2017-11185 (The gmp plugin in strongSwan before 5.6.0 allows remote attackers to ...)
+CVE-2017-11185
 	{DSA-3962-1 DLA-1059-1}
 	- strongswan 5.6.0-1 (bug #872155)
 	NOTE: https://www.strongswan.org/blog/2017/08/14/strongswan-vulnerability-(cve-2017-11185).html
 	NOTE: https://git.strongswan.org/?p=strongswan.git;a=commit;h=ef5c37fcdf47273feea320091598135688df4ef7
-CVE-2017-11184 (SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 ...)
+CVE-2017-11184
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11183 (front/backup.php in GLPI before 9.1.5 allows remote authenticated ...)
+CVE-2017-11183
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11182 (In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found ...)
+CVE-2017-11182
 	NOT-FOR-US: Rise Ultimate Project Manager
-CVE-2017-11181 (In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found ...)
+CVE-2017-11181
 	NOT-FOR-US: Rise Ultimate Project Manager
-CVE-2017-11180 (FineCMS through 2017-07-11 has stored XSS in the logging functionality, ...)
+CVE-2017-11180
 	NOT-FOR-US: FineCMS
-CVE-2017-11179 (FineCMS through 2017-07-11 has stored XSS in route=admin when modifying ...)
+CVE-2017-11179
 	NOT-FOR-US: FineCMS
-CVE-2017-11178 (In FineCMS through 2017-07-11, application/core/controller/style.php ...)
+CVE-2017-11178
 	NOT-FOR-US: FineCMS
-CVE-2017-11177 (TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file ...)
+CVE-2017-11177
 	NOT-FOR-US: TRITON
-CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does not set ...)
+CVE-2017-11176
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f991af3daabaecff34684fd51fac80319d1baad1
-CVE-2017-11175 (In J2 Innovations FIN Stack 4.0, the authentication webform is ...)
+CVE-2017-11175
 	NOT-FOR-US: J2 Innovations FIN Stack
-CVE-2017-11174 (In install/page_dbsettings.php in the Core distribution of XOOPS ...)
+CVE-2017-11174
 	NOT-FOR-US: XOOPS
-CVE-2017-11173 (Missing anchor in generated regex for rack-cors before 0.4.1 allows a ...)
+CVE-2017-11173
 	{DSA-3931-1}
 	- ruby-rack-cors 0.4.1-1
 	[jessie] - ruby-rack-cors <not-affected> (Vulnerable code not present)
 CVE-2017-11172
 	RESERVED
-CVE-2017-1000096 (Arbitrary code execution due to incomplete sandbox protection: ...)
+CVE-2017-1000096
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000095 (The default whitelist included the following unsafe entries: ...)
+CVE-2017-1000095
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000094 (Docker Commons Plugin provides a list of applicable credential IDs to ...)
+CVE-2017-1000094
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000093 (Poll SCM Plugin was not requiring requests to its API be sent via ...)
+CVE-2017-1000093
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000092 (Git Plugin connects to a user-specified Git repository as part of form ...)
+CVE-2017-1000092
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000091 (GitHub Branch Source Plugin connects to a user-specified GitHub API ...)
+CVE-2017-1000091
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000090 (Role-based Authorization Strategy Plugin was not requiring requests to ...)
+CVE-2017-1000090
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000089 (Builds in Jenkins are associated with an authentication that controls ...)
+CVE-2017-1000089
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000088 (The Sidebar Link plugin allows users able to configure jobs, views, ...)
+CVE-2017-1000088
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000087 (GitHub Branch Source provides a list of applicable credential IDs to ...)
+CVE-2017-1000087
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000086 (The Periodic Backup Plugin did not perform any permission checks, ...)
+CVE-2017-1000086
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000085 (Subversion Plugin connects to a user-specified Subversion repository ...)
+CVE-2017-1000085
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000084 (Parameterized Trigger Plugin fails to check Item/Build permission: The ...)
+CVE-2017-1000084
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-11171 (Bad reference counting in the context of accept_ice_connection() in ...)
+CVE-2017-11171
 	- gnome-session 2.30.0-1
 	NOTE: https://github.com/GNOME/gnome-session/commit/b0dc999e0b45355314616321dbb6cb71e729fc9d
-CVE-2017-11170 (The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a ...)
+CVE-2017-11170
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #868184)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/472
-CVE-2017-11169 (Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices ...)
+CVE-2017-11169
 	NOT-FOR-US: iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices
 CVE-2017-11168
 	RESERVED
-CVE-2017-11167 (FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by ...)
+CVE-2017-11167
 	NOT-FOR-US: FineCMS
-CVE-2017-11166 (The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a ...)
+CVE-2017-11166
 	- imagemagick 8:6.9.7.4+dfsg-7 (unimportant; bug #868263)
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u14
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/471
-CVE-2017-11165 (dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive ...)
+CVE-2017-11165
 	NOT-FOR-US: dataTaker
-CVE-2017-11164 (In PCRE 8.41, the OP_KETRMAX feature in the match function in ...)
+CVE-2017-11164
 	- pcre3 <unfixed> (unimportant)
 	NOTE: http://openwall.com/lists/oss-security/2017/07/11/3
-CVE-2017-11163 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...)
+CVE-2017-11163
 	- cacti 1.1.12+ds1-1 (bug #868080)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
@@ -21101,39 +21099,39 @@ CVE-2017-11163 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php
 	NOTE: aggregate_graphs.php not available in 0.8.8.
 	NOTE: Upstream claims fix for CVE-2017-10970 also fixes this CVE
 	NOTE: but produced this patch anyway: https://github.com/Cacti/cacti/commit/bf5b1309dcf68578c3bdc4db54112dfb2e8ec4f4
-CVE-2017-11162 (Directory traversal vulnerability in synphotoio in Synology Photo ...)
+CVE-2017-11162
 	NOT-FOR-US: Synology
-CVE-2017-11161 (Multiple SQL injection vulnerabilities in Synology Photo Station ...)
+CVE-2017-11161
 	NOT-FOR-US: Synology
-CVE-2017-11160 (Multiple untrusted search path vulnerabilities in installer in ...)
+CVE-2017-11160
 	NOT-FOR-US: Installer in Synology Assistant
-CVE-2017-11159 (Multiple untrusted search path vulnerabilities in installer in ...)
+CVE-2017-11159
 	NOT-FOR-US: Installer in Synology Photo Station Uploader
-CVE-2017-11158 (Multiple untrusted search path vulnerabilities in the installer in ...)
+CVE-2017-11158
 	NOT-FOR-US: Synology Cloud Station Drive
-CVE-2017-11157 (Multiple untrusted search path vulnerabilities in the installer in ...)
+CVE-2017-11157
 	NOT-FOR-US: Synology
-CVE-2017-11156 (Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before ...)
+CVE-2017-11156
 	NOT-FOR-US: Synology Download Station
-CVE-2017-11155 (An information exposure vulnerability in index.php in Synology Photo ...)
+CVE-2017-11155
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11154 (Unrestricted file upload vulnerability in PixlrEditorHandler.php in ...)
+CVE-2017-11154
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11153 (Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology ...)
+CVE-2017-11153
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11152 (Directory traversal vulnerability in PixlrEditorHandler.php in ...)
+CVE-2017-11152
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11151 (A vulnerability in synotheme_upload.php in Synology Photo Station ...)
+CVE-2017-11151
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11150 (Command injection vulnerability in Document.php in Synology Office ...)
+CVE-2017-11150
 	NOT-FOR-US: Synology Office
-CVE-2017-11149 (Server-side request forgery (SSRF) vulnerability in Downloader in ...)
+CVE-2017-11149
 	NOT-FOR-US: Synology Download Station
-CVE-2017-11148 (Server-side request forgery (SSRF) vulnerability in link preview in ...)
+CVE-2017-11148
 	NOT-FOR-US: Synology Chat
 CVE-2017-11146
 	REJECTED
-CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an ...)
+CVE-2017-11145
 	{DSA-4081-1 DSA-4080-1 DLA-1034-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
@@ -21142,29 +21140,29 @@ CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7,
 	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
 	NOTE: Fixed by: https://github.com/php/php-src/commit/e8b7698f5ee757ce2c8bd10a192a491a498f891c
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-1000362 (The re-key admin monitor was introduced in Jenkins 1.498 and ...)
+CVE-2017-1000362
 	- jenkins <removed>
-CVE-2017-1000081 (Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of ...)
+CVE-2017-1000081
 	NOT-FOR-US: ONOS
-CVE-2017-1000080 (Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets. ...)
+CVE-2017-1000080
 	NOT-FOR-US: ONOS
-CVE-2017-1000079 (Linux foundation ONOS 1.9.0 is vulnerable to a DoS. ...)
+CVE-2017-1000079
 	NOT-FOR-US: ONOS
-CVE-2017-1000078 (Linux foundation ONOS 1.9 is vulnerable to XSS in the device. ...)
+CVE-2017-1000078
 	NOT-FOR-US: ONOS
 CVE-2017-1000077
 	REJECTED
 CVE-2017-1000076
 	REJECTED
-CVE-2017-1000075 (Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the ...)
+CVE-2017-1000075
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000074 (Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the ...)
+CVE-2017-1000074
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000073 (Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an ...)
+CVE-2017-1000073
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000072 (Creolabs Gravity version 1.0 is vulnerable to a Double Free in ...)
+CVE-2017-1000072
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000071 (Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass ...)
+CVE-2017-1000071
 	- php-cas 1.3.6-1 (bug #868466)
 	[stretch] - php-cas <no-dsa> (Minor issue)
 	[jessie] - php-cas <no-dsa> (Minor issue)
@@ -21173,56 +21171,56 @@ CVE-2017-1000071 (Jasig phpCAS version 1.3.4 is vulnerable to an authentication
 	NOTE: Fixed by: https://github.com/apereo/phpCAS/commit/c9ba00327fd0ac8faecc62ce150c1986022856cd
 	NOTE: The vulnerability only exists when the server is affected by
 	NOTE: another very old vulnerability fixed in 2010.
-CVE-2017-1000070 (The Bitly oauth2_proxy in version 2.1 and earlier was affected by an ...)
+CVE-2017-1000070
 	NOT-FOR-US: Bitly oauth2_proxy
-CVE-2017-1000069 (CSRF in Bitly oauth2_proxy 2.1 during authentication flow ...)
+CVE-2017-1000069
 	NOT-FOR-US: Bitly oauth2_proxy
-CVE-2017-1000068 (TestTrack Server versions 1.0 and earlier are vulnerable to an ...)
+CVE-2017-1000068
 	NOT-FOR-US: TestTrack
-CVE-2017-1000067 (MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL ...)
+CVE-2017-1000067
 	NOT-FOR-US: MODX Revolution
-CVE-2017-1000066 (The entry details view function in KeePass version 1.32 inadvertently ...)
+CVE-2017-1000066
 	- keepass2 <not-affected> (Only affects 1.x)
-CVE-2017-1000065 (Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in ...)
+CVE-2017-1000065
 	NOT-FOR-US: OpenMediaVault
-CVE-2017-1000064 (kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion ...)
+CVE-2017-1000064
 	NOT-FOR-US: kittoframework kitto
-CVE-2017-1000063 (kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 ...)
+CVE-2017-1000063
 	NOT-FOR-US: kittoframework kitto
-CVE-2017-1000062 (kittoframework kitto 0.5.1 is vulnerable to directory traversal in the ...)
+CVE-2017-1000062
 	NOT-FOR-US: kittoframework kitto
-CVE-2017-1000061 (xmlsec 1.2.23 and before is vulnerable to XML External Entity ...)
+CVE-2017-1000061
 	- xmlsec1 1.2.24-1
 	[stretch] - xmlsec1 <no-dsa> (Minor issue)
 	[jessie] - xmlsec1 <no-dsa> (Minor issue)
 	[wheezy] - xmlsec1 <no-dsa> (Minor issue)
 	NOTE: https://github.com/lsh123/xmlsec/issues/43
-CVE-2017-1000060 (EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb ...)
+CVE-2017-1000060
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-1000059 (Live Helper Chat version 2.06v and older is vulnerable to Cross-Site ...)
+CVE-2017-1000059
 	NOT-FOR-US: Live Helper Chat
-CVE-2017-1000058 (Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, ...)
+CVE-2017-1000058
 	NOT-FOR-US: chevereto CMS
 CVE-2017-1000057
 	REJECTED
-CVE-2017-1000056 (Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation ...)
+CVE-2017-1000056
 	- kubernetes 1.5.5+dfsg-1
 	NOTE: https://github.com/kubernetes/kubernetes/issues/43459
 CVE-2017-1000055
 	REJECTED
-CVE-2017-1000054 (Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the ...)
+CVE-2017-1000054
 	NOT-FOR-US: Rocket.Chat
-CVE-2017-1000053 (Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to ...)
+CVE-2017-1000053
 	NOT-FOR-US: Elixir Plug
-CVE-2017-1000052 (Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to ...)
+CVE-2017-1000052
 	NOT-FOR-US: Elixir Plug
-CVE-2017-1000051 (Cross-site scripting (XSS) vulnerability in pad export in XWiki labs ...)
+CVE-2017-1000051
 	NOT-FOR-US: XWiki labs
 CVE-2017-1000049
 	REJECTED
-CVE-2017-1000048 (the web framework using ljharb's qs module older than v6.3.2, v6.2.3, ...)
+CVE-2017-1000048
 	NOT-FOR-US: ljharb
-CVE-2017-1000047 (rbenv (all current versions) is vulnerable to Directory Traversal in ...)
+CVE-2017-1000047
 	- rbenv <unfixed> (bug #869702)
 	[buster] - rbenv <no-dsa> (Minor issue)
 	[stretch] - rbenv <no-dsa> (Minor issue)
@@ -21230,36 +21228,36 @@ CVE-2017-1000047 (rbenv (all current versions) is vulnerable to Directory Traver
 	[wheezy] - rbenv <no-dsa> (Minor issue)
 	NOTE: https://github.com/rbenv/rbenv/issues/977
 	NOTE: .ruby-version is .rbenv-version in wheezy
-CVE-2017-1000046 (Mautic 2.6.1 and earlier fails to set flags on session cookies ...)
+CVE-2017-1000046
 	NOT-FOR-US: Mautic
 CVE-2017-1000045
 	REJECTED
-CVE-2017-1000043 (Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are ...)
+CVE-2017-1000043
 	NOT-FOR-US: Mapbox.js
-CVE-2017-1000042 (Mapbox.js versions 1.x prior to 1.6.5 and 2.x prior to 2.1.7 are ...)
+CVE-2017-1000042
 	NOT-FOR-US: Mapbox.js
-CVE-2017-1000039 (Framadate version 1.0 is vulnerable to Formula Injection in the CSV ...)
+CVE-2017-1000039
 	NOT-FOR-US: Framadate
-CVE-2017-1000038 (WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored ...)
+CVE-2017-1000038
 	NOT-FOR-US: WordPress plugin
-CVE-2017-1000037 (RVM automatically loads environment variables from files in $PWD ...)
+CVE-2017-1000037
 	NOT-FOR-US: RVM
 CVE-2017-1000036
 	REJECTED
-CVE-2017-1000035 (Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener ...)
+CVE-2017-1000035
 	- tt-rss 17.1+git20170410+dfsg-1
 	NOTE: https://git.tt-rss.org/git/tt-rss/commit/829d478f1b054c8ce1eeb4f15170dc4a1abb3e47
-CVE-2017-1000034 (Akka versions &lt;=2.4.16 and 2.5-M1 are vulnerable to a java ...)
+CVE-2017-1000034
 	NOT-FOR-US: Akka
-CVE-2017-1000033 (Wordpress Plugin Vospari Forms version &lt; 1.4 is vulnerable to a ...)
+CVE-2017-1000033
 	NOT-FOR-US: WordPress plugin
-CVE-2017-1000032 (Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow ...)
+CVE-2017-1000032
 	- cacti 0.8.8b+dfsg-6
 	[wheezy] - cacti 0.8.8a+dfsg-5+deb7u3
 	NOTE: MITRE will not reject the entry, but the issue is already covered by the
 	NOTE: patch as for CVE-2014-4002. See discussion in
 	NOTE: https://github.com/distributedweaknessfiling/DWF-CVE-Database/issues/27
-CVE-2017-1000031 (SQL injection vulnerability in graph_templates_inputs.php in Cacti ...)
+CVE-2017-1000031
 	- cacti 0.8.8e+ds1-1
 	[jessie] - cacti <ignored> (Minor issue, can be mitigated with Web Application Firewalls)
 	[wheezy] - cacti <ignored> (Minor issue, can be mitigated with Web Application Firewalls)
@@ -21279,86 +21277,86 @@ CVE-2017-1000031 (SQL injection vulnerability in graph_templates_inputs.php in C
 	NOTE: CVE-2015-4634 seems part of the duplication. Upstream commit 4e4dd67 was in the
 	NOTE: preperation git tree for 1.x, its equivalent svn commit was used to fix
 	NOTE: CVE-2015-4634 in Debian.
-CVE-2017-1000030 (Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is ...)
+CVE-2017-1000030
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-1000029 (Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is ...)
+CVE-2017-1000029
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-1000028 (Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both ...)
+CVE-2017-1000028
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-1000027 (Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable ...)
+CVE-2017-1000027
 	NOT-FOR-US: Koozali Foundation SME Server
-CVE-2017-1000026 (Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable ...)
+CVE-2017-1000026
 	{DSA-3915-1}
 	- ruby-mixlib-archive 0.4.1-1 (bug #868572)
 	NOTE: https://github.com/chef/mixlib-archive/pull/6
 	NOTE: https://github.com/chef/mixlib-archive/pull/6/commits/3a874a24aed6ee93fbccf97efe0ecc999bafe87d
-CVE-2017-1000025 (GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 ...)
+CVE-2017-1000025
 	- epiphany-browser 3.22.6-1 (unimportant)
 	NOTE: webkit not covered by security support
-CVE-2017-1000024 (Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable ...)
+CVE-2017-1000024
 	- shotwell 0.25.4+really0.24.5-0.1 (unimportant)
-CVE-2017-1000023 (LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS when using preview on HTML document. ...)
+CVE-2017-1000023
 	NOT-FOR-US: LogicalDoc Community Edition
-CVE-2017-1000022 (LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could leave to privilege escalation. ...)
+CVE-2017-1000022
 	NOT-FOR-US: LogicalDoc Community Edition
-CVE-2017-1000021 (LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents. ...)
+CVE-2017-1000021
 	NOT-FOR-US: LogicalDoc Community Edition
-CVE-2017-1000020 (SYN Flood or FIN Flood attack in ECos 1 and other versions embedded ...)
+CVE-2017-1000020
 	NOT-FOR-US: ECos
-CVE-2017-1000018 (phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the ...)
+CVE-2017-1000018
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-7
-CVE-2017-1000017 (phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user ...)
+CVE-2017-1000017
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-6
-CVE-2017-1000016 (A weakness was discovered where an attacker can inject arbitrary ...)
+CVE-2017-1000016
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-5
-CVE-2017-1000015 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack ...)
+CVE-2017-1000015
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-4
-CVE-2017-1000014 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the ...)
+CVE-2017-1000014
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-3
-CVE-2017-1000013 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect ...)
+CVE-2017-1000013
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-1
-CVE-2017-1000012 (MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying ...)
+CVE-2017-1000012
 	NOT-FOR-US: MySQL Dumper
-CVE-2017-1000011 (MyWebSQL version 3.6 is vulnerable to stored XSS in the database ...)
+CVE-2017-1000011
 	NOT-FOR-US: MyWebSQL
-CVE-2017-1000010 (Audacity version 2.1.2 is vulnerable to Dll HIjacking in the ...)
+CVE-2017-1000010
 	- audacity <not-affected> (Specific to Windows packaging)
-CVE-2017-1000009 (Akeneo PIM CE and EE &lt;1.6.6, &lt;1.5.15, &lt;1.4.28 are vulnerable to shell ...)
+CVE-2017-1000009
 	NOT-FOR-US: Akeneo PIM
-CVE-2017-1000008 (Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user ...)
+CVE-2017-1000008
 	NOT-FOR-US: Chyrp Lite
-CVE-2017-1000007 (txAWS (all current versions) fail to perform complete certificate ...)
+CVE-2017-1000007
 	NOT-FOR-US: txAWS
-CVE-2017-1000006 (Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an ...)
+CVE-2017-1000006
 	NOT-FOR-US: plotly.js (different from the plotly Python package)
-CVE-2017-1000005 (PHPMiniAdmin version 1.9.160630 is vulnerable to stored XSS in the ...)
+CVE-2017-1000005
 	NOT-FOR-US: PHPMiniAdmin
-CVE-2017-1000004 (ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in ...)
+CVE-2017-1000004
 	NOT-FOR-US: ATutor
-CVE-2017-1000003 (ATutor versions 2.2.1 and earlier are vulnerable to an incorrect ...)
+CVE-2017-1000003
 	NOT-FOR-US: ATutor
-CVE-2017-1000002 (ATutor versions 2.2.1 and earlier are vulnerable to a directory ...)
+CVE-2017-1000002
 	NOT-FOR-US: ATutor
-CVE-2017-1000001 (FedMsg 0.18.1 and older is vulnerable to a message validation flaw ...)
+CVE-2017-1000001
 	- fedmsg <removed> (bug #868508)
 	[jessie] - fedmsg <no-dsa> (Minor issue)
 	NOTE: https://github.com/fedora-infra/fedmsg/commit/5c21cf88a
-CVE-2017-11141 (The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a ...)
+CVE-2017-11141
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #868264)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/469
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/353b942bd83da7e1356ba99c942848bd1871ee9f
-CVE-2017-11140 (The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 ...)
+CVE-2017-11140
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-3 (low)
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/b4139088b49a
-CVE-2017-11139 (GraphicsMagick 1.3.26 has double free vulnerabilities in the ...)
+CVE-2017-11139
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-2 (low)
 	[jessie] - graphicsmagick <not-affected> (vulnerable code for CVE-2017-11102 not applied in Jessie)
@@ -21368,123 +21366,123 @@ CVE-2017-11138
 	RESERVED
 CVE-2017-11137
 	RESERVED
-CVE-2017-11136 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+CVE-2017-11136
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11135 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+CVE-2017-11135
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11134 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+CVE-2017-11134
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11133 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+CVE-2017-11133
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11132 (An issue was discovered in heinekingmedia StashCat before 1.5.18 for ...)
+CVE-2017-11132
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11131 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+CVE-2017-11131
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11130 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+CVE-2017-11130
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11129 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+CVE-2017-11129
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11128 (Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by ...)
+CVE-2017-11128
 	NOT-FOR-US: Bolt CMS
-CVE-2017-11127 (Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a ...)
+CVE-2017-11127
 	NOT-FOR-US: Bolt CMS
-CVE-2017-11126 (The III_i_stereo function in libmpg123/layer3.c in mpg123 through ...)
+CVE-2017-11126
 	- mpg123 1.25.3-1 (unimportant)
 	NOTE: no security impact
-CVE-2017-11125 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the ...)
+CVE-2017-11125
 	- xar <removed>
-CVE-2017-11124 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the ...)
+CVE-2017-11124
 	- xar <removed>
 CVE-2017-11123
 	RESERVED
-CVE-2017-11122 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can ...)
+CVE-2017-11122
 	NOT-FOR-US: Broadcom
-CVE-2017-11121 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, ...)
+CVE-2017-11121
 	NOT-FOR-US: Broadcom
-CVE-2017-11120 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, ...)
+CVE-2017-11120
 	NOT-FOR-US: Broadcom
-CVE-2017-11119 (The chk_mem_access function in cpu/nes6502/nes6502.c in libnosefart.a ...)
+CVE-2017-11119
 	- xine-lib-1.2 <not-affected> (it is built with --disable-nosefart)
 	- xine-lib <not-affected> (it is built with --disable-nosefart)
 	NOTE: https://sourceforge.net/p/nosefart/bugs/6/
-CVE-2017-11118 (The ExifImageFile::readImage function in ExifImageFileRead.cpp in ...)
+CVE-2017-11118
 	NOT-FOR-US: OpenExif
-CVE-2017-11117 (The ExifImageFile::readDHT function in ExifImageFileRead.cpp in ...)
+CVE-2017-11117
 	NOT-FOR-US: OpenExif
-CVE-2017-11116 (The ExifImageFile::readDQT function in ExifImageFileRead.cpp in ...)
+CVE-2017-11116
 	NOT-FOR-US: OpenExif
-CVE-2017-11115 (The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in ...)
+CVE-2017-11115
 	NOT-FOR-US: OpenExif
-CVE-2017-11114 (The put_chars function in html_r.c in Twibright Links 2.14 allows ...)
+CVE-2017-11114
 	- links2 2.14-3 (unimportant; bug #870299)
 	NOTE: PoC: http://seclists.org/fulldisclosure/2017/Jul/76
-CVE-2017-11527 (The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 ...)
+CVE-2017-11527
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867812)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/523
-CVE-2017-11528 (The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 ...)
+CVE-2017-11528
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867811)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/522
-CVE-2017-11525 (The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 ...)
+CVE-2017-11525
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867810)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/519
-CVE-2017-11188 (The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a ...)
+CVE-2017-11188
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867806)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/509
-CVE-2017-11113 (In ncurses 6.0, there is a NULL Pointer Dereference in the ...)
+CVE-2017-11113
 	- ncurses 6.0+20170701-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464691
-CVE-2017-11112 (In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the ...)
+CVE-2017-11112
 	- ncurses 6.0+20170701-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464686
-CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers ...)
+CVE-2017-11111
 	{DLA-1041-1}
 	- nasm 2.13.02-0.1 (bug #867988)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392415
-CVE-2017-11110 (The ole_init function in ole.c in catdoc 0.95 allows remote attackers ...)
+CVE-2017-11110
 	{DSA-3917-1 DLA-1037-1}
 	- catdoc 1:0.95-3 (bug #867717)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468471
-CVE-2017-11109 (Vim 8.0 allows attackers to cause a denial of service (invalid free) or ...)
+CVE-2017-11109
 	{DLA-1030-1}
 	- vim 2:8.0.0197-5 (low; bug #867720)
 	[stretch] - vim 2:8.0.0197-4+deb9u1
 	[jessie] - vim <postponed> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468492
-CVE-2017-11108 (tcpdump 4.9.0 allows remote attackers to cause a denial of service ...)
+CVE-2017-11108
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-1 (bug #867718)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468504
 	NOTE: Proposed patch: https://github.com/the-tcpdump-group/tcpdump/pull/617
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/d9e65de3d94698ec90dbca42962a30dd2f0680e1 (4.9.1)
-CVE-2017-11107 (phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the ...)
+CVE-2017-11107
 	{DLA-1561-1 DLA-1019-1}
 	- phpldapadmin <unfixed> (bug #867719)
 	NOTE: https://github.com/leenooks/phpLDAPadmin/issues/50
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/phpldapadmin/+bug/1701731
 CVE-2017-11106
 	RESERVED
-CVE-2017-11105 (The OnePlus 2 Primary Bootloader (PBL) does not validate the SBL1 ...)
+CVE-2017-11105
 	NOT-FOR-US: OnePlus
-CVE-2017-1000050 (JasPer 2.0.12 is vulnerable to a NULL pointer exception in the ...)
+CVE-2017-1000050
 	- jasper <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/06/1
 	NOTE: https://github.com/mdadams/jasper/issues/120
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/58ba0365d911b9f9dd68e9abf826682c0b4f2293
-CVE-2017-1002024 (Vulnerability in web application Kind Editor v4.1.12, ...)
+CVE-2017-1002024
 	NOT-FOR-US: kindeditor
-CVE-2017-11103 (Heimdal before 7.4 allows remote attackers to impersonate services with ...)
+CVE-2017-11103
 	{DSA-3912-1 DSA-3909-1 DLA-1027-1}
 	- heimdal 7.4.0.dfsg.1-1 (bug #868208)
 	- samba 2:4.6.5+dfsg-4 (bug #868209)
@@ -21496,235 +21494,235 @@ CVE-2017-11103 (Heimdal before 7.4 allows remote attackers to impersonate servic
 	NOTE: samba's source package embeds heimdal but the binary is statically linked to src:heimdal
 	NOTE: https://www.samba.org/samba/security/CVE-2017-11103.html
 	NOTE: Upstream Samba Bug: https://bugzilla.samba.org/show_bug.cgi?id=12894
-CVE-2017-11102 (The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
+CVE-2017-11102
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-2 (bug #867746)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d445af60a8d5
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/dea93a690fc1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/4d0baa77245b
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e8f859704230
-CVE-2017-11101 (When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead ...)
+CVE-2017-11101
 	- swftools <unfixed> (unimportant; bug #871022)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/26
-CVE-2017-11100 (When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead ...)
+CVE-2017-11100
 	- swftools <unfixed> (unimportant; bug #871024)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/27
-CVE-2017-11099 (When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to ...)
+CVE-2017-11099
 	- swftools <unfixed> (unimportant; bug #871018)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/31
-CVE-2017-11098 (When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead to ...)
+CVE-2017-11098
 	- swftools <unfixed> (unimportant; bug #871020)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/32
-CVE-2017-11097 (When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a ...)
+CVE-2017-11097
 	- swftools <unfixed> (unimportant; bug #871025)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/24
-CVE-2017-11096 (When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead ...)
+CVE-2017-11096
 	- swftools <unfixed> (unimportant; bug #871026)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/25
 CVE-2017-11095
 	RESERVED
 CVE-2017-11094
 	RESERVED
-CVE-2017-11093 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11093
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11092 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11092
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11091 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11091
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11090 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11090
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11089 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11089
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8feb69c7bd89513be80eb19198d48f154b254021
-CVE-2017-11088 (Improper Input Validation in Linux io-prefetch in Snapdragon Mobile ...)
+CVE-2017-11088
 	NOT-FOR-US: Snapdragon
-CVE-2017-11087 (libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android ...)
+CVE-2017-11087
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-11086
 	RESERVED
-CVE-2017-11085 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11085
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11084
 	RESERVED
 CVE-2017-11083
 	RESERVED
-CVE-2017-11082 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11082
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11081 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11081
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11080 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11080
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11079 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11079
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11078 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-11078
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11077
 	RESERVED
 CVE-2017-11076
 	RESERVED
-CVE-2017-11075 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2017-11075
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11074 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11074
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11073 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11073
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11072 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11072
 	NOT-FOR-US: HTC component for Android
 CVE-2017-11071
 	RESERVED
 CVE-2017-11070
 	RESERVED
-CVE-2017-11069 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11069
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11068
 	RESERVED
-CVE-2017-11067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11067
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11066 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11066
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11065
 	RESERVED
-CVE-2017-11064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11064
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11063 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11063
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11062 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11062
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11061 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11061
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11060 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11060
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11059 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11059
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11058 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11058
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11057 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11057
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11056 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11056
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11055 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11055
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11054 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11054
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11053 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11053
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11052 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11052
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11051 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11051
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11050 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11050
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11049 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11049
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11048 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11048
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11047 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11047
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11046 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11046
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11045 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11045
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11044 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11044
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11043 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11043
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11042 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11042
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11041 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-11041
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-11040 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-11040
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-11039
 	RESERVED
-CVE-2017-11038 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11038
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11037
 	RESERVED
 CVE-2017-11036
 	RESERVED
-CVE-2017-11035 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11035
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11034
 	RESERVED
-CVE-2017-11033 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11033
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11032 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11032
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11031 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11031
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11030 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11030
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11029 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11029
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11028 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11028
 	NOT-FOR-US: Android
-CVE-2017-11027 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11027
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11026 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11026
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11025 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11025
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11024 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11024
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11023 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11023
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11022 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11022
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11021
 	RESERVED
 CVE-2017-11020
 	RESERVED
-CVE-2017-11019 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11019
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11018 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11018
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11017 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11017
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11016 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11016
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11015 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11015
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11014 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11014
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11013 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11013
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11012 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11012
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11011 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-11011
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11010 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon ...)
+CVE-2017-11010
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11009
 	RESERVED
 CVE-2017-11008
 	RESERVED
-CVE-2017-11007 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11007
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11006 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11006
 	NOT-FOR-US: Qualcomm closed-source components for Android
-CVE-2017-11005 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11005
 	NOT-FOR-US: Qualcomm closed-source components for Android
-CVE-2017-11004 (A non-secure user may be able to access certain registers in ...)
+CVE-2017-11004
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11003 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-11003
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11002 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-11002
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-11001 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-11001
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-11000 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-11000
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10999 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-10999
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10998 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-10998
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10997 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-10997
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10996 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-10996
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10995 (The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows ...)
+CVE-2017-10995
 	{DSA-4204-1 DLA-1081-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #867748)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/538
@@ -21732,17 +21730,17 @@ CVE-2017-10995 (The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1fdc09dc8f9522f07f5f501fe8453765ad82556c
 	NOTE: The second commit is not security sensitive relevant, cf.
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/538#issuecomment-317047977
-CVE-2017-10994 (Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary ...)
+CVE-2017-10994
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10993 (Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to ...)
+CVE-2017-10993
 	NOT-FOR-US: Contao
 CVE-2017-10992
 	RESERVED
-CVE-2017-10991 (The WP Statistics plugin through 12.0.9 for WordPress has XSS in the ...)
+CVE-2017-10991
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-10990
 	RESERVED
-CVE-2017-10989 (The getNodeSize function in ext/rtree/rtree.c in SQLite through ...)
+CVE-2017-10989
 	{DLA-1633-1 DLA-1018-1}
 	- sqlite3 3.19.3-3 (bug #867618)
 	[stretch] - sqlite3 3.16.2-5+deb9u1
@@ -21753,28 +21751,28 @@ CVE-2017-10989 (The getNodeSize function in ext/rtree/rtree.c in SQLite through
 	NOTE: http://marc.info/?l=sqlite-users&m=149933696214713&w=2
 CVE-2017-10988
 	REJECTED
-CVE-2017-10987 (An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows &quot;DHCP - ...)
+CVE-2017-10987
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
 	[wheezy] - freeradius <not-affected> (Only affects 3.x series)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-304
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/19a18bf7c8af649c9e9742fb6a046f6aff639866
-CVE-2017-10986 (An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows &quot;DHCP - ...)
+CVE-2017-10986
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
 	[wheezy] - freeradius <not-affected> (Only affects 3.x series)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-303
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/21e2e95751bfb54c0fb0328392d06671a75c191c
-CVE-2017-10985 (An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows &quot;Infinite ...)
+CVE-2017-10985
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
 	[wheezy] - freeradius <not-affected> (Only affects 3.x series)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-302
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/6726c16549b131ed39f6f8886cdf5d9d922a9a97
-CVE-2017-10984 (An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows &quot;Write ...)
+CVE-2017-10984
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
@@ -21782,13 +21780,13 @@ CVE-2017-10984 (An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows &quot;
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-301
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/931850e5d2f65193520c2d9c9878148c0cdc16a6
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/4b059296e14b6ab75dc17163077490528a819806
-CVE-2017-10983 (An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before ...)
+CVE-2017-10983
 	{DSA-3930-1 DLA-1064-1}
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-206
 	NOTE: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/ec08b30f87066f82073d02fab57e8ffeef81373d
 	NOTE: 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/5759b20af99af6d30924f0efd8da5eac2a17163d
-CVE-2017-10982 (An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;DHCP - ...)
+CVE-2017-10982
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21797,7 +21795,7 @@ CVE-2017-10982 (An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10981 (An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;DHCP - ...)
+CVE-2017-10981
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21806,7 +21804,7 @@ CVE-2017-10981 (An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10980 (An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;DHCP - ...)
+CVE-2017-10980
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21815,7 +21813,7 @@ CVE-2017-10980 (An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10979 (An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;Write ...)
+CVE-2017-10979
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21824,13 +21822,13 @@ CVE-2017-10979 (An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows &quot;
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10978 (An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before ...)
+CVE-2017-10978
 	{DSA-3930-1 DLA-1064-1}
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-201
 	NOTE: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/38ee90f2a5a28dc5887a30bdfdc98109c0418e68
 	NOTE: 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/fc8662d7e827f630d515eaa0bddfa94754c8047f
-CVE-2017-1000082 (systemd v233 and earlier fails to safely parse usernames starting with ...)
+CVE-2017-1000082
 	- systemd 234-1 (unimportant)
 	[jessie] - systemd <not-affected> (Vulnerable code introduced in systemd-229)
 	[wheezy] - systemd <not-affected> (Vulnerable code introduced in systemd-229)
@@ -21839,25 +21837,25 @@ CVE-2017-1000082 (systemd v233 and earlier fails to safely parse usernames start
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/02/1
 CVE-2017-10977
 	RESERVED
-CVE-2017-10976 (When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to ...)
+CVE-2017-10976
 	- swftools <unfixed> (unimportant)
 	NOTE: ttftool not shipped in Debian package
-CVE-2017-10975 (Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might ...)
+CVE-2017-10975
 	NOT-FOR-US: Lutim
-CVE-2017-10974 (Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP ...)
+CVE-2017-10974
 	- yaws 1.91-2
 	NOTE: Slightly different, additional CVE assignment which MITRE insists on, but fixed by the
 	NOTE: original patch for CVE-2011-4350
-CVE-2017-10973 (In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php ...)
+CVE-2017-10973
 	NOT-FOR-US: FineCMS
-CVE-2017-10970 (Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 ...)
+CVE-2017-10970
 	- cacti 1.1.12+ds1-1 (bug #867532)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/issues/838
 	NOTE: https://github.com/Cacti/cacti/commit/3381cba6a9e36b01ed0ab0acfd41b00487966cb5
-CVE-2017-11147 (In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler ...)
+CVE-2017-11147
 	{DLA-1034-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
@@ -21867,7 +21865,7 @@ CVE-2017-11147 (In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive han
 	NOTE: Fixed in 7.1.1, 7.0.15, 5.6.30
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=e5246580a85f031e1a3b8064edbaa55c1643a451
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-11144 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the ...)
+CVE-2017-11144
 	{DSA-4081-1 DSA-4080-1 DLA-1034-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
@@ -21878,7 +21876,7 @@ CVE-2017-11144 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7,
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=73cabfedf519298e1a11192699f44d53c529315e
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=91826a311dd37f4c4e5d605fa7af331e80ddd4c3
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-11143 (In PHP before 5.6.31, an invalid free in the WDDX deserialization of ...)
+CVE-2017-11143
 	{DSA-4081-1 DLA-1034-1}
 	- php7.1 <not-affected> (Only affected 5.6)
 	- php7.0 <not-affected> (Only affected 5.6)
@@ -21887,7 +21885,7 @@ CVE-2017-11143 (In PHP before 5.6.31, an invalid free in the WDDX deserializatio
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-11142 (In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote ...)
+CVE-2017-11142
 	{DSA-4081-1}
 	- php7.1 7.1.3+-1
 	- php7.0 7.0.17-1
@@ -21898,12 +21896,12 @@ CVE-2017-11142 (In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3,
 	NOTE: https://github.com/php/php-src/commit/a15bffd105ac28fd0dd9b596632dbf035238fda3
 	NOTE: https://github.com/php/php-src/commit/0f8cf3b8497dc45c010c44ed9e96518e11e19fc3
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-10972 (Uninitialized data in endianness conversion in the XEvent handling of ...)
+CVE-2017-10972
 	{DSA-3905-1 DLA-1026-1}
 	- xorg-server 2:1.19.3-2 (bug #867492)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=05442de962d3dc624f79fc1a00eca3ffc5489ced
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/06/6
-CVE-2017-10971 (In the X.Org X server before 2017-06-19, a user authenticated to an X ...)
+CVE-2017-10971
 	{DSA-3905-1 DLA-1026-1}
 	- xorg-server 2:1.19.3-2 (bug #867492)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=ba336b24052122b136486961c82deac76bbde455
@@ -21912,18 +21910,18 @@ CVE-2017-10971 (In the X.Org X server before 2017-06-19, a user authenticated to
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/06/6
 CVE-2017-10969
 	RESERVED
-CVE-2017-10968 (In FineCMS through 2017-07-07, application\core\controller\template.php ...)
+CVE-2017-10968
 	NOT-FOR-US: FineCMS
-CVE-2017-10967 (In FineCMS before 2017-07-06, application\core\controller\config.php ...)
+CVE-2017-10967
 	NOT-FOR-US: FineCMS
-CVE-2017-10966 (An issue was discovered in Irssi before 1.0.4. While updating the ...)
+CVE-2017-10966
 	{DLA-1089-1}
 	- irssi 1.0.4-1 (low; bug #867598)
 	[stretch] - irssi 1.0.2-1+deb9u2
 	[jessie] - irssi 0.8.17-1+deb8u5
 	NOTE: https://irssi.org/security/irssi_sa_2017_07.txt
 	NOTE: https://github.com/irssi/irssi/commit/5e26325317c72a04c1610ad952974e206384d291
-CVE-2017-10965 (An issue was discovered in Irssi before 1.0.4. When receiving messages ...)
+CVE-2017-10965
 	{DLA-1089-1}
 	- irssi 1.0.4-1 (low; bug #867598)
 	[stretch] - irssi 1.0.2-1+deb9u2
@@ -21932,145 +21930,145 @@ CVE-2017-10965 (An issue was discovered in Irssi before 1.0.4. When receiving me
 	NOTE: https://github.com/irssi/irssi/commit/5e26325317c72a04c1610ad952974e206384d291
 CVE-2017-10964
 	RESERVED
-CVE-2017-10963 (In Knox SDS IAM (Identity Access Management) and EMM (Enterprise ...)
+CVE-2017-10963
 	NOT-FOR-US: Samsung
-CVE-2017-10962 (REDCap before 7.5.1 has XSS via the query string. ...)
+CVE-2017-10962
 	NOT-FOR-US: REDCap
-CVE-2017-10961 (REDCap before 7.5.1 has CSRF in the deletion feature of the File ...)
+CVE-2017-10961
 	NOT-FOR-US: REDCap
 CVE-2017-10960
 	RESERVED
-CVE-2017-10959 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10959
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10958 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10958
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10957 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10957
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10956 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-10956
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10955 (** DISPUTED ** This vulnerability allows remote attackers to execute ...)
+CVE-2017-10955
 	NOT-FOR-US: EMC
-CVE-2017-10954 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10954
 	NOT-FOR-US: Bitdefender Internet Security Internet Security 2018
-CVE-2017-10953 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10953
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10952 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10952
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10951 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10951
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10950 (This vulnerability allows local attackers to execute arbitrary code on ...)
+CVE-2017-10950
 	NOT-FOR-US: Bitdefender Total Security
-CVE-2017-10949 (Directory Traversal in Dell Storage Manager 2016 R2.1 causes ...)
+CVE-2017-10949
 	NOT-FOR-US: Dell Storage Manager
-CVE-2017-10948 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10948
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10947 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10947
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10946 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10946
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10945 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10945
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10944 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-10944
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10943 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-10943
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10942 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2017-10942
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10941 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10941
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10940 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2017-10940
 	NOT-FOR-US: Joyent
 CVE-2017-10939
 	REJECTED
 CVE-2017-10938
 	REJECTED
-CVE-2017-10937 (SQL injection vulnerability in all versions prior to V2.01.05.09 of ...)
+CVE-2017-10937
 	NOT-FOR-US: ZTE
-CVE-2017-10936 (SQL injection vulnerability in all versions prior to V4.01.01 of the ...)
+CVE-2017-10936
 	NOT-FOR-US: ZTE ZXCDN-SNS
-CVE-2017-10935 (All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products ...)
+CVE-2017-10935
 	NOT-FOR-US: ZTE ZXR10 1800-2S products
-CVE-2017-10934 (All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use ...)
+CVE-2017-10934
 	NOT-FOR-US: ZTE ZXIPTV-EPG product
-CVE-2017-10933 (All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring ...)
+CVE-2017-10933
 	NOT-FOR-US: ZTE ZXDT22 SF01
-CVE-2017-10932 (All versions prior to V12.17.20 of the ZTE Microwave NR8000 series ...)
+CVE-2017-10932
 	NOT-FOR-US: ZTE Microwave
-CVE-2017-10931 (The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download ...)
+CVE-2017-10931
 	NOT-FOR-US: ZXR10 1800-2S
-CVE-2017-10930 (The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a ...)
+CVE-2017-10930
 	NOT-FOR-US: ZXR10 1800-2S
-CVE-2017-10929 (The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 ...)
+CVE-2017-10929
 	{DLA-1016-1}
 	- radare2 1.6.0+dfsg-1 (low; bug #867369)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7855
 	NOTE: https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85
-CVE-2017-10928 (In ImageMagick 7.0.6-0, a heap-based buffer over-read in the ...)
+CVE-2017-10928
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867367)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/539
 CVE-2017-10927
 	RESERVED
-CVE-2017-10926 (IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to ...)
+CVE-2017-10926
 	NOT-FOR-US: IrfanView
-CVE-2017-10925 (IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to ...)
+CVE-2017-10925
 	NOT-FOR-US: IrfanView
-CVE-2017-10924 (IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute ...)
+CVE-2017-10924
 	NOT-FOR-US: IrfanView
-CVE-2017-10910 (MQTT.js 2.x.x prior to 2.15.0 issue in handling PUBLISH tickets may ...)
+CVE-2017-10910
 	- node-mqtt <itp> (bug #816028)
-CVE-2017-10909 (Untrusted search path vulnerability in Music Center for PC version ...)
+CVE-2017-10909
 	NOT-FOR-US: Music Center for PC
-CVE-2017-10908 (H2O version 2.2.3 and earlier allows remote attackers to cause a ...)
+CVE-2017-10908
 	- h2o 2.2.4+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1544
-CVE-2017-10907 (Directory traversal vulnerability in OneThird CMS Show Off v1.85 and ...)
+CVE-2017-10907
 	NOT-FOR-US: OneThird CMS Show Off
-CVE-2017-10906 (Escape sequence injection vulnerability in Fluentd versions 0.12.29 ...)
+CVE-2017-10906
 	NOT-FOR-US: Fluentd
-CVE-2017-10905 (A vulnerability in applications created using Qt for Android prior to ...)
+CVE-2017-10905
 	NOT-FOR-US: Qt for Android
-CVE-2017-10904 (Qt for Android prior to 5.9.0 allows remote attackers to execute ...)
+CVE-2017-10904
 	NOT-FOR-US: Qt for Android
-CVE-2017-10903 (Improper authentication issue in PTW-WMS1 firmware version 2.000.012 ...)
+CVE-2017-10903
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10902 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute ...)
+CVE-2017-10902
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10901 (Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote ...)
+CVE-2017-10901
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10900 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass ...)
+CVE-2017-10900
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10899 (SQL injection vulnerability in the A-Reserve and A-Reserve for MT ...)
+CVE-2017-10899
 	NOT-FOR-US: A-Reserve
-CVE-2017-10898 (SQL injection vulnerability in the A-Member and A-Member for MT cloud ...)
+CVE-2017-10898
 	NOT-FOR-US: A-Member
-CVE-2017-10897 (Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband ...)
+CVE-2017-10897
 	NOT-FOR-US: Buffalo BBR-4HG and and BBR-4MG broadband routers
-CVE-2017-10896 (Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG ...)
+CVE-2017-10896
 	NOT-FOR-US: Buffalo BBR-4HG and and BBR-4MG broadband routers
-CVE-2017-10895 (sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause ...)
+CVE-2017-10895
 	NOT-FOR-US: sDNSProxy
-CVE-2017-10894 (StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to ...)
+CVE-2017-10894
 	NOT-FOR-US: StreamRelay.NET
-CVE-2017-10893 (Untrusted search path vulnerability in The Public Certification ...)
+CVE-2017-10893
 	NOT-FOR-US: The Public Certification Service for Individuals
-CVE-2017-10892 (Untrusted search path vulnerability in Music Center for PC version ...)
+CVE-2017-10892
 	NOT-FOR-US: Music Center for PC
-CVE-2017-10891 (Untrusted search path vulnerability in Media Go version 3.2.0.191 and ...)
+CVE-2017-10891
 	NOT-FOR-US: Media Go
-CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to ...)
+CVE-2017-10890
 	NOT-FOR-US: RX-V200 firmware
-CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to conduct XML ...)
+CVE-2017-10889
 	NOT-FOR-US: TablePress
-CVE-2017-10888 (BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac ...)
+CVE-2017-10888
 	NOT-FOR-US: BOOK WALKER
-CVE-2017-10887 (Untrusted search path vulnerability in BOOK WALKER for Windows ...)
+CVE-2017-10887
 	NOT-FOR-US: BOOK WALKER
-CVE-2017-10886 (Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 ...)
+CVE-2017-10886
 	NOT-FOR-US: CS-Cart
-CVE-2017-10885 (Untrusted search path vulnerability in HYPER SBI Ver. 2.2 and earlier ...)
+CVE-2017-10885
 	NOT-FOR-US: HYPER SBI
 CVE-2017-10884
 	RESERVED
@@ -22090,140 +22088,140 @@ CVE-2017-10877
 	RESERVED
 CVE-2017-10876
 	RESERVED
-CVE-2017-10875 (I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an ...)
+CVE-2017-10875
 	NOT-FOR-US: I-O DATA DEVICE LAN DISK Connect
-CVE-2017-10874 (PWR-Q200 does not use random values for source ports of DNS query ...)
+CVE-2017-10874
 	NOT-FOR-US: PWR-Q200
-CVE-2017-10873 (OpenAM (Open Source Edition) allows an attacker to bypass ...)
+CVE-2017-10873
 	NOT-FOR-US: OpenAM
-CVE-2017-10872 (H2O version 2.2.3 and earlier allows remote attackers to cause a ...)
+CVE-2017-10872
 	- h2o 2.2.4+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1543
-CVE-2017-10871 (Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version ...)
+CVE-2017-10871
 	NOT-FOR-US: NTT DOCOMO Wi-Fi STATION L-02F Software
-CVE-2017-10870 (Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki ...)
+CVE-2017-10870
 	NOT-FOR-US: Rakuraku Hagaki
-CVE-2017-10869 (Buffer overflow in H2O version 2.2.2 and earlier allows remote ...)
+CVE-2017-10869
 	- h2o 2.2.3+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1460
-CVE-2017-10868 (H2O version 2.2.2 and earlier allows remote attackers to cause a ...)
+CVE-2017-10868
 	- h2o 2.2.3+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1459
 CVE-2017-10867
 	RESERVED
 CVE-2017-10866
 	RESERVED
-CVE-2017-10865 (Untrusted search path vulnerability in HIBUN Confidential File ...)
+CVE-2017-10865
 	NOT-FOR-US: HIBUN Confidential File Decryption
-CVE-2017-10864 (Untrusted search path vulnerability in Installer of HIBUN Confidential ...)
+CVE-2017-10864
 	NOT-FOR-US: HIBUN Confidential File Decryption
-CVE-2017-10863 (Untrusted search path vulnerability in HIBUN Confidential File ...)
+CVE-2017-10863
 	NOT-FOR-US: HIBUN Confidential File Decryption
-CVE-2017-10862 (jwt-scala 1.2.2 and earlier fails to verify token signatures correctly ...)
+CVE-2017-10862
 	NOT-FOR-US: jwt-scala
-CVE-2017-10861 (Directory traversal vulnerability in QND Advance/Standard allows an ...)
+CVE-2017-10861
 	NOT-FOR-US: QND Advance/Standard
-CVE-2017-10860 (Untrusted search path vulnerability in &quot;i-filter 6.0 installer&quot; ...)
+CVE-2017-10860
 	NOT-FOR-US: i-filter 6.0 installer
-CVE-2017-10859 (Untrusted search path vulnerability in &quot;i-filter 6.0 installer&quot; ...)
+CVE-2017-10859
 	NOT-FOR-US: i-filter 6.0 installer
-CVE-2017-10858 (Untrusted search path vulnerability in &quot;i-filter 6.0 install program&quot; ...)
+CVE-2017-10858
 	NOT-FOR-US: i-filter 6.0 install program
-CVE-2017-10857 (Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to ...)
+CVE-2017-10857
 	NOT-FOR-US: Cybozu
-CVE-2017-10856 (SEIL/X 4.60 to 5.72, SEIL/B1 4.60 to 5.72, SEIL/x86 3.20 to 5.72, ...)
+CVE-2017-10856
 	NOT-FOR-US: SEIL
-CVE-2017-10855 (Untrusted search path vulnerability in FENCE-Explorer for Windows ...)
+CVE-2017-10855
 	NOT-FOR-US: FENCE-Explorer for Windows
-CVE-2017-10854 (Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to ...)
+CVE-2017-10854
 	NOT-FOR-US: Corega CG-WGR1200 firmware
-CVE-2017-10853 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows ...)
+CVE-2017-10853
 	NOT-FOR-US: Corega CG-WGR1200 firmware
-CVE-2017-10852 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows ...)
+CVE-2017-10852
 	NOT-FOR-US: Corega CG-WGR1200 firmware
-CVE-2017-10851 (Untrusted search path vulnerability in Installer for ContentsBridge ...)
+CVE-2017-10851
 	NOT-FOR-US: Installer for ContentsBridge Utility for Windows
-CVE-2017-10850 (Untrusted search path vulnerability in Installers of ART EX Driver for ...)
+CVE-2017-10850
 	NOT-FOR-US: Various installer for Drivers for ApeosPort-VI and DocuCentre-VI products
-CVE-2017-10849 (Untrusted search path vulnerability in Self-extracting document ...)
+CVE-2017-10849
 	NOT-FOR-US: DocuWorks
-CVE-2017-10848 (Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 ...)
+CVE-2017-10848
 	NOT-FOR-US: Installers for DocuWorks
 CVE-2017-10847
 	RESERVED
-CVE-2017-10846 (Wi-Fi STATION L-02F Software version V10b and earlier allows remote ...)
+CVE-2017-10846
 	NOT-FOR-US: Wi-Fi STATION L-02F Software
-CVE-2017-10845 (Wi-Fi STATION L-02F Software version V10g and earlier allows remote ...)
+CVE-2017-10845
 	NOT-FOR-US: Wi-Fi STATION L-02F Software
-CVE-2017-10844 (baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to ...)
+CVE-2017-10844
 	NOT-FOR-US: baserCMS
-CVE-2017-10843 (baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote ...)
+CVE-2017-10843
 	NOT-FOR-US: baserCMS
-CVE-2017-10842 (SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 ...)
+CVE-2017-10842
 	NOT-FOR-US: baserCMS
-CVE-2017-10841 (Directory traversal vulnerability in WebCalendar 1.2.7 and earlier ...)
+CVE-2017-10841
 	- webcalendar <removed>
-CVE-2017-10840 (Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier ...)
+CVE-2017-10840
 	- webcalendar <removed>
-CVE-2017-10839 (SQL injection vulnerability in the SEO Panel prior to version 3.11.0 ...)
+CVE-2017-10839
 	NOT-FOR-US: SEO Panel
-CVE-2017-10838 (Cross-site scripting vulnerability in SEO Panel prior to version ...)
+CVE-2017-10838
 	NOT-FOR-US: SEO Panel
-CVE-2017-10837 (Cross-site scripting vulnerability in BackupGuard prior to version ...)
+CVE-2017-10837
 	NOT-FOR-US: BackupGuard
-CVE-2017-10836 (Untrusted search path vulnerability in Optimal Guard 1.1.21 and ...)
+CVE-2017-10836
 	NOT-FOR-US: Optimal Guard
-CVE-2017-10835 (&quot;Dokodemo eye Smart HD&quot; SCR02HD Firmware 1.0.3.1000 and earlier allows ...)
+CVE-2017-10835
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10834 (Directory traversal vulnerability in &quot;Dokodemo eye Smart HD&quot; SCR02HD ...)
+CVE-2017-10834
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10833 (&quot;Dokodemo eye Smart HD&quot; SCR02HD Firmware 1.0.3.1000 and earlier allows ...)
+CVE-2017-10833
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10832 (&quot;Dokodemo eye Smart HD&quot; SCR02HD Firmware 1.0.3.1000 and earlier allows ...)
+CVE-2017-10832
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10831 (Untrusted search path vulnerability in The electronic authentication ...)
+CVE-2017-10831
 	NOT-FOR-US: The CRCA user's Software system
-CVE-2017-10830 (Untrusted search path vulnerability in Security Setup Tool all ...)
+CVE-2017-10830
 	NOT-FOR-US: Security Setup Tool
-CVE-2017-10829 (Untrusted search path vulnerability in Remote Support Tool (Enkaku ...)
+CVE-2017-10829
 	NOT-FOR-US: Remote Support Tool (Enkaku Support Tool)
-CVE-2017-10828 (Untrusted search path vulnerability in Flets Install Tool all versions ...)
+CVE-2017-10828
 	NOT-FOR-US: Flets Install Tool
-CVE-2017-10827 (Untrusted search path vulnerability in Flets Azukeru for Windows Auto ...)
+CVE-2017-10827
 	NOT-FOR-US: Flets Azukeru for Windows Auto Backup Tool
-CVE-2017-10826 (Untrusted search path vulnerability in Security Kinou Mihariban ...)
+CVE-2017-10826
 	NOT-FOR-US: Security Kinou Mihariban
-CVE-2017-10825 (Untrusted search path vulnerability in Installer of Flets Easy Setup ...)
+CVE-2017-10825
 	NOT-FOR-US: Installer of Flets Easy Setup Tool
-CVE-2017-10824 (Untrusted search path vulnerability in TDB CA TypeA use software ...)
+CVE-2017-10824
 	NOT-FOR-US: TDB CA TypeA use software
-CVE-2017-10823 (Untrusted search path vulnerability in Installer for Shin Kinkyuji ...)
+CVE-2017-10823
 	NOT-FOR-US: Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program
-CVE-2017-10822 (Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu ...)
+CVE-2017-10822
 	NOT-FOR-US: Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program
-CVE-2017-10821 (Untrusted search path vulnerability in Installer for Shin Kikan Toukei ...)
+CVE-2017-10821
 	NOT-FOR-US: Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program
-CVE-2017-10820 (Untrusted search path vulnerability in Installer of IP Messenger for ...)
+CVE-2017-10820
 	NOT-FOR-US: Installer of IP Messenger for Win
-CVE-2017-10819 (MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, ...)
+CVE-2017-10819
 	NOT-FOR-US: MaLion
-CVE-2017-10818 (MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded ...)
+CVE-2017-10818
 	NOT-FOR-US: MaLion
-CVE-2017-10817 (MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to ...)
+CVE-2017-10817
 	NOT-FOR-US: MaLion
-CVE-2017-10816 (SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to ...)
+CVE-2017-10816
 	NOT-FOR-US: MaLion
-CVE-2017-10815 (MaLion for Windows 5.2.1 and earlier (only when &quot;Remote Control&quot; is ...)
+CVE-2017-10815
 	NOT-FOR-US: MaLion
-CVE-2017-10814 (Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier ...)
+CVE-2017-10814
 	NOT-FOR-US: CG-WLR300NM Firmware
-CVE-2017-10813 (CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to ...)
+CVE-2017-10813
 	NOT-FOR-US: CG-WLR300NM Firmware
-CVE-2017-10812 (Untrusted search path vulnerability in Photo Collection PC Software ...)
+CVE-2017-10812
 	NOT-FOR-US: Photo Collection PC Software
-CVE-2017-10811 (Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an ...)
+CVE-2017-10811
 	NOT-FOR-US: Buffalo WCR-1166DS devices
-CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...)
+CVE-2017-10810
 	{DSA-3927-1}
 	- linux 4.11.11-1 (low)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -22233,29 +22231,29 @@ CVE-2017-10809
 	RESERVED
 CVE-2017-10808
 	RESERVED
-CVE-2017-10806 (Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick ...)
+CVE-2017-10806
 	{DSA-3925-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #867751)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html
-CVE-2017-10807 (JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate ...)
+CVE-2017-10807
 	{DSA-3902-1}
 	- jabberd2 2.6.1-1 (bug #867032)
 	NOTE: Fixed by: https://github.com/jabberd2/jabberd2/commit/8416ae54ecefa670534f27a31db71d048b9c7f16
 	NOTE: https://github.com/jabberd2/jabberd2/releases/tag/jabberd-2.6.1
-CVE-2017-10805 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ...)
+CVE-2017-10805
 	NOT-FOR-US: Odoo
-CVE-2017-10804 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ...)
+CVE-2017-10804
 	NOT-FOR-US: Odoo
-CVE-2017-10803 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ...)
+CVE-2017-10803
 	NOT-FOR-US: Odoo
 CVE-2017-10802
 	RESERVED
-CVE-2017-10801 (phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO ...)
+CVE-2017-10801
 	NOT-FOR-US: phpSocial
-CVE-2017-10800 (When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it ...)
+CVE-2017-10800
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-1 (bug #867060)
 	[jessie] - graphicsmagick <no-dsa> (Minor issue)
@@ -22265,43 +22263,43 @@ CVE-2017-10800 (When GraphicsMagick 1.3.25 processes a MATLAB image in coders/ma
 	NOTE: changes, and Bob Friesenhahn commented that it's not complete. All
 	NOTE: the rlated changesets to mat.c since the one referenced should be
 	NOTE: picked up.
-CVE-2017-10799 (When GraphicsMagick 1.3.25 processes a DPX image (with metadata ...)
+CVE-2017-10799
 	{DSA-4321-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-1 (bug #867077)
 	[jessie] - graphicsmagick <no-dsa> (Minor issue)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f10b9bb3ca62
-CVE-2017-10798 (In ObjectPlanet Opinio before 7.6.4, there is XSS. ...)
+CVE-2017-10798
 	NOT-FOR-US: ObjectPlanet Opinio
 CVE-2017-10797
 	RESERVED
-CVE-2017-10796 (On TP-Link NC250 devices with firmware through 1.2.1 build 170515, ...)
+CVE-2017-10796
 	NOT-FOR-US: TP-Link
-CVE-2017-10795 (Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows ...)
+CVE-2017-10795
 	NOT-FOR-US: Subrion CMS
-CVE-2017-10794 (When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata ...)
+CVE-2017-10794
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-1 (bug #867085)
 	[jessie] - graphicsmagick <not-affected> (vulnerable code not present)
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/a20bee0a0ad2
-CVE-2017-10793 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and ...)
+CVE-2017-10793
 	NOT-FOR-US: Arris
-CVE-2017-10792 (There is a NULL Pointer Dereference in the function ll_insert() of the ...)
+CVE-2017-10792
 	- pspp 1.0.0-1 (unimportant; bug #866890)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1467005
 	NOTE: No security impact, crash in CLI tool
-CVE-2017-10791 (There is an Integer overflow in the hash_int function of the libpspp ...)
+CVE-2017-10791
 	- pspp 1.0.0-1 (unimportant; bug #866890)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1467004
 	NOTE: No security impact as built in Debian
-CVE-2017-10790 (The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes ...)
+CVE-2017-10790
 	{DSA-4106-1 DLA-1038-1}
 	- libtasn1-6 4.12-2.1 (bug #867398)
 	[jessie] - libtasn1-6 <no-dsa> (Minor issue)
 	- libtasn1-3 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464141
 	NOTE: Fixed by: https://gitlab.com/gnutls/libtasn1/commit/d8d805e1f2e6799bb2dff4871a8598dc83088a39
-CVE-2017-10789 (The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 ...)
+CVE-2017-10789
 	{DLA-1079-1}
 	- libdbd-mysql-perl 4.046-1 (bug #866821)
 	[stretch] - libdbd-mysql-perl <no-dsa> (Minor issue, can be fixed via point release)
@@ -22311,7 +22309,7 @@ CVE-2017-10789 (The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=
 	NOTE: Upstream 4.042 fixed this issue, but was reverted upstream in 4.043:
 	NOTE: https://www.nntp.perl.org/group/perl.dbi.dev/2017/08/msg8037.html
 	NOTE: No upstream-blessed patch available.
-CVE-2017-10788 (The DBD::mysql module through 4.043 for Perl allows remote attackers to ...)
+CVE-2017-10788
 	{DLA-1079-1}
 	- libdbd-mysql-perl 4.046-1 (bug #866818)
 	[stretch] - libdbd-mysql-perl <no-dsa> (Minor issue, can be fixed via point release)
@@ -22325,7 +22323,7 @@ CVE-2017-10786
 	RESERVED
 CVE-2017-10785
 	RESERVED
-CVE-2017-10784 (The Basic authentication code in WEBrick library in Ruby before 2.2.8, ...)
+CVE-2017-10784
 	{DSA-4031-1 DLA-1421-1 DLA-1114-1 DLA-1113-1}
 	- ruby2.3 2.3.5-1 (bug #875931)
 	- ruby2.1 <removed>
@@ -22334,123 +22332,123 @@ CVE-2017-10784 (The Basic authentication code in WEBrick library in Ruby before
 	NOTE: https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
 	NOTE: https://github.com/ruby/ruby/commit/6617c41292b7d1e097abb8fdb0cab9ddd83c77e7
 	NOTE: https://hackerone.com/reports/223363
-CVE-2017-10783 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10783
 	NOT-FOR-US: XnView
-CVE-2017-10782 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10782
 	NOT-FOR-US: XnView
-CVE-2017-10781 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10781
 	NOT-FOR-US: XnView
-CVE-2017-10780 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10780
 	NOT-FOR-US: XnView
-CVE-2017-10779 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10779
 	NOT-FOR-US: XnView
-CVE-2017-10778 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10778
 	NOT-FOR-US: XnView
-CVE-2017-10777 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10777
 	NOT-FOR-US: XnView
-CVE-2017-10776 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10776
 	NOT-FOR-US: XnView
-CVE-2017-10775 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10775
 	NOT-FOR-US: XnView
-CVE-2017-10774 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10774
 	NOT-FOR-US: XnView
-CVE-2017-10773 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10773
 	NOT-FOR-US: XnView
-CVE-2017-10772 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10772
 	NOT-FOR-US: XnView
-CVE-2017-10771 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10771
 	NOT-FOR-US: XnView
-CVE-2017-10770 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10770
 	NOT-FOR-US: XnView
-CVE-2017-10769 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10769
 	NOT-FOR-US: XnView
-CVE-2017-10768 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10768
 	NOT-FOR-US: XnView
-CVE-2017-10767 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10767
 	NOT-FOR-US: XnView
-CVE-2017-10766 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10766
 	NOT-FOR-US: XnView
-CVE-2017-10765 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10765
 	NOT-FOR-US: XnView
-CVE-2017-10764 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10764
 	NOT-FOR-US: XnView
-CVE-2017-10763 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10763
 	NOT-FOR-US: XnView
-CVE-2017-10762 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10762
 	NOT-FOR-US: XnView
-CVE-2017-10761 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10761
 	NOT-FOR-US: XnView
-CVE-2017-10760 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10760
 	NOT-FOR-US: XnView
-CVE-2017-10759 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10759
 	NOT-FOR-US: XnView
-CVE-2017-10758 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10758
 	NOT-FOR-US: XnView
-CVE-2017-10757 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10757
 	NOT-FOR-US: XnView
-CVE-2017-10756 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10756
 	NOT-FOR-US: XnView
-CVE-2017-10755 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10755
 	NOT-FOR-US: XnView
-CVE-2017-10754 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10754
 	NOT-FOR-US: XnView
-CVE-2017-10753 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10753
 	NOT-FOR-US: XnView
-CVE-2017-10752 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10752
 	NOT-FOR-US: XnView
-CVE-2017-10751 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
+CVE-2017-10751
 	NOT-FOR-US: XnView
-CVE-2017-10750 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10750
 	NOT-FOR-US: XnView
-CVE-2017-10749 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10749
 	NOT-FOR-US: XnView
-CVE-2017-10748 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10748
 	NOT-FOR-US: XnView
-CVE-2017-10747 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10747
 	NOT-FOR-US: XnView
-CVE-2017-10746 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10746
 	NOT-FOR-US: XnView
-CVE-2017-10745 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10745
 	NOT-FOR-US: XnView
-CVE-2017-10744 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10744
 	NOT-FOR-US: XnView
-CVE-2017-10743 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10743
 	NOT-FOR-US: XnView
-CVE-2017-10742 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10742
 	NOT-FOR-US: XnView
-CVE-2017-10741 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10741
 	NOT-FOR-US: XnView
-CVE-2017-10740 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10740
 	NOT-FOR-US: XnView
-CVE-2017-10739 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10739
 	NOT-FOR-US: XnView
-CVE-2017-10738 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10738
 	NOT-FOR-US: XnView
-CVE-2017-10737 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10737
 	NOT-FOR-US: XnView
-CVE-2017-10736 (XnView Classic for Windows Version 2.40 allows attackers to execute ...)
+CVE-2017-10736
 	NOT-FOR-US: XnView
-CVE-2017-10735 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
+CVE-2017-10735
 	NOT-FOR-US: IrfanView
-CVE-2017-10734 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
+CVE-2017-10734
 	NOT-FOR-US: IrfanView
-CVE-2017-10733 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
+CVE-2017-10733
 	NOT-FOR-US: IrfanView
-CVE-2017-10732 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
+CVE-2017-10732
 	NOT-FOR-US: IrfanView
-CVE-2017-10731 (IrfanView version 4.44 (32bit) allows attackers to execute arbitrary ...)
+CVE-2017-10731
 	NOT-FOR-US: IrfanView
-CVE-2017-10730 (IrfanView version 4.44 (32bit) allows attackers to execute arbitrary ...)
+CVE-2017-10730
 	NOT-FOR-US: IrfanView
-CVE-2017-10729 (IrfanView version 4.44 (32bit) allows attackers to execute arbitrary ...)
+CVE-2017-10729
 	NOT-FOR-US: IrfanView
-CVE-2017-10728 (Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary ...)
+CVE-2017-10728
 	NOT-FOR-US: Winamp
-CVE-2017-10727 (Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary ...)
+CVE-2017-10727
 	NOT-FOR-US: Winamp
-CVE-2017-10726 (Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary ...)
+CVE-2017-10726
 	NOT-FOR-US: Winamp
-CVE-2017-10725 (Winamp 5.666 Build 3516(x86) allows attackers to execute arbitrary code ...)
+CVE-2017-10725
 	NOT-FOR-US: Winamp
 CVE-2017-10724
 	RESERVED
@@ -22478,18 +22476,18 @@ CVE-2017-10713
 	RESERVED
 CVE-2017-10712
 	RESERVED
-CVE-2017-10711 (In SimpleRisk 20170614-001, a CSRF attack on reset.php (aka the Send ...)
+CVE-2017-10711
 	NOT-FOR-US: SimpleRisk
 CVE-2017-10710
 	RESERVED
-CVE-2017-10709 (The lockscreen on Elephone P9000 devices (running Android 6.0) allows ...)
+CVE-2017-10709
 	NOT-FOR-US: Elephone P9000 devices
-CVE-2017-10708 (An issue was discovered in Apport through 2.20.x. In apport/report.py, ...)
+CVE-2017-10708
 	[experimental] - apport 2.20.4-2 (bug #868831)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 CVE-2017-10707
 	RESERVED
-CVE-2017-10706 (When Antiy Antivirus Engine before 5.0.0.05171547 scans a special ZIP ...)
+CVE-2017-10706
 	NOT-FOR-US: When Antiy Antivirus Engine
 CVE-2017-10705
 	RESERVED
@@ -22499,11 +22497,11 @@ CVE-2017-10703
 	RESERVED
 CVE-2017-10702
 	RESERVED
-CVE-2017-10701 (Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 ...)
+CVE-2017-10701
 	NOT-FOR-US: SAP Enterprise Portal
-CVE-2017-10700 (In the medialibrary component in QNAP NAS 4.3.3.0229, an ...)
+CVE-2017-10700
 	NOT-FOR-US: QNAP
-CVE-2017-10699 (avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before ...)
+CVE-2017-10699
 	{DSA-4045-1}
 	- vlc 2.2.6-3
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
@@ -22526,12 +22524,12 @@ CVE-2017-10692
 	RESERVED
 CVE-2017-10691
 	RESERVED
-CVE-2017-10690 (In previous versions of Puppet Agent it was possible for the agent to ...)
+CVE-2017-10690
 	- puppet <not-affected> (Only affects Puppet 5, only in experimental)
 	NOTE: https://puppet.com/security/cve/CVE-2017-10690
 	NOTE: https://tickets.puppetlabs.com/browse/PUP-8225
 	NOTE: Fixed by: https://github.com/puppetlabs/puppet/commit/bd87bef2c3862d333f4c1f2b148b147d449a375b
-CVE-2017-10689 (In previous versions of Puppet Agent it was possible to install a ...)
+CVE-2017-10689
 	- puppet 5.4.0-1 (bug #890412)
 	[stretch] - puppet <no-dsa> (Minor issue)
 	[jessie] - puppet <no-dsa> (Minor issue)
@@ -22540,36 +22538,36 @@ CVE-2017-10689 (In previous versions of Puppet Agent it was possible to install
 	NOTE: https://tickets.puppetlabs.com/browse/PUP-7866
 	NOTE: https://github.com/puppetlabs/puppet/commit/17d9e02da3882e44c1876e2805cf9708481715ee
 	NOTE: https://github.com/puppetlabs/puppet/commit/983154f7e29a2a50d416d889a6fed012b9b12399
-CVE-2017-10688 (In LibTIFF 4.0.8, there is a assertion abort in the ...)
+CVE-2017-10688
 	{DSA-3903-1 DLA-1022-1}
 	- tiff 4.0.8-3 (bug #866611)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2712
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1
-CVE-2017-10687 (In LibSass 3.4.5, there is a heap-based buffer over-read in the ...)
+CVE-2017-10687
 	- libsass <unfixed> (low; bug #866672)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1466411
-CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after ...)
+CVE-2017-10686
 	{DLA-1041-1}
 	- nasm 2.13.02-0.1 (bug #867988)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392414
-CVE-2017-10685 (In ncurses 6.0, there is a format string vulnerability in the fmt_entry ...)
+CVE-2017-10685
 	- ncurses 6.0+20170701-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464692
-CVE-2017-10684 (In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry ...)
+CVE-2017-10684
 	- ncurses 6.0+20170708-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464687
-CVE-2017-10683 (In mpg123 1.25.0, there is a heap-based buffer over-read in the ...)
+CVE-2017-10683
 	{DLA-1017-1}
 	- mpg123 1.25.1-1 (bug #866860)
 	[stretch] - mpg123 <no-dsa> (Minor issue)
@@ -22577,46 +22575,46 @@ CVE-2017-10683 (In mpg123 1.25.0, there is a heap-based buffer over-read in the
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465819
 	NOTE: Duplicate of https://sourceforge.net/p/mpg123/bugs/252/
 	NOTE: Patch: http://scm.orgis.org/view/mpg123/trunk/src/libmpg123/id3.c?sortby=date&r1=4249&r2=4248&pathrev=4249
-CVE-2017-10682 (SQL injection vulnerability in the administrative backend in Piwigo ...)
+CVE-2017-10682
 	- piwigo <removed>
-CVE-2017-10681 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 ...)
+CVE-2017-10681
 	- piwigo <removed>
-CVE-2017-10680 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 ...)
+CVE-2017-10680
 	- piwigo <removed>
-CVE-2017-10679 (Piwigo through 2.9.1 allows remote attackers to obtain sensitive ...)
+CVE-2017-10679
 	- piwigo <removed>
-CVE-2017-10678 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 ...)
+CVE-2017-10678
 	- piwigo <removed>
-CVE-2017-10677 (Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with ...)
+CVE-2017-10677
 	NOT-FOR-US: Linksys EA4500 devices
-CVE-2017-10676 (On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was ...)
+CVE-2017-10676
 	NOT-FOR-US: D-Link
 CVE-2017-10675
 	RESERVED
-CVE-2017-10674 (Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a ...)
+CVE-2017-10674
 	NOT-FOR-US: Antiy Antivirus Engine
-CVE-2017-10673 (admin/profile.php in GetSimple CMS 3.x has XSS in a name field. ...)
+CVE-2017-10673
 	NOT-FOR-US: GetSimple CMS
-CVE-2017-10672 (Use-after-free in the XML-LibXML module through 2.0129 for Perl allows ...)
+CVE-2017-10672
 	{DSA-4042-1 DLA-1171-1}
 	- libxml-libxml-perl 2.0128+dfsg-5 (bug #866676)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=122246
 	NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/8
-CVE-2017-10671 (Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in ...)
+CVE-2017-10671
 	- thttpd <removed>
-CVE-2017-10670 (An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used ...)
+CVE-2017-10670
 	NOT-FOR-US: OSCI-Transport
-CVE-2017-10669 (Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI ...)
+CVE-2017-10669
 	NOT-FOR-US: OSCI-Transport
-CVE-2017-10668 (A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport ...)
+CVE-2017-10668
 	NOT-FOR-US: OSCI-Transport
-CVE-2017-10667 (In index.php in Zen Cart 1.6.0, the products_id parameter can cause ...)
+CVE-2017-10667
 	NOT-FOR-US: Zen Cart
 CVE-2017-10666
 	RESERVED
-CVE-2017-10665 (Directory traversal vulnerability in ajaxfileupload.php in Kayson ...)
+CVE-2017-10665
 	NOT-FOR-US: Kayson Group Ltd. phpGrid
-CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf ...)
+CVE-2017-9998
 	- dwarfutils 20170416-3 (bug #866968)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
@@ -22624,22 +22622,22 @@ CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwar
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465756
 CVE-2017-9997
 	RESERVED
-CVE-2017-10664 (qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which ...)
+CVE-2017-10664
 	{DSA-3920-1 DLA-1599-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-7 (bug #866674)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
 	NOTE: Fixed by (master): http://git.qemu.org/?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1
-CVE-2017-10663 (The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel ...)
+CVE-2017-10663
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/15d3042a937c13f5d9244241c7a9c8416ff6e82a (v4.13-rc1)
-CVE-2017-10662 (The sanity_check_raw_super function in fs/f2fs/super.c in the Linux ...)
+CVE-2017-10662
 	- linux 4.9.30-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b9dd46188edc2f0d1f37328637860bb65a771124 (v4.12-rc1)
-CVE-2017-10661 (Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 ...)
+CVE-2017-10661
 	{DLA-1099-1}
 	- linux 4.9.30-1
 	[jessie] - linux 3.16.43-2+deb8u5
@@ -22716,75 +22714,75 @@ CVE-2017-10626
 	RESERVED
 CVE-2017-10625
 	RESERVED
-CVE-2017-10624 (Insufficient verification of node certificates in Juniper Networks ...)
+CVE-2017-10624
 	NOT-FOR-US: Juniper
-CVE-2017-10623 (Lack of authentication and authorization of cluster messages in ...)
+CVE-2017-10623
 	NOT-FOR-US: Juniper
-CVE-2017-10622 (An authentication bypass vulnerability in Juniper Networks Junos Space ...)
+CVE-2017-10622
 	NOT-FOR-US: Juniper
-CVE-2017-10621 (A denial of service vulnerability in telnetd service on Juniper ...)
+CVE-2017-10621
 	NOT-FOR-US: Juniper
-CVE-2017-10620 (Juniper Networks Junos OS on SRX series devices do not verify the ...)
+CVE-2017-10620
 	NOT-FOR-US: Juniper
-CVE-2017-10619 (When Express Path (formerly known as service offloading) is configured ...)
+CVE-2017-10619
 	NOT-FOR-US: Juniper
-CVE-2017-10618 (When the 'bgp-error-tolerance' feature &amp;#xe2;&amp;#x80;&quot; designed to help ...)
+CVE-2017-10618
 	NOT-FOR-US: Juniper
-CVE-2017-10617 (The ifmap service that comes bundled with Contrail has an XML External ...)
+CVE-2017-10617
 	NOT-FOR-US: Juniper
-CVE-2017-10616 (The ifmap service that comes bundled with Juniper Networks Contrail ...)
+CVE-2017-10616
 	NOT-FOR-US: Juniper
-CVE-2017-10615 (A vulnerability in the pluggable authentication module (PAM) of ...)
+CVE-2017-10615
 	NOT-FOR-US: Juniper
-CVE-2017-10614 (A vulnerability in telnetd service on Junos OS allows a remote ...)
+CVE-2017-10614
 	NOT-FOR-US: Juniper
-CVE-2017-10613 (A vulnerability in a specific loopback filter action command, ...)
+CVE-2017-10613
 	NOT-FOR-US: Juniper
-CVE-2017-10612 (A persistent site scripting vulnerability in Juniper Networks Junos ...)
+CVE-2017-10612
 	NOT-FOR-US: Juniper
-CVE-2017-10611 (If extended statistics are enabled via 'set chassis ...)
+CVE-2017-10611
 	NOT-FOR-US: Juniper
-CVE-2017-10610 (On SRX Series devices, a crafted ICMP packet embedded within a NAT64 ...)
+CVE-2017-10610
 	NOT-FOR-US: Juniper
 CVE-2017-10609
 	RESERVED
-CVE-2017-10608 (Any Juniper Networks SRX series device with one or more ALGs enabled ...)
+CVE-2017-10608
 	NOT-FOR-US: Juniper
-CVE-2017-10607 (Juniper Networks Junos OS 16.1R1, and services releases based off of ...)
+CVE-2017-10607
 	NOT-FOR-US: Juniper
-CVE-2017-10606 (Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper ...)
+CVE-2017-10606
 	NOT-FOR-US: Juniper
-CVE-2017-10605 (On all vSRX and SRX Series devices, when the DHCP or DHCP relay is ...)
+CVE-2017-10605
 	NOT-FOR-US: Juniper
-CVE-2017-10604 (When the device is configured to perform account lockout with a ...)
+CVE-2017-10604
 	NOT-FOR-US: Juniper
-CVE-2017-10603 (An XML injection vulnerability in Junos OS CLI can allow a locally ...)
+CVE-2017-10603
 	NOT-FOR-US: Juniper
-CVE-2017-10602 (A buffer overflow vulnerability in Junos OS CLI may allow a local ...)
+CVE-2017-10602
 	NOT-FOR-US: Juniper
-CVE-2017-10601 (A specific device configuration can result in a commit failure ...)
+CVE-2017-10601
 	NOT-FOR-US: Juniper
-CVE-2017-10600 (ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates ...)
+CVE-2017-10600
 	NOT-FOR-US: ubuntu-image
-CVE-2017-9996 (The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x ...)
+CVE-2017-9996
 	- ffmpeg 7:3.2.5-1
 	- libav <not-affected> (Vulnerable feature not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/1e42736b95065c69a7481d0cf55247024f54b660
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e1b60aad77c27ed5d4dfc11e5e6a05a38c70489d
 	NOTE: The bug affects FFmpeg's support for CHUNKY cdxl files, a feature that is
 	NOTE: not present in Libav. Libav detects CHUNKY files and bails out early.
-CVE-2017-9995 (libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate ...)
+CVE-2017-9995
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2171dfae8c065878a2e130390eb78cf2947a5b69
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7ac5067146613997bb38442cb022d7f41321a706
-CVE-2017-9994 (libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x ...)
+CVE-2017-9994
 	{DLA-1630-1}
 	- ffmpeg 7:3.2.5-1
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present, WebP decoder feature introduced in v10)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef
-CVE-2017-9993 (FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, ...)
+CVE-2017-9993
 	{DSA-3957-1 DLA-1630-1}
 	- ffmpeg 7:3.2.6-1
 	- libav <removed>
@@ -22793,46 +22791,46 @@ CVE-2017-9993 (FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before
 	NOTE: Fixed in 3.2.6
 	NOTE: Jessie is only partially affected. Only the second commit is
 	NOTE: relevant. HTTP Live Streaming filename extension code is not present.
-CVE-2017-9992 (Heap-based buffer overflow in the decode_dds1 function in ...)
+CVE-2017-9992
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:3.2.5-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/f52fbf4f3ed02a7d872d8a102006f29b4421f360
 	NOTE: Fixed in 11.11
-CVE-2017-9991 (Heap-based buffer overflow in the xwd_decode_frame function in ...)
+CVE-2017-9991
 	- ffmpeg 7:3.2.5-1
 	- libav <not-affected> (Vulnerable feature not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/441026fcb13ac23aa10edc312bdacb6445a0ad06
 	NOTE: The error occurs in the support for 8bpp XWD images where bpp and image
 	NOTE: depth are not checked thoroughly enough. Libav does not support 8bpp
 	NOTE: images and bails out early -- Diego Biurrun (libav project)
-CVE-2017-9990 (Stack-based buffer overflow in the color_string_to_rgba function in ...)
+CVE-2017-9990
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cb243972b121b1ae6b60a78ff55a0506c69f3879
-CVE-2017-9989 (util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A ...)
+CVE-2017-9989
 	{DLA-1176-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/86
-CVE-2017-9988 (The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles ...)
+CVE-2017-9988
 	{DLA-1176-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/85
-CVE-2017-9987 (There is a heap-based buffer overflow in the function hpel_motion in ...)
+CVE-2017-9987
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1067
 	NOTE: Five different issues but only one POC instead of five attached.
 	NOTE: Requires more information.
-CVE-2017-9986 (The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel ...)
+CVE-2017-9986
 	- linux <unfixed> (unimportant)
 	NOTE: No security issue, only "exploitable" with malicious ISA cards
-CVE-2017-9985 (The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in ...)
+CVE-2017-9985
 	- linux 4.13.4-1 (unimportant)
 	[stretch] - linux 4.9.51-1
 	NOTE: No security issue, only "exploitable" with malicious ISA cards
 	NOTE: Fixed by: https://git.kernel.org/linus/20e2b791796bd68816fa115f12be5320de2b8021 (v4.13-rc1)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=196133
-CVE-2017-9984 (The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in ...)
+CVE-2017-9984
 	- linux 4.13.4-1 (unimportant)
 	[stretch] - linux 4.9.51-1
 	NOTE: No security issue, only "exploitable" with malicious ISA cards
@@ -22840,18 +22838,18 @@ CVE-2017-9984 (The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=196131
 CVE-2017-9983
 	RESERVED
-CVE-2017-9982 (TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of ...)
+CVE-2017-9982
 	- teamspeak-client <removed>
 	[wheezy] - teamspeak-client <end-of-life> (non-free is not supported)
 CVE-2017-9981
 	RESERVED
-CVE-2017-9980 (In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the ...)
+CVE-2017-9980
 	NOT-FOR-US: Green Packet
-CVE-2017-9979 (On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the ...)
+CVE-2017-9979
 	NOT-FOR-US: QuantaStor
-CVE-2017-9978 (On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw ...)
+CVE-2017-9978
 	NOT-FOR-US: QuantaStor
-CVE-2017-9977 (AVG AntiVirus for MacOS with scan engine before 4668 might allow ...)
+CVE-2017-9977
 	NOT-FOR-US: AVG
 CVE-2017-9976
 	RESERVED
@@ -22865,49 +22863,49 @@ CVE-2017-9972
 	REJECTED
 CVE-2017-9971
 	REJECTED
-CVE-2017-9970 (A remote code execution vulnerability exists in Schneider Electric's ...)
+CVE-2017-9970
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9969 (An information disclosure vulnerability exists in Schneider Electric's ...)
+CVE-2017-9969
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9968 (A security misconfiguration vulnerability exists in Schneider ...)
+CVE-2017-9968
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9967 (A security misconfiguration vulnerability exists in Schneider ...)
+CVE-2017-9967
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9966 (A privilege escalation vulnerability exists in Schneider Electric's ...)
+CVE-2017-9966
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9965 (An exposure of sensitive information vulnerability exists in Schneider ...)
+CVE-2017-9965
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9964 (A Path Traversal issue was discovered in Schneider Electric Pelco ...)
+CVE-2017-9964
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9963 (A cross-site request forgery vulnerability exists on the Secure ...)
+CVE-2017-9963
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9962 (Schneider Electric's ClearSCADA versions released prior to August 2017 ...)
+CVE-2017-9962
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9961 (A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX ...)
+CVE-2017-9961
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9960 (An information disclosure vulnerability exists in Schneider Electric's ...)
+CVE-2017-9960
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9959 (A vulnerability exists in Schneider Electric's U.motion Builder ...)
+CVE-2017-9959
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9958 (An improper access control vulnerability exists in Schneider ...)
+CVE-2017-9958
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9957 (A vulnerability exists in Schneider Electric's U.motion Builder ...)
+CVE-2017-9957
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9956 (An authentication bypass vulnerability exists in Schneider Electric's ...)
+CVE-2017-9956
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9955 (The get_build_id function in opncls.c in the Binary File Descriptor ...)
+CVE-2017-9955
 	- binutils 2.29-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21665
-CVE-2017-9954 (The getvalue function in tekhex.c in the Binary File Descriptor (BFD) ...)
+CVE-2017-9954
 	- binutils 2.29-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21670
-CVE-2017-9953 (There is an invalid free in Image::printIFDStructure that leads to a ...)
+CVE-2017-9953
 	- exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465061
 	NOTE: Possibly introduced after https://github.com/Exiv2/exiv2/commit/fd5e983746c336336039e91cb6b656cf8eeccdea
@@ -22915,201 +22913,201 @@ CVE-2017-9953 (There is an invalid free in Image::printIFDStructure that leads t
 	NOTE: again. Around that commit upstream source though does not build.
 CVE-2017-9952
 	RESERVED
-CVE-2017-9951 (The try_read_command function in memcached.c in memcached before 1.4.39 ...)
+CVE-2017-9951
 	{DSA-4218-1 DLA-1033-1}
 	- memcached 1.5.0-1 (bug #868701)
 	NOTE: https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/
 	NOTE: https://github.com/memcached/memcached/commit/328629445c71e6c17074f6e9e0e3ef585b58f167
 CVE-2017-9950
 	RESERVED
-CVE-2017-9949 (The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 ...)
+CVE-2017-9949
 	- radare2 1.6.0+dfsg-1 (bug #866068)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7683
 	NOTE: https://github.com/radare/radare2/commit/796dd28aaa6b9fa76d99c42c4d5ff8b257cc2191
-CVE-2017-9948 (A stack buffer overflow vulnerability has been discovered in Microsoft ...)
+CVE-2017-9948
 	NOT-FOR-US: Microsoft Skype
-CVE-2017-9947 (A vulnerability has been identified in Siemens APOGEE PXC and TALON TC ...)
+CVE-2017-9947
 	NOT-FOR-US: Siemens
-CVE-2017-9946 (A vulnerability has been identified in Siemens APOGEE PXC and TALON TC ...)
+CVE-2017-9946
 	NOT-FOR-US: Siemens
-CVE-2017-9945 (In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All ...)
+CVE-2017-9945
 	NOT-FOR-US: Siemens
-CVE-2017-9944 (A vulnerability has been identified in Siemens 7KT PAC1200 data manager ...)
+CVE-2017-9944
 	NOT-FOR-US: Siemens
 CVE-2017-9943
 	RESERVED
-CVE-2017-9942 (A vulnerability was discovered in Siemens SiPass integrated (All ...)
+CVE-2017-9942
 	NOT-FOR-US: Siemens
-CVE-2017-9941 (A vulnerability was discovered in Siemens SiPass integrated (All ...)
+CVE-2017-9941
 	NOT-FOR-US: Siemens
-CVE-2017-9940 (A vulnerability was discovered in Siemens SiPass integrated (All ...)
+CVE-2017-9940
 	NOT-FOR-US: Siemens
-CVE-2017-9939 (A vulnerability was discovered in Siemens SiPass integrated (All ...)
+CVE-2017-9939
 	NOT-FOR-US: Siemens
-CVE-2017-9938 (A vulnerability was discovered in Siemens SIMATIC Logon (All versions ...)
+CVE-2017-9938
 	NOT-FOR-US: Siemens
-CVE-2017-9937 (In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A ...)
+CVE-2017-9937
 	- jbigkit <unfixed> (unimportant; bug #869708)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2707
 	NOTE: The CVE was assigned for src:tiff by MITRE, but the issue actually lies
 	NOTE: in jbigkit itself.
-CVE-2017-9936 (In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF ...)
+CVE-2017-9936
 	{DSA-3903-1 DLA-1023-1 DLA-1022-1}
 	- tiff 4.0.8-3 (bug #866113)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2706
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
-CVE-2017-9935 (In LibTIFF 4.0.8, there is a heap-based buffer overflow in the ...)
+CVE-2017-9935
 	{DSA-4100-1 DLA-1206-1}
 	- tiff 4.0.9-2 (bug #866109)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (does not build vulnerable tiff2pdf)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2704
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940
-CVE-2017-9934 (Missing CSRF token checks and improper input validation in Joomla! CMS ...)
+CVE-2017-9934
 	NOT-FOR-US: Joomla!
-CVE-2017-9933 (Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads ...)
+CVE-2017-9933
 	NOT-FOR-US: Joomla!
-CVE-2017-9932 (Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a ...)
+CVE-2017-9932
 	NOT-FOR-US: Green Packet
-CVE-2017-9931 (Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware ...)
+CVE-2017-9931
 	NOT-FOR-US: Green Packet
-CVE-2017-9930 (Cross-Site Request Forgery (CSRF) exists in Green Packet DX-350 ...)
+CVE-2017-9930
 	NOT-FOR-US: Green Packet
-CVE-2017-9929 (In lrzip 0.631, a stack buffer overflow was found in the function ...)
+CVE-2017-9929
 	- lrzip 0.631+git180517-1 (bug #866020)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/75
-CVE-2017-9928 (In lrzip 0.631, a stack buffer overflow was found in the function ...)
+CVE-2017-9928
 	- lrzip 0.631+git180517-1 (bug #866022)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/74
-CVE-2017-9927 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
+CVE-2017-9927
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9926 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
+CVE-2017-9926
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9925 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
+CVE-2017-9925
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9924 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
+CVE-2017-9924
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9923 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9923
 	NOT-FOR-US: IrfanView
-CVE-2017-9922 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9922
 	NOT-FOR-US: IrfanView
-CVE-2017-9921 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9921
 	NOT-FOR-US: IrfanView
-CVE-2017-9920 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9920
 	NOT-FOR-US: IrfanView
-CVE-2017-9919 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9919
 	NOT-FOR-US: IrfanView
-CVE-2017-9918 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9918
 	NOT-FOR-US: IrfanView
-CVE-2017-9917 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9917
 	NOT-FOR-US: IrfanView
-CVE-2017-9916 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
+CVE-2017-9916
 	NOT-FOR-US: IrfanView
-CVE-2017-9915 (IrfanView version 4.44 (32bit) with TOOLS plugin 4.50 allows attackers ...)
+CVE-2017-9915
 	NOT-FOR-US: IrfanView
-CVE-2017-9914 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9914
 	NOT-FOR-US: XnView
-CVE-2017-9913 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9913
 	NOT-FOR-US: XnView
-CVE-2017-9912 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9912
 	NOT-FOR-US: XnView
-CVE-2017-9911 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9911
 	NOT-FOR-US: XnView
-CVE-2017-9910 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9910
 	NOT-FOR-US: XnView
-CVE-2017-9909 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9909
 	NOT-FOR-US: XnView
-CVE-2017-9908 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9908
 	NOT-FOR-US: XnView
-CVE-2017-9907 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9907
 	NOT-FOR-US: XnView
-CVE-2017-9906 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9906
 	NOT-FOR-US: XnView
-CVE-2017-9905 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9905
 	NOT-FOR-US: XnView
-CVE-2017-9904 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9904
 	NOT-FOR-US: XnView
-CVE-2017-9903 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9903
 	NOT-FOR-US: XnView
-CVE-2017-9902 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9902
 	NOT-FOR-US: XnView
-CVE-2017-9901 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9901
 	NOT-FOR-US: XnView
-CVE-2017-9900 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9900
 	NOT-FOR-US: XnView
-CVE-2017-9899 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9899
 	NOT-FOR-US: XnView
-CVE-2017-9898 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9898
 	NOT-FOR-US: XnView
-CVE-2017-9897 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9897
 	NOT-FOR-US: XnView
-CVE-2017-9896 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9896
 	NOT-FOR-US: XnView
-CVE-2017-9895 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9895
 	NOT-FOR-US: XnView
-CVE-2017-9894 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9894
 	NOT-FOR-US: XnView
-CVE-2017-9893 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9893
 	NOT-FOR-US: XnView
-CVE-2017-9892 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9892
 	NOT-FOR-US: IrfanView
-CVE-2017-9891 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9891
 	NOT-FOR-US: IrfanView
-CVE-2017-9890 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9890
 	NOT-FOR-US: IrfanView
-CVE-2017-9889 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9889
 	NOT-FOR-US: IrfanView
-CVE-2017-9888 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9888
 	NOT-FOR-US: IrfanView
-CVE-2017-9887 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9887
 	NOT-FOR-US: IrfanView
-CVE-2017-9886 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9886
 	NOT-FOR-US: IrfanView
-CVE-2017-9885 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9885
 	NOT-FOR-US: IrfanView
-CVE-2017-9884 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9884
 	NOT-FOR-US: IrfanView
-CVE-2017-9883 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9883
 	NOT-FOR-US: IrfanView
-CVE-2017-9882 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9882
 	NOT-FOR-US: IrfanView
-CVE-2017-9881 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9881
 	NOT-FOR-US: IrfanView
-CVE-2017-9880 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9880
 	NOT-FOR-US: IrfanView
-CVE-2017-9879 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9879
 	NOT-FOR-US: IrfanView
-CVE-2017-9878 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9878
 	NOT-FOR-US: IrfanView
-CVE-2017-9877 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9877
 	NOT-FOR-US: IrfanView
-CVE-2017-9876 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9876
 	NOT-FOR-US: IrfanView
-CVE-2017-9875 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9875
 	NOT-FOR-US: IrfanView
-CVE-2017-9874 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9874
 	NOT-FOR-US: IrfanView
-CVE-2017-9873 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9873
 	NOT-FOR-US: IrfanView
-CVE-2017-9872 (The III_dequantize_sample function in layer3.c in mpglib, as used in ...)
+CVE-2017-9872
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_dequantize_sample-layer3-c/
@@ -23117,7 +23115,7 @@ CVE-2017-9872 (The III_dequantize_sample function in layer3.c in mpglib, as used
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9871 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
+CVE-2017-9871
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/
@@ -23125,7 +23123,7 @@ CVE-2017-9871 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9870 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
+CVE-2017-9870
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-iii_i_stereo-layer3-c/
@@ -23133,7 +23131,7 @@ CVE-2017-9870 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9869 (The II_step_one function in layer2.c in mpglib, as used in ...)
+CVE-2017-9869
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-ii_step_one-layer2-c/
@@ -23141,7 +23139,7 @@ CVE-2017-9869 (The II_step_one function in layer2.c in mpglib, as used in ...)
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9868 (In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is ...)
+CVE-2017-9868
 	{DLA-1525-1 DLA-1146-1}
 	- mosquitto 1.4.14-1 (bug #865959)
 	[stretch] - mosquitto 1.4.10-3+deb9u1
@@ -23151,47 +23149,47 @@ CVE-2017-9867
 	RESERVED
 CVE-2017-9866
 	RESERVED
-CVE-2017-9865 (The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 ...)
+CVE-2017-9865
 	{DSA-4079-1 DLA-1074-1}
 	- poppler 0.57.0-2 (bug #867477)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100774
 	NOTE: http://somevulnsofadlab.blogspot.com/2017/06/popplerstack-buffer-overflow-in.html
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=75fff6556eaf0ef3a6fcdef2c2229d0b6d1c58d9
-CVE-2017-9864 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9864
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9863 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9863
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9862 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9862
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9861 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9861
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9860 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9860
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9859 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9859
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9858 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9858
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9857 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9857
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9856 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9856
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9855 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9855
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9854 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9854
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9853 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9853
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9852 (** DISPUTED ** An Incorrect Password Management issue was discovered ...)
+CVE-2017-9852
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9851 (** DISPUTED ** An issue was discovered in SMA Solar Technology ...)
+CVE-2017-9851
 	NOT-FOR-US: SMA Solar Technology products
 CVE-2017-9850
 	RESERVED
 CVE-2017-9849
 	RESERVED
-CVE-2017-9848 (SQL injection vulnerability in C_InfoService.asmx in WebServices in ...)
+CVE-2017-9848
 	NOT-FOR-US: Easysite
-CVE-2017-9847 (The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote ...)
+CVE-2017-9847
 	- libtorrent-rasterbar 1.1.4-1 (bug #865845)
 	[stretch] - libtorrent-rasterbar <no-dsa> (Minor issue)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
@@ -23199,17 +23197,17 @@ CVE-2017-9847 (The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows re
 	NOTE: https://github.com/arvidn/libtorrent/issues/2099
 	NOTE: Fixed by: https://github.com/arvidn/libtorrent/commit/ec30a5e9ec703afb8abefba757c6d401303b53db
 	NOTE: Pre-1.1.0 versions possibly similarly affected in lazy_bdecode.cpp
-CVE-2017-9846 (Winmail Server 6.1 allows remote code execution by authenticated users ...)
+CVE-2017-9846
 	NOT-FOR-US: Winmail Server
-CVE-2017-9845 (disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote ...)
+CVE-2017-9845
 	NOT-FOR-US: SAP
-CVE-2017-9844 (SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a ...)
+CVE-2017-9844
 	NOT-FOR-US: SAP
-CVE-2017-9843 (SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with ...)
+CVE-2017-9843
 	NOT-FOR-US: SAP
 CVE-2017-9842
 	RESERVED
-CVE-2017-9841 (Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 ...)
+CVE-2017-9841
 	- phpunit 5.4.6-2 (bug #866200)
 	[stretch] - phpunit 5.4.6-2~deb9u1
 	[jessie] - phpunit <not-affected> (Issue introduced later; vulnerable code not present)
@@ -23217,54 +23215,54 @@ CVE-2017-9841 (Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5
 	NOTE: https://github.com/sebastianbergmann/phpunit/pull/1956
 	NOTE: https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
 	NOTE: http://phpunit.vulnbusters.com/
-CVE-2017-9840 (Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload ...)
+CVE-2017-9840
 	- dolibarr <removed> (bug #867495)
-CVE-2017-9839 (Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 ...)
+CVE-2017-9839
 	- dolibarr <removed>
-CVE-2017-9838 (Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting ...)
+CVE-2017-9838
 	- dolibarr <removed>
 CVE-2017-9837
 	REJECTED
-CVE-2017-9836 (Cross-site scripting (XSS) vulnerability in Piwigo 2.9.1 allows remote ...)
+CVE-2017-9836
 	- piwigo <removed>
-CVE-2017-9835 (The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript ...)
+CVE-2017-9835
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869907)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697985
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=cfde94be1d4286bc47633c6e6eaf4e659bd78066 (ghostpdl-9.22rc1)
-CVE-2017-9834 (SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for ...)
+CVE-2017-9834
 	NOT-FOR-US: WatuPRO plugin for WordPress
-CVE-2017-9833 (/cgi-bin/wapopen in BOA Webserver 0.94.14rc21 allows the injection of ...)
+CVE-2017-9833
 	NOT-FOR-US: Undetermined product
 	NOTE: /wapopen is not part of BOA, it's probably an insecure CGI
 	NOTE: script used in some embedded product relying on BOA as webserver.
 	NOTE: I asked Mitre to reject the CVE. -- Raphael Hertzog
-CVE-2017-9832 (An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL ...)
+CVE-2017-9832
 	{DLA-1029-1}
 	- libmtp 1.1.13-1
 	[jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release)
 	NOTE: https://sourceforge.net/p/libmtp/mailman/message/35729062/
 	NOTE: https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/
 	NOTE: reduced patchset: https://lists.debian.org/87lgnzvjvb.fsf@curie.anarc.at
-CVE-2017-9831 (An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx ...)
+CVE-2017-9831
 	{DLA-1029-1}
 	- libmtp 1.1.13-1
 	[jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release)
 	NOTE: https://sourceforge.net/p/libmtp/mailman/message/35735992/
 	NOTE: https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/
 	NOTE: reduced patchset: https://lists.debian.org/87lgnzvjvb.fsf@curie.anarc.at
-CVE-2017-9830 (Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the ...)
+CVE-2017-9830
 	NOT-FOR-US: Code42
-CVE-2017-9829 ('/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the ...)
+CVE-2017-9829
 	NOT-FOR-US: VIVOTEK Network Cameras
-CVE-2017-9828 ('/cgi-bin/admin/testserver.cgi' of the web service in most of the ...)
+CVE-2017-9828
 	NOT-FOR-US: VIVOTEK Network Cameras
 CVE-2017-9827
 	RESERVED
 CVE-2017-9826
 	RESERVED
-CVE-2017-11104 (Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the ...)
+CVE-2017-11104
 	{DSA-3910-1}
 	- knot 2.5.3-1 (bug #865678)
 	NOTE: https://lists.nic.cz/pipermail/knot-dns-users/2017-June/001144.html
@@ -23275,21 +23273,21 @@ CVE-2017-9824
 	RESERVED
 CVE-2017-9823
 	RESERVED
-CVE-2017-9822 (DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a ...)
+CVE-2017-9822
 	NOT-FOR-US: DotNetNuke
-CVE-2017-9821 (The National Payments Corporation of India BHIM application 1.3 for ...)
+CVE-2017-9821
 	NOT-FOR-US: India BHIM
-CVE-2017-9820 (The National Payments Corporation of India BHIM application 1.3 for ...)
+CVE-2017-9820
 	NOT-FOR-US: India BHIM
-CVE-2017-9819 (The National Payments Corporation of India BHIM application 1.3 for ...)
+CVE-2017-9819
 	NOT-FOR-US: India BHIM
-CVE-2017-9818 (The National Payments Corporation of India BHIM application 1.3 for ...)
+CVE-2017-9818
 	NOT-FOR-US: India BHIM
 CVE-2017-9817
 	RESERVED
-CVE-2017-9816 (Cross-site scripting (XSS) vulnerability in Paessler PRTG Network ...)
+CVE-2017-9816
 	NOT-FOR-US: Paessler PRTG Network Monitor
-CVE-2017-9815 (In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in ...)
+CVE-2017-9815
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	[wheezy] - tiff 4.0.2-6+deb7u14
@@ -23298,7 +23296,7 @@ CVE-2017-9815 (In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in ...)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2682
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fb3dc46a2fcf6197ff3b93fc76f0c37fddc0333b
 	NOTE: The issue is addressed with the same commit as for CVE-2017-9403
-CVE-2017-9814 (cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote ...)
+CVE-2017-9814
 	- cairo <unfixed> (low; bug #868580)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
@@ -23306,98 +23304,98 @@ CVE-2017-9814 (cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote
 	[wheezy] - cairo <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101547
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/264
-CVE-2017-9813 (In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack ...)
+CVE-2017-9813
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2017-9812 (The reportId parameter of the getReportStatus action method can be ...)
+CVE-2017-9812
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2017-9811 (The kluser is able to interact with the kav4fs-control binary in ...)
+CVE-2017-9811
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2017-9810 (There are no Anti-CSRF tokens in any forms on the web interface in ...)
+CVE-2017-9810
 	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2017-9809
 	RESERVED
 CVE-2017-9808
 	RESERVED
-CVE-2017-9807 (An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 ...)
+CVE-2017-9807
 	NOT-FOR-US: OpenWebif plugin for E2
-CVE-2017-9806 (A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, ...)
+CVE-2017-9806
 	- libreoffice 1:3.4.3-1
 	NOTE: https://www.talosintelligence.com/reports/TALOS-2017-0295
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2017-9806
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commitdiff_plain;h=bb494d6bd8c5868f34bd8f9444ed3eb401145f10
-CVE-2017-9805 (The REST Plugin in Apache Struts 2.1.2 through 2.3.x before 2.3.34 and ...)
+CVE-2017-9805
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <not-affected> (vulnerable code not present)
 	NOTE: https://struts.apache.org/docs/s2-052.html
-CVE-2017-9804 (In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an ...)
+CVE-2017-9804
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <ignored> (Minor issue)
 	NOTE: DOS class vulnerability and classified as low by upstream.
 	NOTE: https://struts.apache.org/docs/s2-050.html
-CVE-2017-9803 (Apache Solr's Kerberos plugin can be configured to use delegation ...)
+CVE-2017-9803
 	- lucene-solr <not-affected> (Introduced in 6.2)
-CVE-2017-9802 (The Javascript method Sling.evalString() in Apache Sling Servlets Post ...)
+CVE-2017-9802
 	NOT-FOR-US: Apache Sling
-CVE-2017-9801 (When a call-site passes a subject for an email that contains ...)
+CVE-2017-9801
 	- commons-email <not-affected> (Fixed with first upload to Debian)
 	NOTE: https://commons.apache.org/proper/commons-email/security-reports.html
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1801385
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1801388
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1801389
-CVE-2017-9800 (A maliciously constructed svn+ssh:// URL would cause Subversion ...)
+CVE-2017-9800
 	{DSA-3932-1 DLA-1052-1}
 	- subversion 1.9.7-1
 	NOTE: Fixed by: http://svn.apache.org/viewvc?view=revision&amp;sortby=rev&amp;revision=1804691
 	NOTE: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt
-CVE-2017-9799 (It was found that under some situations and configurations of Apache ...)
+CVE-2017-9799
 	NOT-FOR-US: Apache Storm
-CVE-2017-9798 (Apache httpd allows remote attackers to read secret data from process ...)
+CVE-2017-9798
 	{DSA-3980-1 DLA-1102-1}
 	- apache2 2.4.27-6 (bug #876109)
 	NOTE: https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
 	NOTE: https://github.com/hannob/optionsbleed
 	NOTE: Patch: https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
 	NOTE: Patch backport for 2.2: https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
-CVE-2017-9797 (When an Apache Geode cluster before v1.2.1 is operating in secure ...)
+CVE-2017-9797
 	NOT-FOR-US: Apache Geode
-CVE-2017-9796 (When an Apache Geode cluster before v1.3.0 is operating in secure ...)
+CVE-2017-9796
 	NOT-FOR-US: Apache Geode
-CVE-2017-9795 (When an Apache Geode cluster before v1.3.0 is operating in secure ...)
+CVE-2017-9795
 	NOT-FOR-US: Apache Geode
-CVE-2017-9794 (When a cluster is operating in secure mode, a user with read ...)
+CVE-2017-9794
 	NOT-FOR-US: Apache Geode
-CVE-2017-9793 (The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through ...)
+CVE-2017-9793
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <not-affected> (vulnerable code not present)
 	NOTE: https://struts.apache.org/docs/s2-051.html
-CVE-2017-9792 (In Apache Impala (incubating) before 2.10.0, a malicious user with ...)
+CVE-2017-9792
 	NOT-FOR-US: Apache Impala
-CVE-2017-9791 (The Struts 1 plugin in Apache Struts 2.3.x might allow remote code ...)
+CVE-2017-9791
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: Issue is specific to Struts 2.x.
-CVE-2017-9790 (When handling a libprocess message wrapped in an HTTP request, ...)
+CVE-2017-9790
 	- apache-mesos <itp> (bug #760315)
-CVE-2017-9789 (When under stress, closing many connections, the HTTP/2 handling code ...)
+CVE-2017-9789
 	- apache2 <not-affected> (Only affected 2.4.26)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
-CVE-2017-9788 (In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value ...)
+CVE-2017-9788
 	{DSA-3913-1 DLA-1028-1}
 	- apache2 2.4.27-1 (bug #868467)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
 	NOTE: Fixed by (2.4.x): https://svn.apache.org/r1800955
 	NOTE: 2.4.x: https://github.com/apache/httpd/commit/549ba6a39aa0df78a610025f74f3a06503a70f67
 	NOTE: trunk: https://github.com/apache/httpd/commit/c5d3719133b9e5dab0d540c5aa03b2fdabc30395
-CVE-2017-9787 (When using a Spring AOP functionality to secure Struts actions it is ...)
+CVE-2017-9787
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: Issue is specific to Struts 2.x.
 	NOTE: https://struts.apache.org/docs/s2-049.html
-CVE-2017-9786 (Cross-site scripting (XSS) vulnerability in ProjectSend (formerly ...)
+CVE-2017-9786
 	NOT-FOR-US: ProjectSend
-CVE-2017-9785 (Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse ...)
+CVE-2017-9785
 	NOT-FOR-US: NancyFX Nancy
 CVE-2017-9784
 	RESERVED
-CVE-2017-9783 (Cross-site scripting (XSS) vulnerability in ProjectSend (formerly ...)
+CVE-2017-9783
 	NOT-FOR-US: ProjectSend
 CVE-2017-10599
 	RESERVED
@@ -23741,95 +23739,95 @@ CVE-2017-10430
 	RESERVED
 CVE-2017-10429
 	RESERVED
-CVE-2017-10428 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10428
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10427 (Vulnerability in the Oracle Retail Xstore Point of Service component ...)
+CVE-2017-10427
 	NOT-FOR-US: Oracle
-CVE-2017-10426 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2017-10426
 	NOT-FOR-US: Oracle
-CVE-2017-10425 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10425
 	NOT-FOR-US: Oracle
-CVE-2017-10424 (Vulnerability in the MySQL Enterprise Monitor component of Oracle ...)
+CVE-2017-10424
 	NOT-FOR-US: MySQL Enterprise Monitor component of Oracle MySQL
-CVE-2017-10423 (Vulnerability in the Oracle Retail Back Office component of Oracle ...)
+CVE-2017-10423
 	NOT-FOR-US: Oracle
-CVE-2017-10422 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10422
 	NOT-FOR-US: Oracle
-CVE-2017-10421 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10421
 	NOT-FOR-US: Oracle
-CVE-2017-10420 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10420
 	NOT-FOR-US: Oracle
-CVE-2017-10419 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10419
 	NOT-FOR-US: Oracle
-CVE-2017-10418 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
+CVE-2017-10418
 	NOT-FOR-US: Oracle
-CVE-2017-10417 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-10417
 	NOT-FOR-US: Oracle
-CVE-2017-10416 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-10416
 	NOT-FOR-US: Oracle
-CVE-2017-10415 (Vulnerability in the Oracle iSupport component of Oracle E-Business ...)
+CVE-2017-10415
 	NOT-FOR-US: Oracle
-CVE-2017-10414 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-10414
 	NOT-FOR-US: Oracle
-CVE-2017-10413 (Vulnerability in the Oracle Mobile Field Service component of Oracle ...)
+CVE-2017-10413
 	NOT-FOR-US: Oracle
-CVE-2017-10412 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-10412
 	NOT-FOR-US: Oracle
-CVE-2017-10411 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-10411
 	NOT-FOR-US: Oracle
-CVE-2017-10410 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-10410
 	NOT-FOR-US: Oracle
-CVE-2017-10409 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-10409
 	NOT-FOR-US: Oracle
-CVE-2017-10408 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10408
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10407 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10407
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10406 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10406
 	NOT-FOR-US: Oracle
-CVE-2017-10405 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10405
 	NOT-FOR-US: Oracle
-CVE-2017-10404 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10404
 	NOT-FOR-US: Oracle
-CVE-2017-10403 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10403
 	NOT-FOR-US: Oracle
-CVE-2017-10402 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10402
 	NOT-FOR-US: Oracle
-CVE-2017-10401 (Vulnerability in the Oracle Hospitality Cruise Materials Management ...)
+CVE-2017-10401
 	NOT-FOR-US: Oracle
-CVE-2017-10400 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-10400
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-10399 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2017-10399
 	NOT-FOR-US: Oracle
-CVE-2017-10398 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2017-10398
 	NOT-FOR-US: Oracle
-CVE-2017-10397 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2017-10397
 	NOT-FOR-US: Oracle
-CVE-2017-10396 (Vulnerability in the Oracle Hospitality Cruise AffairWhere component ...)
+CVE-2017-10396
 	NOT-FOR-US: Oracle
-CVE-2017-10395 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2017-10395
 	NOT-FOR-US: Oracle
-CVE-2017-10394 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10394
 	NOT-FOR-US: Oracle
-CVE-2017-10393 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-10393
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-10392 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10392
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10391 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-10391
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
 CVE-2017-10390
 	RESERVED
-CVE-2017-10389 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10389
 	NOT-FOR-US: Oracle
-CVE-2017-10388 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10388
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23837,35 +23835,35 @@ CVE-2017-10388 (Vulnerability in the Java SE, Java SE Embedded component of Orac
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10387 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2017-10387
 	NOT-FOR-US: Oracle
-CVE-2017-10386 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10386
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10385 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-10385
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-10384 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10384
 	{DSA-4002-1 DSA-3944-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10383 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2017-10383
 	NOT-FOR-US: Oracle
-CVE-2017-10382 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10382
 	NOT-FOR-US: Oracle
-CVE-2017-10381 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10381
 	NOT-FOR-US: Oracle
-CVE-2017-10380 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10380
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10379 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10379
 	{DSA-4002-1 DSA-3944-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10378 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10378
 	{DSA-4341-1 DSA-4002-1 DLA-1407-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.29-1
@@ -23879,46 +23877,46 @@ CVE-2017-10377
 	RESERVED
 CVE-2017-10376
 	RESERVED
-CVE-2017-10375 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2017-10375
 	NOT-FOR-US: Oracle
 CVE-2017-10374
 	RESERVED
-CVE-2017-10373 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
+CVE-2017-10373
 	NOT-FOR-US: Oracle
-CVE-2017-10372 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2017-10372
 	NOT-FOR-US: Oracle
 CVE-2017-10371
 	RESERVED
-CVE-2017-10370 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2017-10370
 	NOT-FOR-US: Oracle
-CVE-2017-10369 (Vulnerability in the Oracle Virtual Directory component of Oracle ...)
+CVE-2017-10369
 	NOT-FOR-US: Oracle
-CVE-2017-10368 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement component ...)
+CVE-2017-10368
 	NOT-FOR-US: Oracle
-CVE-2017-10367 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10367
 	NOT-FOR-US: Oracle
-CVE-2017-10366 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
+CVE-2017-10366
 	NOT-FOR-US: Oracle
-CVE-2017-10365 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10365
 	- mariadb-10.2 <removed> (bug #884065)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10364 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10364
 	NOT-FOR-US: Oracle
-CVE-2017-10363 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10363
 	NOT-FOR-US: Oracle
-CVE-2017-10362 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10362
 	NOT-FOR-US: Oracle
-CVE-2017-10361 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2017-10361
 	NOT-FOR-US: Oracle
-CVE-2017-10360 (Vulnerability in the Oracle WebCenter Content component of Oracle ...)
+CVE-2017-10360
 	NOT-FOR-US: Oracle
-CVE-2017-10359 (Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion ...)
+CVE-2017-10359
 	NOT-FOR-US: Oracle
-CVE-2017-10358 (Vulnerability in the Oracle Hyperion Financial Reporting component of ...)
+CVE-2017-10358
 	NOT-FOR-US: Oracle
-CVE-2017-10357 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10357
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23926,7 +23924,7 @@ CVE-2017-10357 (Vulnerability in the Java SE, Java SE Embedded component of Orac
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10356 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10356
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23934,7 +23932,7 @@ CVE-2017-10356 (Vulnerability in the Java SE, Java SE Embedded, JRockit componen
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10355 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10355
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23942,21 +23940,21 @@ CVE-2017-10355 (Vulnerability in the Java SE, Java SE Embedded, JRockit componen
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10354 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10354
 	NOT-FOR-US: Oracle
-CVE-2017-10353 (Vulnerability in the Oracle Hospitality Hotel Mobile component of ...)
+CVE-2017-10353
 	NOT-FOR-US: Oracle
-CVE-2017-10352 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10352
 	NOT-FOR-US: Oracle
-CVE-2017-10351 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
+CVE-2017-10351
 	NOT-FOR-US: Oracle
-CVE-2017-10350 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10350
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	[experimental] - openjdk-7 7u151-2.6.11-2
 	- openjdk-7 <removed>
-CVE-2017-10349 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10349
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23964,7 +23962,7 @@ CVE-2017-10349 (Vulnerability in the Java SE, Java SE Embedded component of Orac
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10348 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10348
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23972,7 +23970,7 @@ CVE-2017-10348 (Vulnerability in the Java SE, Java SE Embedded component of Orac
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10347 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...)
+CVE-2017-10347
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23980,7 +23978,7 @@ CVE-2017-10347 (Vulnerability in the Java SE, JRockit component of Oracle Java S
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10346 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10346
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23988,7 +23986,7 @@ CVE-2017-10346 (Vulnerability in the Java SE, Java SE Embedded component of Orac
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10345 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10345
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23996,117 +23994,117 @@ CVE-2017-10345 (Vulnerability in the Java SE, Java SE Embedded, JRockit componen
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10344 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10344
 	NOT-FOR-US: Oracle
-CVE-2017-10343 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10343
 	NOT-FOR-US: Oracle
-CVE-2017-10342 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10342
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10341 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10341
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10340 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10340
 	NOT-FOR-US: Oracle
-CVE-2017-10339 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10339
 	NOT-FOR-US: Oracle
-CVE-2017-10338 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10338
 	NOT-FOR-US: Oracle
-CVE-2017-10337 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10337
 	NOT-FOR-US: Oracle
-CVE-2017-10336 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10336
 	NOT-FOR-US: Oracle
-CVE-2017-10335 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
+CVE-2017-10335
 	NOT-FOR-US: Oracle
-CVE-2017-10334 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10334
 	NOT-FOR-US: Oracle
-CVE-2017-10333 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-10333
 	NOT-FOR-US: Oracle
-CVE-2017-10332 (Vulnerability in the Oracle Universal Work Queue component of Oracle ...)
+CVE-2017-10332
 	NOT-FOR-US: Oracle
-CVE-2017-10331 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2017-10331
 	NOT-FOR-US: Oracle
-CVE-2017-10330 (Vulnerability in the Oracle Common Applications component of Oracle ...)
+CVE-2017-10330
 	NOT-FOR-US: Oracle
-CVE-2017-10329 (Vulnerability in the Oracle Global Order Promising component of Oracle ...)
+CVE-2017-10329
 	NOT-FOR-US: Oracle
-CVE-2017-10328 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2017-10328
 	NOT-FOR-US: Oracle
-CVE-2017-10327 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10327
 	NOT-FOR-US: Oracle
-CVE-2017-10326 (Vulnerability in the Oracle Common Applications Calendar component of ...)
+CVE-2017-10326
 	NOT-FOR-US: Oracle
-CVE-2017-10325 (Vulnerability in the Oracle Common Applications Calendar component of ...)
+CVE-2017-10325
 	NOT-FOR-US: Oracle
-CVE-2017-10324 (Vulnerability in the Oracle Applications Technology Stack component of ...)
+CVE-2017-10324
 	NOT-FOR-US: Oracle
-CVE-2017-10323 (Vulnerability in the Oracle Web Applications Desktop Integrator ...)
+CVE-2017-10323
 	NOT-FOR-US: Oracle
-CVE-2017-10322 (Vulnerability in the Oracle Common Applications Calendar component of ...)
+CVE-2017-10322
 	NOT-FOR-US: Oracle
-CVE-2017-10321 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
+CVE-2017-10321
 	NOT-FOR-US: Oracle
-CVE-2017-10320 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10320
 	- mariadb-10.2 <removed> (bug #884065)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10319 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10319
 	NOT-FOR-US: Oracle
-CVE-2017-10318 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10318
 	NOT-FOR-US: Oracle
-CVE-2017-10317 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10317
 	NOT-FOR-US: Oracle
-CVE-2017-10316 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10316
 	NOT-FOR-US: Oracle
-CVE-2017-10315 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-10315
 	NOT-FOR-US: Oracle
-CVE-2017-10314 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10314
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10313 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10313
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10312 (Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion ...)
+CVE-2017-10312
 	NOT-FOR-US: Oracle
-CVE-2017-10311 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10311
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10310 (Vulnerability in the Oracle Hyperion Financial Reporting component of ...)
+CVE-2017-10310
 	NOT-FOR-US: Oracle
-CVE-2017-10309 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10309
 	- openjdk-9 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2017-10308 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10308
 	NOT-FOR-US: Oracle
 CVE-2017-10307
 	RESERVED
-CVE-2017-10306 (Vulnerability in the PeopleSoft Enterprise HCM component of Oracle ...)
+CVE-2017-10306
 	NOT-FOR-US: Oracle
 CVE-2017-10305
 	RESERVED
-CVE-2017-10304 (Vulnerability in the PeopleSoft Enterprise HCM component of Oracle ...)
+CVE-2017-10304
 	NOT-FOR-US: Oracle
-CVE-2017-10303 (Vulnerability in the Oracle Interaction Center Intelligence component ...)
+CVE-2017-10303
 	NOT-FOR-US: Oracle
-CVE-2017-10302 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-10302
 	NOT-FOR-US: Oracle
-CVE-2017-10301 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10301
 	NOT-FOR-US: Oracle
-CVE-2017-10300 (Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM ...)
+CVE-2017-10300
 	NOT-FOR-US: Oracle
-CVE-2017-10299 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10299
 	NOT-FOR-US: Oracle
 CVE-2017-10298
 	RESERVED
 CVE-2017-10297
 	RESERVED
-CVE-2017-10296 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10296
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10295 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10295
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24114,15 +24112,15 @@ CVE-2017-10295 (Vulnerability in the Java SE, Java SE Embedded, JRockit componen
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10294 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10294
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10293 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10293
 	- openjdk-8 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-7 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-6 <not-affected> (Seems to be specific to Oracle Java)
-CVE-2017-10292 (Vulnerability in the RDBMS Security component of Oracle Database ...)
+CVE-2017-10292
 	NOT-FOR-US: Oracle
 CVE-2017-10291
 	RESERVED
@@ -24132,16 +24130,16 @@ CVE-2017-10289
 	RESERVED
 CVE-2017-10288
 	RESERVED
-CVE-2017-10287 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2017-10287
 	NOT-FOR-US: Oracle
-CVE-2017-10286 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10286
 	{DSA-3944-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10285 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10285
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24149,17 +24147,17 @@ CVE-2017-10285 (Vulnerability in the Java SE, Java SE Embedded component of Orac
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10284 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10284
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10283 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10283
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10282 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
+CVE-2017-10282
 	NOT-FOR-US: Oracle
-CVE-2017-10281 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10281
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24167,26 +24165,26 @@ CVE-2017-10281 (Vulnerability in the Java SE, Java SE Embedded, JRockit componen
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10280 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10280
 	NOT-FOR-US: Oracle
-CVE-2017-10279 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10279
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10278 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
+CVE-2017-10278
 	NOT-FOR-US: Oracle
-CVE-2017-10277 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2017-10277
 	- mysql-connector-net <unfixed> (bug #883923)
 	[stretch] - mysql-connector-net <no-dsa> (Minor issue)
 	[jessie] - mysql-connector-net <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-net <no-dsa> (Minor issue)
-CVE-2017-10276 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10276
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10275 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-10275
 	NOT-FOR-US: Oracle
-CVE-2017-10274 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10274
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24194,17 +24192,17 @@ CVE-2017-10274 (Vulnerability in the Java SE component of Oracle Java SE ...)
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10273 (Vulnerability in the Oracle JDeveloper component of Oracle Fusion ...)
+CVE-2017-10273
 	NOT-FOR-US: Oracle
-CVE-2017-10272 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
+CVE-2017-10272
 	NOT-FOR-US: Oracle
-CVE-2017-10271 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10271
 	NOT-FOR-US: Oracle
-CVE-2017-10270 (Vulnerability in the Oracle Identity Manager Connector component of ...)
+CVE-2017-10270
 	NOT-FOR-US: Oracle
-CVE-2017-10269 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
+CVE-2017-10269
 	NOT-FOR-US: Oracle
-CVE-2017-10268 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10268
 	{DSA-4341-1 DSA-4002-1 DLA-1407-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.29-1
@@ -24212,314 +24210,314 @@ CVE-2017-10268 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10267 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
+CVE-2017-10267
 	NOT-FOR-US: Oracle
-CVE-2017-10266 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
+CVE-2017-10266
 	NOT-FOR-US: Oracle
-CVE-2017-10265 (Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) ...)
+CVE-2017-10265
 	NOT-FOR-US: Oracle
-CVE-2017-10264 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-10264
 	NOT-FOR-US: Oracle
-CVE-2017-10263 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-10263
 	NOT-FOR-US: Oracle
-CVE-2017-10262 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)
+CVE-2017-10262
 	NOT-FOR-US: Oracle
-CVE-2017-10261 (Vulnerability in the XML Database component of Oracle Database Server. ...)
+CVE-2017-10261
 	NOT-FOR-US: Oracle
-CVE-2017-10260 (Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) ...)
+CVE-2017-10260
 	NOT-FOR-US: Oracle
-CVE-2017-10259 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)
+CVE-2017-10259
 	NOT-FOR-US: Oracle
-CVE-2017-10258 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10258
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10257 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10257
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10256 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10256
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10255 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10255
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10254 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2017-10254
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10253 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10253
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10252 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10252
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10251 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10251
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10250 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10250
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10249 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10249
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10248 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10248
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10247 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10247
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10246 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2017-10246
 	NOT-FOR-US: Oracle
-CVE-2017-10245 (Vulnerability in the Oracle General Ledger component of Oracle ...)
+CVE-2017-10245
 	NOT-FOR-US: Oracle
-CVE-2017-10244 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2017-10244
 	NOT-FOR-US: Oracle
-CVE-2017-10243 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10243
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10242 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10242
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10241 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10241
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10240 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10240
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10239 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10239
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10238 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10238
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10237 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10237
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10236 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10236
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10235 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10235
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10234 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems ...)
+CVE-2017-10234
 	NOT-FOR-US: Oracle
-CVE-2017-10233 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10233
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10232 (Vulnerability in the Hospitality WebSuite8 Cloud Service component of ...)
+CVE-2017-10232
 	NOT-FOR-US: Oracle
-CVE-2017-10231 (Vulnerability in the Oracle Hospitality Cruise AffairWhere component ...)
+CVE-2017-10231
 	NOT-FOR-US: Oracle
-CVE-2017-10230 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management ...)
+CVE-2017-10230
 	NOT-FOR-US: Oracle
-CVE-2017-10229 (Vulnerability in the Oracle Hospitality Cruise Materials Management ...)
+CVE-2017-10229
 	NOT-FOR-US: Oracle
-CVE-2017-10228 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2017-10228
 	NOT-FOR-US: Oracle
-CVE-2017-10227 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10227
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10226 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2017-10226
 	NOT-FOR-US: Oracle
-CVE-2017-10225 (Vulnerability in the Oracle Hospitality RES 3700 component of Oracle ...)
+CVE-2017-10225
 	NOT-FOR-US: Oracle
-CVE-2017-10224 (Vulnerability in the Oracle Hospitality Inventory Management component ...)
+CVE-2017-10224
 	NOT-FOR-US: Oracle
-CVE-2017-10223 (Vulnerability in the Oracle Hospitality Materials Control component of ...)
+CVE-2017-10223
 	NOT-FOR-US: Oracle
-CVE-2017-10222 (Vulnerability in the Oracle Hospitality Materials Control component of ...)
+CVE-2017-10222
 	NOT-FOR-US: Oracle
-CVE-2017-10221 (Vulnerability in the Oracle Hospitality RES 3700 component of Oracle ...)
+CVE-2017-10221
 	NOT-FOR-US: Oracle
-CVE-2017-10220 (Vulnerability in the Hospitality Property Interfaces component of ...)
+CVE-2017-10220
 	NOT-FOR-US: Oracle
-CVE-2017-10219 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2017-10219
 	NOT-FOR-US: Oracle
-CVE-2017-10218 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2017-10218
 	NOT-FOR-US: Oracle
-CVE-2017-10217 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2017-10217
 	NOT-FOR-US: Oracle
-CVE-2017-10216 (Vulnerability in the Hospitality Property Interfaces component of ...)
+CVE-2017-10216
 	NOT-FOR-US: Oracle
-CVE-2017-10215 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10215
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10214 (Vulnerability in the Oracle Retail Xstore Point of Service component ...)
+CVE-2017-10214
 	NOT-FOR-US: Oracle
-CVE-2017-10213 (Vulnerability in the Hospitality Suite8 component of Oracle ...)
+CVE-2017-10213
 	NOT-FOR-US: Oracle
-CVE-2017-10212 (Vulnerability in the Hospitality Suite8 component of Oracle ...)
+CVE-2017-10212
 	NOT-FOR-US: Oracle
-CVE-2017-10211 (Vulnerability in the Hospitality Suite8 component of Oracle ...)
+CVE-2017-10211
 	NOT-FOR-US: Oracle
-CVE-2017-10210 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10210
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10209 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10209
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10208 (Vulnerability in the Oracle Hospitality e7 component of Oracle ...)
+CVE-2017-10208
 	NOT-FOR-US: Oracle
-CVE-2017-10207 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10207
 	NOT-FOR-US: Oracle
-CVE-2017-10206 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10206
 	NOT-FOR-US: Oracle
-CVE-2017-10205 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10205
 	NOT-FOR-US: Oracle
-CVE-2017-10204 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10204
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10203 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2017-10203
 	- mysql-connector-net <unfixed> (bug #883923)
 	[stretch] - mysql-connector-net <no-dsa> (Minor issue)
 	[jessie] - mysql-connector-net <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-net <no-dsa> (Minor issue)
-CVE-2017-10202 (Vulnerability in the OJVM component of Oracle Database Server. ...)
+CVE-2017-10202
 	NOT-FOR-US: Oracle
-CVE-2017-10201 (Vulnerability in the Oracle Hospitality e7 component of Oracle ...)
+CVE-2017-10201
 	NOT-FOR-US: Oracle
-CVE-2017-10200 (Vulnerability in the Oracle Hospitality e7 component of Oracle ...)
+CVE-2017-10200
 	NOT-FOR-US: Oracle
-CVE-2017-10199 (Vulnerability in the Oracle iLearning component of Oracle iLearning ...)
+CVE-2017-10199
 	NOT-FOR-US: Oracle
-CVE-2017-10198 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10198
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10197 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-10197
 	NOT-FOR-US: Oracle
-CVE-2017-10196 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-10196
 	NOT-FOR-US: Oracle
-CVE-2017-10195 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10195
 	NOT-FOR-US: Oracle
-CVE-2017-10194 (Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) ...)
+CVE-2017-10194
 	NOT-FOR-US: Oracle
-CVE-2017-10193 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10193
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10192 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-10192
 	NOT-FOR-US: Oracle
-CVE-2017-10191 (Vulnerability in the Oracle Web Analytics component of Oracle ...)
+CVE-2017-10191
 	NOT-FOR-US: Oracle
-CVE-2017-10190 (Vulnerability in the Java VM component of Oracle Database Server. ...)
+CVE-2017-10190
 	NOT-FOR-US: Oracle
-CVE-2017-10189 (Vulnerability in the Hospitality Suite8 component of Oracle ...)
+CVE-2017-10189
 	NOT-FOR-US: Oracle
-CVE-2017-10188 (Vulnerability in the Hospitality Hotel Mobile component of Oracle ...)
+CVE-2017-10188
 	NOT-FOR-US: Oracle
-CVE-2017-10187 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10187
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10186 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-10186
 	NOT-FOR-US: Oracle
-CVE-2017-10185 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2017-10185
 	NOT-FOR-US: Oracle
-CVE-2017-10184 (Vulnerability in the Oracle Field Service component of Oracle ...)
+CVE-2017-10184
 	NOT-FOR-US: Oracle
-CVE-2017-10183 (Vulnerability in the Oracle Retail Xstore Point of Service component ...)
+CVE-2017-10183
 	NOT-FOR-US: Oracle
-CVE-2017-10182 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-10182
 	NOT-FOR-US: Oracle
-CVE-2017-10181 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of ...)
+CVE-2017-10181
 	NOT-FOR-US: Oracle
-CVE-2017-10180 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2017-10180
 	NOT-FOR-US: Oracle
-CVE-2017-10179 (Vulnerability in the Application Management Pack for Oracle E-Business ...)
+CVE-2017-10179
 	NOT-FOR-US: Oracle
-CVE-2017-10178 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10178
 	NOT-FOR-US: Oracle
-CVE-2017-10177 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2017-10177
 	NOT-FOR-US: Oracle
-CVE-2017-10176 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10176
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
-CVE-2017-10175 (Vulnerability in the Oracle iSupport component of Oracle E-Business ...)
+CVE-2017-10175
 	NOT-FOR-US: Oracle
-CVE-2017-10174 (Vulnerability in the Oracle iSupport component of Oracle E-Business ...)
+CVE-2017-10174
 	NOT-FOR-US: Oracle
-CVE-2017-10173 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
+CVE-2017-10173
 	NOT-FOR-US: Oracle
-CVE-2017-10172 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
+CVE-2017-10172
 	NOT-FOR-US: Oracle
-CVE-2017-10171 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-10171
 	NOT-FOR-US: Oracle
-CVE-2017-10170 (Vulnerability in the Oracle Field Service component of Oracle ...)
+CVE-2017-10170
 	NOT-FOR-US: Oracle
-CVE-2017-10169 (Vulnerability in the Oracle Hospitality 9700 component of Oracle ...)
+CVE-2017-10169
 	NOT-FOR-US: Oracle
-CVE-2017-10168 (Vulnerability in the Hospitality Hotel Mobile component of Oracle ...)
+CVE-2017-10168
 	NOT-FOR-US: Oracle
-CVE-2017-10167 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10167
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10166 (Vulnerability in the Oracle Security Service component of Oracle ...)
+CVE-2017-10166
 	NOT-FOR-US: Oracle
-CVE-2017-10165 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10165
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10164 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2017-10164
 	NOT-FOR-US: Oracle
-CVE-2017-10163 (Vulnerability in the Oracle Business Intelligence Enterprise Edition ...)
+CVE-2017-10163
 	NOT-FOR-US: Oracle
-CVE-2017-10162 (Vulnerability in the Siebel Core - Server Framework component of ...)
+CVE-2017-10162
 	NOT-FOR-US: Oracle
-CVE-2017-10161 (Vulnerability in the Oracle Engineering Data Management component of ...)
+CVE-2017-10161
 	NOT-FOR-US: Oracle
-CVE-2017-10160 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-10160
 	NOT-FOR-US: Primavera
-CVE-2017-10159 (Vulnerability in the Oracle Communications Policy Management component ...)
+CVE-2017-10159
 	NOT-FOR-US: Oracle
-CVE-2017-10158 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10158
 	NOT-FOR-US: Oracle
-CVE-2017-10157 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10157
 	NOT-FOR-US: Oracle
-CVE-2017-10156 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10156
 	NOT-FOR-US: Oracle
-CVE-2017-10155 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-10155
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10154 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)
+CVE-2017-10154
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10153 (Vulnerability in the Oracle Communications WebRTC Session Controller ...)
+CVE-2017-10153
 	NOT-FOR-US: Oracle
-CVE-2017-10152 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10152
 	NOT-FOR-US: Oracle
-CVE-2017-10151 (Vulnerability in the Oracle Identity Manager component of Oracle ...)
+CVE-2017-10151
 	NOT-FOR-US: Oracle
-CVE-2017-10150 (Vulnerability in the Primavera Unifier component of Oracle Primavera ...)
+CVE-2017-10150
 	NOT-FOR-US: Primavera
-CVE-2017-10149 (Vulnerability in the Primavera Unifier component of Oracle Primavera ...)
+CVE-2017-10149
 	NOT-FOR-US: Primavera
-CVE-2017-10148 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10148
 	NOT-FOR-US: Oracle
-CVE-2017-10147 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10147
 	NOT-FOR-US: Oracle
-CVE-2017-10146 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10146
 	NOT-FOR-US: Oracle
-CVE-2017-10145 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10145
 	NOT-FOR-US: Oracle
-CVE-2017-10144 (Vulnerability in the Oracle Applications Manager component of Oracle ...)
+CVE-2017-10144
 	NOT-FOR-US: Oracle
-CVE-2017-10143 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2017-10143
 	NOT-FOR-US: Oracle
-CVE-2017-10142 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10142
 	NOT-FOR-US: Oracle
-CVE-2017-10141 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-10141
 	NOT-FOR-US: Oracle
-CVE-2017-10140 (Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and ...)
+CVE-2017-10140
 	{DLA-1137-1 DLA-1136-1 DLA-1135-1}
 	- db5.3 5.3.28-13.1 (bug #872436)
 	[stretch] - db5.3 5.3.28-12+deb9u1
@@ -24544,11 +24542,11 @@ CVE-2017-10139
 	RESERVED
 CVE-2017-10138
 	RESERVED
-CVE-2017-10137 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10137
 	NOT-FOR-US: Oracle
-CVE-2017-10136 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2017-10136
 	NOT-FOR-US: Oracle
-CVE-2017-10135 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10135
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
@@ -24556,378 +24554,378 @@ CVE-2017-10135 (Vulnerability in the Java SE, Java SE Embedded, JRockit componen
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 	NOTE: OpenJDK-8 upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/079cd6c5de27
-CVE-2017-10134 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2017-10134
 	NOT-FOR-US: Oracle
-CVE-2017-10133 (Vulnerability in the Hospitality Hotel Mobile component of Oracle ...)
+CVE-2017-10133
 	NOT-FOR-US: Oracle
-CVE-2017-10132 (Vulnerability in the Hospitality Hotel Mobile component of Oracle ...)
+CVE-2017-10132
 	NOT-FOR-US: Oracle
-CVE-2017-10131 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-10131
 	NOT-FOR-US: Oracle
-CVE-2017-10130 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-10130
 	NOT-FOR-US: Oracle
-CVE-2017-10129 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-10129
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10128 (Vulnerability in the Hospitality WebSuite8 Cloud Service component of ...)
+CVE-2017-10128
 	NOT-FOR-US: Oracle
 CVE-2017-10127
 	RESERVED
-CVE-2017-10126 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10126
 	NOT-FOR-US: Oracle
-CVE-2017-10125 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10125
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2017-10124
 	RESERVED
-CVE-2017-10123 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10123
 	NOT-FOR-US: Oracle
-CVE-2017-10122 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-10122
 	NOT-FOR-US: Oracle
-CVE-2017-10121 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10121
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10120 (Vulnerability in the RDBMS Security component of Oracle Database ...)
+CVE-2017-10120
 	NOT-FOR-US: Oracle
-CVE-2017-10119 (Vulnerability in the Oracle Service Bus component of Oracle Fusion ...)
+CVE-2017-10119
 	NOT-FOR-US: Oracle
-CVE-2017-10118 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10118
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
-CVE-2017-10117 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10117
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10116 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10116
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10115 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10115
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10114 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10114
 	{DSA-4005-1}
 	- openjfx 8u141-b14-1 (low; bug #870860)
-CVE-2017-10113 (Vulnerability in the Oracle Common Applications component of Oracle ...)
+CVE-2017-10113
 	NOT-FOR-US: Oracle
-CVE-2017-10112 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-10112
 	NOT-FOR-US: Oracle
-CVE-2017-10111 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10111
 	{DSA-3919-1}
 	- openjdk-8 8u141-b15-1
-CVE-2017-10110 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10110
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10109 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10109
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10108 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10108
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10107 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10107
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10106 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10106
 	NOT-FOR-US: Oracle
-CVE-2017-10105 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10105
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2017-10104 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2017-10104
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10103 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10103
 	NOT-FOR-US: Oracle
-CVE-2017-10102 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10102
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <unfixed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10101 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10101
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10100 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10100
 	NOT-FOR-US: Oracle
-CVE-2017-10099 (Vulnerability in the SPARC M7, T7, S7 based Servers component of ...)
+CVE-2017-10099
 	NOT-FOR-US: Oracle
-CVE-2017-10098 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10098
 	NOT-FOR-US: Oracle
-CVE-2017-10097 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10097
 	NOT-FOR-US: Oracle
-CVE-2017-10096 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10096
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10095 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-10095
 	NOT-FOR-US: Oracle
-CVE-2017-10094 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10094
 	NOT-FOR-US: Oracle
-CVE-2017-10093 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10093
 	NOT-FOR-US: Oracle
-CVE-2017-10092 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10092
 	NOT-FOR-US: Oracle
-CVE-2017-10091 (Vulnerability in the Enterprise Manager Base Platform component of ...)
+CVE-2017-10091
 	NOT-FOR-US: Oracle
-CVE-2017-10090 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10090
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
-CVE-2017-10089 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10089
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10088 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10088
 	NOT-FOR-US: Oracle
-CVE-2017-10087 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10087
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10086 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10086
 	{DSA-4005-1}
 	- openjfx 8u141-b14-1 (low; bug #870860)
-CVE-2017-10085 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10085
 	NOT-FOR-US: Oracle
-CVE-2017-10084 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10084
 	NOT-FOR-US: Oracle
-CVE-2017-10083 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10083
 	NOT-FOR-US: Oracle
-CVE-2017-10082 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10082
 	NOT-FOR-US: Oracle
-CVE-2017-10081 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10081
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10080 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10080
 	NOT-FOR-US: Oracle
-CVE-2017-10079 (Vulnerability in the Oracle Hospitality Suites Management component of ...)
+CVE-2017-10079
 	NOT-FOR-US: Oracle
-CVE-2017-10078 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10078
 	{DSA-3919-1}
 	- openjdk-8 8u141-b15-1
-CVE-2017-10077 (Vulnerability in the Oracle Applications DBA component of Oracle ...)
+CVE-2017-10077
 	NOT-FOR-US: Oracle
-CVE-2017-10076 (Vulnerability in the Oracle Hospitality Simphony First Edition Venue ...)
+CVE-2017-10076
 	NOT-FOR-US: Oracle
-CVE-2017-10075 (Vulnerability in the Oracle WebCenter Content component of Oracle ...)
+CVE-2017-10075
 	NOT-FOR-US: Oracle
-CVE-2017-10074 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-10074
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10073 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10073
 	NOT-FOR-US: Oracle
-CVE-2017-10072 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10072
 	NOT-FOR-US: Oracle
-CVE-2017-10071 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-10071
 	NOT-FOR-US: Oracle
-CVE-2017-10070 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10070
 	NOT-FOR-US: Oracle
-CVE-2017-10069 (Vulnerability in the Oracle Payment Interface component of Oracle ...)
+CVE-2017-10069
 	NOT-FOR-US: Oracle
-CVE-2017-10068 (Vulnerability in the Oracle Business Intelligence Enterprise Edition ...)
+CVE-2017-10068
 	NOT-FOR-US: Oracle
-CVE-2017-10067 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-10067
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10066 (Vulnerability in the Oracle Applications Technology Stack component of ...)
+CVE-2017-10066
 	NOT-FOR-US: Oracle
-CVE-2017-10065 (Vulnerability in the Oracle Retail Point-of-Service component of ...)
+CVE-2017-10065
 	NOT-FOR-US: Oracle
-CVE-2017-10064 (Vulnerability in the Hospitality WebSuite8 Cloud Service component of ...)
+CVE-2017-10064
 	NOT-FOR-US: Oracle
-CVE-2017-10063 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-10063
 	NOT-FOR-US: Oracle
-CVE-2017-10062 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-10062
 	NOT-FOR-US: Oracle
-CVE-2017-10061 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10061
 	NOT-FOR-US: Oracle
-CVE-2017-10060 (Vulnerability in the Oracle Business Intelligence Enterprise Edition ...)
+CVE-2017-10060
 	NOT-FOR-US: Oracle
-CVE-2017-10059 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10059
 	NOT-FOR-US: Oracle
-CVE-2017-10058 (Vulnerability in the Oracle Business Intelligence Enterprise Edition ...)
+CVE-2017-10058
 	NOT-FOR-US: Oracle
-CVE-2017-10057 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2017-10057
 	NOT-FOR-US: Oracle
-CVE-2017-10056 (Vulnerability in the Oracle Hospitality 9700 component of Oracle ...)
+CVE-2017-10056
 	NOT-FOR-US: Oracle
-CVE-2017-10055 (Vulnerability in the Oracle iPlanet Web Server component of Oracle ...)
+CVE-2017-10055
 	NOT-FOR-US: Oracle
-CVE-2017-10054 (Vulnerability in the Oracle Hospitality Cruise Materials Management ...)
+CVE-2017-10054
 	NOT-FOR-US: Oracle
-CVE-2017-10053 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-10053
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10052 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10052
 	NOT-FOR-US: Oracle
-CVE-2017-10051 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-10051
 	NOT-FOR-US: Oracle
-CVE-2017-10050 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2017-10050
 	NOT-FOR-US: Oracle
-CVE-2017-10049 (Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM ...)
+CVE-2017-10049
 	NOT-FOR-US: Oracle
-CVE-2017-10048 (Vulnerability in the Oracle Enterprise Repository component of Oracle ...)
+CVE-2017-10048
 	NOT-FOR-US: Oracle
-CVE-2017-10047 (Vulnerability in the MICROS BellaVita component of Oracle Hospitality ...)
+CVE-2017-10047
 	NOT-FOR-US: Oracle
-CVE-2017-10046 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-10046
 	NOT-FOR-US: Oracle
-CVE-2017-10045 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10045
 	NOT-FOR-US: Oracle
-CVE-2017-10044 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10044
 	NOT-FOR-US: Oracle
-CVE-2017-10043 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10043
 	NOT-FOR-US: Oracle
-CVE-2017-10042 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-10042
 	NOT-FOR-US: Oracle
-CVE-2017-10041 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10041
 	NOT-FOR-US: Oracle
-CVE-2017-10040 (Vulnerability in the Oracle WebCenter Content component of Oracle ...)
+CVE-2017-10040
 	NOT-FOR-US: Oracle
-CVE-2017-10039 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2017-10039
 	NOT-FOR-US: Oracle
-CVE-2017-10038 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-10038
 	NOT-FOR-US: Oracle
-CVE-2017-10037 (Vulnerability in the Oracle BI Publisher component of Oracle Fusion ...)
+CVE-2017-10037
 	NOT-FOR-US: Oracle
-CVE-2017-10036 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-10036
 	NOT-FOR-US: Oracle
-CVE-2017-10035 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10035
 	NOT-FOR-US: Oracle
-CVE-2017-10034 (Vulnerability in the Oracle BI Publisher component of Oracle Fusion ...)
+CVE-2017-10034
 	NOT-FOR-US: Oracle
-CVE-2017-10033 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-10033
 	NOT-FOR-US: Oracle
-CVE-2017-10032 (Vulnerability in the Oracle Transportation Management component of ...)
+CVE-2017-10032
 	NOT-FOR-US: Oracle
-CVE-2017-10031 (Vulnerability in the Oracle Communications Convergence component of ...)
+CVE-2017-10031
 	NOT-FOR-US: Oracle
-CVE-2017-10030 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10030
 	NOT-FOR-US: Oracle
-CVE-2017-10029 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10029
 	NOT-FOR-US: Oracle
-CVE-2017-10028 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10028
 	NOT-FOR-US: Oracle
-CVE-2017-10027 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10027
 	NOT-FOR-US: Oracle
-CVE-2017-10026 (Vulnerability in the Oracle SOA Suite component of Oracle Fusion ...)
+CVE-2017-10026
 	NOT-FOR-US: Oracle
-CVE-2017-10025 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10025
 	NOT-FOR-US: Oracle
-CVE-2017-10024 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2017-10024
 	NOT-FOR-US: Oracle
-CVE-2017-10023 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10023
 	NOT-FOR-US: Oracle
-CVE-2017-10022 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10022
 	NOT-FOR-US: Oracle
-CVE-2017-10021 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10021
 	NOT-FOR-US: Oracle
-CVE-2017-10020 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10020
 	NOT-FOR-US: Oracle
-CVE-2017-10019 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10019
 	NOT-FOR-US: Oracle
-CVE-2017-10018 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2017-10018
 	NOT-FOR-US: Oracle
-CVE-2017-10017 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10017
 	NOT-FOR-US: Oracle
-CVE-2017-10016 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-10016
 	NOT-FOR-US: Oracle
-CVE-2017-10015 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-10015
 	NOT-FOR-US: Oracle
-CVE-2017-10014 (Vulnerability in the Oracle Hospitality Hotel Mobile component of ...)
+CVE-2017-10014
 	NOT-FOR-US: Oracle
-CVE-2017-10013 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-10013
 	NOT-FOR-US: Oracle
-CVE-2017-10012 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10012
 	NOT-FOR-US: Oracle
-CVE-2017-10011 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10011
 	NOT-FOR-US: Oracle
-CVE-2017-10010 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10010
 	NOT-FOR-US: Oracle
-CVE-2017-10009 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10009
 	NOT-FOR-US: Oracle
-CVE-2017-10008 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10008
 	NOT-FOR-US: Oracle
-CVE-2017-10007 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10007
 	NOT-FOR-US: Oracle
-CVE-2017-10006 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10006
 	NOT-FOR-US: Oracle
-CVE-2017-10005 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-10005
 	NOT-FOR-US: Oracle
-CVE-2017-10004 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-10004
 	NOT-FOR-US: Oracle
-CVE-2017-10003 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-10003
 	NOT-FOR-US: Oracle
-CVE-2017-10002 (Vulnerability in the Oracle Hospitality Inventory Management component ...)
+CVE-2017-10002
 	NOT-FOR-US: Oracle
-CVE-2017-10001 (Vulnerability in the Oracle Hospitality Simphony First Edition ...)
+CVE-2017-10001
 	NOT-FOR-US: Oracle
-CVE-2017-10000 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2017-10000
 	NOT-FOR-US: Oracle
-CVE-2017-9782 (JasPer 2.0.12 allows remote attackers to cause a denial of service ...)
+CVE-2017-9782
 	- jasper <removed>
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	NOTE: https://github.com/mdadams/jasper/issues/140
-CVE-2017-9781 (A cross site scripting (XSS) vulnerability exists in Check_MK versions ...)
+CVE-2017-9781
 	[experimental] - check-mk 1.4.0p9-1
 	- check-mk <unfixed> (bug #865497)
 	[wheezy] - check-mk <ignored> (Minor issue)
 	NOTE: http://mathias-kettner.com/check_mk_werks.php?werk_id=4757
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commitdiff;h=c248f0b6ff7b15ced9f07a3df8a80fad656ea5b1
-CVE-2017-9779 (OCaml compiler allows attackers to have unspecified impact via unknown ...)
+CVE-2017-9779
 	- ocaml 4.05.0-9 (bug #874700)
 	[stretch] - ocaml <no-dsa> (Minor issue)
 	[jessie] - ocaml <no-dsa> (Minor issue)
@@ -24936,53 +24934,53 @@ CVE-2017-9779 (OCaml compiler allows attackers to have unspecified impact via un
 	NOTE: https://caml.inria.fr/mantis/view.php?id=7557
 	NOTE: Make sure any potential advisories are clear that any created suid
 	NOTE: binaries using ocaml must be re-created once ocaml has been updated.
-CVE-2017-9778 (GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length ...)
+CVE-2017-9778
 	- gdb <unfixed> (unimportant; bug #865607)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21600
 CVE-2017-9777
 	RESERVED
-CVE-2017-9776 (Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in ...)
+CVE-2017-9776
 	{DSA-4079-2 DSA-4079-1 DLA-1074-1}
 	- poppler 0.57.0-2 (bug #865679)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101541
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc
-CVE-2017-9775 (Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before ...)
+CVE-2017-9775
 	{DSA-4079-1 DLA-1074-1}
 	- poppler 0.57.0-2 (bug #865680)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101540
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=8f4ff8243a3d599ff2a6c08b1da389e606ba4fc9
-CVE-2017-9774 (Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a ...)
+CVE-2017-9774
 	{DSA-4276-1 DLA-1395-1}
 	- php-horde-image 2.5.1-1 (bug #865505)
 	NOTE: https://lists.horde.org/archives/announce/2017/001234.html
 	NOTE: https://github.com/horde/horde/commit/01a11ccd37149101d67e0b20261fa48ab07dae13
 	NOTE: Regression in upstream patch, fixing in https://github.com/horde/Image/pull/1
-CVE-2017-9773 (Denial of Service was found in Horde_Image 2.x before 2.5.0 via a ...)
+CVE-2017-9773
 	{DSA-4276-1}
 	- php-horde-image 2.5.1-1 (bug #865504)
 	[jessie] - php-horde-image <not-affected> (Only Horde_Image above 2.3.0 affected)
 	NOTE: https://lists.horde.org/archives/announce/2017/001234.html
 	NOTE: https://github.com/horde/horde/commit/2b8a6fe1a5fc0fc662178145f853c65956985538
-CVE-2017-9772 (Insufficient sanitisation in the OCaml compiler versions 4.04.0 and ...)
+CVE-2017-9772
 	- ocaml <not-affected> (Only affects 4.04.0 and 4.04.1)
 	NOTE: https://caml.inria.fr/mantis/view.php?id=7557
-CVE-2017-9771 (install\save.php in WebsiteBaker v2.10.0 allows remote attackers to ...)
+CVE-2017-9771
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-9770 (A specially crafted IOCTL can be issued to the rzpnk.sys driver in ...)
+CVE-2017-9770
 	NOT-FOR-US: Razer Synapse
-CVE-2017-9769 (A specially crafted IOCTL can be issued to the rzpnk.sys driver in ...)
+CVE-2017-9769
 	NOT-FOR-US: Razer Synapse
 CVE-2017-9768
 	RESERVED
-CVE-2017-9767 (Multiple cross-site scripting (XSS) vulnerabilities in Quali ...)
+CVE-2017-9767
 	NOT-FOR-US: Quali CloudShell
-CVE-2017-9766 (In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows ...)
+CVE-2017-9766
 	{DLA-1634-1}
 	- wireshark 2.4.0-1 (low; bug #870175)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d6e888400ba64de3147d1111a4c23edf389b0000
-CVE-2017-9765 (Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and ...)
+CVE-2017-9765
 	{DLA-1036-1}
 	- gsoap 2.8.48-1
 	[stretch] - gsoap 2.8.35-4+deb9u1
@@ -24991,68 +24989,68 @@ CVE-2017-9765 (Integer overflow in the soap_get function in Genivia gSOAP 2.7.x
 	NOTE: http://blog.senr.io/blog/devils-ivy-flaw-in-widely-used-third-party-code-impacts-millions
 	NOTE: https://www.genivia.com/changelog.html#Version_2.8.48_upd_(06/21/2017)
 	NOTE: SuSE patch: https://bugzilla.suse.com/attachment.cgi?id=733005
-CVE-2017-9764 (Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows ...)
+CVE-2017-9764
 	NOT-FOR-US: MetInfo
-CVE-2017-9780 (In Flatpak before 0.8.7, a third-party app repository could include ...)
+CVE-2017-9780
 	{DSA-3895-1}
 	- flatpak 0.8.7-1 (bug #865413)
 	NOTE: https://github.com/flatpak/flatpak/issues/845
-CVE-2017-10923 (Xen through 4.8.x does not validate a vCPU array index upon the sending ...)
+CVE-2017-10923
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <not-affected> (Vulnerable code not present)
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-225.html
-CVE-2017-10922 (The grant-table feature in Xen through 4.8.x mishandles MMIO region ...)
+CVE-2017-10922
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-224.html
-CVE-2017-10921 (The grant-table feature in Xen through 4.8.x does not ensure sufficient ...)
+CVE-2017-10921
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-224.html
-CVE-2017-10920 (The grant-table feature in Xen through 4.8.x mishandles a ...)
+CVE-2017-10920
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-224.html
-CVE-2017-10919 (Xen through 4.8.x mishandles virtual interrupt injection, which allows ...)
+CVE-2017-10919
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <ignored> (No backport available, limited to arm)
 	[wheezy] - xen <not-affected> (arm not supported)
 	NOTE: https://xenbits.xen.org/xsa/advisory-223.html
-CVE-2017-10918 (Xen through 4.8.x does not validate memory allocations during certain ...)
+CVE-2017-10918
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-222.html
-CVE-2017-10917 (Xen through 4.8.x does not validate the port numbers of polled event ...)
+CVE-2017-10917
 	{DSA-3969-1}
 	- xen 4.8.1-1+deb9u3
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-221.html
-CVE-2017-10916 (The vCPU context-switch implementation in Xen through 4.8.x improperly ...)
+CVE-2017-10916
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <not-affected> (Vulnerable code not present)
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-220.html
-CVE-2017-10915 (The shadow-paging feature in Xen through 4.8.x mismanages page ...)
+CVE-2017-10915
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-219.html
-CVE-2017-10914 (The grant-table feature in Xen through 4.8.x has a race condition ...)
+CVE-2017-10914
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-218.html
-CVE-2017-10913 (The grant-table feature in Xen through 4.8.x provides false mapping ...)
+CVE-2017-10913
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-218.html
-CVE-2017-10912 (Xen through 4.8.x mishandles page transfer, which allows guest OS users ...)
+CVE-2017-10912
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-217.html
-CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in ...)
+CVE-2017-10911
 	{DSA-3945-1 DSA-3927-1 DSA-3920-1 DLA-1497-1 DLA-1099-1}
 	- linux 4.11.11-1
 	- qemu 1:2.8+dfsg-7 (bug #869706)
@@ -25060,14 +25058,14 @@ CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Wheezy's xen uses an embedded qemu copy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-216.html
-CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is used for ...)
+CVE-2017-1000381
 	{DLA-998-1}
 	- c-ares 1.12.0-4 (bug #865360)
 	[stretch] - c-ares 1.12.0-1+deb9u1
 	[jessie] - c-ares 1.10.0-2+deb8u2
 	NOTE: https://c-ares.haxx.se/adv_20170620.html
 	NOTE: Patch: https://c-ares.haxx.se/CVE-2017-1000381.patch
-CVE-2017-9763 (The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before ...)
+CVE-2017-9763
 	- grub2 2.02~beta2-8 (unimportant)
 	- radare2 1.6.0+dfsg-1 (bug #869423)
 	[stretch] - radare2 <no-dsa> (Minor issue)
@@ -25076,14 +25074,14 @@ CVE-2017-9763 (The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before
 	NOTE: https://github.com/radare/radare2/commit/65000a7fd9eea62359e6d6714f17b94a99a82edd
 	NOTE: https://github.com/radare/radare2/issues/7723
 	NOTE: Not a security issue for Grub
-CVE-2017-9762 (The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows ...)
+CVE-2017-9762
 	- radare2 1.6.0+dfsg-1 (low; bug #869426)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7726
 	NOTE: https://github.com/radare/radare2/commit/f85bc674b2a2256a364fe796351bc1971e106005
-CVE-2017-9761 (The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote ...)
+CVE-2017-9761
 	- radare2 1.6.0+dfsg-1 (low; bug #869428)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -25092,65 +25090,65 @@ CVE-2017-9761 (The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows
 	NOTE: https://github.com/radare/radare2/issues/7727
 CVE-2017-9760
 	RESERVED
-CVE-2017-9759 (SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the ...)
+CVE-2017-9759
 	NOT-FOR-US: Zenbership
-CVE-2017-9758 (Savitech driver packages for Windows silently install a self-signed ...)
+CVE-2017-9758
 	NOT-FOR-US: Savitech driver packages for Windows
-CVE-2017-9757 (IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via ...)
+CVE-2017-9757
 	NOT-FOR-US: IPFire
-CVE-2017-1000375 (NetBSD maps the run-time link-editor ld.so directly below the stack ...)
+CVE-2017-1000375
 	NOT-FOR-US: NetBSD
-CVE-2017-1000374 (A flaw exists in NetBSD's implementation of the stack guard page that ...)
+CVE-2017-1000374
 	NOT-FOR-US: NetBSD
-CVE-2017-1000373 (The OpenBSD qsort() function is recursive, and not randomized, an ...)
+CVE-2017-1000373
 	NOT-FOR-US: OpenBSD
-CVE-2017-1000372 (A flaw exists in OpenBSD's implementation of the stack guard page that ...)
+CVE-2017-1000372
 	NOT-FOR-US: OpenBSD
-CVE-2017-1000364 (An issue was discovered in the size of the stack guard page on Linux, ...)
+CVE-2017-1000364
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.30-2+deb9u1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000365 (The Linux Kernel imposes a size restriction on the arguments and ...)
+CVE-2017-1000365
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.11.11-1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: Fixed by: https://git.kernel.org/linus/98da7d08850fb8bdeb395d6368ed15753304aa0c
-CVE-2017-1000366 (glibc contains a vulnerability that allows specially crafted ...)
+CVE-2017-1000366
 	{DSA-3887-1 DLA-992-1}
 	- glibc 2.24-12
 	- eglibc <removed>
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000369 (Exim supports the use of multiple &quot;-p&quot; command line arguments which ...)
+CVE-2017-1000369
 	{DSA-3888-1 DLA-1001-1}
 	- exim4 4.89-3
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000370 (The offset2lib patch as used in the Linux Kernel contains a ...)
+CVE-2017-1000370
 	{DSA-3981-1}
 	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Memory layout is different)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000371 (The offset2lib patch as used by the Linux Kernel contains a ...)
+CVE-2017-1000371
 	{DSA-3981-1}
 	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Memory layout is different)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000376 (libffi requests an executable stack allowing attackers to more easily ...)
+CVE-2017-1000376
 	{DSA-3889-1 DLA-997-1}
 	- libffi 3.2.1-4
 	NOTE: https://github.com/libffi/libffi/commit/978c9540154d320525488db1b7049277122f736d
 	NOTE: and additionally cf. #751907 for the configure flag.
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000377 (An issue was discovered in the size of the default stack guard page on ...)
+CVE-2017-1000377
 	NOT-FOR-US: GRSecurity/PAX Linux specific assignment
-CVE-2017-9756 (The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU ...)
+CVE-2017-9756
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21595
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cd3ea7c69acc5045eb28f9bf80d923116e15e4f5
-CVE-2017-9755 (opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of ...)
+CVE-2017-9755
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -25158,106 +25156,106 @@ CVE-2017-9755 (opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the num
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21594
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0d96e4df4812c3bad77c229dfef47a9bc115ac12
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8cac017d35ef374e65acc98818a17cf8a652cbd0
-CVE-2017-9754 (The process_otr function in bfd/versados.c in the Binary File ...)
+CVE-2017-9754
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21591
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=04f963fd489cae724a60140e13984415c205f4ac
-CVE-2017-9753 (The versados_mkobject function in bfd/versados.c in the Binary File ...)
+CVE-2017-9753
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21591
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=04f963fd489cae724a60140e13984415c205f4ac
-CVE-2017-9752 (bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka ...)
+CVE-2017-9752
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21589
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c53d2e6d744da000aaafe0237bced090aab62818
-CVE-2017-9751 (opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE ...)
+CVE-2017-9751
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21588
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=63323b5b23bd83fa7b04ea00dff593c933e9b0e3
-CVE-2017-9750 (opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for ...)
+CVE-2017-9750
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21587
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=db5fa770268baf8cc82cf9b141d69799fd485fe2
-CVE-2017-9749 (The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow ...)
+CVE-2017-9749
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21586
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c7881b814c546efc3996fd1decdf0877f7a779
-CVE-2017-9748 (The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor ...)
+CVE-2017-9748
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21582
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=63634bb4a107877dd08b6282e28e11cfd1a1649e
-CVE-2017-9747 (The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor ...)
+CVE-2017-9747
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21581
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=62b76e4b6e0b4cb5b3e0053d1de4097b32577049
-CVE-2017-9746 (The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows ...)
+CVE-2017-9746
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21580
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ae87f7e73eba29bd38b3a9684a10b948ed715612
-CVE-2017-9745 (The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File ...)
+CVE-2017-9745
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21579
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=76800cba595efc3fe95a446c2d664e42ae4ee869
-CVE-2017-9744 (The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary ...)
+CVE-2017-9744
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21578
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f461bbd847f15657f3dd2f317c30c75a7520da1f
-CVE-2017-9743 (The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU ...)
+CVE-2017-9743
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21577
-CVE-2017-9742 (The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 ...)
+CVE-2017-9742
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21576
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e64519d1ed7fd8f990f05a5562d5b5c0c44b7d7e
-CVE-2017-9741 (install/make-config.php in ProjectSend r754 allows remote attackers to ...)
+CVE-2017-9741
 	NOT-FOR-US: ProjectSend
-CVE-2017-9740 (The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex ...)
+CVE-2017-9740
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698064
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=961b10cdd71403072fb99401a45f3bef6ce53626
-CVE-2017-9739 (The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript ...)
+CVE-2017-9739
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869910)
@@ -25267,7 +25265,7 @@ CVE-2017-9738
 	RESERVED
 CVE-2017-9737
 	RESERVED
-CVE-2017-9736 (SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell ...)
+CVE-2017-9736
 	{DSA-3890-1}
 	- spip 3.1.4-3 (bug #864921)
 	[jessie] - spip <not-affected> (Vulnerable code not present)
@@ -25279,29 +25277,29 @@ CVE-2017-9734
 	RESERVED
 CVE-2017-9733
 	RESERVED
-CVE-2017-9732 (The read_packet function in knc (Kerberised NetCat) before 1.11-1 is ...)
+CVE-2017-9732
 	NOT-FOR-US: knc (Kerberised NetCat)
-CVE-2017-9731 (In meta/classes/package_ipk.bbclass in Poky in poky-pyro 17.0.0 for ...)
+CVE-2017-9731
 	NOT-FOR-US: Poky for Yocto Project
-CVE-2017-9730 (SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and ...)
+CVE-2017-9730
 	NOT-FOR-US: nuevoMailer
-CVE-2017-9729 (In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) ...)
+CVE-2017-9729
 	- uclibc <unfixed> (unimportant)
-CVE-2017-9728 (In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp ...)
+CVE-2017-9728
 	- uclibc <unfixed> (unimportant)
-CVE-2017-9727 (The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript ...)
+CVE-2017-9727
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869913)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=698056
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=937ccd17ac65935633b2ebc06cb7089b91e17e6b (ghostpdl-9.22rc1)
-CVE-2017-9726 (The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript ...)
+CVE-2017-9726
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869915)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=698055
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7755e67116e8973ee0e3b22d653df026a84fa01b (ghostpdl-9.22rc1)
-CVE-2017-9735 (Jetty through 9.4.x is prone to a timing channel in ...)
+CVE-2017-9735
 	{DLA-1021-1 DLA-1020-1}
 	- jetty9 9.2.22-1 (bug #864898)
 	[stretch] - jetty9 <ignored> (Harmless information leak)
@@ -25313,118 +25311,118 @@ CVE-2017-9735 (Jetty through 9.4.x is prone to a timing channel in ...)
 	NOTE: https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02
 	NOTE: https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58
 	NOTE: https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea
-CVE-2017-9725 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9725
 	- linux 4.3.1-1
 	NOTE: Fixed by: https://git.kernel.org/linus/67a2e213e7e937c41c52ab5bc46bf3f4de469f6e (4.3-rc7)
-CVE-2017-9724 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9724
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9723 (The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS ...)
+CVE-2017-9723
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-9722 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9722
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9721 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9721
 	NOT-FOR-US: Android boot loader (aboot)
-CVE-2017-9720 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9720
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9719 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9719
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9718 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9718
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9717 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9717
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9716 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9716
 	NOT-FOR-US: qbt1000 driver in Android
-CVE-2017-9715 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9715
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9714 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9714
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9713
 	RESERVED
-CVE-2017-9712 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9712
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9711
 	RESERVED
-CVE-2017-9710 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9710
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9709 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9709
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9708 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9708
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9707
 	RESERVED
-CVE-2017-9706 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9706
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9705 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9705
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9704 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-9704
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9703 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9703
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9702 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9702
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9701 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9701
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9700 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9700
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9699
 	RESERVED
-CVE-2017-9698 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9698
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9697 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9697
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9696 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9696
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9695
 	RESERVED
-CVE-2017-9694 (While parsing Netlink attributes in ...)
+CVE-2017-9694
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9693 (The length of attribute value for STA_EXT_CAPABILITY in ...)
+CVE-2017-9693
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9692 (When an atomic commit is issued on a writeback panel with a NULL ...)
+CVE-2017-9692
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9691 (There is a race condition in Android for MSM, Firefox OS for MSM, and ...)
+CVE-2017-9691
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9690 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9690
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9689 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9689
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9688
 	RESERVED
-CVE-2017-9687 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9687
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9686 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9686
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9685 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9685
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9684 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9684
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9683 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-9683
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9682 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9682
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9681 (In Android before 2017-08-05 on Qualcomm MSM, Firefox OS for MSM, QRD ...)
+CVE-2017-9681
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9680 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9680
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9679 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9679
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9678 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9678
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9677 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9677
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9676 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-9676
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9675 (On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an ...)
+CVE-2017-9675
 	NOT-FOR-US: D-Link DIR-605L devices
-CVE-2017-9674 (In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on ...)
+CVE-2017-9674
 	NOT-FOR-US: SimpleCE
-CVE-2017-9673 (In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an ...)
+CVE-2017-9673
 	NOT-FOR-US: SimpleCE
 CVE-2017-9672
 	RESERVED
-CVE-2017-9671 (A heap overflow in apk (Alpine Linux's package manager) allows a ...)
+CVE-2017-9671
 	NOT-FOR-US: apk (Alpine's package manager)
-CVE-2017-9670 (An uninitialized stack variable vulnerability in load_tic_series() in ...)
+CVE-2017-9670
 	- gnuplot 5.0.5+dfsg1-7 (unimportant; bug #864901)
 	[stretch] - gnuplot 5.0.5+dfsg1-6+deb9u1
 	[jessie] - gnuplot <not-affected> (Vulnerable code introduced later)
@@ -25437,9 +25435,9 @@ CVE-2017-9670 (An uninitialized stack variable vulnerability in load_tic_series(
 	NOTE: Fixed by: https://github.com/gnuplot/gnuplot/commit/4e39b1d7b274c7d4a69cbaba85ff321264f4457e
 	NOTE: Introduced by: https://github.com/gnuplot/gnuplot/commit/cd4b777389379598740fc02decff772b0e7bcbd6
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2017-9669 (A heap overflow in apk (Alpine Linux's package manager) allows a ...)
+CVE-2017-9669
 	NOT-FOR-US: apk (Alpine's package manager)
-CVE-2017-9668 (In admin\addgroup.php in CMS Made Simple 2.1.6, when adding a user ...)
+CVE-2017-9668
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-9667
 	RESERVED
@@ -25447,164 +25445,164 @@ CVE-2017-9666
 	RESERVED
 CVE-2017-9665
 	RESERVED
-CVE-2017-9664 (In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, ...)
+CVE-2017-9664
 	NOT-FOR-US: ABB
-CVE-2017-9663 (An Cleartext Storage of Sensitive Information issue was discovered in ...)
+CVE-2017-9663
 	NOT-FOR-US: General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client
-CVE-2017-9662 (An Improper Privilege Management issue was discovered in Fuji Electric ...)
+CVE-2017-9662
 	NOT-FOR-US: Fuji Electric Monitouch V-SFT
-CVE-2017-9661 (An Uncontrolled Search Path Element issue was discovered in SIMPlight ...)
+CVE-2017-9661
 	NOT-FOR-US: SIMPlight SCADA Software
-CVE-2017-9660 (A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch ...)
+CVE-2017-9660
 	NOT-FOR-US: Fuji Electric Monitouch V-SFT
-CVE-2017-9659 (A Stack-Based Buffer Overflow issue was discovered in Fuji Electric ...)
+CVE-2017-9659
 	NOT-FOR-US: Fuji Electric Monitouch V-SFT
-CVE-2017-9658 (Certain 802.11 network management messages have been determined to ...)
+CVE-2017-9658
 	NOT-FOR-US: Philips IntelliVue MX40
-CVE-2017-9657 (Under specific 802.11 network conditions, a partial re-association of ...)
+CVE-2017-9657
 	NOT-FOR-US: Philips IntelliVue MX40
-CVE-2017-9656 (The backend database of the Philips DoseWise Portal application ...)
+CVE-2017-9656
 	NOT-FOR-US: Philips DoseWise Portal
-CVE-2017-9655 (A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator ...)
+CVE-2017-9655
 	NOT-FOR-US: OSIsoft
-CVE-2017-9654 (The Philips DoseWise Portal web-based application versions 1.1.7.333 ...)
+CVE-2017-9654
 	NOT-FOR-US: Philips DoseWise Portal
-CVE-2017-9653 (An Improper Authorization issue was discovered in OSIsoft PI ...)
+CVE-2017-9653
 	NOT-FOR-US: OSIsoft
 CVE-2017-9652
 	RESERVED
 CVE-2017-9651
 	RESERVED
-CVE-2017-9650 (An Unrestricted Upload of File with Dangerous Type issue was discovered ...)
+CVE-2017-9650
 	NOT-FOR-US: Automated Logic Corporation (ALC)
-CVE-2017-9649 (A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion ...)
+CVE-2017-9649
 	NOT-FOR-US: Mirion
-CVE-2017-9648 (An Uncontrolled Search Path Element issue was discovered in Solar ...)
+CVE-2017-9648
 	NOT-FOR-US: Solar Controls WATTConfig M Software
-CVE-2017-9647 (A Stack-Based Buffer Overflow issue was discovered in the Continental ...)
+CVE-2017-9647
 	NOT-FOR-US: Continental AG Infineon S-Gold
-CVE-2017-9646 (An Uncontrolled Search Path Element issue was discovered in Solar ...)
+CVE-2017-9646
 	NOT-FOR-US: Solar Controls Heating Control Downloader (HCDownloader)
-CVE-2017-9645 (An Inadequate Encryption Strength issue was discovered in Mirion ...)
+CVE-2017-9645
 	NOT-FOR-US: Mirion
-CVE-2017-9644 (An Unquoted Search Path or Element issue was discovered in Automated ...)
+CVE-2017-9644
 	NOT-FOR-US: Automated Logic Corporation (ALC)
 CVE-2017-9643
 	RESERVED
 CVE-2017-9642
 	RESERVED
-CVE-2017-9641 (PI Coresight 2016 R2 contains a cross-site request forgery ...)
+CVE-2017-9641
 	NOT-FOR-US: PI Coresight
-CVE-2017-9640 (A Path Traversal issue was discovered in Automated Logic Corporation ...)
+CVE-2017-9640
 	NOT-FOR-US: Automated Logic Corporation (ALC)
-CVE-2017-9639 (An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and ...)
+CVE-2017-9639
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2017-9638 (Mitsubishi E-Designer, Version 7.52 Build 344 contains six code ...)
+CVE-2017-9638
 	NOT-FOR-US: Mitsubishi E-Designer
-CVE-2017-9637 (Schneider Electric Ampla MES 6.4 provides capability to interact with ...)
+CVE-2017-9637
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9636 (Mitsubishi E-Designer, Version 7.52 Build 344 contains five code ...)
+CVE-2017-9636
 	NOT-FOR-US: Mitsubishi E-Designer
-CVE-2017-9635 (Schneider Electric Ampla MES 6.4 provides capability to configure ...)
+CVE-2017-9635
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9634 (Mitsubishi E-Designer, Version 7.52 Build 344 contains two code ...)
+CVE-2017-9634
 	NOT-FOR-US: Mitsubishi E-Designer
-CVE-2017-9633 (An Improper Restriction of Operations within the Bounds of a Memory ...)
+CVE-2017-9633
 	NOT-FOR-US: Continental AG Infineon S-Gold 2
-CVE-2017-9632 (A Missing Encryption of Sensitive Data issue was discovered in PDQ ...)
+CVE-2017-9632
 	NOT-FOR-US: PDQ Manufacturing LaserWash
-CVE-2017-9631 (A Null Pointer Dereference issue was discovered in Schneider Electric ...)
+CVE-2017-9631
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9630 (An Improper Authentication issue was discovered in PDQ Manufacturing ...)
+CVE-2017-9630
 	NOT-FOR-US: PDQ Manufacturing LaserWash
-CVE-2017-9629 (A Stack-Based Buffer Overflow issue was discovered in Schneider ...)
+CVE-2017-9629
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9628 (An Information Exposure issue was discovered in Saia Burgess Controls ...)
+CVE-2017-9628
 	NOT-FOR-US: Saia Burgess Controls
-CVE-2017-9627 (An Uncontrolled Resource Consumption issue was discovered in Schneider ...)
+CVE-2017-9627
 	NOT-FOR-US: Schneider Electric
 CVE-2017-9626
 	RESERVED
-CVE-2017-9625 (An Improper Authentication issue was discovered in Envitech EnviDAS ...)
+CVE-2017-9625
 	NOT-FOR-US: Envitech EnviDAS Ultimate
-CVE-2017-9624 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
+CVE-2017-9624
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9623 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
+CVE-2017-9623
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9622 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
+CVE-2017-9622
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9621 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-9621
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9620 (The xps_select_font_encoding function in xps/xpsfont.c in Artifex ...)
+CVE-2017-9620
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698050
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3ee55637480d5e319a5de0481b01c3346855cbc9
-CVE-2017-9619 (The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex ...)
+CVE-2017-9619
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698042
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c53183d4e7103e87368b7cfa15367a47d559e323
-CVE-2017-9618 (The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript ...)
+CVE-2017-9618
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698044
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3c2aebbedd37fab054e80f2e315de07d7e9b5bdb
-CVE-2017-9617 (In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion ...)
+CVE-2017-9617
 	- wireshark 2.4.0-1 (low; bug #870174)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13799
-CVE-2017-9616 (In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion ...)
+CVE-2017-9616
 	- wireshark 2.4.0-1 (low; bug #870173)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
-CVE-2017-9615 (Password exposure in Cognito Software Moneyworks 8.0.3 and earlier ...)
+CVE-2017-9615
 	NOT-FOR-US: Cognito Software Moneyworks
-CVE-2017-9614 (The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 ...)
+CVE-2017-9614
 	NOT-FOR-US: Not a bug in libjpeg itself, but incorrect API usage
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167
-CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
+CVE-2017-9613
 	NOT-FOR-US: SAP SuccessFactors
-CVE-2017-9612 (The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...)
+CVE-2017-9612
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869916)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698026
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=98f6da60b9d463c617e631fc254cf6d66f2e8e3c (ghostpdl-9.22rc1)
-CVE-2017-9611 (The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript ...)
+CVE-2017-9611
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869917)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698024
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c7c55972758a93350882c32147801a3485b010fe (ghostpdl-9.22rc1)
-CVE-2017-9610 (The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript ...)
+CVE-2017-9610
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698025
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d2ab84732936b6e7e5a461dc94344902965e9a06
-CVE-2017-9609 (Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows ...)
+CVE-2017-9609
 	NOT-FOR-US: Blackcat CMS
-CVE-2017-9608 (The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 ...)
+CVE-2017-9608
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/14/1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/611b35627488a8d0763e75c25ee0875c5b7987dd
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/0a709e2a10b8288a0cc383547924ecfe285cef89
-CVE-2017-9607 (The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might ...)
+CVE-2017-9607
 	NOT-FOR-US: ARM Trusted Firmware
-CVE-2017-9606 (Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local ...)
+CVE-2017-9606
 	NOT-FOR-US: Infotecs ViPNet Client and Coordinator
-CVE-2017-9604 (KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in ...)
+CVE-2017-9604
 	- kdepim 4:16.04.3-4 (bug #864804)
 	[stretch] - kdepim 4:16.04.3-4~deb9u1
 	[jessie] - kdepim 4:4.14.1-1+deb8u1
@@ -25614,144 +25612,144 @@ CVE-2017-9604 (KDE kmail before 5.5.2 and messagelib before 5.5.2, as distribute
 	NOTE: Fixed by (kmail): https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8
 	NOTE: Fixed by (messagelib): https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197
 	NOTE: https://www.kde.org/info/security/advisory-20170615-1.txt
-CVE-2017-1000379 (The Linux Kernel running on AMD64 systems will sometimes map the ...)
+CVE-2017-1000379
 	- linux <unfixed>
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000378 (The NetBSD qsort() function is recursive, and not randomized, an ...)
+CVE-2017-1000378
 	NOT-FOR-US: NetBSD
-CVE-2017-9605 (The vmw_gb_surface_define_ioctl function (accessible via ...)
+CVE-2017-9605
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/13/2
 	NOTE: Fixed by: https://git.kernel.org/linus/07678eca2cf9c9a18584e546c2b2a0d0c9a3150c (v4.12-rc5)
-CVE-2017-9603 (SQL injection vulnerability in the WP Jobs plugin before 1.5 for ...)
+CVE-2017-9603
 	NOT-FOR-US: WP Jobs plugin for WordPress
-CVE-2017-9602 (KBVault Mysql Free Knowledge Base application package 0.16a comes with ...)
+CVE-2017-9602
 	NOT-FOR-US: KBVault Mysql Free Knowledge Base application
-CVE-2017-9601 (The &quot;FNB Kemp Mobile Banking&quot; by First National Bank of Kemp app 3.0.2 ...)
+CVE-2017-9601
 	NOT-FOR-US: "FNB Kemp Mobile Banking" by First National Bank of Kemp app
-CVE-2017-9600 (The &quot;Peoples Bank Tulsa&quot; by Peoples Bank - OK app 3.0.2 -- aka ...)
+CVE-2017-9600
 	NOT-FOR-US: "Peoples Bank Tulsa" by Peoples Bank - OK app
-CVE-2017-9599 (The &quot;Fountain Trust Mobile Banking&quot; by FOUNTAIN TRUST COMPANY app ...)
+CVE-2017-9599
 	NOT-FOR-US: "Fountain Trust Mobile Banking" by FOUNTAIN TRUST COMPANY app
-CVE-2017-9598 (The &quot;Morton Credit Union Mobile Banking&quot; by Morton Credit Union app ...)
+CVE-2017-9598
 	NOT-FOR-US: "Morton Credit Union Mobile Banking" by Morton Credit Union app
-CVE-2017-9597 (The &quot;Blue Ridge Bank and Trust Co. Mobile Banking&quot; by Blue Ridge Bank ...)
+CVE-2017-9597
 	NOT-FOR-US: "Blue Ridge Bank and Trust Co. Mobile Banking" app
-CVE-2017-9596 (The &quot;CFB Mobile Banking&quot; by Citizens First Bank Wisconsin app 3.0.1 -- ...)
+CVE-2017-9596
 	NOT-FOR-US: "CFB Mobile Banking" by Citizens First Bank Wisconsin app
-CVE-2017-9595 (The &quot;First State Bank of Bigfork Mobile Banking&quot; by First State Bank of ...)
+CVE-2017-9595
 	NOT-FOR-US: "First State Bank of Bigfork Mobile Banking" by First State Bank of Bigfork app
-CVE-2017-9594 (The &quot;SVB Mobile&quot; by Sauk Valley Bank Mobile Banking app 3.0.0 -- aka ...)
+CVE-2017-9594
 	NOT-FOR-US: "SVB Mobile" by Sauk Valley Bank Mobile Banking app
-CVE-2017-9593 (The &quot;Oculina Mobile Banking&quot; by Oculina Bank app 3.0.0 -- aka ...)
+CVE-2017-9593
 	NOT-FOR-US: "Oculina Mobile Banking" by Oculina Bank app
-CVE-2017-9592 (The &quot;Your Legacy Federal Credit Union Mobile Banking&quot; by Your Legacy ...)
+CVE-2017-9592
 	NOT-FOR-US: "Your Legacy Federal Credit Union Mobile Banking" by Your Legacy Federal Credit Union app
-CVE-2017-9591 (The &quot;PCB Mobile&quot; by Phelps County Bank app 3.0.2 -- aka ...)
+CVE-2017-9591
 	NOT-FOR-US: "PCB Mobile" by Phelps County Bank app
-CVE-2017-9590 (The &quot;State Bank of Waterloo Mobile Banking&quot; by State Bank of Waterloo ...)
+CVE-2017-9590
 	NOT-FOR-US: "State Bank of Waterloo Mobile Banking" by State Bank of Waterloo app
-CVE-2017-9589 (The &quot;SCSB Shelbyville IL Mobile Banking&quot; by Shelby County State Bank ...)
+CVE-2017-9589
 	NOT-FOR-US: "SCSB Shelbyville IL Mobile Banking" by Shelby County State Bank app
-CVE-2017-9588 (The &quot;Oritani Mobile Banking&quot; by Oritani Bank app 3.0.0 -- aka ...)
+CVE-2017-9588
 	NOT-FOR-US: "Oritani Mobile Banking" by Oritani Bank app
-CVE-2017-9587 (The &quot;PCSB BANK Mobile&quot; by PCSB Bank app 3.0.4 -- aka ...)
+CVE-2017-9587
 	NOT-FOR-US: "PCSB BANK Mobile" by PCSB Bank app
-CVE-2017-9586 (The &quot;FSBY Mobile Banking&quot; by First State Bank of Yoakum TX app 3.0.0 -- ...)
+CVE-2017-9586
 	NOT-FOR-US: "FSBY Mobile Banking" by First State Bank of Yoakum TX app
-CVE-2017-9585 (The &quot;Community State Bank - Lamar Mobile Banking&quot; by Community State ...)
+CVE-2017-9585
 	NOT-FOR-US: "Community State Bank - Lamar Mobile Banking" by Community State Bank - Lamar app
-CVE-2017-9584 (The &quot;HBO Mobile Banking&quot; by Heritage Bank of Ozarks app 3.0.0 -- aka ...)
+CVE-2017-9584
 	NOT-FOR-US: "HBO Mobile Banking" by Heritage Bank of Ozarks app
-CVE-2017-9583 (The &quot;Charlevoix State Bank&quot; by Charlevoix State Bank app 3.0.1 -- aka ...)
+CVE-2017-9583
 	NOT-FOR-US: "Charlevoix State Bank" by Charlevoix State Bank app
-CVE-2017-9582 (The &quot;BNB Mobile Banking&quot; by Brady National Bank app 3.0.0 -- aka ...)
+CVE-2017-9582
 	NOT-FOR-US: "BNB Mobile Banking" by Brady National Bank app
-CVE-2017-9581 (The &quot;Algonquin State Bank Mobile Banking&quot; by Algonquin State Bank app ...)
+CVE-2017-9581
 	NOT-FOR-US: "Algonquin State Bank Mobile Banking" by Algonquin State Bank app
-CVE-2017-9580 (The &quot;Pioneer Bank &amp; Trust Mobile Banking&quot; by PIONEER BANK AND TRUST app ...)
+CVE-2017-9580
 	NOT-FOR-US: "Pioneer Bank & Trust Mobile Banking" by PIONEER BANK AND TRUST app
-CVE-2017-9579 (The &quot;JMCU Mobile Banking&quot; by Joplin Metro Credit Union app 3.0.0 -- aka ...)
+CVE-2017-9579
 	NOT-FOR-US: "JMCU Mobile Banking" by Joplin Metro Credit Union app
-CVE-2017-9578 (The &quot;RVCB Mobile&quot; by RVCB Mobile Banking app 3.0.0 -- aka ...)
+CVE-2017-9578
 	NOT-FOR-US: "RVCB Mobile" by RVCB Mobile Banking app
-CVE-2017-9577 (The &quot;First Citizens Bank-Mobile Banking&quot; by First Citizens Bank (AL) ...)
+CVE-2017-9577
 	NOT-FOR-US: "First Citizens Bank-Mobile Banking" by First Citizens Bank (AL) app
-CVE-2017-9576 (The &quot;Middleton Community Bank Mobile Banking&quot; by Middleton Community ...)
+CVE-2017-9576
 	NOT-FOR-US: "Middleton Community Bank Mobile Banking" by Middleton Community Bank app
-CVE-2017-9575 (The &quot;FVB Mobile Banking&quot; by First Volunteer Bank of Tennessee app 3.1.1 ...)
+CVE-2017-9575
 	NOT-FOR-US: "FVB Mobile Banking" by First Volunteer Bank of Tennessee app
-CVE-2017-9574 (The &quot;KC Area Credit Union Mobile Banking&quot; by K C Area Credit Union app ...)
+CVE-2017-9574
 	NOT-FOR-US: "KC Area Credit Union Mobile Banking" by K C Area Credit Union app
-CVE-2017-9573 (The North Adams State Bank (Ursa) nasb-mobile-banking/id980573797 app ...)
+CVE-2017-9573
 	NOT-FOR-US: North Adams State Bank (Ursa) nasb-mobile-banking/id980573797 app
-CVE-2017-9572 (The athens-state-bank-mobile-banking/id719748589 app 3.0.0 for iOS does ...)
+CVE-2017-9572
 	NOT-FOR-US: athens-state-bank-mobile-banking/id719748589 app
-CVE-2017-9571 (The Citizens Community Bank (TN) ccb-mobile-banking/id610030469 app ...)
+CVE-2017-9571
 	NOT-FOR-US: Citizens Community Bank (TN) ccb-mobile-banking/id610030469 app
-CVE-2017-9570 (The mount-vernon-bank-trust-mobile-banking/id542706679 app 3.0.0 for ...)
+CVE-2017-9570
 	NOT-FOR-US: mount-vernon-bank-trust-mobile-banking/id542706679 app
-CVE-2017-9569 (The Citizens Bank (TX) cbtx-on-the-go/id892396102 app 3.0.0 for iOS ...)
+CVE-2017-9569
 	NOT-FOR-US: Citizens Bank (TX) cbtx-on-the-go/id892396102 app
-CVE-2017-9568 (The financial-plus-mobile-banking/id731070564 app 3.0.3 for iOS does ...)
+CVE-2017-9568
 	NOT-FOR-US: financial-plus-mobile-banking/id731070564 app
-CVE-2017-9567 (The avb-bank-mobile-banking/id592565443 app 3.0.0 for iOS does not ...)
+CVE-2017-9567
 	NOT-FOR-US: avb-bank-mobile-banking/id592565443 app
-CVE-2017-9566 (The fsb-dequeen-mobile-banking/id1091025340 app 3.0.1 for iOS does not ...)
+CVE-2017-9566
 	NOT-FOR-US: fsb-dequeen-mobile-banking/id1091025340 app
-CVE-2017-9565 (The first-security-bank-sleepy-eye-mobile/id870531890 app 3.0.0 for iOS ...)
+CVE-2017-9565
 	NOT-FOR-US: first-security-bank-sleepy-eye-mobile/id870531890 app
-CVE-2017-9564 (The community-banks-cb2go/id445828071 app 3.1.3 for iOS does not verify ...)
+CVE-2017-9564
 	NOT-FOR-US: community-banks-cb2go/id445828071 app
-CVE-2017-9563 (The First Citizens Community Bank fccb/id809930960 app 3.0.1 for iOS ...)
+CVE-2017-9563
 	NOT-FOR-US: First Citizens Community Bank fccb/id809930960 app
-CVE-2017-9562 (The Freedom First freedom-1st-credit-union-mobile-banking/id1085229458 ...)
+CVE-2017-9562
 	NOT-FOR-US: Freedom First freedom-1st-credit-union-mobile-banking/id1085229458 app
-CVE-2017-9561 (The Lee Bank &amp; Trust lbtc-mobile/id1068984753 app 3.0.1 for iOS does ...)
+CVE-2017-9561
 	NOT-FOR-US: Lee Bank & Trust lbtc-mobile/id1068984753 app
-CVE-2017-9560 (The cayuga-lake-national-bank/id1151601539 app 4.0.1 for iOS does not ...)
+CVE-2017-9560
 	NOT-FOR-US: cayuga-lake-national-bank/id1151601539 app
-CVE-2017-9559 (The MEA Financial vision-bank/id420406345 app 3.0.1 for iOS does not ...)
+CVE-2017-9559
 	NOT-FOR-US: MEA Financial vision-bank/id420406345 app
-CVE-2017-9558 (The wawa-employees-credit-union-mobile/id1158082793 app 4.0.1 for iOS ...)
+CVE-2017-9558
 	NOT-FOR-US: wawa-employees-credit-union-mobile/id1158082793 app
-CVE-2017-9557 (register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 ...)
+CVE-2017-9557
 	NOT-FOR-US: EFS Software Easy Chat Server
-CVE-2017-9556 (Cross-site scripting (XSS) vulnerability in Video Metadata Editor in ...)
+CVE-2017-9556
 	NOT-FOR-US: Synology Video Station
-CVE-2017-9555 (Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in ...)
+CVE-2017-9555
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-9554 (An information exposure vulnerability in forget_passwd.cgi in Synology ...)
+CVE-2017-9554
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-9553 (A design flaw in SYNO.API.Encryption in Synology DiskStation Manager ...)
+CVE-2017-9553
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-9552 (A design flaw in authentication in Synology Photo Station 6.0-2528 ...)
+CVE-2017-9552
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-9551 (Mahara 15.04 before 15.04.14 and 16.04 before 16.04.8 and 16.10 before ...)
+CVE-2017-9551
 	- mahara <removed>
 CVE-2017-9550
 	RESERVED
 CVE-2017-9549
 	RESERVED
-CVE-2017-9548 (admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) ...)
+CVE-2017-9548
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9547 (admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) ...)
+CVE-2017-9547
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9546 (admin.php in BigTree through 4.2.18 allows remote authenticated users ...)
+CVE-2017-9546
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9545 (The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows ...)
+CVE-2017-9545
 	- mpg123 1.25.4-1 (low; bug #870799)
 	[stretch] - mpg123 <no-dsa> (Minor issue)
 	[jessie] - mpg123 <no-dsa> (Minor issue)
 	[wheezy] - mpg123 <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/65
-CVE-2017-9544 (There is a remote stack-based buffer overflow (SEH) in register.ghp in ...)
+CVE-2017-9544
 	NOT-FOR-US: EFS Software Easy Chat Server
-CVE-2017-9543 (register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 ...)
+CVE-2017-9543
 	NOT-FOR-US: EFS Software Easy Chat Server
-CVE-2017-9542 (D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a ...)
+CVE-2017-9542
 	NOT-FOR-US: D-Link
 CVE-2017-9541
 	RESERVED
@@ -25759,36 +25757,36 @@ CVE-2017-9540
 	RESERVED
 CVE-2017-9539
 	RESERVED
-CVE-2017-9538 (The 'Upload logo from external path' function of SolarWinds Network ...)
+CVE-2017-9538
 	NOT-FOR-US: SolarWinds Network Performance Monitor
-CVE-2017-9537 (Persistent cross-site scripting (XSS) in the Add Node function of ...)
+CVE-2017-9537
 	NOT-FOR-US: SolarWinds Network Performance Monitor
-CVE-2017-9536 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9536
 	NOT-FOR-US: IrfanView
-CVE-2017-9535 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9535
 	NOT-FOR-US: IrfanView
-CVE-2017-9534 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9534
 	NOT-FOR-US: IrfanView
-CVE-2017-9533 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9533
 	NOT-FOR-US: IrfanView
-CVE-2017-9532 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9532
 	NOT-FOR-US: IrfanView
-CVE-2017-9531 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to ...)
+CVE-2017-9531
 	NOT-FOR-US: IrfanView
-CVE-2017-9530 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
+CVE-2017-9530
 	NOT-FOR-US: IrfanView
-CVE-2017-9529 (XnView Classic for Windows Version 2.40 allows remote attackers to ...)
+CVE-2017-9529
 	NOT-FOR-US: XnView
-CVE-2017-9528 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote ...)
+CVE-2017-9528
 	NOT-FOR-US: IrfanView
-CVE-2017-9527 (The mark_context_stack function in gc.c in mruby through 1.2.0 allows ...)
+CVE-2017-9527
 	[experimental] - mruby 1.2.0+20170601+git51e0e690-1
 	- mruby 1.3.0-1 (low; bug #865778)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/3486
 	NOTE: Fixed by: https://github.com/mruby/mruby/commit/5c114c91d4ff31859fcd84cf8bf349b737b90d99
-CVE-2017-9526 (In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key ...)
+CVE-2017-9526
 	{DSA-3880-1}
 	- libgcrypt20 1.7.6-2
 	- libgcrypt11 <not-affected> (Curve Ed25519 signing and verification introduced in 1.6.0)
@@ -25797,7 +25795,7 @@ CVE-2017-9526 (In Libgcrypt before 1.7.7, an attacker who learns the EdDSA sessi
 	NOTE: Curve Ed25519 signing and verification inplemented in 1.6.0 with
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=bc5199a02abe428ad377443280b3eda60141a1d6
 	NOTE: and following refactorings.
-CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...)
+CVE-2017-9524
 	{DSA-3925-1}
 	- qemu 1:2.8+dfsg-7 (bug #865755)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -25806,58 +25804,58 @@ CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built with
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg06240.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02321.html
-CVE-2017-9525 (In the cron package through 3.0pl1-128 on Debian, and through ...)
+CVE-2017-9525
 	- cron 3.0pl1-129 (bug #864466)
 	[stretch] - cron <no-dsa> (Minor issue)
 	[jessie] - cron <no-dsa> (Minor issue)
 	[wheezy] - cron <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/08/3
-CVE-2017-9523 (The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, ...)
+CVE-2017-9523
 	NOT-FOR-US: Sophos
-CVE-2017-9522 (The Time Warner firmware on Technicolor TC8717T devices sets the ...)
+CVE-2017-9522
 	NOT-FOR-US: Time Warner firmware on Technicolor TC8717T devices
-CVE-2017-9521 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9521
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9520 (The r_config_set function in libr/config/config.c in radare2 1.5.0 ...)
+CVE-2017-9520
 	- radare2 1.6.0+dfsg-1 (low; bug #864533)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/f85bc674b2a2256a364fe796351bc1971e106005
 	NOTE: https://github.com/radare/radare2/issues/7698
-CVE-2017-9519 (atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user ...)
+CVE-2017-9519
 	NOT-FOR-US: atmail
-CVE-2017-9518 (atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP ...)
+CVE-2017-9518
 	NOT-FOR-US: atmail
-CVE-2017-9517 (atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and ...)
+CVE-2017-9517
 	NOT-FOR-US: atmail
-CVE-2017-9516 (Craft CMS before 2.6.2982 allows for a potential XSS attack vector by ...)
+CVE-2017-9516
 	NOT-FOR-US: Craft CMS
 CVE-2017-9515
 	RESERVED
-CVE-2017-9514 (Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a ...)
+CVE-2017-9514
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-9513 (Several rest inline action resources of Atlassian Activity Streams ...)
+CVE-2017-9513
 	NOT-FOR-US: Atlassian Activity Streams
-CVE-2017-9512 (The mostActiveCommitters.do resource in Atlassian FishEye and ...)
+CVE-2017-9512
 	NOT-FOR-US: Atlassian
-CVE-2017-9511 (The MultiPathResource class in Atlassian FishEye and Crucible, before ...)
+CVE-2017-9511
 	NOT-FOR-US: Atlassian
-CVE-2017-9510 (The repository changelog resource in Atlassian FishEye before version ...)
+CVE-2017-9510
 	NOT-FOR-US: Atlassian
-CVE-2017-9509 (The review file upload resource in Atlassian Crucible before version ...)
+CVE-2017-9509
 	NOT-FOR-US: Atlassian
-CVE-2017-9508 (Various resources in Atlassian FishEye and Crucible before version ...)
+CVE-2017-9508
 	NOT-FOR-US: Atlassian
-CVE-2017-9507 (The review dashboard resource in Atlassian Crucible from version 4.1.0 ...)
+CVE-2017-9507
 	NOT-FOR-US: Atlassian
-CVE-2017-9506 (The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 ...)
+CVE-2017-9506
 	NOT-FOR-US: Atlassian
-CVE-2017-9505 (Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if ...)
+CVE-2017-9505
 	NOT-FOR-US: Atlassian Confluence
 CVE-2017-9504
 	REJECTED
-CVE-2017-9503 (QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host ...)
+CVE-2017-9503
 	{DLA-1497-1}
 	- qemu 1:2.10.0-1 (low; bug #865754)
 	[stretch] - qemu <ignored> (Minor issue, too intrusive to backport)
@@ -25873,80 +25871,80 @@ CVE-2017-9503 (QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 H
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=24c0c77af515acbf0f9705e8096f33ef24d37430
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=134550bf81a026e18cf58b81e2c2cceaf516f92e
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=660174fc1b346803b3f1d7c260e2a36329b66435
-CVE-2017-9502 (In curl before 7.54.1 on Windows and DOS, libcurl's default protocol ...)
+CVE-2017-9502
 	- curl <not-affected> (Windows only)
-CVE-2017-9501 (In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the ...)
+CVE-2017-9501
 	{DSA-3914-1 DLA-1081-1 DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #867721)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/491
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74
-CVE-2017-9500 (In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the ...)
+CVE-2017-9500
 	{DSA-4019-1 DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #867778)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/500
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/5d95b4c24a964114e2b1ae85c2b36769251ed11d
 	NOTE: Fixed by (6.x): https://github.com/ImageMagick/ImageMagick/commit/837085e7725f6eb591eb019e299c1ddcf34b9a79
-CVE-2017-9499 (In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the ...)
+CVE-2017-9499
 	- imagemagick <not-affected> (Vulnerable code introduced later, only affects ImageMagick 7.x)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/492
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/7fd419441bc7103398e313558171d342c6315f44
-CVE-2017-9498 (The Comcast firmware on Motorola MX011ANM (firmware version ...)
+CVE-2017-9498
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9497 (The Comcast firmware on Motorola MX011ANM (firmware version ...)
+CVE-2017-9497
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9496 (The Comcast firmware on Motorola MX011ANM (firmware version ...)
+CVE-2017-9496
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9495 (The Comcast firmware on Motorola MX011ANM (firmware version ...)
+CVE-2017-9495
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9494 (The Comcast firmware on Motorola MX011ANM (firmware version ...)
+CVE-2017-9494
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9493 (The Comcast firmware on Motorola MX011ANM (firmware version ...)
+CVE-2017-9493
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9492 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9492
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9491 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9491
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9490 (The Comcast firmware on Arris TG1682G (eMTA&amp;DOCSIS version ...)
+CVE-2017-9490
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9489 (The Comcast firmware on Cisco DPC3939B (firmware version ...)
+CVE-2017-9489
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9488 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9488
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9487 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9487
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9486 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9486
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9485 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9485
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9484 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9484
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9483 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9483
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9482 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9482
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9481 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9481
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9480 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9480
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9479 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9479
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9478 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9478
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9477 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9477
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9476 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
+CVE-2017-9476
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9475 (Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to ...)
+CVE-2017-9475
 	NOT-FOR-US: Comcast XFINITY WiFi Home Hotspot devices
-CVE-2017-9474 (In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote ...)
+CVE-2017-9474
 	- libytnef 1.9.3-1 (low; bug #870192)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/40
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-decompressrtf-ytnef-c/
-CVE-2017-9473 (In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote ...)
+CVE-2017-9473
 	- libytnef 1.9.3-1 (low; bug #870197)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
@@ -25954,181 +25952,181 @@ CVE-2017-9473 (In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows r
 	NOTE: https://github.com/Yeraze/ytnef/issues/42
 	NOTE: https?//github.com/Yeraze/ytnef/commit/a341b7f1bf8a2c59ece89f2d6cdc09856d501cc0
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-memory-allocation-failure-in-tneffillmapi-ytnef-c/
-CVE-2017-9472 (In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote ...)
+CVE-2017-9472
 	- libytnef 1.9.3-1 (low; bug #870193)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/41
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-swapdword-ytnef-c/
-CVE-2017-9471 (In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote ...)
+CVE-2017-9471
 	- libytnef 1.9.3-1 (low; bug #870194)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/39
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-swapword-ytnef-c/
-CVE-2017-9470 (In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote ...)
+CVE-2017-9470
 	- libytnef 1.9.3-1 (low; bug #870196)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/37
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-null-pointer-dereference-in-mapiprint-ytnef-c/
-CVE-2017-9469 (In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC ...)
+CVE-2017-9469
 	{DSA-3885-1 DLA-1088-1}
 	- irssi 1.0.3-1 (bug #864400)
 	NOTE: https://github.com/irssi/irssi/commit/30a92754bb650c3dedd507d41110443142899a65
 	NOTE: https://irssi.org/security/irssi_sa_2017_06.txt
-CVE-2017-9468 (In Irssi before 1.0.3, when receiving a DCC message without source ...)
+CVE-2017-9468
 	{DSA-3885-1 DLA-1088-1}
 	- irssi 1.0.3-1 (bug #864400)
 	NOTE: https://github.com/irssi/irssi/commit/528f51bfbe5c65c5b24546faa244009dd5b3c586
 	NOTE: https://irssi.org/security/irssi_sa_2017_06.txt
-CVE-2017-9467 (Cross-site scripting (XSS) vulnerability in the GlobalProtect external ...)
+CVE-2017-9467
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-9466 (The executable httpd on the TP-Link WR841N V8 router before ...)
+CVE-2017-9466
 	NOT-FOR-US: TP-Link
-CVE-2017-9465 (The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...)
+CVE-2017-9465
 	- yara 3.6.2+dfsg-1 (low; bug #864517)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/678
 	NOTE: https://github.com/VirusTotal/yara/commit/992480c30f75943e9cd6245bb2015c7737f9b661
-CVE-2017-9464 (An open redirect vulnerability is present in Piwigo 2.9 and probably ...)
+CVE-2017-9464
 	- piwigo <removed>
-CVE-2017-9463 (The application Piwigo is affected by a SQL injection vulnerability in ...)
+CVE-2017-9463
 	- piwigo <removed>
 CVE-2017-9460
 	RESERVED
-CVE-2017-9459 (Cross-site scripting (XSS) vulnerability in the management web ...)
+CVE-2017-9459
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-9458 (XML external entity (XXE) vulnerability in the GlobalProtect internal ...)
+CVE-2017-9458
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-9457 (Intense PC Phoenix SecureCore UEFI firmware does not perform capsule ...)
+CVE-2017-9457
 	NOT-FOR-US: Intense PC (aka MintBox 2) Phoenix SecureCore UEFI firmware
 CVE-2017-9456
 	RESERVED
 CVE-2017-9455
 	RESERVED
-CVE-2017-9454 (Buffer overflow in the ares_parse_a_reply function in the embedded ...)
+CVE-2017-9454
 	- resiprocate 1:1.11.0~beta4-1 (unimportant)
 	NOTE: https://github.com/resiprocate/resiprocate/commit/d67a9ca6fd06ca65d23e313bdbad1ef4dd3aa0df
 	NOTE: Fixed sourcewise in 1:1.11.0~beta4-1 but unimportant since uses the
 	NOTE: system library.
 CVE-2017-9453
 	RESERVED
-CVE-2017-9452 (Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 ...)
+CVE-2017-9452
 	- piwigo <removed>
-CVE-2017-9451 (Cross site scripting (XSS) vulnerability in pages.edit_form.php in ...)
+CVE-2017-9451
 	NOT-FOR-US: flatCore CMS
-CVE-2017-9450 (The Amazon Web Services (AWS) CloudFormation bootstrap tools package ...)
+CVE-2017-9450
 	NOT-FOR-US: Amazon Web Services (AWS) CloudFormation bootstrap tools package
-CVE-2017-9449 (SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote ...)
+CVE-2017-9449
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9448 (Cross-site scripting (XSS) vulnerabilities in BigTree CMS through ...)
+CVE-2017-9448
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9462 (In Mercurial before 4.1.3, &quot;hg serve --stdio&quot; allows remote ...)
+CVE-2017-9462
 	{DLA-1414-1 DLA-1005-1}
 	- mercurial 4.3.1-1 (bug #861243)
 	[stretch] - mercurial 4.0-1+deb9u1
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.1.3_.282017-4-18.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/77eaf9539499
-CVE-2017-9461 (smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of ...)
+CVE-2017-9461
 	- samba 2:4.5.6+dfsg-1 (bug #864291)
 	[jessie] - samba <no-dsa> (Minor issue)
 	[wheezy] - samba <no-dsa> (Minor, non reproducible issue)
 	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=10c3e3923022485c720f322ca4f0aca5d7501310
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12572
-CVE-2017-9447 (In the web interface of Parallels Remote Application Server (RAS) 15.5 ...)
+CVE-2017-9447
 	NOT-FOR-US: Parallels Remote Application Server
 CVE-2017-9446
 	RESERVED
-CVE-2017-9445 (In systemd through 233, certain sizes passed to dns_packet_new in ...)
+CVE-2017-9445
 	- systemd 233-10 (bug #866147)
 	[stretch] - systemd 232-25+deb9u1
 	[jessie] - systemd <not-affected> (Vulnerable code not present)
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://github.com/systemd/systemd/commit/a0166609f782da91710dea9183d1bf138538db37
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/27/8
-CVE-2017-9444 (BigTree CMS through 4.2.18 has CSRF related to the ...)
+CVE-2017-9444
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9443 (** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated ...)
+CVE-2017-9443
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9442 (** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated ...)
+CVE-2017-9442
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9441 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2017-9441
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9440 (In ImageMagick 7.0.5-5, a memory leak was found in the function ...)
+CVE-2017-9440
 	{DSA-3914-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #864273)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/462
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/c2be129c25763680afeca59f4de5d6d4240ca2cf
-CVE-2017-9439 (In ImageMagick 7.0.5-5, a memory leak was found in the function ...)
+CVE-2017-9439
 	{DSA-3914-1 DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #864274)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/460
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6c6abed989ea4a3ef472db65ab487c1809a3a718
-CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers ...)
+CVE-2017-9438
 	- yara 3.6.1+dfsg-1 (low; bug #864518)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/674
 	NOTE: Fixed by: https://github.com/VirusTotal/yara/commit/10e8bd3071677dd1fa76beeef4bc2fc427cea5e7
-CVE-2017-9437 (Openbravo Business Suite 3.0 is affected by SQL injection. This ...)
+CVE-2017-9437
 	NOT-FOR-US: Openbravo Business Suite
-CVE-2017-9436 (TeamPass before 2.1.27.4 is vulnerable to a SQL injection in ...)
+CVE-2017-9436
 	NOT-FOR-US: TeamPass
-CVE-2017-9435 (Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in ...)
+CVE-2017-9435
 	- dolibarr 5.0.4+dfsg3-1 (bug #864569)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/70636cc59ffa1ffbc0ce3dba315d7d9b837aad04
-CVE-2017-9434 (Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read ...)
+CVE-2017-9434
 	- libcrypto++ 5.6.4-7 (bug #864214)
 	[jessie] - libcrypto++ <no-dsa> (Minor issue)
 	[wheezy] - libcrypto++ <no-dsa> (Minor issue)
 	NOTE: https://github.com/weidai11/cryptopp/issues/414
 	NOTE: https://github.com/weidai11/cryptopp/commit/07dbcc3d9644b18e05c1776db2a57fe04d780965
-CVE-2017-9433 (Document Liberation Project libmwaw before 2017-04-08 has an ...)
+CVE-2017-9433
 	{DSA-3875-1}
 	- libmwaw 0.3.9-2 (bug #864366)
 	NOTE: https://sourceforge.net/p/libmwaw/libmwaw/ci/68b3b74569881248bfb6cbb4266177cc253b292f/
-CVE-2017-9432 (Document Liberation Project libstaroffice before 2017-04-07 has an ...)
+CVE-2017-9432
 	- libstaroffice 0.0.3-3 (bug #864207)
-CVE-2017-9431 (Google gRPC before 2017-04-05 has an out-of-bounds write caused by a ...)
+CVE-2017-9431
 	- grpc 1.3.2-0.1 (bug #864210)
 	NOTE: https://github.com/grpc/grpc/pull/10492
 	NOTE: Fixed by: https://github.com/grpc/grpc/commit/c6ec1155d026c91b1badb07ef1605bb747cff064
-CVE-2017-9430 (Stack-based buffer overflow in dnstracer through 1.9 allows attackers ...)
+CVE-2017-9430
 	- dnstracer <unfixed> (unimportant)
 	NOTE: Crash in CLI tool, disputable if any exposed service makes use of dnstrace.
 	NOTE: One scenario would be to have a web application that launches dnstracer
 	NOTE: with user supplied name strings to evaluate.
-CVE-2017-9429 (SQL injection vulnerability in the Event List plugin 0.7.8 for ...)
+CVE-2017-9429
 	NOT-FOR-US: Event List plugin for WordPress
-CVE-2017-9428 (A directory traversal vulnerability exists in ...)
+CVE-2017-9428
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9427 (SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote ...)
+CVE-2017-9427
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9426 (ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection ...)
+CVE-2017-9426
 	NOT-FOR-US: Piwigo extension
-CVE-2017-9425 (The Facetag extension 0.0.3 for Piwigo allows XSS via the name ...)
+CVE-2017-9425
 	NOT-FOR-US: Piwigo extension
-CVE-2017-9424 (IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers ...)
+CVE-2017-9424
 	NOT-FOR-US: IdeaBlade Breeze Breeze.Server.NET
 CVE-2017-9423
 	RESERVED
 CVE-2017-9422
 	REJECTED
-CVE-2017-9421 (Authentication Bypass vulnerability in Accellion kiteworks before ...)
+CVE-2017-9421
 	NOT-FOR-US: Accellion kiteworks
-CVE-2017-9420 (Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin ...)
+CVE-2017-9420
 	NOT-FOR-US: Spiffy Calendar plugin for WordPress
-CVE-2017-9419 (Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom ...)
+CVE-2017-9419
 	NOT-FOR-US: Webhammer WP Custom Fields Search plugin for WordPress
-CVE-2017-9418 (SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for ...)
+CVE-2017-9418
 	NOT-FOR-US: WP-Testimonials plugin for WordPress
-CVE-2017-9417 (Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute ...)
+CVE-2017-9417
 	{DLA-1573-1}
 	- firmware-nonfree 20180518-1 (bug #869639)
 	[stretch] - firmware-nonfree 20161130-4
@@ -26136,15 +26134,15 @@ CVE-2017-9417 (Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute ..
 	[wheezy] - firmware-nonfree <no-dsa> (non-free not supported)
 	NOTE: https://www.blackhat.com/us-17/briefings/schedule/#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets-7603
 	NOTE: https://marc.info/?l=linux-wireless&m=150391055518346&w=2
-CVE-2017-9416 (Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, ...)
+CVE-2017-9416
 	NOT-FOR-US: Odoo
-CVE-2017-9415 (Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 ...)
+CVE-2017-9415
 	NOT-FOR-US: Subsonic
-CVE-2017-9414 (Cross-site request forgery (CSRF) vulnerability in the Subscribe to ...)
+CVE-2017-9414
 	NOT-FOR-US: Subsonic
-CVE-2017-9413 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2017-9413
 	NOT-FOR-US: Subsonic
-CVE-2017-9412 (The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 ...)
+CVE-2017-9412
 	- lame 3.99.5+repack1-7
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: Fixed by the improved 0001-Add-check-for-invalid-input-sample-rate.patch in
@@ -26152,46 +26150,46 @@ CVE-2017-9412 (The unpack_read_samples function in frontend/get_audio.c in LAME
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/463/
 	NOTE: Invalid read in command line tool so no CVE is needed. MITRE contacted by ago@gentoo
-CVE-2017-9411 (The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ...)
+CVE-2017-9411
 	- lame 3.99.5+repack1-6
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/462/
 	NOTE: Duplicate of CVE-2015-9100
-CVE-2017-9410 (The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ...)
+CVE-2017-9410
 	- lame 3.99.5+repack1-6
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/461/
 	NOTE: Duplicate of CVE-2015-9101
-CVE-2017-9409 (In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows ...)
+CVE-2017-9409
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864090)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/458
-CVE-2017-9408 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
+CVE-2017-9408
 	{DSA-4079-1}
 	- poppler 0.57.0-2 (low; bug #864009)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100776
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=b21b041f7948680c03109f0c404400a9dbc4544c
-CVE-2017-9407 (In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows ...)
+CVE-2017-9407
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864089)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/459
-CVE-2017-9406 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
+CVE-2017-9406
 	{DSA-4079-1}
 	- poppler 0.57.0-2 (low; bug #864010)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100775
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=278439531b13b0b047dbe3a75aa3f1b3407c8bd4
-CVE-2017-9405 (In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows ...)
+CVE-2017-9405
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864087)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/457
-CVE-2017-9404 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the function ...)
+CVE-2017-9404
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -26208,7 +26206,7 @@ CVE-2017-9404 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the fu
 	NOTE: 2ea32f7372b65c24b2816f11c04bf59b5090d05b commit the Direct leak of 73 byte
 	NOTE: with backtrace following the methods in http://bugzilla.maptools.org/show_bug.cgi?id=2688
 	NOTE: is shown.
-CVE-2017-9403 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the function ...)
+CVE-2017-9403
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -26231,9 +26229,9 @@ CVE-2017-9396
 	RESERVED
 CVE-2017-9395
 	RESERVED
-CVE-2017-9394 (A stored cross-site scripting vulnerability in CA Identity Governance ...)
+CVE-2017-9394
 	NOT-FOR-US: CA Identity Governance
-CVE-2017-9393 (CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote ...)
+CVE-2017-9393
 	NOT-FOR-US: CA Identity Manager
 CVE-2017-9392
 	RESERVED
@@ -26259,17 +26257,17 @@ CVE-2017-9382
 	RESERVED
 CVE-2017-9381
 	RESERVED
-CVE-2017-9380 (OpenEMR 5.0.0 and prior allows low-privilege users to upload files of ...)
+CVE-2017-9380
 	NOT-FOR-US: OpenEMR
-CVE-2017-9379 (Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear ...)
+CVE-2017-9379
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9378 (BigTree CMS through 4.2.18 does not prevent a user from deleting their ...)
+CVE-2017-9378
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9377 (A command injection was identified on Barco ClickShare Base Unit ...)
+CVE-2017-9377
 	NOT-FOR-US: Barco ClickShare Base Unit device
 CVE-2017-9376
 	RESERVED
-CVE-2017-9375 (QEMU (aka Quick Emulator), when built with USB xHCI controller ...)
+CVE-2017-9375
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (bug #864219)
 	[jessie] - qemu <no-dsa> (Minor issue)
@@ -26277,90 +26275,90 @@ CVE-2017-9375 (QEMU (aka Quick Emulator), when built with USB xHCI controller ..
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
-CVE-2017-9374 (Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI ...)
+CVE-2017-9374
 	{DSA-3920-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #864568)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
-CVE-2017-9373 (Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI ...)
+CVE-2017-9373
 	{DSA-3920-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #864216)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d68f0f778e7f4fbd674627274267f269e40f0b04
-CVE-2017-9371 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 ...)
+CVE-2017-9371
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-9370 (An information disclosure / elevation of privilege vulnerability in ...)
+CVE-2017-9370
 	NOT-FOR-US: BlackBerry
-CVE-2017-9369 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 ...)
+CVE-2017-9369
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-9368 (An information disclosure vulnerability in the BlackBerry Workspaces ...)
+CVE-2017-9368
 	NOT-FOR-US: BlackBerry Workspaces Server
-CVE-2017-9367 (A directory traversal vulnerability in the BlackBerry Workspaces ...)
+CVE-2017-9367
 	NOT-FOR-US: BlackBerry Workspaces Server
-CVE-2017-9366 (Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) ...)
+CVE-2017-9366
 	NOT-FOR-US: Telaxus EPESI
-CVE-2017-9365 (CSRF exists in BigTree CMS through 4.2.18 with the force parameter to ...)
+CVE-2017-9365
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9364 (Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an ...)
+CVE-2017-9364
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9363 (Untrusted Java serialization in Soffid IAM console before 1.7.5 allows ...)
+CVE-2017-9363
 	NOT-FOR-US: Soffid IAM console
 CVE-2017-9362
 	RESERVED
-CVE-2017-9361 (WebsiteBaker v2.10.0 has a stored XSS vulnerability in ...)
+CVE-2017-9361
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-9360 (WebsiteBaker v2.10.0 has a SQL injection vulnerability in ...)
+CVE-2017-9360
 	NOT-FOR-US: WebsiteBaker
 CVE-2017-9357
 	RESERVED
-CVE-2017-9356 (Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability ...)
+CVE-2017-9356
 	NOT-FOR-US: Sitecore.NET
-CVE-2017-9358 (A memory exhaustion vulnerability exists in Asterisk Open Source 13.x ...)
+CVE-2017-9358
 	- asterisk 1:13.14.1~dfsg-2 (bug #863906)
 	[jessie] - asterisk <not-affected> (11.x series not affected)
 	[wheezy] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-004.txt
-CVE-2017-9359 (The multi-part body parser in PJSIP, as used in Asterisk Open Source ...)
+CVE-2017-9359
 	{DSA-3933-1}
 	- pjproject 2.5.5~dfsg-6 (bug #863902)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-003.txt
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-26939
-CVE-2017-9372 (PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x ...)
+CVE-2017-9372
 	{DSA-3933-1}
 	- pjproject 2.5.5~dfsg-6 (bug #863901)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-002.txt
-CVE-2017-9355 (XML external entity (XXE) vulnerability in the import playlist feature ...)
+CVE-2017-9355
 	NOT-FOR-US: Subsonic
-CVE-2017-9354 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector ...)
+CVE-2017-9354
 	- wireshark 2.2.7-1 (bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-32.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
-CVE-2017-9353 (In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was ...)
+CVE-2017-9353
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-33.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13675
-CVE-2017-9352 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector ...)
+CVE-2017-9352
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-22.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
-CVE-2017-9351 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector ...)
+CVE-2017-9351
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-24.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
-CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY ...)
+CVE-2017-9350
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -26369,44 +26367,44 @@ CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY .
 	NOTE: When fixing this entry make sure to apply the complete fix and adding
 	NOTE: the related commits from the CVE-2017-11411. Otherwise those releases
 	NOTE: are opened to CVE-2017-11411, which exists because of an incomplete fix.
-CVE-2017-9349 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector ...)
+CVE-2017-9349
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-27.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
-CVE-2017-9348 (In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end ...)
+CVE-2017-9348
 	- wireshark 2.2.7-1 (bug #864058)
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-23.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13608
-CVE-2017-9347 (In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL ...)
+CVE-2017-9347
 	- wireshark 2.2.7-1 (bug #864058)
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-31.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13637
-CVE-2017-9346 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector ...)
+CVE-2017-9346
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-25.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631
-CVE-2017-9345 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector ...)
+CVE-2017-9345
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-26.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
-CVE-2017-9344 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP ...)
+CVE-2017-9344
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-29.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
-CVE-2017-9343 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector ...)
+CVE-2017-9343
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -26416,27 +26414,27 @@ CVE-2017-9342
 	RESERVED
 CVE-2017-9341
 	RESERVED
-CVE-2017-9340 (An attacker is logged in as a normal user and can somehow make admin ...)
+CVE-2017-9340
 	- owncloud <removed>
-CVE-2017-9339 (A logical error in ownCloud Server before 10.0.2 caused disclosure of ...)
+CVE-2017-9339
 	- owncloud <removed>
-CVE-2017-9338 (Inadequate escaping lead to XSS vulnerability in the search module in ...)
+CVE-2017-9338
 	- owncloud <removed>
-CVE-2017-9337 (The Markdown on Save Improved plugin 2.5 for WordPress has a stored XSS ...)
+CVE-2017-9337
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-9336 (The WP Editor.MD plugin 1.6 for WordPress has a stored XSS ...)
+CVE-2017-9336
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-9335
 	RESERVED
-CVE-2017-9333 (OpenWebif 1.2.5 allows remote code execution via a URL to the CallOPKG ...)
+CVE-2017-9333
 	NOT-FOR-US: OpenWebif
-CVE-2017-9332 (The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 ...)
+CVE-2017-9332
 	NOT-FOR-US: PivotX
-CVE-2017-9331 (The Agenda component in Telaxus EPESI 1.8.2 and earlier has a Stored ...)
+CVE-2017-9331
 	NOT-FOR-US: Telaxus EPESI
 CVE-2017-9329
 	RESERVED
-CVE-2017-9328 (Shell metacharacter injection vulnerability in ...)
+CVE-2017-9328
 	NOT-FOR-US: TerraMaster TOS
 CVE-2017-9327
 	RESERVED
@@ -26444,21 +26442,21 @@ CVE-2017-9326
 	RESERVED
 CVE-2017-9325
 	RESERVED
-CVE-2017-9334 (An incorrect &quot;pair?&quot; check in the Scheme &quot;length&quot; procedure results in ...)
+CVE-2017-9334
 	- chicken 4.12.0-0.2 (low; bug #863884)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: Original announcement: http://lists.nongnu.org/archive/html/chicken-announce/2017-05/msg00000.html
 	NOTE: Patch: http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html
-CVE-2017-9330 (QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI ...)
+CVE-2017-9330
 	{DSA-3920-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #863943)
 	[wheezy] - qemu <not-affected> (Vulnerable code no present)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code no present)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=26f670a244982335cc08943fb1ec099a2c81e42d
-CVE-2017-9324 (In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through ...)
+CVE-2017-9324
 	{DSA-3876-1}
 	- otrs2 5.0.20-1 (bug #864319)
 	[stretch] - otrs2 5.0.16-1+deb9u1
@@ -26477,17 +26475,17 @@ CVE-2017-9319
 	RESERVED
 CVE-2017-9318
 	RESERVED
-CVE-2017-9317 (Privilege escalation vulnerability found in some Dahua IP devices. ...)
+CVE-2017-9317
 	NOT-FOR-US: Dahua
-CVE-2017-9316 (Firmware upgrade authentication bypass vulnerability was found in ...)
+CVE-2017-9316
 	NOT-FOR-US: Dahua
-CVE-2017-9315 (Customer of Dahua IP camera or IP PTZ could submit relevant device ...)
+CVE-2017-9315
 	NOT-FOR-US: Dahua
-CVE-2017-9314 (Authentication vulnerability found in Dahua NVR models NVR50XX, ...)
+CVE-2017-9314
 	NOT-FOR-US: Dahua NVR
-CVE-2017-9313 (Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before ...)
+CVE-2017-9313
 	- webmin <removed>
-CVE-2017-9312 (Improperly implemented option-field processing in the TCP/IP stack on ...)
+CVE-2017-9312
 	NOT-FOR-US: Allen-Bradley
 CVE-2017-9311
 	RESERVED
@@ -26495,24 +26493,24 @@ CVE-2017-9309
 	RESERVED
 CVE-2017-9308
 	RESERVED
-CVE-2017-9307 (SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows ...)
+CVE-2017-9307
 	NOT-FOR-US: Allen Disk
-CVE-2017-9306 (inc/SP/Html/Html.class.php in sysPass 2.1.9 allows remote attackers to ...)
+CVE-2017-9306
 	NOT-FOR-US: sysPass
-CVE-2017-9305 (lib/core/TikiFilter/PreventXss.php in Tiki Wiki CMS Groupware 16.2 ...)
+CVE-2017-9305
 	- tikiwiki <removed>
-CVE-2017-9304 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers ...)
+CVE-2017-9304
 	- yara 3.6.1+dfsg-1 (bug #863842)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/674
 	NOTE: https://github.com/VirusTotal/yara/commit/925bcf3c3b0a28b5b78e25d9efda5c0bf27ae699
-CVE-2017-1000380 (sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a ...)
+CVE-2017-1000380
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.11.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d11662f4f798b50d8c8743f433842c3e40fe3378 (v4.12-rc5)
 	NOTE: Fixed by: https://git.kernel.org/linus/ba3021b2c79b2fa9114f92790a99deb27a65b728 (v4.12-rc5)
-CVE-2017-1000368 (Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an ...)
+CVE-2017-1000368
 	{DLA-1011-1}
 	- sudo 1.8.20p1-1.1 (bug #863897)
 	[buster] - sudo 1.8.19p1-2.1
@@ -26520,7 +26518,7 @@ CVE-2017-1000368 (Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable
 	[jessie] - sudo 1.8.10p3-1+deb8u5
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/02/7
 	NOTE: https://www.sudo.ws/repos/sudo/raw-rev/15a46f4007dd
-CVE-2017-1000367 (Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an ...)
+CVE-2017-1000367
 	{DSA-3867-1 DLA-970-1}
 	- sudo 1.8.20p1-1 (bug #863731)
 	[buster] - sudo 1.8.19p1-2
@@ -26528,7 +26526,7 @@ CVE-2017-1000367 (Todd Miller's sudo version 1.8.20 and earlier is vulnerable to
 	NOTE: https://www.sudo.ws/alerts/linux_tty.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/30/16
 	NOTE: https://www.sudo.ws/repos/sudo/raw-rev/b5460cbbb11b
-CVE-2017-9310 (QEMU (aka Quick Emulator), when built with the e1000e NIC emulation ...)
+CVE-2017-9310
 	{DSA-3920-1}
 	- qemu 1:2.8+dfsg-7 (bug #863840)
 	[jessie] - qemu <not-affected> (Vulnerable code not present; e1000e introduced in 2.7.0-rc0)
@@ -26536,69 +26534,69 @@ CVE-2017-9310 (QEMU (aka Quick Emulator), when built with the e1000e NIC emulati
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4154c7e03fa55b4cf52509a83d50d6c09d743b7
-CVE-2017-9303 (Laravel 5.4.x before 5.4.22 does not properly constrain the host ...)
+CVE-2017-9303
 	NOT-FOR-US: Laravel
-CVE-2017-9302 (RealPlayer 16.0.2.32 allows remote attackers to cause a denial of ...)
+CVE-2017-9302
 	NOT-FOR-US: RealPlayer
-CVE-2017-9301 (plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media ...)
+CVE-2017-9301
 	- vlc 2.2.5.1-1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9300 (plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 ...)
+CVE-2017-9300
 	{DSA-4045-1}
 	- vlc 2.2.6-3
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3
-CVE-2017-9299 (Open Ticket Request System (OTRS) 3.3.9 has XSS in ...)
+CVE-2017-9299
 	NOTE: This report for OTRS is quite vague/unclear and upstream can
 	NOTE: not track the issue down to a specific fixed release claims though that
 	NOTE: it should not be reproducible with versions later than 3.3.17.
-CVE-2017-9298 (Cross-site scripting vulnerability in Hitachi Device Manager before ...)
+CVE-2017-9298
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9297 (Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 ...)
+CVE-2017-9297
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9296 (Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 ...)
+CVE-2017-9296
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9295 (XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi ...)
+CVE-2017-9295
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9294 (RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows ...)
+CVE-2017-9294
 	NOT-FOR-US: Hitacho Device Manager
 CVE-2017-9293
 	RESERVED
-CVE-2017-9292 (Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug ...)
+CVE-2017-9292
 	NOT-FOR-US: Lansweeper
 CVE-2017-9291
 	RESERVED
 CVE-2017-9290
 	RESERVED
-CVE-2017-9289 (Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS in ...)
+CVE-2017-9289
 	NOT-FOR-US: Bram Korsten Note
-CVE-2017-9288 (The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected ...)
+CVE-2017-9288
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-9286 (The packaging of NextCloud in openSUSE used /srv/www/htdocs in an ...)
+CVE-2017-9286
 	NOT-FOR-US: OpenSUSE specific packaging issue of NextCloud
-CVE-2017-9285 (NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions ...)
+CVE-2017-9285
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2017-9284 (IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive ...)
+CVE-2017-9284
 	NOT-FOR-US: IDM
-CVE-2017-9283 (An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus ...)
+CVE-2017-9283
 	NOT-FOR-US: Micro Focus VisiBroker
-CVE-2017-9282 (An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) ...)
+CVE-2017-9282
 	NOT-FOR-US: Micro Focus VisiBroker
-CVE-2017-9281 (An integer overflow (CWE-190) potentially causing an out-of-bounds ...)
+CVE-2017-9281
 	NOT-FOR-US: Micro Focus VisiBroker
-CVE-2017-9280 (Some NetIQ Identity Manager Applications before Identity Manager ...)
+CVE-2017-9280
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-9279 (NetIQ Identity Manager before 4.5.6.1 allowed uploading files with ...)
+CVE-2017-9279
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-9278 (The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS ...)
+CVE-2017-9278
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-9277 (The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to ...)
+CVE-2017-9277
 	NOT-FOR-US: Novell eDirectory
-CVE-2017-9276 (Novell Access Manager iManager before 4.3.3 did not validate ...)
+CVE-2017-9276
 	NOT-FOR-US: Novell Access Manager iManager
-CVE-2017-9275 (NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is ...)
+CVE-2017-9275
 	NOT-FOR-US: NetIQ Identity Reporting
-CVE-2017-9274 (A shell command injection in the obs-service-source_validator before ...)
+CVE-2017-9274
 	- osc 0.162.1-1 (bug #887391)
 	[stretch] - osc <no-dsa> (Minor issue)
 	[jessie] - osc <no-dsa> (Minor issue)
@@ -26607,127 +26605,127 @@ CVE-2017-9274 (A shell command injection in the obs-service-source_validator bef
 	NOTE: SUSE adressed the issue not only in the obs-service-source_validator
 	NOTE: and adding a validation in 0.162.0 when using OBS 2.9, cf.:
 	NOTE: https://github.com/openSUSE/osc/commit/f0325eb0b58c266eb0905ccf827dc7eb864378a1
-CVE-2017-9273 (The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be ...)
+CVE-2017-9273
 	NOT-FOR-US: IDM
-CVE-2017-9272 (The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be ...)
+CVE-2017-9272
 	NOT-FOR-US: IDM
-CVE-2017-9271 (The commandline package update tool zypper writes HTTP proxy ...)
+CVE-2017-9271
 	- zypper <unfixed> (low)
 	[buster] - zypper <ignored> (Minor issue)
 	[jessie] - zypper <ignored> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1050625
-CVE-2017-9270 (In cryptctl before version 2.0 a malicious server could send RPC ...)
+CVE-2017-9270
 	NOT-FOR-US: SuSE cryptctl
-CVE-2017-9269 (In libzypp before August 2018 GPG keys attached to YUM repositories ...)
+CVE-2017-9269
 	- libzypp 17.3.1-1 (bug #899065)
 	[jessie] - libzypp <ignored> (Minor issue)
-CVE-2017-9268 (In the open build service before 201707022 the wipetrigger and rebuild ...)
+CVE-2017-9268
 	- open-build-service <unfixed> (low)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1045519
-CVE-2017-9267 (In Novell eDirectory before 9.0.3.1 the LDAP interface was not ...)
+CVE-2017-9267
 	NOT-FOR-US: Novell eDirectory
 CVE-2017-9266
 	RESERVED
-CVE-2017-9265 (In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing ...)
+CVE-2017-9265
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863662)
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332965.html
 	NOTE: OpenFlow 1.5 support still incomplete
-CVE-2017-9264 (In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) ...)
+CVE-2017-9264
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863661)
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html
 	NOTE: Userspace data path not enabled in Debian packaging
-CVE-2017-9263 (In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status ...)
+CVE-2017-9263
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863655)
 	[jessie] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	[wheezy] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332966.html
 	NOTE: Controllers shipped in Debian not vulnerable, see #863655
-CVE-2017-9262 (In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c ...)
+CVE-2017-9262
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-10 (low; bug #863834)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/475
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4649578df8dcbfb2b08d8623d52486dc124da3a8
-CVE-2017-9261 (In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c ...)
+CVE-2017-9261
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-10 (low; bug #863833)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/476
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/01d522e990aa57cbe67d222dd5e8f7196cc6d199
-CVE-2017-9260 (The TDStretchSSE::calcCrossCorr function in ...)
+CVE-2017-9260
 	- soundtouch 1.9.2-3 (low; bug #870857)
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 	[jessie] - soundtouch 1.8.0-1+deb8u1
 	[wheezy] - soundtouch <no-dsa> (Minor issue)
-CVE-2017-9259 (The TDStretch::acceptNewOverlapLength function in ...)
+CVE-2017-9259
 	- soundtouch 1.9.2-3 (low; bug #870856)
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 	[jessie] - soundtouch 1.8.0-1+deb8u1
 	[wheezy] - soundtouch <no-dsa> (Minor issue)
-CVE-2017-9258 (The TDStretch::processSamples function in ...)
+CVE-2017-9258
 	- soundtouch 1.9.2-3 (low; bug #870854)
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 	[jessie] - soundtouch 1.8.0-1+deb8u1
 	[wheezy] - soundtouch <no-dsa> (Minor issue)
-CVE-2017-9257 (The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9257
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9256 (The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9256
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9255 (The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9255
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9254 (The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9254
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9253 (The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9253
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9287 (servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to ...)
+CVE-2017-9287
 	{DSA-3868-1 DLA-972-1}
 	- openldap 2.4.44+dfsg-5 (bug #863563)
 	NOTE: http://www.openldap.org/its/?findid=8655
 	NOTE: https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e
-CVE-2017-9252 (andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in ...)
+CVE-2017-9252
 	NOT-FOR-US: FineCMS
-CVE-2017-9251 (andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in ...)
+CVE-2017-9251
 	NOT-FOR-US: FineCMS
-CVE-2017-9250 (The lexer_process_char_literal function in ...)
+CVE-2017-9250
 	NOT-FOR-US: jerryscript
-CVE-2017-9249 (Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows ...)
+CVE-2017-9249
 	NOT-FOR-US: Allen Disk
-CVE-2017-9248 (Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 ...)
+CVE-2017-9248
 	NOT-FOR-US: Progress Telerik UI for ASP.NET AJAX
-CVE-2017-9247 (Multiple unquoted service path vulnerabilities in Sierra Wireless ...)
+CVE-2017-9247
 	NOT-FOR-US: Sierra Wireless Windows Mobile Broadband Driver Packages
-CVE-2017-9246 (New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe ...)
+CVE-2017-9246
 	NOT-FOR-US: New Relic .NET Agent
-CVE-2017-9245 (The Google News and Weather application before 3.3.1 for Android allows ...)
+CVE-2017-9245
 	NOT-FOR-US: Google News and Weather application for Android
-CVE-2017-9244 (Cross-site scripting (XSS) vulnerability in the Trello app before ...)
+CVE-2017-9244
 	NOT-FOR-US: Trello
-CVE-2017-9243 (Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 ...)
+CVE-2017-9243
 	NOT-FOR-US: Aries QWR-1104 Wireless-N Router
-CVE-2017-9242 (The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux ...)
+CVE-2017-9242
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: https://git.kernel.org/linus/232cd35d0804cc241eb887bb8d4d9b3b9881c64a
@@ -26735,7 +26733,7 @@ CVE-2017-9241
 	RESERVED
 CVE-2017-9240
 	RESERVED
-CVE-2017-9239 (An issue was discovered in Exiv2 0.26. When the data structure of the ...)
+CVE-2017-9239
 	{DLA-963-1}
 	- exiv2 0.25-3.1 (bug #863410)
 	[jessie] - exiv2 <ignored> (Minor issue)
@@ -26751,91 +26749,91 @@ CVE-2017-9235
 	RESERVED
 CVE-2017-9234
 	RESERVED
-CVE-2017-9233 (XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat ...)
+CVE-2017-9233
 	{DSA-3898-1 DLA-990-1}
 	- expat 2.2.1-1
 	NOTE: https://libexpat.github.io/doc/cve-2017-9233/
 	NOTE: https://github.com/libexpat/libexpat/commit/c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
-CVE-2017-9232 (Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses ...)
+CVE-2017-9232
 	- juju <removed>
-CVE-2017-9231 (XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x ...)
+CVE-2017-9231
 	NOT-FOR-US: Citrix
-CVE-2017-9230 (** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a ...)
+CVE-2017-9230
 	NOT-FOR-US: Bitcoin Proof-of-Work algorithm
-CVE-2017-9229 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in ...)
+CVE-2017-9229
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863318)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/issues/59
 	NOTE: https://github.com/kkos/oniguruma/commit/b690371bbf97794b4a1d3f295d4fb9a8b05d402d
-CVE-2017-9228 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in ...)
+CVE-2017-9228
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863316)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/3b63d12038c8d8fc278e81c942fa9bec7c704c8b
 	NOTE: https://github.com/kkos/oniguruma/issues/60
-CVE-2017-9227 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in ...)
+CVE-2017-9227
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863315)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814
 	NOTE: https://github.com/kkos/oniguruma/issues/58
-CVE-2017-9226 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in ...)
+CVE-2017-9226
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863314)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/b4bf968ad52afe14e60a2dc8a95d3555c543353a
 	NOTE: https://github.com/kkos/oniguruma/commit/f015fbdd95f76438cd86366467bb2b39870dd7c6
 	NOTE: https://github.com/kkos/oniguruma/issues/55
-CVE-2017-9225 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in ...)
+CVE-2017-9225
 	- libonig 6.1.3-2 (bug #863313)
 	[jessie] - libonig <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libonig <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/kkos/oniguruma/commit/166a6c3999bf06b4de0ab4ce6b088a468cc4029f
 	NOTE: https://github.com/kkos/oniguruma/issues/56
-CVE-2017-9224 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in ...)
+CVE-2017-9224
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863312)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b
 	NOTE: https://github.com/kkos/oniguruma/issues/57
-CVE-2017-9223 (The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9223
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9222 (The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware ...)
+CVE-2017-9222
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9221 (The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9221
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9220 (The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9220
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9219 (The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9219
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9218 (The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware ...)
+CVE-2017-9218
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9217 (systemd-resolved through 233 allows remote attackers to cause a denial ...)
+CVE-2017-9217
 	[experimental] - systemd 233-8
 	- systemd 232-24 (bug #863277)
 	[jessie] - systemd <not-affected> (vulnerable code introduced later)
 	[wheezy] - systemd <not-affected> (vulnerable code introduced later)
 	NOTE: https://github.com/systemd/systemd/pull/5998
-CVE-2017-9216 (libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and ...)
+CVE-2017-9216
 	- jbig2dec 0.13-5 (bug #863279)
 	[stretch] - jbig2dec <no-dsa> (Minor issue)
 	[jessie] - jbig2dec <no-dsa> (Minor issue)
@@ -26844,7 +26842,7 @@ CVE-2017-9216 (libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and ...)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3ebffb1d96ba0cacec23016eccb4047dab365853
 CVE-2017-9215
 	RESERVED
-CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an ...)
+CVE-2017-9214
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (bug #863228)
 	[stretch] - openvswitch <no-dsa> (Minor issue)
@@ -26853,169 +26851,169 @@ CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an ...)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html
 CVE-2017-9213
 	RESERVED
-CVE-2017-9212 (The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the ...)
+CVE-2017-9212
 	NOT-FOR-US: Bluetooth stack on the BMW 330i 2011
-CVE-2017-9211 (The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux ...)
+CVE-2017-9211
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/9933e113c2e87a9f46a40fde8dafbf801dca1ab9
-CVE-2017-9200 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9200
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9199 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9199
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9198 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9198
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9197 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9197
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9196 (libautotrace.a in AutoTrace 0.31.1 has a &quot;negative-size-param&quot; issue in ...)
+CVE-2017-9196
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9195 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9195
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9194 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9194
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9193 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9193
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9192 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9192
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9191 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9191
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9190 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9190
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9189 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9189
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9188 (libautotrace.a in AutoTrace 0.31.1 has a &quot;left shift ... cannot be ...)
+CVE-2017-9188
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9187 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9187
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9186 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9186
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9185 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9185
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9184 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9184
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9183 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9183
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9182 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9182
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9181 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9181
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9180 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9180
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9179 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9179
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9178 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9178
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9177 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9177
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9176 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9176
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9175 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9175
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9174 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9174
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9173 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9173
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9172 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9172
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9171 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9171
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9170 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9170
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9169 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9169
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9168 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9168
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9167 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9167
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9166 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9166
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9165 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9165
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9164 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9164
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9163 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9163
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9162 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9162
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9161 (libautotrace.a in AutoTrace 0.31.1 has a &quot;cannot be represented in type ...)
+CVE-2017-9161
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9160 (libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in ...)
+CVE-2017-9160
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9159 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9159
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9158 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9158
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9157 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9157
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9156 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9156
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9155 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9155
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9154 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a ...)
+CVE-2017-9154
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9153 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9153
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9152 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in ...)
+CVE-2017-9152
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9151 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
+CVE-2017-9151
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9150 (The do_check function in kernel/bpf/verifier.c in the Linux kernel ...)
+CVE-2017-9150
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/0d0e57697f162da4aa218b5feafe614fb666db07
-CVE-2017-9210 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of ...)
+CVE-2017-9210
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #863390)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -27023,7 +27021,7 @@ CVE-2017-9210 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/23/10
 	NOTE: https://github.com/qpdf/qpdf/issues/101
-CVE-2017-9209 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of ...)
+CVE-2017-9209
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #863390)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -27031,7 +27029,7 @@ CVE-2017-9209 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/23/10
 	NOTE: https://github.com/qpdf/qpdf/issues/100
-CVE-2017-9208 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of ...)
+CVE-2017-9208
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #863390)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -27039,149 +27037,149 @@ CVE-2017-9208 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/23/10
 	NOTE: https://github.com/qpdf/qpdf/issues/99
-CVE-2017-9207 (The iw_get_ui16be function in imagew-util.c:422:24 in ...)
+CVE-2017-9207
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9206 (The iw_get_ui16le function in imagew-util.c:405:23 in ...)
+CVE-2017-9206
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9205 (The iw_get_ui16be function in imagew-util.c:422:24 in ...)
+CVE-2017-9205
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9204 (The iw_get_ui16le function in imagew-util.c:405:23 in ...)
+CVE-2017-9204
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9203 (imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 ...)
+CVE-2017-9203
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9202 (imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows ...)
+CVE-2017-9202
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9201 (imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows ...)
+CVE-2017-9201
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9148 (The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before ...)
+CVE-2017-9148
 	{DLA-977-1}
 	- freeradius 3.0.12+dfsg-5 (bug #863673)
 	[jessie] - freeradius <not-affected> (Only affects 2.1.1 to 2.1.7 and 3.0 to 3.0.13)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/29/1
 	NOTE: http://freeradius.org/security.html#session-resumption-2017
 	NOTE: https://anonscm.debian.org/cgit/pkg-freeradius/freeradius.git/commit/?id=8d681449aa95ee4388b5e3c266bdb070a264f563
-CVE-2017-9147 (LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in ...)
+CVE-2017-9147
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-2 (bug #863185)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2693
-CVE-2017-9146 (The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through ...)
+CVE-2017-9146
 	- libytnef 1.9.3-1 (bug #862707)
 	[stretch] - libytnef <no-dsa> (Minor issue, can be fixed via a point update)
 	[jessie] - libytnef <no-dsa> (Minor issue, can be fixed via a point update)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/47
 	NOTE: https://github.com/Yeraze/ytnef/commit/c576639e7e6bd9c7de0a288b9f94590d34ac9215
-CVE-2017-9145 (TikiFilter.php in Tiki Wiki CMS Groupware 12.x through 16.x does not ...)
+CVE-2017-9145
 	- tikiwiki <removed>
-CVE-2017-11352 (In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash ...)
+CVE-2017-11352
 	{DSA-4040-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #868469)
 	[stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u1
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/502
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7f1f01b695e869c410ee10e2176f8fd764f09373
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/86cb33143c5b21912187403860a7c26761a3cd23
-CVE-2017-9144 (In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because ...)
+CVE-2017-9144
 	{DSA-3863-1 DLA-1081-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863126)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7fdf9ea808caa3c81a0eb42656e5fafc59084198
-CVE-2017-9142 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion ...)
+CVE-2017-9142
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863125)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/490
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/72f5c8632bff2daf3c95005f9b4cf2982786b52a
-CVE-2017-9141 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion ...)
+CVE-2017-9141
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863124)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/489
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f5910e91b0778e03ded45b9022be8eb8f77942cd
-CVE-2017-9143 (In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c ...)
+CVE-2017-9143
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863123)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/456
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b8c1df65b25d6671f113e2306982eded44ce3b4
-CVE-2017-9140 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-9140
 	NOT-FOR-US: Telerik
-CVE-2017-9139 (There is a stack-based buffer overflow on some Tenda routers ...)
+CVE-2017-9139
 	NOT-FOR-US: Tenda
-CVE-2017-9138 (There is a debug-interface vulnerability on some Tenda routers ...)
+CVE-2017-9138
 	NOT-FOR-US: Tenda
-CVE-2017-9137 (Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default ...)
+CVE-2017-9137
 	NOT-FOR-US: Ceragon FibeAir
-CVE-2017-9136 (An issue was discovered on Mimosa Client Radios before 2.2.3. In the ...)
+CVE-2017-9136
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9135 (An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa ...)
+CVE-2017-9135
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9134 (An information-leakage issue was discovered on Mimosa Client Radios ...)
+CVE-2017-9134
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9133 (An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa ...)
+CVE-2017-9133
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9132 (A hard-coded credentials issue was discovered on Mimosa Client Radios ...)
+CVE-2017-9132
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9131 (An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa ...)
+CVE-2017-9131
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9130 (The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio ...)
+CVE-2017-9130
 	- faac 1.29+git20170704-1 (bug #865909)
 	[stretch] - faac <no-dsa> (Non-free not supported)
 	[jessie] - faac <no-dsa> (Non-free not supported)
 	NOTE: https://www.exploit-db.com/exploits/42207/
-CVE-2017-9129 (The wav_open_read function in frontend/input.c in Freeware Advanced ...)
+CVE-2017-9129
 	- faac 1.29+git20170704-1 (bug #865909)
 	[stretch] - faac <no-dsa> (Non-free not supported)
 	[jessie] - faac <no-dsa> (Non-free not supported)
 	NOTE: https://www.exploit-db.com/exploits/42207/
-CVE-2017-9128 (The quicktime_video_width function in lqt_quicktime.c in libquicktime ...)
+CVE-2017-9128
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9127 (The quicktime_user_atoms_read_atom function in useratoms.c in ...)
+CVE-2017-9127
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9126 (The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 ...)
+CVE-2017-9126
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9125 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime ...)
+CVE-2017-9125
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9124 (The quicktime_match_32 function in util.c in libquicktime 1.2.4 allows ...)
+CVE-2017-9124
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9123 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime ...)
+CVE-2017-9123
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9122 (The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows ...)
+CVE-2017-9122
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9121
 	RESERVED
-CVE-2017-9120 (PHP 7.x through 7.1.5 allows remote attackers to cause a denial of ...)
+CVE-2017-9120
 	- php7.2 <unfixed> (unimportant)
 	- php7.1 <removed> (unimportant)
 	- php7.0 <removed> (unimportant)
 	- php5 <not-affected> (Not reproducible, vulnerable code not present.)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74544
 	NOTE: Not treated as a security issue by upstream
-CVE-2017-9119 (The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 ...)
+CVE-2017-9119
 	- php7.1 <removed> (unimportant)
 	- php7.0 <removed> (unimportant)
 	- php5 <unfixed> (unimportant)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74593
 	NOTE: Only triggerable by malicious script
-CVE-2017-9118 (PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a ...)
+CVE-2017-9118
 	- php7.2 <unfixed> (unimportant)
 	- php7.1 <removed> (unimportant)
 	- php7.0 <removed> (unimportant)
@@ -27189,54 +27187,54 @@ CVE-2017-9118 (PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl vi
 	NOTE: Check for Jessie again as soon as more information are available.
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74604
 	NOTE: Not treated as a security issue by upstream
-CVE-2017-9117 (In LibTIFF 4.0.7, the program processes BMP images without verifying ...)
+CVE-2017-9117
 	- tiff <unfixed> (unimportant)
 	- tiff3 <not-affected> (Does not ship libtiff-tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2690
 	NOTE: bmp2tiff utility removed in 4.0.6-3 and 4.0.3-12.3+deb8u2
-CVE-2017-9116 (In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function ...)
+CVE-2017-9116
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function ...)
+CVE-2017-9115
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ...)
+CVE-2017-9114
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9113 (In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...)
+CVE-2017-9113
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9112 (In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ...)
+CVE-2017-9112
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9111 (In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ...)
+CVE-2017-9111
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9110 (In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function ...)
+CVE-2017-9110
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
@@ -27259,34 +27257,34 @@ CVE-2017-9103
 	RESERVED
 CVE-2017-9102
 	RESERVED
-CVE-2017-9101 (import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows ...)
+CVE-2017-9101
 	NOT-FOR-US: PlaySMS
-CVE-2017-9100 (login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote ...)
+CVE-2017-9100
 	NOT-FOR-US: D-Link
 CVE-2017-9099
 	RESERVED
-CVE-2017-9098 (ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use ...)
+CVE-2017-9098
 	{DSA-3863-1 DLA-1456-1 DLA-960-1 DLA-953-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #862967)
 	- graphicsmagick 1.3.24-1
 	NOTE: ImageMagick fix: https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b
 	NOTE: GraphicsMagick fix: http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c
 	NOTE: https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html
-CVE-2017-9097 (In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through ...)
+CVE-2017-9097
 	NOT-FOR-US: Anti-Web
-CVE-2017-9096 (The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not ...)
+CVE-2017-9096
 	NOT-FOR-US: iText
-CVE-2017-9095 (XXE in Diving Log 6.0 allows attackers to remotely view local files ...)
+CVE-2017-9095
 	NOT-FOR-US: Diving Log
-CVE-2017-9094 (The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ...)
+CVE-2017-9094
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9093 (The my_skip_input_data_fn function in imagew-jpeg.c in ...)
+CVE-2017-9093
 	NOT-FOR-US: ImageWorsener
 CVE-2017-9092
 	RESERVED
-CVE-2017-9091 (/admin/loginc.php in Allen Disk 1.6 doesn't check if ...)
+CVE-2017-9091
 	NOT-FOR-US: Allen Disk
-CVE-2017-9090 (reg.php in Allen Disk 1.6 doesn't check if ...)
+CVE-2017-9090
 	NOT-FOR-US: Allen Disk
 CVE-2017-9089
 	RESERVED
@@ -27296,11 +27294,11 @@ CVE-2017-9087
 	RESERVED
 CVE-2017-9086
 	RESERVED
-CVE-2017-9085 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 6.5 ...)
+CVE-2017-9085
 	NOT-FOR-US: Kodak InSite
 CVE-2017-9084
 	RESERVED
-CVE-2017-9083 (poppler 0.54.0, as used in Evince and other products, has a NULL ...)
+CVE-2017-9083
 	- poppler <unfixed> (unimportant; bug #863016)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101084
 	NOTE: Does not use JPX decoder but openjpeg; affected only source wise
@@ -27308,48 +27306,48 @@ CVE-2017-9082
 	RESERVED
 CVE-2017-9081
 	RESERVED
-CVE-2017-9080 (PlaySMS 1.4 allows remote code execution because PHP code in the name ...)
+CVE-2017-9080
 	NOT-FOR-US: PlaySMS
-CVE-2017-9079 (Dropbear before 2017.75 might allow local users to read certain files ...)
+CVE-2017-9079
 	{DSA-3859-1 DLA-948-1}
 	- dropbear 2016.74-5 (bug #862970)
 	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
-CVE-2017-9078 (The server in Dropbear before 2017.75 might allow post-authentication ...)
+CVE-2017-9078
 	{DSA-3859-1}
 	- dropbear 2016.74-5 (bug #862970)
 	[wheezy] - dropbear <not-affected> (Vulnerable code not present)
 	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
-CVE-2017-9077 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux ...)
+CVE-2017-9077
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
-CVE-2017-9076 (The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux ...)
+CVE-2017-9076
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
-CVE-2017-9075 (The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux ...)
+CVE-2017-9075
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8
-CVE-2017-9074 (The IPv6 fragmentation implementation in the Linux kernel through ...)
+CVE-2017-9074
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2423496af35d94a87156b063ea5cedffc10a70a1
 CVE-2017-9073
 	REJECTED
-CVE-2017-9072 (Two CalendarXP products have XSS in common parts of HTML files. ...)
+CVE-2017-9072
 	NOT-FOR-US: CalendarXP
-CVE-2017-9071 (In MODX Revolution before 2.5.7, an attacker might be able to trigger ...)
+CVE-2017-9071
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9070 (In MODX Revolution before 2.5.7, a user with resource edit permissions ...)
+CVE-2017-9070
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9069 (In MODX Revolution before 2.5.7, a user with file upload permissions is ...)
+CVE-2017-9069
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9068 (In MODX Revolution before 2.5.7, an attacker is able to trigger ...)
+CVE-2017-9068
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9067 (In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is ...)
+CVE-2017-9067
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9060 (Memory leak in the virtio_gpu_set_scanout function in ...)
+CVE-2017-9060
 	- qemu 1:2.10.0-1 (unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -27358,7 +27356,7 @@ CVE-2017-9060 (Memory leak in the virtio_gpu_set_scanout function in ...)
 	NOTE: virtio gpu (virglrenderer) and opengl, but the affected code is
 	NOTE: still present.
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=dd248ed7e204ee8a1873914e02b8b526e8f1b80d
-CVE-2017-9059 (The NFSv4 implementation in the Linux kernel through 4.11.1 allows ...)
+CVE-2017-9059
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Introduced in 4.9)
 	[wheezy] - linux <not-affected> (Introduced in 4.9)
@@ -27366,31 +27364,31 @@ CVE-2017-9057
 	RESERVED
 CVE-2017-9056
 	RESERVED
-CVE-2017-9055 (An issue, also known as DW201703-001, was discovered in libdwarf ...)
+CVE-2017-9055
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-001
-CVE-2017-9054 (An issue, also known as DW201703-002, was discovered in libdwarf ...)
+CVE-2017-9054
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-002
-CVE-2017-9053 (An issue, also known as DW201703-005, was discovered in libdwarf ...)
+CVE-2017-9053
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-005
-CVE-2017-9052 (An issue, also known as DW201703-006, was discovered in libdwarf ...)
+CVE-2017-9052
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-006
-CVE-2017-9051 (libav before 12.1 is vulnerable to an invalid read of size 1 due to ...)
+CVE-2017-9051
 	- libav <removed> (low)
 	[jessie] - libav <not-affected> (Tested with the original reproducer, 0.11 branch not vulnerable)
 	[wheezy] - libav <not-affected> (Tested with the original reproducer, 0.8 branch not vulnerable)
@@ -27398,94 +27396,94 @@ CVE-2017-9051 (libav before 12.1 is vulnerable to an invalid read of size 1 due
 	NOTE: Fix in libav: https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24.patch
 	NOTE: Fix in ffmpeg: https://github.com/FFmpeg/FFmpeg/commit/8d7ce5cdb707d4b22749f72d3f118e62e2b95cd3
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1039
-CVE-2017-9050 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
+CVE-2017-9050
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863018)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781361 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3
-CVE-2017-9049 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
+CVE-2017-9049
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863019)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781205 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3
-CVE-2017-9048 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based ...)
+CVE-2017-9048
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863021)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781701 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74
-CVE-2017-9047 (A buffer overflow was discovered in libxml2 ...)
+CVE-2017-9047
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863022)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781333 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74
-CVE-2017-9046 (winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code ...)
+CVE-2017-9046
 	NOT-FOR-US: Pegasus Mail
-CVE-2017-9045 (The Google I/O 2017 application before 5.1.4 for Android downloads ...)
+CVE-2017-9045
 	NOT-FOR-US: Google I/O 2017 application
-CVE-2017-9044 (The print_symbol_for_build_attribute function in readelf.c in GNU ...)
+CVE-2017-9044
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
-CVE-2017-9043 (readelf.c in GNU Binutils 2017-04-12 has a &quot;shift exponent too large ...)
+CVE-2017-9043
 	- binutils 2.29-1 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ddef72cdc10d82ba011a7ff81cafbbd3466acf54
-CVE-2017-9042 (readelf.c in GNU Binutils 2017-04-12 has a &quot;cannot be represented in ...)
+CVE-2017-9042
 	- binutils 2.29-1 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
-CVE-2017-9041 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
+CVE-2017-9041
 	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75ec1fdbb797a389e4fe4aaf2e15358a070dcc19
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c4ab9505b53cdc899506ed421fddb7e1f8faf7a3
-CVE-2017-9040 (GNU Binutils 2017-04-03 allows remote attackers to cause a denial of ...)
+CVE-2017-9040
 	- binutils 2.29-1 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
-CVE-2017-9039 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
+CVE-2017-9039
 	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=82156ab704b08b124d319c0decdbd48b3ca2dac5
-CVE-2017-9038 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
+CVE-2017-9038
 	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f32ba72991d2406b21ab17edc234a2f3fa7fb23d
-CVE-2017-9037 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ...)
+CVE-2017-9037
 	NOT-FOR-US: Trend Micro
-CVE-2017-9036 (Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local ...)
+CVE-2017-9036
 	NOT-FOR-US: Trend Micro
-CVE-2017-9035 (Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows ...)
+CVE-2017-9035
 	NOT-FOR-US: Trend Micro
-CVE-2017-9034 (Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows ...)
+CVE-2017-9034
 	NOT-FOR-US: Trend Micro
-CVE-2017-9033 (Cross-site request forgery (CSRF) vulnerability in Trend Micro ...)
+CVE-2017-9033
 	NOT-FOR-US: Trend Micro
-CVE-2017-9032 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ...)
+CVE-2017-9032
 	NOT-FOR-US: Trend Micro
-CVE-2017-9058 (In libytnef in ytnef through 1.9.2, there is a heap-based buffer ...)
+CVE-2017-9058
 	- libytnef 1.9.2-2 (low; bug #862556)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/45
-CVE-2017-9030 (The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 ...)
+CVE-2017-9030
 	NOT-FOR-US: Joomla extension
 CVE-2017-9029
 	RESERVED
@@ -27493,48 +27491,48 @@ CVE-2017-9028
 	RESERVED
 CVE-2017-9027
 	RESERVED
-CVE-2017-9026 (Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) ...)
+CVE-2017-9026
 	NOT-FOR-US: HooHoo Trip Mate
-CVE-2017-9025 (Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) ...)
+CVE-2017-9025
 	NOT-FOR-US: HooHoo Trip Mate
-CVE-2017-9066 (In WordPress before 4.7.5, there is insufficient redirect validation in ...)
+CVE-2017-9066
 	{DLA-1075-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	[jessie] - wordpress 4.1+dfsg-1+deb8u16
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
-CVE-2017-9065 (In WordPress before 4.7.5, there is a lack of capability checks for ...)
+CVE-2017-9065
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
-CVE-2017-9064 (In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) ...)
+CVE-2017-9064
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
-CVE-2017-9063 (In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...)
+CVE-2017-9063
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
-CVE-2017-9062 (In WordPress before 4.7.5, there is improper handling of post meta data ...)
+CVE-2017-9062
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
-CVE-2017-9061 (In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...)
+CVE-2017-9061
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
-CVE-2017-9024 (Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes ...)
+CVE-2017-9024
 	NOT-FOR-US: Secure Bytes Cisco Configuration Manager
-CVE-2017-9023 (The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE ...)
+CVE-2017-9023
 	{DSA-3866-1 DLA-973-1}
 	- strongswan 5.5.1-4
 	NOTE: upstream fix https://git.strongswan.org/?p=strongswan.git;a=commit;h=407fcca200fdf6a41a04ac0885a770b6b53c5d23
-CVE-2017-9022 (The gmp plugin in strongSwan before 5.5.3 does not properly validate ...)
+CVE-2017-9022
 	{DSA-3866-1 DLA-973-1}
 	- strongswan 5.5.1-4
 	NOTE: upstream fix https://git.strongswan.org/?p=strongswan.git;a=commit;h=6681d98d18d24b31410fc12c3d61f150107481b3
@@ -27574,13 +27572,13 @@ CVE-2017-9005
 	RESERVED
 CVE-2017-9004
 	RESERVED
-CVE-2017-9003 (Multiple memory corruption flaws are present in ArubaOS which could ...)
+CVE-2017-9003
 	NOT-FOR-US: Aruba
-CVE-2017-9002 (All versions of Aruba ClearPass prior to 6.6.8 contain reflected ...)
+CVE-2017-9002
 	NOT-FOR-US: Aruba
-CVE-2017-9001 (Aruba ClearPass 6.6.3 and later includes a feature called &quot;SSH ...)
+CVE-2017-9001
 	NOT-FOR-US: Aruba
-CVE-2017-9000 (ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x ...)
+CVE-2017-9000
 	NOT-FOR-US: Aruba
 CVE-2017-8999
 	RESERVED
@@ -27592,127 +27590,127 @@ CVE-2017-8996
 	RESERVED
 CVE-2017-8995
 	RESERVED
-CVE-2017-8994 (A input validation vulnerability in HPE Operations Orchestration ...)
+CVE-2017-8994
 	NOT-FOR-US: HPE
-CVE-2017-8993 (A Remote Cross-Site Scripting vulnerability in HPE Project and ...)
+CVE-2017-8993
 	NOT-FOR-US: HPE Project and Portfolio Management
-CVE-2017-8992 (HPE has identified a remote privilege escalation vulnerability in HPE ...)
+CVE-2017-8992
 	NOT-FOR-US: HPE
-CVE-2017-8991 (HPE has identified a cross site scripting (XSS) vulnerability in HPE ...)
+CVE-2017-8991
 	NOT-FOR-US: HPE
-CVE-2017-8990 (A remote code execution vulnerability was identified in HPE ...)
+CVE-2017-8990
 	NOT-FOR-US: HPE
-CVE-2017-8989 (A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, ...)
+CVE-2017-8989
 	NOT-FOR-US: HPE
-CVE-2017-8988 (A Remote Bypass of Security Restrictions vulnerability was identified ...)
+CVE-2017-8988
 	NOT-FOR-US: HPE
-CVE-2017-8987 (A Unauthenticated Remote Denial of Service vulnerability was ...)
+CVE-2017-8987
 	NOT-FOR-US: HPE
 CVE-2017-8986
 	RESERVED
-CVE-2017-8985 (HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local ...)
+CVE-2017-8985
 	NOT-FOR-US: HPE XP Storage
-CVE-2017-8984 (A remote code execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8984
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8983 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8983
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8982 (A Remote Authentication Restriction Bypass vulnerability in HPE ...)
+CVE-2017-8982
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8981 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8981
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8980 (A Remote Disclosure of Information vulnerability in HPE Intelligent ...)
+CVE-2017-8980
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8979 (Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) ...)
+CVE-2017-8979
 	NOT-FOR-US: HPE Integrated Lights-Out 2 (iLO 2) firmware
-CVE-2017-8978 (A Remote Unauthorized Disclosure of Information vulnerability in HPE ...)
+CVE-2017-8978
 	NOT-FOR-US: HPE IceWall Products
-CVE-2017-8977 (A Remote Denial of Service vulnerability in Hewlett Packard Enterprise ...)
+CVE-2017-8977
 	NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance
-CVE-2017-8976 (A Remote Code Execution vulnerability in Hewlett Packard Enterprise ...)
+CVE-2017-8976
 	NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance
-CVE-2017-8975 (A Remote Code Execution vulnerability in Hewlett Packard Enterprise ...)
+CVE-2017-8975
 	NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance
-CVE-2017-8974 (A Local Authentication Restriction Bypass vulnerability in HPE NonStop ...)
+CVE-2017-8974
 	NOT-FOR-US: HPE NonStop Server
-CVE-2017-8973 (An improper input validation vulnerability in HPE Matrix Operating ...)
+CVE-2017-8973
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8972 (A clickjacking vulnerability in HPE Matrix Operating Environment ...)
+CVE-2017-8972
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8971 (A clickjacking vulnerability in HPE Matrix Operating Environment ...)
+CVE-2017-8971
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8970 (A remote unauthenticated disclosure of information vulnerability in ...)
+CVE-2017-8970
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8969 (An improper input validation vulnerability in HPE Insight Control ...)
+CVE-2017-8969
 	NOT-FOR-US: HPE Insight Control
-CVE-2017-8968 (A remote execution of arbitrary code vulnerability has been identified ...)
+CVE-2017-8968
 	NOT-FOR-US: HPE
-CVE-2017-8967 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
+CVE-2017-8967
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8966 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
+CVE-2017-8966
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8965 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
+CVE-2017-8965
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8964 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
+CVE-2017-8964
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8963 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
+CVE-2017-8963
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8962 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
+CVE-2017-8962
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8961 (A directory traversal vulnerability in HPE Intelligent Management ...)
+CVE-2017-8961
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8960 (An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 ...)
+CVE-2017-8960
 	NOT-FOR-US: HPE MSA
-CVE-2017-8959 (An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA ...)
+CVE-2017-8959
 	NOT-FOR-US: HPE MSA
-CVE-2017-8958 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8958
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8957 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8957
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8956 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8956
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8955 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8955
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8954 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-8954
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8953 (A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner ...)
+CVE-2017-8953
 	NOT-FOR-US: HPE LoadRunner
-CVE-2017-8952 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope ...)
+CVE-2017-8952
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8951 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope ...)
+CVE-2017-8951
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8950 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope ...)
+CVE-2017-8950
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8949 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope ...)
+CVE-2017-8949
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8948 (A Remote Bypass Security Restriction vulnerability in HPE Network Node ...)
+CVE-2017-8948
 	NOT-FOR-US: HPE Network Node Manager
-CVE-2017-8947 (A Remote Code Execution vulnerability in HPE UCMDB version v10.10, ...)
+CVE-2017-8947
 	NOT-FOR-US: HPE UCMDB
-CVE-2017-8946 (A Remote Code Execution vulnerability in HPE Aruba AirWave Glass ...)
+CVE-2017-8946
 	NOT-FOR-US: HPE Aruba AirWave Glass
-CVE-2017-8945 (A Remote Unauthorized Disclosure of Information vulnerability in HPE ...)
+CVE-2017-8945
 	NOT-FOR-US: HPE IceWall Federation Agent
-CVE-2017-8944 (A Remote Disclosure of Information vulnerability in HPE Cloud ...)
+CVE-2017-8944
 	NOT-FOR-US: HPE Cloud Optimizer
-CVE-2017-8943 (The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates ...)
+CVE-2017-8943
 	NOT-FOR-US: PUMA PUMATRAC app
-CVE-2017-8942 (The YottaMark ShopWell - Healthy Diet &amp; Grocery Food Scanner app 5.3.7 ...)
+CVE-2017-8942
 	NOT-FOR-US: YottaMark ShopWell app
-CVE-2017-8941 (The Interval International app 3.3 through 3.5.1 for iOS does not ...)
+CVE-2017-8941
 	NOT-FOR-US: Interval International app
-CVE-2017-8940 (The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS ...)
+CVE-2017-8940
 	NOT-FOR-US: Zipongo app
-CVE-2017-8939 (The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not ...)
+CVE-2017-8939
 	NOT-FOR-US: ellentube app
-CVE-2017-8938 (The Radio Javan app 9.3.4 through 9.6.1 for iOS does not verify X.509 ...)
+CVE-2017-8938
 	NOT-FOR-US: Radio Javan app
-CVE-2017-8937 (The Life Before Us Yo app 2.5.8 for iOS does not verify X.509 ...)
+CVE-2017-8937
 	NOT-FOR-US: Life Before Us Yo app
-CVE-2017-8936 (The MoboTap Dolphin Web Browser - Fast Private Internet Search app ...)
+CVE-2017-8936
 	NOT-FOR-US: MoboTap Dolphin Web Browser
-CVE-2017-8935 (The Quest Information Systems Indiana Voters app 1.1.24 for iOS does ...)
+CVE-2017-8935
 	NOT-FOR-US: Quest Information Systems Indiana Voters app
-CVE-2017-8932 (A bug in the standard library ScalarMult implementation of curve P-256 ...)
+CVE-2017-8932
 	- golang-1.8 1.8.3-1 (bug #863307)
 	[stretch] - golang-1.8 <ignored> (Minor issue, would require builds of all go packages in stable)
 	- golang-1.7 1.7.6-1 (bug #863308)
@@ -27724,46 +27722,46 @@ CVE-2017-8932 (A bug in the standard library ScalarMult implementation of curve
 	NOTE: Upstream patch: https://golang.org/cl/41070
 	NOTE: Fix for 1.7: https://go-review.googlesource.com/c/43773
 	NOTE: Fix for 1.8: https://go-review.googlesource.com/c/43770
-CVE-2017-8931 (Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow ...)
+CVE-2017-8931
 	NOT-FOR-US: Bitdefender
-CVE-2017-8930 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simple ...)
+CVE-2017-8930
 	NOT-FOR-US: Simple Invoices
-CVE-2017-8929 (The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 ...)
+CVE-2017-8929
 	- yara 3.6.0+dfsg-1
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/658
 	NOTE: https://github.com/VirusTotal/yara/commit/053e67e3ec81cc9268ce30eaf0d6663d8639ed1e
-CVE-2017-8928 (mailcow 0.14, as used in &quot;mailcow: dockerized&quot; and other products, has ...)
+CVE-2017-8928
 	NOT-FOR-US: mailcow
-CVE-2017-9031 (The WebUI component in Deluge before 1.3.15 contains a directory ...)
+CVE-2017-9031
 	{DSA-3856-1 DLA-943-1}
 	- deluge 1.3.13+git20161130.48cedf63-3 (bug #862611)
 	NOTE: http://dev.deluge-torrent.org/wiki/ReleaseNotes/1.3.15
 	NOTE: Fixed by: http://git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=41acade01ae88f7b7bbdba308a0886771aa582fd
-CVE-2017-8934 (PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local ...)
+CVE-2017-8934
 	- pcmanfm 1.2.5-3 (low; bug #862571)
 	[jessie] - pcmanfm <no-dsa> (Minor issue)
 	[wheezy] - pcmanfm <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://git.lxde.org/gitweb/?p=lxde/pcmanfm.git;a=commitdiff;h=bc8c3d871e9ecc67c47ff002b68cf049793faf08
-CVE-2017-8933 (Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a ...)
+CVE-2017-8933
 	- menu-cache 1.0.2-3 (low; bug #862570)
 	[jessie] - menu-cache <no-dsa> (Minor issue)
 	[wheezy] - menu-cache <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://git.lxde.org/gitweb/?p=lxde/menu-cache.git;a=commitdiff;h=56f66684592abf257c4004e6e1fff041c64a12ce
-CVE-2017-8927 (Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause ...)
+CVE-2017-8927
 	NOT-FOR-US: Larson VizEx Reader
-CVE-2017-8926 (Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to ...)
+CVE-2017-8926
 	NOT-FOR-US: Halliburton LogView Pro
-CVE-2017-8925 (The omninet_open function in drivers/usb/serial/omninet.c in the Linux ...)
+CVE-2017-8925
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.16-1 (low)
 	NOTE: Fixed by: https://git.kernel.org/linus/30572418b445d85fcfe6c8fe84c947d2606767d8
-CVE-2017-8924 (The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the ...)
+CVE-2017-8924
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.16-1 (low)
 	NOTE: Fixed by: https://git.kernel.org/linus/654b404f2a222f918af9b0cd18ad469d0c941a8e
-CVE-2017-8923 (The zend_string_extend function in Zend/zend_string.h in PHP through ...)
+CVE-2017-8923
 	- php7.1 <removed> (bug #881539)
 	- php7.0 <removed> (bug #881538)
 	[stretch] - php7.0 <ignored> (Minor issue)
@@ -27771,31 +27769,31 @@ CVE-2017-8923 (The zend_string_extend function in Zend/zend_string.h in PHP thro
 	NOTE: (Duplicate of) PHP Bug: https://bugs.php.net/bug.php?id=73122
 CVE-2017-8922
 	RESERVED
-CVE-2017-8921 (In FlightGear before 2017.2.1, the FGCommand interface allows ...)
+CVE-2017-8921
 	- flightgear 1:2016.4.4+dfsg-3 (bug #862689)
 	[jessie] - flightgear 3.0.0-5+deb8u2
 	NOTE: Fixed by: https://sourceforge.net/p/flightgear/flightgear/ci/faf872e7f71ca14c567ac7080561fc785d8d2fd0/ (next)
 	NOTE: Fixed by: https://sourceforge.net/p/flightgear/flightgear/ci/19ab09406e4249f2c6f8ac51938258d1c51eace0/ (2016.4)
 	NOTE: Fixed by: https://sourceforge.net/p/flightgear/flightgear/ci/c8250b10bb9a116889f831d2299678b0ef70fec2/ (3.0.0)
-CVE-2017-8920 (irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the ...)
+CVE-2017-8920
 	- cgiirc <removed>
-CVE-2017-8919 (NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password ...)
+CVE-2017-8919
 	NOT-FOR-US: NetApp
-CVE-2017-8918 (XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - ...)
+CVE-2017-8918
 	NOT-FOR-US: Dive Assistant
-CVE-2017-8917 (SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows ...)
+CVE-2017-8917
 	NOT-FOR-US: Joomla!
-CVE-2017-8916 (In Center for Internet Security CIS-CAT Pro Dashboard before 1.0.4, an ...)
+CVE-2017-8916
 	NOT-FOR-US: Center for Internet Security CIS-CAT Pro Dashboard
-CVE-2017-8915 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers ...)
+CVE-2017-8915
 	NOT-FOR-US: SAP
-CVE-2017-8914 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers ...)
+CVE-2017-8914
 	NOT-FOR-US: SAP
-CVE-2017-8913 (The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 ...)
+CVE-2017-8913
 	NOT-FOR-US: SAP
-CVE-2017-8912 (** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote ...)
+CVE-2017-8912
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-8911 (An integer underflow has been identified in the unicode_to_utf8() ...)
+CVE-2017-8911
 	{DSA-3869-1 DLA-962-1}
 	- tnef 1.4.12-1.2 (bug #862442)
 	NOTE: https://github.com/verdammelt/tnef/issues/23
@@ -27804,41 +27802,41 @@ CVE-2017-8910
 	RESERVED
 CVE-2017-8909
 	RESERVED
-CVE-2017-8908 (The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 ...)
+CVE-2017-8908
 	- ghostscript 9.22~dfsg-1 (unimportant)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697810
 	NOTE: edgebuffer scan converter was made default only in: http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308
 	NOTE: But the vulnerable code via base/gxscan.c, a new scan converter introduced in 9.20 is present.
-CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not ...)
+CVE-2017-8907
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the x86 ...)
+CVE-2017-8906
 	- x265 <not-affected> (Affected code is not enabled)
 	NOTE: https://bitbucket.org/multicoreware/x265/issues/345/integer-underflow-in-x265-source-common
 CVE-2017-8902
 	RESERVED
 CVE-2017-8901
 	RESERVED
-CVE-2017-8900 (LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, ...)
+CVE-2017-8900
 	- lightdm <not-affected> (No guest account support in Debian, cf. #661230)
-CVE-2017-8899 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
+CVE-2017-8899
 	NOT-FOR-US: Invision Power Services
-CVE-2017-8898 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
+CVE-2017-8898
 	NOT-FOR-US: Invision Power Services
-CVE-2017-8897 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
+CVE-2017-8897
 	NOT-FOR-US: Invision Power Services
-CVE-2017-8896 (ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before ...)
+CVE-2017-8896
 	- owncloud <removed>
-CVE-2017-8895 (In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before ...)
+CVE-2017-8895
 	NOT-FOR-US: Veritas
-CVE-2017-8894 (AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software ...)
+CVE-2017-8894
 	NOT-FOR-US: AeroAdmin
-CVE-2017-8893 (AeroAdmin 4.1 uses a function to copy data between two pointers where ...)
+CVE-2017-8893
 	NOT-FOR-US: AeroAdmin
-CVE-2017-8892 (Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 ...)
+CVE-2017-8892
 	NOT-FOR-US: OpenText Tempo Box
-CVE-2017-8891 (Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a ...)
+CVE-2017-8891
 	- lepton 1.2.1+20170405-1 (bug #862446)
 	NOTE: https://github.com/dropbox/lepton/issues/87
 	NOTE: https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346
@@ -27862,85 +27860,85 @@ CVE-2017-8881
 	RESERVED
 CVE-2017-8880
 	RESERVED
-CVE-2017-8879 (Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the ...)
+CVE-2017-8879
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
-CVE-2017-8878 (ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 ...)
+CVE-2017-8878
 	NOT-FOR-US: ASUS
-CVE-2017-8877 (ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 ...)
+CVE-2017-8877
 	NOT-FOR-US: ASUS
-CVE-2017-8890 (The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in ...)
+CVE-2017-8890
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/657831ffc38e30092a2d5f03d385d710eb88b09a
-CVE-2017-8876 (Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to ...)
+CVE-2017-8876
 	NOT-FOR-US: Symphony CMS
-CVE-2017-8875 (CSRF in the Clean Login plugin before 1.8 for WordPress allows remote ...)
+CVE-2017-8875
 	NOT-FOR-US: Wordpress addon
-CVE-2017-8874 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic ...)
+CVE-2017-8874
 	NOT-FOR-US: Mautic
 CVE-2017-8873
 	RESERVED
-CVE-2017-8872 (The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 ...)
+CVE-2017-8872
 	- libxml2 2.9.4+dfsg1-6.1 (bug #862450)
 	[stretch] - libxml2 <no-dsa> (Minor issue)
 	[jessie] - libxml2 <no-dsa> (Minor issue)
 	[wheezy] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775200
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/123234f2cfcd9e9b9f83047eee1dc17b4c3f4407
-CVE-2017-8871 (The cr_parser_parse_selector_core function in cr-parser.c in libcroco ...)
+CVE-2017-8871
 	- libcroco <unfixed> (bug #864666; low)
 	[buster] - libcroco <no-dsa> (Minor issue)
 	[stretch] - libcroco <no-dsa> (Minor issue)
 	[jessie] - libcroco <no-dsa> (Minor issue)
 	[wheezy] - libcroco <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=782649
-CVE-2017-8870 (Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute ...)
+CVE-2017-8870
 	NOT-FOR-US: AudioCoder
-CVE-2017-8869 (Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to ...)
+CVE-2017-8869
 	NOT-FOR-US: MediaCoder
-CVE-2017-8868 (acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via ...)
+CVE-2017-8868
 	NOT-FOR-US: flatCore
-CVE-2017-8867 (Elemental Path's CogniToys Dino smart toys through firmware version ...)
+CVE-2017-8867
 	NOT-FOR-US: Elemental Path's CogniToys Dino smart toys
-CVE-2017-8866 (Elemental Path's CogniToys Dino smart toys through firmware version ...)
+CVE-2017-8866
 	NOT-FOR-US: Elemental Path's CogniToys Dino smart toys
-CVE-2017-8865 (Elemental Path's CogniToys Dino smart toys through firmware version ...)
+CVE-2017-8865
 	NOT-FOR-US: Elemental Path's CogniToys Dino smart toys
-CVE-2017-8864 (Client-side enforcement using JavaScript of server-side security ...)
+CVE-2017-8864
 	NOT-FOR-US: Cohu
-CVE-2017-8863 (Information disclosure of .esp source code on the Cohu 3960 allows an ...)
+CVE-2017-8863
 	NOT-FOR-US: Cohu
-CVE-2017-8862 (The webupgrade function on the Cohu 3960HD does not verify the firmware ...)
+CVE-2017-8862
 	NOT-FOR-US: Cohu
-CVE-2017-8861 (Missing authentication for the remote configuration port 1236/tcp on ...)
+CVE-2017-8861
 	NOT-FOR-US: Cohu
-CVE-2017-8860 (Information disclosure through directory listing on the Cohu 3960HD ...)
+CVE-2017-8860
 	NOT-FOR-US: Cohu
-CVE-2017-8859 (In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users ...)
+CVE-2017-8859
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-8858 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and ...)
+CVE-2017-8858
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-8857 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and ...)
+CVE-2017-8857
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-8856 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and ...)
+CVE-2017-8856
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-1000044 (gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly ...)
+CVE-2017-1000044
 	- gtk-vnc 0.4.3-1
 	NOTE: Fixed by: https://git.gnome.org/browse/gtk-vnc/commit/?id=f3fc5e57a78d4be9872f1394f697b9929873a737 (release-0.4.3)
-CVE-2017-8855 (wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a ...)
+CVE-2017-8855
 	- wolfssl 3.12.0+dfsg-1 (bug #870170)
 	NOTE: Fixed upstream in 3.11.0, https://github.com/wolfSSL/wolfssl/releases/tag/v3.11.0-stable
-CVE-2017-8854 (wolfSSL before 3.10.2 has an out-of-bounds memory access with loading ...)
+CVE-2017-8854
 	- wolfssl 3.10.2+dfsg-1
-CVE-2017-8853 (Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in ...)
+CVE-2017-8853
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-8852 (SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It ...)
+CVE-2017-8852
 	NOT-FOR-US: SAP
-CVE-2017-8851 (An issue was discovered on OnePlus One and X devices. Due to a lenient ...)
+CVE-2017-8851
 	NOT-FOR-US: OnePlus One
-CVE-2017-8850 (An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to ...)
+CVE-2017-8850
 	NOT-FOR-US: OnePlus One
-CVE-2017-8849 (smb4k before 2.0.1 allows local users to gain root privileges by ...)
+CVE-2017-8849
 	{DSA-3951-1 DLA-1002-1}
 	- smb4k 1.2.1-2 (bug #862505)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/3
@@ -27948,150 +27946,150 @@ CVE-2017-8849 (smb4k before 2.0.1 allows local users to gain root privileges by
 	NOTE: https://github.com/stealth/plasmapulsar
 	NOTE: smb4k 2.0.0: https://commits.kde.org/smb4k/a90289b0962663bc1d247bbbd31b9e65b2ca000e
 	NOTE: smb4k 1.2.3: https://commits.kde.org/smb4k/71554140bdaede27b95dbe4c9b5a028a83c83cce
-CVE-2017-8848 (Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a ...)
+CVE-2017-8848
 	NOT-FOR-US: Allen Disk
-CVE-2017-8847 (The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in ...)
+CVE-2017-8847
 	- lrzip 0.631+git180517-1 (unimportant; bug #863145)
 	NOTE: https://github.com/ckolivas/lrzip/issues/67
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-null-pointer-dereference-in-bufreadget-libzpaq-h/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8846 (The read_stream function in stream.c in liblrzip.so in lrzip 0.631 ...)
+CVE-2017-8846
 	- lrzip 0.631+git180517-1 (bug #863150)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/71
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-use-after-free-in-read_stream-stream-c/
-CVE-2017-8845 (The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in ...)
+CVE-2017-8845
 	- lrzip 0.631+git180517-1 (unimportant; bug #863151)
 	NOTE: https://github.com/ckolivas/lrzip/issues/68
 	NOTE: https://github.com/ckolivas/lrzip/commit/89d7b33e6a6450eed326b40084b547d42bad333f
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-invalid-memory-read-in-lzo_decompress_buf-stream-c/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8844 (The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows ...)
+CVE-2017-8844
 	- lrzip 0.631+git180517-1 (bug #863153)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/70
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-heap-based-buffer-overflow-write-in-read_1g-stream-c/
-CVE-2017-8843 (The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 ...)
+CVE-2017-8843
 	- lrzip 0.631+git180517-1 (unimportant; bug #863155)
 	NOTE: https://github.com/ckolivas/lrzip/issues/69
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-null-pointer-dereference-in-join_pthread-stream-c/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8842 (The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in ...)
+CVE-2017-8842
 	- lrzip 0.631+git180517-1 (unimportant; bug #863156)
 	NOTE: https://github.com/ckolivas/lrzip/issues/66
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-divide-by-zero-in-bufreadget-libzpaq-h/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8841 (Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, ...)
+CVE-2017-8841
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8840 (Debug information disclosure exists on Peplink Balance 305, 380, 580, ...)
+CVE-2017-8840
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8839 (XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, ...)
+CVE-2017-8839
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8838 (XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and ...)
+CVE-2017-8838
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8837 (Cleartext password storage exists on Peplink Balance 305, 380, 580, ...)
+CVE-2017-8837
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8836 (CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 ...)
+CVE-2017-8836
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8835 (SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and ...)
+CVE-2017-8835
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8834 (The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 ...)
+CVE-2017-8834
 	- libcroco <unfixed> (bug #864666; low)
 	[buster] - libcroco <no-dsa> (Minor issue)
 	[stretch] - libcroco <no-dsa> (Minor issue)
 	[jessie] - libcroco <no-dsa> (Minor issue)
 	[wheezy] - libcroco <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=782647
-CVE-2017-8833 (Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: ...)
+CVE-2017-8833
 	NOT-FOR-US: Zen Cart
-CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...)
+CVE-2017-8832
 	NOT-FOR-US: Allen Disk
-CVE-2017-8831 (The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c ...)
+CVE-2017-8831
 	{DLA-1200-1}
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=195559
-CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...)
+CVE-2017-8830
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862637)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/467
 CVE-2017-8828
 	RESERVED
-CVE-2017-8827 (forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might ...)
+CVE-2017-8827
 	NOT-FOR-US: GenixCMS
-CVE-2017-8826 (FastStone Image Viewer 6.2 has a &quot;User Mode Write AV&quot; issue, possibly ...)
+CVE-2017-8826
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2017-8825 (A null dereference vulnerability has been found in the MIME handling ...)
+CVE-2017-8825
 	- libetpan 1.6-3 (bug #862151)
 	[jessie] - libetpan <no-dsa> (Minor issue)
 	[wheezy] - libetpan <no-dsa> (Minor issue)
 	NOTE: https://github.com/dinhviethoa/libetpan/commit/1fe8fbc032ccda1db9af66d93016b49c16c1f22d
 	NOTE: https://github.com/dinhviethoa/libetpan/issues/274
-CVE-2017-8824 (The dccp_disconnect function in net/dccp/proto.c in the Linux kernel ...)
+CVE-2017-8824
 	{DSA-4082-1 DSA-4073-1 DLA-1200-1}
 	- linux 4.14.7-1
 	NOTE: http://lists.openwall.net/netdev/2017/12/04/224
 	NOTE: Fixed by: https://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76
-CVE-2017-8823 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
+CVE-2017-8823
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24313
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8822 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
+CVE-2017-8822
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/21534
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8821 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
+CVE-2017-8821
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24246
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8820 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
+CVE-2017-8820
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24245
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8819 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
+CVE-2017-8819
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24244
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8818 (curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to ...)
+CVE-2017-8818
 	- curl 7.57.0-1
 	[stretch] - curl <not-affected> (Vulnerable code not present)
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
 	NOTE: https://curl.haxx.se/docs/adv_2017-af0a.html
 	NOTE: https://curl.haxx.se/CVE-2017-8818.patch
-CVE-2017-8817 (The FTP wildcard function in curl and libcurl before 7.57.0 allows ...)
+CVE-2017-8817
 	{DSA-4051-1 DLA-1195-1}
 	- curl 7.57.0-1
 	NOTE: https://curl.haxx.se/docs/adv_2017-ae72.html
 	NOTE: https://curl.haxx.se/CVE-2017-8817.patch
-CVE-2017-8816 (The NTLM authentication feature in curl and libcurl before 7.57.0 on ...)
+CVE-2017-8816
 	{DSA-4051-1}
 	- curl 7.57.0-1
 	[wheezy] - curl <not-affected> (Vulnerable code not present, introduced in 7.36.0)
 	NOTE: https://curl.haxx.se/docs/adv_2017-11e7.html
 	NOTE: https://curl.haxx.se/CVE-2017-8816.patch
-CVE-2017-8815 (The language converter in MediaWiki before 1.27.4, 1.28.x before ...)
+CVE-2017-8815
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T119158
-CVE-2017-8814 (The language converter in MediaWiki before 1.27.4, 1.28.x before ...)
+CVE-2017-8814
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
@@ -28099,37 +28097,37 @@ CVE-2017-8814 (The language converter in MediaWiki before 1.27.4, 1.28.x before
 	NOTE: https://phabricator.wikimedia.org/T124404
 CVE-2017-8813
 	REJECTED
-CVE-2017-8812 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 ...)
+CVE-2017-8812
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T125163
-CVE-2017-8811 (The implementation of raw message parameter expansion in MediaWiki ...)
+CVE-2017-8811
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T176247
-CVE-2017-8810 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before ...)
+CVE-2017-8810
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T134100
-CVE-2017-8809 (api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x ...)
+CVE-2017-8809
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T128209
-CVE-2017-8808 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 ...)
+CVE-2017-8808
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T178451
-CVE-2017-8807 (vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache ...)
+CVE-2017-8807
 	{DSA-4034-1}
 	- varnish 5.2.1-1 (bug #881808)
 	[jessie] - varnish <not-affected> (Vulnerable code not present, issue introduced in 4.1.0)
@@ -28137,10 +28135,10 @@ CVE-2017-8807 (vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP
 	NOTE: http://varnish-cache.org/security/VSV00002.html
 	NOTE: https://github.com/varnishcache/varnish-cache/pull/2429
 	NOTE: Fixed by: https://github.com/varnishcache/varnish-cache/commit/176f8a075a
-CVE-2017-8806 (The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster ...)
+CVE-2017-8806
 	{DSA-4029-1 DLA-1169-1}
 	- postgresql-common 188
-CVE-2017-8805 (Debian ftpsync before 20171017 does not use the rsync --safe-links ...)
+CVE-2017-8805
 	- archvsync 20171017
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/17/2
 	NOTE: https://anonscm.debian.org/cgit/mirror/archvsync.git/commit/?id=d1ca2ab2210990b6dfb664cd6776a41b71c48016
@@ -28150,416 +28148,416 @@ CVE-2017-1000040
 	REJECTED
 CVE-2017-1000019
 	REJECTED
-CVE-2017-8829 (Deserialization vulnerability in lintian through 2.5.50.3 allows ...)
+CVE-2017-8829
 	- lintian 2.5.50.4 (bug #861958)
 	[jessie] - lintian <not-affected> (upstream/metadata check introduced in 2.5.41; vulnerable code not present)
 	[wheezy] - lintian <not-affected> (upstream/metadata check introduced in 2.5.41; vulnerable code not present)
-CVE-2017-8804 (The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc ...)
+CVE-2017-8804
 	NOTE: This is not a vulnerability in glibc, but a bug in the application, see
 	NOTE: https://sourceware.org/ml/libc-alpha/2017-05/msg00128.html and
 	NOTE: https://sourceware.org/ml/libc-alpha/2017-05/msg00129.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/05/2
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21461
-CVE-2017-8803 (Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow ...)
+CVE-2017-8803
 	NOT-FOR-US: Notepad++
-CVE-2017-8802 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite ...)
+CVE-2017-8802
 	NOT-FOR-US: Zimbra
-CVE-2017-8801 (Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build ...)
+CVE-2017-8801
 	NOT-FOR-US: Trend Micro
 CVE-2017-8800
 	RESERVED
-CVE-2017-8799 (Untrusted input execution via igetwild in all iRODS versions before ...)
+CVE-2017-8799
 	NOT-FOR-US: iRODS
-CVE-2017-8798 (Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through ...)
+CVE-2017-8798
 	{DLA-949-1}
 	- miniupnpc 1.9.20140610-3 (bug #862273)
 	[jessie] - miniupnpc <no-dsa> (Minor issue)
 	NOTE: https://github.com/tintinweb/pub/blob/master/pocs/cve-2017-8798/Readme.md
 	NOTE: Fixed by: https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229
-CVE-2017-8797 (The NFSv4 server in the Linux kernel before 4.11.3 does not properly ...)
+CVE-2017-8797
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b550a32e60a4941994b437a8d662432a486235a5 (4.12-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/f961e3f2acae94b727380c0b74e2d3954d0edf79 (4.12-rc1)
-CVE-2017-8796 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8796
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8795 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8795
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8794 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8794
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8793 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8793
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8792 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8792
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8791 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8791
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8790 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8790
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8789 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. A ...)
+CVE-2017-8789
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8788 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8788
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8787 (The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in ...)
+CVE-2017-8787
 	- libpodofo 0.9.5-7 (bug #861738)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: Possible unspecified impact. Needs further analysis.
 	NOTE: Upstream commit: https://sourceforge.net/p/podofo/code/1851
-CVE-2017-8786 (pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of ...)
+CVE-2017-8786
 	- pcre2 10.31-1 (unimportant; bug #861873)
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=2079
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/
 	NOTE: https://vcs.pcre.org/pcre2/code/trunk/src/pcre2test.c?r1=692&r2=697
-CVE-2017-8785 (FastStone Image Viewer 6.2 has a &quot;Data from Faulting Address may be ...)
+CVE-2017-8785
 	NOT-FOR-US: FastStone Image Viewer
 CVE-2017-8784
 	REJECTED
-CVE-2017-8783 (Synacor Zimbra Collaboration Suite (ZCS) before 8.7.10 has Persistent ...)
+CVE-2017-8783
 	NOT-FOR-US: Zimbra
-CVE-2017-8782 (The readString function in util/read.c and util/old/read.c in libming ...)
+CVE-2017-8782
 	{DLA-980-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/70
-CVE-2017-8781 (XnView Classic for Windows Version 2.40 allows user-assisted remote ...)
+CVE-2017-8781
 	NOT-FOR-US: XnView
-CVE-2017-8780 (GeniXCMS 1.0.2 has XSS triggered by a comment that is mishandled during ...)
+CVE-2017-8780
 	NOT-FOR-US: GenixCMS
-CVE-2017-8778 (GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 ...)
+CVE-2017-8778
 	- gitlab <not-affected> (SVG rendering feature introduced later, cf. bug #861870)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/27471
 CVE-2017-8777
 	RESERVED
-CVE-2017-8779 (rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through ...)
+CVE-2017-8779
 	{DSA-3845-1 DLA-937-1 DLA-936-1}
 	- rpcbind 0.2.3-0.6 (bug #861835)
 	- libtirpc 0.2.5-1.2 (bug #861834)
 	- ntirpc 1.4.4-1 (bug #861836)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/04/1
 	NOTE: https://github.com/guidovranken/rpcbomb/
-CVE-2017-8776 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security ...)
+CVE-2017-8776
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8775 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security ...)
+CVE-2017-8775
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8774 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security ...)
+CVE-2017-8774
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8773 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security ...)
+CVE-2017-8773
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8772 (On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet ...)
+CVE-2017-8772
 	NOT-FOR-US: BE126 WIFI repeater
-CVE-2017-8771 (On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet ...)
+CVE-2017-8771
 	NOT-FOR-US: BE126 WIFI repeater
-CVE-2017-8770 (There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 ...)
+CVE-2017-8770
 	NOT-FOR-US: BE126 WIFI repeater
-CVE-2017-8769 (** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android ...)
+CVE-2017-8769
 	NOT-FOR-US: WhatsApp Messenger
-CVE-2017-8768 (Atlassian SourceTree v2.5c and prior are affected by a command ...)
+CVE-2017-8768
 	NOT-FOR-US: Atlassian SourceTree
 CVE-2017-8767
 	REJECTED
-CVE-2017-8766 (IrfanView version 4.44 (32bit) allows remote attackers to execute code ...)
+CVE-2017-8766
 	NOT-FOR-US: IrfanView
-CVE-2017-8765 (The function named ReadICONImage in coders\icon.c in ImageMagick ...)
+CVE-2017-8765
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862653)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/466
 CVE-2017-8764
 	RESERVED
-CVE-2017-8763 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-8763
 	NOT-FOR-US: EPESI
-CVE-2017-8762 (GeniXCMS 1.0.2 has XSS triggered by an authenticated user who submits a ...)
+CVE-2017-8762
 	NOT-FOR-US: GenixCMS
 CVE-2017-8761
 	RESERVED
-CVE-2017-8760 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8760
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8759 (Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and ...)
+CVE-2017-8759
 	NOT-FOR-US: Microsoft
-CVE-2017-8758 (Microsoft Exchange Server 2016 allows an elevation of privilege ...)
+CVE-2017-8758
 	NOT-FOR-US: Microsoft
-CVE-2017-8757 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8757
 	NOT-FOR-US: Microsoft
-CVE-2017-8756 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8756
 	NOT-FOR-US: Microsoft
-CVE-2017-8755 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...)
+CVE-2017-8755
 	NOT-FOR-US: Microsoft
-CVE-2017-8754 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8754
 	NOT-FOR-US: Microsoft
-CVE-2017-8753 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8753
 	NOT-FOR-US: Microsoft
-CVE-2017-8752 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...)
+CVE-2017-8752
 	NOT-FOR-US: Apache Atlas
-CVE-2017-8751 (Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute ...)
+CVE-2017-8751
 	NOT-FOR-US: Microsoft
-CVE-2017-8750 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8750
 	NOT-FOR-US: Microsoft
-CVE-2017-8749 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-8749
 	NOT-FOR-US: Microsoft
-CVE-2017-8748 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8748
 	NOT-FOR-US: Microsoft
-CVE-2017-8747 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8747
 	NOT-FOR-US: Microsoft
-CVE-2017-8746 (Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 ...)
+CVE-2017-8746
 	NOT-FOR-US: Microsoft
-CVE-2017-8745 (An elevation of privilege vulnerability exists in Microsoft SharePoint ...)
+CVE-2017-8745
 	NOT-FOR-US: Microsoft
-CVE-2017-8744 (A remote code execution vulnerability exists in Excel Services, ...)
+CVE-2017-8744
 	NOT-FOR-US: Microsoft
-CVE-2017-8743 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+CVE-2017-8743
 	NOT-FOR-US: Microsoft
-CVE-2017-8742 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+CVE-2017-8742
 	NOT-FOR-US: Microsoft
-CVE-2017-8741 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-8741
 	NOT-FOR-US: Microsoft
-CVE-2017-8740 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8740
 	NOT-FOR-US: Microsoft
-CVE-2017-8739 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8739
 	NOT-FOR-US: Microsoft
-CVE-2017-8738 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows ...)
+CVE-2017-8738
 	NOT-FOR-US: Microsoft
-CVE-2017-8737 (Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT ...)
+CVE-2017-8737
 	NOT-FOR-US: Microsoft
-CVE-2017-8736 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8736
 	NOT-FOR-US: Microsoft
-CVE-2017-8735 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8735
 	NOT-FOR-US: Microsoft
-CVE-2017-8734 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8734
 	NOT-FOR-US: Microsoft
-CVE-2017-8733 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-8733
 	NOT-FOR-US: Microsoft
 CVE-2017-8732
 	RESERVED
-CVE-2017-8731 (Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 ...)
+CVE-2017-8731
 	NOT-FOR-US: Microsoft
 CVE-2017-8730
 	RESERVED
-CVE-2017-8729 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8729
 	NOT-FOR-US: Microsoft
-CVE-2017-8728 (Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT ...)
+CVE-2017-8728
 	NOT-FOR-US: Microsoft
-CVE-2017-8727 (Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-8727
 	NOT-FOR-US: Microsoft
-CVE-2017-8726 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8726
 	NOT-FOR-US: Microsoft
-CVE-2017-8725 (A remote code execution vulnerability exists in Microsoft Publisher ...)
+CVE-2017-8725
 	NOT-FOR-US: Microsoft
-CVE-2017-8724 (Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker ...)
+CVE-2017-8724
 	NOT-FOR-US: Microsoft
-CVE-2017-8723 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8723
 	NOT-FOR-US: Microsoft
 CVE-2017-8722
 	RESERVED
 CVE-2017-8721
 	RESERVED
-CVE-2017-8720 (The Microsoft Windows graphics component on Microsoft Windows Server ...)
+CVE-2017-8720
 	NOT-FOR-US: Microsoft
-CVE-2017-8719 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8719
 	NOT-FOR-US: Microsoft
-CVE-2017-8718 (The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 ...)
+CVE-2017-8718
 	NOT-FOR-US: Microsoft
-CVE-2017-8717 (The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 ...)
+CVE-2017-8717
 	NOT-FOR-US: Microsoft
-CVE-2017-8716 (Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows ...)
+CVE-2017-8716
 	NOT-FOR-US: Microsoft
-CVE-2017-8715 (The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, ...)
+CVE-2017-8715
 	NOT-FOR-US: Microsoft
-CVE-2017-8714 (The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server ...)
+CVE-2017-8714
 	NOT-FOR-US: Microsoft
-CVE-2017-8713 (The Windows Hyper-V component on Microsoft Windows Windows 8.1, ...)
+CVE-2017-8713
 	NOT-FOR-US: Microsoft
-CVE-2017-8712 (The Windows Hyper-V component on Microsoft Windows 10 1607, 1703, and ...)
+CVE-2017-8712
 	NOT-FOR-US: Microsoft
-CVE-2017-8711 (The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows ...)
+CVE-2017-8711
 	NOT-FOR-US: Microsoft
-CVE-2017-8710 (The Microsoft Common Console Document (.msc) in Microsoft Windows 7 ...)
+CVE-2017-8710
 	NOT-FOR-US: Microsoft
-CVE-2017-8709 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8709
 	NOT-FOR-US: Microsoft
-CVE-2017-8708 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8708
 	NOT-FOR-US: Microsoft
-CVE-2017-8707 (The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8707
 	NOT-FOR-US: Microsoft
-CVE-2017-8706 (The Windows Hyper-V component on Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-8706
 	NOT-FOR-US: Microsoft
 CVE-2017-8705
 	RESERVED
-CVE-2017-8704 (The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows ...)
+CVE-2017-8704
 	NOT-FOR-US: Microsoft
-CVE-2017-8703 (The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 ...)
+CVE-2017-8703
 	NOT-FOR-US: Microsoft
-CVE-2017-8702 (Windows Error Reporting (WER) in Microsoft Windows 10 Gold, 1511, and ...)
+CVE-2017-8702
 	NOT-FOR-US: Microsoft
 CVE-2017-8701
 	RESERVED
-CVE-2017-8700 (ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass ...)
+CVE-2017-8700
 	NOT-FOR-US: Microsoft
-CVE-2017-8699 (Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 ...)
+CVE-2017-8699
 	NOT-FOR-US: Microsoft
 CVE-2017-8698
 	RESERVED
 CVE-2017-8697
 	RESERVED
-CVE-2017-8696 (Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; ...)
+CVE-2017-8696
 	NOT-FOR-US: Microsoft
-CVE-2017-8695 (Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; ...)
+CVE-2017-8695
 	NOT-FOR-US: Microsoft
-CVE-2017-8694 (The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server ...)
+CVE-2017-8694
 	NOT-FOR-US: Microsoft
-CVE-2017-8693 (The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, ...)
+CVE-2017-8693
 	NOT-FOR-US: Microsoft
-CVE-2017-8692 (The Windows Uniscribe component on Microsoft Windows 8.1, Windows ...)
+CVE-2017-8692
 	NOT-FOR-US: Microsoft
-CVE-2017-8691 (Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an ...)
+CVE-2017-8691
 	NOT-FOR-US: Microsoft Windows
 CVE-2017-8690
 	RESERVED
-CVE-2017-8689 (The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server ...)
+CVE-2017-8689
 	NOT-FOR-US: Microsoft
-CVE-2017-8688 (Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8688
 	NOT-FOR-US: Microsoft
-CVE-2017-8687 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8687
 	NOT-FOR-US: Microsoft
-CVE-2017-8686 (The Windows Server DHCP service in Windows Server 2012 Gold and R2, ...)
+CVE-2017-8686
 	NOT-FOR-US: Microsoft
-CVE-2017-8685 (Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and ...)
+CVE-2017-8685
 	NOT-FOR-US: Microsoft
-CVE-2017-8684 (Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8684
 	NOT-FOR-US: Microsoft
-CVE-2017-8683 (Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-8683
 	NOT-FOR-US: Microsoft
-CVE-2017-8682 (Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-8682
 	NOT-FOR-US: Microsoft
-CVE-2017-8681 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8681
 	NOT-FOR-US: Microsoft
-CVE-2017-8680 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8680
 	NOT-FOR-US: Microsoft
-CVE-2017-8679 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8679
 	NOT-FOR-US: Microsoft
-CVE-2017-8678 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-8678
 	NOT-FOR-US: Microsoft
-CVE-2017-8677 (The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 ...)
+CVE-2017-8677
 	NOT-FOR-US: Microsoft
-CVE-2017-8676 (The Windows Graphics Device Interface (GDI) in Microsoft Windows ...)
+CVE-2017-8676
 	NOT-FOR-US: Microsoft
-CVE-2017-8675 (The Windows Kernel-Mode Drivers component on Microsoft Windows Server ...)
+CVE-2017-8675
 	NOT-FOR-US: Microsoft
-CVE-2017-8674 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8674
 	NOT-FOR-US: Microsoft
-CVE-2017-8673 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+CVE-2017-8673
 	NOT-FOR-US: Microsoft
-CVE-2017-8672 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...)
+CVE-2017-8672
 	NOT-FOR-US: Microsoft
-CVE-2017-8671 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...)
+CVE-2017-8671
 	NOT-FOR-US: Microsoft
-CVE-2017-8670 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2017-8670
 	NOT-FOR-US: Microsoft
-CVE-2017-8669 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8669
 	NOT-FOR-US: Microsoft
-CVE-2017-8668 (The Volume Manager Extension Driver in Microsoft Windows 7 SP1, ...)
+CVE-2017-8668
 	NOT-FOR-US: Microsoft
 CVE-2017-8667
 	RESERVED
-CVE-2017-8666 (Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8666
 	NOT-FOR-US: Microsoft
-CVE-2017-8665 (The Xamarin.iOS update component on systems running macOS allows an ...)
+CVE-2017-8665
 	NOT-FOR-US: Xamarin.iOS
-CVE-2017-8664 (Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2017-8664
 	NOT-FOR-US: Microsoft
-CVE-2017-8663 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, ...)
+CVE-2017-8663
 	NOT-FOR-US: Microsoft
-CVE-2017-8662 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8662
 	NOT-FOR-US: Microsoft
-CVE-2017-8661 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2017-8661
 	NOT-FOR-US: Microsoft
-CVE-2017-8660 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...)
+CVE-2017-8660
 	NOT-FOR-US: Microsoft
-CVE-2017-8659 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8659
 	NOT-FOR-US: Microsoft
-CVE-2017-8658 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2017-8658
 	NOT-FOR-US: Microsoft
-CVE-2017-8657 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...)
+CVE-2017-8657
 	NOT-FOR-US: Microsoft
-CVE-2017-8656 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2017-8656
 	NOT-FOR-US: Microsoft
-CVE-2017-8655 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8655
 	NOT-FOR-US: Microsoft
-CVE-2017-8654 (Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site ...)
+CVE-2017-8654
 	NOT-FOR-US: Microsoft
-CVE-2017-8653 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2017-8653
 	NOT-FOR-US: Microsoft
-CVE-2017-8652 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8652
 	NOT-FOR-US: Microsoft
-CVE-2017-8651 (Internet Explorer in Microsoft Windows Server 2008 SP2 and Windows ...)
+CVE-2017-8651
 	NOT-FOR-US: Microsoft
-CVE-2017-8650 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8650
 	NOT-FOR-US: Microsoft
-CVE-2017-8649 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2017-8649
 	NOT-FOR-US: Microsoft
-CVE-2017-8648 (Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to ...)
+CVE-2017-8648
 	NOT-FOR-US: Microsoft
-CVE-2017-8647 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...)
+CVE-2017-8647
 	NOT-FOR-US: Microsoft
-CVE-2017-8646 (Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 ...)
+CVE-2017-8646
 	NOT-FOR-US: Microsoft
-CVE-2017-8645 (Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 ...)
+CVE-2017-8645
 	NOT-FOR-US: Microsoft
-CVE-2017-8644 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8644
 	NOT-FOR-US: Microsoft
-CVE-2017-8643 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...)
+CVE-2017-8643
 	NOT-FOR-US: Microsoft
-CVE-2017-8642 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8642
 	NOT-FOR-US: Microsoft
-CVE-2017-8641 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8641
 	NOT-FOR-US: Microsoft
-CVE-2017-8640 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows ...)
+CVE-2017-8640
 	NOT-FOR-US: Microsoft
-CVE-2017-8639 (Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 ...)
+CVE-2017-8639
 	NOT-FOR-US: Microsoft
-CVE-2017-8638 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8638
 	NOT-FOR-US: Microsoft
-CVE-2017-8637 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8637
 	NOT-FOR-US: Microsoft
-CVE-2017-8636 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8636
 	NOT-FOR-US: Microsoft
-CVE-2017-8635 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8635
 	NOT-FOR-US: MIcrosoft
-CVE-2017-8634 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8634
 	NOT-FOR-US: Microsoft
-CVE-2017-8633 (Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-8633
 	NOT-FOR-US: Microsoft
-CVE-2017-8632 (A remote code execution vulnerability exists in Microsoft Excel 2010 ...)
+CVE-2017-8632
 	NOT-FOR-US: Microsoft
-CVE-2017-8631 (A remote code execution vulnerability exists in Excel Services, ...)
+CVE-2017-8631
 	NOT-FOR-US: Microsoft
-CVE-2017-8630 (Microsoft Office 2016 allows a remote code execution vulnerability ...)
+CVE-2017-8630
 	NOT-FOR-US: Microsoft
-CVE-2017-8629 (Microsoft SharePoint Server 2013 Service Pack 1 allows an elevation of ...)
+CVE-2017-8629
 	NOT-FOR-US: Microsoft
-CVE-2017-8628 (Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, ...)
+CVE-2017-8628
 	NOT-FOR-US: Microsoft Windows
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-8627 (Windows Subsystem for Linux in Windows 10 1703, allows a denial of ...)
+CVE-2017-8627
 	NOT-FOR-US: Microsoft
 CVE-2017-8626
 	RESERVED
-CVE-2017-8625 (Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows ...)
+CVE-2017-8625
 	NOT-FOR-US: Microsoft
-CVE-2017-8624 (CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-8624
 	NOT-FOR-US: Microsoft
-CVE-2017-8623 (Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 ...)
+CVE-2017-8623
 	NOT-FOR-US: Microsoft
-CVE-2017-8622 (Windows Subsystem for Linux in Windows 10 1703 allows an elevation of ...)
+CVE-2017-8622
 	NOT-FOR-US: Microsoft
-CVE-2017-8621 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange ...)
+CVE-2017-8621
 	NOT-FOR-US: Microsoft
-CVE-2017-8620 (Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8620
 	NOT-FOR-US: Microsoft
-CVE-2017-8619 (Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows ...)
+CVE-2017-8619
 	NOT-FOR-US: Microsoft
-CVE-2017-8618 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8618
 	NOT-FOR-US: Microsoft
-CVE-2017-8617 (Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code ...)
+CVE-2017-8617
 	NOT-FOR-US: Microsoft
 CVE-2017-8616
 	RESERVED
@@ -28567,357 +28565,357 @@ CVE-2017-8615
 	RESERVED
 CVE-2017-8614
 	RESERVED
-CVE-2017-8613 (Azure AD Connect Password writeback, if misconfigured during ...)
+CVE-2017-8613
 	NOT-FOR-US: Azure AD Connect Password writeback
 CVE-2017-8612
 	RESERVED
-CVE-2017-8611 (Microsoft Edge on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8611
 	NOT-FOR-US: Microsoft
-CVE-2017-8610 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8610
 	NOT-FOR-US: Microsoft
-CVE-2017-8609 (Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, ...)
+CVE-2017-8609
 	NOT-FOR-US: Microsoft
-CVE-2017-8608 (Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows ...)
+CVE-2017-8608
 	NOT-FOR-US: Microsoft
-CVE-2017-8607 (Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, ...)
+CVE-2017-8607
 	NOT-FOR-US: Microsoft
-CVE-2017-8606 (Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, ...)
+CVE-2017-8606
 	NOT-FOR-US: Microsoft
-CVE-2017-8605 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8605
 	NOT-FOR-US: Microsoft
-CVE-2017-8604 (Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and ...)
+CVE-2017-8604
 	NOT-FOR-US: Microsoft
-CVE-2017-8603 (Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and ...)
+CVE-2017-8603
 	NOT-FOR-US: Microsoft
-CVE-2017-8602 (Microsoft browsers on Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8602
 	NOT-FOR-US: Microsoft
-CVE-2017-8601 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8601
 	NOT-FOR-US: Microsoft
 CVE-2017-8600
 	RESERVED
-CVE-2017-8599 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8599
 	NOT-FOR-US: Microsoft
-CVE-2017-8598 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8598
 	NOT-FOR-US: Microsoft
-CVE-2017-8597 (Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker ...)
+CVE-2017-8597
 	NOT-FOR-US: Microsoft
-CVE-2017-8596 (Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows ...)
+CVE-2017-8596
 	NOT-FOR-US: Microsoft
-CVE-2017-8595 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8595
 	NOT-FOR-US: Microsoft
-CVE-2017-8594 (Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and ...)
+CVE-2017-8594
 	NOT-FOR-US: Microsoft
-CVE-2017-8593 (Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8593
 	NOT-FOR-US: Microsoft
-CVE-2017-8592 (Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server ...)
+CVE-2017-8592
 	NOT-FOR-US: Microsoft
-CVE-2017-8591 (Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 ...)
+CVE-2017-8591
 	NOT-FOR-US: Microsoft
-CVE-2017-8590 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8590
 	NOT-FOR-US: Microsoft
-CVE-2017-8589 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8589
 	NOT-FOR-US: Microsoft
-CVE-2017-8588 (Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8588
 	NOT-FOR-US: Microsoft
-CVE-2017-8587 (Windows Explorer in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8587
 	NOT-FOR-US: Microsoft
 CVE-2017-8586
 	RESERVED
-CVE-2017-8585 (Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker ...)
+CVE-2017-8585
 	NOT-FOR-US: Microsoft
-CVE-2017-8584 (Windows 10 1607 and Windows Server 2016 allow an attacker to execute ...)
+CVE-2017-8584
 	NOT-FOR-US: Microsoft
 CVE-2017-8583
 	RESERVED
-CVE-2017-8582 (HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8582
 	NOT-FOR-US: Microsoft
-CVE-2017-8581 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8581
 	NOT-FOR-US: Microsoft
-CVE-2017-8580 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8580
 	NOT-FOR-US: Microsoft
-CVE-2017-8579 (The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2017-8579
 	NOT-FOR-US: Microsoft
-CVE-2017-8578 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8578
 	NOT-FOR-US: Microsoft
-CVE-2017-8577 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8577
 	NOT-FOR-US: Microsoft
-CVE-2017-8576 (The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2017-8576
 	NOT-FOR-US: Microsoft
-CVE-2017-8575 (The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows ...)
+CVE-2017-8575
 	NOT-FOR-US: Windows
-CVE-2017-8574 (Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 ...)
+CVE-2017-8574
 	NOT-FOR-US: Microsoft
-CVE-2017-8573 (Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8573
 	NOT-FOR-US: Microsoft
-CVE-2017-8572 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, ...)
+CVE-2017-8572
 	NOT-FOR-US: Microsoft
-CVE-2017-8571 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, ...)
+CVE-2017-8571
 	NOT-FOR-US: Microsoft
-CVE-2017-8570 (Microsoft Office allows a remote code execution vulnerability due to ...)
+CVE-2017-8570
 	NOT-FOR-US: Microsoft
-CVE-2017-8569 (Microsoft SharePoint Server allows an elevation of privilege ...)
+CVE-2017-8569
 	NOT-FOR-US: Microsoft
 CVE-2017-8568
 	RESERVED
-CVE-2017-8567 (A remote code execution vulnerability exists in Microsoft Excel for ...)
+CVE-2017-8567
 	NOT-FOR-US: Microsoft
-CVE-2017-8566 (Microsoft Windows 1607, 1703, and Windows Server 2016 allows an ...)
+CVE-2017-8566
 	NOT-FOR-US: Microsoft
-CVE-2017-8565 (Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8565
 	NOT-FOR-US: Microsoft
-CVE-2017-8564 (Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-8564
 	NOT-FOR-US: Microsoft
-CVE-2017-8563 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8563
 	NOT-FOR-US: Microsoft
-CVE-2017-8562 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, ...)
+CVE-2017-8562
 	NOT-FOR-US: Microsoft
-CVE-2017-8561 (Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
+CVE-2017-8561
 	NOT-FOR-US: Microsoft
-CVE-2017-8560 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange ...)
+CVE-2017-8560
 	NOT-FOR-US: Microsoft
-CVE-2017-8559 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange ...)
+CVE-2017-8559
 	NOT-FOR-US: Microsoft
-CVE-2017-8558 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8558
 	NOT-FOR-US: Microsoft
-CVE-2017-8557 (Windows System Information Console in Windows Server 2008 SP2 and R2 ...)
+CVE-2017-8557
 	NOT-FOR-US: Microsoft
-CVE-2017-8556 (Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8556
 	NOT-FOR-US: Microsoft
-CVE-2017-8555 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+CVE-2017-8555
 	NOT-FOR-US: Microsoft
-CVE-2017-8554 (The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 ...)
+CVE-2017-8554
 	NOT-FOR-US: Microsoft
-CVE-2017-8553 (An information disclosure vulnerability exists in Microsoft Windows ...)
+CVE-2017-8553
 	NOT-FOR-US: Microsoft
-CVE-2017-8552 (A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, ...)
+CVE-2017-8552
 	NOT-FOR-US: Microsoft
-CVE-2017-8551 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2017-8551
 	NOT-FOR-US: Microsoft
-CVE-2017-8550 (A remote code execution vulnerability exists in Skype for Business ...)
+CVE-2017-8550
 	NOT-FOR-US: Microsoft
-CVE-2017-8549 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8549
 	NOT-FOR-US: Microsoft
-CVE-2017-8548 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8548
 	NOT-FOR-US: Microsoft
-CVE-2017-8547 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8547
 	NOT-FOR-US: Microsoft
 CVE-2017-8546
 	RESERVED
-CVE-2017-8545 (A spoofing vulnerability exists in when Microsoft Outlook for Mac does ...)
+CVE-2017-8545
 	NOT-FOR-US: Microsoft
-CVE-2017-8544 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8544
 	NOT-FOR-US: Microsoft
-CVE-2017-8543 (Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, ...)
+CVE-2017-8543
 	NOT-FOR-US: Microsoft
-CVE-2017-8542 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8542
 	NOT-FOR-US: Microsoft
-CVE-2017-8541 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8541
 	NOT-FOR-US: Microsoft
-CVE-2017-8540 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8540
 	NOT-FOR-US: Microsoft
-CVE-2017-8539 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8539
 	NOT-FOR-US: Microsoft
-CVE-2017-8538 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8538
 	NOT-FOR-US: Microsoft
-CVE-2017-8537 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8537
 	NOT-FOR-US: Microsoft
-CVE-2017-8536 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8536
 	NOT-FOR-US: Microsoft
-CVE-2017-8535 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-8535
 	NOT-FOR-US: Microsoft
-CVE-2017-8534 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8534
 	NOT-FOR-US: Microsoft
-CVE-2017-8533 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-8533
 	NOT-FOR-US: Microsoft
-CVE-2017-8532 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-8532
 	NOT-FOR-US: Microsoft
-CVE-2017-8531 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-8531
 	NOT-FOR-US: Microsoft
-CVE-2017-8530 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8530
 	NOT-FOR-US: Microsoft
-CVE-2017-8529 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8529
 	NOT-FOR-US: Microsoft
-CVE-2017-8528 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8528
 	NOT-FOR-US: Microsoft
-CVE-2017-8527 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-8527
 	NOT-FOR-US: Microsoft
 CVE-2017-8526
 	RESERVED
 CVE-2017-8525
 	RESERVED
-CVE-2017-8524 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2017-8524
 	NOT-FOR-US: Microsoft
-CVE-2017-8523 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+CVE-2017-8523
 	NOT-FOR-US: Microsoft
-CVE-2017-8522 (Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, ...)
+CVE-2017-8522
 	NOT-FOR-US: Microsoft
-CVE-2017-8521 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...)
+CVE-2017-8521
 	NOT-FOR-US: Microsoft
-CVE-2017-8520 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...)
+CVE-2017-8520
 	NOT-FOR-US: Microsoft
-CVE-2017-8519 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2017-8519
 	NOT-FOR-US: Microsoft
-CVE-2017-8518 (Microsoft Edge allows a remote code execution vulnerability due to the ...)
+CVE-2017-8518
 	NOT-FOR-US: Microsoft
-CVE-2017-8517 (Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-8517
 	NOT-FOR-US: Microsoft
-CVE-2017-8516 (Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, ...)
+CVE-2017-8516
 	NOT-FOR-US: Microsoft
-CVE-2017-8515 (Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 ...)
+CVE-2017-8515
 	NOT-FOR-US: Microsoft
-CVE-2017-8514 (An information disclosure vulnerability exists when Microsoft ...)
+CVE-2017-8514
 	NOT-FOR-US: Microsoft
-CVE-2017-8513 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+CVE-2017-8513
 	NOT-FOR-US: Microsoft
-CVE-2017-8512 (A remote code execution vulnerability exists in Microsoft Office when ...)
+CVE-2017-8512
 	NOT-FOR-US: Microsoft
-CVE-2017-8511 (A remote code execution vulnerability exists in Microsoft Office when ...)
+CVE-2017-8511
 	NOT-FOR-US: Microsoft
-CVE-2017-8510 (A remote code execution vulnerability exists in Microsoft Office when ...)
+CVE-2017-8510
 	NOT-FOR-US: Microsoft
-CVE-2017-8509 (A remote code execution vulnerability exists in Microsoft Office when ...)
+CVE-2017-8509
 	NOT-FOR-US: Microsoft
-CVE-2017-8508 (A security feature bypass vulnerability exists in Microsoft Office ...)
+CVE-2017-8508
 	NOT-FOR-US: Microsoft
-CVE-2017-8507 (A remote code execution vulnerability exists in the way Microsoft ...)
+CVE-2017-8507
 	NOT-FOR-US: Microsoft
-CVE-2017-8506 (A remote code execution vulnerability exists in Microsoft Office when ...)
+CVE-2017-8506
 	NOT-FOR-US: Microsoft
 CVE-2017-8505
 	RESERVED
-CVE-2017-8504 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 ...)
+CVE-2017-8504
 	NOT-FOR-US: Microsoft
-CVE-2017-8503 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...)
+CVE-2017-8503
 	NOT-FOR-US: Microsoft
-CVE-2017-8502 (Microsoft Office allows a remote code execution vulnerability due to ...)
+CVE-2017-8502
 	NOT-FOR-US: Microsoft
-CVE-2017-8501 (Microsoft Office allows a remote code execution vulnerability due to ...)
+CVE-2017-8501
 	NOT-FOR-US: Microsoft
 CVE-2017-8500
 	RESERVED
-CVE-2017-8499 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...)
+CVE-2017-8499
 	NOT-FOR-US: Microsoft
-CVE-2017-8498 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 ...)
+CVE-2017-8498
 	NOT-FOR-US: Microsoft
-CVE-2017-8497 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an ...)
+CVE-2017-8497
 	NOT-FOR-US: Microsoft
-CVE-2017-8496 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an ...)
+CVE-2017-8496
 	NOT-FOR-US: Microsoft
-CVE-2017-8495 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8495
 	NOT-FOR-US: Microsoft
-CVE-2017-8494 (Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server ...)
+CVE-2017-8494
 	NOT-FOR-US: Microsoft
-CVE-2017-8493 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...)
+CVE-2017-8493
 	NOT-FOR-US: Microsoft
-CVE-2017-8492 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8492
 	NOT-FOR-US: Microsoft
-CVE-2017-8491 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8491
 	NOT-FOR-US: Microsoft
-CVE-2017-8490 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8490
 	NOT-FOR-US: Microsoft
-CVE-2017-8489 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8489
 	NOT-FOR-US: Microsoft
-CVE-2017-8488 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8488
 	NOT-FOR-US: Microsoft
-CVE-2017-8487 (Windows OLE in Windows XP and Windows Server 2003 allows an attacker ...)
+CVE-2017-8487
 	NOT-FOR-US: Microsoft
-CVE-2017-8486 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8486
 	NOT-FOR-US: Microsoft
-CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8485
 	NOT-FOR-US: Microsoft
-CVE-2017-8484 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8484
 	NOT-FOR-US: Microsoft
-CVE-2017-8483 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8483
 	NOT-FOR-US: Microsoft
-CVE-2017-8482 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8482
 	NOT-FOR-US: Microsoft
-CVE-2017-8481 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8481
 	NOT-FOR-US: Microsoft
-CVE-2017-8480 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8480
 	NOT-FOR-US: Microsoft
-CVE-2017-8479 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8479
 	NOT-FOR-US: Microsoft
-CVE-2017-8478 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8478
 	NOT-FOR-US: Microsoft
-CVE-2017-8477 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8477
 	NOT-FOR-US: Microsoft
-CVE-2017-8476 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8476
 	NOT-FOR-US: Microsoft
-CVE-2017-8475 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8475
 	NOT-FOR-US: Microsoft
-CVE-2017-8474 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8474
 	NOT-FOR-US: Microsoft
-CVE-2017-8473 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8473
 	NOT-FOR-US: Microsoft
-CVE-2017-8472 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and ...)
+CVE-2017-8472
 	NOT-FOR-US: Microsoft
-CVE-2017-8471 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8471
 	NOT-FOR-US: Microsoft
-CVE-2017-8470 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8470
 	NOT-FOR-US: Microsoft
-CVE-2017-8469 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8469
 	NOT-FOR-US: Microsoft
-CVE-2017-8468 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...)
+CVE-2017-8468
 	NOT-FOR-US: Microsoft
-CVE-2017-8467 (Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 ...)
+CVE-2017-8467
 	NOT-FOR-US: Microsoft
-CVE-2017-8466 (Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, ...)
+CVE-2017-8466
 	NOT-FOR-US: Microsoft
-CVE-2017-8465 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...)
+CVE-2017-8465
 	NOT-FOR-US: Microsoft
-CVE-2017-8464 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-8464
 	NOT-FOR-US: Microsoft
-CVE-2017-8463 (Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-8463
 	NOT-FOR-US: Microsoft
-CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-8462
 	NOT-FOR-US: Microsoft
-CVE-2017-8461 (Windows RPC with Routing and Remote Access enabled in Windows XP and ...)
+CVE-2017-8461
 	NOT-FOR-US: Microsoft
-CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
+CVE-2017-8460
 	NOT-FOR-US: Microsoft
-CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in which ...)
+CVE-2017-8459
 	- brave-browser <itp> (bug #864795)
-CVE-2017-8458 (Brave 0.12.4 has a URI Obfuscation issue in which a string such as ...)
+CVE-2017-8458
 	- brave-browser <itp> (bug #864795)
 CVE-2017-8457
 	RESERVED
 CVE-2017-8456
 	RESERVED
-CVE-2017-8455 (Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an ...)
+CVE-2017-8455
 	NOT-FOR-US: Foxit Reader
-CVE-2017-8454 (Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an ...)
+CVE-2017-8454
 	NOT-FOR-US: Foxit Reader
-CVE-2017-8453 (Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an ...)
+CVE-2017-8453
 	NOT-FOR-US: Foxit Reader
-CVE-2017-8452 (Kibana versions prior to 5.2.1 configured for SSL client access, file ...)
+CVE-2017-8452
 	- kibana <itp> (bug #700337)
-CVE-2017-8451 (With X-Pack installed, Kibana versions before 5.3.1 have an open ...)
+CVE-2017-8451
 	NOT-FOR-US: Kibana addon
-CVE-2017-8450 (X-Pack 5.1.1 did not properly apply document and field level security ...)
+CVE-2017-8450
 	NOT-FOR-US: Kibana addon
-CVE-2017-8449 (X-Pack Security 5.2.x would allow access to more fields than the user ...)
+CVE-2017-8449
 	NOT-FOR-US: Kibana addon
-CVE-2017-8448 (An error was found in the permission model used by X-Pack Alerting ...)
+CVE-2017-8448
 	- kibana <itp> (bug #700337)
-CVE-2017-8447 (An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege ...)
+CVE-2017-8447
 	NOT-FOR-US: X-Pack plugin for Kibana
-CVE-2017-8446 (The Reporting feature in X-Pack in versions prior to 5.5.2 and ...)
+CVE-2017-8446
 	NOT-FOR-US: X-Pack plugin for Kibana
-CVE-2017-8445 (An error was found in the X-Pack Security TLS trust manager for ...)
+CVE-2017-8445
 	NOT-FOR-US: X-PackSecurity TLS trust manager plugin for Elasticsearch
-CVE-2017-8444 (The client-forwarder in Elastic Cloud Enterprise versions prior to ...)
+CVE-2017-8444
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2017-8443 (In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user ...)
+CVE-2017-8443
 	NOT-FOR-US: Kibana X-Pack Security
-CVE-2017-8442 (Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, ...)
+CVE-2017-8442
 	NOT-FOR-US: Elastic X-Pack Security
-CVE-2017-8441 (Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not ...)
+CVE-2017-8441
 	NOT-FOR-US: Elastic X-Pack Security
-CVE-2017-8440 (Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) ...)
+CVE-2017-8440
 	- kibana <itp> (bug #700337)
-CVE-2017-8439 (Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug ...)
+CVE-2017-8439
 	- kibana <itp> (bug #700337)
-CVE-2017-8438 (Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege ...)
+CVE-2017-8438
 	NOT-FOR-US: Elastic X-Pack Security
 CVE-2017-8437
 	RESERVED
@@ -28949,7 +28947,7 @@ CVE-2017-8424
 	RESERVED
 CVE-2017-8423
 	RESERVED
-CVE-2017-8422 (KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to ...)
+CVE-2017-8422
 	{DSA-3849-1 DLA-952-1}
 	- kauth 5.28.0-2
 	- kde4libs 4:4.14.26-2
@@ -28957,35 +28955,35 @@ CVE-2017-8422 (KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local user
 	NOTE: patch for kauth: https://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a
 	NOTE: patch for kde4libs: https://cgit.kde.org/kdelibs.git/commit/?h=KDE/4.14&id=264e97625abe2e0334f97de17f6ffb52582888ab
 	NOTE: https://www.kde.org/info/security/advisory-20170510-1.txt
-CVE-2017-8421 (The function coff_set_alignment_hook in coffcode.h in Binary File ...)
+CVE-2017-8421
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21440
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=39ff1b79f687b65f4144ddb379f22587003443fb
-CVE-2017-8420 (SWFTools 2013-04-09-1007 on Windows has a &quot;Data from Faulting Address ...)
+CVE-2017-8420
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-8419 (LAME through 3.99.5 relies on the signed integer data type for values ...)
+CVE-2017-8419
 	- lame 3.99.5+repack1-7
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: https://sourceforge.net/p/lame/bugs/458/
 	NOTE: Issue addressed in Debian via: https://sources.debian.org/patches/lame/3.99.5%2Brepack1-9/0001-Add-check-for-invalid-input-sample-rate.patch/
 	NOTE: in the revised version as included in 3.99.5+repack1-7
-CVE-2017-8905 (Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, ...)
+CVE-2017-8905
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.0~rc3-1 (bug #861662)
 	NOTE: https://xenbits.xen.org/xsa/advisory-215.html
-CVE-2017-8904 (Xen through 4.8.x mishandles the &quot;contains segment descriptors&quot; ...)
+CVE-2017-8904
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.1-1+deb9u1 (bug #861660)
 	NOTE: https://xenbits.xen.org/xsa/advisory-214.html
-CVE-2017-8903 (Xen through 4.8.x on 64-bit platforms mishandles page tables after an ...)
+CVE-2017-8903
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.1-1+deb9u1 (bug #861659)
 	NOTE: https://xenbits.xen.org/xsa/advisory-213.html
-CVE-2017-8418 (RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing ...)
+CVE-2017-8418
 	- rubocop 0.49.1+dfsg-1 (bug #870852)
 	NOTE: https://github.com/bbatsov/rubocop/issues/4336
 	NOTE: https://github.com/bbatsov/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7
@@ -29017,95 +29015,95 @@ CVE-2017-8405
 	RESERVED
 CVE-2017-8404
 	RESERVED
-CVE-2017-8403 (360fly 4K cameras allow unauthenticated Wi-Fi password changes and ...)
+CVE-2017-8403
 	NOT-FOR-US: 360fly
-CVE-2017-8402 (PivotX 2.3.11 allows remote authenticated users to execute arbitrary ...)
+CVE-2017-8402
 	NOT-FOR-US: PivotX
-CVE-2017-8401 (In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the ...)
+CVE-2017-8401
 	{DLA-995-1}
 	- swftools <unfixed> (unimportant; bug #861998)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/14
 	NOTE: https://github.com/matthiaskramm/swftools/commit/392fb1f3cd9a5b167787c551615c651c3f5326f2
 	NOTE: Crash in CLI tool not considered a security issue
-CVE-2017-8400 (In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the ...)
+CVE-2017-8400
 	{DLA-995-1}
 	- swftools 0.9.2+git20130725-4.1 (bug #861693)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/13
 	NOTE: https://github.com/matthiaskramm/swftools/commit/7139f3cf7c8bc576bea1dbd07c58ce1ad92b774a
-CVE-2017-8399 (PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based ...)
+CVE-2017-8399
 	- pcre2 <not-affected> (Did only affect revision after r670 upstream; not in a released version)
 	NOTE: Fixed by: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=783
 	NOTE: https://vcs.pcre.org/pcre2?view=revision&revision=674
-CVE-2017-8398 (dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 ...)
+CVE-2017-8398
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21438
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d949ff5607b9f595e0eed2ff15fbe5eb84eb3a34
-CVE-2017-8397 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-8397
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21434
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=04b31182bf3f8a1a76e995bdfaaaab4c009b9cb2
-CVE-2017-8396 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-8396
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21432
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a941291cab71b9ac356e1c03968c177c03e602ab
-CVE-2017-8395 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-8395
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21431
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e63d123268f23a4cbc45ee55fb6dbc7d84729da3
-CVE-2017-8394 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-8394
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21414
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7eacd66b086cabb1daab20890d5481894d4f56b2
-CVE-2017-8393 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-8393
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21412
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bce964aa6c777d236fbd641f2bc7bb931cfe4bf3
-CVE-2017-8392 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-8392
 	- binutils <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21409
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=97e83a100aa8250be783304bfe0429761c6e6b6b
 	NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3239a4231ff79bf8b67b8faaf414b1667486167c
-CVE-2017-8391 (The OS Installation Management component in CA Client Automation r12.9, ...)
+CVE-2017-8391
 	NOT-FOR-US: OS Installation Management component in CA Client Automation
-CVE-2017-8390 (The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before ...)
+CVE-2017-8390
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2017-8389
 	RESERVED
-CVE-2017-8388 (GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger ...)
+CVE-2017-8388
 	NOT-FOR-US: GeniXCMS
-CVE-2017-8387 (STDU Viewer version 1.6.375 might allow user-assisted attackers to ...)
+CVE-2017-8387
 	NOT-FOR-US: STDU Viewer
-CVE-2017-8386 (git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before ...)
+CVE-2017-8386
 	{DSA-3848-1 DLA-938-1}
 	- git 1:2.11.0-3
 	NOTE: http://lkml.iu.edu/hypermail/linux/kernel/1705.1/01337.html
 	NOTE: http://lkml.iu.edu/hypermail/linux/kernel/1705.1/01346.html
 	NOTE: https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=3ec804490a265f4c418a321428c12f3f18b7eff5
-CVE-2017-8385 (Craft CMS before 2.6.2976 does not prevent modification of the URL in a ...)
+CVE-2017-8385
 	NOT-FOR-US: Craft CMS
-CVE-2017-8384 (Craft CMS before 2.6.2976 allows XSS attacks because an array returned ...)
+CVE-2017-8384
 	NOT-FOR-US: Craft CMS
-CVE-2017-8383 (Craft CMS before 2.6.2976 does not properly restrict viewing the ...)
+CVE-2017-8383
 	NOT-FOR-US: Craft CMS
-CVE-2017-8382 (admidio 3.2.8 has CSRF in ...)
+CVE-2017-8382
 	NOT-FOR-US: admidio
-CVE-2017-8381 (XnView Classic for Windows Version 2.40 allows user-assisted remote ...)
+CVE-2017-8381
 	NOT-FOR-US: XnView Classic for Windows
-CVE-2017-8380 (Buffer overflow in the &quot;megasas_mmio_write&quot; function in Qemu 2.9.0 ...)
+CVE-2017-8380
 	- qemu 1:2.8+dfsg-5 (bug #862282)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -29113,159 +29111,159 @@ CVE-2017-8380 (Buffer overflow in the &quot;megasas_mmio_write&quot; function in
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=e23d04984a78490d8aaa5c45724a3a334933331f (v2.2.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=24dfa9fa2f90a95ac33c7372de4f4f2c8a2c141f
-CVE-2017-8379 (Memory leak in the keyboard input event handlers support in QEMU (aka ...)
+CVE-2017-8379
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-5 (bug #862289)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=fa18f36a461984eae50ab957e47ec78dae3c14fc
-CVE-2017-8378 (Heap-based buffer overflow in the PdfParser::ReadObjects function in ...)
+CVE-2017-8378
 	- libpodofo 0.9.5-9 (bug #861597)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: PoC: https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_PdfParser.ReadObjects
 	NOTE: Upstream commit: https://sourceforge.net/p/podofo/code/1833/
-CVE-2017-8377 (GeniXCMS 1.0.2 has SQL Injection in ...)
+CVE-2017-8377
 	NOT-FOR-US: GeniXCMS
-CVE-2017-8376 (GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is ...)
+CVE-2017-8376
 	NOT-FOR-US: GeniXCMS
 CVE-2017-8375
 	RESERVED
-CVE-2017-8374 (The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b ...)
+CVE-2017-8374
 	{DSA-4192-1 DLA-1380-1}
 	- libmad 0.15.1b-9
 	NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_bit_skip-bit-c/
 	NOTE: The patch from #508133 fixed things related to this, but did not fix this.
 	NOTE: Patch in 0.15.1b-9: libmad-0.15.1b/debian/patches/length-check.patch
-CVE-2017-8373 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b ...)
+CVE-2017-8373
 	{DSA-4192-1 DLA-1380-1}
 	- libmad 0.15.1b-9 (bug #287519)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_layer_iii-layer3-c/
 	NOTE: The patch from #508133 applied in 0.15.1b-4 only partially fixed it
 	NOTE: "Duplicate with"/basically same as CVE-2017-8372
 	NOTE: Patch in 0.15.1b-9: libmad-0.15.1b/debian/patches/md_size.diff
-CVE-2017-8372 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, ...)
+CVE-2017-8372
 	{DSA-4192-1 DLA-1380-1}
 	- libmad 0.15.1b-9 (bug #287519)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-assertion-failure-in-layer3-c/
 	NOTE: The patch from #508133 applied in 0.15.1b-4 only partially fixed it
 	NOTE: "Duplicate" with/basically same as CVE-2017-8373
 	NOTE: Patch in 0.15.1b-9: libmad-0.15.1b/debian/patches/md_size.diff
-CVE-2017-8371 (Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses ...)
+CVE-2017-8371
 	NOT-FOR-US: Schneider Electric
-CVE-2017-8370 (IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote ...)
+CVE-2017-8370
 	NOT-FOR-US: IrfanView
-CVE-2017-8369 (IrfanView version 4.44 (32bit) has a &quot;Data from Faulting Address ...)
+CVE-2017-8369
 	NOT-FOR-US: IrfanView
-CVE-2017-8368 (Sublime Text 3 Build 3126 allows user-assisted attackers to cause a ...)
+CVE-2017-8368
 	- sublime-text <itp> (bug #682158)
-CVE-2017-8367 (Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD ...)
+CVE-2017-8367
 	NOT-FOR-US: Ether Software
-CVE-2017-8366 (The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote ...)
+CVE-2017-8366
 	{DSA-3874-1}
 	- ettercap 1:0.8.2-5 (bug #861604)
 	NOTE: https://github.com/Ettercap/ettercap/issues/792
 	NOTE: Fixed by: https://github.com/Ettercap/ettercap/commit/1083d604930ebb9f350126b83802ecd2cbc17f90
-CVE-2017-8365 (The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote ...)
+CVE-2017-8365
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862202)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/230
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
-CVE-2017-8364 (The read_buf function in stream.c in rzip 2.1 allows remote attackers ...)
+CVE-2017-8364
 	{DLA-955-1}
 	- rzip 2.1-4.1 (bug #861614)
 	[jessie] - rzip <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/rzip-heap-based-buffer-overflow-in-read_buf-stream-c/
 	NOTE: Patch in http://download.opensuse.org/repositories/openSUSE:/Leap:/42.2:/Update/standard/src/rzip-2.1-151.3.1.src.rpm
-CVE-2017-8363 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
+CVE-2017-8363
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862203)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/233
 	NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
 	NOTE: https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8
-CVE-2017-8362 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
+CVE-2017-8362
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862204)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/231
 	NOTE: https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808
-CVE-2017-8361 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
+CVE-2017-8361
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862205)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/232
 	NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
-CVE-2017-8360 (Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ...)
+CVE-2017-8360
 	NOT-FOR-US: Conexant Systems mictray64 task
-CVE-2017-8359 (Google gRPC before 2017-03-29 has an out-of-bounds write caused by a ...)
+CVE-2017-8359
 	- grpc 1.3.2-0.1
 	NOTE: https://github.com/grpc/grpc/pull/10353
 	NOTE: Fixed by: https://github.com/grpc/grpc/commit/6544a2d5d9ecdb64214da1d228886a7d15bbf5c7
-CVE-2017-8358 (LibreOffice before 2017-03-17 has an out-of-bounds write caused by a ...)
+CVE-2017-8358
 	- libreoffice <not-affected> (Vulnerable code introduced on 2017-03-15; never in released version)
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c
 	NOTE: Introduced by: https://github.com/LibreOffice/core/commit/ceb53ad9f34ae05d09f61845d581546eac0c6d60
-CVE-2017-8357 (In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows ...)
+CVE-2017-8357
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862636)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/453
-CVE-2017-8356 (In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows ...)
+CVE-2017-8356
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862635)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/449
-CVE-2017-8355 (In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows ...)
+CVE-2017-8355
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862634)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/450
-CVE-2017-8354 (In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows ...)
+CVE-2017-8354
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862633)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/451
-CVE-2017-8353 (In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows ...)
+CVE-2017-8353
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862632)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/454
-CVE-2017-8352 (In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows ...)
+CVE-2017-8352
 	{DSA-3863-1 DLA-1081-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862590)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/452
-CVE-2017-8351 (In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows ...)
+CVE-2017-8351
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862589)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/448
-CVE-2017-8350 (In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows ...)
+CVE-2017-8350
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862587)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/447
-CVE-2017-8349 (In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows ...)
+CVE-2017-8349
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862579)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/443
-CVE-2017-8348 (In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows ...)
+CVE-2017-8348
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862578)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/445
-CVE-2017-8347 (In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows ...)
+CVE-2017-8347
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862577)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/441
-CVE-2017-8346 (In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows ...)
+CVE-2017-8346
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862575)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/440
-CVE-2017-8345 (In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows ...)
+CVE-2017-8345
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862573)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/442
-CVE-2017-8344 (In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows ...)
+CVE-2017-8344
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862574)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/446
-CVE-2017-8343 (In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows ...)
+CVE-2017-8343
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862572)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/444
@@ -29273,9 +29271,9 @@ CVE-2017-8341
 	RESERVED
 CVE-2017-8340
 	RESERVED
-CVE-2017-8339 (PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a ...)
+CVE-2017-8339
 	NOT-FOR-US: Panda Free Antivirus
-CVE-2017-8338 (A vulnerability in MikroTik Version 6.38.5 could allow an ...)
+CVE-2017-8338
 	NOT-FOR-US: MikroTik
 CVE-2017-8337
 	RESERVED
@@ -29297,17 +29295,17 @@ CVE-2017-8329
 	RESERVED
 CVE-2017-8328
 	RESERVED
-CVE-2017-8342 (Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing ...)
+CVE-2017-8342
 	{DLA-934-1}
 	- radicale 1.1.1+20160115-4 (bug #861514)
 	[jessie] - radicale <no-dsa> (Minor issue)
 	NOTE: https://github.com/Kozea/Radicale/commit/190b1dd795f0c552a4992445a231da760211183b (1.1.x)
 	NOTE: https://github.com/Kozea/Radicale/commit/059ba8dec1f22ccbeab837e288b3833a099cee2d (master)
-CVE-2017-8327 (The bmpr_read_uncompressed function in imagew-bmp.c in ...)
+CVE-2017-8327
 	NOT-FOR-US: ImageWorsener
-CVE-2017-8326 (libimageworsener.a in ImageWorsener before 1.3.1 has &quot;left shift cannot ...)
+CVE-2017-8326
 	NOT-FOR-US: ImageWorsener
-CVE-2017-8325 (The iw_process_cols_to_intermediate function in imagew-main.c in ...)
+CVE-2017-8325
 	NOT-FOR-US: ImageWorsener
 CVE-2017-8324
 	RESERVED
@@ -29325,9 +29323,9 @@ CVE-2017-8318
 	RESERVED
 CVE-2017-8317
 	RESERVED
-CVE-2017-8316 (IntelliJ IDEA XML parser was found vulnerable to XML External Entity ...)
+CVE-2017-8316
 	NOT-FOR-US: IntelliJ IDEA XML parser
-CVE-2017-8315 (Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier ...)
+CVE-2017-8315
 	- apktool 2.2.4-1 (low)
 	[stretch] - apktool <no-dsa> (Minor issue)
 	NOTE: Upstream bug with details is restricted
@@ -29336,7 +29334,7 @@ CVE-2017-8315 (Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earl
 	NOTE: Possible fixes: https://github.com/iBotPeaches/Apktool/commit/f19317d87c316ed254aafa0a27eddd024e25ec6c
 	NOTE: https://github.com/iBotPeaches/Apktool/commit/657a44f5938b072898a0de913c03760210e0f4ed
 	NOTE: https://github.com/iBotPeaches/Apktool/commit/dbb144f9af5478c780e59c8b65036ae882595063
-CVE-2017-8314 (Directory Traversal in Zip Extraction built-in function in Kodi 17.1 ...)
+CVE-2017-8314
 	{DLA-1243-1}
 	- kodi 2:17.1+dfsg1-3 (bug #863230)
 	- xbmc <removed>
@@ -29344,65 +29342,65 @@ CVE-2017-8314 (Directory Traversal in Zip Extraction built-in function in Kodi 1
 	NOTE: http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
 	NOTE: https://kodi.tv/article/kodi-v172-minor-bug-fix-and-security-release
 	NOTE: Fixed by https://github.com/xbmc/xbmc/commit/35cfe35608b15335ef21d798947fceab3f47c8d7
-CVE-2017-8313 (Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to ...)
+CVE-2017-8313
 	{DSA-3899-1}
 	- vlc 2.2.5-1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=05b653355ce303ada3b5e0e645ae717fea39186c
-CVE-2017-8312 (Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing ...)
+CVE-2017-8312
 	{DSA-3899-1}
 	- vlc 2.2.6-1~deb9u1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=611398fc8d32f3fe4331f60b220c52ba3557beaa
-CVE-2017-8311 (Potential heap based buffer overflow in ParseJSS in VideoLAN VLC ...)
+CVE-2017-8311
 	{DSA-3899-1}
 	- vlc 2.2.5-1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6
-CVE-2017-8310 (Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due ...)
+CVE-2017-8310
 	{DSA-3899-1}
 	- vlc 2.2.5.1-1~deb9u1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=7cac839692ab79dbfe5e4ebd4c4e37d9a8b1b328
-CVE-2017-8309 (Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows ...)
+CVE-2017-8309
 	{DLA-1497-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-5 (bug #862280)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=3268a845f41253fb55852a8429c32b50f36f349a
-CVE-2017-8308 (In Avast Antivirus before v17, an unprivileged user (and thus malware ...)
+CVE-2017-8308
 	NOT-FOR-US: Avast Antivirus
-CVE-2017-8307 (In Avast Antivirus before v17, using the LPC interface API exposed by ...)
+CVE-2017-8307
 	NOT-FOR-US: Avast Antivirus
 CVE-2017-8306
 	RESERVED
-CVE-2017-8304 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8304
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8303 (An issue was discovered on Accellion FTA devices before FTA_9_12_180. ...)
+CVE-2017-8303
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8302 (Mura CMS 7.0.6967 allows admin/?muraAction= XSS attacks, related to ...)
+CVE-2017-8302
 	NOT-FOR-US: Mura CMS
 CVE-2017-8300
 	RESERVED
 CVE-2017-8299
 	RESERVED
-CVE-2017-8298 (cnvs.io Canvas 3.3.0 has XSS in the title and content fields of a ...)
+CVE-2017-8298
 	NOT-FOR-US: cnvs.io Canvas
-CVE-2017-8297 (A path traversal vulnerability exists in simple-file-manager before ...)
+CVE-2017-8297
 	NOT-FOR-US: simple-file-manager
-CVE-2017-8296 (kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is ...)
+CVE-2017-8296
 	{DLA-925-1}
 	- kedpm <removed> (bug #860817)
 	[jessie] - kedpm 1.0+deb8u1
 	NOTE: patch in BTS gives workaround to always prompt for password and do not save
 	NOTE: to database.
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/25/9
-CVE-2017-8295 (WordPress through 4.7.4 relies on the Host HTTP header for a ...)
+CVE-2017-8295
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-2 (bug #862053)
 	NOTE: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
 	NOTE: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
 	NOTE: https://core.trac.wordpress.org/ticket/25239
-CVE-2017-8294 (libyara/re.c in the regex component in YARA 3.5.0 allows remote ...)
+CVE-2017-8294
 	- yara 3.6.0+dfsg-1 (bug #861590)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
@@ -29412,23 +29410,23 @@ CVE-2017-8293
 	RESERVED
 CVE-2017-8292
 	RESERVED
-CVE-2017-8290 (A potential Buffer Overflow Vulnerability (from a BB Code handling ...)
+CVE-2017-8290
 	- teamspeak-server <removed>
 	[wheezy] - teamspeak-server <end-of-life> (non-free is not supported)
-CVE-2017-8289 (Stack-based buffer overflow in the ipv6_addr_from_str function in ...)
+CVE-2017-8289
 	NOT-FOR-US: RIOS OS
-CVE-2017-8288 (gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to ...)
+CVE-2017-8288
 	- gnome-shell 3.22.3-3
 	[jessie] - gnome-shell <no-dsa> (Minor issue)
 	[wheezy] - gnome-shell <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781728
 	NOTE: https://github.com/GNOME/gnome-shell/commit/ff425d1db7082e2755d2a405af53861552acf2a1
-CVE-2017-8305 (The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer ...)
+CVE-2017-8305
 	- udfclient 0.8.8-1 (bug #861347)
-CVE-2017-8301 (LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if ...)
+CVE-2017-8301
 	- libressl <itp> (bug #754513)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/27/11
-CVE-2017-8291 (Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and ...)
+CVE-2017-8291
 	{DSA-3838-1 DLA-932-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #861295)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate of 697799)
@@ -29436,7 +29434,7 @@ CVE-2017-8291 (Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and
 	NOTE: Full report viewable at: https://bugzilla.suse.com/show_bug.cgi?id=1036453
 	NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
 	NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
-CVE-2017-8287 (FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a ...)
+CVE-2017-8287
 	{DSA-3839-1 DLA-931-1}
 	- freetype 2.6.3-3.2 (bug #861308)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0
@@ -29444,113 +29442,113 @@ CVE-2017-8286
 	RESERVED
 CVE-2017-8285
 	RESERVED
-CVE-2017-8284 (** DISPUTED ** The disas_insn function in target/i386/translate.c in ...)
+CVE-2017-8284
 	- qemu 1:2.10.0-1 (unimportant)
 	- qemu-kvm <removed> (unimportant)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=30663fd26c0307e414622c7a8607fbc04f92ec14
 	NOTE: qemu issue without security implication per upstream
-CVE-2017-8282 (XnView Classic for Windows Version 2.40 allows user-assisted remote ...)
+CVE-2017-8282
 	NOT-FOR-US: XnView Classic for Windows
-CVE-2017-8281 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8281
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8280 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8280
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8279 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-8279
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-8278 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8278
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8277 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8277
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8276 (Improper authorization involving a fuse in TrustZone in snapdragon ...)
+CVE-2017-8276
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8275 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-8275
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-8274 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2017-8274
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-8273 (In all Qualcomm products with Android release from CAF using the Linux ...)
+CVE-2017-8273
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8272 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8272
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8271 (Out of bound memory write can happen in the MDSS Rotator driver in all ...)
+CVE-2017-8271
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8270 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8270
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8269 (Userspace-controlled non null terminated parameter for IPA WAN ioctl ...)
+CVE-2017-8269
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8268 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8268
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8267 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8267
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8266 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8266
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8265 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8265
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8264 (A userspace process can cause a Denial of Service in the camera driver ...)
+CVE-2017-8264
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8263 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8263
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8262 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8262
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8261 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8261
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8260 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8260
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8259 (In the service locator in all Qualcomm products with Android releases ...)
+CVE-2017-8259
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8258 (An array out-of-bounds access in all Qualcomm products with Android ...)
+CVE-2017-8258
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8257 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8257
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8256 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8256
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8255 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8255
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8254 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8254
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8253 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8253
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8252
 	RESERVED
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8251 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8251
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8250 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8250
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8249
 	RESERVED
-CVE-2017-8248 (A buffer overflow may occur in the processing of a downlink NAS ...)
+CVE-2017-8248
 	NOT-FOR-US: Qualcomm Telephony
-CVE-2017-8247 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-8247
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8246 (In function msm_pcm_playback_close() in all Android releases from CAF ...)
+CVE-2017-8246
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8245 (In all Android releases from CAF using the Linux kernel, while ...)
+CVE-2017-8245
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8244 (In core_info_read and inst_info_read in all Android releases from CAF ...)
+CVE-2017-8244
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8243 (A buffer overflow can occur in all Qualcomm products with Android for ...)
+CVE-2017-8243
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8242 (In all Android releases from CAF using the Linux kernel, a race ...)
+CVE-2017-8242
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8241 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2017-8241
 	NOT-FOR-US: Android driver
-CVE-2017-8240 (In all Android releases from CAF using the Linux kernel, a kernel ...)
+CVE-2017-8240
 	- linux 4.0.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-8239 (In all Android releases from CAF using the Linux kernel, ...)
+CVE-2017-8239
 	NOT-FOR-US: Android driver
-CVE-2017-8238 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2017-8238
 	NOT-FOR-US: Android driver
-CVE-2017-8237 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2017-8237
 	NOT-FOR-US: Android driver
-CVE-2017-8236 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2017-8236
 	NOT-FOR-US: Android driver
-CVE-2017-8235 (In all Android releases from CAF using the Linux kernel, a memory ...)
+CVE-2017-8235
 	NOT-FOR-US: Android driver
-CVE-2017-8234 (In all Android releases from CAF using the Linux kernel, an out of ...)
+CVE-2017-8234
 	NOT-FOR-US: Android driver
-CVE-2017-8233 (In a camera driver function in all Android releases from CAF using the ...)
+CVE-2017-8233
 	NOT-FOR-US: Android driver
 CVE-2017-8232
 	RESERVED
@@ -29566,232 +29564,232 @@ CVE-2017-8227
 	RESERVED
 CVE-2017-8226
 	RESERVED
-CVE-2017-8283 (dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU ...)
+CVE-2017-8283
 	- dpkg 1.18.24 (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/20/2
-CVE-2017-8225 (On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files ...)
+CVE-2017-8225
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8224 (Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account ...)
+CVE-2017-8224
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8223 (On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the ...)
+CVE-2017-8223
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8222 (Wireless IP Camera (P2P) WIFICAM devices have an &quot;Apple Production IOS ...)
+CVE-2017-8222
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8221 (Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel ...)
+CVE-2017-8221
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8220 (TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build ...)
+CVE-2017-8220
 	NOT-FOR-US: TP-Link
-CVE-2017-8219 (TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build ...)
+CVE-2017-8219
 	NOT-FOR-US: TP-Link
-CVE-2017-8218 (vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 ...)
+CVE-2017-8218
 	NOT-FOR-US: TP-Link
-CVE-2017-8217 (TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build ...)
+CVE-2017-8217
 	NOT-FOR-US: TP-Link
-CVE-2017-8216 (Warsaw Huawei Smart phones with software of versions earlier than ...)
+CVE-2017-8216
 	NOT-FOR-US: Huawei
-CVE-2017-8215 (Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 ...)
+CVE-2017-8215
 	NOT-FOR-US: Huawei
-CVE-2017-8214 (Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 ...)
+CVE-2017-8214
 	NOT-FOR-US: Huawei
-CVE-2017-8213 (Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, ...)
+CVE-2017-8213
 	NOT-FOR-US: Huawei
-CVE-2017-8212 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+CVE-2017-8212
 	NOT-FOR-US: Huawei
-CVE-2017-8211 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+CVE-2017-8211
 	NOT-FOR-US: Huawei
-CVE-2017-8210 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+CVE-2017-8210
 	NOT-FOR-US: Huawei
-CVE-2017-8209 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+CVE-2017-8209
 	NOT-FOR-US: Huawei
-CVE-2017-8208 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+CVE-2017-8208
 	NOT-FOR-US: Huawei
-CVE-2017-8207 (The driver of honor 5C, honor 6x Huawei smart phones with software of ...)
+CVE-2017-8207
 	NOT-FOR-US: Huawei
-CVE-2017-8206 (HONOR 7 Lite mobile phones with software of versions earlier than ...)
+CVE-2017-8206
 	NOT-FOR-US: Huawei
-CVE-2017-8205 (The Bastet driver of Honor 9 Huawei smart phones with software of ...)
+CVE-2017-8205
 	NOT-FOR-US: Huawei
-CVE-2017-8204 (The Bastet driver of Honor 9 Huawei smart phones with software of ...)
+CVE-2017-8204
 	NOT-FOR-US: Huawei
-CVE-2017-8203 (The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with ...)
+CVE-2017-8203
 	NOT-FOR-US: Huawei
-CVE-2017-8202 (The CameraISP driver of some Huawei smart phones with software of ...)
+CVE-2017-8202
 	NOT-FOR-US: Huawei
-CVE-2017-8201 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have ...)
+CVE-2017-8201
 	NOT-FOR-US: Huawei
-CVE-2017-8200 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have ...)
+CVE-2017-8200
 	NOT-FOR-US: Huawei
-CVE-2017-8199 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have ...)
+CVE-2017-8199
 	NOT-FOR-US: Huawei
-CVE-2017-8198 (FusionSphere V100R006C00SPC102(NFV) has an SQL injection ...)
+CVE-2017-8198
 	NOT-FOR-US: Huawei
-CVE-2017-8197 (FusionSphere V100R006C00SPC102(NFV) has a command injection ...)
+CVE-2017-8197
 	NOT-FOR-US: Huawei
-CVE-2017-8196 (FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization ...)
+CVE-2017-8196
 	NOT-FOR-US: Huawei
-CVE-2017-8195 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper ...)
+CVE-2017-8195
 	NOT-FOR-US: Huawei
-CVE-2017-8194 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper ...)
+CVE-2017-8194
 	NOT-FOR-US: Huawei
-CVE-2017-8193 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command ...)
+CVE-2017-8193
 	NOT-FOR-US: Huawei
-CVE-2017-8192 (FusionSphere OpenStack V100R006C00 has an improper authorization ...)
+CVE-2017-8192
 	NOT-FOR-US: Huawei
-CVE-2017-8191 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic ...)
+CVE-2017-8191
 	NOT-FOR-US: Huawei
-CVE-2017-8190 (FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper ...)
+CVE-2017-8190
 	NOT-FOR-US: Huawei
-CVE-2017-8189 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal ...)
+CVE-2017-8189
 	NOT-FOR-US: Huawei
-CVE-2017-8188 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection ...)
+CVE-2017-8188
 	NOT-FOR-US: Huawei
-CVE-2017-8187 (Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege ...)
+CVE-2017-8187
 	NOT-FOR-US: Huawei
-CVE-2017-8186 (The Bastet of some Huawei mobile phones with software of earlier than ...)
+CVE-2017-8186
 	NOT-FOR-US: Huawei
-CVE-2017-8185 (ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a ...)
+CVE-2017-8185
 	NOT-FOR-US: Huawei
-CVE-2017-8184 (MTK platform in Huawei smart phones with software of earlier than ...)
+CVE-2017-8184
 	NOT-FOR-US: Huawei
-CVE-2017-8183 (MTK platform in Huawei smart phones with software of earlier than ...)
+CVE-2017-8183
 	NOT-FOR-US: Huawei
-CVE-2017-8182 (MTK platform in Huawei smart phones with software of earlier than ...)
+CVE-2017-8182
 	NOT-FOR-US: Huawei
-CVE-2017-8181 (The camera driver of MTK platform in Huawei smart phones with software ...)
+CVE-2017-8181
 	NOT-FOR-US: Huawei
-CVE-2017-8180 (The camera driver of MTK platform in Huawei smart phones with software ...)
+CVE-2017-8180
 	NOT-FOR-US: Huawei
-CVE-2017-8179 (The camera driver of MTK platform in Huawei smart phones with software ...)
+CVE-2017-8179
 	NOT-FOR-US: Huawei
-CVE-2017-8178 (Huawei Email APP Vicky-AL00 smartphones with software of earlier than ...)
+CVE-2017-8178
 	NOT-FOR-US: Huawei
-CVE-2017-8177 (Huawei APP HiWallet earlier than 5.0.3.100 versions do not support ...)
+CVE-2017-8177
 	NOT-FOR-US: Huawei
-CVE-2017-8176 (Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 ...)
+CVE-2017-8176
 	NOT-FOR-US: Huawei
-CVE-2017-8175 (The Bastet of some Huawei mobile phones with software earlier than ...)
+CVE-2017-8175
 	NOT-FOR-US: Huawei
-CVE-2017-8174 (Huawei USG6300 V100R001C30SPC300 and USG6600 with software of ...)
+CVE-2017-8174
 	NOT-FOR-US: Huawei
-CVE-2017-8173 (Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart ...)
+CVE-2017-8173
 	NOT-FOR-US: Huawei
-CVE-2017-8172 (Isub service in P10 Plus and P10 smart phones with earlier than ...)
+CVE-2017-8172
 	NOT-FOR-US: Huawei
-CVE-2017-8171 (Huawei smart phones with software earlier than Vicky-AL00AC00B172D ...)
+CVE-2017-8171
 	NOT-FOR-US: Huawei
-CVE-2017-8170 (Huawei smart phones with software earlier than VIE-L09C40B360 versions ...)
+CVE-2017-8170
 	NOT-FOR-US: Huawei
-CVE-2017-8169 (Huawei smart phones with software earlier than VIE-L09C40B360 versions ...)
+CVE-2017-8169
 	NOT-FOR-US: Huawei
-CVE-2017-8168 (FusionSphere OpenStack with software V100R006C00SPC102(NFV) and ...)
+CVE-2017-8168
 	NOT-FOR-US: Huawei
-CVE-2017-8167 (Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A ...)
+CVE-2017-8167
 	NOT-FOR-US: Huawei
-CVE-2017-8166 (Huawei mobile phones Honor V9 with the software versions before ...)
+CVE-2017-8166
 	NOT-FOR-US: Huawei
-CVE-2017-8165 (Mate 9 Huawei smart phones with versions earlier than MHA-AL00BC00B233 ...)
+CVE-2017-8165
 	NOT-FOR-US: Huawei
-CVE-2017-8164 (Some Huawei smart phones with software EVA-L09C34B142; EVA-L09C40B196; ...)
+CVE-2017-8164
 	NOT-FOR-US: Huawei
-CVE-2017-8163 (AR120-S with software V200R006C10, V200R007C00, V200R008C20, ...)
+CVE-2017-8163
 	NOT-FOR-US: Huawei
-CVE-2017-8162 (AR120-S with software V200R006C10, V200R007C00, V200R008C20, ...)
+CVE-2017-8162
 	NOT-FOR-US: Huawei
-CVE-2017-8161 (EVA-L09 smartphones with software Earlier than ...)
+CVE-2017-8161
 	NOT-FOR-US: Huawei
-CVE-2017-8160 (The Madapt Driver of some Huawei smart phones with software Earlier ...)
+CVE-2017-8160
 	NOT-FOR-US: Huawei
-CVE-2017-8159 (Some Huawei smartphones with software ...)
+CVE-2017-8159
 	NOT-FOR-US: Huawei
-CVE-2017-8158 (FusionCompute V100R005C00 and V100R005C10 have an improper ...)
+CVE-2017-8158
 	NOT-FOR-US: Huawei
-CVE-2017-8157 (OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor ...)
+CVE-2017-8157
 	NOT-FOR-US: Huawei
-CVE-2017-8156 (The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 ...)
+CVE-2017-8156
 	NOT-FOR-US: Huawei
-CVE-2017-8155 (The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 ...)
+CVE-2017-8155
 	NOT-FOR-US: Huawei
-CVE-2017-8154 (The Themes App Honor 8 Lite Huawei mobile phones with software of ...)
+CVE-2017-8154
 	NOT-FOR-US: Huawei
-CVE-2017-8153 (Huawei VMall (for Android) with the versions before 1.5.8.5 have a ...)
+CVE-2017-8153
 	NOT-FOR-US: Huawei
-CVE-2017-8152 (Huawei Honor 5S smart phones with software the versions before ...)
+CVE-2017-8152
 	NOT-FOR-US: Huawei
-CVE-2017-8151 (Huawei Honor 5S smart phones with software the versions before ...)
+CVE-2017-8151
 	NOT-FOR-US: Huawei
-CVE-2017-8150 (The boot loaders of P10 and P10 Plus Huawei mobile phones with ...)
+CVE-2017-8150
 	NOT-FOR-US: Huawei
-CVE-2017-8149 (The boot loaders of P10 and P10 Plus Huawei mobile phones with ...)
+CVE-2017-8149
 	NOT-FOR-US: Huawei
-CVE-2017-8148 (Audio driver in P9 smartphones with software The versions before ...)
+CVE-2017-8148
 	NOT-FOR-US: Huawei
-CVE-2017-8147 (AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software ...)
+CVE-2017-8147
 	NOT-FOR-US: Huawei
-CVE-2017-8146 (The call module of P10 and P10 Plus smartphones with software ...)
+CVE-2017-8146
 	NOT-FOR-US: Huawei
-CVE-2017-8145 (The call module of P10 and P10 Plus smartphones with software ...)
+CVE-2017-8145
 	NOT-FOR-US: Huawei
-CVE-2017-8144 (Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones ...)
+CVE-2017-8144
 	NOT-FOR-US: Huawei
-CVE-2017-8143 (Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software ...)
+CVE-2017-8143
 	NOT-FOR-US: Huawei
-CVE-2017-8142 (The Trusted Execution Environment (TEE) module driver of Mate 9 and ...)
+CVE-2017-8142
 	NOT-FOR-US: Huawei
-CVE-2017-8141 (The Touch Panel (TP) driver in P10 Plus smart phones with software ...)
+CVE-2017-8141
 	NOT-FOR-US: Huawei
-CVE-2017-8140 (The soundtrigger driver in P9 Plus smart phones with software versions ...)
+CVE-2017-8140
 	NOT-FOR-US: Huawei
-CVE-2017-8139 (HedEx Earlier than V200R006C00 versions have the stored cross-site ...)
+CVE-2017-8139
 	NOT-FOR-US: Huawei
-CVE-2017-8138 (HedEx Earlier than V200R006C00 versions has a cross-site request ...)
+CVE-2017-8138
 	NOT-FOR-US: Huawei
-CVE-2017-8137 (HedEx Earlier than V200R006C00 versions has a dynamic link library ...)
+CVE-2017-8137
 	NOT-FOR-US: Huawei
-CVE-2017-8136 (HedEx Earlier than V200R006C00 versions has an arbitrary file download ...)
+CVE-2017-8136
 	NOT-FOR-US: Huawei
-CVE-2017-8135 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+CVE-2017-8135
 	NOT-FOR-US: Huawei
-CVE-2017-8134 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+CVE-2017-8134
 	NOT-FOR-US: Huawei
-CVE-2017-8133 (Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a ...)
+CVE-2017-8133
 	NOT-FOR-US: Huawei
-CVE-2017-8132 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+CVE-2017-8132
 	NOT-FOR-US: Huawei
-CVE-2017-8131 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+CVE-2017-8131
 	NOT-FOR-US: Huawei
-CVE-2017-8130 (The UMA product with software V200R001 and V300R001 has an information ...)
+CVE-2017-8130
 	NOT-FOR-US: Huawei
-CVE-2017-8129 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+CVE-2017-8129
 	NOT-FOR-US: Huawei
-CVE-2017-8128 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+CVE-2017-8128
 	NOT-FOR-US: Huawei
-CVE-2017-8127 (The UMA product with software V200R001 has a cross-site scripting ...)
+CVE-2017-8127
 	NOT-FOR-US: Huawei
-CVE-2017-8126 (The UMA product with software V200R001 has a privilege elevation ...)
+CVE-2017-8126
 	NOT-FOR-US: Huawei
-CVE-2017-8125 (The UMA product with software V200R001 and V300R001 has a cross-site ...)
+CVE-2017-8125
 	NOT-FOR-US: Huawei
-CVE-2017-8124 (The UMA product with software V200R001 has a privilege elevation ...)
+CVE-2017-8124
 	NOT-FOR-US: Huawei
-CVE-2017-8123 (The UMA product with software V200R001 has a privilege elevation ...)
+CVE-2017-8123
 	NOT-FOR-US: Huawei
-CVE-2017-8122 (The UMA product with software V200R001 has a privilege elevation ...)
+CVE-2017-8122
 	NOT-FOR-US: Huawei
-CVE-2017-8121 (The UMA product with software V200R001 and V300R001 has an information ...)
+CVE-2017-8121
 	NOT-FOR-US: Huawei
-CVE-2017-8120 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+CVE-2017-8120
 	NOT-FOR-US: Huawei
-CVE-2017-8119 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+CVE-2017-8119
 	NOT-FOR-US: Huawei
-CVE-2017-8118 (The UMA product with software V200R001 and V300R001 has an information ...)
+CVE-2017-8118
 	NOT-FOR-US: Huawei
-CVE-2017-8117 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+CVE-2017-8117
 	NOT-FOR-US: Huawei
-CVE-2017-8116 (The management interface for the Teltonika RUT9XX routers (aka LuCI) ...)
+CVE-2017-8116
 	NOT-FOR-US: Teltonika RUT9XX routers
-CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...)
+CVE-2017-8115
 	NOT-FOR-US: MODX
-CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by authenticated ...)
+CVE-2017-8114
 	{DLA-933-1}
 	- roundcube 1.2.3+dfsg.1-4 (bug #861388)
 	NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5
@@ -29802,7 +29800,7 @@ CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by authenticat
 	NOTE: https://github.com/roundcube/roundcubemail/commit/271426429bfbb5b63e6dec91b1e4780e8ef1c67e (1.0.x)
 CVE-2017-8113
 	RESERVED
-CVE-2017-8112 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest ...)
+CVE-2017-8112
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-5 (bug #861351)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -29812,44 +29810,44 @@ CVE-2017-8112 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local gu
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=f68826989cd4d1217797251339579c57b3c0934e
 CVE-2017-8111
 	RESERVED
-CVE-2017-8110 (www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 ...)
+CVE-2017-8110
 	NOT-FOR-US: modified eCommerce Shopsoftware
-CVE-2017-8109 (The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 ...)
+CVE-2017-8109
 	- salt 2016.11.5+ds-1 (bug #861219)
 	[stretch] - salt 2016.11.2+ds-1+deb9u2
 	[jessie] - salt <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/saltstack/salt/issues/40075
 	NOTE: https://github.com/saltstack/salt/pull/40609
 	NOTE: https://github.com/saltstack/salt/commit/8492cef7a5c8871a3978ffc2f6e48b3b960e0151
-CVE-2017-8108 (Unspecified tests in Lynis before 2.5.0 allow local users to write to ...)
+CVE-2017-8108
 	- lynis 2.5.0-1 (unimportant)
 	[wheezy] - lynis <not-affected> (Vulnerable code do not exist)
 	NOTE: Neutralised by kernel hardening
 CVE-2017-8107
 	RESERVED
-CVE-2017-8106 (The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel ...)
+CVE-2017-8106
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://git.kernel.org/linus/bfd0a56b90005f8c8a004baf407ad90045c2b11e (3.12-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/4b855078601fc422dbac3059f2215e776f49780f (3.16-rc4)
-CVE-2017-8105 (FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a ...)
+CVE-2017-8105
 	{DSA-3839-1 DLA-918-1}
 	- freetype 2.6.3-3.2 (bug #861220)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
-CVE-2017-8104 (In MyBB before 1.8.11, the smilie module allows Directory Traversal via ...)
+CVE-2017-8104
 	NOT-FOR-US: MyBB
-CVE-2017-8103 (In MyBB before 1.8.11, the Email MyCode component allows XSS, as ...)
+CVE-2017-8103
 	NOT-FOR-US: MyBB
-CVE-2017-8102 (Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an ...)
+CVE-2017-8102
 	- serendipity <removed>
-CVE-2017-8101 (There is CSRF in Serendipity 2.0.5, allowing attackers to install any ...)
+CVE-2017-8101
 	- serendipity <removed>
-CVE-2017-8100 (There is CSRF in the CopySafe Web Protection plugin before 2.6 for ...)
+CVE-2017-8100
 	NOT-FOR-US: CopySafe Web Protection plugin
-CVE-2017-8099 (There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing ...)
+CVE-2017-8099
 	NOT-FOR-US: WHIZZ plugin for Wordpress
-CVE-2017-8098 (e107 2.1.4 is vulnerable to cross-site request forgery in ...)
+CVE-2017-8098
 	NOT-FOR-US: e107
 CVE-2017-8097
 	RESERVED
@@ -29873,136 +29871,136 @@ CVE-2017-8088
 	RESERVED
 CVE-2017-8087
 	RESERVED
-CVE-2017-8086 (Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in ...)
+CVE-2017-8086
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-5 (bug #861348)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4ffcdef4277a91af15a3c09f7d16af072c29f3f2 (v2.9.0-rc4)
 	NOTE: Introduced possibly by the fix d10142c11bdcecebe97fd834a834167053b7a05c to
 	NOTE: partially fix CVE-2016-9602.
-CVE-2017-8085 (In Exponent CMS before 2.4.1 Patch #5, XSS in elFinder is possible in ...)
+CVE-2017-8085
 	NOT-FOR-US: Exponent CMS
-CVE-2017-1000363 (Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds ...)
+CVE-2017-1000363
 	{DSA-3945-1 DLA-1099-1}
 	- linux 4.9.30-1 (low)
 	NOTE: Fixed by: https://git.kernel.org/linus/3e21f4af170bebf47c187c1ff8bf155583c9f3b1 (4.12-rc2)
 	NOTE: https://alephsecurity.com/vulns/aleph-2017023
-CVE-2017-1000361 (DOMRpcImplementationNotAvailableException when sending Port-Status ...)
+CVE-2017-1000361
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000360 (StreamCorruptedException and NullPointerException in OpenDaylight ...)
+CVE-2017-1000360
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000359 (Java out of memory error and significant increase in resource ...)
+CVE-2017-1000359
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000358 (Controller throws an exception and does not allow user to add ...)
+CVE-2017-1000358
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000357 (Denial of Service attack when the switch rejects to receive packets ...)
+CVE-2017-1000357
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000356 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ...)
+CVE-2017-1000356
 	- jenkins <removed>
-CVE-2017-1000355 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ...)
+CVE-2017-1000355
 	- jenkins <removed>
-CVE-2017-1000354 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ...)
+CVE-2017-1000354
 	- jenkins <removed>
-CVE-2017-1000353 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ...)
+CVE-2017-1000353
 	- jenkins <removed>
 CVE-2017-8084
 	RESERVED
-CVE-2017-8083 (CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 ...)
+CVE-2017-8083
 	NOT-FOR-US: CompuLab Intense PC and MintBox 2 devices
-CVE-2017-8082 (concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which ...)
+CVE-2017-8082
 	NOT-FOR-US: concrete5
-CVE-2017-8081 (Poor cryptographic salt initialization in ...)
+CVE-2017-8081
 	NOT-FOR-US: GetSimple CMS
-CVE-2017-8080 (Atlassian Hipchat Server before 2.2.4 allows remote authenticated ...)
+CVE-2017-8080
 	NOT-FOR-US: HipChat
 CVE-2017-8079
 	RESERVED
-CVE-2017-8078 (On the TP-Link TL-SG108E 1.0, the upgrade process can be requested ...)
+CVE-2017-8078
 	NOT-FOR-US: TP-Link
-CVE-2017-8077 (On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a ...)
+CVE-2017-8077
 	NOT-FOR-US: TP-Link
-CVE-2017-8076 (On the TP-Link TL-SG108E 1.0, admin network communications are RC4 ...)
+CVE-2017-8076
 	NOT-FOR-US: TP-Link
-CVE-2017-8075 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve ...)
+CVE-2017-8075
 	NOT-FOR-US: TP-Link
-CVE-2017-8074 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve ...)
+CVE-2017-8074
 	NOT-FOR-US: TP-Link
-CVE-2017-8073 (WeeChat before 1.7.1 allows a remote crash by sending a filename via ...)
+CVE-2017-8073
 	{DSA-3836-1 DLA-919-1}
 	- weechat 1.7-3 (bug #861121)
 	[stretch] - weechat 1.6-1+deb9u1
 	NOTE: https://github.com/weechat/weechat/commit/2fb346f25f79e412cf0ed314fdf791763c19b70b
-CVE-2017-8072 (The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c ...)
+CVE-2017-8072
 	- linux 4.9.10-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8e9faa15469ed7c7467423db4c62aeed3ff4cae3
-CVE-2017-8071 (drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a ...)
+CVE-2017-8071
 	- linux 4.9.10-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/7a7b5df84b6b4e5d599c7289526eed96541a0654
-CVE-2017-8070 (drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 ...)
+CVE-2017-8070
 	- linux 4.9.13-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478
-CVE-2017-8069 (drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 ...)
+CVE-2017-8069
 	- linux 4.9.13-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/7926aff5c57b577ab0f43364ff0c59d968f6a414
-CVE-2017-8068 (drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 ...)
+CVE-2017-8068
 	- linux 4.9.10-1 (bug #852556)
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/5593523f968bc86d42a035c6df47d5e0979b5ace
-CVE-2017-8067 (drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x ...)
+CVE-2017-8067
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/c4baad50297d84bde1a7ad45e50c73adae4a2192
-CVE-2017-8066 (drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x ...)
+CVE-2017-8066
 	- linux 4.9.16-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/c919a3069c775c1c876bec55e00b2305d5125caa
-CVE-2017-8065 (crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 ...)
+CVE-2017-8065
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/3b30460c5b0ed762be75a004e924ec3f8711e032
-CVE-2017-8064 (drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x ...)
+CVE-2017-8064
 	{DSA-3886-1}
 	- linux 4.9.25-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/005145378c9ad7575a01b6ce1ba118fb427f583a
-CVE-2017-8063 (drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x ...)
+CVE-2017-8063
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/3f190e3aec212fc8c61e202c51400afa7384d4bc
-CVE-2017-8062 (drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and ...)
+CVE-2017-8062
 	- linux 4.9.16-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/606142af57dad981b78707234cfbd15f9f7b7125
-CVE-2017-8061 (drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x ...)
+CVE-2017-8061
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/67b0503db9c29b04eadfeede6bebbfe5ddad94ef
-CVE-2017-8060 (Acceptance of invalid/self-signed TLS certificates in &quot;Panda Mobile ...)
+CVE-2017-8060
 	NOT-FOR-US: Panda
-CVE-2017-8059 (Acceptance of invalid/self-signed TLS certificates in &quot;Foxit PDF - PDF ...)
+CVE-2017-8059
 	NOT-FOR-US: Foxit
-CVE-2017-8058 (Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat ...)
+CVE-2017-8058
 	NOT-FOR-US: HipChat
-CVE-2017-8057 (In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused ...)
+CVE-2017-8057
 	NOT-FOR-US: Joomla!
-CVE-2017-8056 (WatchGuard Fireware v11.12.1 and earlier mishandles requests referring ...)
+CVE-2017-8056
 	NOT-FOR-US: WatchGuard
-CVE-2017-8055 (WatchGuard Fireware allows user enumeration, e.g., in the Firebox ...)
+CVE-2017-8055
 	NOT-FOR-US: WatchGuard
-CVE-2017-8054 (The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 ...)
+CVE-2017-8054
 	- libpodofo 0.9.5-9 (bug #860995)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -30016,7 +30014,7 @@ CVE-2017-8054 (The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cp
 	NOTE: partially reverted in: https://sourceforge.net/p/podofo/code/1881
 	NOTE: ... and re-fixed in: https://sourceforge.net/p/podofo/code/1882
 	NOTE: and https://sourceforge.net/p/podofo/code/1883
-CVE-2017-8053 (PoDoFo 0.9.5 allows denial of service (infinite recursion and stack ...)
+CVE-2017-8053
 	- libpodofo 0.9.6+dfsg-3 (bug #860994)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -30025,55 +30023,55 @@ CVE-2017-8053 (PoDoFo 0.9.5 allows denial of service (infinite recursion and sta
 	NOTE: https://sourceforge.net/p/podofo/tickets/7/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1834
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1924
-CVE-2017-8052 (Craft CMS before 2.6.2974 allows XSS attacks. ...)
+CVE-2017-8052
 	NOT-FOR-US: Craft CMS
-CVE-2017-8051 (Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a ...)
+CVE-2017-8051
 	NOT-FOR-US: Tenable Appliance
-CVE-2017-8050 (Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web ...)
+CVE-2017-8050
 	NOT-FOR-US: Tenable Appliance
 CVE-2017-8049
 	REJECTED
-CVE-2017-8048 (In Cloud Foundry capi-release versions 1.33.0 and later, prior to ...)
+CVE-2017-8048
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8047 (In Cloud Foundry router routing-release all versions prior to v0.163.0 ...)
+CVE-2017-8047
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8046 (Malicious PATCH requests submitted to servers using Spring Data REST ...)
+CVE-2017-8046
 	NOT-FOR-US: Spring Data REST
-CVE-2017-8045 (In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an ...)
+CVE-2017-8045
 	NOT-FOR-US: Spring AMQP
-CVE-2017-8044 (In Pivotal Single Sign-On for PCF (1.3.x versions prior to 1.3.4 and ...)
+CVE-2017-8044
 	NOT-FOR-US: Pivotal SSO
 CVE-2017-8043
 	REJECTED
 CVE-2017-8042
 	REJECTED
-CVE-2017-8041 (In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior ...)
+CVE-2017-8041
 	NOT-FOR-US: Pivotal
-CVE-2017-8040 (In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior ...)
+CVE-2017-8040
 	NOT-FOR-US: Pivotal
-CVE-2017-8039 (An issue was discovered in Pivotal Spring Web Flow through 2.4.5. ...)
+CVE-2017-8039
 	NOT-FOR-US: Spring Web Flow
-CVE-2017-8038 (In Cloud Foundry Foundation Credhub-release version 1.1.0, access ...)
+CVE-2017-8038
 	NOT-FOR-US: Cloud Foundry Foundation Credhub-release
-CVE-2017-8037 (In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and ...)
+CVE-2017-8037
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8036 (An issue was discovered in the Cloud Controller API in Cloud Foundry ...)
+CVE-2017-8036
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8035 (An issue was discovered in the Cloud Controller API in Cloud Foundry ...)
+CVE-2017-8035
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8034 (The Cloud Controller and Router in Cloud Foundry (CAPI-release capi ...)
+CVE-2017-8034
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8033 (An issue was discovered in the Cloud Controller API in Cloud Foundry ...)
+CVE-2017-8033
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8032 (In Cloud Foundry cf-release versions prior to v264; UAA release all ...)
+CVE-2017-8032
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8031 (An issue was discovered in Cloud Foundry Foundation cf-release (all ...)
+CVE-2017-8031
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-8030
 	REJECTED
 CVE-2017-8029
 	REJECTED
-CVE-2017-8028 (In Pivotal Spring-LDAP versions 1.3.0 - 2.3.1, when connected to some ...)
+CVE-2017-8028
 	{DSA-4046-1 DLA-1180-1}
 	- libspring-ldap-java <removed>
 	NOTE: https://pivotal.io/security/cve-2017-8028
@@ -30082,35 +30080,35 @@ CVE-2017-8027
 	REJECTED
 CVE-2017-8026
 	REJECTED
-CVE-2017-8025 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary ...)
+CVE-2017-8025
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-8024 (EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, ...)
+CVE-2017-8024
 	NOT-FOR-US: EMC
 CVE-2017-8023
 	RESERVED
-CVE-2017-8022 (An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all ...)
+CVE-2017-8022
 	NOT-FOR-US: EMC
-CVE-2017-8021 (EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an ...)
+CVE-2017-8021
 	NOT-FOR-US: EMC Elastic Cloud Storage
-CVE-2017-8020 (An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow ...)
+CVE-2017-8020
 	NOT-FOR-US: EMC
-CVE-2017-8019 (An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in ...)
+CVE-2017-8019
 	NOT-FOR-US: EMC
-CVE-2017-8018 (EMC AppSync host plug-in versions 3.5 and below (Windows platform only) ...)
+CVE-2017-8018
 	NOT-FOR-US: EMC AppSync
-CVE-2017-8017 (EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and ...)
+CVE-2017-8017
 	NOT-FOR-US: EMC Network Configuration Manager
-CVE-2017-8016 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored ...)
+CVE-2017-8016
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-8015 (EMC AppSync (all versions prior to 3.5) contains a SQL injection ...)
+CVE-2017-8015
 	NOT-FOR-US: EMC
 CVE-2017-8014
 	REJECTED
-CVE-2017-8013 (EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before ...)
+CVE-2017-8013
 	NOT-FOR-US: EMC Data Protection Adv
-CVE-2017-8012 (In EMC ViPR SRM, Storage M&amp;R, VNX M&amp;R, and M&amp;R (Watch4Net) for SAS ...)
+CVE-2017-8012
 	NOT-FOR-US: EMC
-CVE-2017-8011 (EMC ViPR SRM, EMC Storage M&amp;R, EMC VNX M&amp;R, EMC M&amp;R for SAS Solution ...)
+CVE-2017-8011
 	NOT-FOR-US: EMC
 CVE-2017-8010
 	REJECTED
@@ -30118,35 +30116,35 @@ CVE-2017-8009
 	REJECTED
 CVE-2017-8008
 	REJECTED
-CVE-2017-8007 (In EMC ViPR SRM, Storage M&amp;R, VNX M&amp;R, and M&amp;R (Watch4Net) for SAS ...)
+CVE-2017-8007
 	NOT-FOR-US: EMC
-CVE-2017-8006 (In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a ...)
+CVE-2017-8006
 	NOT-FOR-US: EMC
-CVE-2017-8005 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and ...)
+CVE-2017-8005
 	NOT-FOR-US: EMC
-CVE-2017-8004 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and ...)
+CVE-2017-8004
 	NOT-FOR-US: EMC
-CVE-2017-8003 (EMC Data Protection Advisor prior to 6.4 contains a path traversal ...)
+CVE-2017-8003
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2017-8002 (EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL ...)
+CVE-2017-8002
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2017-8001 (An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, ...)
+CVE-2017-8001
 	NOT-FOR-US: EMC
-CVE-2017-8000 (In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA ...)
+CVE-2017-8000
 	NOT-FOR-US: EMC
-CVE-2017-7999 (Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote ...)
+CVE-2017-7999
 	NOT-FOR-US: Atlassian Eucalyptus
-CVE-2017-7998 (Multiple cross-site scripting (XSS) vulnerabilities in Gespage before ...)
+CVE-2017-7998
 	NOT-FOR-US: Gespage
-CVE-2017-7997 (Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow ...)
+CVE-2017-7997
 	NOT-FOR-US: Gespage
 CVE-2017-7996
 	RESERVED
-CVE-2017-7995 (Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges ...)
+CVE-2017-7995
 	{DLA-964-1}
 	- xen 4.3.0-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1033948
-CVE-2017-7994 (The function TextExtractor::ExtractText in TextExtractor.cpp:77 in ...)
+CVE-2017-7994
 	- libpodofo 0.9.5-7 (bug #860930)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -30156,27 +30154,27 @@ CVE-2017-7994 (The function TextExtractor::ExtractText in TextExtractor.cpp:77 i
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1849
 CVE-2017-7993
 	RESERVED
-CVE-2017-7992 (Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php ...)
+CVE-2017-7992
 	NOT-FOR-US: Heartland Payment Systems Payment Gateway PHP SDK
-CVE-2017-7991 (Exponent CMS 2.4.1 and earlier has SQL injection via a base64 ...)
+CVE-2017-7991
 	NOT-FOR-US: Exponent CMS
-CVE-2017-7990 (The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with ...)
+CVE-2017-7990
 	NOT-FOR-US: OpenMRS
-CVE-2017-7989 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type ...)
+CVE-2017-7989
 	NOT-FOR-US: Joomla!
-CVE-2017-7988 (In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
+CVE-2017-7988
 	NOT-FOR-US: Joomla!
-CVE-2017-7987 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping of ...)
+CVE-2017-7987
 	NOT-FOR-US: Joomla!
-CVE-2017-7986 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
+CVE-2017-7986
 	NOT-FOR-US: Joomla!
-CVE-2017-7985 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
+CVE-2017-7985
 	NOT-FOR-US: Joomla!
-CVE-2017-7984 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering ...)
+CVE-2017-7984
 	NOT-FOR-US: Joomla!
-CVE-2017-7983 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the ...)
+CVE-2017-7983
 	NOT-FOR-US: Joomla!
-CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in ...)
+CVE-2017-7982
 	- libplist 1.12+git+1+e37ca00-0.3 (bug #860945)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <no-dsa> (Minor issue)
@@ -30184,64 +30182,64 @@ CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in ..
 	NOTE: https://github.com/libimobiledevice/libplist/issues/103
 	NOTE: The issue seems covered in prior versions of upstream dccd9290745345896e3a4a73154576a599fd8b7b
 	NOTE: which is CVE-2017-6440.
-CVE-2017-7981 (Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 ...)
+CVE-2017-7981
 	NOT-FOR-US: Enalean Tuleap
-CVE-2017-7980 (Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick ...)
+CVE-2017-7980
 	{DLA-1497-1 DLA-1035-1 DLA-939-1}
 	- qemu 1:2.8+dfsg-4
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=026aeffcb4752054830ba203020ed6eb05bcaba8
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ffaf857778286ca54e3804432a2369a279e73aa7
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=f019722cbbb45aea153294fc8921fcc96a4d3fa2
-CVE-2017-7978 (Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software ...)
+CVE-2017-7978
 	NOT-FOR-US: Samsung
-CVE-2017-7979 (The cookie feature in the packet action API implementation in ...)
+CVE-2017-7979
 	- linux <not-affected> (Only affects 4.11-rc1 onwards)
-CVE-2017-7977 (The Screensavercc component in eLux RP before 5.5.0 allows attackers ...)
+CVE-2017-7977
 	NOT-FOR-US: Screensavercc component in eLux RP
-CVE-2017-7976 (Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of ...)
+CVE-2017-7976
 	{DSA-3855-1 DLA-942-1}
 	- jbig2dec 0.13-4.1 (bug #860787)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697683
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ed6c5133a1004ce8d
-CVE-2017-7975 (Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds ...)
+CVE-2017-7975
 	{DSA-3855-1 DLA-942-1}
 	- jbig2dec 0.13-4.1 (bug #860788)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697693
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5e57e483298dae8b
-CVE-2017-7974 (A path traversal information disclosure vulnerability exists in ...)
+CVE-2017-7974
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7973 (A SQL injection vulnerability exists in Schneider Electric's U.motion ...)
+CVE-2017-7973
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7972 (A vulnerability exists in Schneider Electric's PowerSCADA Anywhere ...)
+CVE-2017-7972
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7971 (A vulnerability exists in Schneider Electric's PowerSCADA Anywhere ...)
+CVE-2017-7971
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7970 (A vulnerability exists in Schneider Electric's PowerSCADA Anywhere ...)
+CVE-2017-7970
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7969 (A cross-site request forgery vulnerability exists on the Secure ...)
+CVE-2017-7969
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7968 (An Incorrect Default Permissions issue was discovered in Schneider ...)
+CVE-2017-7968
 	NOT-FOR-US: Schneider
-CVE-2017-7967 (All versions of VAMPSET software produced by Schneider Electric, prior ...)
+CVE-2017-7967
 	NOT-FOR-US: Schneider
-CVE-2017-7966 (A DLL Hijacking vulnerability in the programming software in Schneider ...)
+CVE-2017-7966
 	NOT-FOR-US: Schneider
-CVE-2017-7965 (A buffer overflow vulnerability exists in Programming Software ...)
+CVE-2017-7965
 	NOT-FOR-US: Schneider
-CVE-2017-7964 (Zyxel WRE6505 devices have a default TELNET password of 1234 for the ...)
+CVE-2017-7964
 	NOT-FOR-US: Zyxel
-CVE-2017-7963 (** DISPUTED ** The GNU Multiple Precision Arithmetic Library (GMP) ...)
+CVE-2017-7963
 	NOTE: PHP non-issue, might get rejected
-CVE-2017-7962 (The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ...)
+CVE-2017-7962
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7961 (** DISPUTED ** The cr_tknzr_parse_rgb function in cr-tknzr.c in ...)
+CVE-2017-7961
 	{DLA-909-1}
 	- libcroco 0.6.11-3 (bug #860961)
 	[jessie] - libcroco <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/
 	NOTE: https://git.gnome.org/browse/libcroco/commit/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7
-CVE-2017-7960 (The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and ...)
+CVE-2017-7960
 	{DLA-909-1}
 	- libcroco 0.6.11-3 (bug #860961)
 	[jessie] - libcroco <no-dsa> (Minor issue; will be fixed via point release)
@@ -30251,7 +30249,7 @@ CVE-2017-7959
 	RESERVED
 CVE-2017-7958
 	RESERVED
-CVE-2017-7957 (XStream through 1.4.9, when a certain denyTypes workaround is not used, ...)
+CVE-2017-7957
 	{DSA-3841-1 DLA-930-1}
 	- libxstream-java 1.4.9-2 (bug #861521)
 	NOTE: https://x-stream.github.io/CVE-2017-7957.html
@@ -30262,17 +30260,17 @@ CVE-2017-7955
 	RESERVED
 CVE-2017-7954
 	RESERVED
-CVE-2017-7953 (INFOR EAM V11.0 Build 201410 has XSS via comment fields. ...)
+CVE-2017-7953
 	NOT-FOR-US: INFOR EAM
-CVE-2017-7952 (INFOR EAM V11.0 Build 201410 has SQL injection via search fields, ...)
+CVE-2017-7952
 	NOT-FOR-US: INFOR EAM
-CVE-2017-7951 (WonderCMS before 2.0.3 has CSRF because of lack of a token in an ...)
+CVE-2017-7951
 	NOT-FOR-US: WonderCMS
-CVE-2017-7950 (Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial ...)
+CVE-2017-7950
 	NOT-FOR-US: Nitro Pro
 CVE-2017-7949
 	RESERVED
-CVE-2017-7948 (Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 ...)
+CVE-2017-7948
 	- ghostscript 9.22~dfsg-1 (unimportant)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
@@ -30280,129 +30278,129 @@ CVE-2017-7948 (Integer overflow in the mark_curve function in Artifex Ghostscrip
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;h=8210a2864372723b49c526e2b102fdc00c9c4699
 	NOTE: edgebuffer scan converter was made default only in: http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308
 	NOTE: But the vulnerable code via base/gxscan.c, a new scan converter introduced in 9.20 is present.
-CVE-2017-7947 (NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 ...)
+CVE-2017-7947
 	NOT-FOR-US: NetApp
-CVE-2017-7946 (The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...)
+CVE-2017-7946
 	- radare2 1.1.0+dfsg-5 (low; bug #860962)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7301
 	NOTE: https://github.com/radare/radare2/commit/d1e8ac62c6d978d4662f69116e30230d43033c92
-CVE-2017-7945 (The GlobalProtect external interface in Palo Alto Networks PAN-OS ...)
+CVE-2017-7945
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7944 (XOOPS Core 2.5.8.1 has XSS due to unescaped HTML output of an Install ...)
+CVE-2017-7944
 	NOT-FOR-US: XOOPS
-CVE-2017-7943 (The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote ...)
+CVE-2017-7943
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860736)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/427
-CVE-2017-7942 (The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote ...)
+CVE-2017-7942
 	- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860735)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present, does not use pixel_info yet)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present, does not use pixel_info yet)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/429
-CVE-2017-7941 (The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote ...)
+CVE-2017-7941
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860734)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/428
-CVE-2017-7940 (The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ...)
+CVE-2017-7940
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7939 (The read_next_pam_token function in imagew-pnm.c in libimageworsener.a ...)
+CVE-2017-7939
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7938 (Stack-based buffer overflow in DMitry (Deepmagic Information Gathering ...)
+CVE-2017-7938
 	NOT-FOR-US: DMitry
-CVE-2017-7937 (An Improper Authentication issue was discovered in Phoenix Contact GmbH ...)
+CVE-2017-7937
 	NOT-FOR-US: Phoenix Contact
-CVE-2017-7936 (A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX ...)
+CVE-2017-7936
 	NOT-FOR-US: NXP i.MX devices
-CVE-2017-7935 (A Resource Exhaustion issue was discovered in Phoenix Contact GmbH ...)
+CVE-2017-7935
 	NOT-FOR-US: Phoenix Contact
-CVE-2017-7934 (An Improper Authentication issue was discovered in OSIsoft PI Server ...)
+CVE-2017-7934
 	NOT-FOR-US: OSIsoft
-CVE-2017-7933 (In ABB IP GATEWAY 3.39 and prior, some configuration files contain ...)
+CVE-2017-7933
 	NOT-FOR-US: ABB
-CVE-2017-7932 (An improper certificate validation issue was discovered in NXP i.MX 28 ...)
+CVE-2017-7932
 	NOT-FOR-US: NXP i.MX devices
-CVE-2017-7931 (In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform ...)
+CVE-2017-7931
 	NOT-FOR-US: ABB
-CVE-2017-7930 (An Improper Authentication issue was discovered in OSIsoft PI Server ...)
+CVE-2017-7930
 	NOT-FOR-US: OSIsoft
-CVE-2017-7929 (An Absolute Path Traversal issue was discovered in Advantech WebAccess ...)
+CVE-2017-7929
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-7928 (An Improper Access Control issue was discovered in Schweitzer ...)
+CVE-2017-7928
 	NOT-FOR-US: Schweitzer Engineering Laboratories Security Gateway
-CVE-2017-7927 (A Use of Password Hash Instead of Password for Authentication issue was ...)
+CVE-2017-7927
 	NOT-FOR-US: Dahua
-CVE-2017-7926 (A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API ...)
+CVE-2017-7926
 	NOT-FOR-US: OSIsoft
-CVE-2017-7925 (A Password in Configuration File issue was discovered in Dahua ...)
+CVE-2017-7925
 	NOT-FOR-US: Dahua
-CVE-2017-7924 (An Improper Input Validation issue was discovered in Rockwell ...)
+CVE-2017-7924
 	NOT-FOR-US: Rockwell
-CVE-2017-7923 (A Password in Configuration File issue was discovered in Hikvision ...)
+CVE-2017-7923
 	NOT-FOR-US: Hikvision
-CVE-2017-7922 (An Improper Privilege Management issue was discovered in Cambium ...)
+CVE-2017-7922
 	NOT-FOR-US: Cambium Networks ePMP
-CVE-2017-7921 (An Improper Authentication issue was discovered in Hikvision ...)
+CVE-2017-7921
 	NOT-FOR-US: Hikvision
-CVE-2017-7920 (An Improper Authentication issue was discovered in ABB VSN300 WiFi ...)
+CVE-2017-7920
 	NOT-FOR-US: ABB WiFi Logger Card
-CVE-2017-7919 (An Improper Authentication issue was discovered in Newport XPS-Cx and ...)
+CVE-2017-7919
 	NOT-FOR-US: Newport
-CVE-2017-7918 (An Improper Access Control issue was discovered in Cambium Networks ...)
+CVE-2017-7918
 	NOT-FOR-US: Cambium Networks ePMP
-CVE-2017-7917 (A Cross-Site Request Forgery issue was discovered in Moxa OnCell ...)
+CVE-2017-7917
 	NOT-FOR-US: Moxa
-CVE-2017-7916 (A Permissions, Privileges, and Access Controls issue was discovered in ...)
+CVE-2017-7916
 	NOT-FOR-US: ABB WiFi Logger Card
-CVE-2017-7915 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
+CVE-2017-7915
 	NOT-FOR-US: Moxa
-CVE-2017-7914 (A Missing Authorization issue was discovered in Rockwell Automation ...)
+CVE-2017-7914
 	NOT-FOR-US: Rockwell Rockwell PanelView Plus
-CVE-2017-7913 (A Plaintext Storage of a Password issue was discovered in Moxa OnCell ...)
+CVE-2017-7913
 	NOT-FOR-US: Moxa
 CVE-2017-7912
 	RESERVED
-CVE-2017-7911 (A Code Injection issue was discovered in CyberVision Kaa IoT Platform, ...)
+CVE-2017-7911
 	NOT-FOR-US: CyberVision Kaa IoT Platform
-CVE-2017-7910 (A Stack-Based Buffer Overflow issue was discovered in Digital Canal ...)
+CVE-2017-7910
 	NOT-FOR-US: Digital Canal Structural Wind Analysis
-CVE-2017-7909 (A Use of Client-Side Authentication issue was discovered in Advantech ...)
+CVE-2017-7909
 	NOT-FOR-US: Advantech
-CVE-2017-7908 (A heap-based buffer overflow exists in the third-party product ...)
+CVE-2017-7908
 	NOT-FOR-US: Gigasoft
-CVE-2017-7907 (An Improper XML Parser Configuration issue was discovered in Schneider ...)
+CVE-2017-7907
 	NOT-FOR-US: Schneider
-CVE-2017-7906 (In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently ...)
+CVE-2017-7906
 	NOT-FOR-US: ABB
-CVE-2017-7905 (A Weak Cryptography for Passwords issue was discovered in General ...)
+CVE-2017-7905
 	NOT-FOR-US: General Electric
 CVE-2017-7904
 	RESERVED
-CVE-2017-7903 (A Weak Password Requirements issue was discovered in Rockwell ...)
+CVE-2017-7903
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7902 (A &quot;Reusing a Nonce, Key Pair in Encryption&quot; issue was discovered in ...)
+CVE-2017-7902
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7901 (A Predictable Value Range from Previous Values issue was discovered in ...)
+CVE-2017-7901
 	NOT-FOR-US: Rockwell Automation
 CVE-2017-7900
 	RESERVED
-CVE-2017-7899 (An Information Exposure issue was discovered in Rockwell Automation ...)
+CVE-2017-7899
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7898 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
+CVE-2017-7898
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7897 (A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x ...)
+CVE-2017-7897
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
-CVE-2017-7896 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
+CVE-2017-7896
 	NOT-FOR-US: Trend Micro
-CVE-2017-7895 (The NFSv2 and NFSv3 server implementations in the Linux kernel through ...)
+CVE-2017-7895
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/13bf9fbff0e5e099e2b6f003a0ab8ae145436309
-CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute code via ...)
+CVE-2017-7894
 	NOT-FOR-US: WinDjView
-CVE-2017-7893 (In SaltStack Salt before 2016.3.6, compromised salt-minions can ...)
+CVE-2017-7893
 	- salt 2016.11.5+ds-1
 	[stretch] - salt <no-dsa> (Minor issue)
 	[jessie] - salt <ignored> (Vulnerable code introduced later, but older versions did not verify master anyways)
@@ -30416,14 +30414,14 @@ CVE-2017-7893 (In SaltStack Salt before 2016.3.6, compromised salt-minions can .
 	NOTE: off by default and needs considerations of admins before enabling. We still
 	NOTE: consider the issue as fixed starting with this change. Details in
 	NOTE: https://github.com/saltstack/salt/issues/48939#issuecomment-410777638
-CVE-2017-7892 (Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a ...)
+CVE-2017-7892
 	- capnproto 0.6.1-1 (unimportant; bug #860960)
 	NOTE: https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md
 	NOTE: Fixed by: https://github.com/sandstorm-io/capnproto/commit/52bc956459a5e83d7c31be95763ff6399e064ae4
 	NOTE: So far only Apple's compiler has been shown to apply the problematic optimization, fixed in 0.5.3.1 upstream
-CVE-2017-7891 (sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the ...)
+CVE-2017-7891
 	NOT-FOR-US: SourceBans++
-CVE-2017-7890 (The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in ...)
+CVE-2017-7890
 	{DSA-3938-1 DLA-1055-1}
 	- php7.1 7.1.8-1 (unimportant)
 	- php7.0 7.0.22-1 (unimportant)
@@ -30433,44 +30431,44 @@ CVE-2017-7890 (The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c
 	- libgd2 2.2.5-1 (bug #869263)
 	NOTE: https://github.com/libgd/libgd/issues/399
 	NOTE: https://github.com/libgd/libgd/commit/c613bc169802bb4b639ee2e15c61b25b80a88424
-CVE-2017-7888 (Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which ...)
+CVE-2017-7888
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/6
-CVE-2017-7887 (Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall ...)
+CVE-2017-7887
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/6
-CVE-2017-7886 (Dolibarr ERP/CRM 4.0.4 has SQL Injection in ...)
+CVE-2017-7886
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/6
-CVE-2017-7885 (Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to ...)
+CVE-2017-7885
 	{DSA-3855-1 DLA-942-1}
 	- jbig2dec 0.13-4.1 (bug #860460)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697703
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b184e783702246e15
-CVE-2017-7884 (In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default ...)
+CVE-2017-7884
 	- apcupsd <not-affected> (Only APC UPS Daemon on Windows)
-CVE-2017-7889 (The mm subsystem in the Linux kernel through 4.10.10 does not properly ...)
+CVE-2017-7889
 	{DSA-3945-1 DLA-1099-1}
 	- linux 4.9.25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/a4866aa812518ed1a37d8ea0c881dc946409de94 (v4.11-rc7)
 CVE-2017-7883
 	RESERVED
-CVE-2017-7882 (LibreOffice before 2017-03-14 has an out-of-bounds write related to the ...)
+CVE-2017-7882
 	- libreoffice <not-affected> (Vulnerable code not present in any release)
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c
-CVE-2017-7881 (BigTree CMS through 4.2.17 relies on a substring check for CSRF ...)
+CVE-2017-7881
 	NOT-FOR-US: BigTree CMS
 CVE-2017-7880
 	RESERVED
-CVE-2017-7879 (SQL Injection vulnerability in flatCore version 1.4.6 allows an ...)
+CVE-2017-7879
 	NOT-FOR-US: flatCore
-CVE-2017-7878 (SQL Injection vulnerability in flatCore version 1.4.6 allows an ...)
+CVE-2017-7878
 	NOT-FOR-US: flatCore
-CVE-2017-7877 (CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to ...)
+CVE-2017-7877
 	NOT-FOR-US: flatCore
-CVE-2017-7876 (QNAP QTS before 4.2.6 build 20170517 allows command injection. ...)
+CVE-2017-7876
 	NOT-FOR-US: QNAP QTS
-CVE-2017-7875 (In wallpaper.c in feh before v2.18.3, if a malicious client pretends to ...)
+CVE-2017-7875
 	{DLA-899-1}
 	- feh 2.18-2 (low; bug #860367)
 	[jessie] - feh <no-dsa> (Minor issue)
@@ -30481,13 +30479,13 @@ CVE-2017-7873
 	RESERVED
 CVE-2017-7872
 	RESERVED
-CVE-2017-7871 (trollepierre/tdm before 2017-04-13 is vulnerable to a reflected XSS in ...)
+CVE-2017-7871
 	NOT-FOR-US: trollepierre/tdm
-CVE-2017-7870 (LibreOffice before 2017-01-02 has an out-of-bounds write caused by a ...)
+CVE-2017-7870
 	{DSA-3837-1 DLA-910-1}
 	- libreoffice 1:5.2.5-1
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722
-CVE-2017-7869 (GnuTLS before 2017-02-20 has an out-of-bounds write caused by an ...)
+CVE-2017-7869
 	- gnutls28 3.5.8-4
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -30496,144 +30494,144 @@ CVE-2017-7869 (GnuTLS before 2017-02-20 has an out-of-bounds write caused by an
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/51464af713d71802e3c6d5ac15f1a95132a354fe
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-3
-CVE-2017-7868 (International Components for Unicode (ICU) for C/C++ before 2017-02-13 ...)
+CVE-2017-7868
 	{DSA-3830-1 DLA-947-1}
 	- icu 57.1-6 (bug #860314)
 	NOTE: http://bugs.icu-project.org/trac/changeset/39671
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437
-CVE-2017-7867 (International Components for Unicode (ICU) for C/C++ before 2017-02-13 ...)
+CVE-2017-7867
 	{DSA-3830-1 DLA-947-1}
 	- icu 57.1-6 (bug #860314)
 	NOTE: http://bugs.icu-project.org/trac/changeset/39671
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213
-CVE-2017-7866 (FFmpeg before 2017-01-23 has an out-of-bounds write caused by a ...)
+CVE-2017-7866
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/e371f031b942d73e02c090170975561fabd5c264
-CVE-2017-7865 (FFmpeg before 2017-01-24 has an out-of-bounds write caused by a ...)
+CVE-2017-7865
 	{DLA-1654-1}
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/2080bc33717955a0e4268e738acf8c1eeddbf8cb
-CVE-2017-7864 (FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a ...)
+CVE-2017-7864
 	- freetype <not-affected> (Vulnerable code not present; CFF2 support introduced in 2.7.1, cf #860313)
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509
-CVE-2017-7863 (FFmpeg before 2017-02-04 has an out-of-bounds write caused by a ...)
+CVE-2017-7863
 	{DLA-1654-1}
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/e477f09d0b3619f3d29173b2cd593e17e2d1978e
 	NOTE: libav in jessie only supports transparency with RGB palette, only parts of the upstream fix apply
-CVE-2017-7862 (FFmpeg before 2017-02-07 has an out-of-bounds write caused by a ...)
+CVE-2017-7862
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/8c2ea3030af7b40a3c4275696fb5c76cdb80950a
 	NOTE: Fixed in 11.11
-CVE-2017-7861 (Google gRPC before 2017-02-22 has an out-of-bounds write related to the ...)
+CVE-2017-7861
 	- grpc 1.2.5-1+nmu0 (bug #860316)
-CVE-2017-7860 (Google gRPC before 2017-02-22 has an out-of-bounds write caused by a ...)
+CVE-2017-7860
 	- grpc 1.2.5-1+nmu0 (bug #860316)
-CVE-2017-7859 (FFmpeg before 2017-03-05 has an out-of-bounds write caused by a ...)
+CVE-2017-7859
 	- ffmpeg <not-affected> (Only affected master, not present in a release)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1034183
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/70ebc05bce51215cd0857194d6cabf1e4d1440fb
-CVE-2017-7858 (FreeType 2 before 2017-03-07 has an out-of-bounds write related to the ...)
+CVE-2017-7858
 	- freetype <not-affected> (Vulnerable code introduced in 2.6.4)
 	NOTE: Introduced after: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738
-CVE-2017-7857 (FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a ...)
+CVE-2017-7857
 	- freetype <not-affected> (Vulnerable code introduced in 2.6.4)
 	NOTE: Introduced after: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759
-CVE-2017-7856 (LibreOffice before 2017-03-11 has an out-of-bounds write caused by a ...)
+CVE-2017-7856
 	- libreoffice <not-affected> (Didn't affect any released version of LibreOffice)
-CVE-2017-7855 (In the webmail component in IceWarp Server 11.3.1.5, there was an XSS ...)
+CVE-2017-7855
 	NOT-FOR-US: IceWarp
-CVE-2017-7854 (The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote ...)
+CVE-2017-7854
 	- radare2 <not-affected> (Vulnerable code introduced later)
-CVE-2017-7853 (In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can ...)
+CVE-2017-7853
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109265
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1ae06daf3b2375c34af23083394a6f010be24a45
-CVE-2017-7852 (D-Link DCS cameras have a weak/insecure CrossDomain.XML file that ...)
+CVE-2017-7852
 	NOT-FOR-US: D-Link
-CVE-2017-7851 (D-Link DCS-936L devices with firmware before 1.05.07 have an inadequate ...)
+CVE-2017-7851
 	NOT-FOR-US: D-Link
-CVE-2017-7850 (Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local ...)
+CVE-2017-7850
 	NOT-FOR-US: Nessus
-CVE-2017-7849 (Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local ...)
+CVE-2017-7849
 	NOT-FOR-US: Nessus
-CVE-2017-7848 (RSS fields can inject new lines into the created email structure, ...)
+CVE-2017-7848
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7848
-CVE-2017-7847 (Crafted CSS in an RSS feed can leak and reveal local path strings, ...)
+CVE-2017-7847
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7847
-CVE-2017-7846 (It is possible to execute JavaScript in the parsed RSS feed when RSS ...)
+CVE-2017-7846
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7846
-CVE-2017-7845 (A buffer overflow occurs when drawing and validating elements using ...)
+CVE-2017-7845
 	- firefox <not-affected> (Only affects Firefox on Windows)
 	- firefox-esr <not-affected> (Only affects Firefox on Windows)
 	- thunderbird <not-affected> (Only affects Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-29/#CVE-2017-7845
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/#CVE-2017-7845
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7845
-CVE-2017-7844 (A combination of an external SVG image referenced on a page and the ...)
+CVE-2017-7844
 	- firefox 57.0.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-27/#CVE-2017-7844
-CVE-2017-7843 (When Private Browsing mode is used, it is possible for a web worker to ...)
+CVE-2017-7843
 	{DSA-4062-1 DLA-1202-1}
 	- firefox 57.0.1-1
 	- firefox-esr 52.5.2esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-27/#CVE-2017-7843
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/#CVE-2017-7843
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1410106
-CVE-2017-7842 (If a document's Referrer Policy attribute is set to &quot;no-referrer&quot; ...)
+CVE-2017-7842
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7842
 CVE-2017-7841
 	RESERVED
-CVE-2017-7840 (JavaScript can be injected into an exported bookmarks file by placing ...)
+CVE-2017-7840
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7840
-CVE-2017-7839 (Control characters prepended before &quot;javascript:&quot; URLs pasted in the ...)
+CVE-2017-7839
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7839
-CVE-2017-7838 (Punycode format text will be displayed for entire qualified ...)
+CVE-2017-7838
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7838
-CVE-2017-7837 (SVG loaded through &quot;&lt;img&gt;&quot; tags can use &quot;&lt;meta&gt;&quot; tags within the SVG ...)
+CVE-2017-7837
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7837
-CVE-2017-7836 (The &quot;pingsender&quot; executable used by the Firefox Health Report ...)
+CVE-2017-7836
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7836
-CVE-2017-7835 (Mixed content blocking of insecure (HTTP) sub-resources in a secure ...)
+CVE-2017-7835
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7835
-CVE-2017-7834 (A &quot;data:&quot; URL loaded in a new tab did not inherit the Content Security ...)
+CVE-2017-7834
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7834
-CVE-2017-7833 (Some Arabic and Indic vowel marker characters can be combined with ...)
+CVE-2017-7833
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7833
-CVE-2017-7832 (The combined, single character, version of the letter 'i' with any of ...)
+CVE-2017-7832
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7832
-CVE-2017-7831 (A vulnerability where the security wrapper does not deny access to ...)
+CVE-2017-7831
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7831
-CVE-2017-7830 (The Resource Timing API incorrectly revealed navigations in ...)
+CVE-2017-7830
 	{DSA-4075-1 DSA-4061-1 DSA-4035-1 DLA-1199-1 DLA-1172-1}
 	- firefox 57.0-1
 	- firefox-esr 52.5.0esr-1
@@ -30641,11 +30639,11 @@ CVE-2017-7830 (The Resource Timing API incorrectly revealed navigations in ...)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7830
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/#CVE-2017-7830
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/#CVE-2017-7830
-CVE-2017-7829 (It is possible to spoof the sender's email address and display an ...)
+CVE-2017-7829
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7829
-CVE-2017-7828 (A use-after-free vulnerability can occur when flushing and resizing ...)
+CVE-2017-7828
 	{DSA-4075-1 DSA-4061-1 DSA-4035-1 DLA-1199-1 DLA-1172-1}
 	- firefox 57.0-1
 	- firefox-esr 52.5.0esr-1
@@ -30653,10 +30651,10 @@ CVE-2017-7828 (A use-after-free vulnerability can occur when flushing and resizi
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7828
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/#CVE-2017-7828
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/#CVE-2017-7828
-CVE-2017-7827 (Memory safety bugs were reported in Firefox 56. Some of these bugs ...)
+CVE-2017-7827
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7827
-CVE-2017-7826 (Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. ...)
+CVE-2017-7826
 	{DSA-4075-1 DSA-4061-1 DSA-4035-1 DLA-1199-1 DLA-1172-1}
 	- firefox 57.0-1
 	- firefox-esr 52.5.0esr-1
@@ -30664,14 +30662,14 @@ CVE-2017-7826 (Memory safety bugs were reported in Firefox 56 and Firefox ESR 52
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7826
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/#CVE-2017-7826
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/#CVE-2017-7826
-CVE-2017-7825 (Several fonts on OS X display some Tibetan and Arabic characters as ...)
+CVE-2017-7825
 	- firefox <not-affected> (Only affects Firefox on OS X)
 	- firefox-esr <not-affected> (Only affects Firefox on OS X)
 	- icedove <not-affected> (Only affects Thunderbird on OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7825
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7825
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7825
-CVE-2017-7824 (A buffer overflow occurs when drawing and validating elements with the ...)
+CVE-2017-7824
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30679,7 +30677,7 @@ CVE-2017-7824 (A buffer overflow occurs when drawing and validating elements wit
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7824
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7824
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7824
-CVE-2017-7823 (The content security policy (CSP) &quot;sandbox&quot; directive did not create a ...)
+CVE-2017-7823
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30687,16 +30685,16 @@ CVE-2017-7823 (The content security policy (CSP) &quot;sandbox&quot; directive d
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7823
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7823
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7823
-CVE-2017-7822 (The AES-GCM implementation in WebCrypto API accepts 0-length IV when ...)
+CVE-2017-7822
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7822
-CVE-2017-7821 (A vulnerability where WebExtensions can download and attempt to open a ...)
+CVE-2017-7821
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7821
-CVE-2017-7820 (The &quot;instanceof&quot; operator can bypass the Xray wrapper mechanism. When ...)
+CVE-2017-7820
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7820
-CVE-2017-7819 (A use-after-free vulnerability can occur in design mode when image ...)
+CVE-2017-7819
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30704,7 +30702,7 @@ CVE-2017-7819 (A use-after-free vulnerability can occur in design mode when imag
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7819
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7819
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7819
-CVE-2017-7818 (A use-after-free vulnerability can occur when manipulating arrays of ...)
+CVE-2017-7818
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30712,16 +30710,16 @@ CVE-2017-7818 (A use-after-free vulnerability can occur when manipulating arrays
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7818
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7818
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7818
-CVE-2017-7817 (A spoofing vulnerability can occur when a page switches to fullscreen ...)
+CVE-2017-7817
 	- firefox <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7817
-CVE-2017-7816 (WebExtensions could use popups and panels in the extension UI to load ...)
+CVE-2017-7816
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7816
-CVE-2017-7815 (On pages containing an iframe, the &quot;data:&quot; protocol can be used to ...)
+CVE-2017-7815
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7815
-CVE-2017-7814 (File downloads encoded with &quot;blob:&quot; and &quot;data:&quot; URL elements bypassed ...)
+CVE-2017-7814
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30729,16 +30727,16 @@ CVE-2017-7814 (File downloads encoded with &quot;blob:&quot; and &quot;data:&quo
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7814
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7814
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7814
-CVE-2017-7813 (Inside the JavaScript parser, a cast of an integer to a narrower type ...)
+CVE-2017-7813
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7813
-CVE-2017-7812 (If web content on a page is dragged onto portions of the browser UI, ...)
+CVE-2017-7812
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7812
-CVE-2017-7811 (Memory safety bugs were reported in Firefox 55. Some of these bugs ...)
+CVE-2017-7811
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7811
-CVE-2017-7810 (Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. ...)
+CVE-2017-7810
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30746,21 +30744,21 @@ CVE-2017-7810 (Memory safety bugs were reported in Firefox 55 and Firefox ESR 52
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7810
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7810
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7810
-CVE-2017-7809 (A use-after-free vulnerability can occur when an editor DOM node is ...)
+CVE-2017-7809
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7808 (A content security policy (CSP) &quot;frame-ancestors&quot; directive containing ...)
+CVE-2017-7808
 	- firefox 55.0-1
-CVE-2017-7807 (A mechanism that uses AppCache to hijack a URL in a domain using ...)
+CVE-2017-7807
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7806 (A use-after-free vulnerability can occur when the layer manager is ...)
+CVE-2017-7806
 	- firefox 55.0-1
-CVE-2017-7805 (During TLS 1.2 exchanges, handshake hashes are generated which point ...)
+CVE-2017-7805
 	{DSA-4014-1 DSA-3998-1 DSA-3987-1 DLA-1153-1 DLA-1138-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30771,45 +30769,45 @@ CVE-2017-7805 (During TLS 1.2 exchanges, handshake hashes are generated which po
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7805
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7805
-CVE-2017-7804 (The destructor function for the &quot;WindowsDllDetourPatcher&quot; class can be ...)
+CVE-2017-7804
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
-CVE-2017-7803 (When a page's content security policy (CSP) header contains a ...)
+CVE-2017-7803
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7802 (A use-after-free vulnerability can occur when manipulating the DOM ...)
+CVE-2017-7802
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7801 (A use-after-free vulnerability can occur while re-computing layout for ...)
+CVE-2017-7801
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7800 (A use-after-free vulnerability can occur in WebSockets when the object ...)
+CVE-2017-7800
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7799 (JavaScript in the &quot;about:webrtc&quot; page is not sanitized properly being ...)
+CVE-2017-7799
 	- firefox 55.0-1
-CVE-2017-7798 (The Developer Tools feature suffers from a XUL injection vulnerability ...)
+CVE-2017-7798
 	{DSA-3928-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
-CVE-2017-7797 (Response header name interning does not have same-origin protections ...)
+CVE-2017-7797
 	- firefox 55.0-1
-CVE-2017-7796 (On Windows systems, the logger run by the Windows updater deletes the ...)
+CVE-2017-7796
 	- firefox <not-affected> (Windows-specific)
 CVE-2017-7795
 	RESERVED
-CVE-2017-7794 (On Linux systems, if the content process is compromised, the sandbox ...)
+CVE-2017-7794
 	- firefox 55.0-1
-CVE-2017-7793 (A use-after-free vulnerability can occur in the Fetch API when the ...)
+CVE-2017-7793
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30817,59 +30815,59 @@ CVE-2017-7793 (A use-after-free vulnerability can occur in the Fetch API when th
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7793
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7793
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7793
-CVE-2017-7792 (A buffer overflow will occur when viewing a certificate in the ...)
+CVE-2017-7792
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7791 (On pages containing an iframe, the &quot;data:&quot; protocol can be used to ...)
+CVE-2017-7791
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7790 (On Windows systems, if non-null-terminated strings are copied into the ...)
+CVE-2017-7790
 	- firefox <not-affected> (Windows-specific)
-CVE-2017-7789 (If a server sends two Strict-Transport-Security (STS) headers for a ...)
+CVE-2017-7789
 	- firefox 55.0-1 (low)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1074642
-CVE-2017-7788 (When an &quot;iframe&quot; has a &quot;sandbox&quot; attribute and its content is ...)
+CVE-2017-7788
 	- firefox 55.0-1
-CVE-2017-7787 (Same-origin policy protections can be bypassed on pages with embedded ...)
+CVE-2017-7787
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7786 (A buffer overflow can occur when the image renderer attempts to paint ...)
+CVE-2017-7786
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7785 (A buffer overflow can occur when manipulating Accessible Rich Internet ...)
+CVE-2017-7785
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7784 (A use-after-free vulnerability can occur when reading an image ...)
+CVE-2017-7784
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7783 (If a long user name is used in a username/password combination in a ...)
+CVE-2017-7783
 	- firefox 55.0-1
-CVE-2017-7782 (An error in the &quot;WindowsDllDetourPatcher&quot; where a RWX ...)
+CVE-2017-7782
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
-CVE-2017-7781 (An error occurs in the elliptic curve point addition algorithm that ...)
+CVE-2017-7781
 	- firefox 55.0-1
-CVE-2017-7780 (Memory safety bugs were reported in Firefox 54. Some of these bugs ...)
+CVE-2017-7780
 	- firefox 55.0-1
-CVE-2017-7779 (Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and ...)
+CVE-2017-7779
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7778 (A number of security vulnerabilities in the Graphite 2 library ...)
+CVE-2017-7778
 	{DSA-3918-1 DSA-3894-1 DSA-3881-1 DLA-1013-1 DLA-1007-1 DLA-991-1}
 	- graphite2 1.3.10-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1349310
@@ -30936,34 +30934,34 @@ CVE-2017-7771
 	- firefox-esr 52.2.0esr-1
 	- icedove 1:52.2.0-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1350047
-CVE-2017-7770 (A mechanism where when a new tab is loaded through JavaScript events, ...)
+CVE-2017-7770
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7770
 CVE-2017-7769
 	RESERVED
-CVE-2017-7768 (The Mozilla Maintenance Service can be invoked by an unprivileged user ...)
+CVE-2017-7768
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7768
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7768
-CVE-2017-7767 (The Mozilla Maintenance Service can be invoked by an unprivileged user ...)
+CVE-2017-7767
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7767
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7767
-CVE-2017-7766 (An attack using manipulation of &quot;updater.ini&quot; contents, used by the ...)
+CVE-2017-7766
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7766
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7766
-CVE-2017-7765 (The &quot;Mark of the Web&quot; was not correctly saved on Windows when files ...)
+CVE-2017-7765
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	- icedove <not-affected> (Only Thunderbird on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7765
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7765
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7765
-CVE-2017-7764 (Characters from the &quot;Canadian Syllabics&quot; unicode block can be mixed ...)
+CVE-2017-7764
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -30971,30 +30969,30 @@ CVE-2017-7764 (Characters from the &quot;Canadian Syllabics&quot; unicode block
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7764
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7764
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7764
-CVE-2017-7763 (Default fonts on OS X display some Tibetan characters as whitespace. ...)
+CVE-2017-7763
 	- firefox <not-affected> (Only firefox on Mac OS X)
 	- firefox-esr <not-affected> (Only Firefox ESR on Mac OS X)
 	- icedove <not-affected> (Only Thunderbird on Mac OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7763
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7763
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7763
-CVE-2017-7762 (When entered directly, Reader Mode did not strip the username and ...)
+CVE-2017-7762
 	- firefox 54.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7762
-CVE-2017-7761 (The Mozilla Maintenance Service &quot;helper.exe&quot; application creates a ...)
+CVE-2017-7761
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7761
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7761
-CVE-2017-7760 (The Mozilla Windows updater modifies some files to be updated by ...)
+CVE-2017-7760
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7760
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7760
-CVE-2017-7759 (Android intent URLs given to Firefox for Android can be used to ...)
+CVE-2017-7759
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7759
-CVE-2017-7758 (An out-of-bounds read vulnerability with the Opus encoder when the ...)
+CVE-2017-7758
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31002,7 +31000,7 @@ CVE-2017-7758 (An out-of-bounds read vulnerability with the Opus encoder when th
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7758
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7758
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7758
-CVE-2017-7757 (A use-after-free vulnerability in IndexedDB when one of its objects is ...)
+CVE-2017-7757
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31010,7 +31008,7 @@ CVE-2017-7757 (A use-after-free vulnerability in IndexedDB when one of its objec
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7757
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7757
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7757
-CVE-2017-7756 (A use-after-free and use-after-scope vulnerability when logging errors ...)
+CVE-2017-7756
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31018,12 +31016,12 @@ CVE-2017-7756 (A use-after-free and use-after-scope vulnerability when logging e
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7756
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7756
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7756
-CVE-2017-7755 (The Firefox installer on Windows can be made to load malicious DLL ...)
+CVE-2017-7755
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7755
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7755
-CVE-2017-7754 (An out-of-bounds read in WebGL with a maliciously crafted &quot;ImageInfo&quot; ...)
+CVE-2017-7754
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31031,12 +31029,12 @@ CVE-2017-7754 (An out-of-bounds read in WebGL with a maliciously crafted &quot;I
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7754
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7754
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7754
-CVE-2017-7753 (An out-of-bounds read occurs when applying style rules to ...)
+CVE-2017-7753
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7752 (A use-after-free vulnerability during specific user interactions with ...)
+CVE-2017-7752
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31044,7 +31042,7 @@ CVE-2017-7752 (A use-after-free vulnerability during specific user interactions
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7752
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7752
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7752
-CVE-2017-7751 (A use-after-free vulnerability with content viewer listeners that ...)
+CVE-2017-7751
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31052,7 +31050,7 @@ CVE-2017-7751 (A use-after-free vulnerability with content viewer listeners that
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7751
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7751
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7751
-CVE-2017-7750 (A use-after-free vulnerability during video control operations when a ...)
+CVE-2017-7750
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31060,7 +31058,7 @@ CVE-2017-7750 (A use-after-free vulnerability during video control operations wh
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7750
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7750
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7750
-CVE-2017-7749 (A use-after-free vulnerability when using an incorrect URL during the ...)
+CVE-2017-7749
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31068,28 +31066,28 @@ CVE-2017-7749 (A use-after-free vulnerability when using an incorrect URL during
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7749
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7749
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7749
-CVE-2017-7748 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector ...)
+CVE-2017-7748
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-21.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f55cbcde2c8f74b652add4450b0592082eb6acff
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581
-CVE-2017-7747 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector ...)
+CVE-2017-7747
 	{DLA-1634-1}
 	- wireshark 2.2.6+g32dac6a-1
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-18.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5cfd52d6629cf8a7ab67c6bacd3431a964f43584
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13559
-CVE-2017-7746 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector ...)
+CVE-2017-7746
 	{DLA-1634-1}
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-19.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=58e69cc769dea24b721abd8a29f9eedc11024b7e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13576
-CVE-2017-7745 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector ...)
+CVE-2017-7745
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -31100,13 +31098,13 @@ CVE-2017-7744
 	RESERVED
 CVE-2017-7743
 	RESERVED
-CVE-2017-7742 (In libsndfile before 1.0.28, an error in the &quot;flac_buffer_copy()&quot; ...)
+CVE-2017-7742
 	{DLA-928-1}
 	- libsndfile 1.0.27-3 (bug #860255)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
 	NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
-CVE-2017-7741 (In libsndfile before 1.0.28, an error in the &quot;flac_buffer_copy()&quot; ...)
+CVE-2017-7741
 	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -31116,58 +31114,58 @@ CVE-2017-7741 (In libsndfile before 1.0.28, an error in the &quot;flac_buffer_co
 	NOTE: https://sources.debian.org/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
 CVE-2017-7740
 	RESERVED
-CVE-2017-7739 (A reflected Cross-site Scripting (XSS) vulnerability in web proxy ...)
+CVE-2017-7739
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7738 (An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to ...)
+CVE-2017-7738
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7737 (An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and ...)
+CVE-2017-7737
 	NOT-FOR-US: Fortinet
-CVE-2017-7736 (A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb ...)
+CVE-2017-7736
 	NOT-FOR-US: Fortinet
-CVE-2017-7735 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions ...)
+CVE-2017-7735
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7734 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions ...)
+CVE-2017-7734
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7733 (A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 ...)
+CVE-2017-7733
 	NOT-FOR-US: Fortinet
-CVE-2017-7732 (A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet ...)
+CVE-2017-7732
 	NOT-FOR-US: Fortinet
-CVE-2017-7731 (A weak password recovery vulnerability in Fortinet FortiPortal ...)
+CVE-2017-7731
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7730 (iSmartAlarm cube devices allow Denial of Service. Sending a SYN flood ...)
+CVE-2017-7730
 	NOT-FOR-US: iSmartAlarm
-CVE-2017-7729 (On iSmartAlarm cube devices, there is Incorrect Access Control because ...)
+CVE-2017-7729
 	NOT-FOR-US: iSmartAlarm
-CVE-2017-7728 (On iSmartAlarm cube devices, there is authentication bypass leading to ...)
+CVE-2017-7728
 	NOT-FOR-US: iSmartAlarm
 CVE-2017-7727
 	REJECTED
-CVE-2017-7726 (iSmartAlarm cube devices have an SSL Certificate Validation ...)
+CVE-2017-7726
 	NOT-FOR-US: iSmartAlarm
-CVE-2017-7725 (concrete5 8.1.0 places incorrect trust in the HTTP Host header during ...)
+CVE-2017-7725
 	NOT-FOR-US: concrete5
 CVE-2017-7724
 	RESERVED
-CVE-2017-7723 (XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the ...)
+CVE-2017-7723
 	NOT-FOR-US: Easy WP SMTP WordPress plugin
-CVE-2017-7722 (In SolarWinds Log &amp; Event Manager (LEM) before 6.3.1 Hotfix 4, a menu ...)
+CVE-2017-7722
 	NOT-FOR-US: SolarWinds
-CVE-2017-7721 (IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an ...)
+CVE-2017-7721
 	NOT-FOR-US: IrfanView
-CVE-2017-7720 (Buffer overflow in PrivateTunnel 2.7 and 2.8 allows local attackers to ...)
+CVE-2017-7720
 	NOT-FOR-US: PrivateTunnel
-CVE-2017-7719 (SQL injection in the Spider Event Calendar (aka spider-event-calendar) ...)
+CVE-2017-7719
 	NOT-FOR-US: Spider Event Calendar
-CVE-2017-7718 (hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local ...)
+CVE-2017-7718
 	{DLA-1497-1 DLA-1035-1 DLA-939-1}
 	- qemu 1:2.8+dfsg-4
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=215902d7b6fb50c6fc216fc74f770858278ed904
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=3328c14e63f08fb07e8c6dec779c9d365e9e9864 (v2.8.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1443441
-CVE-2017-7717 (SQL injection vulnerability in the getUserUddiElements method in the ...)
+CVE-2017-7717
 	NOT-FOR-US: SAP
-CVE-2017-7716 (The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 ...)
+CVE-2017-7716
 	- radare2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/radare/radare2/issues/7260
 CVE-2017-7715
@@ -31190,14 +31188,14 @@ CVE-2017-7707
 	RESERVED
 CVE-2017-7706
 	RESERVED
-CVE-2017-7705 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA ...)
+CVE-2017-7705
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-15.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13558
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=08d392bbecc8fb666bf979e70a34536007b83ea2
-CVE-2017-7704 (In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an ...)
+CVE-2017-7704
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -31205,14 +31203,14 @@ CVE-2017-7704 (In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an .
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13453
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6032b0fe5fc1176ab77e03e20765f95fbd21b19e
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=da53a90b6895e47e03c5de05edf84bd99d535fd8
-CVE-2017-7703 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector ...)
+CVE-2017-7703
 	{DLA-1634-1}
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-12.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13466
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=671e32820ab29d41d712cc8a472eab9b672684d9
-CVE-2017-7702 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector ...)
+CVE-2017-7702
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -31222,14 +31220,14 @@ CVE-2017-7702 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissec
 	NOTE: When for older releases fixing this entry, make sure to fix apply the
 	NOTE: complete patch including https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2f322f66cbcca2fefdaa630494f9d6c97eb659b7
 	NOTE: to not open CVE-2017-11410.
-CVE-2017-7701 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector ...)
+CVE-2017-7701
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-16.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a
-CVE-2017-7700 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file ...)
+CVE-2017-7700
 	{DLA-1634-1 DLA-858-1}
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-14.html
@@ -31237,11 +31235,11 @@ CVE-2017-7700 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler fi
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8fc0af859de4993951a915ad735be350221f3f53
 CVE-2017-7699
 	RESERVED
-CVE-2017-7698 (A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier ...)
+CVE-2017-7698
 	- swftools 0.9.2+ds1-2
 	NOTE: https://github.com/matthiaskramm/swftools/pull/19
 	NOTE: Vulnerable code removed with the 0.9.2+dfs1-2 upload
-CVE-2017-7697 (In libsamplerate before 0.1.9, a buffer over-read occurs in the ...)
+CVE-2017-7697
 	- libsamplerate 0.1.9-1 (bug #860159)
 	[stretch] - libsamplerate <no-dsa> (Minor issue)
 	[jessie] - libsamplerate <no-dsa> (Minor issue)
@@ -31249,53 +31247,53 @@ CVE-2017-7697 (In libsamplerate before 0.1.9, a buffer over-read occurs in the .
 	NOTE: https://github.com/erikd/libsamplerate/issues/11
 	NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsamplerate-global-buffer-overflow-in-calc_output_single-src_sinc-c/
 	NOTE: Fixed by: https://github.com/erikd/libsamplerate/commit/c3b66186656de44da18b7058aec099dbe782dd0b
-CVE-2017-7696 (SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote ...)
+CVE-2017-7696
 	NOT-FOR-US: SAP
-CVE-2017-7695 (Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an ...)
+CVE-2017-7695
 	NOT-FOR-US: BigTree CMS
-CVE-2017-7694 (Remote Code Execution vulnerability in ...)
+CVE-2017-7694
 	NOT-FOR-US: Symphony CMS
-CVE-2017-7693 (Directory traversal vulnerability in viewer_script.jsp in Riverbed ...)
+CVE-2017-7693
 	NOT-FOR-US: Riverbed OPNET App Response Xpert (ARX)
-CVE-2017-7692 (SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) ...)
+CVE-2017-7692
 	{DSA-3852-1 DLA-941-1}
 	- squirrelmail <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/19/6
 	NOTE: https://legalhackers.com/advisories/SquirrelMail-Exploit-Remote-Code-Exec-CVE-2017-7692-Vuln.html
-CVE-2017-7691 (A code injection vulnerability exists in SAP TREX / Business Warehouse ...)
+CVE-2017-7691
 	NOT-FOR-US: SAP TREX
-CVE-2017-7690 (Proxifier for Mac before 2.19.2, when first run, allows local users to ...)
+CVE-2017-7690
 	NOT-FOR-US: Proxifier for Mac
-CVE-2017-7689 (A Command Injection vulnerability in Schneider Electric homeLYnk ...)
+CVE-2017-7689
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7688 (Apache OpenMeetings 1.0.0 updates user password in insecure manner. ...)
+CVE-2017-7688
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7687 (When handling a decoding failure for a malformed URL path of an HTTP ...)
+CVE-2017-7687
 	- apache-mesos <itp> (bug #760315)
-CVE-2017-7686 (Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to ...)
+CVE-2017-7686
 	NOT-FOR-US: Apache Ignite
-CVE-2017-7685 (Apache OpenMeetings 1.0.0 responds to the following insecure HTTP ...)
+CVE-2017-7685
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7684 (Apache OpenMeetings 1.0.0 doesn't check contents of files being ...)
+CVE-2017-7684
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7683 (Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error ...)
+CVE-2017-7683
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7682 (Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation ...)
+CVE-2017-7682
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7681 (Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows ...)
+CVE-2017-7681
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7680 (Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml ...)
+CVE-2017-7680
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7679 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime ...)
+CVE-2017-7679
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
-CVE-2017-7678 (In Apache Spark before 2.2.0, it is possible for an attacker to take ...)
+CVE-2017-7678
 	NOT-FOR-US: Apache Spark
-CVE-2017-7677 (In environments that use external location for hive tables, Hive ...)
+CVE-2017-7677
 	NOT-FOR-US: Apache Ranger
-CVE-2017-7676 (Policy resource matcher in Apache Ranger before 0.7.1 ignores ...)
+CVE-2017-7676
 	NOT-FOR-US: Apache Ranger
-CVE-2017-7675 (The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and ...)
+CVE-2017-7675
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.16-1
 	[stretch] - tomcat8 8.5.14-1+deb9u2
@@ -31304,7 +31302,7 @@ CVE-2017-7675 (The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21
 	- tomcat6 <not-affected> (Only affects Tomcat 8.5.x and 9.x series; vulnerable code not present)
 	NOTE: Fixed by: http://svn.apache.org/r1796091 (8.5.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61120
-CVE-2017-7674 (The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to ...)
+CVE-2017-7674
 	{DSA-3974-1 DLA-1400-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.16-1
@@ -31315,49 +31313,49 @@ CVE-2017-7674 (The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to
 	NOTE: Fixed by: http://svn.apache.org/r1795815 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1795816 (7.0.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61101
-CVE-2017-7673 (Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, ...)
+CVE-2017-7673
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7672 (If an application allows enter an URL in a form field and built-in ...)
+CVE-2017-7672
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: Issue is specific to Struts 2.x.
-CVE-2017-7671 (There is a DOS attack vulnerability in Apache Traffic Server (ATS) ...)
+CVE-2017-7671
 	{DSA-4128-1}
 	- trafficserver 7.1.2+ds-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/apache/trafficserver/pull/1941
-CVE-2017-7670 (The Traffic Router component of the incubating Apache Traffic Control ...)
+CVE-2017-7670
 	NOT-FOR-US: Apache Traffic Control
-CVE-2017-7669 (In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the ...)
+CVE-2017-7669
 	- hadoop <itp> (bug #793644)
-CVE-2017-7668 (The HTTP strict parsing changes added in Apache httpd 2.2.32 and ...)
+CVE-2017-7668
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
-CVE-2017-7667 (Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the ...)
+CVE-2017-7667
 	NOT-FOR-US: Apache NiFi
-CVE-2017-7666 (Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery ...)
+CVE-2017-7666
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7665 (In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain ...)
+CVE-2017-7665
 	NOT-FOR-US: Apache NiFi
-CVE-2017-7664 (Uploaded XML documents were not correctly validated in Apache ...)
+CVE-2017-7664
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7663 (Both global and Room chat are vulnerable to XSS attack in Apache ...)
+CVE-2017-7663
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7662 (Apache CXF Fediz ships with an OpenId Connect (OIDC) service which has ...)
+CVE-2017-7662
 	NOT-FOR-US: Apache CXF
-CVE-2017-7661 (Apache CXF Fediz ships with a number of container-specific plugins to ...)
+CVE-2017-7661
 	NOT-FOR-US: Apache CXF
-CVE-2017-7660 (Apache Solr uses a PKI based mechanism to secure inter-node ...)
+CVE-2017-7660
 	- lucene-solr <not-affected> (Vulnerable code introduced later)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-10624
 	NOTE: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/2f5ecbcf
-CVE-2017-7659 (A maliciously constructed HTTP/2 request could cause mod_http2 in ...)
+CVE-2017-7659
 	- apache2 2.4.25-4
 	[stretch] - apache2 2.4.25-3+deb9u1
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/19/5
-CVE-2017-7658 (In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non ...)
+CVE-2017-7658
 	{DSA-4278-1}
 	- jetty <removed>
 	[jessie] - jetty <ignored> (very hard to exploit, complex patch)
@@ -31367,7 +31365,7 @@ CVE-2017-7658 (In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
 	NOTE: Exploit very unlikely, needs a very particular intermediary behaviour.
-CVE-2017-7657 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ...)
+CVE-2017-7657
 	{DSA-4278-1}
 	- jetty <removed>
 	[jessie] - jetty <ignored> (very hard to exploit, complex patch)
@@ -31376,7 +31374,7 @@ CVE-2017-7657 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ...)
 	- jetty9 9.2.25-1 (low; bug #902953)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
-CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ...)
+CVE-2017-7656
 	{DSA-4278-1}
 	- jetty <removed>
 	[jessie] - jetty <ignored> (very hard to exploit, complex patch)
@@ -31387,267 +31385,267 @@ CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ...)
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
 CVE-2017-7655
 	RESERVED
-CVE-2017-7654 (In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability ...)
+CVE-2017-7654
 	{DSA-4325-1 DLA-1525-1}
 	- mosquitto 1.5.4-1 (bug #911265)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=533493
 	NOTE: https://github.com/eclipse/mosquitto/commit/51ec5601c2ec523bf2973fdc1eca77335eafb8de
-CVE-2017-7653 (The Eclipse Mosquitto broker up to version 1.4.15 does not reject ...)
+CVE-2017-7653
 	{DSA-4325-1 DLA-1525-1}
 	- mosquitto 1.5.4-1 (bug #911266)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=532113
 	NOTE: https://github.com/eclipse/mosquitto/commit/729a09310a7a56fbe5933b70b4588049da1a42b4
-CVE-2017-7652 (In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running ...)
+CVE-2017-7652
 	{DSA-4325-1 DLA-1409-1 DLA-1334-1}
 	- mosquitto 1.4.15-1
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7652
 	NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/
-CVE-2017-7651 (In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server ...)
+CVE-2017-7651
 	{DSA-4325-1 DLA-1409-1 DLA-1334-1}
 	- mosquitto 1.4.15-1
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7651
 	NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/
-CVE-2017-7650 (In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by ...)
+CVE-2017-7650
 	{DSA-3865-1 DLA-961-1}
 	- mosquitto 1.4.10-3
 	NOTE: http://mosquitto.org/2017/05/security-advisory-cve-2017-7650/
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7650/
-CVE-2017-7649 (The network enabled distribution of Kura before 2.1.0 takes control ...)
+CVE-2017-7649
 	NOT-FOR-US: Kura
-CVE-2017-7648 (Foscam networked devices use the same hardcoded SSL private key across ...)
+CVE-2017-7648
 	NOT-FOR-US: Foscam
-CVE-2017-7647 (SolarWinds Log &amp; Event Manager (LEM) before 6.3.1 Hotfix 4 allows an ...)
+CVE-2017-7647
 	NOT-FOR-US: SolarWinds
-CVE-2017-7646 (SolarWinds Log &amp; Event Manager (LEM) before 6.3.1 Hotfix 4 allows an ...)
+CVE-2017-7646
 	NOT-FOR-US: SolarWinds
-CVE-2017-7645 (The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel ...)
+CVE-2017-7645
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/e6838a29ecb484c97e4efef9429643b9851fba6e
-CVE-2017-7644 (The Management Web Interface in Palo Alto Networks PAN-OS before ...)
+CVE-2017-7644
 	NOT-FOR-US: Management Web Interface in Palo Alto Networks PAN-OS
-CVE-2017-7643 (Proxifier for Mac before 2.19 allows local users to gain privileges ...)
+CVE-2017-7643
 	NOT-FOR-US: Proxifier for Mac
-CVE-2017-7642 (The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka ...)
+CVE-2017-7642
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
-CVE-2017-7641 (QNAP NAS application Media Streaming add-on version 421.1.0.2, ...)
+CVE-2017-7641
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7640 (QNAP NAS application Media Streaming add-on version 421.1.0.2, ...)
+CVE-2017-7640
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7639 (QNAP NAS application Proxy Server through version 1.2.0 does not ...)
+CVE-2017-7639
 	NOT-FOR-US: QNAP
-CVE-2017-7638 (QNAP NAS application Media Streaming add-on version 421.1.0.2, ...)
+CVE-2017-7638
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7637 (QNAP NAS application Proxy Server through version 1.2.0 allows remote ...)
+CVE-2017-7637
 	NOT-FOR-US: QNAP
-CVE-2017-7636 (Cross-site scripting (XSS) vulnerability in QNAP NAS application Proxy ...)
+CVE-2017-7636
 	NOT-FOR-US: QNAP
-CVE-2017-7635 (QNAP NAS application Proxy Server through version 1.2.0 does not ...)
+CVE-2017-7635
 	NOT-FOR-US: QNAP
-CVE-2017-7634 (Cross-site scripting (XSS) vulnerability in QNAP NAS application Media ...)
+CVE-2017-7634
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7633 (QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive ...)
+CVE-2017-7633
 	NOT-FOR-US: QNAP
-CVE-2017-7632 (Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS ...)
+CVE-2017-7632
 	NOT-FOR-US: File Station of QNAP QTS
-CVE-2017-7631 (Cross-site scripting (XSS) vulnerability in the share link function of ...)
+CVE-2017-7631
 	NOT-FOR-US: File Station of QNAP
-CVE-2017-7630 (QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier ...)
+CVE-2017-7630
 	NOT-FOR-US: QNAP
-CVE-2017-7629 (QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password ...)
+CVE-2017-7629
 	NOT-FOR-US: QNAP QTS
-CVE-2017-7628 (The &quot;Smart related articles&quot; extension 1.1 for Joomla! has SQL ...)
+CVE-2017-7628
 	NOT-FOR-US: Joomla extension
-CVE-2017-7627 (The &quot;Smart related articles&quot; extension 1.1 for Joomla! does not prevent ...)
+CVE-2017-7627
 	NOT-FOR-US: Joomla extension
-CVE-2017-7626 (The &quot;Smart related articles&quot; extension 1.1 for Joomla! has XSS in ...)
+CVE-2017-7626
 	NOT-FOR-US: Joomla extension
-CVE-2017-7625 (In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the ...)
+CVE-2017-7625
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-7624 (The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ...)
+CVE-2017-7624
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7623 (The iwmiffr_convert_row32 function in imagew-miff.c in ...)
+CVE-2017-7623
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7622 (dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 ...)
+CVE-2017-7622
 	NOT-FOR-US: dde-daemon
-CVE-2017-7621 (Cross Site Scripting Vulnerability in core-eMLi in AuroMeera ...)
+CVE-2017-7621
 	NOT-FOR-US: core-eMLi
-CVE-2017-7620 (MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits ...)
+CVE-2017-7620
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://mantisbt.org/bugs/view.php?id=22909
 	NOTE: https://mantisbt.org/bugs/view.php?id=22702
-CVE-2017-7618 (crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to ...)
+CVE-2017-7618
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: http://marc.info/?l=linux-crypto-vger&m=149181655623850&w=2
-CVE-2017-7616 (Incorrect error handling in the set_mempolicy and mbind compat syscalls ...)
+CVE-2017-7616
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62 (4.11-rc6)
 	NOTE: https://grsecurity.net/the_infoleak_that_mostly_wasnt.php
-CVE-2017-7615 (MantisBT through 2.3.0 allows arbitrary password reset and ...)
+CVE-2017-7615
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/16/2
-CVE-2017-7614 (elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2017-7614
 	- binutils 2.28-4 (low; bug #859989)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/05/binutils-two-null-pointer-dereference-in-elflink-c/
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ad32986fdf9da1c8748e47b8b45100398223dba8
-CVE-2017-7613 (elflint.c in elfutils 0.168 does not validate the number of sections ...)
+CVE-2017-7613
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859990)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21312
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=4314716cd498bb51639db717bd7ce6182de33322
-CVE-2017-7612 (The check_sysv_hash function in elflint.c in elfutils 0.168 allows ...)
+CVE-2017-7612
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859991)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21311
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=61fe61898747f63eb35a81c2261f3590a3dab8fd
-CVE-2017-7611 (The check_symtab_shndx function in elflint.c in elfutils 0.168 allows ...)
+CVE-2017-7611
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859992)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21310
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=9a0d9d314a6342b56e3277bd7ad7ecb6e73a7d38
-CVE-2017-7610 (The check_group function in elflint.c in elfutils 0.168 allows remote ...)
+CVE-2017-7610
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859993)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21320
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=fb6709f1a41b58a9557ea45b7f53ae678c660b21
-CVE-2017-7609 (elf_compress.c in elfutils 0.168 does not validate the zlib compression ...)
+CVE-2017-7609
 	- elfutils 0.168-1 (bug #859994)
 	[jessie] - elfutils <not-affected> (Vulnerable code not present)
 	[wheezy] - elfutils <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21301
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c/
-CVE-2017-7608 (The ebl_object_note_type_name function in eblobjnotetypename.c in ...)
+CVE-2017-7608
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859995)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21300
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b0b58c5e0b34e54194aa042f2310af58ee7de603
-CVE-2017-7607 (The handle_gnu_hash function in readelf.c in elfutils 0.168 allows ...)
+CVE-2017-7607
 	- elfutils 0.168-1 (bug #859996)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	[wheezy] - elfutils <not-affected> (vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21299
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c/
-CVE-2017-7605 (aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion ...)
+CVE-2017-7605
 	NOT-FOR-US: libaacplus
-CVE-2017-7604 (au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a left-shift ...)
+CVE-2017-7604
 	NOT-FOR-US: libaacplus
-CVE-2017-7603 (au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed ...)
+CVE-2017-7603
 	NOT-FOR-US: libaacplus
-CVE-2017-7602 (LibTIFF 4.0.7 has a signed integer overflow, which might allow remote ...)
+CVE-2017-7602
 	{DSA-3844-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/vadz/libtiff/commit/66e7bd59520996740e4df5495a830b42fae48bc4
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7601 (LibTIFF 4.0.7 has a &quot;shift exponent too large for 64-bit type long&quot; ...)
+CVE-2017-7601
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7600 (LibTIFF 4.0.7 has an &quot;outside the range of representable values of type ...)
+CVE-2017-7600
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7599 (LibTIFF 4.0.7 has an &quot;outside the range of representable values of type ...)
+CVE-2017-7599
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7598 (tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a ...)
+CVE-2017-7598
 	{DSA-3844-1 DLA-911-1}
 	- tiff 4.0.7-6 (low)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7597 (tif_dirread.c in LibTIFF 4.0.7 has an &quot;outside the range of ...)
+CVE-2017-7597
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7596 (LibTIFF 4.0.7 has an &quot;outside the range of representable values of type ...)
+CVE-2017-7596
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
-CVE-2017-7595 (The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows ...)
+CVE-2017-7595
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6 (low; bug #860003)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2653
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-divide-by-zero-in-jpegsetupencode-tiff_jpeg-c
 	NOTE: https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
-CVE-2017-7594 (The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in ...)
+CVE-2017-7594
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6 (low; bug #860001)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2659
 	NOTE: https://github.com/vadz/libtiff/commit/2ea32f7372b65c24b2816f11c04bf59b5090d05b
 	NOTE: https://github.com/vadz/libtiff/commit/8283e4d1b7e53340684d12932880cbcbaf23a8c1
-CVE-2017-7593 (tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is ...)
+CVE-2017-7593
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6 (bug #860000)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2651
 	NOTE: https://github.com/vadz/libtiff/commit/d60332057b9575ada4f264489582b13e30137be1
-CVE-2017-7592 (The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a ...)
+CVE-2017-7592
 	{DSA-3844-1 DLA-911-1}
 	- tiff 4.0.7-6 (bug #859998)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2658
 	NOTE: https://github.com/vadz/libtiff/commit/48780b4fcc425cddc4ef8ffdf536f96a0d1b313b
-CVE-2017-7617 (Remote code execution can occur in Asterisk Open Source 13.x before ...)
+CVE-2017-7617
 	- asterisk 1:13.14.1~dfsg-1 (bug #859910)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
 	[wheezy] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-001.html
-CVE-2017-7619 (In ImageMagick 7.0.4-9, an infinite loop can occur because of a ...)
+CVE-2017-7619
 	{DSA-3863-1 DLA-902-1}
 	- imagemagick 8:6.9.7.4+dfsg-4 (bug #859769)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31506
 	NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/63757068c803f692bd70304b06ce3406e0b67c7f
-CVE-2017-7606 (coders/rle.c in ImageMagick 7.0.5-4 has an &quot;outside the range of ...)
+CVE-2017-7606
 	{DSA-3863-1 DLA-902-1}
 	- imagemagick 8:6.9.7.4+dfsg-4 (bug #859771)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/415
 	NOTE: https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/
-CVE-2017-7591 (OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site ...)
+CVE-2017-7591
 	NOT-FOR-US: ForgeRock OpenIDM
-CVE-2017-7590 (OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site ...)
+CVE-2017-7590
 	NOT-FOR-US: ForgeRock OpenIDM
-CVE-2017-7589 (In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak ...)
+CVE-2017-7589
 	NOT-FOR-US: ForgeRock OpenIDM
-CVE-2017-7588 (On certain Brother devices, authorization is mishandled by including a ...)
+CVE-2017-7588
 	NOT-FOR-US: Brother devices
 CVE-2017-7587
 	RESERVED
-CVE-2017-7586 (In libsndfile before 1.0.28, an error in the &quot;header_read()&quot; function ...)
+CVE-2017-7586
 	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -31655,7 +31653,7 @@ CVE-2017-7586 (In libsndfile before 1.0.28, an error in the &quot;header_read()&
 	NOTE: https://github.com/erikd/libsndfile/commit/f457b7b5ecfe91697ed01cfc825772c4d8de1236
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
 	NOTE: https://sources.debian.org/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
-CVE-2017-7585 (In libsndfile before 1.0.28, an error in the &quot;flac_buffer_copy()&quot; ...)
+CVE-2017-7585
 	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -31663,64 +31661,64 @@ CVE-2017-7585 (In libsndfile before 1.0.28, an error in the &quot;flac_buffer_co
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
 	NOTE: https://sources.debian.org/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
-CVE-2017-7584 (Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows ...)
+CVE-2017-7584
 	NOT-FOR-US: Foxit PDF Toolkit
-CVE-2017-7583 (ILIAS before 5.2.3 has XSS via SVG documents. ...)
+CVE-2017-7583
 	NOT-FOR-US: ILIAS
 CVE-2017-7582
 	RESERVED
-CVE-2017-7581 (SQL injection vulnerability in NewsController.php in the News module ...)
+CVE-2017-7581
 	NOT-FOR-US: News module for TYPO3
 CVE-2017-7580
 	RESERVED
-CVE-2017-7579 (inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. ...)
+CVE-2017-7579
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-7577 (XiongMai uc-httpd has directory traversal allowing the reading of ...)
+CVE-2017-7577
 	NOT-FOR-US: XiongMai uc-httpd
-CVE-2017-7576 (DragonWave Horizon 1.01.03 wireless radios have hardcoded login ...)
+CVE-2017-7576
 	NOT-FOR-US: DragonWave Horizon
-CVE-2017-7575 (Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote ...)
+CVE-2017-7575
 	NOT-FOR-US: Schneider
-CVE-2017-7574 (Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric ...)
+CVE-2017-7574
 	NOT-FOR-US: Schneider
 CVE-2017-7573
 	RESERVED
-CVE-2017-7572 (The _checkPolkitPrivilege function in serviceHelper.py in Back In Time ...)
+CVE-2017-7572
 	- backintime 1.1.12-2 (bug #859815)
 	[jessie] - backintime <no-dsa> (Minor issue)
 	[wheezy] - backintime <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/07/2
 	NOTE: https://github.com/bit-team/backintime/commit/7f208dc547f569b689c888103e3b593a48cd1869
-CVE-2017-7571 (public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is ...)
+CVE-2017-7571
 	NOT-FOR-US: Faveo
-CVE-2017-7570 (PivotX 2.3.11 allows remote authenticated Advanced users to execute ...)
+CVE-2017-7570
 	NOT-FOR-US: PivotX
-CVE-2017-7569 (In vBulletin before 5.3.0, remote attackers can bypass the ...)
+CVE-2017-7569
 	NOT-FOR-US: vBulletin
-CVE-2017-7568 (NetApp OnCommand Unified Manager for 7-Mode (core package) versions ...)
+CVE-2017-7568
 	NOT-FOR-US: NetApp
 CVE-2017-7567
 	RESERVED
-CVE-2017-7566 (MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection ...)
+CVE-2017-7566
 	NOT-FOR-US: MyBB
-CVE-2017-7565 (Splunk Hadoop Connect App has a path traversal vulnerability that ...)
+CVE-2017-7565
 	NOT-FOR-US: Splunk Hadoop Connect App
-CVE-2017-7564 (In ARM Trusted Firmware through 1.3, the secure self-hosted invasive ...)
+CVE-2017-7564
 	NOT-FOR-US: ARM
-CVE-2017-7563 (In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 ...)
+CVE-2017-7563
 	NOT-FOR-US: ARM
-CVE-2017-7578 (Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow ...)
+CVE-2017-7578
 	{DLA-890-1}
 	- ming <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/07/1
 	NOTE: https://github.com/libming/libming/issues/68
-CVE-2017-7562 (An authentication bypass flaw was found in the way krb5's certauth ...)
+CVE-2017-7562
 	- krb5 <not-affected> (Vulnerable code introduced later, cf. #873281)
 	NOTE: https://github.com/krb5/krb5/pull/694
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/50fe4074f188c2d4da0c421e96553acea8378db2
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/1de6ca2f2eb1fdbab51f1549a25a6903aefcc196
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/b7af544e50a4d8291524f590e20dd44430bf627d
-CVE-2017-7561 (Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is ...)
+CVE-2017-7561
 	- resteasy 3.6.2-1 (bug #873392)
 	[jessie] - resteasy <not-affected> (CORS Filter added in 3.0.7.Final)
 	- resteasy3.0 3.0.26-1 (bug #908836)
@@ -31728,11 +31726,11 @@ CVE-2017-7561 (Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is ...
 	NOTE: https://issues.jboss.org/projects/RESTEASY/issues/RESTEASY-1704
 	NOTE: Fixed by: https://github.com/resteasy/Resteasy/commit/517db971d8f7094124416bf72091fd0b45a13028
 	NOTE: Fixed in 4.0.0.Beta1, 3.0.25.Final, 3.5.0.CR1
-CVE-2017-7560 (It was found that rhnsd PID files are created as world-writable that ...)
+CVE-2017-7560
 	- rhnsd <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1480550
 	NOTE: Introduced by: https://github.com/spacewalkproject/spacewalk/commit/75d9c00b96ab430221c5c7668baebebc74ddd67e
-CVE-2017-7559 (In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and ...)
+CVE-2017-7559
 	- undertow 1.4.23-1 (bug #885576)
 	NOTE: CVE is for an incomplete fix of CVE-2017-2666
 	NOTE: Invalid characters were still allowed in the query string and path parameters.
@@ -31740,41 +31738,41 @@ CVE-2017-7559 (In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, a
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1295
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/3436b03eda8b0b62c1855698c4d7c358add836c2
-CVE-2017-7558 (A kernel data leak due to an out-of-bound read was found in the Linux ...)
+CVE-2017-7558
 	- linux 4.12.13-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code introduced later 4.7 and not backported)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later 4.7 and not backported)
-CVE-2017-7557 (dnsdist version 1.1.0 is vulnerable to a flaw in authentication ...)
+CVE-2017-7557
 	- dnsdist 1.2.0-1 (low; bug #872854)
 	[stretch] - dnsdist 1.1.0-2+deb9u1
 	NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-02.html
 	NOTE: https://downloads.powerdns.com/patches/2017-02
-CVE-2017-7556 (Hawtio versions up to and including 1.5.3 are vulnerable to CSRF ...)
+CVE-2017-7556
 	NOT-FOR-US: hawtio
-CVE-2017-7555 (Augeas versions up to and including 1.8.0 are vulnerable to heap-based ...)
+CVE-2017-7555
 	{DSA-3949-1 DLA-1067-1}
 	- augeas 1.8.1-1 (bug #872400)
 	NOTE: https://github.com/hercules-team/augeas/pull/480
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1478373
-CVE-2017-7554 (It was found that the App Studio component of RHMAP 4.4 executes ...)
+CVE-2017-7554
 	NOT-FOR-US: Red Hat Mobile Application Platform
-CVE-2017-7553 (The external_request api call in App Studio (millicore) allows server ...)
+CVE-2017-7553
 	NOT-FOR-US: Red Hat Mobile Application Platform
-CVE-2017-7552 (A flaw was discovered in the file editor of millicore, affecting ...)
+CVE-2017-7552
 	NOT-FOR-US: Red Hat Mobile Application Platform
-CVE-2017-7551 (389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to ...)
+CVE-2017-7551
 	- 389-ds-base 1.3.6.7-1 (bug #870752)
 	[jessie] - 389-ds-base <not-affected> (vulnerable code not present)
 	NOTE: https://pagure.io/389-ds-base/issue/49336
-CVE-2017-7550 (A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x ...)
+CVE-2017-7550
 	- ansible 2.4.2.0+dfsg-1 (unimportant)
 	NOTE: https://github.com/ansible/ansible/issues/30874
 	NOTE: https://github.com/ansible/ansible/pull/30875
 	NOTE: Just an insecure example
-CVE-2017-7549 (A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat ...)
+CVE-2017-7549
 	NOT-FOR-US: instack-undercloud
-CVE-2017-7548 (PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to ...)
+CVE-2017-7548
 	{DSA-3936-1 DSA-3935-1}
 	- postgresql-9.6 9.6.4-1
 	- postgresql-9.4 <removed>
@@ -31784,7 +31782,7 @@ CVE-2017-7548 (PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7547 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...)
+CVE-2017-7547
 	{DSA-3936-1 DSA-3935-1 DLA-1051-1}
 	- postgresql-9.6 9.6.4-1
 	- postgresql-9.4 <removed>
@@ -31793,7 +31791,7 @@ CVE-2017-7547 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7546 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...)
+CVE-2017-7546
 	{DSA-3936-1 DSA-3935-1 DLA-1051-1}
 	- postgresql-9.6 9.6.4-1
 	- postgresql-9.4 <removed>
@@ -31802,74 +31800,74 @@ CVE-2017-7546 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7545 (It was discovered that the XmlUtils class in jbpmmigration 6.5 ...)
+CVE-2017-7545
 	NOT-FOR-US: jbpm-designer / jBPM
-CVE-2017-7544 (libexif through 0.6.21 is vulnerable to out-of-bounds heap read ...)
+CVE-2017-7544
 	- libexif 0.6.21-2.1 (bug #876466)
 	[stretch] - libexif <no-dsa> (Minor issue)
 	[jessie] - libexif <no-dsa> (Minor issue)
 	[wheezy] - libexif <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libexif/bugs/130/
-CVE-2017-7543 (A race-condition flaw was discovered in openstack-neutron before ...)
+CVE-2017-7543
 	- neutron <not-affected> (Specific to Red Hat packaging)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473792
-CVE-2017-7542 (The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux ...)
+CVE-2017-7542
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/6399f1fae4ec29fab5ec76070435555e256ca3a6
-CVE-2017-7541 (The brcmf_cfg80211_mgmt_tx function in ...)
+CVE-2017-7541
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.12.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8f44c9a41386729fea410e688959ddaa9d51be7c
-CVE-2017-7540 (rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are ...)
+CVE-2017-7540
 	NOT-FOR-US: Safemode ruby gem
-CVE-2017-7539 (An assertion-failure flaw was found in Qemu before 2.10.1, in the ...)
+CVE-2017-7539
 	- qemu <not-affected> (Vulnerable code introduced in v2.9.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced in v2.9.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=2b0bbc4f8809c972bad134bc1a2570dbb01dea0b
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ff82911cd3f69f028f2537825c9720ff78bc3f19
-CVE-2017-7538 (A cross-site scripting (XSS) flaw was found in how an organization ...)
+CVE-2017-7538
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-7537 (It was found that a mock CMC authentication plugin with a hardcoded ...)
+CVE-2017-7537
 	- dogtag-pki 10.3.5+12-5 (bug #869261)
 	NOTE: https://github.com/dogtagpki/pki/commit/876d13c6d20e7e1235b9
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470817
-CVE-2017-7536 (In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it ...)
+CVE-2017-7536
 	- libhibernate-validator-java 4.3.3-4 (bug #885577)
 	[stretch] - libhibernate-validator-java 4.3.3-1+deb9u1
 	[jessie] - libhibernate-validator-java <not-affected> (Vulnerable code introduced in 4.3)
 	[wheezy] - libhibernate-validator-java <not-affected> (Vulnerable code introduced in 4.3)
 	NOTE: https://github.com/hibernate/hibernate-validator/commit/0ed45f37c4680998167179e631113a2c9cb5d113
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573
-CVE-2017-7535 (foreman before version 1.16.0 is vulnerable to a stored XSS in ...)
+CVE-2017-7535
 	- foreman <itp> (bug #663101)
-CVE-2017-7534 (OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the ...)
+CVE-2017-7534
 	NOT-FOR-US: OpenShift
-CVE-2017-7533 (Race condition in the fsnotify implementation in the Linux kernel ...)
+CVE-2017-7533
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.12.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/03/2
 	NOTE: Fixed by: https://git.kernel.org/linus/49d31c2f389acfe83417083e1208422b4091cd9 (v4.13-rc1)
-CVE-2017-7532 (In Moodle 3.x, course creators are able to change system default ...)
+CVE-2017-7532
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=355556
-CVE-2017-7531 (In Moodle 3.3, the course overview block reveals activities in hidden ...)
+CVE-2017-7531
 	- moodle <not-affected> (Only affects 3.3)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=355555
-CVE-2017-7530 (In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before ...)
+CVE-2017-7530
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2017-7529 (Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable ...)
+CVE-2017-7529
 	{DSA-3908-1 DLA-1024-1}
 	- nginx 1.13.3-1 (bug #868109)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
 	NOTE: Fixed in 1.13.3, 1.12.1.
-CVE-2017-7528 (Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 ...)
+CVE-2017-7528
 	NOT-FOR-US: Ansible Tower
 CVE-2017-7527
 	RESERVED
-CVE-2017-7526 (libgcrypt before version 1.7.8 is vulnerable to a cache side-channel ...)
+CVE-2017-7526
 	{DSA-3960-1 DSA-3901-1 DLA-1080-1 DLA-1015-1}
 	- libgcrypt20 1.7.8-1
 	- libgcrypt11 <removed>
@@ -31890,16 +31888,16 @@ CVE-2017-7526 (libgcrypt before version 1.7.8 is vulnerable to a cache side-chan
 	NOTE: For GnuPG: https://lists.gnupg.org/pipermail/gnupg-users/2017-July/058598.html
 	NOTE: GnuPG: https://dev.gnupg.org/rC8725c99ffa41778f382ca97233183bcd687bb0ce
 	NOTE: GnuPG1: https://dev.gnupg.org/D438
-CVE-2017-7525 (A deserialization flaw was discovered in the jackson-databind, ...)
+CVE-2017-7525
 	{DSA-4004-1}
 	- jackson-databind 2.9.1-1 (bug #870848)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1599
-CVE-2017-7524 (tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...)
+CVE-2017-7524
 	- tpm2-tools 2.1.0-1 (bug #866257)
 	NOTE: https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157
-CVE-2017-7523 (Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to ...)
+CVE-2017-7523
 	NOT-FOR-US: Cygwin
-CVE-2017-7522 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
+CVE-2017-7522
 	- openvpn 2.4.3-1 (unimportant)
 	[jessie] - openvpn <not-affected> (x509-track implemented in 2.4.0)
 	[wheezy] - openvpn <not-affected> (x509-track implemented in 2.4.0)
@@ -31908,7 +31906,7 @@ CVE-2017-7522 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
 	NOTE: In Debian openvpn is compiled against OpenSSL, thus even affected
 	NOTE: code present.
-CVE-2017-7521 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
+CVE-2017-7521
 	{DSA-3900-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	[wheezy] - openvpn <not-affected> (Vulnerable code not present)
@@ -31920,7 +31918,7 @@ CVE-2017-7521 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to
 	NOTE: Fixed by (2.3.x): https://github.com/OpenVPN/openvpn/commit/1dde0cd6e5e6a0f2f45ec9969b7ff1b6537514ad
 	NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
-CVE-2017-7520 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
+CVE-2017-7520
 	{DSA-3900-1 DLA-999-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	NOTE: Fixed by (master): https://github.com/OpenVPN/openvpn/commit/7718c8984f04b507c1885f363970e2124e3c6c77
@@ -31928,12 +31926,12 @@ CVE-2017-7520 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to
 	NOTE: Fixed by (2.3.x): https://github.com/OpenVPN/openvpn/commit/f38a4a105979b87ebebe9be1c3d323116d3fb924
 	NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
-CVE-2017-7519 (In Ceph, a format string flaw was found in the way libradosstriper ...)
+CVE-2017-7519
 	{DSA-4339-1}
 	- ceph 12.2.8+dfsg1-1 (bug #864535)
 	[jessie] - ceph <not-affected> (Vulnerable code not present)
 	NOTE: http://tracker.ceph.com/issues/20240
-CVE-2017-7518 (A flaw was found in the Linux kernel before version 4.12 in the way ...)
+CVE-2017-7518
 	{DSA-3981-1}
 	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -31946,18 +31944,18 @@ CVE-2017-7517
 	NOT-FOR-US: OpenShift
 CVE-2017-7516
 	REJECTED
-CVE-2017-7515 (poppler through version 0.55.0 is vulnerable to an uncontrolled ...)
+CVE-2017-7515
 	- poppler 0.57.0-2 (unimportant)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101208
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=771c82623e8e1e0c92b8ca6f7c2b8a81ccbb60d3
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-7514 (A cross-site scripting (XSS) flaw was found in how the failed action ...)
+CVE-2017-7514
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-7513 (It was found that Satellite 5 configured with SSL/TLS for the ...)
+CVE-2017-7513
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-7512 (Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before ...)
+CVE-2017-7512
 	NOT-FOR-US: Red Hat 3scale
-CVE-2017-7511 (poppler since version 0.17.3 has been vulnerable to NULL pointer ...)
+CVE-2017-7511
 	- poppler 0.57.0-2 (unimportant; bug #863759)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101149
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101153
@@ -31966,9 +31964,9 @@ CVE-2017-7511 (poppler since version 0.17.3 has been vulnerable to NULL pointer
 CVE-2017-7510
 	RESERVED
 	NOT-FOR-US: ovirt-engine
-CVE-2017-7509 (An input validation error was found in Red Hat Certificate System's ...)
+CVE-2017-7509
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2017-7508 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
+CVE-2017-7508
 	{DSA-3900-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	[wheezy] - openvpn <not-affected> (Vulnerable code not present)
@@ -31977,7 +31975,7 @@ CVE-2017-7508 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to
 	NOTE: Fixed by (master): https://github.com/OpenVPN/openvpn/commit/c3f47077a7756de5929094569421a95aa66f2022
 	NOTE: Fixed by (2.4.x): https://github.com/OpenVPN/openvpn/commit/ed28cde3d8bf3f1459b2f42f0e27d64801009f92
 	NOTE: Fixed by (2.3.x): https://github.com/OpenVPN/openvpn/commit/fc61d1bda112ffc669dbde961fab19f60b3c7439
-CVE-2017-7507 (GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer ...)
+CVE-2017-7507
 	{DSA-3884-1}
 	[experimental] - gnutls28 3.5.13-1
 	- gnutls28 3.5.8-6 (bug #864560)
@@ -31987,26 +31985,26 @@ CVE-2017-7507 (GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/4c4d35264fada08b6536425c051fb8e0b05ee86b
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/3efb6c5fd0e3822ec11879d5bcbea0e8d322cd03
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/e1d6c59a7b0392fb3b8b75035614084a53e2c8c9
-CVE-2017-7506 (spice versions though 0.13 are vulnerable to out-of-bounds memory ...)
+CVE-2017-7506
 	{DSA-3907-1}
 	- spice 0.12.8-2.2 (bug #868083)
 	[wheezy] - spice <not-affected> (Vulnerable code not introduced later)
-CVE-2017-7505 (Foreman since version 1.5 is vulnerable to an incorrect authorization ...)
+CVE-2017-7505
 	- foreman <itp> (bug #663101)
-CVE-2017-7504 (HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the ...)
+CVE-2017-7504
 	NOT-FOR-US: Red Hat JBoss
-CVE-2017-7503 (It was found that the Red Hat JBoss EAP 7.0.5 implementation of ...)
+CVE-2017-7503
 	NOT-FOR-US: Red Hat JBoss EAP implementation of javax.xml.transform.TransformerFactory
-CVE-2017-7502 (Null pointer dereference vulnerability in NSS since 3.24.0 was found ...)
+CVE-2017-7502
 	{DSA-3872-1 DLA-971-1}
 	[experimental] - nss 2:3.29-1
 	- nss 2:3.26.2-1.1 (bug #863839)
 	NOTE: https://hg.mozilla.org/projects/nss/rev/55ea60effd0d
-CVE-2017-7501 (It was found that versions of rpm before 4.13.0.2 use temporary files ...)
+CVE-2017-7501
 	- rpm <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1452133
 	NOTE: Not supported for installations in Debian (and an unprivileged attacker would not have permissions for systems directories anyway)
-CVE-2017-7500 (It was found that rpm did not properly handle RPM installations when a ...)
+CVE-2017-7500
 	- rpm <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1450369
 	NOTE: Not supported for installations in Debian (and an unprivileged attacker would not have permissions for systems directories anyway)
@@ -32014,20 +32012,20 @@ CVE-2017-7499
 	REJECTED
 CVE-2017-7498
 	REJECTED
-CVE-2017-7497 (The dialog for creating cloud volumes (cinder provider) in CloudForms ...)
+CVE-2017-7497
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2017-7496 (fedora-arm-installer up to and including 1.99.16 is vulnerable to ...)
+CVE-2017-7496
 	NOT-FOR-US: fedora-arm-installer
-CVE-2017-7495 (fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 ...)
+CVE-2017-7495
 	- linux 4.6.2-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/06bd3c36a733ac27962fea7d6f47168841376824
-CVE-2017-7494 (Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is ...)
+CVE-2017-7494
 	{DSA-3860-1 DLA-951-1}
 	- samba 2:4.5.8+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-7494.html
-CVE-2017-7493 (Quick Emulator (Qemu) built with the VirtFS, host directory sharing ...)
+CVE-2017-7493
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-6
 	- qemu-kvm <removed>
@@ -32035,22 +32033,22 @@ CVE-2017-7493 (Quick Emulator (Qemu) built with the VirtFS, host directory shari
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg03663.html
 CVE-2017-7492
 	REJECTED
-CVE-2017-7491 (In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers ...)
+CVE-2017-7491
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=352355
-CVE-2017-7490 (In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because ...)
+CVE-2017-7490
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=352354
-CVE-2017-7489 (In Moodle 2.x and 3.x, remote authenticated users can take ownership of ...)
+CVE-2017-7489
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=352353
-CVE-2017-7488 (Authconfig version 6.2.8 is vulnerable to an Information exposure ...)
+CVE-2017-7488
 	NOT-FOR-US: authconfig in Red Hat
-CVE-2017-7487 (The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel ...)
+CVE-2017-7487
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ee0d8d8482345ff97a75a7d747efc309f13b0d80
-CVE-2017-7486 (PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in ...)
+CVE-2017-7486
 	{DSA-3851-1 DLA-1051-1}
 	- postgresql-9.6 9.6.3-1
 	- postgresql-9.4 <removed>
@@ -32058,14 +32056,14 @@ CVE-2017-7486 (PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	- postgresql-8.4 <not-affected> (feature not present in 8.x)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c928addfccd7f9905472dddd94e9cd10bc3f6808
-CVE-2017-7485 (In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before ...)
+CVE-2017-7485
 	{DSA-3851-1}
 	- postgresql-9.6 9.6.3-1
 	- postgresql-9.4 <removed>
 	- postgresql-9.1 <not-affected> (bug introduced in 9.3)
 	- postgresql-8.4 <not-affected> (bug introduced in 9.3)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=aafbd1df969135c185947c596c46608fc9f4a67c
-CVE-2017-7484 (It was found that some selectivity estimation functions in PostgreSQL ...)
+CVE-2017-7484
 	{DSA-3851-1}
 	- postgresql-9.6 9.6.3-1
 	- postgresql-9.4 <removed>
@@ -32077,30 +32075,30 @@ CVE-2017-7484 (It was found that some selectivity estimation functions in Postgr
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c33c42362256382ed398df9dcda559cd547c68a7
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cad15943225adbcadea51602b38b04d71d1183d2
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=935e77d527a018b652f247c7374c558871210db6
-CVE-2017-7483 (Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the ...)
+CVE-2017-7483
 	- rxvt 1:2.7.10-7.1 (low; bug #861694)
 	[stretch] - rxvt <no-dsa> (Minor issue)
 	[jessie] - rxvt <no-dsa> (Minor issue)
 	[wheezy] - rxvt <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/01/15
-CVE-2017-7482 (In the Linux kernel before version 4.12, Kerberos 5 tickets decoded ...)
+CVE-2017-7482
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5f2f97656ada8d811d3c1bef503ced266fcd53a0
-CVE-2017-7481 (Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark ...)
+CVE-2017-7481
 	- ansible 2.3.1.0+dfsg-1 (bug #862666)
 	[stretch] - ansible <no-dsa> (Minor issue)
 	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1450018
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2
-CVE-2017-7480 (rkhunter versions before 1.4.4 are vulnerable to file download over ...)
+CVE-2017-7480
 	{DLA-1039-1}
 	- rkhunter 1.4.4-1 (bug #866677)
 	[stretch] - rkhunter 1.4.2-6+deb9u1
 	[jessie] - rkhunter 1.4.2-0.4+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/29/2
 	NOTE: http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/files/rkhunter?r1=1.549&r2=1.550&view=patch
-CVE-2017-7479 (OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to ...)
+CVE-2017-7479
 	{DLA-944-1}
 	- openvpn 2.4.0-5 (low)
 	[jessie] - openvpn 2.3.4-5+deb8u2
@@ -32109,7 +32107,7 @@ CVE-2017-7479 (OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to
 	NOTE: https://github.com/OpenVPN/openvpn/commit/b727643cdf4e078f132a90e1c474a879a5760578 (2.3.x)
 	NOTE: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14643.html (3 patches for 2.2.x)
 	NOTE: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
-CVE-2017-7478 (OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated ...)
+CVE-2017-7478
 	- openvpn 2.4.0-5
 	[jessie] - openvpn <not-affected> (Vulnerable code introduced later)
 	[wheezy] - openvpn <not-affected> (Vulnerable code introduced later)
@@ -32119,18 +32117,18 @@ CVE-2017-7478 (OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated
 	NOTE: Introduced in: https://github.com/OpenVPN/openvpn/commit/3c1b19e04745177185decd14da82c71458442b82 (2.4.0)
 	NOTE: Introduced in (backported to 2.3.12): https://github.com/OpenVPN/openvpn/commit/358f513c008bf01fadb82759ac75ffb8613fc785
 	NOTE: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
-CVE-2017-7477 (Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module ...)
+CVE-2017-7477
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Introduced in 4.6)
 	[wheezy] - linux <not-affected> (Introduced in 4.6)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/25/4
 	NOTE: Fixed by: https://git.kernel.org/linus/4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
 	NOTE: Fixed by: https://git.kernel.org/linus/5294b83086cc1c35b4efeca03644cf9d12282e5b
-CVE-2017-7476 (Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ ...)
+CVE-2017-7476
 	- gnulib <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=94e01571
 	NOTE: Introduced with 4bc76593 and 4e6e16b3f.
-CVE-2017-7475 (Cairo version 1.15.4 is vulnerable to a NULL pointer dereference ...)
+CVE-2017-7475
 	- cairo <unfixed> (low; bug #870264)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
@@ -32138,17 +32136,17 @@ CVE-2017-7475 (Cairo version 1.15.4 is vulnerable to a NULL pointer dereference
 	[wheezy] - cairo <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100763
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/80
-CVE-2017-7474 (It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not ...)
+CVE-2017-7474
 	NOT-FOR-US: Keycloak
 CVE-2017-7473
 	REJECTED
-CVE-2017-7472 (The KEYS subsystem in the Linux kernel before 4.10.13 allows local ...)
+CVE-2017-7472
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: https://lkml.org/lkml/2017/4/1/235
 	NOTE: https://lkml.org/lkml/2017/4/3/724
-CVE-2017-7471 (Quick Emulator (Qemu) built with the VirtFS, host directory sharing ...)
+CVE-2017-7471
 	{DLA-1035-1}
 	- qemu 1:2.8+dfsg-5 (bug #860785)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced with fix for CVE-2016-9602)
@@ -32159,129 +32157,129 @@ CVE-2017-7471 (Quick Emulator (Qemu) built with the VirtFS, host directory shari
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1443401
 	NOTE: Introduced by: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=acf22d2264a131ad2695b5a18746dabf0cc8b843
 	NOTE: which is part of the fix for CVE-2016-9602.
-CVE-2017-7470 (It was found that spacewalk-channel can be used by a non-admin user or ...)
+CVE-2017-7470
 	NOT-FOR-US: Red Hat / spacewalk-backend
 CVE-2017-7469
 	REJECTED
-CVE-2017-7468 (In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would ...)
+CVE-2017-7468
 	- curl 7.52.1-5
 	[jessie] - curl <not-affected> (Only affects 7.52 and later)
 	[wheezy] - curl <not-affected> (Only affects 7.52 and later)
 	NOTE: https://curl.haxx.se/docs/adv_20170419.html
-CVE-2017-7467 (A buffer overflow flaw was found in the way minicom before version ...)
+CVE-2017-7467
 	{DLA-914-1}
 	- minicom 2.7-1.1 (bug #860940)
 	[jessie] - minicom 2.7-1+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/5
-CVE-2017-7466 (Ansible before version 2.3 has an input validation vulnerability in ...)
+CVE-2017-7466
 	- ansible 2.2.1.0-2
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ansible/ansible/commit/0d418789a298561fded9bce977d34babc9097079 (v2.3.0.0-0.1.rc1)
-CVE-2017-7465 (It was found that the JAXP implementation used in JBoss EAP 7.0 for ...)
+CVE-2017-7465
 	NOT-FOR-US: JBoss JAXP
-CVE-2017-7464 (It was found that the JAXP implementation used in JBoss EAP 7.0 for ...)
+CVE-2017-7464
 	NOT-FOR-US: JBoss JAXP
-CVE-2017-7463 (JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a ...)
+CVE-2017-7463
 	NOT-FOR-US: Red Hat business central
-CVE-2017-7462 (Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a ...)
+CVE-2017-7462
 	NOT-FOR-US: Intellinet NFC-30ir IP Camera
-CVE-2017-7461 (Directory traversal vulnerability in the web-based management site on ...)
+CVE-2017-7461
 	NOT-FOR-US: Intellinet NFC-30ir IP Camera
 CVE-2017-7460
 	RESERVED
-CVE-2017-7459 (ntopng before 3.0 allows HTTP Response Splitting. ...)
+CVE-2017-7459
 	- ntopng 2.4+dfsg1-4 (bug #866719)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntop/ntopng/commit/9469e58f07e043da712e6d6c41244852a11bcaeb
-CVE-2017-7458 (The NetworkInterface::getHost function in NetworkInterface.cpp in ...)
+CVE-2017-7458
 	- ntopng 2.4+dfsg1-4 (bug #866721)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f
-CVE-2017-7457 (XML External Entity via &quot;.AOP&quot; files used by Moxa MX-AOPC Server 1.5 ...)
+CVE-2017-7457
 	NOT-FOR-US: Moxa
-CVE-2017-7456 (Moxa MXView 2.8 allows remote attackers to cause a Denial of Service ...)
+CVE-2017-7456
 	NOT-FOR-US: Moxa
-CVE-2017-7455 (Moxa MXView 2.8 allows remote attackers to read web server's private ...)
+CVE-2017-7455
 	NOT-FOR-US: Moxa
-CVE-2017-7454 (The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a ...)
+CVE-2017-7454
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7453 (The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a ...)
+CVE-2017-7453
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7452 (The iwbmp_read_info_header function in imagew-bmp.c in ...)
+CVE-2017-7452
 	NOT-FOR-US: ImageWorsener
 CVE-2017-7451
 	RESERVED
-CVE-2017-7450 (AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated ...)
+CVE-2017-7450
 	NOT-FOR-US: AIRTAME HDMI dongle
 CVE-2017-7449
 	RESERVED
-CVE-2017-7448 (The allocate_channel_framebuffer function in uncompressed_components.hh ...)
+CVE-2017-7448
 	- lepton 1.2.1-3 (bug #859714)
 	NOTE: https://github.com/dropbox/lepton/issues/86
 	NOTE: https://github.com/dropbox/lepton/commit/7789d99ac156adfd7bbf66e7824bd3e948a74cf7
-CVE-2017-7447 (HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote ...)
+CVE-2017-7447
 	NOT-FOR-US: HelpDEZk
-CVE-2017-7446 (HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of ...)
+CVE-2017-7446
 	NOT-FOR-US: HelpDEZk
 CVE-2017-7445
 	RESERVED
-CVE-2017-0887 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the ...)
+CVE-2017-0887
 	- nextcloud <itp> (bug #835086)
-CVE-2017-7444 (In Veritas System Recovery before 16 SP1, there is a DLL hijacking ...)
+CVE-2017-7444
 	NOT-FOR-US: Veritas System Recovery
-CVE-2017-7442 (Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code ...)
+CVE-2017-7442
 	NOT-FOR-US: Nitro Pro
-CVE-2017-7441 (In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the ...)
+CVE-2017-7441
 	NOT-FOR-US: Sophos
-CVE-2017-7440 (Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop ...)
+CVE-2017-7440
 	NOT-FOR-US: Kerio
-CVE-2017-7439 (NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might ...)
+CVE-2017-7439
 	NOT-FOR-US: NetApp
-CVE-2017-7438 (NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed ...)
+CVE-2017-7438
 	NOT-FOR-US: NetIQ Privileged Account Manager
-CVE-2017-7437 (NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed ...)
+CVE-2017-7437
 	NOT-FOR-US: NetIQ Privileged Account Manager
-CVE-2017-7436 (In libzypp before 20170803 it was possible to retrieve unsigned ...)
+CVE-2017-7436
 	- libzypp 17.3.1-1 (bug #899065)
 	[jessie] - libzypp <ignored> (Minor issue)
-CVE-2017-7435 (In libzypp before 20170803 it was possible to add unsigned YUM ...)
+CVE-2017-7435
 	- libzypp 17.3.1-1 (bug #899065)
 	[jessie] - libzypp <ignored> (Minor issue)
-CVE-2017-7434 (In the JDBC driver of NetIQ Identity Manager before 4.6 sending out ...)
+CVE-2017-7434
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-7433 (An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe ...)
+CVE-2017-7433
 	NOT-FOR-US: Micro Focus Vibe
-CVE-2017-7432 (Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager ...)
+CVE-2017-7432
 	NOT-FOR-US: Novell Novell iManager and NetIQ iManager
-CVE-2017-7431 (Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager ...)
+CVE-2017-7431
 	NOT-FOR-US: Novell Novell iManager and NetIQ iManager
-CVE-2017-7430 (Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager ...)
+CVE-2017-7430
 	NOT-FOR-US: Novell Novell iManager and NetIQ iManager
-CVE-2017-7429 (The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 ...)
+CVE-2017-7429
 	NOT-FOR-US: NetIQ eDirectory PKI plugin
-CVE-2017-7428 (NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of ...)
+CVE-2017-7428
 	NOT-FOR-US: NetIQ iManager
-CVE-2017-7427 (Multiple cross site scripting attacks were found in the Identity ...)
+CVE-2017-7427
 	NOT-FOR-US: NetIQ Identity Manager Plug-in
-CVE-2017-7426 (The NetIQ Identity Manager Plugins before 4.6.1 contained various XML ...)
+CVE-2017-7426
 	NOT-FOR-US: NetIQ Identity Manager Plugins
-CVE-2017-7425 (Multiple potential reflected XSS issues exist in NetIQ iManager ...)
+CVE-2017-7425
 	NOT-FOR-US: NetIQ
-CVE-2017-7424 (A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus ...)
+CVE-2017-7424
 	NOT-FOR-US: Micro Focus
-CVE-2017-7423 (A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in ...)
+CVE-2017-7423
 	NOT-FOR-US: Micro Focus
-CVE-2017-7422 (Reflected and stored Cross-Site Scripting (XSS, CWE-79) ...)
+CVE-2017-7422
 	NOT-FOR-US: Micro Focus
-CVE-2017-7421 (Reflected and stored Cross-Site Scripting (XSS, CWE-79) ...)
+CVE-2017-7421
 	NOT-FOR-US: Micro Focus
-CVE-2017-7420 (An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka ...)
+CVE-2017-7420
 	NOT-FOR-US: Micro Focus
-CVE-2017-7419 (A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 ...)
+CVE-2017-7419
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-7418 (ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the ...)
+CVE-2017-7418
 	- proftpd-dfsg 1.3.5b-4 (low; bug #859592)
 	[jessie] - proftpd-dfsg 1.3.5-1.1+deb8u2
 	[wheezy] - proftpd-dfsg <no-dsa> (Minor issue)
@@ -32290,56 +32288,56 @@ CVE-2017-7418 (ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether
 	NOTE: https://github.com/proftpd/proftpd/commit/f59593e6ff730b832dbe8754916cb5c821db579f
 CVE-2017-7417
 	RESERVED
-CVE-2017-7416 (ntopng before 3.0 allows XSS because GET and POST parameters are ...)
+CVE-2017-7416
 	- ntopng 3.2+dfsg1-1 (bug #866722)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
-CVE-2017-7415 (Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass ...)
+CVE-2017-7415
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-7414 (In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition ...)
+CVE-2017-7414
 	{DLA-1398-1}
 	- php-horde-crypt 2.7.5-2 (bug #859635)
-CVE-2017-7413 (In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition ...)
+CVE-2017-7413
 	{DLA-1398-1}
 	- php-horde-crypt 2.7.5-2 (bug #859635)
-CVE-2017-7412 (NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which ...)
+CVE-2017-7412
 	NOT-FOR-US: NixOS specific Docker issue
-CVE-2017-7411 (An issue was discovered in Enalean Tuleap 9.6 and prior versions. The ...)
+CVE-2017-7411
 	NOT-FOR-US: Enalean Tuleap
-CVE-2017-7410 (Multiple SQL injection vulnerabilities in account/signup.php and ...)
+CVE-2017-7410
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-7409 (Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect ...)
+CVE-2017-7409
 	NOT-FOR-US: Palo Alto Networks
-CVE-2017-7408 (Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to ...)
+CVE-2017-7408
 	NOT-FOR-US: Palo Alto Networks Traps ESM Console
-CVE-2017-7407 (The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow ...)
+CVE-2017-7407
 	{DLA-883-1}
 	- curl 7.52.1-4 (unimportant; bug #859500)
 	NOTE: https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13
 	NOTE: Negligible security impact
-CVE-2017-7406 (The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of ...)
+CVE-2017-7406
 	NOT-FOR-US: D-Link
-CVE-2017-7405 (On the D-Link DIR-615 before v20.12PTb04, once authenticated, this ...)
+CVE-2017-7405
 	NOT-FOR-US: D-Link
-CVE-2017-7404 (On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the ...)
+CVE-2017-7404
 	NOT-FOR-US: D-Link
 CVE-2017-7403
 	RESERVED
-CVE-2017-7402 (Pixie 1.0.4 allows remote authenticated users to upload and execute ...)
+CVE-2017-7402
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7401 (Incorrect interaction of the parse_packet() and ...)
+CVE-2017-7401
 	{DLA-884-1}
 	- collectd 5.7.2-1 (bug #859494)
 	[stretch] - collectd <no-dsa> (Minor issue)
 	[jessie] - collectd <no-dsa> (Minor issue)
 	NOTE: https://github.com/collectd/collectd/issues/2174
 	NOTE: https://github.com/collectd/collectd/commit/f6be4f9b49b949b379326c3d7002476e6ce4f211
-CVE-2017-7400 (OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 ...)
+CVE-2017-7400
 	- horizon 3:10.0.1-1 (bug #859559)
 	[jessie] - horizon <not-affected> (Vulnerable code not present)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: https://launchpad.net/bugs/1667086
-CVE-2017-1001000 (The register_routes function in ...)
+CVE-2017-1001000
 	- wordpress 4.7.2+dfsg-1
 	[jessie] - wordpress <not-affected> (Vulnerable code introduced after 4.4)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
@@ -32347,84 +32345,84 @@ CVE-2017-1001000 (The register_routes function in ...)
 	NOTE: rest-api introduced in 4.4 upstream
 CVE-2017-7399
 	RESERVED
-CVE-2017-7398 (D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request ...)
+CVE-2017-7398
 	NOT-FOR-US: D-Link
-CVE-2017-7397 (** DISPUTED ** BackBox Linux 4.6 allows remote attackers to cause a ...)
+CVE-2017-7397
 	NOT-FOR-US: BackBox OS specific CVE assignment
-CVE-2017-7396 (In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an ...)
+CVE-2017-7396
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436/commits/dccb5f7d776e93863ae10bbff56a45c523c6eeb0
-CVE-2017-7395 (In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by ...)
+CVE-2017-7395
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436/commits/bf3bdac082978ca32895a4b6a123016094905689
-CVE-2017-7394 (In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), ...)
+CVE-2017-7394
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/440
-CVE-2017-7393 (In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an ...)
+CVE-2017-7393
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/438
-CVE-2017-7392 (In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx ...)
+CVE-2017-7392
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/441
-CVE-2017-7391 (A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The ...)
+CVE-2017-7391
 	NOT-FOR-US: Magmi
-CVE-2017-7390 (A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. ...)
+CVE-2017-7390
 	NOT-FOR-US: SocialNetwork
-CVE-2017-7389 (Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass ...)
+CVE-2017-7389
 	NOT-FOR-US: The Open eClass Platform
-CVE-2017-7388 (A Cross-Site Scripting (XSS) was discovered in 'wallacepos v1.4.1'. The ...)
+CVE-2017-7388
 	NOT-FOR-US: WallacePOS
-CVE-2017-7387 (TheFirstQuestion/HelpMeWatchWho before 2017-03-28 is vulnerable to a ...)
+CVE-2017-7387
 	NOT-FOR-US: HelpMeWatchWho
-CVE-2017-7386 (citymont/symetrie v.0.9.6 is vulnerable to a reflected XSS in ...)
+CVE-2017-7386
 	NOT-FOR-US: symetrie
 CVE-2017-7385
 	RESERVED
-CVE-2017-7384 (Cross-site scripting (XSS) vulnerability in FlipBuilder Flip PDF ...)
+CVE-2017-7384
 	NOT-FOR-US: FlipBuilder Flip PDF
-CVE-2017-7383 (The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote ...)
+CVE-2017-7383
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00252-podofo-nullptr4
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7382 (The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote ...)
+CVE-2017-7382
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00251-podofo-nullptr3
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7381 (The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers ...)
+CVE-2017-7381
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00251-podofo-nullptr2
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7380 (The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers ...)
+CVE-2017-7380
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00250-podofo-nullptr1
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7379 (The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in ...)
+CVE-2017-7379
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #859331)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/2
 	NOTE: upstream fix: https://sourceforge.net/p/podofo/code/1842/
-CVE-2017-7378 (The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo ...)
+CVE-2017-7378
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859330)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/1
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1847
-CVE-2017-7377 (The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in ...)
+CVE-2017-7377
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-4 (bug #859854)
 	- qemu-kvm <removed>
@@ -32432,7 +32430,7 @@ CVE-2017-7377 (The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=d63fb193e71644a073b77ff5ac6f1216f2f6cf6e
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/03/2
 	NOTE: For older releases affected code is in hw/9pfs/virtio-9p.c
-CVE-2017-7376 (Buffer overflow in libxml2 allows remote attackers to execute ...)
+CVE-2017-7376
 	{DSA-3952-1 DLA-1060-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #870865)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public)
@@ -32442,52 +32440,52 @@ CVE-2017-7376 (Buffer overflow in libxml2 allows remote attackers to execute ...
 	NOTE: negative when cast to a 32-bit int. A negative port though in the URL would
 	NOTE: make the URL invalid. It is discussed if instead it would be best to prevent
 	NOTE: the port from ever being negative. Upstream decided to leave the above patch.
-CVE-2017-7375 (A flaw in libxml2 allows remote XML entity inclusion with default ...)
+CVE-2017-7375
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #870867)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780691 (not yet public)
 	NOTE: Android patch: https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
 	NOTE: Fix upstream: https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
-CVE-2017-7374 (Use-after-free vulnerability in fs/crypto/ in the Linux kernel before ...)
+CVE-2017-7374
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Vulnerable code not present; Introduced in 4.2-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code not present; Introduced in 4.2-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/1b53cf9815bb4744958d41f3795d5d5a1d365e2d (4.11-rc4)
-CVE-2017-7373 (In all Android releases from CAF using the Linux kernel, a double free ...)
+CVE-2017-7373
 	NOT-FOR-US: Android display driver
-CVE-2017-7372 (In all Android releases from CAF using the Linux kernel, a race ...)
+CVE-2017-7372
 	NOT-FOR-US: Android
-CVE-2017-7371 (In all Android releases from CAF using the Linux kernel, a data ...)
+CVE-2017-7371
 	NOT-FOR-US: Android
-CVE-2017-7370 (In all Android releases from CAF using the Linux kernel, a race ...)
+CVE-2017-7370
 	NOT-FOR-US: Android
-CVE-2017-7369 (In all Android releases from CAF using the Linux kernel, an array ...)
+CVE-2017-7369
 	- linux <not-affected> (Android-specific)
-CVE-2017-7368 (In all Android releases from CAF using the Linux kernel, a race ...)
+CVE-2017-7368
 	NOT-FOR-US: Android driver
-CVE-2017-7367 (In all Android releases from CAF using the Linux kernel, an integer ...)
+CVE-2017-7367
 	NOT-FOR-US: Android
-CVE-2017-7366 (In all Android releases from CAF using the Linux kernel, a KGSL ioctl ...)
+CVE-2017-7366
 	NOT-FOR-US: Android driver
-CVE-2017-7365 (In all Android releases from CAF using the Linux kernel, a buffer ...)
+CVE-2017-7365
 	NOT-FOR-US: Android
-CVE-2017-7364 (In all Qualcomm products with Android releases from CAF using the ...)
+CVE-2017-7364
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-7363 (Pixie 1.0.4 allows an admin/index.php s=publish&amp;m=module&amp;x= XSS ...)
+CVE-2017-7363
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7362 (Pixie 1.0.4 allows an admin/index.php s=publish&amp;m=dynamic&amp;x= XSS ...)
+CVE-2017-7362
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7361 (Pixie 1.0.4 allows an admin/index.php s=publish&amp;m=static&amp;x= XSS ...)
+CVE-2017-7361
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7360 (Pixie 1.0.4 allows an admin/index.php s=settings&amp;x= XSS attack. ...)
+CVE-2017-7360
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7359 (Pixie 1.0.4 allows an admin/index.php s=login&amp;m= XSS attack. ...)
+CVE-2017-7359
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7358 (In LightDM through 1.22.0, a directory traversal issue in ...)
+CVE-2017-7358
 	- lightdm <not-affected> (Vulnerable code not present)
 	NOTE: https://launchpad.net/bugs/1677924
 	NOTE: Specific script debian/guest-account.sh not merged from Ubuntu
-CVE-2017-7357 (Hipchat Server before 2.2.3 allows remote authenticated users with ...)
+CVE-2017-7357
 	NOT-FOR-US: Hipchat Server
 CVE-2017-7356
 	RESERVED
@@ -32497,9 +32495,9 @@ CVE-2017-7354
 	RESERVED
 CVE-2017-7353
 	RESERVED
-CVE-2017-7352 (Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity ...)
+CVE-2017-7352
 	NOT-FOR-US: Pure Storage Purity
-CVE-2017-7351 (A SQL injection issue exists in a file upload handler in REDCap 7.x ...)
+CVE-2017-7351
 	NOT-FOR-US: REDCap
 CVE-2017-7350
 	RESERVED
@@ -32509,32 +32507,32 @@ CVE-2017-7348
 	RESERVED
 CVE-2017-7347
 	RESERVED
-CVE-2017-7346 (The vmw_gb_surface_define_ioctl function in ...)
+CVE-2017-7346
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.14)
 	NOTE: Fixed by: https://git.kernel.org/linus/ee9c4e681ec4f58e42a83cb0c22a0289ade1aacf
-CVE-2017-7345 (NetApp OnCommand Performance Manager and OnCommand Unified Manager for ...)
+CVE-2017-7345
 	NOT-FOR-US: NetApp
-CVE-2017-7344 (A privilege escalation in Fortinet FortiClient Windows 5.4.3 and ...)
+CVE-2017-7344
 	NOT-FOR-US: Fortinet FortiClient Windows
-CVE-2017-7343 (An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below ...)
+CVE-2017-7343
 	NOT-FOR-US: Fortinet FortiPortal
 CVE-2017-7342
 	RESERVED
-CVE-2017-7341 (An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 ...)
+CVE-2017-7341
 	NOT-FOR-US: Fortinet
 CVE-2017-7340
 	RESERVED
-CVE-2017-7339 (A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions ...)
+CVE-2017-7339
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7338 (A password management vulnerability in Fortinet FortiPortal versions ...)
+CVE-2017-7338
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7337 (An improper Access Control vulnerability in Fortinet FortiPortal ...)
+CVE-2017-7337
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7336 (A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and ...)
+CVE-2017-7336
 	NOT-FOR-US: Fortinet
-CVE-2017-7335 (A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x ...)
+CVE-2017-7335
 	NOT-FOR-US: Fortinet
 CVE-2017-7334
 	RESERVED
@@ -32550,83 +32548,83 @@ CVE-2017-7329
 	RESERVED
 CVE-2017-7328
 	RESERVED
-CVE-2017-7327 (Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking ...)
+CVE-2017-7327
 	NOT-FOR-US: Yandex Browser installer for Desktop
-CVE-2017-7326 (Race condition issue in Yandex Browser for Android before 17.4.0.16 ...)
+CVE-2017-7326
 	NOT-FOR-US: Yandex Browser for Android
-CVE-2017-7325 (Yandex Browser before 16.9.0 allows remote attackers to spoof the ...)
+CVE-2017-7325
 	NOT-FOR-US: Yandex Browser
-CVE-2017-7324 (setup/templates/findcore.php in MODX Revolution 2.5.4-pl and earlier ...)
+CVE-2017-7324
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7323 (The (1) update and (2) package-installation features in MODX ...)
+CVE-2017-7323
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7322 (The (1) update and (2) package-installation features in MODX ...)
+CVE-2017-7322
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7321 (setup/controllers/welcome.php in MODX Revolution 2.5.4-pl and earlier ...)
+CVE-2017-7321
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7320 (setup/controllers/language.php in MODX Revolution 2.5.4-pl and earlier ...)
+CVE-2017-7320
 	NOT-FOR-US: MODX Revolution
 CVE-2017-7319
 	REJECTED
-CVE-2017-7318 (Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command ...)
+CVE-2017-7318
 	NOT-FOR-US: Siklu EtherHaul
-CVE-2017-7317 (An issue was discovered on Humax Digital HG100 2.0.6 devices. The ...)
+CVE-2017-7317
 	NOT-FOR-US: Humax Digital HG100
-CVE-2017-7316 (An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is ...)
+CVE-2017-7316
 	NOT-FOR-US: Humax Digital HG100R
-CVE-2017-7315 (An issue was discovered on Humax Digital HG100R 2.0.6 devices. To ...)
+CVE-2017-7315
 	NOT-FOR-US: Humax Digital HG100R
-CVE-2017-7314 (An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. ...)
+CVE-2017-7314
 	NOT-FOR-US: Personify360 e-Business
-CVE-2017-7313 (An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. ...)
+CVE-2017-7313
 	NOT-FOR-US: Personify360 e-Business
-CVE-2017-7312 (An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. ...)
+CVE-2017-7312
 	NOT-FOR-US: Personify360 e-Business
 CVE-2017-7311
 	RESERVED
-CVE-2017-7310 (A buffer overflow vulnerability in Import Command in SyncBreeze before ...)
+CVE-2017-7310
 	NOT-FOR-US: Sync Breeze Enterprise
-CVE-2017-7309 (A cross-site scripting (XSS) vulnerability in the MantisBT ...)
+CVE-2017-7309
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
-CVE-2017-7307 (Riverbed RiOS before 9.0.1 does not properly restrict shell access in ...)
+CVE-2017-7307
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-7306 (** DISPUTED ** Riverbed RiOS through 9.6.0 has a weak default password ...)
+CVE-2017-7306
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-7305 (** DISPUTED ** Riverbed RiOS through 9.6.0 does not require a ...)
+CVE-2017-7305
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-7304 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-7304
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <not-affected> (vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20931
-CVE-2017-7303 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-7303
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <not-affected> (vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20922
-CVE-2017-7302 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-7302
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20921
-CVE-2017-7301 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-7301
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20924
-CVE-2017-7300 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-7300
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20909
-CVE-2017-7299 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2017-7299
 	- binutils 2.27.51.20161220-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20908
-CVE-2017-7308 (The packet_set_ring function in net/packet/af_packet.c in the Linux ...)
+CVE-2017-7308
 	{DLA-922-1}
 	- linux 4.9.18-1
 	[jessie] - linux 3.16.43-1
@@ -32634,21 +32632,21 @@ CVE-2017-7308 (The packet_set_ring function in net/packet/af_packet.c in the Lin
 	NOTE: Fixed by: https://git.kernel.org/linus/8f8d28e4d6d815a391285e121c3a53a0b6cb9e7b
 	NOTE: Fixed by: https://git.kernel.org/linus/bcc5364bdcfe131e6379363f089e7b4108d35b70
 	NOTE: https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
-CVE-2017-7298 (In Moodle 3.2.2+, there is XSS in the Course summary filter of the &quot;Add ...)
+CVE-2017-7298
 	- moodle <removed> (unimportant)
 	NOTE: http://www.daimacn.com/post/12.html
 	NOTE: https://tracker.moodle.org/browse/MDL-52038
 	NOTE: Not considered a security issue/bug upstream, disputed that it got a CVE
 	NOTE: assigned. Mark as unimportant as non-issue.
-CVE-2017-7297 (Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users ...)
+CVE-2017-7297
 	NOT-FOR-US: Rancher Labs rancher server
-CVE-2017-7296 (An issue was discovered in Contiki Operating System 3.0. A Persistent ...)
+CVE-2017-7296
 	NOT-FOR-US: Contiki Operating System
-CVE-2017-7295 (An issue was discovered in Contiki Operating System 3.0. A ...)
+CVE-2017-7295
 	NOT-FOR-US: Contiki Operating System
-CVE-2017-7293 (The Dolby DAX2 and DAX3 API services are vulnerable to a privilege ...)
+CVE-2017-7293
 	NOT-FOR-US: Dolby
-CVE-2017-7294 (The vmw_surface_define_ioctl function in ...)
+CVE-2017-7294
 	{DLA-922-1}
 	- linux 4.9.18-1
 	[jessie] - linux 3.16.43-1
@@ -32657,37 +32655,37 @@ CVE-2017-7292
 	RESERVED
 CVE-2017-7291
 	RESERVED
-CVE-2017-7290 (SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before ...)
+CVE-2017-7290
 	NOT-FOR-US: XOOPS
 CVE-2017-7289
 	RESERVED
-CVE-2017-7288 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite ...)
+CVE-2017-7288
 	NOT-FOR-US: Zimbra
 CVE-2017-7287
 	RESERVED
 CVE-2017-7286
 	REJECTED
-CVE-2017-7285 (A vulnerability in the network stack of MikroTik Version 6.38.5 ...)
+CVE-2017-7285
 	NOT-FOR-US: MikroTik
-CVE-2017-7284 (An attacker that has hijacked a Unitrends Enterprise Backup (before ...)
+CVE-2017-7284
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7283 (An authenticated user of Unitrends Enterprise Backup before 9.1.2 can ...)
+CVE-2017-7283
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7282 (An issue was discovered in Unitrends Enterprise Backup before 9.1.1. ...)
+CVE-2017-7282
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7281 (An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A ...)
+CVE-2017-7281
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7280 (An issue was discovered in api/includes/systems.php in Unitrends ...)
+CVE-2017-7280
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7279 (An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 ...)
+CVE-2017-7279
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7278 (Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort ...)
+CVE-2017-7278
 	NOT-FOR-US: ASSA ABLOY APTUS Styra Porttelefonkort 4400
-CVE-2017-7277 (The TCP stack in the Linux kernel through 4.10.6 mishandles the ...)
+CVE-2017-7277
 	- linux <not-affected> (Vulnerable code introduced in 4.10-rc1)
-CVE-2017-7276 (There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before ...)
+CVE-2017-7276
 	NOT-FOR-US: TOPdesk
-CVE-2017-7275 (The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows ...)
+CVE-2017-7275
 	- imagemagick <unfixed> (unimportant; bug #859025)
 	NOTE: https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/271
@@ -32697,20 +32695,20 @@ CVE-2017-7275 (The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9
 	NOTE: and the issue not addressed, treat this as "non-issue" (and thus marked
 	NOTE: unimportant). If in future details can be elaborated by the reporter
 	NOTE: we might re-evaluate this entry.
-CVE-2017-7274 (The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...)
+CVE-2017-7274
 	- radare2 <not-affected> (Vulnerable parsers introduced in 1.3.0-git, cf. #858873)
 	NOTE: https://github.com/radare/radare2/commit/7ab66cca5bbdf6cb2d69339ef4f513d95e532dbf
 	NOTE: https://github.com/radare/radare2/issues/7152
-CVE-2017-7271 (Reflected Cross-site scripting (XSS) vulnerability in Yii Framework ...)
+CVE-2017-7271
 	- yii <itp> (bug #597899)
 CVE-2017-7270
 	RESERVED
-CVE-2017-7273 (The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux ...)
+CVE-2017-7273
 	{DLA-922-1}
 	- linux 4.9.6-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1ebb71143758f45dc0fa76e2f48429e13b16d110
-CVE-2017-7272 (PHP through 7.1.11 enables potential SSRF in applications that accept ...)
+CVE-2017-7272
 	{DLA-875-1}
 	- php7.1 <removed>
 	- php7.0 <removed>
@@ -32720,17 +32718,17 @@ CVE-2017-7272 (PHP through 7.1.11 enables potential SSRF in applications that ac
 	NOTE: https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a
 	NOTE: https://bugs.php.net/bug.php?id=74216
 	NOTE: Fixed in 7.1.4 and 7.0.18, but were later reverted: https://bugzilla.redhat.com/show_bug.cgi?id=1437837#c3
-CVE-2017-7269 (Buffer overflow in the ScStoragePathFromUrl function in the WebDAV ...)
+CVE-2017-7269
 	NOT-FOR-US: Windows
 CVE-2017-7268
 	RESERVED
 CVE-2017-7267
 	RESERVED
-CVE-2017-7266 (Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout ...)
+CVE-2017-7266
 	NOT-FOR-US: Netflix Security Monkey
 CVE-2017-7265
 	RESERVED
-CVE-2017-7264 (Use-after-free vulnerability in the fz_subsample_pixmap function in ...)
+CVE-2017-7264
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-3 (bug #854734)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
@@ -32740,7 +32738,7 @@ CVE-2017-7264 (Use-after-free vulnerability in the fz_subsample_pixmap function
 	NOTE: Related to CVE-2017-5896. But CVE-2017-7264 is for the use-after-free
 	NOTE: vulnerability whereas CVE-2017-5896 is for the hea-based buffer overflow
 	NOTE: in fz_subsample_pixmap.
-CVE-2017-7263 (The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows ...)
+CVE-2017-7263
 	- potrace 1.15-1 (bug #858763)
 	[stretch] - potrace <no-dsa> (Minor issue)
 	[jessie] - potrace <no-dsa> (Minor issue)
@@ -32748,9 +32746,9 @@ CVE-2017-7263 (The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allow
 	NOTE: https://blogs.gentoo.org/ago/2017/03/03/potrace-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c-incomplete-fix-for-cve-2016-8698/
 	NOTE: Proposed patch: https://github.com/asarubbo/poc/blob/master/00219-potrace-heapoverflow-bm_readbody_bmp-PATCH
 	NOTE: This CVE is for an incomplete fix of CVE-2016-8698
-CVE-2017-7262 (The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows ...)
+CVE-2017-7262
 	NOT-FOR-US: Hardware bug in AMD Ryzen CPUs, cannot be fixed via micro code updates, but only BIOS updates
-CVE-2017-7261 (The vmw_surface_define_ioctl function in ...)
+CVE-2017-7261
 	{DLA-922-1}
 	- linux 4.9.18-1
 	[jessie] - linux 3.16.43-1
@@ -32759,33 +32757,33 @@ CVE-2017-7260
 	RESERVED
 CVE-2017-7259
 	REJECTED
-CVE-2017-7258 (HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi ...)
+CVE-2017-7258
 	NOT-FOR-US: AuroMeera Technometrix
-CVE-2017-7257 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 &quot;Content--&gt;News--&gt;Add ...)
+CVE-2017-7257
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-7256 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 &quot;Content--&gt;News--&gt;Add ...)
+CVE-2017-7256
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-7255 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 &quot;Content--&gt;News--&gt;Add ...)
+CVE-2017-7255
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-7254
 	RESERVED
-CVE-2017-7253 (Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: ...)
+CVE-2017-7253
 	NOT-FOR-US: Dahua IP Camera devices
 CVE-2017-7252 [Incorrect bcrypt computation]
 	RESERVED
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Bug introduced in 1.11.0, fixed in 2.1.0.
-CVE-2017-7251 (A Cross-Site Scripting (XSS) was discovered in pi-engine/pi 2.5.0. The ...)
+CVE-2017-7251
 	NOT-FOR-US: pi-engine
-CVE-2017-7250 (A Cross-Site Scripting (XSS) was discovered in Gazelle before ...)
+CVE-2017-7250
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7249 (Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before ...)
+CVE-2017-7249
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7248 (A Cross-Site Scripting (XSS) was discovered in Gazelle before ...)
+CVE-2017-7248
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7247 (Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before ...)
+CVE-2017-7247
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7246 (Stack-based buffer overflow in the pcre32_copy_substring function in ...)
+CVE-2017-7246
 	- pcre3 <unfixed> (bug #858679; unimportant)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -32793,7 +32791,7 @@ CVE-2017-7246 (Stack-based buffer overflow in the pcre32_copy_substring function
 	NOTE: https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
 	NOTE: pcre32 support enabled only in pcre3/1:8.35-4
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1691 (8.41)
-CVE-2017-7245 (Stack-based buffer overflow in the pcre32_copy_substring function in ...)
+CVE-2017-7245
 	- pcre3 <unfixed> (bug #858678; unimportant)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -32801,7 +32799,7 @@ CVE-2017-7245 (Stack-based buffer overflow in the pcre32_copy_substring function
 	NOTE: https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
 	NOTE: pcre32 support enabled only in pcre3/1:8.35-4
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1691 (8.41)
-CVE-2017-7244 (The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 ...)
+CVE-2017-7244
 	- pcre3 2:8.39-3 (bug #858683)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -32810,152 +32808,152 @@ CVE-2017-7244 (The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE
 	NOTE: pcre32 support enabled only in pcre3/1:8.35-4
 	NOTE: Bisected and the following change addresses the issue for pcre3:
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1688 (8.41)
-CVE-2017-7243 (Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause ...)
+CVE-2017-7243
 	NOT-FOR-US: Eclipse tinydtls for Eclipse IoT
-CVE-2017-7242 (Multiple Cross-Site Scripting (XSS) were discovered in admin/modules ...)
+CVE-2017-7242
 	NOT-FOR-US: SLiMS
-CVE-2017-7241 (A cross-site scripting (XSS) vulnerability in the MantisBT Move ...)
+CVE-2017-7241
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
-CVE-2017-7240 (An issue was discovered on Miele Professional PST10 devices. The ...)
+CVE-2017-7240
 	NOT-FOR-US: Miele Professional PG 8528 PST10 devices
-CVE-2017-7239 (Ninka before 1.3.2 might allow remote attackers to obtain sensitive ...)
+CVE-2017-7239
 	- ninka <not-affected> (Fixed with the initial release to Debian)
 	NOTE: https://github.com/dmgerman/ninka/commit/81f185261c8863c5b84344ee31192870be939faf
 CVE-2017-7238
 	RESERVED
-CVE-2017-7237 (The Spiceworks TFTP Server, as distributed with Spiceworks Inventory ...)
+CVE-2017-7237
 	NOT-FOR-US: Spiceworks
-CVE-2017-7236 (SQL injection vulnerability in NetApp OnCommand Unified Manager Core ...)
+CVE-2017-7236
 	NOT-FOR-US: NetApp
-CVE-2017-7235 (An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A ...)
+CVE-2017-7235
 	NOT-FOR-US: cloudflare-scrape
-CVE-2017-7234 (A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before ...)
+CVE-2017-7234
 	{DSA-3835-1 DLA-885-1}
 	- python-django 1:1.10.7-1 (bug #859516)
 	NOTE: https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
 	NOTE: Fixed by (master): https://github.com/django/django/commit/a1f948b468b6621083a03b0d53432341b7a4d753
-CVE-2017-7233 (Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 ...)
+CVE-2017-7233
 	{DSA-3835-1 DLA-885-1}
 	- python-django 1:1.10.7-1 (bug #859515)
 	NOTE: https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
 	NOTE: Fixed by (master): https://github.com/django/django/commit/5ea48a70afac5e5684b504f09286e7defdd1a81a
 CVE-2017-7232
 	RESERVED
-CVE-2017-7231 (pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow ...)
+CVE-2017-7231
 	NOT-FOR-US: pngdefry
-CVE-2017-7230 (A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and ...)
+CVE-2017-7230
 	NOT-FOR-US: Disk Sorter Enterprise
-CVE-2017-7229 (PGP/MIME encrypted messages injected into a Vaultive O365 (before ...)
+CVE-2017-7229
 	NOT-FOR-US: Vaultive O365
-CVE-2017-7228 (An issue (known as XSA-212) was discovered in Xen, with fixes available ...)
+CVE-2017-7228
 	{DSA-3847-1 DLA-907-1}
 	- xen 4.8.1-1 (bug #859560)
 	NOTE: https://xenbits.xen.org/xsa/advisory-212.html
-CVE-2017-7227 (GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based ...)
+CVE-2017-7227
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20906
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=406bd128dba2a59d0736839fc87a59bce319076c
-CVE-2017-7226 (The pe_ILF_object_p function in the Binary File Descriptor (BFD) ...)
+CVE-2017-7226
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20905
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=fa6631b4eecfcca00c13b9594e6336dffd40982f
-CVE-2017-7225 (The find_nearest_line function in addr2line in GNU Binutils 2.28 does ...)
+CVE-2017-7225
 	- binutils 2.27.51.20161201-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20891
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=50455f1ab2935f7321215dfa681745c9b1cb5b19
-CVE-2017-7224 (The find_nearest_line function in objdump in GNU Binutils 2.28 is ...)
+CVE-2017-7224
 	- binutils 2.27.51.20161201-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20892
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e82ab856bb4689330c29fb9f1c57a8555b26380e
-CVE-2017-7223 (GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer ...)
+CVE-2017-7223
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20898
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=69ace2200106348a1b00d509a6a234337c104c17
-CVE-2017-7222 (A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 ...)
+CVE-2017-7222
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
-CVE-2017-7221 (OpenText Documentum Content Server has an inadequate protection ...)
+CVE-2017-7221
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-7220 (OpenText Documentum Content Server allows superuser access via ...)
+CVE-2017-7220
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-7219 (A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 ...)
+CVE-2017-7219
 	NOT-FOR-US: Citrix
-CVE-2017-7218 (The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 ...)
+CVE-2017-7218
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7217 (The Management Web Interface in Palo Alto Networks PAN-OS before ...)
+CVE-2017-7217
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7216 (The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 ...)
+CVE-2017-7216
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7215 (Cross site scripting in some view elements in the index filter tool in ...)
+CVE-2017-7215
 	NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
-CVE-2017-7214 (An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x ...)
+CVE-2017-7214
 	- nova 2:14.0.0-4 (bug #858568)
 	[jessie] - nova <not-affected> (Vulnerable code not present)
 	[wheezy] - nova <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1673569
-CVE-2017-7213 (Zoho ManageEngine Desktop Central before build 100082 allows remote ...)
+CVE-2017-7213
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
 CVE-2017-7212
 	RESERVED
 CVE-2017-7211
 	RESERVED
-CVE-2017-7210 (objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based ...)
+CVE-2017-7210
 	- binutils 2.28-3 (low; bug #858324)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21157
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a2dea0b20bc66a4c287c3c50002b8c3b3e9d953a
-CVE-2017-7209 (The dump_section_as_bytes function in readelf in GNU Binutils 2.28 ...)
+CVE-2017-7209
 	- binutils 2.28-3 (low; bug #858323)
 	[jessie] - binutils <not-affected> (Vulnerable code introduced later)
 	[wheezy] - binutils <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21135
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f055032e4e922f1e1a5e11026c7c2669fa2a7d19
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1835f746a7c7fff70a2cc03a051b14fdc6b3f73f
-CVE-2017-7208 (The decode_residual function in libavcodec in libav 9.21 allows remote ...)
+CVE-2017-7208
 	{DSA-4012-1 DLA-1142-1}
 	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1000
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=522d850e68ec4b77d3477b3c8f55b1ba00a9d69a
-CVE-2017-7207 (The mem_get_bits_rectangle function in Artifex Software, Inc. ...)
+CVE-2017-7207
 	{DSA-3838-1 DLA-1048-1}
 	- ghostscript 9.20~dfsg-3 (bug #858350)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=309eca4e0a31ea70dcc844812691439312dad091
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697676
-CVE-2017-7206 (The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows ...)
+CVE-2017-7206
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (bug #872517; Previous patches mitigated the issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1002
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=83b2b34d06e74cc8775ba3d833f9782505e17539
-CVE-2017-7205 (A Cross-Site Scripting (XSS) was discovered in GamePanelX-V3 3.0.12. ...)
+CVE-2017-7205
 	NOT-FOR-US: GamePanelX-V3
-CVE-2017-7204 (A Cross-Site Scripting (XSS) was discovered in imdbphp 5.1.1. The ...)
+CVE-2017-7204
 	NOT-FOR-US: imdbphp
-CVE-2017-7203 (A Cross-Site Scripting (XSS) was discovered in ZoneMinder before ...)
+CVE-2017-7203
 	- zoneminder 1.30.4+dfsg-1 (bug #858329)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/issues/1797
 	NOTE: Fixed in 1.30.2 upstream.
-CVE-2017-7202 (Multiple Cross-Site Scripting (XSS) were discovered in SLiMS 7 Cendana ...)
+CVE-2017-7202
 	NOT-FOR-US: SLiMS
 CVE-2017-7201
 	RESERVED
-CVE-2017-7199 (Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions ...)
+CVE-2017-7199
 	NOT-FOR-US: Nessus
-CVE-2017-7200 (An SSRF issue was discovered in OpenStack Glance before Newton. The ...)
+CVE-2017-7200
 	- glance 2:13.0.0-1
 	[jessie] - glance <no-dsa> (Minor issue, too intrusive to backport)
 	[wheezy] - glance <end-of-life> (Not supported in Wheezy LTS)
@@ -32976,39 +32974,39 @@ CVE-2017-7194
 	RESERVED
 CVE-2017-7193
 	RESERVED
-CVE-2017-7192 (WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass ...)
+CVE-2017-7192
 	NOT-FOR-US: Starscream
 CVE-2017-7190
 	RESERVED
 CVE-2017-7189
 	RESERVED
-CVE-2017-7188 (Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a ...)
+CVE-2017-7188
 	NOT-FOR-US: Zurmo
-CVE-2017-7187 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through ...)
+CVE-2017-7187
 	- linux 4.9.18-1
 	[jessie] - linux <not-affected> (Introduced in 3.17)
 	[wheezy] - linux <not-affected> (Introduced in 3.17)
 	NOTE: Fixed by: https://git.kernel.org/linus/bf33f87dd04c371ea33feb821b60d63d754e3124 (4.11-rc5)
 	NOTE: Introduced by: https://git.kernel.org/linus/65c26a0f39695ba01d9693754f27ca76cc8a3ab5 (3.17-rc1)
-CVE-2017-7185 (Use-after-free vulnerability in the ...)
+CVE-2017-7185
 	NOT-FOR-US: Mongoose
-CVE-2017-7183 (The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers ...)
+CVE-2017-7183
 	NOT-FOR-US: ExtraPuTTY
 CVE-2017-7182
 	RESERVED
 CVE-2017-7181
 	RESERVED
-CVE-2017-7180 (Net Monitor for Employees Pro through 5.3.4 has an unquoted service ...)
+CVE-2017-7180
 	NOT-FOR-US: Net Monitor for Employees Pro
 CVE-2017-7179
 	RESERVED
-CVE-2017-7184 (The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the ...)
+CVE-2017-7184
 	{DLA-922-1}
 	- linux 4.9.18-1 (low)
 	[jessie] - linux 3.16.43-1
 	NOTE: Unprivileged user namespaces are disabled in Debian, this only affects
 	NOTE: non-standard setups
-CVE-2017-7186 (libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote ...)
+CVE-2017-7186
 	- pcre3 2:8.39-3 (bug #858230)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -33018,11 +33016,11 @@ CVE-2017-7186 (libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote ..
 	NOTE: https://vcs.pcre.org/pcre/code/trunk/pcre_ucd.c?r1=1490&r2=1688&sortby=date (for pcre3)
 	NOTE: https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_ucd.c?r1=316&r2=670&sortby=date (for pcre2)
 	NOTE: https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_internal.h?r1=600&r2=670&sortby=date (for pcre2)
-CVE-2017-7178 (CSRF was discovered in the web UI in Deluge before 1.3.14. The ...)
+CVE-2017-7178
 	{DSA-3856-1 DLA-863-1}
 	- deluge 1.3.13+git20161130.48cedf63-2 (bug #857903)
 	NOTE: http://git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=318ab179865e0707d7945edc3a13a464a108d583
-CVE-2017-9149 (Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to ...)
+CVE-2017-9149
 	- mat 0.6.1-4 (bug #858058)
 	[jessie] - mat <not-affected> (Vulnerable code not present)
 	[wheezy] - mat <not-affected> (Vulnerable code not present)
@@ -33032,552 +33030,552 @@ CVE-2017-9149 (Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails
 	NOTE: Introduced by: https://0xacab.org/mat/mat/commit/0d1fe2555e90db35eeb531a1b6026ff64f1f5ae5
 CVE-2017-7176
 	REJECTED
-CVE-2017-7175 (NfSen before 1.3.8 allows remote attackers to execute arbitrary OS ...)
+CVE-2017-7175
 	NOT-FOR-US: NfSen
-CVE-2017-7174 (The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 ...)
+CVE-2017-7174
 	NOT-FOR-US: Chef Manage
-CVE-2017-7173 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7173
 	NOT-FOR-US: Apple
-CVE-2017-7172 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7172
 	NOT-FOR-US: Apple
-CVE-2017-7171 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7171
 	NOT-FOR-US: Apple
-CVE-2017-7170 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7170
 	NOT-FOR-US: Apple
 CVE-2017-7169
 	RESERVED
 CVE-2017-7168
 	RESERVED
-CVE-2017-7167 (An issue was discovered in certain Apple products. Xcode before 9.2 is ...)
+CVE-2017-7167
 	NOT-FOR-US: Apple
 CVE-2017-7166
 	RESERVED
-CVE-2017-7165 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7165
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7164 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7164
 	NOT-FOR-US: Apple
-CVE-2017-7163 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7163
 	NOT-FOR-US: Intel Graphics Driver on Apple / macOS
-CVE-2017-7162 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7162
 	NOT-FOR-US: Apple
-CVE-2017-7161 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2017-7161
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7160 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7160
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7159 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7159
 	NOT-FOR-US: Apple
-CVE-2017-7158 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7158
 	NOT-FOR-US: Apple
-CVE-2017-7157 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7157
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-7156 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7156
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-7155 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7155
 	NOT-FOR-US: Intel Graphics Driver on Apple / macOS
-CVE-2017-7154 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7154
 	NOT-FOR-US: Apple
-CVE-2017-7153 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7153
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7152 (An issue was discovered in certain Apple products. iOS before 11.2 is ...)
+CVE-2017-7152
 	NOT-FOR-US: Apple
 CVE-2017-7151
 	RESERVED
-CVE-2017-7150 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7150
 	NOT-FOR-US: Apple
-CVE-2017-7149 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7149
 	NOT-FOR-US: Apple
-CVE-2017-7148 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7148
 	NOT-FOR-US: Apple
-CVE-2017-7147 (An issue was discovered in certain Apple products. The Apple Support ...)
+CVE-2017-7147
 	NOT-FOR-US: Apple
-CVE-2017-7146 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7146
 	NOT-FOR-US: Apple
-CVE-2017-7145 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7145
 	NOT-FOR-US: Apple
-CVE-2017-7144 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7144
 	NOT-FOR-US: Apple
-CVE-2017-7143 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7143
 	NOT-FOR-US: Apple
-CVE-2017-7142 (An issue was discovered in certain Apple products. Safari before 11 is ...)
+CVE-2017-7142
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7141 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7141
 	NOT-FOR-US: Apple
-CVE-2017-7140 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7140
 	NOT-FOR-US: Apple
-CVE-2017-7139 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7139
 	NOT-FOR-US: Apple
-CVE-2017-7138 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7138
 	NOT-FOR-US: Apple
-CVE-2017-7137 (An issue was discovered in certain Apple products. Xcode before 9 is ...)
+CVE-2017-7137
 	NOT-FOR-US: Apple
-CVE-2017-7136 (An issue was discovered in certain Apple products. Xcode before 9 is ...)
+CVE-2017-7136
 	NOT-FOR-US: Apple
-CVE-2017-7135 (An issue was discovered in certain Apple products. Xcode before 9 is ...)
+CVE-2017-7135
 	NOT-FOR-US: Apple
-CVE-2017-7134 (An issue was discovered in certain Apple products. Xcode before 9 is ...)
+CVE-2017-7134
 	NOT-FOR-US: Apple
-CVE-2017-7133 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7133
 	NOT-FOR-US: Apple
-CVE-2017-7132 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7132
 	NOT-FOR-US: Apple
-CVE-2017-7131 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7131
 	NOT-FOR-US: Apple
-CVE-2017-7130 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7130
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7129 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7129
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7128 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7128
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7127 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7127
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7126 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7126
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7125 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7125
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7124 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7124
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7123 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7123
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7122 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7122
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7121 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7121
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7120 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7120
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7119 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7119
 	NOT-FOR-US: Apple
-CVE-2017-7118 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7118
 	NOT-FOR-US: Apple
-CVE-2017-7117 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7117
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7116 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7116
 	NOT-FOR-US: Apple
-CVE-2017-7115 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7115
 	NOT-FOR-US: Apple
-CVE-2017-7114 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7114
 	NOT-FOR-US: Apple
-CVE-2017-7113 (An issue was discovered in certain Apple products. iOS before 11.1 is ...)
+CVE-2017-7113
 	NOT-FOR-US: Apple
-CVE-2017-7112 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7112
 	NOT-FOR-US: Apple
-CVE-2017-7111 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7111
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7110 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7110
 	NOT-FOR-US: Apple
-CVE-2017-7109 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7109
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7108 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7108
 	NOT-FOR-US: Apple
-CVE-2017-7107 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7107
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7106 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7106
 	NOT-FOR-US: Apple
-CVE-2017-7105 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7105
 	NOT-FOR-US: Apple
-CVE-2017-7104 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7104
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7103 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7103
 	NOT-FOR-US: Apple
-CVE-2017-7102 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7102
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7101
 	RESERVED
-CVE-2017-7100 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7100
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7099 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7099
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7098 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7098
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7097 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7097
 	NOT-FOR-US: Apple
-CVE-2017-7096 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7096
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7095 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7095
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7094 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7094
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7093 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7093
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7092 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7092
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7091 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7091
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7090 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7090
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7089 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7089
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7088 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7088
 	NOT-FOR-US: Apple
-CVE-2017-7087 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7087
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7086 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7086
 	NOT-FOR-US: Apple
-CVE-2017-7085 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7085
 	NOT-FOR-US: Apple
-CVE-2017-7084 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7084
 	NOT-FOR-US: Apple
-CVE-2017-7083 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7083
 	NOT-FOR-US: Apple
-CVE-2017-7082 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7082
 	NOT-FOR-US: Apple
-CVE-2017-7081 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7081
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7080 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7080
 	NOT-FOR-US: Apple
-CVE-2017-7079 (An issue was discovered in certain Apple products. iTunes before 12.7 ...)
+CVE-2017-7079
 	NOT-FOR-US: Apple
-CVE-2017-7078 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7078
 	NOT-FOR-US: Apple
-CVE-2017-7077 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7077
 	NOT-FOR-US: Apple
-CVE-2017-7076 (An issue was discovered in certain Apple products. Xcode before 9 is ...)
+CVE-2017-7076
 	NOT-FOR-US: Apple
-CVE-2017-7075 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7075
 	NOT-FOR-US: Apple
-CVE-2017-7074 (An issue was discovered in certain Apple products. macOS before 10.13 ...)
+CVE-2017-7074
 	NOT-FOR-US: Apple
 CVE-2017-7073
 	RESERVED
-CVE-2017-7072 (An issue was discovered in certain Apple products. iOS before 11 is ...)
+CVE-2017-7072
 	NOT-FOR-US: Apple
-CVE-2017-7071 (An issue was discovered in certain Apple products. Safari before 10.1 ...)
+CVE-2017-7071
 	NOT-FOR-US: Apple
-CVE-2017-7070 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7070
 	NOT-FOR-US: Apple
-CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7069
 	NOT-FOR-US: Apple
-CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7068
 	NOT-FOR-US: Apple / libarchive
 	NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't cooperate
-CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7067
 	NOT-FOR-US: Apple
-CVE-2017-7066 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7066
 	NOT-FOR-US: Apple
-CVE-2017-7065 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7065
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-7064 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7064
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7063 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7063
 	NOT-FOR-US: Apple
-CVE-2017-7062 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7062
 	NOT-FOR-US: Apple
-CVE-2017-7061 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7061
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: Not covered by security support
-CVE-2017-7060 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7060
 	NOT-FOR-US: Apple
-CVE-2017-7059 (A DOMParser XSS issue was discovered in certain Apple products. iOS ...)
+CVE-2017-7059
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-7058 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7058
 	NOT-FOR-US: Apple
 CVE-2017-7057
 	RESERVED
-CVE-2017-7056 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7056
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: Not covered by security support
-CVE-2017-7055 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7055
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7054 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7054
 	NOT-FOR-US: Apple
-CVE-2017-7053 (An issue was discovered in certain Apple products. iTunes before ...)
+CVE-2017-7053
 	NOT-FOR-US: Apple
-CVE-2017-7052 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7052
 	- webkit2gtk 2.16.4-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7051 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7051
 	NOT-FOR-US: Apple
-CVE-2017-7050 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7050
 	NOT-FOR-US: Apple
-CVE-2017-7049 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7049
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7048 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7048
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7047 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7047
 	NOT-FOR-US: Apple
-CVE-2017-7046 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7046
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7045 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7045
 	NOT-FOR-US: Apple
-CVE-2017-7044 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7044
 	NOT-FOR-US: Apple
-CVE-2017-7043 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7043
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7042 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7042
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7041 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7041
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7040 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7040
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7039 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7039
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7038 (A DOMParser XSS issue was discovered in certain Apple products. iOS ...)
+CVE-2017-7038
 	- webkit2gtk 2.16.3-2 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7037 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7037
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7036 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7036
 	NOT-FOR-US: Apple
-CVE-2017-7035 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7035
 	NOT-FOR-US: Apple
-CVE-2017-7034 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7034
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7033 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7033
 	NOT-FOR-US: Apple
-CVE-2017-7032 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7032
 	NOT-FOR-US: Apple
-CVE-2017-7031 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7031
 	NOT-FOR-US: Apple
-CVE-2017-7030 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7030
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7029 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7029
 	NOT-FOR-US: Apple
-CVE-2017-7028 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7028
 	NOT-FOR-US: Apple
-CVE-2017-7027 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7027
 	NOT-FOR-US: Apple
-CVE-2017-7026 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7026
 	NOT-FOR-US: Apple
-CVE-2017-7025 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7025
 	NOT-FOR-US: Apple
-CVE-2017-7024 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7024
 	NOT-FOR-US: Apple
-CVE-2017-7023 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7023
 	NOT-FOR-US: Apple
-CVE-2017-7022 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7022
 	NOT-FOR-US: Apple
-CVE-2017-7021 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7021
 	NOT-FOR-US: Apple
-CVE-2017-7020 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7020
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7019 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7019
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7018 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7018
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7017 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7017
 	NOT-FOR-US: Apple
-CVE-2017-7016 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7016
 	NOT-FOR-US: Apple
-CVE-2017-7015 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7015
 	NOT-FOR-US: Apple
-CVE-2017-7014 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-7014
 	NOT-FOR-US: Apple
-CVE-2017-7013 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7013
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
-CVE-2017-7012 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7012
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7011 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7011
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7010 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7010
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
-CVE-2017-7009 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7009
 	NOT-FOR-US: Apple
-CVE-2017-7008 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7008
 	NOT-FOR-US: Apple
-CVE-2017-7007 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7007
 	NOT-FOR-US: Apple
-CVE-2017-7006 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-7006
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7005 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-7005
 	NOT-FOR-US: Apple
-CVE-2017-7004 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-7004
 	NOT-FOR-US: Apple
-CVE-2017-7003 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-7003
 	NOT-FOR-US: Apple
-CVE-2017-7002 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-7002
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7001 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-7001
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7000 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-7000
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-6999 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6999
 	NOT-FOR-US: Apple
-CVE-2017-6998 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6998
 	NOT-FOR-US: Apple
-CVE-2017-6997 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6997
 	NOT-FOR-US: Apple
-CVE-2017-6996 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6996
 	NOT-FOR-US: Apple
-CVE-2017-6995 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6995
 	NOT-FOR-US: Apple
-CVE-2017-6994 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6994
 	NOT-FOR-US: Apple
 CVE-2017-6993
 	RESERVED
 CVE-2017-6992
 	RESERVED
-CVE-2017-6991 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6991
 	NOTE: Unspecified sqlite issue found by Apple, no further details available
-CVE-2017-6990 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-6990
 	NOT-FOR-US: Apple
-CVE-2017-6989 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6989
 	NOT-FOR-US: Apple
-CVE-2017-6988 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-6988
 	NOT-FOR-US: Apple
-CVE-2017-6987 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6987
 	NOT-FOR-US: Apple
-CVE-2017-6986 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-6986
 	NOT-FOR-US: Apple
-CVE-2017-6985 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-6985
 	NOT-FOR-US: Apple
-CVE-2017-6984 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6984
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-6983 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6983
 	NOTE: Unspecified sqlite issue found by Apple, no further details available
-CVE-2017-6982 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6982
 	NOT-FOR-US: Apple
-CVE-2017-6981 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6981
 	NOT-FOR-US: Apple
-CVE-2017-6980 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6980
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-6979 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-6979
 	NOT-FOR-US: Apple
-CVE-2017-6978 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-6978
 	NOT-FOR-US: Apple
-CVE-2017-6977 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-6977
 	NOT-FOR-US: Apple
-CVE-2017-6976 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-6976
 	NOT-FOR-US: Apple
-CVE-2017-6975 (Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack ...)
+CVE-2017-6975
 	NOT-FOR-US: Applie
-CVE-2017-6974 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-6974
 	NOT-FOR-US: Apple
-CVE-2017-6973 (A cross-site scripting (XSS) vulnerability in the MantisBT ...)
+CVE-2017-6973
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
-CVE-2017-6972 (AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an ...)
+CVE-2017-6972
 	NOT-FOR-US: AlienVault
-CVE-2017-6971 (AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow ...)
+CVE-2017-6971
 	NOT-FOR-US: AlienVault
-CVE-2017-6970 (AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow ...)
+CVE-2017-6970
 	NOT-FOR-US: AlienVault
-CVE-2017-6968 (GMV Checker ATM Security prior to 5.0.18 allows remote authenticated ...)
+CVE-2017-6968
 	NOT-FOR-US: GMV Checker ATM Security
-CVE-2017-6969 (readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer ...)
+CVE-2017-6969
 	- binutils 2.28-3 (bug #858256)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21156
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=43a444f9c5bfd44b4304eafd78338e21d54bea14
-CVE-2017-6967 (xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect ...)
+CVE-2017-6967
 	{DLA-872-1}
 	[experimental] - xrdp 0.9.2~20170325-1~exp1
 	- xrdp 0.9.1-9 (bug #858143)
@@ -33588,64 +33586,64 @@ CVE-2017-6967 (xrdp 0.9.1 calls the PAM function auth_start_session() in an inco
 	NOTE: Followed by: https://github.com/neutrinolabs/xrdp/pull/696
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/18/1
 	NOTE: https://github.com/neutrinolabs/xrdp/pull/696/commits/44129acd210c803fc8bbcfaf1b0db05e5bb4034f
-CVE-2017-6966 (readelf in GNU Binutils 2.28 has a use-after-free (specifically ...)
+CVE-2017-6966
 	- binutils 2.28-3 (bug #858263)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21139
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f84ce13b6708801ca1d6289b7c4003e2f5a6d7f9
-CVE-2017-6965 (readelf in GNU Binutils 2.28 writes to illegal addresses while ...)
+CVE-2017-6965
 	- binutils 2.28-3 (bug #858264)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21137
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=03f7786e2f440b9892b1c34a58fb26222ce1b493
-CVE-2017-6964 (dmcrypt-get-device, as shipped in the eject package of Debian and ...)
+CVE-2017-6964
 	{DSA-3823-1 DLA-876-1}
 	- eject 2.1.5+deb1+cvs20081104-13.2 (bug #858872)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/eject/+bug/1673627
 CVE-2017-6963
 	RESERVED
-CVE-2017-6962 (An issue was discovered in apng2gif 1.7. There is an integer overflow ...)
+CVE-2017-6962
 	- apng2gif 1.8-0.1 (bug #854447)
 	[stretch] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
 	[wheezy] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
-CVE-2017-6961 (An issue was discovered in apng2gif 1.7. There is improper sanitization ...)
+CVE-2017-6961
 	- apng2gif 1.8-0.1 (bug #854441)
 	[stretch] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
 	[wheezy] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
-CVE-2017-6960 (An issue was discovered in apng2gif 1.7. There ...)
+CVE-2017-6960
 	{DLA-981-1}
 	- apng2gif 1.8-0.1 (bug #854367)
 	[stretch] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 CVE-2017-6959
 	REJECTED
-CVE-2017-6958 (An XSS vulnerability in the MantisBT Source Integration Plugin (before ...)
+CVE-2017-6958
 	NOT-FOR-US: MantisBT Source Integration Plugin
-CVE-2017-6957 (Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC ...)
+CVE-2017-6957
 	NOT-FOR-US: Firmware on some Broadcom SoCs
-CVE-2017-6956 (On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer ...)
+CVE-2017-6956
 	NOT-FOR-US: Firmware on some Broadcom SoCs
-CVE-2017-6955 (An issue was discovered in by-email/by-email.php in the Invite Anyone ...)
+CVE-2017-6955
 	NOT-FOR-US: wordpress Anyone plugin
-CVE-2017-6954 (An issue was discovered in includes/component.php in the BuddyPress ...)
+CVE-2017-6954
 	NOT-FOR-US: wordpress buddypress docs plugin
-CVE-2017-6953 (Gemalto SmartDiag Diagnosis Tool v2.5 has a stack-based Buffer Overflow ...)
+CVE-2017-6953
 	NOT-FOR-US: Gemalto SmartDiag Diagnosis Tool
-CVE-2017-6952 (Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c ...)
+CVE-2017-6952
 	- capstone <not-affected> (Vulnerable code not present, in Windows specific distribution)
 CVE-2017-9999
 	REJECTED
-CVE-2017-6951 (The keyring_search_aux function in security/keys/keyring.c in the Linux ...)
+CVE-2017-6951
 	{DLA-922-1}
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.43-1
-CVE-2017-6950 (SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended ...)
+CVE-2017-6950
 	NOT-FOR-US: SAP
-CVE-2017-6949 (An issue was discovered in CHICKEN Scheme through 4.12.0. When using a ...)
+CVE-2017-6949
 	{DLA-908-1}
 	- chicken 4.12.0-0.2 (bug #858057)
 	[stretch] - chicken <no-dsa> (Minor issue)
@@ -33683,66 +33681,66 @@ CVE-2017-6934
 	RESERVED
 CVE-2017-6933
 	RESERVED
-CVE-2017-6931 (In Drupal versions 8.4.x versions before 8.4.5 the Settings Tray ...)
+CVE-2017-6931
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6930 (In Drupal versions 8.4.x versions before 8.4.5 when using node access ...)
+CVE-2017-6930
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6926 (In Drupal versions 8.4.x versions before 8.4.5 users with permission ...)
+CVE-2017-6926
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6925 (In versions of Drupal 8 core prior to 8.3.7; There is a vulnerability ...)
+CVE-2017-6925
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-004
-CVE-2017-6924 (In Drupal 8 prior to 8.3.7; When using the REST API, users without the ...)
+CVE-2017-6924
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-004
-CVE-2017-6923 (In Drupal 8.x prior to 8.3.7 When creating a view, you can optionally ...)
+CVE-2017-6923
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-004
-CVE-2017-6922 (In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; ...)
+CVE-2017-6922
 	{DSA-3897-1 DLA-1004-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.56-1 (bug #865498)
 	NOTE: https://www.drupal.org/SA-CORE-2017-003
 	NOTE: http://cgit.drupalcode.org/drupal/diff/?h=7.x&id=600c1346ed976e6f35fc2b0f907a7837f0f7c145&id2=9eebe462d1e93e785e6c028dc6cf689623c4d936
-CVE-2017-6921 (In Drupal 8 prior to 8.3.4; The file REST resource does not properly ...)
+CVE-2017-6921
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-003
-CVE-2017-6920 (Drupal core 8 before versions 8.3.4 allows remote attackers to execute ...)
+CVE-2017-6920
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-003
-CVE-2017-6919 (Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access ...)
+CVE-2017-6919
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-002
-CVE-2017-6918 (CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the ...)
+CVE-2017-6918
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6917 (CSRF exists in BigTree CMS 4.2.16 with the value parameter to the ...)
+CVE-2017-6917
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6916 (CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to ...)
+CVE-2017-6916
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6915 (CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the ...)
+CVE-2017-6915
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6914 (CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to ...)
+CVE-2017-6914
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6913 (Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail ...)
+CVE-2017-6913
 	NOT-FOR-US: Open-Xchange
 CVE-2017-6912
 	RESERVED
-CVE-2017-6911 (USB Pratirodh is prone to sensitive information disclosure. It stores ...)
+CVE-2017-6911
 	NOT-FOR-US: USB Pratirodh
-CVE-2017-6910 (The HTTP and WebSocket engine components in the server in Kaazing ...)
+CVE-2017-6910
 	NOT-FOR-US: Kaazing Gateway
-CVE-2017-6909 (An issue was discovered in Shimmie &lt;= 2.5.1. The vulnerability exists ...)
+CVE-2017-6909
 	NOT-FOR-US: Shimmie
-CVE-2017-6908 (An issue was discovered in concrete5 &lt;= 5.6.3.4. The vulnerability ...)
+CVE-2017-6908
 	NOT-FOR-US: concrete5
-CVE-2017-6907 (An issue was discovered in Open.GL before 2017-03-13. The vulnerability ...)
+CVE-2017-6907
 	NOT-FOR-US: Open.GL
-CVE-2017-6906 (An issue was discovered in SiberianCMS before 4.10.0.  The ...)
+CVE-2017-6906
 	NOT-FOR-US: SiberianCMS
-CVE-2017-6905 (An issue was discovered in concrete5 &lt;= 5.6.3.4. The vulnerability ...)
+CVE-2017-6905
 	NOT-FOR-US: concrete5
 CVE-2017-6904
 	RESERVED
@@ -33752,108 +33750,108 @@ CVE-2017-6901
 	RESERVED
 CVE-2017-6900
 	RESERVED
-CVE-2017-6899 (The msm_bus_dbg_update_request_write function in ...)
+CVE-2017-6899
 	NOT-FOR-US: android_kernel_huawei_msm8916 in LineageOS (and other kernels for MSM devices)
 CVE-2017-6898
 	RESERVED
 CVE-2017-6897
 	RESERVED
-CVE-2017-6896 (Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 ...)
+CVE-2017-6896
 	NOT-FOR-US: DIGISOL DG-HR1400 1.00.02 wireless router
-CVE-2017-6895 (USB Pratirodh allows remote attackers to conduct XML External Entity ...)
+CVE-2017-6895
 	NOT-FOR-US: USB Pratirodh
 CVE-2017-6894
 	RESERVED
 CVE-2017-6893
 	RESERVED
-CVE-2017-6892 (In libsndfile version 1.0.28, an error in the &quot;aiff_read_chanmap()&quot; ...)
+CVE-2017-6892
 	{DLA-985-1}
 	- libsndfile 1.0.28-1 (bug #864704)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748
-CVE-2017-6891 (Two errors in the &quot;asn1_find_node()&quot; function (lib/parser_aux.c) ...)
+CVE-2017-6891
 	{DSA-3861-1 DLA-950-1}
 	- libtasn1-6 4.10-1.1 (bug #863186)
 	- libtasn1-3 <removed>
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/
 	NOTE: https://gitlab.com/gnutls/libtasn1/commit/5520704d075802df25ce4ffccc010ba1641bd484
-CVE-2017-6890 (A boundary error within the &quot;foveon_load_camf()&quot; function ...)
+CVE-2017-6890
 	NOT-FOR-US: libraw demosaic extension (not packaged in Debian)
-CVE-2017-6889 (An integer overflow error within the &quot;foveon_load_camf()&quot; function ...)
+CVE-2017-6889
 	NOT-FOR-US: libraw demosaic extension (not packaged in Debian)
-CVE-2017-6888 (An error in the &quot;read_metadata_vorbiscomment_()&quot; function ...)
+CVE-2017-6888
 	- flac 1.3.2-2 (low; bug #897015)
 	[stretch] - flac <no-dsa> (Minor issue)
 	[jessie] - flac <no-dsa> (Minor issue)
 	[wheezy] - flac <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-7/
 	NOTE: https://git.xiph.org/?p=flac.git;a=commit;h=4f47b63e9c971e6391590caf00a0f2a5ed612e67
-CVE-2017-6887 (A boundary error within the &quot;parse_tiff_ifd()&quot; function ...)
+CVE-2017-6887
 	{DSA-3950-1 DLA-1057-1}
 	- libraw 0.18.2-2 (bug #864183)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251
-CVE-2017-6886 (An error within the &quot;parse_tiff_ifd()&quot; function ...)
+CVE-2017-6886
 	{DSA-3950-1 DLA-1057-1}
 	- libraw 0.18.2-2 (bug #864183)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251
-CVE-2017-6885 (An error when handling certain external commands and services related ...)
+CVE-2017-6885
 	NOT-FOR-US: FlexNet
-CVE-2017-6903 (In ioquake3 before 2017-03-14, the auto-downloading feature has ...)
+CVE-2017-6903
 	{DSA-3812-1}
 	- ioquake3 1.36+u20161101+dfsg1-2 (bug #857699)
 	[wheezy] - ioquake3 <end-of-life> (Not supported in Wheezy LTS)
 	- iortcw 1.50a+dfsg1-3 (bug #857714)
 	NOTE: https://ioquake3.org/2017/03/13/important-security-update-please-update-ioquake3-immediately/
 	NOTE: Also affects openjk (only in experimental; bug #857715)
-CVE-2017-6884 (A command injection vulnerability was discovered on the Zyxel EMG2926 ...)
+CVE-2017-6884
 	NOT-FOR-US: Zyxel
-CVE-2017-6883 (The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF ...)
+CVE-2017-6883
 	NOT-FOR-US: Foxit
 CVE-2017-6882
 	RESERVED
 CVE-2017-6881
 	RESERVED
-CVE-2017-6880 (Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers ...)
+CVE-2017-6880
 	NOT-FOR-US: Cerberus FTP Server
 CVE-2017-6879
 	RESERVED
-CVE-2017-6878 (Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows ...)
+CVE-2017-6878
 	NOT-FOR-US: MetInfo
-CVE-2017-6877 (Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim ...)
+CVE-2017-6877
 	NOT-FOR-US: Lutim
 CVE-2017-6876
 	RESERVED
 CVE-2017-6875
 	RESERVED
-CVE-2017-6874 (Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 ...)
+CVE-2017-6874
 	- linux 4.9.16-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/040757f738e13caaa9c5078bca79aa97e11dde88
-CVE-2017-6873 (A vulnerability was discovered in Siemens OZW672 (all versions) and ...)
+CVE-2017-6873
 	NOT-FOR-US: Siemens
-CVE-2017-6872 (A vulnerability was discovered in Siemens OZW672 (all versions) and ...)
+CVE-2017-6872
 	NOT-FOR-US: Siemens
-CVE-2017-6871 (A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for ...)
+CVE-2017-6871
 	NOT-FOR-US: Siemens
-CVE-2017-6870 (A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for ...)
+CVE-2017-6870
 	NOT-FOR-US: Siemens
-CVE-2017-6869 (A vulnerability was discovered in Siemens ViewPort for Web Office ...)
+CVE-2017-6869
 	NOT-FOR-US: Siemens
-CVE-2017-6868 (An Improper Authentication issue was discovered in Siemens SIMATIC CP ...)
+CVE-2017-6868
 	NOT-FOR-US: Siemens
-CVE-2017-6867 (A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before ...)
+CVE-2017-6867
 	NOT-FOR-US: Siemens
-CVE-2017-6866 (A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before ...)
+CVE-2017-6866
 	NOT-FOR-US: Siemens
-CVE-2017-6865 (A vulnerability has been identified in Primary Setup Tool (PST) (All ...)
+CVE-2017-6865
 	NOT-FOR-US: Siemens
-CVE-2017-6864 (The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at ...)
+CVE-2017-6864
 	NOT-FOR-US: Siemens
 CVE-2017-6863
 	RESERVED
-CVE-2017-6862 (NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before ...)
+CVE-2017-6862
 	NOT-FOR-US: NETGEAR
 CVE-2017-6861
 	RESERVED
@@ -33873,83 +33871,83 @@ CVE-2017-6854
 	RESERVED
 CVE-2017-6853
 	RESERVED
-CVE-2017-6839 (Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka ...)
+CVE-2017-6839
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
 	NOTE: https://github.com/mpruett/audiofile/issues/41
 	NOTE: https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9
-CVE-2017-6838 (Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka ...)
+CVE-2017-6838
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
 	NOTE: https://github.com/mpruett/audiofile/issues/41
 	NOTE: https://github.com/antlarr/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6837 (WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote ...)
+CVE-2017-6837
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
 	NOTE: https://github.com/mpruett/audiofile/issues/41
 	NOTE: https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6836 (Heap-based buffer overflow in the Expand3To4Module::run function in ...)
+CVE-2017-6836
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h
 	NOTE: https://github.com/mpruett/audiofile/issues/40
 	NOTE: https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6835 (The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio ...)
+CVE-2017-6835
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/39
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6834 (Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp ...)
+CVE-2017-6834
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/38
 	NOTE: https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6833 (The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio ...)
+CVE-2017-6833
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/37
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6832 (Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio ...)
+CVE-2017-6832
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/36
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6831 (Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp ...)
+CVE-2017-6831
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/35
 	NOTE: https://github.com/antlarr/audiofile/commit/a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6
-CVE-2017-6830 (Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp ...)
+CVE-2017-6830
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/34
 	NOTE: https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6829 (The decodeSample function in IMA.cpp in Audio File Library (aka ...)
+CVE-2017-6829
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://github.com/mpruett/audiofile/issues/33
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp
 	NOTE: https://github.com/mpruett/audiofile/pull/43/commits/25eb00ce913452c2e614548d7df93070bf0d066f
-CVE-2017-6828 (Heap-based buffer overflow in the readValue function in FileHandle.cpp ...)
+CVE-2017-6828
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://github.com/mpruett/audiofile/issues/31
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6827 (Heap-based buffer overflow in the MSADPCM::initializeCoefficients ...)
+CVE-2017-6827
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://github.com/mpruett/audiofile/issues/32
@@ -33959,7 +33957,7 @@ CVE-2017-XXXX [Server certificates are not verified]
 	- profanity 0.5.1-1 (bug #857546)
 	[jessie] - profanity <no-dsa> (Minor issue)
 	NOTE: https://github.com/boothj5/profanity/issues/280
-CVE-2017-7191 (The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to ...)
+CVE-2017-7191
 	- irssi 1.0.2-1 (bug #857502)
 	[jessie] - irssi <not-affected> (Different code path caused the netjoins to be flushed prior reaching use-after-free condition)
 	[wheezy] - irssi <not-affected> (Different code path caused the netjoins to be flushed prior reaching use-after-free condition)
@@ -33971,469 +33969,469 @@ CVE-2017-6825
 	RESERVED
 CVE-2017-6824
 	RESERVED
-CVE-2017-6823 (Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges ...)
+CVE-2017-6823
 	NOT-FOR-US: Fiyo CMS
 CVE-2017-6822
 	RESERVED
-CVE-2017-6821 (Directory traversal vulnerability in Zimbra Collaboration Suite (aka ...)
+CVE-2017-6821
 	NOT-FOR-US: Zimbra
-CVE-2017-6820 (rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is ...)
+CVE-2017-6820
 	{DLA-855-1}
 	- roundcube 1.2.3+dfsg.1-3 (bug #857473)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/fa2824fdcd44af3f970b2797feb47652482c8305
 	NOTE: https://github.com/roundcube/roundcubemail/commit/cbd35626f7db7855f3b5e2db00d28ecc1554e9f4
 	NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-124
 	NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.1.8
-CVE-2017-6813 (A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 ...)
+CVE-2017-6813
 	NOT-FOR-US: Zimbra
-CVE-2017-6812 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
+CVE-2017-6812
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6811 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
+CVE-2017-6811
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6810 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
+CVE-2017-6810
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6809 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
+CVE-2017-6809
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6808 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
+CVE-2017-6808
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6807 (mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session ...)
+CVE-2017-6807
 	- libapache2-mod-auth-mellon 0.12.0-2
 	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
 CVE-2017-6806
 	RESERVED
-CVE-2017-6805 (Directory traversal vulnerability in the TFTP server in MobaXterm ...)
+CVE-2017-6805
 	NOT-FOR-US: MobaXterm
 CVE-2017-6804
 	REJECTED
-CVE-2017-6803 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+CVE-2017-6803
 	NOT-FOR-US: SolarWinds (formerly Serv-U) FTP Voyager
-CVE-2017-6798 (Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking ...)
+CVE-2017-6798
 	NOT-FOR-US: Trend Micro Endpoint Sensor
-CVE-2017-6802 (An issue was discovered in ytnef before 1.9.2. There is a potential ...)
+CVE-2017-6802
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.2-1
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/22f8346c8d4f0020a40d9f258fdb3bfc097359cc
-CVE-2017-6801 (An issue was discovered in ytnef before 1.9.2. There is a potential ...)
+CVE-2017-6801
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.2-1
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/3cb0f914d6427073f262e1b2b5fd973e3043cdf7
-CVE-2017-6800 (An issue was discovered in ytnef before 1.9.2. An invalid memory access ...)
+CVE-2017-6800
 	{DSA-3846-1}
 	- libytnef 1.9.2-1
 	[wheezy] - libytnef <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/f98f5d4adc1c4bd4033638f6167c1bb95d642f89
-CVE-2017-6799 (A cross-site scripting (XSS) vulnerability in view_filters_page.php in ...)
+CVE-2017-6799
 	- mantis <not-affected> (Vulnerable versions only 2.1.0 through 2.2.0)
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/1677251434b6e8b2be8f1d4376a3e78f7be14d95
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=22497
-CVE-2017-6797 (A cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-6797
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/a2d90ecabf3bcf3aa22ed9dbbecfd3d37902956f
 	NOTE: https://github.com/mantisbt/mantisbt/commit/c272c3f65da9677e505ff692b1f1e476b3afa56e
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=22486
-CVE-2017-6796 (A vulnerability in the USB-modem code of Cisco IOS XE Software running ...)
+CVE-2017-6796
 	NOT-FOR-US: Cisco
-CVE-2017-6795 (A vulnerability in the USB-modem code of Cisco IOS XE Software running ...)
+CVE-2017-6795
 	NOT-FOR-US: Cisco
-CVE-2017-6794 (A vulnerability in the CLI command-parsing code of Cisco Meeting Server ...)
+CVE-2017-6794
 	NOT-FOR-US: Cisco
-CVE-2017-6793 (A vulnerability in the Inventory Management feature of Cisco Prime ...)
+CVE-2017-6793
 	NOT-FOR-US: Cisco
-CVE-2017-6792 (A vulnerability in the batch provisioning feature in Cisco Prime ...)
+CVE-2017-6792
 	NOT-FOR-US: Cisco
-CVE-2017-6791 (A vulnerability in the Trust Verification Service (TVS) of Cisco ...)
+CVE-2017-6791
 	NOT-FOR-US: Cisco
-CVE-2017-6790 (A vulnerability in the Session Initiation Protocol (SIP) on the Cisco ...)
+CVE-2017-6790
 	NOT-FOR-US: Cisco
-CVE-2017-6789 (A vulnerability in the Cisco Unified Intelligence Center web interface ...)
+CVE-2017-6789
 	NOT-FOR-US: Cisco
-CVE-2017-6788 (The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client ...)
+CVE-2017-6788
 	NOT-FOR-US: Cisco
 CVE-2017-6787
 	RESERVED
-CVE-2017-6786 (A vulnerability in Cisco Elastic Services Controller could allow an ...)
+CVE-2017-6786
 	NOT-FOR-US: Cisco
-CVE-2017-6785 (A vulnerability in configuration modification permissions validation ...)
+CVE-2017-6785
 	NOT-FOR-US: Cisco
-CVE-2017-6784 (A vulnerability in the web interface of the Cisco RV340, RV345, and ...)
+CVE-2017-6784
 	NOT-FOR-US: Cisco
-CVE-2017-6783 (A vulnerability in SNMP polling for the Cisco Web Security Appliance ...)
+CVE-2017-6783
 	NOT-FOR-US: Cisco
-CVE-2017-6782 (A vulnerability in the administrative web interface of Cisco Prime ...)
+CVE-2017-6782
 	NOT-FOR-US: Cisco
-CVE-2017-6781 (A vulnerability in the management of shell user accounts for Cisco ...)
+CVE-2017-6781
 	NOT-FOR-US: Cisco
-CVE-2017-6780 (A vulnerability in the TCP throttling process for Cisco IoT Field ...)
+CVE-2017-6780
 	NOT-FOR-US: Cisco
-CVE-2017-6779 (Multiple Cisco products are affected by a vulnerability in local file ...)
+CVE-2017-6779
 	NOT-FOR-US: Cisco
-CVE-2017-6778 (A vulnerability in the Elastic Services Controller (ESC) web interface ...)
+CVE-2017-6778
 	NOT-FOR-US: Cisco
-CVE-2017-6777 (A vulnerability in the ConfD server of the Cisco Elastic Services ...)
+CVE-2017-6777
 	NOT-FOR-US: Cisco
-CVE-2017-6776 (A vulnerability in the web framework of Cisco Elastic Services ...)
+CVE-2017-6776
 	NOT-FOR-US: Cisco
-CVE-2017-6775 (A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated ...)
+CVE-2017-6775
 	NOT-FOR-US: Cisco
-CVE-2017-6774 (A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers ...)
+CVE-2017-6774
 	NOT-FOR-US: Cisco
-CVE-2017-6773 (A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated ...)
+CVE-2017-6773
 	NOT-FOR-US: Cisco
-CVE-2017-6772 (A vulnerability in Cisco Elastic Services Controller (ESC) could allow ...)
+CVE-2017-6772
 	NOT-FOR-US: Cisco
-CVE-2017-6771 (A vulnerability in the AutoVNF automation tool of the Cisco Ultra ...)
+CVE-2017-6771
 	NOT-FOR-US: Cisco
-CVE-2017-6770 (Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software ...)
+CVE-2017-6770
 	NOT-FOR-US: Cisco
-CVE-2017-6769 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2017-6769
 	NOT-FOR-US: Cisco
-CVE-2017-6768 (A vulnerability in the build procedure for certain executable system ...)
+CVE-2017-6768
 	NOT-FOR-US: Cisco
-CVE-2017-6767 (A vulnerability in Cisco Application Policy Infrastructure Controller ...)
+CVE-2017-6767
 	NOT-FOR-US: Cisco
-CVE-2017-6766 (A vulnerability in the Secure Sockets Layer (SSL) Decryption and ...)
+CVE-2017-6766
 	NOT-FOR-US: Cisco
-CVE-2017-6765 (A vulnerability in the web-based management interface of Cisco Adaptive ...)
+CVE-2017-6765
 	NOT-FOR-US: Cisco
-CVE-2017-6764 (A vulnerability in the web-based management interface of Cisco Adaptive ...)
+CVE-2017-6764
 	NOT-FOR-US: Cisco
-CVE-2017-6763 (A vulnerability in the implementation of the H.264 protocol in Cisco ...)
+CVE-2017-6763
 	NOT-FOR-US: Cisco
-CVE-2017-6762 (A vulnerability in the web-based management interface of Cisco Jabber ...)
+CVE-2017-6762
 	NOT-FOR-US: Cisco
-CVE-2017-6761 (A vulnerability in the web-based management interface of Cisco Finesse ...)
+CVE-2017-6761
 	NOT-FOR-US: Cisco
 CVE-2017-6760
 	RESERVED
-CVE-2017-6759 (A vulnerability in the UpgradeManager of the Cisco Prime Collaboration ...)
+CVE-2017-6759
 	NOT-FOR-US: Cisco
-CVE-2017-6758 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2017-6758
 	NOT-FOR-US: Cisco
-CVE-2017-6757 (A vulnerability in Cisco Unified Communications Manager ...)
+CVE-2017-6757
 	NOT-FOR-US: Cisco
-CVE-2017-6756 (A vulnerability in the Web UI Application of the Cisco Prime ...)
+CVE-2017-6756
 	NOT-FOR-US: Cisco
-CVE-2017-6755 (A vulnerability in the web portal of the Cisco Prime Collaboration ...)
+CVE-2017-6755
 	NOT-FOR-US: Cisco
-CVE-2017-6754 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2017-6754
 	NOT-FOR-US: Cisco
-CVE-2017-6753 (A vulnerability in Cisco WebEx browser extensions for Google Chrome and ...)
+CVE-2017-6753
 	NOT-FOR-US: Cisco
-CVE-2017-6752 (A vulnerability in the web interface of the Cisco Adaptive Security ...)
+CVE-2017-6752
 	NOT-FOR-US: Cisco
-CVE-2017-6751 (A vulnerability in the web proxy functionality of the Cisco Web ...)
+CVE-2017-6751
 	NOT-FOR-US: Cisco
-CVE-2017-6750 (A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) ...)
+CVE-2017-6750
 	NOT-FOR-US: Cisco
-CVE-2017-6749 (A vulnerability in the web-based management interface of Cisco Web ...)
+CVE-2017-6749
 	NOT-FOR-US: Cisco
-CVE-2017-6748 (A vulnerability in the CLI parser of the Cisco Web Security Appliance ...)
+CVE-2017-6748
 	NOT-FOR-US: Cisco
-CVE-2017-6747 (A vulnerability in the authentication module of Cisco Identity Services ...)
+CVE-2017-6747
 	NOT-FOR-US: Cisco
-CVE-2017-6746 (A vulnerability in the web interface of the Cisco Web Security ...)
+CVE-2017-6746
 	NOT-FOR-US: Cisco
-CVE-2017-6745 (A vulnerability in the cache server within Cisco Videoscape ...)
+CVE-2017-6745
 	NOT-FOR-US: Cisco
-CVE-2017-6744 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6744
 	NOT-FOR-US: Cisco
-CVE-2017-6743 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6743
 	NOT-FOR-US: Cisco
-CVE-2017-6742 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6742
 	NOT-FOR-US: Cisco
-CVE-2017-6741 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6741
 	NOT-FOR-US: Cisco
-CVE-2017-6740 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6740
 	NOT-FOR-US: Cisco
-CVE-2017-6739 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6739
 	NOT-FOR-US: Cisco
-CVE-2017-6738 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6738
 	NOT-FOR-US: Cisco
-CVE-2017-6737 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6737
 	NOT-FOR-US: Cisco
-CVE-2017-6736 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
+CVE-2017-6736
 	NOT-FOR-US: Cisco
-CVE-2017-6735 (A vulnerability in the backup and restore functionality of Cisco ...)
+CVE-2017-6735
 	NOT-FOR-US: Cisco
-CVE-2017-6734 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2017-6734
 	NOT-FOR-US: Cisco
-CVE-2017-6733 (A vulnerability in the web-based application interface of the Cisco ...)
+CVE-2017-6733
 	NOT-FOR-US: Cisco
-CVE-2017-6732 (A vulnerability in the installation procedure for Cisco Prime Network ...)
+CVE-2017-6732
 	NOT-FOR-US: Cisco
-CVE-2017-6731 (A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress ...)
+CVE-2017-6731
 	NOT-FOR-US: Cisco
-CVE-2017-6730 (A vulnerability in the web-based GUI of Cisco Wide Area Application ...)
+CVE-2017-6730
 	NOT-FOR-US: Cisco
-CVE-2017-6729 (A vulnerability in the Border Gateway Protocol (BGP) processing ...)
+CVE-2017-6729
 	NOT-FOR-US: Cisco
-CVE-2017-6728 (A vulnerability in the CLI of Cisco IOS XR Software could allow an ...)
+CVE-2017-6728
 	NOT-FOR-US: Cisco
-CVE-2017-6727 (A vulnerability in the Server Message Block (SMB) protocol of Cisco ...)
+CVE-2017-6727
 	NOT-FOR-US: Cisco
-CVE-2017-6726 (A vulnerability in the CLI of the Cisco Prime Network Gateway could ...)
+CVE-2017-6726
 	NOT-FOR-US: Cisco
-CVE-2017-6725 (A vulnerability in the web framework code of Cisco Prime Infrastructure ...)
+CVE-2017-6725
 	NOT-FOR-US: Cisco
-CVE-2017-6724 (A vulnerability in the web framework code of Cisco Prime Infrastructure ...)
+CVE-2017-6724
 	NOT-FOR-US: Cisco
 CVE-2017-6723
 	RESERVED
-CVE-2017-6722 (A vulnerability in the Extensible Messaging and Presence Protocol ...)
+CVE-2017-6722
 	NOT-FOR-US: Cisco
-CVE-2017-6721 (A vulnerability in the ingress processing of fragmented TCP packets by ...)
+CVE-2017-6721
 	NOT-FOR-US: Cisco
-CVE-2017-6720 (A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small ...)
+CVE-2017-6720
 	NOT-FOR-US: Cisco
-CVE-2017-6719 (A vulnerability in the CLI of Cisco IOS XR Software could allow an ...)
+CVE-2017-6719
 	NOT-FOR-US: Cisco
-CVE-2017-6718 (A vulnerability in the CLI of Cisco IOS XR Software could allow an ...)
+CVE-2017-6718
 	NOT-FOR-US: Cisco
-CVE-2017-6717 (A vulnerability in the web framework of Cisco Firepower Management ...)
+CVE-2017-6717
 	NOT-FOR-US: Cisco
-CVE-2017-6716 (A vulnerability in the web framework code of Cisco Firepower Management ...)
+CVE-2017-6716
 	NOT-FOR-US: Cisco
-CVE-2017-6715 (A vulnerability in the web framework of Cisco Firepower Management ...)
+CVE-2017-6715
 	NOT-FOR-US: Cisco
-CVE-2017-6714 (A vulnerability in the AutoIT service of Cisco Ultra Services Framework ...)
+CVE-2017-6714
 	NOT-FOR-US: Cisco
-CVE-2017-6713 (A vulnerability in the Play Framework of Cisco Elastic Services ...)
+CVE-2017-6713
 	NOT-FOR-US: Cisco
-CVE-2017-6712 (A vulnerability in certain commands of Cisco Elastic Services ...)
+CVE-2017-6712
 	NOT-FOR-US: Cisco
-CVE-2017-6711 (A vulnerability in the Ultra Automation Service (UAS) of the Cisco ...)
+CVE-2017-6711
 	NOT-FOR-US: Cisco
-CVE-2017-6710 (A vulnerability in the Cisco Virtual Network Function (VNF) Element ...)
+CVE-2017-6710
 	NOT-FOR-US: Cisco
-CVE-2017-6709 (A vulnerability in the AutoVNF tool for the Cisco Ultra Services ...)
+CVE-2017-6709
 	NOT-FOR-US: Cisco
-CVE-2017-6708 (A vulnerability in the symbolic link (symlink) creation functionality ...)
+CVE-2017-6708
 	NOT-FOR-US: Cisco
-CVE-2017-6707 (A vulnerability in the CLI command-parsing code of the Cisco StarOS ...)
+CVE-2017-6707
 	NOT-FOR-US: Cisco
-CVE-2017-6706 (A vulnerability in the logging subsystem of the Cisco Prime ...)
+CVE-2017-6706
 	NOT-FOR-US: Cisco
-CVE-2017-6705 (A vulnerability in the filesystem of the Cisco Prime Collaboration ...)
+CVE-2017-6705
 	NOT-FOR-US: Cisco
-CVE-2017-6704 (A vulnerability in the web application in the Cisco Prime Collaboration ...)
+CVE-2017-6704
 	NOT-FOR-US: Cisco
-CVE-2017-6703 (A vulnerability in the web application in the Cisco Prime Collaboration ...)
+CVE-2017-6703
 	NOT-FOR-US: Cisco
-CVE-2017-6702 (A vulnerability in the web framework of Cisco SocialMiner could allow ...)
+CVE-2017-6702
 	NOT-FOR-US: Cisco
-CVE-2017-6701 (A vulnerability in the web application interface of the Cisco Identity ...)
+CVE-2017-6701
 	NOT-FOR-US: Cisco
-CVE-2017-6700 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2017-6700
 	NOT-FOR-US: Cisco
-CVE-2017-6699 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2017-6699
 	NOT-FOR-US: Cisco
-CVE-2017-6698 (A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved ...)
+CVE-2017-6698
 	NOT-FOR-US: Cisco
-CVE-2017-6697 (A vulnerability in the web interface of Cisco Elastic Services ...)
+CVE-2017-6697
 	NOT-FOR-US: Cisco
-CVE-2017-6696 (A vulnerability in the file system of Cisco Elastic Services ...)
+CVE-2017-6696
 	NOT-FOR-US: Cisco
-CVE-2017-6695 (A vulnerability in the ConfD server in Cisco Ultra Services Platform ...)
+CVE-2017-6695
 	NOT-FOR-US: Cisco
-CVE-2017-6694 (A vulnerability in the Virtual Network Function Manager's (VNFM) ...)
+CVE-2017-6694
 	NOT-FOR-US: Cisco
-CVE-2017-6693 (A vulnerability in the ConfD server component of Cisco Elastic Services ...)
+CVE-2017-6693
 	NOT-FOR-US: Cisco
-CVE-2017-6692 (A vulnerability in Cisco Ultra Services Framework Element Manager could ...)
+CVE-2017-6692
 	NOT-FOR-US: Cisco
-CVE-2017-6691 (A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers ...)
+CVE-2017-6691
 	NOT-FOR-US: Cisco
-CVE-2017-6690 (A vulnerability in the file check operation of Cisco ASR 5000 Series ...)
+CVE-2017-6690
 	NOT-FOR-US: Cisco
-CVE-2017-6689 (A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers ...)
+CVE-2017-6689
 	NOT-FOR-US: Cisco
-CVE-2017-6688 (A vulnerability in Cisco Elastic Services Controllers could allow an ...)
+CVE-2017-6688
 	NOT-FOR-US: Cisco
-CVE-2017-6687 (A vulnerability in Cisco Ultra Services Framework Element Manager could ...)
+CVE-2017-6687
 	NOT-FOR-US: Cisco
-CVE-2017-6686 (A vulnerability in Cisco Ultra Services Framework Element Manager could ...)
+CVE-2017-6686
 	NOT-FOR-US: Cisco
-CVE-2017-6685 (A vulnerability in Cisco Ultra Services Framework Staging Server could ...)
+CVE-2017-6685
 	NOT-FOR-US: Cisco
-CVE-2017-6684 (A vulnerability in Cisco Elastic Services Controllers could allow an ...)
+CVE-2017-6684
 	NOT-FOR-US: Cisco
-CVE-2017-6683 (A vulnerability in the esc_listener.py script of Cisco Elastic Services ...)
+CVE-2017-6683
 	NOT-FOR-US: Cisco
-CVE-2017-6682 (A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers ...)
+CVE-2017-6682
 	NOT-FOR-US: Cisco
-CVE-2017-6681 (A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra ...)
+CVE-2017-6681
 	NOT-FOR-US: Cisco
-CVE-2017-6680 (A vulnerability in the AutoVNF logging function of Cisco Ultra Services ...)
+CVE-2017-6680
 	NOT-FOR-US: Cisco
-CVE-2017-6679 (The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained ...)
+CVE-2017-6679
 	NOT-FOR-US: Cisco
-CVE-2017-6678 (A vulnerability in the ingress UDP packet processing functionality of ...)
+CVE-2017-6678
 	NOT-FOR-US: Cisco
 CVE-2017-6677
 	RESERVED
 CVE-2017-6676
 	RESERVED
-CVE-2017-6675 (A vulnerability in the web interface of Cisco Industrial Network ...)
+CVE-2017-6675
 	NOT-FOR-US: Cisco
-CVE-2017-6674 (A vulnerability in the feature-license management functionality of ...)
+CVE-2017-6674
 	NOT-FOR-US: Cisco
-CVE-2017-6673 (A vulnerability in Cisco Firepower Management Center could allow an ...)
+CVE-2017-6673
 	NOT-FOR-US: Cisco
-CVE-2017-6672 (A vulnerability in certain filtering mechanisms of access control lists ...)
+CVE-2017-6672
 	NOT-FOR-US: Cisco
-CVE-2017-6671 (A vulnerability in the email message scanning of Cisco AsyncOS Software ...)
+CVE-2017-6671
 	NOT-FOR-US: Cisco
-CVE-2017-6670 (A vulnerability in the web-based GUI of Cisco Unified Communications ...)
+CVE-2017-6670
 	NOT-FOR-US: Cisco
-CVE-2017-6669 (Multiple buffer overflow vulnerabilities exist in the Cisco WebEx ...)
+CVE-2017-6669
 	NOT-FOR-US: Cisco
-CVE-2017-6668 (Vulnerabilities in the web-based GUI of Cisco Unified Communications ...)
+CVE-2017-6668
 	NOT-FOR-US: Cisco
-CVE-2017-6667 (A vulnerability in the update process for the dynamic JAR file of the ...)
+CVE-2017-6667
 	NOT-FOR-US: Cisco
-CVE-2017-6666 (A vulnerability in the forwarding component of Cisco IOS XR Software ...)
+CVE-2017-6666
 	NOT-FOR-US: Cisco
-CVE-2017-6665 (A vulnerability in the Autonomic Networking feature of Cisco IOS ...)
+CVE-2017-6665
 	NOT-FOR-US: Cisco
-CVE-2017-6664 (A vulnerability in the Autonomic Networking feature of Cisco IOS XE ...)
+CVE-2017-6664
 	NOT-FOR-US: Cisco
-CVE-2017-6663 (A vulnerability in the Autonomic Networking feature of Cisco IOS ...)
+CVE-2017-6663
 	NOT-FOR-US: Cisco
-CVE-2017-6662 (A vulnerability in the web-based user interface of Cisco Prime ...)
+CVE-2017-6662
 	NOT-FOR-US: Cisco
-CVE-2017-6661 (A vulnerability in the web-based management interface of Cisco Email ...)
+CVE-2017-6661
 	NOT-FOR-US: Cisco
 CVE-2017-6660
 	RESERVED
-CVE-2017-6659 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2017-6659
 	NOT-FOR-US: Cisco
-CVE-2017-6658 (Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread ...)
+CVE-2017-6658
 	NOT-FOR-US: Cisco
-CVE-2017-6657 (Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type ...)
+CVE-2017-6657
 	NOT-FOR-US: Cisco
-CVE-2017-6656 (A vulnerability in Session Initiation Protocol (SIP) call handling of ...)
+CVE-2017-6656
 	NOT-FOR-US: Cisco
-CVE-2017-6655 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol ...)
+CVE-2017-6655
 	NOT-FOR-US: Cisco
-CVE-2017-6654 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2017-6654
 	NOT-FOR-US: Cisco
-CVE-2017-6653 (A vulnerability in the TCP throttling process for the GUI of the Cisco ...)
+CVE-2017-6653
 	NOT-FOR-US: Cisco
-CVE-2017-6652 (A vulnerability in the web framework of the Cisco TelePresence IX5000 ...)
+CVE-2017-6652
 	NOT-FOR-US: Cisco
-CVE-2017-6651 (A vulnerability in Cisco WebEx Meetings Server could allow ...)
+CVE-2017-6651
 	NOT-FOR-US: Cisco
-CVE-2017-6650 (A vulnerability in the Telnet CLI command of Cisco NX-OS System ...)
+CVE-2017-6650
 	NOT-FOR-US: Cisco
-CVE-2017-6649 (A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through ...)
+CVE-2017-6649
 	NOT-FOR-US: Cisco
-CVE-2017-6648 (A vulnerability in the Session Initiation Protocol (SIP) of the Cisco ...)
+CVE-2017-6648
 	NOT-FOR-US: Cisco
-CVE-2017-6647 (A vulnerability in the web interface of Cisco Remote Expert Manager ...)
+CVE-2017-6647
 	NOT-FOR-US: Cisco
-CVE-2017-6646 (A vulnerability in the web interface of Cisco Remote Expert Manager ...)
+CVE-2017-6646
 	NOT-FOR-US: Cisco
-CVE-2017-6645 (A vulnerability in the web interface of Cisco Remote Expert Manager ...)
+CVE-2017-6645
 	NOT-FOR-US: Cisco
-CVE-2017-6644 (A vulnerability in the web interface of Cisco Remote Expert Manager ...)
+CVE-2017-6644
 	NOT-FOR-US: Cisco
-CVE-2017-6643 (A vulnerability in the web interface of Cisco Remote Expert Manager ...)
+CVE-2017-6643
 	NOT-FOR-US: Cisco
-CVE-2017-6642 (A vulnerability in the web interface of Cisco Remote Expert Manager ...)
+CVE-2017-6642
 	NOT-FOR-US: Cisco
-CVE-2017-6641 (A vulnerability in the TCP connection handling functionality of Cisco ...)
+CVE-2017-6641
 	NOT-FOR-US: Cisco
-CVE-2017-6640 (A vulnerability in Cisco Prime Data Center Network Manager (DCNM) ...)
+CVE-2017-6640
 	NOT-FOR-US: Cisco
-CVE-2017-6639 (A vulnerability in the role-based access control (RBAC) functionality ...)
+CVE-2017-6639
 	NOT-FOR-US: Cisco
-CVE-2017-6638 (A vulnerability in how DLL files are loaded with Cisco AnyConnect ...)
+CVE-2017-6638
 	NOT-FOR-US: Cisco
-CVE-2017-6637 (A vulnerability in the web interface of Cisco Prime Collaboration ...)
+CVE-2017-6637
 	NOT-FOR-US: Cisco
-CVE-2017-6636 (A vulnerability in the web interface of Cisco Prime Collaboration ...)
+CVE-2017-6636
 	NOT-FOR-US: Cisco
-CVE-2017-6635 (A vulnerability in the web interface of Cisco Prime Collaboration ...)
+CVE-2017-6635
 	NOT-FOR-US: Cisco
-CVE-2017-6634 (A vulnerability in the Device Manager web interface of Cisco Industrial ...)
+CVE-2017-6634
 	NOT-FOR-US: Cisco
-CVE-2017-6633 (A vulnerability in the TCP throttling process of Cisco UCS C-Series ...)
+CVE-2017-6633
 	NOT-FOR-US: Cisco
-CVE-2017-6632 (A vulnerability in the logging configuration of Secure Sockets Layer ...)
+CVE-2017-6632
 	NOT-FOR-US: Cisco
-CVE-2017-6631 (A vulnerability in the HTTP remote procedure call (RPC) service of ...)
+CVE-2017-6631
 	NOT-FOR-US: Cisco
-CVE-2017-6630 (A vulnerability in the Session Initiation Protocol (SIP) implementation ...)
+CVE-2017-6630
 	NOT-FOR-US: Cisco
-CVE-2017-6629 (A vulnerability in the ImageID parameter of Cisco Unity Connection ...)
+CVE-2017-6629
 	NOT-FOR-US: Cisco
-CVE-2017-6628 (A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide ...)
+CVE-2017-6628
 	NOT-FOR-US: Cisco
-CVE-2017-6627 (A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and ...)
+CVE-2017-6627
 	NOT-FOR-US: Cisco
-CVE-2017-6626 (A vulnerability in the Cisco Finesse Notification Service for Cisco ...)
+CVE-2017-6626
 	NOT-FOR-US: Cisco
-CVE-2017-6625 (A &quot;Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA ...)
+CVE-2017-6625
 	NOT-FOR-US: Cisco
-CVE-2017-6624 (A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager ...)
+CVE-2017-6624
 	NOT-FOR-US: Cisco
-CVE-2017-6623 (A vulnerability in a script file that is installed as part of the Cisco ...)
+CVE-2017-6623
 	NOT-FOR-US: Cisco
-CVE-2017-6622 (A vulnerability in the web interface for Cisco Prime Collaboration ...)
+CVE-2017-6622
 	NOT-FOR-US: Cisco
-CVE-2017-6621 (A vulnerability in the web interface of Cisco Prime Collaboration ...)
+CVE-2017-6621
 	NOT-FOR-US: Cisco
-CVE-2017-6620 (A vulnerability in the remote management access control list (ACL) ...)
+CVE-2017-6620
 	NOT-FOR-US: Cisco
-CVE-2017-6619 (A vulnerability in the web-based GUI of Cisco Integrated Management ...)
+CVE-2017-6619
 	NOT-FOR-US: Cisco
-CVE-2017-6618 (A vulnerability in the web-based GUI of Cisco Integrated Management ...)
+CVE-2017-6618
 	NOT-FOR-US: Cisco
-CVE-2017-6617 (A vulnerability in the session identification management functionality ...)
+CVE-2017-6617
 	NOT-FOR-US: Cisco
-CVE-2017-6616 (A vulnerability in the web-based GUI of Cisco Integrated Management ...)
+CVE-2017-6616
 	NOT-FOR-US: Cisco
-CVE-2017-6615 (A vulnerability in the Simple Network Management Protocol (SNMP) ...)
+CVE-2017-6615
 	NOT-FOR-US: Cisco
-CVE-2017-6614 (A vulnerability in the file-download feature of the web user interface ...)
+CVE-2017-6614
 	NOT-FOR-US: Cisco
-CVE-2017-6613 (A vulnerability in the DNS input packet processor for Cisco Prime ...)
+CVE-2017-6613
 	NOT-FOR-US: Cisco
-CVE-2017-6612 (A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR ...)
+CVE-2017-6612
 	NOT-FOR-US: Cisco
-CVE-2017-6611 (A vulnerability in the web framework code of Cisco Prime Infrastructure ...)
+CVE-2017-6611
 	NOT-FOR-US: Cisco
-CVE-2017-6610 (A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH ...)
+CVE-2017-6610
 	NOT-FOR-US: Cisco
-CVE-2017-6609 (A vulnerability in the IPsec code of Cisco ASA Software could allow an ...)
+CVE-2017-6609
 	NOT-FOR-US: Cisco
-CVE-2017-6608 (A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer ...)
+CVE-2017-6608
 	NOT-FOR-US: Cisco
-CVE-2017-6607 (A vulnerability in the DNS code of Cisco ASA Software could allow an ...)
+CVE-2017-6607
 	NOT-FOR-US: Cisco
-CVE-2017-6606 (A vulnerability in a startup script of Cisco IOS XE Software could ...)
+CVE-2017-6606
 	NOT-FOR-US: Cisco
-CVE-2017-6605 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2017-6605
 	NOT-FOR-US: Cisco
-CVE-2017-6604 (A vulnerability in the web interface of Cisco Integrated Management ...)
+CVE-2017-6604
 	NOT-FOR-US: Cisco
-CVE-2017-6603 (A vulnerability in Cisco ASR 903 or ASR 920 Series Devices running with ...)
+CVE-2017-6603
 	NOT-FOR-US: Cisco
-CVE-2017-6602 (A vulnerability in the CLI of Cisco Unified Computing System (UCS) ...)
+CVE-2017-6602
 	NOT-FOR-US: Cisco
-CVE-2017-6601 (A vulnerability in the CLI of the Cisco Unified Computing System (UCS) ...)
+CVE-2017-6601
 	NOT-FOR-US: Cisco
-CVE-2017-6600 (A vulnerability in the CLI of the Cisco Unified Computing System (UCS) ...)
+CVE-2017-6600
 	NOT-FOR-US: Cisco
-CVE-2017-6599 (A vulnerability in Google-defined remote procedure call (gRPC) handling ...)
+CVE-2017-6599
 	NOT-FOR-US: Cisco
-CVE-2017-6598 (A vulnerability in the debug plug-in functionality of the Cisco Unified ...)
+CVE-2017-6598
 	NOT-FOR-US: Cisco
-CVE-2017-6597 (A vulnerability in the local-mgmt CLI command of the Cisco Unified ...)
+CVE-2017-6597
 	NOT-FOR-US: Cisco
-CVE-2017-6596 (partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer ...)
+CVE-2017-6596
 	{DLA-923-1}
 	[experimental] - partclone 0.2.90-1
 	- partclone 0.2.89-3 (bug #857966)
@@ -34444,7 +34442,7 @@ CVE-2017-6596 (partclone.chkimg in partclone 0.2.89 is prone to a heap-based buf
 	NOTE: https://github.com/Thomas-Tsai/partclone/commit/96401fb5b7221fc5f44df7079485c395f9c3a428
 CVE-2017-6595
 	RESERVED
-CVE-2017-6594 (The transit path validation code in Heimdal before 7.3 might allow ...)
+CVE-2017-6594
 	- heimdal 7.1.0+dfsg-12
 	[jessie] - heimdal <no-dsa> (Minor issue)
 	[wheezy] - heimdal <no-dsa> (Minor issue)
@@ -34454,14 +34452,14 @@ CVE-2017-6593
 	RESERVED
 CVE-2017-6592
 	RESERVED
-CVE-2017-6591 (There is a cross-site scripting vulnerability in django-epiceditor ...)
+CVE-2017-6591
 	NOT-FOR-US: django-epiceditor
-CVE-2017-6590 (An issue was discovered in network-manager-applet (aka ...)
+CVE-2017-6590
 	- network-manager-applet <unfixed> (unimportant)
 	NOTE: Marked as 'unimportant', since not exploitable in Debian, although the source
 	NOTE: would be affected as well for Debian.
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1668321
-CVE-2017-6589 (EpicEditor through 0.2.3 has Cross-Site Scripting because of an ...)
+CVE-2017-6589
 	NOT-FOR-US: django-epiceditor
 CVE-2017-6588
 	RESERVED
@@ -34483,23 +34481,23 @@ CVE-2017-6580
 	RESERVED
 CVE-2017-6579
 	RESERVED
-CVE-2017-6578 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6578
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6577 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6577
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6576 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6576
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6575 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6575
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6574 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6574
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6573 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6573
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6572 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6572
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6571 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6571
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6570 (A SQL injection issue is exploitable, with WordPress admin access, in ...)
+CVE-2017-6570
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
 CVE-2017-6569
 	RESERVED
@@ -34509,53 +34507,53 @@ CVE-2017-6567
 	RESERVED
 CVE-2017-6566
 	RESERVED
-CVE-2017-6565 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag ...)
+CVE-2017-6565
 	NOT-FOR-US: Franklin Fueling Systems TS-550 evo
-CVE-2017-6564 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest ...)
+CVE-2017-6564
 	NOT-FOR-US: Franklin Fueling Systems TS-550 evo
 CVE-2017-6563
 	RESERVED
-CVE-2017-6562 (XSS in Agora-Project 3.2.2 exists with an ...)
+CVE-2017-6562
 	NOT-FOR-US: Agora-Project
-CVE-2017-6561 (XSS in Agora-Project 3.2.2 exists with an ...)
+CVE-2017-6561
 	NOT-FOR-US: Agora-Project
-CVE-2017-6560 (XSS in Agora-Project 3.2.2 exists with an ...)
+CVE-2017-6560
 	NOT-FOR-US: Agora-Project
-CVE-2017-6559 (XSS in Agora-Project 3.2.2 exists with an ...)
+CVE-2017-6559
 	NOT-FOR-US: Agora-Project
-CVE-2017-6558 (iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n ...)
+CVE-2017-6558
 	NOT-FOR-US: iball Baton
-CVE-2017-6557 (SQL injection vulnerability in ArrayOS before AG 9.4.0.135, when the ...)
+CVE-2017-6557
 	NOT-FOR-US: ArrayOS
-CVE-2017-6556 (Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) ...)
+CVE-2017-6556
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6555 (Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php ...)
+CVE-2017-6555
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6554 (pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured ...)
+CVE-2017-6554
 	NOT-FOR-US: Quest Privilege Manager
-CVE-2017-6553 (Buffer Overflow in Quest One Identity Privilege Manager for Unix before ...)
+CVE-2017-6553
 	NOT-FOR-US: Quest One Identity Privilege Manager for Unix
-CVE-2017-6552 (Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently ...)
+CVE-2017-6552
 	NOT-FOR-US: Livebox 3 Sagemcom
-CVE-2017-6551 (Pexip Infinity before 14.2 allows remote attackers to cause a denial ...)
+CVE-2017-6551
 	NOT-FOR-US: Pexip Infinity
-CVE-2017-6550 (Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson ...)
+CVE-2017-6550
 	NOT-FOR-US: Kinsey Infor-Lawson
-CVE-2017-6549 (Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, ...)
+CVE-2017-6549
 	NOT-FOR-US: ASUS
-CVE-2017-6548 (Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, ...)
+CVE-2017-6548
 	NOT-FOR-US: ASUS
-CVE-2017-6547 (Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, ...)
+CVE-2017-6547
 	NOT-FOR-US: ASUS
 CVE-2017-6546
 	RESERVED
 CVE-2017-6545
 	RESERVED
-CVE-2017-6544 (Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in ...)
+CVE-2017-6544
 	NOT-FOR-US: wuhu
-CVE-2017-6543 (Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance ...)
+CVE-2017-6543
 	NOT-FOR-US: Nessus
-CVE-2017-6542 (The ssh_agent_channel_data function in PuTTY before 0.68 allows remote ...)
+CVE-2017-6542
 	- putty 0.67-3 (bug #857642)
 	[jessie] - putty <no-dsa> (Minor issue)
 	[wheezy] - putty <no-dsa> (Minor issue)
@@ -34564,37 +34562,37 @@ CVE-2017-6542 (The ssh_agent_channel_data function in PuTTY before 0.68 allows r
 	NOTE: Bug only exploitable if SSH agent forwarding enabled (not the default) and if
 	NOTE: the attacker can already be able to connect to the  Unix-domain socket
 	NOTE: representing the forwarded agent connection.
-CVE-2017-6541 (Multiple Cross-Site Scripting (XSS) issues were discovered in ...)
+CVE-2017-6541
 	NOT-FOR-US: webpagetest
-CVE-2017-6540 (Multiple Cross-Site Scripting (XSS) issues were discovered in ...)
+CVE-2017-6540
 	NOT-FOR-US: webpagetest
-CVE-2017-6539 (Multiple Cross-Site Scripting (XSS) issues were discovered in ...)
+CVE-2017-6539
 	NOT-FOR-US: webpagetest
-CVE-2017-6538 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. ...)
+CVE-2017-6538
 	NOT-FOR-US: webpagetest
-CVE-2017-6537 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. ...)
+CVE-2017-6537
 	NOT-FOR-US: webpagetest
-CVE-2017-6536 (Multiple Cross-Site Scripting (XSS) issues were discovered in ...)
+CVE-2017-6536
 	NOT-FOR-US: webpagetest
-CVE-2017-6535 (Multiple Cross-Site Scripting (XSS) issues were discovered in ...)
+CVE-2017-6535
 	NOT-FOR-US: webpagetest
-CVE-2017-6534 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. ...)
+CVE-2017-6534
 	NOT-FOR-US: webpagetest
-CVE-2017-6533 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. ...)
+CVE-2017-6533
 	NOT-FOR-US: webpagetest
-CVE-2017-6532 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 ...)
+CVE-2017-6532
 	NOT-FOR-US: Televes COAXDATA GATEWAY
-CVE-2017-6531 (On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, ...)
+CVE-2017-6531
 	NOT-FOR-US: Televes COAXDATA GATEWAY
-CVE-2017-6530 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do ...)
+CVE-2017-6530
 	NOT-FOR-US: Televes COAXDATA GATEWAY
-CVE-2017-6529 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...)
+CVE-2017-6529
 	NOT-FOR-US: dnaLIMS
-CVE-2017-6528 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...)
+CVE-2017-6528
 	NOT-FOR-US: dnaLIMS
-CVE-2017-6527 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...)
+CVE-2017-6527
 	NOT-FOR-US: dnaLIMS
-CVE-2017-6526 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...)
+CVE-2017-6526
 	NOT-FOR-US: dnaLIMS
 CVE-2017-6525
 	RESERVED
@@ -34606,37 +34604,37 @@ CVE-2017-6522
 	RESERVED
 CVE-2017-6521
 	RESERVED
-CVE-2017-6520 (The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 ...)
+CVE-2017-6520
 	NOT-FOR-US: Multicast DNS (mDNS) responder used in BOSE Soundtouch 30
-CVE-2017-6519 (avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 ...)
+CVE-2017-6519
 	- avahi <unfixed> (unimportant; bug #917047)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1426712
 	NOTE: https://github.com/lathiat/avahi/issues/203
 	NOTE: https://github.com/lathiat/avahi/commit/e111def44a7df4624a4aa3f85fe98054bffb6b4f
-CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in ...)
+CVE-2017-6518
 	NOT-FOR-US: SanaCMS
-CVE-2017-6517 (Microsoft Skype 7.16.0.102 contains a vulnerability that could allow ...)
+CVE-2017-6517
 	NOT-FOR-US: Microsoft
-CVE-2017-6516 (A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo ...)
+CVE-2017-6516
 	NOT-FOR-US: MagniComp
 CVE-2017-6515
 	RESERVED
 CVE-2017-6514
 	RESERVED
-CVE-2017-6513 (The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before ...)
+CVE-2017-6513
 	NOT-FOR-US: Softaculous Virtualizor
-CVE-2017-6512 (Race condition in the rmtree and remove_tree functions in the ...)
+CVE-2017-6512
 	{DSA-3873-1 DLA-978-1}
 	- perl 5.24.1-3 (bug #863870)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=121951
 	NOTE: https://github.com/jkeenan/File-Path/commit/e5ef95276ee8ad471c66ee574a5d42552b3a6af2
-CVE-2017-6511 (andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in ...)
+CVE-2017-6511
 	NOT-FOR-US: FineCMS
-CVE-2017-6510 (Easy File Sharing FTP Server version 3.6 is vulnerable to a directory ...)
+CVE-2017-6510
 	NOT-FOR-US: Easy File Sharing FTP Server
-CVE-2017-6509 (Smith0r/burgundy-cms before 2017-03-06 is vulnerable to a reflected XSS ...)
+CVE-2017-6509
 	NOT-FOR-US: burgundy-cms
-CVE-2017-6507 (An issue was discovered in AppArmor before 2.12. Incorrect handling of ...)
+CVE-2017-6507
 	- apparmor 2.11.0-3 (bug #858768)
 	[jessie] - apparmor <no-dsa> (Minor issue)
 	[wheezy] - apparmor <no-dsa> (Experimental/unsupported feature)
@@ -34645,40 +34643,40 @@ CVE-2017-6507 (An issue was discovered in AppArmor before 2.12. Incorrect handli
 	NOTE: https://bugs.launchpad.net/apparmor/+bug/1668892
 	NOTE: affects only third-party rules, e.g. from Docker or LXC
 	NOTE: LXC in wheezy doesn't support proper isolation
-CVE-2017-6814 (In WordPress before 4.7.3, there is authenticated Cross-Site Scripting ...)
+CVE-2017-6814
 	{DSA-3815-1 DLA-860-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
-CVE-2017-6815 (In WordPress before 4.7.3 (wp-includes/pluggable.php), control ...)
+CVE-2017-6815
 	{DSA-3815-1 DLA-860-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
-CVE-2017-6816 (In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can ...)
+CVE-2017-6816
 	{DSA-3815-1 DLA-860-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/4d80f8b3e1b00a3edcee0774dc9c2f4c78f9e663
-CVE-2017-6817 (In WordPress before 4.7.3 (wp-includes/embed.php), there is ...)
+CVE-2017-6817
 	{DSA-3815-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	[wheezy] - wordpress <not-affected> (vulnerable code was introduced later)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
-CVE-2017-6818 (In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is ...)
+CVE-2017-6818
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	[jessie] - wordpress <not-affected> (Only affects 4.7.x)
 	[wheezy] - wordpress <not-affected> (Only affects 4.7.x)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/9092fd01e1f452f37c313d38b18f9fe6907541f9
-CVE-2017-6819 (In WordPress before 4.7.3, there is cross-site request forgery (CSRF) ...)
+CVE-2017-6819
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	[jessie] - wordpress <not-affected> (Only affects 4.2 and later)
 	[wheezy] - wordpress <not-affected> (Only affects 4.2 and later)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
-CVE-2017-6508 (CRLF injection vulnerability in the url_parse function in url.c in Wget ...)
+CVE-2017-6508
 	{DLA-851-1}
 	- wget 1.19.1-2 (bug #857073)
 	[buster] - wget 1.18-5
@@ -34686,52 +34684,52 @@ CVE-2017-6508 (CRLF injection vulnerability in the url_parse function in url.c i
 	[jessie] - wget 1.16-1+deb8u2
 	NOTE: http://lists.gnu.org/archive/html/bug-wget/2017-03/msg00018.html
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=4d729e322fae359a1aefaafec1144764a54e8ad4
-CVE-2017-6506 (In Azure Data Expert Ultimate 2.2.16, the SMTP verification function ...)
+CVE-2017-6506
 	NOT-FOR-US: Azure Data Expert Ultimate
-CVE-2017-6505 (The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka ...)
+CVE-2017-6505
 	{DLA-1497-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-4 (bug #856969)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb
-CVE-2017-6504 (WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options ...)
+CVE-2017-6504
 	{DLA-897-1}
 	- qbittorrent 3.3.7-3 (low; bug #856978)
 	[jessie] - qbittorrent <no-dsa> (Minor issue)
 	NOTE: https://github.com/qbittorrent/qBittorrent/commit/f5ad04766f4abaa78374ff03704316f8ce04627d
 	NOTE: Fixed upstream in 3.3.11
-CVE-2017-6503 (WebUI in qBittorrent before 3.3.11 did not escape many values, which ...)
+CVE-2017-6503
 	{DLA-897-1}
 	- qbittorrent 3.3.7-3 (low; bug #856977)
 	[jessie] - qbittorrent <no-dsa> (Minor issue)
 	NOTE: https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16
 	NOTE: Fixed upstream in 3.3.11
-CVE-2017-6502 (An issue was discovered in ImageMagick 6.9.7. A specially crafted webp ...)
+CVE-2017-6502
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #856883)
 	NOTE: webp is disable under Debian, cf. https://bugs.debian.org/856883#14
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df
-CVE-2017-6501 (An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf ...)
+CVE-2017-6501
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856881)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751
-CVE-2017-6500 (An issue was discovered in ImageMagick 6.9.7. A specially crafted sun ...)
+CVE-2017-6500
 	{DSA-3808-1 DLA-868-1}
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856879)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/375
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/376
-CVE-2017-6499 (An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially ...)
+CVE-2017-6499
 	{DSA-3808-1}
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856880)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=23&p=142634
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543
-CVE-2017-6498 (An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could ...)
+CVE-2017-6498
 	{DSA-3808-1 DLA-868-1}
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856878)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/359
-CVE-2017-6497 (An issue was discovered in ImageMagick 6.9.7. A specially crafted psd ...)
+CVE-2017-6497
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856882)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
@@ -34744,35 +34742,35 @@ CVE-2017-6494
 	RESERVED
 CVE-2017-6493
 	RESERVED
-CVE-2017-6492 (SQL Injection was discovered in ...)
+CVE-2017-6492
 	NOT-FOR-US: Admidio
-CVE-2017-6491 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI ...)
+CVE-2017-6491
 	NOT-FOR-US: EPESI
-CVE-2017-6490 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI ...)
+CVE-2017-6490
 	NOT-FOR-US: EPESI
-CVE-2017-6489 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI ...)
+CVE-2017-6489
 	NOT-FOR-US: EPESI
-CVE-2017-6488 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI ...)
+CVE-2017-6488
 	NOT-FOR-US: EPESI
-CVE-2017-6487 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI ...)
+CVE-2017-6487
 	NOT-FOR-US: EPESI
-CVE-2017-6486 (A Cross-Site Scripting (XSS) issue was discovered in reasoncms before ...)
+CVE-2017-6486
 	NOT-FOR-US: reasoncms
-CVE-2017-6485 (A Cross-Site Scripting (XSS) issue was discovered in php-calendar ...)
+CVE-2017-6485
 	NOT-FOR-US: PHP-Calendar
-CVE-2017-6484 (Multiple Cross-Site Scripting (XSS) issues were discovered in ...)
+CVE-2017-6484
 	NOT-FOR-US: INTER-Mediator
-CVE-2017-6483 (Multiple Cross-Site Scripting (XSS) issues were discovered in ATutor ...)
+CVE-2017-6483
 	NOT-FOR-US: ATutor
 CVE-2017-6482
 	REJECTED
-CVE-2017-6481 (Multiple Cross-Site Scripting (XSS) issues were discovered in phpipam ...)
+CVE-2017-6481
 	NOT-FOR-US: phpipam
-CVE-2017-6480 (groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS ...)
+CVE-2017-6480
 	NOT-FOR-US: cmsgroovel
-CVE-2017-6479 (FenixHosting/fenix-open-source before 2017-03-04 is vulnerable to a ...)
+CVE-2017-6479
 	NOT-FOR-US: FenixHosting (different than fenix game engine)
-CVE-2017-6478 (paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected ...)
+CVE-2017-6478
 	NOT-FOR-US: MaNGOSWebV4
 CVE-2017-6477
 	RESERVED
@@ -34780,87 +34778,87 @@ CVE-2017-6476
 	RESERVED
 CVE-2017-6475
 	RESERVED
-CVE-2017-6474 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler ...)
+CVE-2017-6474
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-07.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a998c9195f183d85f5b0bbeebba21a2d4d303d47
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13429
-CVE-2017-6473 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file ...)
+CVE-2017-6473
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-09.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7edc761a01cda8e1b37677f673985582330317d2
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13431
-CVE-2017-6472 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT ...)
+CVE-2017-6472
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-04.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2b3a0909beff8963b390034c594e0b6be6a4e531
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13347
-CVE-2017-6471 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP ...)
+CVE-2017-6471
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-05.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348
-CVE-2017-6470 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 ...)
+CVE-2017-6470
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-10.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0b89174ef4c531a1917437fff586fe525ee7bf2d
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13432
-CVE-2017-6469 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS ...)
+CVE-2017-6469
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-03.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f753c127082d5e28abf482d6d175cbfee6661f7
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13346
-CVE-2017-6468 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler ...)
+CVE-2017-6468
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-08.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9f3bc84b7e7e435c50b8b68f0fc526d0f5676cbf
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13430
-CVE-2017-6467 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler ...)
+CVE-2017-6467
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-11.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=284ad58d288722a8725401967bff0c4455488f0c
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12083
-CVE-2017-6466 (F-Secure Software Updater 2.20, as distributed in several F-Secure ...)
+CVE-2017-6466
 	NOT-FOR-US: F-Secure
-CVE-2017-6465 (Remote Code Execution was discovered in FTPShell Client 6.53. By ...)
+CVE-2017-6465
 	NOT-FOR-US: FTPShell Client
-CVE-2017-6464 (NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to ...)
+CVE-2017-6464
 	- ntp 1:4.2.8p10+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3389
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
-CVE-2017-6463 (NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote ...)
+CVE-2017-6463
 	- ntp 1:4.2.8p10+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3387
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
-CVE-2017-6462 (Buffer overflow in the legacy Datum Programmable Time Server (DPTS) ...)
+CVE-2017-6462
 	- ntp 1:4.2.8p10+dfsg-1 (unimportant)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3388
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
 	NOTE: Obscure legacy feature, no real impact
 CVE-2017-6461
 	REJECTED
-CVE-2017-6460 (Stack-based buffer overflow in the reslist function in ntpq in NTP ...)
+CVE-2017-6460
 	- ntp 1:4.2.8p10+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code not present)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3377
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
-CVE-2017-6459 (The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 ...)
+CVE-2017-6459
 	- ntp <not-affected> (NTP on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3382
-CVE-2017-6458 (Multiple buffer overflows in the ctl_put* functions in NTP before ...)
+CVE-2017-6458
 	- ntp 1:4.2.8p10+dfsg-1 (unimportant)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3379
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
@@ -34869,24 +34867,24 @@ CVE-2017-6457
 	REJECTED
 CVE-2017-6456
 	REJECTED
-CVE-2017-6455 (NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows ...)
+CVE-2017-6455
 	- ntp <not-affected> (NTP on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3384
 CVE-2017-6454
 	REJECTED
 CVE-2017-6453
 	REJECTED
-CVE-2017-6452 (Stack-based buffer overflow in the Windows installer for NTP before ...)
+CVE-2017-6452
 	- ntp <not-affected> (NTP on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3383
-CVE-2017-6451 (The mx4200_send function in the legacy MX4200 refclock in NTP before ...)
+CVE-2017-6451
 	- ntp <not-affected> (Vulnerable code not enabled at build time)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3378
 CVE-2017-6450
 	RESERVED
 CVE-2017-6449
 	RESERVED
-CVE-2017-6448 (The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 ...)
+CVE-2017-6448
 	{DLA-901-1}
 	[experimental] - radare2 1.3.0+dfsg-1
 	- radare2 1.1.0+dfsg-4 (bug #859447)
@@ -34895,13 +34893,13 @@ CVE-2017-6448 (The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in rad
 	NOTE: https://github.com/radare/radare2/issues/6885
 CVE-2017-6447
 	RESERVED
-CVE-2017-6446 (XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and ...)
+CVE-2017-6446
 	- dotclear <removed>
-CVE-2017-6445 (The auto-update feature of Open Embedded Linux Entertainment Center ...)
+CVE-2017-6445
 	NOT-FOR-US: OpenELEC
-CVE-2017-6444 (The MikroTik Router hAP Lite 6.25 has no protection mechanism for ...)
+CVE-2017-6444
 	NOT-FOR-US: MikroTik Router hAP Lite
-CVE-2017-6443 (Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 ...)
+CVE-2017-6443
 	NOT-FOR-US: EPSON TMNet WebConfig
 CVE-2017-XXXX [dns: out of bound memory read]
 	- suricata 3.2.1-1 (bug #856648)
@@ -34909,46 +34907,46 @@ CVE-2017-XXXX [dns: out of bound memory read]
 	[wheezy] - suricata <not-affected> (vulnerable code not present)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2022
 	NOTE: Fixed by: https://github.com/inliniac/suricata/commit/20990f7a7eb7939946a275dfc9a95426b0080a19 (3.2.1)
-CVE-2017-7177 (Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused ...)
+CVE-2017-7177
 	{DLA-1603-1 DLA-865-1}
 	- suricata 3.2.1-1 (bug #856649)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2019
 	NOTE: Fixed by: https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8 (3.2.1)
 CVE-2017-6442
 	RESERVED
-CVE-2017-6441 (** DISPUTED ** The _zval_get_long_func_ex in Zend/zend_operators.c in ...)
+CVE-2017-6441
 	NOTE: PHP bug without security relevance
-CVE-2017-6440 (The parse_data_node function in bplist.c in libimobiledevice libplist ...)
+CVE-2017-6440
 	- libplist 1.12+git+1+e37ca00-0.2 (bug #858055)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/99
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/dccd9290745345896e3a4a73154576a599fd8b7b
-CVE-2017-6439 (Heap-based buffer overflow in the parse_string_node function in ...)
+CVE-2017-6439
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/95
 	NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
-CVE-2017-6438 (Heap-based buffer overflow in the parse_unicode_node function in ...)
+CVE-2017-6438
 	- libplist 1.12+git+1+e37ca00-0.2 (bug #858786)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/98
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/dccd9290745345896e3a4a73154576a599fd8b7b
-CVE-2017-6437 (The base64encode function in base64.c in libimobiledevice libplist ...)
+CVE-2017-6437
 	- libplist 1.12+git+1+e37ca00-0.2 (bug #858787)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/100
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/dccd9290745345896e3a4a73154576a599fd8b7b
-CVE-2017-6436 (The parse_string_node function in bplist.c in libimobiledevice ...)
+CVE-2017-6436
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/94
 	NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
-CVE-2017-6435 (The parse_string_node function in bplist.c in libimobiledevice ...)
+CVE-2017-6435
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
 	[jessie] - libplist <no-dsa> (Minor issue)
@@ -34958,24 +34956,24 @@ CVE-2017-6434
 	RESERVED
 CVE-2017-6433
 	RESERVED
-CVE-2017-6432 (An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build ...)
+CVE-2017-6432
 	NOT-FOR-US: Dahua DVR
 CVE-2017-6431
 	RESERVED
-CVE-2017-6430 (The compile_tree function in ef_compiler.c in the Etterfilter utility ...)
+CVE-2017-6430
 	{DSA-3874-1}
 	- ettercap 1:0.8.2-4 (bug #857035)
 	NOTE: https://github.com/Ettercap/ettercap/issues/782
 	NOTE: Patch: https://github.com/LocutusOfBorg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506
-CVE-2017-6429 (Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 ...)
+CVE-2017-6429
 	- tcpreplay <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/appneta/tcpreplay/issues/278
 	NOTE: https://github.com/appneta/tcpreplay/commit/d689d14dbcd768c028eab2fb378d849e543dcfe9
 CVE-2017-6428
 	RESERVED
-CVE-2017-6427 (A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A ...)
+CVE-2017-6427
 	NOT-FOR-US: EvoStream Media Server
-CVE-2017-6849 (The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in ...)
+CVE-2017-6849
 	- libpodofo 0.9.5-9 (bug #861566)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -34984,7 +34982,7 @@ CVE-2017-6849 (The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcolorgraypdfcolorgray-pdfcolor-cpp
 	NOTE: https://sourceforge.net/p/podofo/tickets/8/
 	NOTE: Same fix as for CVE-2017-6845
-CVE-2017-6848 (The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in ...)
+CVE-2017-6848
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861565)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
@@ -34992,14 +34990,14 @@ CVE-2017-6848 (The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/9
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfxobjectpdfxobject-pdfxobject-cpp
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1846
-CVE-2017-6847 (The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ...)
+CVE-2017-6847
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861564)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/8
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfvariantdelayedload-pdfvariant-h
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1846
-CVE-2017-6846 (The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace ...)
+CVE-2017-6846
 	- libpodofo 0.9.5-9 (bug #861563)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35008,7 +35006,7 @@ CVE-2017-6846 (The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpac
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementsetnonstrokingcolorspace-graphicsstack-h/
 	NOTE: https://sourceforge.net/p/podofo/tickets/9/
 	NOTE: Same fix as for CVE-2017-6845
-CVE-2017-6845 (The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo ...)
+CVE-2017-6845
 	- libpodofo 0.9.5-9 (bug #861562)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35019,14 +35017,14 @@ CVE-2017-6845 (The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/6
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1892
-CVE-2017-6844 (Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function ...)
+CVE-2017-6844
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #861561)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/5
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
-CVE-2017-6843 (Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad ...)
+CVE-2017-6843
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861560)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35034,7 +35032,7 @@ CVE-2017-6843 (Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-heap-based-buffer-overflow-in-podofopdfvariantdelayedload-pdfvariant-h
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1844
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1845
-CVE-2017-6842 (The ColorChanger::GetColorFromStack function in colorchanger.cpp in ...)
+CVE-2017-6842
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861559)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35042,7 +35040,7 @@ CVE-2017-6842 (The ColorChanger::GetColorFromStack function in colorchanger.cpp
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-colorchangergetcolorfromstack-colorchanger-cpp
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1844
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1845
-CVE-2017-6841 (The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement ...)
+CVE-2017-6841
 	- libpodofo 0.9.5-9 (bug #861558)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35051,7 +35049,7 @@ CVE-2017-6841 (The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementtgraphicsstackelement-graphicsstack-h
 	NOTE: https://sourceforge.net/p/podofo/tickets/10/
 	NOTE: Same fix as for CVE-2017-6845
-CVE-2017-6840 (The ColorChanger::GetColorFromStack function in colorchanger.cpp in ...)
+CVE-2017-6840
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861557)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35059,19 +35057,19 @@ CVE-2017-6840 (The ColorChanger::GetColorFromStack function in colorchanger.cpp
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-invalid-memory-read-in-colorchangergetcolorfromstack-colorchanger-cpp
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1844
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1845
-CVE-2017-6426 (An information disclosure vulnerability in the Qualcomm SPMI driver. ...)
+CVE-2017-6426
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-6425 (An information disclosure vulnerability in the Qualcomm video driver. ...)
+CVE-2017-6425
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-6424 (An elevation of privilege vulnerability in the Qualcomm WiFi driver. ...)
+CVE-2017-6424
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-6423 (An elevation of privilege vulnerability in the Qualcomm kyro L2 ...)
+CVE-2017-6423
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-6422
 	RESERVED
-CVE-2017-6421 (In the touch controller function in all Qualcomm products with Android ...)
+CVE-2017-6421
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...)
+CVE-2017-6420
 	{DLA-1261-1 DLA-1105-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -35079,7 +35077,7 @@ CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 al
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11798
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/60671e3deb1df6c626e5c7e13752c2eec1649f98
-CVE-2017-6419 (mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows ...)
+CVE-2017-6419
 	{DSA-3946-1 DLA-1279-1}
 	- libmspack 0.6-1 (bug #871263)
 	- clamav 0.99.3~beta1+dfsg-1 (unimportant)
@@ -35091,93 +35089,93 @@ CVE-2017-6419 (mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, al
 	NOTE: have libmspack and thus need to have the fix as well in the
 	NOTE: src:clamav source package.
 	NOTE: libmspack: https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229
-CVE-2017-6418 (libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a ...)
+CVE-2017-6418
 	{DLA-1261-1 DLA-1105-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
 	[jessie] - clamav 0.99.2+dfsg-0+deb8u3
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11797
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c
-CVE-2017-6417 (Code injection vulnerability in Avira Total Security Suite 15.0 (and ...)
+CVE-2017-6417
 	NOT-FOR-US: Avira Total Security Suite
-CVE-2017-6416 (An issue was discovered in SysGauge 1.5.18. A buffer overflow ...)
+CVE-2017-6416
 	NOT-FOR-US: SysGauge
-CVE-2017-6415 (The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...)
+CVE-2017-6415
 	- radare2 1.1.0+dfsg-3 (bug #856572)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	NOTE: https://github.com/radare/radare2/issues/6872
 	NOTE: https://github.com/radare/radare2/commit/252afb1cff9676f3ae1f341a28448bf2c8b6e308
-CVE-2017-6414 (Memory leak in the vcard_apdu_new function in card_7816.c in libcacard ...)
+CVE-2017-6414
 	- libcacard 1:2.5.0-3 (bug #856501)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/libcacard/commit/?id=9113dc6a303604a2d9812ac70c17d076ef11886c
-CVE-2017-6413 (The &quot;OpenID Connect Relying Party and OAuth 2.0 Resource Server&quot; (aka ...)
+CVE-2017-6413
 	- libapache2-mod-auth-openidc 2.1.6-1
 	[jessie] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
 	NOTE: https://github.com/pingidentity/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e
-CVE-2017-6412 (In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could ...)
+CVE-2017-6412
 	NOT-FOR-US: Sophos
-CVE-2017-6411 (Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 ...)
+CVE-2017-6411
 	NOT-FOR-US: D-Link
-CVE-2017-6410 (kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls ...)
+CVE-2017-6410
 	{DSA-3849-1 DLA-952-1}
 	- kio 5.28.0-2 (bug #856889)
 	- kde4libs 4:4.14.26-2 (bug #856890)
 	NOTE: https://www.kde.org/info/security/advisory-20170228-1.txt
 	NOTE: Patch for kio: https://commits.kde.org/kio/f9d0cb47cf94e209f6171ac0e8d774e68156a6e4
 	NOTE: Patch for kde4libs: https://commits.kde.org/kdelibs/1804c2fde7bf4e432c6cf5bb8cce5701c7010559
-CVE-2017-6409 (An issue was discovered in Veritas NetBackup 8.0 and earlier and ...)
+CVE-2017-6409
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6408 (An issue was discovered in Veritas NetBackup 8.0 and earlier and ...)
+CVE-2017-6408
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6407 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup ...)
+CVE-2017-6407
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6406 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup ...)
+CVE-2017-6406
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6405 (An issue was discovered in Veritas NetBackup 8.0 and earlier and ...)
+CVE-2017-6405
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6404 (An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup ...)
+CVE-2017-6404
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6403 (An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup ...)
+CVE-2017-6403
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6402 (An issue was discovered in Veritas NetBackup 8.0 and earlier and ...)
+CVE-2017-6402
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6401 (An issue was discovered in Veritas NetBackup before 8.0 and NetBackup ...)
+CVE-2017-6401
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6400 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup ...)
+CVE-2017-6400
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6399 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup ...)
+CVE-2017-6399
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6398 (An issue was discovered in Trend Micro InterScan Messaging Security ...)
+CVE-2017-6398
 	NOT-FOR-US: Trend Micro
-CVE-2017-6397 (An issue was discovered in FlightAirMap v1.0-beta.10. The vulnerability ...)
+CVE-2017-6397
 	NOT-FOR-US: FlightAirMap
-CVE-2017-6396 (An issue was discovered in WPO-Foundation WebPageTest 3.0. The ...)
+CVE-2017-6396
 	NOT-FOR-US: WPO-Foundation WebPageTest
-CVE-2017-6395 (An issue was discovered in HashOver 2.0. The vulnerability exists due ...)
+CVE-2017-6395
 	NOT-FOR-US: HashOveer
-CVE-2017-6394 (Multiple Cross-Site Scripting (XSS) issues were discovered in OpenEMR ...)
+CVE-2017-6394
 	NOT-FOR-US: OpenEMR
-CVE-2017-6393 (An issue was discovered in NagVis 1.9b12. The vulnerability exists due ...)
+CVE-2017-6393
 	- nagvis <not-affected> (Vulnerable code introduced in nagvis-1.8.0)
 	NOTE: https://github.com/NagVis/nagvis/issues/91
-CVE-2017-6392 (An issue was discovered in Kaltura server Lynx-12.11.0. The ...)
+CVE-2017-6392
 	NOT-FOR-US: Kaltura server
-CVE-2017-6391 (An issue was discovered in Kaltura server Lynx-12.11.0. The ...)
+CVE-2017-6391
 	NOT-FOR-US: Kaltura server
-CVE-2017-6390 (An issue was discovered in whatanime.ga before ...)
+CVE-2017-6390
 	NOT-FOR-US: whatanime.ga
 CVE-2017-6389
 	RESERVED
 CVE-2017-6388
 	RESERVED
-CVE-2017-6387 (The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 ...)
+CVE-2017-6387
 	- radare2 1.1.0+dfsg-3 (bug #856574)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present)
 	[wheezy] - radare2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/ead645853a63bf83d8386702cad0cf23b31d7eeb
 	NOTE: https://github.com/radare/radare2/issues/6857
-CVE-2017-6386 (Memory leak in the vrend_create_vertex_elements_state function in ...)
+CVE-2017-6386
 	- virglrenderer 0.6.0-2 (bug #858255; bug #872884)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=737c3350850ca4dbc5633b3bdb4118176ce59920
 CVE-2017-6385
@@ -35186,17 +35184,17 @@ CVE-2017-6383
 	REJECTED
 CVE-2017-6382
 	RESERVED
-CVE-2017-6381 (A 3rd party development library including with Drupal 8 development ...)
+CVE-2017-6381
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-2017-001
 CVE-2017-6380
 	RESERVED
-CVE-2017-6379 (Some administrative paths in Drupal 8.2.x before 8.2.7 did not include ...)
+CVE-2017-6379
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-2017-001
 CVE-2017-6378
 	RESERVED
-CVE-2017-6377 (When adding a private file via the editor in Drupal 8.2.x before ...)
+CVE-2017-6377
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-2017-001
 CVE-2017-6376
@@ -35211,9 +35209,9 @@ CVE-2017-6372
 	RESERVED
 CVE-2017-6371
 	RESERVED
-CVE-2017-6370 (TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in ...)
+CVE-2017-6370
 	NOT-FOR-US: Typo3
-CVE-2017-6369 (Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 ...)
+CVE-2017-6369
 	{DSA-3824-1 DLA-879-1}
 	- firebird2.5 <unfixed> (bug #858641)
 	- firebird3.0 3.0.1.32609.ds4-14 (bug #858644)
@@ -35223,9 +35221,9 @@ CVE-2017-6369 (Insufficient checks in the UDF subsystem in Firebird 2.5.x before
 	NOTE: https://github.com/FirebirdSQL/firebird/commit/a802126cd501f641f00d6cda12d5d9ee3ecda6f5 (2.5)
 CVE-2017-6368
 	RESERVED
-CVE-2017-6367 (In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the ...)
+CVE-2017-6367
 	NOT-FOR-US: Cerberus FTP Server
-CVE-2017-6366 (Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 ...)
+CVE-2017-6366
 	NOT-FOR-US: Netgear
 CVE-2017-6365
 	RESERVED
@@ -35233,85 +35231,85 @@ CVE-2017-6364
 	RESERVED
 CVE-2017-6363
 	RESERVED
-CVE-2017-6362 (Double free vulnerability in the gdImagePngPtr function in libgd2 ...)
+CVE-2017-6362
 	{DSA-3961-1 DLA-1106-1}
 	- libgd2 2.2.5-1
 	NOTE: https://github.com/libgd/libgd/issues/381
 	NOTE: https://github.com/libgd/libgd/commit/56ce6ef068b954ad28379e83cca04feefc51320c
-CVE-2017-6361 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute ...)
+CVE-2017-6361
 	NOT-FOR-US: QNAP
-CVE-2017-6360 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain ...)
+CVE-2017-6360
 	NOT-FOR-US: QNAP
-CVE-2017-6359 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain ...)
+CVE-2017-6359
 	NOT-FOR-US: QNAP
 CVE-2017-6358
 	RESERVED
 CVE-2017-6357
 	RESERVED
-CVE-2017-6356 (Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 ...)
+CVE-2017-6356
 	NOT-FOR-US: Palo Alto Networks Terminal Services
-CVE-2017-6355 (Integer overflow in the vrend_create_shader function in ...)
+CVE-2017-6355
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6 (0.6.0)
 CVE-2017-6354
 	RESERVED
 CVE-2017-6352
 	RESERVED
-CVE-2017-6351 (The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer ...)
+CVE-2017-6351
 	NOT-FOR-US: WePresent WiPG-1500
-CVE-2017-6350 (An integer overflow at an unserialize_uep memory allocation site would ...)
+CVE-2017-6350
 	{DLA-850-1}
 	- vim 2:8.0.0197-3 (bug #856266)
 	[jessie] - vim 2:7.4.488-7+deb8u3
 	- neovim 0.1.7-4
 	NOTE: Fixed by: https://github.com/vim/vim/commit/0c8485f0e4931463c0f7986e1ea84a7d79f10c75
-CVE-2017-6349 (An integer overflow at a u_read_undo memory allocation site would occur ...)
+CVE-2017-6349
 	{DLA-850-1}
 	- vim 2:8.0.0197-3 (bug #856266)
 	[jessie] - vim 2:7.4.488-7+deb8u3
 	- neovim 0.1.7-4
 	NOTE: Fixed by: https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c
-CVE-2017-6344 (XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows ...)
+CVE-2017-6344
 	NOT-FOR-US: Grails PDF plugin
-CVE-2017-6343 (The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware ...)
+CVE-2017-6343
 	NOT-FOR-US: Dahua devices
-CVE-2017-6342 (An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR ...)
+CVE-2017-6342
 	NOT-FOR-US: Dahua devices
-CVE-2017-6341 (Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 ...)
+CVE-2017-6341
 	NOT-FOR-US: Dahua devices
-CVE-2017-6340 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before ...)
+CVE-2017-6340
 	NOT-FOR-US: Trend Micro
-CVE-2017-6339 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before ...)
+CVE-2017-6339
 	NOT-FOR-US: Trend Micro
-CVE-2017-6338 (Multiple Access Control issues in Trend Micro InterScan Web Security ...)
+CVE-2017-6338
 	NOT-FOR-US: Trend Micro
 CVE-2017-6337
 	RESERVED
 CVE-2017-6336
 	RESERVED
-CVE-2017-6334 (dnslookup.cgi on NETGEAR DGN2200 devices with firmware through ...)
+CVE-2017-6334
 	NOT-FOR-US: NETGEAR
 CVE-2017-6333
 	RESERVED
 CVE-2017-6332
 	RESERVED
-CVE-2017-6331 (Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter ...)
+CVE-2017-6331
 	NOT-FOR-US: Symantec
-CVE-2017-6330 (Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote ...)
+CVE-2017-6330
 	NOT-FOR-US: Symantec
-CVE-2017-6329 (Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a ...)
+CVE-2017-6329
 	NOT-FOR-US: Symantec
-CVE-2017-6328 (The Symantec Messaging Gateway before 10.6.3-267 can encounter an ...)
+CVE-2017-6328
 	NOT-FOR-US: Symantec
-CVE-2017-6327 (The Symantec Messaging Gateway before 10.6.3-267 can encounter an ...)
+CVE-2017-6327
 	NOT-FOR-US: Symantec
-CVE-2017-6326 (The Symantec Messaging Gateway can encounter an issue of remote code ...)
+CVE-2017-6326
 	NOT-FOR-US: Symantec
-CVE-2017-6325 (The Symantec Messaging Gateway can encounter a file inclusion ...)
+CVE-2017-6325
 	NOT-FOR-US: Symantec
-CVE-2017-6324 (The Symantec Messaging Gateway, when processing a specific email ...)
+CVE-2017-6324
 	NOT-FOR-US: Symantec
-CVE-2017-6323 (The Symantec Management Console prior to ITMS 8.1 RU1, ITMS ...)
+CVE-2017-6323
 	NOT-FOR-US: Symantec
 CVE-2017-6322
 	RESERVED
@@ -35320,55 +35318,55 @@ CVE-2017-XXXX [scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.
 	NOTE: https://blogs.gentoo.org/ago/2017/02/25/pax-utils-scanelf-out-of-bounds-read-in-scanelf_file_get_symtabs-scanelf-c-2/
 	NOTE: https://github.com/gentoo/pax-utils/commit/e577c5b7e230c52e5fc4fa40e4e9014c634b3c1d
 	NOTE: https://github.com/gentoo/pax-utils/commit/858939ea6ad63f1acb4ec74bba705c197a67d559
-CVE-2017-6353 (net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly ...)
+CVE-2017-6353
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: https://marc.info/?l=linux-netdev&m=148785309416337&w=2
-CVE-2017-6348 (The hashbin_delete function in net/irda/irqueue.c in the Linux kernel ...)
+CVE-2017-6348
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/4c03b862b12f980456f9de92db6d508a4999b788
-CVE-2017-6347 (The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the ...)
+CVE-2017-6347
 	- linux 4.9.13-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.0)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 4.0)
 	NOTE: Fixed by: https://git.kernel.org/linus/ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32
-CVE-2017-6346 (Race condition in net/packet/af_packet.c in the Linux kernel before ...)
+CVE-2017-6346
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d199fab63c11998a602205f7ee7ff7c05c97164b
-CVE-2017-6345 (The LLC subsystem in the Linux kernel before 4.9.13 does not ensure ...)
+CVE-2017-6345
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8b74d439e1697110c5e5c600643e823eb1dd0762
 CVE-2017-6321
 	RESERVED
-CVE-2017-6320 (A remote command injection vulnerability exists in the Barracuda Load ...)
+CVE-2017-6320
 	NOT-FOR-US: Barracuda
-CVE-2017-6319 (The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...)
+CVE-2017-6319
 	- radare2 1.1.0+dfsg-3 (bug #856579)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	NOTE: https://github.com/radare/radare2/issues/6836
 	NOTE: https://github.com/radare/radare2/commit/ad55822430a03fe075221b543efb434567e9e431
-CVE-2017-6318 (saned in sane-backends 1.0.25 allows remote attackers to obtain ...)
+CVE-2017-6318
 	{DLA-940-1}
 	- sane-backends 1.0.25-4 (low; bug #854804)
 	[jessie] - sane-backends 1.0.24-8+deb8u2
 	NOTE: Upstream patch: https://anonscm.debian.org/cgit/sane/sane-backends.git/commit/frontend/saned.c?id=42896939822b44f44ecd1b6d35afdfa4473ed35d
-CVE-2017-6316 (Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote ...)
+CVE-2017-6316
 	NOT-FOR-US: Citrix
-CVE-2017-6315 (Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute ...)
+CVE-2017-6315
 	NOT-FOR-US: Astaro
-CVE-2017-6335 (The QuantumTransferMode function in coders/tiff.c in GraphicsMagick ...)
+CVE-2017-6335
 	{DLA-1456-1}
 	- graphicsmagick 1.3.25-8
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: https://sourceforge.net/p/graphicsmagick/code/ci/6156b4c2992d855ece6079653b3b93c3229fc4b8/
-CVE-2017-6317 (Memory leak in the add_shader_program function in vrend_renderer.c in ...)
+CVE-2017-6317
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4 (0.6.0)
-CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf allows ...)
+CVE-2017-6314
 	- gdk-pixbuf 2.36.11-2 (low; bug #856448)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
 	[jessie] - gdk-pixbuf <ignored> (Minor issue)
@@ -35376,7 +35374,7 @@ CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf a
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779020
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=1e513abdb55529f888233d3c96b27352d83aad5f
-CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in ...)
+CVE-2017-6313
 	- gdk-pixbuf 2.36.11-2 (low; bug #856445)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
 	[jessie] - gdk-pixbuf <ignored> (Minor issue)
@@ -35385,7 +35383,7 @@ CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=210b16399a492d05efb209615a143920b24251f4
 	NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=4cc39d479356b6b09e3d62a0f3ab424db6c266d8
-CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent ...)
+CVE-2017-6312
 	- gdk-pixbuf 2.36.11-2 (low; bug #856444)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
 	[jessie] - gdk-pixbuf <ignored> (Minor issue)
@@ -35394,7 +35392,7 @@ CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-depende
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=dec9ca22d70c0f0d4492333b4e8147afb038afd2
 	NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=a6303ad765882555cf1b278a09be5f9e4cf3a39d
-CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent ...)
+CVE-2017-6311
 	- gdk-pixbuf 2.36.10-1 (bug #858491; unimportant)
 	[jessie] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
 	[wheezy] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
@@ -35405,134 +35403,134 @@ CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent .
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=57362ed4c1f37c05723e25e136327e262f32d35f
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=758655315bc3760c2d646e1e935f7448847073af
 	NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=67a02e1bfef1ae8f7fa50ca36f6d922c1b6d3ed6
-CVE-2017-6310 (An issue was discovered in tnef before 1.4.13. Four type confusions ...)
+CVE-2017-6310
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
 	NOTE: regression fixed by: https://github.com/verdammelt/tnef/commit/9c4015433ecd3177976f820f7aa524c7e64c7c92
 	NOTE: regression fixed by: https://github.com/verdammelt/tnef/commit/c0b99164d14dcc61348a2ddffd47dfe31d087bad
-CVE-2017-6309 (An issue was discovered in tnef before 1.4.13. Two type confusions have ...)
+CVE-2017-6309
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
-CVE-2017-6308 (An issue was discovered in tnef before 1.4.13. Several Integer ...)
+CVE-2017-6308
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/c5044689e50039635e7700fe2472fd632ac77176
-CVE-2017-6307 (An issue was discovered in tnef before 1.4.13. Two OOB Writes have been ...)
+CVE-2017-6307
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/1a17af1ed0c791aec44dbdc9eab91218cc1e335a
-CVE-2017-6306 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6306
 	{DSA-3846-1}
 	- libytnef 1.9.1-1
 	[wheezy] - libytnef <not-affected> (vulnerable code not present)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6305 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6305
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6304 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6304
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6303 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6303
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6302 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6302
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6301 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6301
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6300 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6300
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6299 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6299
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6298 (An issue was discovered in ytnef before 1.9.1. This is related to a ...)
+CVE-2017-6298
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6297 (The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does ...)
+CVE-2017-6297
 	NOT-FOR-US: MikroTik RouterOS
-CVE-2017-6296 (NVIDIA TrustZone Software contains a TOCTOU issue in the DRM ...)
+CVE-2017-6296
 	NOT-FOR-US: NVIDIA
-CVE-2017-6295 (NVIDIA TrustZone Software contains a vulnerability in the Keymaster ...)
+CVE-2017-6295
 	NOT-FOR-US: NVIDIA
-CVE-2017-6294 (In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 ...)
+CVE-2017-6294
 	NOT-FOR-US: NVIDIA
-CVE-2017-6293 (In Android before the 2018-05-05 security patch level, NVIDIA Tegra X1 ...)
+CVE-2017-6293
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6292 (In Android before the 2018-06-05 security patch level, NVIDIA TLZ ...)
+CVE-2017-6292
 	NOT-FOR-US: NVIDIA
 CVE-2017-6291
 	RESERVED
-CVE-2017-6290 (In Android before the 2018-06-05 security patch level, NVIDIA TLK ...)
+CVE-2017-6290
 	NOT-FOR-US: NVIDIA
-CVE-2017-6289 (In Android before the 2018-05-05 security patch level, NVIDIA Trusted ...)
+CVE-2017-6289
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6288 (NVIDIA libnvrm contains a possible out of bounds read due to a missing ...)
+CVE-2017-6288
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6287 (NVIDIA libnvrm contains a possible out of bounds read due to a missing ...)
+CVE-2017-6287
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6286 (NVIDIA libnvomx contains a possible out of bounds write due to a ...)
+CVE-2017-6286
 	NOT-FOR-US: NVIDIA
-CVE-2017-6285 (NVIDIA libnvrm contains a possible out of bounds read due to a missing ...)
+CVE-2017-6285
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6284 (NVIDIA Security Engine contains a vulnerability in the Deterministic ...)
+CVE-2017-6284
 	NOT-FOR-US: NVIDIA
-CVE-2017-6283 (NVIDIA Security Engine contains a vulnerability in the RSA function ...)
+CVE-2017-6283
 	NOT-FOR-US: NVIDIA
-CVE-2017-6282 (NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an ...)
+CVE-2017-6282
 	NOT-FOR-US: NVIDIA
-CVE-2017-6281 (NVIDIA libnvomx contains a possible out of bounds write due to a ...)
+CVE-2017-6281
 	NOT-FOR-US: NVIDIA
-CVE-2017-6280 (NVIDIA driver contains a possible out-of-bounds read vulnerability due ...)
+CVE-2017-6280
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6279 (NVIDIA libnvmmlite_audio.so contains an elevation of privilege ...)
+CVE-2017-6279
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6278 (NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal ...)
+CVE-2017-6278
 	NOT-FOR-US: NVIDIA Tegra
-CVE-2017-6277 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6277
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6276 (NVIDIA mediaserver contains a vulnerability where it is possible a use ...)
+CVE-2017-6276
 	NOT-FOR-US: NVIDIA
-CVE-2017-6275 (An information disclosure vulnerability exists in the Thermal Driver, ...)
+CVE-2017-6275
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-6274 (An elevation of Privilege vulnerability exists in the Thermal Driver, ...)
+CVE-2017-6274
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-6273 (NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader ...)
+CVE-2017-6273
 	NOT-FOR-US: NVIDIA ADSP Firmware
-CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
+CVE-2017-6272
 	[experimental] - nvidia-graphics-drivers 384.90-1
 	- nvidia-graphics-drivers 384.98-2 (bug #876414)
 	[stretch] - nvidia-graphics-drivers 384.130-1
@@ -35545,15 +35543,15 @@ CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6271 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6271
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6270 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6270
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6269 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6269
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6268 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6268
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6267 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
+CVE-2017-6267
 	[experimental] - nvidia-graphics-drivers 384.90-1
 	- nvidia-graphics-drivers 384.98-2 (bug #876414)
 	[stretch] - nvidia-graphics-drivers 384.130-1
@@ -35566,7 +35564,7 @@ CVE-2017-6267 (NVIDIA GPU Display Driver contains a vulnerability in the kernel
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
+CVE-2017-6266
 	[experimental] - nvidia-graphics-drivers 384.90-1
 	- nvidia-graphics-drivers 384.98-2 (bug #876414)
 	[stretch] - nvidia-graphics-drivers 384.130-1
@@ -35581,51 +35579,51 @@ CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the kernel
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
 CVE-2017-6265
 	RESERVED
-CVE-2017-6264 (An elevation of privilege vulnerability exists in the NVIDIA GPU ...)
+CVE-2017-6264
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-6263 (NVIDIA driver contains a vulnerability where it is possible a use ...)
+CVE-2017-6263
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-6262 (NVIDIA driver contains a vulnerability where it is possible a use ...)
+CVE-2017-6262
 	NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-6261
 	RESERVED
-CVE-2017-6260 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6260
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6259 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
+CVE-2017-6259
 	- nvidia-graphics-drivers 375.82-1 (bug #869783)
 	[stretch] - nvidia-graphics-drivers 375.82-1~deb9u1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Limited to E384 and E375)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Limited to E384 and E375)
-CVE-2017-6258 (NVIDIA libnvmmlite_audio.so contains an elevation of privilege ...)
+CVE-2017-6258
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6257 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
+CVE-2017-6257
 	- nvidia-graphics-drivers 375.82-1 (bug #869783)
 	[stretch] - nvidia-graphics-drivers 375.82-1~deb9u1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Limited to E384 and E375)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Limited to E384 and E375)
-CVE-2017-6256 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6256
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6255 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6255
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6254 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6254
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6253 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6253
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6252
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2017-6251
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6250 (NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web ...)
+CVE-2017-6250
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2017-6249 (An elevation of privilege vulnerability in the NVIDIA sound driver ...)
+CVE-2017-6249
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-6248 (An elevation of privilege vulnerability in the NVIDIA sound driver ...)
+CVE-2017-6248
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-6247 (An elevation of privilege vulnerability in the NVIDIA sound driver ...)
+CVE-2017-6247
 	NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-6246
 	RESERVED
@@ -35659,21 +35657,21 @@ CVE-2017-6232
 	RESERVED
 CVE-2017-6231
 	RESERVED
-CVE-2017-6230 (Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus ...)
+CVE-2017-6230
 	NOT-FOR-US: Ruckus Networks firmware
-CVE-2017-6229 (Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and ...)
+CVE-2017-6229
 	NOT-FOR-US: Ruckus Networks firmware
 CVE-2017-6228
 	RESERVED
-CVE-2017-6227 (A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN ...)
+CVE-2017-6227
 	NOT-FOR-US: Brocade
 CVE-2017-6226
 	RESERVED
-CVE-2017-6225 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+CVE-2017-6225
 	NOT-FOR-US: Brocade
-CVE-2017-6224 (Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ...)
+CVE-2017-6224
 	NOT-FOR-US: Ruckus
-CVE-2017-6223 (Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ...)
+CVE-2017-6223
 	NOT-FOR-US: Ruckus
 CVE-2017-6222
 	RESERVED
@@ -35689,31 +35687,31 @@ CVE-2017-6217
 	RESERVED
 CVE-2017-6216
 	RESERVED
-CVE-2017-6215 (paypal/permissions-sdk-php is vulnerable to reflected XSS in the ...)
+CVE-2017-6215
 	NOT-FOR-US: PayPal permissions-sdk-php
-CVE-2017-6213 (paypal/invoice-sdk-php is vulnerable to reflected XSS in ...)
+CVE-2017-6213
 	NOT-FOR-US: PayPal invoice-sdk-php
 CVE-2017-6212
 	REJECTED
-CVE-2017-6211 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2017-6211
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-6214 (The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel ...)
+CVE-2017-6214
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ccf7abb93af09ad0868ae9033d1ca8108bdaec82 (v4.10-rc8)
-CVE-2017-6210 (The vrend_decode_reset function in vrend_decode.c in virglrenderer ...)
+CVE-2017-6210
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab (0.6.0)
-CVE-2017-6209 (Stack-based buffer overflow in the parse_identifier function in ...)
+CVE-2017-6209
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=e534b51ca3c3cd25f3990589932a9ed711c59b27 (0.6.0)
 CVE-2017-6208
 	RESERVED
 CVE-2017-6207
 	REJECTED
-CVE-2017-6206 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, ...)
+CVE-2017-6206
 	NOT-FOR-US: D-Link
-CVE-2017-6205 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, ...)
+CVE-2017-6205
 	NOT-FOR-US: D-Link
 CVE-2017-6204
 	RESERVED
@@ -35721,15 +35719,15 @@ CVE-2017-6203
 	RESERVED
 CVE-2017-6202
 	RESERVED
-CVE-2017-6201 (A Server Side Request Forgery vulnerability exists in the install app ...)
+CVE-2017-6201
 	NOT-FOR-US: Sandstorm
-CVE-2017-6200 (Sandstorm before build 0.203 allows remote attackers to read any ...)
+CVE-2017-6200
 	NOT-FOR-US: Sandstorm
-CVE-2017-6199 (A remote attacker could bypass the Sandstorm organization restriction ...)
+CVE-2017-6199
 	NOT-FOR-US: Sandstorm
-CVE-2017-6198 (The Supervisor in Sandstorm doesn't set and enforce the resource ...)
+CVE-2017-6198
 	NOT-FOR-US: Sandstorm
-CVE-2017-6197 (The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 ...)
+CVE-2017-6197
 	{DLA-837-1}
 	- radare2 1.1.0+dfsg-2 (bug #856063)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -35739,53 +35737,53 @@ CVE-2017-6197 (The r_read_* functions in libr/include/r_endian.h in radare2 1.2.
 	NOTE: The NULL pointer dereferences are still triggerable, via the shown
 	NOTE: vector and seen under valgrind. It might be disputable if that is the
 	NOTE: same vulnerability though.
-CVE-2017-6196 (Multiple use-after-free vulnerabilities in the gx_image_enum_begin ...)
+CVE-2017-6196
 	- ghostscript <not-affected> (Issue introduced later, cf. bug #856142)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697596
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;h=ecceafe3abba2714ef9b432035fe0739d9b1a283
 	NOTE: Possibly introduced only after http://git.ghostscript.com/?p=ghostpdl.git;h=cffb5712bc10c2c2f46adf311fc74aaae74cb784
-CVE-2017-6195 (Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind ...)
+CVE-2017-6195
 	NOT-FOR-US: Ipswitch MOVEit Transfer
-CVE-2017-6194 (The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows ...)
+CVE-2017-6194
 	[experimental] - radare2 1.3.0+dfsg-1
 	- radare2 1.1.0+dfsg-4 (bug #859448)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present)
 	[wheezy] - radare2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18 (1.3.0-git)
 	NOTE: https://github.com/radare/radare2/issues/6829
-CVE-2017-6193 (Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to ...)
+CVE-2017-6193
 	NOT-FOR-US: APNGDis
-CVE-2017-6192 (Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers ...)
+CVE-2017-6192
 	NOT-FOR-US: APNGDis
-CVE-2017-6191 (Buffer overflow in APNGDis 2.8 and below allows a remote attacker to ...)
+CVE-2017-6191
 	NOT-FOR-US: APNGDis
-CVE-2017-6190 (Directory traversal vulnerability in the web interface on the D-Link ...)
+CVE-2017-6190
 	NOT-FOR-US: D-Link
-CVE-2017-6189 (Untrusted search path vulnerability in Amazon Kindle for PC before ...)
+CVE-2017-6189
 	NOT-FOR-US: Amazon Kindle
-CVE-2017-6187 (Buffer overflow in the built-in web server in DiskSavvy Enterprise ...)
+CVE-2017-6187
 	NOT-FOR-US: DiskSavvy Enterprise
-CVE-2017-6186 (Code injection vulnerability in Bitdefender Total Security 12.0 (and ...)
+CVE-2017-6186
 	NOT-FOR-US: Bitdefender
 CVE-2017-6185
 	RESERVED
-CVE-2017-6184 (In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the ...)
+CVE-2017-6184
 	NOT-FOR-US: Sophos
-CVE-2017-6183 (In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the ...)
+CVE-2017-6183
 	NOT-FOR-US: Sophos
-CVE-2017-6182 (In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the ...)
+CVE-2017-6182
 	NOT-FOR-US: Sophos
-CVE-2017-6181 (The parse_char_class function in regparse.c in the Onigmo (aka ...)
+CVE-2017-6181
 	- ruby2.3 <not-affected> (Introduced in v2_4_0_rc1)
 	- ruby2.1 <not-affected> (Introduced in v2_4_0_rc1)
 	NOTE: Introduced by: https://github.com/ruby/ruby/commit/2873edeafb6f6df1fc99bb9b1167591b99dd378c
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/ea940cc4dcff8d6c345d7015eda0bf06671f87e9
 	NOTE: https://bugs.ruby-lang.org/issues/13234
-CVE-2017-6180 (Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery ...)
+CVE-2017-6180
 	NOT-FOR-US: Keekoon KK002 devices
 CVE-2017-6179
 	RESERVED
-CVE-2017-6178 (The IofCallDriver function in USBPcap 1.1.0.0 allows local users to ...)
+CVE-2017-6178
 	NOT-FOR-US: USBPcap
 CVE-2017-6177
 	REJECTED
@@ -35803,97 +35801,97 @@ CVE-2017-6171
 	REJECTED
 CVE-2017-6170
 	REJECTED
-CVE-2017-6169 (In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP ...)
+CVE-2017-6169
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6168 (On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 ...)
+CVE-2017-6168
 	NOT-FOR-US: F5 BIG-IP
 	NOTE: https://support.f5.com/csp/article/K21905460
 	NOTE: https://robotattack.org/
-CVE-2017-6167 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
+CVE-2017-6167
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6166 (In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
+CVE-2017-6166
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6165 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6165
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6164 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
+CVE-2017-6164
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6163 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM ...)
+CVE-2017-6163
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6162 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
+CVE-2017-6162
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6161 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
+CVE-2017-6161
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6160 (In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to ...)
+CVE-2017-6160
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6159 (F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6159
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6158 (In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 ...)
+CVE-2017-6158
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6157 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6157
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6156 (When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or ...)
+CVE-2017-6156
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6155 (On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or ...)
+CVE-2017-6155
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6154 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - ...)
+CVE-2017-6154
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6153 (Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, ...)
+CVE-2017-6153
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6152 (A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the ...)
+CVE-2017-6152
 	NOT-FOR-US: F5 BIG-IQ Centralized Management
-CVE-2017-6151 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
+CVE-2017-6151
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6150 (Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - ...)
+CVE-2017-6150
 	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6149
 	REJECTED
-CVE-2017-6148 (Responses to SOCKS proxy requests made through F5 BIG-IP version ...)
+CVE-2017-6148
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6147 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
+CVE-2017-6147
 	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6146
 	REJECTED
-CVE-2017-6145 (iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, ...)
+CVE-2017-6145
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6144 (In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type ...)
+CVE-2017-6144
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6143 (X509 certificate verification was not correctly implemented in the IP ...)
+CVE-2017-6143
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6142 (X509 certificate verification was not correctly implemented in the ...)
+CVE-2017-6142
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6141 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and ...)
+CVE-2017-6141
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6140 (On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, ...)
+CVE-2017-6140
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6139 (In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare ...)
+CVE-2017-6139
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6138 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6138
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6137 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, ...)
+CVE-2017-6137
 	NOT-FOR-US: F5
-CVE-2017-6136 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6136
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6135 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6135
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6134 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6134
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6133 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
+CVE-2017-6133
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6132 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-6132
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6131 (In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and ...)
+CVE-2017-6131
 	NOT-FOR-US: F5
-CVE-2017-6130 (F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is ...)
+CVE-2017-6130
 	NOT-FOR-US: F5
-CVE-2017-6129 (In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some ...)
+CVE-2017-6129
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6128 (An attacker may be able to cause a denial-of-service (DoS) attack ...)
+CVE-2017-6128
 	NOT-FOR-US: F5
-CVE-2017-6188 (Munin before 2.999.6 has a local file write vulnerability when CGI ...)
+CVE-2017-6188
 	{DSA-3794-1 DLA-836-1}
 	- munin 2.0.31-1 (bug #855705)
 	NOTE: https://github.com/munin-monitoring/munin/issues/721
-CVE-2017-6127 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2017-6127
 	NOT-FOR-US: DIGISOL DG-HR1400 Wireless Router
 CVE-2017-6126
 	RESERVED
@@ -35939,30 +35937,30 @@ CVE-2017-6106
 	RESERVED
 CVE-2017-6105
 	RESERVED
-CVE-2017-6104 (Remote file upload vulnerability in Wordpress Plugin Mobile App Native ...)
+CVE-2017-6104
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-6103 (Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1. ...)
+CVE-2017-6103
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-6102 (Persistent XSS in wordpress plugin rockhoist-badges v1.2.2. ...)
+CVE-2017-6102
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-6384 (Memory leak in the login_user function in saslserv/main.c in ...)
+CVE-2017-6384
 	- atheme-services 7.2.9-1 (bug #855588)
 	[jessie] - atheme-services <not-affected> (versions prior to 7.2.7 not vulnerable)
 	NOTE: 7.2.7 vulnerable, fixed in 7.2.8, but the fix introduced another DOS, fixed in 7.2.9
 	NOTE: (Possibly) introduced in https://github.com/atheme/atheme/commit/8ac7aa8d007331ae694f099c288e27f911e8cad1 (v7.2.7)
 CVE-2017-6101
 	RESERVED
-CVE-2017-6099 (Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in ...)
+CVE-2017-6099
 	NOT-FOR-US: PayPal PHP Merchant SDK
-CVE-2017-6098 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta) ...)
+CVE-2017-6098
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6097 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta) ...)
+CVE-2017-6097
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6096 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta) ...)
+CVE-2017-6096
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6095 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta) ...)
+CVE-2017-6095
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6094 (CPEs used by subscribers on the access network receive their ...)
+CVE-2017-6094
 	NOT-FOR-US: Genexis GASP
 CVE-2017-6093
 	RESERVED
@@ -35970,15 +35968,15 @@ CVE-2017-6092
 	RESERVED
 CVE-2017-6091
 	RESERVED
-CVE-2017-6090 (Unrestricted file upload vulnerability in clients/editclient.php in ...)
+CVE-2017-6090
 	NOT-FOR-US: PhpCollab
-CVE-2017-6089 (SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows ...)
+CVE-2017-6089
 	NOT-FOR-US: PhpCollab
-CVE-2017-6088 (Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 ...)
+CVE-2017-6088
 	NOT-FOR-US: EyesOfNetwork
-CVE-2017-6087 (EyesOfNetwork (&quot;EON&quot;) 5.0 and earlier allows remote authenticated ...)
+CVE-2017-6087
 	NOT-FOR-US: EyesOfNetwork
-CVE-2017-6086 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+CVE-2017-6086
 	NOT-FOR-US: ViMbAdmin
 CVE-2017-6085
 	RESERVED
@@ -35988,57 +35986,57 @@ CVE-2017-6083
 	RESERVED
 CVE-2017-6082
 	RESERVED
-CVE-2017-6081 (A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, ...)
+CVE-2017-6081
 	- zammad <itp> (bug #841355)
-CVE-2017-6080 (An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and ...)
+CVE-2017-6080
 	- zammad <itp> (bug #841355)
-CVE-2017-6079 (The HTTP web-management application on Edgewater Networks Edgemarc ...)
+CVE-2017-6079
 	NOT-FOR-US: Edgewater
-CVE-2017-6078 (FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a ...)
+CVE-2017-6078
 	NOT-FOR-US: FastStone MaxView
-CVE-2017-6077 (ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 ...)
+CVE-2017-6077
 	NOT-FOR-US: NETGEAR
-CVE-2017-6076 (In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes ...)
+CVE-2017-6076
 	- wolfssl 3.10.2+dfsg-1 (bug #856114)
 	NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/345df93978c41da1ac8047a37f1fed5286883d8d
 CVE-2017-6075
 	RESERVED
-CVE-2017-6074 (The dccp_rcv_state_process function in net/dccp/input.c in the Linux ...)
+CVE-2017-6074
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4
 CVE-2017-6073
 	RESERVED
-CVE-2017-6072 (CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows ...)
+CVE-2017-6072
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6071 (CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows ...)
+CVE-2017-6071
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6070 (CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows ...)
+CVE-2017-6070
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6069 (Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any ...)
+CVE-2017-6069
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6068 (Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can ...)
+CVE-2017-6068
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6067 (Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom ...)
+CVE-2017-6067
 	NOT-FOR-US: Symphony CMS
-CVE-2017-6066 (Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker can ...)
+CVE-2017-6066
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6065 (SQL injection vulnerability in ...)
+CVE-2017-6065
 	NOT-FOR-US: GenixCMS
 CVE-2017-6064
 	RESERVED
 CVE-2017-6063
 	RESERVED
-CVE-2017-6061 (Cross-site scripting (XSS) vulnerability in the help component of SAP ...)
+CVE-2017-6061
 	NOT-FOR-US: SAP
-CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in Artifex ...)
+CVE-2017-6060
 	- mupdf <unfixed> (unimportant)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present)
 	NOTE: Although jstest_main.c compiled during build and mujstest is created
 	NOTE: it is not included in the produced binary packages
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/18/1
-CVE-2017-6058 (Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU ...)
+CVE-2017-6058
 	- qemu 1:2.8+dfsg-3 (bug #855616)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -36047,148 +36045,148 @@ CVE-2017-6058 (Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in Q
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1423358
 CVE-2017-6057
 	RESERVED
-CVE-2017-6055 (XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3.9 ...)
+CVE-2017-6055
 	NOT-FOR-US: eParakstitajs and eParaksts Java lib
-CVE-2017-6054 (A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai ...)
+CVE-2017-6054
 	NOT-FOR-US: Hyundai
-CVE-2017-6053 (A Cross-Site Scripting issue was discovered in Trihedral VTScada ...)
+CVE-2017-6053
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-6052 (A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue ...)
+CVE-2017-6052
 	NOT-FOR-US: Hyundai
-CVE-2017-6051 (An Uncontrolled Search Path Element issue was discovered in BLF-Tech ...)
+CVE-2017-6051
 	NOT-FOR-US: BLF-Tech LLC VisualView HMI
-CVE-2017-6050 (A SQL Injection issue was discovered in Ecava IntegraXor Versions ...)
+CVE-2017-6050
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2017-6049
 	RESERVED
-CVE-2017-6048 (A Command Injection issue was discovered in Satel Iberia SenNet Data ...)
+CVE-2017-6048
 	NOT-FOR-US: Satel Iberia SenNet Data Logger and Electricity Meters
 CVE-2017-6047
 	RESERVED
-CVE-2017-6046 (An Insufficiently Protected Credentials issue was discovered in Sierra ...)
+CVE-2017-6046
 	NOT-FOR-US: Sierra Wireless AirLink Raven
-CVE-2017-6045 (An Information Exposure issue was discovered in Trihedral VTScada ...)
+CVE-2017-6045
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-6044 (An Improper Authorization issue was discovered in Sierra Wireless ...)
+CVE-2017-6044
 	NOT-FOR-US: Sierra Wireless AirLink Raven
-CVE-2017-6043 (A Resource Consumption issue was discovered in Trihedral VTScada ...)
+CVE-2017-6043
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-6042 (A Cross-Site Request Forgery issue was discovered in Sierra Wireless ...)
+CVE-2017-6042
 	NOT-FOR-US: Sierra Wireless AirLink Raven
-CVE-2017-6041 (An Unrestricted Upload issue was discovered in Marel Food Processing ...)
+CVE-2017-6041
 	NOT-FOR-US: Marel
-CVE-2017-6040 (An Information Exposure issue was discovered in Belden Hirschmann GECKO ...)
+CVE-2017-6040
 	NOT-FOR-US: Belden Hirschmann GECKO Lite Managed switch
-CVE-2017-6039 (A Use of Hard-Coded Password issue was discovered in Phoenix Broadband ...)
+CVE-2017-6039
 	NOT-FOR-US: Phoenix
-CVE-2017-6038 (A Cross-Site Request Forgery issue was discovered in Belden Hirschmann ...)
+CVE-2017-6038
 	NOT-FOR-US: Belden Hirschmann GECKO Lite Managed switch
-CVE-2017-6037 (A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies ...)
+CVE-2017-6037
 	NOT-FOR-US: Wecon
-CVE-2017-6036 (A Server-Side Request Forgery issue was discovered in Belden Hirschmann ...)
+CVE-2017-6036
 	NOT-FOR-US: Belden Hirschmann GECKO Lite Managed switch
-CVE-2017-6035 (A Stack-Based Buffer Overflow issue was discovered in Wecon ...)
+CVE-2017-6035
 	NOT-FOR-US: Wecon
-CVE-2017-6034 (An Authentication Bypass by Capture-Replay issue was discovered in ...)
+CVE-2017-6034
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6033 (A DLL Hijacking issue was discovered in Schneider Electric Interactive ...)
+CVE-2017-6033
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6032 (A Violation of Secure Design Principles issue was discovered in ...)
+CVE-2017-6032
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6031 (A Header Injection issue was discovered in Certec EDV GmbH atvise scada ...)
+CVE-2017-6031
 	NOT-FOR-US: Certec EDV GmbH atvise scada
-CVE-2017-6030 (A Predictable Value Range from Previous Values issue was discovered in ...)
+CVE-2017-6030
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6029 (A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise ...)
+CVE-2017-6029
 	NOT-FOR-US: Certec EDV GmbH atvise scada
-CVE-2017-6028 (An Insufficiently Protected Credentials issue was discovered in ...)
+CVE-2017-6028
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6027 (An Arbitrary File Upload issue was discovered in 3S-Smart Software ...)
+CVE-2017-6027
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server
-CVE-2017-6026 (A Use of Insufficiently Random Values issue was discovered in Schneider ...)
+CVE-2017-6026
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6025 (A Stack Buffer Overflow issue was discovered in 3S-Smart Software ...)
+CVE-2017-6025
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server
-CVE-2017-6024 (A Resource Exhaustion issue was discovered in Rockwell Automation ...)
+CVE-2017-6024
 	NOT-FOR-US: Rockwell
-CVE-2017-6023 (An issue was discovered in Fatek Automation PLC Ethernet Module. The ...)
+CVE-2017-6023
 	NOT-FOR-US: Fatek
-CVE-2017-6022 (A hard-coded password issue was discovered in Becton, Dickinson and ...)
+CVE-2017-6022
 	NOT-FOR-US: BD's Kiestra PerformA and KLA Journal Service applications
-CVE-2017-6021 (In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, ...)
+CVE-2017-6021
 	NOT-FOR-US: Schneider
-CVE-2017-6020 (Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis ...)
+CVE-2017-6020
 	NOT-FOR-US: Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software
-CVE-2017-6019 (An issue was discovered in Schneider Electric Conext ComBox, model ...)
+CVE-2017-6019
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6018 (An open redirect issue was discovered in B. Braun Medical SpaceCom ...)
+CVE-2017-6018
 	NOT-FOR-US: SpaceCom / SpaceStation
-CVE-2017-6017 (A Resource Exhaustion issue was discovered in Schneider Electric ...)
+CVE-2017-6017
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6016 (An Improper Access Control issue was discovered in LCDS - Leao ...)
+CVE-2017-6016
 	NOT-FOR-US: LCDS (Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA)
-CVE-2017-6015 (Without quotation marks, any whitespace in the file path for Rockwell ...)
+CVE-2017-6015
 	NOT-FOR-US: Rockwell
-CVE-2017-6014 (In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 ...)
+CVE-2017-6014
 	{DSA-3811-1 DLA-826-1}
 	- wireshark 2.2.5+g440fd4d-2 (bug #855408)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416
-CVE-2017-6013 (Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query ...)
+CVE-2017-6013
 	NOT-FOR-US: Subrion CMS
 CVE-2017-6012
 	RESERVED
-CVE-2017-6011 (An issue was discovered in icoutils 0.31.1. An out-of-bounds read ...)
+CVE-2017-6011
 	{DSA-3807-1 DLA-854-1}
 	- icoutils 0.31.2-1 (bug #854054)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=bf97b99109607d4367a4e57df9a37cbcac02e220
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=45a0207225df4cd4b82f41eee636e21f11a7db74
 	NOTE: Proposed patch from Red Hat contributor: https://bugzilla.redhat.com/attachment.cgi?id=1256393
-CVE-2017-6010 (An issue was discovered in icoutils 0.31.1. A buffer overflow was ...)
+CVE-2017-6010
 	{DSA-3807-1 DLA-854-1}
 	- icoutils 0.31.2-1 (bug #854054)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=bf97b99109607d4367a4e57df9a37cbcac02e220
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=45a0207225df4cd4b82f41eee636e21f11a7db74
 	NOTE: Proposed patch from Red Hat contributor: https://bugzilla.redhat.com/attachment.cgi?id=1256393
-CVE-2017-6009 (An issue was discovered in icoutils 0.31.1. A buffer overflow was ...)
+CVE-2017-6009
 	{DSA-3807-1 DLA-854-1}
 	- icoutils 0.31.2-1 (bug #854050)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=f148ae5af1c9eeb85610a5653a7f625dd6c3ac2e
 	NOTE: Proposed patch from Red Hat contributor: https://bugzilla.redhat.com/attachment.cgi?id=1256407
-CVE-2017-6008 (A kernel pool overflow in the driver hitmanpro37.sys in Sophos ...)
+CVE-2017-6008
 	NOT-FOR-US: Sophos
-CVE-2017-6007 (A kernel pool overflow in the driver hitmanpro37.sys in Sophos ...)
+CVE-2017-6007
 	NOT-FOR-US: Sophos
 CVE-2017-6006
 	REJECTED
-CVE-2017-6005 (Waves MaxxAudio, as installed on Dell laptops, adds a &quot;WavesSysSvc&quot; ...)
+CVE-2017-6005
 	NOT-FOR-US: Waves MaxxAudio
-CVE-2017-6004 (The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE ...)
+CVE-2017-6004
 	- pcre3 2:8.39-2.1 (bug #855405)
 	[jessie] - pcre3 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=2035
-CVE-2017-6003 (dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language ...)
+CVE-2017-6003
 	NOT-FOR-US: dotCMS
-CVE-2017-6002 (Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add ...)
+CVE-2017-6002
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6001 (Race condition in kernel/events/core.c in the Linux kernel before ...)
+CVE-2017-6001
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.10-1
 	NOTE: Fixed by: https://git.kernel.org/linus/321027c1fe77f892f4ea07846aeae08cefbbb290
 CVE-2017-6000
 	REJECTED
-CVE-2017-5999 (An issue was discovered in sysPass 2.x before 2.1, in which an ...)
+CVE-2017-5999
 	NOT-FOR-US: sysPass
-CVE-2017-5998 (Cross-site scripting (XSS) vulnerability in InterSect Alliance SNARE ...)
+CVE-2017-5998
 	NOT-FOR-US: InterSect Alliance SNARE Epilog
-CVE-2017-5997 (The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows ...)
+CVE-2017-5997
 	NOT-FOR-US: SAP Message Server
-CVE-2017-5996 (The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before ...)
+CVE-2017-5996
 	NOT-FOR-US: Bomgar Remote Support
-CVE-2017-5995 (The NetApp ONTAP Select Deploy administration utility 2.0 through ...)
+CVE-2017-5995
 	NOT-FOR-US: NetApp ONTAP Select Deploy administration utility
-CVE-2017-14431 (Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a ...)
+CVE-2017-14431
 	{DLA-1493-1}
 	- xen 4.8.1-1 (bug #856229)
 	[wheezy] - xen <no-dsa> (Minor issue)
@@ -36198,38 +36196,38 @@ CVE-2017-XXXX [XSA-206: xenstore denial of service via repeated update]
 	[jessie] - xen 4.4.4lts1-0+deb8u1
 	[wheezy] - xen <ignored> (Too intrusive to backport)
 	NOTE: https://xenbits.xen.org/xsa/advisory-206.html
-CVE-2017-5994 (Heap-based buffer overflow in the vrend_create_vertex_elements_state ...)
+CVE-2017-5994
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=114688c526fe45f341d75ccd1d85473c3b08f7a7 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422452
-CVE-2017-5993 (Memory leak in the vrend_renderer_init_blit_ctx function in ...)
+CVE-2017-5993
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=6eb13f7a2dcf391ec9e19b4c2a79e68305f63c22 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422438
-CVE-2017-5991 (An issue was discovered in Artifex Software, Inc. MuPDF before ...)
+CVE-2017-5991
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-4 (low)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697500
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465
-CVE-2017-5990 (An issue was discovered in PhreeBooksERP before 2017-02-13. The ...)
+CVE-2017-5990
 	NOT-FOR-US: PhreeBooksERP
 CVE-2017-5989
 	RESERVED
-CVE-2017-5988 (NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is ...)
+CVE-2017-5988
 	NOT-FOR-US: NetApp
-CVE-2017-5987 (The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...)
+CVE-2017-5987
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #855159)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02776.html
-CVE-2017-5986 (Race condition in the sctp_wait_for_sndbuf function in ...)
+CVE-2017-5986
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.10-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2dcab598484185dea7ec22219c76dcdd59e3cb90
-CVE-2017-5985 (lxc-user-nic in Linux Containers (LXC) allows local users with a ...)
+CVE-2017-5985
 	- lxc 1:2.0.7-2 (bug #857295)
 	[jessie] - lxc 1:1.0.6-6+deb8u6
 	[wheezy] - lxc <not-affected> (vulnerable code not present)
@@ -36240,9 +36238,9 @@ CVE-2017-5985 (lxc-user-nic in Linux Containers (LXC) allows local users with a
 	NOTE: stable-1.0: https://github.com/lxc/lxc/commit/c905f00ad78b78a5e9c0d67504b86e00dfe085ec
 CVE-2017-5984
 	RESERVED
-CVE-2017-5983 (The JIRA Workflow Designer Plugin in Atlassian JIRA Server before ...)
+CVE-2017-5983
 	NOT-FOR-US: JIRA Workflow Designer Plugin
-CVE-2017-5982 (Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi ...)
+CVE-2017-5982
 	- kodi <unfixed> (bug #855225)
 	[buster] - kodi <ignored> (Minor issue)
 	[stretch] - kodi <ignored> (Minor issue)
@@ -36255,68 +36253,68 @@ CVE-2017-5982 (Directory traversal vulnerability in the Chorus2 2.4.2 add-on for
 	NOTE: https://lists.debian.org/debian-lts/2017/04/msg00025.html
 	NOTE: https://lists.debian.org/debian-lts/2017/04/msg00055.html (and followups)
 	NOTE: https://lists.debian.org/debian-lts/2017/05/msg00006.html
-CVE-2017-5681 (The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) ...)
+CVE-2017-5681
 	NOT-FOR-US: Intel QuickAssist Technology (QAT) Engine
-CVE-2017-6056 (It was discovered that a programming error in the processing of HTTPS ...)
+CVE-2017-6056
 	{DSA-3788-1 DSA-3787-1 DLA-823-1}
 	- tomcat8 8.0.21-2 (bug #851304)
 	- tomcat7 7.0.72-3 (bug #854551)
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=57544
-CVE-2017-5981 (seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial ...)
+CVE-2017-5981
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-assertion-failure-in-seeko-c/
-CVE-2017-5980 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...)
+CVE-2017-5980
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-zzip_mem_entry_new-memdisk-c/
-CVE-2017-5979 (The prescan_entry function in fseeko.c in zziplib 0.13.62 allows ...)
+CVE-2017-5979
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c/
-CVE-2017-5978 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...)
+CVE-2017-5978
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c/
-CVE-2017-5977 (The zzip_mem_entry_extra_block function in memdisk.c in zziplib ...)
+CVE-2017-5977
 	- zziplib <unfixed> (bug #864150; bug #854727)
 	[stretch] - zziplib <ignored> (Minor issue)
 	[jessie] - zziplib <ignored> (Minor issue)
 	[wheezy] - zziplib <ignored> (Minor issue)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/
-CVE-2017-5976 (Heap-based buffer overflow in the zzip_mem_entry_extra_block function ...)
+CVE-2017-5976
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-zzip_mem_entry_extra_block-memdisk-c/
-CVE-2017-5975 (Heap-based buffer overflow in the __zzip_get64 function in fetch.c in ...)
+CVE-2017-5975
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get64-fetch-c/
 	NOTE: https://github.com/gdraheim/zziplib/commit/33d6e9c52fcf1a8983896a512033994dc2ca5734 (v0.13.63)
 	NOTE: https://github.com/gdraheim/zziplib/commit/64e745f8a3604ba1c444febed86b5e142ce03dd7 (v0.13.63)
-CVE-2017-5974 (Heap-based buffer overflow in the __zzip_get32 function in fetch.c in ...)
+CVE-2017-5974
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get32-fetch-c/
-CVE-2017-5973 (The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick ...)
+CVE-2017-5973
 	{DLA-1497-1 DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (bug #855611)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01101.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/13/11
-CVE-2017-5972 (The TCP stack in the Linux kernel 3.x does not properly implement a ...)
+CVE-2017-5972
 	- linux 4.4.2-1
 	[jessie] - linux <ignored> (Known perfomance limitation)
 	[wheezy] - linux <no-dsa> (Known perfomance limitation)
-CVE-2017-5971 (SQL injection vulnerability in NewsBee CMS allow remote attackers to ...)
+CVE-2017-5971
 	NOT-FOR-US: NewsBee CMS
-CVE-2017-5970 (The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the ...)
+CVE-2017-5970
 	{DSA-3791-1 DLA-922-1}
 	- linux 4.9.10-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644 (v4.10-rc8)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/f84af32cbca70a3c6d30463dc08c7984af11c277 (v2.6.35-rc1)
-CVE-2017-5969 (** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote ...)
+CVE-2017-5969
 	- libxml2 2.9.4+dfsg1-5.1 (bug #855001)
 	[stretch] - libxml2 <no-dsa> (Minor issue, only a denial-of-service when using recover mode)
 	[jessie] - libxml2 <no-dsa> (Minor issue, only a denial-of-service when using recover mode)
@@ -36327,31 +36325,31 @@ CVE-2017-5969 (** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows r
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=94691dc884d1a8ada39f073408b4bb92fe7fe882
 CVE-2017-5968
 	RESERVED
-CVE-2017-5967 (The time subsystem in the Linux kernel through 4.9.9, when ...)
+CVE-2017-5967
 	- linux 4.9.13-1 (low)
-CVE-2017-5966 (Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators ...)
+CVE-2017-5966
 	NOT-FOR-US: Sitecore
-CVE-2017-5965 (The package manager in Sitecore CRM 8.1 Rev 151207 allows remote ...)
+CVE-2017-5965
 	NOT-FOR-US: Sitecore
-CVE-2017-5964 (An issue was discovered in Emoncms through 9.8.0. The vulnerability ...)
+CVE-2017-5964
 	NOT-FOR-US: Emoncms
-CVE-2017-5963 (An issue was discovered in caddy (for TYPO3) before 7.2.10. The ...)
+CVE-2017-5963
 	NOT-FOR-US: Typo3 extension
-CVE-2017-5962 (An issue was discovered in contexts_wurfl (for TYPO3) before 0.4.2. The ...)
+CVE-2017-5962
 	NOT-FOR-US: Typo3 extension
-CVE-2017-5961 (An issue was discovered in ionize through 1.0.8. The vulnerability ...)
+CVE-2017-5961
 	NOT-FOR-US: ionize
-CVE-2017-5960 (An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability ...)
+CVE-2017-5960
 	NOT-FOR-US: Phalcon Eye
-CVE-2017-5959 (CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation ...)
+CVE-2017-5959
 	NOT-FOR-US: GenixCMS
 CVE-2017-5958
 	RESERVED
-CVE-2017-5957 (Stack-based buffer overflow in the vrend_decode_set_framebuffer_state ...)
+CVE-2017-5957
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=926b9b3460a48f6454d8bbe9e44313d86a65447f (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421126
-CVE-2017-5956 (The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local ...)
+CVE-2017-5956
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=a5ac49940c40ae415eac0cf912eac7070b4ba95d (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421073
@@ -36359,21 +36357,21 @@ CVE-2017-5956 (The vrend_draw_vbo function in virglrenderer before 0.6.0 allows
 	NOTE: Additional patch required: https://bugzilla.suse.com/attachment.cgi?id=715395
 CVE-2017-5955
 	RESERVED
-CVE-2017-5954 (An issue was discovered in the serialize-to-js package 0.5.0 for ...)
+CVE-2017-5954
 	NOT-FOR-US: serialize-to-js Node package
-CVE-2017-5953 (vim before patch 8.0.0322 does not properly validate values for tree ...)
+CVE-2017-5953
 	{DSA-3786-1 DLA-822-1}
 	- vim 2:8.0.0197-2 (bug #854969)
 	- neovim 0.1.7-4
 	NOTE: Fixed by https://github.com/vim/vim/commit/399c297aa93afe2c0a39e2a1b3f972aebba44c9d
 CVE-2017-5952
 	RESERVED
-CVE-2017-5951 (The mem_get_bits_rectangle function in base/gdevmem.c in Artifex ...)
+CVE-2017-5951
 	{DSA-3838-1 DLA-905-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #859696)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697548
 	NOTE: Fixed by: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
-CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) ...)
+CVE-2017-5950
 	- yaml-cpp <unfixed> (low; bug #859891)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -36384,65 +36382,65 @@ CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml
 	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/459
 	NOTE: possible fix: https://github.com/jbeder/yaml-cpp/pull/489
-CVE-2017-5949 (JavaScriptCore in WebKit, as distributed in Safari Technology Preview ...)
+CVE-2017-5949
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-5948 (An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. ...)
+CVE-2017-5948
 	NOT-FOR-US: OnePlus One
-CVE-2017-5947 (An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices ...)
+CVE-2017-5947
 	NOT-FOR-US: OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS
-CVE-2017-5946 (The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a ...)
+CVE-2017-5946
 	{DSA-3801-1 DLA-846-1}
 	- ruby-zip 1.2.0-1.1 (bug #856269)
 	- libzip-ruby <removed>
 	NOTE: https://github.com/rubyzip/rubyzip/issues/315
-CVE-2017-5945 (An issue was discovered in the PoodLL Filter plugin through 3.0.20 for ...)
+CVE-2017-5945
 	NOT-FOR-US: Moodle plugin
-CVE-2017-5944 (The dashboard subscription interface in Request Tracker (RT) 4.x ...)
+CVE-2017-5944
 	{DSA-3882-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
-CVE-2017-5943 (Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x ...)
+CVE-2017-5943
 	{DSA-3882-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
-CVE-2017-5942 (An issue was discovered in the WP Mail plugin before 1.2 for WordPress. ...)
+CVE-2017-5942
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-5941 (An issue was discovered in the node-serialize package 0.0.4 for ...)
+CVE-2017-5941
 	NOT-FOR-US: node-serialize
 CVE-2017-5939
 	RESERVED
-CVE-2017-5936 (OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth ...)
+CVE-2017-5936
 	NOT-FOR-US: Nova-LXD
-CVE-2017-5937 (The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d ...)
+CVE-2017-5937
 	- virglrenderer 0.6.0-1 (bug #854728)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=48f67f60967f963b698ec8df57ec6912a43d6282 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420246
 CVE-2017-5935
 	RESERVED
-CVE-2017-5934 (Cross-site scripting (XSS) vulnerability in the link dialogue in GUI ...)
+CVE-2017-5934
 	{DSA-4318-1 DLA-1546-1}
 	- moin 1.9.9-1+deb9u1 (bug #910776)
 	NOTE: https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024
-CVE-2017-5933 (Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, ...)
+CVE-2017-5933
 	NOT-FOR-US: Citrix
-CVE-2017-5932 (The path autocompletion feature in Bash 4.4 allows local users to gain ...)
+CVE-2017-5932
 	- bash 4.4-3
 	[jessie] - bash <not-affected> (Introduced in 4.4)
 	[wheezy] - bash <not-affected> (Introduced in 4.4)
 	NOTE: https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf
 	NOTE: Fix http://git.savannah.gnu.org/cgit/bash.git/commit/?id=4f747edc625815f449048579f6e65869914dd715
-CVE-2017-5931 (Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick ...)
+CVE-2017-5931
 	- qemu 1:2.8+dfsg-3 (bug #854730)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01368.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/8
-CVE-2017-5930 (The AliasHandler component in PostfixAdmin before 3.0.2 allows remote ...)
+CVE-2017-5930
 	- postfixadmin 3.0.2-1 (bug #854742)
 	[jessie] - postfixadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - postfixadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/6
-CVE-2017-5929 (QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting ...)
+CVE-2017-5929
 	{DLA-888-1}
 	- logback 1:1.1.9-3 (bug #857343)
 	[jessie] - logback 1:1.1.2-1+deb8u1
@@ -36451,19 +36449,19 @@ CVE-2017-5929 (QOS.ch Logback before 1.2.0 has a serialization vulnerability aff
 	NOTE: https://github.com/qos-ch/logback/commit/7fbea6127fa98fc48368ca5e8540eefe0e60cec5
 	NOTE: https://github.com/qos-ch/logback/commit/3b4f605454534b304770eeee3cb343521fcd6968
 	NOTE: Information asked about complete patchset to fix CVE-2017-5929: http://mailman.qos.ch/pipermail/logback-user/2017-March/004875.html
-CVE-2017-5928 (The W3C High Resolution Time API, as implemented in various web ...)
+CVE-2017-5928
 	NOT-FOR-US: Design limitation of W3C High Resolution Time API
-CVE-2017-5927 (Page table walks conducted by the MMU during virtual to physical ...)
+CVE-2017-5927
 	NOT-FOR-US: Hardware issue in some Intel CPUs
-CVE-2017-5926 (Page table walks conducted by the MMU during virtual to physical ...)
+CVE-2017-5926
 	NOT-FOR-US: Hardware issue in some Intel CPUs
-CVE-2017-5925 (Page table walks conducted by the MMU during virtual to physical ...)
+CVE-2017-5925
 	NOT-FOR-US: Hardware issue in some Intel CPUs
-CVE-2017-5924 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a ...)
+CVE-2017-5924
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/593
-CVE-2017-5923 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a ...)
+CVE-2017-5923
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/597
@@ -36473,47 +36471,47 @@ CVE-2017-5921
 	RESERVED
 CVE-2017-5920
 	RESERVED
-CVE-2017-5919 (The 21st Century Insurance app 10.0.0 for iOS does not verify X.509 ...)
+CVE-2017-5919
 	NOT-FOR-US: 21st Century Insurance app for iOS
-CVE-2017-5918 (The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.509 ...)
+CVE-2017-5918
 	NOT-FOR-US: Banco de Costa Rica BCR Movil app for iOS
 CVE-2017-5917
 	REJECTED
-CVE-2017-5916 (The America's First Federal Credit Union (FCU) Mobile Banking app 3.1.0 ...)
+CVE-2017-5916
 	NOT-FOR-US: America's First Federal Credit Union (FCU) Mobile Banking app
-CVE-2017-5915 (The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through ...)
+CVE-2017-5915
 	NOT-FOR-US: Emirates NBD Bank P.J.S.C Emirates NBD KSA app
-CVE-2017-5914 (The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 ...)
+CVE-2017-5914
 	NOT-FOR-US: DOT IT Banque Zitouna app
-CVE-2017-5913 (The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 ...)
+CVE-2017-5913
 	NOT-FOR-US: TradeKing Forex for iPhone app
-CVE-2017-5912 (The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS ...)
+CVE-2017-5912
 	NOT-FOR-US: FOREX.com FOREXTrader for iPhone app
-CVE-2017-5911 (The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS ...)
+CVE-2017-5911
 	NOT-FOR-US: Banco Santander Mexico SA Supermovil app
 CVE-2017-5910
 	RESERVED
-CVE-2017-5909 (The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS ...)
+CVE-2017-5909
 	NOT-FOR-US: Electronic Funds Source (EFS) Mobile Driver Source app
 CVE-2017-5908
 	REJECTED
-CVE-2017-5907 (The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 ...)
+CVE-2017-5907
 	NOT-FOR-US: Great Southern Bank Great Southern Mobile Banking app
-CVE-2017-5906 (The Everyday Health Diabetes in Check: Blood Glucose &amp; Carb Tracker app ...)
+CVE-2017-5906
 	NOT-FOR-US: Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app
-CVE-2017-5905 (The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 ...)
+CVE-2017-5905
 	NOT-FOR-US: Dollar Bank Mobile app
 CVE-2017-5904
 	RESERVED
 CVE-2017-5903
 	RESERVED
-CVE-2017-5902 (The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates ...)
+CVE-2017-5902
 	NOT-FOR-US: PayQuicker app
-CVE-2017-5901 (The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not ...)
+CVE-2017-5901
 	NOT-FOR-US: State Bank of India State Bank Anywhere app
-CVE-2017-5900 (Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 ...)
+CVE-2017-5900
 	NOT-FOR-US: NetComm
-CVE-2017-5896 (Heap-based buffer overflow in the fz_subsample_pixmap function in ...)
+CVE-2017-5896
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-3 (bug #854734)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
@@ -36527,11 +36525,11 @@ CVE-2017-5894
 	RESERVED
 CVE-2017-5893
 	RESERVED
-CVE-2017-5892 (ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 ...)
+CVE-2017-5892
 	NOT-FOR-US: ASUS
-CVE-2017-5891 (ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 ...)
+CVE-2017-5891
 	NOT-FOR-US: ASUS
-CVE-2017-5898 (Integer overflow in the emulated_apdu_from_guest function in ...)
+CVE-2017-5898
 	{DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (bug #854729)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -36539,7 +36537,7 @@ CVE-2017-5898 (Integer overflow in the emulated_apdu_from_guest function in ...)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-02/msg01075.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1419699
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commit;h=c7dfbf322595ded4e70b626bf83158a9f3807c6a
-CVE-2017-5897 (The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel ...)
+CVE-2017-5897
 	{DSA-3791-1}
 	- linux 4.9.13-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -36551,14 +36549,14 @@ CVE-2017-5889
 	RESERVED
 CVE-2017-5888
 	RESERVED
-CVE-2017-5887 (WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass ...)
+CVE-2017-5887
 	NOT-FOR-US: Starscream
-CVE-2017-5885 (Multiple integer overflows in the (1) vnc_connection_server_message ...)
+CVE-2017-5885
 	{DLA-831-1}
 	- gtk-vnc 0.6.0-3 (bug #854450)
 	[jessie] - gtk-vnc <no-dsa> (Minor issue)
 	NOTE: http://openwall.com/lists/oss-security/2017/02/05/5
-CVE-2017-5884 (gtk-vnc before 0.7.0 does not properly check boundaries of ...)
+CVE-2017-5884
 	{DLA-831-1}
 	- gtk-vnc 0.6.0-3 (bug #854450)
 	[jessie] - gtk-vnc <no-dsa> (Minor issue)
@@ -36566,33 +36564,33 @@ CVE-2017-5884 (gtk-vnc before 0.7.0 does not properly check boundaries of ...)
 	NOTE: http://openwall.com/lists/oss-security/2017/02/05/5
 CVE-2017-5883
 	RESERVED
-CVE-2017-5882 (Cross-site scripting (XSS) vulnerability in index.asp in SANADATA ...)
+CVE-2017-5882
 	NOT-FOR-US: SanaCMS
-CVE-2017-5881 (GOM Player 2.3.10.5266 allows remote attackers to cause a denial of ...)
+CVE-2017-5881
 	NOT-FOR-US: GOM Player
-CVE-2017-5880 (Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x ...)
+CVE-2017-5880
 	NOT-FOR-US: Splunk
-CVE-2017-5879 (An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL ...)
+CVE-2017-5879
 	NOT-FOR-US: Exponent CMS
-CVE-2017-5878 (The AMF unmarshallers in Red5 Media Server before 1.0.8 do not ...)
+CVE-2017-5878
 	NOT-FOR-US: AMF unmarshallers in Red5 Media Server
-CVE-2017-5938 (Cross-site scripting (XSS) vulnerability in the nav_path function in ...)
+CVE-2017-5938
 	{DSA-3784-1 DLA-820-1}
 	- viewvc 1.1.26-1 (bug #854681)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/08/7
 	NOTE: https://github.com/viewvc/viewvc/commit/9dcfc7daa4c940992920d3b2fbd317da20e44aad
-CVE-2017-5992 (Openpyxl 2.4.1 resolves external entities by default, which allows ...)
+CVE-2017-5992
 	- openpyxl 2.3.0-3 (bug #854442)
 	[jessie] - openpyxl <not-affected> (vulnerable code not present)
 	[wheezy] - openpyxl <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/5
 	NOTE: https://bitbucket.org/openpyxl/openpyxl/issues/749
 	NOTE: https://bitbucket.org/openpyxl/openpyxl/commits/3b4905f428e1
-CVE-2017-6059 (Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication ...)
+CVE-2017-6059
 	- libapache2-mod-auth-openidc 2.1.5-1
 	[jessie] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
 	NOTE: https://github.com/pingidentity/mod_auth_openidc/issues/212
-CVE-2017-6062 (The &quot;OpenID Connect Relying Party and OAuth 2.0 Resource Server&quot; (aka ...)
+CVE-2017-6062
 	- libapache2-mod-auth-openidc 2.1.5-1
 	[jessie] - libapache2-mod-auth-openidc <not-affected> (support for OIDCUnAuthAction added in 1.8.5rc1)
 	NOTE: https://github.com/pingidentity/mod_auth_openidc/issues/222
@@ -36606,38 +36604,38 @@ CVE-2017-XXXX [irssi missing null terminator]
 	- irssi 1.0.1-1 (unimportant)
 	NOTE: Patch: https://github.com/irssi/irssi/pull/619/commits/677fb1f55ca52d0e43c93f7d8361d333ff5bffd6
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/02/05/8
-CVE-2017-5886 (Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken ...)
+CVE-2017-5886
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #854604)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/1623824.EtgW9yDooZ%40blackgate/#msg35644693
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1837
-CVE-2017-5877 (XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack ...)
+CVE-2017-5877
 	NOT-FOR-US: dotCMS
-CVE-2017-5876 (XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack ...)
+CVE-2017-5876
 	NOT-FOR-US: dotCMS
-CVE-2017-5875 (XSS was discovered in dotCMS 3.7.0, with an authenticated attack ...)
+CVE-2017-5875
 	NOT-FOR-US: dotCMS
-CVE-2017-5874 (CSRF exists on D-Link DIR-600M Rev. Cx devices before ...)
+CVE-2017-5874
 	NOT-FOR-US: D-Link
-CVE-2017-5873 (Unquoted Windows search path vulnerability in the guest service in ...)
+CVE-2017-5873
 	NOT-FOR-US: Unisys
-CVE-2017-5872 (The TCP/IP networking module in Unisys ClearPath MCP systems with ...)
+CVE-2017-5872
 	NOT-FOR-US: Unisys ClearPath
 CVE-2017-5871
 	RESERVED
-CVE-2017-5870 (Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin ...)
+CVE-2017-5870
 	NOT-FOR-US: ViMbAdmin
-CVE-2017-5869 (Directory traversal vulnerability in the file import feature in Nuxeo ...)
+CVE-2017-5869
 	NOT-FOR-US: Nuxeo
-CVE-2017-5868 (CRLF injection vulnerability in the web interface in OpenVPN Access ...)
+CVE-2017-5868
 	NOT-FOR-US: OpenVPN Access Server
-CVE-2017-5867 (ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, ...)
+CVE-2017-5867
 	- owncloud <removed>
-CVE-2017-5866 (The autocomplete feature in the E-Mail share dialog in ownCloud Server ...)
+CVE-2017-5866
 	- owncloud <removed>
-CVE-2017-5865 (The password reset functionality in ownCloud Server before 8.1.11, ...)
+CVE-2017-5865
 	- owncloud <removed>
 CVE-2017-5864
 	RESERVED
@@ -36649,129 +36647,129 @@ CVE-2017-5861
 	RESERVED
 CVE-2017-5860
 	RESERVED
-CVE-2017-5859 (On Cambium Networks cnPilot R200/201 devices before 4.3, there is a ...)
+CVE-2017-5859
 	NOT-FOR-US: Cambium Networks cnPilot
-CVE-2017-5858 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5858
 	NOT-FOR-US: converse.js
-CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows attackers ...)
+CVE-2017-5836
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <no-dsa> (pointers are not incorrectly freed and non-string key nodes are officially allowed)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/86
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5835 (libplist allows attackers to cause a denial of service (large memory ...)
+CVE-2017-5835
 	{DLA-840-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/88
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows attackers ...)
+CVE-2017-5834
 	{DLA-840-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/89
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5829 (An access restriction bypass vulnerability in HPE Aruba ClearPass ...)
+CVE-2017-5829
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5828 (An arbitrary command execution vulnerability in HPE Aruba ClearPass ...)
+CVE-2017-5828
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5827 (A reflected cross site scripting vulnerability in HPE Aruba ClearPass ...)
+CVE-2017-5827
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5826 (An authenticated remote code execution vulnerability in HPE Aruba ...)
+CVE-2017-5826
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5825 (A privilege escalation vulnerability in HPE Aruba ClearPass Policy ...)
+CVE-2017-5825
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5824 (An unauthenticated remote code execution vulnerability in HPE Aruba ...)
+CVE-2017-5824
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5823 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5823
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5822 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5822
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5821 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5821
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5820 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5820
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5819 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5819
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5818 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5818
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5817 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5817
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5816 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5816
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5815 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5815
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5814 (A remote sql injection authentication bypass in HPE Network Automation ...)
+CVE-2017-5814
 	NOT-FOR-US: HPE
-CVE-2017-5813 (A remote unauthenticated access vulnerability in HPE Network ...)
+CVE-2017-5813
 	NOT-FOR-US: HPE
-CVE-2017-5812 (A remote sql information disclosure vulnerability in HPE Network ...)
+CVE-2017-5812
 	NOT-FOR-US: HPE
-CVE-2017-5811 (A remote code execution vulnerability in HPE Network Automation ...)
+CVE-2017-5811
 	NOT-FOR-US: HPE
-CVE-2017-5810 (A remote sql injection vulnerability in HPE Network Automation version ...)
+CVE-2017-5810
 	NOT-FOR-US: HPE
-CVE-2017-5809 (A Remote Arbitrary Code Execution vulnerability in HPE Data Protector ...)
+CVE-2017-5809
 	NOT-FOR-US: HPE
-CVE-2017-5808 (A Remote Arbitrary Code Execution vulnerability in HPE Data Protector ...)
+CVE-2017-5808
 	NOT-FOR-US: HPE
-CVE-2017-5807 (A Remote Arbitrary Code Execution vulnerability in HPE Data Protector ...)
+CVE-2017-5807
 	NOT-FOR-US: HPE
-CVE-2017-5806 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5806
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5805 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5805
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5804 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5804
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5803 (A Remote Disclosure of Information vulnerability in HPE NonStop ...)
+CVE-2017-5803
 	NOT-FOR-US: HPE NonStop Servers
-CVE-2017-5802 (A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics ...)
+CVE-2017-5802
 	NOT-FOR-US: HPE Vertica Analytics Platform
-CVE-2017-5801 (A Remote Unauthorized Access to Data vulnerability in HPE Business ...)
+CVE-2017-5801
 	NOT-FOR-US: HPE Business Process Monitor
-CVE-2017-5800 (A Remote Cross-Site Scripting (XSS) vulnerability in HPE Operations ...)
+CVE-2017-5800
 	NOT-FOR-US: HPE Operations Bridge Analytics
-CVE-2017-5799 (A Remote Code Execution vulnerability in HPE OpenCall Media Platform ...)
+CVE-2017-5799
 	NOT-FOR-US: HPE OpenCall Media Platform
-CVE-2017-5798 (A Remote Code Execution vulnerability in HPE OpenCall Media Platform ...)
+CVE-2017-5798
 	NOT-FOR-US: HPE OpenCall Media Platform
-CVE-2017-5797 (A Remote Unauthenticated Disclosure of Information vulnerability in ...)
+CVE-2017-5797
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5796 (A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 ...)
+CVE-2017-5796
 	NOT-FOR-US: HPE 2620 Series Network Switches
-CVE-2017-5795 (A Local Arbitrary File Download vulnerability in HPE Intelligent ...)
+CVE-2017-5795
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5794 (A Remote Arbitrary File Download vulnerability in HPE Intelligent ...)
+CVE-2017-5794
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5793 (A Remote Arbitrary Code Execution vulnerability in HPE Intelligent ...)
+CVE-2017-5793
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5792 (A Remote Code Execution vulnerability in HPE Intelligent Management ...)
+CVE-2017-5792
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5791 (The doFilter method in UrlAccessController in HPE Intelligent ...)
+CVE-2017-5791
 	NOT-FOR-US: HPE Intelligent Management Center
 	NOTE: it appears that it was incorrectly used for an issue in JanTek JTC-200
-CVE-2017-5790 (A remote deserialization of untrusted data vulnerability in HPE ...)
+CVE-2017-5790
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5789 (HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before ...)
+CVE-2017-5789
 	NOT-FOR-US: HPE LoadRunner
 	NOTE: it appears that it was incorrectly used for an issue in JanTek JTC-200
-CVE-2017-5788 (A Local Disclosure of Sensitive Information vulnerability in HPE ...)
+CVE-2017-5788
 	NOT-FOR-US: HPE NonStop Software Essentials
-CVE-2017-5787 (A remote denial of service vulnerability in HPE Version Control ...)
+CVE-2017-5787
 	NOT-FOR-US: HPE Version Control Manager
-CVE-2017-5786 (A local Unauthorized Data Modification vulnerability in HPE ...)
+CVE-2017-5786
 	NOT-FOR-US: HPE OfficeConnect Network Switches
-CVE-2017-5785 (A remote information disclosure vulnerability in HPE Matrix Operating ...)
+CVE-2017-5785
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5784 (A missing HSTS Header vulnerability in HPE Matrix Operating ...)
+CVE-2017-5784
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5783 (A remote clickjacking vulnerability in HPE Matrix Operating ...)
+CVE-2017-5783
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5782 (A missing HSTS Header vulnerability in HPE Matrix Operating ...)
+CVE-2017-5782
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5781 (A CSRF vulnerability in HPE Matrix Operating Environment version v7.6 ...)
+CVE-2017-5781
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5780 (A remote clickjacking vulnerability in HPE Matrix Operating ...)
+CVE-2017-5780
 	NOT-FOR-US: HPE Matrix Operating Environment
 CVE-2017-5779
 	RESERVED
@@ -36823,7 +36821,7 @@ CVE-2017-5756
 	RESERVED
 CVE-2017-5755
 	RESERVED
-CVE-2017-5754 (Systems with microprocessors utilizing speculative execution and ...)
+CVE-2017-5754
 	{DSA-4120-1 DSA-4082-1 DSA-4078-1 DLA-1232-1}
 	- linux 4.14.12-1
 	- nvidia-graphics-drivers 384.111-1 (bug #886852)
@@ -36842,7 +36840,7 @@ CVE-2017-5754 (Systems with microprocessors utilizing speculative execution and
 	NOTE: Paper: https://meltdownattack.com/meltdown.pdf
 	NOTE: https://01.org/security/advisories/intel-oss-10003
 	- linux-grsec <removed>
-CVE-2017-5753 (Systems with microprocessors utilizing speculative execution and ...)
+CVE-2017-5753
 	{DSA-4188-1 DSA-4187-1 DLA-1423-1 DLA-1422-1}
 	- linux 4.15.11-1
 	- nvidia-graphics-drivers 384.111-1 (bug #886852)
@@ -36888,11 +36886,11 @@ CVE-2017-5740
 	RESERVED
 CVE-2017-5739
 	RESERVED
-CVE-2017-5738 (Escalation of privilege vulnerability in admin portal for Intel Unite ...)
+CVE-2017-5738
 	NOT-FOR-US: Intel Unite App
 CVE-2017-5737
 	RESERVED
-CVE-2017-5736 (An elevation of privilege in Intel Software Guard Extensions Platform ...)
+CVE-2017-5736
 	NOT-FOR-US: Intel
 CVE-2017-5735
 	RESERVED
@@ -36921,11 +36919,11 @@ CVE-2017-5731
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
 CVE-2017-5730
 	RESERVED
-CVE-2017-5729 (Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and ...)
+CVE-2017-5729
 	NOT-FOR-US: Intel
 CVE-2017-5728
 	RESERVED
-CVE-2017-5727 (Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, ...)
+CVE-2017-5727
 	NOT-FOR-US: Intel
 CVE-2017-5726
 	RESERVED
@@ -36935,21 +36933,21 @@ CVE-2017-5724
 	RESERVED
 CVE-2017-5723
 	RESERVED
-CVE-2017-5722 (Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, ...)
+CVE-2017-5722
 	NOT-FOR-US: Intel
-CVE-2017-5721 (Insufficient input validation in system firmware for Intel NUC7i3BNK, ...)
+CVE-2017-5721
 	NOT-FOR-US: Intel
 CVE-2017-5720
 	RESERVED
-CVE-2017-5719 (A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows ...)
+CVE-2017-5719
 	NOT-FOR-US: Intel
 CVE-2017-5718
 	RESERVED
-CVE-2017-5717 (Type Confusion in Content Protection HECI Service in Intel Graphics ...)
+CVE-2017-5717
 	NOT-FOR-US: Intel graphics driver
 CVE-2017-5716
 	REJECTED
-CVE-2017-5715 (Systems with microprocessors utilizing speculative execution and ...)
+CVE-2017-5715
 	{DSA-4213-1 DSA-4188-1 DSA-4187-1 DLA-1497-1 DLA-1422-1 DLA-1369-1}
 	- linux 4.15.11-1
 	- intel-microcode 3.20180425.1
@@ -36990,72 +36988,72 @@ CVE-2017-5714
 	RESERVED
 CVE-2017-5713
 	RESERVED
-CVE-2017-5712 (Buffer overflow in Active Management Technology (AMT) in Intel ...)
+CVE-2017-5712
 	NOT-FOR-US: Intel
-CVE-2017-5711 (Multiple buffer overflows in Active Management Technology (AMT) in ...)
+CVE-2017-5711
 	NOT-FOR-US: Intel
-CVE-2017-5710 (Multiple privilege escalations in kernel in Intel Trusted Execution ...)
+CVE-2017-5710
 	NOT-FOR-US: Intel
-CVE-2017-5709 (Multiple privilege escalations in kernel in Intel Server Platform ...)
+CVE-2017-5709
 	NOT-FOR-US: Intel
-CVE-2017-5708 (Multiple privilege escalations in kernel in Intel Manageability Engine ...)
+CVE-2017-5708
 	NOT-FOR-US: Intel
-CVE-2017-5707 (Multiple buffer overflows in kernel in Intel Trusted Execution Engine ...)
+CVE-2017-5707
 	NOT-FOR-US: Intel
-CVE-2017-5706 (Multiple buffer overflows in kernel in Intel Server Platform Services ...)
+CVE-2017-5706
 	NOT-FOR-US: Intel
-CVE-2017-5705 (Multiple buffer overflows in kernel in Intel Manageability Engine ...)
+CVE-2017-5705
 	NOT-FOR-US: Intel
-CVE-2017-5704 (Platform sample code firmware included with 4th Gen Intel Core ...)
+CVE-2017-5704
 	NOT-FOR-US: Intel
-CVE-2017-5703 (Configuration of SPI Flash in platforms based on multiple Intel ...)
+CVE-2017-5703
 	NOT-FOR-US: Intel
 CVE-2017-5702
 	RESERVED
-CVE-2017-5701 (Insecure platform configuration in system firmware for Intel ...)
+CVE-2017-5701
 	NOT-FOR-US: Intel
-CVE-2017-5700 (Insufficient protection of password storage in system firmware for ...)
+CVE-2017-5700
 	NOT-FOR-US: Intel
-CVE-2017-5699 (Input validation error in Intel MinnowBoard 3 Firmware versions prior ...)
+CVE-2017-5699
 	NOT-FOR-US: Intel MinnowBoard 3 Firmware
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/uefi-variable-deletioncorruption.html
-CVE-2017-5698 (Intel Active Management Technology, Intel Standard Manageability, and ...)
+CVE-2017-5698
 	NOT-FOR-US: Intel
-CVE-2017-5697 (Insufficient clickjacking protection in the Web User Interface of ...)
+CVE-2017-5697
 	NOT-FOR-US: Intel
-CVE-2017-5696 (Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, ...)
+CVE-2017-5696
 	NOT-FOR-US: Intel
-CVE-2017-5695 (Data corruption vulnerability in firmware in Intel Solid-State Drive ...)
+CVE-2017-5695
 	NOT-FOR-US: Intel
-CVE-2017-5694 (Data corruption vulnerability in firmware in Intel Solid-State Drive ...)
+CVE-2017-5694
 	NOT-FOR-US: Intel
-CVE-2017-5693 (Firmware in the Intel Puma 5, 6, and 7 Series might experience ...)
+CVE-2017-5693
 	NOT-FOR-US: Intel Puma
-CVE-2017-5692 (Out-of-bounds read condition in older versions of some Intel Graphics ...)
+CVE-2017-5692
 	NOT-FOR-US: Intel Graphics Driver for Windows
-CVE-2017-5691 (Incorrect check in Intel processors from 6th and 7th Generation Intel ...)
+CVE-2017-5691
 	NOT-FOR-US: Intel CPUs
 CVE-2017-5690
 	RESERVED
-CVE-2017-5689 (An unprivileged network attacker could gain system privileges to ...)
+CVE-2017-5689
 	NOT-FOR-US: Intel AMT
-CVE-2017-5688 (There is an escalation of privilege vulnerability in the Intel Solid ...)
+CVE-2017-5688
 	NOT-FOR-US: Intel Solid State Drive Toolbox
 CVE-2017-5687
 	RESERVED
-CVE-2017-5686 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors ...)
+CVE-2017-5686
 	NOT-FOR-US: BIOS in Intel NUC systems
-CVE-2017-5685 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors ...)
+CVE-2017-5685
 	NOT-FOR-US: BIOS in Intel NUC systems
-CVE-2017-5684 (The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core ...)
+CVE-2017-5684
 	NOT-FOR-US: BIOS in Intel NUC systems
-CVE-2017-5683 (Privilege escalation in IntelHAXM.sys driver in the Intel Hardware ...)
+CVE-2017-5683
 	NOT-FOR-US: Intel Hardware Accelerated Execution Manager
-CVE-2017-5682 (Intel PSET Application Install wrapper of Intel Parallel Studio XE, ...)
+CVE-2017-5682
 	NOT-FOR-US: Intel PSET
 CVE-2017-5680
 	RESERVED
-CVE-2017-5848 (The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in ...)
+CVE-2017-5848
 	{DSA-3818-1 DLA-830-1}
 	- gst-plugins-bad1.0 1.10.4-1 (low)
 	- gst-plugins-bad0.10 <unfixed> (low)
@@ -37063,7 +37061,7 @@ CVE-2017-5848 (The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777957
 	NOTE: Patch: https://bugzilla.gnome.org/show_bug.cgi?id=777957#c3
-CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in ...)
+CVE-2017-5847
 	{DSA-3821-1 DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.4-1 (low)
 	- gst-plugins-ugly0.10 <unfixed> (low)
@@ -37071,72 +37069,72 @@ CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777955
 	NOTE: https://github.com/GStreamer/gst-plugins-ugly/commit/d21017b52a585f145e8d62781bcc1c5fefc7ee37
-CVE-2017-5846 (The gst_asf_demux_process_ext_stream_props function in ...)
+CVE-2017-5846
 	{DSA-3821-1 DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.3-1 (low)
 	- gst-plugins-ugly0.10 <unfixed> (low)
 	[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
-CVE-2017-5845 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
+CVE-2017-5845
 	{DSA-3820-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777532
-CVE-2017-5844 (The gst_riff_create_audio_caps function in ...)
+CVE-2017-5844
 	{DSA-3819-1 DLA-827-1}
 	- gst-plugins-base1.0 1.10.3-1 (low)
 	- gst-plugins-base0.10 <unfixed> (low)
 	[jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777525
-CVE-2017-5843 (Multiple use-after-free vulnerabilities in the (1) ...)
+CVE-2017-5843
 	{DSA-3818-1 DLA-830-1}
 	- gst-plugins-bad1.0 1.10.3-1
 	- gst-plugins-bad0.10 <unfixed> (low)
 	[jessie] - gst-plugins-bad0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777503
-CVE-2017-5842 (The html_context_handle_element function in gst/subparse/samiparse.c ...)
+CVE-2017-5842
 	{DSA-3819-1}
 	- gst-plugins-base1.0 1.10.3-1
 	- gst-plugins-base0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777502
-CVE-2017-5841 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
+CVE-2017-5841
 	{DSA-3820-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777500
-CVE-2017-5840 (The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in ...)
+CVE-2017-5840
 	{DSA-3820-1 DLA-828-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <unfixed> (low)
 	[jessie] - gst-plugins-good0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777469
-CVE-2017-5839 (The gst_riff_create_audio_caps function in ...)
+CVE-2017-5839
 	{DSA-3819-1}
 	- gst-plugins-base1.0 1.10.3-1
 	- gst-plugins-base0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777265
-CVE-2017-5838 (The gst_date_time_new_from_iso8601_string function in ...)
+CVE-2017-5838
 	{DSA-3822-1}
 	- gstreamer1.0 1.10.3-1 (low)
 	- gstreamer0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777263
-CVE-2017-5837 (The gst_riff_create_audio_caps function in ...)
+CVE-2017-5837
 	{DSA-3819-1 DLA-827-1}
 	- gst-plugins-base1.0 1.10.3-1 (low)
 	- gst-plugins-base0.10 <unfixed> (low)
 	[jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777262
-CVE-2017-5851 (The free_options function in options_manager.c in mp3splt 2.6.2 allows ...)
+CVE-2017-5851
 	- mp3splt <unfixed> (unimportant)
 	NOTE: https://github.com/asarubbo/poc/blob/master/00127-mp3splt-nullptr-free_options
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/mp3splt-null-pointer-dereference-in-free_options-options_manager-c
@@ -37145,12 +37143,12 @@ CVE-2017-5679
 	RESERVED
 CVE-2017-5678
 	RESERVED
-CVE-2017-5677 (PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection ...)
+CVE-2017-5677
 	NOT-FOR-US: PEAR HTML_AJAX
 	NOTE: http://karmainsecurity.com/KIS-2017-01
 CVE-2017-5676
 	RESERVED
-CVE-2017-5857 (Memory leak in the virgl_cmd_resource_unref function in ...)
+CVE-2017-5857
 	- qemu 1:2.8+dfsg-3 (bug #853996; unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37158,7 +37156,7 @@ CVE-2017-5857 (Memory leak in the virgl_cmd_resource_unref function in ...)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg04615.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418382
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/21
-CVE-2017-5856 (Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c ...)
+CVE-2017-5856
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #853996)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37167,14 +37165,14 @@ CVE-2017-5856 (Memory leak in the megasas_handle_dcmd function in hw/scsi/megasa
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/19
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=765a707000e838c30b18d712fe6cb3dd8e0435f3
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418342
-CVE-2017-5855 (The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in ...)
+CVE-2017-5855
 	- libpodofo 0.9.4-6 (bug #854603)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1843
-CVE-2017-5854 (base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to ...)
+CVE-2017-5854
 	- libpodofo 0.9.5-9 (bug #854602)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -37184,7 +37182,7 @@ CVE-2017-5854 (base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1870
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1876
 	NOTE: duplicate CVE: CVE-2018-5308
-CVE-2017-5853 (Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote ...)
+CVE-2017-5853
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #854601)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -37192,7 +37190,7 @@ CVE-2017-5853 (Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows rem
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
 	NOTE: Proposed fix: https://sourceforge.net/p/podofo/mailman/message/35692197/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
-CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...)
+CVE-2017-5852
 	{DLA-929-1}
 	- libpodofo 0.9.5-7 (low; bug #854600)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
@@ -37203,48 +37201,48 @@ CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...)
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1838
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1841
 	NOTE: further patch for ABI compatibility: https://sourceforge.net/p/podofo/mailman/message/36084628/
-CVE-2017-5849 (tiffttopnm in netpbm 10.47.63 does not properly use the libtiff ...)
+CVE-2017-5849
 	- netpbm-free <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/02/2
 	NOTE: Debian uses an unaffected fork:
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2654#c8
-CVE-2017-5850 (httpd in OpenBSD allows remote attackers to cause a denial of service ...)
+CVE-2017-5850
 	NOT-FOR-US: OpenBSD httpd
-CVE-2017-5833 (Cross-site scripting (XSS) vulnerability in the invocation code ...)
+CVE-2017-5833
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5832 (Cross-site scripting (XSS) vulnerability in Revive Adserver before ...)
+CVE-2017-5832
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5831 (Session fixation vulnerability in the forgot password mechanism in ...)
+CVE-2017-5831
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5830 (Revive Adserver before 4.0.1 allows remote attackers to execute ...)
+CVE-2017-5830
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5675 (A command-injection vulnerability exists in a web application on a ...)
+CVE-2017-5675
 	NOT-FOR-US: GoAhead Web Server
-CVE-2017-5674 (A vulnerability in a custom-built GoAhead web server used on Foscam, ...)
+CVE-2017-5674
 	NOT-FOR-US: GoAhead Web Server
-CVE-2017-5673 (In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum ...)
+CVE-2017-5673
 	NOT-FOR-US: Joomla extension
-CVE-2017-5672 (Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the ...)
+CVE-2017-5672
 	NOT-FOR-US: Kony Enterprise Mobile Management
-CVE-2017-5671 (Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 ...)
+CVE-2017-5671
 	NOT-FOR-US: Honeywell
-CVE-2017-5670 (Riverbed RiOS through 9.6.0 deletes the secure vault with the rm ...)
+CVE-2017-5670
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-5669 (The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 ...)
+CVE-2017-5669
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=192931
-CVE-2017-5666 (The free_options function in options_manager.c in mp3splt 2.6.2 allows ...)
+CVE-2017-5666
 	- mp3splt <unfixed> (unimportant; bug #854278)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c
 	NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
 	NOTE: Negligable security impact
-CVE-2017-5665 (The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 ...)
+CVE-2017-5665
 	- mp3splt <unfixed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c
 	NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
 	NOTE: No security impact, crash in CLI tool
-CVE-2017-5664 (The error page mechanism of the Java Servlet Specification requires ...)
+CVE-2017-5664
 	{DSA-3892-1 DSA-3891-1 DLA-996-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.14-2 (bug #864447)
@@ -37260,64 +37258,64 @@ CVE-2017-5664 (The error page mechanism of the Java Servlet Specification requir
 	NOTE: Fixed by: http://svn.apache.org/r1793470 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1793471 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1793491 (7.0.x)
-CVE-2017-5663 (In Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and ...)
+CVE-2017-5663
 	NOT-FOR-US: Apache Fineract
-CVE-2017-5662 (In Apache Batik before 1.9, files lying on the filesystem of the ...)
+CVE-2017-5662
 	{DSA-4215-1 DLA-926-1}
 	- batik 1.9-1 (bug #860566)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/1
 	NOTE: Upstream bug: https://issues.apache.org/jira/browse/BATIK-1139
 	NOTE: Fixed by: http://svn.apache.org/r1743326
 	NOTE: Similar issue to CVE-2015-0250
-CVE-2017-5661 (In Apache FOP before 2.2, files lying on the filesystem of the server ...)
+CVE-2017-5661
 	{DSA-3864-1 DLA-927-1}
 	- fop 1:2.1-6 (bug #860567)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/2
 	NOTE: Upstream bug: https://issues.apache.org/jira/browse/FOP-2668
 	NOTE: Fixed by: http://svn.apache.org/r1769967
 	NOTE: Fixed by: http://svn.apache.org/r1769968 (fix for Java 6)
-CVE-2017-5660 (There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and ...)
+CVE-2017-5660
 	{DSA-4128-1}
 	- trafficserver 7.1.2+ds-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/apache/trafficserver/pull/1657
 	NOTE: https://issues.apache.org/jira/browse/TS-4930
-CVE-2017-5659 (Apache Traffic Server before 6.2.1 generates a coredump when there is ...)
+CVE-2017-5659
 	- trafficserver 7.0.0-1
 	[wheezy] - trafficserver <not-affected> (PoC doesn't crash the server, fix too hard to backport)
 	NOTE: https://issues.apache.org/jira/browse/TS-4507
 	NOTE: reproducer in https://issues.apache.org/jira/browse/TS-4819 (dupe of above)
 	NOTE: https://github.com/apache/trafficserver/pull/787/commits/85c021123fd94c4d97a6015484eb1d8054bec9eb
 	NOTE: evaluate related backport to 6.2: https://github.com/apache/trafficserver/pull/1153
-CVE-2017-5658 (The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to ...)
+CVE-2017-5658
 	NOT-FOR-US: Apache Pony Mail
-CVE-2017-5657 (Several REST service endpoints of Apache Archiva are not protected ...)
+CVE-2017-5657
 	NOT-FOR-US: Apache Archiva
-CVE-2017-5656 (Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of ...)
+CVE-2017-5656
 	NOT-FOR-US: Apache CXF
-CVE-2017-5655 (In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be ...)
+CVE-2017-5655
 	NOT-FOR-US: Apache Ambari
-CVE-2017-5654 (In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of ...)
+CVE-2017-5654
 	NOT-FOR-US: Apache Ambari
-CVE-2017-5653 (JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and ...)
+CVE-2017-5653
 	NOT-FOR-US: Apache CXF
-CVE-2017-5652 (During a routine security analysis, it was found that one of the ports ...)
+CVE-2017-5652
 	NOT-FOR-US: Impala
-CVE-2017-5651 (In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the ...)
+CVE-2017-5651
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860071)
 	[jessie] - tomcat8 <not-affected> (Only affects 8.5 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/10/21
 	NOTE: Fixed by: http://svn.apache.org/r1788546 (8.5.x)
-CVE-2017-5650 (In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the ...)
+CVE-2017-5650
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860070)
 	[jessie] - tomcat8 <not-affected> (Only affects 8.5 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/10/22
 	NOTE: Fixed by: http://svn.apache.org/r1788480 (8.5.x)
-CVE-2017-5649 (Apache Geode before 1.1.1, when a cluster has enabled security by ...)
+CVE-2017-5649
 	NOT-FOR-US: Apache Geode
-CVE-2017-5648 (While investigating bug 60718, it was noticed that some calls to ...)
+CVE-2017-5648
 	{DSA-3843-1 DSA-3842-1 DLA-924-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860069)
@@ -37328,7 +37326,7 @@ CVE-2017-5648 (While investigating bug 60718, it was noticed that some calls to
 	NOTE: Fixed by: http://svn.apache.org/r1785775 (8.5.x)
 	NOTE: Fixed by: http://svn.apache.org/r1785776 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1785777 (7.0.x)
-CVE-2017-5647 (A bug in the handling of the pipelined requests in Apache Tomcat ...)
+CVE-2017-5647
 	{DSA-3843-1 DSA-3842-1 DLA-924-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860068)
@@ -37343,93 +37341,93 @@ CVE-2017-5647 (A bug in the handling of the pipelined requests in Apache Tomcat
 	NOTE: Fixed by: http://svn.apache.org/r1789024 (6.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1789155 (6.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1789856 (6.0.x)
-CVE-2017-5646 (For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated ...)
+CVE-2017-5646
 	NOT-FOR-US: Apache Knox
-CVE-2017-5645 (In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or ...)
+CVE-2017-5645
 	- apache-log4j2 2.7-2 (bug #860489)
 	[jessie] - apache-log4j2 <ignored> (Minor issue, no consumers of liblog4j2-java in Jessie)
 	NOTE: https://issues.apache.org/jira/browse/LOG4J2-1863
 	NOTE: Fixed by: https://git-wip-us.apache.org/repos/asf?p=logging-log4j2.git;h=5dcc19215827db29c993d0305ee2b0d8dd05939d
-CVE-2017-5644 (Apache POI in versions prior to release 3.15 allows remote attackers ...)
+CVE-2017-5644
 	- libapache-poi-java 3.17-1 (bug #858301)
 	[stretch] - libapache-poi-java <no-dsa> (Minor issue)
 	[jessie] - libapache-poi-java <no-dsa> (Minor issue)
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/20/9
-CVE-2017-5643 (Apache Camel's Validation Component is vulnerable against SSRF via ...)
+CVE-2017-5643
 	NOT-FOR-US: Apache Camel
-CVE-2017-5642 (During installation of Ambari 2.4.0 through 2.4.2, Ambari Server ...)
+CVE-2017-5642
 	NOT-FOR-US: Apache Ambari
-CVE-2017-5641 (Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not ...)
+CVE-2017-5641
 	NOT-FOR-US: Apache Flex BlazeDS
-CVE-2017-5640 (It was noticed that a malicious process impersonating an Impala daemon ...)
+CVE-2017-5640
 	NOT-FOR-US: Impala
 CVE-2017-5639
 	REJECTED
-CVE-2017-5638 (The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 ...)
+CVE-2017-5638
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.3.5 - Struts 2.3.31, Struts 2.5 - Struts 2.5.10)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-045
-CVE-2017-5637 (Two four letter word commands &quot;wchp/wchc&quot; are CPU intensive and could ...)
+CVE-2017-5637
 	{DSA-3871-1 DLA-986-1}
 	- zookeeper 3.4.9-3 (bug #863811)
 	NOTE: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
-CVE-2017-5636 (In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster ...)
+CVE-2017-5636
 	NOT-FOR-US: Apache NiFi
-CVE-2017-5635 (In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster ...)
+CVE-2017-5635
 	NOT-FOR-US: Apache NiFi
-CVE-2017-5634 (The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows ...)
+CVE-2017-5634
 	NOT-FOR-US: Norwegian
-CVE-2017-5633 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+CVE-2017-5633
 	NOT-FOR-US: D-Link
-CVE-2017-5632 (An issue was discovered on the ASUS RT-N56U Wireless Router with ...)
+CVE-2017-5632
 	NOT-FOR-US: Asus router
-CVE-2017-5631 (An issue was discovered in KMCIS CaseAware. Reflected cross site ...)
+CVE-2017-5631
 	NOT-FOR-US: KMCIS CaseAware
-CVE-2017-5630 (PECL in the download utility class in the Installer in PEAR Base System ...)
+CVE-2017-5630
 	- php5 <unfixed> (unimportant)
 	- php-pear <unfixed> (unimportant)
 	NOTE: https://pear.php.net/bugs/bug.php?id=21171
 	NOTE: pear performs no kind of authentication/integrity checks for downloads, so an attacker can MITM freely anyway
 CVE-2017-5629
 	RESERVED
-CVE-2017-5626 (OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden ...)
+CVE-2017-5626
 	NOT-FOR-US: OxygenOS
-CVE-2017-5625 (In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized ...)
+CVE-2017-5625
 	NOT-FOR-US: OxygenOS
-CVE-2017-5624 (An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. ...)
+CVE-2017-5624
 	NOT-FOR-US: OxygenOS
-CVE-2017-5623 (An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T ...)
+CVE-2017-5623
 	NOT-FOR-US: OxygenOS
-CVE-2017-5622 (With OxygenOS before 4.0.3, when a charger is connected to a ...)
+CVE-2017-5622
 	NOT-FOR-US: OxygenOS
-CVE-2017-5621 (An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and ...)
+CVE-2017-5621
 	- zammad <itp> (bug #841355)
-CVE-2017-5620 (An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, ...)
+CVE-2017-5620
 	- zammad <itp> (bug #841355)
-CVE-2017-5619 (An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and ...)
+CVE-2017-5619
 	- zammad <itp> (bug #841355)
-CVE-2017-5609 (SQL injection vulnerability in include/functions_entries.inc.php in ...)
+CVE-2017-5609
 	- serendipity <removed>
-CVE-2017-5607 (Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x ...)
+CVE-2017-5607
 	NOT-FOR-US: Splunk
-CVE-2017-5606 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5606
 	NOT-FOR-US: Xabber
-CVE-2017-5605 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5605
 	NOT-FOR-US: Movim
-CVE-2017-5604 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5604
 	- mcabber 1.0.4-1.1 (bug #854738)
 	[jessie] - mcabber <not-affected> (XEP-0280: Message Carbons not implemented)
 	[wheezy] - mcabber <not-affected> (XEP-0280: Message Carbons not implemented)
-CVE-2017-5603 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5603
 	- jitsi <removed> (bug #854737)
-CVE-2017-5602 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5602
 	- jappix <itp> (bug #619347)
-CVE-2017-5601 (An error in the lha_read_file_header_1() function ...)
+CVE-2017-5601
 	{DLA-1600-1 DLA-810-1}
 	- libarchive 3.2.1-6 (bug #853278)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9
 	NOTE: https://secunia.com/secunia_research/2017-3/
-CVE-2017-5667 (The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...)
+CVE-2017-5667
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #853996)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37438,7 +37436,7 @@ CVE-2017-5667 (The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06191.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417559
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/2
-CVE-2017-5668 (bitlbee-libpurple before 3.5.1 allows remote attackers to cause a ...)
+CVE-2017-5668
 	- bitlbee 3.5.1-1 (bug #853282)
 	[jessie] - bitlbee <not-affected> (Incomplete fix for CVE-2016-10189 not applied)
 	[wheezy] - bitlbee <not-affected> (Incomplete fix for CVE-2016-10189 not applied)
@@ -37446,7 +37444,7 @@ CVE-2017-5668 (bitlbee-libpurple before 3.5.1 allows remote attackers to cause a
 	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 (3.5.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4
 	NOTE: This CVE exists because of an incomplete fix for CVE-2016-10189
-CVE-2017-5940 (Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not ...)
+CVE-2017-5940
 	- firejail 0.9.44.6-1
 	NOTE: Changelog mentions the new fix for CVE-2017-5180 in RELNOTES for 0.9.44.6
 	NOTE: an needs series of commits after 0.9.44.4
@@ -37454,96 +37452,96 @@ CVE-2017-5940 (Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS do
 	NOTE: https://github.com/netblue30/firejail/commit/38d418505e9ee2d326557e5639e8da49c298858f (0.9.44.6)
 	NOTE: https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 (0.9.44.6)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/4
-CVE-2017-5899 (Directory traversal vulnerability in the setuid root helper binary in ...)
+CVE-2017-5899
 	- s-nail 14.8.16-1 (bug #852934)
 	NOTE: https://www.mail-archive.com/s-nail-users@lists.sourceforge.net/msg00551.html
 	NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f797c27efecad45af191c518b7f87fda32ada160
 	NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f2699449b66dd702a98925bd1b11153a6f7294bf
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/7
-CVE-2017-5628 (An issue was discovered in Artifex Software, Inc. MuJS before ...)
+CVE-2017-5628
 	NOT-FOR-US: MuJS
-CVE-2017-5627 (An issue was discovered in Artifex Software, Inc. MuJS before ...)
+CVE-2017-5627
 	NOT-FOR-US: MuJS
-CVE-2017-5617 (The SVG Salamander (aka svgSalamander) library, when used in a web ...)
+CVE-2017-5617
 	{DSA-3781-1 DLA-816-1}
 	- svgsalamander 1.1.1+dfsg-2 (bug #853134)
 	NOTE: https://github.com/blackears/svgSalamander/issues/11
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/3
-CVE-2017-5608 (Cross-site scripting (XSS) vulnerability in the image upload function ...)
+CVE-2017-5608
 	- piwigo <removed>
-CVE-2017-5600 (The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 ...)
+CVE-2017-5600
 	NOT-FOR-US: NetApp OnCommand Insight
-CVE-2017-5599 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
+CVE-2017-5599
 	NOT-FOR-US: eClinicalWorks
-CVE-2017-5598 (An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This ...)
+CVE-2017-5598
 	NOT-FOR-US: eClinicalWorks
-CVE-2017-5612 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-5612
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.2+dfsg-1 (bug #852767)
 	NOTE: https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
-CVE-2017-5611 (SQL injection vulnerability in wp-includes/class-wp-query.php in ...)
+CVE-2017-5611
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.2+dfsg-1 (bug #852767)
 	NOTE: https://github.com/WordPress/WordPress/commit/85384297a60900004e27e417eac56d24267054cb
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
-CVE-2017-5610 (wp-admin/includes/class-wp-press-this.php in Press This in WordPress ...)
+CVE-2017-5610
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.2+dfsg-1 (bug #852767)
 	NOTE: https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
-CVE-2017-5595 (A file disclosure and inclusion vulnerability exists in ...)
+CVE-2017-5595
 	{DLA-1145-1}
 	- zoneminder 1.30.4+dfsg-1 (bug #854733)
 	NOTE: Check https://github.com/ZoneMinder/ZoneMinder/commit/8b19fca9927cdec07cc9dd09bdcf2496a5ae69b3
-CVE-2017-5594 (An issue was discovered in Pagekit CMS before 1.0.11. In this ...)
+CVE-2017-5594
 	NOT-FOR-US: Pagekit CMS
-CVE-2017-5593 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5593
 	- psi-plus <not-affected> (vulnerable code not present, XEP-0280 not implemented)
-CVE-2017-5592 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5592
 	- profanity 0.5.1-1 (bug #854735)
 	[jessie] - profanity <not-affected> (Vulnerable code not present)
-CVE-2017-5591 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5591
 	- sleekxmpp 1.3.1-6 (bug #854739)
 	[jessie] - sleekxmpp <not-affected> (vulnerable code not present, XEP-0280 not implemented)
 	[wheezy] - sleekxmpp <not-affected> (vulnerable code not present, XEP-0280 not implemented)
 	- slixmpp 1.2.2-1.1 (bug #854740)
-CVE-2017-5590 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5590
 	NOT-FOR-US: ChatSecure / Zom
-CVE-2017-5589 (An incorrect implementation of &quot;XEP-0280: Message Carbons&quot; in multiple ...)
+CVE-2017-5589
 	NOT-FOR-US: yaxim / Bruno
 CVE-2017-5588
 	RESERVED
 CVE-2017-5587
 	RESERVED
-CVE-2017-5586 (OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote ...)
+CVE-2017-5586
 	NOT-FOR-US: OpenText Documentum D2
-CVE-2017-5585 (OpenText Documentum Content Server (formerly EMC Documentum Content ...)
+CVE-2017-5585
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-5584 (Cross-site scripting (XSS) vulnerability in the Management Web ...)
+CVE-2017-5584
 	NOT-FOR-US: Palo Alto Networks
-CVE-2017-5583 (The Management Web Interface in Palo Alto Networks PAN-OS before ...)
+CVE-2017-5583
 	NOT-FOR-US: Palo Alto Networks
 CVE-2017-5582
 	RESERVED
-CVE-2017-6852 (Heap-based buffer overflow in the jpc_dec_decodepkt function in ...)
+CVE-2017-6852
 	- jasper <removed>
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/114
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/10
 	NOTE: The POC only triggers an assertion failure but an overflow cannot be observed.
-CVE-2017-6850 (The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 ...)
+CVE-2017-6850
 	- jasper <removed> (unimportant)
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/112
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/8
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-6851 (The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows ...)
+CVE-2017-6851
 	- jasper <removed> (unimportant)
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/113
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/9
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5618 (GNU screen before 4.5.1 allows local users to modify arbitrary files ...)
+CVE-2017-5618
 	- screen 4.5.0-3 (bug #852484)
 	[stretch] - screen <not-affected> (Vulnerable code not present/never migrated to stretch)
 	[jessie] - screen <not-affected> (Vulnerable code not present)
@@ -37553,26 +37551,26 @@ CVE-2017-5618 (GNU screen before 4.5.1 allows local users to modify arbitrary fi
 	NOTE: Introduced in (screen-v4): http://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v4&id=5460f5d28c01a9a58e021eb1dffef2965e629d58
 	NOTE: Introduced in (master): http://git.savannah.gnu.org/cgit/screen.git/commit/?id=c575c40c9bd7653470639da32e06faed0a9b2ec4
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/24/10
-CVE-2017-5597 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector ...)
+CVE-2017-5597
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.4+gcc3dc1b-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-02.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13345
-CVE-2017-5596 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector ...)
+CVE-2017-5596
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.4+gcc3dc1b-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-01.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344
-CVE-2017-5581 (Buffer overflow in the ModifiablePixelBuffer::fillRect function in ...)
+CVE-2017-5581
 	- tigervnc 1.7.0+dfsg-3 (bug #852213)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/399
 	NOTE: https://github.com/TigerVNC/tigervnc/commit/18c020124ff1b2441f714da2017f63dba50720ba
-CVE-2017-5580 (The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c ...)
+CVE-2017-5580
 	- virglrenderer 0.6.0-1 (bug #852604)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415986
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=28894a30a17a84529be102b21118e55d6c9f23fa (0.6.0)
 	NOTE: https://lists.freedesktop.org/archives/virglrenderer-devel/2017-January/000105.html
-CVE-2017-5579 (Memory leak in the serial_exit_core function in hw/char/serial.c in ...)
+CVE-2017-5579
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #853002)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -37580,7 +37578,7 @@ CVE-2017-5579 (Memory leak in the serial_exit_core function in hw/char/serial.c
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1416157
-CVE-2017-5578 (Memory leak in the virtio_gpu_resource_attach_backing function in ...)
+CVE-2017-5578
 	- qemu 1:2.10.0-1 (unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -37590,43 +37588,43 @@ CVE-2017-5578 (Memory leak in the virtio_gpu_resource_attach_backing function in
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415795
 	NOTE: Marked as unimportant, since 1:2.8+dfsg-2 upload reverts
 	NOTE: enable virtio gpu (virglrenderer) and opengl support
-CVE-2017-5577 (The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the ...)
+CVE-2017-5577
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/6b8ac63847bc2f958dd93c09edc941a0118992d9
 	NOTE: Introduced by: https://git.kernel.org/linus/d5b1a78a772f1e31a94f8babfa964152ec5e9aa5 (4.5-rc1)
-CVE-2017-5576 (Integer overflow in the vc4_get_bcl function in ...)
+CVE-2017-5576
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/0f2ff82e11c86c05d051cae32b58226392d33bbf
 	NOTE: Introduced by: https://git.kernel.org/linus/d5b1a78a772f1e31a94f8babfa964152ec5e9aa5 (4.5-rc1)
-CVE-2017-5575 (SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS ...)
+CVE-2017-5575
 	NOT-FOR-US: GenixCMS
-CVE-2017-5574 (SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 ...)
+CVE-2017-5574
 	NOT-FOR-US: GenixCMS
-CVE-2017-5573 (An issue was discovered in Linux Foundation xapi in Citrix XenServer ...)
+CVE-2017-5573
 	NOT-FOR-US: Citrix
-CVE-2017-5572 (An issue was discovered in Linux Foundation xapi in Citrix XenServer ...)
+CVE-2017-5572
 	NOT-FOR-US: Citrix
-CVE-2017-5571 (Open redirect vulnerability in the lmadmin component in Flexera ...)
+CVE-2017-5571
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2017-5570 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
+CVE-2017-5570
 	NOT-FOR-US: eClinicalWorks
-CVE-2017-5569 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
+CVE-2017-5569
 	NOT-FOR-US: eClinicalWorks
 CVE-2017-5568
 	RESERVED
-CVE-2017-5567 (Code injection vulnerability in Avast Premier 12.3 (and earlier), ...)
+CVE-2017-5567
 	NOT-FOR-US: Avast
-CVE-2017-5566 (Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG ...)
+CVE-2017-5566
 	NOT-FOR-US: AVG
-CVE-2017-5565 (Code injection vulnerability in Trend Micro Maximum Security 11.0 (and ...)
+CVE-2017-5565
 	NOT-FOR-US: Trend Micro
 CVE-2017-5564
 	RESERVED
-CVE-2017-5563 (LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in ...)
+CVE-2017-5563
 	- tiff <unfixed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2664
 	NOTE: bmp2tiff utility removed in 4.0.6-3 and 4.0.3-12.3+deb8u2
@@ -37642,81 +37640,81 @@ CVE-2017-5558
 	RESERVED
 CVE-2017-5557
 	RESERVED
-CVE-2017-5556 (The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF ...)
+CVE-2017-5556
 	NOT-FOR-US: Foxit Reader
 CVE-2017-5555
 	RESERVED
-CVE-2017-5554 (An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before ...)
+CVE-2017-5554
 	NOT-FOR-US: OnePlus 3 / 3T OxygenOS
-CVE-2017-5553 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-5553
 	- b2evolution <removed>
-CVE-2017-5545 (The main function in plistutil.c in libimobiledevice libplist through ...)
+CVE-2017-5545
 	{DLA-811-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (low; bug #852385)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/87
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/7391a506352c009fe044dead7baad9e22dd279ee
-CVE-2017-5544 (An issue was discovered on FiberHome Fengine S5800 switches V210R240. ...)
+CVE-2017-5544
 	NOT-FOR-US: FiberHome switches
-CVE-2017-5543 (includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote ...)
+CVE-2017-5543
 	NOT-FOR-US: Subrion CMS
-CVE-2017-5542 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2017-5542
 	NOT-FOR-US: Symphony CMS
-CVE-2017-5541 (Directory traversal vulnerability in ...)
+CVE-2017-5541
 	NOT-FOR-US: Symphony CMS
 CVE-2017-5540
 	RESERVED
-CVE-2017-5539 (The patch for directory traversal (CVE-2017-5480) in b2evolution ...)
+CVE-2017-5539
 	- b2evolution <removed>
-CVE-2017-5536 (The GridServer Broker, and GridServer Director components of TIBCO ...)
+CVE-2017-5536
 	NOT-FOR-US: TIBCO GridServer
-CVE-2017-5535 (The GridServer Broker, GridServer Driver, and GridServer Engine ...)
+CVE-2017-5535
 	NOT-FOR-US: TIBCO GridServer
-CVE-2017-5534 (The tibbr user profiles components of tibbr Community, and tibbr ...)
+CVE-2017-5534
 	NOT-FOR-US: tibbr
-CVE-2017-5533 (A vulnerability in the server content cache of TIBCO JasperReports ...)
+CVE-2017-5533
 	- jasperreports <undetermined> (bug #884131)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: http://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-server-2017
-CVE-2017-5532 (A vulnerability in the report renderer component of TIBCO ...)
+CVE-2017-5532
 	- jasperreports <undetermined> (bug #884131)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-2017-5532
-CVE-2017-5531 (Deployments of TIBCO Managed File Transfer Command Center versions ...)
+CVE-2017-5531
 	NOT-FOR-US: TIBCO
-CVE-2017-5530 (The tibbr web server components of tibbr Community, and tibbr ...)
+CVE-2017-5530
 	NOT-FOR-US: tibbr
-CVE-2017-5529 (JasperReports library components contain an information disclosure ...)
+CVE-2017-5529
 	- jasperreports <undetermined> (bug #880467)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017-0
-CVE-2017-5528 (Multiple JasperReports Server components contain vulnerabilities ...)
+CVE-2017-5528
 	- jasperreports <undetermined> (bug #880467)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017
-CVE-2017-5527 (TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x ...)
+CVE-2017-5527
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2017-5616 (Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho ...)
+CVE-2017-5616
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5615 (cgiemail and cgiecho allow remote attackers to inject HTTP headers via ...)
+CVE-2017-5615
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5614 (Open redirect vulnerability in cgiemail and cgiecho allows remote ...)
+CVE-2017-5614
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5613 (Format string vulnerability in cgiemail and cgiecho allows remote ...)
+CVE-2017-5613
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5552 (Memory leak in the virgl_resource_attach_backing function in ...)
+CVE-2017-5552
 	- qemu 1:2.10.0-1 (bug #852119; unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37727,45 +37725,45 @@ CVE-2017-5552 (Memory leak in the virgl_resource_attach_backing function in ...)
 	NOTE: Marked as unimportant, since 1:2.8+dfsg-2 reverted the support for
 	NOTE: virtio gpu (virglrenderer) and opengl, but the affected code is
 	NOTE: still present.
-CVE-2017-5551 (The simple_set_acl function in fs/posix_acl.c in the Linux kernel ...)
+CVE-2017-5551
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux 3.2.84-1
 	NOTE: Backported fix for CVE-2016-7097 already covered this CVE for wheezy
 	NOTE: Fixed by: https://git.kernel.org/linus/497de07d89c1410d76a15bec2bb41f24a2a89f31 (4.10-rc4)
-CVE-2017-5550 (Off-by-one error in the pipe_advance function in lib/iov_iter.c in the ...)
+CVE-2017-5550
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Introduced in 4.9)
 	[wheezy] - linux <not-affected> (Introduced in 4.9)
 	NOTE: Fixed by: https://git.kernel.org/linus/b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb (4.10-rc4)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/241699cd72a8489c9446ae3910ddd243e9b9061b (4.9-rc1)
-CVE-2017-5549 (The klsi_105_get_line_state function in ...)
+CVE-2017-5549
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/146cc8a17a3b4996f6805ee5c080e7101277c410 (4.10-rc4)
-CVE-2017-5548 (drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 ...)
+CVE-2017-5548
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/05a974efa4bdf6e2a150e3f27dc6fcf0a9ad5655
-CVE-2017-5547 (drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 ...)
+CVE-2017-5547
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in v4.4-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v4.4-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/6d104af38b570d37aa32a5803b04c354f8ed513d
-CVE-2017-5546 (The freelist-randomization feature in mm/slab.c in the Linux kernel ...)
+CVE-2017-5546
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (freelist randomisation introduced in 4.7)
 	[wheezy] - linux <not-affected> (freelist randomisation introduced in 4.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/c4e490cf148e85ead0d1b1c2caaba833f1d5b29f (v4.10-rc4)
-CVE-2017-5538 (The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c ...)
+CVE-2017-5538
 	NOT-FOR-US: Samsung Exynos
-CVE-2017-5524 (Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers ...)
+CVE-2017-5524
 	NOT-FOR-US: Plone
-CVE-2017-5537 (The password reset form in Weblate before 2.10.1 provides different ...)
+CVE-2017-5537
 	- weblate <itp> (bug #745661)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/18/11
-CVE-2017-5526 (Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows ...)
+CVE-2017-5526
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-2 (bug #851910)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -37775,7 +37773,7 @@ CVE-2017-5526 (Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) all
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1414209
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
 	NOTE: Sound device hotplug not supported by libvirt
-CVE-2017-5525 (Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows ...)
+CVE-2017-5525
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-2 (bug #852021)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -37786,30 +37784,30 @@ CVE-2017-5525 (Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allow
 	NOTE: Sound device hotplug not supported by libvirt
 CVE-2017-5523
 	RESERVED
-CVE-2017-5522 (Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before ...)
+CVE-2017-5522
 	{DSA-3766-1 DLA-790-1}
 	- mapserver 7.0.4-1
 	NOTE: https://lists.osgeo.org/pipermail/mapserver-dev/2017-January/015007.html
 	NOTE: https://github.com/mapserver/mapserver/commit/e52a436c0e1c5e9f7ef13428dba83194a800f4df
-CVE-2017-2578 (In Moodle 3.x, there is XSS in the assignment submission page. ...)
+CVE-2017-2578
 	- moodle 2.7.18+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=345915
-CVE-2017-2576 (In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in ...)
+CVE-2017-2576
 	- moodle 2.7.18+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=345912
-CVE-2017-5521 (An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, ...)
+CVE-2017-5521
 	NOT-FOR-US: NETGEAR
-CVE-2017-5520 (The media rename feature in GeniXCMS through 0.0.8 does not consider ...)
+CVE-2017-5520
 	NOT-FOR-US: GenixCMS
-CVE-2017-5519 (SQL injection vulnerability in Posts.class.php in GeniXCMS through ...)
+CVE-2017-5519
 	NOT-FOR-US: GenixCMS
-CVE-2017-5518 (The media-file upload feature in GeniXCMS through 0.0.8 allows remote ...)
+CVE-2017-5518
 	NOT-FOR-US: GenixCMS
-CVE-2017-5517 (SQL injection vulnerability in author.control.php in GeniXCMS through ...)
+CVE-2017-5517
 	NOT-FOR-US: GenixCMS
-CVE-2017-5516 (Multiple cross-site scripting (XSS) vulnerabilities in the user forms ...)
+CVE-2017-5516
 	NOT-FOR-US: GenixCMS
-CVE-2017-5515 (Cross-site scripting (XSS) vulnerability in the user prompt function in ...)
+CVE-2017-5515
 	NOT-FOR-US: GenixCMS
 CVE-2017-5514
 	RESERVED
@@ -37819,9 +37817,9 @@ CVE-2017-5512
 	RESERVED
 CVE-2017-5497
 	RESERVED
-CVE-2017-5496 (Sawmill Enterprise 8.7.9 allows remote attackers to gain login access ...)
+CVE-2017-5496
 	NOT-FOR-US: Sawmill Enterprise
-CVE-2017-5495 (All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an ...)
+CVE-2017-5495
 	- quagga 1.1.1-1 (bug #852454)
 	[jessie] - quagga <no-dsa> (Minor issue)
 	[wheezy] - quagga <no-dsa> (Minor issue)
@@ -37829,26 +37827,26 @@ CVE-2017-5495 (All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an
 	NOTE: http://mirror.easyname.at/nongnu//quagga/quagga-1.1.1.changelog.txt
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=b7ceefea77a246fe5c1dcd1b91bf6079d1b97c02
 	NOTE: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7d66284a5817a1613b1e4d64a0775ec04fdf8c01
-CVE-2017-5494 (Multiple cross-site scripting (XSS) vulnerabilities in the file types ...)
+CVE-2017-5494
 	- b2evolution <removed>
-CVE-2017-5486 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5486
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5485 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5485
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5484 (The ATM parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5484
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5483 (The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5483
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5482 (The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5482
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5481 (Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 ...)
+CVE-2017-5481
 	NOT-FOR-US: Trend Micro
-CVE-2017-5480 (Directory traversal vulnerability in inc/files/files.ctrl.php in ...)
+CVE-2017-5480
 	- b2evolution <removed>
 CVE-2017-5479
 	RESERVED
@@ -37856,18 +37854,18 @@ CVE-2017-5478
 	RESERVED
 CVE-2017-5477
 	RESERVED
-CVE-2017-5476 (Serendipity through 2.0.5 allows CSRF for the installation of an event ...)
+CVE-2017-5476
 	- serendipity <removed>
-CVE-2017-5475 (comment.php in Serendipity through 2.0.5 allows CSRF in deleting any ...)
+CVE-2017-5475
 	- serendipity <removed>
-CVE-2017-5474 (Open redirect vulnerability in comment.php in Serendipity through 2.0.5 ...)
+CVE-2017-5474
 	- serendipity <removed>
-CVE-2017-5473 (Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 ...)
+CVE-2017-5473
 	- ntopng 2.4+dfsg1-3 (bug #852109)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntop/ntopng/commit/1b2ceac8f578a246af6351c4f476e3102cdf21b3
 	NOTE: https://github.com/ntop/ntopng/commit/f91fbe3d94c8346884271838ae3406ae633f6f15
-CVE-2017-5472 (A use-after-free vulnerability with the frameloader during tree ...)
+CVE-2017-5472
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -37875,10 +37873,10 @@ CVE-2017-5472 (A use-after-free vulnerability with the frameloader during tree .
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5472
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-5472
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-5472
-CVE-2017-5471 (Memory safety bugs were reported in Firefox 53. Some of these bugs ...)
+CVE-2017-5471
 	- firefox 54.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5471
-CVE-2017-5470 (Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. ...)
+CVE-2017-5470
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -37886,27 +37884,27 @@ CVE-2017-5470 (Memory safety bugs were reported in Firefox 53 and Firefox ESR 52
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5470
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-5470
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-5470
-CVE-2017-5469 (Fixed potential buffer overflows in generated Firefox code due to ...)
+CVE-2017-5469
 	{DSA-3831-1 DLA-906-1}
 	- firefox-esr 45.9.0esr-1
 	- firefox 52.0.1-1
-CVE-2017-5468 (An issue with incorrect ownership model of &quot;privateBrowsing&quot; ...)
+CVE-2017-5468
 	- firefox 52.0.1-1
-CVE-2017-5467 (A potential memory corruption and crash when using Skia content when ...)
+CVE-2017-5467
 	- firefox 52.0.1-1
-CVE-2017-5466 (If a page is loaded from an original site through a hyperlink and ...)
+CVE-2017-5466
 	- firefox 52.0.1-1
-CVE-2017-5465 (An out-of-bounds read while processing SVG content in &quot;ConvolvePixel&quot;. ...)
+CVE-2017-5465
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5464 (During DOM manipulations of the accessibility tree through script, the ...)
+CVE-2017-5464
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5463 (Android intents can be used to launch Firefox for Android in reader ...)
+CVE-2017-5463
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2017-5462 (A flaw in DRBG number generation within the Network Security Services ...)
+CVE-2017-5462
 	{DSA-3872-1 DSA-3831-1 DLA-946-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
@@ -37914,7 +37912,7 @@ CVE-2017-5462 (A flaw in DRBG number generation within the Network Security Serv
 	- nss 2:3.26.2-1.1 (bug #862958)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5462
 	NOTE: https://hg.mozilla.org/projects/nss/rev/7248d38b76e5
-CVE-2017-5461 (Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through ...)
+CVE-2017-5461
 	{DSA-3872-1 DSA-3831-1 DLA-946-1 DLA-906-1}
 	- firefox 52.0.1-1
 	[experimental] - nss 2:3.30.1-1
@@ -37922,163 +37920,163 @@ CVE-2017-5461 (Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x thr
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1344380
 	NOTE: https://hg.mozilla.org/projects/nss/rev/77a5bb81dbaa
-CVE-2017-5460 (A use-after-free vulnerability in frame selection triggered by a ...)
+CVE-2017-5460
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5459 (A buffer overflow in WebGL triggerable by web content, resulting in a ...)
+CVE-2017-5459
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5458 (When a &quot;javascript:&quot; URL is drag and dropped by a user into the ...)
+CVE-2017-5458
 	- firefox 52.0.1-1
 CVE-2017-5457
 	RESERVED
-CVE-2017-5456 (A mechanism to bypass file system access protections in the sandbox ...)
+CVE-2017-5456
 	- firefox 52.0.1-1
-CVE-2017-5455 (The internal feed reader APIs that crossed the sandbox barrier allowed ...)
+CVE-2017-5455
 	- firefox 52.0.1-1
-CVE-2017-5454 (A mechanism to bypass file system access protections in the sandbox to ...)
+CVE-2017-5454
 	- firefox 52.0.1-1
-CVE-2017-5453 (A mechanism to inject static HTML into the RSS reader preview page due ...)
+CVE-2017-5453
 	- firefox 52.0.1-1
-CVE-2017-5452 (Malicious sites can display a spoofed addressbar on a page when the ...)
+CVE-2017-5452
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2017-5451 (A mechanism to spoof the addressbar through the user interaction on ...)
+CVE-2017-5451
 	- firefox 52.0.1-1
-CVE-2017-5450 (A mechanism to spoof the Firefox for Android addressbar using a ...)
+CVE-2017-5450
 	- firefox 52.0.1-1
-CVE-2017-5449 (A possibly exploitable crash triggered during layout and manipulation ...)
+CVE-2017-5449
 	- firefox 52.0.1-1
-CVE-2017-5448 (An out-of-bounds write in &quot;ClearKeyDecryptor&quot; while decrypting some ...)
+CVE-2017-5448
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5447 (An out-of-bounds read during the processing of glyph widths during ...)
+CVE-2017-5447
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5446 (An out-of-bounds read when an HTTP/2 connection to a servers sends ...)
+CVE-2017-5446
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5445 (A vulnerability while parsing &quot;application/http-index-format&quot; format ...)
+CVE-2017-5445
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5444 (A buffer overflow vulnerability while parsing ...)
+CVE-2017-5444
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5443 (An out-of-bounds write vulnerability while decoding improperly formed ...)
+CVE-2017-5443
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5442 (A use-after-free vulnerability during changes in style when ...)
+CVE-2017-5442
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5441 (A use-after-free vulnerability when holding a selection during scroll ...)
+CVE-2017-5441
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5440 (A use-after-free vulnerability during XSLT processing due to a failure ...)
+CVE-2017-5440
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5439 (A use-after-free vulnerability during XSLT processing due to poor ...)
+CVE-2017-5439
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5438 (A use-after-free vulnerability during XSLT processing due to the ...)
+CVE-2017-5438
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
 CVE-2017-5437
 	REJECTED
-CVE-2017-5436 (An out-of-bounds write in the Graphite 2 library triggered with a ...)
+CVE-2017-5436
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5435 (A use-after-free vulnerability occurs during transaction processing in ...)
+CVE-2017-5435
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5434 (A use-after-free vulnerability occurs when redirecting focus handling ...)
+CVE-2017-5434
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5433 (A use-after-free vulnerability in SMIL animation functions occurs when ...)
+CVE-2017-5433
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5432 (A use-after-free vulnerability occurs during certain text input ...)
+CVE-2017-5432
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
 CVE-2017-5431
 	RESERVED
-CVE-2017-5430 (Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and ...)
+CVE-2017-5430
 	- firefox 52.0.1-1
 	- firefox-esr <not-affected> (Only affects ESR52 and Firefox)
-CVE-2017-5429 (Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, ...)
+CVE-2017-5429
 	{DSA-3831-1 DLA-906-1}
 	- firefox-esr 45.9.0esr-1
 	- firefox 52.0.1-1
-CVE-2017-5428 (An integer overflow in &quot;createImageBitmap()&quot; was reported through the ...)
+CVE-2017-5428
 	- firefox-esr <not-affected> (Only affects 52 ESR, which isn't packaged yet except experimental where it's fixed)
 	- firefox 52.0.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/#CVE-2017-5428
-CVE-2017-5427 (A non-existent chrome.manifest file will attempt to be loaded during ...)
+CVE-2017-5427
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5427
-CVE-2017-5426 (On Linux, if the secure computing mode BPF (seccomp-bpf) filter is ...)
+CVE-2017-5426
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5426
-CVE-2017-5425 (The Gecko Media Plugin sandbox allows access to local files that match ...)
+CVE-2017-5425
 	- firefox <not-affected> (Only Firefox on OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5425
 CVE-2017-5424
 	RESERVED
 CVE-2017-5423
 	RESERVED
-CVE-2017-5422 (If a malicious site uses the &quot;view-source:&quot; protocol in a series ...)
+CVE-2017-5422
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5422
-CVE-2017-5421 (A malicious site could spoof the contents of the print preview window ...)
+CVE-2017-5421
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5421
-CVE-2017-5420 (A &quot;javascript:&quot; url loaded by a malicious page can obfuscate its ...)
+CVE-2017-5420
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5420
-CVE-2017-5419 (If a malicious site repeatedly triggers a modal authentication prompt, ...)
+CVE-2017-5419
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5419
-CVE-2017-5418 (An out of bounds read error occurs when parsing some HTTP digest ...)
+CVE-2017-5418
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5418
-CVE-2017-5417 (When dragging content from the primary browser pane to the addressbar ...)
+CVE-2017-5417
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5417
-CVE-2017-5416 (In certain circumstances a networking event listener can be ...)
+CVE-2017-5416
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5416
-CVE-2017-5415 (An attack can use a blob URL and script to spoof an arbitrary ...)
+CVE-2017-5415
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5415
-CVE-2017-5414 (The file picker dialog can choose and display the wrong local default ...)
+CVE-2017-5414
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5414
-CVE-2017-5413 (A segmentation fault can occur during some bidirectional layout ...)
+CVE-2017-5413
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5413
-CVE-2017-5412 (A buffer overflow read during SVG filter color value operations, ...)
+CVE-2017-5412
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5412
-CVE-2017-5411 (A use-after-free can occur during buffer storage operations within the ...)
+CVE-2017-5411
 	- firefox <not-affected> (Only Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5411
-CVE-2017-5410 (Memory corruption resulting in a potentially exploitable crash during ...)
+CVE-2017-5410
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38086,12 +38084,12 @@ CVE-2017-5410 (Memory corruption resulting in a potentially exploitable crash du
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5410
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5410
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5410
-CVE-2017-5409 (The Mozilla Windows updater can be called by a non-privileged user to ...)
+CVE-2017-5409
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5409
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5409
-CVE-2017-5408 (Video files loaded video captions cross-origin without checking for ...)
+CVE-2017-5408
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38099,7 +38097,7 @@ CVE-2017-5408 (Video files loaded video captions cross-origin without checking f
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5408
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5408
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5408
-CVE-2017-5407 (Using SVG filters that don't use the fixed point math implementation ...)
+CVE-2017-5407
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38107,10 +38105,10 @@ CVE-2017-5407 (Using SVG filters that don't use the fixed point math implementat
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5407
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5407
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5407
-CVE-2017-5406 (A segmentation fault can occur in the Skia graphics library during ...)
+CVE-2017-5406
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5406
-CVE-2017-5405 (Certain response codes in FTP connections can result in the use of ...)
+CVE-2017-5405
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38118,7 +38116,7 @@ CVE-2017-5405 (Certain response codes in FTP connections can result in the use o
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5405
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5405
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5405
-CVE-2017-5404 (A use-after-free error can occur when manipulating ranges in ...)
+CVE-2017-5404
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38126,10 +38124,10 @@ CVE-2017-5404 (A use-after-free error can occur when manipulating ranges in ...)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5404
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5404
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5404
-CVE-2017-5403 (When adding a range to an object in the DOM, it is possible to use ...)
+CVE-2017-5403
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5403
-CVE-2017-5402 (A use-after-free can occur when events are fired for a &quot;FontFace&quot; ...)
+CVE-2017-5402
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38137,7 +38135,7 @@ CVE-2017-5402 (A use-after-free can occur when events are fired for a &quot;Font
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5402
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5402
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5402
-CVE-2017-5401 (A crash triggerable by web content in which an &quot;ErrorResult&quot; ...)
+CVE-2017-5401
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38145,7 +38143,7 @@ CVE-2017-5401 (A crash triggerable by web content in which an &quot;ErrorResult&
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5401
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5401
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5401
-CVE-2017-5400 (JIT-spray targeting asm.js combined with a heap spray allows for a ...)
+CVE-2017-5400
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38153,10 +38151,10 @@ CVE-2017-5400 (JIT-spray targeting asm.js combined with a heap spray allows for
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5400
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5400
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5400
-CVE-2017-5399 (Memory safety bugs were reported in Firefox 51. Some of these bugs ...)
+CVE-2017-5399
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5399
-CVE-2017-5398 (Memory safety bugs were reported in Thunderbird 45.7. Some of these ...)
+CVE-2017-5398
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38164,10 +38162,10 @@ CVE-2017-5398 (Memory safety bugs were reported in Thunderbird 45.7. Some of the
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5398
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5398
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5398
-CVE-2017-5397 (The cache directory on the local file system is set to be world ...)
+CVE-2017-5397
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/#CVE-2017-5397
-CVE-2017-5396 (A use-after-free vulnerability in the Media Decoder when working with ...)
+CVE-2017-5396
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38175,24 +38173,24 @@ CVE-2017-5396 (A use-after-free vulnerability in the Media Decoder when working
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5396
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5396
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5396
-CVE-2017-5395 (Malicious sites can display a spoofed location bar on a subsequently ...)
+CVE-2017-5395
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5395
-CVE-2017-5394 (A location bar spoofing attack where the location bar of loaded page ...)
+CVE-2017-5394
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5394
-CVE-2017-5393 (The &quot;mozAddonManager&quot; allows for the installation of extensions from ...)
+CVE-2017-5393
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5393
-CVE-2017-5392 (Weak proxy objects have weak references on multiple threads when they ...)
+CVE-2017-5392
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5392
-CVE-2017-5391 (Special &quot;about:&quot; pages used by web content, such as RSS feeds, can ...)
+CVE-2017-5391
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5391
-CVE-2017-5390 (The JSON viewer in the Developer Tools uses insecure methods to create ...)
+CVE-2017-5390
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38200,33 +38198,33 @@ CVE-2017-5390 (The JSON viewer in the Developer Tools uses insecure methods to c
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5390
-CVE-2017-5389 (WebExtensions could use the &quot;mozAddonManager&quot; API by modifying the CSP ...)
+CVE-2017-5389
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5389
-CVE-2017-5388 (A STUN server in conjunction with a large number of ...)
+CVE-2017-5388
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5388
-CVE-2017-5387 (The existence of a specifically requested local file can be found due ...)
+CVE-2017-5387
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5387
-CVE-2017-5386 (WebExtension scripts can use the &quot;data:&quot; protocol to affect pages ...)
+CVE-2017-5386
 	{DSA-3771-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5386
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5386
-CVE-2017-5385 (Data sent with in multipart channels, such as the ...)
+CVE-2017-5385
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5385
-CVE-2017-5384 (Proxy Auto-Config (PAC) files can specify a JavaScript function called ...)
+CVE-2017-5384
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5384
-CVE-2017-5383 (URLs containing certain unicode glyphs for alternative hyphens and ...)
+CVE-2017-5383
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38234,15 +38232,15 @@ CVE-2017-5383 (URLs containing certain unicode glyphs for alternative hyphens an
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5383
-CVE-2017-5382 (Feed preview for RSS feeds can be used to capture errors and ...)
+CVE-2017-5382
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5382
-CVE-2017-5381 (The &quot;export&quot; function in the Certificate Viewer can force local ...)
+CVE-2017-5381
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5381
-CVE-2017-5380 (A potential use-after-free found through fuzzing during DOM ...)
+CVE-2017-5380
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38250,11 +38248,11 @@ CVE-2017-5380 (A potential use-after-free found through fuzzing during DOM ...)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5380
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5380
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5380
-CVE-2017-5379 (Use-after-free vulnerability in Web Animations when interacting with ...)
+CVE-2017-5379
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5379
-CVE-2017-5378 (Hashed codes of JavaScript objects are shared between pages. This ...)
+CVE-2017-5378
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38262,11 +38260,11 @@ CVE-2017-5378 (Hashed codes of JavaScript objects are shared between pages. This
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5378
-CVE-2017-5377 (A memory corruption vulnerability in Skia that can occur when using ...)
+CVE-2017-5377
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5377
-CVE-2017-5376 (Use-after-free while manipulating XSL in XSLT documents. This ...)
+CVE-2017-5376
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38274,7 +38272,7 @@ CVE-2017-5376 (Use-after-free while manipulating XSL in XSLT documents. This ...
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5376
-CVE-2017-5375 (JIT code allocation can allow for a bypass of ASLR and DEP protections ...)
+CVE-2017-5375
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38282,11 +38280,11 @@ CVE-2017-5375 (JIT code allocation can allow for a bypass of ASLR and DEP protec
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5375
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5375
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5375
-CVE-2017-5374 (Memory safety bugs were reported in Firefox 50.1. Some of these bugs ...)
+CVE-2017-5374
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5374
-CVE-2017-5373 (Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. ...)
+CVE-2017-5373
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38294,164 +38292,164 @@ CVE-2017-5373 (Memory safety bugs were reported in Firefox 50.1 and Firefox ESR
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5373
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5373
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5373
-CVE-2017-5372 (The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE ...)
+CVE-2017-5372
 	NOT-FOR-US: SAP
-CVE-2017-5371 (Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote ...)
+CVE-2017-5371
 	NOT-FOR-US: SAP
 CVE-2017-5370
 	RESERVED
 CVE-2017-5369
 	RESERVED
-CVE-2017-5368 (ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, ...)
+CVE-2017-5368
 	- zoneminder 1.30.4+dfsg-1 (bug #854733)
 	[wheezy] - zoneminder <no-dsa> (Too intrusive to backport)
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1822
-CVE-2017-5367 (Multiple reflected XSS vulnerabilities exist within form and link input ...)
+CVE-2017-5367
 	- zoneminder 1.30.4+dfsg-1 (bug #854733)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
 CVE-2017-5366
 	RESERVED
 CVE-2017-5365
 	RESERVED
-CVE-2017-5364 (Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an ...)
+CVE-2017-5364
 	NOT-FOR-US: Foxit PDF Toolkit
 CVE-2017-5363
 	RESERVED
 CVE-2017-5362
 	RESERVED
-CVE-2017-5361 (Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x ...)
+CVE-2017-5361
 	{DSA-3883-1 DSA-3882-1 DLA-988-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
 	- rt-authen-externalauth <removed>
 	NOTE: https://github.com/bestpractical/rt-authen-externalauth/commit/436255c04b4881bb6d8eec9a57b8593033d863a9
 CVE-2017-5360
 	RESERVED
-CVE-2017-5359 (EasyCom SQL iPlug allows remote attackers to cause a denial of service ...)
+CVE-2017-5359
 	NOT-FOR-US: EasyCom
-CVE-2017-5358 (Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for ...)
+CVE-2017-5358
 	NOT-FOR-US: EasyCom
-CVE-2017-5505 (The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows ...)
+CVE-2017-5505
 	- jasper <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jas_matrix_asl-jas_seq-c
 	NOTE: https://github.com/mdadams/jasper/issues/88
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5504 (The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer ...)
+CVE-2017-5504
 	- jasper <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jpc_undo_roi-jpc_dec-c
 	NOTE: https://github.com/mdadams/jasper/issues/89
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5503 (The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer ...)
+CVE-2017-5503
 	- jasper <not-affected> (Vulnerable code introduced later)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-write-in-dec_clnpass-jpc_t1dec-c
 	NOTE: https://github.com/mdadams/jasper/issues/90
-CVE-2017-5502 (libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to ...)
+CVE-2017-5502
 	- jasper <removed> (unimportant)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00030-jasper-leftshift-jp2_dec_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/76
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5501 (Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows ...)
+CVE-2017-5501
 	- jasper <removed> (unimportant)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00022-jasper-signedintoverflow-jpc_tsfb_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/70
 	NOTE: Only crashes with debug builds using ubsan
-CVE-2017-5500 (libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to ...)
+CVE-2017-5500
 	- jasper <removed> (unimportant)
 	NOTE: Triggers an assert. Not suitable for code injection, hardly denial of service
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00019-jasper-leftshift-jpc_dec_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/64
-CVE-2017-5499 (Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows ...)
+CVE-2017-5499
 	- jasper <removed> (unimportant)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00018-jasper-signedintoverflow-jpc_dec_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/63
 	NOTE: Triggers an assert. Not suitable for code injection, hardly denial of service
-CVE-2017-5498 (libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote ...)
+CVE-2017-5498
 	- jasper <removed> (unimportant)
 	NOTE: Triggers an assert. Not suitable for code injection, hardly denial of service
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00017-jasper-leftshift-jas_math_h
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/62
-CVE-2017-5506 (Double free vulnerability in magick/profile.c in ImageMagick allows ...)
+CVE-2017-5506
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851383)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/354
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6235f1f7a9f7b0f83b197f6cd0073dbb6602d0fb
-CVE-2017-5507 (Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x ...)
+CVE-2017-5507
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851382)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4493d9ca1124564da17f9b628ef9d0f1a6be9738
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2017-5508 (Heap-based buffer overflow in the PushQuantumPixel function in ...)
+CVE-2017-5508
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851381)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31161
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/379e21cd32483df6e128147af3bc4ce1f82eb9c4
-CVE-2017-5509 (coders/psd.c in ImageMagick allows remote attackers to have ...)
+CVE-2017-5509
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851377)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/350
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2017-5510 (coders/psd.c in ImageMagick allows remote attackers to have ...)
+CVE-2017-5510
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851376)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/348
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9
-CVE-2017-5511 (coders/psd.c in ImageMagick allows remote attackers to have ...)
+CVE-2017-5511
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851374)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/347
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790
-CVE-2017-5487 (wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in ...)
+CVE-2017-5487
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	[jessie] - wordpress <not-affected> (vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8715
 	NOTE: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
-CVE-2017-5488 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2017-5488
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8716
 	NOTE: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
-CVE-2017-5489 (Cross-site request forgery (CSRF) vulnerability in WordPress before ...)
+CVE-2017-5489
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8717
-CVE-2017-5490 (Cross-site scripting (XSS) vulnerability in the theme-name fallback ...)
+CVE-2017-5490
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8718
 	NOTE: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
-CVE-2017-5491 (wp-mail.php in WordPress before 4.7.1 might allow remote attackers to ...)
+CVE-2017-5491
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8719
 	NOTE: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
-CVE-2017-5492 (Cross-site request forgery (CSRF) vulnerability in the widget-editing ...)
+CVE-2017-5492
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8720
 	NOTE: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
-CVE-2017-5493 (wp-includes/ms-functions.php in the Multisite WordPress API in ...)
+CVE-2017-5493
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8721
 	NOTE: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
-CVE-2017-5356 (Irssi before 0.8.21 allows remote attackers to cause a denial of ...)
+CVE-2017-5356
 	{DLA-1217-1}
 	- irssi 0.8.21-1 (low)
 	[jessie] - irssi 0.8.17-1+deb8u3
@@ -38466,39 +38464,39 @@ CVE-2017-5353
 	RESERVED
 CVE-2017-5352
 	RESERVED
-CVE-2017-5351 (Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software ...)
+CVE-2017-5351
 	NOT-FOR-US: Samsung
-CVE-2017-5350 (Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow ...)
+CVE-2017-5350
 	NOT-FOR-US: Samsung
 CVE-2017-5349
 	RESERVED
 CVE-2017-5348
 	RESERVED
-CVE-2017-5347 (SQL injection vulnerability in inc/mod/newsletter/options.php in ...)
+CVE-2017-5347
 	NOT-FOR-US: GeniXMS
-CVE-2017-5346 (SQL injection vulnerability in ...)
+CVE-2017-5346
 	NOT-FOR-US: GeniXMS
-CVE-2017-5345 (SQL injection vulnerability in ...)
+CVE-2017-5345
 	NOT-FOR-US: GeniXMS
-CVE-2017-5344 (An issue was discovered in dotCMS through 3.6.1. The ...)
+CVE-2017-5344
 	NOT-FOR-US: dotCMS
 CVE-2017-5343
 	RESERVED
-CVE-2017-5342 (In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, ...)
+CVE-2017-5342
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5341 (The OTV parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5341
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5357 (regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of ...)
+CVE-2017-5357
 	- ed <not-affected> (Vulnerable code not present, cf #851159)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/5
 	NOTE: The issue is only present from 1.14 onwards, and prior to 1.14.1 since upstream
 	NOTE: changed a malloc'ed buffer for a static one.
 	NOTE: https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00001.html
-CVE-2017-5329 (Palo Alto Networks Terminal Services Agent before 7.0.7 allows local ...)
+CVE-2017-5329
 	NOT-FOR-US: Palo Alto Networks Terminal Services Agent
-CVE-2017-5328 (Palo Alto Networks Terminal Services Agent before 7.0.7 allows ...)
+CVE-2017-5328
 	NOT-FOR-US: Palo Alto Networks Terminal Services Agent
 CVE-2017-5327
 	RESERVED
@@ -38626,83 +38624,83 @@ CVE-2017-5266
 	RESERVED
 CVE-2017-5265
 	RESERVED
-CVE-2017-5264 (Versions of Nexpose prior to 6.4.66 fail to adequately validate the ...)
+CVE-2017-5264
 	NOT-FOR-US: Nexpose
-CVE-2017-5263 (Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack ...)
+CVE-2017-5263
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5262 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, ...)
+CVE-2017-5262
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5261 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, ...)
+CVE-2017-5261
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5260 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, ...)
+CVE-2017-5260
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5259 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, ...)
+CVE-2017-5259
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5258 (In version 3.5 and prior of Cambium Networks ePMP firmware, an ...)
+CVE-2017-5258
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5257 (In version 3.5 and prior of Cambium Networks ePMP firmware, an ...)
+CVE-2017-5257
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5256 (In version 3.5 and prior of Cambium Networks ePMP firmware, all ...)
+CVE-2017-5256
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5255 (In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of ...)
+CVE-2017-5255
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5254 (In version 3.5 and prior of Cambium Networks ePMP firmware, the ...)
+CVE-2017-5254
 	NOT-FOR-US: Cambium Networks ePMP firmware
 CVE-2017-5253
 	RESERVED
 CVE-2017-5252
 	RESERVED
-CVE-2017-5251 (In version 1012 and prior of Insteon's Insteon Hub, the radio ...)
+CVE-2017-5251
 	NOT-FOR-US: Insteon
-CVE-2017-5250 (In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, ...)
+CVE-2017-5250
 	NOT-FOR-US: Insteon
-CVE-2017-5249 (In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android ...)
+CVE-2017-5249
 	NOT-FOR-US: Wink
 CVE-2017-5248
 	RESERVED
-CVE-2017-5247 (Biscom Secure File Transfer is vulnerable to cross-site scripting in ...)
+CVE-2017-5247
 	NOT-FOR-US: Biscom Secure File Transfer
-CVE-2017-5246 (Biscom Secure File Transfer is vulnerable to AngularJS expression ...)
+CVE-2017-5246
 	NOT-FOR-US: Biscom Secure File Transfer
 CVE-2017-5245
 	REJECTED
-CVE-2017-5244 (Routes used to stop running Metasploit tasks (either particular ones ...)
+CVE-2017-5244
 	NOT-FOR-US: Metasploit
-CVE-2017-5243 (The default SSH configuration in Rapid7 Nexpose hardware appliances ...)
+CVE-2017-5243
 	NOT-FOR-US: Rapid7 Nexpose hardware appliances
 CVE-2017-5242
 	RESERVED
-CVE-2017-5241 (Biscom Secure File Transfer version 5.1.1015 (and possibly prior) is ...)
+CVE-2017-5241
 	NOT-FOR-US: Biscom Secure File Transfer
-CVE-2017-5240 (Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a ...)
+CVE-2017-5240
 	NOT-FOR-US: Rapid7 AppSpider Pro
-CVE-2017-5239 (Due to a lack of standard encryption when transmitting sensitive ...)
+CVE-2017-5239
 	NOT-FOR-US: Eview GPS trackers
-CVE-2017-5238 (Due to a lack of bounds checking, several input configuration fields ...)
+CVE-2017-5238
 	NOT-FOR-US: Eview GPS trackers
-CVE-2017-5237 (Due to a lack of authentication, an unauthenticated user who knows the ...)
+CVE-2017-5237
 	NOT-FOR-US: Eview GPS trackers
-CVE-2017-5236 (Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 ...)
+CVE-2017-5236
 	NOT-FOR-US: Rapid7 AppSpider Pro
-CVE-2017-5235 (Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 ...)
+CVE-2017-5235
 	NOT-FOR-US: Rapid7
-CVE-2017-5234 (Rapid7 Insight Collector installers prior to version 1.0.16 contain a ...)
+CVE-2017-5234
 	NOT-FOR-US: Rapid7
-CVE-2017-5233 (Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a ...)
+CVE-2017-5233
 	NOT-FOR-US: Rapid7
-CVE-2017-5232 (All editions of Rapid7 Nexpose installers prior to version 6.4.24 ...)
+CVE-2017-5232
 	NOT-FOR-US: Rapid7
-CVE-2017-5231 (All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 ...)
+CVE-2017-5231
 	NOT-FOR-US: Rapid7
-CVE-2017-5230 (The Java keystore in all versions and editions of Rapid7 Nexpose prior ...)
+CVE-2017-5230
 	NOT-FOR-US: Rapid7
-CVE-2017-5229 (All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 ...)
+CVE-2017-5229
 	NOT-FOR-US: Rapid7
-CVE-2017-5228 (All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 ...)
+CVE-2017-5228
 	NOT-FOR-US: Rapid7
-CVE-2017-5227 (QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain ...)
+CVE-2017-5227
 	NOT-FOR-US: QNAP
-CVE-2017-5225 (LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the ...)
+CVE-2017-5225
 	{DSA-3844-1 DLA-795-1}
 	- tiff 4.0.7-5 (bug #851297)
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7
@@ -38710,7 +38708,7 @@ CVE-2017-5225 (LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2657
 CVE-2017-5224
 	RESERVED
-CVE-2017-5223 (An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML ...)
+CVE-2017-5223
 	{DLA-1591-1 DLA-817-1}
 	- libphp-phpmailer 5.2.14+dfsg-2.3 (bug #853232)
 	NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/ad4cb09682682da2217799a0c521d4cdc6753402 (v5.2.22)
@@ -38721,17 +38719,17 @@ CVE-2017-5221
 	RESERVED
 CVE-2017-5220
 	RESERVED
-CVE-2017-5219 (An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component ...)
+CVE-2017-5219
 	NOT-FOR-US: SageCRM
-CVE-2017-5218 (A SQL Injection issue was discovered in SageCRM 7.x before 7.3 SP3. The ...)
+CVE-2017-5218
 	NOT-FOR-US: SageCRM
-CVE-2017-5217 (Installing a zero-permission Android application on certain Samsung ...)
+CVE-2017-5217
 	NOT-FOR-US: Samsung
-CVE-2017-5216 (Stack-based buffer overflow vulnerability in Netop Remote Control ...)
+CVE-2017-5216
 	NOT-FOR-US: Netop Remote Control
-CVE-2017-5215 (The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 ...)
+CVE-2017-5215
 	NOT-FOR-US: Joomla extension
-CVE-2017-5214 (The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 ...)
+CVE-2017-5214
 	NOT-FOR-US: Joomla extension
 CVE-2017-5213
 	RESERVED
@@ -38741,27 +38739,27 @@ CVE-2017-5211
 	RESERVED
 CVE-2017-5210
 	RESERVED
-CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice libplist ...)
+CVE-2017-5209
 	{DLA-811-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (low; bug #851196)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://github.com/libimobiledevice/libplist/issues/84
 	NOTE: https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
-CVE-2017-5205 (The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5205
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5204 (The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5204
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5203 (The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5203
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5202 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
+CVE-2017-5202
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5201 (NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow ...)
+CVE-2017-5201
 	NOT-FOR-US: NetApp
-CVE-2017-5200 (Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, ...)
+CVE-2017-5200
 	- salt 2016.11.2+ds-1
 	[jessie] - salt <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/saltstack/salt/compare/c0e5a1171d7ce2ba8747a971c024632e0d96d848~1...97b0f64923bc5382531b931625267a3c30d2f17e
@@ -38773,7 +38771,7 @@ CVE-2017-XXXX [multiple new security issues]
 	- w3m 0.5.3-34 (bug #850432)
 	[jessie] - w3m 0.5.3-19+deb8u2
 	[wheezy] - w3m <no-dsa> (Minor issues)
-CVE-2017-5337 (Multiple heap-based buffer overflows in the read_attribute function in ...)
+CVE-2017-5337
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -38781,7 +38779,7 @@ CVE-2017-5337 (Multiple heap-based buffer overflows in the read_attribute functi
 	NOTE: OpenPGP-related issue
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/94fcf1645ea17223237aaf8d19132e004afddc1a
-CVE-2017-5336 (Stack-based buffer overflow in the cdk_pk_get_keyid function in ...)
+CVE-2017-5336
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -38789,7 +38787,7 @@ CVE-2017-5336 (Stack-based buffer overflow in the cdk_pk_get_keyid function in .
 	NOTE: OpenPGP-related issue
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/5140422e0d7319a8e2fe07f02cbcafc4d6538732
-CVE-2017-5335 (The stream reading functions in lib/opencdk/read-packet.c in GnuTLS ...)
+CVE-2017-5335
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -38797,44 +38795,44 @@ CVE-2017-5335 (The stream reading functions in lib/opencdk/read-packet.c in GnuT
 	NOTE: OpenPGP-related issue
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/49be4f7b82eba2363bb8d4090950dad976a77a3a
-CVE-2017-5334 (Double free vulnerability in the gnutls_x509_ext_import_proxy function ...)
+CVE-2017-5334
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-1
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/c5aaa488a3d6df712dc8dff23a049133cab5ec1b
-CVE-2017-5330 (ark before 16.12.1 might allow remote attackers to execute arbitrary ...)
+CVE-2017-5330
 	- ark 4:16.08.3-2 (bug #850874)
 	[jessie] - ark <not-affected> (Vulnerable code introduced later)
 	[wheezy] - ark <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://cgit.kde.org/ark.git/commit/?id=82fdfd24d46966a117fa625b68784735a40f9065
 	NOTE: "Open File" action introduced in  https://cgit.kde.org/ark.git/commit/?id=f1cf10f25af245823f81b8ff457a04c7593dede7 (v15.11.80)
-CVE-2017-5226 (When executing a program via the bubblewrap sandbox, the nonpriv ...)
+CVE-2017-5226
 	- bubblewrap 0.1.5-2 (bug #850702)
 	NOTE: https://github.com/projectatomic/bubblewrap/issues/142
-CVE-2017-5207 (Firejail before 0.9.44.4, when running a bandwidth command, allows ...)
+CVE-2017-5207
 	- firejail 0.9.44.4-1 (bug #850528)
 	NOTE: https://github.com/netblue30/firejail/issues/1023
 	NOTE: Fixed by: https://github.com/netblue30/firejail/commit/5d43fdcd215203868d440ffc42036f5f5ffc89fc
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/07/3
-CVE-2017-5206 (Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, ...)
+CVE-2017-5206
 	- firejail 0.9.44.4-1 (bug #850558)
 	NOTE: Fixed by: https://github.com/netblue30/firejail/commit/6b8dba29d73257311564ee7f27b9b14758cc693e
-CVE-2017-5199 (The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 ...)
+CVE-2017-5199
 	NOT-FOR-US: SolarWinds LEM
-CVE-2017-5198 (SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo ...)
+CVE-2017-5198
 	NOT-FOR-US: SolarWinds LEM
-CVE-2017-5197 (There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. ...)
+CVE-2017-5197
 	NOT-FOR-US: SilverStripe
-CVE-2017-5192 (When using the local_batch client from salt-api in SaltStack Salt ...)
+CVE-2017-5192
 	- salt 2016.11.2+ds-1
 	[jessie] - salt <not-affected> (Vulnerable code not present)
-CVE-2017-5191 (An XSS vulnerability on the /NAGErrors URI in NetIQ Access Manager 4.2 ...)
+CVE-2017-5191
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-5190 (NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when ...)
+CVE-2017-5190
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-5189 (NetIQ iManager before 3.0.3 delivered a SSL private key in a Java ...)
+CVE-2017-5189
 	NOT-FOR-US: NetIQ iManager
-CVE-2017-5188 (The bs_worker code in open build service before 20170320 followed ...)
+CVE-2017-5188
 	- open-build-service 2.7.4-3 (low; bug #900133)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/00ec3c6f4132422f00d5c15e854755c331ef1661 (2.7.x)
@@ -38843,160 +38841,160 @@ CVE-2017-5188 (The bs_worker code in open build service before 20170320 followed
 	NOTE: it might be wise to disallow as well other types (devices, sockets,
 	NOTE: directories, symlinks, ...) and needs:
 	NOTE: https://github.com/openSUSE/open-build-service/commit/ba27c91351878bc297ec4baba0bd488a2f3b568d
-CVE-2017-5187 (A Cross-Site Request Forgery (CWE-352) vulnerability in Directory ...)
+CVE-2017-5187
 	NOT-FOR-US: Micro Focus
-CVE-2017-5186 (Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before ...)
+CVE-2017-5186
 	NOT-FOR-US: Novell iManager
-CVE-2017-5185 (A vulnerability was discovered in NetIQ Sentinel Server 8.0 before ...)
+CVE-2017-5185
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2017-5184 (A vulnerability was discovered in NetIQ Sentinel Server 8.0 before ...)
+CVE-2017-5184
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2017-5183 (NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as ...)
+CVE-2017-5183
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-5182 (Remote Manager in Open Enterprise Server (OES) allows unauthenticated ...)
+CVE-2017-5182
 	NOT-FOR-US: Open Enterprise Server
 CVE-2017-5181
 	REJECTED
-CVE-2017-5196 (Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial ...)
+CVE-2017-5196
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi <not-affected> (Affects only 0.8.18 and later)
 	[wheezy] - irssi <not-affected> (Affects only 0.8.18 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5195 (Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial ...)
+CVE-2017-5195
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi 0.8.17-1+deb8u3
 	[wheezy] - irssi <not-affected> (Affects only 0.8.17 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5194 (Use-after-free vulnerability in Irssi before 0.8.21 allows remote ...)
+CVE-2017-5194
 	{DLA-1217-1}
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi 0.8.17-1+deb8u3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5193 (The nickcmp function in Irssi before 0.8.21 allows remote attackers to ...)
+CVE-2017-5193
 	{DLA-1217-1}
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi 0.8.17-1+deb8u3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5179 (Cross-site scripting (XSS) vulnerability in Tenable Nessus before ...)
+CVE-2017-5179
 	NOT-FOR-US: Nessus
-CVE-2017-5178 (An issue was discovered in Schneider Electric Tableau Server/Desktop ...)
+CVE-2017-5178
 	NOT-FOR-US: Schneider
-CVE-2017-5177 (A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 ...)
+CVE-2017-5177
 	NOT-FOR-US: VIPA Controls WinPLC7
-CVE-2017-5176 (A DLL Hijack issue was discovered in Rockwell Automation Connected ...)
+CVE-2017-5176
 	NOT-FOR-US: Rockwell Automation Connected Components Workbench
-CVE-2017-5175 (Advantech WebAccess 8.1 and earlier contains a DLL hijacking ...)
+CVE-2017-5175
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-5174 (An Authentication Bypass issue was discovered in Geutebruck IP Camera ...)
+CVE-2017-5174
 	NOT-FOR-US: Geutebruck IP Camera G-Cam/EFD-2250
-CVE-2017-5173 (An Improper Neutralization of Special Elements (in an OS command) issue ...)
+CVE-2017-5173
 	NOT-FOR-US: Geutebruck IP Camera G-Cam/EFD-2250
 CVE-2017-5172
 	RESERVED
 CVE-2017-5171
 	RESERVED
-CVE-2017-5170 (An Uncontrolled Search Path Element issue was discovered in Moxa ...)
+CVE-2017-5170
 	NOT-FOR-US: Moxa
-CVE-2017-5169 (An issue was discovered in Hanwha Techwin Smart Security Manager ...)
+CVE-2017-5169
 	NOT-FOR-US: Hanwha Techwin
-CVE-2017-5168 (An issue was discovered in Hanwha Techwin Smart Security Manager ...)
+CVE-2017-5168
 	NOT-FOR-US: Hanwha Techwin
-CVE-2017-5167 (An issue was discovered in BINOM3 Universal Multifunctional Electric ...)
+CVE-2017-5167
 	NOT-FOR-US: BINOM3
-CVE-2017-5166 (An issue was discovered in BINOM3 Universal Multifunctional Electric ...)
+CVE-2017-5166
 	NOT-FOR-US: BINOM3
-CVE-2017-5165 (An issue was discovered in BINOM3 Universal Multifunctional Electric ...)
+CVE-2017-5165
 	NOT-FOR-US: BINOM3
-CVE-2017-5164 (An issue was discovered in BINOM3 Universal Multifunctional Electric ...)
+CVE-2017-5164
 	NOT-FOR-US: BINOM3
-CVE-2017-5163 (An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, ...)
+CVE-2017-5163
 	NOT-FOR-US: Belden Hirschmann
-CVE-2017-5162 (An issue was discovered in BINOM3 Universal Multifunctional Electric ...)
+CVE-2017-5162
 	NOT-FOR-US: BINOM3
-CVE-2017-5161 (An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, ...)
+CVE-2017-5161
 	NOT-FOR-US: Sielco Sistemi
-CVE-2017-5160 (An Inadequate Encryption Strength issue was discovered in Schneider ...)
+CVE-2017-5160
 	NOT-FOR-US: Schneider Electric
-CVE-2017-5159 (An issue was discovered on Phoenix Contact mGuard devices that have ...)
+CVE-2017-5159
 	NOT-FOR-US: Phoenix Contact mGuard
-CVE-2017-5158 (An Information Exposure issue was discovered in Schneider Electric ...)
+CVE-2017-5158
 	NOT-FOR-US: Schneider Electric
-CVE-2017-5157 (An issue was discovered in Schneider Electric homeLYnk Controller, ...)
+CVE-2017-5157
 	NOT-FOR-US: Schneider
-CVE-2017-5156 (A Cross-Site Request Forgery issue was discovered in Schneider Electric ...)
+CVE-2017-5156
 	NOT-FOR-US: Schneider Electric
-CVE-2017-5155 (An issue was discovered in Schneider Electric Wonderware Historian 2014 ...)
+CVE-2017-5155
 	NOT-FOR-US: Schneider
-CVE-2017-5154 (An issue was discovered in Advantech WebAccess Version 8.1. To be able ...)
+CVE-2017-5154
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-5153 (An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier ...)
+CVE-2017-5153
 	NOT-FOR-US: OSIsoft PI Coresight
-CVE-2017-5152 (An issue was discovered in Advantech WebAccess Version 8.1. By ...)
+CVE-2017-5152
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-5151 (An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and ...)
+CVE-2017-5151
 	NOT-FOR-US: VideoInsight Web Client
 CVE-2017-5150
 	RESERVED
-CVE-2017-5149 (An issue was discovered in St. Jude Medical Merlin@home, versions prior ...)
+CVE-2017-5149
 	NOT-FOR-US: St. Jude Medical Merlin@home
 CVE-2017-5148
 	RESERVED
-CVE-2017-5147 (An Uncontrolled Search Path Element issue was discovered in AzeoTech ...)
+CVE-2017-5147
 	NOT-FOR-US: AzeoTech DAQFactory
-CVE-2017-5146 (An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware ...)
+CVE-2017-5146
 	NOT-FOR-US: Carlo Gavazzi
-CVE-2017-5145 (An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware ...)
+CVE-2017-5145
 	NOT-FOR-US: Carlo Gavazzi
-CVE-2017-5144 (An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware ...)
+CVE-2017-5144
 	NOT-FOR-US: Carlo Gavazzi
-CVE-2017-5143 (An issue was discovered in Honeywell XL Web II controller XL1000C500 ...)
+CVE-2017-5143
 	NOT-FOR-US: Honeywell
-CVE-2017-5142 (An issue was discovered in Honeywell XL Web II controller XL1000C500 ...)
+CVE-2017-5142
 	NOT-FOR-US: Honeywell
-CVE-2017-5141 (An issue was discovered in Honeywell XL Web II controller XL1000C500 ...)
+CVE-2017-5141
 	NOT-FOR-US: Honeywell
-CVE-2017-5140 (An issue was discovered in Honeywell XL Web II controller XL1000C500 ...)
+CVE-2017-5140
 	NOT-FOR-US: Honeywell
-CVE-2017-5139 (An issue was discovered in Honeywell XL Web II controller XL1000C500 ...)
+CVE-2017-5139
 	NOT-FOR-US: Honeywell
 CVE-2017-5138
 	RESERVED
-CVE-2017-5137 (An issue was discovered on SendQuick Entera and Avera devices before ...)
+CVE-2017-5137
 	NOT-FOR-US: SendQuick Entera and Avera devices
-CVE-2017-5136 (An issue was discovered on SendQuick Entera and Avera devices before ...)
+CVE-2017-5136
 	NOT-FOR-US: SendQuick Entera and Avera devices
-CVE-2017-5180 (Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not ...)
+CVE-2017-5180
 	- firejail 0.9.44.2-3 (bug #850160)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/04/1
 	NOTE: https://github.com/netblue30/firejail/issues/1020
-CVE-2017-5135 (Certain Technicolor devices have an SNMP access-control bypass, ...)
+CVE-2017-5135
 	NOT-FOR-US: Technicolor
 CVE-2017-5134
 	RESERVED
-CVE-2017-5133 (Off-by-one read/write on the heap in Blink in Google Chrome prior to ...)
+CVE-2017-5133
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5132 (Inappropriate implementation in V8 in Google Chrome prior to ...)
+CVE-2017-5132
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5131 (An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 ...)
+CVE-2017-5131
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5130 (An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in ...)
+CVE-2017-5130
 	{DLA-1188-1}
 	- libxml2 2.9.4+dfsg1-5.1 (bug #880000)
 	[stretch] - libxml2 <no-dsa> (Minor issue)
@@ -39009,32 +39007,32 @@ CVE-2017-5130 (An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as us
 	NOTE: with --maxmem. Similar issue for xmlMallocLoc and xmlReallocLoc.
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed
 	NOTE: Needs follow up: https://git.gnome.org/browse/libxml2/commit/?id=ed48d65b4d6c5cec7be035ad5eebeba873b4b955
-CVE-2017-5129 (A use after free in WebAudio in Blink in Google Chrome prior to ...)
+CVE-2017-5129
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5128 (Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 ...)
+CVE-2017-5128
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5127 (Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed ...)
+CVE-2017-5127
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5126 (A use after free in PDFium in Google Chrome prior to 62.0.3202.62 ...)
+CVE-2017-5126
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5125 (Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 ...)
+CVE-2017-5125
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5124 (Incorrect application of sandboxing in Blink in Google Chrome prior to ...)
+CVE-2017-5124
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39046,434 +39044,434 @@ CVE-2017-5123 [waitid() not calling access_ok()]
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/96ca579a1ecc943b75beba58bebb0356f6cc4b51
-CVE-2017-5122 (Inappropriate use of table size handling in V8 in Google Chrome prior ...)
+CVE-2017-5122
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5121 (Inappropriate use of JIT optimisation in V8 in Google Chrome prior to ...)
+CVE-2017-5121
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5120 (Inappropriate use of www mismatch redirects in browser navigation in ...)
+CVE-2017-5120
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5119 (Use of an uninitialized value in Skia in Google Chrome prior to ...)
+CVE-2017-5119
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5118 (Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and ...)
+CVE-2017-5118
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5117 (Use of an uninitialized value in Skia in Google Chrome prior to ...)
+CVE-2017-5117
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5116 (Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, ...)
+CVE-2017-5116
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5115 (Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows ...)
+CVE-2017-5115
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5114 (Inappropriate use of partition alloc in PDFium in Google Chrome prior ...)
+CVE-2017-5114
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5113 (Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, ...)
+CVE-2017-5113
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5112 (Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 ...)
+CVE-2017-5112
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5111 (A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for ...)
+CVE-2017-5111
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5110 (Inappropriate implementation of the web payments API on blob: and data: ...)
+CVE-2017-5110
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5109 (Inappropriate implementation of unload handler handling in permission ...)
+CVE-2017-5109
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5108 (Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for ...)
+CVE-2017-5108
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5107 (A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 ...)
+CVE-2017-5107
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5106 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-5106
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5105 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-5105
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5104 (Inappropriate implementation in interstitials in Google Chrome prior to ...)
+CVE-2017-5104
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5103 (Use of an uninitialized value in Skia in Google Chrome prior to ...)
+CVE-2017-5103
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5102 (Use of an uninitialized value in Skia in Google Chrome prior to ...)
+CVE-2017-5102
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5101 (Inappropriate implementation in Omnibox in Google Chrome prior to ...)
+CVE-2017-5101
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5100 (A use after free in Apps in Google Chrome prior to 60.0.3112.78 for ...)
+CVE-2017-5100
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5099 (Insufficient validation of untrusted input in PPAPI Plugins in Google ...)
+CVE-2017-5099
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5098 (A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, ...)
+CVE-2017-5098
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5097 (Insufficient validation of untrusted input in Skia in Google Chrome ...)
+CVE-2017-5097
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5096 (Insufficient policy enforcement during navigation between different ...)
+CVE-2017-5096
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2017-5095 (Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for ...)
+CVE-2017-5095
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5094 (Type confusion in extensions JavaScript bindings in Google Chrome prior ...)
+CVE-2017-5094
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5093 (Inappropriate implementation in modal dialog handling in Blink in ...)
+CVE-2017-5093
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5092 (Insufficient validation of untrusted input in PPAPI Plugins in Google ...)
+CVE-2017-5092
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5091 (A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 ...)
+CVE-2017-5091
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5090 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-5090
 	- chromium-browser <not-affected> (Chrome on Mac)
-CVE-2017-5089 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-5089
 	{DSA-3926-1}
 	- chromium-browser 59.0.3071.104-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5088 (Insufficient validation of untrusted input in V8 in Google Chrome prior ...)
+CVE-2017-5088
 	{DSA-3926-1}
 	- chromium-browser 59.0.3071.104-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5087 (A use after free in Blink in Google Chrome prior to 59.0.3071.104 for ...)
+CVE-2017-5087
 	{DSA-3926-1}
 	- chromium-browser 59.0.3071.104-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5086 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-5086
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5085 (Inappropriate implementation in Bookmarks in Google Chrome prior to 59 ...)
+CVE-2017-5085
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5084 (Inappropriate implementation in image-burner in Google Chrome OS prior ...)
+CVE-2017-5084
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5083 (Inappropriate implementation in Blink in Google Chrome prior to ...)
+CVE-2017-5083
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5082 (Failure to take advantage of available mitigations in credit card ...)
+CVE-2017-5082
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5081 (Lack of verification of an extension's locale folder in Google Chrome ...)
+CVE-2017-5081
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5080 (A use after free in credit card autofill in Google Chrome prior to ...)
+CVE-2017-5080
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5079 (Inappropriate implementation in Blink in Google Chrome prior to ...)
+CVE-2017-5079
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5078 (Insufficient validation of untrusted input in Blink's mailto: handling ...)
+CVE-2017-5078
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5077 (Insufficient validation of untrusted input in Skia in Google Chrome ...)
+CVE-2017-5077
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5076 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-5076
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5075 (Inappropriate implementation in CSP reporting in Blink in Google Chrome ...)
+CVE-2017-5075
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5074 (A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 ...)
+CVE-2017-5074
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5073 (Use after free in print preview in Blink in Google Chrome prior to ...)
+CVE-2017-5073
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5072 (Inappropriate implementation in Omnibox in Google Chrome prior to ...)
+CVE-2017-5072
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5071 (Insufficient validation of untrusted input in V8 in Google Chrome prior ...)
+CVE-2017-5071
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5070 (Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, ...)
+CVE-2017-5070
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5069 (Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome ...)
+CVE-2017-5069
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5068 (Incorrect handling of picture ID in WebRTC in Google Chrome prior to ...)
+CVE-2017-5068
 	- chromium-browser 58.0.3029.96-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5067 (An insufficient watchdog timer in navigation in Google Chrome prior to ...)
+CVE-2017-5067
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5066 (Insufficient consistency checks in signature handling in the networking ...)
+CVE-2017-5066
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5065 (Lack of an appropriate action on page navigation in Blink in Google ...)
+CVE-2017-5065
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5064 (Incorrect handling of DOM changes in Blink in Google Chrome prior to ...)
+CVE-2017-5064
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5063 (A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for ...)
+CVE-2017-5063
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5062 (A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 ...)
+CVE-2017-5062
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5061 (A race condition in navigation in Google Chrome prior to 58.0.3029.81 ...)
+CVE-2017-5061
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5060 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to ...)
+CVE-2017-5060
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5059 (Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for ...)
+CVE-2017-5059
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5058 (A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 ...)
+CVE-2017-5058
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5057 (Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for ...)
+CVE-2017-5057
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5056 (A use after free in Blink in Google Chrome prior to 57.0.2987.133 for ...)
+CVE-2017-5056
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5055 (A use after free in printing in Google Chrome prior to 57.0.2987.133 ...)
+CVE-2017-5055
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5054 (An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for ...)
+CVE-2017-5054
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5053 (An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for ...)
+CVE-2017-5053
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5052 (An incorrect assumption about block structure in Blink in Google Chrome ...)
+CVE-2017-5052
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5051 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
+CVE-2017-5051
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5050 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
+CVE-2017-5050
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5049 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
+CVE-2017-5049
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5048 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
+CVE-2017-5048
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5047 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
+CVE-2017-5047
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5046 (V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux ...)
+CVE-2017-5046
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5045 (XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, ...)
+CVE-2017-5045
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5044 (Heap buffer overflow in filter processing in Skia in Google Chrome ...)
+CVE-2017-5044
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5043 (Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, ...)
+CVE-2017-5043
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5042 (Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux ...)
+CVE-2017-5042
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5041 (Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward ...)
+CVE-2017-5041
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5040 (V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux ...)
+CVE-2017-5040
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5039 (A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for ...)
+CVE-2017-5039
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5038 (Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, ...)
+CVE-2017-5038
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5037 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
+CVE-2017-5037
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5036 (A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for ...)
+CVE-2017-5036
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5035 (Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race ...)
+CVE-2017-5035
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5034 (A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for ...)
+CVE-2017-5034
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5033 (Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and ...)
+CVE-2017-5033
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5032 (PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made ...)
+CVE-2017-5032
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5031 (A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for ...)
+CVE-2017-5031
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5030 (Incorrect handling of complex species in V8 in Google Chrome prior to ...)
+CVE-2017-5030
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5029 (The xsltAddTextString function in transform.c in libxslt 1.1.29, as ...)
+CVE-2017-5029
 	{DSA-3810-1 DLA-866-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -39482,99 +39480,99 @@ CVE-2017-5029 (The xsltAddTextString function in transform.c in libxslt 1.1.29,
 	NOTE: Upstream fix in libxslt: https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5
 CVE-2017-5028
 	RESERVED
-CVE-2017-5027 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5027
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5026 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed ...)
+CVE-2017-5026
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5025 (FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5025
 	{DSA-3776-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- ffmpeg 7:3.2.4-1
-CVE-2017-5024 (FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5024
 	{DSA-3776-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- ffmpeg 7:3.2.4-1
-CVE-2017-5023 (Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for ...)
+CVE-2017-5023
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5022 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5022
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5021 (A use after free in Google Chrome prior to 56.0.2924.76 for Linux, ...)
+CVE-2017-5021
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5020 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and ...)
+CVE-2017-5020
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5019 (A use after free in Google Chrome prior to 56.0.2924.76 for Linux, ...)
+CVE-2017-5019
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5018 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and ...)
+CVE-2017-5018
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5017 (Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac ...)
+CVE-2017-5017
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5016 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5016
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5015 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and ...)
+CVE-2017-5015
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5014 (Heap buffer overflow during image processing in Skia in Google Chrome ...)
+CVE-2017-5014
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5013 (Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new ...)
+CVE-2017-5013
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5012 (A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for ...)
+CVE-2017-5012
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5011 (Google Chrome prior to 56.0.2924.76 for Windows insufficiently ...)
+CVE-2017-5011
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5010 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5010
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5009 (WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5009
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5008 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5008
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5007 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5007
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5006 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and ...)
+CVE-2017-5006
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5005 (Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 ...)
+CVE-2017-5005
 	NOT-FOR-US: Quickheal
 CVE-2017-5333
 	RESERVED
@@ -39600,119 +39598,119 @@ CVE-2017-5331 [make check_offset more stringent]
 	- icoutils 0.31.1-1
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=4fbe9222fd79ee31b7ec031b0be070a9a400d1d3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/10/4
-CVE-2017-5208 (Integer overflow in the wrestool program in icoutils before 0.31.1 ...)
+CVE-2017-5208
 	{DSA-3756-1 DLA-789-1}
 	- icoutils 0.31.0-4 (bug #850017)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=0d569f458f306b88f60156d60c9cf058125cf173
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/08/1
-CVE-2017-5340 (Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles ...)
+CVE-2017-5340
 	- php7.1 7.1.1-1 (bug #852022)
 	- php7.0 7.0.15-1 (bug #850158)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73832
 	NOTE: Fixed in PHP 7.1.1, 7.0.15
-CVE-2017-5004 (EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all ...)
+CVE-2017-5004
 	NOT-FOR-US: RSA Identity Governance and Lifecycle
-CVE-2017-5003 (EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all ...)
+CVE-2017-5003
 	NOT-FOR-US: RSA Identity Governance and Lifecycle
-CVE-2017-5002 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
+CVE-2017-5002
 	NOT-FOR-US: EMC
-CVE-2017-5001 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
+CVE-2017-5001
 	NOT-FOR-US: EMC
-CVE-2017-5000 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
+CVE-2017-5000
 	NOT-FOR-US: EMC
-CVE-2017-4999 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
+CVE-2017-4999
 	NOT-FOR-US: EMC
-CVE-2017-4998 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
+CVE-2017-4998
 	NOT-FOR-US: EMC
-CVE-2017-4997 (EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an ...)
+CVE-2017-4997
 	NOT-FOR-US: EMC
 CVE-2017-4996
 	REJECTED
-CVE-2017-4995 (An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE ...)
+CVE-2017-4995
 	- libspring-security-java <itp> (bug #582181)
 	NOTE: https://pivotal.io/security/cve-2017-4995
-CVE-2017-4994 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2017-4994
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-4993
 	REJECTED
-CVE-2017-4992 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2017-4992
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4991 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2017-4991
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4990 (In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, ...)
+CVE-2017-4990
 	NOT-FOR-US: EMC
-CVE-2017-4989 (In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, ...)
+CVE-2017-4989
 	NOT-FOR-US: EMC
-CVE-2017-4988 (EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is ...)
+CVE-2017-4988
 	NOT-FOR-US: EMC
-CVE-2017-4987 (In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions ...)
+CVE-2017-4987
 	NOT-FOR-US: EMC
-CVE-2017-4986 (EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could ...)
+CVE-2017-4986
 	NOT-FOR-US: EMC
-CVE-2017-4985 (In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions ...)
+CVE-2017-4985
 	NOT-FOR-US: EMC
-CVE-2017-4984 (In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions ...)
+CVE-2017-4984
 	NOT-FOR-US: EMC
-CVE-2017-4983 (EMC Data Domain OS 5.2 through 5.7 before 5.7.3.0 and 6.0 before ...)
+CVE-2017-4983
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2017-4982 (EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and ...)
+CVE-2017-4982
 	NOT-FOR-US: EMC Mainframe
-CVE-2017-4981 (EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper ...)
+CVE-2017-4981
 	NOT-FOR-US: EMC
-CVE-2017-4980 (EMC Isilon OneFS is affected by a path traversal vulnerability that may ...)
+CVE-2017-4980
 	NOT-FOR-US: EMC
-CVE-2017-4979 (EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - ...)
+CVE-2017-4979
 	NOT-FOR-US: EMC
-CVE-2017-4978 (EMC RSA Adaptive Authentication (On-Premise) versions prior to 7.3 P2 ...)
+CVE-2017-4978
 	NOT-FOR-US: EMC
-CVE-2017-4977 (EMC RSA Archer Security Operations Management with RSA Unified ...)
+CVE-2017-4977
 	NOT-FOR-US: EMC
-CVE-2017-4976 (EMC ESRS Policy Manager prior to 6.8 contains an undocumented account ...)
+CVE-2017-4976
 	NOT-FOR-US: EMC
-CVE-2017-4975 (An issue was discovered in Pivotal PCF Tile Generator versions prior to ...)
+CVE-2017-4975
 	NOT-FOR-US: Pivotal PCF Tile Generator
-CVE-2017-4974 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2017-4974
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4973 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2017-4973
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4972 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...)
+CVE-2017-4972
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4971 (An issue was discovered in Pivotal Spring Web Flow through 2.4.4. ...)
+CVE-2017-4971
 	NOT-FOR-US: Spring Web Flow
-CVE-2017-4970 (An issue was discovered in Cloud Foundry Foundation cf-release v255 and ...)
+CVE-2017-4970
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4969 (The Cloud Controller in Cloud Foundry cf-release versions prior to v255 ...)
+CVE-2017-4969
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-4968
 	REJECTED
-CVE-2017-4967 (An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x ...)
+CVE-2017-4967
 	- rabbitmq-server 3.6.10-1 (low; bug #863586)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
-CVE-2017-4966 (An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x ...)
+CVE-2017-4966
 	- rabbitmq-server 3.6.10-1 (low; bug #863586)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
 	[wheezy] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/rabbitmq/rabbitmq-management/commit/2371633f99ad0d293899384f078872ff9e9f3e10 (rabbitmq_v3_6_9)
 	NOTE: Introduced by: https://github.com/rabbitmq/rabbitmq-management/commit/ced47b0bdca862a58e8f31833643e948655f8368 (rabbitmq_v3_4_0)
-CVE-2017-4965 (An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x ...)
+CVE-2017-4965
 	- rabbitmq-server 3.6.10-1 (low; bug #863586)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
-CVE-2017-4964 (Cloud Foundry Foundation BOSH Azure CPI v22 could potentially allow a ...)
+CVE-2017-4964
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4963 (An issue was discovered in Cloud Foundry Foundation Cloud Foundry ...)
+CVE-2017-4963
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-4962
 	REJECTED
-CVE-2017-4961 (An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x ...)
+CVE-2017-4961
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4960 (An issue was discovered in Cloud Foundry release v247 through v252, UAA ...)
+CVE-2017-4960
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4959 (An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions ...)
+CVE-2017-4959
 	NOT-FOR-US: Pivotal PCF Elastic Runtime
 CVE-2017-4958
 	REJECTED
@@ -39720,127 +39718,127 @@ CVE-2017-4957
 	REJECTED
 CVE-2017-4956
 	REJECTED
-CVE-2017-4955 (An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions ...)
+CVE-2017-4955
 	NOT-FOR-US: Pivotal PCF Elastic Runtime
 CVE-2017-4954
 	RESERVED
 CVE-2017-4953
 	RESERVED
-CVE-2017-4952 (VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, ...)
+CVE-2017-4952
 	NOT-FOR-US: VMware Xenon
-CVE-2017-4951 (VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) ...)
+CVE-2017-4951
 	NOT-FOR-US: VMware AirWatch Console
-CVE-2017-4950 (VMware Workstation and Fusion contain an integer overflow ...)
+CVE-2017-4950
 	NOT-FOR-US: VMware
-CVE-2017-4949 (VMware Workstation and Fusion contain a use-after-free vulnerability ...)
+CVE-2017-4949
 	NOT-FOR-US: VMware
-CVE-2017-4948 (VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View ...)
+CVE-2017-4948
 	NOT-FOR-US: VMware
-CVE-2017-4947 (VMware Realize Automation (7.3 and 7.2) and vSphere Integrated ...)
+CVE-2017-4947
 	NOT-FOR-US: VMware Realize Automation
-CVE-2017-4946 (The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a ...)
+CVE-2017-4946
 	NOT-FOR-US: VMware
-CVE-2017-4945 (VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a ...)
+CVE-2017-4945
 	NOT-FOR-US: VMware
 CVE-2017-4944
 	RESERVED
-CVE-2017-4943 (VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a ...)
+CVE-2017-4943
 	NOT-FOR-US: VMware
-CVE-2017-4942 (VMware AirWatch Console (AWC) contains a Broken Access Control ...)
+CVE-2017-4942
 	NOT-FOR-US: VMware
-CVE-2017-4941 (VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ...)
+CVE-2017-4941
 	NOT-FOR-US: VMware
-CVE-2017-4940 (The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, ...)
+CVE-2017-4940
 	NOT-FOR-US: VMware
-CVE-2017-4939 (VMware Workstation (12.x before 12.5.8) installer contains a DLL ...)
+CVE-2017-4939
 	NOT-FOR-US: VMware
-CVE-2017-4938 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) ...)
+CVE-2017-4938
 	NOT-FOR-US: VMware
-CVE-2017-4937 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for ...)
+CVE-2017-4937
 	NOT-FOR-US: VMware
-CVE-2017-4936 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for ...)
+CVE-2017-4936
 	NOT-FOR-US: VMware
-CVE-2017-4935 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for ...)
+CVE-2017-4935
 	NOT-FOR-US: VMware
-CVE-2017-4934 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) ...)
+CVE-2017-4934
 	NOT-FOR-US: VMware
-CVE-2017-4933 (VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x ...)
+CVE-2017-4933
 	NOT-FOR-US: VMware
-CVE-2017-4932 (VMware AirWatch Launcher for Android prior to 3.2.2 contains a ...)
+CVE-2017-4932
 	NOT-FOR-US: VMware
-CVE-2017-4931 (VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability ...)
+CVE-2017-4931
 	NOT-FOR-US: VMware
-CVE-2017-4930 (VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability ...)
+CVE-2017-4930
 	NOT-FOR-US: VMware
-CVE-2017-4929 (VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a ...)
+CVE-2017-4929
 	NOT-FOR-US: VMware
-CVE-2017-4928 (The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior ...)
+CVE-2017-4928
 	NOT-FOR-US: VMware
-CVE-2017-4927 (VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) ...)
+CVE-2017-4927
 	NOT-FOR-US: VMware
-CVE-2017-4926 (VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability ...)
+CVE-2017-4926
 	NOT-FOR-US: VMware
-CVE-2017-4925 (VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without ...)
+CVE-2017-4925
 	NOT-FOR-US: VMware
-CVE-2017-4924 (VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation ...)
+CVE-2017-4924
 	NOT-FOR-US: VMware
-CVE-2017-4923 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an information ...)
+CVE-2017-4923
 	NOT-FOR-US: VMware
-CVE-2017-4922 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an information ...)
+CVE-2017-4922
 	NOT-FOR-US: VMware
-CVE-2017-4921 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure ...)
+CVE-2017-4921
 	NOT-FOR-US: VMware
-CVE-2017-4920 (The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x ...)
+CVE-2017-4920
 	NOT-FOR-US: VMware
-CVE-2017-4919 (VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, ...)
+CVE-2017-4919
 	NOT-FOR-US: VMware vCenter Server
-CVE-2017-4918 (VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains ...)
+CVE-2017-4918
 	NOT-FOR-US: VMware
-CVE-2017-4917 (VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x ...)
+CVE-2017-4917
 	NOT-FOR-US: VMware
-CVE-2017-4916 (VMware Workstation Pro/Player contains a NULL pointer dereference ...)
+CVE-2017-4916
 	NOT-FOR-US: VMware
-CVE-2017-4915 (VMware Workstation Pro/Player contains an insecure library loading ...)
+CVE-2017-4915
 	NOT-FOR-US: VMware
-CVE-2017-4914 (VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x ...)
+CVE-2017-4914
 	NOT-FOR-US: VMware
-CVE-2017-4913 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
+CVE-2017-4913
 	NOT-FOR-US: VMware
-CVE-2017-4912 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
+CVE-2017-4912
 	NOT-FOR-US: VMware
-CVE-2017-4911 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
+CVE-2017-4911
 	NOT-FOR-US: VMware
-CVE-2017-4910 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
+CVE-2017-4910
 	NOT-FOR-US: VMware
-CVE-2017-4909 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
+CVE-2017-4909
 	NOT-FOR-US: VMware
-CVE-2017-4908 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
+CVE-2017-4908
 	NOT-FOR-US: VMware
-CVE-2017-4907 (VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and ...)
+CVE-2017-4907
 	NOT-FOR-US: VMware
 CVE-2017-4906
 	RESERVED
-CVE-2017-4905 (VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without ...)
+CVE-2017-4905
 	NOT-FOR-US: VMware
-CVE-2017-4904 (The XHCI controller in VMware ESXi 6.5 without patch ...)
+CVE-2017-4904
 	NOT-FOR-US: VMware
-CVE-2017-4903 (VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without ...)
+CVE-2017-4903
 	NOT-FOR-US: VMware
-CVE-2017-4902 (VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without ...)
+CVE-2017-4902
 	NOT-FOR-US: VMware
-CVE-2017-4901 (The drag-and-drop (DnD) function in VMware Workstation 12.x before ...)
+CVE-2017-4901
 	NOT-FOR-US: VMware
-CVE-2017-4900 (VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL ...)
+CVE-2017-4900
 	NOT-FOR-US: VMware
-CVE-2017-4899 (VMware Workstation Pro/Player 12.x before 12.5.3 contains a security ...)
+CVE-2017-4899
 	NOT-FOR-US: VMware
-CVE-2017-4898 (VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL ...)
+CVE-2017-4898
 	NOT-FOR-US: VMware
-CVE-2017-4897 (VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists ...)
+CVE-2017-4897
 	NOT-FOR-US: VMware Horizon DaaS
-CVE-2017-4896 (Airwatch Inbox for Android contains a vulnerability that may allow a ...)
+CVE-2017-4896
 	NOT-FOR-US: Airwatch Inbox for Android
-CVE-2017-4895 (Airwatch Agent for Android contains a vulnerability that may allow a ...)
+CVE-2017-4895
 	NOT-FOR-US: Airwatch Inbox for Android
 CVE-2017-4894
 	REJECTED
@@ -41516,17 +41514,17 @@ CVE-2017-4059
 	REJECTED
 CVE-2017-4058
 	REJECTED
-CVE-2017-4057 (Privilege Escalation vulnerability in the web interface in McAfee ...)
+CVE-2017-4057
 	NOT-FOR-US: McAfee
 CVE-2017-4056
 	REJECTED
-CVE-2017-4055 (Exploitation of Authentication vulnerability in the web interface in ...)
+CVE-2017-4055
 	NOT-FOR-US: McAfee
-CVE-2017-4054 (Command Injection vulnerability in the web interface in McAfee ...)
+CVE-2017-4054
 	NOT-FOR-US: McAfee
-CVE-2017-4053 (Command Injection vulnerability in the web interface in McAfee ...)
+CVE-2017-4053
 	NOT-FOR-US: McAfee
-CVE-2017-4052 (Authentication Bypass vulnerability in the web interface in McAfee ...)
+CVE-2017-4052
 	NOT-FOR-US: McAfee
 CVE-2017-4051
 	RESERVED
@@ -41574,7 +41572,7 @@ CVE-2017-4030
 	REJECTED
 CVE-2017-4029
 	REJECTED
-CVE-2017-4028 (Maliciously misconfigured registry vulnerability in all Microsoft ...)
+CVE-2017-4028
 	NOT-FOR-US: MacAfee
 CVE-2017-4027
 	REJECTED
@@ -41596,19 +41594,19 @@ CVE-2017-4019
 	REJECTED
 CVE-2017-4018
 	REJECTED
-CVE-2017-4017 (User Name Disclosure in the server in McAfee Network Data Loss ...)
+CVE-2017-4017
 	NOT-FOR-US: McAfee
-CVE-2017-4016 (Web Server method disclosure in the server in McAfee Network Data Loss ...)
+CVE-2017-4016
 	NOT-FOR-US: McAfee
-CVE-2017-4015 (Clickjacking vulnerability in the server in McAfee Network Data Loss ...)
+CVE-2017-4015
 	NOT-FOR-US: McAfee
-CVE-2017-4014 (Session Side jacking vulnerability in the server in McAfee Network ...)
+CVE-2017-4014
 	NOT-FOR-US: McAfee
-CVE-2017-4013 (Banner Disclosure in the server in McAfee Network Data Loss Prevention ...)
+CVE-2017-4013
 	NOT-FOR-US: McAfee
-CVE-2017-4012 (Privilege Escalation vulnerability in the server in McAfee Network ...)
+CVE-2017-4012
 	NOT-FOR-US: McAfee
-CVE-2017-4011 (Embedding Script (XSS) in HTTP Headers vulnerability in the server in ...)
+CVE-2017-4011
 	NOT-FOR-US: McAfee
 CVE-2017-4010
 	REJECTED
@@ -41670,7 +41668,7 @@ CVE-2017-3982
 	REJECTED
 CVE-2017-3981
 	REJECTED
-CVE-2017-3980 (A directory traversal vulnerability in the ePO Extension in McAfee ...)
+CVE-2017-3980
 	NOT-FOR-US: McAfee ePolicy Orchestrator
 CVE-2017-3979
 	REJECTED
@@ -41686,31 +41684,31 @@ CVE-2017-3974
 	REJECTED
 CVE-2017-3973
 	REJECTED
-CVE-2017-3972 (Infrastructure-based foot printing vulnerability in the web interface ...)
+CVE-2017-3972
 	NOT-FOR-US: McAfee
-CVE-2017-3971 (Cryptanalysis vulnerability in the web interface in McAfee Network ...)
+CVE-2017-3971
 	NOT-FOR-US: McAfee
 CVE-2017-3970
 	RESERVED
-CVE-2017-3969 (Abuse of communication channels vulnerability in the server in McAfee ...)
+CVE-2017-3969
 	NOT-FOR-US: McAfee
-CVE-2017-3968 (Session fixation vulnerability in the web interface in McAfee Network ...)
+CVE-2017-3968
 	NOT-FOR-US: McAfee
-CVE-2017-3967 (Target influence via framing vulnerability in the web interface in ...)
+CVE-2017-3967
 	NOT-FOR-US: McAfee
-CVE-2017-3966 (Exploitation of session variables, resource IDs and other trusted ...)
+CVE-2017-3966
 	NOT-FOR-US: McAfee
-CVE-2017-3965 (Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability ...)
+CVE-2017-3965
 	NOT-FOR-US: McAfee
-CVE-2017-3964 (Reflective Cross-Site Scripting (XSS) vulnerability in the web ...)
+CVE-2017-3964
 	NOT-FOR-US: McAfee
 CVE-2017-3963
 	REJECTED
-CVE-2017-3962 (Password recovery exploitation vulnerability in the ...)
+CVE-2017-3962
 	NOT-FOR-US: McAfee
-CVE-2017-3961 (Cross-Site Scripting (XSS) vulnerability in the web interface in ...)
+CVE-2017-3961
 	NOT-FOR-US: McAfee
-CVE-2017-3960 (Exploitation of Authorization vulnerability in the web interface in ...)
+CVE-2017-3960
 	NOT-FOR-US: McAfee
 CVE-2017-3959
 	REJECTED
@@ -41734,7 +41732,7 @@ CVE-2017-3950
 	REJECTED
 CVE-2017-3949
 	REJECTED
-CVE-2017-3948 (Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee ...)
+CVE-2017-3948
 	NOT-FOR-US: McAfee
 CVE-2017-3947
 	REJECTED
@@ -41758,13 +41756,13 @@ CVE-2017-3938
 	REJECTED
 CVE-2017-3937
 	RESERVED
-CVE-2017-3936 (OS Command Injection vulnerability in McAfee ePolicy Orchestrator ...)
+CVE-2017-3936
 	NOT-FOR-US: McAfee
-CVE-2017-3935 (Network Data Loss Prevention is vulnerable to MIME type sniffing which ...)
+CVE-2017-3935
 	NOT-FOR-US: McAfee Network Data Loss Prevention
-CVE-2017-3934 (Missing HTTP Strict Transport Security state information vulnerability ...)
+CVE-2017-3934
 	NOT-FOR-US: McAfee Network Data Loss Prevention
-CVE-2017-3933 (Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network ...)
+CVE-2017-3933
 	NOT-FOR-US: McAfee Network Data Loss Prevention
 CVE-2017-3932
 	RESERVED
@@ -41806,7 +41804,7 @@ CVE-2017-3914
 	RESERVED
 CVE-2017-3913
 	RESERVED
-CVE-2017-3912 (Bypassing password security vulnerability in McAfee Application and ...)
+CVE-2017-3912
 	NOT-FOR-US: McAfee
 CVE-2017-3911
 	RESERVED
@@ -41816,7 +41814,7 @@ CVE-2017-3909
 	RESERVED
 CVE-2017-3908
 	RESERVED
-CVE-2017-3907 (Code Injection vulnerability in the ePolicy Orchestrator (ePO) ...)
+CVE-2017-3907
 	NOT-FOR-US: McAfee
 CVE-2017-3906
 	RESERVED
@@ -41826,231 +41824,231 @@ CVE-2017-3904
 	RESERVED
 CVE-2017-3903
 	RESERVED
-CVE-2017-3902 (Cross-site scripting (XSS) vulnerability in the Web user interface ...)
+CVE-2017-3902
 	NOT-FOR-US: Intel Security ePO
 CVE-2017-3901
 	RESERVED
 CVE-2017-3900
 	RESERVED
-CVE-2017-3899 (SQL injection vulnerability in Intel Security Advanced Threat Defense ...)
+CVE-2017-3899
 	NOT-FOR-US: Intel antivirus
-CVE-2017-3898 (A man-in-the-middle attack vulnerability in the non-certificate-based ...)
+CVE-2017-3898
 	NOT-FOR-US: McAfee
-CVE-2017-3897 (A Code Injection vulnerability in the non-certificate-based ...)
+CVE-2017-3897
 	NOT-FOR-US: McAfee
-CVE-2017-3896 (Unvalidated parameter vulnerability in the remote log viewing ...)
+CVE-2017-3896
 	NOT-FOR-US: Intel McAfee
 CVE-2017-3895
 	REJECTED
-CVE-2017-3894 (A stored cross site scripting vulnerability in the Management Console ...)
+CVE-2017-3894
 	NOT-FOR-US: BlackBerry
-CVE-2017-3893 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the ...)
+CVE-2017-3893
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-3892 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an ...)
+CVE-2017-3892
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-3891 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an ...)
+CVE-2017-3891
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-3890 (A reflected cross-site scripting vulnerability in the BlackBerry ...)
+CVE-2017-3890
 	NOT-FOR-US: BlackBerry
-CVE-2017-3889 (A vulnerability in the web interface of the Cisco Registered Envelope ...)
+CVE-2017-3889
 	NOT-FOR-US: Cisco
-CVE-2017-3888 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2017-3888
 	NOT-FOR-US: Cisco
-CVE-2017-3887 (A vulnerability in the detection engine that handles Secure Sockets ...)
+CVE-2017-3887
 	NOT-FOR-US: Cisco
-CVE-2017-3886 (A vulnerability in the Cisco Unified Communications Manager web ...)
+CVE-2017-3886
 	NOT-FOR-US: Cisco
-CVE-2017-3885 (A vulnerability in the detection engine reassembly of Secure Sockets ...)
+CVE-2017-3885
 	NOT-FOR-US: Cisco
-CVE-2017-3884 (A vulnerability in the web interface of Cisco Prime Infrastructure and ...)
+CVE-2017-3884
 	NOT-FOR-US: Cisco
-CVE-2017-3883 (A vulnerability in the authentication, authorization, and accounting ...)
+CVE-2017-3883
 	NOT-FOR-US: Cisco
-CVE-2017-3882 (A vulnerability in the Universal Plug-and-Play (UPnP) implementation in ...)
+CVE-2017-3882
 	NOT-FOR-US: Cisco
-CVE-2017-3881 (A vulnerability in the Cisco Cluster Management Protocol (CMP) ...)
+CVE-2017-3881
 	NOT-FOR-US: Cisco
-CVE-2017-3880 (An Authentication Bypass vulnerability in Cisco WebEx Meetings Server ...)
+CVE-2017-3880
 	NOT-FOR-US: Cisco
-CVE-2017-3879 (A Denial of Service vulnerability in the remote login functionality for ...)
+CVE-2017-3879
 	NOT-FOR-US: Cisco
-CVE-2017-3878 (A Denial of Service vulnerability in the Telnet remote login ...)
+CVE-2017-3878
 	NOT-FOR-US: Cisco
-CVE-2017-3877 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2017-3877
 	NOT-FOR-US: Cisco
-CVE-2017-3876 (A vulnerability in the Event Management Service daemon (emsd) of Cisco ...)
+CVE-2017-3876
 	NOT-FOR-US: Cisco
-CVE-2017-3875 (An Access-Control Filtering Mechanisms Bypass vulnerability in certain ...)
+CVE-2017-3875
 	NOT-FOR-US: Cisco
-CVE-2017-3874 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2017-3874
 	NOT-FOR-US: Cisco
-CVE-2017-3873 (A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco ...)
+CVE-2017-3873
 	NOT-FOR-US: Cisco
-CVE-2017-3872 (A cross-site scripting (XSS) filter bypass vulnerability in the ...)
+CVE-2017-3872
 	NOT-FOR-US: Cisco
-CVE-2017-3871 (A RADIUS Secret Disclosure vulnerability in the web network management ...)
+CVE-2017-3871
 	NOT-FOR-US: Cisco
-CVE-2017-3870 (A vulnerability in the URL filtering feature of Cisco AsyncOS Software ...)
+CVE-2017-3870
 	NOT-FOR-US: Cisco
-CVE-2017-3869 (An API Credentials Management vulnerability in the APIs for Cisco Prime ...)
+CVE-2017-3869
 	NOT-FOR-US: Cisco
-CVE-2017-3868 (A vulnerability in the web-based management interface of Cisco UCS ...)
+CVE-2017-3868
 	NOT-FOR-US: Cisco
-CVE-2017-3867 (A vulnerability in the Border Gateway Protocol (BGP) Bidirectional ...)
+CVE-2017-3867
 	NOT-FOR-US: Cisco
-CVE-2017-3866 (A vulnerability in the web framework code of Cisco Prime Service ...)
+CVE-2017-3866
 	NOT-FOR-US: Cisco
-CVE-2017-3865 (A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR ...)
+CVE-2017-3865
 	NOT-FOR-US: Cisco
-CVE-2017-3864 (A vulnerability in the DHCP client implementation of Cisco IOS (12.2, ...)
+CVE-2017-3864
 	NOT-FOR-US: Cisco
-CVE-2017-3863 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 ...)
+CVE-2017-3863
 	NOT-FOR-US: Cisco
-CVE-2017-3862 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 ...)
+CVE-2017-3862
 	NOT-FOR-US: Cisco
-CVE-2017-3861 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 ...)
+CVE-2017-3861
 	NOT-FOR-US: Cisco
-CVE-2017-3860 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 ...)
+CVE-2017-3860
 	NOT-FOR-US: Cisco
-CVE-2017-3859 (A vulnerability in the DHCP code for the Zero Touch Provisioning ...)
+CVE-2017-3859
 	NOT-FOR-US: Cisco
-CVE-2017-3858 (A vulnerability in the web framework of Cisco IOS XE Software could ...)
+CVE-2017-3858
 	NOT-FOR-US: Cisco
-CVE-2017-3857 (A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing ...)
+CVE-2017-3857
 	NOT-FOR-US: Cisco
-CVE-2017-3856 (A vulnerability in the web user interface of Cisco IOS XE 3.1 through ...)
+CVE-2017-3856
 	NOT-FOR-US: Cisco
 CVE-2017-3855
 	RESERVED
-CVE-2017-3854 (A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) ...)
+CVE-2017-3854
 	NOT-FOR-US: Cisco
-CVE-2017-3853 (A vulnerability in the Data-in-Motion (DMo) process installed with the ...)
+CVE-2017-3853
 	NOT-FOR-US: Cisco
-CVE-2017-3852 (A vulnerability in the Cisco application-hosting framework (CAF) ...)
+CVE-2017-3852
 	NOT-FOR-US: Cisco
-CVE-2017-3851 (A Directory Traversal vulnerability in the web framework code of the ...)
+CVE-2017-3851
 	NOT-FOR-US: Cisco
-CVE-2017-3850 (A vulnerability in the Autonomic Networking Infrastructure (ANI) ...)
+CVE-2017-3850
 	NOT-FOR-US: Cisco
-CVE-2017-3849 (A vulnerability in the Autonomic Networking Infrastructure (ANI) ...)
+CVE-2017-3849
 	NOT-FOR-US: Cisco
-CVE-2017-3848 (A vulnerability in the HTTP web-based management interface of Cisco ...)
+CVE-2017-3848
 	NOT-FOR-US: Cisco
-CVE-2017-3847 (A vulnerability in the web framework of Cisco Firepower Management ...)
+CVE-2017-3847
 	NOT-FOR-US: Cisco
-CVE-2017-3846 (A vulnerability in the Client Manager Server of Cisco Workload ...)
+CVE-2017-3846
 	NOT-FOR-US: Cisco
-CVE-2017-3845 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2017-3845
 	NOT-FOR-US: Cisco
-CVE-2017-3844 (A vulnerability in exporting functions of the user interface for Cisco ...)
+CVE-2017-3844
 	NOT-FOR-US: Cisco
-CVE-2017-3843 (A vulnerability in the file download functions for Cisco Prime ...)
+CVE-2017-3843
 	NOT-FOR-US: Cisco
-CVE-2017-3842 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2017-3842
 	NOT-FOR-US: Cisco
-CVE-2017-3841 (A vulnerability in the web interface of the Cisco Secure Access Control ...)
+CVE-2017-3841
 	NOT-FOR-US: Cisco
-CVE-2017-3840 (A vulnerability in the web interface of the Cisco Secure Access Control ...)
+CVE-2017-3840
 	NOT-FOR-US: Cisco
-CVE-2017-3839 (An XML External Entity vulnerability in the web-based user interface of ...)
+CVE-2017-3839
 	NOT-FOR-US: Cisco
-CVE-2017-3838 (A vulnerability in Cisco Secure Access Control System (ACS) could allow ...)
+CVE-2017-3838
 	NOT-FOR-US: Cisco
-CVE-2017-3837 (An HTTP Packet Processing vulnerability in the Web Bridge interface of ...)
+CVE-2017-3837
 	NOT-FOR-US: Cisco
-CVE-2017-3836 (A vulnerability in the web framework Cisco Unified Communications ...)
+CVE-2017-3836
 	NOT-FOR-US: Cisco
-CVE-2017-3835 (A vulnerability in the sponsor portal of Cisco Identity Services Engine ...)
+CVE-2017-3835
 	NOT-FOR-US: Cisco
-CVE-2017-3834 (A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 ...)
+CVE-2017-3834
 	NOT-FOR-US: Cisco
-CVE-2017-3833 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2017-3833
 	NOT-FOR-US: Cisco
-CVE-2017-3832 (A vulnerability in the web management interface of Cisco Wireless LAN ...)
+CVE-2017-3832
 	NOT-FOR-US: Cisco
-CVE-2017-3831 (A vulnerability in the web-based GUI of Cisco Mobility Express 1800 ...)
+CVE-2017-3831
 	NOT-FOR-US: Cisco
-CVE-2017-3830 (A vulnerability in an internal API of the Cisco Meeting Server (CMS) ...)
+CVE-2017-3830
 	NOT-FOR-US: Cisco
-CVE-2017-3829 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2017-3829
 	NOT-FOR-US: Cisco
-CVE-2017-3828 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2017-3828
 	NOT-FOR-US: Cisco
-CVE-2017-3827 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
+CVE-2017-3827
 	NOT-FOR-US: Cisco
-CVE-2017-3826 (A vulnerability in the Stream Control Transmission Protocol (SCTP) ...)
+CVE-2017-3826
 	NOT-FOR-US: Cisco
-CVE-2017-3825 (A vulnerability in the ICMP ingress packet processing of Cisco ...)
+CVE-2017-3825
 	NOT-FOR-US: Cisco
-CVE-2017-3824 (A vulnerability in the handling of list headers in Cisco cBR Series ...)
+CVE-2017-3824
 	NOT-FOR-US: Cisco
-CVE-2017-3823 (An issue was discovered in the Cisco WebEx Extension before 1.0.7 on ...)
+CVE-2017-3823
 	NOT-FOR-US: Cisco
-CVE-2017-3822 (A vulnerability in the logging subsystem of the Cisco Firepower Threat ...)
+CVE-2017-3822
 	NOT-FOR-US: Cisco Firepower Threat Defense
-CVE-2017-3821 (A vulnerability in the serviceability page of Cisco Unified ...)
+CVE-2017-3821
 	NOT-FOR-US: Cisco
-CVE-2017-3820 (A vulnerability in Simple Network Management Protocol (SNMP) functions ...)
+CVE-2017-3820
 	NOT-FOR-US: Cisco IOS XE
-CVE-2017-3819 (A privilege escalation vulnerability in the Secure Shell (SSH) ...)
+CVE-2017-3819
 	NOT-FOR-US: Cisco
-CVE-2017-3818 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
+CVE-2017-3818
 	NOT-FOR-US: Cisco Email Security Appliances
-CVE-2017-3817 (A vulnerability in the role-based resource checking functionality of ...)
+CVE-2017-3817
 	NOT-FOR-US: Cisco
 CVE-2017-3816
 	RESERVED
-CVE-2017-3815 (An API Privilege vulnerability in Cisco TelePresence Server Software ...)
+CVE-2017-3815
 	NOT-FOR-US: Cisco
-CVE-2017-3814 (A vulnerability in Cisco Firepower System Software could allow an ...)
+CVE-2017-3814
 	NOT-FOR-US: Cisco Firepower System Software
-CVE-2017-3813 (A vulnerability in the Start Before Logon (SBL) module of Cisco ...)
+CVE-2017-3813
 	NOT-FOR-US: Cisco
-CVE-2017-3812 (A vulnerability in the implementation of Common Industrial Protocol ...)
+CVE-2017-3812
 	NOT-FOR-US: Cisco Industrial Ethernet 2000 Series Switches
-CVE-2017-3811 (An XML External Entity vulnerability in Cisco WebEx Meetings Server ...)
+CVE-2017-3811
 	NOT-FOR-US: Cisco
-CVE-2017-3810 (A vulnerability in the web framework of Cisco Prime Service Catalog ...)
+CVE-2017-3810
 	NOT-FOR-US: Cisco Prime Service Catalog
-CVE-2017-3809 (A vulnerability in the Policy deployment module of the Cisco Firepower ...)
+CVE-2017-3809
 	NOT-FOR-US: Cisco Firepower Management Center
-CVE-2017-3808 (A vulnerability in the Session Initiation Protocol (SIP) UDP throttling ...)
+CVE-2017-3808
 	NOT-FOR-US: Cisco
-CVE-2017-3807 (A vulnerability in Common Internet Filesystem (CIFS) code in the ...)
+CVE-2017-3807
 	NOT-FOR-US: Cisco
-CVE-2017-3806 (A vulnerability in CLI command processing in the Cisco Firepower 4100 ...)
+CVE-2017-3806
 	NOT-FOR-US: Cisco Firepower
-CVE-2017-3805 (A vulnerability in the web-based management interface of Cisco IOS and ...)
+CVE-2017-3805
 	NOT-FOR-US: Cisco IOS
-CVE-2017-3804 (A vulnerability in Intermediate System-to-Intermediate System (IS-IS) ...)
+CVE-2017-3804
 	NOT-FOR-US: Cisco
-CVE-2017-3803 (A vulnerability in the Cisco IOS Software forwarding queue of Cisco ...)
+CVE-2017-3803
 	NOT-FOR-US: Cisco
-CVE-2017-3802 (A vulnerability in Cisco Unified Communications Manager could allow an ...)
+CVE-2017-3802
 	NOT-FOR-US: Cisco
-CVE-2017-3801 (A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and ...)
+CVE-2017-3801
 	NOT-FOR-US: Cisco
-CVE-2017-3800 (A vulnerability in the content scanning engine of Cisco AsyncOS ...)
+CVE-2017-3800
 	NOT-FOR-US: Cisco Email Security Appliance
-CVE-2017-3799 (A vulnerability in a URL parameter of Cisco WebEx Meeting Center could ...)
+CVE-2017-3799
 	NOT-FOR-US: Cisco
-CVE-2017-3798 (A cross-site scripting (XSS) filter bypass vulnerability in the ...)
+CVE-2017-3798
 	NOT-FOR-US: Cisco
-CVE-2017-3797 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-3797
 	NOT-FOR-US: Cisco
-CVE-2017-3796 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-3796
 	NOT-FOR-US: Cisco
-CVE-2017-3795 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-3795
 	NOT-FOR-US: Cisco
-CVE-2017-3794 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2017-3794
 	NOT-FOR-US: Cisco
-CVE-2017-3793 (A vulnerability in the TCP normalizer of Cisco Adaptive Security ...)
+CVE-2017-3793
 	NOT-FOR-US: Cisco
-CVE-2017-3792 (A vulnerability in a proprietary device driver in the kernel of Cisco ...)
+CVE-2017-3792
 	NOT-FOR-US: Cisco TelePresence
-CVE-2017-3791 (A vulnerability in the web-based GUI of Cisco Prime Home could allow an ...)
+CVE-2017-3791
 	NOT-FOR-US: Cisco
-CVE-2017-3790 (A vulnerability in the received packet parser of Cisco Expressway ...)
+CVE-2017-3790
 	NOT-FOR-US: Cisco Expressway
 CVE-2017-3789
 	REJECTED
@@ -42078,83 +42076,83 @@ CVE-2017-3778
 	REJECTED
 CVE-2017-3777
 	REJECTED
-CVE-2017-3776 (Lenovo Help Android mobile app versions earlier than 6.1.2.0327 ...)
+CVE-2017-3776
 	NOT-FOR-US: Lenovo Help Android mobile app
-CVE-2017-3775 (Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode ...)
+CVE-2017-3775
 	NOT-FOR-US: Lenovo
-CVE-2017-3774 (A stack overflow vulnerability was discovered within the web ...)
+CVE-2017-3774
 	NOT-FOR-US: IBM
 CVE-2017-3773
 	REJECTED
 CVE-2017-3772
 	RESERVED
-CVE-2017-3771 (System boot process is not adequately secured In Lenovo E95 and ...)
+CVE-2017-3771
 	NOT-FOR-US: Lenovo
-CVE-2017-3770 (Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 ...)
+CVE-2017-3770
 	NOT-FOR-US: Lenovo LXCA
 CVE-2017-3769
 	RESERVED
-CVE-2017-3768 (An unprivileged attacker with connectivity to the IMM2 could cause a ...)
+CVE-2017-3768
 	NOT-FOR-US: IBM System x / IMM2
-CVE-2017-3767 (A local privilege escalation vulnerability was identified in the ...)
+CVE-2017-3767
 	NOT-FOR-US: Lenovo
 CVE-2017-3766
 	RESERVED
-CVE-2017-3765 (In Enterprise Networking Operating System (ENOS) in Lenovo and IBM ...)
+CVE-2017-3765
 	NOT-FOR-US: IBM RackSwitch and BladeCenter products
-CVE-2017-3764 (A vulnerability was identified in Lenovo XClarity Administrator (LXCA) ...)
+CVE-2017-3764
 	NOT-FOR-US: Lenovo XClarity Administrator
-CVE-2017-3763 (An attacker who obtains access to the location where the LXCA file ...)
+CVE-2017-3763
 	NOT-FOR-US: Lenovo LXCA
-CVE-2017-3762 (Sensitive data stored by Lenovo Fingerprint Manager Pro, version ...)
+CVE-2017-3762
 	NOT-FOR-US: Lenovo Fingerprint Manager Pro
-CVE-2017-3761 (The Lenovo Service Framework Android application executes some system ...)
+CVE-2017-3761
 	NOT-FOR-US: Lenovo
-CVE-2017-3760 (The Lenovo Service Framework Android application uses a set of ...)
+CVE-2017-3760
 	NOT-FOR-US: Lenovo
-CVE-2017-3759 (The Lenovo Service Framework Android application accepts some ...)
+CVE-2017-3759
 	NOT-FOR-US: Lenovo
-CVE-2017-3758 (Improper access controls on several Android components in the Lenovo ...)
+CVE-2017-3758
 	NOT-FOR-US: Lenovo
-CVE-2017-3757 (An unquoted service path vulnerability was identified in the driver ...)
+CVE-2017-3757
 	NOT-FOR-US: Lenovo
-CVE-2017-3756 (A privilege escalation vulnerability was identified in Lenovo Active ...)
+CVE-2017-3756
 	NOT-FOR-US: Lenovo
 CVE-2017-3755
 	RESERVED
-CVE-2017-3754 (Some Lenovo brand notebook systems do not have write protections ...)
+CVE-2017-3754
 	NOT-FOR-US: Lenovo
-CVE-2017-3753 (A vulnerability has been identified in some Lenovo products that use ...)
+CVE-2017-3753
 	NOT-FOR-US: Lenovo
-CVE-2017-3752 (An industry-wide vulnerability has been identified in the ...)
+CVE-2017-3752
 	NOT-FOR-US: Lenovo
-CVE-2017-3751 (An unquoted service path vulnerability was identified in the driver ...)
+CVE-2017-3751
 	NOT-FOR-US: driver for the ThinkPad Compact USB Keyboard with TrackPoint
-CVE-2017-3750 (On Lenovo VIBE mobile phones, the Lenovo Security Android application ...)
+CVE-2017-3750
 	NOT-FOR-US: Lenovo
-CVE-2017-3749 (On Lenovo VIBE mobile phones, the Idea Friend Android application ...)
+CVE-2017-3749
 	NOT-FOR-US: Lenovo
-CVE-2017-3748 (On Lenovo VIBE mobile phones, improper access controls on the ...)
+CVE-2017-3748
 	NOT-FOR-US: Lenovo
-CVE-2017-3747 (Privilege escalation vulnerability in Lenovo Nerve Center for Windows ...)
+CVE-2017-3747
 	NOT-FOR-US: Lenovo
-CVE-2017-3746 (ThinkPad USB 3.0 Ethernet Adapter (part number 4X90E51405) driver, ...)
+CVE-2017-3746
 	NOT-FOR-US: Lenovo
-CVE-2017-3745 (In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data ...)
+CVE-2017-3745
 	NOT-FOR-US: Lenovo
-CVE-2017-3744 (In the IMM2 firmware of Lenovo System x servers, remote commands ...)
+CVE-2017-3744
 	NOT-FOR-US: Lenovo
-CVE-2017-3743 (If multiple users are concurrently logged into a single system where ...)
+CVE-2017-3743
 	NOT-FOR-US: Lenovo
-CVE-2017-3742 (In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and ...)
+CVE-2017-3742
 	NOT-FOR-US: Lenovo
-CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a local user ...)
+CVE-2017-3741
 	NOT-FOR-US: Lenovo
-CVE-2017-3740 (In Lenovo Active Protection System before 1.82.0.14, an attacker with ...)
+CVE-2017-3740
 	NOT-FOR-US: Lenovo
 CVE-2017-3739
 	REJECTED
-CVE-2017-3738 (There is an overflow bug in the AVX2 Montgomery multiplication ...)
+CVE-2017-3738
 	{DSA-4065-1}
 	- openssl 1.1.0h-1 (low)
 	[stretch] - openssl 1.1.0f-3+deb9u2
@@ -42164,7 +42162,7 @@ CVE-2017-3738 (There is an overflow bug in the AVX2 Montgomery multiplication ..
 	NOTE: https://www.openssl.org/news/secadv/20171207.txt
 	NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=e502cc86df9dafded1694fceb3228ee34d11c11a
 	NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=ca51bafc1a88d8b8348f5fd97adc5d6ca93f8e76
-CVE-2017-3737 (OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an &quot;error ...)
+CVE-2017-3737
 	{DSA-4065-1}
 	- openssl 1.1.0b-2
 	[jessie] - openssl <not-affected> (Issue introduced in 1.0.2b)
@@ -42180,7 +42178,7 @@ CVE-2017-3737 (OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an &quot;
 	NOTE: mechanism at all.
 	NOTE: Hardening mechanism introduced in:
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=e4f77bf1833245d2b6aa4ce6a16c85e1cdf78589
-CVE-2017-3736 (There is a carry propagating bug in the x86_64 Montgomery squaring ...)
+CVE-2017-3736
 	{DSA-4017-1}
 	- openssl 1.1.0g-1
 	[stretch] - openssl 1.1.0f-3+deb9u1
@@ -42190,7 +42188,7 @@ CVE-2017-3736 (There is a carry propagating bug in the x86_64 Montgomery squarin
 	NOTE: https://www.openssl.org/news/secadv/20171102.txt
 	NOTE: Fix for 1.0.2: https://git.openssl.org/?p=openssl.git;a=commit;h=38d600147331d36e74174ebbd4008b63188b321b
 	NOTE: Fix for 1.1.0: https://git.openssl.org/?p=openssl.git;a=commit;h=4443cf7aa0099e5ce615c18cee249fff77fb0871
-CVE-2017-3735 (While parsing an IPAddressFamily extension in an X.509 certificate, it ...)
+CVE-2017-3735
 	{DSA-4018-1 DSA-4017-1 DLA-1157-1}
 	- openssl 1.1.0g-1
 	- openssl1.0 1.0.2m-1
@@ -42198,19 +42196,19 @@ CVE-2017-3735 (While parsing an IPAddressFamily extension in an X.509 certificat
 	NOTE: Fix for 1.1.0: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=068b963bb7afc57f5bdd723de0dd15e7795d5822
 CVE-2017-3734
 	REJECTED
-CVE-2017-3733 (During a renegotiation handshake if the Encrypt-Then-Mac extension is ...)
+CVE-2017-3733
 	- openssl 1.1.0e-1
 	[jessie] - openssl <not-affected> (Only affects 1.1)
 	[wheezy] - openssl <not-affected> (Only affects 1.1)
 	- openssl1.0 <not-affected> (Only affects 1.1)
 	NOTE: https://www.openssl.org/news/secadv/20170216.txt
-CVE-2017-3732 (There is a carry propagating bug in the x86_64 Montgomery squaring ...)
+CVE-2017-3732
 	- openssl 1.1.0d-1
 	[jessie] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	- openssl1.0 1.0.2k-1
 	NOTE: https://www.openssl.org/news/secadv/20170126.txt
-CVE-2017-3731 (If an SSL/TLS server or client is running on a 32-bit host, and a ...)
+CVE-2017-3731
 	{DSA-3773-1 DLA-814-1}
 	- openssl 1.1.0d-1
 	- openssl1.0 1.0.2k-1
@@ -42218,7 +42216,7 @@ CVE-2017-3731 (If an SSL/TLS server or client is running on a 32-bit host, and a
 	NOTE: Fix for 1.0.2: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=51d009043670a627d6abe66894126851cf3690e9
 	NOTE: Fix for 1.1.0: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=f3a7e57c92b2c9b87dc4b2997f2ebda6781300d0
 	NOTE: and https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=00d965474b22b54e4275232bc71ee0c699c5cd21
-CVE-2017-3730 (In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad ...)
+CVE-2017-3730
 	- openssl 1.1.0d-1
 	[jessie] - openssl <not-affected> (Only affects OpenSSL 1.1)
 	[wheezy] - openssl <not-affected> (Only affects OpenSSL 1.1)
@@ -42246,7 +42244,7 @@ CVE-2017-3720
 	RESERVED
 CVE-2017-3719
 	RESERVED
-CVE-2017-3718 (Improper setting of device configuration in system firmware for ...)
+CVE-2017-3718
 	NOT-FOR-US: Intel
 CVE-2017-3717
 	RESERVED
@@ -42376,150 +42374,150 @@ CVE-2017-3655
 	RESERVED
 CVE-2017-3654
 	RESERVED
-CVE-2017-3653 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3653
 	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3652 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3652
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3651 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3651
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3650 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3650
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3649 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3649
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3648 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3648
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3647 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3647
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3646 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3646
 	- mysql-5.7 5.7.17-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3645 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3645
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3644 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3644
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3643 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3643
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3642 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3642
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3641 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3641
 	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3640 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3640
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3639 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3639
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3638 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3638
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3637 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3637
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3636 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3636
 	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3635 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2017-3635
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3634 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3634
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3633 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3633
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3632 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3632
 	NOT-FOR-US: Oracle Solaris
-CVE-2017-3631 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3631
 	NOT-FOR-US: Solaris
-CVE-2017-3630 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3630
 	NOT-FOR-US: Solaris
-CVE-2017-3629 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3629
 	NOT-FOR-US: Solaris
 CVE-2017-3628
 	RESERVED
 CVE-2017-3627
 	RESERVED
-CVE-2017-3626 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-3626
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2017-3625 (Vulnerability in the Oracle WebCenter Content component of Oracle ...)
+CVE-2017-3625
 	NOT-FOR-US: Oracle
 CVE-2017-3624
 	RESERVED
-CVE-2017-3623 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3623
 	NOT-FOR-US: Solaris
-CVE-2017-3622 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3622
 	NOT-FOR-US: Solaris
-CVE-2017-3621 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-3621
 	NOT-FOR-US: Solaris
-CVE-2017-3620 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3620
 	NOT-FOR-US: Oracle
-CVE-2017-3619 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3619
 	NOT-FOR-US: Oracle
-CVE-2017-3618 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3618
 	NOT-FOR-US: Oracle
-CVE-2017-3617 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3617
 	NOT-FOR-US: Oracle
-CVE-2017-3616 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3616
 	NOT-FOR-US: Oracle
-CVE-2017-3615 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3615
 	NOT-FOR-US: Oracle
-CVE-2017-3614 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3614
 	NOT-FOR-US: Oracle
-CVE-2017-3613 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3613
 	NOT-FOR-US: Oracle
-CVE-2017-3612 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3612
 	NOT-FOR-US: Oracle
-CVE-2017-3611 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3611
 	NOT-FOR-US: Oracle
-CVE-2017-3610 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3610
 	NOT-FOR-US: Oracle
-CVE-2017-3609 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3609
 	NOT-FOR-US: Oracle
-CVE-2017-3608 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3608
 	NOT-FOR-US: Oracle
-CVE-2017-3607 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3607
 	NOT-FOR-US: Oracle
-CVE-2017-3606 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3606
 	NOT-FOR-US: Oracle
-CVE-2017-3605 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3605
 	NOT-FOR-US: Oracle
-CVE-2017-3604 (Vulnerability in the Data Store component of Oracle Berkeley DB. The ...)
+CVE-2017-3604
 	NOT-FOR-US: Oracle
-CVE-2017-3603 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3603
 	NOT-FOR-US: Oracle
-CVE-2017-3602 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3602
 	NOT-FOR-US: Oracle
-CVE-2017-3601 (Vulnerability in the Oracle API Gateway component of Oracle Fusion ...)
+CVE-2017-3601
 	NOT-FOR-US: Oracle
-CVE-2017-3600 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3600
 	{DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 <not-affected> (Fixed before initial upload to Debian)
 	- mariadb-10.0 10.0.28-1
@@ -42532,390 +42530,390 @@ CVE-2017-3600 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	NOTE: https://github.com/MariaDB/server/commit/5a43a31ee81bc181eeb5ef2bf0704befa6e0594d
 	NOTE: https://github.com/MariaDB/server/commit/01b39b7b0730102b88d8ea43ec719a75e9316a1e
 	NOTE: https://github.com/MariaDB/server/commit/383007c75d6ef5043fa5781956a6a02b24e2b79e
-CVE-2017-3599 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3599
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (ONly affects MySQL 5.6 and 5.7)
-CVE-2017-3598 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3598
 	NOT-FOR-US: Oracle
-CVE-2017-3597 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3597
 	NOT-FOR-US: Oracle
-CVE-2017-3596 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3596
 	NOT-FOR-US: Oracle
-CVE-2017-3595 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3595
 	NOT-FOR-US: Oracle
-CVE-2017-3594 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3594
 	NOT-FOR-US: Oracle
-CVE-2017-3593 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3593
 	NOT-FOR-US: Oracle
-CVE-2017-3592 (Vulnerability in the Oracle Payables component of Oracle E-Business ...)
+CVE-2017-3592
 	NOT-FOR-US: Oracle
-CVE-2017-3591 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3591
 	NOT-FOR-US: Oracle
-CVE-2017-3590 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2017-3590
 	- mysql-connector-python 2.1.6-1 (bug #861511)
 	[jessie] - mysql-connector-python <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-python <postponed> (Minor issue, can be fixed along in a future update)
-CVE-2017-3589 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2017-3589
 	{DSA-3857-1 DLA-945-1}
 	- mysql-connector-java 5.1.42-1
-CVE-2017-3588 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems ...)
+CVE-2017-3588
 	NOT-FOR-US: Oracle
-CVE-2017-3587 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3587
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3586 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2017-3586
 	{DSA-3857-1 DLA-945-1}
 	- mysql-connector-java 5.1.42-1
-CVE-2017-3585 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-3585
 	NOT-FOR-US: Solaris
-CVE-2017-3584 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-3584
 	NOT-FOR-US: Solaris
-CVE-2017-3583 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-3583
 	NOT-FOR-US: Oracle
-CVE-2017-3582 (Vulnerability in the Oracle SuperCluster Specific Software component ...)
+CVE-2017-3582
 	NOT-FOR-US: Solaris
-CVE-2017-3581 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3581
 	NOT-FOR-US: Oracle
-CVE-2017-3580 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-3580
 	NOT-FOR-US: Solaris
-CVE-2017-3579 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-3579
 	NOT-FOR-US: Oracle
-CVE-2017-3578 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2017-3578
 	NOT-FOR-US: Solaris
-CVE-2017-3577 (Vulnerability in the PeopleSoft Enterprise CS Campus Community ...)
+CVE-2017-3577
 	NOT-FOR-US: Oracle
-CVE-2017-3576 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3576
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3575 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3575
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3574 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-3574
 	NOT-FOR-US: Oracle
-CVE-2017-3573 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-3573
 	NOT-FOR-US: Oracle
-CVE-2017-3572 (Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce ...)
+CVE-2017-3572
 	NOT-FOR-US: Oracle
-CVE-2017-3571 (Vulnerability in the PeopleSoft Enterprise SCM eBill Payment component ...)
+CVE-2017-3571
 	NOT-FOR-US: Oracle
-CVE-2017-3570 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2017-3570
 	NOT-FOR-US: Oracle
-CVE-2017-3569 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-3569
 	NOT-FOR-US: Oracle
-CVE-2017-3568 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-3568
 	NOT-FOR-US: Oracle
-CVE-2017-3567 (Vulnerability in the OJVM component of Oracle Database Server. ...)
+CVE-2017-3567
 	NOT-FOR-US: Oracle
 CVE-2017-3566
 	RESERVED
-CVE-2017-3565 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3565
 	NOT-FOR-US: Solaris
-CVE-2017-3564 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3564
 	NOT-FOR-US: Solaris
-CVE-2017-3563 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3563
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3562 (Vulnerability in the Oracle Applications DBA component of Oracle ...)
+CVE-2017-3562
 	NOT-FOR-US: Oracle
-CVE-2017-3561 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3561
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3560 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-3560
 	NOT-FOR-US: Oracle
-CVE-2017-3559 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3559
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3558 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3558
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3557 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3557
 	NOT-FOR-US: Oracle
-CVE-2017-3556 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2017-3556
 	NOT-FOR-US: Oracle
-CVE-2017-3555 (Vulnerability in the Oracle iReceivables component of Oracle ...)
+CVE-2017-3555
 	NOT-FOR-US: Oracle
-CVE-2017-3554 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3554
 	NOT-FOR-US: Oracle
-CVE-2017-3553 (Vulnerability in the Oracle Identity Manager component of Oracle ...)
+CVE-2017-3553
 	NOT-FOR-US: Oracle
-CVE-2017-3552 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2017-3552
 	NOT-FOR-US: Oracle
-CVE-2017-3551 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3551
 	NOT-FOR-US: Solaris
-CVE-2017-3550 (Vulnerability in the Oracle Customer Interaction History component of ...)
+CVE-2017-3550
 	NOT-FOR-US: Oracle
-CVE-2017-3549 (Vulnerability in the Oracle Scripting component of Oracle E-Business ...)
+CVE-2017-3549
 	NOT-FOR-US: Oracle
-CVE-2017-3548 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3548
 	NOT-FOR-US: Oracle
-CVE-2017-3547 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3547
 	NOT-FOR-US: Oracle
-CVE-2017-3546 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3546
 	NOT-FOR-US: Oracle
-CVE-2017-3545 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3545
 	NOT-FOR-US: Oracle
-CVE-2017-3544 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-3544
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3543 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3543
 	NOT-FOR-US: Oracle
-CVE-2017-3542 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3542
 	NOT-FOR-US: Oracle
-CVE-2017-3541 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3541
 	NOT-FOR-US: Oracle
-CVE-2017-3540 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2017-3540
 	NOT-FOR-US: Oracle
-CVE-2017-3539 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-3539
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3538 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3538
 	- virtualbox 5.1.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3537 (Vulnerability in the Oracle Real-Time Scheduler component of Oracle ...)
+CVE-2017-3537
 	NOT-FOR-US: Oracle
-CVE-2017-3536 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3536
 	NOT-FOR-US: Oracle
-CVE-2017-3535 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3535
 	NOT-FOR-US: Oracle
-CVE-2017-3534 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3534
 	NOT-FOR-US: Oracle
-CVE-2017-3533 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-3533
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3532 (Vulnerability in the Oracle Retail Warehouse Management System ...)
+CVE-2017-3532
 	NOT-FOR-US: Oracle
-CVE-2017-3531 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-3531
 	NOT-FOR-US: Oracle
-CVE-2017-3530 (Vulnerability in the Oracle Transportation Manager component of Oracle ...)
+CVE-2017-3530
 	NOT-FOR-US: Oracle
-CVE-2017-3529 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3529
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3528 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
+CVE-2017-3528
 	NOT-FOR-US: Oracle
-CVE-2017-3527 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3527
 	NOT-FOR-US: Oracle
-CVE-2017-3526 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-3526
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3525 (Vulnerability in the PeopleSoft Enterprise SCM Service Procurement ...)
+CVE-2017-3525
 	NOT-FOR-US: Oracle
-CVE-2017-3524 (Vulnerability in the PeopleSoft Enterprise SCM Strategic Sourcing ...)
+CVE-2017-3524
 	NOT-FOR-US: Oracle
-CVE-2017-3523 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2017-3523
 	{DSA-3840-1 DLA-945-1}
 	- mysql-connector-java 5.1.41-1
 	NOTE: https://www.computest.nl/advisories/CT-2017-0425_MySQL-Connector-J.txt
-CVE-2017-3522 (Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection ...)
+CVE-2017-3522
 	NOT-FOR-US: Oracle
-CVE-2017-3521 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of ...)
+CVE-2017-3521
 	NOT-FOR-US: Oracle
-CVE-2017-3520 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3520
 	NOT-FOR-US: Oracle
-CVE-2017-3519 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3519
 	NOT-FOR-US: Oracle
-CVE-2017-3518 (Vulnerability in the Enterprise Manager Base Platform component of ...)
+CVE-2017-3518
 	NOT-FOR-US: Oracle
-CVE-2017-3517 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2017-3517
 	NOT-FOR-US: Oracle
-CVE-2017-3516 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3516
 	NOT-FOR-US: Solaris
-CVE-2017-3515 (Vulnerability in the Oracle User Management component of Oracle ...)
+CVE-2017-3515
 	NOT-FOR-US: Oracle
-CVE-2017-3514 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-3514
 	- openjdk-8 <not-affected> (Windows builds only)
 	- openjdk-7 <not-affected> (Windows builds only)
 	NOTE: Upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/95fd1952637b
-CVE-2017-3513 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3513
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3512 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-3512
 	- openjdk-8 <not-affected> (MacOSX builds only)
 	- openjdk-7 <not-affected> (MacOSX builds only)
 	NOTE: Upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c878d0baff4a
-CVE-2017-3511 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-3511
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3510 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3510
 	NOT-FOR-US: Solaris
-CVE-2017-3509 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-3509
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3508 (Vulnerability in the Primavera Gateway component of Oracle Primavera ...)
+CVE-2017-3508
 	NOT-FOR-US: Oracle
-CVE-2017-3507 (Vulnerability in the Oracle Service Bus component of Oracle Fusion ...)
+CVE-2017-3507
 	NOT-FOR-US: Oracle
-CVE-2017-3506 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-3506
 	NOT-FOR-US: Oracle
-CVE-2017-3505 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3505
 	NOT-FOR-US: Oracle
-CVE-2017-3504 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3504
 	NOT-FOR-US: Oracle
-CVE-2017-3503 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-3503
 	NOT-FOR-US: Oracle
-CVE-2017-3502 (Vulnerability in the PeopleSoft Enterprise FIN Receivables component ...)
+CVE-2017-3502
 	NOT-FOR-US: Oracle
-CVE-2017-3501 (Vulnerability in the Primavera Unifier component of Oracle Primavera ...)
+CVE-2017-3501
 	NOT-FOR-US: Oracle
-CVE-2017-3500 (Vulnerability in the Primavera Gateway component of Oracle Primavera ...)
+CVE-2017-3500
 	NOT-FOR-US: Oracle
-CVE-2017-3499 (Vulnerability in the Oracle Social Network component of Oracle Fusion ...)
+CVE-2017-3499
 	NOT-FOR-US: Oracle
-CVE-2017-3498 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3498
 	NOT-FOR-US: Solaris
-CVE-2017-3497 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3497
 	NOT-FOR-US: Solaris
-CVE-2017-3496 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2017-3496
 	NOT-FOR-US: Oracle
-CVE-2017-3495 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of ...)
+CVE-2017-3495
 	NOT-FOR-US: Oracle
-CVE-2017-3494 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3494
 	NOT-FOR-US: Oracle
-CVE-2017-3493 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2017-3493
 	NOT-FOR-US: Oracle
-CVE-2017-3492 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2017-3492
 	NOT-FOR-US: Oracle
-CVE-2017-3491 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2017-3491
 	NOT-FOR-US: Oracle
-CVE-2017-3490 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2017-3490
 	NOT-FOR-US: Oracle
-CVE-2017-3489 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2017-3489
 	NOT-FOR-US: Oracle
-CVE-2017-3488 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2017-3488
 	NOT-FOR-US: Oracle
-CVE-2017-3487 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2017-3487
 	NOT-FOR-US: Oracle
-CVE-2017-3486 (Vulnerability in the SQL*Plus component of Oracle Database Server. ...)
+CVE-2017-3486
 	NOT-FOR-US: Oracle
-CVE-2017-3485 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3485
 	NOT-FOR-US: Oracle
-CVE-2017-3484 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2017-3484
 	NOT-FOR-US: Oracle
-CVE-2017-3483 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2017-3483
 	NOT-FOR-US: Oracle
-CVE-2017-3482 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3482
 	NOT-FOR-US: Oracle
-CVE-2017-3481 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3481
 	NOT-FOR-US: Oracle
-CVE-2017-3480 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3480
 	NOT-FOR-US: Oracle
-CVE-2017-3479 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3479
 	NOT-FOR-US: Oracle
-CVE-2017-3478 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3478
 	NOT-FOR-US: Oracle
-CVE-2017-3477 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3477
 	NOT-FOR-US: Oracle
-CVE-2017-3476 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3476
 	NOT-FOR-US: Oracle
-CVE-2017-3475 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3475
 	NOT-FOR-US: Oracle
-CVE-2017-3474 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3474
 	NOT-FOR-US: Solaris
-CVE-2017-3473 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3473
 	NOT-FOR-US: Oracle
-CVE-2017-3472 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3472
 	NOT-FOR-US: Oracle
-CVE-2017-3471 (Vulnerability in the Oracle FLEXCUBE Private Banking component of ...)
+CVE-2017-3471
 	NOT-FOR-US: Oracle
-CVE-2017-3470 (Vulnerability in the Oracle Communications Security Gateway component ...)
+CVE-2017-3470
 	NOT-FOR-US: Oracle
-CVE-2017-3469 (Vulnerability in the MySQL Workbench component of Oracle MySQL ...)
+CVE-2017-3469
 	- mysql-workbench 6.3.10+dfsg-1 (low; bug #861487)
 	[stretch] - mysql-workbench <no-dsa> (Minor issue)
 	[jessie] - mysql-workbench <no-dsa> (Minor issue)
 	[wheezy] - mysql-workbench <no-dsa> (Minor issue)
-CVE-2017-3468 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3468
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3467 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3467
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3466
 	RESERVED
-CVE-2017-3465 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3465
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3464 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3464
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3463 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3463
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3462 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3462
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3461 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3461
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3460 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3460
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3459 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3459
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3458 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3458
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3457 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3457
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3456 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3456
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3455 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3455
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3454 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3454
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3453 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3453
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3452 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3452
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
-CVE-2017-3451 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
+CVE-2017-3451
 	NOT-FOR-US: Oracle
-CVE-2017-3450 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3450
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 CVE-2017-3449
@@ -42924,328 +42922,328 @@ CVE-2017-3448
 	RESERVED
 CVE-2017-3447
 	REJECTED
-CVE-2017-3446 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+CVE-2017-3446
 	NOT-FOR-US: Oracle
-CVE-2017-3445 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+CVE-2017-3445
 	NOT-FOR-US: Oracle
-CVE-2017-3444 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+CVE-2017-3444
 	NOT-FOR-US: Oracle
-CVE-2017-3443 (Vulnerability in the Oracle Common Applications component of Oracle ...)
+CVE-2017-3443
 	NOT-FOR-US: Oracle
-CVE-2017-3442 (Vulnerability in the Oracle Customer Interaction History component of ...)
+CVE-2017-3442
 	NOT-FOR-US: Oracle
-CVE-2017-3441 (Vulnerability in the Oracle Customer Interaction History component of ...)
+CVE-2017-3441
 	NOT-FOR-US: Oracle
-CVE-2017-3440 (Vulnerability in the Oracle Customer Interaction History component of ...)
+CVE-2017-3440
 	NOT-FOR-US: Oracle
-CVE-2017-3439 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3439
 	NOT-FOR-US: Oracle
-CVE-2017-3438 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3438
 	NOT-FOR-US: Oracle
-CVE-2017-3437 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3437
 	NOT-FOR-US: Oracle
-CVE-2017-3436 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3436
 	NOT-FOR-US: Oracle
-CVE-2017-3435 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3435
 	NOT-FOR-US: Oracle
-CVE-2017-3434 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3434
 	NOT-FOR-US: Oracle
-CVE-2017-3433 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3433
 	NOT-FOR-US: Oracle
-CVE-2017-3432 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3432
 	NOT-FOR-US: Oracle
-CVE-2017-3431 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3431
 	NOT-FOR-US: Oracle
-CVE-2017-3430 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3430
 	NOT-FOR-US: Oracle
-CVE-2017-3429 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3429
 	NOT-FOR-US: Oracle
-CVE-2017-3428 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3428
 	NOT-FOR-US: Oracle
-CVE-2017-3427 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3427
 	NOT-FOR-US: Oracle
-CVE-2017-3426 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3426
 	NOT-FOR-US: Oracle
-CVE-2017-3425 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3425
 	NOT-FOR-US: Oracle
-CVE-2017-3424 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3424
 	NOT-FOR-US: Oracle
-CVE-2017-3423 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3423
 	NOT-FOR-US: Oracle
-CVE-2017-3422 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3422
 	NOT-FOR-US: Oracle
-CVE-2017-3421 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3421
 	NOT-FOR-US: Oracle
-CVE-2017-3420 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2017-3420
 	NOT-FOR-US: Oracle
-CVE-2017-3419 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2017-3419
 	NOT-FOR-US: Oracle
-CVE-2017-3418 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2017-3418
 	NOT-FOR-US: Oracle
-CVE-2017-3417 (Vulnerability in the Oracle Universal Work Queue component of Oracle ...)
+CVE-2017-3417
 	NOT-FOR-US: Oracle
-CVE-2017-3416 (Vulnerability in the Oracle Universal Work Queue component of Oracle ...)
+CVE-2017-3416
 	NOT-FOR-US: Oracle
-CVE-2017-3415 (Vulnerability in the Oracle Universal Work Queue component of Oracle ...)
+CVE-2017-3415
 	NOT-FOR-US: Oracle
-CVE-2017-3414 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3414
 	NOT-FOR-US: Oracle
-CVE-2017-3413 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3413
 	NOT-FOR-US: Oracle
-CVE-2017-3412 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3412
 	NOT-FOR-US: Oracle
-CVE-2017-3411 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3411
 	NOT-FOR-US: Oracle
-CVE-2017-3410 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3410
 	NOT-FOR-US: Oracle
-CVE-2017-3409 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3409
 	NOT-FOR-US: Oracle
-CVE-2017-3408 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3408
 	NOT-FOR-US: Oracle
-CVE-2017-3407 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3407
 	NOT-FOR-US: Oracle
-CVE-2017-3406 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3406
 	NOT-FOR-US: Oracle
-CVE-2017-3405 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3405
 	NOT-FOR-US: Oracle
-CVE-2017-3404 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3404
 	NOT-FOR-US: Oracle
-CVE-2017-3403 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3403
 	NOT-FOR-US: Oracle
-CVE-2017-3402 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3402
 	NOT-FOR-US: Oracle
-CVE-2017-3401 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3401
 	NOT-FOR-US: Oracle
-CVE-2017-3400 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3400
 	NOT-FOR-US: Oracle
-CVE-2017-3399 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3399
 	NOT-FOR-US: Oracle
-CVE-2017-3398 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3398
 	NOT-FOR-US: Oracle
-CVE-2017-3397 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3397
 	NOT-FOR-US: Oracle
-CVE-2017-3396 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3396
 	NOT-FOR-US: Oracle
-CVE-2017-3395 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3395
 	NOT-FOR-US: Oracle
-CVE-2017-3394 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3394
 	NOT-FOR-US: Oracle
-CVE-2017-3393 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3393
 	NOT-FOR-US: Oracle
-CVE-2017-3392 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3392
 	NOT-FOR-US: Oracle
-CVE-2017-3391 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3391
 	NOT-FOR-US: Oracle
-CVE-2017-3390 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3390
 	NOT-FOR-US: Oracle
-CVE-2017-3389 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3389
 	NOT-FOR-US: Oracle
-CVE-2017-3388 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3388
 	NOT-FOR-US: Oracle
-CVE-2017-3387 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3387
 	NOT-FOR-US: Oracle
-CVE-2017-3386 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3386
 	NOT-FOR-US: Oracle
-CVE-2017-3385 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3385
 	NOT-FOR-US: Oracle
-CVE-2017-3384 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3384
 	NOT-FOR-US: Oracle
-CVE-2017-3383 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3383
 	NOT-FOR-US: Oracle
-CVE-2017-3382 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3382
 	NOT-FOR-US: Oracle
-CVE-2017-3381 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3381
 	NOT-FOR-US: Oracle
-CVE-2017-3380 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3380
 	NOT-FOR-US: Oracle
-CVE-2017-3379 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3379
 	NOT-FOR-US: Oracle
-CVE-2017-3378 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3378
 	NOT-FOR-US: Oracle
-CVE-2017-3377 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3377
 	NOT-FOR-US: Oracle
-CVE-2017-3376 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3376
 	NOT-FOR-US: Oracle
-CVE-2017-3375 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3375
 	NOT-FOR-US: Oracle
-CVE-2017-3374 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3374
 	NOT-FOR-US: Oracle
-CVE-2017-3373 (Vulnerability in the Oracle Advanced Outbound Telephony component of ...)
+CVE-2017-3373
 	NOT-FOR-US: Oracle
-CVE-2017-3372 (Vulnerability in the Oracle Interaction Blending component of Oracle ...)
+CVE-2017-3372
 	NOT-FOR-US: Oracle
-CVE-2017-3371 (Vulnerability in the Oracle iSupport component of Oracle E-Business ...)
+CVE-2017-3371
 	NOT-FOR-US: Oracle
-CVE-2017-3370 (Vulnerability in the Oracle iSupport component of Oracle E-Business ...)
+CVE-2017-3370
 	NOT-FOR-US: Oracle
-CVE-2017-3369 (Vulnerability in the Oracle iSupport component of Oracle E-Business ...)
+CVE-2017-3369
 	NOT-FOR-US: Oracle
-CVE-2017-3368 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-3368
 	NOT-FOR-US: Oracle
-CVE-2017-3367 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-3367
 	NOT-FOR-US: Oracle
-CVE-2017-3366 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-3366
 	NOT-FOR-US: Oracle
-CVE-2017-3365 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-3365
 	NOT-FOR-US: Oracle
-CVE-2017-3364 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-3364
 	NOT-FOR-US: Oracle
-CVE-2017-3363 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-3363
 	NOT-FOR-US: Oracle
-CVE-2017-3362 (Vulnerability in the Oracle Knowledge Management component of Oracle ...)
+CVE-2017-3362
 	NOT-FOR-US: Oracle
-CVE-2017-3361 (Vulnerability in the Oracle Installed Base component of Oracle ...)
+CVE-2017-3361
 	NOT-FOR-US: Oracle
-CVE-2017-3360 (Vulnerability in the Oracle Customer Intelligence component of Oracle ...)
+CVE-2017-3360
 	NOT-FOR-US: Oracle
-CVE-2017-3359 (Vulnerability in the Oracle Customer Intelligence component of Oracle ...)
+CVE-2017-3359
 	NOT-FOR-US: Oracle
-CVE-2017-3358 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3358
 	NOT-FOR-US: Oracle
-CVE-2017-3357 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3357
 	NOT-FOR-US: Oracle
-CVE-2017-3356 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3356
 	NOT-FOR-US: Oracle
-CVE-2017-3355 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3355
 	NOT-FOR-US: Oracle
-CVE-2017-3354 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3354
 	NOT-FOR-US: Oracle
-CVE-2017-3353 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3353
 	NOT-FOR-US: Oracle
-CVE-2017-3352 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3352
 	NOT-FOR-US: Oracle
-CVE-2017-3351 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3351
 	NOT-FOR-US: Oracle
-CVE-2017-3350 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3350
 	NOT-FOR-US: Oracle
-CVE-2017-3349 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3349
 	NOT-FOR-US: Oracle
-CVE-2017-3348 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3348
 	NOT-FOR-US: Oracle
-CVE-2017-3347 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3347
 	NOT-FOR-US: Oracle
-CVE-2017-3346 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3346
 	NOT-FOR-US: Oracle
-CVE-2017-3345 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3345
 	NOT-FOR-US: Oracle
-CVE-2017-3344 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3344
 	NOT-FOR-US: Oracle
-CVE-2017-3343 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3343
 	NOT-FOR-US: Oracle
-CVE-2017-3342 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3342
 	NOT-FOR-US: Oracle
-CVE-2017-3341 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3341
 	NOT-FOR-US: Oracle
-CVE-2017-3340 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3340
 	NOT-FOR-US: Oracle
-CVE-2017-3339 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3339
 	NOT-FOR-US: Oracle
-CVE-2017-3338 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3338
 	NOT-FOR-US: Oracle
-CVE-2017-3337 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3337
 	NOT-FOR-US: Oracle
-CVE-2017-3336 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3336
 	NOT-FOR-US: Oracle
-CVE-2017-3335 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3335
 	NOT-FOR-US: Oracle
-CVE-2017-3334 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3334
 	NOT-FOR-US: Oracle
-CVE-2017-3333 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2017-3333
 	NOT-FOR-US: Oracle
-CVE-2017-3332 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3332
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3331 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3331
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3330 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-3330
 	NOT-FOR-US: Oracle Siebel
-CVE-2017-3329 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3329
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3328 (Vulnerability in the Oracle Common Applications component of Oracle ...)
+CVE-2017-3328
 	NOT-FOR-US: Oracle
-CVE-2017-3327 (Vulnerability in the Oracle Common Applications component of Oracle ...)
+CVE-2017-3327
 	NOT-FOR-US: Oracle
-CVE-2017-3326 (Vulnerability in the Oracle Common Applications component of Oracle ...)
+CVE-2017-3326
 	NOT-FOR-US: Oracle
-CVE-2017-3325 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-3325
 	NOT-FOR-US: Oracle Siebel
-CVE-2017-3324 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-3324
 	NOT-FOR-US: Oracle Primavera
-CVE-2017-3323 (Vulnerability in the MySQL Cluster component of Oracle MySQL ...)
+CVE-2017-3323
 	NOT-FOR-US: MySQL Cluster
-CVE-2017-3322 (Vulnerability in the MySQL Cluster component of Oracle MySQL ...)
+CVE-2017-3322
 	NOT-FOR-US: MySQL Cluster
-CVE-2017-3321 (Vulnerability in the MySQL Cluster component of Oracle MySQL ...)
+CVE-2017-3321
 	NOT-FOR-US: MySQL Cluster
-CVE-2017-3320 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3320
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3319 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3319
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3318 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3318
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3317 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3317
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3316 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3316
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3315 (Vulnerability in the PeopleSoft Enterprise HCM ePerformance component ...)
+CVE-2017-3315
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3314 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3314
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3313 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3313
 	{DSA-3809-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3312 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3312
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3311 (Vulnerability in the Application Testing Suite component of Oracle ...)
+CVE-2017-3311
 	NOT-FOR-US: Oracle
-CVE-2017-3310 (Vulnerability in the OJVM component of Oracle Database Server. ...)
+CVE-2017-3310
 	NOT-FOR-US: Oracle
-CVE-2017-3309 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3309
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3308 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3308
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3307 (Vulnerability in the MySQL Enterprise Monitor component of Oracle ...)
+CVE-2017-3307
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2017-3306 (Vulnerability in the MySQL Enterprise Monitor component of Oracle ...)
+CVE-2017-3306
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2017-3305 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3305
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 <not-affected> (Fixed before the initial release to Debian)
 	- mysql-5.5 <removed> (bug #860544)
@@ -43257,11 +43255,11 @@ CVE-2017-3305 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	NOTE: opening CVE-2017-3305.
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1217506#c22
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/17/4
-CVE-2017-3304 (Vulnerability in the MySQL Cluster component of Oracle MySQL ...)
+CVE-2017-3304
 	- mysql-cluster <itp> (bug #833356)
-CVE-2017-3303 (Vulnerability in the Oracle XML Gateway component of Oracle E-Business ...)
+CVE-2017-3303
 	NOT-FOR-US: Oracle
-CVE-2017-3302 (Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x ...)
+CVE-2017-3302
 	{DSA-3834-1 DSA-3809-1 DLA-916-1 DLA-819-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
@@ -43273,132 +43271,132 @@ CVE-2017-3302 (Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.
 	NOTE: https://bugs.mysql.com/bug.php?id=70429
 	NOTE: https://bugs.mysql.com/bug.php?id=63363
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/28/1
-CVE-2017-3301 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3301
 	NOT-FOR-US: Solaris
-CVE-2017-3300 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3300
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3299 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3299
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3298 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3298
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3297 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of ...)
+CVE-2017-3297
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3296 (Vulnerability in the Oracle Commerce Platform component of Oracle ...)
+CVE-2017-3296
 	NOT-FOR-US: Oracle Commerce
-CVE-2017-3295 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3295
 	NOT-FOR-US: Oracle
-CVE-2017-3294 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3294
 	NOT-FOR-US: Oracle
-CVE-2017-3293 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3293
 	NOT-FOR-US: Oracle
-CVE-2017-3292 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2017-3292
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3291 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3291
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3290 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2017-3290
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3289 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-3289
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
-CVE-2017-3288 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2017-3288
 	NOT-FOR-US: Oracle
-CVE-2017-3287 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2017-3287
 	NOT-FOR-US: Oracle
-CVE-2017-3286 (Vulnerability in the Oracle Applications DBA component of Oracle ...)
+CVE-2017-3286
 	NOT-FOR-US: Oracle
-CVE-2017-3285 (Vulnerability in the Oracle Service Fulfillment Manager component of ...)
+CVE-2017-3285
 	NOT-FOR-US: Oracle
-CVE-2017-3284 (Vulnerability in the Oracle Service Fulfillment Manager component of ...)
+CVE-2017-3284
 	NOT-FOR-US: Oracle
-CVE-2017-3283 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2017-3283
 	NOT-FOR-US: Oracle
-CVE-2017-3282 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2017-3282
 	NOT-FOR-US: Oracle
-CVE-2017-3281 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2017-3281
 	NOT-FOR-US: Oracle
-CVE-2017-3280 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2017-3280
 	NOT-FOR-US: Oracle
-CVE-2017-3279 (Vulnerability in the Oracle Leads Management component of Oracle ...)
+CVE-2017-3279
 	NOT-FOR-US: Oracle
-CVE-2017-3278 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2017-3278
 	NOT-FOR-US: Oracle
-CVE-2017-3277 (Vulnerability in the Oracle Applications Manager component of Oracle ...)
+CVE-2017-3277
 	NOT-FOR-US: Oracle
-CVE-2017-3276 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2017-3276
 	NOT-FOR-US: Solaris
-CVE-2017-3275 (Vulnerability in the Oracle Email Center component of Oracle ...)
+CVE-2017-3275
 	NOT-FOR-US: Oracle
-CVE-2017-3274 (Vulnerability in the Oracle Email Center component of Oracle ...)
+CVE-2017-3274
 	NOT-FOR-US: Oracle
-CVE-2017-3273 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3273
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3272 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-3272
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3271 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3271
 	NOT-FOR-US: Oracle
-CVE-2017-3270 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3270
 	NOT-FOR-US: Oracle
-CVE-2017-3269 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3269
 	NOT-FOR-US: Oracle
-CVE-2017-3268 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3268
 	NOT-FOR-US: Oracle
-CVE-2017-3267 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3267
 	NOT-FOR-US: Oracle
-CVE-2017-3266 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2017-3266
 	NOT-FOR-US: Oracle
-CVE-2017-3265 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3265
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3264 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2017-3264
 	NOT-FOR-US: Oracle Siebel
-CVE-2017-3263 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2017-3263
 	NOT-FOR-US: Oracle Primavera
-CVE-2017-3262 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-3262
 	- openjdk-8 <not-affected> (specific to Oracle Java)
-CVE-2017-3261 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-3261
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3260 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-3260
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
-CVE-2017-3259 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2017-3259
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2017-3258 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3258
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3257 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3257
 	{DSA-3770-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.21-1 (bug #851759)
@@ -43406,98 +43404,98 @@ CVE-2017-3257 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3256 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3256
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3255 (Vulnerability in the Oracle JDeveloper component of Oracle Fusion ...)
+CVE-2017-3255
 	NOT-FOR-US: Oracle
-CVE-2017-3254 (Vulnerability in the Oracle Retail Invoice Matching component of ...)
+CVE-2017-3254
 	NOT-FOR-US: Oracle
-CVE-2017-3253 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-3253
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3252 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-3252
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3251 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3251
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3250 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-3250
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-3249 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-3249
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-3248 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2017-3248
 	NOT-FOR-US: Oracle
-CVE-2017-3247 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-3247
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-3246 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2017-3246
 	NOT-FOR-US: Oracle
-CVE-2017-3245 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of ...)
+CVE-2017-3245
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3244 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3244
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3243 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3243
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3242 (Vulnerability in the Oracle VM Server for Sparc component of Oracle ...)
+CVE-2017-3242
 	NOT-FOR-US: Solaris
-CVE-2017-3241 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2017-3241
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3240 (Vulnerability in the RDBMS Security component of Oracle Database ...)
+CVE-2017-3240
 	NOT-FOR-US: Oracle
-CVE-2017-3239 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2017-3239
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2017-3238 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2017-3238
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3237 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3237
 	NOT-FOR-US: Oracle
-CVE-2017-3236 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3236
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3235 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2017-3235
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3234 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3234
 	NOT-FOR-US: Oracle
-CVE-2017-3233 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3233
 	NOT-FOR-US: Oracle
-CVE-2017-3232 (Vulnerability in the Automatic Service Request (ASR) component of ...)
+CVE-2017-3232
 	NOT-FOR-US: Oracle
-CVE-2017-3231 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2017-3231
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3230 (Vulnerability in the Oracle Fusion Middleware MapViewer component of ...)
+CVE-2017-3230
 	NOT-FOR-US: Oracle
 CVE-2017-3229
 	REJECTED
@@ -43505,7 +43503,7 @@ CVE-2017-3228
 	REJECTED
 CVE-2017-3227
 	RESERVED
-CVE-2017-3226 (Das U-Boot is a device bootloader that can read its configuration from ...)
+CVE-2017-3226
 	- u-boot <unfixed> (unimportant)
 	[wheezy] - u-boot <not-affected> (Vulnerable code do not exist)
 	NOTE: jessie+ no built targets use ENV_AES by default, but fw_printenv/fw_setenv
@@ -43513,7 +43511,7 @@ CVE-2017-3226 (Das U-Boot is a device bootloader that can read its configuration
 	NOTE: it in future versions.
 	NOTE: https://www.kb.cert.org/vuls/id/166743
 	NOTE: Negligible security impact
-CVE-2017-3225 (Das U-Boot is a device bootloader that can read its configuration from ...)
+CVE-2017-3225
 	- u-boot <unfixed> (unimportant)
 	[wheezy] - u-boot <not-affected> (Vulnerable code do not exist)
 	NOTE: jessie+ no built targets use ENV_AES by default, but fw_printenv/fw_setenv
@@ -43521,103 +43519,103 @@ CVE-2017-3225 (Das U-Boot is a device bootloader that can read its configuration
 	NOTE: it in future versions.
 	NOTE: https://www.kb.cert.org/vuls/id/166743
 	NOTE: Negligible security impact
-CVE-2017-3224 (Open Shortest Path First (OSPF) protocol implementations may ...)
+CVE-2017-3224
 	- quagga <unfixed> (low; bug #871617)
 	[buster] - quagga <no-dsa> (Minor issue)
 	[stretch] - quagga <no-dsa> (Minor issue)
 	[jessie] - quagga <no-dsa> (Minor issue)
 	[wheezy] - quagga <no-dsa> (Minor issue)
 	NOTE: http://www.kb.cert.org/vuls/id/793496
-CVE-2017-3223 (Dahua IP camera products using firmware versions prior to ...)
+CVE-2017-3223
 	NOT-FOR-US: Dahua IP camera products
-CVE-2017-3222 (Hard-coded credentials in AmosConnect 8 allow remote attackers to gain ...)
+CVE-2017-3222
 	NOT-FOR-US: AmosConnect
-CVE-2017-3221 (Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote ...)
+CVE-2017-3221
 	NOT-FOR-US: AmosConnect
 CVE-2017-3220
 	RESERVED
-CVE-2017-3219 (Acronis True Image up to and including version 2017 Build 8053 ...)
+CVE-2017-3219
 	NOT-FOR-US: Acronis True Image
-CVE-2017-3218 (Samsung Magician 5.0 fails to validate TLS certificates for HTTPS ...)
+CVE-2017-3218
 	NOT-FOR-US: Samsung
-CVE-2017-3217 (CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text ...)
+CVE-2017-3217
 	NOT-FOR-US: CalAmp LMU 3030 series OBD-II CDMA and GSM devices
-CVE-2017-3216 (WiMAX routers based on the MediaTek SDK (libmtk) that use a custom ...)
+CVE-2017-3216
 	NOT-FOR-US: WiMAX routers
-CVE-2017-3215 (The Milwaukee ONE-KEY Android mobile application uses bearer tokens ...)
+CVE-2017-3215
 	NOT-FOR-US: Milwaukee ONE-KEY Android mobile application
-CVE-2017-3214 (The Milwaukee ONE-KEY Android mobile application stores the master ...)
+CVE-2017-3214
 	NOT-FOR-US: Milwaukee ONE-KEY Android mobile application
-CVE-2017-3213 (The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify ...)
+CVE-2017-3213
 	NOT-FOR-US: Think Mutual Bank Mobile Banking app
-CVE-2017-3212 (The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for ...)
+CVE-2017-3212
 	NOT-FOR-US: Space Coast Credit Union Mobile app
 CVE-2017-3211
 	RESERVED
-CVE-2017-3210 (Applications developed using the Portrait Display SDK, versions 2.30 ...)
+CVE-2017-3210
 	NOT-FOR-US: Portrait Display SDK
-CVE-2017-3209 (The DBPOWER U818A WIFI quadcopter drone provides FTP access over its ...)
+CVE-2017-3209
 	NOT-FOR-US: DBPOWER U818A WIFI quadcopter drone
-CVE-2017-3208 (The Java implementation of AMF3 deserializers used by WebORB for Java ...)
+CVE-2017-3208
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3207 (The Java implementations of AMF3 deserializers in WebORB for Java by ...)
+CVE-2017-3207
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3206 (The Java implementation of AMF3 deserializers used by Flamingo ...)
+CVE-2017-3206
 	NOT-FOR-US: AMF3 deserialisers
 CVE-2017-3205
 	RESERVED
-CVE-2017-3204 (The Go SSH library (x/crypto/ssh) by default does not verify host ...)
+CVE-2017-3204
 	- golang-go.crypto 1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1 (bug #859655)
 	[jessie] - golang-go.crypto <no-dsa> (In jessie no rdeps using SSH, that version doesn't even support host key validation)
 	NOTE: https://github.com/golang/crypto/commit/e4e2799dd7aab89f583e1d898300d96367750991
 	NOTE: https://github.com/golang/go/issues/19767
-CVE-2017-3203 (The Java implementations of AMF3 deserializers in Pivotal/Spring ...)
+CVE-2017-3203
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3202 (The Java implementation of AMF3 deserializers used in Flamingo ...)
+CVE-2017-3202
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3201 (The Java implementation of AMF3 deserializers used in Flamingo ...)
+CVE-2017-3201
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3200 (The Java implementation of AMF3 deserializers used in GraniteDS, ...)
+CVE-2017-3200
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3199 (The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 ...)
+CVE-2017-3199
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3198 (GIGABYTE BRIX UEFI firmware does not cryptographically validate images ...)
+CVE-2017-3198
 	NOT-FOR-US: GIGABYTE
-CVE-2017-3197 (GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and ...)
+CVE-2017-3197
 	NOT-FOR-US: GIGABYTE
-CVE-2017-3196 (PCAUSA Rawether framework does not properly validate BPF data, ...)
+CVE-2017-3196
 	NOT-FOR-US: PCAUSA Rawether
-CVE-2017-3195 (Commvault Edge Communication Service (cvd) prior to version 11 SP7 or ...)
+CVE-2017-3195
 	NOT-FOR-US: Commvault Edge Communication Service
-CVE-2017-3194 (Pandora iOS app prior to version 8.3.2 fails to properly validate SSL ...)
+CVE-2017-3194
 	NOT-FOR-US: Pandora iOS app
-CVE-2017-3193 (Multiple D-Link devices including the DIR-850L firmware versions ...)
+CVE-2017-3193
 	NOT-FOR-US: D-Link
-CVE-2017-3192 (D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 ...)
+CVE-2017-3192
 	NOT-FOR-US: D-Link
-CVE-2017-3191 (D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 ...)
+CVE-2017-3191
 	NOT-FOR-US: D-Link
-CVE-2017-3190 (Flash Seats Mobile App for Android version 1.7.9 and earlier and for ...)
+CVE-2017-3190
 	NOT-FOR-US: Flash Seats Mobile App
-CVE-2017-3189 (The dotCMS administration panel, versions 3.7.1 and earlier, &quot;Push ...)
+CVE-2017-3189
 	NOT-FOR-US: dotCMS
-CVE-2017-3188 (The dotCMS administration panel, versions 3.7.1 and earlier, &quot;Push ...)
+CVE-2017-3188
 	NOT-FOR-US: dotCMS
-CVE-2017-3187 (The dotCMS administration panel, versions 3.7.1 and earlier, are ...)
+CVE-2017-3187
 	NOT-FOR-US: dotCMS
-CVE-2017-3186 (ACTi cameras including the D, B, I, and E series using firmware ...)
+CVE-2017-3186
 	NOT-FOR-US: ACTi cameras
-CVE-2017-3185 (ACTi cameras including the D, B, I, and E series using firmware ...)
+CVE-2017-3185
 	NOT-FOR-US: ACTi cameras
-CVE-2017-3184 (ACTi cameras including the D, B, I, and E series using firmware ...)
+CVE-2017-3184
 	NOT-FOR-US: ACTi cameras
-CVE-2017-3183 (Sage XRT Treasury, version 3, fails to properly restrict database ...)
+CVE-2017-3183
 	NOT-FOR-US: Sage XRT Treasury
-CVE-2017-3182 (On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail ...)
+CVE-2017-3182
 	NOT-FOR-US: ThreatMetrix SDK
-CVE-2017-3181 (Multiple TIBCO Products are prone to multiple unspecified ...)
+CVE-2017-3181
 	NOT-FOR-US: TIBCO
-CVE-2017-3180 (Multiple TIBCO Products are prone to multiple unspecified cross-site ...)
+CVE-2017-3180
 	NOT-FOR-US: TIBCO
 CVE-2017-3179
 	REJECTED
@@ -43639,57 +43637,57 @@ CVE-2017-3171
 	REJECTED
 CVE-2017-3170
 	REJECTED
-CVE-2017-3169 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl ...)
+CVE-2017-3169
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
 CVE-2017-3168
 	REJECTED
-CVE-2017-3167 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of ...)
+CVE-2017-3167
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
-CVE-2017-3166 (In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and ...)
+CVE-2017-3166
 	- hadoop <itp> (bug #793644)
-CVE-2017-3165 (In Apache Brooklyn before 0.10.0, the REST server is vulnerable to ...)
+CVE-2017-3165
 	NOT-FOR-US: Apache Brooklyn
-CVE-2017-3164 (Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 ...)
+CVE-2017-3164
 	- lucene-solr <unfixed> (unimportant; bug #922242)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-12770
-CVE-2017-3163 (When using the Index Replication feature, Apache Solr nodes can pull ...)
+CVE-2017-3163
 	{DSA-4124-1 DLA-1046-1}
 	- lucene-solr 3.6.2+dfsg-11 (bug #867712)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-10031
 	NOTE: https://github.com/apache/lucene-solr/commit/ae789c252687dc8a18bfdb677f2e6cd14570e4db
-CVE-2017-3162 (HDFS clients interact with a servlet on the DataNode to browse the ...)
+CVE-2017-3162
 	- hadoop <itp> (bug #793644)
-CVE-2017-3161 (The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a ...)
+CVE-2017-3161
 	- hadoop <itp> (bug #793644)
-CVE-2017-3160 (After the Android platform is added to Cordova the first time, or ...)
+CVE-2017-3160
 	NOT-FOR-US: Apache Cordova
-CVE-2017-3159 (Apache Camel's camel-snakeyaml component is vulnerable to Java object ...)
+CVE-2017-3159
 	NOT-FOR-US: Apache Camel
-CVE-2017-3158 (A race condition in Guacamole's terminal emulator in versions 0.9.5 ...)
+CVE-2017-3158
 	- guacamole-client <unfixed> (bug #891798)
 	[stretch] - guacamole-client <no-dsa> (Minor issue)
 	[jessie] - guacamole-client <no-dsa> (Minor issue)
 	- guacamole <removed>
 	[wheezy] - guacamole <not-affected> (Version not vulnerable)
-CVE-2017-3157 (By exploiting the way Apache OpenOffice before 4.1.4 renders embedded ...)
+CVE-2017-3157
 	{DSA-3792-1 DLA-910-1}
 	- libreoffice 1:5.2.3-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
-CVE-2017-3156 (The OAuth2 Hawk and JOSE MAC Validation code in Apache CXF prior to ...)
+CVE-2017-3156
 	NOT-FOR-US: Apache CXF
-CVE-2017-3155 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
+CVE-2017-3155
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3154 (Error responses from Apache Atlas versions 0.6.0-incubating and ...)
+CVE-2017-3154
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3153 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
+CVE-2017-3153
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3152 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
+CVE-2017-3152
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3151 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
+CVE-2017-3151
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3150 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use ...)
+CVE-2017-3150
 	NOT-FOR-US: Apache Atlas
 CVE-2017-3149
 	RESERVED
@@ -43699,13 +43697,13 @@ CVE-2017-3147
 	RESERVED
 CVE-2017-3146
 	RESERVED
-CVE-2017-3145 (BIND was improperly sequencing cleanup operations on upstream ...)
+CVE-2017-3145
 	{DSA-4089-1 DLA-1255-1}
 	- bind9 1:9.11.2.P1-1
 	NOTE: https://kb.isc.org/article/AA-01542
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=053b51c4dbd28f6e4de71ce4268a6f606025d76d
 	NOTE: Fixed by (9.10.6-P1): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=55baf7d7e25c0e6444cb7e415f14d9e0819b5508
-CVE-2017-3144 (A vulnerability stemming from failure to properly clean up closed ...)
+CVE-2017-3144
 	{DSA-4133-1}
 	- isc-dhcp 4.3.5-3.1 (bug #887413)
 	[wheezy] - isc-dhcp <no-dsa> (Minor issue)
@@ -43713,20 +43711,20 @@ CVE-2017-3144 (A vulnerability stemming from failure to properly clean up closed
 	NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=46767
 	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=1a6b62fe17a42b00fa234d06b6dfde3d03451894
 	NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
-CVE-2017-3143 (An attacker who is able to send and receive messages to an ...)
+CVE-2017-3143
 	{DSA-3904-1 DLA-1025-1}
 	- bind9 1:9.10.3.dfsg.P4-12.4 (bug #866564)
 	NOTE: https://kb.isc.org/article/AA-01503
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669
-CVE-2017-3142 (An attacker who is able to send and receive messages to an ...)
+CVE-2017-3142
 	{DSA-3904-1 DLA-1025-1}
 	- bind9 1:9.10.3.dfsg.P4-12.4 (bug #866564)
 	NOTE: https://kb.isc.org/article/AA-01504
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669
-CVE-2017-3141 (The BIND installer on Windows uses an unquoted service path which can ...)
+CVE-2017-3141
 	- bind9 <not-affected> (Affects only Windows systems)
 	NOTE: https://kb.isc.org/article/AA-01496
-CVE-2017-3140 (If named is configured to use Response Policy Zones (RPZ) an error ...)
+CVE-2017-3140
 	- bind9 <not-affected> (Upstream change #4377 not backported/included)
 	NOTE: https://kb.isc.org/article/AA-01495
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=2648c49be78568ba9f4123d22122f2a649e2e1b7
@@ -43736,7 +43734,7 @@ CVE-2017-3140 (If named is configured to use Response Policy Zones (RPZ) an erro
 CVE-2017-3139
 	RESERVED
 	- bind9 <not-affected> (RHEL6 specific)
-CVE-2017-3138 (named contains a feature which allows operators to issue commands to a ...)
+CVE-2017-3138
 	{DSA-3854-1 DLA-957-1}
 	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860226)
 	NOTE: https://kb.isc.org/article/AA-01471
@@ -43746,7 +43744,7 @@ CVE-2017-3138 (named contains a feature which allows operators to issue commands
 	NOTE: commands was added only in 9.11.0 and before existing commands permitted
 	NOTE: over the control channel were already be given to cause the server to stop.
 	NOTE: The CVE-2017-3138 is barely an issue in practice anyway.
-CVE-2017-3137 (Mistaken assumptions about the ordering of records in the answer ...)
+CVE-2017-3137
 	{DSA-3854-1 DLA-957-1}
 	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860225)
 	NOTE: https://kb.isc.org/article/AA-01466
@@ -43754,598 +43752,598 @@ CVE-2017-3137 (Mistaken assumptions about the ordering of records in the answer
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=69fd759b4aa02047e42e5cf4227f8257c4547988
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=6841d7b854c15df9ec56cab38da201b315bbcabb (reimplentation)
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=7ab9e8e00775782d474522a5b2bffba8daefefa5 (regression fix)
-CVE-2017-3136 (A query with a specific set of characteristics could cause a server ...)
+CVE-2017-3136
 	{DSA-3854-1 DLA-957-1}
 	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860224)
 	NOTE: https://kb.isc.org/article/AA-01465
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=764240ca07ab1b796226d5402ccd9fbfa77ec32a
-CVE-2017-3135 (Under some conditions when using both DNS64 and RPZ to rewrite query ...)
+CVE-2017-3135
 	{DSA-3795-1 DLA-843-1}
 	- bind9 1:9.10.3.dfsg.P4-12 (bug #855520)
 	NOTE: https://kb.isc.org/article/AA-01453
 	NOTE: Patch for 9.9.9-P6: ftp://ftp.isc.org/isc/bind9/9.9.9-P6/patches/rt44434
-CVE-2017-3134 (An escalation of privilege vulnerability in Fortinet FortiWLC-SD ...)
+CVE-2017-3134
 	NOT-FOR-US: Fortinet FortiWLC-SD
-CVE-2017-3133 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions ...)
+CVE-2017-3133
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3132 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions ...)
+CVE-2017-3132
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3131 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions ...)
+CVE-2017-3131
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3130 (An information disclosure vulnerability in Fortinet FortiOS 5.6.0, ...)
+CVE-2017-3130
 	NOT-FOR-US: Fortinet
-CVE-2017-3129 (A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions ...)
+CVE-2017-3129
 	NOT-FOR-US: Fortinet FortiWeb
-CVE-2017-3128 (A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS ...)
+CVE-2017-3128
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3127 (A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 ...)
+CVE-2017-3127
 	NOT-FOR-US: Fortinet
-CVE-2017-3126 (An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through ...)
+CVE-2017-3126
 	NOT-FOR-US: Fortinet FortiAnalyzer
-CVE-2017-3125 (An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and ...)
+CVE-2017-3125
 	NOT-FOR-US: FortiMail
-CVE-2017-3124 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3124
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3123 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3123
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3122 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3122
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3121 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3121
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3120 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3120
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3119 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3119
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3118 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3118
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3117 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3117
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3116 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3116
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3115 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3115
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3114 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier ...)
+CVE-2017-3114
 	NOT-FOR-US: Adobe
-CVE-2017-3113 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3113
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3112 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier ...)
+CVE-2017-3112
 	NOT-FOR-US: Adobe
-CVE-2017-3111 (An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. ...)
+CVE-2017-3111
 	NOT-FOR-US: Adobe
-CVE-2017-3110 (Adobe Experience Manager 6.1 and earlier has a sensitive data exposure ...)
+CVE-2017-3110
 	NOT-FOR-US: Adobe
-CVE-2017-3109 (An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. ...)
+CVE-2017-3109
 	NOT-FOR-US: Adobe
-CVE-2017-3108 (Adobe Experience Manager 6.2 and earlier has a malicious file ...)
+CVE-2017-3108
 	NOT-FOR-US: Adobe
-CVE-2017-3107 (Adobe Experience Manager 6.3 and earlier has a misconfiguration ...)
+CVE-2017-3107
 	NOT-FOR-US: Adobe
-CVE-2017-3106 (Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable ...)
+CVE-2017-3106
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3105 (Adobe RoboHelp has an Open Redirect vulnerability. This affects ...)
+CVE-2017-3105
 	NOT-FOR-US: Adobe
-CVE-2017-3104 (Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. This ...)
+CVE-2017-3104
 	NOT-FOR-US: Adobe
-CVE-2017-3103 (Adobe Connect versions 9.6.1 and earlier have a stored cross-site ...)
+CVE-2017-3103
 	NOT-FOR-US: Adobe Connect
-CVE-2017-3102 (Adobe Connect versions 9.6.1 and earlier have a reflected cross-site ...)
+CVE-2017-3102
 	NOT-FOR-US: Adobe Connect
-CVE-2017-3101 (Adobe Connect versions 9.6.1 and earlier have a clickjacking ...)
+CVE-2017-3101
 	NOT-FOR-US: Adobe Connect
-CVE-2017-3100 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...)
+CVE-2017-3100
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3099 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...)
+CVE-2017-3099
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3098 (Adobe Captivate versions 9 and earlier have a remote code execution ...)
+CVE-2017-3098
 	NOT-FOR-US: Adobe
-CVE-2017-3097 (Adobe Digital Editions versions 4.5.4 and earlier contain an insecure ...)
+CVE-2017-3097
 	NOT-FOR-US: Adobe
-CVE-2017-3096 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable ...)
+CVE-2017-3096
 	NOT-FOR-US: Adobe
-CVE-2017-3095 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable ...)
+CVE-2017-3095
 	NOT-FOR-US: Adobe
-CVE-2017-3094 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable ...)
+CVE-2017-3094
 	NOT-FOR-US: Adobe
-CVE-2017-3093 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable ...)
+CVE-2017-3093
 	NOT-FOR-US: Adobe
-CVE-2017-3092 (Adobe Digital Editions versions 4.5.4 and earlier contain an insecure ...)
+CVE-2017-3092
 	NOT-FOR-US: Adobe
-CVE-2017-3091 (Adobe Digital Editions 4.5.4 and earlier versions 4.5.4 and earlier ...)
+CVE-2017-3091
 	NOT-FOR-US: Adobe
-CVE-2017-3090 (Adobe Digital Editions versions 4.5.4 and earlier contain an insecure ...)
+CVE-2017-3090
 	NOT-FOR-US: Adobe
-CVE-2017-3089 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable ...)
+CVE-2017-3089
 	NOT-FOR-US: Adobe
-CVE-2017-3088 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable ...)
+CVE-2017-3088
 	NOT-FOR-US: Adobe
-CVE-2017-3087 (Adobe Captivate versions 9 and earlier have an information disclosure ...)
+CVE-2017-3087
 	NOT-FOR-US: Adobe
-CVE-2017-3086 (Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable ...)
+CVE-2017-3086
 	NOT-FOR-US: Adobe
-CVE-2017-3085 (Adobe Flash Player versions 26.0.0.137 and earlier have a security ...)
+CVE-2017-3085
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3084 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3084
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3083 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3083
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3082 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3082
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3081 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3081
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3080 (Adobe Flash Player versions 26.0.0.131 and earlier have a security ...)
+CVE-2017-3080
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3079 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3079
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3078 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3078
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3077 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3077
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3076 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3076
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3075 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
+CVE-2017-3075
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3074 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
+CVE-2017-3074
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3073 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
+CVE-2017-3073
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3072 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
+CVE-2017-3072
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3071 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
+CVE-2017-3071
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3070 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
+CVE-2017-3070
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3069 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
+CVE-2017-3069
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3068 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
+CVE-2017-3068
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3067 (Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an ...)
+CVE-2017-3067
 	NOT-FOR-US: Adobe
-CVE-2017-3066 (Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and ...)
+CVE-2017-3066
 	NOT-FOR-US: Adobe
-CVE-2017-3065 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3065
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3064 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
+CVE-2017-3064
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3063 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
+CVE-2017-3063
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3062 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
+CVE-2017-3062
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3061 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
+CVE-2017-3061
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3060 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
+CVE-2017-3060
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3059 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
+CVE-2017-3059
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3058 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
+CVE-2017-3058
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3057 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3057
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3056 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3056
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3055 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3055
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3054 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3054
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3053 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3053
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3052 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3052
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3051 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3051
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3050 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3050
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3049 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3049
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3048 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3048
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3047 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3047
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3046 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3046
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3045 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3045
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3044 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3044
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3043 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3043
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3042 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3042
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3041 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3041
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3040 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3040
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3039 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3039
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3038 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3038
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3037 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3037
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3036 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3036
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3035 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3035
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3034 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3034
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3033 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3033
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3032 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3032
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3031 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3031
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3030 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3030
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3029 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3029
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3028 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3028
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3027 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3027
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3026 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3026
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3025 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3025
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3024 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3024
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3023 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3023
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3022 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3022
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3021 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3021
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3020 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3020
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3019 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3019
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3018 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3018
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3017 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3017
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3016 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
+CVE-2017-3016
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3015 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3015
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3014 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3014
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3013 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3013
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3012 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3012
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3011 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ...)
+CVE-2017-3011
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3010 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-3010
 	NOT-FOR-US: Adobe
-CVE-2017-3009 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-3009
 	NOT-FOR-US: Adobe
-CVE-2017-3008 (Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and ...)
+CVE-2017-3008
 	NOT-FOR-US: Adobe
-CVE-2017-3007 (Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the ...)
+CVE-2017-3007
 	NOT-FOR-US: Adobe Thor
-CVE-2017-3006 (Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related ...)
+CVE-2017-3006
 	NOT-FOR-US: Adobe Thor
-CVE-2017-3005 (Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 ...)
+CVE-2017-3005
 	NOT-FOR-US: Adobe Photoshop
-CVE-2017-3004 (Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 ...)
+CVE-2017-3004
 	NOT-FOR-US: Adobe Photoshop
-CVE-2017-3003 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
+CVE-2017-3003
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3002 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
+CVE-2017-3002
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3001 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
+CVE-2017-3001
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3000 (Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability ...)
+CVE-2017-3000
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2999 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
+CVE-2017-2999
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2998 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
+CVE-2017-2998
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2997 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
+CVE-2017-2997
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2996 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2996
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2995 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2995
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2994 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2994
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2993 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2993
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2992 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2992
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2991 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2991
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2990 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2990
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2989 (Adobe Campaign versions Build 8770 and earlier have an input validation ...)
+CVE-2017-2989
 	NOT-FOR-US: Adobe
-CVE-2017-2988 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2988
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2987 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2987
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2986 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2986
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2985 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2985
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2984 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2984
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2983 (Adobe Shockwave versions 12.2.7.197 and earlier have an insecure ...)
+CVE-2017-2983
 	NOT-FOR-US: Adobe
-CVE-2017-2982 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
+CVE-2017-2982
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2981 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2981
 	NOT-FOR-US: Adobe
-CVE-2017-2980 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2980
 	NOT-FOR-US: Adobe
-CVE-2017-2979 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2979
 	NOT-FOR-US: Adobe
-CVE-2017-2978 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2978
 	NOT-FOR-US: Adobe
-CVE-2017-2977 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2977
 	NOT-FOR-US: Adobe
-CVE-2017-2976 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2976
 	NOT-FOR-US: Adobe
-CVE-2017-2975 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2975
 	NOT-FOR-US: Adobe
-CVE-2017-2974 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2974
 	NOT-FOR-US: Adobe
-CVE-2017-2973 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable ...)
+CVE-2017-2973
 	NOT-FOR-US: Adobe
-CVE-2017-2972 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2972
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2971 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2971
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2970 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2970
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2969 (Adobe Campaign versions 16.4 Build 8724 and earlier have a cross-site ...)
+CVE-2017-2969
 	NOT-FOR-US: Adobe
-CVE-2017-2968 (Adobe Campaign versions 16.4 Build 8724 and earlier have a code ...)
+CVE-2017-2968
 	NOT-FOR-US: Adobe
-CVE-2017-2967 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2967
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2966 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2966
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2965 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2965
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2964 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2964
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2963 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2963
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2962 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2962
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2961 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2961
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2960 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2960
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2959 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2959
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2958 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2958
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2957 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2957
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2956 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2956
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2955 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2955
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2954 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2954
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2953 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2953
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2952 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2952
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2951 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2951
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2950 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2950
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2949 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2949
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2948 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2948
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2947 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2947
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2946 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2946
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2945 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2945
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2944 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2944
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2943 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2943
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2942 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2942
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2941 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2941
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2940 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2940
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2939 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+CVE-2017-2939
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2938 (Adobe Flash Player versions 24.0.0.186 and earlier have a security ...)
+CVE-2017-2938
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2937 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2937
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2936 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2936
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2935 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2935
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2934 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2934
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2933 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2933
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2932 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2932
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2931 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2931
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2930 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2930
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2929 (Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a ...)
+CVE-2017-2929
 	NOT-FOR-US: Adobe Acrobat Chrome extension
-CVE-2017-2928 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2928
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2927 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2927
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2926 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2926
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2925 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
+CVE-2017-2925
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2924 (An exploitable heap-based buffer overflow vulnerability exists in the ...)
+CVE-2017-2924
 	{DSA-3976-1 DLA-1098-1}
 	- freexl 1.0.4-1 (bug #875691)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0431
 	NOTE: https://www.gaia-gis.it/fossil/freexl/ci/40c17539ea56f0d8
-CVE-2017-2923 (An exploitable heap based buffer overflow vulnerability exists in the ...)
+CVE-2017-2923
 	{DSA-3976-1 DLA-1098-1}
 	- freexl 1.0.4-1 (bug #875690)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0430
 	NOTE: https://www.gaia-gis.it/fossil/freexl/ci/40c17539ea56f0d8
-CVE-2017-2922 (An exploitable memory corruption vulnerability exists in the Websocket ...)
+CVE-2017-2922
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2921 (An exploitable memory corruption vulnerability exists in the Websocket ...)
+CVE-2017-2921
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2920 (An memory corruption vulnerability exists in the .SVG parsing ...)
+CVE-2017-2920
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-2919 (An exploitable stack based buffer overflow vulnerability exists in the ...)
+CVE-2017-2919
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0426
-CVE-2017-2918 (An exploitable integer overflow exists in the Image loading ...)
+CVE-2017-2918
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: :https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0425
-CVE-2017-2917 (An exploitable vulnerability exists in the notifications functionality ...)
+CVE-2017-2917
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2916 (An exploitable vulnerability exists in the /api/CONFIG/restore ...)
+CVE-2017-2916
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2915 (An exploitable vulnerability exists in the WiFi configuration ...)
+CVE-2017-2915
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2914 (An exploitable authentication bypass vulnerability exists in the API ...)
+CVE-2017-2914
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2913 (An exploitable vulnerability exists in the filtering functionality of ...)
+CVE-2017-2913
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2912 (An exploitable vulnerability exists in the remote control ...)
+CVE-2017-2912
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2911 (An exploitable vulnerability exists in the remote control ...)
+CVE-2017-2911
 	NOT-FOR-US: Circle with Disney
 CVE-2017-2910
 	RESERVED
-CVE-2017-2909 (An infinite loop programming error exists in the DNS server ...)
+CVE-2017-2909
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2908 (An exploitable integer overflow exists in the thumbnail functionality ...)
+CVE-2017-2908
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/07aed404cfb2759f97c60b9f64d8a9392dabaf1a
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0415
-CVE-2017-2907 (An exploitable integer overflow exists in the animation playing ...)
+CVE-2017-2907
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0414
-CVE-2017-2906 (An exploitable integer overflow exists in the animation playing ...)
+CVE-2017-2906
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0413
-CVE-2017-2905 (An exploitable integer overflow exists in the bmp loading ...)
+CVE-2017-2905
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0412
-CVE-2017-2904 (An exploitable integer overflow exists in the RADIANCE loading ...)
+CVE-2017-2904
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0411
-CVE-2017-2903 (An exploitable integer overflow exists in the DPX loading ...)
+CVE-2017-2903
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0410
-CVE-2017-2902 (An exploitable integer overflow exists in the DPX loading ...)
+CVE-2017-2902
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0409
-CVE-2017-2901 (An exploitable integer overflow exists in the IRIS loading ...)
+CVE-2017-2901
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/829916f4e57a2d1580ff3b625f6bb909b9144a20
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0408
-CVE-2017-2900 (An exploitable integer overflow exists in the PNG loading ...)
+CVE-2017-2900
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0407
-CVE-2017-2899 (An exploitable integer overflow exists in the TIFF loading ...)
+CVE-2017-2899
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0406
-CVE-2017-2898 (An exploitable vulnerability exists in the signature verification of ...)
+CVE-2017-2898
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the ...)
+CVE-2017-2897
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0404
-CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the ...)
+CVE-2017-2896
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0403
-CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
+CVE-2017-2895
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2894 (An exploitable stack buffer overflow vulnerability exists in the MQTT ...)
+CVE-2017-2894
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2893 (An exploitable NULL pointer dereference vulnerability exists in the ...)
+CVE-2017-2893
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2892 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
+CVE-2017-2892
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2891 (An exploitable use-after-free vulnerability exists in the HTTP server ...)
+CVE-2017-2891
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2890 (An exploitable vulnerability exists in the /api/CONFIG/restore ...)
+CVE-2017-2890
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2889 (An exploitable Denial of Service vulnerability exists in the API ...)
+CVE-2017-2889
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2888 (An exploitable integer overflow vulnerability exists when creating a ...)
+CVE-2017-2888
 	- libsdl2 2.0.6+dfsg1-4 (bug #878264)
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	[jessie] - libsdl2 <no-dsa> (Minor issue)
@@ -44353,170 +44351,170 @@ CVE-2017-2888 (An exploitable integer overflow vulnerability exists when creatin
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0395
 	NOTE: https://hg.libsdl.org/SDL/rev/7e0f1498ddb5
 	NOTE: https://hg.libsdl.org/SDL/rev/81a4950907a0
-CVE-2017-2887 (An exploitable buffer overflow vulnerability exists in the XCF ...)
+CVE-2017-2887
 	{DSA-4184-1 DSA-4177-1 DLA-1134-1}
 	- libsdl2-image 2.0.1+dfsg-4 (bug #878266)
 	- sdl-image1.2 1.2.12-7 (bug #878267)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0394
 	NOTE: https://hg.libsdl.org/SDL_image/rev/318484db0705
-CVE-2017-2886 (A memory corruption vulnerability exists in the .PSD parsing ...)
+CVE-2017-2886
 	NOT-FOR-US: ACDSee Ultimate
-CVE-2017-2885 (An exploitable stack based buffer overflow vulnerability exists in the ...)
+CVE-2017-2885
 	{DSA-3929-1}
 	- libsoup2.4 2.56.1-1 (bug #871650)
 	[wheezy] - libsoup2.4 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785774
-CVE-2017-2884 (An exploitable vulnerability exists in the user photo update ...)
+CVE-2017-2884
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2883 (An exploitable vulnerability exists in the database update ...)
+CVE-2017-2883
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2882 (An exploitable vulnerability exists in the servers update ...)
+CVE-2017-2882
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2881 (An exploitable vulnerability exists in the torlist update ...)
+CVE-2017-2881
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2880 (An memory corruption vulnerability exists in the .GIF parsing ...)
+CVE-2017-2880
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-2879 (An exploitable buffer overflow vulnerability exists in the UPnP ...)
+CVE-2017-2879
 	NOT-FOR-US: Foscam
-CVE-2017-2878 (An exploitable buffer overflow vulnerability exists in the web ...)
+CVE-2017-2878
 	NOT-FOR-US: Foscam
-CVE-2017-2877 (A missing error check exists in the Multi-Camera interface used by the ...)
+CVE-2017-2877
 	NOT-FOR-US: Foscam
-CVE-2017-2876 (An exploitable buffer overflow vulnerability exists in the ...)
+CVE-2017-2876
 	NOT-FOR-US: Foscam
-CVE-2017-2875 (An exploitable buffer overflow vulnerability exists in the ...)
+CVE-2017-2875
 	NOT-FOR-US: Foscam
-CVE-2017-2874 (An information disclosure vulnerability exists in the Multi-Camera ...)
+CVE-2017-2874
 	NOT-FOR-US: Foscam
-CVE-2017-2873 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-2873
 	NOT-FOR-US: Foscam
-CVE-2017-2872 (Insufficient security checks exist in the recovery procedure used by ...)
+CVE-2017-2872
 	NOT-FOR-US: Foscam
-CVE-2017-2871 (Insufficient security checks exist in the recovery procedure used by ...)
+CVE-2017-2871
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2870 (An exploitable integer overflow vulnerability exists in the ...)
+CVE-2017-2870
 	- gdk-pixbuf 2.36.10-1 (unimportant; bug #873787)
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=31a6cff3dfc6944aad4612a9668b8ad39122e48b
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=770986
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780269
 	NOTE: Built with GCC in Debian, which doesn't remove the check
-CVE-2017-2869 (An exploitable code execution vulnerability exists in the OpenProducer ...)
+CVE-2017-2869
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2868 (An exploitable code execution vulnerability exists in the ...)
+CVE-2017-2868
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2867 (An exploitable code execution vulnerability exists in the ...)
+CVE-2017-2867
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2866 (An exploitable vulnerability exists in the /api/CONFIG/backup ...)
+CVE-2017-2866
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2865 (An exploitable vulnerability exists in the firmware update ...)
+CVE-2017-2865
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2864 (An exploitable vulnerability exists in the generation of ...)
+CVE-2017-2864
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2863 (An out-of-bounds write vulnerability exists in the PDF parsing ...)
+CVE-2017-2863
 	NOT-FOR-US: Iceni Infix
-CVE-2017-2862 (An exploitable heap overflow vulnerability exists in the ...)
+CVE-2017-2862
 	{DSA-3978-1 DLA-1100-1}
 	- gdk-pixbuf 2.36.10-1 (bug #874552)
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=c2a40a92fe3df4111ed9da51fe3368c079b86926
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6dd89e126a277460faafc1f679db44ccf78446fb
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=784866
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0366
-CVE-2017-2861 (An exploitable Denial of Service vulnerability exists in the use of a ...)
+CVE-2017-2861
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2860 (An exploitable denial-of-service vulnerability exists in the lookup ...)
+CVE-2017-2860
 	NOT-FOR-US: Natus Xltek NeuroWorks
 CVE-2017-2859
 	RESERVED
-CVE-2017-2858 (An exploitable denial-of-service vulnerability exists in the traversal ...)
+CVE-2017-2858
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2857 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
+CVE-2017-2857
 	NOT-FOR-US: Foscam
-CVE-2017-2856 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
+CVE-2017-2856
 	NOT-FOR-US: Foscam
-CVE-2017-2855 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
+CVE-2017-2855
 	NOT-FOR-US: Foscam
-CVE-2017-2854 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
+CVE-2017-2854
 	NOT-FOR-US: Foscam
-CVE-2017-2853 (An exploitable Code Execution vulnerability exists in the ...)
+CVE-2017-2853
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2852 (An exploitable denial-of-service vulnerability exists in the ...)
+CVE-2017-2852
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2851 (In the web management interface in Foscam C1 Indoor HD cameras with ...)
+CVE-2017-2851
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2850 (In the web management interface in Foscam C1 Indoor HD cameras with ...)
+CVE-2017-2850
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2849 (In the web management interface in Foscam C1 Indoor HD cameras with ...)
+CVE-2017-2849
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2848 (In the web management interface in Foscam C1 Indoor HD cameras with ...)
+CVE-2017-2848
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2847 (In the web management interface in Foscam C1 Indoor HD cameras with ...)
+CVE-2017-2847
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2846 (In the web management interface in Foscam C1 Indoor HD cameras with ...)
+CVE-2017-2846
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2845 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-2845
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2844 (In the web management interface in Foscam C1 Indoor HD cameras with ...)
+CVE-2017-2844
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2843 (In the web management interface in Foscam C1 Indoor HD Camera running ...)
+CVE-2017-2843
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2842 (In the web management interface in Foscam C1 Indoor HD Camera running ...)
+CVE-2017-2842
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2841 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-2841
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2840 (A buffer overflow vulnerability exists in the ISO parsing ...)
+CVE-2017-2840
 	NOT-FOR-US: EZB Systems UltraISO
-CVE-2017-2839 (An exploitable denial of service vulnerability exists within the ...)
+CVE-2017-2839
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2838 (An exploitable denial of service vulnerability exists within the ...)
+CVE-2017-2838
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2837 (An exploitable denial of service vulnerability exists within the ...)
+CVE-2017-2837
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2836 (An exploitable denial of service vulnerability exists within the ...)
+CVE-2017-2836
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2835 (An exploitable code execution vulnerability exists in the RDP receive ...)
+CVE-2017-2835
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2834 (An exploitable code execution vulnerability exists in the ...)
+CVE-2017-2834
 	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	[wheezy] - freerdp <not-affected> (vulnerable code not present)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0336
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2833 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-2833
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2832 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-2832
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2831 (An exploitable buffer overflow vulnerability exists in the web ...)
+CVE-2017-2831
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2830 (An exploitable buffer overflow vulnerability exists in the web ...)
+CVE-2017-2830
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2829 (An exploitable directory traversal vulnerability exists in the web ...)
+CVE-2017-2829
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2828 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-2828
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2827 (An exploitable command injection vulnerability exists in the web ...)
+CVE-2017-2827
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2826 (An information disclosure vulnerability exists in the iConfig proxy ...)
+CVE-2017-2826
 	{DLA-1708-1}
 	- zabbix <unfixed> (low)
 	[buster] - zabbix <ignored> (Minor issue, workaround exists)
@@ -44526,36 +44524,36 @@ CVE-2017-2826 (An information disclosure vulnerability exists in the iConfig pro
 	NOTE: https://support.zabbix.com/browse/ZBX-12076
 	NOTE: Workaround for Zabbix 3.0 exists: https://www.zabbix.com/documentation/3.0/manual/distributed_monitoring/proxies#configuration
 	NOTE: using encyrpted connections with the proxy.
-CVE-2017-2825 (In the trapper functionality of Zabbix Server 2.4.x, specifically ...)
+CVE-2017-2825
 	{DSA-3937-1}
 	- zabbix 1:3.0.7+dfsg-3 (bug #863584)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2017-0326/
 	NOTE: https://support.zabbix.com/browse/ZBX-12076
-CVE-2017-2824 (An exploitable code execution vulnerability exists in the trapper ...)
+CVE-2017-2824
 	{DSA-3937-1}
 	- zabbix 1:3.0.7+dfsg-3 (bug #863584)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2017-0325/
 	NOTE: https://support.zabbix.com/browse/ZBX-12075
-CVE-2017-2823 (A use-after-free vulnerability exists in the .ISO parsing ...)
+CVE-2017-2823
 	NOT-FOR-US: PowerISO
-CVE-2017-2822 (An exploitable code execution vulnerability exists in the image ...)
+CVE-2017-2822
 	NOT-FOR-US: Lexmark
-CVE-2017-2821 (An exploitable use-after-free exists in the PDF parsing functionality ...)
+CVE-2017-2821
 	NOT-FOR-US: Lexmark
-CVE-2017-2820 (An exploitable integer overflow vulnerability exists in the JPEG 2000 ...)
+CVE-2017-2820
 	- poppler <unfixed> (unimportant)
 	NOTE: Debian uses openjpeg for processing JPEG 2000 images, this advisory is
 	NOTE: against Ubuntu, which disables openjpeg due to being in universe
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321
-CVE-2017-2819 (An exploitable heap-based buffer overflow exists in the Hangul Word ...)
+CVE-2017-2819
 	NOT-FOR-US: Hancom Thinkfree Office NEO
-CVE-2017-2818 (An exploitable heap overflow vulnerability exists in the image ...)
+CVE-2017-2818
 	- poppler <unfixed> (unimportant)
 	NOTE: Debian links against libjpeg which is unaffected
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319
-CVE-2017-2817 (A stack buffer overflow vulnerability exists in the ISO parsing ...)
+CVE-2017-2817
 	NOT-FOR-US: PowerISO
-CVE-2017-2816 (An exploitable buffer overflow vulnerability exists in the tag parsing ...)
+CVE-2017-2816
 	{DLA-1192-1}
 	- libofx 1:0.9.11-4 (bug #875801)
 	[stretch] - libofx 1:0.9.10-2+deb9u1
@@ -44563,27 +44561,27 @@ CVE-2017-2816 (An exploitable buffer overflow vulnerability exists in the tag pa
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0317
 	NOTE: https://github.com/libofx/libofx/commit/a70934eea95c76a7737b83773bffe8738935082d
 	NOTE: https://github.com/libofx/libofx/issues/9
-CVE-2017-2815 (An exploitable XML entity injection vulnerability exists in OpenFire ...)
+CVE-2017-2815
 	NOT-FOR-US: OpenFire User Import Export Plugin
-CVE-2017-2814 (An exploitable heap overflow vulnerability exists in the image ...)
+CVE-2017-2814
 	- poppler <unfixed> (unimportant)
 	NOTE: Debian links against libjpeg which is unaffected
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319
-CVE-2017-2813 (An exploitable integer overflow vulnerability exists in the JPEG 2000 ...)
+CVE-2017-2813
 	NOT-FOR-US: IrfanView
-CVE-2017-2812 (A code execution vulnerability exists in the kdu_buffered_expand ...)
+CVE-2017-2812
 	NOT-FOR-US: Kakadu
-CVE-2017-2811 (A code execution vulnerability exists in the Kakadu SDK 7.9's parsing ...)
+CVE-2017-2811
 	NOT-FOR-US: Kakadu
-CVE-2017-2810 (An exploitable vulnerability exists in the Databook loading ...)
+CVE-2017-2810
 	- python-tablib 0.9.11-3 (bug #864818)
 	[stretch] - python-tablib 0.9.11-2+deb8u1
 	[jessie] - python-tablib 0.9.11-2+deb8u1
 	NOTE: Fixed by: https://github.com/kennethreitz/tablib/commit/69abfc3ada5d754cb152119c0b4777043657cb6e
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0307
-CVE-2017-2809 (An exploitable vulnerability exists in the yaml loading functionality ...)
+CVE-2017-2809
 	NOT-FOR-US: Ansible Vault
-CVE-2017-2808 (An exploitable use-after-free vulnerability exists in the account ...)
+CVE-2017-2808
 	- ledger 3.1.2+dfsg1-1 (low; bug #876659)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -44591,7 +44589,7 @@ CVE-2017-2808 (An exploitable use-after-free vulnerability exists in the account
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0304
 	NOTE: https://github.com/ledger/ledger/issues/1723
 	NOTE: https://github.com/ledger/ledger/commit/f3bad93db256db07b6cb831d4d24f47543f57e4a
-CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag parsing ...)
+CVE-2017-2807
 	- ledger 3.1.2+dfsg1-1 (low; bug #876660)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -44599,88 +44597,88 @@ CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag pa
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303
 	NOTE: https://github.com/ledger/ledger/issues/1722
 	NOTE: https://github.com/ledger/ledger/commit/5682f377aed5b0db6b6c4a44b1d8868103b7e9f7
-CVE-2017-2806 (An exploitable arbitrary read exists in the XLS parsing of the Lexmark ...)
+CVE-2017-2806
 	NOT-FOR-US: Lexmark Perspective Document Filters conversion functionality
-CVE-2017-2805 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2017-2805
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2804 (A remote out of bound write vulnerability exists in the TIFF parsing ...)
+CVE-2017-2804
 	NOT-FOR-US: Core PHOTO-PAINT X8
-CVE-2017-2803 (A remote out of bound write vulnerability exists in the TIFF parsing ...)
+CVE-2017-2803
 	NOT-FOR-US: Core PHOTO-PAINT X8
-CVE-2017-2802 (An exploitable dll hijacking vulnerability exists in the ...)
+CVE-2017-2802
 	NOT-FOR-US: Dell
-CVE-2017-2801 (A programming error exists in a way Randombit Botan cryptographic ...)
+CVE-2017-2801
 	{DSA-3939-1 DLA-915-1}
 	- botan1.10 1.10.16-1 (bug #860072)
 	NOTE: https://github.com/randombit/botan/commit/c927101675e5f63fc0bdd93c5a4825adc54323b4 (1.10.16)
 	NOTE: Bug introduced in 1.6.0 or earlier, fixed in 2.1.0 and 1.10.16
-CVE-2017-2800 (A specially crafted x509 certificate can cause a single out of bounds ...)
+CVE-2017-2800
 	- wolfssl 3.12.0+dfsg-1 (bug #862154)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2017-0293/
-CVE-2017-2799 (An exploitable heap corruption vulnerability exists in the AddSst ...)
+CVE-2017-2799
 	NOT-FOR-US: Antenna House DMC HTMLFilter
-CVE-2017-2798 (An exploitable heap corruption vulnerability exists in the ...)
+CVE-2017-2798
 	NOT-FOR-US: Antenna House DMC HTMLFilter
-CVE-2017-2797 (An exploitable heap overflow vulnerability exists in the ...)
+CVE-2017-2797
 	NOT-FOR-US: Antenna House
 CVE-2017-2796
 	RESERVED
-CVE-2017-2795 (An exploitable heap corruption vulnerability exists in the Txo ...)
+CVE-2017-2795
 	NOT-FOR-US: Antenna House
-CVE-2017-2794 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2017-2794
 	NOT-FOR-US: Antenna House
-CVE-2017-2793 (An exploitable heap corruption vulnerability exists in the ...)
+CVE-2017-2793
 	NOT-FOR-US: Antenna House
-CVE-2017-2792 (An exploitable heap corruption vulnerability exists in the iBldDirInfo ...)
+CVE-2017-2792
 	NOT-FOR-US: Antenna House
-CVE-2017-2791 (JustSystems Ichitaro 2016 Trial contains a vulnerability that exists ...)
+CVE-2017-2791
 	NOT-FOR-US: JustSystems Ichitaro 2016 Trial
-CVE-2017-2790 (When processing a record type of 0x3c from a Workbook stream from an ...)
+CVE-2017-2790
 	NOT-FOR-US: JustSystems Ichitaro Office
-CVE-2017-2789 (When copying filedata into a buffer, JustSystems Ichitaro Office 2016 ...)
+CVE-2017-2789
 	NOT-FOR-US: JustSystems Ichitaro Office 2016 Trial
-CVE-2017-2788 (A buffer overflows exists in the psnotifyd application of the Pharos ...)
+CVE-2017-2788
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2787 (A buffer overflows exists in the psnotifyd application of the Pharos ...)
+CVE-2017-2787
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2786 (A denial of service vulnerability exists in the psnotifyd application ...)
+CVE-2017-2786
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2785 (An exploitable buffer overflow exists in the psnotifyd application of ...)
+CVE-2017-2785
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2784 (An exploitable free of a stack pointer vulnerability exists in the ...)
+CVE-2017-2784
 	- mbedtls 2.4.2-1 (bug #857560)
 	- polarssl <removed> (bug #857561)
 	[jessie] - polarssl 1.3.9-2.1+deb8u2
 	[wheezy] - polarssl <not-affected> (Vulnerable code not present)
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01
 	NOTE: Wheezy do not have any elliptic curve functionality. Jessie is affected however.
-CVE-2017-2783 (An exploitable heap corruption vulnerability exists in the ...)
+CVE-2017-2783
 	NOT-FOR-US: AntennaHouse
-CVE-2017-2782 (An integer overflow vulnerability exists in the X509 certificate ...)
+CVE-2017-2782
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0278
-CVE-2017-2781 (An exploitable heap buffer overflow vulnerability exists in the X509 ...)
+CVE-2017-2781
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0277
-CVE-2017-2780 (An exploitable heap buffer overflow vulnerability exists in the X509 ...)
+CVE-2017-2780
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0276
-CVE-2017-2779 (An exploitable memory corruption vulnerability exists in the RSRC ...)
+CVE-2017-2779
 	NOT-FOR-US: Labview
 CVE-2017-2778
 	RESERVED
-CVE-2017-2777 (An exploitable heap overflow vulnerability exists in the ...)
+CVE-2017-2777
 	NOT-FOR-US: Iceni Argus
 CVE-2017-2776
 	RESERVED
-CVE-2017-2775 (An exploitable memory corruption vulnerability exists in the ...)
+CVE-2017-2775
 	NOT-FOR-US: Labview
 CVE-2017-2774
 	REJECTED
-CVE-2017-2773 (An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions ...)
+CVE-2017-2773
 	NOT-FOR-US: Pivotal PCF Elastic Runtime
 CVE-2017-2772
 	REJECTED
@@ -44690,13 +44688,13 @@ CVE-2017-2770
 	REJECTED
 CVE-2017-2769
 	REJECTED
-CVE-2017-2768 (EMC Network Configuration Manager (NCM) 9.3.x, EMC Network ...)
+CVE-2017-2768
 	NOT-FOR-US: EMC Network Configuration Manager
-CVE-2017-2767 (EMC Network Configuration Manager (NCM) 9.3.x, EMC Network ...)
+CVE-2017-2767
 	NOT-FOR-US: EMC Network Configuration Manager
-CVE-2017-2766 (EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 ...)
+CVE-2017-2766
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2017-2765 (EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, ...)
+CVE-2017-2765
 	NOT-FOR-US: EMC Isilon InsightIQ
 CVE-2017-2764
 	RESERVED
@@ -44724,149 +44722,149 @@ CVE-2017-2753
 	RESERVED
 CVE-2017-2752
 	RESERVED
-CVE-2017-2751 (A BIOS password extraction vulnerability has been reported on certain ...)
+CVE-2017-2751
 	NOT-FOR-US: firmware on HP notebooks
-CVE-2017-2750 (Insufficient Solution DLL Signature Validation allows potential ...)
+CVE-2017-2750
 	NOT-FOR-US: HP printers
 CVE-2017-2749
 	RESERVED
 CVE-2017-2748
 	RESERVED
-CVE-2017-2747 (HP has identified a potential security vulnerability before ...)
+CVE-2017-2747
 	NOT-FOR-US: HP printers
-CVE-2017-2746 (Potential security vulnerabilities have been identified with HP ...)
+CVE-2017-2746
 	NOT-FOR-US: HP JetAdvantage Security Manager
-CVE-2017-2745 (Potential security vulnerabilities have been identified with HP ...)
+CVE-2017-2745
 	NOT-FOR-US: HP JetAdvantage Security Manager
-CVE-2017-2744 (The vulnerability allows attacker to extract binaries into protected ...)
+CVE-2017-2744
 	NOT-FOR-US: HP Support Assistant
-CVE-2017-2743 (HP has identified a potential security vulnerability with HP ...)
+CVE-2017-2743
 	NOT-FOR-US: HP printers
-CVE-2017-2742 (A potential security vulnerability has been identified with HP Web ...)
+CVE-2017-2742
 	NOT-FOR-US: HP Web JetAdmin
-CVE-2017-2741 (A potential security vulnerability has been identified with HP ...)
+CVE-2017-2741
 	NOT-FOR-US: HP printers
-CVE-2017-2740 (A potential security vulnerability has been identified with the ...)
+CVE-2017-2740
 	NOT-FOR-US: HP ThinPro
-CVE-2017-2739 (The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 ...)
+CVE-2017-2739
 	NOT-FOR-US: Huawei
-CVE-2017-2738 (VCM5010 with software versions earlier before V100R002C50SPC100 has an ...)
+CVE-2017-2738
 	NOT-FOR-US: Huawei
-CVE-2017-2737 (VCM5010 with software versions earlier before V100R002C50SPC100 has an ...)
+CVE-2017-2737
 	NOT-FOR-US: Huawei
-CVE-2017-2736 (VCM5010 with software versions earlier before V100R002C50SPC100 has a ...)
+CVE-2017-2736
 	NOT-FOR-US: Huawei
-CVE-2017-2735 (TIT-AL00 smartphones with software versions earlier before ...)
+CVE-2017-2735
 	NOT-FOR-US: Huawei
-CVE-2017-2734 (P9 Plus smartphones with software versions earlier before ...)
+CVE-2017-2734
 	NOT-FOR-US: Huawei
-CVE-2017-2733 (Honor 6X smartphones with software versions earlier than ...)
+CVE-2017-2733
 	NOT-FOR-US: Huawei
-CVE-2017-2732 (Huawei Hilink APP Versions earlier before 5.0.25.306 has an ...)
+CVE-2017-2732
 	NOT-FOR-US: Huawei
-CVE-2017-2731 (The vibrator service in P9 Plus smart phones with software versions ...)
+CVE-2017-2731
 	NOT-FOR-US: Huawei
-CVE-2017-2730 (HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and ...)
+CVE-2017-2730
 	NOT-FOR-US: Huawei
-CVE-2017-2729 (The boot loaders in Honor 5A smart phones with software Versions ...)
+CVE-2017-2729
 	NOT-FOR-US: Huawei
-CVE-2017-2728 (Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier ...)
+CVE-2017-2728
 	NOT-FOR-US: Huawei
-CVE-2017-2727 (Huawei P9 smart phones with software versions earlier before ...)
+CVE-2017-2727
 	NOT-FOR-US: Huawei
-CVE-2017-2726 (Bastet in P10 Plus and P10 smart phones with software earlier than ...)
+CVE-2017-2726
 	NOT-FOR-US: Huawei
-CVE-2017-2725 (Bastet in P10 Plus and P10 smart phones with software earlier than ...)
+CVE-2017-2725
 	NOT-FOR-US: Huawei
-CVE-2017-2724 (Bastet in P10 Plus and P10 smart phones with software earlier than ...)
+CVE-2017-2724
 	NOT-FOR-US: Huawei
-CVE-2017-2723 (The Files APP 7.1.1.308 and earlier versions in some Huawei mobile ...)
+CVE-2017-2723
 	NOT-FOR-US: Huawei
-CVE-2017-2722 (DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, ...)
+CVE-2017-2722
 	NOT-FOR-US: Huawei
-CVE-2017-2721 (Some Huawei smart phones with software ...)
+CVE-2017-2721
 	NOT-FOR-US: Huawei
-CVE-2017-2720 (FusionSphere OpenStack V100R006C00 has an information exposure ...)
+CVE-2017-2720
 	NOT-FOR-US: Huawei
-CVE-2017-2719 (FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 ...)
+CVE-2017-2719
 	NOT-FOR-US: Huawei
-CVE-2017-2718 (FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 ...)
+CVE-2017-2718
 	NOT-FOR-US: Huawei
-CVE-2017-2717 (honor 8 Pro with software Duke-L09C10B120 and earlier ...)
+CVE-2017-2717
 	NOT-FOR-US: Huawei
-CVE-2017-2716 (The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 ...)
+CVE-2017-2716
 	NOT-FOR-US: Huawei
-CVE-2017-2715 (The Files APP 7.1.1.309 and earlier versions in some Huawei mobile ...)
+CVE-2017-2715
 	NOT-FOR-US: Huawei
-CVE-2017-2714 (The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier ...)
+CVE-2017-2714
 	NOT-FOR-US: Huawei
-CVE-2017-2713 (HUAWEI P9 smartphones with software versions earlier before ...)
+CVE-2017-2713
 	NOT-FOR-US: Huawei
-CVE-2017-2712 (S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping ...)
+CVE-2017-2712
 	NOT-FOR-US: Huawei
-CVE-2017-2711 (P9 Plus smartphones with software earlier than VIE-AL10C00B352 ...)
+CVE-2017-2711
 	NOT-FOR-US: Huawei
-CVE-2017-2710 (BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than ...)
+CVE-2017-2710
 	NOT-FOR-US: Huawei
-CVE-2017-2709 (HiGame with software earlier than 7.3.0 versions, SkyTone with ...)
+CVE-2017-2709
 	NOT-FOR-US: Huawei
-CVE-2017-2708 (The 'Find Phone' function in Nice smartphones with software versions ...)
+CVE-2017-2708
 	NOT-FOR-US: Huawei
-CVE-2017-2707 (Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege ...)
+CVE-2017-2707
 	NOT-FOR-US: Huawei
-CVE-2017-2706 (Mate 9 smartphones with software MHA-AL00AC00B125 have a directory ...)
+CVE-2017-2706
 	NOT-FOR-US: Huawei
-CVE-2017-2705 (Huawei P9 smartphones with software versions earlier before ...)
+CVE-2017-2705
 	NOT-FOR-US: Huawei
-CVE-2017-2704 (Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier ...)
+CVE-2017-2704
 	NOT-FOR-US: Huawei
-CVE-2017-2703 (Phone Finder in versions earlier before MHA-AL00BC00B156,Versions ...)
+CVE-2017-2703
 	NOT-FOR-US: Huawei
-CVE-2017-2702 (Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. ...)
+CVE-2017-2702
 	NOT-FOR-US: Huawei
-CVE-2017-2701 (Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) ...)
+CVE-2017-2701
 	NOT-FOR-US: Huawei
-CVE-2017-2700 (AC6005 with software V200R006C10, AC6605 with software V200R006C10 ...)
+CVE-2017-2700
 	NOT-FOR-US: Huawei
-CVE-2017-2699 (The Huawei Themes APP in versions earlier than PLK-UL00C17B385, ...)
+CVE-2017-2699
 	NOT-FOR-US: Huawei
-CVE-2017-2698 (The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has ...)
+CVE-2017-2698
 	NOT-FOR-US: Huawei
-CVE-2017-2697 (The goldeneye driver in NMO-L31C432B120 and earlier ...)
+CVE-2017-2697
 	NOT-FOR-US: Huawei
-CVE-2017-2696 (The emerg_data driver in CAM-L21C10B130 and earlier versions, ...)
+CVE-2017-2696
 	NOT-FOR-US: Huawei
-CVE-2017-2695 (TIT-AL00C583B211 has a directory traversal vulnerability which allows ...)
+CVE-2017-2695
 	NOT-FOR-US: Huawei
-CVE-2017-2694 (The AlarmService component in HwVmall with software earlier than ...)
+CVE-2017-2694
 	NOT-FOR-US: Huawei
-CVE-2017-2693 (ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier ...)
+CVE-2017-2693
 	NOT-FOR-US: Huawei
-CVE-2017-2692 (The Keyguard application in ALE-L02C635B140 and earlier ...)
+CVE-2017-2692
 	NOT-FOR-US: Huawei
-CVE-2017-2691 (Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier ...)
+CVE-2017-2691
 	NOT-FOR-US: Huawei
-CVE-2017-2690 (SoftCo with software V200R003C20,eSpace U1910 with software ...)
+CVE-2017-2690
 	NOT-FOR-US: Huawei
-CVE-2017-2689 (Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to ...)
+CVE-2017-2689
 	NOT-FOR-US: Siemens
-CVE-2017-2688 (The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at ...)
+CVE-2017-2688
 	NOT-FOR-US: Siemens
-CVE-2017-2687 (Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the ...)
+CVE-2017-2687
 	NOT-FOR-US: Siemens
-CVE-2017-2686 (Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that ...)
+CVE-2017-2686
 	NOT-FOR-US: Siemens
-CVE-2017-2685 (Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 ...)
+CVE-2017-2685
 	NOT-FOR-US: Siemens
-CVE-2017-2684 (Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an ...)
+CVE-2017-2684
 	NOT-FOR-US: Siemens
-CVE-2017-2683 (A non-privileged user of the Siemens web application RUGGEDCOM NMS &lt; ...)
+CVE-2017-2683
 	NOT-FOR-US: Siemens
-CVE-2017-2682 (The Siemens web application RUGGEDCOM NMS &lt; V1.2 on port 8080/TCP and ...)
+CVE-2017-2682
 	NOT-FOR-US: Siemens
-CVE-2017-2681 (A vulnerability has been identified in SIMATIC CP 343-1 Std (All ...)
+CVE-2017-2681
 	NOT-FOR-US: Siemens
-CVE-2017-2680 (SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP ...)
+CVE-2017-2680
 	NOT-FOR-US: Siemens
 CVE-2017-2679
 	RESERVED
@@ -44876,55 +44874,55 @@ CVE-2017-2677
 	RESERVED
 CVE-2017-2676
 	RESERVED
-CVE-2017-2675 (Little Snitch version 3.0 through 3.7.3 suffer from a local privilege ...)
+CVE-2017-2675
 	NOT-FOR-US: Little Snitch
-CVE-2017-2674 (JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored ...)
+CVE-2017-2674
 	NOT-FOR-US: Red Hat business central
-CVE-2017-2673 (An authorization-check flaw was discovered in federation ...)
+CVE-2017-2673
 	- keystone 2:10.0.0-9 (bug #861189)
 	[jessie] - keystone <not-affected> (Vulnerable code not present)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1677723
-CVE-2017-2672 (A flaw was found in foreman before version 1.15 in the logging of ...)
+CVE-2017-2672
 	- foreman <itp> (bug #663101)
-CVE-2017-2671 (The ping_unhash function in net/ipv4/ping.c in the Linux kernel ...)
+CVE-2017-2671
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/24/6
 	NOTE: Fixed by: https://git.kernel.org/linus/43a6684519ab0a6c52024b5e25322476cabad893
-CVE-2017-2670 (It was found in Undertow before 1.3.28 that with non-clean TCP close, ...)
+CVE-2017-2670
 	{DSA-3906-1}
 	- undertow 1.4.18-1 (bug #864405)
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1035
-CVE-2017-2669 (Dovecot before version 2.2.29 is vulnerable to a denial of service. ...)
+CVE-2017-2669
 	- dovecot 1:2.2.27-3 (bug #860049)
 	[jessie] - dovecot <not-affected> (Vulnerable code not present)
 	[wheezy] - dovecot <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/dovecot/core/commit/000030feb7a30f193197f1aab8a7b04a26b42735
 	NOTE: Introduced by: https://github.com/dovecot/core/commit/a3783f8a3c9cd816b51e77a922f82301512fcf22
-CVE-2017-2668 (389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an ...)
+CVE-2017-2668
 	- 389-ds-base 1.3.5.17-1 (bug #860125)
 	[jessie] - 389-ds-base <not-affected> (Vulnerable code not present)
 	NOTE: CentOS fix: https://git.centos.org/raw/rpms!389-ds-base!/c9e5dad69e2b497f118efac56f43cc6c74b6a695/SOURCES!0072-fix-for-cve-2017-2668-simple-return-text-if-suffix-n.patch
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1436575
-CVE-2017-2667 (Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not ...)
+CVE-2017-2667
 	- foreman <itp> (bug #663101)
-CVE-2017-2666 (It was discovered in Undertow that the code that parsed the HTTP ...)
+CVE-2017-2666
 	{DSA-3906-1}
 	- undertow 1.4.18-1 (bug #864405)
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1101
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
-CVE-2017-2665 (The skyring-setup command creates random password for mongodb skyring ...)
+CVE-2017-2665
 	NOT-FOR-US: Red Hat Storage / skyring
-CVE-2017-2664 (CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before ...)
+CVE-2017-2664
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-2663 (It was found that subscription-manager's DBus interface before 1.19.4 ...)
+CVE-2017-2663
 	NOT-FOR-US: candlepin / subscription-manager
-CVE-2017-2662 (A flaw was found in Foreman's katello plugin version 3.4.5. After ...)
+CVE-2017-2662
 	- foreman <itp> (bug #663101)
-CVE-2017-2661 (ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site ...)
+CVE-2017-2661
 	- pcs 0.9.155+dfsg-2 (bug #858379)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1428948
 	NOTE: https://github.com/ClusterLabs/pcs/commit/1874a769b5720ae5430f10c6cedd234430bc703f
@@ -44935,7 +44933,7 @@ CVE-2017-2659 [Information leak when given invalid username]
 	RESERVED
 	- dropbear 2013.60-1
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a#l1.86
-CVE-2017-2658 (It was discovered that the Dashbuilder login page as used in Red Hat ...)
+CVE-2017-2658
 	NOT-FOR-US: JBoss BPMS
 CVE-2017-2657
 	RESERVED
@@ -44943,120 +44941,120 @@ CVE-2017-2656
 	REJECTED
 CVE-2017-2655
 	REJECTED
-CVE-2017-2654 (jenkins-email-ext before version 2.57.1 is vulnerable to an ...)
+CVE-2017-2654
 	NOT-FOR-US: jenkins-email-ext
-CVE-2017-2653 (A number of unused delete routes are present in CloudForms before ...)
+CVE-2017-2653
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-2652 (It was found that there were no permission checks performed in the ...)
+CVE-2017-2652
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-2651 (jenkins-mailer-plugin before version 1.20 is vulnerable to an ...)
+CVE-2017-2651
 	NOT-FOR-US: jenkins-mailer-plugin
-CVE-2017-2650 (It was found that the use of Pipeline: Classpath Step Jenkins plugin ...)
+CVE-2017-2650
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-2649 (It was found that the Active Directory Plugin for Jenkins up to and ...)
+CVE-2017-2649
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-2648 (It was found that jenkins-ssh-slaves-plugin before version 1.15 did ...)
+CVE-2017-2648
 	NOT-FOR-US: jenkins-ssh-slaves-plugin
-CVE-2017-2647 (The KEYS subsystem in the Linux kernel before 3.18 allows local users ...)
+CVE-2017-2647
 	{DLA-922-1}
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81 (v3.18-rc1)
-CVE-2017-2646 (It was found that when Keycloak before 2.5.5 receives a Logout request ...)
+CVE-2017-2646
 	NOT-FOR-US: Keycloak
-CVE-2017-2645 (In Moodle 3.x, XSS can occur via attachments to evidence of prior ...)
+CVE-2017-2645
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1 and 3.1 to 3.1.4)
 	NOTE: https://tracker.moodle.org/browse/MDL-57597
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57597
-CVE-2017-2644 (In Moodle 3.x, XSS can occur via evidence of prior learning. ...)
+CVE-2017-2644
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1 and 3.1 to 3.1.4)
 	NOTE: https://tracker.moodle.org/browse/MDL-57596
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57596
-CVE-2017-2643 (In Moodle 3.2.x, global search displays user names for unauthenticated ...)
+CVE-2017-2643
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1)
 	NOTE: https://tracker.moodle.org/browse/MDL-56526
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56526
-CVE-2017-2642 (Moodle 3.x has user fullname disclosure on the user preferences page. ...)
+CVE-2017-2642
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=355554
-CVE-2017-2641 (In Moodle 2.x and 3.x, SQL injection can occur via user preferences. ...)
+CVE-2017-2641
 	- moodle 2.7.19+dfsg-1
 	NOTE: https://tracker.moodle.org/browse/MDL-58010
 	NOTE: https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-58010
-CVE-2017-2640 (An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 ...)
+CVE-2017-2640
 	{DSA-3806-1 DLA-853-1}
 	- pidgin 2.12.0-1 (bug #859159)
 	NOTE: https://www.pidgin.im/news/security/?id=109
 	NOTE: https://bitbucket.org/pidgin/main/commits/b2fc9e774cb9
-CVE-2017-2639 (It was found that CloudForms does not verify that the server hostname ...)
+CVE-2017-2639
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2017-2638 (It was found that the REST API in Infinispan before version 9.0.0 did ...)
+CVE-2017-2638
 	NOT-FOR-US: infinispan
-CVE-2017-2637 (A design flaw issue was found in the Red Hat OpenStack Platform ...)
+CVE-2017-2637
 	NOT-FOR-US: Red Hat OpenStack Platform director
-CVE-2017-2636 (Race condition in drivers/tty/n_hdlc.c in the Linux kernel through ...)
+CVE-2017-2636
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.16-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/07/6
 	NOTE: Fixed by: https://git.kernel.org/linus/82f2341c94d270421f383641b7cd670e474db56b (v4.11-rc2)
 	NOTE: https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
-CVE-2017-2635 (A NULL pointer deference flaw was found in the way libvirt from 2.5.0 ...)
+CVE-2017-2635
 	- libvirt 3.0.0-3 (bug #856313)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=c5f6151390ff0a8e65014172bb8c0a8d312c3353 (v3.0.0-rc1)
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=c3de387380f6057ee0e46cd9f2f0a092e8070875 (v3.1.0-rc1)
-CVE-2017-2634 (It was found that the Linux kernel's Datagram Congestion Control ...)
+CVE-2017-2634
 	- linux <not-affected> (Fixed before initial rename to src:linux)
 	NOTE: Fixed by: https://git.kernel.org/linus/f53dc67c5e7babafe239b93a11678b0e05bead51 (2.6.25-rc1)
-CVE-2017-2633 (An out-of-bounds memory access issue was found in Quick Emulator ...)
+CVE-2017-2633
 	- qemu 2.1+dfsg-1
 	[wheezy] - qemu <postponed> (Can be fixed along when more severe issues are being fixed)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along when more severe issues are being fixed)
 	NOTE: Upstream patch: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=bea60dd7679364493a0d7f5b54316c767cf894ef
 	NOTE: Upstream patch: http://git.qemu-project.org/?p=qemu.git;a=commit;h=9f64916da20eea67121d544698676295bbb105a7
-CVE-2017-2632 (A logic error in valid_role() in CloudForms role validation before ...)
+CVE-2017-2632
 	NOT-FOR-US: Red Hat CloudForms Management Engine
 CVE-2017-2631
 	RESERVED
-CVE-2017-2630 (A stack buffer overflow flaw was found in the Quick Emulator (QEMU) ...)
+CVE-2017-2630
 	- qemu 1:2.8+dfsg-3 (bug #855227)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in v2.8.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in v2.8.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422415
-CVE-2017-2629 (curl before 7.53.0 has an incorrect TLS Certificate Status Request ...)
+CVE-2017-2629
 	- curl 7.52.1-3
 	[jessie] - curl <not-affected> (Vulnerable code introduced later)
 	[wheezy] - curl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/curl/curl/commit/ca6ea6d9be5102a2246dff6e17b3ee9ad4ec64d0
 	NOTE: Patch: https://curl.haxx.se/CVE-2017-2629.patch
 	NOTE: https://curl.haxx.se/docs/adv_20170222.html
-CVE-2017-2628 (curl, as shipped in Red Hat Enterprise Linux 6 before version ...)
+CVE-2017-2628
 	- curl <not-affected> (Red Hat specific backport issue)
-CVE-2017-2627 (A flaw was found in openstack-tripleo-common as shipped with Red Hat ...)
+CVE-2017-2627
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421917
 	NOT-FOR-US: RHEL packaging flaw for openstack
-CVE-2017-2626 (It was discovered that libICE before 1.0.9-8 used a weak entropy to ...)
+CVE-2017-2626
 	- libice 2:1.0.9-2 (bug #856400)
 	[jessie] - libice <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	[wheezy] - libice <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
-CVE-2017-2625 (It was discovered that libXdmcp before 1.1.2 including used weak ...)
+CVE-2017-2625
 	- libxdmcp 1:1.1.2-2 (bug #856399)
 	[jessie] - libxdmcp <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	[wheezy] - libxdmcp <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
-CVE-2017-2624 (It was found that xorg-x11-server before 1.19.0 including uses ...)
+CVE-2017-2624
 	{DLA-1186-1}
 	- xorg-server 2:1.19.2-1 (low; bug #856398)
 	[jessie] - xorg-server 2:1.16.4-1+deb8u2
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
-CVE-2017-2623 (It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 ...)
+CVE-2017-2623
 	NOT-FOR-US: Red Hat rpm-ostree
-CVE-2017-2622 (An accessibility flaw was found in the OpenStack Workflow (mistral) ...)
+CVE-2017-2622
 	- mistral <not-affected> (Red Hat-specific)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420992
 	NOTE: tracing the installation shows that mkdir -p /var/log/mistral
@@ -45064,10 +45062,10 @@ CVE-2017-2622 (An accessibility flaw was found in the OpenStack Workflow (mistra
 	NOTE: permissions. But for Debian the final permissions seem to end
 	NOTE: to 0750, despite, owned by mistral:adm. Thus might need more
 	NOTE: investigation to determine the affected status.
-CVE-2017-2621 (An access-control flaw was found in the OpenStack Orchestration (heat) ...)
+CVE-2017-2621
 	- heat <not-affected> (heat-common postinst chmod's 0750 /var/log/heat)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420990
-CVE-2017-2620 (Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA ...)
+CVE-2017-2620
 	{DLA-1497-1 DLA-1270-1 DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (bug #855791)
 	- qemu-kvm <removed>
@@ -45075,18 +45073,18 @@ CVE-2017-2620 (Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-209.html
 	NOTE: Qemu upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html
-CVE-2017-2619 (Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a ...)
+CVE-2017-2619
 	{DSA-3816-1 DLA-894-1}
 	- samba 2:4.5.6+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-2619.html
-CVE-2017-2618 (A flaw was found in the Linux kernel's handling of clearing SELinux ...)
+CVE-2017-2618
 	{DSA-3791-1}
 	- linux 4.9.10-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/0c461cb727d146c9ef2d3e86214f498b78b7d125
-CVE-2017-2617 (hawtio before version 1.5.5 is vulnerable to remote code execution via ...)
+CVE-2017-2617
 	NOT-FOR-US: hawtio
-CVE-2017-2616 (A race condition was found in util-linux before 2.32.1 in the way su ...)
+CVE-2017-2616
 	{DSA-3793-1 DLA-838-1}
 	- shadow 1:4.4-4 (bug #855943)
 	NOTE: https://github.com/shadow-maint/shadow/commit/08fd4b69e84364677a10e519ccb25b71710ee686
@@ -45095,128 +45093,128 @@ CVE-2017-2616 (A race condition was found in util-linux before 2.32.1 in the way
 	- coreutils 8.20-1 (unimportant)
 	NOTE: Coreutils: Removed from source in https://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=928dd737
 	NOTE: and not installed by default since 2007.
-CVE-2017-2615 (Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator ...)
+CVE-2017-2615
 	{DLA-1497-1 DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (low; bug #854731)
 	NOTE: Introduced with: http://git.qemu.org/?p=qemu.git;a=commit;h=d3532a0db02296e687711b8cdc7791924efccea0 (which was the fix for CVE-2014-8106)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=62d4c6bd5263bb8413a06c80144fc678df6dfb64
-CVE-2017-2614 (When updating a password in the rhvm database the ovirt-aaa-jdbc-tool ...)
+CVE-2017-2614
 	NOT-FOR-US: Red Hat ovirt-aaa-jdbc-tool tools
-CVE-2017-2613 (jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation ...)
+CVE-2017-2613
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2612 (In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...)
+CVE-2017-2612
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2611 (Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient ...)
+CVE-2017-2611
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2610 (jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted ...)
+CVE-2017-2610
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2609 (jenkins before versions 2.44, 2.32.2 is vulnerable to an information ...)
+CVE-2017-2609
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2608 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code ...)
+CVE-2017-2608
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2607 (jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted ...)
+CVE-2017-2607
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2606 (Jenkins before versions 2.44, 2.32.2 is vulnerable to an information ...)
+CVE-2017-2606
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2605
 	REJECTED
-CVE-2017-2604 (In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...)
+CVE-2017-2604
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2603 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak ...)
+CVE-2017-2603
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2602 (jenkins before versions 2.44, 2.32.2 is vulnerable to an improper ...)
+CVE-2017-2602
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2601 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted ...)
+CVE-2017-2601
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2600 (In jenkins before versions 2.44, 2.32.2 node monitor data could be ...)
+CVE-2017-2600
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2599 (Jenkins before versions 2.44 and 2.32.2 is vulnerable to an ...)
+CVE-2017-2599
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2598 (Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode ...)
+CVE-2017-2598
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2597
 	RESERVED
-CVE-2017-2596 (The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux ...)
+CVE-2017-2596
 	{DSA-3791-1}
 	- linux 4.9.13-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.spinics.net/lists/kvm/msg144319.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417812
-CVE-2017-2595 (It was found that the log file viewer in Red Hat JBoss Enterprise ...)
+CVE-2017-2595
 	- wildfly <itp> (bug #752018)
-CVE-2017-2594 (hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, ...)
+CVE-2017-2594
 	NOT-FOR-US: hawtio
 CVE-2017-2593
 	RESERVED
-CVE-2017-2592 (python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is ...)
+CVE-2017-2592
 	- python-oslo.middleware 3.19.0-3 (bug #852742)
 	NOTE: https://launchpad.net/bugs/1628031
-CVE-2017-2591 (389-ds-base before version 1.3.6 is vulnerable to an improperly NULL ...)
+CVE-2017-2591
 	- 389-ds-base 1.3.5.15-2 (bug #851769)
 	[jessie] - 389-ds-base <not-affected> (Only affects 1.3.4.0 and later)
 	NOTE: https://fedorahosted.org/389/changeset/ffda694dd622b31277da07be76d3469fad86150f/
-CVE-2017-2590 (A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, ...)
+CVE-2017-2590
 	- freeipa <not-affected> (ca plugin introduced in 4.4)
 	NOTE: https://pagure.io/freeipa/issue/6713
 	NOTE: Fixed by (master): https://pagure.io/freeipa/c/b81ac59640f0b76fa9f53cf8be441f085a7089c4?branch=master
 	NOTE: Fixed by (ipa-4.4): https://pagure.io/freeipa/c/1aa314c79648c442473f19344387bfe11ec2141b?branch=ipa-4-4
-CVE-2017-2589 (It was discovered that the hawtio servlet 1.4 uses a single HttpClient ...)
+CVE-2017-2589
 	NOT-FOR-US: hawtio
 CVE-2017-2588
 	RESERVED
-CVE-2017-2587 (A memory allocation vulnerability was found in netpbm before 10.61. A ...)
+CVE-2017-2587
 	- netpbm-free <not-affected> (vulnerable code not present)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: Fixed by http://pkgs.fedoraproject.org/cgit/rpms/netpbm.git/commit/?id=c16a8b893ed77fc3f6f2b382d0d47d03621ed328
-CVE-2017-2586 (A null pointer dereference vulnerability was found in netpbm before ...)
+CVE-2017-2586
 	- netpbm-free <not-affected> (vulnerable code not present)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: Fixed by http://pkgs.fedoraproject.org/cgit/rpms/netpbm.git/commit/?id=c16a8b893ed77fc3f6f2b382d0d47d03621ed328
-CVE-2017-2585 (Red Hat Keycloak before version 2.5.1 has an implementation of HMAC ...)
+CVE-2017-2585
 	NOT-FOR-US: Keycloak
-CVE-2017-2584 (arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local ...)
+CVE-2017-2584
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.6-rc1)
 	NOTE: Upstream patch: https://www.spinics.net/lists/kvm/msg143571.html
 	NOTE: Fixed by: https://git.kernel.org/linus/129a72a0d3c8e139a04512325384fe5ac119e74d
-CVE-2017-2583 (The load_segment_descriptor implementation in arch/x86/kvm/emulate.c ...)
+CVE-2017-2583
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.6-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/33ab91103b3415e12457e3104f0e4517ce12d0f3
-CVE-2017-2582 (It was found that while parsing the SAML messages the StaxParserUtil ...)
+CVE-2017-2582
 	NOT-FOR-US: Keycloak
-CVE-2017-2581 (An out-of-bounds write vulnerability was found in netpbm before 10.61. ...)
+CVE-2017-2581
 	- netpbm-free <undetermined> (bug #854978)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/05/7
-CVE-2017-2580 (An out-of-bounds write vulnerability was found in netpbm before 10.61. ...)
+CVE-2017-2580
 	- netpbm-free <undetermined> (bug #854978)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/05/7
-CVE-2017-2579 (An out-of-bounds read vulnerability was found in netpbm before 10.61. ...)
+CVE-2017-2579
 	- netpbm-free <undetermined> (bug #854978)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/05/7
 CVE-2017-2577
 	REJECTED
-CVE-2017-2575 (A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL ...)
+CVE-2017-2575
 	NOT-FOR-US: libbpg
 CVE-2017-2574
 	RESERVED
@@ -45264,620 +45262,620 @@ CVE-2017-2553
 	RESERVED
 CVE-2017-2552
 	RESERVED
-CVE-2017-2551 (Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows ...)
+CVE-2017-2551
 	NOT-FOR-US: Wordpress plugin BackWPup
-CVE-2017-2550 (Vulnerability in Easy Joomla Backup v3.2.4. The software creates a ...)
+CVE-2017-2550
 	NOT-FOR-US: Easy Joomla Backup
-CVE-2017-2549 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2549
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2548 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2548
 	NOT-FOR-US: Apple
-CVE-2017-2547 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2547
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2546 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2546
 	NOT-FOR-US: Apple
-CVE-2017-2545 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2545
 	NOT-FOR-US: Apple
-CVE-2017-2544 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2544
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2543 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2543
 	NOT-FOR-US: Apple
-CVE-2017-2542 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2542
 	NOT-FOR-US: Apple
-CVE-2017-2541 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2541
 	NOT-FOR-US: Apple
-CVE-2017-2540 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2540
 	NOT-FOR-US: Apple
-CVE-2017-2539 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2539
 	- webkit2gtk 2.16.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2538 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2538
 	- webkit2gtk 2.16.4-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: Not covered by security support
-CVE-2017-2537 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2537
 	NOT-FOR-US: Apple
-CVE-2017-2536 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2536
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2535 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2535
 	NOT-FOR-US: Apple
-CVE-2017-2534 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2534
 	NOT-FOR-US: Apple
-CVE-2017-2533 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2533
 	NOT-FOR-US: Apple
 CVE-2017-2532
 	RESERVED
-CVE-2017-2531 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2531
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2530 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2530
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
 CVE-2017-2529
 	RESERVED
-CVE-2017-2528 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2528
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2527 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2527
 	NOT-FOR-US: Apple
-CVE-2017-2526 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2526
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2525 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2525
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2524 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2524
 	NOT-FOR-US: Apple
-CVE-2017-2523 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2523
 	NOT-FOR-US: Apple
-CVE-2017-2522 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2522
 	NOT-FOR-US: Apple
-CVE-2017-2521 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2521
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2520 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2520
 	{DLA-1633-1}
 	- sqlite3 3.16.2-1
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=5694101458518016
 	NOTE: Fixed by: https://www.sqlite.org/src/info/2dc7eeb5b4d2eaf1
-CVE-2017-2519 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2519
 	{DLA-1633-1}
 	- sqlite3 3.16.0-1
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=288
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=6739028850245632
 	NOTE: Fixed by: https://www.sqlite.org/src/info/d08b72c38ff6fae6
-CVE-2017-2518 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2518
 	{DLA-1633-1}
 	- sqlite3 3.15.2-1
 	[wheezy] - sqlite3 <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=199
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=4603622180519936
 	NOTE: Fixed by: https://www.sqlite.org/src/info/0a98c8d76ac86412
-CVE-2017-2517 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+CVE-2017-2517
 	NOT-FOR-US: Apple Safari
-CVE-2017-2516 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2516
 	NOT-FOR-US: Apple
-CVE-2017-2515 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2515
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2514 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2514
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2513 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2513
 	- sqlite3 3.15.2-1
 	[jessie] - sqlite3 <not-affected> (Vulnerable code not present)
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=171
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=5770842466156544
 	NOTE: Fixed by: https://www.sqlite.org/src/info/c5dbc599b910c02a
-CVE-2017-2512 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2512
 	NOT-FOR-US: Apple
-CVE-2017-2511 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2017-2511
 	NOT-FOR-US: Apple Safari
-CVE-2017-2510 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2510
 	- webkit2gtk 2.16.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2509 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2509
 	NOT-FOR-US: Apple
-CVE-2017-2508 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2508
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2507 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2507
 	NOT-FOR-US: Apple
-CVE-2017-2506 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2506
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2505 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2505
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2504 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2504
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2503 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2503
 	NOT-FOR-US: Apple
-CVE-2017-2502 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2502
 	NOT-FOR-US: Apple
-CVE-2017-2501 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2501
 	NOT-FOR-US: Apple
-CVE-2017-2500 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2017-2500
 	NOT-FOR-US: Apple Safari
-CVE-2017-2499 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2499
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2498 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2498
 	NOT-FOR-US: Apple
-CVE-2017-2497 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2497
 	NOT-FOR-US: Apple
-CVE-2017-2496 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2496
 	- webkit2gtk 2.16.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2495 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
+CVE-2017-2495
 	NOT-FOR-US: Apple Safari
-CVE-2017-2494 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2494
 	NOT-FOR-US: Apple
-CVE-2017-2493 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2493
 	NOT-FOR-US: Apple
-CVE-2017-2492 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2492
 	NOT-FOR-US: Apple
-CVE-2017-2491 (Use after free vulnerability in the String.replace method ...)
+CVE-2017-2491
 	NOT-FOR-US: Apple Safari
-CVE-2017-2490 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2490
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2489 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2489
 	NOT-FOR-US: Apple involving Intel Graphics Driver
 CVE-2017-2488
 	RESERVED
-CVE-2017-2487 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2487
 	NOT-FOR-US: Apple involving FontParser component
-CVE-2017-2486 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2486
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2485 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2485
 	NOT-FOR-US: Apple involving Security component
-CVE-2017-2484 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2484
 	NOT-FOR-US: Apple involving Phone component
-CVE-2017-2483 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2483
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2482 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2482
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2481 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2481
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2480 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2480
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2479 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2479
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2478 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2478
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2477 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2477
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2017-2476 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2476
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2475 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2475
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2474 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2474
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2473 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2473
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2472 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2472
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2471 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2471
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2470 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2470
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2469 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2469
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2468 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2468
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2467 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2467
 	NOT-FOR-US: Apple involving ImageIO component
-CVE-2017-2466 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2466
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2465 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2465
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2464 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2464
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2463 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2463
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2462 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2462
 	NOT-FOR-US: Apple
-CVE-2017-2461 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2461
 	NOT-FOR-US: Apple involving CoreText component
-CVE-2017-2460 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2460
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2459 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2459
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2458 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2458
 	NOT-FOR-US: Apple
-CVE-2017-2457 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2457
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2456 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2456
 	NOT-FOR-US: Apple
-CVE-2017-2455 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2455
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2454 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2454
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2453 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2453
 	NOT-FOR-US: Apple Safari
-CVE-2017-2452 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2452
 	NOT-FOR-US: Apple Siri
-CVE-2017-2451 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2451
 	NOT-FOR-US: Apple involving Security component
-CVE-2017-2450 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2450
 	NOT-FOR-US: Apple involving CoreText component
-CVE-2017-2449 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2449
 	NOT-FOR-US: Apple invovling Bluetooth component
-CVE-2017-2448 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2448
 	NOT-FOR-US: Apple involving Keychain component
-CVE-2017-2447 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2447
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2446 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2446
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2445 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2445
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2444 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2444
 	NOT-FOR-US: Apple involving CoreGraphics component
-CVE-2017-2443 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2443
 	NOT-FOR-US: Apple involving Intel Graphics Driver
-CVE-2017-2442 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2442
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2441 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2441
 	NOT-FOR-US: Apple libc++abi component
-CVE-2017-2440 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2440
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2439 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2439
 	NOT-FOR-US: Apple involving FontParser component
-CVE-2017-2438 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2438
 	NOT-FOR-US: Apple involving AppleRAID component
-CVE-2017-2437 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2437
 	NOT-FOR-US: Apple involving IOFireWireAVC component
-CVE-2017-2436 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2436
 	NOT-FOR-US: Apple involving IOFireWireAVC component
-CVE-2017-2435 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2435
 	NOT-FOR-US: Apple involving CoreText component
-CVE-2017-2434 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2434
 	NOT-FOR-US: Apple involving HomeKit component
-CVE-2017-2433 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2433
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2432 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2432
 	NOT-FOR-US: Apple involving ImageIO component
-CVE-2017-2431 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2431
 	NOT-FOR-US: Apple
-CVE-2017-2430 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2430
 	NOT-FOR-US: Apple
-CVE-2017-2429 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2429
 	NOT-FOR-US: Apple
-CVE-2017-2428 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2428
 	NOT-FOR-US: Apple
-CVE-2017-2427 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2427
 	NOT-FOR-US: Apple
-CVE-2017-2426 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2426
 	NOT-FOR-US: Apple
-CVE-2017-2425 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2425
 	NOT-FOR-US: Apple
-CVE-2017-2424 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2424
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2423 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2423
 	NOT-FOR-US: Apple
-CVE-2017-2422 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2422
 	NOT-FOR-US: Apple
-CVE-2017-2421 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2421
 	NOT-FOR-US: Apple
-CVE-2017-2420 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2420
 	NOT-FOR-US: Apple
-CVE-2017-2419 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2419
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2418 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2418
 	NOT-FOR-US: Apple
-CVE-2017-2417 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2417
 	NOT-FOR-US: Apple
-CVE-2017-2416 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2416
 	NOT-FOR-US: Apple
-CVE-2017-2415 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2415
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2414 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2414
 	NOT-FOR-US: Apple
-CVE-2017-2413 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2413
 	NOT-FOR-US: Apple
-CVE-2017-2412 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2412
 	NOT-FOR-US: Apple
-CVE-2017-2411 (In iOS before 11.2, exchange rates were retrieved from HTTP rather ...)
+CVE-2017-2411
 	NOT-FOR-US: Apple
-CVE-2017-2410 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2410
 	NOT-FOR-US: Apple
-CVE-2017-2409 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2409
 	NOT-FOR-US: Apple
-CVE-2017-2408 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2408
 	NOT-FOR-US: Apple
-CVE-2017-2407 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2407
 	NOT-FOR-US: Apple
-CVE-2017-2406 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2406
 	NOT-FOR-US: Apple
-CVE-2017-2405 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2405
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2404 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2404
 	NOT-FOR-US: Apple
-CVE-2017-2403 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2403
 	NOT-FOR-US: Apple
-CVE-2017-2402 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2402
 	NOT-FOR-US: Apple
-CVE-2017-2401 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2401
 	NOT-FOR-US: Apple
-CVE-2017-2400 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2400
 	NOT-FOR-US: Apple
-CVE-2017-2399 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2399
 	NOT-FOR-US: Apple
-CVE-2017-2398 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2398
 	NOT-FOR-US: Apple
-CVE-2017-2397 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2397
 	NOT-FOR-US: Apple
-CVE-2017-2396 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2396
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2395 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2395
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2394 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2394
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2393 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2393
 	NOT-FOR-US: Apple
-CVE-2017-2392 (An issue was discovered in certain Apple products. Safari before 10.1 ...)
+CVE-2017-2392
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2391 (An issue was discovered in certain Apple products. Pages before 6.1, ...)
+CVE-2017-2391
 	NOT-FOR-US: Apple
-CVE-2017-2390 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2390
 	NOT-FOR-US: Apple / libarchive
 	NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't cooperate
-CVE-2017-2389 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2389
 	NOT-FOR-US: Apple
-CVE-2017-2388 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2388
 	NOT-FOR-US: Apple
-CVE-2017-2387 (The Apple Music (aka com.apple.android.music) application before 2.0 ...)
+CVE-2017-2387
 	NOT-FOR-US: Apple Music application for Android
-CVE-2017-2386 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2386
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2385 (An issue was discovered in certain Apple products. Safari before 10.1 ...)
+CVE-2017-2385
 	NOT-FOR-US: Apple
-CVE-2017-2384 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2384
 	NOT-FOR-US: Apple
-CVE-2017-2383 (An issue was discovered in certain Apple products. iCloud before 6.2 ...)
+CVE-2017-2383
 	NOT-FOR-US: Apple
-CVE-2017-2382 (An issue was discovered in certain Apple products. macOS Server before ...)
+CVE-2017-2382
 	NOT-FOR-US: Apple
-CVE-2017-2381 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2381
 	NOT-FOR-US: Apple, that's likely just a broken sudo config
-CVE-2017-2380 (An issue was discovered in certain Apple products.  iOS before 10.3 ...)
+CVE-2017-2380
 	NOT-FOR-US: Apple
-CVE-2017-2379 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2379
 	NOT-FOR-US: Apple
-CVE-2017-2378 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2378
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2377 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2377
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2376 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2376
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
 CVE-2017-2375
 	RESERVED
-CVE-2017-2374 (An issue was discovered in certain Apple products. GarageBand before ...)
+CVE-2017-2374
 	NOT-FOR-US: Apple
-CVE-2017-2373 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2373
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2372 (An issue was discovered in certain Apple products. GarageBand before ...)
+CVE-2017-2372
 	NOT-FOR-US: Apple
-CVE-2017-2371 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2371
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2370 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2370
 	NOT-FOR-US: Apple
-CVE-2017-2369 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2369
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2368 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2368
 	NOT-FOR-US: Apple
-CVE-2017-2367 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
+CVE-2017-2367
 	- webkitgtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2366 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2366
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2365 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2365
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2364 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2364
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2363 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2363
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2362 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2362
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2361 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2361
 	NOT-FOR-US: Apple
-CVE-2017-2360 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2360
 	NOT-FOR-US: Apple
-CVE-2017-2359 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2017-2359
 	NOT-FOR-US: Apple
-CVE-2017-2358 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2358
 	NOT-FOR-US: Apple
-CVE-2017-2357 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2357
 	NOT-FOR-US: Apple
-CVE-2017-2356 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2356
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2355 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2355
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2354 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2354
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2353 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2017-2353
 	NOT-FOR-US: Apple
-CVE-2017-2352 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2352
 	NOT-FOR-US: Apple
-CVE-2017-2351 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2351
 	NOT-FOR-US: Apple
-CVE-2017-2350 (An issue was discovered in certain Apple products. iOS before 10.2.1 ...)
+CVE-2017-2350
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2349 (A command injection vulnerability in the IDP feature of Juniper ...)
+CVE-2017-2349
 	NOT-FOR-US: Juniper
-CVE-2017-2348 (The Juniper Enhanced jdhcpd daemon may experience high CPU ...)
+CVE-2017-2348
 	NOT-FOR-US: Juniper
-CVE-2017-2347 (A denial of service vulnerability in rpd daemon of Juniper Networks ...)
+CVE-2017-2347
 	NOT-FOR-US: Juniper
-CVE-2017-2346 (An MS-MPC or MS-MIC Service PIC may crash when large fragmented ...)
+CVE-2017-2346
 	NOT-FOR-US: Juniper
-CVE-2017-2345 (On Junos OS devices with SNMP enabled, a network based attacker with ...)
+CVE-2017-2345
 	NOT-FOR-US: Juniper
-CVE-2017-2344 (A routine within an internal Junos OS sockets library is vulnerable to ...)
+CVE-2017-2344
 	NOT-FOR-US: Juniper
-CVE-2017-2343 (The Integrated User Firewall (UserFW) feature was introduced in Junos ...)
+CVE-2017-2343
 	NOT-FOR-US: Juniper
-CVE-2017-2342 (MACsec feature on Juniper Networks Junos OS 15.1X49 prior to ...)
+CVE-2017-2342
 	NOT-FOR-US: Juniper
-CVE-2017-2341 (An insufficient authentication vulnerability on platforms where Junos ...)
+CVE-2017-2341
 	NOT-FOR-US: Juniper
-CVE-2017-2340 (On Juniper Networks Junos OS 15.1 releases from 15.1R3 to 15.1R4, 16.1 ...)
+CVE-2017-2340
 	NOT-FOR-US: Juniper
-CVE-2017-2339 (A persistent cross site scripting vulnerability in NetScreen WebUI of ...)
+CVE-2017-2339
 	NOT-FOR-US: Juniper
-CVE-2017-2338 (A persistent cross site scripting vulnerability in NetScreen WebUI of ...)
+CVE-2017-2338
 	NOT-FOR-US: Juniper
-CVE-2017-2337 (A persistent cross site scripting vulnerability in NetScreen WebUI of ...)
+CVE-2017-2337
 	NOT-FOR-US: Juniper
-CVE-2017-2336 (A reflected cross site scripting vulnerability in NetScreen WebUI of ...)
+CVE-2017-2336
 	NOT-FOR-US: Juniper
-CVE-2017-2335 (A persistent cross site scripting vulnerability in NetScreen WebUI of ...)
+CVE-2017-2335
 	NOT-FOR-US: Juniper
-CVE-2017-2334 (An information leak vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2334
 	NOT-FOR-US: Juniper
-CVE-2017-2333 (A persistent denial of service vulnerability in Juniper Networks ...)
+CVE-2017-2333
 	NOT-FOR-US: Juniper
-CVE-2017-2332 (An insufficient authentication vulnerability in Juniper Networks ...)
+CVE-2017-2332
 	NOT-FOR-US: Juniper
-CVE-2017-2331 (A firewall bypass vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2331
 	NOT-FOR-US: Juniper
-CVE-2017-2330 (A denial of service vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2330
 	NOT-FOR-US: Juniper
-CVE-2017-2329 (An insufficient authentication vulnerability in Juniper Networks ...)
+CVE-2017-2329
 	NOT-FOR-US: Juniper
-CVE-2017-2328 (An information leak vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2328
 	NOT-FOR-US: Juniper
-CVE-2017-2327 (A denial of service vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2327
 	NOT-FOR-US: Juniper
-CVE-2017-2326 (An information disclosure vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2326
 	NOT-FOR-US: Juniper
-CVE-2017-2325 (A buffer overflow vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2325
 	NOT-FOR-US: Juniper
-CVE-2017-2324 (A command injection vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2324
 	NOT-FOR-US: Juniper
-CVE-2017-2323 (A denial of service vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2323
 	NOT-FOR-US: Juniper
-CVE-2017-2322 (A denial of service vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2322
 	NOT-FOR-US: Juniper
-CVE-2017-2321 (A vulnerability in Juniper Networks NorthStar Controller Application ...)
+CVE-2017-2321
 	NOT-FOR-US: Juniper
-CVE-2017-2320 (A vulnerability in Juniper Networks NorthStar Controller Application ...)
+CVE-2017-2320
 	NOT-FOR-US: Juniper
-CVE-2017-2319 (A vulnerability in Juniper Networks NorthStar Controller Application ...)
+CVE-2017-2319
 	NOT-FOR-US: Juniper
-CVE-2017-2318 (A vulnerability in Juniper Networks NorthStar Controller Application ...)
+CVE-2017-2318
 	NOT-FOR-US: Juniper
-CVE-2017-2317 (A denial of service vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2317
 	NOT-FOR-US: Juniper
-CVE-2017-2316 (A buffer overflow vulnerability in Juniper Networks NorthStar ...)
+CVE-2017-2316
 	NOT-FOR-US: Juniper
-CVE-2017-2315 (On Juniper Networks EX Series Ethernet Switches running affected Junos ...)
+CVE-2017-2315
 	NOT-FOR-US: Juniper
-CVE-2017-2314 (Receipt of a malformed BGP OPEN message may cause the routing protocol ...)
+CVE-2017-2314
 	NOT-FOR-US: Juniper
-CVE-2017-2313 (Juniper Networks devices running affected Junos OS versions may be ...)
+CVE-2017-2313
 	NOT-FOR-US: Juniper
-CVE-2017-2312 (On Juniper Networks devices running Junos OS affected versions and ...)
+CVE-2017-2312
 	NOT-FOR-US: Juniper
-CVE-2017-2311 (On Juniper Networks Junos Space versions prior to 16.1R1, an ...)
+CVE-2017-2311
 	NOT-FOR-US: Juniper
-CVE-2017-2310 (A firewall bypass vulnerability in the host based firewall of Juniper ...)
+CVE-2017-2310
 	NOT-FOR-US: Juniper
-CVE-2017-2309 (On Juniper Networks Junos Space versions prior to 16.1R1 when ...)
+CVE-2017-2309
 	NOT-FOR-US: Juniper
-CVE-2017-2308 (An XML External Entity Injection vulnerability in Juniper Networks ...)
+CVE-2017-2308
 	NOT-FOR-US: Juniper
-CVE-2017-2307 (A reflected cross site scripting vulnerability in the administrative ...)
+CVE-2017-2307
 	NOT-FOR-US: Juniper
-CVE-2017-2306 (On Juniper Networks Junos Space versions prior to 16.1R1, due to an ...)
+CVE-2017-2306
 	NOT-FOR-US: Juniper
-CVE-2017-2305 (On Juniper Networks Junos Space versions prior to 16.1R1, due to an ...)
+CVE-2017-2305
 	NOT-FOR-US: Juniper
-CVE-2017-2304 (Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 ...)
+CVE-2017-2304
 	NOT-FOR-US: Juniper
-CVE-2017-2303 (On Juniper Networks products or platforms running Junos OS 12.1X46 ...)
+CVE-2017-2303
 	NOT-FOR-US: Juniper
-CVE-2017-2302 (On Juniper Networks products or platforms running Junos OS 12.1X46 ...)
+CVE-2017-2302
 	NOT-FOR-US: Juniper
-CVE-2017-2301 (On Juniper Networks products or platforms running Junos OS 11.4 prior ...)
+CVE-2017-2301
 	NOT-FOR-US: Juniper
-CVE-2017-2300 (On Juniper Networks SRX Series Services Gateways chassis clusters ...)
+CVE-2017-2300
 	NOT-FOR-US: Juniper
-CVE-2017-2299 (Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 ...)
+CVE-2017-2299
 	- puppet-module-puppetlabs-apache 3.0.0-1 (bug #875983)
 	[stretch] - puppet-module-puppetlabs-apache <no-dsa> (Minor issue)
 	[jessie] - puppet-module-puppetlabs-apache <no-dsa> (Minor issue)
 	NOTE: https://puppet.com/security/cve/CVE-2017-2299
 	NOTE: https://github.com/puppetlabs/puppetlabs-apache/commit/7bb35c2293c12ce52329a4391fe1f20389efef06
-CVE-2017-2298 (The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a ...)
+CVE-2017-2298
 	NOT-FOR-US: mcollective-sshkey-security plugin
-CVE-2017-2297 (Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not ...)
+CVE-2017-2297
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2017-2296 (In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted ...)
+CVE-2017-2296
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2017-2295 (Versions of Puppet prior to 4.10.1 will deserialize data off the wire ...)
+CVE-2017-2295
 	{DSA-3862-1 DLA-1012-1}
 	- puppet 4.8.2-5 (bug #863212)
 	NOTE: https://puppet.com/security/cve/cve-2017-2295
 	NOTE: https://github.com/puppetlabs/puppet/commit/06d8c51367ca932b9da5d9b01958cfc0adf0f2ea
-CVE-2017-2294 (Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 failed to ...)
+CVE-2017-2294
 	- puppet <not-affected> (Doesn't affect Puppet as shipped in Debian)
 	NOTE: Puppet as shipped in Debian doesn't provide puppetdb yet
-CVE-2017-2293 (Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped ...)
+CVE-2017-2293
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2017-2292 (Versions of MCollective prior to 2.10.4 deserialized YAML from agents ...)
+CVE-2017-2292
 	- mcollective 2.12.0+dfsg-1 (bug #866711)
 	[jessie] - mcollective <no-dsa> (Minor issue)
 	[wheezy] - mcollective <no-dsa> (Minor issue)
@@ -45885,57 +45883,57 @@ CVE-2017-2292 (Versions of MCollective prior to 2.10.4 deserialized YAML from ag
 	NOTE: https://github.com/puppetlabs/marionette-collective/commit/e0e741889f5adeb8f75387037106b0d28a9099b0
 CVE-2017-2291
 	RESERVED
-CVE-2017-2290 (On Windows installations of the mcollective-puppet-agent plugin, ...)
+CVE-2017-2290
 	NOT-FOR-US: mcollective-puppet-agent plugin on Windows
-CVE-2017-2289 (Untrusted search path vulnerability in Installer of Qua station ...)
+CVE-2017-2289
 	NOT-FOR-US: Installer of Qua station connection tool for Windows
-CVE-2017-2288 (Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier ...)
+CVE-2017-2288
 	NOT-FOR-US: LhaForge
-CVE-2017-2287 (Untrusted search path vulnerability in NFC Port Software remover ...)
+CVE-2017-2287
 	NOT-FOR-US: NFC Port Software remover
-CVE-2017-2286 (Untrusted search path vulnerability in NFC Port Software Version ...)
+CVE-2017-2286
 	NOT-FOR-US: NFC Port Software
-CVE-2017-2285 (Cross-site scripting vulnerability in Simple Custom CSS and JS prior ...)
+CVE-2017-2285
 	NOT-FOR-US: Simple Custom CSS and JS
-CVE-2017-2284 (Cross-site scripting vulnerability in Popup Maker prior to version ...)
+CVE-2017-2284
 	NOT-FOR-US: Popup Maker
-CVE-2017-2283 (WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded ...)
+CVE-2017-2283
 	NOT-FOR-US: WN-G300R3 firmware
-CVE-2017-2282 (Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier ...)
+CVE-2017-2282
 	NOT-FOR-US: WN-AX1167GR firmware
-CVE-2017-2281 (WN-AX1167GR firmware version 3.00 and earlier allows an attacker to ...)
+CVE-2017-2281
 	NOT-FOR-US: WN-AX1167GR firmware
-CVE-2017-2280 (WN-AX1167GR firmware version 3.00 and earlier uses hardcoded ...)
+CVE-2017-2280
 	NOT-FOR-US: WN-AX1167GR firmware
-CVE-2017-2279 (Untrusted search path vulnerability in Tween Ver1.6.6.0 and earlier ...)
+CVE-2017-2279
 	NOT-FOR-US: Tween
-CVE-2017-2278 (The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB ...)
+CVE-2017-2278
 	NOT-FOR-US: RBB SPEED TEST App
-CVE-2017-2277 (WG-C10 v3.0.79 and earlier allows an attacker to bypass access ...)
+CVE-2017-2277
 	NOT-FOR-US: WG-C10
-CVE-2017-2276 (Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to ...)
+CVE-2017-2276
 	NOT-FOR-US: WG-C10
-CVE-2017-2275 (WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS ...)
+CVE-2017-2275
 	NOT-FOR-US: WG-C10
-CVE-2017-2274 (Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and ...)
+CVE-2017-2274
 	NOT-FOR-US: WMR-433* firmware
-CVE-2017-2273 (Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware ...)
+CVE-2017-2273
 	NOT-FOR-US: WMR-433* firmware
-CVE-2017-2272 (Untrusted search path vulnerability in Self-extracting encrypted files ...)
+CVE-2017-2272
 	NOT-FOR-US: AttacheCase
-CVE-2017-2271 (Untrusted search path vulnerability in Self-extracting encrypted files ...)
+CVE-2017-2271
 	NOT-FOR-US: AttacheCase
-CVE-2017-2270 (Untrusted search path vulnerability in Encrypted files in ...)
+CVE-2017-2270
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2269 (Untrusted search path vulnerability in FileCapsule Deluxe Portable ...)
+CVE-2017-2269
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2268 (Untrusted search path vulnerability in Encrypted files in ...)
+CVE-2017-2268
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2267 (Untrusted search path vulnerability in FileCapsule Deluxe Portable ...)
+CVE-2017-2267
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2266 (Untrusted search path vulnerability in Encrypted files in ...)
+CVE-2017-2266
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2265 (Untrusted search path vulnerability in FileCapsule Deluxe Portable ...)
+CVE-2017-2265
 	NOT-FOR-US: FileCapsule Deluxe Portable
 CVE-2017-2264
 	RESERVED
@@ -45949,111 +45947,111 @@ CVE-2017-2260
 	RESERVED
 CVE-2017-2259
 	RESERVED
-CVE-2017-2258 (Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 ...)
+CVE-2017-2258
 	NOT-FOR-US: Cybozu
-CVE-2017-2257 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 ...)
+CVE-2017-2257
 	NOT-FOR-US: Cybozu
-CVE-2017-2256 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 ...)
+CVE-2017-2256
 	NOT-FOR-US: Cybozu
-CVE-2017-2255 (Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 ...)
+CVE-2017-2255
 	NOT-FOR-US: Cybozu
-CVE-2017-2254 (Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of ...)
+CVE-2017-2254
 	NOT-FOR-US: Cybozu
-CVE-2017-2253 (Untrusted search path vulnerability in Installer of Yahoo! Toolbar ...)
+CVE-2017-2253
 	NOT-FOR-US: Installer of Yahoo! Toolbar (for Internet explorer)
-CVE-2017-2252 (Untrusted search path vulnerability in self-extracting archive files ...)
+CVE-2017-2252
 	NOT-FOR-US: File Compact
 CVE-2017-2251
 	RESERVED
 CVE-2017-2250
 	RESERVED
-CVE-2017-2249 (Untrusted search path vulnerability in Self-extracting archive files ...)
+CVE-2017-2249
 	NOT-FOR-US: Lhaz+
-CVE-2017-2248 (Untrusted search path vulnerability in Installer of Lhaz+ version ...)
+CVE-2017-2248
 	NOT-FOR-US: Lhaz+
-CVE-2017-2247 (Untrusted search path vulnerability in Self-extracting archive files ...)
+CVE-2017-2247
 	NOT-FOR-US: Lhaz
-CVE-2017-2246 (Untrusted search path vulnerability in Installer of Lhaz version 2.4.0 ...)
+CVE-2017-2246
 	NOT-FOR-US: Lhaz
-CVE-2017-2245 (Directory traversal vulnerability in Shortcodes Ultimate prior to ...)
+CVE-2017-2245
 	NOT-FOR-US: Shortcodes Ultimate
-CVE-2017-2244 (Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN ...)
+CVE-2017-2244
 	NOT-FOR-US: MFC-J960DWN firmware
-CVE-2017-2243 (Cross-site scripting vulnerability in Responsive Lightbox prior to ...)
+CVE-2017-2243
 	NOT-FOR-US: Responsive Lightbox
-CVE-2017-2242 (Untrusted search path vulnerability in Flets Setsuzoku Tool for ...)
+CVE-2017-2242
 	NOT-FOR-US: Flets Setsuzoku Tool for Windows
-CVE-2017-2241 (SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and ...)
+CVE-2017-2241
 	NOT-FOR-US: AssetView for MacOS
-CVE-2017-2240 (Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and ...)
+CVE-2017-2240
 	NOT-FOR-US: AssetView for MacOS
-CVE-2017-2239 (Marp versions v0.0.10 and earlier may allow an attacker to access ...)
+CVE-2017-2239
 	NOT-FOR-US: Marp
-CVE-2017-2238 (Cross-site request forgery (CSRF) vulnerability in Toshiba Home ...)
+CVE-2017-2238
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A
-CVE-2017-2237 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
+CVE-2017-2237
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2236 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
+CVE-2017-2236
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2235 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
+CVE-2017-2235
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2234 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
+CVE-2017-2234
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2233 (Untrusted search path vulnerability in Installer of PDF Digital ...)
+CVE-2017-2233
 	NOT-FOR-US: PDF Digital Signature Plugin
-CVE-2017-2232 (Untrusted search path vulnerability in Installer of Shinseiyo Sogo ...)
+CVE-2017-2232
 	NOT-FOR-US: Installer of Shinseiyo Sogo Soft
-CVE-2017-2231 (Untrusted search path vulnerability in The installer of MLIT ...)
+CVE-2017-2231
 	NOT-FOR-US: installer of MLIT DenshiSeikabutsuSakuseiShienKensa system
-CVE-2017-2230 (Untrusted search path vulnerability in Douro Kouji Kanseizutou Check ...)
+CVE-2017-2230
 	NOT-FOR-US: Douro Kouji Kanseizutou Check Program
-CVE-2017-2229 (Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei ...)
+CVE-2017-2229
 	NOT-FOR-US: Douroshisetu Kihon Data Sakusei System
-CVE-2017-2228 (Untrusted search path vulnerability in Teikihoukokusho Sakuseishien ...)
+CVE-2017-2228
 	NOT-FOR-US: Teikihoukokusho Sakuseishien Tool
-CVE-2017-2227 (Untrusted search path vulnerability in The installer of Charamin OMP ...)
+CVE-2017-2227
 	NOT-FOR-US: installer of Charamin OMP
-CVE-2017-2226 (Untrusted search path vulnerability in Setup file of advance ...)
+CVE-2017-2226
 	NOT-FOR-US: e-Tax
-CVE-2017-2225 (Untrusted search path vulnerability in EbidSettingChecker.exe (version ...)
+CVE-2017-2225
 	NOT-FOR-US: EbidSettingChecker.exe
-CVE-2017-2224 (Cross-site scripting vulnerability in Event Calendar WD prior to ...)
+CVE-2017-2224
 	NOT-FOR-US: Event Calendar WD
-CVE-2017-2223 (Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, ...)
+CVE-2017-2223
 	NOT-FOR-US: TS-WPTCAM
-CVE-2017-2222 (Cross-site scripting vulnerability in WP-Members prior to version ...)
+CVE-2017-2222
 	NOT-FOR-US: WP-Members
-CVE-2017-2221 (Untrusted search path vulnerability in Installer of Baidu IME ...)
+CVE-2017-2221
 	NOT-FOR-US: Installer of Baidu IME
-CVE-2017-2220 (Untrusted search path vulnerability in Installer of CASL II simulator ...)
+CVE-2017-2220
 	NOT-FOR-US: Installer of CASL II simulator
-CVE-2017-2219 (Untrusted search path vulnerability in the [Simeji for Windows] ...)
+CVE-2017-2219
 	NOT-FOR-US: Simeji
-CVE-2017-2218 (Untrusted search path vulnerability in Installer of QuickTime for ...)
+CVE-2017-2218
 	NOT-FOR-US: Installer of QuickTime for Windows
-CVE-2017-2217 (Open redirect vulnerability in WordPress Download Manager prior to ...)
+CVE-2017-2217
 	NOT-FOR-US: WordPress Download Manager
-CVE-2017-2216 (Cross-site scripting vulnerability in WordPress Download Manager prior ...)
+CVE-2017-2216
 	NOT-FOR-US: WordPress Download Manager
-CVE-2017-2215 (Untrusted search path vulnerability in Installer of &quot;Setup file of ...)
+CVE-2017-2215
 	NOT-FOR-US: Installer of "Setup file of advance preparation"
-CVE-2017-2214 (Untrusted search path vulnerability in AppCheck and AppCheck Pro prior ...)
+CVE-2017-2214
 	NOT-FOR-US: AppCheck
-CVE-2017-2213 (Untrusted search path vulnerability in SemiDynaEXE ...)
+CVE-2017-2213
 	NOT-FOR-US: SemiDynaEXE
-CVE-2017-2212 (Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. ...)
+CVE-2017-2212
 	NOT-FOR-US: TKY2JGD
-CVE-2017-2211 (Untrusted search path vulnerability in PatchJGD (Hyoko) ...)
+CVE-2017-2211
 	NOT-FOR-US: PatchJGD
-CVE-2017-2210 (Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. ...)
+CVE-2017-2210
 	NOT-FOR-US: PatchJGD
-CVE-2017-2209 (Untrusted search path vulnerability in the installer of Houkokusyo ...)
+CVE-2017-2209
 	NOT-FOR-US: Houkokusyo Sakusei Shien Tool
-CVE-2017-2208 (Untrusted search path vulnerability in Installer of Electronic ...)
+CVE-2017-2208
 	NOT-FOR-US: Installer of Electronic tendering and bid opening system
-CVE-2017-2207 (Untrusted search path vulnerability in the installer of SaAT Personal ...)
+CVE-2017-2207
 	NOT-FOR-US: SaAT Personal
-CVE-2017-2206 (Untrusted search path vulnerability in the installer of SaAT Netizen ...)
+CVE-2017-2206
 	NOT-FOR-US: SaAT Netizen
 CVE-2017-2205
 	RESERVED
@@ -46075,217 +46073,217 @@ CVE-2017-2197
 	RESERVED
 CVE-2017-2196
 	RESERVED
-CVE-2017-2195 (SQL injection vulnerability in the Multi Feed Reader prior to version ...)
+CVE-2017-2195
 	NOT-FOR-US: Multi Feed Reader plugin for wordpress
-CVE-2017-2194 (Cross-site scripting vulnerability in Source code security studying ...)
+CVE-2017-2194
 	NOT-FOR-US: iCodeChecker
-CVE-2017-2193 (Untrusted search path vulnerability in the installer of Tera Term 4.94 ...)
+CVE-2017-2193
 	NOT-FOR-US: Tera Term
-CVE-2017-2192 (Untrusted search path vulnerability in RW-5100 tool to verify ...)
+CVE-2017-2192
 	NOT-FOR-US: RW5100 installer
-CVE-2017-2191 (Untrusted search path vulnerability in RW-5100 driver installer for ...)
+CVE-2017-2191
 	NOT-FOR-US: RW5100 installer
-CVE-2017-2190 (Untrusted search path vulnerability in RW-4040 tool to verify ...)
+CVE-2017-2190
 	NOT-FOR-US: RW4040
-CVE-2017-2189 (Untrusted search path vulnerability in RW-4040 driver installer for ...)
+CVE-2017-2189
 	NOT-FOR-US: RW4040
-CVE-2017-2188 (Untrusted search path vulnerability in Installer of Denshinouhin Check ...)
+CVE-2017-2188
 	NOT-FOR-US: Installer of Denshinouhin Check System
-CVE-2017-2187 (Cross-site scripting vulnerability in WP Live Chat Support prior to ...)
+CVE-2017-2187
 	NOT-FOR-US: WP Live Chat
-CVE-2017-2186 (HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass ...)
+CVE-2017-2186
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2185 (HOME SPOT CUBE2 firmware V101 and earlier allows authenticated ...)
+CVE-2017-2185
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2184 (Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an ...)
+CVE-2017-2184
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2183 (HOME SPOT CUBE2 firmware V101 and earlier allows authenticated ...)
+CVE-2017-2183
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2182 (Hands-on Vulnerability Learning Tool &quot;AppGoat&quot; for Web Application ...)
+CVE-2017-2182
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2181 (Hands-on Vulnerability Learning Tool &quot;AppGoat&quot; for Web Application ...)
+CVE-2017-2181
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2180 (Hands-on Vulnerability Learning Tool &quot;AppGoat&quot; for Web Application ...)
+CVE-2017-2180
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2179 (Hands-on Vulnerability Learning Tool &quot;AppGoat&quot; for Web Application ...)
+CVE-2017-2179
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2178 (Untrusted search path vulnerability in Installer of electronic ...)
+CVE-2017-2178
 	NOT-FOR-US: electronic tendering and bid opening system
-CVE-2017-2177 (Untrusted search path vulnerability in Installer of Shogyo Touki ...)
+CVE-2017-2177
 	NOT-FOR-US: Shogyo Touki Denshi Ninsho
-CVE-2017-2176 (Untrusted search path vulnerability in screensaver installers ...)
+CVE-2017-2176
 	NOT-FOR-US: screensaver installers for Windows
-CVE-2017-2175 (Untrusted search path vulnerability in Empirical Project Monitor - ...)
+CVE-2017-2175
 	NOT-FOR-US: Empirical Project Monitor - eXtended
-CVE-2017-2174 (Cross-site scripting vulnerability in Empirical Project Monitor - ...)
+CVE-2017-2174
 	NOT-FOR-US: Empirical Project Monitor - eXtended
-CVE-2017-2173 (Cross-site scripting vulnerability in Empirical Project Monitor - ...)
+CVE-2017-2173
 	NOT-FOR-US: Empirical Project Monitor - eXtended
-CVE-2017-2172 (Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 ...)
+CVE-2017-2172
 	NOT-FOR-US: Cybozu
-CVE-2017-2171 (Cross-site scripting vulnerability in Captcha prior to version 4.3.0, ...)
+CVE-2017-2171
 	NOT-FOR-US: WordPress plugins provided by BestWebSoft
 CVE-2017-2170
 	RESERVED
-CVE-2017-2169 (Cross-site scripting vulnerability in MaxButtons prior to version 6.19 ...)
+CVE-2017-2169
 	NOT-FOR-US: MaxButtons plugin for WordPress
-CVE-2017-2168 (Cross-site scripting vulnerability in WP Booking System Free version ...)
+CVE-2017-2168
 	NOT-FOR-US: WP Booking System
-CVE-2017-2167 (Untrusted search path vulnerability in Installer for PrimeDrive ...)
+CVE-2017-2167
 	NOT-FOR-US: PrimeDrive
-CVE-2017-2166 (Open redirect vulnerability in GroupSession version 4.7.0 and earlier ...)
+CVE-2017-2166
 	NOT-FOR-US: GroupSession
-CVE-2017-2165 (GroupSession versions 4.6.4 and earlier allows remote authenticated ...)
+CVE-2017-2165
 	NOT-FOR-US: GroupSession
-CVE-2017-2164 (Cross-site scripting vulnerability in SOY CMS with installer 1.8.12 ...)
+CVE-2017-2164
 	NOT-FOR-US: SOY CMS
-CVE-2017-2163 (Directory traversal vulnerability in SOY CMS Ver.1.8.1 to Ver.1.8.12 ...)
+CVE-2017-2163
 	NOT-FOR-US: SOY CMS
-CVE-2017-2162 (FlashAirTM SDHC Memory Card (SD-WE Series &lt;W-03&gt;) V3.00.02 and earlier ...)
+CVE-2017-2162
 	NOT-FOR-US: FlashAirTM
-CVE-2017-2161 (FlashAirTM SDHC Memory Card (SD-WE Series &lt;W-03&gt;) V3.00.02 and earlier ...)
+CVE-2017-2161
 	NOT-FOR-US: FlashAirTM
 CVE-2017-2160
 	RESERVED
 CVE-2017-2159
 	RESERVED
-CVE-2017-2158 (Improper verification when expanding ZIP64 archives in Lhaplus ...)
+CVE-2017-2158
 	NOT-FOR-US: Lhaplus
-CVE-2017-2157 (Untrusted search path vulnerability in installers for The Public ...)
+CVE-2017-2157
 	NOT-FOR-US: The Public Certification Service
-CVE-2017-2156 (Untrusted search path vulnerability in Vivaldi installer for Windows ...)
+CVE-2017-2156
 	NOT-FOR-US: Vivaldi installer Windows
-CVE-2017-2155 (Buffer overflow in Hoozin Viewer 2, 3, 4.1.5.15 and earlier, 5.1.2.13 ...)
+CVE-2017-2155
 	NOT-FOR-US: Hoozin Viewer
-CVE-2017-2154 (Untrusted search path vulnerability in Hanako 2017, Hanako 2016, ...)
+CVE-2017-2154
 	NOT-FOR-US: Booking Calendar
-CVE-2017-2153 (SEIL/x86 Fuji 1.70 to 5.62, SEIL/BPV4 5.00 to 5.62, SEIL/X1 1.30 to ...)
+CVE-2017-2153
 	NOT-FOR-US: SEIL
-CVE-2017-2152 (WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to ...)
+CVE-2017-2152
 	NOT-FOR-US: WNC01WH firmware
-CVE-2017-2151 (Cross-site scripting vulnerability in Booking Calendar version 7.1 and ...)
+CVE-2017-2151
 	NOT-FOR-US: Booking Calendar
-CVE-2017-2150 (Directory traversal vulnerability in Booking Calendar version 7.0 and ...)
+CVE-2017-2150
 	NOT-FOR-US: Booking Calendar
-CVE-2017-2149 (Untrusted search path vulnerability in installers of the software for ...)
+CVE-2017-2149
 	NOT-FOR-US: installers of the software for SDHC/SDXC Memory Cards
-CVE-2017-2148 (Cross-site scripting vulnerability in WN-AC1167GR firmware version ...)
+CVE-2017-2148
 	NOT-FOR-US: WN-AC1167GR firmware
-CVE-2017-2147 (Cross-site scripting vulnerability in WP Statistics version 12.0.4 and ...)
+CVE-2017-2147
 	NOT-FOR-US: WP Statistics
-CVE-2017-2146 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 ...)
+CVE-2017-2146
 	NOT-FOR-US: Cybozu Garoon
-CVE-2017-2145 (Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows ...)
+CVE-2017-2145
 	NOT-FOR-US: Cybozu Garoon
-CVE-2017-2144 (Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another ...)
+CVE-2017-2144
 	NOT-FOR-US: Cybozu Garoon
-CVE-2017-2143 (CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor ...)
+CVE-2017-2143
 	NOT-FOR-US: CS-Cart
-CVE-2017-2142 (Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows ...)
+CVE-2017-2142
 	NOT-FOR-US: WN-G300R3 firmware
-CVE-2017-2141 (WN-G300R3 firmware 1.03 and earlier allows attackers with ...)
+CVE-2017-2141
 	NOT-FOR-US: WN-G300R3 firmware
-CVE-2017-2140 (Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be ...)
+CVE-2017-2140
 	NOT-FOR-US: Tablacus Explorer
-CVE-2017-2139 (CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), ...)
+CVE-2017-2139
 	NOT-FOR-US: CS-Cart
-CVE-2017-2138 (Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese ...)
+CVE-2017-2138
 	NOT-FOR-US: CS-Cart
-CVE-2017-2137 (ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote ...)
+CVE-2017-2137
 	NOT-FOR-US: ProSAFE Plus Configuration Utility
-CVE-2017-2136 (Cross-site scripting vulnerability in WP Statistics version 12.0.4 and ...)
+CVE-2017-2136
 	NOT-FOR-US: WP Statistics
-CVE-2017-2135 (Cross-site scripting vulnerability in WP Statistics version 12.0.1 and ...)
+CVE-2017-2135
 	NOT-FOR-US: WP Statistics
-CVE-2017-2134 (Cross-site scripting vulnerability in ASSETBASE 8.0 and earlier allows ...)
+CVE-2017-2134
 	NOT-FOR-US: ASSETBASE
-CVE-2017-2133 (SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices ...)
+CVE-2017-2133
 	NOT-FOR-US: Panasonic KX-HJB1000 Home unit devices
-CVE-2017-2132 (Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or ...)
+CVE-2017-2132
 	NOT-FOR-US: Panasonic KX-HJB1000 Home unit devices
-CVE-2017-2131 (Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or ...)
+CVE-2017-2131
 	NOT-FOR-US: Panasonic KX-HJB1000 Home unit devices
-CVE-2017-2130 (Untrusted search path vulnerability in the installer of PhishWall ...)
+CVE-2017-2130
 	NOT-FOR-US: installer of PhishWall Client Internet Explorer
 CVE-2017-2129
 	RESERVED
-CVE-2017-2128 (Security guide for website operators allows remote attackers to ...)
+CVE-2017-2128
 	NOT-FOR-US: Security guide for website operators
-CVE-2017-2127 (Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 ...)
+CVE-2017-2127
 	NOT-FOR-US: YOP Poll
-CVE-2017-2126 (WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware ...)
+CVE-2017-2126
 	NOT-FOR-US: WAPM-* firmware
-CVE-2017-2125 (Privilege escalation vulnerability in CentreCOM AR260S V2 remote ...)
+CVE-2017-2125
 	NOT-FOR-US: CentreCOM AR260S
-CVE-2017-2124 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...)
+CVE-2017-2124
 	NOT-FOR-US: OneThird CMS
-CVE-2017-2123 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...)
+CVE-2017-2123
 	NOT-FOR-US: OneThird CMS
-CVE-2017-2122 (Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, ...)
+CVE-2017-2122
 	NOT-FOR-US: Nessus
 CVE-2017-2121
 	RESERVED
-CVE-2017-2120 (SQL injection vulnerability in the WBCE CMS 1.1.10 and earlier allows ...)
+CVE-2017-2120
 	NOT-FOR-US: WBCE CMS
-CVE-2017-2119 (Directory traversal vulnerability in WBCE CMS 1.1.10 and earlier ...)
+CVE-2017-2119
 	NOT-FOR-US: WBCE CMS
-CVE-2017-2118 (Cross-site scripting vulnerability in WBCE CMS 1.1.10 and earlier ...)
+CVE-2017-2118
 	NOT-FOR-US: WBCE CMS
-CVE-2017-2117 (Directory traversal vulnerability in CubeCart versions prior to 6.1.5 ...)
+CVE-2017-2117
 	NOT-FOR-US: CubeCart
-CVE-2017-2116 (Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers ...)
+CVE-2017-2116
 	NOT-FOR-US: Cybozu
-CVE-2017-2115 (Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers ...)
+CVE-2017-2115
 	NOT-FOR-US: Cybozu
-CVE-2017-2114 (Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 ...)
+CVE-2017-2114
 	NOT-FOR-US: Cybozu
-CVE-2017-2113 (Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, ...)
+CVE-2017-2113
 	NOT-FOR-US: firmware in network cameras by I-O DATA
-CVE-2017-2112 (TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware ...)
+CVE-2017-2112
 	NOT-FOR-US: firmware in network cameras by I-O DATA
-CVE-2017-2111 (HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 ...)
+CVE-2017-2111
 	NOT-FOR-US: firmware in network cameras by I-O DATA
-CVE-2017-2110 (The Access CX App for Android prior to 2.0.0.1 and for iOS prior to ...)
+CVE-2017-2110
 	NOT-FOR-US: CX App for Android
-CVE-2017-2109 (Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to ...)
+CVE-2017-2109
 	NOT-FOR-US: Cybozu
-CVE-2017-2108 (Untrusted search path vulnerability in PrimeDrive Desktop Application ...)
+CVE-2017-2108
 	NOT-FOR-US: PrimeDrive Desktop Application
-CVE-2017-2107 (Untrusted search path vulnerability in Self-extracting archive files ...)
+CVE-2017-2107
 	NOT-FOR-US: 7-ZIP32.DLL
-CVE-2017-2106 (Multiple cross-site scripting vulnerabilities in Webmin versions prior ...)
+CVE-2017-2106
 	NOT-FOR-US: Webmin
-CVE-2017-2105 (The TVer App for Android 3.2.7 and earlier does not verify X.509 ...)
+CVE-2017-2105
 	NOT-FOR-US: TVer App for Android
-CVE-2017-2104 (The Business LaLa Call App for Android 1.4.7 and earlier does not ...)
+CVE-2017-2104
 	NOT-FOR-US: Business LaLa Call App for Android
-CVE-2017-2103 (The LaLa Call App for Android 2.4.7 and earlier does not verify X.509 ...)
+CVE-2017-2103
 	NOT-FOR-US: LaLa Call App for Android
-CVE-2017-2102 (Cross-site request forgery (CSRF) vulnerability in Hands-on ...)
+CVE-2017-2102
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2101 (Hands-on Vulnerability Learning Tool &quot;AppGoat&quot; for Web Application ...)
+CVE-2017-2101
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2100 (Hands-on Vulnerability Learning Tool &quot;AppGoat&quot; for Web Application ...)
+CVE-2017-2100
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2099 (Hands-on Vulnerability Learning Tool &quot;AppGoat&quot; for Web Application ...)
+CVE-2017-2099
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2098 (Directory traversal vulnerability in CubeCart versions prior to 6.1.4 ...)
+CVE-2017-2098
 	NOT-FOR-US: CubeCart
-CVE-2017-2097 (Cross-site request forgery (CSRF) vulnerability in Knowledge versions ...)
+CVE-2017-2097
 	NOT-FOR-US: Knowledge
-CVE-2017-2096 (smalruby-editor v0.4.0 and earlier allows remote attackers to execute ...)
+CVE-2017-2096
 	NOT-FOR-US: smalruby-editor
-CVE-2017-2095 (Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to ...)
+CVE-2017-2095
 	NOT-FOR-US: Cybozu
-CVE-2017-2094 (Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to ...)
+CVE-2017-2094
 	NOT-FOR-US: Cybozu
-CVE-2017-2093 (Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain tokens ...)
+CVE-2017-2093
 	NOT-FOR-US: Cybozu
-CVE-2017-2092 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 ...)
+CVE-2017-2092
 	NOT-FOR-US: Cybozu
-CVE-2017-2091 (Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to ...)
+CVE-2017-2091
 	NOT-FOR-US: Cybozu
-CVE-2017-2090 (Directory traversal vulnerability in CubeCart versions prior to 6.1.4 ...)
+CVE-2017-2090
 	NOT-FOR-US: CubeCart
 CVE-2017-2089
 	REJECTED
@@ -46875,31 +46873,31 @@ CVE-2017-1797
 	RESERVED
 CVE-2017-1796
 	RESERVED
-CVE-2017-1795 (IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local ...)
+CVE-2017-1795
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2017-1794 (IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 ...)
+CVE-2017-1794
 	NOT-FOR-US: IBM
-CVE-2017-1793 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2017-1793
 	NOT-FOR-US: IBM
-CVE-2017-1792 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2017-1792
 	NOT-FOR-US: IBM
-CVE-2017-1791 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2017-1791
 	NOT-FOR-US: IBM
-CVE-2017-1790 (IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through ...)
+CVE-2017-1790
 	NOT-FOR-US: IBM DOORS Next Generation
-CVE-2017-1789 (IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an ...)
+CVE-2017-1789
 	NOT-FOR-US: IBM
-CVE-2017-1788 (IBM WebSphere Application Server 9 installations using Form Login ...)
+CVE-2017-1788
 	NOT-FOR-US: IBM
-CVE-2017-1787 (IBM Publishing Engine 2.1.2 and 6.0.5 contains an undisclosed ...)
+CVE-2017-1787
 	NOT-FOR-US: IBM Publishing Engine
-CVE-2017-1786 (IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under ...)
+CVE-2017-1786
 	NOT-FOR-US: IBM
-CVE-2017-1785 (IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote ...)
+CVE-2017-1785
 	NOT-FOR-US: IBM API Connect
-CVE-2017-1784 (IBM Cognos Analytics 11.0 could produce results in temporary files ...)
+CVE-2017-1784
 	NOT-FOR-US: IBM Cognos Analytics
-CVE-2017-1783 (IBM Cognos Analytics 11.0 could allow a local user to change ...)
+CVE-2017-1783
 	NOT-FOR-US: IBM Cognos Analytics
 CVE-2017-1782
 	RESERVED
@@ -46907,7 +46905,7 @@ CVE-2017-1781
 	RESERVED
 CVE-2017-1780
 	RESERVED
-CVE-2017-1779 (IBM Cognos Analytics 11.0 could store cached credentials locally that ...)
+CVE-2017-1779
 	NOT-FOR-US: IBM Cognos Analytics
 CVE-2017-1778
 	RESERVED
@@ -46917,79 +46915,79 @@ CVE-2017-1776
 	RESERVED
 CVE-2017-1775
 	RESERVED
-CVE-2017-1774 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses ...)
+CVE-2017-1774
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2017-1773 (IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker ...)
+CVE-2017-1773
 	NOT-FOR-US: IBM DataPower Gateways
-CVE-2017-1772 (IBM Worklight (IBM MobileFirst Platform Foundation 6.3, 7.0, 7.1, and ...)
+CVE-2017-1772
 	NOT-FOR-US: IBM
 CVE-2017-1771
 	RESERVED
 CVE-2017-1770
 	RESERVED
-CVE-2017-1769 (IBM Business Process Manager 8.6 is vulnerable to cross-site request ...)
+CVE-2017-1769
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2017-1768 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 generates an ...)
+CVE-2017-1768
 	NOT-FOR-US: IBM
-CVE-2017-1767 (IBM Business Process Manager 8.6 is vulnerable to cross-site ...)
+CVE-2017-1767
 	NOT-FOR-US: IBM
-CVE-2017-1766 (Due to incorrect authorization in IBM Business Process Manager 8.6 an ...)
+CVE-2017-1766
 	NOT-FOR-US: IBM
-CVE-2017-1765 (IBM Business Process Manager 8.6 could allow an authenticated user ...)
+CVE-2017-1765
 	NOT-FOR-US: IBM
-CVE-2017-1764 (IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, ...)
+CVE-2017-1764
 	NOT-FOR-US: IBM
 CVE-2017-1763
 	RESERVED
-CVE-2017-1762 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2017-1762
 	NOT-FOR-US: IBM
-CVE-2017-1761 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to ...)
+CVE-2017-1761
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2017-1760 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to crash ...)
+CVE-2017-1760
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2017-1759
 	RESERVED
-CVE-2017-1758 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
+CVE-2017-1758
 	NOT-FOR-US: IBM Financial Transaction Manager for ACH Services for Multi-Platform
-CVE-2017-1757 (IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote ...)
+CVE-2017-1757
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1756 (IBM Business Process Manager 8.6 allows web pages to be stored locally ...)
+CVE-2017-1756
 	NOT-FOR-US: IBM
-CVE-2017-1755 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
+CVE-2017-1755
 	NOT-FOR-US: IBM
 CVE-2017-1754
 	RESERVED
-CVE-2017-1753 (Multiple IBM Rational products are vulnerable to HTML injection. A ...)
+CVE-2017-1753
 	NOT-FOR-US: IBM
-CVE-2017-1752 (IBM UrbanCode Deploy 6.1 and 6.2 could allow an authenticated ...)
+CVE-2017-1752
 	NOT-FOR-US: IBM UrbanCode Deploy
-CVE-2017-1751 (IBM Robotic Process Automation with Automation Anywhere 10.0.0 is ...)
+CVE-2017-1751
 	NOT-FOR-US: IBM Robotic Process Automation with Automation Anywhere
-CVE-2017-1750 (IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2017-1750
 	NOT-FOR-US: IBM Jazz Reporting Service
-CVE-2017-1749 (IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker ...)
+CVE-2017-1749
 	NOT-FOR-US: IBM UrbanCode Deploy
-CVE-2017-1748 (IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to ...)
+CVE-2017-1748
 	NOT-FOR-US: IBM
-CVE-2017-1747 (A specially crafted message could cause a denial of service in IBM ...)
+CVE-2017-1747
 	NOT-FOR-US: IBM
-CVE-2017-1746 (IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is ...)
+CVE-2017-1746
 	NOT-FOR-US: IBM Jazz for Service Management
 CVE-2017-1745
 	RESERVED
 CVE-2017-1744
 	RESERVED
-CVE-2017-1743 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
+CVE-2017-1743
 	NOT-FOR-US: IBM
 CVE-2017-1742
 	RESERVED
-CVE-2017-1741 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
+CVE-2017-1741
 	NOT-FOR-US: IBM
-CVE-2017-1740 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and ...)
+CVE-2017-1740
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2017-1739 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is ...)
+CVE-2017-1739
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2017-1738 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2017-1738
 	NOT-FOR-US: IBM
 CVE-2017-1737
 	RESERVED
@@ -46997,55 +46995,55 @@ CVE-2017-1736
 	RESERVED
 CVE-2017-1735
 	RESERVED
-CVE-2017-1734 (IBM Jazz Team Server affecting the following IBM Rational Products: ...)
+CVE-2017-1734
 	NOT-FOR-US: IBM
-CVE-2017-1733 (IBM QRadar 7.3 stores potentially sensitive information in log files ...)
+CVE-2017-1733
 	NOT-FOR-US: IBM
-CVE-2017-1732 (IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 does ...)
+CVE-2017-1732
 	NOT-FOR-US: IBM
-CVE-2017-1731 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide ...)
+CVE-2017-1731
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2017-1730
 	RESERVED
-CVE-2017-1729 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2017-1729
 	NOT-FOR-US: IBM
 CVE-2017-1728
 	RESERVED
-CVE-2017-1727 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive ...)
+CVE-2017-1727
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2017-1726
 	RESERVED
-CVE-2017-1725 (IBM Jazz Team Server affecting the following IBM Rational Products: ...)
+CVE-2017-1725
 	NOT-FOR-US: IBM
-CVE-2017-1724 (IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site ...)
+CVE-2017-1724
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1723 (IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to ...)
+CVE-2017-1723
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1722 (IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A ...)
+CVE-2017-1722
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1721 (IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated ...)
+CVE-2017-1721
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1720 (IBM Notes 8.5 and 9.0 could allow a local attacker to execute ...)
+CVE-2017-1720
 	NOT-FOR-US: IBM Notes
 CVE-2017-1719
 	RESERVED
 CVE-2017-1718
 	RESERVED
-CVE-2017-1717 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1717
 	NOT-FOR-US: IBM
-CVE-2017-1716 (IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose ...)
+CVE-2017-1716
 	NOT-FOR-US: IBM Tivoli Workload Scheduler
-CVE-2017-1715 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1715
 	NOT-FOR-US: IBM
-CVE-2017-1714 (IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated ...)
+CVE-2017-1714
 	NOT-FOR-US: IBM Notes and Domino NSD
 CVE-2017-1713
 	RESERVED
 CVE-2017-1712
 	RESERVED
-CVE-2017-1711 (IBM iNotes 8.5 and 9.0 SUService can be misguided into running ...)
+CVE-2017-1711
 	NOT-FOR-US: IBM iNotes
-CVE-2017-1710 (A vulnerability in the Service Assistant GUI in IBM Storwize V7000 ...)
+CVE-2017-1710
 	NOT-FOR-US: IBM
 CVE-2017-1709
 	RESERVED
@@ -47055,7 +47053,7 @@ CVE-2017-1707
 	RESERVED
 CVE-2017-1706
 	RESERVED
-CVE-2017-1705 (IBM Security Privileged Identity Manager 2.1.0 contains left-over, ...)
+CVE-2017-1705
 	NOT-FOR-US: IBM
 CVE-2017-1704
 	RESERVED
@@ -47063,33 +47061,33 @@ CVE-2017-1703
 	RESERVED
 CVE-2017-1702
 	RESERVED
-CVE-2017-1701 (IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, ...)
+CVE-2017-1701
 	NOT-FOR-US: IBM
-CVE-2017-1700 (IBM Jazz Team Server affecting the following IBM Rational Products: ...)
+CVE-2017-1700
 	NOT-FOR-US: IBM
-CVE-2017-1699 (IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure ...)
+CVE-2017-1699
 	NOT-FOR-US: IBM MQ Managed File Transfer Agent
-CVE-2017-1698 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive ...)
+CVE-2017-1698
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2017-1697
 	RESERVED
-CVE-2017-1696 (IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to ...)
+CVE-2017-1696
 	NOT-FOR-US: IBM QRadar
-CVE-2017-1695 (IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic ...)
+CVE-2017-1695
 	NOT-FOR-US: IBM
-CVE-2017-1694 (IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain ...)
+CVE-2017-1694
 	NOT-FOR-US: IBM Integration Bus
-CVE-2017-1693 (IBM Integration Bus 9.0 and 10.0 could allow an attacker that has ...)
+CVE-2017-1693
 	NOT-FOR-US: IBM Integration Bus
-CVE-2017-1692 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability ...)
+CVE-2017-1692
 	NOT-FOR-US: IBM AIX
-CVE-2017-1691 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1691
 	NOT-FOR-US: IBM
-CVE-2017-1690 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1690
 	NOT-FOR-US: IBM
-CVE-2017-1689 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site ...)
+CVE-2017-1689
 	NOT-FOR-US: IBM
-CVE-2017-1688 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site ...)
+CVE-2017-1688
 	NOT-FOR-US: IBM
 CVE-2017-1687
 	RESERVED
@@ -47099,19 +47097,19 @@ CVE-2017-1685
 	RESERVED
 CVE-2017-1684
 	RESERVED
-CVE-2017-1683 (IBM Connections Engagement Center 6.0 is vulnerable to cross-site ...)
+CVE-2017-1683
 	NOT-FOR-US: IBM Connections Engagement Center
-CVE-2017-1682 (IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 is vulnerable to ...)
+CVE-2017-1682
 	NOT-FOR-US: IBM Connections
-CVE-2017-1681 (IBM WebSphere Application Server (IBM Liberty for Java for Bluemix ...)
+CVE-2017-1681
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2017-1680
 	RESERVED
-CVE-2017-1679 (IBM OpenPages GRC Platform 7.2, 7.3, 7.4, and 8.0 could allow an ...)
+CVE-2017-1679
 	NOT-FOR-US: IBM
-CVE-2017-1678 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1678
 	NOT-FOR-US: IBM
-CVE-2017-1677 (IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and ...)
+CVE-2017-1677
 	NOT-FOR-US: IBM
 CVE-2017-1676
 	RESERVED
@@ -47119,25 +47117,25 @@ CVE-2017-1675
 	RESERVED
 CVE-2017-1674
 	RESERVED
-CVE-2017-1673 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to ...)
+CVE-2017-1673
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1672 (IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 is vulnerable to ...)
+CVE-2017-1672
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1671 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a ...)
+CVE-2017-1671
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1670 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to ...)
+CVE-2017-1670
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1669 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 stores sensitive ...)
+CVE-2017-1669
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1668 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a ...)
+CVE-2017-1668
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2017-1667
 	RESERVED
-CVE-2017-1666 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a ...)
+CVE-2017-1666
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1665 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than ...)
+CVE-2017-1665
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1664 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than ...)
+CVE-2017-1664
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2017-1663
 	RESERVED
@@ -47155,19 +47153,19 @@ CVE-2017-1657
 	RESERVED
 CVE-2017-1656
 	RESERVED
-CVE-2017-1655 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2017-1655
 	NOT-FOR-US: IBM
-CVE-2017-1654 (IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local ...)
+CVE-2017-1654
 	NOT-FOR-US: IBM
-CVE-2017-1653 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2017-1653
 	NOT-FOR-US: IBM Jazz Foundation
-CVE-2017-1652 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1652
 	NOT-FOR-US: IBM
-CVE-2017-1651 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1651
 	NOT-FOR-US: IBM
-CVE-2017-1650 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site ...)
+CVE-2017-1650
 	NOT-FOR-US: IBM
-CVE-2017-1649 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2017-1649
 	NOT-FOR-US: IBM
 CVE-2017-1648
 	RESERVED
@@ -47195,35 +47193,35 @@ CVE-2017-1637
 	RESERVED
 CVE-2017-1636
 	RESERVED
-CVE-2017-1635 (IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to ...)
+CVE-2017-1635
 	NOT-FOR-US: IBM Tivoli Monitoring
 CVE-2017-1634
 	RESERVED
-CVE-2017-1633 (IBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an ...)
+CVE-2017-1633
 	NOT-FOR-US: IBM
-CVE-2017-1632 (IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. ...)
+CVE-2017-1632
 	NOT-FOR-US: IBM Sterling File Gateway
-CVE-2017-1631 (IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is ...)
+CVE-2017-1631
 	NOT-FOR-US: IBM Jazz for Service Management
 CVE-2017-1630
 	RESERVED
-CVE-2017-1629 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2017-1629
 	NOT-FOR-US: IBM
-CVE-2017-1628 (IBM Business Process Manager 8.6.0.0 allows authenticated users to ...)
+CVE-2017-1628
 	NOT-FOR-US: IBM
 CVE-2017-1627
 	RESERVED
 CVE-2017-1626
 	RESERVED
-CVE-2017-1625 (IBM Pulse for QRadar 1.0.0 - 1.0.3 discloses sensitive information to ...)
+CVE-2017-1625
 	NOT-FOR-US: IBM
-CVE-2017-1624 (IBM QRadar 7.3 and 7.3.1 specifies permissions for a security-critical ...)
+CVE-2017-1624
 	NOT-FOR-US: IBM
-CVE-2017-1623 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1623
 	NOT-FOR-US: IBM QRadar
-CVE-2017-1622 (IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly ...)
+CVE-2017-1622
 	NOT-FOR-US: IBM
-CVE-2017-1621 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1621
 	NOT-FOR-US: IBM
 CVE-2017-1620
 	RESERVED
@@ -47239,51 +47237,51 @@ CVE-2017-1615
 	RESERVED
 CVE-2017-1614
 	RESERVED
-CVE-2017-1613 (IBM Connections 6.0 could allow an unauthenticated remote attacker to ...)
+CVE-2017-1613
 	NOT-FOR-US: IBM Connections
-CVE-2017-1612 (IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module ...)
+CVE-2017-1612
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2017-1611
 	RESERVED
 CVE-2017-1610
 	RESERVED
-CVE-2017-1609 (IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are ...)
+CVE-2017-1609
 	NOT-FOR-US: IBM
-CVE-2017-1608 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1608
 	NOT-FOR-US: IBM
-CVE-2017-1607 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site ...)
+CVE-2017-1607
 	NOT-FOR-US: IBM
-CVE-2017-1606 (IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) ...)
+CVE-2017-1606
 	NOT-FOR-US: IBM Financial Transaction Manager
 CVE-2017-1605
 	RESERVED
-CVE-2017-1604 (IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. ...)
+CVE-2017-1604
 	NOT-FOR-US: IBM Maximo Anywhere
 CVE-2017-1603
 	RESERVED
-CVE-2017-1602 (IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and ...)
+CVE-2017-1602
 	NOT-FOR-US: IBM
-CVE-2017-1601 (IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database ...)
+CVE-2017-1601
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1600 (IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to ...)
+CVE-2017-1600
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1599
 	RESERVED
-CVE-2017-1598 (IBM Security Guardium 10.0 Database Activity Monitor uses weaker than ...)
+CVE-2017-1598
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1597 (IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and ...)
+CVE-2017-1597
 	NOT-FOR-US: IBM
-CVE-2017-1596 (IBM Security Guardium 10.0 Database Activity Monitor could allow a ...)
+CVE-2017-1596
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1595 (IBM Security Guardium 10.0 Database Activity Monitor could allow a ...)
+CVE-2017-1595
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1594
 	RESERVED
-CVE-2017-1593 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1593
 	NOT-FOR-US: IBM
-CVE-2017-1592 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1592
 	NOT-FOR-US: IBM
-CVE-2017-1591 (IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to ...)
+CVE-2017-1591
 	NOT-FOR-US: IBM
 CVE-2017-1590
 	RESERVED
@@ -47299,7 +47297,7 @@ CVE-2017-1585
 	RESERVED
 CVE-2017-1584
 	RESERVED
-CVE-2017-1583 (IBM WebSphere Application Server (IBM Liberty for Java for Bluemix ...)
+CVE-2017-1583
 	NOT-FOR-US: IBM
 CVE-2017-1582
 	RESERVED
@@ -47311,11 +47309,11 @@ CVE-2017-1579
 	RESERVED
 CVE-2017-1578
 	RESERVED
-CVE-2017-1577 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote ...)
+CVE-2017-1577
 	NOT-FOR-US: IBM
 CVE-2017-1576
 	RESERVED
-CVE-2017-1575 (IBM Sterling B2B Integrator Standard Edition (IBM Sterling File ...)
+CVE-2017-1575
 	NOT-FOR-US: IBM
 CVE-2017-1574
 	RESERVED
@@ -47323,119 +47321,119 @@ CVE-2017-1573
 	RESERVED
 CVE-2017-1572
 	RESERVED
-CVE-2017-1571 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2017-1571
 	NOT-FOR-US: IBM
-CVE-2017-1570 (IBM Jazz Foundation products could allow an authenticated user to ...)
+CVE-2017-1570
 	NOT-FOR-US: IBM
-CVE-2017-1569 (IBM WebSphere Commerce 7.0 and 8.0 contains an unspecified ...)
+CVE-2017-1569
 	NOT-FOR-US: IBM
-CVE-2017-1568 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1568
 	NOT-FOR-US: IBM
-CVE-2017-1567 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site ...)
+CVE-2017-1567
 	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1566
 	RESERVED
-CVE-2017-1565 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1565
 	NOT-FOR-US: IBM
-CVE-2017-1564 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1564
 	NOT-FOR-US: IBM
-CVE-2017-1563 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site ...)
+CVE-2017-1563
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1562 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1562
 	NOT-FOR-US: IBM
-CVE-2017-1561 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1561
 	NOT-FOR-US: IBM
-CVE-2017-1560 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1560
 	NOT-FOR-US: IBM
-CVE-2017-1559 (Multiple IBM Rational products could disclose sensitive information by ...)
+CVE-2017-1559
 	NOT-FOR-US: IBM
-CVE-2017-1558 (IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker ...)
+CVE-2017-1558
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2017-1557 (IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user with ...)
+CVE-2017-1557
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2017-1556 (IBM API Connect 5.0.7.0 through 5.0.7.2 is vulnerable to a regular ...)
+CVE-2017-1556
 	NOT-FOR-US: IBM
-CVE-2017-1555 (IBM API Connect 5.0.0.0 through 5.0.7.2 could allow an authenticated ...)
+CVE-2017-1555
 	NOT-FOR-US: IBM
-CVE-2017-1554 (IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote ...)
+CVE-2017-1554
 	NOT-FOR-US: IBM
-CVE-2017-1553 (IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to cross-site ...)
+CVE-2017-1553
 	NOT-FOR-US: IBM
-CVE-2017-1552 (IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link ...)
+CVE-2017-1552
 	NOT-FOR-US: IBM
-CVE-2017-1551 (IBM API Connect 5.0.0.0 through 5.0.7.2 could allow a remote attacker ...)
+CVE-2017-1551
 	NOT-FOR-US: IBM
-CVE-2017-1550 (IBM Sterling File Gateway 2.2 could allow an authenticated user to ...)
+CVE-2017-1550
 	NOT-FOR-US: IBM Sterling File Gateway
-CVE-2017-1549 (IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. ...)
+CVE-2017-1549
 	NOT-FOR-US: IBM Sterling File Gateway
-CVE-2017-1548 (IBM Sterling File Gateway 2.2 could allow a remote attacker to ...)
+CVE-2017-1548
 	NOT-FOR-US: IBM Sterling File Gateway
 CVE-2017-1547
 	RESERVED
-CVE-2017-1546 (IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable ...)
+CVE-2017-1546
 	NOT-FOR-US: IBM DOORS Next Generation
-CVE-2017-1545 (IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical ...)
+CVE-2017-1545
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1544 (IBM Sterling B2B Integrator Standard Edition (IBM Sterling File ...)
+CVE-2017-1544
 	NOT-FOR-US: IBM
 CVE-2017-1543
 	RESERVED
 CVE-2017-1542
 	RESERVED
-CVE-2017-1541 (A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep ...)
+CVE-2017-1541
 	NOT-FOR-US: IBM
-CVE-2017-1540 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site ...)
+CVE-2017-1540
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1539 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to ...)
+CVE-2017-1539
 	NOT-FOR-US: IBM
-CVE-2017-1538 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
+CVE-2017-1538
 	NOT-FOR-US: IBM
 CVE-2017-1537
 	RESERVED
-CVE-2017-1536 (IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 ...)
+CVE-2017-1536
 	NOT-FOR-US: IBM Support Tools for Lotus WCM
-CVE-2017-1535 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1535
 	NOT-FOR-US: IBM
-CVE-2017-1534 (IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a ...)
+CVE-2017-1534
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1533 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to ...)
+CVE-2017-1533
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1532 (IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1532
 	NOT-FOR-US: IBM DOORS
-CVE-2017-1531 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to ...)
+CVE-2017-1531
 	NOT-FOR-US: IBM
-CVE-2017-1530 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to ...)
+CVE-2017-1530
 	NOT-FOR-US: IBM
 CVE-2017-1529
 	RESERVED
 CVE-2017-1528
 	RESERVED
-CVE-2017-1527 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to a XML ...)
+CVE-2017-1527
 	NOT-FOR-US: IBM
 CVE-2017-1526
 	RESERVED
 CVE-2017-1525
 	RESERVED
-CVE-2017-1524 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2017-1524
 	NOT-FOR-US: IBM
-CVE-2017-1523 (IBM InfoSphere Master Data Management - Collaborative Edition 11.5 ...)
+CVE-2017-1523
 	NOT-FOR-US: IBM
-CVE-2017-1522 (IBM Content Navigator &amp; CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to ...)
+CVE-2017-1522
 	NOT-FOR-US: IBM
-CVE-2017-1521 (IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and ...)
+CVE-2017-1521
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1520 (IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized ...)
+CVE-2017-1520
 	NOT-FOR-US: IBM
-CVE-2017-1519 (IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A ...)
+CVE-2017-1519
 	NOT-FOR-US: IBM
 CVE-2017-1518
 	RESERVED
 CVE-2017-1517
 	RESERVED
-CVE-2017-1516 (IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to ...)
+CVE-2017-1516
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1515 (IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to ...)
+CVE-2017-1515
 	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1514
 	RESERVED
@@ -47447,79 +47445,79 @@ CVE-2017-1511
 	RESERVED
 CVE-2017-1510
 	RESERVED
-CVE-2017-1509 (IBM Jazz Foundation products could allow an authenticated user to ...)
+CVE-2017-1509
 	NOT-FOR-US: IBM
-CVE-2017-1508 (IBM Informix Dynamic Server 12.1 could allow a local user logged in ...)
+CVE-2017-1508
 	NOT-FOR-US: IBM
-CVE-2017-1507 (IBM Jazz Foundation Products could disclose sensitive information ...)
+CVE-2017-1507
 	NOT-FOR-US: IBM Jazz Foundation Products
-CVE-2017-1506 (IBM Cognos TM1 10.2 and 10.2.2 is vulnerable to cross-site scripting. ...)
+CVE-2017-1506
 	NOT-FOR-US: IBM Cognos TM1
 CVE-2017-1505
 	RESERVED
-CVE-2017-1504 (IBM WebSphere Application Server version 9.0.0.4 could provide weaker ...)
+CVE-2017-1504
 	NOT-FOR-US: IBM
-CVE-2017-1503 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
+CVE-2017-1503
 	NOT-FOR-US: IBM
-CVE-2017-1502 (IBM Content Navigator &amp; CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to ...)
+CVE-2017-1502
 	NOT-FOR-US: IBM
-CVE-2017-1501 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide ...)
+CVE-2017-1501
 	NOT-FOR-US: IBM
-CVE-2017-1500 (A Reflected Cross Site Scripting (XSS) vulnerability exists in the ...)
+CVE-2017-1500
 	NOT-FOR-US: IBM
-CVE-2017-1499 (IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker ...)
+CVE-2017-1499
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2017-1498 (IBM Connections 5.5 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1498
 	NOT-FOR-US: IBM
-CVE-2017-1497 (IBM Sterling File Gateway 2.2 could allow an unauthorized user to view ...)
+CVE-2017-1497
 	NOT-FOR-US: IBM
-CVE-2017-1496 (IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to ...)
+CVE-2017-1496
 	NOT-FOR-US: IBM
-CVE-2017-1495 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a ...)
+CVE-2017-1495
 	NOT-FOR-US: IBM
-CVE-2017-1494 (IBM Business Process Manager 8.5 is vulnerable to cross-site ...)
+CVE-2017-1494
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2017-1493 (IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated ...)
+CVE-2017-1493
 	NOT-FOR-US: IBM UrbanCode Deploy
 CVE-2017-1492
 	RESERVED
-CVE-2017-1491 (IBM QRadar Network Security 5.4 supports interaction between multiple ...)
+CVE-2017-1491
 	NOT-FOR-US: IBM
-CVE-2017-1490 (An unspecified vulnerability in the Lifecycle Query Engine of Jazz ...)
+CVE-2017-1490
 	NOT-FOR-US: IBM
-CVE-2017-1489 (IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community ...)
+CVE-2017-1489
 	NOT-FOR-US: IBM
-CVE-2017-1488 (An undisclosed vulnerability in Jazz common products exists with ...)
+CVE-2017-1488
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-1487 (IBM Sterling File Gateway 2.2 could allow an authenticated attacker to ...)
+CVE-2017-1487
 	NOT-FOR-US: IBM
-CVE-2017-1486 (IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2 is ...)
+CVE-2017-1486
 	NOT-FOR-US: IBM
-CVE-2017-1485 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1485
 	NOT-FOR-US: IBM
-CVE-2017-1484 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
+CVE-2017-1484
 	NOT-FOR-US: IBM
-CVE-2017-1483 (IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an ...)
+CVE-2017-1483
 	NOT-FOR-US: IBM
-CVE-2017-1482 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to ...)
+CVE-2017-1482
 	NOT-FOR-US: IBM
-CVE-2017-1481 (IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view ...)
+CVE-2017-1481
 	NOT-FOR-US: IBM
-CVE-2017-1480 (IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 ...)
+CVE-2017-1480
 	NOT-FOR-US: IBM Security Access Manager Appliance
 CVE-2017-1479
 	RESERVED
-CVE-2017-1478 (IBM Security Access Manager Appliance 9.0.0 allows web pages to be ...)
+CVE-2017-1478
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1477 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML ...)
+CVE-2017-1477
 	NOT-FOR-US: IBM
-CVE-2017-1476 (IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, ...)
+CVE-2017-1476
 	NOT-FOR-US: IBM Security Access Manager Appliance
 CVE-2017-1475
 	RESERVED
-CVE-2017-1474 (IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, ...)
+CVE-2017-1474
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1473 (IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 ...)
+CVE-2017-1473
 	NOT-FOR-US: IBM
 CVE-2017-1472
 	RESERVED
@@ -47527,31 +47525,31 @@ CVE-2017-1471
 	RESERVED
 CVE-2017-1470
 	RESERVED
-CVE-2017-1469 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a ...)
+CVE-2017-1469
 	NOT-FOR-US: IBM
-CVE-2017-1468 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a ...)
+CVE-2017-1468
 	NOT-FOR-US: IBM
-CVE-2017-1467 (A network layer security vulnerability in InfoSphere Information ...)
+CVE-2017-1467
 	NOT-FOR-US: IBM
 CVE-2017-1466
 	RESERVED
-CVE-2017-1465 (IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to ...)
+CVE-2017-1465
 	NOT-FOR-US: IBM
 CVE-2017-1464
 	RESERVED
 CVE-2017-1463
 	RESERVED
-CVE-2017-1462 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. ...)
+CVE-2017-1462
 	NOT-FOR-US: IBM Rhapsody DM
-CVE-2017-1461 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1461
 	NOT-FOR-US: IBM
-CVE-2017-1460 (IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router ...)
+CVE-2017-1460
 	NOT-FOR-US: IBM
-CVE-2017-1459 (IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies ...)
+CVE-2017-1459
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1458 (IBM QRadar Network Security 5.4 is vulnerable to a XML External Entity ...)
+CVE-2017-1458
 	NOT-FOR-US: IBM
-CVE-2017-1457 (IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. ...)
+CVE-2017-1457
 	NOT-FOR-US: IBM
 CVE-2017-1456
 	RESERVED
@@ -47559,37 +47557,37 @@ CVE-2017-1455
 	RESERVED
 CVE-2017-1454
 	RESERVED
-CVE-2017-1453 (IBM Security Access Manager Appliance 9.0.3 could allow a remote ...)
+CVE-2017-1453
 	NOT-FOR-US: IBM
-CVE-2017-1452 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 ...)
+CVE-2017-1452
 	NOT-FOR-US: IBM
-CVE-2017-1451 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 ...)
+CVE-2017-1451
 	NOT-FOR-US: IBM
-CVE-2017-1450 (IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to ...)
+CVE-2017-1450
 	NOT-FOR-US: IBM
-CVE-2017-1449 (IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to ...)
+CVE-2017-1449
 	NOT-FOR-US: IBM
-CVE-2017-1448 (IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could ...)
+CVE-2017-1448
 	NOT-FOR-US: IBM
-CVE-2017-1447 (IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site ...)
+CVE-2017-1447
 	NOT-FOR-US: IBM
-CVE-2017-1446 (IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to ...)
+CVE-2017-1446
 	NOT-FOR-US: IBM
-CVE-2017-1445 (IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to ...)
+CVE-2017-1445
 	NOT-FOR-US: IBM
-CVE-2017-1444 (IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site ...)
+CVE-2017-1444
 	NOT-FOR-US: IBM
-CVE-2017-1443 (IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site ...)
+CVE-2017-1443
 	NOT-FOR-US: IBM
-CVE-2017-1442 (IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site ...)
+CVE-2017-1442
 	NOT-FOR-US: IBM
-CVE-2017-1441 (IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to ...)
+CVE-2017-1441
 	NOT-FOR-US: IBM
-CVE-2017-1440 (IBM Emptoris Services Procurement 10.0.0.5 could allow a remote ...)
+CVE-2017-1440
 	NOT-FOR-US: IBM
-CVE-2017-1439 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 ...)
+CVE-2017-1439
 	NOT-FOR-US: IBM
-CVE-2017-1438 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 ...)
+CVE-2017-1438
 	NOT-FOR-US: IBM
 CVE-2017-1437
 	RESERVED
@@ -47597,39 +47595,39 @@ CVE-2017-1436
 	RESERVED
 CVE-2017-1435
 	RESERVED
-CVE-2017-1434 (IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) ...)
+CVE-2017-1434
 	NOT-FOR-US: IBM
-CVE-2017-1433 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow an authenticated user ...)
+CVE-2017-1433
 	NOT-FOR-US: IBM
 CVE-2017-1432
 	RESERVED
-CVE-2017-1431 (IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site ...)
+CVE-2017-1431
 	NOT-FOR-US: IBM
 CVE-2017-1430
 	RESERVED
-CVE-2017-1429 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1429
 	NOT-FOR-US: IBM
-CVE-2017-1428 (IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the ...)
+CVE-2017-1428
 	NOT-FOR-US: IBM
-CVE-2017-1427 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1427
 	NOT-FOR-US: IBM
 CVE-2017-1426
 	RESERVED
-CVE-2017-1425 (IBM Business Process Manager 8.0.1.1 and 8.5.7 is vulnerable to ...)
+CVE-2017-1425
 	NOT-FOR-US: IBM
-CVE-2017-1424 (IBM Business Process Manager 8.5.7 is vulnerable to cross-site ...)
+CVE-2017-1424
 	NOT-FOR-US: IBM
-CVE-2017-1423 (IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are ...)
+CVE-2017-1423
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2017-1422 (IBM MaaS360 DTM all versions up to 3.81 does not perform proper ...)
+CVE-2017-1422
 	NOT-FOR-US: IBM
-CVE-2017-1421 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
+CVE-2017-1421
 	NOT-FOR-US: IBM iNotes
 CVE-2017-1420
 	RESERVED
 CVE-2017-1419
 	RESERVED
-CVE-2017-1418 (IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 ...)
+CVE-2017-1418
 	NOT-FOR-US: IBM
 CVE-2017-1417
 	RESERVED
@@ -47641,21 +47639,21 @@ CVE-2017-1414
 	RESERVED
 CVE-2017-1413
 	RESERVED
-CVE-2017-1412 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
+CVE-2017-1412
 	NOT-FOR-US: IBM
-CVE-2017-1411 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
+CVE-2017-1411
 	NOT-FOR-US: IBM
 CVE-2017-1410
 	RESERVED
-CVE-2017-1409 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
+CVE-2017-1409
 	NOT-FOR-US: IBM
 CVE-2017-1408
 	RESERVED
-CVE-2017-1407 (IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could ...)
+CVE-2017-1407
 	NOT-FOR-US: IBM
 CVE-2017-1406
 	RESERVED
-CVE-2017-1405 (IBM Security Identity Manager Virtual Appliance 7.0 processes patches, ...)
+CVE-2017-1405
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
 CVE-2017-1404
 	RESERVED
@@ -47669,13 +47667,13 @@ CVE-2017-1400
 	RESERVED
 CVE-2017-1399
 	RESERVED
-CVE-2017-1398 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
+CVE-2017-1398
 	NOT-FOR-US: IBM
 CVE-2017-1397
 	RESERVED
-CVE-2017-1396 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
+CVE-2017-1396
 	NOT-FOR-US: IBM
-CVE-2017-1395 (IBM Security Identity Governance and Intelligence Virtual Appliance ...)
+CVE-2017-1395
 	NOT-FOR-US: IBM
 CVE-2017-1394
 	RESERVED
@@ -47693,401 +47691,401 @@ CVE-2017-1388
 	RESERVED
 CVE-2017-1387
 	RESERVED
-CVE-2017-1386 (IBM API Connect 5.0.0.0 could allow a user to bypass policy ...)
+CVE-2017-1386
 	NOT-FOR-US: IBM
 CVE-2017-1385
 	RESERVED
 CVE-2017-1384
 	RESERVED
-CVE-2017-1383 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to ...)
+CVE-2017-1383
 	NOT-FOR-US: IBM
-CVE-2017-1382 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create ...)
+CVE-2017-1382
 	NOT-FOR-US: IBM
-CVE-2017-1381 (IBM WebSphere Application Server Proxy Server or On-demand-router ...)
+CVE-2017-1381
 	NOT-FOR-US: IBM
-CVE-2017-1380 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
+CVE-2017-1380
 	NOT-FOR-US: IBM
-CVE-2017-1379 (IBM API Connect 5.0.0.0 could allow a remote attacker to obtain ...)
+CVE-2017-1379
 	NOT-FOR-US: IBM
-CVE-2017-1378 (IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) ...)
+CVE-2017-1378
 	NOT-FOR-US: IBM
-CVE-2017-1377 (IBM Runbook Automation reveals sensitive information in error messages ...)
+CVE-2017-1377
 	NOT-FOR-US: IBM
-CVE-2017-1376 (A flaw in the IBM J9 VM class verifier allows untrusted code to ...)
+CVE-2017-1376
 	NOT-FOR-US: IBM JDK
-CVE-2017-1375 (IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses ...)
+CVE-2017-1375
 	NOT-FOR-US: IBM
-CVE-2017-1374 (Sensitive data can be exposed in the IBM TRIRIGA Application Platform ...)
+CVE-2017-1374
 	NOT-FOR-US: IBM
-CVE-2017-1373 (Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and ...)
+CVE-2017-1373
 	NOT-FOR-US: IBM
-CVE-2017-1372 (IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to ...)
+CVE-2017-1372
 	NOT-FOR-US: IBM
-CVE-2017-1371 (Builder tools running in the IBM TRIRIGA Application Platform 3.3, ...)
+CVE-2017-1371
 	NOT-FOR-US: IBM
-CVE-2017-1370 (IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive ...)
+CVE-2017-1370
 	NOT-FOR-US: IBM
-CVE-2017-1369 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1369
 	NOT-FOR-US: IBM
-CVE-2017-1368 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
+CVE-2017-1368
 	NOT-FOR-US: IBM
-CVE-2017-1367 (IBM Security Identity Governance and Intelligence Virtual Appliance ...)
+CVE-2017-1367
 	NOT-FOR-US: IBM
-CVE-2017-1366 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
+CVE-2017-1366
 	NOT-FOR-US: IBM
-CVE-2017-1365 (IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1365
 	NOT-FOR-US: IBM Team Concert
-CVE-2017-1364 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1364
 	NOT-FOR-US: IBM
-CVE-2017-1363 (IBM Team Concert (RTC) is vulnerable to cross-site scripting. This ...)
+CVE-2017-1363
 	NOT-FOR-US: IBM
-CVE-2017-1362 (IBM Security Identity Manager Adapters 6.0 and 7.0 stores user ...)
+CVE-2017-1362
 	NOT-FOR-US: IBM
 CVE-2017-1361
 	RESERVED
 CVE-2017-1360
 	RESERVED
-CVE-2017-1359 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1359
 	NOT-FOR-US: IBM
 CVE-2017-1358
 	RESERVED
-CVE-2017-1357 (IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated ...)
+CVE-2017-1357
 	NOT-FOR-US: IBM
-CVE-2017-1356 (IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL ...)
+CVE-2017-1356
 	NOT-FOR-US: IBM
-CVE-2017-1355 (IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive ...)
+CVE-2017-1355
 	NOT-FOR-US: IBM
-CVE-2017-1354 (IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to ...)
+CVE-2017-1354
 	NOT-FOR-US: IBM
-CVE-2017-1353 (IBM Atlas eDiscovery Process Management 6.0.3 could allow an ...)
+CVE-2017-1353
 	NOT-FOR-US: IBM
-CVE-2017-1352 (IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated ...)
+CVE-2017-1352
 	NOT-FOR-US: IBM
 CVE-2017-1351
 	RESERVED
-CVE-2017-1350 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could ...)
+CVE-2017-1350
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2017-1349 (IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially ...)
+CVE-2017-1349
 	NOT-FOR-US: IBM
-CVE-2017-1348 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to ...)
+CVE-2017-1348
 	NOT-FOR-US: IBM
-CVE-2017-1347 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL ...)
+CVE-2017-1347
 	NOT-FOR-US: IBM
-CVE-2017-1346 (IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores ...)
+CVE-2017-1346
 	NOT-FOR-US: IBM
-CVE-2017-1345 (IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site ...)
+CVE-2017-1345
 	NOT-FOR-US: IBM
 CVE-2017-1344
 	RESERVED
 CVE-2017-1343
 	RESERVED
-CVE-2017-1342 (IBM Insights Foundation for Energy 2.0 could reveal sensitive ...)
+CVE-2017-1342
 	NOT-FOR-US: IBM
-CVE-2017-1341 (IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, ...)
+CVE-2017-1341
 	NOT-FOR-US: IBM
-CVE-2017-1340 (IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated ...)
+CVE-2017-1340
 	NOT-FOR-US: IBM
-CVE-2017-1339 (IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) ...)
+CVE-2017-1339
 	NOT-FOR-US: IBM
-CVE-2017-1338 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1338
 	NOT-FOR-US: IBM
-CVE-2017-1337 (IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly ...)
+CVE-2017-1337
 	NOT-FOR-US: IBM
-CVE-2017-1336 (IBM Infosphere BigInsights 4.2.0 could allow an attacker to inject ...)
+CVE-2017-1336
 	NOT-FOR-US: IBM
-CVE-2017-1335 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1335
 	NOT-FOR-US: IBM
-CVE-2017-1334 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1334
 	NOT-FOR-US: IBM
-CVE-2017-1333 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an ...)
+CVE-2017-1333
 	NOT-FOR-US: IBM
-CVE-2017-1332 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1332
 	NOT-FOR-US: IBM
-CVE-2017-1331 (IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site ...)
+CVE-2017-1331
 	NOT-FOR-US: IBM
 CVE-2017-1330
 	RESERVED
-CVE-2017-1329 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable ...)
+CVE-2017-1329
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1328 (IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to ...)
+CVE-2017-1328
 	NOT-FOR-US: IBM
-CVE-2017-1327 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1327
 	NOT-FOR-US: IBM
-CVE-2017-1326 (IBM Sterling File Gateway does not properly restrict user requests ...)
+CVE-2017-1326
 	NOT-FOR-US: IBM
-CVE-2017-1325 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1325
 	NOT-FOR-US: IBM
-CVE-2017-1324 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1324
 	NOT-FOR-US: IBM
 CVE-2017-1323
 	RESERVED
-CVE-2017-1322 (IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity ...)
+CVE-2017-1322
 	NOT-FOR-US: IBM
-CVE-2017-1321 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to ...)
+CVE-2017-1321
 	NOT-FOR-US: IBM
-CVE-2017-1320 (IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site ...)
+CVE-2017-1320
 	NOT-FOR-US: IBM
-CVE-2017-1319 (IBM Tivoli Federated Identity Manager 6.2 is affected by a ...)
+CVE-2017-1319
 	NOT-FOR-US: IBM
-CVE-2017-1318 (IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging ...)
+CVE-2017-1318
 	NOT-FOR-US: IBM
-CVE-2017-1317 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1317
 	NOT-FOR-US: IBM
-CVE-2017-1316 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1316
 	NOT-FOR-US: IBM
-CVE-2017-1315 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1315
 	NOT-FOR-US: IBM
-CVE-2017-1314 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1314
 	NOT-FOR-US: IBM
-CVE-2017-1313 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1313
 	NOT-FOR-US: IBM
-CVE-2017-1312 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1312
 	NOT-FOR-US: IBM
-CVE-2017-1311 (IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. ...)
+CVE-2017-1311
 	NOT-FOR-US: IBM
-CVE-2017-1310 (IBM Informix Dynamic Server 12.1 could allow an authenticated user to ...)
+CVE-2017-1310
 	NOT-FOR-US: IBM
-CVE-2017-1309 (IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user ...)
+CVE-2017-1309
 	NOT-FOR-US: IBM
-CVE-2017-1308 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0 ...)
+CVE-2017-1308
 	NOT-FOR-US: IBM
 CVE-2017-1307
 	RESERVED
-CVE-2017-1306 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1306
 	NOT-FOR-US: IBM
-CVE-2017-1305 (IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to ...)
+CVE-2017-1305
 	NOT-FOR-US: IBM
-CVE-2017-1304 (IBM has identified a vulnerability with IBM Spectrum Scale/GPFS ...)
+CVE-2017-1304
 	NOT-FOR-US: IBM
-CVE-2017-1303 (IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is ...)
+CVE-2017-1303
 	NOT-FOR-US: IBM
-CVE-2017-1302 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local ...)
+CVE-2017-1302
 	NOT-FOR-US: IBM
-CVE-2017-1301 (IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to ...)
+CVE-2017-1301
 	NOT-FOR-US: IBM
-CVE-2017-1300 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to ...)
+CVE-2017-1300
 	NOT-FOR-US: IBM
-CVE-2017-1299 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1299
 	NOT-FOR-US: IBM
 CVE-2017-1298
 	REJECTED
-CVE-2017-1297 (IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 ...)
+CVE-2017-1297
 	NOT-FOR-US: IBM
 CVE-2017-1296
 	RESERVED
-CVE-2017-1295 (IBM RSA DM contains unspecified vulnerability in CLM Applications with ...)
+CVE-2017-1295
 	NOT-FOR-US: IBM
-CVE-2017-1294 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1294
 	NOT-FOR-US: IBM
-CVE-2017-1293 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1293
 	NOT-FOR-US: IBM
-CVE-2017-1292 (IBM Maximo Asset Management 7.5 and 7.6 generates error messages that ...)
+CVE-2017-1292
 	NOT-FOR-US: IBM
-CVE-2017-1291 (IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to HTTP response ...)
+CVE-2017-1291
 	NOT-FOR-US: IBM
-CVE-2017-1290 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to ...)
+CVE-2017-1290
 	NOT-FOR-US: IBM
-CVE-2017-1289 (IBM SDK, Java Technology Edition is vulnerable XML External Entity ...)
+CVE-2017-1289
 	NOT-FOR-US: IBM JDK
 CVE-2017-1288
 	RESERVED
-CVE-2017-1287 (IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct ...)
+CVE-2017-1287
 	NOT-FOR-US: IBM
-CVE-2017-1286 (Sensitive information about the configuration of the IBM UrbanCode ...)
+CVE-2017-1286
 	NOT-FOR-US: IBM UrbanCode Deploy
-CVE-2017-1285 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user ...)
+CVE-2017-1285
 	NOT-FOR-US: IBM
-CVE-2017-1284 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability ...)
+CVE-2017-1284
 	NOT-FOR-US: IBM
-CVE-2017-1283 (IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to ...)
+CVE-2017-1283
 	NOT-FOR-US: IBM
-CVE-2017-1282 (IBM Content Navigator &amp; CMIS 2.0 and 3.0 is vulnerable to cross-site ...)
+CVE-2017-1282
 	NOT-FOR-US: IBM
-CVE-2017-1281 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1281
 	NOT-FOR-US: IBM
-CVE-2017-1280 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1280
 	NOT-FOR-US: IBM
-CVE-2017-1279 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a ...)
+CVE-2017-1279
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2017-1278 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
+CVE-2017-1278
 	NOT-FOR-US: IBM
-CVE-2017-1277 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1277
 	NOT-FOR-US: IBM
-CVE-2017-1276 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
+CVE-2017-1276
 	NOT-FOR-US: IBM
-CVE-2017-1275 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1275
 	NOT-FOR-US: IBM
-CVE-2017-1274 (IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in ...)
+CVE-2017-1274
 	NOT-FOR-US: IBM
 CVE-2017-1273
 	RESERVED
-CVE-2017-1272 (IBM Security Guardium 10.0 and 10.5 stores sensitive information in ...)
+CVE-2017-1272
 	NOT-FOR-US: IBM
-CVE-2017-1271 (IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between ...)
+CVE-2017-1271
 	NOT-FOR-US: IBM
-CVE-2017-1270 (IBM Security Guardium 10.0 does not renew a session variable after a ...)
+CVE-2017-1270
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1269 (IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A ...)
+CVE-2017-1269
 	NOT-FOR-US: IBM
-CVE-2017-1268 (IBM Security Guardium 10 and 10.5 uses a one-way cryptographic hash ...)
+CVE-2017-1268
 	NOT-FOR-US: IBM
-CVE-2017-1267 (IBM Security Guardium 10.0 and 10.1 processes patches, image backups ...)
+CVE-2017-1267
 	NOT-FOR-US: IBM
-CVE-2017-1266 (IBM Security Guardium 10.0 specifies permissions for a ...)
+CVE-2017-1266
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1265 (IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and ...)
+CVE-2017-1265
 	NOT-FOR-US: IBM
-CVE-2017-1264 (IBM Security Guardium 10.0 does not prove or insufficiently proves ...)
+CVE-2017-1264
 	NOT-FOR-US: IBM
 CVE-2017-1263
 	RESERVED
-CVE-2017-1262 (IBM Security Guardium 10.0 is vulnerable to HTTP response splitting ...)
+CVE-2017-1262
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1261 (IBM Security Guardium 10.0 stores potentially sensitive information in ...)
+CVE-2017-1261
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1260
 	RESERVED
 CVE-2017-1259
 	RESERVED
-CVE-2017-1258 (IBM Security Guardium 10.0 and 10.1 does not perform an authentication ...)
+CVE-2017-1258
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1257 (IBM Security Guardium 10.0 discloses sensitive information to ...)
+CVE-2017-1257
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1256 (IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site ...)
+CVE-2017-1256
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1255 (IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses ...)
+CVE-2017-1255
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1254 (IBM Security Guardium 10.0 is vulnerable to a XML External Entity ...)
+CVE-2017-1254
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1253 (IBM Security Guardium 10.0 could allow a remote authenticated attacker ...)
+CVE-2017-1253
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1252
 	RESERVED
-CVE-2017-1251 (An undisclosed vulnerability in CLM applications may result in some ...)
+CVE-2017-1251
 	NOT-FOR-US: IBM
-CVE-2017-1250 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle ...)
+CVE-2017-1250
 	NOT-FOR-US: IBM
-CVE-2017-1249 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. ...)
+CVE-2017-1249
 	NOT-FOR-US: IBM
-CVE-2017-1248 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable ...)
+CVE-2017-1248
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1247 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
+CVE-2017-1247
 	NOT-FOR-US: IBM
 CVE-2017-1246
 	RESERVED
-CVE-2017-1245 (IBM Rational Software Architect Design Manager 5.0 and 6.0 is ...)
+CVE-2017-1245
 	NOT-FOR-US: IBM
 CVE-2017-1244
 	RESERVED
 CVE-2017-1243
 	RESERVED
-CVE-2017-1242 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable ...)
+CVE-2017-1242
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1241 (An unspecified vulnerability in IBM Jazz Foundation based applications ...)
+CVE-2017-1241
 	NOT-FOR-US: IBM
-CVE-2017-1240 (IBM Rhapsody DM products could reveal sensitive information in HTTP ...)
+CVE-2017-1240
 	NOT-FOR-US: IBM
-CVE-2017-1239 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal ...)
+CVE-2017-1239
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1238 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable ...)
+CVE-2017-1238
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1237 (IBM Jazz based applications are vulnerable to cross-site scripting. ...)
+CVE-2017-1237
 	NOT-FOR-US: IBM
-CVE-2017-1236 (IBM WebSphere MQ 9.0.2 could allow an authenticated user to ...)
+CVE-2017-1236
 	NOT-FOR-US: IBM
-CVE-2017-1235 (IBM WebSphere MQ 8.0 could allow an authenticated user to cause a ...)
+CVE-2017-1235
 	NOT-FOR-US: IBM
-CVE-2017-1234 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1234
 	NOT-FOR-US: IBM
-CVE-2017-1233 (IBM Remote Control v9 could allow a local user to use the component to ...)
+CVE-2017-1233
 	NOT-FOR-US: IBM Remote Control
-CVE-2017-1232 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) ...)
+CVE-2017-1232
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1231 (IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in ...)
+CVE-2017-1231
 	NOT-FOR-US: IBM
-CVE-2017-1230 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses ...)
+CVE-2017-1230
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1229 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a ...)
+CVE-2017-1229
 	NOT-FOR-US: IBM
-CVE-2017-1228 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could ...)
+CVE-2017-1228
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1227 (IBM Tivoli Endpoint Manager could allow a unauthorized user to consume ...)
+CVE-2017-1227
 	NOT-FOR-US: IBM
-CVE-2017-1226 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) ...)
+CVE-2017-1226
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1225 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) stores ...)
+CVE-2017-1225
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1224 (IBM Tivoli Endpoint Manager uses weaker than expected cryptographic ...)
+CVE-2017-1224
 	NOT-FOR-US: IBM
-CVE-2017-1223 (IBM Tivoli Endpoint Manager could allow a remote attacker to conduct ...)
+CVE-2017-1223
 	NOT-FOR-US: IBM
-CVE-2017-1222 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) does not ...)
+CVE-2017-1222
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1221 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require ...)
+CVE-2017-1221
 	NOT-FOR-US: IBM
-CVE-2017-1220 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) ...)
+CVE-2017-1220
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1219 (IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity ...)
+CVE-2017-1219
 	NOT-FOR-US: IBM
-CVE-2017-1218 (IBM Tivoli Endpoint Manager is vulnerable to cross-site request ...)
+CVE-2017-1218
 	NOT-FOR-US: IBM
-CVE-2017-1217 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site ...)
+CVE-2017-1217
 	NOT-FOR-US: IBM
 CVE-2017-1216
 	RESERVED
 CVE-2017-1215
 	RESERVED
-CVE-2017-1214 (IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a ...)
+CVE-2017-1214
 	NOT-FOR-US: IBM
 CVE-2017-1213
 	RESERVED
-CVE-2017-1212 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0.2 ...)
+CVE-2017-1212
 	NOT-FOR-US: IBM
-CVE-2017-1211 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0.2 ...)
+CVE-2017-1211
 	NOT-FOR-US: IBM
-CVE-2017-1210 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0.2 ...)
+CVE-2017-1210
 	NOT-FOR-US: IBM
-CVE-2017-1209 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0.2 ...)
+CVE-2017-1209
 	NOT-FOR-US: IBM
-CVE-2017-1208 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to ...)
+CVE-2017-1208
 	NOT-FOR-US: IBM
-CVE-2017-1207 (IBM WebSphere Message Broker stores user credentials in plain in clear ...)
+CVE-2017-1207
 	NOT-FOR-US: IBM
 CVE-2017-1206
 	RESERVED
-CVE-2017-1205 (IBM Platform LSF 10.1 contains an unspecified vulnerability that could ...)
+CVE-2017-1205
 	NOT-FOR-US: IBM
-CVE-2017-1204 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains ...)
+CVE-2017-1204
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2017-1203 (IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and ...)
+CVE-2017-1203
 	NOT-FOR-US: IBM
-CVE-2017-1202 (IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is ...)
+CVE-2017-1202
 	NOT-FOR-US: IBM
-CVE-2017-1201 (IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores ...)
+CVE-2017-1201
 	NOT-FOR-US: IBM
-CVE-2017-1200 (IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) does not ...)
+CVE-2017-1200
 	NOT-FOR-US: IBM
-CVE-2017-1199 (IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, ...)
+CVE-2017-1199
 	NOT-FOR-US: IBM
-CVE-2017-1198 (IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores ...)
+CVE-2017-1198
 	NOT-FOR-US: IBM
-CVE-2017-1197 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account ...)
+CVE-2017-1197
 	NOT-FOR-US: IBM
-CVE-2017-1196 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require ...)
+CVE-2017-1196
 	NOT-FOR-US: IBM
-CVE-2017-1195 (IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow ...)
+CVE-2017-1195
 	NOT-FOR-US: IBM
-CVE-2017-1194 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
+CVE-2017-1194
 	NOT-FOR-US: IBM
-CVE-2017-1193 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to ...)
+CVE-2017-1193
 	NOT-FOR-US: IBM
-CVE-2017-1192 (IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External ...)
+CVE-2017-1192
 	NOT-FOR-US: IBM
-CVE-2017-1191 (An undisclosed vulnerability in CLM applications (including IBM ...)
+CVE-2017-1191
 	NOT-FOR-US: IBM Rational Collaborative Lifecycle Management
-CVE-2017-1190 (IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could ...)
+CVE-2017-1190
 	NOT-FOR-US: IBM
-CVE-2017-1189 (IBM WebSphere Portal and Web Content Manager 6.1, 7.0, and 8.0 is ...)
+CVE-2017-1189
 	NOT-FOR-US: IBM
 CVE-2017-1188
 	RESERVED
@@ -48099,37 +48097,37 @@ CVE-2017-1185
 	RESERVED
 CVE-2017-1184
 	RESERVED
-CVE-2017-1183 (IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) ...)
+CVE-2017-1183
 	NOT-FOR-US: IBM
-CVE-2017-1182 (IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) ...)
+CVE-2017-1182
 	NOT-FOR-US: Oracle Primavera
-CVE-2017-1181 (IBM Tivoli Monitoring Portal V6 client could allow a local attacker to ...)
+CVE-2017-1181
 	NOT-FOR-US: IBM
-CVE-2017-1180 (The IBM TRIRIGA Document Manager contains a vulnerability that could ...)
+CVE-2017-1180
 	NOT-FOR-US: IBM TRIRIGA Document Manager
-CVE-2017-1179 (IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected ...)
+CVE-2017-1179
 	NOT-FOR-US: IBM
-CVE-2017-1178 (IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable ...)
+CVE-2017-1178
 	NOT-FOR-US: IBM
-CVE-2017-1177 (IBM BigFix Compliance 1.7 through 1.9.91 discloses sensitive ...)
+CVE-2017-1177
 	NOT-FOR-US: IBM
-CVE-2017-1176 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user ...)
+CVE-2017-1176
 	NOT-FOR-US: IBM
-CVE-2017-1175 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL ...)
+CVE-2017-1175
 	NOT-FOR-US: IBM
-CVE-2017-1174 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL ...)
+CVE-2017-1174
 	NOT-FOR-US: IBM
 CVE-2017-1173
 	RESERVED
 CVE-2017-1172
 	RESERVED
-CVE-2017-1171 (The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a ...)
+CVE-2017-1171
 	NOT-FOR-US: IBM
-CVE-2017-1170 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
+CVE-2017-1170
 	NOT-FOR-US: IBM
-CVE-2017-1169 (IBM DOORS next Generation (DNG/RRC) is vulnerable to cross-site ...)
+CVE-2017-1169
 	NOT-FOR-US: IBM
-CVE-2017-1168 (IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is ...)
+CVE-2017-1168
 	NOT-FOR-US: IBM
 CVE-2017-1167
 	RESERVED
@@ -48137,115 +48135,115 @@ CVE-2017-1166
 	RESERVED
 CVE-2017-1165
 	RESERVED
-CVE-2017-1164 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
+CVE-2017-1164
 	NOT-FOR-US: IBM
 CVE-2017-1163
 	RESERVED
-CVE-2017-1162 (IBM QRadar 7.2 and 7.3 discloses sensitive information to unauthorized ...)
+CVE-2017-1162
 	NOT-FOR-US: IBM
-CVE-2017-1161 (IBM API Connect 5.0.6.0 could allow a remote attacker to execute ...)
+CVE-2017-1161
 	NOT-FOR-US: IBM
-CVE-2017-1160 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
+CVE-2017-1160
 	NOT-FOR-US: IBM
-CVE-2017-1159 (IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker ...)
+CVE-2017-1159
 	NOT-FOR-US: IBM
 CVE-2017-1158
 	RESERVED
-CVE-2017-1157 (IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an ...)
+CVE-2017-1157
 	NOT-FOR-US: IBM
-CVE-2017-1156 (IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to ...)
+CVE-2017-1156
 	NOT-FOR-US: IBM
-CVE-2017-1155 (IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could ...)
+CVE-2017-1155
 	NOT-FOR-US: IBM
-CVE-2017-1154 (IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could ...)
+CVE-2017-1154
 	NOT-FOR-US: IBM
-CVE-2017-1153 (IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability ...)
+CVE-2017-1153
 	NOT-FOR-US: IBM
-CVE-2017-1152 (IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly ...)
+CVE-2017-1152
 	NOT-FOR-US: IBM
-CVE-2017-1151 (IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID ...)
+CVE-2017-1151
 	NOT-FOR-US: IBM
-CVE-2017-1150 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) ...)
+CVE-2017-1150
 	NOT-FOR-US: IBM
-CVE-2017-1149 (IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial ...)
+CVE-2017-1149
 	NOT-FOR-US: IBM
-CVE-2017-1148 (IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry ...)
+CVE-2017-1148
 	NOT-FOR-US: IBM
-CVE-2017-1147 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to ...)
+CVE-2017-1147
 	NOT-FOR-US: IBM
-CVE-2017-1146 (IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site ...)
+CVE-2017-1146
 	NOT-FOR-US: IBM
-CVE-2017-1145 (IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents ...)
+CVE-2017-1145
 	NOT-FOR-US: IBM
-CVE-2017-1144 (IBM WebSphere Message Broker could allow a local user with specialized ...)
+CVE-2017-1144
 	NOT-FOR-US: IBM
-CVE-2017-1143 (IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote ...)
+CVE-2017-1143
 	NOT-FOR-US: IBM
-CVE-2017-1142 (IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote ...)
+CVE-2017-1142
 	NOT-FOR-US: IBM
-CVE-2017-1141 (IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an ...)
+CVE-2017-1141
 	NOT-FOR-US: IBM
-CVE-2017-1140 (IBM Business Process Manager 8.0 and 8.5 are vulnerable to cross-site ...)
+CVE-2017-1140
 	NOT-FOR-US: IBM
 CVE-2017-1139
 	RESERVED
 CVE-2017-1138
 	RESERVED
-CVE-2017-1137 (IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker ...)
+CVE-2017-1137
 	NOT-FOR-US: IBM
 CVE-2017-1136
 	RESERVED
 CVE-2017-1135
 	RESERVED
-CVE-2017-1134 (IBM Reliable Scalable Cluster Technology could allow a local user to ...)
+CVE-2017-1134
 	NOT-FOR-US: IBM
-CVE-2017-1133 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This ...)
+CVE-2017-1133
 	NOT-FOR-US: IBM
-CVE-2017-1132 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to ...)
+CVE-2017-1132
 	NOT-FOR-US: IBM
-CVE-2017-1131 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an ...)
+CVE-2017-1131
 	NOT-FOR-US: IBM
-CVE-2017-1130 (IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user ...)
+CVE-2017-1130
 	NOT-FOR-US: IBM
-CVE-2017-1129 (IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user ...)
+CVE-2017-1129
 	NOT-FOR-US: IBM
-CVE-2017-1128 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1128
 	NOT-FOR-US: IBM
-CVE-2017-1127 (IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to ...)
+CVE-2017-1127
 	NOT-FOR-US: IBM
-CVE-2017-1126 (IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could ...)
+CVE-2017-1126
 	NOT-FOR-US: IBM
-CVE-2017-1125 (IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a ...)
+CVE-2017-1125
 	NOT-FOR-US: IBM
-CVE-2017-1124 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local ...)
+CVE-2017-1124
 	NOT-FOR-US: IBM
 CVE-2017-1123
 	RESERVED
-CVE-2017-1122 (IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that ...)
+CVE-2017-1122
 	NOT-FOR-US: IBM
-CVE-2017-1121 (IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to ...)
+CVE-2017-1121
 	NOT-FOR-US: IBM
-CVE-2017-1120 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site ...)
+CVE-2017-1120
 	NOT-FOR-US: IBM
-CVE-2017-1119 (IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote ...)
+CVE-2017-1119
 	NOT-FOR-US: IBM
-CVE-2017-1118 (IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker ...)
+CVE-2017-1118
 	NOT-FOR-US: IBM
-CVE-2017-1117 (IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to ...)
+CVE-2017-1117
 	NOT-FOR-US: IBM
-CVE-2017-1116 (IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, and 10.0 contains excessive ...)
+CVE-2017-1116
 	NOT-FOR-US: IBM
-CVE-2017-1115 (IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A ...)
+CVE-2017-1115
 	NOT-FOR-US: IBM
-CVE-2017-1114 (IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting. ...)
+CVE-2017-1114
 	NOT-FOR-US: IBM
-CVE-2017-1113 (IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to ...)
+CVE-2017-1113
 	NOT-FOR-US: IBM
 CVE-2017-1112
 	RESERVED
 CVE-2017-1111
 	RESERVED
-CVE-2017-1110 (IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an ...)
+CVE-2017-1110
 	NOT-FOR-US: IBM
 CVE-2017-1109
 	RESERVED
@@ -48253,35 +48251,35 @@ CVE-2017-1108
 	RESERVED
 CVE-2017-1107
 	RESERVED
-CVE-2017-1106 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to ...)
+CVE-2017-1106
 	NOT-FOR-US: IBM
-CVE-2017-1105 (IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 ...)
+CVE-2017-1105
 	NOT-FOR-US: IBM
-CVE-2017-1104 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1104
 	NOT-FOR-US: IBM
-CVE-2017-1103 (IBM Team Concert (RTC) is vulnerable to a denial of service, caused by ...)
+CVE-2017-1103
 	NOT-FOR-US: IBM
-CVE-2017-1102 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1102
 	NOT-FOR-US: IBM
-CVE-2017-1101 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1101
 	NOT-FOR-US: IBM
-CVE-2017-1100 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to ...)
+CVE-2017-1100
 	NOT-FOR-US: IBM
-CVE-2017-1099 (IBM Jazz Foundation could expose potentially sensitive information to ...)
+CVE-2017-1099
 	NOT-FOR-US: IBM
-CVE-2017-1098 (IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to ...)
+CVE-2017-1098
 	NOT-FOR-US: IBM
-CVE-2017-1097 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through ...)
+CVE-2017-1097
 	NOT-FOR-US: IBM
-CVE-2017-1096 (IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to ...)
+CVE-2017-1096
 	NOT-FOR-US: IBM
 CVE-2017-1095
 	RESERVED
 CVE-2017-1094
 	RESERVED
-CVE-2017-1093 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a ...)
+CVE-2017-1093
 	NOT-FOR-US: IBM AIX
-CVE-2017-1092 (IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an ...)
+CVE-2017-1092
 	NOT-FOR-US: IBM
 CVE-2017-1091
 	RESERVED
@@ -48289,32 +48287,32 @@ CVE-2017-1090
 	REJECTED
 CVE-2017-1089
 	REJECTED
-CVE-2017-1088 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, ...)
+CVE-2017-1088
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1087 (In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and ...)
+CVE-2017-1087
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1086 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, ...)
+CVE-2017-1086
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1085 (In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() ...)
+CVE-2017-1085
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1084 (In FreeBSD before 11.2-RELEASE, multiple issues with the ...)
+CVE-2017-1084
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1083 (In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is ...)
+CVE-2017-1083
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1082 (In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the ...)
+CVE-2017-1082
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1081 (In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and ...)
+CVE-2017-1081
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-17:04.ipfilter.asc
 	NOTE: kfreebsd not covered by security support
@@ -48608,102 +48606,102 @@ CVE-2017-0940
 	RESERVED
 CVE-2017-0939
 	RESERVED
-CVE-2017-0938 (Denial of Service attack in airMAX &lt; 8.3.2 , airMAX &lt; 6.0.7 and ...)
+CVE-2017-0938
 	NOT-FOR-US: airMAX
 CVE-2017-0937
 	RESERVED
-CVE-2017-0936 (Nextcloud Server before 11.0.7 and 12.0.5 suffers from an ...)
+CVE-2017-0936
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0935 (Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an ...)
+CVE-2017-0935
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0934 (Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an ...)
+CVE-2017-0934
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0933 (Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from a ...)
+CVE-2017-0933
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0932 (Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an ...)
+CVE-2017-0932
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0931 (html-janitor node module suffers from a Cross-Site Scripting (XSS) ...)
+CVE-2017-0931
 	NOT-FOR-US: html-janitor node module
-CVE-2017-0930 (augustine node module suffers from a Path Traversal vulnerability due ...)
+CVE-2017-0930
 	NOT-FOR-US: augustine node module
-CVE-2017-0929 (DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request ...)
+CVE-2017-0929
 	NOT-FOR-US: DNN (aka DotNetNuke)
-CVE-2017-0928 (html-janitor node module suffers from an External Control of Critical ...)
+CVE-2017-0928
 	NOT-FOR-US: html-janitor node module
-CVE-2017-0927 (Gitlab Community Edition version 10.3 is vulnerable to an improper ...)
+CVE-2017-0927
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	[stretch] - gitlab <not-affected> (Doesn't affect 8.x)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0926 (Gitlab Community Edition version 10.3 is vulnerable to an improper ...)
+CVE-2017-0926
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0925 (Gitlab Enterprise Edition version 10.1.0 is vulnerable to an ...)
+CVE-2017-0925
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0924 (Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...)
+CVE-2017-0924
 	- gitlab 10.5.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 9.0 and later)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0923 (Gitlab Community Edition version 9.1 is vulnerable to lack of input ...)
+CVE-2017-0923
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	[stretch] - gitlab <not-affected> (Doesn't affect 8.x)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0922 (Gitlab Enterprise Edition version 10.3 is vulnerable to an ...)
+CVE-2017-0922
 	- gitlab 10.5.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 9.1 and later)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0920 (GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and ...)
+CVE-2017-0920
 	{DSA-4206-1}
 	- gitlab 10.5.5+dfsg-1
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0919 (GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and ...)
+CVE-2017-0919
 	- gitlab 10.5.5+dfsg-1
 	NOTE: https://hackerone.com/reports/301137
 	NOTE: Fixed in 10.1.6, 10.2.6, and 10.3.4
-CVE-2017-0918 (Gitlab Community Edition version 10.3 is vulnerable to a path ...)
+CVE-2017-0918
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0917 (Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...)
+CVE-2017-0917
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0916 (Gitlab Community Edition version 10.3 is vulnerable to a lack of input ...)
+CVE-2017-0916
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/commit/7fc0a6fc096768a5604d6dd24d7d952e53300c82
-CVE-2017-0915 (Gitlab Community Edition version 10.2.4 is vulnerable to a lack of ...)
+CVE-2017-0915
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0914 (Gitlab Community and Enterprise Editions version 10.1, 10.2, and ...)
+CVE-2017-0914
 	- gitlab 10.5.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 9.4 and later)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0913 (Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to ...)
+CVE-2017-0913
 	NOT-FOR-US: Ubiquiti UCRM
-CVE-2017-0912 (Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored ...)
+CVE-2017-0912
 	NOT-FOR-US: Ubiquiti UCRM
-CVE-2017-0911 (Twitter Kit for iOS versions 3.0 to 3.2.1 is vulnerable to a callback ...)
+CVE-2017-0911
 	NOT-FOR-US: Twitter Kit for iOS
-CVE-2017-0910 (In Zulip Server before 1.7.1, on a server with multiple realms, a ...)
+CVE-2017-0910
 	- zulip-server <itp> (bug #800052)
-CVE-2017-0909 (The private_address_check ruby gem before 0.4.1 is vulnerable to a ...)
+CVE-2017-0909
 	NOT-FOR-US: private_address_check ruby gem
 CVE-2017-0908
 	REJECTED
-CVE-2017-0907 (The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, ...)
+CVE-2017-0907
 	NOT-FOR-US: Recurly Client .NET Library
-CVE-2017-0906 (The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, ...)
+CVE-2017-0906
 	NOT-FOR-US: Recurly Client Python Library
-CVE-2017-0905 (The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, ...)
+CVE-2017-0905
 	NOT-FOR-US: Recurly Client Ruby Library
-CVE-2017-0904 (The private_address_check ruby gem before 0.4.0 is vulnerable to a ...)
+CVE-2017-0904
 	NOT-FOR-US: private_address_check ruby gem
-CVE-2017-0903 (RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a ...)
+CVE-2017-0903
 	{DSA-4031-1 DLA-1421-1}
 	- ruby2.3 2.3.5-1 (bug #879231)
 	- ruby2.1 <removed>
@@ -48714,7 +48712,7 @@ CVE-2017-0903 (RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a ..
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/10/2
 	NOTE: https://justi.cz/security/2017/10/07/rubygems-org-rce.html
 	NOTE: Fixed by: https://github.com/rubygems/rubygems/commit/510b1638ac9bba3ceb7a5d73135dafff9e5bab49
-CVE-2017-0902 (RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking ...)
+CVE-2017-0902
 	{DSA-3966-1 DLA-1421-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873802)
 	- ruby2.1 <removed>
@@ -48726,7 +48724,7 @@ CVE-2017-0902 (RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijack
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0901 (RubyGems version 2.6.12 and earlier fails to validate specification ...)
+CVE-2017-0901
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1 DLA-1112-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873802)
 	- ruby2.1 <removed>
@@ -48736,7 +48734,7 @@ CVE-2017-0901 (RubyGems version 2.6.12 and earlier fails to validate specificati
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0900 (RubyGems version 2.6.12 and earlier is vulnerable to maliciously ...)
+CVE-2017-0900
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1 DLA-1112-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873802)
 	- ruby2.1 <removed>
@@ -48746,7 +48744,7 @@ CVE-2017-0900 (RubyGems version 2.6.12 and earlier is vulnerable to maliciously
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0899 (RubyGems version 2.6.12 and earlier is vulnerable to maliciously ...)
+CVE-2017-0899
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1}
 	- ruby2.3 2.3.3-1+deb9u1 (unimportant; bug #873802)
 	- ruby2.1 <removed> (unimportant)
@@ -48757,7 +48755,7 @@ CVE-2017-0899 (RubyGems version 2.6.12 and earlier is vulnerable to maliciously
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
 	NOTE: Not considered a vulnerability per se, if this affects a terminal emulator it's a bug there
-CVE-2017-0898 (Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious ...)
+CVE-2017-0898
 	{DSA-4031-1 DLA-1421-1 DLA-1114-1 DLA-1113-1}
 	- ruby2.3 2.3.5-1 (bug #875936)
 	- ruby2.1 <removed>
@@ -48766,494 +48764,494 @@ CVE-2017-0898 (Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious
 	NOTE: https://github.com/mruby/mruby/issues/3722
 	NOTE: https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/
 	NOTE: https://bugs.ruby-lang.org/issues/13499
-CVE-2017-0897 (ExpressionEngine version 2.x &lt; 2.11.8 and version 3.x &lt; 3.5.5 create ...)
+CVE-2017-0897
 	NOT-FOR-US: ExpressionEngine
-CVE-2017-0896 (Zulip Server 1.5.1 and below suffer from an error in the ...)
+CVE-2017-0896
 	- zulip-server <itp> (bug #800052)
-CVE-2017-0895 (Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure ...)
+CVE-2017-0895
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0894 (Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid ...)
+CVE-2017-0894
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0893 (Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are shipping a ...)
+CVE-2017-0893
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0892 (Nextcloud Server before 11.0.3 is vulnerable to an improper session ...)
+CVE-2017-0892
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0891 (Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to ...)
+CVE-2017-0891
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0890 (Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping ...)
+CVE-2017-0890
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0889 (Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde ...)
+CVE-2017-0889
 	NOT-FOR-US: paperclip ruby gem
-CVE-2017-0888 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a ...)
+CVE-2017-0888
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0886 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of ...)
+CVE-2017-0886
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0885 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message ...)
+CVE-2017-0885
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0884 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of ...)
+CVE-2017-0884
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0883 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission ...)
+CVE-2017-0883
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0882 (Multiple versions of GitLab expose sensitive user credentials when ...)
+CVE-2017-0882
 	- gitlab 8.13.11+dfsg-7 (bug #858410)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/29661
 	NOTE: https://about.gitlab.com/2017/03/20/gitlab-8-dot-17-dot-4-security-release/
-CVE-2017-0881 (An error in the implementation of an autosubscribe feature in the ...)
+CVE-2017-0881
 	NOT-FOR-US: Zulip
-CVE-2017-0880 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0880
 	- skia <itp> (bug #818180)
-CVE-2017-0879 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0879
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0878 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0878
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0877 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0877
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0876 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0876
 	NOT-FOR-US: Android Media Framework
 CVE-2017-0875
 	RESERVED
-CVE-2017-0874 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0874
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0873 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0873
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0872 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0872
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0871 (An elevation of privilege vulnerability in the Android framework ...)
+CVE-2017-0871
 	NOT-FOR-US: Android
-CVE-2017-0870 (An elevation of privilege vulnerability in the Android framework ...)
+CVE-2017-0870
 	NOT-FOR-US: Android
-CVE-2017-0869 (NVIDIA driver contains an integer overflow vulnerability which could ...)
+CVE-2017-0869
 	NOT-FOR-US: NVIDIA components for Android
 CVE-2017-0868
 	RESERVED
 CVE-2017-0867
 	RESERVED
-CVE-2017-0866 (An elevation of privilege vulnerability in the Direct rendering ...)
+CVE-2017-0866
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-0865 (An elevation of privilege vulnerability in the MediaTek soc driver. ...)
+CVE-2017-0865
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0864 (An elevation of privilege vulnerability in the MediaTek ioctl ...)
+CVE-2017-0864
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0863 (An elevation of privilege vulnerability in the Upstream kernel video ...)
+CVE-2017-0863
 	NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
-CVE-2017-0862 (An elevation of privilege vulnerability in the Upstream kernel kernel. ...)
+CVE-2017-0862
 	NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
-CVE-2017-0861 (Use-after-free vulnerability in the snd_pcm_info function in the ALSA ...)
+CVE-2017-0861
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.80-1
 	NOTE: https://git.kernel.org/linus/362bca57f5d78220f8b5907b875961af9436e229
 	NOTE: UAF actually already removed in https://git.kernel.org/linus/e11f0f90a626f93899687b1cc909ee37dd6c5809
-CVE-2017-0860 (An elevation of privilege vulnerability in the Android system ...)
+CVE-2017-0860
 	NOT-FOR-US: Android
-CVE-2017-0859 (Another vulnerability in the Android media framework (n/a). Product: ...)
+CVE-2017-0859
 	NOT-FOR-US: Android media framework
-CVE-2017-0858 (Another vulnerability in the Android media framework (n/a). Product: ...)
+CVE-2017-0858
 	NOT-FOR-US: Android media framework
-CVE-2017-0857 (Another vulnerability in the Android media framework (n/a). Product: ...)
+CVE-2017-0857
 	NOT-FOR-US: Android media framework
 CVE-2017-0856
 	RESERVED
-CVE-2017-0855 (In MPEG4Extractor.cpp, there are several places where functions return ...)
+CVE-2017-0855
 	NOT-FOR-US: Android media framework
-CVE-2017-0854 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0854
 	NOT-FOR-US: Android media framework
-CVE-2017-0853 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0853
 	NOT-FOR-US: Android media framework
-CVE-2017-0852 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0852
 	NOT-FOR-US: Android media framework
-CVE-2017-0851 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0851
 	NOT-FOR-US: Android media framework
-CVE-2017-0850 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0850
 	NOT-FOR-US: Android media framework
-CVE-2017-0849 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0849
 	NOT-FOR-US: Android media framework
-CVE-2017-0848 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0848
 	NOT-FOR-US: Android media framework
-CVE-2017-0847 (An elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0847
 	NOT-FOR-US: Android media framework
-CVE-2017-0846 (An information disclosure vulnerability in the Android framework ...)
+CVE-2017-0846
 	NOT-FOR-US: Android
-CVE-2017-0845 (A denial of service vulnerability in the Android framework ...)
+CVE-2017-0845
 	NOT-FOR-US: Android
 CVE-2017-0844
 	RESERVED
-CVE-2017-0843 (An elevation of privilege vulnerability in the MediaTek ccci. Product: ...)
+CVE-2017-0843
 	NOT-FOR-US: MediaTek component for Android
-CVE-2017-0842 (An elevation of privilege vulnerability in the Android system ...)
+CVE-2017-0842
 	NOT-FOR-US: Fluoride Bluetooth stack in Android
-CVE-2017-0841 (A remote code execution vulnerability in the Android system ...)
+CVE-2017-0841
 	- android-platform-system-core <unfixed> (unimportant)
 	NOTE: Fixed by https://android.googlesource.com/platform/system/core/+/47efc676c849e3abf32001d66e2d6eb887e83c48%5E!/
-CVE-2017-0840 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0840
 	NOT-FOR-US: Android media framework
-CVE-2017-0839 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0839
 	NOT-FOR-US: Android media framework
-CVE-2017-0838 (An elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0838
 	NOT-FOR-US: Android media framework
-CVE-2017-0837 (An elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0837
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0836 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0836
 	NOT-FOR-US: Android media framework
-CVE-2017-0835 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0835
 	NOT-FOR-US: Android media framework
-CVE-2017-0834 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0834
 	NOT-FOR-US: Android media framework
-CVE-2017-0833 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0833
 	NOT-FOR-US: Android media framework
-CVE-2017-0832 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0832
 	NOT-FOR-US: Android media framework
-CVE-2017-0831 (An elevation of privilege vulnerability in the Android framework ...)
+CVE-2017-0831
 	NOT-FOR-US: Android
-CVE-2017-0830 (An elevation of privilege vulnerability in the Android framework ...)
+CVE-2017-0830
 	NOT-FOR-US: Android
-CVE-2017-0829 (An elevation of privilege vulnerability in the Motorola bootloader. ...)
+CVE-2017-0829
 	NOT-FOR-US: Motorola bootloader
-CVE-2017-0828 (An elevation of privilege vulnerability in the Huawei bootloader. ...)
+CVE-2017-0828
 	NOT-FOR-US: Huawei bootloader
-CVE-2017-0827 (An elevation of privilege vulnerability in the MediaTek soc driver. ...)
+CVE-2017-0827
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0826 (An elevation of privilege vulnerability in the HTC bootloader. ...)
+CVE-2017-0826
 	NOT-FOR-US: HTC bootloader
-CVE-2017-0825 (An information disclosure vulnerability in the Broadcom wifi driver. ...)
+CVE-2017-0825
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0824 (An elevation of privilege vulnerability in the Broadcom wifi driver. ...)
+CVE-2017-0824
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0823 (An information disclosure vulnerability in the Android system (rild). ...)
+CVE-2017-0823
 	NOT-FOR-US: Android (rild)
-CVE-2017-0822 (An elevation of privilege vulnerability in the Android system ...)
+CVE-2017-0822
 	- android-framework-23 <unfixed> (unimportant)
 	NOTE: Fixed by https://android.googlesource.com/platform/frameworks/base/+/c574568aaede7f652432deb7707f20ae54bbdf9a
 CVE-2017-0821
 	RESERVED
-CVE-2017-0820 (A vulnerability in the Android media framework (n/a). Product: ...)
+CVE-2017-0820
 	NOT-FOR-US: Android media framework
-CVE-2017-0819 (A vulnerability in the Android media framework (n/a). Product: ...)
+CVE-2017-0819
 	NOT-FOR-US: Android media framework
-CVE-2017-0818 (A vulnerability in the Android media framework (n/a). Product: ...)
+CVE-2017-0818
 	NOT-FOR-US: Android media framework
-CVE-2017-0817 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0817
 	NOT-FOR-US: Android media framework
-CVE-2017-0816 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0816
 	NOT-FOR-US: Android media framework
-CVE-2017-0815 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0815
 	NOT-FOR-US: Android media framework
-CVE-2017-0814 (An information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0814
 	NOT-FOR-US: Android media framework
-CVE-2017-0813 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0813
 	NOT-FOR-US: Android media framework
-CVE-2017-0812 (An elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0812
 	NOT-FOR-US: Android media framework
-CVE-2017-0811 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0811
 	NOT-FOR-US: Android media framework
-CVE-2017-0810 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0810
 	NOT-FOR-US: Android media framework
-CVE-2017-0809 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0809
 	NOT-FOR-US: Android media framework
-CVE-2017-0808 (An information disclosure vulnerability in the Android framework (file ...)
+CVE-2017-0808
 	NOT-FOR-US: Android
-CVE-2017-0807 (An elevation of privilege vulnerability in the Android framework (ui ...)
+CVE-2017-0807
 	NOT-FOR-US: Android
-CVE-2017-0806 (An elevation of privilege vulnerability in the Android framework ...)
+CVE-2017-0806
 	NOT-FOR-US: Android
-CVE-2017-0805 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0805
 	NOT-FOR-US: Android media framework
-CVE-2017-0804 (A elevation of privilege vulnerability in the MediaTek mmc driver. ...)
+CVE-2017-0804
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0803 (A elevation of privilege vulnerability in the MediaTek accessory ...)
+CVE-2017-0803
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0802 (A elevation of privilege vulnerability in the MediaTek kernel. ...)
+CVE-2017-0802
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0801 (A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. ...)
+CVE-2017-0801
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0800 (A elevation of privilege vulnerability in the MediaTek teei. Product: ...)
+CVE-2017-0800
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0799 (A elevation of privilege vulnerability in the MediaTek lastbus. ...)
+CVE-2017-0799
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0798 (A elevation of privilege vulnerability in the MediaTek kernel. ...)
+CVE-2017-0798
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0797 (A elevation of privilege vulnerability in the MediaTek accessory ...)
+CVE-2017-0797
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0796 (A elevation of privilege vulnerability in the MediaTek auxadc driver. ...)
+CVE-2017-0796
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0795 (A elevation of privilege vulnerability in the MediaTek accessory ...)
+CVE-2017-0795
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0794 (A elevation of privilege vulnerability in the Upstream kernel scsi ...)
+CVE-2017-0794
 	NOT-FOR-US: Android kernel on Nexus (probably)
 	NOTE: https://source.android.com/security/bulletin/2017-09-01 doesn't link a public patch, so probably related to some binary-only component on Nexus
-CVE-2017-0793 (A information disclosure vulnerability in the N/A memory subsystem. ...)
+CVE-2017-0793
 	NOT-FOR-US: Imagetech driver for Android
-CVE-2017-0792 (A information disclosure vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0792
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0791 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0791
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0790 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0790
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0789 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0789
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0788 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0788
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0787 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0787
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0786 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0786
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/17df6453d4be17910456e99c5a85025aa1b7a246 (v4.14-rc4)
-CVE-2017-0785 (A information disclosure vulnerability in the Android system ...)
+CVE-2017-0785
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0784 (A elevation of privilege vulnerability in the Android system (nfc). ...)
+CVE-2017-0784
 	NOT-FOR-US: Android
-CVE-2017-0783 (A information disclosure vulnerability in the Android system ...)
+CVE-2017-0783
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0782 (A remote code execution vulnerability in the Android system ...)
+CVE-2017-0782
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0781 (A remote code execution vulnerability in the Android system ...)
+CVE-2017-0781
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0780 (A denial of service vulnerability in the Android runtime (android ...)
+CVE-2017-0780
 	NOT-FOR-US: Android messaging
-CVE-2017-0779 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0779
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0778 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0778
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0777 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0777
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0776 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0776
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0775 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0775
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0774 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0774
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0773 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0773
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0772 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0772
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0771 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0771
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0770 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0770
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0769 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0769
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0768 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0768
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0767 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0767
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0766 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0766
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0765 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0765
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0764 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0764
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0763 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0763
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0762 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0762
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0761 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0761
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0760 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0760
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0759 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0759
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0758 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0758
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0757 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0757
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0756 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0756
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0755 (A elevation of privilege vulnerability in the Android libraries ...)
+CVE-2017-0755
 	NOT-FOR-US: Android
 CVE-2017-0754
 	RESERVED
-CVE-2017-0753 (A remote code execution vulnerability in the Android libraries ...)
+CVE-2017-0753
 	NOT-FOR-US: Android (libgdx)
-CVE-2017-0752 (A elevation of privilege vulnerability in the Android framework ...)
+CVE-2017-0752
 	- android-framework-23 <unfixed> (unimportant)
 	NOTE: Fixed by https://android.googlesource.com/platform/frameworks/base/+/6ca2eccdbbd4f11698bd5312812b4d171ff3c8ce%5E%21/
-CVE-2017-0751 (An elevation of privilege vulnerability in the Qualcomm QCE driver. ...)
+CVE-2017-0751
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-0750 (A elevation of privilege vulnerability in the Upstream Linux file ...)
+CVE-2017-0750
 	- linux <not-affected> (Android-specific change)
 	NOTE: https://source.android.com/security/bulletin/2017-08-01
-CVE-2017-0749 (A elevation of privilege vulnerability in the Upstream Linux linux ...)
+CVE-2017-0749
 	- linux <not-affected> (Android-specific change)
 	NOTE: https://source.android.com/security/bulletin/2017-08-01
-CVE-2017-0748 (An information disclosure vulnerability in the Qualcomm audio driver. ...)
+CVE-2017-0748
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-0747 (A elevation of privilege vulnerability in the Qualcomm proprietary ...)
+CVE-2017-0747
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0746 (A elevation of privilege vulnerability in the Qualcomm ipa driver. ...)
+CVE-2017-0746
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0745 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0745
 	NOT-FOR-US: libstagefright
-CVE-2017-0744 (An elevation of privilege vulnerability in the NVIDIA firmware ...)
+CVE-2017-0744
 	NOT-FOR-US: Google drivers for Android
 CVE-2017-0743
 	RESERVED
-CVE-2017-0742 (A elevation of privilege vulnerability in the MediaTek video driver. ...)
+CVE-2017-0742
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0741 (A elevation of privilege vulnerability in the MediaTek gpu driver. ...)
+CVE-2017-0741
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0740 (A remote code execution vulnerability in the Broadcom networking ...)
+CVE-2017-0740
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0739 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0739
 	NOT-FOR-US: Android media framework
-CVE-2017-0738 (A information disclosure vulnerability in the Android media framework ...)
+CVE-2017-0738
 	NOT-FOR-US: Android media framework
-CVE-2017-0737 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0737
 	NOT-FOR-US: libstagefright
-CVE-2017-0736 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0736
 	NOT-FOR-US: Android media framework
-CVE-2017-0735 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0735
 	NOT-FOR-US: Android media framework
-CVE-2017-0734 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0734
 	NOT-FOR-US: Android media framework
-CVE-2017-0733 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0733
 	NOT-FOR-US: Android media framework
-CVE-2017-0732 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0732
 	NOT-FOR-US: libstagefright
-CVE-2017-0731 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0731
 	NOT-FOR-US: libstagefright
-CVE-2017-0730 (A denial of service vulnerability in the Android media framework (h264 ...)
+CVE-2017-0730
 	NOT-FOR-US: Android media framework
-CVE-2017-0729 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0729
 	NOT-FOR-US: Android media framework
-CVE-2017-0728 (A denial of service vulnerability in the Android media framework (hevc ...)
+CVE-2017-0728
 	NOT-FOR-US: Android media framework
-CVE-2017-0727 (A elevation of privilege vulnerability in the Android media framework ...)
+CVE-2017-0727
 	NOT-FOR-US: Android media framework
-CVE-2017-0726 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0726
 	NOT-FOR-US: libstagefright
-CVE-2017-0725 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0725
 	NOT-FOR-US: Android media framework
-CVE-2017-0724 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0724
 	NOT-FOR-US: Android media framework
-CVE-2017-0723 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0723
 	NOT-FOR-US: Android media framework
-CVE-2017-0722 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0722
 	NOT-FOR-US: libstagefright
-CVE-2017-0721 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0721
 	NOT-FOR-US: Android media framework
-CVE-2017-0720 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0720
 	NOT-FOR-US: Android media framework
-CVE-2017-0719 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0719
 	NOT-FOR-US: Android media framework
-CVE-2017-0718 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0718
 	NOT-FOR-US: Android media framework
 CVE-2017-0717
 	RESERVED
-CVE-2017-0716 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0716
 	NOT-FOR-US: Android media framework
-CVE-2017-0715 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0715
 	NOT-FOR-US: Android media framework
-CVE-2017-0714 (A remote code execution vulnerability in the Android media framework ...)
+CVE-2017-0714
 	NOT-FOR-US: Android media framework
-CVE-2017-0713 (A remote code execution vulnerability in the Android libraries ...)
+CVE-2017-0713
 	NOT-FOR-US: Android
-CVE-2017-0712 (A elevation of privilege vulnerability in the Android framework (wi-fi ...)
+CVE-2017-0712
 	NOT-FOR-US: Android
-CVE-2017-0711 (A elevation of privilege vulnerability in the MediaTek networking ...)
+CVE-2017-0711
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0710 (A elevation of privilege vulnerability in the Upstream Linux tcb. ...)
+CVE-2017-0710
 	NOT-FOR-US: Android Trusted Computing Base
-CVE-2017-0709 (A information disclosure vulnerability in the HTC sensor hub driver. ...)
+CVE-2017-0709
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0708 (A information disclosure vulnerability in the HTC sound driver. ...)
+CVE-2017-0708
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0707 (A elevation of privilege vulnerability in the HTC led driver. Product: ...)
+CVE-2017-0707
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0706 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0706
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0705 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
+CVE-2017-0705
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0704 (A elevation of privilege vulnerability in the Android system ui. ...)
+CVE-2017-0704
 	NOT-FOR-US: Android
-CVE-2017-0703 (A elevation of privilege vulnerability in the Android system ui. ...)
+CVE-2017-0703
 	NOT-FOR-US: Android
-CVE-2017-0702 (A remote code execution vulnerability in the Android system ui. ...)
+CVE-2017-0702
 	NOT-FOR-US: Android
-CVE-2017-0701 (A remote code execution vulnerability in the Android system ui. ...)
+CVE-2017-0701
 	NOT-FOR-US: Android
-CVE-2017-0700 (A remote code execution vulnerability in the Android system ui. ...)
+CVE-2017-0700
 	NOT-FOR-US: Android
-CVE-2017-0699 (A information disclosure vulnerability in the Android media framework. ...)
+CVE-2017-0699
 	NOT-FOR-US: Android media framework
-CVE-2017-0698 (A information disclosure vulnerability in the Android media framework. ...)
+CVE-2017-0698
 	NOT-FOR-US: Android media framework
-CVE-2017-0697 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0697
 	NOT-FOR-US: Android media framework
-CVE-2017-0696 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0696
 	NOT-FOR-US: Android media framework
-CVE-2017-0695 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0695
 	NOT-FOR-US: Android media framework
-CVE-2017-0694 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0694
 	NOT-FOR-US: Android media framework
-CVE-2017-0693 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0693
 	NOT-FOR-US: Android media framework
-CVE-2017-0692 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0692
 	NOT-FOR-US: Android media framework
-CVE-2017-0691 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0691
 	NOT-FOR-US: Android media framework
-CVE-2017-0690 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0690
 	NOT-FOR-US: Android media framework
-CVE-2017-0689 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0689
 	NOT-FOR-US: Android media framework
-CVE-2017-0688 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0688
 	NOT-FOR-US: Android media framework
-CVE-2017-0687 (A denial of service vulnerability in the Android media framework ...)
+CVE-2017-0687
 	NOT-FOR-US: Android media framework
-CVE-2017-0686 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0686
 	NOT-FOR-US: Android media framework
-CVE-2017-0685 (A denial of service vulnerability in the Android media framework. ...)
+CVE-2017-0685
 	NOT-FOR-US: Android media framework
-CVE-2017-0684 (A elevation of privilege vulnerability in the Android media framework. ...)
+CVE-2017-0684
 	NOT-FOR-US: Android media framework
-CVE-2017-0683 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0683
 	NOT-FOR-US: Android media framework
-CVE-2017-0682 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0682
 	NOT-FOR-US: Android media framework
-CVE-2017-0681 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0681
 	NOT-FOR-US: Android media framework
-CVE-2017-0680 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0680
 	NOT-FOR-US: Android media framework
-CVE-2017-0679 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0679
 	NOT-FOR-US: Android media framework
-CVE-2017-0678 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0678
 	NOT-FOR-US: Android media framework
-CVE-2017-0677 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0677
 	NOT-FOR-US: Android media framework
-CVE-2017-0676 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0676
 	NOT-FOR-US: Android media framework
-CVE-2017-0675 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0675
 	NOT-FOR-US: Android media framework
-CVE-2017-0674 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0674
 	NOT-FOR-US: Android media framework
-CVE-2017-0673 (A remote code execution vulnerability in the Android media framework. ...)
+CVE-2017-0673
 	NOT-FOR-US: Android media framework
-CVE-2017-0672 (A denial of service vulnerability in the Android libraries. Product: ...)
+CVE-2017-0672
 	NOT-FOR-US: Android
-CVE-2017-0671 (A remote code execution vulnerability in the Android libraries. ...)
+CVE-2017-0671
 	NOT-FOR-US: Android
 	NOTE: Not publicly available
-CVE-2017-0670 (A denial of service vulnerability in the Android framework. Product: ...)
+CVE-2017-0670
 	NOT-FOR-US: Android
-CVE-2017-0669 (A information disclosure vulnerability in the Android framework. ...)
+CVE-2017-0669
 	NOT-FOR-US: Android
-CVE-2017-0668 (A information disclosure vulnerability in the Android framework. ...)
+CVE-2017-0668
 	NOT-FOR-US: Android
-CVE-2017-0667 (A elevation of privilege vulnerability in the Android framework. ...)
+CVE-2017-0667
 	NOT-FOR-US: Android
-CVE-2017-0666 (A elevation of privilege vulnerability in the Android framework. ...)
+CVE-2017-0666
 	NOT-FOR-US: Android
-CVE-2017-0665 (A elevation of privilege vulnerability in the Android framework. ...)
+CVE-2017-0665
 	NOT-FOR-US: Android
-CVE-2017-0664 (A elevation of privilege vulnerability in the Android framework. ...)
+CVE-2017-0664
 	NOT-FOR-US: Android
-CVE-2017-0663 (A remote code execution vulnerability in libxml2 could enable an ...)
+CVE-2017-0663
 	{DSA-3952-1 DLA-1060-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #870870)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780228 (not yet public)
@@ -49281,214 +49279,214 @@ CVE-2017-0653
 	RESERVED
 CVE-2017-0652
 	RESERVED
-CVE-2017-0651 (An information disclosure vulnerability in the kernel ION subsystem ...)
+CVE-2017-0651
 	NOT-FOR-US: Android
-CVE-2017-0650 (An information disclosure vulnerability in the Synaptics touchscreen ...)
+CVE-2017-0650
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0649 (An elevation of privilege vulnerability in the MediaTek sound driver ...)
+CVE-2017-0649
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0648 (An elevation of privilege vulnerability in the kernel FIQ debugger ...)
+CVE-2017-0648
 	NOT-FOR-US: Android
-CVE-2017-0647 (An information disclosure vulnerability in libziparchive could enable ...)
+CVE-2017-0647
 	- android-platform-system-core 1:7.0.0+r33-2 (unimportant; bug #867229)
 	[jessie] - android-platform-system-core <not-affected> (Vulnerable code not present)
 	NOTE: No impact on SDK usage
-CVE-2017-0646 (An information disclosure vulnerability in Bluetooth component could ...)
+CVE-2017-0646
 	NOT-FOR-US: Android
-CVE-2017-0645 (An elevation of privilege vulnerability in Bluetooth could enable a ...)
+CVE-2017-0645
 	NOT-FOR-US: Android
-CVE-2017-0644 (A remote denial of service vulnerability in Mediaserver could enable ...)
+CVE-2017-0644
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0643 (A remote denial of service vulnerability in Mediaserver could enable ...)
+CVE-2017-0643
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0642 (A remote denial of service vulnerability in libhevc in Mediaserver ...)
+CVE-2017-0642
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0641 (A remote denial of service vulnerability in libvpx in Mediaserver ...)
+CVE-2017-0641
 	- libvpx <unfixed> (unimportant; bug #871931)
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/698796fc930baecf5c3fdebef17e73d5d9a58bcb
 	NOTE: Debian builds configures with --size-limit=16384x16384, Android lowered
 	NOTE: the limit to something more aligned for smart phones
-CVE-2017-0640 (A remote denial of service vulnerability in Mediaserver could enable ...)
+CVE-2017-0640
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0639 (An information disclosure vulnerability in Bluetooth component could ...)
+CVE-2017-0639
 	NOT-FOR-US: Android
-CVE-2017-0638 (A remote code execution vulnerability in System UI component could ...)
+CVE-2017-0638
 	NOT-FOR-US: Android
-CVE-2017-0637 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+CVE-2017-0637
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0636 (An elevation of privilege vulnerability in the MediaTek command queue ...)
+CVE-2017-0636
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0635 (A remote denial of service vulnerability in HevcUtils.cpp in ...)
+CVE-2017-0635
 	NOT-FOR-US: libstagefright
-CVE-2017-0634 (An information disclosure vulnerability in the Synaptics touchscreen ...)
+CVE-2017-0634
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0633 (An information disclosure vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0633
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0632 (An information disclosure vulnerability in the Qualcomm sound codec ...)
+CVE-2017-0632
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0631 (An information disclosure vulnerability in the Qualcomm camera driver ...)
+CVE-2017-0631
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0630 (An information disclosure vulnerability in the kernel trace subsystem ...)
+CVE-2017-0630
 	- linux <unfixed>
 	NOTE: https://lore.kernel.org/lkml/20180725202238.165314-1-salyzyn@android.com/
-CVE-2017-0629 (An information disclosure vulnerability in the Qualcomm camera driver ...)
+CVE-2017-0629
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0628 (An information disclosure vulnerability in the Qualcomm camera driver ...)
+CVE-2017-0628
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0627 (An information disclosure vulnerability in the kernel UVC driver could ...)
+CVE-2017-0627
 	NOT-FOR-US: Android kernel
-CVE-2017-0626 (An information disclosure vulnerability in the Qualcomm crypto engine ...)
+CVE-2017-0626
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0625 (An information disclosure vulnerability in the MediaTek command queue ...)
+CVE-2017-0625
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0624 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0624
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0623 (An elevation of privilege vulnerability in the HTC bootloader could ...)
+CVE-2017-0623
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0622 (An elevation of privilege vulnerability in the Goodix touchscreen ...)
+CVE-2017-0622
 	NOT-FOR-US: Goodix driver for Android
-CVE-2017-0621 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2017-0621
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0620 (An elevation of privilege vulnerability in the Qualcomm Secure Channel ...)
+CVE-2017-0620
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0619 (An elevation of privilege vulnerability in the Qualcomm pin controller ...)
+CVE-2017-0619
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0618 (An elevation of privilege vulnerability in the MediaTek command queue ...)
+CVE-2017-0618
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0617 (An elevation of privilege vulnerability in the MediaTek video driver ...)
+CVE-2017-0617
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0616 (An elevation of privilege vulnerability in the MediaTek system ...)
+CVE-2017-0616
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0615 (An elevation of privilege vulnerability in the MediaTek power driver ...)
+CVE-2017-0615
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0614 (An elevation of privilege vulnerability in the Qualcomm Secure ...)
+CVE-2017-0614
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0613 (An elevation of privilege vulnerability in the Qualcomm Secure ...)
+CVE-2017-0613
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0612 (An elevation of privilege vulnerability in the Qualcomm Secure ...)
+CVE-2017-0612
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0611 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0611
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0610 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0610
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0609 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0609
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0608 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0608
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0607 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0607
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0606 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0606
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0605
 	REJECTED
-CVE-2017-0604 (An elevation of privilege vulnerability in the kernel Qualcomm power ...)
+CVE-2017-0604
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0603 (A denial of service vulnerability in libstagefright in Mediaserver ...)
+CVE-2017-0603
 	NOT-FOR-US: libstagefright
-CVE-2017-0602 (An information disclosure vulnerability in Bluetooth could allow a ...)
+CVE-2017-0602
 	NOT-FOR-US: Android
-CVE-2017-0601 (An Elevation of Privilege vulnerability in Bluetooth could potentially ...)
+CVE-2017-0601
 	NOT-FOR-US: Android
-CVE-2017-0600 (A remote denial of service vulnerability in libstagefright in ...)
+CVE-2017-0600
 	NOT-FOR-US: libstagefright
-CVE-2017-0599 (A remote denial of service vulnerability in libhevc in Mediaserver ...)
+CVE-2017-0599
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0598 (An information disclosure vulnerability in the Framework APIs could ...)
+CVE-2017-0598
 	NOT-FOR-US: Android
-CVE-2017-0597 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0597
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0596 (An elevation of privilege vulnerability in libstagefright in ...)
+CVE-2017-0596
 	NOT-FOR-US: libstagefright
-CVE-2017-0595 (An elevation of privilege vulnerability in libstagefright in ...)
+CVE-2017-0595
 	NOT-FOR-US: libstagefright
-CVE-2017-0594 (An elevation of privilege vulnerability in ...)
+CVE-2017-0594
 	NOT-FOR-US: libstagefright
-CVE-2017-0593 (An elevation of privilege vulnerability in the Framework APIs could ...)
+CVE-2017-0593
 	NOT-FOR-US: Android
-CVE-2017-0592 (A remote code execution vulnerability in FLACExtractor.cpp in ...)
+CVE-2017-0592
 	NOT-FOR-US: Android
-CVE-2017-0591 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+CVE-2017-0591
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0590 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+CVE-2017-0590
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0589 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+CVE-2017-0589
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0588 (A remote code execution vulnerability in id3/ID3.cpp in libstagefright ...)
+CVE-2017-0588
 	NOT-FOR-US: libstagefright
-CVE-2017-0587 (A remote code execution vulnerability in libmpeg2 in Mediaserver could ...)
+CVE-2017-0587
 	NOT-FOR-US: libstagefright
-CVE-2017-0586 (An information disclosure vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0586
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0585 (An information disclosure vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0585
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0584 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0584
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0583 (An elevation of privilege vulnerability in the Qualcomm CP access ...)
+CVE-2017-0583
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0582 (An elevation of privilege vulnerability in the HTC OEM fastboot ...)
+CVE-2017-0582
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0581 (An elevation of privilege vulnerability in the Synaptics Touchscreen ...)
+CVE-2017-0581
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0580 (An elevation of privilege vulnerability in the Synaptics Touchscreen ...)
+CVE-2017-0580
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0579 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
+CVE-2017-0579
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0578 (An elevation of privilege vulnerability in the DTS sound driver could ...)
+CVE-2017-0578
 	NOT-FOR-US: DTS driver for Android
-CVE-2017-0577 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
+CVE-2017-0577
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0576 (An elevation of privilege vulnerability in the Qualcomm crypto engine ...)
+CVE-2017-0576
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0575 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0575
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0574 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0574
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0573 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0573
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0572 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0572
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0571 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0571
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0570 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0570
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0569 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0569
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0568 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0568
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0567 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0567
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0566 (An elevation of privilege vulnerability in the MediaTek camera driver ...)
+CVE-2017-0566
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0565 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
+CVE-2017-0565
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0564 (An elevation of privilege vulnerability in the kernel ION subsystem ...)
+CVE-2017-0564
 	NOT-FOR-US: Android ION subsystem
 	NOTE: Linux mainline contains a copy in drivers/staging/android/ion, but since no
 	NOTE: patch has been made available it's likely some closed-source addon
-CVE-2017-0563 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
+CVE-2017-0563
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0562 (An elevation of privilege vulnerability in the MediaTek touchscreen ...)
+CVE-2017-0562
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0561 (A remote code execution vulnerability in the Broadcom Wi-Fi firmware ...)
+CVE-2017-0561
 	{DLA-1573-1}
 	- firmware-nonfree 20180518-1 (bug #869639)
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
-CVE-2017-0560 (An information disclosure vulnerability in the factory reset process ...)
+CVE-2017-0560
 	NOT-FOR-US: Android
-CVE-2017-0559 (An information disclosure vulnerability in libskia could enable a ...)
+CVE-2017-0559
 	- skia <itp> (bug #818180)
-CVE-2017-0558 (An information disclosure vulnerability in Mediaserver could enable a ...)
+CVE-2017-0558
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0557 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
+CVE-2017-0557
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0556 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
+CVE-2017-0556
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0555 (An information disclosure vulnerability in libavc in Mediaserver could ...)
+CVE-2017-0555
 	NOT-FOR-US: Android Mediaserver/ libavc
-CVE-2017-0554 (An elevation of privilege vulnerability in the Telephony component ...)
+CVE-2017-0554
 	NOT-FOR-US: Android
-CVE-2017-0553 (An elevation of privilege vulnerability in libnl could enable a local ...)
+CVE-2017-0553
 	{DLA-892-1 DLA-891-1}
 	- libnl3 3.2.27-2 (unimportant; bug #859948)
 	- libnl <removed> (unimportant)
@@ -49496,82 +49494,82 @@ CVE-2017-0553 (An elevation of privilege vulnerability in libnl could enable a l
 	NOTE: Fix via Android: https://android.googlesource.com/platform/external/libnl/+/f83d9c1c67b6be69a96995e384f50b572b667df0
 	NOTE: Not a security issue by itself, the upstream patch protects against API misuse,
 	NOTE: this still requires missing input validation in the application using libnl
-CVE-2017-0552 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+CVE-2017-0552
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0551 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+CVE-2017-0551
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0550 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+CVE-2017-0550
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0549 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+CVE-2017-0549
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0548 (A remote denial of service vulnerability in libskia could enable an ...)
+CVE-2017-0548
 	- skia <itp> (bug #818180)
-CVE-2017-0547 (An information disclosure vulnerability in libmedia in Mediaserver ...)
+CVE-2017-0547
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0546 (An elevation of privilege vulnerability in SurfaceFlinger could enable ...)
+CVE-2017-0546
 	NOT-FOR-US: Android
-CVE-2017-0545 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0545
 	NOT-FOR-US: Android
-CVE-2017-0544 (An elevation of privilege vulnerability in CameraBase could enable a ...)
+CVE-2017-0544
 	NOT-FOR-US: Android
-CVE-2017-0543 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+CVE-2017-0543
 	NOT-FOR-US: Android Mediaserver/ libavc
-CVE-2017-0542 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+CVE-2017-0542
 	NOT-FOR-US: Android Mediaserver/ libavc
-CVE-2017-0541 (A remote code execution vulnerability in sonivox in Mediaserver could ...)
+CVE-2017-0541
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0540 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+CVE-2017-0540
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0539 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+CVE-2017-0539
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0538 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+CVE-2017-0538
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0537 (An information disclosure vulnerability in the kernel USB gadget ...)
+CVE-2017-0537
 	NOT-FOR-US: Nvidia driver for Android
 	NOTE: https://source.android.com/security/bulletin/2017-03-01.html
 	NOTE: Android bulletin lists as affecting only Pixel C (Tegra X1) and Tegra USB gadget mode is not in mainline Linux
-CVE-2017-0536 (An information disclosure vulnerability in the Synaptics touchscreen ...)
+CVE-2017-0536
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0535 (An information disclosure vulnerability in the HTC sound codec driver ...)
+CVE-2017-0535
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0534 (An information disclosure vulnerability in the Qualcomm video driver ...)
+CVE-2017-0534
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0533 (An information disclosure vulnerability in the Qualcomm video driver ...)
+CVE-2017-0533
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0532 (An information disclosure vulnerability in the MediaTek video codec ...)
+CVE-2017-0532
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0531 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0531
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0530
 	RESERVED
-CVE-2017-0529 (An information disclosure vulnerability in the MediaTek driver could ...)
+CVE-2017-0529
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0528 (An elevation of privilege vulnerability in the kernel security ...)
+CVE-2017-0528
 	NOT-FOR-US: Android bulletin lists as affecting only Pixel and Pixel XL (Qualcomm Snapdragon) so probably relates to Qualcomm driver
 	NOTE: https://source.android.com/security/bulletin/2017-03-01.html
-CVE-2017-0527 (An elevation of privilege vulnerability in the HTC Sensor Hub Driver ...)
+CVE-2017-0527
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0526 (An elevation of privilege vulnerability in the HTC Sensor Hub Driver ...)
+CVE-2017-0526
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0525 (An elevation of privilege vulnerability in the Qualcomm IPA driver ...)
+CVE-2017-0525
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0524 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2017-0524
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0523 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0523
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0522 (An elevation of privilege vulnerability in a MediaTek APK could enable ...)
+CVE-2017-0522
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0521 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2017-0521
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0520 (An elevation of privilege vulnerability in the Qualcomm crypto engine ...)
+CVE-2017-0520
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0519 (An elevation of privilege vulnerability in the Qualcomm fingerprint ...)
+CVE-2017-0519
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0518 (An elevation of privilege vulnerability in the Qualcomm fingerprint ...)
+CVE-2017-0518
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0517 (An elevation of privilege vulnerability in the MediaTek hardware ...)
+CVE-2017-0517
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0516 (An elevation of privilege vulnerability in the Qualcomm input hardware ...)
+CVE-2017-0516
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0515
 	RESERVED
@@ -49583,330 +49581,330 @@ CVE-2017-0512
 	RESERVED
 CVE-2017-0511
 	RESERVED
-CVE-2017-0510 (An elevation of privilege vulnerability in the kernel FIQ debugger ...)
+CVE-2017-0510
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-0509 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0509
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0508 (An elevation of privilege vulnerability in the kernel ION subsystem ...)
+CVE-2017-0508
 	NOT-FOR-US: Android ION subsystem
 	NOTE: Linux mainline contains a copy in drivers/staging/android/ion, but since no
 	NOTE: patch has been made available it's likely some closed-source addon
-CVE-2017-0507 (An elevation of privilege vulnerability in the kernel ION subsystem ...)
+CVE-2017-0507
 	NOT-FOR-US: Android ION subsystem
 	NOTE: Linux mainline contains a copy in drivers/staging/android/ion, but since no
 	NOTE: patch has been made available it's likely some closed-source addon
-CVE-2017-0506 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2017-0506
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0505 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2017-0505
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0504 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2017-0504
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0503 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2017-0503
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0502 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2017-0502
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0501 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2017-0501
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0500 (An elevation of privilege vulnerability in MediaTek components, ...)
+CVE-2017-0500
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0499 (A denial of service vulnerability in Audioserver could enable a local ...)
+CVE-2017-0499
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0498 (A denial of service vulnerability in Setup Wizard could allow a local ...)
+CVE-2017-0498
 	NOT-FOR-US: Android
-CVE-2017-0497 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0497
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0496 (A denial of service vulnerability in Setup Wizard could allow a local ...)
+CVE-2017-0496
 	NOT-FOR-US: Android
-CVE-2017-0495 (An information disclosure vulnerability in Mediaserver could enable a ...)
+CVE-2017-0495
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0494 (An information disclosure vulnerability in AOSP Messaging could enable ...)
+CVE-2017-0494
 	NOT-FOR-US: Android
-CVE-2017-0493 (An information disclosure vulnerability in File-Based Encryption could ...)
+CVE-2017-0493
 	NOT-FOR-US: Android
-CVE-2017-0492 (An elevation of privilege vulnerability in the System UI could enable ...)
+CVE-2017-0492
 	NOT-FOR-US: Android
-CVE-2017-0491 (An elevation of privilege vulnerability in Package Manager could ...)
+CVE-2017-0491
 	NOT-FOR-US: Android
-CVE-2017-0490 (An elevation of privilege vulnerability in Wi-Fi could enable a local ...)
+CVE-2017-0490
 	NOT-FOR-US: Android
-CVE-2017-0489 (An elevation of privilege vulnerability in Location Manager could ...)
+CVE-2017-0489
 	NOT-FOR-US: Android
-CVE-2017-0488 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0488
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0487 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0487
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0486 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0486
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0485 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0485
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0484 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0484
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0483 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0483
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0482 (A denial of service vulnerability in Mediaserver could enable an ...)
+CVE-2017-0482
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0481 (An elevation of privilege vulnerability in NFC could enable a ...)
+CVE-2017-0481
 	NOT-FOR-US: Android
-CVE-2017-0480 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0480
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0479 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0479
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0478 (A remote code execution vulnerability in the Framesequence library ...)
+CVE-2017-0478
 	NOT-FOR-US: Framesequence library
-CVE-2017-0477 (A remote code execution vulnerability in libgdx could enable an ...)
+CVE-2017-0477
 	- libgdx <itp> (bug #686673)
-CVE-2017-0476 (A remote code execution vulnerability in AOSP Messaging could enable ...)
+CVE-2017-0476
 	NOT-FOR-US: Android
-CVE-2017-0475 (An elevation of privilege vulnerability in the recovery verifier could ...)
+CVE-2017-0475
 	NOT-FOR-US: Android
-CVE-2017-0474 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0474
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0473 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0473
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0472 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0472
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0471 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0471
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0470 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0470
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0469 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0469
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0468 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0468
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0467 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0467
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0466 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0466
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0465 (An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver ...)
+CVE-2017-0465
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0464 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0464
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0463 (An elevation of privilege vulnerability in the Qualcomm networking ...)
+CVE-2017-0463
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0462 (An elevation of privilege vulnerability in the Qualcomm Seemp driver ...)
+CVE-2017-0462
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0461 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0461
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0460 (An elevation of privilege vulnerability in the Qualcomm networking ...)
+CVE-2017-0460
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0459 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0459
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0458 (An elevation of privilege vulnerability in the Qualcomm camera driver ...)
+CVE-2017-0458
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0457 (An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver ...)
+CVE-2017-0457
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0456 (An elevation of privilege vulnerability in the Qualcomm IPA driver ...)
+CVE-2017-0456
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0455 (An information disclosure vulnerability in the Qualcomm bootloader ...)
+CVE-2017-0455
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0454 (An elevation of privilege vulnerability in the Qualcomm audio driver ...)
+CVE-2017-0454
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0453 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0453
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0452 (An information disclosure vulnerability in the Qualcomm camera driver ...)
+CVE-2017-0452
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0451 (An information disclosure vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0451
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0450 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0450
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0449 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0449
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0448 (An information disclosure vulnerability in the NVIDIA video driver ...)
+CVE-2017-0448
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0447 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
+CVE-2017-0447
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0446 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
+CVE-2017-0446
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0445 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
+CVE-2017-0445
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0444 (An elevation of privilege vulnerability in the Realtek sound driver ...)
+CVE-2017-0444
 	NOT-FOR-US: Realtek driver for Android
-CVE-2017-0443 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0443
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0442 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0442
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0441 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0441
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0440 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0440
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0439 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0439
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0438 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0438
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0437 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
+CVE-2017-0437
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0436 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0436
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0435 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
+CVE-2017-0435
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0434 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2017-0434
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0433 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
+CVE-2017-0433
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0432 (An elevation of privilege vulnerability in the MediaTek driver could ...)
+CVE-2017-0432
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0431 (An elevation of privilege vulnerability in Qualcomm closed source ...)
+CVE-2017-0431
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-0430 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
+CVE-2017-0430
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0429 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0429
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0428 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0428
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0427 (An elevation of privilege vulnerability in the kernel file system ...)
+CVE-2017-0427
 	NOT-FOR-US: Unspecified Android filesystem, apparently not in mainline
 	NOTE: https://source.android.com/security/bulletin/2017-02-01.html
 	NOTE: Android bulletin lists all recent devices as affected.
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2017-0426 (An information disclosure vulnerability in the Filesystem could enable ...)
+CVE-2017-0426
 	NOT-FOR-US: Android filesystem layout
-CVE-2017-0425 (An information disclosure vulnerability in Audioserver could enable a ...)
+CVE-2017-0425
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0424 (An information disclosure vulnerability in AOSP Messaging could enable ...)
+CVE-2017-0424
 	NOT-FOR-US: Android
-CVE-2017-0423 (An elevation of privilege vulnerability in Bluetooth could enable a ...)
+CVE-2017-0423
 	NOT-FOR-US: Android
-CVE-2017-0422 (A denial of service vulnerability in Bionic DNS could enable a remote ...)
+CVE-2017-0422
 	NOT-FOR-US: Android
-CVE-2017-0421 (An information disclosure vulnerability in the Framework APIs could ...)
+CVE-2017-0421
 	NOT-FOR-US: Android
-CVE-2017-0420 (An information disclosure vulnerability in AOSP Mail could enable a ...)
+CVE-2017-0420
 	NOT-FOR-US: Android
-CVE-2017-0419 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0419
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0418 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0418
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0417 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0417
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0416 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0416
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0415 (An elevation of privilege vulnerability in Mediaserver could enable a ...)
+CVE-2017-0415
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0414 (An information disclosure vulnerability in AOSP Messaging could enable ...)
+CVE-2017-0414
 	NOT-FOR-US: Android
-CVE-2017-0413 (An information disclosure vulnerability in AOSP Messaging could enable ...)
+CVE-2017-0413
 	NOT-FOR-US: Android
-CVE-2017-0412 (An elevation of privilege vulnerability in the Framework APIs could ...)
+CVE-2017-0412
 	NOT-FOR-US: Android
-CVE-2017-0411 (An elevation of privilege vulnerability in the Framework APIs could ...)
+CVE-2017-0411
 	NOT-FOR-US: Android
-CVE-2017-0410 (An elevation of privilege vulnerability in the Framework APIs could ...)
+CVE-2017-0410
 	NOT-FOR-US: Android
-CVE-2017-0409 (A remote code execution vulnerability in libstagefright could enable ...)
+CVE-2017-0409
 	NOT-FOR-US: libstagefright
-CVE-2017-0408 (A remote code execution vulnerability in libgdx could enable an ...)
+CVE-2017-0408
 	- libgdx <itp> (bug #686673)
-CVE-2017-0407 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0407
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0406 (A remote code execution vulnerability in Mediaserver could enable an ...)
+CVE-2017-0406
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0405 (A remote code execution vulnerability in Surfaceflinger could enable ...)
+CVE-2017-0405
 	NOT-FOR-US: Android
-CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound subsystem ...)
+CVE-2017-0404
 	- linux <not-affected> (Android-specific sound system)
-CVE-2017-0403 (An elevation of privilege vulnerability in the kernel performance ...)
+CVE-2017-0403
 	- linux <not-affected> (Android-specific performance subsystem)
-CVE-2017-0402 (An information disclosure vulnerability in ...)
+CVE-2017-0402
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0401 (An information disclosure vulnerability in ...)
+CVE-2017-0401
 	NOT-FOR-US: Android Qualcomm audio post processor
-CVE-2017-0400 (An information disclosure vulnerability in ...)
+CVE-2017-0400
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0399 (An information disclosure vulnerability in ...)
+CVE-2017-0399
 	NOT-FOR-US: Android Qualcomm audio post processor
-CVE-2017-0398 (An information disclosure vulnerability in Audioserver could enable a ...)
+CVE-2017-0398
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0397 (An information disclosure vulnerability in id3/ID3.cpp in ...)
+CVE-2017-0397
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0396 (An information disclosure vulnerability in ...)
+CVE-2017-0396
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0395 (An elevation of privilege vulnerability in Contacts could enable a ...)
+CVE-2017-0395
 	NOT-FOR-US: Android Contacts
-CVE-2017-0394 (A denial of service vulnerability in Telephony could enable a remote ...)
+CVE-2017-0394
 	NOT-FOR-US: Android Telephony
-CVE-2017-0393 (A denial of service vulnerability in libvpx in Mediaserver could ...)
+CVE-2017-0393
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minor issue)
 	[wheezy] - libvpx <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: The wheezy source is confirmed (by code inspection) to be vulnerable.
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc
-CVE-2017-0392 (A denial of service vulnerability in VBRISeeker.cpp in libstagefright ...)
+CVE-2017-0392
 	NOT-FOR-US: libstagefright
-CVE-2017-0391 (A denial of service vulnerability in decoder/ihevcd_decode.c in ...)
+CVE-2017-0391
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0390 (A denial of service vulnerability in Tremolo/dpen.s in Mediaserver ...)
+CVE-2017-0390
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0389 (A denial of service vulnerability in core networking could enable a ...)
+CVE-2017-0389
 	NOT-FOR-US: Android
-CVE-2017-0388 (An elevation of privilege vulnerability in the External Storage ...)
+CVE-2017-0388
 	NOT-FOR-US: Android
-CVE-2017-0387 (An elevation of privilege vulnerability in Mediaserver could enable a ...)
+CVE-2017-0387
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0386 (An elevation of privilege vulnerability in the libnl library could ...)
+CVE-2017-0386
 	- libnl3 <not-affected> (Specific to Android's use of libnl)
 	NOTE: https://github.com/thom311/libnl/issues/124
-CVE-2017-0385 (An elevation of privilege vulnerability in Audioserver could enable a ...)
+CVE-2017-0385
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0384 (An elevation of privilege vulnerability in ...)
+CVE-2017-0384
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0383 (An elevation of privilege vulnerability in the Framework APIs could ...)
+CVE-2017-0383
 	NOT-FOR-US: Android
-CVE-2017-0382 (A remote code execution vulnerability in the Framesequence library ...)
+CVE-2017-0382
 	NOT-FOR-US: Android
-CVE-2017-0381 (An information disclosure vulnerability in silk/NLSF_stabilize.c in ...)
+CVE-2017-0381
 	{DLA-793-1}
 	- opus 1.2~alpha2-1 (bug #851612)
 	[jessie] - opus <ignored> (Minor issue, https://bugs.debian.org/851612#10)
 	NOTE: Fixed by: https://github.com/xiph/opus/commit/79e8f527b0344b0897a65be35e77f7885bd99409 (v1.2-alpha)
 	NOTE: https://git.xiph.org/?p=opus.git;a=commitdiff;h=70a3d641b
-CVE-2017-0380 (The rend_service_intro_established function in or/rendservice.c in Tor ...)
+CVE-2017-0380
 	{DSA-3993-1}
 	- tor 0.3.1.7-1 (bug #876221)
 	[jessie] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
 	[wheezy] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
 	NOTE: https://trac.torproject.org/projects/tor/ticket/23490
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=09ea89764a4d3a907808ed7d4fe42abfe64bd486
-CVE-2017-0379 (Libgcrypt before 1.8.1 does not properly consider Curve25519 ...)
+CVE-2017-0379
 	{DSA-3959-1}
 	- libgcrypt20 1.7.9-1 (bug #873383)
 	[jessie] - libgcrypt20 <not-affected> (Vulnerable code not present, no Curve25519 support)
 	- libgcrypt11 <not-affected> (Vulnerable code not present, no Curve25519 support)
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=da780c8183cccc8f533c8ace8211ac2cb2bdee7b
 	NOTE: https://eprint.iacr.org/2017/806
-CVE-2017-0378 (XSS exists in the login_form function in views/helpers.php in Phamm ...)
+CVE-2017-0378
 	- phamm <unfixed> (bug #868988)
 	[stretch] - phamm <no-dsa> (Minor issue)
 	[jessie] - phamm <no-dsa> (Minor issue)
 	[wheezy] - phamm <no-dsa> (Minor issue)
 	NOTE: https://github.com/lota/phamm/issues/21
 	NOTE: https://github.com/lota/phamm/commit/331bdbf0e79632385495fa62e087a6b4cf78857e
-CVE-2017-0377 (Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only ...)
+CVE-2017-0377
 	- tor <not-affected> (Affects only 0.3.x series)
 	NOTE: https://trac.torproject.org/projects/tor/ticket/22753
 	NOTE: https://blog.torproject.org/blog/tor-0309-released-security-update-clients
-CVE-2017-0376 (The hidden-service feature in Tor before 0.3.0.8 allows a denial of ...)
+CVE-2017-0376
 	{DSA-3877-1 DLA-982-1}
 	- tor 0.2.9.11-1 (bug #864424)
 	NOTE: https://trac.torproject.org/22494
 	NOTE: Fixed by: https://gitweb.torproject.org/tor.git/commit/?id=56a7c5bc15e0447203a491c1ee37de9939ad1dcd
 	NOTE: Introduced in 0.2.2.1-alpha; fixed in 0.2.4.29, 0.2.5.14, 0.2.6.12, 0.2.7.8, 0.2.8.14, 0.2.9.11 0.3.0.8, 0.3.1.3-alpha
-CVE-2017-0375 (The hidden-service feature in Tor before 0.3.0.8 allows a denial of ...)
+CVE-2017-0375
 	- tor <not-affected> (Introduced in 0.3.0.1-alpha)
 	NOTE: https://trac.torproject.org/22493
 	NOTE: Fixed by: https://gitweb.torproject.org/tor.git/commit/?id=79b59a2dfcb68897ee89d98587d09e55f07e68d7
 	NOTE: Introduced in 0.3.0.1-alpha; fixed in 0.3.0.8, 0.3.1.3-alpha
-CVE-2017-0374 (lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before ...)
+CVE-2017-0374
 	- libconfig-model-perl 2.097-2
 	[jessie] - libconfig-model-perl <no-dsa> (Minor issue)
 	[wheezy] - libconfig-model-perl <no-dsa> (Minor issue. Perl itself has to fix this and this can not be done easily)
 	NOTE: https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/commit/?h=stretch&id=0de8471e5a8958ad37446dfcd0362a269e3ec573
-CVE-2017-0373 (The gen_class_pod implementation in ...)
+CVE-2017-0373
 	- libconfig-model-perl 2.097-2
 	[jessie] - libconfig-model-perl <no-dsa> (Minor issue)
 	[wheezy] - libconfig-model-perl <not-affected> (Vulnerable code do not exist)
 	NOTE: https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/commit/?h=stretch&id=e7e5dd1a650939a0e021d1d5b311dbb3c4884773
-CVE-2017-0372 (Parameters injection in the SyntaxHighlight extension of Mediawiki ...)
+CVE-2017-0372
 	- mediawiki 1:1.27.3-1 (bug #861585)
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T158689
@@ -49917,825 +49915,825 @@ CVE-2017-0371
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T68404
-CVE-2017-0370 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam ...)
+CVE-2017-0370
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T48143
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0369 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a ...)
+CVE-2017-0369
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T108138
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0368 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making ...)
+CVE-2017-0368
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T156184
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0367 (Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary ...)
+CVE-2017-0367
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://phabricator.wikimedia.org/T161453
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0366 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to ...)
+CVE-2017-0366
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T151735
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0365 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS ...)
+CVE-2017-0365
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T144845
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0364 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where ...)
+CVE-2017-0364
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T122209
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0363 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where ...)
+CVE-2017-0363
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T109140
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0362 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the ...)
+CVE-2017-0362
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T150044
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0361 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information ...)
+CVE-2017-0361
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T125177
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0360 (file_open in Tryton 3.x and 4.x through 4.2.2 allows remote ...)
+CVE-2017-0360
 	{DSA-3826-1 DLA-882-1}
 	- tryton-server 4.2.1-2
 	NOTE: Fixed by: http://hg.tryton.org/trytond?cmd=changeset;node=472510fdc6f8 (4.2.x)
-CVE-2017-0359 (diffoscope before 77 writes to arbitrary locations on disk based on ...)
+CVE-2017-0359
 	- diffoscope 77 (bug #854723)
-CVE-2017-0358 (Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write ...)
+CVE-2017-0358
 	{DSA-3780-1 DLA-815-1}
 	- ntfs-3g 1:2016.2.22AR.1-4
 	NOTE: PoC http://www.openwall.com/lists/oss-security/2017/02/04/1
-CVE-2017-0357 (A heap-overflow flaw exists in the -tr loader of iucode-tool starting ...)
+CVE-2017-0357
 	- iucode-tool 2.1.1-1
 	[jessie] - iucode-tool <not-affected> (Vulnerable code not present)
 	[wheezy] - iucode-tool <not-affected> (Vulnerable code not present)
 	NOTE: https://gitlab.com/iucode-tool/iucode-tool/issues/3
-CVE-2017-0356 (A flaw, similar to to CVE-2016-9646, exists in ikiwiki before ...)
+CVE-2017-0356
 	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20170111
 	NOTE: https://ikiwiki.info/security/#cve-2017-0356
-CVE-2017-0355 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0355
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0354 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0354
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0353 (All versions of the NVIDIA GPU Display Driver contain a vulnerability ...)
+CVE-2017-0353
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0352 (All versions of the NVIDIA GPU Display Driver contain a vulnerability ...)
+CVE-2017-0352
 	- nvidia-graphics-drivers 375.66-1 (bug #863515)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Only affects later driver series)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Only affects later driver series)
-CVE-2017-0351 (All versions of the NVIDIA GPU Display Driver contain a vulnerability ...)
+CVE-2017-0351
 	- nvidia-graphics-drivers 375.66-1 (bug #863515)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Only affects later driver series)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Only affects later driver series)
-CVE-2017-0350 (All versions of the NVIDIA GPU Display Driver contain a vulnerability ...)
+CVE-2017-0350
 	- nvidia-graphics-drivers 375.66-1 (bug #863515)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Only affects later driver series)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Only affects later driver series)
-CVE-2017-0349 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0349
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0348 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0348
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0347 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0347
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0346 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0346
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0345 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0345
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0344 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0344
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0343 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0343
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0342 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0342
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0341 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0341
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0340 (An elevation of privilege vulnerability in the NVIDIA Libnvparser ...)
+CVE-2017-0340
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0339 (An elevation of privilege vulnerability in the NVIDIA crypto driver ...)
+CVE-2017-0339
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0338 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0338
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0337 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0337
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0336 (An information disclosure vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0336
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0335 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0335
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0334 (An information disclosure vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0334
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0333 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0333
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0332 (An elevation of privilege vulnerability in the NVIDIA crypto driver ...)
+CVE-2017-0332
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0331 (An elevation of privilege vulnerability in the NVIDIA video driver ...)
+CVE-2017-0331
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0330 (An information disclosure vulnerability in the NVIDIA crypto driver ...)
+CVE-2017-0330
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0329 (An elevation of privilege vulnerability in the NVIDIA boot and power ...)
+CVE-2017-0329
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0328 (An information disclosure vulnerability in the NVIDIA crypto driver ...)
+CVE-2017-0328
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0327 (An elevation of privilege vulnerability in the NVIDIA crypto driver ...)
+CVE-2017-0327
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0326 (An information disclosure vulnerability in the NVIDIA Video Driver due ...)
+CVE-2017-0326
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0325 (An elevation of privilege vulnerability in the NVIDIA I2C HID driver ...)
+CVE-2017-0325
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0324 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0324
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0323 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0323
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0322 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0322
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0321 (All versions of NVIDIA GPU Display Driver contain a vulnerability in ...)
+CVE-2017-0321
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0320 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0320
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0319 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0319
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0318 (All versions of NVIDIA Linux GPU Display Driver contain a ...)
+CVE-2017-0318
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0317 (All versions of NVIDIA GPU and GeForce Experience installer contain a ...)
+CVE-2017-0317
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0316 (In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer ...)
+CVE-2017-0316
 	NOT-FOR-US: NVIDIA Installer Framework
-CVE-2017-0315 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0315
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0314 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0314
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0313 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0313
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0312 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0312
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0311 (NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel ...)
+CVE-2017-0311
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0310 (All versions of NVIDIA GPU Display Driver contain a vulnerability in ...)
+CVE-2017-0310
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0309 (All versions of NVIDIA GPU Display Driver contain a vulnerability in ...)
+CVE-2017-0309
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0308 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
+CVE-2017-0308
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0307 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0307
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0306 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
+CVE-2017-0306
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0305 (F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an ...)
+CVE-2017-0305
 	NOT-FOR-US: F5
-CVE-2017-0304 (A SQL injection vulnerability exists in the BIG-IP AFM management UI ...)
+CVE-2017-0304
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-0303 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link ...)
+CVE-2017-0303
 	NOT-FOR-US: F5
-CVE-2017-0302 (In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated ...)
+CVE-2017-0302
 	NOT-FOR-US: F5
-CVE-2017-0301 (In F5 BIG-IP APM software versions 11.5.0, 11.5.1, 11.5.2, 11.5.3, ...)
+CVE-2017-0301
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-1000245 (The SSH Plugin stores credentials which allow jobs to access remote ...)
+CVE-2017-1000245
 	NOT-FOR-US: Jenkins SSH plugin
-CVE-2017-0300 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-0300
 	NOT-FOR-US: Microsoft
-CVE-2017-0299 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-0299
 	NOT-FOR-US: Microsoft
-CVE-2017-0298 (A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and ...)
+CVE-2017-0298
 	NOT-FOR-US: Microsoft
-CVE-2017-0297 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, ...)
+CVE-2017-0297
 	NOT-FOR-US: Microsoft
-CVE-2017-0296 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-0296
 	NOT-FOR-US: Microsoft
-CVE-2017-0295 (Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an ...)
+CVE-2017-0295
 	NOT-FOR-US: Microsoft
-CVE-2017-0294 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-0294
 	NOT-FOR-US: Microsoft
-CVE-2017-0293 (Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows ...)
+CVE-2017-0293
 	NOT-FOR-US: Microsoft
-CVE-2017-0292 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
+CVE-2017-0292
 	NOT-FOR-US: Microsoft
-CVE-2017-0291 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
+CVE-2017-0291
 	NOT-FOR-US: Microsoft
-CVE-2017-0290 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
+CVE-2017-0290
 	NOT-FOR-US: Microsoft
-CVE-2017-0289 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-0289
 	NOT-FOR-US: Microsoft
-CVE-2017-0288 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-0288
 	NOT-FOR-US: Microsoft
-CVE-2017-0287 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-0287
 	NOT-FOR-US: Microsoft
-CVE-2017-0286 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+CVE-2017-0286
 	NOT-FOR-US: Microsoft
-CVE-2017-0285 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-0285
 	NOT-FOR-US: Microsoft
-CVE-2017-0284 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-0284
 	NOT-FOR-US: Microsoft
-CVE-2017-0283 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-0283
 	NOT-FOR-US: Microsoft
-CVE-2017-0282 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-0282
 	NOT-FOR-US: Microsoft
-CVE-2017-0281 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+CVE-2017-0281
 	NOT-FOR-US: Microsoft
-CVE-2017-0280 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
+CVE-2017-0280
 	NOT-FOR-US: Microsoft
-CVE-2017-0279 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
+CVE-2017-0279
 	NOT-FOR-US: Microsoft
-CVE-2017-0278 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
+CVE-2017-0278
 	NOT-FOR-US: Microsoft
-CVE-2017-0277 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
+CVE-2017-0277
 	NOT-FOR-US: Microsoft
-CVE-2017-0276 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
+CVE-2017-0276
 	NOT-FOR-US: Microsoft
-CVE-2017-0275 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
+CVE-2017-0275
 	NOT-FOR-US: Microsoft
-CVE-2017-0274 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
+CVE-2017-0274
 	NOT-FOR-US: Microsoft
-CVE-2017-0273 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
+CVE-2017-0273
 	NOT-FOR-US: Microsoft
-CVE-2017-0272 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
+CVE-2017-0272
 	NOT-FOR-US: Microsoft
-CVE-2017-0271 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
+CVE-2017-0271
 	NOT-FOR-US: Microsoft
-CVE-2017-0270 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
+CVE-2017-0270
 	NOT-FOR-US: Microsoft
-CVE-2017-0269 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
+CVE-2017-0269
 	NOT-FOR-US: Microsoft
-CVE-2017-0268 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
+CVE-2017-0268
 	NOT-FOR-US: Microsoft
-CVE-2017-0267 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
+CVE-2017-0267
 	NOT-FOR-US: Microsoft
-CVE-2017-0266 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0266
 	NOT-FOR-US: Microsoft
-CVE-2017-0265 (Microsoft PowerPoint for Mac 2011 allows a remote code execution ...)
+CVE-2017-0265
 	NOT-FOR-US: Microsoft
-CVE-2017-0264 (Microsoft PowerPoint for Mac 2011 allows a remote code execution ...)
+CVE-2017-0264
 	NOT-FOR-US: Microsoft
-CVE-2017-0263 (The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 ...)
+CVE-2017-0263
 	NOT-FOR-US: Microsoft
-CVE-2017-0262 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a ...)
+CVE-2017-0262
 	NOT-FOR-US: Microsoft
-CVE-2017-0261 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a ...)
+CVE-2017-0261
 	NOT-FOR-US: Microsoft
-CVE-2017-0260 (A remote code execution vulnerability exists in Microsoft Office when ...)
+CVE-2017-0260
 	NOT-FOR-US: Microsoft
-CVE-2017-0259 (The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, ...)
+CVE-2017-0259
 	NOT-FOR-US: Microsoft
-CVE-2017-0258 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-0258
 	NOT-FOR-US: Microsoft
 CVE-2017-0257
 	RESERVED
-CVE-2017-0256 (A spoofing vulnerability exists when the ASP.NET Core fails to ...)
+CVE-2017-0256
 	NOT-FOR-US: Microsoft
-CVE-2017-0255 (Microsoft SharePoint Foundation 2013 SP1 allows an elevation of ...)
+CVE-2017-0255
 	NOT-FOR-US: Microsoft
-CVE-2017-0254 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office ...)
+CVE-2017-0254
 	NOT-FOR-US: Microsoft
 CVE-2017-0253
 	RESERVED
-CVE-2017-0252 (A remote code execution vulnerability exists in Microsoft Chakra Core ...)
+CVE-2017-0252
 	NOT-FOR-US: Microsoft
 CVE-2017-0251
 	RESERVED
-CVE-2017-0250 (Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-0250
 	NOT-FOR-US: Microsoft
-CVE-2017-0249 (An elevation of privilege vulnerability exists when the ASP.NET Core ...)
+CVE-2017-0249
 	NOT-FOR-US: Microsoft
-CVE-2017-0248 (Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and ...)
+CVE-2017-0248
 	NOT-FOR-US: Microsoft
-CVE-2017-0247 (A denial of service vulnerability exists when the ASP.NET Core fails ...)
+CVE-2017-0247
 	NOT-FOR-US: Microsoft
-CVE-2017-0246 (The Graphics Component in the kernel-mode drivers in Windows Server ...)
+CVE-2017-0246
 	NOT-FOR-US: Microsoft
-CVE-2017-0245 (The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-0245
 	NOT-FOR-US: Microsoft
-CVE-2017-0244 (The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 ...)
+CVE-2017-0244
 	NOT-FOR-US: Microsoft
-CVE-2017-0243 (Microsoft Office allows a remote code execution vulnerability due to ...)
+CVE-2017-0243
 	NOT-FOR-US: Microsoft
-CVE-2017-0242 (An information disclosure vulnerability exists in the way some ActiveX ...)
+CVE-2017-0242
 	NOT-FOR-US: Microsoft
-CVE-2017-0241 (An elevation of privilege vulnerability exists when Microsoft Edge ...)
+CVE-2017-0241
 	NOT-FOR-US: Microsoft
-CVE-2017-0240 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0240
 	NOT-FOR-US: Microsoft
 CVE-2017-0239
 	RESERVED
-CVE-2017-0238 (A remote code execution vulnerability exists in Microsoft browsers in ...)
+CVE-2017-0238
 	NOT-FOR-US: Microsoft
 CVE-2017-0237
 	RESERVED
-CVE-2017-0236 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0236
 	NOT-FOR-US: Microsoft
-CVE-2017-0235 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0235
 	NOT-FOR-US: Microsoft
-CVE-2017-0234 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0234
 	NOT-FOR-US: Microsoft
-CVE-2017-0233 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
+CVE-2017-0233
 	NOT-FOR-US: Microsoft
 CVE-2017-0232
 	RESERVED
-CVE-2017-0231 (A spoofing vulnerability exists when Microsoft browsers render ...)
+CVE-2017-0231
 	NOT-FOR-US: Microsoft
-CVE-2017-0230 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0230
 	NOT-FOR-US: Microsoft
-CVE-2017-0229 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0229
 	NOT-FOR-US: Microsoft
-CVE-2017-0228 (A remote code execution vulnerability exists in Microsoft browsers in ...)
+CVE-2017-0228
 	NOT-FOR-US: Microsoft
-CVE-2017-0227 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
+CVE-2017-0227
 	NOT-FOR-US: Microsoft
-CVE-2017-0226 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2017-0226
 	NOT-FOR-US: Microsoft
 CVE-2017-0225
 	RESERVED
-CVE-2017-0224 (A remote code execution vulnerability exists in the way JavaScript ...)
+CVE-2017-0224
 	NOT-FOR-US: Microsoft
-CVE-2017-0223 (A remote code execution vulnerability exists in Microsoft Chakra Core ...)
+CVE-2017-0223
 	NOT-FOR-US: Microsoft
-CVE-2017-0222 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2017-0222
 	NOT-FOR-US: Microsoft
-CVE-2017-0221 (A vulnerability exists when Microsoft Edge improperly accesses objects ...)
+CVE-2017-0221
 	NOT-FOR-US: Microsoft
-CVE-2017-0220 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-0220
 	NOT-FOR-US: Microsoft
-CVE-2017-0219 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...)
+CVE-2017-0219
 	NOT-FOR-US: Microsoft
-CVE-2017-0218 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...)
+CVE-2017-0218
 	NOT-FOR-US: Microsoft
 CVE-2017-0217
 	RESERVED
-CVE-2017-0216 (Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 ...)
+CVE-2017-0216
 	NOT-FOR-US: Microsoft
-CVE-2017-0215 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
+CVE-2017-0215
 	NOT-FOR-US: Microsoft
-CVE-2017-0214 (Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+CVE-2017-0214
 	NOT-FOR-US: Microsoft
-CVE-2017-0213 (Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 ...)
+CVE-2017-0213
 	NOT-FOR-US: Microsoft
-CVE-2017-0212 (Windows Hyper-V allows an elevation of privilege vulnerability when ...)
+CVE-2017-0212
 	NOT-FOR-US: Microsoft
-CVE-2017-0211 (An elevation of privilege vulnerability exists in Windows 10, Windows ...)
+CVE-2017-0211
 	NOT-FOR-US: Microsoft
-CVE-2017-0210 (An elevation of privilege vulnerability exists when Internet Explorer ...)
+CVE-2017-0210
 	NOT-FOR-US: Microsoft
 CVE-2017-0209
 	RESERVED
-CVE-2017-0208 (An information disclosure vulnerability exists in Microsoft Edge when ...)
+CVE-2017-0208
 	NOT-FOR-US: Microsoft
-CVE-2017-0207 (Microsoft Outlook for Mac 2011 allows remote attackers to spoof web ...)
+CVE-2017-0207
 	NOT-FOR-US: Microsoft
 CVE-2017-0206
 	RESERVED
-CVE-2017-0205 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2017-0205
 	NOT-FOR-US: Microsoft
-CVE-2017-0204 (Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft ...)
+CVE-2017-0204
 	NOT-FOR-US: Microsoft
-CVE-2017-0203 (A vulnerability exists in Microsoft Edge when the Edge Content ...)
+CVE-2017-0203
 	NOT-FOR-US: Microsoft
-CVE-2017-0202 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2017-0202
 	NOT-FOR-US: Microsoft
-CVE-2017-0201 (A remote code execution vulnerability exists in Internet Explorer in ...)
+CVE-2017-0201
 	NOT-FOR-US: Microsoft
-CVE-2017-0200 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2017-0200
 	NOT-FOR-US: Microsoft
-CVE-2017-0199 (Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office ...)
+CVE-2017-0199
 	NOT-FOR-US: Microsoft
 CVE-2017-0198
 	RESERVED
-CVE-2017-0197 (Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote ...)
+CVE-2017-0197
 	NOT-FOR-US: Microsoft
-CVE-2017-0196 (An information disclosure vulnerability in Microsoft scripting engine ...)
+CVE-2017-0196
 	NOT-FOR-US: Microsoft
-CVE-2017-0195 (Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and ...)
+CVE-2017-0195
 	NOT-FOR-US: Microsoft
-CVE-2017-0194 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office ...)
+CVE-2017-0194
 	NOT-FOR-US: Microsoft
-CVE-2017-0193 (Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-0193
 	NOT-FOR-US: Microsoft
-CVE-2017-0192 (The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows ...)
+CVE-2017-0192
 	NOT-FOR-US: Microsoft
-CVE-2017-0191 (A denial of service vulnerability exists in the way that Windows 7, ...)
+CVE-2017-0191
 	NOT-FOR-US: Microsoft
-CVE-2017-0190 (The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-0190
 	NOT-FOR-US: Microsoft
-CVE-2017-0189 (An elevation of privilege vulnerability exists in Windows 10 when the ...)
+CVE-2017-0189
 	NOT-FOR-US: Microsoft
-CVE-2017-0188 (A Win32k information disclosure vulnerability exists in Windows 8.1, ...)
+CVE-2017-0188
 	NOT-FOR-US: Microsoft
 CVE-2017-0187
 	RESERVED
-CVE-2017-0186 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2017-0186
 	NOT-FOR-US: Microsoft
-CVE-2017-0185 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2017-0185
 	NOT-FOR-US: Microsoft
-CVE-2017-0184 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2017-0184
 	NOT-FOR-US: Microsoft
-CVE-2017-0183 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2017-0183
 	NOT-FOR-US: Microsoft
-CVE-2017-0182 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2017-0182
 	NOT-FOR-US: Microsoft
-CVE-2017-0181 (A remote code execution vulnerability exists when Windows Hyper-V ...)
+CVE-2017-0181
 	NOT-FOR-US: Microsoft
-CVE-2017-0180 (A remote code execution vulnerability exists when Windows Hyper-V ...)
+CVE-2017-0180
 	NOT-FOR-US: Microsoft
-CVE-2017-0179 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2017-0179
 	NOT-FOR-US: Microsoft
-CVE-2017-0178 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2017-0178
 	NOT-FOR-US: Microsoft
 CVE-2017-0177
 	RESERVED
-CVE-2017-0176 (A buffer overflow in Smart Card authentication code in gpkcsp.dll in ...)
+CVE-2017-0176
 	NOT-FOR-US: Microsoft
-CVE-2017-0175 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows ...)
+CVE-2017-0175
 	NOT-FOR-US: Microsoft
-CVE-2017-0174 (Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+CVE-2017-0174
 	NOT-FOR-US: Microsoft
-CVE-2017-0173 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
+CVE-2017-0173
 	NOT-FOR-US: Microsoft
 CVE-2017-0172
 	RESERVED
-CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability when ...)
+CVE-2017-0171
 	NOT-FOR-US: Microsoft
-CVE-2017-0170 (Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2017-0170
 	NOT-FOR-US: Microsoft
-CVE-2017-0169 (An information disclosure vulnerability exists when Windows Hyper-V ...)
+CVE-2017-0169
 	NOT-FOR-US: Microsoft
-CVE-2017-0168 (An information disclosure vulnerability exists when the Windows ...)
+CVE-2017-0168
 	NOT-FOR-US: Microsoft
-CVE-2017-0167 (An information disclosure vulnerability exists in Windows 8.1, Windows ...)
+CVE-2017-0167
 	NOT-FOR-US: Microsoft
-CVE-2017-0166 (An elevation of privilege vulnerability exists in Windows when LDAP ...)
+CVE-2017-0166
 	NOT-FOR-US: Microsoft
-CVE-2017-0165 (An elevation of privilege vulnerability exists when Microsoft Windows ...)
+CVE-2017-0165
 	NOT-FOR-US: Microsoft
-CVE-2017-0164 (A denial of service vulnerability exists in Windows 10 1607 and ...)
+CVE-2017-0164
 	NOT-FOR-US: Microsoft
-CVE-2017-0163 (A remote code execution vulnerability exists when Windows Hyper-V ...)
+CVE-2017-0163
 	NOT-FOR-US: Microsoft
-CVE-2017-0162 (A remote code execution vulnerability exists when Windows Hyper-V ...)
+CVE-2017-0162
 	NOT-FOR-US: Microsoft
-CVE-2017-0161 (The Windows NetBT Session Services component on Microsoft Windows ...)
+CVE-2017-0161
 	NOT-FOR-US: Microsoft
-CVE-2017-0160 (Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 ...)
+CVE-2017-0160
 	NOT-FOR-US: Microsoft
-CVE-2017-0159 (A security feature bypass vulnerability exists in Windows 10 1607, ...)
+CVE-2017-0159
 	NOT-FOR-US: Microsoft
-CVE-2017-0158 (An elevation of privilege vulnerability exists when Microsoft Windows ...)
+CVE-2017-0158
 	NOT-FOR-US: Microsoft
 CVE-2017-0157
 	RESERVED
-CVE-2017-0156 (An elevation of privilege vulnerability exists in Windows 7, Windows ...)
+CVE-2017-0156
 	NOT-FOR-US: Microsoft
-CVE-2017-0155 (The Graphics component in the kernel in Microsoft Windows Vista SP2; ...)
+CVE-2017-0155
 	NOT-FOR-US: Microsoft
-CVE-2017-0154 (Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and ...)
+CVE-2017-0154
 	NOT-FOR-US: Microsoft
 CVE-2017-0153
 	RESERVED
-CVE-2017-0152 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0152
 	NOT-FOR-US: Microsoft
-CVE-2017-0151 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0151
 	NOT-FOR-US: Microsoft
-CVE-2017-0150 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0150
 	NOT-FOR-US: Microsoft
-CVE-2017-0149 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+CVE-2017-0149
 	NOT-FOR-US: Microsoft
-CVE-2017-0148 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+CVE-2017-0148
 	NOT-FOR-US: Microsoft
-CVE-2017-0147 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+CVE-2017-0147
 	NOT-FOR-US: Microsoft
-CVE-2017-0146 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+CVE-2017-0146
 	NOT-FOR-US: Microsoft
-CVE-2017-0145 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+CVE-2017-0145
 	NOT-FOR-US: Microsoft
-CVE-2017-0144 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+CVE-2017-0144
 	NOT-FOR-US: Microsoft
-CVE-2017-0143 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+CVE-2017-0143
 	NOT-FOR-US: Microsoft
 CVE-2017-0142
 	RESERVED
-CVE-2017-0141 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0141
 	NOT-FOR-US: Microsoft
-CVE-2017-0140 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+CVE-2017-0140
 	NOT-FOR-US: Microsoft
 CVE-2017-0139
 	RESERVED
-CVE-2017-0138 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0138
 	NOT-FOR-US: Microsoft
-CVE-2017-0137 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0137
 	NOT-FOR-US: Microsoft
-CVE-2017-0136 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0136
 	NOT-FOR-US: Microsoft
-CVE-2017-0135 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+CVE-2017-0135
 	NOT-FOR-US: Microsoft
-CVE-2017-0134 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0134
 	NOT-FOR-US: Microsoft
-CVE-2017-0133 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0133
 	NOT-FOR-US: Microsoft
-CVE-2017-0132 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0132
 	NOT-FOR-US: Microsoft
-CVE-2017-0131 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0131
 	NOT-FOR-US: Microsoft
-CVE-2017-0130 (The scripting engine in Microsoft Internet Explorer 9 through 11 ...)
+CVE-2017-0130
 	NOT-FOR-US: Microsoft
-CVE-2017-0129 (Microsoft Lync for Mac 2011 fails to properly validate certificates, ...)
+CVE-2017-0129
 	NOT-FOR-US: Microsoft
-CVE-2017-0128 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0128
 	NOT-FOR-US: Microsoft
-CVE-2017-0127 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0127
 	NOT-FOR-US: Microsoft
-CVE-2017-0126 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0126
 	NOT-FOR-US: Microsoft
-CVE-2017-0125 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0125
 	NOT-FOR-US: Microsoft
-CVE-2017-0124 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0124
 	NOT-FOR-US: Microsoft
-CVE-2017-0123 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0123
 	NOT-FOR-US: Microsoft
-CVE-2017-0122 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0122
 	NOT-FOR-US: Microsoft
-CVE-2017-0121 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0121
 	NOT-FOR-US: Microsoft
-CVE-2017-0120 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0120
 	NOT-FOR-US: Microsoft
-CVE-2017-0119 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0119
 	NOT-FOR-US: Microsoft
-CVE-2017-0118 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0118
 	NOT-FOR-US: Microsoft
-CVE-2017-0117 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0117
 	NOT-FOR-US: Microsoft
-CVE-2017-0116 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0116
 	NOT-FOR-US: Microsoft
-CVE-2017-0115 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0115
 	NOT-FOR-US: Microsoft
-CVE-2017-0114 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0114
 	NOT-FOR-US: Microsoft
-CVE-2017-0113 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0113
 	NOT-FOR-US: Microsoft
-CVE-2017-0112 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0112
 	NOT-FOR-US: Microsoft
-CVE-2017-0111 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0111
 	NOT-FOR-US: Microsoft
-CVE-2017-0110 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Outlook ...)
+CVE-2017-0110
 	NOT-FOR-US: Microsoft
-CVE-2017-0109 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2017-0109
 	NOT-FOR-US: Microsoft
-CVE-2017-0108 (The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; ...)
+CVE-2017-0108
 	NOT-FOR-US: Microsoft
-CVE-2017-0107 (Microsoft SharePoint Server fails to sanitize crafted web requests, ...)
+CVE-2017-0107
 	NOT-FOR-US: Microsoft
-CVE-2017-0106 (Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft ...)
+CVE-2017-0106
 	NOT-FOR-US: Microsoft
-CVE-2017-0105 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+CVE-2017-0105
 	NOT-FOR-US: Microsoft
-CVE-2017-0104 (The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, ...)
+CVE-2017-0104
 	NOT-FOR-US: Microsoft
-CVE-2017-0103 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+CVE-2017-0103
 	NOT-FOR-US: Microsoft
-CVE-2017-0102 (Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 ...)
+CVE-2017-0102
 	NOT-FOR-US: Microsoft
-CVE-2017-0101 (The kernel-mode drivers in Transaction Manager in Microsoft Windows ...)
+CVE-2017-0101
 	NOT-FOR-US: Microsoft
-CVE-2017-0100 (A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows ...)
+CVE-2017-0100
 	NOT-FOR-US: Microsoft
-CVE-2017-0099 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2017-0099
 	NOT-FOR-US: Microsoft
-CVE-2017-0098 (Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows ...)
+CVE-2017-0098
 	NOT-FOR-US: Microsoft
-CVE-2017-0097 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2017-0097
 	NOT-FOR-US: Microsoft
-CVE-2017-0096 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2017-0096
 	NOT-FOR-US: Microsoft
-CVE-2017-0095 (Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows ...)
+CVE-2017-0095
 	NOT-FOR-US: Microsoft
-CVE-2017-0094 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0094
 	NOT-FOR-US: Microsoft
-CVE-2017-0093 (A remote code execution vulnerability in Microsoft Edge exists in the ...)
+CVE-2017-0093
 	NOT-FOR-US: Microsoft
-CVE-2017-0092 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0092
 	NOT-FOR-US: Microsoft
-CVE-2017-0091 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0091
 	NOT-FOR-US: Microsoft
-CVE-2017-0090 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0090
 	NOT-FOR-US: Microsoft
-CVE-2017-0089 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0089
 	NOT-FOR-US: Microsoft
-CVE-2017-0088 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0088
 	NOT-FOR-US: Microsoft
-CVE-2017-0087 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0087
 	NOT-FOR-US: Microsoft
-CVE-2017-0086 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0086
 	NOT-FOR-US: Microsoft
-CVE-2017-0085 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0085
 	NOT-FOR-US: Microsoft
-CVE-2017-0084 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0084
 	NOT-FOR-US: Microsoft
-CVE-2017-0083 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0083
 	NOT-FOR-US: Microsoft
-CVE-2017-0082 (The kernel-mode drivers in Microsoft Windows 10 Gold and 1511 allow ...)
+CVE-2017-0082
 	NOT-FOR-US: Microsoft
-CVE-2017-0081 (The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 ...)
+CVE-2017-0081
 	NOT-FOR-US: Microsoft
-CVE-2017-0080 (The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 ...)
+CVE-2017-0080
 	NOT-FOR-US: Microsoft
-CVE-2017-0079 (The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; ...)
+CVE-2017-0079
 	NOT-FOR-US: Microsoft
-CVE-2017-0078 (The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 ...)
+CVE-2017-0078
 	NOT-FOR-US: Microsoft
-CVE-2017-0077 (The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2017-0077
 	NOT-FOR-US: Microsoft
-CVE-2017-0076 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2017-0076
 	NOT-FOR-US: Microsoft
-CVE-2017-0075 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2017-0075
 	NOT-FOR-US: Microsoft
-CVE-2017-0074 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+CVE-2017-0074
 	NOT-FOR-US: Microsoft
-CVE-2017-0073 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+CVE-2017-0073
 	NOT-FOR-US: Microsoft
-CVE-2017-0072 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+CVE-2017-0072
 	NOT-FOR-US: Microsoft
-CVE-2017-0071 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0071
 	NOT-FOR-US: Microsoft
-CVE-2017-0070 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0070
 	NOT-FOR-US: Microsoft
-CVE-2017-0069 (Microsoft Edge allows remote attackers to spoof web content via a ...)
+CVE-2017-0069
 	NOT-FOR-US: Microsoft
-CVE-2017-0068 (Browsers in Microsoft Edge allow remote attackers to obtain sensitive ...)
+CVE-2017-0068
 	NOT-FOR-US: Microsoft
-CVE-2017-0067 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0067
 	NOT-FOR-US: Microsoft
-CVE-2017-0066 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+CVE-2017-0066
 	NOT-FOR-US: Microsoft
-CVE-2017-0065 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
+CVE-2017-0065
 	NOT-FOR-US: Microsoft
-CVE-2017-0064 (A security feature bypass vulnerability exists in Internet Explorer ...)
+CVE-2017-0064
 	NOT-FOR-US: Microsoft
-CVE-2017-0063 (The Color Management Module (ICM32.dll) memory handling functionality ...)
+CVE-2017-0063
 	NOT-FOR-US: Microsoft
-CVE-2017-0062 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+CVE-2017-0062
 	NOT-FOR-US: Microsoft
-CVE-2017-0061 (The Color Management Module (ICM32.dll) memory handling functionality ...)
+CVE-2017-0061
 	NOT-FOR-US: Microsoft
-CVE-2017-0060 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+CVE-2017-0060
 	NOT-FOR-US: Microsoft
-CVE-2017-0059 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+CVE-2017-0059
 	NOT-FOR-US: Microsoft
-CVE-2017-0058 (A Win32k information disclosure vulnerability exists in Microsoft ...)
+CVE-2017-0058
 	NOT-FOR-US: Microsoft
-CVE-2017-0057 (DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows ...)
+CVE-2017-0057
 	NOT-FOR-US: Microsoft
-CVE-2017-0056 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
+CVE-2017-0056
 	NOT-FOR-US: Microsoft
-CVE-2017-0055 (Microsoft Internet Information Server (IIS) in Windows Vista SP2; ...)
+CVE-2017-0055
 	NOT-FOR-US: Microsoft
 CVE-2017-0054
 	RESERVED
-CVE-2017-0053 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 ...)
+CVE-2017-0053
 	NOT-FOR-US: Microsoft
-CVE-2017-0052 (Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, ...)
+CVE-2017-0052
 	NOT-FOR-US: Microsoft
-CVE-2017-0051 (Microsoft Windows 10 1607 and Windows Server 2016 allow remote ...)
+CVE-2017-0051
 	NOT-FOR-US: Microsoft
-CVE-2017-0050 (The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 ...)
+CVE-2017-0050
 	NOT-FOR-US: Microsoft
-CVE-2017-0049 (The VBScript engine in Microsoft Internet Explorer 11 allows remote ...)
+CVE-2017-0049
 	NOT-FOR-US: Microsoft
 CVE-2017-0048
 	RESERVED
-CVE-2017-0047 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+CVE-2017-0047
 	NOT-FOR-US: Microsoft
 CVE-2017-0046
 	RESERVED
-CVE-2017-0045 (Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 ...)
+CVE-2017-0045
 	NOT-FOR-US: Microsoft
 CVE-2017-0044
 	RESERVED
-CVE-2017-0043 (Active Directory Federation Services in Microsoft Windows 10 1607, ...)
+CVE-2017-0043
 	NOT-FOR-US: Microsoft
-CVE-2017-0042 (Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; ...)
+CVE-2017-0042
 	NOT-FOR-US: Microsoft
 CVE-2017-0041
 	RESERVED
-CVE-2017-0040 (The scripting engine in Microsoft Internet Explorer 9 through 11 ...)
+CVE-2017-0040
 	NOT-FOR-US: Microsoft
-CVE-2017-0039 (Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link ...)
+CVE-2017-0039
 	NOT-FOR-US: Microsoft
-CVE-2017-0038 (gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows ...)
+CVE-2017-0038
 	NOT-FOR-US: Microsoft
-CVE-2017-0037 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type ...)
+CVE-2017-0037
 	NOT-FOR-US: Microsoft
 CVE-2017-0036
 	RESERVED
-CVE-2017-0035 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0035
 	NOT-FOR-US: Microsoft
-CVE-2017-0034 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2017-0034
 	NOT-FOR-US: Microsoft
-CVE-2017-0033 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2017-0033
 	NOT-FOR-US: Microsoft
-CVE-2017-0032 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0032
 	NOT-FOR-US: Microsoft
-CVE-2017-0031 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 ...)
+CVE-2017-0031
 	NOT-FOR-US: Microsoft
-CVE-2017-0030 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web ...)
+CVE-2017-0030
 	NOT-FOR-US: Microsoft
-CVE-2017-0029 (Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word ...)
+CVE-2017-0029
 	NOT-FOR-US: Microsoft
-CVE-2017-0028 (A remote code execution vulnerability exists when Microsoft scripting ...)
+CVE-2017-0028
 	NOT-FOR-US: Microsoft
-CVE-2017-0027 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel ...)
+CVE-2017-0027
 	NOT-FOR-US: Microsoft
-CVE-2017-0026 (The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 ...)
+CVE-2017-0026
 	NOT-FOR-US: Microsoft
-CVE-2017-0025 (The kernel-mode drivers in Microsoft Windows Vista; Windows Server ...)
+CVE-2017-0025
 	NOT-FOR-US: Microsoft
-CVE-2017-0024 (The kernel-mode drivers in Microsoft Windows 10 1607 and Windows ...)
+CVE-2017-0024
 	NOT-FOR-US: Microsoft
-CVE-2017-0023 (The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 ...)
+CVE-2017-0023
 	NOT-FOR-US: Microsoft
-CVE-2017-0022 (Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and ...)
+CVE-2017-0022
 	NOT-FOR-US: Microsoft
-CVE-2017-0021 (Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not ...)
+CVE-2017-0021
 	NOT-FOR-US: Microsoft
-CVE-2017-0020 (Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office ...)
+CVE-2017-0020
 	NOT-FOR-US: Microsoft
-CVE-2017-0019 (Microsoft Word 2016 allows remote attackers to execute arbitrary code ...)
+CVE-2017-0019
 	NOT-FOR-US: Microsoft
-CVE-2017-0018 (Microsoft Internet Explorer 10 and 11 allow remote attackers to ...)
+CVE-2017-0018
 	NOT-FOR-US: Microsoft
-CVE-2017-0017 (The RegEx class in the XSS filter in Microsoft Edge allows remote ...)
+CVE-2017-0017
 	NOT-FOR-US: Microsoft
-CVE-2017-0016 (Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT ...)
+CVE-2017-0016
 	NOT-FOR-US: Microsoft
-CVE-2017-0015 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0015
 	NOT-FOR-US: Microsoft
-CVE-2017-0014 (The Windows Graphics Component in Microsoft Office 2010 SP2; Windows ...)
+CVE-2017-0014
 	NOT-FOR-US: Microsoft
 CVE-2017-0013
 	RESERVED
-CVE-2017-0012 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+CVE-2017-0012
 	NOT-FOR-US: Microsoft
-CVE-2017-0011 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
+CVE-2017-0011
 	NOT-FOR-US: Microsoft
-CVE-2017-0010 (A remote code execution vulnerability exists in the way affected ...)
+CVE-2017-0010
 	NOT-FOR-US: Microsoft
-CVE-2017-0009 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+CVE-2017-0009
 	NOT-FOR-US: Microsoft
-CVE-2017-0008 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+CVE-2017-0008
 	NOT-FOR-US: Microsoft
-CVE-2017-0007 (Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows ...)
+CVE-2017-0007
 	NOT-FOR-US: Microsoft
-CVE-2017-0006 (Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, ...)
+CVE-2017-0006
 	NOT-FOR-US: Microsoft
-CVE-2017-0005 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+CVE-2017-0005
 	NOT-FOR-US: Microsoft
-CVE-2017-0004 (The Local Security Authority Subsystem Service (LSASS) in Microsoft ...)
+CVE-2017-0004
 	NOT-FOR-US: Microsoft
-CVE-2017-0003 (Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote ...)
+CVE-2017-0003
 	NOT-FOR-US: Microsoft
-CVE-2017-0002 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+CVE-2017-0002
 	NOT-FOR-US: Microsoft
-CVE-2017-0001 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+CVE-2017-0001
 	NOT-FOR-US: Microsoft
-CVE-2017-7443 (apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP ...)
+CVE-2017-7443
 	{DLA-873-1}
 	- apt-cacher-ng 3-1 (bug #858833)
 	[buster] - apt-cacher-ng 2-2
@@ -50746,7 +50744,7 @@ CVE-2017-7443 (apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP
 	[buster] - apt-cacher 1.7.13+deb9u1
 	[stretch] - apt-cacher 1.7.13+deb9u1
 	[jessie] - apt-cacher 1.7.10+deb8u1
-CVE-2017-6100 (tcpdf before 6.2.0 uploads files from the server generating PDF-files ...)
+CVE-2017-6100
 	- tcpdf 6.2.12+dfsg2-1 (bug #814030)
 	[jessie] - tcpdf 6.0.093+dfsg-1+deb8u1
 	NOTE: https://sourceforge.net/p/tcpdf/bugs/1005/
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 598beec564..e3e5eb7935 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -1,20 +1,20 @@
-CVE-2018-20814 (An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse ...)
+CVE-2018-20814
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20813 (An input validation issue has been found with login_meeting.cgi in ...)
+CVE-2018-20813
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20812 (An information exposure issue where IPv6 DNS traffic would be sent ...)
+CVE-2018-20812
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20811 (A hidden RPC service issue was found with Pulse Secure Pulse Connect ...)
+CVE-2018-20811
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20810 (Session data between cluster nodes during cluster synchronization is ...)
+CVE-2018-20810
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20809 (A crafted message can cause the web server to crash with Pulse Secure ...)
+CVE-2018-20809
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20808 (An XSS issue has been found with rd.cgi in Pulse Secure Pulse Connect ...)
+CVE-2018-20808
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20807 (An XSS issue has been found in welcome.cgi in Pulse Secure Pulse ...)
+CVE-2018-20807
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20806 (Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the ...)
+CVE-2018-20806
 	- phamm <unfixed> (bug #924731)
 	NOTE: https://github.com/lota/phamm/issues/24
 CVE-2018-20805
@@ -25,9 +25,9 @@ CVE-2018-20803
 	RESERVED
 CVE-2018-20802
 	RESERVED
-CVE-2018-20801 (In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of ...)
+CVE-2018-20801
 	NOT-FOR-US: Highcharts JS
-CVE-2018-20800 (An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and ...)
+CVE-2018-20800
 	- otrs2 6.0.14-1
 	[jessie] - otrs2 <not-affected> (Vulnerable code not present)
 	NOTE: https://community.otrs.com/security-advisory-2018-10-security-update-for-otrs-framework/
@@ -35,40 +35,40 @@ CVE-2018-20800 (An issue was discovered in Open Ticket Request System (OTRS) 5.0
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/7d3c56d5b9bb38207695dae174dbba89a132e7b9
 	NOTE: For upstream versions only did affect OTRS 6.0.13 and OTRS 5.0.31.
 	TODO: check, if for the older series broken patches were backported and thus as well affected
-CVE-2018-20799 (In pfSense 2.4.4_1, blocking of source IP addresses on the basis of ...)
+CVE-2018-20799
 	NOT-FOR-US: pfSense
-CVE-2018-20798 (The expiretable configuration in pfSense 2.4.4_1 establishes block ...)
+CVE-2018-20798
 	NOT-FOR-US: pfSense
-CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted ...)
+CVE-2018-20797
 	- libpodofo <unfixed> (low; bug #923415)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/tickets/34/
-CVE-2018-20796 (In the GNU C Library (aka glibc or libc6) through 2.29, ...)
+CVE-2018-20796
 	- glibc <unfixed> (unimportant)
 	- eglibc <removed> (unimportant)
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
 	NOTE: https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
 	NOTE: No treated as vulnerability: https://sourceware.org/glibc/wiki/Security%20Exceptions
-CVE-2018-20795 (tecrail Responsive FileManager 9.13.4 allows remote attackers to read ...)
+CVE-2018-20795
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20794 (tecrail Responsive FileManager 9.13.4 allows remote attackers to write ...)
+CVE-2018-20794
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20793 (tecrail Responsive FileManager 9.13.4 allows remote attackers to write ...)
+CVE-2018-20793
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20792 (tecrail Responsive FileManager 9.13.4 allows remote attackers to read ...)
+CVE-2018-20792
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20791 (tecrail Responsive FileManager 9.13.4 allows XSS via a media file ...)
+CVE-2018-20791
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20790 (tecrail Responsive FileManager 9.13.4 allows remote attackers to delete ...)
+CVE-2018-20790
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20789 (tecrail Responsive FileManager 9.13.4 allows remote attackers to delete ...)
+CVE-2018-20789
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20788 (drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels ...)
+CVE-2018-20788
 	NOT-FOR-US: led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone
-CVE-2018-20787 (The ft5x46 touchscreen driver for custom Linux kernels on the Xiaomi ...)
+CVE-2018-20787
 	NOT-FOR-US: touchscreen driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device
-CVE-2018-20786 (libvterm through 0+bzr726, as used in Vim and other products, ...)
+CVE-2018-20786
 	- vim 2:8.1.0693-1 (unimportant)
 	[stretch] - vim <not-affected> (Vulnerable code introduced later)
 	[jessie] - vim <not-affected> (Vulnerable code introduced later)
@@ -77,14 +77,14 @@ CVE-2018-20786 (libvterm through 0+bzr726, as used in Vim and other products, ..
 	NOTE: Fixed by: https://github.com/vim/vim/commit/cd929f7ba8cc5b6d6dcf35c8b34124e969fed6b8 (v8.1.0633)
 	NOTE: MISC:https://github.com/vim/vim/issues/3711
 	NOTE: No security impact
-CVE-2018-20785 (Secure boot bypass and memory extraction can be achieved on Neato ...)
+CVE-2018-20785
 	NOT-FOR-US: Neato
-CVE-2018-20784 (In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf ...)
+CVE-2018-20784
 	- linux 4.19.16-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/c40f7d74c741a907cfaeb73a7697081881c497d0
-CVE-2018-20783 (In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x ...)
+CVE-2018-20783
 	{DSA-4353-1 DLA-1608-1}
 	- php7.3 7.3.0-1
 	- php7.0 <removed>
@@ -95,70 +95,70 @@ CVE-2018-1002161 [SQL injection in multiple remote calls]
 	- koji 1.16.2-1 (bug #922922)
 	NOTE: https://docs.pagure.org/koji/CVE-2018-1002161/
 	NOTE: https://pagure.io/koji/issue/1183
-CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. ...)
+CVE-2018-20782
 	NOT-FOR-US: WooCommerce plugin
-CVE-2018-20781 (In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's ...)
+CVE-2018-20781
 	- gnome-keyring 3.28.0-1 (unimportant)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781486
 	NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
 	NOTE: Not a vulnerability, just a hardening patch
-CVE-2018-20780 (Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka ...)
+CVE-2018-20780
 	NOT-FOR-US: Traq
-CVE-2018-20779 (Traq 3.7.1 allows SQL Injection via a tickets?search= URI. ...)
+CVE-2018-20779
 	NOT-FOR-US: Traq
-CVE-2018-20778 (admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a ...)
+CVE-2018-20778
 	NOT-FOR-US: Frog CMS
-CVE-2018-20777 (Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. ...)
+CVE-2018-20777
 	NOT-FOR-US: Frog CMS
-CVE-2018-20776 (Frog CMS 0.9.5 provides a directory listing for a /public request. ...)
+CVE-2018-20776
 	NOT-FOR-US: Frog CMS
-CVE-2018-20775 (admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution ...)
+CVE-2018-20775
 	NOT-FOR-US: Frog CMS
-CVE-2018-20774 (Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field. ...)
+CVE-2018-20774
 	NOT-FOR-US: Frog CMS
-CVE-2018-20773 (Frog CMS 0.9.5 allows PHP code execution by visiting ...)
+CVE-2018-20773
 	NOT-FOR-US: Frog CMS
-CVE-2018-20772 (Frog CMS 0.9.5 allows PHP code execution via &lt;?php to the ...)
+CVE-2018-20772
 	NOT-FOR-US: Frog CMS
-CVE-2018-20771 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, ...)
+CVE-2018-20771
 	NOT-FOR-US: Xerox devices
-CVE-2018-20770 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, ...)
+CVE-2018-20770
 	NOT-FOR-US: Xerox devices
-CVE-2018-20769 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, ...)
+CVE-2018-20769
 	NOT-FOR-US: Xerox devices
-CVE-2018-20768 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, ...)
+CVE-2018-20768
 	NOT-FOR-US: Xerox devices
-CVE-2018-20767 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, ...)
+CVE-2018-20767
 	NOT-FOR-US: Xerox devices
 CVE-2018-20766
 	RESERVED
 CVE-2018-20765
 	RESERVED
-CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for ...)
+CVE-2018-20764
 	NOT-FOR-US: BoKS
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1676393
 	NOTE: https://community.helpsystems.com/knowledge-base/fox-technologies/hotfix/515/
 	NOTE: No specific information is provided, but seems caused by BoKS shipping tcpcrypt setuid
-CVE-2018-20763 (In GPAC through 0.7.2, gf_text_get_utf8_line in ...)
+CVE-2018-20763
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
 	NOTE: https://github.com/gpac/gpac/issues/1188
-CVE-2018-20762 (GPAC version 0.7.2 and earlier has a buffer overflow vulnerability in ...)
+CVE-2018-20762
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
 	NOTE: https://github.com/gpac/gpac/issues/1187
-CVE-2018-20761 (GPAC version 0.7.2 and earlier has a Buffer Overflow vulnerability in ...)
+CVE-2018-20761
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
 	NOTE: https://github.com/gpac/gpac/issues/1186
-CVE-2018-20760 (In GPAC 0.7.2, gf_text_get_utf8_line in media_tools/text_import.c in ...)
+CVE-2018-20760
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
@@ -166,27 +166,27 @@ CVE-2018-20760 (In GPAC 0.7.2, gf_text_get_utf8_line in media_tools/text_import.
 	NOTE: https://github.com/gpac/gpac/issues/1177
 CVE-2018-20759
 	RESERVED
-CVE-2018-20758 (MODX Revolution through v2.7.0-pl allows XSS via User Settings such as ...)
+CVE-2018-20758
 	NOT-FOR-US: MODX Revolution
-CVE-2018-20757 (MODX Revolution through v2.7.0-pl allows XSS via an extended user field ...)
+CVE-2018-20757
 	NOT-FOR-US: MODX Revolution
-CVE-2018-20756 (MODX Revolution through v2.7.0-pl allows XSS via a document resource ...)
+CVE-2018-20756
 	NOT-FOR-US: MODX Revolution
-CVE-2018-20755 (MODX Revolution through v2.7.0-pl allows XSS via the User Photo field. ...)
+CVE-2018-20755
 	NOT-FOR-US: MODX Revolution
 CVE-2018-20754
 	RESERVED
-CVE-2018-20753 (Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 ...)
+CVE-2018-20753
 	NOT-FOR-US: Kaseya VSA RMM
-CVE-2018-20752 (An issue was discovered in Recon-ng before 4.9.5. Lack of validation in ...)
+CVE-2018-20752
 	- recon-ng 4.9.5-1
 	NOTE: https://bitbucket.org/LaNMaSteR53/recon-ng/issues/285/csv-injection-vulnerability-identified-in
-CVE-2018-1000999 (Fastnet SA MailCleaner version 2018092601 contains a Command Injection ...)
+CVE-2018-1000999
 	NOT-FOR-US: Fastnet SA MailCleaner
-CVE-2018-1000998 (FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000998
 	- cvsweb 3:3.0.0-1
 	NOTE: https://www.kvakil.me/posts/cvsweb/
-CVE-2018-20751 (An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF ...)
+CVE-2018-20751
 	- libpodofo 0.9.6+dfsg-4
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -196,13 +196,13 @@ CVE-2018-20747
 	RESERVED
 CVE-2018-20746
 	RESERVED
-CVE-2018-20745 (Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into ...)
+CVE-2018-20745
 	- yii <itp> (bug #597899)
-CVE-2018-20744 (The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a ...)
+CVE-2018-20744
 	NOT-FOR-US: Olivier Poitrey Go CORS handler
-CVE-2018-20742 (An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. ...)
+CVE-2018-20742
 	NOT-FOR-US: UC Berkeley RISE Opaque
-CVE-2018-1000997 (A path traversal vulnerability exists in the Stapler web framework ...)
+CVE-2018-1000997
 	NOT-FOR-US: Jenkins
 CVE-2018-20741
 	RESERVED
@@ -216,43 +216,43 @@ CVE-2018-20737
 	RESERVED
 CVE-2018-20736
 	RESERVED
-CVE-2018-20735 (** DISPUTED ** An issue was discovered in BMC PATROL Agent through ...)
+CVE-2018-20735
 	NOT-FOR-US: BMC PATROL Agent
 CVE-2018-20734
 	RESERVED
-CVE-2018-20733 (BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows ...)
+CVE-2018-20733
 	NOT-FOR-US: SAS Web Infrastructure Platform
-CVE-2018-20732 (SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to ...)
+CVE-2018-20732
 	NOT-FOR-US: SAS Web Infrastructure Platform
-CVE-2018-20731 (A stored cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 ...)
+CVE-2018-20731
 	NOT-FOR-US: NeDi
-CVE-2018-20730 (A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to ...)
+CVE-2018-20730
 	NOT-FOR-US: NeDi
-CVE-2018-20729 (A reflected cross site scripting (XSS) vulnerability in NeDi before ...)
+CVE-2018-20729
 	NOT-FOR-US: NeDi
-CVE-2018-20728 (A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 ...)
+CVE-2018-20728
 	NOT-FOR-US: NeDi
-CVE-2018-20727 (Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow ...)
+CVE-2018-20727
 	NOT-FOR-US: NeDi
-CVE-2018-20726 (A cross-site scripting (XSS) vulnerability exists in host.php (via ...)
+CVE-2018-20726
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
 	NOTE: https://github.com/Cacti/cacti/issues/2213
-CVE-2018-20725 (A cross-site scripting (XSS) vulnerability exists in ...)
+CVE-2018-20725
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
 	NOTE: https://github.com/Cacti/cacti/issues/2214
-CVE-2018-20724 (A cross-site scripting (XSS) vulnerability exists in pollers.php in ...)
+CVE-2018-20724
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53
 	NOTE: https://github.com/Cacti/cacti/issues/2212
-CVE-2018-20723 (A cross-site scripting (XSS) vulnerability exists in ...)
+CVE-2018-20723
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
@@ -260,34 +260,34 @@ CVE-2018-20723 (A cross-site scripting (XSS) vulnerability exists in ...)
 	NOTE: https://github.com/Cacti/cacti/issues/2215
 CVE-2018-20722
 	RESERVED
-CVE-2018-20721 (URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds ...)
+CVE-2018-20721
 	{DLA-1682-1}
 	- uriparser 0.9.1-1 (low)
 	[stretch] - uriparser <no-dsa> (Minor issue)
 	NOTE: https://github.com/uriparser/uriparser/commit/cef25028de5ff872c2e1f0a6c562eb3ea9ecbce4
-CVE-2018-20720 (ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and ...)
+CVE-2018-20720
 	NOT-FOR-US: ABB Relion 630 devices
-CVE-2018-20743 (murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple ...)
+CVE-2018-20743
 	{DSA-4402-1 DLA-1661-1}
 	- mumble 1.3.0~git20190114.9fcc588+dfsg-1 (bug #919249)
 	NOTE: https://github.com/mumble-voip/mumble/issues/3505
 	NOTE: https://github.com/mumble-voip/mumble/pull/3510
 	NOTE: https://github.com/mumble-voip/mumble/pull/3512
-CVE-2018-20719 (In Tiki before 17.2, the user task component is vulnerable to a SQL ...)
+CVE-2018-20719
 	- tikiwiki <removed>
-CVE-2018-20718 (In Pydio before 8.2.2, an attack is possible via PHP Object Injection ...)
+CVE-2018-20718
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-20717 (In the orders section of PrestaShop before 1.7.2.5, an attack is ...)
+CVE-2018-20717
 	NOT-FOR-US: PrestaShop
-CVE-2018-20716 (CubeCart before 6.1.13 has SQL Injection via the validate[] parameter ...)
+CVE-2018-20716
 	NOT-FOR-US: CubeCart
-CVE-2018-20715 (The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL ...)
+CVE-2018-20715
 	NOT-FOR-US: OXID eSales
-CVE-2018-20714 (The logging system of the Automattic WooCommerce plugin before 3.4.6 ...)
+CVE-2018-20714
 	NOT-FOR-US: Automattic WooCommerce plugin for WordPress
-CVE-2018-20713 (Shopware before 5.4.3 allows SQL Injection by remote authenticated ...)
+CVE-2018-20713
 	NOT-FOR-US: Shopware
-CVE-2018-20712 (A heap-based buffer over-read exists in the function d_expression_1 in ...)
+CVE-2018-20712
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -295,7 +295,7 @@ CVE-2018-20712 (A heap-based buffer over-read exists in the function d_expressio
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24043
 CVE-2018-20711
 	RESERVED
-CVE-2018-20710 (The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka ...)
+CVE-2018-20710
 	- yaml-cpp <unfixed> (low; bug #919432)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -317,7 +317,7 @@ CVE-2018-20705
 	RESERVED
 CVE-2018-20704
 	RESERVED
-CVE-2018-20703 (CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. ...)
+CVE-2018-20703
 	NOT-FOR-US: CubeCart
 CVE-2018-20702
 	RESERVED
@@ -325,7 +325,7 @@ CVE-2018-20701
 	RESERVED
 CVE-2018-20700
 	RESERVED
-CVE-2018-20699 (Docker Engine before 18.09 allows attackers to cause a denial of ...)
+CVE-2018-20699
 	- docker.io <unfixed> (unimportant)
 	NOTE: https://github.com/docker/engine/pull/70
 	NOTE: https://github.com/moby/moby/pull/37967
@@ -356,16 +356,16 @@ CVE-2018-20687
 	RESERVED
 CVE-2018-20686
 	RESERVED
-CVE-2018-20684 (In WinSCP before 5.14 beta, due to missing validation, the scp ...)
+CVE-2018-20684
 	NOT-FOR-US: WinSCP
-CVE-2018-20685 (In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to ...)
+CVE-2018-20685
 	{DSA-4387-1}
 	- openssh 1:7.9p1-5 (bug #919101)
 	NOTE: https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
-CVE-2018-20682 (Fork CMS 5.0.6 allows stored XSS via the private/en/settings ...)
+CVE-2018-20682
 	NOT-FOR-US: Fork CMS
-CVE-2018-20681 (mate-screensaver before 1.20.2 in MATE Desktop Environment allows ...)
+CVE-2018-20681
 	- mate-screensaver 1.20.2-1 (low)
 	[stretch] - mate-screensaver <no-dsa> (Minor issue)
 	[jessie] - mate-screensaver <not-affected> (Vulnerability only manifests when built against GTK-3.22)
@@ -373,58 +373,58 @@ CVE-2018-20681 (mate-screensaver before 1.20.2 in MATE Desktop Environment allow
 	NOTE: https://github.com/mate-desktop/mate-screensaver/issues/155
 	NOTE: https://github.com/mate-desktop/mate-screensaver/issues/170
 	NOTE: https://github.com/mate-desktop/mate-screensaver/pull/167
-CVE-2018-1000426 (A cross-site scripting vulnerability exists in Jenkins Git Changelog ...)
+CVE-2018-1000426
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000425 (An insufficiently protected credentials vulnerability exists in ...)
+CVE-2018-1000425
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000424 (An insufficiently protected credentials vulnerability exists in ...)
+CVE-2018-1000424
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000423 (An insufficiently protected credentials vulnerability exists in ...)
+CVE-2018-1000423
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000422 (An improper authorization vulnerability exists in Jenkins Crowd 2 ...)
+CVE-2018-1000422
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000421 (An improper authorization vulnerability exists in Jenkins Mesos Plugin ...)
+CVE-2018-1000421
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000420 (An improper authorization vulnerability exists in Jenkins Mesos Plugin ...)
+CVE-2018-1000420
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000419 (An improper authorization vulnerability exists in Jenkins HipChat ...)
+CVE-2018-1000419
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000418 (An improper authorization vulnerability exists in Jenkins HipChat ...)
+CVE-2018-1000418
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000417 (A cross-site request forgery vulnerability exists in Jenkins Email ...)
+CVE-2018-1000417
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000416 (A reflected cross-site scripting vulnerability exists in Jenkins Job ...)
+CVE-2018-1000416
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000415 (A cross-site scripting vulnerability exists in Jenkins Rebuilder ...)
+CVE-2018-1000415
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000414 (A cross-site request forgery vulnerability exists in Jenkins Config ...)
+CVE-2018-1000414
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000413 (A cross-site scripting vulnerability exists in Jenkins Config File ...)
+CVE-2018-1000413
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000412 (An improper authorization vulnerability exists in Jenkins Jira Plugin ...)
+CVE-2018-1000412
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000411 (A cross-site request forgery vulnerability exists in Jenkins JUnit ...)
+CVE-2018-1000411
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000410 (An information exposure vulnerability exists in Jenkins 2.145 and ...)
+CVE-2018-1000410
 	NOT-FOR-US: Jenkins
-CVE-2018-1000409 (A session fixation vulnerability exists in Jenkins 2.145 and earlier, ...)
+CVE-2018-1000409
 	NOT-FOR-US: Jenkins
-CVE-2018-1000408 (A denial of service vulnerability exists in Jenkins 2.145 and earlier, ...)
+CVE-2018-1000408
 	NOT-FOR-US: Jenkins
-CVE-2018-1000407 (A cross-site scripting vulnerability exists in Jenkins 2.145 and ...)
+CVE-2018-1000407
 	NOT-FOR-US: Jenkins
-CVE-2018-1000406 (A path traversal vulnerability exists in Jenkins 2.145 and earlier, ...)
+CVE-2018-1000406
 	NOT-FOR-US: Jenkins
-CVE-2018-20683 (commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables ...)
+CVE-2018-20683
 	- gitolite3 3.6.11-1 (bug #918849)
 	[stretch] - gitolite3 <no-dsa> (Minor issue)
 	[jessie] - gitolite3 <no-dsa> (Minor issue)
 	- gitolite <removed>
 	NOTE: https://github.com/sitaramc/gitolite/commit/5df2b817255ee919991da6c310239e08c8fcc1ae
 	NOTE: https://groups.google.com/forum/#!topic/gitolite-announce/6xbjjmpLePQ
-CVE-2018-20680 (Frog CMS 0.9.5 has XSS in the admin/?/page/edit/1 body field. ...)
+CVE-2018-20680
 	NOT-FOR-US: Frog CMS
-CVE-2018-20679 (An issue was discovered in BusyBox before 1.30.0. An out of bounds read ...)
+CVE-2018-20679
 	- busybox 1:1.30.1-1 (low; bug #918846)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[jessie] - busybox <no-dsa> (Minor issue)
@@ -436,7 +436,7 @@ CVE-2018-20679 (An issue was discovered in BusyBox before 1.30.0. An out of boun
 	NOTE: is needed to fix the issue completely.
 CVE-2018-20678
 	RESERVED
-CVE-2018-20677 (In Bootstrap before 3.4.0, XSS is possible in the affix configuration ...)
+CVE-2018-20677
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
 	[jessie] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -448,7 +448,7 @@ CVE-2018-20677 (In Bootstrap before 3.4.0, XSS is possible in the affix configur
 	NOTE: https://github.com/twbs/bootstrap/issues/27915#issuecomment-452196628
 	NOTE: https://github.com/twbs/bootstrap/pull/27047
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
-CVE-2018-20676 (In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport ...)
+CVE-2018-20676
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
 	[jessie] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -460,18 +460,18 @@ CVE-2018-20676 (In Bootstrap before 3.4.0, XSS is possible in the tooltip data-v
 	NOTE: https://github.com/twbs/bootstrap/issues/27915#issuecomment-452196628
 	NOTE: https://github.com/twbs/bootstrap/pull/27047
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
-CVE-2018-20675 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before ...)
+CVE-2018-20675
 	NOT-FOR-US: D-Link
-CVE-2018-20674 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before ...)
+CVE-2018-20674
 	NOT-FOR-US: D-Link
-CVE-2018-20673 (The demangle_template function in cplus-dem.c in GNU libiberty, as ...)
+CVE-2018-20673
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24039
 CVE-2018-20672
 	RESERVED
-CVE-2018-20671 (load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 ...)
+CVE-2018-20671
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -480,7 +480,6 @@ CVE-2018-20671 (load_specific_debug_section in objdump.c in GNU Binutils through
 CVE-2018-20670
 	RESERVED
 CVE-2018-20669 [Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)]
-	RESERVED
 	- linux <unfixed> (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/594cc251fdd0d231d342d88b2fdff4bc42fb0690
 CVE-2018-20668
@@ -491,11 +490,11 @@ CVE-2018-20666
 	RESERVED
 CVE-2018-20665
 	RESERVED
-CVE-2018-20664 (Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via ...)
+CVE-2018-20664
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
-CVE-2018-20663 (The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA ...)
+CVE-2018-20663
 	NOT-FOR-US: Reporting Addon for CUBA Platform
-CVE-2018-20662 (In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause ...)
+CVE-2018-20662
 	{DLA-1706-1}
 	- poppler <unfixed> (low; bug #918158)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -505,11 +504,11 @@ CVE-2018-20661
 	RESERVED
 CVE-2018-20660
 	RESERVED
-CVE-2018-20659 (An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in ...)
+CVE-2018-20659
 	NOT-FOR-US: Bento4
-CVE-2018-20658 (The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote ...)
+CVE-2018-20658
 	NOT-FOR-US: Core FTP
-CVE-2018-20657 (The demangle_template function in cplus-dem.c in GNU libiberty, as ...)
+CVE-2018-20657
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -522,15 +521,15 @@ CVE-2018-20654
 	RESERVED
 CVE-2018-20653
 	RESERVED
-CVE-2018-20652 (An attempted excessive memory allocation was discovered in the function ...)
+CVE-2018-20652
 	NOT-FOR-US: tinyexr
-CVE-2018-20651 (A NULL pointer dereference was discovered in ...)
+CVE-2018-20651
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24041
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f
-CVE-2018-20650 (A reachable Object::dictLookup assertion in Poppler 0.72.0 allows ...)
+CVE-2018-20650
 	- poppler <unfixed> (low; bug #917974)
 	[buster] - poppler <no-dsa> (Minor issue)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -589,76 +588,75 @@ CVE-2018-20625
 	RESERVED
 CVE-2018-20624
 	RESERVED
-CVE-2018-20623 (In GNU Binutils 2.31.1, there is a use-after-free in the error function ...)
+CVE-2018-20623
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24049
-CVE-2018-20622 (JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a ...)
+CVE-2018-20622
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/193
-CVE-2018-20621 (An issue was discovered in Microvirt MEmu 6.0.6. The MemuService.exe ...)
+CVE-2018-20621
 	NOT-FOR-US: Microvirt MEmu
 CVE-2018-20620
 	RESERVED
 CVE-2018-20619
 	RESERVED
-CVE-2018-20618 (ok-file-formats through 2018-10-16 has a heap-based buffer over-read in ...)
+CVE-2018-20618
 	NOT-FOR-US: ok-file-formats
-CVE-2018-20617 (ok-file-formats through 2018-10-16 has a heap-based buffer overflow in ...)
+CVE-2018-20617
 	NOT-FOR-US: ok-file-formats
-CVE-2018-20616 (ok-file-formats through 2018-10-16 has a heap-based buffer overflow in ...)
+CVE-2018-20616
 	NOT-FOR-US: ok-file-formats
 CVE-2018-20615
-	RESERVED
 	- haproxy 1.8.16-2
 	[stretch] - haproxy <not-affected> (Vulnerable code introduced later)
 	[jessie] - haproxy <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/haproxy/haproxy/commit/a01f45e3ced23c799f6e78b5efdbd32198a75354
-CVE-2018-20614 (public\install\install.php in CIM 0.9.3 allows remote attackers to ...)
+CVE-2018-20614
 	NOT-FOR-US: CIM
-CVE-2018-20613 (TEMMOKU T1.09 Beta allows admin/user/add CSRF. ...)
+CVE-2018-20613
 	NOT-FOR-US: TEMMOKU
-CVE-2018-20612 (UWA 2.3.11 allows index.php?g=admin&amp;c=admin&amp;a=add_admin_do CSRF. ...)
+CVE-2018-20612
 	NOT-FOR-US: UWA
-CVE-2018-20611 (imcat 4.4 allow XSS via a crafted cookie to the ...)
+CVE-2018-20611
 	NOT-FOR-US: imcat
-CVE-2018-20610 (imcat 4.4 allows directory traversal via the root/run/adm.php efile ...)
+CVE-2018-20610
 	NOT-FOR-US: imcat
-CVE-2018-20609 (imcat 4.4 allows remote attackers to obtain potentially sensitive ...)
+CVE-2018-20609
 	NOT-FOR-US: imcat
-CVE-2018-20608 (imcat 4.4 allows remote attackers to read phpinfo output via the ...)
+CVE-2018-20608
 	NOT-FOR-US: imcat
-CVE-2018-20607 (imcat 4.4 allows remote attackers to obtain potentially sensitive ...)
+CVE-2018-20607
 	NOT-FOR-US: imcat
-CVE-2018-20606 (imcat 4.4 allows full path disclosure via a ...)
+CVE-2018-20606
 	NOT-FOR-US: imcat
-CVE-2018-20605 (imcat 4.4 allows remote attackers to execute arbitrary PHP code by ...)
+CVE-2018-20605
 	NOT-FOR-US: imcat
-CVE-2018-20604 (Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via ...)
+CVE-2018-20604
 	NOT-FOR-US: Lei Feng TV CMS
-CVE-2018-20603 (Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html ...)
+CVE-2018-20603
 	NOT-FOR-US: Lei Feng TV CMS
-CVE-2018-20602 (Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the ...)
+CVE-2018-20602
 	NOT-FOR-US: Lei Feng TV CMS
-CVE-2018-20601 (UCMS 1.4.7 has XSS via the description parameter in an index.php ...)
+CVE-2018-20601
 	NOT-FOR-US: UCMS
-CVE-2018-20600 (sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit ...)
+CVE-2018-20600
 	NOT-FOR-US: UCMS
-CVE-2018-20599 (UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by ...)
+CVE-2018-20599
 	NOT-FOR-US: UCMS
-CVE-2018-20598 (UCMS 1.4.7 has ?do=user_addpost CSRF. ...)
+CVE-2018-20598
 	NOT-FOR-US: UCMS
-CVE-2018-20597 (UCMS 1.4.7 has XSS via the dir parameter in an index.php ...)
+CVE-2018-20597
 	NOT-FOR-US: UCMS
-CVE-2018-20596 (Jspxcms v9.0.0 allows SSRF. ...)
+CVE-2018-20596
 	NOT-FOR-US: Jspxcms
-CVE-2018-20595 (A CSRF issue was discovered in ...)
+CVE-2018-20595
 	NOT-FOR-US: hsweb
-CVE-2018-20594 (An issue was discovered in hsweb 3.0.4. It is a reflected XSS ...)
+CVE-2018-20594
 	NOT-FOR-US: hsweb
-CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in ...)
+CVE-2018-20593
 	- mxml <unfixed> (low; bug #924353)
 	[buster] - mxml <ignored> (Minor issue)
 	[stretch] - mxml <ignored> (Minor issue)
@@ -669,7 +667,7 @@ CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overfl
 	NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2987_1.txt.err (error output)
 	NOTE: https://github.com/michaelrsweet/mxml/issues/237
 	NOTE: upstream tagged the issue with 'wontfix' and removed mxmldoc code completely
-CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd ...)
+CVE-2018-20592
 	- mxml <unfixed> (low; bug #924353)
 	[buster] - mxml <ignored> (Minor issue)
 	[stretch] - mxml <ignored> (Minor issue)
@@ -680,27 +678,27 @@ CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the m
 	NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_2.txt.err (error output)
 	NOTE: https://github.com/michaelrsweet/mxml/issues/237
 	NOTE: upstream tagged the issue with 'wontfix' and removed mxmldoc code completely
-CVE-2018-20591 (A heap-based buffer over-read was discovered in decompileJUMP function ...)
+CVE-2018-20591
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/168
-CVE-2018-20590 (Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 ...)
+CVE-2018-20590
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20589 (Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 ...)
+CVE-2018-20589
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20588 (lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc ...)
+CVE-2018-20588
 	NOT-FOR-US: otfcc
-CVE-2018-20587 (Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through ...)
+CVE-2018-20587
 	- bitcoin <unfixed>
 	NOTE: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20587
 CVE-2018-20586
 	RESERVED
 CVE-2018-20585
 	RESERVED
-CVE-2018-20584 (JasPer 2.0.14 allows remote attackers to cause a denial of service ...)
+CVE-2018-20584
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/192
-CVE-2018-20583 (Cross-site scripting (XSS) vulnerability in the PHP League CommonMark ...)
+CVE-2018-20583
 	NOT-FOR-US: PHP League CommonMark library
 CVE-2018-20582
 	RESERVED
@@ -708,17 +706,17 @@ CVE-2018-20581
 	RESERVED
 CVE-2018-20580
 	RESERVED
-CVE-2018-20579 (Contiki-NG before 4.2 has a stack-based buffer overflow in the push ...)
+CVE-2018-20579
 	NOT-FOR-US: Contiki-NG
-CVE-2018-20578 (An issue was discovered in NuttX before 7.27. The function ...)
+CVE-2018-20578
 	NOT-FOR-US: NuttX
-CVE-2018-20577 (Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, ...)
+CVE-2018-20577
 	NOT-FOR-US: Orange Livebox 00.96.320S devices
-CVE-2018-20576 (Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and ...)
+CVE-2018-20576
 	NOT-FOR-US: Orange Livebox 00.96.320S devices
-CVE-2018-20575 (Orange Livebox 00.96.320S devices have an undocumented ...)
+CVE-2018-20575
 	NOT-FOR-US: Orange Livebox 00.96.320S devices
-CVE-2018-20574 (The SingleDocParser::HandleFlowMap function in yaml-cpp (aka ...)
+CVE-2018-20574
 	- yaml-cpp <unfixed> (low; bug #918145)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -727,7 +725,7 @@ CVE-2018-20574 (The SingleDocParser::HandleFlowMap function in yaml-cpp (aka ...
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <postponed> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/654
-CVE-2018-20573 (The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) ...)
+CVE-2018-20573
 	- yaml-cpp <unfixed> (low; bug #918147)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -736,53 +734,53 @@ CVE-2018-20573 (The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYa
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <postponed> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/655
-CVE-2018-20572 (WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL ...)
+CVE-2018-20572
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-20571 (DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a ...)
+CVE-2018-20571
 	NOT-FOR-US: DamiCMS
-CVE-2018-20570 (jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer ...)
+CVE-2018-20570
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/191
-CVE-2018-20569 (user/index.php in Ivan Cordoba Generic Content Management System (CMS) ...)
+CVE-2018-20569
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20568 (Administrator/index.php in Ivan Cordoba Generic Content Management ...)
+CVE-2018-20568
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20567 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20567
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20566 (An issue was discovered in DouCo DouPHP 1.5 20181221. It allows full ...)
+CVE-2018-20566
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20565 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20565
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20564 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20564
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20563 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20563
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20562 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20562
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20561 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20561
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20560 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20560
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20559 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20559
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20558 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20558
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20557 (An issue was discovered in DouCo DouPHP 1.5 20181221. ...)
+CVE-2018-20557
 	NOT-FOR-US: DouCo DouPHP
 CVE-2018-20556
-	RESERVED
+	TODO: check
 CVE-2018-20555
-	RESERVED
+	TODO: check
 CVE-2018-20554
 	RESERVED
-CVE-2018-20553 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len ...)
+CVE-2018-20553
 	- tcpreplay 4.3.1-1 (low; bug #917574)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (not used by any sponsor, hard to exploit)
 	NOTE: https://github.com/appneta/tcpreplay/issues/530
 	NOTE: https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2
-CVE-2018-20552 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree ...)
+CVE-2018-20552
 	- tcpreplay 4.3.1-1 (low; bug #917574)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (not used by any sponsor, hard to exploit)
@@ -794,7 +792,7 @@ CVE-2018-1000892
 	RESERVED
 CVE-2018-1000891
 	RESERVED
-CVE-2018-20551 (A reachable Object::getString assertion in Poppler 0.72.0 allows ...)
+CVE-2018-20551
 	- poppler <unfixed> (low; bug #917525)
 	[stretch] - poppler <ignored> (Minor issue)
 	[jessie] - poppler <not-affected> (vulnerable code is not present)
@@ -802,109 +800,109 @@ CVE-2018-20551 (A reachable Object::getString assertion in Poppler 0.72.0 allows
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/7f87dc10b6adccd6d1b977a28b064add254aa2da
 CVE-2018-20550
 	RESERVED
-CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c (function ...)
+CVE-2018-20549
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
 	NOTE: https://github.com/cacalabs/libcaca/issues/41
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
-CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (function ...)
+CVE-2018-20548
 	- libcaca <unfixed> (unimportant; bug #917807)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652625
 	NOTE: https://github.com/cacalabs/libcaca/issues/40
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
 	NOTE: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
 	NOTE: Debian binary packages built with the Imlib2 library
-CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c (function ...)
+CVE-2018-20547
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
 	NOTE: https://github.com/cacalabs/libcaca/issues/39
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
-CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c (function ...)
+CVE-2018-20546
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
 	NOTE: https://github.com/cacalabs/libcaca/issues/38
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
-CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (function ...)
+CVE-2018-20545
 	- libcaca <unfixed> (unimportant; bug #917807)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652621
 	NOTE: https://github.com/cacalabs/libcaca/issues/37
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
 	NOTE: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
 	NOTE: Debian binary packages built with the Imlib2 library
-CVE-2018-20544 (There is floating point exception at caca/dither.c (function ...)
+CVE-2018-20544
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627
 	NOTE: https://github.com/cacalabs/libcaca/issues/36
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/84bd155087b93ab2d8d7cb5b1ac94ecd4cf4f93c
-CVE-2018-20543 (There is an attempted excessive memory allocation at ...)
+CVE-2018-20543
 	- libxsmm <unfixed> (bug #917573)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652634
-CVE-2018-20542 (There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c ...)
+CVE-2018-20542
 	- libxsmm <unfixed> (bug #917526)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652633
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652635
 	NOTE: https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
 	NOTE: https://github.com/hfp/libxsmm/issues/287
-CVE-2018-20541 (There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at ...)
+CVE-2018-20541
 	- libxsmm <unfixed> (bug #917526)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652632
 	NOTE: https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
 	NOTE: https://github.com/hfp/libxsmm/issues/287
-CVE-2018-20540 (There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS ...)
+CVE-2018-20540
 	- liblas 1.8.1-10 (bug #922459)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/158
 	NOTE: https://github.com/libLAS/libLAS/commit/ba7346d349fb00b18d0c12e226ac3090eac25d7b
-CVE-2018-20539 (There is a Segmentation fault triggered by illegal address access at ...)
+CVE-2018-20539
 	- liblas <unfixed> (low; bug #924614)
 	[buster] - liblas <no-dsa> (Minor issue)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/159
-CVE-2018-20538 (There is a use-after-free at asm/preproc.c (function pp_getline) in ...)
+CVE-2018-20538
 	- nasm <unfixed> (bug #918269)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392531
-CVE-2018-20537 (There is a NULL pointer dereference at ...)
+CVE-2018-20537
 	- liblas <unfixed> (low; bug #924614)
 	[buster] - liblas <no-dsa> (Minor issue)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/160
-CVE-2018-20536 (There is a heap-based buffer over-read at ...)
+CVE-2018-20536
 	- liblas <unfixed> (low; bug #924614)
 	[buster] - liblas <no-dsa> (Minor issue)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/161
-CVE-2018-20535 (There is a use-after-free at asm/preproc.c (function pp_getline) in ...)
+CVE-2018-20535
 	- nasm <unfixed> (bug #918270)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392530
-CVE-2018-20534 (There is an illegal address access at src/pool.h (function ...)
+CVE-2018-20534
 	- libsolv <unfixed> (low; bug #923002)
 	[stretch] - libsolv <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652604
 	NOTE: https://github.com/openSUSE/libsolv/pull/291
 	NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
-CVE-2018-20533 (There is a NULL pointer dereference at ext/testcase.c (function ...)
+CVE-2018-20533
 	- libsolv <unfixed> (low; bug #923002)
 	[stretch] - libsolv <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652599
 	NOTE: https://github.com/openSUSE/libsolv/pull/291
 	NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
-CVE-2018-20532 (There is a NULL pointer dereference at ext/testcase.c (function ...)
+CVE-2018-20532
 	- libsolv <unfixed> (low; bug #923002)
 	[stretch] - libsolv <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652605
@@ -912,19 +910,19 @@ CVE-2018-20532 (There is a NULL pointer dereference at ext/testcase.c (function
 	NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
 CVE-2018-20531
 	RESERVED
-CVE-2018-20530 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile ...)
+CVE-2018-20530
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
 CVE-2018-20529
 	RESERVED
-CVE-2018-20528 (JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. ...)
+CVE-2018-20528
 	NOT-FOR-US: JEECMS
 CVE-2018-20527
 	RESERVED
 CVE-2018-20526
-	RESERVED
+	TODO: check
 CVE-2018-20525
-	RESERVED
-CVE-2018-20524 (The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use ...)
+	TODO: check
+CVE-2018-20524
 	NOT-FOR-US: Chat Anywhere Chrome extension
 CVE-2018-20523
 	RESERVED
@@ -932,9 +930,9 @@ CVE-2018-20522
 	RESERVED
 CVE-2018-20521
 	RESERVED
-CVE-2018-20520 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a ...)
+CVE-2018-20520
 	NOT-FOR-US: MiniCMS
-CVE-2018-20519 (An issue was discovered in 74cms v4.2.111. It allows remote ...)
+CVE-2018-20519
 	NOT-FOR-US: 74cms
 CVE-2018-20518
 	RESERVED
@@ -948,27 +946,27 @@ CVE-2018-20514
 	RESERVED
 CVE-2018-20513
 	RESERVED
-CVE-2018-20512 (EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of ...)
+CVE-2018-20512
 	NOT-FOR-US: EPON CPE-WiFi devices
 CVE-2018-20510
 	RESERVED
 CVE-2018-20509
 	RESERVED
-CVE-2018-20508 (CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This ...)
+CVE-2018-20508
 	NOT-FOR-US: CrashFix
-CVE-2018-1000890 (FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection ...)
+CVE-2018-1000890
 	- frontaccounting <removed>
-CVE-2018-1000889 (Logisim Evolution version 2.14.3 and earlier contains an XML External ...)
+CVE-2018-1000889
 	NOT-FOR-US: Logisim Evolution
-CVE-2018-1000888 (PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 ...)
+CVE-2018-1000888
 	{DSA-4378-1 DLA-1674-1}
 	- php-pear 1:1.10.6+submodules+notgz-1.1 (bug #919147)
 	- php5 <removed>
 	NOTE: https://pear.php.net/bugs/bug.php?id=23782
 	NOTE: https://github.com/pear/Archive_Tar/commit/59ace120ac5ceb5f0d36e40e48e1884de1badf76
-CVE-2018-1000887 (Peel shopping peel-shopping_9_1_0 version contains a Cross Site ...)
+CVE-2018-1000887
 	NOT-FOR-US: Peel shopping
-CVE-2018-20511 (An issue was discovered in the Linux kernel before 4.18.11. The ...)
+CVE-2018-20511
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.130-1
 	NOTE: Fixed by: https://git.kernel.org/linus/9824dfae5741275473a23a7ed5756c7b6efacc9d (4.19-rc5)
@@ -984,7 +982,7 @@ CVE-2018-20504
 	RESERVED
 CVE-2018-20503
 	RESERVED
-CVE-2018-20502 (An issue was discovered in Bento4 1.5.1-627. There is an attempt at ...)
+CVE-2018-20502
 	NOT-FOR-US: Bento4
 CVE-2018-20501 [Missing authorization control merge requests]
 	RESERVED
@@ -1044,13 +1042,13 @@ CVE-2018-20488 [Secret CI variable exposure]
 	NOTE: https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/
 CVE-2018-20487
 	RESERVED
-CVE-2018-20486 (MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php ...)
+CVE-2018-20486
 	NOT-FOR-US: MetInfo
-CVE-2018-20485 (Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in ...)
+CVE-2018-20485
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
-CVE-2018-20484 (Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in ...)
+CVE-2018-20484
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
-CVE-2018-20483 (set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's ...)
+CVE-2018-20483
 	- wget 1.20.1-1 (bug #917375)
 	[stretch] - wget <not-affected> (Vulnerable code introduced in 1.19)
 	[jessie] - wget <not-affected> (Vulnerable code introduced in 1.19)
@@ -1058,7 +1056,7 @@ CVE-2018-20483 (set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=3cdfb594cf75f11cdbb9702ac5e856c332ccacfa
 	NOTE: Don't use extended attributes by default: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c125d24762962d91050d925fbbd9e6f30b2302f8
 	NOTE: Introduced by: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=a933bdd31eee9c956a3b5cc142f004ef1fa94cb3 (v1.19)
-CVE-2018-20482 (GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage ...)
+CVE-2018-20482
 	{DLA-1623-1}
 	- tar 1.30+dfsg-3.1 (bug #917377)
 	[stretch] - tar <no-dsa> (Minor issue)
@@ -1067,21 +1065,21 @@ CVE-2018-20482 (GNU Tar through 1.30, when --sparse is used, mishandles file shr
 	NOTE: https://twitter.com/thatcks/status/1076166645708668928
 	NOTE: https://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html
 	NOTE: Fixed by https://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42c
-CVE-2018-20481 (XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef ...)
+CVE-2018-20481
 	{DLA-1706-1}
 	- poppler <unfixed> (low; bug #917325)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/692
 	NOTE: Proposed fix: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143
-CVE-2018-20480 (An issue was discovered in S-CMS 1.0. It allows SQL Injection via the ...)
+CVE-2018-20480
 	NOT-FOR-US: S-CMS
-CVE-2018-20479 (An issue was discovered in S-CMS 1.0. It allows SQL Injection via the ...)
+CVE-2018-20479
 	NOT-FOR-US: S-CMS
-CVE-2018-20478 (An issue was discovered in S-CMS 1.0. It allows reading certain files, ...)
+CVE-2018-20478
 	NOT-FOR-US: S-CMS
-CVE-2018-20477 (An issue was discovered in S-CMS 3.0. It allows SQL Injection via the ...)
+CVE-2018-20477
 	NOT-FOR-US: S-CMS
-CVE-2018-20476 (An issue was discovered in S-CMS 3.0. It allows XSS via the ...)
+CVE-2018-20476
 	NOT-FOR-US: S-CMS
 CVE-2018-20475
 	RESERVED
@@ -1099,7 +1097,7 @@ CVE-2018-20469
 	RESERVED
 CVE-2018-20468
 	RESERVED
-CVE-2018-20467 (In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can ...)
+CVE-2018-20467
 	- imagemagick 8:6.9.10.23+dfsg-1 (low; bug #917326)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -1108,149 +1106,149 @@ CVE-2018-20467 (In coders/bmp.c in ImageMagick before 7.0.8-16, an input file ca
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/4dd53a3f790147aaf18b2dd4d15f2a19f9432d3f
 CVE-2018-20466
 	RESERVED
-CVE-2018-20465 (Craft CMS through 3.0.34 allows remote authenticated administrators to ...)
+CVE-2018-20465
 	NOT-FOR-US: Craft CMS
-CVE-2018-20464 (There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 ...)
+CVE-2018-20464
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-20463 (An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. ...)
+CVE-2018-20463
 	NOT-FOR-US: JSmol2WP plugin for WordPress
-CVE-2018-20462 (An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A ...)
+CVE-2018-20462
 	NOT-FOR-US: JSmol2WP plugin for WordPress
-CVE-2018-20461 (In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c ...)
+CVE-2018-20461
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267
 	NOTE: https://github.com/radare/radare2/issues/12375
-CVE-2018-20460 (In radare2 prior to 3.1.2, the parseOperands function in ...)
+CVE-2018-20460
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/df167c7db545953bb7f71c72e98e7a3ca0c793bf
 	NOTE: https://github.com/radare/radare2/issues/12376
-CVE-2018-20459 (In radare2 through 3.1.3, the armass_assemble function in ...)
+CVE-2018-20459
 	- radare2 3.2.1+dfsg-1 (low; bug #917322)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7
 	NOTE: https://github.com/radare/radare2/issues/12418
-CVE-2018-20458 (In radare2 prior to 3.1.1, r_bin_dyldcache_extract in ...)
+CVE-2018-20458
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/30f4c7b52a4e2dc0d0b1bae487d90f5437c69d19
 	NOTE: https://github.com/radare/radare2/issues/12374
-CVE-2018-20457 (In radare2 through 3.1.3, the assemble function inside ...)
+CVE-2018-20457
 	- radare2 3.2.1+dfsg-1 (low; bug #917322)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7
 	NOTE: https://github.com/radare/radare2/issues/12417
-CVE-2018-20456 (In radare2 prior to 3.1.1, the parseOperand function inside ...)
+CVE-2018-20456
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185
 	NOTE: https://github.com/radare/radare2/issues/12372
-CVE-2018-20455 (In radare2 prior to 3.1.1, the parseOperand function inside ...)
+CVE-2018-20455
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185
 	NOTE: https://github.com/radare/radare2/issues/12373
-CVE-2018-20454 (An issue was discovered in 74cms v4.2.111. ...)
+CVE-2018-20454
 	NOT-FOR-US: 74cms
-CVE-2018-20453 (The getlong function in numutils.c in libdoc through 2017-10-23 has a ...)
+CVE-2018-20453
 	- catdoc <unfixed> (unimportant; bug #919526)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-20452 (The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid ...)
+CVE-2018-20452
 	- r-cran-readxl 1.2.0.9000-1 (bug #919324)
 	[stretch] - r-cran-readxl 0.1.1-1+deb9u2
 	NOTE: https://github.com/evanmiller/libxls/issues/35
-CVE-2018-20451 (The process_file function in reader.c in libdoc through 2017-10-23 has ...)
+CVE-2018-20451
 	- catdoc <unfixed> (unimportant; bug #919526)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-20450 (The read_MSAT function in ole.c in libxls 1.4.0 has a double free that ...)
+CVE-2018-20450
 	- r-cran-readxl 1.2.0.9000-1 (bug #919324)
 	[stretch] - r-cran-readxl 0.1.1-1+deb9u2
 	NOTE: https://github.com/evanmiller/libxls/issues/34
 CVE-2018-20449
 	RESERVED
-CVE-2018-20448 (Frog CMS 0.9.5 has XSS via the Database name field to the ...)
+CVE-2018-20448
 	NOT-FOR-US: Frog CMS
 CVE-2018-20447
 	RESERVED
 CVE-2018-20446
 	RESERVED
-CVE-2018-20445 (D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 ...)
+CVE-2018-20445
 	NOT-FOR-US: D-Link
-CVE-2018-20444 (Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU ...)
+CVE-2018-20444
 	NOT-FOR-US: Technicolor
-CVE-2018-20443 (Technicolor TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT devices ...)
+CVE-2018-20443
 	NOT-FOR-US: Technicolor
-CVE-2018-20442 (Technicolor TC7110.B STC8.62.02 devices allow remote attackers to ...)
+CVE-2018-20442
 	NOT-FOR-US: Technicolor
-CVE-2018-20441 (Technicolor TC7200.TH2v2 SC05.00.22 devices allow remote attackers to ...)
+CVE-2018-20441
 	NOT-FOR-US: Technicolor
-CVE-2018-20440 (Technicolor CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC devices allow ...)
+CVE-2018-20440
 	NOT-FOR-US: Technicolor
-CVE-2018-20439 (Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices ...)
+CVE-2018-20439
 	NOT-FOR-US: Technicolor
-CVE-2018-20438 (Technicolor TC7110.AR STD3.38.03 devices allow remote attackers to ...)
+CVE-2018-20438
 	NOT-FOR-US: Technicolor
-CVE-2018-20437 (** DISPUTED ** An issue was discovered in the fileDownload function in ...)
+CVE-2018-20437
 	NOT-FOR-US: FEBS-Shiro
-CVE-2018-20436 (** DISPUTED ** The &quot;secret chat&quot; feature in Telegram 4.9.1 for Android ...)
+CVE-2018-20436
 	NOT-FOR-US: Telegram for Android
 CVE-2018-20435
 	RESERVED
 CVE-2018-20434
 	RESERVED
-CVE-2018-20433 (c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in ...)
+CVE-2018-20433
 	{DLA-1621-1}
 	- c3p0 0.9.1.2-10 (bug #917257)
 	[stretch] - c3p0 0.9.1.2-9+deb9u1
 	NOTE: https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b
 CVE-2018-20432
 	RESERVED
-CVE-2018-20431 (GNU Libextractor through 1.8 has a NULL Pointer Dereference ...)
+CVE-2018-20431
 	{DSA-4361-1 DLA-1616-1}
 	- libextractor 1:1.8-2 (bug #917213)
 	NOTE: https://gnunet.org/bugs/view.php?id=5494
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7
-CVE-2018-20430 (GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in ...)
+CVE-2018-20430
 	{DSA-4361-1 DLA-1616-1}
 	- libextractor 1:1.8-2 (bug #917214)
 	NOTE: https://gnunet.org/bugs/view.php?id=5493
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110
-CVE-2018-20429 (libming 0.4.8 has a NULL pointer dereference in the getName function of ...)
+CVE-2018-20429
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/160
-CVE-2018-20428 (libming 0.4.8 has a NULL pointer dereference in the strlenext function ...)
+CVE-2018-20428
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/161
-CVE-2018-20427 (libming 0.4.8 has a NULL pointer dereference in the getInt function of ...)
+CVE-2018-20427
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/164
-CVE-2018-20426 (libming 0.4.8 has a NULL pointer dereference in the newVar3 function of ...)
+CVE-2018-20426
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/162
-CVE-2018-20425 (libming 0.4.8 has a NULL pointer dereference in the pushdup function of ...)
+CVE-2018-20425
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/163
-CVE-2018-20424 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
+CVE-2018-20424
 	NOT-FOR-US: DiscuzX
-CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
+CVE-2018-20423
 	NOT-FOR-US: DiscuzX
-CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
+CVE-2018-20422
 	NOT-FOR-US: DiscuzX
-CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of ...)
+CVE-2018-20421
 	NOT-FOR-US: Go Ethereum
-CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access ...)
+CVE-2018-20420
 	NOT-FOR-US: webERP
-CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an ...)
+CVE-2018-20419
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20418 (index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows ...)
+CVE-2018-20418
 	NOT-FOR-US: Craft CMS
 CVE-2018-20417
 	RESERVED
@@ -1266,15 +1264,15 @@ CVE-2018-20412
 	RESERVED
 CVE-2018-20411
 	RESERVED
-CVE-2018-20410 (WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer ...)
+CVE-2018-20410
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2018-20409 (An issue was discovered in Bento4 1.5.1-627. There is a heap-based ...)
+CVE-2018-20409
 	NOT-FOR-US: Bento4
-CVE-2018-20408 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
+CVE-2018-20408
 	NOT-FOR-US: Bento4
-CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
+CVE-2018-20407
 	NOT-FOR-US: Bento4
-CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...)
+CVE-2018-20406
 	{DLA-1663-1}
 	- python3.7 3.7.0-7
 	- python3.6 3.6.7~rc1-1
@@ -1285,93 +1283,93 @@ CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow
 	NOTE: https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd (master)
 	NOTE: https://github.com/python/cpython/commit/ef4306b24c9034d6b37bb034e2ebe82e745d4b77 (3.7)
 	NOTE: https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc (3.6)
-CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated admin/news/ ...)
+CVE-2018-20405
 	NOT-FOR-US: BigTree CMS
-CVE-2018-20404 (ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system ...)
+CVE-2018-20404
 	NOT-FOR-US: ETK_E900.sys (SmartETK driver for VIA Technologies EPIA-E900 system board)
 CVE-2018-20403
 	RESERVED
-CVE-2018-20402 (Safe Software FME Server through 2018.1 creates and enables three ...)
+CVE-2018-20402
 	NOT-FOR-US: Safe Software FME Server
-CVE-2018-20401 (Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover ...)
+CVE-2018-20401
 	NOT-FOR-US: Zoom 5352 v5.5.8.6Y devices
-CVE-2018-20400 (Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote ...)
+CVE-2018-20400
 	NOT-FOR-US: Ubee devices
-CVE-2018-20399 (Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 ...)
+CVE-2018-20399
 	NOT-FOR-US: Motorola
-CVE-2018-20398 (Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, ...)
+CVE-2018-20398
 	NOT-FOR-US: Skyworth devices
-CVE-2018-20397 (mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to ...)
+CVE-2018-20397
 	NOT-FOR-US: mplus devices
-CVE-2018-20396 (NET&amp;SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow ...)
+CVE-2018-20396
 	NOT-FOR-US: NET&SYS devices
-CVE-2018-20395 (NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote ...)
+CVE-2018-20395
 	NOT-FOR-US: NETWAVE devices
-CVE-2018-20394 (Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and ...)
+CVE-2018-20394
 	NOT-FOR-US: Thomson devices
-CVE-2018-20393 (Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, ...)
+CVE-2018-20393
 	NOT-FOR-US: Technicolor devices
-CVE-2018-20392 (S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers ...)
+CVE-2018-20392
 	NOT-FOR-US: S-A WebSTAR devices
-CVE-2018-20391 (TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote attackers ...)
+CVE-2018-20391
 	NOT-FOR-US: TEKNOTEL devices
-CVE-2018-20390 (Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA ...)
+CVE-2018-20390
 	NOT-FOR-US: Kaonmedia devices
-CVE-2018-20389 (D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 ...)
+CVE-2018-20389
 	NOT-FOR-US: D-Link
-CVE-2018-20388 (Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices ...)
+CVE-2018-20388
 	NOT-FOR-US: Comtrend devices
-CVE-2018-20387 (Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices ...)
+CVE-2018-20387
 	NOT-FOR-US: Bnmux devices
-CVE-2018-20386 (ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote ...)
+CVE-2018-20386
 	NOT-FOR-US: ARRIS devices
-CVE-2018-20385 (CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT ...)
+CVE-2018-20385
 	NOT-FOR-US: CastleNet devices
-CVE-2018-20384 (iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 ...)
+CVE-2018-20384
 	NOT-FOR-US: iNovo devices
-CVE-2018-20383 (ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote ...)
+CVE-2018-20383
 	NOT-FOR-US: ARRIS devices
-CVE-2018-20382 (Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow ...)
+CVE-2018-20382
 	NOT-FOR-US: Jiuzhou devices
-CVE-2018-20381 (Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow ...)
+CVE-2018-20381
 	NOT-FOR-US: Technicolor devices
-CVE-2018-20380 (Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and ...)
+CVE-2018-20380
 	NOT-FOR-US: Ambit devices
-CVE-2018-20379 (Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices ...)
+CVE-2018-20379
 	NOT-FOR-US: Technicolor devices
 CVE-2018-20378
 	RESERVED
-CVE-2018-20377 (Orange Livebox 00.96.320S devices allow remote attackers to discover ...)
+CVE-2018-20377
 	NOT-FOR-US: Orange Livebox
-CVE-2018-20376 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
+CVE-2018-20376
 	- tcc <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00013.html
-CVE-2018-20375 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
+CVE-2018-20375
 	- tcc <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00014.html
-CVE-2018-20374 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
+CVE-2018-20374
 	- tcc <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00015.html
-CVE-2018-20373 (Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP ...)
+CVE-2018-20373
 	NOT-FOR-US: Tenda ADSL modem routers
-CVE-2018-20372 (TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client. ...)
+CVE-2018-20372
 	NOT-FOR-US: TP-Link TD-W8961ND devices
-CVE-2018-20371 (PhotoRange Photo Vault 1.2 appends the password to the URI for ...)
+CVE-2018-20371
 	NOT-FOR-US: PhotoRange Photo Vault
-CVE-2018-20370 (SZ NetChat before 7.9 has XSS in the MyName input field of the Options ...)
+CVE-2018-20370
 	NOT-FOR-US: SZ NetChat
-CVE-2018-20369 (Barracuda Message Archiver 2018 has XSS in the error_msg ...)
+CVE-2018-20369
 	NOT-FOR-US: Barracuda
-CVE-2018-20368 (The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the ...)
+CVE-2018-20368
 	NOT-FOR-US: Master Slider plugin for WordPress
-CVE-2018-20367 (The &quot;mall some commodity details: commodity consultation&quot; component in ...)
+CVE-2018-20367
 	NOT-FOR-US: WSTMart
 CVE-2018-20366
 	RESERVED
-CVE-2018-20365 (LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. ...)
+CVE-2018-20365
 	- libraw 0.19.2-2 (bug #917111)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1379,7 +1377,7 @@ CVE-2018-20365 (LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer ov
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: Additionally needed: https://github.com/LibRaw/LibRaw/commit/a7c17cb6bbec1e79f058d84511f9c3b142cbdfa7
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
-CVE-2018-20364 (LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL ...)
+CVE-2018-20364
 	- libraw 0.19.2-2 (bug #917112)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1387,7 +1385,7 @@ CVE-2018-20364 (LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: Additionally needed: https://github.com/LibRaw/LibRaw/commit/a7c17cb6bbec1e79f058d84511f9c3b142cbdfa7
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
-CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer ...)
+CVE-2018-20363
 	- libraw 0.19.2-2 (bug #917113)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1395,32 +1393,32 @@ CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: Additionally needed: https://github.com/LibRaw/LibRaw/commit/a7c17cb6bbec1e79f058d84511f9c3b142cbdfa7
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
-CVE-2018-20362 (A NULL pointer dereference was discovered in ifilter_bank of ...)
+CVE-2018-20362
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/26
-CVE-2018-20361 (An invalid memory address dereference was discovered in the hf_assembly ...)
+CVE-2018-20361
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/30
-CVE-2018-20360 (An invalid memory address dereference was discovered in the ...)
+CVE-2018-20360
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/32
-CVE-2018-20359 (An invalid memory address dereference was discovered in the ...)
+CVE-2018-20359
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/29
-CVE-2018-20358 (An invalid memory address dereference was discovered in the ...)
+CVE-2018-20358
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/31
-CVE-2018-20357 (A NULL pointer dereference was discovered in sbr_process_channel of ...)
+CVE-2018-20357
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
@@ -1435,11 +1433,11 @@ CVE-2018-20353
 	RESERVED
 CVE-2018-20352
 	RESERVED
-CVE-2018-20351 (The Markdown component in Evernote (Chinese) before 8.3.2 on macOS ...)
+CVE-2018-20351
 	NOT-FOR-US: Evernote
 CVE-2018-20350
 	RESERVED
-CVE-2018-20349 (The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 ...)
+CVE-2018-20349
 	- igraph 0.7.1-3 (bug #917211)
 	[stretch] - igraph <no-dsa> (Minor issue)
 	[jessie] - igraph <no-dsa> (Minor issue)
@@ -1447,35 +1445,34 @@ CVE-2018-20349 (The igraph_i_strdiff function in igraph_trie.c in igraph through
 	[stretch] - r-cran-igraph <no-dsa> (Minor issue)
 	NOTE: https://github.com/igraph/igraph/issues/1141
 	NOTE: Fixed by: https://github.com/igraph/igraph/commit/e3a9566e6463186230f215151b57b893df6d9ce2
-CVE-2018-20348 (libpff_item_tree_create_node in libpff_item_tree.c in libpff before ...)
+CVE-2018-20348
 	- libpff 20180714-1
 	[stretch] - libpff <no-dsa> (Minor issue)
 	[jessie] - libpff <no-dsa> (Minor issue)
 	NOTE: https://github.com/libyal/libpff/issues/48
 CVE-2018-20347
 	RESERVED
-CVE-2018-20345 (Incorrect access control in StackStorm API (st2api) in StackStorm ...)
+CVE-2018-20345
 	NOT-FOR-US: SlackStorm
 CVE-2018-20344
 	RESERVED
 CVE-2018-20343
 	RESERVED
-CVE-2018-20342 (The Floureon IP Camera SP012 provides a root terminal on a UART serial ...)
+CVE-2018-20342
 	NOT-FOR-US: Floureon IP Camera SP012
 CVE-2018-20341
 	RESERVED
 CVE-2018-20340 [buffer overflow]
-	RESERVED
 	{DSA-4389-1}
 	- libu2f-host 1.1.7-1 (bug #921726)
 	NOTE: https://www.yubico.com/support/security-advisories/ysa-2019-01/
 	NOTE: https://github.com/Yubico/libu2f-host/commit/f526546bb29f2ef704ae9850f0f4b41fea7b62a4
 	NOTE: https://github.com/Yubico/libu2f-host/commit/e77a109f8cf60d9eafdf005ab5c851d5f576c01e
-CVE-2018-20339 (Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the ...)
+CVE-2018-20339
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-20338 (Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL ...)
+CVE-2018-20338
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-20337 (There is a stack-based buffer overflow in the parse_makernote function ...)
+CVE-2018-20337
 	- libraw 0.19.2-1 (bug #917080)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1488,29 +1485,29 @@ CVE-2018-20334
 	RESERVED
 CVE-2018-20333
 	RESERVED
-CVE-2018-20332 (An issue has been discovered in the OpenWebif plugin through 1.2.4 for ...)
+CVE-2018-20332
 	NOT-FOR-US: OpenWebif plugin
-CVE-2018-20331 (Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ...)
+CVE-2018-20331
 	NOT-FOR-US: Antiy AVL ATool
-CVE-2018-20330 (The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow ...)
+CVE-2018-20330
 	- libjpeg-turbo <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304
 	NOTE: Fixed by: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3d9c64e9f8aa1ee954d1d0bb3390fc894bb84da3
-CVE-2018-20329 (Chamilo LMS version 1.11.8 contains a ...)
+CVE-2018-20329
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-20328 (Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php ...)
+CVE-2018-20328
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-20327 (Chamilo LMS version 1.11.8 contains XSS in ...)
+CVE-2018-20327
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-20326 (ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware ...)
+CVE-2018-20326
 	NOT-FOR-US: ChinaMobile PLC Wireless Router
-CVE-2018-20325 (There is a vulnerability in load() method in definitions/parser.py in ...)
+CVE-2018-20325
 	NOT-FOR-US: Danijar Hafner
 CVE-2018-20324
 	RESERVED
 CVE-2018-20323
-	RESERVED
-CVE-2018-20322 (LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) ...)
+	TODO: check
+CVE-2018-20322
 	- limesurvey <itp> (bug #472802)
 CVE-2018-20321
 	RESERVED
@@ -1518,17 +1515,17 @@ CVE-2018-20320
 	RESERVED
 CVE-2018-20319
 	RESERVED
-CVE-2018-20318 (An issue was discovered in weixin-java-tools v3.2.0. There is an XXE ...)
+CVE-2018-20318
 	NOT-FOR-US: weixin-java-tools
-CVE-2018-1000886 (nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability ...)
+CVE-2018-1000886
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392514
 	NOTE: Crash in CLI, no security impact
-CVE-2018-1000885 (PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b ...)
+CVE-2018-1000885
 	NOT-FOR-US: PHKP
-CVE-2018-1000884 (Vesta CP version Prior to commit ...)
+CVE-2018-1000884
 	NOT-FOR-US: Vesta CP
-CVE-2018-1000883 (Elixir Plug Plug version All contains a Header Injection vulnerability ...)
+CVE-2018-1000883
 	NOT-FOR-US: Elixir Plug, different from src:elixir-lang
 CVE-2018-20317
 	RESERVED
@@ -1550,11 +1547,11 @@ CVE-2018-20309
 	RESERVED
 CVE-2018-20308
 	RESERVED
-CVE-2018-1000882 (WeBid version up to current version 1.2.2 contains a Directory ...)
+CVE-2018-1000882
 	NOT-FOR-US: WeBid Auction Script
-CVE-2018-1000881 (Traccar Traccar Server version 4.0 and earlier contains a CWE-94: ...)
+CVE-2018-1000881
 	NOT-FOR-US: Traccar Traccar Server
-CVE-2018-1000880 (libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 ...)
+CVE-2018-1000880
 	{DSA-4360-1}
 	- libarchive 3.3.3-2 (bug #916960)
 	[jessie] - libarchive <not-affected> (Vulnerable code introduced later)
@@ -1562,7 +1559,7 @@ CVE-2018-1000880 (libarchive version commit 9693801580c0cf7c70e862d305270a16b528
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced by: https://github.com/libarchive/libarchive/commit/9693801580c0cf7c70e862d305270a16b52826a7
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/9c84b7426660c09c18cc349f6d70b5f8168b5680
-CVE-2018-1000879 (libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 ...)
+CVE-2018-1000879
 	- libarchive 3.3.3-2 (bug #916962)
 	[stretch] - libarchive <not-affected> (Vulnerable code introduced later)
 	[jessie] - libarchive <not-affected> (Vulnerable code introduced later)
@@ -1570,58 +1567,58 @@ CVE-2018-1000879 (libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd554
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced in: https://github.com/libarchive/libarchive/commit/379867ecb330b3a952fb7bfa7bffb7bbd5547205 (3.3.0)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175
-CVE-2018-1000878 (libarchive version commit 416694915449219d505531b1096384f3237dd6cc ...)
+CVE-2018-1000878
 	{DSA-4360-1 DLA-1612-1}
 	- libarchive 3.3.3-2 (bug #916963)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced after: https://github.com/libarchive/libarchive/commit/416694915449219d505531b1096384f3237dd6cc
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28
-CVE-2018-1000877 (libarchive version commit 416694915449219d505531b1096384f3237dd6cc ...)
+CVE-2018-1000877
 	{DSA-4360-1 DLA-1612-1}
 	- libarchive 3.3.3-2 (bug #916964)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced after: https://github.com/libarchive/libarchive/commit/416694915449219d505531b1096384f3237dd6cc
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/021efa522ad729ff0f5806c4ce53e4a6cc1daa31
-CVE-2018-1000876 (binutils version 2.32 and earlier contains a Integer Overflow ...)
+CVE-2018-1000876
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23994
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f
-CVE-2018-1000875 (Berkeley Open Infrastructure for Network Computing BOINC Server and ...)
+CVE-2018-1000875
 	NOT-FOR-US: BOINC server (src:boinc only covers the client)
-CVE-2018-1000874 (PHP cebe markdown parser version 1.2.0 and earlier contains a Cross ...)
+CVE-2018-1000874
 	NOT-FOR-US: cebe markdown parser (different from src:php-markdown)
-CVE-2018-1000873 (Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper ...)
+CVE-2018-1000873
 	NOT-FOR-US: Fasterxml Jackson Jackson-Modules-Java8 module
-CVE-2018-1000872 (OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: ...)
+CVE-2018-1000872
 	- python-pykmip 0.7.0-3 (low; bug #917030)
 	[stretch] - python-pykmip <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenKMIP/PyKMIP/commit/3a7b880bdf70d295ed8af3a5880bab65fa6b3932
 	NOTE: https://github.com/OpenKMIP/PyKMIP/issues/430
-CVE-2018-1000871 (HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL ...)
+CVE-2018-1000871
 	- hoteldruid 2.3.0-2 (low; bug #917099)
 	[stretch] - hoteldruid <no-dsa> (Minor issue)
 	[jessie] - hoteldruid <no-dsa> (Minor issue)
 	NOTE: https://www.exploit-db.com/exploits/45976
-CVE-2018-1000870 (PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in ...)
+CVE-2018-1000870
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040
 	NOTE: https://github.com/phpipam/phpipam/issues/2326
-CVE-2018-1000869 (phpIPAM version 1.3.2 contains a CWE-89 vulnerability in ...)
+CVE-2018-1000869
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d
 	NOTE: https://github.com/phpipam/phpipam/issues/2344
-CVE-2018-1000868 (WeBid version up to current version 1.2.2 contains a Cross Site ...)
+CVE-2018-1000868
 	NOT-FOR-US: WeBid Auction Script
-CVE-2018-1000867 (WeBid version up to current version 1.2.2 contains a SQL Injection ...)
+CVE-2018-1000867
 	NOT-FOR-US: WeBid Auction Script
-CVE-2018-1000860 (phpipam version 1.3.2 and earlier contains a Cross Site Scripting ...)
+CVE-2018-1000860
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/issues/2338
-CVE-2018-1000858 (GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery ...)
+CVE-2018-1000858
 	- gnupg2 2.2.12-1
 	[stretch] - gnupg2 <no-dsa> (Minor issue)
 	[jessie] - gnupg2 <not-affected> (Vulnerable code was introduced later)
@@ -1632,132 +1629,132 @@ CVE-2018-1000858 (GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request For
 	NOTE: https://sektioneins.de/en/blog/18-11-23-gnupg-wkd.html
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=fa1b1eaa4241ff3f0634c8bdf8591cbc7c464144 (master)
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=4a4bb874f63741026bd26264c43bb32b1099f060 (2.2.12)
-CVE-2018-1000857 (log-user-session version 0.7 and earlier contains a Directory ...)
+CVE-2018-1000857
 	NOT-FOR-US: log-user-session
-CVE-2018-1000856 (DomainMOD version 4.09.03 and above. Also verified in the latest ...)
+CVE-2018-1000856
 	NOT-FOR-US: DomainMOD
-CVE-2018-1000855 (easymon version 1.4 and earlier contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000855
 	NOT-FOR-US: easymon
-CVE-2018-1000854 (esigate.org esigate version 5.2 and earlier contains a CWE-74: ...)
+CVE-2018-1000854
 	NOT-FOR-US: esigate
-CVE-2018-1000852 (FreeRDP FreeRDP 2.0.0-rc3 released version before commit ...)
+CVE-2018-1000852
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FreeRDP/FreeRDP/issues/4866
 	NOTE: https://github.com/FreeRDP/FreeRDP/pull/4871
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/baee520e3dd9be6511c45a14c5f5e77784de1471
-CVE-2018-1000851 (Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a ...)
+CVE-2018-1000851
 	NOT-FOR-US: Copay Bitcoin Wallet
-CVE-2018-1000850 (Square Retrofit version versions from (including) 2.0 and 2.5.0 ...)
+CVE-2018-1000850
 	NOT-FOR-US: Square Retrofit
-CVE-2018-1000849 (Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 ...)
+CVE-2018-1000849
 	NOT-FOR-US: Alpine Linux
-CVE-2018-1000848 (Wampserver version prior to version 3.1.5 contains a Cross Site ...)
+CVE-2018-1000848
 	NOT-FOR-US: Wampserver
-CVE-2018-1000847 (FreshDNS version 1.0.3 and prior contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000847
 	NOT-FOR-US: FreshDNS
-CVE-2018-1000846 (FreshDNS version 1.0.3 and earlier contains a Cross ite Request ...)
+CVE-2018-1000846
 	NOT-FOR-US: FreshDNS
 CVE-2018-1000845
 	REJECTED
-CVE-2018-1000844 (Square Open Source Retrofit version Prior to commit ...)
+CVE-2018-1000844
 	NOT-FOR-US: Square Retrofit
-CVE-2018-1000843 (Luigi version prior to version 2.8.0; after commit ...)
+CVE-2018-1000843
 	NOT-FOR-US: Luigi
-CVE-2018-1000842 (FatFreeCRM version &lt;=0.14.1, &gt;=0.15.0 &lt;=0.15.1, &gt;=0.16.0 &lt;=0.16.3, ...)
+CVE-2018-1000842
 	NOT-FOR-US: FatFreeCRM
-CVE-2018-1000841 (Zend.To version Prior to 5.15-1 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000841
 	NOT-FOR-US: Zend.To
-CVE-2018-1000840 (Processing Foundation Processing version 3.4 and earlier contains a ...)
+CVE-2018-1000840
 	NOT-FOR-US: Processing Foundation Processing
-CVE-2018-1000839 (LH-EHR version REL-2_0_0 contains a Arbitrary File Upload ...)
+CVE-2018-1000839
 	NOT-FOR-US: LH-EHR
-CVE-2018-1000838 (autopsy version &lt;= 4.9.0 contains a XML External Entity (XXE) ...)
+CVE-2018-1000838
 	- autopsy <not-affected> (The ancient version in Debian predates the Java rewrite)
-CVE-2018-1000837 (UML Designer version &lt;= 8.0.0 contains a XML External Entity (XXE) ...)
+CVE-2018-1000837
 	NOT-FOR-US: UML designer
-CVE-2018-1000836 (bw-calendar-engine version &lt;= bw-calendar-engine-3.12.0 contains a XML ...)
+CVE-2018-1000836
 	NOT-FOR-US: bw-calendar-engine
-CVE-2018-1000835 (KeePassDX version &lt;= 2.5.0.0beta17 contains a XML External Entity ...)
+CVE-2018-1000835
 	NOT-FOR-US: KeePassDX
-CVE-2018-1000834 (runelite version &lt;= runelite-parent-1.4.23 contains a XML External ...)
+CVE-2018-1000834
 	NOT-FOR-US: runelite
-CVE-2018-1000833 (ZoneMinder version &lt;= 1.32.2 contains a Other/Unknown vulnerability in ...)
+CVE-2018-1000833
 	[experimental] - zoneminder 1.32.3-1
 	- zoneminder 1.32.3-2 (bug #917024)
 	NOTE: https://0dd.zone/2018/10/28/zoneminder-Object-Injection-2/
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2272
 	NOTE: https://github.com/ZoneMinder/zoneminder/pull/2273
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/f790eacc92f687442ae24df7a48f54861a4518b3 (1.32.3)
-CVE-2018-1000832 (ZoneMinder version &lt;= 1.32.2 contains a Other/Unknown vulnerability in ...)
+CVE-2018-1000832
 	[experimental] - zoneminder 1.32.3-1
 	- zoneminder 1.32.3-2 (bug #917024)
 	NOTE: https://0dd.zone/2018/10/28/zoneminder-Object-Injection/
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2271
 	NOTE: https://github.com/ZoneMinder/zoneminder/pull/2273
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/f790eacc92f687442ae24df7a48f54861a4518b3 (1.32.3)
-CVE-2018-1000831 (K9Mail version &lt;= v5.600 contains a XML External Entity (XXE) ...)
+CVE-2018-1000831
 	NOT-FOR-US: K9Mail
-CVE-2018-1000830 (XR3Player version &lt;= V3.124 contains a XML External Entity (XXE) ...)
+CVE-2018-1000830
 	NOT-FOR-US: XR3Player
-CVE-2018-1000829 (Anyplace version before commit 80359b4 contains a XML External Entity ...)
+CVE-2018-1000829
 	NOT-FOR-US: Anyplace navigation service
-CVE-2018-1000828 (FrostWire version &lt;= frostwire-desktop-6.7.4-build-272 contains a XML ...)
+CVE-2018-1000828
 	NOT-FOR-US: FrostWire
-CVE-2018-1000827 (Ubilling version &lt;= 0.9.2 contains a Other/Unknown vulnerability in ...)
+CVE-2018-1000827
 	NOT-FOR-US: Ubilling
-CVE-2018-1000826 (Microweber version &lt;= 1.0.7 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000826
 	NOT-FOR-US: Microweber
-CVE-2018-1000825 (FreeCol version &lt;= nightly-2018-08-22 contains a XML External Entity ...)
+CVE-2018-1000825
 	- freecol <unfixed> (bug #917023; low)
 	[buster] - freecol <no-dsa> (Minor issue)
 	[stretch] - freecol <no-dsa> (Minor issue)
 	[jessie] - freecol <end-of-life> (Games are not supported)
 	NOTE: https://github.com/FreeCol/freecol/issues/26
-CVE-2018-1000824 (MegaMek version &lt; v0.45.1 contains a Other/Unknown vulnerability in ...)
+CVE-2018-1000824
 	NOT-FOR-US: MegaMek
-CVE-2018-1000823 (exist version &lt;= 5.0.0-RC4 contains a XML External Entity (XXE) ...)
+CVE-2018-1000823
 	NOT-FOR-US: eXist DB
-CVE-2018-1000822 (codelibs fess version before commit faa265b contains a XML External ...)
+CVE-2018-1000822
 	NOT-FOR-US: codelibs fess
-CVE-2018-1000821 (MicroMathematics version before commit 5c05ac8 contains a XML External ...)
+CVE-2018-1000821
 	NOT-FOR-US: MicroMathematics
-CVE-2018-1000820 (neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c ...)
+CVE-2018-1000820
 	NOT-FOR-US: neo4j-apoc-procedures
-CVE-2018-1000817 (Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to ...)
+CVE-2018-1000817
 	NOT-FOR-US: Asset Pipeline Grails Plugin
-CVE-2018-1000816 (Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site ...)
+CVE-2018-1000816
 	- grafana <removed>
 	NOTE: https://github.com/grafana/grafana/issues/13667
-CVE-2018-1000815 (Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains ...)
+CVE-2018-1000815
 	NOT-FOR-US: Brave Software Inc. Brave
-CVE-2018-1000814 (aio-libs aiohttp-session version 2.6.0 and earlier contains a ...)
+CVE-2018-1000814
 	NOT-FOR-US: aio-libs aiohttp-session
-CVE-2018-1000813 (Backdrop CMS version 1.11.0 and earlier contains a Cross Site ...)
+CVE-2018-1000813
 	- backdrop <itp> (bug #914257)
-CVE-2018-1000812 (&amp;#xc1;rtica Soluciones Tecnol&amp;#xf3;gicas Integria IMS version 5.0 MR56 ...)
+CVE-2018-1000812
 	NOT-FOR-US: Integria IMS
-CVE-2018-1000811 (bludit version 3.0.0 contains a Unrestricted Upload of File with ...)
+CVE-2018-1000811
 	NOT-FOR-US: bludit
-CVE-2018-20307 (Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and ...)
+CVE-2018-20307
 	NOT-FOR-US: Pulse Secure Virtual Traffic Manager
-CVE-2018-20306 (A stored cross-site scripting (XSS) vulnerability in the web ...)
+CVE-2018-20306
 	NOT-FOR-US: Pulse Secure Virtual Traffic Manager
-CVE-2018-20305 (D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code ...)
+CVE-2018-20305
 	NOT-FOR-US: D-Link
-CVE-2018-20304 (wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows ...)
+CVE-2018-20304
 	NOT-FOR-US: libexcel
-CVE-2018-20303 (In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal ...)
+CVE-2018-20303
 	NOT-FOR-US: Go Git Service
-CVE-2018-20302 (An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the ...)
+CVE-2018-20302
 	NOT-FOR-US: Steve Pallen Xain
-CVE-2018-20301 (An issue was discovered in Steve Pallen Coherence before 0.5.2 that is ...)
+CVE-2018-20301
 	NOT-FOR-US: Steve Pallen Coherence
-CVE-2018-20300 (Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code ...)
+CVE-2018-20300
 	NOT-FOR-US: Empire CMS
-CVE-2018-20299 (An issue was discovered in several Bosch Smart Home cameras (360 degree ...)
+CVE-2018-20299
 	NOT-FOR-US: Bosch Smart Home cameras
-CVE-2018-20298 (S3 Browser before 8.1.5 contains an XML external entity (XXE) ...)
+CVE-2018-20298
 	NOT-FOR-US: S3 Browser
 CVE-2018-20297
 	RESERVED
@@ -1847,53 +1844,53 @@ CVE-2018-20255
 	RESERVED
 CVE-2018-20254
 	RESERVED
-CVE-2018-20253 (In WinRAR versions prior to and including 5.60, There is an ...)
+CVE-2018-20253
 	NOT-FOR-US: WinRAR
-CVE-2018-20252 (In WinRAR versions prior to and including 5.60, there is an ...)
+CVE-2018-20252
 	NOT-FOR-US: WinRAR
-CVE-2018-20251 (In WinRAR versions prior to and including 5.61, there is path ...)
+CVE-2018-20251
 	NOT-FOR-US: WinRAR
-CVE-2018-20250 (In WinRAR versions prior to and including 5.61, There is path ...)
+CVE-2018-20250
 	NOT-FOR-US: WinRAR
-CVE-2018-20249 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
+CVE-2018-20249
 	NOT-FOR-US: Foxit Quick PDF Library
-CVE-2018-20248 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
+CVE-2018-20248
 	NOT-FOR-US: Foxit Quick PDF Library
-CVE-2018-20247 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where ...)
+CVE-2018-20247
 	NOT-FOR-US: Foxit Quick PDF Library
 CVE-2018-20246
 	REJECTED
-CVE-2018-20245 (The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior ...)
+CVE-2018-20245
 	- airflow <itp> (bug #819700)
-CVE-2018-20244 (In Apache Airflow before 1.10.2, a malicious admin user could edit the ...)
+CVE-2018-20244
 	- airflow <itp> (bug #819700)
 CVE-2018-20243
 	RESERVED
-CVE-2018-20242 (A carefully crafted URL could trigger an XSS vulnerability on Apache ...)
+CVE-2018-20242
 	- jspwiki <removed>
-CVE-2018-20241 (The Edit upload resource for a review in Atlassian Fisheye and ...)
+CVE-2018-20241
 	NOT-FOR-US: Atlassian
-CVE-2018-20240 (The administrative linker functionality in Atlassian Fisheye and ...)
+CVE-2018-20240
 	NOT-FOR-US: Atlassian
 CVE-2018-20239
 	RESERVED
-CVE-2018-20238 (Various rest resources in Atlassian Crowd before version 3.2.7 and ...)
+CVE-2018-20238
 	NOT-FOR-US: Atlassian
-CVE-2018-20237 (Atlassian Confluence Server and Data Center before version 6.13.1 ...)
+CVE-2018-20237
 	NOT-FOR-US: Atlassian
-CVE-2018-20236 (There was an command injection vulnerability in Sourcetree for Windows ...)
+CVE-2018-20236
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-20235 (There was an argument injection vulnerability in Atlassian Sourcetree ...)
+CVE-2018-20235
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-20234 (There was an argument injection vulnerability in Atlassian Sourcetree ...)
+CVE-2018-20234
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-20233 (The Upload add-on resource in Atlassian Universal Plugin Manager ...)
+CVE-2018-20233
 	NOT-FOR-US: Atlassian
-CVE-2018-20232 (The labels widget gadget in Atlassian Jira before version 7.6.11 and ...)
+CVE-2018-20232
 	NOT-FOR-US: Atlassian
-CVE-2018-20231 (Cross Site Request Forgery (CSRF) in the two-factor-authentication ...)
+CVE-2018-20231
 	NOT-FOR-US: two-factor-authentication plugin for WordPress
-CVE-2018-20230 (An issue was discovered in PSPP 1.2.0. There is a heap-based buffer ...)
+CVE-2018-20230
 	- pspp <unfixed> (bug #916902)
 	[stretch] - pspp <no-dsa> (Minor issue)
 	[jessie] - pspp <no-dsa> (Crash cannot be observed under normal conditions)
@@ -1903,11 +1900,11 @@ CVE-2018-20229
 	RESERVED
 	- gitlab 11.5.5+dfsg-1
 	NOTE: https://about.gitlab.com/2018/12/20/critical-security-release-gitlab-11-dot-5-dot-5-released/
-CVE-2018-20228 (Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with ...)
+CVE-2018-20228
 	NOT-FOR-US: Subsonic
-CVE-2018-20227 (RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP ...)
+CVE-2018-20227
 	NOT-FOR-US: RDF4J
-CVE-2018-20226 (An organization administrator can add a super administrator in THEHIVE ...)
+CVE-2018-20226
 	NOT-FOR-US: THEHIVE
 CVE-2018-20225
 	RESERVED
@@ -1918,20 +1915,20 @@ CVE-2018-20223
 CVE-2018-20222
 	RESERVED
 CVE-2018-20221
-	RESERVED
+	TODO: check
 CVE-2018-20220
-	RESERVED
+	TODO: check
 CVE-2018-20219
-	RESERVED
+	TODO: check
 CVE-2018-20218
-	RESERVED
-CVE-2018-20217 (A Reachable Assertion issue was discovered in the KDC in MIT Kerberos ...)
+	TODO: check
+CVE-2018-20217
 	{DLA-1643-1}
 	- krb5 1.16.2-1 (low; bug #917387)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
 	NOTE: https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
-CVE-2018-20216 (QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c ...)
+CVE-2018-20216
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -1943,12 +1940,11 @@ CVE-2018-20215
 	RESERVED
 CVE-2018-20214
 	RESERVED
-CVE-2018-20213 (wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows ...)
+CVE-2018-20213
 	NOT-FOR-US: libexcel
 CVE-2018-20212
-	RESERVED
 	- twiki <removed>
-CVE-2018-20211 (ExifTool 8.32 allows local users to gain privileges by creating a ...)
+CVE-2018-20211
 	NOT-FOR-US: Report for a Windows-specific flaw in a vintage version of libimage-exiftool-perl
 CVE-2018-20210
 	RESERVED
@@ -1968,65 +1964,65 @@ CVE-2018-20203
 	RESERVED
 CVE-2018-20202
 	RESERVED
-CVE-2018-20201 (There is a stack-based buffer over-read in the jsfNameFromString ...)
+CVE-2018-20201
 	NOT-FOR-US: Espruino 2V00
 CVE-2018-20200
 	RESERVED
-CVE-2018-20199 (A NULL pointer dereference was discovered in ifilter_bank of ...)
+CVE-2018-20199
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/24
-CVE-2018-20198 (A NULL pointer dereference was discovered in ifilter_bank of ...)
+CVE-2018-20198
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/23
-CVE-2018-20197 (There is a stack-based buffer underflow in the third instance of the ...)
+CVE-2018-20197
 	- faad2 <unfixed>
 	NOTE: https://github.com/knik0/faad2/issues/20
-CVE-2018-20196 (There is a stack-based buffer overflow in the third instance of the ...)
+CVE-2018-20196
 	- faad2 <unfixed>
 	NOTE: https://github.com/knik0/faad2/issues/19
-CVE-2018-20195 (A NULL pointer dereference was discovered in ic_predict of ...)
+CVE-2018-20195
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/25
-CVE-2018-20194 (There is a stack-based buffer underflow in the third instance of the ...)
+CVE-2018-20194
 	- faad2 <unfixed>
 	NOTE: https://github.com/knik0/faad2/issues/21
-CVE-2018-20193 (Certain Secure Access SA Series SSL VPN products (originally developed ...)
+CVE-2018-20193
 	NOT-FOR-US: Juniper
 CVE-2018-20192
 	RESERVED
-CVE-2018-20191 (hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation ...)
+CVE-2018-20191
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
-CVE-2018-20190 (In LibSass 3.5.5, a NULL Pointer Dereference in the function ...)
+CVE-2018-20190
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2786
-CVE-2018-20189 (In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has ...)
+CVE-2018-20189
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15873-1 (bug #916752)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/585/
-CVE-2018-20188 (FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator ...)
+CVE-2018-20188
 	NOT-FOR-US: FUEL CMS
-CVE-2018-20187 (A side-channel issue was discovered in Botan before 2.9.0. An attacker ...)
+CVE-2018-20187
 	[experimental] - botan 2.9.0-1
 	- botan 2.9.0-2 (bug #918732)
 	- botan1.10 <not-affected> (Vulnerable code introduced in 1.11.20)
 	NOTE: https://github.com/randombit/botan/pull/1792
 	NOTE: https://github.com/randombit/botan/commit/70aa7303acfff9eefc24598c289a84db3579ebd1
-CVE-2018-20186 (An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in ...)
+CVE-2018-20186
 	NOT-FOR-US: Bento4
-CVE-2018-20185 (In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there ...)
+CVE-2018-20185
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15880-1 (bug #916719)
 	NOTE: Partial fix: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e3977a293
@@ -2035,7 +2031,7 @@ CVE-2018-20185 (In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms,
 	NOTE: complete: Cf. https://bugs.debian.org/916719#15
 	NOTE: Fix causes more issues: https://bugzilla.suse.com/show_bug.cgi?id=1119823#c1
 	NOTE: Followup: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/c38fc0e3e465
-CVE-2018-20184 (In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based ...)
+CVE-2018-20184
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15873-1 (bug #916721)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/15d1b5fd003b
@@ -2044,45 +2040,45 @@ CVE-2018-20184 (In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-base
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/583/
 CVE-2018-20183
 	RESERVED
-CVE-2018-20182 (rdesktop versions up to and including v1.8.3 contain a Buffer Overflow ...)
+CVE-2018-20182
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20181 (rdesktop versions up to and including v1.8.3 contain an Integer ...)
+CVE-2018-20181
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20180 (rdesktop versions up to and including v1.8.3 contain an Integer ...)
+CVE-2018-20180
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20179 (rdesktop versions up to and including v1.8.3 contain an Integer ...)
+CVE-2018-20179
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20178 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds ...)
+CVE-2018-20178
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20177 (rdesktop versions up to and including v1.8.3 contain an Integer ...)
+CVE-2018-20177
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20176 (rdesktop versions up to and including v1.8.3 contain several Out-Of- ...)
+CVE-2018-20176
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20175 (rdesktop versions up to and including v1.8.3 contains several Integer ...)
+CVE-2018-20175
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20174 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds ...)
+CVE-2018-20174
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20173 (Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via ...)
+CVE-2018-20173
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-20346 (SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an ...)
+CVE-2018-20346
 	{DSA-4352-1 DLA-1613-1}
 	- sqlite3 3.25.3-1
 	[stretch] - sqlite3 <no-dsa> (Minor issue)
@@ -2093,27 +2089,27 @@ CVE-2018-20346 (SQLite before 3.25.3, when the FTS3 extension is enabled, encoun
 	NOTE: Fedora patch: https://src.fedoraproject.org/rpms/sqlite/c/d8da047b90b7eff583c50bf7fa7dc3bc37414249?branch=f28
 	NOTE: https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html
 	NOTE: Upstream change: https://www.sqlite.org/src/info/940f2adc8541a838
-CVE-2018-20172 (An issue was discovered in Nagios XI before 5.5.8. The rss_url ...)
+CVE-2018-20172
 	NOT-FOR-US: Nagios XI
-CVE-2018-20171 (An issue was discovered in Nagios XI before 5.5.8. The url parameter of ...)
+CVE-2018-20171
 	NOT-FOR-US: Nagios XI
-CVE-2018-20170 (** DISPUTED ** OpenStack Keystone through 14.0.1 has a user enumeration ...)
+CVE-2018-20170
 	NOT-FOR-US: Disputed issue in Keystone, no need to track for src:keystone
-CVE-2018-20169 (An issue was discovered in the Linux kernel before 4.19.9. The USB ...)
+CVE-2018-20169
 	- linux 4.19.9-1
 	NOTE: https://git.kernel.org/linus/704620afc70cf47abb9d6a1a57f3825d2bca49cf
-CVE-2018-20168 (Google gVisor before 2018-08-22 reuses a pagetable in a different level ...)
+CVE-2018-20168
 	NOT-FOR-US: gVisor
-CVE-2018-20166 (A file-upload vulnerability exists in Rukovoditel 2.3.1. ...)
+CVE-2018-20166
 	NOT-FOR-US: Rukovoditel
-CVE-2018-20167 (Terminology before 1.3.1 allows Remote Code Execution because popmedia ...)
+CVE-2018-20167
 	- terminology 1.3.1-1 (bug #916630)
 	[jessie] - terminology <not-affected> (vulnerable code is not present)
 	NOTE: https://phab.enlightenment.org/T7504
 	NOTE: https://git.enlightenment.org/apps/terminology.git/commit/?id=1ac204da9148e7bccb1b5f34b523e2094dfc39e2
 CVE-2018-20165
 	RESERVED
-CVE-2018-20164 (An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser ...)
+CVE-2018-20164
 	- uap-core 20190213-1 (bug #922717)
 	NOTE: https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014
 	NOTE: https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc
@@ -2121,52 +2117,52 @@ CVE-2018-20164 (An issue was discovered in regex.yaml (aka regexes.yaml) in UA-P
 CVE-2018-20163
 	RESERVED
 CVE-2018-20162
-	RESERVED
-CVE-2018-20161 (A design flaw in the BlinkForHome (aka Blink For Home) Sync Module ...)
+	TODO: check
+CVE-2018-20161
 	NOT-FOR-US: BlinkForHome (aka Blink For Home) Sync Module
 CVE-2018-20160
 	RESERVED
-CVE-2018-20159 (i-doit open 1.11.2 allows Remote Code Execution because ZIP archives ...)
+CVE-2018-20159
 	NOT-FOR-US: i-doit
 CVE-2018-20158
 	RESERVED
-CVE-2018-20157 (The data import functionality in OpenRefine through 3.1 allows an XML ...)
+CVE-2018-20157
 	NOT-FOR-US: OpenRefine
-CVE-2018-20156 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote ...)
+CVE-2018-20156
 	NOT-FOR-US: WordPress plugin wp-maintenance-mode
-CVE-2018-20155 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote ...)
+CVE-2018-20155
 	NOT-FOR-US: WordPress plugin wp-maintenance-mode
-CVE-2018-20154 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote ...)
+CVE-2018-20154
 	NOT-FOR-US: WordPress plugin wp-maintenance-mode
-CVE-2018-20146 (An issue was discovered in Liquidware ProfileUnity before 6.8.0 with ...)
+CVE-2018-20146
 	NOT-FOR-US: Liquidware ProfileUnity
-CVE-2018-20153 (In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could ...)
+CVE-2018-20153
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20152 (In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass ...)
+CVE-2018-20152
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20151 (In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation ...)
+CVE-2018-20151
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20150 (In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could ...)
+CVE-2018-20150
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
-CVE-2018-20149 (In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP ...)
+CVE-2018-20149
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
-CVE-2018-20148 (In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could ...)
+CVE-2018-20148
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20147 (In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify ...)
+CVE-2018-20147
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
@@ -2179,36 +2175,36 @@ CVE-2018-20143
 CVE-2018-20142
 	RESERVED
 CVE-2018-20141
-	RESERVED
+	TODO: check
 CVE-2018-20140
-	RESERVED
+	TODO: check
 CVE-2018-20139
 	RESERVED
-CVE-2018-20138 (PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via ...)
+CVE-2018-20138
 	NOT-FOR-US: PHP Scripts Mall Entrepreneur B2B Script
-CVE-2018-20137 (XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or ...)
+CVE-2018-20137
 	NOT-FOR-US: FUEL CMS
-CVE-2018-20136 (XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout ...)
+CVE-2018-20136
 	NOT-FOR-US: FUEL CMS
 CVE-2018-20135
 	RESERVED
 CVE-2018-20134
 	RESERVED
-CVE-2018-20133 (ymlref allows code injection. ...)
+CVE-2018-20133
 	NOT-FOR-US: ymlref
 CVE-2018-20132
 	REJECTED
-CVE-2018-20131 (The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux ...)
+CVE-2018-20131
 	NOT-FOR-US: Code42
 CVE-2018-20130
 	RESERVED
-CVE-2018-20129 (An issue was discovered in DedeCMS V5.7 SP2. ...)
+CVE-2018-20129
 	NOT-FOR-US: DedeCMS
-CVE-2018-20128 (An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback.php ...)
+CVE-2018-20128
 	NOT-FOR-US: UsualToolCMS
-CVE-2018-20127 (An issue was discovered in zzzphp cms 1.5.8. del_file in ...)
+CVE-2018-20127
 	NOT-FOR-US: zzzphp cms
-CVE-2018-20126 (hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory ...)
+CVE-2018-20126
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2216,7 +2212,7 @@ CVE-2018-20126 (hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=509f57c98e7536905bb4902363d0cba66ce7e089
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
-CVE-2018-20125 (hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of ...)
+CVE-2018-20125
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2224,7 +2220,7 @@ CVE-2018-20125 (hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a den
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2c858ce5da8ae6689c75182b73bc455a291cad41
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
-CVE-2018-20124 (hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger ...)
+CVE-2018-20124
 	- qemu <unfixed> (bug #922461; unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2233,7 +2229,7 @@ CVE-2018-20124 (hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=0e68373cc2b3a063ce067bc0cc3edaf370752890
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
 	NOTE: The issue is in PVRDMA support, cf. https://bugs.debian.org/922461#18
-CVE-2018-20123 (pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak ...)
+CVE-2018-20123
 	- qemu <unfixed> (unimportant; bug #916442)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2241,16 +2237,16 @@ CVE-2018-20123 (pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02817.html
 	NOTE: PVRDMA support not enabled until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4, and
 	NOTE: applied patch in 1:3.1+dfsg-3 reverted.
-CVE-2018-20145 (Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option ...)
+CVE-2018-20145
 	- mosquitto 1.5.5-1
 	[stretch] - mosquitto <not-affected> (Only affects 1.5.x)
 	[jessie] - mosquitto <not-affected> (Only affects 1.5.x)
 	NOTE: https://github.com/eclipse/mosquitto/commit/9097577b49b7fdcf45d30975976dd93808ccc0c4
 	NOTE: https://github.com/eclipse/mosquitto/issues/1073
-CVE-2018-20122 (The web interface on FASTGate Fastweb devices with firmware through ...)
+CVE-2018-20122
 	NOT-FOR-US: FASTGate Fastweb
 CVE-2018-20121
-	RESERVED
+	TODO: check
 CVE-2018-20120
 	RESERVED
 CVE-2018-20119
@@ -2263,7 +2259,7 @@ CVE-2018-20116
 	RESERVED
 CVE-2018-20115
 	RESERVED
-CVE-2018-20114 (On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 ...)
+CVE-2018-20114
 	NOT-FOR-US: D-Link
 CVE-2018-20113
 	REJECTED
@@ -2279,54 +2275,54 @@ CVE-2018-20108
 	REJECTED
 CVE-2018-20107
 	REJECTED
-CVE-2018-20106 (In yast2-printer up to and including version 4.0.2 the SMB printer ...)
+CVE-2018-20106
 	NOT-FOR-US: yast2-printer
 CVE-2018-20105
 	RESERVED
 CVE-2018-20104
 	RESERVED
-CVE-2018-20103 (An issue was discovered in dns.c in HAProxy through 1.8.14. In the case ...)
+CVE-2018-20103
 	- haproxy 1.8.15-1 (bug #916307)
 	[stretch] - haproxy <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - haproxy <not-affected> (Vulnerable code not present)
 	NOTE: http://git.haproxy.org/?p=haproxy.git;a=commit;h=58df5aea0a0c926b2238f65908f5e9f83d1cca25
-CVE-2018-20102 (An out-of-bounds read in dns_validate_dns_response in dns.c was ...)
+CVE-2018-20102
 	- haproxy 1.8.15-1 (bug #916308)
 	[stretch] - haproxy <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - haproxy <not-affected> (Vulnerable code not present)
 	NOTE: http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0
-CVE-2018-20101 (The codection &quot;Import users from CSV with meta&quot; plugin before 1.12.1 ...)
+CVE-2018-20101
 	NOT-FOR-US: codection "Import users from CSV with meta" plugin for WordPress
-CVE-2018-20100 (An issue was discovered on August Connect devices. Insecure data ...)
+CVE-2018-20100
 	NOT-FOR-US: August Connect
-CVE-2018-20099 (There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of ...)
+CVE-2018-20099
 	[experimental] - exiv2 <unfixed> (low)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
 	NOTE: https://github.com/Exiv2/exiv2/commit/eff0f52d0466d81beabf304e2500f3039fd90252
-CVE-2018-20098 (There is a heap-based buffer over-read in ...)
+CVE-2018-20098
 	[experimental] - exiv2 <unfixed> (low)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
 	NOTE: https://github.com/Exiv2/exiv2/commit/eff0f52d0466d81beabf304e2500f3039fd90252
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206
-CVE-2018-20097 (There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups ...)
+CVE-2018-20097
 	{DLA-1691-1}
 	- exiv2 <unfixed> (low)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
 	NOTE: https://github.com/Exiv2/exiv2/commit/203ab0db28c9666b16069d4056ac5f66f753a51d
-CVE-2018-20096 (There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf ...)
+CVE-2018-20096
 	[experimental] - exiv2 <unfixed> (low)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
-CVE-2018-20095 (An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 ...)
+CVE-2018-20095
 	NOT-FOR-US: Bento4
-CVE-2018-20094 (An issue was discovered in XXL-CONF 1.6.0. There is a path traversal ...)
+CVE-2018-20094
 	NOT-FOR-US: XXL-CONF
 CVE-2018-20093
 	RESERVED
-CVE-2018-20092 (PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory ...)
+CVE-2018-20092
 	NOT-FOR-US: PTC ThingWorx Platform
 CVE-2018-20091
 	RESERVED
@@ -2371,36 +2367,36 @@ CVE-2018-20073 [chromium stores download meta data in extended attributes]
 	[stretch] - chromium <postponed> (Wait until fixed upstream)
 CVE-2018-20072
 	RESERVED
-CVE-2018-20071 (Insufficiently strict origin checks during JIT payment app ...)
+CVE-2018-20071
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-20070 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-20070
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20069 (Failure to prevent navigation to top frame to data URLs in Navigation ...)
+CVE-2018-20069
 	- chromium <not-affected> (Specific to iOS)
-CVE-2018-20068 (Incorrect handling of 304 status codes in Navigation in Google Chrome ...)
+CVE-2018-20068
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20067 (A renderer initiated back navigation was incorrectly allowed to cancel ...)
+CVE-2018-20067
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20066 (Incorrect object lifecycle in Extensions in Google Chrome prior to ...)
+CVE-2018-20066
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20065 (Handling of URI action in PDFium in Google Chrome prior to ...)
+CVE-2018-20065
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20064 (doorGets 7.0 allows remote attackers to write to arbitrary files via ...)
+CVE-2018-20064
 	NOT-FOR-US: doorGets
-CVE-2018-20063 (An issue was discovered in Gurock TestRail 5.6.0.3853. An ...)
+CVE-2018-20063
 	NOT-FOR-US: Gurock TestRail
-CVE-2018-20062 (An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php ...)
+CVE-2018-20062
 	NOT-FOR-US: NoneCms
-CVE-2018-20061 (A SQL injection issue was discovered in ERPNext 10.x and 11.x through ...)
+CVE-2018-20061
 	NOT-FOR-US: Frappe ERPNext
-CVE-2018-20060 (urllib3 before version 1.23 does not remove the Authorization HTTP ...)
+CVE-2018-20060
 	- python-urllib3 1.24-1
 	[stretch] - python-urllib3 <no-dsa> (Minor issue)
 	[jessie] - python-urllib3 <ignored> (Minor issue)
@@ -2420,13 +2416,13 @@ CVE-2018-20060 (urllib3 before version 1.23 does not remove the Authorization HT
 	NOTE: https://github.com/urllib3/urllib3/commit/63948f3a607ed8e7a3ce9ac4e20782359896e27e
 	NOTE: https://github.com/urllib3/urllib3/commit/560bd227b90f74417ffaedebf5f8d05a8ee4f532
 	NOTE: Fixed upstream in 1.23
-CVE-2018-20059 (jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE. ...)
+CVE-2018-20059
 	NOT-FOR-US: Pippo
-CVE-2018-20058 (In Evernote before 7.6 on macOS, there is a local file path traversal ...)
+CVE-2018-20058
 	NOT-FOR-US: Evernote
-CVE-2018-20057 (An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and ...)
+CVE-2018-20057
 	NOT-FOR-US: D-Link
-CVE-2018-20056 (An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and ...)
+CVE-2018-20056
 	NOT-FOR-US: D-Link
 CVE-2018-20055
 	RESERVED
@@ -2436,9 +2432,9 @@ CVE-2018-20053
 	RESERVED
 CVE-2018-20052
 	RESERVED
-CVE-2018-20051 (Mishandling of '&gt;' on the Jooan JA-Q1H Wi-Fi camera with firmware ...)
+CVE-2018-20051
 	NOT-FOR-US: Jooan JA-Q1H Wi-Fi camera
-CVE-2018-20050 (Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with ...)
+CVE-2018-20050
 	NOT-FOR-US: Jooan JA-Q1H Wi-Fi camera
 CVE-2018-20049
 	RESERVED
@@ -2472,60 +2468,60 @@ CVE-2018-20035
 	RESERVED
 CVE-2018-20034
 	RESERVED
-CVE-2018-20033 (A Remote Code Execution vulnerability in lmgrd and vendor daemon ...)
+CVE-2018-20033
 	NOT-FOR-US: FlexNet Publisher
 CVE-2018-20032
 	RESERVED
 CVE-2018-20031
 	RESERVED
-CVE-2018-20030 (An error when processing the EXIF_IFD_INTEROPERABILITY and ...)
+CVE-2018-20030
 	- libexif 0.6.21-5.1 (bug #918730)
 	[stretch] - libexif <no-dsa> (Minor issue)
 	[jessie] - libexif <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/
 	NOTE: https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89
-CVE-2018-20029 (The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before ...)
+CVE-2018-20029
 	NOT-FOR-US: nxfs.sys driver in the DokanFS library in NoMachine on Windows
 CVE-2018-20028
 	RESERVED
-CVE-2018-20027 (The yaml_parse.load method in Pylearn2 allows code injection. ...)
+CVE-2018-20027
 	NOT-FOR-US: Pylearn2
-CVE-2018-20026 (Improper Communication Address Filtering exists in CODESYS V3 products ...)
+CVE-2018-20026
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS V3 Products
-CVE-2018-20025 (Use of Insufficiently Random Values exists in CODESYS V3 products ...)
+CVE-2018-20025
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS V3 Products
-CVE-2018-20024 (LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains ...)
+CVE-2018-20024
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/254
 	NOTE:  https://github.com/LibVNC/libvncserver/commit/4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-034-libvnc-null-pointer-dereference/
-CVE-2018-20023 (LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains ...)
+CVE-2018-20023
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/253
 	NOTE: https://github.com/LibVNC/libvncserver/commit/8b06f835e259652b0ff026898014fc7297ade858
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-033-libvnc-memory-leak/
-CVE-2018-20022 (LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains ...)
+CVE-2018-20022
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/252
 	NOTE: https://github.com/LibVNC/libvncserver/commit/2f5b2ad1c6c99b1ac6482c95844a84d66bb52838
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-032-libvnc-multiple-memory-leaks/
-CVE-2018-20021 (LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains ...)
+CVE-2018-20021
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/251
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-031-libvnc-infinite-loop/
-CVE-2018-20020 (LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains ...)
+CVE-2018-20020
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/250
 	NOTE: https://github.com/LibVNC/libvncserver/commit/09f2f3fb6a5a163e453e5c2979054670c39694bc
 	NOTE: https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-030-libvnc-heap-out-of-bound-write/
-CVE-2018-20748 (LibVNC before 0.9.12 contains multiple heap out-of-bounds write ...)
+CVE-2018-20748
 	{DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.3 (bug #920941)
 	[stretch] - libvncserver <not-affected> (Incomplete fix for CVE-2018-20019 not applied)
@@ -2533,7 +2529,7 @@ CVE-2018-20748 (LibVNC before 0.9.12 contains multiple heap out-of-bounds write
 	NOTE: https://github.com/LibVNC/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
 	NOTE: https://github.com/LibVNC/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae
-CVE-2018-20019 (LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains ...)
+CVE-2018-20019
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/247
@@ -2545,50 +2541,50 @@ CVE-2018-20019 (LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f co
 	NOTE: https://github.com/LibVNC/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
 	NOTE: https://github.com/LibVNC/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae
-CVE-2018-20018 (S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated by ...)
+CVE-2018-20018
 	NOT-FOR-US: S-CMS
-CVE-2018-20017 (SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI. ...)
+CVE-2018-20017
 	NOT-FOR-US: SEMCMS
 CVE-2018-20016
 	RESERVED
-CVE-2018-20015 (YzmCMS v5.2 has admin/role/add.html CSRF. ...)
+CVE-2018-20015
 	NOT-FOR-US: YzmCMS
 CVE-2018-20014
 	RESERVED
 CVE-2018-20013
 	RESERVED
-CVE-2018-20012 (PHPCMF 4.1.3 has XSS via the first input field to the ...)
+CVE-2018-20012
 	NOT-FOR-US: PHPCMF
-CVE-2018-20011 (DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name ...)
+CVE-2018-20011
 	NOT-FOR-US: DomainMOD
-CVE-2018-20010 (DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php ...)
+CVE-2018-20010
 	NOT-FOR-US: DomainMOD
-CVE-2018-20009 (DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL ...)
+CVE-2018-20009
 	NOT-FOR-US: DomainMOD
-CVE-2018-1000866 (A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 ...)
+CVE-2018-1000866
 	NOT-FOR-US: Jenkins
-CVE-2018-1000865 (A sandbox bypass vulnerability exists in Script Security Plugin 1.47 ...)
+CVE-2018-1000865
 	NOT-FOR-US: Jenkins
-CVE-2018-1000864 (A denial of service vulnerability exists in Jenkins 2.153 and earlier, ...)
+CVE-2018-1000864
 	NOT-FOR-US: Jenkins
-CVE-2018-1000863 (A data modification vulnerability exists in Jenkins 2.153 and earlier, ...)
+CVE-2018-1000863
 	NOT-FOR-US: Jenkins
-CVE-2018-1000862 (An information exposure vulnerability exists in Jenkins 2.153 and ...)
+CVE-2018-1000862
 	NOT-FOR-US: Jenkins
-CVE-2018-1000861 (A code execution vulnerability exists in the Stapler web framework ...)
+CVE-2018-1000861
 	NOT-FOR-US: Jenkins
 CVE-2018-20008
 	RESERVED
 CVE-2018-20007
 	RESERVED
-CVE-2018-20006 (An issue was discovered in PHPok v5.0.055. There is a Stored XSS ...)
+CVE-2018-20006
 	NOT-FOR-US: PHPok
-CVE-2018-20005 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a ...)
+CVE-2018-20005
 	- mxml <unfixed> (low)
 	[stretch] - mxml <no-dsa> (Minor issue)
 	[jessie] - mxml <ignored> (Minor issue)
 	NOTE: https://github.com/michaelrsweet/mxml/issues/234
-CVE-2018-20004 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a ...)
+CVE-2018-20004
 	{DLA-1641-1}
 	- mxml 2.12-2 (low; bug #918007)
 	[stretch] - mxml <no-dsa> (Minor issue)
@@ -2596,21 +2592,21 @@ CVE-2018-20004 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a ...
 	NOTE: Fixed by https://github.com/michaelrsweet/mxml/commit/4f5577dd4672d228e4180f06bdbd66f343ea45e0
 CVE-2018-20003
 	RESERVED
-CVE-2018-20002 (The _bfd_generic_read_minisymbols function in syms.c in the Binary File ...)
+CVE-2018-20002
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23952
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9
-CVE-2018-20001 (In Libav 12.3, there is a floating point exception in the ...)
+CVE-2018-20001
 	- libav <removed>
 	[jessie] - libav <no-dsa> (floating point exception cannot be observed on Jessie)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1141
-CVE-2018-20000 (Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as ...)
+CVE-2018-20000
 	NOT-FOR-US: Apereo Bedework bw-webdav
 CVE-2018-19999
 	RESERVED
-CVE-2018-19998 (SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 ...)
+CVE-2018-19998
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/2b088a73c121a52e006c0d76ea4da7ffeb7b4f4a
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/bacd5110fbdc81a35030fdc322775fa15ea85924
@@ -2618,20 +2614,20 @@ CVE-2018-19997
 	RESERVED
 CVE-2018-19996
 	RESERVED
-CVE-2018-19995 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 ...)
+CVE-2018-19995
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4b8be6ed64763327018ac1c076f81ddffa87855e
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/bacd5110fbdc81a35030fdc322775fa15ea85924
-CVE-2018-19994 (An error-based SQL injection vulnerability in product/card.php in ...)
+CVE-2018-19994
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/850b939ffd2c7a4443649331b923d5e0da2d6446
-CVE-2018-19993 (A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 ...)
+CVE-2018-19993
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/fc3fcc5455d9a610b85723e89e8be43a41ad1378
-CVE-2018-19992 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 ...)
+CVE-2018-19992
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/0f06e39d23636bd1e4039ac61a743c79725c798b
-CVE-2018-19991 (VeryNginx 0.3.3 allows remote attackers to bypass the Web Application ...)
+CVE-2018-19991
 	NOT-FOR-US: VeryNginx
 CVE-2018-19990
 	RESERVED
@@ -2644,18 +2640,17 @@ CVE-2018-19987
 CVE-2018-19986
 	RESERVED
 CVE-2018-19985 [USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data]
-	RESERVED
 	- linux 4.19.13-1
 	NOTE: https://git.kernel.org/linus/5146f95df782b0ac61abde36567e718692725c89
 CVE-2018-19984
 	RESERVED
-CVE-2018-19983 (An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. ...)
+CVE-2018-19983
 	NOT-FOR-US: Sigma Design Z-Wave devices
-CVE-2018-19982 (An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs ...)
+CVE-2018-19982
 	NOT-FOR-US: KT MC01507L Z-Wave S0 devices
 CVE-2018-19981
 	RESERVED
-CVE-2018-19980 (Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to ...)
+CVE-2018-19980
 	NOT-FOR-US: Anker Nebula Capsule Pro devices
 CVE-2018-19979
 	RESERVED
@@ -2663,7 +2658,7 @@ CVE-2018-19978
 	RESERVED
 CVE-2018-19977
 	RESERVED
-CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is ...)
+CVE-2018-19976
 	- yara 3.8.1-2 (bug #916932)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -2672,7 +2667,7 @@ CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is
 	NOTE: https://github.com/bnbdr/swisscheese/
 	NOTE: https://github.com/VirusTotal/yara/commit/6acc08d7329413f60e0976be017e18a581450d7a
 	NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c
-CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...)
+CVE-2018-19975
 	- yara 3.8.1-2 (bug #916932)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -2681,7 +2676,7 @@ CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can
 	NOTE: https://github.com/bnbdr/swisscheese/
 	NOTE: https://github.com/VirusTotal/yara/commit/6acc08d7329413f60e0976be017e18a581450d7a
 	NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c
-CVE-2018-19974 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...)
+CVE-2018-19974
 	- yara 3.8.1-2 (bug #916932)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -2696,16 +2691,16 @@ CVE-2018-19972
 	RESERVED
 CVE-2018-19971
 	RESERVED
-CVE-2018-19970 (In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the ...)
+CVE-2018-19970
 	{DLA-1658-1}
 	- phpmyadmin <unfixed>
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-8/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/b293ff5f234ef493336ed8638f623a12164d359e
-CVE-2018-19969 (phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a ...)
+CVE-2018-19969
 	- phpmyadmin <undetermined>
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-7/
 	TODO: check, upstream explicitly fixed only the 4.7/4.8 branch but not entirely clear if only introduced in 4.7.0, and older versions are EOLed, and only on best-effort mentioned in affected versions informations.
-CVE-2018-19968 (An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of ...)
+CVE-2018-19968
 	{DLA-1658-1}
 	- phpmyadmin <unfixed>
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-6/
@@ -2750,24 +2745,24 @@ CVE-2018-19941
 	RESERVED
 CVE-2018-19940
 	RESERVED
-CVE-2018-19939 (The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi ...)
+CVE-2018-19939
 	NOT-FOR-US: Goodix GT9xx touchscreen driver
 CVE-2018-19938
 	RESERVED
-CVE-2018-19937 (A local, authenticated attacker can bypass the passcode in the ...)
+CVE-2018-19937
 	NOT-FOR-US: VLC port/application for iOS
-CVE-2018-19936 (PrinterOn Enterprise 4.1.4 allows Arbitrary File Deletion. ...)
+CVE-2018-19936
 	NOT-FOR-US: PrinterOn Enterprise
 CVE-2018-19934
-	RESERVED
-CVE-2018-19933 (Bolt CMS &lt;3.6.2 allows XSS via text input click preview button as ...)
+	TODO: check
+CVE-2018-19933
 	NOT-FOR-US: Bolt CMS
-CVE-2018-19960 (The debug_mode function in web/web.py in OnionShare through 1.3.1, when ...)
+CVE-2018-19960
 	- onionshare 1.3.2-1 (bug #915859; unimportant)
 	[jessie] - onionshare <no-dsa> (contrib not supported)
 	NOTE: https://github.com/micahflee/onionshare/issues/837
 	NOTE: Negligible (and disputable) security impact, as the debug mode is not enabled by default
-CVE-2018-19935 (ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote ...)
+CVE-2018-19935
 	{DSA-4353-1 DLA-1608-1}
 	- php7.3 7.3.0-1
 	- php7.2 <removed>
@@ -2776,14 +2771,14 @@ CVE-2018-19935 (ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remot
 	NOTE: Fixed in 5.6.39, 7.0.33, 7.1.26, 7.2.14, 7.3.0
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77020
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=648fc1e369fc05fb9200a42c7938912236b2a318
-CVE-2018-19932 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2018-19932
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23932
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7
-CVE-2018-19931 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2018-19931
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
@@ -2796,103 +2791,103 @@ CVE-2018-19929
 	RESERVED
 CVE-2018-19928
 	RESERVED
-CVE-2018-19927 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the ...)
+CVE-2018-19927
 	NOT-FOR-US: Zenitel Norway IP-StationWeb
-CVE-2018-19926 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via ...)
+CVE-2018-19926
 	NOT-FOR-US: Zenitel Norway IP-StationWeb
-CVE-2018-19925 (An issue was discovered in Sales &amp; Company Management System (SCMS) ...)
+CVE-2018-19925
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19924 (An issue was discovered in Sales &amp; Company Management System (SCMS) ...)
+CVE-2018-19924
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19923 (An issue was discovered in Sales &amp; Company Management System (SCMS) ...)
+CVE-2018-19923
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19922 (Persistent Cross-Site Scripting (XSS) in the ...)
+CVE-2018-19922
 	NOT-FOR-US: Actiontec C1000A router
-CVE-2018-19921 (Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the domain ...)
+CVE-2018-19921
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-19920
 	RESERVED
-CVE-2018-19919 (Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php ...)
+CVE-2018-19919
 	NOT-FOR-US: Pixelimity
-CVE-2018-19918 (CuppaCMS has XSS via an SVG document uploaded to the ...)
+CVE-2018-19918
 	NOT-FOR-US: CuppaCMS
 CVE-2018-19917
-	RESERVED
+	TODO: check
 CVE-2018-19916
 	RESERVED
-CVE-2018-19915 (DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host ...)
+CVE-2018-19915
 	NOT-FOR-US: DomainMOD
-CVE-2018-19914 (DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile ...)
+CVE-2018-19914
 	NOT-FOR-US: DomainMOD
-CVE-2018-19913 (DomainMOD through 4.11.01 has XSS via the ...)
+CVE-2018-19913
 	NOT-FOR-US: DomainMOD
 CVE-2018-19912
 	RESERVED
-CVE-2018-19911 (FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote ...)
+CVE-2018-19911
 	- freeswitch <itp> (bug #389591)
 CVE-2018-19910
 	RESERVED
 CVE-2018-19909
 	RESERVED
-CVE-2018-19908 (An issue was discovered in MISP 2.4.9x before 2.4.99. In ...)
+CVE-2018-19908
 	NOT-FOR-US: MISP
 CVE-2018-1000859
 	REJECTED
 CVE-2018-1000853
 	REJECTED
-CVE-2018-19907 (A Server-Side Template Injection issue was discovered in Crafter CMS ...)
+CVE-2018-19907
 	NOT-FOR-US: Crafter CMS
-CVE-2018-19906 (Stored XSS exists in razorCMS 3.4.8 via the /#/page description ...)
+CVE-2018-19906
 	NOT-FOR-US: razorCMS
-CVE-2018-19905 (HTML injection exists in razorCMS 3.4.8 via the /#/page keywords ...)
+CVE-2018-19905
 	NOT-FOR-US: razorCMS
-CVE-2018-19904 (Persistent XSS exists in XSLT CMS via the ...)
+CVE-2018-19904
 	NOT-FOR-US: XSLT CMS
-CVE-2018-19903 (Persistent XSS exists in XSLT CMS via the ...)
+CVE-2018-19903
 	NOT-FOR-US: XSLT CMS
-CVE-2018-19902 (No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article ...)
+CVE-2018-19902
 	NOT-FOR-US: NO-CMS
-CVE-2018-19901 (No-CMS 1.1.3 is prone to Persistent XSS via the ...)
+CVE-2018-19901
 	NOT-FOR-US: NO-CMS
 CVE-2018-19900
 	RESERVED
 CVE-2018-19899
 	RESERVED
-CVE-2018-19898 (ThinkCMF X2.2.2 has SQL Injection via the method edit_post in ...)
+CVE-2018-19898
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19897 (ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in ...)
+CVE-2018-19897
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19896 (ThinkCMF X2.2.2 has SQL Injection via the function delete() in ...)
+CVE-2018-19896
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19895 (ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in ...)
+CVE-2018-19895
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19894 (ThinkCMF X2.2.2 has SQL Injection via the functions check() and ...)
+CVE-2018-19894
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19893 (SearchController.php in PbootCMS 1.2.1 has SQL injection via the ...)
+CVE-2018-19893
 	NOT-FOR-US: PbootCMS
-CVE-2018-19892 (DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php ...)
+CVE-2018-19892
 	NOT-FOR-US: DomainMOD
-CVE-2018-19891 (An invalid memory address dereference was discovered in the huffcode ...)
+CVE-2018-19891
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/24
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19890 (An invalid memory address dereference was discovered in the huffcode ...)
+CVE-2018-19890
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/20
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19889 (An invalid memory address dereference was discovered in the huffcode ...)
+CVE-2018-19889
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/22
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19888 (An invalid memory address dereference was discovered in the huffcode ...)
+CVE-2018-19888
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/25
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19887 (An invalid memory address dereference was discovered in the huffcode ...)
+CVE-2018-19887
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/21
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19886 (An invalid memory address dereference was discovered in the huffcode ...)
+CVE-2018-19886
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/23
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
@@ -2902,12 +2897,12 @@ CVE-2018-19884
 	RESERVED
 CVE-2018-19883
 	RESERVED
-CVE-2018-19882 (In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c ...)
+CVE-2018-19882
 	- mupdf <unfixed> (unimportant)
 	NOTE: Negligable security impact, crash in CLI tool
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700342
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203
-CVE-2018-19881 (In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause ...)
+CVE-2018-19881
 	- mupdf <unfixed> (unimportant)
 	NOTE: Negligable security impact, crash in CLI tool
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700342
@@ -2918,9 +2913,9 @@ CVE-2018-19879
 	RESERVED
 CVE-2018-19878
 	RESERVED
-CVE-2018-19877 (login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login ...)
+CVE-2018-19877
 	NOT-FOR-US: Adiscon LogAnalyzer
-CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would ...)
+CVE-2018-19876
 	- cairo 1.16.0-4 (bug #915801; bug #916389)
 	[stretch] - cairo <not-affected> (Vulnerable code introduced later)
 	[jessie] - cairo <not-affected> (Vulnerable code introduced later)
@@ -2934,7 +2929,7 @@ CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c,
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/commit/90e85c2493fdfa3551f202ff10282463f1e36645
 CVE-2018-1002104
 	RESERVED
-CVE-2018-1002103 (In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes ...)
+CVE-2018-1002103
 	NOT-FOR-US: minikube
 CVE-2018-1002102
 	RESERVED
@@ -2942,7 +2937,7 @@ CVE-2018-19875
 	RESERVED
 CVE-2018-19874
 	RESERVED
-CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer ...)
+CVE-2018-19873
 	{DSA-4374-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2 (low)
@@ -2952,9 +2947,9 @@ CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a b
 	NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
 	NOTE: https://codereview.qt-project.org/#/c/238749/
 	NOTE: https://github.com/qt/qtbase/commit/621ab8ab59901cc3f9bd98be709929c9eac997a8
-CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image causes a ...)
+CVE-2018-19872
 	TODO: check
-CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile ...)
+CVE-2018-19871
 	- qtimageformats-opensource-src 5.11.3-2 (low)
 	[stretch] - qtimageformats-opensource-src <no-dsa> (Minor issue)
 	[jessie] - qtimageformats-opensource-src <postponed> (Minor issue)
@@ -2965,7 +2960,7 @@ CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile .
 	NOTE: https://codereview.qt-project.org/#/c/237761/
 	NOTE: qt4-x11 affected in src/plugins/imageformats/tga/qtgafile.cpp
 	NOTE: https://github.com/qt/qtimageformats/commit/7cfe47a8fe2f987fb2a066a696fb3d9d0afe4d65
-CVE-2018-19870 (An issue was discovered in Qt before 5.11.3. A malformed GIF image ...)
+CVE-2018-19870
 	{DSA-4374-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2 (low)
@@ -2977,7 +2972,7 @@ CVE-2018-19870 (An issue was discovered in Qt before 5.11.3. A malformed GIF ima
 	NOTE: affected code can be in src/gui/image/qgifhandler.cpp or in
 	NOTE: src/plugins/imageformats/gif/qgifhandler.cpp depending on the version
 	NOTE: https://github.com/qt/qtbase/commit/2841e2b61e32f26900bde987d469c8b97ea31999
-CVE-2018-19869 (An issue was discovered in Qt before 5.11.3. A malformed SVG image ...)
+CVE-2018-19869
 	[experimental] - qtsvg-opensource-src 5.11.3-1
 	- qtsvg-opensource-src 5.11.3-2 (low)
 	[stretch] - qtsvg-opensource-src <no-dsa> (Minor issue)
@@ -2995,25 +2990,25 @@ CVE-2018-19867
 	RESERVED
 CVE-2018-19866
 	RESERVED
-CVE-2018-19865 (A keystroke logging issue was discovered in Virtual Keyboard in Qt ...)
+CVE-2018-19865
 	[experimental] - qtvirtualkeyboard-opensource-src 5.11.3+dfsg-1
 	- qtvirtualkeyboard-opensource-src 5.11.3+dfsg-2
 	NOTE: http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
-CVE-2018-19864 (NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows ...)
+CVE-2018-19864
 	NOT-FOR-US: NUUO NVRmini2 Network Video Recorder firmware
-CVE-2018-19863 (An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on ...)
+CVE-2018-19863
 	NOT-FOR-US: 1Password
-CVE-2018-19862 (Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers ...)
+CVE-2018-19862
 	NOT-FOR-US: MiniShare
-CVE-2018-19861 (Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers ...)
+CVE-2018-19861
 	NOT-FOR-US: MiniShare
 CVE-2018-19860
 	RESERVED
-CVE-2018-19859 (OpenRefine before 3.5 allows directory traversal via a relative ...)
+CVE-2018-19859
 	NOT-FOR-US: OpenRefine
-CVE-2018-19858 (PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack ...)
+CVE-2018-19858
 	NOT-FOR-US: PrinceXML
-CVE-2018-19857 (The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player ...)
+CVE-2018-19857
 	{DSA-4366-1}
 	- vlc 3.0.4-4 (bug #915760)
 	[jessie] - vlc <end-of-life> (See https://lists.debian.org/debian-security-announce/2018/msg00130.html)
@@ -3023,12 +3018,12 @@ CVE-2018-19856
 	RESERVED
 CVE-2018-19855
 	RESERVED
-CVE-2018-19854 (An issue was discovered in the Linux kernel before 4.19.3. ...)
+CVE-2018-19854
 	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/f43f39958beb206b53292801e216d9b8a660f087
-CVE-2018-19853 (An issue was discovered in hitshop through 2014-07-15. There is an ...)
+CVE-2018-19853
 	NOT-FOR-US: hitshop
 CVE-2018-19852
 	RESERVED
@@ -3036,7 +3031,7 @@ CVE-2018-19851
 	RESERVED
 CVE-2018-19850
 	RESERVED
-CVE-2018-19849 (An issue was discovered in YzmCMS 5.2. XSS exists via the ...)
+CVE-2018-19849
 	NOT-FOR-US: YzmCMS
 CVE-2018-19848
 	RESERVED
@@ -3044,51 +3039,51 @@ CVE-2018-19847
 	RESERVED
 CVE-2018-19846
 	RESERVED
-CVE-2018-19845 (There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php ...)
+CVE-2018-19845
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-19844 (FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, ...)
+CVE-2018-19844
 	NOT-FOR-US: FROG CMS
-CVE-2018-19843 (opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows ...)
+CVE-2018-19843
 	- radare2 3.1.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present in libr/asm/p/asm_x86_nz.c)
 	NOTE: https://github.com/radare/radare2/commit/f17bfd9f1da05f30f23a4dd05e9d2363e1406948
 	NOTE: https://github.com/radare/radare2/issues/12242
-CVE-2018-19842 (getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows ...)
+CVE-2018-19842
 	- radare2 3.1.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present in libr/asm/p/asm_x86_nz.c)
 	NOTE: https://github.com/radare/radare2/commit/66191f780863ea8c66ace4040d0d04a8842e8432
 	NOTE: https://github.com/radare/radare2/issues/12239
-CVE-2018-19841 (The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a ...)
+CVE-2018-19841
 	- wavpack 5.1.0-5 (bug #915565)
 	[stretch] - wavpack <no-dsa> (Minor issue)
 	[jessie] - wavpack <no-dsa> (Minor issue)
 	NOTE: https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b
 	NOTE: https://github.com/dbry/WavPack/issues/54
-CVE-2018-19840 (The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack ...)
+CVE-2018-19840
 	- wavpack 5.1.0-5 (bug #915564)
 	[stretch] - wavpack <no-dsa> (Minor issue)
 	[jessie] - wavpack <no-dsa> (Minor issue)
 	NOTE: https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
 	NOTE: https://github.com/dbry/WavPack/issues/53
-CVE-2018-19839 (In LibSass prior to 3.5.5, the function handle_error in ...)
+CVE-2018-19839
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2657
 	NOTE: https://github.com/sass/libsass/pull/2767
-CVE-2018-19838 (In LibSass prior to 3.5.5, functions inside ast.cpp for ...)
+CVE-2018-19838
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2660
-CVE-2018-19837 (In LibSass prior to 3.5.5, ...)
+CVE-2018-19837
 	- libsass 3.5.4+20180621~c0a6cf3-1
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/commit/210fdff7a65370c2ae24e022a2b35da8c423cc5f
 	NOTE: https://github.com/sass/libsass/issues/2659
-CVE-2018-19836 (In Metinfo 6.1.3, include/interface/applogin.php allows setting ...)
+CVE-2018-19836
 	NOT-FOR-US: Metinfo
-CVE-2018-19835 (Metinfo 6.1.3 has reflected XSS via the admin/column/move.php ...)
+CVE-2018-19835
 	NOT-FOR-US: Metinfo
 CVE-2018-19834
 	RESERVED
@@ -3100,54 +3095,54 @@ CVE-2018-19831
 	RESERVED
 CVE-2018-19830
 	RESERVED
-CVE-2018-19829 (Artica Integria IMS 5.0.83 has CSRF in ...)
+CVE-2018-19829
 	NOT-FOR-US: Artica Integria IMS
-CVE-2018-19828 (Artica Integria IMS 5.0.83 has XSS via the search_string parameter. ...)
+CVE-2018-19828
 	NOT-FOR-US: Artica Integria IMS
-CVE-2018-19827 (In LibSass 3.5.5, a use-after-free vulnerability exists in the ...)
+CVE-2018-19827
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2782
-CVE-2018-19826 (In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an ...)
+CVE-2018-19826
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2781
 CVE-2018-19825
 	RESERVED
-CVE-2018-19824 (In the Linux kernel through 4.19.6, a local user could exploit a ...)
+CVE-2018-19824
 	- linux 4.19.9-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1118152
 CVE-2018-19823
 	RESERVED
-CVE-2018-19822 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19822
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19821 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19821
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19820 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19820
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19819 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19819
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19818 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19818
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19817 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19817
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19816 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19816
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19815 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19815
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19814 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19814
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19813 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19813
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19812 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19812
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19811 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19811
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19810 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19810
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19809 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19809
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-1002105 (In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, ...)
+CVE-2018-1002105
 	- kubernetes <unfixed> (bug #915828)
 	NOTE: https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88
 	NOTE: https://github.com/kubernetes/kubernetes/issues/71411
@@ -3169,55 +3164,55 @@ CVE-2018-19801
 	RESERVED
 CVE-2018-19800
 	RESERVED
-CVE-2018-19799 (Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= ...)
+CVE-2018-19799
 	- dolibarr <removed>
 CVE-2018-19798
 	RESERVED
-CVE-2018-19797 (In LibSass 3.5.5, a NULL Pointer Dereference in the function ...)
+CVE-2018-19797
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2779
-CVE-2018-19796 (An open redirect in the Ninja Forms plugin before 3.3.19.1 for ...)
+CVE-2018-19796
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-19795 (ChipsBank UMPTool saves the password to the NAND with a simple ...)
+CVE-2018-19795
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-19794 (Cross-site scripting (XSS) vulnerability in UiV2Public.index in ...)
+CVE-2018-19794
 	NOT-FOR-US: ChipsBank UMPTool
-CVE-2018-19793 (jiacrontab 1.4.5 allows remote attackers to execute arbitrary commands ...)
+CVE-2018-19793
 	NOT-FOR-US: Internet2 Grouper
-CVE-2018-19792 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local ...)
+CVE-2018-19792
 	NOT-FOR-US: OpenLiteSpeed
-CVE-2018-19791 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 does not ...)
+CVE-2018-19791
 	NOT-FOR-US: OpenLiteSpeed
-CVE-2018-19790 (An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x ...)
+CVE-2018-19790
 	{DLA-1707-1}
 	- symfony 3.4.20+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
-CVE-2018-19789 (An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before ...)
+CVE-2018-19789
 	{DLA-1707-1}
 	- symfony 3.4.20+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path
-CVE-2018-19788 (A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user ...)
+CVE-2018-19788
 	{DSA-4350-1 DLA-1644-1}
 	- policykit-1 0.105-23 (bug #915332)
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/issues/74
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/14
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/2cb40c4d5feeaa09325522bd7d97910f1b59e379
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/b534a10727455409acd54018a9c91000e7626126
-CVE-2018-19787 (An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the ...)
+CVE-2018-19787
 	{DLA-1604-1}
 	- lxml 4.2.5-1
 	[stretch] - lxml <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109 (lxml-4.2.5)
-CVE-2018-19786 (HashiCorp Vault before 1.0.0 writes the master key to the server log in ...)
+CVE-2018-19786
 	NOT-FOR-US: HashiCorp Vault
-CVE-2018-19785 (PHP-Proxy through 5.1.0 has Cross-Site Scripting (XSS) via the URL ...)
+CVE-2018-19785
 	NOT-FOR-US: PHP-Proxy
-CVE-2018-19784 (The str_rot_pass function in ...)
+CVE-2018-19784
 	NOT-FOR-US: PHP-Proxy
 CVE-2018-19783
-	RESERVED
-CVE-2018-19782 (Multiple cross-site scripting (XSS) vulnerabilities in GET requests in ...)
+	TODO: check
+CVE-2018-19782
 	NOT-FOR-US: FreshRSS
 CVE-2018-19781
 	RESERVED
@@ -3227,53 +3222,53 @@ CVE-2018-19779
 	RESERVED
 CVE-2018-19778
 	RESERVED
-CVE-2018-19777 (In Artifex MuPDF 1.14.0, there is an infinite loop in the function ...)
+CVE-2018-19777
 	- mupdf <unfixed> (unimportant; bug #915137)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700301
 	NOTE: No security impact, hang in GUI/CLI tool
 CVE-2018-19776
 	RESERVED
-CVE-2018-19775 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19775
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19774 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19774
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19773 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19773
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19772 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19772
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19771 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19771
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19770 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19770
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19769 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19769
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19768 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19768
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19767 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19767
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19766 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19766
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19765 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 ...)
+CVE-2018-19765
 	NOT-FOR-US: InfoVista VistaPortal SE
 CVE-2018-19764
 	REJECTED
-CVE-2018-19763 (There is a heap-based buffer over-read at writer.c (function: ...)
+CVE-2018-19763
 	- libsixel <undetermined>
-CVE-2018-19762 (There is a heap-based buffer overflow at fromsixel.c (function: ...)
+CVE-2018-19762
 	- libsixel <undetermined>
-CVE-2018-19761 (There is an illegal address access at fromsixel.c (function: ...)
+CVE-2018-19761
 	- libsixel <undetermined>
-CVE-2018-19760 (cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. ...)
+CVE-2018-19760
 	- confuse <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649152
 	NOTE: https://github.com/martinh/libconfuse/issues/120
 	NOTE: https://github.com/martinh/libconfuse/commit/5f0e9ea4213d4047649c462e4f1b59a082af58e2
 	NOTE: Issue caused by premature exit without cleanup on an error in the caller
 	NOTE: not in the library; Negligible security impact in itself and disputed.
-CVE-2018-19759 (There is a heap-based buffer over-read at stb_image_write.h (function: ...)
+CVE-2018-19759
 	- libsixel <undetermined>
 	NOTE: https://github.com/saitoha/libsixel/issues/77
-CVE-2018-19758 (There is a heap-based buffer over-read at wav.c in wav_write_header in ...)
+CVE-2018-19758
 	{DLA-1632-1}
 	- libsndfile 1.0.28-5 (bug #917416)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
@@ -3281,29 +3276,29 @@ CVE-2018-19758 (There is a heap-based buffer over-read at wav.c in wav_write_hea
 	NOTE: https://github.com/erikd/libsndfile/issues/435
 	NOTE: https://github.com/erikd/libsndfile/commit/42132c543358cee9f7c3e9e9b15bb6c1063a608e
 	NOTE: when fixing this issue, the fix needs to be made complete to not open CVE-2019-3832
-CVE-2018-19757 (There is a NULL pointer dereference at function ...)
+CVE-2018-19757
 	- libsixel <undetermined>
-CVE-2018-19756 (There is a heap-based buffer over-read at stb_image.h (function: ...)
+CVE-2018-19756
 	TODO: check
-CVE-2018-19755 (There is an illegal address access at asm/preproc.c (function: ...)
+CVE-2018-19755
 	- nasm <unfixed> (bug #915087)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392528
 	NOTE: https://repo.or.cz/nasm.git/commit/3079f7966dbed4497e36d5067cbfd896a90358cb
-CVE-2018-19754 (Tarantella Enterprise before 3.11 allows bypassing Access Control. ...)
+CVE-2018-19754
 	NOT-FOR-US: Tarantella Enterprise
-CVE-2018-19753 (Tarantella Enterprise before 3.11 allows Directory Traversal. ...)
+CVE-2018-19753
 	NOT-FOR-US: Tarantella Enterprise
-CVE-2018-19752 (DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php ...)
+CVE-2018-19752
 	NOT-FOR-US: DomainMOD
-CVE-2018-19751 (DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php ...)
+CVE-2018-19751
 	NOT-FOR-US: DomainMOD
-CVE-2018-19750 (DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes ...)
+CVE-2018-19750
 	NOT-FOR-US: DomainMOD
-CVE-2018-19749 (DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php ...)
+CVE-2018-19749
 	NOT-FOR-US: DomainMOD
-CVE-2018-19748 (app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows ...)
+CVE-2018-19748
 	NOT-FOR-US: SDCMS
 CVE-2018-19747
 	REJECTED
@@ -3343,67 +3338,67 @@ CVE-2018-19730
 	REJECTED
 CVE-2018-19729
 	REJECTED
-CVE-2018-19728 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19728
 	NOT-FOR-US: Adobe
-CVE-2018-19727 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-19727
 	NOT-FOR-US: Adobe
-CVE-2018-19726 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-19726
 	NOT-FOR-US: Adobe
 CVE-2018-19725
 	REJECTED
-CVE-2018-19724 (Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored ...)
+CVE-2018-19724
 	NOT-FOR-US: Adobe
-CVE-2018-19723 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-19723
 	NOT-FOR-US: Adobe
-CVE-2018-19722 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-19722
 	NOT-FOR-US: Adobe
-CVE-2018-19721 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-19721
 	NOT-FOR-US: Adobe
-CVE-2018-19720 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19720
 	NOT-FOR-US: Adobe
-CVE-2018-19719 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19719
 	NOT-FOR-US: Adobe
-CVE-2018-19718 (Adobe Connect versions 9.8.1 and earlier have a session token exposure ...)
+CVE-2018-19718
 	NOT-FOR-US: Adobe
-CVE-2018-19717 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19717
 	NOT-FOR-US: Adobe
-CVE-2018-19716 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19716
 	NOT-FOR-US: Adobe
-CVE-2018-19715 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19715
 	NOT-FOR-US: Adobe
-CVE-2018-19714 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19714
 	NOT-FOR-US: Adobe
-CVE-2018-19713 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19713
 	NOT-FOR-US: Adobe
-CVE-2018-19712 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19712
 	NOT-FOR-US: Adobe
-CVE-2018-19711 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19711
 	NOT-FOR-US: Adobe
-CVE-2018-19710 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19710
 	NOT-FOR-US: Adobe
-CVE-2018-19709 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19709
 	NOT-FOR-US: Adobe
-CVE-2018-19708 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19708
 	NOT-FOR-US: Adobe
-CVE-2018-19707 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19707
 	NOT-FOR-US: Adobe
-CVE-2018-19706 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19706
 	NOT-FOR-US: Adobe
-CVE-2018-19705 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19705
 	NOT-FOR-US: Adobe
-CVE-2018-19704 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19704
 	NOT-FOR-US: Adobe
-CVE-2018-19703 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19703
 	NOT-FOR-US: Adobe
-CVE-2018-19702 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19702
 	NOT-FOR-US: Adobe
-CVE-2018-19701 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19701
 	NOT-FOR-US: Adobe
-CVE-2018-19700 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19700
 	NOT-FOR-US: Adobe
-CVE-2018-19699 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19699
 	NOT-FOR-US: Adobe
-CVE-2018-19698 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-19698
 	NOT-FOR-US: Adobe
 CVE-2018-1000819
 	REJECTED
@@ -3416,10 +3411,10 @@ CVE-2018-19696
 CVE-2018-19695
 	RESERVED
 CVE-2018-19694
-	RESERVED
-CVE-2018-19693 (An issue was discovered in tp5cms through 2017-05-25. ...)
+	TODO: check
+CVE-2018-19693
 	NOT-FOR-US: tp5cms
-CVE-2018-19692 (An issue was discovered in tp5cms through 2017-05-25. ...)
+CVE-2018-19692
 	NOT-FOR-US: tp5cms
 CVE-2018-19691
 	RESERVED
@@ -3471,9 +3466,9 @@ CVE-2018-19668
 	RESERVED
 CVE-2018-19667
 	RESERVED
-CVE-2018-19666 (The agent in OSSEC through 3.1.0 on Windows allows local users to gain ...)
+CVE-2018-19666
 	- ossec-hids <itp> (bug #361954)
-CVE-2018-19665 (The Bluetooth subsystem in QEMU mishandles negative values for length ...)
+CVE-2018-19665
 	- qemu 1:3.1+dfsg-2 (low; bug #916278)
 	[stretch] - qemu <postponed> (Revisit when final upstream patch is out)
 	[jessie] - qemu <postponed> (Revisit when final upstream patch is out)
@@ -3481,30 +3476,30 @@ CVE-2018-19665 (The Bluetooth subsystem in QEMU mishandles negative values for l
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg03570.html
 	NOTE: note that previously mentioned patch will never be merged by upstream, see
 	NOTE: https://lists.debian.org/debian-lts/2019/01/msg00073.html
-CVE-2018-19664 (libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the ...)
+CVE-2018-19664
 	- libjpeg-turbo <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305
 	NOTE: Introduced in: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/aa7459050d7a50e1d8a99488902d41fbc118a50f
 	NOTE: Fixed by: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f8cca819a4fb42aafa5f70df43c45e8c416d716f
 CVE-2018-19663
 	RESERVED
-CVE-2018-19662 (An issue was discovered in libsndfile 1.0.28. There is a buffer ...)
+CVE-2018-19662
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/429
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
 	NOTE: similar to CVE-2017-17456/CVE-2017-17457 (but not duplicate)
-CVE-2018-19661 (An issue was discovered in libsndfile 1.0.28. There is a buffer ...)
+CVE-2018-19661
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/429
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
 	NOTE: similar to CVE-2017-17456/CVE-2017-17457 (but not duplicate)
-CVE-2018-19660 (An exploitable authenticated command-injection vulnerability exists in ...)
+CVE-2018-19660
 	NOT-FOR-US: Moxa
-CVE-2018-19659 (An exploitable authenticated command-injection vulnerability exists in ...)
+CVE-2018-19659
 	NOT-FOR-US: Moxa
 CVE-2018-19658
 	RESERVED
@@ -3512,29 +3507,29 @@ CVE-2018-19657
 	RESERVED
 CVE-2018-19656
 	RESERVED
-CVE-2018-19655 (A stack-based buffer overflow in the find_green() function of dcraw ...)
+CVE-2018-19655
 	- ufraw 0.22-3.1 (unimportant; bug #890086)
 	- dcraw 9.28-2 (unimportant; bug #906529)
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19654 (An issue was discovered in Sales &amp; Company Management System (SCMS) ...)
+CVE-2018-19654
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19653 (HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent ...)
+CVE-2018-19653
 	NOT-FOR-US: HashiCorp Consul
 CVE-2018-19652
 	RESERVED
-CVE-2018-19651 (admin/functions/remote.php in Interspire Email Marketer through 6.1.6 ...)
+CVE-2018-19651
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19650 (Local attackers can trigger a stack-based buffer overflow on ...)
+CVE-2018-19650
 	NOT-FOR-US: Antiy-AVL ATool security management
-CVE-2018-19649 (XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). ...)
+CVE-2018-19649
 	NOT-FOR-US: InfoVista VistaPortal
 CVE-2018-19648
 	RESERVED
 CVE-2018-19647
 	RESERVED
-CVE-2018-19646 (The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, ...)
+CVE-2018-19646
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-19645 (An Authentication Bypass issue exists in Solutions Business Manager ...)
+CVE-2018-19645
 	NOT-FOR-US: Solutions Business Manager (SBM)
 CVE-2018-19644
 	RESERVED
@@ -3544,19 +3539,19 @@ CVE-2018-19642
 	RESERVED
 CVE-2018-19641
 	RESERVED
-CVE-2018-19640 (If the attacker manages to create files in the directory used to ...)
+CVE-2018-19640
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19639 (If supportutils before version 3.1-5.7.1 is run with -v to perform rpm ...)
+CVE-2018-19639
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19638 (In supportutils, before version 3.1-5.7.1 and if pacemaker is ...)
+CVE-2018-19638
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19637 (Supportutils, before version 3.1-5.7.1, wrote data to static file ...)
+CVE-2018-19637
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19636 (Supportutils, before version 3.1-5.7.1, when run with command line ...)
+CVE-2018-19636
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19635 (CA Service Desk Manager 14.1 and 17 contain a vulnerability that can ...)
+CVE-2018-19635
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2018-19634 (CA Service Desk Manager 14.1 and 17 contain a vulnerability that can ...)
+CVE-2018-19634
 	NOT-FOR-US: CA Service Desk Manager
 CVE-2018-19633
 	RESERVED
@@ -3564,57 +3559,57 @@ CVE-2018-19632
 	RESERVED
 CVE-2018-19631
 	RESERVED
-CVE-2018-19630 (cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE ...)
+CVE-2018-19630
 	NOT-FOR-US: uhttpd (in OpenWRT and LEDE)
 CVE-2018-19629
 	RESERVED
-CVE-2018-19628 (In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This ...)
+CVE-2018-19628
 	{DSA-4359-1}
 	- wireshark 2.6.5-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, zigbee color control support added in v2.1.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15281
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=212b18825d9b668cda23d334c48867dfa66b2b36
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-57.html
-CVE-2018-19627 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file ...)
+CVE-2018-19627
 	{DSA-4359-1}
 	- wireshark 2.6.5-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, variable buffer to find_signature introduced in 2.4.0 with OCTO support)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15279
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bdc33cfaecb1b4cf2c114ed9015713ddf8569a60
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-55.html
-CVE-2018-19626 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector ...)
+CVE-2018-19626
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15130
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5a65115ebab55cfd5ce0a855c2256e01cab6449
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-52.html
-CVE-2018-19625 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine ...)
+CVE-2018-19625
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14466
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dc4d209f39132a4ae05675a11609176ae9705cfc
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-51.html
-CVE-2018-19624 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector ...)
+CVE-2018-19624
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15280
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3e319db1107b08fc3be804b6d449143ec9aa0dec
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-56.html
-CVE-2018-19623 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector ...)
+CVE-2018-19623
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9c8645ec7b28e4d7193962ecd2a418613bf6a84f
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-53.html
-CVE-2018-19622 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector ...)
+CVE-2018-19622
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15250
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b7555d32d11862f0e500ec466ad6bfe54190076
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-54.html
-CVE-2018-19621 (server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF ...)
+CVE-2018-19621
 	NOT-FOR-US: ShowDoc
-CVE-2018-19620 (ShowDoc 2.4.1 allows remote attackers to edit other users' notes by ...)
+CVE-2018-19620
 	NOT-FOR-US: ShowDoc
 CVE-2018-19619
 	RESERVED
@@ -3622,9 +3617,9 @@ CVE-2018-19618
 	RESERVED
 CVE-2018-19617
 	RESERVED
-CVE-2018-19616 (An issue was discovered in Rockwell Automation Allen-Bradley ...)
+CVE-2018-19616
 	NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
-CVE-2018-19615 (Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted user&#226;&#128;&#153;s web browser to gain access to the affected device. ...)
+CVE-2018-19615
 	NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
 CVE-2018-19614
 	RESERVED
@@ -3636,16 +3631,16 @@ CVE-2018-19611
 	RESERVED
 CVE-2018-19610
 	RESERVED
-CVE-2018-19609 (ShowDoc 2.4.1 allows remote attackers to obtain sensitive information ...)
+CVE-2018-19609
 	NOT-FOR-US: ShowDoc
-CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a ...)
+CVE-2018-19608
 	- mbedtls 2.14.1-1 (bug #915796)
 	[stretch] - mbedtls <no-dsa> (Minor issue)
 	- polarssl <removed>
 	NOTE: http://cat.eyalro.net/
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
-CVE-2018-19607 (Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote ...)
+CVE-2018-19607
 	[experimental] - exiv2 <unfixed> (bug #915134)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/Exiv2/exiv2/commit/97e7905a8b90fcbd5e8c440ad7d55bf8ffe007e5
@@ -3660,19 +3655,19 @@ CVE-2018-19603
 	RESERVED
 CVE-2018-19602
 	RESERVED
-CVE-2018-19601 (Rhymix CMS 1.9.8.1 allows SSRF via an ...)
+CVE-2018-19601
 	NOT-FOR-US: Rhymix CMS
-CVE-2018-19600 (Rhymix CMS 1.9.8.1 allows XSS via an ...)
+CVE-2018-19600
 	NOT-FOR-US: Rhymix CMS
 CVE-2018-19599
 	RESERVED
-CVE-2018-19598 (Statamic 2.10.3 allows XSS via First Name or Last Name to the /users ...)
+CVE-2018-19598
 	NOT-FOR-US: Statamic
-CVE-2018-19597 (CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a ...)
+CVE-2018-19597
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-19596 (Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML in the ...)
+CVE-2018-19596
 	NOT-FOR-US: Zurmo
-CVE-2018-19595 (PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute ...)
+CVE-2018-19595
 	NOT-FOR-US: PbootCMS
 CVE-2018-19594
 	RESERVED
@@ -3680,7 +3675,7 @@ CVE-2018-19593
 	RESERVED
 CVE-2018-19592
 	RESERVED
-CVE-2018-19591 (In the GNU C Library (aka glibc or libc6) through 2.28, attempting to ...)
+CVE-2018-19591
 	- glibc 2.28-1 (bug #914837)
 	[stretch] - glibc <not-affected> (Vulnerable code introduced later and not backported to stretch)
 	[jessie] - glibc <not-affected> (Vulnerable code introduced later and not backported to jessie)
@@ -3694,7 +3689,7 @@ CVE-2018-19589
 	RESERVED
 CVE-2018-19588
 	RESERVED
-CVE-2018-19587 (In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c ...)
+CVE-2018-19587
 	NOT-FOR-US: Cesanta Mongoose
 	NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
 CVE-2018-19586
@@ -3767,65 +3762,65 @@ CVE-2018-19569
 	RESERVED
 	- gitlab 11.3.11+dfsg-1
 	NOTE: https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
-CVE-2018-19568 (A floating point exception in kodak_radc_load_raw in dcraw through 9.28 ...)
+CVE-2018-19568
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19567 (A floating point exception in parse_tiff_ifd in dcraw through 9.28 ...)
+CVE-2018-19567
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19566 (A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could ...)
+CVE-2018-19566
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19565 (A buffer over-read in crop_masked_pixels in dcraw through 9.28 could be ...)
+CVE-2018-19565
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19564 (Stored XSS was discovered in the Easy Testimonials plugin 3.2 for ...)
+CVE-2018-19564
 	NOT-FOR-US: Easy Testimonials plugin for WordPress
 CVE-2018-19563
 	RESERVED
-CVE-2018-19562 (An issue was discovered in PHPok 4.9.015. admin.php?c=update&amp;f=unzip ...)
+CVE-2018-19562
 	NOT-FOR-US: PHPok
-CVE-2018-19561 (sikcms 1.1 has CSRF via admin.php?m=Admin&amp;c=Users&amp;a=userAdd to add an ...)
+CVE-2018-19561
 	NOT-FOR-US: sikcms
-CVE-2018-19560 (BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate ...)
+CVE-2018-19560
 	NOT-FOR-US: BageCMS
-CVE-2018-19559 (CuppaCMS before 2018-11-12 has SQL Injection in ...)
+CVE-2018-19559
 	NOT-FOR-US: CuppaCMS
-CVE-2018-19558 (An issue was discovered in arcms through 2018-03-19. SQL injection ...)
+CVE-2018-19558
 	NOT-FOR-US: arcms
-CVE-2018-19557 (An issue was discovered in arcms through 2018-03-19. No authentication ...)
+CVE-2018-19557
 	NOT-FOR-US: arcms
-CVE-2018-19556 (zb_system/admin/index.php?act=UploadMng in Z-BlogPHP 1.5 mishandles ...)
+CVE-2018-19556
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-19555 (tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any ...)
+CVE-2018-19555
 	NOT-FOR-US: tp4a TELEPORT
-CVE-2018-19554 (An issue was discovered in Dotcms through 5.0.3. Attackers may perform ...)
+CVE-2018-19554
 	NOT-FOR-US: dotCMS
-CVE-2018-19553 (Interspire Email Marketer through 6.1.6 has SQL Injection via an ...)
+CVE-2018-19553
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19552 (Interspire Email Marketer through 6.1.6 has SQL Injection via a ...)
+CVE-2018-19552
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19551 (Interspire Email Marketer through 6.1.6 has SQL Injection via a ...)
+CVE-2018-19551
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19550 (Interspire Email Marketer through 6.1.6 allows arbitrary file upload ...)
+CVE-2018-19550
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19549 (Interspire Email Marketer through 6.1.6 has SQL Injection via a tagids ...)
+CVE-2018-19549
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19548 (index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict ...)
+CVE-2018-19548
 	NOT-FOR-US: EduSec
-CVE-2018-19547 (JTBC(PHP) 3.0.1.7 has XSS via the ...)
+CVE-2018-19547
 	NOT-FOR-US: JTBC(PHP)
-CVE-2018-19546 (JTBC(PHP) 3.0.1.7 has CSRF via the ...)
+CVE-2018-19546
 	NOT-FOR-US: JTBC(PHP)
-CVE-2018-19545 (JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user. ...)
+CVE-2018-19545
 	NOT-FOR-US: JEECMS
-CVE-2018-19544 (JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news. ...)
+CVE-2018-19544
 	NOT-FOR-US: JEECMS
-CVE-2018-19543 (An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...)
+CVE-2018-19543
 	- jasper <removed>
 	[jessie] - jasper <postponed> (Code appears to work correctly but wait for more information)
 	NOTE: https://github.com/mdadams/jasper/issues/182
@@ -3833,29 +3828,29 @@ CVE-2018-19543 (An issue was discovered in JasPer 2.0.14. There is a heap-based
 	NOTE: introduced with the fix for CVE-2014-8138, works as expected and
 	NOTE: jasper terminates properly. Still I am going to mark this bug as
 	NOTE: postponed until we receive feedback from upstream.
-CVE-2018-19542 (An issue was discovered in JasPer 2.0.14. There is a NULL pointer ...)
+CVE-2018-19542
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
-CVE-2018-19541 (An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...)
+CVE-2018-19541
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
-CVE-2018-19540 (An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...)
+CVE-2018-19540
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
-CVE-2018-19539 (An issue was discovered in JasPer 2.0.14. There is an access violation ...)
+CVE-2018-19539
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
 CVE-2018-19538
 	RESERVED
-CVE-2018-19537 (TP-Link Archer C5 devices through V2_160201_US allow remote command ...)
+CVE-2018-19537
 	NOT-FOR-US: TP-Link Archer C5 devices
 CVE-2018-19536
 	RESERVED
-CVE-2018-19535 (In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in ...)
+CVE-2018-19535
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #915135)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
@@ -3865,37 +3860,37 @@ CVE-2018-19534
 	RESERVED
 CVE-2018-19533
 	RESERVED
-CVE-2018-19532 (A NULL pointer dereference vulnerability exists in the function ...)
+CVE-2018-19532
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916085)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/tickets/32/
 	NOTE: https://sourceforge.net/p/podofo/code/1950/
-CVE-2018-19531 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote ...)
+CVE-2018-19531
 	NOT-FOR-US: HTTL
-CVE-2018-19530 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote ...)
+CVE-2018-19530
 	NOT-FOR-US: HTTL
 CVE-2018-19529
 	RESERVED
-CVE-2018-19528 (TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a ...)
+CVE-2018-19528
 	NOT-FOR-US: TP-Link
-CVE-2018-19527 (i4 assistant 7.85 allows XSS via a crafted machine name field within ...)
+CVE-2018-19527
 	NOT-FOR-US: i4 assistant
 CVE-2018-19526
 	RESERVED
 CVE-2018-19525
-	RESERVED
+	TODO: check
 CVE-2018-19524
-	RESERVED
-CVE-2018-19523 (DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows ...)
+	TODO: check
+CVE-2018-19523
 	NOT-FOR-US: DriverAgent
-CVE-2018-19522 (DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows ...)
+CVE-2018-19522
 	NOT-FOR-US: DriverAgent
 CVE-2018-19521
 	RESERVED
-CVE-2018-19520 (An issue was discovered in SDCMS 1.6 with PHP 5.x. ...)
+CVE-2018-19520
 	NOT-FOR-US: SDCMS
-CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the ...)
+CVE-2018-19519
 	- tcpdump <unfixed> (unimportant)
 	NOTE: https://github.com/zyingp/temp/blob/master/tcpdump.md
 	NOTE: Crash in CLI tool, no security impact
@@ -3906,47 +3901,47 @@ CVE-2018-19516
 	NOTE: https://www.kde.org/info/security/advisory-20181128-1.txt
 	NOTE: https://cgit.kde.org/messagelib.git/commit/?id=34765909cdf8e55402a8567b48fb288839c61612
 CVE-2018-19515
-	RESERVED
+	TODO: check
 CVE-2018-19514
-	RESERVED
+	TODO: check
 CVE-2018-19513
-	RESERVED
+	TODO: check
 CVE-2018-19512
-	RESERVED
+	TODO: check
 CVE-2018-19511
-	RESERVED
+	TODO: check
 CVE-2018-19510
-	RESERVED
+	TODO: check
 CVE-2018-19509
-	RESERVED
-CVE-2018-19508 (CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ...)
+	TODO: check
+CVE-2018-19508
 	NOT-FOR-US: CMSimple
-CVE-2018-19507 (CMSimple 4.7.5 has XSS via an admin's use of a ...)
+CVE-2018-19507
 	NOT-FOR-US: CMSimple
-CVE-2018-19506 (Zurmo 3.2.4 has XSS via an admin's use of the name parameter in the ...)
+CVE-2018-19506
 	NOT-FOR-US: Zurmo
-CVE-2018-19505 (Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct ...)
+CVE-2018-19505
 	NOT-FOR-US: Remedy AR System Server in BMC Remedy
-CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...)
+CVE-2018-19504
 	- faad2 <unfixed> (low; bug #914641)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	[jessie] - faad2 <postponed> (Minor issue)
 	NOTE: https://sourceforge.net/p/faac/bugs/240/
-CVE-2018-19503 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...)
+CVE-2018-19503
 	- faad2 <unfixed> (bug #914641)
 	NOTE: https://sourceforge.net/p/faac/bugs/240/
-CVE-2018-19502 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...)
+CVE-2018-19502
 	- faad2 <unfixed> (bug #914641)
 	NOTE: https://sourceforge.net/p/faac/bugs/240/
 CVE-2018-19501
 	RESERVED
 CVE-2018-19500
 	RESERVED
-CVE-2018-19499 (Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code ...)
+CVE-2018-19499
 	NOT-FOR-US: Vanilla
 CVE-2018-19498
-	RESERVED
-CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c ...)
+	TODO: check
+CVE-2018-19497
 	{DLA-1610-1}
 	- sleuthkit <unfixed> (low; bug #914796)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
@@ -3968,7 +3963,7 @@ CVE-2018-19493
 	RESERVED
 	- gitlab 11.3.11+dfsg-1
 	NOTE: https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
-CVE-2018-19492 (An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue ...)
+CVE-2018-19492
 	{DLA-1597-1 DLA-1595-1}
 	- gnuplot <unfixed> (unimportant)
 	- gnuplot5 <removed> (unimportant)
@@ -3977,7 +3972,7 @@ CVE-2018-19492 (An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issu
 	NOTE: No security impact, neutralised by toolchain hardening
 	NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source,
 	NOTE: see README.Debian.security (added in 5.2.6)
-CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows ...)
+CVE-2018-19491
 	{DLA-1597-1 DLA-1595-1}
 	- gnuplot <unfixed> (unimportant)
 	- gnuplot5 <removed> (unimportant)
@@ -3985,7 +3980,7 @@ CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This issue
 	NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
 	NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source,
 	NOTE: see README.Debian.security (added in 5.2.6)
-CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue ...)
+CVE-2018-19490
 	{DLA-1597-1 DLA-1595-1}
 	- gnuplot <unfixed> (unimportant)
 	- gnuplot5 <removed> (unimportant)
@@ -3993,16 +3988,16 @@ CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This iss
 	NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
 	NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source,
 	NOTE: see README.Debian.security (added in 5.2.6)
-CVE-2018-19489 (v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a ...)
+CVE-2018-19489
 	{DLA-1646-1}
 	- qemu 1:3.1+dfsg-1 (bug #914727)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8 (master)
 CVE-2018-19488
-	RESERVED
+	TODO: check
 CVE-2018-19487
-	RESERVED
+	TODO: check
 CVE-2018-19485
 	RESERVED
 CVE-2018-19484
@@ -4017,7 +4012,7 @@ CVE-2018-19480
 	RESERVED
 CVE-2018-19479
 	RESERVED
-CVE-2018-19478 (In Artifex Ghostscript before 9.26, a carefully crafted PDF file can ...)
+CVE-2018-19478
 	{DSA-4346-1 DLA-1620-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699856
@@ -4032,9 +4027,9 @@ CVE-2018-19471
 	RESERVED
 CVE-2018-19470
 	RESERVED
-CVE-2018-19469 (ArticleCMS through 2017-02-19 has XSS via the ...)
+CVE-2018-19469
 	NOT-FOR-US: ArticleCMS
-CVE-2018-19468 (HuCart 5.7.4 has SQL injection in get_ip() in ...)
+CVE-2018-19468
 	NOT-FOR-US: HuCart
 CVE-2018-19467
 	RESERVED
@@ -4042,9 +4037,9 @@ CVE-2018-19466
 	RESERVED
 CVE-2018-19465
 	RESERVED
-CVE-2018-19464 (Discuz! X3.4 allows XSS via admin.php because ...)
+CVE-2018-19464
 	NOT-FOR-US: Discuz!
-CVE-2018-19463 (** DISPUTED ** zb_system/function/lib/upload.php in Z-BlogPHP through 1.5.1 allows remote attackers to execute arbitrary PHP code by using the image/jpeg content type in an upload to the zb_system/admin/index.php?act=UploadMng URI. NOTE: The vendor's position is &quot;We have no dynamic including. No one can run PHP by uploading an image in current version.&quot; It also requires authentication. ...)
+CVE-2018-19463
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-19462
 	RESERVED
@@ -4052,41 +4047,41 @@ CVE-2018-19461
 	RESERVED
 CVE-2018-19460
 	RESERVED
-CVE-2018-19459 (Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List ...)
+CVE-2018-19459
 	NOT-FOR-US: Adult Filter
-CVE-2018-19458 (In PHP Proxy 3.0.3, any user can read files from the server without ...)
+CVE-2018-19458
 	NOT-FOR-US: PHP Proxy
-CVE-2018-19457 (Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which ...)
+CVE-2018-19457
 	NOT-FOR-US: Logicspice FAQ Script
 CVE-2018-19456
 	RESERVED
 CVE-2018-19455
 	RESERVED
-CVE-2018-19486 (Git before 2.19.2 on Linux and UNIX executes commands from the current ...)
+CVE-2018-19486
 	- git 1:2.19.2-1
 	[stretch] - git <not-affected> (Vulnerable code introduced later)
 	[jessie] - git <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=321fd82389742398d2924640ce3a61791fd27d60
 	NOTE: Introduced by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e3a434468fecca7c14a6bef32050dfa60534fde6
-CVE-2018-19477 (psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote ...)
+CVE-2018-19477
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ef252e7dc214bcbd9a2539216aab9202848602bb (ghostscript-9.26)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=606a22e77e7f081781e99e44644cd0119f559e03 (master)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700168
-CVE-2018-19476 (psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers ...)
+CVE-2018-19476
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=67d760ab775dae4efe803b5944b0439aa3c0b04a (ghostscript-9.26)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=434753adbe8be5534bfb9b7d91746023e8073d16 (master)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700169
-CVE-2018-19475 (psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote ...)
+CVE-2018-19475
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3005fcb9bb160af199e761e03bc70a9f249a987e (ghostscript-9.26)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=aeea342904978c9fe17d85f4906a0f6fcce2d315 (master)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700153
-CVE-2018-19518 (University of Washington IMAP Toolkit 2007f on UNIX, as used in ...)
+CVE-2018-19518
 	{DSA-4353-1 DLA-1700-1 DLA-1608-1}
 	- php7.3 7.3.0-1 (bug #913775)
 	- php7.2 <removed> (bug #913835)
@@ -4126,27 +4121,27 @@ CVE-2018-19442
 	RESERVED
 CVE-2018-19441
 	RESERVED
-CVE-2018-19440 (ARM Trusted Firmware-A allows information disclosure. ...)
+CVE-2018-19440
 	NOT-FOR-US: ARM Trusted Firmware-A
-CVE-2018-19439 (XSS exists in the Administration Console in Oracle Secure Global ...)
+CVE-2018-19439
 	NOT-FOR-US: Oracle
 CVE-2018-19438
 	RESERVED
-CVE-2018-19443 (The client in Tryton 5.x before 5.0.1 tries to make a connection to the ...)
+CVE-2018-19443
 	- tryton-client <not-affected> (Only affects 5.x, vulnerable 5.0.0 version never in Debian)
 	NOTE: https://discuss.tryton.org/t/security-release-for-issue7792/830
 	NOTE: https://bugs.tryton.org/issue7792
-CVE-2018-19437 (UCMS 1.4.7 allows remote authenticated users to change the ...)
+CVE-2018-19437
 	NOT-FOR-US: UCMS
-CVE-2018-19436 (An issue was discovered in the Manufacturing component in webERP 4.15. ...)
+CVE-2018-19436
 	NOT-FOR-US: webERP
-CVE-2018-19435 (An issue was discovered in the Sales component in webERP 4.15. ...)
+CVE-2018-19435
 	NOT-FOR-US: webERP
-CVE-2018-19434 (An issue was discovered on the &quot;Bank Account Matching - Receipts&quot; ...)
+CVE-2018-19434
 	NOT-FOR-US: webERP
-CVE-2018-19433 (ShowDoc 2.4.1 has XSS via the lang parameter because ...)
+CVE-2018-19433
 	NOT-FOR-US: ShowDoc
-CVE-2018-19432 (An issue was discovered in libsndfile 1.0.28. There is a NULL pointer ...)
+CVE-2018-19432
 	{DLA-1618-1}
 	- libsndfile <unfixed> (unimportant; bug #914381)
 	NOTE: https://github.com/erikd/libsndfile/issues/427
@@ -4168,30 +4163,30 @@ CVE-2018-19426
 	RESERVED
 CVE-2018-19425
 	RESERVED
-CVE-2018-19424 (ClipperCMS 1.3.3 allows remote authenticated administrators to upload ...)
+CVE-2018-19424
 	NOT-FOR-US: ClipperCMS
-CVE-2018-19423 (Codiad 2.8.4 allows remote authenticated administrators to execute ...)
+CVE-2018-19423
 	NOT-FOR-US: Codiad
-CVE-2018-19422 (/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute ...)
+CVE-2018-19422
 	NOT-FOR-US: Subrion CMS
-CVE-2018-19421 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but ...)
+CVE-2018-19421
 	NOT-FOR-US: GetSimpleCMS
-CVE-2018-19420 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there ...)
+CVE-2018-19420
 	NOT-FOR-US: GetSimpleCMS
 CVE-2018-19419
 	RESERVED
 CVE-2018-19418
 	RESERVED
-CVE-2018-19417 (An issue was discovered in the MQTT server in Contiki-NG before 4.2. ...)
+CVE-2018-19417
 	NOT-FOR-US: Contiki-NG
-CVE-2018-19517 (An issue was discovered in sysstat 12.1.1. The remap_struct function in ...)
+CVE-2018-19517
 	[experimental] - sysstat 12.0.3-1
 	- sysstat <unfixed> (low; bug #914553)
 	[stretch] - sysstat <not-affected> (Vulnerable code introduced later)
 	[jessie] - sysstat <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/sysstat/sysstat/issues/199
 	NOTE: Fixed by: https://github.com/sysstat/sysstat/commit/fbc691eaaa10d0bcea6741d5a223dc3906106548
-CVE-2018-19416 (An issue was discovered in sysstat 12.1.1. The remap_struct function in ...)
+CVE-2018-19416
 	[experimental] - sysstat 12.0.3-1
 	- sysstat <unfixed> (low; bug #914384)
 	[stretch] - sysstat <not-affected> (Vulnerable code introduced later)
@@ -4199,19 +4194,19 @@ CVE-2018-19416 (An issue was discovered in sysstat 12.1.1. The remap_struct func
 	NOTE: https://github.com/sysstat/sysstat/issues/196
 	NOTE: Fixed by: https://github.com/sysstat/sysstat/commit/fbc691eaaa10d0bcea6741d5a223dc3906106548
 	NOTE: Vulnerable code introduced with https://github.com/sysstat/sysstat/commit/65ac30359e49ee717397e39950d7c24a6610d57c#diff-cccb0877d1539c562536a98e0d17428f
-CVE-2018-19415 (Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow ...)
+CVE-2018-19415
 	NOT-FOR-US: Plikli CMS
-CVE-2018-19414 (Multiple cross-site scripting (XSS) vulnerabilities in Plikli CMS ...)
+CVE-2018-19414
 	NOT-FOR-US: Plikli CMS
-CVE-2018-19413 (A vulnerability in the API of SonarSource SonarQube before 7.4 could ...)
+CVE-2018-19413
 	NOT-FOR-US: SonarQube
 CVE-2018-19412
 	RESERVED
-CVE-2018-19411 (PRTG Network Monitor before 18.2.40.1683 allows an authenticated user ...)
+CVE-2018-19411
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-19410 (PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated ...)
+CVE-2018-19410
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-19409 (An issue was discovered in Artifex Ghostscript before 9.26. ...)
+CVE-2018-19409
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700176
@@ -4219,20 +4214,20 @@ CVE-2018-19409 (An issue was discovered in Artifex Ghostscript before 9.26. ...)
 	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea1b3ef437f39e45874f821c06bd953196625ac5
 CVE-2018-19408
 	RESERVED
-CVE-2018-19407 (The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel ...)
+CVE-2018-19407
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/11/20/580
-CVE-2018-19406 (kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through ...)
+CVE-2018-19406
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lkml.org/lkml/2018/11/20/411
 	NOTE: Introduced by: https://git.kernel.org/linus/4180bf1b655a791a0a6ef93a2ffffc762722c782 (4.19-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/38ab012f109caf10f471db1adf284e620dd8d701 (4.20-rc5)
 CVE-2018-19405
 	RESERVED
-CVE-2018-19404 (In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php ...)
+CVE-2018-19404
 	NOT-FOR-US: YXcms
 CVE-2018-19403
 	RESERVED
@@ -4248,33 +4243,33 @@ CVE-2018-19398
 	RESERVED
 CVE-2018-19397
 	RESERVED
-CVE-2018-19396 (ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows ...)
+CVE-2018-19396
 	- php7.3 <not-affected> (Windows-specific)
 	- php7.2 <not-affected> (Windows-specific)
 	- php7.1 <not-affected> (Windows-specific)
 	- php7.0 <not-affected> (Windows-specific)
 	- php5 <not-affected> (Windows-specific)
 	NOTE: https://bugs.php.net/bug.php?id=77177
-CVE-2018-19395 (ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows ...)
+CVE-2018-19395
 	- php7.3 <not-affected> (Windows-specific)
 	- php7.2 <not-affected> (Windows-specific)
 	- php7.1 <not-affected> (Windows-specific)
 	- php7.0 <not-affected> (Windows-specific)
 	- php5 <not-affected> (Windows-specific)
 	NOTE: https://bugs.php.net/bug.php?id=77177
-CVE-2018-19394 (Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, ...)
+CVE-2018-19394
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19393 (Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that ...)
+CVE-2018-19393
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19392 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an ...)
+CVE-2018-19392
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19391 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained ...)
+CVE-2018-19391
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19390 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
+CVE-2018-19390
 	NOT-FOR-US: Foxit
-CVE-2018-19389 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
+CVE-2018-19389
 	NOT-FOR-US: Foxit
-CVE-2018-19388 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
+CVE-2018-19388
 	NOT-FOR-US: Foxit
 CVE-2018-19387
 	REJECTED
@@ -4298,7 +4293,7 @@ CVE-2018-19378
 	RESERVED
 CVE-2018-19377
 	RESERVED
-CVE-2018-19376 (An issue was discovered in GreenCMS v2.3.0603. There is a CSRF ...)
+CVE-2018-19376
 	NOT-FOR-US: GreenCMS
 CVE-2018-19375
 	RESERVED
@@ -4308,39 +4303,39 @@ CVE-2018-19373
 	RESERVED
 CVE-2018-19372
 	RESERVED
-CVE-2018-19371 (The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has ...)
+CVE-2018-19371
 	NOT-FOR-US: SDL Web
-CVE-2018-19370 (A Race condition vulnerability in unzip_file in ...)
+CVE-2018-19370
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-19369
 	RESERVED
 CVE-2018-19368
 	RESERVED
-CVE-2018-19367 (Portainer through 1.19.2 provides an API endpoint ...)
+CVE-2018-19367
 	NOT-FOR-US: Portainer
-CVE-2018-19966 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
+CVE-2018-19966
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-280.txt
-CVE-2018-19965 (An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest ...)
+CVE-2018-19965
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-279.txt
-CVE-2018-19964 (An issue was discovered in Xen 4.11.x allowing x86 guest OS users to ...)
+CVE-2018-19964
 	- xen 4.11.1-1
 	[stretch] - xen <not-affected> (Only affects 4.11)
 	[jessie] - xen <not-affected> (Only affects 4.11)
 	NOTE: https://xenbits.xen.org/xsa/advisory-277.txt
-CVE-2018-19963 (An issue was discovered in Xen 4.11 allowing HVM guest OS users to ...)
+CVE-2018-19963
 	- xen 4.11.1-1
 	[stretch] - xen <not-affected> (Only affects 4.11)
 	[jessie] - xen <not-affected> (Only affects 4.11)
 	NOTE: https://xenbits.xen.org/xsa/advisory-276.txt
-CVE-2018-19962 (An issue was discovered in Xen through 4.11.x on AMD x86 platforms, ...)
+CVE-2018-19962
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-275.txt
-CVE-2018-19961 (An issue was discovered in Xen through 4.11.x on AMD x86 platforms, ...)
+CVE-2018-19961
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-275.txt
@@ -4348,7 +4343,7 @@ CVE-2018-19366
 	RESERVED
 CVE-2018-19365
 	RESERVED
-CVE-2018-19364 (hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while ...)
+CVE-2018-19364
 	{DLA-1646-1}
 	- qemu 1:3.1+dfsg-1 (bug #914599)
 	- qemu-kvm <removed>
@@ -4356,19 +4351,19 @@ CVE-2018-19364 (hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=5b3c77aa581ebb215125c84b0742119483571e55
 CVE-2018-19363
 	RESERVED
-CVE-2018-19362 (FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to ...)
+CVE-2018-19362
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2186
 	NOTE: https://issues.apache.org/jira/browse/TINKERPOP-2121
-CVE-2018-19361 (FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to ...)
+CVE-2018-19361
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2186
 	NOTE: https://issues.apache.org/jira/browse/TINKERPOP-2121
-CVE-2018-19360 (FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to ...)
+CVE-2018-19360
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b
@@ -4378,7 +4373,7 @@ CVE-2018-19359 [Unauthorized service template creation]
 	RESERVED
 	- gitlab 11.3.10+dfsg-2 (bug #914166)
 	NOTE: https://about.gitlab.com/2018/11/19/critical-security-release-gitlab-11-dot-4-dot-6-released/
-CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve login ...)
+CVE-2018-19358
 	- gnome-keyring <unfixed> (unimportant; bug #914154)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1780365
 	NOTE: https://github.com/sungjungk/keyring_crack
@@ -4389,43 +4384,43 @@ CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve logi
 	NOTE: Non issue
 	NOTE: https://wiki.gnome.org/Projects/GnomeKeyring/SecurityFAQ
 	NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/5
-CVE-2018-19357 (XMPlay 3.8.3 allows remote attackers to execute arbitrary code or cause ...)
+CVE-2018-19357
 	NOT-FOR-US: XMPlay
 CVE-2018-19356
 	RESERVED
-CVE-2018-19355 (modules/orderfiles/ajax/upload.php in the Customer Files Upload addon ...)
+CVE-2018-19355
 	NOT-FOR-US: Customer Files Upload addon for PrestaShop
 CVE-2018-19354
 	RESERVED
-CVE-2018-19353 (The ansilove_ansi function in loaders/ansi.c in libansilove 1.0.0 ...)
+CVE-2018-19353
 	NOT-FOR-US: libansilove
-CVE-2018-19352 (Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name ...)
+CVE-2018-19352
 	- jupyter-notebook 5.7.4-1 (bug #917408)
 	NOTE: https://github.com/jupyter/notebook/commit/288b73e1edbf527740e273fcc69b889460871648
-CVE-2018-19351 (Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook ...)
+CVE-2018-19351
 	- jupyter-notebook 5.7.4-1 (bug #917409)
 	NOTE: https://github.com/jupyter/notebook/commit/107a89fce5f413fb5728c1c5d2c7788e1fb17491
-CVE-2018-19350 (In SeaCMS v6.6.4, there is stored XSS via the ...)
+CVE-2018-19350
 	NOT-FOR-US: SeaCMS
-CVE-2018-19349 (In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php ...)
+CVE-2018-19349
 	NOT-FOR-US: SeaCMS
-CVE-2018-19348 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19348
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19347 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19347
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19346 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19346
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19345 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19345
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19344 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19344
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19343 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19343
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19342 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19342
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19341 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-19341
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19340 (Guriddo Form PHP 5.3 has XSS via the ...)
+CVE-2018-19340
 	NOT-FOR-US: Guriddo Form PHP
 CVE-2018-19339
 	RESERVED
@@ -4435,41 +4430,41 @@ CVE-2018-19337
 	RESERVED
 CVE-2018-19336
 	RESERVED
-CVE-2018-19335 (Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) ...)
+CVE-2018-19335
 	NOT-FOR-US: Google Monorail
-CVE-2018-19334 (Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) ...)
+CVE-2018-19334
 	NOT-FOR-US: Google Monorail
-CVE-2018-19333 (pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows ...)
+CVE-2018-19333
 	NOT-FOR-US: gVisor
-CVE-2018-19332 (An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability ...)
+CVE-2018-19332
 	NOT-FOR-US: S-CMS
-CVE-2018-19331 (An issue was discovered in S-CMS v1.5. There is a SQL injection ...)
+CVE-2018-19331
 	NOT-FOR-US: S-CMS
 CVE-2018-19330
 	RESERVED
-CVE-2018-19329 (GreenCMS v2.3.0603 allows remote authenticated administrators to delete ...)
+CVE-2018-19329
 	NOT-FOR-US: GreenCMS
-CVE-2018-19328 (LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal. ...)
+CVE-2018-19328
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19327 (An issue was discovered in JTBC(PHP) 3.0.1.7. ...)
+CVE-2018-19327
 	NOT-FOR-US: JTBC(PHP)
-CVE-2018-19326 (Zyxel VMG1312-B10D devices before 5.13(AAXA.8)C0 allow ../ Directory ...)
+CVE-2018-19326
 	NOT-FOR-US: Zyxel
 CVE-2018-19325
 	RESERVED
-CVE-2018-19324 (kimsQ Rb 2.3.0 allows XSS via the second input field to the ...)
+CVE-2018-19324
 	NOT-FOR-US: kimsQ Rb
-CVE-2018-19323 (The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, ...)
+CVE-2018-19323
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19322 (The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 ...)
+CVE-2018-19322
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19321 (The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 ...)
+CVE-2018-19321
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19320 (The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, ...)
+CVE-2018-19320
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19319 (SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&amp;c=gifts&amp;a=update to ...)
+CVE-2018-19319
 	NOT-FOR-US: SRCMS
-CVE-2018-19318 (SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&amp;c=manager&amp;a=update to ...)
+CVE-2018-19318
 	NOT-FOR-US: SRCMS
 CVE-2018-19317
 	RESERVED
@@ -4481,9 +4476,9 @@ CVE-2018-19314
 	RESERVED
 CVE-2018-19313
 	RESERVED
-CVE-2018-19312 (Centreon 3.4.x allows SQL Injection via the searchVM parameter to the ...)
+CVE-2018-19312
 	NOT-FOR-US: Centreon
-CVE-2018-19311 (Centreon 3.4.x allows XSS via the Service field to the main.php?p=20201 ...)
+CVE-2018-19311
 	NOT-FOR-US: Centreon
 CVE-2018-19310
 	RESERVED
@@ -4503,7 +4498,7 @@ CVE-2018-19303
 	RESERVED
 CVE-2018-19302
 	RESERVED
-CVE-2018-19301 (tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted ...)
+CVE-2018-19301
 	NOT-FOR-US: tp4a TELEPORT
 CVE-2018-19300
 	RESERVED
@@ -4513,11 +4508,11 @@ CVE-2018-19298
 	RESERVED
 CVE-2018-19297
 	RESERVED
-CVE-2018-19296 (PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object ...)
+CVE-2018-19296
 	{DSA-4351-1 DLA-1591-1}
 	- libphp-phpmailer 5.2.14+dfsg-2.4 (bug #913912)
 	NOTE: https://github.com/PHPMailer/PHPMailer/commit/f1231a9771505f4f34da060390d82eadb8448271
-CVE-2018-19295 (Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper ...)
+CVE-2018-19295
 	- singularity-container 2.6.1-1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/12/2
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1111411
@@ -4527,17 +4522,17 @@ CVE-2018-19293
 	RESERVED
 CVE-2018-19292
 	RESERVED
-CVE-2018-19291 (An issue was discovered in DiliCMS 2.4.0. There is a CSRF vulnerability ...)
+CVE-2018-19291
 	NOT-FOR-US: DiliCMS
-CVE-2018-19290 (In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax ...)
+CVE-2018-19290
 	NOT-FOR-US: Budabot
-CVE-2018-19289 (An issue was discovered in Valine v1.3.3. It allows HTML injection, ...)
+CVE-2018-19289
 	NOT-FOR-US: Valine
-CVE-2018-19288 (Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the ...)
+CVE-2018-19288
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-19287 (XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote ...)
+CVE-2018-19287
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-19286 (The server in mubu note 2018-11-11 has XSS by configuring an account ...)
+CVE-2018-19286
 	NOT-FOR-US: mubu note
 CVE-2018-19285
 	RESERVED
@@ -4547,23 +4542,23 @@ CVE-2018-19283
 	RESERVED
 CVE-2018-19282
 	RESERVED
-CVE-2018-19281 (Centreon 3.4.x allows SNMP trap SQL Injection. ...)
+CVE-2018-19281
 	NOT-FOR-US: Centreon
-CVE-2018-19280 (Centreon 3.4.x has XSS via the resource name or macro expression of a ...)
+CVE-2018-19280
 	NOT-FOR-US: Centreon
-CVE-2018-19279 (PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the ...)
+CVE-2018-19279
 	NOT-FOR-US: PRIMX ZoneCentral
-CVE-2018-19278 (Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x ...)
+CVE-2018-19278
 	- asterisk <not-affected> (Vulnerable code introduced in 15.x and 16.x releases)
 	NOTE: https://downloads.asterisk.org/pub/security/AST-2018-010.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28127
-CVE-2018-19277 (securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a ...)
+CVE-2018-19277
 	NOT-FOR-US: PHPOffice
 CVE-2018-19276
-	RESERVED
+	TODO: check
 CVE-2018-19275
 	RESERVED
-CVE-2018-19274 (Passing an absolute path to a file_exists check in phpBB before 3.2.4 ...)
+CVE-2018-19274
 	{DLA-1593-1}
 	- phpbb3 <removed>
 	NOTE: https://www.phpbb.com/community/viewtopic.php?f=14&t=2492206
@@ -4572,7 +4567,7 @@ CVE-2018-19273
 	RESERVED
 CVE-2018-19272
 	RESERVED
-CVE-2018-19271 (Centreon 3.4.x allows SQL Injection via the main.php searchH parameter. ...)
+CVE-2018-19271
 	NOT-FOR-US: Centreon
 CVE-2018-19270
 	REJECTED
@@ -4616,27 +4611,27 @@ CVE-2018-19251
 	REJECTED
 CVE-2018-19250
 	REJECTED
-CVE-2018-19249 (The Stripe API v1 allows remote attackers to bypass intended access ...)
+CVE-2018-19249
 	NOT-FOR-US: Stripe API
-CVE-2018-19248 (The web service on Epson WorkForce WF-2861 10.48 ...)
+CVE-2018-19248
 	NOT-FOR-US: Epson
 CVE-2018-19247
 	RESERVED
-CVE-2018-19246 (PHP-Proxy 5.1.0 allows remote attackers to read local files if the ...)
+CVE-2018-19246
 	NOT-FOR-US: PHP-Proxy
 CVE-2018-19245
 	RESERVED
-CVE-2018-19244 (An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 ...)
+CVE-2018-19244
 	NOT-FOR-US: Charles
 CVE-2018-19243
 	RESERVED
-CVE-2018-19242 (Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and ...)
+CVE-2018-19242
 	NOT-FOR-US: TRENDnet
-CVE-2018-19241 (Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, ...)
+CVE-2018-19241
 	NOT-FOR-US: TRENDnet
-CVE-2018-19240 (Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, ...)
+CVE-2018-19240
 	NOT-FOR-US: TRENDnet
-CVE-2018-19239 (TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection ...)
+CVE-2018-19239
 	NOT-FOR-US: TRENDnet
 CVE-2018-19238
 	RESERVED
@@ -4646,73 +4641,73 @@ CVE-2018-19236
 	RESERVED
 CVE-2018-19235
 	RESERVED
-CVE-2018-19234 (The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise ...)
+CVE-2018-19234
 	NOT-FOR-US: Miss Marple Enterprise
-CVE-2018-19233 (COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users ...)
+CVE-2018-19233
 	NOT-FOR-US: Miss Marple Enterprise
-CVE-2018-19232 (The web service on Epson WorkForce WF-2861 10.48 ...)
+CVE-2018-19232
 	NOT-FOR-US: Epson
 CVE-2018-19231
 	RESERVED
 CVE-2018-19230
 	RESERVED
-CVE-2018-19229 (An issue was discovered in LAOBANCMS 2.0. It allows XSS via the ...)
+CVE-2018-19229
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19228 (An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file ...)
+CVE-2018-19228
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19227 (An issue was discovered in LAOBANCMS 2.0. It allows XSS via the ...)
+CVE-2018-19227
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19226 (An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to ...)
+CVE-2018-19226
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19225 (An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF. ...)
+CVE-2018-19225
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19224 (An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows ...)
+CVE-2018-19224
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19223 (An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first ...)
+CVE-2018-19223
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19222 (An issue was discovered in LAOBANCMS 2.0. It allows a ...)
+CVE-2018-19222
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19221 (An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via ...)
+CVE-2018-19221
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19220 (An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to ...)
+CVE-2018-19220
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19219 (In LibSass 3.5-stable, there is an illegal address access at ...)
+CVE-2018-19219
 	- libsass <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643760
-CVE-2018-19218 (In LibSass 3.5-stable, there is an illegal address access at ...)
+CVE-2018-19218
 	- libsass <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643758
-CVE-2018-19217 (In ncurses 6.1, there is a NULL pointer dereference at the function ...)
+CVE-2018-19217
 	- ncurses <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643753
 	NOTE: On Jessie the POC does not trigger a segfault.
-CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken ...)
+CVE-2018-19216
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392425
 	NOTE: Fix: https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1115758#c7
-CVE-2018-19215 (Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in ...)
+CVE-2018-19215
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392525
 	NOTE: https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19214 (Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in ...)
+CVE-2018-19214
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392521
 	NOTE: https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19213 (Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may ...)
+CVE-2018-19213
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392524
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19212 (In libwebm through 2018-10-03, there is an abort caused by ...)
+CVE-2018-19212
 	NOT-FOR-US: libwebm
 	NOTE: Chromium and qtwebengine bundle the library, but not a security issue there
-CVE-2018-19211 (In ncurses 6.1, there is a NULL pointer dereference at function ...)
+CVE-2018-19211
 	NOTE: Duplicate of CVE-2018-10754
-CVE-2018-19210 (In LibTIFF 4.0.9, there is a NULL pointer dereference in the ...)
+CVE-2018-19210
 	{DLA-1680-1}
 	- tiff 4.0.10-4 (bug #913675)
 	[stretch] - tiff <postponed> (Minor issue, revisit when fixed upstream)
@@ -4720,94 +4715,94 @@ CVE-2018-19210 (In LibTIFF 4.0.9, there is a NULL pointer dereference in the ...
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2820
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/d0a842c5dbad2609aed43c701a12ed12461d3405
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/38ede78b13810ff0fa8e61f86ef9aa0ab2964668
-CVE-2018-19209 (Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the ...)
+CVE-2018-19209
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392522
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19208 (In libwpd 0.10.2, there is a NULL pointer dereference in the function ...)
+CVE-2018-19208
 	- libwpd 0.10.2-3 (low; bug #913702)
 	[stretch] - libwpd <no-dsa> (Minor issue)
 	[jessie] - libwpd <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643752
 	NOTE: Patch used in Fedora: https://src.fedoraproject.org/rpms/libwpd/raw/e42834b844f3282d8ccb0889abf1b33f3f71e02f/f/0001-Resolves-rhbz-1643752-bounds-check-m_currentTable-ac.patch
-CVE-2018-19204 (PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated ...)
+CVE-2018-19204
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-19203 (PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated ...)
+CVE-2018-19203
 	NOT-FOR-US: PRTG Network Monitor
 CVE-2018-19202
 	RESERVED
 CVE-2018-19201
 	RESERVED
-CVE-2018-19200 (An issue was discovered in uriparser before 0.9.0. UriCommon.c allows ...)
+CVE-2018-19200
 	{DLA-1581-1}
 	- uriparser 0.9.0-1 (bug #913817)
 	[stretch] - uriparser 0.8.4-1+deb9u1
 	NOTE: https://github.com/uriparser/uriparser/commit/f58c25069cf4a986fe17a80c5b38687e31feb539
-CVE-2018-19199 (An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an ...)
+CVE-2018-19199
 	{DLA-1581-1}
 	- uriparser 0.9.0-1 (bug #913817)
 	[stretch] - uriparser 0.8.4-1+deb9u1
 	NOTE: https://github.com/uriparser/uriparser/commit/f76275d4a91b28d687250525d3a0c5509bbd666f
-CVE-2018-19198 (An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an ...)
+CVE-2018-19198
 	{DLA-1581-1}
 	- uriparser 0.9.0-1 (bug #913817)
 	[stretch] - uriparser 0.8.4-1+deb9u1
 	NOTE: https://github.com/uriparser/uriparser/commit/864f5d4c127def386dd5cc926ad96934b297f04e
-CVE-2018-19207 (The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before ...)
+CVE-2018-19207
 	NOT-FOR-US: WordPress plugin wp-gdpr-compliance
-CVE-2018-19206 (steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use ...)
+CVE-2018-19206
 	{DSA-4344-1}
 	- roundcube 1.3.8+dfsg.1-1
 	NOTE: https://roundcube.net/news/2018/10/26/update-1.3.8-released
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6410
 	NOTE: https://github.com/roundcube/roundcubemail/commit/102fbf1169116fef32a940b9fb1738bc45276059 (released-1.3)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/adcac3b9de2728c34c4d2b107e54823b6a7f6a5b (master)
-CVE-2018-19205 (Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection ...)
+CVE-2018-19205
 	- roundcube 1.3.8+dfsg.1-1
 	[stretch] - roundcube <ignored> (Relies on php-crypt-gpg, not in stretch. Old version in 1.3 doesn't verify signature anyway)
 	NOTE: https://roundcube.net/news/2018/07/27/update-1.3.7-released
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6289
 	NOTE: https://github.com/roundcube/roundcubemail/commit/94da947855329c5062ec2a7098eb86fb675aac37 (release-1.3)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/2fa112bd836e5e144e270bda11c9fda1a66a22ae (master)
-CVE-2018-19197 (An issue was discovered in XiaoCms 20141229. ...)
+CVE-2018-19197
 	NOT-FOR-US: XiaoCms
-CVE-2018-19196 (An issue was discovered in XiaoCms 20141229. It allows remote attackers ...)
+CVE-2018-19196
 	NOT-FOR-US: XiaoCms
-CVE-2018-19195 (An issue was discovered in XiaoCms 20141229. There is XSS related to ...)
+CVE-2018-19195
 	NOT-FOR-US: XiaoCms
-CVE-2018-19194 (An issue was discovered in XiaoCms 20141229. ...)
+CVE-2018-19194
 	NOT-FOR-US: XiaoCms
-CVE-2018-19193 (An issue was discovered in XiaoCms 20141229. There is XSS via the ...)
+CVE-2018-19193
 	NOT-FOR-US: XiaoCms
-CVE-2018-19192 (An issue was discovered in XiaoCms 20141229. ...)
+CVE-2018-19192
 	NOT-FOR-US: XiaoCms
 CVE-2018-19191
-	RESERVED
-CVE-2018-19190 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+	TODO: check
+CVE-2018-19190
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19189 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+CVE-2018-19189
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19188 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+CVE-2018-19188
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19187 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+CVE-2018-19187
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19186 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+CVE-2018-19186
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19185 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
+CVE-2018-19185
 	NOT-FOR-US: libIEC61850
-CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to ...)
+CVE-2018-19184
 	NOT-FOR-US: Go Ethereum
-CVE-2018-19183 (ethereumjs-vm 2.4.0 allows attackers to cause a denial of service ...)
+CVE-2018-19183
 	NOT-FOR-US: ethereumjs-vm
-CVE-2018-19182 (Engelsystem before commit hash 2e28336 allows CSRF. ...)
+CVE-2018-19182
 	NOT-FOR-US: Engelsystem
-CVE-2018-19181 (statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows ...)
+CVE-2018-19181
 	NOT-FOR-US: YUNUCMS
-CVE-2018-19180 (statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if ...)
+CVE-2018-19180
 	NOT-FOR-US: YUNUCMS
 CVE-2018-19179
 	RESERVED
-CVE-2018-19178 (In JEESNS 1.3, ...)
+CVE-2018-19178
 	NOT-FOR-US: JEESNS
 CVE-2018-19177
 	RESERVED
@@ -4823,11 +4818,11 @@ CVE-2018-19172
 	RESERVED
 CVE-2018-19171
 	RESERVED
-CVE-2018-19170 (In JPress v1.0-rc.5, there is stored XSS via each of the first three ...)
+CVE-2018-19170
 	NOT-FOR-US: JPress
 CVE-2018-19169
 	RESERVED
-CVE-2018-19168 (Shell Metacharacter Injection in www/modules/save.php in FruityWifi ...)
+CVE-2018-19168
 	NOT-FOR-US: FruityWifi
 CVE-2018-19167
 	RESERVED
@@ -4848,7 +4843,7 @@ CVE-2018-19160
 CVE-2018-19159
 	RESERVED
 CVE-2018-19158
-	RESERVED
+	TODO: check
 CVE-2018-19157
 	RESERVED
 CVE-2018-19156
@@ -4863,84 +4858,84 @@ CVE-2018-19152
 	RESERVED
 CVE-2018-19151
 	RESERVED
-CVE-2018-19150 (Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in ...)
+CVE-2018-19150
 	NOT-FOR-US: pdfforge PDF Architect
-CVE-2018-19149 (Poppler before 0.70.0 has a NULL pointer dereference in ...)
+CVE-2018-19149
 	- poppler <unfixed> (unimportant; bug #914600)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/664
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649457#c3
 	NOTE: https://github.com/freedesktop/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
-CVE-2018-19148 (Caddy through 0.11.0 sends incorrect certificates for certain invalid ...)
+CVE-2018-19148
 	- caddy <itp> (bug #810890)
 CVE-2018-19147
 	RESERVED
 CVE-2018-19146
 	RESERVED
-CVE-2018-19145 (An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in ...)
+CVE-2018-19145
 	NOT-FOR-US: S-CMS
 CVE-2018-19144
 	RESERVED
 CVE-2018-19140
 	RESERVED
-CVE-2018-19139 (An issue has been found in JasPer 2.0.14. There is a memory leak in ...)
+CVE-2018-19139
 	- jasper <removed> (low)
 	[jessie] - jasper <postponed> (can be fixed later)
 	NOTE: https://github.com/mdadams/jasper/issues/188
-CVE-2018-19138 (WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI. ...)
+CVE-2018-19138
 	NOT-FOR-US: WSTMart
-CVE-2018-19137 (DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ...)
+CVE-2018-19137
 	NOT-FOR-US: DomainMOD
-CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via the ...)
+CVE-2018-19136
 	NOT-FOR-US: DomainMOD
-CVE-2018-19135 (ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file ...)
+CVE-2018-19135
 	NOT-FOR-US: ClipperCMS
-CVE-2018-19134 (In Artifex Ghostscript through 9.25, the setpattern operator did not ...)
+CVE-2018-19134
 	{DSA-4346-1 DLA-1620-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700141
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=693baf02152119af6e6afd30bb8ec76d14f84bbf (master)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7c8f85a23db24031945af3cacb2c0b4740e67072 (ghostscript-9.26)
-CVE-2018-19133 (In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email ...)
+CVE-2018-19133
 	NOT-FOR-US: Flarum Core
-CVE-2018-19130 (In Libav 12.3, there is an invalid memory access in vc1_decode_frame in ...)
+CVE-2018-19130
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1139
-CVE-2018-19129 (In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ...)
+CVE-2018-19129
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1138
-CVE-2018-19128 (In Libav 12.3, there is a heap-based buffer over-read in decode_frame ...)
+CVE-2018-19128
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1137
-CVE-2018-19127 (A code injection vulnerability in /type.php in PHPCMS 2008 allows ...)
+CVE-2018-19127
 	NOT-FOR-US: PHPCMS
-CVE-2018-19126 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote ...)
+CVE-2018-19126
 	NOT-FOR-US: PrestaShop
-CVE-2018-19125 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote ...)
+CVE-2018-19125
 	NOT-FOR-US: PrestaShop
-CVE-2018-19124 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows ...)
+CVE-2018-19124
 	NOT-FOR-US: PrestaShop
 CVE-2018-19123
 	RESERVED
-CVE-2018-19122 (An issue has been found in libIEC61850 v1.3. It is a NULL pointer ...)
+CVE-2018-19122
 	NOT-FOR-US: libIEC61850
-CVE-2018-19121 (An issue has been found in libIEC61850 v1.3. It is a SEGV in ...)
+CVE-2018-19121
 	NOT-FOR-US: libIEC61850
-CVE-2018-19141 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before ...)
+CVE-2018-19141
 	{DLA-1592-1}
 	- otrs2 6.0.1-1
 	NOTE: https://community.otrs.com/security-advisory-2018-09-security-update-for-otrs-framework/
 	NOTE: Only the 4.x and 5.x series are affected (and possibly earlier versions).
 	NOTE: Add workaround and mark first 6.x version as fixing version
-CVE-2018-19142 (Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin ...)
+CVE-2018-19142
 	- otrs2 6.0.13-1
 	[stretch] - otrs2 <not-affected> (Only affects 6.x)
 	[jessie] - otrs2 <not-affected> (Only affects 6.x)
 	NOTE: https://community.otrs.com/security-advisory-2018-08-security-update-for-otrs-framework/
-CVE-2018-19143 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before ...)
+CVE-2018-19143
 	{DLA-1592-1}
 	- otrs2 6.0.13-1
 	NOTE: https://community.otrs.com/security-advisory-2018-07-security-update-for-otrs-framework/
-CVE-2018-19120 (The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows ...)
+CVE-2018-19120
 	- kio-extras 4:18.08.3-1 (bug #913595)
 	[buster] - kio-extras <no-dsa> (Minor issue)
 	[stretch] - kio-extras <no-dsa> (Minor issue)
@@ -4950,36 +4945,36 @@ CVE-2018-19120 (The HTML thumbnailer plugin in KDE Applications before 18.12.0 a
 	NOTE: https://www.kde.org/info/security/advisory-20181012-1.txt
 CVE-2018-19119
 	RESERVED
-CVE-2018-19118 (Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote ...)
+CVE-2018-19118
 	NOT-FOR-US: Zoho
 CVE-2018-19117
 	RESERVED
 CVE-2018-19116
 	RESERVED
-CVE-2018-19967 (An issue was discovered in Xen through 4.11.x on Intel x86 platforms ...)
+CVE-2018-19967
 	{DSA-4369-1 DLA-1577-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-282.txt
-CVE-2018-19115 (keepalived before 2.0.7 has a heap-based buffer overflow when parsing ...)
+CVE-2018-19115
 	{DLA-1589-1}
 	- keepalived 1:2.0.10-1 (low; bug #914393)
 	[stretch] - keepalived <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/pull/961
 	NOTE: https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9
-CVE-2018-19114 (An issue was discovered in MinDoc through v1.0.2. It allows attackers ...)
+CVE-2018-19114
 	NOT-FOR-US: MinDoc
 CVE-2018-19113
 	RESERVED
 CVE-2018-19112
 	RESERVED
-CVE-2018-19111 (The Google Cardboard application 1.8 for Android and 1.2 for iOS sends ...)
+CVE-2018-19111
 	NOT-FOR-US: Google Cardboard application for Android and iOS
-CVE-2018-19110 (The skin-management feature in tianti 2.3 allows remote authenticated ...)
+CVE-2018-19110
 	NOT-FOR-US: tianti
-CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended ...)
+CVE-2018-19109
 	NOT-FOR-US: tianti
-CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD ...)
+CVE-2018-19108
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #913272)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
@@ -4987,7 +4982,7 @@ CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in
 	NOTE: https://github.com/Exiv2/exiv2/pull/518
 	NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
 	NOTE: https://github.com/Exiv2/exiv2/commit/b7c71f3ad0386cd7af3b73443c0615ada073f0d5
-CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from ...)
+CVE-2018-19107
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #913273)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
@@ -4995,12 +4990,12 @@ CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called fro
 	NOTE: https://github.com/Exiv2/exiv2/pull/518
 	NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
 	NOTE: https://github.com/Exiv2/exiv2/commit/b7c71f3ad0386cd7af3b73443c0615ada073f0d5
-CVE-2018-19106 (Avi Vantage before 17.2.13 uses an invalid URL encoding during a ...)
+CVE-2018-19106
 	NOT-FOR-US: Avi Vantage
-CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service ...)
+CVE-2018-19105
 	- librecad <undetermined>
 	NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
-CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be ...)
+CVE-2018-19104
 	NOT-FOR-US: BageCMS
 CVE-2018-19103
 	RESERVED
@@ -5022,91 +5017,91 @@ CVE-2018-19095
 	RESERVED
 CVE-2018-19094
 	RESERVED
-CVE-2018-19093 (** DISPUTED ** An issue has been found in libIEC61850 v1.3. It is a ...)
+CVE-2018-19093
 	NOT-FOR-US: libIEC61850
-CVE-2018-19092 (An issue was discovered in YzmCMS v5.2. It has XSS via a ...)
+CVE-2018-19092
 	NOT-FOR-US: YzmCMS
-CVE-2018-19091 (tianti 2.3 has reflected XSS in the user management module via the ...)
+CVE-2018-19091
 	NOT-FOR-US: tianti
-CVE-2018-19090 (tianti 2.3 has stored XSS in the article management module via an ...)
+CVE-2018-19090
 	NOT-FOR-US: tianti
-CVE-2018-19089 (tianti 2.3 has stored XSS in the userlist module via the ...)
+CVE-2018-19089
 	NOT-FOR-US: tianti
 CVE-2018-19088
 	RESERVED
-CVE-2018-19087 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+CVE-2018-19087
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19086 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+CVE-2018-19086
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19085 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+CVE-2018-19085
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19084 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+CVE-2018-19084
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19083 (WeCenter 3.2.0 through 3.2.2 has XSS in the ...)
+CVE-2018-19083
 	NOT-FOR-US: WeCenter
-CVE-2018-19082 (An issue was discovered on Foscam Opticam i5 devices with System ...)
+CVE-2018-19082
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19081 (An issue was discovered on Foscam Opticam i5 devices with System ...)
+CVE-2018-19081
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19080 (An issue was discovered on Foscam Opticam i5 devices with System ...)
+CVE-2018-19080
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19079 (An issue was discovered on Foscam Opticam i5 devices with System ...)
+CVE-2018-19079
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19078 (An issue was discovered on Foscam Opticam i5 devices with System ...)
+CVE-2018-19078
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19077 (An issue was discovered on Foscam Opticam i5 devices with System ...)
+CVE-2018-19077
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19076 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19076
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19075 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19075
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19074 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19074
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19073 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19073
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19072 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19072
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19071 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19071
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19070 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19070
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19069 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19069
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19068 (An issue was discovered on Foscam Opticam i5 devices with System ...)
+CVE-2018-19068
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19067 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19067
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19066 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19066
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19065 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19065
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19064 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19064
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19063 (An issue was discovered on Foscam C2 devices with System Firmware ...)
+CVE-2018-19063
 	NOT-FOR-US: Foscam C2 devices
 CVE-2018-19062
 	RESERVED
-CVE-2018-19061 (DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter. ...)
+CVE-2018-19061
 	NOT-FOR-US: DedeCMS
-CVE-2018-19060 (An issue was discovered in Poppler 0.71.0. There is a NULL pointer ...)
+CVE-2018-19060
 	- poppler <unfixed> (unimportant; bug #913182)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/660
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/d2f5d424ba8752f9a9e9dad410546ec1b46caa0a
 	NOTE: Issue in pdfdetach cli tool leading to crash
-CVE-2018-19059 (An issue was discovered in Poppler 0.71.0. There is a out-of-bounds ...)
+CVE-2018-19059
 	- poppler <unfixed> (unimportant; bug #913180)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/661
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/77a30e94d96220d7e22dff5b3f0a7f296f01b118
 	NOTE: Issue in pdfdetach cli tool leading to crash
-CVE-2018-19058 (An issue was discovered in Poppler 0.71.0. There is a reachable abort ...)
+CVE-2018-19058
 	{DLA-1706-1}
 	- poppler <unfixed> (low; bug #913177)
 	[stretch] - poppler <ignored> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/659
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/6912e06d9ab19ba28991b5cab3319d61d856bd6d
-CVE-2018-19057 (SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG ...)
+CVE-2018-19057
 	NOT-FOR-US: SimpleMDE
-CVE-2018-19056 (pandao Editor.md 1.5.0 has DOM XSS via input starting with a &quot;&lt;&lt;&quot; ...)
+CVE-2018-19056
 	NOT-FOR-US: pandao Editor.md
 CVE-2018-XXXX [VirtualBox E1000 Guest-to-Host Escape]
 	- virtualbox 5.2.22-dfsg-1 (bug #913137)
@@ -5118,55 +5113,55 @@ CVE-2018-19055
 	RESERVED
 CVE-2018-19054
 	RESERVED
-CVE-2018-19053 (PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by ...)
+CVE-2018-19053
 	NOT-FOR-US: PbootCMS
-CVE-2018-19051 (MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type ...)
+CVE-2018-19051
 	NOT-FOR-US: MetInfo
-CVE-2018-19050 (MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset ...)
+CVE-2018-19050
 	NOT-FOR-US: MetInfo
 CVE-2018-19049
 	RESERVED
-CVE-2018-19052 (An issue was discovered in mod_alias_physical_handler in mod_alias.c in ...)
+CVE-2018-19052
 	- lighttpd 1.4.52-1 (bug #913528)
 	[stretch] - lighttpd <no-dsa> (Minor issue)
 	[jessie] - lighttpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1
 CVE-2018-19048
 	RESERVED
-CVE-2018-19047 (** DISPUTED ** mPDF through 7.1.6, if deployed as a web application ...)
+CVE-2018-19047
 	NOT-FOR-US: mPDF
-CVE-2018-19046 (keepalived 2.0.8 didn't check for existing plain files when writing ...)
+CVE-2018-19046
 	- keepalived 1:2.0.10-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/issues/1048
 	NOTE: Neutralised by kernel hardening
-CVE-2018-19045 (keepalived 2.0.8 used mode 0666 when creating new temporary files upon ...)
+CVE-2018-19045
 	- keepalived 1:2.0.10-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6
 	NOTE: https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067
 	NOTE: https://github.com/acassen/keepalived/issues/1048
-CVE-2018-19044 (keepalived 2.0.8 didn't check for pathnames with symlinks when writing ...)
+CVE-2018-19044
 	- keepalived 1:2.0.10-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306
 	NOTE: https://github.com/acassen/keepalived/issues/1048
-CVE-2018-19043 (The Media File Manager plugin 1.4.2 for WordPress allows arbitrary ...)
+CVE-2018-19043
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19042 (The Media File Manager plugin 1.4.2 for WordPress allows arbitrary ...)
+CVE-2018-19042
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19041 (The Media File Manager plugin 1.4.2 for WordPress allows XSS via the ...)
+CVE-2018-19041
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19040 (The Media File Manager plugin 1.4.2 for WordPress allows directory ...)
+CVE-2018-19040
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19039 (Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated ...)
+CVE-2018-19039
 	- grafana <removed>
 	NOTE: https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961
 CVE-2018-19038
 	RESERVED
 CVE-2018-19037
 	RESERVED
-CVE-2018-19036 (An issue was discovered in several Bosch IP cameras for firmware ...)
+CVE-2018-19036
 	NOT-FOR-US: Bosch
 CVE-2018-19035
 	RESERVED
@@ -5180,11 +5175,11 @@ CVE-2018-19031
 	RESERVED
 CVE-2018-19030
 	RESERVED
-CVE-2018-19029 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using ...)
+CVE-2018-19029
 	NOT-FOR-US: LCDS Laquis SCADA
 CVE-2018-19028
 	RESERVED
-CVE-2018-19027 (Three type confusion vulnerabilities exist in CX-One Versions 4.50 and ...)
+CVE-2018-19027
 	NOT-FOR-US: CX-One
 CVE-2018-19026
 	RESERVED
@@ -5192,93 +5187,93 @@ CVE-2018-19025
 	RESERVED
 CVE-2018-19024
 	RESERVED
-CVE-2018-19023 (Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent &quot;stop&quot; state. ...)
+CVE-2018-19023
 	NOT-FOR-US: Hetronic Nova-M radio control systems
 CVE-2018-19022
 	RESERVED
-CVE-2018-19021 (A specially crafted script could bypass the authentication of a ...)
+CVE-2018-19021
 	NOT-FOR-US: Emerson DeltaV DCS
-CVE-2018-19020 (When CX-Supervisor (Versions 3.42 and prior) processes project files ...)
+CVE-2018-19020
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19019 (A type confusion vulnerability exists when processing project files in ...)
+CVE-2018-19019
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19018 (An access of uninitialized pointer vulnerability in CX-Supervisor ...)
+CVE-2018-19018
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19017 (Several use after free vulnerabilities have been identified in ...)
+CVE-2018-19017
 	NOT-FOR-US: CX-Supervisor
 CVE-2018-19016
 	RESERVED
-CVE-2018-19015 (An attacker could inject commands to launch programs and create, ...)
+CVE-2018-19015
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19014 (Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all ...)
+CVE-2018-19014
 	NOT-FOR-US: Drager patient monitoring medical devices
-CVE-2018-19013 (An attacker could inject commands to delete files and/or delete the ...)
+CVE-2018-19013
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19012 (Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all ...)
+CVE-2018-19012
 	NOT-FOR-US: Drager patient monitoring medical devices
-CVE-2018-19011 (CX-Supervisor (Versions 3.42 and prior) can execute code that has been ...)
+CVE-2018-19011
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19010 (Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all ...)
+CVE-2018-19010
 	NOT-FOR-US: Drager patient monitoring medical devices
-CVE-2018-19009 (Pilz PNOZmulti Configurator prior to version 10.9 allows an ...)
+CVE-2018-19009
 	NOT-FOR-US: Pilz PNOZmulti Configurator
-CVE-2018-19008 (The TextEditor 2.0 in ABB CP400 Panel Builder versions 2.0.7.05 and ...)
+CVE-2018-19008
 	NOT-FOR-US: TextEditor 2.0 in ABB CP400 Panel Builder
-CVE-2018-19007 (In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the ...)
+CVE-2018-19007
 	NOT-FOR-US: Geutebrueck cameras
 CVE-2018-19006
 	RESERVED
-CVE-2018-19005 (Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation ...)
+CVE-2018-19005
 	NOT-FOR-US: Cscape
-CVE-2018-19004 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds ...)
+CVE-2018-19004
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-19003 (GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to ...)
+CVE-2018-19003
 	NOT-FOR-US: GE Mark
-CVE-2018-19002 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control ...)
+CVE-2018-19002
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-19001 (Philips HealthSuite Health Android App, all versions. The software ...)
+CVE-2018-19001
 	NOT-FOR-US: Philips HealthSuite Health Android App
-CVE-2018-19000 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication ...)
+CVE-2018-19000
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18999 (WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows ...)
+CVE-2018-18999
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2018-18998 (LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded ...)
+CVE-2018-18998
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18997 (Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 ...)
+CVE-2018-18997
 	NOT-FOR-US: ABB GATE-E2
-CVE-2018-18996 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user ...)
+CVE-2018-18996
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18995 (Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all ...)
+CVE-2018-18995
 	NOT-FOR-US: ABB GATE-E2
 CVE-2018-18994
 	RESERVED
-CVE-2018-18993 (Two stack-based buffer overflow vulnerabilities have been discovered ...)
+CVE-2018-18993
 	NOT-FOR-US: CX-One
-CVE-2018-18992 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user ...)
+CVE-2018-18992
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18991 (Reflected cross-site scripting (non-persistent) in SCADA WebServer ...)
+CVE-2018-18991
 	NOT-FOR-US: SCADA WebServer
-CVE-2018-18990 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied ...)
+CVE-2018-18990
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18989 (In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and ...)
+CVE-2018-18989
 	NOT-FOR-US: CX-One
-CVE-2018-18988 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of ...)
+CVE-2018-18988
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18987 (VT-Designer Version 2.1.7.31 is vulnerable by the program populating ...)
+CVE-2018-18987
 	NOT-FOR-US: VT-Designer
-CVE-2018-18986 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a ...)
+CVE-2018-18986
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18985 (Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4 a cross-site scripting vulnerability has been identified that may allow a remote attacker to inject code to some web pages affecting confidentiality. ...)
+CVE-2018-18985
 	NOT-FOR-US: Tridium Niagara Enterprise
-CVE-2018-18984 (Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 ...)
+CVE-2018-18984
 	NOT-FOR-US: Medtronic
-CVE-2018-18983 (VT-Designer Version 2.1.7.31 is vulnerable by the program reading the ...)
+CVE-2018-18983
 	NOT-FOR-US: VT-Designer
-CVE-2018-18982 (NUUO CMS All versions 3.3 and prior the web server application allows ...)
+CVE-2018-18982
 	NOT-FOR-US: NUUO CMS
-CVE-2018-18981 (In Rockwell Automation FactoryTalk Services Platform 2.90 and earlier, ...)
+CVE-2018-18981
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2018-18980 (An XML External Entity injection (XXE) vulnerability exists in Zoho ...)
+CVE-2018-18980
 	NOT-FOR-US: Zoho ManageEngine Network Configuration Manager and OpManager
 CVE-2018-18979
 	RESERVED
@@ -5306,40 +5301,40 @@ CVE-2018-18968
 	RESERVED
 CVE-2018-18967
 	RESERVED
-CVE-2018-18966 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist ...)
+CVE-2018-18966
 	NOT-FOR-US: osCommerce
-CVE-2018-18965 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist ...)
+CVE-2018-18965
 	NOT-FOR-US: osCommerce
-CVE-2018-18964 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist ...)
+CVE-2018-18964
 	NOT-FOR-US: osCommerce
-CVE-2018-18963 (Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce ...)
+CVE-2018-18963
 	NOT-FOR-US: Degrau Publicidade e Internet Plataforma de E-commerce
 CVE-2018-18962
 	RESERVED
 CVE-2018-18961
 	RESERVED
-CVE-2018-18960 (An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, ...)
+CVE-2018-18960
 	NOT-FOR-US: Epson
-CVE-2018-18959 (An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, ...)
+CVE-2018-18959
 	NOT-FOR-US: Epson
 CVE-2018-18958
 	RESERVED
-CVE-2018-18957 (An issue has been found in libIEC61850 v1.3. It is a stack-based buffer ...)
+CVE-2018-18957
 	NOT-FOR-US: libIEC61850
-CVE-2018-18956 (The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x ...)
+CVE-2018-18956
 	- suricata 1:4.0.6-1
 	[stretch] - suricata <no-dsa> (Minor issue)
 	[jessie] - suricata <not-affected> (Vulnerable code not present, no MIME support in this version)
 	NOTE: https://lists.openinfosecfoundation.org/pipermail/oisf-users/2018-October/016227.html
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2658#change-10374
-CVE-2018-18955 (In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() ...)
+CVE-2018-18955
 	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Introduced in 4.15-rc1)
 	[jessie] - linux <not-affected> (Introduced in 4.15-rc1)
 	NOTE: https://git.kernel.org/linus/d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd
 	NOTE: Introduced in https://git.kernel.org/linus/6397fac4915a
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1712
-CVE-2018-18954 (The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 ...)
+CVE-2018-18954
 	- qemu 1:3.1+dfsg-1 (low; bug #914604)
 	[stretch] - qemu <postponed> (Minor issue, can be backported once fixed upstream)
 	[jessie] - qemu <not-affected> (Vulnerable code not present. ppc/pnv lpc was added in 2.7)
@@ -5347,13 +5342,13 @@ CVE-2018-18954 (The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=d07945e78eb6b593cd17a4640c1fc9eb35e3245d
 CVE-2018-18953
 	RESERVED
-CVE-2018-18952 (JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI. ...)
+CVE-2018-18952
 	NOT-FOR-US: JEECMS
 CVE-2018-18951
 	RESERVED
-CVE-2018-18950 (KindEditor through 4.1.11 has a path traversal vulnerability in ...)
+CVE-2018-18950
 	NOT-FOR-US: KindEditor
-CVE-2018-18949 (Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via ...)
+CVE-2018-18949
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-18948
 	RESERVED
@@ -5365,27 +5360,27 @@ CVE-2018-18945
 	RESERVED
 CVE-2018-18944
 	RESERVED
-CVE-2018-18943 (An issue was discovered in baserCMS before 4.1.4. In the Register New ...)
+CVE-2018-18943
 	NOT-FOR-US: baserCMS
-CVE-2018-18942 (In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote ...)
+CVE-2018-18942
 	NOT-FOR-US: baserCMS
-CVE-2018-18941 (In Vignette Content Management version 6, it is possible to gain ...)
+CVE-2018-18941
 	NOT-FOR-US: Vignette Content Management
-CVE-2018-18940 (servlet/SnoopServlet (a servlet installed by default) in Netscape ...)
+CVE-2018-18940
 	NOT-FOR-US: Netscape Enterprise
-CVE-2018-18939 (An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in ...)
+CVE-2018-18939
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18938 (An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in ...)
+CVE-2018-18938
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18937 (An issue has been found in libIEC61850 v1.3. It is a NULL pointer ...)
+CVE-2018-18937
 	NOT-FOR-US: libIEC61850
-CVE-2018-18936 (An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows ...)
+CVE-2018-18936
 	NOT-FOR-US: PopojiCMS
-CVE-2018-18935 (An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the ...)
+CVE-2018-18935
 	NOT-FOR-US: PopojiCMS
-CVE-2018-18934 (An issue was discovered in PopojiCMS v2.0.1. admin_component.php is ...)
+CVE-2018-18934
 	NOT-FOR-US: PopojiCMS
-CVE-2018-18933 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
+CVE-2018-18933
 	NOT-FOR-US: Foxit Reader
 CVE-2018-18932
 	RESERVED
@@ -5395,31 +5390,31 @@ CVE-2018-18930
 	RESERVED
 CVE-2018-18929
 	RESERVED
-CVE-2018-18928 (International Components for Unicode (ICU) for C/C++ 63.1 has an ...)
+CVE-2018-18928
 	- icu 63.1-3
 	[stretch] - icu <not-affected> (Vulnerable code not present)
 	[jessie] - icu <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=900059
 	NOTE: Fixed by: https://github.com/unicode-org/icu/commit/53d8c8f3d181d87a6aa925b449b51c4a2c922a51
 	NOTE: https://unicode-org.atlassian.net/browse/ICU-20246
-CVE-2018-18927 (An issue was discovered in PublicCMS V4.0. It allows XSS by modifying ...)
+CVE-2018-18927
 	NOT-FOR-US: PublicCMS
-CVE-2018-18926 (Gitea before 1.5.4 allows remote code execution because it does not ...)
+CVE-2018-18926
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/issues/5140
-CVE-2018-18925 (Gogs 0.11.66 allows remote code execution because it does not properly ...)
+CVE-2018-18925
 	NOT-FOR-US: Go Git Service
-CVE-2018-18924 (The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to ...)
+CVE-2018-18924
 	NOT-FOR-US: ProjeQtOr
-CVE-2018-18923 (AbiSoft Ticketly 1.0 is affected by multiple SQL Injection ...)
+CVE-2018-18923
 	NOT-FOR-US: AbiSoft Ticketly
-CVE-2018-18922 (add_user in AbiSoft Ticketly 1.0 allows remote attackers to create ...)
+CVE-2018-18922
 	NOT-FOR-US: AbiSoft Ticketly
-CVE-2018-18921 (PHP Server Monitor before 3.3.2 has CSRF, as demonstrated by a Delete ...)
+CVE-2018-18921
 	NOT-FOR-US: PHP Server Monitor
-CVE-2018-18920 (Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.execute_bytecode ...)
+CVE-2018-18920
 	- python3-py-evm <itp> (bug #884796)
-CVE-2018-18919 (The WP Editor.md plugin 10.0.1 for WordPress allows XSS via the comment ...)
+CVE-2018-18919
 	NOT-FOR-US: WP Editor.md plugin for WordPress
 CVE-2018-18918
 	RESERVED
@@ -5427,7 +5422,7 @@ CVE-2018-18917
 	RESERVED
 CVE-2018-18916
 	RESERVED
-CVE-2018-18915 (There is an infinite loop in the Exiv2::Image::printIFDStructure ...)
+CVE-2018-18915
 	[experimental] - exiv2 <unfixed> (bug #912828)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/511
@@ -5441,9 +5436,9 @@ CVE-2018-18911
 	RESERVED
 CVE-2018-18910
 	RESERVED
-CVE-2018-18909 (xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of ...)
+CVE-2018-18909
 	NOT-FOR-US: xhEditor
-CVE-2018-18908 (The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows ...)
+CVE-2018-18908
 	NOT-FOR-US: Sky Go Desktop
 CVE-2018-18907
 	RESERVED
@@ -5453,7 +5448,7 @@ CVE-2018-18905
 	RESERVED
 CVE-2018-18904
 	RESERVED
-CVE-2018-18903 (Vanilla 2.6.x before 2.6.4 allows remote code execution. ...)
+CVE-2018-18903
 	NOT-FOR-US: Vanilla
 CVE-2018-18902
 	RESERVED
@@ -5464,14 +5459,13 @@ CVE-2018-18900
 CVE-2018-18899
 	RESERVED
 CVE-2018-18898
-	RESERVED
 	- libemail-address-list-perl 0.06-1
 	[stretch] - libemail-address-list-perl 0.05-1+deb9u1
 	[jessie] - libemail-address-list-perl <ignored> (Minor issue)
 	NOTE: https://github.com/bestpractical/email-address-list/commit/a22e6b233443fe3ad1a408e50ecbd7237674817d
 	NOTE: https://github.com/bestpractical/email-address-list/commit/6dd5021a6e5df2e8c86a163dc2e180a76a38e63b
 	NOTE: https://github.com/bestpractical/email-address-list/commit/31bd4dc2dfb26fd6a17e4436df3d3c8904856f30
-CVE-2018-18897 (An issue was discovered in Poppler 0.71.0. There is a memory leak in ...)
+CVE-2018-18897
 	- poppler <unfixed> (low; bug #913164)
 	[stretch] - poppler <ignored> (Negligible security impact)
 	[jessie] - poppler <ignored> (Negligible security impact; memory leak)
@@ -5482,19 +5476,19 @@ CVE-2018-18895
 	REJECTED
 CVE-2018-18894
 	RESERVED
-CVE-2018-18893 (Jinjava before 2.4.6 does not block the getClass method, related to ...)
+CVE-2018-18893
 	NOT-FOR-US: Jinjava
-CVE-2018-18892 (MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php ...)
+CVE-2018-18892
 	NOT-FOR-US: MiniCMS
-CVE-2018-18891 (MiniCMS 1.10 allows file deletion via ...)
+CVE-2018-18891
 	NOT-FOR-US: MiniCMS
-CVE-2018-18890 (MiniCMS 1.10 allows full path disclosure via ...)
+CVE-2018-18890
 	NOT-FOR-US: MiniCMS
 CVE-2018-18889
 	RESERVED
-CVE-2018-18888 (An issue was discovered in laravelCMS through 2018-04-02. ...)
+CVE-2018-18888
 	NOT-FOR-US: laravelCMS
-CVE-2018-18887 (S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type ...)
+CVE-2018-18887
 	NOT-FOR-US: S-CMS
 CVE-2018-18886
 	RESERVED
@@ -5503,9 +5497,9 @@ CVE-2018-18885
 CVE-2018-18884
 	RESERVED
 CVE-2018-18882
-	RESERVED
+	TODO: check
 CVE-2018-18881
-	RESERVED
+	TODO: check
 CVE-2018-18880
 	RESERVED
 CVE-2018-18879
@@ -5518,60 +5512,59 @@ CVE-2018-18876
 	RESERVED
 CVE-2018-18875
 	RESERVED
-CVE-2018-18874 (nc-cms through 2017-03-10 allows remote attackers to execute arbitrary ...)
+CVE-2018-18874
 	NOT-FOR-US: nc-cms
-CVE-2018-18873 (An issue was discovered in JasPer 2.0.14. There is a NULL pointer ...)
+CVE-2018-18873
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/184
 CVE-2018-18872
 	RESERVED
-CVE-2018-18871 (Missing password verification in the web interface on Gigaset Maxwell ...)
+CVE-2018-18871
 	NOT-FOR-US: Gigaset
 CVE-2018-18870
 	RESERVED
-CVE-2018-18869 (EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary ...)
+CVE-2018-18869
 	NOT-FOR-US: EmpireCMS
-CVE-2018-18868 (No-CMS 1.1.3 is prone to Persistent XSS via a contact_us name ...)
+CVE-2018-18868
 	NOT-FOR-US: No-CMS
-CVE-2018-18867 (An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4 ...)
+CVE-2018-18867
 	NOT-FOR-US: tecrail Responsive FileManager
 CVE-2018-18866
 	RESERVED
-CVE-2018-18865 (The Royal browser extensions TS before 4.3.60728 (Release Date ...)
+CVE-2018-18865
 	NOT-FOR-US: Royal browser extensions TS
-CVE-2018-18864 (Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache ...)
+CVE-2018-18864
 	NOT-FOR-US: Loadbalancer.org Enterprise VA MAX
 CVE-2018-18863
 	RESERVED
 CVE-2018-18862
-	RESERVED
-CVE-2018-18861 (Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code ...)
+	TODO: check
+CVE-2018-18861
 	NOT-FOR-US: PCMan FTP Server
-CVE-2018-18860 (A local privilege escalation vulnerability has been identified in the ...)
+CVE-2018-18860
 	NOT-FOR-US: SwitchVPN for macOS
-CVE-2018-18859 (Multiple local privilege escalation vulnerabilities have been ...)
+CVE-2018-18859
 	NOT-FOR-US: LiquidVPN client for macOS
-CVE-2018-18858 (Multiple local privilege escalation vulnerabilities have been ...)
+CVE-2018-18858
 	NOT-FOR-US: LiquidVPN client for macOS
-CVE-2018-18857 (Multiple local privilege escalation vulnerabilities have been ...)
+CVE-2018-18857
 	NOT-FOR-US: LiquidVPN client for macOS
-CVE-2018-18856 (Multiple local privilege escalation vulnerabilities have been ...)
+CVE-2018-18856
 	NOT-FOR-US: LiquidVPN client for macOS
 CVE-2018-18855
 	RESERVED
-CVE-2018-18854 (Lightbend Spray spray-json through 1.3.4 allows remote attackers to ...)
+CVE-2018-18854
 	NOT-FOR-US: Lightbend Spray spray-json
-CVE-2018-18853 (Lightbend Spray spray-json through 1.3.4 allows remote attackers to ...)
+CVE-2018-18853
 	NOT-FOR-US: Lightbend Spray spray-json
 CVE-2018-18852
 	RESERVED
 CVE-2018-18851
 	RESERVED
-CVE-2018-18850 (In Octopus Deploy 2018.8.0 through 2018.9.x before 2018.9.1, an ...)
+CVE-2018-18850
 	NOT-FOR-US: Octopus Deploy
 CVE-2018-18849 [lsi53c895a: OOB msg buffer access leads to DoS]
-	RESERVED
 	- qemu 1:3.1+dfsg-1 (bug #912535)
 	[stretch] - qemu <postponed> (Minor issue, revisit for later update)
 	[jessie] - qemu <postponed> (Minor issue, revisit for later update)
@@ -5585,17 +5578,17 @@ CVE-2018-18847
 CVE-2018-18846
 	RESERVED
 CVE-2018-18845
-	RESERVED
+	TODO: check
 CVE-2018-18844
 	RESERVED
-CVE-2018-18843 (The Kubernetes integration in GitLab Enterprise Edition 11.x before ...)
+CVE-2018-18843
 	- gitlab <not-affected> (Only affects Enterprise edition)
 	NOTE: https://about.gitlab.com/2018/11/01/critical-security-release-gitlab-11-dot-4-dot-4-released/
-CVE-2018-18842 (CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP ...)
+CVE-2018-18842
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-18841 (XSS was discovered in SEMCMS PHP V3.4 via the ...)
+CVE-2018-18841
 	NOT-FOR-US: SEMCMS PHP
-CVE-2018-18840 (XSS was discovered in SEMCMS PHP V3.4 via the ...)
+CVE-2018-18840
 	NOT-FOR-US: SEMCMS PHP
 CVE-2018-18839
 	RESERVED
@@ -5605,44 +5598,44 @@ CVE-2018-18837
 	RESERVED
 CVE-2018-18836
 	RESERVED
-CVE-2018-18835 (upload_template() in system/changeskin.php in DocCms 2016.5.12 allows ...)
+CVE-2018-18835
 	NOT-FOR-US: DocCms
-CVE-2018-18834 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
+CVE-2018-18834
 	NOT-FOR-US: libIEC61850
 CVE-2018-18833
 	RESERVED
-CVE-2018-18832 (admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID ...)
+CVE-2018-18832
 	NOT-FOR-US: DKCMS
-CVE-2018-18831 (An issue was discovered in com\mingsoft\cms\action\GeneraterAction.java ...)
+CVE-2018-18831
 	NOT-FOR-US: MCMS
-CVE-2018-18830 (An issue was discovered in ...)
+CVE-2018-18830
 	NOT-FOR-US: MCMS
-CVE-2018-18829 (There exists a NULL pointer dereference in ...)
+CVE-2018-18829
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1136
-CVE-2018-18828 (There exists a heap-based buffer overflow in vc1_decode_i_block_adv in ...)
+CVE-2018-18828
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1135
-CVE-2018-18827 (There exists a heap-based buffer over-read in ff_vc1_pred_dc in ...)
+CVE-2018-18827
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1135
-CVE-2018-18826 (There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in ...)
+CVE-2018-18826
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1135
-CVE-2018-18825 (Pagoda Linux panel V6.0 has XSS via the verification code associated ...)
+CVE-2018-18825
 	NOT-FOR-US: Pagoda Linux panel
 CVE-2018-18824
 	RESERVED
 CVE-2018-18823
 	RESERVED
-CVE-2018-18822 (Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref ...)
+CVE-2018-18822
 	NOT-FOR-US: Grapixel New Media
 CVE-2018-18821
 	RESERVED
-CVE-2018-18820 (A buffer overflow was discovered in the URL-authentication backend of ...)
+CVE-2018-18820
 	{DSA-4333-1 DLA-1588-1}
 	- icecast2 2.4.4-1 (bug #912611)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/01/3
@@ -5654,29 +5647,29 @@ CVE-2018-18819
 	RESERVED
 CVE-2018-18818
 	RESERVED
-CVE-2018-18817 (The Leostream Agent before Build 7.0.1.0 when used with Leostream ...)
+CVE-2018-18817
 	NOT-FOR-US: Leostream Agent
-CVE-2018-18816 (The repository component of TIBCO Software Inc.'s TIBCO JasperReports ...)
+CVE-2018-18816
 	NOT-FOR-US: TIBCO
-CVE-2018-18815 (The REST API component of TIBCO Software Inc.'s TIBCO JasperReports ...)
+CVE-2018-18815
 	NOT-FOR-US: TIBCO
-CVE-2018-18814 (The TIBCO Spotfire authentication component of TIBCO Software Inc.'s ...)
+CVE-2018-18814
 	NOT-FOR-US: TIBCO
-CVE-2018-18813 (The Spotfire web server component of TIBCO Software Inc.'s TIBCO ...)
+CVE-2018-18813
 	NOT-FOR-US: TIBCO
-CVE-2018-18812 (The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
+CVE-2018-18812
 	NOT-FOR-US: TIBCO
 CVE-2018-18811
 	RESERVED
-CVE-2018-18810 (The Administrator Service component of TIBCO Software Inc.'s TIBCO ...)
+CVE-2018-18810
 	NOT-FOR-US: TIBCO
-CVE-2018-18809 (The default server implementation of TIBCO Software Inc.'s TIBCO ...)
+CVE-2018-18809
 	NOT-FOR-US: TIBCO
-CVE-2018-18808 (The domain management component of TIBCO Software Inc.'s TIBCO ...)
+CVE-2018-18808
 	NOT-FOR-US: TIBCO
-CVE-2018-18807 (The web application of the TIBCO Statistica component of TIBCO ...)
+CVE-2018-18807
 	NOT-FOR-US: TIBCO
-CVE-2018-19132 (Squid before 4.4, when SNMP is enabled, allows a denial of service ...)
+CVE-2018-19132
 	{DLA-1596-1}
 	- squid 4.4-1 (low; bug #912294)
 	- squid3 <removed> (low)
@@ -5684,83 +5677,83 @@ CVE-2018-19132 (Squid before 4.4, when SNMP is enabled, allows a denial of servi
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_5.txt
 	NOTE: 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-bc9786119f058a76ddf0625424bc33d36460b9a2.patch
 	NOTE: 4.x: http://www.squid-cache.org/Versions/v4/changesets/squid-4-983c5c36e5f109512ed1af38a329d0b5d0967498.patch
-CVE-2018-19131 (Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) ...)
+CVE-2018-19131
 	- squid 4.4-1 (unimportant; bug #912293)
 	- squid3 <removed> (unimportant)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_4.txt
 	NOTE: Squid in Debian builds without TLS support
-CVE-2018-18806 (School Equipment Monitoring System 1.0 allows SQL injection via the ...)
+CVE-2018-18806
 	NOT-FOR-US: School Equipment Monitoring System
-CVE-2018-18805 (PointOfSales 1.0 allows SQL injection via the login screen, related to ...)
+CVE-2018-18805
 	NOT-FOR-US: PointOfSales
-CVE-2018-18804 (Bakeshop Inventory System 1.0 has SQL injection via the login screen, ...)
+CVE-2018-18804
 	NOT-FOR-US: Bakeshop Inventory System
-CVE-2018-18803 (Curriculum Evaluation System 1.0 allows SQL Injection via the login ...)
+CVE-2018-18803
 	NOT-FOR-US: Curriculum Evaluation System
 CVE-2018-18802
 	RESERVED
-CVE-2018-18801 (The BSEN Ordering software 1.0 has SQL Injection via ...)
+CVE-2018-18801
 	NOT-FOR-US: BSEN Ordering software
 CVE-2018-18800
 	RESERVED
-CVE-2018-18799 (School Attendance Monitoring System 1.0 has CSRF via ...)
+CVE-2018-18799
 	NOT-FOR-US: School Attendance Monitoring System
 CVE-2018-18798
-	RESERVED
-CVE-2018-18797 (School Attendance Monitoring System 1.0 has CSRF via ...)
+	TODO: check
+CVE-2018-18797
 	NOT-FOR-US: School Attendance Monitoring System
-CVE-2018-18796 (Library Management System 1.0 has SQL Injection via the &quot;Search for ...)
+CVE-2018-18796
 	NOT-FOR-US: Library Management System
-CVE-2018-18795 (School Event Management System 1.0 has SQL Injection via the ...)
+CVE-2018-18795
 	NOT-FOR-US: School Event Management System
-CVE-2018-18794 (School Event Management System 1.0 allows CSRF via ...)
+CVE-2018-18794
 	NOT-FOR-US: School Event Management System
-CVE-2018-18793 (School Event Management System 1.0 allows Arbitrary File Upload via ...)
+CVE-2018-18793
 	NOT-FOR-US: School Event Management System
-CVE-2018-18792 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18792
 	NOT-FOR-US: zzcms
-CVE-2018-18791 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18791
 	NOT-FOR-US: zzcms
-CVE-2018-18790 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18790
 	NOT-FOR-US: zzcms
-CVE-2018-18789 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18789
 	NOT-FOR-US: zzcms
-CVE-2018-18788 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18788
 	NOT-FOR-US: zzcms
-CVE-2018-18787 (An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php ...)
+CVE-2018-18787
 	NOT-FOR-US: zzcms
-CVE-2018-18786 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18786
 	NOT-FOR-US: zzcms
-CVE-2018-18785 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18785
 	NOT-FOR-US: zzcms
-CVE-2018-18784 (An issue was discovered in zzcms 8.3. SQL Injection exists in ...)
+CVE-2018-18784
 	NOT-FOR-US: zzcms
-CVE-2018-18783 (XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok ...)
+CVE-2018-18783
 	NOT-FOR-US: SEMCMS
-CVE-2018-18782 (Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/myfriend.php ...)
+CVE-2018-18782
 	NOT-FOR-US: DedeCMS
-CVE-2018-18781 (DedeCMS 5.7 SP2 allows XSS via the /member/uploads_select.php f or ...)
+CVE-2018-18781
 	NOT-FOR-US: DedeCMS
 CVE-2018-18780
 	RESERVED
 CVE-2018-18779
 	RESERVED
-CVE-2018-18778 (ACME mini_httpd before 1.30 lets remote users read arbitrary files. ...)
+CVE-2018-18778
 	- mini-httpd 1.30-0.1 (bug #913095)
 	[stretch] - mini-httpd <no-dsa> (Minor issue)
-CVE-2018-18777 (Directory traversal vulnerability in Microstrategy Web, version 7, in ...)
+CVE-2018-18777
 	NOT-FOR-US: Microstrategy Web
-CVE-2018-18776 (Microstrategy Web, version 7, does not sufficiently encode ...)
+CVE-2018-18776
 	NOT-FOR-US: Microstrategy Web
-CVE-2018-18775 (Microstrategy Web, version 7, does not sufficiently encode ...)
+CVE-2018-18775
 	NOT-FOR-US: Microstrategy Web
-CVE-2018-18774 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 ...)
+CVE-2018-18774
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18773 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 ...)
+CVE-2018-18773
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18772 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 ...)
+CVE-2018-18772
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18771 (An issue was discovered in LuLu CMS through 2015-05-14. ...)
+CVE-2018-18771
 	NOT-FOR-US: Lulu CMS
 CVE-2018-18770
 	RESERVED
@@ -5768,185 +5761,185 @@ CVE-2018-18769
 	RESERVED
 CVE-2018-18768
 	RESERVED
-CVE-2018-18767 (An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. ...)
+CVE-2018-18767
 	NOT-FOR-US: D-Link
 CVE-2018-18766
 	RESERVED
-CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
+CVE-2018-18765
 	- smplayer 18.5.0~ds1-1
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2018-18764 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
+CVE-2018-18764
 	- smplayer 18.5.0~ds1-1
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2018-18763 (SaltOS 3.1 r8126 allows ...)
+CVE-2018-18763
 	NOT-FOR-US: SaltOS
 CVE-2018-18762
-	RESERVED
-CVE-2018-18761 (SaltOS 3.1 r8126 allows action=login&amp;querystring=&amp;user=[SQL] SQL ...)
+	TODO: check
+CVE-2018-18761
 	NOT-FOR-US: SaltOS
-CVE-2018-18760 (RhinOS 3.0 build 1190 allows CSRF. ...)
+CVE-2018-18760
 	NOT-FOR-US: RhinOS
-CVE-2018-18759 (Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow. ...)
+CVE-2018-18759
 	NOT-FOR-US: Modbus Slave
 CVE-2018-18758
 	RESERVED
 CVE-2018-18757
 	RESERVED
-CVE-2018-18756 (Local Server 1.0.9 has a Buffer Overflow via crafted data on Port ...)
+CVE-2018-18756
 	NOT-FOR-US: Local Server
-CVE-2018-18755 (K-iwi Framework 1775 has SQL Injection via the admin/user/group/update ...)
+CVE-2018-18755
 	NOT-FOR-US: K-iwi Framework
-CVE-2018-18754 (ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account ...)
+CVE-2018-18754
 	NOT-FOR-US: ZyXEL
-CVE-2018-18753 (Typecho V1.1 allows remote attackers to send shell commands via ...)
+CVE-2018-18753
 	NOT-FOR-US: Typecho
-CVE-2018-18752 (Webiness Inventory 2.3 suffers from an Arbitrary File upload ...)
+CVE-2018-18752
 	NOT-FOR-US: Webiness Inventory
-CVE-2018-18751 (An issue was discovered in GNU gettext 0.19.8. There is a double free ...)
+CVE-2018-18751
 	- gettext 0.19.8.1-9 (unimportant; bug #913173)
 	NOTE: https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=commitdiff;h=dce3a16e5e9368245735e29bf498dcd5e3e474a4
 	NOTE: Negligible security impact
 CVE-2018-18750
 	RESERVED
-CVE-2018-18749 (data-tools through 2017-07-26 has an Integer Overflow leading to an ...)
+CVE-2018-18749
 	NOT-FOR-US: data-tools
-CVE-2018-18748 (** DISPUTED ** Sandboxie 5.26 allows a Sandbox Escape via an &quot;import ...)
+CVE-2018-18748
 	NOT-FOR-US: Sandboxie
 CVE-2018-18747
 	RESERVED
 CVE-2018-18746
 	RESERVED
-CVE-2018-18745 (An XSS issue was discovered in SEMCMS 3.4 via ...)
+CVE-2018-18745
 	NOT-FOR-US: SEMCMS
-CVE-2018-18744 (An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to the ...)
+CVE-2018-18744
 	NOT-FOR-US: SEMCMS
-CVE-2018-18743 (An XSS issue was discovered in SEMCMS 3.4 via the second text field to ...)
+CVE-2018-18743
 	NOT-FOR-US: SEMCMS
-CVE-2018-18742 (A CSRF issue was discovered in SEMCMS 3.4 via the ...)
+CVE-2018-18742
 	NOT-FOR-US: SEMCMS
-CVE-2018-18741 (An XSS issue was discovered in SEMCMS 3.4 via ...)
+CVE-2018-18741
 	NOT-FOR-US: SEMCMS
-CVE-2018-18740 (An XSS issue was discovered in SEMCMS 3.4 via the first input field to ...)
+CVE-2018-18740
 	NOT-FOR-US: SEMCMS
-CVE-2018-18739 (An XSS issue was discovered in SEMCMS 3.4 via the ...)
+CVE-2018-18739
 	NOT-FOR-US: SEMCMS
-CVE-2018-18738 (An XSS issue was discovered in SEMCMS 3.4 via the ...)
+CVE-2018-18738
 	NOT-FOR-US: SEMCMS
-CVE-2018-18737 (An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php ...)
+CVE-2018-18737
 	NOT-FOR-US: Douchat
-CVE-2018-18736 (An XSS issue was discovered in catfish blog 2.0.33, related to &quot;write ...)
+CVE-2018-18736
 	NOT-FOR-US: catfish blog (different from src:catfish)
-CVE-2018-18735 (A CSRF issue was discovered in admin/Index/tiquan in catfish blog ...)
+CVE-2018-18735
 	NOT-FOR-US: catfish blog (different from src:catfish)
-CVE-2018-18734 (A CSRF issue was discovered in admin/Index/addmanageuser.html in ...)
+CVE-2018-18734
 	NOT-FOR-US: Catfish CMS
-CVE-2018-18733 (An XSS issue was discovered in Catfish CMS 4.8.30, related to &quot;write ...)
+CVE-2018-18733
 	NOT-FOR-US: Catfish CMS
-CVE-2018-18732 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18732
 	NOT-FOR-US: Tenda devices
-CVE-2018-18731 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18731
 	NOT-FOR-US: Tenda devices
-CVE-2018-18730 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18730
 	NOT-FOR-US: Tenda devices
-CVE-2018-18729 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18729
 	NOT-FOR-US: Tenda devices
-CVE-2018-18728 (An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 ...)
+CVE-2018-18728
 	NOT-FOR-US: Tenda devices
-CVE-2018-18727 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18727
 	NOT-FOR-US: Tenda devices
-CVE-2018-18726 (An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in ...)
+CVE-2018-18726
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18725 (An XSS issue was discovered in admin/banner/editbanner?id=20 in YUNUCMS ...)
+CVE-2018-18725
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18724 (An XSS issue was discovered in ...)
+CVE-2018-18724
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18723 (An XSS issue was discovered in index.php/admin/area/editarea/id/110000 ...)
+CVE-2018-18723
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18722 (An XSS issue was discovered in admin/content/editcontent?id=29&amp;gopage=1 ...)
+CVE-2018-18722
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18721 (An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS ...)
+CVE-2018-18721
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18720 (An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS ...)
+CVE-2018-18720
 	NOT-FOR-US: YUNUCMS
 CVE-2018-18719
 	RESERVED
-CVE-2018-18718 (An issue was discovered in gThumb through 3.6.2. There is a double-free ...)
+CVE-2018-18718
 	{DLA-1567-1}
 	- gthumb 3:3.6.2-2 (unimportant; bug #912290)
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/issues/18
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/06c39346fda502bd37429006d4822dd977995661 (master)
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/f3edf6952757f887569e8c26cf18d40409f3fdca (3.6)
 	NOTE: Crash in end user application, no security impact
-CVE-2018-18717 (An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists ...)
+CVE-2018-18717
 	NOT-FOR-US: Eleanor CMS
-CVE-2018-18716 (Zoho ManageEngine OpManager 12.3 before 123219 has a Self XSS ...)
+CVE-2018-18716
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-18715 (Zoho ManageEngine OpManager 12.3 before 123219 has stored XSS. ...)
+CVE-2018-18715
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-18714 (RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible ...)
+CVE-2018-18714
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-18713 (The function down_sql_action() in /admin/model/database.class.php in ...)
+CVE-2018-18713
 	NOT-FOR-US: PHPYun
-CVE-2018-18712 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
+CVE-2018-18712
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18711 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
+CVE-2018-18711
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18709 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18709
 	NOT-FOR-US: Tenda devices
-CVE-2018-18708 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18708
 	NOT-FOR-US: Tenda devices
-CVE-2018-18707 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18707
 	NOT-FOR-US: Tenda devices
-CVE-2018-18706 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-18706
 	NOT-FOR-US: Tenda devices
-CVE-2018-18710 (An issue was discovered in the Linux kernel through 4.19. An ...)
+CVE-2018-18710
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://git.kernel.org/linus/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
-CVE-2018-18705 (PhpTpoint hospital management system suffers from multiple SQL ...)
+CVE-2018-18705
 	NOT-FOR-US: PhpTpoint hospital management system
-CVE-2018-18704 (PhpTpoint Pharmacy Management System suffers from a SQL injection ...)
+CVE-2018-18704
 	NOT-FOR-US: PhpTpoint Pharmacy Management System
-CVE-2018-18703 (PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple ...)
+CVE-2018-18703
 	NOT-FOR-US: PhpTpoint Mailing Server Using File Handling
-CVE-2018-18702 (spider.admincp.php in iCMS v7.0.11 allows SQL injection via ...)
+CVE-2018-18702
 	NOT-FOR-US: iCMS
-CVE-2018-18701 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
+CVE-2018-18701
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-18700 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
+CVE-2018-18700
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-18699 (An issue was discovered in GoPro gpmf-parser 1.2.1. There is an ...)
+CVE-2018-18699
 	NOT-FOR-US: GoPro gpmf-parser
-CVE-2018-18698 (An issue was discovered on Xiaomi Mi A1 ...)
+CVE-2018-18698
 	NOT-FOR-US: Xiaomi Mi A1 devices
 CVE-2018-18697
 	RESERVED
-CVE-2018-18696 (main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has ...)
+CVE-2018-18696
 	NOT-FOR-US: Microstrategy Analytics
-CVE-2018-18695 (M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with ...)
+CVE-2018-18695
 	NOT-FOR-US: M2SOFT Report Designer Viewer
-CVE-2018-18694 (admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote ...)
+CVE-2018-18694
 	NOT-FOR-US: Monstra CMS
 CVE-2018-18693
 	RESERVED
-CVE-2018-18692 (A reflected Cross-Site scripting (XSS) vulnerability in SEMCO Semcosoft ...)
+CVE-2018-18692
 	NOT-FOR-US: SEMCO
 CVE-2018-18691
 	RESERVED
-CVE-2018-18690 (In the Linux kernel before 4.17, a local attacker able to set ...)
+CVE-2018-18690
 	{DLA-1715-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.144-1
@@ -5997,97 +5990,97 @@ CVE-2018-18669
 	RESERVED
 CVE-2018-18668
 	RESERVED
-CVE-2018-18667 (The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum ...)
+CVE-2018-18667
 	NOT-FOR-US: Some Ethereum token
-CVE-2018-18666 (The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum ...)
+CVE-2018-18666
 	NOT-FOR-US: Some Ethereum token
-CVE-2018-18665 (The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum ...)
+CVE-2018-18665
 	NOT-FOR-US: Some Ethereum token
 CVE-2018-18664
 	RESERVED
 CVE-2018-18663
 	RESERVED
-CVE-2018-18662 (There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in ...)
+CVE-2018-18662
 	- mupdf 1.14.0+ds1-3 (bug #912013)
 	[jessie] - mupdf <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700043
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=164ddc22ee0d5b63a81d5148f44c37dd132a9356
-CVE-2018-18661 (An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer ...)
+CVE-2018-18661
 	- tiff 4.0.10-1 (unimportant; bug #912012)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2819
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/99b10edde9a0fc28cc0e7b7757aa18ac4c8c225f
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-18660 (An issue was discovered in Arcserve Unified Data Protection (UDP) ...)
+CVE-2018-18660
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18659 (An issue was discovered in Arcserve Unified Data Protection (UDP) ...)
+CVE-2018-18659
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18658 (An issue was discovered in Arcserve Unified Data Protection (UDP) ...)
+CVE-2018-18658
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18657 (An issue was discovered in Arcserve Unified Data Protection (UDP) ...)
+CVE-2018-18657
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18656 (The PureVPN client before 6.1.0 for Windows stores Login Credentials ...)
+CVE-2018-18656
 	NOT-FOR-US: PureVPN client for Windows
-CVE-2018-18653 (The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI ...)
+CVE-2018-18653
 	- linux <undetermined>
 	TODO: check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset  https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
-CVE-2018-18652 (A remote command execution vulnerability in Veritas NetBackup Appliance ...)
+CVE-2018-18652
 	NOT-FOR-US: Veritas NetBackup Appliance
-CVE-2018-18655 (Prayer through 1.3.5 sends a Referer header, containing a user's ...)
+CVE-2018-18655
 	- prayer 1.3.5-dfsg1-5 (low; bug #911842)
 	[stretch] - prayer <no-dsa> (Minor issue)
 	[jessie] - prayer <no-dsa> (Minor issue)
-CVE-2018-18654 (Crossroads 2.81 does not properly handle the /tmp directory during a ...)
+CVE-2018-18654
 	- crossroads <removed> (unimportant; bug #911877)
 	NOTE: Issue exploitable only during build of package
-CVE-2018-18651 (An issue was discovered in Xpdf 4.00. catalog-&gt;getNumPages() in ...)
+CVE-2018-18651
 	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
-CVE-2018-18650 (An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc ...)
+CVE-2018-18650
 	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
-CVE-2018-18649 (An issue was discovered in the wiki API in GitLab Community and ...)
+CVE-2018-18649
 	- gitlab <not-affected> (Only affects 11.3 and later)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18648 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18648
 	- gitlab <not-affected> (Only affects 11.2 and later)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18647 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18647
 	- gitlab <not-affected> (Only affects GitLab EE)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18646 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18646
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18645 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18645
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18644 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18644
 	- gitlab <not-affected> (Only affects GitLab EE)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
 CVE-2018-18643 [Persistent XSS autocomplete]
 	RESERVED
 	- gitlab <not-affected> (Only affects 11.2 and later)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18642 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18642
 	- gitlab <not-affected> (Only affects GitLab EE)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18641 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18641
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18640 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-18640
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
 CVE-2018-18639
 	RESERVED
-CVE-2018-18638 (A command injection vulnerability in the setup API in the Neato Botvac ...)
+CVE-2018-18638
 	NOT-FOR-US: Neato
 CVE-2018-18637
 	RESERVED
-CVE-2018-18636 (XSS exists in cgi-bin/webcm on D-link DSL-2640T routers via the ...)
+CVE-2018-18636
 	NOT-FOR-US: D-Link
-CVE-2018-18635 (www/guis/admin/application/controllers/UserController.php in the ...)
+CVE-2018-18635
 	NOT-FOR-US: MailCleaner
 CVE-2018-18634
 	RESERVED
@@ -6095,7 +6088,7 @@ CVE-2018-18633
 	RESERVED
 CVE-2018-18632
 	RESERVED
-CVE-2018-18883 (An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 ...)
+CVE-2018-18883
 	- xen 4.11.1-1
 	[stretch] - xen <not-affected> (Only affects 4.9 and later)
 	[jessie] - xen <not-affected> (Only affects 4.9 and later)
@@ -6104,13 +6097,13 @@ CVE-2018-18631
 	RESERVED
 CVE-2018-18630
 	RESERVED
-CVE-2018-18629 (An issue was discovered in the Keybase command-line client before ...)
+CVE-2018-18629
 	NOT-FOR-US: Keybase command-line client
-CVE-2018-18628 (An issue was discovered in Pippo 1.11.0. The function ...)
+CVE-2018-18628
 	NOT-FOR-US: Pippo
 CVE-2018-18627
 	RESERVED
-CVE-2018-18626 (An issue was discovered in PHPYun V4.6. There is a vulnerability that ...)
+CVE-2018-18626
 	NOT-FOR-US: PHPYun
 CVE-2018-18625
 	RESERVED
@@ -6118,13 +6111,13 @@ CVE-2018-18624
 	RESERVED
 CVE-2018-18623
 	RESERVED
-CVE-2018-18622 (An issue was discovered in Waimai Super Cms 20150505. There is XSS via ...)
+CVE-2018-18622
 	NOT-FOR-US: Waimai Super Cms
-CVE-2018-18621 (CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! ...)
+CVE-2018-18621
 	NOT-FOR-US: CommuniGate Pro
 CVE-2018-18620
 	RESERVED
-CVE-2018-18619 (internal/advanced_comment_system/admin.php in Advanced Comment System ...)
+CVE-2018-18619
 	NOT-FOR-US: Advanced Comment System
 CVE-2018-18618
 	RESERVED
@@ -6146,23 +6139,23 @@ CVE-2018-18610
 	RESERVED
 CVE-2018-18609
 	RESERVED
-CVE-2018-18608 (DedeCMS 5.7 SP2 allows XSS via the function named GetPageList defined ...)
+CVE-2018-18608
 	NOT-FOR-US: DedeCMS
-CVE-2018-18607 (An issue was discovered in elf_link_input_bfd in elflink.c in the ...)
+CVE-2018-18607
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23805
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a
-CVE-2018-18606 (An issue was discovered in the merge_strings function in merge.c in the ...)
+CVE-2018-18606
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23806
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc
-CVE-2018-18605 (A heap-based buffer over-read issue was discovered in the function ...)
+CVE-2018-18605
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
@@ -6171,15 +6164,15 @@ CVE-2018-18605 (A heap-based buffer over-read issue was discovered in the functi
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61
 CVE-2018-18604
 	RESERVED
-CVE-2018-18603 (** DISPUTED ** 360 Total Security 3.5.0.1033 allows a Sandbox Escape ...)
+CVE-2018-18603
 	NOT-FOR-US: 360 Total Security
-CVE-2018-18602 (The Cloud API on Guardzilla smart cameras allows user enumeration, ...)
+CVE-2018-18602
 	NOT-FOR-US: Guardzilla
-CVE-2018-18601 (The TK_set_deviceModel_req_handle function in the cloud communication ...)
+CVE-2018-18601
 	NOT-FOR-US: Guardzilla
-CVE-2018-18600 (The remote upgrade feature in Guardzilla GZ180 devices allow command ...)
+CVE-2018-18600
 	NOT-FOR-US: Guardzilla
-CVE-2018-18599 (Stegdetect through 2018-05-26 has an out-of-bounds write in f5_compress ...)
+CVE-2018-18599
 	- stegdetect <removed>
 CVE-2018-18598
 	RESERVED
@@ -6191,43 +6184,43 @@ CVE-2018-18595
 	RESERVED
 CVE-2018-18594
 	RESERVED
-CVE-2018-18593 (Remote Directory Traversal and Remote Disclosure of Privileged ...)
+CVE-2018-18593
 	NOT-FOR-US: UCMDB Configuration Management Service
 CVE-2018-18592
 	RESERVED
-CVE-2018-18591 (A potential unauthorized disclosure of data vulnerability has been ...)
+CVE-2018-18591
 	NOT-FOR-US: Micro Focus
-CVE-2018-18590 (A potential remote code execution and information disclosure ...)
+CVE-2018-18590
 	NOT-FOR-US: Micro Focus
-CVE-2018-18589 (A potential Remote Arbitrary Code Execution vulnerability has been ...)
+CVE-2018-18589
 	NOT-FOR-US: Micro Focus
 CVE-2018-18588
 	RESERVED
-CVE-2018-18587 (BigProf AppGini 5.70 stores the passwords in the database using the MD5 ...)
+CVE-2018-18587
 	NOT-FOR-US: BigProf AppGini
-CVE-2018-18583 (An issue has been found in LuPng through 2017-03-10. It is a heap-based ...)
+CVE-2018-18583
 	NOT-FOR-US: LuPng
-CVE-2018-18582 (An issue has been found in LuPng through 2017-03-10. It is a heap-based ...)
+CVE-2018-18582
 	NOT-FOR-US: LuPng
-CVE-2018-18581 (An issue has been found in LuPng through 2017-03-10. It is a heap-based ...)
+CVE-2018-18581
 	NOT-FOR-US: LuPng
 CVE-2018-18580
 	RESERVED
-CVE-2018-18579 (Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder ...)
+CVE-2018-18579
 	NOT-FOR-US: DedeCMS
-CVE-2018-18578 (DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter. ...)
+CVE-2018-18578
 	NOT-FOR-US: DedeCMS
 CVE-2018-18577
 	RESERVED
 CVE-2018-18576
 	RESERVED
-CVE-2018-18585 (chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts ...)
+CVE-2018-18585
 	{DLA-1555-1}
 	- libmspack 0.8-1 (bug #911637)
 	[stretch] - libmspack 0.5-1+deb9u3
 	NOTE: https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
-CVE-2018-18586 (** DISPUTED ** chmextract.c in the chmextract sample program, as ...)
+CVE-2018-18586
 	- libmspack 0.8-1 (unimportant; bug #911639)
 	NOTE: https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
@@ -6235,7 +6228,7 @@ CVE-2018-18586 (** DISPUTED ** chmextract.c in the chmextract sample program, as
 	NOTE: This sample code is not installed into the binary packages and was as well
 	NOTE: never the idea to use it in "productised" binaries, but rather just simple
 	NOTE: examples of the library use.
-CVE-2018-18584 (In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, ...)
+CVE-2018-18584
 	{DLA-1555-1}
 	- cabextract 1.4-5
 	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
@@ -6255,34 +6248,34 @@ CVE-2018-18571
 	RESERVED
 CVE-2018-18570
 	RESERVED
-CVE-2018-18569 (The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side ...)
+CVE-2018-18569
 	NOT-FOR-US: Dundas BI
-CVE-2018-18568 (Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows ...)
+CVE-2018-18568
 	NOT-FOR-US: Polycom
-CVE-2018-18567 (AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows ...)
+CVE-2018-18567
 	NOT-FOR-US: AudioCodes devices
-CVE-2018-18566 (The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and ...)
+CVE-2018-18566
 	NOT-FOR-US: Polycom
-CVE-2018-18565 (An issue was discovered in Roche Accu-Chek Inform II Instrument before ...)
+CVE-2018-18565
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18564 (An issue was discovered in Roche Accu-Chek Inform II Instrument before ...)
+CVE-2018-18564
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18563 (An issue was discovered in Roche Accu-Chek Inform II Instrument before ...)
+CVE-2018-18563
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18562 (An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base ...)
+CVE-2018-18562
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18561 (An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base ...)
+CVE-2018-18561
 	NOT-FOR-US: Roche Diagnostics
 CVE-2018-18560
 	RESERVED
-CVE-2018-18559 (In the Linux kernel through 4.19, a use-after-free can occur due to a ...)
+CVE-2018-18559
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux 3.16.56-1
 	NOTE: Fixed by: https://git.kernel.org/linus/15fe076edea787807a7cdc168df832544b58eba6
 CVE-2018-18558
 	RESERVED
-CVE-2018-18557 (LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a ...)
+CVE-2018-18557
 	{DSA-4349-1 DLA-1557-1}
 	- tiff 4.0.9+git181026-1 (bug #911635)
 	- tiff3 <removed>
@@ -6294,31 +6287,31 @@ CVE-2018-XXXX [out of bounds memory read in MED files]
 	[stretch] - libopenmpt <no-dsa> (Minor issue)
 	NOTE: https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/
 	NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision&rev=10903
-CVE-2018-18556 (A privilege escalation issue was discovered in VyOS 1.1.8. The default ...)
+CVE-2018-18556
 	NOT-FOR-US: VyOS
-CVE-2018-18555 (A sandbox escape issue was discovered in VyOS 1.1.8. It provides a ...)
+CVE-2018-18555
 	NOT-FOR-US: VyOS
 CVE-2018-18554
 	RESERVED
-CVE-2018-18553 (Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is ...)
+CVE-2018-18553
 	NOT-FOR-US: Leanote
-CVE-2018-18552 (ServersCheck Monitoring Software through 14.3.3 allows local users to ...)
+CVE-2018-18552
 	NOT-FOR-US: ServersCheck Monitoring Software
-CVE-2018-18551 (ServersCheck Monitoring Software through 14.3.3 has Persistent and ...)
+CVE-2018-18551
 	NOT-FOR-US: ServersCheck Monitoring Software
-CVE-2018-18550 (ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by ...)
+CVE-2018-18550
 	NOT-FOR-US: ServersCheck Monitoring Software
 CVE-2018-18549
 	RESERVED
-CVE-2018-18548 (ajenticp (aka Ajenti Docker control panel) for Ajenti through ...)
+CVE-2018-18548
 	NOT-FOR-US: Ajenti
-CVE-2018-18547 (Vesta Control Panel through 0.9.8-22 has XSS via the edit/web/ domain ...)
+CVE-2018-18547
 	NOT-FOR-US: Vesta Control Panel
-CVE-2018-18546 (ThinkPHP 3.2.4 has SQL Injection via the order parameter because the ...)
+CVE-2018-18546
 	NOT-FOR-US: ThinkPHP
-CVE-2018-18545 (Fiyo CMS 2.0.7 has XSS via the dapur\apps\app_user\edit_user.php name ...)
+CVE-2018-18545
 	NOT-FOR-US: Fiyo CMS
-CVE-2018-18544 (There is a memory leak in the function WriteMSLImage of coders/msl.c ...)
+CVE-2018-18544
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	- graphicsmagick 1.3.31-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1360
@@ -6326,11 +6319,11 @@ CVE-2018-18543
 	RESERVED
 CVE-2018-18542
 	RESERVED
-CVE-2018-18540 (TeaKKi 2.7 allows XSS via a crafted onerror attribute for a picture's ...)
+CVE-2018-18540
 	NOT-FOR-US: TeaKKi
 CVE-2018-18539
 	RESERVED
-CVE-2018-18541 (In Teeworlds before 0.6.5, connection packets could be forged. There ...)
+CVE-2018-18541
 	{DSA-4329-1}
 	- teeworlds 0.7.0-1 (bug #911487)
 	[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
@@ -6341,11 +6334,11 @@ CVE-2018-18541 (In Teeworlds before 0.6.5, connection packets could be forged. T
 	NOTE: https://github.com/teeworlds/teeworlds/commit/f5fa1a92ed81ed8da721e803a036b1553a38e39e
 CVE-2018-18538
 	RESERVED
-CVE-2018-18537 (The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier ...)
+CVE-2018-18537
 	NOT-FOR-US: ASUS
-CVE-2018-18536 (The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 ...)
+CVE-2018-18536
 	NOT-FOR-US: ASUS
-CVE-2018-18535 (The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier ...)
+CVE-2018-18535
 	NOT-FOR-US: ASUS
 CVE-2018-18534
 	RESERVED
@@ -6353,15 +6346,15 @@ CVE-2018-18533
 	RESERVED
 CVE-2018-18532
 	RESERVED
-CVE-2018-18531 (text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, ...)
+CVE-2018-18531
 	NOT-FOR-US: kaptcha
-CVE-2018-18530 (ThinkPHP 5.1.25 has SQL Injection via the count parameter because the ...)
+CVE-2018-18530
 	NOT-FOR-US: ThinkPHP
-CVE-2018-18529 (ThinkPHP 3.2.4 has SQL Injection via the count parameter because the ...)
+CVE-2018-18529
 	NOT-FOR-US: ThinkPHP
 CVE-2018-18528
 	RESERVED
-CVE-2018-18527 (OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or ...)
+CVE-2018-18527
 	NOT-FOR-US: OwnTicket
 CVE-2018-18526
 	RESERVED
@@ -6373,25 +6366,25 @@ CVE-2018-18523
 	RESERVED
 CVE-2018-18522
 	RESERVED
-CVE-2018-18521 (Divide-by-zero vulnerabilities in the function arlib_add_symbols() in ...)
+CVE-2018-18521
 	{DLA-1689-1}
 	- elfutils 0.175-1 (low; bug #911413)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23786
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2b16a9be69939822dcafe075413468daac98b327
-CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function elf_end in ...)
+CVE-2018-18520
 	{DLA-1689-1}
 	- elfutils 0.175-1 (low; bug #911414)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=22d2d082d57a7470fadc0eae67179553f4919209
-CVE-2018-18519 (BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain ...)
+CVE-2018-18519
 	NOT-FOR-US: BestXsoftware Best Free Keylogger
 CVE-2018-18518
 	RESERVED
-CVE-2018-18517 (Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before ...)
+CVE-2018-18517
 	NOT-FOR-US: Citrix
 CVE-2018-18516
 	RESERVED
@@ -6424,10 +6417,10 @@ CVE-2018-18508 [NULL pointer dereference in several CMS functions resulting in a
 	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.42.1_release_notes
 CVE-2018-18507
 	RESERVED
-CVE-2018-18506 (When proxy auto-detection is enabled, if a web server serves a Proxy ...)
+CVE-2018-18506
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18506
-CVE-2018-18505 (An earlier fix for an Inter-process Communication (IPC) vulnerability, ...)
+CVE-2018-18505
 	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
@@ -6435,16 +6428,16 @@ CVE-2018-18505 (An earlier fix for an Inter-process Communication (IPC) vulnerab
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18505
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18505
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18505
-CVE-2018-18504 (A crash and out-of-bounds read can occur when the buffer of a texture ...)
+CVE-2018-18504
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18504
-CVE-2018-18503 (When JavaScript is used to create and manipulate an audio buffer, a ...)
+CVE-2018-18503
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18503
-CVE-2018-18502 (Mozilla developers and community members reported memory safety bugs ...)
+CVE-2018-18502
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18502
-CVE-2018-18501 (Mozilla developers and community members reported memory safety bugs ...)
+CVE-2018-18501
 	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
@@ -6452,7 +6445,7 @@ CVE-2018-18501 (Mozilla developers and community members reported memory safety
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18501
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18501
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18501
-CVE-2018-18500 (A use-after-free vulnerability can occur while parsing an HTML5 stream ...)
+CVE-2018-18500
 	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
@@ -6460,7 +6453,7 @@ CVE-2018-18500 (A use-after-free vulnerability can occur while parsing an HTML5
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18500
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18500
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18500
-CVE-2018-18499 (A same-origin policy violation allowing the theft of cross-origin URL ...)
+CVE-2018-18499
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1 DLA-1571-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -6468,7 +6461,7 @@ CVE-2018-18499 (A same-origin policy violation allowing the theft of cross-origi
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-18499
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-18499
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-18499
-CVE-2018-18498 (A potential vulnerability leading to an integer overflow can occur ...)
+CVE-2018-18498
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6476,16 +6469,16 @@ CVE-2018-18498 (A potential vulnerability leading to an integer overflow can occ
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18498
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18498
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18498
-CVE-2018-18497 (Limitations on the URIs allowed to WebExtensions by the ...)
+CVE-2018-18497
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18497
-CVE-2018-18496 (When the RSS Feed preview about:feeds page is framed within another ...)
+CVE-2018-18496
 	- firefox <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18496
-CVE-2018-18495 (WebExtension content scripts can be loaded into about: pages in some ...)
+CVE-2018-18495
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
-CVE-2018-18494 (A same-origin policy violation allowing the theft of cross-origin URL ...)
+CVE-2018-18494
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6493,7 +6486,7 @@ CVE-2018-18494 (A same-origin policy violation allowing the theft of cross-origi
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18494
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18494
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18494
-CVE-2018-18493 (A buffer overflow can occur in the Skia library during buffer offset ...)
+CVE-2018-18493
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6501,7 +6494,7 @@ CVE-2018-18493 (A buffer overflow can occur in the Skia library during buffer of
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18493
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18493
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18493
-CVE-2018-18492 (A use-after-free vulnerability can occur after deleting a selection ...)
+CVE-2018-18492
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6515,21 +6508,21 @@ CVE-2018-18490
 	RESERVED
 CVE-2018-18489
 	RESERVED
-CVE-2018-18488 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection ...)
+CVE-2018-18488
 	NOT-FOR-US: Gxlcms
-CVE-2018-18487 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database ...)
+CVE-2018-18487
 	NOT-FOR-US: Gxlcms
-CVE-2018-18486 (An issue was discovered in PHPSHE 1.7. SQL injection exists via the ...)
+CVE-2018-18486
 	NOT-FOR-US: PHPSHE
-CVE-2018-18485 (An issue was discovered in PHPSHE 1.7. admin.php?mod=db&amp;act=del allows ...)
+CVE-2018-18485
 	NOT-FOR-US: PHPSHE
-CVE-2018-18484 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
+CVE-2018-18484
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-18483 (The get_count function in cplus-dem.c in GNU libiberty, as distributed ...)
+CVE-2018-18483
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -6537,21 +6530,21 @@ CVE-2018-18483 (The get_count function in cplus-dem.c in GNU libiberty, as distr
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83472
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79111
-CVE-2018-18482 (An issue was discovered in libpg_query 10-1.0.2. There is a memory leak ...)
+CVE-2018-18482
 	NOT-FOR-US: libpg_query
-CVE-2018-18481 (A heap-based buffer over-read exists in libopencad 0.2.0 in the ...)
+CVE-2018-18481
 	NOT-FOR-US: libopencad
-CVE-2018-18480 (A heap-based buffer over-read exists in libopencad 0.2.0 in the ...)
+CVE-2018-18480
 	NOT-FOR-US: libopencad
 CVE-2018-18479
 	RESERVED
-CVE-2018-18478 (Persistent Cross-Site Scripting (XSS) issues in LibreNMS before 1.44 ...)
+CVE-2018-18478
 	NOT-FOR-US: LibreNMS
 CVE-2018-18477
 	RESERVED
-CVE-2018-18476 (mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it ...)
+CVE-2018-18476
 	NOT-FOR-US: mysql-binuuid-rails
-CVE-2018-18475 (Zoho ManageEngine OpManager before 12.3 build 123214 allows ...)
+CVE-2018-18475
 	NOT-FOR-US: Zoho
 CVE-2018-18474
 	RESERVED
@@ -6567,7 +6560,7 @@ CVE-2018-18469
 	RESERVED
 CVE-2018-18468
 	RESERVED
-CVE-2018-18467 (An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is ...)
+CVE-2018-18467
 	NOT-FOR-US: Daniel Gultsch Conversations
 CVE-2018-18466
 	RESERVED
@@ -6591,36 +6584,36 @@ CVE-2018-XXXX [External URL injection through URL aliases]
 	[jessie] - drupal7 7.32-1+deb8u13
 	NOTE: https://www.drupal.org/sa-core-2018-006
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=ee301cf5ebff3534b59fcece583b3a0e4f094f15
-CVE-2018-18461 (The Arigato Autoresponder and Newsletter (aka bft-autoresponder) ...)
+CVE-2018-18461
 	NOT-FOR-US: Arigato
-CVE-2018-18460 (XSS exists in the wp-live-chat-support v8.0.15 plugin for WordPress via ...)
+CVE-2018-18460
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-18459 (The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows ...)
+CVE-2018-18459
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18458 (The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows ...)
+CVE-2018-18458
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18457 (The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows ...)
+CVE-2018-18457
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18456 (The function Object::isName() in Object.h (called from ...)
+CVE-2018-18456
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18455 (The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote ...)
+CVE-2018-18455
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18454 (CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote ...)
+CVE-2018-18454
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
@@ -6631,9 +6624,9 @@ CVE-2018-18452
 	RESERVED
 CVE-2018-18451
 	RESERVED
-CVE-2018-18450 (apps\admin\controller\content\SingleController.php in PbootCMS before ...)
+CVE-2018-18450
 	NOT-FOR-US: PbooCMS
-CVE-2018-18449 (EmpireCMS 7.5 allows CSRF for adding a user account via an ...)
+CVE-2018-18449
 	NOT-FOR-US: EmpireCMS
 CVE-2018-18448
 	RESERVED
@@ -6641,34 +6634,34 @@ CVE-2018-18447
 	RESERVED
 CVE-2018-18446
 	RESERVED
-CVE-2018-18444 (makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds ...)
+CVE-2018-18444
 	- openexr <unfixed> (unimportant)
 	NOTE: Issue in exrmultiview which is not installed in the binary package.
-CVE-2018-18443 (OpenEXR 2.3.0 has a memory leak in ThreadPool in ...)
+CVE-2018-18443
 	- openexr <unfixed> (low)
 	[buster] - openexr <no-dsa> (Minor issue)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://github.com/openexr/openexr/issues/350
-CVE-2018-18442 (D-Link DCS-825L devices with firmware 1.08 do not employ a suitable ...)
+CVE-2018-18442
 	NOT-FOR-US: D-Link
-CVE-2018-18441 (D-Link DCS series Wi-Fi cameras expose sensitive information regarding ...)
+CVE-2018-18441
 	NOT-FOR-US: D-Link
-CVE-2018-18440 (DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer ...)
+CVE-2018-18440
 	- u-boot <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/02/2
 	NOTE: No security impact as supported/packaged in Debian
-CVE-2018-18439 (DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer ...)
+CVE-2018-18439
 	- u-boot <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/02/2
 	NOTE: No security impact as supported/packaged in Debian
-CVE-2018-18445 (In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before ...)
+CVE-2018-18445
 	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1686
 	NOTE: https://git.kernel.org/linus/b799207e1e1816b09e7a5920fbb2d5fcf6edd681
-CVE-2018-18438 (Qemu has integer overflows because IOReadHandler and its associated ...)
+CVE-2018-18438
 	- qemu 1:3.1+dfsg-1 (bug #911470)
 	[stretch] - qemu <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - qemu <ignored> (Minor issue, too intrusive to backport)
@@ -6676,29 +6669,29 @@ CVE-2018-18438 (Qemu has integer overflows because IOReadHandler and its associa
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02396.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02402.html
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/17/3
-CVE-2018-18437 (In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, ...)
+CVE-2018-18437
 	NOT-FOR-US: AXIOS
-CVE-2018-18436 (JTBC(PHP) 3.0 allows CSRF for creating an account via the ...)
+CVE-2018-18436
 	NOT-FOR-US: JTBC(PHP)
 CVE-2018-18435
-	RESERVED
-CVE-2018-18434 (An issue was discovered in litemall 0.9.0. Arbitrary file download is ...)
+	TODO: check
+CVE-2018-18434
 	NOT-FOR-US: litemall
-CVE-2018-18433 (An issue was discovered in DESTOON B2B 7.0. admin/category.inc.php has ...)
+CVE-2018-18433
 	NOT-FOR-US: DESTOON B2B
-CVE-2018-18432 (An issue was discovered in DESTOON B2B 7.0. CSRF exists via the ...)
+CVE-2018-18432
 	NOT-FOR-US: DESTOON B2B
-CVE-2018-18431 (An issue was discovered in DESTOON B2B 7.0. XSS exists via certain text ...)
+CVE-2018-18431
 	NOT-FOR-US: DESTOON B2B
-CVE-2018-18430 (An issue was discovered in DESTOON B2B 7.0. admin\setting.inc.php has ...)
+CVE-2018-18430
 	NOT-FOR-US: DESTOON B2B
 CVE-2018-18429
 	RESERVED
-CVE-2018-18428 (TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP ...)
+CVE-2018-18428
 	NOT-FOR-US: TP-Link
-CVE-2018-18427 (s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter ...)
+CVE-2018-18427
 	NOT-FOR-US: s-cms
-CVE-2018-18426 (s-cms 3.0 allows remote attackers to execute arbitrary PHP code by ...)
+CVE-2018-18426
 	NOT-FOR-US: s-cms
 CVE-2018-18425
 	RESERVED
@@ -6706,19 +6699,19 @@ CVE-2018-18424
 	RESERVED
 CVE-2018-18423
 	RESERVED
-CVE-2018-18422 (UsualToolCMS 8.0 allows CSRF for adding a user account via the ...)
+CVE-2018-18422
 	NOT-FOR-US: UsualToolCMS
 CVE-2018-18421
 	RESERVED
-CVE-2018-18420 (Cross-Site Request Forgery (CSRF) vulnerability was discovered in the ...)
+CVE-2018-18420
 	NOT-FOR-US: Zenario Content Management System
-CVE-2018-18419 (Stored XSS has been discovered in the upload section of ARDAWAN.COM ...)
+CVE-2018-18419
 	NOT-FOR-US: ARDAWAN.COM User Management
 CVE-2018-18418
 	RESERVED
-CVE-2018-18417 (In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been ...)
+CVE-2018-18417
 	NOT-FOR-US: Ekushey Project Manager CRM
-CVE-2018-18416 (LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and ...)
+CVE-2018-18416
 	NOT-FOR-US: LANGO Codeigniter Multilingual Scrip
 CVE-2018-18415
 	RESERVED
@@ -6732,18 +6725,18 @@ CVE-2018-18411
 	RESERVED
 CVE-2018-18410
 	RESERVED
-CVE-2018-18409 (A stack-based buffer over-read exists in setbit() at iptree.h of ...)
+CVE-2018-18409
 	- tcpflow 1.5.2+repack1-1 (unimportant; bug #911263)
 	NOTE: https://github.com/simsong/tcpflow/issues/195
 	NOTE: https://github.com/simsong/tcpflow/commit/89c04b4fb0e46b3c4f1388686e83966e531cbea9
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-18408 (A use-after-free was discovered in the tcpbridge binary of Tcpreplay ...)
+CVE-2018-18408
 	- tcpreplay 4.3.1-1 (bug #911493)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
 	NOTE: https://github.com/appneta/tcpreplay/issues/489
 	NOTE: https://github.com/appneta/tcpreplay/commit/59dc76a1d641b1a6b22fd7cd409bee6e0a015616
-CVE-2018-18407 (A heap-based buffer over-read was discovered in the tcpreplay-edit ...)
+CVE-2018-18407
 	- tcpreplay 4.3.1-1 (bug #911454)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -6763,49 +6756,49 @@ CVE-2018-18401
 	RESERVED
 CVE-2018-18400
 	RESERVED
-CVE-2018-18399 (SQL injection vulnerability in the &quot;ContentPlaceHolder1_uxTitle&quot; ...)
+CVE-2018-18399
 	NOT-FOR-US: KARMA
-CVE-2018-18398 (Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ...)
+CVE-2018-18398
 	- thunar <unfixed> (unimportant)
 	NOTE: https://0xd0ff9.wordpress.com/2018/10/18/cve-2018-18398/
 	NOTE: no security impact, crash in end user tool
-CVE-2018-18397 (The userfaultfd implementation in the Linux kernel before 4.19.7 ...)
+CVE-2018-18397
 	- linux 4.19.9-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lore.kernel.org/lkml/20181126173452.26955-1-aarcange@redhat.com/T/#u
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1700
-CVE-2018-18396 (Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device ...)
+CVE-2018-18396
 	NOT-FOR-US: Moxa
-CVE-2018-18395 (Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device ...)
+CVE-2018-18395
 	NOT-FOR-US: Moxa
-CVE-2018-18394 (Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT ...)
+CVE-2018-18394
 	NOT-FOR-US: Moxa
-CVE-2018-18393 (Password Management Issue in Moxa ThingsPro IIoT Gateway and Device ...)
+CVE-2018-18393
 	NOT-FOR-US: Moxa
-CVE-2018-18392 (Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT ...)
+CVE-2018-18392
 	NOT-FOR-US: Moxa
-CVE-2018-18391 (User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device ...)
+CVE-2018-18391
 	NOT-FOR-US: Moxa
-CVE-2018-18390 (User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management ...)
+CVE-2018-18390
 	NOT-FOR-US: Moxa
-CVE-2018-18389 (Due to incorrect access control in Neo4j Enterprise Database Server ...)
+CVE-2018-18389
 	NOT-FOR-US: Neo4J server
-CVE-2018-18388 (eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld ...)
+CVE-2018-18388
 	NOT-FOR-US: MicroWorld Technologies eScan
-CVE-2018-18387 (playSMS through 1.4.2 allows Privilege Escalation through Daemon ...)
+CVE-2018-18387
 	NOT-FOR-US: playSMS
-CVE-2018-18386 (drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local ...)
+CVE-2018-18386
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	[jessie] - linux 3.16.56-1
 	NOTE: Fixed by: https://git.kernel.org/linus/966031f340185eddd05affcf72b740549f056348
-CVE-2018-18385 (Asciidoctor in versions &lt; 1.5.8 allows remote attackers to cause a ...)
+CVE-2018-18385
 	- asciidoctor 1.5.8-1 (low; bug #913892)
 	[stretch] - asciidoctor <no-dsa> (Minor issue)
 	[jessie] - asciidoctor <no-dsa> (Minor issue)
 	NOTE: https://github.com/asciidoctor/asciidoctor/issues/2888
-CVE-2018-18384 (Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive ...)
+CVE-2018-18384
 	- unzip 6.0-11 (bug #741384)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1110194
 	NOTE: https://sourceforge.net/p/infozip/bugs/53/
@@ -6815,27 +6808,27 @@ CVE-2018-18384 (Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP a
 	NOTE: https://sourceforge.net/p/infozip/bugs/53/#ba07
 CVE-2018-18383
 	RESERVED
-CVE-2018-18382 (Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php ...)
+CVE-2018-18382
 	NOT-FOR-US: Advanced HRM
-CVE-2018-18381 (Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in ...)
+CVE-2018-18381
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-18380 (A Session Fixation issue was discovered in Bigtree before 4.2.24. ...)
+CVE-2018-18380
 	NOT-FOR-US: Bigtree CMS
 CVE-2018-18379
 	RESERVED
 CVE-2018-18378
 	RESERVED
-CVE-2018-18377 (goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows ...)
+CVE-2018-18377
 	NOT-FOR-US: Orange AirBox Y858_FL_01.16_04 devices
-CVE-2018-18376 (goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows ...)
+CVE-2018-18376
 	NOT-FOR-US: Orange AirBox
-CVE-2018-18375 (goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows ...)
+CVE-2018-18375
 	NOT-FOR-US: Orange AirBox
-CVE-2018-18374 (XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid ...)
+CVE-2018-18374
 	NOT-FOR-US: MetInfo
-CVE-2018-18373 (In the Schiocco &quot;Support Board - Chat And Help Desk&quot; plugin 1.2.3 for ...)
+CVE-2018-18373
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-18372 (A Stored XSS vulnerability has been discovered in KAASoft Library CMS ...)
+CVE-2018-18372
 	NOT-FOR-US: KAASoft Library CMS
 CVE-2018-18371
 	RESERVED
@@ -6851,26 +6844,26 @@ CVE-2018-18366
 	RESERVED
 CVE-2018-18365
 	RESERVED
-CVE-2018-18364 (Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be ...)
+CVE-2018-18364
 	NOT-FOR-US: Symantec
-CVE-2018-18363 (Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass ...)
+CVE-2018-18363
 	NOT-FOR-US: Norton App Lock
-CVE-2018-18362 (Norton Password Manager for Android (formerly Norton Identity Safe) ...)
+CVE-2018-18362
 	NOT-FOR-US: Norton Password Manager for Android
-CVE-2018-18361 (An issue was discovered in nc-cms through 2017-03-10. ...)
+CVE-2018-18361
 	NOT-FOR-US: nc-cms
 CVE-2018-18360
 	RESERVED
-CVE-2018-18359 (Incorrect handling of Reflect.construct in V8 in Google Chrome prior ...)
+CVE-2018-18359
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18358 (Lack of special casing of localhost in WPAD files in Google Chrome ...)
+CVE-2018-18358
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18357 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-18357
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18356 (An integer overflow in path handling lead to a use after free in Skia ...)
+CVE-2018-18356
 	{DSA-4392-1 DSA-4391-1 DSA-4352-1 DLA-1678-1 DLA-1677-1}
 	- chromium 71.0.3578.80-1
 	- firefox 65.0.1-1
@@ -6880,67 +6873,67 @@ CVE-2018-18356 (An integer overflow in path handling lead to a use after free in
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18356
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18356
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18356
-CVE-2018-18355 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-18355
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18354 (Insufficient validate of external protocols in Shell Integration in ...)
+CVE-2018-18354
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18353 (Failure to dismiss http auth dialogs on navigation in Network ...)
+CVE-2018-18353
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18352 (Service works could inappropriately gain access to cross origin audio ...)
+CVE-2018-18352
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18351 (Lack of proper validation of ancestor frames site when sending lax ...)
+CVE-2018-18351
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18350 (Incorrect handling of CSP enforcement during navigations in Blink in ...)
+CVE-2018-18350
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18349 (Remote frame navigations was incorrectly permitted to local resources ...)
+CVE-2018-18349
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18348 (Incorrect handling of bidirectional domain names with RTL characters ...)
+CVE-2018-18348
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18347 (Incorrect handling of failed navigations with invalid URLs in ...)
+CVE-2018-18347
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18346 (Incorrect handling of alert box display in Blink in Google Chrome ...)
+CVE-2018-18346
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18345 (Incorrect handling of blob URLS in Site Isolation in Google Chrome ...)
+CVE-2018-18345
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18344 (Inappropriate allowance of the setDownloadBehavior devtools protocol ...)
+CVE-2018-18344
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18343 (Incorrect handing of paths leading to a use after free in Skia in ...)
+CVE-2018-18343
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18342 (Execution of user supplied Javascript during object deserialization ...)
+CVE-2018-18342
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18341 (An integer overflow leading to a heap buffer overflow in Blink in ...)
+CVE-2018-18341
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18340 (Incorrect object lifecycle in MediaRecorder in Google Chrome prior to ...)
+CVE-2018-18340
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18339 (Incorrect object lifecycle in WebAudio in Google Chrome prior to ...)
+CVE-2018-18339
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18338 (Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome ...)
+CVE-2018-18338
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18337 (Incorrect handling of stylesheets leading to a use after free in Blink ...)
+CVE-2018-18337
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18336 (Incorrect object lifecycle in PDFium in Google Chrome prior to ...)
+CVE-2018-18336
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18335 (Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 ...)
+CVE-2018-18335
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 	- firefox-esr <not-affected> (Only affects MacOS specific which had Canvas 2D acceleration enabled)
@@ -6948,87 +6941,87 @@ CVE-2018-18335 (Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578
 	- skia <itp> (bug #818180)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18335
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18335
-CVE-2018-18334 (A vulnerability in the Private Browser of Trend Micro Dr. Safety for ...)
+CVE-2018-18334
 	NOT-FOR-US: Trend Micro
-CVE-2018-18333 (A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) ...)
+CVE-2018-18333
 	NOT-FOR-US: Trend Micro
-CVE-2018-18332 (A Trend Micro OfficeScan XG weak file permissions vulnerability may ...)
+CVE-2018-18332
 	NOT-FOR-US: Trend Micro
-CVE-2018-18331 (A Trend Micro OfficeScan XG weak file permissions vulnerability on a ...)
+CVE-2018-18331
 	NOT-FOR-US: Trend Micro
-CVE-2018-18330 (An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for ...)
+CVE-2018-18330
 	NOT-FOR-US: Trend Micro
-CVE-2018-18329 (A KERedirect Untrusted Pointer Dereference Privilege Escalation ...)
+CVE-2018-18329
 	NOT-FOR-US: Trend Micro
-CVE-2018-18328 (A KERedirect Untrusted Pointer Dereference Privilege Escalation ...)
+CVE-2018-18328
 	NOT-FOR-US: Trend Micro
-CVE-2018-18327 (A KERedirect Untrusted Pointer Dereference Privilege Escalation ...)
+CVE-2018-18327
 	NOT-FOR-US: Trend Micro
 CVE-2018-18326
 	RESERVED
 CVE-2018-18325
 	RESERVED
-CVE-2018-18324 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via ...)
+CVE-2018-18324
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18323 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File ...)
+CVE-2018-18323
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18322 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command ...)
+CVE-2018-18322
 	NOT-FOR-US: CentOS Web Panel
 CVE-2018-18321
 	RESERVED
-CVE-2018-18320 (** DISPUTED ** An issue was discovered in the Merlin.PHP component ...)
+CVE-2018-18320
 	NOT-FOR-US: Merlin.PHP component for Asuswrt-Merlin devices
-CVE-2018-18319 (** DISPUTED ** An issue was discovered in the Merlin.PHP component ...)
+CVE-2018-18319
 	NOT-FOR-US: Merlin.PHP component for Asuswrt-Merlin devices
-CVE-2018-18318 (The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360 Phone N6 ...)
+CVE-2018-18318
 	NOT-FOR-US: Qiku 360 Phone
-CVE-2018-18317 (DESHANG DSCMS 1.1 has CSRF via the ...)
+CVE-2018-18317
 	NOT-FOR-US: DESHANG DSCMS
-CVE-2018-18316 (emlog v6.0.0 has CSRF via the admin/user.php?action=new URI. ...)
+CVE-2018-18316
 	NOT-FOR-US: emlog
-CVE-2018-18315 (com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to ...)
+CVE-2018-18315
 	NOT-FOR-US: lemon, different from src:lemon
-CVE-2018-18314 (Perl before 5.26.3 has a buffer overflow via a crafted regular ...)
+CVE-2018-18314
 	{DSA-4347-1}
 	- perl 5.28.0-3
 	[jessie] - perl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=131649
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/19a498a461d7c81ae3507c450953d1148efecf4f
-CVE-2018-18313 (Perl before 5.26.3 has a buffer over-read via a crafted regular ...)
+CVE-2018-18313
 	{DSA-4347-1}
 	- perl 5.28.0-3
 	[jessie] - perl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=133192
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/43b2f4ef399e2fd7240b4eeb0658686ad95f8e62
-CVE-2018-18312 (Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via ...)
+CVE-2018-18312
 	{DSA-4347-1}
 	- perl 5.28.1-1
 	[jessie] - perl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=133423
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/9b0464aa670d0a59bda5b75d54f2a6b6f9d1288a
-CVE-2018-18311 (Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via ...)
+CVE-2018-18311
 	{DSA-4347-1 DLA-1601-1}
 	- perl 5.28.1-1
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=133204
 	NOTE: Introduced by: https://perl5.git.perl.org/perl.git/commitdiff/e658793210bbe632a5e80a876acfcd0984c46b87
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/0589f071dc6836de80b24fd798c3336c72ead850
-CVE-2018-18310 (An invalid memory address dereference was discovered in ...)
+CVE-2018-18310
 	{DLA-1689-1}
 	- elfutils 0.175-1 (bug #911083)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23752
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=20f9de9b5f704cec55df92406a50bcbcfca96acd
-CVE-2018-18309 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2018-18309
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23770
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f
-CVE-2018-18308 (In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been ...)
+CVE-2018-18308
 	NOT-FOR-US: BigTree CMS
-CVE-2018-18307 (A Stored XSS vulnerability has been discovered in version 4.1.0 of ...)
+CVE-2018-18307
 	NOT-FOR-US: AlchemyCMS
 CVE-2018-18306
 	RESERVED
@@ -7050,7 +7043,7 @@ CVE-2018-18298
 	RESERVED
 CVE-2018-18297
 	RESERVED
-CVE-2018-18296 (MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an ...)
+CVE-2018-18296
 	NOT-FOR-US: MetInfo
 CVE-2018-18295
 	RESERVED
@@ -7060,21 +7053,21 @@ CVE-2018-18293
 	RESERVED
 CVE-2018-18292
 	RESERVED
-CVE-2018-18291 (A cross site scripting (XSS) vulnerability on ASUS RT-AC58U ...)
+CVE-2018-18291
 	NOT-FOR-US: ASUS RT-AC58U devices
-CVE-2018-18290 (** DISPUTED ** An issue was discovered in nc-cms through 2017-03-10. ...)
+CVE-2018-18290
 	NOT-FOR-US: nc-cms
-CVE-2018-18289 (The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allows ...)
+CVE-2018-18289
 	NOT-FOR-US: Zabbix Plugin for Confluence
 CVE-2018-18288
 	RESERVED
-CVE-2018-18287 (On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can ...)
+CVE-2018-18287
 	NOT-FOR-US: ASUS RT-AC58U devices
 CVE-2018-18286
 	RESERVED
 CVE-2018-18285
 	RESERVED
-CVE-2018-18284 (Artifex Ghostscript 9.25 and earlier allows attackers to bypass a ...)
+CVE-2018-18284
 	{DSA-4336-1 DLA-1552-1}
 	- ghostscript 9.25~dfsg-3 (bug #911175)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699963
@@ -7083,9 +7076,9 @@ CVE-2018-18284 (Artifex Ghostscript 9.25 and earlier allows attackers to bypass
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;h=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b
 CVE-2018-18283
 	RESERVED
-CVE-2018-18282 (Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page. ...)
+CVE-2018-18282
 	NOT-FOR-US: Next.js
-CVE-2018-18281 (Since Linux kernel version 3.2, the mremap() syscall performs TLB ...)
+CVE-2018-18281
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.135-1
@@ -7102,15 +7095,15 @@ CVE-2018-18276
 	RESERVED
 CVE-2018-18275
 	RESERVED
-CVE-2018-18274 (A issue was found in pdfalto 0.2. There is a heap-based buffer overflow ...)
+CVE-2018-18274
 	NOT-FOR-US: pdfalto
 CVE-2018-18273
 	RESERVED
 CVE-2018-18272
 	RESERVED
-CVE-2018-18271 (XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter ...)
+CVE-2018-18271
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-18270 (XSS exists in CMS Made Simple version 2.2.7 via the m1_news_url ...)
+CVE-2018-18270
 	NOT-FOR-US: CMS Made Simple
 CVE-2018-18269
 	RESERVED
@@ -7122,55 +7115,55 @@ CVE-2018-18266
 	RESERVED
 CVE-2018-18265
 	RESERVED
-CVE-2018-18264 (Kubernetes Dashboard before 1.10.1 allows attackers to bypass ...)
+CVE-2018-18264
 	NOT-FOR-US: Kubernetes Dashboard
 CVE-2018-18263
 	RESERVED
-CVE-2018-18262 (Zoho ManageEngine OpManager 12.3 before build 123214 has XSS. ...)
+CVE-2018-18262
 	NOT-FOR-US: Zoho
 CVE-2018-18261
 	RESERVED
-CVE-2018-18260 (In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. ...)
+CVE-2018-18260
 	NOT-FOR-US: Camaleon CMS
-CVE-2018-18259 (Stored XSS has been discovered in version 1.0.12 of the LUYA CMS ...)
+CVE-2018-18259
 	NOT-FOR-US: LUYA CMS
-CVE-2018-18258 (An issue was discovered in BageCMS 3.1.3. The attacker can execute ...)
+CVE-2018-18258
 	NOT-FOR-US: BageCMS
-CVE-2018-18257 (An issue was discovered in BageCMS 3.1.3. An attacker can delete any ...)
+CVE-2018-18257
 	NOT-FOR-US: BageCMS
-CVE-2018-18256 (An issue was discovered in CapMon Access Manager 5.4.1.1005. A regular ...)
+CVE-2018-18256
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18255 (An issue was discovered in CapMon Access Manager 5.4.1.1005. The ...)
+CVE-2018-18255
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18254 (An issue was discovered in CapMon Access Manager 5.4.1.1005. An ...)
+CVE-2018-18254
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18253 (An issue was discovered in CapMon Access Manager 5.4.1.1005. ...)
+CVE-2018-18253
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18252 (An issue was discovered in CapMon Access Manager 5.4.1.1005. ...)
+CVE-2018-18252
 	NOT-FOR-US: CapMon Access Manager
 CVE-2018-18251
 	RESERVED
-CVE-2018-18250 (Icinga Web 2 before 2.6.2 allows parameters that break navigation ...)
+CVE-2018-18250
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180030.txt
-CVE-2018-18249 (Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives ...)
+CVE-2018-18249
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180030.txt
-CVE-2018-18248 (Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir ...)
+CVE-2018-18248
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180028.txt
-CVE-2018-18247 (Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add ...)
+CVE-2018-18247
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180029.txt
-CVE-2018-18246 (Icinga Web 2 before 2.6.2 has CSRF via ...)
+CVE-2018-18246
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180027.txt
-CVE-2018-18245 (Nagios Core 4.4.2 has XSS via the alert summary reports of plugin ...)
+CVE-2018-18245
 	{DLA-1615-1}
 	- nagios4 4.3.4-3 (unimportant; bug #917138)
 	- nagios3 <removed> (unimportant)
@@ -7178,15 +7171,15 @@ CVE-2018-18245 (Nagios Core 4.4.2 has XSS via the alert summary reports of plugi
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/602
 	NOTE: Fixed by: https://github.com/NagiosEnterprises/nagioscore/commit/0329033db9a1d0954c304f209ea88824e8f78b8a
 	NOTE: No real security impact, plugins need to be trusted to begin with
-CVE-2018-18244 (Cross-site scripting in syslog.html in VIVOTEK Network Camera Series ...)
+CVE-2018-18244
 	NOT-FOR-US: VIVOTEK Network Camera
 CVE-2018-18243
 	RESERVED
-CVE-2018-18242 (youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated ...)
+CVE-2018-18242
 	NOT-FOR-US: youke365
 CVE-2018-18241
 	RESERVED
-CVE-2018-18240 (Pippo through 1.11.0 allows remote code execution via a command to ...)
+CVE-2018-18240
 	NOT-FOR-US: Pippo
 CVE-2018-18239
 	RESERVED
@@ -7212,30 +7205,30 @@ CVE-2018-18229
 	RESERVED
 CVE-2018-18228
 	RESERVED
-CVE-2018-18227 (In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol ...)
+CVE-2018-18227
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, mswsp support added in v1.99.9)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d443be449a52f95df5754adc39e1f3472fec2f03
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-47.html
-CVE-2018-18226 (In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could ...)
+CVE-2018-18226
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-48.html
-CVE-2018-18225 (In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was ...)
+CVE-2018-18225
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, 2.31-continue-code added in v2.1.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=09a02cc1ea6de9f6c6cae75b3510a5477ef5f555
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-49.html
-CVE-2018-18224 (A vulnerability exists in the file reading procedure in Open Design ...)
+CVE-2018-18224
 	NOT-FOR-US: Open Design Alliance Drawings
-CVE-2018-18223 (Open Design Alliance Drawings SDK 2019Update1 has a vulnerability ...)
+CVE-2018-18223
 	NOT-FOR-US: Open Design Alliance Drawings
 CVE-2018-18222
 	RESERVED
@@ -7251,7 +7244,7 @@ CVE-2018-18217
 	RESERVED
 CVE-2018-18216
 	RESERVED
-CVE-2018-18215 (In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can ...)
+CVE-2018-18215
 	NOT-FOR-US: youke365
 CVE-2018-18214
 	RESERVED
@@ -7259,55 +7252,55 @@ CVE-2018-18213
 	RESERVED
 CVE-2018-18212
 	RESERVED
-CVE-2018-18211 (PbootCMS 1.2.1 has SQL injection via the HTTP POST data to the ...)
+CVE-2018-18211
 	NOT-FOR-US: PbootCMS
-CVE-2018-18210 (XSS exists in DiliCMS 2.4.0 via the ...)
+CVE-2018-18210
 	NOT-FOR-US: DiliCMS
-CVE-2018-18209 (XSS exists in DiliCMS 2.4.0 via the ...)
+CVE-2018-18209
 	NOT-FOR-US: DiliCMS
-CVE-2018-18208 (Virtualmin 6.03 allows XSS via the query string, as demonstrated by the ...)
+CVE-2018-18208
 	NOT-FOR-US: Virtualmin
-CVE-2018-18207 (Virtualmin 6.03 allows Frame Injection via the settings-editor_read.cgi ...)
+CVE-2018-18207
 	NOT-FOR-US: Virtualmin
-CVE-2018-18206 (In the client in Bytom before 1.0.6, checkTopicRegister in ...)
+CVE-2018-18206
 	NOT-FOR-US: Bytom
-CVE-2018-18205 (Topvision CC8800 CMTS C-E devices allow remote attackers to obtain ...)
+CVE-2018-18205
 	NOT-FOR-US: Topvision CC8800 CMTS C-E devices
 CVE-2018-18204
 	RESERVED
-CVE-2018-18203 (A vulnerability in the update mechanism of Subaru StarLink Harman head ...)
+CVE-2018-18203
 	NOT-FOR-US: Subaru
-CVE-2018-18202 (The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0 ...)
+CVE-2018-18202
 	NOT-FOR-US: IBM
-CVE-2018-18201 (qibosoft V7.0 allows CSRF via ...)
+CVE-2018-18201
 	NOT-FOR-US: qibosoft
-CVE-2018-18200 (There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4. ...)
+CVE-2018-18200
 	NOT-FOR-US: REDAXO
-CVE-2018-18199 (Mediamanager in REDAXO before 5.6.4 has XSS. ...)
+CVE-2018-18199
 	NOT-FOR-US: REDAXO
-CVE-2018-18198 (The $opener_input_field variable in addons/mediapool/pages/index.php in ...)
+CVE-2018-18198
 	NOT-FOR-US: REDAXO
-CVE-2018-18197 (An issue was discovered in libgig 4.1.0. There is an operator new[] ...)
+CVE-2018-18197
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18196 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...)
+CVE-2018-18196
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18195 (An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-zero ...)
+CVE-2018-18195
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18194 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...)
+CVE-2018-18194
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18193 (An issue was discovered in libgig 4.1.0. There is operator new[] ...)
+CVE-2018-18193
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18192 (An issue was discovered in libgig 4.1.0. There is a NULL pointer ...)
+CVE-2018-18192
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18191 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2018-18191
 	NOT-FOR-US: FineCms
-CVE-2018-18190 (An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a ...)
+CVE-2018-18190
 	NOT-FOR-US: GoPro gpmf-parser
 CVE-2018-18189
 	RESERVED
@@ -7491,42 +7484,42 @@ CVE-2018-18100
 	RESERVED
 CVE-2018-18099
 	RESERVED
-CVE-2018-18098 (Improper file verification in install routine for Intel(R) SGX SDK and ...)
+CVE-2018-18098
 	NOT-FOR-US: Intel
-CVE-2018-18097 (Improper directory permissions in Intel Solid State Drive Toolbox ...)
+CVE-2018-18097
 	NOT-FOR-US: Intel Solid State Drive Toolbox
-CVE-2018-18096 (Improper memory handling in Intel QuickAssist Technology for Linux ...)
+CVE-2018-18096
 	NOT-FOR-US: Intel QuickAssist Technology for Linux
 CVE-2018-18095
 	RESERVED
 CVE-2018-18094
 	RESERVED
-CVE-2018-18093 (Improper file permissions in the installer for Intel VTune Amplifier ...)
+CVE-2018-18093
 	NOT-FOR-US: Intel VTune Amplifier
 CVE-2018-18092
 	RESERVED
-CVE-2018-18091 (Use after free in Kernel Mode Driver in Intel(R) Graphics Driver for ...)
+CVE-2018-18091
 	NOT-FOR-US: Intel
-CVE-2018-18090 (Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for ...)
+CVE-2018-18090
 	NOT-FOR-US: Intel
-CVE-2018-18089 (Multiple out of bounds read in igdkm64.sys in Intel(R) Graphics Driver ...)
+CVE-2018-18089
 	NOT-FOR-US: Intel
-CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for &quot;red&quot; in the ...)
+CVE-2018-18088
 	{DSA-4405-1 DLA-1579-1}
 	- openjpeg2 2.3.0-2 (low; bug #910763)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1152
 	NOTE: https://github.com/uclouvain/openjpeg/commit/cab352e249ed3372dd9355c85e837613fff98fa2
-CVE-2018-18087 (The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user ...)
+CVE-2018-18087
 	NOT-FOR-US: Bixie Portfolio plugin for Pagekit
-CVE-2018-18086 (EmpireCMS v7.5 has an arbitrary file upload vulnerability in the ...)
+CVE-2018-18086
 	NOT-FOR-US: EmpireCMS
 CVE-2018-18085
 	RESERVED
-CVE-2018-18084 (An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ...)
+CVE-2018-18084
 	NOT-FOR-US: DuomiCMS
-CVE-2018-18083 (An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is ...)
+CVE-2018-18083
 	NOT-FOR-US: DuomiCMS
-CVE-2018-18082 (XSS exists in Waimai Super Cms 20150505 via the fname parameter to the ...)
+CVE-2018-18082
 	NOT-FOR-US: Waimai Super Cms
 CVE-2018-18081
 	RESERVED
@@ -7540,16 +7533,16 @@ CVE-2018-18077
 	RESERVED
 CVE-2018-18076
 	RESERVED
-CVE-2018-18075 (WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or ...)
+CVE-2018-18075
 	NOT-FOR-US: WikidForum
-CVE-2018-18074 (The Requests package before 2.20.0 for Python sends an HTTP ...)
+CVE-2018-18074
 	- requests 2.20.0-1 (low; bug #910766)
 	[stretch] - requests <no-dsa> (Minor issue)
 	[jessie] - requests <postponed> (Minor issue)
 	NOTE: https://github.com/requests/requests/issues/4716
 	NOTE: https://github.com/requests/requests/pull/4718
 	NOTE: https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff
-CVE-2018-18073 (Artifex Ghostscript allows attackers to bypass a sandbox protection ...)
+CVE-2018-18073
 	{DSA-4336-1 DLA-1552-1}
 	- ghostscript 9.25~dfsg-3 (bug #910758)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1690
@@ -7558,29 +7551,29 @@ CVE-2018-18073 (Artifex Ghostscript allows attackers to bypass a sandbox protect
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/10/12
 CVE-2018-18072
 	RESERVED
-CVE-2018-18071 (An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 ...)
+CVE-2018-18071
 	NOT-FOR-US:  Daimler Mercedes-Benz Me app for iOS
-CVE-2018-18070 (An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 ...)
+CVE-2018-18070
 	NOT-FOR-US: Daimler Mercedes-Benz COMAND on Mercedes-Benz C-Class 2018 vehicles
-CVE-2018-18069 (process_forms in the WPML (aka sitepress-multilingual-cms) plugin ...)
+CVE-2018-18069
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-18068
 	RESERVED
 CVE-2018-18067
 	RESERVED
-CVE-2018-18066 (snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a ...)
+CVE-2018-18066
 	- net-snmp 5.7.3+dfsg-1.1
 	[jessie] - net-snmp 5.7.2.1+dfsg-1+deb8u1
 	NOTE: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
 	NOTE: The same commit as for other CVEs (CVE-2018-1000116, CVE-2015-5621) adresses this
 	NOTE: issue, but might still not be just a duplicate but an independent issue fixed with
 	NOTE: same commit.
-CVE-2018-18065 (_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has ...)
+CVE-2018-18065
 	{DSA-4314-1 DLA-1540-1}
 	- net-snmp 5.7.3+dfsg-4 (bug #910638)
 	NOTE: https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
 	NOTE: https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/
-CVE-2018-18064 (cairo through 1.15.14 has an out-of-bounds stack-memory write during ...)
+CVE-2018-18064
 	- cairo <unfixed> (low; bug #916083)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
@@ -7588,9 +7581,9 @@ CVE-2018-18064 (cairo through 1.15.14 has an out-of-bounds stack-memory write du
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/341
 CVE-2018-18063
 	RESERVED
-CVE-2018-18062 (An issue was discovered in dialog.php in tecrail Responsive ...)
+CVE-2018-18062
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-18061 (An issue was discovered in dialog.php in tecrail Responsive ...)
+CVE-2018-18061
 	NOT-FOR-US: tecrail Responsive FileManager
 CVE-2018-18060
 	RESERVED
@@ -7602,35 +7595,35 @@ CVE-2018-18057
 	RESERVED
 CVE-2018-18056
 	RESERVED
-CVE-2018-1000810 (The Rust Programming Language Standard Library version 1.29.0, 1.28.0, ...)
+CVE-2018-1000810
 	- rustc 1.30.0+dfsg1-1
 	[stretch] - rustc <not-affected> (Introduced in 1.26)
 	[jessie] - rustc <not-affected> (Vulnerable code not present)
 	NOTE: https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html
 	NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0
-CVE-2018-1000809 (privacyIDEA version 2.23.1 and earlier contains a Improper Input ...)
+CVE-2018-1000809
 	NOT-FOR-US: privacyIDEA
-CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 17.5.0 ...)
+CVE-2018-1000808
 	- pyopenssl 17.5.0-1 (low)
 	[stretch] - pyopenssl <no-dsa> (Minor issue)
 	[jessie] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
-CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to version ...)
+CVE-2018-1000807
 	- pyopenssl 17.5.0-1
 	[stretch] - pyopenssl <no-dsa> (Minor issue)
 	[jessie] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
-CVE-2018-1000805 (Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 ...)
+CVE-2018-1000805
 	{DLA-1556-1}
 	- paramiko 2.4.2-0.1 (bug #910760)
 	[stretch] - paramiko <no-dsa> (Minor issue)
 	NOTE: https://github.com/paramiko/paramiko/issues/1283
 	NOTE: https://github.com/paramiko/paramiko/commit/56c96a659658acdbb873aef8809a7b508434dcce
-CVE-2018-1000804 (contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL ...)
+CVE-2018-1000804
 	NOT-FOR-US: contiki-ng
-CVE-2018-1000803 (Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability ...)
+CVE-2018-1000803
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/pull/4664
 	NOTE: https://github.com/go-gitea/gitea/pull/4664/files#diff-146e0c2b5bb1ea96c9fb73d509456e57
@@ -7686,29 +7679,29 @@ CVE-2018-18031
 	RESERVED
 CVE-2018-18030
 	RESERVED
-CVE-2018-18029 (Navigate CMS has Stored XSS via the navigate.php Title field in an ...)
+CVE-2018-18029
 	NOT-FOR-US: Navigate CMS
 CVE-2018-18028
 	RESERVED
 CVE-2018-18027
 	RESERVED
-CVE-2018-18026 (IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower ...)
+CVE-2018-18026
 	NOT-FOR-US: IObit Malware Fighter
-CVE-2018-18025 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...)
+CVE-2018-18025
 	{DLA-1574-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (low; bug #911435)
 	[stretch] - imagemagick <postponed> (Fix along in next DSA)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1335
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1a22fc0c8837838e60daecc0bf01648f359dd6fd
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/394b3e6edf74d1337ce338927da053bb40c00ae9
-CVE-2018-18024 (In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ...)
+CVE-2018-18024
 	- imagemagick 8:6.9.10.14+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <postponed> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1337
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/948f1c86d649a29df08a38d2ff8b91cdf3e92b82
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/b268ce7a59440972f4476b9fd98104b6a836d971
-CVE-2018-18023 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...)
+CVE-2018-18023
 	- imagemagick 8:6.9.10.14+dfsg-1
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
@@ -7717,7 +7710,7 @@ CVE-2018-18023 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-r
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a5db4873626f702d2ddd8bc293573493e0a412c0
 CVE-2018-18022
 	RESERVED
-CVE-2018-18020 (In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and ...)
+CVE-2018-18020
 	- qpdf <unfixed>
 	[buster] - qpdf <no-dsa> (Minor issue)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -7731,14 +7724,14 @@ CVE-2018-18018
 	RESERVED
 CVE-2018-18017
 	RESERVED
-CVE-2018-18016 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage ...)
+CVE-2018-18016
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1049
 CVE-2018-18015
 	RESERVED
-CVE-2018-18014 (** DISPUTED *** Lack of authentication in Citrix Xen Mobile through ...)
+CVE-2018-18014
 	NOT-FOR-US: Citrix
-CVE-2018-18013 (** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening ...)
+CVE-2018-18013
 	NOT-FOR-US: Citrix
 CVE-2018-18012
 	RESERVED
@@ -7746,17 +7739,17 @@ CVE-2018-18011
 	RESERVED
 CVE-2018-18010
 	RESERVED
-CVE-2018-18009 (dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote ...)
+CVE-2018-18009
 	NOT-FOR-US: D-Link
-CVE-2018-18008 (spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote ...)
+CVE-2018-18008
 	NOT-FOR-US: D-Link
-CVE-2018-18007 (atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated ...)
+CVE-2018-18007
 	NOT-FOR-US: D-Link
-CVE-2018-18006 (Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for ...)
+CVE-2018-18006
 	NOT-FOR-US: Ricoh myPrint application
-CVE-2018-18005 (Cross-site scripting in event_script.js in VIVOTEK Network Camera ...)
+CVE-2018-18005
 	NOT-FOR-US: VIVOTEK Network Camera
-CVE-2018-18004 (Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera ...)
+CVE-2018-18004
 	NOT-FOR-US: VIVOTEK Network Camera
 CVE-2018-18003
 	RESERVED
@@ -7771,9 +7764,9 @@ CVE-2018-17999
 CVE-2018-17998
 	RESERVED
 CVE-2018-17997
-	RESERVED
+	TODO: check
 CVE-2018-17996
-	RESERVED
+	TODO: check
 CVE-2018-17995
 	RESERVED
 CVE-2018-17994
@@ -7788,27 +7781,27 @@ CVE-2018-17990
 	RESERVED
 CVE-2018-17989
 	RESERVED
-CVE-2018-17988 (LayerBB 1.1.1 has SQL Injection via the search.php search_query ...)
+CVE-2018-17988
 	NOT-FOR-US: LayerBB
-CVE-2018-17987 (The determineWinner function of a smart contract implementation for ...)
+CVE-2018-17987
 	NOT-FOR-US: Some Ethereum application
-CVE-2018-17986 (rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password ...)
+CVE-2018-17986
 	NOT-FOR-US: razorCMS
-CVE-2018-17985 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
+CVE-2018-17985
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-17984 (An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 ...)
+CVE-2018-17984
 	NOT-FOR-US: ISPConfig
 CVE-2018-17982
 	RESERVED
 CVE-2018-17981
 	RESERVED
-CVE-2018-17980 (NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain ...)
+CVE-2018-17980
 	NOT-FOR-US: NoMachine
-CVE-2018-17983 (cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read ...)
+CVE-2018-17983
 	- mercurial 4.7.2-1
 	[jessie] - mercurial <not-affected> (Vulnerable code not present)
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/5405cb1a7901
@@ -7816,17 +7809,17 @@ CVE-2018-17979
 	RESERVED
 CVE-2018-17978
 	RESERVED
-CVE-2018-17977 (The Linux kernel 4.14.67 mishandles certain interaction among XFRM ...)
+CVE-2018-17977
 	- linux <undetermined>
-CVE-2018-17976 (An issue was discovered in GitLab Community Edition 11.x before ...)
+CVE-2018-17976
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/05/critical-security-release-11-3-4/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/51581
-CVE-2018-17975 (An issue was discovered in GitLab Community Edition 11.x before ...)
+CVE-2018-17975
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/05/critical-security-release-11-3-4/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/50744
-CVE-2018-17974 (An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer ...)
+CVE-2018-17974
 	- tcpreplay 4.3.1-1 (bug #910598)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -7837,42 +7830,42 @@ CVE-2018-17971
 	RESERVED
 CVE-2018-17970
 	RESERVED
-CVE-2018-17972 (An issue was discovered in the proc_pid_stack function in ...)
+CVE-2018-17972
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.135-1
 	NOTE: https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2
 	NOTE: https://git.kernel.org/linus/f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7
-CVE-2018-17969 (Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote ...)
+CVE-2018-17969
 	NOT-FOR-US: Samsung SCX-6545X V2.00.03.01 03-23-2012 devices
-CVE-2018-17968 (A gambling smart contract implementation for RuletkaIo, an Ethereum ...)
+CVE-2018-17968
 	NOT-FOR-US: RuletkaIo
-CVE-2018-17967 (ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in ...)
+CVE-2018-17967
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1051
-CVE-2018-17966 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage ...)
+CVE-2018-17966
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1050
-CVE-2018-17965 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage ...)
+CVE-2018-17965
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1052
-CVE-2018-17964 (Aryanic HighPortal 12.5 has XSS via an Add Tags action. ...)
+CVE-2018-17964
 	NOT-FOR-US: Aryanic HighPortal
-CVE-2018-17963 (qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes ...)
+CVE-2018-17963
 	{DSA-4338-1 DLA-1599-1}
 	- qemu 1:3.1+dfsg-1 (bug #911469)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=1592a9947036d60dde5404204a5d45975133caf5
-CVE-2018-17962 (Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because ...)
+CVE-2018-17962
 	{DSA-4338-1 DLA-1599-1}
 	- qemu 1:3.1+dfsg-1 (bug #911468)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b1d80d12c5f7ff081bb80ab4f4241d4248691192
-CVE-2018-17961 (Artifex Ghostscript 9.25 and earlier allows attackers to bypass a ...)
+CVE-2018-17961
 	{DSA-4336-1 DLA-1552-1}
 	- ghostscript 9.25~dfsg-3 (bug #910678)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1682
@@ -7880,14 +7873,14 @@ CVE-2018-17961 (Artifex Ghostscript 9.25 and earlier allows attackers to bypass
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a54c9e61e7d02bbc620bcba9b1c208462a876afb
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6807394bd94b708be24758287b606154daaaed9
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a5a9bf8c6a63aa4ac6874234fe8cd63e72077291
-CVE-2018-17960 (CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a ...)
+CVE-2018-17960
 	- ckeditor 4.11.1+dfsg-1 (low)
 	[stretch] - ckeditor <no-dsa> (Minor issue)
 	[jessie] - ckeditor <ignored> (Minor issue)
 	- fckeditor <removed>
 CVE-2018-17959
 	RESERVED
-CVE-2018-17958 (Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c ...)
+CVE-2018-17958
 	{DLA-1646-1}
 	- qemu 1:3.1+dfsg-1 (bug #911499)
 	[stretch] - qemu <postponed> (Minor issue, revisit for later update)
@@ -7895,42 +7888,42 @@ CVE-2018-17958 (Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl81
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=1a326646fef38782e5542280040ec3ea23e4a730
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
-CVE-2018-17957 (The YaST2 RMT module for configuring the SUSE Repository Mirroring ...)
+CVE-2018-17957
 	NOT-FOR-US: YaST2 RMT module
-CVE-2018-17956 (In yast2-samba-provision up to and including version 1.0.1 the ...)
+CVE-2018-17956
 	NOT-FOR-US: yast2-samba-provision
-CVE-2018-17955 (In yast2-multipath before version 4.1.1 a static temporary filename ...)
+CVE-2018-17955
 	NOT-FOR-US: yast2-multipath
 CVE-2018-17954
 	RESERVED
-CVE-2018-17953 (A incorrect variable in a SUSE specific patch for pam_access rule ...)
+CVE-2018-17953
 	- pam <not-affected> (Issue introduced by SUSE specific patch)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1115640
 	NOTE: Issue introduced by SUSE specific patch (pam-hostnames-in-access_conf.patch)
 	NOTE: https://build.opensuse.org/package/view_file/Linux-PAM/pam/pam-hostnames-in-access_conf.patch
 	NOTE: And fixed with (use-correct-IP-address.patch)
 	NOTE: https://build.opensuse.org/package/view_file/Linux-PAM/pam/use-correct-IP-address.patch
-CVE-2018-17952 (Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 ...)
+CVE-2018-17952
 	NOT-FOR-US: eDirectory
 CVE-2018-17951
 	RESERVED
-CVE-2018-17950 (Incorrect enforcement of authorization checks in eDirectory prior to ...)
+CVE-2018-17950
 	NOT-FOR-US: eDirectory
-CVE-2018-17949 (Cross site scripting vulnerability in iManager prior to 3.1 SP2. ...)
+CVE-2018-17949
 	NOT-FOR-US: iManager
-CVE-2018-17948 (An open redirect vulnerability exists in the Access Manager Identity ...)
+CVE-2018-17948
 	NOT-FOR-US: Microfocus
-CVE-2018-17947 (The Snazzy Maps plugin before 1.1.5 for WordPress has XSS via the text ...)
+CVE-2018-17947
 	NOT-FOR-US: WordPress plugin snazzy-maps
-CVE-2018-17946 (The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has ...)
+CVE-2018-17946
 	NOT-FOR-US: WordPress plugin slideshow-gallery
 CVE-2018-17945
 	RESERVED
-CVE-2018-17944 (On certain Lexmark devices that communicate with an LDAP or SMTP ...)
+CVE-2018-17944
 	NOT-FOR-US: Lexmark
 CVE-2018-17943
 	RESERVED
-CVE-2018-17942 (The convert_to_decimal function in vasnprintf.c in Gnulib before ...)
+CVE-2018-17942
 	{DLA-1543-1}
 	- gnulib 20140202+stable-3.1 (low; bug #910757)
 	[stretch] - gnulib 20140202+stable-2+deb9u1
@@ -7941,115 +7934,115 @@ CVE-2018-17941
 	RESERVED
 CVE-2018-17940
 	RESERVED
-CVE-2018-17939 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-17939
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/05/critical-security-release-11-3-4/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/51956
-CVE-2018-17938 (Zimbra Collaboration before 8.8.10 GA allows text content spoofing via ...)
+CVE-2018-17938
 	NOT-FOR-US: Zimbra
-CVE-2018-17937 (gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open ...)
+CVE-2018-17937
 	TODO: check
-CVE-2018-17936 (NUUO CMS All versions 3.3 and prior the application allows the upload ...)
+CVE-2018-17936
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17935 (All versions of Telecrane F25 Series Radio Controls before 00.0A use ...)
+CVE-2018-17935
 	NOT-FOR-US: Telecrane
-CVE-2018-17934 (NUUO CMS All versions 3.3 and prior the application allows external ...)
+CVE-2018-17934
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17933 (VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior versions may ...)
+CVE-2018-17933
 	NOT-FOR-US: VGo Robot
 CVE-2018-17932
 	RESERVED
-CVE-2018-17931 (If an attacker has physical access to the VGo Robot (Versions ...)
+CVE-2018-17931
 	NOT-FOR-US: VGo Robot
-CVE-2018-17930 (A stack-based buffer overflow vulnerability has been identified in ...)
+CVE-2018-17930
 	NOT-FOR-US: Teledyne DALSA Sherlock
-CVE-2018-17929 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and ...)
+CVE-2018-17929
 	NOT-FOR-US: TPEditor
-CVE-2018-17928 (The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable ...)
+CVE-2018-17928
 	NOT-FOR-US: ABB CMS-770
-CVE-2018-17927 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and ...)
+CVE-2018-17927
 	NOT-FOR-US: TPEditor
-CVE-2018-17926 (The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions ...)
+CVE-2018-17926
 	NOT-FOR-US: ABB M2M ETHERNET
-CVE-2018-17925 (Multiple instances of this vulnerability (Unsafe ActiveX Control ...)
+CVE-2018-17925
 	NOT-FOR-US: Gigasoft
-CVE-2018-17924 (Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix ...)
+CVE-2018-17924
 	NOT-FOR-US: Rockwell
-CVE-2018-17923 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to ...)
+CVE-2018-17923
 	NOT-FOR-US: SAGA1-L8B
-CVE-2018-17922 (Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials ...)
+CVE-2018-17922
 	NOT-FOR-US: Circontrol CirCarLife
-CVE-2018-17921 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to ...)
+CVE-2018-17921
 	NOT-FOR-US: SAGA1-L8B
 CVE-2018-17920
 	RESERVED
-CVE-2018-17919 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud ...)
+CVE-2018-17919
 	NOT-FOR-US: P2P Cloud Server
-CVE-2018-17918 (Circontrol CirCarLife all versions prior to 4.3.1, authentication to ...)
+CVE-2018-17918
 	NOT-FOR-US: Circontrol CirCarLife
-CVE-2018-17917 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud ...)
+CVE-2018-17917
 	NOT-FOR-US: P2P Cloud Server
-CVE-2018-17916 (InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI ...)
+CVE-2018-17916
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2018-17915 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud ...)
+CVE-2018-17915
 	NOT-FOR-US: P2P Cloud Server
-CVE-2018-17914 (InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI ...)
+CVE-2018-17914
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2018-17913 (A type confusion vulnerability exists when processing project files in ...)
+CVE-2018-17913
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17912 (An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when ...)
+CVE-2018-17912
 	NOT-FOR-US: CASE Suite
-CVE-2018-17911 (LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based ...)
+CVE-2018-17911
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17910 (WebAccess Versions 8.3.2 and prior. The application fails to properly ...)
+CVE-2018-17910
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-17909 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
+CVE-2018-17909
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17908 (WebAccess Versions 8.3.2 and prior. During installation, the ...)
+CVE-2018-17908
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-17907 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
+CVE-2018-17907
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17906 (Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and ...)
+CVE-2018-17906
 	NOT-FOR-US: Philips
-CVE-2018-17905 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
+CVE-2018-17905
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17904 (Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This ...)
+CVE-2018-17904
 	NOT-FOR-US: Reliance 4 SCADA/HMI
-CVE-2018-17903 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to ...)
+CVE-2018-17903
 	NOT-FOR-US: SAGA1-L8B
-CVE-2018-17902 (Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All ...)
+CVE-2018-17902
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17901 (LAquis SCADA Versions 4.1.0.3870 and prior, when processing project ...)
+CVE-2018-17901
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17900 (Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All ...)
+CVE-2018-17900
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17899 (LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal ...)
+CVE-2018-17899
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17898 (Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All ...)
+CVE-2018-17898
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17897 (LAquis SCADA Versions 4.1.0.3870 and prior has several integer ...)
+CVE-2018-17897
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17896 (Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All ...)
+CVE-2018-17896
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17895 (LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds ...)
+CVE-2018-17895
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17894 (NUUO CMS all versions 3.1 and prior, The application creates default ...)
+CVE-2018-17894
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17893 (LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer ...)
+CVE-2018-17893
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17892 (NUUO CMS all versions 3.1 and prior, The application implements a ...)
+CVE-2018-17892
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17891 (Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running ...)
+CVE-2018-17891
 	NOT-FOR-US: Carestream Vue RIS, RIS Client Builds
-CVE-2018-17890 (NUUO CMS all versions 3.1 and prior, The application uses insecure and ...)
+CVE-2018-17890
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17889 (In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior ...)
+CVE-2018-17889
 	NOT-FOR-US: PI Studio HMI
-CVE-2018-17888 (NUUO CMS all versions 3.1 and prior, The application uses a session ...)
+CVE-2018-17888
 	NOT-FOR-US: NUUO CMS
 CVE-2018-17887
 	RESERVED
-CVE-2018-17886 (An issue was discovered in JEESNS 1.3. The XSS filter in ...)
+CVE-2018-17886
 	NOT-FOR-US: JEESNS
 CVE-2018-17885
 	RESERVED
@@ -8060,47 +8053,47 @@ CVE-2018-17883
 	[jessie] - otrs2 <not-affected> (Only affects 6.x)
 	NOTE: https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/
 	NOTE: https://github.com/OTRS/otrs/commit/40bbcc261a77c2f4c0383658cd99c07d577179ce
-CVE-2018-18021 (arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the ...)
+CVE-2018-18021
 	{DSA-4313-1 DLA-1715-1}
 	- linux 4.18.10-2
 	[jessie] - linux <ignored> (arm64 not supported in jessie LTS)
 	NOTE: https://git.kernel.org/linus/d26c25a9d19b5976b319af528886f89cf455692d
 	NOTE: https://git.kernel.org/linus/2a3f93459d689d990b3ecfbe782fec89b97d3279
-CVE-2018-17884 (XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook ...)
+CVE-2018-17884
 	NOT-FOR-US: WordPress plugin gwolle-gb
-CVE-2018-17882 (An Integer overflow vulnerability exists in the batchTransfer function ...)
+CVE-2018-17882
 	NOT-FOR-US: CryptoBotsBattle
-CVE-2018-17881 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration ...)
+CVE-2018-17881
 	NOT-FOR-US: D-Link DIR-823G 2018-09-19 devices
-CVE-2018-17880 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration ...)
+CVE-2018-17880
 	NOT-FOR-US: D-Link DIR-823G 2018-09-19 devices
 CVE-2018-17879
 	RESERVED
 CVE-2018-17878
 	RESERVED
-CVE-2018-17877 (A lottery smart contract implementation for Greedy 599, an Ethereum ...)
+CVE-2018-17877
 	NOT-FOR-US: Greedy 599
-CVE-2018-17876 (A Stored XSS vulnerability has been discovered in the v5.5.0 version ...)
+CVE-2018-17876
 	NOT-FOR-US: Coaster CMS
 CVE-2018-17875
 	RESERVED
-CVE-2018-17874 (ExpressionEngine before 4.3.5 has reflected XSS. ...)
+CVE-2018-17874
 	NOT-FOR-US: ExpressionEngine
-CVE-2018-17873 (An incorrect access control vulnerability in the FTP configuration of ...)
+CVE-2018-17873
 	NOT-FOR-US: WifiRanger
-CVE-2018-17872 (Verba Collaboration Compliance and Quality Management Platform before ...)
+CVE-2018-17872
 	NOT-FOR-US: Verba Collaboration Compliance and Quality Management Platform
-CVE-2018-17871 (Verba Collaboration Compliance and Quality Management Platform before ...)
+CVE-2018-17871
 	NOT-FOR-US: Verba Collaboration Compliance and Quality Management Platform
-CVE-2018-17870 (An issue was discovered in BTITeam XBTIT 2.5.4. The &quot;returnto&quot; ...)
+CVE-2018-17870
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-17869 (DASAN H660GW devices do not implement any CSRF protection mechanism. ...)
+CVE-2018-17869
 	NOT-FOR-US: DASAN H660GW devices
-CVE-2018-17868 (DASAN H660GW devices have Stored XSS in the Port Forwarding ...)
+CVE-2018-17868
 	NOT-FOR-US: DASAN H660GW devices
-CVE-2018-17867 (The Port Forwarding functionality on DASAN H660GW devices allows remote ...)
+CVE-2018-17867
 	NOT-FOR-US: DASAN H660GW device
-CVE-2018-17866 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2018-17866
 	NOT-FOR-US: "Ultimate Member - User Profile & Membership" plugin for WordPress
 CVE-2018-17865
 	RESERVED
@@ -8114,43 +8107,43 @@ CVE-2018-17861
 	RESERVED
 CVE-2018-17860
 	RESERVED
-CVE-2018-17859 (An issue was discovered in Joomla! before 3.8.13. Inadequate checks in ...)
+CVE-2018-17859
 	NOT-FOR-US: Joomla!
-CVE-2018-17858 (An issue was discovered in Joomla! before 3.8.13. com_installer actions ...)
+CVE-2018-17858
 	NOT-FOR-US: Joomla!
-CVE-2018-17857 (An issue was discovered in Joomla! before 3.8.13. Inadequate checks on ...)
+CVE-2018-17857
 	NOT-FOR-US: Joomla!
-CVE-2018-17856 (An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate ...)
+CVE-2018-17856
 	NOT-FOR-US: Joomla!
-CVE-2018-17855 (An issue was discovered in Joomla! before 3.8.13. If an attacker gets ...)
+CVE-2018-17855
 	NOT-FOR-US: Joomla!
-CVE-2018-17854 (SIMDComp before 0.1.1 allows remote attackers to cause a denial of ...)
+CVE-2018-17854
 	NOT-FOR-US: SIMDComp
 CVE-2018-17853
 	RESERVED
-CVE-2018-17852 (A SQL injection was discovered in WUZHI CMS 4.1.0 in ...)
+CVE-2018-17852
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-17851
 	REJECTED
 CVE-2018-17850
 	REJECTED
-CVE-2018-17849 (Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File ...)
+CVE-2018-17849
 	NOT-FOR-US: Navigate CMS
-CVE-2018-17848 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...)
+CVE-2018-17848
 	- golang-golang-x-net-dev <unfixed> (low; bug #911795)
 	[stretch] - golang-golang-x-net-dev <not-affected> (Vulnerable code not present)
 	- golang-go.net-dev <removed>
 	[jessie] - golang-go.net-dev <ignored> (Minor issue)
 	NOTE: https://github.com/golang/go/issues/27846
 	NOTE: https://github.com/golang/net/commit/4b62a64f59f73840b9ab79204c94fee61cd1ba2c
-CVE-2018-17847 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...)
+CVE-2018-17847
 	- golang-golang-x-net-dev <unfixed> (low; bug #911795)
 	[stretch] - golang-golang-x-net-dev <not-affected> (Vulnerable code not present)
 	- golang-go.net-dev <removed>
 	[jessie] - golang-go.net-dev <ignored> (Minor issue)
 	NOTE: https://github.com/golang/go/issues/27846
 	NOTE: https://github.com/golang/net/commit/4b62a64f59f73840b9ab79204c94fee61cd1ba2c
-CVE-2018-17846 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...)
+CVE-2018-17846
 	- golang-golang-x-net-dev <unfixed> (bug #911795)
 	[stretch] - golang-golang-x-net-dev <not-affected> (Vulnerable code not present)
 	- golang-go.net-dev <removed>
@@ -8171,35 +8164,35 @@ CVE-2018-17840
 	RESERVED
 CVE-2018-17839
 	RESERVED
-CVE-2018-17838 (An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file read ...)
+CVE-2018-17838
 	NOT-FOR-US: JTBC
-CVE-2018-17837 (An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion ...)
+CVE-2018-17837
 	NOT-FOR-US: JTBC
-CVE-2018-17836 (An issue was discovered in JTBC(PHP) 3.0.1.6. It allows remote ...)
+CVE-2018-17836
 	NOT-FOR-US: JTBC
-CVE-2018-17835 (An issue was discovered in GetSimple CMS 3.3.15. An administrator can ...)
+CVE-2018-17835
 	NOT-FOR-US: GetSimple CMS
 CVE-2018-17834
 	RESERVED
 CVE-2018-17833
 	RESERVED
-CVE-2018-17832 (XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter. ...)
+CVE-2018-17832
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-17831 (In REDAXO before 5.6.3, a critical SQL injection vulnerability has been ...)
+CVE-2018-17831
 	NOT-FOR-US: REDAXO
-CVE-2018-17830 (The $args variable in addons/mediapool/pages/index.php in REDAXO 5.6.2 ...)
+CVE-2018-17830
 	NOT-FOR-US: REDAXO
 CVE-2018-17829
 	RESERVED
-CVE-2018-17828 (Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers ...)
+CVE-2018-17828
 	- zziplib <unfixed> (unimportant)
 	NOTE: https://github.com/gdraheim/zziplib/issues/62
 	NOTE: unzzipcat-mem not installed into the binary packages
-CVE-2018-17827 (HisiPHP 1.0.8 allows remote attackers to execute arbitrary PHP code by ...)
+CVE-2018-17827
 	NOT-FOR-US: HisiPHP
-CVE-2018-17826 (HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html to add ...)
+CVE-2018-17826
 	NOT-FOR-US: HisiPHP
-CVE-2018-17825 (An issue was discovered in AdPlug 2.3.1. There are several double-free ...)
+CVE-2018-17825
 	{DLA-1534-1}
 	- adplug 2.2.1+dfsg3-1 (low; bug #910534)
 	[stretch] - adplug <ignored> (Minor issue)
@@ -8257,13 +8250,13 @@ CVE-2018-17800
 	RESERVED
 CVE-2018-17799
 	RESERVED
-CVE-2018-17798 (An issue was discovered in zzcms 8.3. user/ztconfig.php allows remote ...)
+CVE-2018-17798
 	NOT-FOR-US: zzcms
-CVE-2018-17797 (An issue was discovered in zzcms 8.3. user/zssave.php allows remote ...)
+CVE-2018-17797
 	NOT-FOR-US: zzcms
-CVE-2018-17796 (An issue was discovered in MRCMS (aka mushroom) through 3.1.2. The ...)
+CVE-2018-17796
 	NOT-FOR-US: MRCMS
-CVE-2018-17795 (The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 allows remote ...)
+CVE-2018-17795
 	- tiff 4.0.9-2
 	[stretch] - tiff 4.0.8-2+deb9u2
 	[jessie] - tiff 4.0.3-12.3+deb8u5
@@ -8272,13 +8265,13 @@ CVE-2018-17795 (The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 allows
 	NOTE: Similar issue as CVE-2017-9935 but not considered the same, but adressed
 	NOTE: with same commit.
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940
-CVE-2018-17794 (An issue was discovered in cplus-dem.c in GNU libiberty, as distributed ...)
+CVE-2018-17794
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-17793 (** DISPUTED ** Virtualenv 16.0.0 allows a sandbox escape via &quot;python ...)
+CVE-2018-17793
 	- python-virtualenv <unfixed> (unimportant)
 	NOTE: https://github.com/pypa/virtualenv/issues/1207
 	NOTE: No real security impact. 3rd party requested CVE rejection
@@ -8292,25 +8285,25 @@ CVE-2018-17789
 	RESERVED
 CVE-2018-17788
 	RESERVED
-CVE-2018-17787 (On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 ...)
+CVE-2018-17787
 	NOT-FOR-US: D-Link DIR-823G devices
-CVE-2018-17786 (On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, ...)
+CVE-2018-17786
 	NOT-FOR-US: D-Link DIR-823G devices
-CVE-2018-17785 (In blynk-server in Blynk before 0.39.7, Directory Traversal exists via ...)
+CVE-2018-17785
 	NOT-FOR-US: blynk-server in Blynk
-CVE-2018-17784 (Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM ...)
+CVE-2018-17784
 	NOT-FOR-US: SugarCRM
-CVE-2018-17783 (A cross-site scripting (XSS) vulnerability in the Edit Filter page ...)
+CVE-2018-17783
 	- mantis <removed>
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/613
 	NOTE: https://mantisbt.org/bugs/view.php?id=24814
-CVE-2018-17782 (A cross-site scripting (XSS) vulnerability in the Manage Filters page ...)
+CVE-2018-17782
 	- mantis <removed>
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/613
 	NOTE: https://mantisbt.org/bugs/view.php?id=24813
-CVE-2018-17781 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
+CVE-2018-17781
 	NOT-FOR-US: Foxit
-CVE-2018-17780 (Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on ...)
+CVE-2018-17780
 	- telegram-desktop 1.4.0-1
 	NOTE: https://www.inputzero.io/2018/09/bug-bounty-telegram-cve-2018-17780.html
 	NOTE: https://github.com/telegramdesktop/tdesktop/commit/c4ca180745300e3d1ac755341e9879fca9087b74
@@ -8318,11 +8311,11 @@ CVE-2018-17779
 	RESERVED
 CVE-2018-17778
 	RESERVED
-CVE-2018-17777 (An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. If ...)
+CVE-2018-17777
 	NOT-FOR-US: D-Link
-CVE-2018-17776 (PCProtect Anti-Virus v4.8.35 has &quot;Everyone: (F)&quot; permission for ...)
+CVE-2018-17776
 	NOT-FOR-US: PCProtect Anti-Virus
-CVE-2018-17775 (Seqrite End Point Security v7.4 has &quot;Everyone: (F)&quot; permission for ...)
+CVE-2018-17775
 	NOT-FOR-US: Seqrite End Point Security
 CVE-2018-17774
 	RESERVED
@@ -8458,213 +8451,213 @@ CVE-2018-17709
 	RESERVED
 CVE-2018-17708
 	RESERVED
-CVE-2018-17707 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17707
 	NOT-FOR-US: Epic Games
-CVE-2018-17706 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17706
 	NOT-FOR-US: Foxit PhantomPDF Phantom PDF
-CVE-2018-17705 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17705
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17704 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17704
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17703 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17703
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17702 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17702
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17701 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17701
 	NOT-FOR-US: Foxit
-CVE-2018-17700 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17700
 	NOT-FOR-US: Foxit
-CVE-2018-17699 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-17699
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17698 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17698
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17697 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17697
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17696 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17696
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17695 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17695
 	NOT-FOR-US: Foxit
-CVE-2018-17694 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17694
 	NOT-FOR-US: Foxit
-CVE-2018-17693 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17693
 	NOT-FOR-US: Foxit
-CVE-2018-17692 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17692
 	NOT-FOR-US: Foxit
-CVE-2018-17691 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17691
 	NOT-FOR-US: Foxit
-CVE-2018-17690 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17690
 	NOT-FOR-US: Foxit
-CVE-2018-17689 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17689
 	NOT-FOR-US: Foxit
-CVE-2018-17688 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17688
 	NOT-FOR-US: Foxit
-CVE-2018-17687 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17687
 	NOT-FOR-US: Foxit
-CVE-2018-17686 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-17686
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17685 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17685
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17684 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17684
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17683 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17683
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17682 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17682
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17681 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17681
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17680 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17680
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17679 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17679
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17678 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17678
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17677 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17677
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17676 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17676
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17675 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17675
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17674 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17674
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17673 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17673
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17672 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17672
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17671 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-17671
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17670 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17670
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17669 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17669
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17668 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17668
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17667 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17667
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17666 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17666
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17665 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17665
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17664 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17664
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17663 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17663
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17662 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17662
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17661 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17661
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17660 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17660
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17659 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17659
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17658 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17658
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17657 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17657
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17656 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17656
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17655 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17655
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17654 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17654
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17653 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17653
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17652 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17652
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17651 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17651
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17650 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17650
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17649 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17649
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17648 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17648
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17647 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17647
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17646 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17646
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17645 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17645
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17644 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17644
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17643 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17643
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17642 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17642
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17641 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17641
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17640 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17640
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17639 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17639
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17638 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17638
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17637 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17637
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17636 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17636
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17635 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17635
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17634 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17634
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17633 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17633
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17632 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17632
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17631 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17631
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17630 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17630
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17629 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17629
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17628 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17628
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17627 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17627
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17626 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17626
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17625 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17625
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17624 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17624
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17623 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17623
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17622 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-17622
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17621 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17621
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17620 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17620
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17619 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17619
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17618 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17618
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17617 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17617
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17616 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17616
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17615 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17615
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17614 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-17614
 	NOT-FOR-US: Losant Arduino MQTT Client
-CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when &quot;Use proxy&quot; is ...)
+CVE-2018-17613
 	- telegram-desktop <unfixed> (unimportant; bug #921133)
 	NOTE: https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html
 	NOTE: Non issue, works as expected, should probably be rejected
-CVE-2018-17612 (Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) ...)
+CVE-2018-17612
 	NOT-FOR-US: Sennheiser
-CVE-2018-17611 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
+CVE-2018-17611
 	NOT-FOR-US: Foxit
-CVE-2018-17610 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
+CVE-2018-17610
 	NOT-FOR-US: Foxit
-CVE-2018-17609 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
+CVE-2018-17609
 	NOT-FOR-US: Foxit
-CVE-2018-17608 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
+CVE-2018-17608
 	NOT-FOR-US: Foxit
-CVE-2018-17607 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
+CVE-2018-17607
 	NOT-FOR-US: Foxit
 CVE-2018-17606
 	RESERVED
-CVE-2018-17605 (An issue was discovered in the Asset Pipeline plugin before 3.0.4 for ...)
+CVE-2018-17605
 	NOT-FOR-US: Grails plugin
 CVE-2018-17604
 	RESERVED
@@ -8682,25 +8675,25 @@ CVE-2018-17598
 	RESERVED
 CVE-2018-17597
 	RESERVED
-CVE-2018-17596 (In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was ...)
+CVE-2018-17596
 	NOT-FOR-US: Zoho ManageEngine AssetExplorer
-CVE-2018-17595 (In the 5.4.0 version of the Fork CMS software, HTML Injection and ...)
+CVE-2018-17595
 	NOT-FOR-US: Fork CMS
-CVE-2018-17594 (AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the ...)
+CVE-2018-17594
 	NOT-FOR-US: AirTies Air 5443v2 devices
-CVE-2018-17593 (AirTies Air 5453 devices with software 1.0.0.18 have XSS via the ...)
+CVE-2018-17593
 	NOT-FOR-US: AirTies Air 5453 devices
 CVE-2018-17592
 	RESERVED
-CVE-2018-17591 (AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the ...)
+CVE-2018-17591
 	NOT-FOR-US: AirTies Air 5343v2 devices
-CVE-2018-17590 (AirTies Air 5442 devices with software 1.0.0.18 have XSS via the ...)
+CVE-2018-17590
 	NOT-FOR-US: AirTies Air 5442 devices
-CVE-2018-17589 (AirTies Air 5650 devices with software 1.0.0.18 have XSS via the ...)
+CVE-2018-17589
 	NOT-FOR-US: AirTies Air 5650 devices
-CVE-2018-17588 (AirTies Air 5021 devices with software 1.0.0.18 have XSS via the ...)
+CVE-2018-17588
 	NOT-FOR-US: AirTies Air 5021 devices
-CVE-2018-17587 (AirTies Air 5750 devices with software 1.0.0.18 have XSS via the ...)
+CVE-2018-17587
 	NOT-FOR-US: AirTies Air 5750 devices
 CVE-2018-17586
 	RESERVED
@@ -8710,19 +8703,19 @@ CVE-2018-17584
 	RESERVED
 CVE-2018-17583
 	RESERVED
-CVE-2018-17582 (Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The ...)
+CVE-2018-17582
 	- tcpreplay 4.3.1-1 (bug #910597)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
 	NOTE: https://github.com/appneta/tcpreplay/issues/484
 	NOTE: https://github.com/appneta/tcpreplay/commit/68f67b1a3a4d319543692afb5bd5b191ec984287
-CVE-2018-17581 (CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has ...)
+CVE-2018-17581
 	{DLA-1691-1}
 	- exiv2 <unfixed> (low; bug #910060)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/460
 	NOTE: Fixed in: https://github.com/Exiv2/exiv2/commit/b3d077dcaefb6747fff8204490f33eba5a144edb
-CVE-2018-17580 (A heap-based buffer over-read exists in the function fast_edit_packet() ...)
+CVE-2018-17580
 	- tcpreplay 4.3.1-1 (bug #910596)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -8735,29 +8728,29 @@ CVE-2018-17577
 	RESERVED
 CVE-2018-17576
 	RESERVED
-CVE-2018-17575 (SWA SWA.JACAD 3.1.37 Build 024 has SQL Injection via the ...)
+CVE-2018-17575
 	NOT-FOR-US: SWA SWA.JACAD
-CVE-2018-17574 (An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the ...)
+CVE-2018-17574
 	NOT-FOR-US: YMFE YApi
-CVE-2018-17573 (The Wp-Insert plugin through 2.4.2 for WordPress allows upload of ...)
+CVE-2018-17573
 	NOT-FOR-US: Wp-Insert plugin for WordPress
 CVE-2018-17572
 	RESERVED
-CVE-2018-17571 (Vanilla before 2.6.1 allows XSS via the email field of a profile. ...)
+CVE-2018-17571
 	NOT-FOR-US: Vanilla
-CVE-2018-17570 (utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an ...)
+CVE-2018-17570
 	NOT-FOR-US: ViaBTC Exchange Server
-CVE-2018-17569 (network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an ...)
+CVE-2018-17569
 	NOT-FOR-US: ViaBTC Exchange Server
-CVE-2018-17568 (utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an ...)
+CVE-2018-17568
 	NOT-FOR-US: ViaBTC Exchange Server
-CVE-2018-17567 (Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 ...)
+CVE-2018-17567
 	{DLA-1541-1}
 	- jekyll 3.8.3+dfsg-3.1 (low; bug #909933)
 	[stretch] - jekyll <no-dsa> (Minor issue)
 	NOTE: https://github.com/jekyll/jekyll/pull/7224
 	NOTE: https://jekyllrb.com/news/2018/09/19/security-fixes-for-3-6-3-7-3-8/
-CVE-2018-17566 (In ThinkPHP 5.1.24, the inner function delete can be used for SQL ...)
+CVE-2018-17566
 	NOT-FOR-US: ThinkPHP
 CVE-2018-17565
 	RESERVED
@@ -8765,7 +8758,7 @@ CVE-2018-17564
 	RESERVED
 CVE-2018-17563
 	RESERVED
-CVE-2018-17562 (Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a ...)
+CVE-2018-17562
 	NOT-FOR-US: Multi-Tech FaxFinder
 CVE-2018-17561
 	RESERVED
@@ -8777,15 +8770,15 @@ CVE-2018-17558
 	RESERVED
 CVE-2018-17557
 	RESERVED
-CVE-2018-17556 (MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media ...)
+CVE-2018-17556
 	NOT-FOR-US: MODX Revolution
-CVE-2018-17555 (The web component on ARRIS TG2492LG-NA 061213 devices allows remote ...)
+CVE-2018-17555
 	NOT-FOR-US: ARRIS TG2492LG-NA 061213 devices
 CVE-2018-17554
 	RESERVED
-CVE-2018-17553 (An &quot;Unrestricted Upload of File with Dangerous Type&quot; issue with ...)
+CVE-2018-17553
 	NOT-FOR-US: Naviwebs Navigate CMS
-CVE-2018-17552 (SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote ...)
+CVE-2018-17552
 	NOT-FOR-US: Naviwebs Navigate CMS
 CVE-2018-17551
 	RESERVED
@@ -8805,17 +8798,17 @@ CVE-2018-17544
 	RESERVED
 CVE-2018-17543
 	RESERVED
-CVE-2018-17542 (SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds ...)
+CVE-2018-17542
 	NOT-FOR-US: MailSherlock
 CVE-2018-17541
 	RESERVED
-CVE-2018-17540 (The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a ...)
+CVE-2018-17540
 	{DSA-4309-1 DLA-1528-1}
 	- strongswan 5.7.1-1
 	NOTE: https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
-CVE-2018-17539 (The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and ...)
+CVE-2018-17539
 	NOT-FOR-US: BGP daemon (bgpd) in IP Infusion ZebOS and OcNOS
-CVE-2018-17538 (** DISPUTED ** Axon (formerly TASER International) Evidence Sync ...)
+CVE-2018-17538
 	NOT-FOR-US: Axon Evidence Sync
 CVE-2018-17537 [Persistent XSS package.json]
 	RESERVED
@@ -8831,11 +8824,11 @@ CVE-2018-17536 [Persistent XSS merge request project import]
 	NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
 CVE-2018-17535
 	RESERVED
-CVE-2018-17534 (Teltonika RUT9XX routers with firmware before 00.04.233 provide a root ...)
+CVE-2018-17534
 	NOT-FOR-US: Teltonika RUT9XX routers
-CVE-2018-17533 (Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to ...)
+CVE-2018-17533
 	NOT-FOR-US: Teltonika RUT9XX routers
-CVE-2018-17532 (Teltonika RUT9XX routers with firmware before 00.04.233 are prone to ...)
+CVE-2018-17532
 	NOT-FOR-US: Teltonika RUT9XX routers
 CVE-2018-17531
 	RESERVED
@@ -8937,10 +8930,10 @@ CVE-2018-17483
 	RESERVED
 CVE-2018-17482
 	RESERVED
-CVE-2018-17481 (Incorrect object lifecycle handling in PDFium in Google Chrome prior ...)
+CVE-2018-17481
 	{DSA-4395-1 DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-17480 (Execution of user supplied Javascript during array deserialization ...)
+CVE-2018-17480
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 CVE-2018-17479
@@ -8953,51 +8946,51 @@ CVE-2018-17478
 	{DSA-4340-1}
 	- chromium-browser 70.0.3538.102-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17477 (Incorrect dialog placement in Extensions in Google Chrome prior to ...)
+CVE-2018-17477
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17476 (Incorrect dialog placement in Cast UI in Google Chrome prior to ...)
+CVE-2018-17476
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17475 (Incorrect handling of history on iOS in Navigation in Google Chrome ...)
+CVE-2018-17475
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17474 (Use after free in HTMLImportsController in Blink in Google Chrome ...)
+CVE-2018-17474
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17473 (Incorrect handling of confusable characters in Omnibox in Google ...)
+CVE-2018-17473
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17472 (Incorrect handling of googlechrome:// URL scheme on iOS in Intents in ...)
+CVE-2018-17472
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17471 (Incorrect dialog placement in WebContents in Google Chrome prior to ...)
+CVE-2018-17471
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17470 (A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 ...)
+CVE-2018-17470
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17469 (Incorrect handling of PDF filter chains in PDFium in Google Chrome ...)
+CVE-2018-17469
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17468 (Incorrect handling of timer information during navigation in Blink in ...)
+CVE-2018-17468
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17467 (Insufficiently quick clearing of stale rendered content in Navigation ...)
+CVE-2018-17467
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17466 (Incorrect texture handling in Angle in Google Chrome prior to ...)
+CVE-2018-17466
 	{DSA-4362-1 DSA-4354-1 DSA-4330-1 DLA-1624-1 DLA-1605-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -9007,33 +9000,33 @@ CVE-2018-17466 (Incorrect texture handling in Angle in Google Chrome prior to ..
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-17466
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-17466
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-17466
-CVE-2018-17465 (Incorrect implementation of object trimming in V8 in Google Chrome ...)
+CVE-2018-17465
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17464 (Incorrect handling of history on iOS in Navigation in Google Chrome ...)
+CVE-2018-17464
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17463 (Incorrect side effect annotation in V8 in Google Chrome prior to ...)
+CVE-2018-17463
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17462 (Incorrect refcounting in AppCache in Google Chrome prior to ...)
+CVE-2018-17462
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17461 (An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 ...)
+CVE-2018-17461
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17460
 	RESERVED
-CVE-2018-17457 (An object lifecycle issue in Blink could lead to a use after free in ...)
+CVE-2018-17457
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17456 (Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x ...)
+CVE-2018-17456
 	{DSA-4311-1 DLA-1533-1}
 	- git 1:2.19.1-1
 	NOTE: https://public-inbox.org/git/xmqqy3bcuy3l.fsf@gitster-ct.c.googlers.com/
@@ -9082,127 +9075,127 @@ CVE-2018-17449 [Confidential information disclosure in events API endpoint]
 	- gitlab 11.1.8+dfsg-2
 	[stretch] - gitlab <not-affected> (Only affects 9.3 and later)
 	NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
-CVE-2018-17448 (An Incorrect Access Control issue was discovered in Citrix SD-WAN ...)
+CVE-2018-17448
 	NOT-FOR-US: Citrix
-CVE-2018-17447 (An Information Exposure Through Log Files issue was discovered in ...)
+CVE-2018-17447
 	NOT-FOR-US: Citrix
-CVE-2018-17446 (A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and ...)
+CVE-2018-17446
 	NOT-FOR-US: Citrix
-CVE-2018-17445 (A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and ...)
+CVE-2018-17445
 	NOT-FOR-US: Citrix
-CVE-2018-17444 (A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and ...)
+CVE-2018-17444
 	NOT-FOR-US: Citrix
-CVE-2018-17443 (An issue was discovered on D-Link Central WiFi Manager before v ...)
+CVE-2018-17443
 	NOT-FOR-US: D-Link
-CVE-2018-17442 (An issue was discovered on D-Link Central WiFi Manager before v ...)
+CVE-2018-17442
 	NOT-FOR-US: D-Link
-CVE-2018-17441 (An issue was discovered on D-Link Central WiFi Manager before v ...)
+CVE-2018-17441
 	NOT-FOR-US: D-Link
-CVE-2018-17440 (An issue was discovered on D-Link Central WiFi Manager before v ...)
+CVE-2018-17440
 	NOT-FOR-US: D-Link
-CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is a ...)
+CVE-2018-17439
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims
-CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of ...)
+CVE-2018-17438
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect
-CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...)
+CVE-2018-17437
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#memory-leak-in-h5o_dtype_decode_helper
-CVE-2018-17436 (ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library ...)
+CVE-2018-17436
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#invalid-write-memory-access-in-decompressc
-CVE-2018-17435 (A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ...)
+CVE-2018-17435
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln7#heap-overflow-in-h5o_attr_decode
-CVE-2018-17434 (A SIGFPE signal is raised in the function apply_filters() of ...)
+CVE-2018-17434
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_apply_filters_h5repack_filters
-CVE-2018-17433 (A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ...)
+CVE-2018-17433
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#heap-overflow-in-readgifimagedesc
-CVE-2018-17432 (A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in ...)
+CVE-2018-17432
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln6#null-pointer-dereference-in-h5o_sdspace_encode
-CVE-2018-17431 (Web Console in Comodo UTM Firewall before 2.7.0 allows remote ...)
+CVE-2018-17431
 	NOT-FOR-US: Comodo UTM
 CVE-2018-17430
 	RESERVED
-CVE-2018-17429 (/console/account/manage.php?type=action&amp;action=add in JTBC v3.0(C) has ...)
+CVE-2018-17429
 	NOT-FOR-US: JTBC
-CVE-2018-17428 (An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL ...)
+CVE-2018-17428
 	NOT-FOR-US: OPAC EasyWeb Five
-CVE-2018-17427 (SIMDComp before 0.1.0 allows remote attackers to cause a denial of ...)
+CVE-2018-17427
 	NOT-FOR-US: SIMDComp
-CVE-2018-17426 (WUZHI CMS 4.1.0 has stored XSS via the &quot;Extension module&quot; &quot;SMS in ...)
+CVE-2018-17426
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-17425 (WUZHI CMS 4.1.0 has stored XSS via the &quot;Membership Center&quot; &quot;I want to ...)
+CVE-2018-17425
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-17424
 	RESERVED
 CVE-2018-17423
 	RESERVED
-CVE-2018-17422 (dotCMS before 5.0.2 has open redirects via the ...)
+CVE-2018-17422
 	NOT-FOR-US: dotCMS
-CVE-2018-17421 (An issue was discovered in ZrLog 2.0.3. There is stored XSS in the file ...)
+CVE-2018-17421
 	NOT-FOR-US: ZrLog
-CVE-2018-17420 (An issue was discovered in ZrLog 2.0.3. There is a SQL injection ...)
+CVE-2018-17420
 	NOT-FOR-US: ZrLog
-CVE-2018-17419 (An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS ...)
+CVE-2018-17419
 	NOT-FOR-US: Miek Gieben DNS library for Go
-CVE-2018-17418 (Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code ...)
+CVE-2018-17418
 	NOT-FOR-US: Monstra CMS
 CVE-2018-17417
 	RESERVED
-CVE-2018-17416 (A SQL injection vulnerability exists in zzcms v8.3 via the ...)
+CVE-2018-17416
 	NOT-FOR-US: zzcms
-CVE-2018-17415 (zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id ...)
+CVE-2018-17415
 	NOT-FOR-US: zzcms
-CVE-2018-17414 (zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass ...)
+CVE-2018-17414
 	NOT-FOR-US: zzcms
-CVE-2018-17413 (XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin ...)
+CVE-2018-17413
 	NOT-FOR-US: zzcms
-CVE-2018-17412 (zzcms v8.3 contains a SQL Injection vulnerability in ...)
+CVE-2018-17412
 	NOT-FOR-US: zzcms
-CVE-2018-17411 (An XML External Entity (XXE) vulnerability exists in iWay Data Quality ...)
+CVE-2018-17411
 	NOT-FOR-US: iWay Data Quality Suite Web Console
-CVE-2018-17410 (Horus CMS allows SQL Injection, as demonstrated by a request to the ...)
+CVE-2018-17410
 	NOT-FOR-US: Horus CMS
 CVE-2018-17409
 	RESERVED
-CVE-2018-17408 (Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 ...)
+CVE-2018-17408
 	NOT-FOR-US: Zahir Accounting Enterprise Plus
 CVE-2018-17406
 	RESERVED
 CVE-2018-17405
 	RESERVED
-CVE-2018-17404 (The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for ...)
+CVE-2018-17404
 	NOT-FOR-US: SBIbuddy application
-CVE-2018-17403 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application ...)
+CVE-2018-17403
 	NOT-FOR-US: PhonePe wallet application
-CVE-2018-17402 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application ...)
+CVE-2018-17402
 	NOT-FOR-US: PhonePe wallet application
-CVE-2018-17401 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application ...)
+CVE-2018-17401
 	NOT-FOR-US: PhonePe wallet application
-CVE-2018-17400 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application ...)
+CVE-2018-17400
 	NOT-FOR-US: PhonePe wallet application
 CVE-2018-17399
 	RESERVED
 CVE-2018-17398
 	RESERVED
-CVE-2018-17397 (SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for ...)
+CVE-2018-17397
 	NOT-FOR-US: AlphaIndex Dictionaries component for Joomla!
 CVE-2018-17396
 	RESERVED
 CVE-2018-17395
 	RESERVED
-CVE-2018-17394 (SQL Injection exists in the Timetable Schedule 3.6.8 component for ...)
+CVE-2018-17394
 	NOT-FOR-US: Timetable Schedule component for Joomla!
 CVE-2018-17393
 	RESERVED
 CVE-2018-17392
 	RESERVED
-CVE-2018-17391 (SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via ...)
+CVE-2018-17391
 	NOT-FOR-US: Super Cms Blog Pro
 CVE-2018-17390
 	RESERVED
@@ -9214,27 +9207,27 @@ CVE-2018-17387
 	RESERVED
 CVE-2018-17386
 	RESERVED
-CVE-2018-17385 (SQL Injection exists in the Social Factory 3.8.3 component for Joomla! ...)
+CVE-2018-17385
 	NOT-FOR-US: Social Factory component for Joomla!
-CVE-2018-17384 (SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! ...)
+CVE-2018-17384
 	NOT-FOR-US: Swap Factory component for Joomla!
-CVE-2018-17383 (SQL Injection exists in the Collection Factory 4.1.9 component for ...)
+CVE-2018-17383
 	NOT-FOR-US: Collection Factory component for Joomla!
-CVE-2018-17382 (SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! ...)
+CVE-2018-17382
 	NOT-FOR-US: Jobs Factory component for Joomla!
 CVE-2018-17381
 	RESERVED
-CVE-2018-17380 (SQL Injection exists in the Article Factory Manager 4.3.9 component ...)
+CVE-2018-17380
 	NOT-FOR-US: Article Factory Manager component for Joomla!
-CVE-2018-17379 (SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! ...)
+CVE-2018-17379
 	NOT-FOR-US: Raffle Factory component for Joomla!
-CVE-2018-17378 (SQL Injection exists in the Penny Auction Factory 2.0.4 component for ...)
+CVE-2018-17378
 	NOT-FOR-US: Penny Auction Factory component for Joomla!
-CVE-2018-17377 (SQL Injection exists in the Questions 1.4.3 component for Joomla! via ...)
+CVE-2018-17377
 	NOT-FOR-US: Questions component for Joomla!
-CVE-2018-17376 (SQL Injection exists in the Reverse Auction Factory 4.3.8 component ...)
+CVE-2018-17376
 	NOT-FOR-US: Reverse Auction Factory component for Joomla!
-CVE-2018-17375 (SQL Injection exists in the Music Collection 3.0.3 component for ...)
+CVE-2018-17375
 	NOT-FOR-US: Music Collection component for Joomla!
 CVE-2018-17374
 	RESERVED
@@ -9246,39 +9239,39 @@ CVE-2018-17371
 	RESERVED
 CVE-2018-17370
 	RESERVED
-CVE-2018-17369 (An issue was discovered in springboot_authority through 2017-03-06. ...)
+CVE-2018-17369
 	NOT-FOR-US: springboot_authority
-CVE-2018-17368 (An issue was discovered in PublicCMS V4.0.180825. For an invalid login ...)
+CVE-2018-17368
 	NOT-FOR-US: PublicCMS
 CVE-2018-17367
 	RESERVED
-CVE-2018-17366 (An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability ...)
+CVE-2018-17366
 	NOT-FOR-US: MCMS
-CVE-2018-17365 (SeaCMS 6.64 allows remote attackers to delete arbitrary files via the ...)
+CVE-2018-17365
 	NOT-FOR-US: SeaCMS
-CVE-2018-17364 (OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via ...)
+CVE-2018-17364
 	NOT-FOR-US: OTCMS
 CVE-2018-17363
 	RESERVED
 CVE-2018-17362
 	RESERVED
-CVE-2018-17361 (Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers ...)
+CVE-2018-17361
 	NOT-FOR-US: WeaselCMS
-CVE-2018-17360 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2018-17360
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23685
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cf93e9c2cf8f8b2566f8fc86e961592b51b5980d
-CVE-2018-17359 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2018-17359
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23686
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=30838132997e6a3cfe3ec11c58b32b22f6f6b102
-CVE-2018-17358 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2018-17358
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9317,17 +9310,17 @@ CVE-2018-17343
 	RESERVED
 CVE-2018-17342
 	RESERVED
-CVE-2018-17341 (BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is ...)
+CVE-2018-17341
 	NOT-FOR-US: BigTree CMS
 CVE-2018-17340
 	RESERVED
 CVE-2018-17339
 	RESERVED
-CVE-2018-17338 (An issue has been found in pdfalto through 0.2. It is a heap-based ...)
+CVE-2018-17338
 	NOT-FOR-US: pdfalto
-CVE-2018-17337 (Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is ...)
+CVE-2018-17337
 	NOT-FOR-US: Intelbras NPLUG
-CVE-2018-17336 (UDisks 2.8.0 has a format string vulnerability in udisks_log in ...)
+CVE-2018-17336
 	- udisks2 2.8.1-1 (bug #909607)
 	[stretch] - udisks2 <not-affected> (Vulnerable code introduced later)
 	[jessie] - udisks2 <not-affected> (Vulnerable code introduced later)
@@ -9336,11 +9329,11 @@ CVE-2018-17336 (UDisks 2.8.0 has a format string vulnerability in udisks_log in
 	NOTE: Introduced by: https://github.com/storaged-project/udisks/commit/ad2ce6714e911be58011dd6b838ec0f6fd0f950f (udisks-2.6.4)
 CVE-2018-17335
 	RESERVED
-CVE-2018-17334 (An issue was discovered in libsvg2 through 2012-10-19. A stack-based ...)
+CVE-2018-17334
 	NOT-FOR-US: libsvg2
-CVE-2018-17333 (An issue was discovered in libsvg2 through 2012-10-19. A stack-based ...)
+CVE-2018-17333
 	NOT-FOR-US: libsvg2
-CVE-2018-17332 (An issue was discovered in libsvg2 through 2012-10-19. The ...)
+CVE-2018-17332
 	NOT-FOR-US: libsvg2
 CVE-2018-17331
 	RESERVED
@@ -9360,33 +9353,33 @@ CVE-2018-17324
 	RESERVED
 CVE-2018-17323
 	RESERVED
-CVE-2018-17322 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-17322
 	NOT-FOR-US: YUNUCMS
-CVE-2018-17321 (An issue was discovered in SeaCMS 6.64. XSS exists in ...)
+CVE-2018-17321
 	NOT-FOR-US: SeaCMS
-CVE-2018-17320 (An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via ...)
+CVE-2018-17320
 	NOT-FOR-US: UCMS
 CVE-2018-17319
 	RESERVED
 CVE-2018-17318
 	RESERVED
-CVE-2018-17317 (FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers ...)
+CVE-2018-17317
 	NOT-FOR-US: FruityWifi
-CVE-2018-17316 (On the RICOH MP C6003 printer, HTML Injection and Stored XSS ...)
+CVE-2018-17316
 	NOT-FOR-US: RICOH MP C6003 printer
-CVE-2018-17315 (On the RICOH MP C2003 printer, HTML Injection and Stored XSS ...)
+CVE-2018-17315
 	NOT-FOR-US: RICOH MP C2003 printer
-CVE-2018-17314 (On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS ...)
+CVE-2018-17314
 	NOT-FOR-US: RICOH Aficio MP 305+ printer
-CVE-2018-17313 (On the RICOH MP C307 printer, HTML Injection and Stored XSS ...)
+CVE-2018-17313
 	NOT-FOR-US: RICOH MP C307 printer
-CVE-2018-17312 (On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS ...)
+CVE-2018-17312
 	NOT-FOR-US: RICOH Aficio MP 301 printer
-CVE-2018-17311 (On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS ...)
+CVE-2018-17311
 	NOT-FOR-US: RICOH MP C6503 Plus printer
-CVE-2018-17310 (On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS ...)
+CVE-2018-17310
 	NOT-FOR-US: RICOH MP C1803 JPN printer
-CVE-2018-17309 (On the RICOH MP C406Z printer, HTML Injection and Stored XSS ...)
+CVE-2018-17309
 	NOT-FOR-US: RICOH MP C406Z printer
 CVE-2018-17308
 	RESERVED
@@ -9400,31 +9393,31 @@ CVE-2018-17304
 	RESERVED
 CVE-2018-17303
 	RESERVED
-CVE-2018-17302 (Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a ...)
+CVE-2018-17302
 	NOT-FOR-US: EspoCRM
-CVE-2018-17301 (Reflected XSS exists in ...)
+CVE-2018-17301
 	NOT-FOR-US: EspoCRM
-CVE-2018-17300 (Stored XSS exists in CuppaCMS through 2018-09-03 via an ...)
+CVE-2018-17300
 	NOT-FOR-US: CuppaCMS
 CVE-2018-17299
 	RESERVED
-CVE-2018-17298 (An issue was discovered in Enalean Tuleap before 10.5. Reset password ...)
+CVE-2018-17298
 	NOT-FOR-US: Enalean Tuleap
-CVE-2018-17297 (The unzip function in ZipUtil.java in Hutool before 4.1.12 allows ...)
+CVE-2018-17297
 	NOT-FOR-US: Hutool
 CVE-2018-17296
 	RESERVED
 CVE-2018-17295
 	RESERVED
-CVE-2018-17294 (The matchCurrentInput function inside lou_translateString.c of Liblouis ...)
+CVE-2018-17294
 	- liblouis 3.7.0-1
 	[stretch] - liblouis <no-dsa> (Minor issue)
 	[jessie] - liblouis <ignored> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/commit/5e4089659bb49b3095fa541fa6387b4c40d7396e
 	NOTE: https://github.com/liblouis/liblouis/issues/635
-CVE-2018-17293 (An issue was discovered in WAVM before 2018-09-16. The run function in ...)
+CVE-2018-17293
 	NOT-FOR-US: WAVM
-CVE-2018-17292 (An issue was discovered in WAVM before 2018-09-16. The loadModule ...)
+CVE-2018-17292
 	NOT-FOR-US: WAVM
 CVE-2018-17291
 	RESERVED
@@ -9442,19 +9435,19 @@ CVE-2018-17285
 	RESERVED
 CVE-2018-17284
 	RESERVED
-CVE-2018-17283 (Zoho ManageEngine OpManager before 12.3 Build 123196 does not require ...)
+CVE-2018-17283
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-17282 (An issue was discovered in Exiv2 v0.26. The function ...)
+CVE-2018-17282
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/457
 	NOTE: Fixed by: https://github.com/Exiv2/exiv2/commit/670fb73dd5ee8acab90971c4878de29f9fc43a02
 	NOTE: Introduced with: https://github.com/Exiv2/exiv2/commit/afb98cbc6e288dc8ea75f3394a347fb9b37abc55
-CVE-2018-17407 (An issue was discovered in t1_check_unusual_charstring functions in ...)
+CVE-2018-17407
 	{DSA-4299-1 DLA-1514-1}
 	- texlive-bin 2018.20180907.48586-2 (bug #909317)
 	NOTE: Fixed by: https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c
 	NOTE: Introduced in: https://github.com/TeX-Live/texlive-source/commit/59cbb8f96b0543c2912d6370ce8021181661e1cf
-CVE-2018-17281 (There is a stack consumption vulnerability in the ...)
+CVE-2018-17281
 	{DSA-4320-1 DLA-1523-1}
 	- asterisk 1:13.23.1~dfsg-1 (bug #909554)
 	NOTE: https://downloads.asterisk.org/pub/security/AST-2018-009.html
@@ -9507,11 +9500,11 @@ CVE-2018-17258
 	REJECTED
 CVE-2018-17257
 	REJECTED
-CVE-2018-17256 (Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS ...)
+CVE-2018-17256
 	NOT-FOR-US: Umbraco CMS
-CVE-2018-17255 (Navigate CMS 2.8 has Reflected XSS via the navigate.php fid parameter. ...)
+CVE-2018-17255
 	NOT-FOR-US: Navigate CMS
-CVE-2018-17254 (The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the ...)
+CVE-2018-17254
 	NOT-FOR-US: JCK Editor component for Joomla!
 CVE-2018-17253
 	REJECTED
@@ -9525,15 +9518,15 @@ CVE-2018-17249
 	REJECTED
 CVE-2018-17248
 	REJECTED
-CVE-2018-17247 (Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in ...)
+CVE-2018-17247
 	- elasticsearch <removed>
-CVE-2018-17246 (Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file ...)
+CVE-2018-17246
 	- kibana <itp> (bug #700337)
-CVE-2018-17245 (Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an ...)
+CVE-2018-17245
 	- kibana <itp> (bug #700337)
-CVE-2018-17244 (Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the ...)
+CVE-2018-17244
 	- elasticsearch <removed>
-CVE-2018-17243 (Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows ...)
+CVE-2018-17243
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-17242
 	RESERVED
@@ -9545,31 +9538,31 @@ CVE-2018-17239
 	RESERVED
 CVE-2018-17238
 	RESERVED
-CVE-2018-17237 (A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of ...)
+CVE-2018-17237
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/blob/master/HDF5/README.md#divided-by-zero---h5d__chunk_set_info_real_div_by_zero
-CVE-2018-17236 (The function MP4Free() in mp4property.cpp in libmp4v2 2.1.0 internally ...)
+CVE-2018-17236
 	- mp4v2 <removed> (bug #909277)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1629453
-CVE-2018-17235 (The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in ...)
+CVE-2018-17235
 	- mp4v2 <removed> (bug #909278)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1629451
-CVE-2018-17234 (Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in ...)
+CVE-2018-17234
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln3#memory-leak---h5o__chunk_deserialize_memory_leak
-CVE-2018-17233 (A SIGFPE signal is raised in the function ...)
+CVE-2018-17233
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln2#divided-by-zero---h5d__create_chunk_file_map_hyper_div_zero
-CVE-2018-17232 (SQL injection vulnerability in archivebot.py in docmarionum1 Slack ...)
+CVE-2018-17232
 	NOT-FOR-US: docmarionum1 Slack ArchiveBot (slack-archive-bot)
-CVE-2018-17231 (** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow ...)
+CVE-2018-17231
 	- telegram-desktop <unfixed> (unimportant)
 	NOTE: Disputed as attack scenario does not cross a privilege boundary.
-CVE-2018-17230 (Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to ...)
+CVE-2018-17230
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/455
@@ -9578,7 +9571,7 @@ CVE-2018-17230 (Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attacke
 	NOTE: Some extra care needs to be applied when fixing isolately the issue in
 	NOTE: experimental, as the commit afb98cbc6e288dc8ea75f3394a347fb9b37abc55
 	NOTE: would introduce/uncover CVE-2018-17282.
-CVE-2018-17229 (Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to ...)
+CVE-2018-17229
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/453
@@ -9587,7 +9580,7 @@ CVE-2018-17229 (Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attacker
 	NOTE: Some extra care needs to be applied when fixing isolately the issue in
 	NOTE: experimental, as the commit afb98cbc6e288dc8ea75f3394a347fb9b37abc55
 	NOTE: would introduce/uncover CVE-2018-17282.
-CVE-2018-17228 (nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell ...)
+CVE-2018-17228
 	NOT-FOR-US: nmap4j
 CVE-2018-17227
 	RESERVED
@@ -9607,13 +9600,13 @@ CVE-2018-17220
 	RESERVED
 CVE-2018-17219
 	RESERVED
-CVE-2018-17218 (An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. ...)
+CVE-2018-17218
 	NOT-FOR-US: PTC ThingWorx Platform
-CVE-2018-17217 (An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. ...)
+CVE-2018-17217
 	NOT-FOR-US: PTC ThingWorx Platform
-CVE-2018-17216 (An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. ...)
+CVE-2018-17216
 	NOT-FOR-US: PTC ThingWorx Platform
-CVE-2018-17215 (An information-disclosure issue was discovered in Postman through ...)
+CVE-2018-17215
 	NOT-FOR-US: Postman
 CVE-2018-17214
 	RESERVED
@@ -9627,23 +9620,23 @@ CVE-2018-17210
 	RESERVED
 CVE-2018-17209
 	RESERVED
-CVE-2018-17208 (Linksys Velop 1.1.2.187020 devices allow unauthenticated command ...)
+CVE-2018-17208
 	NOT-FOR-US: Linksys Velop
-CVE-2018-17207 (An issue was discovered in Snap Creek Duplicator before 1.2.42. By ...)
+CVE-2018-17207
 	NOT-FOR-US: Snap Creek Duplicator
-CVE-2018-17206 (An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The ...)
+CVE-2018-17206
 	- openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code does not exist; no such function)
 	NOTE: https://github.com/openvswitch/ovs/commit/5026a263d7846077eee540de42192d27da513226 (master)
 	NOTE: https://github.com/openvswitch/ovs/commit/20626d38c1a1d4cebb5a6911ea3cb6a7f4f993f8 (branch-2.8)
 	NOTE: https://github.com/openvswitch/ovs/commit/9237a63c47bd314b807cda0bd2216264e82edbe8 (branch-2.7)
-CVE-2018-17205 (An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, ...)
+CVE-2018-17205
 	- openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code does not exist; no such function)
 	NOTE: https://github.com/openvswitch/ovs/commit/9a0ac025de9303334688ff08f01fc08604d2f624 (master)
 	NOTE: https://github.com/openvswitch/ovs/commit/638d406e3b647359f3d82189d7a6ee56b4a54928 (branch-2.8)
 	NOTE: https://github.com/openvswitch/ovs/commit/0befd1f3745055c32940f5faf9559be6a14395e6 (branch-2.7)
-CVE-2018-17204 (An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, ...)
+CVE-2018-17204
 	- openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code does not exist; no such function)
 	NOTE: https://github.com/openvswitch/ovs/commit/9740d81d94888cb158fa99a9366fe2b32b3e4aaa (master)
@@ -9658,7 +9651,7 @@ CVE-2018-17201
 	RESERVED
 CVE-2018-17200
 	RESERVED
-CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks ...)
+CVE-2018-17199
 	{DLA-1647-1}
 	- apache2 2.4.38-1 (low; bug #920303)
 	[stretch] - apache2 <no-dsa> (Minor issue)
@@ -9668,37 +9661,37 @@ CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session
 CVE-2018-17198
 	RESERVED
 	NOT-FOR-US: Apache Roller
-CVE-2018-17197 (A carefully crafted or corrupt sqlite file can cause an infinite loop ...)
+CVE-2018-17197
 	- tika 1.20-1
 	[jessie] - tika <not-affected> (Only affects 1.8 to 1.19.1)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/22/2
 CVE-2018-17196
 	RESERVED
-CVE-2018-17195 (The template upload API endpoint accepted requests from different ...)
+CVE-2018-17195
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17194 (When a client request to a cluster node was replicated to other nodes ...)
+CVE-2018-17194
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17193 (The message-page.jsp error page used the value of the HTTP request ...)
+CVE-2018-17193
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17192 (The X-Frame-Options headers were applied inconsistently on some HTTP ...)
+CVE-2018-17192
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17191 (Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration ...)
+CVE-2018-17191
 	- netbeans 10.0-1
 	[stretch] - netbeans <ignored> (Nashorn module is not enabled. Javascript support is incomplete)
 	NOTE: Fixed upstream in version 10.0
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/30/1
-CVE-2018-17190 (In all versions of Apache Spark, its standalone resource manager ...)
+CVE-2018-17190
 	NOT-FOR-US: Apache Spark
-CVE-2018-17189 (In Apache HTTP server versions 2.4.37 and prior, by sending request ...)
+CVE-2018-17189
 	- apache2 2.4.38-1 (low; bug #920302)
 	[stretch] - apache2 <no-dsa> (Minor issue)
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/2
-CVE-2018-17188 (Prior to CouchDB version 2.3.0, CouchDB allowed for ...)
+CVE-2018-17188
 	- couchdb <removed>
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/17/1
-CVE-2018-17187 (The Apache Qpid Proton-J transport includes an optional wrapper layer ...)
+CVE-2018-17187
 	- qpid-proton 0.22.0-1 (unimportant)
 	NOTE: https://qpid.apache.org/cves/CVE-2018-17187.html
 	NOTE: https://issues.apache.org/jira/browse/PROTON-1962
@@ -9706,13 +9699,13 @@ CVE-2018-17187 (The Apache Qpid Proton-J transport includes an optional wrapper
 	NOTE: Up to 0.17.0-rc1 upstream proton-j was included in the qpid-proton distribution
 	NOTE: but then moved out to a own repository.
 	NOTE: Cf. https://github.com/apache/qpid-proton/commit/ccdcf32932f04b387da9d4dbd810da29cae223aa
-CVE-2018-17186 (An administrator with workflow definition entitlements can use DTD to ...)
+CVE-2018-17186
 	NOT-FOR-US: Apache Syncope
 CVE-2018-17185
 	RESERVED
-CVE-2018-17184 (A malicious user with enough administration entitlements can inject ...)
+CVE-2018-17184
 	NOT-FOR-US: Apache Syncope
-CVE-2018-17182 (An issue was discovered in the Linux kernel through 4.18.8. The ...)
+CVE-2018-17182
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.10-1
 	NOTE: https://git.kernel.org/linus/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2
@@ -9723,20 +9716,20 @@ CVE-2018-17180
 	RESERVED
 CVE-2018-17179
 	RESERVED
-CVE-2018-17178 (An issue was discovered on Neato Botvac Connected 2.2.0 devices. They ...)
+CVE-2018-17178
 	NOT-FOR-US: Neato Botvac Connected devices
-CVE-2018-17177 (An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 ...)
+CVE-2018-17177
 	NOT-FOR-US: Neato Botvac Connected and Botvac 85 devices
-CVE-2018-17176 (A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. ...)
+CVE-2018-17176
 	NOT-FOR-US: Neato Botvac Connected devices
-CVE-2018-17175 (In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for ...)
+CVE-2018-17175
 	- python-marshmallow 3.0.0b14-1 (bug #909140)
 	NOTE: https://github.com/marshmallow-code/marshmallow/issues/772
-CVE-2018-17174 (A stack-based buffer overflow was discovered in the xtimor NMEA ...)
+CVE-2018-17174
 	NOT-FOR-US: nmealib
-CVE-2018-17173 (LG SuperSign CMS allows remote attackers to execute arbitrary code via ...)
+CVE-2018-17173
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-17172 (The web application on Xerox AltaLink B80xx before 100.008.028.05200, ...)
+CVE-2018-17172
 	NOT-FOR-US: Xerox
 CVE-2018-17171
 	RESERVED
@@ -9758,29 +9751,29 @@ CVE-2018-17163
 	REJECTED
 CVE-2018-17162
 	REJECTED
-CVE-2018-17161 (In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, ...)
+CVE-2018-17161
 	NOT-FOR-US: FreeBSD bootpd
-CVE-2018-17160 (In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, ...)
+CVE-2018-17160
 	NOT-FOR-US: FreeBSD bhyve
-CVE-2018-17159 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS ...)
+CVE-2018-17159
 	NOT-FOR-US: FreeBSD nfs server
-CVE-2018-17158 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...)
+CVE-2018-17158
 	NOT-FOR-US: FreeBSD nfs server
-CVE-2018-17157 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...)
+CVE-2018-17157
 	NOT-FOR-US: FreeBSD nfs server
-CVE-2018-17156 (In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to ...)
+CVE-2018-17156
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-EN-18:13.icmp.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-17155 (In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, ...)
+CVE-2018-17155
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:12.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-17154 (In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and ...)
+CVE-2018-17154
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:10.syscall.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-1000802 (Python Software Foundation Python (CPython) version 2.7 contains a ...)
+CVE-2018-1000802
 	{DSA-4306-1 DLA-1520-1 DLA-1519-1}
 	- python3.7 <not-affected> (Fixed before initial upload)
 	- python3.6 <not-affected> (Fixed before initial upload)
@@ -9793,7 +9786,7 @@ CVE-2018-1000802 (Python Software Foundation Python (CPython) version 2.7 contai
 	NOTE: https://github.com/python/cpython/commit/a0934b2c1b939fdebee8dc18d49a0f6c52324773
 	NOTE: which used distutils.spawn.
 	NOTE: PoC: https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig
-CVE-2018-17153 (It was discovered that the Western Digital My Cloud device before ...)
+CVE-2018-17153
 	NOT-FOR-US: Western Digital My Cloud device
 CVE-2018-17152
 	RESERVED
@@ -9811,57 +9804,57 @@ CVE-2018-17146
 	RESERVED
 CVE-2018-17145
 	RESERVED
-CVE-2018-17144 (Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x ...)
+CVE-2018-17144
 	- bitcoin 0.16.3~dfsg-1
 	- litecoin 0.16.3-1
 	NOTE: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17144
-CVE-2018-17143 (The html package (aka x/net/html) through 2018-09-17 in Go mishandles ...)
+CVE-2018-17143
 	- golang-golang-x-net-dev <not-affected> (Vulnerable code introduced later)
 	- golang-go.net-dev <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/golang/go/issues/27704
 	NOTE: Fixed by: https://github.com/golang/net/commit/2f5d2388922f370f4355f327fcf4cfe9f5583908
 	NOTE: Introduced by: https://github.com/golang/net/commit/500e7a4f953ddaf55d316b4d3adc516aa0379622
-CVE-2018-17142 (The html package (aka x/net/html) through 2018-09-17 in Go mishandles ...)
+CVE-2018-17142
 	- golang-golang-x-net-dev <not-affected> (Vulnerable code introduced later)
 	- golang-go.net-dev <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/golang/go/issues/27702
 	NOTE: Fixed by: https://github.com/golang/net/commit/cf3bd585ca2a5a21b057abd8be7eea2204af89d0
 	NOTE: Introduced by: https://github.com/golang/net/commit/500e7a4f953ddaf55d316b4d3adc516aa0379622
-CVE-2018-17141 (HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute ...)
+CVE-2018-17141
 	{DSA-4298-1 DLA-1515-1}
 	- hylafax 3:6.0.6-8.1 (bug #909161)
 	NOTE: http://git.hylafax.org/HylaFAX?a=commit;h=82fa7bdbffc253de4d3e80a87d47fdbf68eabe36
-CVE-2018-17140 (The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS ...)
+CVE-2018-17140
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-17139 (UltimatePOS 2.5 allows users to upload arbitrary files, which leads to ...)
+CVE-2018-17139
 	NOT-FOR-US: UltimatePOS
-CVE-2018-17138 (The Jibu Pro plugin through 1.7 for WordPress is prone to Stored XSS ...)
+CVE-2018-17138
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-17137 (Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 ...)
+CVE-2018-17137
 	NOT-FOR-US: Prezi Next
-CVE-2018-17136 (zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via ...)
+CVE-2018-17136
 	NOT-FOR-US: zzcms
 CVE-2018-17135
 	RESERVED
-CVE-2018-17134 (admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute ...)
+CVE-2018-17134
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17133 (admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute ...)
+CVE-2018-17133
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17132 (admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute ...)
+CVE-2018-17132
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17131 (admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute ...)
+CVE-2018-17131
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17130 (PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header, ...)
+CVE-2018-17130
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17129 (MetInfo 6.1.0 has SQL injection in doexport() in ...)
+CVE-2018-17129
 	NOT-FOR-US: MetInfo
-CVE-2018-17128 (A Persistent XSS issue was discovered in the Visual Editor in MyBB ...)
+CVE-2018-17128
 	NOT-FOR-US: MyBB
-CVE-2018-17127 (blocking_request.cgi on ASUS GT-AC5300 devices through ...)
+CVE-2018-17127
 	NOT-FOR-US: ASUS
-CVE-2018-17126 (CScms 4.1 allows remote code execution, as demonstrated by ...)
+CVE-2018-17126
 	NOT-FOR-US: CScms
-CVE-2018-17125 (CScms 4.1 allows arbitrary directory deletion via a dir=..\\ substring ...)
+CVE-2018-17125
 	NOT-FOR-US: CScms
 CVE-2018-17124
 	RESERVED
@@ -9885,37 +9878,37 @@ CVE-2018-17115
 	RESERVED
 CVE-2018-17114
 	RESERVED
-CVE-2018-17113 (App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf ...)
+CVE-2018-17113
 	NOT-FOR-US: EasyCMS
 CVE-2018-17112
 	RESERVED
-CVE-2018-17111 (The onlyOwner modifier of a smart contract implementation for ...)
+CVE-2018-17111
 	NOT-FOR-US: onlyOwner modifier of a smart contract implementation for Coinlancer (CL)
-CVE-2018-17110 (Simple POS 4.0.24 allows SQL Injection via a products/get_products/ ...)
+CVE-2018-17110
 	NOT-FOR-US: Simple POS
 CVE-2018-17109
 	RESERVED
-CVE-2018-17108 (The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android ...)
+CVE-2018-17108
 	NOT-FOR-US: SBIbuddy
-CVE-2018-17107 (In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in ...)
+CVE-2018-17107
 	NOT-FOR-US: Tgstation tgstation-server
-CVE-2018-17106 (In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable ...)
+CVE-2018-17106
 	NOT-FOR-US: Tinyftpd
 CVE-2018-17105
 	RESERVED
-CVE-2018-17104 (An issue was discovered in Microweber 1.0.7. There is a CSRF attack ...)
+CVE-2018-17104
 	NOT-FOR-US: Microweber
-CVE-2018-17103 (** DISPUTED ** An issue was discovered in GetSimple CMS v3.3.13. There ...)
+CVE-2018-17103
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-17102 (An issue was discovered in QuickAppsCMS (aka QACMS) through ...)
+CVE-2018-17102
 	NOT-FOR-US: QuickAppsCMS
-CVE-2018-17101 (An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds ...)
+CVE-2018-17101
 	{DSA-4349-1 DLA-1557-1}
 	- tiff 4.0.9+git181026-1 (bug #909037)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2807
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/f1b94e8a3ba49febdd3361c0214a1d1149251577
-CVE-2018-17100 (An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in ...)
+CVE-2018-17100
 	{DLA-1557-1}
 	- tiff 4.0.9+git181026-1 (low; bug #909038)
 	[stretch] - tiff <postponed> (Minor issue)
@@ -9925,55 +9918,55 @@ CVE-2018-17100 (An issue was discovered in LibTIFF 4.0.9. There is a int32 overf
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/6da1fb3f64d43be37e640efbec60400d1f1ac39e
 CVE-2018-17099
 	RESERVED
-CVE-2018-17098 (The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 ...)
+CVE-2018-17098
 	- soundtouch 2.1.2+ds1-1 (low; bug #913894)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <ignored> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
-CVE-2018-17097 (The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 ...)
+CVE-2018-17097
 	- soundtouch 2.1.2+ds1-1 (low; bug #913895)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <ignored> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
-CVE-2018-17096 (The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli ...)
+CVE-2018-17096
 	- soundtouch 2.1.2+ds1-1 (low)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <ignored> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
-CVE-2018-17183 (Artifex Ghostscript before 9.25 allowed a user-writable error exception ...)
+CVE-2018-17183
 	{DSA-4294-1 DLA-1527-1}
 	- ghostscript 9.25~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699708
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
-CVE-2018-17095 (An issue has been discovered in mpruett Audio File Library (aka ...)
+CVE-2018-17095
 	- audiofile <unfixed> (low; bug #913166)
 	[stretch] - audiofile <no-dsa> (Minor issue)
 	[jessie] - audiofile <postponed> (Can be fixed along in future DLA)
 	NOTE: https://github.com/mpruett/audiofile/issues/50
 	NOTE: https://github.com/mpruett/audiofile/issues/51
-CVE-2018-17094 (An issue has been discovered in mackyle xar 1.6.1. There is a NULL ...)
+CVE-2018-17094
 	- xar <removed>
-CVE-2018-17093 (An issue has been discovered in mackyle xar 1.6.1. There is a NULL ...)
+CVE-2018-17093
 	- xar <removed>
-CVE-2018-17092 (An issue was discovered in DonLinkage 6.6.8. SQL injection in ...)
+CVE-2018-17092
 	NOT-FOR-US: DonLinkage
-CVE-2018-17091 (An issue was discovered in DonLinkage 6.6.8. It allows remote attackers ...)
+CVE-2018-17091
 	NOT-FOR-US: DonLinkage
-CVE-2018-17090 (An issue was discovered in DonLinkage 6.6.8. The modules ...)
+CVE-2018-17090
 	NOT-FOR-US: DonLinkage
 CVE-2018-17089
 	RESERVED
 CVE-2018-17087
 	RESERVED
-CVE-2018-17086 (An issue was discovered in OTCMS 3.61. XSS exists in ...)
+CVE-2018-17086
 	NOT-FOR-US: OTCMS
-CVE-2018-17085 (An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php ...)
+CVE-2018-17085
 	NOT-FOR-US: OTCMS
 CVE-2018-17084
 	RESERVED
 CVE-2018-17083
 	RESERVED
-CVE-2018-17082 (The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x ...)
+CVE-2018-17082
 	{DSA-4353-1 DLA-1509-1}
 	- php7.3 7.3.0~rc2-1
 	- php7.2 <unfixed>
@@ -9983,7 +9976,7 @@ CVE-2018-17082 (The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32,
 	NOTE: Fixed in 5.6.38, 7.0.32, 7.1.22, 7.2.10, 7.3.0RC1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76582
 	NOTE: https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e
-CVE-2018-17081 (e107 2.1.9 allows CSRF via ...)
+CVE-2018-17081
 	NOT-FOR-US: e107
 CVE-2018-17080
 	RESERVED
@@ -9991,112 +9984,112 @@ CVE-2018-17079
 	RESERVED
 CVE-2018-17078
 	RESERVED
-CVE-2018-17077 (An issue was discovered in yiqicms through 2016-11-20. There is stored ...)
+CVE-2018-17077
 	NOT-FOR-US: yiqicms
-CVE-2018-17076 (GPP through 2.25 will try to use more memory space than is available on ...)
+CVE-2018-17076
 	- gpp <unfixed> (unimportant; bug #908939)
 	NOTE: https://github.com/logological/gpp/issues/26
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-17075 (The html package (aka x/net/html) before 2018-07-13 in Go mishandles ...)
+CVE-2018-17075
 	- golang-golang-x-net-dev <not-affected> (Vulnerable code introduced later)
 	- golang-go.net-dev <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/golang/go/issues/27016
 	NOTE: Fixed by: https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50
 	NOTE: Introduced in: https://github.com/golang/net/commit/500e7a4f953ddaf55d316b4d3adc516aa0379622
-CVE-2018-17074 (The Feed Statistics plugin before 4.0 for WordPress has an Open ...)
+CVE-2018-17074
 	NOT-FOR-US: Feed Statistics plugin for WordPress
-CVE-2018-17073 (wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via ...)
+CVE-2018-17073
 	NOT-FOR-US: bitmap
-CVE-2018-17072 (JSON++ through 2016-06-15 has a buffer over-read in yyparse() in ...)
+CVE-2018-17072
 	NOT-FOR-US: JSON++
-CVE-2018-17071 (The fallback function of a simple lottery smart contract ...)
+CVE-2018-17071
 	NOT-FOR-US: fallback function of a simple lottery smart contract implementation for Lucky9io
-CVE-2018-17070 (An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the ...)
+CVE-2018-17070
 	NOT-FOR-US: UNL-CMS
-CVE-2018-17069 (An issue was discovered in UNL-CMS 7.59. A CSRF attack can create new ...)
+CVE-2018-17069
 	NOT-FOR-US: UNL-CMS
-CVE-2018-17068 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+CVE-2018-17068
 	NOT-FOR-US: D-Link
-CVE-2018-17067 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very ...)
+CVE-2018-17067
 	NOT-FOR-US: D-Link
-CVE-2018-17066 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+CVE-2018-17066
 	NOT-FOR-US: D-Link
-CVE-2018-17065 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within ...)
+CVE-2018-17065
 	NOT-FOR-US: D-Link
-CVE-2018-17064 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+CVE-2018-17064
 	NOT-FOR-US: D-Link
-CVE-2018-17063 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+CVE-2018-17063
 	NOT-FOR-US: D-Link
-CVE-2018-17062 (An issue was discovered in SeaCMS 6.64. XSS exists in admin_video.php ...)
+CVE-2018-17062
 	NOT-FOR-US: SeaCMS
-CVE-2018-17061 (BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, ...)
+CVE-2018-17061
 	NOT-FOR-US: BullGuard Safe Browsing
-CVE-2018-17060 (Telerik Extensions for ASP.NET MVC (all versions) does not whitelist ...)
+CVE-2018-17060
 	NOT-FOR-US: Telerik Extensions for ASP.NET MVC
 CVE-2018-17059
 	RESERVED
 CVE-2018-17058
 	RESERVED
-CVE-2018-17057 (An issue was discovered in TCPDF before 6.2.22. Attackers can trigger ...)
+CVE-2018-17057
 	- tcpdf 6.2.26+dfsg-1 (bug #908866)
 	[stretch] - tcpdf <no-dsa> (Minor issue)
 	[jessie] - tcpdf <ignored> (Minor issue)
 	NOTE: https://github.com/tecnickcom/TCPDF/commit/1861e33fe05f653b67d070f7c106463e7a5c26e
 	NOTE: Was considered minor for jessie since arbitrary deserialization
 	NOTE: is still possible using http and https.
-CVE-2018-17056 (Cross-site scripting (XSS) vulnerability in ServiceStack in Progress ...)
+CVE-2018-17056
 	NOT-FOR-US: Progress Sitefinity CMS
-CVE-2018-17055 (An arbitrary file upload vulnerability in Progress Sitefinity CMS ...)
+CVE-2018-17055
 	NOT-FOR-US: Progress Sitefinity CMS
-CVE-2018-17054 (Cross-site scripting (XSS) vulnerability in Identity Server in ...)
+CVE-2018-17054
 	NOT-FOR-US: Progress Sitefinity CMS
-CVE-2018-17053 (Cross-site scripting (XSS) vulnerability in Identity Server in ...)
+CVE-2018-17053
 	NOT-FOR-US: Progress Sitefinity CMS
 CVE-2018-17052
 	RESERVED
-CVE-2018-17051 (K-Net Cisco Configuration Manager through 2014-11-19 has XSS via ...)
+CVE-2018-17051
 	NOT-FOR-US: K-Net Cisco Configuration Manager
-CVE-2018-17050 (The mintToken function of a smart contract implementation for PolyAi ...)
+CVE-2018-17050
 	NOT-FOR-US: smart contract
-CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback ...)
+CVE-2018-17049
 	NOT-FOR-US: CQU-LANKERS
 CVE-2018-17048
 	RESERVED
 CVE-2018-17047
 	RESERVED
-CVE-2018-17046 (translate man before 2018-08-21 has XSS via ...)
+CVE-2018-17046
 	NOT-FOR-US: translate-man
-CVE-2018-17045 (An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF ...)
+CVE-2018-17045
 	NOT-FOR-US: CMS MaeloStore
-CVE-2018-17044 (In YzmCMS 5.1, stored XSS exists via the ...)
+CVE-2018-17044
 	NOT-FOR-US: YzmCMS
-CVE-2018-17043 (An issue has been found in doc2txt through 2014-03-19. It is a ...)
+CVE-2018-17043
 	NOT-FOR-US: doc2txt
-CVE-2018-17042 (An issue has been found in dbf2txt through 2012-07-19. It is a infinite ...)
+CVE-2018-17042
 	NOT-FOR-US: doc2txt
 CVE-2018-17041
 	RESERVED
 CVE-2018-17040
 	RESERVED
-CVE-2018-17039 (MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted ...)
+CVE-2018-17039
 	NOT-FOR-US: MiniCMS
 CVE-2018-17038
 	RESERVED
-CVE-2018-17037 (user/editpost.php in UCMS 1.4.6 mishandles levels, which allows ...)
+CVE-2018-17037
 	NOT-FOR-US: UCMS
-CVE-2018-17036 (An issue was discovered in UCMS 1.4.6. It allows PHP code injection ...)
+CVE-2018-17036
 	NOT-FOR-US: UCMS
-CVE-2018-17035 (UCMS 1.4.6 has SQL injection during installation via the ...)
+CVE-2018-17035
 	NOT-FOR-US: UCMS
-CVE-2018-17034 (UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter. ...)
+CVE-2018-17034
 	NOT-FOR-US: UCMS
 CVE-2018-17033
 	RESERVED
 CVE-2018-17032
 	RESERVED
-CVE-2018-17031 (In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger ...)
+CVE-2018-17031
 	NOT-FOR-US: Go Git Service
-CVE-2018-17030 (BigTree CMS 4.2.23 allows remote authenticated users, if possessing ...)
+CVE-2018-17030
 	NOT-FOR-US: BigTree CMS
 CVE-2018-17029
 	RESERVED
@@ -10104,61 +10097,61 @@ CVE-2018-17028
 	RESERVED
 CVE-2018-17027
 	RESERVED
-CVE-2018-17026 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
+CVE-2018-17026
 	NOT-FOR-US: Monstra CMS
-CVE-2018-17025 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
+CVE-2018-17025
 	NOT-FOR-US: Monstra CMS
-CVE-2018-17024 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
+CVE-2018-17024
 	NOT-FOR-US: Monstra CMS
-CVE-2018-17023 (Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 ...)
+CVE-2018-17023
 	NOT-FOR-US: ASUS GT-AC5300 routers
-CVE-2018-17022 (Stack-based buffer overflow on the ASUS GT-AC5300 router through ...)
+CVE-2018-17022
 	NOT-FOR-US: ASUS GT-AC5300 routers
-CVE-2018-17021 (Cross-site scripting (XSS) vulnerability on ASUS GT-AC5300 devices with ...)
+CVE-2018-17021
 	NOT-FOR-US: ASUS GT-AC5300 devices
-CVE-2018-17020 (ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allow ...)
+CVE-2018-17020
 	NOT-FOR-US: ASUS GT-AC5300 devices
-CVE-2018-17019 (In Bro through 2.5.5, there is a DoS in IRC protocol names command ...)
+CVE-2018-17019
 	- bro <unfixed> (bug #908779)
 	[stretch] - bro <no-dsa> (Minor issue)
 	NOTE: https://github.com/bro/bro/commit/c2b18849f8bb833253538f5dfedb4ed1dc176a30
-CVE-2018-17018 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17018
 	NOT-FOR-US: TP-Link
-CVE-2018-17017 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17017
 	NOT-FOR-US: TP-Link
-CVE-2018-17016 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17016
 	NOT-FOR-US: TP-Link
-CVE-2018-17015 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17015
 	NOT-FOR-US: TP-Link
-CVE-2018-17014 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17014
 	NOT-FOR-US: TP-Link
-CVE-2018-17013 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17013
 	NOT-FOR-US: TP-Link
-CVE-2018-17012 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17012
 	NOT-FOR-US: TP-Link
-CVE-2018-17011 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17011
 	NOT-FOR-US: TP-Link
-CVE-2018-17010 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17010
 	NOT-FOR-US: TP-Link
-CVE-2018-17009 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17009
 	NOT-FOR-US: TP-Link
-CVE-2018-17008 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17008
 	NOT-FOR-US: TP-Link
-CVE-2018-17007 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17007
 	NOT-FOR-US: TP-Link
-CVE-2018-17006 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17006
 	NOT-FOR-US: TP-Link
-CVE-2018-17005 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17005
 	NOT-FOR-US: TP-Link
-CVE-2018-17004 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
+CVE-2018-17004
 	NOT-FOR-US: TP-Link
-CVE-2018-17003 (In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been ...)
+CVE-2018-17003
 	- limesurvey <itp> (bug #472802)
-CVE-2018-17002 (On the RICOH MP 2001 printer, HTML Injection and Stored XSS ...)
+CVE-2018-17002
 	NOT-FOR-US: RICOH
-CVE-2018-17001 (On the RICOH SP 4510SF printer, HTML Injection and Stored XSS ...)
+CVE-2018-17001
 	NOT-FOR-US: RICOH
-CVE-2018-17000 (A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c ...)
+CVE-2018-17000
 	{DLA-1680-1}
 	- tiff 4.0.10-4 (bug #908778)
 	[stretch] - tiff <postponed> (Minor issue)
@@ -10166,7 +10159,7 @@ CVE-2018-17000 (A NULL pointer dereference in the function _TIFFmemcmp at tif_un
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2811
 	NOTE: Relates to http://bugzilla.maptools.org/show_bug.cgi?id=2833
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/802d3cbf3043be5dce5317e140ccb1c17a6a2d39
-CVE-2018-16999 (Netwide Assembler (NASM) 2.14rc15 has an invalid memory write ...)
+CVE-2018-16999
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392508
 	NOTE: https://github.com/netwide-assembler/nasm/commit/980dd658b521afe4a688c4195410c4449a8e2468
@@ -10193,95 +10186,95 @@ CVE-2018-16989
 	RESERVED
 CVE-2018-16988
 	RESERVED
-CVE-2018-16987 (Squash TM through 1.18.0 presents the cleartext passwords of external ...)
+CVE-2018-16987
 	NOT-FOR-US: Squash TM
-CVE-2018-16986 (Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 ...)
+CVE-2018-16986
 	NOT-FOR-US: Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices
-CVE-2018-16985 (In Lizard (formerly LZ5) 2.0, use of an invalid memory address was ...)
+CVE-2018-16985
 	NOT-FOR-US: Lizard
-CVE-2018-16984 (An issue was discovered in Django 2.1 before 2.1.2, in which ...)
+CVE-2018-16984
 	[experimental] - python-django 2:2.1.2-1
 	- python-django <not-affected> (bug #910016; vulnerable code not present)
 	NOTE: https://www.djangoproject.com/weblog/2018/oct/01/security-release/
 	NOTE: https://github.com/django/django/commit/bf39978a53f117ca02e9a0c78b76664a41a54745 (master)
 	NOTE: https://github.com/django/django/commit/c4bd5b597e0aa2432e4c867b86650f18af117851 (2.1)
-CVE-2018-16983 (NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other ...)
+CVE-2018-16983
 	- mozilla-noscript <unfixed> (unimportant)
 	NOTE: This is not a security issue in NoScript by itself
-CVE-2018-16982 (Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial ...)
+CVE-2018-16982
 	NOT-FOR-US: Open Chinese Convert (OpenCC)
-CVE-2018-16981 (stb stb_image.h 2.19, as used in catimg, Emscripten, and other ...)
+CVE-2018-16981
 	- catimg <undetermined>
 	NOTE: https://github.com/nothings/stb/issues/656
 	TODO: further check, stb_image.h in older version is embedded in src:catimg
-CVE-2018-16980 (dotCMS V5.0.1 has XSS in the ...)
+CVE-2018-16980
 	NOT-FOR-US: dotCMS
-CVE-2018-16979 (Monstra CMS V3.0.4 allows HTTP header injection in the ...)
+CVE-2018-16979
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16978 (Monstra CMS V3.0.4 has XSS when ones tries to register an account with ...)
+CVE-2018-16978
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16977 (Monstra CMS V3.0.4 has an information leakage risk (e.g., PATH, ...)
+CVE-2018-16977
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16975 (An issue was discovered in Elefant CMS before 2.0.7. There is a PHP ...)
+CVE-2018-16975
 	NOT-FOR-US: Elefant CMS
-CVE-2018-16974 (An issue was discovered in Elefant CMS before 2.0.7. There is a PHP ...)
+CVE-2018-16974
 	NOT-FOR-US: Elefant CMS
 CVE-2018-16973
 	RESERVED
 CVE-2018-16972
 	RESERVED
-CVE-2018-16971 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct ...)
+CVE-2018-16971
 	NOT-FOR-US: Wisetail Learning Ecosystem
-CVE-2018-16970 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct ...)
+CVE-2018-16970
 	NOT-FOR-US: Wisetail Learning Ecosystem
-CVE-2018-16969 (Citrix ShareFile StorageZones Controller before 5.4.2 has Information ...)
+CVE-2018-16969
 	NOT-FOR-US: Citrix ShareFile StorageZones Controller
-CVE-2018-16968 (Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory ...)
+CVE-2018-16968
 	NOT-FOR-US: Citrix ShareFile StorageZones Controller
 CVE-2018-16967
 	RESERVED
 CVE-2018-16966
 	RESERVED
-CVE-2018-16965 (In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there ...)
+CVE-2018-16965
 	NOT-FOR-US: Zoho
 CVE-2018-16964
 	RESERVED
 CVE-2018-16963
 	RESERVED
-CVE-2018-16962 (Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to ...)
+CVE-2018-16962
 	NOT-FOR-US: Webroot SecureAnywhere
 CVE-2018-16961
 	RESERVED
 CVE-2018-16960
 	RESERVED
-CVE-2018-16959 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
+CVE-2018-16959
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16958 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
+CVE-2018-16958
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16957 (The Oracle WebCenter Interaction 10.3.3 search service queryd.exe ...)
+CVE-2018-16957
 	NOT-FOR-US: Oracle WebCenter Interaction
-CVE-2018-16956 (The AjaxControl component of Oracle WebCenter Interaction Portal ...)
+CVE-2018-16956
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16955 (The login function of Oracle WebCenter Interaction Portal 10.3.3 is ...)
+CVE-2018-16955
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16954 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
+CVE-2018-16954
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16953 (The AjaxView::DisplayResponse() function of the portalpages.dll ...)
+CVE-2018-16953
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16952 (The Oracle WebCenter Interaction Portal 10.3.3 does not implement ...)
+CVE-2018-16952
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16976 (Gitolite before 3.6.9 does not (in certain configurations involving ...)
+CVE-2018-16976
 	- gitolite3 3.6.9-1 (bug #908699)
 	[stretch] - gitolite3 <no-dsa> (Minor issue)
 	[jessie] - gitolite3 <no-dsa> (Minor issue)
 	- gitolite <removed>
 	NOTE: https://groups.google.com/forum/#!topic/gitolite-announce/WrwDTYdbfRg
 	NOTE: https://github.com/sitaramc/gitolite/commit/dc13dfca8fdae5634bb0865f7e9822d2a268ed59
-CVE-2018-16951 (xunfeng 0.2.0 allows command execution via CSRF because masscan.py ...)
+CVE-2018-16951
 	NOT-FOR-US: xunfeng
-CVE-2018-16950 (Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices allow remote ...)
+CVE-2018-16950
 	NOT-FOR-US: Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices
-CVE-2018-16946 (LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken ...)
+CVE-2018-16946
 	NOT-FOR-US: LG smart network camera device
 CVE-2018-16945
 	RESERVED
@@ -10393,29 +10386,29 @@ CVE-2018-16892
 	RESERVED
 CVE-2018-16891
 	RESERVED
-CVE-2018-16890 (libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap ...)
+CVE-2018-16890
 	{DSA-4386-1 DLA-1672-1}
 	- curl 7.64.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16890.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/b780b30d1377adb10bbe774835f49e9b237fb9bb
 	NOTE: Introduced by: https://github.com/curl/curl/commit/86724581b6c02d160b52f817550cfdfc9c93af62
-CVE-2018-16889 (Ceph does not properly sanitize encryption keys in debug logging for ...)
+CVE-2018-16889
 	- ceph 12.2.11+dfsg1-1 (low; bug #918969)
 	[stretch] - ceph <postponed> (Minor issue)
 	[jessie] - ceph <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665334
 	NOTE: http://tracker.ceph.com/issues/37847
 	NOTE: https://github.com/ceph/ceph/commit/ba55e2a96c9dfcc7aa2311431beaaa23cb05c30d
-CVE-2018-16888 (It was discovered systemd does not correctly check the content of ...)
+CVE-2018-16888
 	- systemd 237-1 (low)
 	[stretch] - systemd <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - systemd <no-dsa> (low priority because this is inherently a bug in the PID file logic)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1662867
 	NOTE: Upstream issue: https://github.com/systemd/systemd/issues/6632
 	NOTE: Upstream patches: https://github.com/systemd/systemd/pull/7816
-CVE-2018-16887 (A cross-site scripting (XSS) flaw was found in the katello component ...)
+CVE-2018-16887
 	NOT-FOR-US: Katello
-CVE-2018-16886 (etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are ...)
+CVE-2018-16886
 	- etcd 3.2.26+dfsg-1 (bug #923008)
 	NOTE: Introduced by: https://github.com/etcd-io/etcd/commit/0191509637546621d6f2e18e074e955ab8ef374d
 	NOTE: Upstream issue: https://github.com/etcd-io/etcd/pull/10366
@@ -10423,16 +10416,16 @@ CVE-2018-16886 (etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are ..
 	NOTE: https://github.com/etcd-io/etcd/commit/a9a9466fb8ba11ad7bb6a44d7446fbd072d59887
 	NOTE: https://github.com/etcd-io/etcd/commit/99704e2a97e8710da942bdc737417fc9c9a2c03f
 	NOTE: https://github.com/etcd-io/etcd/commit/83c051b701d33261eef91a719e4421c81b000ba4
-CVE-2018-16885 (A flaw was found in the Linux kernel that allows the userspace to call ...)
+CVE-2018-16885
 	- linux 3.16.2-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1661503
 	NOTE: https://git.kernel.org/linus/06ebb06d49486676272a3c030bfeef4bd969a8e6
-CVE-2018-16884 (A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares ...)
+CVE-2018-16884
 	- linux 4.19.16-1
 	NOTE: https://patchwork.kernel.org/cover/10733767/
 	NOTE: https://patchwork.kernel.org/patch/10733769/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1660375
-CVE-2018-16883 (sssd versions from 1.13.0 to before 2.0.0 did not properly restrict ...)
+CVE-2018-16883
 	- sssd <unfixed> (bug #916824)
 	[stretch] - sssd <no-dsa> (Minor issue)
 	[jessie] - sssd <not-affected> (Issue got introduced with 1.13.0)
@@ -10440,50 +10433,50 @@ CVE-2018-16883 (sssd versions from 1.13.0 to before 2.0.0 did not properly restr
 	NOTE: Fixed in upstream 2.0.0 while refactoring code
 	NOTE: Fixed by https://pagure.io/SSSD/sssd/c/fbe2476a3dd9be83ffa85c29dca26f734618d72d?branch=master
 	NOTE: Fixes for older branches will be provided in January 2019.
-CVE-2018-16882 (A use-after-free issue was found in the way the Linux kernel's KVM ...)
+CVE-2018-16882
 	- linux 4.19.13-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://marc.info/?l=kvm&m=154514994222809&w=2
 	NOTE: Fixed by: https://git.kernel.org/linus/c2dd5146e9fe1f22c77c1b011adf84eea0245806
-CVE-2018-16881 (A denial of service vulnerability was found in rsyslog in the imptcp ...)
+CVE-2018-16881
 	- rsyslog 8.27.0-2
 	[stretch] - rsyslog <no-dsa> (Minor issue; imptcp not enabled by default)
 	[jessie] - rsyslog <not-affected> (Vulnerable code introduced in 8.13.1)
 	NOTE: Fixed by: https://github.com/rsyslog/rsyslog/commit/0381a0de64a5a048c3d48b79055bd9848d0c7fc2
 	NOTE: Introduced by: https://github.com/rsyslog/rsyslog/commit/6c52f29d593a27f934a1871d40eed84ebde3f3a6
-CVE-2018-16880 (A flaw was found in the Linux kernel's handle_rx() function in the ...)
+CVE-2018-16880
 	- linux 4.19.20-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced in 4.16-rc1)
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.16-rc1)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/25/1
-CVE-2018-16879 (Ansible Tower before version 3.3.3 does not set a secure channel as it ...)
+CVE-2018-16879
 	NOT-FOR-US: Ansible Tower
 CVE-2018-16878
 	RESERVED
 CVE-2018-16877
 	RESERVED
-CVE-2018-16876 (ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a ...)
+CVE-2018-16876
 	{DSA-4396-1}
 	- ansible 2.7.6+dfsg-1 (bug #916102)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ansible/ansible/pull/49569
 	NOTE: https://github.com/ansible/ansible/commit/4c6d714aefb05366cb329e139214c89ebb364899
-CVE-2018-16875 (The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 ...)
+CVE-2018-16875
 	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29233
 	NOTE: https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25 (1.11.3)
 	NOTE: https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d (1.10.6)
 	TODO: check other versions
-CVE-2018-16874 (In Go before 1.10.6 and 1.11.x before 1.11.3, the &quot;go get&quot; command is ...)
+CVE-2018-16874
 	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29231
 	NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3)
 	NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6)
 	TODO: check other versions
-CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the &quot;go get&quot; command is ...)
+CVE-2018-16873
 	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29230
@@ -10492,7 +10485,7 @@ CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the &quot;go get&q
 	NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6)
 	NOTE: https://github.com/golang/go/commit/7ef6ee2c5727f0d11206b4d1866c18e6ab4785be (1.10.6)
 	TODO: check other versions
-CVE-2018-16872 (A flaw was found in qemu Media Transfer Protocol (MTP). The code ...)
+CVE-2018-16872
 	{DLA-1694-1}
 	- qemu 1:3.1+dfsg-2 (bug #916397)
 	- qemu-kvm <removed>
@@ -10500,10 +10493,10 @@ CVE-2018-16872 (A flaw was found in qemu Media Transfer Protocol (MTP). The code
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=bab9df35ce73d1c8e19a37e2737717ea1c984dc1
 CVE-2018-16871
 	RESERVED
-CVE-2018-16870 (It was found that wolfssl before 3.15.7 is vulnerable to a new variant ...)
+CVE-2018-16870
 	- wolfssl <unfixed> (bug #918952)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/1950
-CVE-2018-16869 (A Bleichenbacher type side-channel based padding oracle attack was ...)
+CVE-2018-16869
 	- nettle 3.4.1~rc1-1
 	[stretch] - nettle <no-dsa> (Minor issue)
 	[jessie] - nettle <no-dsa> (Minor issue - https://lists.debian.org/debian-lts/2019/03/msg00021.html)
@@ -10512,7 +10505,7 @@ CVE-2018-16869 (A Bleichenbacher type side-channel based padding oracle attack w
 	NOTE: The upstream correction also makes a new public function that packages using
 	NOTE: nettle should use. This means that fixing this CVE is a pre-requisite for
 	NOTE: fixing other CVEs like CVE-2018-16868.
-CVE-2018-16868 (A Bleichenbacher type side-channel based padding oracle attack was ...)
+CVE-2018-16868
 	[experimental] - gnutls28 3.6.5-1
 	- gnutls28 3.6.5-2
 	[jessie] - gnutls28 <no-dsa> (Minor issue - https://lists.debian.org/debian-lts/2019/03/msg00021.html)
@@ -10522,7 +10515,7 @@ CVE-2018-16868 (A Bleichenbacher type side-channel based padding oracle attack w
 	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/832
 	NOTE: CVE-2018-16869 must be fixed first and a new build dependency on this new
 	NOTE: nettle version.
-CVE-2018-16867 (A flaw was found in qemu Media Transfer Protocol (MTP) before version ...)
+CVE-2018-16867
 	- qemu 1:3.1+dfsg-1 (bug #915884)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -10531,7 +10524,7 @@ CVE-2018-16867 (A flaw was found in qemu Media Transfer Protocol (MTP) before ve
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6 (master)
 	NOTE: vulnerable code introduced in
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=88d5f381ecb2d2828fd77676572ff9a99da699fb
-CVE-2018-16866 (An out of bounds read was discovered in systemd-journald in the way it ...)
+CVE-2018-16866
 	{DSA-4367-1}
 	- systemd 240-1
 	[jessie] - systemd <not-affected> (Vulnerable code not present)
@@ -10540,7 +10533,7 @@ CVE-2018-16866 (An out of bounds read was discovered in systemd-journald in the
 	NOTE: Fixed by: https://github.com/systemd/systemd/commit/8595102d3ddde6d25c282f965573a6de34ab4421 (v240) [2/2]
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16865 (An allocation of memory without limits, that could result in the stack ...)
+CVE-2018-16865
 	{DSA-4367-1 DLA-1639-1}
 	- systemd 240-4 (bug #918848)
 	NOTE: Intorduced in: https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc (v38)
@@ -10550,7 +10543,7 @@ CVE-2018-16865 (An allocation of memory without limits, that could result in the
 	NOTE: Fixes for master: https://github.com/systemd/systemd/pull/11374
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16864 (An allocation of memory without limits, that could result in the stack ...)
+CVE-2018-16864
 	{DSA-4367-1 DLA-1639-1}
 	- systemd 240-4 (bug #918841)
 	NOTE: Introduced in: https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184 (v203)
@@ -10559,28 +10552,28 @@ CVE-2018-16864 (An allocation of memory without limits, that could result in the
 	NOTE: Fixes for master: https://github.com/systemd/systemd/pull/11374
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16863 (It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An ...)
+CVE-2018-16863
 	- ghostscript <not-affected> (Red Hat-specific issue)
 	NOTE: Debian updates backported all fixes to released suites
-CVE-2018-16862 (A security flaw was found in the Linux kernel in a way that the ...)
+CVE-2018-16862
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://lore.kernel.org/patchwork/patch/1011367/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649017
 	NOTE: Fixed by: https://git.kernel.org/linus/6ff38bd40230af35e446239396e5fc8ebd6a5248
-CVE-2018-16861 (A cross-site scripting (XSS) flaw was found in the foreman component ...)
+CVE-2018-16861
 	- foreman <itp> (bug #663101)
 CVE-2018-16860
 	RESERVED
-CVE-2018-16859 (Execution of Ansible playbooks on Windows platforms with PowerShell ...)
+CVE-2018-16859
 	- ansible <not-affected> (Only issue when executing Ansible playbooks on Windows platforms)
 CVE-2018-16858 [Remote Code Execution via Macro/Event execution]
 	RESERVED
 	{DSA-4381-1 DLA-1669-1}
 	- libreoffice 1:6.1.3-1
 	NOTE: https://insert-script.blogspot.com/2019/02/libreoffice-cve-2018-16858-remote-code.html
-CVE-2018-16857 (Samba from version 4.9.0 and before version 4.9.3 that have AD DC ...)
+CVE-2018-16857
 	- samba 2:4.9.2+dfsg-2
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
@@ -10589,31 +10582,31 @@ CVE-2018-16856 [Private keys written to world-readable log files]
 	RESERVED
 	- octavia <not-affected> (Red Hat-specific, see bug #920769)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649165
-CVE-2018-16855 (An issue has been found in PowerDNS Recursor before version 4.1.8 ...)
+CVE-2018-16855
 	- pdns-recursor 4.1.8-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-09.html
-CVE-2018-16854 (A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier. The login form is not protected by a token to prevent login cross-site request forgery. Fixed versions include 3.6, 3.5.3, 3.4.6, 3.3.9 and 3.1.15. ...)
+CVE-2018-16854
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=378731
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
-CVE-2018-16853 (Samba from version 4.7.0 has a vulnerability that allows a user in a ...)
+CVE-2018-16853
 	- samba 2:4.9.2+dfsg-2 (unimportant)
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16853.html
 	NOTE: Samba in Debian is built with the default Heimdal Kerberos build
-CVE-2018-16852 (Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a ...)
+CVE-2018-16852
 	- samba 2:4.9.2+dfsg-2
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16852.html
-CVE-2018-16851 (Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is ...)
+CVE-2018-16851
 	{DSA-4345-1 DLA-1607-1}
 	- samba 2:4.9.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16851.html
-CVE-2018-16850 (postgresql before versions 11.1, 10.6 is vulnerable to a to SQL ...)
+CVE-2018-16850
 	- postgresql-11 11.1-1
 	- postgresql-10 <removed>
 	- postgresql-9.6 <not-affected> (Only affects 11.x and 10.x)
@@ -10621,65 +10614,65 @@ CVE-2018-16850 (postgresql before versions 11.1, 10.6 is vulnerable to a to SQL
 	- postgresql-9.1 <not-affected> (Only affects 11.x and 10.x)
 	NOTE: https://www.postgresql.org/about/news/1905/
 	NOTE: Fixed in 11.1, 10.6
-CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH private ...)
+CVE-2018-16849
 	- mistral 7.0.0-2 (low; bug #912714)
 	[stretch] - mistral 3.0.0-4+deb9u1
 	NOTE: https://bugs.launchpad.net/mistral/+bug/1783708
 CVE-2018-16848
 	RESERVED
-CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM Express ...)
+CVE-2018-16847
 	- qemu 1:3.1+dfsg-1 (bug #912655)
 	[stretch] - qemu <not-affected> (support for Controller Memory Buffers added later)
 	[jessie] - qemu <not-affected> (support for Controller Memory Buffers added later)
 	- qemu-kvm <not-affected> (support for Controller Memory Buffers added later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=87ad860c622cc8f8916b5232bd8728c08f938fce
-CVE-2018-16846 (It was found in Ceph versions before 13.2.4 that authenticated ceph ...)
+CVE-2018-16846
 	{DLA-1696-1}
 	- ceph 12.2.11+dfsg1-1 (bug #921947)
 	NOTE: http://tracker.ceph.com/issues/35994
 	NOTE: https://github.com/ceph/ceph/commit/4337e6a7d9f92c8549ebee20d0dd67a01e49857f
 	NOTE: https://github.com/ceph/ceph/commit/ab29bed2fc9f961fe895de1086a8208e21ddaddc
 	NOTE: Backport to 12.2.11: https://tracker.ceph.com/issues/37831
-CVE-2018-16845 (nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ...)
+CVE-2018-16845
 	{DSA-4335-1 DLA-1572-1}
 	- nginx 1.14.1-1 (bug #913090)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
 	NOTE: https://nginx.org/download/patch.2018.mp4.txt
 	NOTE: http://hg.nginx.org/nginx/rev/fdc19a3289c1
 	NOTE: Fixed in 1.15.6, 1.14.1.
-CVE-2018-16844 (nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the ...)
+CVE-2018-16844
 	{DSA-4335-1}
 	- nginx 1.14.1-1 (bug #913090)
 	[jessie] - nginx <not-affected> (HTTP 2.0 support added later)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
 	NOTE: http://hg.nginx.org/nginx/rev/9200b41db765
 	NOTE: Fixed in 1.15.6, 1.14.1.
-CVE-2018-16843 (nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the ...)
+CVE-2018-16843
 	{DSA-4335-1}
 	- nginx 1.14.1-1 (bug #913090)
 	[jessie] - nginx <not-affected> (HTTP 2.0 support added later)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
 	NOTE: http://hg.nginx.org/nginx/rev/d4448892a294
 	NOTE: Fixed in 1.15.6, 1.14.1.
-CVE-2018-16842 (Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based ...)
+CVE-2018-16842
 	{DSA-4331-1 DLA-1568-1}
 	- curl 7.62.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16842.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
-CVE-2018-16841 (Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 ...)
+CVE-2018-16841
 	{DSA-4345-1}
 	- samba 2:4.9.2+dfsg-2
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16841.html
-CVE-2018-16840 (A heap use-after-free flaw was found in curl versions from 7.59.0 ...)
+CVE-2018-16840
 	- curl 7.62.0-1
 	[stretch] - curl <not-affected> (Use-after-free issue introduced later)
 	[jessie] - curl <not-affected> (Use-after-free issue introduced later)
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16840.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f
 	NOTE: Introduced by: https://github.com/curl/curl/commit/b46cfbc068ebe90f18e9777b9e877e4934c1b5e3
-CVE-2018-16839 (Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun ...)
+CVE-2018-16839
 	{DSA-4331-1 DLA-1568-1}
 	- curl 7.62.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16839.html
@@ -10693,62 +10686,62 @@ CVE-2018-16838 [improper implementation of GPOs due to too restrictive permissio
 	NOTE: seems to presuppose configuration mistake: if sssd is not given enough permissions
 	NOTE: to read GPO, access is systematically granted instead of denied
 	TODO: check, Bugzilla entry does not provide details
-CVE-2018-16837 (Ansible &quot;User&quot; module leaks any data which is passed on as a parameter ...)
+CVE-2018-16837
 	{DSA-4396-1 DLA-1576-1}
 	- ansible 2.7.1+dfsg-1 (bug #912297)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1640642
 	NOTE: https://github.com/ansible/ansible/pull/47436
-CVE-2018-16836 (Rubedo through 3.4.0 contains a Directory Traversal vulnerability in ...)
+CVE-2018-16836
 	NOT-FOR-US: Rubedo CMS
 CVE-2018-16835
 	RESERVED
 CVE-2018-16834
 	RESERVED
-CVE-2018-16833 (Zoho ManageEngine Desktop Central 10.0.271 has XSS via the &quot;Features &amp; ...)
+CVE-2018-16833
 	NOT-FOR-US: Zoho
-CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to ...)
+CVE-2018-16832
 	NOT-FOR-US: xunfeng
-CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
+CVE-2018-16949
 	{DSA-4302-1 DLA-1513-1}
 	- openafs 1.8.2-1 (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt
-CVE-2018-16948 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
+CVE-2018-16948
 	{DSA-4302-1 DLA-1513-1}
 	- openafs 1.8.2-1 (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt
-CVE-2018-16947 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
+CVE-2018-16947
 	{DSA-4302-1 DLA-1513-1}
 	- openafs 1.8.2-1 (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt
-CVE-2018-17458 (An improper update of the WebAssembly dispatch table in WebAssembly in ...)
+CVE-2018-17458
 	{DSA-4297-1}
 	- chromium-browser 69.0.3497.92-1 (bug #908806)
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17459 (Incorrect handling of clicks in the omnibox in Navigation in Google ...)
+CVE-2018-17459
 	{DSA-4297-1}
 	- chromium-browser 69.0.3497.92-1 (bug #908806)
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-1002009 (There is a reflected XSS vulnerability in WordPress Arigato ...)
+CVE-2018-1002009
 	NOTE: Wordpress plugin
-CVE-2018-1002008 (There is a reflected XSS vulnerability in WordPress Arigato ...)
+CVE-2018-1002008
 	NOTE: Wordpress plugin
-CVE-2018-1002007 (There is a reflected XSS vulnerability in WordPress Arigato ...)
+CVE-2018-1002007
 	NOTE: Wordpress plugin
-CVE-2018-1002006 (These vulnerabilities require administrative privileges to exploit. ...)
+CVE-2018-1002006
 	NOTE: Wordpress plugin
-CVE-2018-1002005 (These vulnerabilities require administrative privileges to exploit. ...)
+CVE-2018-1002005
 	NOTE: Wordpress plugin
-CVE-2018-1002004 (There is a reflected XSS vulnerability in WordPress Arigato ...)
+CVE-2018-1002004
 	NOTE: Wordpress plugin
-CVE-2018-1002003 (There is a reflected XSS vulnerability in WordPress Arigato ...)
+CVE-2018-1002003
 	NOTE: Wordpress plugin
-CVE-2018-1002002 (There is a reflected XSS vulnerability in WordPress Arigato ...)
+CVE-2018-1002002
 	NOTE: Wordpress plugin
-CVE-2018-1002001 (There is a reflected XSS vulnerability in WordPress Arigato ...)
+CVE-2018-1002001
 	NOTE: Wordpress plugin
-CVE-2018-1002000 (There is blind SQL injection in WordPress Arigato Autoresponder and ...)
+CVE-2018-1002000
 	NOTE: Wordpress plugin
-CVE-2018-16831 (Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir ...)
+CVE-2018-16831
 	- smarty3 3.1.33+20180830.1.3a78a21f+selfpack1-1 (bug #908698)
 	[jessie] - smarty3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/smarty-php/smarty/issues/486
@@ -10770,13 +10763,13 @@ CVE-2018-16824
 	RESERVED
 CVE-2018-16823
 	RESERVED
-CVE-2018-16822 (SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php ...)
+CVE-2018-16822
 	NOT-FOR-US: SeaCMS
-CVE-2018-16821 (SeaCMS 6.64 allows arbitrary directory listing via ...)
+CVE-2018-16821
 	NOT-FOR-US: SeaCMS
-CVE-2018-16820 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory ...)
+CVE-2018-16820
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16819 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion ...)
+CVE-2018-16819
 	NOT-FOR-US: Monstra CMS
 CVE-2018-16818
 	RESERVED
@@ -10796,23 +10789,23 @@ CVE-2018-16811
 	RESERVED
 CVE-2018-16810
 	RESERVED
-CVE-2018-16809 (An issue was discovered in Dolibarr through 7.0.0. ...)
+CVE-2018-16809
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/9449
-CVE-2018-16808 (An issue was discovered in Dolibarr through 7.0.0. There is Stored XSS ...)
+CVE-2018-16808
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/9449
-CVE-2018-16807 (In Bro through 2.5.5, there is a memory leak potentially leading to DoS ...)
+CVE-2018-16807
 	- bro <unfixed> (low; bug #908614)
 	[stretch] - bro <no-dsa> (Minor issue)
 	NOTE: https://github.com/bro/bro/commit/34d0cf886ca16c665f673a299e295b2a2bc14533
-CVE-2018-16806 (A Pektron Passive Keyless Entry and Start (PKES) system, as used on the ...)
+CVE-2018-16806
 	NOT-FOR-US: Tesla
-CVE-2018-16805 (In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles ...)
+CVE-2018-16805
 	NOT-FOR-US: b3log
-CVE-2018-16804 (An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, ...)
+CVE-2018-16804
 	NOT-FOR-US: UCMS
-CVE-2018-16803 (In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows ...)
+CVE-2018-16803
 	NOT-FOR-US: CIMTechniques CIMScan
 CVE-2018-16801
 	RESERVED
@@ -10822,35 +10815,34 @@ CVE-2018-16799
 	RESERVED
 CVE-2018-16798
 	RESERVED
-CVE-2018-16797 (A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 ...)
+CVE-2018-16797
 	NOT-FOR-US: PotPlayer
-CVE-2018-16796 (HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files ...)
+CVE-2018-16796
 	NOT-FOR-US: HiScout GRC Suite
 CVE-2018-16795
 	RESERVED
-CVE-2018-16794 (Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory ...)
+CVE-2018-16794
 	NOT-FOR-US: Microsoft ADFS 4.0 Windows Server
-CVE-2018-16793 (Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions ...)
+CVE-2018-16793
 	NOT-FOR-US: Rollup 18 for Microsoft Exchange Server
-CVE-2018-16802 (An issue was discovered in Artifex Ghostscript before 9.25. Incorrect ...)
+CVE-2018-16802
 	{DSA-4294-1 DLA-1504-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24dbd002fb9c131313253c307cf3951b3d47
 	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590
-CVE-2018-16792 (SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via ...)
+CVE-2018-16792
 	NOT-FOR-US: SolarWinds SFTP/SCP server
-CVE-2018-16791 (In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration ...)
+CVE-2018-16791
 	NOT-FOR-US: SolarWinds SFTP/SCP server
-CVE-2018-16790 (_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in ...)
+CVE-2018-16790
 	- libbson <unfixed> (bug #913896)
 	[stretch] - libbson <no-dsa> (Minor issue)
 	- mongo-c-driver 1.13.0-1 (bug #913963)
 	NOTE: https://jira.mongodb.org/browse/CDRIVER-2819
 	NOTE: https://github.com/mongodb/mongo-c-driver/commit/0d9a4d98bfdf4acd2c0138d4aaeb4e2e0934bd84
 CVE-2018-16789 [infinite loop due to malformed request payload]
-	RESERVED
 	- shellinabox 2.21 (low)
 	[stretch] - shellinabox <no-dsa> (Minor issue)
 	[jessie] - shellinabox <no-dsa> (Minor issue)
@@ -10859,63 +10851,63 @@ CVE-2018-16788
 	RESERVED
 CVE-2018-16787
 	RESERVED
-CVE-2018-16786 (DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in the msg ...)
+CVE-2018-16786
 	NOT-FOR-US: DedeCMS
-CVE-2018-16785 (XML injection vulnerability exists in the file of DedeCMS V5.7 SP2 ...)
+CVE-2018-16785
 	NOT-FOR-US: DedeCMS
-CVE-2018-16784 (DedeCMS 5.7 SP2 allows XML injection, and resultant remote code ...)
+CVE-2018-16784
 	NOT-FOR-US: DedeCMS
 CVE-2018-16783
 	RESERVED
-CVE-2018-16782 (libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the ...)
+CVE-2018-16782
 	NOT-FOR-US: ImageWorsener
-CVE-2018-16781 (ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause ...)
+CVE-2018-16781
 	NOT-FOR-US: Some Windows picture viewer using ffmpeg incorrectly
-CVE-2018-16780 (Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. ...)
+CVE-2018-16780
 	NOT-FOR-US: Complete Responsive CMS Blog
-CVE-2018-16779 (BlogCMS through 2016-10-25 has XSS via a comment. ...)
+CVE-2018-16779
 	NOT-FOR-US: BlogCMS
-CVE-2018-16778 (Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through ...)
+CVE-2018-16778
 	NOT-FOR-US: Jenzabar
 CVE-2018-16777
 	RESERVED
-CVE-2018-16776 (wityCMS 0.6.2 has XSS via the &quot;Site Name&quot; field found in the &quot;Contact&quot; ...)
+CVE-2018-16776
 	NOT-FOR-US: wityCMS
-CVE-2018-16775 (An issue was discovered in Victor CMS through 2018-05-10. There is XSS ...)
+CVE-2018-16775
 	NOT-FOR-US: Victor CMS
-CVE-2018-16774 (HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file ...)
+CVE-2018-16774
 	NOT-FOR-US: HongCMS
-CVE-2018-16773 (EasyCMS 1.5 allows XSS via the ...)
+CVE-2018-16773
 	NOT-FOR-US: EasyCMS
-CVE-2018-16772 (Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered ...)
+CVE-2018-16772
 	NOT-FOR-US: Hoosk
-CVE-2018-16771 (Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is provided ...)
+CVE-2018-16771
 	NOT-FOR-US: Hoosk
-CVE-2018-16770 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly ...)
+CVE-2018-16770
 	NOT-FOR-US: WAVM
-CVE-2018-16769 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly ...)
+CVE-2018-16769
 	NOT-FOR-US: WAVM
-CVE-2018-16768 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly ...)
+CVE-2018-16768
 	NOT-FOR-US: WAVM
-CVE-2018-16767 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly ...)
+CVE-2018-16767
 	NOT-FOR-US: WAVM
-CVE-2018-16766 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly ...)
+CVE-2018-16766
 	NOT-FOR-US: WAVM
-CVE-2018-16765 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly ...)
+CVE-2018-16765
 	NOT-FOR-US: WAVM
-CVE-2018-16764 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly ...)
+CVE-2018-16764
 	NOT-FOR-US: WAVM
-CVE-2018-16763 (FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter ...)
+CVE-2018-16763
 	NOT-FOR-US: FUEL CMS
-CVE-2018-16762 (FUEL CMS 1.4.1 allows SQL Injection via the layout, published, or ...)
+CVE-2018-16762
 	NOT-FOR-US: FUEL CMS
-CVE-2018-16761 (Eventum before 3.4.0 has an open redirect vulnerability. ...)
+CVE-2018-16761
 	NOT-FOR-US: Eventum
 CVE-2018-16760
 	RESERVED
-CVE-2018-16759 (The removeXSS function in App/Common/common.php (called from ...)
+CVE-2018-16759
 	NOT-FOR-US: EasyCMS
-CVE-2018-16758 (Missing message authentication in the meta-protocol in Tinc VPN ...)
+CVE-2018-16758
 	{DSA-4312-1 DLA-1538-1}
 	- tinc 1.0.35-1
 	NOTE: http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=e97943b7cc9c851ae36f5a41e2b6102faa74193f
@@ -10929,16 +10921,16 @@ CVE-2018-16754
 	RESERVED
 CVE-2018-16753
 	RESERVED
-CVE-2018-16752 (LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code ...)
+CVE-2018-16752
 	NOT-FOR-US: LINK-NET LW-N605R devices
 CVE-2018-16751
 	RESERVED
-CVE-2018-16750 (In ImageMagick 7.0.7-29 and earlier, a memory leak in the ...)
+CVE-2018-16750
 	- imagemagick 8:6.9.10.2+dfsg-2 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1118
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/33d1b9590c401d4aee666ffd10b16868a38cf705
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/359331c61193138ce2b85331df25235b81499cfc
-CVE-2018-16749 (In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ...)
+CVE-2018-16749
 	{DLA-1530-1}
 	- imagemagick 8:6.9.10.2+dfsg-2 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10950,29 +10942,29 @@ CVE-2018-16747
 	RESERVED
 CVE-2018-16746
 	RESERVED
-CVE-2018-16745 (An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() ...)
+CVE-2018-16745
 	- mgetty 1.2.1-1
 	[stretch] - mgetty <no-dsa> (Minor issue)
 	[jessie] - mgetty <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream commit: 750939dfcaea9aa93dcea99526c49da7cafafe7f (1.2.1)
-CVE-2018-16744 (An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() ...)
+CVE-2018-16744
 	- mgetty 1.2.1-1
 	[stretch] - mgetty <no-dsa> (Minor issue)
 	[jessie] - mgetty <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream commit: 750939dfcaea9aa93dcea99526c49da7cafafe7f (1.2.1)
-CVE-2018-16743 (An issue was discovered in mgetty before 1.2.1. In ...)
+CVE-2018-16743
 	- mgetty 1.2.1-1 (unimportant)
 	NOTE: contrib/next-login/ not built in Debian packaging
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream commit: 5feff135626b8dde886213ce0c99cc4349028a7e (1.2.1)
-CVE-2018-16742 (An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a ...)
+CVE-2018-16742
 	- mgetty 1.2.1-1 (unimportant)
 	NOTE: contrib/scrts not built in Debian packaging
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream removed contrib/scrts in 7d018d471f4c737f77ef281f5859a3b1c9ded42f (1.2.1)
-CVE-2018-16741 (An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, ...)
+CVE-2018-16741
 	{DSA-4291-1 DLA-1502-1}
 	- mgetty 1.2.1-1 (bug #910448)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
@@ -10981,42 +10973,42 @@ CVE-2018-16740
 	RESERVED
 CVE-2018-16739
 	RESERVED
-CVE-2018-16738 (tinc 1.0.30 through 1.0.34 has a broken authentication protocol, ...)
+CVE-2018-16738
 	{DSA-4312-1}
 	- tinc 1.0.35-1
 	[jessie] - tinc <not-affected> (Only affects 1.0.30 to 1.0.34)
 	NOTE: http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a
 	NOTE: This CVE is specific for tinc versions which did had mitigations put
 	NOTE: in place for the Sweet32 attack in tinc 1.0.30.
-CVE-2018-16737 (tinc before 1.0.30 has a broken authentication protocol, without even ...)
+CVE-2018-16737
 	{DLA-1538-1}
 	- tinc 1.0.31-1
 	NOTE: http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a
-CVE-2018-16736 (In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the ...)
+CVE-2018-16736
 	NOT-FOR-US: rcfilters plugin for Roundcube
 CVE-2018-16735
 	RESERVED
 CVE-2018-16734
 	RESERVED
-CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in ...)
+CVE-2018-16733
 	NOT-FOR-US: Go Ethereum
-CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via ...)
+CVE-2018-16732
 	NOT-FOR-US: CScms
-CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding the php ...)
+CVE-2018-16731
 	NOT-FOR-US: CScms
-CVE-2018-16730 (\upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name. ...)
+CVE-2018-16730
 	NOT-FOR-US: CScms
-CVE-2018-16729 (Pluck 4.7.7 allows XSS via an SVG file that contains Javascript in a ...)
+CVE-2018-16729
 	NOT-FOR-US: Pluck CMS
-CVE-2018-16728 (feindura 2.0.7 allows XSS via the tags field of a new page created at ...)
+CVE-2018-16728
 	NOT-FOR-US: feindura
-CVE-2018-16727 (razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage ...)
+CVE-2018-16727
 	NOT-FOR-US: razorCMS
-CVE-2018-16726 (razorCMS 3.4.7 allows HTML injection via the description of the ...)
+CVE-2018-16726
 	NOT-FOR-US: razorCMS
-CVE-2018-16725 (An issue is discovered in baijiacms V4. XSS exists via the ...)
+CVE-2018-16725
 	NOT-FOR-US: baijiacms
-CVE-2018-16724 (An issue is discovered in baijiacms V4. Blind SQL Injection exists via ...)
+CVE-2018-16724
 	NOT-FOR-US: baijiacms
 CVE-2018-16723
 	RESERVED
@@ -11034,32 +11026,32 @@ CVE-2018-16717
 	RESERVED
 CVE-2018-16716
 	RESERVED
-CVE-2018-16715 (An issue was discovered in Absolute Software CTES Windows Agent through ...)
+CVE-2018-16715
 	NOT-FOR-US: Absolute Software CTES Windows Agent
 CVE-2018-16714
 	RESERVED
-CVE-2018-16713 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or ...)
+CVE-2018-16713
 	NOT-FOR-US: IObit Advanced SystemCare
-CVE-2018-16712 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or ...)
+CVE-2018-16712
 	NOT-FOR-US: IObit Advanced SystemCare
-CVE-2018-16711 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or ...)
+CVE-2018-16711
 	NOT-FOR-US: IObit Advanced SystemCare
-CVE-2018-16710 (** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to ...)
+CVE-2018-16710
 	- octoprint <itp> (bug #718591)
 	NOTE: https://github.com/foosel/OctoPrint/issues/2814
-CVE-2018-16709 (Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ...)
+CVE-2018-16709
 	NOT-FOR-US: Fuji Xerox devices
 CVE-2018-16708
 	RESERVED
 CVE-2018-16707
 	RESERVED
-CVE-2018-16706 (LG SuperSign CMS allows TVs to be rebooted remotely without ...)
+CVE-2018-16706
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16705 (FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the ...)
+CVE-2018-16705
 	NOT-FOR-US: FURUNO FELCOM 250 and 500 devices
-CVE-2018-16704 (An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure ...)
+CVE-2018-16704
 	NOT-FOR-US: Gleez CMS
-CVE-2018-16703 (A vulnerability in the Gleez CMS 1.2.0 login page could allow an ...)
+CVE-2018-16703
 	NOT-FOR-US: Gleez CMS
 CVE-2018-16702
 	RESERVED
@@ -11121,25 +11113,25 @@ CVE-2018-16674
 	RESERVED
 CVE-2018-16673
 	RESERVED
-CVE-2018-16672 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. Due to ...)
+CVE-2018-16672
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16671 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is ...)
+CVE-2018-16671
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16670 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is ...)
+CVE-2018-16670
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16669 (An issue was discovered in CIRCONTROL Open Charge Point Protocol ...)
+CVE-2018-16669
 	NOT-FOR-US: CIRCONTROL Open Charge Point Protocol
-CVE-2018-16668 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is ...)
+CVE-2018-16668
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16667 (An issue was discovered in Contiki-NG through 4.1. There is a buffer ...)
+CVE-2018-16667
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16666 (An issue was discovered in Contiki-NG through 4.1. There is a ...)
+CVE-2018-16666
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16665 (An issue was discovered in Contiki-NG through 4.1. There is a buffer ...)
+CVE-2018-16665
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16664 (An issue was discovered in Contiki-NG through 4.1. There is a buffer ...)
+CVE-2018-16664
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16663 (An issue was discovered in Contiki-NG through 4.1. There is a ...)
+CVE-2018-16663
 	NOT-FOR-US:  Contiki Operating System
 CVE-2018-16662
 	RESERVED
@@ -11147,46 +11139,46 @@ CVE-2018-16661
 	RESERVED
 CVE-2018-16660
 	RESERVED
-CVE-2018-16659 (An issue was discovered in Rausoft ID.prove 2.95. The login page ...)
+CVE-2018-16659
 	NOT-FOR-US: Rausoft ID.prove
-CVE-2018-16657 (In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message ...)
+CVE-2018-16657
 	{DSA-4292-1 DLA-1503-1}
 	- kamailio 5.1.4-1 (bug #908324)
 	NOTE: https://skalatan.de/blog/advisory-hw-2018-06
 	NOTE: https://github.com/kamailio/kamailio/commit/ad68e402ece8089f133c10de6ce319f9e28c0692 (master)
 	NOTE: https://github.com/kamailio/kamailio/commit/d67b2f9874ca23bd69f18df71b8f53b1b6151f6d (5.1)
 	NOTE: https://github.com/kamailio/kamailio/commit/f07dabffef98c7088cdbc2bd695a4ae7a241b159 (5.0)
-CVE-2018-16658 (An issue was discovered in the Linux kernel before 4.18.6. An ...)
+CVE-2018-16658
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 (4.19-rc2)
 CVE-2018-16656
 	RESERVED
-CVE-2018-16655 (Gxlcms 1.0 has XSS via the PATH_INFO to ...)
+CVE-2018-16655
 	NOT-FOR-US: Gxlcms
-CVE-2018-16654 (Zurmo 3.2.4 Stable allows XSS via ...)
+CVE-2018-16654
 	NOT-FOR-US: Zurmo
-CVE-2018-16653 (rejucms 2.1 has XSS via the ucenter/cms_user_add.php u_name parameter. ...)
+CVE-2018-16653
 	NOT-FOR-US: rejucms
 CVE-2018-16652
 	RESERVED
-CVE-2018-16651 (The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in ...)
+CVE-2018-16651
 	NOT-FOR-US: phpMyFAQ
-CVE-2018-16650 (phpMyFAQ before 2.9.11 allows CSRF. ...)
+CVE-2018-16650
 	NOT-FOR-US: phpMyFAQ
 CVE-2018-16649
 	RESERVED
-CVE-2018-16648 (In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c ...)
+CVE-2018-16648
 	- mupdf 1.14.0+ds1-4 (bug #924351)
 	[jessie] - mupdf <ignored> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699685
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?38f883fe129a5e89306252a4676eaaf4bc968824
-CVE-2018-16647 (In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in ...)
+CVE-2018-16647
 	- mupdf 1.14.0+ds1-4 (bug #924351)
 	[jessie] - mupdf <ignored> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699686
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?351c99d8ce23bbf7099dbd52771a095f67e45a2c
-CVE-2018-16646 (In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause ...)
+CVE-2018-16646
 	{DLA-1562-3 DLA-1562-2 DLA-1562-1}
 	- poppler <unfixed> (low; bug #909802)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -11195,12 +11187,12 @@ CVE-2018-16646 (In Poppler 0.68.0, the Parser::getObj() function in Parser.cc ma
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/3d35d209c19c1d3b09b794a0c863ba5de44a9c0a
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/89fccf45fc5bfca3756102e6bec1950ec1d436a9 (regression fix)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/08572e1bdca03baed694dd9828bb2b878865e669 (regression fix)
-CVE-2018-16645 (There is an excessive memory allocation issue in the functions ...)
+CVE-2018-16645
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910889)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1268
-CVE-2018-16644 (There is a missing check for length in the functions ReadDCMImage of ...)
+CVE-2018-16644
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910888)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7
@@ -11208,53 +11200,53 @@ CVE-2018-16644 (There is a missing check for length in the functions ReadDCMImag
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/00ef0f1bbf9eb1efdf0f38f51c72ecb26cc9a306
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/01ca29604515fa4ddf3180870827df5c8ec93ada
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1269
-CVE-2018-16643 (The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in ...)
+CVE-2018-16643
 	{DLA-1530-1}
 	- imagemagick 8:6.9.10.8+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/11d9dac3d991c62289d1ef7a097670166480e76c
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1199
-CVE-2018-16642 (The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows ...)
+CVE-2018-16642
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.2+dfsg-2
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/97bb5dc5aad1584557057d5062601aa151bf9a13
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1162
-CVE-2018-16641 (ImageMagick 7.0.8-6 has a memory leak vulnerability in the ...)
+CVE-2018-16641
 	- imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/256825d4eb33dc301496710d15cf5a7ae924088b
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1206
-CVE-2018-16640 (ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ...)
+CVE-2018-16640
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/76efa969342568841ecf320b5a041685a6d24e0b
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3449a06f0122d4d9e68b4739417a3eaad0b24265
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1201
 CVE-2018-16639
 	RESERVED
-CVE-2018-16638 (Evolution CMS 1.4.x allows XSS via the manager/ search parameter. ...)
+CVE-2018-16638
 	NOT-FOR-US: Evolution CMS
-CVE-2018-16637 (Evolution CMS 1.4.x allows XSS via the page weblink title parameter to ...)
+CVE-2018-16637
 	NOT-FOR-US: Evolution CMS
-CVE-2018-16636 (Nucleus CMS 3.70 allows HTML Injection via the index.php body ...)
+CVE-2018-16636
 	NOT-FOR-US: Nucleus CMS
-CVE-2018-16635 (Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page ...)
+CVE-2018-16635
 	NOT-FOR-US: Blackcat CMS
-CVE-2018-16634 (Pluck v4.7.7 allows CSRF via admin.php?action=settings. ...)
+CVE-2018-16634
 	NOT-FOR-US: Pluck CMS
-CVE-2018-16633 (Pluck v4.7.7 allows XSS via the admin.php?action=editpage&amp;page= page ...)
+CVE-2018-16633
 	NOT-FOR-US: Pluck CMS
-CVE-2018-16632 (Mezzanine CMS v4.3.1 allows XSS via the ...)
+CVE-2018-16632
 	NOT-FOR-US: Mezzanine CMS
-CVE-2018-16631 (Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ ...)
+CVE-2018-16631
 	NOT-FOR-US: Subrion CMS
-CVE-2018-16630 (Kirby v2.5.12 allows XSS by using the &quot;site files&quot; Add option to ...)
+CVE-2018-16630
 	NOT-FOR-US: Kirby
-CVE-2018-16629 (panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG ...)
+CVE-2018-16629
 	NOT-FOR-US: Subrion CMS
-CVE-2018-16628 (panel/login in Kirby v2.5.12 allows XSS via a blog name. ...)
+CVE-2018-16628
 	NOT-FOR-US: Kirby
-CVE-2018-16627 (panel/login in Kirby v2.5.12 allows Host header injection via the ...)
+CVE-2018-16627
 	NOT-FOR-US: Kirby
 CVE-2018-16626
 	RESERVED
@@ -11264,20 +11256,20 @@ CVE-2018-16624
 	RESERVED
 CVE-2018-16623
 	RESERVED
-CVE-2018-16622 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2018-16622
 	NOT-FOR-US: DoraCMS
-CVE-2018-16621 (Sonatype Nexus Repository Manager before 3.14 allows Java Expression ...)
+CVE-2018-16621
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-16620 (Sonatype Nexus Repository Manager before 3.14 has Incorrect Access ...)
+CVE-2018-16620
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-16619 (Sonatype Nexus Repository Manager before 3.14 allows XSS. ...)
+CVE-2018-16619
 	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16618
 	RESERVED
-CVE-2018-1000670 (KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x ...)
+CVE-2018-1000670
 	- koha <itp> (bug #702134)
 	NOTE: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086
-CVE-2018-1000669 (KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x ...)
+CVE-2018-1000669
 	- koha <itp> (bug #702134)
 	NOTE: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19117
 CVE-2018-16617
@@ -11298,34 +11290,34 @@ CVE-2018-16610
 	RESERVED
 CVE-2018-16609
 	RESERVED
-CVE-2018-16608 (In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change ...)
+CVE-2018-16608
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16607 (Cross-site scripting (XSS) vulnerability in the Orgs Page in ...)
+CVE-2018-16607
 	NOT-FOR-US: Orgs Page in Open-AudIT Professional
-CVE-2018-16606 (In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) ...)
+CVE-2018-16606
 	NOT-FOR-US: ProConf
-CVE-2018-16605 (D-Link DIR-600M devices allow XSS via the Hostname and Username fields ...)
+CVE-2018-16605
 	NOT-FOR-US: D-Link DIR-600M devices
-CVE-2018-16604 (An issue was discovered in Nibbleblog v4.0.5. With an admin's username ...)
+CVE-2018-16604
 	NOT-FOR-US: Nibbleblog
-CVE-2018-16603 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
+CVE-2018-16603
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16602 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
+CVE-2018-16602
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16601 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
+CVE-2018-16601
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16600 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
+CVE-2018-16600
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16599 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
+CVE-2018-16599
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16598 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
+CVE-2018-16598
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16597 (An issue was discovered in the Linux kernel through 4.18.6. Incorrect ...)
+CVE-2018-16597
 	- linux 4.8.5-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1106512
 	NOTE: https://git.kernel.org/linus/c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862
-CVE-2018-16596 (A stack-based buffer overflow in the LAN UPnP service running on UDP ...)
+CVE-2018-16596
 	NOT-FOR-US: Swisscom
 CVE-2018-16595
 	RESERVED
@@ -11335,24 +11327,24 @@ CVE-2018-16593
 	RESERVED
 CVE-2018-16592
 	RESERVED
-CVE-2018-16591 (FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change ...)
+CVE-2018-16591
 	NOT-FOR-US: FURUNO FELCOM 250 and 500 devices
-CVE-2018-16590 (FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in ...)
+CVE-2018-16590
 	NOT-FOR-US: FURUNO FELCOM
 CVE-2018-16589
 	RESERVED
-CVE-2018-16588 (Privilege escalation can occur in the SUSE useradd.c code in useradd, ...)
+CVE-2018-16588
 	- shadow <not-affected> (SuSE-specific patch)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1106914
 	NOTE: The SUSE specific patch was a first iteration of https://github.com/shadow-maint/shadow/pull/2
-CVE-2018-16587 (In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before ...)
+CVE-2018-16587
 	{DSA-4317-1 DLA-1521-1}
 	- otrs2 6.0.11-1
 	NOTE: https://community.otrs.com/security-advisory-2018-04-security-update-for-otrs-framework/
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/a4a1a01f84fac7ab032570ee50b660e2ebb15c01
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d9db0c6a15caafda7689320ecf61777993c33711
 	NOTE: OTRS 4: https://github.com/OTRS/otrs/commit/d8cae00b0f78c2a07bb10cedb817304139395843
-CVE-2018-16586 (In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before ...)
+CVE-2018-16586
 	{DSA-4317-1 DLA-1521-1}
 	- otrs2 6.0.11-1
 	NOTE: https://community.otrs.com/security-advisory-2018-05-security-update-for-otrs-framework/
@@ -11413,66 +11405,66 @@ CVE-2018-16559
 	RESERVED
 CVE-2018-16558
 	RESERVED
-CVE-2018-16557 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and ...)
+CVE-2018-16557
 	NOT-FOR-US: Siemens
-CVE-2018-16556 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and ...)
+CVE-2018-16556
 	NOT-FOR-US: Siemens
-CVE-2018-16555 (A vulnerability has been identified in SCALANCE S602 (All versions &lt; ...)
+CVE-2018-16555
 	NOT-FOR-US: Siemens
-CVE-2018-1000801 (okular version 18.08 and earlier contains a Directory Traversal ...)
+CVE-2018-1000801
 	{DSA-4303-1 DLA-1516-1}
 	- okular 4:17.12.2-2.1 (bug #908168)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=398096
 	NOTE: https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47
-CVE-2018-1000800 (zephyr-rtos version 1.12.0 contains a NULL base pointer reference ...)
+CVE-2018-1000800
 	NOT-FOR-US: zephyr-rtos
-CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...)
+CVE-2018-1000773
 	- wordpress <undetermined>
 CVE-2018-1000673
 	REJECTED
-CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL Redirection to ...)
+CVE-2018-1000671
 	{DLA-1512-1}
 	- sympa 6.2.36~dfsg-1 (bug #908165)
 	[stretch] - sympa <no-dsa> (Minor issue)
 	NOTE: https://github.com/sympa-community/sympa/issues/268
 	NOTE: https://github.com/sympa-community/sympa/commit/c6ce32a6c203070702eac45a4442a17d2bf7b0c1
 	NOTE: https://github.com/sympa-community/sympa/commit/03314a9baf7f7903283253829877afd0ae50e325
-CVE-2018-1000668 (jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read ...)
+CVE-2018-1000668
 	NOT-FOR-US: jsish
-CVE-2018-1000667 (NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains ...)
+CVE-2018-1000667
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392507
 	NOTE: https://github.com/netwide-assembler/nasm/commit/c713b5f994cf7b29164c3b6838b91f0499591434
 	NOTE: https://github.com/cyrillos/nasm/issues/3
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-1000666 (GIG Technology NV JumpScale Portal 7 version before commit ...)
+CVE-2018-1000666
 	NOT-FOR-US: GIG Technology NV JumpScale Portal
-CVE-2018-1000665 (Dojo Dojo Objective Harness (DOH) version prior to version 1.14 ...)
+CVE-2018-1000665
 	- dojo 1.14.1+dfsg1-1 (unimportant)
 	NOTE: https://github.com/dojo/dojo/pull/307
-CVE-2018-1000664 (daneren2005 DSub for Subsonic (Android client) version 5.4.1 contains ...)
+CVE-2018-1000664
 	NOT-FOR-US: daneren2005 DSub for Subsonic
-CVE-2018-1000663 (jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in ...)
+CVE-2018-1000663
 	NOT-FOR-US: jsish
-CVE-2018-1000661 (jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference ...)
+CVE-2018-1000661
 	NOT-FOR-US: jsish
-CVE-2018-1000660 (TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. ...)
+CVE-2018-1000660
 	NOT-FOR-US: TOCK
-CVE-2018-1000659 (LimeSurvey version 3.14.4 and earlier contains a directory traversal ...)
+CVE-2018-1000659
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000658 (LimeSurvey version prior to 3.14.4 contains a file upload ...)
+CVE-2018-1000658
 	- limesurvey <itp> (bug #472802)
 CVE-2018-16553
 	RESERVED
-CVE-2018-16552 (MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, ...)
+CVE-2018-16552
 	NOT-FOR-US: MicroPyramid Django-CRM
-CVE-2018-16551 (LavaLite 5.5 has XSS via a /edit URI, as demonstrated by ...)
+CVE-2018-16551
 	NOT-FOR-US: LavaLite
-CVE-2018-16550 (TeamViewer 10.x through 13.x allows remote attackers to bypass the ...)
+CVE-2018-16550
 	NOT-FOR-US: TeamViewer
-CVE-2018-16549 (HScripts PHP File Browser Script v1.0 allows Directory Traversal via ...)
+CVE-2018-16549
 	NOT-FOR-US: HScripts PHP File Browser Script
-CVE-2018-16548 (An issue was discovered in ZZIPlib through 0.13.69. There is a memory ...)
+CVE-2018-16548
 	- zziplib 0.13.62-3.2 (low; bug #910335)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <ignored> (Minor issue)
@@ -11482,9 +11474,9 @@ CVE-2018-16548 (An issue was discovered in ZZIPlib through 0.13.69. There is a m
 	NOTE: https://github.com/gdraheim/zziplib/commit/0e1dadb05c1473b9df2d7b8f298dab801778ef99
 CVE-2018-16547
 	RESERVED
-CVE-2018-16546 (Amcrest networked devices use the same hardcoded SSL private key across ...)
+CVE-2018-16546
 	NOT-FOR-US: Amcrest
-CVE-2018-16545 (Kaizen Asset Manager (Enterprise Edition) and Training Manager ...)
+CVE-2018-16545
 	NOT-FOR-US: Kaizen Asset Manager
 CVE-2018-16544
 	RESERVED
@@ -11508,47 +11500,47 @@ CVE-2018-16530
 	RESERVED
 CVE-2018-16529
 	RESERVED
-CVE-2018-16528 (Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote ...)
+CVE-2018-16528
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16527 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
+CVE-2018-16527
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16526 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
+CVE-2018-16526
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16525 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
+CVE-2018-16525
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16524 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
+CVE-2018-16524
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16523 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
+CVE-2018-16523
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16522 (Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized ...)
+CVE-2018-16522
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16521 (An XML External Entity (XXE) vulnerability exists in HTML Form Entry ...)
+CVE-2018-16521
 	NOT-FOR-US: OpenMRS
 CVE-2018-16520
 	RESERVED
 CVE-2018-16519
-	RESERVED
-CVE-2018-16518 (A directory traversal vulnerability with remote code execution in ...)
+	TODO: check
+CVE-2018-16518
 	NOT-FOR-US: Prim'X Zed! FREE
-CVE-2018-16517 (asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer ...)
+CVE-2018-16517
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392513
 	NOTE: https://fakhrizulkifli.github.io/CVE-2018-16517.html
 	NOTE: https://github.com/netwide-assembler/nasm/commit/e996d28c70d45008085322b442b44a9224308548
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-16516 (helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL. ...)
+CVE-2018-16516
 	- python-flask-admin <itp> (bug #765509)
 CVE-2018-16514
 	RESERVED
-CVE-2018-17088 (The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may ...)
+CVE-2018-17088
 	- jhead 1:3.00-8 (bug #907925)
 	[stretch] - jhead 1:3.00-4+deb9u1
 	[jessie] - jhead <no-dsa> (Minor issue)
-CVE-2018-16554 (The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may ...)
+CVE-2018-16554
 	- jhead 1:3.00-8 (bug #908176)
 	[stretch] - jhead 1:3.00-4+deb9u1
 	[jessie] - jhead <no-dsa> (Minor issue)
-CVE-2018-16515 (Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events ...)
+CVE-2018-16515
 	- matrix-synapse 0.33.3.1-1 (bug #908044)
 	NOTE: https://matrix.org/blog/2018/09/05/pre-disclosure-upcoming-critical-security-fix-for-synapse/
 	NOTE: https://matrix.org/blog/2018/09/06/critical-security-update-synapse-0-33-3-1/
@@ -11585,134 +11577,134 @@ CVE-2018-16495
 	RESERVED
 CVE-2018-16494
 	RESERVED
-CVE-2018-16493 (A path traversal vulnerability was found in module ...)
+CVE-2018-16493
 	NOT-FOR-US: node static-resource-server
-CVE-2018-16492 (A prototype pollution vulnerability was found in module extend &lt;2.0.2, ...)
+CVE-2018-16492
 	- node-extend 3.0.2-1 (unimportant)
 	NOTE: https://snyk.io/vuln/npm:extend:20180424
 	NOTE: https://github.com/justmoon/node-extend/commit/0e68e71d93507fcc391e398bc84abd0666b28190
 	NOTE: https://github.com/justmoon/node-extend/pull/48
 	NOTE: nodejs not covered by security support
-CVE-2018-16491 (A prototype pollution vulnerability was found in node.extend &lt;1.1.7, ...)
+CVE-2018-16491
 	- node-extend 3.0.2-1 (unimportant)
 	NOTE: https://hackerone.com/reports/430831
 	NOTE: nodejs not covered by security support
-CVE-2018-16490 (A prototype pollution vulnerability was found in module mpath &lt;0.5.1 ...)
+CVE-2018-16490
 	NOT-FOR-US: node mpath
-CVE-2018-16489 (A prototype pollution vulnerability was found in just-extend &lt;4.0.0 ...)
+CVE-2018-16489
 	NOT-FOR-US: node just-extend
 CVE-2018-16488
 	RESERVED
-CVE-2018-16487 (A prototype pollution vulnerability was found in lodash &lt;4.17.11 where ...)
+CVE-2018-16487
 	- node-lodash 4.17.11+dfsg-1 (unimportant)
 	NOTE: https://hackerone.com/reports/380873
 	NOTE: nodejs not covered by security support
-CVE-2018-16486 (A prototype pollution vulnerability was found in defaults-deep &lt;=0.2.4 ...)
+CVE-2018-16486
 	NOT-FOR-US: node defaults-deep
-CVE-2018-16485 (Path Traversal vulnerability in module m-server &lt;1.4.1 allows ...)
+CVE-2018-16485
 	NOT-FOR-US: node m-server
-CVE-2018-16484 (A XSS vulnerability was found in module m-server &lt;1.4.2 that allows ...)
+CVE-2018-16484
 	NOT-FOR-US: node m-server
-CVE-2018-16483 (A deficiency in the access control in module express-cart &lt;=1.1.5 ...)
+CVE-2018-16483
 	NOT-FOR-US: node express-cart
-CVE-2018-16482 (A server directory traversal vulnerability was found on node module ...)
+CVE-2018-16482
 	NOT-FOR-US: node mcstatic
-CVE-2018-16481 (A XSS vulnerability was found in html-page &lt;=2.1.1 that allows ...)
+CVE-2018-16481
 	NOT-FOR-US: node html-page
-CVE-2018-16480 (A XSS vulnerability was found in module public &lt;0.1.4 that allows ...)
+CVE-2018-16480
 	NOT-FOR-US: node public
-CVE-2018-16479 (Path traversal vulnerability in http-live-simulator &lt;1.0.7 causes ...)
+CVE-2018-16479
 	NOT-FOR-US: node http-live-simulator
-CVE-2018-16478 (A Path Traversal in simplehttpserver versions &lt;=0.2.1 allows to list ...)
+CVE-2018-16478
 	NOT-FOR-US: simplehttpserver
-CVE-2018-16477 (A bypass vulnerability in Active Storage &gt;= 5.2.0 for Google Cloud ...)
+CVE-2018-16477
 	- rails 2:5.2.2+dfsg-1 (bug #914848)
 	[stretch] - rails <not-affected> (Only affects >= 5.2.0; vulnerable code not present)
 	[jessie] - rails <not-affected> (Only affects >= 5.2.0; vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/27/5
 	NOTE: Originally no version was affected until 2:5.2.0+dfsg-2 was uploaded to unstable.
-CVE-2018-16476 (A Broken Access Control vulnerability in Active Job versions &gt;= 4.2.0 ...)
+CVE-2018-16476
 	- rails 2:5.2.2+dfsg-1 (bug #914847)
 	[jessie] - rails <not-affected> (only affects >= 4.2.0)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/27/4
-CVE-2018-16475 (A Path Traversal in Knightjs versions &lt;= 0.0.1 allows an attacker to ...)
+CVE-2018-16475
 	NOT-FOR-US: Knightjs
-CVE-2018-16474 (A stored xss in tianma-static module versions &lt;=1.0.4 allows an ...)
+CVE-2018-16474
 	NOT-FOR-US: tianma-static
-CVE-2018-16473 (A path traversal in takeapeek module versions &lt;=0.2.2 allows an ...)
+CVE-2018-16473
 	NOT-FOR-US: takeapeek
-CVE-2018-16472 (A prototype pollution attack in cached-path-relative versions &lt;=1.0.1 ...)
+CVE-2018-16472
 	NOT-FOR-US: cached-path-relative
-CVE-2018-16471 (There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. ...)
+CVE-2018-16471
 	{DLA-1585-1}
 	- ruby-rack 1.6.4-6 (bug #913005)
 	[stretch] - ruby-rack 1.6.4-4+deb9u1
 	NOTE: Fixed by: https://github.com/rack/rack/commit/e5d58031b766e49687157b45edab1b8457d972bd (master)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/313dd6a05a5924ed6c82072299c53fed09e39ae7 (2.0.6)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/97ca63d87d88b4088fb1995b14103d4fe6a5e594 (1.6.11)
-CVE-2018-16470 (There is a possible DoS vulnerability in the multipart parser in Rack ...)
+CVE-2018-16470
 	[experimental] - ruby-rack 2.0.6-1 (bug #913003)
 	- ruby-rack <not-affected> (Only affects >= 2.0.4)
 	NOTE: Introduced by: https://github.com/rack/rack/commit/c43217a81917de03aa6ceb1aa485ae69b8bb4598 (2.0.4)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/37c1160b2360074d20858792f23a7eb3afeabebd (2.0.6)
-CVE-2018-16469 (The merge.recursive function in the merge package &lt;1.2.1 can be ...)
+CVE-2018-16469
 	NOT-FOR-US: merge package v
-CVE-2018-16468 (In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may ...)
+CVE-2018-16468
 	{DSA-4364-1}
 	- ruby-loofah 2.2.3-1 (bug #912398)
 	NOTE: https://github.com/flavorjones/loofah/issues/154
 	NOTE: https://github.com/flavorjones/loofah/commit/71e4b5434fbcb2ad87643f0c9fecfc3a847943c4 (v2.2.3)
-CVE-2018-16467 (A missing check in Nextcloud Server prior to 14.0.0 could give ...)
+CVE-2018-16467
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16466 (Improper revalidation of permissions in Nextcloud Server prior to ...)
+CVE-2018-16466
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16465 (Missing state in Nextcloud Server prior to 14.0.0 would not enforce ...)
+CVE-2018-16465
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16464 (A missing access check in Nextcloud Server prior to 14.0.0 could lead ...)
+CVE-2018-16464
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16463 (A bug causing session fixation in Nextcloud Server prior to 14.0.0, ...)
+CVE-2018-16463
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16462 (A command injection vulnerability in the apex-publish-static-files npm ...)
+CVE-2018-16462
 	NOT-FOR-US: apex-publish-static-files npm
-CVE-2018-16461 (A command injection vulnerability in libnmapp package for versions ...)
+CVE-2018-16461
 	NOT-FOR-US: libnmapp
-CVE-2018-16460 (A command Injection in ps package versions &lt;1.0.0 for Node.js allowed ...)
+CVE-2018-16460
 	NOT-FOR-US: ps node module
-CVE-2018-16459 (An unescaped payload in exceljs &lt;v1.6 allows a possible XSS via cell ...)
+CVE-2018-16459
 	NOT-FOR-US: exceljs
 CVE-2018-1000672
 	REJECTED
 CVE-2018-1000662
 	REJECTED
-CVE-2018-16458 (An issue was discovered in baigo CMS v2.1.1. There is an ...)
+CVE-2018-16458
 	NOT-FOR-US: baigo CMS
-CVE-2018-16457 (PHP Scripts Mall Open Source Real-estate Script 3.6.2 allows remote ...)
+CVE-2018-16457
 	NOT-FOR-US: PHP Scripts Mall Open Source Real-estate Script
-CVE-2018-16456 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a keyword. ...)
+CVE-2018-16456
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-16455 (PHP Scripts Mall Market Place Script 1.0.1 allows XSS via a keyword. ...)
+CVE-2018-16455
 	NOT-FOR-US: PHP Scripts Mall Market Place Script
-CVE-2018-16454 (PHP Scripts Mall Currency Converter Script 2.0.5 allows remote attackers to cause a denial of service (web-interface change) via an inverted comma. ...)
+CVE-2018-16454
 	NOT-FOR-US: PHP Scripts Mall Olx Clone
-CVE-2018-16453 (PHP Scripts Mall Domain Lookup Script 3.0.5 allows XSS in the search ...)
+CVE-2018-16453
 	NOT-FOR-US: PHP Scripts Mall Domain Lookup Script
 CVE-2018-16452
 	RESERVED
 CVE-2018-16451
 	RESERVED
-CVE-2018-16450 (CraftedWeb through 2013-09-24 has reflected XSS via the p parameter. ...)
+CVE-2018-16450
 	NOT-FOR-US: CraftedWeb
-CVE-2018-16449 (OneThink 1.1.141212 allows CSRF for adding a page via ...)
+CVE-2018-16449
 	NOT-FOR-US: OneThink
-CVE-2018-16448 (Cscms 4 allows CSRF for creating a member via ...)
+CVE-2018-16448
 	NOT-FOR-US: Cscms
-CVE-2018-16447 (Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. ...)
+CVE-2018-16447
 	NOT-FOR-US: Frog CMS
-CVE-2018-16446 (An issue was discovered in SeaCMS through 6.61. ...)
+CVE-2018-16446
 	NOT-FOR-US: SeaCMS
-CVE-2018-16445 (An issue was discovered in SeaCMS through 6.61. SQL injection exists ...)
+CVE-2018-16445
 	NOT-FOR-US: SeaCMS
-CVE-2018-16444 (An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF ...)
+CVE-2018-16444
 	NOT-FOR-US: SeaCMS
 CVE-2018-16443
 	RESERVED
@@ -11724,14 +11716,14 @@ CVE-2018-16440
 	RESERVED
 CVE-2018-16439
 	RESERVED
-CVE-2018-16438 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an out ...)
+CVE-2018-16438
 	- hdf5 <undetermined>
 	NOTE: H5L_extern_query@H5Lexternal.c:498-10___out-of-bounds-read
-CVE-2018-16437 (Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable ...)
+CVE-2018-16437
 	NOT-FOR-US: Gxlcms
-CVE-2018-16436 (Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an ...)
+CVE-2018-16436
 	NOT-FOR-US: Gxlcms
-CVE-2018-16435 (Little CMS (aka Little Color Management System) 2.9 has an integer ...)
+CVE-2018-16435
 	{DSA-4289-1 DSA-4284-1 DLA-1496-1}
 	- lcms2 2.9-3 (bug #907983)
 	- lcms <removed>
@@ -11743,82 +11735,82 @@ CVE-2018-16434
 	RESERVED
 CVE-2018-16433
 	RESERVED
-CVE-2018-16432 (BlueCMS 1.6 allows SQL Injection via the user_name parameter to ...)
+CVE-2018-16432
 	NOT-FOR-US: BlueCMS
-CVE-2018-16431 (admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an ...)
+CVE-2018-16431
 	NOT-FOR-US: YFCMF
-CVE-2018-16430 (GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in ...)
+CVE-2018-16430
 	{DSA-4290-1 DLA-1501-1}
 	- libextractor 1:1.7-1 (bug #907987)
 	NOTE: https://gnunet.org/bugs/view.php?id=5405
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7
-CVE-2018-16429 (GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in ...)
+CVE-2018-16429
 	- glib2.0 2.58.0-1 (low)
 	[stretch] - glib2.0 <no-dsa> (Minor issue)
 	[jessie] - glib2.0 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1361
-CVE-2018-16428 (In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c ...)
+CVE-2018-16428
 	- glib2.0 2.58.0-1 (low)
 	[stretch] - glib2.0 <no-dsa> (Minor issue)
 	[jessie] - glib2.0 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1364
-CVE-2018-16427 (Various out of bounds reads when handling responses in OpenSC before ...)
+CVE-2018-16427
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/pull/1447/commits/8fe377e93b4b56060e5bbfb6f3142ceaeca744fa
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16426 (Endless recursion when handling responses from an IAS-ECC card in ...)
+CVE-2018-16426
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/03628449b75a93787eb2359412a3980365dda49b#diff-f8c0128e14031ed9307d47f10f601b54
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16425 (A double free when handling responses from an HSM Card in ...)
+CVE-2018-16425
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-d643a0fa169471dbf2912f4866dc49c5
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16424 (A double free when handling responses in read_file in tools/egk-tool.c ...)
+CVE-2018-16424
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-476b3b2a03c4eef331b4b0bfece4b063
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16423 (A double free when handling responses from a smartcard in ...)
+CVE-2018-16423
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-db0cd89ff279ad8c7b3bb780cdf2770a
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16422 (A single byte buffer overflow when handling responses from an esteid ...)
+CVE-2018-16422
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-d64c08c80437cf0006ada91e50f20ba0
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16421 (Several buffer overflows when handling responses from a CAC Card in ...)
+CVE-2018-16421
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-848b13147a344ba2c6361d91ca77feb1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16420 (Several buffer overflows when handling responses from an ePass 2003 ...)
+CVE-2018-16420
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-b36536074d13447fbbec061e0e64d15d
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16419 (Several buffer overflows when handling responses from a Cryptoflex card ...)
+CVE-2018-16419
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-a6074523a9cbd875e26c58e20868fb15
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16418 (A buffer overflow when handling string concatenation in util_acl_to_str ...)
+CVE-2018-16418
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
@@ -11826,20 +11818,20 @@ CVE-2018-16418 (A buffer overflow when handling string concatenation in util_acl
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16417
 	RESERVED
-CVE-2018-16416 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2018-16416
 	NOT-FOR-US: FUEL CMS
 CVE-2018-16415
 	RESERVED
 CVE-2018-16414
 	RESERVED
-CVE-2018-16413 (ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the ...)
+CVE-2018-16413
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910887)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1249
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1251
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/17a1a6f97fd088a71931bdc422f4e96bb6ffc549
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4745eb1047617330141e9abfd5ae01236a71ae12
-CVE-2018-16412 (ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the ...)
+CVE-2018-16412
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910887)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1250
@@ -11849,27 +11841,27 @@ CVE-2018-16412 (ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in th
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4745eb1047617330141e9abfd5ae01236a71ae12
 CVE-2018-16411
 	RESERVED
-CVE-2018-16410 (Vanilla before 2.6.1 allows SQL injection via an invitationID array to ...)
+CVE-2018-16410
 	NOT-FOR-US: Vanilla
-CVE-2018-16409 (In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET ...)
+CVE-2018-16409
 	NOT-FOR-US: Go Git Service
-CVE-2018-16408 (D-Link DIR-846 devices with firmware 100.26 allow remote attackers to ...)
+CVE-2018-16408
 	NOT-FOR-US: D-Link DIR-846 devices
-CVE-2018-16407 (An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has ...)
+CVE-2018-16407
 	- mayan-edms <itp> (bug #718580)
-CVE-2018-16406 (An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app ...)
+CVE-2018-16406
 	- mayan-edms <itp> (bug #718580)
-CVE-2018-16405 (An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app ...)
+CVE-2018-16405
 	- mayan-edms <itp> (bug #718580)
 CVE-2018-16404
 	RESERVED
-CVE-2018-16403 (libdw in elfutils 0.173 checks the end of the attributes list ...)
+CVE-2018-16403
 	- elfutils 0.175-1 (low)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23529
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=6983e59b727458a6c64d9659c85f08218bc4fcda
-CVE-2018-16402 (libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a ...)
+CVE-2018-16402
 	- elfutils 0.175-1 (low)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	[jessie] - elfutils <not-affected> (vulnerable code introduced later)
@@ -11881,18 +11873,18 @@ CVE-2018-16400
 	RESERVED
 CVE-2018-16399
 	RESERVED
-CVE-2018-16398 (In Twistlock AuthZ Broker 0.1, regular expressions are mishandled, as ...)
+CVE-2018-16398
 	NOT-FOR-US: Twistlock AuthZ Broker
-CVE-2018-16397 (In LimeSurvey before 3.14.7, an admin user can leverage a &quot;file upload&quot; ...)
+CVE-2018-16397
 	- limesurvey <itp> (bug #472802)
-CVE-2018-16396 (An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, ...)
+CVE-2018-16396
 	{DSA-4332-1 DLA-1558-1}
 	- ruby2.5 2.5.3-1 (bug #911920)
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
 	NOTE: https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/
 	NOTE: https://github.com/ruby/ruby/commit/a2958f6743664006d21fc0bafd4ca6214df1d429
-CVE-2018-16395 (An issue was discovered in the OpenSSL library in Ruby before 2.3.8, ...)
+CVE-2018-16395
 	{DSA-4332-1 DLA-1558-1}
 	- ruby-openssl <unfixed> (bug #911918)
 	- ruby2.5 2.5.3-1 (bug #911919)
@@ -11902,19 +11894,19 @@ CVE-2018-16395 (An issue was discovered in the OpenSSL library in Ruby before 2.
 	NOTE: https://github.com/ruby/openssl/commit/f653cfa43f0f20e8c440122ea982382b6228e7f5
 CVE-2018-16394
 	RESERVED
-CVE-2018-16393 (Several buffer overflows when handling responses from a Gemsafe V1 ...)
+CVE-2018-16393
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16392 (Several buffer overflows when handling responses from a TCOS Card in ...)
+CVE-2018-16392
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-b2a356323a9ff2024d041cf2d7e89dd3
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16391 (Several buffer overflows when handling responses from a Muscle Card in ...)
+CVE-2018-16391
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
@@ -11922,17 +11914,17 @@ CVE-2018-16391 (Several buffer overflows when handling responses from a Muscle C
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16390
 	RESERVED
-CVE-2018-16389 (e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the ...)
+CVE-2018-16389
 	NOT-FOR-US: e107
-CVE-2018-16388 (e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers ...)
+CVE-2018-16388
 	NOT-FOR-US: e107
-CVE-2018-16387 (An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF ...)
+CVE-2018-16387
 	NOT-FOR-US: Elefant CMS
 CVE-2018-16386
 	RESERVED
-CVE-2018-16385 (ThinkPHP before 5.1.23 allows SQL Injection via the ...)
+CVE-2018-16385
 	NOT-FOR-US: ThinkPHP
-CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity ...)
+CVE-2018-16384
 	- modsecurity-crs <unfixed> (low; bug #924352)
 	[buster] - modsecurity-crs <no-dsa> (Minor issue)
 	[stretch] - modsecurity-crs <no-dsa> (Minor issue)
@@ -11940,65 +11932,65 @@ CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecur
 	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1167
 CVE-2018-16383
 	RESERVED
-CVE-2018-16382 (Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in ...)
+CVE-2018-16382
 	- nasm 2.14-1 (unimportant; bug #907866)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392503
 	NOTE: Duplicate of/relate to https://bugzilla.nasm.us/show_bug.cgi?id=3392447
 	NOTE: https://github.com/netwide-assembler/nasm/commit/3c755dac88039b718d52ef56e8f74b5f65f3b55b
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-16381 (e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&amp;action=list ...)
+CVE-2018-16381
 	NOT-FOR-US: e107
-CVE-2018-16380 (An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF ...)
+CVE-2018-16380
 	NOT-FOR-US: Ogma CMS
-CVE-2018-16379 (Ogma CMS 0.4 Beta has XSS via the &quot;Footer Text footer&quot; field on the ...)
+CVE-2018-16379
 	NOT-FOR-US: Ogma CMS
 CVE-2018-16378
 	RESERVED
 CVE-2018-16377
 	RESERVED
-CVE-2018-16376 (An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow ...)
+CVE-2018-16376
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1127
 	NOTE: We build with -DBUILD_MJ2:BOOL=OFF
-CVE-2018-16375 (An issue was discovered in OpenJPEG 2.3.0. Missing checks for ...)
+CVE-2018-16375
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1126
 	NOTE: We build with -DBUILD_JPWL:BOOL=OFF
-CVE-2018-16374 (Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. ...)
+CVE-2018-16374
 	NOT-FOR-US: Frog CMS
-CVE-2018-16373 (Frog CMS 0.9.5 has an Upload vulnerability that can create files via ...)
+CVE-2018-16373
 	NOT-FOR-US: Frog CMS
-CVE-2018-16372 (The issue was discovered in IdeaCMS through 2016-04-30. There is ...)
+CVE-2018-16372
 	NOT-FOR-US: IdeaCMS
-CVE-2018-16371 (PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: ...)
+CVE-2018-16371
 	NOT-FOR-US: PESCMS Team
-CVE-2018-16370 (In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP ...)
+CVE-2018-16370
 	NOT-FOR-US: PESCMS Team
-CVE-2018-16369 (XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ...)
+CVE-2018-16369
 	- xpdf <unfixed> (unimportant)
 	NOTE: Crash in GUI/CLI tool, no security impact
-CVE-2018-16368 (SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ...)
+CVE-2018-16368
 	- xpdf <unfixed> (unimportant)
 	NOTE: Crash in GUI/CLI tool, no security impact
-CVE-2018-16367 (In OnlineJudge 2.0, the sandbox has an incorrect access control ...)
+CVE-2018-16367
 	NOT-FOR-US: OnlineJudge
-CVE-2018-16366 (An issue was discovered in idreamsoft iCMS V7.0.10. ...)
+CVE-2018-16366
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-16365 (An issue was discovered in idreamsoft iCMS V7.0.10. ...)
+CVE-2018-16365
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-16364 (A serialization vulnerability in Zoho ManageEngine Applications ...)
+CVE-2018-16364
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2018-16363 (The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via ...)
+CVE-2018-16363
 	NOT-FOR-US: mndpsingh287 File Manager plugin for WordPress
-CVE-2018-16362 (An issue was discovered in the Source Integration plugin before 1.5.9 ...)
+CVE-2018-16362
 	NOT-FOR-US: Mantis plugin
-CVE-2018-16361 (An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS ...)
+CVE-2018-16361
 	NOT-FOR-US: BTITeam XBTIT
 CVE-2018-16360
 	RESERVED
-CVE-2018-16359 (Google gVisor before 2018-08-23, within the seccomp sandbox, permits ...)
+CVE-2018-16359
 	NOT-FOR-US: gVisor
-CVE-2018-16358 (A cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-16358
 	- dotclear <removed>
 CVE-2018-16357
 	RESERVED
@@ -12006,49 +11998,49 @@ CVE-2018-16356
 	RESERVED
 CVE-2018-16355
 	RESERVED
-CVE-2018-16354 (An issue was discovered in FHCRM through 2018-02-11. There is a SQL ...)
+CVE-2018-16354
 	NOT-FOR-US: FHCRM
-CVE-2018-16353 (An issue was discovered in FHCRM through 2018-02-11. There is a SQL ...)
+CVE-2018-16353
 	NOT-FOR-US: FHCRM
-CVE-2018-16352 (There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via ...)
+CVE-2018-16352
 	NOT-FOR-US: WeaselCMS
 CVE-2018-16351
 	RESERVED
-CVE-2018-16350 (WUZHI CMS 4.1.0 has XSS via the index.php?m=core&amp;f=set&amp;v=basic ...)
+CVE-2018-16350
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-16349 (WUZHI CMS 4.1.0 has XSS via the index.php?m=link&amp;f=index&amp;v=add ...)
+CVE-2018-16349
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-16348 (SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, ...)
+CVE-2018-16348
 	NOT-FOR-US: SeaCMS
-CVE-2018-16347 (An issue was discovered in Gleez CMS v1.2.0. There is XSS via ...)
+CVE-2018-16347
 	NOT-FOR-US: Gleez CMS
-CVE-2018-16346 (ChemCMS 1.0.6 has XSS via the &quot;setting -&gt; website information&quot; field. ...)
+CVE-2018-16346
 	NOT-FOR-US: ChemCMS
-CVE-2018-16345 (An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability ...)
+CVE-2018-16345
 	NOT-FOR-US: EasyCMS
-CVE-2018-16344 (An issue was discovered in zzcms 8.3. It allows remote attackers to ...)
+CVE-2018-16344
 	NOT-FOR-US: zzcms
-CVE-2018-16343 (SeaCMS 6.61 allows remote attackers to execute arbitrary code because ...)
+CVE-2018-16343
 	NOT-FOR-US: SeaCMS
-CVE-2018-16342 (ShowDoc v1.8.0 has XSS via a new page. ...)
+CVE-2018-16342
 	NOT-FOR-US: ShowDoc
 CVE-2018-16341
 	RESERVED
 CVE-2018-16340
 	RESERVED
-CVE-2018-16339 (An issue was discovered in EmpireCMS 7.0. There is a CSRF vulnerability ...)
+CVE-2018-16339
 	NOT-FOR-US: EmpireCMS
-CVE-2018-16338 (An issue was discovered in AuraCMS 2.3. There is a CSRF vulnerability ...)
+CVE-2018-16338
 	NOT-FOR-US: AuraCMS
-CVE-2018-16337 (An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability ...)
+CVE-2018-16337
 	NOT-FOR-US: Cscms
-CVE-2018-16336 (Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote ...)
+CVE-2018-16336
 	{DLA-1551-1}
 	- exiv2 <unfixed> (bug #916081)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/400
 	NOTE: https://github.com/Exiv2/exiv2/commit/35b3e596edacd2437c2c5d3dd2b5c9502626163d
-CVE-2018-16335 (newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c ...)
+CVE-2018-16335
 	{DSA-4349-1}
 	- tiff 4.0.9-5 (bug #907795)
 	[jessie] - tiff 4.0.3-12.3+deb8u6
@@ -12057,17 +12049,17 @@ CVE-2018-16335 (newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirr
 	NOTE: Different issue than CVE-2017-11613 but adressed with same set of commits.
 	NOTE: Upstream fix 1/2: https://gitlab.com/libtiff/libtiff/commit/3719385a3fac5cfb20b487619a5f08abbf967cf8
 	NOTE: Upstream fix 2/2: https://gitlab.com/libtiff/libtiff/commit/7a092f8af2568d61993a8cc2e7a35a998d7d37be
-CVE-2018-16334 (An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 ...)
+CVE-2018-16334
 	NOT-FOR-US: Tenda
-CVE-2018-16333 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 ...)
+CVE-2018-16333
 	NOT-FOR-US: Tenda
-CVE-2018-16332 (An issue was discovered in iCMS 7.0.9. There is an ...)
+CVE-2018-16332
 	NOT-FOR-US: iCMS
-CVE-2018-16331 (admin.php?s=/Admin/doedit in DamiCMS v6.0.0 allows CSRF to change the ...)
+CVE-2018-16331
 	NOT-FOR-US: DamiCMS
-CVE-2018-16330 (Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid ...)
+CVE-2018-16330
 	NOT-FOR-US: Pandao Editor.md
-CVE-2018-16329 (In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the ...)
+CVE-2018-16329
 	- imagemagick <undetermined>
 	[jessie] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1225
@@ -12076,22 +12068,22 @@ CVE-2018-16329 (In ImageMagick before 7.0.8-8, a NULL pointer dereference exists
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/db2a1d6aaff3a83a74b37731405424c95f0c873a
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/2c75f301d9ac84f91071393b02d8c88c8341c91c
 	TODO: check if though missing null checks are present as well in 6.x series
-CVE-2018-16328 (In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the ...)
+CVE-2018-16328
 	- imagemagick 8:6.9.10.8+dfsg-1
 	[stretch] - imagemagick <not-affected> (Vulnerable code introduced later)
 	[jessie] - imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1224
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/107ce8577e818cf4801e5a59641cb769d645cc95
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/68e4f4d22abaf97b61019ea85f74e2f639d0e93e
-CVE-2018-16327 (There is Stored XSS in Subrion 4.2.1 via the admin panel URL ...)
+CVE-2018-16327
 	NOT-FOR-US: Subrion CMS
-CVE-2018-16326 (PHP Scripts Mall Olx Clone 3.4.2 has XSS. ...)
+CVE-2018-16326
 	NOT-FOR-US: PHP Scripts Mall Olx Clone
-CVE-2018-16325 (There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title ...)
+CVE-2018-16325
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-16324 (In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ ...)
+CVE-2018-16324
 	NOT-FOR-US: IceWarp Server
-CVE-2018-16323 (ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data ...)
+CVE-2018-16323
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #907776)
 	[stretch] - imagemagick <not-affected> (Introduced by b8c63b156bf26b52e710b1a0643c846a6cd01e56 which wasn't backported to stretch)
 	[jessie] - imagemagick <not-affected> (Introduced by b8c63b156bf26b52e710b1a0643c846a6cd01e56 which wasn't backported to jessie)
@@ -12101,7 +12093,7 @@ CVE-2018-16322
 	RESERVED
 CVE-2018-16321
 	RESERVED
-CVE-2018-16320 (idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory ...)
+CVE-2018-16320
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-16319
 	RESERVED
@@ -12109,25 +12101,25 @@ CVE-2018-16318
 	RESERVED
 CVE-2018-16317
 	RESERVED
-CVE-2018-16316 (A stored Cross-site scripting (XSS) vulnerability in Portainer through ...)
+CVE-2018-16316
 	NOT-FOR-US: Portainer
-CVE-2018-16315 (In waimai Super Cms 20150505, there is a CSRF vulnerability that can ...)
+CVE-2018-16315
 	NOT-FOR-US: waimai Super Cms
-CVE-2018-16314 (An issue was discovered in admincp.php in idreamsoft iCMS 7.0.11. When ...)
+CVE-2018-16314
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-16313 (Bludit 2.3.4 allows XSS via a user name. ...)
+CVE-2018-16313
 	NOT-FOR-US: Bludit
 CVE-2018-16312
 	RESERVED
 CVE-2018-16311
 	RESERVED
-CVE-2018-16310 (** DISPUTED ** Technicolor TG588V V2 devices allow remote attackers ...)
+CVE-2018-16310
 	NOT-FOR-US: Technicolor
 CVE-2018-16309
 	REJECTED
-CVE-2018-16308 (The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV ...)
+CVE-2018-16308
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-16307 (An &quot;Out-of-band resource load&quot; issue was discovered on Xiaomi MIWiFi ...)
+CVE-2018-16307
 	NOT-FOR-US: Xiaomi
 CVE-2018-16306
 	RESERVED
@@ -12135,63 +12127,63 @@ CVE-2018-16305
 	RESERVED
 CVE-2018-16304
 	RESERVED
-CVE-2018-16303 (PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a ...)
+CVE-2018-16303
 	NOT-FOR-US: PDF-XChange Editor
-CVE-2018-16302 (MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted ...)
+CVE-2018-16302
 	NOT-FOR-US: MediaComm Zip-n-Go
 CVE-2018-16301
 	RESERVED
 CVE-2018-16300
 	RESERVED
-CVE-2018-16299 (The Localize My Post plugin 1.0 for WordPress allows Directory ...)
+CVE-2018-16299
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-16298 (An issue was discovered in MiniCMS 1.10. There is an ...)
+CVE-2018-16298
 	NOT-FOR-US: MiniCMS
-CVE-2018-16297 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-16297
 	NOT-FOR-US: Foxit
-CVE-2018-16296 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-16296
 	NOT-FOR-US: Foxit
-CVE-2018-16295 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-16295
 	NOT-FOR-US: Foxit
-CVE-2018-16294 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-16294
 	NOT-FOR-US: Foxit
-CVE-2018-16293 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-16293
 	NOT-FOR-US: Foxit
-CVE-2018-16292 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-16292
 	NOT-FOR-US: Foxit
-CVE-2018-16291 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-16291
 	NOT-FOR-US: Foxit
 CVE-2018-16290
 	RESERVED
 CVE-2018-16289
 	RESERVED
-CVE-2018-16288 (LG SuperSign CMS allows reading of arbitrary files via ...)
+CVE-2018-16288
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16287 (LG SuperSign CMS allows file upload via ...)
+CVE-2018-16287
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16286 (LG SuperSign CMS allows authentication bypass because the CAPTCHA ...)
+CVE-2018-16286
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16285 (The UserPro plugin through 4.9.23 for WordPress allows XSS via the ...)
+CVE-2018-16285
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-16284
 	RESERVED
-CVE-2018-16283 (The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows ...)
+CVE-2018-16283
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-16282 (A command injection vulnerability in the web server functionality of ...)
+CVE-2018-16282
 	NOT-FOR-US: Moxa
-CVE-2018-16281 (The DEISER &quot;Profields - Project Custom Fields&quot; app before 6.0.2 for ...)
+CVE-2018-16281
 	NOT-FOR-US: DEISER
 CVE-2018-16280
 	RESERVED
 CVE-2018-16279
 	RESERVED
-CVE-2018-16278 (phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an ...)
+CVE-2018-16278
 	NOT-FOR-US: phpkaiyuancms PhpOpenSourceCMS (POSCMS)
-CVE-2018-16277 (The Image Import function in XWiki through 10.7 has XSS. ...)
+CVE-2018-16277
 	NOT-FOR-US: XWiki
-CVE-2018-16275 (OPSWAT MetaDefender before v4.11.2 allows CSV injection. ...)
+CVE-2018-16275
 	NOT-FOR-US: OPSWAT MetaDefender
-CVE-2018-16276 (An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in ...)
+CVE-2018-16276
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.8-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 (4.18-rc5)
@@ -12221,7 +12213,7 @@ CVE-2018-16263
 	RESERVED
 CVE-2018-16262
 	RESERVED
-CVE-2018-16261 (In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, ...)
+CVE-2018-16261
 	NOT-FOR-US: Pulse Secure Pulse Desktop Client
 CVE-2018-16260
 	RESERVED
@@ -12237,9 +12229,9 @@ CVE-2018-16255
 	RESERVED
 CVE-2018-16254
 	RESERVED
-CVE-2018-16253 (In sig_verify() in x509.c in axTLS version 2.1.3 and before, the ...)
+CVE-2018-16253
 	NOT-FOR-US: axTLS
-CVE-2018-16252 (FsPro Labs Event Log Explorer 4.6.1.2115 has &quot;.elx&quot; FileType XML ...)
+CVE-2018-16252
 	NOT-FOR-US: FsPro Labs Event Log Explorer
 CVE-2018-16251
 	RESERVED
@@ -12259,29 +12251,29 @@ CVE-2018-16244
 	RESERVED
 CVE-2018-16243
 	RESERVED
-CVE-2018-16242 (oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which ...)
+CVE-2018-16242
 	NOT-FOR-US: oBike
 CVE-2018-16241
 	RESERVED
 CVE-2018-16240
 	RESERVED
-CVE-2018-16239 (An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() ...)
+CVE-2018-16239
 	NOT-FOR-US: damiCMS
-CVE-2018-16238 (An issue was discovered in damiCMS V6.0.1. Remote code execution can ...)
+CVE-2018-16238
 	NOT-FOR-US: damiCMS
-CVE-2018-16237 (An issue was discovered in damiCMS V6.0.1. There is Directory Traversal ...)
+CVE-2018-16237
 	NOT-FOR-US: damiCMS
-CVE-2018-16236 (cPanel through 74 allows XSS via a crafted filename in the logs ...)
+CVE-2018-16236
 	NOT-FOR-US: cPanel
-CVE-2018-16235 (Telligent Community 6.x, 7.x, 8.x, 9.x, and 10.x up to 10.1.10.11792 ...)
+CVE-2018-16235
 	NOT-FOR-US: Telligent Community
-CVE-2018-16234 (MorningStar WhatWeb 0.4.9 has XSS via JSON report files. ...)
+CVE-2018-16234
 	NOT-FOR-US: MorningStar WhatWeb
-CVE-2018-16233 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter. ...)
+CVE-2018-16233
 	NOT-FOR-US: MiniCMS
-CVE-2018-16232 (An authenticated command injection vulnerability exists in IPFire ...)
+CVE-2018-16232
 	NOT-FOR-US: IPFire
-CVE-2018-16231 (Michael Roth Software Personal FTP Server (PFTP) through 8.4f allows ...)
+CVE-2018-16231
 	NOT-FOR-US: Michael Roth Software Personal FTP Server
 CVE-2018-16230
 	RESERVED
@@ -12291,15 +12283,15 @@ CVE-2018-16228
 	RESERVED
 CVE-2018-16227
 	RESERVED
-CVE-2018-16226 (A vulnerability in the web admin component of Mitel MiVoice Office ...)
+CVE-2018-16226
 	NOT-FOR-US: Mitel
-CVE-2018-16225 (The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network ...)
+CVE-2018-16225
 	NOT-FOR-US: QBee MultiSensor Camera
-CVE-2018-16224 (Incorrect access control for the diagnostic files of the iSmartAlarm ...)
+CVE-2018-16224
 	NOT-FOR-US: iSmartAlarm Cube One
-CVE-2018-16223 (Insecure Cryptographic Storage of credentials in ...)
+CVE-2018-16223
 	NOT-FOR-US: QBee Cam application for Android
-CVE-2018-16222 (Cleartext Storage of credentials in the iSmartAlarmData.xml ...)
+CVE-2018-16222
 	NOT-FOR-US: iSmartAlarm application for Android
 CVE-2018-16221
 	RESERVED
@@ -12323,7 +12315,7 @@ CVE-2018-16212
 	RESERVED
 CVE-2018-16211
 	RESERVED
-CVE-2018-16210 (WAGO 750-881 Ethernet Controller devices, versions 01.09.18(13) and ...)
+CVE-2018-16210
 	NOT-FOR-US: WAGO
 CVE-2018-16209
 	RESERVED
@@ -12331,119 +12323,119 @@ CVE-2018-16208
 	RESERVED
 CVE-2018-16207
 	RESERVED
-CVE-2018-16206 (Cross-site scripting vulnerability in WordPress plugin spam-byebye ...)
+CVE-2018-16206
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-16205 (Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows ...)
+CVE-2018-16205
 	NOT-FOR-US: GROWI
-CVE-2018-16204 (Cross-site scripting vulnerability in Google XML Sitemaps Version ...)
+CVE-2018-16204
 	NOT-FOR-US: WordPress plugin google-sitemap-generator
-CVE-2018-16203 (PgpoolAdmin 4.0 and earlier allows remote attackers to bypass the ...)
+CVE-2018-16203
 	NOT-FOR-US: postgresql-pgpoolAdmin
-CVE-2018-16202 (Directory traversal vulnerability in cordova-plugin-ionic-webview ...)
+CVE-2018-16202
 	NOT-FOR-US: cordova-plugin-ionic-webview
-CVE-2018-16201 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
+CVE-2018-16201
 	NOT-FOR-US: Toshiba
-CVE-2018-16200 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
+CVE-2018-16200
 	NOT-FOR-US: Toshiba
-CVE-2018-16199 (Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A ...)
+CVE-2018-16199
 	NOT-FOR-US: Toshiba
-CVE-2018-16198 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
+CVE-2018-16198
 	NOT-FOR-US: Toshiba
-CVE-2018-16197 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
+CVE-2018-16197
 	NOT-FOR-US: Toshiba
-CVE-2018-16196 (Multiple Yokogawa products that contain Vnet/IP Open Communication ...)
+CVE-2018-16196
 	NOT-FOR-US: Yokogawa
-CVE-2018-16195 (Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 ...)
+CVE-2018-16195
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16194 (Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 ...)
+CVE-2018-16194
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16193 (Cross-site scripting vulnerability in Aterm WF1200CR and Aterm ...)
+CVE-2018-16193
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16192 (Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 ...)
+CVE-2018-16192
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16191 (Open redirect vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, ...)
+CVE-2018-16191
 	NOT-FOR-US: EC-CUBE
-CVE-2018-16190 (Untrusted search path vulnerability in UNARJ32.DLL for Win32, ...)
+CVE-2018-16190
 	NOT-FOR-US: Some Windows installer
-CVE-2018-16189 (Untrusted search path vulnerability in Self-Extracting Archives ...)
+CVE-2018-16189
 	NOT-FOR-US: Some Windows installer
-CVE-2018-16188 (SQL injection vulnerability in the RICOH Interactive Whiteboard D2200 ...)
+CVE-2018-16188
 	NOT-FOR-US: RICOH
-CVE-2018-16187 (The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to ...)
+CVE-2018-16187
 	NOT-FOR-US: RICOH
-CVE-2018-16186 (RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, ...)
+CVE-2018-16186
 	NOT-FOR-US: RICOH
-CVE-2018-16185 (RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, ...)
+CVE-2018-16185
 	NOT-FOR-US: RICOH
-CVE-2018-16184 (RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, ...)
+CVE-2018-16184
 	NOT-FOR-US: RICOH
-CVE-2018-16183 (An unquoted search path vulnerability in some pre-installed ...)
+CVE-2018-16183
 	NOT-FOR-US: Panasonic PC applications
-CVE-2018-16182 (Untrusted search path vulnerability in the installer of MARKET SPEED ...)
+CVE-2018-16182
 	NOT-FOR-US: MARKET SPEED
-CVE-2018-16181 (HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and ...)
+CVE-2018-16181
 	NOT-FOR-US: i-FILTER
-CVE-2018-16180 (Cross-site scripting vulnerability in i-FILTER Ver.9.50R05 and earlier ...)
+CVE-2018-16180
 	NOT-FOR-US: i-FILTER
-CVE-2018-16179 (The Mizuho Direct App for Android version 3.13.0 and earlier does not ...)
+CVE-2018-16179
 	NOT-FOR-US: Mizuho Direct App for Android
-CVE-2018-16178 (Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access ...)
+CVE-2018-16178
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-16177 (Untrusted search path vulnerability in The installer of Windows10 Fall ...)
+CVE-2018-16177
 	NOT-FOR-US: Random Windows installer
-CVE-2018-16176 (Untrusted search path vulnerability in Installer of Mapping Tool ...)
+CVE-2018-16176
 	NOT-FOR-US: Random Windows installer
-CVE-2018-16175 (SQL injection vulnerability in the LearnPress prior to version 3.1.0 ...)
+CVE-2018-16175
 	NOT-FOR-US: LearnPress
-CVE-2018-16174 (Open redirect vulnerability in LearnPress prior to version 3.1.0 ...)
+CVE-2018-16174
 	NOT-FOR-US: LearnPress
-CVE-2018-16173 (Cross-site scripting vulnerability in LearnPress prior to version ...)
+CVE-2018-16173
 	NOT-FOR-US: LearnPress
-CVE-2018-16172 (Improper countermeasure against clickjacking attack in client ...)
+CVE-2018-16172
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16171 (Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to ...)
+CVE-2018-16171
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16170 (Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to ...)
+CVE-2018-16170
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16169 (Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated ...)
+CVE-2018-16169
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16168 (LogonTracer 1.2.0 and earlier allows remote attackers to conduct ...)
+CVE-2018-16168
 	NOT-FOR-US: LogonTracer
-CVE-2018-16167 (LogonTracer 1.2.0 and earlier allows remote attackers to execute ...)
+CVE-2018-16167
 	NOT-FOR-US: LogonTracer
-CVE-2018-16166 (LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML ...)
+CVE-2018-16166
 	NOT-FOR-US: LogonTracer
-CVE-2018-16165 (Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier ...)
+CVE-2018-16165
 	NOT-FOR-US: LogonTracer
-CVE-2018-16164 (Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 ...)
+CVE-2018-16164
 	NOT-FOR-US: Event Calendar WD
-CVE-2018-16163 (OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass ...)
+CVE-2018-16163
 	NOT-FOR-US: OpenDolphin
-CVE-2018-16162 (OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain ...)
+CVE-2018-16162
 	NOT-FOR-US: OpenDolphin
-CVE-2018-16161 (OpenDolphin 2.7.0 and earlier allows authenticated users to gain ...)
+CVE-2018-16161
 	NOT-FOR-US: OpenDolphin
-CVE-2018-16160 (SecureCore Standard Edition Version 2.x allows an attacker to bypass ...)
+CVE-2018-16160
 	NOT-FOR-US: SecureCore Standard Edition
-CVE-2018-16159 (The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL ...)
+CVE-2018-16159
 	NOT-FOR-US: Gift Vouchers plugin for WordPress
-CVE-2018-16048 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-16048
 	- gitlab <not-affected> (Only affects Enterprise edition)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49947
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16051 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-16051
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ee/issues/6012
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
 CVE-2018-XXXX [gitlab: Missing CSRF in System Hooks]
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16049 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-16049
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/46967
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49272
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16050 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-16050
 	- gitlab 11.1.8+dfsg-2
 	[stretch] - gitlab <not-affected> (Only affects 11.1 and 11.2)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49085
@@ -12452,9 +12444,9 @@ CVE-2018-XXXX [gitlab: Persistent XSS in Pipeline Tooltip]
 	- gitlab 11.1.8+dfsg-2
 	[stretch] - gitlab <not-affected> (Only affects 10.7 and later)
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16158 (Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 ...)
+CVE-2018-16158
 	NOT-FOR-US: Eaton Power Xpert Meter
-CVE-2018-16157 (waimai Super Cms 20150505 has a logic flaw allowing attackers to modify ...)
+CVE-2018-16157
 	NOT-FOR-US: waimai Super Cms
 CVE-2018-16156
 	RESERVED
@@ -12464,35 +12456,35 @@ CVE-2018-16154
 	RESERVED
 CVE-2018-16153
 	RESERVED
-CVE-2018-16152 (In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp ...)
+CVE-2018-16152
 	{DSA-4305-1 DLA-1522-1}
 	- strongswan 5.7.0-1
 	NOTE: https://strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html
-CVE-2018-16151 (In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp ...)
+CVE-2018-16151
 	{DSA-4305-1 DLA-1522-1}
 	- strongswan 5.7.0-1
 	NOTE: https://strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html
-CVE-2018-16150 (In sig_verify() in x509.c in axTLS version 2.1.3 and before, the ...)
+CVE-2018-16150
 	NOT-FOR-US: axTLS
-CVE-2018-16149 (In sig_verify() in x509.c in axTLS version 2.1.3 and before, the ...)
+CVE-2018-16149
 	NOT-FOR-US: axTLS
-CVE-2018-16148 (The diagnosticsb2ksy parameter of the /rest endpoint in Opsview ...)
+CVE-2018-16148
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16147 (The data parameter of the /settings/api/router endpoint in Opsview ...)
+CVE-2018-16147
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16146 (The web management console of Opsview Monitor 5.4.x before 5.4.2 ...)
+CVE-2018-16146
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16145 (The /etc/init.d/opsview-reporting-module script that runs at boot time ...)
+CVE-2018-16145
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16144 (The test connection functionality in the NetAudit section of Opsview ...)
+CVE-2018-16144
 	NOT-FOR-US: Opsview Monitor
 CVE-2018-16143
 	RESERVED
-CVE-2018-16142 (PHPOK 4.8.278 has a Reflected XSS vulnerability in ...)
+CVE-2018-16142
 	NOT-FOR-US: PHPOK
-CVE-2018-16141 (ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in ...)
+CVE-2018-16141
 	NOT-FOR-US: ThinkCMF
-CVE-2018-16140 (A buffer underwrite vulnerability in get_line() (read.c) in fig2dev ...)
+CVE-2018-16140
 	- fig2dev 1:3.2.7a-3 (unimportant; bug #907660)
 	- transfig <removed> (unimportant)
 	NOTE: https://sourceforge.net/p/mcj/tickets/28/
@@ -12508,15 +12500,15 @@ CVE-2018-16136
 	RESERVED
 CVE-2018-16135
 	RESERVED
-CVE-2018-16134 (Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI. ...)
+CVE-2018-16134
 	NOT-FOR-US: Cybrotech
-CVE-2018-16133 (Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in ...)
+CVE-2018-16133
 	NOT-FOR-US: Cybrotech
-CVE-2018-16132 (The image rendering component (createGenericPreview) of the Open ...)
+CVE-2018-16132
 	NOT-FOR-US: Signal app (specific on iOS)
-CVE-2018-16131 (The decodeRequest and decodeRequestWith directives in Lightbend Akka ...)
+CVE-2018-16131
 	NOT-FOR-US: Lightbend Akka
-CVE-2018-16130 (System command injection in request_mitv in Xiaomi Mi Router 3 version ...)
+CVE-2018-16130
 	NOT-FOR-US: Xiaomi Mi Router
 CVE-2018-558213
 	REJECTED
@@ -12548,7 +12540,7 @@ CVE-2018-16117
 	RESERVED
 CVE-2018-16116
 	RESERVED
-CVE-2018-16115 (Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and ...)
+CVE-2018-16115
 	NOT-FOR-US: Lightbend Akka
 CVE-2018-16114
 	RESERVED
@@ -12582,31 +12574,31 @@ CVE-2018-16100
 	REJECTED
 CVE-2018-16099
 	REJECTED
-CVE-2018-16098 (In some Lenovo ThinkPads, an unquoted search path vulnerability was ...)
+CVE-2018-16098
 	NOT-FOR-US: Lenovo
-CVE-2018-16097 (LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System ...)
+CVE-2018-16097
 	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
-CVE-2018-16096 (In System Management Module (SMM) versions prior to 1.06, the SMM web ...)
+CVE-2018-16096
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16095 (In System Management Module (SMM) versions prior to 1.06, the SMM ...)
+CVE-2018-16095
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16094 (In System Management Module (SMM) versions prior to 1.06, an internal ...)
+CVE-2018-16094
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16093 (In versions prior to 5.5, LXCI for VMware allows an authenticated user ...)
+CVE-2018-16093
 	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
-CVE-2018-16092 (In System Management Module (SMM) versions prior to 1.06, the FFDC ...)
+CVE-2018-16092
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16091 (In System Management Module (SMM) versions prior to 1.06, the SMM ...)
+CVE-2018-16091
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16090 (In System Management Module (SMM) versions prior to 1.06, the SMM ...)
+CVE-2018-16090
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16089 (In System Management Module (SMM) versions prior to 1.06, a field in ...)
+CVE-2018-16089
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16088 (A missing check for JS-simulated input events in Blink in Google ...)
+CVE-2018-16088
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16087 (Lack of proper state tracking in Permissions in Google Chrome prior to ...)
+CVE-2018-16087
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12615,35 +12607,35 @@ CVE-2018-16086
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16085 (A use after free in ResourceCoordinator in Google Chrome prior to ...)
+CVE-2018-16085
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16084 (The default selected dialog button in CustomHandlers in Google Chrome ...)
+CVE-2018-16084
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16083 (An out of bounds read in forward error correction code in WebRTC in ...)
+CVE-2018-16083
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16082 (An out of bounds read in Swiftshader in Google Chrome prior to ...)
+CVE-2018-16082
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16081 (Allowing the chrome.debugger API to run on file:// URLs in DevTools in ...)
+CVE-2018-16081
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16080 (A missing check for popup window handling in Fullscreen in Google ...)
+CVE-2018-16080
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16079 (A race condition between permission prompts and navigations in Prompts ...)
+CVE-2018-16079
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16078 (Unsafe handling of credit card details in Autofill in Google Chrome ...)
+CVE-2018-16078
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12652,7 +12644,7 @@ CVE-2018-16077
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16076 (Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 ...)
+CVE-2018-16076
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12671,9 +12663,9 @@ CVE-2018-16073
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16072 (A missing origin check related to HLS manifests in Blink in Google ...)
+CVE-2018-16072
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2018-16071 (A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 ...)
+CVE-2018-16071
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12687,19 +12679,19 @@ CVE-2018-16069
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16068 (Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 ...)
+CVE-2018-16068
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16067 (A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 ...)
+CVE-2018-16067
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16066 (A use after free in Blink in Google Chrome prior to 69.0.3497.81 ...)
+CVE-2018-16066
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16065 (A Javascript reentrancy issues that caused a use-after-free in V8 in ...)
+CVE-2018-16065
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12707,7 +12699,7 @@ CVE-2018-16064
 	RESERVED
 CVE-2018-16063
 	RESERVED
-CVE-2018-16062 (dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before ...)
+CVE-2018-16062
 	{DLA-1689-1}
 	- elfutils 0.175-1 (bug #907562)
 	[stretch] - elfutils <no-dsa> (Minor issue)
@@ -12717,28 +12709,28 @@ CVE-2018-16061
 	RESERVED
 CVE-2018-16060
 	RESERVED
-CVE-2018-16059 (Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow ...)
+CVE-2018-16059
 	NOT-FOR-US: Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices
-CVE-2018-16058 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
+CVE-2018-16058
 	{DSA-4315-1 DLA-1634-1}
 	- wireshark 2.6.3-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c48d6a6d60c5c9111838a945966b6cb8750777be
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-44.html
-CVE-2018-16057 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
+CVE-2018-16057
 	{DSA-4315-1 DLA-1634-1}
 	- wireshark 2.6.3-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15022
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-46.html
-CVE-2018-16056 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
+CVE-2018-16056
 	{DSA-4315-1}
 	- wireshark 2.6.3-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f98fbce64cb230e94a2cafc410a3cedad657b485
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-45.html
-CVE-2018-16055 (An authenticated command injection vulnerability exists in ...)
+CVE-2018-16055
 	NOT-FOR-US: pfSense
 CVE-2018-16054
 	RESERVED
@@ -12746,265 +12738,265 @@ CVE-2018-16053
 	RESERVED
 CVE-2018-16052
 	RESERVED
-CVE-2018-16047 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16047
 	NOT-FOR-US: Adobe
-CVE-2018-16046 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16046
 	NOT-FOR-US: Adobe
-CVE-2018-16045 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16045
 	NOT-FOR-US: Adobe
-CVE-2018-16044 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16044
 	NOT-FOR-US: Adobe
-CVE-2018-16043 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16043
 	NOT-FOR-US: Adobe
-CVE-2018-16042 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16042
 	NOT-FOR-US: Adobe
-CVE-2018-16041 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16041
 	NOT-FOR-US: Adobe
-CVE-2018-16040 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16040
 	NOT-FOR-US: Adobe
-CVE-2018-16039 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16039
 	NOT-FOR-US: Adobe
-CVE-2018-16038 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16038
 	NOT-FOR-US: Adobe
-CVE-2018-16037 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16037
 	NOT-FOR-US: Adobe
-CVE-2018-16036 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16036
 	NOT-FOR-US: Adobe
-CVE-2018-16035 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16035
 	NOT-FOR-US: Adobe
-CVE-2018-16034 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16034
 	NOT-FOR-US: Adobe
-CVE-2018-16033 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16033
 	NOT-FOR-US: Adobe
-CVE-2018-16032 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16032
 	NOT-FOR-US: Adobe
-CVE-2018-16031 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16031
 	NOT-FOR-US: Adobe
-CVE-2018-16030 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16030
 	NOT-FOR-US: Adobe
-CVE-2018-16029 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16029
 	NOT-FOR-US: Adobe
-CVE-2018-16028 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16028
 	NOT-FOR-US: Adobe
-CVE-2018-16027 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16027
 	NOT-FOR-US: Adobe
-CVE-2018-16026 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16026
 	NOT-FOR-US: Adobe
-CVE-2018-16025 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16025
 	NOT-FOR-US: Adobe
-CVE-2018-16024 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16024
 	NOT-FOR-US: Adobe
-CVE-2018-16023 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16023
 	NOT-FOR-US: Adobe
-CVE-2018-16022 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16022
 	NOT-FOR-US: Adobe
-CVE-2018-16021 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16021
 	NOT-FOR-US: Adobe
-CVE-2018-16020 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16020
 	NOT-FOR-US: Adobe
-CVE-2018-16019 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16019
 	NOT-FOR-US: Adobe
-CVE-2018-16018 (Adobe Acrobat and Reader versions 2019.010.20064 and earlier, ...)
+CVE-2018-16018
 	NOT-FOR-US: Adobe
-CVE-2018-16017 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16017
 	NOT-FOR-US: Adobe
-CVE-2018-16016 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16016
 	NOT-FOR-US: Adobe
-CVE-2018-16015 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16015
 	NOT-FOR-US: Adobe
-CVE-2018-16014 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16014
 	NOT-FOR-US: Adobe
-CVE-2018-16013 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16013
 	NOT-FOR-US: Adobe
-CVE-2018-16012 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16012
 	NOT-FOR-US: Adobe
-CVE-2018-16011 (Adobe Acrobat and Reader versions 2019.010.20064 and earlier, ...)
+CVE-2018-16011
 	NOT-FOR-US: Adobe
-CVE-2018-16010 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16010
 	NOT-FOR-US: Adobe
-CVE-2018-16009 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16009
 	NOT-FOR-US: Adobe
-CVE-2018-16008 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16008
 	NOT-FOR-US: Adobe
-CVE-2018-16007 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16007
 	NOT-FOR-US: Adobe
-CVE-2018-16006 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16006
 	NOT-FOR-US: Adobe
-CVE-2018-16005 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16005
 	NOT-FOR-US: Adobe
-CVE-2018-16004 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16004
 	NOT-FOR-US: Adobe
-CVE-2018-16003 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16003
 	NOT-FOR-US: Adobe
-CVE-2018-16002 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16002
 	NOT-FOR-US: Adobe
-CVE-2018-16001 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16001
 	NOT-FOR-US: Adobe
-CVE-2018-16000 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-16000
 	NOT-FOR-US: Adobe
-CVE-2018-15999 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15999
 	NOT-FOR-US: Adobe
-CVE-2018-15998 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15998
 	NOT-FOR-US: Adobe
-CVE-2018-15997 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15997
 	NOT-FOR-US: Adobe
-CVE-2018-15996 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15996
 	NOT-FOR-US: Adobe
-CVE-2018-15995 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15995
 	NOT-FOR-US: Adobe
-CVE-2018-15994 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15994
 	NOT-FOR-US: Adobe
-CVE-2018-15993 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15993
 	NOT-FOR-US: Adobe
-CVE-2018-15992 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15992
 	NOT-FOR-US: Adobe
-CVE-2018-15991 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15991
 	NOT-FOR-US: Adobe
-CVE-2018-15990 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15990
 	NOT-FOR-US: Adobe
-CVE-2018-15989 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15989
 	NOT-FOR-US: Adobe
-CVE-2018-15988 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15988
 	NOT-FOR-US: Adobe
-CVE-2018-15987 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15987
 	NOT-FOR-US: Adobe
-CVE-2018-15986 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15986
 	NOT-FOR-US: Adobe
-CVE-2018-15985 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15985
 	NOT-FOR-US: Adobe
-CVE-2018-15984 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-15984
 	NOT-FOR-US: Adobe
-CVE-2018-15983 (Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and ...)
+CVE-2018-15983
 	NOT-FOR-US: Adobe
-CVE-2018-15982 (Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and ...)
+CVE-2018-15982
 	NOT-FOR-US: Adobe
-CVE-2018-15981 (Flash Player versions 31.0.0.148 and earlier have a type confusion ...)
+CVE-2018-15981
 	NOT-FOR-US: Adobe
-CVE-2018-15980 (Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds ...)
+CVE-2018-15980
 	NOT-FOR-US: Adobe
-CVE-2018-15979 (Adobe Acrobat and Reader versions 2019.008.20080 and earlier, ...)
+CVE-2018-15979
 	NOT-FOR-US: Adobe
-CVE-2018-15978 (Flash Player versions 31.0.0.122 and earlier have an out-of-bounds ...)
+CVE-2018-15978
 	NOT-FOR-US: Adobe
 CVE-2018-15977
 	REJECTED
-CVE-2018-15976 (Adobe Technical Communications Suite versions 1.0.5.1 and below have ...)
+CVE-2018-15976
 	NOT-FOR-US: Adobe
 CVE-2018-15975
 	REJECTED
-CVE-2018-15974 (Adobe Framemaker versions 1.0.5.1 and below have an insecure library ...)
+CVE-2018-15974
 	NOT-FOR-US: Adobe
-CVE-2018-15973 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-15973
 	NOT-FOR-US: Adobe
-CVE-2018-15972 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-15972
 	NOT-FOR-US: Adobe
-CVE-2018-15971 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-15971
 	NOT-FOR-US: Adobe
-CVE-2018-15970 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-15970
 	NOT-FOR-US: Adobe
-CVE-2018-15969 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-15969
 	NOT-FOR-US: Adobe
-CVE-2018-15968 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15968
 	NOT-FOR-US: Adobe
-CVE-2018-15967 (Adobe Flash Player versions 30.0.0.154 and earlier have a privilege ...)
+CVE-2018-15967
 	NOT-FOR-US: Adobe
-CVE-2018-15966 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15966
 	NOT-FOR-US: Adobe
-CVE-2018-15965 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15965
 	NOT-FOR-US: Adobe
-CVE-2018-15964 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15964
 	NOT-FOR-US: Adobe
-CVE-2018-15963 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15963
 	NOT-FOR-US: Adobe
-CVE-2018-15962 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15962
 	NOT-FOR-US: Adobe
-CVE-2018-15961 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15961
 	NOT-FOR-US: Adobe
-CVE-2018-15960 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15960
 	NOT-FOR-US: Adobe
-CVE-2018-15959 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15959
 	NOT-FOR-US: Adobe
-CVE-2018-15958 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15958
 	NOT-FOR-US: Adobe
-CVE-2018-15957 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 ...)
+CVE-2018-15957
 	NOT-FOR-US: Adobe
-CVE-2018-15956 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15956
 	NOT-FOR-US: Adobe
-CVE-2018-15955 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15955
 	NOT-FOR-US: Adobe
-CVE-2018-15954 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15954
 	NOT-FOR-US: Adobe
-CVE-2018-15953 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15953
 	NOT-FOR-US: Adobe
-CVE-2018-15952 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15952
 	NOT-FOR-US: Adobe
-CVE-2018-15951 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15951
 	NOT-FOR-US: Adobe
-CVE-2018-15950 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15950
 	NOT-FOR-US: Adobe
-CVE-2018-15949 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15949
 	NOT-FOR-US: Adobe
-CVE-2018-15948 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15948
 	NOT-FOR-US: Adobe
-CVE-2018-15947 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15947
 	NOT-FOR-US: Adobe
-CVE-2018-15946 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15946
 	NOT-FOR-US: Adobe
-CVE-2018-15945 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15945
 	NOT-FOR-US: Adobe
-CVE-2018-15944 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15944
 	NOT-FOR-US: Adobe
-CVE-2018-15943 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15943
 	NOT-FOR-US: Adobe
-CVE-2018-15942 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15942
 	NOT-FOR-US: Adobe
-CVE-2018-15941 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15941
 	NOT-FOR-US: Adobe
-CVE-2018-15940 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15940
 	NOT-FOR-US: Adobe
-CVE-2018-15939 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15939
 	NOT-FOR-US: Adobe
-CVE-2018-15938 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15938
 	NOT-FOR-US: Adobe
-CVE-2018-15937 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15937
 	NOT-FOR-US: Adobe
-CVE-2018-15936 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15936
 	NOT-FOR-US: Adobe
-CVE-2018-15935 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15935
 	NOT-FOR-US: Adobe
-CVE-2018-15934 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15934
 	NOT-FOR-US: Adobe
-CVE-2018-15933 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15933
 	NOT-FOR-US: Adobe
-CVE-2018-15932 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15932
 	NOT-FOR-US: Adobe
-CVE-2018-15931 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15931
 	NOT-FOR-US: Adobe
-CVE-2018-15930 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15930
 	NOT-FOR-US: Adobe
-CVE-2018-15929 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15929
 	NOT-FOR-US: Adobe
-CVE-2018-15928 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15928
 	NOT-FOR-US: Adobe
-CVE-2018-15927 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15927
 	NOT-FOR-US: Adobe
-CVE-2018-15926 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15926
 	NOT-FOR-US: Adobe
-CVE-2018-15925 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15925
 	NOT-FOR-US: Adobe
-CVE-2018-15924 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15924
 	NOT-FOR-US: Adobe
-CVE-2018-15923 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15923
 	NOT-FOR-US: Adobe
-CVE-2018-15922 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15922
 	NOT-FOR-US: Adobe
 CVE-2018-15921
 	REJECTED
-CVE-2018-15920 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-15920
 	NOT-FOR-US: Adobe
-CVE-2018-15918 (An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) ...)
+CVE-2018-15918
 	NOT-FOR-US: Jorani
-CVE-2018-15917 (Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow ...)
+CVE-2018-15917
 	NOT-FOR-US: Jorani
 CVE-2018-15916
 	RESERVED
@@ -13014,68 +13006,68 @@ CVE-2018-15914
 	RESERVED
 CVE-2018-15913
 	RESERVED
-CVE-2018-15912 (An issue was discovered in manjaro-update-system.sh in manjaro-system ...)
+CVE-2018-15912
 	NOT-FOR-US: manjaro-update-system.sh in manjaro-system on Manjaro Linux
-CVE-2018-15919 (Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 ...)
+CVE-2018-15919
 	- openssh <unfixed> (low; bug #907503)
 	[buster] - openssh <no-dsa> (Minor issue)
 	[stretch] - openssh <no-dsa> (Minor issue)
 	[jessie] - openssh <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/27/2
-CVE-2018-15911 (In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply ...)
+CVE-2018-15911
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8e9ce5016db968b40e4ec255a3005f2786cce45f
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699665
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15910 (In Artifex Ghostscript before 9.24, attackers able to supply crafted ...)
+CVE-2018-15910
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c3476dde7743761a4e1d39a631716199b696b880
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699656
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15909 (In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using ...)
+CVE-2018-15909
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0b6cd1918e1ec4ffd087400a754a845180a4522b
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e01e77a36cbb2e0277bc3a63852244bec41be0f6
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699660
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15908 (In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to ...)
+CVE-2018-15908
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0d3901189f245232f0161addf215d7268c4d05a3
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699657
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15907 (** DISPUTED ** Technicolor (formerly RCA) TC8305C devices allow ...)
+CVE-2018-15907
 	NOT-FOR-US: Technicolor (formerly RCA) TC8305C devices
 CVE-2018-15906
-	RESERVED
+	TODO: check
 CVE-2018-15905
 	RESERVED
-CVE-2018-15904 (A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before ...)
+CVE-2018-15904
 	NOT-FOR-US: A10 ACOS Web Application Firewall
-CVE-2018-15903 (The Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to stored ...)
+CVE-2018-15903
 	NOT-FOR-US: Claromentis
 CVE-2018-15902
 	RESERVED
-CVE-2018-15901 (e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing ...)
+CVE-2018-15901
 	NOT-FOR-US: e107
 CVE-2018-15900
 	RESERVED
-CVE-2018-15899 (An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS ...)
+CVE-2018-15899
 	NOT-FOR-US: MiniCMS
-CVE-2018-15898 (The Subsonic Music Streamer application 4.4 for Android has Improper ...)
+CVE-2018-15898
 	NOT-FOR-US: Subsonic Music Streamer application for Android
-CVE-2018-15897 (PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers ...)
+CVE-2018-15897
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-15896 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal ...)
+CVE-2018-15896
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-15895 (An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because ...)
+CVE-2018-15895
 	NOT-FOR-US: iCMS
-CVE-2018-15894 (A SQL injection was discovered in ...)
+CVE-2018-15894
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-15893 (A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in ...)
+CVE-2018-15893
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-15892
 	RESERVED
@@ -13083,57 +13075,57 @@ CVE-2018-15891
 	RESERVED
 CVE-2018-15890
 	RESERVED
-CVE-2018-15889 (In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects() in ...)
+CVE-2018-15889
 	- libpodofo <unfixed> (low; bug #916167)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1620065
 	NOTE: https://sourceforge.net/p/podofo/tickets/27/
 	NOTE: upstream thinks this could be a duplicate of CVE-2018-5783
-CVE-2018-15888 (An issue was discovered in ASPCMS 2.5.6. When registering ordinary ...)
+CVE-2018-15888
 	NOT-FOR-US: ASPCMS
-CVE-2018-15887 (Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to ...)
+CVE-2018-15887
 	NOT-FOR-US: ASUS DSL-N12E_C1
-CVE-2018-15886 (Monstra CMS 3.0.4 does not properly restrict modified Snippet content, ...)
+CVE-2018-15886
 	NOT-FOR-US: Monstra CMS
-CVE-2018-15885 (Ovation FindMe 1.4-1083-1 is intended to support transmission of ...)
+CVE-2018-15885
 	NOT-FOR-US: Ovation FindMe
-CVE-2018-15884 (RICOH MP C4504ex devices allow HTML Injection via the ...)
+CVE-2018-15884
 	NOT-FOR-US: RICOH MP C4504ex devices
 CVE-2018-15883
 	RESERVED
-CVE-2018-15882 (An issue was discovered in Joomla! before 3.8.12. Inadequate checks in ...)
+CVE-2018-15882
 	NOT-FOR-US: Joomla!
-CVE-2018-15881 (An issue was discovered in Joomla! before 3.8.12. Inadequate checks ...)
+CVE-2018-15881
 	NOT-FOR-US: Joomla!
-CVE-2018-15880 (An issue was discovered in Joomla! before 3.8.12. Inadequate output ...)
+CVE-2018-15880
 	NOT-FOR-US: Joomla!
 CVE-2018-15879
 	RESERVED
 CVE-2018-15878
 	RESERVED
-CVE-2018-16543 (In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution ...)
+CVE-2018-16543
 	{DSA-4288-1 DLA-1527-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908303)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5b5536fa88a9e885032bc0df3852c3439399a5c0
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699670
-CVE-2018-16542 (In Artifex Ghostscript before 9.24, attackers able to supply crafted ...)
+CVE-2018-16542
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699668
-CVE-2018-16541 (In Artifex Ghostscript before 9.24, attackers able to supply crafted ...)
+CVE-2018-16541
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=241d91112771a6104de10b3948c3f350d6690c1d
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699664
-CVE-2018-16540 (In Artifex Ghostscript before 9.24, attackers able to supply crafted ...)
+CVE-2018-16540
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c432131c3fdb2143e148e8ba88555f7f7a63b25e
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699661
-CVE-2018-16539 (In Artifex Ghostscript before 9.24, attackers able to supply crafted ...)
+CVE-2018-16539
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
@@ -13142,24 +13134,24 @@ CVE-2018-16539 (In Artifex Ghostscript before 9.24, attackers able to supply cra
 	NOTE: an additional (no-security) followup fix is needed as:
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=150c8f69646b854a99f35f27edaae012eb2e900f
 	NOTE: Cf. https://bugs.debian.org/908300
-CVE-2018-16513 (In Artifex Ghostscript before 9.24, attackers able to supply crafted ...)
+CVE-2018-16513
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b326a71659b7837d3acde954b18bda1a6f5e9498
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699655
-CVE-2018-16511 (An issue was discovered in Artifex Ghostscript before 9.24. A type ...)
+CVE-2018-16511
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0edd3d6c634a577db261615a9dc2719bca7f6e01
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699659
-CVE-2018-16510 (An issue was discovered in Artifex Ghostscript before 9.24. Incorrect ...)
+CVE-2018-16510
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908304)
 	[stretch] - ghostscript <not-affected> (Introduced in 9.22)
 	[jessie] - ghostscript <not-affected> (vulnerable code is not present)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699671
-CVE-2018-16509 (An issue was discovered in Artifex Ghostscript before 9.24. Incorrect ...)
+CVE-2018-16509
 	{DSA-4294-1 DLA-1504-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #907332; bug #907703)
@@ -13169,32 +13161,32 @@ CVE-2018-16509 (An issue was discovered in Artifex Ghostscript before 9.24. Inco
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=520bb0ea7519aa3e79db78aaf0589dae02103764
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699654
 	NOTE: Partially fixed in 9.22~dfsg-3, see #907703
-CVE-2018-16585 (An issue was discovered in Artifex Ghostscript before 9.24. The ...)
+CVE-2018-16585
 	{DSA-4288-1 DLA-1504-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908305)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=1497d65039885a52b598b137dd8622bd4672f9be
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=971472c83a345a16dac9f90f91258bb22dd77f22
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699663
-CVE-2018-15877 (The Plainview Activity Monitor plugin before 20180826 for WordPress is ...)
+CVE-2018-15877
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-15876 (An issue was discovered in the ajax-bootmodal-login plugin 1.4.3 for ...)
+CVE-2018-15876
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-15875 (Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers ...)
+CVE-2018-15875
 	NOT-FOR-US: D-Link
-CVE-2018-15874 (Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers ...)
+CVE-2018-15874
 	NOT-FOR-US: D-Link
-CVE-2018-15873 (A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid ...)
+CVE-2018-15873
 	NOT-FOR-US: Sentrifugo
 CVE-2018-15872
 	RESERVED
-CVE-2018-15871 (An invalid memory address dereference was discovered in ...)
+CVE-2018-15871
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/123
-CVE-2018-15870 (An invalid memory address dereference was discovered in ...)
+CVE-2018-15870
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/122
-CVE-2018-15869 (An Amazon Web Services (AWS) developer who does not specify the ...)
+CVE-2018-15869
 	- packer 1.3.1+dfsg-1 (low; bug #907298)
 	[stretch] - packer <not-affected> (Vulnerable code added later)
 	NOTE: https://github.com/hashicorp/packer/issues/6584
@@ -13205,27 +13197,27 @@ CVE-2018-15867
 	RESERVED
 CVE-2018-15866
 	RESERVED
-CVE-2018-15865 (The Pulse Secure Desktop (macOS) has a Privilege Escalation ...)
+CVE-2018-15865
 	NOT-FOR-US: Pulse Secure Desktop
-CVE-2018-15864 (Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in ...)
+CVE-2018-15864
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15863 (Unchecked NULL pointer usage in ResolveStateAndPredicate in ...)
+CVE-2018-15863
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15862 (Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in ...)
+CVE-2018-15862
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15861 (Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in ...)
+CVE-2018-15861
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
@@ -13233,95 +13225,95 @@ CVE-2018-15861 (Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
 CVE-2018-15860
 	RESERVED
-CVE-2018-15859 (Unchecked NULL pointer usage when parsing invalid atoms in ...)
+CVE-2018-15859
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15858 (Unchecked NULL pointer usage when handling invalid aliases in ...)
+CVE-2018-15858
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15857 (An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in ...)
+CVE-2018-15857
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15856 (An infinite loop when reaching EOL unexpectedly in compose/parser.c ...)
+CVE-2018-15856
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15855 (Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by ...)
+CVE-2018-15855
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/917636b1d0d70205a13f89062b95e3a0fc31d4ff
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15854 (Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by ...)
+CVE-2018-15854
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/e3cacae7b1bfda0d839c280494f23284a1187adf
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15853 (Endless recursion exists in xkbcomp/expr.c in xkbcommon and ...)
+CVE-2018-15853
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15852 (** DISPUTED ** Technicolor TC7200.20 devices allow remote attackers ...)
+CVE-2018-15852
 	NOT-FOR-US: Technicolor
-CVE-2018-15851 (An issue was discovered in Flexo CMS v0.1.6. There is a CSRF ...)
+CVE-2018-15851
 	NOT-FOR-US: Flexo CMS
-CVE-2018-15850 (An issue was discovered in REDAXO CMS 4.7.2. There is a CSRF ...)
+CVE-2018-15850
 	NOT-FOR-US: REDAXO CMS
-CVE-2018-15849 (An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update ...)
+CVE-2018-15849
 	NOT-FOR-US: portfolioCMS
-CVE-2018-15848 (An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create ...)
+CVE-2018-15848
 	NOT-FOR-US: portfolioCMS
-CVE-2018-15847 (An issue was discovered in puppyCMS 5.1. There is an XSS vulnerability ...)
+CVE-2018-15847
 	NOT-FOR-US: puppyCMS
-CVE-2018-15846 (An issue was discovered in fledrCMS through 2014-02-03. There is a CSRF ...)
+CVE-2018-15846
 	NOT-FOR-US: fledrCMS
-CVE-2018-15845 (There is a CSRF vulnerability that can add an administrator account in ...)
+CVE-2018-15845
 	NOT-FOR-US: Gleez CMS
-CVE-2018-15844 (An issue was discovered in DamiCMS 6.0.0. There is an CSRF ...)
+CVE-2018-15844
 	NOT-FOR-US: DamiCMS
-CVE-2018-15843 (GetSimple CMS 3.3.14 has XSS via the admin/edit.php &quot;Add New Page&quot; ...)
+CVE-2018-15843
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-15842 (WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug parameter. ...)
+CVE-2018-15842
 	NOT-FOR-US: WolfCMS
 CVE-2018-15841
 	RESERVED
 CVE-2018-15840
 	RESERVED
-CVE-2018-15839 (D-Link DIR-615 devices have a buffer overflow via a long Authorization ...)
+CVE-2018-15839
 	NOT-FOR-US: D-Link DIR-615 devices
 CVE-2018-15838
 	RESERVED
 CVE-2018-15837
 	RESERVED
-CVE-2018-15836 (In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan ...)
+CVE-2018-15836
 	- openswan <removed>
 	NOTE: https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51
 	NOTE: https://lists.openswan.org/pipermail/users/2018-August/023761.html
-CVE-2018-15835 (Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID ...)
+CVE-2018-15835
 	NOT-FOR-US: Android
-CVE-2018-15834 (In radare2 before 2.9.0, a heap overflow vulnerability exists in the ...)
+CVE-2018-15834
 	- radare2 2.9.0+dfsg-1
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code added later in 0.9.8)
 	NOTE: https://github.com/radare/radare2/issues/11274
 	NOTE: https://github.com/radare/radare2/pull/11300
-CVE-2018-15833 (In Vanilla before 2.6.1, the polling functionality allows Insecure ...)
+CVE-2018-15833
 	NOT-FOR-US: Vanilla
-CVE-2018-15832 (upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows ...)
+CVE-2018-15832
 	NOT-FOR-US: upc.exe in Ubisoft Uplay Desktop Client
 CVE-2018-15831
 	RESERVED
@@ -13341,7 +13333,7 @@ CVE-2018-15824
 	RESERVED
 CVE-2018-15823
 	RESERVED
-CVE-2018-15822 (The flv_write_packet function in libavformat/flvenc.c in FFmpeg through ...)
+CVE-2018-15822
 	- ffmpeg 7:4.0.3-1 (low)
 	[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2 release)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10
@@ -13352,7 +13344,7 @@ CVE-2018-15820
 CVE-2018-15819
 	RESERVED
 CVE-2018-15818
-	RESERVED
+	TODO: check
 CVE-2018-15817
 	RESERVED
 CVE-2018-15816
@@ -13367,38 +13359,38 @@ CVE-2018-15812
 	RESERVED
 CVE-2018-15811
 	RESERVED
-CVE-2018-15810 (Visiology Flipbox Software Suite before 2.7.0 allows directory ...)
+CVE-2018-15810
 	NOT-FOR-US: Visiology Flipbox Software Suite
-CVE-2018-15809 (AccuPOS 2017.8 is installed with the insecure &quot;Authenticated Users: ...)
+CVE-2018-15809
 	NOT-FOR-US: AccuPOS
-CVE-2018-15808 (POSIM EVO 15.13 for Windows includes hardcoded database credentials for ...)
+CVE-2018-15808
 	NOT-FOR-US: POSIM EVO for Windows
-CVE-2018-15807 (POSIM EVO 15.13 for Windows includes an &quot;Emergency Override&quot; ...)
+CVE-2018-15807
 	NOT-FOR-US: POSIM EVO for Windows
 CVE-2018-15806
 	RESERVED
-CVE-2018-15805 (Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML ...)
+CVE-2018-15805
 	NOT-FOR-US: Accusoft PrizmDoc HTML5 Document Viewer
-CVE-2018-15804 (An issue was discovered in the MapR File System in MapR Converged Data ...)
+CVE-2018-15804
 	NOT-FOR-US: MapR File System
 CVE-2018-15803
 	REJECTED
 CVE-2018-15802
 	REJECTED
-CVE-2018-15801 (Spring Security versions 5.1.x prior to 5.1.2 contain an authorization ...)
+CVE-2018-15801
 	- libspring-security-2.0-java <removed>
 	[jessie] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2018-15800 (Cloud Foundry Bits Service, versions prior to 2.18.0, includes an ...)
+CVE-2018-15800
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-15799
 	REJECTED
-CVE-2018-15798 (Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow ...)
+CVE-2018-15798
 	NOT-FOR-US: Pivotal
-CVE-2018-15797 (Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to ...)
+CVE-2018-15797
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15796 (Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an ...)
+CVE-2018-15796
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15795 (Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a ...)
+CVE-2018-15795
 	NOT-FOR-US: Pivotal
 CVE-2018-15794
 	REJECTED
@@ -13420,95 +13412,95 @@ CVE-2018-15786
 	REJECTED
 CVE-2018-15785
 	REJECTED
-CVE-2018-15784 (Dell Networking OS10 versions prior to 10.4.3.0 contain a ...)
+CVE-2018-15784
 	NOT-FOR-US: Dell
 CVE-2018-15783
 	REJECTED
-CVE-2018-15782 (The Quick Setup component of RSA Authentication Manager versions prior ...)
+CVE-2018-15782
 	NOT-FOR-US: RSA
-CVE-2018-15781 (The Dell Wyse Password Encoder in ThinLinux2 versions prior to ...)
+CVE-2018-15781
 	NOT-FOR-US: Dell
-CVE-2018-15780 (RSA Archer versions prior to 6.5.0.1 contain an improper access ...)
+CVE-2018-15780
 	NOT-FOR-US: RSA Archer
 CVE-2018-15779
 	REJECTED
-CVE-2018-15778 (Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by ...)
+CVE-2018-15778
 	NOT-FOR-US: Dell
 CVE-2018-15777
 	REJECTED
-CVE-2018-15776 (Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an ...)
+CVE-2018-15776
 	NOT-FOR-US: EMC iDRAC
 CVE-2018-15775
 	REJECTED
-CVE-2018-15774 (Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 ...)
+CVE-2018-15774
 	NOT-FOR-US: EMC iDRAC
-CVE-2018-15773 (Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 ...)
+CVE-2018-15773
 	NOT-FOR-US: Dell
-CVE-2018-15772 (Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for ...)
+CVE-2018-15772
 	NOT-FOR-US: EMC RecoverPoint
-CVE-2018-15771 (Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for ...)
+CVE-2018-15771
 	NOT-FOR-US: EMC RecoverPoint
 CVE-2018-15770
 	REJECTED
-CVE-2018-15769 (RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x ...)
+CVE-2018-15769
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-15768 (Dell OpenManage Network Manager versions prior to 6.5.0 enabled ...)
+CVE-2018-15768
 	NOT-FOR-US: Dell OpenManage Network Manager
-CVE-2018-15767 (The Dell OpenManage Network Manager virtual appliance versions prior ...)
+CVE-2018-15767
 	NOT-FOR-US: Dell OpenManage Network Manager
-CVE-2018-15766 (On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint ...)
+CVE-2018-15766
 	NOT-FOR-US: Dell
-CVE-2018-15765 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, ...)
+CVE-2018-15765
 	NOT-FOR-US: EMC Secure Remote Services
-CVE-2018-15764 (Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote ...)
+CVE-2018-15764
 	NOT-FOR-US: EMC ESRS Policy Manager
-CVE-2018-15763 (Pivotal Container Service, versions prior to 1.2.0, contains an ...)
+CVE-2018-15763
 	NOT-FOR-US: Pivotal Container Service
-CVE-2018-15762 (Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions ...)
+CVE-2018-15762
 	NOT-FOR-US: Pivotal
-CVE-2018-15761 (Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions ...)
+CVE-2018-15761
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-15760
 	REJECTED
-CVE-2018-15759 (Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 ...)
+CVE-2018-15759
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15758 (Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to ...)
+CVE-2018-15758
 	NOT-FOR-US: Spring Security OAuth
 CVE-2018-15757
 	REJECTED
-CVE-2018-15756 (Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, ...)
+CVE-2018-15756
 	- libspring-java 4.3.21-1 (bug #911786)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <not-affected> (vulnerable code introduced in later version)
 	NOTE: https://pivotal.io/security/cve-2018-15756
-CVE-2018-15755 (Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, ...)
+CVE-2018-15755
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15754 (Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization ...)
+CVE-2018-15754
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15753 (An issue was discovered in the MensaMax (aka com.breustedt.mensamax) ...)
+CVE-2018-15753
 	NOT-FOR-US: MensaMax application for Android
-CVE-2018-15752 (An issue was discovered in the MensaMax (aka com.breustedt.mensamax) ...)
+CVE-2018-15752
 	NOT-FOR-US: MensaMax application for Android
-CVE-2018-15751 (SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow ...)
+CVE-2018-15751
 	- salt 2018.3.3+dfsg1-1 (bug #913475)
 	[jessie] - salt <not-affected> (REST netapi code was first introduced with v2014.7)
 	NOTE: Fixed in 2016.11.10, 2017.7.8, 2018.3.3
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2016.11.10.html#security-fix
 	NOTE: minimal patch: https://github.com/saltstack/salt/compare/v2016.11.9..v2016.11.10
-CVE-2018-15750 (Directory Traversal vulnerability in salt-api in SaltStack Salt before ...)
+CVE-2018-15750
 	- salt 2018.3.3+dfsg1-1 (bug #913476)
 	[stretch] - salt <no-dsa> (Minor issue)
 	[jessie] - salt <not-affected> (REST netapi code was first introduced with v2014.7)
 	NOTE: Fixed in 2016.11.10, 2017.7.8, 2018.3.3
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2016.11.10.html#security-fix
 	NOTE: minimal patch: https://github.com/saltstack/salt/compare/v2016.11.9..v2016.11.10
-CVE-2018-15749 (The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a ...)
+CVE-2018-15749
 	NOT-FOR-US: Pulse Secure Desktop
-CVE-2018-15748 (On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, ...)
+CVE-2018-15748
 	NOT-FOR-US: Dell 2335dn printers
 CVE-2018-15747
 	RESERVED
-CVE-2018-15746 (qemu-seccomp.c in QEMU might allow local OS guest users to cause a ...)
+CVE-2018-15746
 	- qemu 1:3.1+dfsg-1 (low; bug #907500)
 	[stretch] - qemu <ignored> (Minor issue, too risky to backport, not enabled by default)
 	[jessie] - qemu <no-dsa> (Minor issue; Only enabled by default later, but supported)
@@ -13516,7 +13508,7 @@ CVE-2018-15746 (qemu-seccomp.c in QEMU might allow local OS guest users to cause
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg02289.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg04892.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=70dfabeaa79ba4d7a3b699abe1a047c8012db114
-CVE-2018-15745 (Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory ...)
+CVE-2018-15745
 	NOT-FOR-US: Argus Surveillance DVR
 CVE-2018-15744
 	RESERVED
@@ -13526,7 +13518,7 @@ CVE-2018-15742
 	RESERVED
 CVE-2018-15741
 	RESERVED
-CVE-2018-15740 (Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the &quot;Workflow ...)
+CVE-2018-15740
 	NOT-FOR-US: Zoho ManageEngine ADManager Plus
 CVE-2018-15739
 	RESERVED
@@ -13550,100 +13542,100 @@ CVE-2018-15730
 	RESERVED
 CVE-2018-15729
 	RESERVED
-CVE-2018-15728 (An issue was discovered in Couchbase Server. Authenticated users can ...)
+CVE-2018-15728
 	NOT-FOR-US: Couchbase
-CVE-2018-15727 (Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows ...)
+CVE-2018-15727
 	- grafana <removed> (bug #907590)
 	NOTE: https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/
-CVE-2018-1999047 (A improper authorization vulnerability exists in Jenkins 2.137 and ...)
+CVE-2018-1999047
 	- jenkins <removed>
-CVE-2018-1999046 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999046
 	- jenkins <removed>
-CVE-2018-1999045 (A improper authentication vulnerability exists in Jenkins 2.137 and ...)
+CVE-2018-1999045
 	- jenkins <removed>
-CVE-2018-1999044 (A denial of service vulnerability exists in Jenkins 2.137 and earlier, ...)
+CVE-2018-1999044
 	- jenkins <removed>
-CVE-2018-1999043 (A denial of service vulnerability exists in Jenkins 2.137 and earlier, ...)
+CVE-2018-1999043
 	- jenkins <removed>
-CVE-2018-1999042 (A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and ...)
+CVE-2018-1999042
 	- jenkins <removed>
-CVE-2018-15726 (The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a ...)
+CVE-2018-15726
 	NOT-FOR-US: Pulse Secure Desktop
 CVE-2018-15725
 	RESERVED
 CVE-2018-15724
 	RESERVED
-CVE-2018-15723 (The Logitech Harmony Hub before version 4.15.206 is vulnerable to ...)
+CVE-2018-15723
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15722 (The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS ...)
+CVE-2018-15722
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15721 (The XMPP server in Logitech Harmony Hub before version 4.15.206 is ...)
+CVE-2018-15721
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15720 (Logitech Harmony Hub before version 4.15.206 contained two hard-coded ...)
+CVE-2018-15720
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15719 (Open Dental before version 18.4 installs a mysql database and uses the ...)
+CVE-2018-15719
 	NOT-FOR-US: Open Dental
-CVE-2018-15718 (Open Dental before version 18.4 transmits the entire user database ...)
+CVE-2018-15718
 	NOT-FOR-US: Open Dental
-CVE-2018-15717 (Open Dental before version 18.4 stores user passwords as base64 ...)
+CVE-2018-15717
 	NOT-FOR-US: Open Dental
-CVE-2018-15716 (NUUO NVRMini2 version 3.9.1 is vulnerable to ...)
+CVE-2018-15716
 	NOT-FOR-US: NUUO NVRMini2
-CVE-2018-15715 (Zoom clients on Windows (before version 4.1.34814.1119), Mac OS ...)
+CVE-2018-15715
 	NOT-FOR-US: Zoom
-CVE-2018-15714 (Nagios XI 5.5.6 allows reflected cross site scripting from remote ...)
+CVE-2018-15714
 	NOT-FOR-US: Nagios XI
-CVE-2018-15713 (Nagios XI 5.5.6 allows persistent cross site scripting from remote ...)
+CVE-2018-15713
 	NOT-FOR-US: Nagios XI
-CVE-2018-15712 (Nagios XI 5.5.6 allows reflected cross site scripting from remote ...)
+CVE-2018-15712
 	NOT-FOR-US: Nagios XI
-CVE-2018-15711 (Nagios XI 5.5.6 allows remote authenticated attackers to reset and ...)
+CVE-2018-15711
 	NOT-FOR-US: Nagios XI
-CVE-2018-15710 (Nagios XI 5.5.6 allows local authenticated attackers to escalate ...)
+CVE-2018-15710
 	NOT-FOR-US: Nagios XI
-CVE-2018-15709 (Nagios XI 5.5.6 allows remote authenticated attackers to execute ...)
+CVE-2018-15709
 	NOT-FOR-US: Nagios XI
-CVE-2018-15708 (Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers ...)
+CVE-2018-15708
 	NOT-FOR-US: Nagios XI
-CVE-2018-15707 (Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site ...)
+CVE-2018-15707
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15706 (WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote ...)
+CVE-2018-15706
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15705 (WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote ...)
+CVE-2018-15705
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15704 (Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer ...)
+CVE-2018-15704
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15703 (Advantech WebAccess 8.3.2 and below is vulnerable to multiple ...)
+CVE-2018-15703
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15702 (The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is ...)
+CVE-2018-15702
 	NOT-FOR-US: TP-Link
-CVE-2018-15701 (The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is ...)
+CVE-2018-15701
 	NOT-FOR-US: TP-Link
-CVE-2018-15700 (The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is ...)
+CVE-2018-15700
 	NOT-FOR-US: TP-Link
-CVE-2018-15699 (ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a ...)
+CVE-2018-15699
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15698 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote ...)
+CVE-2018-15698
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15697 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote ...)
+CVE-2018-15697
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15696 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote ...)
+CVE-2018-15696
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15695 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote ...)
+CVE-2018-15695
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15694 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote ...)
+CVE-2018-15694
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15693 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows ...)
+CVE-2018-15693
 	NOT-FOR-US: Inova Partner
-CVE-2018-15692 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows ...)
+CVE-2018-15692
 	NOT-FOR-US: Inova Partner
-CVE-2018-15691 (Insecure deserialization of a specially crafted serialized object, in ...)
+CVE-2018-15691
 	NOT-FOR-US: CA Release Automation
 CVE-2018-15690
 	REJECTED
 CVE-2018-15689
 	REJECTED
-CVE-2018-15688 (A buffer overflow vulnerability in the dhcp6 client of systemd allows ...)
+CVE-2018-15688
 	{DLA-1580-1}
 	- network-manager 1.14.4-2
 	[stretch] - network-manager 1.6.2-3+deb9u2
@@ -13655,14 +13647,14 @@ CVE-2018-15688 (A buffer overflow vulnerability in the dhcp6 client of systemd a
 	NOTE: https://github.com/systemd/systemd/commit/49653743f69658aeeebdb14faf1ab158f1f2cb20
 	NOTE: systemd-networkd not enabled by default in Debian
 	NOTE: NetworkManager: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=01ca2053bbea09f35b958c8cc7631e15469acb79
-CVE-2018-15687 (A race condition in chown_one() of systemd allows an attacker to cause ...)
+CVE-2018-15687
 	- systemd 239-11 (bug #912007)
 	[stretch] - systemd <not-affected> (Vulnerable code introduced later in v235)
 	[jessie] - systemd <not-affected> (Vulnerable code introduced later in v235)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1689
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796692
 	NOTE: https://github.com/systemd/systemd/pull/10517
-CVE-2018-15686 (A vulnerability in unit_deserialize of systemd allows an attacker to ...)
+CVE-2018-15686
 	{DLA-1580-1}
 	- systemd 239-12 (bug #912005)
 	[stretch] - systemd <no-dsa> (Minor issue)
@@ -13670,25 +13662,25 @@ CVE-2018-15686 (A vulnerability in unit_deserialize of systemd allows an attacke
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402
 	NOTE: https://github.com/systemd/systemd/pull/10519
 	NOTE: https://github.com/systemd/systemd/commit/9f1c81d80a435d15ca1bd536a6d043c18c81c047
-CVE-2018-15685 (GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain ...)
+CVE-2018-15685
 	- electron <itp> (bug #842420)
-CVE-2018-15684 (An issue was discovered in BTITeam XBTIT. PHP error logs are stored in ...)
+CVE-2018-15684
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15683 (An issue was discovered in BTITeam XBTIT. The &quot;returnto&quot; parameter of ...)
+CVE-2018-15683
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15682 (An issue was discovered in BTITeam XBTIT. Due to a lack of cross-site ...)
+CVE-2018-15682
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15681 (An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, ...)
+CVE-2018-15681
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15680 (An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords ...)
+CVE-2018-15680
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15679 (An issue was discovered in BTITeam XBTIT 2.5.4. The &quot;keywords&quot; ...)
+CVE-2018-15679
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15678 (An issue was discovered in BTITeam XBTIT 2.5.4. The &quot;act&quot; parameter in ...)
+CVE-2018-15678
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15677 (The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has ...)
+CVE-2018-15677
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15676 (An issue was discovered in BTITeam XBTIT. By using String.replace and ...)
+CVE-2018-15676
 	NOT-FOR-US: BTITeam XBTIT
 CVE-2018-15675
 	RESERVED
@@ -13698,16 +13690,16 @@ CVE-2018-15673
 	RESERVED
 CVE-2018-15672
 	REJECTED
-CVE-2018-15671 (An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack ...)
+CVE-2018-15671
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5#stack-overflow---stackoverflow_h5p__get_cb
-CVE-2018-15670 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary ...)
+CVE-2018-15670
 	NOT-FOR-US: Bloop Airmail
-CVE-2018-15669 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary ...)
+CVE-2018-15669
 	NOT-FOR-US: Bloop Airmail
-CVE-2018-15668 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The &quot;send&quot; ...)
+CVE-2018-15668
 	NOT-FOR-US: Bloop Airmail
-CVE-2018-15667 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It ...)
+CVE-2018-15667
 	NOT-FOR-US: Bloop Airmail
 CVE-2018-15666
 	RESERVED
@@ -13719,19 +13711,19 @@ CVE-2018-15663
 	RESERVED
 CVE-2018-15662
 	RESERVED
-CVE-2018-15661 (** DISPUTED ** An issue was discovered in the Ola Money (aka ...)
+CVE-2018-15661
 	NOT-FOR-US: Ola Money application for Android
-CVE-2018-15660 (** DISPUTED ** An issue was discovered in the Ola Money (aka ...)
+CVE-2018-15660
 	NOT-FOR-US: Ola Money application for Android
-CVE-2018-15659 (An issue was discovered in 42Gears SureMDM before 2018-11-27, related ...)
+CVE-2018-15659
 	NOT-FOR-US: 42Gears
-CVE-2018-15658 (An issue was discovered in 42Gears SureMDM before 2018-11-27. By ...)
+CVE-2018-15658
 	NOT-FOR-US: 42Gears
-CVE-2018-15657 (An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via ...)
+CVE-2018-15657
 	NOT-FOR-US: 42Gears
-CVE-2018-15656 (An issue was discovered in the registration API endpoint in 42Gears ...)
+CVE-2018-15656
 	NOT-FOR-US: 42Gears
-CVE-2018-15655 (An issue was discovered in 42Gears SureMDM before 2018-11-27, related ...)
+CVE-2018-15655
 	NOT-FOR-US: 42Gears
 CVE-2018-15654
 	RESERVED
@@ -13807,34 +13799,34 @@ CVE-2018-15619
 	REJECTED
 CVE-2018-15618
 	REJECTED
-CVE-2018-15617 (A vulnerability in the &quot;capro&quot; (Call Processor) process component of ...)
+CVE-2018-15617
 	NOT-FOR-US: Avaya
-CVE-2018-15616 (A vulnerability in the Web UI component of Avaya Aura System Platform ...)
+CVE-2018-15616
 	NOT-FOR-US: Avaya Aura System Platform
-CVE-2018-15615 (A vulnerability in the Supervisor component of Avaya Call Management ...)
+CVE-2018-15615
 	NOT-FOR-US: Avaya
-CVE-2018-15614 (A vulnerability in the one-x Portal component of IP Office could allow ...)
+CVE-2018-15614
 	NOT-FOR-US: IP Office
-CVE-2018-15613 (A cross-site scripting (XSS) vulnerability in the Runtime Config ...)
+CVE-2018-15613
 	NOT-FOR-US: Avaya
-CVE-2018-15612 (A CSRF vulnerability in the Runtime Config component of Avaya Aura ...)
+CVE-2018-15612
 	NOT-FOR-US: Avaya
-CVE-2018-15611 (A vulnerability in the local system administration component of Avaya ...)
+CVE-2018-15611
 	NOT-FOR-US: Avaya Aura Communication Manager
-CVE-2018-15610 (A vulnerability in the one-X Portal component of Avaya IP Office ...)
+CVE-2018-15610
 	NOT-FOR-US: Avaya
 CVE-2018-15609
 	RESERVED
-CVE-2018-15608 (Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the ...)
+CVE-2018-15608
 	NOT-FOR-US: Zoho ManageEngine ADManager Plus
-CVE-2018-15607 (In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 ...)
+CVE-2018-15607
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1255
 	NOTE: This is mitigated by the default policies, if anyone modifies those they need
 	NOTE: be tuned to the deployment's memory buildout
-CVE-2018-15606 (An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 ...)
+CVE-2018-15606
 	NOT-FOR-US: SuiteCRM
-CVE-2018-15605 (An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site ...)
+CVE-2018-15605
 	- phpmyadmin <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-5/
 	NOTE: Introduced by: https://github.com/phpmyadmin/phpmyadmin/commit/9404287ac09415b627b6fa68c7d04a13f7ef41e2
@@ -13846,55 +13838,55 @@ CVE-2018-XXXX [security issue with the PASS command and duplicate server instanc
 	NOTE: partial fix: https://github.com/charybdis-ircd/charybdis/commit/d4b2529a61fb48ebcd54bc0fcc6f400f97bfe251
 CVE-2018-15604
 	RESERVED
-CVE-2018-15603 (An issue was discovered in Victor CMS through 2018-05-10. There is XSS ...)
+CVE-2018-15603
 	NOT-FOR-US: Victor CMS
-CVE-2018-15602 (Zyxel VMG3312 B10B devices are affected by a persistent XSS ...)
+CVE-2018-15602
 	NOT-FOR-US: Zyxel
-CVE-2018-15601 (apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs ...)
+CVE-2018-15601
 	NOT-FOR-US: Elefant CMS
 CVE-2018-15600
 	RESERVED
-CVE-2018-15599 (The recv_msg_userauth_request function in svr-auth.c in Dropbear ...)
+CVE-2018-15599
 	{DLA-1476-1}
 	- dropbear 2018.76-4 (bug #906890)
 	[stretch] - dropbear 2016.74-5+deb9u1
 	NOTE: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00
-CVE-2018-15598 (Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the ...)
+CVE-2018-15598
 	NOT-FOR-US: Traefik
 CVE-2018-15597
 	RESERVED
-CVE-2018-15596 (An issue was discovered in inc/class_feedgeneration.php in MyBB ...)
+CVE-2018-15596
 	NOT-FOR-US: MyBB
-CVE-2018-1000226 (Cobbler version Verified as present in Cobbler versions 2.6.11+, but ...)
+CVE-2018-1000226
 	- cobbler <removed>
-CVE-2018-1000225 (Cobbler version Verified as present in Cobbler versions 2.6.11+, but ...)
+CVE-2018-1000225
 	- cobbler <removed>
-CVE-2018-1000224 (Godot Engine version All versions prior to 2.1.5, all 3.0 versions ...)
+CVE-2018-1000224
 	NOT-FOR-US: Godot
-CVE-2018-1000222 (Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability ...)
+CVE-2018-1000222
 	{DLA-1651-1}
 	- libgd2 2.2.5-4.1 (low; bug #906886)
 	[stretch] - libgd2 2.2.4-2+deb9u3
 	NOTE: https://github.com/libgd/libgd/issues/447
 	NOTE: https://github.com/libgd/libgd/commit/ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5
-CVE-2018-1000221 (pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow ...)
+CVE-2018-1000221
 	- pkgconf <not-affected> (Vulnerable code introduced post 1.5.0)
 	NOTE: Fixed by: https://github.com/pkgconf/pkgconf/commit/9b7affe0b1e6512c6c73d19e1220c94fdb5c8159
 	NOTE: Introduced by: https://github.com/pkgconf/pkgconf/commit/b46bb93cd1fe221dc4d6ff5e3ce99feda4ea31f1
 CVE-2018-1000220
 	REJECTED
-CVE-2018-1000219 (OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000219
 	NOT-FOR-US: OpenEMR
-CVE-2018-1000218 (OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000218
 	NOT-FOR-US: OpenEMR
-CVE-2018-1000217 (Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use ...)
+CVE-2018-1000217
 	- cjson <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/DaveGamble/cJSON/issues/248
-CVE-2018-1000216 (Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double ...)
+CVE-2018-1000216
 	- cjson <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/DaveGamble/cJSON/issues/241
-CVE-2018-1000215 (Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 ...)
+CVE-2018-1000215
 	- cjson 1.7.7-1
 	NOTE: https://github.com/DaveGamble/cJSON/issues/267
 CVE-2018-1000214
@@ -13905,19 +13897,19 @@ CVE-2018-1000212
 	REJECTED
 CVE-2018-15595
 	RESERVED
-CVE-2018-15593 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 ...)
+CVE-2018-15593
 	NOT-FOR-US: Ivanti Workspace Control
-CVE-2018-15592 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 ...)
+CVE-2018-15592
 	NOT-FOR-US: Ivanti Workspace Control
-CVE-2018-15591 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 ...)
+CVE-2018-15591
 	NOT-FOR-US: Ivanti Workspace Control
-CVE-2018-15590 (An issue was discovered in Ivanti Workspace Control before 10.3.0.0 ...)
+CVE-2018-15590
 	NOT-FOR-US: Ivanti Workspace Control
 CVE-2018-15589
 	RESERVED
-CVE-2018-15588 (MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a ...)
+CVE-2018-15588
 	NOT-FOR-US: MailMate
-CVE-2018-15587 (GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being ...)
+CVE-2018-15587
 	- evolution <unfixed> (bug #924616)
 	- evolution-data-server <unfixed>
 	NOTE: https://gitlab.gnome.org/GNOME/evolution/issues/120
@@ -13929,73 +13921,73 @@ CVE-2018-15587 (GNOME Evolution through 3.28.2 is prone to OpenPGP signatures be
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/93306a296c64b48d12c356804f131048643eaa0a (evolution-data-server)
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/accb0e2415681565e4dac00cf1c4303c313ad29e (evolution-data-server)
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/5cd59aee67450e8750eb3cb2d357d0947f199f61 (evolution-data-server)
-CVE-2018-15586 (Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed ...)
+CVE-2018-15586
 	- enigmail 2:2.0.6.1-2
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
 	NOTE: https://sourceforge.net/p/enigmail/bugs/849/
-CVE-2018-1000657 (Rust Programming Language Rust standard library version Commit ...)
+CVE-2018-1000657
 	- rustc 1.22.1+dfsg1-1 (bug #906585)
 	NOTE: Introduced by: https://github.com/rust-lang/rust/commit/bfa0e1f58acf1c28d500c34ed258f09ae021893e (1.3.0)
 	NOTE: Fixed by: https://github.com/rust-lang/rust/commit/f71b37bc28326e272a37b938e835d4f99113eec2 (1.22.0)
 	NOTE: https://github.com/rust-lang/rust/issues/44800
-CVE-2018-1000656 (The Pallets Project flask version Before 0.12.3 contains a CWE-20: ...)
+CVE-2018-1000656
 	- flask 1.0.2-1
 	[stretch] - flask <no-dsa> (Minor issue)
 	[jessie] - flask <no-dsa> (Minor issue)
 	NOTE: https://github.com/pallets/flask/pull/2691
-CVE-2018-1000655 (Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference ...)
+CVE-2018-1000655
 	NOT-FOR-US: Jsish
-CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 ...)
+CVE-2018-1000654
 	- libtasn1-6 <unfixed> (unimportant; bug #906768)
 	- libtasn1-3 <removed>
 	NOTE: https://gitlab.com/gnutls/libtasn1/issues/4
 	NOTE: No security impact, does not affect libtasn, but only the asn1Parser from
 	NOTE: libtasn1-bin
-CVE-2018-1000653 (zzcms version 8.3 and earlier contains a SQL Injection vulnerability ...)
+CVE-2018-1000653
 	NOT-FOR-US: zzcms
-CVE-2018-1000652 (JabRef version &lt;=4.3.1 contains a XML External Entity (XXE) ...)
+CVE-2018-1000652
 	- jabref 3.8.2+ds-12 (low; bug #921772)
 	[stretch] - jabref <no-dsa> (Minor issue)
 	[jessie] - jabref <no-dsa> (Minor issue)
 	NOTE: https://github.com/JabRef/jabref/issues/4229
 	NOTE: https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e
-CVE-2018-1000651 (Stroom version &lt;5.4.5 contains a XML External Entity (XXE) ...)
+CVE-2018-1000651
 	NOT-FOR-US: Stroom
-CVE-2018-1000650 (LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection ...)
+CVE-2018-1000650
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000649 (LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated ...)
+CVE-2018-1000649
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000648 (LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated ...)
+CVE-2018-1000648
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000647 (LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated ...)
+CVE-2018-1000647
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000646 (LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated ...)
+CVE-2018-1000646
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000645 (LibreHealthIO lh-ehr version &lt;REL-2.0.0 contains an Authenticated ...)
+CVE-2018-1000645
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000644 (Eclipse RDF4j version &lt; 2.4.0 Milestone 2 contains a XML External ...)
+CVE-2018-1000644
 	NOT-FOR-US: Eclipse RDF4j
-CVE-2018-1000643 (OWASP OWASP ANTISAMY version 1.5.7 and earlier contains a Cross Site ...)
+CVE-2018-1000643
 	NOT-FOR-US: OWASP OWASP ANTISAMY
-CVE-2018-1000642 (FlightAirMap version &lt;=v1.0-beta.21 contains a Cross Site Scripting ...)
+CVE-2018-1000642
 	NOT-FOR-US: FlightAirMap
-CVE-2018-1000641 (YesWiki version &lt;= cercopitheque beta 1 contains a PHP Object ...)
+CVE-2018-1000641
 	NOT-FOR-US: YesWiki
-CVE-2018-1000640 (OpenCart-Overclocked version &lt;=1.11.1 contains a Cross Site Scripting ...)
+CVE-2018-1000640
 	NOT-FOR-US: OpenCart-Overclocked
-CVE-2018-1000639 (LatexDraw version &lt;=4.0 contains a XML External Entity (XXE) ...)
+CVE-2018-1000639
 	NOT-FOR-US: LatexDraw
-CVE-2018-1000638 (MiniCMS version 1.1 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000638
 	NOT-FOR-US: MiniCMS
-CVE-2018-1000636 (JerryScript version Tested on commit ...)
+CVE-2018-1000636
 	NOT-FOR-US: JerryScript
-CVE-2018-1000635 (The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 ...)
+CVE-2018-1000635
 	NOT-FOR-US: Open Microscopy Environment
-CVE-2018-1000634 (The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 ...)
+CVE-2018-1000634
 	NOT-FOR-US: Open Microscopy Environment
-CVE-2018-1000633 (The Open Microscopy Environment OMERO.web version prior to 5.4.7 ...)
+CVE-2018-1000633
 	NOT-FOR-US: Open Microscopy Environment
-CVE-2018-1000632 (dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection ...)
+CVE-2018-1000632
 	{DLA-1517-1}
 	- dom4j 2.1.1-1 (low)
 	[stretch] - dom4j 1.6.1+dfsg.3-2+deb9u1
@@ -14019,51 +14011,51 @@ CVE-2018-15578
 	RESERVED
 CVE-2018-15577
 	RESERVED
-CVE-2018-15576 (An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php ...)
+CVE-2018-15576
 	NOT-FOR-US: EasyLogin Pro
 CVE-2018-15575
 	RESERVED
-CVE-2018-15574 (** DISPUTED ** An issue was discovered in the license editor in Reprise ...)
+CVE-2018-15574
 	NOT-FOR-US: Reprise License Manager
-CVE-2018-15573 (** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) ...)
+CVE-2018-15573
 	NOT-FOR-US: Reprise License Manager
-CVE-2018-15594 (arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles ...)
+CVE-2018-15594
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
 	NOTE: https://twitter.com/grsecurity/status/1029324426142199808
 	NOTE: https://git.kernel.org/linus/5800dc5c19f34e6e03b5adab1282535cb102fafd
-CVE-2018-15572 (The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c ...)
+CVE-2018-15572
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
 	NOTE: https://git.kernel.org/linus/fdf82a7856b32d905c39afc85e34364491e46346
-CVE-2018-15571 (The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV ...)
+CVE-2018-15571
 	NOT-FOR-US: Export Users to CSV plugin for WordPress
-CVE-2018-15570 (In waimai Super Cms 20150505, there is stored XSS via the ...)
+CVE-2018-15570
 	NOT-FOR-US: waimai Super Cms
-CVE-2018-15569 (my little forum 2.4.12 allows CSRF for deletion of users. ...)
+CVE-2018-15569
 	NOT-FOR-US: my little forum
-CVE-2018-15568 (tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html. ...)
+CVE-2018-15568
 	NOT-FOR-US: tp5cms
-CVE-2018-15567 (CMSUno before 1.5.3 has XSS via the title field. ...)
+CVE-2018-15567
 	NOT-FOR-US: CMSUno
-CVE-2018-15566 (tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html ...)
+CVE-2018-15566
 	NOT-FOR-US: tp5cms
-CVE-2018-15565 (An issue was discovered in daveismyname simple-cms through 2014-03-11. ...)
+CVE-2018-15565
 	NOT-FOR-US: simple-cms
-CVE-2018-15564 (An issue was discovered in daveismyname simple-cms through 2014-03-11. ...)
+CVE-2018-15564
 	NOT-FOR-US: simple-cms
-CVE-2018-15563 (_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] ...)
+CVE-2018-15563
 	NOT-FOR-US: Subrion CMS
-CVE-2018-15562 (CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or ...)
+CVE-2018-15562
 	NOT-FOR-US: CMS ISWEB
 CVE-2018-15561
 	RESERVED
-CVE-2018-15560 (PyCryptodome before 3.6.6 has an integer overflow in the data_len ...)
+CVE-2018-15560
 	- pycryptodome <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Legrandin/pycryptodome/issues/198
 	NOTE: Introduced by: https://github.com/Legrandin/pycryptodome/commit/e1c7272f732abf3f2e2ea1326444ccbd339d17f2 (3.6.2)
 	NOTE: Fixed by: https://github.com/Legrandin/pycryptodome/commit/d1739c62b9b845f8a5b342de08d6bf6e2722d247 (3.6.6)
-CVE-2018-15559 (The editor in Xiuno BBS 4.0.4 allows stored XSS. ...)
+CVE-2018-15559
 	NOT-FOR-US: Xiuno BBS
 CVE-2018-15558
 	RESERVED
@@ -14075,9 +14067,9 @@ CVE-2018-15555
 	RESERVED
 CVE-2018-15554
 	RESERVED
-CVE-2018-15553 (fileshare.cmd on Telus Actiontec T2200H T2200H-31.128L.03 devices ...)
+CVE-2018-15553
 	NOT-FOR-US: Telus
-CVE-2018-15552 (The &quot;PayWinner&quot; function of a simplelottery smart contract ...)
+CVE-2018-15552
 	NOT-FOR-US: simplelottery smart contract implementation for The Ethereum Lottery
 CVE-2018-15551
 	RESERVED
@@ -14089,44 +14081,44 @@ CVE-2018-15548
 	RESERVED
 CVE-2018-15547
 	RESERVED
-CVE-2018-15546 (Accusoft PrizmDoc version 13.3 and earlier contains a Stored ...)
+CVE-2018-15546
 	NOT-FOR-US: Accusoft PrizmDoc
 CVE-2018-15545
 	RESERVED
 CVE-2018-15544
 	RESERVED
-CVE-2018-15543 (** DISPUTED ** An issue was discovered in the org.telegram.messenger ...)
+CVE-2018-15543
 	NOT-FOR-US:  org.telegram.messenger for Android
-CVE-2018-15542 (** DISPUTED ** An issue was discovered in the org.telegram.messenger ...)
+CVE-2018-15542
 	NOT-FOR-US:  org.telegram.messenger for Android
 CVE-2018-15541
 	RESERVED
-CVE-2018-15540 (Agentejo Cockpit performs actions on files without appropriate ...)
+CVE-2018-15540
 	NOT-FOR-US: Agentejo Cockpit
-CVE-2018-15539 (Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an ...)
+CVE-2018-15539
 	NOT-FOR-US: Agentejo Cockpit
-CVE-2018-15538 (Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities. ...)
+CVE-2018-15538
 	NOT-FOR-US: Agentejo Cockpit
-CVE-2018-15537 (Unrestricted file upload (with remote code execution) in OCS Inventory ...)
+CVE-2018-15537
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-15536 (/filemanager/ajax_calls.php in tecrail Responsive FileManager before ...)
+CVE-2018-15536
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-15535 (/filemanager/ajax_calls.php in tecrail Responsive FileManager before ...)
+CVE-2018-15535
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-15534 (Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of ...)
+CVE-2018-15534
 	NOT-FOR-US: Geutebrueck
-CVE-2018-15533 (A reflected cross-site scripting vulnerability exists in Geutebrueck ...)
+CVE-2018-15533
 	NOT-FOR-US: Geutebrueck
 CVE-2018-15532
-	RESERVED
-CVE-2018-15531 (JavaMelody before 1.74.0 has XXE via parseSoapMethodName in ...)
+	TODO: check
+CVE-2018-15531
 	NOT-FOR-US: JavaMelody
 CVE-2018-15530
 	RESERVED
-CVE-2018-15529 (A command injection vulnerability in maintenance.cgi in Mutiny ...)
+CVE-2018-15529
 	NOT-FOR-US: Mutiny appliance
-CVE-2018-15528 (Reflected Cross-Site Scripting exists in the Java System Solutions SSO ...)
+CVE-2018-15528
 	NOT-FOR-US: Java System Solutions SSO plugin
 CVE-2018-15527
 	RESERVED
@@ -14146,19 +14138,19 @@ CVE-2018-15520
 	RESERVED
 CVE-2018-15519
 	RESERVED
-CVE-2018-15518 (QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption ...)
+CVE-2018-15518
 	{DSA-4374-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2
 	NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
 	NOTE: https://codereview.qt-project.org/#/c/236691/
-CVE-2018-15517 (The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 ...)
+CVE-2018-15517
 	NOT-FOR-US: D-Link
-CVE-2018-15516 (The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 ...)
+CVE-2018-15516
 	NOT-FOR-US: D-Link
-CVE-2018-15515 (The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 ...)
+CVE-2018-15515
 	NOT-FOR-US: D-Link
-CVE-2018-15514 (HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 ...)
+CVE-2018-15514
 	NOT-FOR-US: Docker for Windows
 CVE-2018-15513
 	RESERVED
@@ -14168,23 +14160,23 @@ CVE-2018-15511
 	RESERVED
 CVE-2018-15510
 	RESERVED
-CVE-2018-15509 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 ...)
+CVE-2018-15509
 	NOT-FOR-US: Five9 Agent Desktop Plus
-CVE-2018-15508 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing ...)
+CVE-2018-15508
 	NOT-FOR-US: Five9 Agent Desktop Plus
 CVE-2018-15507
 	RESERVED
 CVE-2018-15506
 	RESERVED
-CVE-2018-15505 (An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb ...)
+CVE-2018-15505
 	NOT-FOR-US: Embedthis GoAhead
-CVE-2018-15504 (An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb ...)
+CVE-2018-15504
 	NOT-FOR-US: Embedthis GoAhead
-CVE-2018-15503 (The unpack implementation in Swoole version 4.0.4 lacks correct size ...)
+CVE-2018-15503
 	NOT-FOR-US: Swoole
-CVE-2018-15502 (Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 ...)
+CVE-2018-15502
 	NOT-FOR-US: Lone Wolf Technologies loadingDOCS
-CVE-2018-15501 (In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x ...)
+CVE-2018-15501
 	{DLA-1477-1}
 	- libgit2 0.27.4+dfsg.1-0.1 (low)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
@@ -14192,27 +14184,27 @@ CVE-2018-15501 (In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and
 	NOTE: https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649
 CVE-2018-15500
 	RESERVED
-CVE-2018-15499 (GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow ...)
+CVE-2018-15499
 	NOT-FOR-US: GEAR Software
 CVE-2018-15498
 	RESERVED
-CVE-2018-15497 (The Mitel MiVoice 5330e VoIP device is affected by memory corruption ...)
+CVE-2018-15497
 	NOT-FOR-US: Mitel
 CVE-2018-15496
 	RESERVED
-CVE-2018-15495 (/filemanager/upload.php in Responsive FileManager before 9.13.3 allows ...)
+CVE-2018-15495
 	NOT-FOR-US: Responsive FileManager
-CVE-2018-15494 (In Dojo Toolkit before 1.14, there is unescaped string injection in ...)
+CVE-2018-15494
 	{DLA-1492-1}
 	- dojo 1.14.1+dfsg1-1 (bug #906540)
 	NOTE: https://github.com/dojo/dojox/pull/283
-CVE-2018-15493 (vBulletin 5.4.3 has an Open Redirect. ...)
+CVE-2018-15493
 	NOT-FOR-US: vBulletin
-CVE-2018-15492 (A vulnerability in the lservnt.exe component of Sentinel License ...)
+CVE-2018-15492
 	NOT-FOR-US: Sentinel License Manager
-CVE-2018-15491 (A vulnerability in the permission and encryption implementation of ...)
+CVE-2018-15491
 	NOT-FOR-US: Zemana Anti-Logger
-CVE-2018-15490 (An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe ...)
+CVE-2018-15490
 	NOT-FOR-US: ExpressVPN
 CVE-2018-15489
 	RESERVED
@@ -14220,278 +14212,278 @@ CVE-2018-15488
 	RESERVED
 CVE-2018-15487
 	RESERVED
-CVE-2018-15486 (An issue was discovered on KONE Group Controller (KGC) devices before ...)
+CVE-2018-15486
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15485 (An issue was discovered on KONE Group Controller (KGC) devices before ...)
+CVE-2018-15485
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15484 (An issue was discovered on KONE Group Controller (KGC) devices before ...)
+CVE-2018-15484
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15483 (An issue was discovered on KONE Group Controller (KGC) devices before ...)
+CVE-2018-15483
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15482 (Certain LG devices based on Android 6.0 through 8.1 have incorrect ...)
+CVE-2018-15482
 	NOT-FOR-US: LG devices specific issue
-CVE-2018-15481 (Improper input sanitization within the restricted administration shell ...)
+CVE-2018-15481
 	NOT-FOR-US: UCOPIA
-CVE-2018-15480 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
+CVE-2018-15480
 	NOT-FOR-US: myStrom
-CVE-2018-15479 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
+CVE-2018-15479
 	NOT-FOR-US: myStrom
-CVE-2018-15478 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
+CVE-2018-15478
 	NOT-FOR-US: myStrom
-CVE-2018-15477 (myStrom WiFi Switch V1 devices before 2.66 did not sanitize a ...)
+CVE-2018-15477
 	NOT-FOR-US: myStrom
-CVE-2018-15476 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
+CVE-2018-15476
 	NOT-FOR-US: myStrom
 CVE-2018-15475
 	RESERVED
-CVE-2018-15474 (** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula ...)
+CVE-2018-15474
 	NOTE: Dokuwiki non-issue
 CVE-2018-15472 [Diff formatter DoS in Sidekiq jobs]
 	RESERVED
 	[experimental] - gitlab 11.1.8+dfsg-1
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
-CVE-2018-15467 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-15467
 	NOT-FOR-US: Cisco
-CVE-2018-15466 (A vulnerability in the Graphite web interface of the Policy and ...)
+CVE-2018-15466
 	NOT-FOR-US: Cisco
-CVE-2018-15465 (A vulnerability in the authorization subsystem of Cisco Adaptive ...)
+CVE-2018-15465
 	NOT-FOR-US: Cisco
-CVE-2018-15464 (A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) ...)
+CVE-2018-15464
 	NOT-FOR-US: Cisco
-CVE-2018-15463 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-15463
 	NOT-FOR-US: Cisco
 CVE-2018-15462
 	RESERVED
-CVE-2018-15461 (A vulnerability in the MyWebex component of Cisco Webex Business Suite ...)
+CVE-2018-15461
 	NOT-FOR-US: Cisco
-CVE-2018-15460 (A vulnerability in the email message filtering feature of Cisco ...)
+CVE-2018-15460
 	NOT-FOR-US: Cisco
-CVE-2018-15459 (A vulnerability in the administrative web interface of Cisco Identity ...)
+CVE-2018-15459
 	NOT-FOR-US: Cisco
-CVE-2018-15458 (A vulnerability in the Shell Access Filter feature of Cisco Firepower ...)
+CVE-2018-15458
 	NOT-FOR-US: Cisco
-CVE-2018-15457 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2018-15457
 	NOT-FOR-US: Cisco
-CVE-2018-15456 (A vulnerability in the Admin Portal of Cisco Identity Services Engine ...)
+CVE-2018-15456
 	NOT-FOR-US: Cisco
-CVE-2018-15455 (A vulnerability in the logging component of Cisco Identity Services ...)
+CVE-2018-15455
 	NOT-FOR-US: Cisco
-CVE-2018-15454 (A vulnerability in the Session Initiation Protocol (SIP) inspection ...)
+CVE-2018-15454
 	NOT-FOR-US: Cisco
-CVE-2018-15453 (A vulnerability in the Secure/Multipurpose Internet Mail Extensions ...)
+CVE-2018-15453
 	NOT-FOR-US: Cisco
-CVE-2018-15452 (A vulnerability in the DLL loading component of Cisco Advanced Malware ...)
+CVE-2018-15452
 	NOT-FOR-US: Cisco
-CVE-2018-15451 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2018-15451
 	NOT-FOR-US: Cisco
-CVE-2018-15450 (A vulnerability in the web-based UI of Cisco Prime Collaboration ...)
+CVE-2018-15450
 	NOT-FOR-US: Cisco
-CVE-2018-15449 (A vulnerability in the web-based management interface of Cisco Video ...)
+CVE-2018-15449
 	NOT-FOR-US: Cisco
-CVE-2018-15448 (A vulnerability in the user management functions of Cisco Registered ...)
+CVE-2018-15448
 	NOT-FOR-US: Cisco
-CVE-2018-15447 (A vulnerability in the web framework code of Cisco Integrated ...)
+CVE-2018-15447
 	NOT-FOR-US: Cisco
-CVE-2018-15446 (A vulnerability in Cisco Meeting Server could allow an ...)
+CVE-2018-15446
 	NOT-FOR-US: Cisco
-CVE-2018-15445 (A vulnerability in the web-based management interface of Cisco Energy ...)
+CVE-2018-15445
 	NOT-FOR-US: Cisco
-CVE-2018-15444 (A vulnerability in the web-based user interface of Cisco Energy ...)
+CVE-2018-15444
 	NOT-FOR-US: Cisco
-CVE-2018-15443 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-15443
 	NOT-FOR-US: Cisco
-CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings Desktop ...)
+CVE-2018-15442
 	NOT-FOR-US: Cisco
-CVE-2018-15441 (A vulnerability in the web framework code of Cisco Prime License ...)
+CVE-2018-15441
 	NOT-FOR-US: Cisco
-CVE-2018-15440 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-15440
 	NOT-FOR-US: Cisco
-CVE-2018-15439 (A vulnerability in the Cisco Small Business Switches software could ...)
+CVE-2018-15439
 	NOT-FOR-US: Cisco
-CVE-2018-15438 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2018-15438
 	NOT-FOR-US: Cisco
-CVE-2018-15437 (A vulnerability in the system scanning component of Cisco Immunet and ...)
+CVE-2018-15437
 	NOT-FOR-US: Cisco
-CVE-2018-15436 (A vulnerability in the web-based management interface of Cisco Webex ...)
+CVE-2018-15436
 	NOT-FOR-US: Cisco
-CVE-2018-15435 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-15435
 	NOT-FOR-US: Cisco
-CVE-2018-15434 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-15434
 	NOT-FOR-US: Cisco
-CVE-2018-15433 (A vulnerability in the server backup function of Cisco Prime ...)
+CVE-2018-15433
 	NOT-FOR-US: Cisco
-CVE-2018-15432 (A vulnerability in the server backup function of Cisco Prime ...)
+CVE-2018-15432
 	NOT-FOR-US: Cisco
-CVE-2018-15431 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15431
 	NOT-FOR-US: Cisco
-CVE-2018-15430 (A vulnerability in the administrative web interface of Cisco ...)
+CVE-2018-15430
 	NOT-FOR-US: Cisco
-CVE-2018-15429 (A vulnerability in the web-based UI of Cisco HyperFlex HX Data ...)
+CVE-2018-15429
 	NOT-FOR-US: Cisco
-CVE-2018-15428 (A vulnerability in the implementation of Border Gateway Protocol (BGP) ...)
+CVE-2018-15428
 	NOT-FOR-US: Cisco
-CVE-2018-15427 (A vulnerability in Cisco Video Surveillance Manager (VSM) Software ...)
+CVE-2018-15427
 	NOT-FOR-US: Cisco
-CVE-2018-15426 (A vulnerability in the web-based interface of Cisco Unity Connection ...)
+CVE-2018-15426
 	NOT-FOR-US: Cisco
-CVE-2018-15425 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-15425
 	NOT-FOR-US: Cisco
-CVE-2018-15424 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-15424
 	NOT-FOR-US: Cisco
-CVE-2018-15423 (A vulnerability in the web UI of Cisco HyperFlex Software could allow ...)
+CVE-2018-15423
 	NOT-FOR-US: Cisco
-CVE-2018-15422 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15422
 	NOT-FOR-US: Cisco
-CVE-2018-15421 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15421
 	NOT-FOR-US: Cisco
-CVE-2018-15420 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15420
 	NOT-FOR-US: Cisco
-CVE-2018-15419 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15419
 	NOT-FOR-US: Cisco
-CVE-2018-15418 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15418
 	NOT-FOR-US: Cisco
-CVE-2018-15417 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15417
 	NOT-FOR-US: Cisco
-CVE-2018-15416 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15416
 	NOT-FOR-US: Cisco
-CVE-2018-15415 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15415
 	NOT-FOR-US: Cisco
-CVE-2018-15414 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15414
 	NOT-FOR-US: Cisco
-CVE-2018-15413 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15413
 	NOT-FOR-US: Cisco
-CVE-2018-15412 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15412
 	NOT-FOR-US: Cisco
-CVE-2018-15411 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15411
 	NOT-FOR-US: Cisco
-CVE-2018-15410 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15410
 	NOT-FOR-US: Cisco
-CVE-2018-15409 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15409
 	NOT-FOR-US: Cisco
-CVE-2018-15408 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2018-15408
 	NOT-FOR-US: Cisco
-CVE-2018-15407 (A vulnerability in the installation process of Cisco HyperFlex ...)
+CVE-2018-15407
 	NOT-FOR-US: Cisco
-CVE-2018-15406 (A vulnerability in the web-based management interface of Cisco UCS ...)
+CVE-2018-15406
 	NOT-FOR-US: Cisco
-CVE-2018-15405 (A vulnerability in the web interface for specific feature sets of ...)
+CVE-2018-15405
 	NOT-FOR-US: Cisco
-CVE-2018-15404 (A vulnerability in the web interface of Cisco Integrated Management ...)
+CVE-2018-15404
 	NOT-FOR-US: Cisco
-CVE-2018-15403 (A vulnerability in the web interface of Cisco Emergency Responder, ...)
+CVE-2018-15403
 	NOT-FOR-US: Cisco
-CVE-2018-15402 (A vulnerability in Cisco Enterprise NFV Infrastructure Software ...)
+CVE-2018-15402
 	NOT-FOR-US: Cisco
-CVE-2018-15401 (A vulnerability in the web-based management interface of Cisco Hosted ...)
+CVE-2018-15401
 	NOT-FOR-US: Cisco
-CVE-2018-15400 (A vulnerability in the web-based management interface of Cisco Cloud ...)
+CVE-2018-15400
 	NOT-FOR-US: Cisco
-CVE-2018-15399 (A vulnerability in the TCP syslog module of Cisco Adaptive Security ...)
+CVE-2018-15399
 	NOT-FOR-US: Cisco
-CVE-2018-15398 (A vulnerability in the per-user-override feature of Cisco Adaptive ...)
+CVE-2018-15398
 	NOT-FOR-US: Cisco
-CVE-2018-15397 (A vulnerability in the implementation of Traffic Flow Confidentiality ...)
+CVE-2018-15397
 	NOT-FOR-US: Cisco
-CVE-2018-15396 (A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity ...)
+CVE-2018-15396
 	NOT-FOR-US: Cisco
-CVE-2018-15395 (A vulnerability in the authentication and authorization checking ...)
+CVE-2018-15395
 	NOT-FOR-US: Cisco
-CVE-2018-15394 (A vulnerability in the Stealthwatch Management Console (SMC) of Cisco ...)
+CVE-2018-15394
 	NOT-FOR-US: Cisco
-CVE-2018-15393 (A vulnerability in the web-based management interface of Cisco Content ...)
+CVE-2018-15393
 	NOT-FOR-US: Cisco
-CVE-2018-15392 (A vulnerability in the DHCP service of Cisco Industrial Network ...)
+CVE-2018-15392
 	NOT-FOR-US: Cisco
-CVE-2018-15391 (A vulnerability in certain IPv4 fragment-processing functions of Cisco ...)
+CVE-2018-15391
 	NOT-FOR-US: Cisco
-CVE-2018-15390 (A vulnerability in the FTP inspection engine of Cisco Firepower Threat ...)
+CVE-2018-15390
 	NOT-FOR-US: Cisco
-CVE-2018-15389 (A vulnerability in the install function of Cisco Prime Collaboration ...)
+CVE-2018-15389
 	NOT-FOR-US: Cisco
 CVE-2018-15388
 	RESERVED
-CVE-2018-15387 (A vulnerability in the Cisco SD-WAN Solution could allow an ...)
+CVE-2018-15387
 	NOT-FOR-US: Cisco
-CVE-2018-15386 (A vulnerability in Cisco Digital Network Architecture (DNA) Center ...)
+CVE-2018-15386
 	NOT-FOR-US: Cisco
 CVE-2018-15385
 	RESERVED
 CVE-2018-15384
 	RESERVED
-CVE-2018-15383 (A vulnerability in the cryptographic hardware accelerator driver of ...)
+CVE-2018-15383
 	NOT-FOR-US: Cisco
-CVE-2018-15382 (A vulnerability in Cisco HyperFlex Software could allow an ...)
+CVE-2018-15382
 	NOT-FOR-US: Cisco
-CVE-2018-15381 (A Java deserialization vulnerability in Cisco Unity Express (CUE) ...)
+CVE-2018-15381
 	NOT-FOR-US: Cisco
-CVE-2018-15380 (A vulnerability in the cluster service manager of Cisco HyperFlex ...)
+CVE-2018-15380
 	NOT-FOR-US: Cisco
-CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime ...)
+CVE-2018-15379
 	NOT-FOR-US: Cisco
-CVE-2018-15378 (A vulnerability in ClamAV versions prior to 0.100.2 could allow an ...)
+CVE-2018-15378
 	{DLA-1553-1}
 	- clamav 0.100.2+dfsg-1 (bug #910430)
 	[stretch] - clamav 0.100.2+dfsg-0+deb9u1
 	NOTE: https://blog.clamav.net/2018/10/clamav-01002-has-been-released.html
 	NOTE: http://lists.clamav.net/pipermail/clamav-announce/2018/000033.html
-CVE-2018-15377 (A vulnerability in the Cisco Network Plug and Play agent, also ...)
+CVE-2018-15377
 	NOT-FOR-US: Cisco
-CVE-2018-15376 (A vulnerability in the embedded test subsystem of Cisco IOS Software ...)
+CVE-2018-15376
 	NOT-FOR-US: Cisco
-CVE-2018-15375 (A vulnerability in the embedded test subsystem of Cisco IOS Software ...)
+CVE-2018-15375
 	NOT-FOR-US: Cisco
-CVE-2018-15374 (A vulnerability in the Image Verification feature of Cisco IOS XE ...)
+CVE-2018-15374
 	NOT-FOR-US: Cisco
-CVE-2018-15373 (A vulnerability in the implementation of Cisco Discovery Protocol ...)
+CVE-2018-15373
 	NOT-FOR-US: Cisco
-CVE-2018-15372 (A vulnerability in the MACsec Key Agreement (MKA) using Extensible ...)
+CVE-2018-15372
 	NOT-FOR-US: Cisco
-CVE-2018-15371 (A vulnerability in the shell access request mechanism of Cisco IOS XE ...)
+CVE-2018-15371
 	NOT-FOR-US: Cisco
-CVE-2018-15370 (A vulnerability in Cisco IOS ROM Monitor (ROMMON) Software for Cisco ...)
+CVE-2018-15370
 	NOT-FOR-US: Cisco
-CVE-2018-15369 (A vulnerability in the TACACS+ client subsystem of Cisco IOS Software ...)
+CVE-2018-15369
 	NOT-FOR-US: Cisco
-CVE-2018-15368 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
+CVE-2018-15368
 	NOT-FOR-US: Cisco
-CVE-2018-15367 (A ctl_set KERedirect Untrusted Pointer Dereference Privilege ...)
+CVE-2018-15367
 	NOT-FOR-US: Trend Micro
-CVE-2018-15366 (A UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation ...)
+CVE-2018-15366
 	NOT-FOR-US: Trend Micro
-CVE-2018-15365 (A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro ...)
+CVE-2018-15365
 	NOT-FOR-US: Trend Micro
-CVE-2018-15364 (A Named Pipe Request Processing Out-of-Bounds Read Information ...)
+CVE-2018-15364
 	NOT-FOR-US: Trend Micro
-CVE-2018-15363 (An Out-of-Bounds Read Privilege Escalation vulnerability in Trend ...)
+CVE-2018-15363
 	NOT-FOR-US: Trend Micro
-CVE-2018-15362 (XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0 ...)
+CVE-2018-15362
 	NOT-FOR-US: GE Proficy Cimplicity GDS
-CVE-2018-15361 (UltraVNC revision 1198 has a buffer underflow vulnerability in VNC ...)
+CVE-2018-15361
 	NOT-FOR-US: UltraVNC
-CVE-2018-15360 (An attacker without authentication can login with default credentials ...)
+CVE-2018-15360
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15359 (An authenticated attacker with low privileges can use insecure sudo ...)
+CVE-2018-15359
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15358 (An authenticated attacker with low privileges can activate high ...)
+CVE-2018-15358
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15357 (An authenticated attacker with low privileges can extract password ...)
+CVE-2018-15357
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15356 (An authenticated attacker can execute arbitrary code using command ...)
+CVE-2018-15356
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15355 (Usage of SSLv2 and SSLv3 leads to transmitted data decryption in ...)
+CVE-2018-15355
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15354 (A Buffer Overflow exploited through web interface by remote attacker ...)
+CVE-2018-15354
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15353 (A Buffer Overflow exploited through web interface by remote attacker ...)
+CVE-2018-15353
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15352 (An attacker with low privileges can cause denial of service in ...)
+CVE-2018-15352
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15351 (Denial of service via crafting malicious link and sending it to a ...)
+CVE-2018-15351
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15350 (Router Default Credentials in Kraftway 24F2XG Router firmware version ...)
+CVE-2018-15350
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15473 (OpenSSH through 7.7 is prone to a user enumeration vulnerability due to ...)
+CVE-2018-15473
 	{DSA-4280-1 DLA-1474-1}
 	- openssh 1:7.7p1-4 (bug #906236)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/15/5
@@ -14526,79 +14518,79 @@ CVE-2018-15337
 	REJECTED
 CVE-2018-15336
 	REJECTED
-CVE-2018-15335 (When APM 13.0.0-13.1.x is deployed as an OAuth Resource Server, APM ...)
+CVE-2018-15335
 	NOT-FOR-US: F5
-CVE-2018-15334 (A cross-site request forgery (CSRF) vulnerability in the APM webtop ...)
+CVE-2018-15334
 	NOT-FOR-US: F5
-CVE-2018-15333 (On versions 11.2.1. and greater, unrestricted Snapshot File Access ...)
+CVE-2018-15333
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15332 (The svpn component of the F5 BIG-IP APM client prior to version ...)
+CVE-2018-15332
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15331 (On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used ...)
+CVE-2018-15331
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15330 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a ...)
+CVE-2018-15330
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15329 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or ...)
+CVE-2018-15329
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15328 (On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, ...)
+CVE-2018-15328
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15327 (In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager ...)
+CVE-2018-15327
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15326 (In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, ...)
+CVE-2018-15326
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15325 (In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage ...)
+CVE-2018-15325
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15324 (On BIG-IP APM 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, TMM may restart when ...)
+CVE-2018-15324
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15323 (On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain ...)
+CVE-2018-15323
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15322 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, ...)
+CVE-2018-15322
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15321 (When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, ...)
+CVE-2018-15321
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15320 (On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic ...)
+CVE-2018-15320
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15319 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, ...)
+CVE-2018-15319
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15318 (In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, ...)
+CVE-2018-15318
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15317 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, ...)
+CVE-2018-15317
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15316 (In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge ...)
+CVE-2018-15316
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15315 (On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected ...)
+CVE-2018-15315
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15314 (On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a ...)
+CVE-2018-15314
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15313 (On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a ...)
+CVE-2018-15313
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15312 (On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected ...)
+CVE-2018-15312
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15311 (When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or ...)
+CVE-2018-15311
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15310 (A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, ...)
+CVE-2018-15310
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-XXXX [libykneomgr memory corruption]
 	- libykneomgr <removed> (low; bug #906138)
 	[stretch] - libykneomgr <no-dsa> (Minor issue)
 	[jessie] - libykneomgr <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-004-libykneomgr/
-CVE-2018-15470 (An issue was discovered in Xen through 4.11.x. The logic in oxenstored ...)
+CVE-2018-15470
 	{DSA-4274-1 DLA-1577-1}
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2 (unimportant)
 	NOTE: https://xenbits.xen.org/xsa/advisory-272.html
-CVE-2018-15471 (An issue was discovered in xenvif_set_hash_mapping in ...)
+CVE-2018-15471
 	{DSA-4313-1 DLA-1715-1}
 	- linux 4.18.10-2
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-270.html
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1607
-CVE-2018-15468 (An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR ...)
+CVE-2018-15468
 	{DSA-4274-1}
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
 	[jessie] - xen <not-affected> (Only affects 4.6 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-269.html
-CVE-2018-15469 (An issue was discovered in Xen through 4.11.x. ARM never properly ...)
+CVE-2018-15469
 	{DSA-4274-1 DLA-1577-1}
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
 	NOTE: https://xenbits.xen.org/xsa/advisory-268.html
@@ -14802,7 +14794,7 @@ CVE-2018-15211
 	RESERVED
 CVE-2018-15210
 	RESERVED
-CVE-2018-15209 (ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows ...)
+CVE-2018-15209
 	{DSA-4349-1}
 	- tiff 4.0.9-5 (bug #905798)
 	[jessie] - tiff <not-affected> (Cannot reproduce with crash file)
@@ -14821,19 +14813,19 @@ CVE-2018-15205
 	RESERVED
 CVE-2018-15204
 	RESERVED
-CVE-2018-15203 (An issue was discovered in Ignited CMS through 2017-02-19. ...)
+CVE-2018-15203
 	NOT-FOR-US: Ignited CMS
-CVE-2018-15202 (An issue was discovered in Juunan06 eCommerce through 2018-08-05. There ...)
+CVE-2018-15202
 	NOT-FOR-US: Juunan06 eCommerce
 CVE-2018-15201
 	RESERVED
 CVE-2018-15200
 	RESERVED
-CVE-2018-15199 (AuraCMS 2.3 allows XSS via a Bukutamu -&gt; AddGuestbook action. ...)
+CVE-2018-15199
 	NOT-FOR-US: AuraCMS
-CVE-2018-15198 (An issue was discovered in OneThink v1.1. There is a CSRF vulnerability ...)
+CVE-2018-15198
 	NOT-FOR-US: OneThink
-CVE-2018-15197 (An issue was discovered in OneThink v1.1. There is a CSRF vulnerability ...)
+CVE-2018-15197
 	NOT-FOR-US: OneThink
 CVE-2018-15196
 	RESERVED
@@ -14841,59 +14833,59 @@ CVE-2018-15195
 	RESERVED
 CVE-2018-15194
 	RESERVED
-CVE-2018-15193 (A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows ...)
+CVE-2018-15193
 	NOT-FOR-US: Go Git Service
-CVE-2018-15192 (An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs ...)
+CVE-2018-15192
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/issues/4624
-CVE-2018-15191 (PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to ...)
+CVE-2018-15191
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15190 (PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First ...)
+CVE-2018-15190
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15189 (PHP Scripts Mall advanced-real-estate-script has XSS via the Name ...)
+CVE-2018-15189
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15188 (PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote ...)
+CVE-2018-15188
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15187 (PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via ...)
+CVE-2018-15187
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15186 (PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF ...)
+CVE-2018-15186
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15185 (PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows ...)
+CVE-2018-15185
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15184 (PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has ...)
+CVE-2018-15184
 	NOT-FOR-US: PHP Scripts Mall Naukri / Shine / Jobsite Clone Script
-CVE-2018-15183 (PHP Scripts Mall Myperfectresume / JobHero / Resume Clone Script 2.0.6 ...)
+CVE-2018-15183
 	NOT-FOR-US: PHP Scripts Mall Myperfectresume / JobHero / Resume Clone Script
-CVE-2018-15182 (PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and ...)
+CVE-2018-15182
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2018-15181 (JioFi 4G Hotspot M2S devices allow attackers to cause a denial of ...)
+CVE-2018-15181
 	NOT-FOR-US: JioFi 4G Hotspot M2S devices
 CVE-2018-15180
 	RESERVED
 CVE-2018-15179
 	RESERVED
-CVE-2018-15178 (Open redirect vulnerability in Gogs before 0.12 allows remote attackers ...)
+CVE-2018-15178
 	NOT-FOR-US: Go Git Service
-CVE-2018-15177 (In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can ...)
+CVE-2018-15177
 	NOT-FOR-US: Gxlcms
-CVE-2018-15176 (XnView 2.45 allows remote attackers to cause a denial of service (User ...)
+CVE-2018-15176
 	NOT-FOR-US: XnView
-CVE-2018-15175 (XnView 2.45 allows remote attackers to cause a denial of service (User ...)
+CVE-2018-15175
 	NOT-FOR-US: XnView
-CVE-2018-15174 (XnView 2.45 allows remote attackers to cause a denial of service (Read ...)
+CVE-2018-15174
 	NOT-FOR-US: XnView
-CVE-2018-15173 (Nmap through 7.70, when the -sV option is used, allows remote attackers ...)
+CVE-2018-15173
 	- nmap <unfixed> (unimportant)
 	NOTE: No security impact
-CVE-2018-15172 (TP-Link WR840N devices have a buffer overflow via a long Authorization ...)
+CVE-2018-15172
 	NOT-FOR-US: TP-Link WR840N devices
 CVE-2018-15171
 	RESERVED
 CVE-2018-15170
 	RESERVED
-CVE-2018-15169 (A reflected Cross-site scripting (XSS) vulnerability in Zoho ...)
+CVE-2018-15169
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2018-15168 (A SQL Injection vulnerability exists in the Zoho ManageEngine ...)
+CVE-2018-15168
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
 CVE-2018-15167
 	RESERVED
@@ -14907,69 +14899,69 @@ CVE-2018-15163
 	RESERVED
 CVE-2018-15162
 	RESERVED
-CVE-2018-15161 (** DISPUTED ** The libesedb_key_append_data function in libesedb_key.c ...)
+CVE-2018-15161
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15160 (** DISPUTED ** The libesedb_catalog_definition_read function in ...)
+CVE-2018-15160
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15159 (** DISPUTED ** The libesedb_page_read_tags function in libesedb_page.c ...)
+CVE-2018-15159
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15158 (** DISPUTED ** The libesedb_page_read_values function in ...)
+CVE-2018-15158
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15157 (** DISPUTED ** The libfsclfs_block_read function in libfsclfs_block.c ...)
+CVE-2018-15157
 	NOT-FOR-US: libfsclfs
-CVE-2018-15156 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+CVE-2018-15156
 	NOT-FOR-US: OpenEMR
-CVE-2018-15155 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+CVE-2018-15155
 	NOT-FOR-US: OpenEMR
-CVE-2018-15154 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+CVE-2018-15154
 	NOT-FOR-US: OpenEMR
-CVE-2018-15153 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+CVE-2018-15153
 	NOT-FOR-US: OpenEMR
-CVE-2018-15152 (Authentication bypass vulnerability in portal/account/register.php in ...)
+CVE-2018-15152
 	NOT-FOR-US: OpenEMR
-CVE-2018-15151 (SQL injection vulnerability in ...)
+CVE-2018-15151
 	NOT-FOR-US: OpenEMR
-CVE-2018-15150 (SQL injection vulnerability in ...)
+CVE-2018-15150
 	NOT-FOR-US: OpenEMR
-CVE-2018-15149 (SQL injection vulnerability in ...)
+CVE-2018-15149
 	NOT-FOR-US: OpenEMR
-CVE-2018-15148 (SQL injection vulnerability in ...)
+CVE-2018-15148
 	NOT-FOR-US: OpenEMR
-CVE-2018-15147 (SQL injection vulnerability in interface/forms_admin/forms_admin.php ...)
+CVE-2018-15147
 	NOT-FOR-US: OpenEMR
-CVE-2018-15146 (SQL injection vulnerability in ...)
+CVE-2018-15146
 	NOT-FOR-US: OpenEMR
-CVE-2018-15145 (Multiple SQL injection vulnerabilities in ...)
+CVE-2018-15145
 	NOT-FOR-US: OpenEMR
-CVE-2018-15144 (SQL injection vulnerability in ...)
+CVE-2018-15144
 	NOT-FOR-US: OpenEMR
-CVE-2018-15143 (Multiple SQL injection vulnerabilities in ...)
+CVE-2018-15143
 	NOT-FOR-US: OpenEMR
-CVE-2018-15142 (Directory traversal in portal/import_template.php in versions of ...)
+CVE-2018-15142
 	NOT-FOR-US: OpenEMR
-CVE-2018-15141 (Directory traversal in portal/import_template.php in versions of ...)
+CVE-2018-15141
 	NOT-FOR-US: OpenEMR
-CVE-2018-15140 (Directory traversal in portal/import_template.php in versions of ...)
+CVE-2018-15140
 	NOT-FOR-US: OpenEMR
-CVE-2018-15139 (Unrestricted file upload in interface/super/manage_site_files.php in ...)
+CVE-2018-15139
 	NOT-FOR-US: OpenEMR
-CVE-2018-15138 (Ericsson-LG iPECS NMS 30M allows directory traversal via ...)
+CVE-2018-15138
 	NOT-FOR-US: Ericsson-LG iPECS NMS 30M
-CVE-2018-15137 (CeLa Link CLR-M20 devices allow unauthorized users to upload any file ...)
+CVE-2018-15137
 	NOT-FOR-US: CeLa Link CLR-M20 devices
-CVE-2018-15136 (TitanHQ SpamTitan before 7.01 has Improper input validation. This ...)
+CVE-2018-15136
 	NOT-FOR-US: TitanHQ
 CVE-2018-15135
 	RESERVED
 CVE-2018-15134
 	RESERVED
-CVE-2018-15133 (In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote ...)
+CVE-2018-15133
 	NOT-FOR-US: Laravel
-CVE-2018-15132 (An issue was discovered in ext/standard/link_win32.c in PHP before ...)
+CVE-2018-15132
 	- php7.2 <not-affected> (Windows-specific)
 	- php7.1 <not-affected> (Windows-specific)
 	- php7.0 <not-affected> (Windows-specific)
@@ -14979,23 +14971,23 @@ CVE-2018-15132 (An issue was discovered in ext/standard/link_win32.c in PHP befo
 	NOTE: https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4
 CVE-2018-15131
 	RESERVED
-CVE-2018-15130 (ThinkSAAS through 2018-07-25 has XSS via the ...)
+CVE-2018-15130
 	NOT-FOR-US: ThinkSAAS
-CVE-2018-15129 (ThinkSAAS through 2018-07-25 has XSS via the ...)
+CVE-2018-15129
 	NOT-FOR-US: ThinkSAAS
 CVE-2018-15128
 	RESERVED
-CVE-2018-20750 (LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability ...)
+CVE-2018-20750
 	{DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.3 (bug #920941)
 	[stretch] - libvncserver <not-affected> (Incomplete fix for CVE-2018-15127 not applied)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/09e8fc02f59f16e2583b34fe1a270c238bd9ffec
-CVE-2018-20749 (LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability ...)
+CVE-2018-20749
 	{DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.3 (bug #920941)
 	[stretch] - libvncserver <not-affected> (Incomplete fix for CVE-2018-15127 not applied)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/15bb719c03cc70f14c36a843dcb16ed69b405707
-CVE-2018-15127 (LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains ...)
+CVE-2018-15127
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/243
@@ -15005,7 +14997,7 @@ CVE-2018-15127 (LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de co
 	NOTE: Additional commits:
 	NOTE: https://github.com/LibVNC/libvncserver/commit/15bb719c03cc70f14c36a843dcb16ed69b405707
 	NOTE: https://github.com/LibVNC/libvncserver/commit/09e8fc02f59f16e2583b34fe1a270c238bd9ffec
-CVE-2018-15126 (LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains ...)
+CVE-2018-15126
 	{DSA-4383-1 DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/242
@@ -15017,17 +15009,17 @@ CVE-2018-15126 (LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b co
 	NOTE: https://github.com/LibVNC/libvncserver/commit/2d939267a176bf4976dbad36399638956ad8cc34
 	NOTE: https://github.com/LibVNC/libvncserver/commit/495ffa3f3a213ab058eee1d7da48fa5ef71914d8
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-027-libvnc-heap-use-after-free/
-CVE-2018-15125 (Sensitive Information Disclosure in Zipato Zipabox Smart Home ...)
+CVE-2018-15125
 	NOT-FOR-US: Zipato
-CVE-2018-15124 (Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD ...)
+CVE-2018-15124
 	NOT-FOR-US: Zipato
-CVE-2018-15123 (Insecure configuration storage in Zipato Zipabox Smart Home Controller ...)
+CVE-2018-15123
 	NOT-FOR-US: Zipato
-CVE-2018-15122 (An issue found in Progress Telerik JustAssembly through 2018.1.323.2 ...)
+CVE-2018-15122
 	NOT-FOR-US: Telerik
-CVE-2018-15121 (An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. ...)
+CVE-2018-15121
 	NOT-FOR-US: Auth0 auth0-aspnet
-CVE-2018-15120 (libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other ...)
+CVE-2018-15120
 	- pango1.0 1.42.4-1 (low)
 	[stretch] - pango1.0 <not-affected> (Vulnerable code not present)
 	[jessie] - pango1.0 <not-affected> (Vulnerable code not present)
@@ -15256,37 +15248,37 @@ CVE-2018-15009
 	RESERVED
 CVE-2018-15008
 	RESERVED
-CVE-2018-15007 (The Sky Elite 6.0L+ Android device with a build fingerprint of ...)
+CVE-2018-15007
 	NOT-FOR-US: Sky Elite
-CVE-2018-15006 (The ZTE ZMAX Champ Android device with a build fingerprint of ...)
+CVE-2018-15006
 	NOT-FOR-US: ZTE
-CVE-2018-15005 (The ZTE ZMAX Champ Android device with a build fingerprint of ...)
+CVE-2018-15005
 	NOT-FOR-US: ZTE
-CVE-2018-15004 (The Coolpad Canvas device with a build fingerprint of ...)
+CVE-2018-15004
 	NOT-FOR-US: Coolpad
 CVE-2018-15003
 	RESERVED
-CVE-2018-15002 (The Vivo V7 device with a build fingerprint of ...)
+CVE-2018-15002
 	NOT-FOR-US: Vivo V7 device
-CVE-2018-15001 (The Vivo V7 Android device with a build fingerprint of ...)
+CVE-2018-15001
 	NOT-FOR-US: Vivo V7 device
 CVE-2018-15000
 	RESERVED
 CVE-2018-14999
 	RESERVED
-CVE-2018-14998 (The Leagoo P1 Android device with a build fingerprint of ...)
+CVE-2018-14998
 	NOT-FOR-US: Leagoo P1 Android device
 CVE-2018-14997
 	RESERVED
 CVE-2018-14996
 	RESERVED
-CVE-2018-14995 (The ZTE Blade Vantage Android device with a build fingerprint of ...)
+CVE-2018-14995
 	NOT-FOR-US: ZTE
 CVE-2018-14994
 	RESERVED
 CVE-2018-14993
 	RESERVED
-CVE-2018-14992 (The ASUS ZenFone 3 Max Android device with a build fingerprint of ...)
+CVE-2018-14992
 	NOT-FOR-US: ASUS ZenFone 3 Max Android device
 CVE-2018-14991
 	RESERVED
@@ -15294,116 +15286,116 @@ CVE-2018-14990
 	RESERVED
 CVE-2018-14989
 	RESERVED
-CVE-2018-14988 (The MXQ TV Box 4.4.2 Android device with a build fingerprint of ...)
+CVE-2018-14988
 	NOT-FOR-US: MXQ TV Box
-CVE-2018-14987 (The MXQ TV Box 4.4.2 Android device with a build fingerprint of ...)
+CVE-2018-14987
 	NOT-FOR-US: MXQ TV Box
-CVE-2018-14986 (The Leagoo Z5C Android device with a build fingerprint of ...)
+CVE-2018-14986
 	NOT-FOR-US: Leagoo Z5C Android device
-CVE-2018-14985 (The Leagoo Z5C Android device with a build fingerprint of ...)
+CVE-2018-14985
 	NOT-FOR-US: Leagoo Z5C Android device
-CVE-2018-14984 (The Leagoo Z5C Android device with a build fingerprint of ...)
+CVE-2018-14984
 	NOT-FOR-US: Leagoo Z5C Android device
 CVE-2018-14983
 	RESERVED
-CVE-2018-14982 (Certain LG devices based on Android 6.0 through 8.1 have incorrect ...)
+CVE-2018-14982
 	NOT-FOR-US: LG devices specific issue
-CVE-2018-14981 (Certain LG devices based on Android 6.0 through 8.1 have incorrect ...)
+CVE-2018-14981
 	NOT-FOR-US: LG devices specific issue
 CVE-2018-14980
 	RESERVED
-CVE-2018-14979 (The ASUS ZenFone 3 Max Android device with a build fingerprint of ...)
+CVE-2018-14979
 	NOT-FOR-US: ASUS ZenFone 3 Max Android device
-CVE-2018-14978 (An issue was discovered in QCMS 3.0.1. CSRF exists via the ...)
+CVE-2018-14978
 	NOT-FOR-US: QCMS
-CVE-2018-14977 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14977
 	NOT-FOR-US: QCMS
-CVE-2018-14976 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14976
 	NOT-FOR-US: QCMS
-CVE-2018-14975 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14975
 	NOT-FOR-US: QCMSQCMS
-CVE-2018-14974 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14974
 	NOT-FOR-US: QCMS
-CVE-2018-14973 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14973
 	NOT-FOR-US: QCMS
-CVE-2018-14972 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14972
 	NOT-FOR-US: QCMS
-CVE-2018-14971 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14971
 	NOT-FOR-US: QCMS
-CVE-2018-14970 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14970
 	NOT-FOR-US: QCMS
-CVE-2018-14969 (An issue was discovered in QCMS 3.0.1. ...)
+CVE-2018-14969
 	NOT-FOR-US: QCMS
-CVE-2018-14968 (An issue was discovered in EMLsoft 5.4.5. ...)
+CVE-2018-14968
 	NOT-FOR-US: EMLsoft
-CVE-2018-14967 (An issue was discovered in EMLsoft 5.4.5. ...)
+CVE-2018-14967
 	NOT-FOR-US: EMLsoft
-CVE-2018-14966 (An issue was discovered in EMLsoft 5.4.5. The ...)
+CVE-2018-14966
 	NOT-FOR-US: EMLsoft
-CVE-2018-14965 (An issue was discovered in EMLsoft 5.4.5. The ...)
+CVE-2018-14965
 	NOT-FOR-US: EMLsoft
-CVE-2018-14964 (An issue was discovered in EMLsoft 5.4.5. XSS exists via the ...)
+CVE-2018-14964
 	NOT-FOR-US: EMLsoft
-CVE-2018-14963 (zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. ...)
+CVE-2018-14963
 	NOT-FOR-US: zzcms
-CVE-2018-14962 (zzcms 8.3 has stored XSS related to the content variable in ...)
+CVE-2018-14962
 	NOT-FOR-US: zzcms
-CVE-2018-14961 (dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql ...)
+CVE-2018-14961
 	NOT-FOR-US: zzcms
-CVE-2018-14960 (Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. ...)
+CVE-2018-14960
 	NOT-FOR-US: Xiao5uCompany
-CVE-2018-14959 (An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages ...)
+CVE-2018-14959
 	NOT-FOR-US: WeaselCMS
-CVE-2018-14958 (An issue was discovered in WeaselCMS v0.3.5. CSRF can update the ...)
+CVE-2018-14958
 	NOT-FOR-US: WeaselCMS
-CVE-2018-14957 (CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file ...)
+CVE-2018-14957
 	NOT-FOR-US: CMS ISWEB
-CVE-2018-14956 (CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An ...)
+CVE-2018-14956
 	NOT-FOR-US: CMS ISWEB
 CVE-2018-14949
 	RESERVED
-CVE-2018-14948 (An issue has been found in dilawar sound through 2017-11-27. The end of ...)
+CVE-2018-14948
 	NOT-FOR-US: dilawar
-CVE-2018-14947 (An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in ...)
+CVE-2018-14947
 	NOT-FOR-US: PDF2JSON
-CVE-2018-14946 (An issue has been found in PDF2JSON 0.69. The HtmlString class in ...)
+CVE-2018-14946
 	NOT-FOR-US: PDF2JSON
-CVE-2018-14945 (An issue has been found in jpeg_encoder through 2015-11-27. It is a ...)
+CVE-2018-14945
 	NOT-FOR-US: jpeg_encoder
-CVE-2018-14944 (An issue has been found in jpeg_encoder through 2015-11-27. It is a ...)
+CVE-2018-14944
 	NOT-FOR-US: jpeg_encoder
-CVE-2018-14943 (Harmonic NSG 9000 devices have a default password of nsgadmin for the ...)
+CVE-2018-14943
 	NOT-FOR-US: Harmonic NSG 9000 devices
-CVE-2018-14942 (Harmonic NSG 9000 devices allow remote authenticated users to conduct ...)
+CVE-2018-14942
 	NOT-FOR-US: Harmonic NSG 9000 devices
-CVE-2018-14941 (Harmonic NSG 9000 devices allow remote authenticated users to read the ...)
+CVE-2018-14941
 	NOT-FOR-US: Harmonic NSG 9000 devices
-CVE-2018-14940 (PHPCMS 9 allows remote attackers to cause a denial of service (resource ...)
+CVE-2018-14940
 	NOT-FOR-US: PHPCMS
-CVE-2018-14939 (The get_app_path function in desktop/unx/source/start.c in LibreOffice ...)
+CVE-2018-14939
 	- libreoffice <not-affected> (Doesn't affect LibreOffice running on glibc)
-CVE-2018-1000637 (zutils version prior to version 1.8-pre2 contains a Buffer Overflow ...)
+CVE-2018-1000637
 	{DLA-1505-1}
 	- zutils 1.7-3 (bug #902936; bug #904819)
 	[stretch] - zutils 1.5-5+deb9u1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/05/1
 	NOTE: https://lists.nongnu.org/archive/html/zutils-bug/2018-08/msg00000.html
 	NOTE: Fixed by: upstream/0001-zcat-buffer-overrun.patch (in 1.7-3)
-CVE-2018-14938 (An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through ...)
+CVE-2018-14938
 	- tcpflow 1.5.0+repack1-1 (bug #905483)
 	[stretch] - tcpflow <no-dsa> (Minor issue)
 	[jessie] - tcpflow <no-dsa> (Minor issue)
 	NOTE: https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb
 	NOTE: https://github.com/simsong/tcpflow/issues/182
-CVE-2018-14937 (The Add page option in my little forum 2.4.12 allows XSS via the Menu ...)
+CVE-2018-14937
 	NOT-FOR-US: My Little Forum
-CVE-2018-14936 (The Add page option in my little forum 2.4.12 allows XSS via the Title ...)
+CVE-2018-14936
 	NOT-FOR-US: My Little Forum
-CVE-2018-14935 (The Web administration console on Polycom Trio devices with software ...)
+CVE-2018-14935
 	NOT-FOR-US: Polycom Trio
-CVE-2018-14934 (The Bluetooth subsystem on Polycom Trio devices with software before ...)
+CVE-2018-14934
 	NOT-FOR-US: Polycom Trio
-CVE-2018-14933 (upgrade_handle.php on NUUO NVRmini devices allows Remote Command ...)
+CVE-2018-14933
 	NOT-FOR-US: NUUO NVRmini devices
 CVE-2018-14932
 	RESERVED
@@ -15411,21 +15403,21 @@ CVE-2018-14931
 	RESERVED
 CVE-2018-14930
 	RESERVED
-CVE-2018-14929 (Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as ...)
+CVE-2018-14929
 	NOT-FOR-US: Metara
-CVE-2018-14928 (/contingency/servlet/ServletFileDownload executes as root and provides ...)
+CVE-2018-14928
 	NOT-FOR-US: Metara
-CVE-2018-14927 (Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to ...)
+CVE-2018-14927
 	NOT-FOR-US: Metara
-CVE-2018-14926 (Matera Banco 1.0.0 allows CSRF, as demonstrated by a ...)
+CVE-2018-14926
 	NOT-FOR-US: Metara
-CVE-2018-14925 (Matera Banco 1.0.0 mishandles Java errors in the backend, as ...)
+CVE-2018-14925
 	NOT-FOR-US: Metara
-CVE-2018-14924 (Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as ...)
+CVE-2018-14924
 	NOT-FOR-US: Metara
-CVE-2018-14923 (A vulnerability in uniview EZPlayer 1.0.6 could allow an attacker to ...)
+CVE-2018-14923
 	NOT-FOR-US: EZPlayer
-CVE-2018-14922 (Multiple cross-site scripting (XSS) vulnerabilities in Monstra CMS ...)
+CVE-2018-14922
 	NOT-FOR-US: Monstra CMS
 CVE-2018-14921
 	RESERVED
@@ -15441,7 +15433,7 @@ CVE-2018-14916
 	RESERVED
 CVE-2018-14915
 	REJECTED
-CVE-2018-1000223 (soundtouch version up to and including 2.0.0 contains a Buffer ...)
+CVE-2018-1000223
 	- soundtouch 2.1.2+ds1-1 (bug #905491)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <no-dsa> (Minor issue)
@@ -15450,37 +15442,37 @@ CVE-2018-14914
 	RESERVED
 CVE-2018-14913
 	RESERVED
-CVE-2018-14912 (cgit_clone_objects in CGit before 1.2.1 has a directory traversal ...)
+CVE-2018-14912
 	{DSA-4263-1 DLA-1459-1}
 	- cgit 1.1+git2.10.2-3.1 (bug #905382)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1627
 	NOTE: https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html
 	NOTE: https://git.zx2c4.com/cgit/commit/?id=53efaf30b50f095cad8c160488c74bba3e3b2680
-CVE-2018-14911 (A file upload vulnerability exists in ukcms v1.1.7 and earlier. The ...)
+CVE-2018-14911
 	NOT-FOR-US: ukcms
-CVE-2018-14910 (SeaCMS v6.61 allows Remote Code execution by placing PHP code in an ...)
+CVE-2018-14910
 	NOT-FOR-US: SeaCMS
 CVE-2018-14909
 	RESERVED
-CVE-2018-14908 (Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every ...)
+CVE-2018-14908
 	NOT-FOR-US: Samsung Syncthru Web Service
-CVE-2018-14907 (The Web server in 3CX version 15.5.8801.3 is vulnerable to Information ...)
+CVE-2018-14907
 	NOT-FOR-US: 3CX
-CVE-2018-14906 (The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected ...)
+CVE-2018-14906
 	NOT-FOR-US: 3CX
-CVE-2018-14905 (The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected ...)
+CVE-2018-14905
 	NOT-FOR-US: 3CX
-CVE-2018-14904 (Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple ...)
+CVE-2018-14904
 	NOT-FOR-US: Samsung Syncthru Web Service
-CVE-2018-14903 (EPSON WF-2750 printers with firmware JP02I2 do not properly validate ...)
+CVE-2018-14903
 	NOT-FOR-US: EPSON WF-2750 printers
-CVE-2018-14902 (The ContentProvider in the EPSON iPrint application 6.6.3 for Android ...)
+CVE-2018-14902
 	NOT-FOR-US: EPSON iPrint application for Android
-CVE-2018-14901 (The EPSON iPrint application 6.6.3 for Android contains hard-coded API ...)
+CVE-2018-14901
 	NOT-FOR-US: EPSON iPrint application for Android
-CVE-2018-14900 (On EPSON WF-2750 printers with firmware JP02I2, there is no filtering ...)
+CVE-2018-14900
 	NOT-FOR-US: EPSON WF-2750 printers
-CVE-2018-14899 (On the EPSON WF-2750 printer with firmware JP02I2, the Web interface ...)
+CVE-2018-14899
 	NOT-FOR-US: EPSON WF-2750 printer
 CVE-2018-14898
 	RESERVED
@@ -15492,17 +15484,17 @@ CVE-2018-14895
 	RESERVED
 CVE-2018-14894
 	RESERVED
-CVE-2018-14893 (A system command injection vulnerability in zyshclient in ZyXEL NSA325 ...)
+CVE-2018-14893
 	NOT-FOR-US: ZyXEL
-CVE-2018-14892 (Missing protections against Cross-Site Request Forgery in the web ...)
+CVE-2018-14892
 	NOT-FOR-US: ZyXEL
-CVE-2018-14891 (Management Console in Vectra Networks Cognito Brain and Sensor before ...)
+CVE-2018-14891
 	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
-CVE-2018-14890 (Vectra Networks Cognito Brain and Sensor before 4.2 contains a ...)
+CVE-2018-14890
 	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
-CVE-2018-14889 (CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 ...)
+CVE-2018-14889
 	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
-CVE-2018-14888 (inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin ...)
+CVE-2018-14888
 	NOT-FOR-US: Eldenroot Thank You/Like plugin for MyBB
 CVE-2018-14887
 	RESERVED
@@ -15510,7 +15502,7 @@ CVE-2018-14886
 	RESERVED
 CVE-2018-14885
 	RESERVED
-CVE-2018-14884 (An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before ...)
+CVE-2018-14884
 	- php7.2 7.2.1-1
 	- php7.1 7.1.13-1
 	- php7.0 7.0.27-1
@@ -15519,7 +15511,7 @@ CVE-2018-14884 (An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75535
 	NOTE: Fixed by: https://github.com/php/php-src/commit/0e097f2c96ce31b16fa371981045f224e5a37160
 	NOTE: Introduced in: https://github.com/php/php-src/commit/5146d9f8ac170d8ba7109370d732d56dc0777578
-CVE-2018-14883 (An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, ...)
+CVE-2018-14883
 	{DSA-4353-1 DLA-1490-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.20-1
@@ -15550,11 +15542,11 @@ CVE-2018-XXXX [Default KeyInfo resolver doesn't check for empty element content.
 	[jessie] - xml-security-c 1.7.2-3+deb8u1
 	NOTE: https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
 	NOTE: https://shibboleth.net/community/advisories/secadv_20180803.txt
-CVE-2018-14878 (JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 ...)
+CVE-2018-14878
 	NOT-FOR-US: JetBrains dotPeek
-CVE-2018-14877 (An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site ...)
+CVE-2018-14877
 	NOT-FOR-US: WeaselCMS
-CVE-2018-14876 (An issue was discovered in image_save_png in image/image-png.cpp in ...)
+CVE-2018-14876
 	[experimental] - flif <unfixed>
 	- flif <removed>
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/520
@@ -15562,15 +15554,15 @@ CVE-2018-14875
 	RESERVED
 CVE-2018-14874
 	RESERVED
-CVE-2018-14873 (An issue was discovered in Rincewind 0.1. There is a cross-site ...)
+CVE-2018-14873
 	NOT-FOR-US: Rincewind
-CVE-2018-14872 (An issue was discovered in Rincewind 0.1. A reinstall vulnerability ...)
+CVE-2018-14872
 	NOT-FOR-US: Rincewind
 CVE-2018-14871
 	RESERVED
 CVE-2018-14870
 	RESERVED
-CVE-2018-14869 (PHP Template Store Script 3.0.6 allows XSS via the Address line 1, ...)
+CVE-2018-14869
 	NOT-FOR-US: PHP Template Store Script
 CVE-2018-14868
 	RESERVED
@@ -15592,22 +15584,22 @@ CVE-2018-14860
 	RESERVED
 CVE-2018-14859
 	RESERVED
-CVE-2018-14858 (An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 ...)
+CVE-2018-14858
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-14857 (Unrestricted file upload (with remote code execution) in ...)
+CVE-2018-14857
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-14856 (Buffer overflow in dhd_bus_flow_ring_create_response in ...)
+CVE-2018-14856
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14855 (Buffer overflow in dhd_bus_flow_ring_flush_response in ...)
+CVE-2018-14855
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14854 (Buffer overflow in dhd_bus_flow_ring_delete_response in ...)
+CVE-2018-14854
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14853 (A NULL pointer dereference in dhd_prot_txdata_write_flush in ...)
+CVE-2018-14853
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14852 (Out-of-bounds array access in dhd_rx_frame in ...)
+CVE-2018-14852
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14851 (exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, ...)
+CVE-2018-14851
 	{DSA-4353-1 DLA-1490-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.20-1
@@ -15615,17 +15607,17 @@ CVE-2018-14851 (exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5
 	- php5 <removed>
 	NOTE: Fixed in 5.6.37, 7.0.31, 7.1.20, 7.2.8
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76557
-CVE-2018-14850 (Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow ...)
+CVE-2018-14850
 	- tikiwiki <removed>
 	NOTE: https://sourceforge.net/p/tikiwiki/code/66990
-CVE-2018-14849 (Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related ...)
+CVE-2018-14849
 	- tikiwiki <removed>
 	NOTE: https://sourceforge.net/p/tikiwiki/code/66809
 CVE-2018-14848
 	RESERVED
-CVE-2018-14847 (MikroTik RouterOS through 6.42 allows unauthenticated remote attackers ...)
+CVE-2018-14847
 	NOT-FOR-US: Winbox for MikroTik RouterOS
-CVE-2018-14846 (The Mondula Multi Step Form plugin before 1.2.8 for WordPress has ...)
+CVE-2018-14846
 	NOT-FOR-US: Mondula Multi Step Form plugin for WordPress
 CVE-2018-14845
 	RESERVED
@@ -15637,17 +15629,17 @@ CVE-2018-14842
 	RESERVED
 CVE-2018-14841
 	RESERVED
-CVE-2018-14840 (uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not ...)
+CVE-2018-14840
 	NOT-FOR-US: Subrion CMS
 CVE-2018-14839
 	RESERVED
-CVE-2018-14838 (rejucms 2.1 has stored XSS via the admin/book.php content parameter. ...)
+CVE-2018-14838
 	NOT-FOR-US: rejucms
-CVE-2018-14837 (Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ...)
+CVE-2018-14837
 	NOT-FOR-US: Wolf CMS
-CVE-2018-14836 (Subrion 4.2.1 is vulnerable to Improper Access control because user ...)
+CVE-2018-14836
 	NOT-FOR-US: Subrion CMS
-CVE-2018-14835 (Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no escaping ...)
+CVE-2018-14835
 	NOT-FOR-US: Subrion CMS
 CVE-2018-14834
 	RESERVED
@@ -15659,191 +15651,191 @@ CVE-2018-14831
 	RESERVED
 CVE-2018-14830
 	RESERVED
-CVE-2018-14829 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This ...)
+CVE-2018-14829
 	NOT-FOR-US: Rockwell Automation RSLinx Classic
-CVE-2018-14828 (Advantech WebAccess 8.3.1 and earlier has an improper privilege ...)
+CVE-2018-14828
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14827 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A ...)
+CVE-2018-14827
 	NOT-FOR-US: Rockwell Automation RSLinx Classic
-CVE-2018-14826 (Entes EMG12 versions 2.57 and prior The application uses a web ...)
+CVE-2018-14826
 	NOT-FOR-US: Entes EMG12
-CVE-2018-14825 (On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 ...)
+CVE-2018-14825
 	NOT-FOR-US: Honeywell
-CVE-2018-14824 (Delta Electronics Delta Industrial Automation PMSoft v2.11 or prior ...)
+CVE-2018-14824
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation PMSoft
-CVE-2018-14823 (Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer ...)
+CVE-2018-14823
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14822 (Entes EMG12 versions 2.57 and prior an information exposure through ...)
+CVE-2018-14822
 	NOT-FOR-US: Entes EMG12
-CVE-2018-14821 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This ...)
+CVE-2018-14821
 	NOT-FOR-US: Rockwell Automation RSLinx Classic
-CVE-2018-14820 (Advantech WebAccess 8.3.1 and earlier has a .dll component that is ...)
+CVE-2018-14820
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14819 (Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read ...)
+CVE-2018-14819
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14818 (WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and ...)
+CVE-2018-14818
 	NOT-FOR-US: PI Studio HMI
-CVE-2018-14817 (Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow ...)
+CVE-2018-14817
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14816 (Advantech WebAccess 8.3.1 and earlier has several stack-based buffer ...)
+CVE-2018-14816
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14815 (Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write ...)
+CVE-2018-14815
 	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14814
 	RESERVED
-CVE-2018-14813 (Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow ...)
+CVE-2018-14813
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14812 (An uncontrolled search path element (DLL Hijacking) vulnerability has ...)
+CVE-2018-14812
 	NOT-FOR-US: Fuji
-CVE-2018-14811 (Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer ...)
+CVE-2018-14811
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14810 (WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and ...)
+CVE-2018-14810
 	NOT-FOR-US: PI Studio HMI
-CVE-2018-14809 (Fuji Electric V-Server 4.0.3.0 and prior, A use after free ...)
+CVE-2018-14809
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14808 (Emerson AMS Device Manager v12.0 to v13.5.  Non-administrative users ...)
+CVE-2018-14808
 	NOT-FOR-US: Emerson AMS Device Manager
-CVE-2018-14807 (A stack-based buffer overflow vulnerability in Opto 22 PAC Control ...)
+CVE-2018-14807
 	NOT-FOR-US: Opto
-CVE-2018-14806 (Advantech WebAccess 8.3.1 and earlier has a path traversal ...)
+CVE-2018-14806
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14805 (ABB eSOMS version 6.0.2 may allow unauthorized access to the system ...)
+CVE-2018-14805
 	NOT-FOR-US: ABB eSOMS
-CVE-2018-14804 (Emerson AMS Device Manager v12.0 to v13.5.  A specially crafted ...)
+CVE-2018-14804
 	NOT-FOR-US: Emerson AMS Device Manager
-CVE-2018-14803 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-14803
 	NOT-FOR-US: Philips e-Alert Unit
-CVE-2018-14802 (Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), ...)
+CVE-2018-14802
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14801 (In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all ...)
+CVE-2018-14801
 	NOT-FOR-US: Philips PageWriter
-CVE-2018-14800 (Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, ...)
+CVE-2018-14800
 	NOT-FOR-US: Delta Electronics ISPSoft
-CVE-2018-14799 (In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all ...)
+CVE-2018-14799
 	NOT-FOR-US: Philips PageWriter
-CVE-2018-14798 (Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), ...)
+CVE-2018-14798
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14797 (Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a ...)
+CVE-2018-14797
 	NOT-FOR-US: Emerson DeltaV DCS
-CVE-2018-14796 (Tec4Data SmartCooler, all versions prior to firmware 180806, the ...)
+CVE-2018-14796
 	NOT-FOR-US: Tec4Data SmartCooler
-CVE-2018-14795 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable ...)
+CVE-2018-14795
 	NOT-FOR-US: DeltaV
-CVE-2018-14794 (Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device ...)
+CVE-2018-14794
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14793 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable ...)
+CVE-2018-14793
 	NOT-FOR-US: DeltaV
-CVE-2018-14792 (WECON PLC Editor version 1.3.3U may allow an attacker to execute code ...)
+CVE-2018-14792
 	NOT-FOR-US: WECON
-CVE-2018-14791 (Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may ...)
+CVE-2018-14791
 	NOT-FOR-US: Emerson DeltaV DCS
-CVE-2018-14790 (Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), ...)
+CVE-2018-14790
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14789 (In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version ...)
+CVE-2018-14789
 	NOT-FOR-US: Philips
-CVE-2018-14788 (Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer ...)
+CVE-2018-14788
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14787 (In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version ...)
+CVE-2018-14787
 	NOT-FOR-US: Philips
-CVE-2018-14786 (Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps ...)
+CVE-2018-14786
 	NOT-FOR-US: medical pumps
-CVE-2018-14785 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with ...)
+CVE-2018-14785
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14784 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with ...)
+CVE-2018-14784
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14783 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with ...)
+CVE-2018-14783
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14782 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with ...)
+CVE-2018-14782
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14781 (Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm ...)
+CVE-2018-14781
 	NOT-FOR-US: Medtronic
-CVE-2018-14780 (An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 ...)
+CVE-2018-14780
 	- yubico-piv-tool 1.6.1-1 (low; bug #906128)
 	[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
-CVE-2018-14779 (A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 ...)
+CVE-2018-14779
 	- yubico-piv-tool 1.6.1-1 (low; bug #906128)
 	[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
 CVE-2018-14778
 	RESERVED
-CVE-2018-14777 (An issue was discovered in DataLife Engine (DLE) through 13.0. An ...)
+CVE-2018-14777
 	NOT-FOR-US: DataLife Engine
-CVE-2018-1000631 (Battelle V2I Hub 3.0 is vulnerable to SQL injection. A remote attacker ...)
+CVE-2018-1000631
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000630 (Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote ...)
+CVE-2018-1000630
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000629 (Battelle V2I Hub 2.5.1 is vulnerable to cross-site scripting, caused ...)
+CVE-2018-1000629
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000628 (Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass ...)
+CVE-2018-1000628
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000627 (Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain ...)
+CVE-2018-1000627
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000626 (Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass ...)
+CVE-2018-1000626
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000625 (Battelle V2I Hub 2.5.1 contains hard-coded credentials for the ...)
+CVE-2018-1000625
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000624 (Battelle V2I Hub 2.5.1 is vulnerable to a denial of service, caused by ...)
+CVE-2018-1000624
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-14776 (Click Studios Passwordstate before 8.3 Build 8397 allows XSS by ...)
+CVE-2018-14776
 	NOT-FOR-US: Click Studios Passwordstate
-CVE-2018-14775 (tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a ...)
+CVE-2018-14775
 	NOT-FOR-US: OpenBSD
-CVE-2018-14774 (An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, ...)
+CVE-2018-14774
 	- symfony 3.4.14+dfsg-1
 	[stretch] - symfony <no-dsa> (Minor issue)
 	[jessie] - symfony <not-affected> (Vulnerable code not present, introduced later in commit 4c8a25a6e2)
 	NOTE: https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache
-CVE-2018-14773 (An issue was discovered in Http Foundation in Symfony 2.7.0 through ...)
+CVE-2018-14773
 	{DLA-1707-1}
 	- symfony 3.4.14+dfsg-1
 	[stretch] - symfony <no-dsa> (Minor issue)
 	NOTE: https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers
-CVE-2018-14772 (Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution ...)
+CVE-2018-14772
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-14771 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers ...)
+CVE-2018-14771
 	NOT-FOR-US: VIVOTEK FD8177 devices
-CVE-2018-14770 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers ...)
+CVE-2018-14770
 	NOT-FOR-US: VIVOTEK FD8177 devices
-CVE-2018-14769 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. ...)
+CVE-2018-14769
 	NOT-FOR-US: VIVOTEK FD8177 devices
-CVE-2018-14768 (Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, ...)
+CVE-2018-14768
 	NOT-FOR-US: VIVOTEK devices
-CVE-2018-1999025 (A man in the middle vulnerability exists in Jenkins TraceTronic ...)
+CVE-2018-1999025
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999026 (A server-side request forgery vulnerability exists in Jenkins ...)
+CVE-2018-1999026
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999027 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999027
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999028 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999028
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999029 (A cross-site scripting vulnerability exists in Jenkins Shelve Project ...)
+CVE-2018-1999029
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999041 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999041
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999040 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999040
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999039 (A server-side request forgery vulnerability exists in Jenkins ...)
+CVE-2018-1999039
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999038 (A confused deputy vulnerability exists in Jenkins Publisher Over CIFS ...)
+CVE-2018-1999038
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999037 (A data modification vulnerability exists in Jenkins Resource Disposer ...)
+CVE-2018-1999037
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999036 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999036
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999030 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999030
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999031 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999031
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999032 (A data modification vulnerability exists in Jenkins Agiletestware ...)
+CVE-2018-1999032
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999033 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999033
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999034 (A man in the middle vulnerability exists in Jenkins Inedo ProGet ...)
+CVE-2018-1999034
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999035 (A man in the middle vulnerability exists in Jenkins Inedo BuildMaster ...)
+CVE-2018-1999035
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-14767 (In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message ...)
+CVE-2018-14767
 	{DSA-4267-1 DLA-1471-1}
 	- kamailio 5.1.4-1
 	NOTE: https://skalatan.de/blog/advisory-hw-2018-05
@@ -15883,75 +15875,75 @@ CVE-2018-14751
 	RESERVED
 CVE-2018-14750
 	RESERVED
-CVE-2018-14749 (Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 ...)
+CVE-2018-14749
 	NOT-FOR-US: QNAP
-CVE-2018-14748 (Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS ...)
+CVE-2018-14748
 	NOT-FOR-US: QNAP
-CVE-2018-14747 (NULL Pointer Dereference vulnerability in QTS 4.3.5 build 20181013, ...)
+CVE-2018-14747
 	NOT-FOR-US: QNAP
-CVE-2018-14746 (Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 ...)
+CVE-2018-14746
 	NOT-FOR-US: QNAP
-CVE-2018-14955 (The mail message display page in SquirrelMail through 1.4.22 has XSS ...)
+CVE-2018-14955
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14954 (The mail message display page in SquirrelMail through 1.4.22 has XSS ...)
+CVE-2018-14954
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14953 (The mail message display page in SquirrelMail through 1.4.22 has XSS ...)
+CVE-2018-14953
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14952 (The mail message display page in SquirrelMail through 1.4.22 has XSS ...)
+CVE-2018-14952
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14951 (The mail message display page in SquirrelMail through 1.4.22 has XSS ...)
+CVE-2018-14951
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14950 (The mail message display page in SquirrelMail through 1.4.22 has XSS ...)
+CVE-2018-14950
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14745 (Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver ...)
+CVE-2018-14745
 	TODO: check
-CVE-2018-14744 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14744
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14743 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14743
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14742 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14742
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14741 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14741
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14740 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14740
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14739 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14739
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14738 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14738
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14737 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14737
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14736 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+CVE-2018-14736
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14735 (An Information Exposure issue was discovered in Hitachi Command Suite ...)
+CVE-2018-14735
 	NOT-FOR-US: Hitachi
 CVE-2018-14733
 	RESERVED
-CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 ...)
+CVE-2018-14734
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.14-1
 	NOTE: https://git.kernel.org/linus/cb2595c1393b4a5211534e6f0a0fbad369e21ad8 (4.18-rc1)
-CVE-2018-14732 (An issue was discovered in lib/Server.js in webpack-dev-server before ...)
+CVE-2018-14732
 	NOT-FOR-US: webpack-dev-server
-CVE-2018-14731 (An issue was discovered in HMRServer.js in Parcel parcel-bundler. ...)
+CVE-2018-14731
 	NOT-FOR-US: parcel-bundler
-CVE-2018-14730 (An issue was discovered in Browserify-HMR. Attackers are able to steal ...)
+CVE-2018-14730
 	NOT-FOR-US: Browserify-HMR
 CVE-2018-14729
 	RESERVED
-CVE-2018-14728 (upload.php in Responsive FileManager 9.13.1 allows SSRF via the url ...)
+CVE-2018-14728
 	NOT-FOR-US: Responsive FileManager
 CVE-2018-14727
 	RESERVED
@@ -15963,34 +15955,34 @@ CVE-2018-14724
 	RESERVED
 CVE-2018-14723
 	RESERVED
-CVE-2018-14722 (An issue was discovered in evaluate_auto_mountpoint in ...)
+CVE-2018-14722
 	- btrfsmaintenance 0.4.1-2 (bug #906131)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1102721
-CVE-2018-14721 (FasterXML jackson-databind 2.x before 2.9.7 might allow remote ...)
+CVE-2018-14721
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
-CVE-2018-14720 (FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to ...)
+CVE-2018-14720
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
-CVE-2018-14719 (FasterXML jackson-databind 2.x before 2.9.7 might allow remote ...)
+CVE-2018-14719
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
-CVE-2018-14718 (FasterXML jackson-databind 2.x before 2.9.7 might allow remote ...)
+CVE-2018-14718
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
 CVE-2018-14717
 	RESERVED
-CVE-2018-14716 (A Server Side Template Injection (SSTI) was discovered in the SEOmatic ...)
+CVE-2018-14716
 	NOT-FOR-US: SEOmatic plugin for Craft CMS
-CVE-2018-14715 (The endCoinFlip function and throwSlammer function of the smart ...)
+CVE-2018-14715
 	NOT-FOR-US: smart contract implementations for Cryptogs
 CVE-2018-14714
 	RESERVED
@@ -16002,35 +15994,35 @@ CVE-2018-14711
 	RESERVED
 CVE-2018-14710
 	RESERVED
-CVE-2018-14709 (Incorrect access control in the Dashboard API on Drobo 5N2 NAS version ...)
+CVE-2018-14709
 	NOT-FOR-US: Dashboard API on Drobo 5N2 NAS
-CVE-2018-14708 (An insecure transport protocol used by Drobo Dashboard API on Drobo ...)
+CVE-2018-14708
 	NOT-FOR-US: Drobo Dashboard API on Drobo 5N2 NAS
-CVE-2018-14707 (Directory traversal in the Drobo Pix web application on Drobo 5N2 NAS ...)
+CVE-2018-14707
 	NOT-FOR-US: Drobo Pix web application on Drobo 5N2 NAS
-CVE-2018-14706 (System command injection in the /DroboPix/api/drobopix/demo endpoint ...)
+CVE-2018-14706
 	NOT-FOR-US: Drobo 5N2 NAS
 CVE-2018-14705
 	RESERVED
-CVE-2018-14704 (Cross-site scripting in the MySQL API error page in Drobo 5N2 NAS ...)
+CVE-2018-14704
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14703 (Incorrect access control in the /mysql/api/droboapp/data endpoint in ...)
+CVE-2018-14703
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14702 (Incorrect access control in the /drobopix/api/drobo.php endpoint in ...)
+CVE-2018-14702
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14701 (System command injection in the /DroboAccess/delete_user endpoint in ...)
+CVE-2018-14701
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14700 (Incorrect access control in the /mysql/api/logfile.php endpoint in ...)
+CVE-2018-14700
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14699 (System command injection in the /DroboAccess/enable_user endpoint in ...)
+CVE-2018-14699
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14698 (Cross-site scripting in the /DroboAccess/delete_user endpoint in Drobo ...)
+CVE-2018-14698
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14697 (Cross-site scripting in the /DroboAccess/enable_user endpoint in Drobo ...)
+CVE-2018-14697
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14696 (Incorrect access control in the /mysql/api/drobo.php endpoint in Drobo ...)
+CVE-2018-14696
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14695 (Incorrect access control in the /mysql/api/diags.php endpoint in Drobo ...)
+CVE-2018-14695
 	NOT-FOR-US: Drobo 5N2 NAS
 CVE-2018-14694
 	RESERVED
@@ -16038,25 +16030,25 @@ CVE-2018-14693
 	RESERVED
 CVE-2018-14692
 	RESERVED
-CVE-2018-14691 (An issue was discovered in Subsonic 6.1.1. The music tags feature is ...)
+CVE-2018-14691
 	NOT-FOR-US: Subsonic
-CVE-2018-14690 (An issue was discovered in Subsonic 6.1.1. The general settings are ...)
+CVE-2018-14690
 	NOT-FOR-US: Subsonic
-CVE-2018-14689 (An issue was discovered in Subsonic 6.1.1. The transcoding settings ...)
+CVE-2018-14689
 	NOT-FOR-US: Subsonic
-CVE-2018-14688 (An issue was discovered in Subsonic 6.1.1. The radio settings are ...)
+CVE-2018-14688
 	NOT-FOR-US: Subsonic
 CVE-2018-14687
 	RESERVED
-CVE-2018-14686 (system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted ...)
+CVE-2018-14686
 	NOT-FOR-US: XYCMS
-CVE-2018-14685 (The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in ...)
+CVE-2018-14685
 	NOT-FOR-US: Gxlcms
 CVE-2018-14684
 	RESERVED
 CVE-2018-14683
 	RESERVED
-CVE-2018-14678 (An issue was discovered in the Linux kernel through 4.17.11, as used in ...)
+CVE-2018-14678
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.14-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-274.html
@@ -16081,81 +16073,81 @@ CVE-2018-14669
 	RESERVED
 CVE-2018-14668
 	RESERVED
-CVE-2018-14679 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
+CVE-2018-14679
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904802)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14680 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
+CVE-2018-14680
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904801)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14682 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
+CVE-2018-14682
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904800)
 	NOTE: https://github.com/kyz/libmspack/commit/4fd9ccaa54e1aebde1e4b95fb0163b699fd7bcc8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14681 (An issue was discovered in kwajd_read_headers in mspack/kwajd.c in ...)
+CVE-2018-14681
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904799)
 	NOTE: https://github.com/kyz/libmspack/commit/0b0ef9344255ff5acfac6b7af09198ac9c9756c8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14667 (The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression ...)
+CVE-2018-14667
 	NOT-FOR-US: RichFaces
-CVE-2018-14666 (An improper authorization flaw was found in the Smart Class feature of ...)
+CVE-2018-14666
 	- foreman <itp> (bug #663101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1638156
-CVE-2018-14665 (A flaw was found in xorg-x11-server before 1.20.3. An incorrect ...)
+CVE-2018-14665
 	{DSA-4328-1}
 	- xorg-server 2:1.20.3-1
 	[jessie] - xorg-server <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://gitlab.freedesktop.org/xorg/xserver/commit/032b1d79b7d04d47814a5b3a9fdd162249fea74c (1.19.0)
 	NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e
-CVE-2018-14664 (A flaw was found in foreman from versions 1.18. A stored cross-site ...)
+CVE-2018-14664
 	- foreman <itp> (bug #663101)
-CVE-2018-14663 (An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a ...)
+CVE-2018-14663
 	- dnsdist 1.3.3-1 (bug #913231)
 	[stretch] - dnsdist <no-dsa> (Minor issue)
 	NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2018-08.html
-CVE-2018-14662 (It was found Ceph versions before 13.2.4 that authenticated ceph users ...)
+CVE-2018-14662
 	{DLA-1696-1}
 	- ceph 12.2.11+dfsg1-1 (bug #921948)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1637327
 	NOTE: https://github.com/ceph/ceph/commit/a2acedd2a7e12d58af6db35edbd8a9d29c557578
-CVE-2018-14661 (It was found that usage of snprintf function in feature/locks ...)
+CVE-2018-14661
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1636880
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21532/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=74dbf0a9aac4b960832029ec122685b5b5009127
-CVE-2018-14660 (A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 ...)
+CVE-2018-14660
 	- glusterfs 5.1-1 (bug #912997)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635926
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21531/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=c2c70552188ee1b15bb748b4f2272062505c7696
-CVE-2018-14659 (The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable ...)
+CVE-2018-14659
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635929
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21530/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=be1e1785e2e4f3d6345ea5b5b684a1429784a01c
-CVE-2018-14658 (A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for ...)
+CVE-2018-14658
 	NOT-FOR-US: Keycloak
-CVE-2018-14657 (A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT ...)
+CVE-2018-14657
 	NOT-FOR-US: Keycloak
-CVE-2018-14656 (A missing address check in the callers of the show_opcodes() in the ...)
+CVE-2018-14656
 	- linux 4.18.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/342db04ae71273322f0011384a9ed414df8bdae4
-CVE-2018-14655 (A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. ...)
+CVE-2018-14655
 	NOT-FOR-US: Keycloak
-CVE-2018-14654 (The Gluster file system through version 4.1.4 is vulnerable to abuse ...)
+CVE-2018-14654
 	- glusterfs 5.1-1 (bug #912997)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
@@ -16163,7 +16155,7 @@ CVE-2018-14654 (The Gluster file system through version 4.1.4 is vulnerable to a
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21534/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=5f4ae8a80543332a2e92dfa5c7f833ae7b93a664 (release-4.1)
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=dc775c4ae052d1e9d0f61ace3be999f73f0ffa23 (release-5)
-CVE-2018-14653 (The Gluster file system through versions 4.1.4 and 3.12 is vulnerable ...)
+CVE-2018-14653
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
@@ -16172,14 +16164,14 @@ CVE-2018-14653 (The Gluster file system through versions 4.1.4 and 3.12 is vulne
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21529/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=d3ec5f5a089edb68206b5d4a469358867340d4f7
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e2712fbd38477e736f157c9dbfbbae9c253b6c13
-CVE-2018-14652 (The Gluster file system through versions 3.12 and 4.1.4 is vulnerable ...)
+CVE-2018-14652
 	{DLA-1565-1}
 	- glusterfs 5.0-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632974
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21535/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e2c195712a9ecbda4fa02f5308138a1257a2558a
-CVE-2018-14651 (It was found that the fix for CVE-2018-10927, CVE-2018-10928, ...)
+CVE-2018-14651
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	[stretch] - glusterfs <not-affected> (Incomplete fixes for CVE-2018-109{26,27,28,29,30} not applied)
@@ -16187,11 +16179,11 @@ CVE-2018-14651 (It was found that the fix for CVE-2018-10927, CVE-2018-10928, ..
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632557
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21527/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=5fdb7ae37f602894f81a2cadc5a4c609a4c85427
-CVE-2018-14650 (It was discovered that sos-collector does not properly set the default ...)
+CVE-2018-14650
 	NOT-FOR-US: sos-collector (not same as sosreport itself, additional tool to sosreport)
-CVE-2018-14649 (It was found that ceph-isci-cli package as shipped by Red Hat Ceph ...)
+CVE-2018-14649
 	NOT-FOR-US: ceph-iscsi-cli
-CVE-2018-14648 (A flaw was found in 389 Directory Server. A specially crafted search ...)
+CVE-2018-14648
 	{DLA-1554-1}
 	- 389-ds-base 1.4.0.18-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1630668
@@ -16203,7 +16195,7 @@ CVE-2018-14648 (A flaw was found in 389 Directory Server. A specially crafted se
 	NOTE: 1.3.7: https://pagure.io/389-ds-base/c/722a6f867
 	NOTE: 1.3.8: https://pagure.io/389-ds-base/c/bdb1af66c
 	NOTE: see https://pagure.io/389-ds-base/issue/49969
-CVE-2018-14647 (Python's elementtree C accelerator failed to initialise Expat's hash ...)
+CVE-2018-14647
 	{DSA-4307-1 DSA-4306-1}
 	- python3.7 3.7.0-7
 	- python3.6 3.6.7~rc1-1
@@ -16217,28 +16209,28 @@ CVE-2018-14647 (Python's elementtree C accelerator failed to initialise Expat's
 	NOTE: 3.7: https://github.com/python/cpython/commit/470a435f3b42c9be5fdb7f7b04f3df5663ba7305
 	NOTE: 3.6: https://github.com/python/cpython/commit/f7666e828cc3d5873136473ea36ba2013d624fa1
 	NOTE: 2.7: https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
-CVE-2018-14646 (The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL ...)
+CVE-2018-14646
 	- linux <not-affected> (Vulnerable code not present in any version released; apart experimental)
 	NOTE: Fixed by: https://git.kernel.org/linus/f428fe4a04cc339166c8bbd489789760de3a0cee
-CVE-2018-14645 (A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, ...)
+CVE-2018-14645
 	- haproxy 1.8.13-2
 	[stretch] - haproxy <not-affected> (Only affects 1.8.x)
 	[jessie] - haproxy <not-affected> (Only affects 1.8.x)
 	NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=b4e05a3daa30f657db01ec144a0e48850c48f813
-CVE-2018-14644 (An issue has been found in PowerDNS Recursor from 4.0.0 up to and ...)
+CVE-2018-14644
 	- pdns-recursor 4.1.7-1 (bug #913162)
 	[stretch] - pdns-recursor 4.0.4-1+deb9u4
 	[jessie] - pdns-recursor <ignored> (Minor issue)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-07.html
 	NOTE: https://downloads.powerdns.com/patches/2018-07/
 	NOTE: Patch backported for jessie https://git.fosscommunity.in/bhe/patches/raw/master/CVE-2018-14644.patch
-CVE-2018-14643 (An authentication bypass flaw was found in the smart_proxy_dynflow ...)
+CVE-2018-14643
 	- foreman <itp> (bug #663101)
 	NOTE: Issue in a foreman component: smart_proxy_dynflow, which might land in separate source.
-CVE-2018-14642 (An information leak vulnerability was found in Undertow. If all ...)
+CVE-2018-14642
 	- undertow <unfixed> (bug #911796)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1628702
-CVE-2018-14641 (A security flaw was found in the ip_frag_reasm() function in ...)
+CVE-2018-14641
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/18/1
 	NOTE: Fixed by: https://git.kernel.org/linus/5d407b071dc369c26a38398326ee2be53651cfe4
@@ -16246,48 +16238,48 @@ CVE-2018-14640
 	RESERVED
 CVE-2018-14639
 	RESERVED
-CVE-2018-14638 (A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ...)
+CVE-2018-14638
 	- 389-ds-base 1.4.0.18-1 (bug #908859)
 	[jessie] - 389-ds-base <not-affected> (Vulnerable code not present)
 	NOTE: https://pagure.io/389-ds-base/c/78fc627accacfa4061ce48977e22301f81ea8d73
-CVE-2018-14637 (The SAML broker consumer endpoint in Keycloak before version ...)
+CVE-2018-14637
 	NOT-FOR-US: Keycloak
-CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic for other ...)
+CVE-2018-14636
 	- neutron 2:13.0.0-1 (low)
 	[stretch] - neutron <no-dsa> (Minor issue)
 	[jessie] - neutron <ignored> (Minor issue)
-CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants are ...)
+CVE-2018-14635
 	- neutron 2:13.0.0-1
 	[stretch] - neutron <ignored> (Minor issue)
 	[jessie] - neutron <ignored> (Minor issue)
 	NOTE: https://bugs.launchpad.net/neutron/+bug/1757482
 	NOTE: https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
-CVE-2018-14634 (An integer overflow flaw was found in the Linux kernel's ...)
+CVE-2018-14634
 	{DLA-1529-1}
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/25/4
-CVE-2018-14633 (A security flaw was found in the chap_server_compute_md5() function in ...)
+CVE-2018-14633
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.10-1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/24/2
-CVE-2018-14632 (An out of bound write can occur when patching an Openshift object ...)
+CVE-2018-14632
 	NOT-FOR-US: OpenShift
-CVE-2018-14631 (moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost ...)
+CVE-2018-14631
 	- moodle <removed>
-CVE-2018-14630 (moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an ...)
+CVE-2018-14630
 	- moodle <removed>
-CVE-2018-14629 (A denial of service vulnerability was discovered in Samba's LDAP ...)
+CVE-2018-14629
 	{DSA-4345-1 DLA-1607-1}
 	- samba 2:4.9.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2018-14629.html
 CVE-2018-14628
 	RESERVED
-CVE-2018-14627 (The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not ...)
+CVE-2018-14627
 	- wildfly <itp> (bug #752018)
 	NOTE: https://issues.jboss.org/browse/WFLY-9107
 	NOTE: https://github.com/wildfly/wildfly/pull/10675
-CVE-2018-14626 (PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS ...)
+CVE-2018-14626
 	- pdns 4.1.5-1 (bug #913163)
 	[stretch] - pdns <not-affected> (Vulnerable code present only in >=  4.1.0)
 	[jessie] - pdns <not-affected> (Vulnerable code not present)
@@ -16298,20 +16290,20 @@ CVE-2018-14626 (PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and Po
 	NOTE: https://downloads.powerdns.com/patches/2018-05/
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-06.html
 	NOTE: https://downloads.powerdns.com/patches/2018-06/
-CVE-2018-14625 (A flaw was found in the Linux Kernel where an attacker may be able to ...)
+CVE-2018-14625
 	- linux 4.19.9-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://syzkaller.appspot.com/bug?extid=bd391451452fb0b93039
-CVE-2018-14624 (A vulnerability was discovered in 389-ds-base through versions ...)
+CVE-2018-14624
 	{DLA-1526-1}
 	- 389-ds-base 1.4.0.18-1 (bug #907778)
 	NOTE: https://pagure.io/389-ds-base/issue/49937
 	NOTE: https://pagure.io/389-ds-base/c/8ff8cb850 (master)
 	NOTE: https://pagure.io/389-ds-base/c/c5e78249d (389-ds-base-1.3.8)
 	NOTE: https://pagure.io/389-ds-base/c/9f28620d2 (389-ds-base-1.3.7)
-CVE-2018-14623 (A SQL injection flaw was found in katello's errata-related API. An ...)
+CVE-2018-14623
 	NOT-FOR-US: Katello
-CVE-2018-14622 (A null-pointer dereference vulnerability was found in libtirpc before ...)
+CVE-2018-14622
 	{DLA-1487-1}
 	[experimental] - libtirpc 1.0.2-0.1
 	- libtirpc 0.2.5-1.3 (bug #907608)
@@ -16319,124 +16311,124 @@ CVE-2018-14622 (A null-pointer dereference vulnerability was found in libtirpc b
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1620293
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=968175
 	NOTE: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=1c77f7a869bdea2a34799d774460d1f9983d45f0
-CVE-2018-14621 (An infinite loop vulnerability was found in libtirpc before version ...)
+CVE-2018-14621
 	- libtirpc <not-affected> (Vulnerable code not in a released version)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1620290
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=968175
 	NOTE: Introduced by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=b2c9430f46c4ac848957fb8adaac176a3f6ac03f (0.3.3-rc3)
 	NOTE: Fixed by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=fce98161d9815ea016855d9f00274276452c2c4b
-CVE-2018-14620 (The OpenStack RabbitMQ container image insecurely retrieves the ...)
+CVE-2018-14620
 	NOT-FOR-US: Insecure Red Hat container config
-CVE-2018-14619 (A flaw was found in the crypto subsystem of the Linux kernel before ...)
+CVE-2018-14619
 	- linux 4.14.12-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/b32a7dc8aef1882fbf983eb354837488cc9d54dc
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/28/1
-CVE-2018-14618 (curl before version 7.61.1 is vulnerable to a buffer overrun in the ...)
+CVE-2018-14618
 	{DSA-4286-1 DLA-1498-1}
 	- curl 7.62.0-1 (bug #908327)
 	NOTE: https://curl.haxx.se/docs/CVE-2018-14618.html
 	NOTE: https://github.com/curl/curl/issues/2756
 	NOTE: https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243
-CVE-2018-14617 (An issue was discovered in the Linux kernel through 4.17.10. There is a ...)
+CVE-2018-14617
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.8-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200297
 	NOTE: https://www.spinics.net/lists/linux-fsdevel/msg130021.html
-CVE-2018-14616 (An issue was discovered in the Linux kernel through 4.17.10. There is a ...)
+CVE-2018-14616
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200465
-CVE-2018-14615 (An issue was discovered in the Linux kernel through 4.17.10. There is a ...)
+CVE-2018-14615
 	- linux 4.19.9-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200421
-CVE-2018-14614 (An issue was discovered in the Linux kernel through 4.17.10. There is ...)
+CVE-2018-14614
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200419
-CVE-2018-14613 (An issue was discovered in the Linux kernel through 4.17.10. There is ...)
+CVE-2018-14613
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199849
 	NOTE: https://patchwork.kernel.org/patch/10503147/
-CVE-2018-14612 (An issue was discovered in the Linux kernel through 4.17.10. There is ...)
+CVE-2018-14612
 	{DLA-1715-1}
 	- linux 4.18.8-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199847
 	NOTE: https://patchwork.kernel.org/patch/10503403/
 	NOTE: https://patchwork.kernel.org/patch/10503413/
-CVE-2018-14611 (An issue was discovered in the Linux kernel through 4.17.10. There is a ...)
+CVE-2018-14611
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199839
 	NOTE: https://patchwork.kernel.org/patch/10503099/
-CVE-2018-14610 (An issue was discovered in the Linux kernel through 4.17.10. There is ...)
+CVE-2018-14610
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199837
 	NOTE: https://patchwork.kernel.org/patch/10503415/
-CVE-2018-14609 (An issue was discovered in the Linux kernel through 4.17.10. There is ...)
+CVE-2018-14609
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.8-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199833
 	NOTE: https://patchwork.kernel.org/patch/10500521/
-CVE-2018-14608 (Thomson Reuters UltraTax CS 2017 on Windows has a password protection ...)
+CVE-2018-14608
 	NOT-FOR-US: Thomson Reuters UltraTax CS 2017
-CVE-2018-14607 (Thomson Reuters UltraTax CS 2017 on Windows, in a client/server ...)
+CVE-2018-14607
 	NOT-FOR-US: Thomson Reuters UltraTax CS 2017
-CVE-2018-14600 (An issue was discovered in libX11 through 1.6.5. The function ...)
+CVE-2018-14600
 	{DLA-1482-1}
 	- libx11 2:1.6.6-1 (low)
 	[stretch] - libx11 2:1.6.4-3+deb9u1
 	[wheezy] - libx11 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/dbf72805fd9d7b1846fe9a11b46f3994bfc27fea
-CVE-2018-14599 (An issue was discovered in libX11 through 1.6.5. The function ...)
+CVE-2018-14599
 	{DLA-1482-1}
 	- libx11 2:1.6.6-1 (low)
 	[stretch] - libx11 2:1.6.4-3+deb9u1
 	[wheezy] - libx11 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/b469da1430cdcee06e31c6251b83aede072a1ff0
-CVE-2018-14598 (An issue was discovered in XListExtensions in ListExt.c in libX11 ...)
+CVE-2018-14598
 	{DLA-1482-1}
 	- libx11 2:1.6.6-1 (low)
 	[stretch] - libx11 2:1.6.4-3+deb9u1
 	[wheezy] - libx11 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/e83722768fd5c467ef61fa159e8c6278770b45c2
-CVE-2018-14606 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-14606
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 10.6 and later)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14605 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-14605
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 10.7 and later)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14604 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-14604
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 10.7 and later)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14603 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-14603
 	- gitlab 10.8.7+dfsg-1
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14602 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-14602
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Affects 9.0 and later only)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14601 (An issue was discovered in GitLab Community and Enterprise Edition ...)
+CVE-2018-14601
 	- gitlab <not-affected> (11.1.0 specific regression)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14597 (CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA ...)
+CVE-2018-14597
 	NOT-FOR-US: CA Technologies Identity Governance
-CVE-2018-1002208 (sharplibzip before 1.0 RC1 is vulnerable to directory traversal, ...)
+CVE-2018-1002208
 	- mono 5.18.0.240+dfsg-1
 	[stretch] - mono <no-dsa> (Minor issue)
 	[jessie] - mono <no-dsa> (Minor issue)
@@ -16444,64 +16436,64 @@ CVE-2018-1002208 (sharplibzip before 1.0 RC1 is vulnerable to directory traversa
 	NOTE: https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247
 	NOTE: https://github.com/icsharpcode/SharpZipLib/issues/232
 	NOTE: https://github.com/mono/mono/issues/11492
-CVE-2018-1002207 (mholt/archiver golang package before ...)
+CVE-2018-1002207
 	NOT-FOR-US: golang-github-mholt-archiver
-CVE-2018-1002206 (SharpCompress before 0.21.0 is vulnerable to directory traversal, ...)
+CVE-2018-1002206
 	NOT-FOR-US: SharpCompress library (for .NET Standard 1.0)
-CVE-2018-1002205 (DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, ...)
+CVE-2018-1002205
 	NOT-FOR-US: DotNetZip.Semvered library (.NET)
-CVE-2018-1002203 (unzipper npm library before 0.8.13 is vulnerable to directory ...)
+CVE-2018-1002203
 	NOT-FOR-US: unzipper nodejs module
-CVE-2018-14596 (wancms 1.0 through 5.0 allows remote attackers to cause a denial of ...)
+CVE-2018-14596
 	NOT-FOR-US: wancms
 CVE-2018-14595
 	RESERVED
 CVE-2018-14594
 	RESERVED
-CVE-2018-14593 (An issue was discovered in Open Ticket Request System (OTRS) 6.0.x ...)
+CVE-2018-14593
 	{DSA-4317-1 DLA-1473-1}
 	- otrs2 6.0.10-1
 	NOTE: https://community.otrs.com/security-advisory-2018-03-security-update-for-otrs-framework/
 	NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/57cda14db8fdbcbfb8cabb32d85fbc89fde48c62
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/7b6802723e1f5d1764b617e9fcf0a8dd21e96216
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/78331ea187181d6130189d4563a50b4c30256320
-CVE-2018-14592 (The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW ...)
+CVE-2018-14592
 	NOT-FOR-US: CWJoomla
 CVE-2018-14591
 	RESERVED
-CVE-2018-14590 (An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in ...)
+CVE-2018-14590
 	NOT-FOR-US: Bento4
-CVE-2018-14589 (An issue has been discovered in Bento4 1.5.1-624. ...)
+CVE-2018-14589
 	NOT-FOR-US: Bento4
-CVE-2018-14588 (An issue has been discovered in Bento4 1.5.1-624. A NULL pointer ...)
+CVE-2018-14588
 	NOT-FOR-US: Bento4
-CVE-2018-14587 (An issue has been discovered in Bento4 1.5.1-624. ...)
+CVE-2018-14587
 	NOT-FOR-US: Bento4
-CVE-2018-14586 (An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in ...)
+CVE-2018-14586
 	NOT-FOR-US: Bento4
-CVE-2018-14585 (An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE ...)
+CVE-2018-14585
 	NOT-FOR-US: Bento4
-CVE-2018-14584 (An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create ...)
+CVE-2018-14584
 	NOT-FOR-US: Bento4
-CVE-2018-14583 (xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background ...)
+CVE-2018-14583
 	NOT-FOR-US: XYHCMS
-CVE-2018-14582 (index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a ...)
+CVE-2018-14582
 	NOT-FOR-US: BageCMS
-CVE-2018-14581 (Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before ...)
+CVE-2018-14581
 	NOT-FOR-US: Redgate .NET Reflector and SmartAssembly
 CVE-2018-14580
 	RESERVED
-CVE-2018-14579 (GolemCMS through 2008-12-24, if the install/ directory remains active ...)
+CVE-2018-14579
 	NOT-FOR-US: GolemCMS
 CVE-2018-14578
 	RESERVED
 CVE-2018-14577
 	RESERVED
-CVE-2018-14576 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-14576
 	NOT-FOR-US: smart contract implementation for SunContract
 CVE-2018-14575
-	RESERVED
-CVE-2018-14574 (django.middleware.common.CommonMiddleware in Django 1.11.x before ...)
+	TODO: check
+CVE-2018-14574
 	{DSA-4264-1}
 	- python-django 1:1.11.15-1 (bug #905216)
 	[jessie] - python-django <not-affected> (Vulnerable code not present)
@@ -16510,78 +16502,78 @@ CVE-2018-14574 (django.middleware.common.CommonMiddleware in Django 1.11.x befor
 	NOTE: https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c (2.1 release branch)
 	NOTE: https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff (1.11 release branch)
 	NOTE: https://github.com/django/django/commit/434d309ef6dbecbfd2b322d3a1da78aa5cb05fa8 (vuln. introduced here?)
-CVE-2018-14573 (A Local File Inclusion (LFI) vulnerability exists in the Web Interface ...)
+CVE-2018-14573
 	NOT-FOR-US: TightRope Media Carousel Digital Signage
-CVE-2018-14572 (In conference-scheduler-cli, a pickle.load call on imported data ...)
+CVE-2018-14572
 	NOT-FOR-US: conference-scheduler-cli
 CVE-2018-14571
 	RESERVED
-CVE-2018-14570 (A file upload vulnerability in application/shop/controller/member.php ...)
+CVE-2018-14570
 	NOT-FOR-US: Niushop B2B2C Multi-business basic
 CVE-2018-14569
 	RESERVED
-CVE-2018-1999024 (MathJax version prior to version 2.7.4 contains a Cross Site Scripting ...)
+CVE-2018-1999024
 	- mathjax 2.7.4+dfsg-1
 	[stretch] - mathjax <no-dsa> (Minor issue)
 	[jessie] - mathjax <no-dsa> (Minor issue)
 	NOTE: https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1
-CVE-2018-1999021 (Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1999021
 	NOT-FOR-US: Gleezcms Gleez Cms
-CVE-2018-1999020 (Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier ...)
+CVE-2018-1999020
 	NOT-FOR-US: ONOS
-CVE-2018-1999019 (Chamilo LMS version 11.x contains an Unserialization vulnerability in ...)
+CVE-2018-1999019
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-1999018 (Pydio version 8.2.1 and prior contains an Unvalidated user input ...)
+CVE-2018-1999018
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-1999017 (Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery ...)
+CVE-2018-1999017
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-1999016 (Pydio version 8.2.0 and earlier contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1999016
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-1999015 (FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains ...)
+CVE-2018-1999015
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32
-CVE-2018-1999014 (FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains ...)
+CVE-2018-1999014
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e7
-CVE-2018-1999013 (FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains ...)
+CVE-2018-1999013
 	{DSA-4249-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f
-CVE-2018-1999012 (FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains ...)
+CVE-2018-1999012
 	{DSA-4249-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9807d3976be0e92e4ece3b4b1701be894cd7c2e
-CVE-2018-1999011 (FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains ...)
+CVE-2018-1999011
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2 release)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2b46ebdbff1d8dec7a3d8ea280a612b91a58286
-CVE-2018-1999010 (FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains ...)
+CVE-2018-1999010
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e
-CVE-2018-1999009 (October CMS version prior to Build 437 contains a Local File Inclusion ...)
+CVE-2018-1999009
 	NOT-FOR-US: October CMS
-CVE-2018-1999008 (October CMS version prior to build 437 contains a Cross Site Scripting ...)
+CVE-2018-1999008
 	NOT-FOR-US: October CMS
-CVE-2018-14568 (Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a ...)
+CVE-2018-14568
 	- suricata 1:4.0.5-1
 	[stretch] - suricata <no-dsa> (Minor issue)
 	[jessie] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2501
-CVE-2018-14567 (libxml2 2.9.8, if --with-lzma is used, allows remote attackers to ...)
+CVE-2018-14567
 	{DLA-1524-1}
 	- libxml2 <unfixed>
 	[stretch] - libxml2 <postponed> (Minor issue)
@@ -16589,13 +16581,13 @@ CVE-2018-14567 (libxml2 2.9.8, if --with-lzma is used, allows remote attackers t
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
 CVE-2018-14566
 	RESERVED
-CVE-2018-14565 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. A ...)
+CVE-2018-14565
 	NOT-FOR-US: THULAC
-CVE-2018-14564 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. A ...)
+CVE-2018-14564
 	NOT-FOR-US: THULAC
-CVE-2018-14563 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. ...)
+CVE-2018-14563
 	NOT-FOR-US: THULAC
-CVE-2018-14562 (An issue was discovered in libthulac.so in THULAC through 2018-02-25. A ...)
+CVE-2018-14562
 	NOT-FOR-US: THULAC
 CVE-2018-14561
 	RESERVED
@@ -16603,7 +16595,7 @@ CVE-2018-14560
 	RESERVED
 CVE-2018-14559
 	RESERVED
-CVE-2018-14558 (An issue was discovered on Tenda AC7 devices with firmware through ...)
+CVE-2018-14558
 	NOT-FOR-US: Tenda AC7 devices
 CVE-2018-14557
 	RESERVED
@@ -16617,7 +16609,7 @@ CVE-2018-14553
 	RESERVED
 CVE-2018-14552
 	RESERVED
-CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses ...)
+CVE-2018-14551
 	- imagemagick 8:6.9.10.8+dfsg-1 (bug #904713)
 	[stretch] - imagemagick <postponed> (Can be fixed along in a future DSA)
 	[jessie] - imagemagick <not-affected> (vulnerable code not present)
@@ -16629,7 +16621,7 @@ CVE-2018-14550 [stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_to
 	- libpng1.6 <unfixed> (unimportant)
 	- libpng <removed> (unimportant)
 	NOTE: https://github.com/glennrp/libpng/issues/246
-CVE-2018-14549 (An issue has been found in libwav through 2017-04-20. It is a SEGV in ...)
+CVE-2018-14549
 	NOT-FOR-US: libwav
 CVE-2018-14548
 	RESERVED
@@ -16637,15 +16629,15 @@ CVE-2018-14547
 	RESERVED
 CVE-2018-14546
 	RESERVED
-CVE-2018-14545 (There exists one invalid memory read bug in ...)
+CVE-2018-14545
 	NOT-FOR-US: Bento4
-CVE-2018-14544 (There exists one invalid memory read bug in ...)
+CVE-2018-14544
 	NOT-FOR-US: Bento4
-CVE-2018-14543 (There exists one NULL pointer dereference vulnerability in ...)
+CVE-2018-14543
 	NOT-FOR-US: Bento4
 CVE-2018-14542
 	RESERVED
-CVE-2018-14541 (PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS ...)
+CVE-2018-14541
 	NOT-FOR-US: PHP Scripts Mall Basic B2B Script
 CVE-2018-14540
 	RESERVED
@@ -16661,11 +16653,11 @@ CVE-2018-14535
 	RESERVED
 CVE-2018-14534
 	RESERVED
-CVE-2018-14533 (read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain ...)
+CVE-2018-14533
 	NOT-FOR-US: Inteno IOPSYS
-CVE-2018-14532 (An issue was discovered in Bento4 1.5.1-624. There is a heap-based ...)
+CVE-2018-14532
 	NOT-FOR-US: Bento4
-CVE-2018-14531 (An issue was discovered in Bento4 1.5.1-624. There is an unspecified ...)
+CVE-2018-14531
 	NOT-FOR-US: Bento4
 CVE-2018-14530
 	RESERVED
@@ -16673,9 +16665,9 @@ CVE-2018-14529
 	RESERVED
 CVE-2018-14528
 	RESERVED
-CVE-2018-14527 (Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection ...)
+CVE-2018-14527
 	NOT-FOR-US: Xiao5uCompany
-CVE-2018-14526 (An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 ...)
+CVE-2018-14526
 	{DLA-1462-1}
 	- wpa 2:2.6-18 (bug #905739)
 	[stretch] - wpa 2:2.4-1+deb9u2
@@ -16684,19 +16676,19 @@ CVE-2018-14526 (An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0
 	NOTE: https://w1.fi/security/2018-1/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
 CVE-2018-14525
 	RESERVED
-CVE-2018-14524 (dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a ...)
+CVE-2018-14524
 	- libredwg <itp> (bug #595191)
-CVE-2018-14523 (An issue was discovered in aubio 0.4.6. A buffer over-read can occur in ...)
+CVE-2018-14523
 	- aubio 0.4.6-1 (bug #904906)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
 	NOTE: https://github.com/aubio/aubio/issues/189
-CVE-2018-14522 (An issue was discovered in aubio 0.4.6. A SEGV signal can occur in ...)
+CVE-2018-14522
 	- aubio 0.4.6-1 (bug #904907)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
 	NOTE: https://github.com/aubio/aubio/issues/188
-CVE-2018-14521 (An issue was discovered in aubio 0.4.6. A SEGV signal can occur in ...)
+CVE-2018-14521
 	- aubio 0.4.6-1 (bug #904908)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
@@ -16707,17 +16699,17 @@ CVE-2018-14519
 	RESERVED
 CVE-2018-14518
 	RESERVED
-CVE-2018-14517 (SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain ...)
+CVE-2018-14517
 	NOT-FOR-US: SeaCMS
 CVE-2018-14516
 	RESERVED
-CVE-2018-14515 (A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote ...)
+CVE-2018-14515
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-14514 (An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that ...)
+CVE-2018-14514
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-14513 (An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is ...)
+CVE-2018-14513
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-14512 (An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is ...)
+CVE-2018-14512
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-14511
 	RESERVED
@@ -16731,20 +16723,20 @@ CVE-2018-14507
 	RESERVED
 CVE-2018-14506
 	RESERVED
-CVE-2018-14504 (An issue was discovered in manage_filter_edit_page.php in MantisBT 2.x ...)
+CVE-2018-14504
 	- mantis <removed>
 	NOTE: http://github.com/mantisbt/mantisbt/commit/8b5fa243dbf04344a55fe880135ec149fc1f439f
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/602
 	NOTE: https://mantisbt.org/bugs/view.php?id=24608
-CVE-2018-14503 (Cross-site scripting (XSS) vulnerability in intervalCheck.jsp in ...)
+CVE-2018-14503
 	NOT-FOR-US: Coremail XT
 CVE-2018-14502
 	RESERVED
-CVE-2018-14501 (manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as ...)
+CVE-2018-14501
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14500 (joyplus-cms 1.6.0 has XSS via the ...)
+CVE-2018-14500
 	NOT-FOR-US: joyplus-cms
-CVE-2018-1999023 (The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a ...)
+CVE-2018-1999023
 	- wesnoth-1.14 1:1.14.4-1
 	- wesnoth-1.12 <removed>
 	[stretch] - wesnoth-1.12 1:1.12.6-1+deb9u1
@@ -16752,22 +16744,23 @@ CVE-2018-1999023 (The Battle for Wesnoth Project version 1.7.0 through 1.14.3 co
 	[jessie] - wesnoth-1.10 <end-of-life> (Games are not supported in Jessie)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/1
 	NOTE: https://github.com/wesnoth/wesnoth/commit/d911268a783467842d38eae7ac1630f1fea41318 (1.14.x)
-CVE-2018-14505 (mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to ...)
+CVE-2018-14505
 	- mitmproxy 3.0.4-1 (bug #904293)
 	[stretch] - mitmproxy <ignored> (Minor issue)
 	[jessie] - mitmproxy <ignored> (Minor issue)
 	NOTE: https://github.com/mitmproxy/mitmproxy/issues/3234
 	NOTE: https://github.com/mitmproxy/mitmproxy/pull/3243
-CVE-2018-14499 (An issue was found in HYBBS through 2016-03-08. There is an XSS ...)
+CVE-2018-14499
 	NOT-FOR-US: HYBBS
-CVE-2018-14498 (get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG ...)
+CVE-2018-14498
+	{DLA-1719-1}
 	- libjpeg-turbo <unfixed> (bug #924678)
 	[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
 	- mozjpeg <itp> (bug #741487)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258
 	NOTE: https://github.com/mozilla/mozjpeg/issues/299
-CVE-2018-14497 (Tenda D152 ADSL routers allow XSS via a crafted SSID. ...)
+CVE-2018-14497
 	NOT-FOR-US: Tenda D152 ADSL routers
 CVE-2018-14496
 	RESERVED
@@ -16775,11 +16768,11 @@ CVE-2018-14495
 	RESERVED
 CVE-2018-14494
 	RESERVED
-CVE-2018-14493 (Cross-site scripting (XSS) vulnerability in the Groups Page in ...)
+CVE-2018-14493
 	NOT-FOR-US: Open-Audit Community
-CVE-2018-14492 (Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, ...)
+CVE-2018-14492
 	NOT-FOR-US: Tenda devices
-CVE-2018-1999022 (PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) ...)
+CVE-2018-1999022
 	- civicrm 5.3.1+dfsg-1 (bug #904215)
 	NOTE: https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform
 CVE-2018-14491
@@ -16793,7 +16786,7 @@ CVE-2018-14488
 CVE-2018-14487
 	RESERVED
 CVE-2018-14486
-	RESERVED
+	TODO: check
 CVE-2018-14485
 	RESERVED
 CVE-2018-14484
@@ -16802,7 +16795,7 @@ CVE-2018-14483
 	RESERVED
 CVE-2018-14482
 	RESERVED
-CVE-2018-14481 (Osclass 3.7.4 has XSS via the query string to index.php, a different ...)
+CVE-2018-14481
 	NOT-FOR-US: Osclass
 CVE-2018-14480
 	RESERVED
@@ -16817,14 +16810,14 @@ CVE-2018-14476
 	RESERVED
 CVE-2018-14475
 	RESERVED
-CVE-2018-14474 (views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the ...)
+CVE-2018-14474
 	NOT-FOR-US: Orange Forum
-CVE-2018-14473 (OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing ...)
+CVE-2018-14473
 	- ocsinventory-server 2.5+dfsg-1 (unimportant; bug #905396)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-14472 (An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is ...)
+CVE-2018-14472
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-14471 (dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG ...)
+CVE-2018-14471
 	- libredwg <itp> (bug #595191)
 CVE-2018-14470
 	RESERVED
@@ -16846,93 +16839,93 @@ CVE-2018-14462
 	RESERVED
 CVE-2018-14461
 	RESERVED
-CVE-2018-14460 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-14460
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README3.md
-CVE-2018-14459 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds ...)
+CVE-2018-14459
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14458 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...)
+CVE-2018-14458
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14457 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds ...)
+CVE-2018-14457
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14456 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds ...)
+CVE-2018-14456
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14455 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds ...)
+CVE-2018-14455
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14454 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds read ...)
+CVE-2018-14454
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14453 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...)
+CVE-2018-14453
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14452 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds read ...)
+CVE-2018-14452
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14451 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...)
+CVE-2018-14451
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14450 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds read ...)
+CVE-2018-14450
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14449 (An issue was discovered in libgig 4.1.0. There is an out of bounds read ...)
+CVE-2018-14449
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14448 (Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL ...)
+CVE-2018-14448
 	- untrunc <itp> (bug #702476)
-CVE-2018-14447 (trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds ...)
+CVE-2018-14447
 	{DLA-1470-1}
 	- confuse 3.2.1+dfsg-5 (bug #904159)
 	[stretch] - confuse 3.0+dfsg-2+deb9u1
 	NOTE: https://github.com/martinh/libconfuse/issues/109
-CVE-2018-14446 (MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows ...)
+CVE-2018-14446
 	- mp4v2 <removed> (bug #904896)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/TechSmith/mp4v2/issues/20
-CVE-2018-14445 (In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows ...)
+CVE-2018-14445
 	NOT-FOR-US: Bento4
-CVE-2018-14444 (libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 ...)
+CVE-2018-14444
 	NOT-FOR-US: libdxfrw
-CVE-2018-14443 (get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote ...)
+CVE-2018-14443
 	- libredwg <itp> (bug #595191)
-CVE-2018-14442 (Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free ...)
+CVE-2018-14442
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14441 (An issue was discovered in cckevincyh SSH CompanyWebsite through ...)
+CVE-2018-14441
 	NOT-FOR-US: cckevincyh SSH CompanyWebsite
-CVE-2018-14440 (An issue was discovered in cckevincyh SSH CompanyWebsite through ...)
+CVE-2018-14440
 	NOT-FOR-US: cckevincyh SSH CompanyWebsite
-CVE-2018-14439 (espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 ...)
+CVE-2018-14439
 	NOT-FOR-US: eos4j
-CVE-2018-14438 (In Wireshark through 2.6.2, the create_app_running_mutex function in ...)
+CVE-2018-14438
 	- wireshark <not-affected> (Problem with SetSecurityDescriptorDacl() is Windows specific issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14921
-CVE-2018-14437 (ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ...)
+CVE-2018-14437
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1190
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/082223fb992448dbb574747deac9a30f986c116e
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/0812674565df667b1b3e4122ad259096de311c6c
-CVE-2018-14436 (ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in ...)
+CVE-2018-14436
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1191
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b352c0be410ad900469a079e389178f878aded8
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ae3eecad2f59e27123c1a6c891be75d06fc03656
-CVE-2018-14435 (ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ...)
+CVE-2018-14435
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1193
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/957b6397b958a5881005df27eb97319b3175a3c9
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e8f4f5e776002aa6ed490d7c6f65e10fa67359dd
-CVE-2018-14434 (ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage ...)
+CVE-2018-14434
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1192
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/98a2cceae0dceccbfe54051167c2c80be1f13c3f
 CVE-2018-14433
 	RESERVED
-CVE-2018-14432 (In the Federation component of OpenStack Keystone before 11.0.4, ...)
+CVE-2018-14432
 	{DSA-4275-1}
 	- keystone 2:13.0.0-7 (bug #904616)
 	[jessie] - keystone <end-of-life> (Not supported in Jessie)
@@ -16940,9 +16933,9 @@ CVE-2018-14432 (In the Federation component of OpenStack Keystone before 11.0.4,
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1779205
 CVE-2018-14431
 	RESERVED
-CVE-2018-14430 (The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows ...)
+CVE-2018-14430
 	NOT-FOR-US:  Mondula Multi Step Form plugin for WordPress
-CVE-2018-14429 (man-cgi before 1.16 allows Local File Inclusion via absolute path ...)
+CVE-2018-14429
 	NOT-FOR-US: man-cgi
 CVE-2018-14428
 	RESERVED
@@ -16952,32 +16945,32 @@ CVE-2018-14426
 	RESERVED
 CVE-2018-14425
 	RESERVED
-CVE-2018-14424 (The daemon in GDM through 3.29.1 does not properly unexport display ...)
+CVE-2018-14424
 	{DSA-4270-1 DLA-1494-1}
 	- gdm3 3.28.2-4
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/401
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/6060db704a19b0db68f2e9e6a2d020c0c78b6bba
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/765b306c364885dd89d47fe9fe8618ce6a467bc1
-CVE-2018-14423 (Division-by-zero vulnerabilities in the functions pi_next_pcrl, ...)
+CVE-2018-14423
 	{DSA-4405-1 DLA-1614-1}
 	- openjpeg2 2.3.0-2 (low; bug #904873)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1123
 	NOTE: https://github.com/uclouvain/openjpeg/commit/bd88611ed9ad7144ec4f3de54790cd848175891b
-CVE-2018-14422 (blog/index.php in SansCMS 0.7 has XSS via the q parameter. ...)
+CVE-2018-14422
 	NOT-FOR-US: SansCMS
-CVE-2018-14421 (SeaCMS v6.61 allows Remote Code execution by placing PHP code in a ...)
+CVE-2018-14421
 	NOT-FOR-US: SeaCMS
-CVE-2018-14420 (MetInfo 6.0.0 allows a CSRF attack to add a user account via a ...)
+CVE-2018-14420
 	NOT-FOR-US: MetInfo
-CVE-2018-14419 (MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on ...)
+CVE-2018-14419
 	NOT-FOR-US: MetInfo
-CVE-2018-14418 (In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI. ...)
+CVE-2018-14418
 	NOT-FOR-US: Msvod Cms
-CVE-2018-14417 (A command injection vulnerability was found in the web administration ...)
+CVE-2018-14417
 	NOT-FOR-US: SoftNAS
 CVE-2018-14416
 	RESERVED
-CVE-2018-14415 (An issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists ...)
+CVE-2018-14415
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-14414
 	RESERVED
@@ -16999,70 +16992,70 @@ CVE-2018-14406
 	RESERVED
 CVE-2018-14405
 	RESERVED
-CVE-2018-14404 (A NULL pointer dereference vulnerability exists in the ...)
+CVE-2018-14404
 	{DLA-1524-1}
 	- libxml2 <unfixed> (bug #901817)
 	[stretch] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/5
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/10
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594
-CVE-2018-14403 (MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings ...)
+CVE-2018-14403
 	- mp4v2 <removed> (bug #904897)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/3
-CVE-2018-14402 (axmldec 1.2.0 has an out-of-bounds write in the ...)
+CVE-2018-14402
 	NOT-FOR-US: axmldec
-CVE-2018-14401 (CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an ...)
+CVE-2018-14401
 	NOT-FOR-US: AXML Parser
 CVE-2018-14400
 	REJECTED
-CVE-2018-14399 (libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote ...)
+CVE-2018-14399
 	NOT-FOR-US: PHPCMS
-CVE-2018-14398 (An issue was discovered in Creme CRM 1.6.12. The value of the cancel ...)
+CVE-2018-14398
 	NOT-FOR-US: Creme CRM
-CVE-2018-14397 (An issue was discovered in Creme CRM 1.6.12. The organization creation ...)
+CVE-2018-14397
 	NOT-FOR-US: Creme CRM
-CVE-2018-14396 (An issue was discovered in Creme CRM 1.6.12. The salesman creation ...)
+CVE-2018-14396
 	NOT-FOR-US: Creme CRM
-CVE-2018-14395 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a ...)
+CVE-2018-14395
 	{DSA-4258-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (only version 2 is supported)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582
-CVE-2018-14394 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a ...)
+CVE-2018-14394
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8
 CVE-2018-14393
 	RESERVED
-CVE-2018-14392 (The New Threads plugin before 1.2 for MyBB has XSS. ...)
+CVE-2018-14392
 	NOT-FOR-US: New Threads plugin for MyBB
 CVE-2018-14391
 	RESERVED
 CVE-2018-14390
 	RESERVED
-CVE-2018-1999001 (A unauthorized modification of configuration vulnerability exists in ...)
+CVE-2018-1999001
 	NOT-FOR-US: Jenkins
-CVE-2018-1999002 (A arbitrary file read vulnerability exists in Jenkins 2.132 and ...)
+CVE-2018-1999002
 	NOT-FOR-US: Jenkins
-CVE-2018-1999003 (A Improper authorization vulnerability exists in Jenkins 2.132 and ...)
+CVE-2018-1999003
 	NOT-FOR-US: Jenkins
-CVE-2018-1999004 (A Improper authorization vulnerability exists in Jenkins 2.132 and ...)
+CVE-2018-1999004
 	NOT-FOR-US: Jenkins
-CVE-2018-1999005 (A cross-site scripting vulnerability exists in Jenkins 2.132 and ...)
+CVE-2018-1999005
 	NOT-FOR-US: Jenkins
-CVE-2018-1999006 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1999006
 	NOT-FOR-US: Jenkins
-CVE-2018-1999007 (A cross-site scripting vulnerability exists in Jenkins 2.132 and ...)
+CVE-2018-1999007
 	NOT-FOR-US: Jenkins
-CVE-2018-14389 (joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val ...)
+CVE-2018-14389
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14388 (joyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php ...)
+CVE-2018-14388
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14387 (An issue was discovered in WonderCMS before 2.5.2. An attacker can ...)
+CVE-2018-14387
 	NOT-FOR-US: WonderCMS
 CVE-2018-14386
 	RESERVED
@@ -17072,13 +17065,13 @@ CVE-2018-14384
 	RESERVED
 CVE-2018-14383
 	RESERVED
-CVE-2018-14382 (InstantCMS 2.10.1 has /redirect?url= XSS. ...)
+CVE-2018-14382
 	NOT-FOR-US: InstantCMS
-CVE-2018-14381 (Pagekit before 1.0.14 has a /user/login?redirect= open redirect ...)
+CVE-2018-14381
 	NOT-FOR-US: Pagekit CMS
-CVE-2018-14380 (In Graylog before 2.4.6, XSS was possible in typeahead components, ...)
+CVE-2018-14380
 	- graylog2 <itp> (bug #652273)
-CVE-2018-14379 (MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the ...)
+CVE-2018-14379
 	- mp4v2 <removed> (bug #904898)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
@@ -17097,230 +17090,230 @@ CVE-2018-14373
 	REJECTED
 CVE-2018-14372
 	RESERVED
-CVE-2018-14371 (The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra ...)
+CVE-2018-14371
 	- mojarra <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24
-CVE-2018-14370 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 ...)
+CVE-2018-14370
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14686
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1446124eebc3ea5591d18e719c2a5cff3630638
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-43.html
-CVE-2018-14369 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+CVE-2018-14369
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14869
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=038cd225bfa54e2a7ade4043118796334920a61e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-41.html
-CVE-2018-14368 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+CVE-2018-14368
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14841
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6c44312f465014eb409d766a9828b7f101f6251c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-40.html
-CVE-2018-14367 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol ...)
+CVE-2018-14367
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14966
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81ce5fcb3e37a0aaeb7532f7a2a09366f16fa310
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-42.html
-CVE-2018-14366 (download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 ...)
+CVE-2018-14366
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
 CVE-2018-14365
 	RESERVED
-CVE-2018-14364 (GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before ...)
+CVE-2018-14364
 	- gitlab 10.7.7+dfsg-2 (bug #904026)
 	NOTE: https://about.gitlab.com/2018/07/17/critical-security-release-gitlab-11-dot-0-dot-4-released/
-CVE-2018-14363 (An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not ...)
+CVE-2018-14363
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
 	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
 	NOTE: previous versions ship a neomutt patchset.
-CVE-2018-14362 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14362
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
 	NOTE: https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576
-CVE-2018-14361 (An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds ...)
+CVE-2018-14361
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585
 	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
 	NOTE: previous versions ship a neomutt patchset.
-CVE-2018-14360 (An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in ...)
+CVE-2018-14360
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3
 	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
 	NOTE: previous versions ship a neomutt patchset.
-CVE-2018-14359 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14359
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85
 	NOTE: https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a
-CVE-2018-14358 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14358
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
 	NOTE: https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
-CVE-2018-14357 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14357
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725
 	NOTE: https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
-CVE-2018-14356 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14356
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6
-CVE-2018-14355 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14355
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d
 	NOTE: https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d
-CVE-2018-14354 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14354
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb
 	NOTE: https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
-CVE-2018-14353 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14353
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
-CVE-2018-14352 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14352
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
-CVE-2018-14351 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14351
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1
-CVE-2018-14350 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14350
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
 	NOTE: https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
-CVE-2018-14349 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
+CVE-2018-14349
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1
 	NOTE: https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416
-CVE-2018-14348 (libcgroup up to and including 0.41 creates /var/log/cgred with mode ...)
+CVE-2018-14348
 	{DLA-1472-1}
 	- libcgroup 0.41-8.1 (low; bug #906308)
 	[stretch] - libcgroup 0.41-8+deb9u1
 	NOTE: https://sourceforge.net/p/libcg/libcg/ci/0d88b73d189ea3440ccaab00418d6469f76fa590/
 	NOTE: cgred not enabled by default, shipped example config logs to syslog by default
-CVE-2018-14347 (GNU Libextractor before 1.7 contains an infinite loop vulnerability in ...)
+CVE-2018-14347
 	{DSA-4290-1 DLA-1478-1}
 	- libextractor 1:1.7-1 (bug #904905)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html
 	NOTE: https://gnunet.org/bugs/view.php?id=5399
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394
-CVE-2018-14346 (GNU Libextractor before 1.7 has a stack-based buffer overflow in ...)
+CVE-2018-14346
 	{DSA-4290-1 DLA-1478-1}
 	- libextractor 1:1.7-1 (bug #904903)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e
-CVE-2018-14345 (An issue was discovered in SDDM through 0.17.0. If configured with ...)
+CVE-2018-14345
 	- sddm 0.18.0-1
 	[stretch] - sddm <not-affected> (Re-use session feature introduced in 0.16.0)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1101450
 	NOTE: https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98
-CVE-2018-14344 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+CVE-2018-14344
 	- wireshark 2.6.2-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, introduced in v1.99.1rc0-224-g6720c80bab)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14672
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f7153685b39a164aea09ba7f96ebb648b8328ae
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-35.html
-CVE-2018-14343 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+CVE-2018-14343
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14682
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9402f2f80c6bc7d25178a0875c5a1f5ee36361db
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-37.html
-CVE-2018-14342 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+CVE-2018-14342
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13741
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=36af43dbb7673495948cd65d0346e8b9812b941c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-34.html
-CVE-2018-14341 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+CVE-2018-14341
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e716c32be6aa20e1813b0002878853e71f8b2f4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-39.html
-CVE-2018-14340 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, ...)
+CVE-2018-14340
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14675
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=672d882a53f96730e4ef1e5b1639c585823b0df8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-36.html
-CVE-2018-14339 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+CVE-2018-14339
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14738
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b77c0a596a8071aebc1de71e3f79e5e15e919ca
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-38.html
-CVE-2018-14338 (samples/geotag.cpp in the example code of Exiv2 0.26 misuses the ...)
+CVE-2018-14338
 	- exiv2 <unfixed> (unimportant)
 	NOTE: https://github.com/Exiv2/exiv2/issues/382
 	NOTE: Issue in example code of Exiv2
-CVE-2018-14337 (The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 ...)
+CVE-2018-14337
 	- mruby 2.0.0-1 (low; bug #903985)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/4062
 	NOTE: https://github.com/mruby/mruby/commit/695f29cd604787f43be1af16e38d13610bf8312b
 	NOTE: https://github.com/mruby/mruby/commit/adb1eae912659d680a9c5b7832e22cf73d36a69a
-CVE-2018-14336 (TP-Link WR840N devices allow remote attackers to cause a denial of ...)
+CVE-2018-14336
 	NOT-FOR-US: TP-Link
-CVE-2018-14335 (An issue was discovered in H2 1.4.197. Insecure handling of ...)
+CVE-2018-14335
 	NOT-FOR-US: H2 (different from src:python-h2)
-CVE-2018-14334 (manager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file ...)
+CVE-2018-14334
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14333 (TeamViewer through 13.1.1548 stores a password in Unicode format within ...)
+CVE-2018-14333
 	NOT-FOR-US: TeamViewer
-CVE-2018-14332 (An issue was discovered in Clementine Music Player 1.3.1. ...)
+CVE-2018-14332
 	- clementine <unfixed> (unimportant)
 	NOTE: https://github.com/clementine-player/Clementine/issues/6078
 	NOTE: https://github.com/MostafaSoliman/Security-Advisories/blob/master/CVE-2018-14332
 	NOTE: Crash in enduser tool, no security impact
-CVE-2018-14331 (An issue was discovered in XiaoCms X1 v20140305. There is a CSRF ...)
+CVE-2018-14331
 	NOT-FOR-US: XiaoCms
 CVE-2018-14330
 	RESERVED
-CVE-2018-14329 (In HTSlib 1.8, a race condition in cram/cram_io.c might allow local ...)
+CVE-2018-14329
 	- htslib <unfixed> (unimportant)
 	NOTE: https://github.com/samtools/htslib/issues/736
 	NOTE: Neutralised by kernel hardening
-CVE-2018-14328 (Brynamics &quot;Online Trade - Online trading and cryptocurrency investment ...)
+CVE-2018-14328
 	NOT-FOR-US: Brynamics "Online Trade - Online trading and cryptocurrency investment system"
-CVE-2018-14327 (The installer for the Alcatel OSPREY3_MINI Modem component on EE ...)
+CVE-2018-14327
 	NOT-FOR-US: Alcatel
-CVE-2018-14324 (The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP ...)
+CVE-2018-14324
 	- glassfish <not-affected> (Vulnerable code not included, only builds a few classes)
 CVE-2018-14323
 	RESERVED
@@ -17328,7 +17321,7 @@ CVE-2018-14322
 	RESERVED
 CVE-2018-14321
 	RESERVED
-CVE-2018-14320 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-14320
 	- libpodofo 0.9.6+dfsg-4 (bug #916240)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -17336,168 +17329,168 @@ CVE-2018-14320 (This vulnerability allows remote attackers to disclose sensitive
 	NOTE: https://sourceforge.net/p/podofo/code/1953
 CVE-2018-14319
 	RESERVED
-CVE-2018-14318 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14318
 	NOT-FOR-US: Samsung
-CVE-2018-14317 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14317
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14316 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-14316
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14315 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14315
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14314 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14314
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14313 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14313
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14312 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14312
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14311 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14311
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14310 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14310
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14309 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14309
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14308 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14308
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14307 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14307
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14306 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14306
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14305 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14305
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14304 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14304
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14303 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14303
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14302 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14302
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14301 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14301
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14300 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14300
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14299 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14299
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14298 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14298
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14297 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14297
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14296 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14296
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14295 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14295
 	NOT-FOR-US: Foxit
-CVE-2018-14294 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14294
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14293 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14293
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14292 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14292
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14291 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14291
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14290 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14290
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14289 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-14289
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14288 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14288
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14287 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14287
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14286 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14286
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14285 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14285
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14284 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14284
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14283 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14283
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14282 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14282
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14281 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14281
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14280 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14280
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14279 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14279
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14278 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14278
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14277 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14277
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14276 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14276
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14275 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14275
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14274 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14274
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14273 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14273
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14272 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14272
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14271 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14271
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14270 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14270
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14269 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14269
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14268 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14268
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14267 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14267
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14266 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14266
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14265 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14265
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14264 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14264
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14263 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14263
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14262 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14262
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14261 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14261
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14260 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14260
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14259 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14259
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14258 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14258
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14257 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14257
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14256 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14256
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14255 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14255
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14254 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14254
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14253 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14253
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14252 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14252
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14251 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14251
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14250 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14250
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14249 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14249
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14248 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14248
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14247 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14247
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14246 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14246
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14245 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14245
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14244 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14244
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14243 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14243
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14242 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14242
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14241 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-14241
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14326 (In MP4v2 2.0.0, there is an integer overflow (with resultant memory ...)
+CVE-2018-14326
 	- mp4v2 <removed> (bug #904900)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/16/1
-CVE-2018-14325 (In MP4v2 2.0.0, there is an integer underflow (with resultant memory ...)
+CVE-2018-14325
 	- mp4v2 <removed> (bug #904901)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
@@ -17804,31 +17797,31 @@ CVE-2018-14091
 	RESERVED
 CVE-2018-14090
 	RESERVED
-CVE-2018-14089 (An issue was discovered in a smart contract implementation for ...)
+CVE-2018-14089
 	NOT-FOR-US: smart contract implementation for Virgo_ZodiacToken
-CVE-2018-14088 (An issue was discovered in a smart contract implementation for STeX ...)
+CVE-2018-14088
 	NOT-FOR-US: smart contract implementation for STeX White List (STE(WL))
-CVE-2018-14087 (An issue was discovered in a smart contract implementation for EUC ...)
+CVE-2018-14087
 	NOT-FOR-US: smart contract implementation for EUC (EUC)
-CVE-2018-14086 (An issue was discovered in a smart contract implementation for ...)
+CVE-2018-14086
 	NOT-FOR-US: smart contract implementation for SingaporeCoinOrigin (SCO)
-CVE-2018-14085 (An issue was discovered in a smart contract implementation for ...)
+CVE-2018-14085
 	NOT-FOR-US: smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42
-CVE-2018-14084 (An issue was discovered in a smart contract implementation for MKCB, an ...)
+CVE-2018-14084
 	NOT-FOR-US: smart contract implementation for MKCB
-CVE-2018-14083 (LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain ...)
+CVE-2018-14083
 	NOT-FOR-US: LICA miniCMTS E8K(u/i/...) devices
-CVE-2018-14082 (PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site ...)
+CVE-2018-14082
 	NOT-FOR-US: PHP Scripts Mall JOB SITE (aka Job Portal)
-CVE-2018-14081 (An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through ...)
+CVE-2018-14081
 	NOT-FOR-US: D-Link
-CVE-2018-14080 (An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through ...)
+CVE-2018-14080
 	NOT-FOR-US: D-Link
-CVE-2018-14079 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote ...)
+CVE-2018-14079
 	NOT-FOR-US: Wi2be SMART HP WMT
-CVE-2018-14078 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote ...)
+CVE-2018-14078
 	NOT-FOR-US: Wi2be SMART HP WMT
-CVE-2018-14077 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote ...)
+CVE-2018-14077
 	NOT-FOR-US: Wi2be SMART HP WMT
 CVE-2018-14076
 	RESERVED
@@ -17836,97 +17829,97 @@ CVE-2018-14075
 	RESERVED
 CVE-2018-14074
 	RESERVED
-CVE-2018-14073 (libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. ...)
+CVE-2018-14073
 	- libsixel 1.8.2-1 (low; bug #903858)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <postponed> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/67#issuecomment-404989926
 	NOTE: https://github.com/saitoha/libsixel/commit/f94bc6fec696abd77be275226f28409602bd1f27
-CVE-2018-14072 (libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, ...)
+CVE-2018-14072
 	- libsixel 1.8.2-1 (low; bug #903858)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <postponed> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/67#issue-341198610
 	NOTE: https://github.com/saitoha/libsixel/commit/f94bc6fec696abd77be275226f28409602bd1f27
-CVE-2018-14071 (The Geo Mashup plugin before 1.10.4 for WordPress has insufficient ...)
+CVE-2018-14071
 	NOT-FOR-US: Geo Mashup plugin for WordPress
 CVE-2018-14070
 	RESERVED
-CVE-2018-14069 (An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability ...)
+CVE-2018-14069
 	NOT-FOR-US: SRCMS
-CVE-2018-14068 (An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability ...)
+CVE-2018-14068
 	NOT-FOR-US: SRCMS
 CVE-2018-14067
 	RESERVED
-CVE-2018-14066 (The content://wappush content provider in ...)
+CVE-2018-14066
 	NOT-FOR-US: Lenovo
-CVE-2018-14065 (XMLReader.php in PHPOffice Common before 0.2.9 allows XXE. ...)
+CVE-2018-14065
 	NOT-FOR-US: PHPOffice
-CVE-2018-14064 (The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices ...)
+CVE-2018-14064
 	NOT-FOR-US: VelotiSmart WiFi B-380 camera devices
-CVE-2018-14063 (The increaseApproval function of a smart contract implementation for ...)
+CVE-2018-14063
 	NOT-FOR-US: smart contract
 CVE-2018-14062
 	RESERVED
 CVE-2018-14061
 	RESERVED
-CVE-2018-14060 (OS command injection in the AP mode settings feature in /cgi-bin/luci ...)
+CVE-2018-14060
 	NOT-FOR-US: Xiaomi R3D
-CVE-2018-14059 (Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, ...)
+CVE-2018-14059
 	NOT-FOR-US: Pimcore
-CVE-2018-14058 (Pimcore before 5.3.0 allows SQL Injection via the REST web service ...)
+CVE-2018-14058
 	NOT-FOR-US: Pimcore
-CVE-2018-14057 (Pimcore before 5.3.0 allows remote attackers to conduct cross-site ...)
+CVE-2018-14057
 	NOT-FOR-US: Pimcore
-CVE-2018-14055 (ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming ...)
+CVE-2018-14055
 	{DSA-4252-1 DLA-1427-1}
 	- znc 1.7.1-1 (bug #903787)
 	NOTE: https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e
 	NOTE: https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/4
-CVE-2018-14056 (ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web ...)
+CVE-2018-14056
 	{DSA-4252-1 DLA-1427-1}
 	- znc 1.7.1-1 (bug #903788)
 	NOTE: https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/5
 CVE-2018-14053
 	RESERVED
-CVE-2018-14052 (An issue has been found in libwav through 2017-04-20. It is a SEGV in ...)
+CVE-2018-14052
 	NOT-FOR-US: libwav
-CVE-2018-14051 (The function wav_read in libwav.c in libwav through 2017-04-20 has an ...)
+CVE-2018-14051
 	NOT-FOR-US: libwav
-CVE-2018-14050 (An issue has been found in libwav through 2017-04-20. It is a SEGV in ...)
+CVE-2018-14050
 	NOT-FOR-US: libwav
-CVE-2018-14049 (An issue has been found in libwav through 2017-04-20. It is a SEGV in ...)
+CVE-2018-14049
 	NOT-FOR-US: libwav
-CVE-2018-14048 (An issue has been found in libpng 1.6.34. It is a SEGV in the function ...)
+CVE-2018-14048
 	- libpng1.6 <unfixed> (unimportant)
 	- libpng <removed> (unimportant)
 	NOTE: https://github.com/glennrp/libpng/issues/238
 	NOTE: Issue in use of libpng in pnm2png not shipped in binary packages.
-CVE-2018-14047 (** DISPUTED ** An issue has been found in PNGwriter 0.7.0. It is a SEGV ...)
+CVE-2018-14047
 	- pngwriter <removed>
 	NOTE: https://github.com/pngwriter/pngwriter/issues/129
-CVE-2018-14046 (Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks ...)
+CVE-2018-14046
 	[experimental] - exiv2 <unfixed> (bug #903763)
 	- exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Exiv2/exiv2/issues/378
 	NOTE: https://github.com/D4N/exiv2/commit/49bfe84b4b7277cc425572fb68db23c8820181c1
-CVE-2018-14045 (The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in ...)
+CVE-2018-14045
 	- soundtouch 2.1.2+ds1-1 (low; bug #905504)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/7
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/soundtouch/readme.md
-CVE-2018-14044 (The RateTransposer::setChannels function in RateTransposer.cpp in ...)
+CVE-2018-14044
 	- soundtouch 2.1.2+ds1-1 (low; bug #905504)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/7
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/soundtouch/readme.md
-CVE-2018-14043 (mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file ...)
+CVE-2018-14043
 	NOT-FOR-US: mstdlib
-CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the data-container ...)
+CVE-2018-14042
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
 	[jessie] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -17941,7 +17934,7 @@ CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the data-container
 	NOTE: https://snyk.io/vuln/npm:bootstrap:20180529
 	NOTE: https://github.com/twbs/bootstrap/commit/2d90d369bbc2bd2647620246c55cec8c4705e3d0 (v4.1.2)
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
-CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target property ...)
+CVE-2018-14041
 	- twitter-bootstrap <not-affected> (Vulnerable code not present)
 	- twitter-bootstrap3 <not-affected> (Vulnerable code not present)
 	NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
@@ -17952,7 +17945,7 @@ CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target pr
 	NOTE: https://snyk.io/vuln/npm:bootstrap:20160627
 	NOTE: https://snyk.io/vuln/npm:bootstrap:20180529
 	NOTE: https://github.com/twbs/bootstrap/commit/cc61edfa8af7b5ec9d4888c59bf94377e499b78b (v4.1.2)
-CVE-2018-14040 (In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent ...)
+CVE-2018-14040
 	{DLA-1479-1}
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -17969,60 +17962,60 @@ CVE-2018-14040 (In Bootstrap before 4.1.2, XSS is possible in the collapse data-
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
 CVE-2018-14039
 	RESERVED
-CVE-2018-14038 (The aout_32_swap_std_reloc_out function in aoutx.h in the Binary File ...)
+CVE-2018-14038
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23405
-CVE-2018-14037 (Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor ...)
+CVE-2018-14037
 	NOT-FOR-US: Progress Kendo UI Editor
-CVE-2018-1000211 (Doorkeeper version 4.2.0 and later contains a Incorrect Access Control ...)
+CVE-2018-1000211
 	- ruby-doorkeeper 4.4.2-1 (bug #903980)
 	[stretch] - ruby-doorkeeper <no-dsa> (Minor issue)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/891
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/1119
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/1031
-CVE-2018-1000210 (YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object ...)
+CVE-2018-1000210
 	NOT-FOR-US: YamlDotNet
-CVE-2018-1000209 (Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a ...)
+CVE-2018-1000209
 	NOT-FOR-US: Sensu
-CVE-2018-1000208 (MODX Revolution version &lt;=2.6.4 contains a Directory Traversal ...)
+CVE-2018-1000208
 	NOT-FOR-US: MODX Revolution
-CVE-2018-1000207 (MODX Revolution version &lt;=2.6.4 contains a Incorrect Access Control ...)
+CVE-2018-1000207
 	NOT-FOR-US: MODX Revolution
-CVE-2018-1000206 (JFrog Artifactory version since 5.11 contains a Cross ite Request ...)
+CVE-2018-1000206
 	NOT-FOR-US: JFrog Artifactory
-CVE-2018-14054 (A double free exists in the MP4StringProperty class in mp4property.cpp ...)
+CVE-2018-14054
 	- mp4v2 <removed> (bug #903859)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/13/1
-CVE-2018-14036 (Directory Traversal with ../ sequences occurs in AccountsService before ...)
+CVE-2018-14036
 	- accountsservice 0.6.45-2 (low; bug #903828)
 	[stretch] - accountsservice <no-dsa> (Minor issue)
 	[jessie] - accountsservice <ignored> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/02/2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=107085
 	NOTE: https://gitlab.freedesktop.org/accountsservice/accountsservice/commit/f9abd359f71a5bce421b9ae23432f539a067847a
-CVE-2018-14035 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-14035
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
-CVE-2018-14034 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an out ...)
+CVE-2018-14034
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
-CVE-2018-14033 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-14033
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
 CVE-2018-14032
 	REJECTED
-CVE-2018-14031 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-14031
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
 CVE-2018-14030
 	RESERVED
-CVE-2018-14029 (CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 ...)
+CVE-2018-14029
 	NOT-FOR-US: Creatiwity wityCMS
-CVE-2018-14028 (In WordPress 4.9.7, plugins uploaded via the admin area are not ...)
+CVE-2018-14028
 	- wordpress 4.9.8+dfsg1-1 (bug #906565)
 	[stretch] - wordpress <no-dsa> (Minor issue)
 	[jessie] - wordpress <postponed> (can be fixed with a later update)
@@ -18036,74 +18029,74 @@ CVE-2018-14025
 	RESERVED
 CVE-2018-14024
 	RESERVED
-CVE-2018-14023 (Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 allows ...)
+CVE-2018-14023
 	- signal-desktop <itp> (bug #842943)
 CVE-2018-14022
 	RESERVED
 CVE-2018-14021
 	RESERVED
-CVE-2018-14020 (An issue was discovered in the Paymorrow module 1.0.0 before 1.0.2 and ...)
+CVE-2018-14020
 	NOT-FOR-US: Paymorrow module for OXID shop
 CVE-2018-14019
 	RESERVED
 CVE-2018-14018
 	RESERVED
-CVE-2018-14017 (The r_bin_java_annotation_new function in shlr/java/class.c in radare2 ...)
+CVE-2018-14017
 	- radare2 2.8.0+dfsg-1 (bug #903726)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/e9ce0d64faf19fa4e9c260250fbdf25e3c11e152
 	NOTE: https://github.com/radare/radare2/issues/10498
-CVE-2018-14016 (The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 ...)
+CVE-2018-14016
 	- radare2 2.8.0+dfsg-1 (bug #903725)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/eb7deb281df54771fb8ecf5890dc325a7d22d3e2
 	NOTE: https://github.com/radare/radare2/issues/10464
-CVE-2018-14015 (The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote ...)
+CVE-2018-14015
 	- radare2 2.8.0+dfsg-1 (bug #903724)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/d37d2b858ac47f2f108034be0bcecadaddfbc8b3
 	NOTE: https://github.com/radare/radare2/issues/10465
-CVE-2018-14014 (In waimai Super Cms 20150505, there is a CSRF vulnerability that can ...)
+CVE-2018-14014
 	NOT-FOR-US: waimai Super Cms
 CVE-2018-14013
 	RESERVED
 	NOT-FOR-US: Zimbra
-CVE-2018-14012 (WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default ...)
+CVE-2018-14012
 	NOT-FOR-US: WolfSight CMS
 CVE-2018-14011
 	RESERVED
-CVE-2018-14010 (OS command injection in the guest Wi-Fi settings feature in ...)
+CVE-2018-14010
 	NOT-FOR-US: Xiaomi
-CVE-2018-14009 (Codiad through 2.8.4 allows Remote Code Execution, a different ...)
+CVE-2018-14009
 	NOT-FOR-US: Codiad
 CVE-2018-14008
 	RESERVED
-CVE-2018-14007 (Citrix XenServer 7.1 and newer allows Directory Traversal. ...)
+CVE-2018-14007
 	NOT-FOR-US: xapi
-CVE-2018-14006 (An integer overflow vulnerability exists in the function ...)
+CVE-2018-14006
 	NOT-FOR-US: Neo Genesis Token (NGT)
-CVE-2018-14005 (An integer overflow vulnerability exists in the function transferAny of ...)
+CVE-2018-14005
 	NOT-FOR-US: Malaysia coins (Xmc)
-CVE-2018-14004 (An integer overflow vulnerability exists in the function ...)
+CVE-2018-14004
 	NOT-FOR-US: GlobeCoin (GLB)
-CVE-2018-14003 (An integer overflow vulnerability exists in the function batchTransfer ...)
+CVE-2018-14003
 	NOT-FOR-US: WeMediaChain (WMC)
-CVE-2018-14002 (An integer overflow vulnerability exists in the function distribute of ...)
+CVE-2018-14002
 	NOT-FOR-US: MP3 Coin (MP3)
-CVE-2018-14001 (An integer overflow vulnerability exists in the function batchTransfer ...)
+CVE-2018-14001
 	NOT-FOR-US: SHARKTECH (SKT)
 CVE-2018-14000
 	RESERVED
-CVE-2018-13999 (Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html ...)
+CVE-2018-13999
 	NOT-FOR-US: Catfish CMS
-CVE-2018-13998 (ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security ...)
+CVE-2018-13998
 	NOT-FOR-US: ClipperCMS
-CVE-2018-13997 (Genann through 2018-07-08 has a SEGV in genann_run in genann.c. ...)
+CVE-2018-13997
 	NOT-FOR-US: Genann
-CVE-2018-13996 (Genann through 2018-07-08 has a stack-based buffer over-read in ...)
+CVE-2018-13996
 	NOT-FOR-US: Genann
 CVE-2018-13995
 	RESERVED
@@ -18123,9 +18116,9 @@ CVE-2018-13991
 CVE-2018-13990
 	RESERVED
 	NOT-FOR-US: Phoenix Contact FL switch
-CVE-2018-13989 (Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST ...)
+CVE-2018-13989
 	NOT-FOR-US: Grundig Smart Inter@ctive TV 3.0 devices
-CVE-2018-13988 (Poppler through 0.62 contains an out of bounds read vulnerability due ...)
+CVE-2018-13988
 	{DLA-1562-1}
 	- poppler 0.69.0-2 (low; bug #904922)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -18141,7 +18134,7 @@ CVE-2018-13984
 	RESERVED
 CVE-2018-13983
 	RESERVED
-CVE-2018-13982 (Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is ...)
+CVE-2018-13982
 	- smarty3 3.1.33+20180830.1.3a78a21f+selfpack1-1
 	[jessie] - smarty3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/smarty-php/smarty/commit/8d21f38dc35c4cd6b31c2f23fc9b8e5adbc56dfe
@@ -18152,9 +18145,9 @@ CVE-2018-13982 (Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33
 	NOTE: https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180420-01_Smarty_Path_Traversal
 	NOTE: CVE is about the fetch tag as an attack vector.
 	NOTE: vulnerable code introduced in realpath() rewrite (c09b05cbe) released in 3.1.28
-CVE-2018-13981 (The websites that were built from Zeta Producer Desktop CMS before ...)
+CVE-2018-13981
 	NOT-FOR-US: Zeta Producer Desktop CMS
-CVE-2018-13980 (The websites that were built from Zeta Producer Desktop CMS before ...)
+CVE-2018-13980
 	NOT-FOR-US: Zeta Producer Desktop CMS
 CVE-2018-13979
 	RESERVED
@@ -18288,11 +18281,11 @@ CVE-2018-13916
 	RESERVED
 CVE-2018-13915
 	RESERVED
-CVE-2018-13914 (Lack of input validation for data received from user space can lead to ...)
+CVE-2018-13914
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-13913 (Improper validation of array index can lead to unauthorized access ...)
+CVE-2018-13913
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-13912 (Arbitrary write issue can occur when user provides kernel address in ...)
+CVE-2018-13912
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-13911
 	RESERVED
@@ -18306,9 +18299,9 @@ CVE-2018-13907
 	RESERVED
 CVE-2018-13906
 	RESERVED
-CVE-2018-13905 (KGSL syncsource lock not handled properly during syncsource cleanup ...)
+CVE-2018-13905
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-13904 (Improper input validation in SCM handler to access storage in TZ can ...)
+CVE-2018-13904
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13903
 	RESERVED
@@ -18316,7 +18309,7 @@ CVE-2018-13902
 	RESERVED
 CVE-2018-13901
 	RESERVED
-CVE-2018-13900 (Use-after-free vulnerability will occur as there is no protection for ...)
+CVE-2018-13900
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13899
 	RESERVED
@@ -18331,7 +18324,7 @@ CVE-2018-13895
 	RESERVED
 CVE-2018-13894
 	RESERVED
-CVE-2018-13893 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-13893
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-13892
 	RESERVED
@@ -18339,9 +18332,9 @@ CVE-2018-13891
 	RESERVED
 CVE-2018-13890
 	RESERVED
-CVE-2018-13889 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-13889
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-13888 (There is potential for memory corruption in the RIL daemon due to de ...)
+CVE-2018-13888
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13887
 	RESERVED
@@ -18359,60 +18352,60 @@ CVE-2018-13881
 	RESERVED
 CVE-2018-13880
 	RESERVED
-CVE-2018-13879 (A reflected XSS issue was discovered in the registration form in ...)
+CVE-2018-13879
 	NOT-FOR-US: Rocket.Chat
-CVE-2018-13878 (An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js ...)
+CVE-2018-13878
 	NOT-FOR-US: Rocket.Chat
-CVE-2018-13877 (The doPayouts() function of the smart contract implementation for ...)
+CVE-2018-13877
 	NOT-FOR-US: MegaCryptoPolis
-CVE-2018-13876 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13876
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13875 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an ...)
+CVE-2018-13875
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13874 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13874
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13873 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13873
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13872 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13872
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13871 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13871
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13870 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13870
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13869 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13869
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13868 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13868
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13867 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an out ...)
+CVE-2018-13867
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13866 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...)
+CVE-2018-13866
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13865 (An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the ...)
+CVE-2018-13865
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-13864 (A directory traversal vulnerability has been found in the Assets ...)
+CVE-2018-13864
 	NOT-FOR-US: Play Framework
-CVE-2018-13862 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 ...)
+CVE-2018-13862
 	NOT-FOR-US: Touchpad / Trivum WebTouch Setup
-CVE-2018-13861 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 ...)
+CVE-2018-13861
 	NOT-FOR-US: Touchpad / Trivum WebTouch Setup
-CVE-2018-13860 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...)
+CVE-2018-13860
 	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
-CVE-2018-13859 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...)
+CVE-2018-13859
 	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
-CVE-2018-13858 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...)
+CVE-2018-13858
 	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
-CVE-2018-13863 (The MongoDB bson JavaScript module (also known as js-bson) versions ...)
+CVE-2018-13863
 	- node-bson <itp> (bug #897282)
 	NOTE: https://github.com/mongodb/js-bson/commit/bd61c45157c53a1698ff23770160cf4783e9ea4a
 CVE-2018-13857
@@ -18429,27 +18422,27 @@ CVE-2018-13852
 	RESERVED
 CVE-2018-13851
 	RESERVED
-CVE-2018-13850 (The &quot;Firebase Cloud Messaging (FCM) + Advance Admin Panel&quot; component ...)
+CVE-2018-13850
 	NOT-FOR-US: Firebase Cloud Messaging
-CVE-2018-13849 (edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS ...)
+CVE-2018-13849
 	NOT-FOR-US: yTakkar Instagram-clone
-CVE-2018-13848 (An issue has been found in Bento4 1.5.1-624. It is a SEGV in ...)
+CVE-2018-13848
 	NOT-FOR-US: Bento4
-CVE-2018-13847 (An issue has been found in Bento4 1.5.1-624. It is a SEGV in ...)
+CVE-2018-13847
 	NOT-FOR-US: Bento4
-CVE-2018-13846 (An issue has been found in Bento4 1.5.1-624. ...)
+CVE-2018-13846
 	NOT-FOR-US: Bento4
-CVE-2018-13845 (An issue has been found in HTSlib 1.8. It is a buffer over-read in ...)
+CVE-2018-13845
 	- htslib 1.9-2 (low)
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/issues/731#issuecomment-403681105
-CVE-2018-13844 (An issue has been found in HTSlib 1.8. It is a memory leak in fai_read ...)
+CVE-2018-13844
 	- htslib 1.9-2 (low)
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/issues/731#issuecomment-403675330
-CVE-2018-13843 (** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory ...)
+CVE-2018-13843
 	- htslib 1.9-2 (low)
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
@@ -18466,15 +18459,15 @@ CVE-2018-13838
 	RESERVED
 CVE-2018-13837
 	RESERVED
-CVE-2018-13836 (An integer overflow vulnerability exists in the function multiTransfer ...)
+CVE-2018-13836
 	NOT-FOR-US: Rocket Coin (XRC)
 CVE-2018-13835
 	RESERVED
 CVE-2018-13834
 	RESERVED
-CVE-2018-13833 (An issue was discovered in cmft through 2017-09-24. The ...)
+CVE-2018-13833
 	NOT-FOR-US: cmft
-CVE-2018-13832 (Multiple Persistent cross-site scripting (XSS) issues in the ...)
+CVE-2018-13832
 	NOT-FOR-US: Techotronic all-in-one-favicon (aka All In One Favicon) plugin for WordPress
 CVE-2018-13831
 	RESERVED
@@ -18486,23 +18479,23 @@ CVE-2018-13828
 	REJECTED
 CVE-2018-13827
 	REJECTED
-CVE-2018-13826 (An XML external entity vulnerability in the XOG functionality, in CA ...)
+CVE-2018-13826
 	NOT-FOR-US: CA PPM
-CVE-2018-13825 (Insufficient input validation in the gridExcelExport functionality, in ...)
+CVE-2018-13825
 	NOT-FOR-US: CA PPM
-CVE-2018-13824 (Insufficient input sanitization of two parameters in CA PPM 14.3 and ...)
+CVE-2018-13824
 	NOT-FOR-US: CA PPM
-CVE-2018-13823 (An XML external entity vulnerability in the XOG functionality, in CA ...)
+CVE-2018-13823
 	NOT-FOR-US: CA PPM
-CVE-2018-13822 (Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, ...)
+CVE-2018-13822
 	NOT-FOR-US: CA PPM
-CVE-2018-13821 (A lack of authentication, in CA Unified Infrastructure Management ...)
+CVE-2018-13821
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2018-13820 (A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, ...)
+CVE-2018-13820
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2018-13819 (A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, ...)
+CVE-2018-13819
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2018-13818 (** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection ...)
+CVE-2018-13818
 	- twig 2.4.4-2 (unimportant)
 	NOTE: Fixed upstream in 2.4.4
 	NOTE: Vendor of Twig disputes issue as Twig itself is not a web application and
@@ -18510,17 +18503,17 @@ CVE-2018-13818 (** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Inj
 	NOTE: input to it.
 CVE-2018-13817
 	RESERVED
-CVE-2018-13816 (A vulnerability has been identified in TIM 1531 IRC (All version &lt; ...)
+CVE-2018-13816
 	NOT-FOR-US: Siemens TIM 1531 IRC Modules
-CVE-2018-13815 (A vulnerability has been identified in SIMATIC S7-1200 (All versions), ...)
+CVE-2018-13815
 	NOT-FOR-US: Siemens
-CVE-2018-13814 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4&quot; - ...)
+CVE-2018-13814
 	NOT-FOR-US: Siemens
-CVE-2018-13813 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4&quot; - ...)
+CVE-2018-13813
 	NOT-FOR-US: Siemens
-CVE-2018-13812 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4&quot; - ...)
+CVE-2018-13812
 	NOT-FOR-US: Siemens
-CVE-2018-13811 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) ...)
+CVE-2018-13811
 	NOT-FOR-US: Siemens
 CVE-2018-13810
 	RESERVED
@@ -18528,27 +18521,27 @@ CVE-2018-13809
 	RESERVED
 CVE-2018-13808
 	RESERVED
-CVE-2018-13807 (A vulnerability has been identified in SCALANCE X300 (All versions &lt; ...)
+CVE-2018-13807
 	NOT-FOR-US: Siemens
-CVE-2018-13806 (A vulnerability has been identified in SIEMENS TD Keypad Designer (All ...)
+CVE-2018-13806
 	NOT-FOR-US: Siemens
-CVE-2018-13805 (A vulnerability has been identified in SIMATIC ET 200SP Open ...)
+CVE-2018-13805
 	NOT-FOR-US: SIMATIC
-CVE-2018-13804 (A vulnerability has been identified in SIMATIC IT LMS (All versions), ...)
+CVE-2018-13804
 	NOT-FOR-US: Siemens
 CVE-2018-13803
 	RESERVED
-CVE-2018-13802 (A vulnerability has been identified in ROX II (All versions &lt; ...)
+CVE-2018-13802
 	NOT-FOR-US: Siemens / ROX II
-CVE-2018-13801 (A vulnerability has been identified in ROX II (All versions &lt; ...)
+CVE-2018-13801
 	NOT-FOR-US: Siemens / ROX II
-CVE-2018-13800 (A vulnerability has been identified in SIMATIC S7-1200 CPU family ...)
+CVE-2018-13800
 	NOT-FOR-US: SIMATIC
-CVE-2018-13799 (A vulnerability has been identified in SIMATIC WinCC OA V3.14 and ...)
+CVE-2018-13799
 	NOT-FOR-US: SIMATIC
 CVE-2018-13798
 	RESERVED
-CVE-2018-13796 (An issue was discovered in GNU Mailman before 2.1.28. A crafted URL ...)
+CVE-2018-13796
 	{DLA-1442-1}
 	- mailman 1:2.1.27-1.1 (bug #903674)
 	[stretch] - mailman 1:2.1.23-1+deb9u4
@@ -18559,716 +18552,716 @@ CVE-2018-13796 (An issue was discovered in GNU Mailman before 2.1.28. A crafted
 	NOTE: Needs as well a further regression fix as per
 	NOTE: https://bugs.launchpad.net/mailman/+bug/1783417
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1798
-CVE-2018-13797 (The macaddress module before 0.2.9 for Node.js is prone to an arbitrary ...)
+CVE-2018-13797
 	- node-macaddress 0.2.9-1 (unimportant)
 	NOTE: https://github.com/scravy/node-macaddress/pull/20
 	NOTE: nodejs not covered by security support
-CVE-2018-13795 (Gravity before 0.5.1 does not support a maximum recursion depth. ...)
+CVE-2018-13795
 	NOT-FOR-US: Gravity
-CVE-2018-13794 (A heap-based buffer overflow exists in stbi__bmp_load_cont in ...)
+CVE-2018-13794
 	- catimg 2.5.0-1 (bug #903711)
 	NOTE: https://github.com/posva/catimg/issues/34
 	NOTE: Upstream fixed the issue by updating the stb_image copy to v2.19.
 	NOTE: https://github.com/posva/catimg/pull/41
-CVE-2018-13793 (Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP ...)
+CVE-2018-13793
 	NOT-FOR-US: ABBYY FlexiCapture
-CVE-2018-13792 (Multiple SQL injection vulnerabilities in the monitoring feature in the ...)
+CVE-2018-13792
 	NOT-FOR-US: ABBYY FlexiCapture
-CVE-2018-13791 (The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows ...)
+CVE-2018-13791
 	NOT-FOR-US: ABBYY FlexiCapture
-CVE-2018-13790 (A Server Side Request Forgery (SSRF) vulnerability in ...)
+CVE-2018-13790
 	NOT-FOR-US: concrete5
-CVE-2018-13789 (An issue was discovered in Descor Infocad FM before 3.1.0.0. An ...)
+CVE-2018-13789
 	NOT-FOR-US: Descor Infocad FM
 CVE-2018-13788
 	RESERVED
-CVE-2018-1000623 (JFrog JFrog Artifactory version Prior to version 6.0.3, since version ...)
+CVE-2018-1000623
 	NOT-FOR-US: JFrog JFrog Artifactory
-CVE-2018-1000621 (Mycroft AI mycroft-core version 18.2.8b and earlier contains a ...)
+CVE-2018-1000621
 	NOT-FOR-US: Mycroft AI mycroft-core
-CVE-2018-1000620 (Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: ...)
+CVE-2018-1000620
 	NOT-FOR-US: Eran Hammer cryptiles
-CVE-2018-1000619 (Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input ...)
+CVE-2018-1000619
 	NOT-FOR-US: Ovidentia
-CVE-2018-1000618 (EOSIO/eos eos version after commit ...)
+CVE-2018-1000618
 	NOT-FOR-US: EOSIO/eos
-CVE-2018-1000617 (Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and ...)
+CVE-2018-1000617
 	NOT-FOR-US: Atlassian Floodlight Atlassian Floodlight Controller
-CVE-2018-1000616 (ONOS ONOS controller version 1.13.1 and earlier contains a XML ...)
+CVE-2018-1000616
 	NOT-FOR-US: ONOS
-CVE-2018-1000615 (ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of ...)
+CVE-2018-1000615
 	NOT-FOR-US: ONOS
-CVE-2018-1000614 (ONOS ONOS Controller version 1.13.1 and earlier contains a XML ...)
+CVE-2018-1000614
 	NOT-FOR-US: ONOS
-CVE-2018-1000613 (Legion of the Bouncy Castle Legion of the Bouncy Castle Java ...)
+CVE-2018-1000613
 	- bouncycastle 1.60-1 (low)
 	[stretch] - bouncycastle <not-affected> (XMSS/XMSS^MT algorithms were first introduced in BC >= 1.57)
 	[jessie] - bouncycastle <not-affected> (XMSS/XMSS^MT algorithms were first introduced in BC >= 1.57)
 	NOTE: https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
 	NOTE: https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
-CVE-2018-1000611 (SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross ...)
+CVE-2018-1000611
 	NOT-FOR-US: SURFnet OpenConext EngineBlock
-CVE-2018-1000622 (The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 ...)
+CVE-2018-1000622
 	- rustc 1.27.1+dfsg1-1~exp1
 	[stretch] - rustc <ignored> (Minor issue, can be fixed along in future rustc update for ESR69)
 	[jessie] - rustc <ignored> (Minor issue)
 	NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/4ybxYLTtXuM
-CVE-2018-13787 (Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and ...)
+CVE-2018-13787
 	NOT-FOR-US: Supermicro
 CVE-2018-13786
 	RESERVED
-CVE-2018-13785 (In libpng 1.6.34, a wrong calculation of row_factor in the ...)
+CVE-2018-13785
 	- libpng1.6 1.6.34-2 (bug #903430)
 	[stretch] - libpng1.6 <not-affected> (Issue with wrong calculation of row_factor introduced after 1.6.32beta08)
 	NOTE: https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2
 	NOTE: https://sourceforge.net/p/libpng/bugs/278/
-CVE-2018-13784 (PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie ...)
+CVE-2018-13784
 	NOT-FOR-US: PrestaShop
 CVE-2018-1000612
 	REJECTED
-CVE-2018-13783 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13783
 	NOT-FOR-US: smart contract implementation for JiucaiToken
-CVE-2018-13782 (The mintToken function of a smart contract implementation for ENTER ...)
+CVE-2018-13782
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin)
-CVE-2018-13781 (The mintToken function of a smart contract implementation for MyYLC, an ...)
+CVE-2018-13781
 	NOT-FOR-US: smart contract implementation for MyYLC
-CVE-2018-13780 (The mintToken function of a smart contract implementation for ESH, an ...)
+CVE-2018-13780
 	NOT-FOR-US: smart contract implementation for ESH
-CVE-2018-13779 (The mintToken function of a smart contract implementation for YLCToken, ...)
+CVE-2018-13779
 	NOT-FOR-US: smart contract implementation for YLCToken
-CVE-2018-13778 (The mintToken function of a smart contract implementation for CGCToken, ...)
+CVE-2018-13778
 	NOT-FOR-US: smart contract implementation for CGCToken
-CVE-2018-13777 (The mintToken function of a smart contract implementation for RRToken, ...)
+CVE-2018-13777
 	NOT-FOR-US: smart contract implementation for RRToken
-CVE-2018-13776 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13776
 	NOT-FOR-US: smart contract implementation for AppleToken
-CVE-2018-13775 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13775
 	NOT-FOR-US: smart contract implementation for RCKT_Coin
-CVE-2018-13774 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13774
 	NOT-FOR-US: smart contract implementation for Bitstarti
-CVE-2018-13773 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13773
 	NOT-FOR-US: smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken)
-CVE-2018-13772 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13772
 	NOT-FOR-US: smart contract implementation for TheFlashToken
-CVE-2018-13771 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13771
 	NOT-FOR-US: smart contract implementation for ExacoreContract
-CVE-2018-13770 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13770
 	NOT-FOR-US: smart contract implementation for UltimateCoin
-CVE-2018-13769 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13769
 	NOT-FOR-US: smart contract implementation for JeansToken
-CVE-2018-13768 (The mintToken function of a smart contract implementation for ZToken, ...)
+CVE-2018-13768
 	NOT-FOR-US: smart contract implementation for ZToken
-CVE-2018-13767 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13767
 	NOT-FOR-US: smart contract implementation for Cornerstone
-CVE-2018-13766 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13766
 	NOT-FOR-US: smart contract implementation for Easticoin
-CVE-2018-13765 (The mintToken function of a smart contract implementation for LandCoin, ...)
+CVE-2018-13765
 	NOT-FOR-US: smart contract implementation for LandCoin
-CVE-2018-13764 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13764
 	NOT-FOR-US: smart contract implementation for BiquToken
-CVE-2018-13763 (The mintToken function of a smart contract implementation for Ublasti, ...)
+CVE-2018-13763
 	NOT-FOR-US: smart contract implementation for Ublasti
-CVE-2018-13762 (The mintToken function of a smart contract implementation for Yumerium, ...)
+CVE-2018-13762
 	NOT-FOR-US: smart contract implementation for Yumerium
-CVE-2018-13761 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13761
 	NOT-FOR-US: smart contract implementation for NetkillerAdvancedTokenAirDrop
-CVE-2018-13760 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13760
 	NOT-FOR-US: smart contract implementation for MoneyChainNet (MCN)
-CVE-2018-13759 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13759
 	NOT-FOR-US: smart contract implementation for BIGCAdvancedToken
-CVE-2018-13758 (The mintToken function of a smart contract implementation for LoliCoin, ...)
+CVE-2018-13758
 	NOT-FOR-US: smart contract implementation for LoliCoin
-CVE-2018-13757 (The mintToken function of a smart contract implementation for Coinquer, ...)
+CVE-2018-13757
 	NOT-FOR-US: smart contract implementation for Coinquer
-CVE-2018-13756 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13756
 	NOT-FOR-US: smart contract implementation for CherryCoinFoundation
-CVE-2018-13755 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13755
 	NOT-FOR-US: smart contract implementation for OTAKUToken
-CVE-2018-13754 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13754
 	NOT-FOR-US: smart contract implementation for CryptosisToken
-CVE-2018-13753 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13753
 	NOT-FOR-US: smart contract implementation for DeWeiSecurityServiceToken
-CVE-2018-13752 (The mintToken function of a smart contract implementation for Thread, ...)
+CVE-2018-13752
 	NOT-FOR-US: smart contract implementation for Thread
-CVE-2018-13751 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13751
 	NOT-FOR-US: smart contract implementation for JustWallet
-CVE-2018-13750 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13750
 	NOT-FOR-US: smart contract implementation for RichiumToken
-CVE-2018-13749 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13749
 	NOT-FOR-US: smart contract implementation for FinalToken
-CVE-2018-13748 (The mintToken function of a smart contract implementation for CarToken, ...)
+CVE-2018-13748
 	NOT-FOR-US: smart contract implementation for CarToken
-CVE-2018-13747 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13747
 	NOT-FOR-US: smart contract implementation for VanMinhCoin
-CVE-2018-13746 (The mintToken function of a smart contract implementation for kBit, an ...)
+CVE-2018-13746
 	NOT-FOR-US: smart contract implementation for kBit
-CVE-2018-13745 (The mintToken function of a smart contract implementation for STCToken, ...)
+CVE-2018-13745
 	NOT-FOR-US: smart contract implementation for STCToken
-CVE-2018-13744 (The mintToken function of a smart contract implementation for Crowdnext ...)
+CVE-2018-13744
 	NOT-FOR-US: smart contract implementation for Crowdnext (CNX)
-CVE-2018-13743 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13743
 	NOT-FOR-US: smart contract implementation for SuperEnergy (SEC)
-CVE-2018-13742 (The mintToken function of a smart contract implementation for tickets ...)
+CVE-2018-13742
 	NOT-FOR-US: smart contract implementation for tickets (TKT)
-CVE-2018-13741 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13741
 	NOT-FOR-US: smart contract implementation for ABLGenesisToken
-CVE-2018-13740 (The mintToken function of a smart contract implementation for OneChain, ...)
+CVE-2018-13740
 	NOT-FOR-US: smart contract implementation for OneChain
-CVE-2018-13739 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13739
 	NOT-FOR-US: smart contract implementation for dopnetwork
-CVE-2018-13738 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13738
 	NOT-FOR-US: smart contract implementation for PELOCoinToken
-CVE-2018-13737 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13737
 	NOT-FOR-US: smart contract implementation for AnovaBace
-CVE-2018-13736 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13736
 	NOT-FOR-US: smart contract implementation for ELearningCoinERC
-CVE-2018-13735 (The mintToken function of a smart contract implementation for ENTER ...)
+CVE-2018-13735
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken)
-CVE-2018-13734 (The mintToken function of a smart contract implementation for AZTToken, ...)
+CVE-2018-13734
 	NOT-FOR-US: smart contract implementation for AZTToken
-CVE-2018-13733 (The mintToken function of a smart contract implementation for ProjectJ, ...)
+CVE-2018-13733
 	NOT-FOR-US: smart contract implementation for ProjectJ
-CVE-2018-13732 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13732
 	NOT-FOR-US: smart contract implementation for RiptideCoin (RIPT)
-CVE-2018-13731 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13731
 	NOT-FOR-US: smart contract implementation for TokenMACHU
-CVE-2018-13730 (The mintToken function of a smart contract implementation for HEY, an ...)
+CVE-2018-13730
 	NOT-FOR-US: smart contract implementation for HEY
-CVE-2018-13729 (The mintToken function of a smart contract implementation for JPMD100B, ...)
+CVE-2018-13729
 	NOT-FOR-US: smart contract implementation for JPMD100B
-CVE-2018-13728 (The mintToken function of a smart contract implementation for JixoCoin, ...)
+CVE-2018-13728
 	NOT-FOR-US: smart contract implementation for JixoCoin
-CVE-2018-13727 (The mintToken function of a smart contract implementation for Eastcoin, ...)
+CVE-2018-13727
 	NOT-FOR-US: smart contract implementation for Eastcoin
-CVE-2018-13726 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13726
 	NOT-FOR-US: smart contract implementation for ISeeVoiceToken
-CVE-2018-13725 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13725
 	NOT-FOR-US: smart contract implementation for GlobalSuperGameToken
-CVE-2018-13724 (The mint function of a smart contract implementation for ...)
+CVE-2018-13724
 	NOT-FOR-US: smart contract implementation for HYIPCrowdsale1
-CVE-2018-13723 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13723
 	NOT-FOR-US: smart contract implementation for SERVVIZIOToken
-CVE-2018-13722 (The mint function of a smart contract implementation for HYIPToken, an ...)
+CVE-2018-13722
 	NOT-FOR-US: smart contract implementation for HYIPToken
-CVE-2018-13721 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13721
 	NOT-FOR-US: smart contract implementation for GoMineWorld
-CVE-2018-13720 (The mintToken function of a smart contract implementation for Antoken, ...)
+CVE-2018-13720
 	NOT-FOR-US: smart contract implementation for Antoken
-CVE-2018-13719 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13719
 	NOT-FOR-US: smart contract implementation for BiteduToken
-CVE-2018-13718 (The mintToken function of a smart contract implementation for FuturXe, ...)
+CVE-2018-13718
 	NOT-FOR-US: smart contract implementation for FuturXe
-CVE-2018-13717 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13717
 	NOT-FOR-US: smart contract implementation for HormitechToken
-CVE-2018-13716 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13716
 	NOT-FOR-US: smart contract implementation for sexhdsolo
-CVE-2018-13715 (The mintToken function of a smart contract implementation for BpsToken, ...)
+CVE-2018-13715
 	NOT-FOR-US: smart contract implementation for BpsToken
-CVE-2018-13714 (The mintToken function of a smart contract implementation for CM, an ...)
+CVE-2018-13714
 	NOT-FOR-US: smart contract implementation for CM
-CVE-2018-13713 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13713
 	NOT-FOR-US: smart contract implementation for Tradesman
-CVE-2018-13712 (The mintToken function of a smart contract implementation for PMET, an ...)
+CVE-2018-13712
 	NOT-FOR-US: smart contract implementation for PMET
-CVE-2018-13711 (The mintToken function of a smart contract implementation for Databits, ...)
+CVE-2018-13711
 	NOT-FOR-US: smart contract implementation for Databits
-CVE-2018-13710 (The mintToken function of a smart contract implementation for Mjolnir, ...)
+CVE-2018-13710
 	NOT-FOR-US: smart contract implementation for Mjolnir
-CVE-2018-13709 (The mintToken function of a smart contract implementation for Tube, an ...)
+CVE-2018-13709
 	NOT-FOR-US: smart contract implementation for Tube
-CVE-2018-13708 (The mintToken function of a smart contract implementation for Order ...)
+CVE-2018-13708
 	NOT-FOR-US: smart contract implementation for Order (ETH) (Contract Name: BuyToken)
-CVE-2018-13707 (The mintToken function of a smart contract implementation for YSS, an ...)
+CVE-2018-13707
 	NOT-FOR-US: smart contract implementation for YSS
-CVE-2018-13706 (The mintToken function of a smart contract implementation for IdeaCoin, ...)
+CVE-2018-13706
 	NOT-FOR-US: smart contract implementation for IdeaCoin
-CVE-2018-13705 (The mintToken function of a smart contract implementation for PMHToken, ...)
+CVE-2018-13705
 	NOT-FOR-US: smart contract implementation for PMHToken
-CVE-2018-13704 (The mintToken function of a smart contract implementation for eddToken, ...)
+CVE-2018-13704
 	NOT-FOR-US: smart contract implementation for eddToken
-CVE-2018-13703 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13703
 	NOT-FOR-US: smart contract implementation for CERB_Coin
-CVE-2018-13702 (The mintToken function of a smart contract implementation for Essence, ...)
+CVE-2018-13702
 	NOT-FOR-US: smart contract implementation for Essence
-CVE-2018-13701 (The mintToken function of a smart contract implementation for KissMe, ...)
+CVE-2018-13701
 	NOT-FOR-US: smart contract implementation for KissMe
-CVE-2018-13700 (The mintToken function of a smart contract implementation for IPMCoin, ...)
+CVE-2018-13700
 	NOT-FOR-US: smart contract implementation for IPMCoin
-CVE-2018-13699 (The mintToken function of a smart contract implementation for DestiNeed ...)
+CVE-2018-13699
 	NOT-FOR-US: smart contract implementation for DestiNeed (DSN)
-CVE-2018-13698 (The mintTokens function of a smart contract implementation for ...)
+CVE-2018-13698
 	NOT-FOR-US: smart contract implementation for Play2LivePromo
-CVE-2018-13697 (The mintToken function of a smart contract implementation for RobotBTC, ...)
+CVE-2018-13697
 	NOT-FOR-US: smart contract implementation for RobotBTC
-CVE-2018-13696 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13696
 	NOT-FOR-US: smart contract implementation for RedTicket
-CVE-2018-13695 (The mint function of a smart contract implementation for CTest7, an ...)
+CVE-2018-13695
 	NOT-FOR-US: smart contract implementation for CTest7
-CVE-2018-13694 (The mintToken function of a smart contract implementation for GMile, an ...)
+CVE-2018-13694
 	NOT-FOR-US: smart contract implementation for GMile
-CVE-2018-13693 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13693
 	NOT-FOR-US: smart contract implementation for GreenEnergyToken
-CVE-2018-13692 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13692
 	NOT-FOR-US: smart contract implementation for MehdiTAZIToken
-CVE-2018-13691 (The mintToken function of a smart contract implementation for R Time ...)
+CVE-2018-13691
 	NOT-FOR-US: smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain)
-CVE-2018-13690 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13690
 	NOT-FOR-US: smart contract implementation for Instacocoa
-CVE-2018-13689 (The mintToken function of a smart contract implementation for CJXToken, ...)
+CVE-2018-13689
 	NOT-FOR-US: smart contract implementation for CJXToken
-CVE-2018-13688 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13688
 	NOT-FOR-US: smart contract implementation for MallToken
-CVE-2018-13687 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13687
 	NOT-FOR-US: smart contract implementation for normikaivo
-CVE-2018-13686 (The mintToken function of a smart contract implementation for ICO ...)
+CVE-2018-13686
 	NOT-FOR-US: smart contract implementation for ICO Dollar (ICOD)
-CVE-2018-13685 (The mintToken function of a smart contract implementation for Vornox ...)
+CVE-2018-13685
 	NOT-FOR-US: smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken)
-CVE-2018-13684 (The mintToken function of a smart contract implementation for ZIP, an ...)
+CVE-2018-13684
 	NOT-FOR-US: smart contract implementation for ZIP
-CVE-2018-13683 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13683
 	NOT-FOR-US: smart contract implementation for exsulcoin
-CVE-2018-13682 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13682
 	NOT-FOR-US: smart contract implementation for ViteMoneyCoin
-CVE-2018-13681 (The mintToken function of a smart contract implementation for SOSCoin, ...)
+CVE-2018-13681
 	NOT-FOR-US: smart contract implementation for SOSCoin
-CVE-2018-13680 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13680
 	NOT-FOR-US: smart contract implementation for LexitToken
-CVE-2018-13679 (The mintToken function of a smart contract implementation for ZPEcoin, ...)
+CVE-2018-13679
 	NOT-FOR-US: smart contract implementation for ZPEcoin
-CVE-2018-13678 (The mintToken function of a smart contract implementation for Lottery, ...)
+CVE-2018-13678
 	NOT-FOR-US: smart contract implementation for Lottery
-CVE-2018-13677 (The mintToken function of a smart contract implementation for Goochain, ...)
+CVE-2018-13677
 	NOT-FOR-US: smart contract implementation for Goochain
-CVE-2018-13676 (The mintToken function of a smart contract implementation for Orderbook ...)
+CVE-2018-13676
 	NOT-FOR-US: smart contract implementation for Orderbook Presale Token (OBP)
-CVE-2018-13675 (The mintToken function of a smart contract implementation for YAMBYO, ...)
+CVE-2018-13675
 	NOT-FOR-US: smart contract implementation for YAMBYO
-CVE-2018-13674 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13674
 	NOT-FOR-US: smart contract implementation for ComBillAdvancedToken
-CVE-2018-13673 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13673
 	NOT-FOR-US: smart contract implementation for GoldTokenERC20
-CVE-2018-13672 (The mintToken function of a smart contract implementation for OBTCoin, ...)
+CVE-2018-13672
 	NOT-FOR-US: smart contract implementation for OBTCoin
-CVE-2018-13671 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13671
 	NOT-FOR-US: smart contract implementation for DinsteinCoin
-CVE-2018-13670 (The mintToken function of a smart contract implementation for GFCB, an ...)
+CVE-2018-13670
 	NOT-FOR-US: smart contract implementation for GFCB
-CVE-2018-13669 (The mintToken function of a smart contract implementation for NCU, an ...)
+CVE-2018-13669
 	NOT-FOR-US: smart contract implementation for NCU
-CVE-2018-13668 (The mintToken function of a smart contract implementation for BTPCoin, ...)
+CVE-2018-13668
 	NOT-FOR-US: smart contract implementation for BTPCoin
-CVE-2018-13667 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13667
 	NOT-FOR-US: smart contract implementation for UTBTokenTest
-CVE-2018-13666 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13666
 	NOT-FOR-US: smart contract implementation for EristicaICO
-CVE-2018-13665 (The mintToken function of a smart contract implementation for BCaaS, an ...)
+CVE-2018-13665
 	NOT-FOR-US: smart contract implementation for BCaaS
-CVE-2018-13664 (The mintToken function of a smart contract implementation for CWS, an ...)
+CVE-2018-13664
 	NOT-FOR-US: smart contract implementation for CWS
-CVE-2018-13663 (The mintToken function of a smart contract implementation for BSCToken, ...)
+CVE-2018-13663
 	NOT-FOR-US: smart contract implementation for BSCToken
-CVE-2018-13662 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13662
 	NOT-FOR-US: smart contract implementation for WorldOpctionChain
-CVE-2018-13661 (The mintToken function of a smart contract implementation for APP, an ...)
+CVE-2018-13661
 	NOT-FOR-US: smart contract implementation for APP
-CVE-2018-13660 (The mint function of a smart contract implementation for ...)
+CVE-2018-13660
 	NOT-FOR-US: smart contract implementation for BillionRewardsToken
-CVE-2018-13659 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13659
 	NOT-FOR-US: smart contract implementation for BrianCoin
-CVE-2018-13658 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13658
 	NOT-FOR-US: smart contract implementation for TheGoDgital
-CVE-2018-13657 (The mintToken function of a smart contract implementation for Rice, an ...)
+CVE-2018-13657
 	NOT-FOR-US: smart contract implementation for Rice
-CVE-2018-13656 (The mintToken function of a smart contract implementation for Sample ...)
+CVE-2018-13656
 	NOT-FOR-US: smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable)
-CVE-2018-13655 (The mintToken function of a smart contract implementation for GFC, an ...)
+CVE-2018-13655
 	NOT-FOR-US: smart contract implementation for GFC
-CVE-2018-13654 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13654
 	NOT-FOR-US: smart contract implementation for ESTSToken
-CVE-2018-13653 (The mintToken function of a smart contract implementation for ipshoots, ...)
+CVE-2018-13653
 	NOT-FOR-US: smart contract implementation for ipshoots
-CVE-2018-13652 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13652
 	NOT-FOR-US: smart contract implementation for TheGoDigital
-CVE-2018-13651 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13651
 	NOT-FOR-US: smart contract implementation for MicoinNetworkToken
-CVE-2018-13650 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13650
 	NOT-FOR-US: smart contract implementation for BitmaxerToken
-CVE-2018-13649 (The mintToken function of a smart contract implementation for Deploy, ...)
+CVE-2018-13649
 	NOT-FOR-US: smart contract implementation for Deploy
-CVE-2018-13648 (The mintToken function of a smart contract implementation for BGC, an ...)
+CVE-2018-13648
 	NOT-FOR-US: smart contract implementation for BGC
-CVE-2018-13647 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13647
 	NOT-FOR-US: smart contract implementation for TrueGoldCoinToken
-CVE-2018-13646 (The mintToken function of a smart contract implementation for Datiac, ...)
+CVE-2018-13646
 	NOT-FOR-US: smart contract implementation for Datiac
-CVE-2018-13645 (The mintToken function of a smart contract implementation for Fiocoin, ...)
+CVE-2018-13645
 	NOT-FOR-US: smart contract implementation for Fiocoin
-CVE-2018-13644 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13644
 	NOT-FOR-US: smart contract implementation for RoyalClassicCoin
-CVE-2018-13643 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13643
 	NOT-FOR-US: smart contract implementation for GCRTokenERC20
-CVE-2018-13642 (The mintToken function of a smart contract implementation for SECoin, ...)
+CVE-2018-13642
 	NOT-FOR-US: smart contract implementation for SECoin
-CVE-2018-13641 (The mintToken function of a smart contract implementation for MVGcoin, ...)
+CVE-2018-13641
 	NOT-FOR-US: smart contract implementation for MVGcoin
-CVE-2018-13640 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13640
 	NOT-FOR-US: smart contract implementation for EthereumSmart
-CVE-2018-13639 (The mintToken function of a smart contract implementation for Virtual ...)
+CVE-2018-13639
 	NOT-FOR-US: smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20)
-CVE-2018-13638 (The mintToken function of a smart contract implementation for Bitpark, ...)
+CVE-2018-13638
 	NOT-FOR-US: smart contract implementation for Bitpark
-CVE-2018-13637 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13637
 	NOT-FOR-US: smart contract implementation for CikkaCoin
-CVE-2018-13636 (The mintToken function of a smart contract implementation for TurdCoin, ...)
+CVE-2018-13636
 	NOT-FOR-US: smart contract implementation for TurdCoin
-CVE-2018-13635 (The mintToken function of a smart contract implementation for HBCM, an ...)
+CVE-2018-13635
 	NOT-FOR-US: smart contract implementation for HBCM
-CVE-2018-13634 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13634
 	NOT-FOR-US: smart contract implementation for MediaCubeToken
-CVE-2018-13633 (The mintToken function of a smart contract implementation for Martcoin, ...)
+CVE-2018-13633
 	NOT-FOR-US: smart contract implementation for Martcoin
-CVE-2018-13632 (The mintToken function of a smart contract implementation for NEXPARA, ...)
+CVE-2018-13632
 	NOT-FOR-US: smart contract implementation for NEXPARA
-CVE-2018-13631 (The mintToken function of a smart contract implementation for doccoin, ...)
+CVE-2018-13631
 	NOT-FOR-US: smart contract implementation for doccoin
-CVE-2018-13630 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13630
 	NOT-FOR-US: smart contract implementation for DoccoinPreICO
-CVE-2018-13629 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13629
 	NOT-FOR-US: smart contract implementation for CrimsonShilling
-CVE-2018-13628 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13628
 	NOT-FOR-US: smart contract implementation for MomentumToken
-CVE-2018-13627 (The mintToken function of a smart contract implementation for MyOffer, ...)
+CVE-2018-13627
 	NOT-FOR-US: smart contract implementation for MyOffer
-CVE-2018-13626 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13626
 	NOT-FOR-US: smart contract implementation for SemainToken
-CVE-2018-13625 (The mintlvlToken function of a smart contract implementation for Krown, ...)
+CVE-2018-13625
 	NOT-FOR-US: smart contract implementation for Krown
-CVE-2018-13624 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13624
 	NOT-FOR-US: smart contract implementation for WXSLToken
-CVE-2018-13623 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13623
 	NOT-FOR-US: smart contract implementation for AirdropperCryptics
-CVE-2018-13622 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13622
 	NOT-FOR-US: smart contract implementation for ObjectToken (OBJ)
-CVE-2018-13621 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13621
 	NOT-FOR-US: smart contract implementation for SoundTribeToken
-CVE-2018-13620 (The mintToken function of a smart contract implementation for TripCash, ...)
+CVE-2018-13620
 	NOT-FOR-US: smart contract implementation for TripCash
-CVE-2018-13619 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13619
 	NOT-FOR-US: smart contract implementation for MicoinToken
-CVE-2018-13618 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13618
 	NOT-FOR-US: smart contract implementation for VICETOKEN_ICO_IS_A_SCAM
-CVE-2018-13617 (The mintToken function of a smart contract implementation for CAPTOZ, ...)
+CVE-2018-13617
 	NOT-FOR-US: smart contract implementation for CAPTOZ
-CVE-2018-13616 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13616
 	NOT-FOR-US: smart contract implementation for IOCT_Coin
-CVE-2018-13615 (The mintToken function of a smart contract implementation for MJCToken, ...)
+CVE-2018-13615
 	NOT-FOR-US: smart contract implementation for MJCToken
-CVE-2018-13614 (The mintToken function of a smart contract implementation for MAVCash, ...)
+CVE-2018-13614
 	NOT-FOR-US: smart contract implementation for MAVCash
-CVE-2018-13613 (The mintToken function of a smart contract implementation for CON0217, ...)
+CVE-2018-13613
 	NOT-FOR-US: smart contract implementation for CON0217
-CVE-2018-13612 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13612
 	NOT-FOR-US: smart contract implementation for Robincoin
-CVE-2018-13611 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13611
 	NOT-FOR-US: smart contract implementation for CDcurrency
-CVE-2018-13610 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13610
 	NOT-FOR-US: smart contract implementation for MedicayunLink
-CVE-2018-13609 (The mintToken function of a smart contract implementation for CSAToken, ...)
+CVE-2018-13609
 	NOT-FOR-US: smart contract implementation for CSAToken
-CVE-2018-13608 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13608
 	NOT-FOR-US: smart contract implementation for archercoin
-CVE-2018-13607 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13607
 	NOT-FOR-US: smart contract implementation for ResidualShare
-CVE-2018-13606 (The mintToken function of a smart contract implementation for ARChain, ...)
+CVE-2018-13606
 	NOT-FOR-US: smart contract implementation for ARChain
-CVE-2018-13605 (The mintToken function of a smart contract implementation for Extreme ...)
+CVE-2018-13605
 	NOT-FOR-US: smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken)
-CVE-2018-13604 (The mintToken function of a smart contract implementation for wellieat, ...)
+CVE-2018-13604
 	NOT-FOR-US: smart contract implementation for wellieat
-CVE-2018-13603 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13603
 	NOT-FOR-US: smart contract implementation for Briant2Token
-CVE-2018-13602 (The mint function of a smart contract implementation for MiningToken, ...)
+CVE-2018-13602
 	NOT-FOR-US: smart contract implementation for MiningToken
-CVE-2018-13601 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13601
 	NOT-FOR-US: smart contract implementation for GalacticX
-CVE-2018-13600 (The mintToken function of a smart contract implementation for AMToken, ...)
+CVE-2018-13600
 	NOT-FOR-US: smart contract implementation for AMToken
-CVE-2018-13599 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13599
 	NOT-FOR-US: smart contract implementation for ResidualValue
-CVE-2018-13598 (The mintToken function of a smart contract implementation for SendMe, ...)
+CVE-2018-13598
 	NOT-FOR-US: smart contract implementation for SendMe
-CVE-2018-13597 (The mintToken function of a smart contract implementation for testcoin, ...)
+CVE-2018-13597
 	NOT-FOR-US: smart contract implementation for testcoin
-CVE-2018-13596 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13596
 	NOT-FOR-US: smart contract implementation for TESTAhihi
-CVE-2018-13595 (The mintToken function of a smart contract implementation for BitStore, ...)
+CVE-2018-13595
 	NOT-FOR-US: smart contract implementation for BitStore
-CVE-2018-13594 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13594
 	NOT-FOR-US: smart contract implementation for CardFactory
-CVE-2018-13593 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13593
 	NOT-FOR-US: smart contract implementation for CardToken
-CVE-2018-13592 (The mintToken function of a smart contract implementation for RajTest, ...)
+CVE-2018-13592
 	NOT-FOR-US: smart contract implementation for RajTest
-CVE-2018-13591 (The mintToken function of a smart contract implementation for KAPcoin, ...)
+CVE-2018-13591
 	NOT-FOR-US: smart contract implementation for KAPcoin
-CVE-2018-13590 (The mintToken function of a smart contract implementation for SIPCOIN, ...)
+CVE-2018-13590
 	NOT-FOR-US: smart contract implementation for SIPCOIN
-CVE-2018-13589 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13589
 	NOT-FOR-US: smart contract implementation for MooAdvToken
-CVE-2018-13588 (The mintToken function of a smart contract implementation for Code47 ...)
+CVE-2018-13588
 	NOT-FOR-US: smart contract implementation for Code47 (C47)
-CVE-2018-13587 (The mintToken function of a smart contract implementation for DECToken, ...)
+CVE-2018-13587
 	NOT-FOR-US: smart contract implementation for DECToken
-CVE-2018-13586 (The mintToken function of a smart contract implementation for Nectar ...)
+CVE-2018-13586
 	NOT-FOR-US: smart contract implementation for Nectar (NCTR)
-CVE-2018-13585 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13585
 	NOT-FOR-US: smart contract implementation for CHERRYCOIN
-CVE-2018-13584 (The mintToken function of a smart contract implementation for yasudem, ...)
+CVE-2018-13584
 	NOT-FOR-US: smart contract implementation for yasudem
-CVE-2018-13583 (The mintToken function of a smart contract implementation for Shmoo, an ...)
+CVE-2018-13583
 	NOT-FOR-US: smart contract implementation for Shmoo
-CVE-2018-13582 (The mintToken function of a smart contract implementation for My2Token, ...)
+CVE-2018-13582
 	NOT-FOR-US: smart contract implementation for My2Token
-CVE-2018-13581 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13581
 	NOT-FOR-US: smart contract implementation for TravelCoin (TRV)
-CVE-2018-13580 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13580
 	NOT-FOR-US: smart contract implementation for ProvidenceCasino (PVE)
-CVE-2018-13579 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13579
 	NOT-FOR-US: smart contract implementation for ForeverCoin
-CVE-2018-13578 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13578
 	NOT-FOR-US: smart contract implementation for GalaxyCoin
-CVE-2018-13577 (The mintToken function of a smart contract implementation for ShitCoin ...)
+CVE-2018-13577
 	NOT-FOR-US: smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit)
-CVE-2018-13576 (The mintToken function of a smart contract implementation for Escut ...)
+CVE-2018-13576
 	NOT-FOR-US: smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer)
-CVE-2018-13575 (The mintToken function of a smart contract implementation for YESToken, ...)
+CVE-2018-13575
 	NOT-FOR-US: smart contract implementation for YESToken
-CVE-2018-13574 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13574
 	NOT-FOR-US: smart contract implementation for DataShieldCoin
-CVE-2018-13573 (The mintToken function of a smart contract implementation for TripPay, ...)
+CVE-2018-13573
 	NOT-FOR-US: smart contract implementation for TripPay
-CVE-2018-13572 (The mintToken function of a smart contract implementation for PGM_Coin, ...)
+CVE-2018-13572
 	NOT-FOR-US: smart contract implementation for PGM_Coin
-CVE-2018-13571 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13571
 	NOT-FOR-US: smart contract implementation for GoramCoin
-CVE-2018-13570 (The mint function of a smart contract implementation for kkTestCoin1 ...)
+CVE-2018-13570
 	NOT-FOR-US: smart contract implementation for kkTestCoin1 (KTC1)
-CVE-2018-13569 (The mintToken function of a smart contract implementation for HitToken, ...)
+CVE-2018-13569
 	NOT-FOR-US: smart contract implementation for HitToken
-CVE-2018-13568 (The mintToken function of a smart contract implementation for MktCoin, ...)
+CVE-2018-13568
 	NOT-FOR-US: smart contract implementation for MktCoin
-CVE-2018-13567 (The mintToken function of a smart contract implementation for SDR, an ...)
+CVE-2018-13567
 	NOT-FOR-US: smart contract implementation for SDR
-CVE-2018-13566 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13566
 	NOT-FOR-US: smart contract implementation for RETNToken
-CVE-2018-13565 (The mintToken function of a smart contract implementation for Co2Bit, ...)
+CVE-2018-13565
 	NOT-FOR-US: smart contract implementation for Co2Bit
-CVE-2018-13564 (The mintToken function of a smart contract implementation for GATcoin, ...)
+CVE-2018-13564
 	NOT-FOR-US: smart contract implementation for GATcoin
-CVE-2018-13563 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13563
 	NOT-FOR-US: smart contract implementation for UPayToken
-CVE-2018-13562 (The mintToken function of a smart contract implementation for BMVCoin, ...)
+CVE-2018-13562
 	NOT-FOR-US: smart contract implementation for BMVCoin
-CVE-2018-13561 (The mintToken function of a smart contract implementation for YourCoin ...)
+CVE-2018-13561
 	NOT-FOR-US: smart contract implementation for YourCoin (ICO) (Contract Name: ETH033)
-CVE-2018-13560 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13560
 	NOT-FOR-US: smart contract implementation for KelvinToken
-CVE-2018-13559 (The mintToken function of a smart contract implementation for UTCT, an ...)
+CVE-2018-13559
 	NOT-FOR-US: smart contract implementation for UTCT
-CVE-2018-13558 (The mintToken function of a smart contract implementation for rhovit, ...)
+CVE-2018-13558
 	NOT-FOR-US: smart contract implementation for rhovit
-CVE-2018-13557 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13557
 	NOT-FOR-US: smart contract implementation for Trabet_Coin
-CVE-2018-13556 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13556
 	NOT-FOR-US: smart contract implementation for COSMOTokenERC20
-CVE-2018-13555 (The mintToken function of a smart contract implementation for JaxBox, ...)
+CVE-2018-13555
 	NOT-FOR-US: smart contract implementation for JaxBox
-CVE-2018-13554 (The mintToken function of a smart contract implementation for MoneyTree ...)
+CVE-2018-13554
 	NOT-FOR-US: smart contract implementation for MoneyTree (TREE)
-CVE-2018-13553 (The mintToken function of a smart contract implementation for Micro BTC ...)
+CVE-2018-13553
 	NOT-FOR-US: smart contract implementation for Micro BTC (MBTC)
-CVE-2018-13552 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13552
 	NOT-FOR-US: smart contract implementation for Trabet_Coin_PreICO
-CVE-2018-13551 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13551
 	NOT-FOR-US: smart contract implementation for Bgamecoin
-CVE-2018-13550 (The mintToken function of a smart contract implementation for Coquinho ...)
+CVE-2018-13550
 	NOT-FOR-US: smart contract implementation for Coquinho Coin (CQNC) (Contract Name: CoquinhoERC20)
-CVE-2018-13549 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13549
 	NOT-FOR-US: smart contract implementation for NeuroToken
-CVE-2018-13548 (The mintToken function of a smart contract implementation for Mimicoin, ...)
+CVE-2018-13548
 	NOT-FOR-US: smart contract implementation for Mimicoin
-CVE-2018-13547 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13547
 	NOT-FOR-US: smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken)
-CVE-2018-13546 (The mintToken function of a smart contract implementation for CCASH, an ...)
+CVE-2018-13546
 	NOT-FOR-US: smart contract implementation for CCASH
-CVE-2018-13545 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13545
 	NOT-FOR-US: smart contract implementation for HashShield
-CVE-2018-13544 (The mintToken function of a smart contract implementation for Numisma, ...)
+CVE-2018-13544
 	NOT-FOR-US: smart contract implementation for Numisma
-CVE-2018-13543 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13543
 	NOT-FOR-US: smart contract implementation for GemstoneToken
-CVE-2018-13542 (The mintToken function of a smart contract implementation for ZIBToken, ...)
+CVE-2018-13542
 	NOT-FOR-US: smart contract implementation for ZIBToken
-CVE-2018-13541 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13541
 	NOT-FOR-US: smart contract implementation for CryptoLeu
-CVE-2018-13540 (The mintToken function of a smart contract implementation for GSI, an ...)
+CVE-2018-13540
 	NOT-FOR-US: smart contract implementation for GSI
-CVE-2018-13539 (The mintToken function of a smart contract implementation for Bcxss, an ...)
+CVE-2018-13539
 	NOT-FOR-US: smart contract implementation for Bcxss
-CVE-2018-13538 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13538
 	NOT-FOR-US: smart contract implementation for SIPCToken
-CVE-2018-13537 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13537
 	NOT-FOR-US: smart contract implementation for EthereumLegit
-CVE-2018-13536 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13536
 	NOT-FOR-US: smart contract implementation for ERC20_ICO
-CVE-2018-13535 (The mintToken function of a smart contract implementation for PACCOIN, ...)
+CVE-2018-13535
 	NOT-FOR-US: smart contract implementation for PACCOIN
-CVE-2018-13534 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13534
 	NOT-FOR-US: smart contract implementation for SpeedCashLite (SCSL)
-CVE-2018-13533 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13533
 	NOT-FOR-US: smart contract implementation for ALUXToken
-CVE-2018-13532 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13532
 	NOT-FOR-US: smart contract implementation for Mindexcoin
-CVE-2018-13531 (The mintToken function of a smart contract implementation for MaxHouse, ...)
+CVE-2018-13531
 	NOT-FOR-US: smart contract implementation for MaxHouse
-CVE-2018-13530 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13530
 	NOT-FOR-US: smart contract implementation for HunterCoin
-CVE-2018-13529 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13529
 	NOT-FOR-US: smart contract implementation for BetterThanAdrien
-CVE-2018-13528 (The mintToken function of a smart contract implementation for DhaCoin, ...)
+CVE-2018-13528
 	NOT-FOR-US: smart contract implementation for DhaCoin
-CVE-2018-13527 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13527
 	NOT-FOR-US: smart contract implementation for ElevateCoin
-CVE-2018-13526 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13526
 	NOT-FOR-US: smart contract implementation for WangWangToken
-CVE-2018-13525 (The mintToken function of a smart contract implementation for Flow, an ...)
+CVE-2018-13525
 	NOT-FOR-US: smart contract implementation for Flow
-CVE-2018-13524 (The mintToken function of a smart contract implementation for PornCoin ...)
+CVE-2018-13524
 	NOT-FOR-US: smart contract implementation for PornCoin (PRNC)
-CVE-2018-13523 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13523
 	NOT-FOR-US: smart contract implementation for SmartPayment
-CVE-2018-13522 (The mintToken function of a smart contract implementation for EXGROUP, ...)
+CVE-2018-13522
 	NOT-FOR-US: smart contract implementation for EXGROUP
-CVE-2018-13521 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13521
 	NOT-FOR-US: smart contract implementation for PinkyToken
-CVE-2018-13520 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13520
 	NOT-FOR-US: smart contract implementation for TopscoinAdvanced
-CVE-2018-13519 (The mint function of a smart contract implementation for ...)
+CVE-2018-13519
 	NOT-FOR-US: smart contract implementation for DigitalCloudToken
-CVE-2018-13518 (The mintToken function of a smart contract implementation for TCash, an ...)
+CVE-2018-13518
 	NOT-FOR-US: smart contract implementation for TCash
-CVE-2018-13517 (The mintToken function of a smart contract implementation for C3 Token ...)
+CVE-2018-13517
 	NOT-FOR-US: smart contract implementation for C3 Token (C3)
-CVE-2018-13516 (The mintToken function of a smart contract implementation for Super ...)
+CVE-2018-13516
 	NOT-FOR-US: smart contract implementation for Super Cool Awesome Money (SCAM)
-CVE-2018-13515 (The mintToken function of a smart contract implementation for aman, an ...)
+CVE-2018-13515
 	NOT-FOR-US: smart contract implementation for aman
-CVE-2018-13514 (The mintToken function of a smart contract implementation for esportz, ...)
+CVE-2018-13514
 	NOT-FOR-US: smart contract implementation for esportz
-CVE-2018-13513 (The mintToken function of a smart contract implementation for Ubiou, an ...)
+CVE-2018-13513
 	NOT-FOR-US: smart contract implementation for Ubiou
-CVE-2018-13512 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13512
 	NOT-FOR-US: smart contract implementation for SmartHomeCoin
-CVE-2018-13511 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13511
 	NOT-FOR-US: smart contract implementation for CorelliCoin
-CVE-2018-13510 (The mintToken function of a smart contract implementation for Welfare ...)
+CVE-2018-13510
 	NOT-FOR-US: smart contract implementation for Welfare Token Fund (WTF)
-CVE-2018-13509 (The mintToken function of a smart contract implementation for IamRich, ...)
+CVE-2018-13509
 	NOT-FOR-US: smart contract implementation for IamRich
-CVE-2018-13508 (The mintToken function of a smart contract implementation for VITToken, ...)
+CVE-2018-13508
 	NOT-FOR-US: smart contract implementation for VITToken
-CVE-2018-13507 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13507
 	NOT-FOR-US: smart contract implementation for SLCAdvancedToken
-CVE-2018-13506 (The mintToken function of a smart contract implementation for SDR22, an ...)
+CVE-2018-13506
 	NOT-FOR-US: smart contract implementation for SDR22
-CVE-2018-13505 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13505
 	NOT-FOR-US: smart contract implementation for ecogreenhouse
-CVE-2018-13504 (The mintToken function of a smart contract implementation for MMCoin, ...)
+CVE-2018-13504
 	NOT-FOR-US: smart contract implementation for MMCoin
-CVE-2018-13503 (The mintToken function of a smart contract implementation for South ...)
+CVE-2018-13503
 	NOT-FOR-US: smart contract implementation for South Park Token Token (SPTKN)
-CVE-2018-13502 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13502
 	NOT-FOR-US: smart contract implementation for HeliumNetwork
-CVE-2018-13501 (The mintToken function of a smart contract implementation for HRWtoken, ...)
+CVE-2018-13501
 	NOT-FOR-US: smart contract implementation for HRWtoken
-CVE-2018-13500 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13500
 	NOT-FOR-US: smart contract implementation for MSXAdvanced
-CVE-2018-13499 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13499
 	NOT-FOR-US: smart contract implementation for Crowdsale
-CVE-2018-13498 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13498
 	NOT-FOR-US: smart contract implementation for KAPAYcoin
-CVE-2018-13497 (The mintToken function of a smart contract implementation for COBToken, ...)
+CVE-2018-13497
 	NOT-FOR-US: smart contract implementation for COBToken
-CVE-2018-13496 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13496
 	NOT-FOR-US: smart contract implementation for RajTestICO
-CVE-2018-13495 (The mintToken function of a smart contract implementation for KMCToken, ...)
+CVE-2018-13495
 	NOT-FOR-US: smart contract implementation for KMCToken
-CVE-2018-13494 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13494
 	NOT-FOR-US: smart contract implementation for SusanTokenERC20
-CVE-2018-13493 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13493
 	NOT-FOR-US: smart contract implementation for DaddyToken
-CVE-2018-13492 (The mintToken function of a smart contract implementation for naga, an ...)
+CVE-2018-13492
 	NOT-FOR-US: smart contract implementation for naga
-CVE-2018-13491 (The mintToken function of a smart contract implementation for Carrot, ...)
+CVE-2018-13491
 	NOT-FOR-US: smart contract implementation for Carrot
-CVE-2018-13490 (The mintToken function of a smart contract implementation for FILM, an ...)
+CVE-2018-13490
 	NOT-FOR-US: smart contract implementation for FILM
-CVE-2018-13489 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13489
 	NOT-FOR-US: smart contract implementation for OllisCoin
-CVE-2018-13488 (The mintToken function of a smart contract implementation for Crypto ...)
+CVE-2018-13488
 	NOT-FOR-US: smart contract implementation for Crypto Alley Shares (CAST)
-CVE-2018-13487 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13487
 	NOT-FOR-US: smart contract implementation for PlatoToken
-CVE-2018-13486 (The mintToken function of a smart contract implementation for HELP, an ...)
+CVE-2018-13486
 	NOT-FOR-US: smart contract implementation for HELP
-CVE-2018-13485 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13485
 	NOT-FOR-US: smart contract implementation for BitcoinAgileToken
-CVE-2018-13484 (The mintToken function of a smart contract implementation for CBRToken, ...)
+CVE-2018-13484
 	NOT-FOR-US: smart contract implementation for CBRToken
-CVE-2018-13483 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13483
 	NOT-FOR-US: smart contract implementation for mkethToken
-CVE-2018-13482 (The mintToken function of a smart contract implementation for ETHERCASH ...)
+CVE-2018-13482
 	NOT-FOR-US: smart contract implementation for ETHERCASH (ETC)
-CVE-2018-13481 (The mintToken function of a smart contract implementation for TRIUM, an ...)
+CVE-2018-13481
 	NOT-FOR-US: smart contract implementation for TRIUM
-CVE-2018-13480 (The mintToken function of a smart contract implementation for QRG, an ...)
+CVE-2018-13480
 	NOT-FOR-US: smart contract implementation for QRG
-CVE-2018-13479 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13479
 	NOT-FOR-US: smart contract implementation for SlidebitsToken
-CVE-2018-13478 (The mintToken function of a smart contract implementation for DMPToken, ...)
+CVE-2018-13478
 	NOT-FOR-US: smart contract implementation for DMPToken
-CVE-2018-13477 (The mintToken function of a smart contract implementation for CTESale, ...)
+CVE-2018-13477
 	NOT-FOR-US: smart contract implementation for CTESale
-CVE-2018-13476 (The mintToken function of a smart contract implementation for PhilCoin, ...)
+CVE-2018-13476
 	NOT-FOR-US: smart contract implementation for PhilCoin
-CVE-2018-13475 (The mintToken function of a smart contract implementation for VSCToken, ...)
+CVE-2018-13475
 	NOT-FOR-US: smart contract implementation for VSCToken
-CVE-2018-13474 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13474
 	NOT-FOR-US: smart contract implementation for FansChainToken
-CVE-2018-13473 (The mintToken function of a smart contract implementation for ohni_2 ...)
+CVE-2018-13473
 	NOT-FOR-US: smart contract implementation for ohni_2 (OHNI)
-CVE-2018-13472 (The mint function of a smart contract implementation for CloutToken, an ...)
+CVE-2018-13472
 	NOT-FOR-US: smart contract implementation for CloutToken
-CVE-2018-13471 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13471
 	NOT-FOR-US: smart contract implementation for BeyondCashToken
-CVE-2018-13470 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13470
 	NOT-FOR-US: smart contract implementation for BuyerToken
-CVE-2018-13469 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13469
 	NOT-FOR-US: smart contract implementation for IcoContract
-CVE-2018-13468 (The mintToken function of a smart contract implementation for Cavecoin, ...)
+CVE-2018-13468
 	NOT-FOR-US: smart contract implementation for Cavecoin
-CVE-2018-13467 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13467
 	NOT-FOR-US: smart contract implementation for EpiphanyCoin
-CVE-2018-13466 (The mintToken function of a smart contract implementation for Crystals, ...)
+CVE-2018-13466
 	NOT-FOR-US: smart contract implementation for Crystals
-CVE-2018-13465 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13465
 	NOT-FOR-US: smart contract implementation for PaulyCoin
-CVE-2018-13464 (The mintToken function of a smart contract implementation for t_swap, ...)
+CVE-2018-13464
 	NOT-FOR-US: smart contract implementation for t_swap
-CVE-2018-13463 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13463
 	NOT-FOR-US: smart contract implementation for T-Swap-Token (T-S-T)
-CVE-2018-13462 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13462
 	NOT-FOR-US: smart contract implementation for MoonToken
 CVE-2018-13461
 	RESERVED
@@ -19276,11 +19269,11 @@ CVE-2018-13460
 	RESERVED
 CVE-2018-13459
 	RESERVED
-CVE-2018-13458 (qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer ...)
+CVE-2018-13458
 	- nagios4 4.3.4-3 (low; bug #917160)
 	NOTE: https://gist.github.com/fakhrizulkifli/40f3daf52950cca6de28ebec2498ff6e
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/b1a92a3b52d292ccb601e77a0b29cb1e67ac9d76
-CVE-2018-13457 (qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer ...)
+CVE-2018-13457
 	- nagios4 4.3.4-3 (low; bug #917160)
 	NOTE: https://gist.github.com/fakhrizulkifli/87cf1c1ad403b4d40a86d90c9c9bf7ab
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/b1a92a3b52d292ccb601e77a0b29cb1e67ac9d76
@@ -19296,39 +19289,39 @@ CVE-2018-13452
 	RESERVED
 CVE-2018-13451
 	RESERVED
-CVE-2018-13450 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ...)
+CVE-2018-13450
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13449 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ...)
+CVE-2018-13449
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13448 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ...)
+CVE-2018-13448
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13447 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ...)
+CVE-2018-13447
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13446 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line ...)
+CVE-2018-13446
 	NOT-FOR-US: LINE jp.naver.line application for Android
-CVE-2018-13445 (An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability ...)
+CVE-2018-13445
 	NOT-FOR-US: SeaCMS
-CVE-2018-13444 (An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability ...)
+CVE-2018-13444
 	NOT-FOR-US: SeaCMS
 CVE-2018-13443
 	RESERVED
 CVE-2018-13442
 	RESERVED
-CVE-2018-13441 (qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL ...)
+CVE-2018-13441
 	- nagios4 4.3.4-3 (low; bug #917160)
 	NOTE: https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/b1a92a3b52d292ccb601e77a0b29cb1e67ac9d76
-CVE-2018-13440 (The audiofile Audio File Library 0.3.6 has a NULL pointer dereference ...)
+CVE-2018-13440
 	- audiofile <unfixed> (low; bug #903499)
 	[buster] - audiofile <no-dsa> (Minor issue)
 	[stretch] - audiofile <no-dsa> (Minor issue)
 	[jessie] - audiofile <no-dsa> (Minor issue)
 	NOTE: https://github.com/mpruett/audiofile/issues/49
-CVE-2018-13439 (WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a ...)
+CVE-2018-13439
 	NOT-FOR-US: WeChat Pay Java SDK
 CVE-2018-13438
 	RESERVED
@@ -19336,11 +19329,11 @@ CVE-2018-13437
 	RESERVED
 CVE-2018-13436
 	RESERVED
-CVE-2018-13435 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line ...)
+CVE-2018-13435
 	NOT-FOR-US: LINE jp.naver.line application for iOS
-CVE-2018-13434 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line ...)
+CVE-2018-13434
 	NOT-FOR-US: LINE jp.naver.line application for iOS
-CVE-2018-13433 (Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as ...)
+CVE-2018-13433
 	NOT-FOR-US: Boostnote
 CVE-2018-13432
 	RESERVED
@@ -19360,98 +19353,98 @@ CVE-2018-13425
 	RESERVED
 CVE-2018-13424
 	RESERVED
-CVE-2018-13423 (admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows ...)
+CVE-2018-13423
 	NOT-FOR-US: Omeka
-CVE-2018-13422 (TCExam before 14.1.2 has XSS via an ff_ or xl_ field. ...)
+CVE-2018-13422
 	NOT-FOR-US: TCExam
-CVE-2018-13421 (Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a ...)
+CVE-2018-13421
 	- fast-cpp-csv-parser 0.0+git20160525~9bf299c-2 (low; bug #903247)
 	[stretch] - fast-cpp-csv-parser <no-dsa> (Minor issue)
 	[jessie] - fast-cpp-csv-parser <no-dsa> (Minor issue)
 	NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/issues/67
 	NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/commit/8cf591aa7397f4372778cc927e184d28ee591093
-CVE-2018-13420 (** DISPUTED ** Google gperftools 2.7 has a memory leak in ...)
+CVE-2018-13420
 	- google-perftools <unfixed> (unimportant; bug #903248)
 	NOTE: https://github.com/gperftools/gperftools/issues/1013
-CVE-2018-13419 (** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is ...)
+CVE-2018-13419
 	NOTE: Misreport, not reprodiucible by upstream and no test file was provided
 	NOTE: https://github.com/erikd/libsndfile/issues/398
-CVE-2018-13418 (System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 ...)
+CVE-2018-13418
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13417 (In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for ...)
+CVE-2018-13417
 	- azureus <removed>
-CVE-2018-13416 (In Universal Media Server (UMS) 7.1.0, the XML parsing engine for ...)
+CVE-2018-13416
 	NOT-FOR-US: Universal Media Server
-CVE-2018-13415 (In Plex Media Server 1.13.2.5154, the XML parsing engine for SSDP/UPnP ...)
+CVE-2018-13415
 	NOT-FOR-US: Plex Media Server
 CVE-2018-13414
 	RESERVED
 CVE-2018-13413
 	RESERVED
-CVE-2018-13412 (An issue was discovered in the Self Service Portal in Zoho ...)
+CVE-2018-13412
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-13411 (An issue was discovered in Zoho ManageEngine Desktop Central before ...)
+CVE-2018-13411
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-13410 (** DISPUTED ** Info-ZIP Zip 3.0, when the -T and -TT command-line ...)
+CVE-2018-13410
 	- zip <unfixed> (unimportant; bug #903196)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jul/24
 	NOTE: Negligible security impact, would involve that a untrusted party controls
 	NOTE: the -TT value.
-CVE-2018-13409 (An issue was discovered in Jirafeau before 3.4.1. The &quot;search file by ...)
+CVE-2018-13409
 	NOT-FOR-US: Jirafeau
-CVE-2018-13408 (An issue was discovered in Jirafeau before 3.4.1. The &quot;search file by ...)
+CVE-2018-13408
 	NOT-FOR-US: Jirafeau
-CVE-2018-13407 (A CSRF issue was discovered in Jirafeau before 3.4.1. The &quot;delete file&quot; ...)
+CVE-2018-13407
 	NOT-FOR-US: Jirafeau
-CVE-2018-13406 (An integer overflow in the uvesafb_setcmap function in ...)
+CVE-2018-13406
 	{DLA-1715-1 DLA-1529-1}
 	- linux 4.17.6-1
 	[stretch] - linux 4.9.130-1
 	NOTE: https://git.kernel.org/linus/9f645bcc566a1e9f921bdae7528a01ced5bc3713
-CVE-2018-13405 (The inode_init_owner function in fs/inode.c in the Linux kernel through ...)
+CVE-2018-13405
 	{DSA-4266-1 DLA-1529-1 DLA-1466-1}
 	- linux 4.17.6-1
 	NOTE: https://git.kernel.org/linus/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/13/2
-CVE-2018-13404 (The VerifyPopServerConnection resource in Atlassian Jira before ...)
+CVE-2018-13404
 	NOT-FOR-US: Atlassian
-CVE-2018-13403 (The two-dimensional filter statistics gadget in Atlassian Jira before ...)
+CVE-2018-13403
 	NOT-FOR-US: Atlassian
-CVE-2018-13402 (Many resources in Atlassian Jira before version 7.6.9, from version ...)
+CVE-2018-13402
 	NOT-FOR-US: Atlassian
-CVE-2018-13401 (The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, ...)
+CVE-2018-13401
 	NOT-FOR-US: Atlassian
-CVE-2018-13400 (Several administrative resources in Atlassian Jira before version ...)
+CVE-2018-13400
 	NOT-FOR-US: Atlassian
-CVE-2018-13399 (The Microsoft Windows Installer for Atlassian Fisheye and Crucible ...)
+CVE-2018-13399
 	NOT-FOR-US: Atlassian
-CVE-2018-13398 (The administrative smart-commits resource in Atlassian Fisheye and ...)
+CVE-2018-13398
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2018-13397 (There was an argument injection vulnerability in Sourcetree for ...)
+CVE-2018-13397
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-13396 (There was an argument injection vulnerability in Sourcetree for macOS ...)
+CVE-2018-13396
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-13395 (Various resources in Atlassian Jira before version 7.6.8, from version ...)
+CVE-2018-13395
 	NOT-FOR-US: Atlassian Jira
-CVE-2018-13394 (The acceptAnswer resource in Atlassian Confluence Questions before ...)
+CVE-2018-13394
 	NOT-FOR-US: Atlassian Confluence Questions
-CVE-2018-13393 (The convertCommentToAnswer resource in Atlassian Confluence Questions ...)
+CVE-2018-13393
 	NOT-FOR-US: Atlassian Confluence Questions
-CVE-2018-13392 (Several resources in Atlassian Fisheye and Crucible before version ...)
+CVE-2018-13392
 	NOT-FOR-US: Atlassian
-CVE-2018-13391 (The ProfileLinkUserFormat component of Jira Server before version ...)
+CVE-2018-13391
 	NOT-FOR-US: Atlassian Jira Server
-CVE-2018-13390 (Unauthenticated access to cloudtoken daemon on Linux via network from ...)
+CVE-2018-13390
 	NOT-FOR-US: Atlassian
-CVE-2018-13389 (The attachment resource in Atlassian Confluence before version 6.6.1 ...)
+CVE-2018-13389
 	NOT-FOR-US: Atlassian Confluence
-CVE-2018-13388 (The review attachment resource in Atlassian Fisheye and Crucible ...)
+CVE-2018-13388
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2018-13387 (The IncomingMailServers resource in Atlassian JIRA Server before ...)
+CVE-2018-13387
 	NOT-FOR-US: Atlassian
-CVE-2018-13386 (There was an argument injection vulnerability in Sourcetree for ...)
+CVE-2018-13386
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-13385 (There was an argument injection vulnerability in Sourcetree for macOS ...)
+CVE-2018-13385
 	NOT-FOR-US: Atlassian Sourcetree
 CVE-2018-13384
 	RESERVED
@@ -19469,11 +19462,11 @@ CVE-2018-13378
 	RESERVED
 CVE-2018-13377
 	RESERVED
-CVE-2018-13376 (An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 ...)
+CVE-2018-13376
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-13375
 	RESERVED
-CVE-2018-13374 (A Improper Access Control in Fortinet FortiOS allows attacker to ...)
+CVE-2018-13374
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-13373
 	RESERVED
@@ -19499,31 +19492,31 @@ CVE-2018-13363
 	RESERVED
 CVE-2018-13362
 	RESERVED
-CVE-2018-13361 (User enumeration in usertable.php in TerraMaster TOS version 3.1.03 ...)
+CVE-2018-13361
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13360 (Cross-site scripting in Text Editor in TerraMaster TOS version 3.1.03 ...)
+CVE-2018-13360
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13359 (Cross-site scripting in usertable.php in TerraMaster TOS version ...)
+CVE-2018-13359
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13358 (System command injection in ajaxdata.php in TerraMaster TOS version ...)
+CVE-2018-13358
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13357 (Cross-site scripting in Control Panel in TerraMaster TOS version ...)
+CVE-2018-13357
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13356 (Incorrect access control on ajaxdata.php in TerraMaster TOS version ...)
+CVE-2018-13356
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13355 (Incorrect access controls in ajaxdata.php in TerraMaster TOS version ...)
+CVE-2018-13355
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13354 (System command injection in logtable.php in TerraMaster TOS version ...)
+CVE-2018-13354
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13353 (System command injection in ajaxdata.php in TerraMaster TOS version ...)
+CVE-2018-13353
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13352 (Session Exposure in the web application for TerraMaster TOS version ...)
+CVE-2018-13352
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13351 (Cross-site scripting in Control Panel in TerraMaster TOS version ...)
+CVE-2018-13351
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13350 (SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows ...)
+CVE-2018-13350
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13349 (Cross-site scripting in the web application taskbar in TerraMaster TOS ...)
+CVE-2018-13349
 	NOT-FOR-US: TerraMaster TOS
 CVE-2018-13345
 	RESERVED
@@ -19531,113 +19524,113 @@ CVE-2018-13344
 	RESERVED
 CVE-2018-13343
 	RESERVED
-CVE-2018-13342 (The server API in the Anda app relies on hardcoded credentials. ...)
+CVE-2018-13342
 	NOT-FOR-US: Anda app
-CVE-2018-13341 (Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all ...)
+CVE-2018-13341
 	NOT-FOR-US: Creston
-CVE-2018-13340 (Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request. ...)
+CVE-2018-13340
 	NOT-FOR-US: Gleez CMS
-CVE-2018-13339 (Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode ...)
+CVE-2018-13339
 	NOT-FOR-US: Imperavi Redactor
-CVE-2018-13338 (System command injection in ajaxdata.php in TerraMaster TOS version ...)
+CVE-2018-13338
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13337 (Session Fixation in the web application for TerraMaster TOS version ...)
+CVE-2018-13337
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13336 (System command injection in ajaxdata.php in TerraMaster TOS version ...)
+CVE-2018-13336
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13335 (Cross-site scripting in Control Panel in TerraMaster TOS version ...)
+CVE-2018-13335
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13334 (Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 ...)
+CVE-2018-13334
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13333 (Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 ...)
+CVE-2018-13333
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13332 (Directory Traversal in the explorer application in TerraMaster TOS ...)
+CVE-2018-13332
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13331 (Cross-site scripting in Control Panel in TerraMaster TOS version ...)
+CVE-2018-13331
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13330 (System command injection in ajaxdata.php in TerraMaster TOS version ...)
+CVE-2018-13330
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13329 (Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 ...)
+CVE-2018-13329
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13328 (The transfer, transferFrom, and mint functions of a smart contract ...)
+CVE-2018-13328
 	NOT-FOR-US: smart contract
-CVE-2018-13327 (The transfer and transferFrom functions of a smart contract ...)
+CVE-2018-13327
 	NOT-FOR-US: smart contract
-CVE-2018-13326 (The transfer and transferFrom functions of a smart contract ...)
+CVE-2018-13326
 	NOT-FOR-US: smart contract
-CVE-2018-13325 (The _sell function of a smart contract implementation for GROWCHAIN ...)
+CVE-2018-13325
 	NOT-FOR-US: smart contract
-CVE-2018-13324 (Incorrect access control in nasapi in Buffalo TS5600D1206 version ...)
+CVE-2018-13324
 	NOT-FOR-US: Buffalo
-CVE-2018-13323 (Cross-site scripting in detail.html in Buffalo TS5600D1206 version ...)
+CVE-2018-13323
 	NOT-FOR-US: Buffalo
-CVE-2018-13322 (Directory traversal in list_folders method in Buffalo TS5600D1206 ...)
+CVE-2018-13322
 	NOT-FOR-US: Buffalo
-CVE-2018-13321 (Incorrect access controls in nasapi in Buffalo TS5600D1206 version ...)
+CVE-2018-13321
 	NOT-FOR-US: Buffalo
-CVE-2018-13320 (System Command Injection in network.set_auth_settings in Buffalo ...)
+CVE-2018-13320
 	NOT-FOR-US: Buffalo
-CVE-2018-13319 (Incorrect access control in get_portal_info in Buffalo TS5600D1206 ...)
+CVE-2018-13319
 	NOT-FOR-US: Buffalo
-CVE-2018-13318 (System command injection in User.create method in Buffalo TS5600D1206 ...)
+CVE-2018-13318
 	NOT-FOR-US: Buffalo
-CVE-2018-13317 (Password disclosure in password.htm in TOTOLINK A3002RU version 1.0.8 ...)
+CVE-2018-13317
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13316 (System command injection in formAliasIp in TOTOLINK A3002RU version ...)
+CVE-2018-13316
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13315 (Incorrect access control in formPasswordSetup in TOTOLINK A3002RU ...)
+CVE-2018-13315
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13314 (System command injection in formAliasIp in TOTOLINK A3002RU version ...)
+CVE-2018-13314
 	NOT-FOR-US: TOTOLINK
 CVE-2018-13313
 	RESERVED
-CVE-2018-13312 (Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version ...)
+CVE-2018-13312
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13311 (System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 ...)
+CVE-2018-13311
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13310 (Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 ...)
+CVE-2018-13310
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13309 (Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 ...)
+CVE-2018-13309
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13308 (Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version ...)
+CVE-2018-13308
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13307 (System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 ...)
+CVE-2018-13307
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13306 (System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 ...)
+CVE-2018-13306
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13305 (In FFmpeg 4.0.1, due to a missing check for negative values of the ...)
+CVE-2018-13305
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4#commitcomment-30094223
-CVE-2018-13304 (In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency ...)
+CVE-2018-13304
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/bd27a9364ca274ca97f1df6d984e88a0700fb235
-CVE-2018-13303 (In FFmpeg 4.0.1, a missing check for failure of a call to ...)
+CVE-2018-13303
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/00e8181bd97c834fe60751b0c511d4bb97875f78
-CVE-2018-13302 (In FFmpeg 4.0.1, improper handling of frame types (other than ...)
+CVE-2018-13302
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.3-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/ed22dc22216f74c75ee7901f82649e1ff725ba50
 	NOTE: Fixed in 3.2.11
-CVE-2018-13301 (In FFmpeg 4.0.1, due to a missing check of a profile value before ...)
+CVE-2018-13301
 	- ffmpeg 7:4.0.2-1 (low)
 	[stretch] - ffmpeg <not-affected> (3.2.x not affected)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code path not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2aa9047486dbff12d9e040f917e5f799ed2fd78b
 	NOTE: It looks like Jessie is not affected but we need the reproducer to confirm this assumption.
-CVE-2018-13300 (In FFmpeg 4.0.1, an improper argument (AVCodecParameters) passed to the ...)
+CVE-2018-13300
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.3-1
 	- libav <removed>
@@ -19678,11 +19671,11 @@ CVE-2018-13284
 	RESERVED
 CVE-2018-13283
 	RESERVED
-CVE-2018-13282 (Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology ...)
+CVE-2018-13282
 	NOT-FOR-US: Synology Photo Station
-CVE-2018-13281 (Information exposure vulnerability in SYNO.Core.ACL in Synology ...)
+CVE-2018-13281
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-13280 (Use of insufficiently random values vulnerability in ...)
+CVE-2018-13280
 	NOT-FOR-US: Synology
 CVE-2018-13279
 	RESERVED
@@ -19724,19 +19717,19 @@ CVE-2018-13261
 	REJECTED
 CVE-2018-13260
 	REJECTED
-CVE-2018-13259 (An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 ...)
+CVE-2018-13259
 	- zsh 5.6-1 (bug #908000)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://www.zsh.org/mla/zsh-announce/136
 	NOTE: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d
-CVE-2018-13258 (Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided ...)
+CVE-2018-13258
 	- mediawiki <not-affected> (Affected upstream tarball was never used)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T199029
 CVE-2018-13257
 	RESERVED
-CVE-2018-13256 (PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or ...)
+CVE-2018-13256
 	NOT-FOR-US: PHP Scripts Mall Auditor Website
 CVE-2018-13255
 	RESERVED
@@ -19744,12 +19737,12 @@ CVE-2018-13254
 	RESERVED
 CVE-2018-13253
 	RESERVED
-CVE-2018-13252 (Entrust Datacard Syntera CS 5.x has XSS via the name field of &quot;Domain ...)
+CVE-2018-13252
 	NOT-FOR-US: Entrust Datacard Syntera CS
-CVE-2018-13251 (In libming 0.4.8, there is an excessive memory allocation attempt in ...)
+CVE-2018-13251
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/149
-CVE-2018-13250 (libming 0.4.8 has a NULL pointer dereference in the getString function ...)
+CVE-2018-13250
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/147
 CVE-2018-13249
@@ -19784,167 +19777,167 @@ CVE-2018-13235
 	RESERVED
 CVE-2018-13234
 	RESERVED
-CVE-2018-13233 (The sell function of a smart contract implementation for GSI, an ...)
+CVE-2018-13233
 	NOT-FOR-US: smart contract implementation for GSI
-CVE-2018-13232 (The sell function of a smart contract implementation for ENTER (ENTR) ...)
+CVE-2018-13232
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR)
-CVE-2018-13231 (The sell function of a smart contract implementation for ENTER (ENTR) ...)
+CVE-2018-13231
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR)
-CVE-2018-13230 (The sell function of a smart contract implementation for DestiNeed ...)
+CVE-2018-13230
 	NOT-FOR-US: smart contract implementation for DestiNeed (DSN)
-CVE-2018-13229 (The sell function of a smart contract implementation for RiptideCoin ...)
+CVE-2018-13229
 	NOT-FOR-US: smart contract implementation for RiptideCoin (RIPT)
-CVE-2018-13228 (The sell function of a smart contract implementation for Crowdnext ...)
+CVE-2018-13228
 	NOT-FOR-US: smart contract implementation for Crowdnext (CNX)
-CVE-2018-13227 (The sell function of a smart contract implementation for MoneyChainNet ...)
+CVE-2018-13227
 	NOT-FOR-US: smart contract implementation for MoneyChainNet (MCN)
-CVE-2018-13226 (The sell function of a smart contract implementation for YLCToken, an ...)
+CVE-2018-13226
 	NOT-FOR-US: smart contract implementation for YLCToken
-CVE-2018-13225 (The sell function of a smart contract implementation for MyYLC, an ...)
+CVE-2018-13225
 	NOT-FOR-US: smart contract implementation for MyYLC
-CVE-2018-13224 (The sell function of a smart contract implementation for Virtual Energy ...)
+CVE-2018-13224
 	NOT-FOR-US: smart contract implementation for Virtual Energy Units (VEU)
-CVE-2018-13223 (The sell function of a smart contract implementation for R Time Token ...)
+CVE-2018-13223
 	NOT-FOR-US: smart contract implementation for R Time Token v3 (RS)
-CVE-2018-13222 (The sell function of a smart contract implementation for ObjectToken ...)
+CVE-2018-13222
 	NOT-FOR-US: smart contract implementation for ObjectToken (OBJ)
-CVE-2018-13221 (The sell function of a smart contract implementation for Extreme Coin ...)
+CVE-2018-13221
 	NOT-FOR-US: smart contract implementation for Extreme Coin (XT)
-CVE-2018-13220 (The sell function of a smart contract implementation for MAVCash, an ...)
+CVE-2018-13220
 	NOT-FOR-US: smart contract implementation for MAVCash
-CVE-2018-13219 (The sell function of a smart contract implementation for YourCoin (ICO) ...)
+CVE-2018-13219
 	NOT-FOR-US: smart contract implementation for YourCoin (ICO)
-CVE-2018-13218 (The sell function of a smart contract implementation for ICO Dollar ...)
+CVE-2018-13218
 	NOT-FOR-US: smart contract implementation for ICO Dollar (ICOD)
-CVE-2018-13217 (The sell function of a smart contract implementation for CoinToken, an ...)
+CVE-2018-13217
 	NOT-FOR-US: smart contract implementation for CoinToken
-CVE-2018-13216 (The sell function of a smart contract implementation for GreenMed ...)
+CVE-2018-13216
 	NOT-FOR-US: smart contract implementation for GreenMed (GRMD)
-CVE-2018-13215 (The sell function of a smart contract implementation for Sample Token ...)
+CVE-2018-13215
 	NOT-FOR-US: smart contract implementation for Sample Token (STK)
-CVE-2018-13214 (The sell function of a smart contract implementation for GMile, an ...)
+CVE-2018-13214
 	NOT-FOR-US: smart contract implementation for GMile
-CVE-2018-13213 (The sell function of a smart contract implementation for TravelCoin ...)
+CVE-2018-13213
 	NOT-FOR-US: smart contract implementation for TravelCoin
-CVE-2018-13212 (The sell function of a smart contract implementation for EthereumLegit, ...)
+CVE-2018-13212
 	NOT-FOR-US: smart contract implementation for EthereumLegit
-CVE-2018-13211 (The sell function of a smart contract implementation for MyToken, an ...)
+CVE-2018-13211
 	NOT-FOR-US: smart contract implementation for MyToken
-CVE-2018-13210 (The sell function of a smart contract implementation for Providence ...)
+CVE-2018-13210
 	NOT-FOR-US: smart contract implementation for Providence Crypto Casion (PVE)
-CVE-2018-13209 (The sell function of a smart contract implementation for Nectar (NCTR), ...)
+CVE-2018-13209
 	NOT-FOR-US: smart contract implementation for Nectar (NCTR)
-CVE-2018-13208 (The sell function of a smart contract implementation for MoneyTree ...)
+CVE-2018-13208
 	NOT-FOR-US: smart contract implementation for MoneyTree (TREE)
-CVE-2018-13207 (The sell function of a smart contract implementation for PornCoin ...)
+CVE-2018-13207
 	NOT-FOR-US: smart contract implementation for PornCoin
-CVE-2018-13206 (The sell function of a smart contract implementation for ...)
+CVE-2018-13206
 	NOT-FOR-US: smart contract implementation for ProvidenceCasino (PVE)
-CVE-2018-13205 (The sell function of a smart contract implementation for ohni_2 (OHNI), ...)
+CVE-2018-13205
 	NOT-FOR-US: smart contract implementation for ohni_2 (OHNI)
-CVE-2018-13204 (The sell function of a smart contract implementation for ETHERCASH ...)
+CVE-2018-13204
 	NOT-FOR-US: smart contract implementation for ETHERCASH
-CVE-2018-13203 (The sellBuyerTokens function of a smart contract implementation for ...)
+CVE-2018-13203
 	NOT-FOR-US: smart contract implementation for SwapToken
-CVE-2018-13202 (The sell function of a smart contract implementation for MyBO, an ...)
+CVE-2018-13202
 	NOT-FOR-US: smart contract implementation for MyBO
-CVE-2018-13201 (The sell function of a smart contract implementation for TiTok - Ticket ...)
+CVE-2018-13201
 	NOT-FOR-US: smart contract implementation for TiTok - Ticket Token
-CVE-2018-13200 (The sell function of a smart contract implementation for DateMe (DMX) ...)
+CVE-2018-13200
 	NOT-FOR-US: smart contract implementation for DateMe (DMX)
-CVE-2018-13199 (The sell function of a smart contract implementation for ETHEREUMBLACK ...)
+CVE-2018-13199
 	NOT-FOR-US: smart contract implementation for ETHEREUMBLACK
-CVE-2018-13198 (The sell function of a smart contract implementation for STeX Exchange ...)
+CVE-2018-13198
 	NOT-FOR-US: smart contract implementation for STeX Exchange ICO (STE)
-CVE-2018-13197 (The sell function of a smart contract implementation for Welfare Token ...)
+CVE-2018-13197
 	NOT-FOR-US: smart contract implementation for Welfare Token Fund (WTF)
-CVE-2018-13196 (The sell function of a smart contract implementation for T-Swap-Token ...)
+CVE-2018-13196
 	NOT-FOR-US: smart contract implementation for T-Swap-Token
-CVE-2018-13195 (The mintToken function of a smart contract implementation for Cranoo ...)
+CVE-2018-13195
 	NOT-FOR-US: smart contract implementation for Cranoo
-CVE-2018-13194 (The mintToken function of a smart contract implementation for TongTong ...)
+CVE-2018-13194
 	NOT-FOR-US: smart contract implementation for TongTong Coin
-CVE-2018-13193 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13193
 	NOT-FOR-US: smart contract implementation for hentaisolo
-CVE-2018-13192 (The mintToken function of a smart contract implementation for Jobscoin ...)
+CVE-2018-13192
 	NOT-FOR-US: smart contract implementation for Jobscoin
-CVE-2018-13191 (The mintToken function of a smart contract implementation for Super ...)
+CVE-2018-13191
 	NOT-FOR-US: smart contract implementation for Super Carbon Coin
-CVE-2018-13190 (The mintToken function of a smart contract implementation for DVChain, ...)
+CVE-2018-13190
 	NOT-FOR-US: smart contract implementation for DVChain
-CVE-2018-13189 (The mint function of a smart contract implementation for Unolabo ...)
+CVE-2018-13189
 	NOT-FOR-US: smart contract implementation for Unolabo
-CVE-2018-13188 (The mintToken function of a smart contract implementation for MyBO, an ...)
+CVE-2018-13188
 	NOT-FOR-US: smart contract implementation for MyBO
-CVE-2018-13187 (The mintToken function of a smart contract implementation for CIBN Live ...)
+CVE-2018-13187
 	NOT-FOR-US: smart contract implementation for CIBN Live Token
-CVE-2018-13186 (The mintToken function of a smart contract implementation for MMTCoin ...)
+CVE-2018-13186
 	NOT-FOR-US: smart contract implementation for MMTCoin
-CVE-2018-13185 (The mintToken function of a smart contract implementation for appcoins ...)
+CVE-2018-13185
 	NOT-FOR-US: smart contract implementation for appcoins
-CVE-2018-13184 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13184
 	NOT-FOR-US: smart contract implementation for TravelZedi Token
-CVE-2018-13183 (The mintToken function of a smart contract implementation for JWC, an ...)
+CVE-2018-13183
 	NOT-FOR-US: smart contract implementation for JWC
-CVE-2018-13182 (The mintToken function of a smart contract implementation for loncoin ...)
+CVE-2018-13182
 	NOT-FOR-US: smart contract implementation for loncoin
-CVE-2018-13181 (The mintToken function of a smart contract implementation for Troo, an ...)
+CVE-2018-13181
 	NOT-FOR-US: smart contract implementation for Troo
-CVE-2018-13180 (The mintToken function of a smart contract implementation for IMM Coin ...)
+CVE-2018-13180
 	NOT-FOR-US: smart contract implementation for IMM Coin
-CVE-2018-13179 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13179
 	NOT-FOR-US: smart contract implementation for Air-Contact Token
-CVE-2018-13178 (The mintToken function of a smart contract implementation for ECToints ...)
+CVE-2018-13178
 	NOT-FOR-US: smart contract implementation for ECToints
-CVE-2018-13177 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13177
 	NOT-FOR-US: smart contract implementation for MiningRigRentals Token
-CVE-2018-13176 (The mintToken function of a smart contract implementation for Trust Zen ...)
+CVE-2018-13176
 	NOT-FOR-US: smart contract implementation for Trust Zen Token
-CVE-2018-13175 (The mintToken function of a smart contract implementation for AIChain, ...)
+CVE-2018-13175
 	NOT-FOR-US: smart contract implementation for AIChain
-CVE-2018-13174 (The mintToken function of a smart contract implementation for CryptoABS ...)
+CVE-2018-13174
 	NOT-FOR-US: smart contract implementation for CryptoABS
-CVE-2018-13173 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13173
 	NOT-FOR-US: smart contract implementation for EliteShipperToken
-CVE-2018-13172 (The mintToken function of a smart contract implementation for bzxcoin ...)
+CVE-2018-13172
 	NOT-FOR-US: smart contract implementation for bzxcoin
-CVE-2018-13171 (The mintToken function of a smart contract implementation for LadaToken ...)
+CVE-2018-13171
 	NOT-FOR-US: smart contract implementation for LadaToken
-CVE-2018-13170 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13170
 	NOT-FOR-US: smart contract implementation for Snoqualmie Coin
-CVE-2018-13169 (The mintToken function of a smart contract implementation for Ethereum ...)
+CVE-2018-13169
 	NOT-FOR-US: smart contract implementation for Ethereum Cash Pro
-CVE-2018-13168 (The mintToken function of a smart contract implementation for Yu Gi Oh ...)
+CVE-2018-13168
 	NOT-FOR-US: smart contract implementation for Yu Gi Oh
-CVE-2018-13167 (The mintToken function of a smart contract implementation for Yu Gi Oh ...)
+CVE-2018-13167
 	NOT-FOR-US: smart contract implementation for Yu Gi Oh
-CVE-2018-13166 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13166
 	NOT-FOR-US: smart contract implementation for AthletiCoin
-CVE-2018-13165 (The mintToken function of a smart contract implementation for JustDCoin ...)
+CVE-2018-13165
 	NOT-FOR-US: smart contract implementation for JustDCoin
-CVE-2018-13164 (The mintToken function of a smart contract implementation for EPPCOIN ...)
+CVE-2018-13164
 	NOT-FOR-US: smart contract implementation for EPPCOIN
-CVE-2018-13163 (The mintToken function of a smart contract implementation for Ethernet ...)
+CVE-2018-13163
 	NOT-FOR-US: smart contract implementation for Ethernet Cash
-CVE-2018-13162 (The mintToken function of a smart contract implementation for ALEX, an ...)
+CVE-2018-13162
 	NOT-FOR-US: smart contract implementation for ALEX
-CVE-2018-13161 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13161
 	NOT-FOR-US: smart contract implementation for MultiGames
-CVE-2018-13160 (The mintToken function of a smart contract implementation for etktokens ...)
+CVE-2018-13160
 	NOT-FOR-US: smart contract implementation for etktokens
-CVE-2018-13159 (The mintToken function of a smart contract implementation for bankcoin ...)
+CVE-2018-13159
 	NOT-FOR-US: smart contract implementation for bankcoin
-CVE-2018-13158 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13158
 	NOT-FOR-US: smart contract implementation for AssetToken
-CVE-2018-13157 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13157
 	NOT-FOR-US: smart contract implementation for CryptonitexCoin
-CVE-2018-13156 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13156
 	NOT-FOR-US: smart contract implementation for bonusToken
-CVE-2018-13155 (The mintToken function of a smart contract implementation for GEMCHAIN ...)
+CVE-2018-13155
 	NOT-FOR-US: smart contract implementation for GEMCHAIN
 CVE-2018-13154
 	RESERVED
-CVE-2018-13153 (In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand ...)
+CVE-2018-13153
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1195
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4ab4849d667e26df0e63ece9d63ae23bc7ab0fa1
@@ -19961,11 +19954,11 @@ CVE-2018-13148
 	RESERVED
 CVE-2018-13147
 	RESERVED
-CVE-2018-13146 (The mintToken, buy, and sell functions of a smart contract ...)
+CVE-2018-13146
 	NOT-FOR-US: smart contract
-CVE-2018-13145 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13145
 	NOT-FOR-US: smart contract
-CVE-2018-13144 (The transfer and transferFrom functions of a smart contract ...)
+CVE-2018-13144
 	NOT-FOR-US: smart contract
 CVE-2018-13143
 	RESERVED
@@ -19973,9 +19966,9 @@ CVE-2018-13142
 	RESERVED
 CVE-2018-13141
 	RESERVED
-CVE-2018-13140 (Druide Antidote through 9.5.1 on Windows and Linux allows remote code ...)
+CVE-2018-13140
 	NOT-FOR-US: Druide Antidote
-CVE-2018-13139 (A stack-based buffer overflow in psf_memset in common.c in libsndfile ...)
+CVE-2018-13139
 	{DLA-1618-1}
 	- libsndfile <unfixed> (unimportant)
 	NOTE: https://github.com/erikd/libsndfile/issues/397
@@ -19986,37 +19979,37 @@ CVE-2018-13138
 	RESERVED
 CVE-2018-13137
 	RESERVED
-CVE-2018-13136 (The Ultimate Member (aka ultimatemember) plugin before 2.0.18 for ...)
+CVE-2018-13136
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-13135
 	RESERVED
-CVE-2018-13134 (TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have ...)
+CVE-2018-13134
 	NOT-FOR-US: TP-Link
-CVE-2018-13133 (Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated ...)
+CVE-2018-13133
 	NOT-FOR-US: Golden Frog VyprVPN
-CVE-2018-13132 (Spadeico is a smart contract running on Ethereum. The mint function has ...)
+CVE-2018-13132
 	NOT-FOR-US: Spadeico
-CVE-2018-13131 (SpadePreSale is a smart contract running on Ethereum. The mint function ...)
+CVE-2018-13131
 	NOT-FOR-US: SpadePreSale
-CVE-2018-13130 (Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens ...)
+CVE-2018-13130
 	NOT-FOR-US: Bitotal (TFUND)
-CVE-2018-13129 (SP8DE Token (SPX) is a smart contract running on Ethereum. The mint ...)
+CVE-2018-13129
 	NOT-FOR-US: SP8DE Token (SPX)
-CVE-2018-13128 (Etherty Token (ETY) is a smart contract running on Ethereum. The mint ...)
+CVE-2018-13128
 	NOT-FOR-US: Etherty Token (ETY)
-CVE-2018-13127 (SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The ...)
+CVE-2018-13127
 	NOT-FOR-US: SP8DE PreSale Token (DSPX)
-CVE-2018-13126 (MoxyOnePresale is a smart contract running on Ethereum. The mint ...)
+CVE-2018-13126
 	NOT-FOR-US: MoxyOnePresale
 CVE-2018-13125
 	RESERVED
 CVE-2018-13124
 	RESERVED
-CVE-2018-13123 (onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers ...)
+CVE-2018-13123
 	NOT-FOR-US: OneFileCMS
-CVE-2018-13122 (onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers ...)
+CVE-2018-13122
 	NOT-FOR-US: OneFileCMS
-CVE-2018-13121 (RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a ...)
+CVE-2018-13121
 	NOT-FOR-US: RealOne Player
 CVE-2018-13120
 	RESERVED
@@ -20026,147 +20019,147 @@ CVE-2018-13118
 	RESERVED
 CVE-2018-13117
 	RESERVED
-CVE-2018-13116 (/user/del.php in zzcms 8.3 allows SQL injection via the tablename ...)
+CVE-2018-13116
 	NOT-FOR-US: zzcms
-CVE-2018-13115 (Lack of an authentication mechanism in KERUI Wifi Endoscope Camera ...)
+CVE-2018-13115
 	NOT-FOR-US: KERUI Wifi Endoscope Camera
-CVE-2018-13114 (Missing authentication and improper input validation in KERUI Wifi ...)
+CVE-2018-13114
 	NOT-FOR-US: KERUI Wifi Endoscope Camera
-CVE-2018-13113 (The transfer and transferFrom functions of a smart contract ...)
+CVE-2018-13113
 	NOT-FOR-US: smart contract implementation for Easy Trading Token and Ethereum token
-CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote ...)
+CVE-2018-13112
 	- tcpreplay 4.3.1-1 (low; bug #902952)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
 	NOTE: https://github.com/appneta/tcpreplay/issues/477
 	NOTE: https://github.com/appneta/tcpreplay/issues/408
 	NOTE: https://github.com/appneta/tcpreplay/commit/0253c4707446b9500804101122a72dde2763ed8f
-CVE-2018-13111 (There exists a partial Denial of Service vulnerability in Wanscam ...)
+CVE-2018-13111
 	NOT-FOR-US: Wanscam
-CVE-2018-13110 (All ADB broadband gateways / routers based on the Epicentro platform ...)
+CVE-2018-13110
 	NOT-FOR-US: ADB broadband gateways / routers
-CVE-2018-13109 (All ADB broadband gateways / routers based on the Epicentro platform ...)
+CVE-2018-13109
 	NOT-FOR-US: ADB broadband gateways / routers
-CVE-2018-13108 (All ADB broadband gateways / routers based on the Epicentro platform ...)
+CVE-2018-13108
 	NOT-FOR-US: ADB broadband gateways / routers
 CVE-2018-13107
 	RESERVED
-CVE-2018-13106 (ClipperCMS 1.3.3 has stored XSS via the &quot;Tools -&gt; Configuration&quot; screen ...)
+CVE-2018-13106
 	NOT-FOR-US: ClipperCMS
 CVE-2018-13105
 	RESERVED
 CVE-2018-13104
-	RESERVED
+	TODO: check
 CVE-2018-13103
-	RESERVED
-CVE-2018-13102 (AnyDesk before &quot;12.06.2018 - 4.1.3&quot; on Windows 7 SP1 has a DLL ...)
+	TODO: check
+CVE-2018-13102
 	NOT-FOR-US: AnyDesk
-CVE-2018-13101 (KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a ...)
+CVE-2018-13101
 	NOT-FOR-US: RedSwimmer KioskSimple
-CVE-2018-13100 (An issue was discovered in fs/f2fs/super.c in the Linux kernel through ...)
+CVE-2018-13100
 	{DLA-1715-1}
 	- linux 4.18.10-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200183
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=977f9bb558cb4a95d53b10301f5c739ed8867d4d
-CVE-2018-13099 (An issue was discovered in fs/f2fs/inline.c in the Linux kernel through ...)
+CVE-2018-13099
 	{DSA-4308-1 DLA-1531-1}
 	- linux 4.18.10-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200179
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=cc60e90f9bfab8d6a7fb826937e824333c3bf94a
 	NOTE: https://sourceforge.net/p/linux-f2fs/mailman/message/36356878/
-CVE-2018-13098 (An issue was discovered in fs/f2fs/inode.c in the Linux kernel through ...)
+CVE-2018-13098
 	- linux 4.18.10-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200173
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=346886775c5fa6a541c0148bbecc0554ab9d6dad
-CVE-2018-13097 (An issue was discovered in fs/f2fs/super.c in the Linux kernel through ...)
+CVE-2018-13097
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200171
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=78bbd741456e31e0acb983283a8d3993ba859c15
-CVE-2018-13096 (An issue was discovered in fs/f2fs/super.c in the Linux kernel through ...)
+CVE-2018-13096
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200167
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=e335cc683fd13882b9152937b06ff3c16c28aa34
-CVE-2018-13095 (An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux ...)
+CVE-2018-13095
 	- linux 4.18.6-1
 	[jessie] - linux <ignored> (Too risky to backport)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199915
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=23fcb3340d033d9f081e21e6c12c2db7eaa541d3
-CVE-2018-13094 (An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux ...)
+CVE-2018-13094
 	{DLA-1529-1}
 	- linux 4.17.14-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199969
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a
-CVE-2018-13093 (An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel ...)
+CVE-2018-13093
 	{DLA-1529-1}
 	- linux 4.17.14-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199367
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff
-CVE-2018-13092 (The mintToken function of a smart contract implementation for Reimburse ...)
+CVE-2018-13092
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13091 (The mintToken function of a smart contract implementation for sumocoin ...)
+CVE-2018-13091
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13090 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13090
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13089 (The mintToken function of a smart contract implementation for Universal ...)
+CVE-2018-13089
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13088 (The mintToken function of a smart contract implementation for Futures ...)
+CVE-2018-13088
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13087 (The mintToken function of a smart contract implementation for Coinstar ...)
+CVE-2018-13087
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13086 (The mintToken function of a smart contract implementation for IADOWR ...)
+CVE-2018-13086
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13085 (The mintToken function of a smart contract implementation for FreeCoin ...)
+CVE-2018-13085
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13084 (The mintToken function of a smart contract implementation for Good Time ...)
+CVE-2018-13084
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13083 (The mintToken function of a smart contract implementation for Plaza ...)
+CVE-2018-13083
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13082 (The mintToken function of a smart contract implementation for MODI ...)
+CVE-2018-13082
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13081 (The mintToken function of a smart contract implementation for GZS Token ...)
+CVE-2018-13081
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13080 (The mintToken function of a smart contract implementation for Goutex ...)
+CVE-2018-13080
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13079 (The mintToken function of a smart contract implementation for GoodTo ...)
+CVE-2018-13079
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13078 (The mintToken function of a smart contract implementation for Jitech ...)
+CVE-2018-13078
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13077 (The mintToken function of a smart contract implementation for CTB, an ...)
+CVE-2018-13077
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13076 (The mintToken function of a smart contract implementation for Betcash ...)
+CVE-2018-13076
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13075 (The mintToken function of a smart contract implementation for Carbon ...)
+CVE-2018-13075
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13074 (The mintToken function of a smart contract implementation for FIBToken ...)
+CVE-2018-13074
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13073 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13073
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13072 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13072
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13071 (The mintToken function of a smart contract implementation for CCindex10 ...)
+CVE-2018-13071
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13070 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13070
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13069 (The mintToken function of a smart contract implementation for DYchain ...)
+CVE-2018-13069
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13068 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-13068
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13067 (/upload/catalog/controller/account/password.php in OpenCart through ...)
+CVE-2018-13067
 	NOT-FOR-US: OpenCart
-CVE-2018-13066 (There is a memory leak in util/parser.c in libming 0.4.8, which will ...)
+CVE-2018-13066
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/146
-CVE-2018-13065 (** DISPUTED ** ModSecurity 3.0.0 has XSS via an onerror attribute of ...)
+CVE-2018-13065
 	NOT-FOR-US: Bogus claim for ModSecurity, to be revoked
 CVE-2018-13064
 	RESERVED
@@ -20184,25 +20177,25 @@ CVE-2018-13058
 	RESERVED
 CVE-2018-13057
 	RESERVED
-CVE-2018-13056 (An issue was discovered on zzcms 8.3. There is a vulnerability at ...)
+CVE-2018-13056
 	NOT-FOR-US: zzcms
-CVE-2018-13055 (A cross-site scripting (XSS) vulnerability in the View Filters page ...)
+CVE-2018-13055
 	- mantis <removed>
 	NOTE: http://github.com/mantisbt/mantisbt/commit/4efac90ed89a5c009108b641e2e95683791a165a
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/602
 	NOTE: https://mantisbt.org/bugs/view.php?id=24580
-CVE-2018-13053 (The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the ...)
+CVE-2018-13053
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.135-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200303
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef
-CVE-2018-13052 (In CyberArk Endpoint Privilege Manager (formerly Viewfinity), ...)
+CVE-2018-13052
 	NOT-FOR-US: CyberArk Endpoint Privilege Manager
 CVE-2018-13051
 	RESERVED
-CVE-2018-13050 (A SQL Injection vulnerability exists in Zoho ManageEngine Applications ...)
+CVE-2018-13050
 	NOT-FOR-US: Zoho
 CVE-2018-13048
 	RESERVED
@@ -20210,50 +20203,50 @@ CVE-2018-13047
 	RESERVED
 CVE-2018-13046
 	RESERVED
-CVE-2018-13045 (SQL injection vulnerability in the &quot;Bazar&quot; page in Yeswiki ...)
+CVE-2018-13045
 	NOT-FOR-US: Yeswiki
-CVE-2018-13054 (An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The ...)
+CVE-2018-13054
 	{DLA-1420-1}
 	- cinnamon 3.8.8-1 (bug #903201)
 	[stretch] - cinnamon <no-dsa> (Minor issue)
 	NOTE: https://github.com/linuxmint/Cinnamon/pull/7683
 	NOTE: https://github.com/linuxmint/Cinnamon/commit/66e54f43f179fdf041a3e5232178a9910963cfb5 (3.8.7)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1083067
-CVE-2018-13049 (The constructSQL function in inc/search.class.php in GLPI 9.2.x through ...)
+CVE-2018-13049
 	- glpi <removed> (unimportant)
 	NOTE: https://github.com/glpi-project/glpi/issues/4270
 	NOTE: https://github.com/trasher/glpi/commit/5c58d4c57be7b1e0c1de925b97f22d4468291d41
 	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2018-13044
 	RESERVED
-CVE-2018-13042 (The 1Password application 6.8 for Android is affected by a Denial Of ...)
+CVE-2018-13042
 	NOT-FOR-US: 1Password
-CVE-2018-13041 (The mint function of a smart contract implementation for Link Platform ...)
+CVE-2018-13041
 	NOT-FOR-US: Link Platform
-CVE-2018-13040 (OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can ...)
+CVE-2018-13040
 	NOT-FOR-US: OpenSID
-CVE-2018-13039 (OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the ...)
+CVE-2018-13039
 	NOT-FOR-US: OpenSID
-CVE-2018-13038 (OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via ...)
+CVE-2018-13038
 	NOT-FOR-US: OpenSID
-CVE-2018-13037 (An issue was discovered in jpeg-compressor 0.1. The bmp_load function ...)
+CVE-2018-13037
 	NOT-FOR-US: jpeg-compressor
 CVE-2018-13036
 	RESERVED
 CVE-2018-13035
 	RESERVED
-CVE-2018-13034 (Directory traversal in Jester web framework 0.2.0 allows remote ...)
+CVE-2018-13034
 	NOT-FOR-US: Jester web framework
-CVE-2018-13033 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+CVE-2018-13033
 	- binutils 2.30.90.20180627-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23361
-CVE-2018-13032 (ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser ...)
+CVE-2018-13032
 	NOT-FOR-US: ECESSA ShieldLink
-CVE-2018-13031 (DamiCMS v6.0.0 allows CSRF via admin.php?s=/Admin/doadd to add an ...)
+CVE-2018-13031
 	NOT-FOR-US: DamiCMS
-CVE-2018-13030 (An issue was discovered in jpeg-compressor 0.1. The build_huffman ...)
+CVE-2018-13030
 	NOT-FOR-US: jpeg-compressor
 CVE-2018-13029
 	RESERVED
@@ -20261,17 +20254,17 @@ CVE-2018-13028
 	RESERVED
 CVE-2018-13027
 	RESERVED
-CVE-2018-13026 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based ...)
+CVE-2018-13026
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13025 (protected/apps/admin/controller/photoController.php in YXcms 1.4.7 ...)
+CVE-2018-13025
 	NOT-FOR-US: YXcms
-CVE-2018-13024 (Metinfo v6.0.0 allows remote attackers to write code into a .php file, ...)
+CVE-2018-13024
 	NOT-FOR-US: Metinfo
-CVE-2018-13023 (System command injection vulnerability in wifi_access in Xiaomi Mi ...)
+CVE-2018-13023
 	NOT-FOR-US: Xiaomi Mi Router
-CVE-2018-13022 (Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi ...)
+CVE-2018-13022
 	NOT-FOR-US: Xiaomi Mi Router
-CVE-2018-13021 (An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script ...)
+CVE-2018-13021
 	NOT-FOR-US: HongCMS
 CVE-2018-13020
 	RESERVED
@@ -20285,28 +20278,28 @@ CVE-2018-13016
 	RESERVED
 CVE-2018-13015
 	RESERVED
-CVE-2018-13014 (Storing password in recoverable format in safensec.com (SysWatch ...)
+CVE-2018-13014
 	NOT-FOR-US: SysWatch
-CVE-2018-13013 (Improper check of unusual conditions when launching msiexec.exe in ...)
+CVE-2018-13013
 	NOT-FOR-US: SysWatch
-CVE-2018-13012 (Download of code with improper integrity check in snsupd.exe and ...)
+CVE-2018-13012
 	NOT-FOR-US: SysWatch
-CVE-2018-13011 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based ...)
+CVE-2018-13011
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13010 (WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&amp;c=Users&amp;a=edit ...)
+CVE-2018-13010
 	NOT-FOR-US: WSTMall
-CVE-2018-13009 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based ...)
+CVE-2018-13009
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13008 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based ...)
+CVE-2018-13008
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13007 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based ...)
+CVE-2018-13007
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13006 (An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based ...)
+CVE-2018-13006
 	{DLA-1432-1}
 	- gpac <unfixed> (bug #902782)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/bceb03fd2be95097a7b409ea59914f332fb6bc86
-CVE-2018-13005 (An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read ...)
+CVE-2018-13005
 	{DLA-1432-1}
 	- gpac <unfixed> (bug #902782)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
@@ -20314,37 +20307,37 @@ CVE-2018-13005 (An issue was discovered in MP4Box in GPAC 0.7.1. The function ur
 	NOTE: https://github.com/gpac/gpac/commit/bceb03fd2be95097a7b409ea59914f332fb6bc86
 CVE-2018-13004
 	RESERVED
-CVE-2018-13003 (An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter ...)
+CVE-2018-13003
 	NOT-FOR-US: OpenTSDB
-CVE-2018-13002 (An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core ...)
+CVE-2018-13002
 	NOT-FOR-US: Weblication CMS
-CVE-2018-13001 (An XSS issue was discovered in Sandoba CP:Shop v2016.1. The ...)
+CVE-2018-13001
 	NOT-FOR-US: Sandoba CP:Shop
-CVE-2018-13000 (An XSS issue was discovered in Advanced Electron Forum (AEF) v1.0.9. A ...)
+CVE-2018-13000
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2018-12999 (Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine ...)
+CVE-2018-12999
 	NOT-FOR-US: Zoho
-CVE-2018-12998 (A reflected Cross-site scripting (XSS) vulnerability in Zoho ...)
+CVE-2018-12998
 	NOT-FOR-US: Zoho
-CVE-2018-12997 (Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine ...)
+CVE-2018-12997
 	NOT-FOR-US: Zoho
-CVE-2018-12996 (A reflected Cross-site scripting (XSS) vulnerability in Zoho ...)
+CVE-2018-12996
 	NOT-FOR-US: Zoho
-CVE-2018-12995 (onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers ...)
+CVE-2018-12995
 	NOT-FOR-US: OneFileCMS
-CVE-2018-12994 (onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers ...)
+CVE-2018-12994
 	NOT-FOR-US: OneFileCMS
-CVE-2018-12993 (onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers ...)
+CVE-2018-12993
 	NOT-FOR-US: OneFileCMS
-CVE-2018-12992 (An issue was discovered CMS MaeloStore V.1.5.0. There is stored XSS in ...)
+CVE-2018-12992
 	NOT-FOR-US: CMS MaeloStore
 CVE-2018-12991
 	RESERVED
-CVE-2018-12990 (phpwcms 1.8.9 allows remote attackers to discover the installation path ...)
+CVE-2018-12990
 	NOT-FOR-US: phpwcms
-CVE-2018-12989 (The report-viewing feature in Pearson VUE Certiport Console 8 and ...)
+CVE-2018-12989
 	NOT-FOR-US: Pearson VUE Certiport Console 8 and IQSystem 7
-CVE-2018-12988 (GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an ...)
+CVE-2018-12988
 	NOT-FOR-US: GreenCMS
 CVE-2018-12987
 	RESERVED
@@ -20352,42 +20345,42 @@ CVE-2018-12986
 	RESERVED
 CVE-2018-12985
 	RESERVED
-CVE-2018-12984 (Hycus CMS 1.0.4 allows Authentication Bypass via &quot;'=' 'OR'&quot; ...)
+CVE-2018-12984
 	NOT-FOR-US: Hycus CMS
-CVE-2018-12983 (A stack-based buffer over-read in the ...)
+CVE-2018-12983
 	- libpodofo <unfixed> (low; bug #916580)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1595693
 	NOTE: https://sourceforge.net/p/podofo/tickets/23
-CVE-2018-12982 (Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function ...)
+CVE-2018-12982
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916581)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1595689
 	NOTE: https://sourceforge.net/p/podofo/tickets/22
 	NOTE: https://sourceforge.net/p/podofo/code/1948
-CVE-2018-12981 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 ...)
+CVE-2018-12981
 	NOT-FOR-US: WAGO e!DISPLAY devices
-CVE-2018-12980 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 ...)
+CVE-2018-12980
 	NOT-FOR-US: WAGO e!DISPLAY devices
-CVE-2018-12979 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 ...)
+CVE-2018-12979
 	NOT-FOR-US: WAGO e!DISPLAY devices
 CVE-2018-12978
 	RESERVED
-CVE-2018-12977 (A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite ...)
+CVE-2018-12977
 	NOT-FOR-US: SoftExpert (SE) Excellence Suite
-CVE-2018-12976 (In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use ...)
+CVE-2018-12976
 	NOT-FOR-US: Go Doc Dot Org
-CVE-2018-12975 (The random() function of the smart contract implementation for ...)
+CVE-2018-12975
 	NOT-FOR-US: CryptoSaga
 CVE-2018-12974
 	RESERVED
-CVE-2018-12973 (An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter ...)
+CVE-2018-12973
 	NOT-FOR-US: OpenTSDB
-CVE-2018-12972 (An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q ...)
+CVE-2018-12972
 	NOT-FOR-US: OpenTSDB
-CVE-2018-12971 (EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to ...)
+CVE-2018-12971
 	NOT-FOR-US: EasyCMS
 CVE-2018-12970
 	RESERVED
@@ -20411,7 +20404,7 @@ CVE-2018-12961
 	RESERVED
 CVE-2018-12960
 	RESERVED
-CVE-2018-12959 (The approveAndCall function of a smart contract implementation for ...)
+CVE-2018-12959
 	NOT-FOR-US: smart contract implementation for Aditus (ADI)
 CVE-2018-12958
 	RESERVED
@@ -20441,17 +20434,17 @@ CVE-2018-12946
 	RESERVED
 CVE-2018-12945
 	RESERVED
-CVE-2018-12944 (Persistent Cross-Site Scripting (XSS) vulnerability in the ...)
+CVE-2018-12944
 	NOT-FOR-US: SeedDMS
-CVE-2018-12943 (Cross-Site Scripting (XSS) vulnerability in every page that includes ...)
+CVE-2018-12943
 	NOT-FOR-US: SeedDMS
-CVE-2018-12942 (SQL injection vulnerability in the &quot;Users management&quot; functionality in ...)
+CVE-2018-12942
 	NOT-FOR-US: SeedDMS
-CVE-2018-12941 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-12941
 	NOT-FOR-US: SeedDMS
-CVE-2018-12940 (Unrestricted file upload vulnerability in &quot;op/op.UploadChunks.php&quot; in ...)
+CVE-2018-12940
 	NOT-FOR-US: SeedDMS
-CVE-2018-12939 (A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) ...)
+CVE-2018-12939
 	NOT-FOR-US: SeedDMS
 CVE-2018-12937
 	RESERVED
@@ -20461,14 +20454,14 @@ CVE-2018-12936
 	RESERVED
 CVE-2018-12935
 	RESERVED
-CVE-2018-12934 (remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU ...)
+CVE-2018-12934
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84950
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23059
-CVE-2018-12933 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to ...)
+CVE-2018-12933
 	- wine 4.0~rc1-1 (low)
 	[stretch] - wine <no-dsa> (Minor issue)
 	[jessie] - wine <postponed> (Minor issue)
@@ -20479,7 +20472,7 @@ CVE-2018-12933 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attack
 	NOTE: https://bugs.winehq.org/attachment.cgi?id=61285
 	NOTE: https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d
 	NOTE: https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949
-CVE-2018-12932 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to ...)
+CVE-2018-12932
 	- wine 4.0~rc1-1 (low)
 	[stretch] - wine <no-dsa> (Minor issue)
 	[jessie] - wine <postponed> (Minor issue)
@@ -20490,81 +20483,81 @@ CVE-2018-12932 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attack
 	NOTE: https://bugs.winehq.org/attachment.cgi?id=61284
 	NOTE: https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d
 	NOTE: https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949
-CVE-2018-12931 (ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel ...)
+CVE-2018-12931
 	- linux <unfixed>
-CVE-2018-12930 (ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the ...)
+CVE-2018-12930
 	- linux <unfixed>
-CVE-2018-12929 (ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux ...)
+CVE-2018-12929
 	- linux <unfixed>
-CVE-2018-12928 (In the Linux kernel 4.15.0, a NULL pointer dereference was discovered ...)
+CVE-2018-12928
 	- linux <unfixed> (low)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384
 	NOTE: https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2
-CVE-2018-12927 (Northern Electric &amp; Power (NEP) inverter devices allow remote attackers ...)
+CVE-2018-12927
 	NOT-FOR-US: Northern Electric
-CVE-2018-12926 (Pharos Controls devices allow remote attackers to obtain potentially ...)
+CVE-2018-12926
 	NOT-FOR-US: Pharos Controls
-CVE-2018-12925 (Baseon Lantronix MSS devices do not require a password for TELNET ...)
+CVE-2018-12925
 	NOT-FOR-US: Baseon Lantronix
-CVE-2018-12924 (Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have ...)
+CVE-2018-12924
 	NOT-FOR-US: Sollae
-CVE-2018-12923 (BWS Systems HA-Bridge devices allow remote attackers to obtain ...)
+CVE-2018-12923
 	NOT-FOR-US: BWS Systems
-CVE-2018-12922 (Emerson Liebert IntelliSlot Web Card devices allow remote attackers to ...)
+CVE-2018-12922
 	NOT-FOR-US: Emerson Liebert
-CVE-2018-12921 (Electro Industries GaugeTech Nexus devices allow remote attackers to ...)
+CVE-2018-12921
 	NOT-FOR-US: Electro Industries GaugeTech
-CVE-2018-12920 (Brickstream 2300 devices allow remote attackers to obtain potentially ...)
+CVE-2018-12920
 	NOT-FOR-US: Brickstream
-CVE-2018-12919 (In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows ...)
+CVE-2018-12919
 	NOT-FOR-US: CraftedWeb
-CVE-2018-12918 (In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in ...)
+CVE-2018-12918
 	NOT-FOR-US: PBC
-CVE-2018-12917 (In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer ...)
+CVE-2018-12917
 	NOT-FOR-US: PBC
-CVE-2018-12916 (In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in ...)
+CVE-2018-12916
 	NOT-FOR-US: PBC
-CVE-2018-12915 (In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in ...)
+CVE-2018-12915
 	NOT-FOR-US: PBC
-CVE-2018-12914 (A remote code execution issue was discovered in PublicCMS ...)
+CVE-2018-12914
 	NOT-FOR-US: PublicCMS
-CVE-2018-12913 (In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop ...)
+CVE-2018-12913
 	NOT-FOR-US: Miniz
-CVE-2018-12912 (An issue wan discovered in admin\controllers\database.php in HongCMS ...)
+CVE-2018-12912
 	NOT-FOR-US: HongCMS
-CVE-2018-12911 (WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant ...)
+CVE-2018-12911
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: https://trac.webkit.org/changeset/233404/webkit
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
-CVE-2018-12910 (The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows ...)
+CVE-2018-12910
 	{DSA-4241-1 DLA-1416-1}
 	- libsoup2.4 2.62.2-2
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/commit/db2b0d5809d5f8226d47312b40992cadbcde439f
-CVE-2018-12909 (** DISPUTED ** Webgrind 1.5 relies on user input to display a file, ...)
+CVE-2018-12909
 	NOT-FOR-US: Webgrind
-CVE-2018-12908 (Brynamics &quot;Online Trade - Online trading and cryptocurrency investment ...)
+CVE-2018-12908
 	NOT-FOR-US: Brynamics
-CVE-2018-12907 (In Rclone 1.42, use of &quot;rclone sync&quot; to migrate data between two ...)
+CVE-2018-12907
 	NOT-FOR-US: Rclone
 CVE-2018-12906
 	RESERVED
-CVE-2018-12905 (joyplus-cms 1.6.0 has XSS in admin_player.php, related to ...)
+CVE-2018-12905
 	NOT-FOR-US: joyplus-cms
-CVE-2018-12904 (In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested ...)
+CVE-2018-12904
 	- linux 4.16.16-1
 	[stretch] - linux <not-affected> (Vulnerability introduced later)
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1589
 	NOTE: https://git.kernel.org/linus/727ba748e110b4de50d142edca9d6a9b7e6111d8
-CVE-2018-12903 (In CyberArk Endpoint Privilege Manager (formerly Viewfinity) ...)
+CVE-2018-12903
 	NOT-FOR-US: CyberArk Endpoint Privilege Manager
-CVE-2018-12902 (In Easy Magazine through 2012-10-26, there is XSS in the search bar of ...)
+CVE-2018-12902
 	NOT-FOR-US: Easy Magazine
-CVE-2018-12901 (A vulnerability in the conferencing component of Mitel ST 14.2, ...)
+CVE-2018-12901
 	NOT-FOR-US: Mitel
-CVE-2018-12900 (Heap-based buffer overflow in the cpSeparateBufToContigBuf function in ...)
+CVE-2018-12900
 	- tiff 4.0.10-4 (bug #902718)
 	[stretch] - tiff <postponed> (Minor issue, can be fixed along in future DSA)
 	[jessie] - tiff <postponed> (Minor issue, can be fixed along in future DLA)
@@ -20574,38 +20567,38 @@ CVE-2018-12899
 	RESERVED
 CVE-2018-12898
 	RESERVED
-CVE-2018-12897 (SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer ...)
+CVE-2018-12897
 	NOT-FOR-US: SolarWinds DameWare Mini Remote Control
-CVE-2018-12896 (An issue was discovered in the Linux kernel through 4.17.3. An Integer ...)
+CVE-2018-12896
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200189
 	NOTE: https://github.com/lcytxw/bug_repro/tree/master/bug_200189
 	NOTE: https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76
-CVE-2018-12895 (WordPress through 4.9.6 allows Author users to execute arbitrary code ...)
+CVE-2018-12895
 	{DSA-4250-1 DLA-1452-1}
 	- wordpress 4.9.7+dfsg1-1 (bug #902876)
 	NOTE: https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
 	NOTE: https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
 CVE-2018-12894
 	RESERVED
-CVE-2018-12893 (An issue was discovered in Xen through 4.10.x. One of the fixes in ...)
+CVE-2018-12893
 	{DSA-4236-1 DLA-1577-1}
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
 	NOTE: https://xenbits.xen.org/xsa/advisory-265.html
-CVE-2018-12892 (An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass ...)
+CVE-2018-12892
 	{DSA-4236-1}
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
 	[jessie] - xen <not-affected> (Issue introduced in 4.7)
 	NOTE: https://xenbits.xen.org/xsa/advisory-266.html
-CVE-2018-12891 (An issue was discovered in Xen through 4.10.x. Certain PV MMU ...)
+CVE-2018-12891
 	{DSA-4236-1 DLA-1577-1}
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
 	NOTE: https://xenbits.xen.org/xsa/advisory-264.html
 CVE-2018-12890
 	RESERVED
-CVE-2018-12889 (An issue was discovered in CCN-lite 2.0.1. There is a heap-based buffer ...)
+CVE-2018-12889
 	NOT-FOR-US: CCN-lite
 CVE-2018-12888
 	RESERVED
@@ -20613,303 +20606,303 @@ CVE-2018-12887
 	RESERVED
 CVE-2018-12886
 	RESERVED
-CVE-2018-12885 (The randMod() function of the smart contract implementation for ...)
+CVE-2018-12885
 	NOT-FOR-US: MyCryptoChamp
-CVE-2018-12884 (In Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user ...)
+CVE-2018-12884
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-1000205 (U-Boot contains a CWE-20: Improper Input Validation vulnerability in ...)
+CVE-2018-1000205
 	- u-boot <unfixed> (unimportant)
 	NOTE: No security impact as supported/packaged in Debian
-CVE-2018-13043 (scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code ...)
+CVE-2018-13043
 	- devscripts 2.18.4 (low; bug #902409)
 	[stretch] - devscripts <not-affected> (Vulnerable code introduced in 2.17.7)
 	[jessie] - devscripts <not-affected> (Vulnerable code introduced in 2.17.7)
-CVE-2018-1000610 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000610
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000609 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000609
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000608 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000608
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000607 (A arbitrary file write vulnerability exists in Jenkins Fortify ...)
+CVE-2018-1000607
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000606 (A server-side request forgery vulnerability exists in Jenkins ...)
+CVE-2018-1000606
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000605 (A man in the middle vulnerability exists in Jenkins CollabNet Plugin ...)
+CVE-2018-1000605
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000604 (A persisted cross-site scripting vulnerability exists in Jenkins Badge ...)
+CVE-2018-1000604
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000603 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000603
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000602 (A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 ...)
+CVE-2018-1000602
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000601 (A arbitrary file read vulnerability exists in Jenkins SSH Credentials ...)
+CVE-2018-1000601
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000600 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000600
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-12883
 	RESERVED
-CVE-2018-12882 (exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 ...)
+CVE-2018-12882
 	- php7.2 7.2.8-1
 	- php7.1 <not-affected> (Specific to 7.2.x)
 	- php7.0 <not-affected> (Specific to 7.2.x)
 	- php5 <not-affected> (Specific to 7.2.x)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76409
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=3fdde65617e9f954e2c964768aac8831005497e5
-CVE-2018-12881 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12881
 	NOT-FOR-US: Adobe
-CVE-2018-12880 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12880
 	NOT-FOR-US: Adobe
-CVE-2018-12879 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12879
 	NOT-FOR-US: Adobe
-CVE-2018-12878 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12878
 	NOT-FOR-US: Adobe
-CVE-2018-12877 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12877
 	NOT-FOR-US: Adobe
-CVE-2018-12876 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12876
 	NOT-FOR-US: Adobe
-CVE-2018-12875 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12875
 	NOT-FOR-US: Adobe
-CVE-2018-12874 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12874
 	NOT-FOR-US: Adobe
-CVE-2018-12873 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12873
 	NOT-FOR-US: Adobe
-CVE-2018-12872 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12872
 	NOT-FOR-US: Adobe
-CVE-2018-12871 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12871
 	NOT-FOR-US: Adobe
-CVE-2018-12870 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12870
 	NOT-FOR-US: Adobe
-CVE-2018-12869 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12869
 	NOT-FOR-US: Adobe
-CVE-2018-12868 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12868
 	NOT-FOR-US: Adobe
-CVE-2018-12867 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12867
 	NOT-FOR-US: Adobe
-CVE-2018-12866 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12866
 	NOT-FOR-US: Adobe
-CVE-2018-12865 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12865
 	NOT-FOR-US: Adobe
-CVE-2018-12864 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12864
 	NOT-FOR-US: Adobe
-CVE-2018-12863 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12863
 	NOT-FOR-US: Adobe
-CVE-2018-12862 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12862
 	NOT-FOR-US: Adobe
-CVE-2018-12861 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12861
 	NOT-FOR-US: Adobe
-CVE-2018-12860 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12860
 	NOT-FOR-US: Adobe
-CVE-2018-12859 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12859
 	NOT-FOR-US: Adobe
-CVE-2018-12858 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12858
 	NOT-FOR-US: Adobe
-CVE-2018-12857 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12857
 	NOT-FOR-US: Adobe
-CVE-2018-12856 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12856
 	NOT-FOR-US: Adobe
-CVE-2018-12855 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12855
 	NOT-FOR-US: Adobe
 CVE-2018-12854
 	REJECTED
-CVE-2018-12853 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12853
 	NOT-FOR-US: Adobe
-CVE-2018-12852 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12852
 	NOT-FOR-US: Adobe
-CVE-2018-12851 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12851
 	NOT-FOR-US: Adobe
-CVE-2018-12850 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-12850
 	NOT-FOR-US: Adobe
-CVE-2018-12849 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-12849
 	NOT-FOR-US: Adobe
-CVE-2018-12848 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-12848
 	NOT-FOR-US: Adobe
-CVE-2018-12847 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12847
 	NOT-FOR-US: Adobe
-CVE-2018-12846 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12846
 	NOT-FOR-US: Adobe
-CVE-2018-12845 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12845
 	NOT-FOR-US: Adobe
-CVE-2018-12844 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12844
 	NOT-FOR-US: Adobe
-CVE-2018-12843 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12843
 	NOT-FOR-US: Adobe
-CVE-2018-12842 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12842
 	NOT-FOR-US: Adobe
-CVE-2018-12841 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12841
 	NOT-FOR-US: Adobe
-CVE-2018-12840 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-12840
 	NOT-FOR-US: Adobe
-CVE-2018-12839 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12839
 	NOT-FOR-US: Adobe
-CVE-2018-12838 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12838
 	NOT-FOR-US: Adobe
-CVE-2018-12837 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12837
 	NOT-FOR-US: Adobe
-CVE-2018-12836 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12836
 	NOT-FOR-US: Adobe
-CVE-2018-12835 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12835
 	NOT-FOR-US: Adobe
-CVE-2018-12834 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12834
 	NOT-FOR-US: Adobe
-CVE-2018-12833 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12833
 	NOT-FOR-US: Adobe
-CVE-2018-12832 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12832
 	NOT-FOR-US: Adobe
-CVE-2018-12831 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12831
 	NOT-FOR-US: Adobe
-CVE-2018-12830 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, ...)
+CVE-2018-12830
 	NOT-FOR-US: Adobe
-CVE-2018-12829 (Adobe Creative Cloud Desktop Application before 4.6.1 has an improper ...)
+CVE-2018-12829
 	NOT-FOR-US: Adobe
-CVE-2018-12828 (Adobe Flash Player 30.0.0.134 and earlier have a &quot;use of a component ...)
+CVE-2018-12828
 	NOT-FOR-US: Adobe
-CVE-2018-12827 (Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read ...)
+CVE-2018-12827
 	NOT-FOR-US: Adobe
-CVE-2018-12826 (Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read ...)
+CVE-2018-12826
 	NOT-FOR-US: Adobe
-CVE-2018-12825 (Adobe Flash Player 30.0.0.134 and earlier have a security bypass ...)
+CVE-2018-12825
 	NOT-FOR-US: Adobe
-CVE-2018-12824 (Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read ...)
+CVE-2018-12824
 	NOT-FOR-US: Adobe
-CVE-2018-12823 (Adobe Digital Editions versions 4.5.8 and below have a heap overflow ...)
+CVE-2018-12823
 	NOT-FOR-US: Adobe
-CVE-2018-12822 (Adobe Digital Editions versions 4.5.8 and below have an use after free ...)
+CVE-2018-12822
 	NOT-FOR-US: Adobe
-CVE-2018-12821 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds ...)
+CVE-2018-12821
 	NOT-FOR-US: Adobe
-CVE-2018-12820 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds ...)
+CVE-2018-12820
 	NOT-FOR-US: Adobe
-CVE-2018-12819 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds ...)
+CVE-2018-12819
 	NOT-FOR-US: Adobe
-CVE-2018-12818 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds ...)
+CVE-2018-12818
 	NOT-FOR-US: Adobe
-CVE-2018-12817 (Adobe Digital Editions versions 4.5.9 and below have an out of bounds ...)
+CVE-2018-12817
 	NOT-FOR-US: Adobe
-CVE-2018-12816 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds ...)
+CVE-2018-12816
 	NOT-FOR-US: Adobe
-CVE-2018-12815 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12815
 	NOT-FOR-US: Adobe
-CVE-2018-12814 (Adobe Digital Editions versions 4.5.8 and below have a heap overflow ...)
+CVE-2018-12814
 	NOT-FOR-US: Adobe
-CVE-2018-12813 (Adobe Digital Editions versions 4.5.8 and below have a heap overflow ...)
+CVE-2018-12813
 	NOT-FOR-US: Adobe
-CVE-2018-12812 (Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and ...)
+CVE-2018-12812
 	NOT-FOR-US: Adobe
-CVE-2018-12811 (Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before ...)
+CVE-2018-12811
 	NOT-FOR-US: Adobe
-CVE-2018-12810 (Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before ...)
+CVE-2018-12810
 	NOT-FOR-US: Adobe
-CVE-2018-12809 (Adobe Experience Manager versions 6.4 and earlier have a Server-Side ...)
+CVE-2018-12809
 	NOT-FOR-US: Adobe
-CVE-2018-12808 (Adobe Acrobat and Reader versions 2018.011.20055 and earlier, ...)
+CVE-2018-12808
 	NOT-FOR-US: Adobe
-CVE-2018-12807 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an ...)
+CVE-2018-12807
 	NOT-FOR-US: Adobe
-CVE-2018-12806 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-12806
 	NOT-FOR-US: Adobe
-CVE-2018-12805 (Adobe Connect versions 9.7.5 and earlier have an Insecure Library ...)
+CVE-2018-12805
 	NOT-FOR-US: Adobe
-CVE-2018-12804 (Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass ...)
+CVE-2018-12804
 	NOT-FOR-US: Adobe
-CVE-2018-12803 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12803
 	NOT-FOR-US: Adobe
-CVE-2018-12802 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12802
 	NOT-FOR-US: Adobe
-CVE-2018-12801 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-12801
 	NOT-FOR-US: Adobe
 CVE-2018-12800
 	REJECTED
-CVE-2018-12799 (Adobe Acrobat and Reader versions 2018.011.20055 and earlier, ...)
+CVE-2018-12799
 	NOT-FOR-US: Adobe
-CVE-2018-12798 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12798
 	NOT-FOR-US: Adobe
-CVE-2018-12797 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12797
 	NOT-FOR-US: Adobe
-CVE-2018-12796 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12796
 	NOT-FOR-US: Adobe
-CVE-2018-12795 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12795
 	NOT-FOR-US: Adobe
-CVE-2018-12794 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12794
 	NOT-FOR-US: Adobe
-CVE-2018-12793 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12793
 	NOT-FOR-US: Adobe
-CVE-2018-12792 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12792
 	NOT-FOR-US: Adobe
-CVE-2018-12791 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12791
 	NOT-FOR-US: Adobe
-CVE-2018-12790 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12790
 	NOT-FOR-US: Adobe
-CVE-2018-12789 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12789
 	NOT-FOR-US: Adobe
-CVE-2018-12788 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12788
 	NOT-FOR-US: Adobe
-CVE-2018-12787 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12787
 	NOT-FOR-US: Adobe
-CVE-2018-12786 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12786
 	NOT-FOR-US: Adobe
-CVE-2018-12785 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12785
 	NOT-FOR-US: Adobe
-CVE-2018-12784 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12784
 	NOT-FOR-US: Adobe
-CVE-2018-12783 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12783
 	NOT-FOR-US: Adobe
-CVE-2018-12782 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12782
 	NOT-FOR-US: Adobe
-CVE-2018-12781 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12781
 	NOT-FOR-US: Adobe
-CVE-2018-12780 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12780
 	NOT-FOR-US: Adobe
-CVE-2018-12779 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12779
 	NOT-FOR-US: Adobe
-CVE-2018-12778 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-12778
 	NOT-FOR-US: Adobe
-CVE-2018-12777 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12777
 	NOT-FOR-US: Adobe
-CVE-2018-12776 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12776
 	NOT-FOR-US: Adobe
-CVE-2018-12775 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, ...)
+CVE-2018-12775
 	NOT-FOR-US: Adobe
-CVE-2018-12774 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12774
 	NOT-FOR-US: Adobe
-CVE-2018-12773 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12773
 	NOT-FOR-US: Adobe
-CVE-2018-12772 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12772
 	NOT-FOR-US: Adobe
-CVE-2018-12771 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12771
 	NOT-FOR-US: Adobe
-CVE-2018-12770 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12770
 	NOT-FOR-US: Adobe
-CVE-2018-12769 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12769
 	NOT-FOR-US: Adobe
-CVE-2018-12768 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12768
 	NOT-FOR-US: Adobe
-CVE-2018-12767 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12767
 	NOT-FOR-US: Adobe
-CVE-2018-12766 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12766
 	NOT-FOR-US: Adobe
-CVE-2018-12765 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12765
 	NOT-FOR-US: Adobe
-CVE-2018-12764 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12764
 	NOT-FOR-US: Adobe
-CVE-2018-12763 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12763
 	NOT-FOR-US: Adobe
-CVE-2018-12762 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12762
 	NOT-FOR-US: Adobe
-CVE-2018-12761 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12761
 	NOT-FOR-US: Adobe
-CVE-2018-12760 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12760
 	NOT-FOR-US: Adobe
-CVE-2018-12759 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
+CVE-2018-12759
 	NOT-FOR-US: Adobe
-CVE-2018-12758 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12758
 	NOT-FOR-US: Adobe
-CVE-2018-12757 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12757
 	NOT-FOR-US: Adobe
-CVE-2018-12756 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12756
 	NOT-FOR-US: Adobe
-CVE-2018-12755 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12755
 	NOT-FOR-US: Adobe
-CVE-2018-12754 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-12754
 	NOT-FOR-US: Adobe
 CVE-2018-12753
 	RESERVED
@@ -20939,7 +20932,7 @@ CVE-2018-12741
 	RESERVED
 CVE-2018-12740
 	RESERVED
-CVE-2018-12739 (In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a ...)
+CVE-2018-12739
 	NOT-FOR-US: BEESCMS
 CVE-2018-12738
 	RESERVED
@@ -20947,7 +20940,7 @@ CVE-2018-12737
 	RESERVED
 CVE-2018-12736
 	RESERVED
-CVE-2018-12735 (SAJ Solar Inverter allows remote attackers to obtain potentially ...)
+CVE-2018-12735
 	NOT-FOR-US: SAJ Solar Inverter
 CVE-2018-12734
 	RESERVED
@@ -20985,23 +20978,23 @@ CVE-2018-12718
 	RESERVED
 CVE-2018-12717
 	RESERVED
-CVE-2018-12716 (The API service on Google Home and Chromecast devices before mid-July ...)
+CVE-2018-12716
 	NOT-FOR-US: Google services
 CVE-2018-12715
 	RESERVED
-CVE-2018-12714 (An issue was discovered in the Linux kernel through 4.17.2. The filter ...)
+CVE-2018-12714
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/70303420b5721c38998cf987e6b7d30cc62d4ff1
-CVE-2018-12713 (GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary ...)
+CVE-2018-12713
 	- gimp <unfixed> (unimportant)
 	NOTE: https://github.com/GNOME/gimp/commit/c21eff4b031acb04fb4dfce8bd5fdfecc2b6524f
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/issues/1689
 	NOTE: No security impact
-CVE-2018-12712 (An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. ...)
+CVE-2018-12712
 	NOT-FOR-US: Joomla!
-CVE-2018-12711 (An XSS issue was discovered in the language switcher module in Joomla! ...)
+CVE-2018-12711
 	NOT-FOR-US: Joomla!
-CVE-2018-12710 (An issue was discovered on D-Link DIR-601 2.02NA devices. Being local ...)
+CVE-2018-12710
 	NOT-FOR-US: D-Link DIR-601 2.02NA devices
 CVE-2018-12709
 	RESERVED
@@ -21009,74 +21002,74 @@ CVE-2018-12708
 	RESERVED
 CVE-2018-12707
 	RESERVED
-CVE-2018-12706 (DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long ...)
+CVE-2018-12706
 	NOT-FOR-US: DIGISOL
-CVE-2018-12705 (DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only ...)
+CVE-2018-12705
 	NOT-FOR-US: DIGISOL
 CVE-2018-12704
 	RESERVED
-CVE-2018-12703 (The approveAndCallcode function of a smart contract implementation for ...)
+CVE-2018-12703
 	NOT-FOR-US: Block 18
-CVE-2018-12702 (The approveAndCallcode function of a smart contract implementation for ...)
+CVE-2018-12702
 	NOT-FOR-US: Globalvillage ecosystem
 CVE-2018-12701
 	RESERVED
-CVE-2018-12700 (A Stack Exhaustion issue was discovered in debug_write_type in debug.c ...)
+CVE-2018-12700
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12699 (finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a ...)
+CVE-2018-12699
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12698 (demangle_template in cplus-dem.c in GNU libiberty, as distributed in ...)
+CVE-2018-12698
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12697 (A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) ...)
+CVE-2018-12697
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12696 (mao10cms 6 allows XSS via the article page. ...)
+CVE-2018-12696
 	NOT-FOR-US: mao10cms
-CVE-2018-12695 (mao10cms 6 allows XSS via the m=bbs&amp;a=index page. ...)
+CVE-2018-12695
 	NOT-FOR-US: mao10cms
-CVE-2018-12694 (TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows ...)
+CVE-2018-12694
 	NOT-FOR-US: TP-Link
-CVE-2018-12693 (Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender ...)
+CVE-2018-12693
 	NOT-FOR-US: TP-Link
-CVE-2018-12692 (TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows ...)
+CVE-2018-12692
 	NOT-FOR-US: TP-Link
-CVE-2018-12691 (Time-of-check to time-of-use (TOCTOU) race condition in ...)
+CVE-2018-12691
 	NOT-FOR-US: ONOS
 CVE-2018-12690
 	RESERVED
-CVE-2018-12689 (phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id ...)
+CVE-2018-12689
 	- phpldapadmin <unfixed> (unimportant; bug #902186)
 	NOTE: https://www.exploit-db.com/exploits/44926/
 	NOTE: Non-security issue as demostrated in https://bugs.debian.org/902186
 	NOTE: and disputed as security issue. Should be properly rejected by MITRE.
-CVE-2018-12688 (tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. ...)
+CVE-2018-12688
 	NOT-FOR-US: tinyexr
-CVE-2018-12687 (tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. ...)
+CVE-2018-12687
 	NOT-FOR-US: tinyexr
 CVE-2018-12686
 	RESERVED
 CVE-2018-12685
 	RESERVED
-CVE-2018-12684 (Out-of-bounds Read in the send_ssi_file function in civetweb.c in ...)
+CVE-2018-12684
 	NOT-FOR-US: CivetWeb
 CVE-2018-12683
 	RESERVED
@@ -21088,31 +21081,31 @@ CVE-2018-12680
 	RESERVED
 CVE-2018-12679
 	RESERVED
-CVE-2018-12678 (Portainer before 1.18.0 supports unauthenticated requests to the ...)
+CVE-2018-12678
 	NOT-FOR-US: Portainer
 CVE-2018-12677
 	RESERVED
 CVE-2018-12676
 	RESERVED
-CVE-2018-12675 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and ...)
+CVE-2018-12675
 	NOT-FOR-US: SV3C
-CVE-2018-12674 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and ...)
+CVE-2018-12674
 	NOT-FOR-US: SV3C
-CVE-2018-12673 (An attacker with remote access to the SV3C HD Camera (L-SERIES ...)
+CVE-2018-12673
 	NOT-FOR-US: SV3C
-CVE-2018-12672 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not ...)
+CVE-2018-12672
 	NOT-FOR-US: SV3C
-CVE-2018-12671 (An attacker with remote access to the SV3C HD Camera (L-SERIES ...)
+CVE-2018-12671
 	NOT-FOR-US: SV3C
-CVE-2018-12670 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and ...)
+CVE-2018-12670
 	NOT-FOR-US: SV3C
-CVE-2018-12669 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and ...)
+CVE-2018-12669
 	NOT-FOR-US: SV3C
-CVE-2018-12668 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and ...)
+CVE-2018-12668
 	NOT-FOR-US: SV3C
-CVE-2018-12667 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and ...)
+CVE-2018-12667
 	NOT-FOR-US: SV3C
-CVE-2018-12666 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices ...)
+CVE-2018-12666
 	NOT-FOR-US: SV3C
 CVE-2018-12665
 	RESERVED
@@ -21126,29 +21119,29 @@ CVE-2018-12661
 	RESERVED
 CVE-2018-12660
 	RESERVED
-CVE-2018-12659 (SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF ...)
+CVE-2018-12659
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12658 (Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in ...)
+CVE-2018-12658
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12657 (Reflected Cross-Site Scripting (XSS) exists in the Master File module ...)
+CVE-2018-12657
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12656 (Reflected Cross-Site Scripting (XSS) exists in the Membership module in ...)
+CVE-2018-12656
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12655 (Reflected Cross-Site Scripting (XSS) exists in the Circulation module ...)
+CVE-2018-12655
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12654 (Reflected Cross-Site Scripting (XSS) exists in the Bibliography module ...)
+CVE-2018-12654
 	NOT-FOR-US: SLiMS 8 Akasia
 CVE-2018-12653
 	RESERVED
 CVE-2018-12652
 	RESERVED
-CVE-2018-12651 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
+CVE-2018-12651
 	NOT-FOR-US: Adrenalin HRMS
-CVE-2018-12650 (Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting ...)
+CVE-2018-12650
 	NOT-FOR-US: Adrenalin HRMS
-CVE-2018-12649 (An issue was discovered in app/Controller/UsersController.php in MISP ...)
+CVE-2018-12649
 	NOT-FOR-US: MISP
-CVE-2018-12648 (The WEBP::GetLE32 function in ...)
+CVE-2018-12648
 	[experimental] - exempi 2.5.0-1
 	- exempi 2.5.0-2 (low; bug #902175)
 	[stretch] - exempi <no-dsa> (Minor issue)
@@ -21166,9 +21159,9 @@ CVE-2018-12644
 	RESERVED
 CVE-2018-12643
 	RESERVED
-CVE-2018-12642 (Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not ...)
+CVE-2018-12642
 	NOT-FOR-US: Floxlor
-CVE-2018-12641 (An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as ...)
+CVE-2018-12641
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -21176,47 +21169,47 @@ CVE-2018-12641 (An issue was discovered in arm_pt in cplus-dem.c in GNU libibert
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85452
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23058
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12640 (The webService binary on Insteon HD IP Camera White 2864-222 devices ...)
+CVE-2018-12640
 	NOT-FOR-US: Insteon
 CVE-2018-12639
 	RESERVED
 CVE-2018-12638
-	RESERVED
-CVE-2018-1000559 (qutebrowser version introduced in v0.11.0 ...)
+	TODO: check
+CVE-2018-1000559
 	- qutebrowser 1.3.3-1
 	NOTE: https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7
 	NOTE: https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f
 	NOTE: https://github.com/qutebrowser/qutebrowser/issues/4011
-CVE-2018-1000558 (OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and ...)
+CVE-2018-1000558
 	- ocsinventory-server 2.4.1+dfsg-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-1000557 (OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross ...)
+CVE-2018-1000557
 	- ocsinventory-server 2.4.1+dfsg-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-1000556 (WordPress version 4.8 + contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000556
 	NOT-FOR-US: WP Statistics plugin
 	NOTE: The CVE description is misleading, this is about a plugin, not Wordpress itself
 CVE-2018-1000555
 	REJECTED
-CVE-2018-1000554 (Trovebox version &lt;= 4.0.0-rc6 contains a Unsafe password reset token ...)
+CVE-2018-1000554
 	NOT-FOR-US: Trovebox
-CVE-2018-1000553 (Trovebox version &lt;= 4.0.0-rc6 contains a Server-Side request forgery ...)
+CVE-2018-1000553
 	NOT-FOR-US: Trovebox
-CVE-2018-1000552 (Trovebox version &lt;= 4.0.0-rc6 contains a SQL Injection vulnerability ...)
+CVE-2018-1000552
 	NOT-FOR-US: Trovebox
-CVE-2018-1000551 (Trovebox version &lt;= 4.0.0-rc6 contains a PHP Type juggling ...)
+CVE-2018-1000551
 	NOT-FOR-US: Trovebox
-CVE-2018-1000550 (The Sympa Community Sympa version prior to version 6.2.32 contains a ...)
+CVE-2018-1000550
 	{DSA-4285-1 DLA-1441-1}
 	- sympa 6.2.32~dfsg-1
 	NOTE: https://sympa-community.github.io/security/2018-001.html
-CVE-2018-1000549 (Wekan version 1.04.0 contains a Email / Username Enumeration ...)
+CVE-2018-1000549
 	NOT-FOR-US: Wekan
-CVE-2018-1000548 (Umlet version &lt; 14.3 contains a XML External Entity (XXE) ...)
+CVE-2018-1000548
 	NOT-FOR-US: Umlet
-CVE-2018-1000547 (coreBOS version 7.0 and earlier contains a Incorrect Access Control ...)
+CVE-2018-1000547
 	NOT-FOR-US: CoreBOS
-CVE-2018-1000546 (Triplea version &lt;= 1.9.0.0.10291 contains a XML External Entity (XXE) ...)
+CVE-2018-1000546
 	- triplea <unfixed> (low; bug #902719)
 	[stretch] - triplea <no-dsa> (Minor issue)
 	[jessie] - triplea <no-dsa> (Minor issue)
@@ -21225,7 +21218,7 @@ CVE-2018-1000546 (Triplea version &lt;= 1.9.0.0.10291 contains a XML External En
 	NOTE: https://github.com/triplea-game/triplea/pull/4516
 CVE-2018-1000545
 	REJECTED
-CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory ...)
+CVE-2018-1000544
 	{DLA-1467-1}
 	- ruby-zip 1.2.2-1 (bug #902720)
 	NOTE: https://github.com/rubyzip/rubyzip/issues/369
@@ -21234,135 +21227,135 @@ CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a Direc
 	NOTE: https://github.com/rubyzip/rubyzip/commit/8e78311d670ba70476fb46062c988849a82d1e02
 	NOTE: And further followup fixes:
 	NOTE: https://github.com/rubyzip/rubyzip/pull/376
-CVE-2018-1000543 (Akiee version 0.0.3 contains a XSS leading to code execution due to ...)
+CVE-2018-1000543
 	NOT-FOR-US: Akiee
-CVE-2018-1000542 (netbeans-mmd-plugin version &lt;= 1.4.3 contains a XML External Entity ...)
+CVE-2018-1000542
 	NOT-FOR-US: netbeans-mmd-plugin
 CVE-2018-1000541
 	REJECTED
-CVE-2018-1000540 (LoboEvolution version &lt; 9b75694cedfa4825d4a2330abf2719d470c654cd ...)
+CVE-2018-1000540
 	NOT-FOR-US: LoboEvolution
-CVE-2018-1000539 (Nov json-jwt version &gt;= 0.5.0 &amp;&amp; &lt; 1.9.4 contains a CWE-347: Improper ...)
+CVE-2018-1000539
 	{DSA-4283-1}
 	- ruby-json-jwt 1.9.4-1 (bug #902721)
 	NOTE: https://github.com/nov/json-jwt/pull/62
 	NOTE: https://github.com/nov/json-jwt/commit/3393f394f271c87bd42ec23c300727b4437d1638
-CVE-2018-1000538 (Minio Inc. Minio S3 server version prior to ...)
+CVE-2018-1000538
 	NOT-FOR-US: Minion
-CVE-2018-1000537 (Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer ...)
+CVE-2018-1000537
 	NOT-FOR-US: Marlin
-CVE-2018-1000536 (Medis version 0.6.1 and earlier contains a XSS vulnerability evolving ...)
+CVE-2018-1000536
 	NOT-FOR-US: Media
-CVE-2018-1000535 (lms version &lt;= LMS_011123 contains a Local File Disclosure ...)
+CVE-2018-1000535
 	NOT-FOR-US: lms
-CVE-2018-1000534 (Joplin version prior to 1.0.90 contains a XSS evolving into code ...)
+CVE-2018-1000534
 	NOT-FOR-US: Joplin
-CVE-2018-1000533 (klaussilveira GitList version &lt;= 0.6 contains a Passing incorrectly ...)
+CVE-2018-1000533
 	NOT-FOR-US: klaussilveira GitList
-CVE-2018-1000532 (beep version 1.3 and up contains a External Control of File Name or ...)
+CVE-2018-1000532
 	- beep 1.4.3-1 (low; bug #902722)
 	[stretch] - beep <no-dsa> (Minor issue)
 	[jessie] - beep <no-dsa> (Minor issue)
 	NOTE: https://github.com/johnath/beep/issues/11#issuecomment-379514298
-CVE-2018-1000531 (inversoft prime-jwt version prior to commit ...)
+CVE-2018-1000531
 	NOT-FOR-US: prime-jwt
 CVE-2018-1000530
 	REJECTED
-CVE-2018-1000529 (Grails Fields plugin version 2.2.7 contains a Cross Site Scripting ...)
+CVE-2018-1000529
 	NOT-FOR-US: Grails Fields plugin
-CVE-2018-1000528 (GONICUS GOsa version before commit ...)
+CVE-2018-1000528
 	{DSA-4239-1 DLA-1436-1}
 	- gosa 2.7.4+reloaded3-5 (low; bug #902723)
 	NOTE: https://github.com/gosa-project/gosa-core/commit/56070d6289d47ba3f5918885954dcceb75606001
 	NOTE: https://github.com/gosa-project/gosa-core/issues/14
-CVE-2018-1000527 (Froxlor version &lt;= 0.9.39.5 contains a PHP Object Injection ...)
+CVE-2018-1000527
 	NOT-FOR-US: Froxlor
-CVE-2018-1000526 (Openpsa contains a XML Injection vulnerability in RSS file upload ...)
+CVE-2018-1000526
 	NOT-FOR-US: openpsa
-CVE-2018-1000525 (openpsa contains a PHP Object Injection vulnerability in Form data ...)
+CVE-2018-1000525
 	NOT-FOR-US: openpsa
-CVE-2018-1000524 (miniSphere version 5.2.9 and earlier contains a Integer Overflow ...)
+CVE-2018-1000524
 	NOT-FOR-US: miniSphere
-CVE-2018-1000523 (topydo contains a CWE-20: Improper Input Validation vulnerability in ...)
+CVE-2018-1000523
 	NOT-FOR-US: topydo
 CVE-2018-1000522
 	REJECTED
-CVE-2018-1000521 (BigTree-CMS contains a Cross Site Scripting (XSS) vulnerability in ...)
+CVE-2018-1000521
 	NOT-FOR-US: BigTree-CMS
-CVE-2018-1000520 (ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows ...)
+CVE-2018-1000520
 	- mbedtls <unfixed> (unimportant)
 	- polarssl <removed> (unimportant)
 	NOTE: https://github.com/ARMmbed/mbedtls/issues/1561
 	NOTE: No security impact
-CVE-2018-1000519 (aio-libs aiohttp-session contains a Session Fixation vulnerability in ...)
+CVE-2018-1000519
 	NOT-FOR-US: aio-libs aiohttp-session
-CVE-2018-1000518 (aaugustin websockets version 4 contains a CWE-409: Improper Handling ...)
+CVE-2018-1000518
 	NOT-FOR-US: aaugustin websockets
-CVE-2018-1000517 (BusyBox project BusyBox wget version prior to commit ...)
+CVE-2018-1000517
 	{DLA-1445-1}
 	- busybox 1:1.27.2-3 (low; bug #902724)
 	[stretch] - busybox <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e
-CVE-2018-1000516 (The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper ...)
+CVE-2018-1000516
 	NOT-FOR-US: Galaxy Project Galaxy
-CVE-2018-1000515 (ventrian News-Articles version NewsArticles.00.09.11 contains a XML ...)
+CVE-2018-1000515
 	NOT-FOR-US: News-Articles
-CVE-2018-1000514 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request ...)
+CVE-2018-1000514
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000513 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting ...)
+CVE-2018-1000513
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000512 (Tooltipy Tooltipy (tooltips for WP) version 5 contains a Cross Site ...)
+CVE-2018-1000512
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000511 (WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control ...)
+CVE-2018-1000511
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000510 (WP Image Zoom version 1.23 contains a Incorrect Access Control ...)
+CVE-2018-1000510
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000509 (Redirection version 2.7.1 contains a Serialisation vulnerability ...)
+CVE-2018-1000509
 	NOT-FOR-US: Redirection
-CVE-2018-1000508 (WP ULike version 2.8.1, 3.1 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000508
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000507 (WP User Groups version 2.0.0 contains a Cross ite Request Forgery ...)
+CVE-2018-1000507
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000506 (Metronet Tag Manager version 1.2.7 contains a Cross ite Request ...)
+CVE-2018-1000506
 	NOT-FOR-US: Metronet Tag Manager
-CVE-2018-1000505 (Tooltipy (tooltips for WP) version 5 contains a Cross ite Request ...)
+CVE-2018-1000505
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000504 (Redirection version 2.7.3 contains a ACE via file inclusion ...)
+CVE-2018-1000504
 	NOT-FOR-US: Redirection
-CVE-2018-1000503 (MyBB Group MyBB contains a Incorrect Access Control vulnerability in ...)
+CVE-2018-1000503
 	NOT-FOR-US: MyBB Group MyBB
-CVE-2018-1000502 (MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel ...)
+CVE-2018-1000502
 	NOT-FOR-US: MyBB Group MyBB
-CVE-2018-1000501 (Instant Update CMS contains a Password Reset Vulnerability ...)
+CVE-2018-1000501
 	NOT-FOR-US: Instante Update CMS
-CVE-2018-1000500 (Busybox contains a Missing SSL certificate validation vulnerability in ...)
+CVE-2018-1000500
 	- busybox <unfixed> (unimportant)
 	NOTE: Intentional design decision:
 	NOTE: https://git.busybox.net/busybox/tree/networking/wget.c?id=8bc418f07eab79a9c8d26594629799f6157a9466#n74
 	NOTE: https://git.busybox.net/busybox/commit/networking/wget.c?id=0972c7f7a570c38edb68e1c60a45614b7a7c7d55
 	NOTE: Starting with 1:1.27.2-3 in unstable wget emmits a message that certificate
 	NOTE: verification is not implemented.
-CVE-2018-1000404 (Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier ...)
+CVE-2018-1000404
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-12637
 	RESERVED
-CVE-2018-12636 (The iThemes Security (better-wp-security) plugin before 7.0.3 for ...)
+CVE-2018-12636
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-12635 (CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to ...)
+CVE-2018-12635
 	NOT-FOR-US: CirCarLife Scada
-CVE-2018-12634 (CirCarLife Scada before 4.3 allows remote attackers to obtain ...)
+CVE-2018-12634
 	NOT-FOR-US: CirCarLife Scada
-CVE-2018-12633 (An issue was discovered in the Linux kernel through 4.17.2. ...)
+CVE-2018-12633
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/bd23a7269834dc7c1f93e83535d16ebc44b75eba (4.18-rc1)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200131
-CVE-2018-12632 (Redatam7 (formerly Redatam WebServer) allows remote attackers to ...)
+CVE-2018-12632
 	NOT-FOR-US: Redatam7
-CVE-2018-12631 (Redatam7 (formerly Redatam WebServer) allows remote attackers to read ...)
+CVE-2018-12631
 	NOT-FOR-US: Redatam7
-CVE-2018-12630 (NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id ...)
+CVE-2018-12630
 	NOT-FOR-US: NEWMARK (aka New Mark) NMCMS 2.1
 CVE-2018-12629
 	RESERVED
@@ -21388,7 +21381,7 @@ CVE-2018-12619
 	RESERVED
 CVE-2018-12618
 	RESERVED
-CVE-2018-12617 (qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in ...)
+CVE-2018-12617
 	{DLA-1694-1}
 	- qemu 1:3.1+dfsg-1 (low; bug #902725)
 	[stretch] - qemu <postponed> (Minor issue, wait until more severe issues are around)
@@ -21397,33 +21390,33 @@ CVE-2018-12617 (qmp_guest_file_read in qga/commands-posix.c and qga/commands-win
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=141b197408ab398c4f474ac1a728ab316e921f2b
 CVE-2018-12616
 	RESERVED
-CVE-2018-12615 (An issue was discovered in switchGroup() in ...)
+CVE-2018-12615
 	- passenger <not-affected> (Vulnerable code not present)
 	- ruby-passenger <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/phusion/passenger/commit/4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8
 CVE-2018-12614
 	RESERVED
-CVE-2018-12613 (An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an ...)
+CVE-2018-12613
 	- phpmyadmin <not-affected> (Affects 4.8.x)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-4/
 CVE-2018-12612
 	RESERVED
-CVE-2018-12611 (OX App Suite 7.8.4 and earlier allows Directory Traversal. ...)
+CVE-2018-12611
 	NOT-FOR-US: OX App Suite
-CVE-2018-12610 (OX App Suite 7.8.4 and earlier allows Information Exposure. ...)
+CVE-2018-12610
 	NOT-FOR-US: OX App Suite
-CVE-2018-12609 (OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. ...)
+CVE-2018-12609
 	NOT-FOR-US: OX App Suite
-CVE-2018-12608 (An issue was discovered in Docker Moby before 17.06.0. The Docker ...)
+CVE-2018-12608
 	- docker.io 18.03.1+dfsg1-2
 	NOTE: https://github.com/moby/moby/pull/33182
-CVE-2018-1000403 (Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier ...)
+CVE-2018-1000403
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000402 (Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier ...)
+CVE-2018-1000402
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000401 (Jenkins project Jenkins AWS CodePipeline Plugin version 0.36 and ...)
+CVE-2018-1000401
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-12607 (An issue was discovered in GitLab Community Edition and Enterprise ...)
+CVE-2018-12607
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	[stretch] - gitlab <not-affected> (Only affects >= 10.5)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
@@ -21434,32 +21427,32 @@ CVE-2018-XXXX [gitlab: Activity feed publicly displaying internal project names]
 CVE-2018-XXXX [gitlab: Content injection via username]
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
-CVE-2018-12606 (An issue was discovered in GitLab Community Edition and Enterprise ...)
+CVE-2018-12606
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
-CVE-2018-12605 (An issue was discovered in GitLab Community Edition and Enterprise ...)
+CVE-2018-12605
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	[stretch] - gitlab <not-affected> (Only affects 10.7)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
-CVE-2018-12604 (GreenCMS 2.3.0603 allows remote attackers to obtain sensitive ...)
+CVE-2018-12604
 	NOT-FOR-US: GreenCMS
-CVE-2018-12603 (Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS ...)
+CVE-2018-12603
 	NOT-FOR-US: LFCMS
-CVE-2018-12602 (A CSRF vulnerability exists in LFCMS 3.7.0: users can be added ...)
+CVE-2018-12602
 	NOT-FOR-US: LFCMS
-CVE-2018-12601 (There is a heap-based buffer overflow in ReadImage in input-tga.ci in ...)
+CVE-2018-12601
 	{DLA-1463-1}
 	- sam2p <removed>
 	NOTE: https://github.com/pts/sam2p/issues/41
 	NOTE: https://github.com/pts/sam2p/commit/8b2b7151991e07ef262857c2325e95c3b2867f80
-CVE-2018-12600 (In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in ...)
+CVE-2018-12600
 	{DSA-4245-1 DLA-1394-1}
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #902728)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1178
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/921f208c2ea3cc45847f380257f270ff424adfff
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ae71c12bbaa34d942e036824ff389c22b7dacade
-CVE-2018-12599 (In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in ...)
+CVE-2018-12599
 	{DSA-4245-1 DLA-1394-1}
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #902727)
@@ -21470,67 +21463,67 @@ CVE-2018-12598
 	RESERVED
 CVE-2018-12597
 	RESERVED
-CVE-2018-12596 (Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU ...)
+CVE-2018-12596
 	NOT-FOR-US: Episerver Ektron CMS
 CVE-2018-12595
 	RESERVED
-CVE-2018-12594 (Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to ...)
+CVE-2018-12594
 	NOT-FOR-US: Reliable Controls MACH-ProWebCom devices
 CVE-2018-12593
 	RESERVED
-CVE-2018-12592 (Polycom RealPresence Web Suite before 2.2.0 does not block a user's ...)
+CVE-2018-12592
 	NOT-FOR-US: Polycom RealPresence Web Suite
-CVE-2018-12591 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an ...)
+CVE-2018-12591
 	NOT-FOR-US: Ubiquiti Networks EdgeSwitch
-CVE-2018-12590 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an ...)
+CVE-2018-12590
 	NOT-FOR-US: Ubiquiti Networks EdgeSwitch
-CVE-2018-12589 (Polaris Office 2017 8.1 allows attackers to execute arbitrary code via ...)
+CVE-2018-12589
 	NOT-FOR-US: Polaris Office
-CVE-2018-12588 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-12588
 	NOT-FOR-US: Public Knowledge Project (PKP) Open Monograph Press (OMP)
-CVE-2018-12587 (A cross-site scripting (XSS) vulnerability was found in valeuraddons ...)
+CVE-2018-12587
 	NOT-FOR-US: valeuraddons German Spelling Dictionary
 CVE-2018-12586
 	RESERVED
-CVE-2018-12585 (An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can ...)
+CVE-2018-12585
 	NOT-FOR-US: OPC UA Java and .NET Legacy Stack
-CVE-2018-12584 (The ConnectionBase::preparseNewBytes function in ...)
+CVE-2018-12584
 	{DLA-1439-1}
 	- resiprocate <removed> (bug #905495)
 	NOTE: http://joachimdezutter.webredirect.org/advisory.html
 	NOTE: https://github.com/resiprocate/resiprocate/commit/2cb291191c93c7c4e371e22cb89805a5b31d6608
-CVE-2018-12583 (An issue was discovered in AKCMS 6.1. CSRF can delete an article via an ...)
+CVE-2018-12583
 	NOT-FOR-US: AKCMS
-CVE-2018-12582 (An issue was discovered in AKCMS 6.1. CSRF can add an admin account via ...)
+CVE-2018-12582
 	NOT-FOR-US: AKCMS
-CVE-2018-12581 (An issue was discovered in js/designer/move.js in phpMyAdmin before ...)
+CVE-2018-12581
 	- phpmyadmin <unfixed> (low)
 	[stretch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-3/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
-CVE-2018-12580 (library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity ...)
+CVE-2018-12580
 	NOT-FOR-US: DragonByte vBSecurity for vBulletin
-CVE-2018-12579 (An issue was discovered in OXID eShop Enterprise Edition before 5.3.8, ...)
+CVE-2018-12579
 	NOT-FOR-US: OXID eShop
-CVE-2018-12578 (There is a heap-based buffer overflow in bmp_compress1_row in ...)
+CVE-2018-12578
 	{DLA-1463-1}
 	- sam2p <removed>
 	NOTE: https://github.com/pts/sam2p/issues/39
 	NOTE: https://github.com/pts/sam2p/commit/22e7a17e70e5f5eedf466b0b1855c8c954061a51
-CVE-2018-12577 (The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 ...)
+CVE-2018-12577
 	NOT-FOR-US: TP-Link
-CVE-2018-12576 (TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 ...)
+CVE-2018-12576
 	NOT-FOR-US: TP-Link
-CVE-2018-12575 (On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 ...)
+CVE-2018-12575
 	NOT-FOR-US: TP-Link
-CVE-2018-12574 (CSRF exists for all actions in the web interface on TP-Link TL-WR841N ...)
+CVE-2018-12574
 	NOT-FOR-US: TP-Link
 CVE-2018-12573
 	RESERVED
 CVE-2018-12572
-	RESERVED
-CVE-2018-12571 (uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified ...)
+	TODO: check
+CVE-2018-12571
 	NOT-FOR-US: Microsoft
 CVE-2018-12570
 	RESERVED
@@ -21542,24 +21535,24 @@ CVE-2018-12567
 	RESERVED
 CVE-2018-12566
 	RESERVED
-CVE-2018-12565 (An issue was discovered in Linaro LAVA before 2018.5.post1. Because of ...)
+CVE-2018-12565
 	{DSA-4234-1}
 	- lava 2018.5.post1-1
 	- lava-server <removed>
 	[jessie] - lava-server <not-affected> (vulnerable code not present)
 	NOTE: https://git.linaro.org/lava/lava.git/commit/?id=583666c84ea2f12797a3eb71392bcb05782f5b14
-CVE-2018-12564 (An issue was discovered in Linaro LAVA before 2018.5.post1. Because of ...)
+CVE-2018-12564
 	{DSA-4234-1 DLA-1404-1}
 	- lava 2018.5.post1-1
 	- lava-server <removed>
 	NOTE: https://git.linaro.org/lava/lava.git/commit/?id=95a9a77b144ced24d7425d6544ab03ca7f6c75d3
-CVE-2018-12563 (An issue was discovered in Linaro LAVA before 2018.5.post1. Because of ...)
+CVE-2018-12563
 	- lava 2018.5.post1-1
 	- lava-server <removed>
 	[stretch] - lava-server <not-affected> (Vulnerable code introduced in 2017.6)
 	[jessie] - lava-server <not-affected> (vulnerable code not present)
 	NOTE: https://git.linaro.org/lava/lava.git/commit/?id=e24ec39599bc07562ad8bc2a581144b8448cb214
-CVE-2018-12562 (An issue was discovered in the cantata-mounter D-Bus service in Cantata ...)
+CVE-2018-12562
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
@@ -21567,7 +21560,7 @@ CVE-2018-12562 (An issue was discovered in the cantata-mounter D-Bus service in
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
 	NOTE: https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
-CVE-2018-12561 (An issue was discovered in the cantata-mounter D-Bus service in Cantata ...)
+CVE-2018-12561
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
@@ -21575,14 +21568,14 @@ CVE-2018-12561 (An issue was discovered in the cantata-mounter D-Bus service in
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
 	NOTE: https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
-CVE-2018-12560 (An issue was discovered in the cantata-mounter D-Bus service in Cantata ...)
+CVE-2018-12560
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
 	NOTE: by default in versions 2.3.0 and 2.3.1. Before 2.3.0 it was only built
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
-CVE-2018-12559 (An issue was discovered in the cantata-mounter D-Bus service in Cantata ...)
+CVE-2018-12559
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
@@ -21590,13 +21583,13 @@ CVE-2018-12559 (An issue was discovered in the cantata-mounter D-Bus service in
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
 	NOTE: https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
-CVE-2018-12558 (The parse() method in the Email::Address module through 1.909 for Perl ...)
+CVE-2018-12558
 	- libemail-address-perl 1.912-1 (unimportant; bug #901873)
 	[stretch] - libemail-address-perl 1.908-1+deb9u1
 	NOTE: Possibility of DoS vs. usability issue for Email::Address
 	NOTE: https://github.com/Perl-Email-Project/Email-Address/issues/19
 	NOTE: Mitigation: https://github.com/Perl-Email-Project/Email-Address/commit/aeaf0d7f1b0897b54cb246b8ac15d3ef177e5cae
-CVE-2018-12557 (An issue was discovered in Zuul 3.x before 3.1.0. If nodes become ...)
+CVE-2018-12557
 	- zuul <itp> (bug #705844)
 CVE-2018-12556
 	RESERVED
@@ -21622,11 +21615,11 @@ CVE-2018-12550
 	[jessie] - mosquitto <postponed> (Minor issue)
 	NOTE: https://mosquitto.org/blog/2019/02/version-1-5-6-released/
 	NOTE: https://mosquitto.org/files/cve/2018-12550
-CVE-2018-12549 (In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may ...)
+CVE-2018-12549
 	NOT-FOR-US: OpenJDK + Eclipse OpenJ9
-CVE-2018-12548 (In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public ...)
+CVE-2018-12548
 	NOT-FOR-US: OpenJDK + Eclipse OpenJ9
-CVE-2018-12547 (In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and ...)
+CVE-2018-12547
 	NOT-FOR-US: OpenJDK + Eclipse OpenJ9
 CVE-2018-12546
 	RESERVED
@@ -21637,28 +21630,28 @@ CVE-2018-12546
 	NOTE: https://mosquitto.org/files/cve/2018-12546
 CVE-2018-12545
 	RESERVED
-CVE-2018-12544 (In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML ...)
+CVE-2018-12544
 	NOT-FOR-US: Eclipse Vert.x
-CVE-2018-12543 (In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is ...)
+CVE-2018-12543
 	- mosquitto <not-affected> (Vulnerable code introduced in 1.5)
 	NOTE: http://mosquitto.org/blog/2018/09/security-advisory-cve-2018-12543/
 	NOTE: https://mosquitto.org/files/cve/2018-12543/
-CVE-2018-12542 (In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler ...)
+CVE-2018-12542
 	NOT-FOR-US: Eclipse Vert.x
-CVE-2018-12541 (In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP ...)
+CVE-2018-12541
 	NOT-FOR-US: Eclipse Vert.x
-CVE-2018-12540 (In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do ...)
+CVE-2018-12540
 	NOT-FOR-US: Eclipse Vertx
-CVE-2018-12539 (In Eclipse OpenJ9 version 0.8, users other than the process owner may ...)
+CVE-2018-12539
 	NOT-FOR-US: Eclipse OpenJ9
-CVE-2018-12538 (In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ...)
+CVE-2018-12538
 	- jetty9 <not-affected> (Only affects 9.4.x)
 	- jetty8 <not-affected> (Only affects 9.4.x)
 	- jetty <not-affected> (Only affects 9.4.x)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=536018
-CVE-2018-12537 (In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response ...)
+CVE-2018-12537
 	NOT-FOR-US: Eclipse Vertx
-CVE-2018-12536 (In Eclipse Jetty Server, all 9.x versions, on webapps deployed using ...)
+CVE-2018-12536
 	- jetty9 9.2.25-1 (low; bug #902774)
 	[stretch] - jetty9 <ignored> (Harmless information leak)
 	- jetty8 <removed>
@@ -21668,42 +21661,42 @@ CVE-2018-12536 (In Eclipse Jetty Server, all 9.x versions, on webapps deployed u
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670
 CVE-2018-12535
 	RESERVED
-CVE-2018-12534 (A SQL injection issue was discovered in the Quick Chat plugin before ...)
+CVE-2018-12534
 	NOT-FOR-US: Quick Chat plugin for WordPress
-CVE-2018-12533 (JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote ...)
+CVE-2018-12533
 	NOT-FOR-US: RichFaces
-CVE-2018-12532 (JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote ...)
+CVE-2018-12532
 	NOT-FOR-US: RichFaces
-CVE-2018-12531 (An issue was discovered in MetInfo 6.0.0. install\index.php allows ...)
+CVE-2018-12531
 	NOT-FOR-US: MetInfo
-CVE-2018-12530 (An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php ...)
+CVE-2018-12530
 	NOT-FOR-US: MetInfo
-CVE-2018-12529 (An issue was discovered on Intex N150 devices. The router firmware ...)
+CVE-2018-12529
 	NOT-FOR-US: Intex
-CVE-2018-12528 (An issue was discovered on Intex N150 devices. The backup/restore ...)
+CVE-2018-12528
 	NOT-FOR-US: Intex
 CVE-2018-12527
 	RESERVED
-CVE-2018-12526 (Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default ...)
+CVE-2018-12526
 	NOT-FOR-US: Telesquare
-CVE-2018-12525 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboard ...)
+CVE-2018-12525
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
-CVE-2018-12524 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboard ...)
+CVE-2018-12524
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
-CVE-2018-12523 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboard ...)
+CVE-2018-12523
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
-CVE-2018-12522 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboard ...)
+CVE-2018-12522
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
 CVE-2018-12521
 	RESERVED
-CVE-2018-12520 (An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG ...)
+CVE-2018-12520
 	- ntopng 3.8+dfsg1-1 (bug #903154)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jul/14
 	NOTE: https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f
 	NOTE: https://github.com/ntop/ntopng/commit/30610bda60cbfc058f90a1c0a17d0e8f4516221a
-CVE-2018-12519 (An issue was discovered in ShopNx through 2017-11-17. The ...)
+CVE-2018-12519
 	NOT-FOR-US: ShopNx
 CVE-2018-12518
 	RESERVED
@@ -21719,7 +21712,7 @@ CVE-2018-12513
 	RESERVED
 CVE-2018-12512
 	RESERVED
-CVE-2018-12511 (In the mintToken function of a smart contract implementation for ...)
+CVE-2018-12511
 	NOT-FOR-US: Substratum
 CVE-2018-12510
 	RESERVED
@@ -21733,36 +21726,36 @@ CVE-2018-12506
 	RESERVED
 CVE-2018-12505
 	RESERVED
-CVE-2018-12504 (tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in ...)
+CVE-2018-12504
 	NOT-FOR-US: tinyexr
-CVE-2018-12503 (tinyexr 0.9.5 has a heap-based buffer over-read in ...)
+CVE-2018-12503
 	NOT-FOR-US: tinyexr
 CVE-2018-12502
 	RESERVED
-CVE-2018-12501 (Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335. ...)
+CVE-2018-12501
 	NOT-FOR-US: Nagios Fusion
 CVE-2018-12500
 	RESERVED
-CVE-2018-12499 (The Motorola MBP853 firmware does not correctly validate server ...)
+CVE-2018-12499
 	NOT-FOR-US: Motoral
-CVE-2018-12498 (spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id ...)
+CVE-2018-12498
 	NOT-FOR-US: iCMS
 CVE-2018-12497
 	RESERVED
 CVE-2018-12496
 	RESERVED
-CVE-2018-12495 (The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT ...)
+CVE-2018-12495
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189#issuecomment-397541501
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
-CVE-2018-12494 (An issue was discovered in PublicCMS V4.0.20180210. There is a &quot;Directory ...)
+CVE-2018-12494
 	NOT-FOR-US: PublicCMS
-CVE-2018-12493 (An issue was discovered in PublicCMS V4.0.20180210. There is a &quot;Directory ...)
+CVE-2018-12493
 	NOT-FOR-US: PublicCMS
-CVE-2018-12492 (PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the ...)
+CVE-2018-12492
 	NOT-FOR-US: PHPOK
-CVE-2018-12491 (PHPOK 4.9.032 has an arbitrary file upload vulnerability in the ...)
+CVE-2018-12491
 	NOT-FOR-US: PHPOK
 CVE-2018-12490
 	RESERVED
@@ -21778,25 +21771,25 @@ CVE-2018-12485
 	RESERVED
 CVE-2018-12484
 	RESERVED
-CVE-2018-12483 (OCS Inventory 2.4.1 is prone to a remote command-execution ...)
+CVE-2018-12483
 	- ocsinventory-server 2.5+dfsg-1 (unimportant; bug #905396)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-12482 (OCS Inventory 2.4.1 contains multiple SQL injections in the search ...)
+CVE-2018-12482
 	- ocsinventory-server 2.5+dfsg-1 (unimportant; bug #905396)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-12481 (The Olive Tree Ftp Server application 1.32 for Android has a &quot;Sensitive ...)
+CVE-2018-12481
 	NOT-FOR-US: Olive Tree Ftp Server application for Android
-CVE-2018-12480 (Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 ...)
+CVE-2018-12480
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2018-12479 (A Improper Input Validation vulnerability in Open Build Service allows ...)
+CVE-2018-12479
 	- open-build-service 2.9.4-1 (bug #911797)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108435
 	NOTE: https://github.com/openSUSE/open-build-service/pull/5880
 	NOTE: https://github.com/openSUSE/open-build-service/commit/01b015ca2a320afc4fae823465d1e72da8bd60df
-CVE-2018-12478 (A Improper Input Validation vulnerability in Open Build Service allows ...)
+CVE-2018-12478
 	NOT-FOR-US: obs-service replace_using_package_version
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108280
-CVE-2018-12477 (A Improper Neutralization of CRLF Sequences vulnerability in Open ...)
+CVE-2018-12477
 	NOT-FOR-US: obs-service refresh_patches
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108189
 	NOTE: https://github.com/openSUSE/obs-service-refresh_patches/commit/d6244245dda5367767efc989446fe4b5e4609cce
@@ -21804,66 +21797,66 @@ CVE-2018-12476
 	RESERVED
 CVE-2018-12475
 	RESERVED
-CVE-2018-12474 (Improper input validation in obs-service-tar_scm of Open Build Service ...)
+CVE-2018-12474
 	NOT-FOR-US: obs-service-tar_scm of Open Build Service
-CVE-2018-12473 (A path traversal traversal vulnerability in obs-service-tar_scm of ...)
+CVE-2018-12473
 	NOT-FOR-US: obs-service-tar_scm of Open Build Service
-CVE-2018-12472 (A improper authentication using the HOST header in SUSE Linux SMT ...)
+CVE-2018-12472
 	NOT-FOR-US: SUSE Linux SMT
-CVE-2018-12471 (A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT ...)
+CVE-2018-12471
 	NOT-FOR-US: SUSE Linux SMT
-CVE-2018-12470 (A SQL Injection in the RegistrationSharing module of SUSE Linux SMT ...)
+CVE-2018-12470
 	NOT-FOR-US: SUSE Linux SMT
-CVE-2018-12469 (Incorrect handling of an invalid value for an HTTP request parameter ...)
+CVE-2018-12469
 	NOT-FOR-US: Micro Focus
-CVE-2018-12468 (A vulnerability in the administration console of Micro Focus GroupWise ...)
+CVE-2018-12468
 	NOT-FOR-US: Micro Focus
-CVE-2018-12467 (Authorized users of the openbuildservice before 2.9.4 could delete ...)
+CVE-2018-12467
 	- open-build-service 2.9.4-1 (bug #911797)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1100217
 	NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
 	NOTE: Introduced by: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
 	TODO: check if introducing commit is right and fix status
-CVE-2018-12466 (openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...)
+CVE-2018-12466
 	- open-build-service <unfixed> (bug #911797)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1098934
 	NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
 	NOTE: Introduced by: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
 	TODO: check if introducing commit is right and fix status
-CVE-2018-12465 (An OS command injection vulnerability in the web administration ...)
+CVE-2018-12465
 	NOT-FOR-US: Micro Focus
-CVE-2018-12464 (A SQL injection vulnerability in the web administration and quarantine ...)
+CVE-2018-12464
 	NOT-FOR-US: Micro Focus
-CVE-2018-12463 (An XML external entity (XXE) vulnerability in Fortify Software ...)
+CVE-2018-12463
 	NOT-FOR-US: Fortify
-CVE-2018-12462 (NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. ...)
+CVE-2018-12462
 	NOT-FOR-US: NetIQ iManager
-CVE-2018-12461 (Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking ...)
+CVE-2018-12461
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2018-12460 (libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the ...)
+CVE-2018-12460
 	[experimental] - ffmpeg 7:4.0.1-1 (low)
 	- ffmpeg <not-affected> (Introduced after 3.4)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b3332a182f8ba33a34542e4a0370f38b914ccf7d
-CVE-2018-12459 (An inconsistent bits-per-sample value in the ...)
+CVE-2018-12459
 	[experimental] - ffmpeg 7:4.0.1-1 (low)
 	- ffmpeg 7:4.0.1-2 (low)
 	[stretch] - ffmpeg <not-affected> (Studio profile not yet supported)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2fc108f60f98cd00813418a8754a46476b404a3c
-CVE-2018-12458 (An improper integer type in the mpeg4_encode_gop_header function in ...)
+CVE-2018-12458
 	{DSA-4249-1}
 	[experimental] - ffmpeg 7:4.0.1-1 (low)
 	- ffmpeg 7:3.4.3-1 (low)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e1182fac1afba92a4975917823a5f644bee7e6e8
 	NOTE: Fixed in 3.2.11
-CVE-2018-12457 (expressCart before 1.1.6 allows remote attackers to create an admin ...)
+CVE-2018-12457
 	NOT-FOR-US: expressCart
-CVE-2018-12456 (Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token ...)
+CVE-2018-12456
 	NOT-FOR-US: Intelbras NPLUG 1.0.0.14 wireless repeater devices
-CVE-2018-12455 (Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical ...)
+CVE-2018-12455
 	NOT-FOR-US: Intelbras NPLUG 1.0.0.14 wireless repeater devices
-CVE-2018-12454 (The _addguess function of a simplelottery smart contract implementation ...)
+CVE-2018-12454
 	NOT-FOR-US: simplelottery
-CVE-2018-12453 (Type confusion in the xgroupCommand function in t_stream.c in ...)
+CVE-2018-12453
 	- redis <not-affected> (Vulnerable code introduced in 5.0-rc1)
 	NOTE: https://gist.github.com/fakhrizulkifli/34a56d575030682f6c564553c53b82b5
 	NOTE: https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6
@@ -21873,15 +21866,15 @@ CVE-2018-12451
 	RESERVED
 CVE-2018-12450
 	RESERVED
-CVE-2018-12449 (The Whale browser installer 0.4.3.0 and earlier versions allows DLL ...)
+CVE-2018-12449
 	NOT-FOR-US: Whale browser installer
-CVE-2018-12448 (Whale Browser before 1.3.48.4 displays no URL information but only a ...)
+CVE-2018-12448
 	NOT-FOR-US: Whale Browser
-CVE-2018-12447 (The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used ...)
+CVE-2018-12447
 	NOT-FOR-US: libbpg
-CVE-2018-12446 (** DISPUTED ** An issue was discovered in the com.dropbox.android ...)
+CVE-2018-12446
 	NOT-FOR-US: com.dropbox.android application for Android
-CVE-2018-12445 (** DISPUTED ** An issue was discovered in the com.dropbox.android ...)
+CVE-2018-12445
 	NOT-FOR-US: com.dropbox.android application for Android
 CVE-2018-12444
 	RESERVED
@@ -21889,93 +21882,93 @@ CVE-2018-12443
 	RESERVED
 CVE-2018-12442
 	RESERVED
-CVE-2018-12441 (The CorsairService Service in Corsair Utility Engine is installed with ...)
+CVE-2018-12441
 	NOT-FOR-US: Corsair
-CVE-2018-12440 (BoringSSL through 2018-06-14 allows a memory-cache side-channel attack ...)
+CVE-2018-12440
 	- boringssl <itp> (bug #823933)
-CVE-2018-12439 (MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack ...)
+CVE-2018-12439
 	- matrixssl <removed>
-CVE-2018-12438 (The Elliptic Curve Cryptography library (aka sunec or libsunec) allows ...)
+CVE-2018-12438
 	- openjdk-7 <not-affected> (Didn't include/build sunec, see #750400)
 	- openjdk-8 <undetermined>
 	- openjdk-11 <undetermined>
-CVE-2018-12437 (LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ...)
+CVE-2018-12437
 	- libtomcrypt 1.18.2-1 (low; bug #901626)
 	[stretch] - libtomcrypt <no-dsa> (Minor issue)
 	[jessie] - libtomcrypt <no-dsa> (Minor issue)
 	NOTE: https://github.com/libtom/libtomcrypt/issues/407
 	NOTE: https://github.com/libtom/libtomcrypt/pull/408
-CVE-2018-12436 (wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a ...)
+CVE-2018-12436
 	- wolfssl 3.15.3+dfsg-1 (bug #901627)
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/9b9568d500f31f964af26ba8d01e542e1f27e5ca
 	NOTE: https://www.wolfssl.com/wolfssh-and-rohnp/
-CVE-2018-12435 (Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache ...)
+CVE-2018-12435
 	- botan 2.6.0-3 (bug #901619)
 	- botan1.10 <not-affected> (Issue introduced in 2.5.0)
 	NOTE: https://github.com/randombit/botan/pull/1604
 	NOTE: https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3
-CVE-2018-12434 (LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache ...)
+CVE-2018-12434
 	- libressl <itp> (bug #754513)
-CVE-2018-12433 (** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache ...)
+CVE-2018-12433
 	NOT-FOR-US: cryptlib
-CVE-2018-12432 (JavaMelody through 1.60.0 has XSS via the counter parameter in a ...)
+CVE-2018-12432
 	NOT-FOR-US: JavaMelody
-CVE-2018-12431 (SeaCMS V6.61 has XSS via the site name parameter on an ...)
+CVE-2018-12431
 	NOT-FOR-US: SeaCMS
 CVE-2018-12430
 	REJECTED
-CVE-2018-12429 (JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish ...)
+CVE-2018-12429
 	NOT-FOR-US: JEESNS
 CVE-2018-12428
 	RESERVED
 CVE-2018-12427
 	RESERVED
-CVE-2018-12426 (The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is ...)
+CVE-2018-12426
 	NOT-FOR-US: WP Live Chat Support Pro plugin for WordPress
 CVE-2018-12425
 	RESERVED
 CVE-2018-12424
 	RESERVED
-CVE-2018-12422 (** DISPUTED ** addressbook/backends/ldap/e-book-backend-ldap.c in ...)
+CVE-2018-12422
 	- evolution-data-server 3.28.5-1 (unimportant; bug #901665)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=796174
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173
 	NOTE: non-issue, to be rejected
-CVE-2018-12421 (LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a ...)
+CVE-2018-12421
 	NOT-FOR-US: LTB Self Service Password
-CVE-2018-12420 (IceHrm before 23.0.1.OS has a risky usage of a hashed password in a ...)
+CVE-2018-12420
 	NOT-FOR-US: IceHrm
 CVE-2018-12419
 	RESERVED
-CVE-2018-12418 (Archive.java in Junrar before 1.0.1, as used in Apache Tika and other ...)
+CVE-2018-12418
 	NOT-FOR-US: Junrar
 CVE-2018-12417
 	RESERVED
-CVE-2018-12416 (The GridServer Broker and GridServer Director components of TIBCO ...)
+CVE-2018-12416
 	NOT-FOR-US: TIBCO
-CVE-2018-12415 (The Central Administration server (emsca) component of TIBCO Software ...)
+CVE-2018-12415
 	NOT-FOR-US: TIBCO
-CVE-2018-12414 (The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon ...)
+CVE-2018-12414
 	NOT-FOR-US: TIBCO
-CVE-2018-12413 (The Schema repository server (tibschemad) component of TIBCO Software ...)
+CVE-2018-12413
 	NOT-FOR-US: TIBCO
-CVE-2018-12412 (The realm server (tibrealmserver) component of TIBCO Software Inc. ...)
+CVE-2018-12412
 	NOT-FOR-US: TIBCO
-CVE-2018-12411 (The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ...)
+CVE-2018-12411
 	NOT-FOR-US: TIBCO
-CVE-2018-12410 (The web server component of TIBCO Software Inc's Spotfire Statistics ...)
+CVE-2018-12410
 	NOT-FOR-US: TIBCO
-CVE-2018-12409 (The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver ...)
+CVE-2018-12409
 	NOT-FOR-US: TIBCO
-CVE-2018-12408 (The BusinessWorks engine component of TIBCO Software Inc.'s TIBCO ...)
+CVE-2018-12408
 	NOT-FOR-US: TIBCO
-CVE-2018-12407 (A buffer overflow occurs when drawing and validating elements with the ...)
+CVE-2018-12407
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12407
-CVE-2018-12406 (Mozilla developers and community members reported memory safety bugs ...)
+CVE-2018-12406
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12406
-CVE-2018-12405 (Mozilla developers and community members reported memory safety bugs ...)
+CVE-2018-12405
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -21991,37 +21984,37 @@ CVE-2018-12404 [Cache side-channel variant of the Bleichenbacher attack]
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1485864 (not public)
 	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.36.6_release_notes
 	NOTE: Fixed in 3.36.6, 3.40.1
-CVE-2018-12403 (If a site is loaded over a HTTPS connection but loads a favicon ...)
+CVE-2018-12403
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12403
-CVE-2018-12402 (The internal WebBrowserPersist code does not use correct origin ...)
+CVE-2018-12402
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12402
-CVE-2018-12401 (Some special resource URIs will cause a non-exploitable crash if ...)
+CVE-2018-12401
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12401
-CVE-2018-12400 (In private browsing mode on Firefox for Android, favicons are cached ...)
+CVE-2018-12400
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12400
-CVE-2018-12399 (When a new protocol handler is registered, the API accepts a title ...)
+CVE-2018-12399
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12399
-CVE-2018-12398 (By using the reflected URL in some special resource URIs, such as ...)
+CVE-2018-12398
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12398
-CVE-2018-12397 (A WebExtension can request access to local files without the warning ...)
+CVE-2018-12397
 	{DSA-4324-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12397
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12397
-CVE-2018-12396 (A vulnerability where a WebExtension can run content scripts in ...)
+CVE-2018-12396
 	{DSA-4324-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12396
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12396
-CVE-2018-12395 (By rewriting the Host: request headers using the webRequest API, a ...)
+CVE-2018-12395
 	{DSA-4324-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22029,7 +22022,7 @@ CVE-2018-12395 (By rewriting the Host: request headers using the webRequest API,
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12395
 CVE-2018-12394
 	RESERVED
-CVE-2018-12393 (A potential vulnerability was found in 32-bit builds where an integer ...)
+CVE-2018-12393
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22037,7 +22030,7 @@ CVE-2018-12393 (A potential vulnerability was found in 32-bit builds where an in
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12393
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12393
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12393
-CVE-2018-12392 (When manipulating user events in nested loops while opening a document ...)
+CVE-2018-12392
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22045,14 +22038,14 @@ CVE-2018-12392 (When manipulating user events in nested loops while opening a do
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12392
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12392
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12392
-CVE-2018-12391 (During HTTP Live Stream playback on Firefox for Android, audio data ...)
+CVE-2018-12391
 	- firefox-esr <not-affected> (Android-specific)
 	- firefox <not-affected> (Android-specific)
 	- thunderbird <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12391
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12391
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12391
-CVE-2018-12390 (Mozilla developers and community members reported memory safety bugs ...)
+CVE-2018-12390
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22060,26 +22053,26 @@ CVE-2018-12390 (Mozilla developers and community members reported memory safety
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12390
-CVE-2018-12389 (Mozilla developers and community members reported memory safety bugs ...)
+CVE-2018-12389
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- thunderbird 1:60.3.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12389
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12389
-CVE-2018-12388 (Mozilla developers and community members reported memory safety bugs ...)
+CVE-2018-12388
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12388
-CVE-2018-12387 (A vulnerability where the JavaScript JIT compiler inlines ...)
+CVE-2018-12387
 	{DSA-4310-1}
 	- firefox 62.0.3-1
 	- firefox-esr 60.2.2esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/#CVE-2018-12387
-CVE-2018-12386 (A vulnerability in register allocation in JavaScript can lead to type ...)
+CVE-2018-12386
 	{DSA-4310-1}
 	- firefox 62.0.3-1
 	- firefox-esr 60.2.2esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/#CVE-2018-12386
-CVE-2018-12385 (A potentially exploitable crash in TransportSecurityInfo used for SSL ...)
+CVE-2018-12385
 	{DSA-4327-1 DSA-4304-1 DLA-1575-1}
 	- firefox 62.0.2-1
 	- firefox-esr 60.2.1esr-1
@@ -22096,7 +22089,7 @@ CVE-2018-12384 [ServerHello.random is all zero when handling a v2-compatible Cli
 	NOTE: https://hg.mozilla.org/projects/nss/rev/46f9a1f40c3d (NSS_3_36_BRANCH)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1483128
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1622089
-CVE-2018-12383 (If a user saved passwords before Firefox 58 and then later set a ...)
+CVE-2018-12383
 	{DSA-4327-1 DSA-4304-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.1esr-1
@@ -22104,17 +22097,17 @@ CVE-2018-12383 (If a user saved passwords before Firefox 58 and then later set a
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/#CVE-2018-12383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12383
-CVE-2018-12382 (The displayed addressbar URL can be spoofed on Firefox for Android ...)
+CVE-2018-12382
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12382
-CVE-2018-12381 (Manually dragging and dropping an Outlook email message into the ...)
+CVE-2018-12381
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12381
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12381
 CVE-2018-12380
 	RESERVED
-CVE-2018-12379 (When the Mozilla Updater opens a MAR format file which contains a very ...)
+CVE-2018-12379
 	{DSA-4327-1 DLA-1575-1}
 	- firefox 62.0-1 (unimportant)
 	- firefox-esr 60.2.0esr-1 (unimportant)
@@ -22123,7 +22116,7 @@ CVE-2018-12379 (When the Mozilla Updater opens a MAR format file which contains
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12379
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12379
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12379
-CVE-2018-12378 (A use-after-free vulnerability can occur when an IndexedDB index is ...)
+CVE-2018-12378
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -22131,7 +22124,7 @@ CVE-2018-12378 (A use-after-free vulnerability can occur when an IndexedDB index
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12378
-CVE-2018-12377 (A use-after-free vulnerability can occur when refresh driver timers ...)
+CVE-2018-12377
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -22139,7 +22132,7 @@ CVE-2018-12377 (A use-after-free vulnerability can occur when refresh driver tim
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12377
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12377
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12377
-CVE-2018-12376 (Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of ...)
+CVE-2018-12376
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -22147,18 +22140,18 @@ CVE-2018-12376 (Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. S
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12376
-CVE-2018-12375 (Memory safety bugs present in Firefox 61. Some of these bugs showed ...)
+CVE-2018-12375
 	- firefox 62.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12375
-CVE-2018-12374 (Plaintext of decrypted emails can leak through by user submitting an ...)
+CVE-2018-12374
 	{DSA-4244-1 DLA-1425-1}
 	- thunderbird 1:52.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12374
-CVE-2018-12373 (dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can ...)
+CVE-2018-12373
 	{DSA-4244-1 DLA-1425-1}
 	- thunderbird 1:52.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12373
-CVE-2018-12372 (Decrypted S/MIME parts, when included in HTML crafted for an attack, ...)
+CVE-2018-12372
 	{DSA-4244-1 DLA-1425-1}
 	- thunderbird 1:52.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12372
@@ -22169,26 +22162,26 @@ CVE-2018-12371
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12371
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-12371
-CVE-2018-12370 (In Reader View SameSite cookie protections are not checked on exiting. ...)
+CVE-2018-12370
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12370
-CVE-2018-12369 (WebExtensions bundled with embedded experiments were not correctly ...)
+CVE-2018-12369
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12369
-CVE-2018-12368 (Windows 10 does not warn users before opening executable files with ...)
+CVE-2018-12368
 	- firefox-esr <not-affected> (Windows-specific)
 	- firefox <not-affected> (Windows-specific)
 	- thunderbird <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12368
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12368
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12368
-CVE-2018-12367 (In the previous mitigations for Spectre, the resolution or precision ...)
+CVE-2018-12367
 	{DSA-4295-1 DLA-1575-1}
 	- firefox 61.0-1
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12367
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-12367
-CVE-2018-12366 (An invalid grid size during QCMS (color profile) transformations can ...)
+CVE-2018-12366
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22196,7 +22189,7 @@ CVE-2018-12366 (An invalid grid size during QCMS (color profile) transformations
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12366
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12366
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12366
-CVE-2018-12365 (A compromised IPC child process can escape the content sandbox and ...)
+CVE-2018-12365
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22204,7 +22197,7 @@ CVE-2018-12365 (A compromised IPC child process can escape the content sandbox a
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12365
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12365
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12365
-CVE-2018-12364 (NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin ...)
+CVE-2018-12364
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22212,7 +22205,7 @@ CVE-2018-12364 (NPAPI plugins, such as Adobe Flash, can send non-simple cross-or
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12364
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12364
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12364
-CVE-2018-12363 (A use-after-free vulnerability can occur when script uses mutation ...)
+CVE-2018-12363
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22220,7 +22213,7 @@ CVE-2018-12363 (A use-after-free vulnerability can occur when script uses mutati
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12363
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12363
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12363
-CVE-2018-12362 (An integer overflow can occur during graphics operations done by the ...)
+CVE-2018-12362
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22228,13 +22221,13 @@ CVE-2018-12362 (An integer overflow can occur during graphics operations done by
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12362
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12362
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12362
-CVE-2018-12361 (An integer overflow can occur in the SwizzleData code while ...)
+CVE-2018-12361
 	{DSA-4295-1 DLA-1575-1}
 	- firefox 61.0-1
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12361
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-12361
-CVE-2018-12360 (A use-after-free vulnerability can occur when deleting an input ...)
+CVE-2018-12360
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22242,7 +22235,7 @@ CVE-2018-12360 (A use-after-free vulnerability can occur when deleting an input
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12360
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12360
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12360
-CVE-2018-12359 (A buffer overflow can occur when rendering canvas content while ...)
+CVE-2018-12359
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22250,15 +22243,15 @@ CVE-2018-12359 (A buffer overflow can occur when rendering canvas content while
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12359
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12359
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12359
-CVE-2018-12358 (Service workers can use redirection to avoid the tainting of ...)
+CVE-2018-12358
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12358
-CVE-2018-12423 (In Synapse before 0.31.2, unauthorised users can hijack rooms when ...)
+CVE-2018-12423
 	- matrix-synapse 0.31.2+dfsg-1 (bug #901549)
 	NOTE: https://github.com/matrix-org/synapse/pull/3397
 CVE-2018-12357
 	RESERVED
-CVE-2018-12356 (An issue was discovered in password-store.sh in pass in Simple Password ...)
+CVE-2018-12356
 	- password-store 1.7.2-1 (bug #901574)
 	[stretch] - password-store <not-affected> (Signature verification support added in 1.7)
 	[jessie] - password-store <not-affected> (Signature verification support added in 1.7)
@@ -22267,11 +22260,11 @@ CVE-2018-12356 (An issue was discovered in password-store.sh in pass in Simple P
 	NOTE: Fixed by: https://git.zx2c4.com/password-store/commit/?id=8683403b77f59c56fcb1f05c61ab33b9fd61a30d
 	NOTE: https://neopg.io/blog/pass-signature-spoof/
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/14/3
-CVE-2018-12355 (Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or description ...)
+CVE-2018-12355
 	NOT-FOR-US: Knowage / SpagoBI
-CVE-2018-12354 (Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as ...)
+CVE-2018-12354
 	NOT-FOR-US: Knowage / SpagoBI
-CVE-2018-12353 (Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name field to the ...)
+CVE-2018-12353
 	NOT-FOR-US: Knowage / SpagoBI
 CVE-2018-12352
 	RESERVED
@@ -22299,35 +22292,35 @@ CVE-2018-12341
 	RESERVED
 CVE-2018-12340
 	RESERVED
-CVE-2018-12339 (ArticleCMS through 2017-02-19 has XSS via an &quot;add an article&quot; action. ...)
+CVE-2018-12339
 	NOT-FOR-US: ArticleCMS
-CVE-2018-12338 (Undocumented Factory Backdoor in ECOS System Management Appliance (aka ...)
+CVE-2018-12338
 	NOT-FOR-US: ECOS System Management Appliance
-CVE-2018-12337 (Reliance on Security Through Obscurity vulnerability in ECOS Secure ...)
+CVE-2018-12337
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12336 (Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 ...)
+CVE-2018-12336
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12335 (Incorrect access control in ECOS System Management Appliance (aka SMA) ...)
+CVE-2018-12335
 	NOT-FOR-US: ECOS System Management Appliance
-CVE-2018-12334 (Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 ...)
+CVE-2018-12334
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12333 (Insufficient Verification of Data Authenticity vulnerability in ECOS ...)
+CVE-2018-12333
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12332 (Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) ...)
+CVE-2018-12332
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12331 (Authentication Bypass by Spoofing vulnerability in ECOS System ...)
+CVE-2018-12331
 	NOT-FOR-US: ECOS System Management Appliance
-CVE-2018-12330 (Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 ...)
+CVE-2018-12330
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12329 (Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 ...)
+CVE-2018-12329
 	NOT-FOR-US: ECOS Secure Boot Stick
 CVE-2018-12328
 	RESERVED
-CVE-2018-12327 (Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 ...)
+CVE-2018-12327
 	- ntp <unfixed> (unimportant)
 	NOTE: https://gist.github.com/fakhrizulkifli/9b58ed8e0354e8deee50b0eebd1c011f
 	NOTE: Negligible security impact
-CVE-2018-12326 (Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 ...)
+CVE-2018-12326
 	{DSA-4230-1 DLA-1396-1}
 	- redis 5:4.0.10-1 (bug #902410)
 	NOTE: https://gist.github.com/fakhrizulkifli/f831f40ec6cde4f744c552503d8698f0
@@ -22336,55 +22329,55 @@ CVE-2018-12325
 	RESERVED
 CVE-2018-12324
 	RESERVED
-CVE-2018-12323 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password ...)
+CVE-2018-12323
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12322 (There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in ...)
+CVE-2018-12322
 	- radare2 2.7.0+dfsg-1 (low; bug #901628)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/bbb4af56003c1afdad67af0c4339267ca38b1017
 	NOTE: https://github.com/radare/radare2/issues/10294
-CVE-2018-12321 (There is a heap out of bounds read in radare2 2.6.0 in java_switch_op() ...)
+CVE-2018-12321
 	- radare2 2.7.0+dfsg-1 (low; bug #901629)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/224e6bc13fa353dd3b7f7a2334588f1c4229e58d
 	NOTE: https://github.com/radare/radare2/issues/10296
-CVE-2018-12320 (There is a use after free in radare2 2.6.0 in r_anal_bb_free() in ...)
+CVE-2018-12320
 	- radare2 2.7.0+dfsg-1 (low; bug #901630)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/90b71c017a7fa9732fe45fd21b245ee051b1f548
 	NOTE: https://github.com/radare/radare2/issues/10293
-CVE-2018-12319 (Denial-of-service in the login page of ASUSTOR ADM 3.1.1 allows ...)
+CVE-2018-12319
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12318 (Information disclosure in the SNMP settings page in ASUSTOR ADM ...)
+CVE-2018-12318
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12317 (OS command injection in group.cgi in ASUSTOR ADM version 3.1.1 allows ...)
+CVE-2018-12317
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12316 (OS Command Injection in upload.cgi in ASUSTOR ADM version 3.1.1 allows ...)
+CVE-2018-12316
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12315 (Missing verification of a password in ASUSTOR ADM version 3.1.1 allows ...)
+CVE-2018-12315
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12314 (Directory Traversal in downloadwallpaper.cgi in ASUSTOR ADM version ...)
+CVE-2018-12314
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12313 (OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows ...)
+CVE-2018-12313
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12312 (OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows ...)
+CVE-2018-12312
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12311 (Cross-site scripting vulnerability in File Explorer in ASUSTOR ADM ...)
+CVE-2018-12311
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12310 (Cross-site scripting in the Login page in ASUSTOR ADM version 3.1.1 ...)
+CVE-2018-12310
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12309 (Directory Traversal in upload.cgi in ASUSTOR ADM version 3.1.1 allows ...)
+CVE-2018-12309
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12308 (Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 ...)
+CVE-2018-12308
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12307 (OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows ...)
+CVE-2018-12307
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12306 (Directory Traversal in File Explorer in ASUSTOR ADM version 3.1.1 ...)
+CVE-2018-12306
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12305 (Cross-site scripting in File Explorer in ASUSTOR ADM version 3.1.1 ...)
+CVE-2018-12305
 	NOT-FOR-US: ASUSTOR ADM
 CVE-2018-12304
 	RESERVED
@@ -22406,17 +22399,17 @@ CVE-2018-12296
 	RESERVED
 CVE-2018-12295
 	RESERVED
-CVE-2018-12294 (WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as ...)
+CVE-2018-12294
 	- webkit2gtk 2.20.2-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-12293 (The getImageData function in the ImageBufferCairo class in ...)
+CVE-2018-12293
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-12292 (A use-after-free vulnerability exists in ...)
+CVE-2018-12292
 	NOT-FOR-US: Pale Moon
-CVE-2018-12290 (The Yii2-StateMachine extension v2.x.x for Yii2 has XSS. ...)
+CVE-2018-12290
 	NOT-FOR-US: Yii2-StateMachine extension for Yii2
 CVE-2018-12289
 	RESERVED
@@ -22450,52 +22443,52 @@ CVE-2018-12275
 	RESERVED
 CVE-2018-12274
 	RESERVED
-CVE-2018-12273 (The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad ...)
+CVE-2018-12273
 	NOT-FOR-US: Ximdex
-CVE-2018-12272 (xowl/request.php in Ximdex 4.0 has XSS via the content parameter. ...)
+CVE-2018-12272
 	NOT-FOR-US: Ximdex
-CVE-2018-12271 (** DISPUTED ** An issue was discovered in the com.getdropbox.Dropbox ...)
+CVE-2018-12271
 	NOT-FOR-US: com.getdropbox.Dropbox app for IOS
 CVE-2018-12270
 	RESERVED
 CVE-2018-12269
 	RESERVED
-CVE-2018-12268 (acccheck.pl in acccheck 0.2.1 allows Command Injection via shell ...)
+CVE-2018-12268
 	- acccheck <unfixed> (bug #901572)
 	[stretch] - acccheck <no-dsa> (Non-free not supported)
 CVE-2018-12267
 	RESERVED
-CVE-2018-12266 (system\errors\404.php in HongCMS 3.0.0 has XSS via crafted input that ...)
+CVE-2018-12266
 	NOT-FOR-US: HongCMS
-CVE-2018-12265 (Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in ...)
+CVE-2018-12265
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4 (bug #901706)
 	NOTE: https://github.com/Exiv2/exiv2/issues/365
 	NOTE: https://github.com/Exiv2/exiv2/commit/937a1a2bd067b8b3b787f3757089d972f3a39853
-CVE-2018-12264 (Exiv2 0.26 has integer overflows in LoaderTiff::getData() in ...)
+CVE-2018-12264
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4 (bug #901707)
 	NOTE: https://github.com/Exiv2/exiv2/issues/366
 	NOTE: https://github.com/Exiv2/exiv2/commit/fe70939f54476e99046245ca69ff27012401f759
-CVE-2018-12263 (portfolioCMS 1.0.5 allows upload of arbitrary .php files via the ...)
+CVE-2018-12263
 	NOT-FOR-US: portfolioCMS
 CVE-2018-12262
 	REJECTED
-CVE-2018-12261 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. All ...)
+CVE-2018-12261
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12260 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root ...)
+CVE-2018-12260
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12259 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root ...)
+CVE-2018-12259
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12258 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom ...)
+CVE-2018-12258
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12257 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is ...)
+CVE-2018-12257
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12256 (admin/vqmods.app/vqmods.inc.php in LiteCart before 2.1.3 allows remote ...)
+CVE-2018-12256
 	NOT-FOR-US: LiteCart
-CVE-2018-12255 (An XSS issue was discovered in InvoicePlane 1.5.10 via the &quot;Quote PDF ...)
+CVE-2018-12255
 	NOT-FOR-US: InvoicePlane
-CVE-2018-12254 (router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for ...)
+CVE-2018-12254
 	NOT-FOR-US: Harmis Ek rishta component for Joomla!
 CVE-2018-12253
 	RESERVED
@@ -22505,70 +22498,70 @@ CVE-2018-12251
 	RESERVED
 CVE-2018-12250
 	RESERVED
-CVE-2018-12249 (An issue was discovered in mruby 1.4.1. There is a NULL pointer ...)
+CVE-2018-12249
 	- mruby 1.4.1+20180622+git640fca32-1 (bug #901652)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/commit/faa4eaf6803bd11669bc324b4c34e7162286bfa3
 	NOTE: https://github.com/mruby/mruby/issues/4037
-CVE-2018-12248 (An issue was discovered in mruby 1.4.1. There is a heap-based buffer ...)
+CVE-2018-12248
 	- mruby 1.4.1+20180622+git640fca32-1 (bug #901653)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/commit/778500563a9f7ceba996937dc886bd8cde29b42b
 	NOTE: https://github.com/mruby/mruby/issues/4038
-CVE-2018-12247 (An issue was discovered in mruby 1.4.1. There is a NULL pointer ...)
+CVE-2018-12247
 	- mruby <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/mruby/mruby/commit/f408143c289b8017883294f13d36d43b50c8bc5d
 	NOTE: Fixed by: https://github.com/mruby/mruby/commit/55edae0226409de25e59922807cb09acb45731a2
 	NOTE: https://github.com/mruby/mruby/issues/4036
-CVE-2018-12246 (Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a ...)
+CVE-2018-12246
 	NOT-FOR-US: Symantec
-CVE-2018-12245 (Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a ...)
+CVE-2018-12245
 	NOT-FOR-US: Symantec Endpoint Protection
 CVE-2018-12244
 	RESERVED
-CVE-2018-12243 (The Symantec Messaging Gateway product prior to 10.6.6 may be ...)
+CVE-2018-12243
 	NOT-FOR-US: Symantec
-CVE-2018-12242 (The Symantec Messaging Gateway product prior to 10.6.6 may be ...)
+CVE-2018-12242
 	NOT-FOR-US: Symantec
-CVE-2018-12241 (The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is ...)
+CVE-2018-12241
 	NOT-FOR-US: Symantec
-CVE-2018-12240 (The Norton Identity Safe product prior to 5.3.0.976 may be susceptible ...)
+CVE-2018-12240
 	NOT-FOR-US: Norton
-CVE-2018-12239 (Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to ...)
+CVE-2018-12239
 	NOT-FOR-US: Norton
-CVE-2018-12238 (Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to ...)
+CVE-2018-12238
 	NOT-FOR-US: Norton
-CVE-2018-12237 (The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to ...)
+CVE-2018-12237
 	NOT-FOR-US: Symantec Reporter CLI
 CVE-2018-12236
 	RESERVED
 CVE-2018-12235
 	RESERVED
-CVE-2018-12234 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
+CVE-2018-12234
 	NOT-FOR-US: Adrenalin HRMS Software
 CVE-2018-12231
 	RESERVED
-CVE-2018-12230 (An wrong logical check identified in the transferFrom function of a ...)
+CVE-2018-12230
 	NOT-FOR-US: smart contract implementation for RemiCoin (RMC)
-CVE-2018-12229 (Cross-site scripting (XSS) vulnerability in Public Knowledge Project ...)
+CVE-2018-12229
 	NOT-FOR-US: Public Knowledge Project (PKP) Open Journal System (OJS)
-CVE-2018-12233 (In the ea_get function in fs/jfs/xattr.c in the Linux kernel through ...)
+CVE-2018-12233
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://lkml.org/lkml/2018/6/2/2
-CVE-2018-12232 (In net/socket.c in the Linux kernel through 4.17.1, there is a race ...)
+CVE-2018-12232
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/6d8c50dcb029872b298eea68cc6209c866fd3e14
-CVE-2018-12228 (An issue was discovered in Asterisk Open Source 15.x before 15.4.1. ...)
+CVE-2018-12228
 	- asterisk <not-affected> (Only affects 15.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-007.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27807
-CVE-2018-12227 (An issue was discovered in Asterisk Open Source 13.x before 13.21.1, ...)
+CVE-2018-12227
 	{DSA-4320-1}
 	- asterisk 1:13.22.0~dfsg-1 (bug #902954)
 	[jessie] - asterisk <not-affected> (vulnerable code not present)
@@ -22578,85 +22571,85 @@ CVE-2018-12226
 	RESERVED
 CVE-2018-12225
 	RESERVED
-CVE-2018-12224 (Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* ...)
+CVE-2018-12224
 	NOT-FOR-US: Intel
-CVE-2018-12223 (Insufficient access control in User Mode Driver in Intel(R) Graphics ...)
+CVE-2018-12223
 	NOT-FOR-US: Intel
-CVE-2018-12222 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
+CVE-2018-12222
 	NOT-FOR-US: Intel
-CVE-2018-12221 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
+CVE-2018-12221
 	NOT-FOR-US: Intel
-CVE-2018-12220 (Logic bug in Kernel Mode Driver in Intel(R) Graphics Driver for ...)
+CVE-2018-12220
 	NOT-FOR-US: Intel
-CVE-2018-12219 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
+CVE-2018-12219
 	TODO: check
-CVE-2018-12218 (Unhandled exception in User Mode Driver in Intel(R) Graphics Driver ...)
+CVE-2018-12218
 	TODO: check
-CVE-2018-12217 (Insufficient access control in Kernel Mode Driver in Intel(R) Graphics ...)
+CVE-2018-12217
 	TODO: check
-CVE-2018-12216 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
+CVE-2018-12216
 	TODO: check
-CVE-2018-12215 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
+CVE-2018-12215
 	TODO: check
-CVE-2018-12214 (Potential memory corruption in Kernel Mode Driver in Intel(R) Graphics ...)
+CVE-2018-12214
 	TODO: check
-CVE-2018-12213 (Potential memory corruption in Kernel Mode Driver in Intel(R) Graphics ...)
+CVE-2018-12213
 	TODO: check
-CVE-2018-12212 (Buffer overflow in User Mode Driver in Intel(R) Graphics Driver for ...)
+CVE-2018-12212
 	TODO: check
-CVE-2018-12211 (Insufficient input validation in User Mode Driver in Intel(R) Graphics ...)
+CVE-2018-12211
 	TODO: check
-CVE-2018-12210 (Multiple pointer dereferences in User Mode Driver in Intel(R) Graphics ...)
+CVE-2018-12210
 	TODO: check
-CVE-2018-12209 (Insufficient access control in User Mode Driver in Intel(R) Graphics ...)
+CVE-2018-12209
 	TODO: check
-CVE-2018-12208 (Buffer overflow in HECI subsystem in Intel(R) CSME before versions ...)
+CVE-2018-12208
 	TODO: check
 CVE-2018-12207
 	RESERVED
-CVE-2018-12206 (Improper configuration of hardware access in Intel QuickAssist ...)
+CVE-2018-12206
 	NOT-FOR-US: Intel QuickAssist Technology for Linux
-CVE-2018-12205 (Privilege escalation vulnerability in Platform Sample/ Silicon ...)
+CVE-2018-12205
 	TODO: check
-CVE-2018-12204 (Privilege escalation vulnerability in Platform Sample/ Silicon ...)
+CVE-2018-12204
 	TODO: check
-CVE-2018-12203 (Denial of service vulnerability in Platform Sample/ Silicon Reference ...)
+CVE-2018-12203
 	TODO: check
-CVE-2018-12202 (Privilege escalation vulnerability in Platform Sample/ Silicon ...)
+CVE-2018-12202
 	TODO: check
-CVE-2018-12201 (Buffer overflow vulnerability in Platform Sample / Silicon Reference ...)
+CVE-2018-12201
 	TODO: check
-CVE-2018-12200 (Insufficient access control in Intel(R) Capability Licensing Service ...)
+CVE-2018-12200
 	TODO: check
-CVE-2018-12199 (Buffer overflow in an OS component in Intel CSME before versions ...)
+CVE-2018-12199
 	TODO: check
-CVE-2018-12198 (Insufficient input validation in Intel(R) Server Platform Services ...)
+CVE-2018-12198
 	TODO: check
 CVE-2018-12197
 	RESERVED
-CVE-2018-12196 (Insufficient input validation in Intel(R) AMT in Intel(R) CSME before ...)
+CVE-2018-12196
 	TODO: check
 CVE-2018-12195
 	RESERVED
 CVE-2018-12194
 	RESERVED
-CVE-2018-12193 (Insufficient access control in driver stack for Intel QuickAssist ...)
+CVE-2018-12193
 	NOT-FOR-US: Intel
-CVE-2018-12192 (Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, ...)
+CVE-2018-12192
 	TODO: check
-CVE-2018-12191 (Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, ...)
+CVE-2018-12191
 	TODO: check
-CVE-2018-12190 (Insufficient input validation in Intel CSME subsystem before versions ...)
+CVE-2018-12190
 	TODO: check
-CVE-2018-12189 (Unhandled exception in Content Protection subsystem in Intel CSME ...)
+CVE-2018-12189
 	TODO: check
-CVE-2018-12188 (Insufficient input validation in Intel CSME before versions 11.8.60, ...)
+CVE-2018-12188
 	TODO: check
-CVE-2018-12187 (Insufficient input validation in Intel(R) Active Management Technology ...)
+CVE-2018-12187
 	TODO: check
 CVE-2018-12186
 	RESERVED
-CVE-2018-12185 (Insufficient input validation in Intel(R) AMT in Intel(R) CSME before ...)
+CVE-2018-12185
 	TODO: check
 CVE-2018-12184
 	RESERVED
@@ -22685,66 +22678,66 @@ CVE-2018-12178 [improper DNS packet size check]
 	[jessie] - edk2 <end-of-life> (non-free is not supported)
 	NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037251.html
 	NOTE: https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd
-CVE-2018-12177 (Improper directory permissions in the ZeroConfig service in Intel(R) ...)
+CVE-2018-12177
 	NOT-FOR-US: Intel PROSet/Wireless WiFi Software
-CVE-2018-12176 (Improper input validation in firmware for Intel NUC Kits may allow a ...)
+CVE-2018-12176
 	NOT-FOR-US: Intel
-CVE-2018-12175 (Default install directory permissions in Intel Distribution for Python ...)
+CVE-2018-12175
 	NOT-FOR-US: Intel Distribution for Python
-CVE-2018-12174 (Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE ...)
+CVE-2018-12174
 	NOT-FOR-US: Intel
-CVE-2018-12173 (Insufficient access protection in firmware in Intel Server Board, ...)
+CVE-2018-12173
 	NOT-FOR-US: Intel
-CVE-2018-12172 (Improper password hashing in firmware in Intel Server Board ...)
+CVE-2018-12172
 	NOT-FOR-US: Intel
-CVE-2018-12171 (Privilege escalation in Intel Baseboard Management Controller (BMC) ...)
+CVE-2018-12171
 	NOT-FOR-US: Intel Baseboard Management Controller firmware
 CVE-2018-12170
 	RESERVED
-CVE-2018-12169 (Platform sample code firmware in 4th Generation Intel Core Processor, ...)
+CVE-2018-12169
 	NOT-FOR-US: Intel
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/unauthenticated-firmware-chain-of-trust-bypass.html
-CVE-2018-12168 (Privilege escalation in file permissions in Intel Computing ...)
+CVE-2018-12168
 	NOT-FOR-US: Intel
-CVE-2018-12167 (Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC ...)
+CVE-2018-12167
 	NOT-FOR-US: Intel
-CVE-2018-12166 (Insufficient write protection in firmware for Intel(R) Optane(TM) SSD ...)
+CVE-2018-12166
 	NOT-FOR-US: Intel
 CVE-2018-12165
 	RESERVED
 CVE-2018-12164
 	RESERVED
-CVE-2018-12163 (A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 ...)
+CVE-2018-12163
 	NOT-FOR-US: Intel IoT Developers Kit
-CVE-2018-12162 (Directory permissions in the Intel OpenVINO Toolkit for Windows before ...)
+CVE-2018-12162
 	NOT-FOR-US: Intel OpenVINO Toolkit for Windows
-CVE-2018-12161 (Insufficient session validation in the webserver component of the ...)
+CVE-2018-12161
 	NOT-FOR-US: Intel Rapid Web Server
-CVE-2018-12160 (DLL injection vulnerability in software installer for Intel Data ...)
+CVE-2018-12160
 	NOT-FOR-US: Intel
-CVE-2018-12159 (Buffer overflow in the command-line interface for Intel(R) PROSet ...)
+CVE-2018-12159
 	NOT-FOR-US: Intel
-CVE-2018-12158 (Insufficient input validation in BIOS update utility in Intel NUC FW ...)
+CVE-2018-12158
 	NOT-FOR-US: Intel
 CVE-2018-12157
 	RESERVED
 CVE-2018-12156
 	RESERVED
-CVE-2018-12155 (Data leakage in cryptographic libraries for Intel IPP before 2019 ...)
+CVE-2018-12155
 	NOT-FOR-US: Intel
-CVE-2018-12154 (Denial of Service in Unified Shader Compiler in Intel Graphics Drivers ...)
+CVE-2018-12154
 	NOT-FOR-US: Intel
-CVE-2018-12153 (Denial of Service in Unified Shader Compiler in Intel Graphics Drivers ...)
+CVE-2018-12153
 	NOT-FOR-US: Intel
-CVE-2018-12152 (Pointer corruption in Unified Shader Compiler in Intel Graphics ...)
+CVE-2018-12152
 	NOT-FOR-US: Intel
-CVE-2018-12151 (Buffer overflow in installer for Intel Extreme Tuning Utility before ...)
+CVE-2018-12151
 	NOT-FOR-US: Intel
-CVE-2018-12150 (Escalation of privilege in Installer for Intel Extreme Tuning Utility ...)
+CVE-2018-12150
 	NOT-FOR-US: Intel
-CVE-2018-12149 (Buffer overflow in input handling in Intel Extreme Tuning Utility ...)
+CVE-2018-12149
 	NOT-FOR-US: Intel
-CVE-2018-12148 (Privilege escalation in file permissions in Intel Driver and Support ...)
+CVE-2018-12148
 	NOT-FOR-US: Intel
 CVE-2018-12147
 	RESERVED
@@ -22778,7 +22771,7 @@ CVE-2018-12133
 	RESERVED
 CVE-2018-12132
 	RESERVED
-CVE-2018-12131 (Permissions in the driver pack installers for Intel NVMe before ...)
+CVE-2018-12131
 	NOT-FOR-US: Intel
 CVE-2018-12130
 	RESERVED
@@ -22794,22 +22787,22 @@ CVE-2018-12125
 	RESERVED
 CVE-2018-12124
 	RESERVED
-CVE-2018-12123 (Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and ...)
+CVE-2018-12123
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/53a6e4eb2002efc66eb9aefe24529fb63715094e
-CVE-2018-12122 (Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and ...)
+CVE-2018-12122
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/696f063c5e9157fd10859515da00fd8bd190d76d
-CVE-2018-12121 (Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and ...)
+CVE-2018-12121
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/93dba83fb0fb46ee2ea87163f435392490b4d59b
-CVE-2018-12120 (Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 ...)
+CVE-2018-12120
 	- nodejs 8.9.3~dfsg-5 (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
@@ -22821,31 +22814,31 @@ CVE-2018-12118
 	RESERVED
 CVE-2018-12117
 	RESERVED
-CVE-2018-12116 (Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request ...)
+CVE-2018-12116
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/513e9747a22386bc9c93a12f9698561827a1e631
-CVE-2018-12115 (In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when ...)
+CVE-2018-12115
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: https://github.com/nodejs/node/commit/fc14d812b7
-CVE-2018-12114 (Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user ...)
+CVE-2018-12114
 	NOT-FOR-US: Maccms
-CVE-2018-12113 (Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow ...)
+CVE-2018-12113
 	NOT-FOR-US: Core FTP LE
-CVE-2018-12112 (md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to ...)
+CVE-2018-12112
 	NOT-FOR-US: md4c
-CVE-2018-12111 (Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI ...)
+CVE-2018-12111
 	NOT-FOR-US: Canon PrintMe EFI webinterface
-CVE-2018-12110 (portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php ...)
+CVE-2018-12110
 	NOT-FOR-US: portfolioCMS
-CVE-2018-12109 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The ...)
+CVE-2018-12109
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #902196)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/513
-CVE-2018-12108 (An issue was discovered in Dropbox Lepton 1.2.1. The ...)
+CVE-2018-12108
 	- lepton <unfixed> (bug #905494)
 	NOTE: https://github.com/dropbox/lepton/issues/107
 CVE-2018-12107
@@ -22854,121 +22847,121 @@ CVE-2018-12106
 	RESERVED
 CVE-2018-12105
 	RESERVED
-CVE-2018-12104 (Cross-site scripting (XSS) vulnerability in Airbnb Knowledge Repo 0.7.4 ...)
+CVE-2018-12104
 	NOT-FOR-US: Airbnb Knowledge Repo
-CVE-2018-12103 (An issue was discovered on D-Link DIR-890L with firmware 1.21B02beta01 ...)
+CVE-2018-12103
 	NOT-FOR-US: D-Link
-CVE-2018-12102 (md4c 0.2.6 has a NULL pointer dereference in the function ...)
+CVE-2018-12102
 	NOT-FOR-US: md4c
 CVE-2018-12101
 	RESERVED
-CVE-2018-12100 (Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS ...)
+CVE-2018-12100
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-12099 (Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. ...)
+CVE-2018-12099
 	- grafana <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/grafana/grafana/pull/11813
-CVE-2018-12098 (** DISPUTED ** The liblnk_data_block_read function in ...)
+CVE-2018-12098
 	- liblnk 20180626-1 (unimportant; bug #901962)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/33
 	NOTE: https://github.com/libyal/liblnk/commit/cb7fe0c66a5a01c19f1953fc7814c4fedfdc5785
 	NOTE: https://github.com/libyal/liblnk/issues/32
 	NOTE: https://github.com/libyal/liblnk/issues/33
 	NOTE: Questionable/negligabe security impact
-CVE-2018-12097 (** DISPUTED ** The liblnk_location_information_read_data function in ...)
+CVE-2018-12097
 	- liblnk <unfixed> (unimportant; bug #901962)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/33
 	NOTE: https://github.com/libyal/liblnk/commit/cb7fe0c66a5a01c19f1953fc7814c4fedfdc5785
 	NOTE: https://github.com/libyal/liblnk/issues/32
 	NOTE: https://github.com/libyal/liblnk/issues/33
 	NOTE: Questionable/negligabe security impact
-CVE-2018-12096 (** DISPUTED ** The liblnk_data_string_get_utf8_string_size function in ...)
+CVE-2018-12096
 	- liblnk <unfixed> (unimportant; bug #901962)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/33
 	NOTE: https://github.com/libyal/liblnk/issues/32
 	NOTE: https://github.com/libyal/liblnk/issues/33
 	NOTE: Questionable/negligabe security impact
-CVE-2018-12095 (A Reflected Cross-Site Scripting web vulnerability has been discovered ...)
+CVE-2018-12095
 	NOT-FOR-US: OEcms
-CVE-2018-12094 (Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS ...)
+CVE-2018-12094
 	NOT-FOR-US: Dimofinf CMS
-CVE-2018-12093 (tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in ...)
+CVE-2018-12093
 	NOT-FOR-US: tinyexr
-CVE-2018-12092 (tinyexr 0.9.5 has a heap-based buffer over-read in ...)
+CVE-2018-12092
 	NOT-FOR-US: tinyexr
 CVE-2018-12091
 	RESERVED
-CVE-2018-12090 (There is unauthenticated reflected cross-site scripting (XSS) in LAMS ...)
+CVE-2018-12090
 	NOT-FOR-US: LAMS
-CVE-2018-12089 (In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View ...)
+CVE-2018-12089
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-12291 (The on_get_missing_events function in handlers/federation.py in Matrix ...)
+CVE-2018-12291
 	- matrix-synapse 0.31.1+dfsg-1 (bug #901293)
 	NOTE: https://github.com/matrix-org/synapse/pull/3371
 	NOTE: https://github.com/matrix-org/synapse/commit/0834b49c6a9b6c597a154d4b2dfcf8fff90699ec
 	NOTE: https://matrix.org/blog/2018/06/08/synapse-0-31-1-released/
-CVE-2018-12088 (S3QL before 2.27 mishandles checksumming, and consequently allows ...)
+CVE-2018-12088
 	- s3ql 2.27.1+dfsg-1 (low)
 	[stretch] - s3ql <ignored> (Minor issue, backports would change the file system revision rendering it unable to read older file systems)
 	[jessie] - s3ql <ignored> (Minor issue, backports would change the file system revision rendering it unable to read older file systems)
 	NOTE: https://groups.google.com/forum/#!topic/s3ql/4TzCVIMkA4o
 	NOTE: https://bitbucket.org/nikratio/s3ql/commits/85aba5c2d5c81453a73a50ed638adaeef0521020
-CVE-2018-12087 (Failure to validate certificates in OPC Foundation UA Client ...)
+CVE-2018-12087
 	NOT-FOR-US: OPC UA
-CVE-2018-12086 (Buffer overflow in OPC UA applications allows remote attackers to ...)
+CVE-2018-12086
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <ignored> (changes are too intrusive to backport)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-50.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28a7a79cac425d1b1ecf06e73add41edd2241e49
-CVE-2018-12085 (Liblouis 3.6.0 has a stack-based Buffer Overflow in the function ...)
+CVE-2018-12085
 	- liblouis 3.5.0-4 (bug #901202)
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/595
 	NOTE: https://github.com/liblouis/liblouis/commit/dbfa58bb128cae86729578ac596056b3385817ef
-CVE-2018-12084 (The mintToken function of a smart contract implementation for BitAsean ...)
+CVE-2018-12084
 	NOT-FOR-US: BitAsean
-CVE-2018-12083 (The mintToken function of a smart contract implementation for GOAL ...)
+CVE-2018-12083
 	NOT-FOR-US: GOAL
-CVE-2018-12082 (The mintToken function of a smart contract implementation for Fujinto ...)
+CVE-2018-12082
 	NOT-FOR-US: Fujinto
-CVE-2018-12081 (The mintToken function of a smart contract implementation for Target ...)
+CVE-2018-12081
 	NOT-FOR-US: Target Coin
-CVE-2018-12080 (The mintToken function of a smart contract implementation for Internet ...)
+CVE-2018-12080
 	NOT-FOR-US: Internet Node Token
-CVE-2018-12079 (The mintToken function of a smart contract implementation for ...)
+CVE-2018-12079
 	NOT-FOR-US: Substratum
-CVE-2018-12078 (The mintToken function of a smart contract implementation for PolyAI ...)
+CVE-2018-12078
 	NOT-FOR-US: PolyAI
 CVE-2018-12077
 	RESERVED
-CVE-2018-12076 (A vulnerability in the UPC bar code of the Avanti Markets MarketCard ...)
+CVE-2018-12076
 	NOT-FOR-US: Avanti Markets MarketCard
 CVE-2018-12075
 	RESERVED
 CVE-2018-12074
 	RESERVED
-CVE-2018-12073 (An issue was discovered on Eminent EM4544 9.10 devices. The device does ...)
+CVE-2018-12073
 	NOT-FOR-US: Eminent EM4544 9.10 devices
-CVE-2018-12072 (An issue was discovered in Cloud Media Popcorn A-200 ...)
+CVE-2018-12072
 	NOT-FOR-US: Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware
-CVE-2018-12071 (A Session Fixation issue exists in CodeIgniter before 3.1.9 because ...)
+CVE-2018-12071
 	- codeigniter <itp> (bug #471583)
-CVE-2018-12070 (The sell function of a smart contract implementation for SEC, a ...)
+CVE-2018-12070
 	NOT-FOR-US: SEC
 CVE-2018-12069
 	RESERVED
-CVE-2018-12068 (The sell function of a smart contract implementation for Target Coin ...)
+CVE-2018-12068
 	NOT-FOR-US: Target Coin
-CVE-2018-12067 (The sell function of a smart contract implementation for Substratum ...)
+CVE-2018-12067
 	NOT-FOR-US: Substratum
-CVE-2018-12065 (A Local File Inclusion vulnerability in /system/WCore/WHelper.php in ...)
+CVE-2018-12065
 	NOT-FOR-US: wityCMS
-CVE-2018-12064 (tinyexr 0.9.5 has a heap-based buffer over-read via ...)
+CVE-2018-12064
 	NOT-FOR-US: tinyexr
-CVE-2018-12063 (The sell function of a smart contract implementation for Internet Node ...)
+CVE-2018-12063
 	NOT-FOR-US: Internet Node Token
-CVE-2018-12062 (The sell function of a smart contract implementation for SwftCoin ...)
+CVE-2018-12062
 	NOT-FOR-US: SwfCoin
 CVE-2018-12061
 	RESERVED
@@ -22980,26 +22973,26 @@ CVE-2018-12058
 	RESERVED
 CVE-2018-12057
 	RESERVED
-CVE-2018-12056 (The maxRandom function of a smart contract implementation for All For ...)
+CVE-2018-12056
 	NOT-FOR-US: smart contract implementation for All For One
-CVE-2018-12055 (Multiple SQL Injections exist in PHP Scripts Mall Schools Alert ...)
+CVE-2018-12055
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12054 (Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management ...)
+CVE-2018-12054
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12053 (Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert ...)
+CVE-2018-12053
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12052 (SQL Injection exists in PHP Scripts Mall Schools Alert Management ...)
+CVE-2018-12052
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12051 (Arbitrary File Upload and Remote Code Execution exist in PHP Scripts ...)
+CVE-2018-12051
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
 CVE-2018-12050
 	RESERVED
-CVE-2018-13346 (The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 ...)
+CVE-2018-13346
 	{DLA-1414-1}
 	- mercurial 4.6.1-1 (bug #901050)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/faa924469635
-CVE-2018-13347 (mpatch.c in Mercurial before 4.6.1 mishandles integer addition and ...)
+CVE-2018-13347
 	{DLA-1414-1}
 	- mercurial 4.6.1-1 (bug #901050)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
@@ -23008,47 +23001,47 @@ CVE-2018-13347 (mpatch.c in Mercurial before 4.6.1 mishandles integer addition a
 	NOTE: see https://www.mercurial-scm.org/repo/hg-committed/log?rev=modifies%28%22mercurial%2Fmpatch.c%22%29+and+4.5%3A%3A
 	NOTE: upstream proposes we use OVE-20180430-0002 to cover all undefined behavior
 	NOTE: cases which the 6 patches fix
-CVE-2018-13348 (The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 ...)
+CVE-2018-13348
 	{DLA-1414-1}
 	- mercurial 4.6.1-1 (bug #901050)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/90a274965de7
-CVE-2018-12049 (** DISPUTED ** A remote attacker can bypass the System Manager Mode on ...)
+CVE-2018-12049
 	NOT-FOR-US: Canon
-CVE-2018-12048 (** DISPUTED ** A remote attacker can bypass the Management Mode on the ...)
+CVE-2018-12048
 	NOT-FOR-US: Canon
-CVE-2018-12047 (xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters ...)
+CVE-2018-12047
 	NOT-FOR-US: Ximdex
-CVE-2018-12046 (DedeCMS through 5.7SP2 allows arbitrary file write in ...)
+CVE-2018-12046
 	NOT-FOR-US: DedeCMS
-CVE-2018-12045 (DedeCMS through V5.7SP2 allows arbitrary file upload in ...)
+CVE-2018-12045
 	NOT-FOR-US: DedeCMS
 CVE-2018-12044
 	RESERVED
-CVE-2018-12043 (content/content.blueprintspages.php in Symphony 2.7.6 has XSS via the ...)
+CVE-2018-12043
 	NOT-FOR-US: Symphony CMS
-CVE-2018-12042 (Roxy Fileman through v1.4.5 has Directory traversal via the ...)
+CVE-2018-12042
 	NOT-FOR-US: Roxy Fileman
-CVE-2018-12041 (An issue was discovered on the MediaTek AWUS036NH wireless USB adapter ...)
+CVE-2018-12041
 	NOT-FOR-US: MediaTek
-CVE-2018-12040 (** DISPUTED ** Reflected Cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-12040
 	- symfony 3.4.12+dfsg-1 (unimportant)
 	NOTE: https://github.com/symfony/symfony/issues/28002
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1590702
-CVE-2018-12039 (joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary ...)
+CVE-2018-12039
 	NOT-FOR-US: joyplus-cms
-CVE-2018-12038 (An issue was discovered on Samsung 840 EVO devices. Vendor-specific ...)
+CVE-2018-12038
 	NOT-FOR-US: Samsung 840 EVO devices
-CVE-2018-12037 (An issue was discovered on Samsung 840 EVO and 850 EVO devices (only ...)
+CVE-2018-12037
 	NOT-FOR-US: Samsung
-CVE-2018-12036 (OWASP Dependency-Check before 3.2.0 allows attackers to write to ...)
+CVE-2018-12036
 	NOT-FOR-US: OWASP Dependency-Check
-CVE-2018-12035 (In YARA 3.7.1 and prior, parsing a specially crafted compiled rule ...)
+CVE-2018-12035
 	- yara 3.7.1-3 (low)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
 	NOTE: https://github.com/VirusTotal/yara/issues/891
-CVE-2018-12034 (In YARA 3.7.1 and prior, parsing a specially crafted compiled rule ...)
+CVE-2018-12034
 	- yara 3.7.1-3 (low)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -23057,11 +23050,11 @@ CVE-2018-12033
 	RESERVED
 CVE-2018-12032
 	RESERVED
-CVE-2018-12031 (Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an ...)
+CVE-2018-12031
 	NOT-FOR-US: Eaton Intelligent Power Manager
-CVE-2018-12030 (Chevereto Free before 1.0.13 has XSS. ...)
+CVE-2018-12030
 	NOT-FOR-US: Chevereto Free
-CVE-2018-12029 (A race condition in the nginx module in Phusion Passenger 3.x through ...)
+CVE-2018-12029
 	{DLA-1399-1}
 	- passenger <unfixed> (bug #921767; unimportant)
 	- ruby-passenger <removed> (unimportant)
@@ -23072,38 +23065,36 @@ CVE-2018-12029 (A race condition in the nginx module in Phusion Passenger 3.x th
 	NOTE: https://github.com/phusion/passenger/commit/9ed61bb4641ba1f5158fca3840d4e4088805b5af (release-5.3.2)
 	NOTE: https://github.com/phusion/passenger/commit/4f663c8246f529e32575d50196d11cde12a6dfda (release-5.3.3)
 	NOTE: https://pulsesecurity.co.nz/advisories/phusion-passenger-priv-esc
-CVE-2018-12028 (An Incorrect Access Control vulnerability in SpawningKit in Phusion ...)
+CVE-2018-12028
 	- passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	- ruby-passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
-CVE-2018-12027 (An Insecure Permissions vulnerability in SpawningKit in Phusion ...)
+CVE-2018-12027
 	- passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	- ruby-passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
-CVE-2018-12026 (During the spawning of a malicious Passenger-managed application, ...)
+CVE-2018-12026
 	- passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	- ruby-passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
-CVE-2018-12025 (The transferFrom function of a smart contract implementation for ...)
+CVE-2018-12025
 	NOT-FOR-US: FuturXE
 CVE-2018-12024
 	RESERVED
 CVE-2018-12023 [improper polymorphic deserialization of types from Oracle JDBC driver]
-	RESERVED
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2058
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a1
 CVE-2018-12022 [improper polymorphic deserialization of types from Jodd-db library]
-	RESERVED
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2052
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a1
-CVE-2018-12021 (Singularity 2.3.0 through 2.5.1 is affected by an incorrect access ...)
+CVE-2018-12021
 	- singularity-container 2.5.2-1
 	NOTE: https://github.com/singularityware/singularity/releases/tag/2.5.2
-CVE-2018-12020 (mainproc.c in GnuPG before 2.2.8 mishandles the original filename ...)
+CVE-2018-12020
 	{DSA-4224-1 DSA-4223-1 DSA-4222-1}
 	- enigmail 2:2.0.7-1
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
@@ -23116,27 +23107,27 @@ CVE-2018-12020 (mainproc.c in GnuPG before 2.2.8 mishandles the original filenam
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2326851c60793653069494379b16d84e4c10a0ac (STABLE-BRANCH-1-4)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/13/10
 	NOTE: https://neopg.io/blog/gpg-signature-spoof/
-CVE-2018-12019 (The signature verification routine in Enigmail before 2.0.7 interprets ...)
+CVE-2018-12019
 	- enigmail 2:2.0.7-1
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/13/10
 	NOTE: https://neopg.io/blog/enigmail-signature-spoof/
-CVE-2018-12018 (The GetBlockHeadersMsg handler in the LES protocol implementation in Go ...)
+CVE-2018-12018
 	NOT-FOR-US: Go Ethereum
 CVE-2018-12017
 	RESERVED
-CVE-2018-12016 (libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows ...)
+CVE-2018-12016
 	- epiphany-browser 3.28.3.1-1 (unimportant; bug #901018)
 	NOTE: webkit not covered by security support
-CVE-2018-12014 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-12014
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12013
 	RESERVED
 CVE-2018-12012
 	RESERVED
-CVE-2018-12011 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-12011
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-12010 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-12010
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12009
 	RESERVED
@@ -23144,7 +23135,7 @@ CVE-2018-12008
 	RESERVED
 CVE-2018-12007
 	RESERVED
-CVE-2018-12006 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-12006
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12005
 	RESERVED
@@ -23158,19 +23149,19 @@ CVE-2018-12001
 	RESERVED
 CVE-2018-12000
 	RESERVED
-CVE-2018-11999 (Improper input validation in trustzone can lead to denial of service ...)
+CVE-2018-11999
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11998 (While processing a packet decode request in MQTT, Race condition can ...)
+CVE-2018-11998
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11997
 	RESERVED
-CVE-2018-11996 (When a malformed command is sent to the device programmer, an ...)
+CVE-2018-11996
 	NOT-FOR-US: Snapdragon
-CVE-2018-11995 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11995
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11994 (SMMU secure camera logic allows secure camera controllers to access ...)
+CVE-2018-11994
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11993 (Improper check while accessing the local memory stack on MQTT ...)
+CVE-2018-11993
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11992
 	RESERVED
@@ -23180,22 +23171,22 @@ CVE-2018-11990
 	RESERVED
 CVE-2018-11989
 	RESERVED
-CVE-2018-11988 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11988
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11987 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11987
 	- linux <unfixed> (unimportant)
 	NOTE: https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=5e9ffcfa152ecb2832990c42fcd8a0f2e63c2c04
 	NOTE: https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin#_CVE-2018-11987
 	NOTE: ion not enabled in Debian build and in staging anyway
-CVE-2018-11986 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11986
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11985 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11985
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11984 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11984
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11983 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11983
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11982 (In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, ...)
+CVE-2018-11982
 	NOT-FOR-US: Snapdragon
 CVE-2018-11981
 	RESERVED
@@ -23232,17 +23223,17 @@ CVE-2018-11967
 CVE-2018-11966
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11965 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11965
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11964 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11964
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11963 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11963
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11962 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11962
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11961 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11961
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11960 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11960
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-11959
 	RESERVED
@@ -23251,7 +23242,7 @@ CVE-2018-11958
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11957
 	RESERVED
-CVE-2018-11956 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11956
 	NOT-FOR-US: Android
 CVE-2018-11955
 	RESERVED
@@ -23262,23 +23253,23 @@ CVE-2018-11953
 CVE-2018-11952
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11951 (Improper access control in core module lead XBL_LOADER performs the ZI ...)
+CVE-2018-11951
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11950 (Unapproved TrustZone applications can be loaded and executed in ...)
+CVE-2018-11950
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11949
 	RESERVED
-CVE-2018-11948 (Exceeding the limit of usage entries are not tracked and the ...)
+CVE-2018-11948
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11947
 	RESERVED
-CVE-2018-11946 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11946
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11945 (Improper input validation in wireless service messaging module for ...)
+CVE-2018-11945
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11944
 	RESERVED
-CVE-2018-11943 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11943
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11942
 	RESERVED
@@ -23288,21 +23279,21 @@ CVE-2018-11940
 	RESERVED
 CVE-2018-11939
 	RESERVED
-CVE-2018-11938 (Improper input validation for argument received from HLOS can lead to ...)
+CVE-2018-11938
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11937
 	RESERVED
 CVE-2018-11936
 	RESERVED
-CVE-2018-11935 (Improper input validation might result in incorrect app id returned to ...)
+CVE-2018-11935
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11934
 	RESERVED
 CVE-2018-11933
 	RESERVED
-CVE-2018-11932 (Improper input validation can lead RW access to secure subsystem from ...)
+CVE-2018-11932
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11931 (Improper access to HLOS is possible while transferring memory to CPZ ...)
+CVE-2018-11931
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11930
 	RESERVED
@@ -23322,13 +23313,13 @@ CVE-2018-11923
 	RESERVED
 CVE-2018-11922
 	RESERVED
-CVE-2018-11921 (Failure condition is not handled properly and the correct error code ...)
+CVE-2018-11921
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11920
 	RESERVED
-CVE-2018-11919 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11919
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11918 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11918
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11917
 	RESERVED
@@ -23336,155 +23327,155 @@ CVE-2018-11916
 	RESERVED
 CVE-2018-11915
 	RESERVED
-CVE-2018-11914 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11914
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11913 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11913
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11912 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11912
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11911 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11911
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11910 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11910
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11909 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11909
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11908 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11908
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11907 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11907
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11906 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11906
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11905 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11905
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11904 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11904
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11903 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11903
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11902 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11902
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11901
 	RESERVED
 CVE-2018-11900
 	RESERVED
-CVE-2018-11899 (While processing radio connection status change events, Radio index is ...)
+CVE-2018-11899
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11898 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11898
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11897 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11897
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11896
 	RESERVED
-CVE-2018-11895 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11895
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11894 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11894
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11893 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11893
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11892
 	RESERVED
-CVE-2018-11891 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11891
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11890
 	RESERVED
-CVE-2018-11889 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11889
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11888 (Unauthorized access may be allowed by the SCP11 Crypto Services TA ...)
+CVE-2018-11888
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11887
 	RESERVED
-CVE-2018-11886 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11886
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11885
 	RESERVED
-CVE-2018-11884 (Improper input validation leads to buffer overflow while processing ...)
+CVE-2018-11884
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11883 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11883
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11882 (Incorrect bound check can lead to potential buffer overwrite in WLAN ...)
+CVE-2018-11882
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11881
 	RESERVED
-CVE-2018-11880 (Incorrect bound check can lead to potential buffer overwrite in WLAN ...)
+CVE-2018-11880
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11879 (When the buffer length passed is very large, bounds check could be ...)
+CVE-2018-11879
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11878 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11878
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11877 (When the buffer length passed is very large in WLAN, bounds check ...)
+CVE-2018-11877
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11876 (Lack of input validation while copying to buffer in WLAN will lead to ...)
+CVE-2018-11876
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11875 (Lack of check of buffer size before copying in a WLAN function can ...)
+CVE-2018-11875
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11874 (Buffer overflow if the length of passphrase is more than 32 when ...)
+CVE-2018-11874
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11873 (Improper input validation leads to buffer overwrite in the WLAN ...)
+CVE-2018-11873
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11872 (Improper input validation leads to buffer overwrite in the WLAN ...)
+CVE-2018-11872
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11871 (Buffer overwrite can happen in WLAN function while processing set pdev ...)
+CVE-2018-11871
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11870 (Buffer overwrite can occur when the legacy rates count received from ...)
+CVE-2018-11870
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11869 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11869
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11868 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11868
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11867 (Lack of buffer length check before copying in WLAN function while ...)
+CVE-2018-11867
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11866 (Integer overflow may happen in WLAN when calculating an internal ...)
+CVE-2018-11866
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11865 (Integer overflow may happen when calculating an internal structure ...)
+CVE-2018-11865
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11864 (Bytes can be written to fuses from Secure region which can be read ...)
+CVE-2018-11864
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11863 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11863
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11862 (Buffer overflow can happen in WLAN module due to lack of validation of ...)
+CVE-2018-11862
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11861 (Buffer overflow can happen in WLAN function due to lack of validation ...)
+CVE-2018-11861
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11860 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11860
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11859 (Buffer overwrite can happen in WLAN due to lack of validation of the ...)
+CVE-2018-11859
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11858 (When processing IE set command, buffer overwrite may occur due to lack ...)
+CVE-2018-11858
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11857 (Improper input validation in WLAN encrypt/decrypt module can lead to a ...)
+CVE-2018-11857
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11856 (Improper input validation leads to buffer overwrite in the WLAN ...)
+CVE-2018-11856
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11855 (If an end user makes use of SCP11 sample OCE code without modification ...)
+CVE-2018-11855
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11854 (Lack of check of valid length of input parameter may cause buffer ...)
+CVE-2018-11854
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11853 (Lack of check on out of range for channels When processing channel ...)
+CVE-2018-11853
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11852 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11852
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11851 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11851
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11850 (Lack of check on remaining length parameter When processing scan start ...)
+CVE-2018-11850
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11849 (Lack of check on out of range of bssid parameter When processing scan ...)
+CVE-2018-11849
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11848
 	RESERVED
-CVE-2018-11847 (Malicious TA can tag QSEE kernel memory and map to EL0, there by ...)
+CVE-2018-11847
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11846 (The use of a non-time-constant memory comparison operation can lead to ...)
+CVE-2018-11846
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11845 (Usage of non-time-constant comparison functions can lead to ...)
+CVE-2018-11845
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11844
 	RESERVED
-CVE-2018-11843 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11843
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11842 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11842
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11841
 	RESERVED
-CVE-2018-11840 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11840
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11839
 	RESERVED
@@ -23492,7 +23483,7 @@ CVE-2018-11838
 	RESERVED
 CVE-2018-11837
 	RESERVED
-CVE-2018-11836 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11836
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11835
 	RESERVED
@@ -23500,7 +23491,7 @@ CVE-2018-11834
 	RESERVED
 CVE-2018-11833
 	RESERVED
-CVE-2018-11832 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11832
 	NOT-FOR-US: Android kernel, code not in mainline
 CVE-2018-11831
 	RESERVED
@@ -23508,27 +23499,27 @@ CVE-2018-11830
 	RESERVED
 CVE-2018-11829
 	RESERVED
-CVE-2018-11828 (When FW tries to get random mac address generated from new SW RNG and ...)
+CVE-2018-11828
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11827 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11827
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11826 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11826
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11825
 	RESERVED
-CVE-2018-11824 (A stack-based buffer overflow can occur in a firmware routine in ...)
+CVE-2018-11824
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11823 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11823
 	NOT-FOR-US: Android kernel, code not in mainline
-CVE-2018-11822 (A possible integer overflow may happen in WLAN during memory ...)
+CVE-2018-11822
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11821 (Possible integer overflow may happen in WLAN during memory allocation ...)
+CVE-2018-11821
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11820 (Use of non-time constant memcmp function creates side channel that ...)
+CVE-2018-11820
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11819
 	RESERVED
-CVE-2018-11818 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11818
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11817
 	RESERVED
@@ -23538,38 +23529,38 @@ CVE-2018-11816
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11815
 	RESERVED
-CVE-2018-12066 (BIRD Internet Routing Daemon before 1.6.4 allows local users to cause a ...)
+CVE-2018-12066
 	- bird 1.6.4-1 (low; bug #900967)
 	[stretch] - bird <no-dsa> (Minor issue)
 	[jessie] - bird <no-dsa> (Minor issue)
 	NOTE: https://gitlab.labs.nic.cz/labs/bird/blob/v1.6.4/NEWS#L11
 	NOTE: Fixed by: https://gitlab.labs.nic.cz/labs/bird/commit/e8bc64e308586b6502090da2775af84cd760ed0d
-CVE-2018-1002209 (QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing ...)
+CVE-2018-1002209
 	- libquazip 0.7.6-1 (bug #902786)
 	[stretch] - libquazip <no-dsa> (Minor issue)
 	[jessie] - libquazip <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1593011
-CVE-2018-1002204 (adm-zip npm library before 0.4.9 is vulnerable to directory traversal, ...)
+CVE-2018-1002204
 	NOT-FOR-US: adm-zip nodejs module
-CVE-2018-1002202 (zip4j before 1.3.3 is vulnerable to directory traversal, allowing ...)
+CVE-2018-1002202
 	NOT-FOR-US: zip4j
-CVE-2018-1002201 (zt-zip before 1.13 is vulnerable to directory traversal, allowing ...)
+CVE-2018-1002201
 	NOT-FOR-US: zt-zip
-CVE-2018-1002200 (plexus-archiver before 3.6.0 is vulnerable to directory traversal, ...)
+CVE-2018-1002200
 	{DSA-4227-1}
 	- plexus-archiver 3.6.0-1 (bug #900953)
 	NOTE: https://github.com/codehaus-plexus/plexus-archiver/pull/87
 	NOTE: https://github.com/codehaus-plexus/plexus-archiver/commit/58bc24e465c0842981692adbf6d75680298989de
-CVE-2018-1000204 (** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles ...)
+CVE-2018-1000204
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	NOTE: Fixed by: https://git.kernel.org/linus/a45b599ad808c3c982fdcdc12b0b8611c2f92824
-CVE-2018-1000203 (Soar Labs Soar Coin version up to and including git commit ...)
+CVE-2018-1000203
 	NOT-FOR-US: Soar Labs Soar Coin
 CVE-2018-11814
 	RESERVED
-CVE-2018-11813 (libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles ...)
+CVE-2018-11813
 	- libjpeg9 <unfixed> (low; bug #904719)
 CVE-2018-11812
 	RESERVED
@@ -23579,62 +23570,62 @@ CVE-2018-11810
 	RESERVED
 CVE-2018-11809
 	RESERVED
-CVE-2018-11808 (Incorrect Access Control in CustomFieldsFeedServlet in Zoho ...)
+CVE-2018-11808
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
 CVE-2018-11807
 	RESERVED
-CVE-2018-11806 (m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via ...)
+CVE-2018-11806
 	- qemu 1:3.1+dfsg-1 (bug #901017)
 	[stretch] - qemu <postponed> (Minor issue, wait until more severe issues are around)
 	[jessie] - qemu <postponed> (Minor issue, wait until more severe issues are around)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=864036e251f54c99d31df124aad7f34f01f5344c
-CVE-2018-1000202 (A persisted cross-site scripting vulnerability exists in Jenkins ...)
+CVE-2018-1000202
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000198 (A XML external entity processing vulnerability exists in Jenkins Black ...)
+CVE-2018-1000198
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000197 (An improper authorization vulnerability exists in Jenkins Black Duck ...)
+CVE-2018-1000197
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000196 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000196
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000195 (A server-side request forgery vulnerability exists in Jenkins 2.120 ...)
+CVE-2018-1000195
 	NOT-FOR-US: Jenkins
-CVE-2018-1000194 (A path traversal vulnerability exists in Jenkins 2.120 and older, LTS ...)
+CVE-2018-1000194
 	NOT-FOR-US: Jenkins
-CVE-2018-1000193 (A improper neutralization of control sequences vulnerability exists in ...)
+CVE-2018-1000193
 	NOT-FOR-US: Jenkins
-CVE-2018-12015 (In Perl through 5.26.2, the Archive::Tar module allows remote attackers ...)
+CVE-2018-12015
 	{DSA-4226-1}
 	- perl 5.26.2-6 (bug #900834)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=125523
 	NOTE: https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5
-CVE-2018-1000192 (A information exposure vulnerability exists in Jenkins 2.120 and ...)
+CVE-2018-1000192
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000191 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000191
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000190 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000190
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000189 (A command execution vulnerability exists in Jenkins Absint Astree ...)
+CVE-2018-1000189
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000188 (A server-side request forgery vulnerability exists in Jenkins CAS ...)
+CVE-2018-1000188
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000187 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000187
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000186 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000186
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000185 (A server-side request forgery vulnerability exists in Jenkins GitHub ...)
+CVE-2018-1000185
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000184 (A server-side request forgery vulnerability exists in Jenkins GitHub ...)
+CVE-2018-1000184
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000183 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000183
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000182 (A server-side request forgery vulnerability exists in Jenkins Git ...)
+CVE-2018-1000182
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-11805
 	RESERVED
-CVE-2018-11804 (Spark's Apache Maven-based build includes a convenience script, ...)
+CVE-2018-11804
 	NOT-FOR-US: Apache Spark
-CVE-2018-11803 (Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and ...)
+CVE-2018-11803
 	- subversion 1.10.4-1
 	[stretch] - subversion <not-affected> (Vulnerable code introduced in 1.10.0)
 	[jessie] - subversion <not-affected> (Vulnerable code introduced in 1.10.0)
@@ -23646,14 +23637,14 @@ CVE-2018-11801
 	RESERVED
 CVE-2018-11800
 	RESERVED
-CVE-2018-11799 (Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 ...)
+CVE-2018-11799
 	NOT-FOR-US: Apache Oozie
-CVE-2018-11798 (The Apache Thrift Node.js static web server in versions 0.9.2 through ...)
+CVE-2018-11798
 	- thrift 0.11.0-4 (unimportant; bug #918734)
 	NOTE: https://issues.apache.org/jira/browse/THRIFT-4647
 	NOTE: https://github.com/apache/thrift/commit/2a2b72f6c8aef200ecee4984f011e06052288ff2
 	NOTE: src:thrift in Debian configured with --without-nodejs
-CVE-2018-11797 (In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully ...)
+CVE-2018-11797
 	{DLA-1547-1}
 	- libpdfbox-java 1:1.8.16-1 (bug #910390)
 	[stretch] - libpdfbox-java <no-dsa> (Minor issue)
@@ -23661,7 +23652,7 @@ CVE-2018-11797 (In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a caref
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/05/4
 	NOTE: https://svn.apache.org/r1842131 (branch 2.0)
 	NOTE: https://svn.apache.org/r1842278 (branch 1.8)
-CVE-2018-11796 (In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion ...)
+CVE-2018-11796
 	- tika <not-affected> (Incomplete fix for CVE-2018-11761 not applied)
 	NOTE: https://lists.apache.org/thread.html/88de8350cda9b184888ec294c813c5bd8a2081de8fd3666f8904bc05@%3Cdev.tika.apache.org%3E
 	NOTE: https://issues.apache.org/jira/projects/TIKA/issues/TIKA-2727
@@ -23670,27 +23661,27 @@ CVE-2018-11795
 	REJECTED
 CVE-2018-11794
 	REJECTED
-CVE-2018-11793 (When parsing a JSON payload with deeply nested JSON structures, the ...)
+CVE-2018-11793
 	- apache-mesos <itp> (bug #760315)
-CVE-2018-11792 (In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER ...)
+CVE-2018-11792
 	NOT-FOR-US: Apache Impala
 CVE-2018-11791
 	REJECTED
-CVE-2018-11790 (When loading a document with Apache Open Office 4.1.5 and earlier with ...)
+CVE-2018-11790
 	- libreoffice 1:4.0.3-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/16/2
 	NOTE: https://github.com/LibreOffice/core/commit/bbc94edb9a91b27910d43610db9994df10dd99e1
 CVE-2018-11789
-	RESERVED
-CVE-2018-11788 (Apache Karaf provides a features deployer, which allows users to &quot;hot ...)
+	TODO: check
+CVE-2018-11788
 	- apache-karaf <itp> (bug #881297)
-CVE-2018-11787 (In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the ...)
+CVE-2018-11787
 	- apache-karaf <itp> (bug #881297)
-CVE-2018-11786 (In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf ...)
+CVE-2018-11786
 	- apache-karaf <itp> (bug #881297)
-CVE-2018-11785 (Missing authorization check in Apache Impala before 3.0.1 allows a ...)
+CVE-2018-11785
 	NOT-FOR-US: Apache Impala
-CVE-2018-11784 (When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, ...)
+CVE-2018-11784
 	{DLA-1545-1 DLA-1544-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.34-1
@@ -23703,33 +23694,33 @@ CVE-2018-11784 (When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9
 	NOTE: https://svn.apache.org/r1840055 (9.0.x)
 	NOTE: https://svn.apache.org/r1840056 (8.5.x)
 	NOTE: https://svn.apache.org/r1840057 (7.0.x)
-CVE-2018-11783 (sslheaders plugin extracts information from the client certificate and ...)
+CVE-2018-11783
 	- trafficserver 8.0.2+ds-1
 	[stretch] - trafficserver <postponed> (Minor issue, experimental plugin, will be fixed along in next DSA)
 	NOTE: https://github.com/apache/trafficserver/pull/4701
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/13/6
 CVE-2018-11782
 	RESERVED
-CVE-2018-11781 (Apache SpamAssassin 3.4.2 fixes a local user code injection in the ...)
+CVE-2018-11781
 	{DLA-1578-1}
 	- spamassassin 3.4.2-1 (bug #908971)
 	[stretch] - spamassassin 3.4.2-1~deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/16/1
-CVE-2018-11780 (A potential Remote Code Execution bug exists with the PDFInfo plugin ...)
+CVE-2018-11780
 	{DLA-1578-1}
 	- spamassassin 3.4.2-1 (bug #908970)
 	[stretch] - spamassassin 3.4.2-1~deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/16/1
 CVE-2018-11779
 	RESERVED
-CVE-2018-11778 (UnixAuthenticationService in Apache Ranger 1.2.0 was updated to ...)
+CVE-2018-11778
 	NOT-FOR-US: Apache Ranger
-CVE-2018-11777 (In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on ...)
+CVE-2018-11777
 	NOT-FOR-US: Apache Hive
-CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from ...)
+CVE-2018-11776
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057
-CVE-2018-11775 (TLS hostname verification when using the Apache ActiveMQ Client before ...)
+CVE-2018-11775
 	- activemq 5.15.6-1 (low; bug #908950)
 	[stretch] - activemq <no-dsa> (Minor issue)
 	[jessie] - activemq <no-dsa> (Minor issue)
@@ -23743,55 +23734,54 @@ CVE-2018-11773
 	RESERVED
 CVE-2018-11772
 	RESERVED
-CVE-2018-11771 (When reading a specially crafted ZIP archive, the read method of ...)
+CVE-2018-11771
 	- libcommons-compress-java 1.18-1 (bug #906301)
 	[stretch] - libcommons-compress-java <no-dsa> (Minor issue)
 	[jessie] - libcommons-compress-java <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/16/2
-CVE-2018-11770 (From version 1.3.0 onward, Apache Spark's standalone master exposes a ...)
+CVE-2018-11770
 	NOT-FOR-US: Apache Spark
-CVE-2018-11769 (CouchDB administrative users before 2.2.0 can configure the database ...)
+CVE-2018-11769
 	- couchdb <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/08/2
 CVE-2018-11768
 	RESERVED
 CVE-2018-11767
-	RESERVED
 	- hadoop <itp> (bug #793644)
-CVE-2018-11766 (In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is ...)
+CVE-2018-11766
 	- hadoop <itp> (bug #793644)
 CVE-2018-11765
 	RESERVED
 CVE-2018-11764
 	RESERVED
-CVE-2018-11763 (In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large ...)
+CVE-2018-11763
 	- apache2 2.4.35-1 (bug #909591)
 	[stretch] - apache2 2.4.25-3+deb9u6
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-11763
-CVE-2018-11762 (In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not ...)
+CVE-2018-11762
 	- tika 1.20-1
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/5
-CVE-2018-11761 (In Apache Tika 0.1 to 1.18, the XML parsers were not configured to ...)
+CVE-2018-11761
 	- tika 1.20-1
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/4
 	NOTE: When fixing this issue the fix needs to be made complete to not open
 	NOTE: CVE-2018-11796. The full fix is only in 1.19.1 onwards.
-CVE-2018-11760 (When using PySpark , it's possible for a different local user to ...)
+CVE-2018-11760
 	NOT-FOR-US: Apache Spark
-CVE-2018-11759 (The Apache Web Server (httpd) specific code that normalised the ...)
+CVE-2018-11759
 	{DSA-4357-1 DLA-1609-1}
 	- libapache-mod-jk 1:1.2.46-1
 	NOTE: https://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.46
 	NOTE: https://www.immunit.ch/blog/2018/11/01/cve-2018-11759-apache-mod_jk-access-bypass/
-CVE-2018-11758 (This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, ...)
+CVE-2018-11758
 	NOT-FOR-US: Apache Cayenne
-CVE-2018-11757 (In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action ...)
+CVE-2018-11757
 	NOT-FOR-US: Docker Skeleton Runtime for Apache OpenWhisk
-CVE-2018-11756 (In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of ...)
+CVE-2018-11756
 	NOT-FOR-US: PHP Runtime for Apache OpenWhisk
 CVE-2018-11755
 	RESERVED
@@ -23799,63 +23789,63 @@ CVE-2018-11754
 	RESERVED
 CVE-2018-11753
 	RESERVED
-CVE-2018-11752 (Previous releases of the Puppet cisco_ios module output SSH session ...)
+CVE-2018-11752
 	NOT-FOR-US: cisco_ios Puppet module
 CVE-2018-11751
 	RESERVED
-CVE-2018-11750 (Previous releases of the Puppet cisco_ios module did not validate a ...)
+CVE-2018-11750
 	NOT-FOR-US: cisco_ios Puppet module
-CVE-2018-11749 (When users are configured to use startTLS with RBAC LDAP, at login ...)
+CVE-2018-11749
 	- puppet <not-affected> (RBAC is specific to Puppet Enterprise)
-CVE-2018-11748 (Previous releases of the Puppet device_manager module creates ...)
+CVE-2018-11748
 	NOT-FOR-US: Puppet device_manager module
 CVE-2018-11747
-	RESERVED
-CVE-2018-11746 (In Puppet Discovery prior to 1.2.0, when running Discovery against ...)
+	TODO: check
+CVE-2018-11746
 	NOT-FOR-US: Puppet Discovery
 CVE-2018-11745
 	RESERVED
 CVE-2018-11744
 	RESERVED
-CVE-2018-11743 (The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy ...)
+CVE-2018-11743
 	- mruby 1.4.1+20180622+git640fca32-1 (bug #900845)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/commit/b64ce17852b180dfeea81cf458660be41a78974d
 	NOTE: https://github.com/mruby/mruby/issues/4027
-CVE-2018-11742 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password ...)
+CVE-2018-11742
 	NOT-FOR-US: NEC Univerge Sv9100 WebPro devices
-CVE-2018-11741 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session ...)
+CVE-2018-11741
 	NOT-FOR-US: NEC Univerge Sv9100 WebPro devices
-CVE-2018-11740 (An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from ...)
+CVE-2018-11740
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1264
-CVE-2018-11739 (An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from ...)
+CVE-2018-11739
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1267
-CVE-2018-11738 (An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from ...)
+CVE-2018-11738
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1265
-CVE-2018-11737 (An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from ...)
+CVE-2018-11737
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1266
-CVE-2018-1000201 (ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can ...)
+CVE-2018-1000201
 	- ruby-ffi <not-affected> (Windows-specific)
-CVE-2018-11736 (An issue was discovered in Pluck before 4.7.7-dev2. ...)
+CVE-2018-11736
 	NOT-FOR-US: Pluck CMS
-CVE-2018-11735 (index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or ...)
+CVE-2018-11735
 	NOT-FOR-US: Ximdex
 CVE-2018-11734
 	RESERVED
@@ -23863,184 +23853,184 @@ CVE-2018-11733
 	RESERVED
 CVE-2018-11732
 	RESERVED
-CVE-2018-11731 (** DISPUTED ** The libfsntfs_mft_entry_read_attributes function in ...)
+CVE-2018-11731
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11730 (** DISPUTED ** The libfsntfs_security_descriptor_values_free function ...)
+CVE-2018-11730
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11729 (** DISPUTED ** The libfsntfs_mft_entry_read_header function in ...)
+CVE-2018-11729
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11728 (** DISPUTED ** The libfsntfs_reparse_point_values_read_data function ...)
+CVE-2018-11728
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11727 (** DISPUTED ** The libfsntfs_attribute_read_from_mft function in ...)
+CVE-2018-11727
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11726 (The mobi_decode_font_resource function in util.c in Libmobi 0.3 allows ...)
+CVE-2018-11726
 	NOT-FOR-US: Libmobi
-CVE-2018-11725 (The mobi_parse_index_entry function in index.c in Libmobi 0.3 allows ...)
+CVE-2018-11725
 	NOT-FOR-US: Libmobi
-CVE-2018-11724 (The mobi_pk1_decrypt function in encryption.c in Libmobi 0.3 allows ...)
+CVE-2018-11724
 	NOT-FOR-US: Libmobi
-CVE-2018-11723 (** DISPUTED ** The libpff_name_to_id_map_entry_read function in ...)
+CVE-2018-11723
 	- libpff 20180714-1 (low; bug #901967)
 	[stretch] - libpff <no-dsa> (Minor issue)
 	[jessie] - libpff <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/15
 	NOTE: https://github.com/libyal/libpff/issues/64
 	NOTE: https://github.com/libyal/libpff/commit/7b92bcace7e743cc9417e3cc3e4eee29abb70cf5
-CVE-2018-11722 (WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' ...)
+CVE-2018-11722
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-11721
 	RESERVED
-CVE-2018-11720 (Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow Directory ...)
+CVE-2018-11720
 	NOT-FOR-US: Xovis
-CVE-2018-11719 (Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE. ...)
+CVE-2018-11719
 	NOT-FOR-US: Xovis
-CVE-2018-11718 (Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow CSRF. ...)
+CVE-2018-11718
 	NOT-FOR-US: Xovis
-CVE-2018-11717 (An issue was discovered in Zoho ManageEngine Desktop Central before ...)
+CVE-2018-11717
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-11716 (An issue was discovered in Zoho ManageEngine Desktop Central before ...)
+CVE-2018-11716
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-11715 (The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread ...)
+CVE-2018-11715
 	NOT-FOR-US: Recent Threads plugin for MyBB
-CVE-2018-11714 (An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 ...)
+CVE-2018-11714
 	NOT-FOR-US: TP-Link
-CVE-2018-11713 (WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the ...)
+CVE-2018-11713
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=126384
 	NOTE: https://trac.webkit.org/changeset/228088/webkit
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-11712 (WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the ...)
+CVE-2018-11712
 	- webkit2gtk 2.20.2-1 (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=184804
 	NOTE: https://trac.webkit.org/changeset/230886/webkit
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-11711 (** DISPUTED ** A remote attacker can bypass the System Manager Mode on ...)
+CVE-2018-11711
 	NOT-FOR-US: Canon MF210 and MF220 web interface
-CVE-2018-11710 (soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers ...)
+CVE-2018-11710
 	- libopenmpt 0.3.9-1
 	[stretch] - libopenmpt <no-dsa> (Minor issue)
 	NOTE: https://lib.openmpt.org/libopenmpt/2018/04/29/security-updates-0.3.9-0.2-beta32-0.2.7561-beta20.5-p9-0.2.7386-beta20.3-p12/
 	NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision&rev=10149&peg=10150
-CVE-2018-11709 (wpforo_get_request_uri in wpf-includes/functions.php in the wpForo ...)
+CVE-2018-11709
 	NOT-FOR-US: wpForo Forum plugin for WordPress
 CVE-2018-11708
 	RESERVED
-CVE-2018-1002101 (In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, ...)
+CVE-2018-1002101
 	- kubernetes <unfixed>
 	NOTE: https://github.com/kubernetes/kubernetes/issues/65750
-CVE-2018-11707 (FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at ...)
+CVE-2018-11707
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11706 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, ...)
+CVE-2018-11706
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11705 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, ...)
+CVE-2018-11705
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11704 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, ...)
+CVE-2018-11704
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11703 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, ...)
+CVE-2018-11703
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11702 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, ...)
+CVE-2018-11702
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11701 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, ...)
+CVE-2018-11701
 	NOT-FOR-US: FastStone Image Viewer
 CVE-2018-11700
 	RESERVED
 CVE-2018-11699
 	RESERVED
-CVE-2018-11698 (An issue was discovered in LibSass through 3.5.4. An out-of-bounds read ...)
+CVE-2018-11698
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2662
-CVE-2018-11697 (An issue was discovered in LibSass through 3.5.4. An out-of-bounds read ...)
+CVE-2018-11697
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2656
 	NOTE: https://github.com/sass/libsass/commit/eb15533b07773c30dc03c9d742865604f47120ef
-CVE-2018-11696 (An issue was discovered in LibSass through 3.5.4. A NULL pointer ...)
+CVE-2018-11696
 	- libsass 3.5.5-1
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2665
 	NOTE: https://github.com/sass/libsass/commit/38f4c3699d06b64128bebc7cf1e8b3125be74dc4
-CVE-2018-11695 (An issue was discovered in LibSass through 3.5.2. A NULL pointer ...)
+CVE-2018-11695
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2664
-CVE-2018-11694 (An issue was discovered in LibSass through 3.5.4. A NULL pointer ...)
+CVE-2018-11694
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2663
-CVE-2018-11693 (An issue was discovered in LibSass through 3.5.4. An out-of-bounds read ...)
+CVE-2018-11693
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2661
-CVE-2018-11692 (** DISPUTED ** An issue was discovered on Canon LBP6650, LBP3370, ...)
+CVE-2018-11692
 	NOT-FOR-US: Canon devices
 CVE-2018-11691
 	RESERVED
-CVE-2018-11690 (The Balbooa Gridbox extension version 2.4.0 and previous versions for ...)
+CVE-2018-11690
 	NOT-FOR-US: Balbooa Gridbox extension for Joomla!
-CVE-2018-11689 (Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable to ...)
+CVE-2018-11689
 	NOT-FOR-US: Smart Viewer in Samsung Web Viewer for Samsung DVR
-CVE-2018-11688 (Ignite Realtime Openfire 3.7.1 is vulnerable to cross-site scripting, ...)
+CVE-2018-11688
 	NOT-FOR-US: Ignite Realtime Openfire
-CVE-2018-11687 (An integer overflow in the distributeBTR function of a smart contract ...)
+CVE-2018-11687
 	NOT-FOR-US: smart contract implementation for Bitcoin Red (BTCR)
 CVE-2018-11686
 	RESERVED
-CVE-2018-11685 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
+CVE-2018-11685
 	- liblouis 3.5.0-3
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/593
 	NOTE: https://github.com/liblouis/liblouis/commit/b5049cb17ae3d15b2b26890de0e24d0fecc080f5
-CVE-2018-11684 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
+CVE-2018-11684
 	- liblouis 3.5.0-3
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/592
 	NOTE: https://github.com/liblouis/liblouis/commit/fb2bfce4ed49ac4656a8f7e5b5526e4838da1dde
-CVE-2018-11683 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
+CVE-2018-11683
 	- liblouis 3.5.0-3
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/591
 	NOTE: https://github.com/liblouis/liblouis/commit/e7eee2b7926668360a0d8e2abee6c35a00ebce3c
 	NOTE: https://github.com/liblouis/liblouis/commit/d4fc803687e38a5355fb686bf98cc082951f3043
-CVE-2018-11682 (Default and unremovable support credentials allow attackers to gain ...)
+CVE-2018-11682
 	NOT-FOR-US: products using the Stanza Lutron integration protocol
-CVE-2018-11681 (Default and unremovable support credentials (user:nwk password:nwk2) ...)
+CVE-2018-11681
 	NOT-FOR-US: products using the RadioRA 2 Lutron integration protocol
-CVE-2018-11680 (An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF ...)
+CVE-2018-11680
 	NOT-FOR-US: CmsEasy
-CVE-2018-11679 (An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF ...)
+CVE-2018-11679
 	NOT-FOR-US: CmsEasy
-CVE-2018-11678 (plugins/box/users/users.plugin.php in Monstra CMS 3.0.4 allows Login ...)
+CVE-2018-11678
 	NOT-FOR-US: Monstra CMS
 CVE-2018-11677
 	RESERVED
@@ -24054,9 +24044,9 @@ CVE-2018-11673
 	RESERVED
 CVE-2018-11672
 	RESERVED
-CVE-2018-11671 (An issue was discovered in GreenCMS v2.3.0603. There is a CSRF ...)
+CVE-2018-11671
 	NOT-FOR-US: GreenCMS
-CVE-2018-11670 (An issue was discovered in GreenCMS v2.3.0603. There is a CSRF ...)
+CVE-2018-11670
 	NOT-FOR-US: GreenCMS
 CVE-2018-11669
 	RESERVED
@@ -24082,36 +24072,36 @@ CVE-2018-11659
 	RESERVED
 CVE-2018-11658
 	RESERVED
-CVE-2018-11657 (ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg ...)
+CVE-2018-11657
 	NOT-FOR-US: ngiflib
-CVE-2018-11656 (In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was ...)
+CVE-2018-11656
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/931
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4da2cd650532ffd18fa11578fc2ec7c2467727bb
-CVE-2018-11655 (In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was ...)
+CVE-2018-11655
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/930
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a7414b7322201a9c8a5cacf563f08468c329b4b1
-CVE-2018-11654 (Information disclosure in Netwave IP camera at get_status.cgi (via ...)
+CVE-2018-11654
 	NOT-FOR-US: Netwave IP camera
-CVE-2018-11653 (Information disclosure in Netwave IP camera at //etc/RT2870STA.dat ...)
+CVE-2018-11653
 	NOT-FOR-US: Netwave IP camera
-CVE-2018-11652 (CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote ...)
+CVE-2018-11652
 	- nikto 1:2.1.5-3 (bug #900608)
 	[stretch] - nikto <no-dsa> (non-free not supported)
 	[jessie] - nikto <no-dsa> (non-free not supported)
 	NOTE: https://github.com/sullo/nikto/commit/e759b3300aace5314fe3d30800c8bd83c81c29f7
-CVE-2018-11651 (Graylog before v2.4.4 has an XSS security issue with unescaped text in ...)
+CVE-2018-11651
 	- graylog2 <itp> (bug #652273)
-CVE-2018-11650 (Graylog before v2.4.4 has an XSS security issue with unescaped text in ...)
+CVE-2018-11650
 	- graylog2 <itp> (bug #652273)
-CVE-2018-11649 (Hue 3.12 has XSS via the /pig/save/ name and script parameters. ...)
+CVE-2018-11649
 	NOT-FOR-US: Hue
 CVE-2018-11648
 	RESERVED
-CVE-2018-11647 (index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL. ...)
+CVE-2018-11647
 	NOT-FOR-US: oauth2orize-fprm
-CVE-2018-11646 (webkitFaviconDatabaseSetIconForPageURL and ...)
+CVE-2018-11646
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=186164
 	NOTE: Was found while investigting CVE-2018-11396 in epiphany, cf.
@@ -24119,53 +24109,53 @@ CVE-2018-11646 (webkitFaviconDatabaseSetIconForPageURL and ...)
 	NOTE: different issue.
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-11645 (psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status ...)
+CVE-2018-11645
 	{DSA-4336-1 DLA-1504-1}
 	- ghostscript 9.21~dfsg-1 (low)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697193
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b60d50b7567369ad856cebe1efb6cd7dd2284219 (9.21rc1)
 CVE-2018-11644
 	RESERVED
-CVE-2018-11643 (SQL injection vulnerability in the administrative console in Dialogic ...)
+CVE-2018-11643
 	NOT-FOR-US: Dialogic
-CVE-2018-11642 (Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell ...)
+CVE-2018-11642
 	NOT-FOR-US: Dialogic
-CVE-2018-11641 (Use of Hard-coded Credentials in ...)
+CVE-2018-11641
 	NOT-FOR-US: Dialogic
-CVE-2018-11640 (XML External Entity (XXE) vulnerability in the web service in Dialogic ...)
+CVE-2018-11640
 	NOT-FOR-US: Dialogic
-CVE-2018-11639 (Plaintext Storage of Passwords within Cookies in ...)
+CVE-2018-11639
 	NOT-FOR-US: Dialogic
-CVE-2018-11638 (Unrestricted Upload of a File with a Dangerous Type in the ...)
+CVE-2018-11638
 	NOT-FOR-US: Dialogic
-CVE-2018-11637 (Information leakage vulnerability in the administrative console in ...)
+CVE-2018-11637
 	NOT-FOR-US: Dialogic
-CVE-2018-11636 (Cross-site request forgery (CSRF) vulnerability in the administrative ...)
+CVE-2018-11636
 	NOT-FOR-US: Dialogic
-CVE-2018-11635 (Use of a Hard-coded Cryptographic Key used to protect cookie session ...)
+CVE-2018-11635
 	NOT-FOR-US: Dialogic
-CVE-2018-11634 (Plaintext Storage of Passwords in the administrative console in ...)
+CVE-2018-11634
 	NOT-FOR-US: Dialogic
-CVE-2018-11633 (An issue was discovered in the MULTIDOTS Woo Checkout for Digital Goods ...)
+CVE-2018-11633
 	NOT-FOR-US: MULTIDOTS Woo Checkout for Digital Goods plugin for WordPress
-CVE-2018-11632 (An issue was discovered in the MULTIDOTS Add Social Share Messenger ...)
+CVE-2018-11632
 	NOT-FOR-US: MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber plugin for WordPress
-CVE-2018-11631 (Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to ...)
+CVE-2018-11631
 	NOT-FOR-US: Rondaful M1 Wristband Smart Band 1 devices
 CVE-2018-11630
 	RESERVED
-CVE-2018-11629 (Default and unremovable support credentials (user:lutron ...)
+CVE-2018-11629
 	NOT-FOR-US: products using the HomeWorks QS Lutron integration protocol
-CVE-2018-11628 (Data input into EMS Master Calendar before 8.0.0.201805210 via URL ...)
+CVE-2018-11628
 	NOT-FOR-US: EMS Master Calendar
-CVE-2018-11627 (Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs ...)
+CVE-2018-11627
 	- ruby-sinatra <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/sinatra/sinatra/issues/1428
 	NOTE: Introduced by: https://github.com/sinatra/sinatra/commit/8f8df53ff29938ace79b31097c27d9cdac803b44
 	NOTE: Fixed by: https://github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a
-CVE-2018-11626 (SELA (aka SimplE Lossless Audio) v0.1.2-alpha has a stack-based buffer ...)
+CVE-2018-11626
 	NOT-FOR-US: SELA
-CVE-2018-11625 (In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file ...)
+CVE-2018-11625
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
@@ -24173,32 +24163,32 @@ CVE-2018-11625 (In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/5294966898532a6bd54699fbf04edf18902513ac
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/406ebfe09b62858b17ab3ee11f67171d43d9a76e
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1156
-CVE-2018-11624 (In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c ...)
+CVE-2018-11624
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/172d82afe89d3499ef0cab06dc58d380cc1ab946
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1149
-CVE-2018-11623 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-11623
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11622 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-11622
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11621 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-11621
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11620 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-11620
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11619 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-11619
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11618 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-11618
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11617 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-11617
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11616 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-11616
 	NOT-FOR-US: Tencent Foxmail
-CVE-2018-11615 (This vulnerability allows remote attackers to deny service on ...)
+CVE-2018-11615
 	NOT-FOR-US: mosca
-CVE-2018-11614 (This vulnerability allows remote attackers to escalate privileges on ...)
+CVE-2018-11614
 	NOT-FOR-US: Samsung Members Fixed
 CVE-2018-11613
 	RESERVED
@@ -24230,58 +24220,58 @@ CVE-2018-11600
 	RESERVED
 CVE-2018-11599
 	RESERVED
-CVE-2018-11598 (Espruino before 1.99 allows attackers to cause a denial of service ...)
+CVE-2018-11598
 	NOT-FOR-US: Espruino
-CVE-2018-11597 (Espruino before 1.99 allows attackers to cause a denial of service ...)
+CVE-2018-11597
 	NOT-FOR-US: Espruino
-CVE-2018-11596 (Espruino before 1.99 allows attackers to cause a denial of service ...)
+CVE-2018-11596
 	NOT-FOR-US: Espruino
-CVE-2018-11595 (Espruino before 1.99 allows attackers to cause a denial of service ...)
+CVE-2018-11595
 	NOT-FOR-US: Espruino
-CVE-2018-11594 (Espruino before 1.99 allows attackers to cause a denial of service ...)
+CVE-2018-11594
 	NOT-FOR-US: Espruino
-CVE-2018-11593 (Espruino before 1.99 allows attackers to cause a denial of service ...)
+CVE-2018-11593
 	NOT-FOR-US: Espruino
-CVE-2018-11592 (Espruino before 1.98 allows attackers to cause a denial of service ...)
+CVE-2018-11592
 	NOT-FOR-US: Espruino
-CVE-2018-11591 (Espruino before 1.98 allows attackers to cause a denial of service ...)
+CVE-2018-11591
 	NOT-FOR-US: Espruino
-CVE-2018-11590 (Espruino before 1.99 allows attackers to cause a denial of service ...)
+CVE-2018-11590
 	NOT-FOR-US: Espruino
-CVE-2018-11589 (Multiple SQL injection vulnerabilities in Centreon 3.4.6 including ...)
+CVE-2018-11589
 	NOT-FOR-US: Centreon
-CVE-2018-11588 (Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an ...)
+CVE-2018-11588
 	NOT-FOR-US: Centreon
-CVE-2018-11587 (There is Remote Code Execution in Centreon 3.4.6 including Centreon ...)
+CVE-2018-11587
 	NOT-FOR-US: Centreon
-CVE-2018-11586 (XML external entity (XXE) vulnerability in api/rest/status in ...)
+CVE-2018-11586
 	NOT-FOR-US: SearchBlox
 CVE-2018-11585
 	RESERVED
 CVE-2018-11584
 	RESERVED
-CVE-2018-11583 (SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl ...)
+CVE-2018-11583
 	NOT-FOR-US: SeaCMS
 CVE-2018-11582
 	RESERVED
-CVE-2018-11581 (Cross-site scripting (XSS) vulnerability on Brother HL series printers ...)
+CVE-2018-11581
 	NOT-FOR-US: Brother HL-L2340D and HL-L2380DW series printers
-CVE-2018-11580 (An issue was discovered in mass-pages-posts-creator.php in the ...)
+CVE-2018-11580
 	NOT-FOR-US: MULTIDOTS Mass Pages/Posts Creator plugin for WordPress
-CVE-2018-11579 (class-woo-banner-management.php in the MULTIDOTS WooCommerce Category ...)
+CVE-2018-11579
 	NOT-FOR-US: MULTIDOTS WooCommerce Category Banner Management plugin for WordPress
-CVE-2018-11578 (GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a ...)
+CVE-2018-11578
 	NOT-FOR-US: ngiflib
-CVE-2018-11577 (Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. ...)
+CVE-2018-11577
 	- liblouis 3.5.0-3 (bug #900607)
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/582
-CVE-2018-11576 (ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in ...)
+CVE-2018-11576
 	NOT-FOR-US: ngiflib
-CVE-2018-11575 (ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in ...)
+CVE-2018-11575
 	NOT-FOR-US: ngiflib
-CVE-2018-11574 (Improper input validation together with an integer overflow in the ...)
+CVE-2018-11574
 	- ppp 2.4.7-2+3
 	[stretch] - ppp <not-affected> (Vulnerable code introduced later)
 	[jessie] - ppp <not-affected> (Vulnerable code introduced later)
@@ -24290,70 +24280,70 @@ CVE-2018-11574 (Improper input validation together with an integer overflow in t
 	NOTE: https://www.nikhef.nl/~janjust/ppp/ppp-2.4.7-eaptls-mppe-1.101.patch
 CVE-2018-11573
 	RESERVED
-CVE-2018-11572 (ClipperCMS 1.3.3 has XSS in the &quot;Module name&quot; field in a &quot;Modules -&gt; ...)
+CVE-2018-11572
 	NOT-FOR-US: ClipperCMS
-CVE-2018-11571 (ClipperCMS 1.3.3 allows Session Fixation. ...)
+CVE-2018-11571
 	NOT-FOR-US: ClipperCMS
 CVE-2018-11570
 	RESERVED
 CVE-2018-11569
 	RESERVED
-CVE-2018-11568 (Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for ...)
+CVE-2018-11568
 	NOT-FOR-US: GamePlan theme for WordPress
-CVE-2018-11567 (** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon ...)
+CVE-2018-11567
 	NOT-FOR-US: Amazon Echo devices
 CVE-2018-11566
 	RESERVED
-CVE-2018-11565 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before ...)
+CVE-2018-11565
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1772774
-CVE-2018-11564 (Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to ...)
+CVE-2018-11564
 	NOT-FOR-US: Pagekit CMS
 CVE-2018-11563
 	RESERVED
-CVE-2018-11562 (An issue was discovered in MISP 2.4.91. A vulnerability in ...)
+CVE-2018-11562
 	NOT-FOR-US: MISP
-CVE-2018-11561 (An integer overflow in the unprotected distributeToken function of a ...)
+CVE-2018-11561
 	NOT-FOR-US: smart contract implementation for EETHER (EETHER)
-CVE-2018-11560 (The webService binary on Insteon HD IP Camera White 2864-222 devices ...)
+CVE-2018-11560
 	NOT-FOR-US: Insteon
-CVE-2018-11559 (DomainMod 4.10.0 has Stored XSS in the &quot;/settings/profile/index.php&quot; ...)
+CVE-2018-11559
 	NOT-FOR-US: DomainMod
-CVE-2018-11558 (DomainMod 4.10.0 has Stored XSS in the &quot;/settings/profile/index.php&quot; ...)
+CVE-2018-11558
 	NOT-FOR-US: DomainMod
-CVE-2018-11557 (YIBAN Easy class education platform 2.0 has XSS via the articlelist.php ...)
+CVE-2018-11557
 	NOT-FOR-US: YIBAN Easy
-CVE-2018-11556 (tificc in Little CMS 2.9 has an out-of-bounds write in the ...)
+CVE-2018-11556
 	NOT-FOR-US: Little CMS
-CVE-2018-11555 (tificc in Little CMS 2.9 has an out-of-bounds write in the ...)
+CVE-2018-11555
 	NOT-FOR-US: Little CMS
-CVE-2018-11554 (The forgotten-password feature in ...)
+CVE-2018-11554
 	NOT-FOR-US: YzmCMS
-CVE-2018-11553 (SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter ...)
+CVE-2018-11553
 	NOT-FOR-US: SGIN.CN xiangyun platform
-CVE-2018-11552 (There is a reflected XSS vulnerability in AXON PBX 2.02 via the ...)
+CVE-2018-11552
 	NOT-FOR-US: AXON PBX
-CVE-2018-11551 (AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow ...)
+CVE-2018-11551
 	NOT-FOR-US: AXON PBX
 CVE-2018-11550
 	REJECTED
-CVE-2018-11549 (An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS ...)
+CVE-2018-11549
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-11548 (An issue was discovered in EOS.IO DAWN 4.2. ...)
+CVE-2018-11548
 	NOT-FOR-US: EOS.IO DAWN
-CVE-2018-11547 (md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based ...)
+CVE-2018-11547
 	NOT-FOR-US: md4c
-CVE-2018-11546 (md4c 0.2.5 has a heap-based buffer over-read because ...)
+CVE-2018-11546
 	NOT-FOR-US: md4c
-CVE-2018-11545 (md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because ...)
+CVE-2018-11545
 	NOT-FOR-US: md4c
-CVE-2018-11544 (The Olive Tree Ftp Server application 1.32 for Android has Insecure ...)
+CVE-2018-11544
 	NOT-FOR-US: Olive Tree Ftp Server application
-CVE-2018-11543 (A Local File Inclusion (LFI) vulnerability in the Sonus SBC 1000 / SBC ...)
+CVE-2018-11543
 	NOT-FOR-US: Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface
-CVE-2018-11542 (A Remote Command Execution (RCE) vulnerability in the Sonus SBC 1000 / ...)
+CVE-2018-11542
 	NOT-FOR-US: Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface
-CVE-2018-11541 (A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC ...)
+CVE-2018-11541
 	NOT-FOR-US: Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface
 CVE-2018-XXXX [gitlab: Removing public deploy keys regression]
 	[experimental] - gitlab 10.7.5+dfsg-1
@@ -24389,21 +24379,21 @@ CVE-2018-11540
 	RESERVED
 CVE-2018-11539
 	RESERVED
-CVE-2018-11538 (servlet/UserServlet in SearchBlox 8.6.6 has CSRF via the u_name, ...)
+CVE-2018-11538
 	NOT-FOR-US: SearchBlox
-CVE-2018-11537 (Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as ...)
+CVE-2018-11537
 	NOT-FOR-US: angular-jwt
-CVE-2018-11536 (md4c before 0.2.5 has a heap-based buffer overflow because ...)
+CVE-2018-11536
 	NOT-FOR-US: md4c
-CVE-2018-11535 (An issue was discovered in SITEMAKIN SLAC (Site Login and Access ...)
+CVE-2018-11535
 	NOT-FOR-US: SITEMAKIN SLAC
 CVE-2018-11534
 	RESERVED
 CVE-2018-11533
 	RESERVED
-CVE-2018-11532 (An issue was discovered in the ChangUonDyU Advanced Statistics plugin ...)
+CVE-2018-11532
 	NOT-FOR-US: MyBB plugin
-CVE-2018-11531 (Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. ...)
+CVE-2018-11531
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/283
@@ -24412,25 +24402,25 @@ CVE-2018-11531 (Exiv2 0.26 has a heap-based buffer overflow in getData in previe
 	NOTE: https://github.com/Exiv2/exiv2/commit/67a5a741153c876a6f1c189abb874721d1725c48
 CVE-2018-11530
 	RESERVED
-CVE-2018-11529 (VideoLAN VLC media player 2.2.x is prone to a use after free ...)
+CVE-2018-11529
 	{DSA-4251-1}
 	- vlc 3.0.3-1-1
 	[jessie] - vlc <end-of-life> (See https://lists.debian.org/debian-security-announce/2018/msg00130.html)
 	NOTE: https://github.com/videolan/vlc-3.0/commit/c472668ff873cfe29281822b4548715fb7bb0368
 	NOTE: https://github.com/videolan/vlc-3.0/commit/d2dadb37e7acc25ae08df71e563855d6e17b5b42
-CVE-2018-11528 (WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI. ...)
+CVE-2018-11528
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-11527 (An issue was discovered in CScms v4.1. A Cross-site request forgery ...)
+CVE-2018-11527
 	NOT-FOR-US: CScms
-CVE-2018-11526 (The plugin &quot;WordPress Comments Import &amp; Export&quot; for WordPress (v2.0.4 ...)
+CVE-2018-11526
 	NOT-FOR-US: "WordPress Comments Import & Export" plugin for WordPress
-CVE-2018-11525 (The plugin &quot;Advanced Order Export For WooCommerce&quot; for WordPress ...)
+CVE-2018-11525
 	NOT-FOR-US: "Advanced Order Export For WooCommerce" plugin for WordPress
 CVE-2018-11524
 	RESERVED
-CVE-2018-11523 (upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such ...)
+CVE-2018-11523
 	NOT-FOR-US: NUUO NVRmini
-CVE-2018-11522 (Yosoro 1.0.4 has stored XSS. ...)
+CVE-2018-11522
 	NOT-FOR-US: Yosoro
 CVE-2018-11521
 	RESERVED
@@ -24438,93 +24428,93 @@ CVE-2018-11520
 	RESERVED
 CVE-2018-11519
 	RESERVED
-CVE-2018-11518 (A vulnerability allows a phreaking attack on HCL legacy IVR systems ...)
+CVE-2018-11518
 	NOT-FOR-US: HCL legacy IVR systems
-CVE-2018-11517 (mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a ...)
+CVE-2018-11517
 	NOT-FOR-US: mySCADA myPRO
-CVE-2018-11516 (The vlc_demux_chained_Delete function in input/demux_chained.c in ...)
+CVE-2018-11516
 	- vlc 3.0.2-1
 	[stretch] - vlc 3.0.2-0+deb9u1
 	[jessie] - vlc <not-affected> (Only affects 3.x)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=33dcfcf41340c27b6f8183fdb35b129282a79bd8
 	NOTE: http://www.videolan.org/security/sa1801.html
-CVE-2018-11515 (The wpForo plugin through 2018-02-05 for WordPress has SQL Injection ...)
+CVE-2018-11515
 	NOT-FOR-US: wpForo plugin for WordPress
-CVE-2018-11514 (PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted ...)
+CVE-2018-11514
 	NOT-FOR-US: PHP Scripts Mall Naukri Clone Script
 CVE-2018-11513
 	RESERVED
-CVE-2018-11512 (Stored cross-site scripting (XSS) vulnerability in the &quot;Website's name&quot; ...)
+CVE-2018-11512
 	NOT-FOR-US: wityCMS
-CVE-2018-11511 (The tree list functionality in the photo gallery application in ...)
+CVE-2018-11511
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-11510 (The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated ...)
+CVE-2018-11510
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11509 (ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and ...)
+CVE-2018-11509
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-11508 (The compat_get_timex function in kernel/compat.c in the Linux kernel ...)
+CVE-2018-11508
 	- linux 4.16.12-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1574
 	NOTE: Fixed by: https://git.kernel.org/linus/0a0b98734479aa5b3c671d5190e86273372cab95
-CVE-2018-11507 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An ...)
+CVE-2018-11507
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #902188)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/509
-CVE-2018-11506 (The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel ...)
+CVE-2018-11506
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.16-1
 	[stretch] - linux 4.9.110-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f7068114d45ec55996b9040e98111afa56e010fe
-CVE-2018-11505 (The Werewolf Online application 0.8.8 for Android allows attackers to ...)
+CVE-2018-11505
 	NOT-FOR-US: Werewolf Online application for Android
-CVE-2018-11504 (The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a ...)
+CVE-2018-11504
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189#issuecomment-392247798
 	NOTE: POC: https://github.com/fCorleone/fuzz_programs/blob/master/discount/issue3_testcase
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
-CVE-2018-11503 (The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT ...)
+CVE-2018-11503
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189#issuecomment-392247798
 	NOTE: POC: https://github.com/fCorleone/fuzz_programs/blob/master/discount/issue2_testcase
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
-CVE-2018-11502 (An issue was discovered in the Moderator Log Notes plugin 1.1 for ...)
+CVE-2018-11502
 	NOT-FOR-US: MyBB plugin
-CVE-2018-11501 (PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via ...)
+CVE-2018-11501
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-11500 (An issue was discovered in PublicCMS V4.0.20180210. There is a CSRF ...)
+CVE-2018-11500
 	NOT-FOR-US: PublicCMS
-CVE-2018-11499 (A use-after-free vulnerability exists in handle_error() in ...)
+CVE-2018-11499
 	- libsass <unfixed> (bug #900182)
 	[stretch] - libsass <not-affected> (Vulnerability introduced in 3.4.7 upstream)
 	NOTE: https://github.com/sass/libsass/issues/2643
 	NOTE: https://github.com/sass/libsass/commit/84eaca254ca726531def3569c990089b3154e640
-CVE-2018-11498 (In Lizard v1.0 and LZ5 v2.0 (the prior release, before the product was ...)
+CVE-2018-11498
 	NOT-FOR-US: Lizard
 CVE-2018-11497
 	RESERVED
-CVE-2018-11496 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in ...)
+CVE-2018-11496
 	- lrzip 0.631+git180528-1
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/96
 	NOTE: https://github.com/ckolivas/lrzip/commit/907b66b8cb4ba7384abf8d82f09204b127d328bd
 	NOTE: https://github.com/ckolivas/lrzip/commit/a81248e47d276cf59b8c7e22558e2b5035e87b33
-CVE-2018-11495 (OpenCart through 3.0.2.0 allows directory traversal in the editDownload ...)
+CVE-2018-11495
 	NOT-FOR-US: OpenCart
-CVE-2018-11494 (The &quot;program extension upload&quot; feature in OpenCart through 3.0.2.0 has ...)
+CVE-2018-11494
 	NOT-FOR-US: OpenCart
-CVE-2018-11493 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
+CVE-2018-11493
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-11492 (ASUS HG100 devices allow denial of service via an IPv4 packet flood. ...)
+CVE-2018-11492
 	NOT-FOR-US: ASUS HG100 devices
-CVE-2018-11491 (ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated ...)
+CVE-2018-11491
 	NOT-FOR-US: ASUS HG100 devices
-CVE-2018-11490 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly ...)
+CVE-2018-11490
 	[experimental] - giflib 5.1.7-1
 	- giflib <unfixed> (bug #904114)
 	[buster] - giflib <no-dsa> (Minor issue)
@@ -24534,7 +24524,7 @@ CVE-2018-11490 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibl
 	NOTE: https://sourceforge.net/p/giflib/bugs/113/
 	NOTE: https://sourceforge.net/p/giflib/code/ci/08438a5098f3bb1de23a29334af55eba663f75bd/
 	NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib.
-CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly ...)
+CVE-2018-11489
 	- giflib <unfixed> (bug #904113)
 	[buster] - giflib <no-dsa> (Minor issue)
 	[stretch] - giflib <no-dsa> (Minor issue)
@@ -24542,50 +24532,50 @@ CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibl
 	NOTE: https://github.com/pts/sam2p/issues/37
 	NOTE: https://sourceforge.net/p/giflib/bugs/112/
 	NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib.
-CVE-2018-11488 (A stack exhaustion vulnerability in the search function of dtSearch ...)
+CVE-2018-11488
 	NOT-FOR-US: dtSearch
-CVE-2018-11487 (PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the ...)
+CVE-2018-11487
 	NOT-FOR-US: PHPMyWind
-CVE-2018-11486 (An issue was discovered in the MULTIDOTS Advance Search for ...)
+CVE-2018-11486
 	NOT-FOR-US: MULTIDOTS Advance Search for WooCommerce plugin for WordPress
-CVE-2018-11485 (The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for ...)
+CVE-2018-11485
 	NOT-FOR-US: MULTIDOTS WooCommerce Quick Reports plugin for WordPress
 CVE-2018-11484
 	RESERVED
 CVE-2018-11483
 	RESERVED
-CVE-2018-11482 (/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, ...)
+CVE-2018-11482
 	NOT-FOR-US: TP-LINK
-CVE-2018-11481 (TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and ...)
+CVE-2018-11481
 	NOT-FOR-US: TP-LINK
 CVE-2018-11480
 	RESERVED
-CVE-2018-11479 (The VPN component in Windscribe 1.81 uses the OpenVPN client for ...)
+CVE-2018-11479
 	NOT-FOR-US: VPN component in Windscribe
-CVE-2018-11478 (An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The ...)
+CVE-2018-11478
 	NOT-FOR-US: Vgate iCar 2 Wi-Fi OBD2 Dongle devices
-CVE-2018-11477 (An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The ...)
+CVE-2018-11477
 	NOT-FOR-US: Vgate iCar 2 Wi-Fi OBD2 Dongle devices
-CVE-2018-11476 (An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The ...)
+CVE-2018-11476
 	NOT-FOR-US: Vgate iCar 2 Wi-Fi OBD2 Dongle devices
-CVE-2018-11475 (Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A ...)
+CVE-2018-11475
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11474 (Monstra CMS 3.0.4 has a Session Management Issue in the Administrations ...)
+CVE-2018-11474
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11473 (Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login ...)
+CVE-2018-11473
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11472 (Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login ...)
+CVE-2018-11472
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11471 (Cockpit 0.5.5 has XSS via a collection, form, or region. ...)
+CVE-2018-11471
 	NOT-FOR-US: Cockpit CMS (different from src:cockpit)
-CVE-2018-11470 (iScripts eSwap v2.4 has SQL injection via the &quot;search.php&quot; 'Told' ...)
+CVE-2018-11470
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-11469 (Incorrect caching of responses to requests including an Authorization ...)
+CVE-2018-11469
 	- haproxy 1.8.9-2 (bug #900084)
 	[stretch] - haproxy <not-affected> (Issue introduced in 1.8.0)
 	[jessie] - haproxy <not-affected> (Issue introduced in 1.8.0)
 	NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=17514045e5d934dede62116216c1b016fe23dd06
-CVE-2018-11468 (The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT ...)
+CVE-2018-11468
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189
@@ -24593,65 +24583,65 @@ CVE-2018-11468 (The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISC
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
 CVE-2018-11467
 	RESERVED
-CVE-2018-11466 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...)
+CVE-2018-11466
 	NOT-FOR-US: Siemens
-CVE-2018-11465 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...)
+CVE-2018-11465
 	NOT-FOR-US: Siemens
-CVE-2018-11464 (A vulnerability has been identified in SINUMERIK 828D V4.7 (All ...)
+CVE-2018-11464
 	NOT-FOR-US: Siemens
-CVE-2018-11463 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...)
+CVE-2018-11463
 	NOT-FOR-US: Siemens
-CVE-2018-11462 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...)
+CVE-2018-11462
 	NOT-FOR-US: Siemens
-CVE-2018-11461 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...)
+CVE-2018-11461
 	NOT-FOR-US: Siemens
-CVE-2018-11460 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...)
+CVE-2018-11460
 	NOT-FOR-US: Siemens
-CVE-2018-11459 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...)
+CVE-2018-11459
 	NOT-FOR-US: Siemens
-CVE-2018-11458 (A vulnerability has been identified in SINUMERIK 828D V4.7 (All ...)
+CVE-2018-11458
 	NOT-FOR-US: Siemens
-CVE-2018-11457 (A vulnerability has been identified in SINUMERIK 828D V4.7 (All ...)
+CVE-2018-11457
 	NOT-FOR-US: Siemens
-CVE-2018-11456 (A vulnerability has been identified in Automation License Manager 5 ...)
+CVE-2018-11456
 	NOT-FOR-US: Automation License Manager
-CVE-2018-11455 (A vulnerability has been identified in Automation License Manager 5 ...)
+CVE-2018-11455
 	NOT-FOR-US: Automation License Manager
-CVE-2018-11454 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
+CVE-2018-11454
 	NOT-FOR-US: SIMATIC
-CVE-2018-11453 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
+CVE-2018-11453
 	NOT-FOR-US: SIMATIC
-CVE-2018-11452 (A vulnerability has been identified in Firmware variant IEC 61850 for ...)
+CVE-2018-11452
 	NOT-FOR-US: Siemens
-CVE-2018-11451 (A vulnerability has been identified in Firmware variant IEC 61850 for ...)
+CVE-2018-11451
 	NOT-FOR-US: Siemens
-CVE-2018-11450 (A reflected Cross-Site-Scripting (XSS) vulnerability has been ...)
+CVE-2018-11450
 	NOT-FOR-US: Siemens PLM Software TEAMCENTER
-CVE-2018-11449 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
+CVE-2018-11449
 	NOT-FOR-US: SCALANCE
-CVE-2018-11448 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
+CVE-2018-11448
 	NOT-FOR-US: SCALANCE
-CVE-2018-11447 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
+CVE-2018-11447
 	NOT-FOR-US: SCALANCE
-CVE-2018-11446 (The buy function of a smart contract implementation for Gold Reward ...)
+CVE-2018-11446
 	NOT-FOR-US: Gold Reward
-CVE-2018-11445 (A CSRF issue was discovered on the User Add/System Settings Page ...)
+CVE-2018-11445
 	NOT-FOR-US: EasyService Billing
-CVE-2018-11444 (A SQL Injection issue was observed in the parameter &quot;q&quot; in ...)
+CVE-2018-11444
 	NOT-FOR-US: EasyService Billing
-CVE-2018-11443 (The parameter q is affected by Cross-site Scripting in ...)
+CVE-2018-11443
 	NOT-FOR-US: EasyService Billing
-CVE-2018-11442 (A CSRF issue was discovered in EasyService Billing 1.0, which was ...)
+CVE-2018-11442
 	NOT-FOR-US: EasyService Billing
 CVE-2018-11441
 	RESERVED
-CVE-2018-11440 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
+CVE-2018-11440
 	- liblouis 3.5.0-3 (bug #900085)
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/575
 	NOTE: https://github.com/liblouis/liblouis/commit/4417bad83df4481ed58419b28c5c91b9649e2a86
-CVE-2018-11439 (The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in ...)
+CVE-2018-11439
 	{DLA-1430-1}
 	- taglib 1.11.1+dfsg.1-0.3 (bug #903847)
 	[stretch] - taglib <no-dsa> (Minor issue)
@@ -24659,25 +24649,25 @@ CVE-2018-11439 (The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in
 	NOTE: Upstream issue: https://github.com/taglib/taglib/issues/868
 	NOTE: Pull request: https://github.com/taglib/taglib/pull/869
 	NOTE: Upstream fix: https://github.com/taglib/taglib/commit/2c4ae870ec086f2ddd21a47861a3709c36faac45
-CVE-2018-11438 (The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 ...)
+CVE-2018-11438
 	NOT-FOR-US: Libmobi
-CVE-2018-11437 (The mobi_reconstruct_parts function in parse_rawml.c in Libmobi 0.3 ...)
+CVE-2018-11437
 	NOT-FOR-US: Libmobi
-CVE-2018-11436 (The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote ...)
+CVE-2018-11436
 	NOT-FOR-US: Libmobi
-CVE-2018-11435 (The mobi_decompress_huffman_internal function in compression.c in ...)
+CVE-2018-11435
 	NOT-FOR-US: Libmobi
-CVE-2018-11434 (The buffer_fill64 function in compression.c in Libmobi 0.3 allows ...)
+CVE-2018-11434
 	NOT-FOR-US: Libmobi
-CVE-2018-11433 (The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 ...)
+CVE-2018-11433
 	NOT-FOR-US: Libmobi
-CVE-2018-11432 (The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows ...)
+CVE-2018-11432
 	NOT-FOR-US: Libmobi
 CVE-2018-11431
 	RESERVED
-CVE-2018-11430 (An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. ...)
+CVE-2018-11430
 	NOT-FOR-US: Moderator Log Notes plugin for MyBB
-CVE-2018-11429 (ATLANT (ATL) is a smart contract running on Ethereum. The mint function ...)
+CVE-2018-11429
 	NOT-FOR-US: smart contract
 CVE-2018-11428
 	RESERVED
@@ -24697,22 +24687,22 @@ CVE-2018-11421
 	RESERVED
 CVE-2018-11420
 	RESERVED
-CVE-2018-11419 (An issue was discovered in JerryScript 1.0. There is a heap-based ...)
+CVE-2018-11419
 	NOT-FOR-US: JerryScript
-CVE-2018-11418 (An issue was discovered in JerryScript 1.0. There is a heap-based ...)
+CVE-2018-11418
 	NOT-FOR-US: JerryScript
 CVE-2018-11417
 	RESERVED
-CVE-2018-11416 (jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of ...)
+CVE-2018-11416
 	- jpegoptim <not-affected> (Introduced in 1.4.5)
 	NOTE: https://github.com/tjko/jpegoptim/issues/57
-CVE-2018-11415 (SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site ...)
+CVE-2018-11415
 	NOT-FOR-US: SAP Internet Transaction Server
-CVE-2018-11414 (An issue was discovered in BearAdmin 0.5. There is ...)
+CVE-2018-11414
 	NOT-FOR-US: BearAdmin
-CVE-2018-11413 (An issue was discovered in BearAdmin 0.5. Remote attackers can download ...)
+CVE-2018-11413
 	NOT-FOR-US: BearAdmin
-CVE-2018-11412 (In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in ...)
+CVE-2018-11412
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Introduced in e50e5129f384 in 4.13)
 	[jessie] - linux <not-affected> (Introduced in e50e5129f384 in 4.13)
@@ -24720,51 +24710,51 @@ CVE-2018-11412 (In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data(
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1580
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199803
 	NOTE: Fixed by: https://git.kernel.org/linus/117166efb1ee8f13c38f9e96b258f16d4923f888
-CVE-2018-11411 (The transferFrom function of a smart contract implementation for ...)
+CVE-2018-11411
 	NOT-FOR-US: DimonCoin
-CVE-2018-11410 (An issue was discovered in Liblouis 3.5.0. A invalid free in the ...)
+CVE-2018-11410
 	- liblouis 3.5.0-2 (bug #899999)
 	[stretch] - liblouis 3.0.0-3+deb9u2
 	[jessie] - liblouis <not-affected> (Code did not even exist at the time)
 	[wheezy] - liblouis <not-affected> (Code did not even exist at the time)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1582024
 	NOTE: https://github.com/liblouis/liblouis/issues/573
-CVE-2018-11409 (Splunk through 7.0.1 allows information disclosure by appending ...)
+CVE-2018-11409
 	NOT-FOR-US: Splunk
-CVE-2018-11408 (The security handlers in the Security component in Symfony in 2.7.x ...)
+CVE-2018-11408
 	{DLA-1707-1}
 	- symfony 3.4.12+dfsg-1
 	[stretch] - symfony <not-affected> (Incomplete fix for CVE-2017-16652 wasn't backported)
 	NOTE: https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers
-CVE-2018-11407 (An issue was discovered in the Ldap component in Symfony 2.8.x before ...)
+CVE-2018-11407
 	- symfony 3.4.12+dfsg-1
 	[stretch] - symfony <not-affected> (Incomplete fix for CVE-2016-2403 not applied)
 	[jessie] - symfony <not-affected> (Incomplete fix for CVE-2016-2403 not applied)
 	NOTE: https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password
-CVE-2018-11406 (An issue was discovered in the Security component in Symfony 2.7.x ...)
+CVE-2018-11406
 	{DSA-4262-1}
 	- symfony 3.4.12+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code not present in branch 2.3)
 	NOTE: https://symfony.com/blog/cve-2018-11406-csrf-token-fixation
-CVE-2018-11405 (Kliqqi 2.0.2 has CSRF in admin/admin_users.php. ...)
+CVE-2018-11405
 	NOT-FOR-US: Kliqqi
-CVE-2018-11404 (DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php ...)
+CVE-2018-11404
 	NOT-FOR-US: DomainMod
-CVE-2018-11403 (DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid ...)
+CVE-2018-11403
 	NOT-FOR-US: DomainMod
-CVE-2018-11402 (SimpliSafe Original has Unencrypted Keypad Transmissions, which allows ...)
+CVE-2018-11402
 	NOT-FOR-US: SimpliSafe Original
-CVE-2018-11401 (In SimpliSafe Original, RF Interference (e.g., an extremely strong ...)
+CVE-2018-11401
 	NOT-FOR-US: SimpliSafe Original
-CVE-2018-11400 (In SimpliSafe Original, the Base Station fails to detect tamper ...)
+CVE-2018-11400
 	NOT-FOR-US: SimpliSafe Original
-CVE-2018-11399 (SimpliSafe Original has Unencrypted Sensor Transmissions, which allows ...)
+CVE-2018-11399
 	NOT-FOR-US: SimpliSafe Original
 CVE-2018-11398
 	RESERVED
 CVE-2018-11397
 	RESERVED
-CVE-2018-11396 (ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through ...)
+CVE-2018-11396
 	- epiphany-browser 3.28.2.1-1 (unimportant; bug #899409)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795740
 	NOTE: webkit not covered by security support
@@ -24774,7 +24764,7 @@ CVE-2018-11394
 	RESERVED
 CVE-2018-11393
 	RESERVED
-CVE-2018-11392 (An arbitrary file upload vulnerability in /classes/profile.class.php ...)
+CVE-2018-11392
 	NOT-FOR-US: Jigowatt
 CVE-2018-11391
 	RESERVED
@@ -24786,62 +24776,62 @@ CVE-2018-11388
 	RESERVED
 CVE-2018-11387
 	RESERVED
-CVE-2018-11386 (An issue was discovered in the HttpFoundation component in Symfony ...)
+CVE-2018-11386
 	{DSA-4262-1}
 	- symfony 3.4.12+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code no present, no rollback mechanism in this version)
 	NOTE: https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler
-CVE-2018-11385 (An issue was discovered in the Security component in Symfony 2.7.x ...)
+CVE-2018-11385
 	{DSA-4262-1 DLA-1707-1}
 	- symfony 3.4.12+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication
-CVE-2018-11384 (The sh_op() function in radare2 2.5.0 allows remote attackers to cause ...)
+CVE-2018-11384
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/77c47cf873dd55b396da60baa2ca83bbd39e4add
 	NOTE: https://github.com/radare/radare2/issues/9903
-CVE-2018-11383 (The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers ...)
+CVE-2018-11383
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/9d348bcc2c4bbd3805e7eec97b594be9febbdf9a
 	NOTE: https://github.com/radare/radare2/issues/9943
-CVE-2018-11382 (The _inst__sts() function in radare2 2.5.0 allows remote attackers to ...)
+CVE-2018-11382
 	- radare2 <not-affected> (Vulnerable code not yet present)
 	NOTE: https://github.com/radare/radare2/commit/d04c78773f6959bcb427453f8e5b9824d5ba9eff
 	NOTE: https://github.com/radare/radare2/issues/10091
-CVE-2018-11381 (The string_scan_range() function in radare2 2.5.0 allows remote ...)
+CVE-2018-11381
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/3fcf41ed96ffa25b38029449520c8d0a198745f3
 	NOTE: https://github.com/radare/radare2/issues/9902
-CVE-2018-11380 (The parse_import_ptr() function in radare2 2.5.0 allows remote ...)
+CVE-2018-11380
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/60208765887f5f008b3b9a883f3addc8bdb9c134
 	NOTE: https://github.com/radare/radare2/issues/9970
-CVE-2018-11379 (The get_debug_info() function in radare2 2.5.0 allows remote attackers ...)
+CVE-2018-11379
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/4e1cf0d3e6f6fe2552a269def0af1cd2403e266c
 	NOTE: https://github.com/radare/radare2/issues/9926
-CVE-2018-11378 (The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly ...)
+CVE-2018-11378
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <not-affected> (Vulnerable code not present)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present)
 	[wheezy] - radare2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/bd276ef2fd8ac3401e65be7c126a43175ccfbcd7
 	NOTE: https://github.com/radare/radare2/issues/9969
-CVE-2018-11377 (The avr_op_analyze() function in radare2 2.5.0 allows remote attackers ...)
+CVE-2018-11377
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -24849,55 +24839,55 @@ CVE-2018-11377 (The avr_op_analyze() function in radare2 2.5.0 allows remote att
 	NOTE: https://github.com/radare/radare2/commit/25a3703ef2e015bbe1d1f16f6b2f63bb10dd34f4
 	NOTE: https://github.com/radare/radare2/commit/b35530fa0681b27eba084de5527037ebfb397422
 	NOTE: https://github.com/radare/radare2/issues/9901
-CVE-2018-11376 (The r_read_le32() function in radare2 2.5.0 allows remote attackers to ...)
+CVE-2018-11376
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf
 	NOTE: https://github.com/radare/radare2/issues/9904
-CVE-2018-11375 (The _inst__lds() function in radare2 2.5.0 allows remote attackers to ...)
+CVE-2018-11375
 	- radare2 <not-affected> (Vulnerable code not yet present)
 	NOTE: https://github.com/radare/radare2/commit/041e53cab7ca33481ae45ecd65ad596976d78e68
 	NOTE: https://github.com/radare/radare2/issues/9928
 CVE-2018-11374
 	RESERVED
-CVE-2018-11373 (iScripts eSwap v2.4 has SQL injection via the &quot;salelistdetailed.php&quot; ...)
+CVE-2018-11373
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-11372 (iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User ...)
+CVE-2018-11372
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-11371 (SkyCaiji 1.2 allows CSRF to add an Administrator user. ...)
+CVE-2018-11371
 	NOT-FOR-US: SkyCaiji
 CVE-2018-11370
 	RESERVED
-CVE-2018-11369 (An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection ...)
+CVE-2018-11369
 	NOT-FOR-US: PbootCMS
 CVE-2018-11368
 	RESERVED
-CVE-2018-11367 (An issue was discovered in CppCMS before 1.2.1. There is a denial of ...)
+CVE-2018-11367
 	NOT-FOR-US: CppCMS
-CVE-2018-11366 (init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has ...)
+CVE-2018-11366
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-11365 (sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an ...)
+CVE-2018-11365
 	- r-cran-haven 1.1.1-2 (low; bug #899335)
-CVE-2018-11364 (sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in ...)
+CVE-2018-11364
 	- r-cran-haven 1.1.1-2 (low; bug #899335)
-CVE-2018-11363 (jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based ...)
+CVE-2018-11363
 	NOT-FOR-US: PDFGen
-CVE-2018-11362 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS ...)
+CVE-2018-11362
 	{DSA-4217-1 DLA-1388-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14615
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f177008b04a530640de835ca878892e58b826d58
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-25.html
-CVE-2018-11361 (In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. ...)
+CVE-2018-11361
 	- wireshark 2.6.1-1 (bug #900708)
 	[jessie] - wireshark <not-affected> (vulnerable code not present (TDLS support added in version 2.1.0))
 	[wheezy] - wireshark <not-affected> (vulnerable code not present (TDLS support added in version 2.1.0))
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14686
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1b52f9929238ce3948ec924ae4f9456b5e9df558
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-32.html
-CVE-2018-11360 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP ...)
+CVE-2018-11360
 	- wireshark 2.6.1-1 (bug #900708)
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (vulnerable code not present (uses static a_bigbuf instead))
@@ -24905,40 +24895,40 @@ CVE-2018-11360 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14688
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a55b36c51f83a7b9680824e8ee3a6ce8429ab24b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-30.html
-CVE-2018-11359 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC ...)
+CVE-2018-11359
 	{DLA-1634-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14703
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=beaebe91b14564fb9f86f0726bab09927872721b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-33.html
-CVE-2018-11358 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 ...)
+CVE-2018-11358
 	{DSA-4217-1 DLA-1388-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ccb1ac3c8cec47fbbbf2e80ced80644005c65252
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-31.html
-CVE-2018-11357 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP ...)
+CVE-2018-11357
 	{DLA-1634-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14678
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ab8a33ef083b9732c89117747a83a905a676faf6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-28.html
-CVE-2018-11356 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS ...)
+CVE-2018-11356
 	{DLA-1634-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14681
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4425716ddba99374749bd033d9bc0f4add2fb973
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-29.html
-CVE-2018-11355 (In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed ...)
+CVE-2018-11355
 	- wireshark <not-affected> (Vulnerable code, new RTCP dissector for transport-cc, introduced later)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14673
 	NOTE: Introduced by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a584eab239d55e441433ead40c993e08a24c59fe (v2.5.0)
 	NOTE: Fixed by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99d27a5fd2c540f837154aca3b3647f5ccfa0c33 (v2.6.1)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-27.html
-CVE-2018-11354 (In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was ...)
+CVE-2018-11354
 	- wireshark <not-affected> (Vulnerable code, IEEE 1905.1a dissector, introduced in v2.5.0~1187)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14647
 	NOTE: Introduced by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=05b1d35586aee37dad7d84fa27531fc9794a41c9 (v2.5.0)
@@ -24946,75 +24936,75 @@ CVE-2018-11354 (In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-26.html
 CVE-2018-11353
 	RESERVED
-CVE-2018-11352 (The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site ...)
+CVE-2018-11352
 	NOT-FOR-US: Wallabag
-CVE-2018-11351 (script.php in Jirafeau before 3.4.1 is affected by two stored ...)
+CVE-2018-11351
 	NOT-FOR-US: Jirafeau
-CVE-2018-11350 (An issue was discovered in Jirafeau before 3.4.1. The file &quot;search by ...)
+CVE-2018-11350
 	NOT-FOR-US: Jirafeau
-CVE-2018-11349 (The administration panel of Jirafeau before 3.4.1 is vulnerable to ...)
+CVE-2018-11349
 	NOT-FOR-US: Jirafeau
-CVE-2018-11348 (Two XSS vulnerabilities are located in the profile edition page of the ...)
+CVE-2018-11348
 	NOT-FOR-US: Yunihost
-CVE-2018-11347 (The YunoHost 2.7.2 through 2.7.14 web application is affected by one ...)
+CVE-2018-11347
 	NOT-FOR-US: Yunihost
-CVE-2018-11346 (An insecure direct object reference vulnerability in download.cgi in ...)
+CVE-2018-11346
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11345 (An unrestricted file upload vulnerability in upload.cgi in ASUSTOR ...)
+CVE-2018-11345
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11344 (A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM ...)
+CVE-2018-11344
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11343 (A persistent cross site scripting vulnerability in playlistmanger.cgi ...)
+CVE-2018-11343
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11342 (A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ...)
+CVE-2018-11342
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11341 (Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 ...)
+CVE-2018-11341
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11340 (An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR ...)
+CVE-2018-11340
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11339 (An XSS issue was discovered in Frappe ERPNext v11.x.x-develop b1036e5 ...)
+CVE-2018-11339
 	NOT-FOR-US: Frappe ERPNext
-CVE-2018-11338 (Intuit Lacerte 2017 for Windows in a client/server environment ...)
+CVE-2018-11338
 	NOT-FOR-US: Intuit Lacerte
 CVE-2018-11337
 	RESERVED
 CVE-2018-11336
 	RESERVED
-CVE-2018-11335 (GVToken Genesis Vision (GVT) is a smart contract running on Ethereum. ...)
+CVE-2018-11335
 	NOT-FOR-US: smart contract
-CVE-2018-11334 (Windscribe 1.81 creates a named pipe with a NULL DACL that allows ...)
+CVE-2018-11334
 	NOT-FOR-US: Windscribe
 CVE-2018-11333
 	RESERVED
-CVE-2018-11332 (Stored cross-site scripting (XSS) vulnerability in the &quot;Site Name&quot; ...)
+CVE-2018-11332
 	NOT-FOR-US: ClipperCMS
-CVE-2018-11331 (An issue was discovered in Pluck before 4.7.6. Remote PHP code ...)
+CVE-2018-11331
 	NOT-FOR-US: Pluck CMS
-CVE-2018-11330 (An issue was discovered in Pluck before 4.7.6. There is authenticated ...)
+CVE-2018-11330
 	NOT-FOR-US: Pluck CMS
-CVE-2018-11329 (The DrugDealer function of a smart contract implementation for Ether ...)
+CVE-2018-11329
 	NOT-FOR-US: DrugDealer smart contractz
-CVE-2018-11328 (An issue was discovered in Joomla! Core before 3.8.8. Under specific ...)
+CVE-2018-11328
 	NOT-FOR-US: Joomla!
-CVE-2018-11327 (An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks ...)
+CVE-2018-11327
 	NOT-FOR-US: Joomla!
-CVE-2018-11326 (An issue was discovered in Joomla! Core before 3.8.8. Inadequate input ...)
+CVE-2018-11326
 	NOT-FOR-US: Joomla!
-CVE-2018-11325 (An issue was discovered in Joomla! Core before 3.8.8. The web install ...)
+CVE-2018-11325
 	NOT-FOR-US: Joomla!
-CVE-2018-11324 (An issue was discovered in Joomla! Core before 3.8.8. A long running ...)
+CVE-2018-11324
 	NOT-FOR-US: Joomla!
-CVE-2018-11323 (An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks ...)
+CVE-2018-11323
 	NOT-FOR-US: Joomla!
-CVE-2018-11322 (An issue was discovered in Joomla! Core before 3.8.8. Depending on the ...)
+CVE-2018-11322
 	NOT-FOR-US: Joomla!
-CVE-2018-11321 (An issue was discovered in com_fields in Joomla! Core before 3.8.8. ...)
+CVE-2018-11321
 	NOT-FOR-US: Joomla!
-CVE-2018-11320 (In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are ...)
+CVE-2018-11320
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-1000181 (Kitura 2.3.0 and earlier have an unintended read access to ...)
+CVE-2018-1000181
 	NOT-FOR-US: Kitura
-CVE-2018-1000180 (Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier ...)
+CVE-2018-1000180
 	{DSA-4233-1}
 	- bouncycastle 1.59-2 (bug #900843)
 	[jessie] - bouncycastle <not-affected> (Issue introduced in 1.54)
@@ -25026,21 +25016,21 @@ CVE-2018-11318
 	RESERVED
 CVE-2018-11317
 	RESERVED
-CVE-2018-11316 (The UPnP HTTP server on Sonos wireless speaker products allow ...)
+CVE-2018-11316
 	NOT-FOR-US: Sonos
-CVE-2018-11315 (The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below ...)
+CVE-2018-11315
 	NOT-FOR-US: Radio Thermostat CT50 and CT80
-CVE-2018-11314 (The External Control API in Roku and Roku TV products allow ...)
+CVE-2018-11314
 	NOT-FOR-US: Roku
 CVE-2018-11313
 	RESERVED
 CVE-2018-11312
 	RESERVED
-CVE-2018-11311 (A hardcoded FTP username of myscada and password of Vikuk63 in ...)
+CVE-2018-11311
 	NOT-FOR-US: mySCADA
 CVE-2018-11310
 	RESERVED
-CVE-2018-11309 (Blind SQL injection in coupon_code in the MemberMouse plugin 2.2.8 and ...)
+CVE-2018-11309
 	NOT-FOR-US: MemberMouse plugin for WordPress
 CVE-2018-11308
 	RESERVED
@@ -25052,105 +25042,105 @@ CVE-2018-11307 [Potential information exfiltration with default typing, serializ
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/27b4defc270454dea6842bd9279f17387eceb737
 CVE-2018-11306
 	RESERVED
-CVE-2018-11305 (When a series of FDAL messages are sent to the modem, a Use After Free ...)
+CVE-2018-11305
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11304 (Possible buffer overflow in msm_adsp_stream_callback_put due to lack ...)
+CVE-2018-11304
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11303
 	RESERVED
-CVE-2018-11302 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11302
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11301 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11301
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11300 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11300
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11299 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11299
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11298 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11298
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11297 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11297
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11296 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11296
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11295 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11295
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11294 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11294
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11293 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11293
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11292 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-11292
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11291 (In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, ...)
+CVE-2018-11291
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11290 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-11290
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11289 (Data truncation during higher to lower type conversion which causes ...)
+CVE-2018-11289
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11288 (Possible undefined behavior due to lack of size check in function for ...)
+CVE-2018-11288
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11287 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-11287
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11286 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11286
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11285 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-11285
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11284 (Spoofed SMS can be used to send a large number of messages to the ...)
+CVE-2018-11284
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11283
 	RESERVED
 CVE-2018-11282
 	RESERVED
-CVE-2018-11281 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11281
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11280 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11280
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11279 (Lack of check of input size can make device memory get corrupted ...)
+CVE-2018-11279
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11278 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11278
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11277 (In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, ...)
+CVE-2018-11277
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11276 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11276
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11275 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11275
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11274 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11274
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11273 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11273
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11272
 	RESERVED
 CVE-2018-11271
 	RESERVED
-CVE-2018-11270 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11270
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11269 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-11269
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11268 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-11268
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11267 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-11267
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11266 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11266
 	NOT-FOR-US: Android kernel, code not in mainline
-CVE-2018-11265 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11265
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11264 (Possible buffer overflow in Ontario fingerprint code due to lack of ...)
+CVE-2018-11264
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11263 (In all Android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11263
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11262 (In Android for MSM, Firefox OS for MSM, and QRD Android with all ...)
+CVE-2018-11262
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11261 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11261
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11260 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-11260
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11259 (Due to Improper Access Control of NAND-based EFS in Snapdragon ...)
+CVE-2018-11259
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11258 (In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon ...)
+CVE-2018-11258
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11257 (Permissions, Privileges, and Access Controls in TA in Snapdragon ...)
+CVE-2018-11257
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11256 (An issue was discovered in PoDoFo 0.9.5. The function ...)
+CVE-2018-11256
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916583)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -25158,7 +25148,7 @@ CVE-2018-11256 (An issue was discovered in PoDoFo 0.9.5. The function ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575851
 	NOTE: https://sourceforge.net/p/podofo/tickets/21
 	NOTE: https://sourceforge.net/p/podofo/code/1938
-CVE-2018-11255 (An issue was discovered in PoDoFo 0.9.5. The function ...)
+CVE-2018-11255
 	- libpodofo <unfixed> (low; bug #916584)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -25166,7 +25156,7 @@ CVE-2018-11255 (An issue was discovered in PoDoFo 0.9.5. The function ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575502
 	NOTE: https://sourceforge.net/p/podofo/tickets/20
 	NOTE: https://sourceforge.net/p/podofo/code/1952 (this commit doesn't fix the crash)
-CVE-2018-11254 (An issue was discovered in PoDoFo 0.9.5. There is an Excessive ...)
+CVE-2018-11254
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916585)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -25178,7 +25168,7 @@ CVE-2018-11253
 	RESERVED
 CVE-2018-11252
 	RESERVED
-CVE-2018-11251 (In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based ...)
+CVE-2018-11251
 	{DSA-4245-1 DLA-1394-1 DLA-1381-1}
 	- imagemagick 8:6.9.9.39+dfsg-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/956
@@ -25187,93 +25177,93 @@ CVE-2018-11250
 	RESERVED
 CVE-2018-11249
 	RESERVED
-CVE-2018-11248 (util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an ...)
+CVE-2018-11248
 	NOT-FOR-US: FileDownloader
-CVE-2018-11247 (The JMX/RMI interface in Nasdaq BWise 5.0 does not require ...)
+CVE-2018-11247
 	NOT-FOR-US: SAP
 CVE-2018-11246
 	RESERVED
-CVE-2018-11245 (app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex ...)
+CVE-2018-11245
 	NOT-FOR-US: MISP
-CVE-2018-11244 (The BBE theme before 1.53 for WordPress allows a direct launch of an ...)
+CVE-2018-11244
 	NOT-FOR-US: WordPress theme
-CVE-2018-11243 (PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote ...)
+CVE-2018-11243
 	- upx-ucl 1.03+repack-5 (unimportant; bug #899190; bug #907426)
 	NOTE: https://github.com/upx/upx/issues/206
 	NOTE: https://github.com/upx/upx/issues/207
-CVE-2018-11242 (An issue was discovered in the MakeMyTrip application 7.2.4 for ...)
+CVE-2018-11242
 	NOT-FOR-US: MakeMyTrip application for Android
-CVE-2018-11241 (An issue was discovered on SoftCase T-Router build 20112017 devices. A ...)
+CVE-2018-11241
 	NOT-FOR-US: SoftCase T-Router devices
-CVE-2018-11240 (An issue was discovered on SoftCase T-Router build 20112017 devices. ...)
+CVE-2018-11240
 	NOT-FOR-US: SoftCase T-Router devices
-CVE-2018-11239 (An integer overflow in the _transfer function of a smart contract ...)
+CVE-2018-11239
 	NOT-FOR-US: Hexagon (HXG)
 CVE-2018-11238
 	RESERVED
-CVE-2018-11237 (An AVX-512-optimized implementation of the mempcpy function in the GNU ...)
+CVE-2018-11237
 	- glibc 2.27-4 (low; bug #899070)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue, can be fixed along in future DSA or point update)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23196
-CVE-2018-11236 (stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 ...)
+CVE-2018-11236
 	- glibc 2.27-4 (low; bug #899071)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue, can be fixed along in future DSA or point update)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22786
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2
-CVE-2018-11235 (In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, ...)
+CVE-2018-11235
 	{DSA-4212-1}
 	- git 1:2.17.1-1
 	NOTE: https://lkml.org/lkml/2018/5/29/889
 CVE-2018-11234
 	RESERVED
-CVE-2018-11233 (In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, ...)
+CVE-2018-11233
 	- git 1:2.17.1-1 (unimportant)
 	[stretch] - git 1:2.11.0-3+deb9u3
 	[jessie] - git 1:2.1.4-2.1+deb8u6
 	NOTE: Only an issue when running on an NTFS filesystem.
 	NOTE: https://lkml.org/lkml/2018/5/29/889
-CVE-2018-1000400 (Kubernetes CRI-O version prior to 1.9 contains a Privilege Context ...)
+CVE-2018-1000400
 	NOT-FOR-US: Kubernetes CRI-O
-CVE-2018-11232 (The etm_setup_aux function in ...)
+CVE-2018-11232
 	- linux <not-affected> (Vulnerable code never present in unstable)
 	NOTE: Fixed by: https://git.kernel.org/linus/f09444639099584bc4784dfcd85ada67c6f33e0f
-CVE-2018-11231 (In the Divido plugin for OpenCart, there is SQL injection. Attackers ...)
+CVE-2018-11231
 	NOT-FOR-US: OpenCart plugin
-CVE-2018-11230 (jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows ...)
+CVE-2018-11230
 	NOT-FOR-US: jbig2enc
-CVE-2018-11229 (Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and ...)
+CVE-2018-11229
 	NOT-FOR-US: Crestron devices
-CVE-2018-11228 (Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and ...)
+CVE-2018-11228
 	NOT-FOR-US: Crestron devices
 CVE-2018-11227
 	RESERVED
-CVE-2018-11226 (The getString function in decompile.c in libming through 0.4.8 ...)
+CVE-2018-11226
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/144
-CVE-2018-11225 (The dcputs function in decompile.c in libming through 0.4.8 mishandles ...)
+CVE-2018-11225
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/143
-CVE-2018-11224 (An issue was discovered in Libav 12.3. A read access violation in the ...)
+CVE-2018-11224
 	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1129
-CVE-2018-11223 (XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to ...)
+CVE-2018-11223
 	NOT-FOR-US: Pandora FMS
-CVE-2018-11222 (Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 ...)
+CVE-2018-11222
 	NOT-FOR-US: Pandora FMS
-CVE-2018-11221 (Unauthenticated untrusted file upload in Artica Pandora FMS through ...)
+CVE-2018-11221
 	NOT-FOR-US: Pandora FMS
-CVE-2018-11220 (Bitmain Antminer D3, L3+, and S9 devices allow Remote Command ...)
+CVE-2018-11220
 	NOT-FOR-US: Bitmain Antminer D3, L3+, and S9 devices
-CVE-2018-11219 (An Integer Overflow issue was discovered in the struct library in the ...)
+CVE-2018-11219
 	{DSA-4230-1 DLA-1396-1}
 	- redis 5:4.0.10-1 (bug #901495)
 	NOTE: https://github.com/antirez/redis/issues/5017
 	NOTE: http://antirez.com/news/119
-CVE-2018-11218 (Memory Corruption was discovered in the cmsgpack library in the Lua ...)
+CVE-2018-11218
 	{DSA-4230-1 DLA-1396-1}
 	- redis 5:4.0.10-1 (bug #901495)
 	NOTE: https://github.com/antirez/redis/issues/5017
@@ -25284,54 +25274,54 @@ CVE-2018-11216
 	RESERVED
 CVE-2018-11215
 	RESERVED
-CVE-2018-11214 (An issue was discovered in libjpeg 9a. The get_text_rgb_row function in ...)
+CVE-2018-11214
 	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
-CVE-2018-11213 (An issue was discovered in libjpeg 9a. The get_text_gray_row function ...)
+CVE-2018-11213
 	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
-CVE-2018-11212 (An issue was discovered in libjpeg 9a. The alloc_sarray function in ...)
+CVE-2018-11212
 	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/82923eb93a2eacf4a593e00e3e672bbb86a8a3a0 (1.4.2)
 CVE-2018-11211
 	RESERVED
-CVE-2018-11210 (TinyXML2 6.2.0 has a heap-based buffer over-read in the ...)
+CVE-2018-11210
 	- tinyxml2 <unfixed> (bug #899063; unimportant)
 	NOTE: https://github.com/leethomason/tinyxml2/issues/675
 	NOTE: Non-real issue, missuse of API
-CVE-2018-11209 (** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. ...)
+CVE-2018-11209
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-11208 (** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. There is a ...)
+CVE-2018-11208
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-11207 (A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in ...)
+CVE-2018-11207
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11206 (An out of bounds read was discovered in H5O_fill_new_decode and ...)
+CVE-2018-11206
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11205 (A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the ...)
+CVE-2018-11205
 	- hdf5 <undetermined>
-CVE-2018-11204 (A NULL pointer dereference was discovered in H5O__chunk_deserialize in ...)
+CVE-2018-11204
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11203 (A division by zero was discovered in H5D__btree_decode_key in ...)
+CVE-2018-11203
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11202 (A NULL pointer dereference was discovered in H5S_hyper_make_spans in ...)
+CVE-2018-11202
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
@@ -25346,165 +25336,165 @@ CVE-2018-11198
 	RESERVED
 CVE-2018-11197
 	RESERVED
-CVE-2018-11196 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before ...)
+CVE-2018-11196
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/bugs/1770535
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8270
-CVE-2018-11195 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before ...)
+CVE-2018-11195
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1770561
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8269
-CVE-2018-11194 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11194
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11193 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11193
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11192 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11192
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11191 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11191
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11190 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11190
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11189 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11189
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11188 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11188
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11187 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11187
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11186 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11186
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11185 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11185
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11184 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11184
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11183 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11183
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11182 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11182
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11181 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11181
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11180 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11180
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11179 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11179
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11178 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11178
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11177 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11177
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11176 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11176
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11175 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11175
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11174 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11174
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11173 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11173
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11172 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11172
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11171 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11171
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11170 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11170
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11169 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11169
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11168 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11168
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11167 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11167
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11166 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11166
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11165 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11165
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11164 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11164
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11163 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11163
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11162 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11162
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11161 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11161
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11160 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11160
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11159 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11159
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11158 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11158
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11157 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11157
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11156 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11156
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11155 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11155
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11154 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11154
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11153 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11153
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11152 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11152
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11151 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11151
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11150 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11150
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11149 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11149
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11148 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11148
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11147 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11147
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11146 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11146
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11145 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11145
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11144 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11144
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11143 (Quest DR Series Disk Backup software version before 4.0.3.1 allows ...)
+CVE-2018-11143
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11142 (The 'systemui/settings_network.php' and ...)
+CVE-2018-11142
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11141 (The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the ...)
+CVE-2018-11141
 	NOT-FOR-US: Quest KACE System Management Virtual Appliance
-CVE-2018-11140 (The 'reportID' parameter received by the '/common/run_report.php' ...)
+CVE-2018-11140
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11139 (The '/common/ajax_email_connection_test.php' script in the Quest KACE ...)
+CVE-2018-11139
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11138 (The '/common/download_agent_installer.php' script in the Quest KACE ...)
+CVE-2018-11138
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11137 (The 'checksum' parameter of the '/common/download_attachment.php' ...)
+CVE-2018-11137
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11136 (The 'orgID' parameter received by the ...)
+CVE-2018-11136
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11135 (The script '/adminui/error_details.php' in the Quest KACE System ...)
+CVE-2018-11135
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11134 (In order to perform actions that requires higher privileges, the Quest ...)
+CVE-2018-11134
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11133 (The 'fmt' parameter of the '/common/run_cross_report.php' script in the ...)
+CVE-2018-11133
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11132 (In order to perform actions that require higher privileges, the Quest ...)
+CVE-2018-11132
 	NOT-FOR-US: Quest KACE System Management Appliance
 CVE-2018-11131
 	RESERVED
-CVE-2018-11130 (The header::add_FORMAT_descriptor function in header.cpp in VCFtools ...)
+CVE-2018-11130
 	- vcftools 0.1.16-1 (low; bug #902190)
 	[stretch] - vcftools <no-dsa> (Minor issue)
 	[jessie] - vcftools <no-dsa> (Minor issue)
 	[wheezy] - vcftools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/May/43
 	NOTE: https://github.com/vcftools/vcftools/issues/109
-CVE-2018-11129 (The header::add_INFO_descriptor function in header.cpp in VCFtools ...)
+CVE-2018-11129
 	- vcftools 0.1.16-1 (low; bug #902190)
 	[stretch] - vcftools <no-dsa> (Minor issue)
 	[jessie] - vcftools <no-dsa> (Minor issue)
 	[wheezy] - vcftools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/May/43
 	NOTE: https://github.com/vcftools/vcftools/issues/109
-CVE-2018-11128 (The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 ...)
+CVE-2018-11128
 	NOT-FOR-US: vincent0629 PDFParser
-CVE-2018-11127 (e107 2.1.7 has CSRF resulting in arbitrary user deletion. ...)
+CVE-2018-11127
 	NOT-FOR-US: e107
-CVE-2018-11126 (dg-user/?controller=users&amp;action=add in doorGets 7.0 has CSRF that ...)
+CVE-2018-11126
 	NOT-FOR-US: doorGets
 CVE-2018-11125
 	REJECTED
-CVE-2018-11124 (Cross-site scripting (XSS) vulnerability in Attributes functionality ...)
+CVE-2018-11124
 	NOT-FOR-US: Open-AudIT Community
 CVE-2018-11123
 	RESERVED
@@ -25512,15 +25502,15 @@ CVE-2018-11122
 	RESERVED
 CVE-2018-11121
 	RESERVED
-CVE-2018-11120 (Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, ...)
+CVE-2018-11120
 	NOT-FOR-US: ILIAS
-CVE-2018-11119 (ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 redirects a logged-in user ...)
+CVE-2018-11119
 	NOT-FOR-US: ILIAS
-CVE-2018-11118 (The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS ...)
+CVE-2018-11118
 	NOT-FOR-US: ILIAS
-CVE-2018-11117 (Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, ...)
+CVE-2018-11117
 	NOT-FOR-US: ILIAS
-CVE-2018-11116 (OpenWrt mishandles access control in /etc/config/rpcd and the ...)
+CVE-2018-11116
 	NOT-FOR-US: OpenWrt
 CVE-2018-11115
 	RESERVED
@@ -25542,171 +25532,171 @@ CVE-2018-11107
 	RESERVED
 CVE-2018-11106
 	RESERVED
-CVE-2018-11105 (There is stored cross site scripting in the wp-live-chat-support plugin ...)
+CVE-2018-11105
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-11104
 	RESERVED
 CVE-2018-11103
 	RESERVED
-CVE-2018-11102 (An issue was discovered in Libav 12.3. A read access violation in the ...)
+CVE-2018-11102
 	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1128
-CVE-2018-11101 (Open Whisper Signal (aka Signal-Desktop) through 1.10.1 allows XSS via ...)
+CVE-2018-11101
 	- signal-desktop <itp> (bug #842943)
-CVE-2018-11100 (The decompileSETTARGET function in decompile.c in libming through 0.4.8 ...)
+CVE-2018-11100
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/142
-CVE-2018-11099 (The header::add_INFO_descriptor function in header.cpp in VCFtools ...)
+CVE-2018-11099
 	- vcftools 0.1.16-1 (low; bug #902190)
 	[stretch] - vcftools <no-dsa> (Minor issue)
 	[jessie] - vcftools <no-dsa> (Minor issue)
 	[wheezy] - vcftools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/May/43
 	NOTE: https://github.com/vcftools/vcftools/issues/109
-CVE-2018-11098 (An issue was discovered in Frog CMS 0.9.5. There is a file upload ...)
+CVE-2018-11098
 	NOT-FOR-US: Frog CMS
-CVE-2018-11097 (An issue was discovered in cloudwu/cstring through 2016-11-09. There is ...)
+CVE-2018-11097
 	NOT-FOR-US: cloudwu
-CVE-2018-11096 (Horse Market Sell &amp; Rent Portal Script 1.5.7 has a CSRF vulnerability ...)
+CVE-2018-11096
 	NOT-FOR-US: Horse Market Sell & Rent Portal Script
-CVE-2018-11095 (The decompileJUMP function in decompile.c in libming through 0.4.8 ...)
+CVE-2018-11095
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/141
-CVE-2018-11094 (An issue was discovered on Intelbras NCLOUD 300 1.0 devices. ...)
+CVE-2018-11094
 	NOT-FOR-US: Intelbras NCLOUD
-CVE-2018-11093 (Cross-site scripting (XSS) vulnerability in the Link package for ...)
+CVE-2018-11093
 	NOT-FOR-US: CKeditor addon
-CVE-2018-11092 (An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF ...)
+CVE-2018-11092
 	NOT-FOR-US: Admin Notes plugin for MyBB
-CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file ...)
+CVE-2018-11091
 	NOT-FOR-US: MyBiz MyProcureNet
-CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This ...)
+CVE-2018-11090
 	NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11089
 	RESERVED
-CVE-2018-11088 (Pivotal Applications Manager in Pivotal Application Service, versions ...)
+CVE-2018-11088
 	NOT-FOR-US: Pivotal
-CVE-2018-11087 (Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions ...)
+CVE-2018-11087
 	NOT-FOR-US: Spring AMQP
-CVE-2018-11086 (Pivotal Usage Service in Pivotal Application Service, versions 2.0 ...)
+CVE-2018-11086
 	NOT-FOR-US: Pivotal
 CVE-2018-11085
 	REJECTED
-CVE-2018-11084 (Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents ...)
+CVE-2018-11084
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11083 (Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to ...)
+CVE-2018-11083
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11082 (Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA ...)
+CVE-2018-11082
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11081 (Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior ...)
+CVE-2018-11081
 	NOT-FOR-US: Pivotal
-CVE-2018-11080 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, ...)
+CVE-2018-11080
 	NOT-FOR-US: EMC Secure Remote Services
-CVE-2018-11079 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, ...)
+CVE-2018-11079
 	NOT-FOR-US: EMC Secure Remote Services
-CVE-2018-11078 (Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an ...)
+CVE-2018-11078
 	NOT-FOR-US: EMC VPlex GeoSynchrony
-CVE-2018-11077 ('getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, ...)
+CVE-2018-11077
 	NOT-FOR-US: EMC
-CVE-2018-11076 (Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and ...)
+CVE-2018-11076
 	NOT-FOR-US: EMC
-CVE-2018-11075 (RSA Authentication Manager versions prior to 8.3 P3 contain a ...)
+CVE-2018-11075
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-11074 (RSA Authentication Manager versions prior to 8.3 P3 are affected by a ...)
+CVE-2018-11074
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-11073 (RSA Authentication Manager versions prior to 8.3 P3 contain a stored ...)
+CVE-2018-11073
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-11072 (Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection ...)
+CVE-2018-11072
 	NOT-FOR-US: Dell Digital Delivery
-CVE-2018-11071 (Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, ...)
+CVE-2018-11071
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2018-11070 (RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J ...)
+CVE-2018-11070
 	NOT-FOR-US: RSA BSAFE Crypto-J
-CVE-2018-11069 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing ...)
+CVE-2018-11069
 	NOT-FOR-US: RSA BSAFE SSL-J
-CVE-2018-11068 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection ...)
+CVE-2018-11068
 	NOT-FOR-US: RSA BSAFE SSL-J
-CVE-2018-11067 (Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions ...)
+CVE-2018-11067
 	NOT-FOR-US: EMC
-CVE-2018-11066 (Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions ...)
+CVE-2018-11066
 	NOT-FOR-US: EMC
-CVE-2018-11065 (The WorkPoint component, which is embedded in all RSA Archer, versions ...)
+CVE-2018-11065
 	NOT-FOR-US: RSA
-CVE-2018-11064 (Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE ...)
+CVE-2018-11064
 	NOT-FOR-US: Dell
-CVE-2018-11063 (Dell WMS versions 1.1 and prior are impacted by multiple unquoted ...)
+CVE-2018-11063
 	NOT-FOR-US: Dell WMS
-CVE-2018-11062 (Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 ...)
+CVE-2018-11062
 	NOT-FOR-US: Integrated Data Protection Appliance
-CVE-2018-11061 (RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security ...)
+CVE-2018-11061
 	NOT-FOR-US: RSA
-CVE-2018-11060 (RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass ...)
+CVE-2018-11060
 	NOT-FOR-US: RSA Archer
-CVE-2018-11059 (RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site ...)
+CVE-2018-11059
 	NOT-FOR-US: RSA Archer
-CVE-2018-11058 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
+CVE-2018-11058
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11057 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
+CVE-2018-11057
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11056 (RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA ...)
+CVE-2018-11056
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11055 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
+CVE-2018-11055
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11054 (RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer ...)
+CVE-2018-11054
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11053 (Dell EMC iDRAC Service Module for all supported Linux and XenServer ...)
+CVE-2018-11053
 	NOT-FOR-US: Dell
-CVE-2018-11052 (Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication ...)
+CVE-2018-11052
 	NOT-FOR-US: EMC
-CVE-2018-11051 (RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 ...)
+CVE-2018-11051
 	NOT-FOR-US: RSA Certificate Manager
-CVE-2018-11050 (Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, ...)
+CVE-2018-11050
 	NOT-FOR-US: EMC
-CVE-2018-11049 (RSA Identity Governance and Lifecycle, RSA Via Lifecycle and ...)
+CVE-2018-11049
 	NOT-FOR-US: RSA
-CVE-2018-11048 (Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell ...)
+CVE-2018-11048
 	NOT-FOR-US: Dell
-CVE-2018-11047 (Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to ...)
+CVE-2018-11047
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11046 (Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version ...)
+CVE-2018-11046
 	NOT-FOR-US: Pivotal
-CVE-2018-11045 (Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior ...)
+CVE-2018-11045
 	NOT-FOR-US: Pivotal
-CVE-2018-11044 (Pivotal Apps Manager included in Pivotal Application Service, versions ...)
+CVE-2018-11044
 	NOT-FOR-US: Pivotal
 CVE-2018-11043
 	REJECTED
 CVE-2018-11042
 	REJECTED
-CVE-2018-11041 (Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 ...)
+CVE-2018-11041
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11040 (Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to ...)
+CVE-2018-11040
 	- libspring-java 4.3.19-1
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <no-dsa> (unable to find relevant commits)
 	NOTE: https://pivotal.io/security/cve-2018-11040
-CVE-2018-11039 (Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior ...)
+CVE-2018-11039
 	- libspring-java 4.3.19-1
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2018-11039
 CVE-2018-11038
 	RESERVED
-CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in ...)
+CVE-2018-11037
 	- exiv2 <undetermined>
 	NOTE: https://github.com/Exiv2/exiv2/issues/307
-CVE-2018-11036 (Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, ...)
+CVE-2018-11036
 	NOT-FOR-US: Ruckus devices
-CVE-2018-11035 (In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 ...)
+CVE-2018-11035
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-11034 (In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 ...)
+CVE-2018-11034
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-11033 (The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ...)
+CVE-2018-11033
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=40842
-CVE-2018-11032 (PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the ...)
+CVE-2018-11032
 	NOT-FOR-US: PHPRAP
-CVE-2018-11031 (application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has ...)
+CVE-2018-11031
 	NOT-FOR-US: PHPRAP
 CVE-2018-11030
 	RESERVED
@@ -25714,27 +25704,27 @@ CVE-2018-11029
 	RESERVED
 CVE-2018-11028
 	RESERVED
-CVE-2018-11027 (A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows ...)
+CVE-2018-11027
 	NOT-FOR-US: Ruckus
 CVE-2018-11026
 	RESERVED
-CVE-2018-11025 (kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in ...)
+CVE-2018-11025
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11024 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
+CVE-2018-11024
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11023 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
+CVE-2018-11023
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11022 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
+CVE-2018-11022
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11021 (kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel ...)
+CVE-2018-11021
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11020 (kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in ...)
+CVE-2018-11020
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11019 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
+CVE-2018-11019
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11018 (An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery ...)
+CVE-2018-11018
 	NOT-FOR-US: PbootCMS
-CVE-2018-11017 (The newVar_N function in decompile.c in libming through 0.4.8 ...)
+CVE-2018-11017
 	- ming <removed>
 CVE-2018-11016
 	RESERVED
@@ -25742,11 +25732,11 @@ CVE-2018-11015
 	RESERVED
 CVE-2018-11014
 	RESERVED
-CVE-2018-11013 (Stack-based buffer overflow in the websRedirect function in GoAhead on ...)
+CVE-2018-11013
 	NOT-FOR-US: D-Link
-CVE-2018-11012 (ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd ...)
+CVE-2018-11012
 	NOT-FOR-US: ruibaby Halo
-CVE-2018-11011 (ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to ...)
+CVE-2018-11011
 	NOT-FOR-US: ruibaby Halo
 CVE-2018-11010
 	RESERVED
@@ -25760,51 +25750,51 @@ CVE-2018-11006
 	RESERVED
 CVE-2018-11005
 	RESERVED
-CVE-2018-11004 (An issue was discovered in SDcms v1.5. Cross-site request forgery ...)
+CVE-2018-11004
 	NOT-FOR-US: SDcms
-CVE-2018-11003 (An issue was discovered in YXcms 1.4.7. Cross-site request forgery ...)
+CVE-2018-11003
 	NOT-FOR-US: YXcms
-CVE-2018-11002 (Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on ...)
+CVE-2018-11002
 	NOT-FOR-US: Pulse Secure Desktop Client
 CVE-2018-11001
 	RESERVED
 CVE-2018-11000
 	RESERVED
-CVE-2018-10999 (An issue was discovered in Exiv2 0.26. The ...)
+CVE-2018-10999
 	{DSA-4238-1 DLA-1551-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/306
 	NOTE: https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
 	NOTE: https://github.com/Exiv2/exiv2/commit/3ad0050469e6ea63b4081f2a88c264ce8ab55c51
-CVE-2018-10998 (An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp ...)
+CVE-2018-10998
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/303
 	NOTE: https://github.com/Exiv2/exiv2/commit/f4e8ed2fd48d012467b99552f0d6378302a23c75
-CVE-2018-10997 (Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL ...)
+CVE-2018-10997
 	NOT-FOR-US: Etere EtereWeb
-CVE-2018-10996 (The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 ...)
+CVE-2018-10996
 	NOT-FOR-US: D-Link
-CVE-2018-10995 (SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles ...)
+CVE-2018-10995
 	{DSA-4254-1 DLA-1437-1}
 	- slurm-llnl 17.11.7-1 (bug #900548)
 	NOTE: https://www.schedmd.com/news.php?id=203
 	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html
 	NOTE: https://github.com/SchedMD/slurm/commit/033dc0d1d28b8d2ba1a5187f564a01c15187eb4e
 	NOTE: https://github.com/SchedMD/slurm/commit/df545955e4f119974c278bff0c47155257d5afc7
-CVE-2018-10994 (js/views/message_view.js in Open Whisper Signal (aka Signal-Desktop) ...)
+CVE-2018-10994
 	- signal-desktop <itp> (bug #842943)
 CVE-2018-10993
 	RESERVED
 CVE-2018-10991
 	REJECTED
-CVE-2018-10990 (On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a ...)
+CVE-2018-10990
 	NOT-FOR-US: Arris Touchstone Telephony Gateway
-CVE-2018-10989 (Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are ...)
+CVE-2018-10989
 	NOT-FOR-US: Arris Touchstone Telephony Gateway
-CVE-2018-10988 (An issue was discovered on Diqee Diqee360 devices. A firmware update ...)
+CVE-2018-10988
 	NOT-FOR-US: Diqee
-CVE-2018-10987 (An issue was discovered on Dongguan Diqee Diqee360 devices. The ...)
+CVE-2018-10987
 	NOT-FOR-US: Diqee
 CVE-2018-10986
 	RESERVED
@@ -25814,15 +25804,15 @@ CVE-2018-10984
 	RESERVED
 CVE-2018-10983
 	RESERVED
-CVE-2018-10992 (lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings ...)
+CVE-2018-10992
 	- lilypond 2.18.2-13 (bug #898373)
 	[jessie] - lilypond <not-affected> (Incomplete fix not applied)
 	[wheezy] - lilypond <not-affected> (Incomplete fix not applied)
-CVE-2018-10982 (An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS ...)
+CVE-2018-10982
 	{DSA-4201-1 DLA-1549-1 DLA-1383-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	NOTE: https://xenbits.xen.org/xsa/advisory-261.html
-CVE-2018-10981 (An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS ...)
+CVE-2018-10981
 	{DSA-4201-1 DLA-1559-1 DLA-1383-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	NOTE: https://xenbits.xen.org/xsa/advisory-262.html
@@ -25832,46 +25822,46 @@ CVE-2018-10979
 	RESERVED
 CVE-2018-10978
 	RESERVED
-CVE-2018-10977 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10977
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10976 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10976
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10975 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10975
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10974 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10974
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10973 (An integer overflow in the transferMulti function of a smart contract ...)
+CVE-2018-10973
 	NOT-FOR-US: KoreaShow
-CVE-2018-10972 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The ...)
+CVE-2018-10972
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #898407)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/503
-CVE-2018-10971 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The ...)
+CVE-2018-10971
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #898406)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/501
 CVE-2018-10970
 	RESERVED
-CVE-2018-10969 (SQL injection vulnerability in the Pie Register plugin before 3.0.10 ...)
+CVE-2018-10969
 	NOT-FOR-US: Pie Register plugin for WordPress
-CVE-2018-10968 (On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious ...)
+CVE-2018-10968
 	NOT-FOR-US: D-Link
-CVE-2018-10967 (On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious ...)
+CVE-2018-10967
 	NOT-FOR-US: D-Link
-CVE-2018-10966 (An issue was discovered in GamerPolls 0.4.6, related to ...)
+CVE-2018-10966
 	NOT-FOR-US: GamerPolls
 CVE-2018-10965
 	RESERVED
 CVE-2018-10964
 	RESERVED
-CVE-2018-10963 (The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF ...)
+CVE-2018-10963
 	{DSA-4349-1 DLA-1411-1}
 	- tiff 4.0.9-6 (bug #898348)
 	[stretch] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2795
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/de144fd228e4be8aa484c3caf3d814b6fa88c6d9
-CVE-2018-10962 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. ...)
+CVE-2018-10962
 	NOT-FOR-US: Shanghai 2345 Security Guard
 CVE-2018-10961
 	RESERVED
@@ -25879,29 +25869,29 @@ CVE-2018-10960
 	RESERVED
 CVE-2018-10959
 	RESERVED
-CVE-2018-10958 (In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT ...)
+CVE-2018-10958
 	{DSA-4238-1 DLA-1551-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/302
 	NOTE: https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
 	NOTE: https://github.com/Exiv2/exiv2/commit/3ad0050469e6ea63b4081f2a88c264ce8ab55c51
-CVE-2018-10957 (CSRF exists on D-Link DIR-868L devices, leading to (for example) a ...)
+CVE-2018-10957
 	NOT-FOR-US: D-Link
-CVE-2018-10956 (IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal. ...)
+CVE-2018-10956
 	NOT-FOR-US: IPConfigure Orchid Core VMS
-CVE-2018-10955 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10955
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10954 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10954
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10953 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10953
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10952 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10952
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10951 (mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before ...)
+CVE-2018-10951
 	NOT-FOR-US: Zimbra
-CVE-2018-10950 (mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before ...)
+CVE-2018-10950
 	NOT-FOR-US: Zimbra
-CVE-2018-10949 (mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before ...)
+CVE-2018-10949
 	NOT-FOR-US: Zimbra
 CVE-2018-10948
 	RESERVED
@@ -25909,48 +25899,48 @@ CVE-2018-10947
 	RESERVED
 CVE-2018-10946
 	RESERVED
-CVE-2018-10945 (The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows ...)
+CVE-2018-10945
 	- smplayer 18.5.0~ds1-1
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2018-10944 (The request_dividend function of a smart contract implementation for ...)
+CVE-2018-10944
 	NOT-FOR-US: Rasputin Online Coin
-CVE-2018-10943 (An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base ...)
+CVE-2018-10943
 	NOT-FOR-US: Barco ClickShare CSE-200 and CS-100 Base Units
-CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute Wizard ...)
+CVE-2018-10942
 	NOT-FOR-US: Attribute Wizard addon for PrestaShop
 CVE-2018-10941
 	RESERVED
-CVE-2018-10940 (The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the ...)
+CVE-2018-10940
 	{DLA-1423-1 DLA-1422-1 DLA-1392-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	NOTE: Fixed by: https://git.kernel.org/linus/9de4ee40547fd315d4a0ed1dd15a2fa3559ad707
-CVE-2018-10939 (Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before ...)
+CVE-2018-10939
 	NOT-FOR-US: Zimbra Web Client
-CVE-2018-10938 (A flaw was found in the Linux kernel present since v4.0-rc1 and ...)
+CVE-2018-10938
 	{DSA-4308-1 DLA-1531-1}
 	- linux 4.13.4-1 (unimportant)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/40413955ee265a5e42f710940ec78f5450d49149 (4.13-rc5)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/27/1
-CVE-2018-10937 (A cross site scripting flaw exists in the tetonic-console component of ...)
+CVE-2018-10937
 	NOT-FOR-US: OpenShift
-CVE-2018-10936 (A weakness was found in postgresql-jdbc before version 42.2.5. It was ...)
+CVE-2018-10936
 	- libpgjava 42.2.5-1
 	[stretch] - libpgjava <no-dsa> (Minor issue)
 	[jessie] - libpgjava <no-dsa> (Minor issue)
 	NOTE: https://github.com/pgjdbc/pgjdbc/commit/cdeeaca47dc3bc6f727c79a582c9e412309
-CVE-2018-10935 (A flaw was found in the 389 Directory Server that allows users to ...)
+CVE-2018-10935
 	{DLA-1483-1}
 	- 389-ds-base 1.4.0.15-1 (bug #906985)
 	NOTE: https://pagure.io/389-ds-base/issue/49890
 CVE-2018-10934
 	RESERVED
 	- wildfly <itp> (bug #752018)
-CVE-2018-10933 (A vulnerability was found in libssh's server-side state machine before ...)
+CVE-2018-10933
 	{DSA-4322-1 DLA-1548-1}
 	- libssh 0.8.4-1 (bug #911149)
 	NOTE: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
@@ -25966,45 +25956,45 @@ CVE-2018-10933 (A vulnerability was found in libssh's server-side state machine
 	NOTE: https://git.libssh.org/projects/libssh.git/commit/?id=75be012b4a14f4550ce6ad3f126e559f44dbde76 (master)
 	NOTE: https://git.libssh.org/projects/libssh.git/commit/?id=e1548a71bdac73da084174ab1d6d2713edd93f6e (master)
 	NOTE: Fixed in 0.7.6, 0.8.4 upstream
-CVE-2018-10932 (lldptool version 1.0.1 and older can print a raw, unsanitized attacker ...)
+CVE-2018-10932
 	- lldpad 1.0.1+git20180808.4e642bd-1 (unimportant; bug #905901)
 	NOTE: https://github.com/intel/openlldp/pull/7
 	NOTE: https://github.com/intel/openlldp/commit/41feb359a9d0082b0bcf68b1f2b37227f02af4f1
 	NOTE: Terminal emulators need to perform proper escaping
-CVE-2018-10931 (It was found that cobbler 2.6.x exposed all functions from its ...)
+CVE-2018-10931
 	- cobbler <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/9
-CVE-2018-10930 (A flaw was found in RPC request using gfs3_rename_req in glusterfs ...)
+CVE-2018-10930
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612664
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10929 (A flaw was found in RPC request using gfs2_create_req in glusterfs ...)
+CVE-2018-10929
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612660
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10928 (A flaw was found in RPC request using gfs3_symlink_req in glusterfs ...)
+CVE-2018-10928
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612659
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10927 (A flaw was found in RPC request using gfs3_lookup_req in glusterfs ...)
+CVE-2018-10927
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612658
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10926 (A flaw was found in RPC request using gfs3_mknod_req supported by ...)
+CVE-2018-10926
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1613143
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 9.6.10, ...)
+CVE-2018-10925
 	{DSA-4269-1}
 	- postgresql-10 10.5-1
 	- postgresql-9.6 <removed>
@@ -26014,44 +26004,44 @@ CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 9.6.10,
 	- postgresql-9.1 <not-affected> (Only affects PostgreSQL 9.5 onwards)
 	NOTE: Fixed in 9.5.14, 9.6.10, 10.5
 	NOTE: https://www.postgresql.org/about/news/1878/
-CVE-2018-10924 (It was discovered that fsync(2) system call in glusterfs client code ...)
+CVE-2018-10924
 	- glusterfs 4.0.1-1
 	[stretch] - glusterfs <not-affected> (Issue introduced in 3.13.2 and backported to 3.12 series)
 	[jessie] - glusterfs <not-affected> (Issue introduced in 3.13.2 and backported to 3.12 series)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1611785
 	NOTE: Introduced by: http://git.gluster.org/cgit/glusterfs.git/commit/?id=51dfc9c789b8405f595a337eade938aedcb449c4
 	NOTE: https://review.gluster.org/20723
-CVE-2018-10923 (It was found that the &quot;mknod&quot; call derived from mknod(2) can create ...)
+CVE-2018-10923
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1610659
 	NOTE: https://github.com/gluster/glusterfs/commit/4bafcc97e812acc854dfc436ade35df0308d5a3e
-CVE-2018-10922 (An input validation flaw exists in ttembed. With a crafted input file, ...)
+CVE-2018-10922
 	NOT-FOR-US: ttembed
-CVE-2018-10921 (Certain input files may trigger an integer overflow in ttembed input ...)
+CVE-2018-10921
 	NOT-FOR-US: ttembed
-CVE-2018-10920 (Improper input validation bug in DNS resolver component of Knot ...)
+CVE-2018-10920
 	- knot-resolver 2.4.1-1 (bug #905325)
 	NOTE: https://www.knot-resolver.cz/2018-08-02-knot-resolver-2.4.1.html
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/2 (including patch)
-CVE-2018-10919 (The Samba Active Directory LDAP server was vulnerable to an ...)
+CVE-2018-10919
 	{DSA-4271-1 DLA-1539-1}
 	- samba 2:4.8.4+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2018-10919.html
-CVE-2018-10918 (A null pointer dereference flaw was found in the way samba checked ...)
+CVE-2018-10918
 	- samba 2:4.8.4+dfsg-1
 	[stretch] - samba <not-affected> (Only affects Samba 4.7.0 onwards)
 	[jessie] - samba <not-affected> (Only affects Samba 4.7.0 onwards)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-10918.html
-CVE-2018-10917 (pulp 2.16.x and possibly older is vulnerable to an improper path ...)
+CVE-2018-10917
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2018-10916 (It has been discovered that lftp up to and including version 4.8.3 ...)
+CVE-2018-10916
 	- lftp 4.8.4-1 (bug #905163)
 	[stretch] - lftp <no-dsa> (Minor issue)
 	[jessie] - lftp <no-dsa> (Minor issue)
 	NOTE: https://github.com/lavv17/lftp/issues/452
 	NOTE: https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992
-CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL client ...)
+CVE-2018-10915
 	{DSA-4269-1 DLA-1464-1}
 	- postgresql-10 10.5-1
 	- postgresql-9.6 <removed>
@@ -26061,24 +26051,24 @@ CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL clien
 	[jessie] - postgresql-9.1 <no-dsa> (package only serves as a means for upgrading to Stretch)
 	NOTE: Fixed in 9.3.24, 9.4.19, 9.5.14, 9.6.10, 10.5
 	NOTE: https://www.postgresql.org/about/news/1878/
-CVE-2018-10914 (It was found that an attacker could issue a xattr request via ...)
+CVE-2018-10914
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607617
 	NOTE: https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
-CVE-2018-10913 (An information disclosure vulnerability was discovered in glusterfs ...)
+CVE-2018-10913
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607618
 	NOTE: https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
-CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a infinite loop ...)
+CVE-2018-10912
 	NOT-FOR-US: Keycloak
-CVE-2018-10911 (A flaw was found in the way dic_unserialize function of glusterfs does ...)
+CVE-2018-10911
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657
 	NOTE: https://github.com/gluster/glusterfs/commit/cc3271ebf3aacdbbc77fdd527375af78ab12ea8d
-CVE-2018-10910 (A bug in Bluez may allow for the Bluetooth Discoverable state being ...)
+CVE-2018-10910
 	- bluez <unfixed>
 	[stretch] - bluez <ignored> (Minor issue, does not affected Gnome Bluetooth in stretch)
 	[jessie] - bluez <no-dsa> (Minor issue because in gnome-bluetooth <= 3.26 the D-Bus calls were synchronous and thus the issue in bluez will have no actual affect)
@@ -26088,49 +26078,49 @@ CVE-2018-10910 (A bug in Bluez may allow for the Bluetooth Discoverable state be
 	NOTE: gnome-bluetooth: https://gitlab.gnome.org/GNOME/gnome-bluetooth/commit/6b5086d42ea64d46277f3c93b43984f331d12f89
 CVE-2018-10909
 	RESERVED
-CVE-2018-10908 (It was found that vdsm before version 4.20.37 invokes qemu-img on ...)
+CVE-2018-10908
 	- vdsm <itp> (bug #668538)
-CVE-2018-10907 (It was found that glusterfs server is vulnerable to multiple stack ...)
+CVE-2018-10907
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601642
 	NOTE: https://github.com/gluster/glusterfs/commit/35f86ce46240c4f9c216bbc29164ce441cfca1e7
-CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is ...)
+CVE-2018-10906
 	{DSA-4257-1 DLA-1468-1}
 	- fuse3 3.2.6-1 (bug #911343)
 	- fuse 2.9.8-1 (bug #904439)
 	NOTE: https://github.com/libfuse/libfuse/pull/268
 	NOTE: https://sourceforge.net/p/fuse/mailman/message/36374753/
-CVE-2018-10905 (CloudForms Management Engine (cfme) is vulnerable to an improper ...)
+CVE-2018-10905
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2018-10904 (It was found that glusterfs server does not properly sanitize file ...)
+CVE-2018-10904
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601298
 	NOTE: https://github.com/gluster/glusterfs/commit/9716ce88b3a1faf135a6badc02d94249898059dd
-CVE-2018-10903 (A flaw was found in python-cryptography versions between &gt;=1.9.0 and ...)
+CVE-2018-10903
 	- python-cryptography 2.3-1 (bug #904072)
 	[stretch] - python-cryptography <not-affected> (Vulnerable code introduced later)
 	[jessie] - python-cryptography <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com//pyca/cryptography/pull/4342
 	NOTE: https://github.com/pyca/cryptography/pull/4342/commits/688e0f673bfbf43fa898994326c6877f00ab19ef
-CVE-2018-10902 (It was found that the raw midi kernel driver does not protect against ...)
+CVE-2018-10902
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
 	NOTE: https://git.kernel.org/linus/39675f7a7c7e7702f7d5341f1e0d01db746543a0 (4.18-rc6)
-CVE-2018-10901 (A flaw was found in Linux kernel's KVM virtualization subsystem. The ...)
+CVE-2018-10901
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: https://git.kernel.org/linus/3444d7da1839b851eefedd372978d8a982316c36 (2.6.36-rc1)
-CVE-2018-10900 (Network Manager VPNC plugin (aka networkmanager-vpnc) before version ...)
+CVE-2018-10900
 	{DSA-4253-1 DLA-1454-1}
 	- network-manager-vpnc 1.2.6-1 (bug #904255)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/3
 	NOTE: https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4e361a27ef48ac757d36cbb46e8e12
 CVE-2018-10899
 	RESERVED
-CVE-2018-10898 (A vulnerability was found in openstack-tripleo-heat-templates before ...)
+CVE-2018-10898
 	- tripleo-heat-templates <removed>
-CVE-2018-10897 (A directory traversal issue was found in reposync, a part of ...)
+CVE-2018-10897
 	- yum-utils 1.1.31-2.2 (bug #921131)
 	[stretch] - yum-utils <ignored> (Minor issue)
 	[jessie] - yum-utils <ignored> (Minor issue)
@@ -26138,39 +26128,39 @@ CVE-2018-10897 (A directory traversal issue was found in reposync, a part of ...
 	NOTE: https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c
 	NOTE: https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c
 	NOTE: https://github.com/rpm-software-management/yum-utils/pull/43
-CVE-2018-10896 (The default cloud-init configuration, in cloud-init 0.6.2 and newer, ...)
+CVE-2018-10896
 	NOT-FOR-US: Red Hat-specific packaging flaw of cloud-init default config
-CVE-2018-10895 (qutebrowser before version 1.4.1 is vulnerable to a cross-site request ...)
+CVE-2018-10895
 	- qutebrowser 1.4.1-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/11/7
 	NOTE: https://github.com/qutebrowser/qutebrowser/issues/4060
 	NOTE: Introduced in: https://github.com/qutebrowser/qutebrowser/commit/ffc29ee (v1.0.0)
 	NOTE: Fixed in: https://github.com/qutebrowser/qutebrowser/commit/43e58ac865ff862c2008c510fc5f7627e10b4660 (v1.4.1)
-CVE-2018-10894 (It was found that SAML authentication in Keycloak 3.4.3.Final ...)
+CVE-2018-10894
 	NOT-FOR-US: Keycloak
-CVE-2018-10893 (Multiple integer overflow and buffer overflow issues were discovered ...)
+CVE-2018-10893
 	- spice-gtk <unfixed> (bug #904161)
 	[stretch] - spice-gtk <no-dsa> (Minor issue)
 	[jessie] - spice-gtk <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598234
 	NOTE: Ongoing patch review: https://lists.freedesktop.org/archives/spice-devel/2018-July/044489.html
-CVE-2018-10892 (The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby ...)
+CVE-2018-10892
 	[experimental] - docker.io 18.06.0+dfsg1-1
 	- docker.io 18.06.1+dfsg1-1 (bug #908057)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598581
 	NOTE: https://github.com/moby/moby/pull/37404
-CVE-2018-10891 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, ...)
+CVE-2018-10891
 	- moodle <removed>
-CVE-2018-10890 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, ...)
+CVE-2018-10890
 	- moodle <removed>
-CVE-2018-10889 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No ...)
+CVE-2018-10889
 	- moodle <removed>
-CVE-2018-10888 (A flaw was found in libgit2 before version 0.27.3. A missing check in ...)
+CVE-2018-10888
 	{DLA-1477-1}
 	- libgit2 0.27.4+dfsg.1-0.1 (low; bug #903508)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3
-CVE-2018-10887 (A flaw was found in libgit2 before version 0.27.3. It has been ...)
+CVE-2018-10887
 	{DLA-1477-1}
 	- libgit2 0.27.4+dfsg.1-0.1 (low; bug #903509)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
@@ -26196,81 +26186,81 @@ CVE-2018-10886
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1584407
 	NOTE: The CVE will be rejected, as it was assigned by Red Hat's CNA but is out of
 	NOTE: scope of the assigning CNA.
-CVE-2018-10885 (In atomic-openshift before version 3.10.9 a malicious network-policy ...)
+CVE-2018-10885
 	NOT-FOR-US: atomic-openshift
-CVE-2018-10884 (Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to ...)
+CVE-2018-10884
 	NOT-FOR-US: Ansible Tower
-CVE-2018-10883 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
+CVE-2018-10883
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200071
-CVE-2018-10882 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
+CVE-2018-10882
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200069
-CVE-2018-10881 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
+CVE-2018-10881
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200015
-CVE-2018-10880 (Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 ...)
+CVE-2018-10880
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200005
-CVE-2018-10879 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
+CVE-2018-10879
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596806
-CVE-2018-10878 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
+CVE-2018-10878
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199865
-CVE-2018-10877 (Linux kernel ext4 filesystem is vulnerable to an out-of-bound access ...)
+CVE-2018-10877
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199417
-CVE-2018-10876 (A flaw was found in Linux kernel in the ext4 filesystem code. A ...)
+CVE-2018-10876
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199403
-CVE-2018-10875 (A flaw was found in ansible. ansible.cfg is read from the current ...)
+CVE-2018-10875
 	{DSA-4396-1}
 	- ansible 2.6.1+dfsg-1
 	[jessie] - ansible <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596533
 	NOTE: https://github.com/ansible/ansible/pull/42070
 	NOTE: https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981
-CVE-2018-10874 (In ansible it was found that inventory variables are loaded from ...)
+CVE-2018-10874
 	- ansible 2.6.1+dfsg-1
 	[stretch] - ansible <not-affected> (Vulnerable code not present)
 	[jessie] - ansible <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596528
 	NOTE: https://github.com/ansible/ansible/pull/42067
 	NOTE: https://github.com/ansible/ansible/commit/1f80949f964a946773f9d3ac1899535bd2cc2b8e
-CVE-2018-10873 (A vulnerability was discovered in SPICE before version 0.14.1 where ...)
+CVE-2018-10873
 	{DSA-4319-1 DLA-1489-1 DLA-1486-1}
 	- spice 0.14.0-1.1 (bug #906315)
 	- spice-gtk 0.35-1 (bug #906316)
 	[stretch] - spice-gtk <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/spice/spice-common/commit/bb15d4815ab586b4c4a20f4a565970a44824c42c
-CVE-2018-10872 (A flaw was found in the way the Linux kernel handled exceptions ...)
+CVE-2018-10872
 	- linux <not-affected> (Red Hat specific CVE-2018-8897 regression in RHEL 6.10)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596094
-CVE-2018-10871 (389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a ...)
+CVE-2018-10871
 	{DLA-1483-1}
 	[experimental] - 389-ds-base 1.4.0.13-1
 	- 389-ds-base 1.4.0.15-1
 	NOTE: https://pagure.io/389-ds-base/issue/49789
-CVE-2018-10870 (redhat-certification does not properly sanitize paths in ...)
+CVE-2018-10870
 	NOT-FOR-US: Red Hat Certification
-CVE-2018-10869 (redhat-certification does not properly restrict files that can be ...)
+CVE-2018-10869
 	NOT-FOR-US: Red Hat Certification
 CVE-2018-10868
 	RESERVED
@@ -26284,43 +26274,43 @@ CVE-2018-10866
 CVE-2018-10865
 	RESERVED
 	NOT-FOR-US: Red Hat Certification
-CVE-2018-10864 (An uncontrolled resource consumption flaw has been discovered in ...)
+CVE-2018-10864
 	NOT-FOR-US: Red Hat Certification
 CVE-2018-10863
 	RESERVED
 	NOT-FOR-US: Red Hat Certification
-CVE-2018-10862 (WildFly Core before version 6.0.0.Alpha3 does not properly validate ...)
+CVE-2018-10862
 	- wildfly <itp> (bug #752018)
-CVE-2018-10861 (A flaw was found in the way ceph mon handles user requests. Any ...)
+CVE-2018-10861
 	{DSA-4339-1}
 	- ceph 12.2.8+dfsg1-1 (bug #913470)
 	[jessie] - ceph <no-dsa> (Intrusive changes)
 	NOTE: http://tracker.ceph.com/issues/24838
 	NOTE: https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc
-CVE-2018-10860 (perl-archive-zip is vulnerable to a directory traversal in ...)
+CVE-2018-10860
 	{DSA-4300-1 DLA-1440-1}
 	- libarchive-zip-perl 1.62-1 (bug #902882)
 	NOTE: https://github.com/redhotpenguin/perl-Archive-Zip/pull/33
 	NOTE: https://github.com/redhotpenguin/perl-Archive-Zip/commit/95e1df86327
-CVE-2018-10859 (git-annex is vulnerable to an Information Exposure when decrypting ...)
+CVE-2018-10859
 	{DLA-1495-1}
 	- git-annex 6.20180626-1
 	[stretch] - git-annex 6.20170101-1+deb9u2
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4
 	NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/
-CVE-2018-10858 (A heap-buffer overflow was found in the way samba clients processed ...)
+CVE-2018-10858
 	{DSA-4271-1 DLA-1539-1}
 	- samba 2:4.8.4+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2018-10858.html
-CVE-2018-10857 (git-annex is vulnerable to a private data exposure and exfiltration ...)
+CVE-2018-10857
 	{DLA-1495-1}
 	- git-annex 6.20180626-1
 	[stretch] - git-annex 6.20170101-1+deb9u2
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4
 	NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/
-CVE-2018-10856 (It has been discovered that podman before version 0.6.1 does not drop ...)
+CVE-2018-10856
 	NOT-FOR-US: Podman
-CVE-2018-10855 (Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the ...)
+CVE-2018-10855
 	{DSA-4396-1}
 	- ansible 2.5.5+dfsg-1 (low)
 	[jessie] - ansible <not-affected> (vulnerable code not present)
@@ -26328,16 +26318,16 @@ CVE-2018-10855 (Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1588855
 CVE-2018-10854
 	RESERVED
-CVE-2018-10853 (A flaw was found in the way Linux kernel KVM hypervisor before 4.18 ...)
+CVE-2018-10853
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.16-1
 	[stretch] - linux 4.9.110-1
 	NOTE: Fixed by: https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6
-CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the available ...)
+CVE-2018-10852
 	{DLA-1429-1}
 	- sssd <unfixed> (bug #902860)
 	NOTE: https://pagure.io/SSSD/sssd/issue/3766
-CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and ...)
+CVE-2018-10851
 	- pdns 4.1.5-1 (bug #913163)
 	[stretch] - pdns 4.0.3-1+deb9u3
 	[jessie] - pdns <ignored> (Minor issue)
@@ -26348,7 +26338,7 @@ CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5
 	NOTE: https://downloads.powerdns.com/patches/2018-03/
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html
 	NOTE: https://downloads.powerdns.com/patches/2018-04/
-CVE-2018-10850 (389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race ...)
+CVE-2018-10850
 	{DLA-1428-1}
 	[experimental] - 389-ds-base 1.4.0.13-1
 	- 389-ds-base 1.4.0.15-1 (bug #903501)
@@ -26359,14 +26349,14 @@ CVE-2018-10849
 	REJECTED
 CVE-2018-10848
 	REJECTED
-CVE-2018-10847 (prosody before versions 0.10.2, 0.9.14 is vulnerable to an ...)
+CVE-2018-10847
 	{DSA-4216-1}
 	- prosody 0.10.2-1 (bug #900524)
 	NOTE: https://issues.prosody.im/1147
 	NOTE: https://blog.prosody.im/prosody-0-10-2-security-release/
 	NOTE: https://prosody.im/security/advisory_20180531/issue1147-0.10.1.patch (0.10.1)
 	NOTE: https://prosody.im/security/advisory_20180531/issue1147-0.9.patch (0.9.x)
-CVE-2018-10846 (A cache-based side channel in GnuTLS implementation that leads to ...)
+CVE-2018-10846
 	{DLA-1560-1}
 	[experimental] - gnutls28 3.6.3-1
 	- gnutls28 3.5.19-1
@@ -26378,7 +26368,7 @@ CVE-2018-10846 (A cache-based side channel in GnuTLS implementation that leads t
 	NOTE: instead of correcting the issue.
 	NOTE: https://eprint.iacr.org/2018/747
 	NOTE: Backport of the MR657 to 3.5.x: https://gitlab.com/gnutls/gnutls/merge_requests/663
-CVE-2018-10845 (It was found that the GnuTLS implementation of HMAC-SHA-384 was ...)
+CVE-2018-10845
 	{DLA-1560-1}
 	- gnutls28 3.5.19-1
 	[stretch] - gnutls28 3.5.8-5+deb9u4
@@ -26388,7 +26378,7 @@ CVE-2018-10845 (It was found that the GnuTLS implementation of HMAC-SHA-384 was
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/e14d85eb8b1987d86f7b1d101a0e7795675d20d4 (gnutls_3_5_19)
 	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/657
 	NOTE: https://eprint.iacr.org/2018/747
-CVE-2018-10844 (It was found that the GnuTLS implementation of HMAC-SHA-256 was ...)
+CVE-2018-10844
 	{DLA-1560-1}
 	- gnutls28 3.5.19-1
 	[stretch] - gnutls28 3.5.8-5+deb9u4
@@ -26400,23 +26390,23 @@ CVE-2018-10844 (It was found that the GnuTLS implementation of HMAC-SHA-256 was
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/c2e094acd68f7159025b2e2556d6fb4427b41dd7 (gnutls_3_5_19)
 	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/657
 	NOTE: https://eprint.iacr.org/2018/747
-CVE-2018-10843 (source-to-image component of Openshift Container Platform before ...)
+CVE-2018-10843
 	NOT-FOR-US: source-to-image in OpenShift
-CVE-2018-10842 (It was found that an authenticated user could manipulate user session ...)
+CVE-2018-10842
 	NOT-FOR-US: Keycloak
-CVE-2018-10841 (glusterfs is vulnerable to privilege escalation on gluster server ...)
+CVE-2018-10841
 	- glusterfs 4.1.2-1 (bug #901968)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://review.gluster.org/#/c/20328/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e8d928e34680079e42be6947ffacc4ddd7defca2
-CVE-2018-10840 (Linux kernel is vulnerable to a heap-based buffer overflow in the ...)
+CVE-2018-10840
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199347
 	NOTE: Fixed by: https://git.kernel.org/linus/8a2b307c21d4b290e3cbe33f768f194286d07c23
-CVE-2018-10839 (Qemu emulator &lt;= 3.0.0 built with the NE2000 NIC emulation support is ...)
+CVE-2018-10839
 	{DSA-4338-1 DLA-1599-1}
 	- qemu 1:3.1+dfsg-1 (bug #910431)
 	- qemu-kvm <removed>
@@ -26435,29 +26425,29 @@ CVE-2018-10834
 	RESERVED
 CVE-2018-10833
 	RESERVED
-CVE-2018-10832 (ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. ...)
+CVE-2018-10832
 	NOT-FOR-US: ModbusPal
-CVE-2018-10831 (Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier ...)
+CVE-2018-10831
 	NOT-FOR-US: Z-NOMP
-CVE-2018-10830 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ...)
+CVE-2018-10830
 	NOT-FOR-US: 2345 Security Guard
 CVE-2018-10829
 	RESERVED
-CVE-2018-10828 (An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ...)
+CVE-2018-10828
 	NOT-FOR-US: Alps Pointing-device Driver
-CVE-2018-10827 (LiteCart before 2.1.2 allows remote attackers to cause a denial of ...)
+CVE-2018-10827
 	NOT-FOR-US: LiteCart
 CVE-2018-10826
 	RESERVED
-CVE-2018-10825 (Mimo Baby 2 devices do not use authentication or encryption for the ...)
+CVE-2018-10825
 	NOT-FOR-US: Mimo Baby 2
-CVE-2018-10824 (An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L ...)
+CVE-2018-10824
 	NOT-FOR-US: D-Link
-CVE-2018-10823 (An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 ...)
+CVE-2018-10823
 	NOT-FOR-US: D-Link
-CVE-2018-10822 (Directory traversal vulnerability in the web interface on D-Link ...)
+CVE-2018-10822
 	NOT-FOR-US: D-Link
-CVE-2018-10821 (Cross-site scripting (XSS) vulnerability in backend/pages/modify.php ...)
+CVE-2018-10821
 	NOT-FOR-US: BlackCatCMS
 CVE-2018-10820
 	RESERVED
@@ -26465,67 +26455,67 @@ CVE-2018-10819
 	RESERVED
 CVE-2018-10818
 	RESERVED
-CVE-2018-10817 (Severalnines ClusterControl before 1.6.0-4699 allows XSS. ...)
+CVE-2018-10817
 	NOT-FOR-US: Severalnines ClusterControl
 CVE-2018-10816
 	RESERVED
 CVE-2018-10815
 	RESERVED
-CVE-2018-10814 (Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for ...)
+CVE-2018-10814
 	NOT-FOR-US: Synametrics SynaMan
-CVE-2018-10813 (In Dedos-web 1.0, the cookie and session secrets used in the ...)
+CVE-2018-10813
 	NOT-FOR-US: Dedos-web
-CVE-2018-10812 (The Bitpie application through 3.2.4 for Android and iOS uses cleartext ...)
+CVE-2018-10812
 	NOT-FOR-US: Bitpie application for Android and iOS
-CVE-2018-10811 (strongSwan 5.6.0 and older allows Remote Denial of Service because of ...)
+CVE-2018-10811
 	{DSA-4229-1}
 	- strongswan 5.6.3-1
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-5.6.3-released.html
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-10811).html
-CVE-2018-10810 (chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is ...)
+CVE-2018-10810
 	NOT-FOR-US: LiveZilla Live Chat
-CVE-2018-10809 (In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) ...)
+CVE-2018-10809
 	NOT-FOR-US: 2345 Security Guard
 CVE-2018-10808
 	RESERVED
 CVE-2018-10807
 	RESERVED
-CVE-2018-10806 (An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross ...)
+CVE-2018-10806
 	NOT-FOR-US: Frog CMS
-CVE-2018-10805 (ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage ...)
+CVE-2018-10805
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (unimportant; bug #898218)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1054
-CVE-2018-10804 (ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage ...)
+CVE-2018-10804
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (unimportant; bug #898217)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1053
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/052f6c22d3a2b2aae9dfa24aff9ccdf8b72ace91
-CVE-2018-10803 (Cross-site scripting (XSS) vulnerability in the add credentials ...)
+CVE-2018-10803
 	NOT-FOR-US: Zoho ManageEngine NetFlow Analyzer
-CVE-2018-1000301 (curl version curl 7.20.0 to and including curl 7.59.0 contains a ...)
+CVE-2018-1000301
 	{DSA-4202-1 DLA-1379-1}
 	- curl 7.60.0-1 (bug #898856)
 	NOTE: https://curl.haxx.se/docs/adv_2018-b138.html
-CVE-2018-1000300 (curl version curl 7.54.1 to and including curl 7.59.0 contains a ...)
+CVE-2018-1000300
 	- curl 7.60.0-1
 	[stretch] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
 	[jessie] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
 	[wheezy] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
 	NOTE: https://curl.haxx.se/docs/adv_2018-82c2.html
-CVE-2018-1000177 (A cross-site scripting vulnerability exists in Jenkins S3 Plugin ...)
+CVE-2018-1000177
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000176 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000176
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000175 (A path traversal vulnerability exists in Jenkins HTML Publisher Plugin ...)
+CVE-2018-1000175
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000174 (An open redirect vulnerability exists in Jenkins Google Login Plugin ...)
+CVE-2018-1000174
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000173 (A session fixaction vulnerability exists in Jenkins Google Login ...)
+CVE-2018-1000173
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-10802
 	RESERVED
-CVE-2018-10801 (TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as ...)
+CVE-2018-10801
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
 	- tiff3 <removed>
@@ -26535,15 +26525,15 @@ CVE-2018-10801 (TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks,
 	NOTE: technically still present in the source package
 CVE-2018-10800
 	RESERVED
-CVE-2018-10799 (A hang issue was discovered in Brave before 0.14.0 (on, for example, ...)
+CVE-2018-10799
 	- brave-browser <itp> (bug #864795)
-CVE-2018-10798 (A hang issue was discovered in Brave before 0.14.0 (on, for example, ...)
+CVE-2018-10798
 	- brave-browser <itp> (bug #864795)
 CVE-2018-10797
 	RESERVED
-CVE-2018-10796 (In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) ...)
+CVE-2018-10796
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10795 (** DISPUTED ** Liferay 6.2.x and before has an FCKeditor configuration ...)
+CVE-2018-10795
 	NOT-FOR-US: Liferay
 CVE-2018-10794
 	RESERVED
@@ -26573,7 +26563,7 @@ CVE-2018-10782
 	RESERVED
 CVE-2018-10781
 	RESERVED
-CVE-2018-10780 (Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based ...)
+CVE-2018-10780
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575201
@@ -26582,7 +26572,7 @@ CVE-2018-10780 (Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-ba
 	NOTE: Exiv2::Image::printIFDStructure.
 	NOTE: Commit https://github.com/Exiv2/exiv2/commit/8ff26931e31bb25d66c69846f47f3f5b6d9a32f1
 	NOTE: avoids using Image::printStructure() when reading images.
-CVE-2018-10779 (TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based ...)
+CVE-2018-10779
 	- tiff 4.0.6-3 (bug #898359)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
 	- tiff3 <removed>
@@ -26590,44 +26580,44 @@ CVE-2018-10779 (TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-bas
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although
 	NOTE: technically still present in the source package
-CVE-2018-10778 (Read access violation in the III_dequantize_sample function in ...)
+CVE-2018-10778
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
-CVE-2018-10777 (Buffer overflow in the WriteMP3GainAPETag function in apetag.c in ...)
+CVE-2018-10777
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
-CVE-2018-10776 (The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 ...)
+CVE-2018-10776
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
-CVE-2018-10775 (NULL pointer dereference in the _fields_add function in fields.c in ...)
+CVE-2018-10775
 	- bibutils <unfixed> (unimportant; bug #898135)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10774 (Read access violation in the isiin_keyword function in isiin.c in ...)
+CVE-2018-10774
 	- bibutils <unfixed> (unimportant; bug #898135)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10773 (NULL pointer deference in the addsn function in serialno.c in ...)
+CVE-2018-10773
 	- bibutils <unfixed> (unimportant; bug #898135)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10772 (The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows ...)
+CVE-2018-10772
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566260
-CVE-2018-10771 (Stack-based buffer overflow in the get_key function in parse.c in ...)
+CVE-2018-10771
 	- abcm2ps 8.14.2-0.1 (unimportant; bug #898130)
 	NOTE: https://github.com/leesavide/abcm2ps/issues/17
 	NOTE: https://github.com/leesavide/abcm2ps/commit/dc0372993674d0b50fedfbf7b9fad1239b8efc5f
 	NOTE: Crash in CLI tool (neutralised by toolchain hardening), no security impact
-CVE-2018-10770 (download.rsp on ShenZhen Anni &quot;5 in 1 XVR&quot; devices allows remote ...)
+CVE-2018-10770
 	NOT-FOR-US: ShenZhen Anni "5 in 1 XVR" devices
-CVE-2018-10769 (The transferProxy and approveProxy functions of a smart contract ...)
+CVE-2018-10769
 	NOT-FOR-US: smart contract
-CVE-2018-10768 (There is a NULL pointer dereference in the AnnotPath::getCoordsLength ...)
+CVE-2018-10768
 	{DLA-1562-1}
 	- poppler 0.38.0-2
 	[wheezy] - poppler <not-affected> (Vulnerable code is not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=106408
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=942adfc25e7a00ac3cf032ced2d8949e99099f70 (poppler-0.37)
-CVE-2018-10767 (There is a stack-based buffer over-read in calling GLib in the function ...)
+CVE-2018-10767
 	- libgxps 0.3.0-3 (bug #898133)
 	[stretch] - libgxps <no-dsa> (Minor issue)
 	[jessie] - libgxps <no-dsa> (Minor issue)
@@ -26639,54 +26629,54 @@ CVE-2018-10765
 	RESERVED
 CVE-2018-10764
 	RESERVED
-CVE-2018-10763 (Multiple cross-site scripting (XSS) vulnerabilities in Synametrics ...)
+CVE-2018-10763
 	NOT-FOR-US: Synametrics SynaMan
 CVE-2018-10762
 	REJECTED
 CVE-2018-10761
 	REJECTED
-CVE-2018-10760 (Unrestricted file upload vulnerability in the Files plugin in ...)
+CVE-2018-10760
 	NOT-FOR-US: Files plugin in ProjectPier
-CVE-2018-10759 (PHP remote file inclusion vulnerability in public/patch/patch.php in ...)
+CVE-2018-10759
 	NOT-FOR-US: Project Pier
-CVE-2018-11319 (Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle ...)
+CVE-2018-11319
 	{DSA-4261-1 DLA-1444-1}
 	- vim-syntastic 3.9.0-1 (bug #894736)
 	NOTE: https://github.com/vim-syntastic/syntastic/issues/2170
 	NOTE: https://github.com/vim-syntastic/syntastic/commit/6d7c0b394e001233dd09ec473fbea2002c72632f
-CVE-2018-10758 (The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action ...)
+CVE-2018-10758
 	NOT-FOR-US: Datenstrom Yellow
-CVE-2018-10757 (CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant ...)
+CVE-2018-10757
 	NOT-FOR-US: CSP MySQL User Manager
 CVE-2018-10756
 	RESERVED
 CVE-2018-10755
 	REJECTED
-CVE-2018-10754 (In ncurses before 6.1.20180414, there is a NULL Pointer Dereference in ...)
+CVE-2018-10754
 	- ncurses 6.1+20180210-3 (low)
 	[stretch] - ncurses <no-dsa> (Minor issue)
 	[jessie] - ncurses <no-dsa> (Minor issue)
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566575
 	NOTE: https://invisible-island.net/ncurses/NEWS.html#t20180414
-CVE-2018-10753 (Stack-based buffer overflow in the delayed_output function in music.c ...)
+CVE-2018-10753
 	- abcm2ps 8.14.2-0.1 (unimportant; bug #897966)
 	NOTE: https://github.com/leesavide/abcm2ps/issues/16
 	NOTE: https://github.com/leesavide/abcm2ps/commit/fd956e19f88ee32f8ec4aece5901400b06e80bcc
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10752 (The Tagregator plugin 0.6 for WordPress has stored XSS via the title ...)
+CVE-2018-10752
 	NOT-FOR-US: Tagregator plugin for WordPress
-CVE-2018-10751 (A malformed OMACP WAP push message can cause memory corruption on a ...)
+CVE-2018-10751
 	NOT-FOR-US: Samsung
-CVE-2018-10750 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
+CVE-2018-10750
 	NOT-FOR-US: D-Link
-CVE-2018-10749 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
+CVE-2018-10749
 	NOT-FOR-US: D-Link
-CVE-2018-10748 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
+CVE-2018-10748
 	NOT-FOR-US: D-Link
-CVE-2018-10747 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
+CVE-2018-10747
 	NOT-FOR-US: D-Link
-CVE-2018-10746 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
+CVE-2018-10746
 	NOT-FOR-US: D-Link
 CVE-2018-10745
 	RESERVED
@@ -26698,21 +26688,21 @@ CVE-2018-10742
 	RESERVED
 CVE-2018-10741
 	RESERVED
-CVE-2018-10740 (Axublog 1.1.0 allows remote Code Execution as demonstrated by injection ...)
+CVE-2018-10740
 	NOT-FOR-US: Axublog
-CVE-2018-10739 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. ...)
+CVE-2018-10739
 	NOT-FOR-US: Shanghai 2345 Security Guard
-CVE-2018-10738 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via the ...)
+CVE-2018-10738
 	NOT-FOR-US: Nagios XI
-CVE-2018-10737 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via the ...)
+CVE-2018-10737
 	NOT-FOR-US: Nagios XI
-CVE-2018-10736 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via the ...)
+CVE-2018-10736
 	NOT-FOR-US: Nagios XI
-CVE-2018-10735 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via the ...)
+CVE-2018-10735
 	NOT-FOR-US: Nagios XI
-CVE-2018-10734 (KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a ...)
+CVE-2018-10734
 	NOT-FOR-US: KONGTOP DVR devices
-CVE-2018-10733 (There is a heap-based buffer over-read in the function ...)
+CVE-2018-10733
 	- libgxps 0.3.0-3 (low; bug #897954)
 	[stretch] - libgxps <no-dsa> (Minor issue)
 	[jessie] - libgxps <no-dsa> (Minor issue)
@@ -26720,27 +26710,27 @@ CVE-2018-10733 (There is a heap-based buffer over-read in the function ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1574844
 	NOTE: https://git.gnome.org/browse/libgxps/commit/?id=b458226e162fe1ffe7acb4230c114a52ada5131b
 	NOTE: https://git.gnome.org/browse/libgxps/commit/?id=133fe2a96e020d4ca65c6f64fb28a404050ebbfd
-CVE-2018-10732 (The REST API in Dataiku DSS before 4.2.3 allows remote attackers to ...)
+CVE-2018-10732
 	NOT-FOR-US: Dataiku DSS
-CVE-2018-10731 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
+CVE-2018-10731
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
-CVE-2018-10730 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
+CVE-2018-10730
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
-CVE-2018-10729 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
+CVE-2018-10729
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
-CVE-2018-10728 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products ...)
+CVE-2018-10728
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 CVE-2018-10727
 	RESERVED
-CVE-2018-10726 (** DISPUTED ** A stored XSS vulnerability was found in Datenstrom ...)
+CVE-2018-10726
 	NOT-FOR-US: Datenstrom Yellow
 CVE-2018-10725
 	RESERVED
 CVE-2018-10724
 	RESERVED
-CVE-2018-10723 (Directus 6.4.9 has a hardcoded admin password for the Admin account ...)
+CVE-2018-10723
 	NOT-FOR-US: Directus
-CVE-2018-10722 (In Cylance CylancePROTECT before 1470, an unprivileged local user can ...)
+CVE-2018-10722
 	NOT-FOR-US: Cylance CylancePROTECT
 CVE-2018-10721
 	RESERVED
@@ -26748,33 +26738,33 @@ CVE-2018-10720
 	RESERVED
 CVE-2018-10719
 	RESERVED
-CVE-2018-10718 (Stack-based buffer overflow in Activision Infinity Ward Call of Duty ...)
+CVE-2018-10718
 	NOT-FOR-US: Activision
-CVE-2018-10717 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not ...)
+CVE-2018-10717
 	NOT-FOR-US: ngiflib
-CVE-2018-10716 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. ...)
+CVE-2018-10716
 	NOT-FOR-US: Shanghai 2345 Security Guard
 CVE-2018-10715
 	RESERVED
 CVE-2018-10714
 	RESERVED
-CVE-2018-10713 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
+CVE-2018-10713
 	NOT-FOR-US: D-Link
-CVE-2018-10712 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
+CVE-2018-10712
 	NOT-FOR-US: ASRock
-CVE-2018-10711 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
+CVE-2018-10711
 	NOT-FOR-US: ASRock
-CVE-2018-10710 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
+CVE-2018-10710
 	NOT-FOR-US: ASRock
-CVE-2018-10709 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
+CVE-2018-10709
 	NOT-FOR-US: ASRock
 CVE-2018-10708
 	RESERVED
 CVE-2018-10707
 	RESERVED
-CVE-2018-10706 (An integer overflow in the transferMulti function of a smart contract ...)
+CVE-2018-10706
 	NOT-FOR-US: Social Chain
-CVE-2018-10705 (The Owned smart contract implementation for Aurora DAO (AURA), an ...)
+CVE-2018-10705
 	NOT-FOR-US: Aurora DAD
 CVE-2018-10704
 	RESERVED
@@ -26806,7 +26796,7 @@ CVE-2018-10691
 	RESERVED
 CVE-2018-10690
 	RESERVED
-CVE-2018-10689 (blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel ...)
+CVE-2018-10689
 	- blktrace 1.2.0-1 (low; bug #897695)
 	[stretch] - blktrace 1.1.0-2+deb9u1
 	[jessie] - blktrace 1.0.5-1+deb8u1
@@ -26817,9 +26807,9 @@ CVE-2018-10688
 	RESERVED
 CVE-2018-10687
 	RESERVED
-CVE-2018-10686 (An issue was discovered in Vesta Control Panel 0.9.8-20. There is ...)
+CVE-2018-10686
 	NOT-FOR-US:  Vesta Control Panel
-CVE-2018-10685 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ...)
+CVE-2018-10685
 	- lrzip 0.631+git180517-1 (low; bug #897645)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
@@ -26827,21 +26817,21 @@ CVE-2018-10685 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free i
 	NOTE: https://github.com/ckolivas/lrzip/issues/95
 CVE-2018-10684
 	RESERVED
-CVE-2018-10683 (** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. In the ...)
+CVE-2018-10683
 	- wildfly <itp> (bug #752018)
-CVE-2018-10682 (** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is ...)
+CVE-2018-10682
 	- wildfly <itp> (bug #752018)
 CVE-2018-10681
 	RESERVED
-CVE-2018-10680 (** DISPUTED ** Z-BlogPHP 1.5.2 has a stored Cross Site Scripting ...)
+CVE-2018-10680
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-10679
 	RESERVED
-CVE-2018-10678 (MyBB 1.8.15, when accessed with Microsoft Edge, mishandles ...)
+CVE-2018-10678
 	NOT-FOR-US: MyBB
-CVE-2018-10677 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks ...)
+CVE-2018-10677
 	NOT-FOR-US: ngiflib
-CVE-2018-10676 (CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR ...)
+CVE-2018-10676
 	NOT-FOR-US: CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices
 CVE-2018-10674
 	RESERVED
@@ -26859,65 +26849,65 @@ CVE-2018-10668
 	RESERVED
 CVE-2018-10667
 	RESERVED
-CVE-2018-10666 (The Owned smart contract implementation for Aurora IDEX Membership ...)
+CVE-2018-10666
 	NOT-FOR-US: Aurora IDEX
-CVE-2018-10665 (ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to ...)
+CVE-2018-10665
 	NOT-FOR-US: ILIAS
-CVE-2018-10664 (An issue was discovered in the httpd process in multiple models of ...)
+CVE-2018-10664
 	NOT-FOR-US: Axis
-CVE-2018-10663 (An issue was discovered in multiple models of Axis IP Cameras. There ...)
+CVE-2018-10663
 	NOT-FOR-US: Axis
-CVE-2018-10662 (An issue was discovered in multiple models of Axis IP Cameras. There ...)
+CVE-2018-10662
 	NOT-FOR-US: Axis
-CVE-2018-10661 (An issue was discovered in multiple models of Axis IP Cameras. There ...)
+CVE-2018-10661
 	NOT-FOR-US: Axis
-CVE-2018-10660 (An issue was discovered in multiple models of Axis IP Cameras. There ...)
+CVE-2018-10660
 	NOT-FOR-US: Axis
-CVE-2018-10659 (There was a Memory Corruption issue discovered in multiple models of ...)
+CVE-2018-10659
 	NOT-FOR-US: Axis
-CVE-2018-10658 (There was a Memory Corruption issue discovered in multiple models of ...)
+CVE-2018-10658
 	NOT-FOR-US: Axis
-CVE-2018-10675 (The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel ...)
+CVE-2018-10675
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux 3.2.96-1
 	NOTE: https://git.kernel.org/linus/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99 (4.13-rc6)
-CVE-2018-10657 (Matrix Synapse before 0.28.1 is prone to a denial of service flaw where ...)
+CVE-2018-10657
 	- matrix-synapse 0.28.1+dfsg-1
 	NOTE: https://github.com/matrix-org/synapse/commit/33f469ba19586bbafa0cf2c7d7c35463bdab87eb
 	NOTE: https://matrix.org/blog/2018/05/01/security-update-synapse-0-28-1/
 CVE-2018-10656
 	RESERVED
-CVE-2018-10655 (DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 ...)
+CVE-2018-10655
 	NOT-FOR-US: DeviceLock Plug and Play Auditor
-CVE-2018-10654 (There is a Hazelcast Library Java Deserialization Vulnerability in ...)
+CVE-2018-10654
 	NOT-FOR-US: Citrix
-CVE-2018-10653 (There is an XML External Entity (XXE) Processing Vulnerability in ...)
+CVE-2018-10653
 	NOT-FOR-US: Citrix
-CVE-2018-10652 (There is a Sensitive Data Leakage issue in Citrix XenMobile Server ...)
+CVE-2018-10652
 	NOT-FOR-US: Citrix
-CVE-2018-10651 (There are Open Redirect Vulnerabilities in Citrix XenMobile Server ...)
+CVE-2018-10651
 	NOT-FOR-US: Citrix
-CVE-2018-10650 (There is an Insufficient Path Validation Vulnerability in Citrix ...)
+CVE-2018-10650
 	NOT-FOR-US: Citrix
-CVE-2018-10649 (There is a Cross-Site Scripting Vulnerability in Citrix XenMobile ...)
+CVE-2018-10649
 	NOT-FOR-US: Citrix
-CVE-2018-10648 (There are Unauthenticated File Upload Vulnerabilities in Citrix ...)
+CVE-2018-10648
 	NOT-FOR-US: Citrix
-CVE-2018-10647 (SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation ...)
+CVE-2018-10647
 	NOT-FOR-US: SaferVPN
-CVE-2018-10646 (CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege ...)
+CVE-2018-10646
 	NOT-FOR-US: CyberGhost
-CVE-2018-10645 (Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM ...)
+CVE-2018-10645
 	NOT-FOR-US: Golden Frog VyprVPN
 CVE-2018-10644
 	RESERVED
 CVE-2018-10643
 	RESERVED
-CVE-2018-10642 (Command injection vulnerability in Combodo iTop 2.4.1 allows remote ...)
+CVE-2018-10642
 	NOT-FOR-US: Combodo iTop
-CVE-2018-10641 (D-Link DIR-601 A1 1.02NA devices do not require the old password for a ...)
+CVE-2018-10641
 	NOT-FOR-US: D-Link
 CVE-2018-10640
 	RESERVED
@@ -26925,115 +26915,115 @@ CVE-2018-10639
 	RESERVED
 CVE-2018-10638
 	RESERVED
-CVE-2018-10637 (A maliciously crafted project file may cause a buffer overflow, which ...)
+CVE-2018-10637
 	NOT-FOR-US: Fuji
-CVE-2018-10636 (CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 ...)
+CVE-2018-10636
 	NOT-FOR-US: CNCSoft
-CVE-2018-10635 (In Universal Robots Robot Controllers Version CB 3.1, SW Version ...)
+CVE-2018-10635
 	NOT-FOR-US: Universal Robots
-CVE-2018-10634 (Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm ...)
+CVE-2018-10634
 	NOT-FOR-US: Medtronic
-CVE-2018-10633 (Universal Robots Robot Controllers Version CB 3.1, SW Version ...)
+CVE-2018-10633
 	NOT-FOR-US: Universal Robots
-CVE-2018-10632 (In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and ...)
+CVE-2018-10632
 	NOT-FOR-US: Moxa
-CVE-2018-10631 (Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician ...)
+CVE-2018-10631
 	NOT-FOR-US: Medtronic
-CVE-2018-10630 (For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version ...)
+CVE-2018-10630
 	NOT-FOR-US: Creston
 CVE-2018-10629
 	RESERVED
-CVE-2018-10628 (AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update ...)
+CVE-2018-10628
 	NOT-FOR-US: AVEVA
-CVE-2018-10627 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior ...)
+CVE-2018-10627
 	NOT-FOR-US: Echelon
-CVE-2018-10626 (A vulnerability was discovered in all versions of Medtronic MyCareLink ...)
+CVE-2018-10626
 	NOT-FOR-US: Medtronic
 CVE-2018-10625
 	RESERVED
-CVE-2018-10624 (In Johnson Controls Metasys System Versions 8.0 and prior and BCPro ...)
+CVE-2018-10624
 	NOT-FOR-US: Johnson Controls Metasys System
-CVE-2018-10623 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 ...)
+CVE-2018-10623
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-10622 (A vulnerability was discovered in all versions of Medtronic MyCareLink ...)
+CVE-2018-10622
 	NOT-FOR-US: Medtronic
-CVE-2018-10621 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 ...)
+CVE-2018-10621
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-10620 (AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine ...)
+CVE-2018-10620
 	NOT-FOR-US: AVEVA
-CVE-2018-10619 (An unquoted search path or element in RSLinx Classic Versions 3.90.01 ...)
+CVE-2018-10619
 	NOT-FOR-US: RSLinx
-CVE-2018-10618 (Davolink DVW-3200N all version prior to Version 1.00.06. The device ...)
+CVE-2018-10618
 	NOT-FOR-US: Davolink DVW-3200N
-CVE-2018-10617 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 ...)
+CVE-2018-10617
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-10616 (ABB Panel Builder 800 all versions has an improper input validation ...)
+CVE-2018-10616
 	NOT-FOR-US: ABB Panel Builder 800
-CVE-2018-10615 (Directory traversal may lead to files being exfiltrated or deleted on ...)
+CVE-2018-10615
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
-CVE-2018-10614 (An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be ...)
+CVE-2018-10614
 	NOT-FOR-US: LeviStudioU
-CVE-2018-10613 (Multiple variants of XML External Entity (XXE) attacks may be used to ...)
+CVE-2018-10613
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
-CVE-2018-10612 (In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior ...)
+CVE-2018-10612
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Control V3 Products
-CVE-2018-10611 (Java remote method invocation (RMI) input port in GE MDS PulseNET and ...)
+CVE-2018-10611
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
-CVE-2018-10610 (An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and ...)
+CVE-2018-10610
 	NOT-FOR-US: LeviStudioU
-CVE-2018-10609 (Martem TELEM GW6 and GWM devices with firmware ...)
+CVE-2018-10609
 	NOT-FOR-US: Martem TELEM GW6 and GWM devices
-CVE-2018-10608 (SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited ...)
+CVE-2018-10608
 	NOT-FOR-US: SEL AcSELerator Architect
-CVE-2018-10607 (Martem TELEM GW6 and GWM devices with firmware ...)
+CVE-2018-10607
 	NOT-FOR-US: Martem TELEM GW6 and GWM devices
-CVE-2018-10606 (WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based ...)
+CVE-2018-10606
 	NOT-FOR-US: WECON LeviStudio
-CVE-2018-10605 (Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow ...)
+CVE-2018-10605
 	NOT-FOR-US: Martem TELEM GW6/GWM
-CVE-2018-10604 (SEL Compass version 3.0.5.1 and prior allows all users full access to ...)
+CVE-2018-10604
 	NOT-FOR-US: SEL Compass
-CVE-2018-10603 (Martem TELEM GW6 and GWM devices with firmware ...)
+CVE-2018-10603
 	NOT-FOR-US: Martem TELEM GW6 and GWM devices
-CVE-2018-10602 (WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based ...)
+CVE-2018-10602
 	NOT-FOR-US: WECON LeviStudio
-CVE-2018-10601 (IntelliVue Patient Monitors MP Series (including ...)
+CVE-2018-10601
 	NOT-FOR-US: Philips
-CVE-2018-10600 (SEL AcSELerator Architect version 2.2.24.0 and prior allows ...)
+CVE-2018-10600
 	NOT-FOR-US: SEL AcSELerator Architect
-CVE-2018-10599 (IntelliVue Patient Monitors MP Series (including ...)
+CVE-2018-10599
 	NOT-FOR-US: Philips
-CVE-2018-10598 (CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 ...)
+CVE-2018-10598
 	NOT-FOR-US: CNCSoft
-CVE-2018-10597 (IntelliVue Patient Monitors MP Series (including ...)
+CVE-2018-10597
 	NOT-FOR-US: Philips
-CVE-2018-10596 (Medtronic 2090 CareLink Programmer all versions The affected product ...)
+CVE-2018-10596
 	NOT-FOR-US: Medtronic
-CVE-2018-10595 (A vulnerability in ReadA version 1.1.0.2 and previous allows an ...)
+CVE-2018-10595
 	NOT-FOR-US: BD Kiestra and InoqulA systems
-CVE-2018-10594 (Delta Industrial Automation COMMGR from Delta Electronics versions ...)
+CVE-2018-10594
 	NOT-FOR-US: Delta
-CVE-2018-10593 (A vulnerability in DB Manager version 3.0.1.0 and previous and ...)
+CVE-2018-10593
 	NOT-FOR-US: BD Kiestra and InoqulA systems
-CVE-2018-10592 (Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers ...)
+CVE-2018-10592
 	NOT-FOR-US: Yokogawa
-CVE-2018-10591 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-10591
 	NOT-FOR-US: Advantech
-CVE-2018-10590 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-10590
 	NOT-FOR-US: Advantech
-CVE-2018-10589 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-10589
 	NOT-FOR-US: Advantech
 CVE-2018-10588
 	RESERVED
-CVE-2018-10587 (NetGain Enterprise Manager (EM) is affected by OS Command Injection ...)
+CVE-2018-10587
 	NOT-FOR-US: NetGain Enterprise Manager
-CVE-2018-10586 (NetGain Enterprise Manager (EM) is affected by multiple Stored ...)
+CVE-2018-10586
 	NOT-FOR-US: NetGain Enterprise Manager
 CVE-2018-10585
 	RESERVED
 CVE-2018-10584
 	RESERVED
-CVE-2018-10583 (An information disclosure vulnerability occurs when LibreOffice 6.0.3 ...)
+CVE-2018-10583
 	- libreoffice <unfixed> (unimportant)
 	NOTE: http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/
 	NOTE: This is the generic behaviour of accessing remote SMB shares and not limited to
@@ -27043,49 +27033,49 @@ CVE-2018-10583 (An information disclosure vulnerability occurs when LibreOffice
 	NOTE: https://cgit.freedesktop.org/libreoffice/core/commit/?id=0b7f4a4f57117fde33d0b1df96134aa6ccce023e
 CVE-2018-10582
 	RESERVED
-CVE-2018-10581 (In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able ...)
+CVE-2018-10581
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-10580 (The &quot;Latest Posts on Profile&quot; plugin 1.1 for MyBB has XSS because ...)
+CVE-2018-10580
 	NOT-FOR-US: "Latest Posts on Profile" plugin for MyBB
 CVE-2018-10579
 	RESERVED
-CVE-2018-10578 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices ...)
+CVE-2018-10578
 	NOT-FOR-US: WatchGuard AP100, AP102, and AP200 devices
-CVE-2018-10577 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices ...)
+CVE-2018-10577
 	NOT-FOR-US: WatchGuard AP100, AP102, and AP200 devices
-CVE-2018-10576 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices ...)
+CVE-2018-10576
 	NOT-FOR-US: WatchGuard devices
-CVE-2018-10575 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices ...)
+CVE-2018-10575
 	NOT-FOR-US: WatchGuard devices
-CVE-2018-10574 (site/index.php/admin/trees/add/ in BigTree 4.2.22 and earlier allows ...)
+CVE-2018-10574
 	NOT-FOR-US: BigTree CMS
-CVE-2018-1000172 (Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross ...)
+CVE-2018-1000172
 	NOT-FOR-US: Imagely NextGEN Gallery
-CVE-2018-10573 (interface/fax/fax_dispatch.php in OpenEMR before 5.0.1 allows remote ...)
+CVE-2018-10573
 	NOT-FOR-US: OpenEMR
-CVE-2018-10572 (interface/patient_file/letter.php in OpenEMR before 5.0.1 allows remote ...)
+CVE-2018-10572
 	NOT-FOR-US: OpenEMR
-CVE-2018-10571 (Multiple reflected cross-site scripting (XSS) vulnerabilities in ...)
+CVE-2018-10571
 	NOT-FOR-US: OpenEMR
-CVE-2018-10570 (Frog CMS 0.9.5 has XSS in /install/index.php via the ...)
+CVE-2018-10570
 	NOT-FOR-US: Frog CMS
-CVE-2018-10569 (An issue was discovered in Edimax EW-7438RPn Mini v2 before version ...)
+CVE-2018-10569
 	NOT-FOR-US: Edimax EW-7438RPn Mini v2
-CVE-2018-10568 (XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7. ...)
+CVE-2018-10568
 	NOT-FOR-US: Flexense DiskSorter Enterprise
-CVE-2018-10567 (XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. ...)
+CVE-2018-10567
 	NOT-FOR-US: Flexense VX Search Enterprise
-CVE-2018-10566 (XSS exists in Flexense DupScout Enterprise from v10.0.18 to v10.7. ...)
+CVE-2018-10566
 	NOT-FOR-US: Flexense DupScout Enterprise
-CVE-2018-10565 (XSS exists in Flexense DiskSavvy Enterprise from v10.4 to v10.7. ...)
+CVE-2018-10565
 	NOT-FOR-US: Flexense DiskSavvy Enterprise
-CVE-2018-10564 (XSS exists in Flexense DiskPulse Enterprise from v10.4 to v10.7. ...)
+CVE-2018-10564
 	NOT-FOR-US: Flexense DiskPulse Enterprise
-CVE-2018-10563 (An XSS in Flexense SyncBreeze affects all versions (tested from ...)
+CVE-2018-10563
 	NOT-FOR-US: Flexense SyncBreeze
-CVE-2018-10562 (An issue was discovered on Dasan GPON home routers. Command Injection ...)
+CVE-2018-10562
 	NOT-FOR-US: Dasan GPON home routers
-CVE-2018-10561 (An issue was discovered on Dasan GPON home routers. It is possible to ...)
+CVE-2018-10561
 	NOT-FOR-US: Dasan GPON home routers
 CVE-2018-10560
 	RESERVED
@@ -27099,17 +27089,17 @@ CVE-2018-10556
 	RESERVED
 CVE-2018-10555
 	RESERVED
-CVE-2018-10554 (An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable ...)
+CVE-2018-10554
 	NOT-FOR-US: Nagios XI
-CVE-2018-10553 (An issue was discovered in Nagios XI 5.4.13. A registered user is able ...)
+CVE-2018-10553
 	NOT-FOR-US: Nagios XI
 CVE-2018-10552
 	RESERVED
 CVE-2018-10551
 	RESERVED
-CVE-2018-10550 (In Octopus Deploy before 2018.4.7, target and tenant tag variable ...)
+CVE-2018-10550
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-10549 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, ...)
+CVE-2018-10549
 	{DSA-4240-1 DLA-1397-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27118,7 +27108,7 @@ CVE-2018-10549 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.3
 	[wheezy] - php5 <not-affected> (vulnerable code is not present)
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76130
-CVE-2018-10548 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, ...)
+CVE-2018-10548
 	{DSA-4240-1 DLA-1397-1 DLA-1373-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27126,7 +27116,7 @@ CVE-2018-10548 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.3
 	- php5 <removed>
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76248
-CVE-2018-10547 (An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, ...)
+CVE-2018-10547
 	{DSA-4240-1 DLA-1397-1 DLA-1373-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27134,7 +27124,7 @@ CVE-2018-10547 (An issue was discovered in ext/phar/phar_object.c in PHP before
 	- php5 <removed>
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76129
-CVE-2018-10546 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, ...)
+CVE-2018-10546
 	{DSA-4240-1 DLA-1397-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27143,7 +27133,7 @@ CVE-2018-10546 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.3
 	[wheezy] - php5 <not-affected> (does not cause an infinite loop)
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76249
-CVE-2018-10545 (An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, ...)
+CVE-2018-10545
 	{DSA-4240-1 DLA-1397-1 DLA-1373-1}
 	- php7.2 7.2.4-1
 	- php7.1 7.1.16-1
@@ -27151,7 +27141,7 @@ CVE-2018-10545 (An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.2
 	- php5 <removed>
 	NOTE: Fixed in 5.6.35, 7.0.29, 7.1.16, 7.2.4
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75605
-CVE-2018-10544 (Meross MSS110 devices through 1.1.24 contain an unauthenticated ...)
+CVE-2018-10544
 	NOT-FOR-US: Meross MSS110
 CVE-2018-10543
 	RESERVED
@@ -27159,28 +27149,28 @@ CVE-2018-10542
 	RESERVED
 CVE-2018-10541
 	RESERVED
-CVE-2018-10540 (An issue was discovered in WavPack 5.1.0 and earlier for W64 input. ...)
+CVE-2018-10540
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
 	NOTE: https://github.com/dbry/WavPack/issues/33
-CVE-2018-10539 (An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. ...)
+CVE-2018-10539
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
 	NOTE: https://github.com/dbry/WavPack/issues/33
-CVE-2018-10538 (An issue was discovered in WavPack 5.1.0 and earlier for WAV input. ...)
+CVE-2018-10538
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
 	NOTE: https://github.com/dbry/WavPack/issues/33
-CVE-2018-10537 (An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser ...)
+CVE-2018-10537
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
@@ -27189,7 +27179,7 @@ CVE-2018-10537 (An issue was discovered in WavPack 5.1.0 and earlier. The W64 pa
 	NOTE: https://github.com/dbry/WavPack/issues/30
 	NOTE: https://github.com/dbry/WavPack/issues/31
 	NOTE: https://github.com/dbry/WavPack/issues/32
-CVE-2018-10536 (An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser ...)
+CVE-2018-10536
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
@@ -27198,14 +27188,14 @@ CVE-2018-10536 (An issue was discovered in WavPack 5.1.0 and earlier. The WAV pa
 	NOTE: https://github.com/dbry/WavPack/issues/30
 	NOTE: https://github.com/dbry/WavPack/issues/31
 	NOTE: https://github.com/dbry/WavPack/issues/32
-CVE-2018-10535 (The ignore_section_sym function in elf.c in the Binary File Descriptor ...)
+CVE-2018-10535
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23113
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=db0c309f4011ca94a4abc8458e27f3734dab92ac
-CVE-2018-10534 (The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in ...)
+CVE-2018-10534
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -27214,27 +27204,27 @@ CVE-2018-10534 (The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXige
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aa4a8c2a2a67545e90c877162c53cc9de42dc8b4
 CVE-2018-10533
 	RESERVED
-CVE-2018-10532 (An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 ...)
+CVE-2018-10532
 	NOT-FOR-US: EE 4GEE HH70VB-2BE8GB3s
 CVE-2018-10531
 	RESERVED
 CVE-2018-10530
 	RESERVED
-CVE-2018-10529 (An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds ...)
+CVE-2018-10529
 	- libraw 0.18.11-1 (low; bug #897186)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c
 	NOTE: https://github.com/LibRaw/LibRaw/issues/144
-CVE-2018-10528 (An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer ...)
+CVE-2018-10528
 	- libraw 0.18.11-1 (low; bug #897185)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/895529fc2f2eb8bc633edd6b04b5b237eb4db564
 	NOTE: https://github.com/LibRaw/LibRaw/issues/144
-CVE-2018-10527 (EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields ...)
+CVE-2018-10527
 	NOT-FOR-US: EasyCMS
 CVE-2018-10526
 	RESERVED
@@ -27242,117 +27232,117 @@ CVE-2018-10525
 	RESERVED
 CVE-2018-10524
 	RESERVED
-CVE-2018-10523 (CMS Made Simple (CMSMS) through 2.2.7 contains a physical path leakage ...)
+CVE-2018-10523
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10522 (In CMS Made Simple (CMSMS) through 2.2.7, the &quot;file view&quot; operation in ...)
+CVE-2018-10522
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10521 (In CMS Made Simple (CMSMS) through 2.2.7, the &quot;file move&quot; operation in ...)
+CVE-2018-10521
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10520 (In CMS Made Simple (CMSMS) through 2.2.7, the &quot;module remove&quot; operation ...)
+CVE-2018-10520
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10519 (CMS Made Simple (CMSMS) 2.2.7 contains a privilege escalation ...)
+CVE-2018-10519
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10518 (In CMS Made Simple (CMSMS) through 2.2.7, the &quot;file delete&quot; operation ...)
+CVE-2018-10518
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10517 (In CMS Made Simple (CMSMS) through 2.2.7, the &quot;module import&quot; operation ...)
+CVE-2018-10517
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10516 (In CMS Made Simple (CMSMS) through 2.2.7, the &quot;file rename&quot; operation ...)
+CVE-2018-10516
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10515 (In CMS Made Simple (CMSMS) through 2.2.7, the &quot;file unpack&quot; operation ...)
+CVE-2018-10515
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10514 (A Missing Impersonation Privilege Escalation vulnerability in Trend ...)
+CVE-2018-10514
 	NOT-FOR-US: Trend Micro
-CVE-2018-10513 (A Deserialization of Untrusted Data Privilege Escalation vulnerability ...)
+CVE-2018-10513
 	NOT-FOR-US: Trend Micro
-CVE-2018-10512 (A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) ...)
+CVE-2018-10512
 	NOT-FOR-US: Trend Micro
-CVE-2018-10511 (A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) ...)
+CVE-2018-10511
 	NOT-FOR-US: Trend Micro
-CVE-2018-10510 (A Directory Traversal Remote Code Execution vulnerability in Trend ...)
+CVE-2018-10510
 	NOT-FOR-US: Trend Micro
-CVE-2018-10509 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow ...)
+CVE-2018-10509
 	NOT-FOR-US: Trend Micro
-CVE-2018-10508 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow ...)
+CVE-2018-10508
 	NOT-FOR-US: Trend Micro
-CVE-2018-10507 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow ...)
+CVE-2018-10507
 	NOT-FOR-US: Trend Micro
-CVE-2018-10506 (A out-of-bounds read information disclosure vulnerability in Trend ...)
+CVE-2018-10506
 	NOT-FOR-US: Trend Micro
-CVE-2018-10505 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
+CVE-2018-10505
 	NOT-FOR-US: Trend Micro
-CVE-2018-10504 (The WebDorado &quot;Form Maker by WD&quot; plugin before 1.12.24 for WordPress ...)
+CVE-2018-10504
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-10503 (An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. ...)
+CVE-2018-10503
 	NOT-FOR-US: baijiacms
-CVE-2018-10502 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-10502
 	NOT-FOR-US: Samsung Galaxy Apps Fixed
-CVE-2018-10501 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-10501
 	NOT-FOR-US: Samsung Notes Fixed
-CVE-2018-10500 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-10500
 	NOT-FOR-US: Samsung Galaxy Apps
-CVE-2018-10499 (This vulnerability allows local attackers to execute arbitrary code on ...)
+CVE-2018-10499
 	NOT-FOR-US: Samsung Galaxy Apps
-CVE-2018-10498 (This vulnerability allows local attackers to disclose sensitive ...)
+CVE-2018-10498
 	NOT-FOR-US: Samsung Email Fixed
-CVE-2018-10497 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-10497
 	NOT-FOR-US: Samsung Email Fixed
-CVE-2018-10496 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10496
 	NOT-FOR-US: Samsung Internet Browser Fixed
-CVE-2018-10495 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10495
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10494 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10494
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10493 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10493
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10492 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10492
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10491 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10491
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10490 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10490
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10489 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10489
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10488 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10488
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10487 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10487
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10486 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10486
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10485 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10485
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10484 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10484
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10483 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10483
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10482 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10482
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10481 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10481
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10480 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10480
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10479 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10479
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10478 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10478
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10477 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10477
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10476 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10476
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10475 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-10475
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10474 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10474
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10473 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-10473
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10470 (Little Snitch versions 4.0 to 4.0.6 use the ...)
+CVE-2018-10470
 	NOT-FOR-US: Little Snitch
-CVE-2018-10469 (b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and ...)
+CVE-2018-10469
 	NOT-FOR-US: b3log Symphony (aka Sym)
-CVE-2018-10468 (The transferFrom function of a smart contract implementation for ...)
+CVE-2018-10468
 	NOT-FOR-US: Ethereum
 CVE-2018-10467
 	RESERVED
-CVE-2018-10466 (Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind ...)
+CVE-2018-10466
 	NOT-FOR-US: Zoho
 CVE-2018-10465
 	RESERVED
@@ -27420,37 +27410,37 @@ CVE-2018-10434
 	RESERVED
 CVE-2018-10433
 	RESERVED
-CVE-2018-10471 (An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS ...)
+CVE-2018-10471
 	{DSA-4201-1 DLA-1549-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	[wheezy] - xen <not-affected> (Regression for XSA-254 which was not applied in wheezy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-259.html
-CVE-2018-10472 (An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS ...)
+CVE-2018-10472
 	{DSA-4201-1 DLA-1559-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	[wheezy] - xen <not-affected> (No QMP support in wheezy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-258.html
 CVE-2018-10432
 	RESERVED
-CVE-2018-10431 (D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell ...)
+CVE-2018-10431
 	NOT-FOR-US: D-Link
-CVE-2018-10430 (An issue was discovered in DiliCMS (aka DiligentCMS) 2.4.0. There is a ...)
+CVE-2018-10430
 	NOT-FOR-US: DiliCMS
-CVE-2018-10429 (Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the ...)
+CVE-2018-10429
 	NOT-FOR-US: Cosmo
-CVE-2018-10428 (ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due ...)
+CVE-2018-10428
 	NOT-FOR-US: ILIAS
 CVE-2018-10427
 	RESERVED
 CVE-2018-10426
 	RESERVED
-CVE-2018-10425 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. ...)
+CVE-2018-10425
 	NOT-FOR-US: Shanghai 2345 Security Guard
-CVE-2018-10424 (mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via ...)
+CVE-2018-10424
 	NOT-FOR-US: MiniCMS
-CVE-2018-10423 (mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a ...)
+CVE-2018-10423
 	NOT-FOR-US: MiniCMS
-CVE-2018-10422 (An issue was discovered in HongCMS 3.0.0. The post news feature has ...)
+CVE-2018-10422
 	NOT-FOR-US: HongCMS
 CVE-2018-10421
 	RESERVED
@@ -27478,17 +27468,17 @@ CVE-2018-10410
 	RESERVED
 CVE-2018-10409
 	RESERVED
-CVE-2018-10408 (An issue was discovered in VirusTotal. A maliciously crafted ...)
+CVE-2018-10408
 	NOT-FOR-US: VirusTotal
-CVE-2018-10407 (An issue was discovered in Carbon Black Cb Response. A maliciously ...)
+CVE-2018-10407
 	NOT-FOR-US: Carbon Black Cb Response
-CVE-2018-10406 (An issue was discovered in Yelp OSXCollector. A maliciously crafted ...)
+CVE-2018-10406
 	NOT-FOR-US: Yelp OSXCollector
-CVE-2018-10405 (An issue was discovered in Google Santa and molcodesignchecker. A ...)
+CVE-2018-10405
 	NOT-FOR-US: Google Santa and molcodesignchecker
-CVE-2018-10404 (An issue was discovered in Objective-See KnockKnock, LuLu, ...)
+CVE-2018-10404
 	NOT-FOR-US: Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and procInfo
-CVE-2018-10403 (An issue was discovered in F-Secure XFENCE and Little Flocker. A ...)
+CVE-2018-10403
 	NOT-FOR-US: F-Secure XFENCE and Little Flocker
 CVE-2018-10402
 	RESERVED
@@ -27508,7 +27498,7 @@ CVE-2018-10395
 	RESERVED
 CVE-2018-10394
 	RESERVED
-CVE-2018-10393 (bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a ...)
+CVE-2018-10393
 	- libvorbis 1.3.6-2 (bug #876780)
 	[stretch] - libvorbis <no-dsa> (Minor issue)
 	[jessie] - libvorbis <no-dsa> (Minor issue)
@@ -27516,7 +27506,7 @@ CVE-2018-10393 (bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a .
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2334
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
 	NOTE: Same patch as for CVE-2017-14160
-CVE-2018-10392 (mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not ...)
+CVE-2018-10392
 	- libvorbis 1.3.6-2 (bug #876780)
 	[stretch] - libvorbis <no-dsa> (Minor issue)
 	[jessie] - libvorbis <no-dsa> (Minor issue)
@@ -27524,7 +27514,7 @@ CVE-2018-10392 (mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2335
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
 	NOTE: Same patch as for CVE-2017-14160
-CVE-2018-10391 (An issue was discovered in WUZHI CMS 4.1.0. There is XSS via the email ...)
+CVE-2018-10391
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-10390
 	RESERVED
@@ -27542,11 +27532,11 @@ CVE-2018-10384
 	RESERVED
 CVE-2018-10383
 	RESERVED
-CVE-2018-10382 (MODX Revolution 2.6.3 has XSS. ...)
+CVE-2018-10382
 	NOT-FOR-US: MODX Revolution
-CVE-2018-10381 (TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege ...)
+CVE-2018-10381
 	NOT-FOR-US: TunnelBear for Windows
-CVE-2018-10380 (kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ...)
+CVE-2018-10380
 	{DSA-4200-1}
 	- kwallet-pam 5.12.1-2
 	NOTE: https://www.kde.org/info/security/advisory-20180503-1.txt
@@ -27554,43 +27544,43 @@ CVE-2018-10380 (kwallet-pam in KDE KWallet before 5.12.6 allows local users to o
 	NOTE: https://commits.kde.org/kwallet-pam/01d4143fda5bddb6dca37b23304dc239a5fb38b5 (Plasma 5.12)
 	NOTE: https://commits.kde.org/kwallet-pam/99abc7fde21f40cc6da5feb6ee766cc46fcca1f8 (Plasma 5.8)
 	NOTE: https://commits.kde.org/kwallet-pam/802f305d81f8771c4f4a8bd7fd0e368ffc6f9b3b (Plasma 5.8)
-CVE-2018-10379 (An issue was discovered in GitLab Community Edition (CE) and Enterprise ...)
+CVE-2018-10379
 	- gitlab 10.6.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Vulnerable code introduced in 9.5)
 	NOTE: https://about.gitlab.com/2018/04/30/security-release-gitlab-10-dot-7-dot-2-released/
 CVE-2018-10378
 	RESERVED
-CVE-2018-10377 (PortSwigger Burp Suite before 1.7.34 has Improper Certificate ...)
+CVE-2018-10377
 	NOT-FOR-US: PortSwigger Burp Suite
-CVE-2018-10376 (An integer overflow in the transferProxy function of a smart contract ...)
+CVE-2018-10376
 	NOT-FOR-US: SmartMesh token
-CVE-2018-10375 (A file uploading vulnerability exists in ...)
+CVE-2018-10375
 	NOT-FOR-US: DedeCMS
-CVE-2018-10374 (EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) ...)
+CVE-2018-10374
 	NOT-FOR-US: EasyCMS
-CVE-2018-10373 (concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library ...)
+CVE-2018-10373
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23065
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6327533b1fd29fa86f6bf34e61c332c010e3c689
-CVE-2018-10372 (process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote ...)
+CVE-2018-10372
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23064
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6aea08d9f3e3d6475a65454da488a0c51f5dc97d
-CVE-2018-10371 (An issue was discovered in the wunderfarm WF Cookie Consent plugin ...)
+CVE-2018-10371
 	NOT-FOR-US: wunderfarm WF Cookie Consent plugin for WordPress
-CVE-2018-1000178 (A heap corruption of type CWE-120 exists in quassel version 0.12.4 in ...)
+CVE-2018-1000178
 	{DSA-4189-1 DLA-1370-1}
 	- quassel 1:0.12.5-1 (bug #896914)
 	NOTE: https://github.com/quassel/quassel/commit/2b777e99fc9f74d4ed21491710260664a1721d1f (master)
 	NOTE: https://github.com/quassel/quassel/commit/18389a713a6810f57ab237b945e8ee03df857b8b (0.12)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/27/1
-CVE-2018-1000179 (A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 ...)
+CVE-2018-1000179
 	{DSA-4189-1}
 	- quassel 1:0.12.5-1 (bug #896915)
 	[wheezy] - quassel <no-dsa> (Minor issue)
@@ -27599,44 +27589,44 @@ CVE-2018-1000179 (A NULL Pointer Dereference of CWE-476 exists in quassel versio
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/27/1
 CVE-2018-10370
 	RESERVED
-CVE-2018-10369 (A Cross-site scripting (XSS) vulnerability was discovered on Intelbras ...)
+CVE-2018-10369
 	NOT-FOR-US: Intelbras Win devices
-CVE-2018-10368 (An issue was discovered in WUZHI CMS 4.1.0. The &quot;Extension Module -&gt; ...)
+CVE-2018-10368
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10367 (An issue was discovered in WUZHI CMS 4.1.0. The content-management ...)
+CVE-2018-10367
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10366 (An issue was discovered in the Users (aka Front-end user management) ...)
+CVE-2018-10366
 	NOT-FOR-US: Users (aka Front-end user management) plugin for October CMS
-CVE-2018-10365 (An XSS issue was discovered in the Threads to Link plugin 1.3 for ...)
+CVE-2018-10365
 	NOT-FOR-US: Threads to Link plugin for MyBB
-CVE-2018-10364 (BigTree before 4.2.22 has XSS in the Users management page via the name ...)
+CVE-2018-10364
 	NOT-FOR-US: BigTree CMS
-CVE-2018-10363 (An issue was discovered in the WpDevArt &quot;Booking calendar, Appointment ...)
+CVE-2018-10363
 	NOT-FOR-US: WpDevArt "Booking calendar, Appointment Booking System" plugin for WordPress
-CVE-2018-10360 (The do_core_note function in readelf.c in libmagic.a in file 5.33 ...)
+CVE-2018-10360
 	- file 1:5.33-3 (bug #901351)
 	[stretch] - file 1:5.30-1+deb9u2
 	[jessie] - file 1:5.22+15-2+deb8u4
 	NOTE: https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22
-CVE-2018-10359 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
+CVE-2018-10359
 	NOT-FOR-US: Trend Micro
-CVE-2018-10358 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
+CVE-2018-10358
 	NOT-FOR-US: Trend Micro
-CVE-2018-10357 (A directory traversal vulnerability in Trend Micro Endpoint ...)
+CVE-2018-10357
 	NOT-FOR-US: Trend Micro
-CVE-2018-10356 (A SQL injection remote code execution vulnerability in Trend Micro ...)
+CVE-2018-10356
 	NOT-FOR-US: Trend Micro
-CVE-2018-10355 (An authentication weakness vulnerability in Trend Micro Email ...)
+CVE-2018-10355
 	NOT-FOR-US: Trend Micro
-CVE-2018-10354 (A command injection remote command execution vulnerability in Trend ...)
+CVE-2018-10354
 	NOT-FOR-US: Trend Micro
-CVE-2018-10353 (A SQL injection information disclosure vulnerability in Trend Micro ...)
+CVE-2018-10353
 	NOT-FOR-US: Trend Micro
-CVE-2018-10352 (A vulnerability in Trend Micro Email Encryption Gateway 5.5 could ...)
+CVE-2018-10352
 	NOT-FOR-US: Trend Micro
-CVE-2018-10351 (A vulnerability in Trend Micro Email Encryption Gateway 5.5 could ...)
+CVE-2018-10351
 	NOT-FOR-US: Trend Micro
-CVE-2018-10350 (A SQL injection remote code execution vulnerability in Trend Micro ...)
+CVE-2018-10350
 	NOT-FOR-US: Trend Micro
 CVE-2018-10349
 	RESERVED
@@ -27678,97 +27668,97 @@ CVE-2018-10331
 	RESERVED
 CVE-2018-10330
 	RESERVED
-CVE-2018-10361 (An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure ...)
+CVE-2018-10361
 	- ktexteditor 5.47.0-1 (bug #896836)
 	[stretch] - ktexteditor <not-affected> (Introduced in 5.34.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/24/1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1033055
 	NOTE: https://phabricator.kde.org/R39:c81af5aa1d4f6e0f8c44b2e85ca007ba2a1e4590
-CVE-2018-10329 (app/tools/mac-lookup/index.php in phpIPAM 1.3.1 has Reflected XSS on ...)
+CVE-2018-10329
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/issues/1903
-CVE-2018-10328 (Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming ...)
+CVE-2018-10328
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-10327 (PrinterOn Enterprise 4.1.3 stores the Active Directory bind ...)
+CVE-2018-10327
 	NOT-FOR-US: PrinterOn Enterprise
-CVE-2018-10326 (PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored ...)
+CVE-2018-10326
 	NOT-FOR-US: PrinterOn Enterprise
 CVE-2018-10325
 	RESERVED
 CVE-2018-10324
 	RESERVED
-CVE-2018-10323 (The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in ...)
+CVE-2018-10323
 	{DSA-4188-1 DLA-1529-1}
 	- linux 4.16.5-1
 	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199423
-CVE-2018-10322 (The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the ...)
+CVE-2018-10322
 	- linux 4.16.5-1
 	[wheezy] - linux <ignored> (dinode verifier not implemented)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199377
-CVE-2018-10321 (Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via ...)
+CVE-2018-10321
 	NOT-FOR-US: Frog CMS
-CVE-2018-10320 (Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] ...)
+CVE-2018-10320
 	NOT-FOR-US: Frog CMS
-CVE-2018-10319 (Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] ...)
+CVE-2018-10319
 	NOT-FOR-US: Frog CMS
-CVE-2018-10318 (Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] ...)
+CVE-2018-10318
 	NOT-FOR-US: Frog CMS
 CVE-2018-10317
 	RESERVED
-CVE-2018-10316 (Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the ...)
+CVE-2018-10316
 	- nasm 2.14-1 (unimportant)
 	NOTE: No security impact
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392474
 	NOTE: https://github.com/netwide-assembler/nasm/commit/f0ceb1e122dc3523123dd8dfd6113f2e68451452
 CVE-2018-10315
 	RESERVED
-CVE-2018-10314 (Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 ...)
+CVE-2018-10314
 	NOT-FOR-US: Open-AudIT Community
-CVE-2018-10313 (WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter ...)
+CVE-2018-10313
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10312 (index.php?m=member&amp;v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change ...)
+CVE-2018-10312
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10311 (A vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent ...)
+CVE-2018-10311
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10310 (A persistent cross-site scripting vulnerability has been identified in ...)
+CVE-2018-10310
 	NOT-FOR-US: web interface of the Catapult UK Cookie Consent plugin for WordPress
-CVE-2018-10309 (The Responsive Cookie Consent plugin before 1.8 for WordPress ...)
+CVE-2018-10309
 	NOT-FOR-US: Responsive Cookie Consent plugin for WordPress
 CVE-2018-10308
 	RESERVED
-CVE-2018-10307 (error.php in ILIAS 5.2.x through 5.3.x before 5.3.4 allows XSS via the ...)
+CVE-2018-10307
 	NOT-FOR-US: ILIAS
-CVE-2018-10306 (Services/Form/classes/class.ilDateDurationInputGUI.php and ...)
+CVE-2018-10306
 	NOT-FOR-US: ILIAS
-CVE-2018-10305 (The MessageSearch2 function in PersonalMessage.php in Simple Machines ...)
+CVE-2018-10305
 	NOT-FOR-US: Simple Machines Forum
 CVE-2018-10304
 	RESERVED
-CVE-2018-10303 (A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 ...)
+CVE-2018-10303
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10302 (A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 ...)
+CVE-2018-10302
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10362 (An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to ...)
+CVE-2018-10362
 	- phpliteadmin 1.9.7.1-2 (bug #896682)
 	NOTE: https://github.com/phpLiteAdmin/pla/issues/11
 	NOTE: Fixed by: https://github.com/phpLiteAdmin/pla/commit/41545fe058e674a983f557bff13787df53167274
-CVE-2018-10301 (Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram ...)
+CVE-2018-10301
 	NOT-FOR-US: Web-Dorado Instagram Feed WD plugin Premium for WordPress
-CVE-2018-10300 (Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram ...)
+CVE-2018-10300
 	NOT-FOR-US: Web-Dorado Instagram Feed WD plugin for WordPress
-CVE-2018-10299 (An integer overflow in the batchTransfer function of a smart contract ...)
+CVE-2018-10299
 	NOT-FOR-US: Beauty Chain
-CVE-2018-10298 (Discuz! DiscuzX through X3.4 has reflected XSS via ...)
+CVE-2018-10298
 	NOT-FOR-US: DiscuzX
-CVE-2018-10297 (Discuz! DiscuzX through X3.4 has stored XSS via the ...)
+CVE-2018-10297
 	NOT-FOR-US: DiscuzX
-CVE-2018-10296 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter. ...)
+CVE-2018-10296
 	NOT-FOR-US: MiniCMS
-CVE-2018-10295 (ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add ...)
+CVE-2018-10295
 	NOT-FOR-US: ChemCMS
-CVE-2018-10294 (Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS. ...)
+CVE-2018-10294
 	NOT-FOR-US: Flexense DiskBoss Enterprise
 CVE-2018-10293
 	RESERVED
@@ -27778,7 +27768,7 @@ CVE-2018-10291
 	RESERVED
 CVE-2018-10290
 	RESERVED
-CVE-2018-10289 (In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space ...)
+CVE-2018-10289
 	- mupdf 1.13.0+ds1-3 (unimportant; bug #896545)
 	[jessie] - mupdf <not-affected> (Vulnerable code introduced later)
 	[wheezy] - mupdf <not-affected> (Vulnerable code introduced later)
@@ -27788,13 +27778,13 @@ CVE-2018-10288
 	RESERVED
 CVE-2018-10287
 	RESERVED
-CVE-2018-10286 (The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive ...)
+CVE-2018-10286
 	NOT-FOR-US: Ericsson-LG iPECS NMS A.1Ac web application
-CVE-2018-10285 (The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access ...)
+CVE-2018-10285
 	NOT-FOR-US: Ericsson-LG iPECS NMS A.1Ac web application
-CVE-2018-10284 (Adaltech G-Ticket v70 EME104 has SQL Injection via the ...)
+CVE-2018-10284
 	NOT-FOR-US: Adaltech G-Ticket v70 EME104
-CVE-2018-10283 (CliqueMania loja virtual 14 has SQL Injection via the patch/remote.php ...)
+CVE-2018-10283
 	NOT-FOR-US: CliqueMania loja virtual
 CVE-2018-10282
 	RESERVED
@@ -27824,13 +27814,13 @@ CVE-2018-10270
 	RESERVED
 CVE-2018-10269
 	RESERVED
-CVE-2018-10268 (An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS ...)
+CVE-2018-10268
 	NOT-FOR-US: FastAdmin
-CVE-2018-10267 (WTCMS 1.0 has a CSRF vulnerability to add an administrator account via ...)
+CVE-2018-10267
 	NOT-FOR-US: WTCMS
-CVE-2018-10266 (BEESCMS 4.0 has a CSRF vulnerability to add an administrator account ...)
+CVE-2018-10266
 	NOT-FOR-US: BEESCMS
-CVE-2018-10265 (An issue was discovered in HongCMS v3.0.0. There is a CSRF ...)
+CVE-2018-10265
 	NOT-FOR-US: HongCMS
 CVE-2018-10264
 	RESERVED
@@ -27840,42 +27830,42 @@ CVE-2018-10262
 	RESERVED
 CVE-2018-10261
 	RESERVED
-CVE-2018-10260 (A Local File Inclusion vulnerability was found in HRSALE The Ultimate ...)
+CVE-2018-10260
 	NOT-FOR-US: HRSALE
-CVE-2018-10259 (An Authenticated Stored XSS vulnerability was found in HRSALE The ...)
+CVE-2018-10259
 	NOT-FOR-US: HRSALE
-CVE-2018-10258 (A CSV Injection vulnerability was discovered in Shopy Point of Sale ...)
+CVE-2018-10258
 	NOT-FOR-US: Shopy
-CVE-2018-10257 (A CSV Injection vulnerability was discovered in HRSALE The Ultimate ...)
+CVE-2018-10257
 	NOT-FOR-US: HRSALE
-CVE-2018-10256 (A SQL Injection vulnerability was discovered in HRSALE The Ultimate ...)
+CVE-2018-10256
 	NOT-FOR-US: HRSALE
-CVE-2018-10255 (A CSV Injection vulnerability was discovered in clustercoding Blog ...)
+CVE-2018-10255
 	NOT-FOR-US: clustercoding
-CVE-2018-10254 (Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the ...)
+CVE-2018-10254
 	- nasm 2.14-1 (bug #896523)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/nasm/bugs/561/
 	NOTE: https://github.com/netwide-assembler/nasm/commit/55d09bbf6f7087339277b1e3b17c134b2afb2510
-CVE-2018-10253 (Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack ...)
+CVE-2018-10253
 	NOT-FOR-US: Paessler PRTG Network Monitor
-CVE-2018-10252 (An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a ...)
+CVE-2018-10252
 	NOT-FOR-US: Actiontec WCB6200Q
-CVE-2018-10251 (A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and ...)
+CVE-2018-10251
 	NOT-FOR-US: Sierra Wireless AirLink routers
-CVE-2018-10250 (iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a ...)
+CVE-2018-10250
 	NOT-FOR-US: iCMS
-CVE-2018-10249 (baijiacms V3 has CSRF via ...)
+CVE-2018-10249
 	NOT-FOR-US: baijiacms
-CVE-2018-10248 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
+CVE-2018-10248
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-10247
 	RESERVED
 CVE-2018-10246
 	RESERVED
-CVE-2018-10245 (A Full Path Disclosure vulnerability in AWStats through 7.6 allows ...)
+CVE-2018-10245
 	- awstats <unfixed> (unimportant)
 	NOTE: Path disclosure for awstats negligible within Debian
 CVE-2018-10244
@@ -27884,51 +27874,51 @@ CVE-2018-10243
 	RESERVED
 CVE-2018-10242
 	RESERVED
-CVE-2018-10241 (A denial of service vulnerability in SolarWinds Serv-U before 15.1.6 ...)
+CVE-2018-10241
 	NOT-FOR-US: SolarWinds Serv-U
-CVE-2018-10240 (SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a ...)
+CVE-2018-10240
 	NOT-FOR-US: SolarWinds Serv-U
 CVE-2018-10239
 	RESERVED
-CVE-2018-10238 (bvlc.c in skarg BACnet Protocol Stack 0.8.5 has a buffer overflow in ...)
+CVE-2018-10238
 	NOT-FOR-US: skarg BACnet Protocol Stack
-CVE-2018-10237 (Unbounded memory allocation in Google Guava 11.0 through 24.x before ...)
+CVE-2018-10237
 	NOT-FOR-US: Google Guava
-CVE-2018-10236 (POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via ...)
+CVE-2018-10236
 	NOT-FOR-US: POSCMS
-CVE-2018-10235 (POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via ...)
+CVE-2018-10235
 	NOT-FOR-US: POSCMS
-CVE-2018-10234 (Authenticated Cross site Scripting exists in the User Profile &amp; ...)
+CVE-2018-10234
 	NOT-FOR-US: User Profile & Membership plugin for WordPress
-CVE-2018-10233 (The User Profile &amp; Membership plugin before 2.0.7 for WordPress has no ...)
+CVE-2018-10233
 	NOT-FOR-US: User Profile & Membership plugin for WordPress
-CVE-2018-10232 (Cross-site request forgery (CSRF) vulnerability in TOPdesk before ...)
+CVE-2018-10232
 	NOT-FOR-US: TOPdesk
-CVE-2018-10231 (Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 ...)
+CVE-2018-10231
 	NOT-FOR-US: TOPdesk
-CVE-2018-10230 (Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455. ...)
+CVE-2018-10230
 	NOT-FOR-US: Zend Server
-CVE-2018-10229 (A hardware vulnerability in GPU memory modules allows attackers to ...)
+CVE-2018-10229
 	NOT-FOR-US: GPU memory hardware issue
 CVE-2018-10228
 	RESERVED
-CVE-2018-10227 (MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter. ...)
+CVE-2018-10227
 	NOT-FOR-US: MiniCMS
 CVE-2018-10226
 	RESERVED
-CVE-2018-10225 (thinkphp 3.1.3 has SQL Injection via the index.php s parameter. ...)
+CVE-2018-10225
 	NOT-FOR-US: thinkphp
-CVE-2018-10224 (An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability ...)
+CVE-2018-10224
 	NOT-FOR-US: YzmCMS
-CVE-2018-10223 (An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability ...)
+CVE-2018-10223
 	NOT-FOR-US: YzmCMS
-CVE-2018-10222 (An issue was discovered in idreamsoft iCMS V7.0. There is a CSRF ...)
+CVE-2018-10222
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-10221 (An issue was discovered in WUZHI CMS V4.1.0. There is a persistent XSS ...)
+CVE-2018-10221
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10220 (** DISPUTED ** Glastopf 3.1.3-dev has SSRF, as demonstrated by the ...)
+CVE-2018-10220
 	NOT-FOR-US: Glastopf
-CVE-2018-10219 (baijiacms V3 has physical path leakage via an ...)
+CVE-2018-10219
 	NOT-FOR-US: baijiacms
 CVE-2018-10218
 	RESERVED
@@ -27940,43 +27930,43 @@ CVE-2018-10215
 	RESERVED
 CVE-2018-10214
 	RESERVED
-CVE-2018-10213 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10213
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10212 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10212
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10211 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10211
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10210 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10210
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10209 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10209
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10208 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10208
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10207 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10207
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10206 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
+CVE-2018-10206
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10205 (hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the ...)
+CVE-2018-10205
 	NOT-FOR-US: HyperHQ Hyper
-CVE-2018-10204 (PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation ...)
+CVE-2018-10204
 	NOT-FOR-US: PureVPN
 CVE-2018-10203
 	RESERVED
 CVE-2018-10202
 	RESERVED
-CVE-2018-10201 (An issue was discovered in NcMonitorServer.exe in NC Monitor Server in ...)
+CVE-2018-10201
 	NOT-FOR-US: NC Monitor Server
 CVE-2018-10200
 	RESERVED
-CVE-2018-10198 (An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is ...)
+CVE-2018-10198
 	- otrs2 6.0.7-1
 	[stretch] - otrs2 <not-affected> (Specific to OTRS 6)
 	[jessie] - otrs2 <not-affected> (Specific to OTRS 6)
 	NOTE: https://github.com/OTRS/otrs/commit/9f5f09e4eef283c2f38c003ba0685b77234750d1
 	NOTE: https://community.otrs.com/security-advisory-2018-01-security-update-for-otrs-framework
-CVE-2018-10197 (There is a time-based blind SQL injection vulnerability in the Access ...)
+CVE-2018-10197
 	NOT-FOR-US: ELO
-CVE-2018-10196 (NULL pointer dereference vulnerability in the rebuild_vlists function ...)
+CVE-2018-10196
 	- graphviz <unfixed> (low; bug #898841)
 	[buster] - graphviz <no-dsa> (Minor issue)
 	[stretch] - graphviz <no-dsa> (Minor issue)
@@ -27992,68 +27982,68 @@ CVE-2018-10195 [rzsz: sz can leak data to receiving side]
 	[wheezy] - lrzsz <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1090051
 	NOTE: Fedora patch: https://src.fedoraproject.org/cgit/rpms/lrzsz.git/tree/lrzsz-0.12.20.patch
-CVE-2018-10194 (The set_text_distance function in devices/vector/gdevpdts.c in the ...)
+CVE-2018-10194
 	{DLA-1363-1}
 	- ghostscript 9.22~dfsg-2.1 (bug #896069)
 	[stretch] - ghostscript 9.20~dfsg-3.2+deb9u2
 	[jessie] - ghostscript 9.06~dfsg-2+deb8u7
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699255 (not yet public)
-CVE-2018-1000200 (The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer ...)
+CVE-2018-1000200
 	- linux 4.16.12-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/27ae357fa82be5ab73b2ef8d39dcb8ca2563483a
-CVE-2018-1000167 (OISF suricata-update version 1.0.0a1 contains an Insecure ...)
+CVE-2018-1000167
 	NOT-FOR-US: suricata-update (different from suricata)
 CVE-2018-1000166
 	REJECTED
-CVE-2018-1000165 (LightSAML version prior to 1.3.5 contains a Incorrect Access Control ...)
+CVE-2018-1000165
 	NOT-FOR-US: LightSAML
-CVE-2018-1000163 (Floodlight version 1.2 and earlier contains a Cross Site Scripting ...)
+CVE-2018-1000163
 	NOT-FOR-US: Floodlight
-CVE-2018-1000162 (Parsedown version prior to 1.7.0 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000162
 	NOT-FOR-US: Parsedown
-CVE-2018-1000160 (RisingStack protect version 1.2.0 and earlier contains a Cross Site ...)
+CVE-2018-1000160
 	NOT-FOR-US: RisingStack
-CVE-2018-1000158 (cmsmadesimple version 2.2.7 contains a Incorrect Access Control ...)
+CVE-2018-1000158
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10199 (In versions of mruby up to and including 1.4.0, a use-after-free ...)
+CVE-2018-10199
 	- mruby 1.4.0+20180418+git54905e98-1 (bug #896021)
 	[stretch] - mruby <not-affected> (Vulnerable code introduced later)
 	[jessie] - mruby <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/mruby/mruby/issues/4001
 	NOTE: https://github.com/mruby/mruby/commit/b51b21fc63c9805862322551387d9036f2b63433
-CVE-2018-10193 (LogMeIn LastPass through 4.15.0 allows remote attackers to cause a ...)
+CVE-2018-10193
 	NOT-FOR-US: LogMeIn LastPass
-CVE-2018-10192 (IPVanish 3.0.11 for macOS suffers from a root privilege escalation ...)
+CVE-2018-10192
 	NOT-FOR-US: IPVanish for macOS
-CVE-2018-10191 (In versions of mruby up to and including 1.4.0, an integer overflow ...)
+CVE-2018-10191
 	- mruby 1.4.0+20180418+git54905e98-1 (bug #896020)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/3995
 	NOTE: https://github.com/mruby/mruby/commit/1905091634a6a2925c911484434448e568330626
-CVE-2018-10190 (A vulnerability in London Trust Media Private Internet Access (PIA) VPN ...)
+CVE-2018-10190
 	NOT-FOR-US: London Trust Media Private Internet Access (PIA) VPN Client for Windows
-CVE-2018-10189 (An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is ...)
+CVE-2018-10189
 	NOT-FOR-US: Mautic
-CVE-2018-10188 (phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to ...)
+CVE-2018-10188
 	- phpmyadmin <unfixed> (bug #896490)
 	[stretch] - phpmyadmin <not-affected> (Only affects 4.8.x)
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-2/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641
-CVE-2018-10187 (In radare2 2.5.0, there is a heap-based buffer over-read in the ...)
+CVE-2018-10187
 	- radare2 2.6.0+dfsg-1 (low; bug #897305)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/9913
 	NOTE: https://github.com/radare/radare2/commit/cdb278059b7b0aaaaa2315b82d0fa6ad50433db0
-CVE-2018-10186 (In radare2 2.5.0, there is a heap-based buffer over-read in the ...)
+CVE-2018-10186
 	- radare2 2.6.0+dfsg-1 (low; bug #897305)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -28061,20 +28051,20 @@ CVE-2018-10186 (In radare2 2.5.0, there is a heap-based buffer over-read in the
 	NOTE: https://github.com/radare/radare2/issues/9915
 	NOTE: https://github.com/radare/radare2/commit/a0348bb1b512ef27301dd7cdfb327ef5e14813fc
 	NOTE: Before applying the fix for CVE-2018-8808 the issue is covered/differently visible
-CVE-2018-10185 (An issue was discovered in TuziCMS v2.0.6. There is a CSRF ...)
+CVE-2018-10185
 	NOT-FOR-US: TuziCMS
-CVE-2018-10184 (An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame ...)
+CVE-2018-10184
 	- haproxy 1.8.8-1
 	[stretch] - haproxy <not-affected> (Vulnerable code introduced later with HTTP/2 support)
 	[jessie] - haproxy <not-affected> (Vulnerable code introduced later with HTTP/2 support)
 	[wheezy] - haproxy <not-affected> (Vulnerable code introduced later with HTTP/2 support)
 	NOTE: http://git.haproxy.org/?p=haproxy.git;a=commit;h=3f0e1ec70173593f4c2b3681b26c04a4ed5fc588
 	NOTE: http://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=cd117685f0cff4f2f5577ef6a21eaae96ebd9f28
-CVE-2018-10183 (An issue was discovered in BigTree 4.2.22. There is cross-site ...)
+CVE-2018-10183
 	NOT-FOR-US: BigTree CMS
 CVE-2018-10182
 	RESERVED
-CVE-2018-1000199 (The Linux Kernel version 3.18 contains a dangerous feature ...)
+CVE-2018-1000199
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f67b15037a7a50c57f72e69a6d59941ad90a0f0f
@@ -28084,9 +28074,9 @@ CVE-2018-10180
 	RESERVED
 CVE-2018-10179
 	RESERVED
-CVE-2018-10178 (The FromDocToPDF extension before 13.611.13.2303 for Chrome allows ...)
+CVE-2018-10178
 	NOT-FOR-US: FromDocToPDF extension for Ghrome
-CVE-2018-10177 (In ImageMagick 7.0.7-28, there is an infinite loop in the ...)
+CVE-2018-10177
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #896018)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -28094,31 +28084,31 @@ CVE-2018-10177 (In ImageMagick 7.0.7-28, there is an infinite loop in the ...)
 	[wheezy] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1095
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9fdda6391e38aaad3bfd6a30bd6a72bd31aeee02
-CVE-2018-10176 (Digital Guardian Management Console 7.1.2.0015 has a Directory ...)
+CVE-2018-10176
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10175 (Digital Guardian Management Console 7.1.2.0015 has an XXE issue. ...)
+CVE-2018-10175
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10174 (Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that ...)
+CVE-2018-10174
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10173 (Digital Guardian Management Console 7.1.2.0015 allows authenticated ...)
+CVE-2018-10173
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10172 (7-Zip through 18.01 on Windows implements the &quot;Large memory pages&quot; ...)
+CVE-2018-10172
 	NOT-FOR-US: 7-Zip
 CVE-2018-10171
 	RESERVED
-CVE-2018-10170 (NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation ...)
+CVE-2018-10170
 	NOT-FOR-US: NordVPN for Windows
-CVE-2018-10169 (ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation ...)
+CVE-2018-10169
 	NOT-FOR-US: ProtonVPN for Windows
-CVE-2018-10168 (TP-Link EAP Controller and Omada Controller versions ...)
+CVE-2018-10168
 	NOT-FOR-US: TP-Link
-CVE-2018-10167 (The web application backup file in the TP-Link EAP Controller and Omada ...)
+CVE-2018-10167
 	NOT-FOR-US: TP-Link
-CVE-2018-10166 (The web management interface in the TP-Link EAP Controller and Omada ...)
+CVE-2018-10166
 	NOT-FOR-US: TP-Link
-CVE-2018-10165 (Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP ...)
+CVE-2018-10165
 	NOT-FOR-US: TP-Link
-CVE-2018-10164 (Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP ...)
+CVE-2018-10164
 	NOT-FOR-US: TP-Link
 CVE-2018-10163
 	REJECTED
@@ -28160,29 +28150,29 @@ CVE-2018-10145
 	REJECTED
 CVE-2018-10144
 	REJECTED
-CVE-2018-10143 (The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier ...)
+CVE-2018-10143
 	NOT-FOR-US: Palo Alto Networks Expedition Migration tool
-CVE-2018-10142 (The Expedition Migration tool 1.0.106 and earlier may allow an ...)
+CVE-2018-10142
 	NOT-FOR-US: Expedition Migration
-CVE-2018-10141 (GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before ...)
+CVE-2018-10141
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2018-10140 (The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 ...)
+CVE-2018-10140
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2018-10139 (The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks ...)
+CVE-2018-10139
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2018-10138 (The CATALooK.netStore module through 7.2.8 for DNN (formerly ...)
+CVE-2018-10138
 	NOT-FOR-US: DNN
-CVE-2018-10137 (iScripts UberforX 2.2 has CSRF in the &quot;manage_settings&quot; section of the ...)
+CVE-2018-10137
 	NOT-FOR-US: iScripts UberforX
-CVE-2018-10136 (iScripts UberforX 2.2 has Stored XSS in the &quot;manage_settings&quot; section ...)
+CVE-2018-10136
 	NOT-FOR-US: iScripts UberforX
-CVE-2018-10135 (iScripts eSwap v2.4 has Reflected XSS via the &quot;catwiseproducts.php&quot; ...)
+CVE-2018-10135
 	NOT-FOR-US: iScripts eSwap
 CVE-2018-10134
 	RESERVED
-CVE-2018-10133 (PbootCMS v0.9.8 allows PHP code injection via an IF label in ...)
+CVE-2018-10133
 	NOT-FOR-US: PbootCMS
-CVE-2018-10132 (PbootCMS v0.9.8 has CSRF via an ...)
+CVE-2018-10132
 	NOT-FOR-US: PbootCMS
 CVE-2018-10131
 	RESERVED
@@ -28190,23 +28180,23 @@ CVE-2018-10130
 	RESERVED
 CVE-2018-10129
 	RESERVED
-CVE-2018-10128 (An issue was discovered in XYHCMS 3.5. It has XSS via the test ...)
+CVE-2018-10128
 	NOT-FOR-US: XYHCMS
-CVE-2018-10127 (An issue was discovered in XYHCMS 3.5. It has CSRF via an ...)
+CVE-2018-10127
 	NOT-FOR-US: XYHCMS
-CVE-2018-10126 (LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 ...)
+CVE-2018-10126
 	- tiff <unfixed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2786
 	NOTE: Crash in CLI tool, no security impact
 CVE-2018-10125
 	RESERVED
-CVE-2018-10123 (p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to ...)
+CVE-2018-10123
 	NOT-FOR-US: p910nd on Inteno IOPSYS
-CVE-2018-10122 (QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka ...)
+CVE-2018-10122
 	NOT-FOR-US: QingDao Nature Easy Soft Chanzhi Enterprise Portal System
-CVE-2018-10121 (plugins/box/pages/pages.admin.php in Monstra CMS 3.0.4 has a stored XSS ...)
+CVE-2018-10121
 	NOT-FOR-US: Monstra CMS
-CVE-2018-10120 (The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx ...)
+CVE-2018-10120
 	{DSA-4178-1 DLA-1356-1}
 	- libreoffice 1:6.0.2-1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173
@@ -28215,7 +28205,7 @@ CVE-2018-10120 (The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolb
 	NOTE: https://gerrit.libreoffice.org/#/c/49500/
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=017fcc2fcd00af17a97bd5463d89662404f57667
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/
-CVE-2018-10119 (sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x ...)
+CVE-2018-10119
 	{DSA-4178-1 DLA-1356-1}
 	- libreoffice 1:6.0.1-1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747
@@ -28225,20 +28215,20 @@ CVE-2018-10119 (sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and
 	NOTE: https://gerrit.libreoffice.org/#/c/48758/
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=fdd41c995d1f719e92c6f083e780226114762f05
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/
-CVE-2018-10118 (Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New ...)
+CVE-2018-10118
 	NOT-FOR-US: Monstra CMS
-CVE-2018-10117 (An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF ...)
+CVE-2018-10117
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-10116
 	RESERVED
-CVE-2018-10115 (Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 ...)
+CVE-2018-10115
 	- p7zip-rar 16.02-3 (bug #897674)
 	[stretch] - p7zip-rar <no-dsa> (Non-free not supported)
 	[jessie] - p7zip-rar <no-dsa> (Non-free not supported)
 	[wheezy] - p7zip-rar <no-dsa> (Non-free not supported)
 	NOTE: https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/
 	NOTE: https://sourceforge.net/p/sevenzip/discussion/45797/thread/adc65bfa/
-CVE-2018-10114 (An issue was discovered in GEGL through 0.3.32. The ...)
+CVE-2018-10114
 	- gegl 0.3.34-1 (low)
 	[stretch] - gegl <no-dsa> (Minor issue)
 	[jessie] - gegl <no-dsa> (Minor issue)
@@ -28246,14 +28236,14 @@ CVE-2018-10114 (An issue was discovered in GEGL through 0.3.32. The ...)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795248
 	NOTE: https://git.gnome.org/browse/gegl/commit/?id=c83b05d565a1e3392c9606a4ecaa560eb9a4ee29
 	NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#1-gegl-outbound-write-1
-CVE-2018-10113 (An issue was discovered in GEGL through 0.3.32. The process function in ...)
+CVE-2018-10113
 	- gegl 0.3.34-1 (low)
 	[stretch] - gegl <no-dsa> (Minor issue)
 	[jessie] - gegl <no-dsa> (Minor issue)
 	[wheezy] - gegl <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795248
 	NOTE: https://gitlab.gnome.org/GNOME/gegl/commit/c83b05d565a1e3392c9606a4ecaa560eb9a4ee29
-CVE-2018-10112 (An issue was discovered in GEGL through 0.3.32. The ...)
+CVE-2018-10112
 	- gegl <unfixed> (low)
 	[buster] - gegl <ignored> (Minor issue, architectual limitation)
 	[stretch] - gegl <ignored> (Minor issue, architectual limitation)
@@ -28262,7 +28252,7 @@ CVE-2018-10112 (An issue was discovered in GEGL through 0.3.32. The ...)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795249
 	NOTE: https://gitlab.gnome.org/GNOME/gegl/issues/65
 	NOTE: https://github.com/xiaoqx/pocs/tree/master/gegl#4-gegl-outbound-write-2
-CVE-2018-10111 (An issue was discovered in GEGL through 0.3.32. The render_rectangle ...)
+CVE-2018-10111
 	- gegl <unfixed> (low)
 	[buster] - gegl <ignored> (Minor issue, architectual limitation)
 	[stretch] - gegl <ignored> (Minor issue, architectual limitation)
@@ -28271,15 +28261,15 @@ CVE-2018-10111 (An issue was discovered in GEGL through 0.3.32. The render_recta
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795249
 	NOTE: https://gitlab.gnome.org/GNOME/gegl/issues/65
 	NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#2-gegl-dos-1
-CVE-2018-10110 (D-Link DIR-615 T1 devices allow XSS via the Add User feature. ...)
+CVE-2018-10110
 	NOT-FOR-US: D-Link
-CVE-2018-10109 (Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has ...)
+CVE-2018-10109
 	NOT-FOR-US: Monstra CMS
-CVE-2018-10108 (D-Link DIR-815 REV. B (with firmware through ...)
+CVE-2018-10108
 	NOT-FOR-US: D-Link
-CVE-2018-10107 (D-Link DIR-815 REV. B (with firmware through ...)
+CVE-2018-10107
 	NOT-FOR-US: D-Link
-CVE-2018-10106 (D-Link DIR-815 REV. B (with firmware through ...)
+CVE-2018-10106
 	NOT-FOR-US: D-Link
 CVE-2018-10105
 	RESERVED
@@ -28287,124 +28277,124 @@ CVE-2018-10104
 	RESERVED
 CVE-2018-10103
 	RESERVED
-CVE-2018-10099 (Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) ...)
+CVE-2018-10099
 	NOT-FOR-US: Google Monorail
-CVE-2018-10098 (In MicroWorld eScan Internet Security Suite (ISS) for Business ...)
+CVE-2018-10098
 	NOT-FOR-US: MicroWorld eScan
-CVE-2018-10097 (XSS exists in Domain Trader 2.5.3 via the recoverlogin.php ...)
+CVE-2018-10097
 	NOT-FOR-US: Domain Trader
 CVE-2018-1000171
 	REJECTED
-CVE-2018-1002100 (In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to ...)
+CVE-2018-1002100
 	- kubernetes <unfixed>
 	NOTE: https://github.com/kubernetes/kubernetes/issues/61297
-CVE-2018-1000170 (A cross-site scripting vulnerability exists in Jenkins 2.115 and ...)
+CVE-2018-1000170
 	- jenkins <removed>
-CVE-2018-1000169 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000169
 	- jenkins <removed>
-CVE-2018-10096 (joyplus-cms 1.6.0 has XSS via the device_name parameter in a ...)
+CVE-2018-10096
 	NOT-FOR-US: joyplus-cms
-CVE-2018-10095 (Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 ...)
+CVE-2018-10095
 	- dolibarr <removed>
-CVE-2018-10094 (SQL injection vulnerability in Dolibarr before 7.0.2 allows remote ...)
+CVE-2018-10094
 	- dolibarr <removed>
 CVE-2018-10093
-	RESERVED
-CVE-2018-10092 (The admin panel in Dolibarr before 7.0.2 might allow remote attackers ...)
+	TODO: check
+CVE-2018-10092
 	- dolibarr <removed>
 CVE-2018-10091
-	RESERVED
+	TODO: check
 CVE-2018-10090
 	RESERVED
 CVE-2018-10089
 	RESERVED
-CVE-2018-10088 (Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and ...)
+CVE-2018-10088
 	NOT-FOR-US: XiongMai uc-httpd
-CVE-2018-10124 (The kill_something_info function in kernel/signal.c in the Linux kernel ...)
+CVE-2018-10124
 	{DLA-1423-1}
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <ignored> (Minor issue)
 	NOTE: Fixed by: https://git.kernel.org/linus/4ea77014af0d6205b05503d1c7aac6eace11d473 (4.13-rc1)
-CVE-2018-10087 (The kernel_wait4 function in kernel/exit.c in the Linux kernel before ...)
+CVE-2018-10087
 	{DLA-1423-1}
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <ignored> (Minor issue)
 	NOTE: Fixed by: https://git.kernel.org/linus/dd83c161fbcc5d8be637ab159c0de015cbff5ba4 (4.13-rc1)
-CVE-2018-10086 (CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code ...)
+CVE-2018-10086
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10085 (CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection ...)
+CVE-2018-10085
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10084 (CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation ...)
+CVE-2018-10084
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10083 (CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file ...)
+CVE-2018-10083
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10082 (CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via ...)
+CVE-2018-10082
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10081 (CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset ...)
+CVE-2018-10081
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10080 (Secutech RiS-11, RiS-22, and RiS-33 devices with firmware ...)
+CVE-2018-10080
 	NOT-FOR-US: Secutech RiS-11, RiS-22, and RiS-33 devices
-CVE-2018-10079 (Geist WatchDog Console 3.2.2 uses a weak ACL for the ...)
+CVE-2018-10079
 	NOT-FOR-US: Geist WatchDog Console
-CVE-2018-10078 (Cross-site scripting (XSS) vulnerability in Geist WatchDog Console ...)
+CVE-2018-10078
 	NOT-FOR-US: Geist WatchDog Console
-CVE-2018-10077 (XML external entity (XXE) vulnerability in Geist WatchDog Console ...)
+CVE-2018-10077
 	NOT-FOR-US: Geist WatchDog Console
-CVE-2018-10076 (An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. ...)
+CVE-2018-10076
 	NOT-FOR-US: Zoho
-CVE-2018-10075 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine EventLog ...)
+CVE-2018-10075
 	NOT-FOR-US: Zoho
-CVE-2018-10073 (joyplus-cms 1.6.0 has XSS in manager/admin_vod.php via the keyword ...)
+CVE-2018-10073
 	NOT-FOR-US: joyplus-cms
-CVE-2018-10072 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...)
+CVE-2018-10072
 	NOT-FOR-US: WinDriver
-CVE-2018-10071 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...)
+CVE-2018-10071
 	NOT-FOR-US: WinDriver
-CVE-2018-10070 (A vulnerability in MikroTik Version 6.41.4 could allow an ...)
+CVE-2018-10070
 	NOT-FOR-US: MikroTik
 CVE-2018-10069
 	RESERVED
-CVE-2018-10068 (The jDownloads extension before 3.2.59 for Joomla! has XSS. ...)
+CVE-2018-10068
 	NOT-FOR-US: jDownloads extension for Joomla!
 CVE-2018-10067
 	RESERVED
-CVE-2018-10066 (An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN ...)
+CVE-2018-10066
 	NOT-FOR-US: MikroTik RouterOS
 CVE-2018-10065
 	RESERVED
 CVE-2018-10064
 	RESERVED
-CVE-2018-10063 (The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to ...)
+CVE-2018-10063
 	NOT-FOR-US: Convert Forms extension for Joomla!
 CVE-2018-10062
 	RESERVED
-CVE-2018-10074 (The hi3660_stub_clk_probe function in ...)
+CVE-2018-10074
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/9903e41ae1f5d50c93f268ca3304d4d7c64b9311 (4.16-rc7)
-CVE-2018-10061 (Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars ...)
+CVE-2018-10061
 	- cacti 1.1.37+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <no-dsa> (Minor issue)
 	[wheezy] - cacti <no-dsa> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/issues/1457
-CVE-2018-10060 (Cacti before 1.1.37 has XSS because it does not properly reject ...)
+CVE-2018-10060
 	- cacti 1.1.37+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <no-dsa> (Minor issue)
 	[wheezy] - cacti <no-dsa> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/issues/1457
-CVE-2018-10059 (Cacti before 1.1.37 has XSS because the get_current_page function in ...)
+CVE-2018-10059
 	- cacti 1.1.37+ds1-1
 	[stretch] - cacti <not-affected> (Issue introduced later)
 	[jessie] - cacti <not-affected> (Issue introduced later)
 	[wheezy] - cacti <not-affected> (Issue introduced later)
 	NOTE: https://github.com/Cacti/cacti/issues/1457
 	NOTE: get_current_page was added in the 1.x series
-CVE-2018-10058 (The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 ...)
+CVE-2018-10058
 	- cgminer <unfixed> (bug #900929)
 	[stretch] - cgminer <no-dsa> (Minor issue)
 	[jessie] - cgminer <no-dsa> (Minor issue)
@@ -28412,7 +28402,7 @@ CVE-2018-10058 (The remote management interface of cgminer 4.10.0 and bfgminer 5
 	[jessie] - bfgminer <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/03/1
 	NOTE: Mitigated by toolchain hardening to plain crash
-CVE-2018-10057 (The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 ...)
+CVE-2018-10057
 	- cgminer <unfixed> (bug #900929)
 	[stretch] - cgminer <no-dsa> (Minor issue)
 	[jessie] - cgminer <no-dsa> (Minor issue)
@@ -28423,19 +28413,19 @@ CVE-2018-10056
 	RESERVED
 CVE-2018-10055
 	RESERVED
-CVE-2018-10054 (H2 1.4.197, as used in Datomic before 0.9.5697 and other products, ...)
+CVE-2018-10054
 	NOT-FOR-US: H2 (different from src:python-h2)
 CVE-2018-10053
 	RESERVED
-CVE-2018-10052 (iScripts SupportDesk v4.3 has XSS via the ...)
+CVE-2018-10052
 	NOT-FOR-US: iScripts SupportDesk
-CVE-2018-10051 (iScripts SupportDesk v4.3 has XSS via the ...)
+CVE-2018-10051
 	NOT-FOR-US: iScripts SupportDesk
-CVE-2018-10050 (iScripts eSwap v2.4 has SQL injection via the ...)
+CVE-2018-10050
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-10049 (iScripts eSwap v2.4 has XSS via the &quot;registration_settings.php&quot; txtDate ...)
+CVE-2018-10049
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-10048 (iScripts eSwap v2.4 has CSRF via &quot;registration_settings.php&quot; in the ...)
+CVE-2018-10048
 	NOT-FOR-US: iScripts eSwap
 CVE-2018-10047
 	RESERVED
@@ -28465,31 +28455,31 @@ CVE-2018-10035
 	RESERVED
 CVE-2018-10034
 	RESERVED
-CVE-2018-10033 (CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php ...)
+CVE-2018-10033
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10032 (CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in ...)
+CVE-2018-10032
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10031 (CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in ...)
+CVE-2018-10031
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10030 (CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php. ...)
+CVE-2018-10030
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10029 (CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in ...)
+CVE-2018-10029
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10028 (joyplus-cms 1.6.0 allows remote attackers to obtain sensitive ...)
+CVE-2018-10028
 	NOT-FOR-US: joyplus-cms
-CVE-2018-10027 (ESTsoft ALZip before 10.76 allows local users to execute arbitrary code ...)
+CVE-2018-10027
 	NOT-FOR-US: ESTsoft ALZip
-CVE-2018-10026 (The WeChat module in YzmCMS 3.7.1 has reflected XSS via the ...)
+CVE-2018-10026
 	NOT-FOR-US: WeChat module in YzmCMS
 CVE-2018-10025
 	RESERVED
-CVE-2018-10024 (ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with ...)
+CVE-2018-10024
 	NOT-FOR-US: ubiQuoss Switch VP5208A
-CVE-2018-10023 (Catfish CMS V4.7.21 allows XSS via the pinglun parameter to ...)
+CVE-2018-10023
 	NOT-FOR-US: Catfish CMS
 CVE-2018-10022
 	RESERVED
-CVE-2018-10021 (** DISPUTED ** drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel ...)
+CVE-2018-10021
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.15.17-1
 	[stretch] - linux 4.9.107-1
@@ -28501,37 +28491,37 @@ CVE-2018-10020
 	RESERVED
 CVE-2018-10019
 	RESERVED
-CVE-2018-9999 (In Zulip Server versions before 1.7.2, there was an XSS issue with user ...)
+CVE-2018-9999
 	- zulip-server <itp> (bug #800052)
-CVE-2018-9998 (Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before ...)
+CVE-2018-9998
 	NOT-FOR-US: Open-Xchange
-CVE-2018-9997 (Cross-site scripting (XSS) vulnerability in mail compose in ...)
+CVE-2018-9997
 	NOT-FOR-US: Open-Xchange
-CVE-2018-9996 (An issue was discovered in cplus-dem.c in GNU libiberty, as ...)
+CVE-2018-9996
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304
-CVE-2018-9995 (TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, ...)
+CVE-2018-9995
 	NOT-FOR-US: TBK DVR4104 and DVR4216 devices
 CVE-2018-9994
 	REJECTED
-CVE-2018-9993 (YUNUCMS 1.0.7 has XSS via the content title on an ...)
+CVE-2018-9993
 	NOT-FOR-US: YUNUCMS
-CVE-2018-9992 (Frog CMS 0.9.5 has XSS via the name field of a new &quot;File&quot; or ...)
+CVE-2018-9992
 	NOT-FOR-US: Frog CMS
-CVE-2018-9991 (Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username ...)
+CVE-2018-9991
 	NOT-FOR-US: Frog CMS
-CVE-2018-9990 (In Zulip Server versions before 1.7.2, there was an XSS issue with ...)
+CVE-2018-9990
 	- zulip-server <itp> (bug #800052)
-CVE-2018-10018 (The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA ...)
+CVE-2018-10018
 	NOT-FOR-US: GDASPAMLib.AntiSpam ActiveX control
-CVE-2018-10017 (soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before ...)
+CVE-2018-10017
 	- libopenmpt 0.3.8-1 (bug #895406)
 	[stretch] - libopenmpt 0.2.7386~beta20.3-3+deb9u3
 	NOTE: https://github.com/OpenMPT/openmpt/commit/492022c7297ede682161d9c0ec2de15526424e76
-CVE-2018-10016 (Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability ...)
+CVE-2018-10016
 	- nasm 2.14-1 (bug #895408)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
@@ -28566,16 +28556,16 @@ CVE-2018-10003
 	RESERVED
 CVE-2018-10002
 	RESERVED
-CVE-2018-10001 (The decode_init function in libavcodec/utvideodec.c in FFmpeg through ...)
+CVE-2018-10001
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.3-1 (low)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47b7c68ae54560e2308bdb6be4fb076c73b93081
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: Fixed in 3.2.11
-CVE-2018-10000 (The Video Downloader professional extension before 2018-04-05 for ...)
+CVE-2018-10000
 	NOT-FOR-US: The Video Downloader professional extension for Chrome
-CVE-2018-9989 (ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer ...)
+CVE-2018-9989
 	{DLA-1518-1}
 	- mbedtls 2.8.0-1
 	[stretch] - mbedtls <no-dsa> (Minor issue)
@@ -28584,7 +28574,7 @@ CVE-2018-9989 (ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/5224a7544c95552553e2e6be0b4a789956a6464e
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/740b218386083dc708ce98ccc94a63a95cd5629e
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released
-CVE-2018-9988 (ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer ...)
+CVE-2018-9988
 	{DLA-1518-1}
 	- mbedtls 2.8.0-1
 	[stretch] - mbedtls <no-dsa> (Minor issue)
@@ -28593,113 +28583,113 @@ CVE-2018-9988 (ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/027f84c69f4ef30c0693832a6c396ef19e563ca1
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/a1098f81c252b317ad34ea978aea2bc47760b215
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released
-CVE-2018-9987 (In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2, there ...)
+CVE-2018-9987
 	- zulip-server <itp> (bug #800052)
-CVE-2018-9986 (In Zulip Server versions before 1.7.2, there were XSS issues with the ...)
+CVE-2018-9986
 	- zulip-server <itp> (bug #800052)
-CVE-2018-9985 (The front page of MetInfo 6.0 allows XSS by sending a feedback message ...)
+CVE-2018-9985
 	NOT-FOR-US: MetInfo
-CVE-2018-9984 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9984
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9983 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9983
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9982 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9982
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9981 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9981
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9980 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9980
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9979 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9979
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9978 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9978
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9977 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9977
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9976 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9976
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9975 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9975
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9974 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9974
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9973 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9973
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9972 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9972
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9971 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9971
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9970 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9970
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9969 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9969
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9968 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9968
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9967 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9967
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9966 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9966
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9965 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9965
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9964 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9964
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9963 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9963
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9962 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9962
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9961 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9961
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9960 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9960
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9959 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9959
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9958 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9958
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9957 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9957
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9956 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9956
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9955 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9955
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9954 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9954
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9953 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9953
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9952 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9952
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9951 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9951
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9950 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9950
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9949 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9949
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9948 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9948
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9947 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9947
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9946 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-9946
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9945 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9945
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9944 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9944
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9943 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9943
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9942 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9942
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9941 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9941
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9940 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9940
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9939 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9939
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9938 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9938
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9937 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9937
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9936 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9936
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9935 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-9935
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9934 (The reset-password feature in MetInfo 6.0 allows remote attackers to ...)
+CVE-2018-9934
 	NOT-FOR-US: MetInfo
 CVE-2018-9933
 	RESERVED
@@ -28711,27 +28701,27 @@ CVE-2018-9930
 	RESERVED
 CVE-2018-9929
 	RESERVED
-CVE-2018-9928 (Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 ...)
+CVE-2018-9928
 	NOT-FOR-US: MetInfo
-CVE-2018-9927 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
+CVE-2018-9927
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-9926 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF ...)
+CVE-2018-9926
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-9925 (An issue was discovered in idreamsoft iCMS through 7.0.7. XSS exists ...)
+CVE-2018-9925
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9924 (An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection ...)
+CVE-2018-9924
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9923 (An issue was discovered in idreamsoft iCMS through 7.0.7. CSRF exists ...)
+CVE-2018-9923
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9922 (An issue was discovered in idreamsoft iCMS through 7.0.7. Physical path ...)
+CVE-2018-9922
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9921 (In CMS Made Simple 2.2.7, a Directory Traversal issue makes it possible ...)
+CVE-2018-9921
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-9920 (Server side request forgery exists in the runtime application in K2 ...)
+CVE-2018-9920
 	NOT-FOR-US: K2
-CVE-2018-9919 (A web-accessible backdoor, with resultant SSRF, exists in Tp-shop ...)
+CVE-2018-9919
 	NOT-FOR-US: Tp-shop
-CVE-2018-9918 (libqpdf.a in QPDF through 8.0.2 mishandles certain &quot;expected dictionary ...)
+CVE-2018-9918
 	- qpdf 8.0.2-3 (bug #895443)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
@@ -28837,28 +28827,28 @@ CVE-2018-9869
 	RESERVED
 CVE-2018-9868
 	RESERVED
-CVE-2018-9867 (In SonicWall SonicOS, administrators without full permissions can ...)
+CVE-2018-9867
 	NOT-FOR-US: SonicWall
-CVE-2018-9866 (A vulnerability in lack of validation of user-supplied parameters pass ...)
+CVE-2018-9866
 	NOT-FOR-US: SonicWall
 CVE-2018-9865
 	RESERVED
-CVE-2018-9864 (The WP Live Chat Support plugin before 8.0.06 for WordPress has stored ...)
+CVE-2018-9864
 	NOT-FOR-US: WP Live Chat Support plugin for WordPress
 CVE-2018-9863
 	RESERVED
-CVE-2018-9862 (util.c in runV 1.0.0 for Docker mishandles a numeric username, which ...)
+CVE-2018-9862
 	NOT-FOR-US: runV for Docker
-CVE-2018-9861 (Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka ...)
+CVE-2018-9861
 	NOT-FOR-US: ckeditor plugin
-CVE-2018-9860 (An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An ...)
+CVE-2018-9860
 	- botan 2.4.0-6
 	- botan1.10 <not-affected> (Issue introduced in 1.11.32)
 	NOTE: https://github.com/randombit/botan/commit/ec222c99719c396a1f4756b2ca345dbbfbeb5ed5
 	NOTE: Bug introduced in 1.11.32, fixed in 2.6.0
-CVE-2018-9859 (The path of Whale update service was unquoted in NAVER Whale before ...)
+CVE-2018-9859
 	NOT-FOR-US: Whale
-CVE-2018-1000168 (nghttp2 version &gt;= 1.10.0 and nghttp2 &lt;= v1.31.0 contains an Improper ...)
+CVE-2018-1000168
 	- nghttp2 1.31.1-1 (low; bug #895566)
 	[stretch] - nghttp2 <no-dsa> (Minor issue)
 	[jessie] - nghttp2 <not-affected> (Issue introduced in 1.10.0)
@@ -28867,29 +28857,29 @@ CVE-2018-1000168 (nghttp2 version &gt;= 1.10.0 and nghttp2 &lt;= v1.31.0 contain
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/12/4
 CVE-2018-9858
 	RESERVED
-CVE-2018-9857 (PHP Scripts Mall Match Clone Script 1.0.4 has XSS via the search field ...)
+CVE-2018-9857
 	NOT-FOR-US: PHP Scripts Mall Match Clone Script
-CVE-2018-9856 (Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles ...)
+CVE-2018-9856
 	NOT-FOR-US: Kotti
 CVE-2018-9855
 	RESERVED
 CVE-2018-9854
 	RESERVED
-CVE-2018-9853 (Insecure access control in freeSSHd version 1.3.1 allows attackers to ...)
+CVE-2018-9853
 	NOT-FOR-US: freeSSHd
-CVE-2018-9852 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows ...)
+CVE-2018-9852
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9851 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows ...)
+CVE-2018-9851
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9850 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php ...)
+CVE-2018-9850
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9849 (Pulse Secure Pulse Connect Secure 8.1.x before 8.1R14, 8.2.x before ...)
+CVE-2018-9849
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-9848 (In Gxlcms QY v1.0.0713, the upload function in ...)
+CVE-2018-9848
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9847 (In Gxlcms QY v1.0.0713, the update function in ...)
+CVE-2018-9847
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9846 (In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin ...)
+CVE-2018-9846
 	{DSA-4181-1}
 	- roundcube 1.3.6+dfsg.1-1 (bug #895184)
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present in archive.php)
@@ -28899,30 +28889,30 @@ CVE-2018-9846 (In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugi
 	NOTE: https://github.com/roundcube/roundcubemail/commit/5b7e9a2c960eb4fd2364921297020a5dcd2d7dbc (release-1.2)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/c69b851b8a704f6483ec9d1cae7cd1ecd33c3343 (release-1.2)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/7901047474729a7f466eb8c59c92a36fc7cf0e70 (release-1.2)
-CVE-2018-9845 (Etherpad Lite before 1.6.4 is exploitable for admin access. ...)
+CVE-2018-9845
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-9844 (The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress ...)
+CVE-2018-9844
 	NOT-FOR-US: Iptanus WordPress File Upload plugin for WordPress
-CVE-2018-9843 (The REST API in CyberArk Password Vault Web Access before 9.9.5 and ...)
+CVE-2018-9843
 	NOT-FOR-US: CyberArk Password Vault Web Access
-CVE-2018-9842 (CyberArk Password Vault before 9.7 allows remote attackers to obtain ...)
+CVE-2018-9842
 	NOT-FOR-US: CyberArk Password Vault
-CVE-2018-9841 (The export function in libavfilter/vf_signature.c in FFmpeg through ...)
+CVE-2018-9841
 	- ffmpeg 7:3.4.3-1 (low)
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=35eeff30caf34df835206f1c12bcf4b7c2bd6758
-CVE-2018-9840 (The Open Whisper Signal app before 2.23.2 for iOS allows physically ...)
+CVE-2018-9840
 	NOT-FOR-US: Open Whisper Signal app for iOS
 CVE-2018-9839
 	RESERVED
-CVE-2018-1000164 (gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of ...)
+CVE-2018-1000164
 	{DSA-4186-1 DLA-1357-1}
 	- gunicorn 19.5.0-1 (bug #896548)
 	NOTE: https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5
 	NOTE: https://github.com/benoitc/gunicorn/issues/1227
 	NOTE: https://github.com/benoitc/gunicorn/commit/5263a4ef2a63c62216680876f3813959839608ff
-CVE-2018-1000161 (nmap version 6.49BETA6 through 7.60, up to and including SVN revision ...)
+CVE-2018-1000161
 	- nmap 7.70+dfsg1-1
 	[stretch] - nmap <no-dsa> (Minor issue)
 	[jessie] - nmap <not-affected> (Vulnerable code not present)
@@ -28933,7 +28923,7 @@ CVE-2018-1000161 (nmap version 6.49BETA6 through 7.60, up to and including SVN r
 	NOTE: Fixed by: https://github.com/nmap/nmap/commit/80e1977308e51b1b7aa038a38f8837a7e90b3849
 	NOTE: Introduced in https://github.com/nmap/nmap/commit/88381c2e685297a4fafe7182a06877b27da34e1e
 	NOTE: Script added in 6.49BETA6 (cf. https://bugzilla.novell.com/show_bug.cgi?id=1088608#c1)
-CVE-2018-1000159 (tlslite-ng version 0.7.3 and earlier, since commit ...)
+CVE-2018-1000159
 	- tlslite-ng 0.7.4-1 (low; bug #895728)
 	[stretch] - tlslite-ng 0.6.0-1+deb9u1
 	NOTE: https://github.com/tomato42/tlslite-ng/pull/234
@@ -28942,7 +28932,7 @@ CVE-2018-1000159 (tlslite-ng version 0.7.3 and earlier, since commit ...)
 	NOTE: https://github.com/tomato42/tlslite-ng/pull/235/commits/e5e9145558f4c1a81071c61c947aa55a52542585 (backport for tslite-ng-0.7)
 CVE-2018-1000157
 	REJECTED
-CVE-2018-9838 (The caml_ba_deserialize function in byterun/bigarray.c in the standard ...)
+CVE-2018-9838
 	- ocaml 4.05.0-11 (bug #895472)
 	[stretch] - ocaml <no-dsa> (Minor issue)
 	[jessie] - ocaml <no-dsa> (Minor issue)
@@ -28951,7 +28941,7 @@ CVE-2018-9838 (The caml_ba_deserialize function in byterun/bigarray.c in the sta
 	NOTE: https://github.com/ocaml/ocaml/pull/1718
 	NOTE: https://github.com/ocaml/ocaml/commit/9664c7ee807c2dfa802f53cabd405ff58e219c47
 	NOTE: Before 4.06.0+beta1 the code is present in otherlibs/bigarray/bigarray_stubs.c
-CVE-2018-10101 (Before WordPress 4.9.5, the URL validator assumed URLs with the ...)
+CVE-2018-10101
 	- wordpress 4.9.5+dfsg1-1 (bug #895034)
 	[stretch] - wordpress 4.7.5+dfsg-2+deb9u3
 	[jessie] - wordpress <not-affected> (vulnerable code is not present)
@@ -28959,12 +28949,12 @@ CVE-2018-10101 (Before WordPress 4.9.5, the URL validator assumed URLs with the
 	NOTE: https://core.trac.wordpress.org/changeset/42894
 	NOTE: https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
 	NOTE: Introduced via https://github.com/WordPress/WordPress/commit/c73a812109e1a64ecf21b6a198f949c58d1f2674 (4.5)
-CVE-2018-10100 (Before WordPress 4.9.5, the redirection URL for the login page was not ...)
+CVE-2018-10100
 	{DSA-4193-1 DLA-1366-1}
 	- wordpress 4.9.5+dfsg1-1 (bug #895034)
 	NOTE: https://core.trac.wordpress.org/changeset/42892
 	NOTE: https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
-CVE-2018-10102 (Before WordPress 4.9.5, the version string was not escaped in the ...)
+CVE-2018-10102
 	{DSA-4193-1 DLA-1366-1}
 	- wordpress 4.9.5+dfsg1-1 (bug #895034)
 	NOTE: https://core.trac.wordpress.org/changeset/42893
@@ -29455,68 +29445,68 @@ CVE-2018-9596
 	RESERVED
 CVE-2018-9595
 	RESERVED
-CVE-2018-9594 (In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, ...)
+CVE-2018-9594
 	NOT-FOR-US: Android
-CVE-2018-9593 (In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, ...)
+CVE-2018-9593
 	NOT-FOR-US: Android
-CVE-2018-9592 (In mca_ccb_hdl_rsp of mca_cact.cc in Android-7.0, Android-7.1.1, ...)
+CVE-2018-9592
 	NOT-FOR-US: Android
-CVE-2018-9591 (In bta_hh_ctrl_dat_act of bta_hh_act.cc in Android-7.0, Android-7.1.1, ...)
+CVE-2018-9591
 	NOT-FOR-US: Android
-CVE-2018-9590 (In add_attr of sdp_discovery.c in Android-7.0, Android-7.1.1, ...)
+CVE-2018-9590
 	NOT-FOR-US: Android
-CVE-2018-9589 (In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, ...)
+CVE-2018-9589
 	NOT-FOR-US: Android
-CVE-2018-9588 (In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, ...)
+CVE-2018-9588
 	NOT-FOR-US: Android
-CVE-2018-9587 (In savePhotoFromUriToUri of ContactPhotoUtils.java in Android-7.0, ...)
+CVE-2018-9587
 	NOT-FOR-US: Android
-CVE-2018-9586 (In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, ...)
+CVE-2018-9586
 	NOT-FOR-US: Android
-CVE-2018-9585 (In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, ...)
+CVE-2018-9585
 	NOT-FOR-US: Android
-CVE-2018-9584 (In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, ...)
+CVE-2018-9584
 	NOT-FOR-US: Android
-CVE-2018-9583 (In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, ...)
+CVE-2018-9583
 	NOT-FOR-US: Android
-CVE-2018-9582 (In package installer in Android-8.0, Android-8.1 and Android-9, there ...)
+CVE-2018-9582
 	NOT-FOR-US: Android
 CVE-2018-9581
 	RESERVED
-CVE-2018-9580 (A Elevation of privilege vulnerability in the HTC bootloader. Product: ...)
+CVE-2018-9580
 	NOT-FOR-US: HTC
 CVE-2018-9579
 	RESERVED
-CVE-2018-9578 (In ixheaacd_adts_crc_start_reg of ixheaacd_adts_crc_check.c, there is ...)
+CVE-2018-9578
 	NOT-FOR-US: Android libxaac
-CVE-2018-9577 (In impd_parametric_drc_parse_gain_set_params of ...)
+CVE-2018-9577
 	NOT-FOR-US: Android libxaac
-CVE-2018-9576 (In impd_parse_parametric_drc_instructions of impd_drc_static_payload.c ...)
+CVE-2018-9576
 	NOT-FOR-US: Android libxaac
-CVE-2018-9575 (In impd_parse_dwnmix_instructions of impd_drc_static_payload.c there ...)
+CVE-2018-9575
 	NOT-FOR-US: Android libxaac
-CVE-2018-9574 (In impd_parse_split_drc_characteristic of impd_drc_static_payload.c ...)
+CVE-2018-9574
 	NOT-FOR-US: Android libxaac
-CVE-2018-9573 (In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a ...)
+CVE-2018-9573
 	NOT-FOR-US: Android libxaac
-CVE-2018-9572 (In impd_drc_parse_coeff of impd_drc_static_payload.c there is a ...)
+CVE-2018-9572
 	NOT-FOR-US: Android libxaac
-CVE-2018-9571 (In impd_parse_loud_eq_instructions of impd_drc_dynamic_payload.c there ...)
+CVE-2018-9571
 	NOT-FOR-US: Android libxaac
-CVE-2018-9570 (In impd_parse_drc_ext_v1 of impd_drc_dynamic_payload.c there is a ...)
+CVE-2018-9570
 	NOT-FOR-US: Android libxaac
-CVE-2018-9569 (In impd_init_drc_decode_post_config of impd_drc_gain_decoder.c there ...)
+CVE-2018-9569
 	NOT-FOR-US: Android libxaac
-CVE-2018-9568 (In sk_clone_lock of sock.c, there is a possible memory corruption due ...)
+CVE-2018-9568
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.59-1
 	NOTE: Fixed by: https://git.kernel.org/linus/9d538fa60bad4f7b23193c89e843797a1cf71ef3
-CVE-2018-9567 (On Pixel devices there is a bug causing verified boot to show the same ...)
+CVE-2018-9567
 	NOT-FOR-US: Android
-CVE-2018-9566 (In process_service_search_rsp of sdp_discovery.c, there is a possible ...)
+CVE-2018-9566
 	NOT-FOR-US: Android
-CVE-2018-9565 (In readBytes of xltdecwbxml.c, there is a possible out of bounds read ...)
+CVE-2018-9565
 	NOT-FOR-US: Android
 CVE-2018-9564
 	RESERVED
@@ -29524,165 +29514,165 @@ CVE-2018-9564
 CVE-2018-9563
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9562 (In bta_ag_do_disc of bta_ag_sdp.cc, there is a possible out-of-bound ...)
+CVE-2018-9562
 	NOT-FOR-US: Android
 CVE-2018-9561
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9560 (In HID_DevAddRecord of hidd_api.cc, there is a possible out-of-bounds ...)
+CVE-2018-9560
 	NOT-FOR-US: Android
-CVE-2018-9559 (In persist_set_key and other functions of cryptfs.cpp, there is a ...)
+CVE-2018-9559
 	NOT-FOR-US: Android
-CVE-2018-9558 (In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible ...)
+CVE-2018-9558
 	NOT-FOR-US: Android
-CVE-2018-9557 (In really_install_package of install.cpp, there is a possible free of ...)
+CVE-2018-9557
 	NOT-FOR-US: Android
-CVE-2018-9556 (In ParsePayloadHeader of payload_metadata.cc, there is a possible out ...)
+CVE-2018-9556
 	NOT-FOR-US: Android
-CVE-2018-9555 (In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds ...)
+CVE-2018-9555
 	NOT-FOR-US: Android
-CVE-2018-9554 (In dumpExtractors of IMediaExtractor.cp, there is a possible ...)
+CVE-2018-9554
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9553 (In MasteringMetadata::Parse of mkvparser.cc there is a possible double ...)
+CVE-2018-9553
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9552 (In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out of ...)
+CVE-2018-9552
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9551 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible ...)
+CVE-2018-9551
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9550 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of ...)
+CVE-2018-9550
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9549 (In lppTransposer of lpp_tran.cpp there is a possible out of bounds ...)
+CVE-2018-9549
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9548 (In multiple functions of ContentProvider.java, there is a possible ...)
+CVE-2018-9548
 	NOT-FOR-US: Android
-CVE-2018-9547 (In unflatten of GraphicBuffer.cpp, there is a possible bad fd close ...)
+CVE-2018-9547
 	NOT-FOR-US: Android
 CVE-2018-9546
 	RESERVED
-CVE-2018-9545 (In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible ...)
+CVE-2018-9545
 	NOT-FOR-US: Android
-CVE-2018-9544 (In register_app of btif_hd.cc, there is a possible out-of-bounds read ...)
+CVE-2018-9544
 	NOT-FOR-US: Android
-CVE-2018-9543 (In trim_device of f2fs_format_utils.c, it is possible that the data ...)
+CVE-2018-9543
 	NOT-FOR-US: Android
-CVE-2018-9542 (In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of ...)
+CVE-2018-9542
 	NOT-FOR-US: Android
-CVE-2018-9541 (In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible ...)
+CVE-2018-9541
 	NOT-FOR-US: Android
-CVE-2018-9540 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible ...)
+CVE-2018-9540
 	NOT-FOR-US: Android
-CVE-2018-9539 (In the ClearKey CAS descrambler, there is a possible use after free ...)
+CVE-2018-9539
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9538 (In V4L2SliceVideoDecodeAccelerator::Dequeue of ...)
+CVE-2018-9538
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible ...)
+CVE-2018-9537
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9536 (In numerous functions of libFDK, there are possible out of bounds ...)
+CVE-2018-9536
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9535 (In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible ...)
+CVE-2018-9535
 	NOT-FOR-US: Android libxaac
-CVE-2018-9534 (In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a ...)
+CVE-2018-9534
 	NOT-FOR-US: Android libxaac
-CVE-2018-9533 (In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out ...)
+CVE-2018-9533
 	NOT-FOR-US: Android libxaac
-CVE-2018-9532 (In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a ...)
+CVE-2018-9532
 	NOT-FOR-US: Android libxaac
-CVE-2018-9531 (In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible ...)
+CVE-2018-9531
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9530 (In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a ...)
+CVE-2018-9530
 	NOT-FOR-US: Android libxaac
-CVE-2018-9529 (In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a ...)
+CVE-2018-9529
 	NOT-FOR-US: Android libxaac
-CVE-2018-9528 (In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a ...)
+CVE-2018-9528
 	NOT-FOR-US: Android libxaac
-CVE-2018-9527 (In vorbis_book_decodev_set of codebook.c there is a possible out of ...)
+CVE-2018-9527
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9526 (In device configuration data, there is an improperly configured ...)
+CVE-2018-9526
 	NOT-FOR-US: Android
-CVE-2018-9525 (In the AndroidManifest.xml file defining the SliceBroadcastReceiver ...)
+CVE-2018-9525
 	NOT-FOR-US: Android
-CVE-2018-9524 (In functionality implemented in System UI, there are insufficient ...)
+CVE-2018-9524
 	NOT-FOR-US: Android
-CVE-2018-9523 (In Parcel.writeMapInternal of Parcel.java, there is a possible parcel ...)
+CVE-2018-9523
 	NOT-FOR-US: Android
-CVE-2018-9522 (In the serialization functions of StatsLogEventWrapper.java, there is ...)
+CVE-2018-9522
 	NOT-FOR-US: Android
-CVE-2018-9521 (In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out ...)
+CVE-2018-9521
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9520
 	RESERVED
-CVE-2018-9519 (In easelcomm_hw_build_scatterlist, there is a possible out of bounds ...)
+CVE-2018-9519
 	NOT-FOR-US: Android kernel
-CVE-2018-9518 (In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible ...)
+CVE-2018-9518
 	- linux 4.16.5-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux 3.16.57-1
 	NOTE: Fixed by: https://git.kernel.org/linus/fe9c842695e26d8116b61b80bfb905356f07834b (4.16-rc3)
-CVE-2018-9517 (In pppol2tp_connect, there is possible memory corruption due to a use ...)
+CVE-2018-9517
 	- linux 4.14.2-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f026bc29a8e093edfbb2a77700454b285c97e8ad
 	NOTE: https://source.android.com/security/bulletin/pixel/2018-09-01
-CVE-2018-9516 (In hid_debug_events_read of drivers/hid/hid-debug.c, there is a ...)
+CVE-2018-9516
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.6-1
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=717adfdaf14704fd3ec7fa2c04520c0723247eac
 	NOTE: https://source.android.com/security/bulletin/pixel/2018-09-01
-CVE-2018-9515 (In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible ...)
+CVE-2018-9515
 	NOT-FOR-US: Android kernel (apparently not in mainline)
-CVE-2018-9514 (In sdcardfs_open of file.c, there is a possible Use After Free due to ...)
+CVE-2018-9514
 	NOT-FOR-US: Android kernel (apparently not in mainline)
-CVE-2018-9513 (In copy_process of fork.c, there is possible memory corruption due to ...)
+CVE-2018-9513
 	NOT-FOR-US: Android kernel (apparently not in mainline)
 CVE-2018-9512
 	RESERVED
-CVE-2018-9511 (In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible ...)
+CVE-2018-9511
 	NOT-FOR-US: Android
-CVE-2018-9510 (In smp_proc_enc_info of smp_act.cc, there is a possible out of bounds ...)
+CVE-2018-9510
 	NOT-FOR-US: Android
-CVE-2018-9509 (In smp_proc_master_id of smp_act.cc, there is a possible out of bounds ...)
+CVE-2018-9509
 	NOT-FOR-US: Android
-CVE-2018-9508 (In smp_process_keypress_notification of smp_act.cc, there is a ...)
+CVE-2018-9508
 	NOT-FOR-US: Android
-CVE-2018-9507 (In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of ...)
+CVE-2018-9507
 	NOT-FOR-US: Android
-CVE-2018-9506 (In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound ...)
+CVE-2018-9506
 	NOT-FOR-US: Android
-CVE-2018-9505 (In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds ...)
+CVE-2018-9505
 	NOT-FOR-US: Android
-CVE-2018-9504 (In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of ...)
+CVE-2018-9504
 	NOT-FOR-US: Android
-CVE-2018-9503 (In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out ...)
+CVE-2018-9503
 	NOT-FOR-US: Android
-CVE-2018-9502 (In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible ...)
+CVE-2018-9502
 	NOT-FOR-US: Android
-CVE-2018-9501 (In the SetupWizard, there is a possible Factory Reset Protection ...)
+CVE-2018-9501
 	NOT-FOR-US: Android
 CVE-2018-9500
 	RESERVED
-CVE-2018-9499 (In readVector of iCrypto.cpp, there is a possible invalid read due to ...)
+CVE-2018-9499
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9498 (In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds ...)
+CVE-2018-9498
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9497 (In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s ...)
+CVE-2018-9497
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9496 (In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a ...)
+CVE-2018-9496
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9495
 	RESERVED
 CVE-2018-9494
 	RESERVED
-CVE-2018-9493 (In the content provider of the download manager, there is a possible ...)
+CVE-2018-9493
 	NOT-FOR-US: Android
-CVE-2018-9492 (In checkGrantUriPermissionLocked of ActivityManagerService.java, there ...)
+CVE-2018-9492
 	NOT-FOR-US: Android
-CVE-2018-9491 (In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible ...)
+CVE-2018-9491
 	NOT-FOR-US: Android
-CVE-2018-9490 (In CollectValuesOrEntriesImpl of elements.cc, there is possible remote ...)
+CVE-2018-9490
 	NOT-FOR-US: Android
-CVE-2018-9489 (When wifi is switched, function sendNetworkStateChangeBroadcast of ...)
+CVE-2018-9489
 	NOT-FOR-US: Android
-CVE-2018-9488 (In the SELinux permissions of crash_dump.te, there is a permissions ...)
+CVE-2018-9488
 	NOT-FOR-US: Android
 CVE-2018-9487
 	RESERVED
@@ -29717,14 +29707,14 @@ CVE-2018-9478
 CVE-2018-9477
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9476 (In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible ...)
+CVE-2018-9476
 	NOT-FOR-US: Android
 CVE-2018-9475
 	RESERVED
 	NOT-FOR-US: Android
 CVE-2018-9474
 	RESERVED
-CVE-2018-9473 (In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a ...)
+CVE-2018-9473
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9472
 	RESERVED
@@ -29747,7 +29737,7 @@ CVE-2018-9467
 CVE-2018-9466
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9465 (In task_get_unused_fd_flags of binder.c, there is a possible memory ...)
+CVE-2018-9465
 	- linux 4.14.12-1 (unimportant)
 	NOTE: Android drivers from staging not enabled in any released suite
 	NOTE: https://git.kernel.org/linus/7f3dc0088b98533f17128058fac73cd8b2752ef1
@@ -29761,38 +29751,38 @@ CVE-2018-9461
 	RESERVED
 CVE-2018-9460
 	RESERVED
-CVE-2018-9459 (In Attachment of Attachment.java and getFilePath of ...)
+CVE-2018-9459
 	NOT-FOR-US: Android
-CVE-2018-9458 (In computeFocusedWindow of RootWindowContainer.java, and related ...)
+CVE-2018-9458
 	NOT-FOR-US: Android
-CVE-2018-9457 (In onCheckedChanged of BluetoothPairingController.java, there is a ...)
+CVE-2018-9457
 	NOT-FOR-US: Android
 CVE-2018-9456
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9455 (In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of ...)
+CVE-2018-9455
 	NOT-FOR-US: Android
-CVE-2018-9454 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds ...)
+CVE-2018-9454
 	NOT-FOR-US: Android
-CVE-2018-9453 (In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds ...)
+CVE-2018-9453
 	NOT-FOR-US: Android
-CVE-2018-9452 (In getOffsetForHorizontal of Layout.java, there is a possible ...)
+CVE-2018-9452
 	NOT-FOR-US: Android
-CVE-2018-9451 (In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out ...)
+CVE-2018-9451
 	NOT-FOR-US: Android
-CVE-2018-9450 (In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of ...)
+CVE-2018-9450
 	NOT-FOR-US: Android
 CVE-2018-9449
 	RESERVED
-CVE-2018-9448 (In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of ...)
+CVE-2018-9448
 	NOT-FOR-US: Android
 CVE-2018-9447
 	RESERVED
-CVE-2018-9446 (In smp_br_state_machine_event of smp_br_main.cc, there is a possible ...)
+CVE-2018-9446
 	NOT-FOR-US: Android
-CVE-2018-9445 (In readMetadata of Utils.cpp, there is a possible path traversal bug ...)
+CVE-2018-9445
 	NOT-FOR-US: Android
-CVE-2018-9444 (In ih264d_video_decode of ih264d_api.c there is a possible resource ...)
+CVE-2018-9444
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9443
 	RESERVED
@@ -29805,11 +29795,11 @@ CVE-2018-9440
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9439
 	RESERVED
-CVE-2018-9438 (When a device connects only over WiFi VPN, the device may not receive ...)
+CVE-2018-9438
 	NOT-FOR-US: Android
-CVE-2018-9437 (In getstring of ID3.cpp there is a possible out-of-bounds read due to ...)
+CVE-2018-9437
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9436 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds ...)
+CVE-2018-9436
 	NOT-FOR-US: Android
 CVE-2018-9435
 	RESERVED
@@ -29834,7 +29824,7 @@ CVE-2018-9429
 CVE-2018-9428
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9427 (In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds ...)
+CVE-2018-9427
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9426
 	RESERVED
@@ -29847,7 +29837,7 @@ CVE-2018-9424
 CVE-2018-9423
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9422 (In get_futex_key of futex.c, there is a use-after-free due to improper ...)
+CVE-2018-9422
 	{DLA-1422-1}
 	- linux 4.6.1-1
 	NOTE: https://git.kernel.org/linus/65d8fc777f6dcfee12785c057a6b57f679641c90
@@ -29869,7 +29859,7 @@ CVE-2018-9417
 CVE-2018-9416
 	RESERVED
 	NOT-FOR-US: Android kernel (no source release, so not from upstream kernel)
-CVE-2018-9415 (In driver_override_store and driver_override_show of bus.c, there is a ...)
+CVE-2018-9415
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -29938,7 +29928,7 @@ CVE-2018-9387
 	RESERVED
 CVE-2018-9386
 	RESERVED
-CVE-2018-9385 (In driver_override_store of bus.c, there is a possible out of bounds ...)
+CVE-2018-9385
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -29988,24 +29978,24 @@ CVE-2018-9365
 	NOT-FOR-US: Android
 CVE-2018-9364
 	RESERVED
-CVE-2018-9363 (In the hidp_process_report in bluetooth, there is an integer overflow. ...)
+CVE-2018-9363
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
-CVE-2018-9362 (In processMessagePart of InboundSmsHandler.java, there is a possible ...)
+CVE-2018-9362
 	NOT-FOR-US: Android
-CVE-2018-9361 (In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds ...)
+CVE-2018-9361
 	NOT-FOR-US: Android
-CVE-2018-9360 (In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds ...)
+CVE-2018-9360
 	NOT-FOR-US: Android
-CVE-2018-9359 (In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds ...)
+CVE-2018-9359
 	NOT-FOR-US: Android
-CVE-2018-9358 (In gatts_process_attribute_req of gatt_sc.cc, there is a possible read ...)
+CVE-2018-9358
 	NOT-FOR-US: Android
-CVE-2018-9357 (In BNEP_Write of bnep_api.cc, there is a possible out of bounds write ...)
+CVE-2018-9357
 	NOT-FOR-US: Android
-CVE-2018-9356 (In bnep_data_ind of bnep_main.c, there is a possible remote code ...)
+CVE-2018-9356
 	NOT-FOR-US: Android
-CVE-2018-9355 (In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of ...)
+CVE-2018-9355
 	NOT-FOR-US: Android
 CVE-2018-9354
 	RESERVED
@@ -30022,7 +30012,7 @@ CVE-2018-9349
 CVE-2018-9348
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9347 (In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect ...)
+CVE-2018-9347
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9346
 	RESERVED
@@ -30049,46 +30039,46 @@ CVE-2018-9339
 CVE-2018-9338
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9337 (The PAN-OS web interface administration page in PAN-OS 6.1.20 and ...)
+CVE-2018-9337
 	NOT-FOR-US: PAN-OS
-CVE-2018-9336 (openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x ...)
+CVE-2018-9336
 	- openvpn <not-affected> (Windows specific issue)
 	NOTE: https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b
-CVE-2018-9335 (The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 ...)
+CVE-2018-9335
 	NOT-FOR-US: PAN-OS
-CVE-2018-9334 (The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, ...)
+CVE-2018-9334
 	NOT-FOR-US: PAN-OS
 CVE-2018-9333
 	RESERVED
 CVE-2018-9332
 	RESERVED
-CVE-2018-9331 (An issue was discovered in zzcms 8.2. user/adv.php allows remote ...)
+CVE-2018-9331
 	NOT-FOR-US: zzcms
-CVE-2018-9330 (register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by ...)
+CVE-2018-9330
 	NOT-FOR-US: Coremail XT3.0
 CVE-2018-9329
 	REJECTED
-CVE-2018-9328 (PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the ter_from ...)
+CVE-2018-9328
 	NOT-FOR-US: PHP Scripts Mall Redbus Clone Script
-CVE-2018-9327 (Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to execute ...)
+CVE-2018-9327
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-9326 (Etherpad 1.6.3 before 1.6.4 allows an attacker to execute arbitrary ...)
+CVE-2018-9326
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-9325 (Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to export all ...)
+CVE-2018-9325
 	- etherpad-lite <itp> (bug #576998)
 CVE-2018-9324
 	REJECTED
 CVE-2018-9323
 	REJECTED
-CVE-2018-9322 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
+CVE-2018-9322
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
 CVE-2018-9321
 	REJECTED
-CVE-2018-9320 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
+CVE-2018-9320
 	NOT-FOR-US: BMW (Head Unit HU_NBT component) on BMW vehicles
 CVE-2018-9319
 	REJECTED
-CVE-2018-9318 (The Telematics Control Unit (aka Telematic Communication Box or TCB), ...)
+CVE-2018-9318
 	NOT-FOR-US: Telematics Control Unit (aka Telematic Communication Box or TCB) on BMW vehicles
 CVE-2018-9317
 	REJECTED
@@ -30096,63 +30086,63 @@ CVE-2018-9316
 	REJECTED
 CVE-2018-9315
 	REJECTED
-CVE-2018-9314 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
+CVE-2018-9314
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
-CVE-2018-9313 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
+CVE-2018-9313
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
-CVE-2018-9312 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
+CVE-2018-9312
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
-CVE-2018-9311 (The Telematics Control Unit (aka Telematic Communication Box or TCB), ...)
+CVE-2018-9311
 	NOT-FOR-US: Telematics Control Unit (aka Telematic Communication Box or TCB) on BMW vehicles
-CVE-2018-1000155 (OpenFlow version 1.0 onwards contains a Denial of Service and Improper ...)
+CVE-2018-1000155
 	NOT-FOR-US: Flaw in the OpenFlow protocol
-CVE-2018-1000154 (Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper ...)
+CVE-2018-1000154
 	NOT-FOR-US: Zammad GmbH Zammad
-CVE-2018-1000142 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000142
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000143 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000143
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000144 (A cross site scripting vulnerability exists in Jenkins Cucumber Living ...)
+CVE-2018-1000144
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000145 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000145
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000146 (An arbitrary code execution vulnerability exists in Liquibase Runner ...)
+CVE-2018-1000146
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000147 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000147
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000148 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000148
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000149 (A man in the middle vulnerability exists in Jenkins Ansible Plugin 0.8 ...)
+CVE-2018-1000149
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000150 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2018-1000150
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000151 (A man in the middle vulnerability exists in Jenkins vSphere Plugin ...)
+CVE-2018-1000151
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000152 (An improper authorization vulnerability exists in Jenkins vSphere ...)
+CVE-2018-1000152
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000153 (A cross-site request forgery vulnerability exists in Jenkins vSphere ...)
+CVE-2018-1000153
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-9310 (An issue was discovered in MagniComp SysInfo before 10-H82 if setuid ...)
+CVE-2018-9310
 	NOT-FOR-US: MagniComp SysInfo
-CVE-2018-9309 (An issue was discovered in zzcms 8.2. It allows SQL injection via the ...)
+CVE-2018-9309
 	NOT-FOR-US: zzcms
 CVE-2018-9308
 	RESERVED
-CVE-2018-9307 (dsmall v20180320 allows XSS via the pdr_sn parameter to ...)
+CVE-2018-9307
 	NOT-FOR-US: dsmall
 CVE-2018-9306
 	REJECTED
-CVE-2018-9305 (In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in ...)
+CVE-2018-9305
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/263
-CVE-2018-9304 (In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in ...)
+CVE-2018-9304
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/262
-CVE-2018-9303 (In Exiv2 0.26, an assertion failure in BigTiffImage::readData in ...)
+CVE-2018-9303
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/262
-CVE-2018-9302 (SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in ...)
+CVE-2018-9302
 	NOT-FOR-US: Cockpit CMS (different from src:cockpit)
 CVE-2018-9301
 	RESERVED
@@ -30186,37 +30176,37 @@ CVE-2018-9287
 	RESERVED
 CVE-2018-9286
 	RESERVED
-CVE-2018-9243 (GitLab Community and Enterprise Editions version 8.4 up to 10.4 are ...)
+CVE-2018-9243
 	- gitlab 10.6.3+dfsg-1 (bug #894869)
 	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
-CVE-2018-9244 (GitLab Community and Enterprise Editions version 9.2 up to 10.4 are ...)
+CVE-2018-9244
 	- gitlab 10.6.3+dfsg-1 (bug #894868)
 	[stretch] - gitlab <not-affected> (Vulnerable code introduced in 9.2)
 	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
 CVE-2018-XXXX [Confidential issue comments in Slack, Mattermost, and webhook integrations]
 	- gitlab 10.6.3+dfsg-1 (bug #894867)
 	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
-CVE-2018-9285 (Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, ...)
+CVE-2018-9285
 	NOT-FOR-US: ASUS
-CVE-2018-9284 (authentication.cgi on D-Link DIR-868L devices with Singapore StarHub ...)
+CVE-2018-9284
 	NOT-FOR-US: D-Link
-CVE-2018-9283 (An XSS issue was discovered in CremeCRM 1.6.12. It is affected by 10 ...)
+CVE-2018-9283
 	NOT-FOR-US: Creme CRM
-CVE-2018-9282 (An XSS issue was discovered in Subsonic Media Server 6.1.1. The ...)
+CVE-2018-9282
 	NOT-FOR-US: Subsonic Media Server
-CVE-2018-9281 (An issue was discovered on Eaton UPS 9PX 8000 SP devices. The ...)
+CVE-2018-9281
 	NOT-FOR-US: Eaton
-CVE-2018-9280 (An issue was discovered on Eaton UPS 9PX 8000 SP devices. The ...)
+CVE-2018-9280
 	NOT-FOR-US: Eaton
-CVE-2018-9279 (An issue was discovered on Eaton UPS 9PX 8000 SP devices. The ...)
+CVE-2018-9279
 	NOT-FOR-US: Eaton
 CVE-2018-9278
 	RESERVED
 CVE-2018-9277
 	RESERVED
-CVE-2018-9276 (An issue was discovered in PRTG Network Monitor before 18.2.39. An ...)
+CVE-2018-9276
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-9275 (In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) ...)
+CVE-2018-9275
 	- yubico-pam 2.26-1 (bug #896491)
 	[stretch] - yubico-pam <no-dsa> (Minor issue)
 	[jessie] - yubico-pam <not-affected> (Vulnerable code introduced later)
@@ -30225,13 +30215,13 @@ CVE-2018-9275 (In check_user_token in util.c in the Yubico PAM module (aka pam_y
 	NOTE: Fixed by: https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba
 	NOTE: Introduced in: https://github.com/Yubico/yubico-pam/commit/d9780eacd9e61c5062cdabdce21c224de1884583 (2.18)
 	NOTE: https://github.com/Yubico/yubico-pam/issues/136
-CVE-2018-1002150 (Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access ...)
+CVE-2018-1002150
 	- koji <not-affected> (Issue introduced in 1.12.0, cf. #894832)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/04/1
 	NOTE: https://docs.pagure.org/koji/CVE-2018-1002150/
 	NOTE: https://pagure.io/koji/issue/850
 	NOTE: Fixed by: https://pagure.io/koji/c/ab1ade7
-CVE-2018-9274 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c ...)
+CVE-2018-9274
 	- wireshark 2.4.6-1
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -30240,7 +30230,7 @@ CVE-2018-9274 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_messa
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=211845aba4794720ae265c782cdffddae54a3e7a
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f38e895dfc0d97bce64f73ce99df706911d9aa07
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9273 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9273
 	- wireshark 2.4.6-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -30248,60 +30238,60 @@ CVE-2018-9273 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14488
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1f8f1456f1e73b6c09e50a64749e43413ac12df7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9272 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9272
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e3b90824a82724f445a0374e99f0b76e4cf5e8b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9271 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9271
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14486
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b0228945dc74ee82d2ab4a4e7af2bdfe7b75910
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9270 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a ...)
+CVE-2018-9270
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14485
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0fbc50f9b9219be54d6db47f04b65af19696a7c7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9269 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9269
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14484
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e19aba33026212cbe000ece633adf14d109489fa
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9268 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9268
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14483
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c69d710d2bf39fe633800db65efddf55701131b6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9267 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9267
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14482
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ed057f7faa709dbde34b91f0715a957837f74d9
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9266 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9266
 	- wireshark 2.4.6-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14481
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9d3714e767cb104dcfa1647935fa5960b16bb8e1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9265 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+CVE-2018-9265
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14480
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b12cc581cd4878d74b6116ca02c7dbe650c1f242
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9264 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector ...)
+CVE-2018-9264
 	- wireshark 2.4.6-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (Vulnerable code not present (only adb_cs available))
@@ -30309,53 +30299,53 @@ CVE-2018-9264 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissecto
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14460
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0290a62be0fca8da9bb190f59dc1fe26c1d65024
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-16.html
-CVE-2018-9263 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector ...)
+CVE-2018-9263
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14576
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4fe65168fd0de81306710330aa414f10f53cbdf0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-23.html
-CVE-2018-9262 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector ...)
+CVE-2018-9262
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14469
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f05c3b91f9571210b86576ee6284e71a3306109d
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-19.html
-CVE-2018-9261 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector ...)
+CVE-2018-9261
 	{DSA-4217-1 DLA-1388-1}
 	- wireshark 2.4.6-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14471
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=66bc372716e04d6a8afdf6712583c9b5d11fee55
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-18.html
-CVE-2018-9260 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 ...)
+CVE-2018-9260
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=14d6f717d8ea27688af48532edb1d29f502ea8f0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-17.html
-CVE-2018-9259 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector ...)
+CVE-2018-9259
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2113179835b37549f245ac7c05ff2b96276893e4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-15.html
-CVE-2018-9258 (In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was ...)
+CVE-2018-9258
 	{DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14472
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2d4695de1477df60b0188fd581c0c279db601978
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-21.html
-CVE-2018-9257 (In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an ...)
+CVE-2018-9257
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14530
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d7a9501b0439a5dbf24016a95b4896170d789dc2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-22.html
-CVE-2018-9256 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector ...)
+CVE-2018-9256
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -30368,11 +30358,11 @@ CVE-2018-9254
 	RESERVED
 CVE-2018-9253
 	RESERVED
-CVE-2018-9252 (JasPer 2.0.14 allows denial of service via a reachable assertion in the ...)
+CVE-2018-9252
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/173
 	NOTE: Negligible impact
-CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is ...)
+CVE-2018-9251
 	- libxml2 <not-affected> (Fix for CVE-2017-18258 not applied, cf. bug #895195)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=794914
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
@@ -30384,56 +30374,56 @@ CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzm
 	NOTE: in LZMA_MEMLIMIT_ERROR outcome because there is no way to exceed UINT64_MAX.
 	NOTE: Thus CVE-2018-9251 is only affecting libxml2 if e2a9122b8dde53d320750451e9907a7dcb2ca8bb
 	NOTE: is applied.
-CVE-2018-9250 (interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote ...)
+CVE-2018-9250
 	NOT-FOR-US: OpenEMR
-CVE-2018-9249 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ...)
+CVE-2018-9249
 	NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
-CVE-2018-9248 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via ...)
+CVE-2018-9248
 	NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
-CVE-2018-9247 (The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in ...)
+CVE-2018-9247
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9246 (The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...)
+CVE-2018-9246
 	- libpgobject-util-dbadmin-perl 0.130.1-1 (bug #900942)
 	[stretch] - libpgobject-util-dbadmin-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/ledgersmb/PGObject-Util-DBAdmin/commit/2c25c3dbc8b832a657247d3ea63ae80f3c5df6b1
 	NOTE: https://github.com/ledgersmb/PGObject-Util-DBAdmin/commit/f4e684008ca9e182833a70793ae91288d2c80218
 	NOTE: https://github.com/ledgersmb/PGObject-Util-DBAdmin/commit/dc48d0e1af0dbf861779b2c781e0f4c612c22cfb
 	NOTE: https://archive.ledgersmb.org/ledger-smb-announce/msg00280.html
-CVE-2018-9245 (The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection ...)
+CVE-2018-9245
 	NOT-FOR-US: Ericsson-LG iPECS NMS A.1Ac login portal
-CVE-2018-9242 (The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, ...)
+CVE-2018-9242
 	NOT-FOR-US: PAN-OS
 CVE-2018-9241
 	RESERVED
 CVE-2018-9239
 	RESERVED
-CVE-2018-9238 (proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName ...)
+CVE-2018-9238
 	NOT-FOR-US: Yahei-PHP Proberv
-CVE-2018-9237 (iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the &quot;Site ...)
+CVE-2018-9237
 	NOT-FOR-US: iScripts EasyCreate
-CVE-2018-9236 (iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the &quot;Site ...)
+CVE-2018-9236
 	NOT-FOR-US: iScripts EasyCreate
-CVE-2018-9235 (iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query ...)
+CVE-2018-9235
 	NOT-FOR-US: iScripts SonicBB
-CVE-2018-9234 (GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key ...)
+CVE-2018-9234
 	- gnupg2 2.2.7-1 (low; bug #894983)
 	[stretch] - gnupg2 <no-dsa> (Minor issue)
 	[jessie] - gnupg2 <no-dsa> (Minor issue)
 	[wheezy] - gnupg2 <no-dsa> (Minor issue)
 	NOTE: https://dev.gnupg.org/T3844
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=a17d2d1f690ebe5d005b4589a5fe378b6487c657
-CVE-2018-9240 (ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a ...)
+CVE-2018-9240
 	- ncmpc 0.33-1 (low; bug #894724)
 	[stretch] - ncmpc <no-dsa> (Minor issue)
 	[jessie] - ncmpc <no-dsa> (Minor issue)
 	[wheezy] - ncmpc <no-dsa> (Minor issue)
-CVE-2018-9233 (Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for ...)
+CVE-2018-9233
 	NOT-FOR-US: Sophos
-CVE-2018-9232 (Due to the lack of firmware authentication in the upgrade process of ...)
+CVE-2018-9232
 	NOT-FOR-US: T&W WIFI Repeater BE126 devices
 CVE-2018-9231
 	RESERVED
-CVE-2018-9230 (** DISPUTED ** In OpenResty through 1.13.6.1, URI parameters are ...)
+CVE-2018-9230
 	NOT-FOR-US: OpenResty
 CVE-2018-9229
 	RESERVED
@@ -30475,17 +30465,17 @@ CVE-2018-9211
 	RESERVED
 CVE-2018-9210
 	RESERVED
-CVE-2018-9209 (Unauthenticated arbitrary file upload vulnerability in FineUploader ...)
+CVE-2018-9209
 	NOT-FOR-US: FineUploader
-CVE-2018-9208 (Unauthenticated arbitrary file upload vulnerability in jQuery Picture ...)
+CVE-2018-9208
 	NOT-FOR-US: jQuery Picture
-CVE-2018-9207 (Arbitrary file upload in jQuery Upload File &lt;= 4.0.2 ...)
+CVE-2018-9207
 	NOT-FOR-US: jQuery Upload File (different from src:libjs-jquery-file-upload)
-CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp ...)
+CVE-2018-9206
 	- libjs-jquery-file-upload 9.25.0-1
 	NOTE: https://github.com/blueimp/jQuery-File-Upload/pull/3514
 	NOTE: http://www.vapidlabs.com/advisory.php?v=204
-CVE-2018-9205 (Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php ...)
+CVE-2018-9205
 	NOT-FOR-US: avatar_uploader
 CVE-2018-9204
 	RESERVED
@@ -30507,15 +30497,15 @@ CVE-2018-9196
 	RESERVED
 CVE-2018-9195
 	RESERVED
-CVE-2018-9194 (A plaintext recovery of encrypted messages or a Man-in-the-middle ...)
+CVE-2018-9194
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-9193
 	RESERVED
-CVE-2018-9192 (A plaintext recovery of encrypted messages or a Man-in-the-middle ...)
+CVE-2018-9192
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-9191
 	RESERVED
-CVE-2018-9190 (A null pointer dereference vulnerability in Fortinet ...)
+CVE-2018-9190
 	NOT-FOR-US: Fortinet
 CVE-2018-9189
 	RESERVED
@@ -30523,15 +30513,15 @@ CVE-2018-9188
 	RESERVED
 CVE-2018-9187
 	RESERVED
-CVE-2018-9186 (A cross-site scripting (XSS) vulnerability in Fortinet ...)
+CVE-2018-9186
 	NOT-FOR-US: Fortinet
-CVE-2018-9185 (An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and ...)
+CVE-2018-9185
 	NOT-FOR-US: Fortinet
 CVE-2018-9184
 	RESERVED
-CVE-2018-9183 (The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. ...)
+CVE-2018-9183
 	NOT-FOR-US: Joomla addon
-CVE-2018-9182 (Twonky Server before 8.5.1 has XSS via a modified &quot;language&quot; parameter ...)
+CVE-2018-9182
 	NOT-FOR-US: Twonky Server
 CVE-2018-9181
 	RESERVED
@@ -30541,23 +30531,23 @@ CVE-2018-9179
 	RESERVED
 CVE-2018-9178
 	RESERVED
-CVE-2018-9177 (Twonky Server before 8.5.1 has XSS via a folder name on the Shared ...)
+CVE-2018-9177
 	NOT-FOR-US: Twonky Server
 CVE-2018-9176
 	RESERVED
-CVE-2018-9175 (DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via ...)
+CVE-2018-9175
 	NOT-FOR-US: DedeCMS
-CVE-2018-9174 (sys_verifies.php in DedeCMS 5.7 allows remote attackers to execute ...)
+CVE-2018-9174
 	NOT-FOR-US: DedeCMS
-CVE-2018-9173 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-9173
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-9172 (The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress ...)
+CVE-2018-9172
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-9171
 	RESERVED
 CVE-2018-9170
 	RESERVED
-CVE-2018-9169 (Z-BlogPHP 1.5.1 has XSS via the ...)
+CVE-2018-9169
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-9168
 	RESERVED
@@ -30565,56 +30555,56 @@ CVE-2018-9167
 	RESERVED
 CVE-2018-9166
 	RESERVED
-CVE-2018-9165 (The pushdup function in util/decompile.c in libming through 0.4.8 does ...)
+CVE-2018-9165
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/121
 CVE-2018-9164
 	RESERVED
-CVE-2018-9163 (A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...)
+CVE-2018-9163
 	NOT-FOR-US: Zoho
-CVE-2018-9162 (Contec Smart Home 4.15 devices do not require authentication for ...)
+CVE-2018-9162
 	NOT-FOR-US: Contec Smart Home
-CVE-2018-9161 (Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers ...)
+CVE-2018-9161
 	NOT-FOR-US: Prisma Industriale Checkweigher PrismaWEB
-CVE-2018-9160 (SickRage before v2018.03.09-1 includes cleartext credentials in HTTP ...)
+CVE-2018-9160
 	NOT-FOR-US: SickRage
-CVE-2018-9159 (In Spark before 2.7.2, a remote attacker can read unintended static ...)
+CVE-2018-9159
 	NOT-FOR-US: Spark Java framework (unrelated to src:spark)
-CVE-2018-9158 (An issue was discovered on AXIS M1033-W (IP camera) Firmware version ...)
+CVE-2018-9158
 	NOT-FOR-US: AXIS
-CVE-2018-9157 (** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) ...)
+CVE-2018-9157
 	NOT-FOR-US: AXIS
-CVE-2018-9156 (** DISPUTED ** An issue was discovered on AXIS P1354 (IP camera) ...)
+CVE-2018-9156
 	NOT-FOR-US: AXIS
-CVE-2018-9155 (Cross-site scripting (XSS) vulnerability in Open-AudIT Professional ...)
+CVE-2018-9155
 	NOT-FOR-US: Open-AudIT Professional
 CVE-2018-9154
 	REJECTED
-CVE-2018-9153 (The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers ...)
+CVE-2018-9153
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-9152
 	RESERVED
-CVE-2018-9151 (A NULL pointer dereference bug in the function ...)
+CVE-2018-9151
 	NOT-FOR-US: Kingsoft Internet Security
 CVE-2018-9150
 	RESERVED
-CVE-2018-9149 (The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a ...)
+CVE-2018-9149
 	NOT-FOR-US: Zyxel
-CVE-2018-9148 (Western Digital WD My Cloud v04.05.00-320 devices embed the session ...)
+CVE-2018-9148
 	NOT-FOR-US: Western Digital WD My Cloud
-CVE-2018-9147 (Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage ...)
+CVE-2018-9147
 	NOT-FOR-US: Gespage
 CVE-2018-9146
 	REJECTED
-CVE-2018-9145 (In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an ...)
+CVE-2018-9145
 	[experimental] - exiv2 <unfixed> (bug #910909)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/xiaoqx/pocs/tree/master/exiv2
 	NOTE: https://github.com/Exiv2/exiv2/pull/470
 	NOTE: Fixed with: https://github.com/Exiv2/exiv2/commit/c03f73268f65c73f9d3d7b670f13e48e92692750
 	NOTE: Issue introduced after https://github.com/Exiv2/exiv2/commit/163f3ce7f17a143f58d857a5cba3cb7b24436a2a
-CVE-2018-9144 (In Exiv2 0.26, there is an out-of-bounds read in ...)
+CVE-2018-9144
 	- exiv2 <unfixed> (low)
 	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -30623,35 +30613,35 @@ CVE-2018-9144 (In Exiv2 0.26, there is an out-of-bounds read in ...)
 	NOTE: https://github.com/Exiv2/exiv2/issues/254
 	NOTE: https://github.com/xiaoqx/pocs/tree/master/exiv2
 	NOTE: https://github.com/Exiv2/exiv2/pull/180 intends to fix this
-CVE-2018-9143 (On Samsung mobile devices with M(6.0) and N(7.x) software, a heap ...)
+CVE-2018-9143
 	NOT-FOR-US: Samsung
-CVE-2018-9142 (On Samsung mobile devices with N(7.x) software, attackers can install ...)
+CVE-2018-9142
 	NOT-FOR-US: Samsung
-CVE-2018-9141 (On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, ...)
+CVE-2018-9141
 	NOT-FOR-US: Samsung
-CVE-2018-9140 (On Samsung mobile devices with M(6.0) software, the Email application ...)
+CVE-2018-9140
 	NOT-FOR-US: Samsung
-CVE-2018-9139 (On Samsung mobile devices with N(7.x) software, a buffer overflow in ...)
+CVE-2018-9139
 	NOT-FOR-US: Samsung
-CVE-2018-9138 (An issue was discovered in cplus-dem.c in GNU libiberty, as ...)
+CVE-2018-9138
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23008
-CVE-2018-9137 (Open-AudIT before 2.2 has CSV Injection. ...)
+CVE-2018-9137
 	NOT-FOR-US: Open-AudIT
-CVE-2018-9136 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...)
+CVE-2018-9136
 	NOT-FOR-US: Jungo
-CVE-2018-9135 (In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in ...)
+CVE-2018-9135
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1009
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/361ed689cc8e56fd125f9d0d6508e9eb303bdca6
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4f7196b0b7539b113f2580b6a77aa496813d8899
 	NOTE: webp support not enabled, see #806425
-CVE-2018-9134 (file_manage_control.php in DedeCMS 5.7 has CSRF in an fmdo=rename ...)
+CVE-2018-9134
 	NOT-FOR-US: DedeCMS
-CVE-2018-9133 (ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage ...)
+CVE-2018-9133
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (low; bug #894848)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -30660,71 +30650,71 @@ CVE-2018-9133 (ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLab
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1072
 	NOTE: IM6: https://github.com/ImageMagick/ImageMagick/commit/089fca04e0130549fa15f48ace3f56e30a06049a
 	NOTE: IM7: https://github.com/ImageMagick/ImageMagick/commit/19b96ba61431914e2ac316b72c0789965f2b7c09
-CVE-2018-9132 (libming 0.4.8 has a NULL pointer dereference in the getInt function of ...)
+CVE-2018-9132
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/133
 CVE-2018-9131
 	REJECTED
-CVE-2018-9130 (IBOS 4.4.3 has XSS via a company full name. ...)
+CVE-2018-9130
 	NOT-FOR-US: IBOS
-CVE-2018-9129 (ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in ...)
+CVE-2018-9129
 	NOT-FOR-US: ZyXEL ZyWALL/USG series devices
-CVE-2018-9128 (DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf ...)
+CVE-2018-9128
 	NOT-FOR-US: DVD X Player Standard
-CVE-2018-9127 (Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard ...)
+CVE-2018-9127
 	- botan 2.4.0-5 (bug #894648)
-CVE-2018-9126 (The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote ...)
+CVE-2018-9126
 	NOT-FOR-US: DNN
 CVE-2018-9125
 	RESERVED
 CVE-2018-9124
 	RESERVED
-CVE-2018-9123 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a User ...)
+CVE-2018-9123
 	NOT-FOR-US: Crea8social
-CVE-2018-9122 (In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the ...)
+CVE-2018-9122
 	NOT-FOR-US: Crea8social
-CVE-2018-9121 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post ...)
+CVE-2018-9121
 	NOT-FOR-US: Crea8social
-CVE-2018-9120 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post. ...)
+CVE-2018-9120
 	NOT-FOR-US: Crea8social
-CVE-2018-9119 (An attacker with physical access to a BrilliantTS FUZE card (MCU ...)
+CVE-2018-9119
 	NOT-FOR-US: BrilliantTS FUZE card
-CVE-2018-9118 (exports/download.php in the 99 Robots WP Background Takeover ...)
+CVE-2018-9118
 	NOT-FOR-US: 99 Robots WP Background Takeover Advertisements plugin for WordPress
-CVE-2018-9117 (WireMock before 2.16.0 contains a vulnerability that allows a remote ...)
+CVE-2018-9117
 	NOT-FOR-US: WireMock
-CVE-2018-9116 (An XXE vulnerability within WireMock before 2.16.0 allows a remote ...)
+CVE-2018-9116
 	NOT-FOR-US: WireMock
-CVE-2018-9115 (Systematic SitaWare 6.4 SP2 does not validate input from other sources ...)
+CVE-2018-9115
 	NOT-FOR-US: Systematic SitaWare
 CVE-2018-9114
 	RESERVED
-CVE-2018-9113 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows ...)
+CVE-2018-9113
 	NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE
-CVE-2018-9112 (A low privileged admin account with a weak default password of admin ...)
+CVE-2018-9112
 	NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE
-CVE-2018-9111 (Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T ...)
+CVE-2018-9111
 	NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE
-CVE-2018-9110 (Studio 42 elFinder before 2.1.37 has a directory traversal ...)
+CVE-2018-9110
 	NOT-FOR-US: Studio 42 elFinder
-CVE-2018-9109 (Studio 42 elFinder before 2.1.36 has a directory traversal ...)
+CVE-2018-9109
 	NOT-FOR-US: Studio 42 elFinder
-CVE-2018-9108 (CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an ...)
+CVE-2018-9108
 	NOT-FOR-US: QuickAppsCMS
-CVE-2018-9107 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists ...)
+CVE-2018-9107
 	NOT-FOR-US: Acyba AcyMailing extension for Joomla!
-CVE-2018-9106 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists ...)
+CVE-2018-9106
 	NOT-FOR-US: Acyba AcyMailing extension for Joomla!
-CVE-2018-9105 (NordVPN 3.3.10 for macOS suffers from a root privilege escalation ...)
+CVE-2018-9105
 	NOT-FOR-US: NordVPN
-CVE-2018-9104 (A vulnerability in the conferencing component of Mitel MiVoice ...)
+CVE-2018-9104
 	NOT-FOR-US: Mitel
-CVE-2018-9103 (A vulnerability in the conferencing component of Mitel MiVoice ...)
+CVE-2018-9103
 	NOT-FOR-US: Mitel
-CVE-2018-9102 (A vulnerability in the conferencing component of Mitel MiVoice ...)
+CVE-2018-9102
 	NOT-FOR-US: Mitel
-CVE-2018-9101 (A vulnerability in the conferencing component of Mitel MiVoice ...)
+CVE-2018-9101
 	NOT-FOR-US: Mitel
 CVE-2018-9100
 	RESERVED
@@ -30742,9 +30732,9 @@ CVE-2018-9094
 	RESERVED
 CVE-2018-9093
 	RESERVED
-CVE-2018-9092 (There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that ...)
+CVE-2018-9092
 	NOT-FOR-US: MiniCMS
-CVE-2018-9091 (A critical vulnerability in the KEMP LoadMaster Operating System ...)
+CVE-2018-9091
 	NOT-FOR-US: KEMP LoadMaster Operating System
 CVE-2018-9090
 	RESERVED
@@ -30754,167 +30744,167 @@ CVE-2018-9088
 	RESERVED
 CVE-2018-9087
 	RESERVED
-CVE-2018-9086 (In some Lenovo ThinkServer-branded servers, a command injection ...)
+CVE-2018-9086
 	NOT-FOR-US: Lenovo
-CVE-2018-9085 (A write protection lock bit was left unset after boot on an older ...)
+CVE-2018-9085
 	NOT-FOR-US: IBM
-CVE-2018-9084 (In System Management Module (SMM) versions prior to 1.06, if an ...)
+CVE-2018-9084
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-9083 (In System Management Module (SMM) versions prior to 1.06, the SMM ...)
+CVE-2018-9083
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-9082 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9082
 	NOT-FOR-US: Lenovo
-CVE-2018-9081 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9081
 	NOT-FOR-US: Lenovo
-CVE-2018-9080 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9080
 	NOT-FOR-US: Lenovo
-CVE-2018-9079 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9079
 	NOT-FOR-US: Lenovo
-CVE-2018-9078 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9078
 	NOT-FOR-US: Lenovo
-CVE-2018-9077 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9077
 	NOT-FOR-US: Lenovo
-CVE-2018-9076 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9076
 	NOT-FOR-US: Lenovo
-CVE-2018-9075 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9075
 	NOT-FOR-US: Lenovo
-CVE-2018-9074 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
+CVE-2018-9074
 	NOT-FOR-US: Lenovo
-CVE-2018-9073 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes ...)
+CVE-2018-9073
 	NOT-FOR-US: Lenovo Chassis Management Module
-CVE-2018-9072 (In versions prior to 5.5, LXCI for VMware allows an authenticated user ...)
+CVE-2018-9072
 	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
-CVE-2018-9071 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows ...)
+CVE-2018-9071
 	NOT-FOR-US: Lenovo Chassis Management Module
-CVE-2018-9070 (For the Lenovo Smart Assistant Android app versions earlier than ...)
+CVE-2018-9070
 	NOT-FOR-US: Lenovo
-CVE-2018-9069 (In some Lenovo IdeaPad consumer notebook models, a race condition in ...)
+CVE-2018-9069
 	NOT-FOR-US: Lenovo
-CVE-2018-9068 (The IMM2 First Failure Data Capture function collects management ...)
+CVE-2018-9068
 	NOT-FOR-US: IBM
-CVE-2018-9067 (The Lenovo Help Android app versions earlier than 6.1.2.0327 had ...)
+CVE-2018-9067
 	NOT-FOR-US: Lenovo
-CVE-2018-9066 (In Lenovo xClarity Administrator versions earlier than 2.1.0, an ...)
+CVE-2018-9066
 	NOT-FOR-US: Lenovo xClarity Administrator
-CVE-2018-9065 (In Lenovo xClarity Administrator versions earlier than 2.1.0, an ...)
+CVE-2018-9065
 	NOT-FOR-US: Lenovo xClarity Administrator
-CVE-2018-9064 (In Lenovo xClarity Administrator versions earlier than 2.1.0, an ...)
+CVE-2018-9064
 	NOT-FOR-US: Lenovo xClarity Administrator
-CVE-2018-9063 (MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo ...)
+CVE-2018-9063
 	NOT-FOR-US: Lenovo
-CVE-2018-9062 (In some Lenovo ThinkPad products, one BIOS region is not properly ...)
+CVE-2018-9062
 	NOT-FOR-US: Lenovo
 CVE-2018-9061
 	RESERVED
 CVE-2018-9060
 	REJECTED
-CVE-2018-9059 (Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 ...)
+CVE-2018-9059
 	NOT-FOR-US: Easy File Sharing (EFS)
-CVE-2018-9058 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the ...)
+CVE-2018-9058
 	- lrzip 0.631+git180517-1 (unimportant)
 	NOTE: https://github.com/ckolivas/lrzip/issues/93
 	NOTE: No security impact
-CVE-2018-7600 (Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x ...)
+CVE-2018-7600
 	{DSA-4156-1 DLA-1325-1}
 	- drupal7 7.58-1 (bug #894259)
 	NOTE: https://www.drupal.org/sa-core-2018-002
 	NOTE: https://groups.drupal.org/security/faq-2018-002
 	NOTE: https://www.drupal.org/psa-2018-001
 	NOTE: Drupal 7.x Patch: https://cgit.drupalcode.org/drupal/rawdiff/?h=7.x&id=2266d2a83db50e2f97682d9a0fb8a18e2722cba5
-CVE-2018-9057 (aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform ...)
+CVE-2018-9057
 	NOT-FOR-US: HashiCorp Terraform Amazon Web Services
-CVE-2018-9056 (Systems with microprocessors utilizing speculative execution may allow ...)
+CVE-2018-9056
 	NOTE: Hardware side channel attack
 	NOTE: http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf
-CVE-2018-9055 (JasPer 2.0.14 allows denial of service via a reachable assertion in the ...)
+CVE-2018-9055
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/172
 	NOTE: Negligible impact
-CVE-2018-9054 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9054
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9053 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9053
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9052 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9052
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9051 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9051
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9050 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9050
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9049 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9049
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9048 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9048
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9047 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9047
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9046 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9046
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9045 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-9045
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9044 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9044
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9043 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9043
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9042 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9042
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9041 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9041
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9040 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9040
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9039 (In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, ...)
+CVE-2018-9039
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-9038 (Monstra CMS 3.0.4 allows remote attackers to delete files via an ...)
+CVE-2018-9038
 	NOT-FOR-US: Monstra CMS
-CVE-2018-9037 (Monstra CMS 3.0.4 allows remote code execution via an upload_file ...)
+CVE-2018-9037
 	NOT-FOR-US: Monstra CMS
-CVE-2018-9036 (CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login Page ...)
+CVE-2018-9036
 	NOT-FOR-US: CheckSec Canopy
-CVE-2018-9035 (CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form ...)
+CVE-2018-9035
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-9034 (Cross-site scripting (XSS) vulnerability in lib/interface.php of the ...)
+CVE-2018-9034
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-9033
 	RESERVED
-CVE-2018-9032 (An authentication bypass vulnerability on D-Link DIR-850L Wireless ...)
+CVE-2018-9032
 	NOT-FOR-US: D-Link
-CVE-2018-9031 (The login interface on TNLSoftSolutions Sentry Vision 3.x devices ...)
+CVE-2018-9031
 	NOT-FOR-US: TNLSoftSolutions Sentry Vision 3.x devices
 CVE-2018-9030
 	RESERVED
-CVE-2018-9029 (An improper input validation vulnerability in CA Privileged Access ...)
+CVE-2018-9029
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9028 (Weak cryptography used for passwords in CA Privileged Access Manager ...)
+CVE-2018-9028
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9027 (A reflected cross-site scripting vulnerability in CA Privileged Access ...)
+CVE-2018-9027
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9026 (A session fixation vulnerability in CA Privileged Access Manager 2.x ...)
+CVE-2018-9026
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9025 (An input validation vulnerability in CA Privileged Access Manager 2.x ...)
+CVE-2018-9025
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9024 (An improper authentication vulnerability in CA Privileged Access ...)
+CVE-2018-9024
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9023 (An input validation vulnerability in CA Privileged Access Manager 2.x ...)
+CVE-2018-9023
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9022 (An authentication bypass vulnerability in CA Privileged Access Manager ...)
+CVE-2018-9022
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9021 (An authentication bypass vulnerability in CA Privileged Access Manager ...)
+CVE-2018-9021
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9020 (The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via ...)
+CVE-2018-9020
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-9019 (SQL Injection vulnerability in Dolibarr before version 7.0.2 allows ...)
+CVE-2018-9019
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/83b762b681c6dfdceb809d26ce95f3667b614739
-CVE-2018-9018 (In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage ...)
+CVE-2018-9018
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.28-2 (bug #894396)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/554/
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/84040fada1ee
-CVE-2018-9017 (dsmall v20180320 allows XSS via the member search box at the ...)
+CVE-2018-9017
 	NOT-FOR-US: dsmall
-CVE-2018-9016 (dsmall v20180320 allows XSS via the main page search box at the ...)
+CVE-2018-9016
 	NOT-FOR-US: dsmall
-CVE-2018-9015 (dsmall v20180320 allows XSS via the ...)
+CVE-2018-9015
 	NOT-FOR-US: dsmall
-CVE-2018-9014 (dsmall v20180320 allows physical path leakage via a ...)
+CVE-2018-9014
 	NOT-FOR-US: dsmall
 CVE-2018-9013
 	RESERVED
@@ -30922,53 +30912,53 @@ CVE-2018-9012
 	RESERVED
 CVE-2018-9011
 	RESERVED
-CVE-2018-9010 (Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote ...)
+CVE-2018-9010
 	NOT-FOR-US: Intelbras
-CVE-2018-9009 (In libming 0.4.8, there is a use-after-free in the decompileJUMP ...)
+CVE-2018-9009
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/131
 CVE-2018-9008
 	RESERVED
-CVE-2018-9007 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9007
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9006 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9006
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9005 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9005
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9004 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9004
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9003 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9003
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9002 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9002
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9001 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9001
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9000 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-9000
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-8999 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-8999
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-8998 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file ...)
+CVE-2018-8998
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-8997 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8997
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8996 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8996
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8995 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8995
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8994 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8994
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8993 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8993
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8992 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8992
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8991 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8991
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8990 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8990
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8989 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8989
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8988 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8988
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
 CVE-2018-8987
 	RESERVED
@@ -30986,15 +30976,15 @@ CVE-2018-8981
 	RESERVED
 CVE-2018-8980
 	RESERVED
-CVE-2018-8979 (Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a ...)
+CVE-2018-8979
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8978 (Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an ...)
+CVE-2018-8978
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8977 (In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in ...)
+CVE-2018-8977
 	[experimental] - exiv2 <unfixed> (bug #894179)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/247
-CVE-2018-8976 (In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial ...)
+CVE-2018-8976
 	- exiv2 <unfixed> (low; bug #903813)
 	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -31002,44 +30992,44 @@ CVE-2018-8976 (In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a de
 	[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Exiv2/exiv2/issues/246
 	NOTE: https://github.com/Exiv2/exiv2/pull/256
-CVE-2018-8975 (The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through ...)
+CVE-2018-8975
 	- netpbm-free <not-affected> (Vulnerable code not present)
 	NOTE: Debian uses an unaffected fork
-CVE-2018-8974 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows ...)
+CVE-2018-8974
 	NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE
-CVE-2018-8973 (OTCMS 3.20 allows XSS by adding a keyword or link to an article, as ...)
+CVE-2018-8973
 	NOT-FOR-US: OTCMS
-CVE-2018-8972 (Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in ...)
+CVE-2018-8972
 	NOT-FOR-US: Creditwest Bank CMS Project (aka CWCMS)
-CVE-2018-8970 (The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c ...)
+CVE-2018-8970
 	- libressl <itp> (bug #754513)
-CVE-2018-8969 (An issue was discovered in zzcms 8.2. user/licence_save.php allows ...)
+CVE-2018-8969
 	NOT-FOR-US: zzcms
-CVE-2018-8968 (An issue was discovered in zzcms 8.2. user/manage.php allows remote ...)
+CVE-2018-8968
 	NOT-FOR-US: zzcms
-CVE-2018-8967 (An issue was discovered in zzcms 8.2. It allows SQL injection via the ...)
+CVE-2018-8967
 	NOT-FOR-US: zzcms
-CVE-2018-8966 (An issue was discovered in zzcms 8.2. It allows PHP code injection via ...)
+CVE-2018-8966
 	NOT-FOR-US: zzcms
-CVE-2018-8965 (An issue was discovered in zzcms 8.2. user/ppsave.php allows remote ...)
+CVE-2018-8965
 	NOT-FOR-US: zzcms
-CVE-2018-8964 (In libming 0.4.8, the decompileDELETE function of decompile.c has a ...)
+CVE-2018-8964
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8963 (In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has ...)
+CVE-2018-8963
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8962 (In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of ...)
+CVE-2018-8962
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8961 (In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a ...)
+CVE-2018-8961
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8960 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 ...)
+CVE-2018-8960
 	- imagemagick 8:6.9.9.39+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -31051,15 +31041,15 @@ CVE-2018-8959
 	RESERVED
 CVE-2018-8958
 	RESERVED
-CVE-2018-8957 (CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related ...)
+CVE-2018-8957
 	NOT-FOR-US: CoverCMS
 CVE-2018-8956
 	RESERVED
-CVE-2018-8955 (The installer for BitDefender GravityZone relies on an encoded string ...)
+CVE-2018-8955
 	NOT-FOR-US: BitDefender GravityZone
-CVE-2018-8954 (CA Workload Control Center before r11.4 SP6 allows remote attackers to ...)
+CVE-2018-8954
 	NOT-FOR-US: CA Workload Control Center
-CVE-2018-8953 (CA Workload Automation AE before r11.3.6 SP7 allows remote attackers ...)
+CVE-2018-8953
 	NOT-FOR-US: CA Workload Automation AE
 CVE-2018-8952
 	RESERVED
@@ -31067,198 +31057,198 @@ CVE-2018-8951
 	RESERVED
 CVE-2018-8950
 	RESERVED
-CVE-2018-8949 (An issue was discovered in app/Model/Attribute.php in MISP before ...)
+CVE-2018-8949
 	NOT-FOR-US: MISP
-CVE-2018-8948 (In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has ...)
+CVE-2018-8948
 	NOT-FOR-US: MISP
-CVE-2018-8947 (rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding ...)
+CVE-2018-8947
 	NOT-FOR-US: rap2hpoutre Laravel Log Viewer
-CVE-2018-1000141 (I, Librarian version 4.9 and earlier contains an Incorrect Access ...)
+CVE-2018-1000141
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/124
-CVE-2018-1000140 (rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow ...)
+CVE-2018-1000140
 	{DSA-4151-1}
 	- librelp 1.2.15-1
 	[wheezy] - librelp <not-affected> (vulnerable code not present)
 	NOTE: https://www.rsyslog.com/cve-2018-1000140/
 	NOTE: Fixed by: https://github.com/rsyslog/librelp/commit/2cfe657672636aa5d7d2a14cfcb0a6ab9d1f00cf
-CVE-2018-1000139 (I, Librarian version 4.8 and earlier contains a Cross Site Scripting ...)
+CVE-2018-1000139
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/119
-CVE-2018-1000138 (I, Librarian version 4.8 and earlier contains a SSRF vulnerability in ...)
+CVE-2018-1000138
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/120
-CVE-2018-1000137 (I, Librarian version 4.8 and earlier contains a Cross site Request ...)
+CVE-2018-1000137
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/121
-CVE-2018-8971 (The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, ...)
+CVE-2018-8971
 	{DSA-4206-1}
 	- gitlab 10.5.6+dfsg-1 (bug #893905)
 	NOTE: https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
 CVE-2018-8946
 	RESERVED
-CVE-2018-8945 (The bfd_section_from_shdr function in elf.c in the Binary File ...)
+CVE-2018-8945
 	- binutils 2.30.90.20180627-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22809
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=95a6d23566165208853a68d9cd3c6eedca840ec6
-CVE-2018-8944 (PHPOK 4.8.338 has an arbitrary file upload vulnerability. ...)
+CVE-2018-8944
 	NOT-FOR-US: PHPOK
-CVE-2018-8943 (There is a SQL injection in the PHPSHE 1.6 userbank parameter. ...)
+CVE-2018-8943
 	NOT-FOR-US: PHPSE
-CVE-2018-8942 (Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter. ...)
+CVE-2018-8942
 	NOT-FOR-US: Xiuno BBS
-CVE-2018-8941 (Diagnostics functionality on D-Link DSL-3782 devices with firmware EU ...)
+CVE-2018-8941
 	NOT-FOR-US: D-Link
 CVE-2018-8940
 	RESERVED
-CVE-2018-8939 (An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold ...)
+CVE-2018-8939
 	NOT-FOR-US: Ipswitch
-CVE-2018-8938 (A Code Injection issue was discovered in DlgSelectMibFile.asp in ...)
+CVE-2018-8938
 	NOT-FOR-US: Ipswitch
-CVE-2018-8937 (An issue was discovered in Open-AudIT Professional 2.1. It is possible ...)
+CVE-2018-8937
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8936 (The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips ...)
+CVE-2018-8936
 	NOT-FOR-US: AMD
-CVE-2018-8935 (The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, ...)
+CVE-2018-8935
 	NOT-FOR-US: AMD
-CVE-2018-8934 (The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, ...)
+CVE-2018-8934
 	NOT-FOR-US: AMD
-CVE-2018-8933 (The AMD EPYC Server processor chips have insufficient access control ...)
+CVE-2018-8933
 	NOT-FOR-US: AMD
-CVE-2018-8932 (The AMD Ryzen and Ryzen Pro processor chips have insufficient access ...)
+CVE-2018-8932
 	NOT-FOR-US: AMD
-CVE-2018-8931 (The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have ...)
+CVE-2018-8931
 	NOT-FOR-US: AMD
-CVE-2018-8930 (The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips ...)
+CVE-2018-8930
 	NOT-FOR-US: AMD
-CVE-2018-8929 (Improper restriction of communication channel to intended endpoints ...)
+CVE-2018-8929
 	NOT-FOR-US: Synology
-CVE-2018-8928 (Cross-site scripting (XSS) vulnerability in Address Book Editor in ...)
+CVE-2018-8928
 	NOT-FOR-US: Synology
-CVE-2018-8927 (Improper authorization vulnerability in SYNO.Cal.Event in Calendar ...)
+CVE-2018-8927
 	NOT-FOR-US: Synology
-CVE-2018-8926 (Permissive regular expression vulnerability in synophoto_dsm_user in ...)
+CVE-2018-8926
 	NOT-FOR-US: Synology
-CVE-2018-8925 (Cross-site request forgery (CSRF) vulnerability in admin/user.php in ...)
+CVE-2018-8925
 	NOT-FOR-US: Synology
-CVE-2018-8924 (Cross-site scripting (XSS) vulnerability in Title Tootip in Synology ...)
+CVE-2018-8924
 	NOT-FOR-US: Synology
-CVE-2018-8923 (Cross-site scripting (XSS) vulnerability in Attachment Preview in ...)
+CVE-2018-8923
 	NOT-FOR-US: Synology
-CVE-2018-8922 (Improper access control vulnerability in Synology Drive before ...)
+CVE-2018-8922
 	NOT-FOR-US: Synology Drive
-CVE-2018-8921 (Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast ...)
+CVE-2018-8921
 	NOT-FOR-US: Synology Drive
-CVE-2018-8920 (Improper neutralization of escape vulnerability in Log Exporter in ...)
+CVE-2018-8920
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-8919 (Information exposure vulnerability in SYNO.Core.Desktop.SessionData in ...)
+CVE-2018-8919
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-8918 (Cross-site scripting (XSS) vulnerability in info.cgi in Synology ...)
+CVE-2018-8918
 	NOT-FOR-US: Synology Router Manager
-CVE-2018-8917 (Cross-site scripting (XSS) vulnerability in info.cgi in Synology ...)
+CVE-2018-8917
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-8916 (Unverified password change vulnerability in Change Password in ...)
+CVE-2018-8916
 	NOT-FOR-US: Synology
-CVE-2018-8915 (Cross-site scripting (XSS) vulnerability in Notification Center in ...)
+CVE-2018-8915
 	NOT-FOR-US: Synology
-CVE-2018-8914 (SQL injection vulnerability in UPnP DMA in Synology Media Server ...)
+CVE-2018-8914
 	NOT-FOR-US: Synology Media Server
 CVE-2018-8913
 	RESERVED
-CVE-2018-8912 (Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in ...)
+CVE-2018-8912
 	NOT-FOR-US: Synology Note Station
-CVE-2018-8911 (Cross-site scripting (XSS) vulnerability in Attachment Preview in ...)
+CVE-2018-8911
 	NOT-FOR-US: Synology Note Station
-CVE-2018-8910 (Cross-site scripting (XSS) vulnerability in Attachment Preview in ...)
+CVE-2018-8910
 	NOT-FOR-US: Synology
-CVE-2018-8909 (The Wire application before 2018-03-07 for Android allows attackers to ...)
+CVE-2018-8909
 	NOT-FOR-US: Wire application for Android
-CVE-2018-8908 (An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The ...)
+CVE-2018-8908
 	NOT-FOR-US: Frog CMS
 CVE-2018-8907
 	RESERVED
-CVE-2018-8906 (dsmall v20180320 has XSS via a crafted street address to ...)
+CVE-2018-8906
 	NOT-FOR-US: dsmall
-CVE-2018-8905 (In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function ...)
+CVE-2018-8905
 	{DSA-4349-1 DLA-1411-1 DLA-1378-1 DLA-1377-1}
 	- tiff 4.0.9-6 (bug #893806)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2780
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d
-CVE-2018-8904 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+CVE-2018-8904
 	NOT-FOR-US: Windows Optimization Master
-CVE-2018-8903 (Open-AudIT Professional 2.1 allows XSS via the Name or Description ...)
+CVE-2018-8903
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8902 (An issue was discovered in Ivanti Avalanche for all versions between ...)
+CVE-2018-8902
 	NOT-FOR-US: Ivanti
-CVE-2018-8901 (An issue was discovered in Ivanti Avalanche for all versions between ...)
+CVE-2018-8901
 	NOT-FOR-US: Ivanti
-CVE-2018-8900 (The License Manager service of HASP SRM, Sentinel HASP and Sentinel ...)
+CVE-2018-8900
 	NOT-FOR-US: HASP SRM
-CVE-2018-8899 (IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 ...)
+CVE-2018-8899
 	NOT-FOR-US: IdentityServer
-CVE-2018-8898 (A flaw in the authentication mechanism in the Login Panel of router ...)
+CVE-2018-8898
 	NOT-FOR-US: D-Link
-CVE-2018-8897 (A statement in the System Programming Guide of the Intel 64 and IA-32 ...)
+CVE-2018-8897
 	{DSA-4201-1 DSA-4196-1 DLA-1577-1 DLA-1392-1 DLA-1383-1}
 	- linux 4.15.17-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9 (4.16-rc7)
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	NOTE: https://xenbits.xen.org/xsa/advisory-260.html
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/08/4
-CVE-2018-8896 (In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows ...)
+CVE-2018-8896
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8895 (In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows ...)
+CVE-2018-8895
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8894 (In 2345 Security Guard 3.6, the driver file (2345BdPcSafe.sys) allows ...)
+CVE-2018-8894
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8893 (Z-BlogPHP 1.5.1 Zero has CSRF in plugin_edit.php, resulting in the ...)
+CVE-2018-8893
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-8892 (A cross-site request forgery (CSRF) vulnerability in the Management ...)
+CVE-2018-8892
 	NOT-FOR-US: Management Console of BlackBerry UEM
-CVE-2018-8891 (Multiple stored cross-site scripting (XSS) vulnerabilities in the ...)
+CVE-2018-8891
 	NOT-FOR-US: Management Console of BlackBerry UEM
-CVE-2018-8890 (An information disclosure vulnerability in the Management Console of ...)
+CVE-2018-8890
 	NOT-FOR-US: BlackBerry
-CVE-2018-8889 (A directory traversal vulnerability in the Connect Service of the ...)
+CVE-2018-8889
 	NOT-FOR-US: BlackBerry
-CVE-2018-8888 (A stored cross-site scripting (XSS) vulnerability in the Management ...)
+CVE-2018-8888
 	NOT-FOR-US: Management Console of BlackBerry UEM
 CVE-2018-8887
 	RESERVED
 CVE-2018-8886
 	RESERVED
-CVE-2018-8885 (screenresolution-mechanism in screen-resolution-extra 0.17.2 does not ...)
+CVE-2018-8885
 	NOT-FOR-US: screen-resolution-extra
-CVE-2018-1000136 (Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to ...)
+CVE-2018-1000136
 	- electron <itp> (bug #842420)
 CVE-2018-8884
 	RESERVED
-CVE-2018-8883 (Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the ...)
+CVE-2018-8883
 	- nasm 2.14-1 (low; bug #894847)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392447
 	NOTE: https://github.com/netwide-assembler/nasm/commit/3c755dac88039b718d52ef56e8f74b5f65f3b55b
-CVE-2018-8882 (Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read ...)
+CVE-2018-8882
 	- nasm 2.14-1 (low; bug #894846)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392445
 	NOTE: https://github.com/netwide-assembler/nasm/commit/c7c28357c85fb0bf4105419195bc204aea0fef35
-CVE-2018-8881 (Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read ...)
+CVE-2018-8881
 	- nasm 2.13.02-0.1 (low)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392446
 	NOTE: http://repo.or.cz/nasm.git/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3 (nasm-2.13.02rc3)
-CVE-2018-8880 (Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check ...)
+CVE-2018-8880
 	NOT-FOR-US: Lutron Quantum BACnet Integration
 CVE-2018-8879
 	RESERVED
@@ -31266,97 +31256,97 @@ CVE-2018-8878
 	RESERVED
 CVE-2018-8877
 	RESERVED
-CVE-2018-8876 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows ...)
+CVE-2018-8876
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8875 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows ...)
+CVE-2018-8875
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8874 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows ...)
+CVE-2018-8874
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8873 (In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) ...)
+CVE-2018-8873
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8872 (In Schneider Electric Triconex Tricon MP model 3008 firmware versions ...)
+CVE-2018-8872
 	NOT-FOR-US: Schneider
-CVE-2018-8871 (In Delta Electronics Automation TPEditor version 1.89 or prior, ...)
+CVE-2018-8871
 	NOT-FOR-US: Delta Electronics Automation TPEditor
-CVE-2018-8870 (Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all ...)
+CVE-2018-8870
 	NOT-FOR-US: Medtronic
-CVE-2018-8869 (In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for ...)
+CVE-2018-8869
 	NOT-FOR-US: Lantech
-CVE-2018-8868 (Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all ...)
+CVE-2018-8868
 	NOT-FOR-US: Medtronic
-CVE-2018-8867 (In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 ...)
+CVE-2018-8867
 	NOT-FOR-US: GE PACSystems
-CVE-2018-8866 (In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an ...)
+CVE-2018-8866
 	NOT-FOR-US: Vecna VGo Robot
-CVE-2018-8865 (In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow ...)
+CVE-2018-8865
 	NOT-FOR-US: Lantech
-CVE-2018-8864 (In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, ...)
+CVE-2018-8864
 	NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
 CVE-2018-8863
 	RESERVED
-CVE-2018-8862 (In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, ...)
+CVE-2018-8862
 	NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
-CVE-2018-8861 (Vulnerabilities within the Philips Brilliance CT kiosk environment ...)
+CVE-2018-8861
 	NOT-FOR-US: Philips Brilliance
-CVE-2018-8860 (In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker may be ...)
+CVE-2018-8860
 	NOT-FOR-US: Vecna VGo Robot
-CVE-2018-8859 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior ...)
+CVE-2018-8859
 	NOT-FOR-US: Echelon
-CVE-2018-8858 (If an attacker has access to the firmware from the VGo Robot (Versions ...)
+CVE-2018-8858
 	NOT-FOR-US: VGo Robot
-CVE-2018-8857 (Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, ...)
+CVE-2018-8857
 	NOT-FOR-US: Philips Brilliance
-CVE-2018-8856 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-8856
 	NOT-FOR-US: Philips
-CVE-2018-8855 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior ...)
+CVE-2018-8855
 	NOT-FOR-US: Echelon
-CVE-2018-8854 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-8854
 	NOT-FOR-US: Philips
-CVE-2018-8853 (Philips Brilliance CT devices operate user functions from within a ...)
+CVE-2018-8853
 	NOT-FOR-US: Philips Brilliance
-CVE-2018-8852 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. ...)
+CVE-2018-8852
 	NOT-FOR-US: Philips
-CVE-2018-8851 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior ...)
+CVE-2018-8851
 	NOT-FOR-US: Echelon
-CVE-2018-8850 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-8850
 	NOT-FOR-US: Philips
-CVE-2018-8849 (Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician ...)
+CVE-2018-8849
 	NOT-FOR-US: Medtronic
-CVE-2018-8848 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-8848
 	NOT-FOR-US: Philips
-CVE-2018-8847 (Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer ...)
+CVE-2018-8847
 	NOT-FOR-US: Eaton
-CVE-2018-8846 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-8846
 	NOT-FOR-US: Philips
-CVE-2018-8845 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-8845
 	NOT-FOR-US: Advantech
-CVE-2018-8844 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-8844
 	NOT-FOR-US: Philips
-CVE-2018-8843 (Rockwell Automation Arena versions 15.10.00 and prior contains a use ...)
+CVE-2018-8843
 	NOT-FOR-US: Rockwell
-CVE-2018-8842 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
+CVE-2018-8842
 	NOT-FOR-US: Philips
-CVE-2018-8841 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-8841
 	NOT-FOR-US: Advantech
-CVE-2018-8840 (A remote attacker could send a carefully crafted packet in InduSoft ...)
+CVE-2018-8840
 	NOT-FOR-US: InduSoft
-CVE-2018-8839 (Delta PMSoft versions 2.10 and prior have multiple stack-based buffer ...)
+CVE-2018-8839
 	NOT-FOR-US: Delta PMSoft
-CVE-2018-8838 (A weakness in access controls in CENTUM CS 1000 all versions, CENTUM ...)
+CVE-2018-8838
 	NOT-FOR-US: CENTUM
-CVE-2018-8837 (Processing specially crafted .pm3 files in Advantech WebAccess HMI ...)
+CVE-2018-8837
 	NOT-FOR-US: Advantech
-CVE-2018-8836 (Wago 750 Series PLCs with firmware version 10 and prior include a ...)
+CVE-2018-8836
 	NOT-FOR-US: Wago 750 Series PLCs
-CVE-2018-8835 (Double free vulnerabilities in Advantech WebAccess HMI Designer ...)
+CVE-2018-8835
 	NOT-FOR-US: Advantech
-CVE-2018-8834 (Parsing malformed project files in Omron CX-One versions 4.42 and ...)
+CVE-2018-8834
 	NOT-FOR-US: Omron
-CVE-2018-8833 (Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI ...)
+CVE-2018-8833
 	NOT-FOR-US: Advantech
-CVE-2018-8832 (enhavo 0.4.0 has XSS via a user-group that contains executable ...)
+CVE-2018-8832
 	NOT-FOR-US: enhavo
-CVE-2018-8831 (A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through ...)
+CVE-2018-8831
 	- kodi <unfixed> (low)
 	[buster] - kodi <no-dsa> (Minor issue)
 	[stretch] - kodi <no-dsa> (Minor issue)
@@ -31370,25 +31360,25 @@ CVE-2018-8830
 	RESERVED
 CVE-2018-8829
 	RESERVED
-CVE-2018-8828 (A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x ...)
+CVE-2018-8828
 	{DSA-4148-1}
 	- kamailio 5.1.2-1
 	NOTE: https://github.com/EnableSecurity/advisories/tree/master/ES2018-05-kamailio-heap-overflow
 	NOTE: https://github.com/kamailio/kamailio/commit/e1d8008a09d9390ebaf698abe8909e10dfec4097
-CVE-2018-8827 (The admin web interface on Technicolor MediaAccess TG789vac v2 HP ...)
+CVE-2018-8827
 	NOT-FOR-US: Technicolor
-CVE-2018-8826 (ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 ...)
+CVE-2018-8826
 	NOT-FOR-US: ASUS routers
 CVE-2018-8825
 	RESERVED
-CVE-2018-8824 (modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu ...)
+CVE-2018-8824
 	NOT-FOR-US: Responsive Mega Menu Pro module for PrestaShop
-CVE-2018-8823 (modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu ...)
+CVE-2018-8823
 	NOT-FOR-US: Responsive Mega Menu Pro module for PrestaShop
-CVE-2018-8822 (Incorrect buffer length handling in the ncp_read_kernel function in ...)
+CVE-2018-8822
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
-CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Information ...)
+CVE-2018-1000135
 	[experimental] - network-manager 1.11.4-1
 	- network-manager 1.12.0-2 (bug #895658)
 	[stretch] - network-manager <no-dsa> (Minor issue)
@@ -31399,60 +31389,60 @@ CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Inf
 	NOTE: https://cgit.freedesktop.org/NetworkManager/NetworkManager/log/?h=bg/dns-bgo746422
 	NOTE: Merge: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d9782589248e61c0cb5aec90e3eb62612891116b
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634
-CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...)
+CVE-2018-8821
 	NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver
-CVE-2018-8820 (An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based ...)
+CVE-2018-8820
 	NOT-FOR-US: Square 9
-CVE-2018-8819 (An XXE issue was discovered in Automated Logic Corporation (ALC) ...)
+CVE-2018-8819
 	NOT-FOR-US: Automated Logic Corporation (ALC) WebCTRL
 CVE-2018-8818
 	RESERVED
-CVE-2018-8817 (Wampserver before 3.1.3 has CSRF in add_vhost.php. ...)
+CVE-2018-8817
 	NOT-FOR-US: Wampserver
 CVE-2018-8816
 	RESERVED
-CVE-2018-8815 (Cross-site scripting (XSS) vulnerability in the gallery function in ...)
+CVE-2018-8815
 	NOT-FOR-US: Alkacon OpenCMS
-CVE-2018-8814 (Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 ...)
+CVE-2018-8814
 	NOT-FOR-US: WolfCMS
-CVE-2018-8813 (Open redirect vulnerability in the login[redirect] parameter login ...)
+CVE-2018-8813
 	NOT-FOR-US: WolfCMS
 CVE-2018-8812
 	RESERVED
-CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2018-8811
 	NOT-FOR-US: OpenCMS
-CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...)
+CVE-2018-8810
 	- radare2 2.6.0+dfsg-1 (bug #895749)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/issues/9727
 	NOTE: https://github.com/radare/radare2/commit/06c9903be9a1ca46b74571d49027bee2168fbd69
-CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...)
+CVE-2018-8809
 	- radare2 2.6.0+dfsg-1 (low; bug #895751)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
 	NOTE: https://github.com/radare/radare2/issues/9726
 	NOTE: https://github.com/radare/radare2/commit/24282de142000d2ed2c19783b40a1351872dfc54
-CVE-2018-8808 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...)
+CVE-2018-8808
 	- radare2 2.6.0+dfsg-1 (low; bug #895752)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
 	NOTE: https://github.com/radare/radare2/issues/9725
 	NOTE: https://github.com/radare/radare2/commit/a88069940950999d5e2fd16cd7d16c7e956bf516
-CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function ...)
+CVE-2018-8807
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/129
-CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...)
+CVE-2018-8806
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/128
-CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...)
+CVE-2018-8805
 	NOT-FOR-US: Yxcms
-CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...)
+CVE-2018-8804
 	- imagemagick 8:6.9.9.39+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -31462,84 +31452,84 @@ CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025
 CVE-2018-8803
 	RESERVED
-CVE-2018-8802 (SQL injection vulnerability in the management interface in ePortal  ...)
+CVE-2018-8802
 	NOT-FOR-US: ePortal Manager in Unisys ClearPath MCP OS systems
-CVE-2018-8801 (GitLab Community and Enterprise Editions version 8.3 up to 10.x before ...)
+CVE-2018-8801
 	- gitlab 10.5.6+dfsg-1 (bug #893905)
 	NOTE: https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
-CVE-2018-8800 (rdesktop versions up to and including v1.8.3 contain a Heap-Based ...)
+CVE-2018-8800
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8799 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds ...)
+CVE-2018-8799
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8798 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds ...)
+CVE-2018-8798
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8797 (rdesktop versions up to and including v1.8.3 contain a Heap-Based ...)
+CVE-2018-8797
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8796 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds ...)
+CVE-2018-8796
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8795 (rdesktop versions up to and including v1.8.3 contain an Integer ...)
+CVE-2018-8795
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8794 (rdesktop versions up to and including v1.8.3 contain an Integer ...)
+CVE-2018-8794
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8793 (rdesktop versions up to and including v1.8.3 contain a Heap-Based ...)
+CVE-2018-8793
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8792 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds ...)
+CVE-2018-8792
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8791 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds ...)
+CVE-2018-8791
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8790 (Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF ...)
+CVE-2018-8790
 	NOT-FOR-US: Check Point ZoneAlarm
-CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds ...)
+CVE-2018-8789
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6
-CVE-2018-8788 (FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of ...)
+CVE-2018-8788
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
-CVE-2018-8787 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that ...)
+CVE-2018-8787
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a
-CVE-2018-8786 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that ...)
+CVE-2018-8786
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3
-CVE-2018-8785 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer ...)
+CVE-2018-8785
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
 	[jessie] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d
-CVE-2018-8784 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer ...)
+CVE-2018-8784
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
@@ -31549,12 +31539,12 @@ CVE-2018-8783
 	RESERVED
 CVE-2018-8782
 	RESERVED
-CVE-2018-8781 (The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux ...)
+CVE-2018-8781
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: https://patchwork.freedesktop.org/patch/211845/
 	NOTE: Fixed by: https://git.kernel.org/linus/3b82a4db8eaccce735dffd50b4d4e1578099b8e8
-CVE-2018-8780 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
+CVE-2018-8780
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31565,7 +31555,7 @@ CVE-2018-8780 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.
 	NOTE: https://hackerone.com/reports/302338
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/bd5661a3cbb38a8c3a3ea10cd76c88bbef7871b8
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/143eb22f1877815dd802f7928959c5f93d4c7bb3 (2.2.10)
-CVE-2018-8779 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
+CVE-2018-8779
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31577,7 +31567,7 @@ CVE-2018-8779 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/8794dec6a5f11adc5cdd19a5ee91ea6b0816763f
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/47165eed264d357e78e27371cfef20d5c2bde5d9 (2.2.10)
 	NOTE: ruby1.8: test examples from hackerone doesn't work. ext/socket/socket.c:init_unixsock() uses SafeStringValue(path) though.
-CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
+CVE-2018-8778
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31588,7 +31578,7 @@ CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.
 	NOTE: https://hackerone.com/reports/298246
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/d02b7bd864706fc2a40d83fb6014772ad3cc3b80
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/4cd92d7b13002161a3452a0fe278b877901a8859 (2.2.10)
-CVE-2018-8777 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x ...)
+CVE-2018-8777
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31607,13 +31597,13 @@ CVE-2018-8774
 	RESERVED
 CVE-2018-8773
 	RESERVED
-CVE-2018-8772 (Coship RT3052 4.0.0.48 devices allow XSS via a crafted SSID field on ...)
+CVE-2018-8772
 	NOT-FOR-US: Coship RT3052 4.0.0.48 devices
 CVE-2018-8771
 	RESERVED
-CVE-2018-8770 (Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via ...)
+CVE-2018-8770
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-8769 (elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name ...)
+CVE-2018-8769
 	- elfutils <not-affected> (Issue introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22976
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q1/msg00078.html
@@ -31621,20 +31611,20 @@ CVE-2018-8769 (elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=88f3d2daa107b09fdba376a82bce7ed534c93645
 	NOTE: when SYMTAB_SHNDX was introduced, but not yet handled in the
 	NOTE: ebl_dynamic_tag_name function.
-CVE-2018-8767 (joyplus-cms 1.6.0 has XSS in ...)
+CVE-2018-8767
 	NOT-FOR-US: joyplus-cms
-CVE-2018-8766 (joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary ...)
+CVE-2018-8766
 	NOT-FOR-US: joyplus-cms
-CVE-2018-8765 (In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) ...)
+CVE-2018-8765
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8764 (Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 ...)
+CVE-2018-8764
 	- ldap-account-manager 6.3-1
 	[stretch] - ldap-account-manager 5.5-1+deb9u1
 	[jessie] - ldap-account-manager <not-affected> (Issue introduced later)
 	[wheezy] - ldap-account-manager <not-affected> (Issue introduced later)
 	NOTE: https://www.ldap-account-manager.org/lamcms/node/354
 	NOTE: https://github.com/LDAPAccountManager/lam/commit/993751c7ff0faa07b7c028295152cf9c20349688
-CVE-2018-8763 (Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has ...)
+CVE-2018-8763
 	{DSA-4165-1 DLA-1342-1}
 	- ldap-account-manager 6.3-1
 	NOTE: https://github.com/LDAPAccountManager/lam/commit/f1d7aec5fc4aaf516e1d8a6f0eb3082050553302
@@ -31643,7 +31633,7 @@ CVE-2018-8763 (Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3
 	NOTE: https://www.ldap-account-manager.org/lamcms/node/354
 CVE-2018-8762
 	RESERVED
-CVE-2018-8761 (protected\apps\member\controller\shopcarController.php in Yxcms ...)
+CVE-2018-8761
 	NOT-FOR-US: Yxcms
 CVE-2018-8760
 	RESERVED
@@ -31653,16 +31643,16 @@ CVE-2018-8758
 	RESERVED
 CVE-2018-8757
 	RESERVED
-CVE-2018-8756 (Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 ...)
+CVE-2018-8756
 	NOT-FOR-US: YzmCMS
-CVE-2018-8755 (NuCom WR644GACV devices before STA006 allow an attacker to download ...)
+CVE-2018-8755
 	NOT-FOR-US: NuCom
-CVE-2018-8754 (** DISPUTED ** The libevt_record_values_read_event() function in ...)
+CVE-2018-8754
 	{DSA-4160-1}
 	- libevt 20180317-1 (bug #893431)
 	NOTE: https://github.com/libyal/libevt/commit/444ca3ce7853538c577e0ec3f6146d2d65780734
 	NOTE: Impact limited to OOB read, not write
-CVE-2018-8753 (The IKEv1 implementation in Clavister cOS Core before 11.00.11, ...)
+CVE-2018-8753
 	NOT-FOR-US: Clavister cOS Core
 CVE-2018-8752
 	RESERVED
@@ -31686,7 +31676,7 @@ CVE-2018-8743
 	RESERVED
 CVE-2018-8742
 	RESERVED
-CVE-2018-8768 (In Jupyter Notebook before 5.4.1, a maliciously forged notebook file ...)
+CVE-2018-8768
 	- jupyter-notebook 5.4.1-1 (bug #893436)
 	[stretch] - jupyter-notebook <no-dsa> (Minor issue)
 	- ipython 5.1.0-2
@@ -31702,13 +31692,13 @@ CVE-2018-8768 (In Jupyter Notebook before 5.4.1, a maliciously forged notebook f
 	NOTE: content. This issue is no-dsa because it cannot be determined if Ipython
 	NOTE: in Wheezy is still affected, a fix appears to be to intrusive though. We recommend to
 	NOTE: upgrade to a newer version instead.
-CVE-2018-8741 (A directory traversal flaw in SquirrelMail 1.4.22 allows an ...)
+CVE-2018-8741
 	{DSA-4168-1 DLA-1344-1}
 	- squirrelmail <removed> (bug #893202)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/17/2
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2846/
 	NOTE: https://sourceforge.net/p/squirrelmail/code/14751/
-CVE-2018-8740 (In SQLite through 3.22.0, databases whose schema is corrupted using a ...)
+CVE-2018-8740
 	{DLA-1633-1}
 	- sqlite3 3.22.0-2 (bug #893195)
 	[stretch] - sqlite3 <no-dsa> (Minor issue)
@@ -31716,35 +31706,35 @@ CVE-2018-8740 (In SQLite through 3.22.0, databases whose schema is corrupted usi
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349
 	NOTE: https://www.sqlite.org/cgi/src/vdiff?from=1774f1c3baf0bc3d&to=d75e67654aa9620b
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6964
-CVE-2018-8739 (VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation ...)
+CVE-2018-8739
 	NOT-FOR-US: VPN Unlimited
-CVE-2018-1000134 (UnboundID LDAP SDK version from commit ...)
+CVE-2018-1000134
 	NOT-FOR-US: UnboundID LDAP SDK
-CVE-2018-1000133 (Pitchfork version 1.4.6 RC1 contains an Improper Privilege Management ...)
+CVE-2018-1000133
 	NOT-FOR-US: Pitchfork
-CVE-2018-8738 (Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS. ...)
+CVE-2018-8738
 	NOT-FOR-US: Airties
-CVE-2018-8737 (Bookme Control Panel 2.0 Application is vulnerable to stored XSS within ...)
+CVE-2018-8737
 	NOT-FOR-US: Bookme Control Panel Application
-CVE-2018-8736 (A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x ...)
+CVE-2018-8736
 	NOT-FOR-US: Nagios XI
-CVE-2018-8735 (Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through ...)
+CVE-2018-8735
 	NOT-FOR-US: Nagios XI
-CVE-2018-8734 (SQL injection vulnerability in the core config manager in Nagios XI ...)
+CVE-2018-8734
 	NOT-FOR-US: Nagios XI
-CVE-2018-8733 (Authentication bypass vulnerability in the core config manager in ...)
+CVE-2018-8733
 	NOT-FOR-US: Nagios XI
-CVE-2018-8732 (Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows ...)
+CVE-2018-8732
 	NOT-FOR-US: WampServer
 CVE-2018-8731
 	RESERVED
 CVE-2018-8730
 	RESERVED
-CVE-2018-8729 (Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log ...)
+CVE-2018-8729
 	NOT-FOR-US: Activity Log plugin for WordPress
-CVE-2018-8728 (server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in ...)
+CVE-2018-8728
 	NOT-FOR-US: Kontena
-CVE-2018-8727 (Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and ...)
+CVE-2018-8727
 	NOT-FOR-US: Path Traversal in Gateway in Mirasys DVMS Workstation
 CVE-2018-8726
 	RESERVED
@@ -31754,31 +31744,31 @@ CVE-2018-8724
 	RESERVED
 CVE-2018-8723
 	RESERVED
-CVE-2018-8722 (Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has ...)
+CVE-2018-8722
 	NOT-FOR-US: Zoho
-CVE-2018-8721 (Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored ...)
+CVE-2018-8721
 	NOT-FOR-US: Zoho
-CVE-2018-8720 (ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name ...)
+CVE-2018-8720
 	NOT-FOR-US: ServiceNow ITSM
-CVE-2018-8719 (An issue was discovered in the WP Security Audit Log plugin 3.1.1 for ...)
+CVE-2018-8719
 	NOT-FOR-US: WP Security Audit Log plugin for WordPress
-CVE-2018-8718 (Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin ...)
+CVE-2018-8718
 	- jenkins-mailer-plugin <removed>
-CVE-2018-8717 (joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator ...)
+CVE-2018-8717
 	NOT-FOR-US: joyplus-cms
-CVE-2018-8716 (WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing ...)
+CVE-2018-8716
 	NOT-FOR-US: WSO2 Identity Server
-CVE-2018-8715 (The Embedthis HTTP library, and Appweb versions before 7.0.3, have a ...)
+CVE-2018-8715
 	NOT-FOR-US: Embedthis HTTP library / Appweb
-CVE-2018-8714 (Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users ...)
+CVE-2018-8714
 	NOT-FOR-US: Honeywell MatrikonOPC OPC Controller
 CVE-2018-8713
 	RESERVED
-CVE-2018-8712 (An issue was discovered in Webmin 1.840 and 1.880 when the default Yes ...)
+CVE-2018-8712
 	- webmin <removed>
-CVE-2018-8711 (A local file inclusion issue was discovered in the WooCommerce Products ...)
+CVE-2018-8711
 	NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
-CVE-2018-8710 (A remote code execution issue was discovered in the WooCommerce ...)
+CVE-2018-8710
 	NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
 CVE-2018-8709
 	RESERVED
@@ -31892,15 +31882,15 @@ CVE-2018-8655
 	RESERVED
 CVE-2018-8654
 	RESERVED
-CVE-2018-8653 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8653
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2018-8652 (A Cross-site Scripting (XSS) vulnerability exists when Windows Azure ...)
+CVE-2018-8652
 	NOT-FOR-US: Windows Azure Pack Rollup
-CVE-2018-8651 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+CVE-2018-8651
 	NOT-FOR-US: Microsoft Dynamics NAV
-CVE-2018-8650 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+CVE-2018-8650
 	NOT-FOR-US: Microsoft
-CVE-2018-8649 (A denial of service vulnerability exists when Windows improperly ...)
+CVE-2018-8649
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8648
 	RESERVED
@@ -31912,59 +31902,59 @@ CVE-2018-8645
 	RESERVED
 CVE-2018-8644
 	RESERVED
-CVE-2018-8643 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8643
 	NOT-FOR-US: Microsoft
 CVE-2018-8642
 	RESERVED
-CVE-2018-8641 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8641
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8640
 	RESERVED
-CVE-2018-8639 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8639
 	NOT-FOR-US:  Microsoft Windows
-CVE-2018-8638 (An information disclosure vulnerability exists when DirectX improperly ...)
+CVE-2018-8638
 	NOT-FOR-US:  Microsoft Windows
-CVE-2018-8637 (An information disclosure vulnerability exists in Windows kernel that ...)
+CVE-2018-8637
 	NOT-FOR-US:  Microsoft Windows
-CVE-2018-8636 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8636
 	NOT-FOR-US: Microsoft
-CVE-2018-8635 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8635
 	NOT-FOR-US: Microsoft
-CVE-2018-8634 (A remote code execution vulnerability exists in Windows where ...)
+CVE-2018-8634
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8633
 	RESERVED
 CVE-2018-8632
 	RESERVED
-CVE-2018-8631 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8631
 	NOT-FOR-US: Microsoft
 CVE-2018-8630
 	RESERVED
-CVE-2018-8629 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8629
 	NOT-FOR-US: Microsoft
-CVE-2018-8628 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+CVE-2018-8628
 	NOT-FOR-US: Microsoft
-CVE-2018-8627 (An information disclosure vulnerability exists when Microsoft Excel ...)
+CVE-2018-8627
 	NOT-FOR-US: Microsoft
-CVE-2018-8626 (A remote code execution vulnerability exists in Windows Domain Name ...)
+CVE-2018-8626
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8625 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8625
 	NOT-FOR-US: Microsoft
-CVE-2018-8624 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8624
 	NOT-FOR-US: Microsoft
 CVE-2018-8623
 	RESERVED
-CVE-2018-8622 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8622
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8621 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8621
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8620
 	RESERVED
-CVE-2018-8619 (A remote code execution vulnerability exists when the Internet ...)
+CVE-2018-8619
 	NOT-FOR-US: Microsoft
-CVE-2018-8618 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8618
 	NOT-FOR-US: Microsoft
-CVE-2018-8617 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8617
 	NOT-FOR-US: Microsoft
 CVE-2018-8616
 	RESERVED
@@ -31974,153 +31964,153 @@ CVE-2018-8614
 	RESERVED
 CVE-2018-8613
 	RESERVED
-CVE-2018-8612 (A Denial Of Service vulnerability exists when Connected User ...)
+CVE-2018-8612
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8611 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+CVE-2018-8611
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8610
 	RESERVED
-CVE-2018-8609 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
+CVE-2018-8609
 	NOT-FOR-US: Microsoft
-CVE-2018-8608 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+CVE-2018-8608
 	NOT-FOR-US: Microsoft
-CVE-2018-8607 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+CVE-2018-8607
 	NOT-FOR-US: Microsoft
-CVE-2018-8606 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+CVE-2018-8606
 	NOT-FOR-US: Microsoft
-CVE-2018-8605 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+CVE-2018-8605
 	NOT-FOR-US: Microsoft
-CVE-2018-8604 (A tampering vulnerability exists when Microsoft Exchange Server fails ...)
+CVE-2018-8604
 	NOT-FOR-US: Microsoft
 CVE-2018-8603
 	RESERVED
-CVE-2018-8602 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
+CVE-2018-8602
 	NOT-FOR-US: Microsoft
 CVE-2018-8601
 	RESERVED
-CVE-2018-8600 (A Cross-site Scripting (XSS) vulnerability exists when Azure App ...)
+CVE-2018-8600
 	NOT-FOR-US: Microsoft
-CVE-2018-8599 (An elevation of privilege vulnerability exists when the Diagnostics ...)
+CVE-2018-8599
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8598 (An information disclosure vulnerability exists when Microsoft Excel ...)
+CVE-2018-8598
 	NOT-FOR-US: Microsoft
-CVE-2018-8597 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8597
 	NOT-FOR-US: Microsoft
-CVE-2018-8596 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8596
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8595 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8595
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8594
 	RESERVED
 CVE-2018-8593
 	RESERVED
-CVE-2018-8592 (An elevation of privilege vulnerability exists in Windows 10 version ...)
+CVE-2018-8592
 	NOT-FOR-US: Microsoft
 CVE-2018-8591
 	RESERVED
 CVE-2018-8590
 	RESERVED
-CVE-2018-8589 (An elevation of privilege vulnerability exists when Windows improperly ...)
+CVE-2018-8589
 	NOT-FOR-US: Microsoft
-CVE-2018-8588 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8588
 	NOT-FOR-US: Microsoft
-CVE-2018-8587 (A remote code execution vulnerability exists in Microsoft Outlook ...)
+CVE-2018-8587
 	NOT-FOR-US: Microsoft
 CVE-2018-8586
 	RESERVED
 CVE-2018-8585
 	RESERVED
-CVE-2018-8584 (An elevation of privilege vulnerability exists when Windows improperly ...)
+CVE-2018-8584
 	NOT-FOR-US: Microsoft
-CVE-2018-8583 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8583
 	NOT-FOR-US: Microsoft
-CVE-2018-8582 (A remote code execution vulnerability exists in the way that Microsoft ...)
+CVE-2018-8582
 	NOT-FOR-US: Microsoft
-CVE-2018-8581 (An elevation of privilege vulnerability exists in Microsoft Exchange ...)
+CVE-2018-8581
 	NOT-FOR-US: Microsoft
-CVE-2018-8580 (An information disclosure vulnerability exists where certain modes of ...)
+CVE-2018-8580
 	NOT-FOR-US: Microsoft
-CVE-2018-8579 (An information disclosure vulnerability exists when attaching files to ...)
+CVE-2018-8579
 	NOT-FOR-US: Microsoft
-CVE-2018-8578 (An information disclosure vulnerability exists when Microsoft ...)
+CVE-2018-8578
 	NOT-FOR-US: Microsoft
-CVE-2018-8577 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8577
 	NOT-FOR-US: Microsoft
-CVE-2018-8576 (A remote code execution vulnerability exists in Microsoft Outlook ...)
+CVE-2018-8576
 	NOT-FOR-US: Microsoft
-CVE-2018-8575 (A remote code execution vulnerability exists in Microsoft Project ...)
+CVE-2018-8575
 	NOT-FOR-US: Microsoft
-CVE-2018-8574 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8574
 	NOT-FOR-US: Microsoft
-CVE-2018-8573 (A remote code execution vulnerability exists in Microsoft Word ...)
+CVE-2018-8573
 	NOT-FOR-US: Microsoft
-CVE-2018-8572 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8572
 	NOT-FOR-US: Microsoft
 CVE-2018-8571
 	RESERVED
-CVE-2018-8570 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8570
 	NOT-FOR-US: Microsoft
-CVE-2018-8569 (A remote code execution vulnerability exists in the Yammer desktop ...)
+CVE-2018-8569
 	NOT-FOR-US: Yammer
-CVE-2018-8568 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8568
 	NOT-FOR-US: Microsoft
-CVE-2018-8567 (An elevation of privilege vulnerability exists when Microsoft Edge ...)
+CVE-2018-8567
 	NOT-FOR-US: Microsoft
-CVE-2018-8566 (A security feature bypass vulnerability exists when Windows improperly ...)
+CVE-2018-8566
 	NOT-FOR-US: Microsoft
-CVE-2018-8565 (An information disclosure vulnerability exists when the win32k ...)
+CVE-2018-8565
 	NOT-FOR-US: Microsoft
-CVE-2018-8564 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
+CVE-2018-8564
 	NOT-FOR-US: Microsoft
-CVE-2018-8563 (An information disclosure vulnerability exists when DirectX improperly ...)
+CVE-2018-8563
 	NOT-FOR-US: Microsoft
-CVE-2018-8562 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8562
 	NOT-FOR-US: Microsoft
-CVE-2018-8561 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+CVE-2018-8561
 	NOT-FOR-US: Microsoft
 CVE-2018-8560
 	RESERVED
 CVE-2018-8559
 	RESERVED
-CVE-2018-8558 (An information disclosure vulnerability exists when Microsoft Outlook ...)
+CVE-2018-8558
 	NOT-FOR-US: Microsoft
-CVE-2018-8557 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8557
 	NOT-FOR-US: Microsoft
-CVE-2018-8556 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8556
 	NOT-FOR-US: Microsoft
-CVE-2018-8555 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8555
 	NOT-FOR-US: Microsoft
-CVE-2018-8554 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+CVE-2018-8554
 	NOT-FOR-US: Microsoft
-CVE-2018-8553 (A remote code execution vulnerability exists in the way that Microsoft ...)
+CVE-2018-8553
 	NOT-FOR-US: Microsoft
-CVE-2018-8552 (An information disclosure vulnerability exists when VBScript ...)
+CVE-2018-8552
 	NOT-FOR-US: Microsoft
-CVE-2018-8551 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8551
 	NOT-FOR-US: Microsoft
-CVE-2018-8550 (An elevation of privilege exists in Windows COM Aggregate Marshaler, ...)
+CVE-2018-8550
 	NOT-FOR-US: Microsoft
-CVE-2018-8549 (A security feature bypass exists when Windows incorrectly validates ...)
+CVE-2018-8549
 	NOT-FOR-US: Microsoft
 CVE-2018-8548
 	RESERVED
-CVE-2018-8547 (A cross-site-scripting (XSS) vulnerability exists when an open source ...)
+CVE-2018-8547
 	NOT-FOR-US: Microsoft
-CVE-2018-8546 (A denial of service vulnerability exists in Skype for Business, aka ...)
+CVE-2018-8546
 	NOT-FOR-US: Microsoft
-CVE-2018-8545 (An information disclosure vulnerability exists in the way that ...)
+CVE-2018-8545
 	NOT-FOR-US: Microsoft
-CVE-2018-8544 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8544
 	NOT-FOR-US: Microsoft
-CVE-2018-8543 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8543
 	NOT-FOR-US: Microsoft
-CVE-2018-8542 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8542
 	NOT-FOR-US: Microsoft
-CVE-2018-8541 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8541
 	NOT-FOR-US: Microsoft
-CVE-2018-8540 (A remote code execution vulnerability exists when the Microsoft .NET ...)
+CVE-2018-8540
 	NOT-FOR-US: Microsoft .NET
-CVE-2018-8539 (A remote code execution vulnerability exists in Microsoft Word ...)
+CVE-2018-8539
 	NOT-FOR-US: Microsoft
 CVE-2018-8538
 	RESERVED
@@ -32132,29 +32122,29 @@ CVE-2018-8535
 	RESERVED
 CVE-2018-8534
 	RESERVED
-CVE-2018-8533 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
+CVE-2018-8533
 	NOT-FOR-US: Microsoft
-CVE-2018-8532 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
+CVE-2018-8532
 	NOT-FOR-US: Microsoft
-CVE-2018-8531 (A remote code execution vulnerability exists in the way that Azure IoT ...)
+CVE-2018-8531
 	NOT-FOR-US: Microsoft
-CVE-2018-8530 (A security feature bypass vulnerability exists when Microsoft Edge ...)
+CVE-2018-8530
 	NOT-FOR-US: Microsoft
-CVE-2018-8529 (A remote code execution vulnerability exists when Team Foundation ...)
+CVE-2018-8529
 	NOT-FOR-US: Microsoft
 CVE-2018-8528
 	RESERVED
-CVE-2018-8527 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
+CVE-2018-8527
 	NOT-FOR-US: Microsoft
 CVE-2018-8526
 	RESERVED
 CVE-2018-8525
 	RESERVED
-CVE-2018-8524 (A remote code execution vulnerability exists in Microsoft Outlook ...)
+CVE-2018-8524
 	NOT-FOR-US: Microsoft
 CVE-2018-8523
 	RESERVED
-CVE-2018-8522 (A remote code execution vulnerability exists in Microsoft Outlook ...)
+CVE-2018-8522
 	NOT-FOR-US: Microsoft
 CVE-2018-8521
 	RESERVED
@@ -32162,311 +32152,311 @@ CVE-2018-8520
 	RESERVED
 CVE-2018-8519
 	RESERVED
-CVE-2018-8518 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8518
 	NOT-FOR-US: Microsoft
-CVE-2018-8517 (A denial of service vulnerability exists when .NET Framework ...)
+CVE-2018-8517
 	NOT-FOR-US: Microsoft .NET
 CVE-2018-8516
 	RESERVED
 CVE-2018-8515
 	RESERVED
-CVE-2018-8514 (An information disclosure vulnerability exists when Remote Procedure ...)
+CVE-2018-8514
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8513 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8513
 	NOT-FOR-US: Microsoft
-CVE-2018-8512 (A security feature bypass vulnerability exists in Microsoft Edge when ...)
+CVE-2018-8512
 	NOT-FOR-US: Microsoft
-CVE-2018-8511 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8511
 	NOT-FOR-US: Microsoft
-CVE-2018-8510 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8510
 	NOT-FOR-US: Microsoft
-CVE-2018-8509 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8509
 	NOT-FOR-US: Microsoft
 CVE-2018-8508
 	RESERVED
 CVE-2018-8507
 	RESERVED
-CVE-2018-8506 (An Information Disclosure vulnerability exists in the way that ...)
+CVE-2018-8506
 	NOT-FOR-US: Microsoft
-CVE-2018-8505 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8505
 	NOT-FOR-US: Microsoft
-CVE-2018-8504 (A remote code execution vulnerability exists in Microsoft Word ...)
+CVE-2018-8504
 	NOT-FOR-US: Microsoft
-CVE-2018-8503 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8503
 	NOT-FOR-US: Microsoft
-CVE-2018-8502 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8502
 	NOT-FOR-US: Microsoft
-CVE-2018-8501 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+CVE-2018-8501
 	NOT-FOR-US: Microsoft
-CVE-2018-8500 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8500
 	NOT-FOR-US: Microsoft
 CVE-2018-8499
 	RESERVED
-CVE-2018-8498 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8498
 	NOT-FOR-US: Microsoft
-CVE-2018-8497 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-8497
 	NOT-FOR-US: Microsoft
 CVE-2018-8496
 	RESERVED
-CVE-2018-8495 (A remote code execution vulnerability exists when Windows Shell ...)
+CVE-2018-8495
 	NOT-FOR-US: Microsoft
-CVE-2018-8494 (A remote code execution vulnerability exists when the Microsoft XML ...)
+CVE-2018-8494
 	NOT-FOR-US: Microsoft
-CVE-2018-8493 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
+CVE-2018-8493
 	NOT-FOR-US: Microsoft
-CVE-2018-8492 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8492
 	NOT-FOR-US: Microsoft
-CVE-2018-8491 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8491
 	NOT-FOR-US: Microsoft
-CVE-2018-8490 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2018-8490
 	NOT-FOR-US: Microsoft
-CVE-2018-8489 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2018-8489
 	NOT-FOR-US: Microsoft
-CVE-2018-8488 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8488
 	NOT-FOR-US: Microsoft
 CVE-2018-8487
 	RESERVED
-CVE-2018-8486 (An information disclosure vulnerability exists when DirectX improperly ...)
+CVE-2018-8486
 	NOT-FOR-US: Microsoft
-CVE-2018-8485 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+CVE-2018-8485
 	NOT-FOR-US: Microsoft
-CVE-2018-8484 (An elevation of privilege vulnerability exists when the DirectX ...)
+CVE-2018-8484
 	NOT-FOR-US: Microsoft
 CVE-2018-8483
 	RESERVED
-CVE-2018-8482 (An information disclosure vulnerability exists when Windows Media ...)
+CVE-2018-8482
 	NOT-FOR-US: Microsoft
-CVE-2018-8481 (An information disclosure vulnerability exists when Windows Media ...)
+CVE-2018-8481
 	NOT-FOR-US: Microsoft
-CVE-2018-8480 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8480
 	NOT-FOR-US: Microsoft
-CVE-2018-8479 (A spoofing vulnerability exists for the Azure IoT Device Provisioning ...)
+CVE-2018-8479
 	NOT-FOR-US: Azure
 CVE-2018-8478
 	RESERVED
-CVE-2018-8477 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8477
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8476 (A remote code execution vulnerability exists in the way that Windows ...)
+CVE-2018-8476
 	NOT-FOR-US: Microsoft
-CVE-2018-8475 (A remote code execution vulnerability exists when Windows does not ...)
+CVE-2018-8475
 	NOT-FOR-US: Microsoft
-CVE-2018-8474 (A security feature bypass vulnerability exists when Lync for Mac 2011 ...)
+CVE-2018-8474
 	NOT-FOR-US: Microsoft
-CVE-2018-8473 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8473
 	NOT-FOR-US: Microsoft
-CVE-2018-8472 (An information disclosure vulnerability exists in the way that the ...)
+CVE-2018-8472
 	NOT-FOR-US: Microsoft
-CVE-2018-8471 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-8471
 	NOT-FOR-US: Microsoft
-CVE-2018-8470 (A security feature bypass vulnerability exists in Internet Explorer ...)
+CVE-2018-8470
 	NOT-FOR-US: Microsoft
-CVE-2018-8469 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
+CVE-2018-8469
 	NOT-FOR-US: Microsoft
-CVE-2018-8468 (An elevation of privilege vulnerability exists when Windows, allowing ...)
+CVE-2018-8468
 	NOT-FOR-US: Microsoft
-CVE-2018-8467 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8467
 	NOT-FOR-US: Microsoft
-CVE-2018-8466 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8466
 	NOT-FOR-US: Microsoft
-CVE-2018-8465 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8465
 	NOT-FOR-US: Microsoft
-CVE-2018-8464 (An remote code execution vulnerability exists when Microsoft Edge PDF ...)
+CVE-2018-8464
 	NOT-FOR-US: Microsoft
-CVE-2018-8463 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
+CVE-2018-8463
 	NOT-FOR-US: Microsoft
-CVE-2018-8462 (An elevation of privilege vulnerability exists when the DirectX ...)
+CVE-2018-8462
 	NOT-FOR-US: Microsoft
-CVE-2018-8461 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8461
 	NOT-FOR-US: Microsoft
-CVE-2018-8460 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8460
 	NOT-FOR-US: Microsoft
-CVE-2018-8459 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8459
 	NOT-FOR-US: Microsoft
 CVE-2018-8458
 	RESERVED
-CVE-2018-8457 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-8457
 	NOT-FOR-US: Microsoft
-CVE-2018-8456 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8456
 	NOT-FOR-US: Microsoft
-CVE-2018-8455 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-8455
 	NOT-FOR-US: Microsoft
-CVE-2018-8454 (An information disclosure vulnerability exists when Windows Audio ...)
+CVE-2018-8454
 	NOT-FOR-US: Microsoft
-CVE-2018-8453 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8453
 	NOT-FOR-US: Microsoft
-CVE-2018-8452 (An information disclosure vulnerability exists when the scripting ...)
+CVE-2018-8452
 	NOT-FOR-US: Microsoft
 CVE-2018-8451
 	RESERVED
-CVE-2018-8450 (A remote code execution vulnerability exists when Windows Search ...)
+CVE-2018-8450
 	NOT-FOR-US: Microsoft
-CVE-2018-8449 (A security feature bypass exists when Device Guard incorrectly ...)
+CVE-2018-8449
 	NOT-FOR-US: Microsoft
-CVE-2018-8448 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
+CVE-2018-8448
 	NOT-FOR-US: Microsoft
-CVE-2018-8447 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8447
 	NOT-FOR-US: Microsoft
-CVE-2018-8446 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8446
 	NOT-FOR-US: Microsoft
-CVE-2018-8445 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8445
 	NOT-FOR-US: Microsoft
-CVE-2018-8444 (An information disclosure vulnerability exists in the way that the ...)
+CVE-2018-8444
 	NOT-FOR-US: Microsoft
-CVE-2018-8443 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8443
 	NOT-FOR-US: Microsoft
-CVE-2018-8442 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8442
 	NOT-FOR-US: Microsoft
-CVE-2018-8441 (An elevation of privilege vulnerability exists due to an integer ...)
+CVE-2018-8441
 	NOT-FOR-US: Microsoft
-CVE-2018-8440 (An elevation of privilege vulnerability exists when Windows improperly ...)
+CVE-2018-8440
 	NOT-FOR-US: Microsoft
-CVE-2018-8439 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2018-8439
 	NOT-FOR-US: Microsoft
-CVE-2018-8438 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2018-8438
 	NOT-FOR-US: Microsoft
-CVE-2018-8437 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2018-8437
 	NOT-FOR-US: Microsoft
-CVE-2018-8436 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2018-8436
 	NOT-FOR-US: Microsoft
-CVE-2018-8435 (A security feature bypass vulnerability exists when Windows Hyper-V ...)
+CVE-2018-8435
 	NOT-FOR-US: Microsoft
-CVE-2018-8434 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
+CVE-2018-8434
 	NOT-FOR-US: Microsoft
-CVE-2018-8433 (An information disclosure vulnerability exists when the Windows ...)
+CVE-2018-8433
 	NOT-FOR-US: Microsoft
-CVE-2018-8432 (A remote code execution vulnerability exists in the way that Microsoft ...)
+CVE-2018-8432
 	NOT-FOR-US: Microsoft
-CVE-2018-8431 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8431
 	NOT-FOR-US: Microsoft
-CVE-2018-8430 (A remote code execution vulnerability exists in Microsoft Word if a ...)
+CVE-2018-8430
 	NOT-FOR-US: Microsoft
-CVE-2018-8429 (An information disclosure vulnerability exists when Microsoft Excel ...)
+CVE-2018-8429
 	NOT-FOR-US: Microsoft
-CVE-2018-8428 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8428
 	NOT-FOR-US: Microsoft
-CVE-2018-8427 (An information disclosure vulnerability exists in the way that ...)
+CVE-2018-8427
 	NOT-FOR-US: Microsoft
-CVE-2018-8426 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+CVE-2018-8426
 	NOT-FOR-US: Microsoft
-CVE-2018-8425 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
+CVE-2018-8425
 	NOT-FOR-US: Microsoft
-CVE-2018-8424 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8424
 	NOT-FOR-US: Microsoft
-CVE-2018-8423 (A remote code execution vulnerability exists in the Microsoft JET ...)
+CVE-2018-8423
 	NOT-FOR-US: Microsoft
-CVE-2018-8422 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8422
 	NOT-FOR-US: Microsoft
-CVE-2018-8421 (A remote code execution vulnerability exists when Microsoft .NET ...)
+CVE-2018-8421
 	NOT-FOR-US: Microsoft
-CVE-2018-8420 (A remote code execution vulnerability exists when the Microsoft XML ...)
+CVE-2018-8420
 	NOT-FOR-US: Microsoft
-CVE-2018-8419 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8419
 	NOT-FOR-US: Microsoft
 CVE-2018-8418
 	RESERVED
-CVE-2018-8417 (A security feature bypass vulnerability exists in Microsoft JScript ...)
+CVE-2018-8417
 	NOT-FOR-US: Microsoft
-CVE-2018-8416 (A tampering vulnerability exists when .NET Core improperly handles ...)
+CVE-2018-8416
 	NOT-FOR-US: .dotnet CoreFX
-CVE-2018-8415 (A tampering vulnerability exists in PowerShell that could allow an ...)
+CVE-2018-8415
 	NOT-FOR-US: Microsoft
-CVE-2018-8414 (A remote code execution vulnerability exists when the Windows Shell ...)
+CVE-2018-8414
 	NOT-FOR-US: Microsoft
-CVE-2018-8413 (A remote code execution vulnerability exists when &quot;Windows Theme API&quot; ...)
+CVE-2018-8413
 	NOT-FOR-US: Microsoft
-CVE-2018-8412 (An elevation of privilege vulnerability exists when the Microsoft ...)
+CVE-2018-8412
 	NOT-FOR-US: Microsoft
-CVE-2018-8411 (An elevation of privilege vulnerability exists when NTFS improperly ...)
+CVE-2018-8411
 	NOT-FOR-US: Microsoft
-CVE-2018-8410 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
+CVE-2018-8410
 	NOT-FOR-US: Microsoft
-CVE-2018-8409 (A denial of service vulnerability exists when System.IO.Pipelines ...)
+CVE-2018-8409
 	NOT-FOR-US: Microsoft
-CVE-2018-8408 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8408
 	NOT-FOR-US: Microsoft
-CVE-2018-8407 (An information disclosure vulnerability exists when &quot;Kernel Remote ...)
+CVE-2018-8407
 	NOT-FOR-US: Microsoft
-CVE-2018-8406 (An elevation of privilege vulnerability exists when the DirectX ...)
+CVE-2018-8406
 	NOT-FOR-US: Microsoft
-CVE-2018-8405 (An elevation of privilege vulnerability exists when the DirectX ...)
+CVE-2018-8405
 	NOT-FOR-US: Microsoft
-CVE-2018-8404 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8404
 	NOT-FOR-US: Microsoft
-CVE-2018-8403 (A remote code execution vulnerability exists in the way that Microsoft ...)
+CVE-2018-8403
 	NOT-FOR-US: Microsoft
 CVE-2018-8402
 	RESERVED
-CVE-2018-8401 (An elevation of privilege vulnerability exists when the DirectX ...)
+CVE-2018-8401
 	NOT-FOR-US: Microsoft
-CVE-2018-8400 (An elevation of privilege vulnerability exists when the DirectX ...)
+CVE-2018-8400
 	NOT-FOR-US: Microsoft
-CVE-2018-8399 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8399
 	NOT-FOR-US: Microsoft
-CVE-2018-8398 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8398
 	NOT-FOR-US: Microsoft
-CVE-2018-8397 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8397
 	NOT-FOR-US: Microsoft
-CVE-2018-8396 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8396
 	NOT-FOR-US: Microsoft
 CVE-2018-8395
 	RESERVED
-CVE-2018-8394 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8394
 	NOT-FOR-US: Microsoft
-CVE-2018-8393 (A buffer overflow vulnerability exists in the Microsoft JET Database ...)
+CVE-2018-8393
 	NOT-FOR-US: Microsoft
-CVE-2018-8392 (A buffer overflow vulnerability exists in the Microsoft JET Database ...)
+CVE-2018-8392
 	NOT-FOR-US: Microsoft
-CVE-2018-8391 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8391
 	NOT-FOR-US: Microsoft
-CVE-2018-8390 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8390
 	NOT-FOR-US: Microsoft
-CVE-2018-8389 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8389
 	NOT-FOR-US: Microsoft
-CVE-2018-8388 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
+CVE-2018-8388
 	NOT-FOR-US: Microsoft
-CVE-2018-8387 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8387
 	NOT-FOR-US: Microsoft
 CVE-2018-8386
 	RESERVED
-CVE-2018-8385 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-8385
 	NOT-FOR-US: Microsoft
-CVE-2018-8384 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8384
 	NOT-FOR-US: Microsoft
-CVE-2018-8383 (A spoofing vulnerability exists when Microsoft Edge does not properly ...)
+CVE-2018-8383
 	NOT-FOR-US: Microsoft
-CVE-2018-8382 (An information disclosure vulnerability exists when Microsoft Excel ...)
+CVE-2018-8382
 	NOT-FOR-US: Microsoft
-CVE-2018-8381 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8381
 	NOT-FOR-US: Microsoft
-CVE-2018-8380 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8380
 	NOT-FOR-US: Microsoft
-CVE-2018-8379 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8379
 	NOT-FOR-US: Microsoft
-CVE-2018-8378 (An information disclosure vulnerability exists when Microsoft Office ...)
+CVE-2018-8378
 	NOT-FOR-US: Microsoft
-CVE-2018-8377 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8377
 	NOT-FOR-US: Microsoft
-CVE-2018-8376 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+CVE-2018-8376
 	NOT-FOR-US: Microsoft
-CVE-2018-8375 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8375
 	NOT-FOR-US: Microsoft
-CVE-2018-8374 (A tampering vulnerability exists when Microsoft Exchange Server fails ...)
+CVE-2018-8374
 	NOT-FOR-US: Microsoft
-CVE-2018-8373 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8373
 	NOT-FOR-US: Microsoft
-CVE-2018-8372 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-8372
 	NOT-FOR-US: Microsoft
-CVE-2018-8371 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8371
 	NOT-FOR-US: Microsoft
-CVE-2018-8370 (A information disclosure vulnerability exists when WebAudio Library ...)
+CVE-2018-8370
 	NOT-FOR-US: Microsoft
 CVE-2018-8369
 	RESERVED
 CVE-2018-8368
 	RESERVED
-CVE-2018-8367 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8367
 	NOT-FOR-US: Microsoft
-CVE-2018-8366 (An information disclosure vulnerability exists when the Microsoft Edge ...)
+CVE-2018-8366
 	NOT-FOR-US: Microsoft
 CVE-2018-8365
 	RESERVED
@@ -32478,208 +32468,208 @@ CVE-2018-8362
 	RESERVED
 CVE-2018-8361
 	RESERVED
-CVE-2018-8360 (An information disclosure vulnerability exists in Microsoft .NET ...)
+CVE-2018-8360
 	NOT-FOR-US: Microsoft
-CVE-2018-8359 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8359
 	NOT-FOR-US: Microsoft
-CVE-2018-8358 (A security feature bypass vulnerability exists when Microsoft Edge ...)
+CVE-2018-8358
 	NOT-FOR-US: Microsoft
-CVE-2018-8357 (An elevation of privilege vulnerability exists in Microsoft browsers ...)
+CVE-2018-8357
 	NOT-FOR-US: Microsoft
-CVE-2018-8356 (A security feature bypass vulnerability exists when Microsoft .NET ...)
+CVE-2018-8356
 	NOT-FOR-US: Microsoft .NET, doesn't affect src:mono
-CVE-2018-8355 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-8355
 	NOT-FOR-US: Microsoft
-CVE-2018-8354 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8354
 	NOT-FOR-US: Microsoft
-CVE-2018-8353 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8353
 	NOT-FOR-US: Microsoft
 CVE-2018-8352
 	RESERVED
-CVE-2018-8351 (An information disclosure vulnerability exists when affected Microsoft ...)
+CVE-2018-8351
 	NOT-FOR-US: Microsoft
-CVE-2018-8350 (A remote code execution vulnerability exists when Microsoft Windows ...)
+CVE-2018-8350
 	NOT-FOR-US: Microsoft
-CVE-2018-8349 (A remote code execution vulnerability exists in &quot;Microsoft COM for ...)
+CVE-2018-8349
 	NOT-FOR-US: Microsoft
-CVE-2018-8348 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8348
 	NOT-FOR-US: Microsoft
-CVE-2018-8347 (An elevation of privilege vulnerability exists in Microsoft Windows ...)
+CVE-2018-8347
 	NOT-FOR-US: Microsoft
-CVE-2018-8346 (A remote code execution vulnerability exists in Microsoft Windows that ...)
+CVE-2018-8346
 	NOT-FOR-US: Microsoft
-CVE-2018-8345 (A remote code execution vulnerability exists in Microsoft Windows that ...)
+CVE-2018-8345
 	NOT-FOR-US: Microsoft
-CVE-2018-8344 (A remote code execution vulnerability exists when the Windows font ...)
+CVE-2018-8344
 	NOT-FOR-US: Microsoft
-CVE-2018-8343 (An elevation of privilege vulnerability exists in the Network Driver ...)
+CVE-2018-8343
 	NOT-FOR-US: Microsoft
-CVE-2018-8342 (An elevation of privilege vulnerability exists in the Network Driver ...)
+CVE-2018-8342
 	NOT-FOR-US: Microsoft
-CVE-2018-8341 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8341
 	NOT-FOR-US: Microsoft
-CVE-2018-8340 (A security feature bypass vulnerability exists when Active Directory ...)
+CVE-2018-8340
 	NOT-FOR-US: Microsoft
-CVE-2018-8339 (An elevation of privilege vulnerability exists in the Windows ...)
+CVE-2018-8339
 	NOT-FOR-US: Microsoft
 CVE-2018-8338
 	RESERVED
-CVE-2018-8337 (A security feature bypass vulnerability exists when Windows Subsystem ...)
+CVE-2018-8337
 	NOT-FOR-US: Microsoft
-CVE-2018-8336 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8336
 	NOT-FOR-US: Microsoft
-CVE-2018-8335 (A denial of service vulnerability exists in the Microsoft Server Block ...)
+CVE-2018-8335
 	NOT-FOR-US: Microsoft
 CVE-2018-8334
 	RESERVED
-CVE-2018-8333 (An Elevation of Privilege vulnerability exists in Filter Manager when ...)
+CVE-2018-8333
 	NOT-FOR-US: Microsoft
-CVE-2018-8332 (A remote code execution vulnerability exists when the Windows font ...)
+CVE-2018-8332
 	NOT-FOR-US: Microsoft
-CVE-2018-8331 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8331
 	NOT-FOR-US: Microsoft
-CVE-2018-8330 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8330
 	NOT-FOR-US: Microsoft
-CVE-2018-8329 (An Elevation of Privilege vulnerability exists in Windows Subsystem ...)
+CVE-2018-8329
 	NOT-FOR-US: Microsoft
 CVE-2018-8328
 	RESERVED
-CVE-2018-8327 (A remote code execution vulnerability exists in PowerShell Editor ...)
+CVE-2018-8327
 	NOT-FOR-US: Microsoft
-CVE-2018-8326 (A cross-site-scripting (XSS) vulnerability exists when an open source ...)
+CVE-2018-8326
 	NOT-FOR-US: Microsoft
-CVE-2018-8325 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-8325
 	NOT-FOR-US: Microsoft
-CVE-2018-8324 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-8324
 	NOT-FOR-US: Microsoft
-CVE-2018-8323 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8323
 	NOT-FOR-US: Microsoft
 CVE-2018-8322
 	RESERVED
 CVE-2018-8321
 	RESERVED
-CVE-2018-8320 (A security feature bypass vulnerability exists in DNS Global Blocklist ...)
+CVE-2018-8320
 	NOT-FOR-US: Microsoft
-CVE-2018-8319 (A Security Feature Bypass vulnerability exists in MSR JavaScript ...)
+CVE-2018-8319
 	NOT-FOR-US: Microsoft
 CVE-2018-8318
 	RESERVED
 CVE-2018-8317
 	RESERVED
-CVE-2018-8316 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8316
 	NOT-FOR-US: Microsoft
-CVE-2018-8315 (An information disclosure vulnerability exists when the browser ...)
+CVE-2018-8315
 	NOT-FOR-US: Microsoft
-CVE-2018-8314 (An elevation of privilege vulnerability exists when Windows fails a ...)
+CVE-2018-8314
 	NOT-FOR-US: Microsoft
-CVE-2018-8313 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-8313
 	NOT-FOR-US: Microsoft
-CVE-2018-8312 (A remote code execution vulnerability exists when Microsoft Access ...)
+CVE-2018-8312
 	NOT-FOR-US: Microsoft
-CVE-2018-8311 (A remote code execution vulnerability exists when Skype for Business ...)
+CVE-2018-8311
 	NOT-FOR-US: Microsoft
-CVE-2018-8310 (A tampering vulnerability exists when Microsoft Outlook does not ...)
+CVE-2018-8310
 	NOT-FOR-US: Microsoft
-CVE-2018-8309 (A denial of service vulnerability exists when Windows improperly ...)
+CVE-2018-8309
 	NOT-FOR-US: Microsoft
-CVE-2018-8308 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+CVE-2018-8308
 	NOT-FOR-US: Microsoft
-CVE-2018-8307 (A security feature bypass vulnerability exists when Microsoft WordPad ...)
+CVE-2018-8307
 	NOT-FOR-US: Microsoft
-CVE-2018-8306 (A command injection vulnerability exists in the Microsoft Wireless ...)
+CVE-2018-8306
 	NOT-FOR-US: Microsoft
-CVE-2018-8305 (An information disclosure vulnerability exists in Windows Mail Client ...)
+CVE-2018-8305
 	NOT-FOR-US: Microsoft
-CVE-2018-8304 (A denial of service vulnerability exists in Windows Domain Name System ...)
+CVE-2018-8304
 	NOT-FOR-US: Microsoft
 CVE-2018-8303
 	RESERVED
-CVE-2018-8302 (A remote code execution vulnerability exists in Microsoft Exchange ...)
+CVE-2018-8302
 	NOT-FOR-US: Microsoft
-CVE-2018-8301 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8301
 	NOT-FOR-US: Microsoft
-CVE-2018-8300 (A remote code execution vulnerability exists in Microsoft SharePoint ...)
+CVE-2018-8300
 	NOT-FOR-US: Microsoft
-CVE-2018-8299 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8299
 	NOT-FOR-US: Microsoft
-CVE-2018-8298 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8298
 	NOT-FOR-US: Microsoft
-CVE-2018-8297 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-8297
 	NOT-FOR-US: Microsoft
-CVE-2018-8296 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8296
 	NOT-FOR-US: Microsoft
 CVE-2018-8295
 	RESERVED
-CVE-2018-8294 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8294
 	NOT-FOR-US: Microsoft
 CVE-2018-8293
 	RESERVED
-CVE-2018-8292 (An information disclosure vulnerability exists in .NET Core when ...)
+CVE-2018-8292
 	NOT-FOR-US: .dotnet CoreFX
 	NOTE: https://github.com/dotnet/corefx/commit/56aae8a7076f283e334b88f642ef6bb7c59e02c3
-CVE-2018-8291 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-8291
 	NOT-FOR-US: Microsoft
-CVE-2018-8290 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8290
 	NOT-FOR-US: Microsoft
-CVE-2018-8289 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-8289
 	NOT-FOR-US: Microsoft
-CVE-2018-8288 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-8288
 	NOT-FOR-US: Microsoft
-CVE-2018-8287 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-8287
 	NOT-FOR-US: Microsoft
-CVE-2018-8286 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8286
 	NOT-FOR-US: Microsoft
 CVE-2018-8285
 	RESERVED
-CVE-2018-8284 (A remote code execution vulnerability exists when the Microsoft .NET ...)
+CVE-2018-8284
 	NOT-FOR-US: Microsoft
-CVE-2018-8283 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8283
 	NOT-FOR-US: Microsoft
-CVE-2018-8282 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8282
 	NOT-FOR-US: Microsoft
-CVE-2018-8281 (A remote code execution vulnerability exists in Microsoft Office ...)
+CVE-2018-8281
 	NOT-FOR-US: Microsoft
-CVE-2018-8280 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8280
 	NOT-FOR-US: Microsoft
-CVE-2018-8279 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8279
 	NOT-FOR-US: Microsoft
-CVE-2018-8278 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
+CVE-2018-8278
 	NOT-FOR-US: Microsoft
 CVE-2018-8277
 	RESERVED
-CVE-2018-8276 (A security feature bypass vulnerability exists in the Microsoft Chakra ...)
+CVE-2018-8276
 	NOT-FOR-US: Microsoft
-CVE-2018-8275 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8275
 	NOT-FOR-US: Microsoft
-CVE-2018-8274 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8274
 	NOT-FOR-US: Microsoft
-CVE-2018-8273 (A buffer overflow vulnerability exists in the Microsoft SQL Server ...)
+CVE-2018-8273
 	NOT-FOR-US: Microsoft
 CVE-2018-8272
 	RESERVED
-CVE-2018-8271 (An information disclosure vulnerability exists in Windows when the ...)
+CVE-2018-8271
 	NOT-FOR-US: Microsoft
 CVE-2018-8270
 	RESERVED
-CVE-2018-8269 (A denial of service vulnerability exists when OData Library improperly ...)
+CVE-2018-8269
 	NOT-FOR-US: Microsoft
 CVE-2018-8268
 	RESERVED
-CVE-2018-8267 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8267
 	NOT-FOR-US: Microsoft
-CVE-2018-8266 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8266
 	NOT-FOR-US: Microsoft
-CVE-2018-8265 (A remote code execution vulnerability exists in the way Microsoft ...)
+CVE-2018-8265
 	NOT-FOR-US: Microsoft
 CVE-2018-8264
 	RESERVED
 CVE-2018-8263
 	RESERVED
-CVE-2018-8262 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8262
 	NOT-FOR-US: Microsoft
 CVE-2018-8261
 	REJECTED
-CVE-2018-8260 (A Remote Code Execution vulnerability exists in .NET software when the ...)
+CVE-2018-8260
 	NOT-FOR-US: Microsoft
 CVE-2018-8259
 	RESERVED
@@ -32687,119 +32677,119 @@ CVE-2018-8258
 	RESERVED
 CVE-2018-8257
 	RESERVED
-CVE-2018-8256 (A remote code execution vulnerability exists when PowerShell ...)
+CVE-2018-8256
 	NOT-FOR-US: Microsoft
 CVE-2018-8255
 	RESERVED
-CVE-2018-8254 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8254
 	NOT-FOR-US: Microsoft
-CVE-2018-8253 (An elevation of privilege vulnerability exists when Microsoft Cortana ...)
+CVE-2018-8253
 	NOT-FOR-US: Microsoft
-CVE-2018-8252 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8252
 	NOT-FOR-US: Microsoft
-CVE-2018-8251 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+CVE-2018-8251
 	NOT-FOR-US: Microsoft
 CVE-2018-8250
 	RESERVED
-CVE-2018-8249 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8249
 	NOT-FOR-US: Microsoft
-CVE-2018-8248 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8248
 	NOT-FOR-US: Microsoft
-CVE-2018-8247 (An elevation of privilege vulnerability exists when Office Web Apps ...)
+CVE-2018-8247
 	NOT-FOR-US: Microsoft
-CVE-2018-8246 (An information disclosure vulnerability exists when Microsoft Excel ...)
+CVE-2018-8246
 	NOT-FOR-US: Microsoft
-CVE-2018-8245 (A remote code execution vulnerability exists when Microsoft Publisher ...)
+CVE-2018-8245
 	NOT-FOR-US: Microsoft
-CVE-2018-8244 (An elevation of privilege vulnerability exists when Microsoft Outlook ...)
+CVE-2018-8244
 	NOT-FOR-US: Microsoft
-CVE-2018-8243 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8243
 	NOT-FOR-US: Microsoft
-CVE-2018-8242 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8242
 	NOT-FOR-US: Microsoft
 CVE-2018-8241
 	RESERVED
 CVE-2018-8240
 	RESERVED
-CVE-2018-8239 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2018-8239
 	NOT-FOR-US: Microsoft
-CVE-2018-8238 (A security feature bypass vulnerability exists when Skype for Business ...)
+CVE-2018-8238
 	NOT-FOR-US: Microsoft
 CVE-2018-8237
 	RESERVED
-CVE-2018-8236 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8236
 	NOT-FOR-US: Microsoft
-CVE-2018-8235 (A security feature bypass vulnerability exists when Microsoft Edge ...)
+CVE-2018-8235
 	NOT-FOR-US: Microsoft
-CVE-2018-8234 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-8234
 	NOT-FOR-US: Microsoft
-CVE-2018-8233 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8233
 	NOT-FOR-US: Microsoft
-CVE-2018-8232 (A Tampering vulnerability exists when Microsoft Macro Assembler ...)
+CVE-2018-8232
 	NOT-FOR-US: Microsoft
-CVE-2018-8231 (A remote code execution vulnerability exists when HTTP Protocol Stack ...)
+CVE-2018-8231
 	NOT-FOR-US: Microsoft
 CVE-2018-8230
 	RESERVED
-CVE-2018-8229 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8229
 	NOT-FOR-US: Microsoft
 CVE-2018-8228
 	RESERVED
-CVE-2018-8227 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8227
 	NOT-FOR-US: Microsoft
-CVE-2018-8226 (A denial of service vulnerability exists in the HTTP 2.0 protocol ...)
+CVE-2018-8226
 	NOT-FOR-US: Microsoft
-CVE-2018-8225 (A remote code execution vulnerability exists in Windows Domain Name ...)
+CVE-2018-8225
 	NOT-FOR-US: Microsoft
-CVE-2018-8224 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+CVE-2018-8224
 	NOT-FOR-US: Microsoft
 CVE-2018-8223
 	RESERVED
-CVE-2018-8222 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8222
 	NOT-FOR-US: Microsoft
-CVE-2018-8221 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8221
 	NOT-FOR-US: Microsoft
 CVE-2018-8220
 	RESERVED
-CVE-2018-8219 (An elevation of privilege vulnerability exists when Windows Hyper-V ...)
+CVE-2018-8219
 	NOT-FOR-US: Microsoft
-CVE-2018-8218 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+CVE-2018-8218
 	NOT-FOR-US: Microsoft
-CVE-2018-8217 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8217
 	NOT-FOR-US: Microsoft
-CVE-2018-8216 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8216
 	NOT-FOR-US: Microsoft
-CVE-2018-8215 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8215
 	NOT-FOR-US: Microsoft
-CVE-2018-8214 (An elevation of privilege vulnerability exists in Windows when Desktop ...)
+CVE-2018-8214
 	NOT-FOR-US: Microsoft
-CVE-2018-8213 (A remote code execution vulnerability exists when Windows improperly ...)
+CVE-2018-8213
 	NOT-FOR-US: Microsoft
-CVE-2018-8212 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8212
 	NOT-FOR-US: Microsoft
-CVE-2018-8211 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8211
 	NOT-FOR-US: Microsoft
-CVE-2018-8210 (A remote code execution vulnerability exists when Windows improperly ...)
+CVE-2018-8210
 	NOT-FOR-US: Microsoft
-CVE-2018-8209 (An information disclosure vulnerability exists when Windows allows a ...)
+CVE-2018-8209
 	NOT-FOR-US: Microsoft
-CVE-2018-8208 (An elevation of privilege vulnerability exists in Windows when Desktop ...)
+CVE-2018-8208
 	NOT-FOR-US: Microsoft
-CVE-2018-8207 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8207
 	NOT-FOR-US: Microsoft
-CVE-2018-8206 (A denial of service vulnerability exists when Windows improperly ...)
+CVE-2018-8206
 	NOT-FOR-US: Microsoft
-CVE-2018-8205 (A denial of service vulnerability exists when Windows improperly ...)
+CVE-2018-8205
 	NOT-FOR-US: Microsoft
-CVE-2018-8204 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8204
 	NOT-FOR-US: Microsoft
 CVE-2018-8203
 	RESERVED
-CVE-2018-8202 (An elevation of privilege vulnerability exists in .NET Framework which ...)
+CVE-2018-8202
 	NOT-FOR-US: Microsoft
-CVE-2018-8201 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8201
 	NOT-FOR-US: Microsoft
-CVE-2018-8200 (A security feature bypass vulnerability exists in Device Guard that ...)
+CVE-2018-8200
 	NOT-FOR-US: Microsoft
 CVE-2018-8199
 	RESERVED
@@ -32841,147 +32831,147 @@ CVE-2018-8181
 	RESERVED
 CVE-2018-8180
 	RESERVED
-CVE-2018-8179 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8179
 	NOT-FOR-US: Microsoft
-CVE-2018-8178 (A remote code execution vulnerability exists in the way that Microsoft ...)
+CVE-2018-8178
 	NOT-FOR-US: Microsoft
-CVE-2018-8177 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8177
 	NOT-FOR-US: Microsoft
-CVE-2018-8176 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+CVE-2018-8176
 	NOT-FOR-US: Microsoft
-CVE-2018-8175 (An denial of service vulnerability exists when Windows NT WEBDAV ...)
+CVE-2018-8175
 	NOT-FOR-US: Microsoft
-CVE-2018-8174 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8174
 	NOT-FOR-US: Microsoft
-CVE-2018-8173 (A remote code execution vulnerability exists in Microsoft InfoPath ...)
+CVE-2018-8173
 	NOT-FOR-US: Microsoft
-CVE-2018-8172 (A remote code execution vulnerability exists in Visual Studio software ...)
+CVE-2018-8172
 	NOT-FOR-US: Microsoft
-CVE-2018-8171 (A Security Feature Bypass vulnerability exists in ASP.NET when the ...)
+CVE-2018-8171
 	NOT-FOR-US: Microsoft
-CVE-2018-8170 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-8170
 	NOT-FOR-US: Microsoft
-CVE-2018-8169 (An elevation of privilege vulnerability exists when the (Human ...)
+CVE-2018-8169
 	NOT-FOR-US: Microsoft
-CVE-2018-8168 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8168
 	NOT-FOR-US: Microsoft
-CVE-2018-8167 (An elevation of privilege vulnerability exists when the Windows Common ...)
+CVE-2018-8167
 	NOT-FOR-US: Microsoft
-CVE-2018-8166 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8166
 	NOT-FOR-US: Microsoft
-CVE-2018-8165 (An elevation of privilege vulnerability exists when the DirectX ...)
+CVE-2018-8165
 	NOT-FOR-US: Microsoft
-CVE-2018-8164 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8164
 	NOT-FOR-US: Microsoft
-CVE-2018-8163 (An information disclosure vulnerability exists when Microsoft Excel ...)
+CVE-2018-8163
 	NOT-FOR-US: Microsoft
-CVE-2018-8162 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8162
 	NOT-FOR-US: Microsoft
-CVE-2018-8161 (A remote code execution vulnerability exists in Microsoft Office ...)
+CVE-2018-8161
 	NOT-FOR-US: Microsoft
-CVE-2018-8160 (An information disclosure vulnerability exists in Outlook when a ...)
+CVE-2018-8160
 	NOT-FOR-US: Microsoft
-CVE-2018-8159 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
+CVE-2018-8159
 	NOT-FOR-US: Microsoft
-CVE-2018-8158 (A remote code execution vulnerability exists in Microsoft Office ...)
+CVE-2018-8158
 	NOT-FOR-US: Microsoft
-CVE-2018-8157 (A remote code execution vulnerability exists in Microsoft Office ...)
+CVE-2018-8157
 	NOT-FOR-US: Microsoft
-CVE-2018-8156 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8156
 	NOT-FOR-US: Microsoft
-CVE-2018-8155 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8155
 	NOT-FOR-US: Microsoft
-CVE-2018-8154 (A remote code execution vulnerability exists in Microsoft Exchange ...)
+CVE-2018-8154
 	NOT-FOR-US: Microsoft
-CVE-2018-8153 (A spoofing vulnerability exists in Microsoft Exchange Server when ...)
+CVE-2018-8153
 	NOT-FOR-US: Microsoft
-CVE-2018-8152 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
+CVE-2018-8152
 	NOT-FOR-US: Microsoft
-CVE-2018-8151 (An information disclosure vulnerability exists when Microsoft Exchange ...)
+CVE-2018-8151
 	NOT-FOR-US: Microsoft
-CVE-2018-8150 (A security feature bypass vulnerability exists when the Microsoft ...)
+CVE-2018-8150
 	NOT-FOR-US: Microsoft
-CVE-2018-8149 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-8149
 	NOT-FOR-US: Microsoft
-CVE-2018-8148 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8148
 	NOT-FOR-US: Microsoft
-CVE-2018-8147 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-8147
 	NOT-FOR-US: Microsoft
 CVE-2018-8146
 	RESERVED
-CVE-2018-8145 (An information disclosure vulnerability exists when Chakra improperly ...)
+CVE-2018-8145
 	NOT-FOR-US: Microsoft
 CVE-2018-8144
 	RESERVED
 CVE-2018-8143
 	RESERVED
-CVE-2018-8142 (A security feature bypass exists when Windows incorrectly validates ...)
+CVE-2018-8142
 	NOT-FOR-US: Microsoft
-CVE-2018-8141 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8141
 	NOT-FOR-US: Microsoft
-CVE-2018-8140 (An Elevation of Privilege vulnerability exists when Cortana retrieves ...)
+CVE-2018-8140
 	NOT-FOR-US: Microsoft
-CVE-2018-8139 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8139
 	NOT-FOR-US: Microsoft
 CVE-2018-8138
 	RESERVED
-CVE-2018-8137 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8137
 	NOT-FOR-US: Microsoft
-CVE-2018-8136 (A remote code execution vulnerability exists in the way that Windows ...)
+CVE-2018-8136
 	NOT-FOR-US: Microsoft
 CVE-2018-8135
 	RESERVED
-CVE-2018-8134 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-8134
 	NOT-FOR-US: Microsoft
-CVE-2018-8133 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8133
 	NOT-FOR-US: Microsoft
-CVE-2018-8132 (A security feature bypass vulnerability exists in Windows which could ...)
+CVE-2018-8132
 	NOT-FOR-US: Microsoft
 CVE-2018-8131
 	RESERVED
-CVE-2018-8130 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8130
 	NOT-FOR-US: Microsoft
-CVE-2018-8129 (A security feature bypass vulnerability exists in Windows which could ...)
+CVE-2018-8129
 	NOT-FOR-US: Microsoft
-CVE-2018-8128 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8128
 	NOT-FOR-US: Microsoft
-CVE-2018-8127 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8127
 	NOT-FOR-US: Microsoft
-CVE-2018-8126 (A security feature bypass vulnerability exists when Internet Explorer ...)
+CVE-2018-8126
 	NOT-FOR-US: Microsoft
-CVE-2018-8125 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8125
 	NOT-FOR-US: Microsoft
-CVE-2018-8124 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8124
 	NOT-FOR-US: Microsoft
-CVE-2018-8123 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-8123
 	NOT-FOR-US: Microsoft
-CVE-2018-8122 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8122
 	NOT-FOR-US: Microsoft
-CVE-2018-8121 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-8121
 	NOT-FOR-US: Microsoft
-CVE-2018-8120 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2018-8120
 	NOT-FOR-US: Microsoft
-CVE-2018-8119 (A spoofing vulnerability exists when the Azure IoT Device Provisioning ...)
+CVE-2018-8119
 	NOT-FOR-US: Microsoft
-CVE-2018-8118 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-8118
 	NOT-FOR-US: Microsoft
-CVE-2018-8117 (A security feature bypass vulnerability exists in the Microsoft ...)
+CVE-2018-8117
 	NOT-FOR-US: Microsoft
-CVE-2018-8116 (A denial of service vulnerability exists in the way that Windows ...)
+CVE-2018-8116
 	NOT-FOR-US: Microsoft
-CVE-2018-8115 (A remote code execution vulnerability exists when the Windows Host ...)
+CVE-2018-8115
 	NOT-FOR-US: Microsoft
-CVE-2018-8114 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-8114
 	NOT-FOR-US: Microsoft
-CVE-2018-8113 (A security feature bypass vulnerability exists in Internet Explorer ...)
+CVE-2018-8113
 	NOT-FOR-US: Microsoft
-CVE-2018-8112 (A security feature bypass vulnerability exists when Microsoft Edge ...)
+CVE-2018-8112
 	NOT-FOR-US: Microsoft
-CVE-2018-8111 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8111
 	NOT-FOR-US: Microsoft
-CVE-2018-8110 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2018-8110
 	NOT-FOR-US: Microsoft
-CVE-2018-1000132 (Mercurial version 4.5 and earlier contains a Incorrect Access Control ...)
+CVE-2018-1000132
 	{DLA-1414-1 DLA-1331-1}
 	- mercurial 4.5.2-1 (bug #892964)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29
@@ -32989,109 +32979,109 @@ CVE-2018-1000132 (Mercurial version 4.5 and earlier contains a Incorrect Access
 	NOTE: Backports for older branches in https://hg.mozilla.org/users/gszorc_mozilla.com/hg
 	NOTE: 4.4: 4843835c835::7cf827e5f8af
 	NOTE: 4.3: db527ae12671::86f9a022ccb8
-CVE-2018-1000131 (Pradeep Makone wordpress Support Plus Responsive Ticket System version ...)
+CVE-2018-1000131
 	NOT-FOR-US: Pradeep Makone wordpress Support Plus Responsive Ticket System
-CVE-2018-1000130 (A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 ...)
+CVE-2018-1000130
 	NOT-FOR-US: Jolokia
-CVE-2018-1000129 (An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the ...)
+CVE-2018-1000129
 	NOT-FOR-US: Jolokia
 CVE-2018-8109
 	RESERVED
-CVE-2018-8108 (The select component in bui through 2018-03-13 has XSS because it ...)
+CVE-2018-8108
 	NOT-FOR-US: bui
-CVE-2018-8107 (The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows ...)
+CVE-2018-8107
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8106 (The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 ...)
+CVE-2018-8106
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8105 (The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows ...)
+CVE-2018-8105
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8104 (The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows ...)
+CVE-2018-8104
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8103 (The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf ...)
+CVE-2018-8103
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8102 (The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf ...)
+CVE-2018-8102
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8101 (The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf ...)
+CVE-2018-8101
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8100 (The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 ...)
+CVE-2018-8100
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8099 (Incorrect returning of an error code in the index.c:read_entry() ...)
+CVE-2018-8099
 	[experimental] - libgit2 0.27.0+dfsg.1-0.1
 	- libgit2 0.27.0+dfsg.1-0.6 (low; bug #892962)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/libgit2/libgit2/commit/58a6fe94cb851f71214dbefac3f9bffee437d6fe
-CVE-2018-8098 (Integer overflow in the index.c:read_entry() function while ...)
+CVE-2018-8098
 	[experimental] - libgit2 0.27.0+dfsg.1-0.1
 	- libgit2 0.27.0+dfsg.1-0.6 (low; bug #892961)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/libgit2/libgit2/commit/3207ddb0103543da8ad2139ec6539f590f9900c1
 	NOTE: https://github.com/libgit2/libgit2/commit/3db1af1f370295ad5355b8f64b865a2a357bcac0
-CVE-2018-8097 (io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote ...)
+CVE-2018-8097
 	NOT-FOR-US: pyeve
-CVE-2018-8096 (Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass ...)
+CVE-2018-8096
 	NOT-FOR-US: Datalust Seq
 CVE-2018-8095
 	RESERVED
 CVE-2018-1000128
 	REJECTED
-CVE-2018-1000127 (memcached version prior to 1.4.37 contains an Integer Overflow ...)
+CVE-2018-1000127
 	{DSA-4218-1 DLA-1329-1}
 	- memcached 1.5.0-1 (bug #894404)
 	NOTE: https://github.com/memcached/memcached/commit/a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00
 	NOTE: https://github.com/memcached/memcached/issues/271
-CVE-2018-1000126 (Ajenti version 2 contains an Information Disclosure vulnerability in ...)
+CVE-2018-1000126
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000125 (inversoft prime-jwt version prior to version 1.3.0 or prior to commit ...)
+CVE-2018-1000125
 	NOT-FOR-US: inversoft prime-jwt
-CVE-2018-1000124 (I Librarian I-librarian version 4.8 and earlier contains a XML ...)
+CVE-2018-1000124
 	- i-librarian <itp> (bug #649291)
-CVE-2018-1000123 (Ionic Team Cordova plugin iOS Keychain version before commit ...)
+CVE-2018-1000123
 	NOT-FOR-US: Ionic Team Cordova plugin iOS Keychain
 CVE-2018-8094
 	RESERVED
 CVE-2018-8093
 	RESERVED
-CVE-2018-8092 (Mautic before 2.13.0 allows CSV injection. ...)
+CVE-2018-8092
 	NOT-FOR-US: Mautic
 CVE-2018-8091
 	RESERVED
-CVE-2018-8090 (Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - ...)
+CVE-2018-8090
 	NOT-FOR-US: Quick Heal
 CVE-2018-8089
 	RESERVED
-CVE-2018-8088 (org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before ...)
+CVE-2018-8088
 	- libslf4j-java 1.7.25-3 (bug #893684; unimportant)
 	NOTE: slf4j-ext module is not built by default
 	NOTE: https://github.com/qos-ch/slf4j/commit/d2b27fba88e983f921558da27fc29b5f5d269405
 	NOTE: https://jira.qos.ch/browse/SLF4J-430
 	NOTE: https://jira.qos.ch/browse/SLF4J-431
-CVE-2018-8087 (Memory leak in the hwsim_new_radio_nl function in ...)
+CVE-2018-8087
 	{DSA-4188-1}
 	- linux 4.15.11-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -33101,16 +33091,16 @@ CVE-2018-8086
 	REJECTED
 CVE-2018-8085
 	RESERVED
-CVE-2018-1000097 (Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer ...)
+CVE-2018-1000097
 	{DSA-4167-1}
 	- sharutils 1:4.15.2-3 (bug #893525)
 	[wheezy] - sharutils <not-affected> (Vulnerable code not present)
 	NOTE: http://seclists.org/bugtraq/2018/Feb/54
-CVE-2018-1000096 (brianleroux tiny-json-http version all versions since commit ...)
+CVE-2018-1000096
 	NOT-FOR-US: tiny-json-http
-CVE-2018-1000095 (oVirt version 4.2.0 to 4.2.2 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000095
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1000094 (CMS Made Simple version 2.2.5 contains a Remote Code Execution ...)
+CVE-2018-1000094
 	NOT-FOR-US: CMS Made Simple
 CVE-2018-8084
 	RESERVED
@@ -33124,25 +33114,25 @@ CVE-2018-8080
 	RESERVED
 CVE-2018-8079
 	RESERVED
-CVE-2018-8078 (YzmCMS 3.7 has Stored XSS via the title parameter to ...)
+CVE-2018-8078
 	NOT-FOR-US: YzmCMS
 CVE-2018-8077
 	RESERVED
-CVE-2018-8076 (ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability ...)
+CVE-2018-8076
 	NOT-FOR-US: ZenMate
 CVE-2018-8075
 	RESERVED
-CVE-2018-8074 (Yii 2.x before 2.0.15 allows remote attackers to inject unintended ...)
+CVE-2018-8074
 	- yii <itp> (bug #597899)
-CVE-2018-8073 (Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA ...)
+CVE-2018-8073
 	- yii <itp> (bug #597899)
-CVE-2018-8072 (An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W ...)
+CVE-2018-8072
 	NOT-FOR-US: EDIMAX
-CVE-2018-8071 (Mautic before v2.13.0 has stored XSS via a theme config file. ...)
+CVE-2018-8071
 	NOT-FOR-US: Mautic
-CVE-2018-8070 (QCMS version 3.0 has XSS via the title parameter to the ...)
+CVE-2018-8070
 	NOT-FOR-US: QCMS
-CVE-2018-8069 (QCMS version 3.0 has XSS via the webname parameter to the ...)
+CVE-2018-8069
 	NOT-FOR-US: QCMS
 CVE-2018-8068
 	RESERVED
@@ -33150,7 +33140,7 @@ CVE-2018-8067
 	RESERVED
 CVE-2018-8066
 	RESERVED
-CVE-2018-8065 (An issue was discovered in the web server in Flexense SyncBreeze ...)
+CVE-2018-8065
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
 CVE-2018-8064
 	RESERVED
@@ -33158,17 +33148,17 @@ CVE-2018-8063
 	RESERVED
 CVE-2018-8062
 	RESERVED
-CVE-2018-8061 (HWiNFO AMD64 Kernel driver version 8.98 and lower allows an ...)
+CVE-2018-8061
 	NOT-FOR-US: HWiNFO AMD64 Kernel driver
-CVE-2018-8060 (HWiNFO AMD64 Kernel driver version 8.98 and lower allows an ...)
+CVE-2018-8060
 	NOT-FOR-US: HWiNFO AMD64 Kernel driver
-CVE-2018-8059 (The Djelibeybi configuration examples for use of NGINX in SUSE Portus ...)
+CVE-2018-8059
 	NOT-FOR-US: Portus
-CVE-2018-8058 (CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via ...)
+CVE-2018-8058
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-8057 (A SQL Injection vulnerability exists in Western Bridge Cobub Razor ...)
+CVE-2018-8057
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-8056 (Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an ...)
+CVE-2018-8056
 	NOT-FOR-US: Western Bridge Cobub Razor
 CVE-2018-8055
 	RESERVED
@@ -33180,13 +33170,13 @@ CVE-2018-8052
 	RESERVED
 CVE-2018-8051
 	RESERVED
-CVE-2018-8050 (The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka ...)
+CVE-2018-8050
 	- afflib 3.7.16-3 (unimportant; bug #892599)
 	NOTE: https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c
 	NOTE: Negligible security impact
-CVE-2018-8049 (The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before ...)
+CVE-2018-8049
 	NOT-FOR-US: Unisys Stealth SVG
-CVE-2018-8048 (In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML ...)
+CVE-2018-8048
 	{DSA-4171-1}
 	- ruby-loofah 2.2.1-1 (bug #893596)
 	NOTE: https://github.com/flavorjones/loofah/issues/144
@@ -33194,33 +33184,33 @@ CVE-2018-8048 (In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML ..
 	NOTE: https://github.com/flavorjones/loofah/commit/56e95a6696b1e17a242eb8ebbbab64d613c4f1fe
 CVE-2018-8047
 	RESERVED
-CVE-2018-8046 (The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before ...)
+CVE-2018-8046
 	NOT-FOR-US: Sencha
-CVE-2018-8045 (In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable ...)
+CVE-2018-8045
 	NOT-FOR-US: Joomla!
 CVE-2018-8044
 	RESERVED
-CVE-2018-8043 (The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in ...)
+CVE-2018-8043
 	- linux <unfixed> (unimportant)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5
 	NOTE: Negligible security impact, only enabled on armhf
-CVE-2018-8042 (Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential ...)
+CVE-2018-8042
 	NOT-FOR-US: Apache Ambari
-CVE-2018-8041 (Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and ...)
+CVE-2018-8041
 	NOT-FOR-US: Apache Camel Mail component
-CVE-2018-8040 (Pages that are rendered using the ESI plugin can have access to the ...)
+CVE-2018-8040
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/2
 	NOTE: https://github.com/apache/trafficserver/pull/3926
 	NOTE: https://github.com/apache/trafficserver/commit/cea07c03274807c1588dbdf03baa1537d958c92f
-CVE-2018-8039 (It is possible to configure Apache CXF to use the com.sun.net.ssl ...)
+CVE-2018-8039
 	NOT-FOR-US: Apache CXF
-CVE-2018-8038 (Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable ...)
+CVE-2018-8038
 	NOT-FOR-US: Apache CXF
-CVE-2018-8037 (If an async request was completed by the application at the same time ...)
+CVE-2018-8037
 	{DSA-4281-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.32-1
@@ -33228,7 +33218,7 @@ CVE-2018-8037 (If an async request was completed by the application at the same
 	- tomcat8.0 <not-affected> (Vulnerable code only present in 8.5.5 to 8.5.31 in 8.x series)
 	NOTE: https://svn.apache.org/r1833906 (9.0.x)
 	NOTE: https://svn.apache.org/r1833907 (8.5.x)
-CVE-2018-8036 (In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully ...)
+CVE-2018-8036
 	- libpdfbox-java 1:1.8.15-1 (low; bug #902776)
 	- libpdfbox2-java 2.0.11-1 (low)
 	[stretch] - libpdfbox-java <no-dsa> (Minor issue)
@@ -33236,7 +33226,7 @@ CVE-2018-8036 (In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefu
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/29/2
 CVE-2018-8035
 	RESERVED
-CVE-2018-8034 (The host name verification when using TLS with the WebSocket client ...)
+CVE-2018-8034
 	{DSA-4281-1 DLA-1491-1 DLA-1453-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.32-1
@@ -33248,63 +33238,63 @@ CVE-2018-8034 (The host name verification when using TLS with the WebSocket clie
 	NOTE: https://svn.apache.org/r1833758 (8.5.x)
 	NOTE: https://svn.apache.org/r1833759 (8.0.x)
 	NOTE: https://svn.apache.org/r1833760 (7.0.x)
-CVE-2018-8033 (In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine ...)
+CVE-2018-8033
 	NOT-FOR-US: Apache OFBiz
-CVE-2018-8032 (Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site ...)
+CVE-2018-8032
 	- axis 1.4-28 (bug #905328)
 	[stretch] - axis <no-dsa> (Minor issue)
 	[jessie] - axis <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/AXIS-2924
 	NOTE: https://svn.apache.org/r1831943
-CVE-2018-8031 (The Apache TomEE console (tomee-webapp) has a XSS vulnerability which ...)
+CVE-2018-8031
 	NOT-FOR-US: Apache TomEE
-CVE-2018-8030 (A Denial of Service vulnerability was found in Apache Qpid Broker-J ...)
+CVE-2018-8030
 	- qpid-java <itp> (bug #840131)
 CVE-2018-8029
 	RESERVED
-CVE-2018-8028 (An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS ...)
+CVE-2018-8028
 	NOT-FOR-US: Apache Sentry
-CVE-2018-8027 (Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in ...)
+CVE-2018-8027
 	NOT-FOR-US: Apache Camel
-CVE-2018-8026 (This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 ...)
+CVE-2018-8026
 	- lucene-solr <not-affected> (Do not allow to upload configsets via the API)
 	NOTE: Versions 5.x and earlier are not affected by the vulnerability, since
 	NOTE: those versions do not allow to upload configsets via the API.
 	NOTE: https://issues.apache.org/jira/browse/SOLR-12450
-CVE-2018-8025 (CVE-2018-8025 describes an issue in Apache HBase that affects the ...)
+CVE-2018-8025
 	NOT-FOR-US: Apache HBase
-CVE-2018-8024 (In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's ...)
+CVE-2018-8024
 	NOT-FOR-US: Apache Spark
-CVE-2018-8023 (Apache Mesos can be configured to require authentication to call the ...)
+CVE-2018-8023
 	- apache-mesos <itp> (bug #760315)
-CVE-2018-8022 (A carefully crafted invalid TLS handshake can cause Apache Traffic ...)
+CVE-2018-8022
 	- trafficserver 7.0.0-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/1
 	NOTE: Only affects 6.x, marking 7.0 as the fixed version
 	NOTE: https://github.com/apache/trafficserver/pull/2147
-CVE-2018-8021 (Versions of Superset prior to 0.23 used an unsafe load method from the ...)
+CVE-2018-8021
 	NOT-FOR-US: Apache Superset
-CVE-2018-8020 (Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw ...)
+CVE-2018-8020
 	{DLA-1475-1}
 	- tomcat-native 1.2.17-1
 	[stretch] - tomcat-native 1.2.12-2+deb9u2
 	NOTE: https://svn.apache.org/r1832863
-CVE-2018-8019 (When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and ...)
+CVE-2018-8019
 	{DLA-1475-1}
 	- tomcat-native 1.2.17-1
 	[stretch] - tomcat-native 1.2.12-2+deb9u2
 	NOTE: https://svn.apache.org/r1832832
-CVE-2018-8018 (In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the ...)
+CVE-2018-8018
 	NOT-FOR-US: Apache Ignite
-CVE-2018-8017 (In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an ...)
+CVE-2018-8017
 	- tika 1.20-1 (bug #914643)
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/6
-CVE-2018-8016 (The default configuration in Apache Cassandra 3.8 through 3.11.1 binds ...)
+CVE-2018-8016
 	- cassandra <itp> (bug #585905)
-CVE-2018-8015 (In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an ...)
+CVE-2018-8015
 	NOT-FOR-US: Apache ORC
-CVE-2018-8014 (The defaults settings for the CORS filter provided in Apache Tomcat ...)
+CVE-2018-8014
 	{DLA-1400-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.32-1 (bug #898935)
@@ -33321,13 +33311,13 @@ CVE-2018-8014 (The defaults settings for the CORS filter provided in Apache Tomc
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62343
 	NOTE: It is expected that users of the CORS filter will have configured it appropriately
 	NOTE: for their einvironment rather than using it in the default configuration
-CVE-2018-8013 (In Apache Batik 1.x before 1.10, when deserializing subclass of ...)
+CVE-2018-8013
 	{DSA-4215-1 DLA-1385-1}
 	- batik 1.10-1 (bug #899374)
 	NOTE: https://issues.apache.org/jira/browse/BATIK-1222
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1831241
 	NOTE: https://marc.info/?l=oss-security&m=152707788503264&w=2
-CVE-2018-8012 (No authentication/authorization is enforced when a server attempts to ...)
+CVE-2018-8012
 	{DSA-4214-1}
 	- zookeeper 3.4.10-2 (bug #899332)
 	[wheezy] - zookeeper <ignored> (changes are too intrusive to backport)
@@ -33335,39 +33325,39 @@ CVE-2018-8012 (No authentication/authorization is enforced when a server attempt
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/21/6
 	NOTE: https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication
 	NOTE: https://issues.apache.org/jira/secure/attachment/12840904/ZOOKEEPER-1045-br-3-4.patch
-CVE-2018-8011 (By specially crafting HTTP requests, the mod_md challenge handler ...)
+CVE-2018-8011
 	- apache2 2.4.34-1 (bug #904107)
 	[stretch] - apache2 <not-affected> (Vulnerable code not present; mod_md module)
 	[jessie] - apache2 <not-affected> (Vulnerable code not present; mod_md module)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/2
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-8011
-CVE-2018-8010 (This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 ...)
+CVE-2018-8010
 	- lucene-solr <not-affected> (Do not allow to upload configsets via the API)
 	NOTE: Versions 5.x and earlier are not affected by the vulnerability, since
 	NOTE: those versions do not allow to upload configsets via the API.
 	NOTE: https://issues.apache.org/jira/browse/SOLR-12316
-CVE-2018-8009 (Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to ...)
+CVE-2018-8009
 	- hadoop <itp> (bug #793644)
-CVE-2018-8008 (Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version ...)
+CVE-2018-8008
 	NOT-FOR-US: Apache Storm
-CVE-2018-8007 (Apache CouchDB administrative users can configure the database server ...)
+CVE-2018-8007
 	- couchdb <removed>
 	NOTE: https://blog.couchdb.org/2018/07/10/cve-2018-8007/
-CVE-2018-8006 (An instance of a cross-site scripting vulnerability was identified to ...)
+CVE-2018-8006
 	- activemq <unfixed> (unimportant)
 	NOTE: https://issues.apache.org/jira/browse/AMQ-6954
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=d25de5d
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=d8c80a9
 	NOTE: Admin console not enabled in the Debian package, see #702670)
 	NOTE: Fixed in 5.15.5, 5.16.0
-CVE-2018-8005 (When there are multiple ranges in a range request, Apache Traffic ...)
+CVE-2018-8005
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/4
 	NOTE: https://github.com/apache/trafficserver/pull/3106
 	NOTE: https://github.com/apache/trafficserver/pull/3124
 	NOTE: https://github.com/apache/trafficserver/commit/bbcbb7cf7f25ebfe3a97d792e889de618e41a6a4
-CVE-2018-8004 (There are multiple HTTP smuggling and cache poisoning issues when ...)
+CVE-2018-8004
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/5
@@ -33379,16 +33369,16 @@ CVE-2018-8004 (There are multiple HTTP smuggling and cache poisoning issues when
 	NOTE: https://github.com/apache/trafficserver/commit/9659d12a21cf1870c2790fdd5acab712ed87f16e
 	NOTE: https://github.com/apache/trafficserver/commit/2616e580de7d66b9098c464d503a049c7814e35a
 	NOTE: https://github.com/apache/trafficserver/commit/3d2fdab8b0606bc8b35006f7aeb73729d364b333
-CVE-2018-8003 (Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory ...)
+CVE-2018-8003
 	NOT-FOR-US: Apache Ambari
-CVE-2018-8002 (In PoDoFo 0.9.5, there exists an infinite loop vulnerability in ...)
+CVE-2018-8002
 	- libpodofo <unfixed> (low; bug #892557)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: PoC https://bugzilla.redhat.com/show_bug.cgi?id=1548930
 	NOTE: Upstream bug: https://sourceforge.net/p/podofo/tickets/15/
-CVE-2018-8001 (In PoDoFo 0.9.5, there exists a heap-based buffer over-read ...)
+CVE-2018-8001
 	- libpodofo 0.9.6+dfsg-3 (low; bug #892556)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -33396,43 +33386,43 @@ CVE-2018-8001 (In PoDoFo 0.9.5, there exists a heap-based buffer over-read ...)
 	NOTE: PoC https://bugzilla.redhat.com/show_bug.cgi?id=1549469
 	NOTE: Upstream bug: https://sourceforge.net/p/podofo/tickets/14/
 	NOTE: Upstream commit: http://sourceforge.net/p/podofo/code/1909
-CVE-2018-8000 (In PoDoFo 0.9.5, there exists a heap-based buffer overflow ...)
+CVE-2018-8000
 	NOTE: PoC https://bugzilla.redhat.com/show_bug.cgi?id=1548918
 	NOTE: Upstream bug: https://sourceforge.net/p/podofo/tickets/13/
 	NOTE: Upstream tracked this down as a of CVE-2017-5886
-CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference ...)
+CVE-2018-7999
 	- graphite2 1.3.11-2 (bug #892590)
 	[stretch] - graphite2 <no-dsa> (Minor issue)
 	[jessie] - graphite2 <no-dsa> (Minor issue)
 	[wheezy] - graphite2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6
 	NOTE: https://github.com/silnrsi/graphite/issues/22
-CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference ...)
+CVE-2018-7998
 	{DLA-1306-1}
 	- vips 8.4.5-2 (low; bug #892589)
 	[stretch] - vips <no-dsa> (Minor issue)
 	[jessie] - vips <no-dsa> (Minor issue)
 	NOTE: https://github.com/jcupitt/libvips/commit/20d840e6da15c1574b3ed998bc92f91d1e36c2a5
 	NOTE: https://github.com/jcupitt/libvips/issues/893
-CVE-2018-7997 (Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file ...)
+CVE-2018-7997
 	NOT-FOR-US: Eramba
-CVE-2018-7996 (Eramba e1.0.6.033 has Stored XSS on the tooltip box via the ...)
+CVE-2018-7996
 	NOT-FOR-US: Eramba
-CVE-2018-7994 (Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; ...)
+CVE-2018-7994
 	NOT-FOR-US: Huawei
-CVE-2018-7993 (HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 ...)
+CVE-2018-7993
 	NOT-FOR-US: Huawei
-CVE-2018-7992 (Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 ...)
+CVE-2018-7992
 	NOT-FOR-US: Huawei
-CVE-2018-7991 (Huawei smartphones Mate10 with versions earlier before ALP-AL00B ...)
+CVE-2018-7991
 	NOT-FOR-US: Huawei
-CVE-2018-7990 (Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) ...)
+CVE-2018-7990
 	NOT-FOR-US: Huawei
-CVE-2018-7989 (Huawei Mate 10 pro smartphones with the versions before BLA-AL00B ...)
+CVE-2018-7989
 	NOT-FOR-US: Huawei
-CVE-2018-7988 (There is a Factory Reset Protection (FRP) bypass vulnerability on ...)
+CVE-2018-7988
 	NOT-FOR-US: Huawei
-CVE-2018-7987 (There is an out-of-bounds write vulnerability on Huawei P20 ...)
+CVE-2018-7987
 	NOT-FOR-US: Huawei
 CVE-2018-7986
 	REJECTED
@@ -33452,9 +33442,9 @@ CVE-2018-7979
 	REJECTED
 CVE-2018-7978
 	REJECTED
-CVE-2018-7977 (There is an information leakage vulnerability on several Huawei ...)
+CVE-2018-7977
 	NOT-FOR-US: Huawei
-CVE-2018-7976 (There is a stored cross-site scripting (XSS) vulnerability in Huawei ...)
+CVE-2018-7976
 	NOT-FOR-US: Huawei
 CVE-2018-7975
 	REJECTED
@@ -33484,17 +33474,17 @@ CVE-2018-7963
 	REJECTED
 CVE-2018-7962
 	RESERVED
-CVE-2018-7961 (There is a smart SMS verification code vulnerability in some Huawei ...)
+CVE-2018-7961
 	NOT-FOR-US: Huawei
-CVE-2018-7960 (There is a SRTP icon display vulnerability in Huawei eSpace product. ...)
+CVE-2018-7960
 	NOT-FOR-US: Huawei
-CVE-2018-7959 (There is a short key vulnerability in Huawei eSpace product. An ...)
+CVE-2018-7959
 	NOT-FOR-US: Huawei
-CVE-2018-7958 (There is an anonymous TLS cipher suites supported vulnerability in ...)
+CVE-2018-7958
 	NOT-FOR-US: Huawei
-CVE-2018-7957 (Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an ...)
+CVE-2018-7957
 	NOT-FOR-US: Huawei
-CVE-2018-7956 (Huawei VIP App is a mobile app for Malaysia customers that purchased ...)
+CVE-2018-7956
 	NOT-FOR-US: Huawei
 CVE-2018-7955
 	REJECTED
@@ -33504,69 +33494,69 @@ CVE-2018-7953
 	RESERVED
 CVE-2018-7952
 	RESERVED
-CVE-2018-7951 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei ...)
+CVE-2018-7951
 	NOT-FOR-US: Huawei
-CVE-2018-7950 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei ...)
+CVE-2018-7950
 	NOT-FOR-US: Huawei
-CVE-2018-7949 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei ...)
+CVE-2018-7949
 	NOT-FOR-US: Huawei
 CVE-2018-7948
 	REJECTED
-CVE-2018-7947 (Huawei mobile phones with versions earlier before Emily-AL00A ...)
+CVE-2018-7947
 	NOT-FOR-US: Huawei
-CVE-2018-7946 (There is an information leak vulnerability in some Huawei smartphones. ...)
+CVE-2018-7946
 	NOT-FOR-US: Huawei
 CVE-2018-7945
 	REJECTED
-CVE-2018-7944 (Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and ...)
+CVE-2018-7944
 	NOT-FOR-US: Huawei
-CVE-2018-7943 (There is an authentication bypass vulnerability in some Huawei ...)
+CVE-2018-7943
 	NOT-FOR-US: Huawei
-CVE-2018-7942 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei ...)
+CVE-2018-7942
 	NOT-FOR-US: Huawei
-CVE-2018-7941 (Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A ...)
+CVE-2018-7941
 	NOT-FOR-US: Huawei
-CVE-2018-7940 (Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than ...)
+CVE-2018-7940
 	NOT-FOR-US: Huawei
-CVE-2018-7939 (Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the ...)
+CVE-2018-7939
 	NOT-FOR-US: Huawei
-CVE-2018-7938 (P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 ...)
+CVE-2018-7938
 	NOT-FOR-US: Huawei
-CVE-2018-7937 (In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and ...)
+CVE-2018-7937
 	NOT-FOR-US: Huawei
-CVE-2018-7936 (Mate 10 Pro Huawei smart phones with the versions before BLA-L29 ...)
+CVE-2018-7936
 	NOT-FOR-US: Huawei
 CVE-2018-7935
 	RESERVED
-CVE-2018-7934 (Some Huawei mobile phone with the versions before BLA-L29 ...)
+CVE-2018-7934
 	NOT-FOR-US: Huawei
-CVE-2018-7933 (Huawei home gateway products HiRouter-CD20 and WS5200 with the ...)
+CVE-2018-7933
 	NOT-FOR-US: Huawei
-CVE-2018-7932 (Huawei AppGallery versions before 8.0.4.301 has an arbitrary ...)
+CVE-2018-7932
 	NOT-FOR-US: Huawei
-CVE-2018-7931 (Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism ...)
+CVE-2018-7931
 	NOT-FOR-US: Huawei
-CVE-2018-7930 (The Near Field Communication (NFC) module in Mate 9 Huawei mobile ...)
+CVE-2018-7930
 	NOT-FOR-US: Mate 9 Huawei mobile phones
-CVE-2018-7929 (Huawei Mate RS smartphones with the versions before NEO-AL00D ...)
+CVE-2018-7929
 	NOT-FOR-US: Huawei
-CVE-2018-7928 (There is a security vulnerability which could lead to Factory Reset ...)
+CVE-2018-7928
 	NOT-FOR-US: Huawei
 CVE-2018-7927
 	REJECTED
-CVE-2018-7926 (Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have ...)
+CVE-2018-7926
 	NOT-FOR-US: Huawei
-CVE-2018-7925 (The radio module of some Huawei smartphones Emily-AL00A The versions ...)
+CVE-2018-7925
 	NOT-FOR-US: Huawei
-CVE-2018-7924 (Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have ...)
+CVE-2018-7924
 	NOT-FOR-US: Huawei
-CVE-2018-7923 (Huawei ALP-L09 smart phones with versions earlier than ALP-L09 ...)
+CVE-2018-7923
 	NOT-FOR-US: Huawei
-CVE-2018-7922 (Huawei ALP-L09 smart phones with versions earlier than ALP-L09 ...)
+CVE-2018-7922
 	NOT-FOR-US: Huawei
-CVE-2018-7921 (Huawei B315s-22 products with software of 21.318.01.00.26 have an ...)
+CVE-2018-7921
 	NOT-FOR-US: Huawei
-CVE-2018-7920 (Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 ...)
+CVE-2018-7920
 	NOT-FOR-US: Huawei
 CVE-2018-7919
 	RESERVED
@@ -33584,31 +33574,31 @@ CVE-2018-7913
 	REJECTED
 CVE-2018-7912
 	REJECTED
-CVE-2018-7911 (Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), ...)
+CVE-2018-7911
 	NOT-FOR-US: Huawei
-CVE-2018-7910 (Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B ...)
+CVE-2018-7910
 	NOT-FOR-US: Huawei
 CVE-2018-7909
 	REJECTED
 CVE-2018-7908
 	REJECTED
-CVE-2018-7907 (Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, ...)
+CVE-2018-7907
 	NOT-FOR-US: Huawei
-CVE-2018-7906 (Some Huawei smart phones with software of Leland-AL00 8.0.0.114(C636), ...)
+CVE-2018-7906
 	NOT-FOR-US: Huawei
 CVE-2018-7905
 	REJECTED
-CVE-2018-7904 (Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON ...)
+CVE-2018-7904
 	NOT-FOR-US: Huawei
-CVE-2018-7903 (Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON ...)
+CVE-2018-7903
 	NOT-FOR-US: Huawei
-CVE-2018-7902 (Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON ...)
+CVE-2018-7902
 	NOT-FOR-US: Huawei
-CVE-2018-7901 (RCS module in Huawei ALP-AL00B smart phones with software versions ...)
+CVE-2018-7901
 	NOT-FOR-US: Huawei
-CVE-2018-7900 (There is an information leak vulnerability in some Huawei HG products. ...)
+CVE-2018-7900
 	NOT-FOR-US: Huawei
-CVE-2018-7899 (The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones ...)
+CVE-2018-7899
 	NOT-FOR-US: Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones
 CVE-2018-7898
 	RESERVED
@@ -33618,21 +33608,21 @@ CVE-2018-7896
 	RESERVED
 CVE-2018-7895
 	RESERVED
-CVE-2018-7894 (Eramba e1.0.6.033 has Reflected XSS in ...)
+CVE-2018-7894
 	NOT-FOR-US: Eramba
-CVE-2018-7893 (CMS Made Simple (CMSMS) 2.2.6 has stored XSS in ...)
+CVE-2018-7893
 	NOT-FOR-US: CMS Made Simple
 CVE-2018-7892
 	RESERVED
-CVE-2018-7891 (The Milestone XProtect Video Management Software (Corporate, Expert, ...)
+CVE-2018-7891
 	NOT-FOR-US: Milestone XProtect Video Management Software
-CVE-2018-7995 (** DISPUTED ** Race condition in the store_int_with_restart() function ...)
+CVE-2018-7995
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: https://lkml.org/lkml/2018/3/2/970
-CVE-2018-7890 (A remote code execution issue was discovered in Zoho ManageEngine ...)
+CVE-2018-7890
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2018-7889 (gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on ...)
+CVE-2018-7889
 	- calibre 3.19.0+dfsg-1 (bug #892242)
 	[stretch] - calibre <no-dsa> (Minor issue)
 	[jessie] - calibre <no-dsa> (Minor issue)
@@ -33643,17 +33633,17 @@ CVE-2018-7889 (gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load
 	NOTE: see https://lists.debian.org/87muy0usv1.fsf@curie.anarc.at
 	NOTE: The CVE assignment is specific to the issue fixed by upstream commit
 	NOTE: aeb5b036a0bf657951756688b3c72bd68b6e4a7d.
-CVE-2018-1000122 (A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 ...)
+CVE-2018-1000122
 	{DSA-4136-1 DLA-1309-1}
 	- curl 7.60.0-1 (bug #893546)
 	NOTE: https://curl.haxx.se/docs/adv_2018-b047.html
 	NOTE: https://curl.haxx.se/CVE-2018-1000122.patch
-CVE-2018-1000121 (A NULL pointer dereference exists in curl 7.21.0 to and including curl ...)
+CVE-2018-1000121
 	{DSA-4136-1 DLA-1309-1}
 	- curl 7.60.0-1 (bug #893546)
 	NOTE: https://curl.haxx.se/docs/adv_2018-97a2.html
 	NOTE: https://curl.haxx.se/CVE-2018-1000121.patch
-CVE-2018-1000120 (A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 ...)
+CVE-2018-1000120
 	{DSA-4136-1 DLA-1309-1}
 	- curl 7.60.0-1 (bug #893546)
 	NOTE: https://curl.haxx.se/docs/adv_2018-9cd6.html
@@ -33662,11 +33652,11 @@ CVE-2018-7888
 	RESERVED
 CVE-2018-7887
 	RESERVED
-CVE-2018-7886 (An issue was discovered in CloudMe 1.11.0. An unauthenticated local ...)
+CVE-2018-7886
 	NOT-FOR-US: CloudMe
 CVE-2018-7885
 	RESERVED
-CVE-2018-7884 (An issue was discovered in DisplayLink Core Software Cleaner ...)
+CVE-2018-7884
 	NOT-FOR-US: DisplayLink Core Software Cleaner Application
 CVE-2018-7883
 	RESERVED
@@ -33680,51 +33670,51 @@ CVE-2018-7879
 	RESERVED
 CVE-2018-7878
 	RESERVED
-CVE-2018-7877 (There is a heap-based buffer overflow in the getString function of ...)
+CVE-2018-7877
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/110
-CVE-2018-7876 (In libming 0.4.8, a memory exhaustion vulnerability was found in the ...)
+CVE-2018-7876
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/109
-CVE-2018-7875 (There is a heap-based buffer over-read in the getString function of ...)
+CVE-2018-7875
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/112
-CVE-2018-7874 (An invalid memory address dereference was discovered in strlenext in ...)
+CVE-2018-7874
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/115
-CVE-2018-7873 (There is a heap-based buffer overflow in the getString function of ...)
+CVE-2018-7873
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/111
-CVE-2018-7872 (An invalid memory address dereference was discovered in the function ...)
+CVE-2018-7872
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/114
-CVE-2018-7871 (There is a heap-based buffer over-read in the getName function of ...)
+CVE-2018-7871
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/120
-CVE-2018-7870 (An invalid memory address dereference was discovered in getString in ...)
+CVE-2018-7870
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/117
-CVE-2018-7869 (There is a memory leak triggered in the function dcinit of ...)
+CVE-2018-7869
 	- ming <removed>
 	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/119
-CVE-2018-7868 (There is a heap-based buffer over-read in the getName function of ...)
+CVE-2018-7868
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/113
-CVE-2018-7867 (There is a heap-based buffer overflow in the getString function of ...)
+CVE-2018-7867
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/116
-CVE-2018-7866 (A NULL pointer dereference was discovered in newVar3 in ...)
+CVE-2018-7866
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/118
@@ -33742,7 +33732,7 @@ CVE-2018-7860
 	RESERVED
 CVE-2018-7859
 	RESERVED
-CVE-2018-7858 (Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA ...)
+CVE-2018-7858
 	- qemu 1:2.12~rc3+dfsg-1 (bug #892497)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -33786,25 +33776,25 @@ CVE-2018-7841
 	RESERVED
 CVE-2018-7840
 	RESERVED
-CVE-2018-7839 (A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor ...)
+CVE-2018-7839
 	NOT-FOR-US: Schneider
 CVE-2018-7838
 	RESERVED
-CVE-2018-7837 (An Improper Restriction of XML External Entity Reference ('XXE') ...)
+CVE-2018-7837
 	NOT-FOR-US: IIoT Monitor (Schneider Electric)
-CVE-2018-7836 (An unrestricted Upload of File with Dangerous Type vulnerability ...)
+CVE-2018-7836
 	NOT-FOR-US: IIoT Monitor (Schneider Electric)
-CVE-2018-7835 (An Improper Limitation of a Pathname to a Restricted Directory ('Path ...)
+CVE-2018-7835
 	NOT-FOR-US: IIoT Monitor (Schneider Electric)
 CVE-2018-7834
 	RESERVED
-CVE-2018-7833 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
+CVE-2018-7833
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7832 (An Improper Input Validation vulnerability exists in Pro-Face GP-Pro ...)
+CVE-2018-7832
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7831 (An Improper Neutralization of Script-Related HTML Tags in a Web Page ...)
+CVE-2018-7831
 	NOT-FOR-US: Modicon (Schneider Electric)
-CVE-2018-7830 (Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP ...)
+CVE-2018-7830
 	NOT-FOR-US: Modicon (Schneider Electric)
 CVE-2018-7829
 	RESERVED
@@ -33830,164 +33820,164 @@ CVE-2018-7819
 	RESERVED
 CVE-2018-7818
 	RESERVED
-CVE-2018-7817 (A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 ...)
+CVE-2018-7817
 	NOT-FOR-US: Zolio
 CVE-2018-7816
 	RESERVED
-CVE-2018-7815 (A Type Confusion (CWE-843) vulnerability exists in Eurotherm by ...)
+CVE-2018-7815
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7814 (A Stack-based Buffer Overflow (CWE-121) vulnerability exists in ...)
+CVE-2018-7814
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7813 (A Type Confusion (CWE-843) vulnerability exists in Eurotherm by ...)
+CVE-2018-7813
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7812 (An Information Exposure through Discrepancy vulnerability exists in ...)
+CVE-2018-7812
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7811 (An Unverified Password Change vulnerability exists in the embedded web ...)
+CVE-2018-7811
 	NOT-FOR-US: Modicon (Schneider Electric)
-CVE-2018-7810 (An Improper Neutralization of Input During Web Page Generation ...)
+CVE-2018-7810
 	NOT-FOR-US: Modicon (Schneider Electric)
-CVE-2018-7809 (An Unverified Password Change vulnerability exists in the embedded web ...)
+CVE-2018-7809
 	NOT-FOR-US: Modicon (Schneider Electric)
 CVE-2018-7808
 	RESERVED
-CVE-2018-7807 (Data Center Expert, versions 7.5.0 and earlier, allows for the upload ...)
+CVE-2018-7807
 	NOT-FOR-US: Data Center Expert
-CVE-2018-7806 (Data Center Operation allows for the upload of a zip file from its ...)
+CVE-2018-7806
 	NOT-FOR-US: Data Center Operation
 CVE-2018-7805
 	RESERVED
-CVE-2018-7804 (A URL Redirection to Untrusted Site vulnerability exists in the ...)
+CVE-2018-7804
 	NOT-FOR-US: Schneider Electric
 CVE-2018-7803
 	RESERVED
-CVE-2018-7802 (A SQL Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 ...)
+CVE-2018-7802
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7801 (A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 ...)
+CVE-2018-7801
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7800 (A Hard-coded Credentials vulnerability exists in EVLink Parking, ...)
+CVE-2018-7800
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7799 (A DLL hijacking vulnerability exists in Schneider Electric Software ...)
+CVE-2018-7799
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7798 (A Insufficient Verification of Data Authenticity (CWE-345) ...)
+CVE-2018-7798
 	NOT-FOR-US: Schneider
-CVE-2018-7797 (A URL redirection vulnerability exists in Power Monitoring Expert, ...)
+CVE-2018-7797
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7796 (A Buffer Error vulnerability exists in PowerSuite 2, all released ...)
+CVE-2018-7796
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7795 (A Cross Protocol Injection vulnerability exists in Schneider ...)
+CVE-2018-7795
 	NOT-FOR-US: Schneider
 CVE-2018-7794
 	RESERVED
-CVE-2018-7793 (A Credential Management vulnerability exists in FoxView HMI SCADA (All ...)
+CVE-2018-7793
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7792 (A Permissions, Privileges, and Access Control vulnerability exists in ...)
+CVE-2018-7792
 	NOT-FOR-US: Schneider
-CVE-2018-7791 (A Permissions, Privileges, and Access Control vulnerability exists in ...)
+CVE-2018-7791
 	NOT-FOR-US: Schneider
-CVE-2018-7790 (An Information Management Error vulnerability exists in Schneider ...)
+CVE-2018-7790
 	NOT-FOR-US: Schneider
-CVE-2018-7789 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
+CVE-2018-7789
 	NOT-FOR-US: Schneider
 CVE-2018-7788
 	RESERVED
-CVE-2018-7787 (In Schneider Electric U.motion Builder software versions prior to ...)
+CVE-2018-7787
 	NOT-FOR-US: Schneider
-CVE-2018-7786 (In Schneider Electric U.motion Builder software versions prior to ...)
+CVE-2018-7786
 	NOT-FOR-US: Schneider
-CVE-2018-7785 (In Schneider Electric U.motion Builder software versions prior to ...)
+CVE-2018-7785
 	NOT-FOR-US: Schneider
-CVE-2018-7784 (In Schneider Electric U.motion Builder software versions prior to ...)
+CVE-2018-7784
 	NOT-FOR-US: Schneider
-CVE-2018-7783 (Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an ...)
+CVE-2018-7783
 	NOT-FOR-US: Schneider
-CVE-2018-7782 (In Schneider Electric Pelco Sarix Professional 1st generation cameras ...)
+CVE-2018-7782
 	NOT-FOR-US: Schneider
-CVE-2018-7781 (In Schneider Electric Pelco Sarix Professional 1st generation cameras ...)
+CVE-2018-7781
 	NOT-FOR-US: Schneider
-CVE-2018-7780 (In Schneider Electric Pelco Sarix Professional 1st generation cameras ...)
+CVE-2018-7780
 	NOT-FOR-US: Schneider
-CVE-2018-7779 (In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 ...)
+CVE-2018-7779
 	NOT-FOR-US: Schneider
-CVE-2018-7778 (In Schneider Electric Evlink Charging Station versions prior to ...)
+CVE-2018-7778
 	NOT-FOR-US: Schneider
-CVE-2018-7777 (The vulnerability is due to insufficient handling of update_file ...)
+CVE-2018-7777
 	NOT-FOR-US: Schneider
-CVE-2018-7776 (The vulnerability exists within error.php in Schneider Electric ...)
+CVE-2018-7776
 	NOT-FOR-US: Schneider
 CVE-2018-7775
 	REJECTED
-CVE-2018-7774 (The vulnerability exists within processing of localize.php in ...)
+CVE-2018-7774
 	NOT-FOR-US: Schneider
-CVE-2018-7773 (The vulnerability exists within processing of nfcserver.php in ...)
+CVE-2018-7773
 	NOT-FOR-US: Schneider
-CVE-2018-7772 (The vulnerability exists within processing of applets which are ...)
+CVE-2018-7772
 	NOT-FOR-US: Schneider
-CVE-2018-7771 (The vulnerability exists within processing of editscript.php in ...)
+CVE-2018-7771
 	NOT-FOR-US: Schneider
-CVE-2018-7770 (The vulnerability exists within processing of sendmail.php in ...)
+CVE-2018-7770
 	NOT-FOR-US: Schneider
-CVE-2018-7769 (The vulnerability exists within processing of xmlserver.php in ...)
+CVE-2018-7769
 	NOT-FOR-US: Schneider
-CVE-2018-7768 (The vulnerability exists within processing of loadtemplate.php in ...)
+CVE-2018-7768
 	NOT-FOR-US: Schneider
-CVE-2018-7767 (The vulnerability exists within processing of editobject.php in ...)
+CVE-2018-7767
 	NOT-FOR-US: Schneider
-CVE-2018-7766 (The vulnerability exists within processing of track_getdata.php in ...)
+CVE-2018-7766
 	NOT-FOR-US: Schneider
-CVE-2018-7765 (The vulnerability exists within processing of track_import_export.php ...)
+CVE-2018-7765
 	NOT-FOR-US: Schneider
-CVE-2018-7764 (The vulnerability exists within runscript.php applet in Schneider ...)
+CVE-2018-7764
 	NOT-FOR-US: Schneider
-CVE-2018-7763 (The vulnerability exists within css.inc.php in Schneider Electric ...)
+CVE-2018-7763
 	NOT-FOR-US: Schneider
-CVE-2018-7762 (A vulnerability exists in the web services to process SOAP requests in ...)
+CVE-2018-7762
 	NOT-FOR-US: Schneider
-CVE-2018-7761 (A vulnerability exists in the HTTP request parser in Schneider ...)
+CVE-2018-7761
 	NOT-FOR-US: Schneider
-CVE-2018-7760 (An authorization bypass vulnerability exists in Schneider Electric's ...)
+CVE-2018-7760
 	NOT-FOR-US: Schneider
-CVE-2018-7759 (A buffer overflow vulnerability exists in Schneider Electric's Modicon ...)
+CVE-2018-7759
 	NOT-FOR-US: Schneider
-CVE-2018-7758 (A denial of service vulnerability exists in Schneider Electric's MiCOM ...)
+CVE-2018-7758
 	NOT-FOR-US: Schneider
-CVE-2018-7757 (Memory leak in the sas_smp_get_phy_events function in ...)
+CVE-2018-7757
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: Fixed by: https://git.kernel.org/linus/4a491b1ab11ca0556d2fda1ff1301e862a2d44c4 (4.16-rc1)
-CVE-2018-7756 (RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices ...)
+CVE-2018-7756
 	NOT-FOR-US: RunExeFile.exe in the installer for DEWESoft X3 SP1 devices
-CVE-2018-7755 (An issue was discovered in the fd_locked_ioctl function in ...)
+CVE-2018-7755
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.10-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://lkml.org/lkml/2018/5/29/495
-CVE-2018-7754 (The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the ...)
+CVE-2018-7754
 	- linux 4.15.4-1
 	[stretch] - linux <ignored> (debugfs restricted to root by default)
 	[jessie] - linux <ignored> (debugfs restricted to root by default)
 	NOTE: https://git.kernel.org/linus/ad67b74d2469d9b82aaa572d76474c95bc484d57
-CVE-2018-7751 (The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 ...)
+CVE-2018-7751
 	- ffmpeg 7:3.4.3-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/a6cba062051f345e8ebfdff34aba071ed73d923f
-CVE-2018-7750 (transport.py in the SSH server implementation of Paramiko before ...)
+CVE-2018-7750
 	{DLA-1556-1}
 	- paramiko 2.4.2-0.1 (bug #892859)
 	[stretch] - paramiko <no-dsa> (Minor issue)
 	[wheezy] - paramiko <no-dsa> (Minor issue)
 	NOTE: https://github.com/paramiko/paramiko/issues/1175
 	NOTE: https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516
-CVE-2018-7749 (The SSH server implementation of AsyncSSH before 1.12.1 does not ...)
+CVE-2018-7749
 	- python-asyncssh 1.12.1-1 (bug #892787)
 	NOTE: https://github.com/ronf/asyncssh/commit/16e6ebfa893167c7d9d3f6dc7a2c0d197e47f43a
-CVE-2018-7748 (report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier ...)
+CVE-2018-7748
 	NOT-FOR-US: ServiceNow
-CVE-2018-7747 (Multiple cross-site scripting (XSS) vulnerabilities in the Caldera ...)
+CVE-2018-7747
 	NOT-FOR-US: Caldera Forms plugin for WordPress
-CVE-2018-7746 (An issue was discovered in Western Bridge Cobub Razor 0.7.2. ...)
+CVE-2018-7746
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-7745 (An issue was discovered in Western Bridge Cobub Razor 0.7.2. ...)
+CVE-2018-7745
 	NOT-FOR-US: Western Bridge Cobub Razor
 CVE-2018-7744
 	RESERVED
@@ -33995,82 +33985,82 @@ CVE-2018-7743
 	RESERVED
 CVE-2018-7742
 	RESERVED
-CVE-2018-7741 (Eramba e1.0.6.033 has Reflected XSS in the Date Filter via the created ...)
+CVE-2018-7741
 	NOT-FOR-US: Eramba
-CVE-2018-1000118 (Github Electron version Electron 1.8.2-beta.4 and earlier contains a ...)
+CVE-2018-1000118
 	- electron <itp> (bug #842420)
-CVE-2018-1000116 (NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the ...)
+CVE-2018-1000116
 	{DSA-4154-1 DLA-1317-1}
 	- net-snmp 5.7.3+dfsg-1.1 (bug #894110)
 	NOTE: https://sourceforge.net/p/net-snmp/bugs/2821/
 	NOTE: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
 	NOTE: Same patch/commit as #788964 (as used for fixing CVE-2015-5621)
 	NOTE: adresses CVE-2018-1000116 as well.
-CVE-2018-7753 (An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that ...)
+CVE-2018-7753
 	- python-bleach 2.1.3-1 (bug #892252)
 	[stretch] - python-bleach <not-affected> (Vulnerable code introduced later)
 	[jessie] - python-bleach <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/mozilla/bleach/pull/356
 	NOTE: https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef
-CVE-2018-1000117 (Python Software Foundation CPython version From 3.2 until 3.6.4 on ...)
+CVE-2018-1000117
 	- python3.7 <not-affected> (Windows-specific)
 	- python3.6 <not-affected> (Windows-specific)
 	- python3.5 <not-affected> (Windows-specific)
 	- python3.4 <not-affected> (Windows-specific)
 	NOTE: http://hg.python.org/lookup/6921e73e33edc3c61bc2d78ed558eaa22a89a564
 	NOTE: https://bugs.python.org/issue33001
-CVE-2018-7740 (The resv_map_release function in mm/hugetlb.c in the Linux kernel ...)
+CVE-2018-7740
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199037
-CVE-2018-7739 (antsle antman before 0.9.1a allows remote attackers to bypass ...)
+CVE-2018-7739
 	NOT-FOR-US: antsle antman
-CVE-2018-7737 (In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as ...)
+CVE-2018-7737
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-7736 (In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME ...)
+CVE-2018-7736
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-7735 (Afian FileRun (before 2018.02.13) suffers from a remote SQL injection ...)
+CVE-2018-7735
 	NOT-FOR-US: Afian FileRun
-CVE-2018-7734 (Afian FileRun (before 2018.02.13) suffers from a remote SQL injection ...)
+CVE-2018-7734
 	NOT-FOR-US: Afian FileRun
-CVE-2018-7733 (An issue was discovered in YxtCMF 3.1. RbacController.class.php has ...)
+CVE-2018-7733
 	NOT-FOR-US: YxtCMF
-CVE-2018-7732 (An issue was discovered in YxtCMF 3.1. SQL Injection exists in ...)
+CVE-2018-7732
 	NOT-FOR-US: YxtCMF
-CVE-2018-7731 (An issue was discovered in Exempi through 2.4.4. ...)
+CVE-2018-7731
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <not-affected> (Vulnerable code introduced later)
 	[wheezy] - exempi <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105247
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=aabedb5e749dd59112a3fe1e8e08f2d934f56666
-CVE-2018-7730 (An issue was discovered in Exempi through 2.4.4. A certain case of a ...)
+CVE-2018-7730
 	{DLA-1310-1}
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105204
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=6cbd34025e5fd3ba47b29b602096e456507ce83b
-CVE-2018-7729 (An issue was discovered in Exempi through 2.4.4. There is a stack-based ...)
+CVE-2018-7729
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105206
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=baa4b8a02c1ffab9645d13f0bfb1c0d10d311a0c
-CVE-2018-7728 (An issue was discovered in Exempi through 2.4.4. ...)
+CVE-2018-7728
 	{DLA-1310-1}
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105205
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=e163667a06a9b656a047b0ec660b871f29a83c9f
-CVE-2018-7727 (An issue was discovered in ZZIPlib 0.13.68. There is a memory leak ...)
+CVE-2018-7727
 	- zziplib <unfixed> (unimportant)
 	NOTE: https://github.com/gdraheim/zziplib/issues/40
 	NOTE: https://github.com/gdraheim/zziplib/commit/83a2da55922f67e07f22048ac9671a44cc0d35c4 (v0.13.69)
 	NOTE: unzzipcat-mem and unzzipdir-mem not installed into binary packages.
-CVE-2018-7726 (An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused ...)
+CVE-2018-7726
 	- zziplib 0.13.62-3.2 (low; bug #913165)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
@@ -34080,30 +34070,30 @@ CVE-2018-7726 (An issue was discovered in ZZIPlib 0.13.68. There is a bus error
 	NOTE: https://github.com/gdraheim/zziplib/commit/8f48323c181e20b7e527b8be7229d6eb1148ec5f (v0.13.69)
 	NOTE: https://github.com/gdraheim/zziplib/commit/19c9e4dc6c5cf92a38d0d23dbccac6993f9c41be (v0.13.69)
 	NOTE: https://github.com/gdraheim/zziplib/commit/feae4da1a5c92100c44ebfcbaaa895959cc0829b (v0.13.69)
-CVE-2018-7725 (An issue was discovered in ZZIPlib 0.13.68. An invalid memory address ...)
+CVE-2018-7725
 	- zziplib 0.13.62-3.2 (low; bug #913165)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <no-dsa> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/39
 	NOTE: https://github.com/gdraheim/zziplib/commit/1ba660b3300d67b8ce9f6b96bbae0b36fa2d6b06 (v0.13.69)
-CVE-2018-7724 (The management panel in Piwigo 2.9.3 has stored XSS via the name ...)
+CVE-2018-7724
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/872
 	NOTE: https://github.com/Piwigo/Piwigo/commit/55a9754b111309d7a85c6dd86efe47954e984072
-CVE-2018-7723 (The management panel in Piwigo 2.9.3 has stored XSS via the ...)
+CVE-2018-7723
 	- piwigo <removed>
-CVE-2018-7722 (The management panel in Piwigo 2.9.3 has stored XSS via the name ...)
+CVE-2018-7722
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/871
 	NOTE: https://github.com/Piwigo/Piwigo/commit/0ec289769ee1fc314dbc7d90fdc480389e786942
-CVE-2018-7721 (Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via ...)
+CVE-2018-7721
 	NOT-FOR-US: MetInfo
-CVE-2018-7720 (A cross-site request forgery (CSRF) vulnerability exists in Western ...)
+CVE-2018-7720
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-7719 (Acrolinx Server before 5.2.5 on Windows allows Directory Traversal. ...)
+CVE-2018-7719
 	NOT-FOR-US: Acrolinx Server
-CVE-2018-7752 (GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps ...)
+CVE-2018-7752
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #892526)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point release)
@@ -34112,11 +34102,11 @@ CVE-2018-7752 (GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read
 	NOTE: https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4
 	NOTE: CVE is for the issue in av_parsers.c and fixed in same commit as
 	NOTE: CVE-2018-1000100
-CVE-2018-1000100 (GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow ...)
+CVE-2018-1000100
 	- gpac <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/gpac/gpac/issues/994
 	NOTE: https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4
-CVE-2018-7738 (In util-linux before 2.32-rc1, bash-completion/umount allows local ...)
+CVE-2018-7738
 	{DSA-4134-1}
 	- bash-completion <unfixed> (unimportant)
 	- util-linux 2.31.1-0.5 (bug #892179)
@@ -34127,21 +34117,21 @@ CVE-2018-7738 (In util-linux before 2.32-rc1, bash-completion/umount allows loca
 	NOTE: src:util-linux/2.28-1 takes over the umount completion from
 	NOTE: src:bash-completion (which in turn starting from 1:2.1-4.3
 	NOTE: does not provide the umount completion in the binary packaage)
-CVE-2018-7718 (An issue was discovered in Telexy QPath 5.4.462. A low privileged ...)
+CVE-2018-7718
 	NOT-FOR-US: Telexy QPath
-CVE-2018-7717 (The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik ...)
+CVE-2018-7717
 	NOT-FOR-US: Kubik-Rubik Simple Image Gallery Extended (SIGE) extension for Joomla!
-CVE-2018-7716 (PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation ...)
+CVE-2018-7716
 	NOT-FOR-US: PrivateVPN for macOS
-CVE-2018-7715 (PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation ...)
+CVE-2018-7715
 	NOT-FOR-US: PrivateVPN for macOS
-CVE-2018-7714 (The validateInputImageSize function in ...)
+CVE-2018-7714
 	NOTE: Non-issue, needs to be handled within applications using opencv
 	NOTE: https://github.com/opencv/opencv/issues/10998
-CVE-2018-7713 (The validateInputImageSize function in ...)
+CVE-2018-7713
 	NOTE: Non-issue, needs to be handled within applications using opencv
 	NOTE: https://github.com/opencv/opencv/issues/10998
-CVE-2018-7712 (The validateInputImageSize function in ...)
+CVE-2018-7712
 	NOTE: Non-issue, needs to be handled within applications using opencv
 	NOTE: https://github.com/opencv/opencv/issues/10998
 CVE-2018-7710
@@ -34150,25 +34140,25 @@ CVE-2018-7709
 	RESERVED
 CVE-2018-7708
 	RESERVED
-CVE-2018-7707 (Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail ...)
+CVE-2018-7707
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7706 (Directory traversal vulnerability in SecurEnvoy SecurMail before ...)
+CVE-2018-7706
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7705 (Directory traversal vulnerability in SecurEnvoy SecurMail before ...)
+CVE-2018-7705
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7704 (SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users ...)
+CVE-2018-7704
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7703 (Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail ...)
+CVE-2018-7703
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7702 (SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof ...)
+CVE-2018-7702
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7701 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2018-7701
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7700 (DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, ...)
+CVE-2018-7700
 	NOT-FOR-US: DedeCMS
 CVE-2018-7699
 	RESERVED
-CVE-2018-7698 (An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L ...)
+CVE-2018-7698
 	NOT-FOR-US: D-Link
 CVE-2018-7697
 	RESERVED
@@ -34180,54 +34170,54 @@ CVE-2018-7694
 	RESERVED
 CVE-2018-7693
 	RESERVED
-CVE-2018-7692 (Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 ...)
+CVE-2018-7692
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2018-7691 (A potential Remote Unauthorized Access in Micro Focus Fortify Software ...)
+CVE-2018-7691
 	NOT-FOR-US: Micro Focus
-CVE-2018-7690 (A potential Remote Unauthorized Access in Micro Focus Fortify Software ...)
+CVE-2018-7690
 	NOT-FOR-US: Micro Focus
-CVE-2018-7689 (Lack of permission checks in the InitializeDevelPackage function in ...)
+CVE-2018-7689
 	- open-build-service 2.9.4-1 (low; bug #903797)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094819
 	NOTE: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
-CVE-2018-7688 (A missing permission check in the review handling of openSUSE Open ...)
+CVE-2018-7688
 	- open-build-service 2.9.4-1 (low; bug #903796)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094820
 	NOTE: https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553
-CVE-2018-7687 (The Micro Focus Client for OES before version 2 SP4 IR8a has a ...)
+CVE-2018-7687
 	NOT-FOR-US: Micro Focus Client for OES
-CVE-2018-7686 (Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 ...)
+CVE-2018-7686
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2018-7685 (The decoupled download and installation steps in libzypp before 17.5.0 ...)
+CVE-2018-7685
 	- libzypp 17.6.1-1
 	[jessie] - libzypp <ignored> (Minor issue, very low popcon)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1091624
 	NOTE: https://github.com/openSUSE/libzypp/commit/5186110992f29c5e3b1b5bfe9e1ca899a155399c
 CVE-2018-7684
 	RESERVED
-CVE-2018-7683 (Micro Focus Solutions Business Manager versions prior to 11.4 might ...)
+CVE-2018-7683
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7682 (Micro Focus Solutions Business Manager versions prior to 11.4 allows a ...)
+CVE-2018-7682
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7681 (Micro Focus Solutions Business Manager versions prior to 11.4 allows ...)
+CVE-2018-7681
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7680 (Micro Focus Solutions Business Manager versions prior to 11.4 can ...)
+CVE-2018-7680
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7679 (Micro Focus Solutions Business Manager versions prior to 11.4 when ...)
+CVE-2018-7679
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7678 (A cross site scripting vulnerability exist in the Administration ...)
+CVE-2018-7678
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2018-7677 (A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity ...)
+CVE-2018-7677
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2018-7676 (The NetIQ Identity Manager, in versions prior to 4.7, userapp with log ...)
+CVE-2018-7676
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-7675 (In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the ...)
+CVE-2018-7675
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2018-7674 (The NetIQ Identity Manager user console, in versions prior to 4.7, is ...)
+CVE-2018-7674
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-7673 (The NetIQ Identity Manager communication channel, in versions prior to ...)
+CVE-2018-7673
 	NOT-FOR-US: NetIQ Identity Manager
 CVE-2018-7672
 	RESERVED
@@ -34235,11 +34225,11 @@ CVE-2018-7671
 	RESERVED
 CVE-2018-7670
 	RESERVED
-CVE-2018-7669 (An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 ...)
+CVE-2018-7669
 	NOT-FOR-US: Sitecore
-CVE-2018-7668 (TestLink through 1.9.16 allows remote attackers to read arbitrary ...)
+CVE-2018-7668
 	NOT-FOR-US: TestLink
-CVE-2018-7667 (Adminer through 4.3.1 has SSRF via the server parameter. ...)
+CVE-2018-7667
 	{DLA-1311-1}
 	- adminer 4.5.0-1 (bug #893668)
 	[stretch] - adminer 4.2.5-3+deb9u1
@@ -34251,23 +34241,23 @@ CVE-2018-7667 (Adminer through 4.3.1 has SSRF via the server parameter. ...)
 	NOTE: Additionally 4.4.0 rate-limits password-less login attempts from the same
 	NOTE: IP address:
 	NOTE: https://github.com/vrana/adminer/commit/0e5df34ea87ad34c1bc0ceac162eb86175d611a3
-CVE-2018-7666 (An issue was discovered in ClipBucket before 4.0.0 Release 4902. SQL ...)
+CVE-2018-7666
 	NOT-FOR-US: ClipBucket
-CVE-2018-7665 (An issue was discovered in ClipBucket before 4.0.0 Release 4902. A ...)
+CVE-2018-7665
 	NOT-FOR-US: ClipBucket
-CVE-2018-7664 (An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any OS ...)
+CVE-2018-7664
 	NOT-FOR-US: ClipBucket
-CVE-2018-7663 (An issue was discovered in resources/views/layouts/app.blade.php in ...)
+CVE-2018-7663
 	NOT-FOR-US: Voten.co
-CVE-2018-7662 (Couch through 2.0 allows remote attackers to discover the full path via ...)
+CVE-2018-7662
 	NOT-FOR-US: CouchCMS
-CVE-2018-7661 (Papenmeier WiFi Baby Monitor Free &amp; Lite before 2.02.2 allows remote ...)
+CVE-2018-7661
 	NOT-FOR-US: Papenmeier WiFi Baby Monitor Free & Lite
-CVE-2018-7660 (In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected ...)
+CVE-2018-7660
 	NOT-FOR-US: OpenText Documentum D2 Webtop
-CVE-2018-7659 (In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored ...)
+CVE-2018-7659
 	NOT-FOR-US: OpenText Documentum D2 Webtop
-CVE-2018-7711 (HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 ...)
+CVE-2018-7711
 	{DLA-1314-1}
 	- simplesamlphp 1.15.4-1
 	[stretch] - simplesamlphp <no-dsa> (Minor issue)
@@ -34275,7 +34265,7 @@ CVE-2018-7711 (HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.1
 	NOTE: failure mode hard to trigger for an attacker, signing of redirect binding in many cases not that important
 	NOTE: https://simplesamlphp.org/security/201803-01
 	NOTE: https://github.com/simplesamlphp/saml2/commit/4f6af7f69f29df8555a18b9bb7b646906b45924d
-CVE-2018-7658 (NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 ...)
+CVE-2018-7658
 	NOT-FOR-US: Softros Network Time System
 CVE-2018-7657
 	RESERVED
@@ -34283,21 +34273,21 @@ CVE-2018-7656
 	RESERVED
 CVE-2018-7655
 	RESERVED
-CVE-2018-7654 (On 3CX 15.5.6354.2 devices, the parameter &quot;file&quot; in the request ...)
+CVE-2018-7654
 	NOT-FOR-US: 3CX 15.5.6354.2 devices
-CVE-2018-7653 (In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter. ...)
+CVE-2018-7653
 	NOT-FOR-US: YzmCMS
-CVE-2018-7652 (lib/Zonemaster/GUI/Dancer/Export.pm in Zonemaster Web GUI before 1.0.11 ...)
+CVE-2018-7652
 	NOT-FOR-US: Zonemaster Web GUI
 	NOTE: The source (1.0.7) is in Salsa, but never uploaded: https://salsa.debian.org/perl-team/modules/packages/zonemaster-gui
-CVE-2018-7651 (index.js in the ssri module before 5.2.2 for Node.js is prone to a ...)
+CVE-2018-7651
 	- node-ssri 5.2.4-1 (unimportant; bug #891980)
 	NOTE: fixed in 5.2.2
 	NOTE: https://github.com/zkat/ssri/commit/d0ebcdc22cb5c8f47f89716d08b3518b2485d65d
 	NOTE: https://github.com/zkat/ssri/issues/10
 	NOTE: https://nodesecurity.io/advisories/565
 	NOTE: nodejs not covered by security support
-CVE-2018-1000119 (Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier ...)
+CVE-2018-1000119
 	{DSA-4247-1}
 	- ruby-rack-protection 1.5.3-2.1 (bug #892250)
 	[jessie] - ruby-rack-protection <ignored> (Low prio package and low prio vulnerability according to RedHat)
@@ -34305,7 +34295,7 @@ CVE-2018-1000119 (Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earli
 	NOTE: https://snyk.io/vuln/SNYK-RUBY-SINATRA-20470
 	NOTE: https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20395
 	NOTE: https://github.com/sinatra/sinatra/commit/8aa6c42ef724f93ae309fb7c5668e19ad547eceb
-CVE-2018-1000115 (Memcached version 1.5.5 contains an Insufficient Control of Network ...)
+CVE-2018-1000115
 	{DSA-4218-1}
 	- memcached 1.5.6-1
 	[wheezy] - memcached <no-dsa> (Minor issue; Debian defaults to listen only on localhost)
@@ -34315,11 +34305,11 @@ CVE-2018-1000115 (Memcached version 1.5.5 contains an Insufficient Control of Ne
 	NOTE: issues: "Specify which IP address to listen on. The default
 	NOTE: (upstream) is to listen on all IP addresses. [...] so make sure
 	NOTE: it's listening on a firewalled interface."
-CVE-2018-7650 (PHP Scripts Mall Hot Scripts Clone:Script Classified Version 3.1 ...)
+CVE-2018-7650
 	NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone:Script Classified Application
-CVE-2018-7649 (Monitorix before 3.10.1 allows XSS via CGI variables. ...)
+CVE-2018-7649
 	NOT-FOR-US: Monitorix
-CVE-2018-7648 (An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The ...)
+CVE-2018-7648
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1088
@@ -34330,66 +34320,66 @@ CVE-2018-7646
 	RESERVED
 CVE-2018-7645
 	RESERVED
-CVE-2018-7643 (The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 ...)
+CVE-2018-7643
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22905
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d11ae95ea3403559f052903ab053f43ad7821e37
-CVE-2018-7642 (The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor ...)
+CVE-2018-7642
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22887
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=116acb2c268c89c89186673a7c92620d21825b25
-CVE-2018-7641 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
+CVE-2018-7641
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7640 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
+CVE-2018-7640
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7639 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
+CVE-2018-7639
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7638 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
+CVE-2018-7638
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7637 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
+CVE-2018-7637
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7636 (The URL filtering &quot;continue page&quot; hosted by PAN-OS 8.0.10 and earlier ...)
+CVE-2018-7636
 	NOT-FOR-US: PAN-OS
-CVE-2018-7635 (Whale Browser before 1.0.41.8 displays no URL information but only a ...)
+CVE-2018-7635
 	NOT-FOR-US: Whale Browser
-CVE-2018-7634 (An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack ...)
+CVE-2018-7634
 	NOT-FOR-US: Enalean Tuleap
-CVE-2018-7633 (Code injection in the /ui/login form Language parameter in Epicentro ...)
+CVE-2018-7633
 	NOT-FOR-US: Epicentro
-CVE-2018-7632 (Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to ...)
+CVE-2018-7632
 	NOT-FOR-US: Epicentro
-CVE-2018-7631 (Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to ...)
+CVE-2018-7631
 	NOT-FOR-US: Epicentro
 CVE-2018-7630
 	RESERVED
@@ -34445,9 +34435,9 @@ CVE-2018-7605
 	RESERVED
 CVE-2018-7604
 	RESERVED
-CVE-2018-7603 (In Drupal's 3rd party module search auto complete prior to versions ...)
+CVE-2018-7603
 	NOT-FOR-US: Drupal addon
-CVE-2018-7602 (A remote code execution vulnerability exists within multiple ...)
+CVE-2018-7602
 	{DSA-4180-1 DLA-1365-1}
 	- drupal7 <removed> (bug #896701)
 	NOTE: https://www.drupal.org/psa-2018-003
@@ -34473,33 +34463,33 @@ CVE-2018-7592
 	RESERVED
 CVE-2018-7591
 	RESERVED
-CVE-2018-7590 (CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in ...)
+CVE-2018-7590
 	NOT-FOR-US: Hoosk
-CVE-2018-7589 (An issue was discovered in CImg v.220. A double free in load_bmp in ...)
+CVE-2018-7589
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/184
 	NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
-CVE-2018-7588 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
+CVE-2018-7588
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/183
 	NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
-CVE-2018-7587 (An issue was discovered in CImg v.220. DoS occurs when loading a ...)
+CVE-2018-7587
 	- cimg <unfixed> (low; bug #892780)
 	[buster] - cimg <no-dsa> (Minor issue)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
-CVE-2018-7586 (In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery ...)
+CVE-2018-7586
 	NOT-FOR-US: nextgen-gallery plugin for WordPress
 CVE-2018-7585
 	RESERVED
-CVE-2018-7584 (In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and ...)
+CVE-2018-7584
 	{DSA-4240-1 DLA-1397-1 DLA-1326-1}
 	- php7.2 7.2.3-1
 	- php7.1 7.1.15-1
@@ -34508,15 +34498,15 @@ CVE-2018-7584 (In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14,
 	NOTE: Fixed in 5.6.34, 7.0.28, 7.1.15, 7.2.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75981
 	NOTE: https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba
-CVE-2018-7583 (Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash) ...)
+CVE-2018-7583
 	NOT-FOR-US: Proxy.exe in DualDesk 20
-CVE-2018-7582 (WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of ...)
+CVE-2018-7582
 	NOT-FOR-US: WebLog Expert Web Server Enterprise
-CVE-2018-7581 (\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert ...)
+CVE-2018-7581
 	NOT-FOR-US: WebLog Expert Web Server Enterprise
 CVE-2018-7580
 	RESERVED
-CVE-2018-7579 (\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has ...)
+CVE-2018-7579
 	NOT-FOR-US: YzmCMS
 CVE-2018-7578
 	RESERVED
@@ -34528,27 +34518,27 @@ CVE-2018-7575
 	RESERVED
 CVE-2018-7574
 	RESERVED
-CVE-2018-7573 (An issue was discovered in FTPShell Client 6.7. A remote FTP server can ...)
+CVE-2018-7573
 	NOT-FOR-US: FTPShell Client
-CVE-2018-7572 (Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to ...)
+CVE-2018-7572
 	NOT-FOR-US: Pulse Secure Client
 CVE-2018-7571
 	RESERVED
-CVE-2018-7570 (The assign_file_positions_for_non_load_sections function in elf.c in ...)
+CVE-2018-7570
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22881
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=01f7e10cf2dcf403462b2feed06c43135651556d
-CVE-2018-7569 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
+CVE-2018-7569
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22895
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=12c963421d045a127c413a0722062b9932c50aa9
-CVE-2018-7568 (The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) ...)
+CVE-2018-7568
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -34559,67 +34549,67 @@ CVE-2018-1000103
 	REJECTED
 CVE-2018-1000102
 	REJECTED
-CVE-2018-1000114 (An improper authorization vulnerability exists in Jenkins Promoted ...)
+CVE-2018-1000114
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000113 (A cross-site scripting vulnerability exists in Jenkins TestLink Plugin ...)
+CVE-2018-1000113
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000112 (An improper authorization vulnerability exists in Jenkins Mercurial ...)
+CVE-2018-1000112
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000111 (An improper authorization vulnerability exists in Jenkins Subversion ...)
+CVE-2018-1000111
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000110 (An improper authorization vulnerability exists in Jenkins Git Plugin ...)
+CVE-2018-1000110
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000109 (An improper authorization vulnerability exists in Jenkins Google Play ...)
+CVE-2018-1000109
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000108 (A cross-site scripting vulnerability exists in Jenkins CppNCSS Plugin ...)
+CVE-2018-1000108
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000107 (An improper authorization vulnerability exists in Jenkins Job and Node ...)
+CVE-2018-1000107
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000106 (An improper authorization vulnerability exists in Jenkins Gerrit ...)
+CVE-2018-1000106
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000105 (An improper authorization vulnerability exists in Jenkins Gerrit ...)
+CVE-2018-1000105
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000104 (A plaintext storage of a password vulnerability exists in Jenkins ...)
+CVE-2018-1000104
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-7567 (** DISPUTED ** In the Admin Package Manager in Open Ticket Request ...)
+CVE-2018-7567
 	- otrs2 <unfixed> (unimportant)
 	NOTE: PoC https://0day.today/exploit/29938
 	NOTE: Admin Package Manager works as designed and warns if a package is beeing
 	NOTE: installed which is not verified by the OTRS Group. Responsiblity of the
 	NOTE: respective admin to check packages before installation.
-CVE-2018-7566 (The Linux kernel 4.15 has a Buffer Overflow via an ...)
+CVE-2018-7566
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d15d662e89fc667b90cd294b0eb45694e33144da
-CVE-2018-7565 (CSRF exists on Polycom QDX 6000 devices. ...)
+CVE-2018-7565
 	NOT-FOR-US: Polycom QDX 6000 devices
-CVE-2018-7564 (Stored XSS exists on Polycom QDX 6000 devices. ...)
+CVE-2018-7564
 	NOT-FOR-US: Polycom QDX 6000 devices
-CVE-2018-7563 (An issue was discovered in GLPI through 9.2.1. The application is ...)
+CVE-2018-7563
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2018-7562 (A remote code execution issue was discovered in GLPI through 9.2.1. ...)
+CVE-2018-7562
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2018-7561 (Stack-based Buffer Overflow in httpd on Tenda AC9 devices ...)
+CVE-2018-7561
 	NOT-FOR-US: Tenda AC9 devices
-CVE-2018-7560 (index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package ...)
+CVE-2018-7560
 	NOT-FOR-US: aws-lambda-multipart-parser NPM package
-CVE-2018-7559 (An issue was discovered in OPC UA .NET Standard Stack and Sample Code ...)
+CVE-2018-7559
 	NOT-FOR-US: OPC UA .NET
 CVE-2018-7558
 	RESERVED
-CVE-2018-7557 (The decode_init function in libavcodec/utvideodec.c in FFmpeg through ...)
+CVE-2018-7557
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:3.4.3-1
 	- libav <removed>
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96
 	NOTE: Fixed in 3.2.11
-CVE-2018-7556 (LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before ...)
+CVE-2018-7556
 	- limesurvey <itp> (bug #472802)
 CVE-2018-7555
 	RESERVED
-CVE-2018-7554 (There is an invalid free in ReadImage in input-bmp.ci that leads to a ...)
+CVE-2018-7554
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
@@ -34629,223 +34619,223 @@ CVE-2018-7554 (There is an invalid free in ReadImage in input-bmp.ci that leads
 	NOTE: https://github.com/pts/sam2p/commit/1e43ec5fe34b009cb43f90a9d562442ca347cd75
 	NOTE: https://github.com/pts/sam2p/commit/beea3bd8dd05a731fddfa447ff0bad19fe32c973
 	NOTE: https://github.com/pts/sam2p/commit/47378716ab03d6b39ee959c949df551c643942f1
-CVE-2018-7553 (There is a heap-based buffer overflow in the pcxLoadRaster function of ...)
+CVE-2018-7553
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/32
-CVE-2018-7552 (There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp ...)
+CVE-2018-7552
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/30
 	NOTE: CVE-2018-7554 patches will address this issue too.
-CVE-2018-7551 (There is an invalid free in MiniPS::delete0 in minips.cpp that leads to ...)
+CVE-2018-7551
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/28
-CVE-2018-7550 (The load_multiboot function in hw/i386/multiboot.c in Quick Emulator ...)
+CVE-2018-7550
 	{DSA-4213-1 DLA-1497-1 DLA-1351-1 DLA-1350-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #892041)
 	- qemu-kvm <removed>
 	NOTE: https://git.qemu.org/?p=qemu.git;a=patch;h=2a8fcd119eb7c6bb3837fc3669eb1b2dfb31daf8
-CVE-2018-7549 (In params.c in zsh through 5.4.2, there is a crash during a copy of an ...)
+CVE-2018-7549
 	- zsh 5.5-1 (unimportant)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd
 	NOTE: no security impact
-CVE-2018-7548 (In subst.c in zsh through 5.4.2, there is a NULL pointer dereference ...)
+CVE-2018-7548
 	- zsh 5.5-1 (unimportant)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/110b13e1090bc31ac1352b28adc2d02b6d25a102
 	NOTE: no security impact
-CVE-2018-7547 (lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the ...)
+CVE-2018-7547
 	NOT-FOR-US: lyadmin
-CVE-2018-7546 (wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 ...)
+CVE-2018-7546
 	NOT-FOR-US: Kingsoft WPS Office 2016 and Jinshan PDF
 CVE-2018-7545
 	RESERVED
-CVE-2018-7544 (** DISPUTED ** A cross-protocol scripting issue was discovered in the ...)
+CVE-2018-7544
 	- openvpn <unfixed> (unimportant)
 	NOTE: Not a security issue per se, later versions might explicitly warn in
 	NOTE: affected problematic configurations in both the documentation and with
 	NOTE: a runtime warning.
-CVE-2018-7543 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-7543
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-7539 (On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is ...)
+CVE-2018-7539
 	NOT-FOR-US: Appear TV XC5000 and XC5100 devices
-CVE-2018-7538 (A SQL injection vulnerability in the tracker functionality of Enalean ...)
+CVE-2018-7538
 	NOT-FOR-US: Enalean Tuleap
-CVE-2018-7542 (An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH ...)
+CVE-2018-7542
 	{DSA-4131-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	[jessie] - xen <not-affected> (Vulnerable code introduced later)
 	[wheezy] - xen <not-affected> (Vulnerable code introduced later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-256.html
-CVE-2018-7541 (An issue was discovered in Xen through 4.10.x allowing guest OS users ...)
+CVE-2018-7541
 	{DSA-4131-1 DLA-1577-1 DLA-1300-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-255.html
-CVE-2018-7540 (An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS ...)
+CVE-2018-7540
 	{DSA-4131-1 DLA-1577-1 DLA-1300-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-252.html
-CVE-2018-7644 (The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp ...)
+CVE-2018-7644
 	{DSA-4127-1 DLA-1298-1}
 	- simplesamlphp 1.15.3-1
 	NOTE: https://simplesamlphp.org/security/201802-01
 	NOTE: Fixed by: https://github.com/simplesamlphp/saml2/commit/88a9ae848c4b310b1c53b5700893d890999dd930
-CVE-2018-7537 (An issue was discovered in Django 2.0 before 2.0.3, 1.11 before ...)
+CVE-2018-7537
 	{DSA-4161-1 DLA-1303-1}
 	- python-django 1:1.11.11-1
 	NOTE: https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
 	NOTE: Patch https://github.com/django/django/commit/a91436360b79a6ff995c3e5018bcc666dfaf1539
-CVE-2018-7536 (An issue was discovered in Django 2.0 before 2.0.3, 1.11 before ...)
+CVE-2018-7536
 	{DSA-4161-1 DLA-1303-1}
 	- python-django 1:1.11.11-1
 	NOTE: https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
 	NOTE: Patch https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16
-CVE-2018-7535 (An issue was discovered in TotalAV v4.1.7. An unprivileged user could ...)
+CVE-2018-7535
 	NOT-FOR-US: TotalAV
-CVE-2018-7534 (In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth ...)
+CVE-2018-7534
 	NOT-FOR-US: Stealth Authorization Server
-CVE-2018-7533 (An Incorrect Default Permissions issue was discovered in OSIsoft PI ...)
+CVE-2018-7533
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7532 (Unauthentication vulnerabilities have been identified in Geutebruck ...)
+CVE-2018-7532
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7531 (An Improper Input Validation issue was discovered in OSIsoft PI Data ...)
+CVE-2018-7531
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7530 (Parsing malformed project files in Omron CX-One versions 4.42 and ...)
+CVE-2018-7530
 	NOT-FOR-US: Omron
-CVE-2018-7529 (A Deserialization of Untrusted Data issue was discovered in OSIsoft PI ...)
+CVE-2018-7529
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7528 (An SQL injection vulnerability has been identified in Geutebruck ...)
+CVE-2018-7528
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7527 (A buffer overflow can be triggered in LeviStudio HMI Editor, Version ...)
+CVE-2018-7527
 	NOT-FOR-US: LeviStudio HMI Editor
-CVE-2018-7526 (In TotalAlert Web Application in BeaconMedaes Scroll Medical Air ...)
+CVE-2018-7526
 	NOT-FOR-US: TotalAlert Web Application
-CVE-2018-7525 (In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed ...)
+CVE-2018-7525
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7524 (A cross-site request forgery vulnerability has been identified in ...)
+CVE-2018-7524
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7523 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed ...)
+CVE-2018-7523
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7522 (In Schneider Electric Triconex Tricon MP model 3008 firmware versions ...)
+CVE-2018-7522
 	NOT-FOR-US: Schneider
-CVE-2018-7521 (In Omron CX-Supervisor Versions 3.30 and prior, use after free ...)
+CVE-2018-7521
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7520 (An improper access control vulnerability has been identified in ...)
+CVE-2018-7520
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7519 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed ...)
+CVE-2018-7519
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7518 (In TotalAlert Web Application in BeaconMedaes Scroll Medical Air ...)
+CVE-2018-7518
 	NOT-FOR-US: TotalAlert Web Application
-CVE-2018-7517 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed ...)
+CVE-2018-7517
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7516 (A server-side request forgery vulnerability has been identified in ...)
+CVE-2018-7516
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7515 (In Omron CX-Supervisor Versions 3.30 and prior, access of ...)
+CVE-2018-7515
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7514 (Parsing malformed project files in Omron CX-One versions 4.42 and ...)
+CVE-2018-7514
 	NOT-FOR-US: Omron
-CVE-2018-7513 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed ...)
+CVE-2018-7513
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7512 (A cross-site scripting vulnerability has been identified in Geutebruck ...)
+CVE-2018-7512
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7511 (In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases ...)
+CVE-2018-7511
 	NOT-FOR-US: Eaton ELCSoft
-CVE-2018-7510 (In the web application in BeaconMedaes TotalAlert Scroll Medical Air ...)
+CVE-2018-7510
 	NOT-FOR-US: BeaconMedaes TotalAlert
-CVE-2018-7509 (WPLSoft in Delta Electronics versions 2.45.0 and prior writes data ...)
+CVE-2018-7509
 	NOT-FOR-US: Delta Electronics
-CVE-2018-7508 (A Cross-site Scripting issue was discovered in OSIsoft PI Web API ...)
+CVE-2018-7508
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7507 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a ...)
+CVE-2018-7507
 	NOT-FOR-US: Delta Electronics
-CVE-2018-7506 (The private key of the web server in Moxa MXview versions 2.8 and ...)
+CVE-2018-7506
 	NOT-FOR-US: Moxa
-CVE-2018-7505 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-7505
 	NOT-FOR-US: Advantech
-CVE-2018-7504 (A Protection Mechanism Failure issue was discovered in OSIsoft PI ...)
+CVE-2018-7504
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7503 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-7503
 	NOT-FOR-US: Advantech
-CVE-2018-7502 (Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 ...)
+CVE-2018-7502
 	NOT-FOR-US: Beckhoff TwinCAT
-CVE-2018-7501 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-7501
 	NOT-FOR-US: Advantech
-CVE-2018-7500 (A Permissions, Privileges, and Access Controls issue was discovered in ...)
+CVE-2018-7500
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7499 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-7499
 	NOT-FOR-US: Advantech
-CVE-2018-7498 (In Philips Alice 6 System version R8.0.2 or prior, the lack of proper ...)
+CVE-2018-7498
 	NOT-FOR-US: Philips Alice 6 System
-CVE-2018-7497 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-7497
 	NOT-FOR-US: Advantech
-CVE-2018-7496 (An Information Exposure issue was discovered in OSIsoft PI Vision ...)
+CVE-2018-7496
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7495 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+CVE-2018-7495
 	NOT-FOR-US: Advantech
-CVE-2018-7494 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a ...)
+CVE-2018-7494
 	NOT-FOR-US: Delta Electronics
-CVE-2018-7493 (CactusVPN through 6.0 for macOS suffers from a root privilege ...)
+CVE-2018-7493
 	NOT-FOR-US: CactusVPN for macOS
-CVE-2018-7492 (A NULL pointer dereference was found in the net/rds/rdma.c ...)
+CVE-2018-7492
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f3069c6d33f6ae63a1668737bc78aaaa51bff7ca
-CVE-2018-7491 (In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking ...)
+CVE-2018-7491
 	NOT-FOR-US: PrestaShop
-CVE-2018-7490 (uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the ...)
+CVE-2018-7490
 	{DSA-4142-1}
 	- uwsgi 2.0.15-10.4 (bug #891639)
 	[wheezy] - uwsgi <not-affected> (plugin package introduced in jessie)
 	NOTE: Fixed in 2.0.17 upstream
 	NOTE: https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a
 	NOTE: https://blog.runesec.com/2018/03/01/uwsgi-path-traversal/
-CVE-2018-7489 (FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and ...)
+CVE-2018-7489
 	{DSA-4190-1}
 	- jackson-databind 2.9.5-1 (bug #891614)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1931
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2
 CVE-2018-7488
 	RESERVED
-CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of ...)
+CVE-2018-7487
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/18
-CVE-2018-7486 (Blue River Mura CMS before v7.0.7029 supports inline function calls ...)
+CVE-2018-7486
 	NOT-FOR-US: Blue River Mura CMS
-CVE-2018-7485 (The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC ...)
+CVE-2018-7485
 	- unixodbc <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24
 	NOTE: Issue introduced with https://github.com/lurcher/unixODBC/commit/4f9f77fb4204659ec9b7be8745d9e05a539c80b9
 	NOTE: when actually fixing another potential (security) issue, "Buffer
 	NOTE: overflows and missing null checks in SQLConfigDataSource,
 	NOTE: SQLInstallDriverEx, and SQLWriteFileDSN"
-CVE-2018-7484 (An issue was discovered in PureVPN through 5.19.4.0 on Windows. The ...)
+CVE-2018-7484
 	NOT-FOR-US: PureVPN on Windows
 CVE-2018-7483
 	RESERVED
-CVE-2018-7482 (** DISPUTED ** The K2 component 2.8.0 for Joomla! has Incorrect Access ...)
+CVE-2018-7482
 	NOT-FOR-US: K2 component for Joomla!
-CVE-2018-1000099 (Teluu PJSIP version 2.7.1 and earlier contains a Access of ...)
+CVE-2018-1000099
 	{DSA-4170-1}
 	- pjproject 2.7.2~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-003.html
 	NOTE: https://trac.pjsip.org/repos/ticket/2092
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
-CVE-2018-1000098 (Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow ...)
+CVE-2018-1000098
 	{DSA-4170-1}
 	- pjproject 2.7.2~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-002.html
 	NOTE: https://trac.pjsip.org/repos/ticket/2093
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
-CVE-2018-1000101 (Mingw-w64 version 5.0.3 and earlier contains an Improper Null ...)
+CVE-2018-1000101
 	- mingw-w64 <unfixed> (low; bug #897196)
 	[buster] - mingw-w64 <ignored> (Minor issue)
 	[stretch] - mingw-w64 <ignored> (Minor issue)
@@ -34854,50 +34844,50 @@ CVE-2018-1000101 (Mingw-w64 version 5.0.3 and earlier contains an Improper Null
 	NOTE: https://sourceforge.net/p/mingw-w64/bugs/709/
 CVE-2018-7481
 	RESERVED
-CVE-2018-7480 (The blkcg_init_queue function in block/blk-cgroup.c in the Linux ...)
+CVE-2018-7480
 	{DSA-4188-1}
 	- linux 4.11.6-1
 	[jessie] - linux <not-affected> (Issue introduced later)
 	[wheezy] - linux <not-affected> (Issue introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/9b54d816e00425c3a517514e0d677bb3cec49258
-CVE-2018-7479 (YzmCMS 3.6 allows remote attackers to discover the full path via a ...)
+CVE-2018-7479
 	NOT-FOR-US: YzmCMS
 CVE-2018-7478
 	RESERVED
-CVE-2018-7477 (SQL Injection exists in PHP Scripts Mall School Management Script 3.0.4 ...)
+CVE-2018-7477
 	NOT-FOR-US: PHP Scripts Mall School Management Script
-CVE-2018-7476 (controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site ...)
+CVE-2018-7476
 	NOT-FOR-US: FineCms
-CVE-2018-7475 (Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in ...)
+CVE-2018-7475
 	NOT-FOR-US: IceWarp
-CVE-2018-7474 (An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is ...)
+CVE-2018-7474
 	- textpattern <removed>
-CVE-2018-7473 (Open redirect vulnerability in the SO Connect SO WIFI hotspot web ...)
+CVE-2018-7473
 	NOT-FOR-US: SO Connect SO WIFI
-CVE-2018-7472 (INVT Studio 1.2 allows remote attackers to cause a denial of service ...)
+CVE-2018-7472
 	NOT-FOR-US: INVT Studio
-CVE-2018-7471 (KingView 7.5SP1 has an integer overflow during stgopenstorage API read ...)
+CVE-2018-7471
 	NOT-FOR-US: KingView
-CVE-2018-7470 (An issue was discovered in ImageMagick 7.0.7-22 Q16. The ...)
+CVE-2018-7470
 	- imagemagick 8:6.9.9.39+dfsg-1 (unimportant; bug #891420)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/998
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9e80713e5132a3bd26702ee0a833306f7e801469
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8130e12eb30685ef958f4e62fe624da393920be7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7305dacfcdf5e51c4f8d0ba9f77fa97792f8acf7
 	NOTE: webp support not enabled, see #806425
-CVE-2018-7469 (PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the ...)
+CVE-2018-7469
 	NOT-FOR-US: PHP Scripts Mall Entrepreneur Job Portal Script
 CVE-2018-7468
 	RESERVED
-CVE-2018-7467 (AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f ...)
+CVE-2018-7467
 	NOT-FOR-US: AxxonSoft Axxon Next
-CVE-2018-7466 (install/installNewDB.php in TestLink through 1.9.16 allows remote ...)
+CVE-2018-7466
 	NOT-FOR-US: TestLink
-CVE-2018-7465 (An XSS issue was discovered in VirtueMart before 3.2.14. All the ...)
+CVE-2018-7465
 	NOT-FOR-US: VirtueMart
 CVE-2018-7464
 	RESERVED
-CVE-2018-7463 (SQL injection vulnerability in files.php in the &quot;files&quot; component in ...)
+CVE-2018-7463
 	NOT-FOR-US: ASANHAMAYESH CMS
 CVE-2018-7462
 	RESERVED
@@ -34911,28 +34901,28 @@ CVE-2018-7458
 	RESERVED
 CVE-2018-7457
 	RESERVED
-CVE-2018-7456 (A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in ...)
+CVE-2018-7456
 	{DSA-4349-1 DLA-1411-1 DLA-1347-1 DLA-1346-1}
 	- tiff 4.0.9-5 (bug #891288)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2778
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/be4c85b16e8801a16eec25e80eb9f3dd6a96731b
-CVE-2018-7455 (An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in ...)
+CVE-2018-7455
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-7454 (A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf ...)
+CVE-2018-7454
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=613
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-7453 (Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 ...)
+CVE-2018-7453
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?p=814#p814
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-7452 (A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in ...)
+CVE-2018-7452
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=613
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
@@ -34941,19 +34931,19 @@ CVE-2018-7451
 	RESERVED
 CVE-2018-7450
 	RESERVED
-CVE-2018-7449 (SEGGER FTP Server for Windows before 3.22a allows remote attackers to ...)
+CVE-2018-7449
 	NOT-FOR-US: SEGGER embOS/IP FTP Server
-CVE-2018-7448 (Remote code execution vulnerability in ...)
+CVE-2018-7448
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site ...)
+CVE-2018-7447
 	NOT-FOR-US: mojoPortal
 CVE-2018-7446
 	RESERVED
-CVE-2018-7445 (A buffer overflow was found in the MikroTik RouterOS SMB service when ...)
+CVE-2018-7445
 	NOT-FOR-US: MikroTik RouterOS
 CVE-2018-7444
 	RESERVED
-CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 ...)
+CVE-2018-7443
 	{DLA-1293-1}
 	- imagemagick 8:6.9.9.39+dfsg-1 (low; bug #891291)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -34961,21 +34951,21 @@ CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/999
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1f7c6b153882896e7a569a6e8a362ce2a11a8b1f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5c0e1a31bc44829b1024ce599097f43285a05a42
-CVE-2018-7434 (zzcms 8.2 allows remote attackers to discover the full path via a ...)
+CVE-2018-7434
 	NOT-FOR-US: zzcms
-CVE-2018-7433 (The iThemes Security plugin before 6.9.1 for WordPress does not ...)
+CVE-2018-7433
 	NOT-FOR-US: iThemes Security plugin for WordPress
-CVE-2018-7432 (Splunk Enterprise 6.2.x before 6.2.14, 6.3.x before 6.3.10, 6.4.x ...)
+CVE-2018-7432
 	NOT-FOR-US: Splunk
-CVE-2018-7431 (Directory traversal vulnerability in the Splunk Django App in Splunk ...)
+CVE-2018-7431
 	NOT-FOR-US: Splunk
 CVE-2018-7430
 	RESERVED
-CVE-2018-7429 (Splunkd in Splunk Enterprise 6.2.x before 6.2.14 6.3.x before 6.3.11, ...)
+CVE-2018-7429
 	NOT-FOR-US: Splunk
 CVE-2018-7428
 	RESERVED
-CVE-2018-7427 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+CVE-2018-7427
 	NOT-FOR-US: Splunk
 CVE-2018-7426
 	RESERVED
@@ -34985,9 +34975,9 @@ CVE-2018-7424
 	RESERVED
 CVE-2018-7423
 	RESERVED
-CVE-2018-7422 (A Local File Inclusion vulnerability in the Site Editor plugin through ...)
+CVE-2018-7422
 	NOT-FOR-US: Site Editor plugin for WordPress
-CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector ...)
+CVE-2018-7421
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -34995,25 +34985,25 @@ CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissecto
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7420 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser ...)
+CVE-2018-7420
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-11.html
-CVE-2018-7419 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector ...)
+CVE-2018-7419
 	{DSA-4217-1 DLA-1353-1}
 	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14443
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bebd3a1f50b0a27738d8d3da5b33c1b392eb7273
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-14.html
-CVE-2018-7418 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector ...)
+CVE-2018-7418
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=29d920b8309905dda11ad397596fe8aafc9b4bf7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-13.html
-CVE-2018-7417 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector ...)
+CVE-2018-7417
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409
@@ -35021,23 +35011,23 @@ CVE-2018-7417 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissect
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-12.html
 CVE-2018-7416
 	RESERVED
-CVE-2018-7439 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based ...)
+CVE-2018-7439
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547892
-CVE-2018-7438 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based ...)
+CVE-2018-7438
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547889
-CVE-2018-7437 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based ...)
+CVE-2018-7437
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547885
-CVE-2018-7436 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based ...)
+CVE-2018-7436
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547883
-CVE-2018-7435 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based ...)
+CVE-2018-7435
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547879
@@ -35053,20 +35043,20 @@ CVE-2018-7411
 	RESERVED
 CVE-2018-7410
 	RESERVED
-CVE-2018-7409 (In unixODBC before 2.3.5, there is a buffer overflow in the ...)
+CVE-2018-7409
 	- unixodbc 2.3.6-0.1 (bug #891596)
 	[stretch] - unixodbc <no-dsa> (Minor issue)
 	[jessie] - unixodbc <no-dsa> (Minor issue)
 	[wheezy] - unixodbc <ignored> (Minor issue)
 	NOTE: Fixed by: https://sourceforge.net/p/unixodbc/code/136/
 	NOTE: https://github.com/lurcher/unixODBC/commit/4f9f77fb4204659ec9b7be8745d9e05a539c80b9
-CVE-2018-7408 (An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked ...)
+CVE-2018-7408
 	- npm <not-affected> (Vulnerable code introduced later)
-CVE-2018-7407 (An issue was discovered in Foxit Reader before 9.1 and PhantomPDF ...)
+CVE-2018-7407
 	NOT-FOR-US: Foxit
-CVE-2018-7406 (An issue was discovered in Foxit Reader before 9.1 and PhantomPDF ...)
+CVE-2018-7406
 	NOT-FOR-US: Foxit
-CVE-2018-7405 (Cross-site scripting (XSS) in Zoho ManageEngine EventLog Analyzer ...)
+CVE-2018-7405
 	NOT-FOR-US: Zoho ManageEngine EventLog Analyzer
 CVE-2018-7404
 	RESERVED
@@ -35144,29 +35134,29 @@ CVE-2018-7368
 	RESERVED
 CVE-2018-7367
 	RESERVED
-CVE-2018-7366 (ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions ...)
+CVE-2018-7366
 	NOT-FOR-US: ZTE
-CVE-2018-7365 (All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product ...)
+CVE-2018-7365
 	NOT-FOR-US: ZTE
-CVE-2018-7364 (All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product ...)
+CVE-2018-7364
 	NOT-FOR-US: ZTE
-CVE-2018-7363 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
+CVE-2018-7363
 	NOT-FOR-US: ZTE
-CVE-2018-7362 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
+CVE-2018-7362
 	NOT-FOR-US: ZTE
-CVE-2018-7361 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
+CVE-2018-7361
 	NOT-FOR-US: ZTE
-CVE-2018-7360 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
+CVE-2018-7360
 	NOT-FOR-US: ZTE
-CVE-2018-7359 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
+CVE-2018-7359
 	NOT-FOR-US: ZTE
-CVE-2018-7358 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, ...)
+CVE-2018-7358
 	NOT-FOR-US: ZTE ZXHN H168N product
-CVE-2018-7357 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, ...)
+CVE-2018-7357
 	NOT-FOR-US: ZTE ZXHN H168N product
-CVE-2018-7356 (All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are ...)
+CVE-2018-7356
 	NOT-FOR-US: ZTE ZXR10 8905E
-CVE-2018-7355 (All versions up to V1.0.0B05 of ZTE MF65 and all versions up to ...)
+CVE-2018-7355
 	NOT-FOR-US: ZTE
 CVE-2018-7354
 	RESERVED
@@ -35198,7 +35188,7 @@ CVE-2018-7341
 	RESERVED
 CVE-2018-7340
 	RESERVED
-CVE-2018-7339 (The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles ...)
+CVE-2018-7339
 	- mp4v2 <removed> (low; bug #893544)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
@@ -35210,53 +35200,53 @@ CVE-2018-7338
 	NOTE: https://duo.com/labs/psa/duo-psa-2017-003
 	NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
 	NOTE: https://www.kb.cert.org/vuls/id/475445
-CVE-2018-7337 (In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. ...)
+CVE-2018-7337
 	{DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=511a8b0b546d25413e289dc5a7d3a455a33994c2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-08.html
-CVE-2018-7336 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol ...)
+CVE-2018-7336
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14374
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b56f598f1bc04f5d00f13b38c713763928cedb7c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-09.html
-CVE-2018-7335 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 ...)
+CVE-2018-7335
 	{DSA-4217-1 DLA-1353-1}
 	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14442
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2901dcf45c9f1b07abfbf2a0b0cd654371d72a4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-05.html
-CVE-2018-7334 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector ...)
+CVE-2018-7334
 	{DSA-4217-1 DLA-1353-1}
 	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ed705e1227d3d582e3f0de435bba606d053d686
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-07.html
-CVE-2018-7333 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7333
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.7)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.7)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bd6313181317bfe83842b27650b65f3c2b8d5dc9
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7332 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7332
 	{DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14445
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1ab0585098c7ce20f3afceb6730427cc2a1e98ea
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7331 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7331
 	{DLA-1634-1}
 	- wireshark 2.4.5-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14444
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=157712b2f5f89b19ef2497ea89c5938eb29529da
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7330 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7330
 	- wireshark 2.4.5-1 (low)
 	[stretch] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
@@ -35264,14 +35254,14 @@ CVE-2018-7330 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14428
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ad0c5b3683a17d9e2e16bbf25869140fd5c1c66
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7329 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7329
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14423
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d8a0cbc4f2979e0b1cadbe79f0b8b4ecb92477be
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7328 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7328
 	- wireshark 2.4.5-1 (low)
 	[stretch] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
@@ -35279,7 +35269,7 @@ CVE-2018-7328 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=69d09028c956f6e049145485ce9b3e2858789b2b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7327 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7327
 	- wireshark 2.4.5-1 (low)
 	[stretch] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
@@ -35287,47 +35277,47 @@ CVE-2018-7327 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=563989f888e51258edb9a27db56124bdc33c9afe
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7326 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7326
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=293b999425e998d6cde0d9149648e421ea7687d0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7325 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7325
 	{DLA-1634-1}
 	- wireshark 2.4.5-1 (low)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14414
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7be234d06ea39ab6a88115ae41d71060f1f15e3c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7324 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7324
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14413
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9e7695bbee18525eaa6d12b32230313ae8a36a81
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7323 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7323
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14412
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f9199ea8cff56c6704e9828c3d80360b27c4565
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5d45b69b590cabc5127282d1ade3bca1598e5f5c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7322 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7322
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14411
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afc780e2c796e971bb7d164103f4f0d10d3c25b5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7321 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+CVE-2018-7321
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.6)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.6)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14379
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c784d551ad50864de1035ce54e72837301cf6aca
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7320 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol ...)
+CVE-2018-7320
 	- wireshark 2.4.5-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -35335,55 +35325,55 @@ CVE-2018-7320 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP prot
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14398
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=015e3399390b8b5cfbfcfcda30589983ab6cc129
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-10.html
-CVE-2018-7319 (SQL Injection exists in the OS Property Real Estate 3.12.7 component ...)
+CVE-2018-7319
 	NOT-FOR-US: OS Property Real Estate component for Joomla!
-CVE-2018-7318 (SQL Injection exists in the CheckList 1.1.1 component for Joomla! via ...)
+CVE-2018-7318
 	NOT-FOR-US: CheckList component for Joomla!
-CVE-2018-7317 (Backup Download exists in the Proclaim 9.1.1 component for Joomla! via ...)
+CVE-2018-7317
 	NOT-FOR-US: Proclaim component for Joomla!
-CVE-2018-7316 (Arbitrary File Upload exists in the Proclaim 9.1.1 component for ...)
+CVE-2018-7316
 	NOT-FOR-US: Proclaim component for Joomla!
-CVE-2018-7315 (SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the ...)
+CVE-2018-7315
 	NOT-FOR-US: Ek Rishta component for Joomla!
-CVE-2018-7314 (SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! ...)
+CVE-2018-7314
 	NOT-FOR-US: PrayerCenter component for Joomla!
-CVE-2018-7313 (SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the ...)
+CVE-2018-7313
 	NOT-FOR-US: CW Tags component for Joomla!
-CVE-2018-7312 (SQL Injection exists in the Alexandria Book Library 3.1.2 component for ...)
+CVE-2018-7312
 	NOT-FOR-US: Alexandria Book Library component for Joomla!
-CVE-2018-7311 (** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root ...)
+CVE-2018-7311
 	NOT-FOR-US: PrivateVPN for macOS
 CVE-2018-7310
 	RESERVED
 CVE-2018-7309
 	RESERVED
-CVE-2018-7308 (A CSRF issue was found in var/www/html/files.php in DanWin hosting ...)
+CVE-2018-7308
 	NOT-FOR-US: DanWin hosting
-CVE-2018-7307 (The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles ...)
+CVE-2018-7307
 	NOT-FOR-US: Auth0 Auth0.js library
 CVE-2018-7306
 	RESERVED
-CVE-2018-7305 (MyBB 1.8.14 is not checking for a valid CSRF token, leading to ...)
+CVE-2018-7305
 	NOT-FOR-US: MyBB
-CVE-2018-7304 (Tiki 17.1 does not validate user input for special characters; ...)
+CVE-2018-7304
 	NOT-FOR-US: Tiki
-CVE-2018-7303 (The Calendar component in Tiki 17.1 allows HTML injection. ...)
+CVE-2018-7303
 	NOT-FOR-US: Tiki
-CVE-2018-7302 (Tiki 17.1 allows upload of a .PNG file that actually has SVG content, ...)
+CVE-2018-7302
 	NOT-FOR-US: Tiki
-CVE-2018-7301 (eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port ...)
+CVE-2018-7301
 	NOT-FOR-US: eQ-3 AG HomeMatic CCU2 2.29.22 devices
-CVE-2018-7300 (Directory Traversal / Arbitrary File Write / Remote Code Execution in ...)
+CVE-2018-7300
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7299 (Remote Code Execution in the addon installation process in eQ-3 AG ...)
+CVE-2018-7299
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7298 (In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic ...)
+CVE-2018-7298
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7297 (Remote Code Execution in the TCL script interpreter in eQ-3 AG ...)
+CVE-2018-7297
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7296 (Directory Traversal / Arbitrary File Read in User.getLanguage method ...)
+CVE-2018-7296
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7295 (ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on ...)
+CVE-2018-7295
 	NOT-FOR-US: Final Fantasy
 CVE-2018-7294
 	RESERVED
@@ -35393,17 +35383,17 @@ CVE-2018-7292
 	RESERVED
 CVE-2018-7291
 	RESERVED
-CVE-2018-7290 (Cross Site Scripting (XSS) exists in Tiki before 12.13, 15.6, 17.2, ...)
+CVE-2018-7290
 	NOT-FOR-US: Tiki
-CVE-2018-7289 (An issue was discovered in armadito-windows-driver/src/communication.c ...)
+CVE-2018-7289
 	NOT-FOR-US: Armadito
 CVE-2018-7288
 	RESERVED
-CVE-2018-7287 (An issue was discovered in res_http_websocket.c in Asterisk 15.x ...)
+CVE-2018-7287
 	- asterisk <not-affected> (Only affects Asterisk 15.x)
 	NOTE: downloads.digium.com/pub/security/AST-2018-006.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27658
-CVE-2018-7286 (An issue was discovered in Asterisk through 13.19.1, 14.x through ...)
+CVE-2018-7286
 	{DSA-4320-1}
 	- asterisk 1:13.20.0~dfsg-1 (bug #891228)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
@@ -35411,10 +35401,10 @@ CVE-2018-7286 (An issue was discovered in Asterisk through 13.19.1, 14.x through
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-005.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27618
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-005-13.diff
-CVE-2018-7285 (A NULL pointer access issue was discovered in Asterisk 15.x through ...)
+CVE-2018-7285
 	- asterisk <not-affected> (Only affects Asterisk 15.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-001.html
-CVE-2018-7284 (A Buffer Overflow issue was discovered in Asterisk through 13.19.1, ...)
+CVE-2018-7284
 	{DSA-4320-1}
 	- asterisk 1:13.20.0~dfsg-1 (bug #891227)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
@@ -35426,48 +35416,48 @@ CVE-2018-7283
 	RESERVED
 CVE-2018-7282
 	RESERVED
-CVE-2018-7281 (CactusVPN 5.3.6 for macOS contains a root privilege escalation ...)
+CVE-2018-7281
 	NOT-FOR-US: CactusVPN for macOS
-CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...)
+CVE-2018-7280
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-1000093 (CryptoNote version version 0.8.9 and possibly later contain a local ...)
+CVE-2018-1000093
 	NOT-FOR-US: CryptoNote
-CVE-2018-1000092 (CMS Made Simple version versions 2.2.5 contains a Cross ite Request ...)
+CVE-2018-1000092
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-1000091 (KadNode version version 2.2.0 contains a Buffer Overflow vulnerability ...)
+CVE-2018-1000091
 	NOT-FOR-US: KadNode
-CVE-2018-1000090 (textpattern version version 4.6.2 contains a XML Injection ...)
+CVE-2018-1000090
 	- textpattern <removed>
-CVE-2018-1000089 (Anymail django-anymail version version 0.2 through 1.3 contains a ...)
+CVE-2018-1000089
 	- django-anymail 1.4-1 (bug #890097)
 	[stretch] - django-anymail <ignored> (Minor issue; non-free/contrib not security supported)
 	NOTE: https://github.com/anymail/django-anymail/commit/1a6086f2b58478d71f89bf27eb034ed81aefe5ef
-CVE-2018-1000088 (Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting ...)
+CVE-2018-1000088
 	- ruby-doorkeeper 4.3.1-1 (bug #891069)
 	[stretch] - ruby-doorkeeper <no-dsa> (Minor issue)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/969
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/970
-CVE-2018-1000087 (WolfCMS version version 0.8.3.1 contains a Reflected Cross Site ...)
+CVE-2018-1000087
 	NOT-FOR-US: WolfCMS
-CVE-2018-1000086 (NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a ...)
+CVE-2018-1000086
 	NOT-FOR-US: pym.js
-CVE-2018-1000085 (ClamAV version version 0.99.3 contains a Out of bounds heap memory ...)
+CVE-2018-1000085
 	{DLA-1307-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav 0.99.4+dfsg-1+deb9u1
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/29/4
-CVE-2018-1000084 (WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site ...)
+CVE-2018-1000084
 	NOT-FOR-US: WolfCMS
-CVE-2018-1000083 (Ajenti version version 2 contains a Improper Error Handling ...)
+CVE-2018-1000083
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000082 (Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) ...)
+CVE-2018-1000082
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000081 (Ajenti version version 2 contains a Input Validation vulnerability in ...)
+CVE-2018-1000081
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000080 (Ajenti version version 2 contains a Insecure Permissions vulnerability ...)
+CVE-2018-1000080
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+CVE-2018-1000079
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35482,7 +35472,7 @@ CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
 	NOTE: https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759
 	NOTE: https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+CVE-2018-1000078
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35493,7 +35483,7 @@ CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/66a28b9275551384fdab45f3591a82d6b59952cb
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+CVE-2018-1000077
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35504,7 +35494,7 @@ CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+CVE-2018-1000076
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35515,7 +35505,7 @@ CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/f5042b879259b1f1ce95a0c5082622c646376693
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+CVE-2018-1000075
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35526,7 +35516,7 @@ CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/92e98bf8f810bd812f919120d4832df51bc25d83
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+CVE-2018-1000074
 	{DSA-4259-1 DSA-4219-1 DLA-1480-1 DLA-1352-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35539,7 +35529,7 @@ CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000073 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+CVE-2018-1000073
 	{DSA-4259-1 DSA-4219-1 DLA-1480-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35553,9 +35543,9 @@ CVE-2018-1000073 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
 	[wheezy] - jruby <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/rubygems/rubygems/commit/1b931fc03b819b9a0214be3eaca844ef534175e2
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000072 (iRedMail version prior to commit f04b8ef contains a Insecure ...)
+CVE-2018-1000072
 	NOT-FOR-US: iRedMail
-CVE-2018-1000071 (roundcube version 1.3.4 and earlier contains an Insecure Permissions ...)
+CVE-2018-1000071
 	- roundcube <unfixed> (unimportant; bug #897014)
 	[stretch] - roundcube 1.2.3+dfsg.1-4+deb9u2
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6173
@@ -35564,49 +35554,49 @@ CVE-2018-1000071 (roundcube version 1.3.4 and earlier contains an Insecure Permi
 	NOTE: That plugin is not functional in stretch due to a missing package dependency, setting it
 	NOTE: up would require several additional manual changes on the admin's side
 	NOTE: Can be mitigated by moving home folder outside the scope of the webserver
-CVE-2018-1000070 (Bitmessage PyBitmessage version v0.6.2 (and introduced in or after ...)
+CVE-2018-1000070
 	NOT-FOR-US: PyBitmessage
-CVE-2018-1000069 (FreePlane version 1.5.9 and earlier contains a XML External Entity ...)
+CVE-2018-1000069
 	{DSA-4175-1 DLA-1316-1}
 	- freeplane 1.6.6-1 (bug #893663)
 	NOTE: https://www.freeplane.org/wiki/index.php/XML_External_Entity_vulnerability_in_map_parser
 	NOTE: https://github.com/freeplane/freeplane/commit/a5dce7f9f
-CVE-2018-7279 (A remote code execution issue was discovered in AlienVault USM and ...)
+CVE-2018-7279
 	NOT-FOR-US: AlienVault
-CVE-2018-7278 (An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP ...)
+CVE-2018-7278
 	NOT-FOR-US: RLE Protocol Converter FDS-PC / FDS-PC-DP devices
-CVE-2018-7277 (An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent ...)
+CVE-2018-7277
 	NOT-FOR-US: RLE Wi-MGR/FDS-Wi 6.2 devices
-CVE-2018-7276 (An issue was discovered on Lutron Quantum BACnet Integration 2.0 ...)
+CVE-2018-7276
 	NOT-FOR-US: Lutron Quantum BACnet Integration 2.0 devices
 CVE-2018-7275
 	RESERVED
-CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to multiple persistent cross-site ...)
+CVE-2018-7274
 	NOT-FOR-US: Yab Quarx
-CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals the ...)
+CVE-2018-7273
 	- linux 4.15.4-1
 	[wheezy] - linux <ignored> (Minor issue)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://lkml.org/lkml/2018/2/20/669
-CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part ...)
+CVE-2018-7272
 	NOT-FOR-US: ForgeRock AM
-CVE-2018-7271 (An issue was discovered in MetInfo 6.0.0. In install/install.php in the ...)
+CVE-2018-7271
 	NOT-FOR-US: MetInfo
 CVE-2018-7270
 	RESERVED
-CVE-2018-7269 (The findByCondition function in framework/db/ActiveRecord.php in Yii ...)
+CVE-2018-7269
 	- yii <itp> (bug #597899)
-CVE-2018-7268 (MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic ...)
+CVE-2018-7268
 	NOT-FOR-US: MagniComp
 CVE-2018-7267
 	RESERVED
 CVE-2018-7266
 	RESERVED
-CVE-2018-7265 (Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that ...)
+CVE-2018-7265
 	NOT-FOR-US: Shimmie
-CVE-2018-7264 (The Pictview image processing library embedded in the ActivePDF ...)
+CVE-2018-7264
 	NOT-FOR-US: ActivePDF
-CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad through ...)
+CVE-2018-7263
 	NOTE: Seems like a duplicate of CVE-2017-11552 relates to the issue raised in
 	NOTE: https://bugs.debian.org/870608
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1081784
@@ -35614,7 +35604,7 @@ CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad th
 	NOTE: paths by which libmad is used incorrectly, and both code paths result
 	NOTE: in "double free or corruption" errors, then we would represent this
 	NOTE: with two CVEs."
-CVE-2018-7262 (In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc ...)
+CVE-2018-7262
 	- ceph <not-affected> (Issue introduced later)
 	NOTE: See details in https://bugs.debian.org/891963#15 . Ceph as present in
 	NOTE: Debian up to 10.2.5-7.2 is not vulnerable as they contain an older
@@ -35622,16 +35612,16 @@ CVE-2018-7262 (In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.c
 	NOTE: null strings on malformed HTTP requests.
 	NOTE: Original pull request: https://github.com/ceph/ceph/pull/20403
 	NOTE: Superseeded by: https://github.com/ceph/ceph/pull/20488
-CVE-2018-7261 (There are multiple Persistent XSS vulnerabilities in Radiant CMS ...)
+CVE-2018-7261
 	NOT-FOR-US: Radiant CMS
-CVE-2018-7260 (Cross-site scripting (XSS) vulnerability in db_central_columns.php in ...)
+CVE-2018-7260
 	- phpmyadmin <unfixed> (bug #893539)
 	[stretch] - phpmyadmin <no-dsa> (Minor issue)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-1/
-CVE-2018-7259 (The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a ...)
+CVE-2018-7259
 	NOT-FOR-US: Flight Sim Labs
 CVE-2018-7258
 	RESERVED
@@ -35643,76 +35633,76 @@ CVE-2018-7255
 	RESERVED
 CVE-2018-7252
 	RESERVED
-CVE-2018-7251 (An issue was discovered in config/error.php in Anchor 0.12.3. The error ...)
+CVE-2018-7251
 	NOT-FOR-US: Anchor CMS
-CVE-2018-7250 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows ...)
+CVE-2018-7250
 	NOT-FOR-US: Microsoft
-CVE-2018-7249 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows ...)
+CVE-2018-7249
 	NOT-FOR-US: Microsoft
-CVE-2018-7254 (The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack ...)
+CVE-2018-7254
 	{DSA-4125-1}
 	- wavpack 5.1.0-3 (bug #889274)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/dbry/WavPack/issues/26
 	NOTE: https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e
-CVE-2018-7253 (The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of ...)
+CVE-2018-7253
 	{DSA-4125-1}
 	- wavpack 5.1.0-3 (bug #889559)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/dbry/WavPack/issues/28
 	NOTE: https://github.com/dbry/WavPack/commit/36a24c7881427d2e1e4dc1cef58f19eee0d13aec
-CVE-2018-7248 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 ...)
+CVE-2018-7248
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
-CVE-2018-7247 (An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in ...)
+CVE-2018-7247
 	- leptonlib 1.76.0-1 (unimportant)
 	NOTE: https://github.com/DanBloomberg/leptonica/commit/c1079bb8e77cdd426759e466729917ca37a3ed9f
-CVE-2018-7246 (A cleartext transmission of sensitive information vulnerability exists ...)
+CVE-2018-7246
 	NOT-FOR-US: Schneider
-CVE-2018-7245 (An improper authorization vulnerability exists In Schneider Electric's ...)
+CVE-2018-7245
 	NOT-FOR-US: Schneider
-CVE-2018-7244 (An information disclosure vulnerability exists In Schneider Electric's ...)
+CVE-2018-7244
 	NOT-FOR-US: Schneider
-CVE-2018-7243 (An authorization bypass vulnerability exists In Schneider Electric's ...)
+CVE-2018-7243
 	NOT-FOR-US: Schneider
-CVE-2018-7242 (Vulnerable hash algorithms exists in Schneider Electric's Modicon ...)
+CVE-2018-7242
 	NOT-FOR-US: Schneider
-CVE-2018-7241 (Hard coded accounts exist in Schneider Electric's Modicon Premium, ...)
+CVE-2018-7241
 	NOT-FOR-US: Schneider
-CVE-2018-7240 (A vulnerability exists in Schneider Electric's Modicon Quantum in all ...)
+CVE-2018-7240
 	NOT-FOR-US: Schneider
-CVE-2018-7239 (A DLL hijacking vulnerability exists in Schneider Electric's SoMove ...)
+CVE-2018-7239
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7238 (A buffer overflow vulnerability exist in the web-based GUI of ...)
+CVE-2018-7238
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7237 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7237
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7236 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7236
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7235 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7235
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7234 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7234
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7233 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7233
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7232 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7232
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7231 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7231
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7230 (A XML external entity (XXE) vulnerability exists in the import.cgi of ...)
+CVE-2018-7230
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7229 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7229
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7228 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7228
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7227 (A vulnerability exists in Schneider Electric's Pelco Sarix ...)
+CVE-2018-7227
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7226 (An issue was discovered in vcSetXCutTextProc() in VNConsole.c in ...)
+CVE-2018-7226
 	- vncterm <unfixed> (low; bug #898453)
 	[stretch] - vncterm <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibVNC/vncterm/issues/6
-CVE-2018-7225 (An issue was discovered in LibVNCServer through 0.9.11. ...)
+CVE-2018-7225
 	{DSA-4221-1 DLA-1332-1}
 	- libvncserver 0.9.11+dfsg-1.1 (bug #894045)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/218
@@ -35727,29 +35717,29 @@ CVE-2018-7221
 	RESERVED
 CVE-2018-7220
 	RESERVED
-CVE-2018-7219 (application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as ...)
+CVE-2018-7219
 	NOT-FOR-US: NoneCms
-CVE-2018-7218 (The AppFirewall functionality in Citrix NetScaler Application Delivery ...)
+CVE-2018-7218
 	NOT-FOR-US: Citrix
-CVE-2018-7217 (In Bravo Tejari Procurement Portal, uploaded files are not properly ...)
+CVE-2018-7217
 	NOT-FOR-US: Bravo Tejari Procurement Portal
-CVE-2018-7216 (Cross-site request forgery (CSRF) vulnerability in ...)
+CVE-2018-7216
 	NOT-FOR-US: Bravo Tejari Procurement Portal
 CVE-2018-7215
 	RESERVED
 CVE-2018-7214
 	RESERVED
-CVE-2018-7213 (The Password Manager Extension in Abine Blur 7.8.242* before 7.8.2428 ...)
+CVE-2018-7213
 	NOT-FOR-US: Password Manager Extension in Abine Blur
-CVE-2018-7212 (An issue was discovered in ...)
+CVE-2018-7212
 	NOT-FOR-US: Sinatra
-CVE-2018-7211 (An issue was discovered in iDashboards 9.6b. The SSO implementation is ...)
+CVE-2018-7211
 	NOT-FOR-US: iDashboards
-CVE-2018-7210 (An issue was discovered in iDashboards 9.6b. It allows remote attackers ...)
+CVE-2018-7210
 	NOT-FOR-US: iDashboards
-CVE-2018-7209 (An issue was discovered in iDashboards 9.6b. It allows remote attackers ...)
+CVE-2018-7209
 	NOT-FOR-US: iDashboards
-CVE-2018-7208 (In the coff_pointerize_aux function in coffgen.c in the Binary File ...)
+CVE-2018-7208
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -35758,13 +35748,13 @@ CVE-2018-7208 (In the coff_pointerize_aux function in coffgen.c in the Binary Fi
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=eb77f6a4621795367a39cdd30957903af9dbb815
 CVE-2018-7207
 	REJECTED
-CVE-2018-7206 (An issue was discovered in Project Jupyter JupyterHub OAuthenticator ...)
+CVE-2018-7206
 	NOT-FOR-US: JupyterHub
-CVE-2018-7205 (** DISPUTED ** Reflected Cross-Site Scripting vulnerability in ...)
+CVE-2018-7205
 	NOT-FOR-US: Kentico
-CVE-2018-7204 (inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for ...)
+CVE-2018-7204
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-7203 (Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 ...)
+CVE-2018-7203
 	NOT-FOR-US: Twonky Server
 CVE-2018-7202
 	RESERVED
@@ -35774,19 +35764,19 @@ CVE-2018-7200
 	RESERVED
 CVE-2018-7199
 	RESERVED
-CVE-2018-7198 (October CMS through 1.0.431 allows XSS by entering HTML on the Add ...)
+CVE-2018-7198
 	NOT-FOR-US: October CMS
-CVE-2018-7197 (An issue was discovered in Pluck through 4.7.4. A stored cross-site ...)
+CVE-2018-7197
 	NOT-FOR-US: Pluck CMS
-CVE-2018-7196 (Cross-site scripting (XSS) vulnerability in /scp/index.php in ...)
+CVE-2018-7196
 	NOT-FOR-US: osTicket
-CVE-2018-7195 (Enhancesoft osTicket before 1.10.2 allows remote attackers to reset ...)
+CVE-2018-7195
 	NOT-FOR-US: osTicket
-CVE-2018-7194 (Integer format vulnerability in the ticket number generator in ...)
+CVE-2018-7194
 	NOT-FOR-US: osTicket
-CVE-2018-7193 (Cross-site scripting (XSS) vulnerability in /scp/directory.php in ...)
+CVE-2018-7193
 	NOT-FOR-US: osTicket
-CVE-2018-7192 (Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic ...)
+CVE-2018-7192
 	NOT-FOR-US: osTicket
 CVE-2018-7191
 	RESERVED
@@ -35794,9 +35784,9 @@ CVE-2018-7190
 	RESERVED
 CVE-2018-7189
 	RESERVED
-CVE-2018-7188 (An XSS vulnerability (via an SVG image) in Tiki before 18 allows an ...)
+CVE-2018-7188
 	NOT-FOR-US: Tiki
-CVE-2018-7187 (The &quot;go get&quot; implementation in Go 1.9.4, when the -insecure ...)
+CVE-2018-7187
 	{DSA-4380-1 DSA-4379-1 DLA-1294-1}
 	- golang-1.10 1.10.1-1
 	- golang-1.9 <removed> (bug #895663)
@@ -35806,7 +35796,7 @@ CVE-2018-7187 (The &quot;go get&quot; implementation in Go 1.9.4, when the -inse
 	[jessie] - golang <ignored> (Minor issue)
 	NOTE: https://github.com/golang/go/issues/23867
 	NOTE: https://github.com/golang/go/commit/c941e27e70c3e06e1011d2dd71d72a7a06a9bcbc
-CVE-2018-7185 (The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote ...)
+CVE-2018-7185
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35815,7 +35805,7 @@ CVE-2018-7185 (The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3454
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
-CVE-2018-7184 (ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating ...)
+CVE-2018-7184
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35825,7 +35815,7 @@ CVE-2018-7184 (ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before upda
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3453
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
 	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=cset&REV=5a76f46bK1M87GD1tJounOczC-5Zow
-CVE-2018-7183 (Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 ...)
+CVE-2018-7183
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35834,7 +35824,7 @@ CVE-2018-7183 (Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3414
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
-CVE-2018-7182 (The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows ...)
+CVE-2018-7182
 	- ntp 1:4.2.8p11+dfsg-1
 	[stretch] - ntp <postponed> (Can be fixed along in a future update)
 	[jessie] - ntp <postponed> (Can be fixed along in a future update)
@@ -35847,45 +35837,45 @@ CVE-2018-7182 (The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 all
 	NOTE: https://lists.ntpsec.org/pipermail/devel/2018-March/006008.html
 CVE-2018-7181
 	RESERVED
-CVE-2018-7186 (Leptonica before 1.75.3 does not limit the number of characters in a %s ...)
+CVE-2018-7186
 	{DLA-1302-1}
 	- leptonlib 1.75.3-2 (low; bug #890548)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
 	[jessie] - leptonlib <no-dsa> (Minor issue)
 	NOTE: https://github.com/DanBloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a
-CVE-2018-7180 (SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! ...)
+CVE-2018-7180
 	NOT-FOR-US: Saxum Astro component for Joomla!
-CVE-2018-7179 (SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! ...)
+CVE-2018-7179
 	NOT-FOR-US: SquadManagement component for Joomla!
-CVE-2018-7178 (SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! ...)
+CVE-2018-7178
 	NOT-FOR-US: Saxum Picker component for Joomla!
-CVE-2018-7177 (SQL Injection exists in the Saxum Numerology 3.0.4 component for ...)
+CVE-2018-7177
 	NOT-FOR-US: Saxum Numerology component for Joomla!
-CVE-2018-7176 (FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a ...)
+CVE-2018-7176
 	- frontaccounting <removed> (bug #890604)
 	[wheezy] - frontaccounting <end-of-life> (unsupported in wheezy, already vulnerable to SQL injection in CVE-2014-3973)
 	NOTE: https://securitywarrior9.blogspot.ca/2018/02/cross-site-request-forgery-front.html
-CVE-2018-7175 (An issue was discovered in xpdf 4.00. A NULL pointer dereference in ...)
+CVE-2018-7175
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=613
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
-CVE-2018-7174 (An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref ...)
+CVE-2018-7174
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=605
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
-CVE-2018-7173 (A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an ...)
+CVE-2018-7173
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=607
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
-CVE-2018-1000068 (An improper input validation vulnerability exists in Jenkins versions ...)
+CVE-2018-1000068
 	- jenkins <removed>
-CVE-2018-1000067 (An improper authorization vulnerability exists in Jenkins versions ...)
+CVE-2018-1000067
 	- jenkins <removed>
-CVE-2018-7172 (In index.php in WonderCMS before 2.4.1, remote attackers can delete ...)
+CVE-2018-7172
 	NOT-FOR-US: WonderCMS
-CVE-2018-7171 (Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 ...)
+CVE-2018-7171
 	NOT-FOR-US: Twonky Server
-CVE-2018-7170 (ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows ...)
+CVE-2018-7170
 	- ntp 1:4.2.8p11+dfsg-1
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35894,7 +35884,7 @@ CVE-2018-7170 (ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows .
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3415
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
-CVE-2018-7169 (An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is ...)
+CVE-2018-7169
 	- shadow <unfixed> (bug #890557)
 	[stretch] - shadow <no-dsa> (Minor issue)
 	[jessie] - shadow <no-dsa> (Minor issue)
@@ -35903,17 +35893,17 @@ CVE-2018-7169 (An issue was discovered in shadow 4.5. newgidmap (in shadow-utils
 	NOTE: https://github.com/shadow-maint/shadow/pull/97
 CVE-2018-7168
 	RESERVED
-CVE-2018-7167 (Calling Buffer.fill() or Buffer.alloc() with some parameters can lead ...)
+CVE-2018-7167
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#calls-to-buffer-fill-and-or-buffer-alloc-may-hang-cve-2018-7167
-CVE-2018-7166 (In all versions of Node.js 10 prior to 10.9.0, an argument processing ...)
+CVE-2018-7166
 	[experimental] - nodejs <unfixed>
 	- nodejs <not-affected> (Only affects 10.x and later)
 	NOTE: https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
 	NOTE: https://github.com/nodejs/node/commit/40a7beeddac9b9ec9ef5b49157daaf8470648b08
 CVE-2018-7165
 	RESERVED
-CVE-2018-7164 (Node.js versions 9.7.0 and later and 10.x are vulnerable and the ...)
+CVE-2018-7164
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Only affects >= 9.x)
 	[jessie] - nodejs <not-affected> (Only affects >= 9.x)
@@ -35921,26 +35911,26 @@ CVE-2018-7164 (Node.js versions 9.7.0 and later and 10.x are vulnerable and the
 	NOTE: https://github.com/nodejs/node/commit/3217e8e66fa81e
 CVE-2018-7163
 	RESERVED
-CVE-2018-7162 (All versions of Node.js 9.x and 10.x are vulnerable and the severity ...)
+CVE-2018-7162
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Only affects >= 8.x)
 	[jessie] - nodejs <not-affected> (Only affects >= 8.x)
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#denial-of-service-vulnerability-in-tls-cve-2018-7162
 	NOTE: https://github.com/nodejs/node/commit/0cb3325f1
-CVE-2018-7161 (All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the ...)
+CVE-2018-7161
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Only affects >= 8.x)
 	[jessie] - nodejs <not-affected> (Only affects >= 8.x)
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#denial-of-service-vulnerability-in-http-2-cve-2018-7161
 	NOTE: https://github.com/nodejs/node/commit/8bf213dbdc7e
-CVE-2018-7160 (The Node.js inspector, in 6.x and later is vulnerable to a DNS ...)
+CVE-2018-7160
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Vulnerable code not present)
 	[jessie] - nodejs <not-affected> (Vulnerable code not present)
 	[wheezy] - nodejs <not-affected> (Vulnerable code not present)
-CVE-2018-7159 (The HTTP parser in all current versions of Node.js ignores spaces in ...)
+CVE-2018-7159
 	- nodejs <unfixed> (unimportant)
-CVE-2018-7158 (The `'path'` module in the Node.js 4.x release line contains a ...)
+CVE-2018-7158
 	- nodejs 6.0.0~dfsg-1 (unimportant)
 CVE-2018-7157
 	RESERVED
@@ -36024,59 +36014,59 @@ CVE-2018-7118
 	RESERVED
 CVE-2018-7117
 	RESERVED
-CVE-2018-7116 (HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 ...)
+CVE-2018-7116
 	NOT-FOR-US: HPE
-CVE-2018-7115 (HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 ...)
+CVE-2018-7115
 	NOT-FOR-US: HPE
-CVE-2018-7114 (HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 ...)
+CVE-2018-7114
 	NOT-FOR-US: HPE
-CVE-2018-7113 (A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior ...)
+CVE-2018-7113
 	NOT-FOR-US: HPE
-CVE-2018-7112 (The HPE-provided Windows firmware installer for certain Gen9, Gen8, ...)
+CVE-2018-7112
 	NOT-FOR-US: HPE
-CVE-2018-7111 (A remote unauthorized access vulnerability was identified in HPE UIoT ...)
+CVE-2018-7111
 	NOT-FOR-US: HPE
-CVE-2018-7110 (A remote unauthorized disclosure of information vulnerability was ...)
+CVE-2018-7110
 	NOT-FOR-US: HPE
-CVE-2018-7109 (HPE has addressed a remote arbitrary file modification vulnerability ...)
+CVE-2018-7109
 	NOT-FOR-US: HPE
-CVE-2018-7108 (HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to ...)
+CVE-2018-7108
 	NOT-FOR-US: HPE
-CVE-2018-7107 (A potential security vulnerability has been identified in HPE Device ...)
+CVE-2018-7107
 	NOT-FOR-US: HPE
 CVE-2018-7106
 	REJECTED
-CVE-2018-7105 (A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for ...)
+CVE-2018-7105
 	NOT-FOR-US: HPE
-CVE-2018-7104 (A Remote Code Execution vulnerability was identified in HPE ...)
+CVE-2018-7104
 	NOT-FOR-US: HPE
-CVE-2018-7103 (A Remote Code Execution vulnerability was identified in HPE ...)
+CVE-2018-7103
 	NOT-FOR-US: HPE
-CVE-2018-7102 (A security vulnerability in HPE Intelligent Management Center (iMC) ...)
+CVE-2018-7102
 	NOT-FOR-US: HPE
-CVE-2018-7101 (A potential remote denial of service security vulnerability has been ...)
+CVE-2018-7101
 	NOT-FOR-US: HPE
-CVE-2018-7100 (A potential security vulnerability has been identified in HPE ...)
+CVE-2018-7100
 	NOT-FOR-US: HPE OfficeConnect 1810 Switch Series
-CVE-2018-7099 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
+CVE-2018-7099
 	NOT-FOR-US: 3PAR
-CVE-2018-7098 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
+CVE-2018-7098
 	NOT-FOR-US: 3PAR
-CVE-2018-7097 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
+CVE-2018-7097
 	NOT-FOR-US: 3PAR
-CVE-2018-7096 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
+CVE-2018-7096
 	NOT-FOR-US: 3PAR
-CVE-2018-7095 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
+CVE-2018-7095
 	NOT-FOR-US: 3PAR
-CVE-2018-7094 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
+CVE-2018-7094
 	NOT-FOR-US: 3PAR
-CVE-2018-7093 (A security vulnerability in HPE Integrated Lights-Out 3 prior to ...)
+CVE-2018-7093
 	NOT-FOR-US: HPE
-CVE-2018-7092 (A potential security vulnerability has been identified in HPE ...)
+CVE-2018-7092
 	NOT-FOR-US: HPE
-CVE-2018-7091 (HPE XP P9000 Command View Advanced Edition Software (CVAE) has open ...)
+CVE-2018-7091
 	NOT-FOR-US: HPE
-CVE-2018-7090 (HPE XP P9000 Command View Advanced Edition Software (CVAE) has local ...)
+CVE-2018-7090
 	NOT-FOR-US: HPE
 CVE-2018-7089
 	RESERVED
@@ -36096,59 +36086,59 @@ CVE-2018-7082
 	RESERVED
 CVE-2018-7081
 	RESERVED
-CVE-2018-7080 (A vulnerability exists in the firmware of embedded BLE radios that are ...)
+CVE-2018-7080
 	NOT-FOR-US: Aruba
-CVE-2018-7079 (Aruba ClearPass Policy Manager guest authorization failure. Certain ...)
+CVE-2018-7079
 	NOT-FOR-US: Aruba
-CVE-2018-7078 (A remote code execution was identified in HPE Integrated Lights-Out 4 ...)
+CVE-2018-7078
 	NOT-FOR-US: HPE
-CVE-2018-7077 (A security vulnerability in HPE XP P9000 Command View Advanced Edition ...)
+CVE-2018-7077
 	NOT-FOR-US: HPE
-CVE-2018-7076 (A remote code execution vulnerability was identified in HPE ...)
+CVE-2018-7076
 	NOT-FOR-US: HPE
-CVE-2018-7075 (A remote cross-site scripting (XSS) vulnerability was identified in ...)
+CVE-2018-7075
 	NOT-FOR-US: HPE
-CVE-2018-7074 (A remote code execution vulnerability was identified in HPE ...)
+CVE-2018-7074
 	NOT-FOR-US: HPE
-CVE-2018-7073 (A local arbitrary file modification vulnerability was identified in ...)
+CVE-2018-7073
 	NOT-FOR-US: HPE
-CVE-2018-7072 (A remote bypass of security restrictions vulnerability was identified ...)
+CVE-2018-7072
 	NOT-FOR-US: HPE
-CVE-2018-7071 (HPE has identified a remote access to sensitive information ...)
+CVE-2018-7071
 	NOT-FOR-US: HPE
-CVE-2018-7070 (HPE has identified a remote disclosure of information vulnerability in ...)
+CVE-2018-7070
 	NOT-FOR-US: HPE
-CVE-2018-7069 (HPE has identified a remote unauthenticated access to files ...)
+CVE-2018-7069
 	NOT-FOR-US: HPE
-CVE-2018-7068 (HPE has identified a remote HOST header attack vulnerability in HPE ...)
+CVE-2018-7068
 	NOT-FOR-US: HPE
-CVE-2018-7067 (A Remote Authentication bypass in Aruba ClearPass Policy Manager leads ...)
+CVE-2018-7067
 	NOT-FOR-US: Aruba
-CVE-2018-7066 (An unauthenticated remote command execution exists in Aruba ClearPass ...)
+CVE-2018-7066
 	NOT-FOR-US: Aruba
-CVE-2018-7065 (An authenticated SQL injection vulnerability in Aruba ClearPass Policy ...)
+CVE-2018-7065
 	NOT-FOR-US: Aruba
 CVE-2018-7064
 	RESERVED
-CVE-2018-7063 (In Aruba ClearPass, disabled API admins can still perform read/write ...)
+CVE-2018-7063
 	NOT-FOR-US: Aruba
 CVE-2018-7062
 	RESERVED
 CVE-2018-7061
 	RESERVED
-CVE-2018-7060 (Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is ...)
+CVE-2018-7060
 	NOT-FOR-US: Aruba ClearPass
-CVE-2018-7059 (Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that ...)
+CVE-2018-7059
 	NOT-FOR-US: Aruba ClearPass
-CVE-2018-7058 (Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by ...)
+CVE-2018-7058
 	NOT-FOR-US: Aruba ClearPass
-CVE-2018-7057 (RoomWizard before 4.4.x allows XSS via the HelpAction.action pageName ...)
+CVE-2018-7057
 	NOT-FOR-US: RoomWizard
-CVE-2018-7056 (RoomWizard before 4.4.x allows remote attackers to obtain potentially ...)
+CVE-2018-7056
 	NOT-FOR-US: RoomWizard
-CVE-2018-7055 (GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the ...)
+CVE-2018-7055
 	NOT-FOR-US: RoomWizard
-CVE-2018-7054 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
+CVE-2018-7054
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #890674)
 	[jessie] - irssi <not-affected> (Vulnerable netsplit code introduced in 1.0.0)
@@ -36159,38 +36149,38 @@ CVE-2018-7054 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.
 	NOTE: https://github.com/irssi/irssi/commit/fa8508404f4c4a02749cae5148662e2322c2abf0
 	NOTE: https://github.com/irssi/irssi/commit/a4f99ae746efb121185fe76c392a64d743a9eb92
 	NOTE: But the CVE is specifically for the use-after-free issue.
-CVE-2018-7053 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
+CVE-2018-7053
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #890674)
 	[jessie] - irssi <not-affected> (Vulnerable code introduced in 0.8.18)
 	[wheezy] - irssi <not-affected> (Vulnerable code introduced in 0.8.18)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/84f03e01467b90a4251987b32b2813ee976b357c
-CVE-2018-7052 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
+CVE-2018-7052
 	{DSA-4162-1 DLA-1289-1}
 	- irssi 1.0.7-1 (bug #890676)
 	[jessie] - irssi <ignored> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/5b5bfef03596d95079c728f65f523570dd7b03aa
-CVE-2018-7051 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
+CVE-2018-7051
 	{DSA-4162-1 DLA-1318-1}
 	- irssi 1.0.7-1 (bug #890677)
 	[jessie] - irssi <ignored> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/e32e9d63c67ab95ef0576154680a6c52334b97af
-CVE-2018-7050 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A ...)
+CVE-2018-7050
 	{DSA-4162-1 DLA-1289-1}
 	- irssi 1.0.7-1 (bug #890678)
 	[jessie] - irssi <ignored> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/e91da9e4098e449dc36eaa15354aff67650e7703
-CVE-2018-7049 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There ...)
+CVE-2018-7049
 	NOT-FOR-US: Wowza Streaming Engine
-CVE-2018-7048 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There ...)
+CVE-2018-7048
 	NOT-FOR-US: Wowza Streaming Engine
-CVE-2018-7047 (An issue was discovered in the MBeans Server in Wowza Streaming Engine ...)
+CVE-2018-7047
 	NOT-FOR-US: Wowza Streaming Engine
-CVE-2018-7046 (** DISPUTED ** Arbitrary code execution vulnerability in Kentico 9 ...)
+CVE-2018-7046
 	NOT-FOR-US: Kentico
 CVE-2018-7045
 	RESERVED
@@ -36204,7 +36194,7 @@ CVE-2018-7041
 	RESERVED
 CVE-2018-7040
 	RESERVED
-CVE-2018-7039 (CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of ...)
+CVE-2018-7039
 	NOT-FOR-US: CCN-lite 2
 CVE-2018-7038
 	RESERVED
@@ -36212,11 +36202,11 @@ CVE-2018-7037
 	RESERVED
 CVE-2018-7036
 	RESERVED
-CVE-2018-7035 (Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2.0 ...)
+CVE-2018-7035
 	NOT-FOR-US: Gleez CMS
-CVE-2018-7034 (TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 ...)
+CVE-2018-7034
 	NOT-FOR-US: TRENDnet devices
-CVE-2018-7033 (SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL ...)
+CVE-2018-7033
 	{DSA-4254-1 DLA-1437-1 DLA-1367-1}
 	- slurm-llnl 17.11.5-1 (bug #893044)
 	NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4792 (not yet public)
@@ -36318,63 +36308,63 @@ CVE-2018-6985
 	REJECTED
 CVE-2018-6984
 	RESERVED
-CVE-2018-6983 (VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and ...)
+CVE-2018-6983
 	NOT-FOR-US: VMware
-CVE-2018-6982 (VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 ...)
+CVE-2018-6982
 	NOT-FOR-US: VMware
 	NOTE: https://seclists.org/bugtraq/2018/Nov/12
-CVE-2018-6981 (VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 ...)
+CVE-2018-6981
 	NOT-FOR-US: VMware
 	NOTE: https://seclists.org/bugtraq/2018/Nov/12
-CVE-2018-6980 (VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before ...)
+CVE-2018-6980
 	NOT-FOR-US: VMware
-CVE-2018-6979 (The VMware Workspace ONE Unified Endpoint Management Console (A/W ...)
+CVE-2018-6979
 	NOT-FOR-US: VMware
-CVE-2018-6978 (vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before ...)
+CVE-2018-6978
 	NOT-FOR-US: VMware
-CVE-2018-6977 (VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion ...)
+CVE-2018-6977
 	NOT-FOR-US: VMware
-CVE-2018-6976 (The VMware Content Locker for iOS prior to 4.14 contains a data ...)
+CVE-2018-6976
 	NOT-FOR-US: VMware
-CVE-2018-6975 (The AirWatch Agent for iOS prior to 5.8.1 contains a data protection ...)
+CVE-2018-6975
 	NOT-FOR-US: AirWatch Agent for iOS
-CVE-2018-6974 (VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ...)
+CVE-2018-6974
 	NOT-FOR-US: VMware
-CVE-2018-6973 (VMware Workstation (14.x before 14.1.3) and Fusion (10.x before ...)
+CVE-2018-6973
 	NOT-FOR-US: VMware
-CVE-2018-6972 (VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ...)
+CVE-2018-6972
 	NOT-FOR-US: VMware
-CVE-2018-6971 (VMware Horizon View Agents (7.x.x before 7.5.1) contain a local ...)
+CVE-2018-6971
 	NOT-FOR-US: VMware
-CVE-2018-6970 (VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), ...)
+CVE-2018-6970
 	NOT-FOR-US: VMware
-CVE-2018-6969 (VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds ...)
+CVE-2018-6969
 	NOT-FOR-US: VMware
-CVE-2018-6968 (The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent ...)
+CVE-2018-6968
 	NOT-FOR-US: VMware AirWatch Agent
-CVE-2018-6967 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x ...)
+CVE-2018-6967
 	NOT-FOR-US: VMware
-CVE-2018-6966 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x ...)
+CVE-2018-6966
 	NOT-FOR-US: VMware
-CVE-2018-6965 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x ...)
+CVE-2018-6965
 	NOT-FOR-US: VMware
-CVE-2018-6964 (VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains ...)
+CVE-2018-6964
 	NOT-FOR-US: VMware
-CVE-2018-6963 (VMware Workstation (14.x before 14.1.2) and Fusion (10.x before ...)
+CVE-2018-6963
 	NOT-FOR-US: VMware
-CVE-2018-6962 (VMware Fusion (10.x before 10.1.2) contains a signature bypass ...)
+CVE-2018-6962
 	NOT-FOR-US: VMware
-CVE-2018-6961 (VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a ...)
+CVE-2018-6961
 	NOT-FOR-US: VMware NSX SD-WAN Edge by VeloCloud
-CVE-2018-6960 (VMware Horizon DaaS (7.x before 8.0.0) contains a broken ...)
+CVE-2018-6960
 	NOT-FOR-US: VMware Horizon DaaS
-CVE-2018-6959 (VMware vRealize Automation (vRA) prior to 7.4.0 contains a ...)
+CVE-2018-6959
 	NOT-FOR-US: VMware vRealize Automation
-CVE-2018-6958 (VMware vRealize Automation (vRA) prior to 7.3.1 contains a ...)
+CVE-2018-6958
 	NOT-FOR-US: VMware vRealize Automation
-CVE-2018-6957 (VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before ...)
+CVE-2018-6957
 	NOT-FOR-US: VMware
-CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize URLs that ...)
+CVE-2018-7032
 	- myrepos 1.20180726 (bug #840014)
 	[stretch] - myrepos <no-dsa> (Minor issue)
 	[jessie] - myrepos <no-dsa> (Minor issue)
@@ -36387,7 +36377,7 @@ CVE-2018-6956
 	RESERVED
 CVE-2018-6955
 	RESERVED
-CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks present in ...)
+CVE-2018-6954
 	- systemd 238-1 (low; bug #890779)
 	[stretch] - systemd <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - systemd <postponed> (Minor issue, revisit if/when fixed upstream)
@@ -36395,13 +36385,13 @@ CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks prese
 	NOTE: https://github.com/systemd/systemd/issues/7986
 	NOTE: https://github.com/systemd/systemd/pull/8822
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/22/1
-CVE-2018-6953 (In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain ...)
+CVE-2018-6953
 	NOT-FOR-US: CCN-lite 2
-CVE-2018-6952 (A double free exists in the another_hunk function in pch.c in GNU patch ...)
+CVE-2018-6952
 	- patch <unfixed> (unimportant)
 	NOTE: https://savannah.gnu.org/bugs/index.php?53133
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-6951 (An issue was discovered in GNU patch through 2.7.6. There is a ...)
+CVE-2018-6951
 	- patch <unfixed> (unimportant)
 	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a
 	NOTE: https://savannah.gnu.org/bugs/index.php?53132
@@ -36410,28 +36400,28 @@ CVE-2018-6950
 	RESERVED
 CVE-2018-6949
 	RESERVED
-CVE-2018-6948 (In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a ...)
+CVE-2018-6948
 	NOT-FOR-US: CCN-lite 2
-CVE-2018-6947 (An uninitialised stack variable in the nxfuse component that is part ...)
+CVE-2018-6947
 	NOT-FOR-US: DokanFS
 CVE-2018-6946
 	RESERVED
 CVE-2018-6945
 	RESERVED
-CVE-2018-6944 (core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for ...)
+CVE-2018-6944
 	NOT-FOR-US: UltimateMember plugin for WordPress
-CVE-2018-6943 (core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 ...)
+CVE-2018-6943
 	NOT-FOR-US: UltimateMember plugin for WordPress
-CVE-2018-6942 (An issue was discovered in FreeType 2 through 2.9. A NULL pointer ...)
+CVE-2018-6942
 	- freetype 2.9.1-3 (bug #890450)
 	[stretch] - freetype <not-affected> (Vulnerable code introduced later)
 	[jessie] - freetype <not-affected> (Vulnerable code introduced later)
 	[wheezy] - freetype <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736
 	NOTE: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef
-CVE-2018-6941 (A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 ...)
+CVE-2018-6941
 	NOT-FOR-US: NAT32 devices
-CVE-2018-6940 (A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 ...)
+CVE-2018-6940
 	NOT-FOR-US: NAT32 devices
 CVE-2018-6939
 	RESERVED
@@ -36439,11 +36429,11 @@ CVE-2018-6938
 	RESERVED
 CVE-2018-6937
 	RESERVED
-CVE-2018-6936 (Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via ...)
+CVE-2018-6936
 	NOT-FOR-US: D-Link
-CVE-2018-6935 (PHP Scripts Mall Student Profile Management System Script v2.0.6 has ...)
+CVE-2018-6935
 	NOT-FOR-US: PHP Scripts Mall Student Profile Management System Script
-CVE-2018-6934 (CSRF exists in student/personal-info in PHP Scripts Mall Online ...)
+CVE-2018-6934
 	NOT-FOR-US: PHP Scripts Mall Online Tutoring Script
 CVE-2018-6933
 	RESERVED
@@ -36451,12 +36441,12 @@ CVE-2018-6932
 	RESERVED
 CVE-2018-6931
 	RESERVED
-CVE-2018-6930 (A stack-based buffer over-read in the ComputeResizeImage function in ...)
+CVE-2018-6930
 	- imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/967
 CVE-2018-6929
 	RESERVED
-CVE-2018-6928 (PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a ...)
+CVE-2018-6928
 	NOT-FOR-US: PHP Scripts Mall News Website Script
 CVE-2018-1000066
 	REJECTED
@@ -36464,56 +36454,56 @@ CVE-2018-1000065
 	REJECTED
 CVE-2018-1000064
 	REJECTED
-CVE-2018-6927 (The futex_requeue function in kernel/futex.c in the Linux kernel before ...)
+CVE-2018-6927
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
-CVE-2018-6926 (In app/Controller/ServersController.php in MISP 2.4.87, a server ...)
+CVE-2018-6926
 	NOT-FOR-US: MISP
-CVE-2018-6925 (In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, ...)
+CVE-2018-6925
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:11.listen.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6924 (In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, ...)
+CVE-2018-6924
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.freebsd.org/advisories/FreeBSD-SA-18:12.elf.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6923 (In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip ...)
+CVE-2018-6923
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-18:10.ip.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6922 (One of the data structures that holds TCP segments in all versions of ...)
+CVE-2018-6922
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.kb.cert.org/vuls/id/962459
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6921 (In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to ...)
+CVE-2018-6921
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:05.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6920 (In FreeBSD before 11.1-STABLE(r332303), 11.1-RELEASE-p10, ...)
+CVE-2018-6920
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:05.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6919 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, ...)
+CVE-2018-6919
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:04.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6918 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, ...)
+CVE-2018-6918
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-18:05.ipsec.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6917 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, ...)
+CVE-2018-6917
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-18:04.vt.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6916 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, ...)
+CVE-2018-6916
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/patches/SA-18:01/ipsec-10.patch
 	NOTE: kfreebsd not covered by security support
 CVE-2018-6915
 	RESERVED
-CVE-2018-6914 (Directory traversal vulnerability in the Dir.mktmpdir method in the ...)
+CVE-2018-6914
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -36526,42 +36516,42 @@ CVE-2018-6914 (Directory traversal vulnerability in the Dir.mktmpdir method in t
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/e9ddf2ba41a0bffe1047e33576affd48808c5d0b (2.2.10)
 CVE-2018-1000063
 	REJECTED
-CVE-2018-6913 (Heap-based buffer overflow in the pack function in Perl before 5.26.2 ...)
+CVE-2018-6913
 	{DSA-4172-1 DLA-1345-1}
 	- perl 5.26.1-6
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=131844
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/0fcf83230df5f8c52602ae22fde57c7ea885534d
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/a9d5c6e11891b48be06d4e06eeed18642bc98527
-CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg through ...)
+CVE-2018-6912
 	- ffmpeg 7:4.0.1-2 (low)
 	[stretch] - ffmpeg <not-affected> (Code in 3.2 is different/not affected)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed
-CVE-2018-6911 (The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess ...)
+CVE-2018-6911
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-6910 (DedeCMS 5.7 allows remote attackers to discover the full path via a ...)
+CVE-2018-6910
 	NOT-FOR-US: DedeCMS
-CVE-2018-6909 (A missing X-Frame-Options header in the Green Electronics RainMachine ...)
+CVE-2018-6909
 	NOT-FOR-US: Green Electronics
-CVE-2018-6908 (An authentication bypass vulnerability exists in the Green Electronics ...)
+CVE-2018-6908
 	NOT-FOR-US: Green Electronics
-CVE-2018-6907 (A Cross Site Request Forgery (CSRF) vulnerability in the Green ...)
+CVE-2018-6907
 	NOT-FOR-US: Green Electronics
-CVE-2018-6906 (A persistent Cross Site Scripting (XSS) vulnerability in the Green ...)
+CVE-2018-6906
 	NOT-FOR-US: Green Electronics
-CVE-2018-6905 (The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via ...)
+CVE-2018-6905
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life>
-CVE-2018-6904 (PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name ...)
+CVE-2018-6904
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2018-6903 (PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the ...)
+CVE-2018-6903
 	NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone Script Classified
-CVE-2018-6902 (PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name ...)
+CVE-2018-6902
 	NOT-FOR-US: PHP Scripts Mall Image Sharing Script
 CVE-2018-6901
 	RESERVED
-CVE-2018-6900 (PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name ...)
+CVE-2018-6900
 	NOT-FOR-US: PHP Scripts Mall Website Broker Script
 CVE-2018-6899
 	RESERVED
@@ -36575,17 +36565,17 @@ CVE-2018-6895
 	RESERVED
 CVE-2018-6894
 	RESERVED
-CVE-2018-6893 (controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a ...)
+CVE-2018-6893
 	NOT-FOR-US: FineCms
-CVE-2018-6892 (An issue was discovered in CloudMe before 1.11.0. An unauthenticated ...)
+CVE-2018-6892
 	NOT-FOR-US: CloudMe
-CVE-2018-6891 (Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a ...)
+CVE-2018-6891
 	NOT-FOR-US: Bookly #1 WordPress Booking Plugin Lite
-CVE-2018-6890 (Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the ...)
+CVE-2018-6890
 	NOT-FOR-US: Wolf CMS
-CVE-2018-6889 (An issue was discovered in Typesetter 5.1. It suffers from a Host ...)
+CVE-2018-6889
 	NOT-FOR-US: Typesetter CMS
-CVE-2018-6888 (An issue was discovered in Typesetter 5.1. The User Permissions page ...)
+CVE-2018-6888
 	NOT-FOR-US: Typesetter CMS
 CVE-2018-6887
 	RESERVED
@@ -36595,112 +36585,112 @@ CVE-2018-6885
 	RESERVED
 CVE-2018-6884
 	RESERVED
-CVE-2018-6883 (Piwigo before 2.9.3 has SQL injection in admin/tags.php in the ...)
+CVE-2018-6883
 	- piwigo <removed>
-CVE-2018-6882 (Cross-site scripting (XSS) vulnerability in the ...)
+CVE-2018-6882
 	NOT-FOR-US: Zimbra
-CVE-2018-1000062 (WonderCMS version 2.4.0 contains a Stored Cross-Site Scripting on File ...)
+CVE-2018-1000062
 	NOT-FOR-US: WonderCMS
-CVE-2018-1000061 (ARM mbedTLS version development branch, 2.7.0 and earlier contains a ...)
+CVE-2018-1000061
 	- mbedtls <unfixed> (unimportant)
 	NOTE: https://github.com/ARMmbed/mbedtls/issues/1356
 	NOTE: Non-issue as further analysis has shown and issue in progress to be rejected
-CVE-2018-1000060 (Sensu, Inc. Sensu Core version Before 1.2.0 &amp; before commit ...)
+CVE-2018-1000060
 	- sensu <itp> (bug #838484)
-CVE-2018-1000059 (ValidFormBuilder version 4.5.4 contains a PHP Object Injection ...)
+CVE-2018-1000059
 	NOT-FOR-US: ValidFormBuilder
-CVE-2018-6881 (EmpireCMS 6.6 allows remote attackers to discover the full path via an ...)
+CVE-2018-6881
 	NOT-FOR-US: EmpireCMS
-CVE-2018-6880 (EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full ...)
+CVE-2018-6880
 	NOT-FOR-US: EmpireCMS
-CVE-2018-6879 (PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to ...)
+CVE-2018-6879
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-6878 (Cross Site Scripting (XSS) exists in the review section in PHP Scripts ...)
+CVE-2018-6878
 	NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone Script Classified
 CVE-2018-6877
 	RESERVED
-CVE-2018-6876 (The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ...)
+CVE-2018-6876
 	NOT-FOR-US: libfpx
-CVE-2018-6875 (Format String vulnerability in KeepKey version 4.0.0 allows attackers ...)
+CVE-2018-6875
 	NOT-FOR-US: KeepKey
-CVE-2018-6874 (CSRF exists in the Auth0 authentication service through 14591 if the ...)
+CVE-2018-6874
 	NOT-FOR-US: Auth0
-CVE-2018-6873 (The Auth0 authentication service before 2017-10-15 allows privilege ...)
+CVE-2018-6873
 	NOT-FOR-US: Auth0
-CVE-2018-6872 (The elf_parse_notes function in elf.c in the Binary File Descriptor ...)
+CVE-2018-6872
 	- binutils 2.30-4
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22788
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=ef135d4314fd4c2d7da66b9d7b59af4a85b0f7e6
-CVE-2018-6871 (LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers ...)
+CVE-2018-6871
 	{DSA-4111-2 DSA-4111-1}
 	- libreoffice 1:6.0.1-1
 	[wheezy] - libreoffice <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure
-CVE-2018-6870 (Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 ...)
+CVE-2018-6870
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-6869 (In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a ...)
+CVE-2018-6869
 	{DLA-1287-1}
 	- zziplib 0.13.62-3.2 (bug #889089)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/22
 	NOTE: https://github.com/gdraheim/zziplib/commit/0c0c9256b0903f664bca25dd8d924211f81e01d3 (v0.13.68)
-CVE-2018-6868 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / ...)
+CVE-2018-6868
 	NOT-FOR-US: PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script
-CVE-2018-6867 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Alibaba Clone ...)
+CVE-2018-6867
 	NOT-FOR-US: PHP Scripts Mall Alibaba Clone Script
-CVE-2018-6866 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and ...)
+CVE-2018-6866
 	NOT-FOR-US: PHP Scripts Mall Learning and Examination Management System Script
 CVE-2018-6865
 	RESERVED
-CVE-2018-6864 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi religion ...)
+CVE-2018-6864
 	NOT-FOR-US: PHP Scripts Mall Multi religion Responsive Matrimonial
-CVE-2018-6863 (SQL Injection exists in PHP Scripts Mall Select Your College Script ...)
+CVE-2018-6863
 	NOT-FOR-US: PHP Scripts Mall Select Your College Script
-CVE-2018-6862 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin MLM ...)
+CVE-2018-6862
 	NOT-FOR-US: PHP Scripts Mall Bitcoin MLM Software
-CVE-2018-6861 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer Search ...)
+CVE-2018-6861
 	NOT-FOR-US: PHP Scripts Mall Lawyer Search Script
-CVE-2018-6860 (Arbitrary File Upload and Remote Code Execution exist in PHP Scripts ...)
+CVE-2018-6860
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-6859 (SQL Injection exists in PHP Scripts Mall Schools Alert Management ...)
+CVE-2018-6859
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-6858 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone ...)
+CVE-2018-6858
 	NOT-FOR-US: PHP Scripts Mall Facebook Clone Script
-CVE-2018-6857 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before ...)
+CVE-2018-6857
 	NOT-FOR-US: Sophos
-CVE-2018-6856 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before ...)
+CVE-2018-6856
 	NOT-FOR-US: Sophos
-CVE-2018-6855 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before ...)
+CVE-2018-6855
 	NOT-FOR-US: Sophos
-CVE-2018-6854 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before ...)
+CVE-2018-6854
 	NOT-FOR-US: Sophos
-CVE-2018-6853 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before ...)
+CVE-2018-6853
 	NOT-FOR-US: Sophos
-CVE-2018-6852 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before ...)
+CVE-2018-6852
 	NOT-FOR-US: Sophos
-CVE-2018-6851 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before ...)
+CVE-2018-6851
 	NOT-FOR-US: Sophos
 CVE-2018-6850
 	RESERVED
-CVE-2018-6849 (In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site ...)
+CVE-2018-6849
 	NOT-FOR-US: DuckDuckGo
 CVE-2018-6848
 	RESERVED
 CVE-2018-6847
 	RESERVED
-CVE-2018-6846 (Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via a ...)
+CVE-2018-6846
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-6845 (PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the ...)
+CVE-2018-6845
 	NOT-FOR-US: PHP Scripts Mall Multi Language Olx Clone Script
-CVE-2018-6844 (MyBB 1.8.14 has XSS via the Title or Description field on the Edit ...)
+CVE-2018-6844
 	NOT-FOR-US: MyBB
-CVE-2018-6843 (Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in the ...)
+CVE-2018-6843
 	NOT-FOR-US: Kentico CMS
-CVE-2018-6842 (Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a ...)
+CVE-2018-6842
 	NOT-FOR-US: Kentico CMS
 CVE-2018-6841
 	RESERVED
@@ -36712,24 +36702,24 @@ CVE-2018-6838
 	RESERVED
 CVE-2018-6837
 	RESERVED
-CVE-2018-6836 (The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark ...)
+CVE-2018-6836
 	- wireshark <not-affected> (Vulnerable code introduced in v2.5.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397
 	NOTE: Introduced by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=52823805b29a44a83eacd0e5b415b11227ec313b
 	NOTE: Fixed by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef
-CVE-2018-6835 (node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 ...)
+CVE-2018-6835
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-6834 (static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via ...)
+CVE-2018-6834
 	- etherpad-lite <itp> (bug #576998)
 CVE-2018-6833
 	RESERVED
-CVE-2018-6832 (Stack-based buffer overflow in the getSWFlag function in Foscam ...)
+CVE-2018-6832
 	NOT-FOR-US: Foscam Cameras
-CVE-2018-6831 (The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 ...)
+CVE-2018-6831
 	NOT-FOR-US: Foscam Cameras
-CVE-2018-6830 (Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 ...)
+CVE-2018-6830
 	NOT-FOR-US: Foscam Cameras
-CVE-2018-6829 (cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt ...)
+CVE-2018-6829
 	- libgcrypt20 <unfixed> (unimportant)
 	- libgcrypt11 <removed> (unimportant)
 	- gnupg1 <unfixed> (unimportant)
@@ -36743,17 +36733,17 @@ CVE-2018-6829 (cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt
 	NOTE: https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004401.html
 CVE-2018-6828
 	RESERVED
-CVE-2018-6827 (VOBOT CLOCK before 0.99.30 devices do not verify X.509 certificates ...)
+CVE-2018-6827
 	NOT-FOR-US: VOBOT CLOCK
-CVE-2018-6826 (An issue was discovered on VOBOT CLOCK before 0.99.30 devices. ...)
+CVE-2018-6826
 	NOT-FOR-US: VOBOT CLOCK
-CVE-2018-6825 (An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH ...)
+CVE-2018-6825
 	NOT-FOR-US: VOBOT CLOCK
-CVE-2018-6824 (Cozy version 2 has XSS allowing remote attackers to obtain ...)
+CVE-2018-6824
 	NOT-FOR-US: Cozy
-CVE-2018-6823 (In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the ...)
+CVE-2018-6823
 	NOT-FOR-US: Mailbutler Shimo
-CVE-2018-6822 (In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an ...)
+CVE-2018-6822
 	NOT-FOR-US: PureVPN
 CVE-2018-6821
 	REJECTED
@@ -36775,17 +36765,17 @@ CVE-2018-6813
 	RESERVED
 CVE-2018-6812
 	RESERVED
-CVE-2018-6811 (Multiple cross-site scripting (XSS) vulnerabilities in Citrix ...)
+CVE-2018-6811
 	NOT-FOR-US: Citrix
-CVE-2018-6810 (Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, ...)
+CVE-2018-6810
 	NOT-FOR-US: Citrix
-CVE-2018-6809 (NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, ...)
+CVE-2018-6809
 	NOT-FOR-US: Citrix
-CVE-2018-6808 (NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, ...)
+CVE-2018-6808
 	NOT-FOR-US: Citrix
 CVE-2018-6807
 	RESERVED
-CVE-2018-6806 (Marked 2 through 2.5.11 allows remote attackers to read arbitrary files ...)
+CVE-2018-6806
 	NOT-FOR-US: Marked 2
 CVE-2018-6805
 	RESERVED
@@ -36799,14 +36789,14 @@ CVE-2018-6801
 	RESERVED
 CVE-2018-6800
 	RESERVED
-CVE-2018-6799 (The AcquireCacheNexus function in magick/pixel_cache.c in ...)
+CVE-2018-6799
 	{DSA-4321-1 DLA-1456-1 DLA-1282-1}
 	- graphicsmagick 1.3.28-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/531/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/532/
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d30ed06e9b87
-CVE-2018-6798 (An issue was discovered in Perl 5.22 through 5.26. Matching a crafted ...)
+CVE-2018-6798
 	- perl 5.26.1-6
 	[stretch] - perl 5.24.1-3+deb9u3
 	[jessie] - perl <not-affected> (Issue introduced later)
@@ -36816,7 +36806,7 @@ CVE-2018-6798 (An issue was discovered in Perl 5.22 through 5.26. Matching a cra
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/8b80ce67ff257aaa36e47eaf4194d27a51595524
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/0abf1e8d89aecd32dbdabda5da4d52a2d57a7cff
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/f65da1ca2eee74696d9c120e9d69af37b4fa1920
-CVE-2018-6797 (An issue was discovered in Perl 5.18 through 5.26. A crafted regular ...)
+CVE-2018-6797
 	- perl 5.26.1-6
 	[stretch] - perl 5.24.1-3+deb9u3
 	[jessie] - perl <ignored> (Backport of fixes too intrusive and risky for regressions)
@@ -36824,11 +36814,11 @@ CVE-2018-6797 (An issue was discovered in Perl 5.18 through 5.26. A crafted regu
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=132227
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/abe1e6c568b96bcb382dfa4f61c56d1ab001ea51
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/510cc261d965ccfa427900ebb368fc4d337442d2
-CVE-2018-6796 (PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored ...)
+CVE-2018-6796
 	NOT-FOR-US: PHP Scripts Mall Multilanguage Real Estate MLM Script
-CVE-2018-6795 (PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via every ...)
+CVE-2018-6795
 	NOT-FOR-US: PHP Scripts Mall Naukri Clone Script
-CVE-2018-6794 (Suricata before 4.0.4 is prone to an HTTP detection bypass ...)
+CVE-2018-6794
 	{DLA-1603-1}
 	- suricata 1:4.0.4-1 (bug #889842)
 	[stretch] - suricata <no-dsa> (Minor issue)
@@ -36837,73 +36827,73 @@ CVE-2018-6794 (Suricata before 4.0.4 is prone to an HTTP detection bypass ...)
 	NOTE: https://github.com/OISF/suricata/pull/3202/commits/e1ef57c848bbe4e567d5d4b66d346a742e3f77a1
 CVE-2018-6793
 	RESERVED
-CVE-2018-6792 (Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow ...)
+CVE-2018-6792
 	NOT-FOR-US: Saifor CVMS HUB
-CVE-2018-6791 (An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE ...)
+CVE-2018-6791
 	{DSA-4116-1}
 	- plasma-workspace 4:5.12.0-2
 	- kde-runtime <not-affected> (Performs correct escaping)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=389815
 	NOTE: https://commits.kde.org/plasma-workspace/f32002ce50edc3891f1fa41173132c820b917d57 (Plasma/5.12)
 	NOTE: https://commits.kde.org/plasma-workspace/9db872df82c258315c6ebad800af59e81ffb9212 (Plasma/5.8)
-CVE-2018-6790 (An issue was discovered in KDE Plasma Workspace before 5.12.0. ...)
+CVE-2018-6790
 	- plasma-workspace 4:5.12.0-2
 	[stretch] - plasma-workspace <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://phabricator.kde.org/D10188
 	NOTE: https://cgit.kde.org/plasma-workspace.git/commit/?id=5bc696b5abcdb460c1017592e80b2d7f6ed3107c
 	NOTE: https://cgit.kde.org/plasma-workspace.git/commit/?id=8164beac15ea34ec0d1564f0557fe3e742bdd938
-CVE-2018-6789 (An issue was discovered in the base64d function in the SMTP listener ...)
+CVE-2018-6789
 	{DSA-4110-1 DLA-1274-1}
 	- exim4 4.90.1-1 (bug #890000)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/07/2
 	NOTE: https://exim.org/static/doc/security/CVE-2018-6789.txt
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=2235
 	NOTE: https://git.exim.org/exim.git/commit/062990cc1b2f9e5d82a413b53c8f0569075de700
-CVE-2018-6788 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...)
+CVE-2018-6788
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6787 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...)
+CVE-2018-6787
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6786 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...)
+CVE-2018-6786
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6785 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6785
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6784 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6784
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6783 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6783
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6782 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6782
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6781 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6781
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6780 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6780
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6779 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6779
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6778 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6778
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6777 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...)
+CVE-2018-6777
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6776 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6776
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6775 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...)
+CVE-2018-6775
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6774 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6774
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6773 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6773
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6772 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...)
+CVE-2018-6772
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6771 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...)
+CVE-2018-6771
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6770 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...)
+CVE-2018-6770
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6769 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...)
+CVE-2018-6769
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6768 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...)
+CVE-2018-6768
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6766 (Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could ...)
+CVE-2018-6766
 	NOT-FOR-US: Swisscom TVMediaHelper
-CVE-2018-6765 (Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that ...)
+CVE-2018-6765
 	NOT-FOR-US: Swisscom MySwisscomAssistant
 CVE-2018-6763
 	RESERVED
@@ -36913,32 +36903,32 @@ CVE-2018-6761
 	RESERVED
 CVE-2018-6760
 	RESERVED
-CVE-2018-6767 (A stack-based buffer over-read in the ParseRiffHeaderConfig function of ...)
+CVE-2018-6767
 	{DSA-4125-1}
 	- wavpack 5.1.0-3 (bug #889276)
 	[jessie] - wavpack <not-affected> (Vulnerable code introduced later in 4.80.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code introduced later in 4.80.0)
 	NOTE: https://github.com/dbry/WavPack/issues/27
 	NOTE: https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5
-CVE-2018-6764 (util/virlog.c in libvirt does not properly determine the hostname on ...)
+CVE-2018-6764
 	- libvirt 4.0.0-2 (bug #889839)
 	[stretch] - libvirt 3.0.0-4+deb9u3
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1541444
 	NOTE: introduced-by https://libvirt.org/git/?p=libvirt.git;a=commit;h=759b4d1b0fe5f4d84d98b99153dfa7ac289dd167
-CVE-2018-6759 (The bfd_get_debug_link_info_1 function in opncls.c in the Binary File ...)
+CVE-2018-6759
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22794
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=64e234d417d5685a4aec0edc618114d9991c031b
-CVE-2018-6757 (Privilege Escalation vulnerability in Microsoft Windows client in ...)
+CVE-2018-6757
 	NOT-FOR-US: McAfee True Key
-CVE-2018-6756 (Authentication Abuse vulnerability in Microsoft Windows client in ...)
+CVE-2018-6756
 	NOT-FOR-US: McAfee True Key
-CVE-2018-6755 (Weak Directory Permission Vulnerability in Microsoft Windows client ...)
+CVE-2018-6755
 	NOT-FOR-US: McAfee True Key
 CVE-2018-6754
 	RESERVED
@@ -37034,21 +37024,21 @@ CVE-2018-6709
 	RESERVED
 CVE-2018-6708
 	RESERVED
-CVE-2018-6707 (Denial of Service through Resource Depletion vulnerability in the ...)
+CVE-2018-6707
 	NOT-FOR-US: McAfee
-CVE-2018-6706 (Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 ...)
+CVE-2018-6706
 	NOT-FOR-US: McAfee
-CVE-2018-6705 (Privilege escalation vulnerability in McAfee Agent (MA) for Linux ...)
+CVE-2018-6705
 	NOT-FOR-US: McAfee
-CVE-2018-6704 (Privilege escalation vulnerability in McAfee Agent (MA) for Linux ...)
+CVE-2018-6704
 	NOT-FOR-US: McAfee
-CVE-2018-6703 (Use After Free in McAfee Common service in McAfee Agent (MA) 5.0.0 ...)
+CVE-2018-6703
 	NOT-FOR-US: McAfee
 CVE-2018-6702
 	RESERVED
 CVE-2018-6701
 	RESERVED
-CVE-2018-6700 (DLL Search Order Hijacking vulnerability in Microsoft Windows Client ...)
+CVE-2018-6700
 	NOT-FOR-US: McAfee
 CVE-2018-6699
 	RESERVED
@@ -37058,83 +37048,83 @@ CVE-2018-6697
 	RESERVED
 CVE-2018-6696
 	RESERVED
-CVE-2018-6695 (SSH host keys generation vulnerability in the server in McAfee Threat ...)
+CVE-2018-6695
 	NOT-FOR-US: McAfee
 CVE-2018-6694
 	RESERVED
-CVE-2018-6693 (An unprivileged user can delete arbitrary files on a Linux system ...)
+CVE-2018-6693
 	NOT-FOR-US: McAfee
-CVE-2018-6692 (Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin ...)
+CVE-2018-6692
 	NOT-FOR-US: Belkin Wemo Insight Smart Plug
 CVE-2018-6691
 	RESERVED
-CVE-2018-6690 (Accessing, modifying, or executing executable files vulnerability in ...)
+CVE-2018-6690
 	NOT-FOR-US: McAfee
-CVE-2018-6689 (Authentication Bypass vulnerability in McAfee Data Loss Prevention ...)
+CVE-2018-6689
 	NOT-FOR-US: McAfee
 CVE-2018-6688
 	RESERVED
-CVE-2018-6687 (Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee ...)
+CVE-2018-6687
 	NOT-FOR-US: McAfee
-CVE-2018-6686 (Authentication Bypass vulnerability in TPM autoboot in McAfee Drive ...)
+CVE-2018-6686
 	NOT-FOR-US: McAfee
 CVE-2018-6685
 	RESERVED
 CVE-2018-6684
 	RESERVED
-CVE-2018-6683 (Exploiting Incorrectly Configured Access Control Security Levels ...)
+CVE-2018-6683
 	NOT-FOR-US: McAfee
-CVE-2018-6682 (Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and ...)
+CVE-2018-6682
 	NOT-FOR-US: McAfee
-CVE-2018-6681 (Abuse of Functionality vulnerability in the web interface in McAfee ...)
+CVE-2018-6681
 	NOT-FOR-US: McAfee
 CVE-2018-6680
 	RESERVED
 CVE-2018-6679
 	RESERVED
-CVE-2018-6678 (Configuration/Environment manipulation vulnerability in the ...)
+CVE-2018-6678
 	NOT-FOR-US: McAfee
-CVE-2018-6677 (Directory Traversal vulnerability in the administrative user interface ...)
+CVE-2018-6677
 	NOT-FOR-US: McAfee
 CVE-2018-6676
 	RESERVED
 CVE-2018-6675
 	RESERVED
-CVE-2018-6674 (Privilege Escalation vulnerability in Microsoft Windows client in ...)
+CVE-2018-6674
 	NOT-FOR-US: McAfee
 CVE-2018-6673
 	RESERVED
-CVE-2018-6672 (Information disclosure vulnerability in McAfee ePolicy Orchestrator ...)
+CVE-2018-6672
 	NOT-FOR-US: McAfee
-CVE-2018-6671 (Application Protection Bypass vulnerability in McAfee ePolicy ...)
+CVE-2018-6671
 	NOT-FOR-US: McAfee
-CVE-2018-6670 (External Entity Attack vulnerability in the ePO extension in McAfee ...)
+CVE-2018-6670
 	NOT-FOR-US: McAfee
-CVE-2018-6669 (A whitelist bypass vulnerability in McAfee Application Control / ...)
+CVE-2018-6669
 	NOT-FOR-US: McAfee
-CVE-2018-6668 (A whitelist bypass vulnerability in McAfee Application Control / ...)
+CVE-2018-6668
 	NOT-FOR-US: McAfee
-CVE-2018-6667 (Authentication Bypass vulnerability in the administrative user ...)
+CVE-2018-6667
 	NOT-FOR-US: McAfee
 CVE-2018-6666
 	RESERVED
 CVE-2018-6665
 	RESERVED
-CVE-2018-6664 (Application Protections Bypass vulnerability in Microsoft Windows in ...)
+CVE-2018-6664
 	NOT-FOR-US: McAfee
 CVE-2018-6663
 	RESERVED
-CVE-2018-6662 (Privilege Escalation vulnerability in McAfee Management of Native ...)
+CVE-2018-6662
 	NOT-FOR-US: McAfee
-CVE-2018-6661 (DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee ...)
+CVE-2018-6661
 	NOT-FOR-US: McAfee
-CVE-2018-6660 (Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) ...)
+CVE-2018-6660
 	NOT-FOR-US: McAfee
-CVE-2018-6659 (Reflected Cross-Site Scripting vulnerability in McAfee ePolicy ...)
+CVE-2018-6659
 	NOT-FOR-US: McAfee
 CVE-2018-6658
 	RESERVED
-CVE-2018-6758 (The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through ...)
+CVE-2018-6758
 	{DLA-1275-1}
 	- uwsgi 2.0.15-10.2 (bug #889753)
 	[stretch] - uwsgi 2.0.14+20161117-3+deb9u1
@@ -37143,17 +37133,17 @@ CVE-2018-6758 (The uwsgi_expand_path function in core/utils.c in Unbit uWSGI thr
 	NOTE: https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
 CVE-2018-6657
 	RESERVED
-CVE-2018-6656 (Z-BlogPHP 1.5.1 has CSRF via zb_users/plugin/AppCentre/app_del.php, as ...)
+CVE-2018-6656
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-6655 (PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an ...)
+CVE-2018-6655
 	NOT-FOR-US: PHP Scripts Mall Doctor Search Script
-CVE-2018-6654 (The Grammarly extension before 2018-02-02 for Chrome allows remote ...)
+CVE-2018-6654
 	NOT-FOR-US: Grammarly extension for Chrome
-CVE-2018-6653 (comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in ...)
+CVE-2018-6653
 	NOT-FOR-US: comforte SWAP
 CVE-2018-6652
 	RESERVED
-CVE-2018-6651 (In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as ...)
+CVE-2018-6651
 	NOT-FOR-US: uncurl
 CVE-2018-6650
 	RESERVED
@@ -37167,100 +37157,100 @@ CVE-2018-6646
 	RESERVED
 CVE-2018-6645
 	RESERVED
-CVE-2018-6644 (SBLIM Small Footprint CIM Broker (SFCB) 1.4.9 has a null pointer (DoS) ...)
+CVE-2018-6644
 	- sblim-sfcb <itp> (bug #754493)
-CVE-2018-6643 (Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the ...)
+CVE-2018-6643
 	NOT-FOR-US: Infoblox NetMRI
 CVE-2018-6642
 	RESERVED
-CVE-2018-6641 (An Arbitrary Free (Remote Code Execution) issue was discovered in ...)
+CVE-2018-6641
 	NOT-FOR-US: Design Science MathType
-CVE-2018-6640 (A Heap Overflow (Remote Code Execution) issue was discovered in Design ...)
+CVE-2018-6640
 	NOT-FOR-US: Design Science MathType
-CVE-2018-6639 (An out-of-bounds write (Remote Code Execution) issue was discovered in ...)
+CVE-2018-6639
 	NOT-FOR-US: Design Science MathType
-CVE-2018-6638 (A stack-based buffer overflow (Remote Code Execution) issue was ...)
+CVE-2018-6638
 	NOT-FOR-US: Design Science MathType
 CVE-2018-6637
 	RESERVED
 CVE-2018-6636
 	RESERVED
-CVE-2018-6635 (System Manager in Avaya Aura before 7.1.2 does not properly use SSL in ...)
+CVE-2018-6635
 	NOT-FOR-US: System Manager in Avaya Aura
 CVE-2018-6634
 	RESERVED
-CVE-2018-6633 (In Micropoint proactive defense software 2.0.20266.0146, the driver ...)
+CVE-2018-6633
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6632 (In Micropoint proactive defense software 2.0.20266.0146, the driver ...)
+CVE-2018-6632
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6631 (In Micropoint proactive defense software 2.0.20266.0146, the driver ...)
+CVE-2018-6631
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6630 (In Micropoint proactive defense software 2.0.20266.0146, the driver ...)
+CVE-2018-6630
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6629 (In Micropoint proactive defense software 2.0.20266.0146, the driver ...)
+CVE-2018-6629
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6628 (In Micropoint proactive defense software 2.0.20266.0146, the driver ...)
+CVE-2018-6628
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6627 (In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) ...)
+CVE-2018-6627
 	NOT-FOR-US: WatchDog Anti-Malware
-CVE-2018-6626 (In Micropoint proactive defense software 2.0.20266.0146, the driver ...)
+CVE-2018-6626
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6625 (In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) ...)
+CVE-2018-6625
 	NOT-FOR-US: WatchDog Anti-Malware
-CVE-2018-6624 (OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass ...)
+CVE-2018-6624
 	NOT-FOR-US: OMRON NS devices
-CVE-2018-6623 (An issue was discovered in Hola 1.79.859. An unprivileged user could ...)
+CVE-2018-6623
 	NOT-FOR-US: Hola
-CVE-2018-1000058 (Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an ...)
+CVE-2018-1000058
 	NOT-FOR-US: jenkins-plugin-workflow-support
-CVE-2018-1000057 (Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it ...)
+CVE-2018-1000057
 	NOT-FOR-US: jenkins-plugin-credentials-binding
-CVE-2018-1000056 (Jenkins JUnit Plugin 1.23 and earlier processes XML external entities ...)
+CVE-2018-1000056
 	NOT-FOR-US: jenkins-plugin-junit
-CVE-2018-1000055 (Jenkins Android Lint Plugin 2.5 and earlier processes XML external ...)
+CVE-2018-1000055
 	NOT-FOR-US: Jenkins Android Lint Plugin
-CVE-2018-1000054 (Jenkins CCM Plugin 3.1 and earlier processes XML external entities in ...)
+CVE-2018-1000054
 	NOT-FOR-US: Jenkins CCM Plugin
-CVE-2018-1000053 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request ...)
+CVE-2018-1000053
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000052 (fmtlib version prior to version 4.1.0 (before commit ...)
+CVE-2018-1000052
 	- fmtlib 5.2.1+ds-1 (unimportant; bug #890033)
 	NOTE: https://github.com/fmtlib/fmt/issues/642
 	NOTE: https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7
 	NOTE: This looks bogus, how would that come from untrusted input
-CVE-2018-1000051 (Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability ...)
+CVE-2018-1000051
 	{DSA-4152-1}
 	- mupdf 1.12.0+ds1-1 (bug #891245)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present, introduced in version 1.3)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698825
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698873
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?321ba1de287016b0036bf4a56ce774ad11763384
-CVE-2018-1000050 (Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer ...)
+CVE-2018-1000050
 	NOT-FOR-US: Sean Barrett stb_vorbis
-CVE-2018-1000049 (Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote ...)
+CVE-2018-1000049
 	NOT-FOR-US: nanopool Claymore Dual Miner
-CVE-2018-1000048 (NASA RtRetrievalFramework version v1.0 contains a CWE-502 ...)
+CVE-2018-1000048
 	NOT-FOR-US: NASA RtRetrievalFramework
-CVE-2018-1000047 (NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak ...)
+CVE-2018-1000047
 	NOT-FOR-US: NASA Kodiak
-CVE-2018-1000046 (NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in ...)
+CVE-2018-1000046
 	NOT-FOR-US: NASA Pyblock
-CVE-2018-1000045 (NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA ...)
+CVE-2018-1000045
 	NOT-FOR-US: NASA Singledop
-CVE-2018-1000044 (Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a ...)
+CVE-2018-1000044
 	NOT-FOR-US: Security Onion Solutions Squert
-CVE-2018-1000043 (Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a ...)
+CVE-2018-1000043
 	NOT-FOR-US: Security Onion Solutions Squert
-CVE-2018-1000042 (Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a ...)
+CVE-2018-1000042
 	NOT-FOR-US: Security Onion Solutions Squert
-CVE-2018-1000041 (GNOME librsvg version before commit ...)
+CVE-2018-1000041
 	{DLA-1278-1}
 	- librsvg <not-affected> (Specific to Windows)
 	NOTE: Merge of changes: https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea
 	NOTE: https://github.com/GNOME/librsvg/commit/4de19d9fdddf81773125b04a4defe1ffd0d3bfe0
-CVE-2018-6622 (An issue was discovered that affects all producers of BIOS firmware ...)
+CVE-2018-6622
 	NOT-FOR-US: Generic TPM issue
-CVE-2018-6621 (The decode_frame function in libavcodec/utvideodec.c in FFmpeg through ...)
+CVE-2018-6621
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:3.4.2-1 (low)
 	- libav <removed>
@@ -37268,13 +37258,13 @@ CVE-2018-6621 (The decode_frame function in libavcodec/utvideodec.c in FFmpeg th
 	NOTE: Fixed in 3.2.11
 CVE-2018-6620
 	REJECTED
-CVE-2018-6619 (Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for ...)
+CVE-2018-6619
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6618 (Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to ...)
+CVE-2018-6618
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6617 (Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL ...)
+CVE-2018-6617
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6616 (In OpenJPEG 2.3.0, there is excessive iteration in the ...)
+CVE-2018-6616
 	{DSA-4405-1 DLA-1614-1}
 	- openjpeg2 2.3.0-2 (bug #889683)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1059
@@ -37285,29 +37275,29 @@ CVE-2018-6614
 	RESERVED
 CVE-2018-6613
 	RESERVED
-CVE-2018-6612 (An integer underflow bug in the process_EXIF function of the exif.c ...)
+CVE-2018-6612
 	- jhead 1:3.00-6 (unimportant; bug #889272)
 	NOTE: https://anonscm.debian.org/git/collab-maint/jhead.git/diff/debian/patches/0008-heap-buffer-overflow.patch?id=01f09ab772d0d341cdc1326490dd2aa5aa2a7784
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-6611 (soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt ...)
+CVE-2018-6611
 	- libopenmpt 0.3.6-1 (bug #889545)
 	[stretch] - libopenmpt <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/OpenMPT/openmpt/commit/61fc6d3030a4d4283105cb5fb46b27b42fa5575e
-CVE-2018-6610 (Information Leakage exists in the jLike 1.0 component for Joomla! via a ...)
+CVE-2018-6610
 	NOT-FOR-US: jLike component for Joomla!
-CVE-2018-6609 (SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via ...)
+CVE-2018-6609
 	NOT-FOR-US: JSP Tickets component for Joomla!
-CVE-2018-6608 (In the WebRTC component in Opera 51.0.2830.55, after visiting a web ...)
+CVE-2018-6608
 	NOT-FOR-US: WebRTC component in Opera
 CVE-2018-6607
 	RESERVED
-CVE-2018-6606 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...)
+CVE-2018-6606
 	NOT-FOR-US: MalwareFox AntiMalware
-CVE-2018-6605 (SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! ...)
+CVE-2018-6605
 	NOT-FOR-US: Zh BaiduMap component for Joomla!
-CVE-2018-6604 (SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! ...)
+CVE-2018-6604
 	NOT-FOR-US: Zh YandexMap component for Joomla!
-CVE-2018-6603 (Promise Technology WebPam Pro-E devices allow remote attackers to ...)
+CVE-2018-6603
 	NOT-FOR-US: Promise Technology WebPam Pro-E devices
 CVE-2018-6602
 	RESERVED
@@ -37315,20 +37305,20 @@ CVE-2018-6601
 	RESERVED
 CVE-2018-6600
 	RESERVED
-CVE-2018-6599 (An issue was discovered on Orbic Wonder ...)
+CVE-2018-6599
 	NOT-FOR-US: Orbic
-CVE-2018-6598 (An issue was discovered on Orbic Wonder ...)
+CVE-2018-6598
 	NOT-FOR-US: Orbic
-CVE-2018-6597 (The Alcatel A30 device with a build fingerprint of ...)
+CVE-2018-6597
 	NOT-FOR-US: Alcatel A30 device
-CVE-2018-6596 (webhooks/base.py in Anymail (aka django-anymail) before 1.2.1 is prone ...)
+CVE-2018-6596
 	{DSA-4107-1}
 	- django-anymail 1.3-1 (bug #889450)
 	NOTE: https://github.com/anymail/django-anymail/commit/db586ede1fbb41dce21310ea28ae15a1cf1286c5 (v1.3)
 	NOTE: https://github.com/anymail/django-anymail/commit/c07998304b4a31df4c61deddcb03d3607a04691b (v1.2.x-branch)
 CVE-2018-6595
 	RESERVED
-CVE-2018-6594 (lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates ...)
+CVE-2018-6594
 	- pycryptodome 3.4.11-1 (bug #889998)
 	- python-crypto 2.6.1-9 (bug #889999)
 	[stretch] - python-crypto <no-dsa> (Minor issue)
@@ -37341,23 +37331,23 @@ CVE-2018-6594 (lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generat
 	NOTE: See further discussion as per https://github.com/Legrandin/pycryptodome/issues/90#issuecomment-362783537
 	NOTE: Upstream feels that this is not a vulnerability in pycryptodome/python-crypto,
 	NOTE: but in an application using it in an insecure manner.
-CVE-2018-6593 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...)
+CVE-2018-6593
 	NOT-FOR-US: MalwareFox AntiMalware
-CVE-2018-6592 (Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local ...)
+CVE-2018-6592
 	NOT-FOR-US: Unisys Stealth Windows endpoints
-CVE-2018-6591 (Converse.js and Inverse.js through 3.3 allow remote attackers to obtain ...)
+CVE-2018-6591
 	NOT-FOR-US: Converse.js
-CVE-2018-6590 (CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an ...)
+CVE-2018-6590
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-6589 (CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to ...)
+CVE-2018-6589
 	NOT-FOR-US: CA Spectrum
-CVE-2018-6588 (CA API Developer Portal 3.5 up to and including 3.5 CR5 has a ...)
+CVE-2018-6588
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-6587 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a ...)
+CVE-2018-6587
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-6586 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored ...)
+CVE-2018-6586
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-1000040 (In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs ...)
+CVE-2018-1000040
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
@@ -37368,7 +37358,7 @@ CVE-2018-1000040 (In MuPDF 1.12.0 and earlier, multiple use of uninitialized val
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=83d4dae44c71816c084a635550acc1a51529b881;hp=f597300439e62f5e921f0d7b1e880b5c1a1f1607
-CVE-2018-1000039 (In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the ...)
+CVE-2018-1000039
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
@@ -37379,14 +37369,14 @@ CVE-2018-1000039 (In MuPDF 1.12.0 and earlier, multiple heap use after free bugs
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=4dcc6affe04368461310a21238f7e1871a752a05;hp=8ec561d1bccc46e9db40a9f61310cd8b3763914e
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b
-CVE-2018-1000038 (In MuPDF 1.12.0 and earlier, a stack buffer overflow in function ...)
+CVE-2018-1000038
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b
-CVE-2018-1000037 (In MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF ...)
+CVE-2018-1000037
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
@@ -37399,54 +37389,54 @@ CVE-2018-1000037 (In MuPDF 1.12.0 and earlier, multiple reachable assertions in
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=8a3257b01faa899dd9b5e35c6bb3403cd709c371;hp=de39f005f12a1afc6973c1f5cec362d6545f70cb
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=b2e7d38e845c7d4922d05e6e41f3a2dc1bc1b14a;hp=f51836b9732c38d945b87fda0770009a77ba680c
-CVE-2018-1000036 (In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser ...)
+CVE-2018-1000036
 	- mupdf 1.14.0+ds1-1 (unimportant; bug #900129)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699695
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=985fdcfc117a3bd4bc097cdcae8347b3787fbab2
 	NOTE: negligible security impact, memory leak in CLI tool
-CVE-2018-1000035 (A heap-based buffer overflow exists in Info-Zip UnZip version &lt;= 6.00 ...)
+CVE-2018-1000035
 	- unzip 6.0-22 (bug #889838)
 	[stretch] - unzip <no-dsa> (Harmless crash, builds with fortified source)
 	[jessie] - unzip <no-dsa> (Harmless crash, builds with fortified source)
 	[wheezy] - unzip <no-dsa> (Harmless crash, builds with fortified source)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
 	NOTE: Patch used in openSUSE:Factory/unzip: https://bugzilla.novell.com/attachment.cgi?id=759406
-CVE-2018-1000034 (An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that ...)
+CVE-2018-1000034
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-1000033 (An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that ...)
+CVE-2018-1000033
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-1000032 (A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 ...)
+CVE-2018-1000032
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-1000031 (A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 ...)
+CVE-2018-1000031
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-6585 (SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via ...)
+CVE-2018-6585
 	NOT-FOR-US: JTicketing component for Joomla!
-CVE-2018-6584 (SQL Injection exists in the DT Register 3.2.7 component for Joomla! via ...)
+CVE-2018-6584
 	NOT-FOR-US: DT Register component for Joomla!
-CVE-2018-6583 (SQL Injection exists in the Timetable Responsive Schedule 1.5 component ...)
+CVE-2018-6583
 	NOT-FOR-US: Timetable Responsive Schedule component for Joomla!
-CVE-2018-6582 (SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! ...)
+CVE-2018-6582
 	NOT-FOR-US: Zh GoogleMap component for Joomla!
-CVE-2018-6581 (SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a ...)
+CVE-2018-6581
 	NOT-FOR-US: JMS Music component for Joomla!
-CVE-2018-6580 (Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component ...)
+CVE-2018-6580
 	NOT-FOR-US: Jimtawl component for Joomla!
-CVE-2018-6579 (SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for ...)
+CVE-2018-6579
 	NOT-FOR-US: JEXTN Reverse Auction component for Joomla!
-CVE-2018-6578 (SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! ...)
+CVE-2018-6578
 	NOT-FOR-US: JE PayperVideo component for Joomla!
-CVE-2018-6577 (SQL Injection exists in the JEXTN Membership 3.1.0 component for ...)
+CVE-2018-6577
 	NOT-FOR-US: JEXTN Membership component for Joomla!
-CVE-2018-6576 (SQL Injection exists in Event Manager 1.0 via the event.php id ...)
+CVE-2018-6576
 	NOT-FOR-US: Event Manager
-CVE-2018-6575 (SQL Injection exists in the JEXTN Classified 1.0.0 component for ...)
+CVE-2018-6575
 	NOT-FOR-US: JEXTN Membership component for Joomla!
-CVE-2018-6574 (Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before ...)
+CVE-2018-6574
 	{DSA-4380-1}
 	- golang-1.10 1.10~rc2-1
 	- golang-1.9 1.9.4-1
@@ -37467,7 +37457,7 @@ CVE-2018-6571
 	RESERVED
 CVE-2018-6570
 	RESERVED
-CVE-2018-6569 (West Wind Web Server 6.x does not require authentication for ...)
+CVE-2018-6569
 	NOT-FOR-US: West Wind Web Server
 CVE-2018-6568
 	RESERVED
@@ -37479,52 +37469,52 @@ CVE-2018-6565
 	RESERVED
 CVE-2018-6564
 	RESERVED
-CVE-2018-6563 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+CVE-2018-6563
 	NOT-FOR-US: totemomail Encryption Gateway
-CVE-2018-6562 (totemomail Encryption Gateway before 6.0_b567 allows remote attackers ...)
+CVE-2018-6562
 	NOT-FOR-US: totemomail Encryption Gateway
-CVE-2018-6561 (dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute ...)
+CVE-2018-6561
 	- dojo 1.13.0+dfsg1-1 (bug #898944)
 	[jessie] - dojo <ignored> (Minor issue)
 	[wheezy] - dojo <no-dsa> (Minor issue)
 	NOTE: https://github.com/imsebao/404team/blob/master/dijit_editor_xss.md
-CVE-2018-6560 (In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and ...)
+CVE-2018-6560
 	- flatpak 0.10.3-1 (bug #888842)
 	[stretch] - flatpak 0.8.9-0+deb9u1
 	NOTE: https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6
-CVE-2018-6559 (The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows ...)
+CVE-2018-6559
 	- linux <not-affected> (Ubuntu-specific issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1793458
-CVE-2018-6558 (The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore ...)
+CVE-2018-6558
 	- fscrypt 0.2.4-1 (bug #907074)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/fscrypt/+bug/1787548
 	NOTE: https://github.com/google/fscrypt/issues/77
 	NOTE: https://github.com/google/fscrypt/pull/103
-CVE-2018-6557 (The MOTD update script in the base-files package in Ubuntu 18.04 LTS ...)
+CVE-2018-6557
 	- base-files <not-affected> (Ubuntu specific motd update code; vulnerable code not present)
-CVE-2018-6556 (lxc-user-nic when asked to delete a network interface will ...)
+CVE-2018-6556
 	- lxc 1:2.0.9-6.1 (bug #905586)
 	[stretch] - lxc <not-affected> (Vulnerable code introduced later)
 	[jessie] - lxc <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591
 	NOTE: Prerequisite: https://github.com/lxc/lxc/commit/f96f5f3c1341e73ee51c8b49bef4ba571c562d8c
 	NOTE: Fixed by: https://github.com/lxc/lxc/commit/5eb45428b312e978fb9e294dde16efb14dd9fa4d
-CVE-2018-6555 (The irda_setsockopt function in net/irda/af_irda.c and later in ...)
+CVE-2018-6555
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/09/04/2
-CVE-2018-6554 (Memory leak in the irda_bind function in net/irda/af_irda.c and later ...)
+CVE-2018-6554
 	{DSA-4308-1 DLA-1715-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/09/04/2
-CVE-2018-6553 (The CUPS AppArmor profile incorrectly confined the dnssd backend due ...)
+CVE-2018-6553
 	{DSA-4243-1 DLA-1426-1}
 	- cups 2.2.8-5 (bug #903605)
-CVE-2018-6552 (Apport does not properly handle crashes originating from a PID ...)
+CVE-2018-6552
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2018-6551 (The malloc implementation in the GNU C Library (aka glibc or libc6), ...)
+CVE-2018-6551
 	[experimental] - glibc 2.26.9000+20180127.7e23a7dd-0experimental0
 	- glibc 2.27-1
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -37532,22 +37522,22 @@ CVE-2018-6551 (The malloc implementation in the GNU C Library (aka glibc or libc
 	- eglibc <not-affected> (Issue introduced in 2.24 for powerpc, 2.26 only for i386)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22774
 	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22
-CVE-2018-6550 (Monstra CMS through 3.0.4 has XSS in the title function in ...)
+CVE-2018-6550
 	NOT-FOR-US: Monstra CMS
 CVE-2018-6549
 	RESERVED
-CVE-2018-6548 (A use-after-free issue was discovered in libwebm through 2018-02-02. If ...)
+CVE-2018-6548
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: Chromium is built with support for VP9 disabled in Debian
 	NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1493
 	NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md
-CVE-2018-6547 (plays_service.exe in the plays.tv service before 1.27.7.0, as ...)
+CVE-2018-6547
 	NOT-FOR-US: plays_service.exe in the plays.tv service
-CVE-2018-6546 (plays_service.exe in the plays.tv service before 1.27.7.0, as ...)
+CVE-2018-6546
 	NOT-FOR-US: plays_service.exe in the plays.tv service
-CVE-2018-6545 (Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting ...)
+CVE-2018-6545
 	NOT-FOR-US: Ipswitch MoveIt
-CVE-2018-6544 (pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could ...)
+CVE-2018-6544
 	{DSA-4152-1}
 	- mupdf 1.12.0+ds1-1 (bug #891245)
 	[wheezy] - mupdf <ignored> (Most likely not affected, minor issue)
@@ -37557,26 +37547,26 @@ CVE-2018-6544 (pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698830
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698965
 	NOTE: https://lists.debian.org/debian-lts/2018/03/msg00043.html
-CVE-2018-6543 (In GNU Binutils 2.30, there's an integer overflow in the function ...)
+CVE-2018-6543
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22769
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f2023ce7e8d70b0155cc6206c901e185260918f0
-CVE-2018-6542 (In ZZIPlib 0.13.67, there is a bus error (when handling a ...)
+CVE-2018-6542
 	- zziplib <unfixed> (unimportant)
 	NOTE: https://github.com/gdraheim/zziplib/issues/17
 	NOTE: https://github.com/gdraheim/zziplib/commit/931f962ddfec0e00d6f486df2c56d9857b55944e (v0.13.68)
 	NOTE: Negligible impact and unzzipcat utility not installed into binary packages
-CVE-2018-6541 (In ZZIPlib 0.13.67, there is a bus error caused by loading of a ...)
+CVE-2018-6541
 	- zziplib 0.13.62-3.2 (bug #889089)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <ignored> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/16
 	NOTE: https://github.com/gdraheim/zziplib/commit/0c0c9256b0903f664bca25dd8d924211f81e01d3 (v0.13.68)
-CVE-2018-6540 (In ZZIPlib 0.13.67, there is a bus error caused by loading of a ...)
+CVE-2018-6540
 	- zziplib 0.13.62-3.2 (bug #923659)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
@@ -37587,27 +37577,27 @@ CVE-2018-6539
 	RESERVED
 CVE-2018-6538
 	REJECTED
-CVE-2018-6537 (A buffer overflow vulnerability in the control protocol of Flexense ...)
+CVE-2018-6537
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
-CVE-2018-6536 (An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates ...)
+CVE-2018-6536
 	- icinga2 2.8.4-1
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/issues/5991
-CVE-2018-6535 (An issue was discovered in Icinga 2.x through 2.8.1. The lack of a ...)
+CVE-2018-6535
 	- icinga2 2.8.4-1 (low; bug #897301)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/issues/4920
 	NOTE: https://github.com/Icinga/icinga2/pull/5715
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/22/3
-CVE-2018-6534 (An issue was discovered in Icinga 2.x through 2.8.1. By sending ...)
+CVE-2018-6534
 	- icinga2 2.8.4-1 (low; bug #897301)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/pull/6104
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/22/3
-CVE-2018-6533 (An issue was discovered in Icinga 2.x through 2.8.1. By editing the ...)
+CVE-2018-6533
 	- icinga2 2.8.4-1 (low; bug #897301)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
@@ -37615,7 +37605,7 @@ CVE-2018-6533 (An issue was discovered in Icinga 2.x through 2.8.1. By editing t
 	NOTE: CVE is related to CVE-2017-16933 but for "the issue in using
 	NOTE: init.conf to support run-time reconfiguration of an account is
 	NOTE: design flaw". CVE-2018-6533 larger issue than CVE-2017-16933.
-CVE-2018-6532 (An issue was discovered in Icinga 2.x through 2.8.1. By sending ...)
+CVE-2018-6532
 	- icinga2 2.8.4-1 (low)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
@@ -37623,37 +37613,37 @@ CVE-2018-6532 (An issue was discovered in Icinga 2.x through 2.8.1. By sending .
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/22/3
 CVE-2018-6531
 	RESERVED
-CVE-2018-6530 (OS command injection vulnerability in soap.cgi (soapcgi_main in ...)
+CVE-2018-6530
 	NOT-FOR-US: D-Link
-CVE-2018-6529 (XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link ...)
+CVE-2018-6529
 	NOT-FOR-US: D-Link
-CVE-2018-6528 (XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link ...)
+CVE-2018-6528
 	NOT-FOR-US: D-Link
-CVE-2018-6527 (XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in ...)
+CVE-2018-6527
 	NOT-FOR-US: D-Link
-CVE-2018-6526 (view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 ...)
+CVE-2018-6526
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23921
-CVE-2018-6525 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) ...)
+CVE-2018-6525
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6524 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) ...)
+CVE-2018-6524
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6523 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) ...)
+CVE-2018-6523
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6522 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKRgFtXp.SYS) ...)
+CVE-2018-6522
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6521 (The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL ...)
+CVE-2018-6521
 	{DSA-4127-1 DLA-1273-1}
 	- simplesamlphp 1.15.2-1
 	NOTE: https://simplesamlphp.org/security/201801-03
-CVE-2018-6520 (SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open ...)
+CVE-2018-6520
 	- simplesamlphp 1.15.2-1
 	[stretch] - simplesamlphp <no-dsa> (Minor issue)
 	[jessie] - simplesamlphp <no-dsa> (Minor issue)
 	[wheezy] - simplesamlphp <not-affected> (Vulnerable code introduced in 1.12)
 	NOTE: https://simplesamlphp.org/security/201801-02
-CVE-2018-6519 (The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 ...)
+CVE-2018-6519
 	{DSA-4127-1}
 	- simplesamlphp 1.15.2-1
 	[wheezy] - simplesamlphp <not-affected> (Vulnerable code not present)
@@ -37662,31 +37652,31 @@ CVE-2018-6519 (The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before
 	NOTE: The issue lies in the simplesamlphp/saml2 part, which is
 	NOTE: updated in 1.15.2 to the respective fixed version.
 	NOTE: https://github.com/simplesamlphp/saml2/commit/726404bf7b4085a9eb9c9a869af1ecc146bd8f6d
-CVE-2018-6518 (Composr CMS 10.0.13 has XSS via the site_name parameter in a ...)
+CVE-2018-6518
 	NOT-FOR-US: Composr CMS
 CVE-2018-6517
-	RESERVED
-CVE-2018-6516 (On Windows only, with a specifically crafted configuration file an ...)
+	TODO: check
+CVE-2018-6516
 	- puppet <not-affected> (Specific issue Windows only)
-CVE-2018-6515 (Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to ...)
+CVE-2018-6515
 	- puppet <not-affected> (Specific issue Windows only)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6515
-CVE-2018-6514 (In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to ...)
+CVE-2018-6514
 	- facter <not-affected> (Specific to Facter on Windows)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6514
-CVE-2018-6513 (Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise ...)
+CVE-2018-6513
 	- puppet <not-affected> (Windows-specific)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6513
-CVE-2018-6512 (The previous version of Puppet Enterprise 2018.1 is vulnerable to ...)
+CVE-2018-6512
 	- puppet <not-affected> (Specific to Puppet Enterprise)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6512
-CVE-2018-6511 (A cross-site scripting vulnerability in Puppet Enterprise Console of ...)
+CVE-2018-6511
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2018-6510 (A cross-site scripting vulnerability in Puppet Enterprise Console of ...)
+CVE-2018-6510
 	- puppet <not-affected> (Specific to Puppet Enterprise)
 CVE-2018-6509
 	RESERVED
-CVE-2018-6508 (Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a ...)
+CVE-2018-6508
 	- puppet-module-puppetlabs-apt <unfixed> (unimportant)
 	- puppet-module-puppetlabs-apache <unfixed> (unimportant)
 	- puppet-module-puppetlabs-mysql <unfixed> (unimportant)
@@ -37700,49 +37690,49 @@ CVE-2018-6508 (Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a
 	NOTE: This is only exploitable with Puppet Tasks, which aren't packaged/available in Debian
 CVE-2018-6507
 	RESERVED
-CVE-2018-6506 (Cross-Site Scripting (XSS) exists in the Add Forum feature in the ...)
+CVE-2018-6506
 	NOT-FOR-US: miniBB
-CVE-2018-6505 (A potential Unauthenticated File Download vulnerability has been ...)
+CVE-2018-6505
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6504 (A potential Cross-Site Request Forgery (CSRF) vulnerability has been ...)
+CVE-2018-6504
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6503 (A potential Access Control vulnerability has been identified in ...)
+CVE-2018-6503
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6502 (A potential Reflected Cross-Site Scripting (XSS) Security ...)
+CVE-2018-6502
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6501 (Potential security vulnerability of Insufficient Access Controls has ...)
+CVE-2018-6501
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6500 (A potential Directory Traversal Security vulnerability has been ...)
+CVE-2018-6500
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6499 (Remote Code Execution in the following products Hybrid Cloud ...)
+CVE-2018-6499
 	NOT-FOR-US: Hybrid Cloud Management Containerized Suite
-CVE-2018-6498 (Remote Code Execution in the following products Hybrid Cloud ...)
+CVE-2018-6498
 	NOT-FOR-US: Hybrid Cloud Management Containerized Suite
-CVE-2018-6497 (Remote Cross-site Request forgery (CSRF) potential has been identified ...)
+CVE-2018-6497
 	NOT-FOR-US: UCMDB Server
-CVE-2018-6496 (Remote Cross-site Request forgery (CSRF) potential has been identified ...)
+CVE-2018-6496
 	NOT-FOR-US: UCMBD Browser
-CVE-2018-6495 (Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version ...)
+CVE-2018-6495
 	NOT-FOR-US: Micro Focus
-CVE-2018-6494 (Remote SQL Injection against the HP Service Manager Software Web Tier, ...)
+CVE-2018-6494
 	NOT-FOR-US: HP
-CVE-2018-6493 (SQL Injection in HP Network Operations Management Ultimate, version ...)
+CVE-2018-6493
 	NOT-FOR-US: HP
-CVE-2018-6492 (Persistent Cross-Site Scripting, and non-persistent HTML Injection in ...)
+CVE-2018-6492
 	NOT-FOR-US: HP
-CVE-2018-6491 (Local Escalation of Privilege vulnerability to Micro Focus Universal ...)
+CVE-2018-6491
 	NOT-FOR-US: Micro Focus Universal CMDB
-CVE-2018-6490 (Denial of Service vulnerability in Micro Focus Operations ...)
+CVE-2018-6490
 	NOT-FOR-US: Micro Focus Operations Orchestration Software
-CVE-2018-6489 (XML External Entity (XXE) vulnerability in Micro Focus Project and ...)
+CVE-2018-6489
 	NOT-FOR-US: Micro Focus Project and Portfolio Management Center
-CVE-2018-6488 (Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, ...)
+CVE-2018-6488
 	NOT-FOR-US: Micro Focus Universal CMDB
-CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB ...)
+CVE-2018-6487
 	NOT-FOR-US: Micro Focus Universal CMDB Foundation Software
-CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit ...)
+CVE-2018-6486
 	NOT-FOR-US: Micro Focus Fortify Audit Workbench
-CVE-2018-6485 (An integer overflow in the implementation of the posix_memalign in ...)
+CVE-2018-6485
 	[experimental] - glibc 2.26.9000+20180127.7e23a7dd-0experimental0
 	- glibc 2.27-1 (bug #878159)
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -37751,7 +37741,7 @@ CVE-2018-6485 (An integer overflow in the implementation of the posix_memalign i
 	[wheezy] - eglibc <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22343
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22
-CVE-2018-6484 (In ZZIPlib 0.13.67, there is a memory alignment error and bus error in ...)
+CVE-2018-6484
 	- zziplib 0.13.62-3.2 (bug #889089)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
@@ -37762,57 +37752,57 @@ CVE-2018-6483
 	RESERVED
 CVE-2018-6482
 	RESERVED
-CVE-2018-6481 (A buffer overflow vulnerability in the control protocol of Disk Savvy ...)
+CVE-2018-6481
 	NOT-FOR-US: Disk Savvy Enterprise
-CVE-2018-6480 (A type confusion issue was discovered in CCN-lite 2, leading to a ...)
+CVE-2018-6480
 	NOT-FOR-US: CCN-lite 2
-CVE-2018-6479 (An issue was discovered on Netwave IP Camera devices. An ...)
+CVE-2018-6479
 	NOT-FOR-US: Netwave IP Camera devices
 CVE-2018-6478
 	RESERVED
 CVE-2018-6477
 	RESERVED
-CVE-2018-6476 (In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS ...)
+CVE-2018-6476
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6475 (In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe ...)
+CVE-2018-6475
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6474 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file ...)
+CVE-2018-6474
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6473 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file ...)
+CVE-2018-6473
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6472 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file ...)
+CVE-2018-6472
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6471 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file ...)
+CVE-2018-6471
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6470 (Nibbleblog 4.0.5 on macOS defaults to having .DS_Store in each ...)
+CVE-2018-6470
 	NOT-FOR-US: Nibbleblog on macOS
-CVE-2018-6469 (A cross-site scripting (XSS) vulnerability in flickrRSS.php in the ...)
+CVE-2018-6469
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6468 (A cross-site scripting (XSS) vulnerability in flickrRSS.php in the ...)
+CVE-2018-6468
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6467 (The flickrRSS plugin 5.3.1 for WordPress has CSRF via ...)
+CVE-2018-6467
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6466 (A cross-site scripting (XSS) vulnerability in flickrRSS.php in the ...)
+CVE-2018-6466
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6465 (The PropertyHive plugin before 1.4.15 for WordPress has XSS via the ...)
+CVE-2018-6465
 	NOT-FOR-US: PropertyHive plugin for WordPress
-CVE-2018-6464 (Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a ...)
+CVE-2018-6464
 	NOT-FOR-US: Simditor
 CVE-2018-6463
 	RESERVED
-CVE-2018-6462 (Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle ...)
+CVE-2018-6462
 	NOT-FOR-US: Tracker PDF-XChange Viewer and Viewer AX SDK
-CVE-2018-6461 (March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 ...)
+CVE-2018-6461
 	NOT-FOR-US: March Hare
-CVE-2018-6460 (Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and ...)
+CVE-2018-6460
 	NOT-FOR-US: Hotspot Shield
-CVE-2018-6459 (The rsa_pss_params_parse function in ...)
+CVE-2018-6459
 	- strongswan 5.6.2-1
 	[stretch] - strongswan <not-affected> (Vulnerable code introduced later)
 	[jessie] - strongswan <not-affected> (Vulnerable code introduced later)
 	[wheezy] - strongswan <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.strongswan.org/blog/2018/02/19/strongswan-vulnerability-(cve-2018-6459).html
-CVE-2018-6458 (Easy Hosting Control Panel (EHCP) v0.37.12.b allows remote attackers ...)
+CVE-2018-6458
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
 CVE-2018-6457
 	RESERVED
@@ -37838,31 +37828,31 @@ CVE-2018-6447
 	RESERVED
 CVE-2018-6446
 	RESERVED
-CVE-2018-6445 (A Vulnerability in Brocade Network Advisor versions before 14.0.3 ...)
+CVE-2018-6445
 	NOT-FOR-US: Brocade
-CVE-2018-6444 (A Vulnerability in Brocade Network Advisor versions before 14.1.0 ...)
+CVE-2018-6444
 	NOT-FOR-US: Brocade
-CVE-2018-6443 (A vulnerability in Brocade Network Advisor Versions before 14.3.1 ...)
+CVE-2018-6443
 	NOT-FOR-US: Brocade
-CVE-2018-6442 (A vulnerability in the Brocade Webtools firmware update section of ...)
+CVE-2018-6442
 	NOT-FOR-US: Brocade
-CVE-2018-6441 (A vulnerability in Secure Shell implementation of Brocade Fabric OS ...)
+CVE-2018-6441
 	NOT-FOR-US: Brocade
-CVE-2018-6440 (A vulnerability in the proxy service of Brocade Fabric OS versions ...)
+CVE-2018-6440
 	NOT-FOR-US: Brocade
-CVE-2018-6439 (A Vulnerability in the configdownload command of Brocade Fabric OS ...)
+CVE-2018-6439
 	NOT-FOR-US: Brocade
-CVE-2018-6438 (A Vulnerability in the supportsave command of Brocade Fabric OS ...)
+CVE-2018-6438
 	NOT-FOR-US: Brocade
-CVE-2018-6437 (A Vulnerability in the help command of Brocade Fabric OS command line ...)
+CVE-2018-6437
 	NOT-FOR-US: Brocade
-CVE-2018-6436 (A Vulnerability in the firmwaredownload command of Brocade Fabric OS ...)
+CVE-2018-6436
 	NOT-FOR-US: Brocade
-CVE-2018-6435 (A Vulnerability in the secryptocfg command of Brocade Fabric OS ...)
+CVE-2018-6435
 	NOT-FOR-US: Brocade
-CVE-2018-6434 (A vulnerability in the web management interface of Brocade Fabric OS ...)
+CVE-2018-6434
 	NOT-FOR-US: Brocade
-CVE-2018-6433 (A vulnerability in the secryptocfg export command of Brocade Fabric OS ...)
+CVE-2018-6433
 	NOT-FOR-US: Brocade
 CVE-2018-6432
 	RESERVED
@@ -37900,11 +37890,11 @@ CVE-2018-6416
 	RESERVED
 CVE-2018-6415
 	RESERVED
-CVE-2018-6414 (A buffer overflow vulnerability in the web server of some Hikvision IP ...)
+CVE-2018-6414
 	NOT-FOR-US: Hikvision IP Cameras
-CVE-2018-6413 (There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of ...)
+CVE-2018-6413
 	NOT-FOR-US: Hikvision Camera DS-2CD9111-S
-CVE-2018-6412 (In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c ...)
+CVE-2018-6412
 	{DLA-1423-1}
 	- linux 4.16.5-1 (unimportant)
 	[stretch] - linux 4.9.107-1
@@ -37912,22 +37902,22 @@ CVE-2018-6412 (In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbus
 	[wheezy] - linux 3.2.102-1
 	NOTE: https://marc.info/?l=linux-fbdev&m=151734425901499&w=2
 	NOTE: The issue only affects SPARC systems.
-CVE-2018-6411 (An issue was discovered in Appnitro MachForm before 4.2.3. When the ...)
+CVE-2018-6411
 	NOT-FOR-US: Appnitro MachForm
-CVE-2018-6410 (An issue was discovered in Appnitro MachForm before 4.2.3. There is a ...)
+CVE-2018-6410
 	NOT-FOR-US: Appnitro MachForm
-CVE-2018-6409 (An issue was discovered in Appnitro MachForm before 4.2.3. The module ...)
+CVE-2018-6409
 	NOT-FOR-US: Appnitro MachForm
-CVE-2018-6408 (An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 ...)
+CVE-2018-6408
 	NOT-FOR-US: CIPCAMPTIWL devices
-CVE-2018-6407 (An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 ...)
+CVE-2018-6407
 	NOT-FOR-US: CIPCAMPTIWL devices
-CVE-2018-6406 (The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in ...)
+CVE-2018-6406
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: Chromium is built with support for VP9 disabled in Debian
 	NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1492
 	NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md
-CVE-2018-6405 (In the ReadDCMImage function in coders/dcm.c in ImageMagick before ...)
+CVE-2018-6405
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/964
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1fbed78912c830ccd82eecdb8a1db4882abb8276
@@ -37938,25 +37928,25 @@ CVE-2018-6403
 	RESERVED
 CVE-2018-6402
 	RESERVED
-CVE-2018-6401 (Meross MSS110 devices before 1.1.24 contain a TELNET listener providing ...)
+CVE-2018-6401
 	NOT-FOR-US: Meross
-CVE-2018-6400 (Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain ...)
+CVE-2018-6400
 	NOT-FOR-US: Kingsoft WPS Office Free
 CVE-2018-6399
 	RESERVED
-CVE-2018-6398 (SQL Injection exists in the CP Event Calendar 3.0.1 component for ...)
+CVE-2018-6398
 	NOT-FOR-US: CP Event Calendar component for Joomla!
-CVE-2018-6397 (Directory Traversal exists in the Picture Calendar 3.1.4 component for ...)
+CVE-2018-6397
 	NOT-FOR-US: Picture Calendar  component for Joomla!
-CVE-2018-6396 (SQL Injection exists in the Google Map Landkarten through 4.2.3 ...)
+CVE-2018-6396
 	NOT-FOR-US: Google Map Landkarten component for Joomla!
-CVE-2018-6395 (SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! ...)
+CVE-2018-6395
 	NOT-FOR-US: Visual Calendar component for Joomla!
-CVE-2018-6394 (SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the ...)
+CVE-2018-6394
 	NOT-FOR-US: InviteX component for Joomla!
-CVE-2018-6393 (** DISPUTED ** FreePBX 10.13.66-32bit and 14.0.1.24 ...)
+CVE-2018-6393
 	NOT-FOR-US: FreePBX
-CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg ...)
+CVE-2018-6392
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.2-1
 	- libav <removed>
@@ -37966,11 +37956,11 @@ CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg
 	NOTE: Fixed in 3.2.11, the commit in the 3.2 branch (c4ba170cad2ccdd896ea6fd3a890980008606541)
 	NOTE: has the regression fix squashed in
 	NOTE: The vulnerable function is filter_frame in libav.
-CVE-2018-6391 (A cross-site request forgery web vulnerability has been discovered on ...)
+CVE-2018-6391
 	NOT-FOR-US: Netis WF2419 V2.2.36123 devices
-CVE-2018-6390 (The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 ...)
+CVE-2018-6390
 	NOT-FOR-US: Kingsoft WPS Office
-CVE-2018-6389 (In WordPress through 4.9.2, unauthenticated attackers can cause a ...)
+CVE-2018-6389
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
 	NOTE: https://thehackernews.com/2018/02/wordpress-dos-exploit.html
@@ -37978,40 +37968,40 @@ CVE-2018-6389 (In WordPress through 4.9.2, unauthenticated attackers can cause a
 	NOTE: disputed by upstream as best fixed at the server level
 	NOTE: patch in progress in https://core.trac.wordpress.org/ticket/43308
 	NOTE: Architectual limitation, marginal impact
-CVE-2018-6388 (iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote ...)
+CVE-2018-6388
 	NOT-FOR-US: iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices
-CVE-2018-6387 (iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded ...)
+CVE-2018-6387
 	NOT-FOR-US: iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices
 CVE-2018-6386
 	RESERVED
 CVE-2018-6385
 	RESERVED
-CVE-2018-6384 (Unquoted Windows search path vulnerability in NSClient++ before ...)
+CVE-2018-6384
 	NOT-FOR-US: NSClient++
-CVE-2018-6383 (Monstra CMS through 3.0.4 has an incomplete &quot;forbidden types&quot; list that ...)
+CVE-2018-6383
 	NOT-FOR-US: Monstra CMS
-CVE-2018-6382 (** DISPUTED ** MantisBT 2.10.0 allows local users to conduct SQL ...)
+CVE-2018-6382
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23908
-CVE-2018-6381 (In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid ...)
+CVE-2018-6381
 	- zziplib 0.13.62-3.2 (bug #889096)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <ignored> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/12
 	NOTE: https://github.com/gdraheim/zziplib/commit/a803559fa9194be895422ba3684cf6309b6bb598 (v0.13.68)
-CVE-2018-6380 (In Joomla! before 3.8.4, lack of escaping in the module chromes leads ...)
+CVE-2018-6380
 	NOT-FOR-US: Joomla!
-CVE-2018-6379 (In Joomla! before 3.8.4, inadequate input filtering in the Uri class ...)
+CVE-2018-6379
 	NOT-FOR-US: Joomla!
-CVE-2018-6378 (In Joomla! Core before 3.8.8, inadequate filtering of file and folder ...)
+CVE-2018-6378
 	NOT-FOR-US: Joomla!
-CVE-2018-6377 (In Joomla! before 3.8.4, inadequate input filtering in com_fields leads ...)
+CVE-2018-6377
 	NOT-FOR-US: Joomla!
-CVE-2018-6376 (In Joomla! before 3.8.4, the lack of type casting of a variable in a ...)
+CVE-2018-6376
 	NOT-FOR-US: Joomla!
-CVE-2018-1000030 (Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a ...)
+CVE-2018-1000030
 	- python3.7 <not-affected> (Reading ahead of file objects implemented differently)
 	- python3.6 <not-affected> (Reading ahead of file objects implemented differently)
 	- python3.5 <not-affected> (Reading ahead of file objects implemented differently)
@@ -38031,9 +38021,9 @@ CVE-2018-1000030 (Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well
 	NOTE: where the 6401e56 commit was mostly reverted again.
 	NOTE: Needed: https://github.com/python/cpython/commit/dbf52e02f18dac6f5f0a64f78932f3dc6efc056b
 	NOTE: No practical security impact, why DWF assigned a CVE ID is hard to tell
-CVE-2018-1000029 (mcholste Enterprise Log Search and Archive (ELSA) version revision ...)
+CVE-2018-1000029
 	NOT-FOR-US: mcholste Enterprise Log Search and Archive
-CVE-2018-1000026 (Linux Linux kernel version at least v4.8 onwards, probably well before ...)
+CVE-2018-1000026
 	- linux 4.16.5-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://patchwork.ozlabs.org/patch/859410/
@@ -38041,75 +38031,75 @@ CVE-2018-1000026 (Linux Linux kernel version at least v4.8 onwards, probably wel
 	NOTE: http://lists.openwall.net/netdev/2018/01/18/96
 	NOTE: https://git.kernel.org/linus/8914a595110a6eca69a5e275b323f5d09e18f4f9
 	NOTE: https://git.kernel.org/linus/2b16f048729bf35e6c28a40cbfad07239f9dcd90
-CVE-2018-1000025 (Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 ...)
+CVE-2018-1000025
 	NOT-FOR-US: Jerome Gamez Firebase Admin SDK for PHP
-CVE-2018-1000023 (Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a ...)
+CVE-2018-1000023
 	NOT-FOR-US: Bitpay/insight-api Insight-api
-CVE-2018-1000021 (GIT version 2.15.1 and earlier contains a Input Validation Error ...)
+CVE-2018-1000021
 	- git <unfixed> (unimportant; bug #889680)
 	NOTE: http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
 	NOTE: Terminal emulators need to perform proper escaping
-CVE-2018-1000020 (OpenEMR version 5.0.0 contains a Cross Site Scripting (XSS) ...)
+CVE-2018-1000020
 	NOT-FOR-US: OpenEMR
-CVE-2018-1000019 (OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in ...)
+CVE-2018-1000019
 	NOT-FOR-US: OpenEMR
 CVE-2018-6375
 	RESERVED
-CVE-2018-6374 (The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients ...)
+CVE-2018-6374
 	NOT-FOR-US: PulseUI in Pulse Secure Desktop Linux clients
-CVE-2018-6373 (SQL Injection exists in the Fastball 2.5 component for Joomla! via the ...)
+CVE-2018-6373
 	NOT-FOR-US: Fastball component for Joomla!
-CVE-2018-6372 (SQL Injection exists in the JB Bus 2.3 component for Joomla! via the ...)
+CVE-2018-6372
 	NOT-FOR-US: JB Bus component for Joomla!
 CVE-2018-6371
 	RESERVED
-CVE-2018-6370 (SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via ...)
+CVE-2018-6370
 	NOT-FOR-US: NeoRecruit component for Joomla!
 CVE-2018-6369
 	RESERVED
-CVE-2018-6368 (SQL Injection exists in the JomEstate PRO through 3.7 component for ...)
+CVE-2018-6368
 	NOT-FOR-US: JomEstate PRO component for Joomla!
-CVE-2018-6367 (SQL Injection exists in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 ...)
+CVE-2018-6367
 	NOT-FOR-US: Vastal I-Tech Buddy Zone Facebook Clone
 CVE-2018-6366
 	RESERVED
-CVE-2018-6365 (SQL Injection exists in TSiteBuilder 1.0 via the id parameter to ...)
+CVE-2018-6365
 	NOT-FOR-US: TSiteBuilder
-CVE-2018-6364 (SQL Injection exists in Multilanguage Real Estate MLM Script through ...)
+CVE-2018-6364
 	NOT-FOR-US: Multilanguage Real Estate MLM Script
-CVE-2018-6363 (SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php ...)
+CVE-2018-6363
 	NOT-FOR-US: Task Rabbit Clone
-CVE-2018-6362 (Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the domainop ...)
+CVE-2018-6362
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6361 (Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op ...)
+CVE-2018-6361
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6360 (mpv through 0.28.0 allows remote attackers to execute arbitrary code ...)
+CVE-2018-6360
 	{DSA-4105-1}
 	- mpv 0.27.0-3 (bug #888654)
 	[jessie] - mpv <not-affected> (Vulnerable code not present, youtube-dl hook script added in 0.7.0)
 	NOTE: https://github.com/mpv-player/mpv/issues/5456
 	NOTE: https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43
-CVE-2018-6359 (The decompileIF function (util/decompile.c) in libming through 0.4.8 is ...)
+CVE-2018-6359
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/105
-CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 ...)
+CVE-2018-6358
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/104
-CVE-2018-6357 (The acx_asmw_saveorder_callback function in function.php in the ...)
+CVE-2018-6357
 	NOT-FOR-US: acurax-social-media-widget plugin for WordPress
-CVE-2018-6356 (Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly ...)
+CVE-2018-6356
 	- jenkins <removed>
-CVE-2018-6355 (/goform/setLang on iBall 300M devices with &quot;iB-WRB302N_1.0.1-Sep 8 ...)
+CVE-2018-6355
 	NOT-FOR-US: iBall 300M devices
-CVE-2018-6354 (templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS ...)
+CVE-2018-6354
 	NOT-FOR-US: Formspree
-CVE-2018-6353 (The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 ...)
+CVE-2018-6353
 	- electrum <unfixed> (bug #890003; unimportant)
 	NOTE: https://github.com/spesmilo/electrum/issues/3678
 	NOTE: https://github.com/spesmilo/electrum/pull/3700
-CVE-2018-6352 (In PoDoFo 0.9.5, there is an Excessive Iteration in the ...)
+CVE-2018-6352
 	- libpodofo 0.9.6+dfsg-3
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -38124,52 +38114,52 @@ CVE-2018-6349
 	RESERVED
 CVE-2018-6348
 	RESERVED
-CVE-2018-6347 (An issue in the Proxygen handling of HTTP2 parsing of headers/trailers ...)
+CVE-2018-6347
 	NOT-FOR-US: Facebook Proxygen
-CVE-2018-6346 (A potential denial-of-service issue in the Proxygen handling of ...)
+CVE-2018-6346
 	NOT-FOR-US: Facebook Proxygen
-CVE-2018-6345 (The function number_format is vulnerable to a heap overflow issue when ...)
+CVE-2018-6345
 	- hhvm <removed>
-CVE-2018-6344 (A heap corruption in WhatsApp can be caused by a malformed RTP packet ...)
+CVE-2018-6344
 	NOT-FOR-US: Whatsapp
-CVE-2018-6343 (Proxygen fails to validate that a secondary auth manager is set before ...)
+CVE-2018-6343
 	NOT-FOR-US: Facebook Proxygen
-CVE-2018-6342 (react-dev-utils on Windows allows developers to run a local webserver ...)
+CVE-2018-6342
 	NOT-FOR-US: react-dev-utils
-CVE-2018-6341 (React applications which rendered to HTML using the ReactDOMServer API ...)
+CVE-2018-6341
 	NOT-FOR-US: React
-CVE-2018-6340 (The Memcache::getextendedstats function can be used to trigger an ...)
+CVE-2018-6340
 	- hhvm <removed>
 CVE-2018-6339
 	RESERVED
 CVE-2018-6338
 	RESERVED
-CVE-2018-6337 (folly::secureRandom will re-use a buffer between parent and child ...)
+CVE-2018-6337
 	- hhvm <not-affected> (Only affects 3.26)
 	NOTE: https://github.com/facebook/hhvm/commit/e2d10a1e32d01f71aaadd81169bcb9ae86c5d6b8
 	NOTE: https://hhvm.com/blog/2018/05/24/hhvm-3.26.3.html
-CVE-2018-6336 (An issue was discovered in osquery. A maliciously crafted ...)
+CVE-2018-6336
 	NOT-FOR-US: osquery
-CVE-2018-6335 (A Malformed h2 frame can cause 'std::out_of_range' exception when ...)
+CVE-2018-6335
 	- hhvm 3.24.7+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56
 	NOTE: https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html
-CVE-2018-6334 (Multipart-file uploads call variables to be improperly registered in ...)
+CVE-2018-6334
 	- hhvm 3.24.7+dfsg-1 (bug #895194)
 	NOTE: https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html
 	NOTE: https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff
-CVE-2018-6333 (The hhvm-attach deep link handler in Nuclide did not properly sanitize ...)
+CVE-2018-6333
 	NOT-FOR-US: Nuclide
-CVE-2018-6332 (A potential denial-of-service issue in the Proxygen handling of ...)
+CVE-2018-6332
 	- hhvm 3.24.7+dfsg-1 (bug #895194)
 	NOTE: https://hhvm.com/blog/2018/03/15/hhvm-3.25.html
-CVE-2018-6331 (Buck parser-cache command loads/saves state using Java serialized ...)
+CVE-2018-6331
 	NOT-FOR-US: Buck parser-cache
 CVE-2018-6330
 	RESERVED
-CVE-2018-6329 (It was discovered that the Unitrends Backup (UB) before 10.1.0 ...)
+CVE-2018-6329
 	NOT-FOR-US: Unitrends Backup
-CVE-2018-6328 (It was discovered that the Unitrends Backup (UB) before 10.1.0 user ...)
+CVE-2018-6328
 	NOT-FOR-US: Unitrends Backup
 CVE-2018-6327
 	RESERVED
@@ -38177,90 +38167,90 @@ CVE-2018-6326
 	RESERVED
 CVE-2018-6325
 	RESERVED
-CVE-2018-6324 (F-Secure Radar (on-premises) before 2018-02-15 has an Unvalidated ...)
+CVE-2018-6324
 	NOT-FOR-US: F-Secure Radar
-CVE-2018-6323 (The elf_object_p function in elfcode.h in the Binary File Descriptor ...)
+CVE-2018-6323
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22746
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=38e64b0ecc7f4ee64a02514b8d532782ac057fa2
-CVE-2018-6322 (Panda Global Protection 17.0.1 allows local users to gain privileges ...)
+CVE-2018-6322
 	NOT-FOR-US: Panda Global Protection
-CVE-2018-6321 (Unquoted Windows search path vulnerability in the panda_url_filtering ...)
+CVE-2018-6321
 	NOT-FOR-US: Panda Global Protection
-CVE-2018-6320 (A vulnerability has been discovered in login.cgi in Pulse Secure Pulse ...)
+CVE-2018-6320
 	NOT-FOR-US: Pulse Secure
-CVE-2018-6319 (In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special ...)
+CVE-2018-6319
 	NOT-FOR-US: Sophos Tester Tool
-CVE-2018-6318 (In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context ...)
+CVE-2018-6318
 	NOT-FOR-US: Sophos Tester Tool
-CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and ...)
+CVE-2018-6317
 	NOT-FOR-US: Claymore's Dual Ethereum
-CVE-2018-6316 (Ivanti Endpoint Security (formerly HEAT Endpoint Management and ...)
+CVE-2018-6316
 	NOT-FOR-US: Ivanti Endpoint Security
-CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming ...)
+CVE-2018-6315
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/101
 CVE-2018-6314
 	RESERVED
-CVE-2018-6313 (Cross-site scripting (XSS) in WBCE CMS 1.3.1 allows remote ...)
+CVE-2018-6313
 	NOT-FOR-US: WBCE CMS
-CVE-2018-6312 (A privileged account with a weak default password on the Foxconn ...)
+CVE-2018-6312
 	NOT-FOR-US: Foxconn femtocell FEMTO AP-FC4064-T
-CVE-2018-6311 (One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T ...)
+CVE-2018-6311
 	NOT-FOR-US: Foxconn femtocell FEMTO AP-FC4064-T
 CVE-2018-6310
 	RESERVED
 CVE-2018-6309
 	RESERVED
-CVE-2018-6308 (Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and ...)
+CVE-2018-6308
 	NOT-FOR-US: SugarCRM
-CVE-2018-6307 (LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains ...)
+CVE-2018-6307
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/241
 	NOTE: https://github.com/LibVNC/libvncserver/commit/ca2a5ac02fbbadd0a21fabba779c1ea69173d10b
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/
-CVE-2018-6306 (Unauthorized code execution from specific DLL and is known as DLL ...)
+CVE-2018-6306
 	NOT-FOR-US: Kaspersky Password Manager
-CVE-2018-6305 (Denial of service in Gemalto's Sentinel LDK RTE version before 7.65 ...)
+CVE-2018-6305
 	NOT-FOR-US: Gemalto
-CVE-2018-6304 (Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE ...)
+CVE-2018-6304
 	NOT-FOR-US: Gemalto
-CVE-2018-6303 (Denial of service by uploading malformed firmware in Hanwha Techwin ...)
+CVE-2018-6303
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6302 (Denial of service by blocking of new camera registration on the cloud ...)
+CVE-2018-6302
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6301 (Arbitrary camera access and monitoring via cloud in Hanwha Techwin ...)
+CVE-2018-6301
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6300 (Remote password change in Hanwha Techwin Smartcams ...)
+CVE-2018-6300
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6299 (Authentication bypass in Hanwha Techwin Smartcams ...)
+CVE-2018-6299
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6298 (Remote code execution in Hanwha Techwin Smartcams ...)
+CVE-2018-6298
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6297 (Buffer overflow in Hanwha Techwin Smartcams ...)
+CVE-2018-6297
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6296 (An undocumented (hidden) capability for switching the web interface in ...)
+CVE-2018-6296
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6295 (Unencrypted way of remote control and communications in Hanwha Techwin ...)
+CVE-2018-6295
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6294 (Unsecured way of firmware update in Hanwha Techwin Smartcams ...)
+CVE-2018-6294
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6293 (Arbitrary File Read in Saperion Web Client version 7.5.2 83166. ...)
+CVE-2018-6293
 	NOT-FOR-US: Saperion Web Client
-CVE-2018-6292 (Remote Code Execution in Saperion Web Client version 7.5.2 83166. ...)
+CVE-2018-6292
 	NOT-FOR-US: Saperion Web Client
-CVE-2018-6291 (WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway ...)
+CVE-2018-6291
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
-CVE-2018-6290 (Local Privilege Escalation in Kaspersky Secure Mail Gateway version ...)
+CVE-2018-6290
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
-CVE-2018-6289 (Configuration file injection leading to Code Execution as Root in ...)
+CVE-2018-6289
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
-CVE-2018-6288 (Cross-site Request Forgery leading to Administrative account takeover ...)
+CVE-2018-6288
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
 CVE-2018-6287
 	RESERVED
@@ -38297,29 +38287,29 @@ CVE-2018-6273
 	RESERVED
 CVE-2018-6272
 	RESERVED
-CVE-2018-6271 (NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in ...)
+CVE-2018-6271
 	NOT-FOR-US: NVIDIA component for Android
 CVE-2018-6270
 	RESERVED
 CVE-2018-6269
 	RESERVED
-CVE-2018-6268 (NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, ...)
+CVE-2018-6268
 	NOT-FOR-US: NVIDIA component for Android
-CVE-2018-6267 (NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in ...)
+CVE-2018-6267
 	NOT-FOR-US: NVIDIA component for Android
-CVE-2018-6266 (NVIDIA GeForce Experience contains a vulnerability in all versions ...)
+CVE-2018-6266
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6265 (NVIDIA GeForce Experience contains a vulnerability in all versions ...)
+CVE-2018-6265
 	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6264
 	RESERVED
-CVE-2018-6263 (NVIDIA GeForce Experience contains a vulnerability in all versions ...)
+CVE-2018-6263
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6262 (NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when ...)
+CVE-2018-6262
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6261 (NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when ...)
+CVE-2018-6261
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6260 (NVIDIA graphics driver contains a vulnerability that may allow access ...)
+CVE-2018-6260
 	[experimental] - nvidia-graphics-drivers 418.43-1
 	- nvidia-graphics-drivers 410.104-1 (bug #913467)
 	[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -38335,19 +38325,19 @@ CVE-2018-6260 (NVIDIA graphics driver contains a vulnerability that may allow ac
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4738
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4772
-CVE-2018-6259 (NVIDIA GeForce Experience all versions prior to 3.14.1 contains a ...)
+CVE-2018-6259
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6258 (NVIDIA GeForce Experience all versions prior to 3.14.1 contains a ...)
+CVE-2018-6258
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6257 (NVIDIA GeForce Experience all versions prior to 3.14.1 contains a ...)
+CVE-2018-6257
 	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6256
 	RESERVED
 CVE-2018-6255
 	RESERVED
-CVE-2018-6254 (In Android before the 2018-05-05 security patch level, NVIDIA Media ...)
+CVE-2018-6254
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in the DirectX and ...)
+CVE-2018-6253
 	- nvidia-graphics-drivers 390.48-1 (bug #894338)
 	[stretch] - nvidia-graphics-drivers 384.130-1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -38359,13 +38349,13 @@ CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in the DirectX
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649
-CVE-2018-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2018-6252
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2018-6251
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6250 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2018-6250
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode ...)
+CVE-2018-6249
 	- nvidia-graphics-drivers 390.48-1 (bug #894338)
 	[stretch] - nvidia-graphics-drivers 384.130-1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -38377,11 +38367,11 @@ CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649
-CVE-2018-6248 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2018-6248
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6247 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2018-6247
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6246 (In Android before the 2018-05-05 security patch level, NVIDIA Widevine ...)
+CVE-2018-6246
 	NOT-FOR-US: NVIDIA components for Android
 CVE-2018-6245
 	RESERVED
@@ -38389,9 +38379,9 @@ CVE-2018-6244
 	RESERVED
 CVE-2018-6243
 	RESERVED
-CVE-2018-6242 (Some NVIDIA Tegra mobile processors released prior to 2016 contain a ...)
+CVE-2018-6242
 	NOT-FOR-US: NVIDIA
-CVE-2018-6241 (NVIDIA Tegra Gralloc module contains a vulnerability in driver in ...)
+CVE-2018-6241
 	NOT-FOR-US: NVIDIA
 CVE-2018-6240
 	RESERVED
@@ -38399,47 +38389,47 @@ CVE-2018-6239
 	RESERVED
 CVE-2018-6238
 	RESERVED
-CVE-2018-6237 (A vulnerability in Trend Micro Smart Protection Server (Standalone) ...)
+CVE-2018-6237
 	NOT-FOR-US: Trend Micro
-CVE-2018-6236 (A Time-of-Check Time-of-Use privilege escalation vulnerability in ...)
+CVE-2018-6236
 	NOT-FOR-US: Trend Micro
-CVE-2018-6235 (An Out-of-Bounds write privilege escalation vulnerability in Trend ...)
+CVE-2018-6235
 	NOT-FOR-US: Trend Micro
-CVE-2018-6234 (An Out-of-Bounds Read Information Disclosure vulnerability in Trend ...)
+CVE-2018-6234
 	NOT-FOR-US: Trend Micro
-CVE-2018-6233 (A buffer overflow privilege escalation vulnerability in Trend Micro ...)
+CVE-2018-6233
 	NOT-FOR-US: Trend Micro
-CVE-2018-6232 (A buffer overflow privilege escalation vulnerability in Trend Micro ...)
+CVE-2018-6232
 	NOT-FOR-US: Trend Micro
-CVE-2018-6231 (A server auth command injection authentication bypass vulnerability in ...)
+CVE-2018-6231
 	NOT-FOR-US: Trend Micro
-CVE-2018-6230 (A SQL injection vulnerability in an Trend Micro Email Encryption ...)
+CVE-2018-6230
 	NOT-FOR-US: Trend Micro
-CVE-2018-6229 (A SQL injection vulnerability in an Trend Micro Email Encryption ...)
+CVE-2018-6229
 	NOT-FOR-US: Trend Micro
-CVE-2018-6228 (A SQL injection vulnerability in a Trend Micro Email Encryption ...)
+CVE-2018-6228
 	NOT-FOR-US: Trend Micro
-CVE-2018-6227 (A stored cross-site scripting (XSS) vulnerability in Trend Micro Email ...)
+CVE-2018-6227
 	NOT-FOR-US: Trend Micro
-CVE-2018-6226 (Reflected cross-site scripting (XSS) vulnerabilities in two Trend ...)
+CVE-2018-6226
 	NOT-FOR-US: Trend Micro
-CVE-2018-6225 (An XML external entity injection (XXE) vulnerability in Trend Micro ...)
+CVE-2018-6225
 	NOT-FOR-US: Trend Micro
-CVE-2018-6224 (A lack of cross-site request forgery (CSRF) protection vulnerability ...)
+CVE-2018-6224
 	NOT-FOR-US: Trend Micro
-CVE-2018-6223 (A missing authentication for appliance registration vulnerability in ...)
+CVE-2018-6223
 	NOT-FOR-US: Trend Micro
-CVE-2018-6222 (Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 ...)
+CVE-2018-6222
 	NOT-FOR-US: Trend Micro
-CVE-2018-6221 (An unvalidated software update vulnerability in Trend Micro Email ...)
+CVE-2018-6221
 	NOT-FOR-US: Trend Micro
-CVE-2018-6220 (An arbitrary file write vulnerability in Trend Micro Email Encryption ...)
+CVE-2018-6220
 	NOT-FOR-US: Trend Micro
-CVE-2018-6219 (An Insecure Update via HTTP vulnerability in Trend Micro Email ...)
+CVE-2018-6219
 	NOT-FOR-US: Trend Micro
-CVE-2018-6218 (A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking ...)
+CVE-2018-6218
 	NOT-FOR-US: Trend Micro
-CVE-2018-6217 (The WStr::_alloc_iostr_data() function in kso.dll in Kingsoft WPS ...)
+CVE-2018-6217
 	NOT-FOR-US: Kingsoft WPS Office
 CVE-2018-6216
 	RESERVED
@@ -38447,81 +38437,81 @@ CVE-2018-6215
 	RESERVED
 CVE-2018-6214
 	RESERVED
-CVE-2018-6213 (In the web server on D-Link DIR-620 devices with a certain customized ...)
+CVE-2018-6213
 	NOT-FOR-US: D-Link
-CVE-2018-6212 (On D-Link DIR-620 devices with a certain customized (by ISP) variant ...)
+CVE-2018-6212
 	NOT-FOR-US: D-Link
-CVE-2018-6211 (On D-Link DIR-620 devices with a certain customized (by ISP) variant ...)
+CVE-2018-6211
 	NOT-FOR-US: D-Link
-CVE-2018-6210 (D-Link DIR-620 devices, with a certain Rostelekom variant of firmware ...)
+CVE-2018-6210
 	NOT-FOR-US: D-Link
-CVE-2018-6209 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxCryptMon.sys) ...)
+CVE-2018-6209
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6208 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
+CVE-2018-6208
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6207 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
+CVE-2018-6207
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6206 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
+CVE-2018-6206
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6205 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
+CVE-2018-6205
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6204 (In Max Secure Anti Virus 19.0.3.019,, the driver file (SDActMon.sys) ...)
+CVE-2018-6204
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6203 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) ...)
+CVE-2018-6203
 	NOT-FOR-US: eScan Antivirus
-CVE-2018-6202 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) ...)
+CVE-2018-6202
 	NOT-FOR-US: eScan Antivirus
-CVE-2018-6201 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) ...)
+CVE-2018-6201
 	NOT-FOR-US: eScan Antivirus
-CVE-2018-6200 (vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the ...)
+CVE-2018-6200
 	NOT-FOR-US: vBulletin
 CVE-2018-6199
 	RESERVED
-CVE-2018-6195 (admin/partials/wp-splashing-admin-main.php in the Splashing Images ...)
+CVE-2018-6195
 	NOT-FOR-US: WordPress plugin wp-splashing-images
-CVE-2018-6194 (A cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-6194
 	NOT-FOR-US: WordPress plugin wp-splashing-images
-CVE-2018-6193 (A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, ...)
+CVE-2018-6193
 	NOT-FOR-US: Routers2
-CVE-2018-6192 (In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in ...)
+CVE-2018-6192
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1 (bug #888487)
 	[jessie] - mupdf <no-dsa> (Minor issue)
 	[wheezy] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698916
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?5e411a99604ff6be5db9e273ee84737204113299
-CVE-2018-6191 (The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an ...)
+CVE-2018-6191
 	NOT-FOR-US: MuJS
-CVE-2018-6190 (Netis WF2419 V3.2.41381 devices allow XSS via the Description field on ...)
+CVE-2018-6190
 	NOT-FOR-US: Netis WF2419 V3.2.41381 devices
-CVE-2018-6198 (w3m through 0.5.3 does not properly handle temporary files when the ...)
+CVE-2018-6198
 	- w3m 0.5.3-36 (bug #888097; unimportant)
 	[stretch] - w3m 0.5.3-34+deb9u1
 	NOTE: https://github.com/tats/w3m/commit/18dcbadf2771cdb0c18509b14e4e73505b242753
 	NOTE: Neutralised by kernel hardening
-CVE-2018-6197 (w3m through 0.5.3 is prone to a NULL pointer dereference flaw in ...)
+CVE-2018-6197
 	- w3m 0.5.3-36 (low)
 	[stretch] - w3m 0.5.3-34+deb9u1
 	[jessie] - w3m <no-dsa> (Minor issue)
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/89
 	NOTE: https://github.com/tats/w3m/commit/7fdc83b0364005a0b5ed869230dd81752ba022e8
-CVE-2018-6196 (w3m through 0.5.3 is prone to an infinite recursion flaw in ...)
+CVE-2018-6196
 	- w3m 0.5.3-36 (low)
 	[stretch] - w3m 0.5.3-34+deb9u1
 	[jessie] - w3m <no-dsa> (Minor issue)
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/88
 	NOTE: https://github.com/tats/w3m/commit/8354763b90490d4105695df52674d0fcef823e92
-CVE-2018-6189 (F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors ...)
+CVE-2018-6189
 	NOT-FOR-US: F-Secure Radar
-CVE-2018-6188 (django.contrib.auth.forms.AuthenticationForm in Django 2.0 before ...)
+CVE-2018-6188
 	- python-django 1:1.11.10-1
 	[stretch] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
 	[jessie] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
 	[wheezy] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
 	NOTE: https://www.djangoproject.com/weblog/2018/feb/01/security-releases/
-CVE-2018-6187 (In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow ...)
+CVE-2018-6187
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1 (bug #888464)
 	[jessie] - mupdf <no-dsa> (Minor issue)
@@ -38530,29 +38520,29 @@ CVE-2018-6187 (In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow ..
 	NOTE: https://lists.debian.org/debian-lts/2018/03/msg00041.html
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?3e30fbb7bf5efd88df431e366492356e7eb969ec
 	NOTE: issued covered by: http://www.ghostscript.com/cgi-bin/findgit.cgi?fa9cd085533f68367c299e058ab3fbb7ad8a2dc6
-CVE-2018-6186 (Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via ...)
+CVE-2018-6186
 	NOT-FOR-US: Citrix NetScaler VPX
 CVE-2018-6185
 	RESERVED
-CVE-2018-6184 (ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next ...)
+CVE-2018-6184
 	NOT-FOR-US: ZEIT Next.js
-CVE-2018-6183 (BitDefender Total Security 2018 allows local users to gain privileges ...)
+CVE-2018-6183
 	NOT-FOR-US: BitDefender Total Security
-CVE-2018-6182 (Mahara 16.10 before 16.10.9 and 17.04 before 17.04.7 and 17.10 before ...)
+CVE-2018-6182
 	- mahara <removed>
 CVE-2018-6181
 	RESERVED
-CVE-2018-6180 (A flaw in the profile section of Online Voting System 1.0 allows an ...)
+CVE-2018-6180
 	NOT-FOR-US: Online Voting System
 CVE-2018-1000017
 	REJECTED
-CVE-2018-1000018 (An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 ...)
+CVE-2018-1000018
 	NOT-FOR-US: ovirt-engine
-CVE-2018-6179 (Insufficient enforcement of file access permission in the activeTab ...)
+CVE-2018-6179
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6178 (Eliding from the wrong side in an infobar in DevTools in Google Chrome ...)
+CVE-2018-6178
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38566,19 +38556,19 @@ CVE-2018-6176
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6175 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6175
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6174 (Integer overflows in Swiftshader in Google Chrome prior to ...)
+CVE-2018-6174
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6173 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6173
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6172 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6172
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38587,11 +38577,11 @@ CVE-2018-6171
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6170 (A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a ...)
+CVE-2018-6170
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6169 (Lack of timeout on extension install prompt in Extensions in Google ...)
+CVE-2018-6169
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38600,27 +38590,27 @@ CVE-2018-6168
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6167 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6167
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6166 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6166
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6165 (Incorrect handling of reloads in Navigation in Google Chrome prior to ...)
+CVE-2018-6165
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6164 (Insufficient origin checks for CSS content in Blink in Google Chrome ...)
+CVE-2018-6164
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6163 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6163
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6162 (Improper deserialization in WebGL in Google Chrome on Mac prior to ...)
+CVE-2018-6162
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38629,14 +38619,14 @@ CVE-2018-6161
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6160 (JavaScript alert handling in Prompts in Google Chrome prior to ...)
+CVE-2018-6160
 	- chromium-browser <not-affected> (Only affects Chrome on iOS)
 CVE-2018-6159
 	RESERVED
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6158 (A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 ...)
+CVE-2018-6158
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38660,15 +38650,15 @@ CVE-2018-6154
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6153 (A precision error in Skia in Google Chrome prior to 68.0.3440.75 ...)
+CVE-2018-6153
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6152 (The implementation of the Page.downloadBehavior backend ...)
+CVE-2018-6152
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6151 (Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS ...)
+CVE-2018-6151
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38687,7 +38677,7 @@ CVE-2018-6148
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.79-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6147 (Lack of secure text entry mode in Browser UI in Google Chrome on Mac ...)
+CVE-2018-6147
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38700,12 +38690,12 @@ CVE-2018-6145
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6144 (Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 ...)
+CVE-2018-6144
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6143 (Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 ...)
+CVE-2018-6143
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38716,17 +38706,17 @@ CVE-2018-6142
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6141 (Insufficient validation of an image filter in Skia in Google Chrome ...)
+CVE-2018-6141
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6140 (Allowing the chrome.debugger API to attach to Web UI pages in DevTools ...)
+CVE-2018-6140
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6139 (Insufficient target checks on the chrome.debugger API in DevTools in ...)
+CVE-2018-6139
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38737,7 +38727,7 @@ CVE-2018-6138
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6137 (CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed ...)
+CVE-2018-6137
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38748,7 +38738,7 @@ CVE-2018-6136
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6135 (Lack of clearing the previous site before loading alerts from a new ...)
+CVE-2018-6135
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38759,7 +38749,7 @@ CVE-2018-6134
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6133 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6133
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38791,12 +38781,12 @@ CVE-2018-6129
 CVE-2018-6128
 	RESERVED
 	- chromium-browser <not-affected> (ios specific)
-CVE-2018-6127 (Early free of object in use in IndexDB in Google Chrome prior to ...)
+CVE-2018-6127
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6126 (A precision error in Skia in Google Chrome prior to 67.0.3396.62 ...)
+CVE-2018-6126
 	{DSA-4237-1 DSA-4220-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38811,12 +38801,12 @@ CVE-2018-6125
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6124 (Type confusion in ReadableStreams in Blink in Google Chrome prior to ...)
+CVE-2018-6124
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6123 (A use after free in Blink in Google Chrome prior to 67.0.3396.62 ...)
+CVE-2018-6123
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38833,12 +38823,12 @@ CVE-2018-6121
 	- chromium-browser 66.0.3359.181-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6120 (An integer overflow that could lead to an attacker-controlled heap ...)
+CVE-2018-6120
 	{DSA-4237-1}
 	- chromium-browser 66.0.3359.181-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6119 (Incorrect security UI in Omnibox in Google Chrome prior to ...)
+CVE-2018-6119
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38848,292 +38838,292 @@ CVE-2018-6118
 	- chromium-browser 66.0.3359.139-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6117 (Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 ...)
+CVE-2018-6117
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6116 (A nullptr dereference in WebAssembly in Google Chrome prior to ...)
+CVE-2018-6116
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6115 (Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file ...)
+CVE-2018-6115
 	- chromium-browser <not-affected> (windows specific)
-CVE-2018-6114 (Incorrect enforcement of CSP for &lt;object&gt; tags in Blink in Google ...)
+CVE-2018-6114
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6113 (Improper handling of pending navigation entries in Navigation in ...)
+CVE-2018-6113
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6112 (Making URLs clickable and allowing them to be styled in DevTools in ...)
+CVE-2018-6112
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6111 (An object lifetime issue in the developer tools network handler in ...)
+CVE-2018-6111
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6110 (Parsing documents as HTML in Downloads in Google Chrome prior to ...)
+CVE-2018-6110
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6109 (readAsText() can indefinitely read the file picked by the user, rather ...)
+CVE-2018-6109
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6108 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6108
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6107 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6107
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6106 (An asynchronous generator may return an incorrect state in V8 in ...)
+CVE-2018-6106
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6105 (Incorrect handling of confusable characters in Omnibox in Google ...)
+CVE-2018-6105
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6104 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6104
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6103 (A stagnant permission prompt in Prompts in Google Chrome prior to ...)
+CVE-2018-6103
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6102 (Missing confusable characters in Internationalization in Google Chrome ...)
+CVE-2018-6102
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6101 (A lack of host validation in DevTools in Google Chrome prior to ...)
+CVE-2018-6101
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6100 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6100
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6099 (A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 ...)
+CVE-2018-6099
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6098 (Incorrect handling of confusable characters in URL Formatter in Google ...)
+CVE-2018-6098
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6097 (Incorrect handling of asynchronous methods in Fullscreen in Google ...)
+CVE-2018-6097
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6096 (A JavaScript focused window could overlap the fullscreen notification ...)
+CVE-2018-6096
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6095 (Inappropriate dismissal of file picker on keyboard events in Blink in ...)
+CVE-2018-6095
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6094 (Inline metadata in GarbageCollection in Google Chrome prior to ...)
+CVE-2018-6094
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6093 (Insufficient origin checks in Blink in Google Chrome prior to ...)
+CVE-2018-6093
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6092 (An integer overflow on 32-bit systems in WebAssembly in Google Chrome ...)
+CVE-2018-6092
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6091 (Service Workers can intercept any request made by an &lt;embed&gt; or ...)
+CVE-2018-6091
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6090 (An integer overflow that lead to a heap buffer-overflow in Skia in ...)
+CVE-2018-6090
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6089 (A lack of CORS checks, after a Service Worker redirected to a ...)
+CVE-2018-6089
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6088 (An iterator-invalidation bug in PDFium in Google Chrome prior to ...)
+CVE-2018-6088
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6087 (A use-after-free in WebAssembly in Google Chrome prior to ...)
+CVE-2018-6087
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6086 (A double-eviction in the Incognito mode cache that lead to a ...)
+CVE-2018-6086
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6085 (Re-entry of a destructor in Networking Disk Cache in Google Chrome ...)
+CVE-2018-6085
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6084 (Insufficiently sanitized distributed objects in Updater in Google ...)
+CVE-2018-6084
 	- chromium-browser <not-affected> (Specific to MacOS)
-CVE-2018-6083 (Failure to disallow PWA installation from CSP sandboxed pages in ...)
+CVE-2018-6083
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6082 (Including port 22 in the list of allowed FTP ports in Networking in ...)
+CVE-2018-6082
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6081 (XSS vulnerabilities in Interstitials in Google Chrome prior to ...)
+CVE-2018-6081
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6080 (Lack of access control checks in Instrumentation in Google Chrome ...)
+CVE-2018-6080
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6079 (Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data between tabs ...)
+CVE-2018-6079
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6078 (Incorrect handling of confusable characters in Omnibox in Google ...)
+CVE-2018-6078
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6077 (Displacement map filters being applied to cross-origin images in Blink ...)
+CVE-2018-6077
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6076 (Insufficient encoding of URL fragment identifiers in Blink in Google ...)
+CVE-2018-6076
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6075 (Incorrect handling of specified filenames in file downloads in Google ...)
+CVE-2018-6075
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6074 (Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior ...)
+CVE-2018-6074
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6073 (A heap buffer overflow in WebGL in Google Chrome prior to ...)
+CVE-2018-6073
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6072 (An integer overflow leading to use after free in PDFium in Google ...)
+CVE-2018-6072
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6071 (An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 ...)
+CVE-2018-6071
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6070 (Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior ...)
+CVE-2018-6070
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6069 (Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 ...)
+CVE-2018-6069
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6068 (Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to ...)
+CVE-2018-6068
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6067 (Incorrect IPC serialization in Skia in Google Chrome prior to ...)
+CVE-2018-6067
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6066 (Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in ...)
+CVE-2018-6066
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6065 (Integer overflow in computing the required allocation size when ...)
+CVE-2018-6065
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6064 (Type Confusion in the implementation of __defineGetter__ in V8 in ...)
+CVE-2018-6064
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6063 (Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome ...)
+CVE-2018-6063
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6062 (Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 ...)
+CVE-2018-6062
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6061 (A race in the handling of SharedArrayBuffers in WebAssembly in Google ...)
+CVE-2018-6061
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6060 (Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 ...)
+CVE-2018-6060
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39144,12 +39134,12 @@ CVE-2018-6059
 CVE-2018-6058
 	RESERVED
 	- chromium-browser <not-affected> (Chromium doesn't bundle Flash)
-CVE-2018-6057 (Lack of special casing of Android ashmem in Google Chrome prior to ...)
+CVE-2018-6057
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6056 (Type confusion could lead to a heap out-of-bounds write in V8 in ...)
+CVE-2018-6056
 	{DSA-4182-1}
 	[experimental] - chromium-browser 65.0.3325.73-1
 	- chromium-browser 65.0.3325.146-1
@@ -39157,56 +39147,56 @@ CVE-2018-6056 (Type confusion could lead to a heap out-of-bounds write in V8 in
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6055 (Insufficient policy enforcement in Catalog Service in Google Chrome ...)
+CVE-2018-6055
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6054 (Use after free in WebUI in Google Chrome prior to 64.0.3282.119 ...)
+CVE-2018-6054
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6053 (Inappropriate implementation in New Tab Page in Google Chrome prior to ...)
+CVE-2018-6053
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6052 (Lack of support for a non standard no-referrer policy value in Blink ...)
+CVE-2018-6052
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6051 (XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure ...)
+CVE-2018-6051
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6050 (Incorrect security UI in Omnibox in Google Chrome prior to ...)
+CVE-2018-6050
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6049 (Incorrect security UI in permissions prompt in Google Chrome prior to ...)
+CVE-2018-6049
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6048 (Insufficient policy enforcement in Blink in Google Chrome prior to ...)
+CVE-2018-6048
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6047 (Insufficient policy enforcement in WebGL in Google Chrome prior to ...)
+CVE-2018-6047
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6046 (Insufficient data validation in DevTools in Google Chrome prior to ...)
+CVE-2018-6046
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6045 (Insufficient policy enforcement in DevTools in Google Chrome prior to ...)
+CVE-2018-6045
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39216,67 +39206,67 @@ CVE-2018-6044
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6043 (Insufficient data validation in External Protocol Handler in Google ...)
+CVE-2018-6043
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6042 (Incorrect security UI in Omnibox in Google Chrome prior to ...)
+CVE-2018-6042
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6041 (Incorrect security UI in navigation in Google Chrome prior to ...)
+CVE-2018-6041
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6040 (Insufficient policy enforcement in Blink in Google Chrome prior to ...)
+CVE-2018-6040
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6039 (Insufficient data validation in DevTools in Google Chrome prior to ...)
+CVE-2018-6039
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6038 (Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 ...)
+CVE-2018-6038
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6037 (Inappropriate implementation in autofill in Google Chrome prior to ...)
+CVE-2018-6037
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6036 (Insufficient data validation in V8 in Google Chrome prior to ...)
+CVE-2018-6036
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6035 (Insufficient policy enforcement in DevTools in Google Chrome prior to ...)
+CVE-2018-6035
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6034 (Insufficient data validation in WebGL in Google Chrome prior to ...)
+CVE-2018-6034
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6033 (Insufficient data validation in Downloads in Google Chrome prior to ...)
+CVE-2018-6033
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6032 (Insufficient policy enforcement in Blink in Google Chrome prior to ...)
+CVE-2018-6032
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6031 (Use after free in PDFium in Google Chrome prior to 64.0.3282.119 ...)
+CVE-2018-6031
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39285,23 +39275,23 @@ CVE-2018-6030
 	RESERVED
 CVE-2018-1000016
 	REJECTED
-CVE-2018-1000015 (On Jenkins instances with Authorize Project plugin, the authentication ...)
+CVE-2018-1000015
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000014 (Jenkins Translation Assistance Plugin 1.15 and earlier did not require ...)
+CVE-2018-1000014
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000013 (Jenkins Release Plugin 2.9 and earlier did not require form ...)
+CVE-2018-1000013
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000012 (Jenkins Warnings Plugin 4.64 and earlier processes XML external ...)
+CVE-2018-1000012
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000011 (Jenkins FindBugs Plugin 4.71 and earlier processes XML external ...)
+CVE-2018-1000011
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000010 (Jenkins DRY Plugin 2.49 and earlier processes XML external entities in ...)
+CVE-2018-1000010
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000009 (Jenkins Checkstyle Plugin 3.49 and earlier processes XML external ...)
+CVE-2018-1000009
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000008 (Jenkins PMD Plugin 3.49 and earlier processes XML external entities in ...)
+CVE-2018-1000008
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-6029 (The copy function in application/admin/controller/Article.php in ...)
+CVE-2018-6029
 	NOT-FOR-US: NoneCms
 CVE-2018-6028
 	RESERVED
@@ -39311,49 +39301,49 @@ CVE-2018-6026
 	RESERVED
 CVE-2018-6025
 	RESERVED
-CVE-2018-6024 (SQL Injection exists in the Project Log 1.5.3 component for Joomla! via ...)
+CVE-2018-6024
 	NOT-FOR-US: Project Log component for Joomla!
-CVE-2018-6023 (Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts ...)
+CVE-2018-6023
 	NOT-FOR-US: Fastweb FASTgate
-CVE-2018-6022 (Directory traversal vulnerability in ...)
+CVE-2018-6022
 	NOT-FOR-US: NoneCms
-CVE-2018-6021 (Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) ...)
+CVE-2018-6021
 	NOT-FOR-US: Silex Technology products
-CVE-2018-6020 (In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 ...)
+CVE-2018-6020
 	NOT-FOR-US: Silex Technology products
-CVE-2018-6019 (Samsung Display Solutions App before 3.02 for Android allows ...)
+CVE-2018-6019
 	NOT-FOR-US: Samsung Display Solutions App for Android
-CVE-2018-6018 (Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android ...)
+CVE-2018-6018
 	NOT-FOR-US: Tinder
-CVE-2018-6017 (Unencrypted transmission of images in Tinder iOS app and Tinder ...)
+CVE-2018-6017
 	NOT-FOR-US: Tinder
-CVE-2018-6016 (Unquoted Windows search path vulnerability in the ...)
+CVE-2018-6016
 	NOT-FOR-US: 10-Strike Network Monitor
-CVE-2018-6015 (An issue was discovered in the &quot;Email Subscribers &amp; Newsletters&quot; ...)
+CVE-2018-6015
 	NOT-FOR-US: "Email Subscribers & Newsletters" plugin for WordPress
-CVE-2018-6014 (Subsonic v6.1.3 has an insecure allow-access-from domain=&quot;*&quot; Flash ...)
+CVE-2018-6014
 	NOT-FOR-US: Subsonic
-CVE-2018-6013 (Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to ...)
+CVE-2018-6013
 	NOT-FOR-US: BigTree CMS
-CVE-2018-6012 (The 'Weather Service' feature of the Green Electronics RainMachine ...)
+CVE-2018-6012
 	NOT-FOR-US: Green Electronics
-CVE-2018-6011 (The time-based one-time-password (TOTP) function in the application ...)
+CVE-2018-6011
 	NOT-FOR-US: Green Electronics
-CVE-2018-6010 (In Yii Framework 2.x before 2.0.14, remote attackers could obtain ...)
+CVE-2018-6010
 	- yii <itp> (bug #597899)
-CVE-2018-6009 (In Yii Framework 2.x before 2.0.14, the switchIdentity function in ...)
+CVE-2018-6009
 	- yii <itp> (bug #597899)
-CVE-2018-6008 (Arbitrary File Download exists in the Jtag Members Directory 5.3.7 ...)
+CVE-2018-6008
 	NOT-FOR-US: Jtag Members Directory component for Joomla!
-CVE-2018-6007 (CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and ...)
+CVE-2018-6007
 	NOT-FOR-US: Support Ticket component for Joomla!
-CVE-2018-6006 (SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via ...)
+CVE-2018-6006
 	NOT-FOR-US: JS Autoz component for Joomla!
-CVE-2018-6005 (SQL Injection exists in the Realpin through 1.5.04 component for ...)
+CVE-2018-6005
 	NOT-FOR-US: Realpin component for Joomla!
-CVE-2018-6004 (SQL Injection exists in the File Download Tracker 3.0 component for ...)
+CVE-2018-6004
 	NOT-FOR-US: File Download Tracker component for Joomla!
-CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function in ...)
+CVE-2018-6003
 	{DSA-4106-1}
 	- libtasn1-6 4.13-2
 	[jessie] - libtasn1-6 <not-affected> (Vulnerable code introduced in 4.3)
@@ -39361,125 +39351,125 @@ CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function i
 	NOTE: https://lists.gnu.org/archive/html/help-libtasn1/2018-01/msg00000.html
 	NOTE: Affected function introduced in: http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/lib/decoding.c?id=b12bfa8932f44d1d1c25b4a2e385387a62dfbcc9 (libtasn1_4_3)
 	NOTE: Fixed by: https://gitlab.com/gnutls/libtasn1/commit/c593ae84cfcde8fea45787e53950e0ac71e9ca97 (libtasn1_4_13)
-CVE-2018-6002 (The Soundy Background Music plugin 3.9 and below for WordPress has ...)
+CVE-2018-6002
 	NOT-FOR-US: Soundy Background Music plugin for WordPress
-CVE-2018-6001 (The Soundy Audio Playlist plugin 4.6 and below for WordPress has ...)
+CVE-2018-6001
 	NOT-FOR-US: Soundy Audio Playlist plugin for WordPress
-CVE-2018-6000 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The ...)
+CVE-2018-6000
 	NOT-FOR-US: AsusWRT
-CVE-2018-5999 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the ...)
+CVE-2018-5999
 	NOT-FOR-US: AsusWRT
 CVE-2018-5998
 	RESERVED
-CVE-2018-5997 (An issue was discovered in the HTTP Server in RAVPower Filehub ...)
+CVE-2018-5997
 	NOT-FOR-US: RAVPower Filehub
-CVE-2018-1000007 (libcurl 7.1 through 7.57.0 might accidentally leak authentication data ...)
+CVE-2018-1000007
 	{DSA-4098-1 DLA-1263-1}
 	- curl 7.58.0-1
 	NOTE: https://curl.haxx.se/docs/adv_2018-b3bf.html
 	NOTE: Patch: https://github.com/curl/curl/commit/af32cd3859336ab.patch
-CVE-2018-5996 (Insufficient exception handling in the method ...)
+CVE-2018-5996
 	- p7zip-rar 16.02-2 (bug #888314)
 	[stretch] - p7zip-rar <no-dsa> (Non-free not supported)
 	[jessie] - p7zip-rar <no-dsa> (Non-free not supported)
 	[wheezy] - p7zip-rar <no-dsa> (Non-free not supported)
 	NOTE: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
-CVE-2018-5995 (The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel ...)
+CVE-2018-5995
 	- linux 4.15.4-1
 	[stretch] - linux <ignored> (kernel log restricted to root by default)
-CVE-2018-5994 (SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the ...)
+CVE-2018-5994
 	NOT-FOR-US: JS Jobs component for Joomla!
-CVE-2018-5993 (SQL Injection exists in the Aist through 2.0 component for Joomla! via ...)
+CVE-2018-5993
 	NOT-FOR-US: Aist component for Joomla!
-CVE-2018-5992 (SQL Injection exists in the Staff Master through 1.0 RC 1 component for ...)
+CVE-2018-5992
 	NOT-FOR-US: Staff Master component for Joomla!
-CVE-2018-5991 (SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via ...)
+CVE-2018-5991
 	NOT-FOR-US: Form Maker component for Joomla!
-CVE-2018-5990 (SQL Injection exists in the AllVideos Reloaded 1.2.x component for ...)
+CVE-2018-5990
 	NOT-FOR-US: AllVideos Reloaded component for Joomla!
-CVE-2018-5989 (SQL Injection exists in the ccNewsletter 2.x component for Joomla! via ...)
+CVE-2018-5989
 	NOT-FOR-US: ccNewsletter component for Joomla!
-CVE-2018-5988 (SQL Injection exists in Flexible Poll 1.2 via the id parameter to ...)
+CVE-2018-5988
 	NOT-FOR-US: Flexible Poll
-CVE-2018-5987 (SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 ...)
+CVE-2018-5987
 	NOT-FOR-US: Pinterest Clone Social Pinboard component for Joomla!
-CVE-2018-5986 (SQL Injection exists in Easy Car Script 2014 via the s_order or s_row ...)
+CVE-2018-5986
 	NOT-FOR-US: Easy Car Script
-CVE-2018-5985 (SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for ...)
+CVE-2018-5985
 	NOT-FOR-US: LiveCRM SaaS Cloud
-CVE-2018-5984 (SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 ...)
+CVE-2018-5984
 	NOT-FOR-US: Tumder
-CVE-2018-5983 (SQL Injection exists in the JquickContact 1.3.2.2.1 component for ...)
+CVE-2018-5983
 	NOT-FOR-US: JquickContact component for Joomla!
-CVE-2018-5982 (SQL Injection exists in the Advertisement Board 3.1.0 component for ...)
+CVE-2018-5982
 	NOT-FOR-US: Advertisement Board component for Joomla!
-CVE-2018-5981 (SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via ...)
+CVE-2018-5981
 	NOT-FOR-US: Gallery WD component for Joomla!
-CVE-2018-5980 (SQL Injection exists in the Solidres 2.5.1 component for Joomla! via ...)
+CVE-2018-5980
 	NOT-FOR-US: Solidres component for Joomla!
-CVE-2018-5979 (SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 ...)
+CVE-2018-5979
 	NOT-FOR-US: Wchat Fully Responsive PHP AJAX Chat Script
-CVE-2018-5978 (SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the ...)
+CVE-2018-5978
 	NOT-FOR-US: Facebook Style Php Ajax Chat Zechat
-CVE-2018-5977 (SQL Injection exists in Affiligator Affiliate Webshop Management System ...)
+CVE-2018-5977
 	NOT-FOR-US: Affiligator Affiliate Webshop Management System
-CVE-2018-5976 (Cross Site Request Forgery (CSRF) exists in RSVP Invitation Online 1.0 ...)
+CVE-2018-5976
 	NOT-FOR-US: RSVP Invitation Online
-CVE-2018-5975 (SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! ...)
+CVE-2018-5975
 	NOT-FOR-US: Smart Shoutbox component for Joomla!
-CVE-2018-5974 (SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! ...)
+CVE-2018-5974
 	NOT-FOR-US: SimpleCalendar component for Joomla!
-CVE-2018-5973 (SQL Injection exists in Professional Local Directory Script 1.0 via ...)
+CVE-2018-5973
 	NOT-FOR-US: Professional Local Directory Script
-CVE-2018-5972 (SQL Injection exists in Classified Ads CMS Quickad 4.0 via the ...)
+CVE-2018-5972
 	NOT-FOR-US: Classified Ads CMS Quickad
-CVE-2018-5971 (SQL Injection exists in the MediaLibrary Free 4.0.12 component for ...)
+CVE-2018-5971
 	NOT-FOR-US: MediaLibrary Free component for Joomla!
-CVE-2018-5970 (SQL Injection exists in the JGive 2.0.9 component for Joomla! via the ...)
+CVE-2018-5970
 	NOT-FOR-US: JGive component for Joomla!
-CVE-2018-5969 (Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via ...)
+CVE-2018-5969
 	NOT-FOR-US: Photography CMS
-CVE-2018-5968 (FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 ...)
+CVE-2018-5968
 	{DSA-4114-1}
 	- jackson-databind 2.9.4-1 (bug #888316)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1899
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05
-CVE-2018-5967 (Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter ...)
+CVE-2018-5967
 	NOT-FOR-US: Netis WF2419 V2.2.36123 devices
 CVE-2018-5966
 	RESERVED
-CVE-2018-5965 (CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via ...)
+CVE-2018-5965
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-5964 (CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via ...)
+CVE-2018-5964
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-5963 (CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the ...)
+CVE-2018-5963
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-5962 (index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through ...)
+CVE-2018-5962
 	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
-CVE-2018-5961 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has ...)
+CVE-2018-5961
 	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
-CVE-2018-5960 (Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of ...)
+CVE-2018-5960
 	NOT-FOR-US: Zenario
 CVE-2018-5959
 	RESERVED
-CVE-2018-5958 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local ...)
+CVE-2018-5958
 	NOT-FOR-US: Zillya! Antivirus
-CVE-2018-5957 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local ...)
+CVE-2018-5957
 	NOT-FOR-US: Zillya! Antivirus
-CVE-2018-5956 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local ...)
+CVE-2018-5956
 	NOT-FOR-US: Zillya! Antivirus
-CVE-2018-5955 (An issue was discovered in GitStack through 2.3.10. User controlled ...)
+CVE-2018-5955
 	NOT-FOR-US: GitStack
-CVE-2018-5954 (phpFreeChat 1.7 and earlier allows remote attackers to cause a denial ...)
+CVE-2018-5954
 	NOT-FOR-US: phpFreeChat
-CVE-2018-5953 (The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel ...)
+CVE-2018-5953
 	- linux 4.15.4-1
 	[stretch] - linux <ignored> (kernel log restricted to root by default)
 CVE-2018-5952
 	RESERVED
 CVE-2018-5951
 	RESERVED
-CVE-2018-5950 (Cross-site scripting (XSS) vulnerability in the web UI in Mailman ...)
+CVE-2018-5950
 	{DSA-4108-1 DLA-1272-1}
 	- mailman 1:2.1.26-1 (bug #888201)
 	NOTE: https://mail.python.org/pipermail/mailman-users/2018-February/083011.html
@@ -39533,49 +39523,49 @@ CVE-2018-5927
 	RESERVED
 CVE-2018-5926
 	RESERVED
-CVE-2018-5925 (A security vulnerability has been identified with certain HP Inkjet ...)
+CVE-2018-5925
 	NOT-FOR-US: HP Inkjet printers
-CVE-2018-5924 (A security vulnerability has been identified with certain HP Inkjet ...)
+CVE-2018-5924
 	NOT-FOR-US: HP Inkjet printers
 CVE-2018-5923
 	RESERVED
 CVE-2018-5922
 	RESERVED
-CVE-2018-5921 (A potential security vulnerability has been identified with certain HP ...)
+CVE-2018-5921
 	NOT-FOR-US: HP printers
 CVE-2018-5920
 	RESERVED
-CVE-2018-5919 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5919
 	NOT-FOR-US: Android
-CVE-2018-5918 (Possible buffer overflow in DRM Trusted application due to lack of ...)
+CVE-2018-5918
 	NOT-FOR-US: Snapdragon
-CVE-2018-5917 (Possible buffer overflow in OEM crypto function due to improper input ...)
+CVE-2018-5917
 	NOT-FOR-US: Snapdragon
-CVE-2018-5916 (Buffer overread while decoding PDP modify request or network initiated ...)
+CVE-2018-5916
 	NOT-FOR-US: Snapdragon
-CVE-2018-5915 (Exception in Modem IP stack while processing IPv6 packet in snapdragon ...)
+CVE-2018-5915
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5914 (Improper input validation in TZ led to array out of bound in TZ ...)
+CVE-2018-5914
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5913
 	RESERVED
-CVE-2018-5912 (Potential buffer overflow in Video due to lack of input validation in ...)
+CVE-2018-5912
 	NOT-FOR-US: Snapdragon
 CVE-2018-5911
 	RESERVED
-CVE-2018-5910 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5910
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5909 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5909
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5908 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5908
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5907 (Possible buffer overflow in msm_adsp_stream_callback_put due to lack ...)
+CVE-2018-5907
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5906 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5906
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5905 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5905
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5904 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5904
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5903
 	RESERVED
@@ -39585,322 +39575,322 @@ CVE-2018-5901
 	RESERVED
 CVE-2018-5900
 	RESERVED
-CVE-2018-5899 (In Android releases from CAF using the linux kernel (Android for MSM, ...)
+CVE-2018-5899
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5898 (Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function ...)
+CVE-2018-5898
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5897 (While reading the data from buffer in dci_process_ctrl_status() there ...)
+CVE-2018-5897
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5896 (In Android releases from CAF using the linux kernel (Android for MSM, ...)
+CVE-2018-5896
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5895 (Buffer over-read may happen in wma_process_utf_event() due to improper ...)
+CVE-2018-5895
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5894 (Improper Validation of Array Index in Multimedia While parsing an mp4 ...)
+CVE-2018-5894
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5893 (While processing a message from firmware in htt_t2h_msg_handler_fast() ...)
+CVE-2018-5893
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5892 (The Touch Pal application can collect user behavior data without ...)
+CVE-2018-5892
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5891 (While processing modem SSR after IMS is registered, the IMS data ...)
+CVE-2018-5891
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5890 (If the fdt_totalsize is reported as 0 for the current device tree, it ...)
+CVE-2018-5890
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5889 (While processing a compressed kernel image, a buffer overflow can ...)
+CVE-2018-5889
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5888 (While processing the system path, an out of bounds access can occur in ...)
+CVE-2018-5888
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5887 (While processing the USB StrSerialDescriptor array, an array index out ...)
+CVE-2018-5887
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5886 (A pointer in an ADSPRPC command is not properly validated in all ...)
+CVE-2018-5886
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5885 (While loading dynamic fonts, a buffer overflow may occur if the number ...)
+CVE-2018-5885
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5884 (Improper Access Control in Multimedia in Snapdragon Mobile and ...)
+CVE-2018-5884
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5883
 	RESERVED
-CVE-2018-5882 (While parsing a Flac file with a corrupted comment block, a buffer ...)
+CVE-2018-5882
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5881 (Improper validation of buffer length checks in the lwm2m device ...)
+CVE-2018-5881
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5880 (Improper data length check while processing an event report indication ...)
+CVE-2018-5880
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5879 (Improper length check while processing an MQTT message can lead to ...)
+CVE-2018-5879
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5878 (While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, ...)
+CVE-2018-5878
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5877 (In the device programmer target-side code for firehose, a string may ...)
+CVE-2018-5877
 	NOT-FOR-US: Snapdragon
-CVE-2018-5876 (While parsing an mp4 file, a buffer overflow can occur in Snapdragon ...)
+CVE-2018-5876
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5875 (While parsing an mp4 file, an integer overflow leading to a buffer ...)
+CVE-2018-5875
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5874 (While parsing an mp4 file, a stack-based buffer overflow can occur in ...)
+CVE-2018-5874
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5873 (An issue was discovered in the __ns_get_path function in fs/nsfs.c in ...)
+CVE-2018-5873
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/073c516ff73557a8f7315066856c04b50383ac34
-CVE-2018-5872 (While parsing over-the-air information elements in all Android ...)
+CVE-2018-5872
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5871 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...)
+CVE-2018-5871
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5870 (While loading a service image, an untrusted pointer dereference can ...)
+CVE-2018-5870
 	NOT-FOR-US: Snapdragon
-CVE-2018-5869 (Improper input validation in the QTEE keymaster app can lead to ...)
+CVE-2018-5869
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5868 (Lack of checking input size can lead to buffer overflow In WideVine in ...)
+CVE-2018-5868
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5867 (Lack of checking input size can lead to buffer overflow In WideVine in ...)
+CVE-2018-5867
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5866 (While processing logs, data is copied into a buffer pointed to by an ...)
+CVE-2018-5866
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5865 (While processing a debug log event from firmware in all Android ...)
+CVE-2018-5865
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5864 (While processing a WMI_APFIND event in all Android releases from CAF ...)
+CVE-2018-5864
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5863 (If userspace provides a too-large WPA RSN IE length in ...)
+CVE-2018-5863
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5862 (In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF ...)
+CVE-2018-5862
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5861 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5861
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5860 (In the MDSS driver in all Android releases(Android for MSM, Firefox OS ...)
+CVE-2018-5860
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5859 (Due to a race condition in the MDSS MDP driver in all Android releases ...)
+CVE-2018-5859
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5858 (In the audio debugfs in all Android releases from CAF using the Linux ...)
+CVE-2018-5858
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5857 (In the WCD CPE codec, a Use After Free condition can occur in all ...)
+CVE-2018-5857
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5856 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-5856
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5855 (While padding or shrinking a nested wmi packet in all Android releases ...)
+CVE-2018-5855
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5854 (A stack-based buffer overflow can occur in fastboot from all Android ...)
+CVE-2018-5854
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5853 (A race condition exists in a driver in all Android releases from CAF ...)
+CVE-2018-5853
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5852
 	RESERVED
-CVE-2018-5851 (Buffer over flow can occur while processing a ...)
+CVE-2018-5851
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5850 (In the function csr_update_fils_params_rso(), insufficient validation ...)
+CVE-2018-5850
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5849 (Due to a race condition in the QTEECOM driver in all Android releases ...)
+CVE-2018-5849
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5848 (In the function wmi_set_ie(), the length validation code does not ...)
+CVE-2018-5848
 	{DLA-1715-1}
 	- linux 4.16.5-1
 	[stretch] - linux 4.9.144-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b5a8ffcae4103a9d823ea3aa3a761f65779fbe2a (4.16-rc1)
-CVE-2018-5847 (Early or late retirement of rotation requests can result in a Use ...)
+CVE-2018-5847
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5846 (A Use After Free condition can occur in the IPA driver whenever the ...)
+CVE-2018-5846
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5845 (A race condition in drm_atomic_nonblocking_commit() in the display ...)
+CVE-2018-5845
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5844 (In the video driver function set_output_buffers(), binfo can be ...)
+CVE-2018-5844
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5843 (In the function wma_pdev_div_info_evt_handler() in all Android ...)
+CVE-2018-5843
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5842 (An arbitrary address write can occur if a compromised WLAN firmware ...)
+CVE-2018-5842
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5841 (dcc_curr_list is initialized with a default invalid value that is ...)
+CVE-2018-5841
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5840 (Buffer Copy without Checking Size of Input can occur during the DRM ...)
+CVE-2018-5840
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5839 (Improperly configured memory protection allows read/write access to ...)
+CVE-2018-5839
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5838 (Improper Validation of Array Index In the adreno OpenGL driver in ...)
+CVE-2018-5838
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5837 (In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, ...)
+CVE-2018-5837
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5836 (In wma_nan_rsp_event_handler() in Android releases from CAF using the ...)
+CVE-2018-5836
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5835 (If the seq_len is greater then CSR_MAX_RSC_LEN, a buffer overflow in ...)
+CVE-2018-5835
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5834 (In __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can ...)
+CVE-2018-5834
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5833
 	RESERVED
-CVE-2018-5832 (Due to a race condition in a camera driver ioctl handler in Android ...)
+CVE-2018-5832
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5831 (In the KGSL driver in Android releases from CAF using the linux kernel ...)
+CVE-2018-5831
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5830 (While processing the HTT_T2H_MSG_TYPE_MGMT_TX_COMPL_IND message, a ...)
+CVE-2018-5830
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5829 (In wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF ...)
+CVE-2018-5829
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5828 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5828
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5827 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5827
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5826 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5826
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5825 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5825
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5824 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5824
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5823 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5823
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5822
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5821 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5821
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5820 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-5820
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5819 (An error within the &quot;parse_sinar_ia()&quot; function ...)
+CVE-2018-5819
 	- libraw 0.19.1-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
 	NOTE: https://github.com/LibRaw/LibRaw/commit/9eb76dc153f5acf42ec7325a33fe7ccdcadaf8d6
-CVE-2018-5818 (An error within the &quot;parse_rollei()&quot; function ...)
+CVE-2018-5818
 	- libraw 0.19.1-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
 	NOTE: https://github.com/LibRaw/LibRaw/commit/9eb76dc153f5acf42ec7325a33fe7ccdcadaf8d6
-CVE-2018-5817 (A type confusion error within the &quot;unpacked_load_raw()&quot; function ...)
+CVE-2018-5817
 	- libraw 0.19.1-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
 	NOTE: https://github.com/LibRaw/LibRaw/commit/9eb76dc153f5acf42ec7325a33fe7ccdcadaf8d6
-CVE-2018-5816 (An integer overflow error within the &quot;identify()&quot; function ...)
+CVE-2018-5816
 	- libraw 0.18.13-1 (low)
 	[stretch] - libraw <not-affected> (Fix for CVE-2018-5804 not released in stretch)
 	[jessie] - libraw <not-affected> (Fix for CVE-2018-5804 not in jessie LTS)
 	NOTE: http://seclists.org/bugtraq/2018/Jul/58
 	NOTE: Issue caused by an incomplete fix for CVE-2018-5804
-CVE-2018-5815 (An integer overflow error within the &quot;parse_qt()&quot; function ...)
+CVE-2018-5815
 	- libraw 0.18.13-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/bugtraq/2018/Jul/58
-CVE-2018-5814 (In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and ...)
+CVE-2018-5814
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	NOTE: https://git.kernel.org/linus/22076557b07c12086eeb16b8ce2b0b735f7a27e7
 	NOTE: https://git.kernel.org/linus/c171654caa875919be3c533d3518da8be5be966e
-CVE-2018-5813 (An error within the &quot;parse_minolta()&quot; function (dcraw/dcraw.c) in ...)
+CVE-2018-5813
 	- libraw 0.18.11-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-13/
-CVE-2018-5812 (An error within the &quot;nikon_coolscan_load_raw()&quot; function ...)
+CVE-2018-5812
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5811 (An error within the &quot;nikon_coolscan_load_raw()&quot; function ...)
+CVE-2018-5811
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5810 (An error within the &quot;rollei_load_raw()&quot; function ...)
+CVE-2018-5810
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5809 (An error within the &quot;LibRaw::parse_exif()&quot; function ...)
+CVE-2018-5809
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-9/
 	NOTE: https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9
-CVE-2018-5808 (An error within the &quot;find_green()&quot; function ...)
+CVE-2018-5808
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-9/
 	NOTE: https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9
-CVE-2018-5807 (An error within the &quot;samsung_load_raw()&quot; function ...)
+CVE-2018-5807
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5806 (An error within the &quot;leaf_hdr_load_raw()&quot; function ...)
+CVE-2018-5806
 	- libraw 0.18.8-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
-CVE-2018-5805 (A boundary error within the &quot;quicktake_100_load_raw()&quot; function ...)
+CVE-2018-5805
 	- libraw 0.18.8-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
-CVE-2018-5804 (A type confusion error within the &quot;identify()&quot; function ...)
+CVE-2018-5804
 	- libraw 0.18.8-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
-CVE-2018-5803 (In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, ...)
+CVE-2018-5803
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c
-CVE-2018-5802 (An error within the &quot;kodak_radc_load_raw()&quot; function ...)
+CVE-2018-5802
 	- libraw 0.18.7-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <ignored> (Minor issue)
 	NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
-CVE-2018-5801 (An error within the &quot;LibRaw::unpack()&quot; function (src/libraw_cxx.cpp) ...)
+CVE-2018-5801
 	- libraw 0.18.7-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <ignored> (Minor issue)
 	NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
-CVE-2018-5800 (An off-by-one error within the &quot;LibRaw::kodak_ycbcr_load_raw()&quot; ...)
+CVE-2018-5800
 	- libraw 0.18.7-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <ignored> (Minor issue)
 	NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
-CVE-2018-1000006 (GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, ...)
+CVE-2018-1000006
 	- electron <itp> (bug #842420)
 	NOTE: Linux is not affected
 	NOTE: https://electronjs.org/blog/protocol-handler-fix
 	NOTE: https://nodesecurity.io/advisories/563
-CVE-2018-5799 (In Zoho ManageEngine ServiceDesk Plus before 9403, an XSS issue allows ...)
+CVE-2018-5799
 	NOT-FOR-US: Zoho
 CVE-2018-5798
 	RESERVED
-CVE-2018-5797 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5797
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5796 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5796
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5795 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5795
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5794 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5794
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5793 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5793
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5792 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5792
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5791 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5791
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5790 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5790
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5789 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5789
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5788 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5788
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5787 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+CVE-2018-5787
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5786 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and ...)
+CVE-2018-5786
 	- lrzip 0.631+git180517-1 (bug #888506)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/91
-CVE-2018-5785 (In OpenJPEG 2.3.0, there is an integer overflow caused by an ...)
+CVE-2018-5785
 	{DSA-4405-1}
 	- openjpeg2 2.3.0-2 (low; bug #888533)
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later)
@@ -39908,14 +39898,14 @@ CVE-2018-5785 (In OpenJPEG 2.3.0, there is an integer overflow caused by an ...)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/ca16fe55014c57090dd97369256c7657aeb25975
 	NOTE: vulnerable code introduced in
 	NOTE: https://github.com/uclouvain/openjpeg/commit/33a0e66eb129c4e91b555a6b8dd9eab512fbfeb8
-CVE-2018-5784 (In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the ...)
+CVE-2018-5784
 	{DSA-4349-1 DLA-1411-1 DLA-1391-1}
 	- tiff 4.0.9-4 (bug #890441)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <postponed> (Minor issue, revisit once fixed upstream)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2772
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef
-CVE-2018-5783 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the ...)
+CVE-2018-5783
 	- libpodofo 0.9.6+dfsg-4 (bug #916142)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -39923,25 +39913,25 @@ CVE-2018-5783 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in th
 	NOTE: https://sourceforge.net/p/podofo/tickets/4/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1536179
 	NOTE: https://sourceforge.net/p/podofo/code/1949
-CVE-2018-5782 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
+CVE-2018-5782
 	NOT-FOR-US: Mitel
-CVE-2018-5781 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
+CVE-2018-5781
 	NOT-FOR-US: Mitel
-CVE-2018-5780 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
+CVE-2018-5780
 	NOT-FOR-US: Mitel
-CVE-2018-5779 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
+CVE-2018-5779
 	NOT-FOR-US: Mitel
-CVE-2018-5778 (An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 ...)
+CVE-2018-5778
 	NOT-FOR-US: Ipswitch WhatsUp Gold
-CVE-2018-5777 (An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 ...)
+CVE-2018-5777
 	NOT-FOR-US: Ipswitch WhatsUp Gold
 CVE-2018-5775
 	RESERVED
 CVE-2018-5774
 	RESERVED
-CVE-2018-5773 (An issue was discovered in markdown2 (aka python-markdown2) through ...)
+CVE-2018-5773
 	NOT-FOR-US: python-markdown2 (not our markdown, different code base)
-CVE-2018-5776 (WordPress before 4.9.2 has XSS in the Flash fallback files in ...)
+CVE-2018-5776
 	- wordpress 4.9.2+dfsg-1 (bug #887596)
 	[stretch] - wordpress <not-affected> (Vulnerable files have been removed before)
 	[jessie] - wordpress <not-affected> (Vulnerable files have been removed before)
@@ -39952,72 +39942,72 @@ CVE-2018-5776 (WordPress before 4.9.2 has XSS in the Flash fallback files in ...
 	NOTE: final wordpress version 4.9.2 which finally removed the mediaelement files.
 	NOTE: https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
-CVE-2018-5772 (In Exiv2 0.26, there is a segmentation fault caused by uncontrolled ...)
+CVE-2018-5772
 	[experimental] - exiv2 <unfixed> (bug #888862)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/216
 CVE-2018-5771
 	RESERVED
-CVE-2018-5770 (An issue was discovered on Tenda AC15 devices. A remote, ...)
+CVE-2018-5770
 	NOT-FOR-US: Tenda AC15 devices
 CVE-2018-5769
 	RESERVED
-CVE-2018-5768 (A remote, unauthenticated attacker can gain remote code execution on ...)
+CVE-2018-5768
 	NOT-FOR-US: Tenda AC15 router
-CVE-2018-5767 (An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A ...)
+CVE-2018-5767
 	NOT-FOR-US: Tenda AC15 V15.03.1.16_multi devices
-CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packet_ref ...)
+CVE-2018-5766
 	- libav <removed>
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1112
 CVE-2018-5765
 	RESERVED
-CVE-2018-5764 (The parse_arguments function in options.c in rsyncd in rsync before ...)
+CVE-2018-5764
 	{DLA-1247-1}
 	- rsync 3.1.2-2.2 (bug #887588)
 	[stretch] - rsync <no-dsa> (Minor issue)
 	[jessie] - rsync <no-dsa> (Minor issue)
 	NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=7706303828fcde524222babb2833864a4bd09e07
-CVE-2018-5763 (An issue was discovered in OXID eShop Enterprise Edition before 5.3.7 ...)
+CVE-2018-5763
 	NOT-FOR-US: OXID eShop Enterprise Edition
-CVE-2018-5762 (The TLS implementation in the TCP/IP networking module in Unisys ...)
+CVE-2018-5762
 	NOT-FOR-US: Unisys ClearPath MCP systems
-CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was found ...)
+CVE-2018-5761
 	NOT-FOR-US: Rubrik CDM
 CVE-2018-5760
 	RESERVED
-CVE-2018-5759 (jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the ...)
+CVE-2018-5759
 	NOT-FOR-US: MuJS
-CVE-2018-5758 (The Upload File functionality in upload.jspa in Aurea Jive Jive-n ...)
+CVE-2018-5758
 	NOT-FOR-US: Aurea Jive Jive-n
 CVE-2018-5757
 	RESERVED
-CVE-2018-5756 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, ...)
+CVE-2018-5756
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5755 (Absolute path traversal vulnerability in the readerengine component in ...)
+CVE-2018-5755
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5754 (Cross-site scripting (XSS) vulnerability in the office-web component ...)
+CVE-2018-5754
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5753 (The frontend component in Open-Xchange OX App Suite before ...)
+CVE-2018-5753
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5752 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, ...)
+CVE-2018-5752
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5751 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, ...)
+CVE-2018-5751
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5750 (The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux ...)
+CVE-2018-5750
 	{DSA-4187-1 DSA-4120-1 DLA-1369-1}
 	- linux 4.15.4-1
 	NOTE: https://patchwork.kernel.org/patch/10174835/
-CVE-2018-5749 (install.php in Minecraft Servers List Lite before commit c1cd164 and ...)
+CVE-2018-5749
 	NOT-FOR-US: Minecraft Servers List Lite
-CVE-2018-5748 (qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of ...)
+CVE-2018-5748
 	{DLA-1315-1}
 	- libvirt 4.0.0-1 (bug #887700)
 	[stretch] - libvirt 3.0.0-4+deb9u2
 	[jessie] - libvirt 1.2.9-9+deb8u5
 	NOTE: https://www.redhat.com/archives/libvir-list/2017-December/msg00749.html
 	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=bc251ea91bcfddd2622fce6bce701a438b2e7276
-CVE-2018-5747 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ...)
+CVE-2018-5747
 	- lrzip 0.631+git180517-1 (bug #898451)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
@@ -40052,34 +40042,34 @@ CVE-2018-5742 [Crash from assertion error when debug log level is 10 and log ent
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1655844
 	NOTE: https://bugs.centos.org/view.php?id=15528
 	NOTE: Introduced by https://bugzilla.redhat.com/show_bug.cgi?id=1452091
-CVE-2018-5741 (To provide fine-grained controls over the ability to use Dynamic DNS ...)
+CVE-2018-5741
 	- bind9 1:9.11.5+dfsg-1 (unimportant; bug #908595)
 	NOTE: https://kb.isc.org/docs/cve-2018-5741
 	NOTE: No code fix provided; Incorrect documentation of krb5-subdomain and ms-subdomain update policies.
 	NOTE: Will be adressed in 9.11.5, 9.12.3
-CVE-2018-5740 (&quot;deny-answer-aliases&quot; is a little-used feature intended to help ...)
+CVE-2018-5740
 	{DLA-1485-1}
 	- bind9 1:9.11.4.P1+dfsg-1 (bug #905743)
 	[stretch] - bind9 <postponed> (Can be fixed along in the next DSA)
 	NOTE: https://kb.isc.org/article/AA-01639/74/CVE-2018-5740
 	NOTE: https://gitlab.isc.org/isc-projects/bind9/merge_requests/607/commits
-CVE-2018-5739 (An extension to hooks capabilities which debuted in Kea 1.4.0 ...)
+CVE-2018-5739
 	- isc-kea <not-affected> (Vulnerable code introduced in Kea 1.4.0)
 	NOTE: https://kb.isc.org/article/AA-01626
 	NOTE: 1.4.0-1 was uploaded to experimental as https://tracker.debian.org/news/973011
 	NOTE: Tracking bug as #903729 with RC severity so this version does
 	NOTE: not enter unstable without fix.
-CVE-2018-5738 (Change #4777 (introduced in October 2017) introduced an unforeseen ...)
+CVE-2018-5738
 	- bind9 1:9.11.3+dfsg-2 (bug #901483)
 	[stretch] - bind9 <not-affected> (Vulnerable code introduced later)
 	[jessie] - bind9 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by upstream change #4777
 	NOTE: Introduced by: https://gitlab.isc.org/isc-projects/bind9/commit/89636d8f305956ad42e95a988502c7345e85ffe1
 	NOTE: https://kb.isc.org/article/AA-01616/0/CVE-2018-5738
-CVE-2018-5737 (A problem with the implementation of the new serve-stale feature in ...)
+CVE-2018-5737
 	- bind9 <not-affected> (only affects 9.12, not yet packaged)
 	NOTE: https://kb.isc.org/article/AA-01606
-CVE-2018-5736 (An error in zone database reference counting can lead to an assertion ...)
+CVE-2018-5736
 	- bind9 <not-affected> (only affects 9.12, not yet packaged)
 	NOTE: https://kb.isc.org/article/AA-01602
 CVE-2018-5735 [assertion failure in validator.c:1858]
@@ -40090,10 +40080,10 @@ CVE-2018-5735 [assertion failure in validator.c:1858]
 	NOTE: Mark as fixed version the 1:9.9.3.dfsg.P2-1 as the related code was
 	NOTE: added upstream in 9.9.3b1. The issue though does not affect bind9 upstream
 	NOTE: and is only triggered as described in #889285.
-CVE-2018-5734 (While handling a particular type of malformed packet BIND erroneously ...)
+CVE-2018-5734
 	- bind9 <not-affected> (Only affects Supported Preview Edition/Subscription Edition)
 	NOTE: https://kb.isc.org/article/AA-01562/74/CVE-2018-5734
-CVE-2018-5733 (A malicious client which is allowed to send very large amounts of ...)
+CVE-2018-5733
 	{DSA-4133-1 DLA-1313-1}
 	- isc-dhcp 4.3.5-3.1 (bug #891785)
 	NOTE: https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
@@ -40108,7 +40098,7 @@ CVE-2018-5732 [A specially constructed response from a malicious server can caus
 	NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47139
 	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d (4.4.1)
 	NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
-CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in ...)
+CVE-2018-1000005
 	- curl 7.58.0-1
 	[stretch] - curl 7.52.1-5+deb9u4
 	[jessie] - curl <not-affected> (Vulnerable code introduce later)
@@ -40117,63 +40107,63 @@ CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out bounds
 	NOTE: https://curl.haxx.se/docs/adv_2018-824a.html
 	NOTE: Introduced by: https://github.com/curl/curl/commit/0761a51ee0551ad9e5
 	NOTE: Patch: https://github.com/curl/curl/commit/fa3dbb9a147488a294.patch
-CVE-2018-5731 (An issue was discovered in Heimdal PRO 2.2.190. As part of the ...)
+CVE-2018-5731
 	NOT-FOR-US: Heimdal PRO
-CVE-2018-5730 (MIT krb5 1.6 or later allows an authenticated kadmin with permission ...)
+CVE-2018-5730
 	{DLA-1643-1}
 	- krb5 1.16.1-1 (bug #891869)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
-CVE-2018-5729 (MIT krb5 1.6 or later allows an authenticated kadmin with permission ...)
+CVE-2018-5729
 	{DLA-1643-1}
 	- krb5 1.16.1-1 (bug #891869)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
-CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to ...)
+CVE-2018-5728
 	NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
-CVE-2018-5727 (In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the ...)
+CVE-2018-5727
 	- openjpeg2 <unfixed> (unimportant; bug #888532)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1053
 	NOTE: ubsan error (integer overflow), no security impact per se and unlikely
 	NOTE: to trigger any security relevant issue
-CVE-2018-5726 (MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain ...)
+CVE-2018-5726
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
-CVE-2018-5725 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated ...)
+CVE-2018-5725
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
-CVE-2018-5724 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated ...)
+CVE-2018-5724
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
-CVE-2018-5723 (MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of ...)
+CVE-2018-5723
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
 CVE-2018-5722
 	RESERVED
-CVE-2018-5721 (Stack-based buffer overflow in the ej_update_variables function in ...)
+CVE-2018-5721
 	NOT-FOR-US: ASUS routers
-CVE-2018-5720 (An issue was discovered on DODOCOOL DC38 3-in-1 N300 Mini Wireless ...)
+CVE-2018-5720
 	NOT-FOR-US: DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extend RTN2-AW.GD.R3465.1.20161103 devices
 CVE-2018-5719
 	RESERVED
-CVE-2018-5718 (Improper restriction of write operations within the bounds of a memory ...)
+CVE-2018-5718
 	NOT-FOR-US: SoftControl
-CVE-2018-5717 (Memory write mechanism in NCR S2 Dispenser controller before firmware ...)
+CVE-2018-5717
 	NOT-FOR-US: NCR S2 Dispenser controller
-CVE-2018-5716 (An issue was discovered in Reprise License Manager 11.0. This ...)
+CVE-2018-5716
 	NOT-FOR-US: Reprise License Manager
-CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query ...)
+CVE-2018-5715
 	NOT-FOR-US: SugarCRM
-CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows ...)
+CVE-2018-5714
 	NOT-FOR-US: Malwarefox Anti-Malware
-CVE-2018-5713 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows ...)
+CVE-2018-5713
 	NOT-FOR-US: Malwarefox Anti-Malware
-CVE-2018-5712 (An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, ...)
+CVE-2018-5712
 	{DSA-4081-1 DSA-4080-1 DLA-1251-1}
 	- php7.1 7.1.13-1
 	- php7.0 7.0.27-1
 	- php5 <removed>
 	NOTE: Fixed in 5.6.33, 7.0.27, 7.1.13, 7.2.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74782
-CVE-2018-5711 (gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP ...)
+CVE-2018-5711
 	{DSA-4081-1 DSA-4080-1 DLA-1651-1 DLA-1248-1}
 	- php7.1 7.1.13-1 (unimportant)
 	- php7.0 7.0.27-1 (unimportant)
@@ -40186,7 +40176,7 @@ CVE-2018-5711 (gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PH
 	[stretch] - libgd2 2.2.4-2+deb9u3
 	NOTE: https://github.com/libgd/libgd/issues/420
 	NOTE: https://github.com/libgd/libgd/commit/a11f47475e6443b7f32d21f2271f28f417e2ac04
-CVE-2018-5710 (An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ...)
+CVE-2018-5710
 	- krb5 1.16.1-1 (bug #889685)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[jessie] - krb5 <no-dsa> (Minor issue)
@@ -40196,77 +40186,77 @@ CVE-2018-5710 (An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16
 	NOTE: having coordinated with upstream and the CVE assignment ist sill for
 	NOTE: slight different coverage. Thus keep it distinct (for now) and mark
 	NOTE: CVE-2018-5710 issue as well as fixed once #891869 is adressed.
-CVE-2018-5709 (An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. ...)
+CVE-2018-5709
 	- krb5 <unfixed> (unimportant; bug #889684)
 	NOTE: https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
 	NOTE: non-issue, codepath is only run on trusted input, potential integer
 	NOTE: overflow is non-issue
-CVE-2018-5708 (An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on ...)
+CVE-2018-5708
 	NOT-FOR-US: D-Link
 CVE-2018-5707
 	RESERVED
-CVE-2018-5706 (An issue was discovered in Octopus Deploy before 4.1.9. Any user with ...)
+CVE-2018-5706
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-5705 (Reservo Image Hosting 1.6 is vulnerable to XSS attacks. The affected ...)
+CVE-2018-5705
 	NOT-FOR-US: Reservo Image Hosting
-CVE-2018-1000003 (Improper input validation bugs in DNSSEC validators components in ...)
+CVE-2018-1000003
 	- pdns-recursor 4.1.1-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1)
 	[wheezy] - pdns-recursor <not-affected> (Only affects 4.1)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
-CVE-2018-1000002 (Improper input validation bugs in DNSSEC validators components in Knot ...)
+CVE-2018-1000002
 	- knot-resolver 1.5.2-1
 	NOTE: https://www.knot-resolver.cz/2018-01-22-knot-resolver-1.5.2.html
 	NOTE: prior to 1.5.1 memcached module was called kmemcached
-CVE-2018-5704 (Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use ...)
+CVE-2018-5704
 	{DSA-4093-1 DLA-1253-1}
 	- openocd 0.10.0-4 (bug #887488)
 	NOTE: https://sourceforge.net/p/openocd/mailman/message/36188041/
 	NOTE: http://openocd.zylin.com/4330
 	NOTE: http://openocd.zylin.com/4331
 	NOTE: http://openocd.zylin.com/4335
-CVE-2018-5703 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux ...)
+CVE-2018-5703
 	- linux 4.15.11-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/1/16/53
-CVE-2018-5701 (In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys ...)
+CVE-2018-5701
 	NOT-FOR-US: Iolo System Shield AntiVirus and AntiSpyware
-CVE-2018-5700 (Winmail Server through 6.2 allows remote code execution by ...)
+CVE-2018-5700
 	NOT-FOR-US: Winmail Server
 CVE-2018-5699
 	RESERVED
-CVE-2018-5698 (libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer ...)
+CVE-2018-5698
 	- r-cran-haven 1.1.1-1
 	NOTE: https://github.com/WizardMac/ReadStat/issues/108
 	NOTE: https://github.com/WizardMac/ReadStat/commit/79793dba3b665ff037ca60140441a6679a8971cf
-CVE-2018-5697 (Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to ...)
+CVE-2018-5697
 	NOT-FOR-US: Icy Phoenix
-CVE-2018-5696 (The iJoomla com_adagency plugin 6.0.9 for Joomla! allows SQL injection ...)
+CVE-2018-5696
 	NOT-FOR-US: iJoomla com_adagency plugin for Joomla!
-CVE-2018-5695 (The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the ...)
+CVE-2018-5695
 	NOT-FOR-US: WpJobBoard plugin for WordPress
-CVE-2018-5694 (The callforward module in User Control Panel (UCP) in Nicolas Gudino ...)
+CVE-2018-5694
 	NOT-FOR-US: Nicolas Gudino (aka Asternic) Flash Operator Panel
-CVE-2018-5693 (The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows ...)
+CVE-2018-5693
 	NOT-FOR-US: LinuxMagic MagicSpam extension for Plesk
-CVE-2018-5692 (Piwigo v2.8.2 has XSS via the `tab`, `to`, `section`, `mode`, ...)
+CVE-2018-5692
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/847
 	NOTE: https://github.com/Piwigo/Piwigo/commit/18e4b861992e8412fd70a3a7e0b2bf9b676c42ed
-CVE-2018-5691 (SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` ...)
+CVE-2018-5691
 	NOT-FOR-US: SonicWall Global Management System
-CVE-2018-5690 (Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclear ...)
+CVE-2018-5690
 	- dotclear <removed>
-CVE-2018-5689 (Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear ...)
+CVE-2018-5689
 	- dotclear <removed>
-CVE-2018-5688 (ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader ...)
+CVE-2018-5688
 	NOT-FOR-US: ILIAS
-CVE-2018-5687 (NewsBee allows XSS via the Company Name field in the Settings under ...)
+CVE-2018-5687
 	NOT-FOR-US: NewsBee CMS
-CVE-2018-5686 (In MuPDF 1.12.0, there is an infinite loop vulnerability and ...)
+CVE-2018-5686
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1 (bug #887130)
 	[jessie] - mupdf <no-dsa> (Minor issue)
@@ -40275,89 +40265,89 @@ CVE-2018-5686 (In MuPDF 1.12.0, there is an infinite loop vulnerability and ...)
 	NOTE: pdf_parse_array function in source/pdf/pdf-parse.c does not consider
 	NOTE: EOF.
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=b70eb93f6936c03d8af52040bbca4d4a7db39079
-CVE-2018-5685 (In GraphicsMagick 1.3.27, there is an infinite loop and application ...)
+CVE-2018-5685
 	{DSA-4321-1 DLA-1456-1 DLA-1245-1}
 	- graphicsmagick 1.3.27-4 (bug #887158)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52a91ddb1aa6
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/541/
 	NOTE: Before 1.3.27, the problem only affects 32-bit architectures (i.e., 4-byte long) it
 	NOTE: expanded to 64-bit architectures with upstream commit be5e89e6032d
-CVE-2018-5684 (In Libav through 12.2, there is an invalid memcpy call in the ...)
+CVE-2018-5684
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1110
-CVE-2018-5683 (The vga_draw_text function in Qemu allows local OS guest privileged ...)
+CVE-2018-5683
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #887392)
 	[wheezy] - qemu <postponed> (Minor issue, can be fixed along in next DLA)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <postponed> (Minor issue, can be fixed along in next DLA)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg02131.html
-CVE-2018-5682 (PrestaShop 1.7.2.4 allows user enumeration via the Reset Password ...)
+CVE-2018-5682
 	NOT-FOR-US: PrestaShop
-CVE-2018-5681 (PrestaShop 1.7.2.4 has XSS via source-code editing on the &quot;Pages &gt; Edit ...)
+CVE-2018-5681
 	NOT-FOR-US: PrestaShop
-CVE-2018-5680 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-5680
 	NOT-FOR-US: Foxit
-CVE-2018-5679 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-5679
 	NOT-FOR-US: Foxit
-CVE-2018-5678 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-5678
 	NOT-FOR-US: Foxit
-CVE-2018-5677 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-5677
 	NOT-FOR-US: Foxit
-CVE-2018-5676 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-5676
 	NOT-FOR-US: Foxit
-CVE-2018-5675 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-5675
 	NOT-FOR-US: Foxit
-CVE-2018-5674 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-5674
 	NOT-FOR-US: Foxit
-CVE-2018-5673 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+CVE-2018-5673
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5672 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+CVE-2018-5672
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5671 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+CVE-2018-5671
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5670 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+CVE-2018-5670
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5669 (An issue was discovered in the read-and-understood plugin 2.1 for ...)
+CVE-2018-5669
 	NOT-FOR-US: read-and-understood plugin for WordPress
-CVE-2018-5668 (An issue was discovered in the read-and-understood plugin 2.1 for ...)
+CVE-2018-5668
 	NOT-FOR-US: read-and-understood plugin for WordPress
-CVE-2018-5667 (An issue was discovered in the read-and-understood plugin 2.1 for ...)
+CVE-2018-5667
 	NOT-FOR-US: read-and-understood plugin for WordPress
-CVE-2018-5666 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5666
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5665 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5665
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5664 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5664
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5663 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5663
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5662 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5662
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5661 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5661
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5660 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5660
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5659 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5659
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5658 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5658
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5657 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+CVE-2018-5657
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5656 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+CVE-2018-5656
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5655 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+CVE-2018-5655
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5654 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+CVE-2018-5654
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5653 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+CVE-2018-5653
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5652 (An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS ...)
+CVE-2018-5652
 	NOT-FOR-US: dark-mode plugin for WordPress
-CVE-2018-5651 (An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS ...)
+CVE-2018-5651
 	NOT-FOR-US: dark-mode plugin for WordPress
-CVE-2018-5650 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and ...)
+CVE-2018-5650
 	- lrzip 0.631+git180517-1 (bug #887065)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
@@ -40542,9 +40532,9 @@ CVE-2018-5562
 	RESERVED
 CVE-2018-5561
 	RESERVED
-CVE-2018-5560 (A reliance on a static, hard-coded credential in the design of the ...)
+CVE-2018-5560
 	NOT-FOR-US: Guardzilla
-CVE-2018-5559 (In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are ...)
+CVE-2018-5559
 	NOT-FOR-US: Rapid7 Komand
 CVE-2018-5558
 	RESERVED
@@ -40556,266 +40546,266 @@ CVE-2018-5555
 	RESERVED
 CVE-2018-5554
 	RESERVED
-CVE-2018-5553 (The Crestron Console service running on DGE-100, DM-DGE-200-C, and ...)
+CVE-2018-5553
 	NOT-FOR-US: Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices
-CVE-2018-5552 (Versions of DocuTrac QuicDoc and Office Therapy that ship with ...)
+CVE-2018-5552
 	NOT-FOR-US: DocuTrac QuicDoc and Office Therapy
-CVE-2018-5551 (Versions of DocuTrac QuicDoc and Office Therapy that ship with ...)
+CVE-2018-5551
 	NOT-FOR-US: DocuTrac QuicDoc and Office Therapy
-CVE-2018-5550 (Versions of Epson AirPrint released prior to January 19, 2018 contain ...)
+CVE-2018-5550
 	NOT-FOR-US: Epson AirPrint
-CVE-2018-5549 (On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and ...)
+CVE-2018-5549
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5548 (On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for ...)
+CVE-2018-5548
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5547 (Windows Logon Integration feature of F5 BIG-IP APM client prior to ...)
+CVE-2018-5547
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5546 (The svpn and policyserver components of the F5 BIG-IP APM client prior ...)
+CVE-2018-5546
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5545 (On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated ...)
+CVE-2018-5545
 	NOT-FOR-US: F5 WebSafe Alert Server
-CVE-2018-5544 (When the F5 BIG-IP APM 13.0.0-13.1.1 or 12.1.0-12.1.3 renders certain ...)
+CVE-2018-5544
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5543 (The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) ...)
+CVE-2018-5543
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5542 (F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS ...)
+CVE-2018-5542
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5541 (When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, ...)
+CVE-2018-5541
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5540 (On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or ...)
+CVE-2018-5540
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5539 (Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, ...)
+CVE-2018-5539
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5538 (On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS ...)
+CVE-2018-5538
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5537 (A remote attacker may be able to disrupt services on F5 BIG-IP ...)
+CVE-2018-5537
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5536 (A remote attacker via undisclosed measures, may be able to exploit an ...)
+CVE-2018-5536
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5535 (On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 ...)
+CVE-2018-5535
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5534 (Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, ...)
+CVE-2018-5534
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5533 (Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, ...)
+CVE-2018-5533
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5532 (On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 ...)
+CVE-2018-5532
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5531 (Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, ...)
+CVE-2018-5531
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5530 (F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual ...)
+CVE-2018-5530
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5529 (The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 ...)
+CVE-2018-5529
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5528 (Under certain conditions, TMM may restart and produce a core file ...)
+CVE-2018-5528
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5527 (On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods ...)
+CVE-2018-5527
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5526 (Under certain conditions, on F5 BIG-IP ASM 13.1.0-13.1.0.5, Behavioral ...)
+CVE-2018-5526
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5525 (A local file vulnerability exists in the F5 BIG-IP Configuration ...)
+CVE-2018-5525
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5524 (Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, ...)
+CVE-2018-5524
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5523 (On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, ...)
+CVE-2018-5523
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5522 (On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or ...)
+CVE-2018-5522
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5521 (On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or ...)
+CVE-2018-5521
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5520 (On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 ...)
+CVE-2018-5520
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5519 (On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, ...)
+CVE-2018-5519
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5518 (On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users ...)
+CVE-2018-5518
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5517 (On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP ...)
+CVE-2018-5517
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5516 (On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, ...)
+CVE-2018-5516
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5515 (On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses ...)
+CVE-2018-5515
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5514 (On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request ...)
+CVE-2018-5514
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5513 (On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, ...)
+CVE-2018-5513
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5512 (On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN ...)
+CVE-2018-5512
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5511 (On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated ...)
+CVE-2018-5511
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5510 (On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel ...)
+CVE-2018-5510
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5509 (On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically ...)
+CVE-2018-5509
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5508 (On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, ...)
+CVE-2018-5508
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5507 (On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or ...)
+CVE-2018-5507
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5506 (In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 ...)
+CVE-2018-5506
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5505 (On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both ...)
+CVE-2018-5505
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5504 (In some circumstances, the Traffic Management Microkernel (TMM) does ...)
+CVE-2018-5504
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5503 (On F5 BIG-IP versions 13.0.0 - 13.1.0.3 or 12.0.0 - 12.1.3.1, TMM may ...)
+CVE-2018-5503
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5502 (On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to ...)
+CVE-2018-5502
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5501 (In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - ...)
+CVE-2018-5501
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5500 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - ...)
+CVE-2018-5500
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5499 (ATTO FibreBridge 7500N firmware version 2.95 is susceptible to a ...)
+CVE-2018-5499
 	NOT-FOR-US: ATTO FibreBridge 7500N firmware
-CVE-2018-5498 (Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a ...)
+CVE-2018-5498
 	NOT-FOR-US: Clustered Data ONTAP
-CVE-2018-5497 (Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are ...)
+CVE-2018-5497
 	NOT-FOR-US: Clustered Data ONTAP
-CVE-2018-5496 (Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are ...)
+CVE-2018-5496
 	NOT-FOR-US: Data ONTAP
-CVE-2018-5495 (All StorageGRID Webscale versions are susceptible to a vulnerability ...)
+CVE-2018-5495
 	NOT-FOR-US: NetApp
 CVE-2018-5494
 	RESERVED
 CVE-2018-5493
 	RESERVED
-CVE-2018-5492 (NetApp E-Series SANtricity OS Controller Software 11.30 and later ...)
+CVE-2018-5492
 	NOT-FOR-US: NetApp
 CVE-2018-5491
 	RESERVED
-CVE-2018-5490 (Read-Only export policy rules are not correctly enforced in Clustered ...)
+CVE-2018-5490
 	NOT-FOR-US: NetApp Data ONTAP
-CVE-2018-5489 (NetApp 7-Mode Transition Tool allows users with valid credentials to ...)
+CVE-2018-5489
 	NOT-FOR-US: NetApp
-CVE-2018-5488 (NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through ...)
+CVE-2018-5488
 	NOT-FOR-US: NetApp SANtricity Web Services Proxy
-CVE-2018-5487 (NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ...)
+CVE-2018-5487
 	NOT-FOR-US: NetApp OnCommand Unified Manager for Linux
-CVE-2018-5486 (NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ...)
+CVE-2018-5486
 	NOT-FOR-US: NetApp OnCommand Unified Manager for Linux
-CVE-2018-5485 (NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 ...)
+CVE-2018-5485
 	NOT-FOR-US: NetApp OnCommand Unified Manager for Windows
 CVE-2018-5484
 	RESERVED
 CVE-2018-5483
 	RESERVED
-CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1 does not set the secure flag for ...)
+CVE-2018-5482
 	NOT-FOR-US: NetApp SnapCenter Server
-CVE-2018-5481 (OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 ...)
+CVE-2018-5481
 	NOT-FOR-US: OnCommand Unified Manager
 CVE-2018-5480
 	RESERVED
-CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to footer information) is vulnerable ...)
+CVE-2018-5479
 	NOT-FOR-US: FoxSash ImgHosting
 CVE-2018-5478
 	RESERVED
-CVE-2018-5477 (An Information Exposure issue was discovered in ABB netCADOPS Web ...)
+CVE-2018-5477
 	NOT-FOR-US: ABB netCADOPS Web Application
-CVE-2018-5476 (A Stack-based Buffer Overflow issue was discovered in Delta Electronics ...)
+CVE-2018-5476
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-5475 (A Stack-based Buffer Overflow issue was discovered in GE D60 Line ...)
+CVE-2018-5475
 	NOT-FOR-US: GE D60 Line Distance Relay devices
-CVE-2018-5474 (Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input ...)
+CVE-2018-5474
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5473 (An Improper Restriction of Operations within the Bounds of a Memory ...)
+CVE-2018-5473
 	NOT-FOR-US: GE D60 Line Distance Relay devices
-CVE-2018-5472 (Philips Intellispace Portal all versions 7.0.x and 8.0.x have an ...)
+CVE-2018-5472
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5471 (A Cleartext Transmission of Sensitive Information issue was discovered ...)
+CVE-2018-5471
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5470 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an ...)
+CVE-2018-5470
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5469 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
+CVE-2018-5469
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5468 (Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote ...)
+CVE-2018-5468
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5467 (An Information Exposure Through Query Strings in GET Request issue was ...)
+CVE-2018-5467
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5466 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a ...)
+CVE-2018-5466
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5465 (A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, ...)
+CVE-2018-5465
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5464 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an ...)
+CVE-2018-5464
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5463 (A structured exception handler overflow vulnerability in Leao ...)
+CVE-2018-5463
 	NOT-FOR-US: Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA
-CVE-2018-5462 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an ...)
+CVE-2018-5462
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5461 (An Inadequate Encryption Strength issue was discovered in Belden ...)
+CVE-2018-5461
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
 CVE-2018-5460
 	RESERVED
-CVE-2018-5459 (An Improper Authentication issue was discovered in WAGO PFC200 Series ...)
+CVE-2018-5459
 	NOT-FOR-US: WAGO PFC200
-CVE-2018-5458 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a ...)
+CVE-2018-5458
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5457 (A uncontrolled search path element issue was discovered in Vyaire ...)
+CVE-2018-5457
 	NOT-FOR-US: Vyaire Medical CareFusion Upgrade Utility
 CVE-2018-5456
 	RESERVED
-CVE-2018-5455 (A Reliance on Cookies without Validation and Integrity Checking issue ...)
+CVE-2018-5455
 	NOT-FOR-US: Moxa
-CVE-2018-5454 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a ...)
+CVE-2018-5454
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5453 (An Improper Handling of Length Parameter Inconsistency issue was ...)
+CVE-2018-5453
 	NOT-FOR-US: Moxa
-CVE-2018-5452 (A Stack-based Buffer Overflow issue was discovered in Emerson Process ...)
+CVE-2018-5452
 	NOT-FOR-US: Emerson Process Management ControlWave Micro Process Automation Controller
-CVE-2018-5451 (In Philips Alice 6 System version R8.0.2 or prior, when an actor ...)
+CVE-2018-5451
 	NOT-FOR-US: Philips Alice 6 System
 CVE-2018-5450
 	RESERVED
-CVE-2018-5449 (A NULL Pointer Dereference issue was discovered in Moxa OnCell ...)
+CVE-2018-5449
 	NOT-FOR-US: Moxa
-CVE-2018-5448 (All versions of the Medtronic 2090 Carelink Programmer are affected by ...)
+CVE-2018-5448
 	NOT-FOR-US: Medtronic
-CVE-2018-5447 (An Improper Input Validation issue was discovered in Nari PCS-9611 ...)
+CVE-2018-5447
 	NOT-FOR-US: Nari PCS-9611 relay
-CVE-2018-5446 (All versions of the Medtronic 2090 Carelink Programmer are affected by ...)
+CVE-2018-5446
 	NOT-FOR-US: Medtronic
-CVE-2018-5445 (A Path Traversal issue was discovered in Advantech WebAccess/SCADA ...)
+CVE-2018-5445
 	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2018-5444
 	RESERVED
-CVE-2018-5443 (A SQL Injection issue was discovered in Advantech WebAccess/SCADA ...)
+CVE-2018-5443
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2018-5442 (A Stack-based Buffer Overflow issue was discovered in Fuji Electric ...)
+CVE-2018-5442
 	NOT-FOR-US: Fuji Electric V-Server VPR
-CVE-2018-5441 (An Improper Validation of Integrity Check Value issue was discovered in ...)
+CVE-2018-5441
 	NOT-FOR-US: PHOENIX CONTACT mGuard firmware
-CVE-2018-5440 (A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS ...)
+CVE-2018-5440
 	NOT-FOR-US: 3S-Smart
-CVE-2018-5439 (A Command Injection issue was discovered in Nortek Linear eMerge E3 ...)
+CVE-2018-5439
 	NOT-FOR-US: Nortek Linear eMerge E3 series
-CVE-2018-5438 (Philips ISCV application prior to version 2.3.0 has an insufficient ...)
+CVE-2018-5438
 	NOT-FOR-US: Philips ISCV application
-CVE-2018-5437 (The TIBCO Spotfire Client and TIBCO Spotfire Web ...)
+CVE-2018-5437
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2018-5436 (The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire ...)
+CVE-2018-5436
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2018-5435 (The TIBCO Spotfire Client and TIBCO Spotfire Web ...)
+CVE-2018-5435
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2018-5434 (The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime ...)
+CVE-2018-5434
 	NOT-FOR-US: TIBCO Runtime Agent
-CVE-2018-5433 (The TIBCO Administrator server component of TIBCO Software Inc.'s ...)
+CVE-2018-5433
 	NOT-FOR-US: TIBCO Administrator
-CVE-2018-5432 (The TIBCO Administrator server component of of TIBCO Software Inc.'s ...)
+CVE-2018-5432
 	NOT-FOR-US: TIBCO Administrator
-CVE-2018-5431 (The domain designer component of TIBCO Software Inc.'s TIBCO ...)
+CVE-2018-5431
 	- jasperreports <undetermined>
 	[jessie] - jasperreports <end-of-life> (not supported in Jessie)
 	[wheezy] - jasperreports <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5431
-CVE-2018-5430 (The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports ...)
+CVE-2018-5430
 	- jasperreports <undetermined>
 	[jessie] - jasperreports <end-of-life> (not supported in Jessie)
 	[wheezy] - jasperreports <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430
-CVE-2018-5429 (A vulnerability in the report scripting component of TIBCO Software ...)
+CVE-2018-5429
 	- jasperreports <undetermined>
 	[jessie] - jasperreports <end-of-life> (not supported in Jessie)
 	[wheezy] - jasperreports <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5429
-CVE-2018-5428 (The version control adapters component of TIBCO Data Virtualization ...)
+CVE-2018-5428
 	NOT-FOR-US: TIBCO Data Virtualization
 CVE-2018-5427
 	REJECTED
@@ -40845,19 +40835,19 @@ CVE-2018-5415
 	REJECTED
 CVE-2018-5414
 	REJECTED
-CVE-2018-5413 (Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low ...)
+CVE-2018-5413
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-5412 (Imperva SecureSphere running v12.0.0.50 is vulnerable to local ...)
+CVE-2018-5412
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-5411 (Pixar's Tractor software, versions 2.2 and earlier, contain a stored ...)
+CVE-2018-5411
 	NOT-FOR-US: Pixar Tractor
-CVE-2018-5410 (Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a ...)
+CVE-2018-5410
 	NOT-FOR-US: Dokan
 CVE-2018-5409
 	RESERVED
 CVE-2018-5408
 	RESERVED
-CVE-2018-5407 (Simultaneous Multi-threading (SMT) in processors can enable local ...)
+CVE-2018-5407
 	{DSA-4355-1 DSA-4348-1 DLA-1586-1}
 	- openssl 1.1.1~~pre9-1
 	- openssl1.0 1.0.2q-1
@@ -40873,15 +40863,15 @@ CVE-2018-5405
 	RESERVED
 CVE-2018-5404
 	RESERVED
-CVE-2018-5403 (Imperva SecureSphere gateway (GW) running v13, for both pre-First Time ...)
+CVE-2018-5403
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-5402 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App ...)
+CVE-2018-5402
 	NOT-FOR-US: Auto-Maskin
-CVE-2018-5401 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App ...)
+CVE-2018-5401
 	NOT-FOR-US: Auto-Maskin
-CVE-2018-5400 (The Auto-Maskin products utilize an undocumented custom protocol to ...)
+CVE-2018-5400
 	NOT-FOR-US: Auto-Maskin
-CVE-2018-5399 (The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear ...)
+CVE-2018-5399
 	NOT-FOR-US: Auto-Maskin
 CVE-2018-5398
 	RESERVED
@@ -40893,26 +40883,26 @@ CVE-2018-5395
 	RESERVED
 CVE-2018-5394
 	RESERVED
-CVE-2018-5393 (The TP-LINK EAP Controller is TP-LINK's software for remotely ...)
+CVE-2018-5393
 	NOT-FOR-US: TP-LINK
-CVE-2018-5392 (mingw-w64 version 5.0.4 by default produces executables that opt in to ...)
+CVE-2018-5392
 	- mingw-w64 <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/mingw-w64/mailman/message/31034877/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17321
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19011
 	NOTE: https://www.kb.cert.org/vuls/id/307144 (describes workaround)
-CVE-2018-5391 (The Linux kernel, versions 3.9+, is vulnerable to a denial of service ...)
+CVE-2018-5391
 	{DSA-4272-1 DLA-1715-1 DLA-1529-1 DLA-1466-1}
 	- linux 4.17.15-1
 	NOTE: Mitigation: Change the default values of net.ipv4.ipfrag_high_thresh and
 	NOTE: net.ipv4.ipfrag_low_thresh back to 256kB and 192 kB (respectively) or
 	NOTE: below.
-CVE-2018-5390 (Linux kernel versions 4.9+ can be forced to make very expensive calls ...)
+CVE-2018-5390
 	{DSA-4266-1 DLA-1466-1}
 	- linux 4.17.14-1 (bug #905751)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.kb.cert.org/vuls/id/962459
-CVE-2018-5389 (The Internet Key Exchange v1 main mode is vulnerable to offline ...)
+CVE-2018-5389
 	- strongswan <unfixed> (unimportant)
 	- libreswan <unfixed> (unimportant)
 	- ipsec-tools <unfixed> (unimportant)
@@ -40921,7 +40911,7 @@ CVE-2018-5389 (The Internet Key Exchange v1 main mode is vulnerable to offline .
 	NOTE: https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf
 	NOTE: https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_felsch.pdf
 	NOTE: vulnerability in IKEv1 protocol, not fixable in implementation; use strong passphrase or public-key cryptography
-CVE-2018-5388 (In stroke_socket.c in strongSwan before 5.6.3, a missing packet length ...)
+CVE-2018-5388
 	{DSA-4229-1}
 	- strongswan 5.6.3-1
 	[stretch] - strongswan <no-dsa> (needs root priv for access to the stroke socket)
@@ -40931,89 +40921,89 @@ CVE-2018-5388 (In stroke_socket.c in strongSwan before 5.6.3, a missing packet l
 	NOTE: https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=0acd1ab4
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-5.6.3-released.html
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-5388).html
-CVE-2018-5387 (Wizkunde SAMLBase may incorrectly utilize the results of XML DOM ...)
+CVE-2018-5387
 	NOT-FOR-US: Wizkunde SAMLBase
-CVE-2018-5386 (Some Navarino Infinity functions, up to version 2.2, placed in the URL ...)
+CVE-2018-5386
 	NOT-FOR-US: Navarino Infinity
-CVE-2018-5385 (Navarino Infinity is prone to session fixation attacks. The server ...)
+CVE-2018-5385
 	NOT-FOR-US: Navarino Infinity
-CVE-2018-5384 (Navarino Infinity web interface up to version 2.2 exposes an ...)
+CVE-2018-5384
 	NOT-FOR-US: Navarino Infinity
-CVE-2018-5383 (Bluetooth firmware or operating system software drivers in macOS ...)
+CVE-2018-5383
 	- firmware-nonfree 20190114-1
 	[stretch] - firmware-nonfree <no-dsa> (non-free not supported)
 	NOTE: http://www.cs.technion.ac.il/~biham/BT/
-CVE-2018-5382 (Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that ...)
+CVE-2018-5382
 	- bouncycastle 1.48+dfsg-2
 	[wheezy] - bouncycastle <ignored> (this only affects the integrity verification and not the content of the BKS keystore)
 	NOTE: https://insights.sei.cmu.edu/cert/2018/03/the-curious-case-of-the-bouncy-castle-bks-passwords.html
 	NOTE: https://www.kb.cert.org/vuls/id/306792
 	NOTE: Issue fixed in 1.47 upstream. The default MAC for a BKS key store was
 	NOTE: 2 bytes before and has been upgraded to 20 bytes.
-CVE-2018-5381 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its ...)
+CVE-2018-5381
 	{DSA-4115-1 DLA-1286-1}
 	- quagga 1.2.4-1 (bug #890563)
 	NOTE: https://www.quagga.net/security/Quagga-2018-1975.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=ce07207c50a3d1f05d6dd49b5294282e59749787
-CVE-2018-5380 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun ...)
+CVE-2018-5380
 	{DSA-4115-1 DLA-1286-1}
 	- quagga 1.2.4-1 (bug #890563)
 	NOTE: https://www.quagga.net/security/Quagga-2018-1550.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=9e5251151894aefdf8e9392a2371615222119ad8
-CVE-2018-5379 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free ...)
+CVE-2018-5379
 	{DSA-4115-1 DLA-1286-1}
 	- quagga 1.2.4-1 (bug #890563)
 	NOTE: https://www.quagga.net/security/Quagga-2018-1114.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=e69b535f92eafb599329bf725d9b4c6fd5d7fded
-CVE-2018-5378 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly ...)
+CVE-2018-5378
 	- quagga 1.2.4-1 (bug #890563)
 	[stretch] - quagga 1.1.1-3+deb9u2
 	[jessie] - quagga <not-affected> (Vulnerable code not present)
 	[wheezy] - quagga <not-affected> (Vulnerable code not present)
 	NOTE: https://www.quagga.net/security/Quagga-2018-0543.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=cc2e6770697e343f4af534114ab7e633d5beabec
-CVE-2018-5377 (Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access ...)
+CVE-2018-5377
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5376 (Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_upload.php ...)
+CVE-2018-5376
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5375 (Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php ...)
+CVE-2018-5375
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5702 (Transmission through 2.92 relies on X-Transmission-Session-Id (which is ...)
+CVE-2018-5702
 	{DSA-4087-1 DLA-1246-1}
 	- transmission 2.92-3 (bug #886990)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/12/1
 	NOTE: https://github.com/transmission/transmission/pull/468
 	NOTE: Proposed patch: https://patch-diff.githubusercontent.com/raw/transmission/transmission/pull/468.diff
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1447
-CVE-2018-5374 (The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL ...)
+CVE-2018-5374
 	NOT-FOR-US: Dbox 3D Slider Lite plugin for WordPress
-CVE-2018-5373 (The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection ...)
+CVE-2018-5373
 	NOT-FOR-US: Smooth Slider plugin for WordPress
-CVE-2018-5372 (The Testimonial Slider plugin through 1.2.4 for WordPress has SQL ...)
+CVE-2018-5372
 	NOT-FOR-US: Testimonial Slider plugin for WordPress
-CVE-2018-5371 (diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ...)
+CVE-2018-5371
 	NOT-FOR-US: D-Link
-CVE-2018-5370 (BizLogic xnami 1.0 has XSS via the comment parameter in an addComment ...)
+CVE-2018-5370
 	NOT-FOR-US: BizLogic xnami
-CVE-2018-5369 (The SrbTransLatin plugin 1.46 for WordPress has XSS via an ...)
+CVE-2018-5369
 	NOT-FOR-US: SrbTransLatin plugin for WordPress
-CVE-2018-5368 (The SrbTransLatin plugin 1.46 for WordPress has CSRF via an ...)
+CVE-2018-5368
 	NOT-FOR-US: SrbTransLatin plugin for WordPress
-CVE-2018-5367 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the ...)
+CVE-2018-5367
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5366 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the ...)
+CVE-2018-5366
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5365 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the ...)
+CVE-2018-5365
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5364 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the ...)
+CVE-2018-5364
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5363 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the ...)
+CVE-2018-5363
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5362 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the ...)
+CVE-2018-5362
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5361 (The WPGlobus plugin 1.9.6 for WordPress has CSRF via ...)
+CVE-2018-5361
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5360 (LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...)
+CVE-2018-5360
 	- tiff <undetermined>
 	- tiff3 <undetermined>
 	[wheezy] - tiff3 <postponed> (Minor issue, revisit once fixed upstream)
@@ -41023,14 +41013,14 @@ CVE-2018-5360 (LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...
 	NOTE: fixed as per 2016-10-25 (first release to ship the patch seems to be 4.0.7)
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/739dcd28a061738b317c1e9f91029d9cbc157159
 	NOTE: TODO check which exact Debian release contained the fix at first
-CVE-2018-5359 (The server in Flexense SysGauge 3.6.18 operating on port 9221 can be ...)
+CVE-2018-5359
 	NOT-FOR-US: Flexense SysGauge
-CVE-2018-5358 (ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes ...)
+CVE-2018-5358
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/939
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e72d445220287727d7886a5f17a10caf944a802
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ed80c93e4cbf2727ead75fd8bd5e5d9ecbe762f9
-CVE-2018-5357 (ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function ...)
+CVE-2018-5357
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/941
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4b60459202805cb4c9a96cdeeb70db594b1d3c72
@@ -41050,19 +41040,19 @@ CVE-2018-5351
 	RESERVED
 CVE-2018-5350
 	RESERVED
-CVE-2018-5349 (A vulnerability has been found in Heimdal PRO v2.2.190, but it is most ...)
+CVE-2018-5349
 	NOT-FOR-US: Heimdal PRO
 CVE-2018-5348
 	RESERVED
-CVE-2018-5347 (Seagate Media Server in Seagate Personal Cloud has unauthenticated ...)
+CVE-2018-5347
 	NOT-FOR-US: Seagate Media Server in Seagate Personal Cloud
 CVE-2018-5346
 	RESERVED
-CVE-2018-1000004 (In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a ...)
+CVE-2018-1000004
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
-CVE-2018-1000001 (In glibc 2.26 and earlier there is confusion in the usage of getcwd() ...)
+CVE-2018-1000001
 	- glibc 2.26-4 (bug #887001)
 	[stretch] - glibc <postponed> (Minor issue, can be fixed along in next DSA or preferably point release)
 	[jessie] - glibc <postponed> (Minor issue, can be fixed along in next DSA or preferably point release)
@@ -41071,11 +41061,11 @@ CVE-2018-1000001 (In glibc 2.26 and earlier there is confusion in the usage of g
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/11/5
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22679
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=52a713fdd0a30e1bd79818e2e3c4ab44ddca1a94
-CVE-2018-5345 (A stack-based buffer overflow within GNOME gcab through 0.7.4 can be ...)
+CVE-2018-5345
 	{DSA-4095-1}
 	- gcab 0.7-7 (bug #887776)
 	NOTE: https://git.gnome.org/browse/gcab/commit/?id=bd2abee5f0a9b5cbe3a1ab1f338c4fb8f6ca797b
-CVE-2018-5344 (In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles ...)
+CVE-2018-5344
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
@@ -41083,58 +41073,58 @@ CVE-2018-5344 (In the Linux kernel through 4.14.13, drivers/block/loop.c mishand
 	NOTE: Fixed by: https://git.kernel.org/linus/ae6650163c66a7eff1acd6eb8b0f752dcfa8eba5
 CVE-2018-5343
 	RESERVED
-CVE-2018-5342 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 ...)
+CVE-2018-5342
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5341 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 ...)
+CVE-2018-5341
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5340 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 ...)
+CVE-2018-5340
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5339 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 ...)
+CVE-2018-5339
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5338 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 ...)
+CVE-2018-5338
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5337 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 ...)
+CVE-2018-5337
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5336 (In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, ...)
+CVE-2018-5336
 	{DSA-4101-1 DLA-1258-1}
 	- wireshark 2.4.4-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-01.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f4c95cf46ba6adbd10b09747e10742801bc706b
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f6702e49a9720d173246668495eece6d77eca5b0
-CVE-2018-5335 (In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector ...)
+CVE-2018-5335
 	{DSA-4101-1 DLA-1258-1}
 	- wireshark 2.4.4-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-04.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=086b87376b988c555484349aa115d6e08ac6db07
-CVE-2018-5334 (In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file ...)
+CVE-2018-5334
 	{DSA-4101-1 DLA-1258-1}
 	- wireshark 2.4.4-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-03.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dc308c05ba0673460fe80873b22d296880ee996d
-CVE-2018-5333 (In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in ...)
+CVE-2018-5333
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/7d11f77f84b27cef452cee332f4e469503084737
-CVE-2018-5332 (In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() ...)
+CVE-2018-5332
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c095508770aebf1b9218e77026e48345d719b17c
-CVE-2018-5331 (Discuz! DiscuzX X3.4 has XSS via the view parameter to ...)
+CVE-2018-5331
 	NOT-FOR-US: Discuz!
-CVE-2018-5330 (ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of ...)
+CVE-2018-5330
 	NOT-FOR-US: ZyXEL
-CVE-2018-5329 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site ...)
+CVE-2018-5329
 	NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
-CVE-2018-5328 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various ...)
+CVE-2018-5328
 	NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
-CVE-2018-5327 (Cheetah Mobile Armorfly Browser &amp; Downloader 1.1.05.0010, when ...)
+CVE-2018-5327
 	NOT-FOR-US: Cheetah Mobile Armorfly Browser & Downloader
-CVE-2018-5326 (Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified ...)
+CVE-2018-5326
 	NOT-FOR-US: Cheetah Mobile CM Browser
 CVE-2018-5325
 	RESERVED
@@ -41148,27 +41138,27 @@ CVE-2018-5321
 	RESERVED
 CVE-2018-5320
 	RESERVED
-CVE-2018-5319 (RAVPower FileHub 2.000.056 allows remote users to steal sensitive ...)
+CVE-2018-5319
 	NOT-FOR-US: RAVPower FileHub
 CVE-2018-5318
 	RESERVED
 CVE-2018-5317
 	RESERVED
-CVE-2018-5316 (The &quot;SagePay Server Gateway for WooCommerce&quot; plugin before 1.0.9 for ...)
+CVE-2018-5316
 	NOT-FOR-US: "SagePay Server Gateway for WooCommerce" plugin for WordPress
-CVE-2018-5315 (The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL ...)
+CVE-2018-5315
 	NOT-FOR-US: Wachipi WP Events Calendar plugin for WordPress
-CVE-2018-5314 (Command injection vulnerability in Citrix NetScaler ADC and NetScaler ...)
+CVE-2018-5314
 	NOT-FOR-US: Citrix
-CVE-2018-5313 (A vulnerability allows local attackers to escalate privilege on Rapid ...)
+CVE-2018-5313
 	NOT-FOR-US: Rapid Scada
-CVE-2018-5312 (The tabs-responsive plugin 1.8.0 for WordPress has XSS via the ...)
+CVE-2018-5312
 	NOT-FOR-US: tabs-responsive plugin for WordPress
-CVE-2018-5311 (The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the ...)
+CVE-2018-5311
 	NOT-FOR-US: Easy Custom Auto Excerpt plugin for WordPress
-CVE-2018-5310 (In the &quot;Media from FTP&quot; plugin before 9.85 for WordPress, Directory ...)
+CVE-2018-5310
 	NOT-FOR-US: "Media from FTP" plugin for WordPress
-CVE-2018-5309 (In PoDoFo 0.9.5, there is an integer overflow in the ...)
+CVE-2018-5309
 	- libpodofo 0.9.6+dfsg-3 (low)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -41176,7 +41166,7 @@ CVE-2018-5309 (In PoDoFo 0.9.5, there is an integer overflow in the ...)
 	NOTE: https://sourceforge.net/p/podofo/tickets/5/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532381
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1907
-CVE-2018-5308 (PoDoFo 0.9.5 does not properly validate memcpy arguments in the ...)
+CVE-2018-5308
 	- libpodofo 0.9.5-9 (low; bug #854602)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -41185,21 +41175,21 @@ CVE-2018-5308 (PoDoFo 0.9.5 does not properly validate memcpy arguments in the .
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1870
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1876
 	NOTE: duplicate CVE: CVE-2017-5854
-CVE-2018-5307 (Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus ...)
+CVE-2018-5307
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-5306 (Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus ...)
+CVE-2018-5306
 	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-5305
 	RESERVED
-CVE-2018-5304 (An issue was discovered on the Impinj Speedway Connect R420 RFID ...)
+CVE-2018-5304
 	NOT-FOR-US: Impinj Speedway Connect R420 RFID Reader
-CVE-2018-5303 (An issue was discovered on the Impinj Speedway Connect R420 RFID ...)
+CVE-2018-5303
 	NOT-FOR-US: Impinj Speedway Connect R420 RFID Reader
 CVE-2018-5302
 	RESERVED
-CVE-2018-5301 (Magento Community Edition and Enterprise Edition before 2.0.10 and ...)
+CVE-2018-5301
 	NOT-FOR-US: Magento
-CVE-2018-1000028 (Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, ...)
+CVE-2018-1000028
 	- linux 4.14.17-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -41207,7 +41197,7 @@ CVE-2018-1000028 (Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.
 	NOTE: Fixed by: https://git.kernel.org/linus/1995266727fa8143897e89b55f5d3c79aa828420
 	NOTE: Introducing commit backported to 4.14.8 and 4.9.76. But Debian stretch
 	NOTE: did never contain the vulnerable code alone without the fix.
-CVE-2018-1000027 (The Squid Software Foundation Squid HTTP Caching Proxy version prior ...)
+CVE-2018-1000027
 	{DSA-4122-1 DLA-1267-1 DLA-1266-1}
 	[experimental] - squid 4.0.23-1~exp8
 	- squid 4.1-1
@@ -41216,7 +41206,7 @@ CVE-2018-1000027 (The Squid Software Foundation Squid HTTP Caching Proxy version
 	NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch
 	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
-CVE-2018-1000024 (The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to ...)
+CVE-2018-1000024
 	{DSA-4122-1 DLA-1266-1}
 	[experimental] - squid 4.0.23-1~exp8
 	- squid 4.1-1
@@ -41227,278 +41217,278 @@ CVE-2018-1000024 (The Squid Software Foundation Squid HTTP Caching Proxy version
 	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_1.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
 	NOTE: Squid3 in Debian builds to use the libxml2 or libexpat XML parsers.
-CVE-2018-1000022 (Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to ...)
+CVE-2018-1000022
 	- electrum 3.0.5-1 (bug #886683)
 	[jessie] - electrum <not-affected> (Only affects >= 2.6)
 	NOTE: https://github.com/spesmilo/electrum/issues/3374
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/10/4
 CVE-2018-5300
 	RESERVED
-CVE-2018-5299 (A stack-based Buffer Overflow Vulnerability exists in the web server in ...)
+CVE-2018-5299
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-5298 (In the Procter &amp; Gamble &quot;Oral-B App&quot; (aka com.pg.oralb.oralbapp) ...)
+CVE-2018-5298
 	NOT-FOR-US: Procter & Gamble "Oral-B App" for Android
 CVE-2018-5297
 	RESERVED
-CVE-2018-5296 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the ...)
+CVE-2018-5296
 	- libpodofo 0.9.6+dfsg-3 (low)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/tickets/6/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1925
-CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer overflow in the ...)
+CVE-2018-5295
 	- libpodofo 0.9.5-9 (low; bug #889511)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: upstream thread: https://sourceforge.net/p/podofo/mailman/message/36180168/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1889
-CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an ...)
+CVE-2018-5294
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/98
-CVE-2018-5293 (The GD Rating System plugin 2.3 for WordPress has XSS via the ...)
+CVE-2018-5293
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5292 (The GD Rating System plugin 2.3 for WordPress has XSS via the ...)
+CVE-2018-5292
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5291 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal ...)
+CVE-2018-5291
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5290 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal ...)
+CVE-2018-5290
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5289 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal ...)
+CVE-2018-5289
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5288 (The GD Rating System plugin 2.3 for WordPress has XSS via the ...)
+CVE-2018-5288
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5287 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal ...)
+CVE-2018-5287
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5286 (The GD Rating System plugin 2.3 for WordPress has XSS via the ...)
+CVE-2018-5286
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5285 (The ImageInject plugin 1.15 for WordPress has CSRF via ...)
+CVE-2018-5285
 	NOT-FOR-US: ImageInject plugin for WordPress
-CVE-2018-5284 (The ImageInject plugin 1.15 for WordPress has XSS via the flickr_appid ...)
+CVE-2018-5284
 	NOT-FOR-US: ImageInject plugin for WordPress
-CVE-2018-5283 (The Photos in Wifi application 1.0.1 for iOS has directory traversal ...)
+CVE-2018-5283
 	NOT-FOR-US: Photos in Wifi application for iOS
-CVE-2018-5282 (** DISPUTED ** Kentico 9.0 through 11.0 has a stack-based buffer ...)
+CVE-2018-5282
 	NOT-FOR-US: Kentico
-CVE-2018-5281 (SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices ...)
+CVE-2018-5281
 	NOT-FOR-US: SonicWall SonicOS
-CVE-2018-5280 (SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices ...)
+CVE-2018-5280
 	NOT-FOR-US: SonicWall SonicOS
-CVE-2018-5279 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5279
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5278 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5278
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5277 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5277
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5276 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5276
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5275 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5275
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5274 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5274
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5273 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5273
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5272 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5272
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5271 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5271
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5270 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
+CVE-2018-5270
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5269 (In OpenCV 3.3.1, an assertion failure happens in ...)
+CVE-2018-5269
 	{DLA-1438-1 DLA-1354-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #886675)
 	[stretch] - opencv <ignored> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/10540
 	NOTE: 2.4 backport: https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
-CVE-2018-5268 (In OpenCV 3.3.1, a heap-based buffer overflow happens in ...)
+CVE-2018-5268
 	{DLA-1438-1 DLA-1354-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #886674)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/10541
 	NOTE: 2.4 backport: https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
-CVE-2018-5267 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to ...)
+CVE-2018-5267
 	NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
-CVE-2018-5266 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to ...)
+CVE-2018-5266
 	NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
 CVE-2018-5265
 	RESERVED
 CVE-2018-5264
 	RESERVED
-CVE-2018-5263 (The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before ...)
+CVE-2018-5263
 	NOT-FOR-US: The StackIdeas EasyDiscuss extension for Joomla!
-CVE-2018-5262 (A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier ...)
+CVE-2018-5262
 	NOT-FOR-US: Flexense DiskBoss
-CVE-2018-5261 (An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due ...)
+CVE-2018-5261
 	NOT-FOR-US: Flexense DiskBoss
 CVE-2018-5260
 	RESERVED
-CVE-2018-5259 (Discuz! DiscuzX X3.4 allows remote authenticated users to bypass ...)
+CVE-2018-5259
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5258 (The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL ...)
+CVE-2018-5258
 	NOT-FOR-US: Neon app
 CVE-2018-5257
 	RESERVED
-CVE-2018-5256 (CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before ...)
+CVE-2018-5256
 	NOT-FOR-US: CoreOS Tectonic
-CVE-2018-5255 (The Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20 before ...)
+CVE-2018-5255
 	NOT-FOR-US: Arista
-CVE-2018-5254 (Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of ...)
+CVE-2018-5254
 	NOT-FOR-US: Arista EOS
-CVE-2018-5253 (The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an ...)
+CVE-2018-5253
 	NOT-FOR-US: Bento4
-CVE-2018-5252 (libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has ...)
+CVE-2018-5252
 	NOT-FOR-US: ImageWorsener
-CVE-2018-5251 (In libming 0.4.8, there is an integer signedness error vulnerability ...)
+CVE-2018-5251
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/97
 CVE-2018-5250
 	RESERVED
-CVE-2018-5249 (Cross-site scripting (XSS) vulnerability in Shaarli before 0.8.5 and ...)
+CVE-2018-5249
 	- shaarli <itp> (bug #864559)
-CVE-2018-5248 (In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in ...)
+CVE-2018-5248
 	{DSA-4245-1 DSA-4204-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #886588)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/927
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/c76434c16b5ac8861ee0c5d5c3ab8974fae3d624
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0272305f91763b5ce119a2c7a0e0084d8241a58d
-CVE-2018-5247 (In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in ...)
+CVE-2018-5247
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/928
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0ecb22aa909e52d86b4545aa7a51f7a0922147e6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d85c34f8bd699c31b94118babc6c0445eecc9920
-CVE-2018-5246 (In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage ...)
+CVE-2018-5246
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/929
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1c3dd700bbb17837ee6f540aff3eafc76262accf
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e59dc85e6ce58fd7618c3680b2a8def62050582f
 CVE-2018-5245
 	RESERVED
-CVE-2018-5243 (The Symantec Encryption Management Server (SEMS) product, prior to ...)
+CVE-2018-5243
 	NOT-FOR-US: Symantec
-CVE-2018-5242 (Norton App Lock prior to version 1.3.0.329 can be susceptible to a ...)
+CVE-2018-5242
 	NOT-FOR-US: Norton App Lock
-CVE-2018-5241 (Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, ...)
+CVE-2018-5241
 	NOT-FOR-US: Symantec
-CVE-2018-5240 (The Inventory Plugin for Symantec Management Agent prior to 7.6 POST ...)
+CVE-2018-5240
 	NOT-FOR-US: Inventory Plugin for Symantec Management Agent
-CVE-2018-5239 (Norton App Lock prior to v1.3.0.332 can be susceptible to a bypass ...)
+CVE-2018-5239
 	NOT-FOR-US: Norton
-CVE-2018-5238 (Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) ...)
+CVE-2018-5238
 	NOT-FOR-US: Norton
-CVE-2018-5237 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 ...)
+CVE-2018-5237
 	NOT-FOR-US: Symantec
-CVE-2018-5236 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may ...)
+CVE-2018-5236
 	NOT-FOR-US: Symantec
-CVE-2018-5235 (Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL ...)
+CVE-2018-5235
 	NOT-FOR-US: Norton
-CVE-2018-5234 (The Norton Core router prior to v237 may be susceptible to a command ...)
+CVE-2018-5234
 	NOT-FOR-US: Norton Core router
-CVE-2018-5244 (In Xen 4.10, new infrastructure was introduced as part of an overhaul ...)
+CVE-2018-5244
 	- xen <not-affected> (Only affects Xen 4.10 onwards)
 	NOTE: https://xenbits.xen.org/xsa/advisory-253.html
-CVE-2018-5233 (Cross-site scripting (XSS) vulnerability in ...)
+CVE-2018-5233
 	NOT-FOR-US: Grav CMS admin plugin
-CVE-2018-5232 (The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and ...)
+CVE-2018-5232
 	NOT-FOR-US: Atlassian Jira
-CVE-2018-5231 (The ForgotLoginDetails resource in Atlassian Jira before version ...)
+CVE-2018-5231
 	NOT-FOR-US: Atlassian
-CVE-2018-5230 (The issue collector in Atlassian Jira before version 7.6.6, from ...)
+CVE-2018-5230
 	NOT-FOR-US: Atlassian
-CVE-2018-5229 (The NotificationRepresentationFactoryImpl class in Atlassian Universal ...)
+CVE-2018-5229
 	NOT-FOR-US: Atlassian
-CVE-2018-5228 (The /browse/~raw resource in Atlassian Fisheye and Crucible before ...)
+CVE-2018-5228
 	NOT-FOR-US: Atlassian
-CVE-2018-5227 (Various administrative application link resources in Atlassian ...)
+CVE-2018-5227
 	NOT-FOR-US: Atlassian
-CVE-2018-5226 (There was an argument injection vulnerability in Sourcetree for ...)
+CVE-2018-5226
 	NOT-FOR-US: Atlassian
-CVE-2018-5225 (In browser editing in Atlassian Bitbucket Server from version 4.13.0 ...)
+CVE-2018-5225
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2018-5224 (Bamboo did not correctly check if a configured Mercurial repository ...)
+CVE-2018-5224
 	NOT-FOR-US: Atlassian
-CVE-2018-5223 (Fisheye and Crucible did not correctly check if a configured Mercurial ...)
+CVE-2018-5223
 	NOT-FOR-US: Atlassian
 CVE-2018-5222
 	RESERVED
-CVE-2018-5221 (Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX ...)
+CVE-2018-5221
 	NOT-FOR-US: BarCodeWiz BarCode
-CVE-2018-5220 (In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local ...)
+CVE-2018-5220
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5219 (In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5219
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5218 (In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local ...)
+CVE-2018-5218
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5217 (In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local ...)
+CVE-2018-5217
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5216 (Radiant CMS 1.1.4 has XSS via crafted Markdown input in the ...)
+CVE-2018-5216
 	NOT-FOR-US: Radiant CMS
-CVE-2018-5215 (Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title ...)
+CVE-2018-5215
 	NOT-FOR-US: Fork CMS
-CVE-2018-5214 (The &quot;Add Link to Facebook&quot; plugin through 2.3 for WordPress has XSS via ...)
+CVE-2018-5214
 	NOT-FOR-US: "Add Link to Facebook" plugin for WordPress
-CVE-2018-5213 (The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS ...)
+CVE-2018-5213
 	NOT-FOR-US: Simple Download Monitor plugin for WordPress
-CVE-2018-5212 (The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS ...)
+CVE-2018-5212
 	NOT-FOR-US: Simple Download Monitor plugin for WordPress
-CVE-2018-5211 (PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack ...)
+CVE-2018-5211
 	NOT-FOR-US: PHP Melody
-CVE-2018-5210 (On Samsung mobile devices with N(7.x) software and Exynos chipsets, ...)
+CVE-2018-5210
 	NOT-FOR-US: Samsung mobile devices
 CVE-2018-5209
 	RESERVED
-CVE-2018-5208 (In Irssi before 1.0.6, a calculation error in the completion code could ...)
+CVE-2018-5208
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5207 (When using an incomplete variable argument, Irssi before 1.0.6 may ...)
+CVE-2018-5207
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5206 (When the channel topic is set without specifying a sender, Irssi before ...)
+CVE-2018-5206
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5205 (When using incomplete escape codes, Irssi before 1.0.6 may access data ...)
+CVE-2018-5205
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5204 (ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a ...)
+CVE-2018-5204
 	NOT-FOR-US: ML Report
-CVE-2018-5203 (DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a ...)
+CVE-2018-5203
 	NOT-FOR-US: DEXTUploadX5
-CVE-2018-5202 (SKCertService 2.5.5 and earlier contains a vulnerability that could ...)
+CVE-2018-5202
 	NOT-FOR-US: SKCertService
-CVE-2018-5201 (Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO ...)
+CVE-2018-5201
 	NOT-FOR-US: Hancom Office
-CVE-2018-5200 (KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow ...)
+CVE-2018-5200
 	NOT-FOR-US: KMPlayer (different from src:kmplayer)
-CVE-2018-5199 (In Veraport G3 ALL on MacOS, due to insufficient domain validation, It ...)
+CVE-2018-5199
 	NOT-FOR-US: Veraport G3 ALL
-CVE-2018-5198 (In Veraport G3 ALL on MacOS, a race condition when calling the ...)
+CVE-2018-5198
 	NOT-FOR-US: Veraport G3 ALL
-CVE-2018-5197 (A vulnerability in the ExtCommon.dll user extension module version ...)
+CVE-2018-5197
 	NOT-FOR-US: Xplatform ActiveX
-CVE-2018-5196 (Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused ...)
+CVE-2018-5196
 	NOT-FOR-US: ALZip
-CVE-2018-5195 (Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow ...)
+CVE-2018-5195
 	NOT-FOR-US: Hancom NEO
 CVE-2018-5194
 	RESERVED
@@ -41508,11 +41498,11 @@ CVE-2018-5192
 	RESERVED
 CVE-2018-5191
 	REJECTED
-CVE-2018-5190 (PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows ...)
+CVE-2018-5190
 	NOT-FOR-US: PicturesPro Photo Cart
-CVE-2018-5189 (Race condition in Jungo Windriver 12.5.1 allows local users to cause a ...)
+CVE-2018-5189
 	NOT-FOR-US: Jungo Windriver
-CVE-2018-5188 (Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ...)
+CVE-2018-5188
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -41520,36 +41510,36 @@ CVE-2018-5188 (Memory safety bugs present in Firefox 60, Firefox ESR 60, and Fir
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5188
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-5188
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-5188
-CVE-2018-5187 (Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of ...)
+CVE-2018-5187
 	{DSA-4295-1 DLA-1575-1}
 	- firefox 61.0-1
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5187
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-5187
-CVE-2018-5186 (Memory safety bugs present in Firefox 60. Some of these bugs showed ...)
+CVE-2018-5186
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5186
-CVE-2018-5185 (Plaintext of decrypted emails can leak through by user submitting an ...)
+CVE-2018-5185
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185
-CVE-2018-5184 (Using remote content in encrypted messages can lead to the disclosure ...)
+CVE-2018-5184
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1 (bug #898631)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184
-CVE-2018-5183 (Mozilla developers backported selected changes in the Skia library. ...)
+CVE-2018-5183
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox-esr 52.8.0esr-1
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5183
-CVE-2018-5182 (If a text string that happens to be a filename in the operating ...)
+CVE-2018-5182
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5182
-CVE-2018-5181 (If a URL using the &quot;file:&quot; protocol is dragged and dropped onto an ...)
+CVE-2018-5181
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5181
-CVE-2018-5180 (A use-after-free vulnerability can occur during WebGL operations. ...)
+CVE-2018-5180
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5180
 CVE-2018-5179
@@ -41557,44 +41547,44 @@ CVE-2018-5179
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-5178 (A buffer overflow was found during UTF8 to Unicode string conversion ...)
+CVE-2018-5178
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox-esr 52.8.0esr-1
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5178
-CVE-2018-5177 (A vulnerability exists in XSLT during number formatting where a ...)
+CVE-2018-5177
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5177
-CVE-2018-5176 (The JSON Viewer displays clickable hyperlinks for strings that are ...)
+CVE-2018-5176
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5176
-CVE-2018-5175 (A mechanism to bypass Content Security Policy (CSP) protections on ...)
+CVE-2018-5175
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5175
-CVE-2018-5174 (In the Windows 10 April 2018 Update, Windows Defender SmartScreen ...)
+CVE-2018-5174
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	- thunderbird <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5174
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5174
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5174
-CVE-2018-5173 (The filename appearing in the &quot;Downloads&quot; panel improperly renders ...)
+CVE-2018-5173
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5173
-CVE-2018-5172 (The Live Bookmarks page and the PDF viewer can run injected script ...)
+CVE-2018-5172
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5172
 CVE-2018-5171
 	RESERVED
-CVE-2018-5170 (It is possible to spoof the filename of an attachment and display an ...)
+CVE-2018-5170
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170
-CVE-2018-5169 (If manipulated hyperlinked text with &quot;chrome:&quot; URL contained in it is ...)
+CVE-2018-5169
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5169
-CVE-2018-5168 (Sites can bypass security checks on permissions to install lightweight ...)
+CVE-2018-5168
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41602,33 +41592,33 @@ CVE-2018-5168 (Sites can bypass security checks on permissions to install lightw
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5168
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5168
-CVE-2018-5167 (The web console and JavaScript debugger do not sanitize all output ...)
+CVE-2018-5167
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5167
-CVE-2018-5166 (WebExtensions can use request redirection and a &quot;filterReponseData&quot; ...)
+CVE-2018-5166
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5166
-CVE-2018-5165 (In 32-bit versions of Firefox, the Adobe Flash plugin setting for ...)
+CVE-2018-5165
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5165
-CVE-2018-5164 (Content Security Policy (CSP) is not applied correctly to all parts of ...)
+CVE-2018-5164
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5164
-CVE-2018-5163 (If a malicious attacker has used another vulnerability to gain full ...)
+CVE-2018-5163
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5163
-CVE-2018-5162 (Plaintext of decrypted emails can leak through the src attribute of ...)
+CVE-2018-5162
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162
-CVE-2018-5161 (Crafted message headers can cause a Thunderbird process to hang on ...)
+CVE-2018-5161
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161
-CVE-2018-5160 (WebRTC can use a &quot;WrappedI420Buffer&quot; pixel buffer but the owning image ...)
+CVE-2018-5160
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5160
-CVE-2018-5159 (An integer overflow can occur in the Skia library due to 32-bit ...)
+CVE-2018-5159
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41636,19 +41626,19 @@ CVE-2018-5159 (An integer overflow can occur in the Skia library due to 32-bit .
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5159
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5159
-CVE-2018-5158 (The PDF viewer does not sufficiently sanitize PostScript calculator ...)
+CVE-2018-5158
 	{DSA-4199-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5158
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158
-CVE-2018-5157 (Same-origin protections for the PDF viewer can be bypassed, allowing a ...)
+CVE-2018-5157
 	{DSA-4199-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5157
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157
-CVE-2018-5156 (A vulnerability can occur when capturing a media stream when the media ...)
+CVE-2018-5156
 	{DSA-4295-1 DSA-4235-1 DLA-1575-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -41656,7 +41646,7 @@ CVE-2018-5156 (A vulnerability can occur when capturing a media stream when the
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5156
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-5156
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-5156
-CVE-2018-5155 (A use-after-free vulnerability can occur while adjusting layout during ...)
+CVE-2018-5155
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41664,7 +41654,7 @@ CVE-2018-5155 (A use-after-free vulnerability can occur while adjusting layout d
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5155
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5155
-CVE-2018-5154 (A use-after-free vulnerability can occur while enumerating attributes ...)
+CVE-2018-5154
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41672,16 +41662,16 @@ CVE-2018-5154 (A use-after-free vulnerability can occur while enumerating attrib
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5154
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5154
-CVE-2018-5153 (If websocket data is sent with mixed text and binary in a single ...)
+CVE-2018-5153
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5153
-CVE-2018-5152 (WebExtensions with the appropriate permissions can attach content ...)
+CVE-2018-5152
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5152
-CVE-2018-5151 (Memory safety bugs were reported in Firefox 59. Some of these bugs ...)
+CVE-2018-5151
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5151
-CVE-2018-5150 (Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and ...)
+CVE-2018-5150
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41691,19 +41681,19 @@ CVE-2018-5150 (Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7,
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5150
 CVE-2018-5149
 	RESERVED
-CVE-2018-5148 (A use-after-free vulnerability can occur in the compositor during ...)
+CVE-2018-5148
 	{DSA-4153-1 DLA-1321-1}
 	- firefox 59.0.2-1
 	- firefox-esr 52.7.3esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
-CVE-2018-5147 (The libtremor library has the same flaw as CVE-2018-5146. This library ...)
+CVE-2018-5147
 	{DSA-4143-1 DSA-4141-1 DLA-1319-1 DLA-1312-1}
 	- firefox 59.0.1-1
 	- firefox-esr 52.7.2esr-1
 	- libvorbisidec 1.2.1+git20180316-1 (bug #893132)
 	NOTE: https://git.xiph.org/?p=tremor.git;a=commit;h=562307a4a7082e24553f3d2c55dab397a17c4b4f
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
-CVE-2018-5146 (An out of bounds memory write while processing Vorbis audio data was ...)
+CVE-2018-5146
 	{DSA-4155-1 DSA-4143-1 DSA-4140-1 DLA-1368-1 DLA-1327-1 DLA-1319-1}
 	- firefox 59.0.1-1
 	- firefox-esr 52.7.2esr-1
@@ -41712,66 +41702,66 @@ CVE-2018-5146 (An out of bounds memory write while processing Vorbis audio data
 	NOTE: https://git.xiph.org/?p=vorbis.git;a=commit;h=667ceb4aab60c1f74060143bb24e5f427b3cce5f
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5145 (Memory safety bugs were reported in Firefox ESR 52.6. These bugs ...)
+CVE-2018-5145
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox-esr 52.7.0esr-1
 	- thunderbird 1:52.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5144 (An integer overflow can occur during conversion of text to some ...)
+CVE-2018-5144
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox-esr 52.7.0esr-1
 	- thunderbird 1:52.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5143 (URLs using &quot;javascript:&quot; have the protocol removed when pasted into ...)
+CVE-2018-5143
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5142 (If Media Capture and Streams API permission is requested from ...)
+CVE-2018-5142
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5141 (A vulnerability in the notifications Push API where notifications can ...)
+CVE-2018-5141
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5140 (Image for moz-icons can be accessed through the &quot;moz-icon:&quot; protocol ...)
+CVE-2018-5140
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
 CVE-2018-5139
 	RESERVED
-CVE-2018-5138 (A spoofing vulnerability can occur when a malicious site with an ...)
+CVE-2018-5138
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5137 (A legacy extension's non-contentaccessible, defined resources can be ...)
+CVE-2018-5137
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5136 (A shared worker created from a &quot;data:&quot; URL in one tab can be shared by ...)
+CVE-2018-5136
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5135 (WebExtensions can bypass normal restrictions in some circumstances and ...)
+CVE-2018-5135
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5134 (WebExtensions may use &quot;view-source:&quot; URLs to view local &quot;file:&quot; URL ...)
+CVE-2018-5134
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5133 (If the &quot;app.support.baseURL&quot; preference is changed by a malicious ...)
+CVE-2018-5133
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5132 (The Find API for WebExtensions can search some privileged pages, such ...)
+CVE-2018-5132
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5131 (Under certain circumstances the &quot;fetch()&quot; API can return transient ...)
+CVE-2018-5131
 	{DSA-4139-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5130 (When packets with a mismatched RTP payload type are sent in WebRTC ...)
+CVE-2018-5130
 	{DSA-4139-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5129 (A lack of parameter validation on IPC messages results in a potential ...)
+CVE-2018-5129
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
@@ -41779,10 +41769,10 @@ CVE-2018-5129 (A lack of parameter validation on IPC messages results in a poten
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5128 (A use-after-free vulnerability can occur when manipulating elements, ...)
+CVE-2018-5128
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5127 (A buffer overflow can occur when manipulating the SVG ...)
+CVE-2018-5127
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
@@ -41790,10 +41780,10 @@ CVE-2018-5127 (A buffer overflow can occur when manipulating the SVG ...)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5126 (Memory safety bugs were reported in Firefox 58. Some of these bugs ...)
+CVE-2018-5126
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5125 (Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. ...)
+CVE-2018-5125
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
@@ -41810,21 +41800,21 @@ CVE-2018-5123
 	RESERVED
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
-CVE-2018-5122 (A potential integer overflow in the &quot;DoCrypt&quot; function of WebCrypto ...)
+CVE-2018-5122
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5122
-CVE-2018-5121 (Low descenders on some Tibetan characters in several fonts on OS X are ...)
+CVE-2018-5121
 	- firefox <not-affected> (Only affects Firefox on Mac OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5121
 CVE-2018-5120
 	RESERVED
-CVE-2018-5119 (The reader view will display cross-origin content when CORS headers ...)
+CVE-2018-5119
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5119
-CVE-2018-5118 (The screenshot images displayed in the Activity Stream page displayed ...)
+CVE-2018-5118
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5118
-CVE-2018-5117 (If right-to-left text is used in the addressbar with left-to-right ...)
+CVE-2018-5117
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41832,43 +41822,43 @@ CVE-2018-5117 (If right-to-left text is used in the addressbar with left-to-righ
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5117
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5117
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5117
-CVE-2018-5116 (WebExtensions with the &quot;ActiveTab&quot; permission are able to access ...)
+CVE-2018-5116
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5116
-CVE-2018-5115 (If an HTTP authentication prompt is triggered by a background network ...)
+CVE-2018-5115
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5115
-CVE-2018-5114 (If an existing cookie is changed to be &quot;HttpOnly&quot; while a document is ...)
+CVE-2018-5114
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5114
-CVE-2018-5113 (The &quot;browser.identity.launchWebAuthFlow&quot; function of WebExtensions is ...)
+CVE-2018-5113
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5113
-CVE-2018-5112 (Development Tools panels of an extension are required to load URLs for ...)
+CVE-2018-5112
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5112
-CVE-2018-5111 (When the text of a specially formatted URL is dragged to the ...)
+CVE-2018-5111
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5111
-CVE-2018-5110 (If cursor visibility is toggled by script using from 'none' to an ...)
+CVE-2018-5110
 	- firefox <not-affected> (Only affects Firefox on Mac OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5110
-CVE-2018-5109 (An audio capture session can started under an incorrect origin from ...)
+CVE-2018-5109
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5109
-CVE-2018-5108 (A Blob URL can violate origin attribute segregation, allowing it to be ...)
+CVE-2018-5108
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5108
-CVE-2018-5107 (The printing process can bypass local access protections to read files ...)
+CVE-2018-5107
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5107
-CVE-2018-5106 (Style editor traffic in the Developer Tools can be routed through a ...)
+CVE-2018-5106
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5106
-CVE-2018-5105 (WebExtensions can bypass user prompts to first save and then open an ...)
+CVE-2018-5105
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5105
-CVE-2018-5104 (A use-after-free vulnerability can occur during font face manipulation ...)
+CVE-2018-5104
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41876,7 +41866,7 @@ CVE-2018-5104 (A use-after-free vulnerability can occur during font face manipul
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5104
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5104
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5104
-CVE-2018-5103 (A use-after-free vulnerability can occur during mouse event handling ...)
+CVE-2018-5103
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41884,7 +41874,7 @@ CVE-2018-5103 (A use-after-free vulnerability can occur during mouse event handl
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5103
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5103
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5103
-CVE-2018-5102 (A use-after-free vulnerability can occur when manipulating HTML media ...)
+CVE-2018-5102
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41892,13 +41882,13 @@ CVE-2018-5102 (A use-after-free vulnerability can occur when manipulating HTML m
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5102
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5102
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5102
-CVE-2018-5101 (A use-after-free vulnerability can occur when manipulating floating ...)
+CVE-2018-5101
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5101
-CVE-2018-5100 (A use-after-free vulnerability can occur when arguments passed to the ...)
+CVE-2018-5100
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5100
-CVE-2018-5099 (A use-after-free vulnerability can occur when the widget listener is ...)
+CVE-2018-5099
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41906,7 +41896,7 @@ CVE-2018-5099 (A use-after-free vulnerability can occur when the widget listener
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5099
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5099
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5099
-CVE-2018-5098 (A use-after-free vulnerability can occur when form input elements, ...)
+CVE-2018-5098
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41914,7 +41904,7 @@ CVE-2018-5098 (A use-after-free vulnerability can occur when form input elements
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5098
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5098
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5098
-CVE-2018-5097 (A use-after-free vulnerability can occur during XSL transformations ...)
+CVE-2018-5097
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41922,13 +41912,13 @@ CVE-2018-5097 (A use-after-free vulnerability can occur during XSL transformatio
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5097
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5097
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5097
-CVE-2018-5096 (A use-after-free vulnerability can occur while editing events in form ...)
+CVE-2018-5096
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox-esr 52.6.0esr-1
 	- thunderbird 1:52.6.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5096
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5096
-CVE-2018-5095 (An integer overflow vulnerability in the Skia library when allocating ...)
+CVE-2018-5095
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41937,25 +41927,25 @@ CVE-2018-5095 (An integer overflow vulnerability in the Skia library when alloca
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5095
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5095
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5095
-CVE-2018-5094 (A heap buffer overflow vulnerability may occur in WebAssembly when ...)
+CVE-2018-5094
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5094
-CVE-2018-5093 (A heap buffer overflow vulnerability may occur in WebAssembly during ...)
+CVE-2018-5093
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5093
-CVE-2018-5092 (A use-after-free vulnerability can occur when the thread for a Web ...)
+CVE-2018-5092
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5092
-CVE-2018-5091 (A use-after-free vulnerability can occur during WebRTC connections ...)
+CVE-2018-5091
 	{DSA-4102-1 DSA-4096-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5091
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5091
-CVE-2018-5090 (Memory safety bugs were reported in Firefox 57. Some of these bugs ...)
+CVE-2018-5090
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5090
-CVE-2018-5089 (Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. ...)
+CVE-2018-5089
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41963,447 +41953,447 @@ CVE-2018-5089 (Memory safety bugs were reported in Firefox 57 and Firefox ESR 52
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5089
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5089
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5089
-CVE-2018-5088 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5088
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5087 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5087
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5086 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5086
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5085 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5085
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5084 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5084
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5083 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5083
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5082 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5082
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5081 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5081
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5080 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5080
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5079 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
+CVE-2018-5079
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5078 (Online Ticket Booking has XSS via the admin/eventlist.php cast ...)
+CVE-2018-5078
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5077 (Online Ticket Booking has XSS via the admin/movieedit.php moviename ...)
+CVE-2018-5077
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5076 (Online Ticket Booking has XSS via the admin/newsedit.php newstitle ...)
+CVE-2018-5076
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5075 (Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name ...)
+CVE-2018-5075
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5074 (Online Ticket Booking has XSS via the admin/manageownerlist.php contact ...)
+CVE-2018-5074
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5073 (Online Ticket Booking has CSRF via admin/movieedit.php. ...)
+CVE-2018-5073
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5072 (Online Ticket Booking has XSS via the admin/sitesettings.php keyword ...)
+CVE-2018-5072
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5071 (Persistent XSS exists in the web server on Cobham Sea Tel 116 build ...)
+CVE-2018-5071
 	NOT-FOR-US: Cobham Sea Tel 116 build 222429 satellite communication system devices
-CVE-2018-5070 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5070
 	NOT-FOR-US: Adobe
-CVE-2018-5069 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5069
 	NOT-FOR-US: Adobe
-CVE-2018-5068 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5068
 	NOT-FOR-US: Adobe
-CVE-2018-5067 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5067
 	NOT-FOR-US: Adobe
-CVE-2018-5066 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5066
 	NOT-FOR-US: Adobe
-CVE-2018-5065 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5065
 	NOT-FOR-US: Adobe
-CVE-2018-5064 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5064
 	NOT-FOR-US: Adobe
-CVE-2018-5063 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5063
 	NOT-FOR-US: Adobe
-CVE-2018-5062 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5062
 	NOT-FOR-US: Adobe
-CVE-2018-5061 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5061
 	NOT-FOR-US: Adobe
-CVE-2018-5060 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5060
 	NOT-FOR-US: Adobe
-CVE-2018-5059 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5059
 	NOT-FOR-US: Adobe
-CVE-2018-5058 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5058
 	NOT-FOR-US: Adobe
-CVE-2018-5057 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5057
 	NOT-FOR-US: Adobe
-CVE-2018-5056 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5056
 	NOT-FOR-US: Adobe
-CVE-2018-5055 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5055
 	NOT-FOR-US: Adobe
-CVE-2018-5054 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5054
 	NOT-FOR-US: Adobe
-CVE-2018-5053 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5053
 	NOT-FOR-US: Adobe
-CVE-2018-5052 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5052
 	NOT-FOR-US: Adobe
-CVE-2018-5051 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5051
 	NOT-FOR-US: Adobe
-CVE-2018-5050 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5050
 	NOT-FOR-US: Adobe
-CVE-2018-5049 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5049
 	NOT-FOR-US: Adobe
-CVE-2018-5048 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5048
 	NOT-FOR-US: Adobe
-CVE-2018-5047 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5047
 	NOT-FOR-US: Adobe
-CVE-2018-5046 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5046
 	NOT-FOR-US: Adobe
-CVE-2018-5045 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5045
 	NOT-FOR-US: Adobe
-CVE-2018-5044 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5044
 	NOT-FOR-US: Adobe
-CVE-2018-5043 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5043
 	NOT-FOR-US: Adobe
-CVE-2018-5042 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5042
 	NOT-FOR-US: Adobe
-CVE-2018-5041 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5041
 	NOT-FOR-US: Adobe
-CVE-2018-5040 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5040
 	NOT-FOR-US: Adobe
-CVE-2018-5039 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5039
 	NOT-FOR-US: Adobe
-CVE-2018-5038 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5038
 	NOT-FOR-US: Adobe
-CVE-2018-5037 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5037
 	NOT-FOR-US: Adobe
-CVE-2018-5036 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5036
 	NOT-FOR-US: Adobe
-CVE-2018-5035 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5035
 	NOT-FOR-US: Adobe
-CVE-2018-5034 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5034
 	NOT-FOR-US: Adobe
-CVE-2018-5033 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5033
 	NOT-FOR-US: Adobe
-CVE-2018-5032 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5032
 	NOT-FOR-US: Adobe
-CVE-2018-5031 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5031
 	NOT-FOR-US: Adobe
-CVE-2018-5030 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5030
 	NOT-FOR-US: Adobe
-CVE-2018-5029 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5029
 	NOT-FOR-US: Adobe
-CVE-2018-5028 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5028
 	NOT-FOR-US: Adobe
-CVE-2018-5027 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5027
 	NOT-FOR-US: Adobe
-CVE-2018-5026 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5026
 	NOT-FOR-US: Adobe
-CVE-2018-5025 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5025
 	NOT-FOR-US: Adobe
-CVE-2018-5024 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5024
 	NOT-FOR-US: Adobe
-CVE-2018-5023 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5023
 	NOT-FOR-US: Adobe
-CVE-2018-5022 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5022
 	NOT-FOR-US: Adobe
-CVE-2018-5021 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5021
 	NOT-FOR-US: Adobe
-CVE-2018-5020 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5020
 	NOT-FOR-US: Adobe
-CVE-2018-5019 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5019
 	NOT-FOR-US: Adobe
-CVE-2018-5018 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5018
 	NOT-FOR-US: Adobe
-CVE-2018-5017 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5017
 	NOT-FOR-US: Adobe
-CVE-2018-5016 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5016
 	NOT-FOR-US: Adobe
-CVE-2018-5015 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5015
 	NOT-FOR-US: Adobe
-CVE-2018-5014 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5014
 	NOT-FOR-US: Adobe
 CVE-2018-5013
 	REJECTED
-CVE-2018-5012 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5012
 	NOT-FOR-US: Adobe
-CVE-2018-5011 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5011
 	NOT-FOR-US: Adobe
-CVE-2018-5010 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5010
 	NOT-FOR-US: Adobe
-CVE-2018-5009 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and ...)
+CVE-2018-5009
 	NOT-FOR-US: Adobe
-CVE-2018-5008 (Adobe Flash Player 30.0.0.113 and earlier versions have an ...)
+CVE-2018-5008
 	NOT-FOR-US: Adobe
-CVE-2018-5007 (Adobe Flash Player 30.0.0.113 and earlier versions have a Type ...)
+CVE-2018-5007
 	NOT-FOR-US: Adobe
-CVE-2018-5006 (Adobe Experience Manager versions 6.4 and earlier have a Server-Side ...)
+CVE-2018-5006
 	NOT-FOR-US: Adobe
-CVE-2018-5005 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
+CVE-2018-5005
 	NOT-FOR-US: Adobe Experience Manager
-CVE-2018-5004 (Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side ...)
+CVE-2018-5004
 	NOT-FOR-US: Adobe
-CVE-2018-5003 (Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer) ...)
+CVE-2018-5003
 	NOT-FOR-US: Adobe
-CVE-2018-5002 (Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based ...)
+CVE-2018-5002
 	NOT-FOR-US: Adobe
-CVE-2018-5001 (Adobe Flash Player versions 29.0.0.171 and earlier have an ...)
+CVE-2018-5001
 	NOT-FOR-US: Adobe
-CVE-2018-5000 (Adobe Flash Player versions 29.0.0.171 and earlier have an Integer ...)
+CVE-2018-5000
 	NOT-FOR-US: Adobe
-CVE-2018-4999 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, ...)
+CVE-2018-4999
 	NOT-FOR-US: Adobe
-CVE-2018-4998 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, ...)
+CVE-2018-4998
 	NOT-FOR-US: Adobe
-CVE-2018-4997 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, ...)
+CVE-2018-4997
 	NOT-FOR-US: Adobe
-CVE-2018-4996 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4996
 	NOT-FOR-US: Adobe
-CVE-2018-4995 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4995
 	NOT-FOR-US: Adobe
-CVE-2018-4994 (Adobe Connect versions 9.7.5 and earlier have an exploitable ...)
+CVE-2018-4994
 	NOT-FOR-US: Adobe
-CVE-2018-4993 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4993
 	NOT-FOR-US: Adobe
-CVE-2018-4992 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier ...)
+CVE-2018-4992
 	NOT-FOR-US: Adobe
-CVE-2018-4991 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier ...)
+CVE-2018-4991
 	NOT-FOR-US: Adobe
-CVE-2018-4990 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4990
 	NOT-FOR-US: Adobe
-CVE-2018-4989 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4989
 	NOT-FOR-US: Adobe
-CVE-2018-4988 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4988
 	NOT-FOR-US: Adobe
-CVE-2018-4987 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4987
 	NOT-FOR-US: Adobe
-CVE-2018-4986 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4986
 	NOT-FOR-US: Adobe
-CVE-2018-4985 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4985
 	NOT-FOR-US: Adobe
-CVE-2018-4984 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4984
 	NOT-FOR-US: Adobe
-CVE-2018-4983 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4983
 	NOT-FOR-US: Adobe
-CVE-2018-4982 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4982
 	NOT-FOR-US: Adobe
-CVE-2018-4981 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4981
 	NOT-FOR-US: Adobe
-CVE-2018-4980 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4980
 	NOT-FOR-US: Adobe
-CVE-2018-4979 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4979
 	NOT-FOR-US: Adobe
-CVE-2018-4978 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4978
 	NOT-FOR-US: Adobe
-CVE-2018-4977 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4977
 	NOT-FOR-US: Adobe
-CVE-2018-4976 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4976
 	NOT-FOR-US: Adobe
-CVE-2018-4975 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4975
 	NOT-FOR-US: Adobe
-CVE-2018-4974 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4974
 	NOT-FOR-US: Adobe
-CVE-2018-4973 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4973
 	NOT-FOR-US: Adobe
-CVE-2018-4972 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4972
 	NOT-FOR-US: Adobe
-CVE-2018-4971 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4971
 	NOT-FOR-US: Adobe
-CVE-2018-4970 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4970
 	NOT-FOR-US: Adobe
-CVE-2018-4969 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4969
 	NOT-FOR-US: Adobe
-CVE-2018-4968 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4968
 	NOT-FOR-US: Adobe
-CVE-2018-4967 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4967
 	NOT-FOR-US: Adobe
-CVE-2018-4966 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4966
 	NOT-FOR-US: Adobe
-CVE-2018-4965 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4965
 	NOT-FOR-US: Adobe
-CVE-2018-4964 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4964
 	NOT-FOR-US: Adobe
-CVE-2018-4963 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4963
 	NOT-FOR-US: Adobe
-CVE-2018-4962 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4962
 	NOT-FOR-US: Adobe
-CVE-2018-4961 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4961
 	NOT-FOR-US: Adobe
-CVE-2018-4960 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4960
 	NOT-FOR-US: Adobe
-CVE-2018-4959 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4959
 	NOT-FOR-US: Adobe
-CVE-2018-4958 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4958
 	NOT-FOR-US: Adobe
-CVE-2018-4957 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4957
 	NOT-FOR-US: Adobe
-CVE-2018-4956 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4956
 	NOT-FOR-US: Adobe
-CVE-2018-4955 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4955
 	NOT-FOR-US: Adobe
-CVE-2018-4954 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4954
 	NOT-FOR-US: Adobe
-CVE-2018-4953 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4953
 	NOT-FOR-US: Adobe
-CVE-2018-4952 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4952
 	NOT-FOR-US: VMware Xenon
-CVE-2018-4951 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4951
 	NOT-FOR-US: Adobe
-CVE-2018-4950 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4950
 	NOT-FOR-US: Adobe
-CVE-2018-4949 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4949
 	NOT-FOR-US: Adobe
-CVE-2018-4948 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4948
 	NOT-FOR-US: Adobe
-CVE-2018-4947 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, ...)
+CVE-2018-4947
 	NOT-FOR-US: VMware Xenon
-CVE-2018-4946 (Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and ...)
+CVE-2018-4946
 	NOT-FOR-US: Adobe
-CVE-2018-4945 (Adobe Flash Player versions 29.0.0.171 and earlier have a Type ...)
+CVE-2018-4945
 	NOT-FOR-US: Adobe
-CVE-2018-4944 (Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable ...)
+CVE-2018-4944
 	NOT-FOR-US: Adobe
-CVE-2018-4943 (Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an ...)
+CVE-2018-4943
 	NOT-FOR-US: Adobe
-CVE-2018-4942 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
+CVE-2018-4942
 	NOT-FOR-US: Adobe
-CVE-2018-4941 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
+CVE-2018-4941
 	NOT-FOR-US: Adobe
-CVE-2018-4940 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
+CVE-2018-4940
 	NOT-FOR-US: Adobe
-CVE-2018-4939 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
+CVE-2018-4939
 	NOT-FOR-US: Adobe
-CVE-2018-4938 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 ...)
+CVE-2018-4938
 	NOT-FOR-US: Adobe
-CVE-2018-4937 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
+CVE-2018-4937
 	NOT-FOR-US: Adobe
-CVE-2018-4936 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
+CVE-2018-4936
 	NOT-FOR-US: Adobe
-CVE-2018-4935 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
+CVE-2018-4935
 	NOT-FOR-US: Adobe
-CVE-2018-4934 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
+CVE-2018-4934
 	NOT-FOR-US: Adobe
-CVE-2018-4933 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
+CVE-2018-4933
 	NOT-FOR-US: Adobe
-CVE-2018-4932 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
+CVE-2018-4932
 	NOT-FOR-US: Adobe
-CVE-2018-4931 (Adobe Experience Manager versions 6.1 and earlier have an exploitable ...)
+CVE-2018-4931
 	NOT-FOR-US: Adobe
-CVE-2018-4930 (Adobe Experience Manager versions 6.3 and earlier have an exploitable ...)
+CVE-2018-4930
 	NOT-FOR-US: Adobe
-CVE-2018-4929 (Adobe Experience Manager versions 6.2 and earlier have an exploitable ...)
+CVE-2018-4929
 	NOT-FOR-US: Adobe
-CVE-2018-4928 (Adobe InDesign versions 13.0 and below have an exploitable Memory ...)
+CVE-2018-4928
 	NOT-FOR-US: Adobe
-CVE-2018-4927 (Adobe InDesign versions 13.0 and below have an exploitable Untrusted ...)
+CVE-2018-4927
 	NOT-FOR-US: Adobe
-CVE-2018-4926 (Adobe Digital Editions versions 4.5.7 and below have an exploitable ...)
+CVE-2018-4926
 	NOT-FOR-US: Adobe
-CVE-2018-4925 (Adobe Digital Editions versions 4.5.7 and below have an exploitable ...)
+CVE-2018-4925
 	NOT-FOR-US: Adobe
-CVE-2018-4924 (Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command ...)
+CVE-2018-4924
 	NOT-FOR-US: Adobe
-CVE-2018-4923 (Adobe Connect versions 9.7 and earlier have an exploitable OS Command ...)
+CVE-2018-4923
 	NOT-FOR-US: Adobe
 CVE-2018-4922
 	REJECTED
-CVE-2018-4921 (Adobe Connect versions 9.7 and earlier have an exploitable unrestricted ...)
+CVE-2018-4921
 	NOT-FOR-US: Adobe
-CVE-2018-4920 (Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable ...)
+CVE-2018-4920
 	NOT-FOR-US: Adobe
-CVE-2018-4919 (Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable ...)
+CVE-2018-4919
 	NOT-FOR-US: Adobe
-CVE-2018-4918 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, ...)
+CVE-2018-4918
 	NOT-FOR-US: Adobe
-CVE-2018-4917 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, ...)
+CVE-2018-4917
 	NOT-FOR-US: Adobe
-CVE-2018-4916 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4916
 	NOT-FOR-US: Adobe
-CVE-2018-4915 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4915
 	NOT-FOR-US: Adobe
-CVE-2018-4914 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4914
 	NOT-FOR-US: Adobe
-CVE-2018-4913 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4913
 	NOT-FOR-US: Adobe
-CVE-2018-4912 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4912
 	NOT-FOR-US: Adobe
-CVE-2018-4911 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4911
 	NOT-FOR-US: Adobe
-CVE-2018-4910 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4910
 	NOT-FOR-US: Adobe
-CVE-2018-4909 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4909
 	NOT-FOR-US: Adobe
-CVE-2018-4908 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4908
 	NOT-FOR-US: Adobe
-CVE-2018-4907 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4907
 	NOT-FOR-US: Adobe
-CVE-2018-4906 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4906
 	NOT-FOR-US: Adobe
-CVE-2018-4905 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4905
 	NOT-FOR-US: Adobe
-CVE-2018-4904 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4904
 	NOT-FOR-US: Adobe
-CVE-2018-4903 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4903
 	NOT-FOR-US: Adobe
-CVE-2018-4902 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4902
 	NOT-FOR-US: Adobe
-CVE-2018-4901 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4901
 	NOT-FOR-US: Adobe
-CVE-2018-4900 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4900
 	NOT-FOR-US: Adobe
-CVE-2018-4899 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4899
 	NOT-FOR-US: Adobe
-CVE-2018-4898 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4898
 	NOT-FOR-US: Adobe
-CVE-2018-4897 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4897
 	NOT-FOR-US: Adobe
-CVE-2018-4896 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4896
 	NOT-FOR-US: Adobe
-CVE-2018-4895 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4895
 	NOT-FOR-US: Adobe
-CVE-2018-4894 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4894
 	NOT-FOR-US: Adobe
-CVE-2018-4893 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4893
 	NOT-FOR-US: Adobe
-CVE-2018-4892 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4892
 	NOT-FOR-US: Adobe
-CVE-2018-4891 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4891
 	NOT-FOR-US: Adobe
-CVE-2018-4890 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4890
 	NOT-FOR-US: Adobe
-CVE-2018-4889 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4889
 	NOT-FOR-US: Adobe
-CVE-2018-4888 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4888
 	NOT-FOR-US: Adobe
-CVE-2018-4887 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4887
 	NOT-FOR-US: Adobe
-CVE-2018-4886 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4886
 	NOT-FOR-US: Adobe
-CVE-2018-4885 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4885
 	NOT-FOR-US: Adobe
-CVE-2018-4884 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4884
 	NOT-FOR-US: Adobe
-CVE-2018-4883 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4883
 	NOT-FOR-US: Adobe
-CVE-2018-4882 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4882
 	NOT-FOR-US: Adobe
-CVE-2018-4881 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4881
 	NOT-FOR-US: Adobe
-CVE-2018-4880 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4880
 	NOT-FOR-US: Adobe
-CVE-2018-4879 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4879
 	NOT-FOR-US: Adobe
-CVE-2018-4878 (A use-after-free vulnerability was discovered in Adobe Flash Player ...)
+CVE-2018-4878
 	NOT-FOR-US: Adobe Flash Player
-CVE-2018-4877 (A use-after-free vulnerability was discovered in Adobe Flash Player ...)
+CVE-2018-4877
 	NOT-FOR-US: Adobe Flash Player
-CVE-2018-4876 (Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to ...)
+CVE-2018-4876
 	NOT-FOR-US: Adobe Experience Manager
-CVE-2018-4875 (Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a ...)
+CVE-2018-4875
 	NOT-FOR-US: Adobe Experience Manager
 CVE-2018-4874
 	REJECTED
-CVE-2018-4873 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier ...)
+CVE-2018-4873
 	NOT-FOR-US: Adobe
-CVE-2018-4872 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ...)
+CVE-2018-4872
 	NOT-FOR-US: Adobe
-CVE-2018-4871 (An Out-of-bounds Read issue was discovered in Adobe Flash Player before ...)
+CVE-2018-4871
 	NOT-FOR-US: Adobe Flash Player
 CVE-2018-4870
 	RESERVED
 CVE-2018-4869
 	RESERVED
-CVE-2018-4868 (The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 ...)
+CVE-2018-4868
 	- exiv2 <not-affected> (Vulnerable code introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/202
 CVE-2018-4867
@@ -42414,69 +42404,69 @@ CVE-2018-4865
 	RESERVED
 CVE-2018-4864
 	RESERVED
-CVE-2018-4863 (Sophos Endpoint Protection 10.7 allows local users to bypass an ...)
+CVE-2018-4863
 	NOT-FOR-US: Sophos
-CVE-2018-4862 (In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an ...)
+CVE-2018-4862
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-4861 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
+CVE-2018-4861
 	NOT-FOR-US: SCALANCE
-CVE-2018-4860 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
+CVE-2018-4860
 	NOT-FOR-US: SCALANCE
-CVE-2018-4859 (A vulnerability has been identified in SCALANCE M875 (All versions). ...)
+CVE-2018-4859
 	NOT-FOR-US: SCALANCE
-CVE-2018-4858 (A vulnerability has been identified in IEC 61850 system configurator ...)
+CVE-2018-4858
 	NOT-FOR-US: IEC
 CVE-2018-4857
 	RESERVED
-CVE-2018-4856 (A vulnerability has been identified in SICLOCK TC100 (All versions) ...)
+CVE-2018-4856
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4855 (A vulnerability has been identified in SICLOCK TC100 (All versions) ...)
+CVE-2018-4855
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4854 (A vulnerability has been identified in SICLOCK TC100 (All versions) ...)
+CVE-2018-4854
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4853 (A vulnerability has been identified in SICLOCK TC100 (All versions) ...)
+CVE-2018-4853
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4852 (A vulnerability has been identified in SICLOCK TC100 (All versions) ...)
+CVE-2018-4852
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4851 (A vulnerability has been identified in SICLOCK TC100 (All versions) ...)
+CVE-2018-4851
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4850 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU ...)
+CVE-2018-4850
 	NOT-FOR-US: SIMATIC
-CVE-2018-4849 (A vulnerability has been identified in Siveillance VMS Video for ...)
+CVE-2018-4849
 	NOT-FOR-US: Siveillance VMS Video
-CVE-2018-4848 (A vulnerability has been identified in SCALANCE X-200 (All versions &lt; ...)
+CVE-2018-4848
 	NOT-FOR-US: Siemens SCALANCE X switches
-CVE-2018-4847 (A vulnerability has been identified in SIMATIC WinCC OA Operator iOS ...)
+CVE-2018-4847
 	NOT-FOR-US: SIMATIC WinCC OA Operator iOS App
-CVE-2018-4846 (A vulnerability has been identified in RAPIDLab 1200 systems / ...)
+CVE-2018-4846
 	NOT-FOR-US: RAPIDLab
-CVE-2018-4845 (A vulnerability has been identified in RAPIDLab 1200 systems / ...)
+CVE-2018-4845
 	NOT-FOR-US: RAPIDLab
-CVE-2018-4844 (A vulnerability has been identified in SIMATIC WinCC OA UI for Android ...)
+CVE-2018-4844
 	NOT-FOR-US: SIMATIC
-CVE-2018-4843 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (All ...)
+CVE-2018-4843
 	NOT-FOR-US: SIMATIC
-CVE-2018-4842 (A vulnerability has been identified in SCALANCE X-200 IRT (All ...)
+CVE-2018-4842
 	NOT-FOR-US: Siemens SCALANCE X switches
-CVE-2018-4841 (A vulnerability has been identified in TIM 1531 IRC (All versions &lt; ...)
+CVE-2018-4841
 	NOT-FOR-US: TIM
-CVE-2018-4840 (A vulnerability has been identified in Siemens DIGSI 4 (All versions &lt; ...)
+CVE-2018-4840
 	NOT-FOR-US: Siemens
-CVE-2018-4839 (A vulnerability has been identified in Siemens DIGSI 4 (All versions &lt; ...)
+CVE-2018-4839
 	NOT-FOR-US: Siemens
-CVE-2018-4838 (A vulnerability has been identified in Siemens EN100 Ethernet module ...)
+CVE-2018-4838
 	NOT-FOR-US: Siemens
-CVE-2018-4837 (A vulnerability has been identified in TeleControl Server Basic &lt; ...)
+CVE-2018-4837
 	NOT-FOR-US: Siemens / TeleControl Server Basic
-CVE-2018-4836 (A vulnerability has been identified in TeleControl Server Basic &lt; ...)
+CVE-2018-4836
 	NOT-FOR-US: Siemens / TeleControl Server Basic
-CVE-2018-4835 (A vulnerability has been identified in TeleControl Server Basic &lt; ...)
+CVE-2018-4835
 	NOT-FOR-US: Siemens / TeleControl Server Basic
-CVE-2018-4834 (A vulnerability has been identified in Desigo Automation Controllers ...)
+CVE-2018-4834
 	NOT-FOR-US: Desigo
-CVE-2018-4833 (A vulnerability has been identified in RFID 181-EIP (All versions), ...)
+CVE-2018-4833
 	NOT-FOR-US: Siemens
-CVE-2018-4832 (A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All ...)
+CVE-2018-4832
 	NOT-FOR-US: Siemens
 CVE-2018-4831
 	RESERVED
@@ -43358,7 +43348,7 @@ CVE-2018-4406
 	RESERVED
 CVE-2018-4405
 	RESERVED
-CVE-2018-4404 (In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory ...)
+CVE-2018-4404
 	NOT-FOR-US: Apple
 CVE-2018-4403
 	RESERVED
@@ -43542,7 +43532,7 @@ CVE-2018-4332
 	RESERVED
 CVE-2018-4331
 	RESERVED
-CVE-2018-4330 (In iOS before 11.4, a memory corruption issue exists and was addressed ...)
+CVE-2018-4330
 	NOT-FOR-US: Apple
 CVE-2018-4329
 	RESERVED
@@ -43647,7 +43637,7 @@ CVE-2018-4299
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4298 (In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, ...)
+CVE-2018-4298
 	NOT-FOR-US: Apple
 CVE-2018-4297
 	RESERVED
@@ -43684,17 +43674,17 @@ CVE-2018-4283
 	RESERVED
 CVE-2018-4282
 	RESERVED
-CVE-2018-4281 (In SwiftNIO before 1.8.0, a buffer overflow was addressed with ...)
+CVE-2018-4281
 	NOT-FOR-US: Apple
 CVE-2018-4280
 	RESERVED
 CVE-2018-4279
 	RESERVED
-CVE-2018-4278 (In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before ...)
+CVE-2018-4278
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
-CVE-2018-4277 (In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari ...)
+CVE-2018-4277
 	NOT-FOR-US: Apple
 CVE-2018-4276
 	RESERVED
@@ -43751,7 +43741,7 @@ CVE-2018-4263
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
-CVE-2018-4262 (In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before ...)
+CVE-2018-4262
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
@@ -43764,174 +43754,174 @@ CVE-2018-4260
 	RESERVED
 CVE-2018-4259
 	RESERVED
-CVE-2018-4258 (In macOS High Sierra before 10.13.5, a buffer overflow was addressed ...)
+CVE-2018-4258
 	NOT-FOR-US: Apple
-CVE-2018-4257 (In macOS High Sierra before 10.13.5, a buffer overflow was addressed ...)
+CVE-2018-4257
 	NOT-FOR-US: Apple
-CVE-2018-4256 (In macOS High Sierra before 10.13.5, an out-of-bounds read was ...)
+CVE-2018-4256
 	NOT-FOR-US: Apple
-CVE-2018-4255 (In macOS High Sierra before 10.13.5, an out-of-bounds read was ...)
+CVE-2018-4255
 	NOT-FOR-US: Apple
-CVE-2018-4254 (In macOS High Sierra before 10.13.5, an input validation issue existed ...)
+CVE-2018-4254
 	NOT-FOR-US: Apple
-CVE-2018-4253 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4253
 	NOT-FOR-US: Apple
-CVE-2018-4252 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4252
 	NOT-FOR-US: Apple
-CVE-2018-4251 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4251
 	NOT-FOR-US: Apple
-CVE-2018-4250 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4250
 	NOT-FOR-US: Apple
-CVE-2018-4249 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4249
 	NOT-FOR-US: Apple
 CVE-2018-4248
 	RESERVED
-CVE-2018-4247 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4247
 	NOT-FOR-US: Apple
-CVE-2018-4246 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4246
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
 CVE-2018-4245
 	RESERVED
-CVE-2018-4244 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4244
 	NOT-FOR-US: Apple
-CVE-2018-4243 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4243
 	NOT-FOR-US: Apple
-CVE-2018-4242 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4242
 	NOT-FOR-US: Apple
-CVE-2018-4241 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4241
 	NOT-FOR-US: Apple
-CVE-2018-4240 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4240
 	NOT-FOR-US: Apple
-CVE-2018-4239 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4239
 	NOT-FOR-US: Apple
-CVE-2018-4238 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4238
 	NOT-FOR-US: Apple
-CVE-2018-4237 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4237
 	NOT-FOR-US: Apple
-CVE-2018-4236 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4236
 	NOT-FOR-US: Apple
-CVE-2018-4235 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4235
 	NOT-FOR-US: Apple
-CVE-2018-4234 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4234
 	NOT-FOR-US: Apple
-CVE-2018-4233 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4233
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4232 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4232
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
 CVE-2018-4231
 	RESERVED
-CVE-2018-4230 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4230
 	NOT-FOR-US: Apple
-CVE-2018-4229 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4229
 	NOT-FOR-US: Apple
-CVE-2018-4228 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4228
 	NOT-FOR-US: Apple
-CVE-2018-4227 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4227
 	NOT-FOR-US: Apple
-CVE-2018-4226 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4226
 	NOT-FOR-US: Apple
-CVE-2018-4225 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4225
 	NOT-FOR-US: Apple
-CVE-2018-4224 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4224
 	NOT-FOR-US: Apple
-CVE-2018-4223 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4223
 	NOT-FOR-US: Apple
-CVE-2018-4222 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4222
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4221 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4221
 	NOT-FOR-US: Apple
-CVE-2018-4220 (An issue was discovered in certain Apple products. Swift before 4.1.1 ...)
+CVE-2018-4220
 	NOT-FOR-US: Apple
-CVE-2018-4219 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4219
 	NOT-FOR-US: Apple
-CVE-2018-4218 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4218
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4217 (In macOS High Sierra before 10.13.5, a privacy issue in the handling ...)
+CVE-2018-4217
 	NOT-FOR-US: Apple
 CVE-2018-4216
 	RESERVED
-CVE-2018-4215 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4215
 	NOT-FOR-US: Apple
-CVE-2018-4214 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4214
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4213 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
+CVE-2018-4213
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4212 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
+CVE-2018-4212
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4211 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4211
 	NOT-FOR-US: Apple
-CVE-2018-4210 (In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS ...)
+CVE-2018-4210
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4209 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
+CVE-2018-4209
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4208 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
+CVE-2018-4208
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4207 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
+CVE-2018-4207
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4206 (An issue was discovered in certain Apple products. iOS before 11.3.1 ...)
+CVE-2018-4206
 	NOT-FOR-US: Apple
-CVE-2018-4205 (An issue was discovered in certain Apple products. Safari before ...)
+CVE-2018-4205
 	NOT-FOR-US: Apple
-CVE-2018-4204 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4204
 	- webkit2gtk 2.20.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
 	NOTE: Not covered by security support
 CVE-2018-4203
 	RESERVED
-CVE-2018-4202 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4202
 	NOT-FOR-US: Apple (iBooks component)
-CVE-2018-4201 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4201
 	- webkit2gtk 2.20.1-2 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4200 (An issue was discovered in certain Apple products. iOS before 11.3.1 ...)
+CVE-2018-4200
 	- webkit2gtk 2.20.2-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
 	NOTE: Not covered by security support
-CVE-2018-4199 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4199
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4198 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4198
 	NOT-FOR-US: Apple (UIKit component)
 CVE-2018-4197
 	RESERVED
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4196 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4196
 	NOT-FOR-US: Apple (Accessibility Framework component)
 CVE-2018-4195
 	RESERVED
-CVE-2018-4194 (In iOS before 11.4, iCloud for Windows before 7.5, watchOS before ...)
+CVE-2018-4194
 	NOT-FOR-US: Apple
-CVE-2018-4193 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4193
 	NOT-FOR-US: Apple (Windows Server component)
-CVE-2018-4192 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4192
 	- webkit2gtk 2.20.1-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
@@ -43940,283 +43930,283 @@ CVE-2018-4191
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4190 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4190
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4189 (In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security ...)
+CVE-2018-4189
 	NOT-FOR-US: Apple
-CVE-2018-4188 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+CVE-2018-4188
 	NOT-FOR-US: Safari
-CVE-2018-4187 (An issue was discovered in certain Apple products. iOS before 11.3.1 ...)
+CVE-2018-4187
 	NOT-FOR-US: Apple (LinkPresentation component)
-CVE-2018-4186 (In Safari before 11.1, an information leakage issue existed in the ...)
+CVE-2018-4186
 	NOT-FOR-US: Apple
-CVE-2018-4185 (In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS ...)
+CVE-2018-4185
 	NOT-FOR-US: Apple
-CVE-2018-4184 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4184
 	NOT-FOR-US: Apple (Speech component)
-CVE-2018-4183 (In macOS High Sierra before 10.13.5, an access issue was addressed ...)
+CVE-2018-4183
 	- cups <not-affected> (MacOS X specific issue)
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4182 (In macOS High Sierra before 10.13.5, an access issue was addressed ...)
+CVE-2018-4182
 	- cups <not-affected> (MacOS X specific issue)
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4181 (In macOS High Sierra before 10.13.5, an issue existed in CUPS. This ...)
+CVE-2018-4181
 	{DSA-4243-1 DLA-1426-1}
 	- cups 2.2.8-2
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4180 (In macOS High Sierra before 10.13.5, an issue existed in CUPS. This ...)
+CVE-2018-4180
 	{DSA-4243-1 DLA-1426-1}
 	- cups 2.2.8-2
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4179 (In macOS High Sierra before 10.13.4, there was an issue with the ...)
+CVE-2018-4179
 	NOT-FOR-US: Apple
 CVE-2018-4178
 	RESERVED
 CVE-2018-4177
 	RESERVED
-CVE-2018-4176 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4176
 	NOT-FOR-US: Apple
-CVE-2018-4175 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4175
 	NOT-FOR-US: Apple
-CVE-2018-4174 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4174
 	NOT-FOR-US: Apple
-CVE-2018-4173 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4173
 	NOT-FOR-US: Apple
-CVE-2018-4172 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4172
 	NOT-FOR-US: Apple
-CVE-2018-4171 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4171
 	NOT-FOR-US: Apple
-CVE-2018-4170 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4170
 	NOT-FOR-US: Apple
-CVE-2018-4169 (In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, ...)
+CVE-2018-4169
 	NOT-FOR-US: Apple
-CVE-2018-4168 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4168
 	NOT-FOR-US: Apple
-CVE-2018-4167 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4167
 	NOT-FOR-US: Apple
-CVE-2018-4166 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4166
 	NOT-FOR-US: Apple
-CVE-2018-4165 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4165
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4164 (An issue was discovered in certain Apple products. Xcode before 9.3 is ...)
+CVE-2018-4164
 	NOT-FOR-US: Apple
-CVE-2018-4163 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4163
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4162 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4162
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4161 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4161
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4160 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4160
 	NOT-FOR-US: Apple
-CVE-2018-4159 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4159
 	NOT-FOR-US: Apple
-CVE-2018-4158 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4158
 	NOT-FOR-US: Apple
-CVE-2018-4157 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4157
 	NOT-FOR-US: Apple
-CVE-2018-4156 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4156
 	NOT-FOR-US: Apple
-CVE-2018-4155 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4155
 	NOT-FOR-US: Apple
-CVE-2018-4154 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4154
 	NOT-FOR-US: Apple
 CVE-2018-4153
 	RESERVED
-CVE-2018-4152 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4152
 	NOT-FOR-US: Apple
-CVE-2018-4151 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4151
 	NOT-FOR-US: Apple
-CVE-2018-4150 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4150
 	NOT-FOR-US: Apple
-CVE-2018-4149 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4149
 	NOT-FOR-US: Apple
-CVE-2018-4148 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4148
 	NOT-FOR-US: Apple
-CVE-2018-4147 (In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before ...)
+CVE-2018-4147
 	NOT-FOR-US: Apple
-CVE-2018-4146 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4146
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
 CVE-2018-4145
 	RESERVED
-CVE-2018-4144 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4144
 	NOT-FOR-US: Apple
-CVE-2018-4143 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4143
 	NOT-FOR-US: Apple
-CVE-2018-4142 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4142
 	NOT-FOR-US: Apple
-CVE-2018-4141 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4141
 	NOT-FOR-US: Apple
-CVE-2018-4140 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4140
 	NOT-FOR-US: Apple
-CVE-2018-4139 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4139
 	NOT-FOR-US: Apple
-CVE-2018-4138 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4138
 	NOT-FOR-US: NVIDIA graphics driver for MacOS
-CVE-2018-4137 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4137
 	NOT-FOR-US: Apple
-CVE-2018-4136 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4136
 	NOT-FOR-US: Apple
-CVE-2018-4135 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4135
 	NOT-FOR-US: Apple
-CVE-2018-4134 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4134
 	NOT-FOR-US: Apple
-CVE-2018-4133 (An issue was discovered in certain Apple products. Safari before 11.1 ...)
+CVE-2018-4133
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4132 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4132
 	NOT-FOR-US: Intel graphics driver for MacOS
-CVE-2018-4131 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4131
 	NOT-FOR-US: Apple
-CVE-2018-4130 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4130
 	NOT-FOR-US: Apple
-CVE-2018-4129 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4129
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4128 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4128
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4127 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4127
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
 CVE-2018-4126
 	RESERVED
-CVE-2018-4125 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4125
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4124 (An issue was discovered in certain Apple products. iOS before 11.2.6 ...)
+CVE-2018-4124
 	NOT-FOR-US: Apple
-CVE-2018-4123 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4123
 	NOT-FOR-US: Apple
-CVE-2018-4122 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4122
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4121 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4121
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
 	NOTE: Not covered by security support
-CVE-2018-4120 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4120
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4119 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4119
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4118 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4118
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4117 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4117
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4116 (An issue was discovered in certain Apple products. Safari before 11.1 ...)
+CVE-2018-4116
 	NOT-FOR-US: Apple
-CVE-2018-4115 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4115
 	NOT-FOR-US: Apple
-CVE-2018-4114 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4114
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4113 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4113
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4112 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4112
 	NOT-FOR-US: Apple
-CVE-2018-4111 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4111
 	NOT-FOR-US: Apple
-CVE-2018-4110 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4110
 	NOT-FOR-US: Apple
-CVE-2018-4109 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4109
 	NOT-FOR-US: Apple
-CVE-2018-4108 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4108
 	NOT-FOR-US: Apple
-CVE-2018-4107 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4107
 	NOT-FOR-US: Apple
-CVE-2018-4106 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4106
 	NOT-FOR-US: Apple
-CVE-2018-4105 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4105
 	NOT-FOR-US: Apple
-CVE-2018-4104 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4104
 	NOT-FOR-US: Apple
 CVE-2018-4103
 	RESERVED
-CVE-2018-4102 (An issue was discovered in certain Apple products. Safari before 11.1 ...)
+CVE-2018-4102
 	NOT-FOR-US: Apple
-CVE-2018-4101 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
+CVE-2018-4101
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4100 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4100
 	NOT-FOR-US: Apple
 CVE-2018-4099
 	RESERVED
-CVE-2018-4098 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4098
 	NOT-FOR-US: Apple
-CVE-2018-4097 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4097
 	NOT-FOR-US: Apple
-CVE-2018-4096 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4096
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2018-4095 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4095
 	NOT-FOR-US: Apple bluetoothd
 	NOTE: https://blog.zimperium.com/cve-2018-4087-poc-escaping-sandbox-misleading-bluetoothd/
-CVE-2018-4094 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4094
 	NOT-FOR-US: Apple
-CVE-2018-4093 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4093
 	NOT-FOR-US: Apple
-CVE-2018-4092 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4092
 	NOT-FOR-US: Apple
-CVE-2018-4091 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4091
 	NOT-FOR-US: Apple
-CVE-2018-4090 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4090
 	NOT-FOR-US: Apple
-CVE-2018-4089 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4089
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2018-4088 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4088
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2018-4087 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4087
 	NOT-FOR-US: Apple bluetoothd
 	NOTE: https://blog.zimperium.com/cve-2018-4087-poc-escaping-sandbox-misleading-bluetoothd/
-CVE-2018-4086 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4086
 	NOT-FOR-US: Apple
-CVE-2018-4085 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4085
 	NOT-FOR-US: Apple
-CVE-2018-4084 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4084
 	NOT-FOR-US: Apple
-CVE-2018-4083 (An issue was discovered in certain Apple products. macOS before ...)
+CVE-2018-4083
 	NOT-FOR-US: Apple
-CVE-2018-4082 (An issue was discovered in certain Apple products. iOS before 11.2.5 ...)
+CVE-2018-4082
 	NOT-FOR-US: Apple
 CVE-2018-4081
 	RESERVED
@@ -44272,12 +44262,12 @@ CVE-2018-4058
 	- coturn 4.5.1.0-1
 CVE-2018-4057
 	REJECTED
-CVE-2018-4056 (An exploitable SQL injection vulnerability exists in the administrator ...)
+CVE-2018-4056
 	{DSA-4373-1 DLA-1671-1}
 	- coturn 4.5.1.0-1
-CVE-2018-4055 (A local privilege escalation vulnerability exists in the install ...)
+CVE-2018-4055
 	TODO: check
-CVE-2018-4054 (A local privilege escalation vulnerability exists in the install ...)
+CVE-2018-4054
 	TODO: check
 CVE-2018-4053
 	RESERVED
@@ -44291,37 +44281,37 @@ CVE-2018-4049
 	RESERVED
 CVE-2018-4048
 	RESERVED
-CVE-2018-4047 (An exploitable privilege escalation vulnerability exists in the helper ...)
+CVE-2018-4047
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4046 (An exploitable denial-of-service vulnerability exists in the helper ...)
+CVE-2018-4046
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4045 (An exploitable privilege escalation vulnerability exists in the helper ...)
+CVE-2018-4045
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4044 (An exploitable privilege escalation vulnerability exists in the helper ...)
+CVE-2018-4044
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4043 (An exploitable privilege escalation vulnerability exists in the Clean ...)
+CVE-2018-4043
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4042 (An exploitable privilege escalation vulnerability exists in the helper ...)
+CVE-2018-4042
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4041 (An exploitable privilege escalation vulnerability exists in the helper ...)
+CVE-2018-4041
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4040 (An exploitable uninitialized pointer vulnerability exists in the rich ...)
+CVE-2018-4040
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4039 (An exploitable out-of-bounds write vulnerability exists in the PNG ...)
+CVE-2018-4039
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4038 (An exploitable arbitrary write vulnerability exists in the open ...)
+CVE-2018-4038
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4037 (The CleanMyMac X software contains an exploitable privilege escalation ...)
+CVE-2018-4037
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4036 (The CleanMyMac X software contains an exploitable privilege escalation ...)
+CVE-2018-4036
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4035 (The CleanMyMac X software contains an exploitable privilege escalation ...)
+CVE-2018-4035
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4034 (The CleanMyMac X software contains an exploitable privilege escalation ...)
+CVE-2018-4034
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4033 (The CleanMyMac X software contains an exploitable privilege escalation ...)
+CVE-2018-4033
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4032 (An exploitable privilege escalation vulnerability exists in the way ...)
+CVE-2018-4032
 	NOT-FOR-US: Clean My Mac X
 CVE-2018-4031
 	RESERVED
@@ -44341,17 +44331,17 @@ CVE-2018-4024
 	RESERVED
 CVE-2018-4023
 	RESERVED
-CVE-2018-4022 (A use-after-free vulnerability exists in the way MKVToolNix MKVINFO ...)
+CVE-2018-4022
 	- mkvtoolnix 28.2.0-1
 	[stretch] - mkvtoolnix <not-affected> (Vulnerable code introduced later)
 	[jessie] - mkvtoolnix <not-affected> (vulnerable code is not present)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0694
 	NOTE: https://gitlab.com/mbunkus/mkvtoolnix/commit/43021d16c7bcd3f9f70214827755a5163782b633
-CVE-2018-4021 (An exploitable command injection vulnerability exists in the way ...)
+CVE-2018-4021
 	NOT-FOR-US: pfSense
-CVE-2018-4020 (An exploitable command injection vulnerability exists in the way ...)
+CVE-2018-4020
 	NOT-FOR-US: pfSense
-CVE-2018-4019 (An exploitable command injection vulnerability exists in the way ...)
+CVE-2018-4019
 	NOT-FOR-US: pfSense
 CVE-2018-4018
 	RESERVED
@@ -44359,20 +44349,20 @@ CVE-2018-4017
 	RESERVED
 CVE-2018-4016
 	RESERVED
-CVE-2018-4015 (An exploitable vulnerability exists in the HTTP client functionality ...)
+CVE-2018-4015
 	NOT-FOR-US: Webroot BrightCloud SDK
 CVE-2018-4014
 	RESERVED
-CVE-2018-4013 (An exploitable code execution vulnerability exists in the HTTP ...)
+CVE-2018-4013
 	{DSA-4343-1 DLA-1582-1}
 	- liblivemedia 2018.10.17-1
 	NOTE: http://lists.live555.com/pipermail/live-devel/2018-October/021071.html
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684
-CVE-2018-4012 (An exploitable buffer overflow vulnerability exists in the HTTP ...)
+CVE-2018-4012
 	NOT-FOR-US: Webroot BrightCloud SDK
 CVE-2018-4011
 	RESERVED
-CVE-2018-4010 (An exploitable code execution vulnerability exists in the connect ...)
+CVE-2018-4010
 	NOT-FOR-US: ProtonVPN client
 CVE-2018-4009
 	RESERVED
@@ -44390,55 +44380,55 @@ CVE-2018-4003
 	RESERVED
 CVE-2018-4002
 	RESERVED
-CVE-2018-4001 (An exploitable uninitialized pointer vulnerability exists in the ...)
+CVE-2018-4001
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4000 (An exploitable double-free vulnerability exists in the Office Open XML ...)
+CVE-2018-4000
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3999 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3999
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3998 (An exploitable heap-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3998
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3997 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3997
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3996 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3996
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3995 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3995
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3994 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3994
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3993 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3993
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3992 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3992
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3991 (An exploitable heap overflow vulnerability exists in the WkbProgramLow ...)
+CVE-2018-3991
 	NOT-FOR-US: WibuKey
-CVE-2018-3990 (An exploitable pool corruption vulnerability exists in the 0x8200E804 ...)
+CVE-2018-3990
 	NOT-FOR-US: WibuKey
-CVE-2018-3989 (An exploitable kernel memory disclosure vulnerability exists in the ...)
+CVE-2018-3989
 	NOT-FOR-US: WibuKey
-CVE-2018-3988 (Signal Messenger for Android 4.24.8 may expose private information ...)
+CVE-2018-3988
 	NOT-FOR-US: Signal Messenger
 CVE-2018-3987
 	RESERVED
-CVE-2018-3986 (An exploitable information disclosure vulnerability exists in the ...)
+CVE-2018-3986
 	NOT-FOR-US: Telegram Android
 CVE-2018-3985
 	RESERVED
-CVE-2018-3984 (An exploitable uninitialized length vulnerability exists within the ...)
+CVE-2018-3984
 	NOT-FOR-US: Atlantis Word Processor
 CVE-2018-3983
 	RESERVED
-CVE-2018-3982 (An exploitable arbitrary write vulnerability exists in the Word ...)
+CVE-2018-3982
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3981 (An exploitable out-of-bounds write exists in the TIFF-parsing ...)
+CVE-2018-3981
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3980 (An exploitable out-of-bounds write exists in the TIFF-parsing ...)
+CVE-2018-3980
 	NOT-FOR-US: Canvas Draw
 CVE-2018-3979
 	RESERVED
-CVE-2018-3978 (An exploitable out-of-bounds write vulnerability exists in the Word ...)
+CVE-2018-3978
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3977 (An exploitable code execution vulnerability exists in the XCF image ...)
+CVE-2018-3977
 	- libsdl2-image 2.0.3+dfsg1-3 (bug #912617)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
 	[jessie] - libsdl2-image <no-dsa> (Minor issue)
@@ -44447,331 +44437,331 @@ CVE-2018-3977 (An exploitable code execution vulnerability exists in the XCF ima
 	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645
 	NOTE: https://hg.libsdl.org/SDL_image/rev/170d7d32e4a8
-CVE-2018-3976 (An exploitable out-of-bounds write exists in the CALS Raster file ...)
+CVE-2018-3976
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3975 (An exploitable uninitialized variable vulnerability exists in the ...)
+CVE-2018-3975
 	NOT-FOR-US: Atlantis Word Processor
 CVE-2018-3974
 	RESERVED
-CVE-2018-3973 (An exploitable out of bounds write exists in the CAL parsing ...)
+CVE-2018-3973
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3972 (An exploitable code execution vulnerability exists in the Levin ...)
+CVE-2018-3972
 	NOT-FOR-US: Epee library
-CVE-2018-3971 (An exploitable arbitrary write vulnerability exists in the 0x2222CC ...)
+CVE-2018-3971
 	NOT-FOR-US: Sophos
-CVE-2018-3970 (An exploitable memory disclosure vulnerability exists in the 0x222000 ...)
+CVE-2018-3970
 	NOT-FOR-US: Sophos
 CVE-2018-3969
 	RESERVED
 CVE-2018-3968
 	RESERVED
-CVE-2018-3967 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3967
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3966 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3966
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3965 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3965
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3964 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3964
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
 CVE-2018-3963
 	RESERVED
-CVE-2018-3962 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+CVE-2018-3962
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3961 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+CVE-2018-3961
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3960 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+CVE-2018-3960
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3959 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+CVE-2018-3959
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3958 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+CVE-2018-3958
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3957 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+CVE-2018-3957
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3956 (An exploitable out-of-bounds read vulnerability exists in the handling ...)
+CVE-2018-3956
 	NOT-FOR-US: Foxit
-CVE-2018-3955 (An exploitable operating system command injection exists in the ...)
+CVE-2018-3955
 	NOT-FOR-US: Linksys
-CVE-2018-3954 (Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware ...)
+CVE-2018-3954
 	NOT-FOR-US: Linksys
-CVE-2018-3953 (Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware ...)
+CVE-2018-3953
 	NOT-FOR-US: Linksys
-CVE-2018-3952 (An exploitable code execution vulnerability exists in the connect ...)
+CVE-2018-3952
 	NOT-FOR-US: NordVPN
-CVE-2018-3951 (An exploitable remote code execution vulnerability exists in the HTTP ...)
+CVE-2018-3951
 	NOT-FOR-US: TP-Link
-CVE-2018-3950 (An exploitable remote code execution vulnerability exists in the ping ...)
+CVE-2018-3950
 	NOT-FOR-US: TP-Link
-CVE-2018-3949 (An exploitable information disclosure vulnerability exists in the HTTP ...)
+CVE-2018-3949
 	NOT-FOR-US: TP-Link
-CVE-2018-3948 (An exploitable denial-of-service vulnerability exists in the ...)
+CVE-2018-3948
 	NOT-FOR-US: TP-Link
-CVE-2018-3947 (An exploitable information disclosure vulnerability exists in the ...)
+CVE-2018-3947
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3946 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3946
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3945 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3945
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3944 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3944
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3943 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3943
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3942 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3942
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3941 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3941
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3940 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3940
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3939 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3939
 	NOT-FOR-US: Foxit
-CVE-2018-3938 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3938
 	NOT-FOR-US: Sony
-CVE-2018-3937 (An exploitable command injection vulnerability exists in the ...)
+CVE-2018-3937
 	NOT-FOR-US: Sony
-CVE-2018-3936 (In Antenna House Office Server Document Converter version V6.1 Pro MR2 ...)
+CVE-2018-3936
 	NOT-FOR-US: Antenna House Office Server Document Converter
-CVE-2018-3935 (An exploitable code execution vulnerability exists in the UDP network ...)
+CVE-2018-3935
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3934 (An exploitable code execution vulnerability exists in the firmware ...)
+CVE-2018-3934
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3933 (An exploitable out-of-bounds write exists in the Microsoft Word ...)
+CVE-2018-3933
 	NOT-FOR-US: Microsoft
-CVE-2018-3932 (An exploitable stack-based buffer overflow exists in the Microsoft ...)
+CVE-2018-3932
 	NOT-FOR-US: Microsoft
-CVE-2018-3931 (In Antenna House Office Server Document Converter version V6.1 Pro MR2 ...)
+CVE-2018-3931
 	NOT-FOR-US: Microsoft
-CVE-2018-3930 (In Antenna House Office Server Document Converter version V6.1 Pro MR2 ...)
+CVE-2018-3930
 	NOT-FOR-US: Microsoft
-CVE-2018-3929 (An exploitable heap corruption exists in the PowerPoint document ...)
+CVE-2018-3929
 	NOT-FOR-US: Microsoft
-CVE-2018-3928 (An exploitable code execution vulnerability exists in the firmware ...)
+CVE-2018-3928
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3927 (An exploitable information disclosure vulnerability exists in the ...)
+CVE-2018-3927
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3926 (An exploitable integer underflow vulnerability exists in the ZigBee ...)
+CVE-2018-3926
 	NOT-FOR-US: Samsung
-CVE-2018-3925 (An exploitable buffer overflow vulnerability exists in the remote ...)
+CVE-2018-3925
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3924 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3924
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3923 (A memory corruption vulnerability exists in the PCX-parsing ...)
+CVE-2018-3923
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3922 (A memory corruption vulnerability exists in the ANI-parsing ...)
+CVE-2018-3922
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3921 (A memory corruption vulnerability exists in the PSD-parsing ...)
+CVE-2018-3921
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3920 (An exploitable code execution vulnerability exists in the firmware ...)
+CVE-2018-3920
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3919 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3919
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3918 (An exploitable vulnerability exists in the remote servers of Samsung ...)
+CVE-2018-3918
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3917 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+CVE-2018-3917
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3916 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3916
 	NOT-FOR-US: Samsung
-CVE-2018-3915 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3915
 	NOT-FOR-US: Samsung
-CVE-2018-3914 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3914
 	NOT-FOR-US: Samsung
-CVE-2018-3913 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3913
 	NOT-FOR-US: Samsung
-CVE-2018-3912 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+CVE-2018-3912
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3911 (An exploitable HTTP header injection vulnerability exists in the ...)
+CVE-2018-3911
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3910 (An exploitable code execution vulnerability exists in the cloud OTA ...)
+CVE-2018-3910
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3909 (An exploitable vulnerability exists in the REST parser of video-core's ...)
+CVE-2018-3909
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3908 (An exploitable vulnerability exists in the REST parser of video-core's ...)
+CVE-2018-3908
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250-Firmware
-CVE-2018-3907 (An exploitable vulnerability exists in the REST parser of video-core's ...)
+CVE-2018-3907
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3906 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3906
 	NOT-FOR-US: Samsung
-CVE-2018-3905 (An exploitable buffer overflow vulnerability exists in the camera ...)
+CVE-2018-3905
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3904 (An exploitable buffer overflow vulnerability exists in the camera ...)
+CVE-2018-3904
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3903 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+CVE-2018-3903
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3902 (An exploitable buffer overflow vulnerability exists in the camera ...)
+CVE-2018-3902
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
 CVE-2018-3901
 	RESERVED
-CVE-2018-3900 (An exploitable code execution vulnerability exists in the QR code ...)
+CVE-2018-3900
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3899 (An exploitable code execution vulnerability exists in the QR code ...)
+CVE-2018-3899
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3898 (An exploitable code execution vulnerability exists in the QR code ...)
+CVE-2018-3898
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3897 (An exploitable buffer overflow vulnerabilities exist in the ...)
+CVE-2018-3897
 	NOT-FOR-US: Samsung
-CVE-2018-3896 (An exploitable buffer overflow vulnerabilities exist in the ...)
+CVE-2018-3896
 	NOT-FOR-US: Samsung
-CVE-2018-3895 (An exploitable buffer overflow vulnerability exists in the ...)
+CVE-2018-3895
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 Firmware
-CVE-2018-3894 (An exploitable buffer overflow vulnerability exists in the ...)
+CVE-2018-3894
 	NOT-FOR-US: Samsung
-CVE-2018-3893 (An exploitable buffer overflow vulnerability exists in the ...)
+CVE-2018-3893
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3892 (An exploitable firmware downgrade vulnerability exists in the time ...)
+CVE-2018-3892
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3891 (An exploitable firmware downgrade vulnerability exists in the firmware ...)
+CVE-2018-3891
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3890 (An exploitable code execution vulnerability exists in the firmware ...)
+CVE-2018-3890
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3889 (A specially crafted PCX image processed via the application can lead ...)
+CVE-2018-3889
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3888 (A memory corruption vulnerability exists in the PCX-parsing ...)
+CVE-2018-3888
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3887 (A memory corruption vulnerability exists in the PCX-parsing ...)
+CVE-2018-3887
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3886 (A memory corruption vulnerability exists in the PCX-parsing ...)
+CVE-2018-3886
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3885 (An exploitable SQL injection vulnerability exists in the authenticated ...)
+CVE-2018-3885
 	NOT-FOR-US: ERPNext
-CVE-2018-3884 (An exploitable SQL injection vulnerability exists in the authenticated ...)
+CVE-2018-3884
 	NOT-FOR-US: ERPNext
-CVE-2018-3883 (An exploitable SQL injection vulnerability exists in the authenticated ...)
+CVE-2018-3883
 	NOT-FOR-US: ERPNext
-CVE-2018-3882 (An exploitable SQL injection vulnerability exists in the authenticated ...)
+CVE-2018-3882
 	NOT-FOR-US: ERPNext
-CVE-2018-3881 (An exploitable unauthenticated XML external injection vulnerability ...)
+CVE-2018-3881
 	NOT-FOR-US: FocalScope
-CVE-2018-3880 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3880
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3879 (An exploitable JSON injection vulnerability exists in the credentials ...)
+CVE-2018-3879
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3878 (Multiple exploitable buffer overflow vulnerabilities exist in the ...)
+CVE-2018-3878
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3877 (An exploitable buffer overflow vulnerability exists in the credentials ...)
+CVE-2018-3877
 	NOT-FOR-US: Samsung
-CVE-2018-3876 (An exploitable buffer overflow vulnerability exists in the credentials ...)
+CVE-2018-3876
 	NOT-FOR-US: Samsung
-CVE-2018-3875 (An exploitable buffer overflow vulnerability exists in the credentials ...)
+CVE-2018-3875
 	NOT-FOR-US: Samsung
-CVE-2018-3874 (An exploitable buffer overflow vulnerability exists in the credentials ...)
+CVE-2018-3874
 	NOT-FOR-US: Samsung
-CVE-2018-3873 (An exploitable buffer overflow vulnerability exists in the credentials ...)
+CVE-2018-3873
 	NOT-FOR-US: Samsung
-CVE-2018-3872 (An exploitable buffer overflow vulnerability exists in the credentials ...)
+CVE-2018-3872
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3871 (An exploitable out-of-bounds write exists in the PCX parsing ...)
+CVE-2018-3871
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3870 (An exploitable out-of-bounds write exists in the PCX parsing ...)
+CVE-2018-3870
 	NOT-FOR-US: Canvas Draw
 CVE-2018-3869
 	RESERVED
-CVE-2018-3868 (A specially crafted TIFF image processed via the application can lead ...)
+CVE-2018-3868
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3867 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+CVE-2018-3867
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3866 (An exploitable buffer overflow vulnerability exists in the ...)
+CVE-2018-3866
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3865 (An exploitable buffer overflow vulnerability exists in the Samsung ...)
+CVE-2018-3865
 	NOT-FOR-US: Samsung
-CVE-2018-3864 (An exploitable buffer overflow vulnerability exists in the Samsung ...)
+CVE-2018-3864
 	NOT-FOR-US: Samsung
-CVE-2018-3863 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+CVE-2018-3863
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3862 (A specially crafted TIFF image processed via the application can lead ...)
+CVE-2018-3862
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3861 (A specially crafted TIFF image processed via the application can lead ...)
+CVE-2018-3861
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3860 (An exploitable out-of-bounds write exists in the TIFF parsing ...)
+CVE-2018-3860
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3859 (An exploitable out-of-bounds write exists in the TIFF parsing ...)
+CVE-2018-3859
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3858 (An exploitable heap overflow exists in the TIFF parsing functionality ...)
+CVE-2018-3858
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3857 (An exploitable heap overflow exists in the TIFF parsing functionality ...)
+CVE-2018-3857
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3856 (An exploitable vulnerability exists in the smart cameras RTSP ...)
+CVE-2018-3856
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3855 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+CVE-2018-3855
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3854 (An exploitable information disclosure vulnerability exists in the ...)
+CVE-2018-3854
 	NOT-FOR-US: Quicken
-CVE-2018-3853 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3853
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3852 (An exploitable denial of service vulnerability exists in the Ocularis ...)
+CVE-2018-3852
 	NOT-FOR-US: Ocularis Recorder
-CVE-2018-3851 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+CVE-2018-3851
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3850 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+CVE-2018-3850
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3849 (In the ffghtb function in NASA CFITSIO 3.42, specially crafted images ...)
+CVE-2018-3849
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531
 	NOTE: Mitigated to a crash due to hardened build flags
-CVE-2018-3848 (In the ffghbn function in NASA CFITSIO 3.42, specially crafted images ...)
+CVE-2018-3848
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531
 	NOTE: Mitigated to a crash due to hardened build flags
-CVE-2018-3847 (Multiple exploitable buffer overflow vulnerabilities exist in image ...)
+CVE-2018-3847
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0530
-CVE-2018-3846 (In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially ...)
+CVE-2018-3846
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529
 	NOTE: Mitigated to a crash due to hardened build flags
-CVE-2018-3845 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+CVE-2018-3845
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3844 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+CVE-2018-3844
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3843 (An exploitable type confusion vulnerability exists in the way Foxit ...)
+CVE-2018-3843
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3842 (An exploitable use of an uninitialized pointer vulnerability exists in ...)
+CVE-2018-3842
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3841 (A denial-of-service vulnerability exists in the Pixar Renderman IT ...)
+CVE-2018-3841
 	NOT-FOR-US: Renderman
-CVE-2018-3840 (A denial-of-service vulnerability exists in the Pixar Renderman IT ...)
+CVE-2018-3840
 	NOT-FOR-US: Renderman
-CVE-2018-3839 (An exploitable code execution vulnerability exists in the XCF image ...)
+CVE-2018-3839
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://hg.libsdl.org/SDL_image/rev/fb643e371806910f1973abfdfe7f981e8dba60f5
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521
-CVE-2018-3838 (An exploitable information vulnerability exists in the XCF image ...)
+CVE-2018-3838
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://hg.libsdl.org/SDL_image/rev/c5f9cbb5d2bbcb2150ba0596ea56b49efeed660d
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0520
-CVE-2018-3837 (An exploitable information disclosure vulnerability exists in the PCX ...)
+CVE-2018-3837
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://hg.libsdl.org/SDL_image/rev/2938fc80591abeae74b971cbdf966eff3213297e
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0519
-CVE-2018-7442 (An issue was discovered in Leptonica through 1.75.3. The ...)
+CVE-2018-7442
 	- leptonlib 1.76.0-1 (bug #898439)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
 	[jessie] - leptonlib <no-dsa> (Minor issue)
 	[wheezy] - leptonlib <ignored> (Minor issue)
 	NOTE: https://lists.debian.org/debian-lts/2018/02/msg00086.html
-CVE-2018-7441 (Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might ...)
+CVE-2018-7441
 	- leptonlib 1.76.0-1 (unimportant)
 	NOTE: https://lists.debian.org/debian-lts/2018/02/msg00054.html
 	NOTE: Neutralised by kernel hardening
-CVE-2018-7440 (An issue was discovered in Leptonica through 1.75.3. The ...)
+CVE-2018-7440
 	{DLA-1302-1}
 	- leptonlib 1.75.3-3 (bug #891932)
 	[stretch] - leptonlib <not-affected> (Incomplete fix for CVE-2018-3836 not applied)
 	[jessie] - leptonlib <not-affected> (Incomplete fix for CVE-2018-3836 not applied)
 	NOTE: https://github.com/DanBloomberg/leptonica/issues/303#issuecomment-366472212
 	NOTE: https://github.com/DanBloomberg/leptonica/pull/313/commits/49ecb6c2dfd6ed5078c62f4a8eeff03e3beced3b
-CVE-2018-3836 (An exploitable command injection vulnerability exists in the ...)
+CVE-2018-3836
 	{DLA-1284-1}
 	- leptonlib 1.75.3-1 (bug #889759)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
@@ -44781,59 +44771,59 @@ CVE-2018-3836 (An exploitable command injection vulnerability exists in the ...)
 	NOTE: When fixing this issue make sure the fix is complete and includes as well
 	NOTE: https://github.com/DanBloomberg/leptonica/pull/313/commits/49ecb6c2dfd6ed5078c62f4a8eeff03e3beced3b
 	NOTE: to not open CVE-2018-7440.
-CVE-2018-3835 (An exploitable out of bounds write vulnerability exists in version 2.2 ...)
+CVE-2018-3835
 	NOT-FOR-US: Per Face Texture (PTEX)
-CVE-2018-3834 (An exploitable permanent denial of service vulnerability exists in ...)
+CVE-2018-3834
 	NOT-FOR-US: Insteon Hub
-CVE-2018-3833 (An exploitable firmware downgrade vulnerability exists in Insteon Hub ...)
+CVE-2018-3833
 	NOT-FOR-US: Insteon Hub
-CVE-2018-3832 (An exploitable firmware update vulnerability exists in Insteon Hub ...)
+CVE-2018-3832
 	NOT-FOR-US: Insteon Hub
-CVE-2018-3831 (Elasticsearch Alerting and Monitoring in versions before 6.4.1 or ...)
+CVE-2018-3831
 	- elasticsearch <removed>
-CVE-2018-3830 (Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) ...)
+CVE-2018-3830
 	- kibana <itp> (bug #700337)
-CVE-2018-3829 (In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was ...)
+CVE-2018-3829
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2018-3828 (Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an ...)
+CVE-2018-3828
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2018-3827 (A sensitive data disclosure flaw was found in the Elasticsearch ...)
+CVE-2018-3827
 	NOT-FOR-US: Elasticsearch repository-azure
-CVE-2018-3826 (In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was ...)
+CVE-2018-3826
 	- elasticsearch <removed>
-CVE-2018-3825 (In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default ...)
+CVE-2018-3825
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2018-3824 (X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a ...)
+CVE-2018-3824
 	NOT-FOR-US: Elastic X-Pack Machine Learning
-CVE-2018-3823 (X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a ...)
+CVE-2018-3823
 	NOT-FOR-US: Elastic X-Pack Machine Learning
-CVE-2018-3822 (X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a ...)
+CVE-2018-3822
 	NOT-FOR-US: Elastic X-Pack Security
-CVE-2018-3821 (Kibana versions after 5.1.1 and before 5.6.7 and 6.1.3 had a ...)
+CVE-2018-3821
 	- kibana <itp> (bug #700337)
-CVE-2018-3820 (Kibana versions after 6.1.0 and before 6.1.3 had a cross-site ...)
+CVE-2018-3820
 	- kibana <itp> (bug #700337)
-CVE-2018-3819 (The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security ...)
+CVE-2018-3819
 	- kibana <itp> (bug #700337)
-CVE-2018-3818 (Kibana versions 5.1.1 to 6.1.2 and 5.6.6 had a cross-site scripting ...)
+CVE-2018-3818
 	- kibana <itp> (bug #700337)
-CVE-2018-3817 (When logging warnings regarding deprecated settings, Logstash before ...)
+CVE-2018-3817
 	- logstash <itp> (bug #664841)
 CVE-2018-3816
 	RESERVED
-CVE-2018-3815 (The &quot;XML Interface to Messaging, Scheduling, and Signaling&quot; (XIMSS) ...)
+CVE-2018-3815
 	NOT-FOR-US: CommuniGate Pro
-CVE-2018-3814 (Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP ...)
+CVE-2018-3814
 	NOT-FOR-US: Craft CMS
-CVE-2018-3813 (getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 ...)
+CVE-2018-3813
 	NOT-FOR-US: FLIR Brickstream 2300 devices
 CVE-2018-3812
 	RESERVED
-CVE-2018-3811 (SQL Injection vulnerability in the Oturia Smart Google Code Inserter ...)
+CVE-2018-3811
 	NOT-FOR-US: Oturia Smart Google Code Inserter plugin for WordPress
-CVE-2018-3810 (Authentication Bypass vulnerability in the Oturia Smart Google Code ...)
+CVE-2018-3810
 	NOT-FOR-US: Oturia Smart Google Code Inserter plugin for WordPress
-CVE-2018-3809 (Information exposure through directory listings in serve 6.5.3 allows ...)
+CVE-2018-3809
 	NOT-FOR-US: serve nodejs module
 CVE-2018-3808
 	RESERVED
@@ -44877,47 +44867,47 @@ CVE-2018-3789
 	RESERVED
 CVE-2018-3788
 	RESERVED
-CVE-2018-3787 (Path traversal in simplehttpserver &lt;v0.2.1 allows listing any file on ...)
+CVE-2018-3787
 	NOT-FOR-US: simplehttpserver node module
-CVE-2018-3786 (A command injection vulnerability in egg-scripts &lt;v2.8.1 allows ...)
+CVE-2018-3786
 	NOT-FOR-US: egg-scripts
-CVE-2018-3785 (A command injection in git-dummy-commit v1.3.0 allows os level ...)
+CVE-2018-3785
 	NOT-FOR-US: Node.js third-party module git-dummy-commit
-CVE-2018-3784 (A code injection in cryo 0.0.6 allows an attacker to arbitrarily ...)
+CVE-2018-3784
 	NOT-FOR-US: cryo
-CVE-2018-3783 (A privilege escalation detected in flintcms versions &lt;= 1.1.9 allows ...)
+CVE-2018-3783
 	NOT-FOR-US: flintcms
 CVE-2018-3782
 	REJECTED
-CVE-2018-3781 (A missing sanitization of search results for an autocomplete field in ...)
+CVE-2018-3781
 	NOT-FOR-US: NextCloud Talk
-CVE-2018-3780 (A missing sanitization of search results for an autocomplete field in ...)
+CVE-2018-3780
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3779 (active-support ruby gem 5.2.0 could allow a remote attacker to execute ...)
+CVE-2018-3779
 	NOT-FOR-US: Trojaned gem release
-CVE-2018-3778 (Improper authorization in aedes version &lt;0.35.0 will publish a LWT in ...)
+CVE-2018-3778
 	NOT-FOR-US: aedes
-CVE-2018-3777 (Insufficient URI encoding in restforce before 3.0.0 allows attacker to ...)
+CVE-2018-3777
 	NOT-FOR-US: restforce
-CVE-2018-3776 (Improper input validator in Nextcloud Server prior to 12.0.3 and ...)
+CVE-2018-3776
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3775 (Improper Authentication in Nextcloud Server prior to version 12.0.3 ...)
+CVE-2018-3775
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3774 (Incorrect parsing in url-parse &lt;1.4.3 returns wrong hostname which ...)
+CVE-2018-3774
 	- node-url-parse <unfixed> (unimportant; bug #906058)
 	NOTE: https://hackerone.com/reports/384029
 	NOTE: https://github.com/unshiftio/url-parse/commit/53b1794e54d0711ceb52505e0f74145270570d5a
 	NOTE: https://github.com/unshiftio/url-parse/commit/d7b582ec1243e8024e60ac0b62d2569c939ef5de
 	NOTE: nodejs not covered by security support
-CVE-2018-3773 (There is a stored Cross-Site Scripting vulnerability in Open Graph ...)
+CVE-2018-3773
 	NOT-FOR-US: metascrape nodejs module
-CVE-2018-3772 (Concatenating unsanitized user input in the `whereis` npm module &lt; ...)
+CVE-2018-3772
 	NOT-FOR-US: whereis nodejs module
-CVE-2018-3771 (An XSS in statics-server &lt;= 0.0.9 can be used via injected iframe in ...)
+CVE-2018-3771
 	NOT-FOR-US: statics-server nodejs module
-CVE-2018-3770 (A path traversal exists in markdown-pdf version &lt;9.0.0 that allows a ...)
+CVE-2018-3770
 	NOT-FOR-US: markdown-pdf nodejs module
-CVE-2018-3769 (ruby-grape ruby gem suffers from a cross-site scripting (XSS) ...)
+CVE-2018-3769
 	- ruby-grape 1.1.0-1 (bug #903086)
 	[stretch] - ruby-grape <no-dsa> (Minor issue)
 	NOTE: https://github.com/ruby-grape/grape/commit/6876b71efc7b03f7ce1be3f075eaa4e7e6de19af
@@ -44925,69 +44915,69 @@ CVE-2018-3769 (ruby-grape ruby gem suffers from a cross-site scripting (XSS) ...
 	NOTE: https://github.com/ruby-grape/grape/pull/1763
 CVE-2018-3768
 	REJECTED
-CVE-2018-3767 (`memjs` versions &lt;= 1.1.0 allocates and stores buffers on typed input, ...)
+CVE-2018-3767
 	NOT-FOR-US: memjs node module
-CVE-2018-3766 (Path traversal in buttle module versions &lt;= 0.2.0 allows to read any ...)
+CVE-2018-3766
 	NOT-FOR-US: buttle node module
 CVE-2018-3765
 	RESERVED
-CVE-2018-3764 (In Nextcloud Contacts before 2.1.2, a missing sanitization of search ...)
+CVE-2018-3764
 	NOT-FOR-US: Nextcloud Contacts
-CVE-2018-3763 (In Nextcloud Calendar before 1.5.8 and 1.6.1, a missing sanitization ...)
+CVE-2018-3763
 	NOT-FOR-US: Nextcloud Contacts
-CVE-2018-3762 (Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks ...)
+CVE-2018-3762
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3761 (Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper ...)
+CVE-2018-3761
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3760 (There is an information leak vulnerability in Sprockets. Versions ...)
+CVE-2018-3760
 	{DSA-4242-1 DLA-1419-1}
 	- ruby-sprockets 3.7.0-1.1 (bug #901913)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/19/2
 	NOTE: https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5f (master)
 	NOTE: https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441 (3.x)
 	NOTE: https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5 (2.x)
-CVE-2018-3759 (private_address_check ruby gem before 0.5.0 is vulnerable to a ...)
+CVE-2018-3759
 	NOT-FOR-US: private_address_check
-CVE-2018-3758 (Unrestricted file upload (RCE) in express-cart module before 1.1.7 ...)
+CVE-2018-3758
 	NOT-FOR-US: express-cart
-CVE-2018-3757 (Command injection exists in pdf-image v2.0.0 due to an unescaped ...)
+CVE-2018-3757
 	NOT-FOR-US: node pdf-image
-CVE-2018-3756 (Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable ...)
+CVE-2018-3756
 	NOT-FOR-US: Hyperledger Iroha
-CVE-2018-3755 (XSS in sexstatic &lt;=0.6.2 causes HTML injection in directory name(s) ...)
+CVE-2018-3755
 	NOT-FOR-US: sexstatic
-CVE-2018-3754 (Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and ...)
+CVE-2018-3754
 	NOT-FOR-US: query-mysql
-CVE-2018-3753 (The utilities function in all versions &lt;= 1.0.0 of the merge-objects ...)
+CVE-2018-3753
 	NOT-FOR-US: merge-objects
-CVE-2018-3752 (The utilities function in all versions &lt;= 1.0.0 of the merge-options ...)
+CVE-2018-3752
 	NOT-FOR-US: merge-options
-CVE-2018-3751 (The utilities function in all versions &lt;= 0.3.0 of the merge-recursive ...)
+CVE-2018-3751
 	NOT-FOR-US: merge-recursive
-CVE-2018-3750 (The utilities function in all versions &lt;= 0.5.0 of the deep-extend ...)
+CVE-2018-3750
 	- node-deep-extend <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/612
 	NOTE: nodejs not covered by security support
-CVE-2018-3749 (The utilities function in all versions &lt; 1.0.1 of the deap node module ...)
+CVE-2018-3749
 	NOT-FOR-US: deap
-CVE-2018-3748 (There is a Stored XSS vulnerability in the glance node module versions ...)
+CVE-2018-3748
 	NOT-FOR-US: glance node module (different from src:glance)
-CVE-2018-3747 (The public node module versions &lt;= 1.0.3 allows to embed HTML in file ...)
+CVE-2018-3747
 	NOT-FOR-US: public node module versions
-CVE-2018-3746 (The pdfinfojs NPM module versions &lt;= 0.3.6 has a command injection ...)
+CVE-2018-3746
 	NOT-FOR-US: pdfinfojs nodejs module
-CVE-2018-3745 (atob 2.0.3 and earlier allocates uninitialized Buffers when number is ...)
+CVE-2018-3745
 	NOT-FOR-US: nodejs atob module
-CVE-2018-3744 (The html-pages node module contains a path traversal vulnerabilities ...)
+CVE-2018-3744
 	NOT-FOR-US: html-pages nodejs module
-CVE-2018-3743 (Open redirect in hekto &lt;=0.2.3 when target domain name is used as html ...)
+CVE-2018-3743
 	NOT-FOR-US: hekto nodejs module
 CVE-2018-3742
 	REJECTED
-CVE-2018-3741 (There is a possible XSS vulnerability in all rails-html-sanitizer gem ...)
+CVE-2018-3741
 	- ruby-rails-html-sanitizer 1.0.4-1 (bug #893994)
 	NOTE: https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae
-CVE-2018-3740 (A specially crafted HTML fragment can cause Sanitize gem for Ruby to ...)
+CVE-2018-3740
 	{DSA-4358-1}
 	[experimental] - ruby-sanitize 4.6.5-1
 	- ruby-sanitize 4.6.6-1 (bug #893610)
@@ -44998,32 +44988,32 @@ CVE-2018-3740 (A specially crafted HTML fragment can cause Sanitize gem for Ruby
 	NOTE: Only an issue in combination with libxml2 >= 2.9.2
 	NOTE: The 'fragment' method was renamed from 'clean' method in earlier version
 	NOTE: in v3.0.0
-CVE-2018-3739 (https-proxy-agent before 2.1.1 passes auth option to the Buffer ...)
+CVE-2018-3739
 	NOT-FOR-US: https-proxy-agent
-CVE-2018-3738 (protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto ...)
+CVE-2018-3738
 	NOT-FOR-US: protobufjs
-CVE-2018-3737 (sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. ...)
+CVE-2018-3737
 	- node-sshpk <unfixed> (unimportant; bug #901093)
 	NOTE: https://github.com/joyent/node-sshpk/issues/44
 	NOTE: https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957
 	NOTE: nodejs not covered by security support
 CVE-2018-3736
 	REJECTED
-CVE-2018-3735 (bracket-template suffers from reflected XSS possible when variable ...)
+CVE-2018-3735
 	NOT-FOR-US: bracket-template nodejs module
-CVE-2018-3734 (stattic node module suffers from a Path Traversal vulnerability due to ...)
+CVE-2018-3734
 	NOT-FOR-US: stattic nodejs module
-CVE-2018-3733 (crud-file-server node module before 0.9.0 suffers from a Path ...)
+CVE-2018-3733
 	NOT-FOR-US: crud-file-server nodejs module
-CVE-2018-3732 (resolve-path node module before 1.4.0 suffers from a Path Traversal ...)
+CVE-2018-3732
 	NOT-FOR-US: resolve-path nodejs module
-CVE-2018-3731 (public node module suffers from a Path Traversal vulnerability due to ...)
+CVE-2018-3731
 	NOT-FOR-US: public nodejs module
-CVE-2018-3730 (mcstatic node module suffers from a Path Traversal vulnerability due ...)
+CVE-2018-3730
 	NOT-FOR-US: mcstatic nodejs module
-CVE-2018-3729 (localhost-now node module suffers from a Path Traversal vulnerability ...)
+CVE-2018-3729
 	NOT-FOR-US: localhost-now nodejs module
-CVE-2018-3728 (hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of ...)
+CVE-2018-3728
 	- node-hoek 5.0.3-1 (unimportant)
 	NOTE: fixed in 4.2.1
 	NOTE: https://github.com/hapijs/hoek/issues/230
@@ -45031,56 +45021,56 @@ CVE-2018-3728 (hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from
 	NOTE: https://snyk.io/vuln/npm:hoek:20180212
 	NOTE: https://nodesecurity.io/advisories/566
 	NOTE: nodejs not covered by security support
-CVE-2018-3727 (626 node module suffers from a Path Traversal vulnerability due to ...)
+CVE-2018-3727
 	NOT-FOR-US: 626 node module
-CVE-2018-3726 (crud-file-server node module before 0.8.0 suffers from a Cross-Site ...)
+CVE-2018-3726
 	NOT-FOR-US: crud-file-server nodejs module
-CVE-2018-3725 (hekto node module suffers from a Path Traversal vulnerability due to ...)
+CVE-2018-3725
 	NOT-FOR-US: hekto nodejs module
-CVE-2018-3724 (general-file-server node module suffers from a Path Traversal ...)
+CVE-2018-3724
 	NOT-FOR-US: general-file-server node module
-CVE-2018-3723 (defaults-deep node module before 0.2.4 suffers from a Modification of ...)
+CVE-2018-3723
 	NOT-FOR-US: defaults-deep node module
-CVE-2018-3722 (merge-deep node module before 3.0.1 suffers from a Modification of ...)
+CVE-2018-3722
 	NOT-FOR-US: merge-deep node module
-CVE-2018-3721 (lodash node module before 4.17.5 suffers from a Modification of ...)
+CVE-2018-3721
 	- node-lodash 4.17.11+dfsg-1 (unimportant; bug #890575)
 	NOTE: https://snyk.io/vuln/npm:lodash:20180130
 	NOTE: https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a
 	NOTE: nodejs not covered by security support
-CVE-2018-3720 (assign-deep node module before 0.4.7 suffers from a Modification of ...)
+CVE-2018-3720
 	NOT-FOR-US: assign-deep node module
-CVE-2018-3719 (mixin-deep node module before 1.3.1 suffers from a Modification of ...)
+CVE-2018-3719
 	- node-mixin-deep <unfixed> (unimportant; bug #898315)
 	NOTE: https://nodesecurity.io/advisories/578
 	NOTE: nodejs not covered by security support
-CVE-2018-3718 (serve node module suffers from Improper Handling of URL Encoding by ...)
+CVE-2018-3718
 	NOT-FOR-US: serve node module
-CVE-2018-3717 (connect node module before 2.14.0 suffers from a Cross-Site Scripting ...)
+CVE-2018-3717
 	- node-connect 3.0.0-1
 	NOTE: https://github.com/senchalabs/connect/commit/6d5dd30075d2bc4ee97afdbbe3d9d98d8d52d74b
-CVE-2018-3716 (simplehttpserver node module suffers from a Cross-Site Scripting ...)
+CVE-2018-3716
 	NOT-FOR-US: simplehttpserver node module
-CVE-2018-3715 (glance node module before 3.0.4 suffers from a Path Traversal ...)
+CVE-2018-3715
 	NOT-FOR-US: glance node module
-CVE-2018-3714 (node-srv node module suffers from a Path Traversal vulnerability due ...)
+CVE-2018-3714
 	NOT-FOR-US: node-srv node module
-CVE-2018-3713 (angular-http-server node module suffers from a Path Traversal ...)
+CVE-2018-3713
 	NOT-FOR-US: angular-http-server node module
-CVE-2018-3712 (serve node module before 6.4.9 suffers from a Path Traversal ...)
+CVE-2018-3712
 	NOT-FOR-US: npm serve
 	NOTE: fixed in 6.4.9 upstream
 	NOTE: https://github.com/zeit/serve/commit/6adad6881c61991da61ebc857857c53409544575
 	NOTE: https://github.com/zeit/serve/pull/316
 	NOTE: https://hackerone.com/reports/307666
 	NOTE: https://nodesecurity.io/advisories/561
-CVE-2018-3711 (Fastify node module before 0.38.0 is vulnerable to a denial-of-service ...)
+CVE-2018-3711
 	NOT-FOR-US: Fastify
 	NOTE: fixed in 0.38.0 upstream
 	NOTE: https://github.com/fastify/fastify/commit/fabd2a011f2ffbb877394abe699f549513ffbd76
 	NOTE: https://hackerone.com/reports/303632
 	NOTE: https://nodesecurity.io/advisories/564
-CVE-2018-3710 (Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable ...)
+CVE-2018-3710
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
@@ -45092,62 +45082,62 @@ CVE-2018-3707
 	RESERVED
 CVE-2018-3706
 	RESERVED
-CVE-2018-3705 (Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access. ...)
+CVE-2018-3705
 	NOT-FOR-US: Intel System Defense Utility
-CVE-2018-3704 (Improper directory permissions in the installer for the Intel Parallel ...)
+CVE-2018-3704
 	NOT-FOR-US: Intel Parallel Studio
-CVE-2018-3703 (Improper directory permissions in the installer for the Intel(R) SSD ...)
+CVE-2018-3703
 	NOT-FOR-US: Intel
 CVE-2018-3702
 	RESERVED
 CVE-2018-3701
 	RESERVED
-CVE-2018-3700 (Code injection vulnerability in the installer for Intel(R) USB 3.0 ...)
+CVE-2018-3700
 	NOT-FOR-US: Intel
-CVE-2018-3699 (Cross-site scripting in the Intel RAID Web Console v3 for Windows may ...)
+CVE-2018-3699
 	NOT-FOR-US: Intel RAID Web Console
-CVE-2018-3698 (Improper file permissions in the installer for the Intel Ready Mode ...)
+CVE-2018-3698
 	NOT-FOR-US: Intel
-CVE-2018-3697 (Improper directory permissions in the installer for the Intel Media ...)
+CVE-2018-3697
 	NOT-FOR-US: Intel
-CVE-2018-3696 (Authentication bypass in the Intel RAID Web Console 3 for Windows ...)
+CVE-2018-3696
 	NOT-FOR-US: Intel RAID Web Console
 CVE-2018-3695
 	RESERVED
 CVE-2018-3694
 	RESERVED
-CVE-2018-3693 (Systems with microprocessors utilizing speculative execution and ...)
+CVE-2018-3693
 	- linux <unfixed>
 	NOTE: https://access.redhat.com/solutions/3523601
 	NOTE: https://01.org/security/advisories/intel-oss-10002
 	NOTE: Speculative Bounds Checks Bypass with Store (BCBS)
 CVE-2018-3692
 	RESERVED
-CVE-2018-3691 (Some implementations in Intel Integrated Performance Primitives ...)
+CVE-2018-3691
 	NOT-FOR-US: Intel
 CVE-2018-3690
 	REJECTED
-CVE-2018-3689 (AESM daemon in Intel Software Guard Extensions Platform Software ...)
+CVE-2018-3689
 	NOT-FOR-US: Intel
-CVE-2018-3688 (Unquoted service paths in Intel Quartus Prime Programmer and Tools in ...)
+CVE-2018-3688
 	NOT-FOR-US: Intel
-CVE-2018-3687 (Unquoted service paths in Intel Quartus II Programmer and Tools in ...)
+CVE-2018-3687
 	NOT-FOR-US: Intel
-CVE-2018-3686 (Code injection vulnerability in INTEL-SA-00086 Detection Tool before ...)
+CVE-2018-3686
 	NOT-FOR-US: Intel
 CVE-2018-3685
 	RESERVED
-CVE-2018-3684 (Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 ...)
+CVE-2018-3684
 	NOT-FOR-US: Intel
-CVE-2018-3683 (Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 ...)
+CVE-2018-3683
 	NOT-FOR-US: Intel
-CVE-2018-3682 (BMC Firmware in Intel server boards, compute modules, and systems ...)
+CVE-2018-3682
 	NOT-FOR-US: Intel
 CVE-2018-3681
 	RESERVED
 CVE-2018-3680
 	RESERVED
-CVE-2018-3679 (Escalation of privilege in Reference UI in Intel Data Center Manager ...)
+CVE-2018-3679
 	NOT-FOR-US: Intel
 CVE-2018-3678
 	RESERVED
@@ -45161,21 +45151,21 @@ CVE-2018-3674
 	RESERVED
 CVE-2018-3673
 	RESERVED
-CVE-2018-3672 (Driver module in Intel Smart Sound Technology before version ...)
+CVE-2018-3672
 	NOT-FOR-US: Driver module in Intel Smart Sound Technology
-CVE-2018-3671 (Escalation of privilege in Intel Saffron admin application before 11.4 ...)
+CVE-2018-3671
 	NOT-FOR-US: Intel Saffron admin application
-CVE-2018-3670 (Driver module in Intel Smart Sound Technology before version ...)
+CVE-2018-3670
 	NOT-FOR-US: Driver module in Intel Smart Sound Technology
-CVE-2018-3669 (A STOP error (BSoD) in the ibtfltcoex.sys driver for Intel Centrino ...)
+CVE-2018-3669
 	NOT-FOR-US: Intel
-CVE-2018-3668 (Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) ...)
+CVE-2018-3668
 	NOT-FOR-US: Intel
-CVE-2018-3667 (Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets ...)
+CVE-2018-3667
 	NOT-FOR-US: Intel
-CVE-2018-3666 (Driver module in Intel Smart Sound Technology before version ...)
+CVE-2018-3666
 	NOT-FOR-US: Driver module in Intel Smart Sound Technology
-CVE-2018-3665 (System software utilizing Lazy FP state restore technique on systems ...)
+CVE-2018-3665
 	{DSA-4232-1 DLA-1422-1}
 	- linux 4.6.1-1
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8
@@ -45185,41 +45175,41 @@ CVE-2018-3665 (System software utilizing Lazy FP state restore technique on syst
 	NOTE: Hard-disable lazy FPU mode: https://git.kernel.org/linus/ca6938a1cd8a1c5e861a99b67f84ac166fc2b9e7
 CVE-2018-3664
 	RESERVED
-CVE-2018-3663 (Escalation of privilege in Intel Saffron MemoryBase before 11.4 allows ...)
+CVE-2018-3663
 	NOT-FOR-US: Intel Saffron MemoryBase
-CVE-2018-3662 (Escalation of privilege in Intel Saffron MemoryBase before version ...)
+CVE-2018-3662
 	NOT-FOR-US: Intel Saffron MemoryBase
-CVE-2018-3661 (Buffer overflow in Intel system Configuration utilities selview.exe ...)
+CVE-2018-3661
 	NOT-FOR-US: Intel
 CVE-2018-3660
 	RESERVED
-CVE-2018-3659 (A vulnerability in Intel PTT module in Intel CSME firmware before ...)
+CVE-2018-3659
 	NOT-FOR-US: Intel
-CVE-2018-3658 (Multiple memory leaks in Intel AMT in Intel CSME firmware versions ...)
+CVE-2018-3658
 	NOT-FOR-US: Intel
-CVE-2018-3657 (Multiple buffer overflows in Intel AMT in Intel CSME firmware versions ...)
+CVE-2018-3657
 	NOT-FOR-US: Intel
 CVE-2018-3656
 	RESERVED
-CVE-2018-3655 (A vulnerability in a subsystem in Intel CSME before version 11.21.55, ...)
+CVE-2018-3655
 	NOT-FOR-US: Intel
 CVE-2018-3654
 	RESERVED
 CVE-2018-3653
 	RESERVED
-CVE-2018-3652 (Existing UEFI setting restrictions for DCI (Direct Connect Interface) ...)
+CVE-2018-3652
 	NOT-FOR-US: Intel
 CVE-2018-3651
 	RESERVED
-CVE-2018-3650 (Insufficient Input Validation in Bleach module in INTEL Distribution ...)
+CVE-2018-3650
 	NOT-FOR-US: Intel
-CVE-2018-3649 (DLL injection vulnerability in the installation executables ...)
+CVE-2018-3649
 	NOT-FOR-US: Intel
 CVE-2018-3648
 	RESERVED
 CVE-2018-3647
 	RESERVED
-CVE-2018-3646 (Systems with microprocessors utilizing speculative execution and ...)
+CVE-2018-3646
 	{DSA-4279-1 DSA-4274-1 DLA-1481-1}
 	- linux 4.17.15-1
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
@@ -45231,17 +45221,17 @@ CVE-2018-3646 (Systems with microprocessors utilizing speculative execution and
 	NOTE: Updates were already shipped with 20180703 release, but only disclosed later, see #906158
 	NOTE: The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
 	NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
-CVE-2018-3645 (Escalation of privilege in all versions of the Intel Remote Keyboard ...)
+CVE-2018-3645
 	NOT-FOR-US: Intel
 CVE-2018-3644
 	RESERVED
-CVE-2018-3643 (A vulnerability in Power Management Controller firmware in systems ...)
+CVE-2018-3643
 	NOT-FOR-US: Intel
 CVE-2018-3642
 	RESERVED
-CVE-2018-3641 (Escalation of privilege in all versions of the Intel Remote Keyboard ...)
+CVE-2018-3641
 	NOT-FOR-US: Intel
-CVE-2018-3640 (Systems with microprocessors utilizing speculative execution and that ...)
+CVE-2018-3640
 	{DSA-4273-2 DSA-4273-1 DLA-1446-1}
 	- intel-microcode 3.20180703.1
 	NOTE: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
@@ -45249,7 +45239,7 @@ CVE-2018-3640 (Systems with microprocessors utilizing speculative execution and
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
 	NOTE: The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
 	NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
-CVE-2018-3639 (Systems with microprocessors utilizing speculative execution and ...)
+CVE-2018-3639
 	{DSA-4273-2 DSA-4273-1 DSA-4210-1 DLA-1715-1 DLA-1529-1 DLA-1446-1 DLA-1423-1}
 	- intel-microcode 3.20180703.1
 	- linux 4.16.12-1
@@ -45266,19 +45256,19 @@ CVE-2018-3639 (Systems with microprocessors utilizing speculative execution and
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=d19d1f965904a533998739698020ff4ee8a103da
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=cfeea0c021db6234c154dbc723730e81553924ff
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=403503b162ffc33fb64cfefdf7b880acf41772cd
-CVE-2018-3638 (Escalation of privilege in all versions of the Intel Remote Keyboard ...)
+CVE-2018-3638
 	NOT-FOR-US: Intel
 CVE-2018-3637
 	RESERVED
 CVE-2018-3636
 	RESERVED
-CVE-2018-3635 (Insufficient input validation in installer in Intel Rapid Store ...)
+CVE-2018-3635
 	NOT-FOR-US: Intel
-CVE-2018-3634 (Parameter corruption in NDIS filter driver in Intel Online Connect ...)
+CVE-2018-3634
 	NOT-FOR-US: Intel
 CVE-2018-3633
 	RESERVED
-CVE-2018-3632 (Memory corruption in Intel Active Management Technology in Intel ...)
+CVE-2018-3632
 	NOT-FOR-US: Intel
 CVE-2018-3631
 	RESERVED
@@ -45287,25 +45277,25 @@ CVE-2018-3630 [Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c]
 	- edk2 <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683653
 	NOTE: Non issue, no security impact
-CVE-2018-3629 (Buffer overflow in event handler in Intel Active Management Technology ...)
+CVE-2018-3629
 	NOT-FOR-US: Intel
-CVE-2018-3628 (Buffer overflow in HTTP handler in Intel Active Management Technology ...)
+CVE-2018-3628
 	NOT-FOR-US: Intel
-CVE-2018-3627 (Logic bug in Intel Converged Security Management Engine 11.x may allow ...)
+CVE-2018-3627
 	NOT-FOR-US: Intel
-CVE-2018-3626 (Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and ...)
+CVE-2018-3626
 	NOT-FOR-US: Intel
 CVE-2018-3625
 	RESERVED
-CVE-2018-3624 (Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, ...)
+CVE-2018-3624
 	NOT-FOR-US: Intel
 CVE-2018-3623
 	RESERVED
 CVE-2018-3622
 	RESERVED
-CVE-2018-3621 (Insufficient input validation in the Intel Driver &amp; Support Assistant ...)
+CVE-2018-3621
 	NOT-FOR-US: Intel
-CVE-2018-3620 (Systems with microprocessors utilizing speculative execution and ...)
+CVE-2018-3620
 	{DSA-4279-1 DSA-4274-1 DLA-1529-1 DLA-1481-1}
 	- linux 4.17.15-1
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
@@ -45317,15 +45307,15 @@ CVE-2018-3620 (Systems with microprocessors utilizing speculative execution and
 	NOTE: https://xenbits.xen.org/xsa/advisory-273.html
 	NOTE: The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
 	NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
-CVE-2018-3619 (Information disclosure vulnerability in storage media in systems with ...)
+CVE-2018-3619
 	NOT-FOR-US: Intel
 CVE-2018-3618
 	RESERVED
 CVE-2018-3617
 	REJECTED
-CVE-2018-3616 (Bleichenbacher-style side channel vulnerability in TLS implementation ...)
+CVE-2018-3616
 	NOT-FOR-US: Intel
-CVE-2018-3615 (Systems with microprocessors utilizing speculative execution and Intel ...)
+CVE-2018-3615
 	- intel-microcode 3.20180703.1
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
 	NOTE: https://foreshadowattack.eu/
@@ -45340,111 +45330,111 @@ CVE-2018-3613
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=415
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=44
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-authenticated-variable-bypass.html
-CVE-2018-3612 (Intel NUC kits with insufficient input validation in system firmware, ...)
+CVE-2018-3612
 	NOT-FOR-US: Intel
-CVE-2018-3611 (Bounds check vulnerability in User Mode Driver in Intel Graphics ...)
+CVE-2018-3611
 	NOT-FOR-US: Intel
-CVE-2018-3610 (SEMA driver in Intel Driver and Support Assistant before version 3.1.1 ...)
+CVE-2018-3610
 	NOT-FOR-US: Intel
-CVE-2018-3609 (A vulnerability in the Trend Micro InterScan Messaging Security ...)
+CVE-2018-3609
 	NOT-FOR-US: Trend Micro
-CVE-2018-3608 (A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 ...)
+CVE-2018-3608
 	NOT-FOR-US: Trend Micro
-CVE-2018-3607 (XXXTreeNode method SQL injection remote code execution (RCE) ...)
+CVE-2018-3607
 	NOT-FOR-US: Trend Micro
-CVE-2018-3606 (XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL ...)
+CVE-2018-3606
 	NOT-FOR-US: Trend Micro
-CVE-2018-3605 (TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code ...)
+CVE-2018-3605
 	NOT-FOR-US: Trend Micro
-CVE-2018-3604 (GetXXX method SQL injection remote code execution (RCE) ...)
+CVE-2018-3604
 	NOT-FOR-US: Trend Micro
-CVE-2018-3603 (A CGGIServlet SQL injection remote code execution (RCE) vulnerability ...)
+CVE-2018-3603
 	NOT-FOR-US: Trend Micro
-CVE-2018-3602 (An AdHocQuery_Processor SQL injection remote code execution (RCE) ...)
+CVE-2018-3602
 	NOT-FOR-US: Trend Micro
-CVE-2018-3601 (A password hash usage authentication bypass vulnerability in Trend ...)
+CVE-2018-3601
 	NOT-FOR-US: Trend Micro
-CVE-2018-3600 (A external entity processing information disclosure (XXE) ...)
+CVE-2018-3600
 	NOT-FOR-US: Trend Micro
-CVE-2018-3599 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3599
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3598 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3598
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3597 (In the ADSP RPC driver in Android releases from CAF using the linux ...)
+CVE-2018-3597
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3596 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3596
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3595 (Anti-rollback can be bypassed in replay scenario during app loading ...)
+CVE-2018-3595
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3594 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2018-3594
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3593 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2018-3593
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3592 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2018-3592
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3591 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2018-3591
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3590 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2018-3590
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3589 (In Android before security patch level 2018-04-05 on Qualcomm ...)
+CVE-2018-3589
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3588 (There is improper access control of the SSC and GPU mapped regions ...)
+CVE-2018-3588
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3587 (In a firmware memory dump feature in all Android releases from CAF ...)
+CVE-2018-3587
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3586 (An integer overflow to buffer overflow vulnerability exists in the ...)
+CVE-2018-3586
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3585
 	RESERVED
-CVE-2018-3584 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3584
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3583
 	RESERVED
-CVE-2018-3582 (Buffer overflow can occur due to improper input validation in multiple ...)
+CVE-2018-3582
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3581 (In the WLAN driver in all Android releases from CAF (Android for MSM, ...)
+CVE-2018-3581
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3580 (Stack-based buffer overflow can occur In the WLAN driver if the ...)
+CVE-2018-3580
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3579 (In the WLAN driver in all Android releases from CAF (Android for MSM, ...)
+CVE-2018-3579
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3578 (Type mismatch for ie_len can cause the WLAN driver to allocate less ...)
+CVE-2018-3578
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3577 (While processing fragments, when the fragment count becomes very ...)
+CVE-2018-3577
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3576 (improper validation of array index in WiFi driver function ...)
+CVE-2018-3576
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3575
 	RESERVED
-CVE-2018-3574 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-3574
 	- linux <not-affected> (Qualcomm specific changes)
-CVE-2018-3573 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
+CVE-2018-3573
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3572 (While processing a DSP buffer in an audio driver's event handler, an ...)
+CVE-2018-3572
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3571 (In the KGSL driver in all Android releases from CAF (Android for MSM, ...)
+CVE-2018-3571
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3570 (In the cpuidle driver in all Android releases(Android for MSM, Firefox ...)
+CVE-2018-3570
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3569 (A buffer over-read can occur during a fast initial link setup (FILS) ...)
+CVE-2018-3569
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3568 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3568
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3567 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3567
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3566 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3566
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3565 (While sending a probe request indication in ...)
+CVE-2018-3565
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3564 (In the FastRPC driver in Android releases from CAF using the linux ...)
+CVE-2018-3564
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3563 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+CVE-2018-3563
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3562 (Buffer over -read can occur while processing a FILS authentication ...)
+CVE-2018-3562
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3561 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2018-3561
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3560 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+CVE-2018-3560
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3559
 	RESERVED
@@ -45942,11 +45932,11 @@ CVE-2018-3313
 	RESERVED
 CVE-2018-3312
 	RESERVED
-CVE-2018-3311 (Vulnerability in the Oracle Retail Xstore Payment component of Oracle ...)
+CVE-2018-3311
 	NOT-FOR-US: Oracle
 CVE-2018-3310
 	RESERVED
-CVE-2018-3309 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3309
 	- virtualbox 5.2.22-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 CVE-2018-3308
@@ -45955,73 +45945,73 @@ CVE-2018-3307
 	RESERVED
 CVE-2018-3306
 	RESERVED
-CVE-2018-3305 (Vulnerability in the Oracle Application Testing Suite component of ...)
+CVE-2018-3305
 	NOT-FOR-US: Oracle
-CVE-2018-3304 (Vulnerability in the Oracle Application Testing Suite component of ...)
+CVE-2018-3304
 	NOT-FOR-US: Oracle
-CVE-2018-3303 (Vulnerability in the Enterprise Manager Base Platform component of ...)
+CVE-2018-3303
 	NOT-FOR-US: Oracle
-CVE-2018-3302 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3302
 	NOT-FOR-US: Oracle
-CVE-2018-3301 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3301
 	NOT-FOR-US: Oracle
 CVE-2018-3300
 	RESERVED
-CVE-2018-3299 (Vulnerability in the Oracle Text component of Oracle Database Server. ...)
+CVE-2018-3299
 	NOT-FOR-US: Oracle
-CVE-2018-3298 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3298
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3297 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3297
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3296 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3296
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3295 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3295
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3294 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3294
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3293 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3293
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3292 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3292
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3291 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3291
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3290 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3290
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3289 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3289
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3288 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3288
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3287 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3287
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3286 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3286
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3285 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3285
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3284 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3284
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3283 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3283
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3282 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3282
 	{DSA-4341-1 DLA-1570-1 DLA-1566-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46029,78 +46019,78 @@ CVE-2018-3282 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB: 10.1.37, 10.0.37
-CVE-2018-3281 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2018-3281
 	NOT-FOR-US: Oracle
-CVE-2018-3280 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3280
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3279 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3279
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3278 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3278
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3277 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3277
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3276 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3276
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3275 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3275
 	NOT-FOR-US: Oracle
-CVE-2018-3274 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3274
 	NOT-FOR-US: Oracle
-CVE-2018-3273 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3273
 	NOT-FOR-US: Oracle
-CVE-2018-3272 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3272
 	NOT-FOR-US: Oracle
-CVE-2018-3271 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3271
 	NOT-FOR-US: Oracle
-CVE-2018-3270 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3270
 	NOT-FOR-US: Oracle
-CVE-2018-3269 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3269
 	NOT-FOR-US: Oracle
-CVE-2018-3268 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3268
 	NOT-FOR-US: Oracle
-CVE-2018-3267 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3267
 	NOT-FOR-US: Oracle
-CVE-2018-3266 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3266
 	NOT-FOR-US: Oracle
-CVE-2018-3265 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3265
 	NOT-FOR-US: Oracle
-CVE-2018-3264 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3264
 	NOT-FOR-US: Oracle
-CVE-2018-3263 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3263
 	NOT-FOR-US: Oracle
-CVE-2018-3262 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3262
 	NOT-FOR-US: Oracle
-CVE-2018-3261 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3261
 	NOT-FOR-US: Oracle
 CVE-2018-3260
 	RESERVED
-CVE-2018-3259 (Vulnerability in the Java VM component of Oracle Database Server. ...)
+CVE-2018-3259
 	NOT-FOR-US: Oracle
-CVE-2018-3258 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2018-3258
 	- mysql-connector-java <not-affected> (Only affects 8.x, bug #912916)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
-CVE-2018-3257 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3257
 	NOT-FOR-US: Oracle
-CVE-2018-3256 (Vulnerability in the Oracle Email Center component of Oracle ...)
+CVE-2018-3256
 	NOT-FOR-US: Oracle
-CVE-2018-3255 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3255
 	NOT-FOR-US: Oracle
-CVE-2018-3254 (Vulnerability in the Oracle WebCenter Portal component of Oracle ...)
+CVE-2018-3254
 	NOT-FOR-US: Oracle
-CVE-2018-3253 (Vulnerability in the Oracle Virtual Directory component of Oracle ...)
+CVE-2018-3253
 	NOT-FOR-US: Oracle
-CVE-2018-3252 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3252
 	NOT-FOR-US: Oracle
-CVE-2018-3251 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3251
 	{DSA-4341-1 DLA-1570-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46108,187 +46098,187 @@ CVE-2018-3251 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3250 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3250
 	NOT-FOR-US: Oracle
-CVE-2018-3249 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3249
 	NOT-FOR-US: Oracle
-CVE-2018-3248 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3248
 	NOT-FOR-US: Oracle
-CVE-2018-3247 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3247
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3246 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3246
 	NOT-FOR-US: Oracle
-CVE-2018-3245 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3245
 	NOT-FOR-US: Oracle
-CVE-2018-3244 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-3244
 	NOT-FOR-US: Oracle
-CVE-2018-3243 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
+CVE-2018-3243
 	NOT-FOR-US: Oracle
-CVE-2018-3242 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2018-3242
 	NOT-FOR-US: Oracle
-CVE-2018-3241 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2018-3241
 	NOT-FOR-US: Oracle
 CVE-2018-3240
 	RESERVED
-CVE-2018-3239 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3239
 	NOT-FOR-US: Oracle
-CVE-2018-3238 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2018-3238
 	NOT-FOR-US: Oracle
-CVE-2018-3237 (Vulnerability in the Oracle Applications Manager component of Oracle ...)
+CVE-2018-3237
 	NOT-FOR-US: Oracle
-CVE-2018-3236 (Vulnerability in the Oracle User Management component of Oracle ...)
+CVE-2018-3236
 	NOT-FOR-US: Oracle
-CVE-2018-3235 (Vulnerability in the Oracle Applications Manager component of Oracle ...)
+CVE-2018-3235
 	NOT-FOR-US: Oracle
-CVE-2018-3234 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3234
 	NOT-FOR-US: Oracle
-CVE-2018-3233 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3233
 	NOT-FOR-US: Oracle
-CVE-2018-3232 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3232
 	NOT-FOR-US: Oracle
-CVE-2018-3231 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3231
 	NOT-FOR-US: Oracle
-CVE-2018-3230 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3230
 	NOT-FOR-US: Oracle
-CVE-2018-3229 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3229
 	NOT-FOR-US: Oracle
-CVE-2018-3228 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3228
 	NOT-FOR-US: Oracle
-CVE-2018-3227 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3227
 	NOT-FOR-US: Oracle
-CVE-2018-3226 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3226
 	NOT-FOR-US: Oracle
-CVE-2018-3225 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3225
 	NOT-FOR-US: Oracle
-CVE-2018-3224 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3224
 	NOT-FOR-US: Oracle
-CVE-2018-3223 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3223
 	NOT-FOR-US: Oracle
-CVE-2018-3222 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3222
 	NOT-FOR-US: Oracle
-CVE-2018-3221 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3221
 	NOT-FOR-US: Oracle
-CVE-2018-3220 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3220
 	NOT-FOR-US: Oracle
-CVE-2018-3219 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3219
 	NOT-FOR-US: Oracle
-CVE-2018-3218 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3218
 	NOT-FOR-US: Oracle
-CVE-2018-3217 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3217
 	NOT-FOR-US: Oracle
 CVE-2018-3216
 	RESERVED
-CVE-2018-3215 (Vulnerability in the Oracle Endeca Information Discovery Integrator ...)
+CVE-2018-3215
 	NOT-FOR-US: Oracle
-CVE-2018-3214 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-3214
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
-CVE-2018-3213 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3213
 	NOT-FOR-US: Oracle
-CVE-2018-3212 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3212
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3211 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-3211
 	- openjdk-8 <not-affected> (Specific to Oracle Java)
-CVE-2018-3210 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2018-3210
 	NOT-FOR-US: Oracle
-CVE-2018-3209 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-3209
 	- openjfx 11+26-1
 	[stretch] - openjfx <ignored> (Specific details withheld by Oracle, impossible to fix)
 	NOTE: CPU marks this as only affecting 8.x, so marking first 11 upload as fixed
-CVE-2018-3208 (Vulnerability in the Hyperion Data Relationship Management component ...)
+CVE-2018-3208
 	NOT-FOR-US: Oracle
-CVE-2018-3207 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3207
 	NOT-FOR-US: Oracle
-CVE-2018-3206 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3206
 	NOT-FOR-US: Oracle
-CVE-2018-3205 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3205
 	NOT-FOR-US: Oracle
-CVE-2018-3204 (Vulnerability in the Oracle Business Intelligence Enterprise Edition ...)
+CVE-2018-3204
 	NOT-FOR-US: Oracle
-CVE-2018-3203 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3203
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3202 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3202
 	NOT-FOR-US: Oracle
-CVE-2018-3201 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3201
 	NOT-FOR-US: Oracle
-CVE-2018-3200 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3200
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3199
 	RESERVED
-CVE-2018-3198 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3198
 	NOT-FOR-US: Oracle
-CVE-2018-3197 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3197
 	NOT-FOR-US: Oracle
-CVE-2018-3196 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2018-3196
 	NOT-FOR-US: Oracle
-CVE-2018-3195 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3195
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3194 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3194
 	NOT-FOR-US: Oracle
-CVE-2018-3193 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3193
 	NOT-FOR-US: Oracle
-CVE-2018-3192 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3192
 	NOT-FOR-US: Oracle
-CVE-2018-3191 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-3191
 	NOT-FOR-US: Oracle
-CVE-2018-3190 (Vulnerability in the Oracle E-Business Intelligence component of ...)
+CVE-2018-3190
 	NOT-FOR-US: Oracle
-CVE-2018-3189 (Vulnerability in the Oracle Customer Interaction History component of ...)
+CVE-2018-3189
 	NOT-FOR-US: Oracle
-CVE-2018-3188 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2018-3188
 	NOT-FOR-US: Oracle
-CVE-2018-3187 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3187
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3186 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3186
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3185 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3185
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3184 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion ...)
+CVE-2018-3184
 	NOT-FOR-US: Oracle
-CVE-2018-3183 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-3183
 	{DSA-4326-1}
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
-CVE-2018-3182 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3182
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3181 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2018-3181
 	NOT-FOR-US: Oracle
-CVE-2018-3180 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-3180
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3179 (Vulnerability in the Oracle Identity Manager component of Oracle ...)
+CVE-2018-3179
 	NOT-FOR-US: Oracle
-CVE-2018-3178 (Vulnerability in the Hyperion Common Events component of Oracle ...)
+CVE-2018-3178
 	NOT-FOR-US: Oracle
-CVE-2018-3177 (Vulnerability in the Hyperion Common Events component of Oracle ...)
+CVE-2018-3177
 	NOT-FOR-US: Oracle
-CVE-2018-3176 (Vulnerability in the Hyperion Common Events component of Oracle ...)
+CVE-2018-3176
 	NOT-FOR-US: Oracle
-CVE-2018-3175 (Vulnerability in the Hyperion Common Events component of Oracle ...)
+CVE-2018-3175
 	NOT-FOR-US: Oracle
-CVE-2018-3174 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3174
 	{DSA-4341-1 DLA-1570-1 DLA-1566-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46296,55 +46286,55 @@ CVE-2018-3174 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3173 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3173
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3172 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-3172
 	NOT-FOR-US: Oracle
-CVE-2018-3171 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3171
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3170 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3170
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3169 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-3169
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3168 (Vulnerability in the Oracle Identity Analytics component of Oracle ...)
+CVE-2018-3168
 	NOT-FOR-US: Oracle
-CVE-2018-3167 (Vulnerability in the Application Management Pack for Oracle E-Business ...)
+CVE-2018-3167
 	NOT-FOR-US: Oracle
-CVE-2018-3166 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2018-3166
 	NOT-FOR-US: Oracle
-CVE-2018-3165 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3165
 	NOT-FOR-US: Oracle
-CVE-2018-3164 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3164
 	NOT-FOR-US: Oracle
-CVE-2018-3163 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2018-3163
 	NOT-FOR-US: Oracle
-CVE-2018-3162 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3162
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3161 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3161
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3160 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2018-3160
 	NOT-FOR-US: Oracle
-CVE-2018-3159 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2018-3159
 	NOT-FOR-US: Oracle
-CVE-2018-3158 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2018-3158
 	NOT-FOR-US: Oracle
-CVE-2018-3157 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-3157
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3156 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3156
 	{DSA-4341-1 DLA-1570-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46352,42 +46342,42 @@ CVE-2018-3156 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3155 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3155
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3154 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3154
 	NOT-FOR-US: Oracle
-CVE-2018-3153 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3153
 	NOT-FOR-US: Oracle
-CVE-2018-3152 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2018-3152
 	NOT-FOR-US: Oracle
-CVE-2018-3151 (Vulnerability in the Oracle iProcurement component of Oracle ...)
+CVE-2018-3151
 	NOT-FOR-US: Oracle
-CVE-2018-3150 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-3150
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3149 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-3149
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3148 (Vulnerability in the Primavera Unifier component of Oracle ...)
+CVE-2018-3148
 	NOT-FOR-US: Oracle
-CVE-2018-3147 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3147
 	NOT-FOR-US: Oracle
-CVE-2018-3146 (Vulnerability in the Oracle iLearning component of Oracle iLearning ...)
+CVE-2018-3146
 	NOT-FOR-US: Oracle
-CVE-2018-3145 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3145
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3144 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3144
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3143 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3143
 	{DSA-4341-1 DLA-1570-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46395,60 +46385,60 @@ CVE-2018-3143 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3142 (Vulnerability in the Hyperion Essbase Administration Services ...)
+CVE-2018-3142
 	NOT-FOR-US: Oracle
-CVE-2018-3141 (Vulnerability in the Hyperion Essbase Administration Services ...)
+CVE-2018-3141
 	NOT-FOR-US: Oracle
-CVE-2018-3140 (Vulnerability in the Hyperion Essbase Administration Services ...)
+CVE-2018-3140
 	NOT-FOR-US: Oracle
-CVE-2018-3139 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-3139
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3138 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-3138
 	NOT-FOR-US: Oracle
-CVE-2018-3137 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3137
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3136 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-3136
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3135 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3135
 	NOT-FOR-US: Oracle
-CVE-2018-3134 (Vulnerability in the Oracle Agile Product Lifecycle Management for ...)
+CVE-2018-3134
 	NOT-FOR-US: Oracle
-CVE-2018-3133 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3133
 	{DLA-1566-1}
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <removed>
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3132 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3132
 	NOT-FOR-US: Oracle
-CVE-2018-3131 (Vulnerability in the Oracle Hospitality Gift and Loyalty component of ...)
+CVE-2018-3131
 	NOT-FOR-US: Oracle
-CVE-2018-3130 (Vulnerability in the PeopleSoft Enterprise Interaction Hub component ...)
+CVE-2018-3130
 	NOT-FOR-US: Oracle
-CVE-2018-3129 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3129
 	NOT-FOR-US: Oracle
-CVE-2018-3128 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2018-3128
 	NOT-FOR-US: Oracle
-CVE-2018-3127 (Vulnerability in the Oracle Demantra Demand Management component of ...)
+CVE-2018-3127
 	NOT-FOR-US: Oracle
-CVE-2018-3126 (Vulnerability in the Oracle Retail Xstore Point of Service component ...)
+CVE-2018-3126
 	NOT-FOR-US: Oracle
-CVE-2018-3125 (Vulnerability in the Oracle Retail Merchandising System component of ...)
+CVE-2018-3125
 	NOT-FOR-US: Oracle
 CVE-2018-3124
 	RESERVED
 CVE-2018-3123
 	RESERVED
-CVE-2018-3122 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
+CVE-2018-3122
 	NOT-FOR-US: Oracle
 CVE-2018-3121
 	RESERVED
@@ -46462,7 +46452,7 @@ CVE-2018-3117
 	RESERVED
 CVE-2018-3116
 	RESERVED
-CVE-2018-3115 (Vulnerability in the Oracle Retail Sales Audit component of Oracle ...)
+CVE-2018-3115
 	NOT-FOR-US: Oracle
 CVE-2018-3114
 	RESERVED
@@ -46472,500 +46462,500 @@ CVE-2018-3112
 	RESERVED
 CVE-2018-3111
 	RESERVED
-CVE-2018-3110 (A vulnerability was discovered in the Java VM component of Oracle ...)
+CVE-2018-3110
 	NOT-FOR-US: Oracle
-CVE-2018-3109 (Vulnerability in the Oracle Fusion Middleware MapViewer component of ...)
+CVE-2018-3109
 	NOT-FOR-US: Oracle
-CVE-2018-3108 (Vulnerability in the Oracle Fusion Middleware component of Oracle ...)
+CVE-2018-3108
 	NOT-FOR-US: Oracle
 CVE-2018-3107
 	RESERVED
 CVE-2018-3106
 	RESERVED
-CVE-2018-3105 (Vulnerability in the Oracle SOA Suite component of Oracle Fusion ...)
+CVE-2018-3105
 	NOT-FOR-US: Oracle
-CVE-2018-3104 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3104
 	NOT-FOR-US: Oracle
-CVE-2018-3103 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3103
 	NOT-FOR-US: Oracle
-CVE-2018-3102 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3102
 	NOT-FOR-US: Oracle
-CVE-2018-3101 (Vulnerability in the Oracle WebCenter Portal component of Oracle ...)
+CVE-2018-3101
 	NOT-FOR-US: Oracle
-CVE-2018-3100 (Vulnerability in the Oracle Business Process Management Suite ...)
+CVE-2018-3100
 	NOT-FOR-US: Oracle
-CVE-2018-3099 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3099
 	NOT-FOR-US: Oracle
-CVE-2018-3098 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3098
 	NOT-FOR-US: Oracle
-CVE-2018-3097 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3097
 	NOT-FOR-US: Oracle
-CVE-2018-3096 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3096
 	NOT-FOR-US: Oracle
-CVE-2018-3095 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3095
 	NOT-FOR-US: Oracle
-CVE-2018-3094 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3094
 	NOT-FOR-US: Oracle
-CVE-2018-3093 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3093
 	NOT-FOR-US: Oracle
-CVE-2018-3092 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3092
 	NOT-FOR-US: Oracle
-CVE-2018-3091 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3091
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3090 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3090
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3089 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3089
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3088 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3088
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3087 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3087
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3086 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3086
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3085 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3085
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3084 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3084
 	NOT-FOR-US: Oracle MySQL 8
 CVE-2018-3083
 	RESERVED
-CVE-2018-3082 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3082
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3081 (Vulnerability in the MySQL Client component of Oracle MySQL ...)
+CVE-2018-3081
 	{DSA-4341-1 DLA-1566-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB: 10.2.15, 10.1.33, 10.0.35
-CVE-2018-3080 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3080
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3079 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3079
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3078 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3078
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3077 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3077
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3076 (Vulnerability in the PeopleSoft Enterprise CS Financial Aid component ...)
+CVE-2018-3076
 	NOT-FOR-US: Oracle
-CVE-2018-3075 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3075
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3074 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3074
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3073 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3073
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3072 (Vulnerability in the PeopleSoft HRMS component of Oracle PeopleSoft ...)
+CVE-2018-3072
 	NOT-FOR-US: Oracle
-CVE-2018-3071 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3071
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3070 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3070
 	{DLA-1566-1}
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
-CVE-2018-3069 (Vulnerability in the Oracle Agile Product Lifecycle Management for ...)
+CVE-2018-3069
 	NOT-FOR-US: Oracle
-CVE-2018-3068 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources ...)
+CVE-2018-3068
 	NOT-FOR-US: Oracle
-CVE-2018-3067 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3067
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3066 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3066
 	{DSA-4341-1 DLA-1566-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
 	NOTE: MariaDB fixed in 10.0.36, 10.1.35
-CVE-2018-3065 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3065
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3064 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3064
 	{DSA-4341-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	NOTE: MariaDB: Fixed in 10.0.36, 10.1.35
-CVE-2018-3063 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3063
 	{DSA-4341-1 DLA-1566-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.5 <removed>
 	NOTE: MariaDB: Fixed in 10.0.36, 10.1.35
-CVE-2018-3062 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3062
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3061 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3061
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3060 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3060
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3059 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2018-3059
 	NOT-FOR-US: Oracle
-CVE-2018-3058 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3058
 	{DSA-4341-1 DLA-1566-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
 	NOTE: MariaDB fixed in 10.0.36, 10.1.35
-CVE-2018-3057 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-3057
 	NOT-FOR-US: Oracle
-CVE-2018-3056 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3056
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3055 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3055
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3054 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-3054
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3053 (Vulnerability in the Oracle Retail Customer Management and ...)
+CVE-2018-3053
 	NOT-FOR-US: Oracle
-CVE-2018-3052 (Vulnerability in the MICROS Relate CRM Software component of Oracle ...)
+CVE-2018-3052
 	NOT-FOR-US: Oracle
-CVE-2018-3051 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3051
 	NOT-FOR-US: Oracle
-CVE-2018-3050 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3050
 	NOT-FOR-US: Oracle
-CVE-2018-3049 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3049
 	NOT-FOR-US: Oracle
-CVE-2018-3048 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3048
 	NOT-FOR-US: Oracle
-CVE-2018-3047 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3047
 	NOT-FOR-US: Oracle
-CVE-2018-3046 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3046
 	NOT-FOR-US: Oracle
-CVE-2018-3045 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3045
 	NOT-FOR-US: Oracle
-CVE-2018-3044 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3044
 	NOT-FOR-US: Oracle
-CVE-2018-3043 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3043
 	NOT-FOR-US: Oracle
-CVE-2018-3042 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3042
 	NOT-FOR-US: Oracle
-CVE-2018-3041 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3041
 	NOT-FOR-US: Oracle
-CVE-2018-3040 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3040
 	NOT-FOR-US: Oracle
-CVE-2018-3039 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3039
 	NOT-FOR-US: Oracle
-CVE-2018-3038 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3038
 	NOT-FOR-US: Oracle
-CVE-2018-3037 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-3037
 	NOT-FOR-US: Oracle
-CVE-2018-3036 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-3036
 	NOT-FOR-US: Oracle
-CVE-2018-3035 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3035
 	NOT-FOR-US: Oracle
-CVE-2018-3034 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3034
 	NOT-FOR-US: Oracle
-CVE-2018-3033 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3033
 	NOT-FOR-US: Oracle
-CVE-2018-3032 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3032
 	NOT-FOR-US: Oracle
-CVE-2018-3031 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3031
 	NOT-FOR-US: Oracle
-CVE-2018-3030 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3030
 	NOT-FOR-US: Oracle
-CVE-2018-3029 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3029
 	NOT-FOR-US: Oracle
-CVE-2018-3028 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-3028
 	NOT-FOR-US: Oracle
-CVE-2018-3027 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3027
 	NOT-FOR-US: Oracle
-CVE-2018-3026 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3026
 	NOT-FOR-US: Oracle
-CVE-2018-3025 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3025
 	NOT-FOR-US: Oracle
-CVE-2018-3024 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3024
 	NOT-FOR-US: Oracle
-CVE-2018-3023 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3023
 	NOT-FOR-US: Oracle
-CVE-2018-3022 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3022
 	NOT-FOR-US: Oracle
-CVE-2018-3021 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3021
 	NOT-FOR-US: Oracle
-CVE-2018-3020 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-3020
 	NOT-FOR-US: Oracle
-CVE-2018-3019 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-3019
 	NOT-FOR-US: Oracle
-CVE-2018-3018 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2018-3018
 	NOT-FOR-US: Oracle
-CVE-2018-3017 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2018-3017
 	NOT-FOR-US: Oracle
-CVE-2018-3016 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-3016
 	NOT-FOR-US: Oracle
-CVE-2018-3015 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-3015
 	NOT-FOR-US: Oracle
-CVE-2018-3014 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2018-3014
 	NOT-FOR-US: Oracle
-CVE-2018-3013 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2018-3013
 	NOT-FOR-US: Oracle
-CVE-2018-3012 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+CVE-2018-3012
 	NOT-FOR-US: Oracle
-CVE-2018-3011 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+CVE-2018-3011
 	NOT-FOR-US: Oracle
-CVE-2018-3010 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3010
 	NOT-FOR-US: Oracle
-CVE-2018-3009 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-3009
 	NOT-FOR-US: Oracle
-CVE-2018-3008 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2018-3008
 	NOT-FOR-US: Oracle
-CVE-2018-3007 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
+CVE-2018-3007
 	NOT-FOR-US: Oracle
-CVE-2018-3006 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-3006
 	NOT-FOR-US: Oracle
-CVE-2018-3005 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-3005
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3004 (Vulnerability in the Java VM component of Oracle Database Server. ...)
+CVE-2018-3004
 	NOT-FOR-US: Oracle
-CVE-2018-3003 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
+CVE-2018-3003
 	NOT-FOR-US: Oracle
-CVE-2018-3002 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
+CVE-2018-3002
 	NOT-FOR-US: Oracle
-CVE-2018-3001 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2018-3001
 	NOT-FOR-US: Oracle
-CVE-2018-3000 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2018-3000
 	NOT-FOR-US: Oracle
-CVE-2018-2999 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2999
 	NOT-FOR-US: Oracle
-CVE-2018-2998 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2998
 	NOT-FOR-US: Oracle
-CVE-2018-2997 (Vulnerability in the Oracle Scripting component of Oracle E-Business ...)
+CVE-2018-2997
 	NOT-FOR-US: Oracle
-CVE-2018-2996 (Vulnerability in the Oracle Applications Manager component of Oracle ...)
+CVE-2018-2996
 	NOT-FOR-US: Oracle
-CVE-2018-2995 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2018-2995
 	NOT-FOR-US: Oracle
-CVE-2018-2994 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2018-2994
 	NOT-FOR-US: Oracle
-CVE-2018-2993 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2018-2993
 	NOT-FOR-US: Oracle
-CVE-2018-2992 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-2992
 	NOT-FOR-US: Oracle
-CVE-2018-2991 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+CVE-2018-2991
 	NOT-FOR-US: Oracle
-CVE-2018-2990 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2990
 	NOT-FOR-US: Oracle
-CVE-2018-2989 (Vulnerability in the Oracle iLearning component of Oracle iLearning ...)
+CVE-2018-2989
 	NOT-FOR-US: Oracle
-CVE-2018-2988 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2018-2988
 	NOT-FOR-US: Oracle
-CVE-2018-2987 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2987
 	NOT-FOR-US: Oracle
-CVE-2018-2986 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2986
 	NOT-FOR-US: Oracle
-CVE-2018-2985 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2985
 	NOT-FOR-US: Oracle
-CVE-2018-2984 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
+CVE-2018-2984
 	NOT-FOR-US: Oracle
 CVE-2018-2983
 	RESERVED
-CVE-2018-2982 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2982
 	NOT-FOR-US: Oracle
-CVE-2018-2981 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2981
 	NOT-FOR-US: Oracle
-CVE-2018-2980 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2980
 	NOT-FOR-US: Oracle
-CVE-2018-2979 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2979
 	NOT-FOR-US: Oracle
-CVE-2018-2978 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2978
 	NOT-FOR-US: Oracle
-CVE-2018-2977 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2977
 	NOT-FOR-US: Oracle
-CVE-2018-2976 (Vulnerability in the Enterprise Manager Ops Center component of Oracle ...)
+CVE-2018-2976
 	NOT-FOR-US: Oracle
-CVE-2018-2975 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2975
 	NOT-FOR-US: Oracle
-CVE-2018-2974 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2974
 	NOT-FOR-US: Oracle
-CVE-2018-2973 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2973
 	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-10 <not-affected> (Apparently specific to Oracle Java)
-CVE-2018-2972 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2972
 	- openjdk-10 10.0.2+13-1
-CVE-2018-2971 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
+CVE-2018-2971
 	NOT-FOR-US: Oracle
-CVE-2018-2970 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2970
 	NOT-FOR-US: Oracle
-CVE-2018-2969 (Vulnerability in the Primavera Unifier component of Oracle ...)
+CVE-2018-2969
 	NOT-FOR-US: Oracle
-CVE-2018-2968 (Vulnerability in the Primavera Unifier component of Oracle ...)
+CVE-2018-2968
 	NOT-FOR-US: Oracle
-CVE-2018-2967 (Vulnerability in the Primavera Unifier component of Oracle ...)
+CVE-2018-2967
 	NOT-FOR-US: Oracle
-CVE-2018-2966 (Vulnerability in the Primavera Unifier component of Oracle ...)
+CVE-2018-2966
 	NOT-FOR-US: Oracle
-CVE-2018-2965 (Vulnerability in the Primavera Unifier component of Oracle ...)
+CVE-2018-2965
 	NOT-FOR-US: Oracle
-CVE-2018-2964 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2964
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-10 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2018-2963 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2018-2963
 	NOT-FOR-US: Oracle
-CVE-2018-2962 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2018-2962
 	NOT-FOR-US: Oracle
-CVE-2018-2961 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2018-2961
 	NOT-FOR-US: Oracle
-CVE-2018-2960 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2018-2960
 	NOT-FOR-US: Oracle
-CVE-2018-2959 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+CVE-2018-2959
 	NOT-FOR-US: Oracle
-CVE-2018-2958 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2018-2958
 	NOT-FOR-US: Oracle
-CVE-2018-2957 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2018-2957
 	NOT-FOR-US: Oracle
-CVE-2018-2956 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2018-2956
 	NOT-FOR-US: Oracle
-CVE-2018-2955 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+CVE-2018-2955
 	NOT-FOR-US: Oracle
-CVE-2018-2954 (Vulnerability in the Oracle Order Management component of Oracle ...)
+CVE-2018-2954
 	NOT-FOR-US: Oracle
-CVE-2018-2953 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2018-2953
 	NOT-FOR-US: Oracle
-CVE-2018-2952 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2952
 	{DSA-4268-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-1
 	- openjdk-10 10.0.2+13-1
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/baac18e216fb
-CVE-2018-2951 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2951
 	NOT-FOR-US: Oracle
-CVE-2018-2950 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2950
 	NOT-FOR-US: Oracle
-CVE-2018-2949 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2949
 	NOT-FOR-US: Oracle
-CVE-2018-2948 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2948
 	NOT-FOR-US: Oracle
-CVE-2018-2947 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2947
 	NOT-FOR-US: Oracle
-CVE-2018-2946 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2946
 	NOT-FOR-US: Oracle
-CVE-2018-2945 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2945
 	NOT-FOR-US: Oracle
-CVE-2018-2944 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2944
 	NOT-FOR-US: Oracle
-CVE-2018-2943 (Vulnerability in the Oracle Fusion Middleware MapViewer component of ...)
+CVE-2018-2943
 	NOT-FOR-US: Oracle
-CVE-2018-2942 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2942
 	- openjdk-7 <not-affected> (Windows-specific)
 	- openjdk-8 <not-affected> (Windows-specific)
-CVE-2018-2941 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2941
 	- openjfx 11+26-1 (bug #905215)
 	[stretch] - openjfx <ignored> (Specific details withheld by Oracle, impossible to fix)
-CVE-2018-2940 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2940
 	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-10 <not-affected> (Apparently specific to Oracle Java)
-CVE-2018-2939 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
+CVE-2018-2939
 	NOT-FOR-US: Oracle
-CVE-2018-2938 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2938
 	- openjdk-7 <not-affected> (Specific to Oracle Java, OpenJDK doesn't bundle Derby)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, OpenJDK doesn't bundle Derby)
-CVE-2018-2937 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2937
 	NOT-FOR-US: Oracle
-CVE-2018-2936 (Vulnerability in the Oracle Communications Messaging Server component ...)
+CVE-2018-2936
 	NOT-FOR-US: Oracle
-CVE-2018-2935 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2935
 	NOT-FOR-US: Oracle
-CVE-2018-2934 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-2934
 	NOT-FOR-US: Oracle
-CVE-2018-2933 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2933
 	NOT-FOR-US: Oracle
-CVE-2018-2932 (Vulnerability in the Oracle SuperCluster Specific Software component ...)
+CVE-2018-2932
 	NOT-FOR-US: Oracle
 CVE-2018-2931
 	RESERVED
-CVE-2018-2930 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems ...)
+CVE-2018-2930
 	NOT-FOR-US: Oracle
-CVE-2018-2929 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2929
 	NOT-FOR-US: Oracle
-CVE-2018-2928 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2928
 	NOT-FOR-US: Oracle
-CVE-2018-2927 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2927
 	NOT-FOR-US: Oracle
-CVE-2018-2926 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2926
 	NOT-FOR-US: Oracle
-CVE-2018-2925 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2018-2925
 	NOT-FOR-US: Oracle
-CVE-2018-2924 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2924
 	NOT-FOR-US: Oracle
-CVE-2018-2923 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2923
 	NOT-FOR-US: Oracle
-CVE-2018-2922 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2922
 	NOT-FOR-US: Oracle
-CVE-2018-2921 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2921
 	NOT-FOR-US: Oracle
-CVE-2018-2920 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2920
 	NOT-FOR-US: Oracle
-CVE-2018-2919 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2919
 	NOT-FOR-US: Oracle
-CVE-2018-2918 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2918
 	NOT-FOR-US: Oracle
-CVE-2018-2917 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2917
 	NOT-FOR-US: Oracle
-CVE-2018-2916 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2916
 	NOT-FOR-US: Oracle
-CVE-2018-2915 (Vulnerability in the Hyperion Data Relationship Management component ...)
+CVE-2018-2915
 	NOT-FOR-US: Oracle
-CVE-2018-2914 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate ...)
+CVE-2018-2914
 	NOT-FOR-US: Oracle
-CVE-2018-2913 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate ...)
+CVE-2018-2913
 	NOT-FOR-US: Oracle
-CVE-2018-2912 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate ...)
+CVE-2018-2912
 	NOT-FOR-US: Oracle
-CVE-2018-2911 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
+CVE-2018-2911
 	NOT-FOR-US: Oracle
 CVE-2018-2910
 	RESERVED
-CVE-2018-2909 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2909
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-2908 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2908
 	NOT-FOR-US: Oracle
-CVE-2018-2907 (Vulnerability in the Hyperion Financial Reporting component of Oracle ...)
+CVE-2018-2907
 	NOT-FOR-US: Oracle
-CVE-2018-2906 (Vulnerability in the Hardware Management Pack component of Oracle Sun ...)
+CVE-2018-2906
 	NOT-FOR-US: Oracle
-CVE-2018-2905 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2905
 	NOT-FOR-US: Oracle
-CVE-2018-2904 (Vulnerability in the Oracle Communications EAGLE LNP Application ...)
+CVE-2018-2904
 	NOT-FOR-US: Oracle
-CVE-2018-2903 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2903
 	NOT-FOR-US: Oracle
-CVE-2018-2902 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2902
 	NOT-FOR-US: Oracle
-CVE-2018-2901 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2901
 	NOT-FOR-US: Oracle
-CVE-2018-2900 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+CVE-2018-2900
 	NOT-FOR-US: Oracle
-CVE-2018-2899 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2899
 	NOT-FOR-US: Oracle
-CVE-2018-2898 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+CVE-2018-2898
 	NOT-FOR-US: Oracle
-CVE-2018-2897 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+CVE-2018-2897
 	NOT-FOR-US: Oracle
-CVE-2018-2896 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-2896
 	NOT-FOR-US: Oracle
-CVE-2018-2895 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2895
 	NOT-FOR-US: Oracle
-CVE-2018-2894 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2894
 	NOT-FOR-US: Oracle
-CVE-2018-2893 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2893
 	NOT-FOR-US: Oracle
-CVE-2018-2892 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2892
 	NOT-FOR-US: Oracle
-CVE-2018-2891 (Vulnerability in the Oracle Retail Bulk Data Integration component of ...)
+CVE-2018-2891
 	NOT-FOR-US: Oracle
 CVE-2018-2890
 	RESERVED
-CVE-2018-2889 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+CVE-2018-2889
 	NOT-FOR-US: Oracle
-CVE-2018-2888 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+CVE-2018-2888
 	NOT-FOR-US: Oracle
-CVE-2018-2887 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+CVE-2018-2887
 	NOT-FOR-US: Oracle
 CVE-2018-2886
 	RESERVED
@@ -46975,158 +46965,158 @@ CVE-2018-2884
 	RESERVED
 CVE-2018-2883
 	RESERVED
-CVE-2018-2882 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+CVE-2018-2882
 	NOT-FOR-US: Oracle
-CVE-2018-2881 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+CVE-2018-2881
 	NOT-FOR-US: Oracle
 CVE-2018-2880
 	RESERVED
-CVE-2018-2879 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)
+CVE-2018-2879
 	NOT-FOR-US: Oracle
-CVE-2018-2878 (Vulnerability in the PeopleSoft Enterprise HCM Shared Components ...)
+CVE-2018-2878
 	NOT-FOR-US: Oracle
-CVE-2018-2877 (Vulnerability in the MySQL Cluster component of Oracle MySQL ...)
+CVE-2018-2877
 	- mysql-cluster <itp> (bug #833356)
-CVE-2018-2876 (Vulnerability in the Oracle Retail Integration Bus component of Oracle ...)
+CVE-2018-2876
 	NOT-FOR-US: Oracle
 CVE-2018-2875
 	RESERVED
-CVE-2018-2874 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-2874
 	NOT-FOR-US: Oracle
-CVE-2018-2873 (Vulnerability in the Oracle General Ledger component of Oracle ...)
+CVE-2018-2873
 	NOT-FOR-US: Oracle
-CVE-2018-2872 (Vulnerability in the Oracle General Ledger component of Oracle ...)
+CVE-2018-2872
 	NOT-FOR-US: Oracle
-CVE-2018-2871 (Vulnerability in the Oracle Human Resources component of Oracle ...)
+CVE-2018-2871
 	NOT-FOR-US: Oracle
-CVE-2018-2870 (Vulnerability in the Oracle Human Resources component of Oracle ...)
+CVE-2018-2870
 	NOT-FOR-US: Oracle
-CVE-2018-2869 (Vulnerability in the Oracle Human Resources component of Oracle ...)
+CVE-2018-2869
 	NOT-FOR-US: Oracle
-CVE-2018-2868 (Vulnerability in the Oracle Human Resources component of Oracle ...)
+CVE-2018-2868
 	NOT-FOR-US: Oracle
-CVE-2018-2867 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-2867
 	NOT-FOR-US: Oracle
-CVE-2018-2866 (Vulnerability in the Oracle General Ledger component of Oracle ...)
+CVE-2018-2866
 	NOT-FOR-US: Oracle
-CVE-2018-2865 (Vulnerability in the Oracle General Ledger component of Oracle ...)
+CVE-2018-2865
 	NOT-FOR-US: Oracle
-CVE-2018-2864 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-2864
 	NOT-FOR-US: Oracle
-CVE-2018-2863 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2863
 	NOT-FOR-US: Oracle
-CVE-2018-2862 (Vulnerability in the Oracle Retail Point-of-Service component of ...)
+CVE-2018-2862
 	NOT-FOR-US: Oracle
-CVE-2018-2861 (Vulnerability in the Oracle Retail Back Office component of Oracle ...)
+CVE-2018-2861
 	NOT-FOR-US: Oracle
-CVE-2018-2860 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2860
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2859 (Vulnerability in the Oracle Financial Services Basel Regulatory ...)
+CVE-2018-2859
 	NOT-FOR-US: Oracle
-CVE-2018-2858 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2858
 	NOT-FOR-US: Oracle
-CVE-2018-2857 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2857
 	NOT-FOR-US: Oracle
-CVE-2018-2856 (Vulnerability in the Oracle Financial Services Basel Regulatory ...)
+CVE-2018-2856
 	NOT-FOR-US: Oracle
-CVE-2018-2855 (Vulnerability in the Oracle Financial Services Basel Regulatory ...)
+CVE-2018-2855
 	NOT-FOR-US: Oracle
-CVE-2018-2854 (Vulnerability in the Oracle Financial Services Basel Regulatory ...)
+CVE-2018-2854
 	NOT-FOR-US: Oracle
-CVE-2018-2853 (Vulnerability in the Oracle Hospitality Simphony First Edition ...)
+CVE-2018-2853
 	NOT-FOR-US: Oracle
-CVE-2018-2852 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2018-2852
 	NOT-FOR-US: Oracle
-CVE-2018-2851 (Vulnerability in the Oracle Hospitality Simphony First Edition ...)
+CVE-2018-2851
 	NOT-FOR-US: Oracle
-CVE-2018-2850 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
+CVE-2018-2850
 	NOT-FOR-US: Oracle
-CVE-2018-2849 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2018-2849
 	NOT-FOR-US: Oracle
-CVE-2018-2848 (Vulnerability in the Oracle Hospitality Simphony First Edition ...)
+CVE-2018-2848
 	NOT-FOR-US: Oracle
-CVE-2018-2847 (Vulnerability in the Oracle Hospitality Simphony First Edition ...)
+CVE-2018-2847
 	NOT-FOR-US: Oracle
-CVE-2018-2846 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2846
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2845 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2845
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2844 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2844
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: https://www.voidsecurity.in/2018/08/from-compiler-optimization-to-code.html
-CVE-2018-2843 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2843
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2842 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2842
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2841 (Vulnerability in the Java VM component of Oracle Database Server. ...)
+CVE-2018-2841
 	NOT-FOR-US: Oracle
-CVE-2018-2840 (Vulnerability in the Oracle Retail Xstore Point of Service component ...)
+CVE-2018-2840
 	NOT-FOR-US: Oracle
-CVE-2018-2839 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2839
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2838 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub ...)
+CVE-2018-2838
 	NOT-FOR-US: Oracle
-CVE-2018-2837 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2837
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2836 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2836
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2835 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2835
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2834 (Vulnerability in the Oracle Data Visualization Desktop component of ...)
+CVE-2018-2834
 	NOT-FOR-US: Oracle
-CVE-2018-2833 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2833
 	NOT-FOR-US: Oracle
-CVE-2018-2832 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. ...)
+CVE-2018-2832
 	NOT-FOR-US: Oracle
-CVE-2018-2831 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2831
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2830 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2830
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2829 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2829
 	NOT-FOR-US: Oracle
-CVE-2018-2828 (Vulnerability in the Oracle WebCenter Content component of Oracle ...)
+CVE-2018-2828
 	NOT-FOR-US: Oracle
-CVE-2018-2827 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
+CVE-2018-2827
 	NOT-FOR-US: Oracle
-CVE-2018-2826 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2826
 	- openjdk-10 10.0.2+13-1
-CVE-2018-2825 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2825
 	- openjdk-10 10.0.2+13-1
-CVE-2018-2824 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2824
 	NOT-FOR-US: Oracle
-CVE-2018-2823 (Vulnerability in the Oracle Transportation Management component of ...)
+CVE-2018-2823
 	NOT-FOR-US: Oracle
-CVE-2018-2822 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems ...)
+CVE-2018-2822
 	NOT-FOR-US: Oracle
-CVE-2018-2821 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2821
 	NOT-FOR-US: Oracle
-CVE-2018-2820 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2820
 	NOT-FOR-US: Oracle
-CVE-2018-2819 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2819
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47134,12 +47124,12 @@ CVE-2018-2819 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2818 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2818
 	{DSA-4176-1 DLA-1355-1}
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2817 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2817
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47147,11 +47137,11 @@ CVE-2018-2817 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2816 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2816
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2815 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2815
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47159,7 +47149,7 @@ CVE-2018-2815 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2814 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2814
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47167,7 +47157,7 @@ CVE-2018-2814 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2813 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2813
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47175,37 +47165,37 @@ CVE-2018-2813 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2812 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2812
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2811 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2811
 	- openjdk-8 <not-affected> (Specific to Oracle Java, our installation procedure are obviously different)
-CVE-2018-2810 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2810
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2809 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2809
 	NOT-FOR-US: Oracle
-CVE-2018-2808 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2808
 	NOT-FOR-US: Oracle
-CVE-2018-2807 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle ...)
+CVE-2018-2807
 	NOT-FOR-US: Oracle
-CVE-2018-2806 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-2806
 	NOT-FOR-US: Oracle
-CVE-2018-2805 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2805
 	- mysql-5.7 <not-affected> (Only affects GIS Extension in Oracle MySQL 5.6)
 	- mysql-5.5 <not-affected> (Only affects GIS Extension in Oracle MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2804 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-2804
 	NOT-FOR-US: Oracle
-CVE-2018-2803 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2018-2803
 	NOT-FOR-US: Oracle
-CVE-2018-2802 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2802
 	NOT-FOR-US: Oracle
-CVE-2018-2801 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-2801
 	NOT-FOR-US: Oracle
-CVE-2018-2800 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...)
+CVE-2018-2800
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47213,13 +47203,13 @@ CVE-2018-2800 (Vulnerability in the Java SE, JRockit component of Oracle Java SE
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2799 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2799
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
 	[experimental] - openjdk-7 7u181-2.6.14-1
 	- openjdk-7 <removed>
-CVE-2018-2798 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2798
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47227,7 +47217,7 @@ CVE-2018-2798 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2797 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2797
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47235,13 +47225,13 @@ CVE-2018-2797 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2796 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2796
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
 	[experimental] - openjdk-7 7u181-2.6.14-1
 	- openjdk-7 <removed>
-CVE-2018-2795 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2795
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47249,7 +47239,7 @@ CVE-2018-2795 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2794 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...)
+CVE-2018-2794
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47257,13 +47247,13 @@ CVE-2018-2794 (Vulnerability in the Java SE, JRockit component of Oracle Java SE
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2793 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
+CVE-2018-2793
 	NOT-FOR-US: Oracle
-CVE-2018-2792 (Vulnerability in the Hardware Management Pack component of Oracle Sun ...)
+CVE-2018-2792
 	NOT-FOR-US: Oracle
-CVE-2018-2791 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2018-2791
 	NOT-FOR-US: Oracle
-CVE-2018-2790 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2790
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47271,11 +47261,11 @@ CVE-2018-2790 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2789 (Vulnerability in the Siebel Core - Server Framework component of ...)
+CVE-2018-2789
 	NOT-FOR-US: Oracle
-CVE-2018-2788 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2788
 	NOT-FOR-US: Oracle
-CVE-2018-2787 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2787
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47283,13 +47273,13 @@ CVE-2018-2787 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2786 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2786
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2785 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2785
 	NOT-FOR-US: Oracle
-CVE-2018-2784 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2784
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47297,12 +47287,12 @@ CVE-2018-2784 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2783 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2783
 	- openjdk-10 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-6 <not-affected> (Apparently specific to Oracle Java)
-CVE-2018-2782 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2782
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47310,7 +47300,7 @@ CVE-2018-2782 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2781 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2781
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47318,40 +47308,40 @@ CVE-2018-2781 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2780 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2780
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2779 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2779
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2778 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2778
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2777 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2777
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2776 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2776
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2775 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2775
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2774 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
+CVE-2018-2774
 	NOT-FOR-US: Oracle
-CVE-2018-2773 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2773
 	{DSA-4176-1 DLA-1355-1}
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2772 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2772
 	NOT-FOR-US: Oracle
-CVE-2018-2771 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2771
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47359,15 +47349,15 @@ CVE-2018-2771 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2770 (Vulnerability in the Oracle Adaptive Access Manager component of ...)
+CVE-2018-2770
 	NOT-FOR-US: Oracle
-CVE-2018-2769 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2769
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2768 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2018-2768
 	NOT-FOR-US: Oracle
-CVE-2018-2767 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2767
 	{DSA-4341-1 DLA-1566-1 DLA-1407-1}
 	- mariadb-10.2 <removed>
 	- mariadb-10.1 1:10.1.34-1
@@ -47386,7 +47376,7 @@ CVE-2018-2767 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	NOTE: fixed in 5.5.61, 5.6.41, 5.7.23
 	NOTE: Strictly speaking though the CVE would be only for Oracle MySQL, for practical
 	NOTE: reasons still tracking as well MariaDB here.
-CVE-2018-2766 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2766
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47394,17 +47384,17 @@ CVE-2018-2766 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2765 (Vulnerability in the Oracle Security Service component of Oracle ...)
+CVE-2018-2765
 	NOT-FOR-US: Oracle
-CVE-2018-2764 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2764
 	NOT-FOR-US: Oracle
-CVE-2018-2763 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2763
 	NOT-FOR-US: Oracle
-CVE-2018-2762 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2762
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2761 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2761
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47412,21 +47402,21 @@ CVE-2018-2761 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2760 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion ...)
+CVE-2018-2760
 	NOT-FOR-US: Oracle
-CVE-2018-2759 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2759
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2758 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2758
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
 CVE-2018-2757
 	RESERVED
-CVE-2018-2756 (Vulnerability in the Oracle Communications Order and Service ...)
+CVE-2018-2756
 	NOT-FOR-US: Oracle
-CVE-2018-2755 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2755
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47434,23 +47424,23 @@ CVE-2018-2755 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2754 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2754
 	NOT-FOR-US: Oracle
-CVE-2018-2753 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2753
 	NOT-FOR-US: Oracle
-CVE-2018-2752 (Vulnerability in the PeopleSoft Enterprise HCM component of Oracle ...)
+CVE-2018-2752
 	NOT-FOR-US: Oracle
 CVE-2018-2751
 	RESERVED
-CVE-2018-2750 (Vulnerability in the Enterprise Manager Base Platform component of ...)
+CVE-2018-2750
 	NOT-FOR-US: Oracle
-CVE-2018-2749 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2749
 	NOT-FOR-US: Oracle
-CVE-2018-2748 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2748
 	NOT-FOR-US: Oracle
-CVE-2018-2747 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2747
 	NOT-FOR-US: Oracle
-CVE-2018-2746 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2746
 	NOT-FOR-US: Oracle
 CVE-2018-2745
 	RESERVED
@@ -47458,17 +47448,17 @@ CVE-2018-2744
 	RESERVED
 CVE-2018-2743
 	RESERVED
-CVE-2018-2742 (Vulnerability in the Enterprise Manager Ops Center component of Oracle ...)
+CVE-2018-2742
 	NOT-FOR-US: Oracle
 CVE-2018-2741
 	RESERVED
 CVE-2018-2740
 	RESERVED
-CVE-2018-2739 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)
+CVE-2018-2739
 	NOT-FOR-US: Oracle
-CVE-2018-2738 (Vulnerability in the Oracle Retail Central Office component of Oracle ...)
+CVE-2018-2738
 	NOT-FOR-US: Oracle
-CVE-2018-2737 (Vulnerability in the Oracle Retail Returns Management component of ...)
+CVE-2018-2737
 	NOT-FOR-US: Oracle
 CVE-2018-2736
 	RESERVED
@@ -47476,140 +47466,140 @@ CVE-2018-2735
 	RESERVED
 CVE-2018-2734
 	RESERVED
-CVE-2018-2733 (Vulnerability in the Oracle Hyperion Planning component of Oracle ...)
+CVE-2018-2733
 	NOT-FOR-US: Oracle
-CVE-2018-2732 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+CVE-2018-2732
 	NOT-FOR-US: Oracle
-CVE-2018-2731 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement component ...)
+CVE-2018-2731
 	NOT-FOR-US: Oracle
-CVE-2018-2730 (Vulnerability in the Oracle Retail Merchandising System component of ...)
+CVE-2018-2730
 	NOT-FOR-US: Oracle
-CVE-2018-2729 (Vulnerability in the Oracle Financial Services Funds Transfer Pricing ...)
+CVE-2018-2729
 	NOT-FOR-US: Oracle
-CVE-2018-2728 (Vulnerability in the Oracle Financial Services Funds Transfer Pricing ...)
+CVE-2018-2728
 	NOT-FOR-US: Oracle
-CVE-2018-2727 (Vulnerability in the Oracle Financial Services Market Risk Measurement ...)
+CVE-2018-2727
 	NOT-FOR-US: Oracle
-CVE-2018-2726 (Vulnerability in the Oracle Financial Services Market Risk component ...)
+CVE-2018-2726
 	NOT-FOR-US: Oracle
-CVE-2018-2725 (Vulnerability in the Oracle Financial Services Hedge Management and ...)
+CVE-2018-2725
 	NOT-FOR-US: Oracle
-CVE-2018-2724 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting ...)
+CVE-2018-2724
 	NOT-FOR-US: Oracle
-CVE-2018-2723 (Vulnerability in the Oracle Financial Services Asset Liability ...)
+CVE-2018-2723
 	NOT-FOR-US: Oracle
-CVE-2018-2722 (Vulnerability in the Oracle Financial Services Price Creation and ...)
+CVE-2018-2722
 	NOT-FOR-US: Oracle
-CVE-2018-2721 (Vulnerability in the Oracle Financial Services Price Creation and ...)
+CVE-2018-2721
 	NOT-FOR-US: Oracle
-CVE-2018-2720 (Vulnerability in the Oracle Financial Services Liquidity Risk ...)
+CVE-2018-2720
 	NOT-FOR-US: Oracle
-CVE-2018-2719 (Vulnerability in the Oracle Financial Services Hedge Management and ...)
+CVE-2018-2719
 	NOT-FOR-US: Oracle
-CVE-2018-2718 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2718
 	NOT-FOR-US: Oracle
-CVE-2018-2717 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2717
 	NOT-FOR-US: Oracle
-CVE-2018-2716 (Vulnerability in the Oracle Financial Services Market Risk Measurement ...)
+CVE-2018-2716
 	NOT-FOR-US: Oracle
-CVE-2018-2715 (Vulnerability in the Oracle Business Intelligence Enterprise Edition ...)
+CVE-2018-2715
 	NOT-FOR-US: Oracle
-CVE-2018-2714 (Vulnerability in the Oracle Financial Services Market Risk component ...)
+CVE-2018-2714
 	NOT-FOR-US: Oracle
-CVE-2018-2713 (Vulnerability in the Oracle WebCenter Portal component of Oracle ...)
+CVE-2018-2713
 	NOT-FOR-US: Oracle
-CVE-2018-2712 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting ...)
+CVE-2018-2712
 	NOT-FOR-US: Oracle
-CVE-2018-2711 (Vulnerability in the Oracle JDeveloper component of Oracle Fusion ...)
+CVE-2018-2711
 	NOT-FOR-US: Oracle
-CVE-2018-2710 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2710
 	NOT-FOR-US: Oracle
-CVE-2018-2709 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2709
 	NOT-FOR-US: Oracle
-CVE-2018-2708 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-2708
 	NOT-FOR-US: Oracle
-CVE-2018-2707 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2707
 	NOT-FOR-US: Oracle
-CVE-2018-2706 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+CVE-2018-2706
 	NOT-FOR-US: Oracle
-CVE-2018-2705 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-2705
 	NOT-FOR-US: Oracle
-CVE-2018-2704 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+CVE-2018-2704
 	NOT-FOR-US: Oracle
-CVE-2018-2703 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2703
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2702 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
+CVE-2018-2702
 	NOT-FOR-US: Oracle
-CVE-2018-2701 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2018-2701
 	NOT-FOR-US: Oracle
-CVE-2018-2700 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2018-2700
 	NOT-FOR-US: Oracle
-CVE-2018-2699 (Vulnerability in the Application Express component of Oracle Database ...)
+CVE-2018-2699
 	NOT-FOR-US: Oracle
-CVE-2018-2698 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2698
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2697 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
+CVE-2018-2697
 	NOT-FOR-US: Oracle
-CVE-2018-2696 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2696
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2695 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2695
 	NOT-FOR-US: Oracle
-CVE-2018-2694 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2694
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2693 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2693
 	- virtualbox-guest-additions-iso 5.2.6-1
 	[jessie] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
-CVE-2018-2692 (Vulnerability in the Oracle Financial Services Asset Liability ...)
+CVE-2018-2692
 	NOT-FOR-US: Oracle
-CVE-2018-2691 (Vulnerability in the Oracle User Management component of Oracle ...)
+CVE-2018-2691
 	NOT-FOR-US: Oracle
-CVE-2018-2690 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2690
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2689 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2689
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2688 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2688
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2687 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2687
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2686 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2686
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2685 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2685
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2684 (Vulnerability in the Oracle User Management component of Oracle ...)
+CVE-2018-2684
 	NOT-FOR-US: Oracle
-CVE-2018-2683 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2683
 	NOT-FOR-US: Oracle
-CVE-2018-2682 (Vulnerability in the Oracle Financial Services Liquidity Risk ...)
+CVE-2018-2682
 	NOT-FOR-US: Oracle
-CVE-2018-2681 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources ...)
+CVE-2018-2681
 	NOT-FOR-US: Oracle
-CVE-2018-2680 (Vulnerability in the Java VM component of Oracle Database Server. ...)
+CVE-2018-2680
 	NOT-FOR-US: Oracle
-CVE-2018-2679 (Vulnerability in the Oracle Financial Services Profitability ...)
+CVE-2018-2679
 	NOT-FOR-US: Oracle Financial Services Applications
-CVE-2018-2678 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2678
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47617,7 +47607,7 @@ CVE-2018-2678 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2677 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2677
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47625,25 +47615,25 @@ CVE-2018-2677 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2676 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2018-2676
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2675 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2018-2675
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2018-2674 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of ...)
+CVE-2018-2674
 	NOT-FOR-US: Oracle
-CVE-2018-2673 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2673
 	NOT-FOR-US: Oracle
-CVE-2018-2672 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2672
 	NOT-FOR-US: Oracle
-CVE-2018-2671 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of ...)
+CVE-2018-2671
 	NOT-FOR-US: Oracle
-CVE-2018-2670 (Vulnerability in the Oracle Financial Services Profitability ...)
+CVE-2018-2670
 	NOT-FOR-US: Oracle
-CVE-2018-2669 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2018-2669
 	NOT-FOR-US: Oracle
-CVE-2018-2668 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2668
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47651,13 +47641,13 @@ CVE-2018-2668 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2667 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2667
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2666 (Vulnerability in the Oracle Hospitality Labor Management component of ...)
+CVE-2018-2666
 	NOT-FOR-US: Oracle
-CVE-2018-2665 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2665
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47665,9 +47655,9 @@ CVE-2018-2665 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2664 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2664
 	NOT-FOR-US: Oracle
-CVE-2018-2663 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2663
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47675,58 +47665,58 @@ CVE-2018-2663 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2662 (Vulnerability in the Oracle Transportation Management component of ...)
+CVE-2018-2662
 	NOT-FOR-US: Oracle
-CVE-2018-2661 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+CVE-2018-2661
 	NOT-FOR-US: Oracle
-CVE-2018-2660 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+CVE-2018-2660
 	NOT-FOR-US: Oracle
-CVE-2018-2659 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2659
 	NOT-FOR-US: Oracle
-CVE-2018-2658 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+CVE-2018-2658
 	NOT-FOR-US: Oracle
-CVE-2018-2657 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...)
+CVE-2018-2657
 	- openjdk-9 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-8 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-7 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-6 <not-affected> (Seems to be specific to Oracle Java)
-CVE-2018-2656 (Vulnerability in the Oracle General Ledger component of Oracle ...)
+CVE-2018-2656
 	NOT-FOR-US: Oracle
-CVE-2018-2655 (Vulnerability in the Oracle Work in Process component of Oracle ...)
+CVE-2018-2655
 	NOT-FOR-US: Oracle
-CVE-2018-2654 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources ...)
+CVE-2018-2654
 	NOT-FOR-US: Oracle
-CVE-2018-2653 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2653
 	NOT-FOR-US: Oracle
-CVE-2018-2652 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2652
 	NOT-FOR-US: Oracle
-CVE-2018-2651 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2651
 	NOT-FOR-US: Oracle
-CVE-2018-2650 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2018-2650
 	NOT-FOR-US: Oracle
-CVE-2018-2649 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2649
 	NOT-FOR-US: Oracle
-CVE-2018-2648 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2648
 	NOT-FOR-US: Oracle
-CVE-2018-2647 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2647
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2646 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2646
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2645 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2645
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2644 (Vulnerability in the Oracle Argus Safety component of Oracle Health ...)
+CVE-2018-2644
 	NOT-FOR-US: Oracle
-CVE-2018-2643 (Vulnerability in the Oracle Argus Safety component of Oracle Health ...)
+CVE-2018-2643
 	NOT-FOR-US: Oracle
-CVE-2018-2642 (Vulnerability in the Oracle Argus Safety component of Oracle Health ...)
+CVE-2018-2642
 	NOT-FOR-US: Oracle
-CVE-2018-2641 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2641
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	[experimental] - openjdk-7 7u171-2.6.13-1
 	- openjdk-9 9.0.4+12-1
@@ -47734,7 +47724,7 @@ CVE-2018-2641 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2640 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2640
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47742,13 +47732,13 @@ CVE-2018-2640 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2639 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2639
 	- openjdk-9 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2018-2638 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2638
 	- openjdk-9 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2018-2637 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2637
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47756,11 +47746,11 @@ CVE-2018-2637 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2636 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2636
 	NOT-FOR-US: Oracle
-CVE-2018-2635 (Vulnerability in the Oracle Application Object Library component of ...)
+CVE-2018-2635
 	NOT-FOR-US: Oracle
-CVE-2018-2634 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2634
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47768,7 +47758,7 @@ CVE-2018-2634 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2633 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2633
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47776,33 +47766,33 @@ CVE-2018-2633 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2632 (Vulnerability in the Siebel Engineering - Installer and Deployment ...)
+CVE-2018-2632
 	NOT-FOR-US: Oracle
-CVE-2018-2631 (Vulnerability in the Oracle Transportation Management component of ...)
+CVE-2018-2631
 	NOT-FOR-US: Oracle
-CVE-2018-2630 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2630
 	NOT-FOR-US: Oracle
-CVE-2018-2629 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2629
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2628 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2628
 	NOT-FOR-US: Oracle
-CVE-2018-2627 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2627
 	- openjdk-9 <not-affected> (Specific to installer for Windows)
 	- openjdk-8 <not-affected> (Specific to installer for Windows)
-CVE-2018-2626 (Vulnerability in the Oracle Financial Services Balance Sheet Planning ...)
+CVE-2018-2626
 	NOT-FOR-US: Oracle
-CVE-2018-2625 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2018-2625
 	NOT-FOR-US: Oracle
-CVE-2018-2624 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2624
 	NOT-FOR-US: Oracle
-CVE-2018-2623 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2623
 	NOT-FOR-US: Oracle
-CVE-2018-2622 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2622
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47810,13 +47800,13 @@ CVE-2018-2622 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2621 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2018-2621
 	NOT-FOR-US: Oracle
-CVE-2018-2620 (Vulnerability in the Primavera Unifier component of Oracle ...)
+CVE-2018-2620
 	NOT-FOR-US: Oracle
-CVE-2018-2619 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2619
 	NOT-FOR-US: Oracle
-CVE-2018-2618 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2618
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47824,17 +47814,17 @@ CVE-2018-2618 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2617 (Vulnerability in the OSS Support Tools component of Oracle Support ...)
+CVE-2018-2617
 	NOT-FOR-US: Oracle
-CVE-2018-2616 (Vulnerability in the OSS Support Tools component of Oracle Support ...)
+CVE-2018-2616
 	NOT-FOR-US: Oracle
-CVE-2018-2615 (Vulnerability in the OSS Support Tools component of Oracle Support ...)
+CVE-2018-2615
 	NOT-FOR-US: Oracle
-CVE-2018-2614 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+CVE-2018-2614
 	NOT-FOR-US: Oracle
-CVE-2018-2613 (Vulnerability in the Oracle Argus Safety component of Oracle Health ...)
+CVE-2018-2613
 	NOT-FOR-US: Oracle
-CVE-2018-2612 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2612
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47842,23 +47832,23 @@ CVE-2018-2612 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2611 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2018-2611
 	NOT-FOR-US: Oracle
-CVE-2018-2610 (Vulnerability in the Hyperion Data Relationship Management component ...)
+CVE-2018-2610
 	NOT-FOR-US: Oracle
-CVE-2018-2609 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
+CVE-2018-2609
 	NOT-FOR-US: Oracle
-CVE-2018-2608 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2608
 	NOT-FOR-US: Oracle
-CVE-2018-2607 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2018-2607
 	NOT-FOR-US: Oracle
-CVE-2018-2606 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2018-2606
 	NOT-FOR-US: Oracle
-CVE-2018-2605 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2605
 	NOT-FOR-US: Oracle
-CVE-2018-2604 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
+CVE-2018-2604
 	NOT-FOR-US: Oracle
-CVE-2018-2603 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2603
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47866,7 +47856,7 @@ CVE-2018-2603 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2602 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2602
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47874,13 +47864,13 @@ CVE-2018-2602 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2601 (Vulnerability in the Oracle Internet Directory component of Oracle ...)
+CVE-2018-2601
 	NOT-FOR-US: Oracle
-CVE-2018-2600 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2600
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2599 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2599
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47888,33 +47878,33 @@ CVE-2018-2599 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2598 (Vulnerability in the MySQL Workbench component of Oracle MySQL ...)
+CVE-2018-2598
 	- mysql-workbench <unfixed> (bug #904112)
 	[stretch] - mysql-workbench <no-dsa> (Exact details undisclosed, but marginal CVSS score)
 	[jessie] - mysql-workbench <postponed> (Exact details undisclosed, but marginal CVSS score)
-CVE-2018-2597 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management ...)
+CVE-2018-2597
 	NOT-FOR-US: Oracle
-CVE-2018-2596 (Vulnerability in the Oracle WebCenter Content component of Oracle ...)
+CVE-2018-2596
 	NOT-FOR-US: Oracle
-CVE-2018-2595 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion ...)
+CVE-2018-2595
 	NOT-FOR-US: Oracle
-CVE-2018-2594 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion ...)
+CVE-2018-2594
 	NOT-FOR-US: Oracle
-CVE-2018-2593 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2018-2593
 	NOT-FOR-US: Oracle
-CVE-2018-2592 (Vulnerability in the Oracle Financial Services Balance Sheet Planning ...)
+CVE-2018-2592
 	NOT-FOR-US: Oracle
-CVE-2018-2591 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2591
 	- mysql-5.7 5.7.20-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2590 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2590
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2589 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2018-2589
 	NOT-FOR-US: Oracle
-CVE-2018-2588 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2588
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47922,34 +47912,34 @@ CVE-2018-2588 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2587 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)
+CVE-2018-2587
 	NOT-FOR-US: Oracle
-CVE-2018-2586 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2586
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2585 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2018-2585
 	- mysql-connector-net <unfixed> (bug #887751)
 	[stretch] - mysql-connector-net <no-dsa> (Minor issue)
 	[jessie] - mysql-connector-net <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-net <no-dsa> (Minor issue)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2584 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
+CVE-2018-2584
 	NOT-FOR-US: Oracle
-CVE-2018-2583 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2583
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2582 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+CVE-2018-2582
 	{DSA-4144-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
-CVE-2018-2581 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2018-2581
 	- openjfx 8u161-b12-1 (bug #888530)
 	[stretch] - openjfx <ignored> (Specific details withheld by Oracle, impossible to fix)
-CVE-2018-2580 (Vulnerability in the Oracle Applications DBA component of Oracle ...)
+CVE-2018-2580
 	NOT-FOR-US: Oracle
-CVE-2018-2579 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+CVE-2018-2579
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47957,45 +47947,45 @@ CVE-2018-2579 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2578 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2578
 	NOT-FOR-US: Oracle
-CVE-2018-2577 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2577
 	NOT-FOR-US: Oracle
-CVE-2018-2576 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2576
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2575 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
+CVE-2018-2575
 	NOT-FOR-US: Oracle
-CVE-2018-2574 (Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM ...)
+CVE-2018-2574
 	NOT-FOR-US: Oracle
-CVE-2018-2573 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2573
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2572 (Vulnerability in the Oracle Agile Product Lifecycle Management for ...)
+CVE-2018-2572
 	NOT-FOR-US: Oracle
-CVE-2018-2571 (Vulnerability in the Oracle Communications Unified Inventory ...)
+CVE-2018-2571
 	NOT-FOR-US: Oracle
-CVE-2018-2570 (Vulnerability in the Oracle Communications Unified Inventory ...)
+CVE-2018-2570
 	NOT-FOR-US: Oracle
-CVE-2018-2569 (Vulnerability in the Java ME SDK component of Oracle Java Micro ...)
+CVE-2018-2569
 	NOT-FOR-US: Oracle
-CVE-2018-2568 (Vulnerability in the Integrated Lights Out Manager (ILOM) component of ...)
+CVE-2018-2568
 	NOT-FOR-US: Oracle
-CVE-2018-2567 (Vulnerability in the Oracle Communications Order and Service ...)
+CVE-2018-2567
 	NOT-FOR-US: Oracle
-CVE-2018-2566 (Vulnerability in the Integrated Lights Out Manager (ILOM) component of ...)
+CVE-2018-2566
 	NOT-FOR-US: Oracle
-CVE-2018-2565 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2565
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2564 (Vulnerability in the Oracle WebCenter Content component of Oracle ...)
+CVE-2018-2564
 	NOT-FOR-US: Oracle
-CVE-2018-2563 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2563
 	NOT-FOR-US: Oracle
-CVE-2018-2562 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2018-2562
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -48003,9 +47993,9 @@ CVE-2018-2562 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2561 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion ...)
+CVE-2018-2561
 	NOT-FOR-US: Oracle
-CVE-2018-2560 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+CVE-2018-2560
 	NOT-FOR-US: Oracle
 CVE-2018-2559
 	RESERVED
@@ -48115,297 +48105,297 @@ CVE-2018-2507
 	RESERVED
 CVE-2018-2506
 	RESERVED
-CVE-2018-2505 (SAP Commerce does not sufficiently validate user-controlled inputs, ...)
+CVE-2018-2505
 	NOT-FOR-US: SAP
-CVE-2018-2504 (SAP NetWeaver AS Java Web Container service does not validate against ...)
+CVE-2018-2504
 	NOT-FOR-US: SAP
-CVE-2018-2503 (By default, the SAP NetWeaver AS Java keystore service does not ...)
+CVE-2018-2503
 	NOT-FOR-US: SAP
-CVE-2018-2502 (TRACE method is enabled in SAP Business One Service Layer . Attacker ...)
+CVE-2018-2502
 	NOT-FOR-US: SAP
 CVE-2018-2501
 	RESERVED
-CVE-2018-2500 (Under certain conditions SAP Mobile Secure Android client (before ...)
+CVE-2018-2500
 	NOT-FOR-US: SAP
-CVE-2018-2499 (A security weakness in SAP Financial Consolidation Cube Designer ...)
+CVE-2018-2499
 	NOT-FOR-US: SAP
 CVE-2018-2498
 	RESERVED
-CVE-2018-2497 (The security audit log of SAP HANA, versions 1.0 and 2.0, does not log ...)
+CVE-2018-2497
 	NOT-FOR-US: SAP
 CVE-2018-2496
 	RESERVED
 CVE-2018-2495
 	RESERVED
-CVE-2018-2494 (Necessary authorization checks for an authenticated user, resulting in ...)
+CVE-2018-2494
 	NOT-FOR-US: SAP
 CVE-2018-2493
 	RESERVED
-CVE-2018-2492 (SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently ...)
+CVE-2018-2492
 	NOT-FOR-US: SAP
-CVE-2018-2491 (When opening a deep link URL in SAP Fiori Client with log level set to ...)
+CVE-2018-2491
 	NOT-FOR-US: SAP
-CVE-2018-2490 (The broadcast messages received by SAP Fiori Client are not protected ...)
+CVE-2018-2490
 	NOT-FOR-US: SAP
-CVE-2018-2489 (Locally, without any permission, an arbitrary android application ...)
+CVE-2018-2489
 	NOT-FOR-US: SAP
-CVE-2018-2488 (It is possible for a malware application installed on an Android ...)
+CVE-2018-2488
 	NOT-FOR-US: SAP
-CVE-2018-2487 (SAP Disclosure Management 10.x allows an attacker to exploit through a ...)
+CVE-2018-2487
 	NOT-FOR-US: SAP
-CVE-2018-2486 (SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does ...)
+CVE-2018-2486
 	NOT-FOR-US: SAP
-CVE-2018-2485 (It is possible for a malicious application or malware to execute ...)
+CVE-2018-2485
 	NOT-FOR-US: SAP
-CVE-2018-2484 (SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; ...)
+CVE-2018-2484
 	NOT-FOR-US: SAP
-CVE-2018-2483 (HTTP Verb Tampering is possible in SAP BusinessObjects Business ...)
+CVE-2018-2483
 	NOT-FOR-US: SAP
-CVE-2018-2482 (SAP Mobile Secure Android Application, Mobile-secure.apk Android ...)
+CVE-2018-2482
 	NOT-FOR-US: SAP
-CVE-2018-2481 (In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to ...)
+CVE-2018-2481
 	NOT-FOR-US: SAP
 CVE-2018-2480
 	RESERVED
-CVE-2018-2479 (SAP BusinessObjects Business Intelligence Platform (BIWorkspace), ...)
+CVE-2018-2479
 	NOT-FOR-US: SAP
-CVE-2018-2478 (An attacker can use specially crafted inputs to execute commands on ...)
+CVE-2018-2478
 	NOT-FOR-US: SAP
-CVE-2018-2477 (Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, ...)
+CVE-2018-2477
 	NOT-FOR-US: SAP
-CVE-2018-2476 (Due to insufficient URL Validation in forums in SAP NetWeaver versions ...)
+CVE-2018-2476
 	NOT-FOR-US: SAP
-CVE-2018-2475 (Following the Gardener architecture, the Kubernetes apiserver of a ...)
+CVE-2018-2475
 	NOT-FOR-US: SAP
-CVE-2018-2474 (SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) ...)
+CVE-2018-2474
 	NOT-FOR-US: SAP
-CVE-2018-2473 (SAP BusinessObjects Business Intelligence Platform Server, versions ...)
+CVE-2018-2473
 	NOT-FOR-US: SAP
-CVE-2018-2472 (SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web ...)
+CVE-2018-2472
 	NOT-FOR-US: SAP
-CVE-2018-2471 (Under certain conditions SAP BusinessObjects Business Intelligence ...)
+CVE-2018-2471
 	NOT-FOR-US: SAP
-CVE-2018-2470 (In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, ...)
+CVE-2018-2470
 	NOT-FOR-US: SAP
-CVE-2018-2469 (Under certain conditions SAP Adaptive Server Enterprise (ASE), ...)
+CVE-2018-2469
 	NOT-FOR-US: SAP
-CVE-2018-2468 (Under certain conditions the backup server in SAP Adaptive Server ...)
+CVE-2018-2468
 	NOT-FOR-US: SAP
-CVE-2018-2467 (In the Software Development Kit in SAP BusinessObjects BI Platform ...)
+CVE-2018-2467
 	NOT-FOR-US: SAP
-CVE-2018-2466 (In Impact and Lineage Analysis in SAP Data Services, version 4.2, the ...)
+CVE-2018-2466
 	NOT-FOR-US: SAP
-CVE-2018-2465 (SAP HANA (versions 1.0 and 2.0) Extended Application Services classic ...)
+CVE-2018-2465
 	NOT-FOR-US: SAP
-CVE-2018-2464 (SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not ...)
+CVE-2018-2464
 	NOT-FOR-US: SAP
-CVE-2018-2463 (The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions ...)
+CVE-2018-2463
 	NOT-FOR-US: SAP
-CVE-2018-2462 (In certain cases, BEx Web Java Runtime Export Web Service in SAP ...)
+CVE-2018-2462
 	NOT-FOR-US: SAP
-CVE-2018-2461 (Missing authorization check in SAP HCM Fiori &quot;People Profile&quot; (GBX01 ...)
+CVE-2018-2461
 	NOT-FOR-US: SAP
-CVE-2018-2460 (SAP Business One Android application, version 1.2, does not verify the ...)
+CVE-2018-2460
 	NOT-FOR-US: SAP
-CVE-2018-2459 (Users of an SAP Mobile Platform (version 3.0) Offline OData ...)
+CVE-2018-2459
 	NOT-FOR-US: SAP
-CVE-2018-2458 (Under certain conditions, Crystal Report using SAP Business One, ...)
+CVE-2018-2458
 	NOT-FOR-US: SAP
-CVE-2018-2457 (Under certain conditions SAP Adaptive Server Enterprise, version 16.0, ...)
+CVE-2018-2457
 	NOT-FOR-US: SAP
 CVE-2018-2456
 	RESERVED
-CVE-2018-2455 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, ...)
+CVE-2018-2455
 	NOT-FOR-US: SAP
-CVE-2018-2454 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, ...)
+CVE-2018-2454
 	NOT-FOR-US: SAP
 CVE-2018-2453
 	RESERVED
-CVE-2018-2452 (The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, ...)
+CVE-2018-2452
 	NOT-FOR-US: SAP
-CVE-2018-2451 (XS Command-Line Interface (CLI) user sessions with the SAP HANA ...)
+CVE-2018-2451
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2450 (SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who ...)
+CVE-2018-2450
 	NOT-FOR-US: SAP MaxDB
-CVE-2018-2449 (SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - ...)
+CVE-2018-2449
 	NOT-FOR-US: SAP SRM MDM Catalog
-CVE-2018-2448 (Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, ...)
+CVE-2018-2448
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence Platform
-CVE-2018-2447 (SAP BusinessObjects Business Intelligence (Launchpad Web ...)
+CVE-2018-2447
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2446 (Admin tools in SAP BusinessObjects Business Intelligence, versions ...)
+CVE-2018-2446
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2445 (AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, ...)
+CVE-2018-2445
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2444 (SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does ...)
+CVE-2018-2444
 	NOT-FOR-US: SAP BusinessObjects Financial Consolidation
 CVE-2018-2443
 	RESERVED
-CVE-2018-2442 (In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and ...)
+CVE-2018-2442
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2441 (Under certain conditions the SAP Change and Transport System (ABAP), ...)
+CVE-2018-2441
 	NOT-FOR-US: SAP Change and Transport System
-CVE-2018-2440 (Under certain circumstances SAP Dynamic Authorization Management (DAM) ...)
+CVE-2018-2440
 	NOT-FOR-US: SAP
-CVE-2018-2439 (The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, ...)
+CVE-2018-2439
 	NOT-FOR-US: SAP
-CVE-2018-2438 (The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, ...)
+CVE-2018-2438
 	NOT-FOR-US: SAP
-CVE-2018-2437 (The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, ...)
+CVE-2018-2437
 	NOT-FOR-US: SAP
-CVE-2018-2436 (Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does ...)
+CVE-2018-2436
 	NOT-FOR-US: SAP
-CVE-2018-2435 (SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, ...)
+CVE-2018-2435
 	NOT-FOR-US: SAP
-CVE-2018-2434 (A content spoofing vulnerability in the following components allows to ...)
+CVE-2018-2434
 	NOT-FOR-US: SAP
-CVE-2018-2433 (SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 ...)
+CVE-2018-2433
 	NOT-FOR-US: SAP
-CVE-2018-2432 (SAP BusinessObjects Business Intelligence (BI Launchpad and Central ...)
+CVE-2018-2432
 	NOT-FOR-US: SAP
-CVE-2018-2431 (SAP BusinessObjects Business Intelligence Suite, versions 4.10 and ...)
+CVE-2018-2431
 	NOT-FOR-US: SAP
 CVE-2018-2430
 	RESERVED
 CVE-2018-2429
 	RESERVED
-CVE-2018-2428 (Under certain conditions SAP UI5 Handler allows an attacker to access ...)
+CVE-2018-2428
 	NOT-FOR-US: SAP
-CVE-2018-2427 (SAP BusinessObjects Business Intelligence Suite, versions 4.10 and ...)
+CVE-2018-2427
 	NOT-FOR-US: SAP
 CVE-2018-2426
 	RESERVED
-CVE-2018-2425 (Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA ...)
+CVE-2018-2425
 	NOT-FOR-US: SAP
-CVE-2018-2424 (SAP UI5 did not validate user input before adding it to the DOM ...)
+CVE-2018-2424
 	NOT-FOR-US: SAP
-CVE-2018-2423 (SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, ...)
+CVE-2018-2423
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2422 (SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, ...)
+CVE-2018-2422
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2421 (SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, ...)
+CVE-2018-2421
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2420 (SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, ...)
+CVE-2018-2420
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2419 (SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, ...)
+CVE-2018-2419
 	NOT-FOR-US: SAP Enterprise Financial Services
-CVE-2018-2418 (SAP MaxDB ODBC driver (all versions before 7.9.09.07) allows an ...)
+CVE-2018-2418
 	NOT-FOR-US: SAP MaxDB ODBC driver
-CVE-2018-2417 (Under certain conditions, the SAP Identity Management 8.0 (pass of ...)
+CVE-2018-2417
 	NOT-FOR-US: SAP Identity Management
-CVE-2018-2416 (SAP Identity Management 7.2 and 8.0 do not sufficiently validate an ...)
+CVE-2018-2416
 	NOT-FOR-US: SAP Identity Management
-CVE-2018-2415 (SAP NetWeaver Application Server Java Web Container and HTTP Service ...)
+CVE-2018-2415
 	NOT-FOR-US: SAP NetWeaver Application Server Java Web Container and HTTP Service
 CVE-2018-2414
 	RESERVED
-CVE-2018-2413 (SAP Disclosure Management 10.1 does not perform necessary ...)
+CVE-2018-2413
 	NOT-FOR-US: SAP
-CVE-2018-2412 (SAP Disclosure Management 10.1 does not perform necessary ...)
+CVE-2018-2412
 	NOT-FOR-US: SAP
 CVE-2018-2411
 	RESERVED
-CVE-2018-2410 (SAP Business One, 9.2, 9.3, browser access does not sufficiently ...)
+CVE-2018-2410
 	NOT-FOR-US: SAP
-CVE-2018-2409 (Improper session management when using SAP Cloud Platform 2.0 ...)
+CVE-2018-2409
 	NOT-FOR-US: SAP
-CVE-2018-2408 (Improper Session Management in SAP Business Objects, 4.0, from 4.10, ...)
+CVE-2018-2408
 	NOT-FOR-US: SAP
 CVE-2018-2407
 	RESERVED
-CVE-2018-2406 (Unquoted windows search path (directory/path traversal) vulnerability ...)
+CVE-2018-2406
 	NOT-FOR-US: Crystal Reports Server
-CVE-2018-2405 (SAP Solution Manager, 7.10, 7.20, Incident Management Work Center ...)
+CVE-2018-2405
 	NOT-FOR-US: SAP
-CVE-2018-2404 (SAP Disclosure Management 10.1 allows an attacker to upload any file ...)
+CVE-2018-2404
 	NOT-FOR-US: SAP
-CVE-2018-2403 (Under certain conditions, SAP Disclosure Management 10.1 allows an ...)
+CVE-2018-2403
 	NOT-FOR-US: SAP
-CVE-2018-2402 (In systems using the optional capture &amp; replay functionality of SAP ...)
+CVE-2018-2402
 	NOT-FOR-US: SAP
-CVE-2018-2401 (SAP Business Process Automation (BPA) By Redwood does not sufficiently ...)
+CVE-2018-2401
 	NOT-FOR-US: SAP
-CVE-2018-2400 (Under certain conditions SAP Business Process Automation (BPA) By ...)
+CVE-2018-2400
 	NOT-FOR-US: SAP
-CVE-2018-2399 (Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 ...)
+CVE-2018-2399
 	NOT-FOR-US: SAP
-CVE-2018-2398 (Under certain conditions SAP Business Client 6.5 allows an attacker to ...)
+CVE-2018-2398
 	NOT-FOR-US: SAP
-CVE-2018-2397 (In SAP Business Objects Business Intelligence Platform, 4.00, 4.10, ...)
+CVE-2018-2397
 	NOT-FOR-US: SAP
-CVE-2018-2396 (Under certain conditions a malicious user can prevent legitimate users ...)
+CVE-2018-2396
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2395 (Under certain conditions a malicious user may retrieve information on ...)
+CVE-2018-2395
 	NOT-FOR-US: SAP Internet Graphic Server
-CVE-2018-2394 (Under certain conditions an unauthenticated malicious user can prevent ...)
+CVE-2018-2394
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2393 (Under certain conditions SAP Internet Graphics Server (IGS) 7.20, ...)
+CVE-2018-2393
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2392 (Under certain conditions SAP Internet Graphics Server (IGS) 7.20, ...)
+CVE-2018-2392
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2391 (Under certain conditions a malicious user can prevent legitimate users ...)
+CVE-2018-2391
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2390 (Under certain conditions a malicious user can prevent legitimate users ...)
+CVE-2018-2390
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2389 (Under certain conditions a malicious user can inject log files of SAP ...)
+CVE-2018-2389
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2388 (Stored cross-site scripting vulnerability in SAP internet Graphics ...)
+CVE-2018-2388
 	NOT-FOR-US: SAP internet Graphics Server
-CVE-2018-2387 (A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, ...)
+CVE-2018-2387
 	NOT-FOR-US: SAP internet Graphics Server
-CVE-2018-2386 (Under certain conditions a malicious user provoking an out of bounds ...)
+CVE-2018-2386
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2385 (Under certain conditions a malicious user provoking a divide by zero ...)
+CVE-2018-2385
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2384 (Under certain conditions a malicious user provoking a Null Pointer ...)
+CVE-2018-2384
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2383 (Reflected cross-site scripting vulnerability in SAP internet Graphics ...)
+CVE-2018-2383
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2382 (A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, ...)
+CVE-2018-2382
 	NOT-FOR-US: SAP internet Graphics Server
-CVE-2018-2381 (SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, ...)
+CVE-2018-2381
 	NOT-FOR-US: SAP ERP Financials Information System
-CVE-2018-2380 (SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to ...)
+CVE-2018-2380
 	NOT-FOR-US: SAP CRM
-CVE-2018-2379 (In SAP HANA Extended Application Services, 1.0, an unauthenticated ...)
+CVE-2018-2379
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2378 (In SAP HANA Extended Application Services, 1.0, unauthorized users can ...)
+CVE-2018-2378
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2377 (In SAP HANA Extended Application Services, 1.0, some general server ...)
+CVE-2018-2377
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2376 (In SAP HANA Extended Application Services, 1.0, a controller user who ...)
+CVE-2018-2376
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2375 (In SAP HANA Extended Application Services, 1.0, a controller user who ...)
+CVE-2018-2375
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2374 (In SAP HANA Extended Application Services, 1.0, a controller user who ...)
+CVE-2018-2374
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2373 (Under certain circumstances, a specific endpoint of the Controller's ...)
+CVE-2018-2373
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2372 (A plain keystore password is written to a system log file in SAP HANA ...)
+CVE-2018-2372
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2371 (The SAML 2.0 service provider of SAP Netweaver AS Java Web ...)
+CVE-2018-2371
 	NOT-FOR-US: SAP Netweaver AS Java Web Application
-CVE-2018-2370 (Server Side Request Forgery (SSRF) vulnerability in SAP Central ...)
+CVE-2018-2370
 	NOT-FOR-US: SAP Central Management Console
-CVE-2018-2369 (Under certain conditions SAP HANA, 1.00, 2.00, allows an ...)
+CVE-2018-2369
 	NOT-FOR-US: SAP HANA
-CVE-2018-2368 (SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, ...)
+CVE-2018-2368
 	NOT-FOR-US: SAP NetWeaver System Landscape Directory
-CVE-2018-2367 (ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to ...)
+CVE-2018-2367
 	NOT-FOR-US: SAP BASIS
-CVE-2018-2366 (SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an ...)
+CVE-2018-2366
 	NOT-FOR-US: SAP
-CVE-2018-2365 (SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not ...)
+CVE-2018-2365
 	NOT-FOR-US: SAP NetWeaver Portal
-CVE-2018-2364 (SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND ...)
+CVE-2018-2364
 	NOT-FOR-US: SAP
-CVE-2018-2363 (SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, ...)
+CVE-2018-2363
 	NOT-FOR-US: SAP NetWeaver
-CVE-2018-2362 (A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send ...)
+CVE-2018-2362
 	NOT-FOR-US: SAP HANA
-CVE-2018-2361 (In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the ...)
+CVE-2018-2361
 	NOT-FOR-US: SAP Solution Manager
-CVE-2018-2360 (SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an ...)
+CVE-2018-2360
 	NOT-FOR-US: SAP Startup Service
 CVE-2018-2359
 	REJECTED
@@ -49073,7 +49063,7 @@ CVE-2018-2028
 	RESERVED
 CVE-2018-2027
 	RESERVED
-CVE-2018-2026 (IBM Financial Transaction Manager 3.2.1 for Digital Payments could ...)
+CVE-2018-2026
 	NOT-FOR-US: IBM
 CVE-2018-2025
 	RESERVED
@@ -49087,7 +49077,7 @@ CVE-2018-2021
 	RESERVED
 CVE-2018-2020
 	RESERVED
-CVE-2018-2019 (IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to ...)
+CVE-2018-2019
 	NOT-FOR-US: IBM
 CVE-2018-2018
 	RESERVED
@@ -49107,13 +49097,13 @@ CVE-2018-2011
 	RESERVED
 CVE-2018-2010
 	RESERVED
-CVE-2018-2009 (IBM API Connect v2018.1 and 2018.4.1 is affected by an information ...)
+CVE-2018-2009
 	NOT-FOR-US: IBM
 CVE-2018-2008
 	RESERVED
 CVE-2018-2007
 	RESERVED
-CVE-2018-2006 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
+CVE-2018-2006
 	NOT-FOR-US: IBM
 CVE-2018-2005
 	RESERVED
@@ -49129,17 +49119,17 @@ CVE-2018-2000
 	RESERVED
 CVE-2018-1999
 	RESERVED
-CVE-2018-1998 (IBM WebSphere MQ 8.0.0.0 through 9.1.1 could allow a local user to ...)
+CVE-2018-1998
 	NOT-FOR-US: IBM
 CVE-2018-1997
 	RESERVED
-CVE-2018-1996 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide ...)
+CVE-2018-1996
 	NOT-FOR-US: IBM
 CVE-2018-1995
 	RESERVED
 CVE-2018-1994
 	RESERVED
-CVE-2018-1993 (IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 ...)
+CVE-2018-1993
 	NOT-FOR-US: IBM
 CVE-2018-1992
 	RESERVED
@@ -49157,41 +49147,41 @@ CVE-2018-1986
 	RESERVED
 CVE-2018-1985
 	RESERVED
-CVE-2018-1984 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1984
 	NOT-FOR-US: IBM
-CVE-2018-1983 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1983
 	NOT-FOR-US: IBM
-CVE-2018-1982 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1982
 	NOT-FOR-US: IBM
 CVE-2018-1981
 	RESERVED
-CVE-2018-1980 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1980
 	NOT-FOR-US: IBM
 CVE-2018-1979
 	RESERVED
-CVE-2018-1978 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1978
 	NOT-FOR-US: IBM
-CVE-2018-1977 (IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) ...)
+CVE-2018-1977
 	NOT-FOR-US: IBM
-CVE-2018-1976 (IBM API Connect 5.0.0.0 through 5.0.8.4 is impacted by sensitive ...)
+CVE-2018-1976
 	NOT-FOR-US: IBM
 CVE-2018-1975
 	RESERVED
-CVE-2018-1974 (IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated ...)
+CVE-2018-1974
 	NOT-FOR-US: IBM
-CVE-2018-1973 (IBM API Connect 5.0.0.0 through 5.0.8.4 allows a user with limited ...)
+CVE-2018-1973
 	NOT-FOR-US: IBM
 CVE-2018-1972
 	RESERVED
 CVE-2018-1971
 	RESERVED
-CVE-2018-1970 (IBM Security Identity Manager 7.0.1 is vulnerable to a XML External ...)
+CVE-2018-1970
 	NOT-FOR-US: IBM
-CVE-2018-1969 (IBM Security Identity Manager 6.0.0 allows the attacker to upload or ...)
+CVE-2018-1969
 	NOT-FOR-US: IBM
 CVE-2018-1968
 	RESERVED
-CVE-2018-1967 (IBM Security Identity Manager 6.0.0 is vulnerable to cross-site ...)
+CVE-2018-1967
 	NOT-FOR-US: IBM
 CVE-2018-1966
 	RESERVED
@@ -49201,19 +49191,19 @@ CVE-2018-1964
 	RESERVED
 CVE-2018-1963
 	RESERVED
-CVE-2018-1962 (IBM Security Identity Manager 7.0.1 Virtual Appliance does not ...)
+CVE-2018-1962
 	NOT-FOR-US: IBM
 CVE-2018-1961
 	RESERVED
 CVE-2018-1960
 	RESERVED
-CVE-2018-1959 (IBM Security Identity Manager 7.0.1 Virtual Appliance contains ...)
+CVE-2018-1959
 	NOT-FOR-US: IBM
 CVE-2018-1958
 	RESERVED
-CVE-2018-1957 (IBM WebSphere Application Server 9 could allow sensitive information ...)
+CVE-2018-1957
 	NOT-FOR-US: IBM
-CVE-2018-1956 (IBM Security Identity Manager 6.0.0 does not require that users should ...)
+CVE-2018-1956
 	NOT-FOR-US: IBM
 CVE-2018-1955
 	RESERVED
@@ -49221,121 +49211,121 @@ CVE-2018-1954
 	RESERVED
 CVE-2018-1953
 	RESERVED
-CVE-2018-1952 (IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 ...)
+CVE-2018-1952
 	NOT-FOR-US: IBM
-CVE-2018-1951 (IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to ...)
+CVE-2018-1951
 	NOT-FOR-US: IBM
-CVE-2018-1950 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 ...)
+CVE-2018-1950
 	NOT-FOR-US: IBM
-CVE-2018-1949 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 ...)
+CVE-2018-1949
 	NOT-FOR-US: IBM
-CVE-2018-1948 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 ...)
+CVE-2018-1948
 	NOT-FOR-US: IBM
-CVE-2018-1947 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 ...)
+CVE-2018-1947
 	NOT-FOR-US: IBM
-CVE-2018-1946 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 ...)
+CVE-2018-1946
 	NOT-FOR-US: IBM
-CVE-2018-1945 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 ...)
+CVE-2018-1945
 	NOT-FOR-US: IBM
-CVE-2018-1944 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 ...)
+CVE-2018-1944
 	NOT-FOR-US: IBM
 CVE-2018-1943
 	RESERVED
 CVE-2018-1942
 	RESERVED
-CVE-2018-1941 (IBM Campaign 9.1.0 and 9.1.2 could allow a local user to obtain admini ...)
+CVE-2018-1941
 	NOT-FOR-US: IBM
 CVE-2018-1940
 	RESERVED
-CVE-2018-1939 (IBM Cloud Private 3.1.1 could allow a remote attacker to conduct ...)
+CVE-2018-1939
 	NOT-FOR-US: IBM
-CVE-2018-1938 (IBM Cloud Private 3.1.1 could alllow a local user with administrator ...)
+CVE-2018-1938
 	NOT-FOR-US: IBM
-CVE-2018-1937 (IBM Cloud Private 3.1.1 could alllow a local user with administrator ...)
+CVE-2018-1937
 	NOT-FOR-US: IBM
 CVE-2018-1936
 	RESERVED
-CVE-2018-1935 (IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to ...)
+CVE-2018-1935
 	NOT-FOR-US: IBM
 CVE-2018-1934
 	RESERVED
 CVE-2018-1933
 	RESERVED
-CVE-2018-1932 (IBM API Connect 5.0.0.0 through 5.0.8.4 is affected by a vulnerability ...)
+CVE-2018-1932
 	NOT-FOR-US: IBM
 CVE-2018-1931
 	RESERVED
 CVE-2018-1930
 	RESERVED
-CVE-2018-1929 (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could ...)
+CVE-2018-1929
 	NOT-FOR-US: IBM
-CVE-2018-1928 (IBM StoredIQ 7.6.0 does not implement proper authorization of user ...)
+CVE-2018-1928
 	NOT-FOR-US: IBM
-CVE-2018-1927 (IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which ...)
+CVE-2018-1927
 	NOT-FOR-US: IBM
-CVE-2018-1926 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console ...)
+CVE-2018-1926
 	NOT-FOR-US: IBM
 CVE-2018-1925
 	RESERVED
 CVE-2018-1924
 	RESERVED
-CVE-2018-1923 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1923
 	NOT-FOR-US: IBM
-CVE-2018-1922 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1922
 	NOT-FOR-US: IBM
 CVE-2018-1921
 	RESERVED
-CVE-2018-1920 (IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML ...)
+CVE-2018-1920
 	NOT-FOR-US: IBM
 CVE-2018-1919
 	RESERVED
-CVE-2018-1918 (IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is ...)
+CVE-2018-1918
 	NOT-FOR-US: IBM
 CVE-2018-1917
 	RESERVED
-CVE-2018-1916 (IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 ...)
+CVE-2018-1916
 	NOT-FOR-US: IBM
 CVE-2018-1915
 	RESERVED
-CVE-2018-1914 (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is ...)
+CVE-2018-1914
 	NOT-FOR-US: IBM
 CVE-2018-1913
 	RESERVED
-CVE-2018-1912 (IBM DOORS Next Generation (DNG/RRC) 6.0.2 through 6.0.6 is vulnerable ...)
+CVE-2018-1912
 	NOT-FOR-US: IBM
-CVE-2018-1911 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1911
 	NOT-FOR-US: IBM
-CVE-2018-1910 (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is ...)
+CVE-2018-1910
 	NOT-FOR-US: IBM
 CVE-2018-1909
 	RESERVED
-CVE-2018-1908 (IBM Robotic Process Automation with Automation Anywhere 11 is ...)
+CVE-2018-1908
 	NOT-FOR-US: IBM
 CVE-2018-1907
 	RESERVED
 CVE-2018-1906
 	RESERVED
-CVE-2018-1905 (IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable ...)
+CVE-2018-1905
 	NOT-FOR-US: IBM
-CVE-2018-1904 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow ...)
+CVE-2018-1904
 	NOT-FOR-US: IBM
 CVE-2018-1903
 	RESERVED
-CVE-2018-1902 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
+CVE-2018-1902
 	NOT-FOR-US: IBM
-CVE-2018-1901 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote ...)
+CVE-2018-1901
 	NOT-FOR-US: IBM
-CVE-2018-1900 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and ...)
+CVE-2018-1900
 	NOT-FOR-US: IBM
-CVE-2018-1899 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an ...)
+CVE-2018-1899
 	NOT-FOR-US: IBM
 CVE-2018-1898
 	RESERVED
-CVE-2018-1897 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 ...)
+CVE-2018-1897
 	NOT-FOR-US: IBM
-CVE-2018-1896 (IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host ...)
+CVE-2018-1896
 	NOT-FOR-US: IBM
-CVE-2018-1895 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable ...)
+CVE-2018-1895
 	NOT-FOR-US: IBM
 CVE-2018-1894
 	RESERVED
@@ -49343,23 +49333,23 @@ CVE-2018-1893
 	RESERVED
 CVE-2018-1892
 	RESERVED
-CVE-2018-1891 (IBM Security Guardium 10 and 10.5 is vulnerable to cross-site ...)
+CVE-2018-1891
 	NOT-FOR-US: IBM
-CVE-2018-1890 (IBM SDK, Java Technology Edition Version 8 on the AIX platform uses ...)
+CVE-2018-1890
 	NOT-FOR-US: IBM Java on AIX
-CVE-2018-1889 (IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site ...)
+CVE-2018-1889
 	NOT-FOR-US: IBM
-CVE-2018-1888 (An untrusted search path vulnerability in IBM i Access for Windows ...)
+CVE-2018-1888
 	NOT-FOR-US: IBM
-CVE-2018-1887 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1887
 	NOT-FOR-US: IBM
-CVE-2018-1886 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1886
 	NOT-FOR-US: IBM
 CVE-2018-1885
 	RESERVED
-CVE-2018-1884 (IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and ...)
+CVE-2018-1884
 	NOT-FOR-US: IBM Case Manager
-CVE-2018-1883 (A problem within the IBM MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, and 9.1.0.0 ...)
+CVE-2018-1883
 	NOT-FOR-US: IBM
 CVE-2018-1882
 	RESERVED
@@ -49369,21 +49359,21 @@ CVE-2018-1880
 	RESERVED
 CVE-2018-1879
 	RESERVED
-CVE-2018-1878 (IBM Robotic Process Automation with Automation Anywhere 11 could ...)
+CVE-2018-1878
 	NOT-FOR-US: IBM
-CVE-2018-1877 (IBM Robotic Process Automation with Automation Anywhere 11 could store ...)
+CVE-2018-1877
 	NOT-FOR-US: IBM
-CVE-2018-1876 (IBM Robotic Process Automation with Automation Anywhere 11 could under ...)
+CVE-2018-1876
 	NOT-FOR-US: IBM
-CVE-2018-1875 (IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 ...)
+CVE-2018-1875
 	NOT-FOR-US: IBM
 CVE-2018-1874
 	RESERVED
 CVE-2018-1873
 	RESERVED
-CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
+CVE-2018-1872
 	NOT-FOR-US: IBM
-CVE-2018-1871 (IBM Financial Transaction Manager for Digital Payments for ...)
+CVE-2018-1871
 	NOT-FOR-US: IBM
 CVE-2018-1870
 	RESERVED
@@ -49407,11 +49397,11 @@ CVE-2018-1861
 	RESERVED
 CVE-2018-1860
 	RESERVED
-CVE-2018-1859 (IBM API Connect 5.0.0.0 through 5.0.8.4 could allow a user ...)
+CVE-2018-1859
 	NOT-FOR-US: IBM
 CVE-2018-1858
 	RESERVED
-CVE-2018-1857 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 ...)
+CVE-2018-1857
 	NOT-FOR-US: IBM
 CVE-2018-1856
 	RESERVED
@@ -49423,43 +49413,43 @@ CVE-2018-1853
 	RESERVED
 CVE-2018-1852
 	RESERVED
-CVE-2018-1851 (IBM WebSphere Application Server Liberty OpenID Connect could allow a ...)
+CVE-2018-1851
 	NOT-FOR-US: IBM
-CVE-2018-1850 (IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 ...)
+CVE-2018-1850
 	NOT-FOR-US: IBM
 CVE-2018-1849
 	RESERVED
-CVE-2018-1848 (IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable ...)
+CVE-2018-1848
 	NOT-FOR-US: IBM
 CVE-2018-1847
 	RESERVED
-CVE-2018-1846 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 ...)
+CVE-2018-1846
 	NOT-FOR-US: IBM
 CVE-2018-1845
 	RESERVED
-CVE-2018-1844 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML ...)
+CVE-2018-1844
 	NOT-FOR-US: IBM
-CVE-2018-1843 (The Identity and Access Management (IAM) services (IBM Cloud Private ...)
+CVE-2018-1843
 	NOT-FOR-US: IBM
-CVE-2018-1842 (IBM Cognos Analytics 11 Configuration tool, under certain ...)
+CVE-2018-1842
 	NOT-FOR-US: IBM
-CVE-2018-1841 (IBM Cloud Private 2.1.0 could allow a local user to obtain the CA ...)
+CVE-2018-1841
 	NOT-FOR-US: IBM
-CVE-2018-1840 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote ...)
+CVE-2018-1840
 	NOT-FOR-US: IBM
 CVE-2018-1839
 	RESERVED
-CVE-2018-1838 (IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could allow ...)
+CVE-2018-1838
 	NOT-FOR-US: IBM
 CVE-2018-1837
 	RESERVED
 CVE-2018-1836
 	RESERVED
-CVE-2018-1835 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 5 is vulnerable to ...)
+CVE-2018-1835
 	NOT-FOR-US: IBM
-CVE-2018-1834 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1834
 	NOT-FOR-US: IBM
-CVE-2018-1833 (IBM Event Streams 2018.3.0 could allow a remote attacker to submit an ...)
+CVE-2018-1833
 	NOT-FOR-US: IBM Event Streams
 CVE-2018-1832
 	RESERVED
@@ -49467,7 +49457,7 @@ CVE-2018-1831
 	RESERVED
 CVE-2018-1830
 	RESERVED
-CVE-2018-1829 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1829
 	NOT-FOR-US: IBM
 CVE-2018-1828
 	RESERVED
@@ -49475,33 +49465,33 @@ CVE-2018-1827
 	RESERVED
 CVE-2018-1826
 	RESERVED
-CVE-2018-1825 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1825
 	NOT-FOR-US: IBM
-CVE-2018-1824 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1824
 	NOT-FOR-US: IBM
-CVE-2018-1823 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1823
 	NOT-FOR-US: IBM
-CVE-2018-1822 (IBM FlashSystem 900 product GUI allows a specially crafted attack to ...)
+CVE-2018-1822
 	NOT-FOR-US: IBM
-CVE-2018-1821 (IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is ...)
+CVE-2018-1821
 	NOT-FOR-US: IBM
-CVE-2018-1820 (IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site ...)
+CVE-2018-1820
 	NOT-FOR-US: IBM
-CVE-2018-1819 (IBM Financial Transaction Manager for Digital Payments for ...)
+CVE-2018-1819
 	NOT-FOR-US: IBM
-CVE-2018-1818 (IBM Security Guardium 10 and 10.5 contains hard-coded credentials, ...)
+CVE-2018-1818
 	NOT-FOR-US: IBM
-CVE-2018-1817 (IBM Security Guardium 10 and 10.5 is vulnerable to cross-site ...)
+CVE-2018-1817
 	NOT-FOR-US: IBM
 CVE-2018-1816
 	RESERVED
-CVE-2018-1815 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1815
 	NOT-FOR-US: IBM
-CVE-2018-1814 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1814
 	NOT-FOR-US: IBM
-CVE-2018-1813 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1813
 	NOT-FOR-US: IBM
-CVE-2018-1812 (IBM Robotic Process Automation with Automation Anywhere Enterprise 10 ...)
+CVE-2018-1812
 	NOT-FOR-US: IBM
 CVE-2018-1811
 	RESERVED
@@ -49509,257 +49499,257 @@ CVE-2018-1810
 	RESERVED
 CVE-2018-1809
 	RESERVED
-CVE-2018-1808 (IBM WebSphere Commerce 9.0.0.0 through 9.0.0.6 could allow some ...)
+CVE-2018-1808
 	NOT-FOR-US: IBM
 CVE-2018-1807
 	RESERVED
 CVE-2018-1806
 	RESERVED
-CVE-2018-1805 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1805
 	NOT-FOR-US: IBM
-CVE-2018-1804 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1804
 	NOT-FOR-US: IBM
-CVE-2018-1803 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1803
 	NOT-FOR-US: IBM
-CVE-2018-1802 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1802
 	NOT-FOR-US: IBM
-CVE-2018-1801 (IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus ...)
+CVE-2018-1801
 	NOT-FOR-US: IBM
-CVE-2018-1800 (IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could ...)
+CVE-2018-1800
 	NOT-FOR-US: IBM
-CVE-2018-1799 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1799
 	NOT-FOR-US: IBM
-CVE-2018-1798 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
+CVE-2018-1798
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2018-1797 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using ...)
+CVE-2018-1797
 	NOT-FOR-US: IBM
 CVE-2018-1796
 	RESERVED
-CVE-2018-1795 (IBM Robotic Process Automation with Automation Anywhere Enterprise 10 ...)
+CVE-2018-1795
 	NOT-FOR-US: IBM
-CVE-2018-1794 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using OAuth ...)
+CVE-2018-1794
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2018-1793 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using SAML ear ...)
+CVE-2018-1793
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2018-1792 (IBM WebSphere MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, ...)
+CVE-2018-1792
 	NOT-FOR-US: IBM
-CVE-2018-1791 (IBM Connections 5.0, 5.5, and 6.0 is vulnerable to an External Service ...)
+CVE-2018-1791
 	NOT-FOR-US: IBM
 CVE-2018-1790
 	RESERVED
-CVE-2018-1789 (IBM API Connect v2018.1.0 through v2018.3.4 could allow an attacker to ...)
+CVE-2018-1789
 	NOT-FOR-US: IBM
-CVE-2018-1788 (IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly ...)
+CVE-2018-1788
 	NOT-FOR-US: IBM
 CVE-2018-1787
 	RESERVED
-CVE-2018-1786 (IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly ...)
+CVE-2018-1786
 	NOT-FOR-US: IBM Spectrum Protect
-CVE-2018-1785 (IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses ...)
+CVE-2018-1785
 	NOT-FOR-US: IBM
-CVE-2018-1784 (IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection ...)
+CVE-2018-1784
 	NOT-FOR-US: IBM
-CVE-2018-1783 (IBM GPFS (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, ...)
+CVE-2018-1783
 	NOT-FOR-US: IBM
-CVE-2018-1782 (IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, ...)
+CVE-2018-1782
 	NOT-FOR-US: IBM
-CVE-2018-1781 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1781
 	NOT-FOR-US: IBM
-CVE-2018-1780 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1780
 	NOT-FOR-US: IBM
-CVE-2018-1779 (IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated ...)
+CVE-2018-1779
 	NOT-FOR-US: IBM
-CVE-2018-1778 (IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) ...)
+CVE-2018-1778
 	NOT-FOR-US: IBM
-CVE-2018-1777 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
+CVE-2018-1777
 	NOT-FOR-US: IBM
 CVE-2018-1776
 	RESERVED
-CVE-2018-1775 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1775
 	NOT-FOR-US: IBM
-CVE-2018-1774 (IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to ...)
+CVE-2018-1774
 	NOT-FOR-US: IBM
-CVE-2018-1773 (IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an ...)
+CVE-2018-1773
 	NOT-FOR-US: IBM
-CVE-2018-1772 (IBM SPSS Analytic Server 3.1.1.1 is vulnerable to cross-site ...)
+CVE-2018-1772
 	NOT-FOR-US: IBM
-CVE-2018-1771 (IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands ...)
+CVE-2018-1771
 	NOT-FOR-US: IBM
-CVE-2018-1770 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
+CVE-2018-1770
 	NOT-FOR-US: IBM
 CVE-2018-1769
 	RESERVED
-CVE-2018-1768 (IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive ...)
+CVE-2018-1768
 	NOT-FOR-US: IBM
-CVE-2018-1767 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cachemonitor ...)
+CVE-2018-1767
 	NOT-FOR-US: IBM
-CVE-2018-1766 (IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5 are ...)
+CVE-2018-1766
 	NOT-FOR-US: IBM
 CVE-2018-1765
 	RESERVED
-CVE-2018-1764 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1764
 	NOT-FOR-US: IBM
-CVE-2018-1763 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1763
 	NOT-FOR-US: IBM
-CVE-2018-1762 (IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and ...)
+CVE-2018-1762
 	NOT-FOR-US: IBM
-CVE-2018-1761 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1761
 	NOT-FOR-US: IBM
 CVE-2018-1760
 	RESERVED
-CVE-2018-1759 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to ...)
+CVE-2018-1759
 	NOT-FOR-US: IBM
 CVE-2018-1758
 	RESERVED
-CVE-2018-1757 (IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 ...)
+CVE-2018-1757
 	NOT-FOR-US: IBM
-CVE-2018-1756 (IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is ...)
+CVE-2018-1756
 	NOT-FOR-US: IBM
-CVE-2018-1755 (IBM WebSphere Application Server Liberty could allow a remote attacker ...)
+CVE-2018-1755
 	NOT-FOR-US: IBM
 CVE-2018-1754
 	RESERVED
-CVE-2018-1753 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 generates an error ...)
+CVE-2018-1753
 	NOT-FOR-US: IBM
 CVE-2018-1752
 	RESERVED
-CVE-2018-1751 (IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker ...)
+CVE-2018-1751
 	NOT-FOR-US: IBM
-CVE-2018-1750 (IBM Security Key Lifecycle Manager 3.0 specifies permissions for a ...)
+CVE-2018-1750
 	NOT-FOR-US: IBM
-CVE-2018-1749 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 uses incomplete ...)
+CVE-2018-1749
 	NOT-FOR-US: IBM
 CVE-2018-1748
 	RESERVED
-CVE-2018-1747 (IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is ...)
+CVE-2018-1747
 	NOT-FOR-US: IBM
 CVE-2018-1746
 	RESERVED
-CVE-2018-1745 (IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an ...)
+CVE-2018-1745
 	NOT-FOR-US: IBM
-CVE-2018-1744 (IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow ...)
+CVE-2018-1744
 	NOT-FOR-US: IBM
-CVE-2018-1743 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 discloses sensitive ...)
+CVE-2018-1743
 	NOT-FOR-US: IBM
-CVE-2018-1742 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded ...)
+CVE-2018-1742
 	NOT-FOR-US: IBM
-CVE-2018-1741 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 does not properly ...)
+CVE-2018-1741
 	NOT-FOR-US: IBM
-CVE-2018-1740 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1740
 	NOT-FOR-US: IBM
 CVE-2018-1739
 	RESERVED
-CVE-2018-1738 (IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an ...)
+CVE-2018-1738
 	NOT-FOR-US: IBM
 CVE-2018-1737
 	RESERVED
-CVE-2018-1736 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote ...)
+CVE-2018-1736
 	NOT-FOR-US: IBM
 CVE-2018-1735
 	RESERVED
 CVE-2018-1734
 	RESERVED
-CVE-2018-1733 (IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled ...)
+CVE-2018-1733
 	NOT-FOR-US: IBM
-CVE-2018-1732 (IBM QRadar SIEM 1.14.0 discloses sensitive information to unauthorized ...)
+CVE-2018-1732
 	NOT-FOR-US: IBM
 CVE-2018-1731
 	RESERVED
-CVE-2018-1730 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity ...)
+CVE-2018-1730
 	NOT-FOR-US: IBM
 CVE-2018-1729
 	RESERVED
-CVE-2018-1728 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. ...)
+CVE-2018-1728
 	NOT-FOR-US: IBM
-CVE-2018-1727 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is ...)
+CVE-2018-1727
 	NOT-FOR-US: IBM
 CVE-2018-1726
 	RESERVED
 CVE-2018-1725
 	RESERVED
-CVE-2018-1724 (IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user ...)
+CVE-2018-1724
 	NOT-FOR-US: IBM
-CVE-2018-1723 (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and ...)
+CVE-2018-1723
 	NOT-FOR-US: IBM
-CVE-2018-1722 (IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow ...)
+CVE-2018-1722
 	NOT-FOR-US: IBM
 CVE-2018-1721
 	RESERVED
 CVE-2018-1720
 	RESERVED
-CVE-2018-1719 (IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than ...)
+CVE-2018-1719
 	NOT-FOR-US: IBM
-CVE-2018-1718 (IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is ...)
+CVE-2018-1718
 	NOT-FOR-US: IBM
 CVE-2018-1717
 	RESERVED
-CVE-2018-1716 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to ...)
+CVE-2018-1716
 	NOT-FOR-US: IBM
-CVE-2018-1715 (IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to ...)
+CVE-2018-1715
 	NOT-FOR-US: IBM
 CVE-2018-1714
 	RESERVED
 CVE-2018-1713
 	RESERVED
-CVE-2018-1712 (IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is ...)
+CVE-2018-1712
 	NOT-FOR-US: IBM
-CVE-2018-1711 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1711
 	NOT-FOR-US: IBM
-CVE-2018-1710 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) ...)
+CVE-2018-1710
 	NOT-FOR-US: IBM
 CVE-2018-1709
 	RESERVED
-CVE-2018-1708 (IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow an authenticated ...)
+CVE-2018-1708
 	NOT-FOR-US: IBM
 CVE-2018-1707
 	RESERVED
-CVE-2018-1706 (IBM Spectrum Symphony 7.2.0.2 is vulnerable to cross-site scripting. ...)
+CVE-2018-1706
 	NOT-FOR-US: IBM
-CVE-2018-1705 (IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum ...)
+CVE-2018-1705
 	NOT-FOR-US: IBM Platform Symphony
-CVE-2018-1704 (IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum ...)
+CVE-2018-1704
 	NOT-FOR-US: IBM
 CVE-2018-1703
 	RESERVED
-CVE-2018-1702 (IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum ...)
+CVE-2018-1702
 	NOT-FOR-US: IBM
-CVE-2018-1701 (IBM InfoSphere Information Server 11.7 could allow an authenciated ...)
+CVE-2018-1701
 	NOT-FOR-US: IBM
 CVE-2018-1700
 	RESERVED
-CVE-2018-1699 (IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL ...)
+CVE-2018-1699
 	NOT-FOR-US: IBM
-CVE-2018-1698 (IBM Maximo Asset Management 7.6 through 7.6.3 could allow an ...)
+CVE-2018-1698
 	NOT-FOR-US: IBM
-CVE-2018-1697 (IBM Maximo Asset Management 7.6 could allow an authenticated user to ...)
+CVE-2018-1697
 	NOT-FOR-US: IBM
 CVE-2018-1696
 	RESERVED
-CVE-2018-1695 (IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations ...)
+CVE-2018-1695
 	NOT-FOR-US: IBM
-CVE-2018-1694 (IBM Jazz applications (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2018-1694
 	NOT-FOR-US: IBM
 CVE-2018-1693
 	RESERVED
-CVE-2018-1692 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1692
 	NOT-FOR-US: IBM
-CVE-2018-1691 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1691
 	NOT-FOR-US: IBM
-CVE-2018-1690 (IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site ...)
+CVE-2018-1690
 	NOT-FOR-US: IBM Rhapsody Model Manager
 CVE-2018-1689
 	RESERVED
-CVE-2018-1688 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2018-1688
 	NOT-FOR-US: IBM
 CVE-2018-1687
 	RESERVED
-CVE-2018-1686 (IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to ...)
+CVE-2018-1686
 	NOT-FOR-US: IBM
-CVE-2018-1685 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1685
 	NOT-FOR-US: IBM
-CVE-2018-1684 (IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT ...)
+CVE-2018-1684
 	NOT-FOR-US: IBM
-CVE-2018-1683 (IBM WebSphere Application Server Liberty could allow a remote attacker ...)
+CVE-2018-1683
 	NOT-FOR-US: IBM
 CVE-2018-1682
 	RESERVED
@@ -49767,79 +49757,79 @@ CVE-2018-1681
 	RESERVED
 CVE-2018-1680
 	RESERVED
-CVE-2018-1679 (IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could ...)
+CVE-2018-1679
 	NOT-FOR-US: IBM
 CVE-2018-1678
 	RESERVED
-CVE-2018-1677 (IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and ...)
+CVE-2018-1677
 	NOT-FOR-US: IBM
-CVE-2018-1676 (IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site ...)
+CVE-2018-1676
 	NOT-FOR-US: IBM Planning Analytics
-CVE-2018-1675 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 ...)
+CVE-2018-1675
 	NOT-FOR-US: IBM
-CVE-2018-1674 (IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through ...)
+CVE-2018-1674
 	NOT-FOR-US: IBM
-CVE-2018-1673 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to ...)
+CVE-2018-1673
 	NOT-FOR-US: IBM
-CVE-2018-1672 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the ...)
+CVE-2018-1672
 	NOT-FOR-US: IBM
-CVE-2018-1671 (IBM Curam Social Program Management 7.0.3 is vulnerable to HTML ...)
+CVE-2018-1671
 	NOT-FOR-US: IBM
-CVE-2018-1670 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
+CVE-2018-1670
 	NOT-FOR-US: IBM
-CVE-2018-1669 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 ...)
+CVE-2018-1669
 	NOT-FOR-US: IBM
-CVE-2018-1668 (IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through ...)
+CVE-2018-1668
 	NOT-FOR-US: IBM
-CVE-2018-1667 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through ...)
+CVE-2018-1667
 	NOT-FOR-US: IBM
-CVE-2018-1666 (IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 ...)
+CVE-2018-1666
 	NOT-FOR-US: IBM
-CVE-2018-1665 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through ...)
+CVE-2018-1665
 	NOT-FOR-US: IBM
-CVE-2018-1664 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 ...)
+CVE-2018-1664
 	NOT-FOR-US: IBM
-CVE-2018-1663 (IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow ...)
+CVE-2018-1663
 	NOT-FOR-US: IBM
 CVE-2018-1662
 	RESERVED
-CVE-2018-1661 (IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to ...)
+CVE-2018-1661
 	NOT-FOR-US: IBM
-CVE-2018-1660 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to ...)
+CVE-2018-1660
 	NOT-FOR-US: IBM
-CVE-2018-1659 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 ...)
+CVE-2018-1659
 	NOT-FOR-US: IBM
-CVE-2018-1658 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
+CVE-2018-1658
 	NOT-FOR-US: IBM
-CVE-2018-1657 (IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to ...)
+CVE-2018-1657
 	NOT-FOR-US: IBM
-CVE-2018-1656 (The IBM Java Runtime Environment's Diagnostic Tooling Framework for ...)
+CVE-2018-1656
 	NOT-FOR-US: IBM JDK
-CVE-2018-1655 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock ...)
+CVE-2018-1655
 	NOT-FOR-US: IBM AIX
-CVE-2018-1654 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and ...)
+CVE-2018-1654
 	NOT-FOR-US: IBM
-CVE-2018-1653 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
+CVE-2018-1653
 	NOT-FOR-US: IBM
-CVE-2018-1652 (IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through ...)
+CVE-2018-1652
 	NOT-FOR-US: IBM
 CVE-2018-1651
 	RESERVED
-CVE-2018-1650 (IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could ...)
+CVE-2018-1650
 	NOT-FOR-US: IBM
-CVE-2018-1649 (IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote ...)
+CVE-2018-1649
 	NOT-FOR-US: IBM
-CVE-2018-1648 (IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic ...)
+CVE-2018-1648
 	NOT-FOR-US: IBM
-CVE-2018-1647 (IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict ...)
+CVE-2018-1647
 	NOT-FOR-US: IBM
 CVE-2018-1646
 	RESERVED
 CVE-2018-1645
 	RESERVED
-CVE-2018-1644 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
+CVE-2018-1644
 	NOT-FOR-US: IBM
-CVE-2018-1643 (The Installation Verification Tool of IBM WebSphere Application Server ...)
+CVE-2018-1643
 	NOT-FOR-US: IBM
 CVE-2018-1642
 	RESERVED
@@ -49847,9 +49837,9 @@ CVE-2018-1641
 	RESERVED
 CVE-2018-1640
 	RESERVED
-CVE-2018-1639 (The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 ...)
+CVE-2018-1639
 	NOT-FOR-US: IBM
-CVE-2018-1638 (IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two ...)
+CVE-2018-1638
 	NOT-FOR-US: IBM
 CVE-2018-1637
 	RESERVED
@@ -49883,7 +49873,7 @@ CVE-2018-1623
 	RESERVED
 CVE-2018-1622
 	RESERVED
-CVE-2018-1621 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
+CVE-2018-1621
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2018-1620
 	RESERVED
@@ -49897,37 +49887,37 @@ CVE-2018-1616
 	RESERVED
 CVE-2018-1615
 	RESERVED
-CVE-2018-1614 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using ...)
+CVE-2018-1614
 	NOT-FOR-US: IBM
 CVE-2018-1613
 	RESERVED
-CVE-2018-1612 (IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could ...)
+CVE-2018-1612
 	NOT-FOR-US: IBM
 CVE-2018-1611
 	RESERVED
-CVE-2018-1610 (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1610
 	NOT-FOR-US: IBM
 CVE-2018-1609
 	RESERVED
 CVE-2018-1608
 	RESERVED
-CVE-2018-1607 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 ...)
+CVE-2018-1607
 	NOT-FOR-US: IBM
-CVE-2018-1606 (IBM Jazz based applications (IBM Rational Collaborative Lifecycle ...)
+CVE-2018-1606
 	NOT-FOR-US: IBM
-CVE-2018-1605 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1605
 	NOT-FOR-US: IBM
-CVE-2018-1604 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1604
 	NOT-FOR-US: IBM
-CVE-2018-1603 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1603
 	NOT-FOR-US: IBM
-CVE-2018-1602 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1602
 	NOT-FOR-US: IBM
-CVE-2018-1601 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1601
 	NOT-FOR-US: IBM
-CVE-2018-1600 (IBM BigFix Platform 9.2 and 9.5 transmits sensitive or ...)
+CVE-2018-1600
 	NOT-FOR-US: IBM
-CVE-2018-1599 (IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker ...)
+CVE-2018-1599
 	NOT-FOR-US: IBM
 CVE-2018-1598
 	RESERVED
@@ -49935,11 +49925,11 @@ CVE-2018-1597
 	RESERVED
 CVE-2018-1596
 	RESERVED
-CVE-2018-1595 (IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could ...)
+CVE-2018-1595
 	NOT-FOR-US: IBM
 CVE-2018-1594
 	RESERVED
-CVE-2018-1593 (IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized ...)
+CVE-2018-1593
 	NOT-FOR-US: IBM
 CVE-2018-1592
 	RESERVED
@@ -49949,17 +49939,17 @@ CVE-2018-1590
 	RESERVED
 CVE-2018-1589
 	RESERVED
-CVE-2018-1588 (IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 ...)
+CVE-2018-1588
 	NOT-FOR-US: IBM
-CVE-2018-1587 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1587
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
 CVE-2018-1586
 	RESERVED
-CVE-2018-1585 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1585
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
-CVE-2018-1584 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
+CVE-2018-1584
 	NOT-FOR-US: IBM
-CVE-2018-1583 (IBM StoredIQ 7.6 could allow an authenticated attacker to bypass ...)
+CVE-2018-1583
 	NOT-FOR-US: IBM
 CVE-2018-1582
 	RESERVED
@@ -49983,123 +49973,123 @@ CVE-2018-1573
 	RESERVED
 CVE-2018-1572
 	RESERVED
-CVE-2018-1571 (IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to ...)
+CVE-2018-1571
 	NOT-FOR-US: IBM
 CVE-2018-1570
 	RESERVED
 CVE-2018-1569
 	RESERVED
-CVE-2018-1568 (IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally ...)
+CVE-2018-1568
 	NOT-FOR-US: IBM
-CVE-2018-1567 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow ...)
+CVE-2018-1567
 	NOT-FOR-US: IBM
-CVE-2018-1566 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1566
 	NOT-FOR-US: IBM
-CVE-2018-1565 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1565
 	NOT-FOR-US: IBM
-CVE-2018-1564 (IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could ...)
+CVE-2018-1564
 	NOT-FOR-US: IBM
-CVE-2018-1563 (IBM Sterling B2B Integrator Standard Edition (IBM Sterling File ...)
+CVE-2018-1563
 	NOT-FOR-US: IBM
 CVE-2018-1562
 	RESERVED
 CVE-2018-1561
 	RESERVED
-CVE-2018-1560 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 ...)
+CVE-2018-1560
 	NOT-FOR-US: IBM
 CVE-2018-1559
 	RESERVED
-CVE-2018-1558 (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and ...)
+CVE-2018-1558
 	NOT-FOR-US: IBM
-CVE-2018-1557 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1557
 	NOT-FOR-US: IBM
-CVE-2018-1556 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to ...)
+CVE-2018-1556
 	NOT-FOR-US: IBM FileNet Content Manager
-CVE-2018-1555 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to ...)
+CVE-2018-1555
 	NOT-FOR-US: IBM FileNet Content Manager
-CVE-2018-1554 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
+CVE-2018-1554
 	NOT-FOR-US: IBM
-CVE-2018-1553 (IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow ...)
+CVE-2018-1553
 	NOT-FOR-US: IBM
-CVE-2018-1552 (IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 ...)
+CVE-2018-1552
 	NOT-FOR-US: IBM
-CVE-2018-1551 (IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 ...)
+CVE-2018-1551
 	NOT-FOR-US: IBM
-CVE-2018-1550 (IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt ...)
+CVE-2018-1550
 	NOT-FOR-US: IBM
-CVE-2018-1549 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2018-1549
 	NOT-FOR-US: IBM
-CVE-2018-1548 (IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 ...)
+CVE-2018-1548
 	NOT-FOR-US: IBM
-CVE-2018-1547 (IBM Robotic Process Automation with Automation Anywhere 10.0 could ...)
+CVE-2018-1547
 	NOT-FOR-US: IBM
-CVE-2018-1546 (IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker ...)
+CVE-2018-1546
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1545 (IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses ...)
+CVE-2018-1545
 	NOT-FOR-US: IBM
-CVE-2018-1544 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1544
 	NOT-FOR-US: IBM
-CVE-2018-1543 (IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain ...)
+CVE-2018-1543
 	NOT-FOR-US: IBM
-CVE-2018-1542 (IBM FileNet Content Manager, IBM Content Foundation, and IBM Case ...)
+CVE-2018-1542
 	NOT-FOR-US: IBM
-CVE-2018-1541 (IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to ...)
+CVE-2018-1541
 	NOT-FOR-US: IBM
 CVE-2018-1540
 	RESERVED
-CVE-2018-1539 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 ...)
+CVE-2018-1539
 	NOT-FOR-US: IBM
 CVE-2018-1538
 	RESERVED
 CVE-2018-1537
 	RESERVED
-CVE-2018-1536 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1536
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
-CVE-2018-1535 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1535
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
-CVE-2018-1534 (IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to ...)
+CVE-2018-1534
 	NOT-FOR-US: IBM
-CVE-2018-1533 (IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to ...)
+CVE-2018-1533
 	NOT-FOR-US: IBM
-CVE-2018-1532 (IBM API Connect 5.0.0.0 through 5.0.8.2 does not properly update the ...)
+CVE-2018-1532
 	NOT-FOR-US: IBM API Connect
 CVE-2018-1531
 	RESERVED
 CVE-2018-1530
 	RESERVED
-CVE-2018-1529 (IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through ...)
+CVE-2018-1529
 	NOT-FOR-US: IBM Rational DOORS Next Generation
-CVE-2018-1528 (IBM Maximo Asset Management 7.6 through 7.6.3 could allow an ...)
+CVE-2018-1528
 	NOT-FOR-US: IBM
 CVE-2018-1527
 	RESERVED
 CVE-2018-1526
 	RESERVED
-CVE-2018-1525 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
+CVE-2018-1525
 	NOT-FOR-US: IBM
-CVE-2018-1524 (IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default ...)
+CVE-2018-1524
 	NOT-FOR-US: IBM
-CVE-2018-1523 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2018-1523
 	NOT-FOR-US: IBM
-CVE-2018-1522 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1522
 	NOT-FOR-US: IBM
-CVE-2018-1521 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are ...)
+CVE-2018-1521
 	NOT-FOR-US: IBM
 CVE-2018-1520
 	RESERVED
 CVE-2018-1519
 	RESERVED
-CVE-2018-1518 (IBM InfoSphere Information Server 11.7 is affected by a weak password ...)
+CVE-2018-1518
 	NOT-FOR-US: IBM
-CVE-2018-1517 (A flaw in the java.math component in IBM SDK, Java Technology Edition ...)
+CVE-2018-1517
 	NOT-FOR-US: IBM JDK
 CVE-2018-1516
 	RESERVED
-CVE-2018-1515 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
+CVE-2018-1515
 	NOT-FOR-US: IBM
-CVE-2018-1514 (IBM Robotic Process Automation with Automation Anywhere 10.0 is ...)
+CVE-2018-1514
 	NOT-FOR-US: IBM
-CVE-2018-1513 (IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is ...)
+CVE-2018-1513
 	NOT-FOR-US: IBM
 CVE-2018-1512
 	RESERVED
@@ -50107,21 +50097,21 @@ CVE-2018-1511
 	RESERVED
 CVE-2018-1510
 	RESERVED
-CVE-2018-1509 (IBM Security Guardium EcoSystem 10.5 does not validate, or incorrectly ...)
+CVE-2018-1509
 	NOT-FOR-US: IBM
 CVE-2018-1508
 	RESERVED
-CVE-2018-1507 (IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site ...)
+CVE-2018-1507
 	NOT-FOR-US: IBM
 CVE-2018-1506
 	RESERVED
-CVE-2018-1505 (IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored ...)
+CVE-2018-1505
 	NOT-FOR-US: IBM
-CVE-2018-1504 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
+CVE-2018-1504
 	NOT-FOR-US: IBM
-CVE-2018-1503 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely ...)
+CVE-2018-1503
 	NOT-FOR-US: IBM
-CVE-2018-1502 (IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 ...)
+CVE-2018-1502
 	NOT-FOR-US: IBM
 CVE-2018-1501
 	RESERVED
@@ -50129,19 +50119,19 @@ CVE-2018-1500
 	RESERVED
 CVE-2018-1499
 	RESERVED
-CVE-2018-1498 (IBM Security Guardium EcoSystem 10.5 stores user credentials in plain ...)
+CVE-2018-1498
 	NOT-FOR-US: IBM
 CVE-2018-1497
 	RESERVED
-CVE-2018-1496 (IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is ...)
+CVE-2018-1496
 	NOT-FOR-US: IBM Content Navigator
-CVE-2018-1495 (IBM FlashSystem V840 and V900 products could allow an authenticated ...)
+CVE-2018-1495
 	NOT-FOR-US: IBM
-CVE-2018-1494 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1494
 	NOT-FOR-US: IBM
 CVE-2018-1493
 	RESERVED
-CVE-2018-1492 (IBM Jazz Foundation products could allow a user with physical access ...)
+CVE-2018-1492
 	NOT-FOR-US: IBM
 CVE-2018-1491
 	RESERVED
@@ -50149,261 +50139,261 @@ CVE-2018-1490
 	RESERVED
 CVE-2018-1489
 	RESERVED
-CVE-2018-1488 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
+CVE-2018-1488
 	NOT-FOR-US: IBM
-CVE-2018-1487 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1487
 	NOT-FOR-US: IBM
 CVE-2018-1486
 	RESERVED
-CVE-2018-1485 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does ...)
+CVE-2018-1485
 	NOT-FOR-US: IBM
-CVE-2018-1484 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does ...)
+CVE-2018-1484
 	NOT-FOR-US: IBM
-CVE-2018-1483 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site ...)
+CVE-2018-1483
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2018-1482
 	RESERVED
-CVE-2018-1481 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores ...)
+CVE-2018-1481
 	NOT-FOR-US: IBM
-CVE-2018-1480 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does ...)
+CVE-2018-1480
 	NOT-FOR-US: IBM
-CVE-2018-1479 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request ...)
+CVE-2018-1479
 	NOT-FOR-US: IBM
-CVE-2018-1478 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 could ...)
+CVE-2018-1478
 	NOT-FOR-US: IBM
 CVE-2018-1477
 	RESERVED
-CVE-2018-1476 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 ...)
+CVE-2018-1476
 	NOT-FOR-US: IBM
-CVE-2018-1475 (IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout ...)
+CVE-2018-1475
 	NOT-FOR-US: IBM
-CVE-2018-1474 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is ...)
+CVE-2018-1474
 	NOT-FOR-US: IBM
-CVE-2018-1473 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. ...)
+CVE-2018-1473
 	NOT-FOR-US: IBM
 CVE-2018-1472
 	RESERVED
 CVE-2018-1471
 	REJECTED
-CVE-2018-1470 (IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote ...)
+CVE-2018-1470
 	NOT-FOR-US: IBM
-CVE-2018-1469 (IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow ...)
+CVE-2018-1469
 	NOT-FOR-US: IBM API Connect Developer Portal
-CVE-2018-1468 (IBM API Connect 5.0.8.1 and 5.0.8.2 could allow a user to get access ...)
+CVE-2018-1468
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1467 (The IBM Storwize V7000 Unified management Web interface 1.6 exposes ...)
+CVE-2018-1467
 	NOT-FOR-US: IBM
-CVE-2018-1466 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1466
 	NOT-FOR-US: IBM
-CVE-2018-1465 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1465
 	NOT-FOR-US: IBM
-CVE-2018-1464 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1464
 	NOT-FOR-US: IBM
-CVE-2018-1463 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1463
 	NOT-FOR-US: IBM
-CVE-2018-1462 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1462
 	NOT-FOR-US: IBM
-CVE-2018-1461 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1461
 	NOT-FOR-US: IBM
-CVE-2018-1460 (IBM Netezza Platform Software (IBM PureData System for Analytics ...)
+CVE-2018-1460
 	NOT-FOR-US: IBM
-CVE-2018-1459 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1459
 	NOT-FOR-US: IBM
-CVE-2018-1458 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1458
 	NOT-FOR-US: IBM
-CVE-2018-1457 (An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through ...)
+CVE-2018-1457
 	NOT-FOR-US: IBM
-CVE-2018-1456 (IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable ...)
+CVE-2018-1456
 	NOT-FOR-US: IBM
-CVE-2018-1455 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is ...)
+CVE-2018-1455
 	NOT-FOR-US: IBM
-CVE-2018-1454 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a ...)
+CVE-2018-1454
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2018-1453 (IBM Security Identity Manager Virtual Appliance 7.0 allows an ...)
+CVE-2018-1453
 	NOT-FOR-US: IBM
-CVE-2018-1452 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1452
 	NOT-FOR-US: IBM
-CVE-2018-1451 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1451
 	NOT-FOR-US: IBM
-CVE-2018-1450 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1450
 	NOT-FOR-US: IBM
-CVE-2018-1449 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2018-1449
 	NOT-FOR-US: IBM
-CVE-2018-1448 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 ...)
+CVE-2018-1448
 	NOT-FOR-US: IBM
-CVE-2018-1447 (The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect ...)
+CVE-2018-1447
 	NOT-FOR-US: IBM Spectrum Protect
 CVE-2018-1446
 	RESERVED
-CVE-2018-1445 (IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable ...)
+CVE-2018-1445
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2018-1444 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site ...)
+CVE-2018-1444
 	NOT-FOR-US: IBM
-CVE-2018-1443 (An XML parsing vulnerability affects IBM SAML-based single sign-on ...)
+CVE-2018-1443
 	NOT-FOR-US: IBM
-CVE-2018-1442 (IBM Application Performance Management - Response Time Monitoring ...)
+CVE-2018-1442
 	NOT-FOR-US: IBM
-CVE-2018-1441 (IBM Application Performance Management - Response Time Monitoring ...)
+CVE-2018-1441
 	NOT-FOR-US: IBM
-CVE-2018-1440 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1440
 	NOT-FOR-US: IBM
-CVE-2018-1439 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1439
 	NOT-FOR-US: IBM
-CVE-2018-1438 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1438
 	NOT-FOR-US: IBM
-CVE-2018-1437 (IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary ...)
+CVE-2018-1437
 	NOT-FOR-US: IBM
 CVE-2018-1436
 	RESERVED
-CVE-2018-1435 (IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A ...)
+CVE-2018-1435
 	NOT-FOR-US: IBM
-CVE-2018-1434 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1434
 	NOT-FOR-US: IBM
-CVE-2018-1433 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and ...)
+CVE-2018-1433
 	NOT-FOR-US: IBM
-CVE-2018-1432 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is ...)
+CVE-2018-1432
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2018-1431 (A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, ...)
+CVE-2018-1431
 	NOT-FOR-US: IBM
-CVE-2018-1430 (IBM API Connect 5.0.0.0 through 5.0.8.2 is vulnerable to cross-site ...)
+CVE-2018-1430
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1429 (IBM MQ Appliance 9.0.1, 9.0.2, 9.0.3, amd 9.0.4 is vulnerable to ...)
+CVE-2018-1429
 	NOT-FOR-US: IBM
-CVE-2018-1428 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and ...)
+CVE-2018-1428
 	NOT-FOR-US: IBM
-CVE-2018-1427 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and ...)
+CVE-2018-1427
 	NOT-FOR-US: IBM
-CVE-2018-1426 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and ...)
+CVE-2018-1426
 	NOT-FOR-US: IBM
-CVE-2018-1425 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker ...)
+CVE-2018-1425
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1424 (IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML ...)
+CVE-2018-1424
 	NOT-FOR-US: IBM
-CVE-2018-1423 (IBM Jazz Foundation products could disclose sensitive information to ...)
+CVE-2018-1423
 	NOT-FOR-US: IBM
-CVE-2018-1422 (IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 ...)
+CVE-2018-1422
 	NOT-FOR-US: IBM
-CVE-2018-1421 (IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and ...)
+CVE-2018-1421
 	NOT-FOR-US: IBM WebSphere DataPower Appliances
-CVE-2018-1420 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control ...)
+CVE-2018-1420
 	NOT-FOR-US: IBM
-CVE-2018-1419 (IBM WebSphere MQ 8.0 and 9.0, when configured to use a PAM module for ...)
+CVE-2018-1419
 	NOT-FOR-US: IBM
-CVE-2018-1418 (IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass ...)
+CVE-2018-1418
 	NOT-FOR-US: IBM
-CVE-2018-1417 (Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java ...)
+CVE-2018-1417
 	NOT-FOR-US: IBM Runtimes for Java Technology
-CVE-2018-1416 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to ...)
+CVE-2018-1416
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2018-1415 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
+CVE-2018-1415
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2018-1414 (IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to SQL ...)
+CVE-2018-1414
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2018-1413 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
+CVE-2018-1413
 	NOT-FOR-US: IBM Cognos Analytics
 CVE-2018-1412
 	RESERVED
-CVE-2018-1411 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) ...)
+CVE-2018-1411
 	NOT-FOR-US: IBM Notes Diagnostics
-CVE-2018-1410 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) ...)
+CVE-2018-1410
 	NOT-FOR-US: IBM Notes Diagnostics
-CVE-2018-1409 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) ...)
+CVE-2018-1409
 	NOT-FOR-US: IBM Notes Diagnostics
-CVE-2018-1408 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are ...)
+CVE-2018-1408
 	NOT-FOR-US: IBM
-CVE-2018-1407 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are ...)
+CVE-2018-1407
 	NOT-FOR-US: IBM
 CVE-2018-1406
 	RESERVED
-CVE-2018-1405 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1405
 	NOT-FOR-US: IBM
-CVE-2018-1404 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1404
 	NOT-FOR-US: IBM
-CVE-2018-1403 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1403
 	NOT-FOR-US: IBM
 CVE-2018-1402
 	RESERVED
-CVE-2018-1401 (IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site ...)
+CVE-2018-1401
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2018-1400
 	RESERVED
-CVE-2018-1399 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5 and 5.0 is ...)
+CVE-2018-1399
 	NOT-FOR-US: IBM Daeja ViewONE Professional
-CVE-2018-1398 (IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote ...)
+CVE-2018-1398
 	NOT-FOR-US: IBM
 CVE-2018-1397
 	RESERVED
-CVE-2018-1396 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+CVE-2018-1396
 	NOT-FOR-US: IBM
-CVE-2018-1395 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through ...)
+CVE-2018-1395
 	NOT-FOR-US: IBM
-CVE-2018-1394 (Multiple IBM Rational products are vulnerable to cross-site scripting. ...)
+CVE-2018-1394
 	NOT-FOR-US: IBM
-CVE-2018-1393 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
+CVE-2018-1393
 	NOT-FOR-US: IBM
-CVE-2018-1392 (IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for ...)
+CVE-2018-1392
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2018-1391 (IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for ...)
+CVE-2018-1391
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2018-1390 (IBM Financial Transaction Manager for Check Services for ...)
+CVE-2018-1390
 	NOT-FOR-US: IBM
-CVE-2018-1389 (IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated ...)
+CVE-2018-1389
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1388 (GSKit V7 may disclose side channel information via discrepancies ...)
+CVE-2018-1388
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2018-1387 (IBM Application Performance Management for Monitoring &amp; Diagnostics ...)
+CVE-2018-1387
 	NOT-FOR-US: IBM
-CVE-2018-1386 (IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, ...)
+CVE-2018-1386
 	NOT-FOR-US: IBM
 CVE-2018-1385
 	RESERVED
-CVE-2018-1384 (IBM Business Process Manager 8.6 is vulnerable to cross-site ...)
+CVE-2018-1384
 	NOT-FOR-US: IBM
-CVE-2018-1383 (A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and ...)
+CVE-2018-1383
 	NOT-FOR-US: AIX
-CVE-2018-1382 (IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. This ...)
+CVE-2018-1382
 	NOT-FOR-US: IBM API Connect
 CVE-2018-1381
 	RESERVED
-CVE-2018-1380 (IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, ...)
+CVE-2018-1380
 	NOT-FOR-US: IBM
 CVE-2018-1379
 	RESERVED
 CVE-2018-1378
 	RESERVED
-CVE-2018-1377 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user ...)
+CVE-2018-1377
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1376 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 is vulnerable ...)
+CVE-2018-1376
 	NOT-FOR-US: IBM
-CVE-2018-1375 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not ...)
+CVE-2018-1375
 	NOT-FOR-US: IBM
-CVE-2018-1374 (An IBM WebSphere MQ (Maintenance levels 7.1.0.0 - 7.1.0.9, 7.5.0.0 - ...)
+CVE-2018-1374
 	NOT-FOR-US: IBM
-CVE-2018-1373 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an ...)
+CVE-2018-1373
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1372 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not ...)
+CVE-2018-1372
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1371 (An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client connecting to a ...)
+CVE-2018-1371
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2018-1370 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies ...)
+CVE-2018-1370
 	NOT-FOR-US: IBM
-CVE-2018-1369 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores ...)
+CVE-2018-1369
 	NOT-FOR-US: IBM
-CVE-2018-1368 (IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 ...)
+CVE-2018-1368
 	NOT-FOR-US: IBM Security Guardium Database Activity Monitor
 CVE-2018-1367
 	RESERVED
-CVE-2018-1366 (IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated ...)
+CVE-2018-1366
 	NOT-FOR-US: IBM Content Navigator
 CVE-2018-1365
 	RESERVED
-CVE-2018-1364 (IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External ...)
+CVE-2018-1364
 	NOT-FOR-US: IBM Content Navigator
-CVE-2018-1363 (IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through ...)
+CVE-2018-1363
 	NOT-FOR-US: IBM Jazz Reporting Service
-CVE-2018-1362 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 ...)
+CVE-2018-1362
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2018-1361 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site ...)
+CVE-2018-1361
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2018-1360
 	RESERVED
@@ -50415,37 +50405,37 @@ CVE-2018-1357
 	RESERVED
 CVE-2018-1356
 	RESERVED
-CVE-2018-1355 (An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 ...)
+CVE-2018-1355
 	NOT-FOR-US: Fortinet
-CVE-2018-1354 (An improper access control vulnerability in Fortinet FortiManager ...)
+CVE-2018-1354
 	NOT-FOR-US: Fortinet
-CVE-2018-1353 (An information disclosure vulnerability in Fortinet FortiManager 6.0.1 ...)
+CVE-2018-1353
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2018-1352 (A format string vulnerability in Fortinet FortiOS 5.6.0 allows ...)
+CVE-2018-1352
 	NOT-FOR-US: Fortinet
-CVE-2018-1351 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager ...)
+CVE-2018-1351
 	NOT-FOR-US: Fortinet
-CVE-2018-1350 (The NetIQ Identity Manager driver log file, in versions prior to 4.7, ...)
+CVE-2018-1350
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-1349 (The NetIQ Identity Manager driver log file, in versions prior to 4.7, ...)
+CVE-2018-1349
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-1348 (NetIQ Identity Manager driver, in versions prior to 4.7, allows for an ...)
+CVE-2018-1348
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-1347 (The administrative web interface in NetIQ iManager, versions prior to ...)
+CVE-2018-1347
 	NOT-FOR-US: NetIQ
-CVE-2018-1346 (Addresses denial of service attack to eDirectory versions prior to ...)
+CVE-2018-1346
 	NOT-FOR-US: NetIQ
-CVE-2018-1345 (NetIQ iManager, versions prior to 3.1, under some circumstances could ...)
+CVE-2018-1345
 	NOT-FOR-US: NetIQ
-CVE-2018-1344 (Addresses potential communication downgrade attack in NetIQ iManager ...)
+CVE-2018-1344
 	NOT-FOR-US: NetIQ
-CVE-2018-1343 (PAM exposure enabling unauthenticated access to remote host ...)
+CVE-2018-1343
 	NOT-FOR-US: NetIQ
-CVE-2018-1342 (A Vulnerability exists on Admin Console where an attacker can upload ...)
+CVE-2018-1342
 	NOT-FOR-US: NetIQ Access Manager
 CVE-2018-1341
 	RESERVED
-CVE-2018-1340 (Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage ...)
+CVE-2018-1340
 	- guacamole-client <unfixed> (bug #920796)
 	[jessie] - guacamole-client <not-affected> (Vulnerable code not present)
 	- guacamole <removed>
@@ -50453,17 +50443,17 @@ CVE-2018-1340 (Prior to 1.0.0, Apache Guacamole used a cookie for client-side st
 	NOTE: https://issues.apache.org/jira/browse/GUACAMOLE-549
 	NOTE: https://github.com/apache/guacamole-client/pull/273
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/02/1
-CVE-2018-1339 (A carefully crafted (or fuzzed) file can trigger an infinite loop in ...)
+CVE-2018-1339
 	- tika 1.18-1 (low; bug #900000)
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/7
-CVE-2018-1338 (A carefully crafted (or fuzzed) file can trigger an infinite loop in ...)
+CVE-2018-1338
 	- tika 1.18-1
 	[jessie] - tika <not-affected> (BGP parser introduced in 1.7)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/6
-CVE-2018-1337 (In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL ...)
+CVE-2018-1337
 	NOT-FOR-US: Apache LDAP API
-CVE-2018-1336 (An improper handing of overflow in the UTF-8 decoder with ...)
+CVE-2018-1336
 	{DSA-4281-1 DLA-1491-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.31-1
@@ -50476,13 +50466,13 @@ CVE-2018-1336 (An improper handing of overflow in the UTF-8 decoder with ...)
 	NOTE: https://svn.apache.org/r1830374 (8.5.x)
 	NOTE: https://svn.apache.org/r1830375 (8.0.x)
 	NOTE: https://svn.apache.org/r1830376 (7.0.x)
-CVE-2018-1335 (From Apache Tika versions 1.7 to 1.17, clients could send carefully ...)
+CVE-2018-1335
 	- tika 1.18-1
 	[jessie] - tika <not-affected> (Server functionality not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/8
-CVE-2018-1334 (In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using ...)
+CVE-2018-1334
 	NOT-FOR-US: Apache Spark
-CVE-2018-1333 (By specially crafting HTTP/2 requests, workers would be allocated 60 ...)
+CVE-2018-1333
 	- apache2 2.4.34-1 (bug #904106)
 	[stretch] - apache2 2.4.25-3+deb9u6
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
@@ -50490,47 +50480,47 @@ CVE-2018-1333 (By specially crafting HTTP/2 requests, workers would be allocated
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/1
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333
-CVE-2018-1332 (Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version ...)
+CVE-2018-1332
 	NOT-FOR-US: Apache Storm
-CVE-2018-1331 (In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 ...)
+CVE-2018-1331
 	NOT-FOR-US: Apache Storm
-CVE-2018-1330 (When parsing a malformed JSON payload, libprocess in Apache Mesos ...)
+CVE-2018-1330
 	- apache-mesos <itp> (bug #760315)
 CVE-2018-1329
 	REJECTED
 CVE-2018-1328
 	RESERVED
-CVE-2018-1327 (The Apache Struts REST Plugin is using XStream library which is ...)
+CVE-2018-1327
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-056
 CVE-2018-1326
 	RESERVED
-CVE-2018-1325 (In Apache wicket-jquery-ui &lt;= 6.29.0, &lt;= 7.10.1, &lt;= 8.0.0-M9.1, JS ...)
+CVE-2018-1325
 	NOT-FOR-US: Wicket jQuery UI
-CVE-2018-1324 (A specially crafted ZIP archive can be used to cause an infinite loop ...)
+CVE-2018-1324
 	- libcommons-compress-java 1.13-2 (bug #893174)
 	[stretch] - libcommons-compress-java <no-dsa> (Minor issue)
 	[jessie] - libcommons-compress-java <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libcommons-compress-java <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git-wip-us.apache.org/repos/asf?p=commons-compress.git;a=blobdiff;f=src/main/java/org/apache/commons/compress/archivers/zip/X0017_StrongEncryptionHeader.java;h=acc3b22346b49845e85b5ef27a5814b69e834139;hp=0feb9c98cc622cde1defa3bbd268ef82b4ae5c18;hb=2a2f1dc48e22a34ddb72321a4db211da91aa933b;hpb=dcb0486fb4cb2b6592c04d6ec2edbd3f690df5f2
 	NOTE: https://issues.apache.org/jira/browse/COMPRESS-432
-CVE-2018-1323 (The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector ...)
+CVE-2018-1323
 	- libapache-mod-jk <not-affected> (Windows/IIS vhost handling specific issue)
 	NOTE: http://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.43
 	NOTE: Fixed by: http://svn.apache.org/r1825658
-CVE-2018-1322 (An administrator with user search entitlements in Apache Syncope 1.2.x ...)
+CVE-2018-1322
 	NOT-FOR-US: Apache Syncope
-CVE-2018-1321 (An administrator with report and template entitlements in Apache ...)
+CVE-2018-1321
 	NOT-FOR-US: Apache Syncope
-CVE-2018-1320 (Apache Thrift Java client library versions 0.5.0 through 0.11.0 can ...)
+CVE-2018-1320
 	{DLA-1662-1}
 	- libthrift-java 0.9.1-2.1 (bug #918736)
 	[stretch] - libthrift-java <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/THRIFT-4506
 	NOTE: https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e
-CVE-2018-1319 (In Apache Allura prior to 1.8.1, attackers may craft URLs that cause ...)
+CVE-2018-1319
 	NOT-FOR-US: Apache Allura
-CVE-2018-1318 (Adding method ACLs in remap.config can cause a segfault when the user ...)
+CVE-2018-1318
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/3
@@ -50538,28 +50528,28 @@ CVE-2018-1318 (Adding method ACLs in remap.config can cause a segfault when the
 	NOTE: https://github.com/apache/trafficserver/commit/e6dfda305acf85250861ecfa14a7bd6bb2fad5c3
 CVE-2018-1317
 	RESERVED
-CVE-2018-1316 (The ODE process deployment web service was sensible to deployment ...)
+CVE-2018-1316
 	NOT-FOR-US: Apache ODE
-CVE-2018-1315 (In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run ...)
+CVE-2018-1315
 	NOT-FOR-US: Apache Hive
-CVE-2018-1314 (In Apache Hive 2.3.3, 3.1.0 and earlier, Hive &quot;EXPLAIN&quot; operation does ...)
+CVE-2018-1314
 	NOT-FOR-US: Apache Hive
-CVE-2018-1313 (In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network ...)
+CVE-2018-1313
 	- derby 10.14.2.0-1
 	[jessie] - derby <no-dsa> (Minor issue)
 	[stretch] - derby <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/05/1
-CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest ...)
+CVE-2018-1312
 	{DSA-4164-1 DLA-1389-1}
 	- apache2 2.4.33-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/7
 CVE-2018-1311
 	RESERVED
-CVE-2018-1310 (Apache NiFi JMS Deserialization issue because of ActiveMQ client ...)
+CVE-2018-1310
 	NOT-FOR-US: Apache NiFi
-CVE-2018-1309 (Apache NiFi External XML Entity issue in SplitXML processor. Malicious ...)
+CVE-2018-1309
 	NOT-FOR-US: Apache NiFi
-CVE-2018-1308 (This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 ...)
+CVE-2018-1308
 	{DSA-4194-1 DLA-1360-1}
 	- lucene-solr 3.6.2+dfsg-12 (bug #896604)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/08/3
@@ -50567,11 +50557,11 @@ CVE-2018-1308 (This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1
 	NOTE: master: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/02c693f3
 	NOTE: branch_7x: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/739a7933
 	NOTE: branch_6_6: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/dd3be31f
-CVE-2018-1307 (In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java ...)
+CVE-2018-1307
 	NOT-FOR-US: Apache juddi-client
-CVE-2018-1306 (The PortletV3AnnotatedDemo Multipart Portlet war file code provided in ...)
+CVE-2018-1306
 	NOT-FOR-US: Apache Portals Pluto
-CVE-2018-1305 (Security constraints defined by annotations of Servlets in Apache ...)
+CVE-2018-1305
 	{DSA-4281-1 DLA-1450-1 DLA-1400-1 DLA-1301-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.28-1
@@ -50585,7 +50575,7 @@ CVE-2018-1305 (Security constraints defined by annotations of Servlets in Apache
 	NOTE: https://svn.apache.org/r1824359 (8.0.x)
 	NOTE: https://svn.apache.org/r1823322 (7.0.x)
 	NOTE: https://svn.apache.org/r1824360 (7.0.x)
-CVE-2018-1304 (The URL pattern of &quot;&quot; (the empty string) which exactly maps to the ...)
+CVE-2018-1304
 	{DSA-4281-1 DLA-1450-1 DLA-1400-1 DLA-1301-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.28-1
@@ -50597,33 +50587,33 @@ CVE-2018-1304 (The URL pattern of &quot;&quot; (the empty string) which exactly
 	NOTE: https://svn.apache.org/r1823308 (8.0.x)
 	NOTE: https://svn.apache.org/r1823309 (7.0.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62067
-CVE-2018-1303 (A specially crafted HTTP request header could have crashed the Apache ...)
+CVE-2018-1303
 	{DSA-4164-1}
 	- apache2 2.4.33-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/3
-CVE-2018-1302 (When an HTTP/2 stream was destroyed after being handled, the Apache ...)
+CVE-2018-1302
 	- apache2 2.4.33-1
 	[stretch] - apache2 2.4.25-3+deb9u5
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/5
-CVE-2018-1301 (A specially crafted request could have crashed the Apache HTTP Server ...)
+CVE-2018-1301
 	{DSA-4164-1 DLA-1389-1}
 	- apache2 2.4.33-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/2
 CVE-2018-1300
 	RESERVED
-CVE-2018-1299 (In Apache Allura before 1.8.0, unauthenticated attackers may retrieve ...)
+CVE-2018-1299
 	NOT-FOR-US: Apache Allura
-CVE-2018-1298 (A Denial of Service vulnerability was found in Apache Qpid Broker-J ...)
+CVE-2018-1298
 	- qpid-java <itp> (bug #840131)
 	NOTE: https://issues.apache.org/jira/browse/QPID-8046
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=de509dd
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=30ca170
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=4b9fb37
-CVE-2018-1297 (When using Distributed Test only (RMI based), Apache JMeter 2.x and ...)
+CVE-2018-1297
 	- jakarta-jmeter <unfixed> (low; bug #897259)
 	[buster] - jakarta-jmeter <ignored> (Minor issue, too intrusive to backport)
 	[stretch] - jakarta-jmeter <ignored> (Minor issue, too intrusive to backport)
@@ -50631,27 +50621,27 @@ CVE-2018-1297 (When using Distributed Test only (RMI based), Apache JMeter 2.x a
 	[wheezy] - jakarta-jmeter <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/11/1
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
-CVE-2018-1296 (In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and ...)
+CVE-2018-1296
 	- hadoop <itp> (bug #793644)
-CVE-2018-1295 (In Apache Ignite 2.3 or earlier, the serialization mechanism does not ...)
+CVE-2018-1295
 	NOT-FOR-US: Apache Ignite
-CVE-2018-1294 (If a user of Apache Commons Email (typically an application ...)
+CVE-2018-1294
 	- commons-email <not-affected> (Fixed with first upload to Debian)
 	NOTE: https://marc.info/?i=CAF8HOZ+J3NkaywfbHuQpHxK9ZXeT4=4Vs9rOwCDiUdnt1QA1Yw@mail.gmail.com
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&amp;revision=1777030
 CVE-2018-1293
 	REJECTED
-CVE-2018-1292 (Within the 'getReportType' method in Apache Fineract 1.0.0, ...)
+CVE-2018-1292
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1291 (Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, ...)
+CVE-2018-1291
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1290 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, ...)
+CVE-2018-1290
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1289 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, ...)
+CVE-2018-1289
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1288 (In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to ...)
+CVE-2018-1288
 	- kafka <itp> (bug #786460)
-CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI ...)
+CVE-2018-1287
 	- jakarta-jmeter <unfixed> (low)
 	[buster] - jakarta-jmeter <no-dsa> (Minor issue)
 	[stretch] - jakarta-jmeter <no-dsa> (Minor issue)
@@ -50659,53 +50649,53 @@ CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (R
 	[wheezy] - jakarta-jmeter <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/11/2
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
-CVE-2018-1286 (In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged ...)
+CVE-2018-1286
 	NOT-FOR-US: Apache OpenMeetings
 CVE-2018-1285
 	RESERVED
-CVE-2018-1284 (In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs ...)
+CVE-2018-1284
 	NOT-FOR-US: Apache Hive
-CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to ...)
+CVE-2018-1283
 	{DSA-4164-1}
 	- apache2 2.4.33-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/4
-CVE-2018-1282 (This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows ...)
+CVE-2018-1282
 	NOT-FOR-US: Apache Hive
-CVE-2018-1281 (The clustered setup of Apache MXNet allows users to specify which IP ...)
+CVE-2018-1281
 	NOT-FOR-US: Apache MXNet
-CVE-2018-1280 (Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains ...)
+CVE-2018-1280
 	NOT-FOR-US: Pivotal
-CVE-2018-1279 (Pivotal RabbitMQ for PCF, all versions, uses a deterministically ...)
+CVE-2018-1279
 	- rabbitmq-server <unfixed> (bug #924768)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2018-1279
 	NOTE: Underlying issue is the use of deterministically generated cookie.
 	NOTE: Issue can be mitigated by restricting network access from untrusted sources.
-CVE-2018-1278 (Apps Manager included in Pivotal Application Service, versions 1.12.x ...)
+CVE-2018-1278
 	NOT-FOR-US: Pivotal
-CVE-2018-1277 (Cloud Foundry Garden-runC, versions prior to 1.13.0, does not ...)
+CVE-2018-1277
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1276 (Windows 2012R2 stemcells, versions prior to 1200.17, contain an ...)
+CVE-2018-1276
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1275 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...)
+CVE-2018-1275
 	- libspring-java <not-affected> (Partial fix for CVE-2018-1270 not applied)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1565307
-CVE-2018-1274 (Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older ...)
+CVE-2018-1274
 	NOT-FOR-US: Spring Data Commons
-CVE-2018-1273 (Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, ...)
+CVE-2018-1273
 	NOT-FOR-US: Spring Data Commons
-CVE-2018-1272 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...)
+CVE-2018-1272
 	- libspring-java 4.3.19-1 (bug #895114)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <not-affected> (vulnerable code not found)
 	[wheezy] - libspring-java <not-affected> (Vulnerable broker code introduced in various commits re. https://github.com/spring-projects/spring-framework/blame/0009806debb578e884f6dc98bd1f2dc668020021/spring-messaging/src/main/java/org/springframework/messaging/simp/broker/DefaultSubscriptionRegistry.java)
 	NOTE: https://pivotal.io/security/cve-2018-1272
-CVE-2018-1271 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...)
+CVE-2018-1271
 	- libspring-java <not-affected> (Issue specific when served from a file system on Windows)
 	NOTE: https://pivotal.io/security/cve-2018-1271
-CVE-2018-1270 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...)
+CVE-2018-1270
 	- libspring-java 4.3.19-1 (bug #895114)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <not-affected> (vulnerable code not found)
@@ -50713,95 +50703,95 @@ CVE-2018-1270 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 pr
 	NOTE: https://pivotal.io/security/cve-2018-1270
 	NOTE: when addressing this issue make sure to not only apply a partial fix but
 	NOTE: make it complete, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1565307
-CVE-2018-1269 (Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior ...)
+CVE-2018-1269
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1268 (Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior ...)
+CVE-2018-1268
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1267 (Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an ...)
+CVE-2018-1267
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1266 (Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains ...)
+CVE-2018-1266
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1265 (Cloud Foundry Diego, release versions prior to 2.8.0, does not ...)
+CVE-2018-1265
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1264 (Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client ...)
+CVE-2018-1264
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1263 (Addresses partial fix in CVE-2018-1261. Pivotal ...)
+CVE-2018-1263
 	NOT-FOR-US: Spring-integration-zip
-CVE-2018-1262 (Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a ...)
+CVE-2018-1262
 	NOT-FOR-US: Cloud Foundry Foundation UAA
-CVE-2018-1261 (Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary ...)
+CVE-2018-1261
 	NOT-FOR-US: Spring-integration-zip
-CVE-2018-1260 (Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to ...)
+CVE-2018-1260
 	NOT-FOR-US: Spring Security OAuth
-CVE-2018-1259 (Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to ...)
+CVE-2018-1259
 	NOT-FOR-US: Spring Data Commons
-CVE-2018-1258 (Spring Framework version 5.0.5 when used in combination with any ...)
+CVE-2018-1258
 	- libspring-security-2.0-java <removed>
 	[jessie] - libspring-security-2.0-java <not-affected> (Affected version not in jessie)
 	NOTE: https://pivotal.io/security/cve-2018-1258
-CVE-2018-1257 (Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior ...)
+CVE-2018-1257
 	- libspring-java 4.3.19-1
 	[jessie] - libspring-java <no-dsa> (hard to find upstream commits regarding this)
 	NOTE: https://pivotal.io/security/cve-2018-1257
-CVE-2018-1256 (Spring Cloud SSO Connector, version 2.1.2, contains a regression which ...)
+CVE-2018-1256
 	NOT-FOR-US: Spring Cloud SSO Connector
-CVE-2018-1255 (RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 ...)
+CVE-2018-1255
 	NOT-FOR-US: RSA
-CVE-2018-1254 (RSA Authentication Manager Security Console, versions 8.3 P1 and ...)
+CVE-2018-1254
 	NOT-FOR-US: RSA Authentication Manager Security Console
-CVE-2018-1253 (RSA Authentication Manager Operation Console, versions 8.3 P1 and ...)
+CVE-2018-1253
 	NOT-FOR-US: RSA Authentication Manager Operation Console
-CVE-2018-1252 (RSA Web Threat Detection versions prior to 6.4, contain an SQL ...)
+CVE-2018-1252
 	NOT-FOR-US: RSA Web Threat Detection
-CVE-2018-1251 (Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 ...)
+CVE-2018-1251
 	NOT-FOR-US: EMC Unity and UnityVSA
-CVE-2018-1250 (Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 ...)
+CVE-2018-1250
 	NOT-FOR-US: EMC Unity and UnityVSA
-CVE-2018-1249 (Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use ...)
+CVE-2018-1249
 	NOT-FOR-US: EMC
-CVE-2018-1248 (RSA Authentication Manager Security Console, Operation Console and ...)
+CVE-2018-1248
 	NOT-FOR-US: RSA Authentication Mamager
-CVE-2018-1247 (RSA Authentication Manager Security Console, version 8.3 and earlier, ...)
+CVE-2018-1247
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-1246 (Dell EMC Unity and UnityVSA contains reflected cross-site scripting ...)
+CVE-2018-1246
 	NOT-FOR-US: EMC Unity and UnityVSA
-CVE-2018-1245 (RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 ...)
+CVE-2018-1245
 	NOT-FOR-US: RSA
-CVE-2018-1244 (Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 ...)
+CVE-2018-1244
 	NOT-FOR-US: EMC
-CVE-2018-1243 (Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior ...)
+CVE-2018-1243
 	NOT-FOR-US: EMC
-CVE-2018-1242 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...)
+CVE-2018-1242
 	NOT-FOR-US: Dell
-CVE-2018-1241 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...)
+CVE-2018-1241
 	NOT-FOR-US: Dell
-CVE-2018-1240 (Dell EMC ViPR Controller, versions after 3.0.0.38, contain an ...)
+CVE-2018-1240
 	NOT-FOR-US: EMC ViPR Controller
-CVE-2018-1239 (Dell EMC Unity Operating Environment (OE) versions prior to ...)
+CVE-2018-1239
 	NOT-FOR-US: EMC Unity Operating Environment
-CVE-2018-1238 (Dell EMC ScaleIO versions prior to 2.5, contain a command injection ...)
+CVE-2018-1238
 	NOT-FOR-US: EMC ScaleIO
-CVE-2018-1237 (Dell EMC ScaleIO versions prior to 2.5, contain improper restriction ...)
+CVE-2018-1237
 	NOT-FOR-US: EMC ScaleIO
 CVE-2018-1236
 	REJECTED
-CVE-2018-1235 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...)
+CVE-2018-1235
 	NOT-FOR-US: Dell
-CVE-2018-1234 (RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is ...)
+CVE-2018-1234
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2018-1233 (RSA Authentication Agent version 8.0.1 and earlier for Web for both ...)
+CVE-2018-1233
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2018-1232 (RSA Authentication Agent version 8.0.1 and earlier for Web for both ...)
+CVE-2018-1232
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2018-1231 (Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper ...)
+CVE-2018-1231
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1230 (Pivotal Spring Batch Admin, all versions, does not contain cross site ...)
+CVE-2018-1230
 	NOT-FOR-US: Pivotal
-CVE-2018-1229 (Pivotal Spring Batch Admin, all versions, contains a stored XSS ...)
+CVE-2018-1229
 	NOT-FOR-US: Pivotal
 CVE-2018-1228
 	REJECTED
-CVE-2018-1227 (Pivotal Concourse after 2018-03-05 might allow remote attackers to ...)
+CVE-2018-1227
 	NOT-FOR-US: Pivotal
 CVE-2018-1226
 	REJECTED
@@ -50809,31 +50799,31 @@ CVE-2018-1225
 	REJECTED
 CVE-2018-1224
 	REJECTED
-CVE-2018-1223 (Cloud Foundry Container Runtime (kubo-release), versions prior to ...)
+CVE-2018-1223
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-1222
 	REJECTED
-CVE-2018-1221 (In cf-deployment before 1.14.0 and routing-release before 0.172.0, the ...)
+CVE-2018-1221
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1220 (EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect ...)
+CVE-2018-1220
 	NOT-FOR-US: EMC RSA Archer
-CVE-2018-1219 (EMC RSA Archer, versions prior to 6.2.0.8, contains an improper access ...)
+CVE-2018-1219
 	NOT-FOR-US: EMC RSA Archer
-CVE-2018-1218 (In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to ...)
+CVE-2018-1218
 	NOT-FOR-US: EMC NetWorker
-CVE-2018-1217 (Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, ...)
+CVE-2018-1217
 	NOT-FOR-US: EMC Avamar Server
-CVE-2018-1216 (A hard-coded password vulnerability was discovered in vApp Manager ...)
+CVE-2018-1216
 	NOT-FOR-US: EMC
-CVE-2018-1215 (An arbitrary file upload vulnerability was discovered in vApp Manager ...)
+CVE-2018-1215
 	NOT-FOR-US: EMC
-CVE-2018-1214 (Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows ...)
+CVE-2018-1214
 	NOT-FOR-US: EMC
-CVE-2018-1213 (Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - ...)
+CVE-2018-1213
 	NOT-FOR-US: Dell
-CVE-2018-1212 (The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic ...)
+CVE-2018-1212
 	NOT-FOR-US: EMC
-CVE-2018-1211 (Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path ...)
+CVE-2018-1211
 	NOT-FOR-US: Dell EMC iDRAC7/iDRAC8
 CVE-2018-1210
 	REJECTED
@@ -50841,82 +50831,82 @@ CVE-2018-1209
 	REJECTED
 CVE-2018-1208
 	REJECTED
-CVE-2018-1207 (Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI ...)
+CVE-2018-1207
 	NOT-FOR-US: Dell EMC iDRAC7/iDRAC8
-CVE-2018-1206 (Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and ...)
+CVE-2018-1206
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2018-1205 (Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some ...)
+CVE-2018-1205
 	NOT-FOR-US: EMC ScaleIO
-CVE-2018-1204 (Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - ...)
+CVE-2018-1204
 	NOT-FOR-US: Dell
-CVE-2018-1203 (In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary ...)
+CVE-2018-1203
 	NOT-FOR-US: Dell
-CVE-2018-1202 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
+CVE-2018-1202
 	NOT-FOR-US: Dell
-CVE-2018-1201 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
+CVE-2018-1201
 	NOT-FOR-US: Dell
-CVE-2018-1200 (Apps Manager for PCF (Pivotal Application Service 1.11.x before ...)
+CVE-2018-1200
 	NOT-FOR-US: Pivotal
-CVE-2018-1199 (Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before ...)
+CVE-2018-1199
 	- libspring-java 4.3.14-1 (bug #890001)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <ignored> (Too intrusive to fix by upgrade)
 	[jessie] - libspring-java <no-dsa> (fix for spring-security available but not for springframework)
 	- libspring-security-java <itp> (bug #582181)
 	NOTE: https://pivotal.io/security/cve-2018-1199
-CVE-2018-1198 (Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser ...)
+CVE-2018-1198
 	NOT-FOR-US: Pivotal Cloud Cache
-CVE-2018-1197 (In Windows Stemcells versions prior to 1200.14, apps running inside ...)
+CVE-2018-1197
 	NOT-FOR-US: Windows Stemcells
-CVE-2018-1196 (Spring Boot supports an embedded launch script that can be used to ...)
+CVE-2018-1196
 	NOT-FOR-US: Spring Boot
-CVE-2018-1195 (In Cloud Controller versions prior to 1.46.0, cf-deployment versions ...)
+CVE-2018-1195
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-1194
 	REJECTED
-CVE-2018-1193 (Cloud Foundry routing-release, versions prior to 0.175.0, lacks ...)
+CVE-2018-1193
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1192 (In Cloud Foundry Foundation cf-release versions prior to v285; ...)
+CVE-2018-1192
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1191 (Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an ...)
+CVE-2018-1191
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1190 (An issue was discovered in these Pivotal Cloud Foundry products: all ...)
+CVE-2018-1190
 	NOT-FOR-US: Pivotal
-CVE-2018-1189 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
+CVE-2018-1189
 	NOT-FOR-US: Dell
-CVE-2018-1188 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
+CVE-2018-1188
 	NOT-FOR-US: Dell
-CVE-2018-1187 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
+CVE-2018-1187
 	NOT-FOR-US: Dell
-CVE-2018-1186 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
+CVE-2018-1186
 	NOT-FOR-US: Dell
-CVE-2018-1185 (An issue was discovered in EMC RecoverPoint for Virtual Machines ...)
+CVE-2018-1185
 	NOT-FOR-US: EMC
-CVE-2018-1184 (An issue was discovered in EMC RecoverPoint for Virtual Machines ...)
+CVE-2018-1184
 	NOT-FOR-US: EMC
-CVE-2018-1183 (In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to ...)
+CVE-2018-1183
 	NOT-FOR-US: EMC
-CVE-2018-1182 (An issue was discovered in EMC RSA Identity Governance and Lifecycle ...)
+CVE-2018-1182
 	NOT-FOR-US: EMC
 CVE-2018-1181
 	REJECTED
-CVE-2018-1180 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1180
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1179 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-1179
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1178 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1178
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1177 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1177
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1176 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1176
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1175 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-1175
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1174 (This vulnerability allows remote attackers to disclose sensitive ...)
+CVE-2018-1174
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1173 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1173
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1172 (This vulnerability allows remote attackers to deny service on ...)
+CVE-2018-1172
 	[experimental] - squid 4.0.21-1~exp5 (unimportant)
 	- squid <removed> (unimportant)
 	[wheezy] - squid <not-affected> (Vunerable code introduced in 3.1)
@@ -50925,105 +50915,105 @@ CVE-2018-1172 (This vulnerability allows remote attackers to deny service on ...
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_3.txt
 	NOTE: Squid 3.5 patch: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_3.patch
 	NOTE: Only affects custom builds with OpenSSL support enabled
-CVE-2018-1171 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-1171
 	NOT-FOR-US: Joyent SmartOS
-CVE-2018-1170 (This vulnerability allows adjacent attackers to inject arbitrary ...)
+CVE-2018-1170
 	NOT-FOR-US: Volkswagen Customer-Link App and HTC Customer-Link Bridge
-CVE-2018-1169 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1169
 	NOT-FOR-US: Amazon Music Player
-CVE-2018-1168 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-1168
 	NOT-FOR-US: ABB MicroSCADA
-CVE-2018-1167 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1167
 	NOT-FOR-US: Spotify Music Player
-CVE-2018-1166 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-1166
 	NOT-FOR-US: Joyent SmartOS
-CVE-2018-1165 (This vulnerability allows local attackers to escalate privileges on ...)
+CVE-2018-1165
 	NOT-FOR-US: Joyent SmartOS
-CVE-2018-1164 (This vulnerability allows remote attackers to cause a ...)
+CVE-2018-1164
 	NOT-FOR-US: ZyXEL
-CVE-2018-1163 (This vulnerability allows remote attackers to bypass authentication on ...)
+CVE-2018-1163
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2018-1162 (This vulnerability allows remote attackers to create a ...)
+CVE-2018-1162
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2018-1161 (This vulnerability allows remote attackers to execute arbitrary code ...)
+CVE-2018-1161
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2018-1160 (Netatalk before 3.1.12 is vulnerable to an out of bounds write in ...)
+CVE-2018-1160
 	{DSA-4356-1}
 	- netatalk 2.2.6-2 (bug #916930)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13711
-CVE-2018-1159 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory ...)
+CVE-2018-1159
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1158 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack ...)
+CVE-2018-1158
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1157 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory ...)
+CVE-2018-1157
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1156 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack ...)
+CVE-2018-1156
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1155 (In SecurityCenter versions prior to 5.7.0, a cross-site scripting ...)
+CVE-2018-1155
 	NOT-FOR-US: SecurityCenter
-CVE-2018-1154 (In SecurityCenter versions prior to 5.7.0, a username enumeration ...)
+CVE-2018-1154
 	NOT-FOR-US: SecurityCenter
-CVE-2018-1153 (Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the ...)
+CVE-2018-1153
 	NOT-FOR-US: Burp Suite (different from src:burp)
-CVE-2018-1152 (libjpeg-turbo 1.5.90 is vulnerable to a denial of service ...)
+CVE-2018-1152
 	{DLA-1638-1}
 	- libjpeg-turbo <unfixed> (low; bug #902950)
 	[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
-CVE-2018-1151 (The web server on Western Digital TV Media Player 1.03.07 and TV Live ...)
+CVE-2018-1151
 	NOT-FOR-US: web server on Western Digital TV Media Player and TV Live Hub
-CVE-2018-1150 (NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow ...)
+CVE-2018-1150
 	NOT-FOR-US: NUUO
-CVE-2018-1149 (cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers ...)
+CVE-2018-1149
 	NOT-FOR-US: NUUO
-CVE-2018-1148 (In Nessus before 7.1.0, Session Fixation exists due to insufficient ...)
+CVE-2018-1148
 	NOT-FOR-US: Nessus
-CVE-2018-1147 (In Nessus before 7.1.0, a XSS vulnerability exists due to improper ...)
+CVE-2018-1147
 	NOT-FOR-US: Nessus
-CVE-2018-1146 (A remote unauthenticated user can enable telnet on the Belkin N750 ...)
+CVE-2018-1146
 	NOT-FOR-US: Belkin
-CVE-2018-1145 (A remote unauthenticated user can overflow a stack buffer in the ...)
+CVE-2018-1145
 	NOT-FOR-US: Belkin
-CVE-2018-1144 (A remote unauthenticated user can execute commands as root in the ...)
+CVE-2018-1144
 	NOT-FOR-US: Belkin
-CVE-2018-1143 (A remote unauthenticated user can execute commands as root in the ...)
+CVE-2018-1143
 	NOT-FOR-US: Belkin
-CVE-2018-1142 (Tenable Appliance versions 4.6.1 and earlier have been found to ...)
+CVE-2018-1142
 	NOT-FOR-US: Tenable
-CVE-2018-1141 (When installing Nessus to a directory outside of the default location, ...)
+CVE-2018-1141
 	NOT-FOR-US: Nessus
-CVE-2018-1140 (A missing input sanitization flaw was found in the implementation of ...)
+CVE-2018-1140
 	- samba 2:4.8.4+dfsg-1
 	[stretch] - samba <not-affected> (Only affects Samba 4.8.0 onwards)
 	[jessie] - samba <not-affected> (Only affects Samba 4.8.0 onwards)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1140.html
-CVE-2018-1139 (A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the ...)
+CVE-2018-1139
 	- samba 2:4.8.4+dfsg-1
 	[stretch] - samba <not-affected> (Issue introduced in 4.7.0)
 	[jessie] - samba <not-affected> (Issue introduced in 4.7.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1139.html
 CVE-2018-1138
 	RESERVED
-CVE-2018-1137 (An issue was discovered in Moodle 3.x. By substituting URLs in ...)
+CVE-2018-1137
 	- moodle <removed>
-CVE-2018-1136 (An issue was discovered in Moodle 3.x. An authenticated user is allowed ...)
+CVE-2018-1136
 	- moodle <removed>
-CVE-2018-1135 (An issue was discovered in Moodle 3.x. Students who posted on forums ...)
+CVE-2018-1135
 	- moodle <removed>
-CVE-2018-1134 (An issue was discovered in Moodle 3.x. Students who submitted ...)
+CVE-2018-1134
 	- moodle <removed>
-CVE-2018-1133 (An issue was discovered in Moodle 3.x. A Teacher creating a Calculated ...)
+CVE-2018-1133
 	- moodle <removed>
-CVE-2018-1132 (A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers ...)
+CVE-2018-1132
 	NOT-FOR-US: OpenDaylight
-CVE-2018-1131 (Infinispan permits improper deserialization of trusted data via XML ...)
+CVE-2018-1131
 	NOT-FOR-US: infinispan
-CVE-2018-1130 (Linux kernel before version 4.16-rc7 is vulnerable to a null pointer ...)
+CVE-2018-1130
 	{DLA-1423-1 DLA-1422-1 DLA-1392-1}
 	- linux 4.15.17-1
 	[stretch] - linux 4.9.107-1
 	NOTE: Fixed by: https://git.kernel.org/linus/67f93df79aeefc3add4e4b31a752600f834236e2
-CVE-2018-1129 (A flaw was found in the way signature calculation was handled by cephx ...)
+CVE-2018-1129
 	{DSA-4339-1 DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
@@ -51033,7 +51023,7 @@ CVE-2018-1129 (A flaw was found in the way signature calculation was handled by
 	[jessie] - ceph <no-dsa> (Intrusive changes)
 	NOTE: http://tracker.ceph.com/issues/24837
 	NOTE: https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587
-CVE-2018-1128 (It was found that cephx authentication protocol did not verify ceph ...)
+CVE-2018-1128
 	{DSA-4339-1 DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
@@ -51043,48 +51033,48 @@ CVE-2018-1128 (It was found that cephx authentication protocol did not verify ce
 	[jessie] - ceph <no-dsa> (Intrusive changes)
 	NOTE: http://tracker.ceph.com/issues/24836
 	NOTE: https://github.com/ceph/ceph/commit/5ead97120e07054d80623dada90a5cc764c28468
-CVE-2018-1127 (Tendrl API in Red Hat Gluster Storage before 3.4.0 does not ...)
+CVE-2018-1127
 	NOT-FOR-US: tendrl-api
-CVE-2018-1126 (procps-ng before version 3.3.15 is vulnerable to an incorrect integer ...)
+CVE-2018-1126
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/f1077b7a558a5545837aae068422e58f1f9b1d33
-CVE-2018-1125 (procps-ng before version 3.3.15 is vulnerable to a stack buffer ...)
+CVE-2018-1125
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0008-pgrep-Prevent-a-potential-stack-based-buffer-overflo.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/b51ca2a1f8ca779f7632ade6a0a259ed882fa584
-CVE-2018-1124 (procps-ng before version 3.3.15 is vulnerable to multiple integer ...)
+CVE-2018-1124
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0074-proc-readproc.c-Fix-bugs-and-overflows-in-file2strve.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/36c350f07c75aabf747fb833f52a234ae5781b20
-CVE-2018-1123 (procps-ng before version 3.3.15 is vulnerable to a denial of service ...)
+CVE-2018-1123
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0054-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/136e3724952827bbae8887a42d9d2b6f658a48ab
-CVE-2018-1122 (procps-ng before version 3.3.15 is vulnerable to a local privilege ...)
+CVE-2018-1122
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0097-top-Do-not-default-to-the-cwd-in-configs_read.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/b45c4803dd176f4e3f9d3d47421ddec9bbbe66cd
-CVE-2018-1121 (procps-ng, procps is vulnerable to a process hiding through race ...)
+CVE-2018-1121
 	- linux <unfixed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
-CVE-2018-1120 (A flaw was found affecting the Linux kernel before version 4.17. By ...)
+CVE-2018-1120
 	{DLA-1423-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
@@ -51094,7 +51084,7 @@ CVE-2018-1120 (A flaw was found affecting the Linux kernel before version 4.17.
 	NOTE: Fixed by: https://git.kernel.org/linus/7f7ccc2ccc2e70c6054685f5e3522efa81556830
 CVE-2018-1119
 	REJECTED
-CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly initialize ...)
+CVE-2018-1118
 	{DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
@@ -51102,16 +51092,16 @@ CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly initialize
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/4/27/833
 	NOTE: Fixed by: https://git.kernel.org/linus/670ae9caaca467ea1bfd325cb2a5c98ba87f94ad
-CVE-2018-1117 (ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a ...)
+CVE-2018-1117
 	NOT-FOR-US: ovirt-ansible-roles
-CVE-2018-1116 (A flaw was found in polkit before version 0.116. The implementation of ...)
+CVE-2018-1116
 	{DLA-1448-1}
 	- policykit-1 0.105-21 (bug #903563)
 	[stretch] - policykit-1 <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://cgit.freedesktop.org/polkit/commit/?id=bc7ffad53643a9c80231fc41f5582d6a8931c32c
 	NOTE: https://lists.freedesktop.org/archives/polkit-devel/2018-July/000583.html
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1099031
-CVE-2018-1115 (postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack ...)
+CVE-2018-1115
 	- postgresql-10 10.4-1
 	- postgresql-9.6 <removed>
 	[stretch] - postgresql-9.6 9.6.9-0+deb9u1
@@ -51120,18 +51110,18 @@ CVE-2018-1115 (postgresql before versions 10.4, 9.6.9 is vulnerable in the admin
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (Code not present)
 	[wheezy] - postgresql-9.1 <not-affected> (Code not present)
-CVE-2018-1114 (It was found that URLResource.getLastModified() in Undertow closes the ...)
+CVE-2018-1114
 	- undertow 1.4.25-1 (bug #897247)
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1338
 	NOTE: https://github.com/undertow-io/undertow/commit/882d5884f2614944a0c2ae69bafd9d13bfc5b64a
 	NOTE: https://bugs.openjdk.java.net/browse/JDK-6956385
-CVE-2018-1113 (setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise ...)
+CVE-2018-1113
 	NOT-FOR-US: Red Hat specific CVE assignment for Red Hat / Fedora setups (nologin listed in /etc/shells violates security expectations)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1571094
-CVE-2018-1112 (glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when ...)
+CVE-2018-1112
 	- glusterfs <not-affected> (Fix for CVE-2018-1088 was not applied/ incomplete fix not applied)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1570891
-CVE-2018-1111 (DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and ...)
+CVE-2018-1111
 	NOT-FOR-US: Red Hat Specific script
 	NOTE: https://access.redhat.com/security/vulnerabilities/3442151
 CVE-2018-1110 [Improper Input Validation]
@@ -51144,7 +51134,7 @@ CVE-2018-1109
 	NOTE: https://snyk.io/vuln/npm:braces:20180219
 	NOTE: https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451
 	NOTE: nodejs not covered by security support
-CVE-2018-1108 (kernel drivers before version 4.17-rc1 are vulnerable to a weakness in ...)
+CVE-2018-1108
 	- linux 4.16.5-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -51154,7 +51144,7 @@ CVE-2018-1108 (kernel drivers before version 4.17-rc1 are vulnerable to a weakne
 CVE-2018-1107
 	RESERVED
 	NOT-FOR-US: is-my-json-valid package for Node.js
-CVE-2018-1106 (An authentication bypass flaw has been found in PackageKit before ...)
+CVE-2018-1106
 	{DSA-4207-1}
 	- packagekit 1.1.10-1 (bug #896703)
 	[jessie] - packagekit <not-affected> (Issue introduced later)
@@ -51165,73 +51155,73 @@ CVE-2018-1106 (An authentication bypass flaw has been found in PackageKit before
 	NOTE: Resulting affected (upstream) versions: >= 1.0.10 up until current 1.1.9
 CVE-2018-1105
 	RESERVED
-CVE-2018-1104 (Ansible Tower through version 3.2.3 has a vulnerability that allows ...)
+CVE-2018-1104
 	NOT-FOR-US: Ansible Tower
-CVE-2018-1103 (Openshift Enterprise source-to-image before version 1.1.10 is ...)
+CVE-2018-1103
 	NOT-FOR-US: source-to-image in OpenShift
-CVE-2018-1102 (A flaw was found in source-to-image function as shipped with Openshift ...)
+CVE-2018-1102
 	NOT-FOR-US: source-to-image in OpenShift
-CVE-2018-1101 (Ansible Tower before version 3.2.4 has a flaw in the management of ...)
+CVE-2018-1101
 	NOT-FOR-US: Ansible Tower
-CVE-2018-1100 (zsh through version 5.4.2 is vulnerable to a stack-based buffer ...)
+CVE-2018-1100
 	- zsh 5.5-1 (bug #895225)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	[wheezy] - zsh <no-dsa> (Minor issue)
 	NOTE: https://www.zsh.org/cgi-bin/mla/redirect?WORKERNUMBER=42607
 	NOTE: https://sourceforge.net/p/zsh/code/ci/31f72205630687c1cef89347863aab355296a27f/
-CVE-2018-1099 (DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An ...)
+CVE-2018-1099
 	- etcd <unfixed> (low; bug #921156)
 	[buster] - etcd <no-dsa> (Minor issue)
 	NOTE: https://github.com/coreos/etcd/issues/9353
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552717
-CVE-2018-1098 (A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. ...)
+CVE-2018-1098
 	- etcd <unfixed> (low; bug #921156)
 	[buster] - etcd <no-dsa> (Minor issue)
 	NOTE: https://github.com/coreos/etcd/issues/9353
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552714
-CVE-2018-1097 (A flaw was found in foreman before 1.16.1. The issue allows users with ...)
+CVE-2018-1097
 	- foreman <itp> (bug #663101)
 	NOTE: https://projects.theforeman.org/issues/22546
 	NOTE: https://github.com/theforeman/foreman/pull/5369
-CVE-2018-1096 (An input sanitization flaw was found in the id field in the dashboard ...)
+CVE-2018-1096
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/23028
 	NOTE: https://github.com/theforeman/foreman/pull/5363
-CVE-2018-1095 (The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux ...)
+CVE-2018-1095
 	- linux 4.16.5-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199185
-CVE-2018-1094 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel ...)
+CVE-2018-1094
 	- linux 4.15.17-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199183
-CVE-2018-1093 (The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux ...)
+CVE-2018-1093
 	{DSA-4188-1 DLA-1422-1 DLA-1392-1}
 	- linux 4.15.17-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199181
-CVE-2018-1092 (The ext4_iget function in fs/ext4/inode.c in the Linux kernel through ...)
+CVE-2018-1092
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199179
 	NOTE: Fixed by: https://git.kernel.org/linus/8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44
-CVE-2018-1091 (In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c ...)
+CVE-2018-1091
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Hardware not supported; POWER9 support missing)
 	[wheezy] - linux <not-affected> (Hardware not supported)
 	NOTE: Fixed by: https://git.kernel.org/linus/c1fa0768a8713b135848f78fd43ffc208d8ded70
-CVE-2018-1090 (In Pulp before version 2.16.2, secrets are passed into override_config ...)
+CVE-2018-1090
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2018-1089 (389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not ...)
+CVE-2018-1089
 	{DLA-1428-1}
 	- 389-ds-base 1.3.8.2-1 (bug #898138)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/07/2
-CVE-2018-1088 (A privilege escalation flaw was found in gluster 3.x snapshot ...)
+CVE-2018-1088
 	- glusterfs 4.0.2-1 (bug #896128)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	[wheezy] - glusterfs <not-affected> (vulnerable code not present)
@@ -51242,19 +51232,19 @@ CVE-2018-1088 (A privilege escalation flaw was found in gluster 3.x snapshot ...
 	NOTE: CVE-2018-1112 causing that auth.allow allows all clients to mount volumes.
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1570891
 	NOTE: Needs: https://review.gluster.org/#/c/19899/1..2
-CVE-2018-1087 (kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel ...)
+CVE-2018-1087
 	{DSA-4196-1}
 	- linux 4.15.17-1
 	[wheezy] - linux <not-affected> (Issue introduced in 3.16)
 	NOTE: Fixed by: https://git.kernel.org/linus/32d43cd391bacb5f0814c2624399a5dad3501d09 (4.16-rc7)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/08/5
-CVE-2018-1086 (pcs before versions 0.9.164 and 0.10 is vulnerable to a debug ...)
+CVE-2018-1086
 	{DSA-4169-1}
 	- pcs 0.9.164-1 (bug #895313)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/09/2
-CVE-2018-1085 (openshift-ansible before versions 3.9.23, 3.7.46 deploys a ...)
+CVE-2018-1085
 	NOT-FOR-US: openshift-ansible
-CVE-2018-1084 (corosync before version 2.4.4 is vulnerable to an integer overflow in ...)
+CVE-2018-1084
 	{DSA-4174-1}
 	- corosync 2.4.4-1 (bug #895653)
 	[jessie] - corosync <not-affected> (Vulnerable code introduced later)
@@ -51263,78 +51253,78 @@ CVE-2018-1084 (corosync before version 2.4.4 is vulnerable to an integer overflo
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552830
 	NOTE: Fixed by: https://github.com/corosync/corosync/commit/fc1d5418533c1faf21616b282c2559bed7d361c4
 	NOTE: https://oss.clusterlabs.org/pipermail/users/2018-April/014856.html
-CVE-2018-1083 (Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in ...)
+CVE-2018-1083
 	{DLA-1335-1}
 	- zsh 5.4.2-4 (low; bug #894043)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/259ac472eac291c8c103c7a0d8a4eaf3c2942ed7
-CVE-2018-1082 (A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user ...)
+CVE-2018-1082
 	- moodle <removed>
-CVE-2018-1081 (A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, ...)
+CVE-2018-1081
 	- moodle <removed>
-CVE-2018-1080 (Dogtag PKI, through version 10.6.1, has a vulnerability in ...)
+CVE-2018-1080
 	[experimental] - dogtag-pki 10.6.0-2
 	- dogtag-pki 10.6.6-1 (bug #893690)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1556657
 	NOTE: https://pagure.io/freeipa/issue/7453
 	NOTE: https://review.gerrithub.io/#/c/404435/
-CVE-2018-1079 (pcs before version 0.9.164 and 0.10 is vulnerable to a privilege ...)
+CVE-2018-1079
 	- pcs 0.9.164-1 (bug #895314)
 	[stretch] - pcs <not-affected> (Vulnerable code introduced in 0.9.157)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/09/2
-CVE-2018-1078 (OpenDayLight version Carbon SR3 and earlier contain a vulnerability ...)
+CVE-2018-1078
 	NOT-FOR-US: OpenDayLight
-CVE-2018-1077 (Spacewalk 2.6 contains an API which has an XXE flaw allowing for the ...)
+CVE-2018-1077
 	NOT-FOR-US: NOT-FOR-US: Red Hat Satellite / Spacewalk
 CVE-2018-1076
 	RESERVED
-CVE-2018-1075 (ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered ...)
+CVE-2018-1075
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1074 (ovirt-engine API and administration web portal before versions ...)
+CVE-2018-1074
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1073 (The web console login form in ovirt-engine before version 4.2.3 ...)
+CVE-2018-1073
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1072 (ovirt-engine before version ovirt 4.2.2 is vulnerable to an ...)
+CVE-2018-1072
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1071 (zsh through version 5.4.2 is vulnerable to a stack-based buffer ...)
+CVE-2018-1071
 	{DLA-1335-1}
 	- zsh 5.4.2-4 (low; bug #894044)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/679b71ec4d852037fe5f73d35bf557b0f406c8d4
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553531
-CVE-2018-1070 (routing before version 3.10 is vulnerable to an improper input ...)
+CVE-2018-1070
 	NOT-FOR-US: OpenShift (Routing configuration)
-CVE-2018-1069 (Red Hat OpenShift Enterprise version 3.7 is vulnerable to access ...)
+CVE-2018-1069
 	NOT-FOR-US: OpenShift
-CVE-2018-1068 (A flaw was found in the Linux 4.x kernel's implementation of 32-bit ...)
+CVE-2018-1068
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: https://git.kernel.org/linus/b71812168571fa55e44cdd0254471331b9c4c4c6
 	NOTE: Unprivileged user namespaces are disabled in Debian, this only affects
 	NOTE: non-standard setups
-CVE-2018-1067 (In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the ...)
+CVE-2018-1067
 	- undertow 1.4.25-1 (bug #900323)
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1302
 	NOTE: Issue is incomplete fix for CVE-2016-4993
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/85d4478e598105fe94ac152d3e11e388374e8b86 (1.4.25.Final)
-CVE-2018-1066 (The Linux kernel before version 4.11 is vulnerable to a NULL pointer ...)
+CVE-2018-1066
 	{DSA-4188-1 DSA-4187-1 DLA-1422-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/cabfb3680f78981d26c078a26e5c748531257ebb
-CVE-2018-1065 (The netfilter subsystem in the Linux kernel through 4.15.7 mishandles ...)
+CVE-2018-1065
 	{DSA-4188-1}
 	- linux 4.15.11-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8
-CVE-2018-1064 (libvirt version before 4.2.0-rc1 is vulnerable to a resource ...)
+CVE-2018-1064
 	{DSA-4137-1 DLA-1315-1}
 	- libvirt 4.1.0-1
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=fbf31e1a4cd19d6f6e33e0937a009775cd7d9513
-CVE-2018-1063 (Context relabeling of filesystems is vulnerable to symbolic link ...)
+CVE-2018-1063
 	- policycoreutils 2.7-1
 	[stretch] - policycoreutils <no-dsa> (Minor issue)
 	[jessie] - policycoreutils <no-dsa> (Minor issue)
@@ -51344,9 +51334,9 @@ CVE-2018-1063 (Context relabeling of filesystems is vulnerable to symbolic link
 	NOTE: before relabeling the file system. Futhtermore only triggerable at
 	NOTE: relabeling time.
 	NOTE: https://github.com/SELinuxProject/selinux/commit/2608b4d6660af0fb8ad93f2cc144bdaab3c2afa8
-CVE-2018-1062 (A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the ...)
+CVE-2018-1062
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1061 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...)
+CVE-2018-1061
 	{DSA-4307-1 DSA-4306-1 DLA-1520-1 DLA-1519-1}
 	- python3.7 3.7.0~b3-1 (low)
 	- python3.6 3.6.5~rc1-1 (low)
@@ -51365,7 +51355,7 @@ CVE-2018-1061 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.
 	NOTE: https://github.com/python/cpython/commit/937ac1fe069a4dc8471dff205f553d82e724015b (3.5)
 	NOTE: https://github.com/python/cpython/commit/942cc04ae44825ea120e3a19a80c9b348b8194d0 (3.4)
 	NOTE: https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 (2.7)
-CVE-2018-1060 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...)
+CVE-2018-1060
 	{DSA-4307-1 DSA-4306-1 DLA-1520-1 DLA-1519-1}
 	- python3.7 3.7.0~b3-1 (low)
 	- python3.6 3.6.5~rc1-1 (low)
@@ -51384,10 +51374,10 @@ CVE-2018-1060 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.
 	NOTE: https://github.com/python/cpython/commit/937ac1fe069a4dc8471dff205f553d82e724015b (3.5)
 	NOTE: https://github.com/python/cpython/commit/942cc04ae44825ea120e3a19a80c9b348b8194d0 (3.4)
 	NOTE: https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 (2.7)
-CVE-2018-1059 (The DPDK vhost-user interface does not check to verify that all the ...)
+CVE-2018-1059
 	- dpdk 17.11.2-1 (bug #896688)
 	[stretch] - dpdk 16.11.6-1+deb9u1
-CVE-2018-1058 (A flaw was found in the way Postgresql allowed a user to modify the ...)
+CVE-2018-1058
 	- postgresql-10 10.3-1
 	- postgresql-9.6 <removed>
 	[stretch] - postgresql-9.6 9.6.8-0+deb9u1
@@ -51399,14 +51389,14 @@ CVE-2018-1058 (A flaw was found in the way Postgresql allowed a user to modify t
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=3d2aed664ee8271fd6c721ed0aa10168cda112ea
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=582edc369cdbd348d68441fc50fa26a84afd0c1a
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=5770172cb0c9df9e6ce27c507b449557e5b45124
-CVE-2018-1057 (On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 ...)
+CVE-2018-1057
 	{DSA-4135-1}
 	- samba 2:4.7.4+dfsg-2
 	[jessie] - samba <ignored> (Too intrusive to backport)
 	[wheezy] - samba <not-affected> (Vulnerable code introduced later in 4.0.0alpha13)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1057.html
 	NOTE: https://wiki.samba.org/index.php/CVE-2018-1057
-CVE-2018-1056 (An out-of-bounds heap buffer read flaw was found in the way ...)
+CVE-2018-1056
 	{DLA-1702-1 DLA-1281-1}
 	- advancecomp 2.1-1 (bug #889270)
 	[stretch] - advancecomp <no-dsa> (Minor issue, can be fixed via point release)
@@ -51414,13 +51404,13 @@ CVE-2018-1056 (An out-of-bounds heap buffer read flaw was found in the way ...)
 	NOTE: https://github.com/amadvance/advancecomp/commit/7deeafc02b29cc51d51079e66f4f43f986ff9cc5
 CVE-2018-1055
 	REJECTED
-CVE-2018-1054 (An out-of-bounds memory read flaw was found in the way 389-ds-base ...)
+CVE-2018-1054
 	{DLA-1428-1}
 	- 389-ds-base 1.3.7.10-1 (bug #892124)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1537314
 	NOTE: https://pagure.io/389-ds-base/issue/49545
 	NOTE: https://pagure.io/389-ds-base/c/14ce2fe0dfa67405dae0ae2e7fde13f6a1360d30?branch=master
-CVE-2018-1053 (In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before ...)
+CVE-2018-1053
 	{DLA-1271-1}
 	- postgresql-10 10.2-1
 	- postgresql-9.6 <removed>
@@ -51430,22 +51420,22 @@ CVE-2018-1053 (In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x bef
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie is PL/Perl only)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=6ba52aeb24e62586b51e77723d87627c18a844ca
-CVE-2018-1052 (Memory disclosure vulnerability in table partitioning was found in ...)
+CVE-2018-1052
 	- postgresql-10 10.2-1
 	- postgresql-9.6 <not-affected> (code introduced in 10)
 	- postgresql-9.4 <not-affected> (code introduced in 10)
 	- postgresql-9.1 <not-affected> (code introduced in 10)
-CVE-2018-1051 (It was found that the fix for CVE-2016-9606 in versions 3.0.22 and ...)
+CVE-2018-1051
 	- resteasy <unfixed>
 	[jessie] - resteasy <not-affected> (Incomplete fix for CVE-2016-9606 wasn't backported)
 	- resteasy3.0 <not-affected> (Incomplete fix for CVE-2016-9606 not applied)
 	NOTE: Removing deprecated YamlProvider was done in 4.0.0.Beta4
-CVE-2018-1050 (All versions of Samba from 4.0.0 onwards are vulnerable to a denial of ...)
+CVE-2018-1050
 	{DSA-4135-1 DLA-1320-1}
 	- samba 2:4.7.4+dfsg-2
 	[jessie] - samba <no-dsa> (Minor issue)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1050.html
-CVE-2018-1049 (In systemd prior to 234 a race condition exists between .mount and ...)
+CVE-2018-1049
 	{DLA-1580-1}
 	- systemd 234-1
 	[stretch] - systemd <postponed> (Minor issue, can either be included in future DSA or point release)
@@ -51453,640 +51443,640 @@ CVE-2018-1049 (In systemd prior to 234 a race condition exists between .mount an
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1709649
 	NOTE: https://github.com/systemd/systemd/pull/5916
 	NOTE: https://github.com/systemd/systemd/commit/e7d54bf58789545a9eb0b3964233defa0b007318
-CVE-2018-1048 (It was found that the AJP connector in undertow, as shipped in Jboss ...)
+CVE-2018-1048
 	- undertow 1.4.22-1 (bug #891928)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1534343
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1245
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/1bc0c275aadf5835abfbd3835d5d78095c2f1cf5
-CVE-2018-1047 (A flaw was found in Wildfly 9.x. A path traversal vulnerability ...)
+CVE-2018-1047
 	- wildfly <itp> (bug #752018)
 	NOTE: https://issues.jboss.org/browse/WFLY-9620
 	NOTE: https://developer.jboss.org/thread/276826
 	NOTE: Fixed by https://github.com/wildfly/wildfly/pull/10748
-CVE-2018-1046 (pdns before version 4.1.2 is vulnerable to a buffer overflow in ...)
+CVE-2018-1046
 	- pdns 4.1.2-1 (bug #898255)
 	[stretch] - pdns 4.0.3-1+deb9u3
 	[jessie] - pdns <not-affected> (Vulnerable code not present)
 	[wheezy] - pdns <not-affected> (Vulnerable code not present)
 	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html
 	NOTE: Fixed by https://github.com/PowerDNS/pdns/commit/f9c57c98da1b1007a51680629b667d57d9b702b8
-CVE-2018-1045 (In Moodle 3.x, there is XSS via a calendar event name. ...)
+CVE-2018-1045
 	- moodle <removed>
-CVE-2018-1044 (In Moodle 3.x, quiz web services allow students to see quiz results ...)
+CVE-2018-1044
 	- moodle <removed>
-CVE-2018-1043 (In Moodle 3.x, the setting for blocked hosts list can be bypassed with ...)
+CVE-2018-1043
 	- moodle <removed>
-CVE-2018-1042 (Moodle 3.x has Server Side Request Forgery in the filepicker. ...)
+CVE-2018-1042
 	- moodle <removed>
-CVE-2018-1041 (A vulnerability was found in the way RemoteMessageChannel, introduced ...)
+CVE-2018-1041
 	- libjboss-remoting-java <removed>
 	[wheezy] - libjboss-remoting-java <ignored> (unimportant leaf package)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1530457
-CVE-2018-1040 (A denial of service vulnerability exists in the way that the Windows ...)
+CVE-2018-1040
 	NOT-FOR-US: Microsoft
-CVE-2018-1039 (A security feature bypass vulnerability exists in .Net Framework which ...)
+CVE-2018-1039
 	NOT-FOR-US: Microsoft
-CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 ...)
+CVE-2018-1038
 	NOT-FOR-US: Microsoft
-CVE-2018-1037 (An information disclosure vulnerability exists when Visual Studio ...)
+CVE-2018-1037
 	NOT-FOR-US: Microsoft
-CVE-2018-1036 (An elevation of privilege vulnerability exists when NTFS improperly ...)
+CVE-2018-1036
 	NOT-FOR-US: Microsoft
-CVE-2018-1035 (A security feature bypass vulnerability exists in Windows which could ...)
+CVE-2018-1035
 	NOT-FOR-US: Microsoft
-CVE-2018-1034 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-1034
 	NOT-FOR-US: Microsoft
 CVE-2018-1033
 	RESERVED
-CVE-2018-1032 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-1032
 	NOT-FOR-US: Microsoft
 CVE-2018-1031
 	RESERVED
-CVE-2018-1030 (A remote code execution vulnerability exists in Microsoft Office ...)
+CVE-2018-1030
 	NOT-FOR-US: Microsoft
-CVE-2018-1029 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-1029
 	NOT-FOR-US: Microsoft
-CVE-2018-1028 (A remote code execution vulnerability exists when the Office graphics ...)
+CVE-2018-1028
 	NOT-FOR-US: Microsoft
-CVE-2018-1027 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-1027
 	NOT-FOR-US: Microsoft
-CVE-2018-1026 (A remote code execution vulnerability exists in Microsoft Office ...)
+CVE-2018-1026
 	NOT-FOR-US: Microsoft
-CVE-2018-1025 (An information disclosure vulnerability exists when affected Microsoft ...)
+CVE-2018-1025
 	NOT-FOR-US: Microsoft
 CVE-2018-1024
 	RESERVED
-CVE-2018-1023 (A remote code execution vulnerability exists in the way that Microsoft ...)
+CVE-2018-1023
 	NOT-FOR-US: Microsoft
-CVE-2018-1022 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-1022
 	NOT-FOR-US: Microsoft
-CVE-2018-1021 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-1021
 	NOT-FOR-US: Microsoft
-CVE-2018-1020 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-1020
 	NOT-FOR-US: Microsoft
-CVE-2018-1019 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-1019
 	NOT-FOR-US: Microsoft
-CVE-2018-1018 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-1018
 	NOT-FOR-US: Microsoft
 CVE-2018-1017
 	RESERVED
-CVE-2018-1016 (A remote code execution vulnerability exists when the Windows font ...)
+CVE-2018-1016
 	NOT-FOR-US: Microsoft
-CVE-2018-1015 (A remote code execution vulnerability exists when the Windows font ...)
+CVE-2018-1015
 	NOT-FOR-US: Microsoft
-CVE-2018-1014 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-1014
 	NOT-FOR-US: Microsoft
-CVE-2018-1013 (A remote code execution vulnerability exists when the Windows font ...)
+CVE-2018-1013
 	NOT-FOR-US: Microsoft
-CVE-2018-1012 (A remote code execution vulnerability exists when the Windows font ...)
+CVE-2018-1012
 	NOT-FOR-US: Microsoft
-CVE-2018-1011 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-1011
 	NOT-FOR-US: Microsoft
-CVE-2018-1010 (A remote code execution vulnerability exists when the Windows font ...)
+CVE-2018-1010
 	NOT-FOR-US: Microsoft
-CVE-2018-1009 (An elevation of privilege vulnerability exists when Windows improperly ...)
+CVE-2018-1009
 	NOT-FOR-US: Microsoft
-CVE-2018-1008 (An elevation of privilege vulnerability exists in Windows Adobe Type ...)
+CVE-2018-1008
 	NOT-FOR-US: Microsoft
-CVE-2018-1007 (An information disclosure vulnerability exists when Microsoft Office ...)
+CVE-2018-1007
 	NOT-FOR-US: Microsoft
 CVE-2018-1006
 	RESERVED
-CVE-2018-1005 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2018-1005
 	NOT-FOR-US: Microsoft
-CVE-2018-1004 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-1004
 	NOT-FOR-US: Microsoft
-CVE-2018-1003 (A buffer overflow vulnerability exists in the Microsoft JET Database ...)
+CVE-2018-1003
 	NOT-FOR-US: Microsoft
 CVE-2018-1002
 	RESERVED
-CVE-2018-1001 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-1001
 	NOT-FOR-US: Microsoft
-CVE-2018-1000 (An information disclosure vulnerability exists in the way that the ...)
+CVE-2018-1000
 	NOT-FOR-US: Microsoft
 CVE-2018-0999
 	RESERVED
-CVE-2018-0998 (An information disclosure vulnerability exists when Microsoft Edge PDF ...)
+CVE-2018-0998
 	NOT-FOR-US: Microsoft
-CVE-2018-0997 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-0997
 	NOT-FOR-US: Microsoft
-CVE-2018-0996 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0996
 	NOT-FOR-US: Microsoft
-CVE-2018-0995 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0995
 	NOT-FOR-US: Microsoft
-CVE-2018-0994 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0994
 	NOT-FOR-US: Microsoft
-CVE-2018-0993 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0993
 	NOT-FOR-US: Microsoft
 CVE-2018-0992
 	RESERVED
-CVE-2018-0991 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-0991
 	NOT-FOR-US: Microsoft
-CVE-2018-0990 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0990
 	NOT-FOR-US: Microsoft
-CVE-2018-0989 (An information disclosure vulnerability exists in the way that the ...)
+CVE-2018-0989
 	NOT-FOR-US: Microsoft
-CVE-2018-0988 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0988
 	NOT-FOR-US: Microsoft
-CVE-2018-0987 (An information disclosure vulnerability exists when the scripting ...)
+CVE-2018-0987
 	NOT-FOR-US: Microsoft
-CVE-2018-0986 (A remote code execution vulnerability exists when the Microsoft ...)
+CVE-2018-0986
 	NOT-FOR-US: Microsoft
 CVE-2018-0985
 	RESERVED
 CVE-2018-0984
 	RESERVED
-CVE-2018-0983 (Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and ...)
+CVE-2018-0983
 	NOT-FOR-US: Microsoft
-CVE-2018-0982 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-0982
 	NOT-FOR-US: Microsoft
-CVE-2018-0981 (An information disclosure vulnerability exists in the way that the ...)
+CVE-2018-0981
 	NOT-FOR-US: Microsoft
-CVE-2018-0980 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0980
 	NOT-FOR-US: Microsoft
-CVE-2018-0979 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0979
 	NOT-FOR-US: Microsoft
-CVE-2018-0978 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-0978
 	NOT-FOR-US: Microsoft
-CVE-2018-0977 (The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, ...)
+CVE-2018-0977
 	NOT-FOR-US: Microsoft
-CVE-2018-0976 (A denial of service vulnerability exists in Remote Desktop Protocol ...)
+CVE-2018-0976
 	NOT-FOR-US: Microsoft
-CVE-2018-0975 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0975
 	NOT-FOR-US: Microsoft
-CVE-2018-0974 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0974
 	NOT-FOR-US: Microsoft
-CVE-2018-0973 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0973
 	NOT-FOR-US: Microsoft
-CVE-2018-0972 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0972
 	NOT-FOR-US: Microsoft
-CVE-2018-0971 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0971
 	NOT-FOR-US: Microsoft
-CVE-2018-0970 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0970
 	NOT-FOR-US: Microsoft
-CVE-2018-0969 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0969
 	NOT-FOR-US: Microsoft
-CVE-2018-0968 (An information disclosure vulnerability exists in the Windows kernel ...)
+CVE-2018-0968
 	NOT-FOR-US: Microsoft
-CVE-2018-0967 (A denial of service vulnerability exists in the way that Windows SNMP ...)
+CVE-2018-0967
 	NOT-FOR-US: Microsoft
-CVE-2018-0966 (A security feature bypass exists when Device Guard incorrectly ...)
+CVE-2018-0966
 	NOT-FOR-US: Microsoft
-CVE-2018-0965 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2018-0965
 	NOT-FOR-US: Microsoft
-CVE-2018-0964 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
+CVE-2018-0964
 	NOT-FOR-US: Microsoft
-CVE-2018-0963 (An elevation of privilege vulnerability exists in the way that the ...)
+CVE-2018-0963
 	NOT-FOR-US: Microsoft
 CVE-2018-0962
 	RESERVED
-CVE-2018-0961 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2018-0961
 	NOT-FOR-US: Microsoft
-CVE-2018-0960 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-0960
 	NOT-FOR-US: Microsoft
-CVE-2018-0959 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2018-0959
 	NOT-FOR-US: Microsoft
-CVE-2018-0958 (A security feature bypass vulnerability exists in Windows which could ...)
+CVE-2018-0958
 	NOT-FOR-US: Microsoft
-CVE-2018-0957 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
+CVE-2018-0957
 	NOT-FOR-US: Microsoft
-CVE-2018-0956 (A denial of service vulnerability exists in the HTTP 2.0 protocol ...)
+CVE-2018-0956
 	NOT-FOR-US: Microsoft
-CVE-2018-0955 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0955
 	NOT-FOR-US: Microsoft
-CVE-2018-0954 (A remote code execution vulnerability exists in the way the scripting ...)
+CVE-2018-0954
 	NOT-FOR-US: Microsoft
-CVE-2018-0953 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0953
 	NOT-FOR-US: Microsoft
-CVE-2018-0952 (An Elevation of Privilege vulnerability exists when Diagnostics Hub ...)
+CVE-2018-0952
 	NOT-FOR-US: Microsoft
-CVE-2018-0951 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0951
 	NOT-FOR-US: Microsoft
-CVE-2018-0950 (An information disclosure vulnerability exists when Office renders ...)
+CVE-2018-0950
 	NOT-FOR-US: Microsoft
-CVE-2018-0949 (A security feature bypass vulnerability exists when Microsoft Internet ...)
+CVE-2018-0949
 	NOT-FOR-US: Microsoft
 CVE-2018-0948
 	RESERVED
-CVE-2018-0947 (Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint ...)
+CVE-2018-0947
 	NOT-FOR-US: Microsoft
-CVE-2018-0946 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0946
 	NOT-FOR-US: Microsoft
-CVE-2018-0945 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0945
 	NOT-FOR-US: Microsoft
-CVE-2018-0944 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0944
 	NOT-FOR-US: Microsoft
-CVE-2018-0943 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2018-0943
 	NOT-FOR-US: Microsoft
-CVE-2018-0942 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2018-0942
 	NOT-FOR-US: Microsoft
-CVE-2018-0941 (Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft ...)
+CVE-2018-0941
 	NOT-FOR-US: Microsoft
-CVE-2018-0940 (Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange ...)
+CVE-2018-0940
 	NOT-FOR-US: Microsoft
-CVE-2018-0939 (ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow ...)
+CVE-2018-0939
 	NOT-FOR-US: Microsoft
 CVE-2018-0938
 	RESERVED
-CVE-2018-0937 (ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code ...)
+CVE-2018-0937
 	NOT-FOR-US: Microsoft
-CVE-2018-0936 (ChakraCore and Microsoft Windows 10 1709 allow remote code execution, ...)
+CVE-2018-0936
 	NOT-FOR-US: Microsoft
-CVE-2018-0935 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2018-0935
 	NOT-FOR-US: Microsoft
-CVE-2018-0934 (ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and ...)
+CVE-2018-0934
 	NOT-FOR-US: Microsoft
-CVE-2018-0933 (ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and ...)
+CVE-2018-0933
 	NOT-FOR-US: Microsoft
-CVE-2018-0932 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2018-0932
 	NOT-FOR-US: Microsoft
-CVE-2018-0931 (ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and ...)
+CVE-2018-0931
 	NOT-FOR-US: Microsoft
-CVE-2018-0930 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows ...)
+CVE-2018-0930
 	NOT-FOR-US: Microsoft
-CVE-2018-0929 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
+CVE-2018-0929
 	NOT-FOR-US: Microsoft
 CVE-2018-0928
 	RESERVED
-CVE-2018-0927 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2018-0927
 	NOT-FOR-US: Microsoft
-CVE-2018-0926 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0926
 	NOT-FOR-US: Microsoft
-CVE-2018-0925 (ChakraCore allows remote code execution, due to how the ChakraCore ...)
+CVE-2018-0925
 	NOT-FOR-US: Microsoft
-CVE-2018-0924 (Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, ...)
+CVE-2018-0924
 	NOT-FOR-US: Microsoft
-CVE-2018-0923 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of ...)
+CVE-2018-0923
 	NOT-FOR-US: Microsoft
-CVE-2018-0922 (Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 ...)
+CVE-2018-0922
 	NOT-FOR-US: Microsoft
-CVE-2018-0921 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of ...)
+CVE-2018-0921
 	NOT-FOR-US: Microsoft
-CVE-2018-0920 (A remote code execution vulnerability exists in Microsoft Excel ...)
+CVE-2018-0920
 	NOT-FOR-US: Microsoft
-CVE-2018-0919 (Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 ...)
+CVE-2018-0919
 	NOT-FOR-US: Microsoft
 CVE-2018-0918
 	RESERVED
-CVE-2018-0917 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of ...)
+CVE-2018-0917
 	NOT-FOR-US: Microsoft
-CVE-2018-0916 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0916
 	NOT-FOR-US: Microsoft
-CVE-2018-0915 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0915
 	NOT-FOR-US: Microsoft
-CVE-2018-0914 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0914
 	NOT-FOR-US: Microsoft
-CVE-2018-0913 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0913
 	NOT-FOR-US: Microsoft
-CVE-2018-0912 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0912
 	NOT-FOR-US: Microsoft
-CVE-2018-0911 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0911
 	NOT-FOR-US: Microsoft
-CVE-2018-0910 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0910
 	NOT-FOR-US: Microsoft
-CVE-2018-0909 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
+CVE-2018-0909
 	NOT-FOR-US: Microsoft
-CVE-2018-0908 (Microsoft Identity Manager 2016 SP1 allows an attacker to gain ...)
+CVE-2018-0908
 	NOT-FOR-US: Microsoft
-CVE-2018-0907 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel ...)
+CVE-2018-0907
 	NOT-FOR-US: Microsoft
 CVE-2018-0906
 	RESERVED
 CVE-2018-0905
 	RESERVED
-CVE-2018-0904 (The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 ...)
+CVE-2018-0904
 	NOT-FOR-US: Microsoft
-CVE-2018-0903 (Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access ...)
+CVE-2018-0903
 	NOT-FOR-US: Microsoft
-CVE-2018-0902 (The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in ...)
+CVE-2018-0902
 	NOT-FOR-US: Microsoft
-CVE-2018-0901 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0901
 	NOT-FOR-US: Microsoft
-CVE-2018-0900 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0900
 	NOT-FOR-US: Microsoft
-CVE-2018-0899 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0899
 	NOT-FOR-US: Microsoft
-CVE-2018-0898 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0898
 	NOT-FOR-US: Microsoft
-CVE-2018-0897 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0897
 	NOT-FOR-US: Microsoft
-CVE-2018-0896 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0896
 	NOT-FOR-US: Microsoft
-CVE-2018-0895 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0895
 	NOT-FOR-US: Microsoft
-CVE-2018-0894 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0894
 	NOT-FOR-US: Microsoft
-CVE-2018-0893 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0893
 	NOT-FOR-US: Microsoft
-CVE-2018-0892 (An information disclosure vulnerability exists when Microsoft Edge ...)
+CVE-2018-0892
 	NOT-FOR-US: Microsoft
-CVE-2018-0891 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows ...)
+CVE-2018-0891
 	NOT-FOR-US: Microsoft
-CVE-2018-0890 (A security feature bypass vulnerability exists when Active Directory ...)
+CVE-2018-0890
 	NOT-FOR-US: Microsoft
-CVE-2018-0889 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0889
 	NOT-FOR-US: Microsoft
-CVE-2018-0888 (The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft ...)
+CVE-2018-0888
 	NOT-FOR-US: Microsoft
-CVE-2018-0887 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2018-0887
 	NOT-FOR-US: Microsoft
-CVE-2018-0886 (The Credential Security Support Provider protocol (CredSSP) in ...)
+CVE-2018-0886
 	NOT-FOR-US: Microsoft
-CVE-2018-0885 (The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft ...)
+CVE-2018-0885
 	NOT-FOR-US: Microsoft
-CVE-2018-0884 (Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and ...)
+CVE-2018-0884
 	NOT-FOR-US: Microsoft
-CVE-2018-0883 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...)
+CVE-2018-0883
 	NOT-FOR-US: Microsoft
-CVE-2018-0882 (The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server ...)
+CVE-2018-0882
 	NOT-FOR-US: Microsoft
-CVE-2018-0881 (The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, ...)
+CVE-2018-0881
 	NOT-FOR-US: Microsoft
-CVE-2018-0880 (The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server ...)
+CVE-2018-0880
 	NOT-FOR-US: Microsoft
-CVE-2018-0879 (Microsoft Edge in Windows 10 1709 allows information disclosure, due ...)
+CVE-2018-0879
 	NOT-FOR-US: Microsoft
-CVE-2018-0878 (Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 ...)
+CVE-2018-0878
 	NOT-FOR-US: Microsoft
-CVE-2018-0877 (The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, ...)
+CVE-2018-0877
 	NOT-FOR-US: Microsoft
-CVE-2018-0876 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0876
 	NOT-FOR-US: Microsoft
-CVE-2018-0875 (.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 ...)
+CVE-2018-0875
 	NOT-FOR-US: Microsoft
-CVE-2018-0874 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0874
 	NOT-FOR-US: Microsoft
-CVE-2018-0873 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, ...)
+CVE-2018-0873
 	NOT-FOR-US: Microsoft
-CVE-2018-0872 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0872
 	NOT-FOR-US: Microsoft
-CVE-2018-0871 (An information disclosure vulnerability exists when Edge improperly ...)
+CVE-2018-0871
 	NOT-FOR-US: Microsoft
-CVE-2018-0870 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2018-0870
 	NOT-FOR-US: Microsoft
-CVE-2018-0869 (SharePoint Server 2016 allows an elevation of privilege vulnerability ...)
+CVE-2018-0869
 	NOT-FOR-US: Microsoft
-CVE-2018-0868 (Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0868
 	NOT-FOR-US: Microsoft
 CVE-2018-0867
 	RESERVED
-CVE-2018-0866 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2018-0866
 	NOT-FOR-US: Microsoft
 CVE-2018-0865
 	RESERVED
-CVE-2018-0864 (SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 ...)
+CVE-2018-0864
 	NOT-FOR-US: Microsoft
 CVE-2018-0863
 	RESERVED
-CVE-2018-0862 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0862
 	NOT-FOR-US: Microsoft
-CVE-2018-0861 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2018-0861
 	NOT-FOR-US: Microsoft
-CVE-2018-0860 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0860
 	NOT-FOR-US: Microsoft
-CVE-2018-0859 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0859
 	NOT-FOR-US: Microsoft
-CVE-2018-0858 (ChakraCore allows remote code execution, due to how the ChakraCore ...)
+CVE-2018-0858
 	NOT-FOR-US: Microsoft
-CVE-2018-0857 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0857
 	NOT-FOR-US: Microsoft
-CVE-2018-0856 (Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 ...)
+CVE-2018-0856
 	NOT-FOR-US: Microsoft
-CVE-2018-0855 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
+CVE-2018-0855
 	NOT-FOR-US: Microsoft
-CVE-2018-0854 (A security feature bypass vulnerability exists in Windows Scripting ...)
+CVE-2018-0854
 	NOT-FOR-US: Microsoft
-CVE-2018-0853 (Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, ...)
+CVE-2018-0853
 	NOT-FOR-US: Microsoft
-CVE-2018-0852 (Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft ...)
+CVE-2018-0852
 	NOT-FOR-US: Microsoft
-CVE-2018-0851 (Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft ...)
+CVE-2018-0851
 	NOT-FOR-US: Microsoft
-CVE-2018-0850 (Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook ...)
+CVE-2018-0850
 	NOT-FOR-US: Microsoft
-CVE-2018-0849 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0849
 	NOT-FOR-US: Microsoft
-CVE-2018-0848 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0848
 	NOT-FOR-US: Microsoft
-CVE-2018-0847 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2018-0847
 	NOT-FOR-US: Microsoft
-CVE-2018-0846 (The Windows Common Log File System (CLFS) driver in Windows 7 SP1, ...)
+CVE-2018-0846
 	NOT-FOR-US: Microsoft
-CVE-2018-0845 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0845
 	NOT-FOR-US: Microsoft
-CVE-2018-0844 (The Windows Common Log File System (CLFS) driver in Windows 7 SP1, ...)
+CVE-2018-0844
 	NOT-FOR-US: Microsoft
-CVE-2018-0843 (The Windows kernel in Windows 10 version 1709 and Windows Server, ...)
+CVE-2018-0843
 	NOT-FOR-US: Microsoft
-CVE-2018-0842 (Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 ...)
+CVE-2018-0842
 	NOT-FOR-US: Microsoft
-CVE-2018-0841 (Microsoft Office 2016 Click-to-Run allows a remote code execution ...)
+CVE-2018-0841
 	NOT-FOR-US: Microsoft
-CVE-2018-0840 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+CVE-2018-0840
 	NOT-FOR-US: Microsoft
-CVE-2018-0839 (Microsoft Edge in Microsoft Windows 10 1703 allows information ...)
+CVE-2018-0839
 	NOT-FOR-US: Microsoft
-CVE-2018-0838 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0838
 	NOT-FOR-US: Microsoft
-CVE-2018-0837 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0837
 	NOT-FOR-US: Microsoft
-CVE-2018-0836 (Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 ...)
+CVE-2018-0836
 	NOT-FOR-US: Microsoft
-CVE-2018-0835 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0835
 	NOT-FOR-US: Microsoft
-CVE-2018-0834 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, ...)
+CVE-2018-0834
 	NOT-FOR-US: Microsoft
-CVE-2018-0833 (The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in ...)
+CVE-2018-0833
 	NOT-FOR-US: Microsoft
-CVE-2018-0832 (The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, ...)
+CVE-2018-0832
 	NOT-FOR-US: Microsoft
-CVE-2018-0831 (The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows ...)
+CVE-2018-0831
 	NOT-FOR-US: Microsoft
-CVE-2018-0830 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0830
 	NOT-FOR-US: Microsoft
-CVE-2018-0829 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0829
 	NOT-FOR-US: Microsoft
-CVE-2018-0828 (Windows 10 version 1607 and Windows Server 2016 allow an elevation of ...)
+CVE-2018-0828
 	NOT-FOR-US: Microsoft
-CVE-2018-0827 (Windows Scripting Host (WSH) in Windows 10 versions 1703 and 1709 and ...)
+CVE-2018-0827
 	NOT-FOR-US: Microsoft
-CVE-2018-0826 (Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and ...)
+CVE-2018-0826
 	NOT-FOR-US: Microsoft
-CVE-2018-0825 (StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0825
 	NOT-FOR-US: Microsoft
-CVE-2018-0824 (A remote code execution vulnerability exists in &quot;Microsoft COM for ...)
+CVE-2018-0824
 	NOT-FOR-US: Microsoft
-CVE-2018-0823 (The Named Pipe File System in Windows 10 version 1709 and Windows ...)
+CVE-2018-0823
 	NOT-FOR-US: Microsoft
-CVE-2018-0822 (NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server ...)
+CVE-2018-0822
 	NOT-FOR-US: Microsoft
-CVE-2018-0821 (AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows ...)
+CVE-2018-0821
 	NOT-FOR-US: Microsoft
-CVE-2018-0820 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0820
 	NOT-FOR-US: Microsoft
-CVE-2018-0819 (Microsoft Office 2016 for Mac allows an attacker to send a specially ...)
+CVE-2018-0819
 	NOT-FOR-US: Microsoft
-CVE-2018-0818 (Microsoft ChakraCore allows an attacker to bypass Control Flow Guard ...)
+CVE-2018-0818
 	NOT-FOR-US: Microsoft
-CVE-2018-0817 (The Windows Graphics Device Interface (GDI) in Microsoft Windows ...)
+CVE-2018-0817
 	NOT-FOR-US: Microsoft
-CVE-2018-0816 (The Windows Graphics Device Interface (GDI) in Microsoft Windows ...)
+CVE-2018-0816
 	NOT-FOR-US: Microsoft
-CVE-2018-0815 (The Windows Graphics Device Interface (GDI) in Microsoft Windows ...)
+CVE-2018-0815
 	NOT-FOR-US: Microsoft
-CVE-2018-0814 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0814
 	NOT-FOR-US: Microsoft
-CVE-2018-0813 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0813
 	NOT-FOR-US: Microsoft
-CVE-2018-0812 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0812
 	NOT-FOR-US: Microsoft
-CVE-2018-0811 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+CVE-2018-0811
 	NOT-FOR-US: Microsoft
-CVE-2018-0810 (The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, ...)
+CVE-2018-0810
 	NOT-FOR-US: Microsoft
-CVE-2018-0809 (The Windows kernel in Windows 10, versions 1703 and 1709, and Windows ...)
+CVE-2018-0809
 	NOT-FOR-US: Microsoft
-CVE-2018-0808 (ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege ...)
+CVE-2018-0808
 	NOT-FOR-US: Microsoft
-CVE-2018-0807 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0807
 	NOT-FOR-US: Microsoft
-CVE-2018-0806 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0806
 	NOT-FOR-US: Microsoft
-CVE-2018-0805 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0805
 	NOT-FOR-US: Microsoft
-CVE-2018-0804 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, ...)
+CVE-2018-0804
 	NOT-FOR-US: Microsoft
-CVE-2018-0803 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
+CVE-2018-0803
 	NOT-FOR-US: Microsoft
-CVE-2018-0802 (Equation Editor in Microsoft Office 2007, Microsoft Office 2010, ...)
+CVE-2018-0802
 	NOT-FOR-US: Microsoft
-CVE-2018-0801 (Equation Editor in Microsoft Office 2007, Microsoft Office 2010, ...)
+CVE-2018-0801
 	NOT-FOR-US: Microsoft
-CVE-2018-0800 (Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to ...)
+CVE-2018-0800
 	NOT-FOR-US: Microsoft
-CVE-2018-0799 (Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and ...)
+CVE-2018-0799
 	NOT-FOR-US: Microsoft
-CVE-2018-0798 (Equation Editor in Microsoft Office 2007, Microsoft Office 2010, ...)
+CVE-2018-0798
 	NOT-FOR-US: Microsoft
-CVE-2018-0797 (Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office ...)
+CVE-2018-0797
 	NOT-FOR-US: Microsoft
-CVE-2018-0796 (Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, ...)
+CVE-2018-0796
 	NOT-FOR-US: Microsoft
-CVE-2018-0795 (Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office ...)
+CVE-2018-0795
 	NOT-FOR-US: Microsoft
-CVE-2018-0794 (Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, ...)
+CVE-2018-0794
 	NOT-FOR-US: Microsoft
-CVE-2018-0793 (Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook ...)
+CVE-2018-0793
 	NOT-FOR-US: Microsoft
-CVE-2018-0792 (Microsoft Word 2016 in Microsoft Office 2016 allows a remote code ...)
+CVE-2018-0792
 	NOT-FOR-US: Microsoft
-CVE-2018-0791 (Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook ...)
+CVE-2018-0791
 	NOT-FOR-US: Microsoft
-CVE-2018-0790 (Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 ...)
+CVE-2018-0790
 	NOT-FOR-US: Microsoft
-CVE-2018-0789 (Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 ...)
+CVE-2018-0789
 	NOT-FOR-US: Microsoft
-CVE-2018-0788 (The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 ...)
+CVE-2018-0788
 	NOT-FOR-US: Microsoft
-CVE-2018-0787 (ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege ...)
+CVE-2018-0787
 	NOT-FOR-US: Microsoft
-CVE-2018-0786 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, ...)
+CVE-2018-0786
 	NOT-FOR-US: Microsoft
-CVE-2018-0785 (ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery ...)
+CVE-2018-0785
 	NOT-FOR-US: Microsoft
-CVE-2018-0784 (ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege ...)
+CVE-2018-0784
 	NOT-FOR-US: Microsoft
 CVE-2018-0783
 	RESERVED
 CVE-2018-0782
 	RESERVED
-CVE-2018-0781 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0781
 	NOT-FOR-US: Microsoft
-CVE-2018-0780 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
+CVE-2018-0780
 	NOT-FOR-US: Microsoft
 CVE-2018-0779
 	RESERVED
-CVE-2018-0778 (Microsoft Edge in Windows 10 1709 allows an attacker to execute ...)
+CVE-2018-0778
 	NOT-FOR-US: Microsoft
-CVE-2018-0777 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0777
 	NOT-FOR-US: Microsoft
-CVE-2018-0776 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0776
 	NOT-FOR-US: Microsoft
-CVE-2018-0775 (Microsoft Edge in Windows 10 1709 allows an attacker to execute ...)
+CVE-2018-0775
 	NOT-FOR-US: Microsoft
-CVE-2018-0774 (Microsoft Edge in Windows 10 1709 allows an attacker to execute ...)
+CVE-2018-0774
 	NOT-FOR-US: Microsoft
-CVE-2018-0773 (Microsoft Edge in Windows 10 1709 allows an attacker to execute ...)
+CVE-2018-0773
 	NOT-FOR-US: Microsoft
-CVE-2018-0772 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2018-0772
 	NOT-FOR-US: Microsoft
-CVE-2018-0771 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...)
+CVE-2018-0771
 	NOT-FOR-US: Microsoft
-CVE-2018-0770 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0770
 	NOT-FOR-US: Microsoft
-CVE-2018-0769 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0769
 	NOT-FOR-US: Microsoft
-CVE-2018-0768 (Microsoft Edge in Windows 10 1709 allows an attacker to execute ...)
+CVE-2018-0768
 	NOT-FOR-US: Microsoft
-CVE-2018-0767 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and ...)
+CVE-2018-0767
 	NOT-FOR-US: Microsoft
-CVE-2018-0766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
+CVE-2018-0766
 	NOT-FOR-US: Microsoft
-CVE-2018-0765 (A denial of service vulnerability exists when .NET and .NET Core ...)
+CVE-2018-0765
 	NOT-FOR-US: .dotnet CoreFX
 	NOTE: https://github.com/dotnet/announcements/issues/67
 	NOTE: https://github.com/dotnet/corefx/issues/29578
-CVE-2018-0764 (Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, ...)
+CVE-2018-0764
 	NOT-FOR-US: Microsoft
-CVE-2018-0763 (Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows ...)
+CVE-2018-0763
 	NOT-FOR-US: Microsoft
-CVE-2018-0762 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+CVE-2018-0762
 	NOT-FOR-US: Microsoft
-CVE-2018-0761 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
+CVE-2018-0761
 	NOT-FOR-US: Microsoft
-CVE-2018-0760 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
+CVE-2018-0760
 	NOT-FOR-US: Microsoft
 CVE-2018-0759
 	RESERVED
-CVE-2018-0758 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
+CVE-2018-0758
 	NOT-FOR-US: Microsoft
-CVE-2018-0757 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0757
 	NOT-FOR-US: Microsoft
-CVE-2018-0756 (The Windows kernel in Windows 10 Gold, 1511, 1607, 1703 and 1709, ...)
+CVE-2018-0756
 	NOT-FOR-US: Microsoft
-CVE-2018-0755 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
+CVE-2018-0755
 	NOT-FOR-US: Microsoft
-CVE-2018-0754 (The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 ...)
+CVE-2018-0754
 	NOT-FOR-US: Microsoft
-CVE-2018-0753 (Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, ...)
+CVE-2018-0753
 	NOT-FOR-US: Microsoft
-CVE-2018-0752 (The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 ...)
+CVE-2018-0752
 	NOT-FOR-US: Microsoft
-CVE-2018-0751 (The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 ...)
+CVE-2018-0751
 	NOT-FOR-US: Microsoft
-CVE-2018-0750 (The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 ...)
+CVE-2018-0750
 	NOT-FOR-US: Microsoft
-CVE-2018-0749 (The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, ...)
+CVE-2018-0749
 	NOT-FOR-US: Microsoft
-CVE-2018-0748 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0748
 	NOT-FOR-US: Microsoft
-CVE-2018-0747 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0747
 	NOT-FOR-US: Microsoft
-CVE-2018-0746 (The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and ...)
+CVE-2018-0746
 	NOT-FOR-US: Microsoft
-CVE-2018-0745 (The Windows kernel in Windows 10 version 1703. Windows 10 version ...)
+CVE-2018-0745
 	NOT-FOR-US: Microsoft
-CVE-2018-0744 (The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and ...)
+CVE-2018-0744
 	NOT-FOR-US: Microsoft
-CVE-2018-0743 (Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 ...)
+CVE-2018-0743
 	NOT-FOR-US: Microsoft
-CVE-2018-0742 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
+CVE-2018-0742
 	NOT-FOR-US: Microsoft
-CVE-2018-0741 (The Color Management Module (Icm32.dll) in Windows 7 SP1 and Windows ...)
+CVE-2018-0741
 	NOT-FOR-US: Microsoft
 CVE-2018-0740
 	REJECTED
-CVE-2018-0739 (Constructed ASN.1 types with a recursive definition (such as can be ...)
+CVE-2018-0739
 	{DSA-4158-1 DSA-4157-1 DLA-1330-1}
 	- openssl 1.1.0h-1
 	- openssl1.0 1.0.2o-1
@@ -52099,7 +52089,7 @@ CVE-2018-0739 (Constructed ASN.1 types with a recursive definition (such as can
 	NOTE: https://github.com/libtom/libtomcrypt/pull/373
 CVE-2018-0738
 	REJECTED
-CVE-2018-0737 (The OpenSSL RSA Key generation algorithm has been shown to be ...)
+CVE-2018-0737
 	{DSA-4355-1 DSA-4348-1 DLA-1449-1}
 	- openssl 1.1.0h-3 (low; bug #895844)
 	[wheezy] - openssl <postponed> (Can wait for next update)
@@ -52110,14 +52100,14 @@ CVE-2018-0737 (The OpenSSL RSA Key generation algorithm has been shown to be ...
 	NOTE: https://eprint.iacr.org/2018/367
 CVE-2018-0736
 	REJECTED
-CVE-2018-0735 (The OpenSSL ECDSA signature algorithm has been shown to be vulnerable ...)
+CVE-2018-0735
 	{DSA-4348-1 DLA-1586-1}
 	- openssl 1.1.1a-1
 	- openssl1.0 <not-affected> (Vulnerable code never present in 1.0.2 series)
 	NOTE: https://www.openssl.org/news/secadv/20181029.txt
 	NOTE: OpenSSL_1_1_1-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4
 	NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=56fb454d281a023b3f950d969693553d3f3ceea1
-CVE-2018-0734 (The OpenSSL DSA signature algorithm has been shown to be vulnerable to ...)
+CVE-2018-0734
 	{DSA-4355-1 DSA-4348-1}
 	- openssl 1.1.1a-1
 	[jessie] - openssl <postponed> (vulnerable code not present, but see note below)
@@ -52131,7 +52121,7 @@ CVE-2018-0734 (The OpenSSL DSA signature algorithm has been shown to be vulnerab
 	NOTE: introduced this vulnerability. In order to not forget this issue and probably get more
 	NOTE: information about it later, it is marked as <postponed> instead of <not-affected>
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=b96bebacfe814deb99fb64a3ed2296d95c573600
-CVE-2018-0733 (Because of an implementation bug the PA-RISC CRYPTO_memcmp function is ...)
+CVE-2018-0733
 	- openssl 1.1.0h-1 (unimportant)
 	[stretch] - openssl 1.1.0f-3+deb9u2
 	[jessie] - openssl <not-affected> (vulnerable code not present)
@@ -52139,7 +52129,7 @@ CVE-2018-0733 (Because of an implementation bug the PA-RISC CRYPTO_memcmp functi
 	- openssl1.0 <not-affected> (Only affects OpenSSL 1.1.0)
 	NOTE: Issue specific to HP-UX
 	NOTE: https://www.openssl.org/news/secadv/20180327.txt
-CVE-2018-0732 (During key agreement in a TLS handshake using a DH(E) based ...)
+CVE-2018-0732
 	{DSA-4355-1 DSA-4348-1 DLA-1449-1}
 	- openssl 1.1.1-1 (low)
 	- openssl1.0 1.0.2q-1 (low)
@@ -52160,219 +52150,219 @@ CVE-2018-0726
 	RESERVED
 CVE-2018-0725
 	RESERVED
-CVE-2018-0724 (Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance ...)
+CVE-2018-0724
 	NOT-FOR-US: Q'center Virtual Appliance
-CVE-2018-0723 (Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance ...)
+CVE-2018-0723
 	NOT-FOR-US: Q'center Virtual Appliance
-CVE-2018-0722 (Path Traversal vulnerability in Photo Station versions: 5.7.2 and ...)
+CVE-2018-0722
 	NOT-FOR-US: QNAP
-CVE-2018-0721 (Buffer Overflow vulnerability in QNAP QTS 4.2.6 build 20180711 and ...)
+CVE-2018-0721
 	NOT-FOR-US: QNAP QTS
 CVE-2018-0720
 	RESERVED
-CVE-2018-0719 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.2.6 build ...)
+CVE-2018-0719
 	NOT-FOR-US: QNAP QTS
-CVE-2018-0718 (Command injection vulnerability in Music Station 5.1.2 and earlier ...)
+CVE-2018-0718
 	NOT-FOR-US: Music Station
 CVE-2018-0717
 	RESERVED
-CVE-2018-0716 (Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS ...)
+CVE-2018-0716
 	NOT-FOR-US: QNAP
-CVE-2018-0715 (Cross-site scripting vulnerability in QNAP Photo Station versions ...)
+CVE-2018-0715
 	NOT-FOR-US: QNAP Photo Station
-CVE-2018-0714 (Command injection vulnerability in Helpdesk versions 1.1.21 and ...)
+CVE-2018-0714
 	NOT-FOR-US: Helpdesk
 CVE-2018-0713
 	RESERVED
-CVE-2018-0712 (Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build ...)
+CVE-2018-0712
 	NOT-FOR-US: QNAP
-CVE-2018-0711 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 build ...)
+CVE-2018-0711
 	NOT-FOR-US: QNAP
-CVE-2018-0710 (Command injection vulnerability in SSH of QNAP Q'center Virtual ...)
+CVE-2018-0710
 	NOT-FOR-US: QNAP
-CVE-2018-0709 (Command injection vulnerability in date of QNAP Q'center Virtual ...)
+CVE-2018-0709
 	NOT-FOR-US: QNAP
-CVE-2018-0708 (Command injection vulnerability in networking of QNAP Q'center Virtual ...)
+CVE-2018-0708
 	NOT-FOR-US: QNAP
-CVE-2018-0707 (Command injection vulnerability in change password of QNAP Q'center ...)
+CVE-2018-0707
 	NOT-FOR-US: QNAP
-CVE-2018-0706 (Exposure of Private Information in QNAP Q'center Virtual Appliance ...)
+CVE-2018-0706
 	NOT-FOR-US: QNAP
-CVE-2018-0705 (Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 ...)
+CVE-2018-0705
 	NOT-FOR-US: Cybozu
-CVE-2018-0704 (Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 ...)
+CVE-2018-0704
 	NOT-FOR-US: Cybozu
-CVE-2018-0703 (Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 ...)
+CVE-2018-0703
 	NOT-FOR-US: Cybozu
-CVE-2018-0702 (Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 ...)
+CVE-2018-0702
 	NOT-FOR-US: Cybozu
-CVE-2018-0701 (BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to ...)
+CVE-2018-0701
 	NOT-FOR-US: BlueStacks App Player
-CVE-2018-0700 (YukiWiki 2.1.3 and earlier does not process a particular request ...)
+CVE-2018-0700
 	NOT-FOR-US: YukiWiki
-CVE-2018-0699 (Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier ...)
+CVE-2018-0699
 	NOT-FOR-US: YukiWiki
-CVE-2018-0698 (Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows ...)
+CVE-2018-0698
 	NOT-FOR-US: GROWI
-CVE-2018-0697 (Cross-site scripting vulnerability in Metabase version 0.29.3 and ...)
+CVE-2018-0697
 	NOT-FOR-US: Metabase
-CVE-2018-0696 (OpenAM (Open Source Edition) 13.0 and later does not properly manage ...)
+CVE-2018-0696
 	NOT-FOR-US: OpenAM (different from src:openam)
-CVE-2018-0695 (Cross-site scripting vulnerability in User-friendly SVN (USVN) Version ...)
+CVE-2018-0695
 	NOT-FOR-US: User-friendly SVN
-CVE-2018-0694 (FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary ...)
+CVE-2018-0694
 	NOT-FOR-US: FileZen
-CVE-2018-0693 (Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows ...)
+CVE-2018-0693
 	NOT-FOR-US: FileZen
-CVE-2018-0692 (Untrusted search path vulnerability in Baidu Browser Version ...)
+CVE-2018-0692
 	NOT-FOR-US: Baidu
-CVE-2018-0691 (Multiple +Message Apps (Softbank +Message App for Android prior to ...)
+CVE-2018-0691
 	NOT-FOR-US: Softbank +Message App for Android
-CVE-2018-0690 (An unvalidated software update vulnerability in Music Center for PC ...)
+CVE-2018-0690
 	NOT-FOR-US: Music Center for PC
-CVE-2018-0689 (HTTP header injection vulnerability in SEIKO EPSON printers and ...)
+CVE-2018-0689
 	NOT-FOR-US: SEIKO
-CVE-2018-0688 (Open redirect vulnerability in SEIKO EPSON printers and scanners ...)
+CVE-2018-0688
 	NOT-FOR-US: SEIKO
-CVE-2018-0687 (Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun ...)
+CVE-2018-0687
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0686 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
+CVE-2018-0686
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0685 (SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and ...)
+CVE-2018-0685
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0684 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P ...)
+CVE-2018-0684
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0683 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P ...)
+CVE-2018-0683
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0682 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
+CVE-2018-0682
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0681 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
+CVE-2018-0681
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0680 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...)
+CVE-2018-0680
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0679 (Cross-site scripting vulnerability in multiple FXC Inc. network ...)
+CVE-2018-0679
 	NOT-FOR-US: FXC
-CVE-2018-0678 (Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows ...)
+CVE-2018-0678
 	NOT-FOR-US: BN-SDWBP3
-CVE-2018-0677 (BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with ...)
+CVE-2018-0677
 	NOT-FOR-US: BN-SDWBP3
-CVE-2018-0676 (BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the ...)
+CVE-2018-0676
 	NOT-FOR-US: BN-SDWBP3
-CVE-2018-0675 (AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script ...)
+CVE-2018-0675
 	NOT-FOR-US: AttacheCase
-CVE-2018-0674 (AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script ...)
+CVE-2018-0674
 	NOT-FOR-US: AttacheCase
-CVE-2018-0673 (Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 ...)
+CVE-2018-0673
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0672 (Cross-site scripting vulnerability in Movable Type versions prior to ...)
+CVE-2018-0672
 	- movabletype-opensource <removed>
-CVE-2018-0671 (Privilege escalation vulnerability in INplc-RT 3.08 and earlier allows ...)
+CVE-2018-0671
 	NOT-FOR-US: INplc-RT
-CVE-2018-0670 (INplc-RT 3.08 and earlier allows remote attackers to bypass ...)
+CVE-2018-0670
 	NOT-FOR-US: INplc-RT
-CVE-2018-0669 (INplc-RT 3.08 and earlier allows remote attackers to bypass ...)
+CVE-2018-0669
 	NOT-FOR-US: INplc-RT
-CVE-2018-0668 (Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers ...)
+CVE-2018-0668
 	NOT-FOR-US: INplc-RT
-CVE-2018-0667 (Untrusted search path vulnerability in Installer of INplc SDK Express ...)
+CVE-2018-0667
 	NOT-FOR-US: INplc
-CVE-2018-0666 (Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and ...)
+CVE-2018-0666
 	NOT-FOR-US: Yamaha
-CVE-2018-0665 (Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and ...)
+CVE-2018-0665
 	NOT-FOR-US: Yamaha
-CVE-2018-0664 (A vulnerability in NoMachine App for Android 5.0.63 and earlier allows ...)
+CVE-2018-0664
 	NOT-FOR-US: NoMachine App for Android
-CVE-2018-0663 (Multiple I-O DATA network camera products (TS-WRLP firmware ...)
+CVE-2018-0663
 	NOT-FOR-US: I-O DATA network camera products
-CVE-2018-0662 (Multiple I-O DATA network camera products (TS-WRLP firmware ...)
+CVE-2018-0662
 	NOT-FOR-US: I-O DATA network camera products
-CVE-2018-0661 (Multiple I-O DATA network camera products (TS-WRLP firmware ...)
+CVE-2018-0661
 	NOT-FOR-US: I-O DATA network camera products
-CVE-2018-0660 (Directory traversal vulnerability in ver.2.8.4.0 and earlier and ...)
+CVE-2018-0660
 	NOT-FOR-US: AttacheCase
-CVE-2018-0659 (Directory traversal vulnerability in ver.2.8.4.0 and earlier and ...)
+CVE-2018-0659
 	NOT-FOR-US: AttacheCase
-CVE-2018-0658 (Input validation issue in EC-CUBE Payment Module (2.12) version 3.5.23 ...)
+CVE-2018-0658
 	NOT-FOR-US: EC-CUBE
-CVE-2018-0657 (Cross-site scripting vulnerability in EC-CUBE Payment Module and ...)
+CVE-2018-0657
 	NOT-FOR-US: EC-CUBE
-CVE-2018-0656 (Untrusted search path vulnerability in The installer of Digital Paper ...)
+CVE-2018-0656
 	NOT-FOR-US: Digital Paper App
-CVE-2018-0655 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier ...)
+CVE-2018-0655
 	NOT-FOR-US: GROWI
-CVE-2018-0654 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier ...)
+CVE-2018-0654
 	NOT-FOR-US: GROWI
-CVE-2018-0653 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier ...)
+CVE-2018-0653
 	NOT-FOR-US: GROWI
-CVE-2018-0652 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier ...)
+CVE-2018-0652
 	NOT-FOR-US: GROWI
-CVE-2018-0651 (Buffer overflow in the license management function of YOKOGAWA ...)
+CVE-2018-0651
 	NOT-FOR-US: YOKOGAWA
-CVE-2018-0650 (The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 ...)
+CVE-2018-0650
 	NOT-FOR-US: LINE MUSIC for Android
-CVE-2018-0649 (Untrusted search path vulnerability in the installers of multiple ...)
+CVE-2018-0649
 	NOT-FOR-US: CANON
-CVE-2018-0648 (Untrusted search path vulnerability in installer of ChatWork Desktop ...)
+CVE-2018-0648
 	NOT-FOR-US: installer of ChatWork Desktop App for Windows
-CVE-2018-0647 (Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware ...)
+CVE-2018-0647
 	NOT-FOR-US: WL-330NUL Firmware
-CVE-2018-0646 (Directory traversal vulnerability in Explzh v.7.58 and earlier allows ...)
+CVE-2018-0646
 	NOT-FOR-US: Explzh
-CVE-2018-0645 (MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via ...)
+CVE-2018-0645
 	NOT-FOR-US: MTAppjQuery
-CVE-2018-0644 (Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer ...)
+CVE-2018-0644
 	NOT-FOR-US: ORCA (Online Receipt Computer Advantage)
-CVE-2018-0643 (Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 ...)
+CVE-2018-0643
 	NOT-FOR-US: ORCA (Online Receipt Computer Advantage)
-CVE-2018-0642 (Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 ...)
+CVE-2018-0642
 	NOT-FOR-US: FV Flowplayer Video Player
-CVE-2018-0641 (Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker ...)
+CVE-2018-0641
 	NOT-FOR-US: Aterm
-CVE-2018-0640 (Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker ...)
+CVE-2018-0640
 	NOT-FOR-US: Aterm
-CVE-2018-0639 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator ...)
+CVE-2018-0639
 	NOT-FOR-US: Aterm
-CVE-2018-0638 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator ...)
+CVE-2018-0638
 	NOT-FOR-US: Aterm
-CVE-2018-0637 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator ...)
+CVE-2018-0637
 	NOT-FOR-US: Aterm
-CVE-2018-0636 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator ...)
+CVE-2018-0636
 	NOT-FOR-US: Aterm
-CVE-2018-0635 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator ...)
+CVE-2018-0635
 	NOT-FOR-US: Aterm
-CVE-2018-0634 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator ...)
+CVE-2018-0634
 	NOT-FOR-US: Aterm
-CVE-2018-0633 (Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker ...)
+CVE-2018-0633
 	NOT-FOR-US: Aterm
-CVE-2018-0632 (Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker ...)
+CVE-2018-0632
 	NOT-FOR-US: Aterm
-CVE-2018-0631 (Aterm W300P Ver1.0.13 and earlier allows attacker with administrator ...)
+CVE-2018-0631
 	NOT-FOR-US: Aterm
-CVE-2018-0630 (Aterm W300P Ver1.0.13 and earlier allows attacker with administrator ...)
+CVE-2018-0630
 	NOT-FOR-US: Aterm
-CVE-2018-0629 (Aterm W300P Ver1.0.13 and earlier allows attacker with administrator ...)
+CVE-2018-0629
 	NOT-FOR-US: Aterm
-CVE-2018-0628 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with ...)
+CVE-2018-0628
 	NOT-FOR-US: Aterm
-CVE-2018-0627 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with ...)
+CVE-2018-0627
 	NOT-FOR-US: Aterm
-CVE-2018-0626 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with ...)
+CVE-2018-0626
 	NOT-FOR-US: Aterm
-CVE-2018-0625 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with ...)
+CVE-2018-0625
 	NOT-FOR-US: Aterm
-CVE-2018-0624 (Untrusted search path vulnerability in Multiple Yayoi 17 Series ...)
+CVE-2018-0624
 	NOT-FOR-US: Yayoi
-CVE-2018-0623 (Untrusted search path vulnerability in Multiple Yayoi 17 Series ...)
+CVE-2018-0623
 	NOT-FOR-US: Yayoi
-CVE-2018-0622 (The DHC Online Shop App for Android version 3.2.0 and earlier does not ...)
+CVE-2018-0622
 	NOT-FOR-US: DHC Online Shop App for Android
-CVE-2018-0621 (Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY ...)
+CVE-2018-0621
 	NOT-FOR-US: LOGICOOL
-CVE-2018-0620 (Untrusted search path vulnerability in LOGICOOL Game Software versions ...)
+CVE-2018-0620
 	NOT-FOR-US: LOGICOOL
-CVE-2018-0619 (Untrusted search path vulnerability in the installer of Glarysoft ...)
+CVE-2018-0619
 	NOT-FOR-US: Glarysoft
-CVE-2018-0618 (Cross-site scripting vulnerability in Mailman 2.1.26 and earlier ...)
+CVE-2018-0618
 	{DSA-4246-1 DLA-1442-1}
 	- mailman 1:2.1.27-1
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2018-June/000236.html
@@ -52381,307 +52371,307 @@ CVE-2018-0618 (Cross-site scripting vulnerability in Mailman 2.1.26 and earlier
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1754
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1783
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1785
-CVE-2018-0617 (Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to ...)
+CVE-2018-0617
 	NOT-FOR-US: ChamaNet MemoCGI
 CVE-2018-0616
 	RESERVED
 CVE-2018-0615
 	RESERVED
-CVE-2018-0614 (Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and ...)
+CVE-2018-0614
 	NOT-FOR-US: NEC
-CVE-2018-0613 (NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 ...)
+CVE-2018-0613
 	NOT-FOR-US: NEC
-CVE-2018-0612 (Cross-site scripting vulnerability in 5000 trillion yen converter ...)
+CVE-2018-0612
 	NOT-FOR-US: 5000 trillion yen converter
-CVE-2018-0611 (The ANA App for iOS version 4.0.22 and earlier does not verify X.509 ...)
+CVE-2018-0611
 	NOT-FOR-US: ANA App
-CVE-2018-0610 (Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier ...)
+CVE-2018-0610
 	NOT-FOR-US: Zenphoto
-CVE-2018-0609 (Untrusted search path vulnerability in LINE for Windows versions ...)
+CVE-2018-0609
 	NOT-FOR-US: LINE
-CVE-2018-0608 (Buffer overflow in H2O version 2.2.4 and earlier allows remote ...)
+CVE-2018-0608
 	- h2o 2.2.5+dfsg1-1
 	NOTE: https://github.com/h2o/h2o/issues/1775
-CVE-2018-0607 (SQL injection vulnerability in the Notifications application in the ...)
+CVE-2018-0607
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0606 (SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows ...)
+CVE-2018-0606
 	NOT-FOR-US: Pixelpost
-CVE-2018-0605 (Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier ...)
+CVE-2018-0605
 	NOT-FOR-US: Pixelpost
-CVE-2018-0604 (Pixelpost v1.7.3 and earlier allows remote code execution via ...)
+CVE-2018-0604
 	NOT-FOR-US: Pixelpost
-CVE-2018-0603 (Cross-site scripting vulnerability in Site Reviews versions prior to ...)
+CVE-2018-0603
 	NOT-FOR-US: Site Reviews
-CVE-2018-0602 (Cross-site scripting vulnerability in Email Subscribers &amp; Newsletters ...)
+CVE-2018-0602
 	NOT-FOR-US: Email Subscribers & Newsletters
-CVE-2018-0601 (Untrusted search path vulnerability in axpdfium v0.01 allows an ...)
+CVE-2018-0601
 	NOT-FOR-US: axpdfium
-CVE-2018-0600 (Untrusted search path vulnerability in the installer of PlayMemories ...)
+CVE-2018-0600
 	NOT-FOR-US: PlayMemories
-CVE-2018-0599 (Untrusted search path vulnerability in the installer of Visual C++ ...)
+CVE-2018-0599
 	NOT-FOR-US: Visual C++
-CVE-2018-0598 (Untrusted search path vulnerability in Self-extracting archive files ...)
+CVE-2018-0598
 	NOT-FOR-US: IExpress
-CVE-2018-0597 (Untrusted search path vulnerability in the installer of Visual Studio ...)
+CVE-2018-0597
 	NOT-FOR-US: Visual Studio
-CVE-2018-0596 (Untrusted search path vulnerability in the installer of Visual Studio ...)
+CVE-2018-0596
 	NOT-FOR-US: Visual Studio
-CVE-2018-0595 (Untrusted search path vulnerability in the installer of Skype for ...)
+CVE-2018-0595
 	NOT-FOR-US: Skype
-CVE-2018-0594 (Untrusted search path vulnerability in Skype for Windows allows an ...)
+CVE-2018-0594
 	NOT-FOR-US: Skype
-CVE-2018-0593 (Untrusted search path vulnerability in the installer of Microsoft ...)
+CVE-2018-0593
 	NOT-FOR-US: OneDrive
-CVE-2018-0592 (Untrusted search path vulnerability in Microsoft OneDrive allows an ...)
+CVE-2018-0592
 	NOT-FOR-US: OneDrive
-CVE-2018-0591 (The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver ...)
+CVE-2018-0591
 	NOT-FOR-US: KINEPASS
-CVE-2018-0590 (Ultimate Member plugin prior to version 2.0.4 for WordPress allows ...)
+CVE-2018-0590
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0589 (Ultimate Member plugin prior to version 2.0.4 for WordPress allows ...)
+CVE-2018-0589
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0588 (Directory traversal vulnerability in the AJAX function of Ultimate ...)
+CVE-2018-0588
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0587 (Unrestricted file upload vulnerability in Ultimate Member plugin prior ...)
+CVE-2018-0587
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0586 (Directory traversal vulnerability in the shortcodes function of ...)
+CVE-2018-0586
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0585 (Cross-site scripting vulnerability in Ultimate Member plugin prior to ...)
+CVE-2018-0585
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0584 (IIJ SmartKey App for Android version 2.1.0 and earlier allows remote ...)
+CVE-2018-0584
 	NOT-FOR-US: IIJ SmartKey
-CVE-2018-0583 (Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware ...)
+CVE-2018-0583
 	NOT-FOR-US: ASUS
-CVE-2018-0582 (Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version ...)
+CVE-2018-0582
 	NOT-FOR-US: ASUS
-CVE-2018-0581 (Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version ...)
+CVE-2018-0581
 	NOT-FOR-US: ASUS
-CVE-2018-0580 (Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series ...)
+CVE-2018-0580
 	NOT-FOR-US: CELSYS
-CVE-2018-0579 (Cross-site scripting vulnerability in Open Graph for Facebook, Google+ ...)
+CVE-2018-0579
 	NOT-FOR-US: WordPress plugin wonderm00ns-simple-facebook-open-graph-tags
-CVE-2018-0578 (Cross-site scripting vulnerability in PixelYourSite plugin prior to ...)
+CVE-2018-0578
 	NOT-FOR-US: WordPress plugin pixelyoursite
-CVE-2018-0577 (Cross-site scripting vulnerability in WP Google Map Plugin prior to ...)
+CVE-2018-0577
 	NOT-FOR-US: WordPress plugin wp-google-map-plugin
-CVE-2018-0576 (Cross-site scripting vulnerability in Events Manager plugin prior to ...)
+CVE-2018-0576
 	NOT-FOR-US: WordPress plugin events-manager
-CVE-2018-0575 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and ...)
+CVE-2018-0575
 	NOT-FOR-US: baserCMS
-CVE-2018-0574 (Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and ...)
+CVE-2018-0574
 	NOT-FOR-US: baserCMS
-CVE-2018-0573 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and ...)
+CVE-2018-0573
 	NOT-FOR-US: baserCMS
-CVE-2018-0572 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and ...)
+CVE-2018-0572
 	NOT-FOR-US: baserCMS
-CVE-2018-0571 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and ...)
+CVE-2018-0571
 	NOT-FOR-US: baserCMS
-CVE-2018-0570 (Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and ...)
+CVE-2018-0570
 	NOT-FOR-US: baserCMS
-CVE-2018-0569 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and ...)
+CVE-2018-0569
 	NOT-FOR-US: baserCMS
-CVE-2018-0568 (Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw ...)
+CVE-2018-0568
 	NOT-FOR-US: Joruri Gw
-CVE-2018-0567 (Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to ...)
+CVE-2018-0567
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0566 (Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to ...)
+CVE-2018-0566
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0565 (Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 ...)
+CVE-2018-0565
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0564 (Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE ...)
+CVE-2018-0564
 	NOT-FOR-US: EC-CUBE
-CVE-2018-0563 (Untrusted search path vulnerability in the installer of FLET'S VIRUS ...)
+CVE-2018-0563
 	NOT-FOR-US: FLET
-CVE-2018-0562 (Untrusted search path vulnerability in Installer of SoundEngine Free ...)
+CVE-2018-0562
 	NOT-FOR-US: Installer of SoundEngine Free
-CVE-2018-0561 (Untrusted search path vulnerability in The installer of PhishWall ...)
+CVE-2018-0561
 	NOT-FOR-US: Installer of PhishWall Client Internet Explorer
-CVE-2018-0560 (Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote ...)
+CVE-2018-0560
 	NOT-FOR-US: Hatena Bookmark App for iOS
-CVE-2018-0559 (Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 ...)
+CVE-2018-0559
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2018-0558 (Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 ...)
+CVE-2018-0558
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2018-0557 (Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to ...)
+CVE-2018-0557
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2018-0556 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to ...)
+CVE-2018-0556
 	NOT-FOR-US: Buffalo WZR-1750DHP2
-CVE-2018-0555 (Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an ...)
+CVE-2018-0555
 	NOT-FOR-US: Buffalo WZR-1750DHP2
-CVE-2018-0554 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass ...)
+CVE-2018-0554
 	NOT-FOR-US: Buffalo WZR-1750DHP2
-CVE-2018-0553 (The iRemoconWiFi App for Android version 4.1.7 and earlier does not ...)
+CVE-2018-0553
 	NOT-FOR-US: iRemoconWiFi App for Android
-CVE-2018-0552 (Untrusted search path vulnerability in The installer of PhishWall ...)
+CVE-2018-0552
 	NOT-FOR-US: installer of PhishWall Client (Firefox and Chrome edition for Windows)
-CVE-2018-0551 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 ...)
+CVE-2018-0551
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0550 (Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to ...)
+CVE-2018-0550
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0549 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 ...)
+CVE-2018-0549
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0548 (Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to ...)
+CVE-2018-0548
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0547 (Cross-site scripting vulnerability in WP All Import plugin prior to ...)
+CVE-2018-0547
 	NOT-FOR-US: WP All Import plugin for WordPress
-CVE-2018-0546 (Cross-site scripting vulnerability in WP All Import plugin prior to ...)
+CVE-2018-0546
 	NOT-FOR-US: WP All Import plugin for WordPress
-CVE-2018-0545 (LXR version 1.0.0 to 2.3.0 allows remote attackers to execute ...)
+CVE-2018-0545
 	NOT-FOR-US: LXR
-CVE-2018-0544 (Untrusted search path vulnerability in WinShot 1.53a and earlier ...)
+CVE-2018-0544
 	NOT-FOR-US: WinShot
-CVE-2018-0543 (Untrusted search path vulnerability in Jtrim 1.53c and earlier ...)
+CVE-2018-0543
 	NOT-FOR-US: Jtrim installer
-CVE-2018-0542 (Directory traversal vulnerability in WebProxy version 1.7.8 allows an ...)
+CVE-2018-0542
 	NOT-FOR-US: WebProxy (some software released by LunarLight)
-CVE-2018-0541 (Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to ...)
+CVE-2018-0541
 	NOT-FOR-US: Tiny FTP Daemon
-CVE-2018-0540 (Untrusted search path vulnerability in ViX version 2.21.148.0 allows ...)
+CVE-2018-0540
 	NOT-FOR-US: ViX
-CVE-2018-0539 (QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary ...)
+CVE-2018-0539
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0538 (Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an ...)
+CVE-2018-0538
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0537 (Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an ...)
+CVE-2018-0537
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0536 (Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an ...)
+CVE-2018-0536
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0535 (Cross-site scripting vulnerability in PHP 2chBBS version bbs18c allows ...)
+CVE-2018-0535
 	NOT-FOR-US: PHP 2chBBS
-CVE-2018-0534 (Cross-site scripting vulnerability in ArsenoL Version 0.5 allows an ...)
+CVE-2018-0534
 	NOT-FOR-US: ArsenoL
-CVE-2018-0533 (Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to ...)
+CVE-2018-0533
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0532 (Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to ...)
+CVE-2018-0532
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0531 (Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to ...)
+CVE-2018-0531
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0530 (SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows ...)
+CVE-2018-0530
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0529 (Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a ...)
+CVE-2018-0529
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0528 (Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to ...)
+CVE-2018-0528
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0527 (Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 ...)
+CVE-2018-0527
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0526 (Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an ...)
+CVE-2018-0526
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0525 (Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows ...)
+CVE-2018-0525
 	- jubatus <itp> (bug #704100)
-CVE-2018-0524 (Jubatus 1.0.2 and earlier allows remote code execution via unspecified ...)
+CVE-2018-0524
 	- jubatus <itp> (bug #704100)
-CVE-2018-0523 (Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker ...)
+CVE-2018-0523
 	NOT-FOR-US: Buffalo
-CVE-2018-0522 (Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier ...)
+CVE-2018-0522
 	NOT-FOR-US: Buffalo
-CVE-2018-0521 (Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker ...)
+CVE-2018-0521
 	NOT-FOR-US: Buffalo
-CVE-2018-0520 (Cross-site request forgery (CSRF) vulnerability in FS010W firmware ...)
+CVE-2018-0520
 	NOT-FOR-US: FS010W firmware
-CVE-2018-0519 (Cross-site scripting vulnerability in FS010W firmware FS010W_00_V1.3.0 ...)
+CVE-2018-0519
 	NOT-FOR-US: FS010W firmware
-CVE-2018-0518 (LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates ...)
+CVE-2018-0518
 	NOT-FOR-US: LINE for iOS
-CVE-2018-0517 (Untrusted search path vulnerability in Anshin net security for Windows ...)
+CVE-2018-0517
 	NOT-FOR-US: Anshin net security for Windows
-CVE-2018-0516 (Untrusted search path vulnerability in FLET'S v4 / v6 address ...)
+CVE-2018-0516
 	NOT-FOR-US: FLET'S v4 / v6 address selection tool
-CVE-2018-0515 (Untrusted search path vulnerability in &quot;FLET'S Azukeru Backup Tool&quot; ...)
+CVE-2018-0515
 	NOT-FOR-US: FLET'S Azukeru Backup Tool
-CVE-2018-0514 (MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows ...)
+CVE-2018-0514
 	NOT-FOR-US: MP Form Mail CGI eCommerce Edition
-CVE-2018-0513 (Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple ...)
+CVE-2018-0513
 	NOT-FOR-US: MTS Simple Booking
-CVE-2018-0512 (Devices with IP address setting tool &quot;MagicalFinder&quot; provided by I-O ...)
+CVE-2018-0512
 	NOT-FOR-US: IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC.
-CVE-2018-0511 (Cross-site scripting vulnerability in WP Retina 2x prior to version ...)
+CVE-2018-0511
 	NOT-FOR-US: WP Retina
-CVE-2018-0510 (Buffer overflow in epg search result viewer (kkcald) 0.7.19 and ...)
+CVE-2018-0510
 	NOT-FOR-US: kkcal
-CVE-2018-0509 (Cross-site request forgery (CSRF) vulnerability in epg search result ...)
+CVE-2018-0509
 	NOT-FOR-US: kkcal
-CVE-2018-0508 (Cross-site scripting vulnerability in epg search result viewer ...)
+CVE-2018-0508
 	NOT-FOR-US: kkcal
-CVE-2018-0507 (Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup &amp; ...)
+CVE-2018-0507
 	NOT-FOR-US: FLET'S VIRUS CLEAR
-CVE-2018-0506 (Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary ...)
+CVE-2018-0506
 	NOT-FOR-US: Nootka
-CVE-2018-0505 (Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a ...)
+CVE-2018-0505
 	{DSA-4301-1}
 	- mediawiki 1:1.31.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T194605
-CVE-2018-0504 (Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an ...)
+CVE-2018-0504
 	{DSA-4301-1}
 	- mediawiki 1:1.31.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T187638
-CVE-2018-0503 (Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a ...)
+CVE-2018-0503
 	{DSA-4301-1}
 	- mediawiki 1:1.31.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T169545
-CVE-2018-0502 (An issue was discovered in zsh before 5.6. The beginning of a #! script ...)
+CVE-2018-0502
 	- zsh 5.6-1 (bug #908000)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://www.zsh.org/mla/zsh-announce/136
 	NOTE: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d
-CVE-2018-0501 (The mirror:// method implementation in Advanced Package Tool (APT) ...)
+CVE-2018-0501
 	- apt 1.6.4
 	[stretch] - apt <not-affected> (Vulnerable code introduced in 1.6~alpha6)
 	[jessie] - apt <not-affected> (Vulnerable code introduced in 1.6~alpha6)
 	NOTE: https://mirror.fail/
-CVE-2018-0500 (Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including ...)
+CVE-2018-0500
 	- curl 7.61.0-1 (bug #903546)
 	[stretch] - curl <not-affected> (Only affects 7.54.1 to 7.60.0)
 	[jessie] - curl <not-affected> (Only affects 7.54.1 to 7.60.0)
 	NOTE: https://curl.haxx.se/docs/adv_2018-70a2.html
-CVE-2018-0499 (A cross-site scripting vulnerability in ...)
+CVE-2018-0499
 	- xapian-core 1.4.6-1 (bug #902886)
 	[stretch] - xapian-core 1.4.3-2+deb9u1
 	[jessie] - xapian-core <not-affected> (vulnerable code not present)
 	NOTE: https://lists.xapian.org/pipermail/xapian-discuss/2018-July/009652.html
-CVE-2018-0498 (ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows ...)
+CVE-2018-0498
 	{DSA-4296-1 DLA-1518-1}
 	- mbedtls 2.12.0-1 (bug #904821)
 	- polarssl <removed>
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
-CVE-2018-0497 (ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows ...)
+CVE-2018-0497
 	{DSA-4296-1 DLA-1518-1}
 	- mbedtls 2.12.0-1 (bug #904821)
 	- polarssl <removed>
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
-CVE-2018-0496 (Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 ...)
+CVE-2018-0496
 	{DLA-1686-1}
 	- freedink-dfarc 3.14-1
 	[stretch] - freedink-dfarc 3.12-1+deb9u1
 	NOTE: https://savannah.gnu.org/forum/forum.php?forum_id=9169
 	NOTE: https://git.savannah.gnu.org/cgit/freedink/dfarc.git/commit/?id=40cc957f52e772f45125126439ba9333cf2d2998
-CVE-2018-0495 (Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache ...)
+CVE-2018-0495
 	{DSA-4231-1 DLA-1405-1}
 	- libgcrypt20 1.8.3-1
 	NOTE: https://dev.gnupg.org/T4011
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=9010d1576e278a4274ad3f4aa15776c28f6ba965
-CVE-2018-0494 (GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in ...)
+CVE-2018-0494
 	{DSA-4195-1 DLA-1375-1}
 	- wget 1.19.5-1 (bug #898076)
 	NOTE: https://lists.gnu.org/archive/html/bug-wget/2018-05/msg00020.html
 	NOTE: https://savannah.gnu.org/bugs/?53763
 	NOTE: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=1fc9c95ec144499e69dc8ec76dbe07799d7d82cd
 	NOTE: https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt
-CVE-2018-0493 (remctld in remctl before 3.14, when an attacker is authorized to ...)
+CVE-2018-0493
 	{DSA-4159-1}
 	- remctl 3.14-1
 	[jessie] - remctl <not-affected> (Affected code introduced in 3.12)
 	[wheezy] - remctl <not-affected> (Affected code introduced in 3.12)
 	NOTE: https://www.eyrie.org/~eagle/software/remctl/security/2018-04-01.html
 	NOTE: https://git.eyrie.org/?p=kerberos/remctl.git;a=commitdiff;h=e2b34e086f199b39f8ea36dd621684003835d172
-CVE-2018-0492 (Johnathan Nightingale beep through 1.3.4, if setuid, has a race ...)
+CVE-2018-0492
 	{DSA-4163-1 DLA-1338-1}
 	- beep 1.3-5 (bug #894667)
 	NOTE: https://github.com/johnath/beep/issues/11
-CVE-2018-0491 (A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. ...)
+CVE-2018-0491
 	- tor 0.3.2.10-1
 	[stretch] - tor <not-affected> (Only affects tor 0.3.2.x series and later)
 	[jessie] - tor <not-affected> (Only affects tor 0.3.2.x series and later)
@@ -52690,7 +52680,7 @@ CVE-2018-0491 (A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2
 	NOTE: https://trac.torproject.org/projects/tor/ticket/24700
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=adaf3e9b89f62d68ab631b8f672d9bff996689b9
-CVE-2018-0490 (An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before ...)
+CVE-2018-0490
 	{DSA-4183-1}
 	- tor 0.3.2.10-1
 	[jessie] - tor <not-affected> (Vulnerable code introduced after tor-0.2.9.4-alpha)
@@ -52698,14 +52688,14 @@ CVE-2018-0490 (An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before ..
 	NOTE: https://trac.torproject.org/projects/tor/ticket/25074
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=65f2eec694f18a64291cc85317b9f22dacc1d8e4
-CVE-2018-0489 (Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service ...)
+CVE-2018-0489
 	{DSA-4126-1 DLA-1296-1}
 	- xmltooling 1.6.4-1
 	NOTE: https://shibboleth.net/community/advisories/secadv_20180227.txt
 	NOTE: https://issues.shibboleth.net/jira/browse/CPPXT-128
 	NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
 	NOTE: https://www.kb.cert.org/vuls/id/475445
-CVE-2018-0488 (ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the ...)
+CVE-2018-0488
 	{DSA-4147-1 DSA-4138-1}
 	- mbedtls 2.7.0-2 (bug #890287)
 	- polarssl <removed>
@@ -52713,14 +52703,14 @@ CVE-2018-0488 (ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/992b6872f3ca717282ae367749a47f006d337a87
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/464147cadc694379b7717afb7b517fe05cdb323f
-CVE-2018-0487 (ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows ...)
+CVE-2018-0487
 	{DSA-4147-1 DSA-4138-1}
 	- mbedtls 2.7.0-2 (bug #890288)
 	- polarssl <removed>
 	[wheezy] - polarssl <not-affected> (according to the upstream advisory < 1.3.7 not affected)
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/28a0c727957990ac655cbe40c7eb20b7ef01167d
-CVE-2018-0486 (Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service ...)
+CVE-2018-0486
 	{DSA-4085-1 DLA-1242-1}
 	- xmltooling 1.6.3-1
 	[stretch] - xmltooling 1.6.0-4+deb9u1
@@ -52729,579 +52719,579 @@ CVE-2018-0486 (Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Servi
 	NOTE: disallow DTD use.
 	NOTE: https://issues.shibboleth.net/jira/browse/CPPXT-127
 	NOTE: https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commit;h=a02314e96d6746d29c5697b504d37f2e04a6e6cd
-CVE-2018-0485 (A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation ...)
+CVE-2018-0485
 	NOT-FOR-US: Cisco
-CVE-2018-0484 (A vulnerability in the access control logic of the Secure Shell (SSH) ...)
+CVE-2018-0484
 	NOT-FOR-US: Cisco
-CVE-2018-0483 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...)
+CVE-2018-0483
 	NOT-FOR-US: Cisco
-CVE-2018-0482 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2018-0482
 	NOT-FOR-US: Cisco
-CVE-2018-0481 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
+CVE-2018-0481
 	NOT-FOR-US: Cisco
-CVE-2018-0480 (A vulnerability in the errdisable per VLAN feature of Cisco IOS XE ...)
+CVE-2018-0480
 	NOT-FOR-US: Cisco
 CVE-2018-0479
 	RESERVED
 CVE-2018-0478
 	RESERVED
-CVE-2018-0477 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
+CVE-2018-0477
 	NOT-FOR-US: Cisco
-CVE-2018-0476 (A vulnerability in the Network Address Translation (NAT) Session ...)
+CVE-2018-0476
 	NOT-FOR-US: Cisco
-CVE-2018-0475 (A vulnerability in the implementation of the cluster feature of Cisco ...)
+CVE-2018-0475
 	NOT-FOR-US: Cisco
-CVE-2018-0474 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-0474
 	NOT-FOR-US: Cisco
-CVE-2018-0473 (A vulnerability in the Precision Time Protocol (PTP) subsystem of ...)
+CVE-2018-0473
 	NOT-FOR-US: Cisco
-CVE-2018-0472 (A vulnerability in the IPsec driver code of multiple Cisco IOS XE ...)
+CVE-2018-0472
 	NOT-FOR-US: Cisco
-CVE-2018-0471 (A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco ...)
+CVE-2018-0471
 	NOT-FOR-US: Cisco
-CVE-2018-0470 (A vulnerability in the web framework of Cisco IOS XE Software could ...)
+CVE-2018-0470
 	NOT-FOR-US: Cisco
-CVE-2018-0469 (A vulnerability in the web user interface of Cisco IOS XE Software ...)
+CVE-2018-0469
 	NOT-FOR-US: Cisco
-CVE-2018-0468 (A vulnerability in the configuration of a local database installed as ...)
+CVE-2018-0468
 	NOT-FOR-US: Cisco
-CVE-2018-0467 (A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE ...)
+CVE-2018-0467
 	NOT-FOR-US: Cisco
-CVE-2018-0466 (A vulnerability in the Open Shortest Path First version 3 (OSPFv3) ...)
+CVE-2018-0466
 	NOT-FOR-US: Cisco
-CVE-2018-0465 (A vulnerability in the web-based management interface of Cisco Small ...)
+CVE-2018-0465
 	NOT-FOR-US: Cisco
-CVE-2018-0464 (A vulnerability in Cisco Data Center Network Manager software could ...)
+CVE-2018-0464
 	NOT-FOR-US: Cisco
-CVE-2018-0463 (A vulnerability in the Cisco Network Plug and Play server component of ...)
+CVE-2018-0463
 	NOT-FOR-US: Cisco
-CVE-2018-0462 (A vulnerability in the user management functionality of Cisco ...)
+CVE-2018-0462
 	NOT-FOR-US: Cisco
-CVE-2018-0461 (A vulnerability in the Cisco IP Phone 8800 Series Software could allow ...)
+CVE-2018-0461
 	NOT-FOR-US: Cisco
-CVE-2018-0460 (A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure ...)
+CVE-2018-0460
 	NOT-FOR-US: Cisco
-CVE-2018-0459 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0459
 	NOT-FOR-US: Cisco
-CVE-2018-0458 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2018-0458
 	NOT-FOR-US: Cisco
-CVE-2018-0457 (A vulnerability in the Cisco Webex Player for Webex Recording Format ...)
+CVE-2018-0457
 	NOT-FOR-US: Cisco
-CVE-2018-0456 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
+CVE-2018-0456
 	NOT-FOR-US: Cisco
-CVE-2018-0455 (A vulnerability in the Server Message Block Version 2 (SMBv2) and ...)
+CVE-2018-0455
 	NOT-FOR-US: Cisco
-CVE-2018-0454 (A vulnerability in the web-based management interface of Cisco Cloud ...)
+CVE-2018-0454
 	NOT-FOR-US: Cisco
-CVE-2018-0453 (A vulnerability in the Sourcefire tunnel control channel protocol in ...)
+CVE-2018-0453
 	NOT-FOR-US: Cisco
-CVE-2018-0452 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0452
 	NOT-FOR-US: Cisco
-CVE-2018-0451 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0451
 	NOT-FOR-US: Cisco
-CVE-2018-0450 (A vulnerability in the web-based management interface of Cisco Data ...)
+CVE-2018-0450
 	NOT-FOR-US: Cisco
-CVE-2018-0449 (A vulnerability in the Cisco Jabber Client Framework (JCF) software, ...)
+CVE-2018-0449
 	NOT-FOR-US: Cisco
-CVE-2018-0448 (A vulnerability in the identity management service of Cisco Digital ...)
+CVE-2018-0448
 	NOT-FOR-US: Cisco
-CVE-2018-0447 (A vulnerability in the anti-spam protection mechanisms of Cisco ...)
+CVE-2018-0447
 	NOT-FOR-US: Cisco
-CVE-2018-0446 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0446
 	NOT-FOR-US: Cisco
-CVE-2018-0445 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0445
 	NOT-FOR-US: Cisco
-CVE-2018-0444 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0444
 	NOT-FOR-US: Cisco
-CVE-2018-0443 (A vulnerability in the Control and Provisioning of Wireless Access ...)
+CVE-2018-0443
 	NOT-FOR-US: Cisco
-CVE-2018-0442 (A vulnerability in the Control and Provisioning of Wireless Access ...)
+CVE-2018-0442
 	NOT-FOR-US: Cisco
-CVE-2018-0441 (A vulnerability in the 802.11r Fast Transition feature set of Cisco ...)
+CVE-2018-0441
 	NOT-FOR-US: Cisco
-CVE-2018-0440 (A vulnerability in the web interface of Cisco Data Center Network ...)
+CVE-2018-0440
 	NOT-FOR-US: Cisco
-CVE-2018-0439 (A vulnerability in the web-based management interface of Cisco Meeting ...)
+CVE-2018-0439
 	NOT-FOR-US: Cisco
-CVE-2018-0438 (A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) ...)
+CVE-2018-0438
 	NOT-FOR-US: Cisco
-CVE-2018-0437 (A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) ...)
+CVE-2018-0437
 	NOT-FOR-US: Cisco
-CVE-2018-0436 (A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could ...)
+CVE-2018-0436
 	NOT-FOR-US: Cisco
-CVE-2018-0435 (A vulnerability in the Cisco Umbrella API could allow an ...)
+CVE-2018-0435
 	NOT-FOR-US: Cisco
-CVE-2018-0434 (A vulnerability in the Zero Touch Provisioning feature of the Cisco ...)
+CVE-2018-0434
 	NOT-FOR-US: Cisco
-CVE-2018-0433 (A vulnerability in the command-line interface (CLI) in the Cisco ...)
+CVE-2018-0433
 	NOT-FOR-US: Cisco
-CVE-2018-0432 (A vulnerability in the error reporting feature of the Cisco SD-WAN ...)
+CVE-2018-0432
 	NOT-FOR-US: Cisco
-CVE-2018-0431 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0431
 	NOT-FOR-US: Cisco
-CVE-2018-0430 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0430
 	NOT-FOR-US: Cisco
-CVE-2018-0429 (Stack-based buffer overflow in the Cisco Thor decoder before commit ...)
+CVE-2018-0429
 	NOT-FOR-US: Cisco
-CVE-2018-0428 (A vulnerability in the account management subsystem of Cisco Web ...)
+CVE-2018-0428
 	NOT-FOR-US: Cisco
-CVE-2018-0427 (A vulnerability in the CronJob scheduler API of Cisco Digital Network ...)
+CVE-2018-0427
 	NOT-FOR-US: Cisco
-CVE-2018-0426 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2018-0426
 	NOT-FOR-US: Cisco
-CVE-2018-0425 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2018-0425
 	NOT-FOR-US: Cisco
-CVE-2018-0424 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2018-0424
 	NOT-FOR-US: Cisco
-CVE-2018-0423 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2018-0423
 	NOT-FOR-US: Cisco
-CVE-2018-0422 (A vulnerability in the folder permissions of Cisco Webex Meetings ...)
+CVE-2018-0422
 	NOT-FOR-US: Cisco
-CVE-2018-0421 (A vulnerability in TCP connection management in Cisco Prime Access ...)
+CVE-2018-0421
 	NOT-FOR-US: Cisco
-CVE-2018-0420 (A vulnerability in the web-based interface of Cisco Wireless LAN ...)
+CVE-2018-0420
 	NOT-FOR-US: Cisco
-CVE-2018-0419 (A vulnerability in certain attachment detection mechanisms of Cisco ...)
+CVE-2018-0419
 	NOT-FOR-US: Cisco
-CVE-2018-0418 (A vulnerability in the Local Packet Transport Services (LPTS) feature ...)
+CVE-2018-0418
 	NOT-FOR-US: Cisco
-CVE-2018-0417 (A vulnerability in TACACS authentication with Cisco Wireless LAN ...)
+CVE-2018-0417
 	NOT-FOR-US: Cisco
-CVE-2018-0416 (A vulnerability in the web-based interface of Cisco Wireless LAN ...)
+CVE-2018-0416
 	NOT-FOR-US: Cisco
-CVE-2018-0415 (A vulnerability in the implementation of Extensible Authentication ...)
+CVE-2018-0415
 	NOT-FOR-US: Cisco
-CVE-2018-0414 (A vulnerability in the web-based UI of Cisco Secure Access Control ...)
+CVE-2018-0414
 	NOT-FOR-US: Cisco
-CVE-2018-0413 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2018-0413
 	NOT-FOR-US: Cisco
-CVE-2018-0412 (A vulnerability in the implementation of Extensible Authentication ...)
+CVE-2018-0412
 	NOT-FOR-US: Cisco
-CVE-2018-0411 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-0411
 	NOT-FOR-US: Cisco
-CVE-2018-0410 (A vulnerability in the web proxy functionality of Cisco AsyncOS ...)
+CVE-2018-0410
 	NOT-FOR-US: Cisco
-CVE-2018-0409 (A vulnerability in the XCP Router service of the Cisco Unified ...)
+CVE-2018-0409
 	NOT-FOR-US: Cisco
-CVE-2018-0408 (A vulnerability in the web-based management interface of Cisco Small ...)
+CVE-2018-0408
 	NOT-FOR-US: Cisco
-CVE-2018-0407 (A vulnerability in the web-based management interface of Cisco Small ...)
+CVE-2018-0407
 	NOT-FOR-US: Cisco
-CVE-2018-0406 (A vulnerability in the web-based management interface of Cisco Web ...)
+CVE-2018-0406
 	NOT-FOR-US: Cisco
-CVE-2018-0405 (A vulnerability in the web framework code for Cisco RV180W Wireless-N ...)
+CVE-2018-0405
 	NOT-FOR-US: Cisco
-CVE-2018-0404 (A vulnerability in the web framework code for Cisco RV180W Wireless-N ...)
+CVE-2018-0404
 	NOT-FOR-US: Cisco
-CVE-2018-0403 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2018-0403
 	NOT-FOR-US: Cisco
-CVE-2018-0402 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2018-0402
 	NOT-FOR-US: Cisco
-CVE-2018-0401 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2018-0401
 	NOT-FOR-US: Cisco
-CVE-2018-0400 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2018-0400
 	NOT-FOR-US: Cisco
-CVE-2018-0399 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2018-0399
 	NOT-FOR-US: Cisco
-CVE-2018-0398 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
+CVE-2018-0398
 	NOT-FOR-US: Cisco
-CVE-2018-0397 (A vulnerability in Cisco AMP for Endpoints Mac Connector Software ...)
+CVE-2018-0397
 	NOT-FOR-US: Cisco
-CVE-2018-0396 (A vulnerability in the web framework of the Cisco Unified ...)
+CVE-2018-0396
 	NOT-FOR-US: Cisco
-CVE-2018-0395 (A vulnerability in the Link Layer Discovery Protocol (LLDP) ...)
+CVE-2018-0395
 	NOT-FOR-US: Cisco
-CVE-2018-0394 (A vulnerability in the web upload function of Cisco Cloud Services ...)
+CVE-2018-0394
 	NOT-FOR-US: Cisco
-CVE-2018-0393 (A Read-Only User Effect Change vulnerability in the Policy Builder ...)
+CVE-2018-0393
 	NOT-FOR-US: Cisco
-CVE-2018-0392 (A vulnerability in the CLI of Cisco Policy Suite could allow an ...)
+CVE-2018-0392
 	NOT-FOR-US: Cisco
-CVE-2018-0391 (A vulnerability in the password change function of Cisco Prime ...)
+CVE-2018-0391
 	NOT-FOR-US: Cisco
-CVE-2018-0390 (A vulnerability in the web framework of Cisco Webex could allow an ...)
+CVE-2018-0390
 	NOT-FOR-US: Cisco
-CVE-2018-0389 (A vulnerability in the implementation of Session Initiation Protocol ...)
+CVE-2018-0389
 	NOT-FOR-US: Cisco
-CVE-2018-0388 (A vulnerability in the web-based interface of Cisco Wireless LAN ...)
+CVE-2018-0388
 	NOT-FOR-US: Cisco
-CVE-2018-0387 (A vulnerability in Cisco Webex Teams (for Windows and macOS) could ...)
+CVE-2018-0387
 	NOT-FOR-US: Cisco
-CVE-2018-0386 (A vulnerability in Cisco Unified Communications Domain Manager ...)
+CVE-2018-0386
 	NOT-FOR-US: Cisco
-CVE-2018-0385 (A vulnerability in the detection engine parsing of Security Socket ...)
+CVE-2018-0385
 	NOT-FOR-US: Cisco
-CVE-2018-0384 (A vulnerability in the detection engine of Cisco FireSIGHT System ...)
+CVE-2018-0384
 	NOT-FOR-US: Cisco
-CVE-2018-0383 (A vulnerability in the detection engine of Cisco FireSIGHT System ...)
+CVE-2018-0383
 	NOT-FOR-US: Cisco
 CVE-2018-0382
 	RESERVED
-CVE-2018-0381 (A vulnerability in the Cisco Aironet Series Access Points (APs) ...)
+CVE-2018-0381
 	NOT-FOR-US: Cisco
-CVE-2018-0380 (Multiple vulnerabilities exist in the Cisco Webex Network Recording ...)
+CVE-2018-0380
 	NOT-FOR-US: Cisco
-CVE-2018-0379 (Multiple vulnerabilities exist in the Cisco Webex Network Recording ...)
+CVE-2018-0379
 	NOT-FOR-US: Cisco
-CVE-2018-0378 (A vulnerability in the Precision Time Protocol (PTP) feature of Cisco ...)
+CVE-2018-0378
 	NOT-FOR-US: Cisco
-CVE-2018-0377 (A vulnerability in the Open Systems Gateway initiative (OSGi) interface ...)
+CVE-2018-0377
 	NOT-FOR-US: Cisco
-CVE-2018-0376 (A vulnerability in the Policy Builder interface of Cisco Policy Suite ...)
+CVE-2018-0376
 	NOT-FOR-US: Cisco
-CVE-2018-0375 (A vulnerability in the Cluster Manager of Cisco Policy Suite before ...)
+CVE-2018-0375
 	NOT-FOR-US: Cisco
-CVE-2018-0374 (A vulnerability in the Policy Builder database of Cisco Policy Suite ...)
+CVE-2018-0374
 	NOT-FOR-US: Cisco
-CVE-2018-0373 (A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for ...)
+CVE-2018-0373
 	NOT-FOR-US: Cisco
-CVE-2018-0372 (A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series ...)
+CVE-2018-0372
 	NOT-FOR-US: Cisco
-CVE-2018-0371 (A vulnerability in the Web Admin Interface of Cisco Meeting Server ...)
+CVE-2018-0371
 	NOT-FOR-US: Cisco
-CVE-2018-0370 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-0370
 	NOT-FOR-US: Cisco
-CVE-2018-0369 (A vulnerability in the reassembly logic for fragmented IPv4 packets of ...)
+CVE-2018-0369
 	NOT-FOR-US: Cisco
-CVE-2018-0368 (A vulnerability in Cisco Digital Network Architecture (DNA) Center ...)
+CVE-2018-0368
 	NOT-FOR-US: Cisco
-CVE-2018-0367 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2018-0367
 	NOT-FOR-US: Cisco
-CVE-2018-0366 (A vulnerability in the web-based management interface of Cisco Web ...)
+CVE-2018-0366
 	NOT-FOR-US: Cisco
-CVE-2018-0365 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0365
 	NOT-FOR-US: Cisco
-CVE-2018-0364 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-0364
 	NOT-FOR-US: Cisco
-CVE-2018-0363 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-0363
 	NOT-FOR-US: Cisco
-CVE-2018-0362 (A vulnerability in BIOS authentication management of Cisco 5000 Series ...)
+CVE-2018-0362
 	NOT-FOR-US: Cisco
-CVE-2018-0361 (ClamAV before 0.100.1 lacks a PDF object length check, resulting in an ...)
+CVE-2018-0361
 	{DLA-1461-1}
 	- clamav 0.100.1+dfsg-1
 	[stretch] - clamav 0.100.1+dfsg-0+deb9u1
 	NOTE: https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
-CVE-2018-0360 (ClamAV before 0.100.1 has an HWP integer overflow with a resultant ...)
+CVE-2018-0360
 	{DLA-1461-1}
 	- clamav 0.100.1+dfsg-1
 	[stretch] - clamav 0.100.1+dfsg-0+deb9u1
 	NOTE: https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
-CVE-2018-0359 (A vulnerability in the session identification management functionality ...)
+CVE-2018-0359
 	NOT-FOR-US: Cisco
-CVE-2018-0358 (A vulnerability in the file descriptor handling of Cisco TelePresence ...)
+CVE-2018-0358
 	NOT-FOR-US: Cisco
-CVE-2018-0357 (A vulnerability in the web framework of Cisco WebEx could allow an ...)
+CVE-2018-0357
 	NOT-FOR-US: Cisco
-CVE-2018-0356 (A vulnerability in the web framework of Cisco WebEx could allow an ...)
+CVE-2018-0356
 	NOT-FOR-US: Cisco
-CVE-2018-0355 (A vulnerability in the web UI of Cisco Unified Communications Manager ...)
+CVE-2018-0355
 	NOT-FOR-US: Cisco
-CVE-2018-0354 (A vulnerability in the web framework of Cisco Unity Connection could ...)
+CVE-2018-0354
 	NOT-FOR-US: Cisco
-CVE-2018-0353 (A vulnerability in traffic-monitoring functions in Cisco Web Security ...)
+CVE-2018-0353
 	NOT-FOR-US: Cisco
-CVE-2018-0352 (A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide ...)
+CVE-2018-0352
 	NOT-FOR-US: Cisco
-CVE-2018-0351 (A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN ...)
+CVE-2018-0351
 	NOT-FOR-US: Cisco (tcpdump utility in Cisco SD-WAN Solution, but CVE is Cisco specific assigned)
-CVE-2018-0350 (A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN ...)
+CVE-2018-0350
 	NOT-FOR-US: Cisco
-CVE-2018-0349 (A vulnerability in the Cisco SD-WAN Solution could allow an ...)
+CVE-2018-0349
 	NOT-FOR-US: Cisco
-CVE-2018-0348 (A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an ...)
+CVE-2018-0348
 	NOT-FOR-US: Cisco
-CVE-2018-0347 (A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the ...)
+CVE-2018-0347
 	NOT-FOR-US: Cisco
-CVE-2018-0346 (A vulnerability in the Zero Touch Provisioning service of the Cisco ...)
+CVE-2018-0346
 	NOT-FOR-US: Cisco
-CVE-2018-0345 (A vulnerability in the configuration and management database of the ...)
+CVE-2018-0345
 	NOT-FOR-US: Cisco
-CVE-2018-0344 (A vulnerability in the vManage dashboard for the configuration and ...)
+CVE-2018-0344
 	NOT-FOR-US: Cisco
-CVE-2018-0343 (A vulnerability in the configuration and management service of the ...)
+CVE-2018-0343
 	NOT-FOR-US: Cisco
-CVE-2018-0342 (A vulnerability in the configuration and monitoring service of the ...)
+CVE-2018-0342
 	NOT-FOR-US: Cisco
-CVE-2018-0341 (A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and ...)
+CVE-2018-0341
 	NOT-FOR-US: Cisco
-CVE-2018-0340 (A vulnerability in the web framework of the Cisco Unified ...)
+CVE-2018-0340
 	NOT-FOR-US: Cisco
-CVE-2018-0339 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2018-0339
 	NOT-FOR-US: Cisco
-CVE-2018-0338 (A vulnerability in the role-based access-checking mechanisms of Cisco ...)
+CVE-2018-0338
 	NOT-FOR-US: Cisco
-CVE-2018-0337 (A vulnerability in the role-based access-checking mechanisms of Cisco ...)
+CVE-2018-0337
 	NOT-FOR-US: Cisco
-CVE-2018-0336 (A vulnerability in the batch provisioning feature of Cisco Prime ...)
+CVE-2018-0336
 	NOT-FOR-US: Cisco
-CVE-2018-0335 (A vulnerability in the web portal authentication process of Cisco Prime ...)
+CVE-2018-0335
 	NOT-FOR-US: Cisco
-CVE-2018-0334 (A vulnerability in the certificate management subsystem of Cisco ...)
+CVE-2018-0334
 	NOT-FOR-US: Cisco
-CVE-2018-0333 (A vulnerability in the VPN configuration management of Cisco FireSIGHT ...)
+CVE-2018-0333
 	NOT-FOR-US: Cisco
-CVE-2018-0332 (A vulnerability in the Session Initiation Protocol (SIP) ingress packet ...)
+CVE-2018-0332
 	NOT-FOR-US: Cisco
-CVE-2018-0331 (A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) ...)
+CVE-2018-0331
 	NOT-FOR-US: Cisco
-CVE-2018-0330 (A vulnerability in the NX-API management application programming ...)
+CVE-2018-0330
 	NOT-FOR-US: Cisco
-CVE-2018-0329 (A vulnerability in the default configuration of the Simple Network ...)
+CVE-2018-0329
 	NOT-FOR-US: Cisco
-CVE-2018-0328 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2018-0328
 	NOT-FOR-US: Cisco
-CVE-2018-0327 (A vulnerability in the web framework of Cisco Identity Services Engine ...)
+CVE-2018-0327
 	NOT-FOR-US: Cisco
-CVE-2018-0326 (A vulnerability in the web UI of Cisco TelePresence Server Software ...)
+CVE-2018-0326
 	NOT-FOR-US: Cisco
-CVE-2018-0325 (A vulnerability in the Session Initiation Protocol (SIP) call-handling ...)
+CVE-2018-0325
 	NOT-FOR-US: Cisco
-CVE-2018-0324 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure ...)
+CVE-2018-0324
 	NOT-FOR-US: Cisco
-CVE-2018-0323 (A vulnerability in the web management interface of Cisco Enterprise NFV ...)
+CVE-2018-0323
 	NOT-FOR-US: Cisco
-CVE-2018-0322 (A vulnerability in the web management interface of Cisco Prime ...)
+CVE-2018-0322
 	NOT-FOR-US: Cisco
-CVE-2018-0321 (A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could ...)
+CVE-2018-0321
 	NOT-FOR-US: Cisco
-CVE-2018-0320 (A vulnerability in the web framework code of Cisco Prime Collaboration ...)
+CVE-2018-0320
 	NOT-FOR-US: Cisco
-CVE-2018-0319 (A vulnerability in the password recovery function of Cisco Prime ...)
+CVE-2018-0319
 	NOT-FOR-US: Cisco
-CVE-2018-0318 (A vulnerability in the password reset function of Cisco Prime ...)
+CVE-2018-0318
 	NOT-FOR-US: Cisco
-CVE-2018-0317 (A vulnerability in the web interface of Cisco Prime Collaboration ...)
+CVE-2018-0317
 	NOT-FOR-US: Cisco
-CVE-2018-0316 (A vulnerability in the Session Initiation Protocol (SIP) call-handling ...)
+CVE-2018-0316
 	NOT-FOR-US: Cisco
-CVE-2018-0315 (A vulnerability in the authentication, authorization, and accounting ...)
+CVE-2018-0315
 	NOT-FOR-US: Cisco
-CVE-2018-0314 (A vulnerability in the Cisco Fabric Services (CFS) component of Cisco ...)
+CVE-2018-0314
 	NOT-FOR-US: Cisco
-CVE-2018-0313 (A vulnerability in the NX-API feature of Cisco NX-OS Software could ...)
+CVE-2018-0313
 	NOT-FOR-US: Cisco
-CVE-2018-0312 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS ...)
+CVE-2018-0312
 	NOT-FOR-US: Cisco
-CVE-2018-0311 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS ...)
+CVE-2018-0311
 	NOT-FOR-US: Cisco
-CVE-2018-0310 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS ...)
+CVE-2018-0310
 	NOT-FOR-US: Cisco
-CVE-2018-0309 (A vulnerability in the implementation of a specific CLI command and the ...)
+CVE-2018-0309
 	NOT-FOR-US: Cisco
-CVE-2018-0308 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS ...)
+CVE-2018-0308
 	NOT-FOR-US: Cisco
-CVE-2018-0307 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2018-0307
 	NOT-FOR-US: Cisco
-CVE-2018-0306 (A vulnerability in the CLI parser of Cisco NX-OS Software could allow ...)
+CVE-2018-0306
 	NOT-FOR-US: Cisco
-CVE-2018-0305 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS ...)
+CVE-2018-0305
 	NOT-FOR-US: Cisco
-CVE-2018-0304 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS ...)
+CVE-2018-0304
 	NOT-FOR-US: Cisco
-CVE-2018-0303 (A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS ...)
+CVE-2018-0303
 	NOT-FOR-US: Cisco
-CVE-2018-0302 (A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS ...)
+CVE-2018-0302
 	NOT-FOR-US: Cisco
-CVE-2018-0301 (A vulnerability in the NX-API feature of Cisco NX-OS Software could ...)
+CVE-2018-0301
 	NOT-FOR-US: Cisco
-CVE-2018-0300 (A vulnerability in the process of uploading new application images to ...)
+CVE-2018-0300
 	NOT-FOR-US: Cisco
-CVE-2018-0299 (A vulnerability in the Simple Network Management Protocol (SNMP) ...)
+CVE-2018-0299
 	NOT-FOR-US: Cisco
-CVE-2018-0298 (A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric ...)
+CVE-2018-0298
 	NOT-FOR-US: Cisco
-CVE-2018-0297 (A vulnerability in the detection engine of Cisco Firepower Threat ...)
+CVE-2018-0297
 	NOT-FOR-US: Cisco
-CVE-2018-0296 (A vulnerability in the web interface of the Cisco Adaptive Security ...)
+CVE-2018-0296
 	NOT-FOR-US: Cisco
-CVE-2018-0295 (A vulnerability in the Border Gateway Protocol (BGP) implementation of ...)
+CVE-2018-0295
 	NOT-FOR-US: Cisco
-CVE-2018-0294 (A vulnerability in the write-erase feature of Cisco FXOS Software and ...)
+CVE-2018-0294
 	NOT-FOR-US: Cisco
-CVE-2018-0293 (A vulnerability in role-based access control (RBAC) for Cisco NX-OS ...)
+CVE-2018-0293
 	NOT-FOR-US: Cisco
-CVE-2018-0292 (A vulnerability in the Internet Group Management Protocol (IGMP) ...)
+CVE-2018-0292
 	NOT-FOR-US: Cisco
-CVE-2018-0291 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
+CVE-2018-0291
 	NOT-FOR-US: Cisco
-CVE-2018-0290 (A vulnerability in the TCP stack of Cisco SocialMiner could allow an ...)
+CVE-2018-0290
 	NOT-FOR-US: Cisco
-CVE-2018-0289 (A vulnerability in the logs component of Cisco Identity Services Engine ...)
+CVE-2018-0289
 	NOT-FOR-US: Cisco
-CVE-2018-0288 (A vulnerability in Cisco WebEx Recording Format (WRF) Player could ...)
+CVE-2018-0288
 	NOT-FOR-US: Cisco
-CVE-2018-0287 (A vulnerability in the Cisco WebEx Network Recording Player for ...)
+CVE-2018-0287
 	NOT-FOR-US: Cisco
-CVE-2018-0286 (A vulnerability in the netconf interface of Cisco IOS XR Software could ...)
+CVE-2018-0286
 	NOT-FOR-US: Cisco
-CVE-2018-0285 (A vulnerability in service logging for Cisco Prime Service Catalog ...)
+CVE-2018-0285
 	NOT-FOR-US: Cisco
-CVE-2018-0284 (A vulnerability in the local status page functionality of the Cisco ...)
+CVE-2018-0284
 	NOT-FOR-US: Cisco
-CVE-2018-0283 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-0283
 	NOT-FOR-US: Cisco
-CVE-2018-0282 (A vulnerability in the TCP socket code of Cisco IOS and IOS XE ...)
+CVE-2018-0282
 	NOT-FOR-US: Cisco
-CVE-2018-0281 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-0281
 	NOT-FOR-US: Cisco
-CVE-2018-0280 (A vulnerability in the Real-Time Transport Protocol (RTP) bitstream ...)
+CVE-2018-0280
 	NOT-FOR-US: Cisco
-CVE-2018-0279 (A vulnerability in the Secure Copy Protocol (SCP) server of Cisco ...)
+CVE-2018-0279
 	NOT-FOR-US: Cisco
-CVE-2018-0278 (A vulnerability in the management console of Cisco Firepower System ...)
+CVE-2018-0278
 	NOT-FOR-US: Cisco
-CVE-2018-0277 (A vulnerability in the Extensible Authentication Protocol-Transport ...)
+CVE-2018-0277
 	NOT-FOR-US: Cisco
-CVE-2018-0276 (A vulnerability in Cisco WebEx Connect IM could allow an ...)
+CVE-2018-0276
 	NOT-FOR-US: Cisco
-CVE-2018-0275 (A vulnerability in the support tunnel feature of Cisco Identity ...)
+CVE-2018-0275
 	NOT-FOR-US: Cisco
-CVE-2018-0274 (A vulnerability in the CLI parser of Cisco Network Services ...)
+CVE-2018-0274
 	NOT-FOR-US: Cisco
-CVE-2018-0273 (A vulnerability in the IPsec Manager of Cisco StarOS for Cisco ...)
+CVE-2018-0273
 	NOT-FOR-US: Cisco
-CVE-2018-0272 (A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco ...)
+CVE-2018-0272
 	NOT-FOR-US: Cisco
-CVE-2018-0271 (A vulnerability in the API gateway of the Cisco Digital Network ...)
+CVE-2018-0271
 	NOT-FOR-US: Cisco
-CVE-2018-0270 (A vulnerability in the web-based management interface of Cisco IoT ...)
+CVE-2018-0270
 	NOT-FOR-US: Cisco
-CVE-2018-0269 (A vulnerability in the web framework of the Cisco Digital Network ...)
+CVE-2018-0269
 	NOT-FOR-US: Cisco
-CVE-2018-0268 (A vulnerability in the container management subsystem of Cisco Digital ...)
+CVE-2018-0268
 	NOT-FOR-US: Cisco
-CVE-2018-0267 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2018-0267
 	NOT-FOR-US: Cisco
-CVE-2018-0266 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2018-0266
 	NOT-FOR-US: Cisco
 CVE-2018-0265
 	RESERVED
-CVE-2018-0264 (A vulnerability in the Cisco WebEx Network Recording Player for ...)
+CVE-2018-0264
 	NOT-FOR-US: Cisco
-CVE-2018-0263 (A vulnerability in Cisco Meeting Server (CMS) could allow an ...)
+CVE-2018-0263
 	NOT-FOR-US: Cisco
-CVE-2018-0262 (A vulnerability in Cisco Meeting Server could allow an unauthenticated, ...)
+CVE-2018-0262
 	NOT-FOR-US: Cisco
 CVE-2018-0261
 	RESERVED
-CVE-2018-0260 (A vulnerability in the web interface of Cisco MATE Live could allow an ...)
+CVE-2018-0260
 	NOT-FOR-US: Cisco
-CVE-2018-0259 (A vulnerability in the web-based management interface of Cisco MATE ...)
+CVE-2018-0259
 	NOT-FOR-US: Cisco
-CVE-2018-0258 (A vulnerability in the Cisco Prime File Upload servlet affecting ...)
+CVE-2018-0258
 	NOT-FOR-US: Cisco
-CVE-2018-0257 (A vulnerability in Cisco IOS XE Software running on Cisco cBR Series ...)
+CVE-2018-0257
 	NOT-FOR-US: Cisco
-CVE-2018-0256 (A vulnerability in the peer-to-peer message processing functionality of ...)
+CVE-2018-0256
 	NOT-FOR-US: Cisco
-CVE-2018-0255 (A vulnerability in the device manager web interface of Cisco Industrial ...)
+CVE-2018-0255
 	NOT-FOR-US: Cisco
-CVE-2018-0254 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-0254
 	NOT-FOR-US: Cisco
-CVE-2018-0253 (A vulnerability in the ACS Report component of Cisco Secure Access ...)
+CVE-2018-0253
 	NOT-FOR-US: Cisco
-CVE-2018-0252 (A vulnerability in the IP Version 4 (IPv4) fragment reassembly function ...)
+CVE-2018-0252
 	NOT-FOR-US: Cisco
-CVE-2018-0251 (A vulnerability in the Web Server Authentication Required screen of the ...)
+CVE-2018-0251
 	NOT-FOR-US: Cisco
-CVE-2018-0250 (A vulnerability in Central Web Authentication (CWA) with FlexConnect ...)
+CVE-2018-0250
 	NOT-FOR-US: Cisco
-CVE-2018-0249 (A vulnerability when handling incoming 802.11 Association Requests for ...)
+CVE-2018-0249
 	NOT-FOR-US: Cisco
 CVE-2018-0248
 	RESERVED
-CVE-2018-0247 (A vulnerability in Web Authentication (WebAuth) clients for the Cisco ...)
+CVE-2018-0247
 	NOT-FOR-US: Cisco
 CVE-2018-0246
 	RESERVED
-CVE-2018-0245 (A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless ...)
+CVE-2018-0245
 	NOT-FOR-US: Cisco
-CVE-2018-0244 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-0244
 	NOT-FOR-US: Cisco
-CVE-2018-0243 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-0243
 	NOT-FOR-US: Cisco
-CVE-2018-0242 (A vulnerability in the WebVPN web-based management interface of Cisco ...)
+CVE-2018-0242
 	NOT-FOR-US: Cisco
-CVE-2018-0241 (A vulnerability in the UDP broadcast forwarding function of Cisco IOS ...)
+CVE-2018-0241
 	NOT-FOR-US: Cisco
-CVE-2018-0240 (Multiple vulnerabilities in the Application Layer Protocol Inspection ...)
+CVE-2018-0240
 	NOT-FOR-US: Cisco
-CVE-2018-0239 (A vulnerability in the egress packet processing functionality of the ...)
+CVE-2018-0239
 	NOT-FOR-US: Cisco
-CVE-2018-0238 (A vulnerability in the role-based resource checking functionality of ...)
+CVE-2018-0238
 	NOT-FOR-US: Cisco
-CVE-2018-0237 (A vulnerability in the file type detection mechanism of the Cisco ...)
+CVE-2018-0237
 	NOT-FOR-US: Cisco
 CVE-2018-0236
 	RESERVED
-CVE-2018-0235 (A vulnerability in the 802.11 frame validation functionality of the ...)
+CVE-2018-0235
 	NOT-FOR-US: Cisco
-CVE-2018-0234 (A vulnerability in the implementation of Point-to-Point Tunneling ...)
+CVE-2018-0234
 	NOT-FOR-US: Cisco
-CVE-2018-0233 (A vulnerability in the Secure Sockets Layer (SSL) packet reassembly ...)
+CVE-2018-0233
 	NOT-FOR-US: Cisco
 CVE-2018-0232
 	RESERVED
-CVE-2018-0231 (A vulnerability in the Transport Layer Security (TLS) library of Cisco ...)
+CVE-2018-0231
 	NOT-FOR-US: Cisco
-CVE-2018-0230 (A vulnerability in the internal packet-processing functionality of ...)
+CVE-2018-0230
 	NOT-FOR-US: Cisco
-CVE-2018-0229 (A vulnerability in the implementation of Security Assertion Markup ...)
+CVE-2018-0229
 	NOT-FOR-US: Cisco
-CVE-2018-0228 (A vulnerability in the ingress flow creation functionality of Cisco ...)
+CVE-2018-0228
 	NOT-FOR-US: Cisco
-CVE-2018-0227 (A vulnerability in the Secure Sockets Layer (SSL) Virtual Private ...)
+CVE-2018-0227
 	NOT-FOR-US: Cisco
-CVE-2018-0226 (A vulnerability in the assignment and management of default user ...)
+CVE-2018-0226
 	NOT-FOR-US: Cisco
-CVE-2018-0225 (The Enterprise Console in Cisco AppDynamics App iQ Platform before ...)
+CVE-2018-0225
 	NOT-FOR-US: Cisco
-CVE-2018-0224 (A vulnerability in the CLI of the Cisco StarOS operating system for ...)
+CVE-2018-0224
 	NOT-FOR-US: Cisco
-CVE-2018-0223 (A vulnerability in DesktopServlet in the web-based management interface ...)
+CVE-2018-0223
 	NOT-FOR-US: Cisco
-CVE-2018-0222 (A vulnerability in Cisco Digital Network Architecture (DNA) Center ...)
+CVE-2018-0222
 	NOT-FOR-US: Cisco
-CVE-2018-0221 (A vulnerability in specific CLI commands for the Cisco Identity ...)
+CVE-2018-0221
 	NOT-FOR-US: Cisco
-CVE-2018-0220 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0220
 	NOT-FOR-US: Cisco
-CVE-2018-0219 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-0219
 	NOT-FOR-US: Cisco
-CVE-2018-0218 (A vulnerability in the web-based user interface of the Cisco Secure ...)
+CVE-2018-0218
 	NOT-FOR-US: Cisco
-CVE-2018-0217 (A vulnerability in the CLI of the Cisco StarOS operating system for ...)
+CVE-2018-0217
 	NOT-FOR-US: Cisco
-CVE-2018-0216 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2018-0216
 	NOT-FOR-US: Cisco
-CVE-2018-0215 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2018-0215
 	NOT-FOR-US: Cisco
-CVE-2018-0214 (A vulnerability in certain CLI commands of Cisco Identity Services ...)
+CVE-2018-0214
 	NOT-FOR-US: Cisco
-CVE-2018-0213 (A vulnerability in the credential reset functionality for Cisco ...)
+CVE-2018-0213
 	NOT-FOR-US: Cisco
-CVE-2018-0212 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2018-0212
 	NOT-FOR-US: Cisco
-CVE-2018-0211 (A vulnerability in specific CLI commands for the Cisco Identity ...)
+CVE-2018-0211
 	NOT-FOR-US: Cisco
-CVE-2018-0210 (A vulnerability in the web-based management interface of Cisco Data ...)
+CVE-2018-0210
 	NOT-FOR-US: Cisco
-CVE-2018-0209 (A vulnerability in the Simple Network Management Protocol (SNMP) ...)
+CVE-2018-0209
 	NOT-FOR-US: Cisco
-CVE-2018-0208 (A vulnerability in the web-based management interface of the (cloud ...)
+CVE-2018-0208
 	NOT-FOR-US: Cisco
-CVE-2018-0207 (A vulnerability in the web-based user interface of the Cisco Secure ...)
+CVE-2018-0207
 	NOT-FOR-US: Cisco
-CVE-2018-0206 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-0206
 	NOT-FOR-US: Cisco
-CVE-2018-0205 (A vulnerability in the User Provisioning tab in the Cisco Prime ...)
+CVE-2018-0205
 	NOT-FOR-US: Cisco
-CVE-2018-0204 (A vulnerability in the web portal of the Cisco Prime Collaboration ...)
+CVE-2018-0204
 	NOT-FOR-US: Cisco
-CVE-2018-0203 (A vulnerability in the SMTP relay of Cisco Unity Connection could allow ...)
+CVE-2018-0203
 	NOT-FOR-US: Cisco
-CVE-2018-0202 (clamscan in ClamAV before 0.99.4 contains a vulnerability that could ...)
+CVE-2018-0202
 	{DLA-1307-1}
 	- clamav 0.100.0~beta+dfsg-2
 	[stretch] - clamav 0.99.4+dfsg-1+deb9u1
@@ -53312,237 +53302,237 @@ CVE-2018-0202 (clamscan in ClamAV before 0.99.4 contains a vulnerability that co
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/0df2fedf2805e574512c486b32a0fff4ed394560
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/495fce917445063d519f14b0009cee025f817bc3
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/99eadf7a9ad351210165312362d1f32b77c6f857
-CVE-2018-0201 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...)
+CVE-2018-0201
 	NOT-FOR-US: Cisco
-CVE-2018-0200 (A vulnerability in the web-based interface of Cisco Prime Service ...)
+CVE-2018-0200
 	NOT-FOR-US: Cisco
-CVE-2018-0199 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...)
+CVE-2018-0199
 	NOT-FOR-US: Cisco
-CVE-2018-0198 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2018-0198
 	NOT-FOR-US: Cisco
-CVE-2018-0197 (A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco ...)
+CVE-2018-0197
 	NOT-FOR-US: Cisco
-CVE-2018-0196 (A vulnerability in the web-based user interface (web UI) of Cisco IOS ...)
+CVE-2018-0196
 	NOT-FOR-US: Cisco
-CVE-2018-0195 (A vulnerability in the Cisco IOS XE Software REST API could allow an ...)
+CVE-2018-0195
 	NOT-FOR-US: Cisco
-CVE-2018-0194 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+CVE-2018-0194
 	NOT-FOR-US: Cisco
-CVE-2018-0193 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+CVE-2018-0193
 	NOT-FOR-US: Cisco
 CVE-2018-0192
 	RESERVED
 CVE-2018-0191
 	RESERVED
-CVE-2018-0190 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
+CVE-2018-0190
 	NOT-FOR-US: Cisco
-CVE-2018-0189 (A vulnerability in the Forwarding Information Base (FIB) code of Cisco ...)
+CVE-2018-0189
 	NOT-FOR-US: Cisco
-CVE-2018-0188 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
+CVE-2018-0188
 	NOT-FOR-US: Cisco
-CVE-2018-0187 (A vulnerability in the Admin portal of Cisco Identity Services Engine ...)
+CVE-2018-0187
 	NOT-FOR-US: Cisco
-CVE-2018-0186 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
+CVE-2018-0186
 	NOT-FOR-US: Cisco
-CVE-2018-0185 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+CVE-2018-0185
 	NOT-FOR-US: Cisco
-CVE-2018-0184 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
+CVE-2018-0184
 	NOT-FOR-US: Cisco
-CVE-2018-0183 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
+CVE-2018-0183
 	NOT-FOR-US: Cisco
-CVE-2018-0182 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+CVE-2018-0182
 	NOT-FOR-US: Cisco
-CVE-2018-0181 (A vulnerability in the Redis implementation used by the Cisco Policy ...)
+CVE-2018-0181
 	NOT-FOR-US: Cisco
-CVE-2018-0180 (Multiple vulnerabilities in the Login Enhancements (Login Block) ...)
+CVE-2018-0180
 	NOT-FOR-US: Cisco
-CVE-2018-0179 (Multiple vulnerabilities in the Login Enhancements (Login Block) ...)
+CVE-2018-0179
 	NOT-FOR-US: Cisco
 CVE-2018-0178
 	RESERVED
-CVE-2018-0177 (A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS ...)
+CVE-2018-0177
 	NOT-FOR-US: Cisco
-CVE-2018-0176 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+CVE-2018-0176
 	NOT-FOR-US: Cisco
-CVE-2018-0175 (Format String vulnerability in the Link Layer Discovery Protocol ...)
+CVE-2018-0175
 	NOT-FOR-US: Cisco
-CVE-2018-0174 (A vulnerability in the DHCP option 82 encapsulation functionality of ...)
+CVE-2018-0174
 	NOT-FOR-US: Cisco
-CVE-2018-0173 (A vulnerability in the Cisco IOS Software and Cisco IOS XE Software ...)
+CVE-2018-0173
 	NOT-FOR-US: Cisco
-CVE-2018-0172 (A vulnerability in the DHCP option 82 encapsulation functionality of ...)
+CVE-2018-0172
 	NOT-FOR-US: Cisco
-CVE-2018-0171 (A vulnerability in the Smart Install feature of Cisco IOS Software and ...)
+CVE-2018-0171
 	NOT-FOR-US: Cisco
-CVE-2018-0170 (A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS ...)
+CVE-2018-0170
 	NOT-FOR-US: Cisco
-CVE-2018-0169 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+CVE-2018-0169
 	NOT-FOR-US: Cisco
 CVE-2018-0168
 	RESERVED
-CVE-2018-0167 (Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery ...)
+CVE-2018-0167
 	NOT-FOR-US: Cisco
 CVE-2018-0166
 	RESERVED
-CVE-2018-0165 (A vulnerability in the Internet Group Management Protocol (IGMP) ...)
+CVE-2018-0165
 	NOT-FOR-US: Cisco
-CVE-2018-0164 (A vulnerability in the Switch Integrated Security Features of Cisco IOS ...)
+CVE-2018-0164
 	NOT-FOR-US: Cisco
-CVE-2018-0163 (A vulnerability in the 802.1x multiple-authentication (multi-auth) ...)
+CVE-2018-0163
 	NOT-FOR-US: Cisco
 CVE-2018-0162
 	RESERVED
-CVE-2018-0161 (A vulnerability in the Simple Network Management Protocol (SNMP) ...)
+CVE-2018-0161
 	NOT-FOR-US: Cisco
-CVE-2018-0160 (A vulnerability in Simple Network Management Protocol (SNMP) subsystem ...)
+CVE-2018-0160
 	NOT-FOR-US: Cisco
-CVE-2018-0159 (A vulnerability in the implementation of Internet Key Exchange Version ...)
+CVE-2018-0159
 	NOT-FOR-US: Cisco
-CVE-2018-0158 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module ...)
+CVE-2018-0158
 	NOT-FOR-US: Cisco
-CVE-2018-0157 (A vulnerability in the Zone-Based Firewall code of Cisco IOS XE ...)
+CVE-2018-0157
 	NOT-FOR-US: Cisco
-CVE-2018-0156 (A vulnerability in the Smart Install feature of Cisco IOS Software and ...)
+CVE-2018-0156
 	NOT-FOR-US: Cisco
-CVE-2018-0155 (A vulnerability in the Bidirectional Forwarding Detection (BFD) offload ...)
+CVE-2018-0155
 	NOT-FOR-US: Cisco
-CVE-2018-0154 (A vulnerability in the crypto engine of the Cisco Integrated Services ...)
+CVE-2018-0154
 	NOT-FOR-US: Cisco
 CVE-2018-0153
 	RESERVED
-CVE-2018-0152 (A vulnerability in the web-based user interface (web UI) of Cisco IOS ...)
+CVE-2018-0152
 	NOT-FOR-US: Cisco
-CVE-2018-0151 (A vulnerability in the quality of service (QoS) subsystem of Cisco IOS ...)
+CVE-2018-0151
 	NOT-FOR-US: Cisco
-CVE-2018-0150 (A vulnerability in Cisco IOS XE Software could allow an ...)
+CVE-2018-0150
 	NOT-FOR-US: Cisco
-CVE-2018-0149 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2018-0149
 	NOT-FOR-US: Cisco
-CVE-2018-0148 (A vulnerability in the web-based management interface of Cisco UCS ...)
+CVE-2018-0148
 	NOT-FOR-US: Cisco
-CVE-2018-0147 (A vulnerability in Java deserialization used by Cisco Secure Access ...)
+CVE-2018-0147
 	NOT-FOR-US: Cisco
-CVE-2018-0146 (A vulnerability in the Cisco Data Center Analytics Framework ...)
+CVE-2018-0146
 	NOT-FOR-US: Cisco
-CVE-2018-0145 (A vulnerability in the web-based management interface of the Cisco Data ...)
+CVE-2018-0145
 	NOT-FOR-US: Cisco
-CVE-2018-0144 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2018-0144
 	NOT-FOR-US: Cisco
 CVE-2018-0143
 	RESERVED
 CVE-2018-0142
 	RESERVED
-CVE-2018-0141 (A vulnerability in Cisco Prime Collaboration Provisioning (PCP) ...)
+CVE-2018-0141
 	NOT-FOR-US: Cisco
-CVE-2018-0140 (A vulnerability in the spam quarantine of Cisco Email Security ...)
+CVE-2018-0140
 	NOT-FOR-US: Cisco
-CVE-2018-0139 (A vulnerability in the Interactive Voice Response (IVR) management ...)
+CVE-2018-0139
 	NOT-FOR-US: Cisco
-CVE-2018-0138 (A vulnerability in the detection engine of Cisco Firepower System ...)
+CVE-2018-0138
 	NOT-FOR-US: Cisco
-CVE-2018-0137 (A vulnerability in the TCP throttling process of Cisco Prime Network ...)
+CVE-2018-0137
 	NOT-FOR-US: Cisco
-CVE-2018-0136 (A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release ...)
+CVE-2018-0136
 	NOT-FOR-US: Cisco
-CVE-2018-0135 (A vulnerability in Cisco Unified Communications Manager could allow an ...)
+CVE-2018-0135
 	NOT-FOR-US: Cisco
-CVE-2018-0134 (A vulnerability in the RADIUS authentication module of Cisco Policy ...)
+CVE-2018-0134
 	NOT-FOR-US: Cisco
 CVE-2018-0133
 	RESERVED
-CVE-2018-0132 (A vulnerability in the forwarding information base (FIB) code of Cisco ...)
+CVE-2018-0132
 	NOT-FOR-US: Cisco
-CVE-2018-0131 (A vulnerability in the implementation of RSA-encrypted nonces in Cisco ...)
+CVE-2018-0131
 	NOT-FOR-US: Cisco
-CVE-2018-0130 (A vulnerability in the use of JSON web tokens by the web-based service ...)
+CVE-2018-0130
 	NOT-FOR-US: Cisco
-CVE-2018-0129 (A vulnerability in the web-based management interface of Cisco Data ...)
+CVE-2018-0129
 	NOT-FOR-US: Cisco
-CVE-2018-0128 (A vulnerability in the web-based management interface of Cisco Data ...)
+CVE-2018-0128
 	NOT-FOR-US: Cisco
-CVE-2018-0127 (A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N ...)
+CVE-2018-0127
 	NOT-FOR-US: Cisco
 CVE-2018-0126
 	RESERVED
-CVE-2018-0125 (A vulnerability in the web interface of the Cisco RV132W ADSL2+ ...)
+CVE-2018-0125
 	NOT-FOR-US: Cisco
-CVE-2018-0124 (A vulnerability in Cisco Unified Communications Domain Manager could ...)
+CVE-2018-0124
 	NOT-FOR-US: Cisco
-CVE-2018-0123 (A Path Traversal vulnerability in the diagnostic shell for Cisco IOS ...)
+CVE-2018-0123
 	NOT-FOR-US: Cisco
-CVE-2018-0122 (A vulnerability in the CLI of the Cisco StarOS operating system for ...)
+CVE-2018-0122
 	NOT-FOR-US: Cisco
-CVE-2018-0121 (A vulnerability in the authentication functionality of the web-based ...)
+CVE-2018-0121
 	NOT-FOR-US: Cisco
-CVE-2018-0120 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2018-0120
 	NOT-FOR-US: Cisco
-CVE-2018-0119 (A vulnerability in certain authentication controls in the account ...)
+CVE-2018-0119
 	NOT-FOR-US: Cisco
-CVE-2018-0118 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2018-0118
 	NOT-FOR-US: Cisco
-CVE-2018-0117 (A vulnerability in the ingress packet processing functionality of the ...)
+CVE-2018-0117
 	NOT-FOR-US: Cisco
-CVE-2018-0116 (A vulnerability in the RADIUS authentication module of Cisco Policy ...)
+CVE-2018-0116
 	NOT-FOR-US: Cisco
-CVE-2018-0115 (A vulnerability in the CLI of the Cisco StarOS operating system for ...)
+CVE-2018-0115
 	NOT-FOR-US: Cisco
-CVE-2018-0114 (A vulnerability in the Cisco node-jose open source library before ...)
+CVE-2018-0114
 	NOT-FOR-US: Cisco node-jose
-CVE-2018-0113 (A vulnerability in an operations script of Cisco UCS Central could ...)
+CVE-2018-0113
 	NOT-FOR-US: Cisco
-CVE-2018-0112 (A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx ...)
+CVE-2018-0112
 	NOT-FOR-US: Cisco
-CVE-2018-0111 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2018-0111
 	NOT-FOR-US: Cisco
-CVE-2018-0110 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2018-0110
 	NOT-FOR-US: Cisco
-CVE-2018-0109 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2018-0109
 	NOT-FOR-US: Cisco
-CVE-2018-0108 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
+CVE-2018-0108
 	NOT-FOR-US: Cisco
-CVE-2018-0107 (A vulnerability in the web framework of Cisco Prime Service Catalog ...)
+CVE-2018-0107
 	NOT-FOR-US: Cisco
-CVE-2018-0106 (A vulnerability in the ConfD server of the Cisco Elastic Services ...)
+CVE-2018-0106
 	NOT-FOR-US: Cisco
-CVE-2018-0105 (A vulnerability in the web framework of Cisco Unified Communications ...)
+CVE-2018-0105
 	NOT-FOR-US: Cisco
-CVE-2018-0104 (A vulnerability in Cisco WebEx Network Recording Player for Advanced ...)
+CVE-2018-0104
 	NOT-FOR-US: Cisco
-CVE-2018-0103 (A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player ...)
+CVE-2018-0103
 	NOT-FOR-US: Cisco
-CVE-2018-0102 (A vulnerability in the Pong tool of Cisco NX-OS Software could allow an ...)
+CVE-2018-0102
 	NOT-FOR-US: Cisco
-CVE-2018-0101 (A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of ...)
+CVE-2018-0101
 	NOT-FOR-US: Cisco
-CVE-2018-0100 (A vulnerability in the Profile Editor of the Cisco AnyConnect Secure ...)
+CVE-2018-0100
 	NOT-FOR-US: Cisco
-CVE-2018-0099 (A vulnerability in the web management GUI of the Cisco D9800 Network ...)
+CVE-2018-0099
 	NOT-FOR-US: Cisco
-CVE-2018-0098 (A vulnerability in the web-based management interface of Cisco WAP150 ...)
+CVE-2018-0098
 	NOT-FOR-US: Cisco
-CVE-2018-0097 (A vulnerability in the web interface of Cisco Prime Infrastructure ...)
+CVE-2018-0097
 	NOT-FOR-US: Cisco
-CVE-2018-0096 (A vulnerability in the role-based access control (RBAC) functionality ...)
+CVE-2018-0096
 	NOT-FOR-US: Cisco
-CVE-2018-0095 (A vulnerability in the administrative shell of Cisco AsyncOS on Cisco ...)
+CVE-2018-0095
 	NOT-FOR-US: Cisco
-CVE-2018-0094 (A vulnerability in IPv6 ingress packet processing for Cisco UCS Central ...)
+CVE-2018-0094
 	NOT-FOR-US: Cisco
-CVE-2018-0093 (A vulnerability in the web-based management interface of Cisco Web ...)
+CVE-2018-0093
 	NOT-FOR-US: Cisco
-CVE-2018-0092 (A vulnerability in the network-operator user role implementation for ...)
+CVE-2018-0092
 	NOT-FOR-US: Cisco
-CVE-2018-0091 (A vulnerability in the web-based management interface of Cisco Identity ...)
+CVE-2018-0091
 	NOT-FOR-US: Cisco
-CVE-2018-0090 (A vulnerability in management interface access control list (ACL) ...)
+CVE-2018-0090
 	NOT-FOR-US: Cisco
-CVE-2018-0089 (A vulnerability in the Policy and Charging Rules Function (PCRF) of the ...)
+CVE-2018-0089
 	NOT-FOR-US: Cisco
-CVE-2018-0088 (A vulnerability in one of the diagnostic test CLI commands on Cisco ...)
+CVE-2018-0088
 	NOT-FOR-US: Cisco
-CVE-2018-0087 (A vulnerability in the FTP server of the Cisco Web Security Appliance ...)
+CVE-2018-0087
 	NOT-FOR-US: Cisco
-CVE-2018-0086 (A vulnerability in the application server of the Cisco Unified Customer ...)
+CVE-2018-0086
 	NOT-FOR-US: Cisco
 CVE-2018-0085
 	RESERVED
@@ -53588,133 +53578,133 @@ CVE-2018-0065
 	RESERVED
 CVE-2018-0064
 	RESERVED
-CVE-2018-0063 (A vulnerability in the IP next-hop index database in Junos OS 17.3R3 ...)
+CVE-2018-0063
 	NOT-FOR-US: Juniper
-CVE-2018-0062 (A Denial of Service vulnerability in J-Web service may allow a remote ...)
+CVE-2018-0062
 	NOT-FOR-US: Juniper
-CVE-2018-0061 (A denial of service vulnerability in the telnetd service on Junos OS ...)
+CVE-2018-0061
 	NOT-FOR-US: Juniper
-CVE-2018-0060 (An improper input validation weakness in the device control daemon ...)
+CVE-2018-0060
 	NOT-FOR-US: Juniper
-CVE-2018-0059 (A persistent cross-site scripting vulnerability in the graphical user ...)
+CVE-2018-0059
 	NOT-FOR-US: Juniper
-CVE-2018-0058 (Receipt of a specially crafted IPv6 exception packet may be able to ...)
+CVE-2018-0058
 	NOT-FOR-US: Juniper
-CVE-2018-0057 (On MX Series and M120/M320 platforms configured in a Broadband Edge ...)
+CVE-2018-0057
 	NOT-FOR-US: Juniper
-CVE-2018-0056 (If a duplicate MAC address is learned by two different interfaces on ...)
+CVE-2018-0056
 	NOT-FOR-US: Juniper
-CVE-2018-0055 (Receipt of a specially crafted DHCPv6 message destined to a Junos OS ...)
+CVE-2018-0055
 	NOT-FOR-US: Juniper
-CVE-2018-0054 (On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause ...)
+CVE-2018-0054
 	NOT-FOR-US: Juniper
-CVE-2018-0053 (An authentication bypass vulnerability in the initial boot sequence of ...)
+CVE-2018-0053
 	NOT-FOR-US: Juniper
-CVE-2018-0052 (If RSH service is enabled on Junos OS and if the PAM authentication is ...)
+CVE-2018-0052
 	NOT-FOR-US: Juniper
-CVE-2018-0051 (A Denial of Service vulnerability in the SIP application layer gateway ...)
+CVE-2018-0051
 	NOT-FOR-US: Juniper
-CVE-2018-0050 (An error handling vulnerability in Routing Protocols Daemon (RPD) of ...)
+CVE-2018-0050
 	NOT-FOR-US: Juniper
-CVE-2018-0049 (A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS ...)
+CVE-2018-0049
 	NOT-FOR-US: Juniper
-CVE-2018-0048 (A vulnerability in the Routing Protocols Daemon (RPD) with Juniper ...)
+CVE-2018-0048
 	NOT-FOR-US: Juniper
-CVE-2018-0047 (A persistent cross-site scripting vulnerability in the UI framework ...)
+CVE-2018-0047
 	NOT-FOR-US: Juniper
-CVE-2018-0046 (A reflected cross-site scripting vulnerability in OpenNMS included ...)
+CVE-2018-0046
 	NOT-FOR-US: Juniper
-CVE-2018-0045 (Receipt of a specific Draft-Rosen MVPN control packet may cause the ...)
+CVE-2018-0045
 	NOT-FOR-US: Juniper
-CVE-2018-0044 (An insecure SSHD configuration in Juniper Device Manager (JDM) and ...)
+CVE-2018-0044
 	NOT-FOR-US: Juniper
-CVE-2018-0043 (Receipt of a specific MPLS packet may cause the routing protocol ...)
+CVE-2018-0043
 	NOT-FOR-US: Juniper
-CVE-2018-0042 (Juniper Networks CSO versions prior to 4.0.0 may log passwords in log ...)
+CVE-2018-0042
 	NOT-FOR-US: Juniper Networks CSO
-CVE-2018-0041 (Juniper Networks Contrail Service Orchestration releases prior to ...)
+CVE-2018-0041
 	NOT-FOR-US: Juniper
-CVE-2018-0040 (Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 ...)
+CVE-2018-0040
 	NOT-FOR-US: Juniper
-CVE-2018-0039 (Juniper Networks Contrail Service Orchestration releases prior to ...)
+CVE-2018-0039
 	NOT-FOR-US: Juniper
-CVE-2018-0038 (Juniper Networks Contrail Service Orchestration releases prior to ...)
+CVE-2018-0038
 	NOT-FOR-US: Juniper
-CVE-2018-0037 (Junos OS routing protocol daemon (RPD) process may crash and restart ...)
+CVE-2018-0037
 	NOT-FOR-US: Junos OS
 CVE-2018-0036
 	RESERVED
-CVE-2018-0035 (QFX5200 and QFX10002 devices that have been shipped with Junos OS ...)
+CVE-2018-0035
 	NOT-FOR-US: Junos OS
-CVE-2018-0034 (A Denial of Service vulnerability exists in the Juniper Networks Junos ...)
+CVE-2018-0034
 	NOT-FOR-US: Juniper
 CVE-2018-0033
 	RESERVED
-CVE-2018-0032 (The receipt of a crafted BGP UPDATE can lead to a routing process ...)
+CVE-2018-0032
 	NOT-FOR-US: Juniper
-CVE-2018-0031 (Receipt of specially crafted UDP/IP packets over MPLS may be able to ...)
+CVE-2018-0031
 	NOT-FOR-US: Juniper
-CVE-2018-0030 (Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 ...)
+CVE-2018-0030
 	NOT-FOR-US: Juniper
-CVE-2018-0029 (While experiencing a broadcast storm, placing the fxp0 interface into ...)
+CVE-2018-0029
 	NOT-FOR-US: Juniper
 CVE-2018-0028
 	RESERVED
-CVE-2018-0027 (Receipt of a crafted or malformed RSVP PATH message may cause the ...)
+CVE-2018-0027
 	NOT-FOR-US: Juniper
-CVE-2018-0026 (After Junos OS device reboot or upgrade, the stateless firewall filter ...)
+CVE-2018-0026
 	NOT-FOR-US: Juniper
-CVE-2018-0025 (When an SRX Series device is configured to use HTTP/HTTPS pass-through ...)
+CVE-2018-0025
 	NOT-FOR-US: Juniper
-CVE-2018-0024 (An Improper Privilege Management vulnerability in a shell session of ...)
+CVE-2018-0024
 	NOT-FOR-US: Juniper
-CVE-2018-0023 (JSNAPy is an open source python version of Junos Snapshot ...)
+CVE-2018-0023
 	NOT-FOR-US: JSNAPy
-CVE-2018-0022 (A Junos device with VPLS routing-instances configured on one or more ...)
+CVE-2018-0022
 	NOT-FOR-US: Juniper
-CVE-2018-0021 (If all 64 digits of the connectivity association name (CKN) key or all ...)
+CVE-2018-0021
 	NOT-FOR-US: Juniper
-CVE-2018-0020 (Junos OS may be impacted by the receipt of a malformed BGP UPDATE ...)
+CVE-2018-0020
 	NOT-FOR-US: Juniper
-CVE-2018-0019 (A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may ...)
+CVE-2018-0019
 	NOT-FOR-US: Juniper
-CVE-2018-0018 (On SRX Series devices during compilation of IDP policies, an attacker ...)
+CVE-2018-0018
 	NOT-FOR-US: Juniper
-CVE-2018-0017 (A vulnerability in the Network Address Translation - Protocol ...)
+CVE-2018-0017
 	NOT-FOR-US: Juniper
-CVE-2018-0016 (Receipt of a specially crafted Connectionless Network Protocol (CLNP) ...)
+CVE-2018-0016
 	NOT-FOR-US: Juniper
-CVE-2018-0015 (A malicious user with unrestricted access to the AppFormix application ...)
+CVE-2018-0015
 	NOT-FOR-US: AppFormix
-CVE-2018-0014 (Juniper Networks ScreenOS devices do not pad Ethernet packets with ...)
+CVE-2018-0014
 	NOT-FOR-US: Juniper
-CVE-2018-0013 (A local file inclusion vulnerability in Juniper Networks Junos Space ...)
+CVE-2018-0013
 	NOT-FOR-US: Juniper
-CVE-2018-0012 (Junos Space is affected by a privilege escalation vulnerability that ...)
+CVE-2018-0012
 	NOT-FOR-US: Juniper
-CVE-2018-0011 (A reflected cross site scripting (XSS) vulnerability in Junos Space ...)
+CVE-2018-0011
 	NOT-FOR-US: Juniper
-CVE-2018-0010 (A vulnerability in the Juniper Networks Junos Space Security Director ...)
+CVE-2018-0010
 	NOT-FOR-US: Juniper
-CVE-2018-0009 (On Juniper Networks SRX series devices, firewall rules configured to ...)
+CVE-2018-0009
 	NOT-FOR-US: Juniper
-CVE-2018-0008 (An unauthenticated root login may allow upon reboot when a commit ...)
+CVE-2018-0008
 	NOT-FOR-US: Juniper
-CVE-2018-0007 (An unauthenticated network-based attacker able to send a maliciously ...)
+CVE-2018-0007
 	NOT-FOR-US: Juniper
-CVE-2018-0006 (A high rate of VLAN authentication attempts sent from an adjacent host ...)
+CVE-2018-0006
 	NOT-FOR-US: Juniper
-CVE-2018-0005 (QFX and EX Series switches configured to drop traffic when the MAC ...)
+CVE-2018-0005
 	NOT-FOR-US: Juniper
-CVE-2018-0004 (A sustained sequence of different types of normal transit traffic can ...)
+CVE-2018-0004
 	NOT-FOR-US: Juniper
-CVE-2018-0003 (A specially crafted MPLS packet received or processed by the system, ...)
+CVE-2018-0003
 	NOT-FOR-US: Juniper
-CVE-2018-0002 (On SRX Series and MX Series devices with a Service PIC with any ALG ...)
+CVE-2018-0002
 	NOT-FOR-US: Juniper
-CVE-2018-0001 (A remote, unauthenticated attacker may be able to execute code by ...)
+CVE-2018-0001
 	NOT-FOR-US: Juniper
-CVE-2018-1000156 (GNU Patch version 2.7.6 contains an input validation vulnerability ...)
+CVE-2018-1000156
 	{DLA-1348-1}
 	- patch 2.7.6-2 (bug #894993)
 	[stretch] - patch 2.7.5-1+deb9u1
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 12d77274e8..84ad6737d6 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,13 +1,45 @@
+CVE-2019-9863
+	RESERVED
+CVE-2019-9862
+	RESERVED
+CVE-2019-9861
+	RESERVED
+CVE-2019-9860
+	RESERVED
+CVE-2019-9859
+	RESERVED
+CVE-2019-9858
+	RESERVED
+CVE-2019-9856
+	RESERVED
+CVE-2019-9855
+	RESERVED
+CVE-2019-9854
+	RESERVED
+CVE-2019-9853
+	RESERVED
+CVE-2019-9852
+	RESERVED
+CVE-2019-9851
+	RESERVED
+CVE-2019-9850
+	RESERVED
+CVE-2019-9849
+	RESERVED
+CVE-2019-9848
+	RESERVED
+CVE-2019-9847
+	RESERVED
 CVE-2019-9857 [inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch()]
 	- linux <unfixed>
 	NOTE: https://patchwork.kernel.org/patch/10836283/
-CVE-2019-9846 (RockOA 1.8.7 allows remote attackers to obtain sensitive information ...)
+CVE-2019-9846
 	NOT-FOR-US: RockOA
 CVE-2019-9845
 	RESERVED
-CVE-2019-9844 (simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows ...)
+CVE-2019-9844
 	NOT-FOR-US: Khan Academy simple-markdown
-CVE-2019-9843 (In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and ...)
+CVE-2019-9843
 	NOT-FOR-US: DiffPlug Spotless
 CVE-2019-9842
 	RESERVED
@@ -19,25 +51,25 @@ CVE-2019-9839
 	RESERVED
 CVE-2019-9838
 	RESERVED
-CVE-2019-9837 (Doorkeeper::OpenidConnect (aka the OpenID Connect extension for ...)
+CVE-2019-9837
 	- ruby-doorkeeper-openid-connect <unfixed> (bug #924747)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/61
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/66
 CVE-2019-9836
 	RESERVED
-CVE-2019-9835 (The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set ...)
+CVE-2019-9835
 	NOT-FOR-US: Fujitsu Wireless Keyboard Set LX901 GK900 devices
-CVE-2019-9834 (The Netdata web application through 1.13.0 allows remote attackers to ...)
+CVE-2019-9834
 	NOT-FOR-US: Netdata web application
-CVE-2019-9833 (The Screen Stream application through 3.0.15 for Android allows remote ...)
+CVE-2019-9833
 	NOT-FOR-US: Screen Stream application for Android
-CVE-2019-9832 (The AirDrop application through 2.0 for Android allows remote attackers ...)
+CVE-2019-9832
 	NOT-FOR-US: AirDrop application for Android
-CVE-2019-9831 (The AirMore application through 1.6.1 for Android allows remote ...)
+CVE-2019-9831
 	NOT-FOR-US: AirMore application for Android
 CVE-2019-9830
 	RESERVED
-CVE-2019-9829 (Maccms 10 allows remote attackers to execute arbitrary PHP code by ...)
+CVE-2019-9829
 	NOT-FOR-US: Maccms
 CVE-2019-9828
 	RESERVED
@@ -45,7 +77,7 @@ CVE-2019-9827
 	RESERVED
 CVE-2019-9826
 	RESERVED
-CVE-2019-9825 (FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute ...)
+CVE-2019-9825
 	NOT-FOR-US: FeiFeiCMS
 CVE-2019-9824
 	RESERVED
@@ -127,7 +159,7 @@ CVE-2019-9788
 	RESERVED
 CVE-2019-9786
 	RESERVED
-CVE-2019-9785 (gitnote 3.1.0 allows remote attackers to execute arbitrary code via a ...)
+CVE-2019-9785
 	NOT-FOR-US: gitnote
 CVE-2019-9784
 	RESERVED
@@ -139,49 +171,49 @@ CVE-2019-9781
 	RESERVED
 CVE-2019-9780
 	RESERVED
-CVE-2019-9787 (WordPress before 5.1.1 does not properly filter comment content, ...)
+CVE-2019-9787
 	- wordpress 5.1.1+dfsg1-1 (bug #924546)
 	NOTE: https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
 	NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
-CVE-2019-9779 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9779
 	- libredwg <itp> (bug #595191)
-CVE-2019-9778 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9778
 	- libredwg <itp> (bug #595191)
-CVE-2019-9777 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9777
 	- libredwg <itp> (bug #595191)
-CVE-2019-9776 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9776
 	- libredwg <itp> (bug #595191)
-CVE-2019-9775 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an ...)
+CVE-2019-9775
 	- libredwg <itp> (bug #595191)
-CVE-2019-9774 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an ...)
+CVE-2019-9774
 	- libredwg <itp> (bug #595191)
-CVE-2019-9773 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9773
 	- libredwg <itp> (bug #595191)
-CVE-2019-9772 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9772
 	- libredwg <itp> (bug #595191)
-CVE-2019-9771 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9771
 	- libredwg <itp> (bug #595191)
-CVE-2019-9770 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
+CVE-2019-9770
 	- libredwg <itp> (bug #595191)
-CVE-2019-9769 (PilusCart 1.4.1 is vulnerable to index.php?module=users&amp;action=newUser ...)
+CVE-2019-9769
 	NOT-FOR-US: PilusCart
-CVE-2019-9768 (Thinkst Canarytokens through 2019-03-01 relies on limited variation in ...)
+CVE-2019-9768
 	NOT-FOR-US: Thinkst Canarytokens
-CVE-2019-9767 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
+CVE-2019-9767
 	NOT-FOR-US: Free MP3 CD Ripper
-CVE-2019-9766 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
+CVE-2019-9766
 	NOT-FOR-US: Free MP3 CD Ripper
-CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment reply in ...)
+CVE-2019-9765
 	NOT-FOR-US: Blog_mini
 CVE-2019-9764
 	RESERVED
 CVE-2019-9763
 	RESERVED
-CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in ...)
+CVE-2019-9762
 	NOT-FOR-US: PHPSHE
-CVE-2019-9761 (An XXE issue was discovered in PHPSHE 1.7, which can be used to read any ...)
+CVE-2019-9761
 	NOT-FOR-US: PHPSHE
-CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution when a ...)
+CVE-2019-9760
 	NOT-FOR-US: FTPGetter
 CVE-2019-9759
 	RESERVED
@@ -193,29 +225,29 @@ CVE-2019-9756
 	RESERVED
 CVE-2019-9755
 	RESERVED
-CVE-2019-9754 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
+CVE-2019-9754
 	TODO: check
 CVE-2019-9753
 	RESERVED
-CVE-2019-9752 (An issue was discovered in Open Ticket Request System (OTRS) 5.x before ...)
+CVE-2019-9752
 	- otrs2 6.0.16-1
 	NOTE: https://community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework/
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/341c4096222819a108feb02256aba878943bf810
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d4e3dfbaa054762b29df54705aa412685dd37e15
-CVE-2019-9751 (An issue was discovered in Open Ticket Request System (OTRS) 6.x before ...)
+CVE-2019-9751
 	- otrs2 6.0.17-1
 	[jessie] - otrs2 <not-affected> (Vulnerable code not present)
 	NOTE: https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/1afb2b995e59551b927c2105e234e8b87efcc37a
-CVE-2019-9750 (In IoTivity through 1.3.1, the CoAP server interface can be used for ...)
+CVE-2019-9750
 	- iotivity <itp> (bug #824155)
-CVE-2019-9749 (An issue was discovered in the MQTT input plugin in Fluent Bit through ...)
+CVE-2019-9749
 	NOT-FOR-US: Fluent Bit
-CVE-2019-9748 (In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted ...)
+CVE-2019-9748
 	TODO: check
-CVE-2019-9747 (In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS ...)
+CVE-2019-9747
 	TODO: check
-CVE-2019-9746 (In libwebm before 2019-03-08, a NULL pointer dereference caused by the ...)
+CVE-2019-9746
 	TODO: check
 CVE-2019-9745
 	RESERVED
@@ -223,9 +255,9 @@ CVE-2019-9744
 	RESERVED
 CVE-2019-9743
 	RESERVED
-CVE-2019-9742 (gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an ...)
+CVE-2019-9742
 	NOT-FOR-US: G Data Total Security
-CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection is ...)
+CVE-2019-9741
 	- golang-1.12 1.12-1
 	- golang-1.11 1.11.6-1 (bug #924630)
 	- golang-1.8 <removed>
@@ -234,7 +266,7 @@ CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection
 	NOTE: https://github.com/golang/go/issues/30794
 	NOTE: https://github.com/golang/go/commit/829c5df58694b3345cb5ea41206783c8ccf5c3ca#diff-b97af51863ce82bf2a13003b52034aa9
 	NOTE: https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9
-CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ...)
+CVE-2019-9740
 	- python3.7 <unfixed>
 	- python3.6 <unfixed>
 	- python3.5 <removed>
@@ -245,13 +277,13 @@ CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 a
 	NOTE: https://bugs.python.org/issue30458
 CVE-2019-9739
 	RESERVED
-CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '&lt;EMBED ...)
+CVE-2019-9738
 	NOT-FOR-US: jimmykuu Gopher
-CVE-2019-9737 (Editor.md 1.5.0 has DOM-based XSS via vectors involving the '&lt;EMBED ...)
+CVE-2019-9737
 	NOT-FOR-US: pandao Editor.md
-CVE-2019-9736 (DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors involving ...)
+CVE-2019-9736
 	NOT-FOR-US: 1024Tools Markdown
-CVE-2019-9735 (An issue was discovered in the iptables firewall module in OpenStack ...)
+CVE-2019-9735
 	- neutron 2:13.0.2-13 (bug #924508)
 	NOTE: https://launchpad.net/bugs/1818385
 CVE-2019-9734
@@ -264,7 +296,7 @@ CVE-2019-9731
 	RESERVED
 CVE-2019-9730
 	RESERVED
-CVE-2019-9729 (In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows ...)
+CVE-2019-9729
 	NOT-FOR-US: Shanda MapleStory Online
 CVE-2019-9728
 	RESERVED
@@ -272,7 +304,7 @@ CVE-2019-9727
 	RESERVED
 CVE-2019-9726
 	RESERVED
-CVE-2019-9725 (The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f ...)
+CVE-2019-9725
 	NOT-FOR-US: Korenix JetPort devices
 CVE-2019-9724
 	RESERVED
@@ -280,14 +312,14 @@ CVE-2019-9723
 	RESERVED
 CVE-2019-9722
 	RESERVED
-CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows ...)
+CVE-2019-9721
 	- ffmpeg <unfixed>
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65
 CVE-2019-9720
 	RESERVED
 CVE-2019-9719
 	RESERVED
-CVE-2019-9718 (In FFmpeg 4.1, a denial of service in the subtitle decoder allows ...)
+CVE-2019-9718
 	- ffmpeg <unfixed>
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982
 CVE-2019-9717
@@ -296,15 +328,15 @@ CVE-2019-9716
 	RESERVED
 CVE-2019-9715
 	RESERVED
-CVE-2019-9714 (An issue was discovered in Joomla! before 3.9.4. The media form field ...)
+CVE-2019-9714
 	NOT-FOR-US: Joomla!
-CVE-2019-9713 (An issue was discovered in Joomla! before 3.9.4. The sample data ...)
+CVE-2019-9713
 	NOT-FOR-US: Joomla!
-CVE-2019-9712 (An issue was discovered in Joomla! before 3.9.4. The JSON handler in ...)
+CVE-2019-9712
 	NOT-FOR-US: Joomla!
-CVE-2019-9711 (An issue was discovered in Joomla! before 3.9.4. The item_title layout ...)
+CVE-2019-9711
 	NOT-FOR-US: Joomla!
-CVE-2019-9710 (An issue was discovered in webargs before 5.1.3, as used with ...)
+CVE-2019-9710
 	NOT-FOR-US: webargs
 CVE-2019-9709
 	RESERVED
@@ -312,15 +344,15 @@ CVE-2019-9708
 	RESERVED
 CVE-2019-9707
 	RESERVED
-CVE-2019-9705 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
+CVE-2019-9705
 	- cron 3.0pl1-133 (low)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/26814a26
-CVE-2019-9706 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
+CVE-2019-9706
 	- cron 3.0pl1-133 (bug #809167)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/40791b93
-CVE-2019-9704 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
+CVE-2019-9704
 	- cron 3.0pl1-133 (low)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/f2525567
@@ -344,9 +376,9 @@ CVE-2019-9695
 	RESERVED
 CVE-2019-9694
 	RESERVED
-CVE-2019-9693 (In CMS Made Simple (CMSMS) before 2.2.10, an authenticated user can ...)
+CVE-2019-9693
 	NOT-FOR-US: CMS Made Simple
-CVE-2019-9692 (class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does ...)
+CVE-2019-9692
 	NOT-FOR-US: CMS Made Simple
 CVE-2019-9691
 	RESERVED
@@ -354,12 +386,12 @@ CVE-2019-9690
 	RESERVED
 CVE-2019-9689
 	RESERVED
-CVE-2019-9688 (sftnow through 2018-12-29 allows index.php?g=Admin&amp;m=User&amp;a=add_post ...)
+CVE-2019-9688
 	NOT-FOR-US: sftnow
-CVE-2019-9687 (PoDoFo 0.9.6 has a heap-based buffer overflow in ...)
+CVE-2019-9687
 	- libpodofo <unfixed> (bug #924430)
 	NOTE: https://sourceforge.net/p/podofo/code/1969
-CVE-2019-9686 (pacman before 5.1.3 allows directory traversal when installing a remote ...)
+CVE-2019-9686
 	NOT-FOR-US: pacman package manager for arch, different from src:pacman
 CVE-2019-9685
 	RESERVED
@@ -381,7 +413,7 @@ CVE-2019-9677
 	RESERVED
 CVE-2019-9676
 	RESERVED
-CVE-2019-9675 (** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and ...)
+CVE-2019-9675
 	{DSA-4403-1}
 	- php7.3 7.3.3-1 (unimportant)
 	- php7.0 <removed> (unimportant)
@@ -412,22 +444,22 @@ CVE-2019-9664
 	RESERVED
 CVE-2019-9663
 	RESERVED
-CVE-2019-9662 (An issue was discovered in JTBC(PHP) 3.0.1.8. Its cache management ...)
+CVE-2019-9662
 	NOT-FOR-US: JTBC(PHP)
-CVE-2019-9661 (Stored XSS exists in YzmCMS 5.2 via the ...)
+CVE-2019-9661
 	NOT-FOR-US: YzmCMS
-CVE-2019-9660 (Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html ...)
+CVE-2019-9660
 	NOT-FOR-US: YzmCMS
-CVE-2019-9659 (The Chuango 433 MHz burglar-alarm product line uses static codes in the ...)
+CVE-2019-9659
 	NOT-FOR-US: Chuango
-CVE-2019-9658 (Checkstyle before 8.18 loads external DTDs by default. ...)
+CVE-2019-9658
 	- checkstyle <unfixed> (bug #924598)
 	NOTE: https://github.com/checkstyle/checkstyle/issues/6474
 	NOTE: https://github.com/checkstyle/checkstyle/issues/6478
 	NOTE: https://github.com/checkstyle/checkstyle/pull/6476
 CVE-2019-9657
 	RESERVED
-CVE-2019-9656 (An issue was discovered in LibOFX 0.9.14. There is a NULL pointer ...)
+CVE-2019-9656
 	- libofx <unfixed> (bug #924350)
 	NOTE: https://github.com/libofx/libofx/issues/22
 CVE-2019-9655
@@ -436,11 +468,11 @@ CVE-2019-9654
 	RESERVED
 CVE-2019-9653
 	RESERVED
-CVE-2019-9652 (There is a CSRF in SDCMS V1.7 via an m=admin&amp;c=theme&amp;a=edit request. It ...)
+CVE-2019-9652
 	NOT-FOR-US: SDCMS
-CVE-2019-9651 (An issue was discovered in SDCMS V1.7. In the ...)
+CVE-2019-9651
 	NOT-FOR-US: SDCMS
-CVE-2019-9650 (An XSS issue was discovered in upcoming_events.php in the Upcoming ...)
+CVE-2019-9650
 	NOT-FOR-US: MyBB plugin
 CVE-2019-9649
 	RESERVED
@@ -450,9 +482,9 @@ CVE-2019-9647
 	RESERVED
 CVE-2019-9645
 	RESERVED
-CVE-2019-9646 (The Contact Form Email plugin before 1.2.66 for WordPress allows ...)
+CVE-2019-9646
 	NOT-FOR-US: WordPress plugin contact-form-to-email
-CVE-2019-9644 (An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before ...)
+CVE-2019-9644
 	- jupyter-notebook <unfixed> (bug #924515)
 	NOTE: https://github.com/jupyter/notebook/commit/cfc335b76466ccf1538ce545b654b29b5ab0097c
 	NOTE: https://github.com/jupyter/notebook/commit/b5105814fc41c6d789b317fa59f786bad7f9d798
@@ -461,7 +493,7 @@ CVE-2019-9643
 	RESERVED
 CVE-2019-9642
 	RESERVED
-CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: ...)
+CVE-2019-9636
 	- python3.7 3.7.3~rc1-1 (bug #924072)
 	- python3.6 <unfixed>
 	- python3.5 <removed>
@@ -474,75 +506,75 @@ CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
 	NOTE: https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5 (2.7.x)
 CVE-2019-9635
 	RESERVED
-CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists in ...)
+CVE-2019-1003039
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003038 (An insufficiently protected credentials vulnerability exists in ...)
+CVE-2019-1003038
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003037 (An information exposure vulnerability exists in Jenkins Azure VM ...)
+CVE-2019-1003037
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003036 (A data modification vulnerability exists in Jenkins Azure VM Agents ...)
+CVE-2019-1003036
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003035 (An information exposure vulnerability exists in Jenkins Azure VM ...)
+CVE-2019-1003035
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003034 (A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 ...)
+CVE-2019-1003034
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003033 (A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.1 and ...)
+CVE-2019-1003033
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003032 (A sandbox bypass vulnerability exists in Jenkins Email Extension ...)
+CVE-2019-1003032
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003031 (A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin ...)
+CVE-2019-1003031
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003030 (A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy ...)
+CVE-2019-1003030
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003029 (A sandbox bypass vulnerability exists in Jenkins Script Security ...)
+CVE-2019-1003029
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-9634 (Go through 1.12 on Windows misuses certain LoadLibrary functionality, ...)
+CVE-2019-9634
 	- golang-1.12 <not-affected> (Only affects Go on Windows)
 	- golang-1.11 <not-affected> (Only affects Go on Windows)
 	- golang-1.10 <not-affected> (Only affects Go on Windows)
-CVE-2019-9637 (An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and ...)
+CVE-2019-9637
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77630
-CVE-2019-9641 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+CVE-2019-9641
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77509
-CVE-2019-9640 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+CVE-2019-9640
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77540
-CVE-2019-9639 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+CVE-2019-9639
 	{DSA-4403-1}
 	- php7.3 7.3.3-1 (unimportant)
 	- php7.0 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77659
-CVE-2019-9638 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+CVE-2019-9638
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77563
-CVE-2019-9633 (gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent ...)
+CVE-2019-9633
 	[experimental] - glib2.0 2.59.2-1
 	- glib2.0 <unfixed> (bug #924344)
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1649
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/d553d92d6e9f53cbe5a34166fcb919ba652c6a8e (2.59.2)
-CVE-2019-9632 (ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via ...)
+CVE-2019-9632
 	NOT-FOR-US: ESAFENET CDG
-CVE-2019-9631 (Poppler 0.74.0 has a heap-based buffer over-read in the ...)
+CVE-2019-9631
 	- poppler <unfixed>
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/736
 	TODO: check details
@@ -557,22 +589,22 @@ CVE-2019-9628 [XML parser class fails to trap exceptions on malformed XML declar
 	NOTE: https://shibboleth.net/community/advisories/secadv_20190311.txt
 	NOTE: https://issues.shibboleth.net/jira/browse/CPPXT-143
 	NOTE: https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commit;h=af27c422f551e16989ff6f1722d83614c8550eb5
-CVE-2019-9627 (A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk ...)
+CVE-2019-9627
 	NOT-FOR-US: CyberArk Endpoint Privilege Manager
-CVE-2019-9626 (PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to ...)
+CVE-2019-9626
 	NOT-FOR-US: PHPSHE
-CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to ...)
+CVE-2019-9625
 	NOT-FOR-US: JBMC DirectAdmin
 CVE-2019-XXXX [high memory usage with some long running sessions]
 	- proftpd-dfsg 1.3.5d-1 (bug #923926)
 	[stretch] - proftpd-dfsg <no-dsa> (Minor issue)
 	NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713
 	NOTE: https://forum.armbian.com/topic/9692-nanopi-neo-2-memory-leak-in-proftpd-even-worse-if-ssl-encrypted/?do=findComment&comment=73069
-CVE-2019-9624 (Webmin 1.900 allows remote attackers to execute arbitrary code by ...)
+CVE-2019-9624
 	- webmin <removed>
-CVE-2019-9623 (Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code ...)
+CVE-2019-9623
 	NOT-FOR-US: Feng Office
-CVE-2019-9622 (eBrigade through 4.5 allows Arbitrary File Download via ../ directory ...)
+CVE-2019-9622
 	NOT-FOR-US: eBrigade
 CVE-2019-9621
 	RESERVED
@@ -582,67 +614,67 @@ CVE-2019-9619
 	RESERVED
 CVE-2019-9618
 	RESERVED
-CVE-2019-9617 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+CVE-2019-9617
 	NOT-FOR-US: OFCMS
-CVE-2019-9616 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+CVE-2019-9616
 	NOT-FOR-US: OFCMS
-CVE-2019-9615 (An issue was discovered in OFCMS before 1.1.3. It allows ...)
+CVE-2019-9615
 	NOT-FOR-US: OFCMS
-CVE-2019-9614 (An issue was discovered in OFCMS before 1.1.3. A command execution ...)
+CVE-2019-9614
 	NOT-FOR-US: OFCMS
-CVE-2019-9613 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+CVE-2019-9613
 	NOT-FOR-US: OFCMS
-CVE-2019-9612 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+CVE-2019-9612
 	NOT-FOR-US: OFCMS
-CVE-2019-9611 (An issue was discovered in OFCMS before 1.1.3. It allows ...)
+CVE-2019-9611
 	NOT-FOR-US: OFCMS
-CVE-2019-9610 (An issue was discovered in OFCMS before 1.1.3. It has ...)
+CVE-2019-9610
 	NOT-FOR-US: OFCMS
-CVE-2019-9609 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+CVE-2019-9609
 	NOT-FOR-US: OFCMS
-CVE-2019-9608 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+CVE-2019-9608
 	NOT-FOR-US: OFCMS
-CVE-2019-9607 (PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by ...)
+CVE-2019-9607
 	NOT-FOR-US: PHP Scripts Mall Medical Store Script
-CVE-2019-9606 (PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS ...)
+CVE-2019-9606
 	NOT-FOR-US: PHP Scripts Mall Personal Video Collection Script
 CVE-2019-9605
 	RESERVED
 CVE-2019-9604
 	RESERVED
-CVE-2019-9603 (MiniCMS 1.10 allows mc-admin/post.php?state=publish&amp;delete= CSRF to ...)
+CVE-2019-9603
 	NOT-FOR-US: MiniCMS
 CVE-2019-9602
 	RESERVED
-CVE-2019-9601 (The ApowerManager application through 3.1.7 for Android allows remote ...)
+CVE-2019-9601
 	NOT-FOR-US: ApowerManager application for Android
-CVE-2019-9600 (The Olive Tree FTP Server (aka com.theolivetree.ftpserver) application ...)
+CVE-2019-9600
 	NOT-FOR-US: Olive Tree FTP Server application for Android
-CVE-2019-9599 (The AirDroid application through 4.2.1.6 for Android allows remote ...)
+CVE-2019-9599
 	NOT-FOR-US: AirDroid application for Android
-CVE-2019-9598 (An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF ...)
+CVE-2019-9598
 	NOT-FOR-US: Cscms
 CVE-2019-9597
 	RESERVED
 CVE-2019-9596
 	RESERVED
-CVE-2019-9595 (AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter. ...)
+CVE-2019-9595
 	NOT-FOR-US: AppCMS
-CVE-2019-9594 (BlueCMS 1.6 allows SQL Injection via the user_id parameter in an ...)
+CVE-2019-9594
 	NOT-FOR-US: BlueCMS
-CVE-2019-9593 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel ...)
+CVE-2019-9593
 	NOT-FOR-US: ShoreTel Connect
-CVE-2019-9592 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel ...)
+CVE-2019-9592
 	NOT-FOR-US: ShoreTel Connect
-CVE-2019-9591 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel ...)
+CVE-2019-9591
 	NOT-FOR-US: ShoreTel Connect
-CVE-2019-9590 (An issue was discovered on TENGCONTROL T-920 PLC v5.5 devices. It ...)
+CVE-2019-9590
 	NOT-FOR-US: TENGCONTROL devices
-CVE-2019-9589 (There is a NULL pointer dereference vulnerability in ...)
+CVE-2019-9589
 	TODO: check
-CVE-2019-9588 (There is an Invalid memory access in gAtomicIncrement() located at ...)
+CVE-2019-9588
 	TODO: check
-CVE-2019-9587 (There is a stack consumption issue in md5Round1() located in Decrypt.cc ...)
+CVE-2019-9587
 	TODO: check
 CVE-2019-9586
 	RESERVED
@@ -654,13 +686,13 @@ CVE-2019-9583
 	RESERVED
 CVE-2019-9582
 	RESERVED
-CVE-2019-9581 (phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via ...)
+CVE-2019-9581
 	NOT-FOR-US: phpscheduleit Booked Scheduler
-CVE-2019-9580 (In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, ...)
+CVE-2019-9580
 	NOT-FOR-US: StackStorm
 CVE-2019-9579
 	RESERVED
-CVE-2019-9578 (In devs.c in Yubico libu2f-host before 1.1.8, the response to init is ...)
+CVE-2019-9578
 	- libu2f-host 1.1.9-1 (bug #923874)
 	NOTE: https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5
 CVE-2019-9577
@@ -692,33 +724,33 @@ CVE-2019-XXXX [xen: race with pass-through device hotplug]
 CVE-2019-XXXX [xen: grant table transfer issues on large hosts]
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-284.html
-CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows ...)
+CVE-2019-9576
 	NOT-FOR-US: WordPress plugin blog2social
-CVE-2019-9575 (The Quiz And Survey Master plugin 6.0.4 for WordPress allows ...)
+CVE-2019-9575
 	NOT-FOR-US: WordPress plugin quiz-master-next
-CVE-2019-9574 (The WP Human Resource Management plugin before 2.2.6 for WordPress does ...)
+CVE-2019-9574
 	NOT-FOR-US: WordPress plugin hrm
-CVE-2019-9573 (The WP Human Resource Management plugin before 2.2.6 for WordPress ...)
+CVE-2019-9573
 	NOT-FOR-US: WordPress plugin hrm
-CVE-2019-9572 (SchoolCMS version 2.3.1 allows file upload via the theme upload feature ...)
+CVE-2019-9572
 	NOT-FOR-US: SchoolCMS
 CVE-2019-9571
 	RESERVED
-CVE-2019-9570 (An issue was discovered in YzmCMS 5.2.0. It has XSS via the bottom text ...)
+CVE-2019-9570
 	NOT-FOR-US: YzmCMS
 CVE-2019-9569
 	RESERVED
-CVE-2019-9568 (The &quot;Forminator Contact Form, Poll &amp; Quiz Builder&quot; plugin before 1.6 ...)
+CVE-2019-9568
 	NOT-FOR-US: WordPress plugin forminator
-CVE-2019-9567 (The &quot;Forminator Contact Form, Poll &amp; Quiz Builder&quot; plugin before 1.6 ...)
+CVE-2019-9567
 	NOT-FOR-US: WordPress plugin forminator
-CVE-2019-9566 (FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request. ...)
+CVE-2019-9566
 	NOT-FOR-US: FlarumChina
-CVE-2019-9565 (Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 ...)
+CVE-2019-9565
 	NOT-FOR-US: Druide Antidote
 CVE-2019-9564
 	RESERVED
-CVE-2019-9563 (In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the ...)
+CVE-2019-9563
 	NOT-FOR-US: BlueMind
 CVE-2019-9562
 	RESERVED
@@ -728,25 +760,25 @@ CVE-2019-9560
 	RESERVED
 CVE-2019-9559
 	RESERVED
-CVE-2019-9558 (Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site ...)
+CVE-2019-9558
 	NOT-FOR-US: Mailtraq WebMail
-CVE-2019-9557 (Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) ...)
+CVE-2019-9557
 	NOT-FOR-US: Ability Mail Server
 CVE-2019-9556
 	RESERVED
-CVE-2019-9555 (Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, ...)
+CVE-2019-9555
 	NOT-FOR-US: Sagemcom routers
 CVE-2019-9554
 	RESERVED
 CVE-2019-9553
 	RESERVED
-CVE-2019-9552 (Eloan V3.0 through 2018-09-20 allows remote attackers to list files via ...)
+CVE-2019-9552
 	NOT-FOR-US: Eloan
-CVE-2019-9551 (An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06. ...)
+CVE-2019-9551
 	NOT-FOR-US: doyocms
-CVE-2019-9550 (DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. ...)
+CVE-2019-9550
 	NOT-FOR-US: DhCms
-CVE-2019-9549 (An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the ...)
+CVE-2019-9549
 	NOT-FOR-US: PopojiCMS
 CVE-2019-XXXX [insecure use of /tmp]
 	- bubblewrap 0.3.1-3 (unimportant; bug #923557)
@@ -758,16 +790,16 @@ CVE-2019-1002100 [kube-apiserver: DoS with crafted patch of type json-patch]
 	NOTE: https://github.com/kubernetes/kubernetes/pull/74000
 CVE-2019-9548
 	RESERVED
-CVE-2019-9547 (In Storage Performance Development Kit (SPDK) before 19.01, a malicious ...)
+CVE-2019-9547
 	NOT-FOR-US: Storage Performance Development Kit (SPDK)
-CVE-2019-9546 (SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege ...)
+CVE-2019-9546
 	NOT-FOR-US: SolarWinds Orion Platform
-CVE-2019-9545 (An issue was discovered in Poppler 0.74.0. A recursive function call, ...)
+CVE-2019-9545
 	- poppler <unfixed> (bug #923552)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/731
-CVE-2019-9544 (An issue was discovered in Bento4 1.5.1-628. An out of bounds write ...)
+CVE-2019-9544
 	NOT-FOR-US: Bento4
-CVE-2019-9543 (An issue was discovered in Poppler 0.74.0. A recursive function call, ...)
+CVE-2019-9543
 	- poppler <unfixed> (bug #923553)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/730
 CVE-2019-9542
@@ -889,11 +921,11 @@ CVE-2019-9485 [Privilege escalation impersonate user]
 	[experimental] - gitlab 11.8.2-1
 	- gitlab 11.8.2-2 (bug #924447)
 	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
-CVE-2019-9484 (The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb ...)
+CVE-2019-9484
 	NOT-FOR-US: Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool
-CVE-2019-9483 (Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows ...)
+CVE-2019-9483
 	NOT-FOR-US: Amazon Ring Doorbell
-CVE-2019-9482 (In MISP 2.4.102, an authenticated user can view sightings that they ...)
+CVE-2019-9482
 	NOT-FOR-US: MISP
 CVE-2019-9481
 	RESERVED
@@ -1403,9 +1435,9 @@ CVE-2019-9229
 	RESERVED
 CVE-2019-9228
 	RESERVED
-CVE-2019-9227 (An issue was discovered in baigo CMS 2.1.1. There is a vulnerability ...)
+CVE-2019-9227
 	NOT-FOR-US: baigo CMS
-CVE-2019-9226 (An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS ...)
+CVE-2019-9226
 	NOT-FOR-US: baigo CMS
 CVE-2019-9225 [Issue board name disclosure]
 	RESERVED
@@ -1451,39 +1483,39 @@ CVE-2019-9217 [NPM automatic package referencer]
 	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
 CVE-2019-9216
 	RESERVED
-CVE-2019-9215 (In Live555 before 2019.02.27, malformed headers lead to invalid memory ...)
-	{DSA-4408-1}
+CVE-2019-9215
+	{DSA-4408-1 DLA-1720-1}
 	[experimental] - liblivemedia 2019.02.27-1
 	- liblivemedia <unfixed> (bug #924655)
 	NOTE: Reporter advisory and analysis: https://tools.cisco.com/security/center/viewAlert.x?alertId=59708
-CVE-2019-9214 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector ...)
+CVE-2019-9214
 	- wireshark 2.6.7-1 (bug #923611)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c557bb0910be271e49563756411a690a1bc53ce5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-08.html
-CVE-2019-9213 (In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks ...)
+CVE-2019-9213
 	- linux 4.19.28-1
 	NOTE: Fixed by: https://git.kernel.org/linus/0a1d52994d440e21def1c2174932410b4f2a98a1 (5.0)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1792
-CVE-2019-9212 (SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary ...)
+CVE-2019-9212
 	NOT-FOR-US: SOFA-Hessian
-CVE-2019-9211 (There is a reachable assertion abort in the function ...)
+CVE-2019-9211
 	- pspp <unfixed> (unimportant; bug #923417)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683499
 	NOTE: Crash in CLI tool, no security impact
-CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer ...)
+CVE-2019-9210
 	{DLA-1702-1}
 	- advancecomp 2.1-2 (low; bug #923416)
 	[stretch] - advancecomp <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/advancemame/bugs/277/
 	NOTE: Fixed by https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02
-CVE-2019-9209 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and ...)
+CVE-2019-9209
 	- wireshark 2.6.7-1 (bug #923611)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f8fbe9f934d65b2694fa74622e5eb2e1dc8cd20b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-06.html
-CVE-2019-9208 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector ...)
+CVE-2019-9208
 	- wireshark 2.6.7-1 (bug #923611)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464
@@ -1501,14 +1533,14 @@ CVE-2019-9203
 	RESERVED
 CVE-2019-9202
 	RESERVED
-CVE-2019-9201 (Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ...)
+CVE-2019-9201
 	NOT-FOR-US: Phoenix Contact ILC
-CVE-2019-9200 (A heap-based buffer underwrite exists in ImageStream::getLine() located ...)
+CVE-2019-9200
 	{DLA-1706-1}
 	- poppler <unfixed> (bug #923414)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/728
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/f4136a6353162db249f63ddb0f20611622ab61b4
-CVE-2019-9199 (PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in ...)
+CVE-2019-9199
 	- libpodofo <unfixed> (low; bug #923469)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -1519,13 +1551,13 @@ CVE-2019-9197
 	RESERVED
 CVE-2019-9196
 	RESERVED
-CVE-2019-9195 (util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An ...)
+CVE-2019-9195
 	NOT-FOR-US: Grin
-CVE-2019-9194 (elFinder before 2.1.48 has a command injection vulnerability in the PHP ...)
+CVE-2019-9194
 	NOT-FOR-US: elFinder
 CVE-2019-9193
 	RESERVED
-CVE-2019-9191 (The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) ...)
+CVE-2019-9191
 	NOT-FOR-US: ETSI protocol
 CVE-2019-9190
 	RESERVED
@@ -1535,7 +1567,7 @@ CVE-2019-9188
 	RESERVED
 CVE-2019-9187 [Server-side request forgery via aggregate plugin]
 	RESERVED
-	{DSA-4399-1}
+	{DSA-4399-1 DLA-1716-1}
 	- ikiwiki 3.20190228-1
 	NOTE: https://ikiwiki.info/security/#cve-2019-9187
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/28/1
@@ -1545,15 +1577,15 @@ CVE-2019-9187 [Server-side request forgery via aggregate plugin]
 	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=9a275b2
 CVE-2019-9186
 	RESERVED
-CVE-2019-9185 (Controller/Async/FilesystemManager.php in the filemanager in Bolt ...)
+CVE-2019-9185
 	NOT-FOR-US: Bolt CMS
-CVE-2019-9184 (SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for ...)
+CVE-2019-9184
 	NOT-FOR-US: J2Store plugin for Joomla!
 CVE-2019-9183
 	RESERVED
-CVE-2019-9182 (There is a CSRF in ZZZCMS zzzphp V1.6.1 via a ...)
+CVE-2019-9182
 	NOT-FOR-US: ZZZCMS
-CVE-2019-9181 (SchoolCMS version 2.3.1 allows file upload via the logo upload feature ...)
+CVE-2019-9181
 	NOT-FOR-US: SchoolCMS
 CVE-2019-9180
 	RESERVED
@@ -1601,7 +1633,7 @@ CVE-2019-9170 [IDOR milestone name information disclosure]
 	[experimental] - gitlab 11.8.2-1
 	- gitlab 11.8.2-2 (bug #924447)
 	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
-CVE-2019-9169 (In the GNU C Library (aka glibc or libc6) through 2.29, ...)
+CVE-2019-9169
 	- glibc <unfixed> (bug #924612)
 	[stretch] - glibc <no-dsa> (Minor issue)
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -1610,7 +1642,7 @@ CVE-2019-9169 (In the GNU C Library (aka glibc or libc6) through 2.29, ...)
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9
-CVE-2019-9168 (WooCommerce before 3.5.5 allows XSS via a Photoswipe caption. ...)
+CVE-2019-9168
 	NOT-FOR-US: WooCommerce
 CVE-2019-9167
 	RESERVED
@@ -1634,11 +1666,11 @@ CVE-2019-9157
 	RESERVED
 CVE-2019-9156
 	RESERVED
-CVE-2019-9192 (** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, ...)
+CVE-2019-9192
 	- glibc <unfixed> (unimportant)
 	- eglibc <removed> (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24269
-CVE-2019-9162 (In the Linux kernel before 4.20.12, ...)
+CVE-2019-9162
 	- linux 4.19.28-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -1650,10 +1682,10 @@ CVE-2019-9154
 	RESERVED
 CVE-2019-9153
 	RESERVED
-CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...)
+CVE-2019-9152
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul8
-CVE-2019-9151 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...)
+CVE-2019-9151
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul7
 CVE-2019-9150
@@ -1664,19 +1696,19 @@ CVE-2019-9148
 	RESERVED
 CVE-2019-9147
 	RESERVED
-CVE-2019-9146 (Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a ...)
+CVE-2019-9146
 	NOT-FOR-US: Jamf Self Service
-CVE-2019-9145 (An issue was discovered in Hsycms V1.1. There is an XSS vulnerability ...)
+CVE-2019-9145
 	NOT-FOR-US: Hsycms
-CVE-2019-9144 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...)
+CVE-2019-9144
 	[experimental] - exiv2 <unfixed> (low; bug #923473)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/712
-CVE-2019-9143 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...)
+CVE-2019-9143
 	[experimental] - exiv2 <unfixed> (low; bug #923472)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/711
-CVE-2019-9142 (An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS ...)
+CVE-2019-9142
 	NOT-FOR-US: b3log Symphony (aka Sym)
 CVE-2019-9141
 	RESERVED
@@ -1708,47 +1740,47 @@ CVE-2019-9128
 	RESERVED
 CVE-2019-9127
 	RESERVED
-CVE-2019-9126 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is ...)
+CVE-2019-9126
 	NOT-FOR-US: D-Link
-CVE-2019-9125 (An issue was discovered on D-Link DIR-878 1.12B01 devices. Because ...)
+CVE-2019-9125
 	NOT-FOR-US: D-Link
-CVE-2019-9124 (An issue was discovered on D-Link DIR-878 1.12B01 devices. At the ...)
+CVE-2019-9124
 	NOT-FOR-US: D-Link
-CVE-2019-9123 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The ...)
+CVE-2019-9123
 	NOT-FOR-US: D-Link
-CVE-2019-9122 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They ...)
+CVE-2019-9122
 	NOT-FOR-US: D-Link
-CVE-2019-9121 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
+CVE-2019-9121
 	NOT-FOR-US: Motorola
-CVE-2019-9120 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
+CVE-2019-9120
 	NOT-FOR-US: Motorola
-CVE-2019-9119 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
+CVE-2019-9119
 	NOT-FOR-US: Motorola
-CVE-2019-9118 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
+CVE-2019-9118
 	NOT-FOR-US: Motorola
-CVE-2019-9117 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
+CVE-2019-9117
 	NOT-FOR-US: Motorola
-CVE-2019-9116 (** DISPUTED ** DLL hijacking is possible in Sublime Text 3 version ...)
+CVE-2019-9116
 	NOT-FOR-US: Sublime Text Windows build
-CVE-2019-9115 (In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file ...)
+CVE-2019-9115
 	NOT-FOR-US: IRISnet
-CVE-2019-9114 (Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in ...)
+CVE-2019-9114
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/170
-CVE-2019-9113 (Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function ...)
+CVE-2019-9113
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/171
-CVE-2019-9112 (The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss ...)
+CVE-2019-9112
 	NOT-FOR-US: Xiaomi-specific driver not in the mainline msm driver
-CVE-2019-9111 (The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss ...)
+CVE-2019-9111
 	NOT-FOR-US: Xiaomi-specific driver not in the mainline msm driver
-CVE-2019-9110 (XSS exists in WUZHI CMS 4.1.0 via ...)
+CVE-2019-9110
 	NOT-FOR-US: WUZHI CMS
-CVE-2019-9109 (XSS exists in WUZHI CMS 4.1.0 via ...)
+CVE-2019-9109
 	NOT-FOR-US: WUZHI CMS
-CVE-2019-9108 (XSS exists in WUZHI CMS 4.1.0 via ...)
+CVE-2019-9108
 	NOT-FOR-US: WUZHI CMS
-CVE-2019-9107 (XSS exists in WUZHI CMS 4.1.0 via ...)
+CVE-2019-9107
 	NOT-FOR-US: WUZHI CMS
 CVE-2019-9106
 	RESERVED
@@ -1801,60 +1833,60 @@ CVE-2019-9084
 	RESERVED
 	- hoteldruid 2.3.2-1
 CVE-2019-9083
-	RESERVED
-CVE-2019-9082 (ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other ...)
+	TODO: check
+CVE-2019-9082
 	NOT-FOR-US: ThinkPHP
-CVE-2019-9081 (The Illuminate component of Laravel Framework 5.7.x has a ...)
+CVE-2019-9081
 	NOT-FOR-US: Laravel Framework
 CVE-2019-9080
 	RESERVED
 CVE-2019-9079
 	RESERVED
-CVE-2019-9078 (zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter ...)
+CVE-2019-9078
 	NOT-FOR-US: zzcms
-CVE-2019-9077 (An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer ...)
+CVE-2019-9077
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24243
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7fc0c668f2aceb8582d74db1ad2528e2bba8a921
-CVE-2019-9076 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2019-9076
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24238
-CVE-2019-9075 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2019-9075
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24236
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8abac8031ed369a2734b1cdb7df28a39a54b4b49
-CVE-2019-9074 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2019-9074
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24235
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=179f2db0d9c397d7dd8a59907b84208b79f7f48c
-CVE-2019-9073 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2019-9073
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24233
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7d272a55caebfc26ab2e15d1e9439bac978b9bb7
-CVE-2019-9072 (An issue was discovered in the Binary File Descriptor (BFD) library ...)
+CVE-2019-9072
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89396
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24232
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24237
-CVE-2019-9071 (An issue was discovered in GNU libiberty, as distributed in GNU ...)
+CVE-2019-9071
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24227
-CVE-2019-9070 (An issue was discovered in GNU libiberty, as distributed in GNU ...)
+CVE-2019-9070
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -1866,15 +1898,15 @@ CVE-2019-9068
 	RESERVED
 CVE-2019-9067
 	RESERVED
-CVE-2019-9066 (PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML ...)
+CVE-2019-9066
 	NOT-FOR-US: PHP Scripts Mall PHP Appointment Booking Script
-CVE-2019-9065 (PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter ...)
+CVE-2019-9065
 	NOT-FOR-US: PHP Scripts Mall Custom T-Shirt Ecommerce Script
-CVE-2019-9064 (PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal ...)
+CVE-2019-9064
 	NOT-FOR-US: PHP Scripts Mall Cab Booking Script
-CVE-2019-9063 (PHP Scripts Mall Auction website script 2.0.4 allows parameter ...)
+CVE-2019-9063
 	NOT-FOR-US: PHP Scripts Mall Auction website script
-CVE-2019-9062 (PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request ...)
+CVE-2019-9062
 	NOT-FOR-US: PHP Scripts Mall Online Food Ordering Script
 CVE-2019-9061
 	RESERVED
@@ -1894,17 +1926,17 @@ CVE-2019-9054
 	RESERVED
 CVE-2019-9053
 	RESERVED
-CVE-2019-9052 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF ...)
+CVE-2019-9052
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9051 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF ...)
+CVE-2019-9051
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9050 (An issue was discovered in Pluck 4.7.9-dev1. It allows administrators ...)
+CVE-2019-9050
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9049 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF ...)
+CVE-2019-9049
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9048 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF ...)
+CVE-2019-9048
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9047 (GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter ...)
+CVE-2019-9047
 	NOT-FOR-US: GoRose
 CVE-2019-9046
 	RESERVED
@@ -1914,88 +1946,88 @@ CVE-2019-9044
 	RESERVED
 CVE-2019-9043
 	RESERVED
-CVE-2019-9042 (An issue was discovered in Sitemagic CMS v4.4. In the ...)
+CVE-2019-9042
 	NOT-FOR-US: Sitemagic CMS
-CVE-2019-9041 (An issue was discovered in ZZZCMS zzzphp V1.6.1. In the ...)
+CVE-2019-9041
 	NOT-FOR-US: ZZZCMS
-CVE-2019-9040 (S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the ...)
+CVE-2019-9040
 	NOT-FOR-US: S-CMS
 CVE-2019-9039
 	RESERVED
-CVE-2019-9038 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9038
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9037 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9037
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9036 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9036
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 	NOTE: Not completely fixed with the initial two commits, cf.
 	NOTE: https://github.com/tbeu/matio/issues/103#issuecomment-472020538 ff
-CVE-2019-9035 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9035
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9034 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9034
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9033 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9033
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9032 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9032
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9031 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9031
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9030 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9030
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9029 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9029
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9028 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9028
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9027 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9027
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9026 (An issue was discovered in libmatio.a in matio (aka MAT File I/O ...)
+CVE-2019-9026
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9019 (The British Airways Entertainment System, as installed on Boeing ...)
+CVE-2019-9019
 	NOT-FOR-US: British Airways Entertainment System
-CVE-2019-9025 (An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte ...)
+CVE-2019-9025
 	- php7.3 7.3.1-1
 	NOTE: Fixed in 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77367
-CVE-2019-9024 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
+CVE-2019-9024
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2003,7 +2035,7 @@ CVE-2019-9024 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26,
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77380
 	NOTE: https://github.com/php/php-src/commit/4feb9e66ff9636ad44bc23a91b7ebd37d83ddf1d (7.1)
-CVE-2019-9023 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
+CVE-2019-9023
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2020,7 +2052,7 @@ CVE-2019-9023 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26,
 	NOTE: https://github.com/php/php-src/commit/31f59e1f3074ab344b473dde6077a6844ca87264 (7.1)
 	NOTE: https://github.com/php/php-src/commit/28362ed4fae6969b5a8878591a5a06eadf114e03 (7.1)
 	NOTE: https://github.com/php/php-src/commit/9d6c59eeea88a3e9d7039cb4fed5126ef704593a (7.1)
-CVE-2019-9022 (An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, ...)
+CVE-2019-9022
 	{DSA-4398-1}
 	- php7.3 7.3.2-1
 	- php7.0 <removed>
@@ -2028,7 +2060,7 @@ CVE-2019-9022 (An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.
 	NOTE: Fixed in 7.1.26, 7.2.14, 7.3.2
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77369
 	NOTE: https://github.com/php/php-src/commit/8d3dfabef459fe7815e8ea2fd68753fd17859d7b (7.1)
-CVE-2019-9021 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
+CVE-2019-9021
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2036,7 +2068,7 @@ CVE-2019-9021 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26,
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77247
 	NOTE: https://github.com/php/php-src/commit/78bd3477745f1ada9578a79f61edb41886bec1cb (7.1)
-CVE-2019-9020 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
+CVE-2019-9020
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2049,9 +2081,9 @@ CVE-2019-9018
 	RESERVED
 CVE-2019-9017
 	RESERVED
-CVE-2019-9016 (An XSS vulnerability was discovered in MOPCMS through 2018-11-30. There ...)
+CVE-2019-9016
 	NOT-FOR-US: MOPCMS
-CVE-2019-9015 (A Path Traversal vulnerability was discovered in MOPCMS through ...)
+CVE-2019-9015
 	NOT-FOR-US: MOPCMS
 CVE-2019-9014
 	RESERVED
@@ -2073,14 +2105,14 @@ CVE-2019-9006
 	RESERVED
 CVE-2019-9005
 	RESERVED
-CVE-2019-9004 (In Eclipse Wakaama (formerly liblwm2m) 1.0, ...)
+CVE-2019-9004
 	NOT-FOR-US: Eclipse Wakaama
-CVE-2019-9003 (In the Linux kernel before 4.20.5, attackers can trigger a ...)
+CVE-2019-9003
 	- linux 4.19.20-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/77f8269606bf95fcb232ee86f6da80886f1dfae8
-CVE-2019-9002 (An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through ...)
+CVE-2019-9002
 	NOT-FOR-US: Tiny Issue
 CVE-2019-9001
 	RESERVED
@@ -2092,7 +2124,7 @@ CVE-2019-8998
 	RESERVED
 CVE-2019-8997
 	RESERVED
-CVE-2019-8996 (In Signiant Manager+Agents before 13.5, the implementation of the set ...)
+CVE-2019-8996
 	NOT-FOR-US: Signiant
 CVE-2019-8995
 	RESERVED
@@ -2112,23 +2144,23 @@ CVE-2019-8988
 	RESERVED
 CVE-2019-8987
 	RESERVED
-CVE-2019-8986 (The SOAP API component vulnerability of TIBCO Software Inc.'s TIBCO ...)
+CVE-2019-8986
 	NOT-FOR-US: TIBCO
-CVE-2019-8985 (On Netis WF2880 and WF2411 2.1.36123 devices, there is a stack-based ...)
+CVE-2019-8985
 	NOT-FOR-US: Netis devices
-CVE-2019-8984 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2). ...)
+CVE-2019-8984
 	NOT-FOR-US: MDaemon Webmail
-CVE-2019-8983 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2). ...)
+CVE-2019-8983
 	NOT-FOR-US: MDaemon Webmail
-CVE-2019-8982 (com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 ...)
+CVE-2019-8982
 	NOT-FOR-US: WaveMaker Studio
 CVE-2019-8981
 	RESERVED
-CVE-2019-8980 (A memory leak in the kernel_read_file function in fs/exec.c in the ...)
+CVE-2019-8980
 	- linux 4.19.28-1
 	NOTE: https://lore.kernel.org/lkml/20190219021038.11340-1-yuehaibing@huawei.com/
 	NOTE: https://lore.kernel.org/lkml/20190219022512.GW2217@ZenIV.linux.org.uk/
-CVE-2019-8979 (Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when ...)
+CVE-2019-8979
 	- libkohana2-php <removed>
 	[jessie] - libkohana2-php <not-affected> (orderby function properly checks for allowed values)
 	NOTE: https://github.com/huzr2018/orderby_SQLi/tree/master/kohana
@@ -2193,35 +2225,35 @@ CVE-2019-1000041
 	REJECTED
 CVE-2019-1000030
 	REJECTED
-CVE-2019-8955 (In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before ...)
+CVE-2019-8955
 	- tor 0.3.5.8-1
 	[stretch] - tor <not-affected> (Only affects 0.3.2.1 and later)
 	[jessie] - tor <not-affected> (Only affects 0.3.2.1 and later)
 	NOTE: https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312
 	NOTE: https://trac.torproject.org/projects/tor/ticket/29168
-CVE-2019-8954 (In Indexhibit 2.1.5, remote attackers can execute arbitrary code via ...)
+CVE-2019-8954
 	NOT-FOR-US: Indexhibit
-CVE-2019-8953 (The HAProxy package before 0.59_16 for pfSense has XSS via the desc ...)
+CVE-2019-8953
 	NOT-FOR-US: HAProxy package for pfSense
 CVE-2019-8952
 	RESERVED
 CVE-2019-8951
 	RESERVED
-CVE-2019-1003028 (A server-side request forgery vulnerability exists in Jenkins JMS ...)
+CVE-2019-1003028
 	NOT-FOR-US: Jenkins
-CVE-2019-1003027 (A server-side request forgery vulnerability exists in Jenkins ...)
+CVE-2019-1003027
 	NOT-FOR-US: Jenkins
-CVE-2019-1003026 (A server-side request forgery vulnerability exists in Jenkins ...)
+CVE-2019-1003026
 	NOT-FOR-US: Jenkins
-CVE-2019-1003025 (A exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2019-1003025
 	NOT-FOR-US: Jenkins
-CVE-2019-1003024 (A sandbox bypass vulnerability exists in Jenkins Script Security ...)
+CVE-2019-1003024
 	NOT-FOR-US: Jenkins
-CVE-2019-8950 (The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices ...)
+CVE-2019-8950
 	NOT-FOR-US: DASAN
 CVE-2019-8949
 	RESERVED
-CVE-2019-8948 (PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script ...)
+CVE-2019-8948
 	NOT-FOR-US: PaperCut MF
 CVE-2019-8947
 	RESERVED
@@ -2229,12 +2261,12 @@ CVE-2019-8946
 	RESERVED
 CVE-2019-8945
 	RESERVED
-CVE-2019-8944 (An Information Exposure issue in the Terraform deployment step in ...)
+CVE-2019-8944
 	NOT-FOR-US: Terraform
-CVE-2019-8943 (WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An ...)
+CVE-2019-8943
 	- wordpress <unfixed> (bug #923583)
 	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
-CVE-2019-8942 (WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code ...)
+CVE-2019-8942
 	{DSA-4401-1}
 	- wordpress 5.0.1+dfsg1-1
 	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
@@ -2243,10 +2275,10 @@ CVE-2019-8941
 	RESERVED
 CVE-2019-8940
 	RESERVED
-CVE-2019-8939 (data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a ...)
+CVE-2019-8939
 	NOT-FOR-US: Tautulli
 CVE-2019-8938
-	RESERVED
+	TODO: check
 CVE-2019-8937
 	RESERVED
 CVE-2019-8936 [Crafted null dereference attack in authenticated mode 6 packet]
@@ -2259,14 +2291,13 @@ CVE-2019-8936 [Crafted null dereference attack in authenticated mode 6 packet]
 	NOTE: Relates/corresponds to https://gitlab.com/NTPsec/ntpsec/issues/509 for ntpsec
 	NOTE: which has a separate CVE id CVE-2019-6445 specifically for src:ntpsec
 CVE-2019-8934 [ppc64: sPAPR emulator leaks the host hardware identity]
-	RESERVED
 	- qemu <unfixed> (bug #922923)
 	[buster] - qemu <ignored> (Too intrusive to backport, marginal impact)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html
-CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ ...)
+CVE-2019-8933
 	NOT-FOR-US: DedeCMS
-CVE-2019-8935 (Collabtive 3.1 allows XSS via the manageuser.php?action=profile id ...)
+CVE-2019-8935
 	- collabtive <removed>
 	[jessie] - collabtive <ignored> (Minor issue)
 CVE-2019-8932
@@ -2295,11 +2326,11 @@ CVE-2019-8921
 	RESERVED
 CVE-2019-8920
 	RESERVED
-CVE-2019-8919 (The seadroid (aka Seafile Android Client) application through 2.2.13 ...)
+CVE-2019-8919
 	NOT-FOR-US: Seafile Android Client
 CVE-2019-8918
 	RESERVED
-CVE-2019-8917 (SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code ...)
+CVE-2019-8917
 	NOT-FOR-US: SolarWinds Orion NPM
 CVE-2019-8916
 	RESERVED
@@ -2309,45 +2340,45 @@ CVE-2019-8914
 	RESERVED
 CVE-2019-8913
 	RESERVED
-CVE-2019-8912 (In the Linux kernel through 4.20.11, af_alg_release() in ...)
+CVE-2019-8912
 	- linux 4.19.28-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
-CVE-2019-8911 (An issue was discovered in WTCMS 1.0. It has stored XSS via the third ...)
+CVE-2019-8911
 	NOT-FOR-US: WTCMS
-CVE-2019-8910 (An issue was discovered in WTCMS 1.0. It allows ...)
+CVE-2019-8910
 	NOT-FOR-US: WTCMS
-CVE-2019-8909 (An issue was discovered in WTCMS 1.0. It allows remote attackers to ...)
+CVE-2019-8909
 	NOT-FOR-US: WTCMS
-CVE-2019-8908 (An issue was discovered in WTCMS 1.0. It allows remote attackers to ...)
+CVE-2019-8908
 	NOT-FOR-US: WTCMS
-CVE-2019-8907 (do_core_note in readelf.c in libmagic.a in file 5.35 allows remote ...)
+CVE-2019-8907
 	{DLA-1698-1}
 	- file 1:5.35-3 (bug #922968)
 	NOTE: https://bugs.astron.com/view.php?id=65
 	NOTE: https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
-CVE-2019-8906 (do_core_note in readelf.c in libmagic.a in file 5.35 has an ...)
+CVE-2019-8906
 	- file 1:5.35-3 (bug #922969)
 	[stretch] - file <not-affected> (vulnerable code introduced later)
 	[jessie] - file <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.astron.com/view.php?id=64
 	NOTE: Introduced by: https://github.com/file/file/commit/0ac0678c52e248fd2a632a84b638694f205aef9d (FILE5_31)
 	NOTE: Fixed by: https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f (FILE5_36)
-CVE-2019-8905 (do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based ...)
+CVE-2019-8905
 	{DLA-1698-1}
 	- file 1:5.35-3 (bug #922968)
 	NOTE: https://bugs.astron.com/view.php?id=63
 	NOTE: https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
-CVE-2019-8904 (do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based ...)
+CVE-2019-8904
 	- file 1:5.35-3 (bug #922967)
 	[stretch] - file <not-affected> (vulnerable code introduced later)
 	[jessie] - file <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.astron.com/view.php?id=62
 	NOTE: Introduced by: https://github.com/file/file/commit/76c55eae2f9b0b378332762f6dce544d05eb24d7 (FILE5_34)
 	NOTE: Fixed by: https://github.com/file/file/commit/94b7501f48e134e77716e7ebefc73d6bbe72ba55 (FILE5_36)
-CVE-2019-8903 (index.js in Total.js Platform before 3.2.3 allows path traversal. ...)
+CVE-2019-8903
 	NOT-FOR-US: Total.js Platform
-CVE-2019-8902 (An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF ...)
+CVE-2019-8902
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-8901
 	RESERVED
@@ -3271,51 +3302,51 @@ CVE-2019-8442
 	RESERVED
 CVE-2019-8441
 	RESERVED
-CVE-2019-8440 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS ...)
+CVE-2019-8440
 	NOT-FOR-US: DiliCMS
-CVE-2019-8439 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS ...)
+CVE-2019-8439
 	NOT-FOR-US: DiliCMS
-CVE-2019-8438 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS ...)
+CVE-2019-8438
 	NOT-FOR-US: DiliCMS
-CVE-2019-8437 (njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to ...)
+CVE-2019-8437
 	NOT-FOR-US: njiandan-cms
-CVE-2019-8436 (imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] ...)
+CVE-2019-8436
 	NOT-FOR-US: imcat
-CVE-2019-8435 (admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. ...)
+CVE-2019-8435
 	NOT-FOR-US: PHPMyWind
-CVE-2019-8434 (In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. ...)
+CVE-2019-8434
 	NOT-FOR-US: CmsEasy
-CVE-2019-8433 (JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the ...)
+CVE-2019-8433
 	NOT-FOR-US: JTBC(PHP)
-CVE-2019-8432 (In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. ...)
+CVE-2019-8432
 	NOT-FOR-US: CmsEasy
 CVE-2019-8431
 	RESERVED
 CVE-2019-8430
 	RESERVED
-CVE-2019-8429 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php ...)
+CVE-2019-8429
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8428 (ZoneMinder before 1.32.3 has SQL Injection via the ...)
+CVE-2019-8428
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8427 (daemonControl in includes/functions.php in ZoneMinder before 1.32.3 ...)
+CVE-2019-8427
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8426 (skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS ...)
+CVE-2019-8426
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8425 (includes/database.php in ZoneMinder before 1.32.3 has XSS in the ...)
+CVE-2019-8425
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8424 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort ...)
+CVE-2019-8424
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8423 (ZoneMinder through 1.32.3 has SQL Injection via the ...)
+CVE-2019-8423
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8422 (A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the ...)
+CVE-2019-8422
 	NOT-FOR-US: PbootCMS
-CVE-2019-8421 (upload/protected/modules/admini/views/post/index.php in BageCMS through ...)
+CVE-2019-8421
 	NOT-FOR-US: BageCMS
 CVE-2019-8420
 	RESERVED
-CVE-2019-8419 (VNote 2.2 has XSS via a new text note. ...)
+CVE-2019-8419
 	NOT-FOR-US: VNote
-CVE-2019-8418 (SeaCMS 7.2 mishandles member.php?mod=repsw4 requests. ...)
+CVE-2019-8418
 	NOT-FOR-US: SeaCMS
 CVE-2019-8417
 	RESERVED
@@ -3325,19 +3356,19 @@ CVE-2019-8415
 	RESERVED
 CVE-2019-8414
 	RESERVED
-CVE-2019-8413 (On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer ...)
+CVE-2019-8413
 	NOT-FOR-US: Xiaomi
-CVE-2019-8412 (FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or ...)
+CVE-2019-8412
 	NOT-FOR-US: FeiFeiCms
-CVE-2019-8411 (admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to ...)
+CVE-2019-8411
 	NOT-FOR-US: zzcms
-CVE-2019-8410 (Maccms 8.0 allows XSS via the inc/config/cache.php t_key parameter ...)
+CVE-2019-8410
 	NOT-FOR-US: Maccms
 CVE-2019-8409
 	RESERVED
-CVE-2019-8408 (OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by ...)
+CVE-2019-8408
 	NOT-FOR-US: OneFileCMS
-CVE-2019-8407 (HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ ...)
+CVE-2019-8407
 	NOT-FOR-US: HongCMS
 CVE-2019-8406
 	RESERVED
@@ -3351,32 +3382,32 @@ CVE-2019-8402
 	RESERVED
 CVE-2019-8401
 	RESERVED
-CVE-2019-8400 (ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the ...)
+CVE-2019-8400
 	NOT-FOR-US: ORY Hydra
 CVE-2019-8399
 	RESERVED
-CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...)
+CVE-2019-8398
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul6
-CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...)
+CVE-2019-8397
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul5
-CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...)
+CVE-2019-8396
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul4
-CVE-2019-8395 (An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ...)
+CVE-2019-8395
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
-CVE-2019-8394 (Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows ...)
+CVE-2019-8394
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
-CVE-2019-8393 (Hotels_Server through 2018-11-05 has SQL Injection via the API because ...)
+CVE-2019-8393
 	NOT-FOR-US: Hotels_Server
-CVE-2019-8392 (An issue was discovered on D-Link DIR-823G devices with firmware ...)
+CVE-2019-8392
 	NOT-FOR-US: D-Link
 CVE-2019-8391
 	RESERVED
 CVE-2019-8390
 	RESERVED
-CVE-2019-8389 (A file-read vulnerability was identified in the Wi-Fi transfer feature ...)
+CVE-2019-8389
 	NOT-FOR-US: Musicloud
 CVE-2019-8388
 	RESERVED
@@ -3388,35 +3419,35 @@ CVE-2019-8385
 	RESERVED
 CVE-2019-8384
 	RESERVED
-CVE-2019-8383 (An issue was discovered in AdvanceCOMP before 2.1. An invalid memory ...)
+CVE-2019-8383
 	NOT-FOR-US: AdvanceCOMP
-CVE-2019-8382 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference ...)
+CVE-2019-8382
 	NOT-FOR-US: Bento4
-CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory access ...)
+CVE-2019-8381
 	- tcpreplay 4.3.1-2 (unimportant; bug #922622)
 	NOTE: https://github.com/appneta/tcpreplay/issues/538
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference ...)
+CVE-2019-8380
 	NOT-FOR-US: Bento4
-CVE-2019-8379 (An issue was discovered in AdvanceCOMP before 2.1. A NULL pointer ...)
+CVE-2019-8379
 	NOT-FOR-US: AdvanceCOMP
-CVE-2019-8378 (An issue was discovered in Bento4 1.5.1-628. A heap-based buffer ...)
+CVE-2019-8378
 	NOT-FOR-US: Bento4
-CVE-2019-8377 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...)
+CVE-2019-8377
 	- tcpreplay 4.3.1-2 (unimportant; bug #922623)
 	NOTE: https://github.com/appneta/tcpreplay/issues/536
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2019-8376 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...)
+CVE-2019-8376
 	- tcpreplay 4.3.1-2 (unimportant; bug #922624)
 	NOTE: https://github.com/appneta/tcpreplay/issues/537
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2019-8375 (The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 ...)
+CVE-2019-8375
 	TODO: check
 CVE-2019-8374
 	RESERVED
 CVE-2019-8373
 	RESERVED
-CVE-2019-8372 (The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes ...)
+CVE-2019-8372
 	NOT-FOR-US: LG
 CVE-2019-8371
 	RESERVED
@@ -3434,28 +3465,28 @@ CVE-2019-8365
 	RESERVED
 CVE-2019-8364
 	RESERVED
-CVE-2019-8363 (Verydows 2.0 has XSS via the index.php?c=main a parameter, as ...)
+CVE-2019-8363
 	NOT-FOR-US: Verydows
-CVE-2019-8362 (DedeCMS through V5.7SP2 allows arbitrary file upload in ...)
+CVE-2019-8362
 	NOT-FOR-US: DedeCMS
-CVE-2019-8361 (PHP Scripts Mall Responsive Video News Script has XSS via the Search ...)
+CVE-2019-8361
 	NOT-FOR-US: PHP Scripts Mall Responsive Video News Script
-CVE-2019-8360 (Themerig Find a Place CMS Directory 1.5 has SQL Injection via the ...)
+CVE-2019-8360
 	NOT-FOR-US: Themerig Find a Place CMS Directory
 CVE-2019-8359
 	RESERVED
-CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do directory ...)
+CVE-2019-8358
 	NOT-FOR-US: Hiawatha
-CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...)
+CVE-2019-8357
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/318
-CVE-2019-8356 (An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 ...)
+CVE-2019-8356
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/321
-CVE-2019-8355 (An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an ...)
+CVE-2019-8355
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/320
-CVE-2019-8354 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...)
+CVE-2019-8354
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/319
 CVE-2019-8353
@@ -3470,22 +3501,22 @@ CVE-2019-8349
 	RESERVED
 CVE-2019-8348
 	RESERVED
-CVE-2019-8347 (BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via ...)
+CVE-2019-8347
 	NOT-FOR-US: BEESCMS
 CVE-2019-8346
 	RESERVED
-CVE-2019-8345 (The Help feature in the ES File Explorer File Manager application ...)
+CVE-2019-8345
 	NOT-FOR-US: ES File Explorer File Manager
 CVE-2019-8344
 	RESERVED
-CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in ...)
+CVE-2019-8343
 	- nasm <unfixed> (bug #922433)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392556
 CVE-2019-8342
 	RESERVED
-CVE-2019-8341 (An issue was discovered in Jinja2 2.10. The from_string function is ...)
+CVE-2019-8341
 	- jinja2 <unfixed> (unimportant)
 	NOTE: https://github.com/JameelNabbo/Jinja2-Code-execution
 	NOTE: No real security impact and upstream indicates the CVE is invalid
@@ -3495,17 +3526,17 @@ CVE-2019-8339
 	RESERVED
 CVE-2019-8338
 	RESERVED
-CVE-2019-8336 (HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a ...)
+CVE-2019-8336
 	NOT-FOR-US: HashiCorp Consul
-CVE-2019-8335 (An issue was discovered in SchoolCMS 2.3.1. There is an XSS ...)
+CVE-2019-8335
 	NOT-FOR-US: SchoolCMS
-CVE-2019-8334 (An issue was discovered in SchoolCMS 2.3.1. There is an XSS ...)
+CVE-2019-8334
 	NOT-FOR-US: SchoolCMS
 CVE-2019-8333
 	RESERVED
 CVE-2019-8332
 	RESERVED
-CVE-2019-8331 (In Bootstrap before 4.3.1, XSS is possible in the tooltip or popover ...)
+CVE-2019-8331
 	- twitter-bootstrap4 4.3.1+dfsg2-1
 	- twitter-bootstrap3 3.4.1+dfsg-1
 	[stretch] - twitter-bootstrap3 <no-dsa> (Minor issue)
@@ -3534,23 +3565,23 @@ CVE-2019-8321
 	RESERVED
 CVE-2019-8320
 	RESERVED
-CVE-2019-8319 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8319
 	NOT-FOR-US: D-Link
-CVE-2019-8318 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8318
 	NOT-FOR-US: D-Link
-CVE-2019-8317 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8317
 	NOT-FOR-US: D-Link
-CVE-2019-8316 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8316
 	NOT-FOR-US: D-Link
-CVE-2019-8315 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8315
 	NOT-FOR-US: D-Link
-CVE-2019-8314 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8314
 	NOT-FOR-US: D-Link
-CVE-2019-8313 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8313
 	NOT-FOR-US: D-Link
-CVE-2019-8312 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. ...)
+CVE-2019-8312
 	NOT-FOR-US: D-Link
-CVE-2019-8337 (In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. ...)
+CVE-2019-8337
 	- mpop 1.4.3-1
 	[stretch] - mpop <not-affected> (Vulnerable code introduced later)
 	[jessie] - mpop <not-affected> (Vulnerable code introduced later)
@@ -3621,51 +3652,51 @@ CVE-2019-8282
 	RESERVED
 CVE-2019-8281
 	RESERVED
-CVE-2019-8280 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC ...)
+CVE-2019-8280
 	NOT-FOR-US: UltraVNC
-CVE-2019-8279 (Multiple stored XSS in Vanilla Forums before 2.5 allow remote ...)
+CVE-2019-8279
 	NOT-FOR-US: Vanilla Forums
-CVE-2019-8278 (Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads to ...)
+CVE-2019-8278
 	NOT-FOR-US: Invision Power Board
-CVE-2019-8277 (UltraVNC revision 1211 contains multiple memory leaks (CWE-655) in VNC ...)
+CVE-2019-8277
 	NOT-FOR-US: UltraVNC
-CVE-2019-8276 (UltraVNC revision 1211 has a stack buffer overflow vulnerability in ...)
+CVE-2019-8276
 	NOT-FOR-US: UltraVNC
-CVE-2019-8275 (UltraVNC revision 1211 has multiple improper null termination ...)
+CVE-2019-8275
 	NOT-FOR-US: UltraVNC
-CVE-2019-8274 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
+CVE-2019-8274
 	NOT-FOR-US: UltraVNC
-CVE-2019-8273 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
+CVE-2019-8273
 	NOT-FOR-US: UltraVNC
-CVE-2019-8272 (UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC ...)
+CVE-2019-8272
 	NOT-FOR-US: UltraVNC
-CVE-2019-8271 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
+CVE-2019-8271
 	NOT-FOR-US: UltraVNC
-CVE-2019-8270 (UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC ...)
+CVE-2019-8270
 	NOT-FOR-US: UltraVNC
-CVE-2019-8269 (UltraVNC revision 1206 has stack-based Buffer overflow vulnerability ...)
+CVE-2019-8269
 	NOT-FOR-US: UltraVNC
-CVE-2019-8268 (UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC ...)
+CVE-2019-8268
 	NOT-FOR-US: UltraVNC
-CVE-2019-8267 (UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC ...)
+CVE-2019-8267
 	NOT-FOR-US: UltraVNC
-CVE-2019-8266 (UltraVNC revision 1207 has multiple out-of-bounds access ...)
+CVE-2019-8266
 	NOT-FOR-US: UltraVNC
-CVE-2019-8265 (UltraVNC revision 1207 has multiple out-of-bounds access ...)
+CVE-2019-8265
 	NOT-FOR-US: UltraVNC
-CVE-2019-8264 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC ...)
+CVE-2019-8264
 	NOT-FOR-US: UltraVNC
-CVE-2019-8263 (UltraVNC revision 1205 has stack-based buffer overflow vulnerability ...)
+CVE-2019-8263
 	NOT-FOR-US: UltraVNC
-CVE-2019-8262 (UltraVNC revision 1203 has multiple heap buffer overflow ...)
+CVE-2019-8262
 	NOT-FOR-US: UltraVNC
-CVE-2019-8261 (UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC ...)
+CVE-2019-8261
 	NOT-FOR-US: UltraVNC
-CVE-2019-8260 (UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC ...)
+CVE-2019-8260
 	NOT-FOR-US: UltraVNC
-CVE-2019-8259 (UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC ...)
+CVE-2019-8259
 	NOT-FOR-US: UltraVNC
-CVE-2019-8258 (UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC ...)
+CVE-2019-8258
 	NOT-FOR-US: UltraVNC
 CVE-2019-8257
 	RESERVED
@@ -4675,7 +4706,7 @@ CVE-2019-7755
 	RESERVED
 CVE-2019-7754
 	RESERVED
-CVE-2019-7753 (Verydows 2.0 has XSS via the index.php?m=api&amp;c=stats&amp;a=count referrer ...)
+CVE-2019-7753
 	NOT-FOR-US: Verydows
 CVE-2019-7752
 	RESERVED
@@ -4685,49 +4716,49 @@ CVE-2019-7750
 	RESERVED
 CVE-2019-7749
 	RESERVED
-CVE-2019-7748 (_includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task ...)
+CVE-2019-7748
 	NOT-FOR-US: DbNinja
-CVE-2019-7747 (DbNinja 3.2.7 allows session fixation via the data.php sessid ...)
+CVE-2019-7747
 	NOT-FOR-US: DbNinja
 CVE-2019-7746
 	RESERVED
 CVE-2019-7745
 	RESERVED
-CVE-2019-7744 (An issue was discovered in Joomla! before 3.9.3. Inadequate filtering ...)
+CVE-2019-7744
 	NOT-FOR-US: Joomla!
-CVE-2019-7743 (An issue was discovered in Joomla! before 3.9.3. The phar:// stream ...)
+CVE-2019-7743
 	NOT-FOR-US: Joomla!
-CVE-2019-7742 (An issue was discovered in Joomla! before 3.9.3. A combination of ...)
+CVE-2019-7742
 	NOT-FOR-US: Joomla!
-CVE-2019-7741 (An issue was discovered in Joomla! before 3.9.3. Inadequate checks at ...)
+CVE-2019-7741
 	NOT-FOR-US: Joomla!
-CVE-2019-7740 (An issue was discovered in Joomla! before 3.9.3. Inadequate parameter ...)
+CVE-2019-7740
 	NOT-FOR-US: Joomla!
-CVE-2019-7739 (An issue was discovered in Joomla! before 3.9.3. The &quot;No Filtering&quot; ...)
+CVE-2019-7739
 	NOT-FOR-US: Joomla!
-CVE-2019-7738 (C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&amp;id= URI. ...)
+CVE-2019-7738
 	NOT-FOR-US: C.P.Sub
-CVE-2019-7737 (A CSRF vulnerability was found in Verydows v2.0 that can add an admin ...)
+CVE-2019-7737
 	NOT-FOR-US: Verydows
-CVE-2019-7736 (D-Link DIR-600M C1 3.04 devices allow authentication bypass via a ...)
+CVE-2019-7736
 	NOT-FOR-US: D-Link
 CVE-2019-7735
 	RESERVED
 CVE-2019-7734
 	RESERVED
-CVE-2019-7733 (In Live555 0.95, there is a buffer overflow via a large integer in a ...)
+CVE-2019-7733
 	- liblivemedia <unfixed>
 	NOTE: https://github.com/rgaufman/live555/issues/21
-CVE-2019-7732 (In Live555 0.95, a setup packet can cause a memory leak leading to DoS ...)
+CVE-2019-7732
 	- liblivemedia <unfixed>
 	NOTE: https://github.com/rgaufman/live555/issues/20
-CVE-2019-7731 (MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an ...)
+CVE-2019-7731
 	NOT-FOR-US: MyWebSQL
-CVE-2019-7730 (MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for ...)
+CVE-2019-7730
 	NOT-FOR-US: MyWebSQL
-CVE-2019-7729 (An issue was discovered in the Bosch Smart Camera App before 1.3.1 for ...)
+CVE-2019-7729
 	NOT-FOR-US: Bosch Smart Camera App
-CVE-2019-7728 (An issue was discovered in the Bosch Smart Camera App before 1.3.1 for ...)
+CVE-2019-7728
 	NOT-FOR-US: Bosch Smart Camera App
 CVE-2019-7727
 	RESERVED
@@ -4739,18 +4770,18 @@ CVE-2019-7724
 	RESERVED
 CVE-2019-7723
 	RESERVED
-CVE-2019-7722 (PMD 5.8.1 and earlier processes XML external entities in ruleset files ...)
+CVE-2019-7722
 	NOT-FOR-US: PMD
 CVE-2019-XXXX [fuse mount exposes backup to unauthorized users]
 	- borgbackup 1.1.9-1 (bug #922080)
 	NOTE: https://github.com/borgbackup/borg/issues/3903
-CVE-2019-7721 (lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the ...)
+CVE-2019-7721
 	NOT-FOR-US: nc-cms
-CVE-2019-7720 (taocms through 2014-05-24 allows eval injection by placing PHP code in ...)
+CVE-2019-7720
 	NOT-FOR-US: taocms
-CVE-2019-7719 (Nibbleblog 4.0.5 allows eval injection by placing PHP code in the ...)
+CVE-2019-7719
 	NOT-FOR-US: Nibbleblog
-CVE-2019-7718 (An issue was discovered in Metinfo 6.x. An attacker can leverage a race ...)
+CVE-2019-7718
 	NOT-FOR-US: Metinfo
 CVE-2019-7717
 	RESERVED
@@ -4778,26 +4809,26 @@ CVE-2019-7706
 	RESERVED
 CVE-2019-7705
 	RESERVED
-CVE-2019-7704 (wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen ...)
+CVE-2019-7704
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1866
-CVE-2019-7703 (In Binaryen 1.38.22, there is a use-after-free problem in ...)
+CVE-2019-7703
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1865
-CVE-2019-7702 (A NULL pointer dereference was discovered in ...)
+CVE-2019-7702
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1867
-CVE-2019-7701 (A heap-based buffer over-read was discovered in ...)
+CVE-2019-7701
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1863
-CVE-2019-7700 (A heap-based buffer over-read was discovered in ...)
+CVE-2019-7700
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1864
-CVE-2019-7699 (A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in ...)
+CVE-2019-7699
 	NOT-FOR-US: Bento4
-CVE-2019-7698 (An issue was discovered in ...)
+CVE-2019-7698
 	NOT-FOR-US: Bento4
-CVE-2019-7697 (An issue was discovered in Bento4 v1.5.1-627. There is an assertion ...)
+CVE-2019-7697
 	NOT-FOR-US: Bento4
 CVE-2019-7696
 	RESERVED
@@ -4805,9 +4836,9 @@ CVE-2019-7695
 	RESERVED
 CVE-2019-7694
 	RESERVED
-CVE-2019-7693 (Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the ...)
+CVE-2019-7693
 	NOT-FOR-US: Axios Italia Axios RE devices
-CVE-2019-7692 (install/install.php in CIM 0.9.3 allows remote attackers to execute ...)
+CVE-2019-7692
 	NOT-FOR-US: CIM
 CVE-2019-7691
 	RESERVED
@@ -4823,7 +4854,7 @@ CVE-2019-7686
 	RESERVED
 CVE-2019-7685
 	RESERVED
-CVE-2019-7684 (inxedu through 2018-12-24 has a vulnerability that can lead to the ...)
+CVE-2019-7684
 	NOT-FOR-US: inxedu
 CVE-2019-7683
 	RESERVED
@@ -4835,17 +4866,17 @@ CVE-2019-7680
 	RESERVED
 CVE-2019-7679
 	RESERVED
-CVE-2019-7678 (A directory traversal vulnerability was discovered in Enphase Envoy ...)
+CVE-2019-7678
 	NOT-FOR-US: Enphase Envoy
-CVE-2019-7677 (XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the ...)
+CVE-2019-7677
 	NOT-FOR-US: Enphase Envoy
-CVE-2019-7676 (A weak password vulnerability was discovered in Enphase Envoy R3.*.*. ...)
+CVE-2019-7676
 	NOT-FOR-US: Enphase Envoy
-CVE-2019-7675 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The ...)
+CVE-2019-7675
 	NOT-FOR-US: MOBOTIX
-CVE-2019-7674 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. ...)
+CVE-2019-7674
 	NOT-FOR-US: MOBOTIX
-CVE-2019-7673 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. ...)
+CVE-2019-7673
 	NOT-FOR-US: MOBOTIX
 CVE-2019-7672
 	RESERVED
@@ -4861,20 +4892,20 @@ CVE-2019-7667
 	RESERVED
 CVE-2019-7666
 	RESERVED
-CVE-2019-7665 (In elfutils 0.175, a heap-based buffer over-read was discovered in the ...)
+CVE-2019-7665
 	{DLA-1689-1}
 	- elfutils 0.176-1 (low; bug #921880)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24089
 	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00049.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=de01cc6f9446187d69b9748bb3636361c79e77a4
-CVE-2019-7664 (In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note ...)
+CVE-2019-7664
 	- elfutils 0.176-1 (low; bug #921881)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	[jessie] - elfutils <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24084
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e65d91d21cb09d83b001fef9435e576ba447db32
-CVE-2019-7663 (An Invalid Address dereference was discovered in ...)
+CVE-2019-7663
 	{DLA-1680-1}
 	- tiff 4.0.10-4
 	[stretch] - tiff <postponed> (Minor issue)
@@ -4883,14 +4914,14 @@ CVE-2019-7663 (An Invalid Address dereference was discovered in ...)
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/802d3cbf3043be5dce5317e140ccb1c17a6a2d39
 	NOTE: Same patch as CVE-2018-17000 but different issue. As well different
 	NOTE: issue than CVE-2018-12900.
-CVE-2019-7662 (An assertion failure was discovered in ...)
+CVE-2019-7662
 	- binaryen 66-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1872
-CVE-2019-7661 (An issue was discovered in PHPMyWind 5.5. The method parameter of the ...)
+CVE-2019-7661
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7660 (An issue was discovered in PHPMyWind 5.5. The username parameter of the ...)
+CVE-2019-7660
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a ...)
+CVE-2019-7659
 	{DLA-1681-1}
 	- gsoap 2.8.75-1
 	[stretch] - gsoap <no-dsa> (Minor issue)
@@ -4909,17 +4940,18 @@ CVE-2019-7654
 	RESERVED
 CVE-2019-7652
 	RESERVED
-CVE-2019-7651 (EPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to ...)
+CVE-2019-7651
 	NOT-FOR-US: Emsisoft Anti-Malware
 CVE-2019-7650
 	RESERVED
-CVE-2019-7653 (The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has ...)
+CVE-2019-7653
+	{DLA-1717-1}
 	- rdflib 4.2.2-2 (bug #921751)
 	NOTE: Debian specific issue as respective scripts are overwritten in Debian
 	NOTE: packaging as wrappers invoking python -m.
-CVE-2019-7649 (global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies ...)
+CVE-2019-7649
 	NOT-FOR-US: CMSWing
-CVE-2019-7648 (controller/fetchpwd.php and controller/doAction.php in Hotels_Server ...)
+CVE-2019-7648
 	NOT-FOR-US: Hotels_Server
 CVE-2019-7647
 	RESERVED
@@ -4937,9 +4969,9 @@ CVE-2019-7641
 	RESERVED
 CVE-2019-7640
 	RESERVED
-CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If ...)
+CVE-2019-7639
 	NOT-FOR-US: gsi-openssh-server (OpenSSH patched with openssh-7.9p1-gsissh.patch)
-CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7638
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -4948,7 +4980,7 @@ CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4500
 	NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2)
 	NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf
-CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7637
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -4956,7 +4988,7 @@ CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3630
-CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7636
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -4965,7 +4997,7 @@ CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499
 	NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2)
 	NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf
-CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7635
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -4978,17 +5010,17 @@ CVE-2019-7634
 	RESERVED
 CVE-2019-7633
 	RESERVED
-CVE-2019-7632 (LifeSize Team, Room, Passport, and Networker 220 devices allow ...)
+CVE-2019-7632
 	NOT-FOR-US: LifeSize devices
 CVE-2019-7631
 	RESERVED
 CVE-2019-7630
 	RESERVED
-CVE-2019-7629 (Stack-based buffer overflow in the strip_vt102_codes function in ...)
+CVE-2019-7629
 	- tintin++ 2.01.5-2 (low; bug #924348)
 	[stretch] - tintin++ <no-dsa> (Minor issue)
 	[jessie] - tintin++ <no-dsa> (Minor issue)
-CVE-2019-7628 (Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail ...)
+CVE-2019-7628
 	- pagure <itp> (bug #829046)
 CVE-2019-7627
 	RESERVED
@@ -5070,27 +5102,27 @@ CVE-2019-7589
 	RESERVED
 CVE-2019-7588
 	RESERVED
-CVE-2019-7587 (Bo-blog Wind through 1.6.0-r allows SQL Injection via the ...)
+CVE-2019-7587
 	NOT-FOR-US: Bo-blog Wind
 CVE-2019-7586
 	RESERVED
-CVE-2019-7585 (An issue was discovered in Waimai Super Cms 20150505. ...)
+CVE-2019-7585
 	NOT-FOR-US: Waimai Super Cms
 CVE-2019-7584
 	RESERVED
 CVE-2019-7583
 	RESERVED
-CVE-2019-7582 (The readBytes function in util/read.c in libming through 0.4.8 allows ...)
+CVE-2019-7582
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/172
-CVE-2019-7581 (The parseSWF_ACTIONRECORD function in util/parser.c in libming through ...)
+CVE-2019-7581
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/173
-CVE-2019-7580 (ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP ...)
+CVE-2019-7580
 	NOT-FOR-US: ThinkCMF
 CVE-2019-7579
 	RESERVED
-CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7578
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5098,7 +5130,7 @@ CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4494
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
-CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7577
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5107,7 +5139,7 @@ CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4492
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
-CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7576
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5116,7 +5148,7 @@ CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4490
 	NOTE: Proposed patch: https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
 	NOTE: very similar bug to CVE-2019-7573, fix for CVE-2019-7573 is applicable to this
-CVE-2019-7575 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7575
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5124,7 +5156,7 @@ CVE-2019-7575 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4493
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
-CVE-2019-7574 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7574
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5132,7 +5164,7 @@ CVE-2019-7574 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4496
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
-CVE-2019-7573 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7573
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5140,7 +5172,7 @@ CVE-2019-7573 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4491
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
-CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+CVE-2019-7572
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5151,15 +5183,15 @@ CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
 CVE-2019-7571
 	RESERVED
-CVE-2019-7570 (A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users ...)
+CVE-2019-7570
 	NOT-FOR-US: PbootCMS
-CVE-2019-7569 (An issue was discovered in DOYO (aka doyocms) 2.3(20140425 update). ...)
+CVE-2019-7569
 	NOT-FOR-US: doyocms
-CVE-2019-7568 (An issue was discovered in baijiacms V4 that can result in time-based ...)
+CVE-2019-7568
 	NOT-FOR-US: baijiacms
-CVE-2019-7567 (An issue was discovered in Waimai Super Cms 20150505. ...)
+CVE-2019-7567
 	NOT-FOR-US: Waimai Super Cms
-CVE-2019-7566 (CSZ CMS 1.1.8 has CSRF via admin/users/new/add. ...)
+CVE-2019-7566
 	NOT-FOR-US: CSZ CMS
 CVE-2019-7565
 	RESERVED
@@ -5171,12 +5203,12 @@ CVE-2019-7562
 	RESERVED
 CVE-2019-7561
 	RESERVED
-CVE-2019-7560 (In parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted ...)
+CVE-2019-7560
 	- boolector <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Boolector/boolector/issues/28
 	NOTE: https://github.com/Boolector/boolector/issues/29
 	NOTE: https://github.com/Boolector/boolector/commit/8d979d02e0482c7137c9f3a34e6d430dbfd1f5c5
-CVE-2019-7559 (In btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15, ...)
+CVE-2019-7559
 	NOT-FOR-US: Boolector Btor2Tools
 CVE-2019-7558
 	RESERVED
@@ -5194,24 +5226,25 @@ CVE-2019-7552
 	RESERVED
 CVE-2019-7551
 	RESERVED
-CVE-2019-7550 (In JForum 2.1.8, an unauthenticated, remote attacker can enumerate ...)
+CVE-2019-7550
 	NOT-FOR-US: JForum
 CVE-2019-7549
 	RESERVED
-CVE-2019-7548 (SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be ...)
+CVE-2019-7548
+	{DLA-1718-1}
 	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
 	- sqlalchemy <unfixed> (bug #922669)
 	NOTE: https://github.com/sqlalchemy/sqlalchemy/issues/4481
 	NOTE: https://github.com/sqlalchemy/sqlalchemy/commit/30307c4616ad67c01ddae2e1e8e34fabf6028414
-CVE-2019-7547 (An issue was discovered in SIDU 6.0. Because the database name is not ...)
+CVE-2019-7547
 	NOT-FOR-US: SIDU
-CVE-2019-7546 (An issue was discovered in SIDU 6.0. The dbs parameter of the conn.php ...)
+CVE-2019-7546
 	NOT-FOR-US: SIDU
-CVE-2019-7545 (In DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has a ...)
+CVE-2019-7545
 	NOT-FOR-US: DbNinja
-CVE-2019-7544 (An issue was discovered in MyWebSQL 3.7. The Add User function of the ...)
+CVE-2019-7544
 	NOT-FOR-US: MyWebSQL
-CVE-2019-7543 (In KindEditor 4.1.11, the php/demo.php content1 parameter has a ...)
+CVE-2019-7543
 	NOT-FOR-US: KindEditor
 CVE-2019-7542
 	RESERVED
@@ -5227,7 +5260,7 @@ CVE-2019-7537
 	RESERVED
 CVE-2019-7536
 	RESERVED
-CVE-2019-7535 (index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive ...)
+CVE-2019-7535
 	NOT-FOR-US: Gurock TestRail
 CVE-2019-7534
 	RESERVED
@@ -5381,43 +5414,43 @@ CVE-2019-XXXX [netmask: buffer overflow vulnerability]
 	NOTE: https://github.com/tlby/netmask/issues/3
 	NOTE: https://github.com/tlby/netmask/commit/29a9c239bd1008363f5b34ffd6c2cef906f3660c
 	NOTE: No security impact due to toolchain hardening in stretch, negligable impact in older suites
-CVE-2019-1003023 (A cross-site scripting vulnerability exists in Jenkins Warnings Next ...)
+CVE-2019-1003023
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003022 (A denial of service vulnerability exists in Jenkins Monitoring Plugin ...)
+CVE-2019-1003022
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003021 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2019-1003021
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003020 (A server-side request forgery vulnerability exists in Jenkins Kanboard ...)
+CVE-2019-1003020
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003019 (An session fixation vulnerability exists in Jenkins GitHub ...)
+CVE-2019-1003019
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003018 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2019-1003018
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003017 (A data modification vulnerability exists in Jenkins Job Import Plugin ...)
+CVE-2019-1003017
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003016 (An exposure of sensitive information vulnerability exists in Jenkins ...)
+CVE-2019-1003016
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003015 (An XML external entity processing vulnerability exists in Jenkins Job ...)
+CVE-2019-1003015
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003014 (An cross-site scripting vulnerability exists in Jenkins Config File ...)
+CVE-2019-1003014
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003013 (An cross-site scripting vulnerability exists in Jenkins Blue Ocean ...)
+CVE-2019-1003013
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003012 (A data modification vulnerability exists in Jenkins Blue Ocean Plugins ...)
+CVE-2019-1003012
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003011 (An information exposure and denial of service vulnerability exists in ...)
+CVE-2019-1003011
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003010 (A cross-site request forgery vulnerability exists in Jenkins Git ...)
+CVE-2019-1003010
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003009 (An improper certificate validation vulnerability exists in Jenkins ...)
+CVE-2019-1003009
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003008 (A cross-site request forgery vulnerability exists in Jenkins Warnings ...)
+CVE-2019-1003008
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003007 (A cross-site request forgery vulnerability exists in Jenkins Warnings ...)
+CVE-2019-1003007
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003006 (A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and ...)
+CVE-2019-1003006
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003005 (A sandbox bypass vulnerability exists in Jenkins Script Security ...)
+CVE-2019-1003005
 	NOT-FOR-US: Jenkins plugin
 CVE-2019-7461
 	RESERVED
@@ -5498,32 +5531,32 @@ CVE-2019-7427
 CVE-2019-7426
 	RESERVED
 CVE-2019-7425
-	RESERVED
+	TODO: check
 CVE-2019-7424
-	RESERVED
+	TODO: check
 CVE-2019-7423
-	RESERVED
+	TODO: check
 CVE-2019-7422
-	RESERVED
+	TODO: check
 CVE-2019-7421
-	RESERVED
+	TODO: check
 CVE-2019-7420
-	RESERVED
+	TODO: check
 CVE-2019-7419
-	RESERVED
+	TODO: check
 CVE-2019-7418
-	RESERVED
+	TODO: check
 CVE-2019-7417
-	RESERVED
+	TODO: check
 CVE-2019-7416
-	RESERVED
+	TODO: check
 CVE-2019-7415
 	RESERVED
 CVE-2019-7414
 	RESERVED
-CVE-2019-7413 (In the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 ...)
+CVE-2019-7413
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-7412 (The PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles ...)
+CVE-2019-7412
 	NOT-FOR-US: Wordpress plugin
 CVE-2019-7411
 	RESERVED
@@ -5541,29 +5574,29 @@ CVE-2019-7405
 	RESERVED
 CVE-2019-7404
 	RESERVED
-CVE-2019-7403 (An issue was discovered in PHPMyWind 5.5. It allows remote attackers to ...)
+CVE-2019-7403
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7402 (An issue was discovered in PHPMyWind 5.5. The GetQQ function in ...)
+CVE-2019-7402
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7401 (NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based ...)
+CVE-2019-7401
 	NOT-FOR-US: NGINX Unit (different from FLOSS nginx)
-CVE-2019-7400 (Rukovoditel before 2.4.1 allows XSS. ...)
+CVE-2019-7400
 	NOT-FOR-US: Rukovoditel
-CVE-2019-7399 (Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against ...)
+CVE-2019-7399
 	NOT-FOR-US: Amazon Fire OS
-CVE-2019-7398 (In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage ...)
+CVE-2019-7398
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1453
-CVE-2019-7397 (In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, ...)
+CVE-2019-7397
 	- imagemagick <unfixed> (unimportant)
 	- graphicsmagick 1.4~hg15896-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1454
-CVE-2019-7396 (In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage ...)
+CVE-2019-7396
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1452
-CVE-2019-7395 (In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel ...)
+CVE-2019-7395
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1451
@@ -5571,26 +5604,26 @@ CVE-2019-7394
 	RESERVED
 CVE-2019-7393
 	RESERVED
-CVE-2019-7392 (An improper authentication vulnerability in CA Privileged Access ...)
+CVE-2019-7392
 	NOT-FOR-US: CA Privileged Access Manager
 CVE-2019-7391
-	RESERVED
-CVE-2019-7390 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices with ...)
+	TODO: check
+CVE-2019-7390
 	NOT-FOR-US: D-Link
-CVE-2019-7389 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices with ...)
+CVE-2019-7389
 	NOT-FOR-US: D-Link
-CVE-2019-7388 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices with ...)
+CVE-2019-7388
 	NOT-FOR-US: D-Link
-CVE-2019-7387 (A local file inclusion vulnerability exists in the web interface of ...)
+CVE-2019-7387
 	NOT-FOR-US: Systrome
 CVE-2019-7386
-	RESERVED
+	TODO: check
 CVE-2019-7385
-	RESERVED
+	TODO: check
 CVE-2019-7384
-	RESERVED
+	TODO: check
 CVE-2019-7383
-	RESERVED
+	TODO: check
 CVE-2019-7382
 	RESERVED
 CVE-2019-7381
@@ -5645,65 +5678,65 @@ CVE-2019-7357
 	RESERVED
 CVE-2019-7356
 	RESERVED
-CVE-2019-1000024 (OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a ...)
+CVE-2019-1000024
 	NOT-FOR-US: OPT/NET BV
-CVE-2019-1000023 (OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) ...)
+CVE-2019-1000023
 	NOT-FOR-US: OPT/NET BV
-CVE-2019-1000022 (Taoensso Sente version Prior to version 1.14.0 contains a Cross Site ...)
+CVE-2019-1000022
 	NOT-FOR-US: Taoensso Sente
-CVE-2019-1000021 (slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 ...)
+CVE-2019-1000021
 	- slixmpp 1.4.2-1 (bug #922509)
 	[stretch] - slixmpp <no-dsa> (Minor issue)
 	NOTE: https://lab.louiz.org/poezio/slixmpp/commit/7cd73b594e8122dddf847953fcfc85ab4d316416
-CVE-2019-1000020 (libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 ...)
+CVE-2019-1000020
 	{DLA-1668-1}
 	- libarchive 3.3.3-4 (low)
 	[stretch] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423
-CVE-2019-1000019 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 ...)
+CVE-2019-1000019
 	{DLA-1668-1}
 	- libarchive 3.3.3-4 (low)
 	[stretch] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
-CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect ...)
+CVE-2019-1000017
 	NOT-FOR-US: Chamilo Chamilo-lms
-CVE-2019-1000016 (FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array ...)
+CVE-2019-1000016
 	- ffmpeg 7:4.1.1-1 (low; bug #922066)
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f
-CVE-2019-1000015 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site ...)
+CVE-2019-1000015
 	NOT-FOR-US: Chamilo Chamilo-lms
-CVE-2019-1000014 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing ...)
+CVE-2019-1000014
 	- rebar <undetermined>
-CVE-2019-1000013 (Hex package manager hex_core version 0.3.0 and earlier contains a ...)
+CVE-2019-1000013
 	NOT-FOR-US: Hex package manager
-CVE-2019-1000012 (Hex package manager version 0.14.0 through 0.18.2 contains a Signing ...)
+CVE-2019-1000012
 	NOT-FOR-US: Hex package manager
-CVE-2019-1000011 (API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access ...)
+CVE-2019-1000011
 	NOT-FOR-US: API Platform
-CVE-2019-1000010 (phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting ...)
+CVE-2019-1000010
 	NOT-FOR-US: phpIPAM
-CVE-2019-1000009 (Helm ChartMuseum version &gt;=0.1.0 and &lt; 0.8.1 contains a CWE-22: ...)
+CVE-2019-1000009
 	NOT-FOR-US: Helm ChartMuseum
-CVE-2019-1000008 (All versions of Helm between Helm &gt;=2.0.0 and &lt; 2.12.2 contains a ...)
+CVE-2019-1000008
 	NOT-FOR-US: Helm Kubernetes package manager, different from src:helm
-CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper Handling of ...)
+CVE-2019-1000007
 	- python-aioxmpp 0.10.3-1
 	NOTE: https://github.com/horazont/aioxmpp/pull/268
-CVE-2019-1000006 (RIOT RIOT-OS version after commit ...)
+CVE-2019-1000006
 	NOT-FOR-US: RIOT RIOT-OS
-CVE-2019-1000005 (mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of ...)
+CVE-2019-1000005
 	NOT-FOR-US: mPDF
-CVE-2019-1000004 (yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains a Cross ...)
+CVE-2019-1000004
 	NOT-FOR-US: yugandhargangu JspMyAdmin2
-CVE-2019-1000003 (MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery ...)
+CVE-2019-1000003
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-1000002 (Gitea version 1.6.2 and earlier contains a Incorrect Access Control ...)
+CVE-2019-1000002
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/pull/5631
-CVE-2019-1000001 (TeamPass version 2.1.27 and earlier contains a Storing Passwords in a ...)
+CVE-2019-1000001
 	NOT-FOR-US: TeamPass
 CVE-2019-7355
 	RESERVED
@@ -5713,93 +5746,93 @@ CVE-2019-7353 [Leak of Confidential Issue and Merge Request Titles]
 	RESERVED
 	- gitlab <not-affected> (Only affects 11.7)
 	NOTE: https://about.gitlab.com/2019/02/05/critical-security-release-gitlab-11-dot-7-dot-4-released/
-CVE-2019-7352 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7352
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2475
-CVE-2019-7351 (Log Injection exists in ZoneMinder through 1.32.3, as an attacker can ...)
+CVE-2019-7351
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2466
-CVE-2019-7350 (Session fixation exists in ZoneMinder through 1.32.3, as an attacker ...)
+CVE-2019-7350
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2471
-CVE-2019-7349 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7349
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2465
-CVE-2019-7348 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7348
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2467
-CVE-2019-7347 (A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ...)
+CVE-2019-7347
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2476
-CVE-2019-7346 (A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a ...)
+CVE-2019-7346
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2469
-CVE-2019-7345 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7345
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2468
-CVE-2019-7344 (Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker ...)
+CVE-2019-7344
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2455
-CVE-2019-7343 (Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7343
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2464
-CVE-2019-7342 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
+CVE-2019-7342
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2461
-CVE-2019-7341 (Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7341
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2463
-CVE-2019-7340 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
+CVE-2019-7340
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2462
-CVE-2019-7339 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
+CVE-2019-7339
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2460
-CVE-2019-7338 (Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an ...)
+CVE-2019-7338
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2454
-CVE-2019-7337 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7337
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2456
-CVE-2019-7336 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7336
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2457
-CVE-2019-7335 (Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an ...)
+CVE-2019-7335
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2453
-CVE-2019-7334 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7334
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2443
-CVE-2019-7333 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7333
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2441
-CVE-2019-7332 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7332
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2442
-CVE-2019-7331 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7331
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2451
-CVE-2019-7330 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7330
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2448
-CVE-2019-7329 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7329
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2446
-CVE-2019-7328 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7328
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2449
-CVE-2019-7327 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7327
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2447
-CVE-2019-7326 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7326
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2452
-CVE-2019-7325 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through ...)
+CVE-2019-7325
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2450
-CVE-2019-7324 (app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination ...)
+CVE-2019-7324
 	- kanboard <itp> (bug #790814)
-CVE-2019-7323 (GUP (generic update process) in LightySoft LogMX before 7.4.0 does not ...)
+CVE-2019-7323
 	NOT-FOR-US: LightySoft LogMX
 CVE-2019-7322
 	RESERVED
@@ -5811,30 +5844,30 @@ CVE-2019-7319
 	RESERVED
 CVE-2019-7318
 	RESERVED
-CVE-2019-7317 (png_image_free in png.c in libpng 1.6.36 has a use-after-free because ...)
+CVE-2019-7317
 	- libpng1.6 1.6.36-4 (bug #921355)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
 	NOTE: https://github.com/glennrp/libpng/issues/275
-CVE-2019-7316 (An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05. The ...)
+CVE-2019-7316
 	NOT-FOR-US: CSS-TRICKS Chat2
 CVE-2019-7315
 	RESERVED
-CVE-2019-7314 (liblivemedia in Live555 before 2019.02.03 mishandles the termination of ...)
+CVE-2019-7314
 	{DSA-4408-1 DLA-1690-1}
 	[experimental] - liblivemedia 2019.02.03-1
 	- liblivemedia <unfixed> (bug #924656)
 	NOTE: http://lists.live555.com/pipermail/live-devel/2019-February/021143.html
-CVE-2019-7313 (www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the ...)
+CVE-2019-7313
 	- buildbot 2.0.0-1 (bug #921271)
 	[stretch] - buildbot <not-affected> (Vulnerable code introduced in 0.9.0)
 	[jessie] - buildbot <not-affected> (Vulnerable code introduced in 0.9.0)
 	NOTE: https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code
 	NOTE: https://github.com/buildbot/buildbot/pull/4584/files#diff-a2e7e3ee5f6a1d3cd9c6abf0328c21e0
-CVE-2019-7312 (Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows ...)
+CVE-2019-7312
 	NOT-FOR-US: PRIMX Zed Enterprise
 CVE-2019-7311
 	RESERVED
-CVE-2019-7310 (In Poppler 0.73.0, a heap-based buffer over-read (due to an integer ...)
+CVE-2019-7310
 	{DLA-1706-1}
 	- poppler <unfixed> (bug #921215)
 	[stretch] - poppler <ignored> (Minor issue)
@@ -5842,12 +5875,12 @@ CVE-2019-7310 (In Poppler 0.73.0, a heap-based buffer over-read (due to an integ
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/717
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/172
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/b54e1fc3e0d2600621a28d50f9f085b9e38619c2
-CVE-2019-7309 (In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp ...)
+CVE-2019-7309
 	- glibc 2.28-6 (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24155
 	NOTE: https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html
 	NOTE: x32 not officially supported
-CVE-2019-7308 (kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs ...)
+CVE-2019-7308
 	- linux 4.19.20-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1711
@@ -5869,19 +5902,19 @@ CVE-2019-7303
 	RESERVED
 CVE-2019-7302
 	RESERVED
-CVE-2019-7301 (Zen Load Balancer 3.10.1 allows remote authenticated admin users to ...)
+CVE-2019-7301
 	NOT-FOR-US: Zen Load Balancer
-CVE-2019-7300 (Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary ...)
+CVE-2019-7300
 	NOT-FOR-US: Artica Proxy
 CVE-2019-7299
 	RESERVED
-CVE-2019-7298 (An issue was discovered on D-Link DIR-823G devices with firmware ...)
+CVE-2019-7298
 	NOT-FOR-US: D-Link
-CVE-2019-7297 (An issue was discovered on D-Link DIR-823G devices with firmware ...)
+CVE-2019-7297
 	NOT-FOR-US: D-Link
-CVE-2019-7296 (typora through 0.9.64 has XSS, with resultant remote command execution, ...)
+CVE-2019-7296
 	NOT-FOR-US: typora
-CVE-2019-7295 (typora through 0.9.63 has XSS, with resultant remote command execution, ...)
+CVE-2019-7295
 	NOT-FOR-US: typora
 CVE-2019-7294
 	RESERVED
@@ -5971,15 +6004,15 @@ CVE-2019-7251 [Remote crash vulnerability with SDP protocol violation]
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	[jessie] - asterisk <not-affected> (Vulnerable code introduced later)
 	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-001.html
-CVE-2019-7250 (An issue was discovered in the Cross Reference Add-on 36 for Google ...)
+CVE-2019-7250
 	NOT-FOR-US: Cross Reference Add-on for Google Docs
-CVE-2019-7249 (In Keybase before 2.12.6 on macOS, the move RPC to the Helper was ...)
+CVE-2019-7249
 	NOT-FOR-US: Keybase on MacOS
-CVE-2019-7283 (An issue was discovered in rcp in NetKit through 0.17. For an rcp ...)
+CVE-2019-7283
 	- netkit-rsh 0.17-20 (bug #920486)
 	[stretch] - netkit-rsh <no-dsa> (Minor issue)
 	[jessie] - netkit-rsh <no-dsa> (Minor issue)
-CVE-2019-7282 (In NetKit through 0.17, rcp.c in the rcp client allows remote rsh ...)
+CVE-2019-7282
 	- netkit-rsh 0.17-20 (bug #920486)
 	[stretch] - netkit-rsh <no-dsa> (Minor issue)
 	[jessie] - netkit-rsh <no-dsa> (Minor issue)
@@ -6005,15 +6038,15 @@ CVE-2019-7239
 	RESERVED
 CVE-2019-7238
 	RESERVED
-CVE-2019-7237 (An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. ...)
+CVE-2019-7237
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7236 (An issue was discovered in idreamsoft iCMS 7.0.13. ...)
+CVE-2019-7236
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7235 (An issue was discovered in idreamsoft iCMS 7.0.13. ...)
+CVE-2019-7235
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7234 (An issue was discovered in idreamsoft iCMS 7.0.13. ...)
+CVE-2019-7234
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7233 (In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer ...)
+CVE-2019-7233
 	- catdoc <unfixed> (unimportant)
 	NOTE: https://github.com/uvoteam/libdoc/issues/6
 	NOTE: Crash in CLI tool, no security impact
@@ -6035,15 +6068,13 @@ CVE-2019-7225
 	RESERVED
 CVE-2019-7224
 	RESERVED
-CVE-2019-7223 (InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save ...)
+CVE-2019-7223
 	NOT-FOR-US: InvoicePlane
 CVE-2019-7222 [KVM: x86: work around leak of uninitialized stack contents]
-	RESERVED
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/353c0956a618a07ba4bbe7ad00ff29fe70e8412a
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1759&desc=2
 CVE-2019-7221 [KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer]
-	RESERVED
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/ecec76885bcfe3294685dc363fd1273df0d5d65f
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1760
@@ -6055,7 +6086,7 @@ CVE-2019-7218
 	RESERVED
 CVE-2019-7217
 	RESERVED
-CVE-2019-7216 (An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi ...)
+CVE-2019-7216
 	NOT-FOR-US: FileChucker
 CVE-2019-7215
 	RESERVED
@@ -6139,23 +6170,23 @@ CVE-2019-7176
 	RESERVED
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
-CVE-2019-7175 (In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage ...)
+CVE-2019-7175
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1450
 CVE-2019-7174
 	RESERVED
-CVE-2019-7173 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker ...)
+CVE-2019-7173
 	NOT-FOR-US: Croogo
-CVE-2019-7172 (A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker ...)
+CVE-2019-7172
 	NOT-FOR-US: ATutor
-CVE-2019-7171 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker ...)
+CVE-2019-7171
 	NOT-FOR-US: Croogo
-CVE-2019-7170 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker ...)
+CVE-2019-7170
 	NOT-FOR-US: Croogo
-CVE-2019-7169 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker ...)
+CVE-2019-7169
 	NOT-FOR-US: Croogo
-CVE-2019-7168 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker ...)
+CVE-2019-7168
 	NOT-FOR-US: Croogo
 CVE-2019-7167
 	RESERVED
@@ -6163,7 +6194,8 @@ CVE-2019-7166
 	RESERVED
 CVE-2019-7165
 	RESERVED
-CVE-2019-7164 (SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL ...)
+CVE-2019-7164
+	{DLA-1718-1}
 	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
 	- sqlalchemy <unfixed> (bug #922669)
 	NOTE: https://github.com/sqlalchemy/sqlalchemy/issues/4481
@@ -6174,7 +6206,7 @@ CVE-2019-7162
 	RESERVED
 CVE-2019-7161
 	RESERVED
-CVE-2019-7160 (idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory ...)
+CVE-2019-7160
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-7159
 	RESERVED
@@ -6182,7 +6214,7 @@ CVE-2019-7158
 	RESERVED
 CVE-2019-7157
 	RESERVED
-CVE-2019-7156 (In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows ...)
+CVE-2019-7156
 	- catdoc <unfixed> (unimportant)
 	NOTE: https://github.com/uvoteam/libdoc/issues/5
 	NOTE: catdoc embeds the code; crash in CLI tool, no security impact
@@ -6190,53 +6222,53 @@ CVE-2019-7155
 	RESERVED
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
-CVE-2019-7154 (The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a ...)
+CVE-2019-7154
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1876
 	NOTE: https://github.com/WebAssembly/binaryen/commit/79a4fbc80d7ffce4cbcfd04315ce3a0efa88d7fa
-CVE-2019-7153 (A NULL pointer dereference was discovered in ...)
+CVE-2019-7153
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1879
 	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
 	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
-CVE-2019-7152 (A heap-based buffer over-read was discovered in ...)
+CVE-2019-7152
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1880
 	NOTE: Same set of fixes as for https://github.com/WebAssembly/binaryen/issues/1879
 	NOTE: address the issue.
 	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
 	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
-CVE-2019-7151 (A NULL pointer dereference was discovered in ...)
+CVE-2019-7151
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1881
 	NOTE: Same set of fixes as for https://github.com/WebAssembly/binaryen/issues/1879
 	NOTE: address the issue.
 	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
 	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
-CVE-2019-7150 (An issue was discovered in elfutils 0.175. A segmentation fault can ...)
+CVE-2019-7150
 	{DLA-1689-1}
 	- elfutils 0.176-1 (low; bug #920909)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24103
 	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=da5c5336a1eaf519de246f7d9f0f5585e1d4ac59
-CVE-2019-7149 (A heap-based buffer over-read was discovered in the function ...)
+CVE-2019-7149
 	{DLA-1689-1}
 	- elfutils 0.176-1 (low; bug #920910)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24102
 	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2562759d6fe5b364fe224852e64e8bda39eb2e35
-CVE-2019-7148 (An attempted excessive memory allocation was discovered in the function ...)
+CVE-2019-7148
 	- elfutils 0.176-1 (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24085
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e32380ecefbb23448541367283d3b94930762986
 	NOTE: malloc can fail on invalid file, but "nothing" bad with security implication will
 	NOTE: happen, negligible security impact.
-CVE-2019-7147 (A buffer over-read exists in the function crc64ib in crc64.c in nasmlib ...)
+CVE-2019-7147
 	- nasm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392544
-CVE-2019-7146 (In elfutils 0.175, there is a buffer over-read in the ebl_object_note ...)
+CVE-2019-7146
 	- elfutils 0.176-1 (bug #920911)
 	[stretch] - elfutils <not-affected> (Vulnerable code introduced in 0.175)
 	[jessie] - elfutils <not-affected> (Vulnerable code introduced in 0.175)
@@ -6523,7 +6555,7 @@ CVE-2019-7008
 	RESERVED
 CVE-2019-7007
 	RESERVED
-CVE-2019-7006 (Avaya one-X Communicator uses weak cryptographic algorithms in the ...)
+CVE-2019-7006
 	NOT-FOR-US: Avaya
 CVE-2019-7005
 	RESERVED
@@ -6557,25 +6589,25 @@ CVE-2019-6994
 	RESERVED
 CVE-2019-6993
 	RESERVED
-CVE-2019-6992 (A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ...)
+CVE-2019-6992
 	- zoneminder 1.32.3-2 (bug #920999)
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2445
-CVE-2019-6991 (A classic Stack-based buffer overflow exists in the zmLoadUser() ...)
+CVE-2019-6991
 	- zoneminder 1.32.3-2 (bug #921000)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2478
 	NOTE: https://github.com/ZoneMinder/zoneminder/pull/2482
-CVE-2019-6990 (A stored-self XSS exists in web/skins/classic/views/zones.php of ...)
+CVE-2019-6990
 	- zoneminder 1.32.3-2 (bug #921001)
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94a
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2444
-CVE-2019-1000018 (rssh version 2.3.4 contains a CWE-77: Improper Neutralization of ...)
+CVE-2019-1000018
 	{DSA-4377-1 DLA-1650-1}
 	- rssh 2.3.4-9 (bug #919623)
 	NOTE: https://sourceforge.net/p/rssh/mailman/message/36519118/
 CVE-2019-6989
 	RESERVED
-CVE-2019-6988 (An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers ...)
+CVE-2019-6988
 	- openjpeg2 <unfixed> (low; bug #922648)
 	[buster] - openjpeg2 <ignored> (Minor issue)
 	[stretch] - openjpeg2 <ignored> (Minor issue)
@@ -6583,23 +6615,23 @@ CVE-2019-6988 (An issue was discovered in OpenJPEG 2.3.0. It allows remote attac
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1178
 CVE-2019-6987
 	RESERVED
-CVE-2019-6986 (SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to ...)
+CVE-2019-6986
 	NOT-FOR-US: VIVO Vitro
-CVE-2019-6985 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
+CVE-2019-6985
 	NOT-FOR-US: Foxit Reader
-CVE-2019-6984 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
+CVE-2019-6984
 	NOT-FOR-US: Foxit Reader
-CVE-2019-6983 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
+CVE-2019-6983
 	NOT-FOR-US: Foxit Reader
-CVE-2019-6982 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
+CVE-2019-6982
 	NOT-FOR-US: Foxit Reader
 CVE-2019-6981
 	RESERVED
 CVE-2019-6980
 	RESERVED
-CVE-2019-6979 (An issue was discovered in the User IP History Logs (aka ...)
+CVE-2019-6979
 	NOT-FOR-US: IP History Logs plugin for MyBB
-CVE-2019-6978 (The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the ...)
+CVE-2019-6978
 	{DSA-4384-1 DLA-1651-1}
 	- libgd2 2.2.5-5.1 (bug #920728)
 	NOTE: https://github.com/libgd/libgd/issues/492
@@ -6611,7 +6643,7 @@ CVE-2019-1000029 [DoS due to changing # of allowed users in root channel]
 	NOTE: https://github.com/mumble-voip/mumble/issues/3585
 	NOTE: Introduced in: https://github.com/mumble-voip/mumble/commit/84b1bcecef790a84d10b2d1f2060c1681a2bb836
 	NOTE: Fixed by: https://github.com/mumble-voip/mumble/commit/3edc46ff7308691d342f8c08ce1afaaefce35a5c
-CVE-2019-6977 (gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka ...)
+CVE-2019-6977
 	{DSA-4384-1 DLA-1651-1}
 	- libgd2 2.2.5-5.1 (bug #920645)
 	- php7.3 7.3.1-1 (unimportant)
@@ -6620,23 +6652,23 @@ CVE-2019-6977 (gdImageColorMatch in gd_color_match.c in the GD Graphics Library
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77270
 	NOTE: Proposed patch: https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
-CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations in ...)
+CVE-2019-6976
 	- vips 8.7.4-1 (low)
 	[stretch] - vips <no-dsa> (Minor issue)
 	[jessie] - vips <ignored> (Minor Issue)
 	NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
-CVE-2019-6975 (Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before ...)
+CVE-2019-6975
 	- python-django 1:1.11.20-1 (low; bug #922027)
 	[stretch] - python-django <postponed> (Minor issue)
 	[jessie] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
 	NOTE: https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
 	NOTE: https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227 (1.11 branch)
-CVE-2019-6974 (In the Linux kernel before 4.20.8, kvm_ioctl_create_device in ...)
+CVE-2019-6974
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/cfa39381173d5f969daf43582c95ad679189cbc9
 CVE-2019-6973
-	RESERVED
+	TODO: check
 CVE-2019-6972
 	RESERVED
 CVE-2019-6971
@@ -6648,8 +6680,8 @@ CVE-2019-6969
 CVE-2019-6968
 	RESERVED
 CVE-2019-6967
-	RESERVED
-CVE-2019-6966 (An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in ...)
+	TODO: check
+CVE-2019-6966
 	NOT-FOR-US: Bento4
 CVE-2019-6965
 	RESERVED
@@ -6671,7 +6703,7 @@ CVE-2019-6958
 	RESERVED
 CVE-2019-6957
 	RESERVED
-CVE-2019-6956 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...)
+CVE-2019-6956
 	- faad2 <unfixed> (bug #914641)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
@@ -6976,25 +7008,25 @@ CVE-2019-6807
 	RESERVED
 CVE-2019-6806
 	RESERVED
-CVE-2019-6805 (SQL Injection was found in S-CMS version V3.0 via the ...)
+CVE-2019-6805
 	NOT-FOR-US: S-CMS
-CVE-2019-6804 (An XSS issue was discovered on the Job Edit page in Rundeck Community ...)
+CVE-2019-6804
 	NOT-FOR-US: Rundeck Community Edition
-CVE-2019-6803 (typora through 0.9.9.20.3 beta has XSS, with resultant remote command ...)
+CVE-2019-6803
 	NOT-FOR-US: Typora
-CVE-2019-6802 (CRLF Injection in pypiserver 1.2.5 and below allows attackers to set ...)
+CVE-2019-6802
 	NOT-FOR-US: pypiserver
 CVE-2019-6801
 	RESERVED
 CVE-2019-6800
 	RESERVED
-CVE-2019-6799 (An issue was discovered in phpMyAdmin before 4.8.5. When the ...)
+CVE-2019-6799
 	{DLA-1692-1}
 	- phpmyadmin <unfixed> (bug #920823)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-1/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a95500920a900
-CVE-2019-6798 (An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was ...)
+CVE-2019-6798
 	- phpmyadmin <unfixed> (bug #920822)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code introduced later >= 4.5.0)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-2/
@@ -7067,19 +7099,18 @@ CVE-2019-6781
 	RESERVED
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
-CVE-2019-6780 (The Wise Chat plugin before 2.7 for WordPress mishandles external links ...)
+CVE-2019-6780
 	NOT-FOR-US: WordPress plugin wise-chat
-CVE-2019-6779 (Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete ...)
+CVE-2019-6779
 	NOT-FOR-US: Cscms
 CVE-2019-6778 [slirp: heap buffer overflow in tcp_emu()]
-	RESERVED
 	{DLA-1694-1}
 	- qemu 1:3.1+dfsg-3 (bug #921525)
 	- qemu-kvm <removed>
 	- slirp4netns 0.2.1-1
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=a7104eda7dab99d0cdbd3595c211864cba415905
-CVE-2019-6777 (An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in ...)
+CVE-2019-6777
 	- zoneminder 1.32.3-2 (bug #920375)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2436
 	NOTE: https://github.com/mnoorenberghe/ZoneMinder/commit/59cc65411f02c7e39a270fda3ecb4966d7b48d41
@@ -7197,33 +7228,33 @@ CVE-2019-6721
 	RESERVED
 CVE-2019-6720
 	RESERVED
-CVE-2019-6719 (An issue has been found in libIEC61850 v1.3.1. There is a ...)
+CVE-2019-6719
 	NOT-FOR-US: libIEC61850
 CVE-2019-6718
 	RESERVED
 CVE-2019-6717
 	RESERVED
 CVE-2019-6716
-	RESERVED
+	TODO: check
 CVE-2019-6715
 	RESERVED
 CVE-2019-6714
-	RESERVED
-CVE-2019-6713 (app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows ...)
+	TODO: check
+CVE-2019-6713
 	NOT-FOR-US: ThinkCMF
 CVE-2019-6712
 	RESERVED
 CVE-2019-6711
 	RESERVED
-CVE-2019-6710 (Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF. ...)
+CVE-2019-6710
 	NOT-FOR-US: Zyxel
 CVE-2019-6709
 	RESERVED
-CVE-2019-6708 (PHPSHE 1.7 has SQL injection via the admin.php?mod=order state ...)
+CVE-2019-6708
 	NOT-FOR-US: PHPSHE
-CVE-2019-6707 (PHPSHE 1.7 has SQL injection via the admin.php?mod=product&amp;act=state ...)
+CVE-2019-6707
 	NOT-FOR-US: PHPSHE
-CVE-2019-6706 (Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For ...)
+CVE-2019-6706
 	- lua5.3 <unfixed> (bug #920321)
 	[stretch] - lua5.3 <postponed> (Minor issue, revisit when fixed upstream)
 	- lua5.2 <not-affected> (Vulnerable code introduced later)
@@ -7236,10 +7267,10 @@ CVE-2019-6705
 	RESERVED
 CVE-2019-6704
 	RESERVED
-CVE-2019-6703 (Incorrect access control in migla_ajax_functions.php in the Calmar ...)
+CVE-2019-6703
 	NOT-FOR-US: Calmar Webmedia Total Donations plugin for WordPress
 CVE-2019-6702
-	RESERVED
+	TODO: check
 CVE-2019-6701
 	RESERVED
 CVE-2019-6700
@@ -7260,10 +7291,9 @@ CVE-2019-6693
 	RESERVED
 CVE-2019-6692
 	RESERVED
-CVE-2019-6691 (phpwind 9.0.2.170426 UTF8 allows SQL Injection via the ...)
+CVE-2019-6691
 	NOT-FOR-US: phpwind
 CVE-2019-6690 [improper input validation in gnupg.GPG.encrypt() and gnupg.GPG.decrypt()]
-	RESERVED
 	{DLA-1675-1}
 	- python-gnupg 0.4.4-1
 	[stretch] - python-gnupg <no-dsa> (Minor issue)
@@ -7446,31 +7476,31 @@ CVE-2019-6603
 	RESERVED
 CVE-2019-6602
 	RESERVED
-CVE-2019-6601 (In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, ...)
+CVE-2019-6601
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6600 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, ...)
+CVE-2019-6600
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6599 (In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager ...)
+CVE-2019-6599
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6598 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, ...)
+CVE-2019-6598
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6597 (In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or ...)
+CVE-2019-6597
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6596 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, ...)
+CVE-2019-6596
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6595 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy ...)
+CVE-2019-6595
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6594 (On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and ...)
+CVE-2019-6594
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6593 (On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server ...)
+CVE-2019-6593
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6592 (On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file ...)
+CVE-2019-6592
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6591 (On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to ...)
+CVE-2019-6591
 	NOT-FOR-US: BIG-IP
-CVE-2019-6590 (On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain ...)
+CVE-2019-6590
 	NOT-FOR-US: BIG-IP
-CVE-2019-6589 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and ...)
+CVE-2019-6589
 	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6588
 	RESERVED
@@ -7518,27 +7548,27 @@ CVE-2019-6567
 	RESERVED
 CVE-2019-6566
 	RESERVED
-CVE-2019-6565 (Moxa IKS and EDS fails to properly validate user input, giving ...)
+CVE-2019-6565
 	NOT-FOR-US: Moxa
 CVE-2019-6564
 	RESERVED
-CVE-2019-6563 (Moxa IKS and EDS generate a predictable cookie calculated with an MD5 ...)
+CVE-2019-6563
 	NOT-FOR-US: Moxa
 CVE-2019-6562
 	RESERVED
-CVE-2019-6561 (Cross-site request forgery has been identified in Moxa IKS and EDS, ...)
+CVE-2019-6561
 	NOT-FOR-US: Moxa
 CVE-2019-6560
 	RESERVED
-CVE-2019-6559 (Moxa IKS and EDS allow remote authenticated users to cause a denial of ...)
+CVE-2019-6559
 	NOT-FOR-US: Moxa
 CVE-2019-6558
 	RESERVED
-CVE-2019-6557 (Several buffer overflow vulnerabilities have been identified in Moxa ...)
+CVE-2019-6557
 	NOT-FOR-US: Moxa
 CVE-2019-6556
 	RESERVED
-CVE-2019-6555 (Cscape, 9.80 SP4 and prior. An improper input validation vulnerability ...)
+CVE-2019-6555
 	NOT-FOR-US: Cscape
 CVE-2019-6554
 	RESERVED
@@ -7546,43 +7576,43 @@ CVE-2019-6553
 	RESERVED
 CVE-2019-6552
 	RESERVED
-CVE-2019-6551 (Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior ...)
+CVE-2019-6551
 	NOT-FOR-US: Pangea Communications Internet FAX ATA
 CVE-2019-6550
 	RESERVED
-CVE-2019-6549 (An attacker could retrieve plain-text credentials stored in a XML file ...)
+CVE-2019-6549
 	NOT-FOR-US: PR100088 Modbus
 CVE-2019-6548
 	RESERVED
-CVE-2019-6547 (Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version ...)
+CVE-2019-6547
 	NOT-FOR-US: Delta Industrial Automation CNCSoft
 CVE-2019-6546
 	RESERVED
-CVE-2019-6545 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and ...)
+CVE-2019-6545
 	NOT-FOR-US: AVEVA
 CVE-2019-6544
 	RESERVED
-CVE-2019-6543 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and ...)
+CVE-2019-6543
 	NOT-FOR-US: AVEVA
 CVE-2019-6542
 	RESERVED
-CVE-2019-6541 (A memory corruption vulnerability has been identified in WECON ...)
+CVE-2019-6541
 	NOT-FOR-US: WECON
 CVE-2019-6540
 	RESERVED
-CVE-2019-6539 (Several heap-based buffer overflow vulnerabilities in WECON ...)
+CVE-2019-6539
 	NOT-FOR-US: WECON
 CVE-2019-6538
 	RESERVED
-CVE-2019-6537 (Multiple stack-based buffer overflow vulnerabilities in WECON ...)
+CVE-2019-6537
 	NOT-FOR-US: WECON
 CVE-2019-6536
 	RESERVED
-CVE-2019-6535 (Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and ...)
+CVE-2019-6535
 	NOT-FOR-US: Mitsubishi Electric MELSEC-Q Series PLCs
 CVE-2019-6534
 	RESERVED
-CVE-2019-6533 (Registers used to store Modbus values can be read and written from the ...)
+CVE-2019-6533
 	NOT-FOR-US: PR100088 Modbus
 CVE-2019-6532
 	RESERVED
@@ -7592,30 +7622,30 @@ CVE-2019-6530
 	RESERVED
 CVE-2019-6529
 	RESERVED
-CVE-2019-6528 (PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit ...)
+CVE-2019-6528
 	NOT-FOR-US: PSI GridConnect GmbH
-CVE-2019-6527 (PR100088 Modbus gateway versions prior to Release R02 (or Software ...)
+CVE-2019-6527
 	NOT-FOR-US: PR100088 Modbus
 CVE-2019-6526
 	RESERVED
 CVE-2019-6525
 	RESERVED
 	NOT-FOR-US: AVEVA Wonderware System Platform
-CVE-2019-6524 (Moxa IKS and EDS do not implement sufficient measures to prevent ...)
+CVE-2019-6524
 	NOT-FOR-US: Moxa
-CVE-2019-6523 (WebAccess/SCADA, Version 8.3. The software does not properly sanitize ...)
+CVE-2019-6523
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2019-6522 (Moxa IKS and EDS fails to properly check array bounds which may allow ...)
+CVE-2019-6522
 	NOT-FOR-US: Moxa
-CVE-2019-6521 (WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a ...)
+CVE-2019-6521
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2019-6520 (Moxa IKS and EDS does not properly check authority on server side, ...)
+CVE-2019-6520
 	NOT-FOR-US: Moxa
-CVE-2019-6519 (WebAccess/SCADA, Version 8.3. An improper authentication vulnerability ...)
+CVE-2019-6519
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2019-6518 (Moxa IKS and EDS store plaintext passwords, which may allow sensitive ...)
+CVE-2019-6518
 	NOT-FOR-US: Moxa
-CVE-2019-6517 (BD FACSLyric Research Use Only, Windows 10 Professional Operating ...)
+CVE-2019-6517
 	NOT-FOR-US: BD FACSLyric
 CVE-2019-6516
 	RESERVED
@@ -7629,38 +7659,37 @@ CVE-2019-6512
 	RESERVED
 CVE-2019-6511
 	RESERVED
-CVE-2019-6510 (An issue was discovered in creditease-sec insight through 2018-09-11. ...)
+CVE-2019-6510
 	NOT-FOR-US: creditease-sec
-CVE-2019-6509 (An issue was discovered in creditease-sec insight through 2018-09-11. ...)
+CVE-2019-6509
 	NOT-FOR-US: creditease-sec
-CVE-2019-6508 (An issue was discovered in creditease-sec insight through 2018-09-11. ...)
+CVE-2019-6508
 	NOT-FOR-US: creditease-sec
-CVE-2019-6507 (An issue was discovered in creditease-sec insight through 2018-09-11. ...)
+CVE-2019-6507
 	NOT-FOR-US: creditease-sec
 CVE-2019-6506
 	RESERVED
 CVE-2019-6505
 	RESERVED
-CVE-2019-6504 (Insufficient output sanitization in the Automic Web Interface (AWI), ...)
+CVE-2019-6504
 	NOT-FOR-US: CA Automic Workload Automation
-CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin v3.10.0. An ...)
+CVE-2019-6503
 	NOT-FOR-US: Chatopera cosin
-CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory ...)
+CVE-2019-6502
 	- opensc <unfixed> (unimportant)
 	NOTE: https://github.com/OpenSC/OpenSC/issues/1586
 	NOTE: Negligible security impact, assigning a CVE seems out of proportion...
-CVE-2019-1003004 (An improper authorization vulnerability exists in Jenkins 2.158 and ...)
+CVE-2019-1003004
 	NOT-FOR-US: Jenkins
-CVE-2019-1003003 (An improper authorization vulnerability exists in Jenkins 2.158 and ...)
+CVE-2019-1003003
 	NOT-FOR-US: Jenkins
-CVE-2019-1003002 (A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin ...)
+CVE-2019-1003002
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003001 (A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 ...)
+CVE-2019-1003001
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003000 (A sandbox bypass vulnerability exists in Script Security Plugin 2.49 ...)
+CVE-2019-1003000
 	NOT-FOR-US: Jenkins plugin
 CVE-2019-6501 [scsi-generic: possible OOB access while handling inquiry request]
-	RESERVED
 	- qemu 1:3.1+dfsg-3 (bug #920222)
 	[stretch] - qemu <not-affected> (vulnerable code introduced later)
 	[jessie] - qemu <not-affected> (vulnerable code introduced later)
@@ -7671,15 +7700,15 @@ CVE-2019-6501 [scsi-generic: possible OOB access while handling inquiry request]
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=e909ff93698851777faac3c45d03c1b73f311ea6
 	NOTE: Overflow introduced by https://git.qemu.org/?p=qemu.git;a=commit;h=a71c775b24,
 	NOTE: vulnerability not present prior 2.12.50
-CVE-2019-6500 (In Axway File Transfer Direct 2.7.1, an unauthenticated Directory ...)
+CVE-2019-6500
 	NOT-FOR-US: Axway File Transfer Direct
-CVE-2019-6499 (Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded ...)
+CVE-2019-6499
 	NOT-FOR-US: Teradata Viewpoint
-CVE-2019-6498 (GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in ...)
+CVE-2019-6498
 	NOT-FOR-US: GattLib
-CVE-2019-6497 (Hotels_Server through 2018-11-05 has SQL Injection via the ...)
+CVE-2019-6497
 	NOT-FOR-US: Hotels_Server
-CVE-2019-6496 (The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models ...)
+CVE-2019-6496
 	NOT-FOR-US: ThreadX-based firmware on Marvell Avastar Wi-Fi devices
 CVE-2019-6495
 	RESERVED
@@ -7693,15 +7722,15 @@ CVE-2019-6491
 	RESERVED
 CVE-2019-6490
 	RESERVED
-CVE-2019-6489 (Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before ...)
+CVE-2019-6489
 	NOT-FOR-US: Lexmark
-CVE-2019-6488 (The string component in the GNU C Library (aka glibc or libc6) through ...)
+CVE-2019-6488
 	- glibc 2.28-6 (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24097
 	NOTE: x32 not officially supported
-CVE-2019-6487 (TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 ...)
+CVE-2019-6487
 	NOT-FOR-US: TP-Link
-CVE-2019-6486 (Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 ...)
+CVE-2019-6486
 	{DSA-4380-1 DSA-4379-1 DLA-1664-1}
 	- golang-1.12 1.12~beta2-2 (bug #920548)
 	- golang-1.11 1.11.5-1
@@ -7712,15 +7741,15 @@ CVE-2019-6486 (Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-
 	NOTE: https://groups.google.com/forum/m/#!topic/golang-announce/mVeX35iXuSw
 	NOTE: https://golang.org/issue/29903
 	NOTE: https://github.com/golang/go/commit/42b42f71
-CVE-2019-6485 (Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build ...)
+CVE-2019-6485
 	NOT-FOR-US: Citrix
 CVE-2019-6484
 	RESERVED
-CVE-2019-6338 (In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and ...)
+CVE-2019-6338
 	{DSA-4370-1 DLA-1685-1}
 	- drupal7 <removed>
 	NOTE: https://www.drupal.org/sa-core-2019-001
-CVE-2019-6339 (In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and ...)
+CVE-2019-6339
 	{DSA-4370-1 DLA-1659-1}
 	- drupal7 <removed>
 	NOTE: https://www.drupal.org/sa-core-2019-002
@@ -7771,45 +7800,44 @@ CVE-2019-6464
 	RESERVED
 CVE-2019-6463
 	RESERVED
-CVE-2019-6462 (An issue was discovered in cairo 1.16.0. There is an infinite loop in ...)
+CVE-2019-6462
 	- cairo <unfixed> (low)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
 	[jessie] - cairo <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/353
-CVE-2019-6461 (An issue was discovered in cairo 1.16.0. There is an assertion problem ...)
+CVE-2019-6461
 	- cairo <unfixed> (low)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
 	[jessie] - cairo <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/352
-CVE-2019-6460 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer ...)
+CVE-2019-6460
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6459 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
+CVE-2019-6459
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6458 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
+CVE-2019-6458
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6457 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
+CVE-2019-6457
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6456 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer ...)
+CVE-2019-6456
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6455 (An issue was discovered in GNU Recutils 1.8. There is a double-free ...)
+CVE-2019-6455
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
 CVE-2019-6454 [systemd (PID1) crash with specially crafted D-Bus message]
-	RESERVED
 	{DSA-4393-1 DLA-1684-1}
 	- systemd 240-6
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/18/3
 	NOTE: https://github.com/systemd/systemd/commit/798ebaf9aea9b8ae3b8a0cc2702bc8de71acb3c6
 	NOTE: https://github.com/systemd/systemd/commit/6d586a13717ae057aa1b4127400c3de61cd5b9e7
 	NOTE: https://github.com/systemd/systemd/commit/f519a19bcd5afe674a9b8fc462cd77d8bad403c1
-CVE-2019-6453 (mIRC before 7.55 allows remote command execution by using argument ...)
+CVE-2019-6453
 	NOT-FOR-US: mIRC
 CVE-2019-6452
 	RESERVED
@@ -7821,9 +7849,9 @@ CVE-2019-6449
 	RESERVED
 CVE-2019-6448
 	RESERVED
-CVE-2019-6447 (The ES File Explorer File Manager application through 4.1.9.7.4 for ...)
+CVE-2019-6447
 	NOT-FOR-US: ES File Explorer File Manager application
-CVE-2019-6446 (** DISPUTED **  ...)
+CVE-2019-6446
 	- python-numpy 1:1.10.4-1
 	[jessie] - python-numpy <no-dsa> (Minor issue)
 	NOTE: https://github.com/numpy/numpy/issues/12759
@@ -7832,25 +7860,25 @@ CVE-2019-6446 (** DISPUTED **  ...)
 	NOTE: added support to disable use of picke in load/save, marking that as the fixed
 	NOTE: version. The use of that is at the discretion of anyone using numpy
 	NOTE: Further discussion at https://github.com/numpy/numpy/pull/12889
-CVE-2019-6445 (An issue was discovered in NTPsec before 1.1.3. An authenticated ...)
+CVE-2019-6445
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
 	NOTE: https://gitlab.com/NTPsec/ntpsec/issues/509
 	NOTE: https://gitlab.com/NTPsec/ntpsec/commit/acb2ecdcabad2ab42e9c6352999e174dd102eb3f
-CVE-2019-6444 (An issue was discovered in NTPsec before 1.1.3. process_control() in ...)
+CVE-2019-6444
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
-CVE-2019-6443 (An issue was discovered in NTPsec before 1.1.3. Because of a bug in ...)
+CVE-2019-6443
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
-CVE-2019-6442 (An issue was discovered in NTPsec before 1.1.3. An authenticated ...)
+CVE-2019-6442
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
 CVE-2019-6441
 	RESERVED
-CVE-2019-6440 (Zemana AntiMalware before 3.0.658 Beta mishandles update logic. ...)
+CVE-2019-6440
 	NOT-FOR-US: Zemana AntiMalware
-CVE-2019-6439 (examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through ...)
+CVE-2019-6439
 	- wolfssl <unfixed> (unimportant)
 	NOTE: https://github.com/wolfSSL/wolfssl/issues/2032
 	NOTE: Issue only in example code
-CVE-2019-6438 (SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit ...)
+CVE-2019-6438
 	- slurm-llnl 18.08.5.2-1 (low; bug #920997)
 	[stretch] - slurm-llnl <no-dsa> (Minor issue)
 	[jessie] - slurm-llnl <no-dsa> (Minor issue)
@@ -8050,7 +8078,7 @@ CVE-2019-6342
 	RESERVED
 CVE-2019-6341
 	RESERVED
-CVE-2019-6340 (Some field types do not properly sanitize data from non-form sources ...)
+CVE-2019-6340
 	- drupal7 <not-affected> (Drupal 7 core not affected)
 	NOTE: https://www.drupal.org/sa-core-2019-003
 CVE-2019-6337
@@ -8135,19 +8163,19 @@ CVE-2019-6298
 	RESERVED
 CVE-2019-6297
 	RESERVED
-CVE-2019-6296 (Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id ...)
+CVE-2019-6296
 	NOT-FOR-US: Cleanto
-CVE-2019-6295 (Cleanto 5.0 has SQL Injection via the ...)
+CVE-2019-6295
 	NOT-FOR-US: Cleanto
-CVE-2019-6294 (An issue was discovered in EasyCMS 1.5. There is CSRF via the ...)
+CVE-2019-6294
 	NOT-FOR-US: EasyCMS
-CVE-2019-6293 (An issue was discovered in the function mark_beginning_as_normal in ...)
+CVE-2019-6293
 	- flex <unfixed> (low; bug #919428)
 	[buster] - flex <no-dsa> (Minor issue)
 	[stretch] - flex <no-dsa> (Minor issue)
 	[jessie] - flex <no-dsa> (Minor issue)
 	NOTE: https://github.com/westes/flex/issues/414
-CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka ...)
+CVE-2019-6292
 	- yaml-cpp <unfixed> (low; bug #919430)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -8156,25 +8184,25 @@ CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka .
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/657
-CVE-2019-6291 (An issue was discovered in the function expr6 in eval.c in Netwide ...)
+CVE-2019-6291
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392549
 	NOTE: Crash in CLI tool, no security impact
-CVE-2019-6290 (An infinite recursion issue was discovered in eval.c in Netwide ...)
+CVE-2019-6290
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392548
 	NOTE: Crash in CLI tool, no security impact
-CVE-2019-6289 (uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows ...)
+CVE-2019-6289
 	NOT-FOR-US: DedeCMS
 CVE-2019-6288
 	RESERVED
 CVE-2019-6287
 	RESERVED
-CVE-2019-6286 (In LibSass 3.5.5, a heap-based buffer over-read exists in ...)
+CVE-2019-6286
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2815
-CVE-2019-6285 (The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka ...)
+CVE-2019-6285
 	- yaml-cpp <unfixed> (low; bug #919432)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -8183,11 +8211,11 @@ CVE-2019-6285 (The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/660
-CVE-2019-6284 (In LibSass 3.5.5, a heap-based buffer over-read exists in ...)
+CVE-2019-6284
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2816
-CVE-2019-6283 (In LibSass 3.5.5, a heap-based buffer over-read exists in ...)
+CVE-2019-6283
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2814
@@ -8199,7 +8227,7 @@ CVE-2019-6280
 	RESERVED
 CVE-2019-6279
 	RESERVED
-CVE-2019-6278 (XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with ...)
+CVE-2019-6278
 	NOT-FOR-US: JPress
 CVE-2019-6277
 	RESERVED
@@ -8221,29 +8249,29 @@ CVE-2019-6269
 	RESERVED
 CVE-2019-6268
 	RESERVED
-CVE-2019-6267 (The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for ...)
+CVE-2019-6267
 	NOT-FOR-US: Premium WP Suite Easy Redirect Manager plugin for WordPress
-CVE-2019-6266 (Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is ...)
+CVE-2019-6266
 	NOT-FOR-US: Cordaware bestinformed
-CVE-2019-6265 (The Scripting and AutoUpdate functionality in Cordaware bestinformed ...)
+CVE-2019-6265
 	NOT-FOR-US: Cordaware bestinformed
-CVE-2019-6264 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in ...)
+CVE-2019-6264
 	NOT-FOR-US: Joomla!
-CVE-2019-6263 (An issue was discovered in Joomla! before 3.9.2. Inadequate checks of ...)
+CVE-2019-6263
 	NOT-FOR-US: Joomla!
-CVE-2019-6262 (An issue was discovered in Joomla! before 3.9.2. Inadequate checks of ...)
+CVE-2019-6262
 	NOT-FOR-US: Joomla!
-CVE-2019-6261 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in ...)
+CVE-2019-6261
 	NOT-FOR-US: Joomla!
-CVE-2019-6260 (The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) ...)
+CVE-2019-6260
 	NOT-FOR-US: ASPEED
-CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL ...)
+CVE-2019-6259
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-6258
 	RESERVED
-CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder before ...)
+CVE-2019-6257
 	NOT-FOR-US: elFinder
-CVE-2019-6256 (A Denial of Service issue was discovered in the LIVE555 Streaming Media ...)
+CVE-2019-6256
 	{DSA-4408-1 DLA-1690-1}
 	- liblivemedia 2018.11.26-1 (bug #919529)
 	NOTE: https://github.com/rgaufman/live555/issues/19
@@ -8255,28 +8283,28 @@ CVE-2019-6253
 	RESERVED
 CVE-2019-6252
 	RESERVED
-CVE-2019-6251 (embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows ...)
+CVE-2019-6251
 	- epiphany-browser <unfixed> (unimportant)
 	NOTE: https://gitlab.gnome.org/GNOME/epiphany/issues/532
 	NOTE: Webkit not covered by security support
-CVE-2019-6249 (An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability ...)
+CVE-2019-6249
 	NOT-FOR-US: HuCart
-CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ ...)
+CVE-2019-6250
 	{DSA-4368-1}
 	- zeromq3 4.3.1-1 (bug #919098)
 	[jessie] - zeromq3 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/zeromq/libzmq/issues/3351
-CVE-2019-6248 (PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 ...)
+CVE-2019-6248
 	NOT-FOR-US: PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script
-CVE-2019-6247 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
+CVE-2019-6247
 	- svgpp <unfixed> (unimportant; bug #919321)
 	NOTE: https://github.com/svgpp/svgpp/issues/70
 	NOTE: Issue only in src:svgpp which does not call the AGG-API in correct way.
 	NOTE: No security impact, only used to build examples, see #921097
-CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the ...)
+CVE-2019-6246
 	- svgpp 1.2.3+dfsg1-5 (bug #919321)
 	NOTE: https://github.com/svgpp/svgpp/issues/70
-CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
+CVE-2019-6245
 	{DLA-1656-1}
 	- agg 1:2.4-r127+dfsg1-1 (low; bug #919322)
 	[stretch] - agg <no-dsa> (Minor issue)
@@ -8286,11 +8314,11 @@ CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used
 	NOTE: and possibly already fixed with the inclusion of 05-fix-recursion-crash.patch
 	NOTE: in 2.5+dfsg1-3.
 	NOTE: No security impact on svgpp, only used to build examples, see #921097
-CVE-2019-6244 (An issue was discovered in UsualToolCMS 8.0. ...)
+CVE-2019-6244
 	NOT-FOR-US: UsualToolCMS
-CVE-2019-6243 (Frog CMS 0.9.5 allows XSS via the forgot password page (aka the ...)
+CVE-2019-6243
 	NOT-FOR-US: Frog CMS
-CVE-2019-6242 (** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read ...)
+CVE-2019-6242
 	NOT-FOR-US: Kentico
 CVE-2019-6241
 	RESERVED
@@ -8306,86 +8334,86 @@ CVE-2019-6237
 	RESERVED
 CVE-2019-6236
 	RESERVED
-CVE-2019-6235 (A memory corruption issue was addressed with improved validation. This ...)
+CVE-2019-6235
 	NOT-FOR-US: Apple
-CVE-2019-6234 (A memory corruption issue was addressed with improved memory handling. ...)
+CVE-2019-6234
 	- webkit2gtk 2.22.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6233 (A memory corruption issue was addressed with improved memory handling. ...)
+CVE-2019-6233
 	- webkit2gtk 2.22.4-1 (unimportant)
 	NOTE: Not covered by security support
 CVE-2019-6232
 	RESERVED
-CVE-2019-6231 (An out-of-bounds read was addressed with improved bounds checking. ...)
+CVE-2019-6231
 	NOT-FOR-US: Apple
-CVE-2019-6230 (A memory initialization issue was addressed with improved memory ...)
+CVE-2019-6230
 	NOT-FOR-US: Apple
-CVE-2019-6229 (A logic issue was addressed with improved validation. This issue is ...)
+CVE-2019-6229
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6228 (A cross-site scripting issue existed in Safari. This issue was ...)
+CVE-2019-6228
 	NOT-FOR-US: Apple Safari
-CVE-2019-6227 (A memory corruption issue was addressed with improved memory handling. ...)
+CVE-2019-6227
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6226 (Multiple memory corruption issues were addressed with improved memory ...)
+CVE-2019-6226
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6225 (A memory corruption issue was addressed with improved validation. This ...)
+CVE-2019-6225
 	NOT-FOR-US: Apple
-CVE-2019-6224 (A buffer overflow issue was addressed with improved memory handling. ...)
+CVE-2019-6224
 	NOT-FOR-US: Apple
-CVE-2019-6223 (A logic issue existed in the handling of Group FaceTime calls. The ...)
+CVE-2019-6223
 	NOT-FOR-US: Apple
 CVE-2019-6222
 	RESERVED
-CVE-2019-6221 (An out-of-bounds read was addressed with improved bounds checking. ...)
+CVE-2019-6221
 	NOT-FOR-US: Apple
-CVE-2019-6220 (An out-of-bounds read was addressed with improved input validation. ...)
+CVE-2019-6220
 	NOT-FOR-US: Apple
-CVE-2019-6219 (A denial of service issue was addressed with improved validation. This ...)
+CVE-2019-6219
 	NOT-FOR-US: Apple
-CVE-2019-6218 (A memory corruption issue was addressed with improved input ...)
+CVE-2019-6218
 	NOT-FOR-US: Apple
-CVE-2019-6217 (Multiple memory corruption issues were addressed with improved memory ...)
+CVE-2019-6217
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6216 (Multiple memory corruption issues were addressed with improved memory ...)
+CVE-2019-6216
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6215 (A type confusion issue was addressed with improved memory handling. ...)
+CVE-2019-6215
 	- webkit2gtk 2.22.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6214 (A type confusion issue was addressed with improved memory handling. ...)
+CVE-2019-6214
 	NOT-FOR-US: Apple
-CVE-2019-6213 (A buffer overflow was addressed with improved bounds checking. This ...)
+CVE-2019-6213
 	NOT-FOR-US: Apple
-CVE-2019-6212 (Multiple memory corruption issues were addressed with improved memory ...)
+CVE-2019-6212
 	- webkit2gtk 2.22.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6211 (A memory corruption issue was addressed with improved state ...)
+CVE-2019-6211
 	NOT-FOR-US: Apple
-CVE-2019-6210 (A memory corruption issue was addressed with improved input ...)
+CVE-2019-6210
 	NOT-FOR-US: Apple
-CVE-2019-6209 (An out-of-bounds read issue existed that led to the disclosure of ...)
+CVE-2019-6209
 	NOT-FOR-US: Apple
-CVE-2019-6208 (A memory initialization issue was addressed with improved memory ...)
+CVE-2019-6208
 	NOT-FOR-US: Apple
 CVE-2019-6207
 	RESERVED
-CVE-2019-6206 (An issue existed with autofill resuming after it was canceled. The ...)
+CVE-2019-6206
 	NOT-FOR-US: autofill in iOS
-CVE-2019-6205 (A memory corruption issue was addressed with improved lock state ...)
+CVE-2019-6205
 	NOT-FOR-US: Apple
 CVE-2019-6204
 	RESERVED
 CVE-2019-6203
 	RESERVED
-CVE-2019-6202 (An out-of-bounds read was addressed with improved bounds checking. ...)
+CVE-2019-6202
 	NOT-FOR-US: Apple
 CVE-2019-6201
 	RESERVED
-CVE-2019-6200 (An out-of-bounds read was addressed with improved input validation. ...)
+CVE-2019-6200
 	NOT-FOR-US: Apple
 CVE-2019-6199
 	RESERVED
@@ -8487,7 +8515,7 @@ CVE-2019-6151
 	RESERVED
 CVE-2019-6150
 	RESERVED
-CVE-2019-6149 (An unquoted search path vulnerability was identified in Lenovo Dynamic ...)
+CVE-2019-6149
 	NOT-FOR-US: Lenovo
 CVE-2019-6148
 	RESERVED
@@ -8507,19 +8535,19 @@ CVE-2019-6141
 	RESERVED
 CVE-2019-6140
 	RESERVED
-CVE-2019-6139 (Forcepoint User ID (FUID) server versions up to 1.2 have a remote ...)
+CVE-2019-6139
 	NOT-FOR-US: Forcepoint User ID (FUID) server
-CVE-2019-6138 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc and ...)
+CVE-2019-6138
 	NOT-FOR-US: libIEC61850
-CVE-2019-6137 (An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in ...)
+CVE-2019-6137
 	NOT-FOR-US: lib60870
-CVE-2019-6136 (An issue has been found in libIEC61850 v1.3.1. ...)
+CVE-2019-6136
 	NOT-FOR-US: libIEC61850
-CVE-2019-6135 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc in ...)
+CVE-2019-6135
 	NOT-FOR-US: libIEC61850
 CVE-2019-6134
 	RESERVED
-CVE-2019-6133 (In PolicyKit (aka polkit) 0.115, the &quot;start time&quot; protection mechanism ...)
+CVE-2019-6133
 	{DLA-1644-1}
 	- policykit-1 0.105-25 (bug #918985)
 	[stretch] - policykit-1 <no-dsa> (Minor issue, kernel mitigation will land in next 4.9.x rebase)
@@ -8528,33 +8556,33 @@ CVE-2019-6133 (In PolicyKit (aka polkit) 0.115, the &quot;start time&quot; prote
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81
 	NOTE: Issue can be mitigated in kernel with
 	NOTE: https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf (landed in 4.9.150)
-CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in ...)
+CVE-2019-6132
 	NOT-FOR-US: Bento4
-CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack ...)
+CVE-2019-6131
 	- mupdf 1.14.0+ds1-3 (bug #918970)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700442
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b
-CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the ...)
+CVE-2019-6130
 	- mupdf 1.14.0+ds1-3 (bug #918971)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700446
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed
-CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...)
+CVE-2019-6129
 	- libpng1.6 <unfixed> (unimportant)
 	- libpng <removed> (unimportant)
 	NOTE: https://github.com/glennrp/libpng/issues/269
 	NOTE: Memory leak in CLI tool, no security impact
-CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory ...)
+CVE-2019-6128
 	- tiff 4.0.10-4 (bug #921157; unimportant)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2836
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/ae0bed1fe530a82faf2e9ea1775109dbf301a971
-CVE-2019-6127 (An issue was discovered in XiaoCms 20141229. It allows ...)
+CVE-2019-6127
 	NOT-FOR-US: XiaoCms
-CVE-2019-6126 (The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script ...)
+CVE-2019-6126
 	NOT-FOR-US: Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script
 CVE-2019-6125
 	RESERVED
@@ -8595,19 +8623,19 @@ CVE-2019-6113
 	RESERVED
 CVE-2019-6112
 	RESERVED
-CVE-2019-6111 (An issue was discovered in OpenSSH 7.9. Due to the scp implementation ...)
+CVE-2019-6111
 	{DSA-4387-2 DSA-4387-1}
 	- openssh 1:7.9p1-9 (bug #923486)
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
 	NOTE: https://github.com/openssh/openssh-portable/commit/391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
 	NOTE: https://github.com/openssh/openssh-portable/commit/3d896c157c722bc47adca51a58dca859225b5874
 	NOTE: For unstable partially fixed in 1:7.9p1-6, applied complete fix in 1:7.9p1-9.
-CVE-2019-6110 (In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output ...)
+CVE-2019-6110
 	- openssh <unfixed> (unimportant)
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
 	NOTE: Not considered a vulnerability by upstream, cf.
 	NOTE: https://lists.mindrot.org/pipermail/openssh-unix-dev/2019-January/037475.html
-CVE-2019-6109 (An issue was discovered in OpenSSH 7.9. Due to missing character ...)
+CVE-2019-6109
 	{DSA-4387-1}
 	- openssh 1:7.9p1-6 (bug #793412)
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
@@ -8981,39 +9009,39 @@ CVE-2019-5927
 	RESERVED
 CVE-2019-5926
 	RESERVED
-CVE-2019-5925 (Cross-site scripting vulnerability in Dradis Community Edition Dradis ...)
+CVE-2019-5925
 	NOT-FOR-US: Dradis
-CVE-2019-5924 (Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 ...)
+CVE-2019-5924
 	NOT-FOR-US: Smart Forms
-CVE-2019-5923 (Directory traversal vulnerability in iChain Insurance Wallet App for ...)
+CVE-2019-5923
 	NOT-FOR-US: iChain Insurance Wallet App for iOS
-CVE-2019-5922 (Untrusted search path vulnerability in The installer of Microsoft ...)
+CVE-2019-5922
 	NOT-FOR-US: Microsoft
-CVE-2019-5921 (Untrusted search path vulnerability in Windows 7 allows an attacker to ...)
+CVE-2019-5921
 	NOT-FOR-US: Microsoft Windows
-CVE-2019-5920 (Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and ...)
+CVE-2019-5920
 	NOT-FOR-US: FormCraft
-CVE-2019-5919 (An incomplete cryptography of the data store function by using hidden ...)
+CVE-2019-5919
 	NOT-FOR-US: Nablarch
-CVE-2019-5918 (Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML ...)
+CVE-2019-5918
 	NOT-FOR-US: Nablarch
-CVE-2019-5917 (azure-umqtt-c (available through GitHub prior to 2017 October 6) ...)
+CVE-2019-5917
 	NOT-FOR-US: azure-umqtt-c
-CVE-2019-5916 (Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and ...)
+CVE-2019-5916
 	NOT-FOR-US: POWER EGG
-CVE-2019-5915 (Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 ...)
+CVE-2019-5915
 	NOT-FOR-US: OpenAM (different from src:openam)
-CVE-2019-5914 (V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer ...)
+CVE-2019-5914
 	NOT-FOR-US: V20 PRO L-01J
-CVE-2019-5913 (Untrusted search path vulnerability in the installer of LHMelting ...)
+CVE-2019-5913
 	NOT-FOR-US: LHMelting
-CVE-2019-5912 (Untrusted search path vulnerability in the installer of UNARJ32.DLL ...)
+CVE-2019-5912
 	NOT-FOR-US: Some Windows installer
-CVE-2019-5911 (Untrusted search path vulnerability in the installer of UNLHA32.DLL ...)
+CVE-2019-5911
 	NOT-FOR-US: Some Windows installer
-CVE-2019-5910 (Directory traversal vulnerability in HOUSE GATE App for iOS 1.7.8 and ...)
+CVE-2019-5910
 	NOT-FOR-US: HOUSE GATE App for iOS
-CVE-2019-5909 (License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - ...)
+CVE-2019-5909
 	NOT-FOR-US: Yokogawa License Manager Service
 CVE-2019-5908
 	RESERVED
@@ -9045,9 +9073,9 @@ CVE-2019-5895
 	RESERVED
 CVE-2019-5894
 	RESERVED
-CVE-2019-5893 (Nelson Open Source ERP v6.3.1 allows SQL Injection via the ...)
+CVE-2019-5893
 	NOT-FOR-US: Nelson Open Source ERP
-CVE-2019-5892 (bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before ...)
+CVE-2019-5892
 	- frr <not-affected> (Fixed before initial upload)
 CVE-2019-5891
 	RESERVED
@@ -9057,16 +9085,16 @@ CVE-2019-5889
 	RESERVED
 CVE-2019-5888
 	RESERVED
-CVE-2019-5887 (An issue was discovered in ShopXO 1.2.0. In the UnlinkDir method of the ...)
+CVE-2019-5887
 	NOT-FOR-US: ShopXO
-CVE-2019-5886 (An issue was discovered in ShopXO 1.2.0. In the ...)
+CVE-2019-5886
 	NOT-FOR-US: ShopXO
 CVE-2019-5885 [Synapse: Derives macaroon_secret_key in a predictable way if none is specified]
 	RESERVED
 	- matrix-synapse 0.34.1.1-1
 	NOTE: https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/
 	NOTE: https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/
-CVE-2019-5884 (php/elFinder.class.php in elFinder before 2.1.45 leaks information if ...)
+CVE-2019-5884
 	NOT-FOR-US: elFinder
 CVE-2019-5883
 	RESERVED
@@ -9296,95 +9324,95 @@ CVE-2019-5784
 	RESERVED
 	{DSA-4395-1}
 	- chromium 72.0.3626.109-1
-CVE-2019-5783 (Missing URI encoding of untrusted input in DevTools in Google Chrome ...)
+CVE-2019-5783
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5782 (Incorrect optimization assumptions in V8 in Google Chrome prior to ...)
+CVE-2019-5782
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5781 (Incorrect handling of a confusable character in Omnibox in Google ...)
+CVE-2019-5781
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5780 (Insufficient restrictions on what can be done with Apple Events in ...)
+CVE-2019-5780
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5779 (Insufficient policy validation in ServiceWorker in Google Chrome prior ...)
+CVE-2019-5779
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5778 (A missing case for handling special schemes in permission request ...)
+CVE-2019-5778
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5777 (Incorrect handling of a confusable character in Omnibox in Google ...)
+CVE-2019-5777
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5776 (Incorrect handling of a confusable character in Omnibox in Google ...)
+CVE-2019-5776
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5775 (Incorrect handling of a confusable character in Omnibox in Google ...)
+CVE-2019-5775
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5774 (Omission of the .desktop filetype from the Safe Browsing checklist in ...)
+CVE-2019-5774
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5773 (Insufficient origin validation in IndexedDB in Google Chrome prior to ...)
+CVE-2019-5773
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5772 (Sharing of objects over calls into JavaScript runtime in PDFium in ...)
+CVE-2019-5772
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5771 (An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior ...)
+CVE-2019-5771
 	- chromium <not-affected> (chromium package does not build swiftshader)
-CVE-2019-5770 (Insufficient input validation in WebGL in Google Chrome prior to ...)
+CVE-2019-5770
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5769 (Incorrect handling of invalid end character position when front ...)
+CVE-2019-5769
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5768 (DevTools API not correctly gating on extension capability in DevTools ...)
+CVE-2019-5768
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5767 (Insufficient protection of permission UI in WebAPKs in Google Chrome ...)
+CVE-2019-5767
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5766 (Incorrect handling of origin taint checking in Canvas in Google Chrome ...)
+CVE-2019-5766
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5765 (An exposed debugging endpoint in the browser in Google Chrome on ...)
+CVE-2019-5765
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5764 (Incorrect pointer management in WebRTC in Google Chrome prior to ...)
+CVE-2019-5764
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5763 (Failure to check error conditions in V8 in Google Chrome prior to ...)
+CVE-2019-5763
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5762 (Inappropriate memory management when caching in PDFium in Google ...)
+CVE-2019-5762
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5761 (Incorrect object lifecycle management in SwiftShader in Google Chrome ...)
+CVE-2019-5761
 	- chromium <not-affected> (chromium package does not build swiftshader)
-CVE-2019-5760 (Insufficient checks of pointer validity in WebRTC in Google Chrome ...)
+CVE-2019-5760
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5759 (Incorrect lifetime handling in HTML select elements in Google Chrome ...)
+CVE-2019-5759
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5758 (Incorrect object lifecycle management in Blink in Google Chrome prior ...)
+CVE-2019-5758
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5757 (An incorrect object type assumption in SVG in Google Chrome prior to ...)
+CVE-2019-5757
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5756 (Inappropriate memory management when caching in PDFium in Google ...)
+CVE-2019-5756
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5755 (Incorrect handling of negative zero in V8 in Google Chrome prior to ...)
+CVE-2019-5755
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5754 (Implementation error in QUIC Networking in Google Chrome prior to ...)
+CVE-2019-5754
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5882 (Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are ...)
+CVE-2019-5882
 	- irssi 1.1.2-1 (bug #918865)
 	[stretch] - irssi <not-affected> (Vulnerable code not present)
 	[jessie] - irssi <not-affected> (Vulnerable code not present)
@@ -9402,9 +9430,9 @@ CVE-2019-5750
 	RESERVED
 CVE-2019-5749
 	RESERVED
-CVE-2019-5748 (In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might ...)
+CVE-2019-5748
 	NOT-FOR-US: Traccar Server
-CVE-2019-5747 (An issue was discovered in BusyBox through 1.30.0. An out of bounds ...)
+CVE-2019-5747
 	- busybox 1:1.30.1-2
 	[buster] - busxybox <not-affected> (Incomplete fix for CVE-2018-20679 did not reach buster)
 	[stretch] - busybox <not-affected> (Incomplete fix for CVE-2018-20679 not applied)
@@ -9437,10 +9465,10 @@ CVE-2019-5737 [Node.js: Slowloris HTTP Denial of Service with keep-alive]
 	- nodejs 10.15.2~dfsg-1 (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
 	NOTE: Nodejs not covered by security support
-CVE-2019-8308 (Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc ...)
+CVE-2019-8308
 	{DSA-4390-1}
 	- flatpak 1.2.3-1 (bug #922059)
-CVE-2019-5736 (runc through 1.0-rc6, as used in Docker before 18.09.2 and other ...)
+CVE-2019-5736
 	- lxc 1:3.1.0+really3.0.3-4 (bug #922169; unimportant)
 	- runc 1.0.0~rc6+dfsg1-2 (bug #922050)
 	[stretch] - runc <no-dsa> (Minor issue; no higher level users of runc in stretch; Can be fixed via point release)
@@ -9464,11 +9492,11 @@ CVE-2019-5729
 	RESERVED
 CVE-2019-5728
 	RESERVED
-CVE-2019-5727 (Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, ...)
+CVE-2019-5727
 	NOT-FOR-US: Splunk
 CVE-2019-5726
 	RESERVED
-CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary files via ...)
+CVE-2019-5725
 	NOT-FOR-US: qibosoft
 CVE-2019-5724
 	RESERVED
@@ -9476,7 +9504,7 @@ CVE-2019-5723
 	RESERVED
 CVE-2019-5722
 	RESERVED
-CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was ...)
+CVE-2019-5721
 	- wireshark 2.6.1-1
 	[stretch] - wireshark 2.6.3-1~deb9u1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -9485,16 +9513,16 @@ CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. Thi
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-05.html
 	NOTE: Fix for 2.4.x was a cherry pick of:
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=177962a5b4a05759b40fb6fc07a4a6eec306a9bf (2.5.1)
-CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a ...)
+CVE-2019-5720
 	- frontaccounting <removed>
-CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector ...)
+CVE-2019-5719
 	{DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5b02f2a9b8772d8814096f86c60a32889d61f2c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-04.html
-CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and ...)
+CVE-2019-5718
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -9502,14 +9530,14 @@ CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissect
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15373
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cd09cb5cfb673beca3cce20b1d6a9bc67a134ae1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-03.html
-CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector ...)
+CVE-2019-5717
 	{DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-02.html
-CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This ...)
+CVE-2019-5716
 	{DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
@@ -9604,19 +9632,19 @@ CVE-2019-5673
 	RESERVED
 CVE-2019-5672
 	RESERVED
-CVE-2019-5671 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2019-5671
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5670 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2019-5670
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5669 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2019-5669
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5668 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2019-5668
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5667 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2019-5667
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5666 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+CVE-2019-5666
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5665 (NVIDIA Windows GPU Display driver contains a vulnerability in the 3D ...)
+CVE-2019-5665
 	NOT-FOR-US: Nvidia drivers on Windows
 CVE-2019-5664
 	RESERVED
@@ -9714,7 +9742,7 @@ CVE-2019-5618
 	RESERVED
 CVE-2019-5617
 	RESERVED
-CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing electrical ...)
+CVE-2019-5616
 	NOT-FOR-US: CircuitWerkes Sicon-8
 CVE-2019-5615
 	RESERVED
@@ -9754,11 +9782,11 @@ CVE-2019-5598
 	RESERVED
 CVE-2019-5597
 	RESERVED
-CVE-2019-5596 (In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE ...)
+CVE-2019-5596
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:02.fd.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2019-5595 (In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, ...)
+CVE-2019-5595
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:01.syscall.asc
 	NOTE: kfreebsd not covered by security support
@@ -9968,13 +9996,13 @@ CVE-2019-5493
 	RESERVED
 CVE-2019-5492
 	RESERVED
-CVE-2019-5491 (Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 ...)
+CVE-2019-5491
 	NOT-FOR-US: Clustered Data ONTAP
 CVE-2019-5490
 	RESERVED
-CVE-2019-5488 (EARCLINK ESPCMS-P8 has SQL injection in the ...)
+CVE-2019-5488
 	NOT-FOR-US: EARCLINK ESPCMS-P8
-CVE-2019-5489 (The mincore() implementation in mm/mincore.c in the Linux kernel ...)
+CVE-2019-5489
 	- linux <unfixed>
 CVE-2019-5487
 	RESERVED
@@ -10123,15 +10151,15 @@ CVE-2019-5418 [File Content Disclosure in Action View]
 	- rails <unfixed> (bug #924520)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/5
 CVE-2019-5417
-	RESERVED
+	TODO: check
 CVE-2019-5416
-	RESERVED
+	TODO: check
 CVE-2019-5415
-	RESERVED
+	TODO: check
 CVE-2019-5414
-	RESERVED
+	TODO: check
 CVE-2019-5413
-	RESERVED
+	TODO: check
 CVE-2019-5412
 	RESERVED
 CVE-2019-5411
@@ -10332,11 +10360,11 @@ CVE-2019-5314
 	RESERVED
 CVE-2019-5313
 	RESERVED
-CVE-2019-5312 (An issue was discovered in weixin-java-tools v3.3.0. There is an XXE ...)
+CVE-2019-5312
 	NOT-FOR-US: weixin-java-tools
-CVE-2019-5311 (An issue was discovered in YUNUCMS V1.1.8. ...)
+CVE-2019-5311
 	NOT-FOR-US: YUNUCMS
-CVE-2019-5310 (YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because ...)
+CVE-2019-5310
 	NOT-FOR-US: YUNUCMS
 CVE-2019-5309
 	RESERVED
@@ -10918,7 +10946,7 @@ CVE-2019-5021
 	RESERVED
 CVE-2019-5020
 	RESERVED
-CVE-2019-5019 (A heap overflow vulnerability exists in the PowerPoint document ...)
+CVE-2019-5019
 	NOT-FOR-US: Rainbow PDF Office Server Document Converter
 CVE-2019-5018
 	RESERVED
@@ -10926,7 +10954,7 @@ CVE-2019-5017
 	RESERVED
 CVE-2019-5016
 	RESERVED
-CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS X ...)
+CVE-2019-5015
 	NOT-FOR-US: Apple
 CVE-2019-5014
 	RESERVED
@@ -10952,15 +10980,15 @@ CVE-2019-5010 [NULL pointer dereference using a specially crafted X509 certifica
 	NOTE: https://github.com/python/cpython/commit/be5de958e9052e322b0087c6dba81cdad0c3e031 (3.7.x)
 	NOTE: https://github.com/python/cpython/commit/216a4d83c3b72f4fdcd81b588dc3f42cc461739a (3.6.x)
 	NOTE: https://github.com/python/cpython/commit/06b15424b0dcacb1c551b2a36e739fffa8d0c595 (2.7.x)
-CVE-2019-5009 (Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the ...)
+CVE-2019-5009
 	NOT-FOR-US: Vtiger CRM
 CVE-2019-5008
 	RESERVED
-CVE-2019-5007 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on ...)
+CVE-2019-5007
 	NOT-FOR-US: Foxit Reader and PhantomPDF
-CVE-2019-5006 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on ...)
+CVE-2019-5006
 	NOT-FOR-US: Foxit Reader and PhantomPDF
-CVE-2019-5005 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on ...)
+CVE-2019-5005
 	NOT-FOR-US: Foxit Reader and PhantomPDF
 CVE-2019-5004
 	RESERVED
@@ -12844,15 +12872,15 @@ CVE-2019-4065
 	RESERVED
 CVE-2019-4064
 	RESERVED
-CVE-2019-4063 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition ...)
+CVE-2019-4063
 	NOT-FOR-US: IBM
 CVE-2019-4062
 	RESERVED
-CVE-2019-4061 (IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the ...)
+CVE-2019-4061
 	NOT-FOR-US: IBM
 CVE-2019-4060
 	RESERVED
-CVE-2019-4059 (IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently ...)
+CVE-2019-4059
 	NOT-FOR-US: IBM
 CVE-2019-4058
 	RESERVED
@@ -12890,11 +12918,11 @@ CVE-2019-4042
 	RESERVED
 CVE-2019-4041
 	RESERVED
-CVE-2019-4040 (IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. This ...)
+CVE-2019-4040
 	NOT-FOR-US: IBM
 CVE-2019-4039
 	RESERVED
-CVE-2019-4038 (IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to ...)
+CVE-2019-4038
 	NOT-FOR-US: IBM
 CVE-2019-4037
 	RESERVED
@@ -12902,21 +12930,21 @@ CVE-2019-4036
 	RESERVED
 CVE-2019-4035
 	RESERVED
-CVE-2019-4034 (IBM Content Navigator 3.0CD is could allow an attacker to execute ...)
+CVE-2019-4034
 	NOT-FOR-US: IBM
 CVE-2019-4033
 	RESERVED
-CVE-2019-4032 (IBM Financial Transaction Manager for Digital Payments for ...)
+CVE-2019-4032
 	NOT-FOR-US: IBM
 CVE-2019-4031
 	RESERVED
-CVE-2019-4030 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to ...)
+CVE-2019-4030
 	NOT-FOR-US: IBM
-CVE-2019-4029 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to ...)
+CVE-2019-4029
 	NOT-FOR-US: IBM
-CVE-2019-4028 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to ...)
+CVE-2019-4028
 	NOT-FOR-US: IBM
-CVE-2019-4027 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to ...)
+CVE-2019-4027
 	NOT-FOR-US: IBM
 CVE-2019-4026
 	RESERVED
@@ -12938,9 +12966,9 @@ CVE-2019-4018
 	RESERVED
 CVE-2019-4017
 	RESERVED
-CVE-2019-4016 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2019-4016
 	NOT-FOR-US: IBM
-CVE-2019-4015 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+CVE-2019-4015
 	NOT-FOR-US: IBM
 CVE-2019-4014
 	RESERVED
@@ -12954,7 +12982,7 @@ CVE-2019-4010
 	RESERVED
 CVE-2019-4009
 	RESERVED
-CVE-2019-4008 (API Connect V2018.1 through 2018.4.1.1 is impacted by access token ...)
+CVE-2019-4008
 	NOT-FOR-US: IBM
 CVE-2019-4007
 	RESERVED
@@ -13122,21 +13150,21 @@ CVE-2019-3926
 	RESERVED
 CVE-2019-3925
 	RESERVED
-CVE-2019-3924 (MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is ...)
+CVE-2019-3924
 	NOT-FOR-US: MikroTik
-CVE-2019-3923 (Nessus versions 8.2.1 and earlier were found to contain a stored XSS ...)
+CVE-2019-3923
 	NOT-FOR-US: Nessus
-CVE-2019-3922 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version ...)
+CVE-2019-3922
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3921 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version ...)
+CVE-2019-3921
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3920 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version ...)
+CVE-2019-3920
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3919 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version ...)
+CVE-2019-3919
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3918 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version ...)
+CVE-2019-3918
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3917 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version ...)
+CVE-2019-3917
 	NOT-FOR-US: Alcatel Lucent
 CVE-2019-3916
 	RESERVED
@@ -13144,23 +13172,23 @@ CVE-2019-3915
 	RESERVED
 CVE-2019-3914
 	RESERVED
-CVE-2019-3913 (Command manipulation in LabKey Server Community Edition before ...)
+CVE-2019-3913
 	NOT-FOR-US: LabKey Server
-CVE-2019-3912 (An open redirect vulnerability in LabKey Server Community Edition ...)
+CVE-2019-3912
 	NOT-FOR-US: LabKey Server
-CVE-2019-3911 (Reflected cross-site scripting (XSS) vulnerability in LabKey Server ...)
+CVE-2019-3911
 	NOT-FOR-US: LabKey Server
-CVE-2019-3910 (Crestron AM-100 before firmware version 1.6.0.2 contains an ...)
+CVE-2019-3910
 	NOT-FOR-US: Creston
-CVE-2019-3909 (Premisys Identicard version 3.1.190 database uses default credentials. ...)
+CVE-2019-3909
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3908 (Premisys Identicard version 3.1.190 stores backup files as encrypted ...)
+CVE-2019-3908
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3907 (Premisys Identicard version 3.1.190 stores user credentials and other ...)
+CVE-2019-3907
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3906 (Premisys Identicard version 3.1.190 contains hardcoded credentials in ...)
+CVE-2019-3906
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3905 (Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. ...)
+CVE-2019-3905
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
 CVE-2019-3904
 	RESERVED
@@ -13338,7 +13366,7 @@ CVE-2019-3835
 	RESERVED
 CVE-2019-3834
 	RESERVED
-CVE-2019-3833 (Openwsman, versions up to and including 2.6.9, are vulnerable to ...)
+CVE-2019-3833
 	- openwsman <itp> (bug #754501)
 CVE-2019-3832 [incomplete fix for CVE-2018-19758]
 	RESERVED
@@ -13374,24 +13402,24 @@ CVE-2019-3826 [Stored DOM cross-site scripting (XSS) attack via crafted URL]
 	- prometheus 2.7.1+ds-1 (bug #921615)
 	[stretch] - prometheus <not-affected> (Only affects 2.1.0 onwards)
 	NOTE: https://github.com/prometheus/prometheus/pull/5163
-CVE-2019-3825 (A vulnerability was discovered in gdm before 3.31.4. When timed login ...)
+CVE-2019-3825
 	- gdm3 3.30.2-3 (low; bug #921764)
 	[stretch] - gdm3 <no-dsa> (Minor issue)
 	[jessie] - gdm3 <ignored> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/460
-CVE-2019-3824 (A flaw was found in the way an LDAP search expression could crash the ...)
+CVE-2019-3824
 	{DSA-4397-1 DLA-1699-1}
 	- ldb 2:1.5.1+really1.4.3-2
 	- samba <unfixed> (unimportant)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13773
 	NOTE: Samba uses the System ldb library
-CVE-2019-3823 (libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap ...)
+CVE-2019-3823
 	{DSA-4386-1 DLA-1672-1}
 	- curl 7.64.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2019-3823.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/39df4073e5413fcdbb5a38da0c1ce6f1c0ceb484
 	NOTE: Introduced by: https://github.com/curl/curl/commit/2766262a68688c1dd8143f9c4be84b46c408b70a
-CVE-2019-3822 (libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a ...)
+CVE-2019-3822
 	{DSA-4386-1 DLA-1672-1}
 	- curl 7.64.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2019-3822.html
@@ -13402,23 +13430,23 @@ CVE-2019-3821 [Resource exhaustion via TCP connection to port serving the SSL en
 	- ceph <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1656852
 	NOTE: https://github.com/ceph/civetweb/pull/33
-CVE-2019-3820 (It was discovered that the gnome-shell lock screen since version ...)
+CVE-2019-3820
 	- gnome-shell 3.30.2-3 (bug #921490)
 	[jessie] - gnome-shell <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://bugzilla.gnome.org/show_bug.cgi?id=745039
 	NOTE: Introduced by: https://gitlab.gnome.org/GNOME/gnome-shell/commit/c79d24b60e773262091023feb6ee1b3deef1c471
 	NOTE: Upstream issue: https://gitlab.gnome.org/GNOME/gnome-shell/issues/851
-CVE-2019-3819 (A flaw was found in the Linux kernel in the function ...)
+CVE-2019-3819
 	- linux 4.19.20-1
 	NOTE: Proposed patch: https://marc.info/?l=linux-input&m=154841031101012&w=2
-CVE-2019-3818 (The kube-rbac-proxy container before version 0.4.1 as used in Red Hat ...)
+CVE-2019-3818
 	NOT-FOR-US: kube-rbac-proxy
 CVE-2019-3817
 	RESERVED
 	NOT-FOR-US: libcomps
-CVE-2019-3816 (Openwsman, versions up to and including 2.6.9, are vulnerable to ...)
+CVE-2019-3816
 	- openwsman <itp> (bug #754501)
-CVE-2019-3815 (A memory leak was discovered in the backport of fixes for ...)
+CVE-2019-3815
 	{DLA-1711-1}
 	- systemd <not-affected> (This only affected backports to older suites, not the version in sid)
 	[stretch] - systemd 232-25+deb9u8
@@ -13430,19 +13458,19 @@ CVE-2019-3814 [Suitable client certificate can be used to login as other user]
 	{DSA-4385-1 DLA-1667-1}
 	- dovecot 1:2.3.4.1-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/05/1
-CVE-2019-3813 (Spice, versions 0.5.2 through 0.14.1, are vulnerable to an ...)
+CVE-2019-3813
 	{DSA-4375-1 DLA-1649-1}
 	- spice 0.14.0-1.3 (bug #920762)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/28/2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665371
-CVE-2019-3812 (QEMU, through version 2.10 and through version 3.1.0, is vulnerable to ...)
+CVE-2019-3812
 	- qemu 1:3.1+dfsg-5 (bug #922635)
 	[jessie] - qemu <not-affected> (vulnerable code introduced later)
 	- qemu-kvm <removed>
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b05b267840515730dbf6753495d5b7bd8b04ad1c
 	NOTE: vulnerable code not present prior 2.6.50, introduced in
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=78c71af8049c40657b646d9dd722867fa15c0f1b
-CVE-2019-3811 (A vulnerability was found in sssd. If a user was configured with no ...)
+CVE-2019-3811
 	{DLA-1635-1}
 	- sssd <unfixed> (bug #919051)
 	NOTE: Upstream ticket: https://pagure.io/SSSD/sssd/issue/3901
@@ -13464,12 +13492,12 @@ CVE-2019-3808
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=381228#p1536765
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64395
-CVE-2019-3807 (An issue has been found in PowerDNS Recursor versions 4.1.x before ...)
+CVE-2019-3807
 	- pdns-recursor 4.1.9-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html
-CVE-2019-3806 (An issue has been found in PowerDNS Recursor versions after 4.1.3 ...)
+CVE-2019-3806
 	- pdns-recursor 4.1.9-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
@@ -13481,7 +13509,7 @@ CVE-2019-3804 [Crash when parsing invalid base64 headers]
 	- cockpit 184-1
 	NOTE: https://github.com/cockpit-project/cockpit/pull/10819
 	NOTE: https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12
-CVE-2019-3803 (Pivotal Concourse, all versions prior to 4.2.2, puts the user access ...)
+CVE-2019-3803
 	NOT-FOR-US: Pivotal Concourse
 CVE-2019-3802
 	RESERVED
@@ -13517,33 +13545,33 @@ CVE-2019-3787
 	RESERVED
 CVE-2019-3786
 	RESERVED
-CVE-2019-3785 (Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an ...)
+CVE-2019-3785
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure ...)
+CVE-2019-3784
 	NOT-FOR-US: Cloud Foundry Stratos
-CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public ...)
+CVE-2019-3783
 	NOT-FOR-US: Cloud Foundry Stratos
-CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently ...)
+CVE-2019-3782
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes ...)
+CVE-2019-3781
 	NOT-FOR-US: Cloud Foundry CLI
-CVE-2019-3780 (Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s ...)
+CVE-2019-3780
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3779 (Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys ...)
+CVE-2019-3779
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3778 (Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to ...)
+CVE-2019-3778
 	TODO: check
-CVE-2019-3777 (Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, ...)
+CVE-2019-3777
 	NOT-FOR-US: Pivotal
-CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x ...)
+CVE-2019-3776
 	NOT-FOR-US: Pivotal
-CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to update ...)
+CVE-2019-3775
 	NOT-FOR-US: Cloud Foundry UAA
-CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported ...)
+CVE-2019-3774
 	NOT-FOR-US: Spring Batch
-CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported ...)
+CVE-2019-3773
 	NOT-FOR-US: Spring Web Services
-CVE-2019-3772 (Spring Integration (spring-integration-xml and spring-integration-ws ...)
+CVE-2019-3772
 	NOT-FOR-US: Spring Integration
 CVE-2019-3771
 	RESERVED
@@ -13655,17 +13683,17 @@ CVE-2019-3718
 	RESERVED
 CVE-2019-3717
 	RESERVED
-CVE-2019-3716 (RSA Archer versions, prior to 6.5 SP2, contain an information exposure ...)
+CVE-2019-3716
 	NOT-FOR-US: RSA
-CVE-2019-3715 (RSA Archer versions, prior to 6.5 SP1, contain an information exposure ...)
+CVE-2019-3715
 	NOT-FOR-US: RSA
 CVE-2019-3714
 	RESERVED
 CVE-2019-3713
 	RESERVED
-CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ...)
+CVE-2019-3712
 	NOT-FOR-US: Dell
-CVE-2019-3711 (RSA Authentication Manager versions prior to 8.4 P1 contain an ...)
+CVE-2019-3711
 	NOT-FOR-US: RSA
 CVE-2019-3710
 	RESERVED
@@ -13679,13 +13707,13 @@ CVE-2019-3706
 	RESERVED
 CVE-2019-3705
 	RESERVED
-CVE-2019-3704 (VNX Control Station in Dell EMC VNX2 OE for File versions prior to ...)
+CVE-2019-3704
 	NOT-FOR-US: EMC
 CVE-2019-3703
 	RESERVED
 CVE-2019-3702
 	RESERVED
-CVE-2019-3701 (An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux ...)
+CVE-2019-3701
 	- linux 4.19.20-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1120386
 	NOTE: https://marc.info/?l=linux-netdev&m=154651842302479&w=2
@@ -13859,7 +13887,7 @@ CVE-2019-3617
 	RESERVED
 CVE-2019-3616
 	RESERVED
-CVE-2019-3615 (Data Leakage Attacks vulnerability in the web interface in McAfee ...)
+CVE-2019-3615
 	NOT-FOR-US: McAfee
 CVE-2019-3614
 	RESERVED
@@ -13869,7 +13897,7 @@ CVE-2019-3612
 	RESERVED
 CVE-2019-3611
 	RESERVED
-CVE-2019-3610 (Data Leakage Attacks vulnerability in Microsoft Windows client in ...)
+CVE-2019-3610
 	NOT-FOR-US: McAfee True Key
 CVE-2019-3609
 	RESERVED
@@ -13881,7 +13909,7 @@ CVE-2019-3606
 	RESERVED
 CVE-2019-3605
 	RESERVED
-CVE-2019-3604 (Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) ...)
+CVE-2019-3604
 	NOT-FOR-US: McAfee
 CVE-2019-3603
 	RESERVED
@@ -13891,9 +13919,9 @@ CVE-2019-3601
 	RESERVED
 CVE-2019-3600
 	RESERVED
-CVE-2019-3599 (Information Disclosure vulnerability in Remote logging (which is ...)
+CVE-2019-3599
 	NOT-FOR-US: McAfee Agent
-CVE-2019-3598 (Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x ...)
+CVE-2019-3598
 	NOT-FOR-US: McAfee Agent
 CVE-2019-3597
 	RESERVED
@@ -13903,7 +13931,7 @@ CVE-2019-3595
 	RESERVED
 CVE-2019-3594
 	RESERVED
-CVE-2019-3593 (Exploitation of Privilege/Trust vulnerability in Microsoft Windows ...)
+CVE-2019-3593
 	NOT-FOR-US: McAfee
 CVE-2019-3592
 	RESERVED
@@ -13915,45 +13943,45 @@ CVE-2019-3589
 	RESERVED
 CVE-2019-3588
 	RESERVED
-CVE-2019-3587 (DLL Search Order Hijacking vulnerability in Microsoft Windows client ...)
+CVE-2019-3587
 	NOT-FOR-US: McAfee
 CVE-2019-3586
 	RESERVED
 CVE-2019-3585
 	RESERVED
-CVE-2019-3584 (Exploitation of Authentication vulnerability in MVision Endpoint in ...)
+CVE-2019-3584
 	NOT-FOR-US: McAfee
 CVE-2019-3583
 	RESERVED
-CVE-2019-3582 (Privilege Escalation vulnerability in Microsoft Windows client in ...)
+CVE-2019-3582
 	NOT-FOR-US: McAfee
-CVE-2019-3581 (Improper input validation in the proxy component of McAfee Web Gateway ...)
+CVE-2019-3581
 	NOT-FOR-US: McAfee
-CVE-2019-3580 (OpenRefine through 3.1 allows arbitrary file write because Directory ...)
+CVE-2019-3580
 	NOT-FOR-US: OpenRefine
 CVE-2019-3579
 	RESERVED
 CVE-2019-3578
 	RESERVED
-CVE-2019-3577 (An issue was discovered in Waimai Super Cms 20150505. ...)
+CVE-2019-3577
 	NOT-FOR-US: Waimai Super Cms
-CVE-2019-3576 (inxedu through 2018-12-24 has a SQL Injection vulnerability that can ...)
+CVE-2019-3576
 	NOT-FOR-US: inxedu
-CVE-2019-3575 (Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary ...)
+CVE-2019-3575
 	NOT-FOR-US: Sqla_yaml_fixtures
-CVE-2019-3574 (In libsixel v1.8.2, there is a heap-based buffer over-read in the ...)
+CVE-2019-3574
 	- libsixel <unfixed> (low; bug #922460)
 	[buster] - libsixel <no-dsa> (Minor issue)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <no-dsa> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/83
-CVE-2019-3573 (In libsixel v1.8.2, there is an infinite loop in the function ...)
+CVE-2019-3573
 	- libsixel <unfixed> (low; bug #922460)
 	[buster] - libsixel <no-dsa> (Minor issue)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <postponed> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/83
-CVE-2019-3572 (An issue was discovered in libming 0.4.8. There is a heap-based buffer ...)
+CVE-2019-3572
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/169
 CVE-2019-3571
@@ -13984,13 +14012,13 @@ CVE-2019-3559
 	RESERVED
 CVE-2019-3558
 	RESERVED
-CVE-2019-3557 (The implementations of streams for bz2 and php://output improperly ...)
+CVE-2019-3557
 	- hhvm <removed>
 CVE-2019-3556
 	RESERVED
 CVE-2019-3555
 	RESERVED
-CVE-2019-3554 (Wangle's AcceptRoutingHandler incorrectly casts a socket when ...)
+CVE-2019-3554
 	NOT-FOR-US: Facebook Wangle
 CVE-2019-3553
 	RESERVED
@@ -14096,9 +14124,9 @@ CVE-2019-3503
 	RESERVED
 CVE-2019-3502
 	RESERVED
-CVE-2019-3501 (The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted ...)
+CVE-2019-3501
 	NOT-FOR-US: OUGC Awards plugin for MyBB
-CVE-2019-3500 (aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic ...)
+CVE-2019-3500
 	{DLA-1636-1}
 	- aria2 1.34.0-4 (low; bug #918058)
 	[stretch] - aria2 <no-dsa> (Minor issue)
@@ -14107,19 +14135,19 @@ CVE-2019-3500 (aria2c in aria2 1.33.1, when --log is used, can store an HTTP Bas
 	NOTE: https://github.com/aria2/aria2/commit/37368130ca7de5491a75fd18a20c5c5cc641824a
 CVE-2019-3499
 	RESERVED
-CVE-2019-3498 (In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before ...)
+CVE-2019-3498
 	{DSA-4363-1 DLA-1629-1}
 	- python-django 1:1.11.18-1 (bug #918230)
 	NOTE: https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
 	NOTE: https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a (1.11.x)
 	NOTE: https://github.com/django/django/commit/64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b (2.1.x)
 CVE-2019-3497
-	RESERVED
+	TODO: check
 CVE-2019-3496
-	RESERVED
+	TODO: check
 CVE-2019-3495
-	RESERVED
-CVE-2019-3494 (Simply-Blog through 2019-01-01 has SQL Injection via the ...)
+	TODO: check
+CVE-2019-3494
 	NOT-FOR-US: Simply-Blog
 CVE-2019-3493
 	RESERVED
@@ -14157,9 +14185,9 @@ CVE-2019-3477
 	RESERVED
 CVE-2019-3476
 	RESERVED
-CVE-2019-3475 (A local privilege escalation vulnerability in the famtd component of ...)
+CVE-2019-3475
 	NOT-FOR-US: Micro Focus Filr
-CVE-2019-3474 (A path traversal vulnerability in the web application component of ...)
+CVE-2019-3474
 	NOT-FOR-US: Micro Focus Filr
 CVE-2019-3473
 	RESERVED
@@ -14179,18 +14207,18 @@ CVE-2019-3466
 	RESERVED
 CVE-2019-3465
 	RESERVED
-CVE-2019-3464 (Insufficient sanitization of environment variables passed to rsync can ...)
+CVE-2019-3464
 	{DSA-4382-1 DLA-1660-1}
 	- rssh 2.3.4-10
-CVE-2019-3463 (Insufficient sanitization of arguments passed to rsync can bypass the ...)
+CVE-2019-3463
 	{DSA-4382-1 DLA-1660-1}
 	- rssh 2.3.4-10
-CVE-2019-3462 (Incorrect sanitation of the 302 redirect field in HTTP transport ...)
+CVE-2019-3462
 	{DSA-4371-1 DLA-1637-1}
 	- apt 1.8.0~alpha3.1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353
 	NOTE: https://justi.cz/security/2019/01/22/apt-rce.html
-CVE-2019-3461 (Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a ...)
+CVE-2019-3461
 	{DSA-4365-1 DLA-1640-1}
 	- tmpreaper 1.6.14 (bug #918956)
 CVE-2019-3460 [Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp]
@@ -16007,104 +16035,104 @@ CVE-2019-2558
 	RESERVED
 CVE-2019-2557
 	RESERVED
-CVE-2019-2556 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2556
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2555 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2555
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2554 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2554
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2553 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2553
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2552 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2552
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 CVE-2019-2551
 	RESERVED
-CVE-2019-2550 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of ...)
+CVE-2019-2550
 	NOT-FOR-US: Oracle
-CVE-2019-2549 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of ...)
+CVE-2019-2549
 	NOT-FOR-US: Oracle
-CVE-2019-2548 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2548
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2547 (Vulnerability in the Java VM component of Oracle Database Server. ...)
+CVE-2019-2547
 	NOT-FOR-US: Oracle
-CVE-2019-2546 (Vulnerability in the Oracle Applications Manager component of Oracle ...)
+CVE-2019-2546
 	NOT-FOR-US: Oracle
-CVE-2019-2545 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems ...)
+CVE-2019-2545
 	NOT-FOR-US: Oracle
-CVE-2019-2544 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems ...)
+CVE-2019-2544
 	NOT-FOR-US: Oracle
-CVE-2019-2543 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems ...)
+CVE-2019-2543
 	NOT-FOR-US: Oracle
 CVE-2019-2542
 	RESERVED
-CVE-2019-2541 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems ...)
+CVE-2019-2541
 	NOT-FOR-US: Oracle
-CVE-2019-2540 (Vulnerability in the Java Advanced Management Console component of ...)
+CVE-2019-2540
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2019-2539 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2539
 	- mysql-5.7 <not-affected> (Specific to 8.x)
-CVE-2019-2538 (Vulnerability in the Oracle Managed File Transfer component of Oracle ...)
+CVE-2019-2538
 	NOT-FOR-US: Oracle
-CVE-2019-2537 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2537
 	{DLA-1655-1}
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.3 1:10.3.13-1 (bug #920933)
 	- mariadb-10.1 <removed>
 	- mariadb-10.0 <removed>
 	NOTE: Fixed in MariaDB: 10.3.13, 10.1.38, 10.0.38
-CVE-2019-2536 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2536
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2535 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2535
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2534 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2534
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2533 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2533
 	- mysql-5.7 <not-affected> (Specific to 8.x)
-CVE-2019-2532 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2532
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2531 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2531
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2530 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2530
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2529 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2529
 	{DLA-1655-1}
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.1 <removed>
 	- mariadb-10.0 <removed>
 	NOTE: Fixed in MariaDB: 10.1.38, 10.0.38
-CVE-2019-2528 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2528
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2527 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2527
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2526 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2526
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2525 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2525
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2524 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2524
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2523 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2523
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2522 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2522
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2521 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2521
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2520 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2520
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2519 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement component ...)
+CVE-2019-2519
 	NOT-FOR-US: Oracle
 CVE-2019-2518
 	RESERVED
@@ -16116,267 +16144,267 @@ CVE-2019-2515
 	RESERVED
 CVE-2019-2514
 	RESERVED
-CVE-2019-2513 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2513
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2512 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+CVE-2019-2512
 	NOT-FOR-US: Oracle
-CVE-2019-2511 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2511
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2510 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2510
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.3 1:10.3.13-1 (bug #920933)
 	NOTE: Fixed in MariaDB: 10.3.13
-CVE-2019-2509 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2509
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2508 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2508
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2507 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2507
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2506 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2506
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2505 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2505
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2504 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2504
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2503 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2503
 	{DLA-1570-1}
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.0 <removed>
 	NOTE: Fixed in MariaDB: 10.0.37
-CVE-2019-2502 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2502
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2501 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2501
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2500 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2500
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2499 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2499
 	NOT-FOR-US: Oracle
-CVE-2019-2498 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2019-2498
 	NOT-FOR-US: Oracle
-CVE-2019-2497 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2019-2497
 	NOT-FOR-US: Oracle
-CVE-2019-2496 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2019-2496
 	NOT-FOR-US: Oracle
-CVE-2019-2495 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2495
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2494 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2494
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2493 (Vulnerability in the PeopleSoft Enterprise CS Campus Community ...)
+CVE-2019-2493
 	NOT-FOR-US: Oracle
-CVE-2019-2492 (Vulnerability in the Oracle Email Center component of Oracle ...)
+CVE-2019-2492
 	NOT-FOR-US: Oracle
-CVE-2019-2491 (Vulnerability in the Oracle Email Center component of Oracle ...)
+CVE-2019-2491
 	NOT-FOR-US: Oracle
-CVE-2019-2490 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2490
 	NOT-FOR-US: Oracle
-CVE-2019-2489 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+CVE-2019-2489
 	NOT-FOR-US: Oracle
-CVE-2019-2488 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2019-2488
 	NOT-FOR-US: Oracle
-CVE-2019-2487 (Vulnerability in the Oracle Transportation Management component of ...)
+CVE-2019-2487
 	NOT-FOR-US: Oracle
-CVE-2019-2486 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2486
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2485 (Vulnerability in the Oracle Mobile Field Service component of Oracle ...)
+CVE-2019-2485
 	NOT-FOR-US: Oracle
 CVE-2019-2484
 	RESERVED
 CVE-2019-2483
 	RESERVED
-CVE-2019-2482 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2482
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2481 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2481
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2480 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2480
 	NOT-FOR-US: Oracle
-CVE-2019-2479 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2479
 	NOT-FOR-US: Oracle
-CVE-2019-2478 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2478
 	NOT-FOR-US: Oracle
-CVE-2019-2477 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2477
 	NOT-FOR-US: Oracle
-CVE-2019-2476 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2476
 	NOT-FOR-US: Oracle
-CVE-2019-2475 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2475
 	NOT-FOR-US: Oracle
-CVE-2019-2474 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2474
 	NOT-FOR-US: Oracle
-CVE-2019-2473 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2473
 	NOT-FOR-US: Oracle
-CVE-2019-2472 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2472
 	NOT-FOR-US: Oracle
-CVE-2019-2471 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2471
 	NOT-FOR-US: Oracle
-CVE-2019-2470 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2019-2470
 	NOT-FOR-US: Oracle
-CVE-2019-2469 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2469
 	NOT-FOR-US: Oracle
-CVE-2019-2468 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2468
 	NOT-FOR-US: Oracle
-CVE-2019-2467 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2467
 	NOT-FOR-US: Oracle
-CVE-2019-2466 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2466
 	NOT-FOR-US: Oracle
-CVE-2019-2465 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2465
 	NOT-FOR-US: Oracle
-CVE-2019-2464 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2464
 	NOT-FOR-US: Oracle
-CVE-2019-2463 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2463
 	NOT-FOR-US: Oracle
-CVE-2019-2462 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2462
 	NOT-FOR-US: Oracle
-CVE-2019-2461 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2461
 	NOT-FOR-US: Oracle
-CVE-2019-2460 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2460
 	NOT-FOR-US: Oracle
-CVE-2019-2459 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2459
 	NOT-FOR-US: Oracle
-CVE-2019-2458 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2458
 	NOT-FOR-US: Oracle
-CVE-2019-2457 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2457
 	NOT-FOR-US: Oracle
-CVE-2019-2456 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2456
 	NOT-FOR-US: Oracle
-CVE-2019-2455 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2455
 	- mysql-5.7 5.7.25-1 (bug #919817)
 CVE-2019-2454
 	RESERVED
-CVE-2019-2453 (Vulnerability in the Oracle Performance Management component of Oracle ...)
+CVE-2019-2453
 	NOT-FOR-US: Oracle
-CVE-2019-2452 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2019-2452
 	NOT-FOR-US: Oracle
-CVE-2019-2451 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2451
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2450 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2450
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2449 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2019-2449
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2019-2448 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2448
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2447 (Vulnerability in the Oracle Partner Management component of Oracle ...)
+CVE-2019-2447
 	NOT-FOR-US: Oracle
-CVE-2019-2446 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
+CVE-2019-2446
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2445 (Vulnerability in the Oracle Content Manager component of Oracle ...)
+CVE-2019-2445
 	NOT-FOR-US: Oracle
-CVE-2019-2444 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
+CVE-2019-2444
 	NOT-FOR-US: Oracle
-CVE-2019-2443 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2443
 	NOT-FOR-US: Oracle
-CVE-2019-2442 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2442
 	NOT-FOR-US: Oracle
-CVE-2019-2441 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2019-2441
 	NOT-FOR-US: Oracle
-CVE-2019-2440 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+CVE-2019-2440
 	NOT-FOR-US: Oracle
-CVE-2019-2439 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2439
 	NOT-FOR-US: Oracle
-CVE-2019-2438 (Vulnerability in the Oracle Web Cache component of Oracle Fusion ...)
+CVE-2019-2438
 	NOT-FOR-US: Oracle
-CVE-2019-2437 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems ...)
+CVE-2019-2437
 	NOT-FOR-US: Oracle
-CVE-2019-2436 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2436
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2435 (Vulnerability in the MySQL Connectors component of Oracle MySQL ...)
+CVE-2019-2435
 	- mysql-connector-python 8.0.14-1 (bug #919820)
 	[stretch] - mysql-connector-python <ignored> (No security details disclosed, no 2.1.x release by Oracle)
 	[jessie] - mysql-connector-python <ignored> (No security details disclosed, no 1.2.x release by Oracle)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#CVE-2019-2435
-CVE-2019-2434 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2434
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2433 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2433
 	NOT-FOR-US: Oracle
-CVE-2019-2432 (Vulnerability in the Oracle Argus Safety component of Oracle Health ...)
+CVE-2019-2432
 	NOT-FOR-US: Oracle
-CVE-2019-2431 (Vulnerability in the Oracle Argus Safety component of Oracle Health ...)
+CVE-2019-2431
 	NOT-FOR-US: Oracle
-CVE-2019-2430 (Vulnerability in the Oracle Argus Safety component of Oracle Health ...)
+CVE-2019-2430
 	NOT-FOR-US: Oracle
-CVE-2019-2429 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+CVE-2019-2429
 	NOT-FOR-US: Oracle
 CVE-2019-2428
 	RESERVED
-CVE-2019-2427 (Vulnerability in the Oracle WebCenter Portal component of Oracle ...)
+CVE-2019-2427
 	NOT-FOR-US: Oracle
-CVE-2019-2426 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2019-2426
 	- openjdk-7 <not-affected> (Specific to Java on Windows)
 	- openjdk-8 <not-affected> (Specific to Java on Windows)
 	- openjdk-11 <not-affected> (Specific to Java on Windows)
-CVE-2019-2425 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2019-2425
 	NOT-FOR-US: Oracle
 CVE-2019-2424
 	RESERVED
-CVE-2019-2423 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2423
 	NOT-FOR-US: Oracle
-CVE-2019-2422 (Vulnerability in the Java SE component of Oracle Java SE ...)
+CVE-2019-2422
 	- openjdk-7 <unfixed>
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.2+9-1
-CVE-2019-2421 (Vulnerability in the PeopleSoft Enterprise HCM eProfile Manager ...)
+CVE-2019-2421
 	NOT-FOR-US: Oracle
-CVE-2019-2420 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+CVE-2019-2420
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2419 (Vulnerability in the PeopleSoft Enterprise CC Common Application ...)
+CVE-2019-2419
 	NOT-FOR-US: Oracle
-CVE-2019-2418 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2019-2418
 	NOT-FOR-US: Oracle
-CVE-2019-2417 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2417
 	NOT-FOR-US: Oracle
-CVE-2019-2416 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2416
 	NOT-FOR-US: Oracle
-CVE-2019-2415 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion ...)
+CVE-2019-2415
 	NOT-FOR-US: Oracle
-CVE-2019-2414 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion ...)
+CVE-2019-2414
 	NOT-FOR-US: Oracle
-CVE-2019-2413 (Vulnerability in the Oracle Reports Developer component of Oracle ...)
+CVE-2019-2413
 	NOT-FOR-US: Oracle
-CVE-2019-2412 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+CVE-2019-2412
 	NOT-FOR-US: Oracle
-CVE-2019-2411 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2019-2411
 	NOT-FOR-US: Oracle
-CVE-2019-2410 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2019-2410
 	NOT-FOR-US: Oracle
-CVE-2019-2409 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+CVE-2019-2409
 	NOT-FOR-US: Oracle
-CVE-2019-2408 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2408
 	NOT-FOR-US: Oracle
-CVE-2019-2407 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2019-2407
 	NOT-FOR-US: Oracle
-CVE-2019-2406 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
+CVE-2019-2406
 	NOT-FOR-US: Oracle
-CVE-2019-2405 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2405
 	NOT-FOR-US: Oracle
-CVE-2019-2404 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+CVE-2019-2404
 	NOT-FOR-US: Oracle
-CVE-2019-2403 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2019-2403
 	NOT-FOR-US: Oracle
-CVE-2019-2402 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+CVE-2019-2402
 	NOT-FOR-US: Oracle
-CVE-2019-2401 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2019-2401
 	NOT-FOR-US: Oracle
-CVE-2019-2400 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+CVE-2019-2400
 	NOT-FOR-US: Oracle
-CVE-2019-2399 (Vulnerability in the Oracle Communications Diameter Signaling Router ...)
+CVE-2019-2399
 	NOT-FOR-US: Oracle
-CVE-2019-2398 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2019-2398
 	NOT-FOR-US: Oracle
-CVE-2019-2397 (Vulnerability in the Oracle Hospitality Reporting and Analytics ...)
+CVE-2019-2397
 	NOT-FOR-US: Oracle
-CVE-2019-2396 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+CVE-2019-2396
 	NOT-FOR-US: Oracle
-CVE-2019-2395 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+CVE-2019-2395
 	NOT-FOR-US: Oracle
 CVE-2019-2394
 	RESERVED
@@ -17190,27 +17218,27 @@ CVE-2019-2003
 	NOT-FOR-US: Android
 CVE-2019-2002
 	RESERVED
-CVE-2019-2001 (The permissions on /proc/iomem were world-readable. This could lead to ...)
+CVE-2019-2001
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2019-2000 (In several functions of binder.c, there is possible memory corruption ...)
+CVE-2019-2000
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2019-1999 (In binder_alloc_free_page of binder_alloc.c, there is a possible ...)
+CVE-2019-1999
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2019-1998 (In event_handler of keymaster_app.c, there is possible resource ...)
+CVE-2019-1998
 	NOT-FOR-US: Android
-CVE-2019-1997 (In random_get_bytes of random.c, there is a possible degradation of ...)
+CVE-2019-1997
 	NOT-FOR-US: Android
-CVE-2019-1996 (In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of ...)
+CVE-2019-1996
 	NOT-FOR-US: Android
-CVE-2019-1995 (In ComposeActivityEmail of ComposeActivityEmail.java, there is a ...)
+CVE-2019-1995
 	NOT-FOR-US: Android
-CVE-2019-1994 (In refresh of DevelopmentTiles.java, there is the possibility of ...)
+CVE-2019-1994
 	NOT-FOR-US: Android
-CVE-2019-1993 (In register_app of btif_hd.cc, there is a possible memory corruption ...)
+CVE-2019-1993
 	NOT-FOR-US: Android
-CVE-2019-1992 (In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible ...)
+CVE-2019-1992
 	NOT-FOR-US: Android
-CVE-2019-1991 (In btif_dm_data_copy of btif_core.cc, there is a possible out of ...)
+CVE-2019-1991
 	NOT-FOR-US: Android
 CVE-2019-1990
 	RESERVED
@@ -17218,11 +17246,11 @@ CVE-2019-1990
 CVE-2019-1989
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2019-1988 (In sample6 of SkSwizzler.cpp, there is a possible out of bounds write ...)
+CVE-2019-1988
 	NOT-FOR-US: Android
-CVE-2019-1987 (In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds ...)
+CVE-2019-1987
 	NOT-FOR-US: Android
-CVE-2019-1986 (In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out ...)
+CVE-2019-1986
 	NOT-FOR-US: Android
 CVE-2019-1985
 	RESERVED
@@ -17749,7 +17777,7 @@ CVE-2019-1725
 	RESERVED
 CVE-2019-1724
 	RESERVED
-CVE-2019-1723 (A vulnerability in the Cisco Common Services Platform Collector (CSPC) ...)
+CVE-2019-1723
 	NOT-FOR-US: Cisco
 CVE-2019-1722
 	RESERVED
@@ -17781,7 +17809,7 @@ CVE-2019-1709
 	RESERVED
 CVE-2019-1708
 	RESERVED
-CVE-2019-1707 (A vulnerability in the web-based management interface of Cisco DNA ...)
+CVE-2019-1707
 	NOT-FOR-US: Cisco
 CVE-2019-1706
 	RESERVED
@@ -17791,15 +17819,15 @@ CVE-2019-1704
 	RESERVED
 CVE-2019-1703
 	RESERVED
-CVE-2019-1702 (Multiple vulnerabilities in the web-based management interface of ...)
+CVE-2019-1702
 	NOT-FOR-US: Cisco
 CVE-2019-1701
 	RESERVED
-CVE-2019-1700 (A vulnerability in field-programmable gate array (FPGA) ingress buffer ...)
+CVE-2019-1700
 	NOT-FOR-US: Cisco
 CVE-2019-1699
 	RESERVED
-CVE-2019-1698 (A vulnerability in the web-based user interface of Cisco Internet of ...)
+CVE-2019-1698
 	NOT-FOR-US: Cisco
 CVE-2019-1697
 	RESERVED
@@ -17813,117 +17841,117 @@ CVE-2019-1693
 	RESERVED
 CVE-2019-1692
 	RESERVED
-CVE-2019-1691 (A vulnerability in the detection engine of Cisco Firepower Threat ...)
+CVE-2019-1691
 	NOT-FOR-US: Cisco
-CVE-2019-1690 (A vulnerability in the management interface of Cisco Application ...)
+CVE-2019-1690
 	NOT-FOR-US: Cisco
-CVE-2019-1689 (A vulnerability in the client application for iOS of Cisco Webex Teams ...)
+CVE-2019-1689
 	NOT-FOR-US: Cisco
-CVE-2019-1688 (A vulnerability in the management web interface of Cisco Network ...)
+CVE-2019-1688
 	NOT-FOR-US: Cisco
 CVE-2019-1687
 	RESERVED
 CVE-2019-1686
 	RESERVED
-CVE-2019-1685 (A vulnerability in the Security Assertion Markup Language (SAML) ...)
+CVE-2019-1685
 	NOT-FOR-US: Cisco
-CVE-2019-1684 (A vulnerability in the Cisco Discovery Protocol or Link Layer ...)
+CVE-2019-1684
 	NOT-FOR-US: Cisco
-CVE-2019-1683 (A vulnerability in the certificate handling component of the Cisco ...)
+CVE-2019-1683
 	NOT-FOR-US: Cisco
 CVE-2019-1682
 	RESERVED
-CVE-2019-1681 (A vulnerability in the TFTP service of Cisco Network Convergence ...)
+CVE-2019-1681
 	NOT-FOR-US: Cisco
-CVE-2019-1680 (A vulnerability in Cisco Webex Business Suite could allow an ...)
+CVE-2019-1680
 	NOT-FOR-US: Cisco
-CVE-2019-1679 (A vulnerability in the web interface of Cisco TelePresence Conductor, ...)
+CVE-2019-1679
 	NOT-FOR-US: Cisco
-CVE-2019-1678 (A vulnerability in Cisco Meeting Server could allow an authenticated, ...)
+CVE-2019-1678
 	NOT-FOR-US: Cisco
-CVE-2019-1677 (A vulnerability in Cisco Webex Meetings for Android could allow an ...)
+CVE-2019-1677
 	NOT-FOR-US: Cisco
-CVE-2019-1676 (A vulnerability in the Session Initiation Protocol (SIP) call ...)
+CVE-2019-1676
 	NOT-FOR-US: Cisco
-CVE-2019-1675 (A vulnerability in the default configuration of the Cisco Aironet ...)
+CVE-2019-1675
 	NOT-FOR-US: Cisco
-CVE-2019-1674 (A vulnerability in the update service of Cisco Webex Meetings Desktop ...)
+CVE-2019-1674
 	NOT-FOR-US: Cisco
-CVE-2019-1673 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2019-1673
 	NOT-FOR-US: Cisco
-CVE-2019-1672 (A vulnerability in the Decryption Policy Default Action functionality ...)
+CVE-2019-1672
 	NOT-FOR-US: Cisco
-CVE-2019-1671 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2019-1671
 	NOT-FOR-US: Cisco
-CVE-2019-1670 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2019-1670
 	NOT-FOR-US: Cisco
-CVE-2019-1669 (A vulnerability in the data acquisition (DAQ) component of Cisco ...)
+CVE-2019-1669
 	NOT-FOR-US: Cisco
-CVE-2019-1668 (A vulnerability in the chat feed feature of Cisco SocialMiner could ...)
+CVE-2019-1668
 	NOT-FOR-US: Cisco
-CVE-2019-1667 (A vulnerability in the Graphite interface of Cisco HyperFlex software ...)
+CVE-2019-1667
 	NOT-FOR-US: Cisco
-CVE-2019-1666 (A vulnerability in the Graphite service of Cisco HyperFlex software ...)
+CVE-2019-1666
 	NOT-FOR-US: Cisco
-CVE-2019-1665 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2019-1665
 	NOT-FOR-US: Cisco
-CVE-2019-1664 (A vulnerability in the hxterm service of Cisco HyperFlex Software ...)
+CVE-2019-1664
 	NOT-FOR-US: Cisco
-CVE-2019-1663 (A vulnerability in the web-based management interface of the Cisco ...)
+CVE-2019-1663
 	NOT-FOR-US: Cisco
-CVE-2019-1662 (A vulnerability in the Quality of Voice Reporting (QOVR) service of ...)
+CVE-2019-1662
 	NOT-FOR-US: Cisco
-CVE-2019-1661 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2019-1661
 	NOT-FOR-US: Cisco
-CVE-2019-1660 (A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco ...)
+CVE-2019-1660
 	NOT-FOR-US: Cisco
-CVE-2019-1659 (A vulnerability in the Identity Services Engine (ISE) integration ...)
+CVE-2019-1659
 	NOT-FOR-US: Cisco
-CVE-2019-1658 (A vulnerability in the web-based management interface of Cisco Unified ...)
+CVE-2019-1658
 	NOT-FOR-US: Cisco
-CVE-2019-1657 (A vulnerability in Cisco AMP Threat Grid could allow an authenticated, ...)
+CVE-2019-1657
 	NOT-FOR-US: Cisco
-CVE-2019-1656 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure ...)
+CVE-2019-1656
 	NOT-FOR-US: Cisco
-CVE-2019-1655 (A vulnerability in the web-based management interface of Cisco Webex ...)
+CVE-2019-1655
 	NOT-FOR-US: Cisco
 CVE-2019-1654
 	RESERVED
-CVE-2019-1653 (A vulnerability in the web-based management interface of Cisco Small ...)
+CVE-2019-1653
 	NOT-FOR-US: Cisco
-CVE-2019-1652 (A vulnerability in the web-based management interface of Cisco Small ...)
+CVE-2019-1652
 	NOT-FOR-US: Cisco
-CVE-2019-1651 (A vulnerability in the vContainer of the Cisco SD-WAN Solution could ...)
+CVE-2019-1651
 	NOT-FOR-US: Cisco
-CVE-2019-1650 (A vulnerability in the Cisco SD-WAN Solution could allow an ...)
+CVE-2019-1650
 	NOT-FOR-US: Cisco
 CVE-2019-1649
 	RESERVED
-CVE-2019-1648 (A vulnerability in the user group configuration of the Cisco SD-WAN ...)
+CVE-2019-1648
 	NOT-FOR-US: Cisco
-CVE-2019-1647 (A vulnerability in the Cisco SD-WAN Solution could allow an ...)
+CVE-2019-1647
 	NOT-FOR-US: Cisco
-CVE-2019-1646 (A vulnerability in the local CLI of the Cisco SD-WAN Solution could ...)
+CVE-2019-1646
 	NOT-FOR-US: Cisco
-CVE-2019-1645 (A vulnerability in the Cisco Connected Mobile Experiences (CMX) ...)
+CVE-2019-1645
 	NOT-FOR-US: Cisco
-CVE-2019-1644 (A vulnerability in the UDP protocol implementation for Cisco IoT Field ...)
+CVE-2019-1644
 	NOT-FOR-US: Cisco
-CVE-2019-1643 (A vulnerability in the web-based management interface of Cisco Prime ...)
+CVE-2019-1643
 	NOT-FOR-US: Cisco
-CVE-2019-1642 (A vulnerability in the web-based management interface of Cisco ...)
+CVE-2019-1642
 	NOT-FOR-US: Cisco
-CVE-2019-1641 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2019-1641
 	NOT-FOR-US: Cisco
-CVE-2019-1640 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2019-1640
 	NOT-FOR-US: Cisco
-CVE-2019-1639 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2019-1639
 	NOT-FOR-US: Cisco
-CVE-2019-1638 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2019-1638
 	NOT-FOR-US: Cisco
-CVE-2019-1637 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+CVE-2019-1637
 	NOT-FOR-US: Cisco
-CVE-2019-1636 (A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, ...)
+CVE-2019-1636
 	NOT-FOR-US: Cisco
 CVE-2019-1635
 	RESERVED
@@ -17959,73 +17987,73 @@ CVE-2019-1620
 	RESERVED
 CVE-2019-1619
 	RESERVED
-CVE-2019-1618 (A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 ...)
+CVE-2019-1618
 	NOT-FOR-US: Cisco
-CVE-2019-1617 (A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port ...)
+CVE-2019-1617
 	NOT-FOR-US: Cisco
-CVE-2019-1616 (A vulnerability in the Cisco Fabric Services component of Cisco NX-OS ...)
+CVE-2019-1616
 	NOT-FOR-US: Cisco
-CVE-2019-1615 (A vulnerability in the Image Signature Verification feature of Cisco ...)
+CVE-2019-1615
 	NOT-FOR-US: Cisco
-CVE-2019-1614 (A vulnerability in the NX-API feature of Cisco NX-OS Software could ...)
+CVE-2019-1614
 	NOT-FOR-US: Cisco
-CVE-2019-1613 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1613
 	NOT-FOR-US: Cisco
-CVE-2019-1612 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1612
 	NOT-FOR-US: Cisco
-CVE-2019-1611 (A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS ...)
+CVE-2019-1611
 	NOT-FOR-US: Cisco
-CVE-2019-1610 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1610
 	NOT-FOR-US: Cisco
-CVE-2019-1609 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1609
 	NOT-FOR-US: Cisco
-CVE-2019-1608 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1608
 	NOT-FOR-US: Cisco
-CVE-2019-1607 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1607
 	NOT-FOR-US: Cisco
-CVE-2019-1606 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1606
 	NOT-FOR-US: Cisco
-CVE-2019-1605 (A vulnerability in the NX-API feature of Cisco NX-OS Software could ...)
+CVE-2019-1605
 	NOT-FOR-US: Cisco
-CVE-2019-1604 (A vulnerability in the user account management interface of Cisco ...)
+CVE-2019-1604
 	NOT-FOR-US: Cisco
-CVE-2019-1603 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+CVE-2019-1603
 	NOT-FOR-US: Cisco
-CVE-2019-1602 (A vulnerability in the filesystem permissions of Cisco NX-OS Software ...)
+CVE-2019-1602
 	NOT-FOR-US: Cisco
-CVE-2019-1601 (A vulnerability in the filesystem permissions of Cisco NX-OS Software ...)
+CVE-2019-1601
 	NOT-FOR-US: Cisco
-CVE-2019-1600 (A vulnerability in the file system permissions of Cisco FXOS Software ...)
+CVE-2019-1600
 	NOT-FOR-US: Cisco
-CVE-2019-1599 (A vulnerability in the network stack of Cisco NX-OS Software could ...)
+CVE-2019-1599
 	NOT-FOR-US: Cisco
-CVE-2019-1598 (Multiple vulnerabilities in the implementation of the Lightweight ...)
+CVE-2019-1598
 	NOT-FOR-US: Cisco
-CVE-2019-1597 (Multiple vulnerabilities in the implementation of the Lightweight ...)
+CVE-2019-1597
 	NOT-FOR-US: Cisco
-CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco NX-OS ...)
+CVE-2019-1596
 	NOT-FOR-US: Cisco
-CVE-2019-1595 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol ...)
+CVE-2019-1595
 	NOT-FOR-US: Cisco
-CVE-2019-1594 (A vulnerability in the 802.1X implementation for Cisco NX-OS Software ...)
+CVE-2019-1594
 	NOT-FOR-US: Cisco
-CVE-2019-1593 (A vulnerability in the Bash shell implementation for Cisco NX-OS ...)
+CVE-2019-1593
 	NOT-FOR-US: Cisco
 CVE-2019-1592
 	RESERVED
-CVE-2019-1591 (A vulnerability in a specific CLI command implementation of Cisco ...)
+CVE-2019-1591
 	NOT-FOR-US: Cisco
 CVE-2019-1590
 	RESERVED
 CVE-2019-1589
 	RESERVED
-CVE-2019-1588 (A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running ...)
+CVE-2019-1588
 	NOT-FOR-US: Cisco
 CVE-2019-1587
 	RESERVED
 CVE-2019-1586
 	RESERVED
-CVE-2019-1585 (A vulnerability in the controller authorization functionality of Cisco ...)
+CVE-2019-1585
 	NOT-FOR-US: Cisco
 CVE-2019-1584
 	RESERVED
@@ -18063,9 +18091,9 @@ CVE-2019-1568
 	RESERVED
 CVE-2019-1567
 	RESERVED
-CVE-2019-1566 (The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, ...)
+CVE-2019-1566
 	NOT-FOR-US: PAN-OS
-CVE-2019-1565 (The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, ...)
+CVE-2019-1565
 	NOT-FOR-US: PAN-OS
 CVE-2019-1564
 	RESERVED
@@ -18077,7 +18105,7 @@ CVE-2019-1561
 	RESERVED
 CVE-2019-1560
 	RESERVED
-CVE-2019-1559 (If an application encounters a fatal protocol error and then calls ...)
+CVE-2019-1559
 	{DSA-4400-1 DLA-1701-1}
 	- openssl1.0 <unfixed>
 	- openssl 1.1.0b-2
@@ -18118,7 +18146,7 @@ CVE-2019-1545
 	RESERVED
 CVE-2019-1544
 	RESERVED
-CVE-2019-1543 (ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ...)
+CVE-2019-1543
 	- openssl <unfixed>
 	[stretch] - openssl <postponed> (Minor issue, fix along in future DSA)
 	[jessie] - openssl <postponed> (Minor issue, fix along in future DLA)
@@ -19731,11 +19759,11 @@ CVE-2019-0745
 	RESERVED
 CVE-2019-0744
 	RESERVED
-CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
+CVE-2019-0743
 	NOT-FOR-US: Microsoft Team Foundation Server
-CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
+CVE-2019-0742
 	NOT-FOR-US: Microsoft Team Foundation Server
-CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure IoT ...)
+CVE-2019-0741
 	NOT-FOR-US: Microsoft
 CVE-2019-0740
 	RESERVED
@@ -19759,9 +19787,9 @@ CVE-2019-0731
 	RESERVED
 CVE-2019-0730
 	RESERVED
-CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure IoT ...)
+CVE-2019-0729
 	NOT-FOR-US: Microsoft
-CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio Code ...)
+CVE-2019-0728
 	NOT-FOR-US: Microsoft
 CVE-2019-0727
 	RESERVED
@@ -19769,7 +19797,7 @@ CVE-2019-0726
 	RESERVED
 CVE-2019-0725
 	RESERVED
-CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft Exchange ...)
+CVE-2019-0724
 	NOT-FOR-US: Microsoft
 CVE-2019-0723
 	RESERVED
@@ -19845,7 +19873,7 @@ CVE-2019-0688
 	RESERVED
 CVE-2019-0687
 	RESERVED
-CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange ...)
+CVE-2019-0686
 	NOT-FOR-US: Microsoft
 CVE-2019-0685
 	RESERVED
@@ -19865,23 +19893,23 @@ CVE-2019-0678
 	RESERVED
 CVE-2019-0677
 	RESERVED
-CVE-2019-0676 (An information disclosure vulnerability exists when Internet Explorer ...)
+CVE-2019-0676
 	NOT-FOR-US: Microsoft
-CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft Office ...)
+CVE-2019-0675
 	NOT-FOR-US: Microsoft
-CVE-2019-0674 (A remote code execution vulnerability exists when the Microsoft Office ...)
+CVE-2019-0674
 	NOT-FOR-US: Microsoft
-CVE-2019-0673 (A remote code execution vulnerability exists when the Microsoft Office ...)
+CVE-2019-0673
 	NOT-FOR-US: Microsoft
-CVE-2019-0672 (A remote code execution vulnerability exists when the Microsoft Office ...)
+CVE-2019-0672
 	NOT-FOR-US: Microsoft
-CVE-2019-0671 (A remote code execution vulnerability exists when the Microsoft Office ...)
+CVE-2019-0671
 	NOT-FOR-US: Microsoft
-CVE-2019-0670 (A spoofing vulnerability exists in Microsoft SharePoint when the ...)
+CVE-2019-0670
 	NOT-FOR-US: Microsoft
-CVE-2019-0669 (An information disclosure vulnerability exists when Microsoft Excel ...)
+CVE-2019-0669
 	NOT-FOR-US: Microsoft
-CVE-2019-0668 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2019-0668
 	NOT-FOR-US: Microsoft
 CVE-2019-0667
 	RESERVED
@@ -19889,264 +19917,264 @@ CVE-2019-0666
 	RESERVED
 CVE-2019-0665
 	RESERVED
-CVE-2019-0664 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2019-0664
 	NOT-FOR-US: Microsoft
-CVE-2019-0663 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2019-0663
 	NOT-FOR-US: Microsoft
-CVE-2019-0662 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0662
 	NOT-FOR-US: Microsoft
-CVE-2019-0661 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2019-0661
 	NOT-FOR-US: Microsoft
-CVE-2019-0660 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2019-0660
 	NOT-FOR-US: Microsoft
-CVE-2019-0659 (An elevation of privilege vulnerability exists when the Storage ...)
+CVE-2019-0659
 	NOT-FOR-US: Microsoft
-CVE-2019-0658 (An information disclosure vulnerability exists when the scripting ...)
+CVE-2019-0658
 	NOT-FOR-US: Microsoft
-CVE-2019-0657 (A vulnerability exists in certain .Net Framework API's and Visual ...)
+CVE-2019-0657
 	NOT-FOR-US: .NET core
-CVE-2019-0656 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+CVE-2019-0656
 	NOT-FOR-US: Microsoft
-CVE-2019-0655 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0655
 	NOT-FOR-US: Microsoft
-CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers improperly ...)
+CVE-2019-0654
 	NOT-FOR-US: Microsoft
 CVE-2019-0653
 	RESERVED
-CVE-2019-0652 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0652
 	NOT-FOR-US: Microsoft
-CVE-2019-0651 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0651
 	NOT-FOR-US: Microsoft
-CVE-2019-0650 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2019-0650
 	NOT-FOR-US: Microsoft
-CVE-2019-0649 (A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting ...)
+CVE-2019-0649
 	NOT-FOR-US: Microsoft
-CVE-2019-0648 (An information disclosure vulnerability exists when Chakra improperly ...)
+CVE-2019-0648
 	NOT-FOR-US: Microsoft
-CVE-2019-0647 (An information disclosure vulnerability exists when Team Foundation ...)
+CVE-2019-0647
 	NOT-FOR-US: Microsoft
-CVE-2019-0646 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
+CVE-2019-0646
 	NOT-FOR-US: Microsoft
-CVE-2019-0645 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2019-0645
 	NOT-FOR-US: Microsoft
-CVE-2019-0644 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0644
 	NOT-FOR-US: Microsoft
-CVE-2019-0643 (An information disclosure vulnerability exists in the way that ...)
+CVE-2019-0643
 	NOT-FOR-US: Microsoft
-CVE-2019-0642 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0642
 	NOT-FOR-US: Microsoft
-CVE-2019-0641 (A security feature bypass vulnerability exists in Microsoft Edge ...)
+CVE-2019-0641
 	NOT-FOR-US: Microsoft
-CVE-2019-0640 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0640
 	NOT-FOR-US: Microsoft
 CVE-2019-0639
 	RESERVED
 CVE-2019-0638
 	RESERVED
-CVE-2019-0637 (A security feature bypass vulnerability exists when Windows Defender ...)
+CVE-2019-0637
 	NOT-FOR-US: Microsoft
-CVE-2019-0636 (An information vulnerability exists when Windows improperly discloses ...)
+CVE-2019-0636
 	NOT-FOR-US: Microsoft
-CVE-2019-0635 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
+CVE-2019-0635
 	NOT-FOR-US: Microsoft
-CVE-2019-0634 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2019-0634
 	NOT-FOR-US: Microsoft
-CVE-2019-0633 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0633
 	NOT-FOR-US: Microsoft
-CVE-2019-0632 (A security feature bypass vulnerability exists in Windows which could ...)
+CVE-2019-0632
 	NOT-FOR-US: Microsoft
-CVE-2019-0631 (A security feature bypass vulnerability exists in Windows which could ...)
+CVE-2019-0631
 	NOT-FOR-US: Microsoft
-CVE-2019-0630 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0630
 	NOT-FOR-US: Microsoft
 CVE-2019-0629
 	RESERVED
-CVE-2019-0628 (An information disclosure vulnerability exists when the win32k ...)
+CVE-2019-0628
 	NOT-FOR-US: Microsoft
-CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which could ...)
+CVE-2019-0627
 	NOT-FOR-US: Microsoft
-CVE-2019-0626 (A memory corruption vulnerability exists in the Windows Server DHCP ...)
+CVE-2019-0626
 	NOT-FOR-US: Microsoft
-CVE-2019-0625 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0625
 	NOT-FOR-US: Microsoft
-CVE-2019-0624 (A spoofing vulnerability exists when a Skype for Business 2015 server ...)
+CVE-2019-0624
 	NOT-FOR-US: Microsoft
-CVE-2019-0623 (An elevation of privilege vulnerability exists in Windows when the ...)
+CVE-2019-0623
 	NOT-FOR-US: Microsoft
-CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for Andriod ...)
+CVE-2019-0622
 	NOT-FOR-US: Skype for Android
-CVE-2019-0621 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2019-0621
 	NOT-FOR-US: Microsoft
 CVE-2019-0620
 	RESERVED
-CVE-2019-0619 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2019-0619
 	NOT-FOR-US: Microsoft
-CVE-2019-0618 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0618
 	NOT-FOR-US: Microsoft
 CVE-2019-0617
 	RESERVED
-CVE-2019-0616 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2019-0616
 	NOT-FOR-US: Microsoft
-CVE-2019-0615 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2019-0615
 	NOT-FOR-US: Microsoft
 CVE-2019-0614
 	RESERVED
-CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework and ...)
+CVE-2019-0613
 	NOT-FOR-US: Microsoft
 CVE-2019-0612
 	RESERVED
 CVE-2019-0611
 	RESERVED
-CVE-2019-0610 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0610
 	NOT-FOR-US: Microsoft
 CVE-2019-0609
 	RESERVED
 CVE-2019-0608
 	RESERVED
-CVE-2019-0607 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0607
 	NOT-FOR-US: Microsoft
-CVE-2019-0606 (A remote code execution vulnerability exists when Internet Explorer ...)
+CVE-2019-0606
 	NOT-FOR-US: Microsoft
-CVE-2019-0605 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0605
 	NOT-FOR-US: Microsoft
-CVE-2019-0604 (A remote code execution vulnerability exists in Microsoft SharePoint ...)
+CVE-2019-0604
 	NOT-FOR-US: Microsoft
 CVE-2019-0603
 	RESERVED
-CVE-2019-0602 (An information disclosure vulnerability exists when the Windows GDI ...)
+CVE-2019-0602
 	NOT-FOR-US: Microsoft
-CVE-2019-0601 (An information disclosure vulnerability exists when the Human ...)
+CVE-2019-0601
 	NOT-FOR-US: Microsoft
-CVE-2019-0600 (An information disclosure vulnerability exists when the Human ...)
+CVE-2019-0600
 	NOT-FOR-US: Microsoft
-CVE-2019-0599 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0599
 	NOT-FOR-US: Microsoft
-CVE-2019-0598 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0598
 	NOT-FOR-US: Microsoft
-CVE-2019-0597 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0597
 	NOT-FOR-US: Microsoft
-CVE-2019-0596 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0596
 	NOT-FOR-US: Microsoft
-CVE-2019-0595 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0595
 	NOT-FOR-US: Microsoft
-CVE-2019-0594 (A remote code execution vulnerability exists in Microsoft SharePoint ...)
+CVE-2019-0594
 	NOT-FOR-US: Microsoft
-CVE-2019-0593 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0593
 	NOT-FOR-US: Microsoft
 CVE-2019-0592
 	RESERVED
-CVE-2019-0591 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0591
 	NOT-FOR-US: Microsoft
-CVE-2019-0590 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0590
 	NOT-FOR-US: Microsoft
 CVE-2019-0589
 	RESERVED
-CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft ...)
+CVE-2019-0588
 	NOT-FOR-US: Microsoft
 CVE-2019-0587
 	RESERVED
-CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft Exchange ...)
+CVE-2019-0586
 	NOT-FOR-US: Microsoft
-CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word ...)
+CVE-2019-0585
 	NOT-FOR-US: Microsoft
-CVE-2019-0584 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0584
 	NOT-FOR-US: Microsoft
-CVE-2019-0583 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0583
 	NOT-FOR-US: Microsoft
-CVE-2019-0582 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0582
 	NOT-FOR-US: Microsoft
-CVE-2019-0581 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0581
 	NOT-FOR-US: Microsoft
-CVE-2019-0580 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0580
 	NOT-FOR-US: Microsoft
-CVE-2019-0579 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0579
 	NOT-FOR-US: Microsoft
-CVE-2019-0578 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0578
 	NOT-FOR-US: Microsoft
-CVE-2019-0577 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0577
 	NOT-FOR-US: Microsoft
-CVE-2019-0576 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0576
 	NOT-FOR-US: Microsoft
-CVE-2019-0575 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0575
 	NOT-FOR-US: Microsoft
-CVE-2019-0574 (An elevation of privilege vulnerability exists when the Windows Data ...)
+CVE-2019-0574
 	NOT-FOR-US: Microsoft
-CVE-2019-0573 (An elevation of privilege vulnerability exists when the Windows Data ...)
+CVE-2019-0573
 	NOT-FOR-US: Microsoft
-CVE-2019-0572 (An elevation of privilege vulnerability exists when the Windows Data ...)
+CVE-2019-0572
 	NOT-FOR-US: Microsoft
-CVE-2019-0571 (An elevation of privilege vulnerability exists when the Windows Data ...)
+CVE-2019-0571
 	NOT-FOR-US: Microsoft
-CVE-2019-0570 (An elevation of privilege vulnerability exists when the Windows ...)
+CVE-2019-0570
 	NOT-FOR-US: Microsoft
-CVE-2019-0569 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2019-0569
 	NOT-FOR-US: Microsoft
-CVE-2019-0568 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0568
 	NOT-FOR-US: Microsoft
-CVE-2019-0567 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0567
 	NOT-FOR-US: Microsoft
-CVE-2019-0566 (An elevation of privilege vulnerability exists in Microsoft Edge ...)
+CVE-2019-0566
 	NOT-FOR-US: Microsoft
-CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft Edge ...)
+CVE-2019-0565
 	NOT-FOR-US: Microsoft
-CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
+CVE-2019-0564
 	NOT-FOR-US: .NET core
 CVE-2019-0563
 	RESERVED
-CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft ...)
+CVE-2019-0562
 	NOT-FOR-US: Microsoft
-CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft Word ...)
+CVE-2019-0561
 	NOT-FOR-US: Microsoft
-CVE-2019-0560 (An information disclosure vulnerability exists when Microsoft Office ...)
+CVE-2019-0560
 	NOT-FOR-US: Microsoft
-CVE-2019-0559 (An information disclosure vulnerability exists when Microsoft Outlook ...)
+CVE-2019-0559
 	NOT-FOR-US: Microsoft
-CVE-2019-0558 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+CVE-2019-0558
 	NOT-FOR-US: Microsoft
-CVE-2019-0557 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+CVE-2019-0557
 	NOT-FOR-US: Microsoft
-CVE-2019-0556 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+CVE-2019-0556
 	NOT-FOR-US: Microsoft
-CVE-2019-0555 (An elevation of privilege vulnerability exists in the Microsoft ...)
+CVE-2019-0555
 	NOT-FOR-US: Microsoft
-CVE-2019-0554 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2019-0554
 	NOT-FOR-US: Microsoft
-CVE-2019-0553 (An information disclosure vulnerability exists when Windows Subsystem ...)
+CVE-2019-0553
 	NOT-FOR-US: Microsoft
-CVE-2019-0552 (An elevation of privilege exists in Windows COM Desktop Broker, aka ...)
+CVE-2019-0552
 	NOT-FOR-US: Microsoft
-CVE-2019-0551 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2019-0551
 	NOT-FOR-US: Microsoft
-CVE-2019-0550 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+CVE-2019-0550
 	NOT-FOR-US: Microsoft
-CVE-2019-0549 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2019-0549
 	NOT-FOR-US: Microsoft
-CVE-2019-0548 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
+CVE-2019-0548
 	NOT-FOR-US: .NET core
-CVE-2019-0547 (A memory corruption vulnerability exists in the Windows DHCP client ...)
+CVE-2019-0547
 	NOT-FOR-US: Microsoft
-CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio when the ...)
+CVE-2019-0546
 	NOT-FOR-US: Microsoft
-CVE-2019-0545 (An information disclosure vulnerability exists in .NET Framework and ...)
+CVE-2019-0545
 	NOT-FOR-US: .NET core
 CVE-2019-0544
 	RESERVED
-CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows improperly ...)
+CVE-2019-0543
 	NOT-FOR-US: Microsoft
-CVE-2019-0542 (A remote code execution vulnerability exists in Xterm.js when the ...)
+CVE-2019-0542
 	- node-xterm <unfixed> (unimportant)
 	NOTE: nodejs not covered by security support
-CVE-2019-0541 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0541
 	NOT-FOR-US: Microsoft
-CVE-2019-0540 (A security feature bypass vulnerability exists when Microsoft Office ...)
+CVE-2019-0540
 	NOT-FOR-US: Microsoft
-CVE-2019-0539 (A remote code execution vulnerability exists in the way that the ...)
+CVE-2019-0539
 	NOT-FOR-US: Microsoft
-CVE-2019-0538 (A remote code execution vulnerability exists when the Windows Jet ...)
+CVE-2019-0538
 	NOT-FOR-US: Microsoft
-CVE-2019-0537 (An information disclosure vulnerability exists when Visual Studio ...)
+CVE-2019-0537
 	NOT-FOR-US: Microsoft
-CVE-2019-0536 (An information disclosure vulnerability exists when the Windows kernel ...)
+CVE-2019-0536
 	NOT-FOR-US: Microsoft
 CVE-2019-0535
 	RESERVED
@@ -20664,85 +20692,85 @@ CVE-2019-0279
 	RESERVED
 CVE-2019-0278
 	RESERVED
-CVE-2019-0277 (SAP HANA extended application services, version 1, advanced does not ...)
+CVE-2019-0277
 	NOT-FOR-US: SAP
-CVE-2019-0276 (Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA ...)
+CVE-2019-0276
 	NOT-FOR-US: SAP
-CVE-2019-0275 (SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server ...)
+CVE-2019-0275
 	NOT-FOR-US: SAP
-CVE-2019-0274 (SAP Mobile Platform SDK allows an attacker to prevent legitimate users ...)
+CVE-2019-0274
 	NOT-FOR-US: SAP
 CVE-2019-0273
 	RESERVED
 CVE-2019-0272
 	RESERVED
-CVE-2019-0271 (ABAP Server (used in NetWeaver and Suite/ERP) and ABAP Platform does ...)
+CVE-2019-0271
 	NOT-FOR-US: SAP
-CVE-2019-0270 (ABAP Server of SAP NetWeaver and ABAP Platform fail to perform ...)
+CVE-2019-0270
 	NOT-FOR-US: SAP
-CVE-2019-0269 (SAP BusinessObjects Business Intelligence Platform (BI Workspace), ...)
+CVE-2019-0269
 	NOT-FOR-US: SAP
-CVE-2019-0268 (SAP BusinessObjects Business Intelligence Platform (CMC Module), ...)
+CVE-2019-0268
 	NOT-FOR-US: SAP
-CVE-2019-0267 (SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 ...)
+CVE-2019-0267
 	NOT-FOR-US: SAP
-CVE-2019-0266 (Under certain conditions SAP HANA Extended Application Services, ...)
+CVE-2019-0266
 	NOT-FOR-US: SAP
-CVE-2019-0265 (SLD Registration of ABAP Platform allows an attacker to prevent ...)
+CVE-2019-0265
 	NOT-FOR-US: ABAP Platform
 CVE-2019-0264
 	RESERVED
 CVE-2019-0263
 	RESERVED
-CVE-2019-0262 (SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not ...)
+CVE-2019-0262
 	NOT-FOR-US: SAP
-CVE-2019-0261 (Under certain circumstances, SAP HANA Extended Application Services, ...)
+CVE-2019-0261
 	NOT-FOR-US: SAP
 CVE-2019-0260
 	RESERVED
-CVE-2019-0259 (SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows ...)
+CVE-2019-0259
 	NOT-FOR-US: SAP
-CVE-2019-0258 (SAP Disclosure Management, version 10.01, does not perform necessary ...)
+CVE-2019-0258
 	NOT-FOR-US: SAP
-CVE-2019-0257 (Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in ...)
+CVE-2019-0257
 	NOT-FOR-US: SAP
-CVE-2019-0256 (Under certain conditions SAP Business One Mobile Android App, version ...)
+CVE-2019-0256
 	NOT-FOR-US: SAP
-CVE-2019-0255 (SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, ...)
+CVE-2019-0255
 	NOT-FOR-US: SAP
-CVE-2019-0254 (SAP Disclosure Management (before version 10.1 Stack 1301) does not ...)
+CVE-2019-0254
 	NOT-FOR-US: SAP
 CVE-2019-0253
 	RESERVED
 CVE-2019-0252
 	RESERVED
-CVE-2019-0251 (The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and ...)
+CVE-2019-0251
 	NOT-FOR-US: SAP
 CVE-2019-0250
 	RESERVED
-CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0) allows an ...)
+CVE-2019-0249
 	NOT-FOR-US: SAP
-CVE-2019-0248 (Under certain conditions SAP Gateway of ABAP Application Server (fixed ...)
+CVE-2019-0248
 	NOT-FOR-US: SAP
-CVE-2019-0247 (SAP Cloud Connector, before version 2.11.3, allows an attacker to ...)
+CVE-2019-0247
 	NOT-FOR-US: SAP
-CVE-2019-0246 (SAP Cloud Connector, before version 2.11.3, does not perform any ...)
+CVE-2019-0246
 	NOT-FOR-US: SAP
-CVE-2019-0245 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF ...)
+CVE-2019-0245
 	NOT-FOR-US: SAP
-CVE-2019-0244 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF ...)
+CVE-2019-0244
 	NOT-FOR-US: SAP
-CVE-2019-0243 (Under some circumstances, masterdata maintenance in SAP BW/4HANA ...)
+CVE-2019-0243
 	NOT-FOR-US: SAP
 CVE-2019-0242
 	RESERVED
-CVE-2019-0241 (SAP Work and Inventory Manager (Agentry_SDK , before 7.0, 7.1) allows ...)
+CVE-2019-0241
 	NOT-FOR-US: SAP
-CVE-2019-0240 (SAP Business Objects Mobile for Android (before 6.3.5) application ...)
+CVE-2019-0240
 	NOT-FOR-US: SAP
 CVE-2019-0239
 	RESERVED
-CVE-2019-0238 (SAP Commerce (previously known as SAP Hybris Commerce), before version ...)
+CVE-2019-0238
 	NOT-FOR-US: SAP
 CVE-2019-0237
 	RESERVED
@@ -20818,7 +20846,7 @@ CVE-2019-0202
 	RESERVED
 CVE-2019-0201
 	RESERVED
-CVE-2019-0200 (A Denial of Service vulnerability was found in Apache Qpid Broker-J ...)
+CVE-2019-0200
 	- qpid-java <itp> (bug #840131)
 CVE-2019-0199
 	RESERVED
@@ -20834,13 +20862,13 @@ CVE-2019-0194
 	RESERVED
 CVE-2019-0193
 	RESERVED
-CVE-2019-0192 (In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config ...)
+CVE-2019-0192
 	- lucene-solr <undetermined>
 	NOTE: https://issues.apache.org/jira/browse/SOLR-13301
 CVE-2019-0191
 	RESERVED
 	- apache-karaf <itp> (bug #881297)
-CVE-2019-0190 (A bug exists in the way mod_ssl handled client renegotiations. A ...)
+CVE-2019-0190
 	- apache2 2.4.38-1 (bug #920220)
 	[stretch] - apache2 <not-affected> (Only affects 2.4.37)
 	[jessie] - apache2 <not-affected> (Only affects 2.4.37)
@@ -20849,7 +20877,7 @@ CVE-2019-0189
 	RESERVED
 CVE-2019-0188
 	RESERVED
-CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in distributed ...)
+CVE-2019-0187
 	- jakarta-jmeter <undetermined>
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743
 CVE-2019-0186
@@ -20954,7 +20982,7 @@ CVE-2019-0137
 	RESERVED
 CVE-2019-0136
 	RESERVED
-CVE-2019-0135 (Improper permissions in the installer for Intel(R) Accelerated Storage ...)
+CVE-2019-0135
 	NOT-FOR-US: Intel
 CVE-2019-0134
 	RESERVED
@@ -20966,11 +20994,11 @@ CVE-2019-0131
 	RESERVED
 CVE-2019-0130
 	RESERVED
-CVE-2019-0129 (Improper permissions for Intel(R) USB 3.0 Creator Utility all versions ...)
+CVE-2019-0129
 	NOT-FOR-US: Intel
 CVE-2019-0128
 	RESERVED
-CVE-2019-0127 (Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and ...)
+CVE-2019-0127
 	NOT-FOR-US: Intel
 CVE-2019-0126
 	RESERVED
@@ -20980,9 +21008,9 @@ CVE-2019-0124
 	RESERVED
 CVE-2019-0123
 	RESERVED
-CVE-2019-0122 (Double free in Intel(R) SGX SDK for Linux before version 2.2 and ...)
+CVE-2019-0122
 	NOT-FOR-US: Intel
-CVE-2019-0121 (Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and ...)
+CVE-2019-0121
 	NOT-FOR-US: Intel
 CVE-2019-0120
 	RESERVED
@@ -21000,29 +21028,29 @@ CVE-2019-0114
 	RESERVED
 CVE-2019-0113
 	RESERVED
-CVE-2019-0112 (Improper flow control in crypto routines for Intel(R) Data Center ...)
+CVE-2019-0112
 	NOT-FOR-US: Intel
-CVE-2019-0111 (Improper file permissions for Intel(R) Data Center Manager SDK before ...)
+CVE-2019-0111
 	NOT-FOR-US: Intel
-CVE-2019-0110 (Insufficient key management for Intel(R) Data Center Manager SDK ...)
+CVE-2019-0110
 	NOT-FOR-US: Intel
-CVE-2019-0109 (Improper folder permissions in Intel(R) Data Center Manager SDK before ...)
+CVE-2019-0109
 	NOT-FOR-US: Intel
-CVE-2019-0108 (Improper file permissions for Intel(R) Data Center Manager SDK before ...)
+CVE-2019-0108
 	NOT-FOR-US: Intel
-CVE-2019-0107 (Insufficient user prompt in install routine for Intel(R) Data Center ...)
+CVE-2019-0107
 	NOT-FOR-US: Intel
-CVE-2019-0106 (Insufficient run protection in install routine for Intel(R) Data ...)
+CVE-2019-0106
 	NOT-FOR-US: Intel
-CVE-2019-0105 (Insufficient file permissions checking in install routine for Intel(R) ...)
+CVE-2019-0105
 	NOT-FOR-US: Intel
-CVE-2019-0104 (Insufficient file protection in uninstall routine for Intel(R) Data ...)
+CVE-2019-0104
 	NOT-FOR-US: Intel
-CVE-2019-0103 (Insufficient file protection in install routine for Intel(R) Data ...)
+CVE-2019-0103
 	NOT-FOR-US: Intel
-CVE-2019-0102 (Insufficient session authentication in web server for Intel(R) Data ...)
+CVE-2019-0102
 	NOT-FOR-US: Intel
-CVE-2019-0101 (Authentication bypass in the Intel Unite(R) solution versions 3.2 ...)
+CVE-2019-0101
 	NOT-FOR-US: Intel
 CVE-2019-0100
 	RESERVED
@@ -21048,7 +21076,7 @@ CVE-2019-0090
 	RESERVED
 CVE-2019-0089
 	RESERVED
-CVE-2019-0088 (Insufficient path checking in Intel(R) System Support Utility for ...)
+CVE-2019-0088
 	NOT-FOR-US: Intel
 CVE-2019-0087
 	RESERVED
@@ -21164,63 +21192,63 @@ CVE-2019-0032
 	RESERVED
 CVE-2019-0031
 	RESERVED
-CVE-2019-0030 (Juniper ATP uses DES and a hardcoded salt for password hashing, ...)
+CVE-2019-0030
 	NOT-FOR-US: Juniper
-CVE-2019-0029 (Juniper ATP Series Splunk credentials are logged in a file readable by ...)
+CVE-2019-0029
 	NOT-FOR-US: Juniper
 CVE-2019-0028
 	RESERVED
-CVE-2019-0027 (A persistent cross-site scripting (XSS) vulnerability in the Snort ...)
+CVE-2019-0027
 	NOT-FOR-US: Juniper
-CVE-2019-0026 (A persistent cross-site scripting (XSS) vulnerability in the Zone ...)
+CVE-2019-0026
 	NOT-FOR-US: Juniper
-CVE-2019-0025 (A persistent cross-site scripting (XSS) vulnerability in RADIUS ...)
+CVE-2019-0025
 	NOT-FOR-US: Juniper
-CVE-2019-0024 (A persistent cross-site scripting (XSS) vulnerability in the Email ...)
+CVE-2019-0024
 	NOT-FOR-US: Juniper
-CVE-2019-0023 (A persistent cross-site scripting (XSS) vulnerability in the Golden VM ...)
+CVE-2019-0023
 	NOT-FOR-US: Juniper
-CVE-2019-0022 (Juniper ATP ships with hard coded credentials in the Cyphort Core ...)
+CVE-2019-0022
 	NOT-FOR-US: Juniper
-CVE-2019-0021 (On Juniper ATP, secret passphrase CLI inputs, such as &quot;set mcm&quot;, are ...)
+CVE-2019-0021
 	NOT-FOR-US: Juniper
-CVE-2019-0020 (Juniper ATP ships with hard coded credentials in the Web Collector ...)
+CVE-2019-0020
 	NOT-FOR-US: Juniper
 CVE-2019-0019
 	RESERVED
-CVE-2019-0018 (A persistent cross-site scripting (XSS) vulnerability in the file ...)
+CVE-2019-0018
 	NOT-FOR-US: Juniper
-CVE-2019-0017 (The Junos Space application, which allows Device Image files to be ...)
+CVE-2019-0017
 	NOT-FOR-US: Juniper
-CVE-2019-0016 (A malicious authenticated user may be able to delete a device from the ...)
+CVE-2019-0016
 	NOT-FOR-US: Juniper
-CVE-2019-0015 (A vulnerability in the SRX Series Service Gateway allows deleted ...)
+CVE-2019-0015
 	NOT-FOR-US: Juniper
-CVE-2019-0014 (On QFX and PTX Series, receipt of a malformed packet for J-Flow ...)
+CVE-2019-0014
 	NOT-FOR-US: Juniper
-CVE-2019-0013 (The routing protocol daemon (RPD) process will crash and restart when ...)
+CVE-2019-0013
 	NOT-FOR-US: Juniper
-CVE-2019-0012 (A Denial of Service (DoS) vulnerability in BGP in Juniper Networks ...)
+CVE-2019-0012
 	NOT-FOR-US: Juniper
-CVE-2019-0011 (The Junos OS kernel crashes after processing a specific incoming ...)
+CVE-2019-0011
 	NOT-FOR-US: Juniper
-CVE-2019-0010 (An SRX Series Service Gateway configured for Unified Threat Management ...)
+CVE-2019-0010
 	NOT-FOR-US: Juniper
-CVE-2019-0009 (On EX2300 and EX3400 series, high disk I/O operations may disrupt the ...)
+CVE-2019-0009
 	NOT-FOR-US: Juniper
 CVE-2019-0008
 	RESERVED
-CVE-2019-0007 (The vMX Series software uses a predictable IP ID Sequence Number. This ...)
+CVE-2019-0007
 	NOT-FOR-US: Juniper
-CVE-2019-0006 (A certain crafted HTTP packet can trigger an uninitialized function ...)
+CVE-2019-0006
 	NOT-FOR-US: Juniper
-CVE-2019-0005 (On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter ...)
+CVE-2019-0005
 	NOT-FOR-US: Juniper
-CVE-2019-0004 (On Juniper ATP, the API key and the device key are logged in a file ...)
+CVE-2019-0004
 	NOT-FOR-US: Juniper
-CVE-2019-0003 (When a specific BGP flowspec configuration is enabled and upon receipt ...)
+CVE-2019-0003
 	NOT-FOR-US: Juniper
-CVE-2019-0002 (On EX2300 and EX3400 series, stateless firewall filter configuration ...)
+CVE-2019-0002
 	NOT-FOR-US: Juniper
-CVE-2019-0001 (Receipt of a malformed packet on MX Series devices with dynamic vlan ...)
+CVE-2019-0001
 	NOT-FOR-US: Juniper
author	security tracker role <sectracker@soriano.debian.org>	2019-03-18 20:10:14 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2019-03-18 20:10:14 +0000
commit	b52483e988b611ffa7ff016030b0a61101f28219 (patch)
tree	440ead7c2c2cb0bf02ecc5929bee37f271401d72
parent	48e42f485f4e01f92211c58abc88e5304d6a9667 (diff)